Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # config/version.php
Bumped version
2022-07-05 16:41:00 -07:00 · 2022-07-05 16:40:17 -07:00 · 2022-07-05 16:35:34 -07:00 · 2022-07-05 16:35:12 -07:00 · 2022-07-05 16:33:09 -07:00 · 2022-07-05 16:26:53 -07:00
879 changed files with 10402 additions and 6126 deletions
@@ -2621,6 +2621,51 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "denzfarid",
+      "name": "denzfarid",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1294403?v=4",
+      "profile": "https://github.com/denzfarid",
+      "contributions": []
+    },
+    {
+      "login": "ntbutler-nbcs",
+      "name": "ntbutler-nbcs",
+      "avatar_url": "https://avatars.githubusercontent.com/u/94018771?v=4",
+      "profile": "https://github.com/ntbutler-nbcs",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "naveensrinivasan",
+      "name": "Naveen",
+      "avatar_url": "https://avatars.githubusercontent.com/u/172697?v=4",
+      "profile": "https://naveensrinivasan.dev",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mikeroq",
+      "name": "Mike Roquemore",
+      "avatar_url": "https://avatars.githubusercontent.com/u/55674383?v=4",
+      "profile": "https://github.com/mikeroq",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "reederda",
+      "name": "Daniel Reeder",
+      "avatar_url": "https://avatars.githubusercontent.com/u/7991086?v=4",
+      "profile": "https://github.com/reederda",
+      "contributions": [
+        "translations",
+        "translation",
+        "code"
+      ]
    }
  ]
 }
@@ -70,7 +70,8 @@ IMAGE_LIB=gd
 MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true
-
+ALLOW_BACKUP_DELETE=false
+ALLOW_DATA_PURGE=false

 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
@@ -146,7 +147,13 @@ AWS_DEFAULT_REGION=null
 # --------------------------------------------
 LOGIN_MAX_ATTEMPTS=5
 LOGIN_LOCKOUT_DURATION=60
-RESET_PASSWORD_LINK_EXPIRES=900
+
+# --------------------------------------------
+# OPTIONAL: FORGOTTEN PASSWORD SETTINGS
+# --------------------------------------------
+RESET_PASSWORD_LINK_EXPIRES=15
+PASSWORD_CONFIRM_TIMEOUT=10800
+PASSWORD_RESET_MAX_ATTEMPTS_PER_MIN=50

 # --------------------------------------------
 # OPTIONAL: MISC
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
@@ -30,10 +30,10 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
      with:
        languages: ${{ matrix.language }}
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
@@ -17,8 +17,16 @@ on:
  schedule:
    - cron: '36 23 * * 3'

+permissions:
+  contents: read
+
 jobs:
  codacy-security-scan:
+    # Ensure schedule job never runs on forked repos. It's only executed for 'snipe/snipe-it'
+    permissions:
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
+    if: (github.repository == 'snipe/snipe-it') || ((github.repository != 'snipe/snipe-it') && (github.event_name != 'schedule'))
    name: Codacy Security Scan
    runs-on: ubuntu-latest
    steps:
@@ -44,6 +52,6 @@ jobs:

      # Upload the SARIF file generated in the previous step
      - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif
@@ -15,6 +15,9 @@ on:

  pull_request:

+permissions:
+  contents: read
+
 jobs:
  docker:
    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
@@ -42,13 +45,13 @@ jobs:

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -60,7 +63,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -69,7 +72,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile.alpine
@@ -15,6 +15,9 @@ on:

  pull_request:

+permissions:
+  contents: read
+
 jobs:
  docker:
    # Ensure this job never runs on forked repos. It's only executed for 'snipe/snipe-it'
@@ -42,13 +45,13 @@ jobs:

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -60,7 +63,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v4
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -69,7 +72,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
        with:
          context: .
          file: ./Dockerfile
@@ -23,6 +23,7 @@ php7.4-xml \
 php7.4-mbstring \
 php7.4-zip \
 php7.4-bcmath \
+php7.4-redis \
 patch \
 curl \
 wget  \
@@ -27,6 +27,7 @@ RUN  apk add --no-cache \
        php7-xmlwriter \
        php7-xmlreader \
        php7-sodium \
+        php7-redis \
        curl \
        wget \
        vim \
@@ -1,5 +1,5 @@
 ![Build Status](https://app.chipperci.com/projects/0e5f8979-31eb-4ee6-9abf-050b76ab0383/status/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp)  [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade)
-[![All Contributors](https://img.shields.io/badge/all_contributors-286-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)
+[![All Contributors](https://img.shields.io/badge/all_contributors-292-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk) [![huntr](https://cdn.huntr.dev/huntr_security_badge_mono.svg)](https://huntr.dev)

 ## Snipe-IT - Open Source Asset Management System

@@ -131,7 +131,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/1975640?v=4" width="110px;"/><br /><sub>Evan Taylor</sub>](https://github.com/Delta5)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Delta5 "Code") | [<img src="https://avatars.githubusercontent.com/u/8735148?v=4" width="110px;"/><br /><sub>Petri Asikainen</sub>](https://github.com/PetriAsi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PetriAsi "Code") | [<img src="https://avatars.githubusercontent.com/u/11424540?v=4" width="110px;"/><br /><sub>derdeagle</sub>](https://github.com/derdeagle)<br />[💻](https://github.com/snipe/snipe-it/commits?author=derdeagle "Code") | [<img src="https://avatars.githubusercontent.com/u/176950?v=4" width="110px;"/><br /><sub>Mike Frysinger</sub>](https://wh0rd.org/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=vapier "Code") | [<img src="https://avatars.githubusercontent.com/u/22044358?v=4" width="110px;"/><br /><sub>ALPHA</sub>](https://github.com/AL4AL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AL4AL "Code") | [<img src="https://avatars.githubusercontent.com/u/1042587?v=4" width="110px;"/><br /><sub>FliegenKLATSCH</sub>](https://www.ifern.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FliegenKLATSCH "Code") | [<img src="https://avatars.githubusercontent.com/u/442138?v=4" width="110px;"/><br /><sub>Jeremy Price</sub>](https://github.com/jerm)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jerm "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/84392209?v=4" width="110px;"/><br /><sub>Toreg87</sub>](https://github.com/Toreg87)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Toreg87 "Code") | [<img src="https://avatars.githubusercontent.com/u/67638596?v=4" width="110px;"/><br /><sub>Matthew Nickson</sub>](https://github.com/Computroniks)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Computroniks "Code") | [<img src="https://avatars.githubusercontent.com/u/1646397?v=4" width="110px;"/><br /><sub>Jethro Nederhof</sub>](https://jethron.id.au)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jethron "Code") | [<img src="https://avatars.githubusercontent.com/u/23289826?v=4" width="110px;"/><br /><sub>Oskar Stenberg</sub>](https://github.com/01ste02)<br />[💻](https://github.com/snipe/snipe-it/commits?author=01ste02 "Code") | [<img src="https://avatars.githubusercontent.com/u/82208283?v=4" width="110px;"/><br /><sub>Robert-Azelis</sub>](https://github.com/Robert-Azelis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Robert-Azelis "Code") | [<img src="https://avatars.githubusercontent.com/u/60648387?v=4" width="110px;"/><br /><sub>Alexander William Smith</sub>](https://github.com/alwism)<br />[💻](https://github.com/snipe/snipe-it/commits?author=alwism "Code") | [<img src="https://avatars.githubusercontent.com/u/24418301?v=4" width="110px;"/><br /><sub>LEITWERK AG</sub>](https://www.leitwerk.de/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=leitwerk-ag "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/1911435?v=4" width="110px;"/><br /><sub>Adam</sub>](http://www.aboutcher.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adamboutcher "Code") | [<img src="https://avatars.githubusercontent.com/u/16104273?v=4" width="110px;"/><br /><sub>Ian</sub>](https://snksrv.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sneak-it "Code") | [<img src="https://avatars.githubusercontent.com/u/4023909?v=4" width="110px;"/><br /><sub>Shao Yu-Lung (Allen)</sub>](http://blog.bestlong.idv.tw/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bestlong "Code") | [<img src="https://avatars.githubusercontent.com/u/76475453?v=4" width="110px;"/><br /><sub>Haxatron</sub>](https://github.com/Haxatron)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Haxatron "Code") | [<img src="https://avatars.githubusercontent.com/u/88776392?v=4" width="110px;"/><br /><sub>PlaneNuts</sub>](https://github.com/PlaneNuts)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PlaneNuts "Code") | [<img src="https://avatars.githubusercontent.com/u/3842948?v=4" width="110px;"/><br /><sub>Bradley Coudriet</sub>](http://bjcpgd.cias.rit.edu)<br />[💻](https://github.com/snipe/snipe-it/commits?author=exula "Code") | [<img src="https://avatars.githubusercontent.com/u/21966173?v=4" width="110px;"/><br /><sub>Dalton Durst</sub>](https://daltondur.st)<br />[💻](https://github.com/snipe/snipe-it/commits?author=UniversalSuperBox "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") | [<img src="https://avatars.githubusercontent.com/u/3839381?v=4" width="110px;"/><br /><sub>Achmad Fienan Rahardianto</sub>](https://github.com/veenone)<br />[💻](https://github.com/snipe/snipe-it/commits?author=veenone "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/38761237?v=4" width="110px;"/><br /><sub>Alex Janes</sub>](https://adagiohealth.org)<br />[💻](https://github.com/snipe/snipe-it/commits?author=adagioajanes "Code") | [<img src="https://avatars.githubusercontent.com/u/32387849?v=4" width="110px;"/><br /><sub>Nuraeil</sub>](https://github.com/nuraeil)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nuraeil "Code") | [<img src="https://avatars.githubusercontent.com/u/48162670?v=4" width="110px;"/><br /><sub>TenOfTens</sub>](https://github.com/TenOfTens)<br />[💻](https://github.com/snipe/snipe-it/commits?author=TenOfTens "Code") | [<img src="https://avatars.githubusercontent.com/u/9415391?v=4" width="110px;"/><br /><sub>waffle</sub>](https://ditisjens.be/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=insert-waffle "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") | [<img src="https://avatars.githubusercontent.com/u/3839381?v=4" width="110px;"/><br /><sub>Achmad Fienan Rahardianto</sub>](https://github.com/veenone)<br />[💻](https://github.com/snipe/snipe-it/commits?author=veenone "Code") | [<img src="https://avatars.githubusercontent.com/u/19945501?v=4" width="110px;"/><br /><sub>Yevhenii Huzii</sub>](https://github.com/QveenSi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=QveenSi "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/97299851?v=4" width="110px;"/><br /><sub>Christian Weirich</sub>](https://github.com/chrisweirich)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chrisweirich "Code") | [<img src="https://avatars.githubusercontent.com/u/1294403?v=4" width="110px;"/><br /><sub>denzfarid</sub>](https://github.com/denzfarid)<br /> | [<img src="https://avatars.githubusercontent.com/u/94018771?v=4" width="110px;"/><br /><sub>ntbutler-nbcs</sub>](https://github.com/ntbutler-nbcs)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntbutler-nbcs "Code") | [<img src="https://avatars.githubusercontent.com/u/172697?v=4" width="110px;"/><br /><sub>Naveen</sub>](https://naveensrinivasan.dev)<br />[💻](https://github.com/snipe/snipe-it/commits?author=naveensrinivasan "Code") | [<img src="https://avatars.githubusercontent.com/u/55674383?v=4" width="110px;"/><br /><sub>Mike Roquemore</sub>](https://github.com/mikeroq)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mikeroq "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Helpers\Helper;
+use Illuminate\Console\Command;
+use App\Models\User;
+use Laravel\Passport\TokenRepository;
+use Illuminate\Contracts\Validation\Factory as ValidationFactory;
+use DB;
+
+class GeneratePersonalAccessToken extends Command
+{
+
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:make-api-key 
+                        {--user_id= : The ID of the user to create the token for.}
+                        {--name= : The name of the new API token}
+                        {--key-only : Only return the value of the API key}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This console command allows you to generate Personal API tokens to be used with the Snipe-IT JSON REST API on behalf of a user.';
+
+
+    /**
+     * The token repository implementation.
+     *
+     * @var \Laravel\Passport\TokenRepository
+     */
+    protected $tokenRepository;
+
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct(TokenRepository $tokenRepository, ValidationFactory $validation)
+    {
+        $this->validation = $validation;
+        $this->tokenRepository = $tokenRepository;
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle()
+    {
+
+        $accessTokenName = $this->option('name');
+        if ($accessTokenName=='') {
+            $accessTokenName = 'CLI Auth Token';
+        }
+
+        if ($this->option('user_id')=='') {
+            return $this->error('ERROR: user_id cannot be blank.');
+        }
+
+        if ($user = User::find($this->option('user_id'))) {
+
+            $createAccessToken = $user->createToken($accessTokenName)->accessToken;
+
+            if ($this->option('key-only')) {
+                $this->info($createAccessToken);
+
+            } else {
+
+                $this->warn('Your API Token has been created. Be sure to copy this token now, as it will not be accessible again.');
+
+                if ($token = DB::table('oauth_access_tokens')->where('user_id', '=', $user->id)->where('name','=',$accessTokenName)->orderBy('created_at', 'desc')->first()) {
+                    $this->info('API Token ID: '.$token->id);
+                }
+
+                $this->info('API Token User: '.$user->present()->fullName.' ('.$user->username.')');
+                $this->info('API Token Name: '.$accessTokenName);
+                $this->info('API Token: '.$createAccessToken);
+            }
+        } else {
+           return $this->error('ERROR: Invalid user. API key was not created.');
+        }
+
+
+
+
+    }
+}
@@ -17,7 +17,7 @@ class LdapSync extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--summary} {--json_summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=} {--base_dn=} {--filter=} {--summary} {--json_summary}';

    /**
     * The console command description.
@@ -80,7 +80,11 @@ class LdapSync extends Command
            } else {
                $search_base = null;
            }
-            $results = Ldap::findLdapUsers($search_base);
+            if ($this->option('filter') != '') {
+                $results = Ldap::findLdapUsers($search_base, -1, $this->option('filter'));
+            } else {
+                $results = Ldap::findLdapUsers($search_base);
+            }
        } catch (\Exception $e) {
            if ($this->option('json_summary')) {
                $json_summary = ['error' => true, 'error_message' => $e->getMessage(), 'summary' => []];
@@ -109,7 +113,7 @@ class LdapSync extends Command
        }

        /* Process locations with explicitly defined OUs, if doing a full import. */
-        if ($this->option('base_dn') == '') {
+        if ($this->option('base_dn') == '' && $this->option('filter') == '') {
            // Retrieve locations with a mapped OU, and sort them from the shallowest to deepest OU (see #3993)
            $ldap_ou_locations = Location::where('ldap_ou', '!=', '')->get()->toArray();
            $ldap_ou_lengths = [];
@@ -27,6 +27,19 @@ function ip_in_range( $ip, $range ) {
 }
 // NOTE - this function was shamelessly stolen from this gist: https://gist.github.com/tott/7684443

+/**
+ * Ensure LDAP filters are parentheses-wrapped
+ */
+function parenthesized_filter($filter)
+{
+    if(substr($filter,0,1) == "(" ) {
+        return $filter;
+    } else {
+        return "(".$filter.")";
+    }
+
+}
+
 class LdapTroubleshooter extends Command
 {
    /**
@@ -70,6 +83,47 @@ class LdapTroubleshooter extends Command
        }
    }

+    /**
+     * Clean the results from ldap_get_entries into something useful
+     * @param array $array
+     * @return array
+     */
+    public function ldap_results_cleaner ($array) {
+        $cleaned = [];
+        for($i = 0; $i < $array['count']; $i++) {
+            $row = $array[$i];
+            $clean_row = [];
+            foreach($row AS $key => $val ) {
+                $this->debugout("Key is: ".$key);
+                if($key == "count" || is_int($key) || $key == "dn") {
+                    $this->debugout(" and we're gonna skip it\n");
+                    continue;
+                }
+                $this->debugout(" And that seems fine.\n");
+                if(array_key_exists('count',$val)) {
+                    if($val['count'] == 1) {
+                        $clean_row[$key] = $val[0];
+                    } else {
+                        unset($val['count']); //these counts are annoying
+                        $elements = [];
+                        foreach($val as $entry) {
+                            if(isset($ldap_constants[$entry])) {
+                                $elements[] = $ldap_constants[$entry];
+                            } else {
+                                $elements[] = $entry;
+                            }
+                        }
+                        $clean_row[$key] = $elements;
+                    }
+                } else {
+                    $clean_row[$key] = $val;
+                }
+            }
+            $cleaned[$i] = $clean_row;
+        }
+        return $cleaned;
+    }
+
    /**
     * Execute the console command.
     *
@@ -102,16 +156,12 @@ class LdapTroubleshooter extends Command
                $output[] = "LDAPTLS_KEY=storage/ldap_client_tls.key";
            }
            $output[] = "ldapsearch";
-            $output[] = $settings->ldap_server;
+            $output[] = "-H ".$settings->ldap_server;
            $output[] = "-x";
            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
-            if(substr($settings->ldap_filter,0,1) == "(" ) {
-                $output[] = escapeshellarg($settings->ldap_filter);
-            } else {
-                $output[] = escapeshellarg("(".$settings->ldap_filter.")");
-            }
+            $output[] = escapeshellarg(parenthesized_filter($settings->ldap_filter));
            if($settings->ldap_tls) {
                $this->line("# adding STARTTLS option");
                $output[] = "-Z";
@@ -290,45 +340,8 @@ class LdapTroubleshooter extends Command
        }
        $this->debugout("LDAP constants are: ".print_r($ldap_constants,true));

-        // recursive function that 'cleans' the returned array from ldap_get_entries which are formatted awfully
-        $cleaner = function ($array) {
-            $cleaned = [];
-            for($i = 0; $i < $array['count']; $i++) {
-                $row = $array[$i];
-                $clean_row = [];
-                foreach($row AS $key => $val ) {
-                    $this->debugout("Key is: ".$key);
-                    if($key == "count" || is_int($key) || $key == "dn") {
-                        $this->debugout(" and we're gonna skip it\n");
-                        continue;
-                    }
-                    $this->debugout(" And that seems fine.\n");
-                    if(array_key_exists('count',$val)) {
-                        if($val['count'] == 1) {
-                            $clean_row[$key] = $val[0];
-                        } else {
-                            unset($val['count']); //these counts are annoying
-                            $elements = [];
-                            foreach($val as $entry) {
-                                if(isset($ldap_constants[$entry])) {
-                                    $elements[] = $ldap_constants[$entry];
-                                } else {
-                                    $elements[] = $entry;
-                                }
-                            }
-                            $clean_row[$key] = $elements;
-                        }
-                    } else {
-                        $clean_row[$key] = $val;
-                    }
-                }
-                $cleaned[$i] = $clean_row;
-            }
-            return $cleaned;
-        };
-        
        foreach($ldap_urls AS $ldap_url) {
-            if($this->test_informational_bind($ldap_url[0],$ldap_url[1],$ldap_url[2],$settings->ldap_uname,Crypt::decrypt($settings->ldap_pword))) {
+            if($this->test_informational_bind($ldap_url[0],$ldap_url[1],$ldap_url[2],$settings->ldap_uname,Crypt::decrypt($settings->ldap_pword),$settings)) {
                $this->info("Success getting informational bind!");
            } else {
                $this->error("Unable to get information from bind.");
@@ -422,9 +435,9 @@ class LdapTroubleshooter extends Command
        });
    }

-    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password)
+    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password,$settings)
    {
-        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password, $settings) {
            try { // TODO - copypasta'ed from test_authed_bind
                $conn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
                $bind_results = ldap_bind($conn, $username, $password);
@@ -435,12 +448,13 @@ class LdapTroubleshooter extends Command
                $this->info("SUCCESS - Able to bind to $ldap_url as $username");
                $result = ldap_read($conn, '', '(objectClass=*)'/* , ['supportedControl']*/);
                $results = ldap_get_entries($conn, $result);
-                $cleaned_results = $cleaner($results);
+                $cleaned_results = $this->ldap_results_cleaner($results);
                $this->line(print_r($cleaned_results,true));
                //okay, great - now how do we display those results? I have no idea.
                // I don't see why this throws an Exception for Google LDAP, but I guess we ought to try and catch it?
                $this->comment("I guess we're trying to do the ldap search here, but sometimes it takes too long?");
-                $search_results = ldap_search($conn, $settings->base_dn, $settings->filter);
+                $this->debugout("Base DN is: ".$settings->ldap_basedn." and filter is: ".parenthesized_filter($settings->ldap_filter));
+                $search_results = ldap_search($conn, $settings->ldap_basedn, parenthesized_filter($settings->ldap_filter));
                $this->info("Printing first 10 results: ");
                for($i=0;$i<10;$i++) {
                    $this->info($search_results[$i]);
@@ -71,22 +71,31 @@ class ReEncodeCustomFieldNames extends Command
                     */
                    $last_part = substr(strrchr($asset_column, '_snipeit_'), 1);
                    $custom_field_columns[$last_part] = $asset_column;
+
                }
            }

            foreach ($fields as $field) {
-                $this->info($field->name.' ('.$field->id.') column should be '.$field->convertUnicodeDbSlug().'');
+                $this->info($field->name.' ('.$field->id.') column should be '.$field->convertUnicodeDbSlug());

                /** The assets table has the column it should have, all is well */
-                if (\Schema::hasColumn('assets', $field->convertUnicodeDbSlug())) {
-                    $this->info('-- ✓ This field exists - all good');
+                if ($field->db_column == $field->convertUnicodeDbSlug() && \Schema::hasColumn('assets', $field->convertUnicodeDbSlug())) {
+                    $this->info('-- ✓ This field exists on the assets table and the value for db_column matches in the custom_fields table.');

                /**
                 * There is a mismatch between the fieldname on the assets table and
                 * what $field->convertUnicodeDbSlug() is *now* expecting.
                 */
                } else {
-                    $this->warn('-- X Field mismatch: updating... ');
+
+                    if ($field->db_column != $field->convertUnicodeDbSlug()) {
+                        $this->error('-- ✘ Field mismatch: '.$field->name.' value should be '.$field->convertUnicodeDbSlug().' but is '.$field->db_column.' in the custom_fields table');
+
+                    } else {
+                        $this->error('-- ✘ Field mismatch: '.$field->name.' column should be '.$field->convertUnicodeDbSlug().' but is '.$custom_field_columns[$field->id].' on the assets table.');
+
+                    }
+

                    /** Make sure the custom_field_columns array has the ID */
                    if (array_key_exists($field->id, $custom_field_columns)) {
@@ -95,13 +104,19 @@ class ReEncodeCustomFieldNames extends Command
                         * Update the asset schema to the corrected fieldname that will be recognized by the
                         *  system elsewhere that we use $field->convertUnicodeDbSlug()
                         */
+                        $this->info('-- ✓ Updating field from '.$field->db_column.' to '.$field->convertUnicodeDbSlug().' in the assets table');
                        \Schema::table('assets', function ($table) use ($custom_field_columns, $field) {
                            $table->renameColumn($custom_field_columns[$field->id], $field->convertUnicodeDbSlug());
                        });

-                        $this->warn('-- ✓ Field updated from '.$custom_field_columns[$field->id].' to '.$field->convertUnicodeDbSlug());
+                        $this->info('-- ✓ Updating field from '.$field->db_column.' to '.$field->convertUnicodeDbSlug().' in the custom fields table');
+
+                        $field->db_column = $field->convertUnicodeDbSlug();
+                        $field->save();
+
+
                    } else {
-                        $this->warn('-- X WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
+                        $this->warn('-- ✘ WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
                    }
                }

@@ -24,6 +24,7 @@ class Kernel extends ConsoleKernel
        $schedule->command('snipeit:backup')->weekly();
        $schedule->command('backup:clean')->daily();
        $schedule->command('snipeit:upcoming-audits')->daily();
+        $schedule->command('auth:clear-resets')->everyFifteenMinutes();
    }

    /**
@@ -841,6 +841,16 @@ class Helper
        return preg_replace('/\s+/u', '_', trim($string));
    }

+    /**
+     * Return an array (or null) of the the raw and formatted date object for easy use in
+     * the API and the bootstrap table listings.
+     *
+     * @param $date
+     * @param $type
+     * @param $array
+     * @return array|string|null
+     */
+
    public static function getFormattedDateObject($date, $type = 'datetime', $array = true)
    {
        if ($date == '') {
@@ -848,21 +858,42 @@ class Helper
        }

        $settings = Setting::getSettings();
-        $tmp_date = new \Carbon($date);

-        if ($type == 'datetime') {
-            $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
-            $dt['formatted'] = $tmp_date->format($settings->date_display_format.' '.$settings->time_display_format);
-        } else {
-            $dt['date'] = $tmp_date->format('Y-m-d');
-            $dt['formatted'] = $tmp_date->format($settings->date_display_format);
+        /**
+         * Wrap this in a try/catch so that if Carbon crashes, for example if the $date value
+         * isn't actually valid, we don't crash out completely.
+         *
+         * While this *shouldn't* typically happen since we validate dates before entering them
+         * into the database (and we use date/datetime fields for native fields in the system),
+         * it is a possible scenario that a custom field could be created as an "ANY" field, data gets
+         * added, and then the custom field format gets edited later. If someone put bad data in the
+         * database before then - or if they manually edited the field's value - it will crash.
+         *
+         */
+
+
+        try {
+            $tmp_date = new \Carbon($date);
+
+            if ($type == 'datetime') {
+                $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
+                $dt['formatted'] = $tmp_date->format($settings->date_display_format.' '.$settings->time_display_format);
+            } else {
+                $dt['date'] = $tmp_date->format('Y-m-d');
+                $dt['formatted'] = $tmp_date->format($settings->date_display_format);
+            }
+
+            if ($array == 'true') {
+                return $dt;
+            }
+
+            return $dt['formatted'];
+
+        } catch (\Exception $e) {
+            \Log::warning($e);
+            return $date.' (Invalid '.$type.' value.)';
        }

-        if ($array == 'true') {
-            return $dt;
-        }
-
-        return $dt['formatted'];
    }

    // Nicked from Drupal :)
@@ -9,6 +9,7 @@ use App\Models\Accessory;
 use App\Models\Company;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Validator;
 use Redirect;

 /** This controller handles all actions related to Accessories for
@@ -130,6 +131,17 @@ class AccessoriesController extends Controller
            return redirect()->route('accessories.index')->with('error', trans('admin/accessories/message.does_not_exist'));
        }

+        $min = $accessory->numCheckedOut();
+        $validator = Validator::make($request->all(), [
+            "qty" => "required|numeric|min:$min"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+
        $this->authorize($accessory);

        // Update the accessory data
@@ -12,9 +12,13 @@ use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
 use App\Models\Company;
 use App\Models\Contracts\Acceptable;
+use App\Models\Setting;
 use App\Models\User;
 use App\Models\AssetModel;
 use App\Models\Accessory;
+use App\Models\License;
+use App\Models\Component;
+use App\Models\Consumable;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -23,6 +27,7 @@ use Illuminate\Support\Str;
 use App\Http\Controllers\SettingsController;
 use Barryvdh\DomPDF\Facade\Pdf;
 use Carbon\Carbon;
+use phpDocumentor\Reflection\Types\Compound;

 class AcceptanceController extends Controller
 {
@@ -106,12 +111,7 @@ class AcceptanceController extends Controller
            Storage::makeDirectory('private_uploads/signatures', 775);
        }

-        /**
-         * Check for the eula-pdfs directory
-         */
-        if (! Storage::exists('private_uploads/eula-pdfs')) {
-            Storage::makeDirectory('private_uploads/eula-pdfs', 775);
-        }
+

        $item = $acceptance->checkoutable_type::find($acceptance->checkoutable_id);
        $display_model = '';
@@ -122,36 +122,99 @@ class AcceptanceController extends Controller

        if ($request->input('asset_acceptance') == 'accepted') {

-            // The item was accepted, check for a signature
-            if ($request->filled('signature_output')) {
-                $sig_filename = 'siglog-'.Str::uuid().'-'.date('Y-m-d-his').'.png';
-                $data_uri = $request->input('signature_output');
-                $encoded_image = explode(',', $data_uri);
-                $decoded_image = base64_decode($encoded_image[1]);
-                Storage::put('private_uploads/signatures/'.$sig_filename, (string) $decoded_image);
+            /**
+             * Check for the eula-pdfs directory
+             */
+            if (! Storage::exists('private_uploads/eula-pdfs')) {
+                Storage::makeDirectory('private_uploads/eula-pdfs', 775);
+            }
+
+            if (Setting::getSettings()->require_accept_signature == '1') {
+                
+                // Check if the signature directory exists, if not create it
+                if (!Storage::exists('private_uploads/signatures')) {
+                    Storage::makeDirectory('private_uploads/signatures', 775);
+                }
+
+                // The item was accepted, check for a signature
+                if ($request->filled('signature_output')) {
+                    $sig_filename = 'siglog-' . Str::uuid() . '-' . date('Y-m-d-his') . '.png';
+                    $data_uri = $request->input('signature_output');
+                    $encoded_image = explode(',', $data_uri);
+                    $decoded_image = base64_decode($encoded_image[1]);
+                    Storage::put('private_uploads/signatures/' . $sig_filename, (string)$decoded_image);
+
+                    // No image data is present, kick them back.
+                    // This mostly only applies to users on super-duper crapola browsers *cough* IE *cough*
+                } else {
+                    return redirect()->back()->with('error', trans('general.shitty_browser'));
+                }
            }


            // this is horrible
-            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
-                $pdf_view_route ='account.accept.accept-asset-eula';
-                $asset_model = AssetModel::find($item->model_id);
-                $display_model = $asset_model->name;
-                $assigned_to = User::find($item->assigned_to)->present()->fullName;
+            switch($acceptance->checkoutable_type){
+                case 'App\Models\Asset':
+                        $pdf_view_route ='account.accept.accept-asset-eula';
+                        $asset_model = AssetModel::find($item->model_id);
+                        $display_model = $asset_model->name;
+                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                break;

-            } elseif ($acceptance->checkoutable_type== 'App\Models\Accessory') {
-                $pdf_view_route ='account.accept.accept-accessory-eula';
-                $accessory = Accessory::find($item->id);
-                $display_model = $accessory->name;
-                $assigned_to = User::find($item->assignedTo);
+                case 'App\Models\Accessory':
+                        $pdf_view_route ='account.accept.accept-accessory-eula';
+                        $accessory = Accessory::find($item->id);
+                        $display_model = $accessory->name;
+                        $assigned_to = User::find($item->assignedTo);
+                break;

+                case 'App\Models\LicenseSeat':
+                        $pdf_view_route ='account.accept.accept-license-eula';
+                        $license = License::find($item->license_id);
+                        $display_model = $license->name;
+                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                break;
+
+                case 'App\Models\Component':
+                        $pdf_view_route ='account.accept.accept-component-eula';
+                        $component = Component::find($item->id);
+                        $display_model = $component->name;
+                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                break;
+
+                case 'App\Models\Consumable':
+                        $pdf_view_route ='account.accept.accept-consumable-eula';
+                        $consumable = Consumable::find($item->id);
+                        $display_model = $consumable->name;
+                        $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
+                break;
            }
+//            if ($acceptance->checkoutable_type == 'App\Models\Asset') {
+//                $pdf_view_route ='account.accept.accept-asset-eula';
+//                $asset_model = AssetModel::find($item->model_id);
+//                $display_model = $asset_model->name;
+//                $assigned_to = User::find($item->assigned_to)->present()->fullName;
+//
+//            } elseif ($acceptance->checkoutable_type== 'App\Models\Accessory') {
+//                $pdf_view_route ='account.accept.accept-accessory-eula';
+//                $accessory = Accessory::find($item->id);
+//                $display_model = $accessory->name;
+//                $assigned_to = User::find($item->assignedTo);
+//
+//            }

            /**
             * Gather the data for the PDF. We fire this whether there is a signature required or not,
             * since we want the moment-in-time proof of what the EULA was when they accepted it.
             */
            $branding_settings = SettingsController::getPDFBranding();
+
+            if (is_null($branding_settings->logo)){
+                $path_logo = "";
+            } else {
+                $path_logo = public_path() . '/uploads/' . $branding_settings->logo;
+            }
+            
            $data = [
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
@@ -162,7 +225,7 @@ class AcceptanceController extends Controller
                'assigned_to' => $assigned_to,
                'company_name' => $branding_settings->site_name,
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
-                'logo' => public_path() . '/uploads/' . $branding_settings->logo,
+                'logo' => $path_logo,
                'date_settings' => $branding_settings->date_display_format,
            ];

@@ -27,8 +27,7 @@ class AccessoriesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Accessory::class);
-        $allowed_columns = ['id', 'name', 'model_number', 'eol', 'notes', 'created_at', 'min_amt', 'company_id'];
-        
+
        // This array is what determines which fields should be allowed to be sorted on ON the table itself, no relations
        // Relations will be handled in query scopes a little further down.
        $allowed_columns = 
@@ -35,7 +35,8 @@ class AssetMaintenancesController extends Controller
    public function index(Request $request)
    {
        $this->authorize('view', Asset::class);
-        $maintenances = AssetMaintenance::with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');
+
+        $maintenances = AssetMaintenance::select('asset_maintenances.*')->with('asset', 'asset.model', 'asset.location', 'supplier', 'asset.company', 'admin');

        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -45,6 +46,15 @@ class AssetMaintenancesController extends Controller
            $maintenances->where('asset_id', '=', $request->input('asset_id'));
        }

+        if ($request->filled('supplier_id')) {
+            $maintenances->where('supplier_id', '=', $request->input('supplier_id'));
+        }
+
+        if ($request->filled('asset_maintenance_type')) {
+            $maintenances->where('asset_maintenance_type', '=', $request->input('asset_maintenance_type'));
+        }
+
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($maintenances) && ($request->get('offset') > $maintenances->count())) ? $maintenances->count() : $request->get('offset', 0);
@@ -64,6 +74,7 @@ class AssetMaintenancesController extends Controller
                                'asset_tag',
                                'asset_name',
                                'user_id',
+                                'supplier'
                            ];
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
@@ -72,6 +83,9 @@ class AssetMaintenancesController extends Controller
            case 'user_id':
                $maintenances = $maintenances->OrderAdmin($order);
                break;
+            case 'supplier':
+                $maintenances = $maintenances->OrderBySupplier($order);
+                break;
            case 'asset_tag':
                $maintenances = $maintenances->OrderByTag($order);
                break;
@@ -70,6 +70,10 @@ class AssetModelsController extends Controller
            $assetmodels->onlyTrashed();
        }

+        if ($request->filled('category_id')) {
+            $assetmodels = $assetmodels->where('models.category_id', '=', $request->input('category_id'));
+        }
+
        if ($request->filled('search')) {
            $assetmodels->TextSearch($request->input('search'));
        }
@@ -544,11 +544,11 @@ class AssetsController extends Controller
            foreach ($model->fieldset->fields as $field) {

                // Set the field value based on what was sent in the request
-                $field_val = $request->input($field->convertUnicodeDbSlug(), null);
+                $field_val = $request->input($field->db_column, null);

                // If input value is null, use custom field's default value
                if ($field_val == null) {
-                    \Log::debug('Field value for '.$field->convertUnicodeDbSlug().' is null');
+                    \Log::debug('Field value for '.$field->db_column.' is null');
                    $field_val = $field->defaultValue($request->get('model_id'));
                    \Log::debug('Use the default fieldset value of '.$field->defaultValue($request->get('model_id')));
                }
@@ -563,13 +563,13 @@ class AssetsController extends Controller
                        if (($field_val == null) && ($request->has('model_id') != '')) {
                            $field_val = \Crypt::encrypt($field->defaultValue($request->get('model_id')));
                        } else {
-                            $field_val = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                            $field_val = \Crypt::encrypt($request->input($field->db_column));
                        }
                    }
                }


-                $asset->{$field->convertUnicodeDbSlug()} = $field_val;
+                $asset->{$field->db_column} = $field_val;
            }
        }

@@ -634,13 +634,13 @@ class AssetsController extends Controller
            // Update custom fields
            if (($model = AssetModel::find($asset->model_id)) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
-                    if ($request->has($field->convertUnicodeDbSlug())) {
+                    if ($request->has($field->db_column)) {
                        if ($field->field_encrypted == '1') {
                            if (Gate::allows('admin')) {
-                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                            }
                        } else {
-                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                            $asset->{$field->db_column} = $request->input($field->db_column);
                        }
                    }
                }
@@ -714,30 +714,53 @@ class AssetsController extends Controller
     * @since [v5.1.18]
     * @return JsonResponse
     */
-    public function restore($assetId = null)
+    public function restore(Request $request, $assetId = null)
    {
        // Get asset information
        $asset = Asset::withTrashed()->find($assetId);
        $this->authorize('delete', $asset);
+
        if (isset($asset->id)) {
-            // Restore the asset
-            Asset::withTrashed()->where('id', $assetId)->restore();

-            $logaction = new Actionlog();
-            $logaction->item_type = Asset::class;
-            $logaction->item_id = $asset->id;
-            $logaction->created_at =  date("Y-m-d H:i:s");
-            $logaction->user_id = Auth::user()->id;
-            $logaction->logaction('restored');
+            if ($asset->deleted_at=='') {
+               $message = 'Asset was not deleted. No data was changed.';

-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.restore.success')));
+            } else {
+
+                $message = trans('admin/hardware/message.restore.success');
+                // Restore the asset
+                Asset::withTrashed()->where('id', $assetId)->restore();
+
+                $logaction = new Actionlog();
+                $logaction->item_type = Asset::class;
+                $logaction->item_id = $asset->id;
+                $logaction->created_at =  date("Y-m-d H:i:s");
+                $logaction->user_id = Auth::user()->id;
+                $logaction->logaction('restored');
+            }
+
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset, $request), $message));
        

        }
        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 200);
    }

-
+    /**
+     * Checkout an asset by its tag.
+     *
+     * @author [N. Butler]
+     * @param string $tag
+     * @since [v6.0.5]
+     * @return JsonResponse
+     */
+    public function checkoutByTag(AssetCheckoutRequest $request, $tag)
+    {
+        if ($asset = Asset::where('asset_tag', $tag)->first()) {
+            return $this->checkout($request, $asset->id);
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Asset not found'), 200);
+    }

    /**
     * Checkout an asset
@@ -849,7 +872,7 @@ class AssetsController extends Controller
        $asset->assignedTo()->disassociate($asset);
        $asset->accepted = null;

-        if ($request->filled('name')) {
+        if ($request->has('name')) {
            $asset->name = $request->input('name');
        }

@@ -32,6 +32,28 @@ class CategoriesController extends Controller
            $categories = $categories->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $categories->where('name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('category_type')) {
+            $categories->where('category_type', '=', $request->input('category_type'));
+        }
+
+        if ($request->filled('use_default_eula')) {
+            $categories->where('use_default_eula', '=', $request->input('use_default_eula'));
+        }
+
+        if ($request->filled('require_acceptance')) {
+            $categories->where('require_acceptance', '=', $request->input('require_acceptance'));
+        }
+
+        if ($request->filled('checkin_email')) {
+            $categories->where('checkin_email', '=', $request->input('checkin_email'));
+        }
+
+
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($categories) && ($request->get('offset') > $categories->count())) ? $categories->count() : $request->get('offset', 0);
@@ -43,6 +43,11 @@ class CompaniesController extends Controller
            $companies->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $companies->where('name', '=', $request->input('name'));
+        }
+
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($companies) && ($request->get('offset') > $companies->count())) ? $companies->count() : $request->get('offset', 0);
@@ -51,6 +51,10 @@ class ComponentsController extends Controller
            $components = $components->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $components->where('name', '=', $request->input('name'));
+        }
+
        if ($request->filled('company_id')) {
            $components->where('company_id', '=', $request->input('company_id'));
        }
@@ -55,6 +55,10 @@ class ConsumablesController extends Controller
            $consumables = $consumables->TextSearch(e($request->input('search')));
        }

+        if ($request->filled('name')) {
+            $consumables->where('name', '=', $request->input('name'));
+        }
+
        if ($request->filled('company_id')) {
            $consumables->where('company_id', '=', $request->input('company_id'));
        }
@@ -42,6 +42,22 @@ class DepartmentsController extends Controller
            $departments = $departments->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $departments->where('name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('company_id')) {
+            $departments->where('company_id', '=', $request->input('company_id'));
+        }
+
+        if ($request->filled('manager_id')) {
+            $departments->where('manager_id', '=', $request->input('manager_id'));
+        }
+
+        if ($request->filled('location_id')) {
+            $departments->where('location_id', '=', $request->input('location_id'));
+        }
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($departments) && ($request->get('offset') > $departments->count())) ? $departments->count() : $request->get('offset', 0);
@@ -28,6 +28,10 @@ class GroupsController extends Controller
            $groups = $groups->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $groups->where('name', '=', $request->input('name'));
+        }
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($groups) && ($request->get('offset') > $groups->count())) ? $groups->count() : $request->get('offset', 0);
@@ -116,16 +116,20 @@ class LicenseSeatsController extends Controller
            return response()->json(Helper::formatStandardApiResponse('success', $licenseSeat, trans('admin/licenses/message.update.success')));
        }

+        // the logging functions expect only one "target". if both asset and user are present in the request,
+        // we simply let assets take precedence over users...
+        if ($licenseSeat->isDirty('assigned_to')) {
+            $target = $is_checkin ? $oldUser : User::find($licenseSeat->assigned_to);
+        }
+        if ($licenseSeat->isDirty('asset_id')) {
+            $target = $is_checkin ? $oldAsset : Asset::find($licenseSeat->asset_id);
+        }
+
+        if (is_null($target)){
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'Target not found'));
+        }
+
        if ($licenseSeat->save()) {
-            // the logging functions expect only one "target". if both asset and user are present in the request,
-            // we simply let assets take precedence over users...
-            $changes = $licenseSeat->getChanges();
-            if (array_key_exists('assigned_to', $changes)) {
-                $target = $is_checkin ? $oldUser : User::find($changes['assigned_to']);
-            }
-            if (array_key_exists('asset_id', $changes)) {
-                $target = $is_checkin ? $oldAsset : Asset::find($changes['asset_id']);
-            }

            if ($is_checkin) {
                $licenseSeat->logCheckin($target, $request->input('note'));
@@ -53,6 +53,30 @@ class LocationsController extends Controller
            $locations = $locations->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $locations->where('locations.name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('address')) {
+            $locations->where('locations.address', '=', $request->input('address'));
+        }
+
+        if ($request->filled('address2')) {
+            $locations->where('locations.address2', '=', $request->input('address2'));
+        }
+
+        if ($request->filled('city')) {
+            $locations->where('locations.city', '=', $request->input('city'));
+        }
+
+        if ($request->filled('zip')) {
+            $locations->where('locations.zip', '=', $request->input('zip'));
+        }
+
+        if ($request->filled('country')) {
+            $locations->where('locations.country', '=', $request->input('country'));
+        }
+
        $offset = (($locations) && (request('offset') > $locations->count())) ? $locations->count() : request('offset', 0);

        // Check to make sure the limit is not higher than the max allowed
@@ -37,6 +37,26 @@ class ManufacturersController extends Controller
            $manufacturers = $manufacturers->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $manufacturers->where('name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('url')) {
+            $manufacturers->where('url', '=', $request->input('url'));
+        }
+
+        if ($request->filled('support_url')) {
+            $manufacturers->where('support_url', '=', $request->input('support_url'));
+        }
+
+        if ($request->filled('support_phone')) {
+            $manufacturers->where('support_phone', '=', $request->input('support_phone'));
+        }
+
+        if ($request->filled('support_email')) {
+            $manufacturers->where('support_email', '=', $request->input('support_email'));
+        }
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($manufacturers) && ($request->get('offset') > $manufacturers->count())) ? $manufacturers->count() : $request->get('offset', 0);
@@ -5,10 +5,37 @@ namespace App\Http\Controllers\Api;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Models\CheckoutRequest;
-use Auth;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Http\Request;
+use Laravel\Passport\TokenRepository;
+use Illuminate\Contracts\Validation\Factory as ValidationFactory;
+use Gate;
+use DB;

 class ProfileController extends Controller
 {
+
+    /**
+     * The token repository implementation.
+     *
+     * @var \Laravel\Passport\TokenRepository
+     */
+    protected $tokenRepository;
+
+    /**
+     * Create a controller instance.
+     *
+     * @param  \Laravel\Passport\TokenRepository  $tokenRepository
+     * @param  \Illuminate\Contracts\Validation\Factory  $validation
+     * @return void
+     */
+    public function __construct(TokenRepository $tokenRepository, ValidationFactory $validation)
+    {
+        $this->validation = $validation;
+        $this->tokenRepository = $tokenRepository;
+    }
+
    /**
     * Display a listing of requested assets.
     *
@@ -42,4 +69,90 @@ class ProfileController extends Controller

        return $results;
    }
+
+
+    /**
+     * Delete an API token
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function createApiToken(Request $request) {
+
+        if (!Gate::allows('self.api')) {
+            abort(403);
+        }
+
+        $accessTokenName = $request->input('name', 'Auth Token');
+
+        if ($accessToken = Auth::user()->createToken($accessTokenName)->accessToken) {
+
+            // Get the ID so we can return that with the payload
+            $token = DB::table('oauth_access_tokens')->where('user_id', '=', Auth::user()->id)->where('name','=',$accessTokenName)->orderBy('created_at', 'desc')->first();
+            $accessTokenData['id'] = $token->id;
+            $accessTokenData['token'] = $accessToken;
+            $accessTokenData['name'] = $accessTokenName;
+            return response()->json(Helper::formatStandardApiResponse('success', $accessTokenData, 'Personal access token '.$accessTokenName.' created successfully'));
+        }
+        return response()->json(Helper::formatStandardApiResponse('error', null, 'Token could not be created.'));
+
+    }
+
+
+    /**
+     * Delete an API token
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function deleteApiToken($tokenId) {
+
+        if (!Gate::allows('self.api')) {
+            abort(403);
+        }
+
+        $token = $this->tokenRepository->findForUser(
+            $tokenId, Auth::user()->getAuthIdentifier()
+        );
+
+        if (is_null($token)) {
+            return new Response('', 404);
+        }
+
+        $token->revoke();
+
+        return new Response('', Response::HTTP_NO_CONTENT);
+
+    }
+
+
+    /**
+     * Show user's API tokens
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function showApiTokens(Request $request) {
+
+        if (!Gate::allows('self.api')) {
+            abort(403);
+        }
+        
+        $tokens = $this->tokenRepository->forUser(Auth::user()->getAuthIdentifier());
+        $token_values = $tokens->load('client')->filter(function ($token) {
+            return $token->client->personal_access_client && ! $token->revoked;
+        })->values();
+
+        return response()->json(Helper::formatStandardApiResponse('success', $token_values, null));
+
+    }
+
+
+
 }
@@ -2,6 +2,9 @@

 namespace App\Http\Controllers\Api;

+use App\Helpers\Helper;
+use App\Helpers\StorageHelper;
+use App\Http\Transformers\DatatablesTransformer;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ldap;
@@ -265,4 +268,52 @@ class SettingsController extends Controller

        return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
    }
+
+
+    public function listBackups() {
+        $settings = Setting::getSettings();
+        $path = 'app/backups';
+        $backup_files = Storage::files($path);
+        $files_raw = [];
+        $count = 0;
+
+        if (count($backup_files) > 0) {
+
+            for ($f = 0; $f < count($backup_files); $f++) {
+
+                // Skip dotfiles like .gitignore and .DS_STORE
+                if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {
+                    $file_timestamp = Storage::lastModified($backup_files[$f]);
+
+                    $files_raw[] = [
+                        'filename' => basename($backup_files[$f]),
+                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
+                        'modified_value' => $file_timestamp,
+                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
+
+                    ];
+                    $count++;
+                }
+
+
+            }
+        }
+
+        $files = array_reverse($files_raw);
+        return (new DatatablesTransformer)->transformDatatables($files, $count);
+
+    }
+
+
+    public function downloadBackup($file) {
+
+        $path = 'app/backups';
+        if (Storage::exists($path.'/'.$file)) {
+            $headers = ['ContentType' => 'application/zip'];
+            return Storage::download($path.'/'.$file, $file, $headers);
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'File not found'));
+        }
+
+    }
 }
@@ -30,6 +30,10 @@ class StatuslabelsController extends Controller
            $statuslabels = $statuslabels->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $statuslabels->where('name', '=', $request->input('name'));
+        }
+

        // if a status_type is passed, filter by that
        if ($request->filled('status_type')) {
@@ -34,6 +34,46 @@ class SuppliersController extends Controller
            $suppliers = $suppliers->TextSearch($request->input('search'));
        }

+        if ($request->filled('name')) {
+            $suppliers->where('name', '=', $request->input('name'));
+        }
+
+        if ($request->filled('address')) {
+            $suppliers->where('address', '=', $request->input('address'));
+        }
+
+        if ($request->filled('address2')) {
+            $suppliers->where('address2', '=', $request->input('address2'));
+        }
+
+        if ($request->filled('city')) {
+            $suppliers->where('city', '=', $request->input('city'));
+        }
+
+        if ($request->filled('zip')) {
+            $suppliers->where('zip', '=', $request->input('zip'));
+        }
+
+        if ($request->filled('country')) {
+            $suppliers->where('country', '=', $request->input('country'));
+        }
+
+        if ($request->filled('fax')) {
+            $suppliers->where('fax', '=', $request->input('fax'));
+        }
+
+        if ($request->filled('email')) {
+            $suppliers->where('email', '=', $request->input('email'));
+        }
+
+        if ($request->filled('url')) {
+            $suppliers->where('url', '=', $request->input('url'));
+        }
+
+        if ($request->filled('notes')) {
+            $suppliers->where('notes', '=', $request->input('notes'));
+        }
+
        // Set the offset to the API call's offset, unless the offset is higher than the actual count of items in which
        // case we override with the actual count, so we should return 0 items.
        $offset = (($suppliers) && ($request->get('offset') > $suppliers->count())) ? $suppliers->count() : $request->get('offset', 0);
@@ -36,6 +36,7 @@ class UsersController extends Controller

        $users = User::select([
            'users.activated',
+            'users.created_by',
            'users.address',
            'users.avatar',
            'users.city',
@@ -66,7 +67,7 @@ class UsersController extends Controller
            'users.remote',
            'users.ldap_import',

-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables')
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
        $users = Company::scopeCompanyables($users);

@@ -89,6 +90,10 @@ class UsersController extends Controller
            $users = $users->where('users.location_id', '=', $request->input('location_id'));
        }

+        if ($request->filled('created_by')) {
+            $users = $users->where('users.created_by', '=', $request->input('created_by'));
+        }
+
        if ($request->filled('email')) {
            $users = $users->where('users.email', '=', $request->input('email'));
        }
@@ -182,6 +187,9 @@ class UsersController extends Controller
            case 'department':
                $users = $users->OrderDepartment($order);
                break;
+            case 'created_by':
+                $users = $users->OrderByCreatedBy($order);
+                break;
            case 'company':
                $users = $users->OrderCompany($order);
                break;
@@ -519,10 +527,14 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);
        $this->authorize('view', License::class);
-        $user = User::where('id', $id)->withTrashed()->first();
-        $licenses = $user->licenses()->get();
+        
+        if ($user = User::where('id', $id)->withTrashed()->first()) {
+            $licenses = $user->licenses()->get();
+            return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));

-        return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
    }

    /**
@@ -8,6 +8,7 @@ use App\Models\AssetModel;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\View;
+use Illuminate\Support\Facades\Validator;
 use Redirect;
 use Request;
 use Storage;
@@ -90,7 +91,9 @@ class AssetModelsController extends Controller
        // Was it created?
        if ($model->save()) {
            if ($this->shouldAddDefaultValues($request->input())) {
-                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+                if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))){
+                    return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.fieldset_default_value.error'));
+                }
            }

            // Redirect to the new model  page
@@ -163,7 +166,9 @@ class AssetModelsController extends Controller
            $model->fieldset_id = $request->input('custom_fieldset');

            if ($this->shouldAddDefaultValues($request->input())) {
-                $this->assignCustomFieldsDefaultValues($model, $request->input('default_values'));
+                if (!$this->assignCustomFieldsDefaultValues($model, $request->input('default_values'))){
+                    return redirect()->back()->withInput()->with('error', trans('admin/custom_fields/message.fieldset_default_value.error'));
+                }
            }
        }

@@ -451,6 +456,21 @@ class AssetModelsController extends Controller
     */
    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
    {
+        $data = array();
+        foreach ($defaultValues as $customFieldId => $defaultValue) {
+            $customField = \App\Models\CustomField::find($customFieldId);
+
+            $data[$customField->db_column] = $defaultValue;
+        }
+
+        $rules = $model->fieldset->validation_rules();
+
+        $validator = Validator::make($data, $rules);
+
+        if($validator->fails()){
+            return false;
+        }
+
        foreach ($defaultValues as $customFieldId => $defaultValue) {
            if(is_array($defaultValue)){
                $model->defaultValues()->attach($customFieldId, ['default_value' => implode(', ', $defaultValue)]);
@@ -458,6 +478,7 @@ class AssetModelsController extends Controller
                $model->defaultValues()->attach($customFieldId, ['default_value' => $defaultValue]);
            }
        }
+        return true;
    }

    /**
@@ -0,0 +1,155 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Helpers\StorageHelper;
+use App\Http\Requests\AssetFileRequest;
+use App\Models\Actionlog;
+use App\Models\AssetModel;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+use enshrined\svgSanitize\Sanitizer;
+
+class AssetModelsFilesController extends Controller
+{
+    /**
+     * Upload a file to the server.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param AssetFileRequest $request
+     * @param int $modelId
+     * @return Redirect
+     * @since [v1.0]
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function store(AssetFileRequest $request, $modelId = null)
+    {
+        if (! $model = AssetModel::find($modelId)) {
+            return redirect()->route('models.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+        }
+
+        $this->authorize('update', $model);
+
+        if ($request->hasFile('file')) {
+            if (! Storage::exists('private_uploads/assetmodels')) {
+                Storage::makeDirectory('private_uploads/assetmodels', 775);
+            }
+
+            foreach ($request->file('file') as $file) {
+
+                $extension = $file->getClientOriginalExtension();
+                $file_name = 'model-'.$model->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
+
+                // Check for SVG and sanitize it
+                if ($extension=='svg') {
+                    \Log::debug('This is an SVG');
+
+                    $sanitizer = new Sanitizer();
+                    $dirtySVG = file_get_contents($file->getRealPath());
+                    $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+                    try {
+                        Storage::put('private_uploads/assetmodels/'.$file_name, $cleanSVG);
+                    } catch (\Exception $e) {
+                        \Log::debug('Upload no workie :( ');
+                        \Log::debug($e);
+                    }
+                } else {
+                    Storage::put('private_uploads/assetmodels/'.$file_name, file_get_contents($file));
+                }
+
+
+                $model->logUpload($file_name, e($request->get('notes')));
+            }
+
+            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
+        }
+
+        return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles'));
+    }
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $modelId
+     * @param  int $fileId
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function show($modelId = null, $fileId = null, $download = true)
+    {
+        $model = AssetModel::find($modelId);
+        // the asset is valid
+        if (isset($model->id)) {
+            $this->authorize('view', $model);
+
+            if (! $log = Actionlog::find($fileId)) {
+                return response('No matching record for that model/file', 500)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            $file = 'private_uploads/assetmodels/'.$log->filename;
+            \Log::debug('Checking for '.$file);
+
+
+            if (! Storage::exists($file)) {
+                return response('File '.$file.' not found on server', 404)
+                    ->header('Content-Type', 'text/plain');
+            }
+
+            if ($download != 'true') {
+                if ($contents = file_get_contents(Storage::url($file))) {
+                    return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file)));
+                }
+
+                return JsonResponse::create(['error' => 'Failed validation: '], 500);
+            }
+
+            return StorageHelper::downloader($file);
+        }
+        // Prepare the error message
+        $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]);
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', $error);
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @param  int $modelId
+     * @param  int $fileId
+     * @since [v1.0]
+     * @return View
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function destroy($modelId = null, $fileId = null)
+    {
+        $model = AssetModel::find($modelId);
+        $this->authorize('update', $model);
+        $rel_path = 'private_uploads/assetmodels';
+
+        // the asset is valid
+        if (isset($model->id)) {
+            $this->authorize('update', $model);
+            $log = Actionlog::find($fileId);
+            if ($log) {
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
+                }
+                $log->delete();
+
+                return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
+            }
+
+            return redirect()->back()
+                ->with('success', trans('admin/hardware/message.deletefile.success'));
+        }
+
+        // Redirect to the hardware management page
+        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
+    }
+}
@@ -20,6 +20,7 @@ use Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Cookie;
 use Input;
 use Intervention\Image\Facades\Image;
 use League\Csv\Reader;
@@ -167,17 +168,17 @@ class AssetsController extends Controller
                foreach ($model->fieldset->fields as $field) {
                    if ($field->field_encrypted == '1') {
                        if (Gate::allows('admin')) {
-                            if (is_array($request->input($field->convertUnicodeDbSlug()))) {
-                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(implode(', ', $request->input($field->convertUnicodeDbSlug())));
+                            if (is_array($request->input($field->db_column))) {
+                                $asset->{$field->db_column} = \Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                            } else {
-                                $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                            }
                        }
                    } else {
-                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
-                            $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                        if (is_array($request->input($field->db_column))) {
+                            $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                        } else {
-                            $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                            $asset->{$field->db_column} = $request->input($field->db_column);
                        }
                    }
                }
@@ -201,18 +202,30 @@ class AssetsController extends Controller
                }

                $success = true;
+                
            }
        }

        if ($success) {
            // Redirect to the asset listing page
+            $minutes = 518400;
+            // dd( $_POST['options']);
+            // Cookie::queue(Cookie::make('optional_info', json_decode($_POST['options']), $minutes));
            return redirect()->route('hardware.index')
                ->with('success', trans('admin/hardware/message.create.success'));
+               
+      
        }

        return redirect()->back()->withInput()->withErrors($asset->getErrors());
    }

+    public function getOptionCookie(Request $request){
+        $value = $request->cookie('optional_info');
+        echo $value;
+        return $value;
+     }
+
    /**
     * Returns a view that presents a form to edit an existing asset.
     *
@@ -343,17 +356,17 @@ class AssetsController extends Controller
            foreach ($model->fieldset->fields as $field) {
                if ($field->field_encrypted == '1') {
                    if (Gate::allows('admin')) {
-                        if (is_array($request->input($field->convertUnicodeDbSlug()))) {
-                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt(implode(', ', $request->input($field->convertUnicodeDbSlug())));
+                        if (is_array($request->input($field->db_column))) {
+                            $asset->{$field->db_column} = \Crypt::encrypt(implode(', ', $request->input($field->db_column)));
                        } else {
-                            $asset->{$field->convertUnicodeDbSlug()} = \Crypt::encrypt($request->input($field->convertUnicodeDbSlug()));
+                            $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
                        }
                    }
                } else {
-                    if (is_array($request->input($field->convertUnicodeDbSlug()))) {
-                        $asset->{$field->convertUnicodeDbSlug()} = implode(', ', $request->input($field->convertUnicodeDbSlug()));
+                    if (is_array($request->input($field->db_column))) {
+                        $asset->{$field->db_column} = implode(', ', $request->input($field->db_column));
                    } else {
-                        $asset->{$field->convertUnicodeDbSlug()} = $request->input($field->convertUnicodeDbSlug());
+                        $asset->{$field->db_column} = $request->input($field->db_column);
                    }
                }
            }
@@ -39,10 +39,6 @@ class BulkAssetsController extends Controller
        $bulk_back_url = request()->headers->get('referer');
        session(['bulk_back_url' => $bulk_back_url]);

-        \Log::debug('Back to url: '.$bulk_back_url);
-
-
-
        $asset_ids = array_values(array_unique($request->input('ids')));

        if ($request->filled('bulk_actions')) {
@@ -136,13 +136,12 @@ class LoginController extends Controller

            // Better logging
            if (!$saml->isEnabled()) {
-                \Log::warning("SAML page requested, but SAML does not seem to enabled.");
+                \Log::debug("SAML page requested, but SAML does not seem to enabled.");
            } else {
                \Log::warning("SAML page requested, but samlData seems empty.");
            }
        }

-        \Log::warning("Something else went wrong while trying to login as SAML user");


    }
@@ -3,13 +3,11 @@
 namespace App\Http\Controllers\Auth;

 use App\Http\Controllers\Controller;
-use App\Http\Requests\SaveUserRequest;
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
-use Illuminate\Validation\Rule;
-use Illuminate\Validation\Validator;
+

 class ResetPasswordController extends Controller
 {
@@ -63,6 +61,14 @@ class ResetPasswordController extends Controller

    public function showResetForm(Request $request, $token = null)
    {
+
+        $credentials =  $request->only('email', 'token');
+
+        if (is_null($this->broker()->getUser($credentials))) {
+            \Log::debug('Password reset form FAILED - this token is not valid.');
+            return redirect()->route('password.request')->with('error', trans('passwords.token'));
+        }
+
        return view('auth.passwords.reset')->with(
            [
                'token' => $token,
@@ -73,38 +79,53 @@ class ResetPasswordController extends Controller

    public function reset(Request $request)
    {
+
+        $broker = $this->broker();
+
        $messages = [
            'password.not_in' => trans('validation.disallow_same_pwd_as_user_fields'),
        ];

        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());

-        // Check to see if the user even exists
-        $user = User::where('username', '=', $request->input('username'))->first();
+        \Log::debug('Checking if '.$request->input('username').' exists');
+        // Check to see if the user even exists - we'll treat the response the same to prevent user sniffing
+        if ($user = User::where('username', '=', $request->input('username'))->where('activated', '1')->whereNotNull('email')->first()) {
+            \Log::debug($user->username.' exists');
+
+
+            // handle the password validation rules set by the admin settings
+            if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== false) {
+                $request->validate(
+                    [
+                        'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"',
+                    ], $messages);
+            }
+
+
+            // set the response
+            $response = $broker->reset(
+                $this->credentials($request), function ($user, $password) {
+                $this->resetPassword($user, $password);
+            });
+
+            // Check if the password reset above actually worked
+            if ($response == \Password::PASSWORD_RESET) {
+                \Log::debug('Password reset for '.$user->username.' worked');
+                return redirect()->guest('login')->with('success', trans('passwords.reset'));
+            }
+
+            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
+            return redirect()->back()->withInput($request->only('email'))->with('error', trans('passwords.token'));

-        $broker = $this->broker();
-        if (strpos(Setting::passwordComplexityRulesSaving('store'), 'disallow_same_pwd_as_user_fields') !== false) {
-            $request->validate(
-                [
-                'password' => 'required|notIn:["'.$user->email.'","'.$user->username.'","'.$user->first_name.'","'.$user->last_name.'"',
-            ], $messages);
        }

-        $response = $broker->reset(
-            $this->credentials($request), function ($user, $password) {
-                $this->resetPassword($user, $password);
-            }
-        );

-        return $response == \Password::PASSWORD_RESET
-            ? $this->sendResetResponse($request, $response)
-            : $this->sendResetFailedResponse($request, $response);
+        \Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
+        return redirect()->guest('login')->with('success', trans('passwords.reset'));
+
    }

-    protected function sendResetFailedResponse(Request $request, $response)
-    {
-        return redirect()->back()
-            ->withInput(['username'=> $request->input('username')])
-            ->withErrors(['username' => trans($response), 'password' => trans($response)]);
-    }
+
+
 }
@@ -129,7 +129,7 @@ class ComponentsController extends Controller
        if (is_null($component = Component::find($componentId))) {
            return redirect()->route('components.index')->with('error', trans('admin/components/message.does_not_exist'));
        }
-        $min = $component->numCHeckedOut();
+        $min = $component->numCheckedOut();
        $validator = Validator::make($request->all(), [
            'qty' => "required|numeric|min:$min",
        ]);
@@ -9,6 +9,7 @@ use App\Models\Company;
 use App\Models\Consumable;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
+use Illuminate\Support\Facades\Validator;

 /**
 * This controller handles all actions related to Consumables for
@@ -128,6 +129,17 @@ class ConsumablesController extends Controller
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.does_not_exist'));
        }

+        $min = $consumable->numCheckedOut();
+        $validator = Validator::make($request->all(), [
+            "qty" => "required|numeric|min:$min"
+        ]);
+
+        if ($validator->fails()) {
+            return redirect()->back()
+                ->withErrors($validator)
+                ->withInput();
+        }
+
        $this->authorize($consumable);

        $consumable->name                   = $request->input('name');
@@ -211,23 +211,35 @@ class LocationsController extends Controller

    public function print_assigned($id)
    {
-        $location = Location::where('id', $id)->first();
-        $parent = Location::where('id', $location->parent_id)->first();
-        $manager = User::where('id', $location->manager_id)->first();
-        $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
-        $assets = Asset::where('assigned_to', $id)->where('assigned_type', Location::class)->with('model', 'model.category')->get();

-        return view('locations/print')->with('assets', $assets)->with('users', $users)->with('location', $location)->with('parent', $parent)->with('manager', $manager);
+        if ($location = Location::where('id', $id)->first()) {
+            $parent = Location::where('id', $location->parent_id)->first();
+            $manager = User::where('id', $location->manager_id)->first();
+            $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
+            $assets = Asset::where('assigned_to', $id)->where('assigned_type', Location::class)->with('model', 'model.category')->get();
+            return view('locations/print')->with('assets', $assets)->with('users', $users)->with('location', $location)->with('parent', $parent)->with('manager', $manager);
+
+        }
+
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
+
+
+
    }

    public function print_all_assigned($id)
    {
-        $location = Location::where('id', $id)->first();
-        $parent = Location::where('id', $location->parent_id)->first();
-        $manager = User::where('id', $location->manager_id)->first();
-        $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
-        $assets = Asset::where('location_id', $id)->with('model', 'model.category')->get();
+        if ($location = Location::where('id', $id)->first()) {
+            $parent = Location::where('id', $location->parent_id)->first();
+            $manager = User::where('id', $location->manager_id)->first();
+            $users = User::where('location_id', $id)->with('company', 'department', 'location')->get();
+            $assets = Asset::where('location_id', $id)->with('model', 'model.category')->get();
+            return view('locations/print')->with('assets', $assets)->with('users', $users)->with('location', $location)->with('parent', $parent)->with('manager', $manager);
+
+        }
+        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
+
+

-        return view('locations/print')->with('assets', $assets)->with('users', $users)->with('location', $location)->with('parent', $parent)->with('manager', $manager);
    }
 }
@@ -1148,18 +1148,4 @@ class ReportsController extends Controller
            $this->getModelsInCategoriesThatRequireAcceptance($this->getCategoriesThatRequireAcceptance())
        );
    }
-
-    /**
-     * getAssetsNotAcceptedYet
-     *
-     * @return array
-     * @author  Vincent Sposato <vincent.sposato@gmail.com>
-     * @version v1.0
-     */
-    protected function getAssetsNotAcceptedYet()
-    {
-        $this->authorize('reports.view');
-
-        return Asset::unaccepted();
-    }
 }
@@ -25,6 +25,7 @@ use Response;
 use App\Http\Requests\SlackSettingsRequest;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Artisan;
+use Validator;

 /**
 * This controller handles all actions related to Settings for
@@ -910,7 +911,24 @@ class SettingsController extends Controller
    {
        $setting = Setting::getSettings();

-        return view('settings.ldap', compact('setting'));
+        /**
+         * This validator is only temporary (famous last words.) - @snipe
+         */
+        $messages = [
+            'ldap_username_field.not_in' => '<code>sAMAccountName</code> (mixed case) will likely not work. You should use <code>samaccountname</code> (lowercase) instead. ',
+            'ldap_auth_filter_query.not_in' => '<code>uid=samaccountname</code> is probably not a valid auth filter. You probably want <code>uid=</code> ',
+            'ldap_filter.regex' => 'This value should probably not be wrapped in parentheses.',
+        ];
+
+        $validator = Validator::make($setting->toArray(), [
+            'ldap_username_field' => 'not_in:sAMAccountName',
+            'ldap_auth_filter_query' => 'not_in:uid=samaccountname',
+            'ldap_filter' => 'regex:"^[^(]"',
+        ],  $messages);
+
+
+
+        return view('settings.ldap', compact('setting'))->withErrors($validator);
    }

    /**
@@ -942,7 +960,7 @@ class SettingsController extends Controller
            $setting->ldap_lname_field = $request->input('ldap_lname_field');
            $setting->ldap_fname_field = $request->input('ldap_fname_field');
            $setting->ldap_auth_filter_query = $request->input('ldap_auth_filter_query');
-            $setting->ldap_version = $request->input('ldap_version');
+            $setting->ldap_version = $request->input('ldap_version', 3);
            $setting->ldap_active_flag = $request->input('ldap_active_flag');
            $setting->ldap_emp_num = $request->input('ldap_emp_num');
            $setting->ldap_email = $request->input('ldap_email');
@@ -1147,23 +1165,31 @@ class SettingsController extends Controller
     */
    public function deleteFile($filename = null)
    {
-        if (! config('app.lock_passwords')) {
-            $path = 'app/backups';
+        if (config('app.allow_backup_delete')=='true') {

-            if (Storage::exists($path.'/'.$filename)) {
-                try {
-                    Storage::delete($path.'/'.$filename);
+            if (!config('app.lock_passwords')) {
+                $path = 'app/backups';

-                    return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
-                } catch (\Exception $e) {
-                    \Log::debug($e);
+                if (Storage::exists($path . '/' . $filename)) {
+
+                    try {
+                        Storage::delete($path . '/' . $filename);
+                        return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
+                    } catch (\Exception $e) {
+                        \Log::debug($e);
+                    }
+
+                } else {
+                    return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
                }
-            } else {
-                return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
            }
-        } else {
+
            return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
        }
+
+        // Hell to the no
+        \Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
+        return redirect()->route('settings.backups.index')->with('error', trans('general.backup_delete_not_allowed'));
    }


@@ -1198,9 +1224,10 @@ class SettingsController extends Controller
                        Storage::putFileAs('app/backups', $request->file('file'), $upload_filename);
            
                        return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
-                } else {
-                    return redirect()->route('settings.backups.index')->withErrors($request->getErrors());
                }
+
+                return redirect()->route('settings.backups.index')->withErrors($request->getErrors());
+
            }

        } else {
@@ -1298,9 +1325,15 @@ class SettingsController extends Controller
     */
    public function getPurge()
    {
-        \Log::warning('User ID '.Auth::user()->id.' is attempting a PURGE');

-        return view('settings.purge-form');
+        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
+
+        if (config('app.allow_purge')=='true') {
+            return view('settings.purge-form');
+        }
+
+        return redirect()->route('settings.index')->with('error', trans('general.purge_not_allowed'));
+
    }

    /**
@@ -1314,22 +1347,40 @@ class SettingsController extends Controller
     */
    public function postPurge(Request $request)
    {
-        if (! config('app.lock_passwords')) {
-            if ('DELETE' == $request->input('confirm_purge')) {
-                \Log::warning('User ID '.Auth::user()->id.' initiated a PURGE!');
-                // Run a backup immediately before processing
-                Artisan::call('backup:run');
-                Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
-                $output = Artisan::output();
+        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');

-                return view('settings/purge')
-                    ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
+        if (config('app.allow_purge')=='true') {
+            \Log::debug('Purging is not allowed via the .env');
+
+            if (!config('app.lock_passwords')) {
+
+                if ($request->input('confirm_purge')=='DELETE') {
+
+                    \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
+                    // Run a backup immediately before processing
+                    Artisan::call('backup:run');
+                    Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
+                    $output = Artisan::output();
+
+                    return redirect()->route('settings.index')
+                        ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
+
+                } else {
+                    return redirect()->route('settings.purge.index')
+                        ->with('error', trans('admin/settings/message.purge.validation_failed'));
+                }
            } else {
-                return redirect()->back()->with('error', trans('admin/settings/message.purge.validation_failed'));
+                return redirect()->route('settings.index')
+                    ->with('error', trans('general.feature_disabled'));
            }
-        } else {
-            return redirect()->back()->with('error', trans('general.feature_disabled'));
        }
+
+        \Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');
+
+
+        // Nope.
+        return redirect()->route('settings.index')
+            ->with('error', trans('general.purge_not_allowed'));
    }

    /**
@@ -23,6 +23,7 @@ use Redirect;
 use Str;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use View;
+use App\Notifications\CurrentInventory;

 /**
 * This controller handles all actions related to Users for
@@ -116,6 +117,8 @@ class UsersController extends Controller
        $user->country = $request->input('country', null);
        $user->zip = $request->input('zip', null);
        $user->remote = $request->input('remote', 0);
+        $user->website = $request->input('website', null);
+        $user->created_by = Auth::user()->id;

        // Strip out the superuser permission if the user isn't a superadmin
        $permissions_array = $request->input('permission');
@@ -266,6 +269,7 @@ class UsersController extends Controller
        $user->activated = $request->input('activated', 0);
        $user->zip = $request->input('zip', null);
        $user->remote = $request->input('remote', 0);
+        $user->website = $request->input('website', null);

        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
@@ -612,6 +616,28 @@ class UsersController extends Controller
            ->with('settings', Setting::getSettings());
    }

+    /**
+     * Emails user a list of assigned assets
+     *
+     * @author [G. Martinez] [<godmartinz@gmail.com>]
+     * @since [v6.0.5]
+     * @param  \App\Http\Controllers\Users\UsersController  $id
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function emailAssetList($id)
+    {
+        $this->authorize('view', User::class);
+
+        if( User::where('id', $id)->first()->exists())
+            {
+                $user= User::where('id', $id)->first();
+                $user->notify((new CurrentInventory($user)));
+                return redirect()->back()->with('success', trans('admin/users/general.user_notified'));
+            }
+
+        return redirect()->back()->with('error', 'admin/accessories/message.user_does_not_exist');
+    }
+
    /**
     * Send individual password reset email
     *
@@ -636,4 +662,4 @@ class UsersController extends Controller

        return redirect()->back()->with('error', 'User is not activated, is LDAP synced, or does not have an email address ');
    }
-}
+}
@@ -180,123 +180,4 @@ class ViewAssetsController extends Controller
    {
        return view('account/requested');
    }
-
-    // Get the acceptance screen
-    public function getAcceptAsset($logID = null)
-    {
-        $findlog = Actionlog::where('id', $logID)->first();
-
-        if (! $findlog) {
-            return redirect()->to('account/view-assets')->with('error', 'No matching record.');
-        }
-
-        if ($findlog->accepted_id != '') {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }
-
-        $user = Auth::user();
-
-        // TODO - Fix this for non-assets
-        if (($findlog->item_type == Asset::class) && ($user->id != $findlog->item->assigned_to)) {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
-        }
-
-        $item = $findlog->item;
-
-        // Check if the asset exists
-        if (is_null($item)) {
-            // Redirect to the asset management page
-            return redirect()->to('account')->with('error', trans('admin/hardware/message.does_not_exist'));
-        } elseif (! Company::isCurrentUserHasAccess($item)) {
-            return redirect()->route('requestable-assets')->with('error', trans('general.insufficient_permissions'));
-        } else {
-            return view('account/accept-asset', compact('item'))->with('findlog', $findlog)->with('item', $item);
-        }
-    }
-
-    // Save the acceptance
-    public function postAcceptAsset(Request $request, $logID = null)
-    {
-
-        // Check if the asset exists
-        if (is_null($findlog = Actionlog::where('id', $logID)->first())) {
-            // Redirect to the asset management page
-            return redirect()->to('account/view-assets')->with('error', trans('admin/hardware/message.does_not_exist'));
-        }
-
-        if ($findlog->accepted_id != '') {
-            // Redirect to the asset management page
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.asset_already_accepted'));
-        }
-
-        if ($request->missing('asset_acceptance')) {
-            return redirect()->back()->with('error', trans('admin/users/message.error.accept_or_decline'));
-        }
-
-        $user = Auth::user();
-
-        if (($findlog->item_type == Asset::class) && ($user->id != $findlog->item->assigned_to)) {
-            return redirect()->to('account/view-assets')->with('error', trans('admin/users/message.error.incorrect_user_accepted'));
-        }
-
-        if ($request->filled('signature_output')) {
-            $path = config('app.private_uploads').'/signatures';
-            $sig_filename = 'siglog-'.$findlog->id.'-'.date('Y-m-d-his').'.png';
-            $data_uri = e($request->get('signature_output'));
-            $encoded_image = explode(',', $data_uri);
-            $decoded_image = base64_decode($encoded_image[1]);
-
-            Storage::putFileAs($path, $decoded_image, $sig_filename);
-            //file_put_contents($path.'/'.$sig_filename, $decoded_image);
-        }
-
-        $logaction = new Actionlog();
-
-        if ($request->input('asset_acceptance') == 'accepted') {
-            $logaction_msg = 'accepted';
-            $accepted = 'accepted';
-            $return_msg = trans('admin/users/message.accepted');
-        } else {
-            $logaction_msg = 'declined';
-            $accepted = 'rejected';
-            $return_msg = trans('admin/users/message.declined');
-        }
-        $logaction->item_id = $findlog->item_id;
-        $logaction->item_type = $findlog->item_type;
-
-        // Asset
-        if (($findlog->item_id != '') && ($findlog->item_type == Asset::class)) {
-            if ($request->input('asset_acceptance') != 'accepted') {
-                DB::table('assets')
-                ->where('id', $findlog->item_id)
-                ->update(['assigned_to' => null]);
-            }
-        }
-
-        $logaction->target_id = $findlog->target_id;
-        $logaction->target_type = User::class;
-        $logaction->note = e($request->input('note'));
-        $logaction->updated_at = date('Y-m-d H:i:s');
-
-        if (isset($sig_filename)) {
-            $logaction->accept_signature = $sig_filename;
-        }
-        $log = $logaction->logaction($logaction_msg);
-
-        $update_checkout = DB::table('action_logs')
-        ->where('id', $findlog->id)
-        ->update(['accepted_id' => $logaction->id]);
-
-        if (($findlog->item_id != '') && ($findlog->item_type == Asset::class)) {
-            $affected_asset = $logaction->item;
-            $affected_asset->accepted = $accepted;
-            $affected_asset->save();
-        }
-
-        if ($update_checkout) {
-            return redirect()->to('account/view-assets')->with('success', $return_msg);
-        } else {
-            return redirect()->to('account/view-assets')->with('error', 'Something went wrong ');
-        }
-    }
 }
@@ -68,8 +68,6 @@ class AccessoriesTransformer
        $array = [];

        foreach ($accessory_users as $user) {
-            \Log::debug(print_r($user->pivot, true));
-            \Log::debug(print_r($user->pivot, true));
            $array[] = [

                'assigned_pivot_id' => $user->pivot->id,
@@ -55,25 +55,35 @@ class ActionlogsTransformer
            }
        }

+        $file_url = '';
+        if($actionlog->filename!='') {
+            if ($actionlog->present()->actionType() == 'accepted') {
+                $file_url = route('log.storedeula.download', ['filename' => $actionlog->filename]);
+            } else {
+                if ($actionlog->itemType() == 'asset') {
+                    $file_url = route('show/assetfile', ['assetId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
+                } elseif ($actionlog->itemType() == 'license') {
+                    $file_url = route('show.licensefile', ['licenseId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
+                } elseif ($actionlog->itemType() == 'user') {
+                    $file_url = route('show/userfile', ['userId' => $actionlog->item->id, 'fileId' => $actionlog->id]);
+                }
+            }
+        }

-            $array = [
+        $array = [
            'id'          => (int) $actionlog->id,
            'icon'          => $icon,
            'file' => ($actionlog->filename!='')
                ?
                [
-                    'url' => ($actionlog->present()->actionType()=='accepted')
-                            ?
-                            route('log.storedeula.download', ['filename' => $actionlog->filename])
-                            :
-                            route('show/assetfile', ['assetId' => $actionlog->id, 'fileId' => $actionlog->id]),
+                    'url' => $file_url,
                    'filename' => $actionlog->filename,
                    'inlineable' => (bool) Helper::show_file_inline($actionlog->filename),
                ] : null,

            'item' => ($actionlog->item) ? [
                'id' => (int) $actionlog->item->id,
-                'name' => ($actionlog->itemType()=='user') ? $actionlog->filename : e($actionlog->item->getDisplayNameAttribute()),
+                'name' => ($actionlog->itemType()=='user') ? e($actionlog->item->getFullNameAttribute()) : e($actionlog->item->getDisplayNameAttribute()),
                'type' => e($actionlog->itemType()),
            ] : null,
            'location' => ($actionlog->location) ? [
@@ -104,6 +114,7 @@ class ActionlogsTransformer
        ];
        //\Log::info("Clean Meta is: ".print_r($clean_meta,true));

+        //dd($array);
        return $array;
    }

@@ -94,25 +94,40 @@ class AssetsTransformer
            $fields_array = [];

            foreach ($asset->model->fieldset->fields as $field) {
-                if ($field->isFieldDecryptable($asset->{$field->convertUnicodeDbSlug()})) {
-                    $decrypted = Helper::gracefulDecrypt($field, $asset->{$field->convertUnicodeDbSlug()});
+                if ($field->isFieldDecryptable($asset->{$field->db_column})) {
+                    $decrypted = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
                    $value = (Gate::allows('superadmin')) ? $decrypted : strtoupper(trans('admin/custom_fields/general.encrypted'));

+                    if ($field->format == 'DATE'){
+                        if (Gate::allows('superadmin')){
+                            $value = Helper::getFormattedDateObject($value, 'date', false);
+                        } else {
+                           $value = strtoupper(trans('admin/custom_fields/general.encrypted'));
+                        }
+                    }
+
                    $fields_array[$field->name] = [
-                            'field' => e($field->convertUnicodeDbSlug()),
+                            'field' => e($field->db_column),
                            'value' => e($value),
                            'field_format' => $field->format,
+                            'element' => $field->element,
                        ];

                } else {
+                    $value = $asset->{$field->db_column};
+
+                    if (($field->format == 'DATE') && (!is_null($value)) && ($value!='')){
+                        $value = Helper::getFormattedDateObject($value, 'date', false);
+                    }
+                    
                    $fields_array[$field->name] = [
-                        'field' => e($field->convertUnicodeDbSlug()),
-                        'value' => e($asset->{$field->convertUnicodeDbSlug()}),
+                        'field' => e($field->db_column),
+                        'value' => e($value),
                        'field_format' => $field->format,
+                        'element' => $field->element,
                    ];
-
-
                }
+
                $array['custom_fields'] = $fields_array;
            }
        } else {
@@ -39,7 +39,7 @@ class ComponentsAssetsTransformer

        if ($asset->model->fieldset) {
            foreach ($asset->model->fieldset->fields as $field) {
-                $fields_array = [$field->name => $asset->{$field->convertUnicodeDbSlug()}];
+                $fields_array = [$field->name => $asset->{$field->db_column}];
                $array += $fields_array;
            }
        }
@@ -46,7 +46,7 @@ class CustomFieldsTransformer
            'field_values'   => ($field->field_values) ? e($field->field_values) : null,
            'field_values_array'   => ($field->field_values) ? explode("\r\n", e($field->field_values)) : null,
            'type'   =>  e($field->element),
-            'required'   =>  $field->pivot ? $field->pivot->required : false,
+            'required'   =>  (($field->pivot) && ($field->pivot->required=='1')) ? true : false,
            'created_at' => Helper::getFormattedDateObject($field->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($field->updated_at, 'datetime'),
        ];
@@ -9,14 +9,14 @@ use Illuminate\Database\Eloquent\Collection;

 class DepreciationsTransformer
 {
-    public function transformDepreciations(Collection $depreciations)
+    public function transformDepreciations(Collection $depreciations, $total)
    {
        $array = [];
        foreach ($depreciations as $depreciation) {
            $array[] = self::transformDepreciation($depreciation);
        }

-        return (new DatatablesTransformer)->transformDatatables($array);
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
    }

    public function transformDepreciation(Depreciation $depreciation)
@@ -27,8 +27,7 @@ class DepreciationsTransformer
            'months' => $depreciation->months.' '.trans('general.months'),
            'depreciation_min' => $depreciation->depreciation_min,
            'created_at' => Helper::getFormattedDateObject($depreciation->created_at, 'datetime'),
-            'updated_at' => Helper::getFormattedDateObject($depreciation->updated_at, 'datetime'),
-            'depreciation_min' =>($depreciation->depreciation_min),
+            'updated_at' => Helper::getFormattedDateObject($depreciation->updated_at, 'datetime')
        ];

        $permissions_array['available_actions'] = [
@@ -40,4 +39,4 @@ class DepreciationsTransformer

        return $array;
    }
-}
+}
@@ -63,6 +63,10 @@ class UsersTransformer
                'accessories_count' => (int) $user->accessories_count,
                'consumables_count' => (int) $user->consumables_count,
                'company' => ($user->company) ? ['id' => (int) $user->company->id, 'name'=> e($user->company->name)] : null,
+                'created_by' => ($user->createdBy) ? [
+                    'id' => (int) $user->createdBy->id,
+                    'name'=> e($user->createdBy->present()->fullName),
+                ] : null,
                'created_at' => Helper::getFormattedDateObject($user->created_at, 'datetime'),
                'updated_at' => Helper::getFormattedDateObject($user->updated_at, 'datetime'),
                'last_login' => Helper::getFormattedDateObject($user->last_login, 'datetime'),
@@ -2,6 +2,7 @@

 namespace App\Importer;

+use App\Models\Asset;
 use App\Models\Department;
 use App\Models\Setting;
 use App\Models\User;
@@ -79,6 +80,12 @@ class UserImporter extends ItemImporter
            $this->log('Updating User');
            $user->update($this->sanitizeItemForUpdating($user));
            $user->save();
+
+            // Update the location of any assets checked out to this user
+            Asset::where('assigned_type', User::class)
+                ->where('assigned_to', $user->id)
+                ->update(['location_id' => $user->location_id]);
+            
            // \Log::debug('UserImporter.php Updated User ' . print_r($user, true));
            return;
        }
@@ -30,7 +30,6 @@ class CheckoutableListener
    public function onCheckedOut($event)
    {

-        \Log::debug('onCheckedOut in the Checkoutable listener fired');

        /**
         * When the item wasn't checked out to a user, we can't send notifications
@@ -310,6 +310,21 @@ class Accessory extends SnipeModel
            return null;
    }

+     /**
+     * Check how many items within an accessory are checked out
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0]
+     * @return int
+     */
+    public function numCheckedOut()
+    {
+        $checkedout = 0;
+        $checkedout = $this->users->count();
+
+        return $checkedout;
+    }
+
    /**
     * Check how many items of an accessory remain
     *
@@ -1147,6 +1147,31 @@ class Asset extends Depreciable
    }


+    /**
+     * Query builder scope for Archived assets counting
+     *
+     * This is primarily used for the tab counters so that IF the admin
+     * has chosen to not display archived assets in their regular lists
+     * and views, it will return the correct number.
+     *
+     * @param  \Illuminate\Database\Query\Builder $query Query builder instance
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+
+    public function scopeAssetsForShow($query)
+    {
+
+        if (Setting::getSettings()->show_archived_in_list!=1) {
+            return $query->whereHas('assetstatus', function ($query) {
+                $query->where('archived', '=', 0);
+            });
+        } else {
+            return $query;
+        }
+
+    }
+
  /**
   * Query builder scope for Archived assets
   *
@@ -162,6 +162,20 @@ class AssetMaintenance extends Model implements ICompanyableChild
     * -----------------------------------------------
     **/

+    /**
+     * Query builder scope to order on a supplier
+     *
+     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  string                              $order       Order
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderBySupplier($query, $order)
+    {
+        return $query->leftJoin('suppliers as suppliers_maintenances', 'asset_maintenances.supplier_id', '=', 'suppliers_maintenances.id')
+            ->orderBy('suppliers_maintenances.name', $order);
+    }
+
    /**
     * Query builder scope to order on admin user
     *
@@ -20,7 +20,7 @@ class AssetModel extends SnipeModel
    use HasFactory;
    use SoftDeletes;
    protected $presenter = \App\Presenters\AssetModelPresenter::class;
-    use Requestable, Presentable;
+    use Loggable, Requestable, Presentable;

    protected $table = 'models';
    protected $hidden = ['user_id', 'deleted_at'];
@@ -181,6 +181,23 @@ class AssetModel extends SnipeModel
        return false;
    }

+    /**
+     * Get uploads for this model
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v4.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function uploads()
+    {
+        return $this->hasMany('\App\Models\Actionlog', 'item_id')
+            ->where('item_type', '=', AssetModel::class)
+            ->where('action_type', '=', 'uploaded')
+            ->whereNotNull('filename')
+            ->orderBy('created_at', 'desc');
+    }
+
+
    /**
     * -----------------------------------------------
     * BEGIN QUERY SCOPES
@@ -276,6 +276,21 @@ class Consumable extends SnipeModel
        }
    }

+    /**
+     * Check how many items within a consumable are checked out
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v5.0]
+     * @return int
+     */
+    public function numCheckedOut()
+    {
+        $checkedout = 0;
+        $checkedout = $this->users->count();
+
+        return $checkedout;
+    }
+
    /**
     * Checks the number of available consumables
     *
@@ -111,7 +111,7 @@ class CustomField extends Model

            // Column already exists on the assets table - nothing to do here.
            // This *shouldn't* happen in the wild.
-            if (Schema::hasColumn(self::$table_name, $custom_field->convertUnicodeDbSlug())) {
+            if (Schema::hasColumn(self::$table_name, $custom_field->db_column)) {
                return false;
            }

@@ -156,7 +156,7 @@ class CustomField extends Model
        // Drop the assets column if we've deleted it from custom fields
        self::deleting(function ($custom_field) {
            return Schema::table(self::$table_name, function ($table) use ($custom_field) {
-                $table->dropColumn($custom_field->convertUnicodeDbSlug());
+                $table->dropColumn($custom_field->db_column);
            });
        });
    }
@@ -66,16 +66,11 @@ class Depreciable extends SnipeModel
    /**
     * @return float|int
     */
-    public function getLinearDepreciatedValue()
+    public function getLinearDepreciatedValue() // TODO - for testing it might be nice to have an optional $relative_to param here, defaulted to 'now'
    {
-        $numerator= (($this->purchase_cost-($this->purchase_cost*12/($this->get_depreciation()->months))));
-        $denominator=$this->get_depreciation()->months/12;
-        $deprecation_per_year= $numerator/$denominator;
-        $deprecation_per_month= $deprecation_per_year/12;
-
        $months_remaining = $this->time_until_depreciated()->m + 12 * $this->time_until_depreciated()->y; //UGlY
-        $months_depreciated=$this->get_depreciation()->months-$months_remaining;
-        $current_value = $this->purchase_cost-($deprecation_per_month*$months_depreciated);
+
+        $current_value = round(($months_remaining / $this->get_depreciation()->months) * $this->purchase_cost, 2);

        if($this->get_depreciation()->depreciation_min > $current_value) {

@@ -37,7 +37,7 @@ class Ldap extends Model
    public static function connectToLdap()
    {
        $ldap_host = Setting::getSettings()->ldap_server;
-        $ldap_version = Setting::getSettings()->ldap_version;
+        $ldap_version = Setting::getSettings()->ldap_version ?: 3;
        $ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
        $ldap_use_tls = Setting::getSettings()->ldap_tls;

@@ -275,9 +275,10 @@ class Ldap extends Model
     * @since [v3.0]
     * @param $base_dn
     * @param $count
+     * @param $filter
     * @return array|bool
     */
-    public static function findLdapUsers($base_dn = null, $count = -1)
+    public static function findLdapUsers($base_dn = null, $count = -1, $filter = null)
    {
        $ldapconn = self::connectToLdap();
        self::bindAdminToLdap($ldapconn);
@@ -285,7 +286,9 @@ class Ldap extends Model
        if (is_null($base_dn)) {
            $base_dn = Setting::getSettings()->ldap_basedn;
        }
-        $filter = Setting::getSettings()->ldap_filter;
+        if($filter === null) {
+            $filter = Setting::getSettings()->ldap_filter;
+        }

        // Set up LDAP pagination for very large databases
        $page_size = 500;
@@ -304,14 +307,13 @@ class Ldap extends Model

            // HUGE thanks to this article: https://stackoverflow.com/questions/68275972/how-to-get-paged-ldap-queries-in-php-8-and-read-more-than-1000-entries
            // which helped me wrap my head around paged results!
-            \Log::info("ldap conn is: ".$ldapconn." basedn is: $base_dn, filter is: $filter - count is: $count. page size is: $page_size"); //FIXME - remove
            // if a $count is set and it's smaller than $page_size then use that as the page size
            $ldap_controls = [];
            //if($count == -1) { //count is -1 means we have to employ paging to query the entire directory
                $ldap_controls = [['oid' => LDAP_CONTROL_PAGEDRESULTS, 'iscritical' => false, 'value' => ['size'=> $count == -1||$count>$page_size ? $page_size : $count, 'cookie' => $cookie]]];
            //}
            $search_results = ldap_search($ldapconn, $base_dn, $filter, [], 0, /* $page_size */ -1, -1, LDAP_DEREF_NEVER, $ldap_controls); // TODO - I hate the @, and I hate that we get a full page even if we ask for 10 records. Can we use an ldap_control?
-            \Log::info("did the search run? I guess so if you got here!");
+            \Log::debug("LDAP search executed successfully.");
            if (! $search_results) {
                return redirect()->route('users.index')->with('error', trans('admin/users/message.error.ldap_could_not_search').ldap_error($ldapconn)); // TODO this is never called in any routed context - only from the Artisan command. So this redirect will never work.
            }
@@ -103,6 +103,7 @@ class Location extends SnipeModel
        return $this->hasMany(\App\Models\User::class, 'location_id');
    }

+
    public function assets()
    {
        return $this->hasMany(\App\Models\Asset::class, 'location_id')
@@ -129,6 +130,23 @@ class Location extends SnipeModel
        return $this->hasMany(\App\Models\Asset::class, 'rtd_location_id');
    }

+    public function consumables()
+    {
+        return $this->hasMany(\App\Models\Consumable::class, 'location_id');
+    }
+
+    public function components()
+    {
+        return $this->hasMany(\App\Models\Component::class, 'location_id');
+    }
+
+    public function accessories()
+    {
+        return $this->hasMany(\App\Models\Accessory::class, 'location_id');
+    }
+
+
+
    public function parent()
    {
        return $this->belongsTo(self::class, 'parent_id', 'id')
@@ -42,7 +42,7 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
        );

        $config['validations'][$core.'emails'] = 'nullable|array';         // emails are not required in Snipe-IT...
-        $config['validations'][$core.'emails.*.value'] = 'required|email'; // ...but if you give us one, it better be an email address
+        $config['validations'][$core.'emails.*.value'] = 'email'; // ...(had to remove the recommended 'required' here)

        $mappings['emails'] = [[
            "value" => AttributeMapping::eloquent("email"),
@@ -58,7 +58,7 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig

        //phone
        $config['validations'][$core.'phoneNumbers'] = 'nullable|array';
-        $config['validations'][$core.'phoneNumbers.*.value'] = 'required';
+        $config['validations'][$core.'phoneNumbers.*.value'] = 'string'; // another one where want to say 'we don't _need_ a phone number, but if you have one it better have a value.

        $mappings['phoneNumbers'] = [[
            "value" => AttributeMapping::eloquent("phone"),
@@ -69,10 +69,10 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig

        //address
        $config['validations'][$core.'addresses'] = 'nullable|array';
-        $config['validations'][$core.'addresses.*.streetAddress'] = 'required';
+        $config['validations'][$core.'addresses.*.streetAddress'] = 'string';
        $config['validations'][$core.'addresses.*.locality'] = 'string';
-        $config['validations'][$core.'addresses.*.region'] = 'string';
-        $config['validations'][$core.'addresses.*.postalCode'] = 'string';
+        $config['validations'][$core.'addresses.*.region'] = 'nullable|string';
+        $config['validations'][$core.'addresses.*.postalCode'] = 'nullable|string';
        $config['validations'][$core.'addresses.*.country'] = 'string';

        $mappings['addresses'] = [[
@@ -118,7 +118,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
            'employeeNumber' => AttributeMapping::eloquent('employee_num'),
            'department' =>(new AttributeMapping())->setAdd( // FIXME parent?
                function ($value, &$object) {
-                    \Log::error("Department-Add: $value"); //FIXME
                    $department = Department::where("name", $value)->first();
                    if ($department) {
                        $object->department_id = $department->id;
@@ -126,7 +125,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
                }
                )->setReplace(
                    function ($value, &$object) {
-                        \Log::error("Department-Replace: $value"); //FIXME
                        $department = Department::where("name", $value)->first();
                        if ($department) {
                            $object->department_id = $department->id;
@@ -134,7 +132,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
                    }
                )->setRead(
                    function (&$object) {
-                        \Log::error("Weird department reader firing..."); //FIXME
                        return $object->department ? $object->department->name : null;
                    } 
                ),
@@ -145,7 +142,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
                // NOTE: you could probably do a 'plain' Eloquent mapping here, but we don't for future-proofing
                'value' => (new AttributeMapping())->setAdd(
                    function ($value, &$object) {
-                        \Log::error("Manager-Add: $value"); //FIXME
                        $manager = User::find($value);
                        if ($manager) {
                            $object->manager_id = $manager->id;
@@ -153,7 +149,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
                    }
                    )->setReplace(
                        function ($value, &$object) {
-                            \Log::error("Manager-Replace: $value"); //FIXME
                            $manager = User::find($value);
                            if ($manager) {
                                $object->manager_id = $manager->id;
@@ -161,7 +156,6 @@ class SnipeSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig
                        }
                    )->setRead(
                        function (&$object) {
-                            \Log::error("Weird manager reader firing..."); //FIXME
                            return $object->manager_id;
                        } 
                    ),
@@ -184,7 +184,7 @@ class Supplier extends SnipeModel
     */
    public function addhttp($url)
    {
-        if (! preg_match('~^(?:f|ht)tps?://~i', $url)) {
+        if (($url!='') && (! preg_match('~^(?:f|ht)tps?://~i', $url))) {
            $url = 'http://'.$url;
        }

@@ -561,6 +561,18 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        return false;
    }

+    /**
+     * Get the admin user who created this user
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.0.5]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function createdBy()
+    {
+        return $this->belongsTo(\App\Models\User::class, 'created_by')->withTrashed();
+    }
+
    /**
     * Check whether two-factor authorization is required and the user has activated it
     * and enrolled a device
@@ -685,6 +697,23 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        return $query->leftJoin('departments as departments_users', 'users.department_id', '=', 'departments_users.id')->orderBy('departments_users.name', $order);
    }

+    /**
+     * Query builder scope to order on admin user
+     *
+     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param string                              $order         Order
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderByCreatedBy($query, $order)
+    {
+        // Left join here, or it will only return results with parents
+        return $query->leftJoin('users as admin_user', 'users.created_by', '=', 'admin_user.id')
+            ->orderBy('admin_user.first_name', $order)
+            ->orderBy('admin_user.last_name', $order);
+    }
+
+
    /**
     * Query builder scope to order on company
     *
@@ -18,22 +18,37 @@ class AssetObserver
    public function updating(Asset $asset)
    {
        $attributes = $asset->getAttributes();
-        $attributesOriginal = $asset->getOriginal();
-        
+        $attributesOriginal = $asset->getRawOriginal();
+        $same_checkout_counter = false;
+        $same_checkin_counter = false;
+
+        if (array_key_exists('checkout_counter', $attributes) && array_key_exists('checkout_counter', $attributesOriginal)){
+            $same_checkout_counter = (($attributes['checkout_counter'] == $attributesOriginal['checkout_counter']));
+        }
+
+        if (array_key_exists('checkin_counter', $attributes)  && array_key_exists('checkin_counter', $attributesOriginal)){
+            $same_checkin_counter = (($attributes['checkin_counter'] == $attributesOriginal['checkin_counter']));
+        }
+
        // If the asset isn't being checked out or audited, log the update.
        // (Those other actions already create log entries.)
-          if (($attributes['assigned_to'] == $attributesOriginal['assigned_to'])
+	if (($attributes['assigned_to'] == $attributesOriginal['assigned_to']) 
+	    && ($same_checkout_counter) && ($same_checkin_counter)
            && ((isset( $attributes['next_audit_date']) ? $attributes['next_audit_date'] : null) == (isset($attributesOriginal['next_audit_date']) ? $attributesOriginal['next_audit_date']: null))
-            && ($attributes['last_checkout']   == $attributesOriginal['last_checkout']))
+            && ($attributes['last_checkout'] == $attributesOriginal['last_checkout']))
        {
            $changed = [];

-            foreach ($asset->getOriginal() as $key => $value) {
-                if ($asset->getOriginal()[$key] != $asset->getAttributes()[$key]) {
-                    $changed[$key]['old'] = $asset->getOriginal()[$key];
+            foreach ($asset->getRawOriginal() as $key => $value) {
+                if ($asset->getRawOriginal()[$key] != $asset->getAttributes()[$key]) {
+                    $changed[$key]['old'] = $asset->getRawOriginal()[$key];
                    $changed[$key]['new'] = $asset->getAttributes()[$key];
                }
-            }
+	    }
+
+	    if (empty($changed)){
+	        return;
+	    }

            $logAction = new Actionlog();
            $logAction->item_type = Asset::class;
@@ -248,7 +248,7 @@ class AssetAuditPresenter extends Presenter

        foreach ($fields as $field) {
            $layout[] = [
-                'field' => 'custom_fields.'.$field->convertUnicodeDbSlug(),
+                'field' => 'custom_fields.'.$field->db_column,
                'searchable' => true,
                'sortable' => true,
                'visible' => false,
@@ -263,7 +263,7 @@ class AssetPresenter extends Presenter
        // name can break the listings page. - snipe
        foreach ($fields as $field) {
            $layout[] = [
-                'field' => 'custom_fields.'.$field->convertUnicodeDbSlug(),
+                'field' => 'custom_fields.'.$field->db_column,
                'searchable' => true,
                'sortable' => true,
                'switchable' => true,
@@ -48,13 +48,7 @@ class DepreciationReportPresenter extends Presenter
                "sortable" => true,
                "title" => trans('general.asset_model'),
                "visible" => true,
-            ], [
-                "field" => "model",
-                "searchable" => true,
-                "sortable" => true,
-                "title" => trans('admin/hardware/form.model'),
-                "visible" => true,
-            ], [
+            ],  [
                "field" => "model_number",
                "searchable" => true,
                "sortable" => true,
@@ -90,6 +90,14 @@ class LocationPresenter extends Presenter
                'title' =>  trans('admin/locations/table.address'),
                'visible' => true,
            ],
+            [
+                'field' => 'address2',
+                'searchable' => true,
+                'sortable' => true,
+                'switchable' => true,
+                'title' =>  trans('admin/locations/table.address'),
+                'visible' => false,
+            ],
            [
                'field' => 'city',
                'searchable' => true,
@@ -285,6 +285,14 @@ class UserPresenter extends Presenter
                'visible' => true,
                'formatter' => 'trueFalseFormatter',
            ],
+            [
+                'field' => 'created_by',
+                'searchable' => false,
+                'sortable' => true,
+                'title' => trans('general.created_by'),
+                'visible' => false,
+                'formatter' => 'usersLinkObjFormatter',
+            ],
            [
                'field' => 'created_at',
                'searchable' => true,
@@ -75,12 +75,22 @@ class RouteServiceProvider extends ServiceProvider
    /**
     * Configure the rate limiters for the application.
     *
+     * https://laravel.com/docs/8.x/routing#rate-limiting
+     *
     * @return void
     */
    protected function configureRateLimiting()
    {
+
+        // Rate limiter for API calls
        RateLimiter::for('api', function (Request $request) {
-            return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip());
+            return Limit::perMinute(config('app.api_throttle_per_minute'))->by(optional($request->user())->id ?: $request->ip());
        });
+
+        // Rate limiter for forgotten password requests
+        RateLimiter::for('forgotten_password', function (Request $request) {
+            return Limit::perMinute(config('auth.password_reset.max_attempts_per_min'))->by(optional($request->user())->id ?: $request->ip());
+        });
+
    }
 }
@@ -134,7 +134,7 @@ class Saml
            $this->_auth = new OneLogin_Saml2_Auth($this->_settings);
        } catch (Exception $e) {
            if ( $this->isEnabled() ) { // $this->loadSettings() initializes this to true if SAML is enabled by settings.
-                \Log::error('Trying OneLogin_Saml2_Auth failed. Setting SAML enabled to false. OneLogin_Saml2_Auth error message is: '.  $e->getMessage());
+                \Log::warning('Trying OneLogin_Saml2_Auth failed. Setting SAML enabled to false. OneLogin_Saml2_Auth error message is: '.  $e->getMessage());
            }
            $this->_enabled = false;
        }
@@ -11,10 +11,10 @@
  "license": "AGPL-3.0-or-later",
  "type": "project",
  "repositories": [
-      {
-          "type": "vcs",
-          "url": "https://github.com/grokability/laravel-scim-server"
-      }
+    {
+      "type": "vcs",
+      "url": "https://github.com/grokability/laravel-scim-server"
+    }
  ],
  "require": {
    "php": ">=7.4 <8.3",
@@ -127,4 +127,4 @@
    "discard-changes": true,
    "process-timeout": 3000
  }
-}
+}
@@ -13846,4 +13846,4 @@
    },
    "platform-dev": [],
    "plugin-api-version": "2.0.0"
-}
+}
@@ -430,4 +430,28 @@ return [

    'api_throttle_per_minute' => env('API_THROTTLE_PER_MINUTE', 120),

+
+    /*
+    |--------------------------------------------------------------------------
+    | Allow Web-Based Purge
+    |--------------------------------------------------------------------------
+    |
+    | This sets whether or not to allow superadmins to purge deleted data
+    |
+    */
+
+    'allow_purge' => env('ALLOW_DATA_PURGE', false),
+
+
+    /*
+   |--------------------------------------------------------------------------
+   | Allow Backup Deletion
+   |--------------------------------------------------------------------------
+   |
+   | This sets whether or not to allow superadmins to delete backups
+   |
+   */
+
+    'allow_backup_delete' => env('ALLOW_BACKUP_DELETE', false),
+
 ];
@@ -98,14 +98,27 @@ return [
            'email' => 'auth.emails.password',
            'table' => 'password_resets',
            'expire' => env('RESET_PASSWORD_LINK_EXPIRES', 900),
-            'throttle' => 60,
+            'throttle' => [
                'max_attempts' => env('LOGIN_MAX_ATTEMPTS', 5),
-
                'lockout_duration' => env('LOGIN_LOCKOUT_DURATION', 60),
+            ]

        ],
    ],

+    /*
+    |--------------------------------------------------------------------------
+    | Resetting Password Requests
+    |--------------------------------------------------------------------------
+    | This sets the throttle for forgotten password requests
+    |
+    */
+    'password_reset' => [
+       'max_attempts_per_min' => env('PASSWORD_RESET_MAX_ATTEMPTS_PER_MIN', 50),
+    ],
+
+
+
    /*
    |--------------------------------------------------------------------------
    | Password Confirmation Timeout
@@ -117,6 +130,6 @@ return [
    |
    */

-    'password_timeout' => 10800,
+    'password_timeout' =>  env('PASSWORD_CONFIRM_TIMEOUT', 10800),

 ];
@@ -0,0 +1,248 @@
+<?php
+
+return array(
+
+    /*
+    |--------------------------------------------------------------------------
+    | Settings
+    |--------------------------------------------------------------------------
+    |
+    | Set some default values. It is possible to add all defines that can be set
+    | in dompdf_config.inc.php. You can also override the entire config file.
+    |
+    */
+    'show_warnings' => false,   // Throw an Exception on warnings from dompdf
+    'orientation' => 'portrait',
+    /*
+     * Dejavu Sans font is missing glyphs for converted entities, turn it off if you need to show € and £.
+     */
+    'convert_entities' => false,
+    'defines' => array(
+        /**
+         * The location of the DOMPDF font directory
+         *
+         * The location of the directory where DOMPDF will store fonts and font metrics
+         * Note: This directory must exist and be writable by the webserver process.
+         * *Please note the trailing slash.*
+         *
+         * Notes regarding fonts:
+         * Additional .afm font metrics can be added by executing load_font.php from command line.
+         *
+         * Only the original "Base 14 fonts" are present on all pdf viewers. Additional fonts must
+         * be embedded in the pdf file or the PDF may not display correctly. This can significantly
+         * increase file size unless font subsetting is enabled. Before embedding a font please
+         * review your rights under the font license.
+         *
+         * Any font specification in the source HTML is translated to the closest font available
+         * in the font directory.
+         *
+         * The pdf standard "Base 14 fonts" are:
+         * Courier, Courier-Bold, Courier-BoldOblique, Courier-Oblique,
+         * Helvetica, Helvetica-Bold, Helvetica-BoldOblique, Helvetica-Oblique,
+         * Times-Roman, Times-Bold, Times-BoldItalic, Times-Italic,
+         * Symbol, ZapfDingbats.
+         */
+        "font_dir" => storage_path('fonts'), // advised by dompdf (https://github.com/dompdf/dompdf/pull/782)
+
+        /**
+         * The location of the DOMPDF font cache directory
+         *
+         * This directory contains the cached font metrics for the fonts used by DOMPDF.
+         * This directory can be the same as DOMPDF_FONT_DIR
+         *
+         * Note: This directory must exist and be writable by the webserver process.
+         */
+        "font_cache" => storage_path('fonts'),
+
+        /**
+         * The location of a temporary directory.
+         *
+         * The directory specified must be writeable by the webserver process.
+         * The temporary directory is required to download remote images and when
+         * using the PFDLib back end.
+         */
+        "temp_dir" => sys_get_temp_dir(),
+
+        /**
+         * ==== IMPORTANT ====
+         *
+         * dompdf's "chroot": Prevents dompdf from accessing system files or other
+         * files on the webserver.  All local files opened by dompdf must be in a
+         * subdirectory of this directory.  DO NOT set it to '/' since this could
+         * allow an attacker to use dompdf to read any files on the server.  This
+         * should be an absolute path.
+         * This is only checked on command line call by dompdf.php, but not by
+         * direct class use like:
+         * $dompdf = new DOMPDF();	$dompdf->load_html($htmldata); $dompdf->render(); $pdfdata = $dompdf->output();
+         */
+        "chroot" => realpath(base_path()),
+
+        /**
+         * Whether to enable font subsetting or not.
+         */
+        "enable_font_subsetting" => false,
+
+        /**
+         * The PDF rendering backend to use
+         *
+         * Valid settings are 'PDFLib', 'CPDF' (the bundled R&OS PDF class), 'GD' and
+         * 'auto'. 'auto' will look for PDFLib and use it if found, or if not it will
+         * fall back on CPDF. 'GD' renders PDFs to graphic files. {@link
+         * Canvas_Factory} ultimately determines which rendering class to instantiate
+         * based on this setting.
+         *
+         * Both PDFLib & CPDF rendering backends provide sufficient rendering
+         * capabilities for dompdf, however additional features (e.g. object,
+         * image and font support, etc.) differ between backends.  Please see
+         * {@link PDFLib_Adapter} for more information on the PDFLib backend
+         * and {@link CPDF_Adapter} and lib/class.pdf.php for more information
+         * on CPDF. Also see the documentation for each backend at the links
+         * below.
+         *
+         * The GD rendering backend is a little different than PDFLib and
+         * CPDF. Several features of CPDF and PDFLib are not supported or do
+         * not make any sense when creating image files.  For example,
+         * multiple pages are not supported, nor are PDF 'objects'.  Have a
+         * look at {@link GD_Adapter} for more information.  GD support is
+         * experimental, so use it at your own risk.
+         *
+         * @link http://www.pdflib.com
+         * @link http://www.ros.co.nz/pdf
+         * @link http://www.php.net/image
+         */
+        "pdf_backend" => "CPDF",
+
+        /**
+         * PDFlib license key
+         *
+         * If you are using a licensed, commercial version of PDFlib, specify
+         * your license key here.  If you are using PDFlib-Lite or are evaluating
+         * the commercial version of PDFlib, comment out this setting.
+         *
+         * @link http://www.pdflib.com
+         *
+         * If pdflib present in web server and auto or selected explicitely above,
+         * a real license code must exist!
+         */
+        //"DOMPDF_PDFLIB_LICENSE" => "your license key here",
+
+        /**
+         * html target media view which should be rendered into pdf.
+         * List of types and parsing rules for future extensions:
+         * http://www.w3.org/TR/REC-html40/types.html
+         *   screen, tty, tv, projection, handheld, print, braille, aural, all
+         * Note: aural is deprecated in CSS 2.1 because it is replaced by speech in CSS 3.
+         * Note, even though the generated pdf file is intended for print output,
+         * the desired content might be different (e.g. screen or projection view of html file).
+         * Therefore allow specification of content here.
+         */
+        "default_media_type" => "screen",
+
+        /**
+         * The default paper size.
+         *
+         * North America standard is "letter"; other countries generally "a4"
+         *
+         * @see CPDF_Adapter::PAPER_SIZES for valid sizes ('letter', 'legal', 'A4', etc.)
+         */
+        "default_paper_size" => "a4",
+
+        /**
+         * The default font family
+         *
+         * Used if no suitable fonts can be found. This must exist in the font folder.
+         * @var string
+         */
+        "default_font" => "serif",
+
+        /**
+         * Image DPI setting
+         *
+         * This setting determines the default DPI setting for images and fonts.  The
+         * DPI may be overridden for inline images by explictly setting the
+         * image's width & height style attributes (i.e. if the image's native
+         * width is 600 pixels and you specify the image's width as 72 points,
+         * the image will have a DPI of 600 in the rendered PDF.  The DPI of
+         * background images can not be overridden and is controlled entirely
+         * via this parameter.
+         *
+         * For the purposes of DOMPDF, pixels per inch (PPI) = dots per inch (DPI).
+         * If a size in html is given as px (or without unit as image size),
+         * this tells the corresponding size in pt.
+         * This adjusts the relative sizes to be similar to the rendering of the
+         * html page in a reference browser.
+         *
+         * In pdf, always 1 pt = 1/72 inch
+         *
+         * Rendering resolution of various browsers in px per inch:
+         * Windows Firefox and Internet Explorer:
+         *   SystemControl->Display properties->FontResolution: Default:96, largefonts:120, custom:?
+         * Linux Firefox:
+         *   about:config *resolution: Default:96
+         *   (xorg screen dimension in mm and Desktop font dpi settings are ignored)
+         *
+         * Take care about extra font/image zoom factor of browser.
+         *
+         * In images, <img> size in pixel attribute, img css style, are overriding
+         * the real image dimension in px for rendering.
+         *
+         * @var int
+         */
+        "dpi" => 96,
+
+        /**
+         * Enable inline PHP
+         *
+         * If this setting is set to true then DOMPDF will automatically evaluate
+         * inline PHP contained within <script type="text/php"> ... </script> tags.
+         *
+         * Enabling this for documents you do not trust (e.g. arbitrary remote html
+         * pages) is a security risk.  Set this option to false if you wish to process
+         * untrusted documents.
+         *
+         * @var bool
+         */
+        "enable_php" => false,
+
+        /**
+         * Enable inline Javascript
+         *
+         * If this setting is set to true then DOMPDF will automatically insert
+         * JavaScript code contained within <script type="text/javascript"> ... </script> tags.
+         *
+         * @var bool
+         */
+        "enable_javascript" => true,
+
+        /**
+         * Enable remote file access
+         *
+         * If this setting is set to true, DOMPDF will access remote sites for
+         * images and CSS files as required.
+         * This is required for part of test case www/test/image_variants.html through www/examples.php
+         *
+         * Attention!
+         * This can be a security risk, in particular in combination with DOMPDF_ENABLE_PHP and
+         * allowing remote access to dompdf.php or on allowing remote html code to be passed to
+         * $dompdf = new DOMPDF(, $dompdf->load_html(...,
+         * This allows anonymous users to download legally doubtful internet content which on
+         * tracing back appears to being downloaded by your server, or allows malicious php code
+         * in remote html pages to be executed by your server with your account privileges.
+         *
+         * @var bool
+         */
+        "enable_remote" => true,
+
+        /**
+         * A ratio applied to the fonts height to be more like browsers' line height
+         */
+        "font_height_ratio" => 1.1,
+
+        /**
+         * Use the more-than-experimental HTML5 Lib parser
+         */
+        "enable_html5_parser" => false,
+    ),
+
+
+);
@@ -0,0 +1,158 @@
+<?php
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Class Namespace
+    |--------------------------------------------------------------------------
+    |
+    | This value sets the root namespace for Livewire component classes in
+    | your application. This value affects component auto-discovery and
+    | any Livewire file helper commands, like `artisan make:livewire`.
+    |
+    | After changing this item, run: `php artisan livewire:discover`.
+    |
+    */
+
+    'class_namespace' => 'App\\Http\\Livewire',
+
+    /*
+    |--------------------------------------------------------------------------
+    | View Path
+    |--------------------------------------------------------------------------
+    |
+    | This value sets the path for Livewire component views. This affects
+    | file manipulation helper commands like `artisan make:livewire`.
+    |
+    */
+
+    'view_path' => resource_path('views/livewire'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Layout
+    |--------------------------------------------------------------------------
+    | The default layout view that will be used when rendering a component via
+    | Route::get('/some-endpoint', SomeComponent::class);. In this case the
+    | the view returned by SomeComponent will be wrapped in "layouts.app"
+    |
+    */
+
+    'layout' => 'layouts.app',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Livewire Assets URL
+    |--------------------------------------------------------------------------
+    |
+    | This value sets the path to Livewire JavaScript assets, for cases where
+    | your app's domain root is not the correct path. By default, Livewire
+    | will load its JavaScript assets from the app's "relative root".
+    |
+    | Examples: "/assets", "myurl.com/app".
+    |
+    */
+
+    'asset_url' => env('APP_URL'),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Livewire App URL
+    |--------------------------------------------------------------------------
+    |
+    | This value should be used if livewire assets are served from CDN.
+    | Livewire will communicate with an app through this url.
+    |
+    | Examples: "https://my-app.com", "myurl.com/app".
+    |
+    */
+
+    'app_url' => null,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Livewire Endpoint Middleware Group
+    |--------------------------------------------------------------------------
+    |
+    | This value sets the middleware group that will be applied to the main
+    | Livewire "message" endpoint (the endpoint that gets hit everytime
+    | a Livewire component updates). It is set to "web" by default.
+    |
+    */
+
+    'middleware_group' => 'web',
+
+    /*
+    |--------------------------------------------------------------------------
+    | Livewire Temporary File Uploads Endpoint Configuration
+    |--------------------------------------------------------------------------
+    |
+    | Livewire handles file uploads by storing uploads in a temporary directory
+    | before the file is validated and stored permanently. All file uploads
+    | are directed to a global endpoint for temporary storage. The config
+    | items below are used for customizing the way the endpoint works.
+    |
+    */
+
+    'temporary_file_upload' => [
+        'disk' => env('PRIVATE_FILESYSTEM_DISK', 'local'),       // Example: 'local', 's3'              Default: 'default'
+        'rules' => null,       // Example: ['file', 'mimes:png,jpg']  Default: ['required', 'file', 'max:12288'] (12MB)
+        'directory' => null,   // Example: 'tmp'                      Default  'livewire-tmp'
+        'middleware' => null,  // Example: 'throttle:5,1'             Default: 'throttle:60,1'
+        'preview_mimes' => [   // Supported file types for temporary pre-signed file URLs.
+            'png', 'gif', 'bmp', 'svg', 'wav', 'mp4',
+            'mov', 'avi', 'wmv', 'mp3', 'm4a',
+            'jpg', 'jpeg', 'mpga', 'webp', 'wma',
+        ],
+        'max_upload_time' => 5, // Max duration (in minutes) before an upload gets invalidated.
+    ],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Manifest File Path
+    |--------------------------------------------------------------------------
+    |
+    | This value sets the path to the Livewire manifest file.
+    | The default should work for most cases (which is
+    | "<app_root>/bootstrap/cache/livewire-components.php"), but for specific
+    | cases like when hosting on Laravel Vapor, it could be set to a different value.
+    |
+    | Example: for Laravel Vapor, it would be "/tmp/storage/bootstrap/cache/livewire-components.php".
+    |
+    */
+
+    'manifest_path' => null,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Back Button Cache
+    |--------------------------------------------------------------------------
+    |
+    | This value determines whether the back button cache will be used on pages
+    | that contain Livewire. By disabling back button cache, it ensures that
+    | the back button shows the correct state of components, instead of
+    | potentially stale, cached data.
+    |
+    | Setting it to "false" (default) will disable back button cache.
+    |
+    */
+
+    'back_button_cache' => false,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Render On Redirect
+    |--------------------------------------------------------------------------
+    |
+    | This value determines whether Livewire will render before it's redirected
+    | or not. Setting it to "false" (default) will mean the render method is
+    | skipped when redirecting. And "true" will mean the render method is
+    | run before redirecting. Browsers bfcache can store a potentially
+    | stale view if render is skipped on redirect.
+    |
+    */
+
+    'render_on_redirect' => false,
+
+];
@@ -1,10 +1,10 @@
 <?php
 return array (
-  'app_version' => 'v6.0.2',
-  'full_app_version' => 'v6.0.2 - build 7880-g43c5b412c',
-  'build_version' => '7880',
+  'app_version' => 'v6.0.7',
+  'full_app_version' => 'v6.0.7 - build 8351-gacc2e12f1',
+  'build_version' => '8351',
  'prerelease_version' => '',
-  'hash_version' => 'g43c5b412c',
-  'full_hash' => 'v6.0.2-128-g43c5b412c',
+  'hash_version' => 'gacc2e12f1',
+  'full_hash' => 'v6.0.7-42-gacc2e12f1',
  'branch' => 'master',
-);
+);
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddUserIdToUsers extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->integer('created_by')->after('activated')->nullable()->default(null);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            if (Schema::hasColumn('users', 'created_by')) {
+                $table->dropColumn('created_by');
+            }
+        });
+    }
+}
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddUsernameIndexToUsers extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->index(['username', 'deleted_at']);
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('users', function (Blueprint $table) {
+            $table->dropIndex(['username','deleted_at']);
+        });
+    }
+}
@@ -1,50 +0,0 @@
-<!DOCTYPE html>
-<html>
-    <head>
-      <title>
-         Snipe-IT Setup
-      </title>
-
-        <style>
-          td, th {
-            font-size: 14px;
-          }
-
-          .preflight-success {
-            color: green;
-          }
-
-          .preflight-error {
-            color: red;
-          }
-
-          .preflight-warning {
-            color: orange;
-          }
-
-          .page-header {
-            font-size: 280%;
-          }
-
-          h3 {
-            font-size: 250%;
-          }
-
-          .alert {
-            font-size: 16px;
-          }
-
-        </style>
-
-    </head>
-    <body>
-          <div class="container">
-              <div class="row">
-                  <div class="col-lg-11 col-lg-offset-1">
-                        <h1>D'oh. If you're seeing this, your DocumentRoot is set incorrectly. It should be set to the <code>public</code> directory.
-                  </div>
-              </div>
-          </div>
-
-    </body>
-</html>
@@ -14,10 +14,10 @@
    },
    "devDependencies": {
        "@fortawesome/fontawesome-free": "^5.15.4",
-        "axios": "^0.20.0",
+        "axios": "^0.27.2",
        "babel-preset-latest": "^6.24.1",
        "jquery": "<3.6.0",
-        "laravel-mix": "^6.0.39",
+        "laravel-mix": "^6.0.49",
        "lodash": "^4.17.20",
        "postcss": "^8.4.5",
        "vue": "2.4.4",
@@ -34,7 +34,7 @@
        "bootstrap-colorpicker": "^2.5.3",
        "bootstrap-datepicker": "^1.9.0",
        "bootstrap-less": "^3.3.8",
-        "bootstrap-table": "1.20.0",
+        "bootstrap-table": "1.20.2",
        "chart.js": "^2.9.4",
        "css-loader": "^3.6.0",
        "ekko-lightbox": "^5.1.1",
@@ -46,7 +46,7 @@
        "jquery-ui": "^1.13.1",
        "jquery-ui-bundle": "^1.12.1",
        "jquery.iframe-transport": "^1.0.0",
-        "jspdf-autotable": "^3.5.23",
+        "jspdf-autotable": "^3.5.24",
        "less": "^4.1.2",
        "less-loader": "^5.0.0",
        "list.js": "^1.5.0",
@@ -56,6 +56,6 @@
        "tableexport.jquery.plugin": "1.26.0",
        "tether": "^1.4.0",
        "vue-resource": "^1.5.2",
-        "webpack": "^5.72.0"
+        "webpack": "^5.73.0"
    }
 }
@@ -1 +1,135 @@
-#signature-pad{padding-top:250px;margin:auto}.m-signature-pad{position:relative;font-size:10px;width:100%;height:300px;border:1px solid #e8e8e8;background-color:#fff;box-shadow:0 1px 4px rgba(0,0,0,.27),0 0 40px rgba(0,0,0,.08) inset;border-radius:4px}.m-signature-pad:after,.m-signature-pad:before{position:absolute;z-index:-1;content:"";width:40%;height:10px;left:20px;bottom:10px;background:0 0;-webkit-transform:skew(-3deg) rotate(-3deg);-moz-transform:skew(-3deg) rotate(-3deg);-ms-transform:skew(-3deg) rotate(-3deg);-o-transform:skew(-3deg) rotate(-3deg);transform:skew(-3deg) rotate(-3deg);box-shadow:0 8px 12px rgba(0,0,0,.4)}.m-signature-pad:after{left:auto;right:20px;-webkit-transform:skew(3deg) rotate(3deg);-moz-transform:skew(3deg) rotate(3deg);-ms-transform:skew(3deg) rotate(3deg);-o-transform:skew(3deg) rotate(3deg);transform:skew(3deg) rotate(3deg)}.m-signature-pad--body{position:absolute;top:20px;bottom:60px;border:1px solid #f4f4f4;background-color:#fff}.m-signature-pad--body canvas{position:absolute;left:0;top:0;width:100%;height:100%;border-radius:4px;box-shadow:0 0 5px rgba(0,0,0,.02) inset}.m-signature-pad--footer{position:absolute;left:20px;right:20px;bottom:20px;height:40px}.m-signature-pad--footer .description{color:#c3c3c3;text-align:center;font-size:1.2em;margin-top:1.8em}.m-signature-pad--footer .button{position:absolute;bottom:0}.m-signature-pad--footer .button.clear{left:0}.m-signature-pad--footer .button.save{right:0}@media screen and (max-width:1024px){.m-signature-pad{top:0;left:0;right:0;bottom:0;width:auto;height:auto;min-width:250px;min-height:140px;margin:5%}}@media screen and (min-device-width:768px) and (max-device-width:1024px){.m-signature-pad{margin:10%}}@media screen and (max-height:320px){.m-signature-pad--body{left:0;right:0;top:0;bottom:32px}.m-signature-pad--footer{left:20px;right:20px;bottom:4px;height:28px}.m-signature-pad--footer .description{font-size:1em;margin-top:1em}}
+
+#signature-pad {
+  padding-top: 250px;
+  margin: auto;
+}
+.m-signature-pad {
+
+  position: relative;
+  font-size: 10px;
+  width: 100%;
+  height: 300px;
+  border: 1px solid #e8e8e8;
+  background-color: #fff;
+  box-shadow: 0 1px 4px rgba(0, 0, 0, 0.27), 0 0 40px rgba(0, 0, 0, 0.08) inset;
+  border-radius: 4px;
+}
+
+.m-signature-pad:before, .m-signature-pad:after {
+	position: absolute;
+  z-index: -1;
+  content: "";
+	width: 40%;
+	height: 10px;
+	left: 20px;
+	bottom: 10px;
+	background: transparent;
+	-webkit-transform: skew(-3deg) rotate(-3deg);
+	-moz-transform: skew(-3deg) rotate(-3deg);
+	-ms-transform: skew(-3deg) rotate(-3deg);
+	-o-transform: skew(-3deg) rotate(-3deg);
+	transform: skew(-3deg) rotate(-3deg);
+	box-shadow: 0 8px 12px rgba(0, 0, 0, 0.4);
+}
+
+.m-signature-pad:after {
+	left: auto;
+	right: 20px;
+	-webkit-transform: skew(3deg) rotate(3deg);
+	-moz-transform: skew(3deg) rotate(3deg);
+	-ms-transform: skew(3deg) rotate(3deg);
+	-o-transform: skew(3deg) rotate(3deg);
+	transform: skew(3deg) rotate(3deg);
+}
+
+.m-signature-pad--body {
+  position: absolute;
+  top: 20px;
+  bottom: 60px;
+  border: 1px solid #f4f4f4;
+  background-color: white;
+}
+
+.m-signature-pad--body
+  canvas {
+    position: absolute;
+    left: 0;
+    top: 0;
+    width: 100%;
+    height: 100%;
+    border-radius: 4px;
+    box-shadow: 0 0 5px rgba(0, 0, 0, 0.02) inset;
+  }
+
+.m-signature-pad--footer {
+  position: absolute;
+  left: 20px;
+  right: 20px;
+  bottom: 20px;
+  height: 40px;
+}
+
+.m-signature-pad--footer
+  .description {
+    color: #C3C3C3;
+    text-align: center;
+    font-size: 1.2em;
+    margin-top: 1.8em;
+  }
+
+.m-signature-pad--footer
+  .button {
+    position: absolute;
+    bottom: 0;
+  }
+
+.m-signature-pad--footer
+  .button.clear {
+    left: 0;
+  }
+
+.m-signature-pad--footer
+  .button.save {
+    right: 0;
+  }
+
+@media screen and (max-width: 1024px) {
+  .m-signature-pad {
+    top: 0;
+    left: 0;
+    right: 0;
+    bottom: 0;
+    width: auto;
+    height: auto;
+    min-width: 250px;
+    min-height: 140px;
+    margin: 5%;
+  }
+
+}
+
+@media screen and (min-device-width: 768px) and (max-device-width: 1024px) {
+  .m-signature-pad {
+    margin: 10%;
+  }
+}
+
+@media screen and (max-height: 320px) {
+  .m-signature-pad--body {
+    left: 0;
+    right: 0;
+    top: 0;
+    bottom: 32px;
+  }
+  .m-signature-pad--footer {
+    left: 20px;
+    right: 20px;
+    bottom: 4px;
+    height: 28px;
+  }
+  .m-signature-pad--footer
+    .description {
+      font-size: 1em;
+      margin-top: 1em;
+    }
+}
@@ -1 +1 @@
-.skin-black .main-header .navbar{background-color:#111}.skin-black .main-header .navbar .nav>li>a{color:#fff}.skin-black .main-header .navbar .nav .open>a,.skin-black .main-header .navbar .nav .open>a:focus,.skin-black .main-header .navbar .nav .open>a:hover,.skin-black .main-header .navbar .nav>.active>a,.skin-black .main-header .navbar .nav>li>a:active,.skin-black .main-header .navbar .nav>li>a:focus,.skin-black .main-header .navbar .nav>li>a:hover,.skin-black .main-header .navbar .sidebar-toggle:hover{background:rgba(0,0,0,.1);color:#f6f6f6}.skin-black .main-header .navbar .sidebar-toggle{color:#fff}.skin-black .main-header .navbar .sidebar-toggle:hover{background-color:#040404}@media (max-width:767px){.skin-black .main-header .navbar .dropdown-menu li.divider{background-color:hsla(0,0%,100%,.1)}.skin-black .main-header .navbar .dropdown-menu li a{color:#333}.skin-black .main-header .navbar .dropdown-menu li a:hover{background:#040404}}.skin-black .main-header li.user-header{background-color:#111}.skin-black .content-header{background:transparent}.skin-black .left-side,.skin-black .main-sidebar,.skin-black .wrapper{background-color:#222d32}.skin-black .user-panel>.info,.skin-black .user-panel>.info>a{color:#fff}.skin-black .sidebar-menu>li.header{background:#1a2226;color:#4b646f}.skin-black .sidebar-menu>li>a{border-left:3px solid transparent}.skin-black .sidebar-menu>li.active>a,.skin-black .sidebar-menu>li:hover>a{background:#1e282c;border-left-color:#111;color:#fff}.skin-black .sidebar-menu>li>.treeview-menu{background:#2c3b41;margin:0 1px}.skin-black .sidebar a{color:#b8c7ce}.skin-black .sidebar a:hover{text-decoration:none}.skin-black .treeview-menu>li>a{color:#8aa4af}.skin-black .treeview-menu>li.active>a,.skin-black .treeview-menu>li>a:hover{color:#fff}.skin-black .sidebar-form{border:1px solid #374850;border-radius:3px;margin:10px}.skin-black .sidebar-form .btn,.skin-black .sidebar-form input[type=text]{background-color:#374850;border:1px solid transparent;box-shadow:none;height:35px;transition:all .3s ease-in-out}.skin-black .sidebar-form input[type=text]{border-bottom-left-radius:2px;border-bottom-right-radius:0;border-top-left-radius:2px;border-top-right-radius:0;color:#666}.skin-black .sidebar-form input[type=text]:focus,.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black .sidebar-form .btn{border-bottom-left-radius:0;border-bottom-right-radius:2px;border-top-left-radius:0;border-top-right-radius:2px;color:#999}.skin-black.layout-top-nav .main-header>.logo .logo-variant{background-color:none}.btn,.btn:hover{text-decoration:none}.btn.btn-primary,.btn .btn-primary:link,.btn:hover.btn-primary,.btn:hover .btn-primary:link{background-color:#505156;border-color:#b5bbc8;color:#fff}.btn:hovera.btn-primary:hover,.btna.btn-primary:hover{background-color:#111;border-color:#1f1f21;color:#fff}.btn.btn-white:hover,.btn.btn-white:link,.btn.btn-white:visited,.btn:hover.btn-white:hover,.btn:hover.btn-white:link,.btn:hover.btn-white:visited{color:#fff}a{color:#111;text-decoration:underline}a:hover{color:#000}a:visited{color:#111}.text-primary{color:#000}:root{--button-default:#000;--button-primary:#000;--button-hover:#000;--header:#111;--text-main:#bbb;--text-sub:#9b9b9b;--link:#aaa;--visited-link:#777;--hover-link:#848484;--nav-link:#fff;--light-link:#fff}a:link{color:var(--link)}a:visited{color:var(--visited-link)}.skin-black .main-header .navbar .nav>li>a{text-decoration:none}.select2-container--default .select2-selection--multiple .select2-selection__choice{background-color:#111}.search-highlight,.search-highlight:hover{background-color:#e9d15b}
+.skin-black .main-header .navbar{background-color:#111}.skin-black .main-header .navbar .nav>li>a{color:#fff}.skin-black .main-header .navbar .nav .open>a,.skin-black .main-header .navbar .nav .open>a:focus,.skin-black .main-header .navbar .nav .open>a:hover,.skin-black .main-header .navbar .nav>.active>a,.skin-black .main-header .navbar .nav>li>a:active,.skin-black .main-header .navbar .nav>li>a:focus,.skin-black .main-header .navbar .nav>li>a:hover,.skin-black .main-header .navbar .sidebar-toggle:hover{background:rgba(0,0,0,.1);color:#f6f6f6}.skin-black .main-header .navbar .sidebar-toggle{color:#fff}.skin-black .main-header .navbar .sidebar-toggle:hover{background-color:#040404}@media (max-width:767px){.skin-black .main-header .navbar .dropdown-menu li.divider{background-color:hsla(0,0%,100%,.1)}.skin-black .main-header .navbar .dropdown-menu li a{color:#333}.skin-black .main-header .navbar .dropdown-menu li a:hover{background:#040404}}.skin-black .main-header li.user-header{background-color:#111}.skin-black .content-header{background:transparent}.skin-black .left-side,.skin-black .main-sidebar,.skin-black .wrapper{background-color:#222d32}.skin-black .user-panel>.info,.skin-black .user-panel>.info>a{color:#fff}.skin-black .sidebar-menu>li.header{background:#1a2226;color:#4b646f}.skin-black .sidebar-menu>li>a{border-left:3px solid transparent}.skin-black .sidebar-menu>li.active>a,.skin-black .sidebar-menu>li:hover>a{background:#1e282c;border-left-color:#111;color:#fff}.skin-black .sidebar-menu>li>.treeview-menu{background:#2c3b41;margin:0 1px}.skin-black .sidebar a{color:#b8c7ce}.skin-black .sidebar a:hover{text-decoration:none}.skin-black .treeview-menu>li>a{color:#8aa4af}.skin-black .treeview-menu>li.active>a,.skin-black .treeview-menu>li>a:hover{color:#fff}.skin-black .sidebar-form{border:1px solid #374850;border-radius:3px;margin:10px}.skin-black .sidebar-form .btn,.skin-black .sidebar-form input[type=text]{background-color:#374850;border:1px solid transparent;box-shadow:none;height:35px;transition:all .3s ease-in-out}.skin-black .sidebar-form input[type=text]{border-bottom-left-radius:2px;border-bottom-right-radius:0;border-top-left-radius:2px;border-top-right-radius:0;color:#666}.skin-black .sidebar-form input[type=text]:focus,.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black .sidebar-form .btn{border-bottom-left-radius:0;border-bottom-right-radius:2px;border-top-left-radius:0;border-top-right-radius:2px;color:#999}.skin-black.layout-top-nav .main-header>.logo .logo-variant{background-color:none}.btn,.btn:hover{color:#000}.btn .btn-primary:link,.btn.btn-primary,.btn:hover .btn-primary:link,.btn:hover.btn-primary{background-color:#505156;border-color:#fff;color:#fff}.btn:hovera.btn-primary:hover,.btna.btn-primary:hover{background-color:#111;border-color:#1f1f21;color:#fff}.btn.btn-white:hover,.btn.btn-white:link,.btn.btn-white:visited,.btn:hover.btn-white:hover,.btn:hover.btn-white:link,.btn:hover.btn-white:visited{color:#fff}a{color:var(--link)}a:hover{color:var(--hover-link)}a:visited{color:var(--visited-link)}.text-primary{color:#000}:root{--button-default:#000;--button-primary:#000;--button-hover:#000;--header:#111;--text-main:#bbb;--text-sub:#9b9b9b;--link:#black;--visited-link:#111;--hover-link:#999;--nav-link:#fff;--light-link:#fff}.btn-danger.btn-sm.disabled,a.btn-danger:link,a.btn-danger:visited,a.btn-info:link,a.btn-info:visited,a.btn-warning:link,a.btn-warning:visited{color:#fff}.sidebar-toggle-mobile{color:#fff!important}.skin-black .main-header .navbar .nav>li>a{text-decoration:none}.select2-container--default .select2-selection--multiple .select2-selection__choice{background-color:#111}.search-highlight,.search-highlight:hover{background-color:#e9d15b}
@@ -1 +1 @@
-.skin-black .main-header .navbar{background-color:#111}.skin-black .main-header .navbar .nav>li>a{color:#fff}.skin-black .main-header .navbar .nav .open>a,.skin-black .main-header .navbar .nav .open>a:focus,.skin-black .main-header .navbar .nav .open>a:hover,.skin-black .main-header .navbar .nav>.active>a,.skin-black .main-header .navbar .nav>li>a:active,.skin-black .main-header .navbar .nav>li>a:focus,.skin-black .main-header .navbar .nav>li>a:hover,.skin-black .main-header .navbar .sidebar-toggle:hover{background:rgba(0,0,0,.1);color:#f6f6f6}.skin-black .main-header .navbar .sidebar-toggle{color:#fff}.skin-black .main-header .navbar .sidebar-toggle:hover{background-color:#040404}@media (max-width:767px){.skin-black .main-header .navbar .dropdown-menu li.divider{background-color:hsla(0,0%,100%,.1)}.skin-black .main-header .navbar .dropdown-menu li a{color:#333}.skin-black .main-header .navbar .dropdown-menu li a:hover{background:#040404}}.skin-black .main-header li.user-header{background-color:#111}.skin-black .content-header{background:0 0}.skin-black .left-side,.skin-black .main-sidebar,.skin-black .wrapper{background-color:#222d32}.skin-black .user-panel>.info,.skin-black .user-panel>.info>a{color:#fff}.skin-black .sidebar-menu>li.header{background:#1a2226;color:#4b646f}.skin-black .sidebar-menu>li>a{border-left:3px solid transparent}.skin-black .sidebar-menu>li.active>a,.skin-black .sidebar-menu>li:hover>a{background:#1e282c;border-left-color:#111;color:#fff}.skin-black .sidebar-menu>li>.treeview-menu{background:#2c3b41;margin:0 1px}.skin-black .sidebar a{color:#b8c7ce}.skin-black .sidebar a:hover{text-decoration:none}.skin-black .treeview-menu>li>a{color:#8aa4af}.skin-black .treeview-menu>li.active>a,.skin-black .treeview-menu>li>a:hover{color:#fff}.skin-black .sidebar-form{border:1px solid #374850;border-radius:3px;margin:10px}.skin-black .sidebar-form .btn,.skin-black .sidebar-form input[type=text]{background-color:#374850;border:1px solid transparent;box-shadow:none;height:35px;transition:all .3s ease-in-out}.skin-black .sidebar-form input[type=text]{border-bottom-left-radius:2px;border-bottom-right-radius:0;border-top-left-radius:2px;border-top-right-radius:0;color:#666}.skin-black .sidebar-form input[type=text]:focus,.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black .sidebar-form .btn{border-bottom-left-radius:0;border-bottom-right-radius:2px;border-top-left-radius:0;border-top-right-radius:2px;color:#999}.skin-black.layout-top-nav .main-header>.logo .logo-variant{background-color:none}.btn,.btn:hover{text-decoration:none}.btn .btn-primary:link,.btn.btn-primary,.btn:hover .btn-primary:link,.btn:hover.btn-primary{background-color:#505156;border-color:#b5bbc8;color:#fff}.btn:hovera.btn-primary:hover,.btna.btn-primary:hover{background-color:#111;border-color:#1f1f21;color:#fff}.btn.btn-white:hover,.btn.btn-white:link,.btn.btn-white:visited,.btn:hover.btn-white:hover,.btn:hover.btn-white:link,.btn:hover.btn-white:visited{color:#fff}a{color:#111;text-decoration:underline}a:hover{color:#000}a:visited{color:#111}.text-primary{color:#000}:root{--button-default:#000;--button-primary:#000;--button-hover:#000;--header:#111;--text-main:#bbb;--text-sub:#9b9b9b;--link:#aaa;--visited-link:#777;--hover-link:#848484;--nav-link:#fff;--light-link:#fff}a:link{color:var(--link)}a:visited{color:var(--visited-link)}.skin-black .main-header .navbar .nav>li>a{text-decoration:none}.select2-container--default .select2-selection--multiple .select2-selection__choice{background-color:#111}.search-highlight,.search-highlight:hover{background-color:#e9d15b}
+.skin-black .main-header .navbar{background-color:#111}.skin-black .main-header .navbar .nav>li>a{color:#fff}.skin-black .main-header .navbar .nav .open>a,.skin-black .main-header .navbar .nav .open>a:focus,.skin-black .main-header .navbar .nav .open>a:hover,.skin-black .main-header .navbar .nav>.active>a,.skin-black .main-header .navbar .nav>li>a:active,.skin-black .main-header .navbar .nav>li>a:focus,.skin-black .main-header .navbar .nav>li>a:hover,.skin-black .main-header .navbar .sidebar-toggle:hover{background:rgba(0,0,0,.1);color:#f6f6f6}.skin-black .main-header .navbar .sidebar-toggle{color:#fff}.skin-black .main-header .navbar .sidebar-toggle:hover{background-color:#040404}@media (max-width:767px){.skin-black .main-header .navbar .dropdown-menu li.divider{background-color:hsla(0,0%,100%,.1)}.skin-black .main-header .navbar .dropdown-menu li a{color:#333}.skin-black .main-header .navbar .dropdown-menu li a:hover{background:#040404}}.skin-black .main-header li.user-header{background-color:#111}.skin-black .content-header{background:0 0}.skin-black .left-side,.skin-black .main-sidebar,.skin-black .wrapper{background-color:#222d32}.skin-black .user-panel>.info,.skin-black .user-panel>.info>a{color:#fff}.skin-black .sidebar-menu>li.header{background:#1a2226;color:#4b646f}.skin-black .sidebar-menu>li>a{border-left:3px solid transparent}.skin-black .sidebar-menu>li.active>a,.skin-black .sidebar-menu>li:hover>a{background:#1e282c;border-left-color:#111;color:#fff}.skin-black .sidebar-menu>li>.treeview-menu{background:#2c3b41;margin:0 1px}.skin-black .sidebar a{color:#b8c7ce}.skin-black .sidebar a:hover{text-decoration:none}.skin-black .treeview-menu>li>a{color:#8aa4af}.skin-black .treeview-menu>li.active>a,.skin-black .treeview-menu>li>a:hover{color:#fff}.skin-black .sidebar-form{border:1px solid #374850;border-radius:3px;margin:10px}.skin-black .sidebar-form .btn,.skin-black .sidebar-form input[type=text]{background-color:#374850;border:1px solid transparent;box-shadow:none;height:35px;transition:all .3s ease-in-out}.skin-black .sidebar-form input[type=text]{border-bottom-left-radius:2px;border-bottom-right-radius:0;border-top-left-radius:2px;border-top-right-radius:0;color:#666}.skin-black .sidebar-form input[type=text]:focus,.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{background-color:#fff;color:#666}.skin-black .sidebar-form input[type=text]:focus+.input-group-btn .btn{border-left-color:#fff}.skin-black .sidebar-form .btn{border-bottom-left-radius:0;border-bottom-right-radius:2px;border-top-left-radius:0;border-top-right-radius:2px;color:#999}.skin-black.layout-top-nav .main-header>.logo .logo-variant{background-color:none}.btn,.btn:hover{color:#000}.btn .btn-primary:link,.btn.btn-primary,.btn:hover .btn-primary:link,.btn:hover.btn-primary{background-color:#505156;border-color:#fff;color:#fff}.btn:hovera.btn-primary:hover,.btna.btn-primary:hover{background-color:#111;border-color:#1f1f21;color:#fff}.btn.btn-white:hover,.btn.btn-white:link,.btn.btn-white:visited,.btn:hover.btn-white:hover,.btn:hover.btn-white:link,.btn:hover.btn-white:visited{color:#fff}a{color:var(--link)}a:hover{color:var(--hover-link)}a:visited{color:var(--visited-link)}.text-primary{color:#000}:root{--button-default:#000;--button-primary:#000;--button-hover:#000;--header:#111;--text-main:#bbb;--text-sub:#9b9b9b;--link:#black;--visited-link:#111;--hover-link:#999;--nav-link:#fff;--light-link:#fff}.btn-danger.btn-sm.disabled,a.btn-danger:link,a.btn-danger:visited,a.btn-info:link,a.btn-info:visited,a.btn-warning:link,a.btn-warning:visited{color:#fff}.sidebar-toggle-mobile{color:#fff!important}.skin-black .main-header .navbar .nav>li>a{text-decoration:none}.select2-container--default .select2-selection--multiple .select2-selection__choice{background-color:#111}.search-highlight,.search-highlight:hover{background-color:#e9d15b}
--- a/Show More
+++ b/Show More