From 84ec5aea26458e37b0919b13fa902e596323089e Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Wed, 4 Jun 2025 09:05:27 +0200
Subject: [PATCH 01/16] Manager View Feature

---
 app/Http/Controllers/SettingsController.php   |  1 +
 app/Http/Controllers/ViewAssetsController.php | 91 +++++++++++++------
 app/Models/Setting.php                        |  2 +
 app/Models/User.php                           | 65 +++++++++++++
 ...manager_view_enabled_to_settings_table.php | 34 +++++++
 .../lang/en-US/admin/settings/general.php     |  3 +
 resources/lang/en-US/general.php              |  3 +
 resources/views/account/view-assets.blade.php | 24 +++++
 resources/views/settings/general.blade.php    | 15 +++
 9 files changed, 212 insertions(+), 26 deletions(-)
 create mode 100644 database/migrations/2025_06_03_000000_add_manager_view_enabled_to_settings_table.php

diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php
index 747f7b7284..2729b14a7e 100644
--- a/app/Http/Controllers/SettingsController.php
+++ b/app/Http/Controllers/SettingsController.php
@@ -352,6 +352,7 @@ class SettingsController extends Controller
         $setting->dash_chart_type = $request->input('dash_chart_type');
         $setting->profile_edit = $request->input('profile_edit', 0);
         $setting->require_checkinout_notes = $request->input('require_checkinout_notes', 0);
+        $setting->manager_view_enabled = $request->input('manager_view_enabled', 0);
 
 
         if ($request->input('per_page') != '') {
diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index bbff6ba4f7..a54dff0881 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -27,50 +27,89 @@ use Exception;
 class ViewAssetsController extends Controller
 {
     /**
-     * Redirect to the profile page.
+     * Show user's assigned assets with optional manager view functionality.
      *
      */
-    public function getIndex() : View | RedirectResponse
+    public function getIndex(Request $request) : View | RedirectResponse
     {
-        $user = User::with(
+        $authUser = auth()->user();
+        $settings = Setting::getSettings();
+        $subordinates = collect();
+        $selectedUserId = $authUser->id;
+
+        // Check if manager view is enabled and get subordinates if applicable
+        if ($settings->manager_view_enabled) {
+            // Get all subordinates including self, sorted for the dropdown
+            if ($authUser->isSuperUser()) {
+                // SuperAdmin sees all users
+                $subordinates = User::select('id', 'first_name', 'last_name', 'username')
+                    ->where('activated', 1)
+                    ->orderBy('last_name')
+                    ->orderBy('first_name')
+                    ->get();
+            } else {
+                // Regular manager sees only their subordinates + self (recursive)
+                $managedUsers = $authUser->getAllSubordinates(false); // Don't include self yet
+                
+                // Only show dropdown if user actually has subordinates
+                if ($managedUsers->count() > 0) {
+                    $subordinates = collect([$authUser])->merge($managedUsers) // Add self at beginning
+                        ->sortBy('last_name')
+                        ->sortBy('first_name');
+                } else {
+                    // User has no subordinates, so they only see themselves
+                    $subordinates = collect([$authUser]);
+                }
+            }
+
+            // If the user has subordinates and a user_id is provided in the request
+            if ($subordinates->count() > 1 && $request->filled('user_id')) {
+                $requestedUserId = (int) $request->input('user_id');
+
+                // Validate if the requested user is allowed (self or subordinate)
+                if ($subordinates->contains('id', $requestedUserId)) {
+                    $selectedUserId = $requestedUserId;
+                }
+                // If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
+            }
+        }
+
+        // Load the data for the user to be viewed (either auth user or selected subordinate)
+        $userToView = User::with([
             'assets',
             'assets.model',
             'assets.model.fieldset.fields',
             'consumables',
             'accessories',
-            'licenses',
-        )->find(auth()->id());
+            'licenses'
+        ])->find($selectedUserId);
 
-        $field_array = array();
-
-        // Loop through all the custom fields that are applied to any model the user has assigned
-        foreach ($user->assets as $asset) {
-
-            // Make sure the model has a custom fieldset before trying to loop through the associated fields
-            if ($asset->model->fieldset) {
+        // If the user to view couldn't be found (shouldn't happen with proper logic), redirect with error
+        if (!$userToView) {
+            return redirect()->route('view-assets')->with('error', trans('admin/users/message.user_not_found'));
+        }
 
+        // Process custom fields for the user being viewed
+        $field_array = [];
+        foreach ($userToView->assets as $asset) {
+            if ($asset->model && $asset->model->fieldset) {
                 foreach ($asset->model->fieldset->fields as $field) {
-                    // check and make sure they're allowed to see the value of the custom field
                     if ($field->display_in_user_view == '1') {
                         $field_array[$field->db_column] = $field->name;
                     }
-                    
                 }
             }
-
         }
+        array_unique($field_array); // Remove duplicate field names
 
-        // Since some models may re-use the same fieldsets/fields, let's make the array unique so we don't repeat columns
-        array_unique($field_array);
-
-        if (isset($user->id)) {
-            return view('account/view-assets', compact('user', 'field_array' ))
-                ->with('settings', Setting::getSettings());
-        }
-
-        // Redirect to the user management page
-        return redirect()->route('users.index')
-            ->with('error', trans('admin/users/message.user_not_found', $user->id));
+        // Pass the necessary data to the view
+        return view('account/view-assets', [
+            'user' => $userToView, // Use 'user' for compatibility with the existing view
+            'field_array' => $field_array,
+            'settings' => $settings,
+            'subordinates' => $subordinates,
+            'selectedUserId' => $selectedUserId
+        ]);
     }
 
     /**
diff --git a/app/Models/Setting.php b/app/Models/Setting.php
index 199aee33dc..73fcada1e6 100755
--- a/app/Models/Setting.php
+++ b/app/Models/Setting.php
@@ -67,11 +67,13 @@ class Setting extends Model
         'google_login',
         'google_client_id',
         'google_client_secret',
+        'manager_view_enabled',
     ];
 
     protected $casts = [
         'label2_asset_logo' => 'boolean',
         'require_checkinout_notes' => 'boolean',
+        'manager_view_enabled' => 'boolean',
     ];
 
     /**
diff --git a/app/Models/User.php b/app/Models/User.php
index 9b211e6a04..7856e5e53f 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -956,5 +956,70 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
 
 
 
+    }
+
+    /**
+     * Get all direct and indirect subordinates for this user.
+     *
+     * @param bool $includeSelf Include the current user in the results
+     * @return \Illuminate\Support\Collection
+     */
+    public function getAllSubordinates($includeSelf = false)
+    {
+        $subordinates = collect();
+        if ($includeSelf) {
+            $subordinates->push($this);
+        }
+
+        // Use a recursive helper function to avoid scope issues
+        $this->fetchSubordinatesRecursive($this, $subordinates);
+
+        return $subordinates->unique('id'); // Ensure uniqueness
+    }
+
+    /**
+     * Recursive helper function to fetch subordinates.
+     *
+     * @param User $manager
+     * @param \Illuminate\Support\Collection $subordinatesCollection
+     */
+    protected function fetchSubordinatesRecursive(User $manager, \Illuminate\Support\Collection &$subordinatesCollection)
+    {
+        // Eager load 'managesUsers' to prevent N+1 queries in recursion
+        $directSubordinates = $manager->managesUsers()->with('managesUsers')->get();
+
+        foreach ($directSubordinates as $directSubordinate) {
+            // Add subordinate if not already in the collection
+            if (!$subordinatesCollection->contains('id', $directSubordinate->id)) {
+                 $subordinatesCollection->push($directSubordinate);
+                 // Recursive call for this subordinate's subordinates
+                 $this->fetchSubordinatesRecursive($directSubordinate, $subordinatesCollection);
+            }
+        }
+    }
+
+    /**
+     * Check if the current user is a direct or indirect manager of the given user.
+     *
+     * @param User $userToCheck
+     * @return bool
+     */
+    public function isManagerOf(User $userToCheck): bool
+    {
+        // Optimization: If it's the same user, they are not their own manager
+        if ($this->id === $userToCheck->id) {
+            return false;
+        }
+
+        // Eager load manager relationship to potentially reduce queries in the loop
+        $manager = $userToCheck->load('manager')->manager;
+        while ($manager) {
+            if ($manager->id === $this->id) {
+                return true;
+            }
+            // Move up the hierarchy (load relationship if not already loaded)
+            $manager = $manager->load('manager')->manager;
+        }
+        return false;
     }
 }
diff --git a/database/migrations/2025_06_03_000000_add_manager_view_enabled_to_settings_table.php b/database/migrations/2025_06_03_000000_add_manager_view_enabled_to_settings_table.php
new file mode 100644
index 0000000000..345c52a7dd
--- /dev/null
+++ b/database/migrations/2025_06_03_000000_add_manager_view_enabled_to_settings_table.php
@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        if (!Schema::hasColumn('settings', 'manager_view_enabled')) {
+            Schema::table('settings', function (Blueprint $table) {
+                $table->boolean('manager_view_enabled')
+                    ->default(false)
+                    ->comment('Allow managers to view assets assigned to their subordinates');
+            });
+        }
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        if (Schema::hasColumn('settings', 'manager_view_enabled')) {
+            Schema::table('settings', function (Blueprint $table) {
+                $table->dropColumn('manager_view_enabled');
+            });
+        }
+    }
+};
diff --git a/resources/lang/en-US/admin/settings/general.php b/resources/lang/en-US/admin/settings/general.php
index 5da86537d6..fc45c61291 100644
--- a/resources/lang/en-US/admin/settings/general.php
+++ b/resources/lang/en-US/admin/settings/general.php
@@ -401,6 +401,9 @@ return [
     'due_checkin_days_help' => 'How many days before the expected checkin of an asset should it be listed in the "Due for checkin" page?',
     'no_groups' => 'No groups have been created yet. Visit <code>Admin Settings > Permission Groups</code> to add one.',
     'text' => 'Text',
+    'manager_view' => 'Manager View',
+    'manager_view_enabled_text' => 'Enable Manager View',
+    'manager_view_enabled_help' => 'Allow managers to view assets assigned to their direct and indirect reports in their account view.',
 
     'username_formats' => [
         'username_format'		=> 'Username Format',
diff --git a/resources/lang/en-US/general.php b/resources/lang/en-US/general.php
index 599a15c139..e4adad7fd9 100644
--- a/resources/lang/en-US/general.php
+++ b/resources/lang/en-US/general.php
@@ -318,6 +318,9 @@ return [
     'viewall'				=> 'View All',
     'viewassets'  			=> 'View Assigned Assets',
     'viewassetsfor'         => 'View Assets for :name',
+    'view_user_assets'      => 'View User Assets',
+    'select_user'           => 'Select User',
+    'me'                    => 'Me',
     'website'               => 'Website',
     'welcome'				=> 'Welcome, :name',
     'years'					=> 'years',
diff --git a/resources/views/account/view-assets.blade.php b/resources/views/account/view-assets.blade.php
index 050f53263e..4c356778cf 100755
--- a/resources/views/account/view-assets.blade.php
+++ b/resources/views/account/view-assets.blade.php
@@ -9,6 +9,30 @@
 {{-- Account page content --}}
 @section('content')
 
+{{-- Manager View Dropdown --}}
+@if (isset($settings) && $settings->manager_view_enabled && isset($subordinates) && $subordinates->count() > 1)
+<div class="row hidden-print" style="margin-bottom: 15px;">
+    <div class="col-md-12">
+        <form method="GET" action="{{ route('view-assets') }}" class="pull-right" role="form">
+            <div class="form-group" style="margin-bottom: 0;">
+                <label for="user_id" class="control-label" style="margin-right: 10px;">
+                    <i class="fas fa-users"></i> {{ trans('general.view_user_assets') }}:
+                </label>
+                <select name="user_id" id="user_id" class="form-control select2" onchange="this.form.submit()" style="width: 250px; display: inline-block;">
+                    @foreach ($subordinates as $subordinate)
+                        <option value="{{ $subordinate->id }}" {{ (int)$selectedUserId === (int)$subordinate->id ? ' selected' : '' }}>
+                            {{ $subordinate->present()->fullName() }}
+                            @if ($subordinate->id == auth()->id())
+                                ({{ trans('general.me') }})
+                            @endif
+                        </option>
+                    @endforeach
+                </select>
+            </div>
+        </form>
+    </div>
+</div>
+@endif
 
 @if ($acceptances = \App\Models\CheckoutAcceptance::forUser(Auth::user())->pending()->count())
   <div class="row">
diff --git a/resources/views/settings/general.blade.php b/resources/views/settings/general.blade.php
index 931fa47bcc..c9964b581f 100644
--- a/resources/views/settings/general.blade.php
+++ b/resources/views/settings/general.blade.php
@@ -325,6 +325,21 @@
                                            <p class="help-block">{{ trans('admin/settings/general.require_checkinout_notes_help_text') }}</p>
                                    </div>
                                </div>
+
+                               <!-- Manager View -->
+                               <div class="form-group {{ $errors->has('manager_view_enabled') ? 'error' : '' }}">
+                                   <div class="col-md-3">
+                                       <strong>{{ trans('admin/settings/general.manager_view') }}</strong>
+                                   </div>
+                                   <div class="col-md-8 col-md-offset-3">
+                                       <label class="form-control">
+                                           <input type="checkbox" value="1" name="manager_view_enabled" {{ (old('manager_view_enabled', $setting->manager_view_enabled)) == '1' ? ' checked="checked"' : '' }} aria-label="manager_view_enabled">
+                                           {{ trans('admin/settings/general.manager_view_enabled_text') }}
+                                       </label>
+                                       <p class="help-block">{{ trans('admin/settings/general.manager_view_enabled_help') }}</p>
+                                       {!! $errors->first('manager_view_enabled', '<span class="alert-msg" aria-hidden="true">:message</span>') !!}
+                                   </div>
+                               </div>
                                <!-- /.form-group -->
                        </fieldset>
 

From 60989d67664a14c407d861e9b9b678a02fcf296a Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Wed, 4 Jun 2025 15:17:55 +0200
Subject: [PATCH 02/16] Fix Codacy warnings

---
 app/Http/Controllers/ViewAssetsController.php | 37 ++++++++++++-------
 app/Models/User.php                           | 14 +++----
 resources/views/account/view-assets.blade.php |  1 +
 3 files changed, 32 insertions(+), 20 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index a54dff0881..49503f370f 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -26,6 +26,27 @@ use Exception;
  */
 class ViewAssetsController extends Controller
 {
+    /**
+     * Extract custom fields that should be displayed in user view.
+     *
+     * @param User $user
+     * @return array
+     */
+    private function extractCustomFields(User $user): array
+    {
+        $fieldArray = [];
+        foreach ($user->assets as $asset) {
+            if ($asset->model && $asset->model->fieldset) {
+                foreach ($asset->model->fieldset->fields as $field) {
+                    if ($field->display_in_user_view == '1') {
+                        $fieldArray[$field->db_column] = $field->name;
+                    }
+                } //end foreach
+            }
+        } //end foreach
+        return array_unique($fieldArray);
+    }
+
     /**
      * Show user's assigned assets with optional manager view functionality.
      *
@@ -59,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }
+                } //end if
             }
 
             // If the user has subordinates and a user_id is provided in the request
@@ -90,22 +111,12 @@ class ViewAssetsController extends Controller
         }
 
         // Process custom fields for the user being viewed
-        $field_array = [];
-        foreach ($userToView->assets as $asset) {
-            if ($asset->model && $asset->model->fieldset) {
-                foreach ($asset->model->fieldset->fields as $field) {
-                    if ($field->display_in_user_view == '1') {
-                        $field_array[$field->db_column] = $field->name;
-                    }
-                }
-            }
-        }
-        array_unique($field_array); // Remove duplicate field names
+        $fieldArray = $this->extractCustomFields($userToView);
 
         // Pass the necessary data to the view
         return view('account/view-assets', [
             'user' => $userToView, // Use 'user' for compatibility with the existing view
-            'field_array' => $field_array,
+            'field_array' => $fieldArray,
             'settings' => $settings,
             'subordinates' => $subordinates,
             'selectedUserId' => $selectedUserId
diff --git a/app/Models/User.php b/app/Models/User.php
index 7856e5e53f..43ff8fdf1f 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -964,7 +964,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
      * @param bool $includeSelf Include the current user in the results
      * @return \Illuminate\Support\Collection
      */
-    public function getAllSubordinates($includeSelf = false)
+    public function getAllSubordinates($includeSelf=false)
     {
         $subordinates = collect();
         if ($includeSelf) {
@@ -981,21 +981,21 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
      * Recursive helper function to fetch subordinates.
      *
      * @param User $manager
-     * @param \Illuminate\Support\Collection $subordinatesCollection
+     * @param \Illuminate\Support\Collection $subs
      */
-    protected function fetchSubordinatesRecursive(User $manager, \Illuminate\Support\Collection &$subordinatesCollection)
+    protected function fetchSubordinatesRecursive(User $manager, \Illuminate\Support\Collection &$subs)
     {
         // Eager load 'managesUsers' to prevent N+1 queries in recursion
         $directSubordinates = $manager->managesUsers()->with('managesUsers')->get();
 
         foreach ($directSubordinates as $directSubordinate) {
             // Add subordinate if not already in the collection
-            if (!$subordinatesCollection->contains('id', $directSubordinate->id)) {
-                 $subordinatesCollection->push($directSubordinate);
+            if (!$subs->contains('id', $directSubordinate->id)) {
+                 $subs->push($directSubordinate);
                  // Recursive call for this subordinate's subordinates
-                 $this->fetchSubordinatesRecursive($directSubordinate, $subordinatesCollection);
+                 $this->fetchSubordinatesRecursive($directSubordinate, $subs);
             }
-        }
+        } //end foreach
     }
 
     /**
diff --git a/resources/views/account/view-assets.blade.php b/resources/views/account/view-assets.blade.php
index 4c356778cf..742fab66b3 100755
--- a/resources/views/account/view-assets.blade.php
+++ b/resources/views/account/view-assets.blade.php
@@ -14,6 +14,7 @@
 <div class="row hidden-print" style="margin-bottom: 15px;">
     <div class="col-md-12">
         <form method="GET" action="{{ route('view-assets') }}" class="pull-right" role="form">
+            @csrf
             <div class="form-group" style="margin-bottom: 0;">
                 <label for="user_id" class="control-label" style="margin-right: 10px;">
                     <i class="fas fa-users"></i> {{ trans('general.view_user_assets') }}:

From ea447365fab09259abe1e84d5c5c30e6b3800a4d Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Wed, 4 Jun 2025 15:40:17 +0200
Subject: [PATCH 03/16] Fix Codacy warnings II

---
 app/Http/Controllers/ViewAssetsController.php |  8 +++----
 app/Models/User.php                           | 23 +++++++++++--------
 2 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 49503f370f..d73068afe7 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -41,9 +41,9 @@ class ViewAssetsController extends Controller
                     if ($field->display_in_user_view == '1') {
                         $fieldArray[$field->db_column] = $field->name;
                     }
-                } //end foreach
+                }//end foreach
             }
-        } //end foreach
+        }//end foreach
         return array_unique($fieldArray);
     }
 
@@ -70,7 +70,7 @@ class ViewAssetsController extends Controller
                     ->get();
             } else {
                 // Regular manager sees only their subordinates + self (recursive)
-                $managedUsers = $authUser->getAllSubordinates(false); // Don't include self yet
+                $managedUsers = $authUser->getAllSubordinates();
                 
                 // Only show dropdown if user actually has subordinates
                 if ($managedUsers->count() > 0) {
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                } //end if
+                }//end if
             }
 
             // If the user has subordinates and a user_id is provided in the request
diff --git a/app/Models/User.php b/app/Models/User.php
index 43ff8fdf1f..affd76a729 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -961,20 +961,25 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
     /**
      * Get all direct and indirect subordinates for this user.
      *
-     * @param bool $includeSelf Include the current user in the results
      * @return \Illuminate\Support\Collection
      */
-    public function getAllSubordinates($includeSelf=false)
+    public function getAllSubordinates()
     {
         $subordinates = collect();
-        if ($includeSelf) {
-            $subordinates->push($this);
-        }
-
-        // Use a recursive helper function to avoid scope issues
         $this->fetchSubordinatesRecursive($this, $subordinates);
+        return $subordinates->unique('id');
+    }
 
-        return $subordinates->unique('id'); // Ensure uniqueness
+    /**
+     * Get all direct and indirect subordinates for this user, including self.
+     *
+     * @return \Illuminate\Support\Collection
+     */
+    public function getAllSubordinatesIncludingSelf()
+    {
+        $subordinates = collect([$this]);
+        $this->fetchSubordinatesRecursive($this, $subordinates);
+        return $subordinates->unique('id');
     }
 
     /**
@@ -995,7 +1000,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
                  // Recursive call for this subordinate's subordinates
                  $this->fetchSubordinatesRecursive($directSubordinate, $subs);
             }
-        } //end foreach
+        }//end foreach
     }
 
     /**

From fb18c1a0bea37d6575cf2a1fb48e0c083d534f12 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 08:59:07 +0200
Subject: [PATCH 04/16] Fix code style: Remove whitespace in end block comments

---
 app/Http/Controllers/ViewAssetsController.php | 6 +++---
 app/Models/User.php                           | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index d73068afe7..ee4916f0a7 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -41,9 +41,9 @@ class ViewAssetsController extends Controller
                     if ($field->display_in_user_view == '1') {
                         $fieldArray[$field->db_column] = $field->name;
                     }
-                }//end foreach
+                }//endforeach
             }
-        }//end foreach
+        }//endforeach
         return array_unique($fieldArray);
     }
 
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }//end if
+                }//endif
             }
 
             // If the user has subordinates and a user_id is provided in the request
diff --git a/app/Models/User.php b/app/Models/User.php
index affd76a729..825fba640b 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -1000,7 +1000,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
                  // Recursive call for this subordinate's subordinates
                  $this->fetchSubordinatesRecursive($directSubordinate, $subs);
             }
-        }//end foreach
+        }//endforeach
     }
 
     /**

From 61d3e2fb493f722384c4b61ff4dc629d00b614c5 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 09:23:58 +0200
Subject: [PATCH 05/16] Fix code style: Add required whitespace in end block
 comments

---
 app/Http/Controllers/ViewAssetsController.php | 6 +++---
 app/Models/User.php                           | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index ee4916f0a7..d73068afe7 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -41,9 +41,9 @@ class ViewAssetsController extends Controller
                     if ($field->display_in_user_view == '1') {
                         $fieldArray[$field->db_column] = $field->name;
                     }
-                }//endforeach
+                }//end foreach
             }
-        }//endforeach
+        }//end foreach
         return array_unique($fieldArray);
     }
 
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }//endif
+                }//end if
             }
 
             // If the user has subordinates and a user_id is provided in the request
diff --git a/app/Models/User.php b/app/Models/User.php
index 825fba640b..affd76a729 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -1000,7 +1000,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
                  // Recursive call for this subordinate's subordinates
                  $this->fetchSubordinatesRecursive($directSubordinate, $subs);
             }
-        }//endforeach
+        }//end foreach
     }
 
     /**

From 7ff82e60433d0306fe2c093a094174eca8ca0430 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 11:07:42 +0200
Subject: [PATCH 06/16] Delete comments

---
 app/Http/Controllers/ViewAssetsController.php | 6 +++---
 app/Models/User.php                           | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index d73068afe7..f27c75a169 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -41,9 +41,9 @@ class ViewAssetsController extends Controller
                     if ($field->display_in_user_view == '1') {
                         $fieldArray[$field->db_column] = $field->name;
                     }
-                }//end foreach
+                }
             }
-        }//end foreach
+        }
         return array_unique($fieldArray);
     }
 
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }//end if
+                }
             }
 
             // If the user has subordinates and a user_id is provided in the request
diff --git a/app/Models/User.php b/app/Models/User.php
index affd76a729..b70fbc1ca8 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -1000,7 +1000,7 @@ class User extends SnipeModel implements AuthenticatableContract, AuthorizableCo
                  // Recursive call for this subordinate's subordinates
                  $this->fetchSubordinatesRecursive($directSubordinate, $subs);
             }
-        }//end foreach
+        }
     }
 
     /**

From 30c090ba2d945485655b1a30728f51779c926834 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 11:45:05 +0200
Subject: [PATCH 07/16] Fix code style: Add descriptive end comment for
 conditional block

---
 app/Http/Controllers/ViewAssetsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index f27c75a169..3fe8de03c8 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }
+                }//end if managedUsers count > 0
             }
 
             // If the user has subordinates and a user_id is provided in the request

From 62e50dbe5297851c93edc1ab00ab857f99f1993b Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 11:56:13 +0200
Subject: [PATCH 08/16] Fix code style: Add semantically correct end comments

---
 app/Http/Controllers/ViewAssetsController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 3fe8de03c8..2e370e1296 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -80,8 +80,8 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }//end if managedUsers count > 0
-            }
+                }//end if
+            }//end if
 
             // If the user has subordinates and a user_id is provided in the request
             if ($subordinates->count() > 1 && $request->filled('user_id')) {

From 7494fa6bc92b81612f75b3decf78957f307d3bf5 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 12:03:42 +0200
Subject: [PATCH 09/16] Fix code style: Remove unnecessary end comment from
 short conditional block

---
 app/Http/Controllers/ViewAssetsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 2e370e1296..2cf2f37751 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -80,7 +80,7 @@ class ViewAssetsController extends Controller
                 } else {
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
-                }//end if
+                }
             }//end if
 
             // If the user has subordinates and a user_id is provided in the request

From 29989ac24e43d2315e68f58b724a78e46a52323a Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 13:50:57 +0200
Subject: [PATCH 10/16] Fix code style: Remove empty line after end comment

---
 app/Http/Controllers/ViewAssetsController.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 2cf2f37751..78b45f26d6 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -82,7 +82,6 @@ class ViewAssetsController extends Controller
                     $subordinates = collect([$authUser]);
                 }
             }//end if
-
             // If the user has subordinates and a user_id is provided in the request
             if ($subordinates->count() > 1 && $request->filled('user_id')) {
                 $requestedUserId = (int) $request->input('user_id');

From 261f84d5f501f486428d307a975ffd9f61607277 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 17:55:46 +0200
Subject: [PATCH 11/16] Fix code style: Remove comment

---
 app/Http/Controllers/ViewAssetsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 78b45f26d6..a654334442 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -81,7 +81,7 @@ class ViewAssetsController extends Controller
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
                 }
-            }//end if
+            }
             // If the user has subordinates and a user_id is provided in the request
             if ($subordinates->count() > 1 && $request->filled('user_id')) {
                 $requestedUserId = (int) $request->input('user_id');

From 8b98ae15f0f82f373d0b2b3e3e0522a832127dbc Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 18:08:34 +0200
Subject: [PATCH 12/16] Fix code style: Add comment

---
 app/Http/Controllers/ViewAssetsController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index a654334442..8ac752e2b0 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -92,7 +92,7 @@ class ViewAssetsController extends Controller
                 }
                 // If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
             }
-        }
+        }//end if
 
         // Load the data for the user to be viewed (either auth user or selected subordinate)
         $userToView = User::with([

From c50c97d149db9b9b4c8f13a5cb150b07673db5e4 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 18:18:07 +0200
Subject: [PATCH 13/16] Fix code style: Change comments

---
 app/Http/Controllers/ViewAssetsController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 8ac752e2b0..0b5ef71d14 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -81,7 +81,7 @@ class ViewAssetsController extends Controller
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
                 }
-            }
+            }//end foreach
             // If the user has subordinates and a user_id is provided in the request
             if ($subordinates->count() > 1 && $request->filled('user_id')) {
                 $requestedUserId = (int) $request->input('user_id');
@@ -92,7 +92,7 @@ class ViewAssetsController extends Controller
                 }
                 // If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
             }
-        }//end if
+        }
 
         // Load the data for the user to be viewed (either auth user or selected subordinate)
         $userToView = User::with([

From ad6fe855a968ad5255c28ee10a8a005b81289c29 Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 18:53:36 +0200
Subject: [PATCH 14/16] Fix code style: Change comments

---
 app/Http/Controllers/ViewAssetsController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 0b5ef71d14..38bf32eee2 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -81,7 +81,7 @@ class ViewAssetsController extends Controller
                     // User has no subordinates, so they only see themselves
                     $subordinates = collect([$authUser]);
                 }
-            }//end foreach
+            }//end if
             // If the user has subordinates and a user_id is provided in the request
             if ($subordinates->count() > 1 && $request->filled('user_id')) {
                 $requestedUserId = (int) $request->input('user_id');
@@ -92,7 +92,7 @@ class ViewAssetsController extends Controller
                 }
                 // If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
             }
-        }
+        }//end if
 
         // Load the data for the user to be viewed (either auth user or selected subordinate)
         $userToView = User::with([

From 16fb1018a248c6e914ed5149924d02b41606a91a Mon Sep 17 00:00:00 2001
From: Lukas Kraic <lukas.kraic@alanata.sk>
Date: Thu, 5 Jun 2025 20:05:38 +0200
Subject: [PATCH 15/16] List users code refactoring

---
 app/Http/Controllers/ViewAssetsController.php | 95 ++++++++++++-------
 1 file changed, 61 insertions(+), 34 deletions(-)

diff --git a/app/Http/Controllers/ViewAssetsController.php b/app/Http/Controllers/ViewAssetsController.php
index 38bf32eee2..c4e72971b4 100755
--- a/app/Http/Controllers/ViewAssetsController.php
+++ b/app/Http/Controllers/ViewAssetsController.php
@@ -47,6 +47,63 @@ class ViewAssetsController extends Controller
         return array_unique($fieldArray);
     }
 
+    /**
+     * Get list of users viewable by the current user.
+     *
+     * @param User $authUser
+     * @return \Illuminate\Support\Collection
+     */
+    private function getViewableUsers(User $authUser): \Illuminate\Support\Collection
+    {
+        // SuperAdmin sees all users
+        if ($authUser->isSuperUser()) {
+            return User::select('id', 'first_name', 'last_name', 'username')
+                ->where('activated', 1)
+                ->orderBy('last_name')
+                ->orderBy('first_name')
+                ->get();
+        }
+
+        // Regular manager sees only their subordinates + self
+        $managedUsers = $authUser->getAllSubordinates();
+        
+        // If user has subordinates, show them with self at beginning
+        if ($managedUsers->count() > 0) {
+            return collect([$authUser])->merge($managedUsers)
+                ->sortBy('last_name')
+                ->sortBy('first_name');
+        }
+        
+        // User has no subordinates, only sees themselves
+        return collect([$authUser]);
+    }
+
+    /**
+     * Get the selected user ID from request or default to current user.
+     *
+     * @param Request $request
+     * @param \Illuminate\Support\Collection $subordinates
+     * @param int $defaultUserId
+     * @return int
+     */
+    private function getSelectedUserId(Request $request, \Illuminate\Support\Collection $subordinates, int $defaultUserId): int
+    {
+        // If no subordinates or no user_id in request, return default
+        if ($subordinates->count() <= 1 || !$request->filled('user_id')) {
+            return $defaultUserId;
+        }
+
+        $requestedUserId = (int) $request->input('user_id');
+        
+        // Validate if the requested user is allowed
+        if ($subordinates->contains('id', $requestedUserId)) {
+            return $requestedUserId;
+        }
+        
+        // If invalid ID or not authorized, return default
+        return $defaultUserId;
+    }
+
     /**
      * Show user's assigned assets with optional manager view functionality.
      *
@@ -58,41 +115,11 @@ class ViewAssetsController extends Controller
         $subordinates = collect();
         $selectedUserId = $authUser->id;
 
-        // Check if manager view is enabled and get subordinates if applicable
+        // Process manager view if enabled
         if ($settings->manager_view_enabled) {
-            // Get all subordinates including self, sorted for the dropdown
-            if ($authUser->isSuperUser()) {
-                // SuperAdmin sees all users
-                $subordinates = User::select('id', 'first_name', 'last_name', 'username')
-                    ->where('activated', 1)
-                    ->orderBy('last_name')
-                    ->orderBy('first_name')
-                    ->get();
-            } else {
-                // Regular manager sees only their subordinates + self (recursive)
-                $managedUsers = $authUser->getAllSubordinates();
-                
-                // Only show dropdown if user actually has subordinates
-                if ($managedUsers->count() > 0) {
-                    $subordinates = collect([$authUser])->merge($managedUsers) // Add self at beginning
-                        ->sortBy('last_name')
-                        ->sortBy('first_name');
-                } else {
-                    // User has no subordinates, so they only see themselves
-                    $subordinates = collect([$authUser]);
-                }
-            }//end if
-            // If the user has subordinates and a user_id is provided in the request
-            if ($subordinates->count() > 1 && $request->filled('user_id')) {
-                $requestedUserId = (int) $request->input('user_id');
-
-                // Validate if the requested user is allowed (self or subordinate)
-                if ($subordinates->contains('id', $requestedUserId)) {
-                    $selectedUserId = $requestedUserId;
-                }
-                // If invalid ID or not authorized, $selectedUserId remains $authUser->id (default)
-            }
-        }//end if
+            $subordinates = $this->getViewableUsers($authUser);
+            $selectedUserId = $this->getSelectedUserId($request, $subordinates, $authUser->id);
+        }
 
         // Load the data for the user to be viewed (either auth user or selected subordinate)
         $userToView = User::with([

From 054a06c5dcd7b7d9335a90267fa45da6690b032e Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 17 Jun 2025 15:39:26 +0100
Subject: [PATCH 16/16] Update resources/lang/en-US/admin/settings/general.php

Co-authored-by: Marcus Moore <contact@marcusmoore.io>
---
 resources/lang/en-US/admin/settings/general.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/resources/lang/en-US/admin/settings/general.php b/resources/lang/en-US/admin/settings/general.php
index fc45c61291..f027e650f4 100644
--- a/resources/lang/en-US/admin/settings/general.php
+++ b/resources/lang/en-US/admin/settings/general.php
@@ -403,7 +403,7 @@ return [
     'text' => 'Text',
     'manager_view' => 'Manager View',
     'manager_view_enabled_text' => 'Enable Manager View',
-    'manager_view_enabled_help' => 'Allow managers to view assets assigned to their direct and indirect reports in their account view.',
+    'manager_view_enabled_help' => 'Allow managers to view assigned items to their direct and indirect reports in their account view.',
 
     'username_formats' => [
         'username_format'		=> 'Username Format',