Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # config/version.php
Bumped version
2024-03-29 13:20:22 +00:00 · 2024-03-29 13:19:22 +00:00 · 2024-03-29 12:49:22 +00:00 · 2024-03-29 12:47:43 +00:00 · 2024-03-28 21:59:36 +00:00 · 2024-03-28 21:58:58 +00:00
990 changed files with 16727 additions and 9718 deletions
@@ -86,6 +86,7 @@ COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=15
 BS_TABLE_STORAGE=cookieStorage
+BS_TABLE_DEEPLINK=true

 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
@@ -36,7 +36,7 @@ jobs:

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        uses: codacy/codacy-analysis-cli-action@v4.4.0
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
@@ -1,4 +1,4 @@
-FROM alpine:3.18.5
+FROM alpine:3.18.6
 # Apache + PHP
 RUN  apk add --no-cache \
        apache2 \
@@ -29,6 +29,7 @@ RUN  apk add --no-cache \
        php81-sodium \
        php81-redis \
        php81-pecl-memcached \
+        php81-exif \
        curl \
        wget \
        vim \
@@ -1,7 +1,7 @@
 ![snipe-it-by-grok](https://github.com/snipe/snipe-it/assets/197404/b515673b-c7c8-4d9a-80f5-9fa58829a602)

 [![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
-[![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributors) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)
+[![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributing) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)

 ## Snipe-IT - Open Source Asset Management System

@@ -11,7 +11,8 @@ It is built on [Laravel 8](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

-__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
+> [!TIP]
+> __This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.

 -----

@@ -21,7 +22,7 @@ For instructions on installing and configuring Snipe-IT on your server, check ou

 If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.

-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
+<!-- [![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy) -->

 -----
 ### User's Manual
@@ -32,8 +33,9 @@ For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.i

 Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open *and* closed) to see if your question has already been answered before opening a new issue.

-**PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
-
+> [!IMPORTANT]  
+> **PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
+> 
 -----

 ### Upgrading
@@ -57,6 +59,9 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran

 Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  

+> [!NOTE]  
+> As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)
+
 - [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
@@ -73,8 +78,6 @@ Since the release of the JSON REST API, several third-party developers have been
 - [UniFi to Snipe-IT](https://github.com/RodneyLeeBrands/UnifiSnipeSync) by [@karpadiem](https://github.com/karpadiem) - Python script that synchronizes UniFi devices with Snipe-IT.
 - [Kandji2Snipe](https://github.com/grokability/kandji2snipe) by [@briangoldstein](https://github.com/briangoldstein) - Python script that synchronizes Kandji with Snipe-IT.
 - [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by @ReticentRobot - Windows agent for Snipe-IT
-                                                     
-As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)

 -----

@@ -92,4 +95,5 @@ The ERD is available [online here](https://drawsql.app/templates/snipe-it).

 ### Security

-To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 
+> [!IMPORTANT]
+> **To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker.**
@@ -45,8 +45,21 @@ DB_PASSWORD={}

 Now you are ready to run the entire test suite from your terminal:

-`php artisan test`
+```shell
+php artisan test
+````

 To run individual test files, you can pass the path to the test that you want to run:

-`php artisan test tests/Unit/AccessoryTest.php`
+```shell
+php artisan test tests/Unit/AccessoryTest.php
+```
+
+Some tests, like ones concerning LDAP, are marked with the `@group` annotation. Those groups can be run, or excluded, using the `--group` or `--exclude-group` flags:
+
+```shell
+php artisan test --group=ldap
+
+php artisan test --exclude-group=ldap
+```
+This can be helpful if a set of tests are failing because you don't have an extension, like LDAP, installed.
@@ -5,6 +5,151 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use ZipArchive;

+class SQLStreamer {
+    private $input;
+    private $output;
+    // embed the prefix here?
+    public ?string $prefix;
+
+    private bool $reading_beginning_of_line = true;
+
+    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
+
+    public array $tablenames = [];
+    private bool $should_guess = false;
+    private bool $statement_is_permitted = false;
+
+    public function __construct($input, $output, string $prefix = null)
+    {
+        $this->input = $input;
+        $this->output = $output;
+        $this->prefix = $prefix;
+    }
+
+    public function parse_sql(string $line): string {
+        // take into account the 'start of line or not' setting as an instance variable?
+        // 'continuation' lines for a permitted statement are PERMITTED.
+        if($this->statement_is_permitted && $line[0] === ' ') {
+            return $line;
+        }
+
+        $table_regex = '`?([a-zA-Z0-9_]+)`?';
+        $allowed_statements = [
+            "/^(DROP TABLE (?:IF EXISTS )?)`$table_regex(.*)$/" => false,
+            "/^(CREATE TABLE )$table_regex(.*)$/" => true, //sets up 'continuation'
+            "/^(LOCK TABLES )$table_regex(.*)$/" => false,
+            "/^(INSERT INTO )$table_regex(.*)$/" => false,
+            "/^UNLOCK TABLES/" => false,
+            // "/^\\) ENGINE=InnoDB AUTO_INCREMENT=16 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;/" => false, // FIXME not sure what to do here?
+            "/^\\)[a-zA-Z0-9_= ]*;$/" => false
+            // ^^^^^^ that bit should *exit* the 'perimitted' black
+        ];
+
+        foreach($allowed_statements as $statement => $statechange) {
+//            $this->info("Checking regex: $statement...\n");
+            $matches = [];
+            if (preg_match($statement,$line,$matches)) {
+                $this->statement_is_permitted = $statechange;
+                // matches are: 1 => first part of the statement, 2 => tablename, 3 => rest of statement
+                // (with of course 0 being "the whole match")
+                if (@$matches[2]) {
+//                    print "Found a tablename! It's: ".$matches[2]."\n";
+                    if ($this->should_guess) {
+                        @$this->tablenames[$matches[2]] += 1;
+                        continue; //oh? FIXME
+                    } else {
+                        $cleaned_tablename = \DB::getTablePrefix().preg_replace('/^'.$this->prefix.'/','',$matches[2]);
+                        $line = preg_replace($statement,'$1`'.$cleaned_tablename.'`$3' , $line);
+                    }
+                } else {
+                    // no explicit tablename in this one, leave the line alone
+                }
+                //how do we *replace* the tablename?
+//                print "RETURNING LINE: $line";
+                return $line;
+            }
+        }
+        // all that is not allowed is denied.
+        return "";
+    }
+
+    //this is used in exactly *TWO* places, and in both cases should return a prefix I think?
+    // first - if you do the --sanitize-only one (which is mostly for testing/development)
+    // next - when you run *without* a guessed prefix, this is run first to figure out the prefix
+    // I think we have to *duplicate* the call to be able to run it again?
+    public static function guess_prefix($input):string
+    {
+        $parser = new self($input, null);
+        $parser->should_guess = true;
+        $parser->line_aware_piping(); // <----- THIS is doing the heavy lifting!
+
+        $check_tables = ['settings' => null, 'migrations' => null /* 'assets' => null */]; //TODO - move to statics?
+        //can't use 'users' because the 'accessories_users' table?
+        // can't use 'assets' because 'ver1_components_assets'
+        foreach($check_tables as $check_table => $_ignore) {
+            foreach ($parser->tablenames as $tablename => $_count) {
+//                print "Comparing $tablename to $check_table\n";
+                if (str_ends_with($tablename,$check_table)) {
+//                    print "Found one!\n";
+                    $check_tables[$check_table] = substr($tablename,0,-strlen($check_table));
+                }
+            }
+        }
+        $guessed_prefix = null;
+        foreach ($check_tables as $clean_table => $prefix_guess) {
+            if(is_null($prefix_guess)) {
+                print("Couldn't find table $clean_table\n");
+                die();
+            }
+            if(is_null($guessed_prefix)) {
+                $guessed_prefix = $prefix_guess;
+            } else {
+                if ($guessed_prefix != $prefix_guess) {
+                    print("Prefix mismatch! Had guessed $guessed_prefix but got $prefix_guess\n");
+                    die();
+                }
+            }
+        }
+
+        return $guessed_prefix;
+
+    }
+
+    public function line_aware_piping(): int
+    {
+        $bytes_read = 0;
+        if (! $this->input) {
+            throw new \Exception("No Input available for line_aware_piping");
+        }
+
+        while (($buffer = fgets($this->input, SQLStreamer::$buffer_size)) !== false) {
+            $bytes_read += strlen($buffer);
+            if ($this->reading_beginning_of_line) {
+                // \Log::debug("Buffer is: '$buffer'");
+                $cleaned_buffer = $this->parse_sql($buffer);
+                if ($this->output) {
+                    $bytes_written = fwrite($this->output, $cleaned_buffer);
+
+                    if ($bytes_written === false) {
+                        throw new \Exception("Unable to write to pipe");
+                    }
+                }
+            }
+            // if we got a newline at the end of this, then the _next_ read is the beginning of a line
+            if($buffer[strlen($buffer)-1] === "\n") {
+                $this->reading_beginning_of_line = true;
+            } else {
+                $this->reading_beginning_of_line = false;
+            }
+
+        }
+        return $bytes_read;
+
+    }
+}
+
+
+
 class RestoreFromBackup extends Command
 {
    /**
@@ -12,10 +157,13 @@ class RestoreFromBackup extends Command
     *
     * @var string
     */
+    // FIXME - , stripping prefixes and nonstandard SQL statements. Without --prefix, guess and return the correct prefix to strip
    protected $signature = 'snipeit:restore 
                                            {--force : Skip the danger prompt; assuming you enter "y"} 
                                            {filename : The zip file to be migrated}
-                                            {--no-progress : Don\'t show a progress bar}';
+                                            {--no-progress : Don\'t show a progress bar}
+                                            {--sanitize-guess-prefix : Guess and output the table-prefix needed to "sanitize" the SQL}
+                                            {--sanitize-with-prefix= : "Sanitize" the SQL, using the passed-in table prefix (can be learned from --sanitize-guess-prefix). Pass as just \'--sanitize-with-prefix=\' to use no prefix}';

    /**
     * The console command description.
@@ -34,8 +182,6 @@ class RestoreFromBackup extends Command
        parent::__construct();
    }

-    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?
-
    /**
     * Execute the console command.
     *
@@ -55,7 +201,7 @@ class RestoreFromBackup extends Command
            return $this->error('Missing required filename');
        }

-        if (! $this->option('force') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
+        if (! $this->option('force') && ! $this->option('sanitize-guess-prefix') && ! $this->confirm('Are you sure you wish to restore from the given backup file? This can lead to MASSIVE DATA LOSS!')) {
            return $this->error('Data loss not confirmed');
        }

@@ -158,11 +304,11 @@ class RestoreFromBackup extends Command
            }

            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path, $dir.'/');
+                $last_pos = strrpos($raw_path, $dir . '/');
                if ($last_pos !== false) {
                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
                    //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
-                    $interesting_files[$raw_path] = ['dest' =>$dir, 'index' => $i];
+                    $interesting_files[$raw_path] = ['dest' => $dir, 'index' => $i];
                    continue 2;
                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
                        // we don't care about that; we just want files with the appropriate prefix
@@ -171,7 +317,7 @@ class RestoreFromBackup extends Command
                }
            }
            $good_extensions = ['png', 'gif', 'jpg', 'svg', 'jpeg', 'doc', 'docx', 'pdf', 'txt',
-                                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico', ];
+                'zip', 'rar', 'xls', 'xlsx', 'lic', 'xml', 'rtf', 'webp', 'key', 'ico',];
            foreach (array_merge($private_files, $public_files) as $file) {
                $has_wildcard = (strpos($file, '*') !== false);
                if ($has_wildcard) {
@@ -180,8 +326,8 @@ class RestoreFromBackup extends Command
                $last_pos = strrpos($raw_path, $file); // no trailing slash!
                if ($last_pos !== false) {
                    $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if (! in_array($extension, $good_extensions)) {
-                        $this->warn('Potentially unsafe file '.$raw_path.' is being skipped');
+                    if (!in_array($extension, $good_extensions)) {
+                        $this->warn('Potentially unsafe file ' . $raw_path . ' is being skipped');
                        $boring_files[] = $raw_path;
                        continue 2;
                    }
@@ -196,7 +342,6 @@ class RestoreFromBackup extends Command
            }
            $boring_files[] = $raw_path; //if we've gotten to here and haven't continue'ed our way into the next iteration, we don't want this file
        } // end of pre-processing the ZIP file for-loop
-
        // print_r($interesting_files);exit(-1);

        if (count($sqlfiles) != 1) {
@@ -208,6 +353,17 @@ class RestoreFromBackup extends Command
            //older Snipe-IT installs don't have the db-dumps subdirectory component
        }

+        $sql_stat = $za->statIndex($sqlfile_indices[0]);
+        //$this->info("SQL Stat is: ".print_r($sql_stat,true));
+        $sql_contents = $za->getStream($sql_stat['name']); // maybe copy *THIS* thing?
+
+        // OKAY, now that we *found* the sql file if we're doing just the guess-prefix thing, we can do that *HERE* I think?
+        if ($this->option('sanitize-guess-prefix')) {
+            $prefix = SQLStreamer::guess_prefix($sql_contents);
+            $this->line($prefix);
+            return $this->info("Re-run this command with '--sanitize-with-prefix=".$prefix."' to see an attempt to sanitze your SQL.");
+        }
+
        //how to invoke the restore?
        $pipes = [];

@@ -228,6 +384,7 @@ class RestoreFromBackup extends Command
            return $this->error('Unable to invoke mysql via CLI');
        }

+        // I'm not sure about these?
        stream_set_blocking($pipes[1], false); // use non-blocking reads for stdout
        stream_set_blocking($pipes[2], false); // use non-blocking reads for stderr

@@ -238,9 +395,9 @@ class RestoreFromBackup extends Command

        //$sql_contents = fopen($sqlfiles[0], "r"); //NOPE! This isn't a real file yet, silly-billy!

-        $sql_stat = $za->statIndex($sqlfile_indices[0]);
-        //$this->info("SQL Stat is: ".print_r($sql_stat,true));
-        $sql_contents = $za->getStream($sql_stat['name']);
+        // FIXME - this feels like it wants to go somewhere else?
+        // and it doesn't seem 'right' - if you can't get a stream to the .sql file,
+        // why do we care what's happening with pipes and stdout and stderr?!
        if ($sql_contents === false) {
            $stdout = fgets($pipes[1]);
            $this->info($stdout);
@@ -249,20 +406,27 @@ class RestoreFromBackup extends Command

            return false;
        }
-        $bytes_read = 0;

        try {
-            while (($buffer = fgets($sql_contents, self::$buffer_size)) !== false) {
-                $bytes_read += strlen($buffer);
-                // \Log::debug("Buffer is: '$buffer'");
+            if ( $this->option('sanitize-with-prefix') === null) {
+                // "Legacy" direct-piping
+                $bytes_read = 0;
+                while (($buffer = fgets($sql_contents, SQLStreamer::$buffer_size)) !== false) {
+                    $bytes_read += strlen($buffer);
+                    // \Log::debug("Buffer is: '$buffer'");
                    $bytes_written = fwrite($pipes[0], $buffer);

-                if ($bytes_written === false) {
-                    throw new Exception("Unable to write to pipe");
+                    if ($bytes_written === false) {
+                        throw new Exception("Unable to write to pipe");
+                    }
                }
+            } else {
+                $sql_importer = new SQLStreamer($sql_contents, $pipes[0], $this->option('sanitize-with-prefix'));
+                $bytes_read = $sql_importer->line_aware_piping();
            }
        } catch (\Exception $e) {
            \Log::error("Error during restore!!!! ".$e->getMessage());
+            // FIXME - put these back and/or put them in the right places?!
            $err_out = fgets($pipes[1]);
            $err_err = fgets($pipes[2]);
            \Log::error("Error OUTPUT: ".$err_out);
@@ -271,7 +435,6 @@ class RestoreFromBackup extends Command
            $this->error($err_err);
            throw $e;
        }
-        
        if (!feof($sql_contents) || $bytes_read == 0) {
            return $this->error("Not at end of file for sql file, or zero bytes read. aborting!");
        }
@@ -303,7 +466,7 @@ class RestoreFromBackup extends Command
            $fp = $za->getStream($ugly_file_name);
            //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
-            while (($buffer = fgets($fp, self::$buffer_size)) !== false) {
+            while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
                fwrite($migrated_file, $buffer);
            }
            fclose($migrated_file);
@@ -0,0 +1,76 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+
+class ToggleCustomfieldEncryption extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:customfield-encryption
+                             {fieldname : the db_column_name of the field}';
+
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command should be used to convert an unencrypted custom field into a custom field and encrypt the associated data in the assets table for that column.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle()
+    {
+        $fieldname = $this->argument('fieldname');
+
+        if ($field = CustomField::where('db_column', $fieldname)->first()) {
+
+            // If the field is not encrypted, make it encrypted and encrypt the data in the assets table for the
+            // corresponding field.
+            DB::transaction(function () use ($field) {
+
+                if ($field->field_encrypted == 0) {
+                    $assets = Asset::whereNotNull($field->db_column)->get();
+
+                    foreach ($assets as $asset) {
+                        $asset->{$field->db_column} = encrypt($asset->{$field->db_column});
+                        $asset->save();
+                    }
+
+                    $field->field_encrypted = 1;
+                    $field->save();
+
+                // This field is already encrypted. Do nothing.
+                } else {
+                    $this->error('The custom field ' . $field->db_column.' is already encrypted. No action was taken.');
+                }
+            });
+
+        // No matching column name found
+        } else {
+            $this->error('No matching results for unencrypted custom fields with db_column name: ' . $fieldname.'. Please check the fieldname.');
+        }
+
+    }
+}
@@ -11,6 +11,7 @@ use App\Models\CustomFieldset;
 use App\Models\Depreciation;
 use App\Models\Setting;
 use App\Models\Statuslabel;
+use App\Models\License;
 use Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Image;
@@ -715,18 +716,19 @@ class Helper
     */
    public static function checkLowInventory()
    {
+        $alert_threshold = \App\Models\Setting::getSettings()->alert_threshold;
        $consumables = Consumable::withCount('consumableAssignments as consumable_assignments_count')->whereNotNull('min_amt')->get();
        $accessories = Accessory::withCount('users as users_count')->whereNotNull('min_amt')->get();
        $components = Component::whereNotNull('min_amt')->get();
        $asset_models = AssetModel::where('min_amt', '>', 0)->get();
+        $licenses = License::where('min_amt', '>', 0)->get();

-        $avail_consumables = 0;
        $items_array = [];
        $all_count = 0;

        foreach ($consumables as $consumable) {
            $avail = $consumable->numRemaining();
-            if ($avail < ($consumable->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($consumable->min_amt) + $alert_threshold) {
                if ($consumable->qty > 0) {
                    $percent = number_format((($avail / $consumable->qty) * 100), 0);
                } else {
@@ -745,7 +747,7 @@ class Helper

        foreach ($accessories as $accessory) {
            $avail = $accessory->qty - $accessory->users_count;
-            if ($avail < ($accessory->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($accessory->min_amt) + $alert_threshold) {
                if ($accessory->qty > 0) {
                    $percent = number_format((($avail / $accessory->qty) * 100), 0);
                } else {
@@ -764,7 +766,7 @@ class Helper

        foreach ($components as $component) {
            $avail = $component->numRemaining();
-            if ($avail < ($component->min_amt) + \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($component->min_amt) + $alert_threshold) {
                if ($component->qty > 0) {
                    $percent = number_format((($avail / $component->qty) * 100), 0);
                } else {
@@ -787,7 +789,7 @@ class Helper
            $total_owned = $asset->where('model_id', '=', $asset_model->id)->count();
            $avail = $asset->where('model_id', '=', $asset_model->id)->whereNull('assigned_to')->count();

-            if ($avail < ($asset_model->min_amt)+ \App\Models\Setting::getSettings()->alert_threshold) {
+            if ($avail < ($asset_model->min_amt) + $alert_threshold) {
                if ($avail > 0) {
                    $percent = number_format((($avail / $total_owned) * 100), 0);
                } else {
@@ -803,6 +805,26 @@ class Helper
            }
        }

+        foreach ($licenses as $license){
+            $avail = $license->remaincount();
+            if ($avail < ($license->min_amt) + $alert_threshold) {
+                if ($avail > 0) {
+                    $percent = number_format((($avail / $license->min_amt) * 100), 0);
+                } else {
+                    $percent = 100;
+                }
+
+                $items_array[$all_count]['id'] = $license->id;
+                $items_array[$all_count]['name'] = $license->name;
+                $items_array[$all_count]['type'] = 'licenses';
+                $items_array[$all_count]['percent'] = $percent;
+                $items_array[$all_count]['remaining'] = $avail;
+                $items_array[$all_count]['min_amt'] = $license->min_amt;
+                $all_count++;
+            }
+
+        }
+
        return $items_array;
    }

@@ -820,7 +842,7 @@ class Helper
        $filetype = @finfo_file($finfo, $file);
        finfo_close($finfo);

-        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif')) {
+        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif') || ($filetype == 'image/avif')) {
            return $filetype;
        }

@@ -1084,6 +1106,8 @@ class Helper
            'jpeg'   => 'far fa-image',
            'gif'   => 'far fa-image',
            'png'   => 'far fa-image',
+            'webp'   => 'far fa-image',
+            'avif'   => 'far fa-image',
            // word
            'doc'   => 'far fa-file-word',
            'docx'   => 'far fa-file-word',
@@ -1119,6 +1143,8 @@ class Helper
                case 'jpeg':
                case 'gif':
                case 'png':
+                case 'webp':
+                case 'avif':
                    return true;
                    break;
                default:
@@ -4,28 +4,27 @@ namespace App\Http\Controllers\Accessories;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Accessory;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Accessory\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;

 class AccessoriesFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a accessory.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $accessoryId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $accessoryId = null)
+    public function store(UploadFileRequest $request, $accessoryId = null)
    {

        if (config('app.lock_passwords')) {
@@ -45,30 +44,7 @@ class AccessoriesFilesController extends Controller

                foreach ($request->file('file') as $file) {

-                    $extension = $file->getClientOriginalExtension();
-                    $file_name = 'accessory-'.$accessory->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-
-                    // Check for SVG and sanitize it
-                    if ($extension == 'svg') {
-                        \Log::debug('This is an SVG');
-                        \Log::debug($file_name);
-
-                        $sanitizer = new Sanitizer();
-                        $dirtySVG = file_get_contents($file->getRealPath());
-                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                        try {
-                            Storage::put('private_uploads/accessories/'.$file_name, $cleanSVG);
-                        } catch (\Exception $e) {
-                            \Log::debug('Upload no workie :( ');
-                            \Log::debug($e);
-                        }
-
-                    } else {
-                        Storage::put('private_uploads/accessories/'.$file_name, file_get_contents($file));
-                    }
-
+                    $file_name = $request->handleFile('private_uploads/accessories/', 'accessory-'.$accessory->id, $file);
                    //Log the upload to the log
                    $accessory->logUpload($file_name, e($request->input('notes')));
                }
@@ -2,6 +2,7 @@

 namespace App\Http\Controllers\Api;

+use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\AccessoriesTransformer;
@@ -278,7 +279,7 @@ class AccessoriesController extends Controller
    public function checkout(Request $request, $accessoryId)
    {
        // Check if the accessory exists
-        if (is_null($accessory = Accessory::find($accessoryId))) {
+        if (is_null($accessory = Accessory::withCount('users as users_count')->find($accessoryId))) {
            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/accessories/message.does_not_exist')));
        }

@@ -302,7 +303,7 @@ class AccessoriesController extends Controller
                'note' => $request->get('note'),
            ]);

-            $accessory->logCheckout($request->input('note'), $user);
+            event(new CheckoutableCheckedOut($accessory, $user, Auth::user(), $request->input('note')));

            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/accessories/message.checkout.success')));
        }
@@ -36,7 +36,8 @@ class AssetMaintenancesController extends Controller
    {
        $this->authorize('view', Asset::class);

-        $maintenances = AssetMaintenance::select('asset_maintenances.*')->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company', 'admin');
+        $maintenances = AssetMaintenance::select('asset_maintenances.*')
+            ->with('asset', 'asset.model', 'asset.location', 'asset.defaultLoc', 'supplier', 'asset.company',  'asset.assetstatus', 'admin');

        if ($request->filled('search')) {
            $maintenances = $maintenances->TextSearch($request->input('search'));
@@ -47,7 +48,7 @@ class AssetMaintenancesController extends Controller
        }

        if ($request->filled('supplier_id')) {
-            $maintenances->where('supplier_id', '=', $request->input('supplier_id'));
+            $maintenances->where('asset_maintenances.supplier_id', '=', $request->input('supplier_id'));
        }

        if ($request->filled('asset_maintenance_type')) {
@@ -70,10 +71,13 @@ class AssetMaintenancesController extends Controller
                                'notes',
                                'asset_tag',
                                'asset_name',
+                                'serial',
                                'user_id',
                                'supplier',
                                'is_warranty',
+                                'status_label',
                            ];
+
        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';

@@ -90,6 +94,12 @@ class AssetMaintenancesController extends Controller
            case 'asset_name':
                $maintenances = $maintenances->OrderByAssetName($order);
                break;
+            case 'serial':
+                $maintenances = $maintenances->OrderByAssetSerial($order);
+                break;
+            case 'status_label':
+                $maintenances = $maintenances->OrderStatusName($order);
+                break;
            default:
                $maintenances = $maintenances->orderBy($sort, $order);
                break;
@@ -4,6 +4,10 @@ namespace App\Http\Controllers\Api;

 use App\Events\CheckoutableCheckedIn;
 use App\Http\Requests\StoreAssetRequest;
+use App\Http\Traits\MigratesLegacyAssetLocations;
+use App\Models\CheckoutAcceptance;
+use App\Models\LicenseSeat;
+use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\Gate;
@@ -45,6 +49,8 @@ use Route;
 */
 class AssetsController extends Controller
 {
+    use MigratesLegacyAssetLocations;
+
    /**
     * Returns JSON listing of all assets
     *
@@ -88,6 +94,7 @@ class AssetsController extends Controller
            'serial',
            'model_number',
            'last_checkout',
+            'last_checkin',
            'notes',
            'expected_checkin',
            'order_number',
@@ -105,6 +112,7 @@ class AssetsController extends Controller
            'requests_counter',
            'byod',
            'asset_eol_date',
+            'requestable',
        ];

        $filter = [];
@@ -584,6 +592,11 @@ class AssetsController extends Controller
                        }
                    }
                }
+                if ($field->element == 'checkbox') {
+                    if(is_array($field_val)) {
+                        $field_val = implode(',', $field_val);
+                    }
+                }


                $asset->{$field->db_column} = $field_val;
@@ -607,6 +620,8 @@ class AssetsController extends Controller
            }

            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.create.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -652,13 +667,22 @@ class AssetsController extends Controller
            // Update custom fields
            if (($model) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
+                    $field_val = $request->input($field->db_column, null);
+
                    if ($request->has($field->db_column)) {
                        if ($field->field_encrypted == '1') {
                            if (Gate::allows('admin')) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
+                                $asset->{$field->db_column} = Crypt::encrypt($field_val);
                            }
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
+                        }
+                        if ($field->element == 'checkbox') {
+                            if(is_array($field_val)) {
+                                $field_val = implode(',', $field_val);
+                                $asset->{$field->db_column} = $field_val;
+                            }
+                        }
+                        else {
+                            $asset->{$field->db_column} = $field_val;
                        }
                    }
                }
@@ -686,6 +710,7 @@ class AssetsController extends Controller
                }

                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+                return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.update.success')));
            }

            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -864,11 +889,9 @@ class AssetsController extends Controller
     */
    public function checkin(Request $request, $asset_id)
    {
-        $this->authorize('checkin', Asset::class);
        $asset = Asset::with('model')->findOrFail($asset_id);
        $this->authorize('checkin', $asset);

-
        $target = $asset->assignedTo;
        if (is_null($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', [
@@ -879,9 +902,8 @@ class AssetsController extends Controller
        }

        $asset->expected_checkin = null;
-        $asset->last_checkout = null;
+        //$asset->last_checkout = null;
        $asset->last_checkin = now();
-        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
        $asset->accepted = null;

@@ -889,10 +911,16 @@ class AssetsController extends Controller
            $asset->name = $request->input('name');
        }

+        $this->migrateLegacyLocations($asset);
+
        $asset->location_id = $asset->rtd_location_id;

        if ($request->filled('location_id')) {
            $asset->location_id = $request->input('location_id');
+
+            if ($request->input('update_default_location')){
+                $asset->rtd_location_id = $request->input('location_id');
+            }
        }

        if ($request->has('status_id')) {
@@ -906,6 +934,23 @@ class AssetsController extends Controller
            $originalValues['action_date'] = $checkin_at;
        }

+        $asset->licenseseats->each(function (LicenseSeat $seat) {
+            $seat->update(['assigned_to' => null]);
+        });
+
+        // Get all pending Acceptances for this asset and delete them
+        CheckoutAcceptance::pending()
+            ->whereHasMorph(
+                'checkoutable',
+                [Asset::class],
+                function (Builder $query) use ($asset) {
+                    $query->where('id', $asset->id);
+                })
+            ->get()
+            ->map(function ($acceptance) {
+                $acceptance->delete();
+            });
+
        if ($asset->save()) {
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));

@@ -1035,8 +1080,7 @@ class AssetsController extends Controller

        $assets = Asset::select('assets.*')
            ->with('location', 'assetstatus', 'assetlog', 'company','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests')
-            ->requestableAssets();
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests');



@@ -1044,7 +1088,7 @@ class AssetsController extends Controller
        if ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
        }
-
+        
        // Search custom fields by column name
        foreach ($all_custom_fields as $field) {
            if ($request->filled($field->db_column_name())) {
@@ -1074,6 +1118,7 @@ class AssetsController extends Controller
                break;
        }

+        $assets->requestableAssets();

        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $assets->count()) ? $assets->count() : app('api_offset_value');
@@ -40,7 +40,9 @@ class CompaniesController extends Controller
            'components_count',
        ];

-        $companies = Company::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');
+        $companies = Company::withCount(['assets as assets_count'  => function ($query) {
+            $query->AssetsForShow();
+        }])->withCount('licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'components as components_count', 'users as users_count');

        if ($request->filled('search')) {
            $companies->TextSearch($request->input('search'));
@@ -2,6 +2,7 @@

 namespace App\Http\Controllers\Api;

+use App\Events\CheckoutableCheckedOut;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Transformers\ConsumablesTransformer;
@@ -11,6 +12,7 @@ use App\Models\Consumable;
 use App\Models\User;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
+use Illuminate\Support\Facades\Auth;

 class ConsumablesController extends Controller
 {
@@ -290,17 +292,9 @@ class ConsumablesController extends Controller
                ]
            );

-            // Log checkout event
-            $logaction = $consumable->logCheckout($request->input('note'), $user);
-            $data['log_id'] = $logaction->id;
-            $data['eula'] = $consumable->getEula();
-            $data['first_name'] = $user->first_name;
-            $data['item_name'] = $consumable->name;
-            $data['checkout_date'] = $logaction->created_at;
-            $data['note'] = $logaction->note;
-            $data['require_acceptance'] = $consumable->requireAcceptance();
+        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));

-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));
+        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/consumables/message.checkout.success')));

    }

@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\GroupsTransformer;
 use App\Models\Group;
 use Illuminate\Http\Request;
+use Auth;


 class GroupsController extends Controller
@@ -25,7 +26,7 @@ class GroupsController extends Controller
        $this->authorize('view', Group::class);
        $allowed_columns = ['id', 'name', 'created_at', 'users_count'];

-        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at')->withCount('users as users_count');
+        $groups = Group::select('id', 'name', 'permissions', 'created_at', 'updated_at', 'created_by')->with('admin')->withCount('users as users_count');

        if ($request->filled('search')) {
            $groups = $groups->TextSearch($request->input('search'));
@@ -63,6 +64,7 @@ class GroupsController extends Controller
        $group = new Group;

        $group->name = $request->input('name');
+        $group->created_by = Auth::user()->id;
        $group->permissions = json_encode($request->input('permissions')); // Todo - some JSON validation stuff here

        if ($group->save()) {
@@ -136,6 +136,7 @@ class LicensesController extends Controller
                        'seats',
                        'termination_date',
                        'depreciation_id',
+                        'min_amt',
                    ];
                $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
                $licenses = $licenses->orderBy($sort, $order);
@@ -25,9 +25,27 @@ class LocationsController extends Controller
    {
        $this->authorize('view', Location::class);
        $allowed_columns = [
-            'id', 'name', 'address', 'address2', 'city', 'state', 'country', 'zip', 'created_at',
-            'updated_at', 'manager_id', 'image',
-            'assigned_assets_count', 'users_count', 'assets_count','assigned_assets_count', 'assets_count', 'rtd_assets_count', 'currency', 'ldap_ou', ];
+            'id',
+            'name',
+            'address',
+            'address2',
+            'city',
+            'state',
+            'country',
+            'zip',
+            'created_at',
+            'updated_at',
+            'manager_id',
+            'image',
+            'assigned_assets_count',
+            'users_count',
+            'assets_count',
+            'assigned_assets_count',
+            'assets_count',
+            'rtd_assets_count',
+            'currency',
+            'ldap_ou',
+            ];

        $locations = Location::with('parent', 'manager', 'children')->select([
            'locations.id',
@@ -50,6 +68,7 @@ class LocationsController extends Controller
        ])->withCount('assignedAssets as assigned_assets_count')
            ->withCount('assets as assets_count')
            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('children as children_count')
            ->withCount('users as users_count');

        if ($request->filled('search')) {
@@ -80,6 +99,10 @@ class LocationsController extends Controller
            $locations->where('locations.country', '=', $request->input('country'));
        }

+        if ($request->filled('manager_id')) {
+            $locations->where('locations.manager_id', '=', $request->input('manager_id'));
+        }
+
        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $locations->count()) ? $locations->count() : app('api_offset_value');
        $limit = app('api_limit_value');
@@ -212,7 +235,13 @@ class LocationsController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Location::class);
-        $location = Location::findOrFail($id);
+        $location = Location::withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('children as children_count')
+            ->withCount('users as users_count')
+            ->findOrFail($id);
+
        if (! $location->isDeletable()) {
            return response()
                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
@@ -32,14 +32,26 @@ class ReportsController extends Controller
        }

        if (($request->filled('item_type')) && ($request->filled('item_id'))) {
-            $actionlogs = $actionlogs->where('item_id', '=', $request->input('item_id'))
-                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
+            $actionlogs = $actionlogs->where(function($query) use ($request)
+            {
+                $query->where('item_id', '=', $request->input('item_id'))
+                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')))
+                ->orWhere(function($query) use ($request)
+                {
+                    $query->where('target_id', '=', $request->input('item_id'))
+                    ->where('target_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
+                });
+            });
        }

        if ($request->filled('action_type')) {
            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
        }

+        if ($request->filled('user_id')) {
+            $actionlogs = $actionlogs->where('user_id', '=', $request->input('user_id'));
+        }
+
        if ($request->filled('action_source')) {
            $actionlogs = $actionlogs->where('action_source', '=', $request->input('action_source'))->orderBy('created_at', 'desc');
        }
@@ -148,7 +148,7 @@ class SettingsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return JsonResponse
     */
    public function ajaxTestEmail()
    {
@@ -170,7 +170,7 @@ class SettingsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.0.0]
-     * @return Response
+     * @return JsonResponse
     */
    public function purgeBarcodes()
    {
@@ -211,7 +211,7 @@ class SettingsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v5.0.0]
     * @param  \Illuminate\Http\Request  $request
-     * @return array
+     * @return array | JsonResponse
     */
    public function showLoginAttempts(Request $request)
    {
@@ -229,6 +229,12 @@ class SettingsController extends Controller
    }


+    /**
+     * Lists backup files
+     *
+     * @author [A. Gianotto]
+     * @return array | JsonResponse
+     */
    public function listBackups() {
        $settings = Setting::getSettings();
        $path = 'app/backups';
@@ -249,12 +255,12 @@ class SettingsController extends Controller
                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
                        'modified_value' => $file_timestamp,
                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
+                        'backup_url' => config('app.url').'/settings/backups/download/'.basename($backup_files[$f]),

                    ];
                    $count++;
                }

-
            }
        }

@@ -264,15 +270,56 @@ class SettingsController extends Controller
    }


+    /**
+     * Downloads a backup file.
+     * We use response()->download() here instead of Storage::download() because Storage::download()
+     * exhausts memory on larger files.
+     *
+     * @author [A. Gianotto]
+     * @return JsonResponse|\Symfony\Component\HttpFoundation\BinaryFileResponse
+     */
    public function downloadBackup($file) {

-        $path = 'app/backups';
-        if (Storage::exists($path.'/'.$file)) {
+        $path = storage_path('app/backups');
+        
+        if (Storage::exists('app/backups/'.$file)) {
            $headers = ['ContentType' => 'application/zip'];
-            return Storage::download($path.'/'.$file, $file, $headers);
+            return response()->download($path.'/'.$file, $file, $headers);
        } else {
-            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')));
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')), 404);
        }

    }
+
+    /**
+     * Determines and downloads the latest backup
+     *
+     * @author [A. Gianotto]
+     * @since [v6.3.1]
+     * @return JsonResponse|\Symfony\Component\HttpFoundation\BinaryFileResponse
+     */
+    public function downloadLatestBackup() {
+
+        $fileData = collect();
+        foreach (Storage::files('app/backups') as $file) {
+            if (pathinfo($file, PATHINFO_EXTENSION) == 'zip') {
+                $fileData->push([
+                    'file' => $file,
+                    'date' => Storage::lastModified($file)
+                ]);
+            }
+        }
+
+        $newest = $fileData->sortByDesc('date')->first();
+        if (Storage::exists($newest['file'])) {
+            $headers = ['ContentType' => 'application/zip'];
+            return response()->download(storage_path($newest['file']), basename($newest['file']), $headers);
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null,  trans('general.file_not_found')), 404);
+        }
+
+
+    }
+
+
 }
@@ -73,6 +73,7 @@ class UsersController extends Controller
            'users.end_date',
            'users.vip',
            'users.autoassign_licenses',
+            'users.website',

        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
@@ -122,6 +123,10 @@ class UsersController extends Controller
            $users = $users->where('users.country', '=', $request->input('country'));
        }

+        if ($request->filled('website')) {
+            $users = $users->where('users.website', '=', $request->input('website'));
+        }
+
        if ($request->filled('zip')) {
            $users = $users->where('users.zip', '=', $request->input('zip'));
        }
@@ -254,6 +259,7 @@ class UsersController extends Controller
                        'start_date',
                        'end_date',
                        'autoassign_licenses',
+                        'website',
                    ];

                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
@@ -274,11 +280,6 @@ class UsersController extends Controller
        $offset = ($request->input('offset') > $users->count()) ? $users->count() : app('api_offset_value');
        $limit = app('api_limit_value');

-        \Log::debug('Requested offset: '. $request->input('offset'));
-        \Log::debug('App offset: '. app('api_offset_value'));
-        \Log::debug('Actual offset: '. $offset);
-        \Log::debug('Limit: '. $limit);
-
        $total = $users->count();
        $users = $users->skip($offset)->take($limit)->get();

@@ -559,7 +560,26 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);
-        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();
+        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
+
+
+        // Filter on category ID
+        if ($request->filled('category_id')) {
+            $assets = $assets->InCategory($request->input('category_id'));
+        }
+
+
+        // Filter on model ID
+        if ($request->filled('model_id')) {
+
+            $model_ids = $request->input('model_id');
+            if (!is_array($model_ids)) {
+                $model_ids = array($model_ids);
+            }
+            $assets = $assets->InModelList($model_ids);
+        }
+
+        $assets = $assets->get();

        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
    }
@@ -660,7 +680,17 @@ class UsersController extends Controller
                $user = User::find($request->get('id'));
                $user->two_factor_secret = null;
                $user->two_factor_enrolled = 0;
-                $user->save();
+                $user->saveQuietly();
+
+                // Log the reset
+                $logaction = new Actionlog();
+                $logaction->target_type = User::class;
+                $logaction->target_id = $user->id;
+                $logaction->item_type = User::class;
+                $logaction->item_id = $user->id;
+                $logaction->created_at = date('Y-m-d H:i:s');
+                $logaction->user_id = Auth::user()->id;
+                $logaction->logaction('2FA reset');

                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
            } catch (\Exception $e) {
@@ -148,30 +148,20 @@ class AssetMaintenancesController extends Controller
    */
    public function edit($assetMaintenanceId = null)
    {
+        $this->authorize('update', Asset::class);
+        // Check if the asset maintenance exists
        $this->authorize('update', Asset::class);
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
-            // Redirect to the improvement management page
-            return redirect()->route('maintenances.index')
-                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
-        } elseif (! $assetMaintenance->asset) {
-            return redirect()->route('maintenances.index')
-                ->with('error', 'The asset associated with this maintenance does not exist.');
+            // Redirect to the asset maintenance management page
+            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
+            // Redirect to the asset maintenance management page
+            return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }

-        if ($assetMaintenance->completion_date == '0000-00-00') {
-            $assetMaintenance->completion_date = null;
-        }
-
-        if ($assetMaintenance->start_date == '0000-00-00') {
-            $assetMaintenance->start_date = null;
-        }
-
-        if ($assetMaintenance->cost == '0.00') {
-            $assetMaintenance->cost = null;
-        }

        // Prepare Improvement Type List
        $assetMaintenanceType = [
@@ -203,8 +193,10 @@ class AssetMaintenancesController extends Controller
        // Check if the asset maintenance exists
        if (is_null($assetMaintenance = AssetMaintenance::find($assetMaintenanceId))) {
            // Redirect to the asset maintenance management page
-            return redirect()->route('maintenances.index')
-                           ->with('error', trans('admin/asset_maintenances/message.not_found'));
+            return redirect()->route('maintenances.index')->with('error', trans('admin/asset_maintenances/message.not_found'));
+        } elseif ((!$assetMaintenance->asset) || ($assetMaintenance->asset->deleted_at!='')) {
+                // Redirect to the asset maintenance management page
+                return redirect()->route('maintenances.index')->with('error', 'asset does not exist');
        } elseif (! Company::isCurrentUserHasAccess($assetMaintenance->asset)) {
            return static::getInsufficientPermissionsRedirect();
        }
@@ -7,6 +7,7 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
+use App\Models\CustomField;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
@@ -442,7 +443,6 @@ class AssetModelsController extends Controller
            $del_count = 0;

            foreach ($models as $model) {
-                \Log::debug($model->id);

                if ($model->assets_count > 0) {
                    $del_error_count++;
@@ -452,8 +452,6 @@ class AssetModelsController extends Controller
                }
            }

-            \Log::debug($del_count);
-            \Log::debug($del_error_count);

            if ($del_error_count == 0) {
                return redirect()->route('models.index')
@@ -489,11 +487,11 @@ class AssetModelsController extends Controller
     * @param  array      $defaultValues
     * @return void
     */
-    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues): bool
    {
        $data = array();
        foreach ($defaultValues as $customFieldId => $defaultValue) {
-            $customField = \App\Models\CustomField::find($customFieldId);
+            $customField = CustomField::find($customFieldId);

            $data[$customField->db_column] = $defaultValue;
        }
@@ -3,26 +3,25 @@
 namespace App\Http\Controllers;

 use App\Helpers\StorageHelper;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\AssetModel;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use enshrined\svgSanitize\Sanitizer;

 class AssetModelsFilesController extends Controller
 {
    /**
     * Upload a file to the server.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $modelId
     * @return Redirect
-     * @since [v1.0]
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@since [v1.0]
+     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
-    public function store(AssetFileRequest $request, $modelId = null)
+    public function store(UploadFileRequest $request, $modelId = null)
    {
        if (! $model = AssetModel::find($modelId)) {
            return redirect()->route('models.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -37,27 +36,7 @@ class AssetModelsFilesController extends Controller

            foreach ($request->file('file') as $file) {

-                $extension = $file->getClientOriginalExtension();
-                $file_name = 'model-'.$model->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-                // Check for SVG and sanitize it
-                if ($extension=='svg') {
-                    \Log::debug('This is an SVG');
-
-                    $sanitizer = new Sanitizer();
-                    $dirtySVG = file_get_contents($file->getRealPath());
-                    $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                    try {
-                        Storage::put('private_uploads/assetmodels/'.$file_name, $cleanSVG);
-                    } catch (\Exception $e) {
-                        \Log::debug('Upload no workie :( ');
-                        \Log::debug($e);
-                    }
-                } else {
-                    Storage::put('private_uploads/assetmodels/'.$file_name, file_get_contents($file));
-                }
-
+                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$model->id,$file);

                $model->logUpload($file_name, e($request->get('notes')));
            }
@@ -6,8 +6,10 @@ use App\Events\CheckoutableCheckedIn;
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\AssetCheckinRequest;
+use App\Http\Traits\MigratesLegacyAssetLocations;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
+use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Redirect;
@@ -15,6 +17,8 @@ use Illuminate\Support\Facades\View;

 class AssetCheckinController extends Controller
 {
+    use MigratesLegacyAssetLocations;
+
    /**
     * Returns a view that presents a form to check an asset back into inventory.
     *
@@ -67,11 +71,9 @@ class AssetCheckinController extends Controller
        }

        $asset->expected_checkin = null;
-        $asset->last_checkout = null;
+        //$asset->last_checkout = null;
        $asset->last_checkin = now();
-        $asset->assigned_to = null;
        $asset->assignedTo()->disassociate($asset);
-        $asset->assigned_type = null;
        $asset->accepted = null;
        $asset->name = $request->get('name');

@@ -79,24 +81,7 @@ class AssetCheckinController extends Controller
            $asset->status_id = e($request->get('status_id'));
        }

-        // This is just meant to correct legacy issues where some user data would have 0
-        // as a location ID, which isn't valid. Later versions of Snipe-IT have stricter validation
-        // rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
-        // people (and their data) in the long run
-
-        if ($asset->rtd_location_id == '0') {
-            \Log::debug('Manually override the RTD location IDs');
-            \Log::debug('Original RTD Location ID: '.$asset->rtd_location_id);
-            $asset->rtd_location_id = '';
-            \Log::debug('New RTD Location ID: '.$asset->rtd_location_id);
-        }
-
-        if ($asset->location_id == '0') {
-            \Log::debug('Manually override the location IDs');
-            \Log::debug('Original Location ID: '.$asset->location_id);
-            $asset->location_id = '';
-            \Log::debug('New Location ID: '.$asset->location_id);
-        }
+        $this->migrateLegacyLocations($asset);

        $asset->location_id = $asset->rtd_location_id;

@@ -117,12 +102,9 @@ class AssetCheckinController extends Controller
            $checkin_at = $request->get('checkin_at');
        }

-        if(!empty($asset->licenseseats->all())){
-            foreach ($asset->licenseseats as $seat){
-                $seat->assigned_to = null;
-                $seat->save();
-            }
-        }
+        $asset->licenseseats->each(function (LicenseSeat $seat) {
+            $seat->update(['assigned_to' => null]);
+        });

        // Get all pending Acceptances for this asset and delete them
        $acceptances = CheckoutAcceptance::pending()->whereHasMorph('checkoutable',
@@ -4,26 +4,25 @@ namespace App\Http\Controllers\Assets;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use enshrined\svgSanitize\Sanitizer;

 class AssetFilesController extends Controller
 {
    /**
     * Upload a file to the server.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $assetId
     * @return Redirect
-     * @since [v1.0]
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@since [v1.0]
+     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
-    public function store(AssetFileRequest $request, $assetId = null)
+    public function store(UploadFileRequest $request, $assetId = null)
    {
        if (! $asset = Asset::find($assetId)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist'));
@@ -37,28 +36,7 @@ class AssetFilesController extends Controller
            }

            foreach ($request->file('file') as $file) {
-
-                $extension = $file->getClientOriginalExtension();
-                $file_name = 'hardware-'.$asset->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-                // Check for SVG and sanitize it
-                if ($extension=='svg') {
-                    \Log::debug('This is an SVG');
-
-                        $sanitizer = new Sanitizer();
-                        $dirtySVG = file_get_contents($file->getRealPath());
-                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                        try {
-                            Storage::put('private_uploads/assets/'.$file_name, $cleanSVG);
-                        } catch (\Exception $e) {
-                            \Log::debug('Upload no workie :( ');
-                            \Log::debug($e);
-                        }
-                } else {
-                Storage::put('private_uploads/assets/'.$file_name, file_get_contents($file));
-                }
-               
+                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
                
                $asset->logUpload($file_name, e($request->get('notes')));
            }
@@ -102,6 +102,10 @@ class AssetsController extends Controller
    {
        $this->authorize(Asset::class);

+        // There are a lot more rules to add here but prevents
+        // errors around `asset_tags` not being present below.
+        $this->validate($request, ['asset_tags' => ['required', 'array']]);
+
        // Handle asset tags - there could be one, or potentially many.
        // This is only necessary on create, not update, since bulk editing is handled
        // differently
@@ -146,7 +150,8 @@ class AssetsController extends Controller
                $asset->next_audit_date = Carbon::now()->addMonths($settings->audit_interval)->toDateString();
            }

-            if ($asset->assigned_to == '') {
+            // Set location_id to rtd_location_id ONLY if the asset isn't being checked out
+            if (!request('assigned_user') && !request('assigned_asset') && !request('assigned_location')) {
                $asset->location_id = $request->input('rtd_location_id', null);
            }

@@ -521,31 +526,33 @@ class AssetsController extends Controller
    public function getBarCode($assetId = null)
    {
        $settings = Setting::getSettings();
-        $asset = Asset::find($assetId);
-        $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';
+        if ($asset = Asset::withTrashed()->find($assetId)) {
+            $barcode_file = public_path().'/uploads/barcodes/'.str_slug($settings->alt_barcode).'-'.str_slug($asset->asset_tag).'.png';

-        if (isset($asset->id, $asset->asset_tag)) {
-            if (file_exists($barcode_file)) {
-                $header = ['Content-type' => 'image/png'];
+            if (isset($asset->id, $asset->asset_tag)) {
+                if (file_exists($barcode_file)) {
+                    $header = ['Content-type' => 'image/png'];

-                return response()->file($barcode_file, $header);
-            } else {
-                // Calculate barcode width in pixel based on label width (inch)
-                $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 200.000000000001;
+                    return response()->file($barcode_file, $header);
+                } else {
+                    // Calculate barcode width in pixel based on label width (inch)
+                    $barcode_width = ($settings->labels_width - $settings->labels_display_sgutter) * 200.000000000001;

-                $barcode = new \Com\Tecnick\Barcode\Barcode();
-                try {
-                    $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
-                    file_put_contents($barcode_file, $barcode_obj->getPngData());
+                    $barcode = new \Com\Tecnick\Barcode\Barcode();
+                    try {
+                        $barcode_obj = $barcode->getBarcodeObj($settings->alt_barcode, $asset->asset_tag, ($barcode_width < 300 ? $barcode_width : 300), 50);
+                        file_put_contents($barcode_file, $barcode_obj->getPngData());

-                    return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
-                } catch (\Exception $e) {
-                    Log::debug('The barcode format is invalid.');
+                        return response($barcode_obj->getPngData())->header('Content-type', 'image/png');
+                    } catch (\Exception $e) {
+                        Log::debug('The barcode format is invalid.');

-                    return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
+                        return response(file_get_contents(public_path('uploads/barcodes/invalid_barcode.gif')))->header('Content-type', 'image/gif');
+                    }
                }
            }
        }
+        return null;
    }

    /**
@@ -734,11 +741,11 @@ class AssetsController extends Controller

                        if ($isCheckinHeaderExplicit) {

-                            //if checkin date header exists, assume that empty or future date is still checked out
-                            //if checkin is before todays date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items is checked out
+                            // if checkin date header exists, assume that empty or future date is still checked out
+                            // if checkin is before today's date, assume it's checked in and do not assign user ID, if checkin date is in the future or blank, this is the expected checkin date, items are checked out

-                            if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date))
-                            ) {
+                            if ((strtotime($checkin_date) > strtotime(Carbon::now())) || (empty($checkin_date)))
+                            {
                                //only do this if item is checked out
                                $asset->assigned_to = $user->id;
                                $asset->assigned_type = User::class;
@@ -14,6 +14,7 @@ use App\View\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Session;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\CustomField;
@@ -93,6 +94,59 @@ class BulkAssetsController extends Controller

        $assets = Asset::with('assignedTo', 'location', 'model')->whereIn('assets.id', $asset_ids);

+        $assets = $assets->get();
+
+        if ($assets->isEmpty()) {
+            Log::debug('No assets were found for the provided IDs', ['ids' => $asset_ids]);
+            return redirect()->back()->with('error', trans('admin/hardware/message.update.assets_do_not_exist_or_are_invalid'));
+        }
+
+        $models = $assets->unique('model_id');
+        $modelNames = [];
+        foreach($models as $model) {
+            $modelNames[] = $model->model->name;
+        }
+
+        if ($request->filled('bulk_actions')) {
+
+
+            switch ($request->input('bulk_actions')) {
+                case 'labels':
+                    $this->authorize('view', Asset::class);
+
+                    return (new Label)
+                        ->with('assets', $assets)
+                        ->with('settings', Setting::getSettings())
+                        ->with('bulkedit', true)
+                        ->with('count', 0);
+
+                case 'delete':
+                    $this->authorize('delete', Asset::class);
+                    $assets->each(function ($assets) {
+                        $this->authorize('delete', $assets);
+                    });
+
+                    return view('hardware/bulk-delete')->with('assets', $assets);
+
+                case 'restore':
+                    $this->authorize('update', Asset::class);
+                    $assets = Asset::withTrashed()->find($asset_ids);
+                    $assets->each(function ($asset) {
+                        $this->authorize('delete', $asset);
+                    });
+                    return view('hardware/bulk-restore')->with('assets', $assets);
+
+                case 'edit':
+                    $this->authorize('update', Asset::class);
+
+                    return view('hardware/bulk')
+                        ->with('assets', $asset_ids)
+                        ->with('statuslabel_list', Helper::statusLabelList())
+                        ->with('models', $models->pluck(['model']))
+                        ->with('modelNames', $modelNames);
+            }
+        }
+
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -128,54 +182,6 @@ class BulkAssetsController extends Controller
                break;
        }

-        $assets = $assets->get();
-
-        $models = $assets->unique('model_id');
-        $modelNames = [];
-        foreach($models as $model) {
-            $modelNames[] = $model->model->name;
-        }
-
-        if ($request->filled('bulk_actions')) {
-
-
-            switch ($request->input('bulk_actions')) {
-                case 'labels':
-                    $this->authorize('view', Asset::class);
-
-                    return (new Label)
-                        ->with('assets', $assets)
-                        ->with('settings', Setting::getSettings())
-                        ->with('bulkedit', true)
-                        ->with('count', 0);
-
-                case 'delete':
-                    $this->authorize('delete', Asset::class);
-                    $assets->each(function ($assets) {
-                        $this->authorize('delete', $assets);
-                    });
-
-                    return view('hardware/bulk-delete')->with('assets', $assets);
-                   
-                case 'restore':
-                    $this->authorize('update', Asset::class);
-                    $assets = Asset::withTrashed()->find($asset_ids);
-                    $assets->each(function ($asset) {
-                        $this->authorize('delete', $asset);
-                    });
-                    return view('hardware/bulk-restore')->with('assets', $assets);
-
-                case 'edit':
-                    $this->authorize('update', Asset::class);
-
-                    return view('hardware/bulk')
-                        ->with('assets', $asset_ids)
-                        ->with('statuslabel_list', Helper::statusLabelList())
-                        ->with('models', $models->pluck(['model']))
-                        ->with('modelNames', $modelNames);
-            }
-        }
-
        return redirect()->back()->with('error', 'No action selected');
    }

@@ -4,28 +4,27 @@ namespace App\Http\Controllers\Components;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Component;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;

 class ComponentsFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a component.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $componentId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $componentId = null)
+    public function store(UploadFileRequest $request, $componentId = null)
    {

        if (config('app.lock_passwords')) {
@@ -43,30 +42,7 @@ class ComponentsFilesController extends Controller
                }

                foreach ($request->file('file') as $file) {
-
-                    $extension = $file->getClientOriginalExtension();
-                    $file_name = 'component-'.$component->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-
-                    // Check for SVG and sanitize it
-                    if ($extension == 'svg') {
-                        \Log::debug('This is an SVG');
-                        \Log::debug($file_name);
-
-                        $sanitizer = new Sanitizer();
-                        $dirtySVG = file_get_contents($file->getRealPath());
-                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                        try {
-                            Storage::put('private_uploads/components/'.$file_name, $cleanSVG);
-                        } catch (\Exception $e) {
-                            \Log::debug('Upload no workie :( ');
-                            \Log::debug($e);
-                        }
-
-                    } else {
-                        Storage::put('private_uploads/components/'.$file_name, file_get_contents($file));
-                    }
+                    $file_name = $request->handleFile('private_uploads/components/','component-'.$component->id, $file);

                    //Log the upload to the log
                    $component->logUpload($file_name, e($request->input('notes')));
@@ -76,7 +76,6 @@ class ConsumableCheckoutController extends Controller
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
        }

-
        $admin_user = Auth::user();
        $assigned_to = e($request->input('assigned_to'));

@@ -4,28 +4,27 @@ namespace App\Http\Controllers\Consumables;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\Consumable;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Consumable\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;

 class ConsumablesFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a consumable.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $consumableId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $consumableId = null)
+    public function store(UploadFileRequest $request, $consumableId = null)
    {
        if (config('app.lock_passwords')) {
            return redirect()->route('consumables.show', ['consumable'=>$consumableId])->with('error', trans('general.feature_disabled'));
@@ -42,30 +41,7 @@ class ConsumablesFilesController extends Controller
                }

                foreach ($request->file('file') as $file) {
-
-                    $extension = $file->getClientOriginalExtension();
-                    $file_name = 'consumable-'.$consumable->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-
-                    // Check for SVG and sanitize it
-                    if ($extension == 'svg') {
-                        \Log::debug('This is an SVG');
-                        \Log::debug($file_name);
-
-                        $sanitizer = new Sanitizer();
-                        $dirtySVG = file_get_contents($file->getRealPath());
-                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                        try {
-                            Storage::put('private_uploads/consumables/'.$file_name, $cleanSVG);
-                        } catch (\Exception $e) {
-                            \Log::debug('Upload no workie :( ');
-                            \Log::debug($e);
-                        }
-
-                    } else {
-                        Storage::put('private_uploads/consumables/'.$file_name, file_get_contents($file));
-                    }
+                    $file_name = $request->handleFile('private_uploads/consumables/','consumable-'.$consumable->id, $file);

                    //Log the upload to the log
                    $consumable->logUpload($file_name, e($request->input('notes')));
@@ -260,7 +260,7 @@ class CustomFieldsController extends Controller
        
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
-        $field->field_values  = e($request->get("field_values"));
+        $field->field_values  = $request->get("field_values");
        $field->user_id       = Auth::id();
        $field->help_text     = $request->get("help_text");
        $field->show_in_email = $show_in_email;
@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Group;
 use Illuminate\Http\Request;
+use Auth;

 /**
 * This controller handles all actions related to User Groups for
@@ -63,6 +64,7 @@ class GroupsController extends Controller
        $group = new Group();
        $group->name = $request->input('name');
        $group->permissions = json_encode($request->input('permission'));
+        $group->created_by = Auth::user()->id;

        if ($group->save()) {
            return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
@@ -6,6 +6,7 @@ use App\Models\Asset;
 use App\Models\AssetModel;
 use App\Models\Category;
 use App\Models\Company;
+use App\Models\CustomField;
 use App\Models\Labels\Label;
 use App\Models\Location;
 use App\Models\Manufacturer;
@@ -65,6 +66,20 @@ class LabelsController extends Controller
        $exampleAsset->model->category->id = 999999;
        $exampleAsset->model->category->name = trans('admin/labels/table.example_category');

+        $customFieldColumns = CustomField::all()->pluck('db_column');
+
+        collect(explode(';', Setting::getSettings()->label2_fields))
+            ->filter()
+            ->each(function ($item) use ($customFieldColumns, $exampleAsset) {
+               $pair = explode('=', $item);
+               
+                if (array_key_exists(1, $pair)) {
+                        if ($customFieldColumns->contains($pair[1])) {
+                            $exampleAsset->{$pair[1]} = "{{$pair[0]}}";
+                        }
+                    }
+            });
+
        $settings = Setting::getSettings();
        if (request()->has('settings')) {
            $overrides = request()->get('settings');
@@ -4,28 +4,27 @@ namespace App\Http\Controllers\Licenses;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\License;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;

 class LicenseFilesController extends Controller
 {
    /**
     * Validates and stores files associated with a license.
     *
-     * @todo Switch to using the AssetFileRequest form request validator.
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.0]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $licenseId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.0]
+     * @todo Switch to using the AssetFileRequest form request validator.
     */
-    public function store(AssetFileRequest $request, $licenseId = null)
+    public function store(UploadFileRequest $request, $licenseId = null)
    {
        $license = License::find($licenseId);

@@ -38,30 +37,7 @@ class LicenseFilesController extends Controller
                }

                foreach ($request->file('file') as $file) {
-
-                    $extension = $file->getClientOriginalExtension();
-                    $file_name = 'license-'.$license->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-
-                        // Check for SVG and sanitize it
-                        if ($extension == 'svg') {
-                            \Log::debug('This is an SVG');
-                            \Log::debug($file_name);
-
-                                $sanitizer = new Sanitizer();
-                                $dirtySVG = file_get_contents($file->getRealPath());
-                                $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                                try {
-                                    Storage::put('private_uploads/licenses/'.$file_name, $cleanSVG);
-                                } catch (\Exception $e) {
-                                    \Log::debug('Upload no workie :( ');
-                                    \Log::debug($e);
-                                }
-
-                        } else {
-                            Storage::put('private_uploads/licenses/'.$file_name, file_get_contents($file));
-                        }
+                    $file_name = $request->handleFile('private_uploads/licenses/','license-'.$license->id, $file);

                    //Log the upload to the log
                    $license->logUpload($file_name, e($request->input('notes')));
@@ -99,6 +99,7 @@ class LicensesController extends Controller
        $license->category_id       = $request->input('category_id');
        $license->termination_date  = $request->input('termination_date');
        $license->user_id           = Auth::id();
+        $license->min_amt           = $request->input('min_amt');

        if ($license->save()) {
            return redirect()->route('licenses.index')->with('success', trans('admin/licenses/message.create.success'));
@@ -176,6 +177,7 @@ class LicensesController extends Controller
        $license->manufacturer_id   =  $request->input('manufacturer_id');
        $license->supplier_id       = $request->input('supplier_id');
        $license->category_id       = $request->input('category_id');
+        $license->min_amt           = $request->input('min_amt');

        if ($license->save()) {
            return redirect()->route('licenses.show', ['license' => $licenseId])->with('success', trans('admin/licenses/message.update.success'));
@@ -245,12 +247,6 @@ class LicensesController extends Controller
        $available_seats_count = $license->availCount()->count();
        $checkedout_seats_count = ($total_seats_count - $available_seats_count);

-        \Log::debug('Total: '.$total_seats_count);
-        \Log::debug('Users: '.$users_count);
-        \Log::debug('Available: '.$available_seats_count);
-        \Log::debug('Checkedout: '.$checkedout_seats_count);
-
-
        $this->authorize('view', $license);
        return view('licenses.view', compact('license'))
            ->with('users_count', $users_count)
@@ -8,6 +8,7 @@ use App\Models\Location;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Http\Request;

 /**
 * This controller handles all actions related to Locations for
@@ -168,7 +169,7 @@ class LocationsController extends Controller
    {
        $this->authorize('delete', Location::class);
        if (is_null($location = Location::find($locationId))) {
-            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.not_found'));
+            return redirect()->to(route('locations.index'))->with('error', trans('admin/locations/message.does_not_exist'));
        }

        if ($location->users()->count() > 0) {
@@ -238,7 +239,7 @@ class LocationsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $locationId
     * @since [v6.0.14]
-     * @return View
+     * @return \Illuminate\Contracts\View\View
     */
    public function getClone($locationId = null)
    {
@@ -272,8 +273,102 @@ class LocationsController extends Controller

        }
        return redirect()->route('locations.index')->with('error', trans('admin/locations/message.does_not_exist'));
+    }


+    /**
+     * Returns a view that allows the user to bulk delete locations
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.3.1]
+     * @return \Illuminate\Contracts\View\View
+     */
+    public function postBulkDelete(Request $request)
+    {
+        $locations_raw_array = $request->input('ids');
+
+        // Make sure some IDs have been selected
+        if ((is_array($locations_raw_array)) && (count($locations_raw_array) > 0)) {
+            $locations = Location::whereIn('id', $locations_raw_array)
+                ->withCount('assignedAssets as assigned_assets_count')
+                ->withCount('assets as assets_count')
+                ->withCount('rtd_assets as rtd_assets_count')
+                ->withCount('children as children_count')
+                ->withCount('users as users_count')->get();
+
+                $valid_count = 0;
+                foreach ($locations as $location) {
+                    if ($location->isDeletable()) {
+                        $valid_count++;
+                    }
+                }
+                return view('locations/bulk-delete', compact('locations'))->with('valid_count', $valid_count);
+        }
+
+        return redirect()->route('models.index')
+            ->with('error', 'You must select at least one model to edit.');
+    }
+
+    /**
+     * Checks that locations can be deleted and deletes them if they can
+     *
+     * @author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v6.3.1]
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function postBulkDeleteStore(Request $request) {
+        $locations_raw_array = $request->input('ids');
+
+        if ((is_array($locations_raw_array)) && (count($locations_raw_array) > 0)) {
+            $locations = Location::whereIn('id', $locations_raw_array)
+                ->withCount('assignedAssets as assigned_assets_count')
+                ->withCount('assets as assets_count')
+                ->withCount('rtd_assets as rtd_assets_count')
+                ->withCount('children as children_count')
+                ->withCount('users as users_count')->get();
+
+            $success_count = 0;
+            $error_count = 0;
+
+            foreach ($locations as $location) {
+
+                // Can we delete this location?
+                if ($location->isDeletable()) {
+                    $location->delete();
+                    $success_count++;
+                } else {
+                    $error_count++;
+                }
+            }
+
+            \Log::debug('Success count: '.$success_count);
+            \Log::debug('Error count: '.$error_count);
+            // Complete success
+            if ($success_count == count($locations_raw_array)) {
+                return redirect()
+                    ->route('locations.index')
+                    ->with('success', trans_choice('general.bulk.delete.success', $success_count,
+                        ['object_type' => trans_choice('general.location_plural', $success_count), 'count' => $success_count]
+                    ));
+            }
+
+            // Partial success
+            if ($error_count > 0) {
+                return redirect()
+                    ->route('locations.index')
+                    ->with('warning', trans('general.bulk.delete.partial',
+                        ['success' => $success_count, 'error' => $error_count, 'object_type' => trans('general.locations')]
+                    ));
+                }
+            }
+
+
+        // Nothing was selected - return to the index
+        return redirect()
+            ->route('locations.index')
+            ->with('error', trans('general.bulk.nothing_selected',
+                ['object_type' => trans('general.locations')]
+            ));

    }
 }
@@ -295,9 +295,9 @@ class ReportsController extends Controller
                        $actionlog->present()->actionType(),
                        e($actionlog->itemType()),
                        ($actionlog->itemType() == 'user') ? $actionlog->filename : $item_name,
-                        ($actionlog->item->serial) ? $actionlog->item->serial : null,
-                        ($actionlog->item->model) ? htmlspecialchars($actionlog->item->model->name, ENT_NOQUOTES) : null,
-                        ($actionlog->item->model) ? $actionlog->item->model->model_number : null,
+                        ($actionlog->item) ? $actionlog->item->serial : null,
+                        (($actionlog->item) && ($actionlog->item->model)) ? htmlspecialchars($actionlog->item->model->name, ENT_NOQUOTES) : null,
+                        (($actionlog->item) && ($actionlog->item->model))  ? $actionlog->item->model->model_number : null,
                        $target_name,
                        ($actionlog->note) ? e($actionlog->note) : '',
                        $actionlog->log_meta,
@@ -616,7 +616,7 @@ class ReportsController extends Controller
            }

            if ($request->filled('url')) {
-                $header[] = trans('admin/manufacturers/table.url');
+                $header[] = trans('general.url');
            }


@@ -686,20 +686,27 @@ class ReportsController extends Controller

                $assets->whereBetween('assets.created_at', [$created_start, $created_end]);
            }
+
            if (($request->filled('checkout_date_start')) && ($request->filled('checkout_date_end'))) {
                $checkout_start = \Carbon::parse($request->input('checkout_date_start'))->startOfDay();
-                $checkout_end = \Carbon::parse($request->input('checkout_date_end'))->endOfDay();
+                $checkout_end = \Carbon::parse($request->input('checkout_date_end',now()))->endOfDay();

-                $assets->whereBetween('assets.last_checkout', [$checkout_start, $checkout_end]);
+                $actionlogassets = Actionlog::where('action_type','=', 'checkout')
+                                              ->where('item_type', 'LIKE', '%Asset%',)
+                                              ->whereBetween('action_date',[$checkout_start, $checkout_end])
+                                                  ->pluck('item_id');
+
+                $assets->whereIn('id',$actionlogassets);
            }

            if (($request->filled('checkin_date_start'))) {
-                    $assets->whereBetween('last_checkin', [
-                        Carbon::parse($request->input('checkin_date_start'))->startOfDay(),
+                $checkin_start = \Carbon::parse($request->input('checkin_date_start'))->startOfDay();
                        // use today's date is `checkin_date_end` is not provided
-                        Carbon::parse($request->input('checkin_date_end', now()))->endOfDay(),
-                    ]);
+                $checkin_end = \Carbon::parse($request->input('checkin_date_end', now()))->endOfDay();
+
+                $assets->whereBetween('assets.last_checkin', [$checkin_start, $checkin_end ]);
            }
+            //last checkin is exporting, but currently is a date and not a datetime in the custom report ONLY.

            if (($request->filled('expected_checkin_start')) && ($request->filled('expected_checkin_end'))) {
                    $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
@@ -1156,16 +1163,24 @@ class ReportsController extends Controller
            $logItem = $logItem_res[0];
        }

-        if (!$assetItem->assignedTo->locale){
-            Notification::locale(Setting::getSettings()->locale)->send(
-                $assetItem->assignedTo,
-                new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
-            );
-        } else {
-            Notification::send(
-                $assetItem->assignedTo,
-                new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
-            );
+        // Only send notification if assigned
+        if ($assetItem->assignedTo) {
+
+            if (!$assetItem->assignedTo->locale) {
+                Notification::locale(Setting::getSettings()->locale)->send(
+                    $assetItem->assignedTo,
+                    new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
+                );
+            } else {
+                Notification::send(
+                    $assetItem->assignedTo,
+                    new CheckoutAssetNotification($assetItem, $assetItem->assignedTo, $logItem->user, $acceptance, $logItem->note)
+                );
+            }
+        }
+
+        if ($assetItem->assignedTo->email == ''){
+            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.no_email'));
        }

        return redirect()->route('reports/unaccepted_assets')->with('success', trans('admin/reports/general.reminder_sent'));
@@ -20,6 +20,7 @@ use DB;
 use enshrined\svgSanitize\Sanitizer;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Validation\Rule;
 use Image;
 use Input;
 use Redirect;
@@ -28,6 +29,7 @@ use App\Http\Requests\SlackSettingsRequest;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\Validator;
+use Carbon\Carbon;

 /**
 * This controller handles all actions related to Settings for
@@ -356,6 +358,7 @@ class SettingsController extends Controller
        }

        $setting->default_eula_text = $request->input('default_eula_text');
+        $setting->load_remote = $request->input('load_remote', 0);
        $setting->thumbnail_max_h = $request->input('thumbnail_max_h');
        $setting->privacy_policy_link = $request->input('privacy_policy_link');

@@ -420,68 +423,46 @@ class SettingsController extends Controller

        // Only allow the site name and CSS to be changed if lock_passwords is false
        // Because public demos make people act like dicks
+
        if (! config('app.lock_passwords')) {
            $setting->site_name = $request->input('site_name');
            $setting->custom_css = $request->input('custom_css');
-        }
+            $setting = $request->handleImages($setting, 600, 'logo', '', 'logo');

-        $setting = $request->handleImages($setting, 600, 'logo', '', 'logo');
-
-        if ('1' == $request->input('clear_logo')) {
+            if ('1' == $request->input('clear_logo')) {
                Storage::disk('public')->delete($setting->logo);
-            $setting->logo = null;
+                $setting->logo = null;
                $setting->brand = 1;
-        }
-
-
-        $setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');
-
-
-       if ('1' == $request->input('clear_email_logo')) {
-            Storage::disk('public')->delete($setting->email_logo);
-            $setting->email_logo = null;
-            // If they are uploading an image, validate it and upload it
-        }
-
-
-        $setting = $request->handleImages($setting, 600, 'label_logo', '', 'label_logo');
-
-
-        if ('1' == $request->input('clear_label_logo')) {
-            Storage::disk('public')->delete($setting->label_logo);
-            $setting->label_logo = null;
-        }
-
-
-        // If the user wants to clear the favicon...
-         if ($request->hasFile('favicon')) {
-            $favicon_image = $favicon_upload = $request->file('favicon');
-            $favicon_ext = $favicon_image->getClientOriginalExtension();
-            $setting->favicon = $favicon_file_name = 'favicon-uploaded.'.$favicon_ext;
-
-            if (($favicon_image->getClientOriginalExtension() != 'ico') && ($favicon_image->getClientOriginalExtension() != 'svg')) {
-                $favicon_upload = Image::make($favicon_image->getRealPath())->resize(null, 36, function ($constraint) {
-                    $constraint->aspectRatio();
-                    $constraint->upsize();
-                });
-
-                // This requires a string instead of an object, so we use ($string)
-                Storage::disk('public')->put($favicon_file_name, (string) $favicon_upload->encode());
-            } else {
-                Storage::disk('public')->put($favicon_file_name, file_get_contents($request->file('favicon')));
            }


-            // Remove Current image if exists
-            if (($setting->favicon) && (file_exists($favicon_file_name))) {
-                Storage::disk('public')->delete($favicon_file_name);
-            }
-        } elseif ('1' == $request->input('clear_favicon')) {
-             Storage::disk('public')->delete($setting->clear_favicon);
-            $setting->favicon = null;
+            $setting = $request->handleImages($setting, 600, 'email_logo', '', 'email_logo');

-             // If they are uploading an image, validate it and upload it
-         }
+
+            if ('1' == $request->input('clear_email_logo')) {
+                Storage::disk('public')->delete($setting->email_logo);
+                $setting->email_logo = null;
+                // If they are uploading an image, validate it and upload it
+            }
+
+
+            $setting = $request->handleImages($setting, 600, 'label_logo', '', 'label_logo');
+
+            if ('1' == $request->input('clear_label_logo')) {
+                Storage::disk('public')->delete($setting->label_logo);
+                $setting->label_logo = null;
+            }
+
+
+            $setting = $request->handleImages($setting, 600, 'favicon', '', 'favicon');
+
+            // If the user wants to clear the favicon...
+            if ('1' == $request->input('clear_favicon')) {
+                Storage::disk('public')->delete($setting->favicon);
+                $setting->favicon = null;
+            }
+
+        }

        if ($setting->save()) {
            return redirect()->route('settings.index')
@@ -519,6 +500,19 @@ class SettingsController extends Controller
     */
    public function postSecurity(Request $request)
    {
+        $this->validate($request, [
+            'pwd_secure_complexity' => 'array',
+            'pwd_secure_complexity.*' => [
+                Rule::in([
+                    'disallow_same_pwd_as_user_fields',
+                    'letters',
+                    'numbers',
+                    'symbols',
+                    'case_diff',
+                ])
+            ]
+        ]);
+
        if (is_null($setting = Setting::getSettings())) {
            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
        }
@@ -635,21 +629,21 @@ class SettingsController extends Controller
        // Check if the audit interval has changed - if it has, we want to update ALL of the assets audit dates
        if ($request->input('audit_interval') != $setting->audit_interval) {

-            // Be careful - this could be a negative number
+            // This could be a negative number if the user is trying to set the audit interval to a lower number than it was before
            $audit_diff_months = ((int)$request->input('audit_interval') - (int)($setting->audit_interval));
+
+            // Batch update the dates. We have to use this method to avoid time limit exceeded errors on very large datasets,
+            // but it DOES mean this change doesn't get logged in the action logs, since it skips the observer.
+            // @see https://stackoverflow.com/questions/54879160/laravel-observer-not-working-on-bulk-insert
+            $affected = Asset::whereNotNull('next_audit_date')
+                ->whereNull('deleted_at')
+                ->update(
+                    ['next_audit_date' => DB::raw('DATE_ADD(next_audit_date, INTERVAL '.$audit_diff_months.' MONTH)')]
+            );
+
+            \Log::debug($affected .' assets affected by audit interval update');
+
            
-            // Grab all of the assets that have an existing next_audit_date
-            $assets = Asset::whereNotNull('next_audit_date')->get();
-
-            // Update all of the assets' next_audit_date values
-            foreach ($assets as $asset) {
-
-                if ($asset->next_audit_date != '') {
-                    $old_next_audit = new \DateTime($asset->next_audit_date);
-                    $asset->next_audit_date = $old_next_audit->modify($audit_diff_months.' month')->format('Y-m-d');
-                    $asset->forceSave();
-                }
-            }
        }

        $alert_email = rtrim($request->input('alert_email'), ',');
@@ -4,14 +4,13 @@ namespace App\Http\Controllers\Users;

 use App\Helpers\StorageHelper;
 use App\Http\Controllers\Controller;
-use App\Http\Requests\AssetFileRequest;
+use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Response;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use enshrined\svgSanitize\Sanitizer;
 use Illuminate\Support\Facades\Storage;

 class UserFilesController extends Controller
@@ -19,14 +18,14 @@ class UserFilesController extends Controller
    /**
     * Return JSON response with a list of user details for the getIndex() view.
     *
-     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @since [v1.6]
-     * @param AssetFileRequest $request
+     * @param UploadFileRequest $request
     * @param int $userId
     * @return string JSON
     * @throws \Illuminate\Auth\Access\AuthorizationException
+     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @since [v1.6]
     */
-    public function store(AssetFileRequest $request, $userId = null)
+    public function store(UploadFileRequest $request, $userId = null)
    {
        $user = User::find($userId);
        $destinationPath = config('app.private_uploads').'/users';
@@ -41,31 +40,7 @@ class UserFilesController extends Controller
                return redirect()->back()->with('error', trans('admin/users/message.upload.nofiles'));
            }
            foreach ($files as $file) {
-                
-                $extension = $file->getClientOriginalExtension();
-                $file_name = 'user-'.$user->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension;
-
-
-                    // Check for SVG and sanitize it
-                    if ($extension == 'svg') {
-                        \Log::debug('This is an SVG');
-                        \Log::debug($file_name);
-
-                            $sanitizer = new Sanitizer();
-
-                            $dirtySVG = file_get_contents($file->getRealPath());
-                            $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                            try {
-                                Storage::put('private_uploads/users/'.$file_name, $cleanSVG);
-                            } catch (\Exception $e) {
-                                \Log::debug('Upload no workie :( ');
-                                \Log::debug($e);
-                            }
-
-                    } else {
-                        Storage::put('private_uploads/users/'.$file_name, file_get_contents($file));
-                }
+                $file_name = $request->handleFile('private_uploads/users/', 'user-'.$user->id, $file);

                //Log the uploaded file to the log
                $logAction = new Actionlog();
@@ -59,12 +59,21 @@ class Importer extends Component
        'field_map' => 'array'
    ];

+    /**
+     * This is used in resources/views/livewire/importer.blade.php, and we kinda shouldn't need to check for
+     * activeFile here, but there's some UI goofiness that allows this to crash out on some imports.
+     *
+     * @return string
+     */
    public function generate_field_map()
    {
-        \Log::debug("header row is: ".print_r($this->activeFile->header_row,true));
-        \Log::debug("Field map is: ".print_r($this->field_map,true));
-        $tmp = array_combine($this->activeFile->header_row, $this->field_map);
-        return json_encode(array_filter($tmp));
+        $tmp = array();
+        if ($this->activeFile) {
+            $tmp = array_combine($this->activeFile->header_row, $this->field_map);
+            $tmp = array_filter($tmp);
+        }
+        return json_encode($tmp);
+
    }


@@ -31,29 +31,37 @@ class SlackSettingsForm extends Component
        'webhook_channel'                       => 'required_with:webhook_endpoint|starts_with:#|nullable',
        'webhook_botname'                       => 'string|nullable',
    ];
-    public $messages = [
-        'webhook_endpoint.starts_with'          => 'your webhook endpoint should begin with http://, https:// or other protocol.',
-    ];
+    

    public function mount() {
        $this->webhook_text= [
-            "slack" => array(
+             "slack" => array(
                "name" => trans('admin/settings/general.slack') ,
-            "icon" => 'fab fa-slack',
-            "placeholder" => "https://hooks.slack.com/services/XXXXXXXXXXXXXXXXXXXXX",
-            "link" => 'https://api.slack.com/messaging/webhooks',
+                "icon" => 'fab fa-slack',
+                "placeholder" => "https://hooks.slack.com/services/XXXXXXXXXXXXXXXXXXXXX",
+                "link" => 'https://api.slack.com/messaging/webhooks',
+                "test" => "testWebhook"
        ),
            "general"=> array(
                "name" => trans('admin/settings/general.general_webhook'),
                "icon" => "fab fa-hashtag",
                "placeholder" => trans('general.url'),
                "link" => "",
+                "test" => "testWebhook"
+            ),
+            "google" => array(
+                "name" => trans('admin/settings/general.google_workspaces'),
+                "icon" => "fa-brands fa-google",
+                "placeholder" => "https://chat.googleapis.com/v1/spaces/xxxxxxxx/messages?key=xxxxxx",
+                "link" => "https://developers.google.com/chat/how-tos/webhooks#register_the_incoming_webhook",
+                "test" => "googleWebhookTest"
            ),
            "microsoft" => array(
                "name" => trans('admin/settings/general.ms_teams'),
                "icon" => "fa-brands fa-microsoft",
                "placeholder" => "https://abcd.webhook.office.com/webhookb2/XXXXXXX",
                "link" => "https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=dotnet#create-incoming-webhooks-1",
+                "test" => "msTeamTestWebhook"
            ),
        ];

@@ -64,10 +72,14 @@ class SlackSettingsForm extends Component
        $this->webhook_icon = $this->webhook_text[$this->setting->webhook_selected]["icon"];
        $this->webhook_placeholder = $this->webhook_text[$this->setting->webhook_selected]["placeholder"];
        $this->webhook_link = $this->webhook_text[$this->setting->webhook_selected]["link"];
+        $this->webhook_test = $this->webhook_text[$this->setting->webhook_selected]["test"];
        $this->webhook_endpoint = $this->setting->webhook_endpoint;
        $this->webhook_channel = $this->setting->webhook_channel;
        $this->webhook_botname = $this->setting->webhook_botname;
        $this->webhook_options = $this->setting->webhook_selected;
+        if($this->webhook_selected == 'microsoft' || $this->webhook_selected == 'google'){
+            $this->webhook_channel = '#NA';
+        }


        if($this->setting->webhook_endpoint != null && $this->setting->webhook_channel != null){
@@ -87,10 +99,14 @@ class SlackSettingsForm extends Component
        $this->webhook_placeholder = $this->webhook_text[$this->webhook_selected]["placeholder"];
        $this->webhook_endpoint = null;
        $this->webhook_link = $this->webhook_text[$this->webhook_selected]["link"];
+        $this->webhook_test = $this->webhook_text[$this->webhook_selected]["test"];
        if($this->webhook_selected != 'slack'){
            $this->isDisabled= '';
            $this->save_button = trans('general.save');
        }
+        if($this->webhook_selected == 'microsoft' || $this->webhook_selected == 'google'){
+            $this->webhook_channel = '#NA';
+        }

    }

@@ -151,6 +167,7 @@ class SlackSettingsForm extends Component

    }

+
    public function clearSettings(){

        if (Helper::isDemoMode()) {
@@ -187,7 +204,35 @@ class SlackSettingsForm extends Component
        }

    }
-     public function msTeamTestWebhook(){
+    public function googleWebhookTest(){
+
+        $payload = [
+            "text" => trans('general.webhook_test_msg', ['app' => $this->webhook_name]),
+        ];
+
+        try {
+            $response = Http::withHeaders([
+                'content-type' => 'applications/json',
+            ])->post($this->webhook_endpoint,
+                $payload)->throw();
+
+
+            if (($response->getStatusCode() == 302) || ($response->getStatusCode() == 301)) {
+                return session()->flash('error', trans('admin/settings/message.webhook.error_redirect', ['endpoint' => $this->webhook_endpoint]));
+            }
+
+            $this->isDisabled='';
+            $this->save_button = trans('general.save');
+            return session()->flash('success' , trans('admin/settings/message.webhook.success', ['webhook_name' => $this->webhook_name]));
+
+        } catch (\Exception $e) {
+
+            $this->isDisabled='disabled';
+            $this->save_button = trans('admin/settings/general.webhook_presave');
+            return session()->flash('error' , trans('admin/settings/message.webhook.error', ['error_message' => $e->getMessage(), 'app' => $this->webhook_name]));
+        }
+    }
+    public function msTeamTestWebhook(){

     $payload =
        [
@@ -8,6 +8,12 @@ use \App\Helpers\Helper;

 class CheckLocale
 {
+    private function warn_legacy_locale($language, $source)
+    {
+        if ($language != Helper::mapLegacyLocale($language)) {
+            \Log::warning("$source $language and should be updated to be ".Helper::mapLegacyLocale($language));
+        }
+    }
    /**
     * Handle the locale for the user, default to settings otherwise.
     *
@@ -22,24 +28,23 @@ class CheckLocale

        // Default app settings from config
        $language = config('app.locale');
+        $this->warn_legacy_locale($language, "APP_LOCALE in .env is set to");

        if ($settings = Setting::getSettings()) {

            // User's preference
            if (($request->user()) && ($request->user()->locale)) {
                $language = $request->user()->locale;
+                $this->warn_legacy_locale($language, "username ".$request->user()->username." (".$request->user()->id.") has a language");

            // App setting preference
            } elseif ($settings->locale != '') {
                $language = $settings->locale;
+                $this->warn_legacy_locale($language, "App Settings is set to");
            }

        }
-
-        if (config('app.locale') != Helper::mapLegacyLocale($language)) {
-           \Log::warning('Your current APP_LOCALE in your .env is set to "'.config('app.locale').'" and should be updated to be "'.Helper::mapLegacyLocale($language).'" in '.base_path().'/.env. Translations may display unexpectedly until this is updated.');
-        }
-
+        
        \App::setLocale(Helper::mapLegacyLocale($language));
        return $next($request);
    }
@@ -1,30 +0,0 @@
-<?php
-
-namespace App\Http\Requests;
-
-class AssetFileRequest extends Request
-{
-    /**
-     * Determine if the user is authorized to make this request.
-     *
-     * @return bool
-     */
-    public function authorize()
-    {
-        return true;
-    }
-
-    /**
-     * Get the validation rules that apply to the request.
-     *
-     * @return array
-     */
-    public function rules()
-    {
-        $max_file_size = \App\Helpers\Helper::file_upload_max_size();
-
-        return [
-          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf,json,webp|max:'.$max_file_size,
-        ];
-    }
-}
@@ -34,8 +34,8 @@ class ImageUploadRequest extends Request
    {
       
            return [
-                'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
-                'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
+                'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp,avif',
+                'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp,avif',
            ];
    }

@@ -97,22 +97,36 @@ class ImageUploadRequest extends Request

            if (!config('app.lock_passwords')) {

-                $ext = $image->getClientOriginalExtension();
+                $ext = $image->guessExtension();
                $file_name = $type.'-'.$form_fieldname.'-'.$item->id.'-'.str_random(10).'.'.$ext;

                \Log::info('File name will be: '.$file_name);
                \Log::debug('File extension is: '.$ext);

-                if (($image->getClientOriginalExtension() !== 'webp') && ($image->getClientOriginalExtension() !== 'svg')) {
+                if (($image->getMimeType() == 'image/avif') || ($image->getMimeType() == 'image/webp')) {
+                    // If the file is a webp or avif, we need to just move it since webp support
+                    // needs to be compiled into gd for resizing to be available
+                    Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));

-                    \Log::debug('Not an SVG or webp - resize');
-                    \Log::debug('Trying to upload to: '.$path.'/'.$file_name);
+                } elseif($image->getMimeType() == 'image/svg+xml') {
+                    // If the file is an SVG, we need to clean it and NOT encode it
+                    $sanitizer = new Sanitizer();
+                    $dirtySVG = file_get_contents($image->getRealPath());
+                    $cleanSVG = $sanitizer->sanitize($dirtySVG);

                    try {
-                        $upload = Image::make($image->getRealPath())->resize(null, $w, function ($constraint) {
+                        Storage::disk('public')->put($path . '/' . $file_name, $cleanSVG);
+                    } catch (\Exception $e) {
+                        \Log::debug($e);
+                    }
+                } else {
+
+                    try {
+                        $upload = Image::make($image->getRealPath())->setFileInfoFromPath($image->getRealPath())->resize(null, $w, function ($constraint) {
                            $constraint->aspectRatio();
                            $constraint->upsize();
-                        });
+                        })->orientate();
+
                    } catch(NotReadableException $e) {
                        \Log::debug($e);
                        $validator = \Validator::make([], []);
@@ -124,35 +138,12 @@ class ImageUploadRequest extends Request
                    // This requires a string instead of an object, so we use ($string)
                    Storage::disk('public')->put($path.'/'.$file_name, (string) $upload->encode());

-                } else {
-                    // If the file is a webp, we need to just move it since webp support
-                    // needs to be compiled into gd for resizing to be available
-                    if ($image->getClientOriginalExtension() == 'webp') {
-                        \Log::debug('This is a webp, just move it');
-                        Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));
-                    // If the file is an SVG, we need to clean it and NOT encode it
-                    } else {
-                        \Log::debug('This is an SVG');
-                        $sanitizer = new Sanitizer();
-                        $dirtySVG = file_get_contents($image->getRealPath());
-                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
-
-                        try {
-                            \Log::debug('Trying to upload to: '.$path.'/'.$file_name);
-                            Storage::disk('public')->put($path.'/'.$file_name, $cleanSVG);
-                        } catch (\Exception $e) {
-                            \Log::debug('Upload no workie :( ');
-                            \Log::debug($e);
-                        }
-                    }
                }

                 // Remove Current image if exists
                if (($item->{$form_fieldname}!='') && (Storage::disk('public')->exists($path.'/'.$item->{$db_fieldname}))) {
-                    \Log::debug('A file already exists that we are replacing - we should delete the old one.');
                    try {
                         Storage::disk('public')->delete($path.'/'.$item->{$form_fieldname});
-                         \Log::debug('Old file '.$path.'/'.$file_name.' has been deleted.');
                    } catch (\Exception $e) {
                        \Log::debug('Could not delete old file. '.$path.'/'.$file_name.' does not exist?');
                    }
@@ -4,6 +4,8 @@ namespace App\Http\Requests;

 use App\Models\Asset;
 use App\Models\Company;
+use Carbon\Carbon;
+use Carbon\Exceptions\InvalidFormatException;
 use Illuminate\Support\Facades\Gate;

 class StoreAssetRequest extends ImageUploadRequest
@@ -27,6 +29,8 @@ class StoreAssetRequest extends ImageUploadRequest
            ? Company::getIdForCurrentUser($this->company_id)
            : $this->company_id;

+        $this->parseLastAuditDate();
+
        $this->merge([
            'asset_tag' => $this->asset_tag ?? Asset::autoincrement_asset(),
            'company_id' => $idForCurrentUser,
@@ -48,4 +52,21 @@ class StoreAssetRequest extends ImageUploadRequest

        return $rules;
    }
+
+    private function parseLastAuditDate(): void
+    {
+        if ($this->input('last_audit_date')) {
+            try {
+                $lastAuditDate = Carbon::parse($this->input('last_audit_date'));
+
+                $this->merge([
+                    'last_audit_date' => $lastAuditDate->startOfDay()->format('Y-m-d H:i:s'),
+                ]);
+            } catch (InvalidFormatException $e) {
+                // we don't need to do anything here...
+                // we'll keep the provided date in an
+                // invalid format so validation picks it up later
+            }
+        }
+    }
 }
@@ -0,0 +1,70 @@
+<?php
+
+namespace App\Http\Requests;
+
+use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Support\Facades\Storage;
+
+class UploadFileRequest extends Request
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        $max_file_size = \App\Helpers\Helper::file_upload_max_size();
+
+        return [
+          'file.*' => 'required|mimes:png,gif,jpg,svg,jpeg,doc,docx,pdf,txt,zip,rar,xls,xlsx,lic,xml,rtf,json,webp,avif|max:'.$max_file_size,
+        ];
+    }
+
+    /**
+     * Sanitizes (if needed) and Saves a file to the appropriate location
+     * Returns the 'short' (storage-relative) filename
+     *
+     * TODO - this has a lot of similarities to UploadImageRequest's handleImage; is there
+     *        a way to merge them or extend one into the other?
+     */
+    public function handleFile(string $dirname, string $name_prefix, $file): string
+    {
+        $extension = $file->getClientOriginalExtension();
+        $file_name = $name_prefix.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$file->guessExtension();
+
+
+        \Log::debug("Your filetype IS: ".$file->getMimeType());
+        // Check for SVG and sanitize it
+        if ($file->getMimeType() === 'image/svg+xml') {
+            \Log::debug('This is an SVG');
+            \Log::debug($file_name);
+
+            $sanitizer = new Sanitizer();
+            $dirtySVG = file_get_contents($file->getRealPath());
+            $cleanSVG = $sanitizer->sanitize($dirtySVG);
+
+            try {
+                Storage::put($dirname.$file_name, $cleanSVG);
+            } catch (\Exception $e) {
+                \Log::debug('Upload no workie :( ');
+                \Log::debug($e);
+            }
+
+        } else {
+            $put_results = Storage::put($dirname.$file_name, file_get_contents($file));
+            \Log::debug("Here are the '$put_results' (should be 0 or 1 or true or false or something?)");
+        }
+        return $file_name;
+    }
+}
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Traits;
+
+use App\Models\Asset;
+
+trait MigratesLegacyAssetLocations
+{
+    /**
+     * This is just meant to correct legacy issues where some user data would have 0
+     * as a location ID, which isn't valid. Later versions of Snipe-IT have stricter validation
+     * rules, so it's necessary to fix this for long-time users. It's kinda gross, but will help
+     * people (and their data) in the long run
+     * @param Asset $asset
+     * @return void
+     */
+    private function migrateLegacyLocations(Asset $asset): void
+    {
+        if ($asset->rtd_location_id == '0') {
+            \Log::debug('Manually override the RTD location IDs');
+            \Log::debug('Original RTD Location ID: ' . $asset->rtd_location_id);
+            $asset->rtd_location_id = '';
+            \Log::debug('New RTD Location ID: ' . $asset->rtd_location_id);
+        }
+
+        if ($asset->location_id == '0') {
+            \Log::debug('Manually override the location IDs');
+            \Log::debug('Original Location ID: ' . $asset->location_id);
+            $asset->location_id = '';
+            \Log::debug('New Location ID: ' . $asset->location_id);
+        }
+    }
+}
@@ -28,12 +28,20 @@ class AssetMaintenancesTransformer
                'id' => (int) $assetmaintenance->asset->id,
                'name'=> ($assetmaintenance->asset->name) ? e($assetmaintenance->asset->name) : null,
                'asset_tag'=> e($assetmaintenance->asset->asset_tag),
-
+                'serial'=> e($assetmaintenance->asset->serial),
+                'deleted_at'=> e($assetmaintenance->asset->deleted_at),
+                'created_at'=> e($assetmaintenance->asset->created_at),
            ] : null,
            'model' => (($assetmaintenance->asset) && ($assetmaintenance->asset->model)) ? [
                'id' => (int) $assetmaintenance->asset->model->id,
                'name'=> ($assetmaintenance->asset->model->name) ? e($assetmaintenance->asset->model->name).' '.e($assetmaintenance->asset->model->model_number) : null,
            ] : null,
+            'status_label' => ($assetmaintenance->asset->assetstatus) ? [
+                'id' => (int) $assetmaintenance->asset->assetstatus->id,
+                'name'=> e($assetmaintenance->asset->assetstatus->name),
+                'status_type'=> e($assetmaintenance->asset->assetstatus->getStatuslabelType()),
+                'status_meta' => e($assetmaintenance->asset->present()->statusMeta),
+            ] : null,
            'company' => (($assetmaintenance->asset) && ($assetmaintenance->asset->company)) ? [
                'id' => (int) $assetmaintenance->asset->company->id,
                'name'=> ($assetmaintenance->asset->company->name) ? e($assetmaintenance->asset->company->name) : null,
@@ -64,7 +72,7 @@ class AssetMaintenancesTransformer
        ];

        $permissions_array['available_actions'] = [
-            'update' => Gate::allows('update', Asset::class),
+            'update' => (Gate::allows('update', Asset::class) && ($assetmaintenance->asset->deleted_at=='')) ? true : false,
            'delete' => Gate::allows('delete', Asset::class),
        ];

@@ -37,6 +37,7 @@ class AssetsTransformer
                'name'=> e($asset->model->name),
            ] : null,
            'byod' => ($asset->byod ? true : false),
+            'requestable' => ($asset->requestable ? true : false),

            'model_number' => (($asset->model) && ($asset->model->model_number)) ? e($asset->model->model_number) : null,
            'eol' => (($asset->asset_eol_date != '') && ($asset->purchase_date != '')) ? Carbon::parse($asset->asset_eol_date)->diffInMonths($asset->purchase_date).' months' : null,
@@ -87,6 +88,7 @@ class AssetsTransformer
            'purchase_date' => Helper::getFormattedDateObject($asset->purchase_date, 'date'),
            'age' => $asset->purchase_date ? $asset->purchase_date->diffForHumans() : '',
            'last_checkout' => Helper::getFormattedDateObject($asset->last_checkout, 'datetime'),
+            'last_checkin' => Helper::getFormattedDateObject($asset->last_checkin, 'datetime'),
            'expected_checkin' => Helper::getFormattedDateObject($asset->expected_checkin, 'date'),
            'purchase_cost' => Helper::formatCurrencyOutput($asset->purchase_cost),
            'checkin_counter' => (int) $asset->checkin_counter,
@@ -26,6 +26,7 @@ class GroupsTransformer
            'name' => e($group->name),
            'permissions' => json_decode($group->permissions),
            'users_count' => (int) $group->users_count,
+            'created_by' => ($group->admin) ? e($group->admin->present()->fullName) : null,
            'created_at' => Helper::getFormattedDateObject($group->created_at, 'datetime'),
            'updated_at' => Helper::getFormattedDateObject($group->updated_at, 'datetime'),
        ];
@@ -27,8 +27,8 @@ class LicensesTransformer
            'company' => ($license->company) ? ['id' => (int) $license->company->id, 'name'=> e($license->company->name)] : null,
            'manufacturer' =>  ($license->manufacturer) ? ['id' => (int) $license->manufacturer->id, 'name'=> e($license->manufacturer->name)] : null,
            'product_key' => (Gate::allows('viewKeys', License::class)) ? e($license->serial) : '------------',
-            'order_number' => e($license->order_number),
-            'purchase_order' => e($license->purchase_order),
+            'order_number' => ($license->order_number) ? e($license->order_number) : null,
+            'purchase_order' => ($license->purchase_order) ? e($license->purchase_order) : null,
            'purchase_date' => Helper::getFormattedDateObject($license->purchase_date, 'date'),
            'termination_date' => Helper::getFormattedDateObject($license->termination_date, 'date'),
            'depreciation' => ($license->depreciation) ? ['id' => (int) $license->depreciation->id,'name'=> e($license->depreciation->name)] : null,
@@ -38,8 +38,9 @@ class LicensesTransformer
            'expiration_date' => Helper::getFormattedDateObject($license->expiration_date, 'date'),
            'seats' => (int) $license->seats,
            'free_seats_count' => (int) $license->free_seats_count,
-            'license_name' =>  e($license->license_name),
-            'license_email' => e($license->license_email),
+            'min_amt' => ($license->min_amt) ? (int) ($license->min_amt) : null,
+            'license_name' =>  ($license->license_name) ? e($license->license_name) : null,
+            'license_email' => ($license->license_email) ? e($license->license_email) : null,
            'reassignable' => ($license->reassignable == 1) ? true : false,
            'maintained' => ($license->maintained == 1) ? true : false,
            'supplier' =>  ($license->supplier) ? ['id' => (int) $license->supplier->id, 'name'=> e($license->supplier->name)] : null,
@@ -65,6 +65,9 @@ class LocationsTransformer
            $permissions_array['available_actions'] = [
                'update' => Gate::allows('update', Location::class) ? true : false,
                'delete' => $location->isDeletable(),
+                'bulk_selectable' => [
+                    'delete' => $location->isDeletable()
+                ],
                'clone' => (Gate::allows('create', Location::class) && ($location->deleted_at == '')),
            ];

@@ -46,10 +46,9 @@ class AccessoryImporter extends ItemImporter
        $this->item['min_amt'] = $this->findCsvMatch($row, "min_amt");
        $accessory->fill($this->sanitizeItemForStoring($accessory));

-        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
-        // $accessory->unsetEventDispatcher();
+        // This sets an attribute on the Loggable trait for the action log
+        $accessory->setImported(true);
        if ($accessory->save()) {
-            $accessory->logCreate('Imported using CSV Importer');
            $this->log('Accessory '.$this->item['name'].' was created');

            return;
@@ -135,10 +135,10 @@ class AssetImporter extends ItemImporter
                $asset->{$custom_field} = $val;
            }
        }
-       
+        // This sets an attribute on the Loggable trait for the action log
+        $asset->setImported(true);
        if ($asset->save()) {

-            $asset->logCreate(trans('general.importer.import_note'));
            $this->log('Asset '.$this->item['name'].' with serial number '.$this->item['serial'].' was created');

            // If we have a target to checkout to, lets do so.
@@ -48,10 +48,10 @@ class ComponentImporter extends ItemImporter
        $this->log('No matching component, creating one');
        $component = new Component;
        $component->fill($this->sanitizeItemForStoring($component));
-        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
-        $component->unsetEventDispatcher();
+
+        // This sets an attribute on the Loggable trait for the action log
+        $component->setImported(true);
        if ($component->save()) {
-            $component->logCreate('Imported using CSV Importer');
            $this->log('Component '.$this->item['name'].' was created');

            // If we have an asset tag, checkout to that asset.
@@ -45,10 +45,10 @@ class ConsumableImporter extends ItemImporter
        $this->item['item_no'] = trim($this->findCsvMatch($row, 'item_number'));
        $this->item['min_amt'] = trim($this->findCsvMatch($row, "min_amt"));
        $consumable->fill($this->sanitizeItemForStoring($consumable));
-        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
-        $consumable->unsetEventDispatcher();
+
+        // This sets an attribute on the Loggable trait for the action log
+        $consumable->setImported(true);
        if ($consumable->save()) {
-            $consumable->logCreate('Imported using CSV Importer');
            $this->log('Consumable '.$this->item['name'].' was created');

            return;
@@ -85,10 +85,10 @@ class LicenseImporter extends ItemImporter
        } else {
            $license->fill($this->sanitizeItemForStoring($license));
        }
-        //FIXME: this disables model validation.  Need to find a way to avoid double-logs without breaking everything.
-        // $license->unsetEventDispatcher();
+
+        // This sets an attribute on the Loggable trait for the action log
+        $license->setImported(true);
        if ($license->save()) {
-            $license->logCreate('Imported using csv importer');
            $this->log('License '.$this->item['name'].' with serial number '.$this->item['serial'].' was created');

            // Lets try to checkout seats if the fields exist and we have seats.
@@ -60,16 +60,18 @@ class CheckoutableListener
            if ($this->shouldSendWebhookNotification()) {

            //slack doesn't include the url in its messaging format so this is needed to hit the endpoint
-              if(Setting::getSettings()->webhook_selected =='slack') {
+
+              if(Setting::getSettings()->webhook_selected =='slack' || Setting::getSettings()->webhook_selected =='general') {
+

                  Notification::route('slack', Setting::getSettings()->webhook_endpoint)
                      ->notify($this->getCheckoutNotification($event));
              }
            }
        } catch (ClientException $e) {
-            Log::debug("Exception caught during checkout notification: " . $e->getMessage());
+            Log::warning("Exception caught during checkout notification: " . $e->getMessage());
        } catch (Exception $e) {
-            Log::error("Exception caught during checkout notification: " . $e->getMessage());
+            Log::warning("Exception caught during checkout notification: " . $e->getMessage());
        }
    }

@@ -113,7 +115,7 @@ class CheckoutableListener
                );
            }
            //slack doesn't include the url in its messaging format so this is needed to hit the endpoint
-            if(Setting::getSettings()->webhook_selected =='slack') {
+            if(Setting::getSettings()->webhook_selected =='slack' || Setting::getSettings()->webhook_selected =='general') {

                if ($this->shouldSendWebhookNotification()) {
                    Notification::route('slack', Setting::getSettings()->webhook_endpoint)
@@ -122,9 +124,9 @@ class CheckoutableListener
            }

        } catch (ClientException $e) {
-            Log::debug("Exception caught during checkout notification: " . $e->getMessage());
+            Log::warning("Exception caught during checkout notification: " . $e->getMessage());
        } catch (Exception $e) {
-            Log::error("Exception caught during checkin notification: " . $e->getMessage());
+            Log::warning("Exception caught during checkin notification: " . $e->getMessage());
        }
    }      

@@ -305,7 +305,7 @@ class Accessory extends SnipeModel
     */
    public function requireAcceptance()
    {
-        return $this->category->require_acceptance;
+        return $this->category->require_acceptance ?? false;
    }

    /**
@@ -19,6 +19,9 @@ class Actionlog extends SnipeModel
 {
    use HasFactory;

+    // This is to manually set the source (via setActionSource()) for determineActionSource()
+    protected ?string $source = null;
+
    protected $presenter = \App\Presenters\ActionlogPresenter::class;
    use SoftDeletes;
    use Presentable;
@@ -341,7 +344,12 @@ class Actionlog extends SnipeModel
     * @since v6.3.0
     * @return string
     */
-    public function determineActionSource() {
+    public function determineActionSource(): string
+    {
+        // This is a manually set source
+        if($this->source) {
+            return $this->source;
+        }

        // This is an API call
        if (((request()->header('content-type') && (request()->header('accept'))=='application/json'))
@@ -358,4 +366,10 @@ class Actionlog extends SnipeModel
        return 'cli/unknown';

    }
+
+    // Manually sets $this->source for determineActionSource()
+    public function setActionSource($source = null): void
+    {
+        $this->source = $source;
+    }
 }
@@ -96,7 +96,10 @@ class Asset extends Depreciable
        'company_id'       => 'nullable|integer|exists:companies,id',
        'warranty_months'  => 'nullable|numeric|digits_between:0,240',
        'last_checkout'    => 'nullable|date_format:Y-m-d H:i:s',
+        'last_checkin'     => 'nullable|date_format:Y-m-d H:i:s',
        'expected_checkin' => 'nullable|date',
+        'last_audit_date'  => 'nullable|date_format:Y-m-d H:i:s',
+        'next_audit_date'  => 'nullable|date|after:last_audit_date',
        'location_id'      => 'nullable|exists:locations,id',
        'rtd_location_id'  => 'nullable|exists:locations,id',
        'purchase_date'    => 'nullable|date|date_format:Y-m-d',
@@ -167,6 +170,8 @@ class Asset extends Depreciable
      'expected_checkin', 
      'next_audit_date', 
      'last_audit_date',
+      'last_checkin',
+      'last_checkout',
      'asset_eol_date',
    ];

@@ -1560,7 +1565,7 @@ class Asset extends Depreciable
             *
             * In short, this set of statements tells the query builder to ONLY query against an
             * actual field that's being passed if it doesn't meet known relational fields. This
-             * allows us to query custom fields directly in the assetsv table
+             * allows us to query custom fields directly in the assets table
             * (regardless of their name) and *skip* any fields that we already know can only be
             * searched through relational searches that we do earlier in this method.
             *
@@ -62,7 +62,15 @@ class AssetMaintenance extends Model implements ICompanyableChild
     *
     * @var array
     */
-    protected $searchableAttributes = ['title', 'notes', 'asset_maintenance_type', 'cost', 'start_date', 'completion_date'];
+    protected $searchableAttributes =
+        [
+            'title',
+            'notes',
+            'asset_maintenance_type',
+            'cost',
+            'start_date',
+            'completion_date'
+        ];

    /**
     * The relations and their attributes that should be included when searching the model.
@@ -70,9 +78,10 @@ class AssetMaintenance extends Model implements ICompanyableChild
     * @var array
     */
    protected $searchableRelations = [
-        'asset'     => ['name', 'asset_tag'],
+        'asset'     => ['name', 'asset_tag', 'serial'],
        'asset.model'     => ['name', 'model_number'],
        'asset.supplier' => ['name'],
+        'asset.assetstatus' => ['name'],
        'supplier' => ['name'],
    ];

@@ -197,6 +206,7 @@ class AssetMaintenance extends Model implements ICompanyableChild
            ->orderBy('suppliers_maintenances.name', $order);
    }

+
    /**
     * Query builder scope to order on admin user
     *
@@ -239,4 +249,33 @@ class AssetMaintenance extends Model implements ICompanyableChild
        return $query->leftJoin('assets', 'asset_maintenances.asset_id', '=', 'assets.id')
            ->orderBy('assets.name', $order);
    }
+
+    /**
+     * Query builder scope to order on serial
+     *
+     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  string                              $order       Order
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderByAssetSerial($query, $order)
+    {
+        return $query->leftJoin('assets', 'asset_maintenances.asset_id', '=', 'assets.id')
+            ->orderBy('assets.serial', $order);
+    }
+
+    /**
+     * Query builder scope to order on status label name
+     *
+     * @param  \Illuminate\Database\Query\Builder  $query  Query builder instance
+     * @param  text                              $order         Order
+     *
+     * @return \Illuminate\Database\Query\Builder          Modified query builder
+     */
+    public function scopeOrderStatusName($query, $order)
+    {
+        return $query->join('assets as maintained_asset', 'asset_maintenances.asset_id', '=', 'maintained_asset.id')
+            ->leftjoin('status_labels as maintained_asset_status', 'maintained_asset_status.id', '=', 'maintained_asset.status_id')
+            ->orderBy('maintained_asset_status.name', $order);
+    }
 }
@@ -113,6 +113,14 @@ final class Company extends SnipeModel
        }
    }

+    /**
+     * Get the company id for the current user taking into
+     * account the full multiple company support setting
+     * and if the current user is a super user.
+     *
+     * @param $unescaped_input
+     * @return int|mixed|string|null
+     */
    public static function getIdForCurrentUser($unescaped_input)
    {
        if (! static::isFullMultipleCompanySupportEnabled()) {
@@ -5,6 +5,8 @@ namespace App\Models;
 use Gate;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Validation\Rule;
 use Watson\Validating\ValidatingTrait;

 class CustomFieldset extends Model
@@ -92,8 +94,19 @@ class CustomFieldset extends Model

            array_push($rule, $field->attributes['format']);
            $rules[$field->db_column_name()] = $rule;
-            //add not_array to rules for all fields
-            $rules[$field->db_column_name()][] = 'not_array';
+
+            // add not_array to rules for all fields but checkboxes
+            if ($field->element != 'checkbox') {
+                $rules[$field->db_column_name()][] = 'not_array';
+            }
+
+            if ($field->element == 'checkbox') {
+                $rules[$field->db_column_name()][] = 'checkboxes';
+            }
+
+            if ($field->element == 'radio') {
+                $rules[$field->db_column_name()][] = 'radio_buttons';
+            }
        }

        return $rules;
@@ -58,6 +58,18 @@ class Group extends SnipeModel
        return $this->belongsToMany(\App\Models\User::class, 'users_groups');
    }

+    /**
+     * Get the user that created the group
+     *
+     * @author A. Gianotto <snipe@snipe.net>
+     * @since [v6.3.0]
+     * @return \Illuminate\Database\Eloquent\Relations\Relation
+     */
+    public function admin()
+    {
+        return $this->belongsTo(\App\Models\User::class, 'created_by');
+    }
+
    /**
     * Decode JSON permissions into array
     *
@@ -160,75 +160,27 @@ class DefaultLabel extends RectangleSheet
            $textY += $this->textSize + self::TEXT_MARGIN;
        }

-        // Fields
+        // Render the selected fields with their labels
        $fieldsDone = 0;
-        if ($settings->labels_display_name && $fieldsDone < $this->getSupportFields()) {
-            if ($asset->name) {
-                static::writeText(
-                    $pdf, 'N: '.$asset->name,
-                    $textX1, $textY,
-                    'freesans', '', $this->textSize, 'L',
-                    $textW, $this->textSize,
-                    true, 0
-                );
-                $textY += $this->textSize + self::TEXT_MARGIN;
-                $fieldsDone++;
-            }
-        }
-        if ($settings->labels_display_company_name && $fieldsDone < $this->getSupportFields()) {
-            if ($asset->company) {
-                static::writeText(
-                    $pdf, 'C: '.$asset->company->name,
-                    $textX1, $textY,
-                    'freesans', '', $this->textSize, 'L',
-                    $textW, $this->textSize,
-                    true, 0
-                );
-                $textY += $this->textSize + self::TEXT_MARGIN;
-                $fieldsDone++;
-            }
-        }
-        if ($settings->labels_display_tag && $fieldsDone < $this->getSupportFields()) {
-            if ($asset->asset_tag) {
-                static::writeText(
-                    $pdf, 'T: '.$asset->asset_tag,
-                    $textX1, $textY,
-                    'freesans', '', $this->textSize, 'L',
-                    $textW, $this->textSize,
-                    true, 0
-                );
-                $textY += $this->textSize + self::TEXT_MARGIN;
-                $fieldsDone++;
-            }
-        }
-        if ($settings->labels_display_serial && $fieldsDone < $this->getSupportFields()) {
-            if ($asset->serial) {
-                static::writeText(
-                    $pdf, 'S: '.$asset->serial,
-                    $textX1, $textY,
-                    'freesans', '', $this->textSize, 'L',
-                    $textW, $this->textSize,
-                    true, 0
-                );
-                $textY += $this->textSize + self::TEXT_MARGIN;
-                $fieldsDone++;
-            }
-        }
-        if ($settings->labels_display_model && $fieldsDone < $this->getSupportFields()) {
-            if ($asset->model) {
-                static::writeText(
-                    $pdf, 'M: '.$asset->model->name,
-                    $textX1, $textY,
-                    'freesans', '', $this->textSize, 'L',
-                    $textW, $this->textSize,
-                    true, 0
-                );
-                $textY += $this->textSize + self::TEXT_MARGIN;
-                $fieldsDone++;
-            }
-        }
+        if ($fieldsDone < $this->getSupportFields()) {

+            foreach ($record->get('fields') as $field) {
+
+                // Actually write the selected fields and their matching values
+                static::writeText(
+                    $pdf, (($field['label']) ? $field['label'].' ' : '') . $field['value'],
+                    $textX1, $textY,
+                    'freesans', '', $this->textSize, 'L',
+                    $textW, $this->textSize,
+                    true, 0
+                );
+
+                $textY += $this->textSize + self::TEXT_MARGIN;
+                $fieldsDone++;
+            }
+        }
    }
+
 }

 ?>
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Models\Labels\Tapes\Dymo;
+
+
+class LabelWriter_1933081 extends LabelWriter
+{
+    private const BARCODE_MARGIN =   1.80;
+    private const TAG_SIZE       =   2.80;
+    private const TITLE_SIZE     =   2.80;
+    private const TITLE_MARGIN   =   0.50;
+    private const LABEL_SIZE     =   2.80;
+    private const LABEL_MARGIN   = - 0.35;
+    private const FIELD_SIZE     =   2.80;
+    private const FIELD_MARGIN   =   0.15;
+
+    public function getUnit()  { return 'mm'; }
+    public function getWidth() { return 89; }
+    public function getHeight() { return 25; }
+    public function getSupportAssetTag()  { return true; }
+    public function getSupport1DBarcode() { return true; }
+    public function getSupport2DBarcode() { return true; }
+    public function getSupportFields()    { return 5; }
+    public function getSupportLogo()      { return false; }
+    public function getSupportTitle()     { return true; }
+
+    public function preparePDF($pdf) {}
+
+    public function write($pdf, $record) {
+        $pa = $this->getPrintableArea();
+
+        $currentX = $pa->x1;
+        $currentY = $pa->y1;
+        $usableWidth = $pa->w;
+
+        $barcodeSize = $pa->h - self::TAG_SIZE;
+
+        if ($record->has('barcode2d')) {
+            static::writeText(
+                $pdf, $record->get('tag'),
+                $pa->x1, $pa->y2 - self::TAG_SIZE,
+                'freesans', 'b', self::TAG_SIZE, 'C',
+                $barcodeSize, self::TAG_SIZE, true, 0
+            );
+            static::write2DBarcode(
+                $pdf, $record->get('barcode2d')->content, $record->get('barcode2d')->type,
+                $currentX, $currentY,
+                $barcodeSize, $barcodeSize
+            );
+            $currentX += $barcodeSize + self::BARCODE_MARGIN;
+            $usableWidth -= $barcodeSize + self::BARCODE_MARGIN;
+        } else {
+            static::writeText(
+                $pdf, $record->get('tag'),
+                $pa->x1, $pa->y2 - self::TAG_SIZE,
+                'freesans', 'b', self::TAG_SIZE, 'R',
+                $usableWidth, self::TAG_SIZE, true, 0
+            );
+        }
+
+        if ($record->has('title')) {
+            static::writeText(
+                $pdf, $record->get('title'),
+                $currentX, $currentY,
+                'freesans', 'b', self::TITLE_SIZE, 'L',
+                $usableWidth, self::TITLE_SIZE, true, 0
+            );
+            $currentY += self::TITLE_SIZE + self::TITLE_MARGIN;
+        }
+
+        foreach ($record->get('fields') as $field) {
+            static::writeText(
+                $pdf, (($field['label']) ? $field['label'].' ' : '') . $field['value'],
+                $currentX, $currentY,
+                'freesans', '', self::FIELD_SIZE, 'L',
+                $usableWidth, self::FIELD_SIZE, true, 0, 0.3
+            );
+            $currentY += self::FIELD_SIZE + self::FIELD_MARGIN;
+        }
+
+        if ($record->has('barcode1d')) {
+            static::write1DBarcode(
+                $pdf, $record->get('barcode1d')->content, $record->get('barcode1d')->type,
+                $currentX, $barcodeSize + self::BARCODE_MARGIN, $usableWidth - self::TAG_SIZE, self::TAG_SIZE
+            );
+        }
+    }
+
+}
@@ -0,0 +1,89 @@
+<?php
+
+namespace App\Models\Labels\Tapes\Dymo;
+
+
+class LabelWriter_2112283 extends LabelWriter
+{
+    private const BARCODE_MARGIN =   1.80;
+    private const TAG_SIZE       =   2.80;
+    private const TITLE_SIZE     =   2.80;
+    private const TITLE_MARGIN   =   0.50;
+    private const LABEL_SIZE     =   2.80;
+    private const LABEL_MARGIN   = - 0.35;
+    private const FIELD_SIZE     =   2.80;
+    private const FIELD_MARGIN   =   0.15;
+
+    public function getUnit()  { return 'mm'; }
+    public function getWidth() { return 54; }
+    public function getHeight() { return 25; }
+    public function getSupportAssetTag()  { return true; }
+    public function getSupport1DBarcode() { return true; }
+    public function getSupport2DBarcode() { return true; }
+    public function getSupportFields()    { return 5; }
+    public function getSupportLogo()      { return false; }
+    public function getSupportTitle()     { return true; }
+
+    public function preparePDF($pdf) {}
+
+    public function write($pdf, $record) {
+        $pa = $this->getPrintableArea();
+
+        $currentX = $pa->x1;
+        $currentY = $pa->y1;
+        $usableWidth = $pa->w;
+
+        $barcodeSize = $pa->h - self::TAG_SIZE;
+
+        if ($record->has('barcode2d')) {
+            static::writeText(
+                $pdf, $record->get('tag'),
+                $pa->x1, $pa->y2 - self::TAG_SIZE,
+                'freesans', 'b', self::TAG_SIZE, 'C',
+                $barcodeSize, self::TAG_SIZE, true, 0
+            );
+            static::write2DBarcode(
+                $pdf, $record->get('barcode2d')->content, $record->get('barcode2d')->type,
+                $currentX, $currentY,
+                $barcodeSize, $barcodeSize
+            );
+            $currentX += $barcodeSize + self::BARCODE_MARGIN;
+            $usableWidth -= $barcodeSize + self::BARCODE_MARGIN;
+        } else {
+            static::writeText(
+                $pdf, $record->get('tag'),
+                $pa->x1, $pa->y2 - self::TAG_SIZE,
+                'freesans', 'b', self::TAG_SIZE, 'R',
+                $usableWidth, self::TAG_SIZE, true, 0
+            );
+        }
+
+        if ($record->has('title')) {
+            static::writeText(
+                $pdf, $record->get('title'),
+                $currentX, $currentY,
+                'freesans', 'b', self::TITLE_SIZE, 'L',
+                $usableWidth, self::TITLE_SIZE, true, 0
+            );
+            $currentY += self::TITLE_SIZE + self::TITLE_MARGIN;
+        }
+
+        foreach ($record->get('fields') as $field) {
+            static::writeText(
+                $pdf, (($field['label']) ? $field['label'].' ' : '') . $field['value'],
+                $currentX, $currentY,
+                'freesans', '', self::FIELD_SIZE, 'L',
+                $usableWidth, self::FIELD_SIZE, true, 0, 0.3
+            );
+            $currentY += self::FIELD_SIZE + self::FIELD_MARGIN;
+        }
+
+        if ($record->has('barcode1d')) {
+            static::write1DBarcode(
+                $pdf, $record->get('barcode1d')->content, $record->get('barcode1d')->type,
+                $currentX, $barcodeSize + self::BARCODE_MARGIN, $usableWidth - self::TAG_SIZE, self::TAG_SIZE
+            );
+        }
+    }
+
+}
@@ -53,6 +53,7 @@ class License extends Depreciable
        'purchase_date'   => 'date_format:Y-m-d|nullable|max:10',
        'expiration_date'   => 'date_format:Y-m-d|nullable|max:10',
        'termination_date'   => 'date_format:Y-m-d|nullable|max:10',
+        'min_amt'   => 'numeric|nullable|gte:0',
    ];

    /**
@@ -81,6 +82,7 @@ class License extends Depreciable
        'supplier_id',
        'termination_date',
        'user_id',
+        'min_amt',
    ];

    use Searchable;
@@ -95,7 +95,10 @@ class Location extends SnipeModel


    /**
-     * Determine whether or not this location can be deleted
+     * Determine whether or not this location can be deleted.
+     *
+     * This method requires the eager loading of the relationships in order to determine whether
+     * it can be deleted. It's tempting to load those here, but that increases the query load considerably.
     *
     * @author A. Gianotto <snipe@snipe.net>
     * @since [v3.0]
@@ -103,10 +106,12 @@ class Location extends SnipeModel
     */
    public function isDeletable()
    {
+
        return Gate::allows('delete', $this)
-                && ($this->assignedAssets()->count() === 0)
-                && ($this->assets()->count() === 0)
-                && ($this->users()->count() === 0);
+                && ($this->assets_count === 0)
+                && ($this->assigned_assets_count === 0)
+                && ($this->children_count === 0)
+                && ($this->users_count === 0);
    }

    /**
@@ -8,6 +8,9 @@ use Illuminate\Support\Facades\Auth;

 trait Loggable
 {
+    // an attribute for setting whether or not the item was imported
+    public ?bool $imported = false;
+
    /**
     * @author  Daniel Meltzer <dmeltzer.devel@gmail.com>
     * @since [v3.4]
@@ -18,6 +21,11 @@ trait Loggable
        return $this->morphMany(Actionlog::class, 'item');
    }

+    public function setImported(bool $bool): void
+    {
+        $this->imported = $bool;
+    }
+
    /**
     * @author  Daniel Meltzer <dmeltzer.devel@gmail.com>
     * @since [v3.4]
@@ -352,7 +352,6 @@ class Setting extends Model
            'ldap_client_tls_cert',
            'ldap_default_group',
            'ldap_dept',
-            'ldap_emp_num',
            'ldap_phone_field',
            'ldap_jobtitle',
            'ldap_manager',
@@ -67,6 +67,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'gravatar',
        'vip',
        'autoassign_licenses',
+        'website',
    ];

    protected $casts = [
@@ -120,6 +121,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
        'phone',
        'jobtitle',
        'employee_num',
+        'website',
    ];

    /**
@@ -335,7 +337,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
     */
    public function licenses()
    {
-        return $this->belongsToMany(\App\Models\License::class, 'license_seats', 'assigned_to', 'license_id')->withPivot('id');
+        return $this->belongsToMany(\App\Models\License::class, 'license_seats', 'assigned_to', 'license_id')->withPivot('id', 'created_at', 'updated_at');
    }

    /**
@@ -9,6 +9,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -38,13 +43,17 @@ class CheckinAccessoryNotification extends Notification
    public function via()
    {
        $notifyBy = [];
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {

-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }

-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            $notifyBy[] = 'slack';
        }

@@ -54,34 +63,8 @@ class CheckinAccessoryNotification extends Notification
        if ($this->target instanceof User && $this->target->email != '') {
            \Log::debug('The target is a user');

-            /**
-             * Send an email if the asset requires acceptance,
-             * so the user can accept or decline the asset
-             */
-            if (($this->item->requireAcceptance()) || ($this->item->getEula()) || ($this->item->checkin_email())) {
-                $notifyBy[] = 'mail';
-            }
-
-            /**
-             * Send an email if the asset requires acceptance,
-             * so the user can accept or decline the asset
-             */
-            if ($this->item->requireAcceptance()) {
-                \Log::debug('This accessory requires acceptance');
-            }
-
-            /**
-             * Send an email if the item has a EULA, since the user should always receive it
-             */
-            if ($this->item->getEula()) {
-                \Log::debug('This accessory has a EULA');
-            }
-
-            /**
-             * Send an email if an email should be sent at checkin/checkout
-             */
            if ($this->item->checkin_email()) {
-                \Log::debug('This accessory has a checkin_email()');
+                $notifyBy[] = 'mail';
            }
        }

@@ -132,6 +115,32 @@ class CheckinAccessoryNotification extends Notification
            ->fact(trans('admin/consumables/general.remaining'), $item->numRemaining())
            ->fact(trans('mail.notes'), $note ?: '');
    }
+    public function toGoogleChat()
+    {
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.Accessory_Checkin_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.checked_into').': '.$item->location->name ? $item->location->name : '',
+                                trans('admin/consumables/general.remaining').': '.$item->numRemaining(),
+                                trans('admin/hardware/form.notes').": ".$note ?: '',
+                            )
+                                ->onClick(route('accessories.show', $item->id))
+                        )
+                    )
+            );
+
+    }

    /**
     * Get the mail representation of the notification.
@@ -10,6 +10,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -46,12 +51,16 @@ class CheckinAssetNotification extends Notification
    public function via()
    {
        $notifyBy = [];
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {

-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }
-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            \Log::debug('use webhook');
            $notifyBy[] = 'slack';
        }
@@ -108,6 +117,33 @@ class CheckinAssetNotification extends Notification
            ->fact(trans('admin/hardware/form.status'), $item->assetstatus->name)
            ->fact(trans('mail.notes'), $note ?: '');
    }
+    public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.Asset_Checkin_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.checked_into') ?: '',
+                                $item->location->name ? $item->location->name : '',
+                                trans('admin/hardware/form.status').": ".$item->assetstatus->name,
+                            )
+                                ->onClick(route('hardware.show', $item->id))
+                        )
+                    )
+            );
+
+    }

    /**
     * Get the mail representation of the notification.
@@ -9,6 +9,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -43,12 +48,16 @@ class CheckinLicenseSeatNotification extends Notification
    {
        $notifyBy = [];

-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {
+
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }

-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            $notifyBy[] = 'slack';
        }

@@ -113,6 +122,34 @@ class CheckinLicenseSeatNotification extends Notification
            ->fact(trans('admin/consumables/general.remaining'), $item->availCount()->count())
            ->fact(trans('mail.notes'), $note ?: '');
    }
+    public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.License_Checkin_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.checkedin_from') ?: '',
+                                $target->present()->fullName() ?:  '',
+                                trans('admin/consumables/general.remaining').': '.$item->availCount()->count(),
+                            )
+                                ->onClick(route('licenses.show', $item->id))
+                        )
+                    )
+            );
+
+    }
+

    /**
     * Get the mail representation of the notification.
@@ -9,6 +9,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -37,13 +42,17 @@ class CheckoutAccessoryNotification extends Notification
    public function via()
    {
        $notifyBy = [];
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {

-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }

-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            $notifyBy[] = 'slack';
        }

@@ -123,6 +132,34 @@ class CheckoutAccessoryNotification extends Notification
                ->fact(trans('mail.notes'), $note ?: '');

    }
+    public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.Accessory_Checkout_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.assigned_to') ?: '',
+                                $target->present()->name ?: '',
+                                trans('admin/consumables/general.remaining').": ". $item->numRemaining(),
+                            )
+                                ->onClick(route('users.show', $target->id))
+                        )
+                    )
+            );
+
+    }
+

    /**
     * Get the mail representation of the notification.
@@ -11,6 +11,13 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\Enums\Icon;
+use NotificationChannels\GoogleChat\Enums\ImageStyle;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -54,13 +61,20 @@ class CheckoutAssetNotification extends Notification
     */
    public function via()
    {
-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
-
-            return [MicrosoftTeamsChannel::class];
-        }
        $notifyBy = [];
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {
+
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {
+
+            $notifyBy[] = MicrosoftTeamsChannel::class;
+        }
+
+
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {

-        if ((Setting::getSettings()) && (Setting::getSettings()->webhook_selected == 'slack')) {
            \Log::debug('use webhook');
            $notifyBy[] = 'slack';
        }
@@ -143,6 +157,33 @@ class CheckoutAssetNotification extends Notification


    }
+public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.Asset_Checkout_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.assigned_to') ?: '',
+                                $target->present()->name ?: '',
+                                $note ?: '',
+                            )
+                                ->onClick(route('users.show', $target->id))
+                        )
+                    )
+            );
+
+    }

    /**
     * Get the mail representation of the notification.
@@ -9,6 +9,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -44,13 +49,17 @@ class CheckoutConsumableNotification extends Notification
    public function via()
    {
        $notifyBy = [];
+        if (Setting::getSettings()->webhook_selected == 'google' && Setting::getSettings()->webhook_endpoint) {

-        if (Setting::getSettings()->webhook_selected == 'microsoft'){
+            $notifyBy[] = GoogleChatChannel::class;
+        }
+
+        if (Setting::getSettings()->webhook_selected == 'microsoft' && Setting::getSettings()->webhook_endpoint) {

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }

-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            $notifyBy[] = 'slack';
        }

@@ -128,6 +137,33 @@ class CheckoutConsumableNotification extends Notification
            ->fact(trans('admin/consumables/general.remaining'), $item->numRemaining())
            ->fact(trans('mail.notes'), $note ?: '');
    }
+    public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.Consumable_checkout_notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.assigned_to') ?: '',
+                                $target->present()->fullName() ?: '',
+                                trans('admin/consumables/general.remaining').': '.$item->numRemaining(),
+                            )
+                                ->onClick(route('users.show', $target->id))
+                        )
+                    )
+            );
+
+    }

    /**
     * Get the mail representation of the notification.
@@ -9,6 +9,11 @@ use Illuminate\Bus\Queueable;
 use Illuminate\Notifications\Messages\MailMessage;
 use Illuminate\Notifications\Messages\SlackMessage;
 use Illuminate\Notifications\Notification;
+use NotificationChannels\GoogleChat\Card;
+use NotificationChannels\GoogleChat\GoogleChatChannel;
+use NotificationChannels\GoogleChat\GoogleChatMessage;
+use NotificationChannels\GoogleChat\Section;
+use NotificationChannels\GoogleChat\Widgets\KeyValue;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsChannel;
 use NotificationChannels\MicrosoftTeams\MicrosoftTeamsMessage;

@@ -43,15 +48,18 @@ class CheckoutLicenseSeatNotification extends Notification
     */
    public function via()
    {
-
        $notifyBy = [];

+        if (Setting::getSettings()->webhook_selected == 'google'){
+
+            $notifyBy[] = GoogleChatChannel::class;
+        }
        if (Setting::getSettings()->webhook_selected == 'microsoft'){

            $notifyBy[] = MicrosoftTeamsChannel::class;
        }

-        if (Setting::getSettings()->webhook_selected == 'slack') {
+        if (Setting::getSettings()->webhook_selected == 'slack' || Setting::getSettings()->webhook_selected == 'general' ) {
            $notifyBy[] = 'slack';
        }

@@ -129,6 +137,33 @@ class CheckoutLicenseSeatNotification extends Notification
            ->fact(trans('admin/consumables/general.remaining'), $item->availCount()->count())
            ->fact(trans('mail.notes'), $note ?: '');
    }
+    public function toGoogleChat()
+    {
+        $target = $this->target;
+        $item = $this->item;
+        $note = $this->note;
+
+        return GoogleChatMessage::create()
+            ->to($this->settings->webhook_endpoint)
+            ->card(
+                Card::create()
+                    ->header(
+                        '<strong>'.trans('mail.License_Checkout_Notification').'</strong>' ?: '',
+                        htmlspecialchars_decode($item->present()->name) ?: '',
+                    )
+                    ->section(
+                        Section::create(
+                            KeyValue::create(
+                                trans('mail.assigned_to') ?: '',
+                                $target->present()->name ?: '',
+                                trans('admin/consumables/general.remaining').': '.$item->availCount()->count(),
+                            )
+                                ->onClick(route('users.show', $target->id))
+                        )
+                    )
+            );
+
+    }

    /**
     * Get the mail representation of the notification.
@@ -38,6 +38,9 @@ class AccessoryObserver
        $logAction->item_id = $accessory->id;
        $logAction->created_at = date('Y-m-d H:i:s');
        $logAction->user_id = Auth::id();
+        if($accessory->imported) {
+            $logAction->setActionSource('importer');
+        }
        $logAction->logaction('create');
    }

@@ -109,6 +109,9 @@ class AssetObserver
        $logAction->item_id = $asset->id;
        $logAction->created_at = date('Y-m-d H:i:s');
        $logAction->user_id = Auth::id();
+        if($asset->imported) {
+            $logAction->setActionSource('importer');
+        }
        $logAction->logaction('create');
    }

@@ -38,6 +38,9 @@ class ComponentObserver
        $logAction->item_id = $component->id;
        $logAction->created_at = date('Y-m-d H:i:s');
        $logAction->user_id = Auth::id();
+        if($component->imported) {
+            $logAction->setActionSource('importer');
+        }
        $logAction->logaction('create');
    }

@@ -38,6 +38,9 @@ class ConsumableObserver
        $logAction->item_id = $consumable->id;
        $logAction->created_at = date('Y-m-d H:i:s');
        $logAction->user_id = Auth::id();
+        if($consumable->imported) {
+            $logAction->setActionSource('importer');
+        }
        $logAction->logaction('create');
    }

@@ -38,6 +38,9 @@ class LicenseObserver
        $logAction->item_id = $license->id;
        $logAction->created_at = date('Y-m-d H:i:s');
        $logAction->user_id = Auth::id();
+        if($license->imported) {
+            $logAction->setActionSource('importer');
+        }
        $logAction->logaction('create');
    }

@@ -41,6 +41,7 @@ class AccessoryPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('general.name'),
                'formatter' => 'accessoriesLinkFormatter',
            ], [
@@ -38,10 +38,14 @@ class ActionlogPresenter extends Presenter

    public function icon()
    {
-        
+
        // User related icons
        if ($this->itemType() == 'user') {

+            if ($this->actionType()=='2fa reset') {
+                return 'fa-solid fa-mobile-screen';
+            }
+
            if ($this->actionType()=='create new') {
                return 'fa-solid fa-user-plus';
            }
@@ -61,6 +65,7 @@ class ActionlogPresenter extends Presenter
            if ($this->actionType()=='update') {
                return 'fa-solid fa-user-pen';
            }
+
             return 'fa-solid fa-user';
        }

@@ -41,6 +41,19 @@ class AssetMaintenancesPresenter extends Presenter
                'sortable' => true,
                'title' => trans('admin/hardware/table.asset_tag'),
                'formatter' => 'assetTagLinkFormatter',
+            ], [
+                'field' => 'serial',
+                'searchable' => true,
+                'sortable' => true,
+                'title' => trans('admin/hardware/table.serial'),
+                'formatter' => 'assetSerialLinkFormatter',
+            ], [
+                'field' => 'status_label',
+                'searchable' => true,
+                'sortable' => true,
+                'title' => trans('admin/hardware/table.status'),
+                'visible' => true,
+                'formatter' => 'statuslabelsLinkObjFormatter',
            ], [
                'field' => 'model',
                'searchable' => true,
@@ -72,6 +85,7 @@ class AssetMaintenancesPresenter extends Presenter
                'field' => 'title',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('admin/asset_maintenances/form.title'),
            ], [
                'field' => 'start_date',
@@ -35,6 +35,7 @@ class AssetModelPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'visible' => true,
                'title' => trans('general.name'),
                'formatter' => 'modelsLinkFormatter',
@@ -55,6 +55,7 @@ class AssetPresenter extends Presenter
                'field' => 'asset_tag',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('admin/hardware/table.asset_tag'),
                'visible' => true,
                'formatter' => 'hardwareLinkFormatter',
@@ -195,6 +196,14 @@ class AssetPresenter extends Presenter
                'visible' => false,
                'title' => trans('admin/hardware/form.warranty_expires'),
                'formatter' => 'dateDisplayFormatter',
+            ], [
+                'field' => 'requestable',
+                'searchable' => false,
+                'sortable' => true,
+                'visible' => false,
+                'title' => trans('admin/hardware/general.requestable'),
+                'formatter' => 'trueFalseFormatter',
+
            ], [
                'field' => 'notes',
                'searchable' => true,
@@ -244,6 +253,13 @@ class AssetPresenter extends Presenter
                'visible' => false,
                'title' => trans('admin/hardware/table.checkout_date'),
                'formatter' => 'dateDisplayFormatter',
+            ], [
+                'field' => 'last_checkin',
+                'searchable' => false,
+                'sortable' => true,
+                'visible' => false,
+                'title' => trans('admin/hardware/table.last_checkin_date'),
+                'formatter' => 'dateDisplayFormatter',
            ], [
                'field' => 'expected_checkin',
                'searchable' => false,
@@ -308,7 +324,7 @@ class AssetPresenter extends Presenter
            'field' => 'checkincheckout',
            'searchable' => false,
            'sortable' => false,
-            'switchable' => true,
+            'switchable' => false,
            'title' => trans('general.checkin').'/'.trans('general.checkout'),
            'visible' => true,
            'formatter' => 'hardwareInOutFormatter',
@@ -25,6 +25,7 @@ class CategoryPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('general.name'),
                'visible' => true,
                'formatter' => 'categoriesLinkFormatter',
@@ -25,7 +25,7 @@ class CompanyPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
-                'switchable' => true,
+                'switchable' => false,
                'title' => trans('admin/companies/table.name'),
                'visible' => true,
                'formatter' => 'companiesLinkFormatter',
@@ -126,7 +126,7 @@ class ComponentPresenter extends Presenter
            'field' => 'checkincheckout',
            'searchable' => false,
            'sortable' => false,
-            'switchable' => true,
+            'switchable' => false,
            'title' => trans('general.checkin').'/'.trans('general.checkout'),
            'visible' => true,
            'formatter' => 'componentsInOutFormatter',
@@ -35,6 +35,7 @@ class ConsumablePresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('general.name'),
                'visible' => true,
                'formatter' => 'consumablesLinkFormatter',
@@ -25,6 +25,7 @@ class DepreciationPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('general.name'),
                'visible' => true,
                'formatter' => 'depreciationsLinkFormatter',
@@ -34,6 +34,7 @@ class DepreciationReportPresenter extends Presenter
                "field" => "name",
                "searchable" => true,
                "sortable" => true,
+                'switchable' => false,
                "title" => trans('admin/hardware/form.name'),
                "visible" => false,
            ], [
@@ -33,6 +33,7 @@ class LicensePresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('general.name'),
                'formatter' => 'licensesLinkFormatter',
            ], [
@@ -89,7 +90,14 @@ class LicensePresenter extends Presenter
                'searchable' => false,
                'sortable' => true,
                'title' => trans('admin/accessories/general.remaining'),
-            ], [
+            ],
+            [
+                'field' => 'min_amt',
+                'searchable' => false,
+                'sortable' => true,
+                'title' => trans('mail.min_QTY'),
+                'formatter' => 'minAmtFormatter',
+            ],[
                'field' => 'purchase_date',
                'searchable' => true,
                'sortable' => true,
@@ -179,7 +187,7 @@ class LicensePresenter extends Presenter
            'field' => 'checkincheckout',
            'searchable' => false,
            'sortable' => false,
-            'switchable' => true,
+            'switchable' => false,
            'title' => trans('general.checkin').'/'.trans('general.checkout'),
            'visible' => true,
            'formatter' => 'licensesInOutFormatter',
@@ -273,7 +281,7 @@ class LicensePresenter extends Presenter
                'field' => 'checkincheckout',
                'searchable' => false,
                'sortable' => false,
-                'switchable' => true,
+                'switchable' => false,
                'title' => trans('general.checkin').'/'.trans('general.checkout'),
                'visible' => true,
                'formatter' => 'licenseSeatInOutFormatter',
@@ -14,7 +14,11 @@ class LocationPresenter extends Presenter
    public static function dataTableLayout()
    {
        $layout = [
-
+            [
+                'field' => 'bulk_selectable',
+                'checkbox' => true,
+                'formatter' => 'checkboxEnabledFormatter',
+            ],
            [
                'field' => 'id',
                'searchable' => false,
@@ -27,6 +31,7 @@ class LocationPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('admin/locations/table.name'),
                'visible' => true,
                'formatter' => 'locationsLinkFormatter',
@@ -27,6 +27,7 @@ class ManufacturerPresenter extends Presenter
                'field' => 'name',
                'searchable' => true,
                'sortable' => true,
+                'switchable' => false,
                'title' => trans('admin/manufacturers/table.name'),
                'visible' => true,
                'formatter' => 'manufacturersLinkFormatter',
@@ -45,7 +46,7 @@ class ManufacturerPresenter extends Presenter
                'searchable' => true,
                'sortable' => true,
                'switchable' => true,
-                'title' => trans('admin/manufacturers/table.url'),
+                'title' => trans('general.url'),
                'visible' => true,
                'formatter' => 'externalLinkFormatter',
            ],
@@ -38,7 +38,7 @@ class UserPresenter extends Presenter
                'searchable' => false,
                'sortable' => false,
                'switchable' => true,
-                'title' => 'Avatar',
+                'title' => trans('general.importer.avatar'),
                'visible' => false,
                'formatter' => 'imageFormatter',
            ],
@@ -122,6 +122,15 @@ class UserPresenter extends Presenter
                'visible' => true,
                'formatter'    => 'phoneFormatter',
            ],
+            [
+                'field' => 'website',
+                'searchable' => true,
+                'sortable' => true,
+                'switchable' => true,
+                'title' => trans('general.website'),
+                'visible' => false,
+                'formatter'    => 'externalLinkFormatter',
+            ],
            [
                'field' => 'address',
                'searchable' => true,
@@ -166,7 +175,7 @@ class UserPresenter extends Presenter
                'field' => 'username',
                'searchable' => true,
                'sortable' => true,
-                'switchable' => true,
+                'switchable' => false,
                'title' => trans('admin/users/table.username'),
                'visible' => true,
                'formatter' => 'usersLinkFormatter',
--- a/Show More
+++ b/Show More