Rebase 20251107

app/Http/Controllers/Api/DepartmentsController.php

@@ -4,6 +4,7 @@
 
 use App\Helpers\Helper;
 use App\Http\Controllers\Controller;
+use App\Http\Requests\StoreDepartmentRequest;
 use App\Http\Transformers\DepartmentsTransformer;
 use App\Http\Transformers\SelectlistTransformer;
 use App\Models\Department;
@@ -26,18 +27,19 @@ public function index(Request $request) : JsonResponse | array
         $allowed_columns = ['id', 'name', 'image', 'users_count', 'notes'];
 
         $departments = Department::select(
-            'departments.id',
-            'departments.name',
-            'departments.phone',
-            'departments.fax',
-            'departments.location_id',
-            'departments.company_id',
-            'departments.manager_id',
-            'departments.created_at',
-            'departments.updated_at',
-            'departments.image',
-            'departments.notes',
-        )->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
+            [
+                'departments.id',
+                'departments.name',
+                'departments.phone',
+                'departments.fax',
+                'departments.location_id',
+                'departments.company_id',
+                'departments.manager_id',
+                'departments.created_at',
+                'departments.updated_at',
+                'departments.image',
+                'departments.notes'
+            ])->with('users')->with('location')->with('manager')->with('company')->withCount('users as users_count');
 
         if ($request->filled('search')) {
             $departments = $departments->TextSearch($request->input('search'));
@@ -94,18 +96,17 @@ public function index(Request $request) : JsonResponse | array
      * @since [v4.0]
      * @param  \App\Http\Requests\ImageUploadRequest  $request
      */
-    public function store(ImageUploadRequest $request) : JsonResponse
+    public function store(StoreDepartmentRequest $request): JsonResponse
     {
-        $this->authorize('create', Department::class);
         $department = new Department;
-        $department->fill($request->all());
+        $department->fill($request->validated());
         $department = $request->handleImages($department);
 
         $department->created_by = auth()->id();
         $department->manager_id = ($request->filled('manager_id') ? $request->input('manager_id') : null);
 
         if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.create.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.create.success')));
         }
         return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));
 
@@ -121,7 +122,7 @@ public function store(ImageUploadRequest $request) : JsonResponse
     public function show($id) : array
     {
         $this->authorize('view', Department::class);
-        $department = Department::findOrFail($id);
+        $department = Department::withCount('users as users_count')->findOrFail($id);
         return (new DepartmentsTransformer)->transformDepartment($department);
     }
 
@@ -141,7 +142,7 @@ public function update(ImageUploadRequest $request, $id) : JsonResponse
         $department = $request->handleImages($department);
 
         if ($department->save()) {
-            return response()->json(Helper::formatStandardApiResponse('success', $department, trans('admin/departments/message.update.success')));
+            return response()->json(Helper::formatStandardApiResponse('success', (new DepartmentsTransformer)->transformDepartment($department), trans('admin/departments/message.update.success')));
         }
 
         return response()->json(Helper::formatStandardApiResponse('error', null, $department->getErrors()));

app/Http/Controllers/Api/GroupsController.php

@@ -25,7 +25,7 @@ public function index(Request $request) : JsonResponse | array
 
         $this->authorize('view', Group::class);
 
-        $groups = Group::select('id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by')->with('adminuser')->withCount('users as users_count');
+        $groups = Group::select(['id', 'name', 'permissions', 'notes', 'created_at', 'updated_at', 'created_by'])->with('adminuser')->withCount('users as users_count');
 
         if ($request->filled('search')) {
             $groups = $groups->TextSearch($request->input('search'));
@@ -51,6 +51,7 @@ public function index(Request $request) : JsonResponse | array
                     'id',
                     'name',
                     'created_at',
+                    'updated_at',
                     'users_count',
                 ];
 

app/Http/Controllers/Api/LicenseSeatsController.php

@@ -26,11 +26,11 @@ public function index(Request $request, $licenseId) : JsonResponse | array
         if ($license = License::find($licenseId)) {
             $this->authorize('view', $license);
 
-            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department')
+            $seats = LicenseSeat::with('license', 'user', 'asset', 'user.department',  'user.company', 'asset.company')
                 ->where('license_seats.license_id', $licenseId);
 
             if ($request->input('status') == 'available') {
-                $seats->whereNull('license_seats.assigned_to');
+                $seats->whereNull('license_seats.assigned_to')->whereNull('license_seats.asset_id');
             }
 
             if ($request->input('status') == 'assigned') {
@@ -40,8 +40,10 @@ public function index(Request $request, $licenseId) : JsonResponse | array
 
             $order = $request->input('order') === 'asc' ? 'asc' : 'desc';
 
-            if ($request->input('sort') == 'department') {
+            if ($request->input('sort') == 'assigned_user.department') {
                 $seats->OrderDepartments($order);
+            } elseif ($request->input('sort') == 'assigned_user.company') {
+                    $seats->OrderCompany($order);
             } else {
                 $seats->orderBy('updated_at', $order);
             }
@@ -83,7 +85,7 @@ public function show($licenseId, $seatId) : JsonResponse | array
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat not found'));
         }
         // 2. does the seat belong to the specified license?
-        if (! $license = $licenseSeat->license()->first() || $license->id != intval($licenseId)) {
+        if (! $licenseSeat = $licenseSeat->license()->first() || $licenseSeat->id != intval($licenseId)) {
             return response()->json(Helper::formatStandardApiResponse('error', null, 'Seat does not belong to the specified license'));
         }
 

app/Http/Controllers/GroupsController.php

@@ -43,9 +43,12 @@ public function create(Request $request) : View
         $permissions = config('permissions');
         $groupPermissions = Helper::selectedPermissionsArray($permissions, $permissions);
         $selectedPermissions = $request->old('permissions', $groupPermissions);
-
+        $users = \App\Models\User::orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
         // Show the page
-        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))->with('group', $group);
+        return view('groups/edit', compact('permissions', 'selectedPermissions', 'groupPermissions'))
+            ->with('group', $group)
+            ->with('associated_users', [])
+            ->with('unselected_users', $users);
     }
 
     /**
@@ -60,12 +63,23 @@ public function store(Request $request) : RedirectResponse
         // create a new group instance
         $group = new Group();
         $group->name = $request->input('name');
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
         $group->permissions = json_encode($request->input('permission'));
         $group->created_by = auth()->id();
         $group->notes = $request->input('notes');
 
         if ($group->save()) {
-            $group->users()->sync($request->input('associated_users'));
+
+            if ($request->filled('users_to_sync')) {
+                $associated_users = explode(',',$request->input('users_to_sync'));
+                $group->users()->sync($associated_users);
+            }
             return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.create'));
         }
 
@@ -89,10 +103,12 @@ public function edit(Group $group) : View | RedirectResponse
             $groupPermissions = [];
         }
         $selected_array = Helper::selectedPermissionsArray($permissions, $groupPermissions);
-        $associated_users = $group->users()->get();
+        $associated_users = $group->users()->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
+
+        // Get the unselected users
+        $unselected_users = \App\Models\User::whereNotIn('id', $associated_users->pluck('id')->toArray())->orderBy('first_name', 'asc')->orderBy('last_name', 'asc')->get();
 
-        //dd($associated_users->toArray());
-        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))->with('associated_users', $associated_users);
+        return view('groups.edit', compact('group', 'permissions', 'selected_array', 'groupPermissions'))->with('associated_users', $associated_users)->with('unselected_users', $unselected_users);
     }
 
     /**
@@ -106,13 +122,24 @@ public function edit(Group $group) : View | RedirectResponse
     public function update(Request $request, Group $group) : RedirectResponse
     {
         $group->name = $request->input('name');
-        $group->permissions = json_encode($request->input('permission'));
+
+        if ($request->filled('permission')) {
+            $group->permissions = json_encode($request->array('permission'));
+        } else {
+            $group->permissions = null;
+        }
+
         $group->notes = $request->input('notes');
 
 
         if (! config('app.lock_passwords')) {
             if ($group->save()) {
-                $group->users()->sync($request->input('associated_users'));
+
+                if ($request->filled('users_to_sync')) {
+                    $associated_users = explode(',',$request->input('users_to_sync'));
+                    $group->users()->sync($associated_users);
+                }
+
                 return redirect()->route('groups.index')->with('success', trans('admin/groups/message.success.update'));
             }
 

app/Http/Controllers/SettingsController.php

@@ -772,6 +772,7 @@ public function postLabels(StoreLabelSettings $request) : RedirectResponse
         $setting->label2_asset_logo = $request->input('label2_asset_logo');
         $setting->label2_1d_type = $request->input('label2_1d_type');
         $setting->label2_2d_type = $request->input('label2_2d_type');
+        $setting->label2_2d_prefix = $request->input('label2_2d_prefix');
         $setting->label2_2d_target = $request->input('label2_2d_target');
         $setting->label2_fields = $request->input('label2_fields');
         $setting->label2_empty_row_count = $request->input('label2_empty_row_count');

app/Http/Requests/StoreDepartmentRequest.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\Department;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Gate;
+
+class StoreDepartmentRequest extends ImageUploadRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return Gate::allows('create', new Department);
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        $modelRules = (new Department)->getRules();
+
+        return array_merge(
+            $modelRules,
+        );
+    }
+}

app/Http/Requests/StoreLabelSettings.php

@@ -49,6 +49,7 @@ public function rules(): array
             'labels_pagewidth'                    => 'numeric|nullable',
             'labels_pageheight'                   => 'numeric|nullable',
             'qr_text'                             => 'max:31|nullable',
+            'label2_2d_prefix'                    => 'nullable|max:191',
             'label2_template'                     => [
                 'required',
                 Rule::in($names),

app/Http/Requests/UpdateAssetRequest.php

@@ -28,23 +28,31 @@ public function authorize()
      */
     public function rules()
     {
+        $setting = Setting::getSettings();
+
         $rules = array_merge(
             parent::rules(),
             (new Asset)->getRules(),
-            // this is to overwrite rulesets that include required, and rewrite unique_undeleted
+            // This overwrites the rulesets that are set at the model level (via Watson) but are not necessarily required at the request level when doing a PATCH update.
+            // Confusingly, this skips the unique_undeleted validator at the model level (and therefore the UniqueUndeletedTrait), so we have to re-add those
+            // rules here without the requiredness, since those values will already exist if you're updating an existing asset.
             [
                 'model_id'  => ['integer', 'exists:models,id,deleted_at,NULL', 'not_array'],
                 'status_id' => ['integer', 'exists:status_labels,id'],
                 'asset_tag' => [
                     'min:1', 'max:255', 'not_array',
-                    Rule::unique('assets', 'asset_tag')->ignore($this->asset)->withoutTrashed()
+                    Rule::unique('assets', 'asset_tag')->ignore($this->asset)->withoutTrashed(),
+                ],
+                'serial' => [
+                    'string', 'max:255', 'not_array',
+                    $setting->unique_serial=='1' ? Rule::unique('assets', 'serial')->ignore($this->asset)->withoutTrashed() : 'nullable',
                 ],
             ],
         );
 
         // if the purchase cost is passed in as a string **and** the digit_separator is ',' (as is common in the EU)
         // then we tweak the purchase_cost rule to make it a string
-        if (Setting::getSettings()->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
+        if ($setting->digit_separator === '1.234,56' && is_string($this->input('purchase_cost'))) {
             $rules['purchase_cost'] = ['nullable', 'string'];
         }
 

app/Http/Transformers/DepartmentsTransformer.php

@@ -43,7 +43,7 @@ public function transformDepartment(Department $department = null)
                     'id' => (int) $department->location->id,
                     'name' => e($department->location->name),
                 ] : null,
-                'users_count' => e($department->users_count),
+                'users_count' => (int) ($department->users_count),
                 'notes' => Helper::parseEscapedMarkedownInline($department->notes),
                 'created_at' => Helper::getFormattedDateObject($department->created_at, 'datetime'),
                 'updated_at' => Helper::getFormattedDateObject($department->updated_at, 'datetime'),

app/Http/Transformers/LicenseSeatsTransformer.php

@@ -36,6 +36,12 @@ public function transformLicenseSeat(LicenseSeat $seat)
                             'name' => e($seat->user->department->name),
 
                         ] : null,
+                'company'=> ($seat->user->company) ?
+                    [
+                        'id' => (int) $seat->user->company->id,
+                        'name' => e($seat->user->company->name),
+
+                    ] : null,
                 'created_at' => Helper::getFormattedDateObject($seat->created_at, 'datetime'),
             ] : null,
             'assigned_asset' => ($seat->asset) ? [

app/Livewire/SlackSettingsForm.php

@@ -159,7 +159,7 @@ public function testWebhook(){
             ]);
 
         try {
-            $test = $webhook->post($this->webhook_endpoint, ['body' => $payload, ['headers' => ['Content-Type' => 'application/json']]]);
+            $test = $webhook->post($this->webhook_endpoint, ['body' => $payload, 'headers' => ['Content-Type' => 'application/json']]);
 
             if(($test->getStatusCode() == 302)||($test->getStatusCode() == 301)){
                 return session()->flash('error' , trans('admin/settings/message.webhook.error_redirect', ['endpoint' => $this->webhook_endpoint]));

app/Models/Actionlog.php

@@ -360,7 +360,7 @@ public function daysUntilNextAudit($monthInterval = 12, $asset = null)
     {
         $now = Carbon::now();
         $last_audit_date = $this->created_at; // this is the action log's created at, not the asset itself
-        $next_audit = $last_audit_date->addMonth($monthInterval); // this actually *modifies* the $last_audit_date
+        $next_audit = $last_audit_date->addMonth((int) $monthInterval); // this actually *modifies* the $last_audit_date
         $next_audit_days = (int) round($now->diffInDays($next_audit, true));
         $override_default_next = $next_audit;
 

app/Models/Asset.php

@@ -295,8 +295,8 @@ public function getDisplayNameAttribute()
 
     protected function warrantyExpires(): Attribute
     {
-        return Attribute::make(
-            get: fn(mixed $value, array $attributes) => ($attributes['warranty_months'] && $attributes['purchase_date']) ? Carbon::parse($attributes['purchase_date'])->addMonths($attributes['warranty_months']) : null,
+        return Attribute:: make(
+            get: fn(mixed $value, array $attributes) => ($attributes['warranty_months'] && $attributes['purchase_date']) ? Carbon::parse($attributes['purchase_date'])->addMonths((int)$attributes['warranty_months']) : null,
         );
     }
 

app/Models/Department.php

@@ -31,10 +31,13 @@ class Department extends SnipeModel
     ];
 
     protected $rules = [
-        'name'                  => 'required|max:255|is_unique_department',
-        'location_id'           => 'numeric|nullable',
-        'company_id'            => 'numeric|nullable',
-        'manager_id'            => 'numeric|nullable',
+        'name'        => 'required|max:255|is_unique_across_company_and_location:departments,name',
+        'location_id' => 'numeric|nullable|exists:locations,id',
+        'company_id'  => 'numeric|nullable|exists:companies,id',
+        'manager_id'  => 'numeric|nullable|exists:users,id',
+        'phone'       => 'string|max:255|nullable',
+        'fax'         => 'string|max:255|nullable',
+        'notes'       => 'string|max:255|nullable',
     ];
 
     /**