Merge remote-tracking branch 'origin/develop'

Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # config/version.php
Bumped version
2024-06-17 15:58:27 +01:00 · 2024-06-17 15:57:32 +01:00 · 2024-06-17 15:52:13 +01:00 · 2024-06-17 15:51:11 +01:00 · 2024-06-17 15:44:07 +01:00 · 2024-06-17 13:43:45 +01:00
1882 changed files with 36548 additions and 123618 deletions
@@ -3018,6 +3018,114 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "koiakoia",
+      "name": "koiakoia",
+      "avatar_url": "https://avatars.githubusercontent.com/u/60405354?v=4",
+      "profile": "https://github.com/koiakoia",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mustafa-online",
+      "name": "Mustafa Online",
+      "avatar_url": "https://avatars.githubusercontent.com/u/5323832?v=4",
+      "profile": "https://github.com/mustafa-online",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "franceslui",
+      "name": "franceslui",
+      "avatar_url": "https://avatars.githubusercontent.com/u/104601439?v=4",
+      "profile": "https://github.com/franceslui",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Q4kK",
+      "name": "Q4kK",
+      "avatar_url": "https://avatars.githubusercontent.com/u/125313163?v=4",
+      "profile": "https://github.com/Q4kK",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "squintfox",
+      "name": "squintfox",
+      "avatar_url": "https://avatars.githubusercontent.com/u/55590532?v=4",
+      "profile": "https://github.com/squintfox",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "jeffclay",
+      "name": "Jeff Clay",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1380084?v=4",
+      "profile": "https://github.com/jeffclay",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "PP-JN-RL",
+      "name": "Phil J R",
+      "avatar_url": "https://avatars.githubusercontent.com/u/52716446?v=4",
+      "profile": "https://github.com/PP-JN-RL",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "chandanchowdhury",
+      "name": "i_virus",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1496725?v=4",
+      "profile": "https://www.corelight.com/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "gitgrimbo",
+      "name": "Paul Grime",
+      "avatar_url": "https://avatars.githubusercontent.com/u/1020541?v=4",
+      "profile": "https://github.com/gitgrimbo",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "LeePorte",
+      "name": "Lee Porte",
+      "avatar_url": "https://avatars.githubusercontent.com/u/922815?v=4",
+      "profile": "https://leeporte.co.uk",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "bryanlopezinc",
+      "name": "BRYAN ",
+      "avatar_url": "https://avatars.githubusercontent.com/u/23613427?v=4",
+      "profile": "https://github.com/bryanlopezinc",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "U-H-T",
+      "name": "U-H-T",
+      "avatar_url": "https://avatars.githubusercontent.com/u/64061710?v=4",
+      "profile": "https://github.com/U-H-T",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -0,0 +1,166 @@
+# --------------------------------------------
+# REQUIRED: DB SETUP
+# --------------------------------------------
+MYSQL_DATABASE=snipeit
+MYSQL_USER=snipeit
+MYSQL_PASSWORD=changeme1234
+MYSQL_ROOT_PASSWORD=changeme1234
+# --------------------------------------------
+# REQUIRED: BASIC APP SETTINGS
+# --------------------------------------------
+APP_ENV=develop
+APP_DEBUG=false
+# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
+APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
+APP_URL=http://localhost:8000
+APP_TIMEZONE='UTC'
+APP_LOCALE=en
+MAX_RESULTS=500
+
+# --------------------------------------------
+# REQUIRED: UPLOADED FILE STORAGE SETTINGS
+# --------------------------------------------
+PRIVATE_FILESYSTEM_DISK=local
+PUBLIC_FILESYSTEM_DISK=local_public
+
+# --------------------------------------------
+# REQUIRED: DATABASE SETTINGS
+# --------------------------------------------
+DB_CONNECTION=mysql
+DB_HOST=mariadb
+DB_DATABASE=snipeit
+DB_USERNAME=snipeit
+DB_PASSWORD=changeme1234
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+
+# --------------------------------------------
+# OPTIONAL: SSL DATABASE SETTINGS
+# --------------------------------------------
+DB_SSL=false
+DB_SSL_IS_PAAS=false
+DB_SSL_KEY_PATH=null
+DB_SSL_CERT_PATH=null
+DB_SSL_CA_PATH=null
+DB_SSL_CIPHER=null
+DB_SSL_VERIFY_SERVER=null
+
+# --------------------------------------------
+# REQUIRED: OUTGOING MAIL SERVER SETTINGS
+# --------------------------------------------
+MAIL_DRIVER=smtp
+MAIL_HOST=mailhog
+MAIL_PORT=1025
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDR=you@example.com
+MAIL_FROM_NAME='Snipe-IT'
+MAIL_REPLYTO_ADDR=you@example.com
+MAIL_REPLYTO_NAME='Snipe-IT'
+MAIL_AUTO_EMBED_METHOD='attachment'
+
+# --------------------------------------------
+# REQUIRED: IMAGE LIBRARY
+# This should be gd or imagick
+# --------------------------------------------
+IMAGE_LIB=gd
+
+
+# --------------------------------------------
+# OPTIONAL: BACKUP SETTINGS
+# --------------------------------------------
+MAIL_BACKUP_NOTIFICATION_DRIVER=null
+MAIL_BACKUP_NOTIFICATION_ADDRESS=null
+BACKUP_ENV=true
+
+
+# --------------------------------------------
+# OPTIONAL: SESSION SETTINGS
+# --------------------------------------------
+SESSION_LIFETIME=12000
+EXPIRE_ON_CLOSE=false
+ENCRYPT=false
+COOKIE_NAME=snipeit_session
+COOKIE_DOMAIN=null
+SECURE_COOKIES=false
+API_TOKEN_EXPIRATION_YEARS=40
+
+# --------------------------------------------
+# OPTIONAL: SECURITY HEADER SETTINGS
+# --------------------------------------------
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+ALLOW_IFRAMING=false
+REFERRER_POLICY=same-origin
+ENABLE_CSP=false
+CORS_ALLOWED_ORIGINS=null
+ENABLE_HSTS=false
+
+# --------------------------------------------
+# OPTIONAL: CACHE SETTINGS
+# --------------------------------------------
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+QUEUE_DRIVER=sync
+CACHE_PREFIX=snipeit
+
+# --------------------------------------------
+# OPTIONAL: REDIS SETTINGS
+# --------------------------------------------
+REDIS_HOST=redis
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+# --------------------------------------------
+# OPTIONAL: MEMCACHED SETTINGS
+# --------------------------------------------
+MEMCACHED_HOST=null
+MEMCACHED_PORT=null
+
+# --------------------------------------------
+# OPTIONAL: PUBLIC S3 Settings
+# --------------------------------------------
+PUBLIC_AWS_SECRET_ACCESS_KEY=null
+PUBLIC_AWS_ACCESS_KEY_ID=null
+PUBLIC_AWS_DEFAULT_REGION=null
+PUBLIC_AWS_BUCKET=null
+PUBLIC_AWS_URL=null
+PUBLIC_AWS_BUCKET_ROOT=null
+
+# --------------------------------------------
+# OPTIONAL: PRIVATE S3 Settings
+# --------------------------------------------
+PRIVATE_AWS_ACCESS_KEY_ID=null
+PRIVATE_AWS_SECRET_ACCESS_KEY=null
+PRIVATE_AWS_DEFAULT_REGION=null
+PRIVATE_AWS_BUCKET=null
+PRIVATE_AWS_URL=null
+PRIVATE_AWS_BUCKET_ROOT=null
+
+# --------------------------------------------
+# OPTIONAL: AWS Settings
+# --------------------------------------------
+AWS_ACCESS_KEY_ID=null
+AWS_SECRET_ACCESS_KEY=null
+AWS_DEFAULT_REGION=null
+
+# --------------------------------------------
+# OPTIONAL: LOGIN THROTTLING
+# --------------------------------------------
+LOGIN_MAX_ATTEMPTS=5
+LOGIN_LOCKOUT_DURATION=60
+RESET_PASSWORD_LINK_EXPIRES=900
+
+# --------------------------------------------
+# OPTIONAL: MISC
+# --------------------------------------------
+LOG_CHANNEL=stderr
+LOG_MAX_DAYS=10
+APP_LOCKED=false
+APP_CIPHER=AES-256-CBC
+APP_FORCE_TLS=false
+GOOGLE_MAPS_API=
+LDAP_MEM_LIM=500M
+LDAP_TIME_LIM=600
@@ -1,18 +1,18 @@
 # --------------------------------------------
-# REQUIRED: DB SETUP
+# REQUIRED: DOCKER SPECIFIC SETTINGS
 # --------------------------------------------
-MYSQL_DATABASE=snipeit
-MYSQL_USER=snipeit
-MYSQL_PASSWORD=changeme1234
-MYSQL_ROOT_PASSWORD=changeme1234
+APP_VERSION=v6.4.1
+APP_PORT=8000
+
 # --------------------------------------------
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
-APP_ENV=develop
+APP_ENV=production
 APP_DEBUG=false
-# please regenerate the APP_KEY value by calling `docker-compose run --rm snipeit bash` and then `php artisan key:generate --show` and then copy paste the value here
+# Please regenerate the APP_KEY value by calling `docker compose run --rm snipeit php artisan key:generate --show`. Copy paste the value here
 APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
 APP_URL=http://localhost:8000
+# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
 APP_TIMEZONE='UTC'
 APP_LOCALE=en
 MAX_RESULTS=500
@@ -27,10 +27,12 @@ PUBLIC_FILESYSTEM_DISK=local_public
 # REQUIRED: DATABASE SETTINGS
 # --------------------------------------------
 DB_CONNECTION=mysql
-DB_HOST=mariadb
+DB_HOST=db
+DB_PORT='3306'
 DB_DATABASE=snipeit
 DB_USERNAME=snipeit
 DB_PASSWORD=changeme1234
+MYSQL_ROOT_PASSWORD=changeme1234
 DB_PREFIX=null
 DB_DUMP_PATH='/usr/bin'
 DB_CHARSET=utf8mb4
@@ -45,29 +47,35 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
+DB_SSL_VERIFY_SERVER=null

 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=mailhog
 MAIL_PORT=1025
 MAIL_USERNAME=null
 MAIL_PASSWORD=null
-MAIL_ENCRYPTION=null
+MAIL_TLS_VERIFY_PEER=true
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'

+# --------------------------------------------
+# REQUIRED: DATA PROTECTION
+# --------------------------------------------
+ALLOW_BACKUP_DELETE=false
+ALLOW_DATA_PURGE=false
+
 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
 # This should be gd or imagick
 # --------------------------------------------
 IMAGE_LIB=gd

-
 # --------------------------------------------
 # OPTIONAL: BACKUP SETTINGS
 # --------------------------------------------
@@ -75,7 +83,6 @@ MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true

-
 # --------------------------------------------
 # OPTIONAL: SESSION SETTINGS
 # --------------------------------------------
@@ -90,7 +97,7 @@ API_TOKEN_EXPIRATION_YEARS=40
 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
 # --------------------------------------------
-APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
+APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1,172.0.0.0/8
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
@@ -108,7 +115,7 @@ CACHE_PREFIX=snipeit
 # --------------------------------------------
 # OPTIONAL: REDIS SETTINGS
 # --------------------------------------------
-REDIS_HOST=redis
+REDIS_HOST=null
 REDIS_PASSWORD=null
 REDIS_PORT=6379

@@ -36,11 +36,12 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
+DB_SSL_VERIFY_SERVER=null

 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER="log"
+MAIL_MAILER="log"


 # --------------------------------------------
@@ -42,21 +42,26 @@ DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
 DB_SSL_CA_PATH=null
 DB_SSL_CIPHER=null
+DB_SSL_VERIFY_SERVER=null

 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=smtp
+MAIL_MAILER=smtp
 MAIL_HOST=email-smtp.us-west-2.amazonaws.com
 MAIL_PORT=587
 MAIL_USERNAME=YOURUSERNAME
 MAIL_PASSWORD=YOURPASSWORD
-MAIL_ENCRYPTION=null
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME='Snipe-IT'
 MAIL_REPLYTO_ADDR=you@example.com
 MAIL_REPLYTO_NAME='Snipe-IT'
 MAIL_AUTO_EMBED_METHOD='attachment'
+MAIL_TLS_VERIFY_PEER=true
+
+# MAIL_ENCRYPTION is no longer supported. SymfonyMailer will use tls if it's
+# advertised, and won't if it's not. If you want to use your mail server's IP but it's failing
+# because of certificate errors, set MAIL_TLS_VERIFY_PEER-true

 # --------------------------------------------
 # REQUIRED: IMAGE LIBRARY
@@ -86,6 +91,7 @@ COOKIE_DOMAIN=null
 SECURE_COOKIES=false
 API_TOKEN_EXPIRATION_YEARS=15
 BS_TABLE_STORAGE=cookieStorage
+BS_TABLE_DEEPLINK=true

 # --------------------------------------------
 # OPTIONAL: SECURITY HEADER SETTINGS
@@ -94,6 +100,7 @@ APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
 ENABLE_CSP=false
+ADDITIONAL_CSP_URLS=null
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false

@@ -190,4 +197,4 @@ ARGON_TIME=2
 # OPTIONAL: SCIM
 # --------------------------------------------
 SCIM_TRACE=false
-SCIM_STANDARDS_COMPLIANCE=false
+SCIM_STANDARDS_COMPLIANCE=false
@@ -22,7 +22,7 @@ DB_PASSWORD=null
 # --------------------------------------------
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
-MAIL_DRIVER=log
+MAIL_MAILER=log


 # --------------------------------------------
@@ -18,6 +18,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000

-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
@@ -15,6 +15,6 @@ APP_KEY=base64:tu9NRh/a6+dCXBDGvg0Gv/0TcABnFsbT4AKxrr8mwQo=
 LOGIN_MAX_ATTEMPTS=1000000
 LOGIN_LOCKOUT_DURATION=100000000

-MAIL_DRIVER=log
+MAIL_MAILER=log
 MAIL_FROM_ADDR=you@example.com
 MAIL_FROM_NAME=Snipe-IT
@@ -36,7 +36,7 @@ jobs:

      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.4.0
+        uses: codacy/codacy-analysis-cli-action@v4.4.1
        with:
          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
          # You can also omit the token and run the tools that support default configurations
@@ -12,7 +12,7 @@ jobs:
        uses: actions/checkout@v4

      - name: Crowdin push
-        uses: crowdin/github-action@v1
+        uses: crowdin/github-action@v2
        with:
          upload_sources: true
          upload_translations: false
@@ -25,9 +25,8 @@ jobs:
      fail-fast: false
      matrix:
        php-version:
-          - "7.4"
-          - "8.0"
-          - "8.1.1"
+          - "8.1"
+          - "8.2"

    name: PHP ${{ matrix.php-version }}

@@ -58,11 +57,17 @@ jobs:
      - name: Install Dependencies
        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist

-      - name: Generate key
-        run: php artisan key:generate
-
-      - name: Directory Permissions
-        run: chmod -R 777 storage bootstrap/cache
+      - name: Setup Laravel
+        env:
+          DB_CONNECTION: mysql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.mysql.ports[3306] }}
+          DB_USERNAME: root
+        run: |
+          php artisan key:generate
+          php artisan migrate --force
+          php artisan passport:install
+          chmod -R 777 storage bootstrap/cache

      - name: Execute tests (Unit and Feature tests) via PHPUnit
        env:
@@ -0,0 +1,75 @@
+name: Tests in Postgres
+
+on: workflow_dispatch
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    services:
+      postgresql:
+        image: postgres
+        env:
+          POSTGRES_DB: snipeit
+          POSTGRES_USER: snipeit
+          POSTGRES_PASSWORD: password
+        ports:
+          - 5432:5432
+        options: --health-cmd=pg_isready --health-interval=10s --health-timeout=5s --health-retries=3
+
+    strategy:
+      fail-fast: false
+      matrix:
+        php-version:
+          - "8.2"
+
+    name: PHP ${{ matrix.php-version }}
+
+    steps:
+      - uses: shivammathur/setup-php@v2
+        with:
+          php-version: "${{ matrix.php-version }}"
+          coverage: none
+
+      - uses: actions/checkout@v4
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+      - uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-
+
+      - name: Copy .env
+        run: |
+          cp -v .env.testing.example .env
+          cp -v .env.testing.example .env.testing
+
+      - name: Install Dependencies
+        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
+
+      - name: Setup Laravel
+        env:
+          DB_CONNECTION: pgsql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
+          DB_USERNAME: snipeit
+          DB_PASSWORD: password
+        run: |
+          php artisan key:generate
+          php artisan migrate --force
+          php artisan passport:install
+          chmod -R 777 storage bootstrap/cache
+
+      - name: Execute tests (Unit and Feature tests) via PHPUnit
+        env:
+          DB_CONNECTION: pgsql
+          DB_DATABASE: snipeit
+          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
+          DB_USERNAME: snipeit
+          DB_PASSWORD: password
+        run: php artisan test --parallel
@@ -49,6 +49,9 @@ jobs:
      - name: Generate key
        run: php artisan key:generate

+      - name: Setup Passport
+        run: php artisan passport:keys
+
      - name: Directory Permissions
        run: chmod -R 777 storage bootstrap/cache

@@ -1 +1 @@
-v12.22.1
+v18.16.0
@@ -3,8 +3,8 @@
    "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
    "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
    "DOC4": "You should really just ignore it and run upgrade.php. Really",
-    "php_min_version": "7.4.0",
-    "php_max_major_minor": "8.1",
-    "php_max_wontwork": "8.2.0",
-    "current_snipeit_version": "6.3"
+    "php_min_version": "8.1.0",
+    "php_max_major_minor": "8.3",
+    "php_max_wontwork": "8.4.0",
+    "current_snipeit_version": "7.0"
 }
@@ -432,6 +432,22 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bilias"><img src="https://avatars.githubusercontent.com/u/47315739?v=4?s=110" width="110px;" alt="bilias"/><br /><sub><b>bilias</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=bilias" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/coach1988"><img src="https://avatars.githubusercontent.com/u/2565989?v=4?s=110" width="110px;" alt="coach1988"/><br /><sub><b>coach1988</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=coach1988" title="Code">💻</a></td>
      <td align="center" valign="top" width="14.28%"><a href="https://github.com/mauro-miatello"><img src="https://avatars.githubusercontent.com/u/11910225?v=4?s=110" width="110px;" alt="MrM"/><br /><sub><b>MrM</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=mauro-miatello" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/koiakoia"><img src="https://avatars.githubusercontent.com/u/60405354?v=4?s=110" width="110px;" alt="koiakoia"/><br /><sub><b>koiakoia</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=koiakoia" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/mustafa-online"><img src="https://avatars.githubusercontent.com/u/5323832?v=4?s=110" width="110px;" alt="Mustafa Online"/><br /><sub><b>Mustafa Online</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=mustafa-online" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/franceslui"><img src="https://avatars.githubusercontent.com/u/104601439?v=4?s=110" width="110px;" alt="franceslui"/><br /><sub><b>franceslui</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=franceslui" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/Q4kK"><img src="https://avatars.githubusercontent.com/u/125313163?v=4?s=110" width="110px;" alt="Q4kK"/><br /><sub><b>Q4kK</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=Q4kK" title="Code">💻</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/squintfox"><img src="https://avatars.githubusercontent.com/u/55590532?v=4?s=110" width="110px;" alt="squintfox"/><br /><sub><b>squintfox</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=squintfox" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/jeffclay"><img src="https://avatars.githubusercontent.com/u/1380084?v=4?s=110" width="110px;" alt="Jeff Clay"/><br /><sub><b>Jeff Clay</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=jeffclay" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/PP-JN-RL"><img src="https://avatars.githubusercontent.com/u/52716446?v=4?s=110" width="110px;" alt="Phil J R"/><br /><sub><b>Phil J R</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=PP-JN-RL" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://www.corelight.com/"><img src="https://avatars.githubusercontent.com/u/1496725?v=4?s=110" width="110px;" alt="i_virus"/><br /><sub><b>i_virus</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=chandanchowdhury" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/gitgrimbo"><img src="https://avatars.githubusercontent.com/u/1020541?v=4?s=110" width="110px;" alt="Paul Grime"/><br /><sub><b>Paul Grime</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=gitgrimbo" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://leeporte.co.uk"><img src="https://avatars.githubusercontent.com/u/922815?v=4?s=110" width="110px;" alt="Lee Porte"/><br /><sub><b>Lee Porte</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=LeePorte" title="Code">💻</a></td>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/bryanlopezinc"><img src="https://avatars.githubusercontent.com/u/23613427?v=4?s=110" width="110px;" alt="BRYAN "/><br /><sub><b>BRYAN </b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=bryanlopezinc" title="Code">💻</a></td>
+    </tr>
+    <tr>
+      <td align="center" valign="top" width="14.28%"><a href="https://github.com/U-H-T"><img src="https://avatars.githubusercontent.com/u/64061710?v=4?s=110" width="110px;" alt="U-H-T"/><br /><sub><b>U-H-T</b></sub></a><br /><a href="https://github.com/snipe/snipe-it/commits?author=U-H-T" title="Code">💻</a></td>
    </tr>
  </tbody>
 </table>
@@ -105,7 +105,7 @@ RUN \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.cert" "/var/www/html/storage/ldap_client_tls.cert" \
      && ln -fs "/var/lib/snipeit/keys/ldap_client_tls.key" "/var/www/html/storage/ldap_client_tls.key" \
      && chown docker "/var/lib/snipeit/keys/" \
-      && chown -h docker "/var/www/html/storage/" \
+      && chown -Rh docker "/var/www/html/storage/" \
      && chmod +x /var/www/html/artisan \
      && echo "Finished setting up application in /var/www/html"

@@ -1,17 +1,18 @@
 ![snipe-it-by-grok](https://github.com/snipe/snipe-it/assets/197404/b515673b-c7c8-4d9a-80f5-9fa58829a602)

-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://www.codacy.com/app/snipe/snipe-it?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=snipe/snipe-it&amp;utm_campaign=Badge_Grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
+[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Twitter Follow](https://img.shields.io/twitter/follow/snipeitapp.svg?style=social)](https://twitter.com/snipeitapp) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/553ce52037fc43ea99149785afcfe641)](https://app.codacy.com/gh/snipe/snipe-it/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) [![Tests](https://github.com/snipe/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/snipe/snipe-it/actions/workflows/tests.yml)
 [![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributing) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 8](http://laravel.com).
+It is built on [Laravel 10](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/snipe/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

-__This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.
+> [!TIP]
+> __This is web-based software__. This means there is no executable file (aka no .exe files), and it must be run on a web server and accessed through a web browser. It runs on any Mac OSX, any flavor of Linux, as well as Windows, and we have a [Docker image](https://snipe-it.readme.io/docs/docker) available if that's what you're into.

 -----

@@ -21,7 +22,7 @@ For instructions on installing and configuring Snipe-IT on your server, check ou

 If you're having trouble with the installation, please check the [Common Issues](https://snipe-it.readme.io/docs/common-issues) and [Getting Help](https://snipe-it.readme.io/docs/getting-help) documentation, and search this repository's open *and* closed issues for help.

-[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)
+<!-- [![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy) -->

 -----
 ### User's Manual
@@ -32,8 +33,9 @@ For help using Snipe-IT, check out the [user's manual](https://snipe-it.readme.i

 Feel free to check out the [GitHub Issues for this project](https://github.com/snipe/snipe-it/issues) to open a bug report or see what open issues you can help with. Please search through existing issues (open *and* closed) to see if your question has already been answered before opening a new issue.

-**PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
-
+> [!IMPORTANT]  
+> **PLEASE see the [Getting Help Guidelines](https://snipe-it.readme.io/docs/getting-help) and [Common Issues](https://snipe-it.readme.io/docs/common-issues) before opening a ticket, and be sure to complete all of the questions in the Github Issue template to help us to help you as quickly as possible.**
+> 
 -----

 ### Upgrading
@@ -57,6 +59,9 @@ Please see the [translations documentation](https://snipe-it.readme.io/docs/tran

 Since the release of the JSON REST API, several third-party developers have been developing modules and libraries to work with Snipe-IT.  

+> [!NOTE]  
+> As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)
+
 - [Python Module](https://github.com/jbloomer/SnipeIT-PythonAPI) by [@jbloomer](https://github.com/jbloomer)
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [InQRy -unmaintained-](https://github.com/Microsoft/InQRy) by [@Microsoft](https://github.com/Microsoft)
@@ -73,8 +78,6 @@ Since the release of the JSON REST API, several third-party developers have been
 - [UniFi to Snipe-IT](https://github.com/RodneyLeeBrands/UnifiSnipeSync) by [@karpadiem](https://github.com/karpadiem) - Python script that synchronizes UniFi devices with Snipe-IT.
 - [Kandji2Snipe](https://github.com/grokability/kandji2snipe) by [@briangoldstein](https://github.com/briangoldstein) - Python script that synchronizes Kandji with Snipe-IT.
 - [SnipeAgent](https://github.com/ReticentRobot/SnipeAgent) by @ReticentRobot - Windows agent for Snipe-IT
-                                                     
-As these were created by third-parties, Snipe-IT cannot provide support for these project, and you should contact the developers directly if you need assistance. Additionally, Snipe-IT makes no guarantees as to the reliability, accuracy or maintainability of these libraries. Use at your own risk. :)

 -----

@@ -92,4 +95,5 @@ The ERD is available [online here](https://drawsql.app/templates/snipe-it).

 ### Security

-To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker. 
+> [!IMPORTANT]
+> **To report a security vulnerability, please email security@snipeitapp.com instead of using the issue tracker.**
@@ -38,7 +38,7 @@
        "description": "The maximum number of search results that can be returned at one time.",
        "value": "500"
      },
-      "MAIL_DRIVER": {
+      "MAIL_MAILER": {
        "description": "Mail driver - Generally SMTP on Heroku - https://snipe-it.readme.io/docs/configuration#required-outgoing-mail-settings",
        "value": "smtp"
      },
@@ -58,9 +58,9 @@
        "description": "SMTP Server Password",
        "value": "YOURPASSWORD"
      },
-      "MAIL_ENCRYPTION": {
-        "description": "Encryption protocol for email sending.",
-        "value": "null"
+      "MAIL_TLS_VERIFY_PEER": {
+        "description": "Ensure validity of TLS certificate on remote mail server",
+        "value": true
      },
      "MAIL_FROM_ADDR": {
        "description": "Email from address",
@@ -7,7 +7,7 @@ use Illuminate\Console\Command;
 use App\Models\User;
 use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
-use DB;
+use Illuminate\Support\Facades\DB;

 class GeneratePersonalAccessToken extends Command
 {
@@ -9,7 +9,7 @@ use App\Models\Setting;
 use App\Models\Ldap;
 use App\Models\User;
 use App\Models\Location;
-use Log;
+use Illuminate\Support\Facades\Log;

 class LdapSync extends Command
 {
@@ -298,7 +298,7 @@ class LdapSync extends Command
                        try {
                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
                        } catch (\Exception $e) {
-                            \Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
                            // Hail-mary for Okta manager 'shortnames' - will only work if
                            // Okta configuration is using full email-address-style usernames
                            $ldap_manager = [
@@ -390,7 +390,7 @@ class LdapSync extends Command
                        $user->location_id = $location->id;
                    }
                }
-
+                $location = null;
                $user->ldap_import = 1;

                $errors = '';
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use App\Models\Setting;
 use Exception;
-use Crypt;
+use Illuminate\Support\Facades\Crypt;

 /**
 * Check if a given ip is in a network
@@ -160,7 +160,7 @@ class LdapTroubleshooter extends Command
            $output[] = "-x";
            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
-            $output[] = "-w ".escapeshellarg(\Crypt::Decrypt($settings->ldap_pword));
+            $output[] = "-w ".escapeshellarg(Crypt::Decrypt($settings->ldap_pword));
            $output[] = escapeshellarg(parenthesized_filter($settings->ldap_filter));
            if($settings->ldap_tls) {
                $this->line("# adding STARTTLS option");
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 class MoveUploadsToNewDisk extends Command
 {
@@ -74,7 +75,7 @@ class MoveUploadsToNewDisk extends Command
                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                    $this->error($e);
                }
            }
@@ -116,7 +117,7 @@ class MoveUploadsToNewDisk extends Command
                        $new_url = Storage::url($private_type . '/' . $filename, $filename);
                        $this->info($type_count . '. PRIVATE: ' . $filename . ' was copied to ' . $new_url);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                        $this->error($e);
                    }
                }
@@ -140,7 +141,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $public_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
@@ -153,7 +154,7 @@ class MoveUploadsToNewDisk extends Command
                                unlink($filename);
                                $private_delete_count++;
                            } catch (\Exception $e) {
-                                \Log::debug($e);
+                                Log::debug($e);
                                $this->error($e);
                            }
                        }
@@ -5,6 +5,7 @@ namespace App\Console\Commands;
 use Illuminate\Console\Command;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputOption;
+use Illuminate\Support\Facades\Log;

 ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
 ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
@@ -59,7 +60,7 @@ class ObjectImportCommand extends Command

        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
        // $logFile = $this->option('logfile');
-        // \Log::useFiles($logFile);
+        // Log::useFiles($logFile);
        $this->comment('======= Importing Items from '.$filename.' =========');
        $importer->import();

@@ -112,10 +113,10 @@ class ObjectImportCommand extends Command
    public function log($string, $level = 'info')
    {
        if ($level === 'warning') {
-            \Log::warning($string);
+            Log::warning($string);
            $this->comment($string);
        } else {
-            \Log::Info($string);
+            Log::Info($string);
            if ($this->option('verbose')) {
                $this->comment($string);
            }
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use Schema;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class PaveIt extends Command
@@ -103,7 +103,7 @@ class RecryptFromMcrypt extends Command
                $this->comment('INFO: No LDAP password found. Skipping... ');
            } else {
                $decrypted_ldap_pword = $mcrypter->decrypt($settings->ldap_pword);
-                $settings->ldap_pword = \Crypt::encrypt($decrypted_ldap_pword);
+                $settings->ldap_pword = Crypt::encrypt($decrypted_ldap_pword);
                $settings->save();
            }
            /** @var CustomField[] $custom_fields */
@@ -132,7 +132,7 @@ class RecryptFromMcrypt extends Command
                        // Try to decrypt the payload using the legacy app key
                        try {
                            $decrypted_field = $mcrypter->decrypt($asset->{$columnName});
-                            $asset->{$columnName} = \Crypt::encrypt($decrypted_field);
+                            $asset->{$columnName} = Crypt::encrypt($decrypted_field);
                            $this->comment($decrypted_field);
                        } catch (\Exception $e) {
                            $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage();
@@ -4,7 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;

 class RegenerateAssetTags extends Command
@@ -6,8 +6,8 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\User;
-use Artisan;
-use DB;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class RestoreDeletedUsers extends Command
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use Illuminate\Console\Command;
 use ZipArchive;
+use Illuminate\Support\Facades\Log;

 class SQLStreamer {
    private $input;
@@ -125,7 +126,7 @@ class SQLStreamer {
        while (($buffer = fgets($this->input, SQLStreamer::$buffer_size)) !== false) {
            $bytes_read += strlen($buffer);
            if ($this->reading_beginning_of_line) {
-                // \Log::debug("Buffer is: '$buffer'");
+                // Log::debug("Buffer is: '$buffer'");
                $cleaned_buffer = $this->parse_sql($buffer);
                if ($this->output) {
                    $bytes_written = fwrite($this->output, $cleaned_buffer);
@@ -191,7 +192,7 @@ class RestoreFromBackup extends Command
    {
        $dir = getcwd();
        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
-            \Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
+            Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
        }
        //
@@ -297,7 +298,7 @@ class RestoreFromBackup extends Command
                continue;
            }
            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
-                \Log::debug("Found a sql file!");
+                Log::debug("Found a sql file!");
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
                continue;
@@ -413,7 +414,7 @@ class RestoreFromBackup extends Command
                $bytes_read = 0;
                while (($buffer = fgets($sql_contents, SQLStreamer::$buffer_size)) !== false) {
                    $bytes_read += strlen($buffer);
-                    // \Log::debug("Buffer is: '$buffer'");
+                    // Log::debug("Buffer is: '$buffer'");
                    $bytes_written = fwrite($pipes[0], $buffer);

                    if ($bytes_written === false) {
@@ -425,13 +426,13 @@ class RestoreFromBackup extends Command
                $bytes_read = $sql_importer->line_aware_piping();
            }
        } catch (\Exception $e) {
-            \Log::error("Error during restore!!!! ".$e->getMessage());
+            Log::error("Error during restore!!!! ".$e->getMessage());
            // FIXME - put these back and/or put them in the right places?!
            $err_out = fgets($pipes[1]);
            $err_err = fgets($pipes[2]);
-            \Log::error("Error OUTPUT: ".$err_out);
+            Log::error("Error OUTPUT: ".$err_out);
            $this->info($err_out);
-            \Log::error("Error ERROR : ".$err_err);
+            Log::error("Error ERROR : ".$err_err);
            $this->error($err_err);
            throw $e;
        }
@@ -5,7 +5,7 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Setting;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Encryption\Encrypter;
@@ -43,7 +43,7 @@ class SendCurrentInventoryToUsers extends Command

        $count = 0;
        foreach ($users as $user) {
-            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0)) {
+            if (($user->assets->count() > 0) || ($user->accessories->count() > 0) || ($user->licenses->count() > 0) || ($user->consumables->count() > 0)) {
                $count++;
                $user->notify((new CurrentInventory($user)));
            }
@@ -9,7 +9,6 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Log;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -43,25 +42,31 @@ class SendExpectedCheckinAlerts extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
-        $whenNotify = Carbon::now();
-        $assets = Asset::with('assignedTo')->whereNotNull('assigned_to')->whereNotNull('expected_checkin')->where('expected_checkin', '<=', $whenNotify)->get();
+        $interval = $settings->audit_warning_days ?? 0;
+        $today = Carbon::now();
+        $interval_date = $today->copy()->addDays($interval);
+        
+        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForCheckin($settings)->orderBy('assets.expected_checkin', 'desc')->get();
+
+        $this->info($assets->count().' assets must be checked in on or before '.$interval_date.' is deadline');

-        $this->info($whenNotify.' is deadline');
-        $this->info($assets->count().' assets');

        foreach ($assets as $asset) {
-            if ($asset->assigned && $asset->checkedOutToUser()) {
-                Log::info('Sending ExpectedCheckinNotification to ' . $asset->assigned->email);
-                $asset->assigned->notify((new ExpectedCheckinNotification($asset)));
+            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email!='') && $asset->checkedOutToUser()) {
+                $this->info('Sending User ExpectedCheckinNotification to: '.$asset->assignedTo->email);
+                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
            }
        }

        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
                return new AlertRecipient($item);
            });
+
+            $this->info('Sending Admin ExpectedCheckinNotification to: '.$settings->alert_email);
            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+
        }
    }
 }
@@ -3,13 +3,11 @@
 namespace App\Console\Commands;

 use App\Models\Asset;
-use App\Models\License;
-use App\Models\Recipients;
+use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
-use App\Notifications\ExpiringAssetsNotification;
 use App\Notifications\SendUpcomingAuditNotification;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;

 class SendUpcomingAuditReport extends Command
@@ -46,39 +44,24 @@ class SendUpcomingAuditReport extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
+        $interval = $settings->audit_warning_days ?? 0;
+        $today = Carbon::now();
+        $interval_date = $today->copy()->addDays($interval);

-        if (($settings->alert_email != '') && ($settings->audit_warning_days) && ($settings->alerts_enabled == 1)) {
+        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'desc')->get();
+        $this->info($assets->count().' assets must be audited in on or before '.$interval_date.' is deadline');

+
+        if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item, $key) {
-                return new \App\Models\Recipients\AlertRecipient($item);
+            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
+                return new AlertRecipient($item);
            });

-            // Assets due for auditing
+            $this->info('Sending Admin SendUpcomingAuditNotification to: '.$settings->alert_email);
+            \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));

-            $assets = Asset::whereNotNull('next_audit_date')
-                    ->DueOrOverdueForAudit($settings)
-                    ->orderBy('last_audit_date', 'asc')->get();
-
-            if ($assets->count() > 0) {
-                $this->info(trans_choice('mail.upcoming-audits', $assets->count(),
-                    ['count' => $assets->count(), 'threshold' => $settings->audit_warning_days]));
-                \Notification::send($recipients, new SendUpcomingAuditNotification($assets, $settings->audit_warning_days));
-                $this->info('Audit report sent to '.$settings->alert_email);
-            } else {
-                $this->info('No assets to be audited. No report sent.');
-            }
-        } elseif ($settings->alert_email == '') {
-            $this->error('Could not send email. No alert email configured in settings');
-        } elseif (! $settings->audit_warning_days) {
-            $this->error('No audit warning days set in Admin Notifications. No mail will be sent.');
-        } elseif ($settings->alerts_enabled != 1) {
-            $this->info('Alerts are disabled in the settings. No mail will be sent');
-        } else {
-            $this->error('Something went wrong. :( ');
-            $this->error('Admin Notifications Email Setting: '.$settings->alert_email);
-            $this->error('Admin Audit Warning Setting: '.$settings->audit_warning_days);
-            $this->error('Admin Alerts Emnabled: '.$settings->alerts_enabled);
        }
+
    }
 }
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Log;

 class SyncAssetCounters extends Command
 {
@@ -58,7 +59,7 @@ class SyncAssetCounters extends Command
                        $asset->save();
                        $bar->advance();

-                        \Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');
+                        Log::debug('Asset: '.$asset->id.' has '.$asset->checkin_counter.' checkins, '.$asset->checkout_counter.' checkouts, and '.$asset->requests_counter.' requests');

                    }

@@ -0,0 +1,76 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use App\Models\CustomField;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+
+class ToggleCustomfieldEncryption extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:customfield-encryption
+                             {fieldname : the db_column_name of the field}';
+
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This command should be used to convert an unencrypted custom field into a custom field and encrypt the associated data in the assets table for that column.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle()
+    {
+        $fieldname = $this->argument('fieldname');
+
+        if ($field = CustomField::where('db_column', $fieldname)->first()) {
+
+            // If the field is not encrypted, make it encrypted and encrypt the data in the assets table for the
+            // corresponding field.
+            DB::transaction(function () use ($field) {
+
+                if ($field->field_encrypted == 0) {
+                    $assets = Asset::whereNotNull($field->db_column)->get();
+
+                    foreach ($assets as $asset) {
+                        $asset->{$field->db_column} = encrypt($asset->{$field->db_column});
+                        $asset->save();
+                    }
+
+                    $field->field_encrypted = 1;
+                    $field->save();
+
+                // This field is already encrypted. Do nothing.
+                } else {
+                    $this->error('The custom field ' . $field->db_column.' is already encrypted. No action was taken.');
+                }
+            });
+
+        // No matching column name found
+        } else {
+            $this->error('No matching results for unencrypted custom fields with db_column name: ' . $fieldname.'. Please check the fieldname.');
+        }
+
+    }
+}
@@ -7,7 +7,7 @@ use App\Helpers\Helper;
 use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\AuthenticationException;
 use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Throwable;
 use JsonException;
 use Carbon\Exceptions\InvalidFormatException;
@@ -44,8 +44,8 @@ class Handler extends ExceptionHandler
    public function report(Throwable $exception)
    {
        if ($this->shouldReport($exception)) {
-            if (class_exists(\Log::class)) {
-                \Log::error($exception);
+            if (class_exists(Log::class)) {
+                Log::error($exception);
            }
            return parent::report($exception);
        }
@@ -12,10 +12,12 @@ use App\Models\Depreciation;
 use App\Models\Setting;
 use App\Models\Statuslabel;
 use App\Models\License;
-use Crypt;
+use Illuminate\Support\Facades\Crypt;
 use Illuminate\Contracts\Encryption\DecryptException;
-use Image;
 use Carbon\Carbon;
+use Illuminate\Support\Facades\Log;
+use Intervention\Image\ImageManagerStatic as Image;
+use Illuminate\Support\Facades\Session;

 class Helper
 {
@@ -412,7 +414,7 @@ class Helper

        if ($index >= $total_colors) {

-            \Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
+            Log::info('Status label count is '.$index.' and exceeds the allowed count of 266.');
            //patch fix for array key overflow (color count starts at 1, array starts at 0)
            $index = $index - $total_colors - 1;

@@ -842,7 +844,7 @@ class Helper
        $filetype = @finfo_file($finfo, $file);
        finfo_close($finfo);

-        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif')) {
+        if (($filetype == 'image/jpeg') || ($filetype == 'image/jpg') || ($filetype == 'image/png') || ($filetype == 'image/bmp') || ($filetype == 'image/gif') || ($filetype == 'image/avif')) {
            return $filetype;
        }

@@ -875,12 +877,15 @@ class Helper
                $permission_name = $permission[$x]['permission'];

                if ($permission[$x]['display'] === true) {
-                    if ($selected_arr) {
+
+                    if (is_array($selected_arr)) {
+
                        if (array_key_exists($permission_name, $selected_arr)) {
                            $permissions_arr[$permission_name] = $selected_arr[$permission_name];
                        } else {
                            $permissions_arr[$permission_name] = '0';
                        }
+
                    } else {
                        $permissions_arr[$permission_name] = '0';
                    }
@@ -1012,7 +1017,7 @@ class Helper


        try {
-            $tmp_date = new \Carbon($date);
+            $tmp_date = new Carbon($date);

            if ($type == 'datetime') {
                $dt['datetime'] = $tmp_date->format('Y-m-d H:i:s');
@@ -1029,7 +1034,7 @@ class Helper
            return $dt['formatted'];

        } catch (\Exception $e) {
-            \Log::warning($e);
+            Log::warning($e);
            return $date.' (Invalid '.$type.' value.)';
        }

@@ -1106,6 +1111,8 @@ class Helper
            'jpeg'   => 'far fa-image',
            'gif'   => 'far fa-image',
            'png'   => 'far fa-image',
+            'webp'   => 'far fa-image',
+            'avif'   => 'far fa-image',
            // word
            'doc'   => 'far fa-file-word',
            'docx'   => 'far fa-file-word',
@@ -1141,6 +1148,8 @@ class Helper
                case 'jpeg':
                case 'gif':
                case 'png':
+                case 'webp':
+                case 'avif':
                    return true;
                    break;
                default:
@@ -1338,7 +1347,7 @@ class Helper
    public static function isDemoMode() {
        if (config('app.lock_passwords') === true) {
            return true;
-            \Log::debug('app locked!');
+            Log::debug('app locked!');
        }
        
        return false;
@@ -1431,7 +1440,7 @@ class Helper

        foreach (self::$language_map as $legacy => $new) {
            if ($language_code == $legacy) {
-                \Log::debug('Current language is '.$legacy.', using '.$new.' instead');
+                Log::debug('Current language is '.$legacy.', using '.$new.' instead');
                return $new;
            }
        }
@@ -1455,4 +1464,38 @@ class Helper
        return $new_locale; // better that you have some weird locale that doesn't fit into our mappings anywhere than 'void'
    }

+
+    static public function getRedirectOption($request, $id, $table, $asset_id = null)
+    {
+
+        $redirect_option = Session::get('redirect_option');
+        $checkout_to_type = Session::get('checkout_to_type');
+
+        //return to index
+        if ($redirect_option == '0') {
+            switch ($table) {
+                case "Assets":
+                    return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        //return to thing being assigned
+        if ($redirect_option == '1') {
+            switch ($table) {
+                case "Assets":
+                    return redirect()->route('hardware.show', $id ? $id : $asset_id)->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        //return to thing being assigned to
+        if ($redirect_option == '2') {
+            switch ($checkout_to_type) {
+                case 'user':
+                    return redirect()->route('users.show', $request->assigned_user)->with('success', trans('admin/hardware/message.checkout.success'));
+                case 'location':
+                    return redirect()->route('locations.show', $request->assigned_location)->with('success', trans('admin/hardware/message.checkout.success'));
+                case 'asset':
+                    return redirect()->route('hardware.show', $request->assigned_asset)->with('success', trans('admin/hardware/message.checkout.success'));
+            }
+        }
+        return redirect()->back()->with('error', trans('admin/hardware/message.checkout.error'));
+    }
 }
@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
 use Redirect;
+use Illuminate\Support\Facades\Log;

 /** This controller handles all actions related to Accessories for
 * the Snipe-IT Asset Management application.
@@ -57,7 +58,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -150,7 +151,7 @@ class AccessoriesController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param ImageUploadRequest $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $accessoryId = null)
@@ -204,7 +205,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($accessoryId)
@@ -224,7 +225,7 @@ class AccessoriesController extends Controller
            try {
                Storage::disk('public')->delete('accessories'.'/'.$accessory->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

@@ -10,6 +10,7 @@ use App\Models\Accessory;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Accessory\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class AccessoriesFilesController extends Controller
 {
@@ -85,7 +86,7 @@ class AccessoriesFilesController extends Controller
                try {
                    Storage::delete('accessories/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -112,7 +113,7 @@ class AccessoriesFilesController extends Controller
    public function show($accessoryId = null, $fileId = null, $download = true)
    {

-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $accessory = Accessory::find($accessoryId);


@@ -129,8 +130,8 @@ class AccessoriesFilesController extends Controller
            $file = 'private_uploads/accessories/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -44,7 +44,7 @@ class AccessoryCheckinController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param null $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @internal param int $accessoryId
     */
@@ -59,7 +59,7 @@ class AccessoryCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param Request $request
     * @param  int $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request, $accessoryId)
@@ -23,13 +23,13 @@ use App\Notifications\AcceptanceAssetAcceptedNotification;
 use App\Notifications\AcceptanceAssetDeclinedNotification;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Str;
 use App\Http\Controllers\SettingsController;
 use Barryvdh\DomPDF\Facade\Pdf;
 use Carbon\Carbon;
 use phpDocumentor\Reflection\Types\Compound;
+use Illuminate\Support\Facades\Log;

 class AcceptanceController extends Controller
 {
@@ -80,7 +80,7 @@ class AcceptanceController extends Controller
     *
     * @param  Request $request
     * @param  int  $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $id)
    {
@@ -223,6 +223,7 @@ class AcceptanceController extends Controller
                'item_model' => $display_model,
                'item_serial' => $item->serial,
                'eula' => $item->getEula(),
+                'note' => $request->input('note'),
                'check_out_date' => Carbon::parse($acceptance->created_at)->format('Y-m-d'),
                'accepted_date' => Carbon::parse($acceptance->accepted_at)->format('Y-m-d'),
                'assigned_to' => $assigned_to,
@@ -233,12 +234,12 @@ class AcceptanceController extends Controller
            ];

            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }

-            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename);
+            $acceptance->accept($sig_filename, $item->getEula(), $pdf_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetAcceptedNotification($data));
            event(new CheckoutAccepted($acceptance));

@@ -306,10 +307,12 @@ class AcceptanceController extends Controller
                    $assigned_to = User::find($acceptance->assigned_to_id)->present()->fullName;
                    break;
            }
+
            $data = [
                'item_tag' => $item->asset_tag,
                'item_model' => $display_model,
                'item_serial' => $item->serial,
+                'note' => $request->input('note'),
                'declined_date' => Carbon::parse($acceptance->declined_at)->format('Y-m-d'),
                'signature' => ($sig_filename) ? storage_path() . '/private_uploads/signatures/' . $sig_filename : null,
                'assigned_to' => $assigned_to,
@@ -318,12 +321,12 @@ class AcceptanceController extends Controller
            ];

            if ($pdf_view_route!='') {
-                \Log::debug($pdf_filename.' is the filename, and the route was specified.');
+                Log::debug($pdf_filename.' is the filename, and the route was specified.');
                $pdf = Pdf::loadView($pdf_view_route, $data);
                Storage::put('private_uploads/eula-pdfs/' .$pdf_filename, $pdf->output());
            }

-            $acceptance->decline($sig_filename);
+            $acceptance->decline($sig_filename, $request->input('note'));
            $acceptance->notify(new AcceptanceAssetDeclinedNotification($data));
            event(new CheckoutDeclined($acceptance));
            $return_msg = trans('admin/users/message.declined');
@@ -4,8 +4,9 @@ namespace App\Http\Controllers;

 use App\Helpers\Helper;
 use App\Models\Actionlog;
-use Response;
-
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
 class ActionlogController extends Controller
 {
    public function displaySig($filename)
@@ -14,18 +15,23 @@ class ActionlogController extends Controller
        // file_get_contents, so we set the error reporting for just this class
        error_reporting(0);

-        $this->authorize('view', \App\Models\Asset::class);
-        $file = config('app.private_uploads').'/signatures/'.$filename;
-        $filetype = Helper::checkUploadIsImage($file);
+        $disk = config('filesystems.default');
+        switch (config("filesystems.disks.$disk.driver")) {
+        case 's3':
+            $file = 'private_uploads/signatures/'.$filename;
+            return redirect()->away(Storage::disk($disk)->temporaryUrl($file, now()->addMinutes(5)));
+        default:
+          $this->authorize('view', \App\Models\Asset::class);
+          $file = config('app.private_uploads').'/signatures/'.$filename;
+          $filetype = Helper::checkUploadIsImage($file);

-        $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
-        if ($contents === false) {
-            \Log::warn('File '.$file.' not found');
-            return false;
-        } else {
-            return Response::make($contents)->header('Content-Type', $filetype);
-        }
-       
+          $contents = file_get_contents($file, false, stream_context_create(['http' => ['ignore_errors' => true]]));
+          if ($contents === false) {
+              Log::warning('File '.$file.' not found');
+              return false;
+          } else {
+              return Response::make($contents)->header('Content-Type', $filetype);
+          }
    }
    public function getStoredEula($filename){
        $this->authorize('view', \App\Models\Asset::class);
@@ -10,9 +10,9 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Accessory;
 use App\Models\Company;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;

@@ -274,7 +274,7 @@ class AccessoriesController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $accessoryId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function checkout(Request $request, $accessoryId)
    {
@@ -320,7 +320,7 @@ class AccessoriesController extends Controller
     * @param Request $request
     * @param int $accessoryUserId
     * @param string $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @internal param int $accessoryId
     */
    public function checkin(Request $request, $accessoryUserId = null)
@@ -0,0 +1,219 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Helpers\StorageHelper;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\Gate;
+use App\Helpers\Helper;
+use App\Http\Controllers\Controller;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Actionlog;
+use \Illuminate\Support\Facades\Auth;
+use Carbon\Carbon;
+use DB;
+use Illuminate\Http\Request;
+use App\Http\Requests\UploadFileRequest;
+use Illuminate\Support\Facades\Log;
+use Input;
+use Paginator;
+use Slack;
+use Str;
+use TCPDF;
+use Validator;
+use Route;
+
+
+/**
+ * This class controls file related actions related
+ * to assets for the Snipe-IT Asset Management application.
+ *
+ * Based on the Assets/AssetFilesController by A. Gianotto <snipe@snipe.net>
+ *
+ * @version    v1.0
+ * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+ */
+class AssetFilesController extends Controller
+{
+    /**
+     * Accepts a POST to upload a file to the server.
+     *
+     * @param \App\Http\Requests\UploadFileRequest $request
+     * @param int $assetId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function store(UploadFileRequest $request, $assetId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        // Make sure we are allowed to update this asset
+        $this->authorize('update', $asset);
+
+	if ($request->hasFile('file')) {
+            // If the file storage directory doesn't exist; create it
+            if (! Storage::exists('private_uploads/assets')) {
+                Storage::makeDirectory('private_uploads/assets', 775);
+            }
+
+            // Loop over the attached files and add them to the asset
+            foreach ($request->file('file') as $file) {
+                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
+                
+                $asset->logUpload($file_name, e($request->get('notes')));
+            }
+
+            // All done - report success
+            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
+        }
+
+        // We only reach here if no files were included in the POST, so tell the user this
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500);
+    }
+
+    /**
+     * List the files for an asset.
+     *
+     * @param  int $assetId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function list($assetId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+	
+	// the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            // Check that there are some uploads on this asset that can be listed
+            if ($asset->uploads->count() > 0) {
+                $files = array();
+                foreach ($asset->uploads as $upload) {
+                    array_push($files, $upload);
+		}
+                // Give the list of files back to the user
+                return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/hardware/message.upload.success')));
+            }
+
+	    // There are no files.
+            return response()->json(Helper::formatStandardApiResponse('success', array(), trans('admin/hardware/message.upload.success')));
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error')), 500);
+    }
+
+    /**
+     * Check for permissions and display the file.
+     *
+     * @param  int $assetId
+     * @param  int $fileId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function show($assetId = null, $fileId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('view', $asset);
+
+            // Check that the file being requested exists for the asset
+            if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 404);
+            }
+
+	    // Form the full filename with path
+            $file = 'private_uploads/assets/'.$log->filename;
+            \Log::debug('Checking for '.$file);
+
+            if ($log->action_type == 'audit') {
+                $file = 'private_uploads/audits/'.$log->filename;
+            }
+
+            // Check the file actually exists on the filesystem
+            if (! Storage::exists($file)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404);
+            }
+
+            if (request('inline') == 'true') {
+
+                $headers = [
+                    'Content-Disposition' => 'inline',
+                ];
+
+                return Storage::download($file, $log->filename, $headers);
+            }
+
+            return StorageHelper::downloader($file);
+        }
+
+        // Send back an error message
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500);
+    }
+
+    /**
+     * Delete the associated file
+     *
+     * @param  int $assetId
+     * @param  int $fileId
+     * @return \Illuminate\Http\JsonResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     * @since [v6.0]
+     * @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
+     */
+    public function destroy($assetId = null, $fileId = null)
+    {
+        // Start by checking if the asset being acted upon exists
+        if (! $asset = Asset::find($assetId)) {
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 404);
+        }
+
+        $rel_path = 'private_uploads/assets';
+
+        // the asset is valid
+        if (isset($asset->id)) {
+            $this->authorize('update', $asset);
+
+            // Check for the file
+            $log = Actionlog::find($fileId);
+	    if ($log) {
+                // Check the file actually exists, and delete it
+                if (Storage::exists($rel_path.'/'.$log->filename)) {
+                    Storage::delete($rel_path.'/'.$log->filename);
+		}
+		// Delete the record of the file
+                $log->delete();
+
+                // All deleting done - notify the user of success
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.deletefile.success')), 200);
+            }
+
+            // The file doesn't seem to really exist, so report an error
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
+    }
+}
@@ -8,7 +8,7 @@ use App\Http\Transformers\AssetMaintenancesTransformer;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Input;
@@ -12,6 +12,7 @@ use App\Models\AssetModel;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to asset models for
@@ -224,7 +225,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('assetmodels/'.$assetmodel->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

@@ -27,17 +27,16 @@ use App\Models\Setting;
 use App\Models\User;
 use \Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
-use DB;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Log;
-use Input;
 use Paginator;
 use Slack;
 use Str;
 use TCPDF;
 use Validator;
-use Route;
+use Illuminate\Support\Facades\Route;


 /**
@@ -59,7 +58,7 @@ class AssetsController extends Controller
     * @since [v4.0]
     * @return \Illuminate\Http\JsonResponse
     */
-    public function index(Request $request, $audit = null) 
+    public function index(Request $request, $action = null, $upcoming_status = null)
    {

        $filter_non_deprecable_assets = false;
@@ -94,6 +93,7 @@ class AssetsController extends Controller
            'serial',
            'model_number',
            'last_checkout',
+            'last_checkin',
            'notes',
            'expected_checkin',
            'order_number',
@@ -154,17 +154,44 @@ class AssetsController extends Controller
            $assets->TextSearch($request->input('search'));
        }

-        // This is used by the audit reporting routes
-        if (Gate::allows('audit', Asset::class)) {
-            switch ($audit) {
-                case 'due':
-                    $assets->DueOrOverdueForAudit($settings);
-                    break;
-                case 'overdue':
-                    $assets->overdueForAudit($settings);
-                    break;
+
+        /**
+         * Handle due and overdue audits and checkin dates
+         */
+        switch ($action) {
+            case 'audits':
+
+                switch ($upcoming_status) {
+                    case 'due':
+                        $assets->DueForAudit($settings);
+                        break;
+                    case 'overdue':
+                        $assets->OverdueForAudit();
+                        break;
+                    case 'due-or-overdue':
+                        $assets->DueOrOverdueForAudit($settings);
+                        break;
+                }
+                break;
+
+            case 'checkins':
+                switch ($upcoming_status) {
+                    case 'due':
+                        $assets->DueForCheckin($settings);
+                        break;
+                    case 'overdue':
+                        $assets->OverdueForCheckin();
+                        break;
+                    case 'due-or-overdue':
+                        $assets->DueOrOverdueForCheckin($settings);
+                        break;
+                }
+                break;
            }
-        }
+
+        /**
+         * End handling due and overdue audits and checkin dates
+         */


        // This is used by the sidenav, mostly
@@ -591,6 +618,11 @@ class AssetsController extends Controller
                        }
                    }
                }
+                if ($field->element == 'checkbox') {
+                    if(is_array($field_val)) {
+                        $field_val = implode(',', $field_val);
+                    }
+                }


                $asset->{$field->db_column} = $field_val;
@@ -614,6 +646,8 @@ class AssetsController extends Controller
            }

            return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.create.success')));
+
+            return response()->json(Helper::formatStandardApiResponse('success', (new AssetsTransformer)->transformAsset($asset), trans('admin/hardware/message.create.success')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -657,16 +691,26 @@ class AssetsController extends Controller
            $model = AssetModel::find($asset->model_id);
            
            // Update custom fields
+            $problems_updating_encrypted_custom_fields = false;
            if (($model) && (isset($model->fieldset))) {
                foreach ($model->fieldset->fields as $field) {
+                    $field_val = $request->input($field->db_column, null);
+
                    if ($request->has($field->db_column)) {
+                        if ($field->element == 'checkbox') {
+                            if(is_array($field_val)) {
+                                $field_val = implode(',', $field_val);
+                            }
+                        }
                        if ($field->field_encrypted == '1') {
                            if (Gate::allows('admin')) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($request->input($field->db_column));
+                                $field_val = Crypt::encrypt($field_val);
+                            } else {
+                                $problems_updating_encrypted_custom_fields = true;
+                                continue;
                            }
-                        } else {
-                            $asset->{$field->db_column} = $request->input($field->db_column);
                        }
+                        $asset->{$field->db_column} = $field_val;
                    }
                }
            }
@@ -692,7 +736,11 @@ class AssetsController extends Controller
                    $asset->image = $asset->getImageUrl();
                }

-                return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+                if ($problems_updating_encrypted_custom_fields) {
+                    return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.encrypted_warning')));
+                } else {
+                    return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.update.success')));
+                }
            }

            return response()->json(Helper::formatStandardApiResponse('error', null, $asset->getErrors()), 200);
@@ -802,7 +850,6 @@ class AssetsController extends Controller
            'asset_tag' => $asset->asset_tag,
        ];

-
        // This item is checked out to a location
        if (request('checkout_to_type') == 'location') {
            $target = Location::find(request('assigned_location'));
@@ -829,13 +876,10 @@ class AssetsController extends Controller
            $asset->status_id = $request->get('status_id');
        }

-
        if (! isset($target)) {
            return response()->json(Helper::formatStandardApiResponse('error', $error_payload, 'Checkout target for asset '.e($asset->asset_tag).' is invalid - '.$error_payload['target_type'].' does not exist.'));
        }

-
-
        $checkout_at = request('checkout_at', date('Y-m-d H:i:s'));
        $expected_checkin = request('expected_checkin', null);
        $note = request('note', null);
@@ -851,8 +895,6 @@ class AssetsController extends Controller
 //            $asset->location_id = $target->rtd_location_id;
 //        }

-
-
        if ($asset->checkOut($target, Auth::user(), $checkout_at, $expected_checkin, $note, $asset_name, $asset->location_id)) {
            return response()->json(Helper::formatStandardApiResponse('success', ['asset'=> e($asset->asset_tag)], trans('admin/hardware/message.checkout.success')));
        }
@@ -983,25 +1025,39 @@ class AssetsController extends Controller

    {
        $this->authorize('audit', Asset::class);
-        $rules = [
-            'asset_tag' => 'required',
-            'location_id' => 'exists:locations,id|nullable|numeric',
-            'next_audit_date' => 'date|nullable',
-        ];
-
-        $validator = Validator::make($request->all(), $rules);
-        if ($validator->fails()) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()->all()));
-        }

        $settings = Setting::getSettings();
        $dt = Carbon::now()->addMonths($settings->audit_interval)->toDateString();

+        // No tag passed - return an error
+        if (!$request->filled('asset_tag')) {
+            return response()->json(Helper::formatStandardApiResponse('error', [
+                'asset_tag'=> '',
+                'error'=> trans('admin/hardware/message.no_tag'),
+            ], trans('admin/hardware/message.no_tag')), 200);
+        }
+
+
        $asset = Asset::where('asset_tag', '=', $request->input('asset_tag'))->first();


        if ($asset) {
-            // We don't want to log this as a normal update, so let's bypass that
+
+            /**
+             * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
+             * which would trigger the Asset Observer and would log an asset *update* log entry (because the
+             * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
+             * the audit log entry we're creating through this controller.
+             *
+             * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
+             * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
+             * will bypass normal model-level validation that's usually handled at the observer )
+             *
+             * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
+             * which manually invokes Watson Validating to make sure the asset's model is valid.
+             *
+             * @see \App\Observers\AssetObserver::updating()
+             */
            $asset->unsetEventDispatcher();
            $asset->next_audit_date = $dt;

@@ -1017,8 +1073,12 @@ class AssetsController extends Controller

            $asset->last_audit_date = date('Y-m-d H:i:s');

-            if ($asset->save()) {
-                $log = $asset->logAudit(request('note'), request('location_id'));
+            /**
+             * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
+             * We have to invoke this manually because of the unsetEventDispatcher() above.)
+             */
+            if ($asset->isValid() && $asset->save()) {
+                $asset->logAudit(request('note'), request('location_id'));

                return response()->json(Helper::formatStandardApiResponse('success', [
                    'asset_tag'=> e($asset->asset_tag),
@@ -1026,9 +1086,23 @@ class AssetsController extends Controller
                    'next_audit_date' => Helper::getFormattedDateObject($asset->next_audit_date),
                ], trans('admin/hardware/message.audit.success')));
            }
+
+            // Asset failed validation or was not able to be saved
+            return response()->json(Helper::formatStandardApiResponse('error', [
+                'asset_tag'=> e($asset->asset_tag),
+                'error'=> $asset->getErrors()->first(),
+            ], trans('admin/hardware/message.audit.error', ['error' => $asset->getErrors()->first()])), 200);
+
        }

-        return response()->json(Helper::formatStandardApiResponse('error', ['asset_tag'=> e($request->input('asset_tag'))], 'Asset with tag '.e($request->input('asset_tag')).' not found'));
+
+        // No matching asset for the asset tag that was passed.
+        return response()->json(Helper::formatStandardApiResponse('error', [
+            'asset_tag'=> e($request->input('asset_tag')),
+            'error'=> trans('admin/hardware/message.audit.error'),
+        ], trans('admin/hardware/message.audit.error', ['error' => trans('admin/hardware/message.does_not_exist')])), 200);
+
+
    }


@@ -1062,8 +1136,7 @@ class AssetsController extends Controller

        $assets = Asset::select('assets.*')
            ->with('location', 'assetstatus', 'assetlog', 'company','assignedTo',
-                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests')
-            ->requestableAssets();
+                'model.category', 'model.manufacturer', 'model.fieldset', 'supplier', 'requests');



@@ -1071,7 +1144,7 @@ class AssetsController extends Controller
        if ($request->filled('search')) {
            $assets->TextSearch($request->input('search'));
        }
-
+        
        // Search custom fields by column name
        foreach ($all_custom_fields as $field) {
            if ($request->filled($field->db_column_name())) {
@@ -1101,6 +1174,7 @@ class AssetsController extends Controller
                break;
        }

+        $assets->requestableAssets();

        // Make sure the offset and limit are actually integers and do not exceed system limits
        $offset = ($request->input('offset') > $assets->count()) ? $assets->count() : app('api_offset_value');
@@ -14,6 +14,7 @@ use App\Events\ComponentCheckedIn;
 use App\Models\Asset;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Database\Query\Builder;
+use Illuminate\Support\Facades\Log;

 class ComponentsController extends Controller
 {
@@ -331,7 +332,7 @@ class ComponentsController extends Controller
            // actually checked out.
            $component_assets->assigned_qty = $qty_remaining_in_checkout;

-            \Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
+            Log::debug($component_asset_id.' - '.$qty_remaining_in_checkout.' remaining in record '.$component_assets->id);
            
            \DB::table('components_assets')->where('id',
                $component_asset_id)->update(['assigned_qty' => $qty_remaining_in_checkout]);
@@ -13,6 +13,7 @@ use App\Models\User;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;

 class ConsumablesController extends Controller
 {
@@ -277,7 +278,7 @@ class ConsumablesController extends Controller
        if (!$user = User::find($request->input('assigned_to'))) {
            // Return error message
            return response()->json(Helper::formatStandardApiResponse('error', null, 'No user found'));
-            \Log::debug('No valid user');
+            Log::debug('No valid user');
        }

        // Update the consumable data
@@ -179,7 +179,7 @@ class CustomFieldsController extends Controller
     *
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($field_id)
    {
@@ -118,7 +118,7 @@ class CustomFieldsetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($id)
    {
@@ -8,7 +8,7 @@ use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Company;
 use App\Models\Department;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
 use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
@@ -7,7 +7,7 @@ use App\Http\Controllers\Controller;
 use App\Http\Transformers\GroupsTransformer;
 use App\Models\Group;
 use Illuminate\Http\Request;
-use Auth;
+use Illuminate\Support\Facades\Auth;


 class GroupsController extends Controller
@@ -62,13 +62,16 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = new Group;
+        // Get all the available permissions
+        $permissions = config('permissions');
+        $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);

        $group->name = $request->input('name');
        $group->created_by = Auth::user()->id;
-        $group->permissions = json_encode($request->input('permissions')); // Todo - some JSON validation stuff here
+        $group->permissions = json_encode($request->input('permissions', $groupPermissions));

        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.create')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
@@ -86,7 +89,6 @@ class GroupsController extends Controller
    {
        $this->authorize('superadmin');
        $group = Group::findOrFail($id);
-
        return (new GroupsTransformer)->transformGroup($group);
    }

@@ -108,7 +110,7 @@ class GroupsController extends Controller
        $group->permissions = $request->input('permissions'); // Todo - some JSON validation stuff here

        if ($group->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $group, trans('admin/groups/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new GroupsTransformer)->transformGroup($group), trans('admin/groups/message.success.update')));
        }

        return response()->json(Helper::formatStandardApiResponse('error', null, $group->getErrors()));
@@ -9,13 +9,14 @@ use App\Http\Transformers\ImportsTransformer;
 use App\Models\Asset;
 use App\Models\Company;
 use App\Models\Import;
-use Artisan;
+use Illuminate\Support\Facades\Artisan;
 use Illuminate\Database\Eloquent\JsonEncodingException;
 use Illuminate\Support\Facades\Request;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Storage;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\File\Exception\FileException;
+use Illuminate\Support\Facades\Log;

 class ImportController extends Controller
 {
@@ -159,10 +160,10 @@ class ImportController extends Controller

        // Run a backup immediately before processing
        if ($request->get('run-backup')) {
-            \Log::debug('Backup manually requested via importer');
+            Log::debug('Backup manually requested via importer');
            Artisan::call('snipeit:backup', ['--filename' => 'pre-import-backup-'.date('Y-m-d-H:i:s')]);
        } else {
-            \Log::debug('NO BACKUP requested via importer');
+            Log::debug('NO BACKUP requested via importer');
        }

        $import = Import::find($import_id);
@@ -8,7 +8,7 @@ use App\Http\Transformers\LabelsTransformer;
 use App\Models\Labels\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\ItemNotFoundException;
-use Auth;
+use Illuminate\Support\Facades\Auth;

 class LabelsController extends Controller
 {
@@ -9,7 +9,7 @@ use App\Models\Asset;
 use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;

 class LicenseSeatsController extends Controller
@@ -235,10 +235,16 @@ class LocationsController extends Controller
    public function destroy($id)
    {
        $this->authorize('delete', Location::class);
-        $location = Location::findOrFail($id);
+        $location = Location::withCount('assignedAssets as assigned_assets_count')
+            ->withCount('assets as assets_count')
+            ->withCount('rtd_assets as rtd_assets_count')
+            ->withCount('children as children_count')
+            ->withCount('users as users_count')
+            ->findOrFail($id);
+
        if (! $location->isDeletable()) {
            return response()
-                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/companies/message.assoc_users')));
+                    ->json(Helper::formatStandardApiResponse('error', null, trans('admin/locations/message.assoc_users')));
        }
        $this->authorize('delete', $location);
        $location->delete();
@@ -12,7 +12,7 @@ use Laravel\Passport\TokenRepository;
 use Illuminate\Contracts\Validation\Factory as ValidationFactory;
 use Illuminate\Support\Facades\Gate;
 use App\Models\CustomField;
-use DB;
+use Illuminate\Support\Facades\DB;

 class ProfileController extends Controller
 {
@@ -32,19 +32,26 @@ class ReportsController extends Controller
        }

        if (($request->filled('item_type')) && ($request->filled('item_id'))) {
-            $actionlogs = $actionlogs->where('item_id', '=', $request->input('item_id'))
+            $actionlogs = $actionlogs->where(function($query) use ($request)
+            {
+                $query->where('item_id', '=', $request->input('item_id'))
                ->where('item_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')))
                ->orWhere(function($query) use ($request)
                {
                    $query->where('target_id', '=', $request->input('item_id'))
                    ->where('target_type', '=', 'App\\Models\\'.ucwords($request->input('item_type')));
                });
+            });
        }

        if ($request->filled('action_type')) {
            $actionlogs = $actionlogs->where('action_type', '=', $request->input('action_type'))->orderBy('created_at', 'desc');
        }

+        if ($request->filled('user_id')) {
+            $actionlogs = $actionlogs->where('user_id', '=', $request->input('user_id'));
+        }
+
        if ($request->filled('action_source')) {
            $actionlogs = $actionlogs->where('action_source', '=', $request->input('action_source'))->orderBy('created_at', 'desc');
        }
@@ -71,13 +78,14 @@ class ReportsController extends Controller
        ];


+        $total = $actionlogs->count();
        // Make sure the offset and limit are actually integers and do not exceed system limits
-        $offset = ($request->input('offset') > $actionlogs->count()) ? $actionlogs->count() : app('api_offset_value');
+        $offset = ($request->input('offset') > $total) ? $total : app('api_offset_value');
        $limit = app('api_limit_value');

        $sort = in_array($request->input('sort'), $allowed_columns) ? e($request->input('sort')) : 'created_at';
        $order = ($request->input('order') == 'asc') ? 'asc' : 'desc';
-        $total = $actionlogs->count();
+

        $actionlogs = $actionlogs->orderBy($sort, $order)->skip($offset)->take($limit)->get();

@@ -33,18 +33,18 @@ class SettingsController extends Controller
        $settings = Setting::getSettings();

        if ($settings->ldap_enabled!='1') {
-            \Log::debug('LDAP is not enabled cannot test.');
+            Log::debug('LDAP is not enabled cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

-        \Log::debug('Preparing to test LDAP connection');
+        Log::debug('Preparing to test LDAP connection');

        $message = []; //where we collect together test messages
        try {
            $connection = Ldap::connectToLdap();
            try {
                $message['bind'] = ['message' => 'Successfully bound to LDAP server.'];
-                \Log::debug('attempting to bind to LDAP for LDAP test');
+                Log::debug('attempting to bind to LDAP for LDAP test');
                Ldap::bindAdminToLdap($connection);
                $message['login'] = [
                    'message' => 'Successfully connected to LDAP server.',
@@ -75,13 +75,13 @@ class SettingsController extends Controller

                return response()->json($message, 200);
            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
-                \Log::debug("Exception was: ".$e->getMessage());
+                Log::debug('Bind failed');
+                Log::debug("Exception was: ".$e->getMessage());
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed but we cannot debug it any further on our end.');
+            Log::debug('Connection failed but we cannot debug it any further on our end.');
            return response()->json(['message' => $e->getMessage()], 500);
        }

@@ -92,7 +92,7 @@ class SettingsController extends Controller
    {

        if (Setting::getSettings()->ldap_enabled != '1') {
-            \Log::debug('LDAP is not enabled. Cannot test.');
+            Log::debug('LDAP is not enabled. Cannot test.');
            return response()->json(['message' => 'LDAP is not enabled, cannot test.'], 400);
        }

@@ -104,39 +104,39 @@ class SettingsController extends Controller

        $validator = Validator::make($request->all(), $rules);
        if ($validator->fails()) {
-            \Log::debug('LDAP Validation test failed.');
+            Log::debug('LDAP Validation test failed.');
            $validation_errors = implode(' ',$validator->errors()->all());
            return response()->json(['message' => $validator->errors()->all()], 400);
        }
        


-        \Log::debug('Preparing to test LDAP login');
+        Log::debug('Preparing to test LDAP login');
        try {
            $connection = Ldap::connectToLdap();
            try {
                Ldap::bindAdminToLdap($connection);
-                \Log::debug('Attempting to bind to LDAP for LDAP test');
+                Log::debug('Attempting to bind to LDAP for LDAP test');
                try {
                    $ldap_user = Ldap::findAndBindUserLdap($request->input('ldaptest_user'), $request->input('ldaptest_password'));
                    if ($ldap_user) {
-                        \Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
+                        Log::debug('It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.');
                        return response()->json(['message' => 'It worked! '. $request->input('ldaptest_user').' successfully binded to LDAP.'], 200);
                    }
                    return response()->json(['message' => 'Login Failed. '. $request->input('ldaptest_user').' did not successfully bind to LDAP.'], 400);

                } catch (\Exception $e) {
-                    \Log::debug('LDAP login failed');
+                    Log::debug('LDAP login failed');
                    return response()->json(['message' => $e->getMessage()], 400);
                }

            } catch (\Exception $e) {
-                \Log::debug('Bind failed');
+                Log::debug('Bind failed');
                return response()->json(['message' => $e->getMessage()], 400);
                //return response()->json(['message' => $e->getMessage()], 500);
            }
        } catch (\Exception $e) {
-            \Log::debug('Connection failed');
+            Log::debug('Connection failed');
            return response()->json(['message' => $e->getMessage()], 500);
        }

@@ -181,19 +181,19 @@ class SettingsController extends Controller

            $file_parts = explode('.', $file);
            $extension = end($file_parts);
-            \Log::debug($extension);
+            Log::debug($extension);

            // Only generated barcodes would have a .png file extension
            if ($extension == 'png') {
-                \Log::debug('Deleting: '.$file);
+                Log::debug('Deleting: '.$file);


                try {
                    Storage::disk('public')->delete($file);
-                    \Log::debug('Deleting: '.$file);
+                    Log::debug('Deleting: '.$file);
                    $file_count++;
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }
        }
@@ -13,15 +13,15 @@ use App\Http\Transformers\SelectlistTransformer;
 use App\Http\Transformers\UsersTransformer;
 use App\Models\Actionlog;
 use App\Models\Asset;
-use App\Models\Company;
 use App\Models\License;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
-use App\Http\Requests\ImageUploadRequest;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;
+use App\Http\Requests\DeleteUserRequest;

 class UsersController extends Controller
 {
@@ -75,10 +75,14 @@ class UsersController extends Controller
            'users.autoassign_licenses',
            'users.website',

-        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy',)
-            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count');
+        ])->with('manager', 'groups', 'userloc', 'company', 'department', 'assets', 'licenses', 'accessories', 'consumables', 'createdBy', 'managesUsers', 'managedLocations')
+            ->withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count');


+        if ($request->filled('search') != '') {
+            $users = $users->TextSearch($request->input('search'));
+        }
+
        if ($request->filled('activated')) {
            $users = $users->where('users.activated', '=', $request->input('activated'));
        }
@@ -187,12 +191,26 @@ class UsersController extends Controller
            $users->has('accessories', '=', $request->input('accessories_count'));
        }

+        if ($request->filled('manages_users_count')) {
+            $users->has('manages_users_count', '=', $request->input('manages_users_count'));
+        }
+
+        if ($request->filled('manages_locations_count')) {
+            $users->has('manages_locations_count', '=', $request->input('manages_locations_count'));
+        }
+
        if ($request->filled('autoassign_licenses')) {
            $users->where('autoassign_licenses', '=', $request->input('autoassign_licenses'));
        }

-        if ($request->filled('search')) {
-            $users = $users->TextSearch($request->input('search'));
+        if ($request->filled('location_id') != '') {
+            $users = $users->UserLocation($request->input('location_id'), $request->input('search'));
+         }
+
+        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
+            $users = $users->onlyTrashed();
+        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
+            $users = $users->withTrashed();
        }

        $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
@@ -244,6 +262,8 @@ class UsersController extends Controller
                        'licenses_count',
                        'consumables_count',
                        'accessories_count',
+                        'manages_users_count',
+                        'manages_locations_count',
                        'phone',
                        'address',
                        'city',
@@ -262,18 +282,11 @@ class UsersController extends Controller
                        'website',
                    ];

-                $sort = in_array($request->get('sort'), $allowed_columns) ? $request->get('sort') : 'first_name';
+                $sort = in_array($request->input('sort'), $allowed_columns) ? $request->input('sort') : 'first_name';
                $users = $users->orderBy($sort, $order);
                break;
        }

-        if (($request->filled('deleted')) && ($request->input('deleted') == 'true')) {
-            $users = $users->onlyTrashed();
-        } elseif (($request->filled('all')) && ($request->input('all') == 'true')) {
-            $users = $users->withTrashed();
-        }
-
-        $users = Company::scopeCompanyables($users);


        // Make sure the offset and limit are actually integers and do not exceed system limits
@@ -308,8 +321,6 @@ class UsersController extends Controller
            ]
            )->where('show_in_list', '=', '1');

-        $users = Company::scopeCompanyables($users);
-
        if ($request->filled('search')) {
            $users = $users->where(function ($query) use ($request) {
                $query->SimpleNameSearch($request->get('search'))
@@ -403,9 +414,14 @@ class UsersController extends Controller
    public function show($id)
    {
        $this->authorize('view', User::class);
-        $user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count')->findOrFail($id);

-        return (new UsersTransformer)->transformUser($user);
+        if ($user = User::withCount('assets as assets_count', 'licenses as licenses_count', 'accessories as accessories_count', 'consumables as consumables_count', 'managesUsers as manages_users_count', 'managedLocations as manages_locations_count')->find($id)) {
+            $this->authorize('view', $user);
+            return (new UsersTransformer)->transformUser($user);
+        }
+        
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
+
    }


@@ -422,13 +438,12 @@ class UsersController extends Controller
    {
        $this->authorize('update', User::class);

-        $user = User::findOrFail($id);
+        $user = User::find($id);
+        $this->authorize('update', $user);

        /**
         * This is a janky hack to prevent people from changing admin demo user data on the public demo.
-         * 
         * The $ids 1 and 2 are special since they are seeded as superadmins in the demo seeder.
-         * 
         *  Thanks, jerks. You are why we can't have nice things. - snipe
         * 
         */ 
@@ -455,15 +470,15 @@ class UsersController extends Controller
        if ($request->has('permissions')) {
            $permissions_array = $request->input('permissions');

-            // Strip out the superuser permission if the API user isn't a superadmin
+            // Strip out the individual superuser permission if the API user isn't a superadmin
            if (! Auth::user()->isSuperUser()) {
                unset($permissions_array['superuser']);
            }
+
            $user->permissions = $permissions_array;
        }


-
        // Update the location of any assets checked out to this user
        Asset::where('assigned_type', User::class)
            ->where('assigned_to', $user->id)->update(['location_id' => $request->input('location_id', null)]);
@@ -473,27 +488,22 @@ class UsersController extends Controller
          
        if ($user->save()) {

-            // Sync group memberships:
-            // This was changed in Snipe-IT v4.6.x to 4.7, since we upgraded to Laravel 5.5
-            // which changes the behavior of has vs filled.
-            // The $request->has method will now return true even if the input value is an empty string or null.
-            // A new $request->filled method has was added that provides the previous behavior of the has method.
+            // Check if the request has groups passed and has a value, AND that the user us a superuser
+            if (($request->has('groups')) && (Auth::user()->isSuperUser())) {

-            // Check if the request has groups passed and has a value
-            if ($request->filled('groups')) {
-                $validator = Validator::make($request->all(), [
+                $validator = Validator::make($request->only('groups'), [
                    'groups.*' => 'integer|exists:permission_groups,id',
                ]);
-                
-                if ($validator->fails()){
-                    return response()->json(Helper::formatStandardApiResponse('error', null, $user->getErrors()));
-                }
-                $user->groups()->sync($request->input('groups'));
-            // The groups field has been passed but it is null, so we should blank it out
-            } elseif ($request->has('groups')) {
-                $user->groups()->sync([]);
-            }

+                if ($validator->fails()) {
+                    return response()->json(Helper::formatStandardApiResponse('error', null, $validator->errors()));
+                }
+
+                // Sync the groups since the user is a superuser and the groups pass validation
+                $user->groups()->sync($request->input('groups'));
+
+
+            }

            return response()->json(Helper::formatStandardApiResponse('success', (new UsersTransformer)->transformUser($user), trans('admin/users/message.success.update')));
        }
@@ -509,43 +519,35 @@ class UsersController extends Controller
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
-    public function destroy($id)
+    public function destroy(DeleteUserRequest $request, $id)
    {
        $this->authorize('delete', User::class);
-        $user = User::findOrFail($id);
+        $user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id);
+
        $this->authorize('delete', $user);

-        if (($user->assets) && ($user->assets->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete_has_assets')));
-        }

-        if (($user->licenses) && ($user->licenses->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->licenses->count().' license(s) associated with them and cannot be deleted.'));
-        }
+        if ($user) {
+            
+            if ($user->delete()) {

-        if (($user->accessories) && ($user->accessories->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->accessories->count().' accessories associated with them.'));
-        }
-
-        if (($user->managedLocations()) && ($user->managedLocations()->count() > 0)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, 'This user still has '.$user->managedLocations()->count().' locations that they manage.'));
-        }
-
-        if ($user->delete()) {
-
-            // Remove the user's avatar if they have one
-            if (Storage::disk('public')->exists('avatars/'.$user->avatar)) {
-                try {
-                    Storage::disk('public')->delete('avatars/'.$user->avatar);
-                } catch (\Exception $e) {
-                    \Log::debug($e);
+                // Remove the user's avatar if they have one
+                if (Storage::disk('public')->exists('avatars/' . $user->avatar)) {
+                    try {
+                        Storage::disk('public')->delete('avatars/' . $user->avatar);
+                    } catch (\Exception $e) {
+                        Log::debug($e);
+                    }
                }
-            }

-            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
+                return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.success.delete')));
+            }
+            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
+
        }

-        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.error.delete')));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
+
    }

    /**
@@ -560,9 +562,36 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);
        $this->authorize('view', Asset::class);
-        $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model')->get();

-        return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
+        if ($user = User::with('assets', 'assets.model', 'consumables', 'accessories', 'licenses', 'userloc')->withTrashed()->find($id)) {
+            $this->authorize('view', $user);
+
+            $assets = Asset::where('assigned_to', '=', $id)->where('assigned_type', '=', User::class)->with('model');
+
+
+            // Filter on category ID
+            if ($request->filled('category_id')) {
+                $assets = $assets->InCategory($request->input('category_id'));
+            }
+
+
+            // Filter on model ID
+            if ($request->filled('model_id')) {
+
+                $model_ids = $request->input('model_id');
+                if (!is_array($model_ids)) {
+                    $model_ids = array($model_ids);
+                }
+                $assets = $assets->InModelList($model_ids);
+            }
+
+            $assets = $assets->get();
+
+            return (new AssetsTransformer)->transformAssets($assets, $assets->count(), $request);
+        }
+
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
+
    }

    /**
@@ -576,15 +605,22 @@ class UsersController extends Controller
     */
    public function emailAssetList(Request $request, $id)
    {
-        $user = User::findOrFail($id);
+        $this->authorize('update', User::class);

-        if (empty($user->email)) {
-            return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+        if ($user = User::find($id)) {
+            $this->authorize('update', $user);
+
+            if (empty($user->email)) {
+                return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.inventorynotification.error')));
+            }
+
+            $user->notify((new CurrentInventory($user)));
+            return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
        }

-        $user->notify((new CurrentInventory($user)));
+        return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/users/message.user_not_found', compact('id'))));
 
-        return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/users/message.inventorynotification.success')));
+
    }

    /**
@@ -600,6 +636,7 @@ class UsersController extends Controller
        $this->authorize('view', User::class);
        $this->authorize('view', Consumable::class);
        $user = User::findOrFail($id);
+        $this->authorize('update', $user);
        $consumables = $user->consumables;
        return (new ConsumablesTransformer)->transformConsumables($consumables, $consumables->count(), $request);
    }
@@ -616,6 +653,7 @@ class UsersController extends Controller
    {
        $this->authorize('view', User::class);
        $user = User::findOrFail($id);
+        $this->authorize('view', $user);
        $this->authorize('view', Accessory::class);
        $accessories = $user->accessories;

@@ -636,6 +674,7 @@ class UsersController extends Controller
        $this->authorize('view', License::class);
        
        if ($user = User::where('id', $id)->withTrashed()->first()) {
+            $this->authorize('update', $user);
            $licenses = $user->licenses()->get();
            return (new LicensesTransformer())->transformLicenses($licenses, $licenses->count());
        }
@@ -659,9 +698,20 @@ class UsersController extends Controller
        if ($request->filled('id')) {
            try {
                $user = User::find($request->get('id'));
+                $this->authorize('update', $user);
                $user->two_factor_secret = null;
                $user->two_factor_enrolled = 0;
-                $user->save();
+                $user->saveQuietly();
+
+                // Log the reset
+                $logaction = new Actionlog();
+                $logaction->target_type = User::class;
+                $logaction->target_id = $user->id;
+                $logaction->item_type = User::class;
+                $logaction->item_id = $user->id;
+                $logaction->created_at = date('Y-m-d H:i:s');
+                $logaction->user_id = Auth::user()->id;
+                $logaction->logaction('2FA reset');

                return response()->json(['message' => trans('admin/settings/general.two_factor_reset_success')], 200);
            } catch (\Exception $e) {
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Models\Asset;
 use App\Models\AssetMaintenance;
 use App\Models\Company;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Carbon\Carbon;
 use Illuminate\Http\Request;
 use Slack;
@@ -7,16 +7,16 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\AssetModel;
+use App\Models\CustomField;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\View;
 use Illuminate\Support\Facades\Validator;
-use Redirect;
-use Request;
-use Storage;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to asset models for
@@ -66,7 +66,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param ImageUploadRequest $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(ImageUploadRequest $request)
@@ -85,7 +85,7 @@ class AssetModelsController extends Controller
        $model->category_id = $request->input('category_id');
        $model->notes = $request->input('notes');
        $model->user_id = Auth::id();
-        $model->requestable = Request::has('requestable');
+        $model->requestable = $request->has('requestable');

        if ($request->input('fieldset_id') != '') {
            $model->fieldset_id = $request->input('fieldset_id');
@@ -139,7 +139,7 @@ class AssetModelsController extends Controller
     * @since [v1.0]
     * @param ImageUploadRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(ImageUploadRequest $request, $modelId = null)
@@ -200,7 +200,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function destroy($modelId)
@@ -220,7 +220,7 @@ class AssetModelsController extends Controller
            try {
                Storage::disk('public')->delete('models/'.$model->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

@@ -237,7 +237,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function getRestore($id)
@@ -429,7 +429,7 @@ class AssetModelsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postBulkDelete(Request $request)
    {
@@ -486,11 +486,11 @@ class AssetModelsController extends Controller
     * @param  array      $defaultValues
     * @return void
     */
-    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues)
+    private function assignCustomFieldsDefaultValues(AssetModel $model, array $defaultValues): bool
    {
        $data = array();
        foreach ($defaultValues as $customFieldId => $defaultValue) {
-            $customField = \App\Models\CustomField::find($customFieldId);
+            $customField = CustomField::find($customFieldId);

            $data[$customField->db_column] = $defaultValue;
        }
@@ -16,7 +16,7 @@ class AssetModelsFilesController extends Controller
     *
     * @param UploadFileRequest $request
     * @param int $modelId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -38,7 +38,7 @@ class AssetModelsFilesController extends Controller

                $file_name = $request->handleFile('private_uploads/assetmodels/','model-'.$model->id,$file);

-                $model->logUpload($file_name, e($request->get('notes')));
+                $model->logUpload($file_name, $request->get('notes'));
            }

            return redirect()->back()->with('success', trans('general.file_upload_success'));
@@ -70,8 +70,6 @@ class AssetModelsFilesController extends Controller
            }

            $file = 'private_uploads/assetmodels/'.$log->filename;
-            \Log::debug('Checking for '.$file);
-

            if (! Storage::exists($file)) {
                return response('File '.$file.' not found on server', 404)
@@ -12,8 +12,9 @@ use App\Models\CheckoutAcceptance;
 use App\Models\LicenseSeat;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Redirect;
+use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\View;
+use Illuminate\Support\Facades\Log;

 class AssetCheckinController extends Controller
 {
@@ -39,7 +40,17 @@ class AssetCheckinController extends Controller

        $this->authorize('checkin', $asset);

-        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto);
+        // This asset is already checked in, redirect
+        
+        if (is_null($asset->assignedTo)) {
+            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
+        }
+
+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
+        return view('hardware/checkin', compact('asset'))->with('statusLabel_list', Helper::statusLabelList())->with('backto', $backto)->with('table_name', 'Assets');
    }

    /**
@@ -49,7 +60,7 @@ class AssetCheckinController extends Controller
     * @param AssetCheckinRequest $request
     * @param int $assetId
     * @param null $backto
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     * @since [v1.0]
     */
@@ -64,6 +75,11 @@ class AssetCheckinController extends Controller
        if (is_null($target = $asset->assignedTo)) {
            return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.already_checked_in'));
        }
+
+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
        $this->authorize('checkin', $asset);

        if ($asset->assignedType() == Asset::USER) {
@@ -86,7 +102,7 @@ class AssetCheckinController extends Controller
        $asset->location_id = $asset->rtd_location_id;

        if ($request->filled('location_id')) {
-            \Log::debug('NEW Location ID: '.$request->get('location_id'));
+            Log::debug('NEW Location ID: '.$request->get('location_id'));
            $asset->location_id = $request->get('location_id');

            if ($request->get('update_default_location') == 0){
@@ -116,15 +132,12 @@ class AssetCheckinController extends Controller
            $acceptance->delete();
        });

+        Session::put('redirect_option', $request->get('redirect_option'));
        // Was the asset updated?
        if ($asset->save()) {
+
            event(new CheckoutableCheckedIn($asset, $target, Auth::user(), $request->input('note'), $checkin_at, $originalValues));
-
-            if ((isset($user)) && ($backto == 'user')) {
-                return redirect()->route('users.show', $user->id)->with('success', trans('admin/hardware/message.checkin.success'));
-            }
-
-            return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkin.success'));
+            return Helper::getRedirectOption($asset, $assetId, 'Assets');
        }
        // Redirect to the asset management page with error
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkin.error').$asset->getErrors());
@@ -10,6 +10,7 @@ use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\Asset;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;

 class AssetCheckoutController extends Controller
 {
@@ -33,11 +34,17 @@ class AssetCheckoutController extends Controller

        $this->authorize('checkout', $asset);

+        if (!$asset->model) {
+            return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+        }
+
        if ($asset->availableForCheckout()) {
            return view('hardware/checkout', compact('asset'))
-                ->with('statusLabel_list', Helper::deployableStatusLabelList());
+                ->with('statusLabel_list', Helper::deployableStatusLabelList())
+                ->with('table_name', 'Assets');
        }

+
        return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
    }

@@ -47,7 +54,7 @@ class AssetCheckoutController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param AssetCheckoutRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @since [v1.0]
     */
    public function store(AssetCheckoutRequest $request, $assetId)
@@ -60,9 +67,14 @@ class AssetCheckoutController extends Controller
                return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.checkout.not_available'));
            }
            $this->authorize('checkout', $asset);
+
+            if (!$asset->model) {
+                return redirect()->route('hardware.show', $asset->id)->with('error', trans('admin/hardware/general.model_invalid_fix'));
+            }
+
            $admin = Auth::user();

-            $target = $this->determineCheckoutTarget($asset);
+            $target = $this->determineCheckoutTarget();

            $asset = $this->updateAssetLocation($asset, $target);

@@ -97,11 +109,12 @@ class AssetCheckoutController extends Controller
                    return redirect()->to("hardware/$assetId/checkout")->with('error', trans('general.error_user_company'));
                }
            }
-            
-            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
-                return redirect()->route('hardware.index')->with('success', trans('admin/hardware/message.checkout.success'));
-            }

+                Session::put(['redirect_option' => $request->get('redirect_option'), 'checkout_to_type' => $request->get('checkout_to_type')]);
+
+            if ($asset->checkOut($target, $admin, $checkout_at, $expected_checkin, $request->get('note'), $request->get('name'))) {
+                return Helper::getRedirectOption($request, $assetId, 'Assets');
+            }
            // Redirect to the asset management page with error
            return redirect()->to("hardware/$assetId/checkout")->with('error', trans('admin/hardware/message.checkout.error').$asset->getErrors());
        } catch (ModelNotFoundException $e) {
@@ -17,7 +17,7 @@ class AssetFilesController extends Controller
     *
     * @param UploadFileRequest $request
     * @param int $assetId
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     *@since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
@@ -38,7 +38,7 @@ class AssetFilesController extends Controller
            foreach ($request->file('file') as $file) {
                $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
                
-                $asset->logUpload($file_name, e($request->get('notes')));
+                $asset->logUpload($file_name, $request->get('notes'));
            }

            return redirect()->back()->with('success', trans('admin/hardware/message.upload.success'));
@@ -70,7 +70,6 @@ class AssetFilesController extends Controller
            }

            $file = 'private_uploads/assets/'.$log->filename;
-            \Log::debug('Checking for '.$file);

            if ($log->action_type == 'audit') {
                $file = 'private_uploads/audits/'.$log->filename;
@@ -6,7 +6,7 @@ use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Actionlog;
-use App\Models\Manufacturer;
+use App\Http\Requests\UploadFileRequest;
 use Illuminate\Support\Facades\Log;
 use App\Models\Asset;
 use App\Models\AssetModel;
@@ -96,12 +96,16 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
        $this->authorize(Asset::class);

+        // There are a lot more rules to add here but prevents
+        // errors around `asset_tags` not being present below.
+        $this->validate($request, ['asset_tags' => ['required', 'array']]);
+
        // Handle asset tags - there could be one, or potentially many.
        // This is only necessary on create, not update, since bulk editing is handled
        // differently
@@ -203,7 +207,7 @@ class AssetsController extends Controller
        }

        if ($success) {
-            \Log::debug(e($asset->asset_tag));
+            Log::debug(e($asset->asset_tag));
            return redirect()->route('hardware.index')
                ->with('success-unescaped', trans('admin/hardware/message.create.success_linked', ['link' => route('hardware.show', $asset->id), 'id', 'tag' => e($asset->asset_tag)]));
               
@@ -289,7 +293,7 @@ class AssetsController extends Controller
     *
     * @param int $assetId
     * @return \Illuminate\Http\RedirectResponse|Redirect
-     *@since [v1.0]
+     * @since [v1.0]
     * @author [A. Gianotto] [<snipe@snipe.net>]
     */
    public function update(ImageUploadRequest $request, $assetId = null)
@@ -304,7 +308,8 @@ class AssetsController extends Controller
        $asset->status_id = $request->input('status_id', null);
        $asset->warranty_months = $request->input('warranty_months', null);
        $asset->purchase_cost = $request->input('purchase_cost', null);
-        $asset->purchase_date = $request->input('purchase_date', null); 
+        $asset->purchase_date = $request->input('purchase_date', null);
+        $asset->next_audit_date = $request->input('next_audit_date', null);
        if ($request->filled('purchase_date') && !$request->filled('asset_eol_date') && ($asset->model->eol > 0)) {
            $asset->purchase_date = $request->input('purchase_date', null); 
            $asset->asset_eol_date = Carbon::parse($request->input('purchase_date'))->addMonths($asset->model->eol)->format('Y-m-d');
@@ -406,7 +411,7 @@ class AssetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param int $assetId
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($assetId)
    {
@@ -440,7 +445,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetBySerial(Request $request)
    {
@@ -458,7 +463,7 @@ class AssetsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v3.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getAssetByTag(Request $request, $tag=null)
    {
@@ -850,15 +855,15 @@ class AssetsController extends Controller
        return view('hardware/audit-due');
    }

-    public function overdueForAudit()
+    public function dueForCheckin()
    {
-        $this->authorize('audit', Asset::class);
+        $this->authorize('checkin', Asset::class);

-        return view('hardware/audit-overdue');
+        return view('hardware/checkin-due');
    }


-    public function auditStore(Request $request, $id)
+    public function auditStore(UploadFileRequest $request, $id)
    {
        $this->authorize('audit', Asset::class);

@@ -875,7 +880,21 @@ class AssetsController extends Controller

        $asset = Asset::findOrFail($id);

-        // We don't want to log this as a normal update, so let's bypass that
+        /**
+         * Even though we do a save() further down, we don't want to log this as a "normal" asset update,
+         * which would trigger the Asset Observer and would log an asset *update* log entry (because the
+         * de-normed fields like next_audit_date on the asset itself will change on save()) *in addition* to
+         * the audit log entry we're creating through this controller.
+         *
+         * To prevent this double-logging (one for update and one for audit), we skip the observer and bypass
+         * that de-normed update log entry by using unsetEventDispatcher(), BUT invoking unsetEventDispatcher()
+         * will bypass normal model-level validation that's usually handled at the observer )
+         *
+         * We handle validation on the save() by checking if the asset is valid via the ->isValid() method,
+         * which manually invokes Watson Validating to make sure the asset's model is valid.
+         *
+         * @see \App\Observers\AssetObserver::updating()
+         */
        $asset->unsetEventDispatcher();

        $asset->next_audit_date = $request->input('next_audit_date');
@@ -884,29 +903,27 @@ class AssetsController extends Controller
        // Check to see if they checked the box to update the physical location,
        // not just note it in the audit notes
        if ($request->input('update_location') == '1') {
-            Log::debug('update location in audit');
            $asset->location_id = $request->input('location_id');
        }


-        if ($asset->save()) {
-            $file_name = '';
-            // Upload an image, if attached
-            if ($request->hasFile('image')) {
-                $path = 'private_uploads/audits';
-                if (! Storage::exists($path)) {
-                    Storage::makeDirectory($path, 775);
-                }
-                $upload = $image = $request->file('image');
-                $ext = $image->getClientOriginalExtension();
-                $file_name = 'audit-'.str_random(18).'.'.$ext;
-                Storage::putFileAs($path, $upload, $file_name);
-            }
+        /**
+         * Invoke Watson Validating to check the asset itself and check to make sure it saved correctly.
+         * We have to invoke this manually because of the unsetEventDispatcher() above.)
+         */
+        if ($asset->isValid() && $asset->save()) {

+            $file_name = null;
+            // Create the image (if one was chosen.)
+            if ($request->hasFile('image')) {
+                $file_name = $request->handleFile('private_uploads/audits/', 'audit-'.$asset->id, $request->file('image'));
+            }

            $asset->logAudit($request->input('note'), $request->input('location_id'), $file_name);
            return redirect()->route('assets.audit.due')->with('success', trans('admin/hardware/message.audit.success'));
        }
+
+        return redirect()->back()->withInput()->withErrors($asset->getErrors());
    }

    public function getRequestedIndex($user_id = null)
@@ -13,7 +13,10 @@ use App\Models\Setting;
 use App\View\Label;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Crypt;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Session;
 use App\Http\Requests\AssetCheckoutRequest;
 use App\Models\CustomField;
@@ -93,6 +96,59 @@ class BulkAssetsController extends Controller

        $assets = Asset::with('assignedTo', 'location', 'model')->whereIn('assets.id', $asset_ids);

+        $assets = $assets->get();
+
+        if ($assets->isEmpty()) {
+            Log::debug('No assets were found for the provided IDs', ['ids' => $asset_ids]);
+            return redirect()->back()->with('error', trans('admin/hardware/message.update.assets_do_not_exist_or_are_invalid'));
+        }
+
+        $models = $assets->unique('model_id');
+        $modelNames = [];
+        foreach($models as $model) {
+            $modelNames[] = $model->model->name;
+        }
+
+        if ($request->filled('bulk_actions')) {
+
+
+            switch ($request->input('bulk_actions')) {
+                case 'labels':
+                    $this->authorize('view', Asset::class);
+
+                    return (new Label)
+                        ->with('assets', $assets)
+                        ->with('settings', Setting::getSettings())
+                        ->with('bulkedit', true)
+                        ->with('count', 0);
+
+                case 'delete':
+                    $this->authorize('delete', Asset::class);
+                    $assets->each(function ($assets) {
+                        $this->authorize('delete', $assets);
+                    });
+
+                    return view('hardware/bulk-delete')->with('assets', $assets);
+
+                case 'restore':
+                    $this->authorize('update', Asset::class);
+                    $assets = Asset::withTrashed()->find($asset_ids);
+                    $assets->each(function ($asset) {
+                        $this->authorize('delete', $asset);
+                    });
+                    return view('hardware/bulk-restore')->with('assets', $assets);
+
+                case 'edit':
+                    $this->authorize('update', Asset::class);
+
+                    return view('hardware/bulk')
+                        ->with('assets', $asset_ids)
+                        ->with('statuslabel_list', Helper::statusLabelList())
+                        ->with('models', $models->pluck(['model']))
+                        ->with('modelNames', $modelNames);
+            }
+        }
+
        switch ($sort_override) {
            case 'model':
                $assets->OrderModels($order);
@@ -128,54 +184,6 @@ class BulkAssetsController extends Controller
                break;
        }

-        $assets = $assets->get();
-
-        $models = $assets->unique('model_id');
-        $modelNames = [];
-        foreach($models as $model) {
-            $modelNames[] = $model->model->name;
-        }
-
-        if ($request->filled('bulk_actions')) {
-
-
-            switch ($request->input('bulk_actions')) {
-                case 'labels':
-                    $this->authorize('view', Asset::class);
-
-                    return (new Label)
-                        ->with('assets', $assets)
-                        ->with('settings', Setting::getSettings())
-                        ->with('bulkedit', true)
-                        ->with('count', 0);
-
-                case 'delete':
-                    $this->authorize('delete', Asset::class);
-                    $assets->each(function ($assets) {
-                        $this->authorize('delete', $assets);
-                    });
-
-                    return view('hardware/bulk-delete')->with('assets', $assets);
-                   
-                case 'restore':
-                    $this->authorize('update', Asset::class);
-                    $assets = Asset::withTrashed()->find($asset_ids);
-                    $assets->each(function ($asset) {
-                        $this->authorize('delete', $asset);
-                    });
-                    return view('hardware/bulk-restore')->with('assets', $assets);
-
-                case 'edit':
-                    $this->authorize('update', Asset::class);
-
-                    return view('hardware/bulk')
-                        ->with('assets', $asset_ids)
-                        ->with('statuslabel_list', Helper::statusLabelList())
-                        ->with('models', $models->pluck(['model']))
-                        ->with('modelNames', $modelNames);
-            }
-        }
-
        return redirect()->back()->with('error', 'No action selected');
    }

@@ -183,7 +191,6 @@ class BulkAssetsController extends Controller
     * Save bulk edits
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
-     * @return Redirect
     * @internal param array $assets
     * @since [v2.0]
     */
@@ -208,7 +215,7 @@ class BulkAssetsController extends Controller
        }


-        $assets = Asset::whereIn('id', array_keys($request->input('ids')))->get();
+        $assets = Asset::whereIn('id', $request->input('ids'))->get();



@@ -373,28 +380,30 @@ class BulkAssetsController extends Controller
                    foreach ($asset->model->fieldset->fields as $field) {

                        if ((array_key_exists($field->db_column, $this->update_array)) && ($field->field_encrypted == '1')) {
-                            $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});
+                            if (Gate::allows('admin')) {
+                                $decrypted_old = Helper::gracefulDecrypt($field, $asset->{$field->db_column});

-                            /*
-                             * Check if the decrypted existing value is different from one we just submitted
-                             * and if not, pull it out of the object since it shouldn't really be updating at all.
-                             * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
-                             * different times will have different values, so it will *look* like it was updated
-                             * but it wasn't.
-                             */
-                            if ($decrypted_old != $this->update_array[$field->db_column]) {
-                                $asset->{$field->db_column} = \Crypt::encrypt($this->update_array[$field->db_column]);
-                            } else {
                                /*
-                                 * Remove the encrypted custom field from the update_array, since nothing changed
+                                 * Check if the decrypted existing value is different from one we just submitted
+                                 * and if not, pull it out of the object since it shouldn't really be updating at all.
+                                 * If we don't do this, it will try to re-encrypt it, and the same value encrypted two
+                                 * different times will have different values, so it will *look* like it was updated
+                                 * but it wasn't.
                                 */
-                                unset($this->update_array[$field->db_column]);
-                                unset($asset->{$field->db_column});
-                            }
+                                if ($decrypted_old != $this->update_array[$field->db_column]) {
+                                    $asset->{$field->db_column} = Crypt::encrypt($this->update_array[$field->db_column]);
+                                } else {
+                                    /*
+                                     * Remove the encrypted custom field from the update_array, since nothing changed
+                                     */
+                                    unset($this->update_array[$field->db_column]);
+                                    unset($asset->{$field->db_column});
+                                }

-                            /*
-                             * These custom fields aren't encrypted, just carry on as usual
-                             */
+                                /*
+                                 * These custom fields aren't encrypted, just carry on as usual
+                                 */
+                            }
                        } else {

                            if ((array_key_exists($field->db_column, $this->update_array)) && ($asset->{$field->db_column} != $this->update_array[$field->db_column])) {
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;
 class ForgotPasswordController extends Controller
 {
    /*
@@ -79,16 +79,16 @@ class ForgotPasswordController extends Controller
                )
            );
        } catch(\Exception $e) {
-            \Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
+            Log::info('Password reset attempt: User '.$request->input('username').'failed with exception: '.$e );
        }

        // Prevent timing attack to enumerate users.
        usleep(500000 + random_int(0, 1500000));

        if ($response === \Password::RESET_LINK_SENT) {
-            \Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
+            Log::info('Password reset attempt: User '.$request->input('username').' WAS found, password reset sent');
        } else {
-            \Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
+            Log::info('Password reset attempt: User matching username '.$request->input('username').' NOT FOUND or user is inactive');
        }

        /**
@@ -16,7 +16,7 @@ use Illuminate\Support\Carbon;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
-use Log;
+use Illuminate\Support\Facades\Log;
 use Redirect;

 /**
@@ -122,7 +122,7 @@ class LoginController extends Controller
                    Auth::login($user);
                } else {
                    $username = $saml->getUsername();
-                    \Log::debug("SAML user '$username' could not be found in database.");
+                    Log::debug("SAML user '$username' could not be found in database.");
                    $request->session()->flash('error', trans('auth/message.signin.error'));
                    $saml->clearData();
                }
@@ -137,7 +137,7 @@ class LoginController extends Controller
                $s->save();

            } catch (\Exception $e) {
-                \Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
+                Log::debug('There was an error authenticating the SAML user: '.$e->getMessage());
                throw $e;
            }

@@ -146,7 +146,7 @@ class LoginController extends Controller

            // Better logging
            if (empty($samlData)) {
-                \Log::debug("SAML page requested, but samlData seems empty.");
+                Log::debug("SAML page requested, but samlData seems empty.");
            }
        }

@@ -261,19 +261,19 @@ class LoginController extends Controller
    /**
     * Account sign in form processing.
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {

        //If the environment is set to ALWAYS require SAML, return access denied
        if (config('app.require_saml')) {
-            \Log::debug('require SAML is enabled in the .env - return a 403');
+            Log::debug('require SAML is enabled in the .env - return a 403');
            return view('errors.403');
        }

        if (Setting::getSettings()->login_common_disabled == '1') {
-            \Log::debug('login_common_disabled is set to 1 - return a 403');
+            Log::debug('login_common_disabled is set to 1 - return a 403');
            return view('errors.403');
        }

@@ -339,7 +339,7 @@ class LoginController extends Controller
    /**
     * Two factor enrollment page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorEnroll()
    {
@@ -389,7 +389,7 @@ class LoginController extends Controller
    /**
     * Two factor code form page
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function getTwoFactorAuth()
    {
@@ -415,7 +415,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postTwoFactorAuth(Request $request)
    {
@@ -451,7 +451,7 @@ class LoginController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return Illuminate\Http\RedirectResponse
     */
    public function logout(Request $request)
    {
@@ -7,7 +7,7 @@ use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Foundation\Auth\ResetsPasswords;
 use Illuminate\Http\Request;
-
+use Illuminate\Support\Facades\Log;

 class ResetPasswordController extends Controller
 {
@@ -66,7 +66,7 @@ class ResetPasswordController extends Controller
        $credentials =  $request->only('email', 'token');

        if (is_null($this->broker()->getUser($credentials))) {
-            \Log::debug('Password reset form FAILED - this token is not valid.');
+            Log::debug('Password reset form FAILED - this token is not valid.');
            return redirect()->route('password.request')->with('error', trans('passwords.token'));
        }

@@ -89,10 +89,10 @@ class ResetPasswordController extends Controller

        $request->validate($this->rules(), $request->all(), $this->validationErrorMessages());

-        \Log::debug('Checking if '.$request->input('username').' exists');
+        Log::debug('Checking if '.$request->input('username').' exists');
        // Check to see if the user even exists - we'll treat the response the same to prevent user sniffing
        if ($user = User::where('username', '=', $request->input('username'))->where('activated', '1')->whereNotNull('email')->first()) {
-            \Log::debug($user->username.' exists');
+            Log::debug($user->username.' exists');


            // handle the password validation rules set by the admin settings
@@ -112,17 +112,17 @@ class ResetPasswordController extends Controller

            // Check if the password reset above actually worked
            if ($response == \Password::PASSWORD_RESET) {
-                \Log::debug('Password reset for '.$user->username.' worked');
+                Log::debug('Password reset for '.$user->username.' worked');
                return redirect()->guest('login')->with('success', trans('passwords.reset'));
            }

-            \Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
+            Log::debug('Password reset for '.$user->username.' FAILED - this user exists but the token is not valid');
            return redirect()->back()->withInput($request->only('email'))->with('success', trans('passwords.reset'));

        }


-        \Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
+        Log::debug('Password reset for '.$request->input('username').' FAILED - user does not exist or does not have an email address - but make it look like it succeeded');
        return redirect()->guest('login')->with('success', trans('passwords.reset'));

    }
@@ -5,7 +5,7 @@ namespace App\Http\Controllers\Auth;
 use App\Http\Controllers\Controller;
 use App\Services\Saml;
 use Illuminate\Http\Request;
-use Log;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller provides the endpoint for SAML communication and metadata.
@@ -51,7 +51,7 @@ class SamlController extends Controller
        $metadata = $this->saml->getSPMetadata();

        if (empty($metadata)) {
-            \Log::debug('SAML metadata is empty - return a 403');
+            Log::debug('SAML metadata is empty - return a 403');
            return response()->view('errors.403', [], 403);
        }

@@ -71,7 +71,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function login(Request $request)
    {
@@ -93,7 +93,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function acs(Request $request)
    {
@@ -126,7 +126,7 @@ class SamlController extends Controller
     *
     * @param Request $request
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function sls(Request $request)
    {
@@ -105,7 +105,7 @@ class BulkAssetModelsController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy(Request $request)
    {
@@ -5,7 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Http\Requests\ImageUploadRequest;
 use App\Models\Category as Category;
-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Str;

@@ -6,6 +6,7 @@ use App\Http\Requests\ImageUploadRequest;
 use App\Models\Company;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Companies for
@@ -154,7 +155,7 @@ final class CompaniesController extends Controller
            try {
                Storage::disk('public')->delete('companies'.'/'.$company->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

@@ -11,6 +11,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;

 /**
 * This class controls all actions related to Components for
@@ -188,7 +189,7 @@ class ComponentsController extends Controller
            try {
                Storage::disk('public')->delete('components/'.$component->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }

@@ -10,6 +10,7 @@ use App\Models\Component;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class ComponentsFilesController extends Controller
 {
@@ -84,7 +85,7 @@ class ComponentsFilesController extends Controller
                try {
                    Storage::delete('components/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -110,7 +111,7 @@ class ComponentsFilesController extends Controller
     */
    public function show($componentId = null, $fileId = null)
    {
-        \Log::debug('Private filesystem is: '.config('filesystems.default'));
+        Log::debug('Private filesystem is: '.config('filesystems.default'));
        $component = Component::find($componentId);

        // the component is valid
@@ -126,8 +127,8 @@ class ComponentsFilesController extends Controller
            $file = 'private_uploads/components/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -71,8 +71,14 @@ class ConsumableCheckoutController extends Controller

        $this->authorize('checkout', $consumable);

+        // If the quantity is not present in the request or is not a positive integer, set it to 1
+        $quantity = $request->input('qty');
+        if (!isset($quantity) || !ctype_digit((string)$quantity) || $quantity <= 0) {
+            $quantity = 1;
+        }
+
        // Make sure there is at least one available to checkout
-        if ($consumable->numRemaining() <= 0) {
+        if ($consumable->numRemaining() <= 0 || $quantity > $consumable->numRemaining()) {
            return redirect()->route('consumables.index')->with('error', trans('admin/consumables/message.checkout.unavailable'));
        }

@@ -88,13 +94,14 @@ class ConsumableCheckoutController extends Controller
        // Update the consumable data
        $consumable->assigned_to = e($request->input('assigned_to'));

+        for($i = 0; $i < $quantity; $i++){
        $consumable->users()->attach($consumable->id, [
            'consumable_id' => $consumable->id,
            'user_id' => $admin_user->id,
            'assigned_to' => e($request->input('assigned_to')),
            'note' => $request->input('note'),
        ]);
-
+        }
        event(new CheckoutableCheckedOut($consumable, $user, Auth::user(), $request->input('note')));

        // Redirect to the new consumable page
@@ -10,7 +10,7 @@ use App\Models\Consumable;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
 use Symfony\Consumable\HttpFoundation\JsonResponse;
-
+use Illuminate\Support\Facades\Log;
 class ConsumablesFilesController extends Controller
 {
    /**
@@ -83,7 +83,7 @@ class ConsumablesFilesController extends Controller
                try {
                    Storage::delete('consumables/'.$log->filename);
                } catch (\Exception $e) {
-                    \Log::debug($e);
+                    Log::debug($e);
                }
            }

@@ -124,8 +124,8 @@ class ConsumablesFilesController extends Controller
            $file = 'private_uploads/consumables/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('FILE DOES NOT EXISTS for '.$file);
-                \Log::debug('URL should be '.Storage::url($file));
+                Log::debug('FILE DOES NOT EXISTS for '.$file);
+                Log::debug('URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -22,7 +22,7 @@

 namespace App\Http\Controllers;

-use Auth;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 use Illuminate\Foundation\Bus\DispatchesJobs;
 use Illuminate\Foundation\Validation\ValidatesRequests;
@@ -8,7 +8,6 @@ use App\Models\CustomField;
 use App\Models\CustomFieldset;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Http\Request;
-use Redirect;

 /**
 * This controller handles all actions related to Custom Asset Fields for
@@ -260,7 +259,7 @@ class CustomFieldsController extends Controller
        
        $field->name          = trim(e($request->get("name")));
        $field->element       = e($request->get("element"));
-        $field->field_values  = e($request->get("field_values"));
+        $field->field_values  = $request->get("field_values");
        $field->user_id       = Auth::id();
        $field->help_text     = $request->get("help_text");
        $field->show_in_email = $show_in_email;
@@ -86,7 +86,7 @@ class CustomFieldsetsController extends Controller
     * @author [Brady Wetherington] [<uberbrady@gmail.com>]
     * @since [v1.8]
     * @param Request $request
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function store(Request $request)
@@ -126,7 +126,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function edit($id)
@@ -147,7 +147,7 @@ class CustomFieldsetsController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @param  int  $id
     * @since [v6.0.14]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function update(Request $request, $id)
@@ -7,6 +7,7 @@ use App\Models\Department;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Facades\Log;

 class DepartmentsController extends Controller
 {
@@ -129,7 +130,7 @@ class DepartmentsController extends Controller
            try {
                Storage::disk('public')->delete('departments'.'/'.$department->image);
            } catch (\Exception $e) {
-                \Log::debug($e);
+                Log::debug($e);
            }
        }
        $department->delete();
@@ -8,7 +8,7 @@ use Illuminate\Support\Facades\Auth;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\InvalidStateException;
 use App\Models\Setting;
-
+use Illuminate\Support\Facades\Log;

 class GoogleAuthController extends Controller
 {
@@ -34,9 +34,9 @@ class GoogleAuthController extends Controller
    {
        try {
            $socialUser = Socialite::driver('google')->user();
-            \Log::debug('Google user found in Google Workspace');
+            Log::debug('Google user found in Google Workspace');
        } catch (InvalidStateException $exception) {
-            \Log::debug('Google user NOT found in Google Workspace');
+            Log::debug('Google user NOT found in Google Workspace');
            return redirect()->route('login')
                ->withErrors(
                    [
@@ -52,7 +52,7 @@ class GoogleAuthController extends Controller


        if ($user) {
-            \Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
+            Log::debug('Google user '.$socialUser->getEmail().' found in Snipe-IT');
            $user->update([
                'avatar'   => $socialUser->avatar,
            ]);
@@ -61,7 +61,7 @@ class GoogleAuthController extends Controller
            return redirect()->route('home');
        }

-        \Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
+        Log::debug('Google user '.$socialUser->getEmail().' NOT found in Snipe-IT');
        return redirect()->route('login')
            ->withErrors(
                [
@@ -5,7 +5,7 @@ namespace App\Http\Controllers;
 use App\Helpers\Helper;
 use App\Models\Group;
 use Illuminate\Http\Request;
-use Auth;
+use Illuminate\Support\Facades\Auth;

 /**
 * This controller handles all actions related to User Groups for
@@ -48,7 +48,7 @@ class CheckoutKitController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev.] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(Request $request, $kit_id)
    {
@@ -47,7 +47,7 @@ class PredefinedKitsController extends Controller
     * Validate and process the new Predefined Kit data.
     *
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function store(ImageUploadRequest $request)
    {
@@ -95,7 +95,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function update(ImageUploadRequest $request, $kit_id = null)
    {
@@ -122,7 +122,7 @@ class PredefinedKitsController extends Controller
     * @author [D. Minaev] [<dmitriy.minaev.v@gmail.com>]
     * @since [v1.0]
     * @param int $kit_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function destroy($kit_id)
    {
@@ -14,6 +14,7 @@ use App\Models\Setting;
 use App\Models\Supplier;
 use App\Models\User;
 use App\View\Label as LabelView;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Storage;

 class LabelsController extends Controller
@@ -21,9 +22,9 @@ class LabelsController extends Controller
    /**
     * Returns the Label view with test data
     *
-     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
-     * @param  string  $labelName
+     * @param string $labelName
     * @return \Illuminate\Contracts\View\View
+     * @author Grant Le Roux <grant.leroux+snipe-it@gmail.com>
     */
    public function show(string $labelName)
    {
@@ -66,16 +67,18 @@ class LabelsController extends Controller
        $exampleAsset->model->category->id = 999999;
        $exampleAsset->model->category->name = trans('admin/labels/table.example_category');

-        $customFieldColumns = CustomField::all()->pluck('db_column');
+        $customFieldColumns = CustomField::where('field_encrypted', '=', 0)->pluck('db_column');

        collect(explode(';', Setting::getSettings()->label2_fields))
            ->filter()
            ->each(function ($item) use ($customFieldColumns, $exampleAsset) {
-                $pair = explode('=', $item);
-
-                if ($customFieldColumns->contains($pair[1])) {
-                    $exampleAsset->{$pair[1]} = "{{$pair[0]}}";
-                }
+               $pair = explode('=', $item);
+               
+                if (array_key_exists(1, $pair)) {
+                        if ($customFieldColumns->contains($pair[1])) {
+                            $exampleAsset->{$pair[1]} = "{{$pair[0]}}";
+                        }
+                    }
            });

        $settings = Setting::getSettings();
@@ -13,6 +13,7 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Input;
 use Illuminate\Support\Facades\Session;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Log;

 class LicenseCheckinController extends Controller
 {
@@ -145,7 +146,7 @@ class LicenseCheckinController extends Controller
            $user_seat->assigned_to = null;

            if ($user_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
+                Log::debug('Checking in '.$license->name.' from user '.$user_seat->username);
                $user_seat->logCheckin($user_seat->user, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
            }
        }
@@ -160,7 +161,7 @@ class LicenseCheckinController extends Controller
            $asset_seat->asset_id = null;

            if ($asset_seat->save()) {
-                \Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
+                Log::debug('Checking in '.$license->name.' from asset '.$asset_seat->asset_tag);
                $asset_seat->logCheckin($asset_seat->asset, trans('admin/licenses/general.bulk.checkin_all.log_msg'));
                $count++;
            }
@@ -11,6 +11,7 @@ use App\Models\License;
 use App\Models\LicenseSeat;
 use App\Models\User;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Log;

 class LicenseCheckoutController extends Controller
 {
@@ -155,16 +156,16 @@ class LicenseCheckoutController extends Controller

    public function bulkCheckout($licenseId) {

-        \Log::debug('Checking out '.$licenseId.' via bulk');
+        Log::debug('Checking out '.$licenseId.' via bulk');
        $license = License::findOrFail($licenseId);
        $this->authorize('checkin', $license);
        $avail_count = $license->getAvailSeatsCountAttribute();

        $users = User::whereNull('deleted_at')->where('autoassign_licenses', '=', 1)->with('licenses')->get();
-        \Log::debug($avail_count.' will be assigned');
+        Log::debug($avail_count.' will be assigned');

        if ($users->count() > $avail_count) {
-            \Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
+            Log::debug('You do not have enough free seats to complete this task, so we will check out as many as we can. ');
        }

        // If the license is valid, check that there is an available seat
@@ -179,7 +180,7 @@ class LicenseCheckoutController extends Controller

            // Check to make sure this user doesn't already have this license checked out to them
            if ($user->licenses->where('id', '=', $licenseId)->count()) {
-                \Log::debug($user->username.' already has this license checked out to them. Skipping... ');
+                Log::debug($user->username.' already has this license checked out to them. Skipping... ');
                continue;
            }

@@ -192,7 +193,7 @@ class LicenseCheckoutController extends Controller
                $avail_count--;
                $assigned_count++;
                $licenseSeat->logCheckout(trans('admin/licenses/general.bulk.checkout_all.log_msg'), $user);
-                \Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
+                Log::debug('License '.$license->name.' seat '.$licenseSeat->id.' checked out to '.$user->username);
            }

            if ($avail_count ==  0) {
@@ -7,9 +7,8 @@ use App\Http\Controllers\Controller;
 use App\Http\Requests\UploadFileRequest;
 use App\Models\Actionlog;
 use App\Models\License;
-use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\Storage;
-use Symfony\Component\HttpFoundation\JsonResponse;
+use Illuminate\Support\Facades\Log;

 class LicenseFilesController extends Controller
 {
@@ -20,7 +19,7 @@ class LicenseFilesController extends Controller
     * @param int $licenseId
     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
-     *@author [A. Gianotto] [<snipe@snipe.net>]
+     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v1.0]
     * @todo Switch to using the AssetFileRequest form request validator.
     */
@@ -78,7 +77,7 @@ class LicenseFilesController extends Controller
                    try {
                        Storage::delete('licenses/'.$log->filename);
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                    }
                }
                
@@ -121,8 +120,8 @@ class LicenseFilesController extends Controller
            $file = 'private_uploads/licenses/'.$log->filename;

            if (Storage::missing($file)) {
-                \Log::debug('NOT EXISTS for '.$file);
-                \Log::debug('NOT EXISTS URL should be '.Storage::url($file));
+                Log::debug('NOT EXISTS for '.$file);
+                Log::debug('NOT EXISTS URL should be '.Storage::url($file));

                return response('File '.$file.' ('.Storage::url($file).') not found on server', 404)
                    ->header('Content-Type', 'text/plain');
@@ -11,6 +11,7 @@ use App\Models\User;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
+use Symfony\Component\HttpFoundation\StreamedResponse;

 /**
 * This controller handles all actions related to Licenses for
@@ -289,4 +290,106 @@ class LicensesController extends Controller
        ->with('item', $license)
        ->with('maintained_list', $maintained_list);
    }
+
+    /**
+     * Exports Licenses to CSV
+     *
+     * @author [G. Martinez]
+     * @since [v6.3]
+     * @return StreamedResponse
+     * @throws \Illuminate\Auth\Access\AuthorizationException
+     */
+    public function getExportLicensesCsv()
+    {
+        $this->authorize('view', License::class);
+        \Debugbar::disable();
+
+        $response = new StreamedResponse(function () {
+            // Open output stream
+            $handle = fopen('php://output', 'w');
+            $licenses= License::with('company',
+                          'manufacturer',
+                          'category',
+                          'supplier',
+                          'adminuser',
+                          'assignedusers')
+                          ->orderBy('created_at', 'DESC');
+            Company::scopeCompanyables($licenses)
+                ->chunk(500, function ($licenses) use ($handle) {
+                    $headers = [
+                        // strtolower to prevent Excel from trying to open it as a SYLK file
+                        strtolower(trans('general.id')),
+                        trans('general.company'),
+                        trans('general.name'),
+                        trans('general.serial_number'),
+                        trans('general.purchase_date'),
+                        trans('general.purchase_cost'),
+                        trans('general.order_number'),
+                        trans('general.licenses_available'),
+                        trans('admin/licenses/table.seats'),
+                        trans('general.created_by'),
+                        trans('general.depreciation'),
+                        trans('general.updated_at'),
+                        trans('admin/licenses/table.deleted_at'),
+                        trans('general.email'),
+                        trans('admin/hardware/form.fully_depreciated'),
+                        trans('general.supplier'),
+                        trans('admin/licenses/form.expiration'),
+                        trans('admin/licenses/form.purchase_order'),
+                        trans('admin/licenses/form.termination_date'),
+                        trans('admin/licenses/form.maintained'),
+                        trans('general.manufacturer'),
+                        trans('general.category'),
+                        trans('general.min_amt'),
+                        trans('admin/licenses/form.reassignable'),
+                        trans('general.notes'),
+                        trans('general.created_at'),
+                    ];
+
+                    fputcsv($handle, $headers);
+
+                    foreach ($licenses as $license) {
+                        // Add a new row with data
+                        $values = [
+                            $license->id,
+                            $license->company ? $license->company->name: '',
+                            $license->name,
+                            $license->serial,
+                            $license->purchase_date,
+                            $license->purchase_cost,
+                            $license->order_number,
+                            $license->free_seat_count,
+                            $license->seats,
+                            ($license->adminuser ? $license->adminuser->present()->fullName() : trans('admin/reports/general.deleted_user')),
+                            $license->depreciation ? $license->depreciation->name: '',
+                            $license->updated_at,
+                            $license->deleted_at,
+                            $license->email,
+                            ( $license->depreciate == '1') ? trans('general.yes') : trans('general.no'),
+                            ($license->supplier) ? $license->supplier->name: '',
+                            $license->expiration_date,
+                            $license->purchase_order,
+                            $license->termination_date,
+                            ( $license->maintained == '1') ? trans('general.yes') : trans('general.no'),
+                            $license->manufacturer ? $license->manufacturer->name: '',
+                            $license->category ? $license->category->name: '',
+                            $license->min_amt,
+                            ( $license->reassignable == '1') ? trans('general.yes') : trans('general.no'),
+                            $license->notes,
+                            $license->created_at,
+                        ];
+
+                        fputcsv($handle, $values);
+                    }
+                });
+
+            // Close the output stream
+            fclose($handle);
+        }, 200, [
+            'Content-Type' => 'text/csv; charset=UTF-8',
+            'Content-Disposition' => 'attachment; filename="licenses-'.date('Y-m-d-his').'.csv"',
+        ]);
+
+        return $response;
+    }
 }
@@ -9,6 +9,7 @@ use App\Models\User;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Locations for
@@ -186,7 +187,7 @@ class LocationsController extends Controller
            try {
                Storage::disk('public')->delete('locations/'.$location->image);
            } catch (\Exception $e) {
-                \Log::error($e);
+                Log::error($e);
            }
        }
        $location->delete();
@@ -320,7 +321,12 @@ class LocationsController extends Controller
        $locations_raw_array = $request->input('ids');

        if ((is_array($locations_raw_array)) && (count($locations_raw_array) > 0)) {
-            $locations = Location::whereIn('id', $locations_raw_array)->get();
+            $locations = Location::whereIn('id', $locations_raw_array)
+                ->withCount('assignedAssets as assigned_assets_count')
+                ->withCount('assets as assets_count')
+                ->withCount('rtd_assets as rtd_assets_count')
+                ->withCount('children as children_count')
+                ->withCount('users as users_count')->get();

            $success_count = 0;
            $error_count = 0;
@@ -336,8 +342,8 @@ class LocationsController extends Controller
                }
            }

-            \Log::debug('Success count: '.$success_count);
-            \Log::debug('Error count: '.$error_count);
+            Log::debug('Success count: '.$success_count);
+            Log::debug('Error count: '.$error_count);
            // Complete success
            if ($success_count == count($locations_raw_array)) {
                return redirect()
@@ -351,7 +357,7 @@ class LocationsController extends Controller
            if ($error_count > 0) {
                return redirect()
                    ->route('locations.index')
-                    ->with('warning', trans('general.bulk.partial_success',
+                    ->with('warning', trans('general.bulk.delete.partial',
                        ['success' => $success_count, 'error' => $error_count, 'object_type' => trans('general.locations')]
                    ));
                }
@@ -12,6 +12,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Storage;
 use Redirect;
+use Illuminate\Support\Facades\Log;

 /**
 * This controller handles all actions related to Manufacturers for
@@ -174,7 +175,7 @@ class ManufacturersController extends Controller
            try {
                Storage::disk('public')->delete('manufacturers/'.$manufacturer->image);
            } catch (\Exception $e) {
-                \Log::info($e);
+                Log::info($e);
            }
        }

@@ -219,7 +220,7 @@ class ManufacturersController extends Controller
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.1.15]
     * @param int $manufacturers_id
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     * @throws \Illuminate\Auth\Access\AuthorizationException
     */
    public function restore($id)
@@ -3,7 +3,6 @@
 namespace App\Http\Controllers;

 use App\Http\Requests\ImageUploadRequest;
-use App\Models\Asset;
 use App\Models\Setting;
 use App\Models\User;
 use App\Notifications\CurrentInventory;
@@ -11,10 +10,6 @@ use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Storage;
-use Image;
-use Redirect;
-use View;

 /**
 * This controller handles all actions related to User Profiles for
@@ -72,7 +67,7 @@ class ProfileController extends Controller


        if ($user->save()) {
-            return redirect()->route('profile')->with('success', 'Account successfully updated');
+            return redirect()->route('profile')->with('success', trans('account.general.profile_updated'));
        }

        return redirect()->back()->withInput()->withErrors($user->getErrors());
@@ -87,11 +82,9 @@ class ProfileController extends Controller
     *
     * @author [A. Gianotto] [<snipe@snipe.net>]
     * @since [v4.0]
-     * @return View
     */
-    public function api()
+    public function api(): \Illuminate\Contracts\View\View
    {
-
        // Make sure the self.api permission has been granted
        if (!Gate::allows('self.api')) {
            abort(403);
@@ -115,7 +108,7 @@ class ProfileController extends Controller
    /**
     * Users change password form processing page.
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function passwordSave(Request $request)
    {
@@ -19,11 +19,11 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Notification;
 use Illuminate\Support\Facades\Response;
 use Illuminate\Support\Facades\View;
-use Input;
 use League\Csv\Reader;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use League\Csv\EscapeFormula;
 use App\Http\Requests\CustomAssetReportRequest;
+use Illuminate\Support\Facades\Log;


 /**
@@ -235,7 +235,7 @@ class ReportsController extends Controller

        \Debugbar::disable();
        $response = new StreamedResponse(function () {
-            \Log::debug('Starting streamed response');
+            Log::debug('Starting streamed response');

            // Open output stream
            $handle = fopen('php://output', 'w');
@@ -259,16 +259,16 @@ class ReportsController extends Controller

            ];
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Starting headers: '.$executionTime);
+            Log::debug('Starting headers: '.$executionTime);
            fputcsv($handle, $header);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Added headers: '.$executionTime);
+            Log::debug('Added headers: '.$executionTime);

            $actionlogs = Actionlog::with('item', 'user', 'target', 'location')
                ->orderBy('created_at', 'DESC')
                ->chunk(20, function ($actionlogs) use ($handle) {
                    $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                \Log::debug('Walking results: '.$executionTime);
+                Log::debug('Walking results: '.$executionTime);
                $count = 0;

                foreach ($actionlogs as $actionlog) {
@@ -312,7 +312,7 @@ class ReportsController extends Controller
            // Close the output stream
            fclose($handle);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
+            Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
        }, 200, [
            'Content-Type' => 'text/csv',
            'Content-Disposition' => 'attachment; filename="activity-report-'.date('Y-m-d-his').'.csv"',
@@ -425,8 +425,8 @@ class ReportsController extends Controller
        \Debugbar::disable();
        $customfields = CustomField::get();
        $response = new StreamedResponse(function () use ($customfields, $request) {
-            \Log::debug('Starting streamed response');
-            \Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));
+            Log::debug('Starting streamed response');
+            Log::debug('CSV escaping is set to: '.config('app.escape_formulas'));

            // Open output stream
            $handle = fopen('php://output', 'w');
@@ -627,10 +627,10 @@ class ReportsController extends Controller
            }

            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Starting headers: '.$executionTime);
+            Log::debug('Starting headers: '.$executionTime);
            fputcsv($handle, $header);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('Added headers: '.$executionTime);
+            Log::debug('Added headers: '.$executionTime);

            $assets = Asset::select('assets.*')->with(
                'location', 'assetstatus', 'company', 'defaultLoc', 'assignedTo',
@@ -696,16 +696,17 @@ class ReportsController extends Controller
                                              ->whereBetween('action_date',[$checkout_start, $checkout_end])
                                                  ->pluck('item_id');

-                $assets->whereIn('id',$actionlogassets);
+                $assets->whereIn('assets.id',$actionlogassets);
            }

            if (($request->filled('checkin_date_start'))) {
-                    $assets->whereBetween('last_checkin', [
-                        Carbon::parse($request->input('checkin_date_start'))->startOfDay(),
-                        // use today's date if `checkin_date_end` is not provided
-                        Carbon::parse($request->input('checkin_date_end', now()))->endOfDay(),
-                    ]);
+                $checkin_start = \Carbon::parse($request->input('checkin_date_start'))->startOfDay();
+                        // use today's date is `checkin_date_end` is not provided
+                $checkin_end = \Carbon::parse($request->input('checkin_date_end', now()))->endOfDay();
+
+                $assets->whereBetween('assets.last_checkin', [$checkin_start, $checkin_end ]);
            }
+            //last checkin is exporting, but currently is a date and not a datetime in the custom report ONLY.

            if (($request->filled('expected_checkin_start')) && ($request->filled('expected_checkin_end'))) {
                    $assets->whereBetween('assets.expected_checkin', [$request->input('expected_checkin_start'), $request->input('expected_checkin_end')]);
@@ -731,11 +732,11 @@ class ReportsController extends Controller
                $assets->onlyTrashed();
            }

-            \Log::debug($assets->toSql());
+            Log::debug($assets->toSql());
            $assets->orderBy('assets.id', 'ASC')->chunk(20, function ($assets) use ($handle, $customfields, $request) {
            
                $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                \Log::debug('Walking results: '.$executionTime);
+                Log::debug('Walking results: '.$executionTime);
                $count = 0;

                $formatter = new EscapeFormula("`");
@@ -995,14 +996,14 @@ class ReportsController extends Controller
                    }

                    $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-                    \Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
+                    Log::debug('-- Record '.$count.' Asset ID:'.$asset->id.' in '.$executionTime);
                }
            });

            // Close the output stream
            fclose($handle);
            $executionTime = microtime(true) - $_SERVER['REQUEST_TIME_FLOAT'];
-            \Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
+            Log::debug('-- SCRIPT COMPLETED IN '.$executionTime);
        }, 200, [
            'Content-Type' => 'text/csv',
            'Content-Disposition' => 'attachment; filename="custom-assets-report-'.date('Y-m-d-his').'.csv"',
@@ -1140,23 +1141,23 @@ class ReportsController extends Controller
        $this->authorize('reports.view');

        if (!$acceptance = CheckoutAcceptance::pending()->find($request->input('acceptance_id'))) {
-            \Log::debug('No pending acceptances');
+            Log::debug('No pending acceptances');
            // Redirect to the unaccepted assets report page with error
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        }

        $assetItem = $acceptance->checkoutable;

-        \Log::debug(print_r($assetItem, true));
+        Log::debug(print_r($assetItem, true));

        if (is_null($acceptance->created_at)){
-            \Log::debug('No acceptance created_at');
+            Log::debug('No acceptance created_at');
            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
        } else {
            $logItem_res = $assetItem->checkouts()->where('created_at', '=', $acceptance->created_at)->get();

            if ($logItem_res->isEmpty()){
-                \Log::debug('Acceptance date mismatch');
+                Log::debug('Acceptance date mismatch');
                return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.bad_data'));
            }
            $logItem = $logItem_res[0];
@@ -1178,6 +1179,10 @@ class ReportsController extends Controller
            }
        }

+        if ($assetItem->assignedTo->email == ''){
+            return redirect()->route('reports/unaccepted_assets')->with('error', trans('general.no_email'));
+        }
+
        return redirect()->route('reports/unaccepted_assets')->with('success', trans('admin/reports/general.reminder_sent'));
    }

@@ -14,21 +14,21 @@ use App\Models\Asset;
 use App\Models\User;
 use App\Notifications\FirstAdminNotification;
 use App\Notifications\MailTest;
-use Auth;
-use Crypt;
-use DB;
-use enshrined\svgSanitize\Sanitizer;
+use Illuminate\Http\Client\HttpClientException;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\App;
 use Illuminate\Support\Facades\Storage;
-use Image;
-use Input;
+use Illuminate\Validation\Rule;
 use Redirect;
-use Response;
-use App\Http\Requests\SlackSettingsRequest;
 use Illuminate\Support\Str;
 use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Crypt;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\URL;
 use Illuminate\Support\Facades\Validator;
-use Carbon\Carbon;

 /**
 * This controller handles all actions related to Settings for
@@ -67,47 +67,15 @@ class SettingsController extends Controller
            $start_settings['db_error'] = $e->getMessage();
        }

-        if (array_key_exists("HTTP_X_FORWARDED_PROTO", $_SERVER)) {
-            $protocol = $_SERVER["HTTP_X_FORWARDED_PROTO"] . "://";
-        } elseif (array_key_exists('HTTPS', $_SERVER) && ('on' == $_SERVER['HTTPS'])) {
-            $protocol = "https://";
-        } else {
-            $protocol = "http://";
-        }
-
-        if (array_key_exists("HTTP_X_FORWARDED_HOST", $_SERVER)) {
-            $host = $_SERVER["HTTP_X_FORWARDED_HOST"];
-        } else {
-            $host = array_key_exists('SERVER_NAME', $_SERVER) ? $_SERVER['SERVER_NAME'] : null;
-            $port = array_key_exists('SERVER_PORT', $_SERVER) ? $_SERVER['SERVER_PORT'] : null;
-            if (('http://' === $protocol && '80' != $port) || ('https://' === $protocol && '443' != $port)) {
-                $host .= ':'.$port;
-            }
-        }
-        $pageURL = $protocol.$host.$_SERVER['REQUEST_URI'];
-
-        $start_settings['url_config'] = config('app.url').'/setup';
-        $start_settings['url_valid'] = ($start_settings['url_config'] === $pageURL);
-        $start_settings['real_url'] = $pageURL;
+        $start_settings['url_config'] = trim(config('app.url'), '/'). '/setup';
+        $start_settings['real_url']  = request()->url();
+        $start_settings['url_valid'] = $start_settings['url_config'] === $start_settings['real_url'];
        $start_settings['php_version_min'] = true;

        // Curl the .env file to make sure it's not accessible via a browser
-        $ch = curl_init($protocol.$host.'/.env');
-        curl_setopt($ch, CURLOPT_HEADER, true);    // we want headers
-        curl_setopt($ch, CURLOPT_NOBODY, true);    // we don't need body
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($ch, CURLOPT_TIMEOUT, 10);
-        $output = curl_exec($ch);
-        $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-        curl_close($ch);
+        $start_settings['env_exposed'] = $this->dotEnvFileIsExposed();

-        if (404 == $httpcode || 403 == $httpcode || 0 == $httpcode) {
-            $start_settings['env_exposed'] = false;
-        } else {
-            $start_settings['env_exposed'] = true;
-        }
-
-        if (\App::Environment('production') && (true == config('app.debug'))) {
+        if (App::Environment('production') && (true == config('app.debug'))) {
            $start_settings['debug_exposed'] = true;
        } else {
            $start_settings['debug_exposed'] = false;
@@ -158,6 +126,25 @@ class SettingsController extends Controller
            ->with('section', 'Pre-Flight Check');
    }

+    /**
+     * Determine if the .env file accessible via a browser.
+     *
+     * @return bool This method will return true when exceptions (such as curl exception) is thrown.
+     * Check the log files to see more details about the exception.
+     */
+    protected function dotEnvFileIsExposed()
+    {
+        try {
+            return Http::timeout(10)
+                ->accept('*/*')
+                ->get(URL::to('.env'))
+                ->successful();
+        } catch (HttpClientException $e) {
+            Log::debug($e->getMessage());
+            return true;
+        }
+    }
+
    /**
     * Save the first admin user from Setup.
     *
@@ -165,7 +152,7 @@ class SettingsController extends Controller
     *
     * @since [v3.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postSaveFirstAdmin(SetupUserRequest $request)
    {
@@ -424,6 +411,7 @@ class SettingsController extends Controller
        // Because public demos make people act like dicks

        if (! config('app.lock_passwords')) {
+            $request->validate(['site_name' => 'required']);
            $setting->site_name = $request->input('site_name');
            $setting->custom_css = $request->input('custom_css');
            $setting = $request->handleImages($setting, 600, 'logo', '', 'logo');
@@ -460,7 +448,6 @@ class SettingsController extends Controller
                Storage::disk('public')->delete($setting->favicon);
                $setting->favicon = null;
            }
-
        }

        if ($setting->save()) {
@@ -499,6 +486,19 @@ class SettingsController extends Controller
     */
    public function postSecurity(Request $request)
    {
+        $this->validate($request, [
+            'pwd_secure_complexity' => 'array',
+            'pwd_secure_complexity.*' => [
+                Rule::in([
+                    'disallow_same_pwd_as_user_fields',
+                    'letters',
+                    'numbers',
+                    'symbols',
+                    'case_diff',
+                ])
+            ]
+        ]);
+
        if (is_null($setting = Setting::getSettings())) {
            return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error'));
        }
@@ -627,9 +627,9 @@ class SettingsController extends Controller
                    ['next_audit_date' => DB::raw('DATE_ADD(next_audit_date, INTERVAL '.$audit_diff_months.' MONTH)')]
            );

-            \Log::debug($affected .' assets affected by audit interval update');
+            Log::debug($affected .' assets affected by audit interval update');
+

-            
        }

        $alert_email = rtrim($request->input('alert_email'), ',');
@@ -790,10 +790,9 @@ class SettingsController extends Controller
     */
    public function getLabels()
    {
-        return view('settings.labels', [
-            'setting' => Setting::getSettings(),
-            'customFields' => CustomField::all(),
-        ]);
+        return view('settings.labels')
+            ->with('setting', Setting::getSettings())
+            ->with('customFields', CustomField::where('field_encrypted', '=', 0)->get());
    }

    /**
@@ -956,8 +955,6 @@ class SettingsController extends Controller
            $setting->ldap_dept = $request->input('ldap_dept');
            $setting->ldap_client_tls_cert   = $request->input('ldap_client_tls_cert');
            $setting->ldap_client_tls_key    = $request->input('ldap_client_tls_key');
-
-
        }

        if ($setting->save()) {
@@ -1101,11 +1098,9 @@ class SettingsController extends Controller
                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
                        'modified_value' => $file_timestamp,
                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
-                        
+
                    ];
                }
-
-               
            }
        }

@@ -1122,7 +1117,7 @@ class SettingsController extends Controller
     *
     * @since [v1.8]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function postBackups()
    {
@@ -1197,9 +1192,8 @@ class SettingsController extends Controller
                        Storage::delete($path . '/' . $filename);
                        return redirect()->route('settings.backups.index')->with('success', trans('admin/settings/message.backup.file_deleted'));
                    } catch (\Exception $e) {
-                        \Log::debug($e);
+                        Log::debug($e);
                    }
-
                } else {
                    return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
                }
@@ -1209,7 +1203,7 @@ class SettingsController extends Controller
        }

        // Hell to the no
-        \Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
+        Log::warning('User ID '.Auth::user()->id.' is attempting to delete backup file '.$filename.' and is not authorized to.');
        return redirect()->route('settings.backups.index')->with('error', trans('general.backup_delete_not_allowed'));
    }

@@ -1221,7 +1215,7 @@ class SettingsController extends Controller
     *
     * @since [v6.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */

    public function postUploadBackup(Request $request) {
@@ -1241,20 +1235,15 @@ class SettingsController extends Controller
                        $upload_filename = 'uploaded-'.date('U').'-'.Str::slug(pathinfo($request->file('file')->getClientOriginalName(), PATHINFO_FILENAME)).'.zip';

                        Storage::putFileAs('app/backups', $request->file('file'), $upload_filename);
-            
+
                        return redirect()->route('settings.backups.index')->with('success', 'File uploaded');
                }

                return redirect()->route('settings.backups.index')->withErrors($validator);
-
            }
-
        } else {
            return redirect()->route('settings.backups.index')->with('error', trans('general.feature_disabled'));
-        }    
-
-        
-        
+        }
    }

    /**
@@ -1268,7 +1257,7 @@ class SettingsController extends Controller
     */
    public function postRestore($filename = null)
    {
-        
+
        if (! config('app.lock_passwords')) {
            $path = 'app/backups';

@@ -1284,13 +1273,13 @@ class SettingsController extends Controller
                    '--force' => true,
                ]);

-                \Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);
+                Log::debug('Attempting to restore from: '. storage_path($path).'/'.$filename);

                // run the restore command
-                Artisan::call('snipeit:restore', 
+                Artisan::call('snipeit:restore',
                [
-                    '--force' => true, 
-                    '--no-progress' => true, 
+                    '--force' => true,
+                    '--no-progress' => true,
                    'filename' => storage_path($path).'/'.$filename
                ]);

@@ -1298,29 +1287,28 @@ class SettingsController extends Controller
                $output = Artisan::output();

                /* Run migrations */
-                \Log::debug('Migrating database...');
+                Log::debug('Migrating database...');
                Artisan::call('migrate', ['--force' => true]);
                $migrate_output = Artisan::output();
-                \Log::debug($migrate_output);
+                Log::debug($migrate_output);

                $find_user = DB::table('users')->where('username', $user->username)->exists();
-                
+
                if (!$find_user){
-                    \Log::warning('Attempting to restore user: ' . $user->username);
+                    Log::warning('Attempting to restore user: ' . $user->username);
                    $new_user = $user->replicate();
                    $new_user->push();
                } else {
-                    \Log::debug('User: ' . $user->username .' already exists.');
+                    Log::debug('User: ' . $user->username .' already exists.');
                }

-                \Log::debug('Logging all users out..');
+                Log::debug('Logging all users out..');
                Artisan::call('snipeit:global-logout', ['--force' => true]);

                DB::table('users')->update(['remember_token' => null]);
-                \Auth::logout();
+                Auth::logout();

                return redirect()->route('login')->with('success', 'Your system has been restored. Please login again.');
-                
            } else {
                return redirect()->route('settings.backups.index')->with('error', trans('admin/settings/message.backup.file_not_found'));
            }
@@ -1341,14 +1329,13 @@ class SettingsController extends Controller
    public function getPurge()
    {

-        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
+        Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');

        if (config('app.allow_purge')=='true') {
            return view('settings.purge-form');
        }

        return redirect()->route('settings.index')->with('error', trans('general.purge_not_allowed'));
-
    }

    /**
@@ -1362,16 +1349,16 @@ class SettingsController extends Controller
     */
    public function postPurge(Request $request)
    {
-        \Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');
+        Log::warning('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting a PURGE');

        if (config('app.allow_purge')=='true') {
-            \Log::debug('Purging is not allowed via the .env');
+            Log::debug('Purging is not allowed via the .env');

            if (!config('app.lock_passwords')) {

                if ($request->input('confirm_purge')=='DELETE') {

-                    \Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
+                    Log::warning('User ID ' . Auth::user()->id . ' initiated a PURGE!');
                    // Run a backup immediately before processing
                    Artisan::call('backup:run');
                    Artisan::call('snipeit:purge', ['--force' => 'true', '--no-interaction' => true]);
@@ -1379,7 +1366,6 @@ class SettingsController extends Controller

                    return redirect()->route('settings.index')
                        ->with('output', $output)->with('success', trans('admin/settings/message.purge.success'));
-
                } else {
                    return redirect()->route('settings.purge.index')
                        ->with('error', trans('admin/settings/message.purge.validation_failed'));
@@ -1390,7 +1376,7 @@ class SettingsController extends Controller
            }
        }

-        \Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');
+        Log::error('User '.Auth::user()->username.' (ID'.Auth::user()->id.') is attempting to purge deleted data and is not authorized to.');


        // Nope.
@@ -1422,7 +1408,7 @@ class SettingsController extends Controller
     *
     * @since [v3.0]
     *
-     * @return Redirect
+     * @return \Illuminate\Http\RedirectResponse
     */
    public function ajaxTestEmail()
    {
@@ -1433,7 +1419,7 @@ class SettingsController extends Controller
            ])->notify(new MailTest());

            return response()->json(Helper::formatStandardApiResponse('success', null, 'Maiol sent!'));
-        } catch (Exception $e) {
+        } catch (\Exception $e) {
            return response()->json(Helper::formatStandardApiResponse('success', null, $e->getMessage()));
        }
    }
@@ -19,6 +19,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Password;
+use Illuminate\Support\Facades\Log;

 class BulkUsersController extends Controller
 {
@@ -323,18 +324,18 @@ class BulkUsersController extends Controller
        foreach ($users_to_merge as $user_to_merge) {

            foreach ($user_to_merge->assets as $asset) {
-                \Log::debug('Updating asset: '.$asset->asset_tag . ' to '.$merge_into_user->id);
+                Log::debug('Updating asset: '.$asset->asset_tag . ' to '.$merge_into_user->id);
                $asset->assigned_to = $request->input('merge_into_id');
                $asset->save();
            }

            foreach ($user_to_merge->licenses as $license) {
-                \Log::debug('Updating license pivot: '.$license->id . ' to '.$merge_into_user->id);
+                Log::debug('Updating license pivot: '.$license->id . ' to '.$merge_into_user->id);
                $user_to_merge->licenses()->updateExistingPivot($license->id, ['assigned_to' => $merge_into_user->id]);
            }

            foreach ($user_to_merge->consumables as $consumable) {
-                \Log::debug('Updating consumable pivot: '.$consumable->id . ' to '.$merge_into_user->id);
+                Log::debug('Updating consumable pivot: '.$consumable->id . ' to '.$merge_into_user->id);
                $user_to_merge->consumables()->updateExistingPivot($consumable->id, ['assigned_to' => $merge_into_user->id]);
            }

--- a/Show More
+++ b/Show More