From d052bc891d7af2dcfbafa0053cb7f501e06cb56c Mon Sep 17 00:00:00 2001 From: Scott Sutherland Date: Fri, 30 Oct 2020 12:25:51 +1300 Subject: [PATCH 1/2] NEW Add functionality to limit MFA to specific user groups If a user has already registered for MFA, enforce use of it even if they are not in an MFA group Co-authored-by: Guy Marriott --- src/Extension/SiteConfigExtension.php | 30 ++++++++++++++- src/Service/EnforcementManager.php | 23 ++++++++++++ tests/Behat/features/mfa-enabled.feature | 2 +- tests/php/Authenticator/LoginHandlerTest.php | 39 ++++++++++++++++++++ tests/php/Authenticator/LoginHandlerTest.yml | 2 + tests/php/Service/EnforcementManagerTest.php | 29 +++++++++++++++ 6 files changed, 123 insertions(+), 2 deletions(-) diff --git a/src/Extension/SiteConfigExtension.php b/src/Extension/SiteConfigExtension.php index 186cd38f..bfa3ff31 100644 --- a/src/Extension/SiteConfigExtension.php +++ b/src/Extension/SiteConfigExtension.php @@ -6,9 +6,11 @@ use SilverStripe\Forms\CompositeField; use SilverStripe\Forms\DateField; use SilverStripe\Forms\FieldList; +use SilverStripe\Forms\ListboxField; use SilverStripe\Forms\OptionsetField; use SilverStripe\ORM\DataExtension; use SilverStripe\ORM\FieldType\DBField; +use SilverStripe\Security\Group; use SilverStripe\View\Requirements; /** @@ -34,6 +36,10 @@ class SiteConfigExtension extends DataExtension 'MFAGracePeriodExpires' => 'Date', ]; + private static $many_many = [ + 'MFAGroupRestrictions' => Group::class + ]; + private static $defaults = [ 'MFARequired' => false, ]; @@ -63,7 +69,29 @@ public function updateCMSFields(FieldList $fields) )); $mfaGraceEnd->addExtraClass('mfa-settings__grace-period'); - $mfaOptions = CompositeField::create($mfaOptions, $mfaGraceEnd) + $groupsMap = []; + foreach (Group::get() as $group) { + // Listboxfield values are escaped, use ASCII char instead of » + $groupsMap[$group->ID] = $group->getBreadcrumbs(' > '); + } + asort($groupsMap); + + $mfaGroupRestrict = ListboxField::create( + "MFAGroupRestrictions", + _t(__CLASS__ . '.MFA_GROUP_RESTRICTIONS', "MFA Groups") + ) + ->setSource($groupsMap) + ->setAttribute( + 'data-placeholder', + _t(__CLASS__ . '.MFA_GROUP_RESTRICTIONS_PLACEHOLDER', 'Click to select group') + ) + ->setDescription(_t( + __CLASS__ . '.MFA_GROUP_RESTRICTIONS_DESCRIPTION', + 'MFA will only be enabled for members of these selected groups. ' . + 'If no groups are selected, MFA will be enabled for all users' + )); + + $mfaOptions = CompositeField::create($mfaOptions, $mfaGraceEnd, $mfaGroupRestrict) ->setTitle(DBField::create_field( 'HTMLFragment', _t(__CLASS__ . '.MULTI_FACTOR_AUTHENTICATION', 'Multi-factor authentication (MFA)') diff --git a/src/Service/EnforcementManager.php b/src/Service/EnforcementManager.php index fb94be29..3b6f6d4a 100644 --- a/src/Service/EnforcementManager.php +++ b/src/Service/EnforcementManager.php @@ -108,6 +108,10 @@ public function shouldRedirectToMFA(Member $member): bool return false; } + if (!$this->isUserInMFAEnabledGroup($member) && !$this->hasCompletedRegistration($member)) { + return false; + } + if ($member->RegisteredMFAMethods()->exists()) { return true; } @@ -266,4 +270,23 @@ protected function isEnabled(): bool return true; } + + protected function isUserInMFAEnabledGroup(Member $member): bool + { + /** @var SiteConfig&SiteConfigExtension $siteConfig */ + $siteConfig = SiteConfig::current_site_config(); + + $groups = $siteConfig->MFAGroupRestrictions(); + + // If no groups are set in the Site Config MFAGroupRestrictions field, MFA is enabled for all users + if ($groups->count() === 0) { + return true; + } + foreach ($groups as $group) { + if ($member->inGroup($group)) { + return true; + } + } + return false; + } } diff --git a/tests/Behat/features/mfa-enabled.feature b/tests/Behat/features/mfa-enabled.feature index 1e18da60..3db7b49d 100644 --- a/tests/Behat/features/mfa-enabled.feature +++ b/tests/Behat/features/mfa-enabled.feature @@ -14,4 +14,4 @@ Feature: MFA is enabled for the site Then I should see "Multi-factor authentication (MFA)" When I select "MFA is required for everyone" from the MFA settings And I press "Save" - Then I should see "Saved" + Then I should see a "Saved" success toast diff --git a/tests/php/Authenticator/LoginHandlerTest.php b/tests/php/Authenticator/LoginHandlerTest.php index 9a851080..8173b492 100644 --- a/tests/php/Authenticator/LoginHandlerTest.php +++ b/tests/php/Authenticator/LoginHandlerTest.php @@ -26,6 +26,7 @@ use SilverStripe\MFA\Tests\Stub\Store\TestStore; use SilverStripe\MFA\Tests\Stub\BasicMath\Method; use SilverStripe\ORM\FieldType\DBDatetime; +use SilverStripe\Security\Group; use SilverStripe\Security\Member; use SilverStripe\Security\Security; use SilverStripe\Security\SecurityToken; @@ -572,6 +573,44 @@ public function testGetBackURL() $this->assertSame('foobar', $handler->getBackURL()); } + + public function testMFAGroupRestriction() + { + $config = SiteConfig::current_site_config(); + + /** @var Group $group */ + $group = $this->objFromFixture(Group::class, 'admingroup'); + $config->MFAGroupRestrictions()->add($group); + + // Test that MFA is required for a member of a group that has been set in SiteConfig + /** @var Member&MemberExtension $member */ + $member = $this->objFromFixture(Member::class, 'guy'); + + $this->autoFollowRedirection = false; + $response = $this->doLogin($member, 'Password123'); + $this->autoFollowRedirection = true; + + $this->assertSame(302, $response->getStatusCode()); + $this->assertStringEndsWith( + Controller::join_links(Security::login_url(), 'default/mfa'), + $response->getHeader('location') + ); + + // Test that MFA is not required for a member that does not belong to any of the selected groups + /** @var Member&MemberExtension $member */ + $member = $this->objFromFixture(Member::class, 'colin'); + + $this->autoFollowRedirection = false; + $response = $this->doLogin($member, 'Password123'); + $this->autoFollowRedirection = true; + + $this->assertSame(302, $response->getStatusCode()); + $this->assertStringEndsWith( + Security::login_url(), + $response->getHeader('location') + ); + } + public function methodlessMemberFixtureProvider() { return [['guy', 'carla']]; diff --git a/tests/php/Authenticator/LoginHandlerTest.yml b/tests/php/Authenticator/LoginHandlerTest.yml index 180bcb3c..c85be77f 100644 --- a/tests/php/Authenticator/LoginHandlerTest.yml +++ b/tests/php/Authenticator/LoginHandlerTest.yml @@ -40,6 +40,8 @@ SilverStripe\Security\Member: Groups: =>SilverStripe\Security\Group.admingroup colin: Email: colin@example.com + Password: Password123 + PasswordExpiry: 2030-01-01 RegisteredMFAMethods: =>SilverStripe\MFA\Model\RegisteredMethod.colin-math DefaultRegisteredMethodID: =>SilverStripe\MFA\Model\RegisteredMethod.colin-math Groups: =>SilverStripe\Security\Group.contentgroup diff --git a/tests/php/Service/EnforcementManagerTest.php b/tests/php/Service/EnforcementManagerTest.php index 56c7f1d0..fa7cd5e7 100644 --- a/tests/php/Service/EnforcementManagerTest.php +++ b/tests/php/Service/EnforcementManagerTest.php @@ -9,6 +9,7 @@ use SilverStripe\MFA\Service\MethodRegistry; use SilverStripe\MFA\Tests\Stub\BasicMath\Method as BasicMathMethod; use SilverStripe\ORM\FieldType\DBDatetime; +use SilverStripe\Security\Group; use SilverStripe\Security\Member; use SilverStripe\SiteConfig\SiteConfig; @@ -253,6 +254,34 @@ public function testUserHasCompletedRegistrationWhenBackupMethodIsDisabled() $this->assertTrue(EnforcementManager::create()->hasCompletedRegistration($member)); } + public function testShouldRedirectToMFAWhenUserIsInMFARestrictedGroup() + { + $this->setSiteConfig(['MFARequired' => true]); + $config = SiteConfig::current_site_config(); + $group = $this->objFromFixture(Group::class, 'admingroup'); + $config->MFAGroupRestrictions()->add($group); + + /** @var Member $member */ + $member = $this->objFromFixture(Member::class, 'sally_smith'); + $this->logInAs($member); + + $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); + } + + public function testShouldNotRedirectToMFAWhenUserIsNotInMFARestrictedGroup() + { + $this->setSiteConfig(['MFARequired' => true]); + $config = SiteConfig::current_site_config(); + $group = $this->objFromFixture(Group::class, 'admingroup'); + $config->MFAGroupRestrictions()->add($group); + + /** @var Member $member */ + $member = $this->objFromFixture(Member::class, 'sully_smith'); + $this->logInAs($member); + + $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member)); + } + /** * Helper method for changing the current SiteConfig values * From 50578bb029c82c9e98c0fb0704889a70acca74ae Mon Sep 17 00:00:00 2001 From: Guy Sartorelli Date: Mon, 2 Oct 2023 13:56:44 +1300 Subject: [PATCH 2/2] ENH Add field for toggling between everyone and groups --- client/dist/js/bundle-cms.js | 2 +- client/src/legacy/SiteConfig.js | 49 +- .../01_Configuring_MFA_site_settings.md | 17 +- .../_images/02-01-1-mfa-settings-ui.png | Bin 59135 -> 69855 bytes .../_images/02-01-2-grace-period.png | Bin 59298 -> 70420 bytes .../_images/02-01-3-only-these-groups.png | Bin 0 -> 36407 bytes src/Extension/SiteConfigExtension.php | 70 +- src/Service/EnforcementManager.php | 33 +- tests/Behat/Context/LoginContext.php | 2 +- tests/Behat/features/mfa-enabled.feature | 40 +- tests/php/Authenticator/LoginHandlerTest.php | 65 +- tests/php/Authenticator/LoginHandlerTest.yml | 9 + tests/php/Service/EnforcementManagerTest.php | 730 +++++++++++++----- tests/php/Service/EnforcementManagerTest.yml | 9 + 14 files changed, 788 insertions(+), 238 deletions(-) create mode 100644 docs/en/userguide/_images/02-01-3-only-these-groups.png diff --git a/client/dist/js/bundle-cms.js b/client/dist/js/bundle-cms.js index 4bbe70bd..a17b24a5 100644 --- a/client/dist/js/bundle-cms.js +++ b/client/dist/js/bundle-cms.js @@ -1 +1 @@ -!function(){var e={189:function(e,t,n){"use strict";var o=i(n(460)),r=i(n(7355)),a=i(n(941));function i(e){return e&&e.__esModule?e:{default:e}}window.document.addEventListener("DOMContentLoaded",(()=>{(0,o.default)(),(0,r.default)(),(0,a.default)()}))},460:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=l(n(6648)),r=l(n(440)),a=l(n(6021)),i=l(n(9521));function l(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{(0,i.default)(),o.default.component.registerMany({MFARegister:r.default,RegisteredMFAMethodListField:a.default})}},7355:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(6648)),r=i(n(6683)),a=i(n(4180));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{(0,a.default)(),o.default.reducer.register("mfaAdministration",r.default)}},941:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=a(n(6648)),r=a(n(3311));function a(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{o.default.transform("apply-sudo-mode-to-mfa",(e=>{e.component("RegisteredMFAMethodListField",r.default)}))}},9521:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(9487)),r=i(n(1284)),a=i(n(6648));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{a.default.component.registerMany({BackupCodeRegister:o.default,BackupCodeVerify:r.default})}},4180:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(6648)),r=i(n(7286)),a=i(n(23));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{o.default.reducer.register("mfaRegister",r.default),o.default.reducer.register("mfaVerify",a.default)}},9487:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=u(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=s(n(7086)),a=s(n(9768)),i=n(4855),l=n(1661);function s(e){return e&&e.__esModule?e:{default:e}}function u(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(u=function(e){return e?n:t})(e)}class c extends o.Component{constructor(e){super(e),this.state={recentlyCopied:!1},this.printRef=null,this.setPrintRef=e=>{this.printRef=e},this.copyMessageTimeout=null,this.handlePrint=this.handlePrint.bind(this),this.handleCopy=this.handleCopy.bind(this)}getFormattedCodes(){const{codes:e}=this.props;return e.map((e=>(0,l.formatCode)(e)))}handlePrint(e){e.preventDefault(),(new a.default).print(this.printRef,['body { font-family: "Helvetica Neue", Helvetica, Arial, sans-serif }'])}handleCopy(e){e.preventDefault();const{copyFeedbackDuration:t}=this.props;this.setState({recentlyCopied:!0}),this.copyMessageTimeout&&clearTimeout(this.copyMessageTimeout),this.copyMessageTimeout=setTimeout((()=>{this.setState({recentlyCopied:!1})}),t)}renderCodes(){return o.default.createElement("pre",{ref:this.setPrintRef,className:"mfa-register-backup-codes__code-grid"},this.getFormattedCodes().map((e=>o.default.createElement("div",{key:e},e))))}renderDescription(){const{ss:{i18n:e}}=window,{method:{supportLink:t,supportText:n}}=this.props;return o.default.createElement("p",null,e._t("MFABackupCodesRegister.DESCRIPTION","Recovery codes enable you to log into your account in the event your primary authentication is not available. Each code can only be used once. Store these codes somewhere safe, as they will not be viewable after leaving this page.")," ",t&&o.default.createElement("a",{href:t,target:"_blank",rel:"noopener noreferrer"},n||e._t("MFARegister.RECOVERY_HELP","Learn more about recovery codes.")))}renderPrintAction(){const{ss:{i18n:e}}=window;return o.default.createElement("button",{type:"button",onClick:this.handlePrint,className:"btn btn-link"},e._t("MFABackupCodesRegister.PRINT","Print codes"))}renderDownloadAction(){const{codes:e,method:t}=this.props,{Blob:n,URL:r,ss:{i18n:a},navigator:i}=window,l=`${t.name}.txt`,s=new n([e.join("\r\n")],{type:"text/plain;charset=UTF-8"}),u=r.createObjectURL(s);return o.default.createElement("a",{download:l,href:u,className:"btn btn-link",onClick:e=>{i.msSaveBlob&&(e.preventDefault(),i.msSaveBlob(s,l))}},a._t("MFABackupCodesRegister.DOWNLOAD","Download"))}renderCopyAction(){const{codes:e}=this.props,{recentlyCopied:t}=this.state,{ss:{i18n:n}}=window,r=t?n._t("MFABackupCodesRegister.COPY_RECENT","Copied!"):n._t("MFABackupCodesRegister.COPY","Copy codes");return o.default.createElement(i.CopyToClipboard,{text:e.join("\n")},o.default.createElement("button",{type:"button",className:"mfa-register-backup-codes__copy-to-clipboard btn btn-link",onClick:this.handleCopy},r))}render(){const{onCompleteRegistration:e}=this.props,{ss:{i18n:t}}=window;return o.default.createElement("div",{className:"mfa-register-backup-codes__container"},this.renderDescription(),this.renderCodes(),o.default.createElement("div",{className:"mfa-register-backup-codes__helper-links"},this.renderPrintAction(),this.renderDownloadAction(),this.renderCopyAction()),o.default.createElement("button",{className:"btn btn-primary",onClick:()=>e()},t._t("MFABackupCodesRegister.FINISH","Finish")))}}c.propTypes={codes:r.default.arrayOf(r.default.string),copyFeedbackDuration:r.default.number},c.defaultProps={copyFeedbackDuration:3e3};t.default=c},1284:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=i(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var l=r?Object.getOwnPropertyDescriptor(e,a):null;l&&(l.get||l.set)?Object.defineProperty(o,a,l):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=(o=n(7820))&&o.__esModule?o:{default:o};function i(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(i=function(e){return e?n:t})(e)}class l extends r.Component{constructor(e){super(e),this.state={value:""},this.codeInput=r.default.createRef(),this.handleChange=this.handleChange.bind(this),this.handleCompleteVerification=this.handleCompleteVerification.bind(this)}componentDidMount(){this.codeInput.current&&this.codeInput.current.focus()}handleChange(e){this.setState({value:e.target.value})}handleCompleteVerification(e){e.preventDefault();const{onCompleteVerification:t}=this.props;t({code:this.state.value})}renderControls(){const{moreOptionsControl:e}=this.props,{ss:{i18n:t}}=window;return r.default.createElement("ul",{className:"mfa-action-list mfa-action-list--backup-codes"},r.default.createElement("li",{className:"mfa-action-list__item"},r.default.createElement("button",{className:"btn btn-primary",disabled:0===this.state.value.length,onClick:this.handleCompleteVerification},t._t("MFABackupCodesVerify.NEXT","Next"))),e&&r.default.createElement("li",{className:"mfa-action-list__item"},e))}renderDescription(){const{ss:{i18n:e}}=window,{method:t}=this.props;return r.default.createElement("p",null,e._t("MFABackupCodesVerify.DESCRIPTION","Use one of the recovery codes you received")," ",t&&t.supportLink&&r.default.createElement("a",{href:t.supportLink,target:"_blank",rel:"noopener noreferrer"},e._t("MFARegister.RECOVERY_HELP","How to use recovery codes.")))}renderInput(){const{error:e}=this.props,{ss:{i18n:t}}=window,n=t._t("MFABackupCodesVerify.LABEL","Enter recovery code"),o=(0,a.default)("mfa-verify-backup-codes__input-container",{"has-error":!!e});return r.default.createElement("div",{className:o},r.default.createElement("label",{htmlFor:"backup-code",className:"control-label"},n),r.default.createElement("input",{className:"mfa-verify-backup-codes__input text form-control",type:"text",placeholder:n,id:"backup-code",ref:this.codeInput,onChange:this.handleChange}),e&&r.default.createElement("div",{className:"help-block"},e))}render(){const{graphic:e,name:t}=this.props;return r.default.createElement("form",{className:"mfa-verify-backup-codes__container"},r.default.createElement("div",{className:"mfa-verify-backup-codes__content"},this.renderDescription(),this.renderInput()),r.default.createElement("div",{className:"mfa-verify-backup-codes__image-holder"},r.default.createElement("img",{className:"mfa-verify-backup-codes__image",src:e,alt:t})),this.renderControls())}}t.default=l},2469:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=h(n(7086)),r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=f(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=h(n(4510)),i=h(n(42)),l=h(n(3141)),s=h(n(5292)),u=h(n(1820)),c=h(n(3947)),d=(h(n(5666)),h(n(7462)));function f(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(f=function(e){return e?n:t})(e)}function h(e){return e&&e.__esModule?e:{default:e}}class p extends r.Component{constructor(e){super(e),this.state={complete:!1,failed:!1,submitting:!1},this.handleSendReset=this.handleSendReset.bind(this)}async handleSendReset(){const{ss:{i18n:e}}=window,t=e._t("MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION"]),n=e._t("MultiFactorAuthentication.CONFIRMATION_TITLE",d.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=e._t("MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION_BUTTON",d.default["MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION_BUTTON"]);if(!await(0,l.default)({title:n,message:t,confirmText:o}))return;this.setState({submitting:!0});const r=JSON.stringify({csrf_token:a.default.get("SecurityID")});(0,i.default)(this.props.resetEndpoint,"POST",r).then((e=>e.json())).then((e=>{const t=!!e.error;this.setState({complete:!0,failed:t,submitting:!1})})).catch((()=>{this.setState({complete:!0,failed:!0,submitting:!1})}))}renderAction(){const{ss:{i18n:e}}=window,{resetEndpoint:t}=this.props,{complete:n,submitting:o}=this.state;return n||o?null:r.default.createElement("p",{className:"account-reset-action"},r.default.createElement("button",{className:"btn btn-outline-secondary",disabled:!t,onClick:this.handleSendReset,type:"button"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_ACTION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_ACTION"])))}renderSending(){const{ss:{i18n:e}}=window,{LoadingIndicatorComponent:t}=this.props;return r.default.createElement("p",{className:"account-reset-action account-reset-action--sending"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(t,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING"])))}renderFailure(){const{ss:{i18n:e}}=window;return r.default.createElement("p",{className:"account-reset-action account-reset-action--failure"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(u.default,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING_FAILURE"])))}renderSuccess(){const{ss:{i18n:e}}=window;return r.default.createElement("p",{className:"account-reset-action account-reset-action--success"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(c.default,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING_SUCCESS",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING_SUCCESS"])))}renderStatusMessage(){const{complete:e,failed:t,submitting:n}=this.state;return n?this.renderSending():e?t?this.renderFailure():this.renderSuccess():null}render(){const{ss:{i18n:e}}=window;return r.default.createElement("div",{className:"account-reset"},r.default.createElement("h5",{className:"account-reset__title"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_TITLE",d.default["MultiFactorAuthentication.ACCOUNT_RESET_TITLE"])),r.default.createElement("p",{className:"account-reset__description"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_DESCRIPTION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_DESCRIPTION"])),this.renderAction(),this.renderStatusMessage())}}p.propTypes={resetEndpoint:o.default.string,LoadingIndicatorComponent:o.default.oneOfType([o.default.object,o.default.func])},p.defaultProps={LoadingIndicatorComponent:s.default};t.default=p},1509:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=p(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=h(n(3141)),a=h(n(7086)),i=h(n(7820)),l=h(n(8488)),s=h(n(5695)),u=h(n(2468)),c=h(n(9831)),d=h(n(8628)),f=h(n(7462));function h(e){return e&&e.__esModule?e:{default:e}}function p(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(p=function(e){return e?n:t})(e)}class m extends o.PureComponent{getStatusMessage(){const{isBackupMethod:e,isDefaultMethod:t}=this.props,{ss:{i18n:n}}=window;return t?n._t("MultiFactorAuthentication.DEFAULT_REGISTERED",f.default["MultiFactorAuthentication.DEFAULT_REGISTERED"]):e?n._t("MultiFactorAuthentication.BACKUP_REGISTERED",f.default["MultiFactorAuthentication.BACKUP_REGISTERED"]):n._t("MultiFactorAuthentication.REGISTERED",f.default["MultiFactorAuthentication.REGISTERED"])}renderRemove(){const{canRemove:e,method:t,RemoveComponent:n}=this.props;return e?o.default.createElement(n,{method:t}):null}renderReset(){const{canReset:e,isBackupMethod:t,method:n}=this.props;if(!e)return null;const a={method:n};if(t){const{ss:{i18n:e}}=window,t=e._t("MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION",f.default["MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION"]),n=e._t("MultiFactorAuthentication.CONFIRMATION_TITLE",f.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=e._t("MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION_BUTTON",f.default["MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION_BUTTON"]);a.onReset=async e=>{await(0,r.default)({title:n,message:t,confirmText:o})&&e()}}return o.default.createElement(c.default,a)}renderSetAsDefault(){const{isDefaultMethod:e,isBackupMethod:t,method:n,SetDefaultComponent:r}=this.props;return e||t?null:o.default.createElement(r,{method:n})}renderControls(){const{canRemove:e,canReset:t}=this.props;return e||t?o.default.createElement("div",null,this.renderRemove(),this.renderReset(),this.renderSetAsDefault()):null}renderNameAndStatus(){const{method:e,createdDate:t}=this.props,{ss:{i18n:n}}=window,o=this.getStatusMessage();return l.default.locale(n.detectLocale()),n.inject(o,{method:e.name,date:(0,l.default)(t).format("L")})}render(){const{tag:e,className:t}=this.props,n=(0,i.default)(t,"registered-method-list-item");return o.default.createElement(e,{className:n},this.renderNameAndStatus(),this.renderControls())}}m.propTypes={method:s.default.isRequired,isDefaultMethod:a.default.bool,isBackupMethod:a.default.bool,canRemove:a.default.bool,canReset:a.default.bool,onRemove:a.default.func,onReset:a.default.func,createdDate:a.default.string,className:a.default.string,tag:a.default.string,RemoveComponent:a.default.oneOfType([a.default.object,a.default.func]),SetDefaultComponent:a.default.oneOfType([a.default.object,a.default.func])},m.defaultProps={isDefaultMethod:!1,isBackupMethod:!1,canRemove:!1,canReset:!1,tag:"li",RemoveComponent:u.default,SetDefaultComponent:d.default};t.default=m},2468:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=h(n(7363)),r=h(n(7086)),a=n(1624),i=h(n(3141)),l=h(n(4510)),s=h(n(42)),u=n(8631),c=n(9861),d=h(n(5695)),f=h(n(7462));function h(e){return e&&e.__esModule?e:{default:e}}const p=(e,t)=>{let{method:n,onRemove:r,defaultMethod:a,registeredMethods:u,onDeregisterMethod:c,onAddAvailableMethod:d,onSetDefaultMethod:h}=e,{backupMethod:p,endpoints:{remove:m}}=t;const{ss:{i18n:E}}=window,M=async()=>{const e=E._t("MultiFactorAuthentication.DELETE_CONFIRMATION",f.default["MultiFactorAuthentication.DELETE_CONFIRMATION"]),t=E._t("MultiFactorAuthentication.CONFIRMATION_TITLE",f.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=E._t("MultiFactorAuthentication.DELETE_CONFIRMATION_BUTTON",f.default["MultiFactorAuthentication.DELETE_CONFIRMATION_BUTTON"]);if(!await(0,i.default)({title:t,message:e,confirmText:o}))return;const r=l.default.get("SecurityID"),M=`${m.replace("{urlSegment}",n.urlSegment)}?SecurityID=${r}`;(0,s.default)(M,"DELETE").then((e=>e.json().then((t=>{if(200===e.status)return c(n),d(t.availableMethod),n.urlSegment===a&&h(null),void(!t.hasBackupMethod&&p&&u.find((e=>e.urlSegment===p.urlSegment))&&c(p));const o=t.errors&&` Errors: \n - ${t.errors.join("\n -")}`||"";throw Error(`Could not delete method. Error code ${e.status}.${o}`)}))))};return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:r?r(M):M},E._t("MultiFactorAuthentication.REMOVE_METHOD",f.default["MultiFactorAuthentication.REMOVE_METHOD"]))};p.propTypes={method:d.default.isRequired,onRemove:r.default.func,defaultMethod:r.default.string.isRequired,registeredMethods:r.default.arrayOf(d.default).isRequired,onDeregisterMethod:r.default.func.isRequired,onAddAvailableMethod:r.default.func.isRequired,onSetDefaultMethod:r.default.func.isRequired},p.contextTypes={backupMethod:d.default,endpoints:r.default.shape({register:r.default.string,remove:r.default.string})};t.default=(0,a.connect)((e=>{let{mfaAdministration:{defaultMethod:t,registeredMethods:n}}=e;return{defaultMethod:t,registeredMethods:n}}),(e=>({onDeregisterMethod:t=>{e((0,c.deregisterMethod)(t))},onAddAvailableMethod:t=>{e((0,u.addAvailableMethod)(t))},onSetDefaultMethod:t=>e((0,c.setDefaultMethod)(t))})))(p)},9831:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=h(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=f(n(7086)),a=n(1624),i=n(440),l=n(8631),s=f(n(5695)),u=f(n(2949)),c=f(n(7442)),d=f(n(7462));function f(e){return e&&e.__esModule?e:{default:e}}function h(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(h=function(e){return e?n:t})(e)}class p extends o.Component{constructor(e){super(e),this.state={modalOpen:!1},this.handleReset=this.handleReset.bind(this),this.handleToggleModal=this.handleToggleModal.bind(this)}handleToggleModal(){this.setState((e=>({modalOpen:!e.modalOpen})))}handleReset(){const{onResetMethod:e,method:t}=this.props,{allAvailableMethods:n}=this.context,o=n.find((e=>e.urlSegment===t.urlSegment));if(!o)throw Error(`Cannot register the method given: ${t.name} (${t.urlSegment}).`);e(o),this.handleToggleModal()}render(){const{onReset:e}=this.props,{backupMethod:t,endpoints:n,resources:r}=this.context,a=e?()=>e(this.handleReset):this.handleReset;return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:a},window.ss.i18n._t("MultiFactorAuthentication.RESET_METHOD",d.default["MultiFactorAuthentication.RESET_METHOD"]),o.default.createElement(c.default,{backupMethod:t,isOpen:this.state.modalOpen,toggle:this.handleToggleModal,resources:r,endpoints:n,disallowedScreens:[i.SCREEN_CHOOSE_METHOD,i.SCREEN_INTRODUCTION]}))}}p.propTypes={method:s.default.isRequired,onReset:r.default.func},p.contextTypes={allAvailableMethods:r.default.arrayOf(u.default),backupMethod:s.default,endpoints:r.default.shape({register:r.default.string}),resources:r.default.object};t.default=(0,a.connect)(null,(e=>({onResetMethod:t=>{e((0,l.chooseMethod)(t)),e((0,l.showScreen)(i.SCREEN_REGISTER_METHOD))}})))(p)},8628:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=f(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=d(n(7086)),a=d(n(5695)),i=d(n(4510)),l=n(1624),s=d(n(42)),u=n(9861),c=d(n(7462));function d(e){return e&&e.__esModule?e:{default:e}}function f(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(f=function(e){return e?n:t})(e)}class h extends o.Component{constructor(e){super(e),this.handleSetDefault=this.handleSetDefault.bind(this)}handleSetDefault(){const{method:e,onSetDefaultMethod:t}=this.props,{endpoints:{setDefault:n}}=this.context,o=i.default.get("SecurityID"),r=`${n.replace("{urlSegment}",e.urlSegment)}?SecurityID=${o}`;(0,s.default)(r,"PUT").then((n=>n.json().then((o=>{if(200===n.status)return void t(e.urlSegment);const r=o.errors&&` Errors: \n - ${o.errors.join("\n -")}`||"";throw Error(`Could not set default method. Error code ${n.status}.${r}`)}))))}render(){const{ss:{i18n:e}}=window;return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:this.handleSetDefault},e._t("MultiFactorAuthentication.SET_AS_DEFAULT",c.default["MultiFactorAuthentication.SET_AS_DEFAULT"]))}}t.Component=h,h.propTypes={method:a.default.isRequired},h.contextTypes={endpoints:r.default.shape({setDefault:r.default.string})};t.default=(0,l.connect)(null,(e=>({onSetDefaultMethod:t=>e((0,u.setDefaultMethod)(t))})))(h)},6021:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=_(n(7086)),r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=M(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=n(8127),i=n(1624),l=_(n(7820)),s=_(n(5695)),u=_(n(2949)),c=n(8631),d=n(9861),f=n(440),h=_(n(1509)),p=_(n(2469)),m=_(n(7442)),E=_(n(7462));function M(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(M=function(e){return e?n:t})(e)}function _(e){return e&&e.__esModule?e:{default:e}}class g extends r.Component{constructor(e){super(e),this.state={modalOpen:!1},this.handleToggleModal=this.handleToggleModal.bind(this)}getChildContext(){const{allAvailableMethods:e,backupMethod:t,endpoints:n,resources:o}=this.props;return{allAvailableMethods:e,backupMethod:t,endpoints:n,resources:o}}componentDidMount(){const{onSetDefaultMethod:e,initialDefaultMethod:t,onSetRegisteredMethods:n,initialRegisteredMethods:o,onUpdateAvailableMethods:r,initialAvailableMethods:a}=this.props;n(o),r(a),e(t)}getBaseMethods(){const{backupMethod:e}=this.props;let{registeredMethods:t}=this.props;return t?(e&&(t=t.filter((t=>t.urlSegment!==e.urlSegment))),t):[]}handleToggleModal(){this.setState((e=>({modalOpen:!e.modalOpen})))}renderNoMethodsMessage(){if(this.getBaseMethods().length)return null;const{readOnly:e}=this.props,{ss:{i18n:t}}=window,n=e?"MultiFactorAuthentication.NO_METHODS_REGISTERED_READONLY":"MultiFactorAuthentication.NO_METHODS_REGISTERED";return r.default.createElement("div",{className:"registered-mfa-method-list-field__no-methods"},t._t(n,E.default[n]))}renderBackupMethod(){const{backupMethod:e,backupCreatedDate:t,registeredMethods:n,readOnly:o,MethodListItemComponent:a}=this.props;if(!e)return null;const i=n.find((t=>t.urlSegment===e.urlSegment));return i?r.default.createElement(a,{method:i,createdDate:t,canReset:!o,isBackupMethod:!0,tag:"div",className:"registered-method-list-item--backup"}):null}renderBaseMethods(){const{isMFARequired:e}=this.props,t=this.getBaseMethods();if(!t.length)return[];const{defaultMethod:n,readOnly:o,MethodListItemComponent:a}=this.props;return t.map((i=>{const l={method:i,key:i.urlSegment,isDefaultMethod:n&&i.urlSegment===n,canRemove:!(o||e&&1===t.length),canReset:!o};return r.default.createElement(a,l)}))}renderModal(){const{backupMethod:e,endpoints:t,resources:n,RegisterModalComponent:o}=this.props;return r.default.createElement(o,{backupMethod:e,isOpen:this.state.modalOpen,toggle:this.handleToggleModal,resources:n,endpoints:t,disallowedScreens:[f.SCREEN_INTRODUCTION]})}renderAddButton(){const{availableMethods:e,registeredMethods:t,readOnly:n,onResetRegister:o}=this.props;if(n||!e||0===e.length)return null;const{ss:{i18n:i}}=window,l=t.length?i._t("MultiFactorAuthentication.ADD_ANOTHER_METHOD",E.default["MultiFactorAuthentication.ADD_ANOTHER_METHOD"]):i._t("MultiFactorAuthentication.ADD_FIRST_METHOD",E.default["MultiFactorAuthentication.ADD_FIRST_METHOD"]);return r.default.createElement(a.Button,{className:"registered-mfa-method-list-field__button",outline:!0,type:"button",onClick:()=>{this.handleToggleModal(),o()}},l)}render(){const{readOnly:e,resetEndpoint:t}=this.props,n=(0,l.default)({"registered-mfa-method-list-field":!0,"registered-mfa-method-list-field--read-only":e});return r.default.createElement("div",{className:n},r.default.createElement("ul",{className:"method-list"},this.renderBaseMethods()),this.renderNoMethodsMessage(),this.renderAddButton(),this.renderBackupMethod(),e&&r.default.createElement("hr",null),e&&r.default.createElement(p.default,{resetEndpoint:t}),this.renderModal())}}t.Component=g,g.propTypes={backupMethod:s.default,defaultMethod:o.default.string,readOnly:o.default.bool,isMFARequired:o.default.bool,initialDefaultMethod:o.default.string,initialRegisteredMethods:o.default.arrayOf(s.default),initialAvailableMethods:o.default.arrayOf(u.default),allAvailableMethods:o.default.arrayOf(u.default),resetEndpoint:o.default.string,endpoints:o.default.shape({register:o.default.string,remove:o.default.string}),resources:o.default.object,availableMethods:o.default.arrayOf(u.default),registeredMethods:o.default.arrayOf(s.default),registrationScreen:o.default.number,MethodListItemComponent:o.default.oneOfType([o.default.object,o.default.func]),RegisterModalComponent:o.default.oneOfType([o.default.object,o.default.func])},g.defaultProps={initialAvailableMethods:[],MethodListItemComponent:h.default,RegisterModalComponent:m.default},g.childContextTypes={allAvailableMethods:o.default.arrayOf(u.default),backupMethod:s.default,endpoints:o.default.shape({register:o.default.string,remove:o.default.string,setDefault:o.default.string}),resources:o.default.object};t.default=(0,i.connect)((e=>{const{availableMethods:t,screen:n}=e.mfaRegister,{defaultMethod:o,registeredMethods:r}=e.mfaAdministration;return{availableMethods:t,defaultMethod:o,registeredMethods:r||[],registrationScreen:n}}),(e=>({onResetRegister:()=>{e((0,c.chooseMethod)(null)),e((0,c.showScreen)(f.SCREEN_CHOOSE_METHOD))},onUpdateAvailableMethods:t=>{e((0,c.setAvailableMethods)(t))},onSetDefaultMethod:t=>{e((0,d.setDefaultMethod)(t))},onSetRegisteredMethods:t=>{e((0,d.setRegisteredMethods)(t))}})))(g)},1820:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7363))&&o.__esModule?o:{default:o};t.default=e=>{let{color:t="currentColor",size:n="3em"}=e;return r.default.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",viewBox:"0 0 512 512",height:n,width:n},r.default.createElement("g",{fill:t},r.default.createElement("path",{d:"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8zM124 296c-6.6 0-12-5.4-12-12v-56c0-6.6 5.4-12 12-12h264c6.6 0 12 5.4 12 12v56c0 6.6-5.4 12-12 12H124z"})))}},3947:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7363))&&o.__esModule?o:{default:o};t.default=e=>{let{color:t="currentColor",size:n="3em"}=e;return r.default.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",viewBox:"0 0 512 512",height:n,width:n},r.default.createElement("g",{fill:t},r.default.createElement("path",{d:"M504 256c0 136.967-111.033 248-248 248S8 392.967 8 256 119.033 8 256 8s248 111.033 248 248zM227.314 387.314l184-184c6.248-6.248 6.248-16.379 0-22.627l-22.627-22.627c-6.248-6.249-16.379-6.249-22.628 0L216 308.118l-70.059-70.059c-6.248-6.248-16.379-6.248-22.628 0l-22.627 22.627c-6.248 6.248-6.248 16.379 0 22.627l104 104c6.249 6.249 16.379 6.249 22.628.001z"})))}},5292:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=a(n(7363)),r=a(n(7820));function a(e){return e&&e.__esModule?e:{default:e}}t.default=e=>{let{block:t=!1,size:n="6em"}=e;return o.default.createElement("div",{style:{height:n,width:n},className:(0,r.default)({"mfa-loading-indicator":!0,"mfa-loading-indicator--block":t})})}},440:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.SCREEN_REGISTER_METHOD=t.SCREEN_INTRODUCTION=t.SCREEN_COMPLETE=t.SCREEN_CHOOSE_METHOD=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=M(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=E(n(7086)),a=E(n(42)),i=n(6648),l=E(n(2949)),s=E(n(5695)),u=E(n(5292)),c=E(n(6910)),d=E(n(3954)),f=E(n(1824)),h=n(1624),p=n(8631),m=E(n(1196));function E(e){return e&&e.__esModule?e:{default:e}}function M(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(M=function(e){return e?n:t})(e)}function _(){return _=Object.assign?Object.assign.bind():function(e){for(var t=1;te.json().then((e=>{const{SecurityID:t,...n}=e;this.setState({registerProps:n,token:t})}))))}handleBack(){const{availableMethods:e,onShowIntroduction:t,onShowChooseMethod:n}=this.props;return 1===e.length&&t?t():(this.setState({registerProps:null}),n())}handleCompleteRegistration(e){const{endpoints:{register:t},selectedMethod:n,onRemoveAvailableMethod:o,onRegister:r}=this.props,{token:i}=this.state,l=i?`?SecurityID=${i}`:"";(0,a.default)(`${t.replace("{urlSegment}",n.urlSegment)}${l}`,"POST",JSON.stringify(e)).then((e=>201===e.status?(this.setState({registerProps:null}),"function"==typeof r&&r(n),o(n),this.setupBackupMethod(),null):e.json())).then((e=>{if(e&&e.errors){const t=e.errors.join(", ");this.setState((e=>({registerProps:{...e.registerProps,error:t}})))}}))}shouldSetupBackupMethod(){const{backupMethod:e,registeredMethods:t}=this.props;return!!e&&!t.find((t=>t.urlSegment===e.urlSegment))}handleSkip(){const{skip:e}=this.props.endpoints;e&&(window.location=this.props.endpoints.skip)}renderIntroduction(){const{canSkip:e,resources:t,endpoints:{skip:n},showSubTitle:r,IntroductionComponent:a}=this.props;return o.default.createElement(a,{canSkip:n&&e,onSkip:this.handleSkip,resources:t,showTitle:r})}renderMethod(){const{selectedMethod:e,showSubTitle:t,TitleComponent:n}=this.props,{registerProps:r}=this.state;if(!e)return null;if(!r)return o.default.createElement(u.default,{block:!0});const a=(0,i.loadComponent)(e.component);return o.default.createElement("div",null,t&&o.default.createElement(n,null),o.default.createElement(a,_({},r,{method:e,onBack:this.handleBack,onCompleteRegistration:this.handleCompleteRegistration})))}renderOptions(){const{availableMethods:e,showSubTitle:t,SelectMethodComponent:n}=this.props;return o.default.createElement(n,{methods:e,showTitle:t})}render(){const{screen:e,onCompleteRegistration:t,showTitle:n,showSubTitle:r,completeMessage:a,CompleteComponent:i}=this.props,{ss:{i18n:l}}=window;if(e===v)return o.default.createElement(i,{showTitle:r,onComplete:t,message:a});let s;switch(e){case b:s=this.renderOptions();break;case y:s=this.renderMethod();break;default:s=this.renderIntroduction()}return o.default.createElement("div",null,n&&o.default.createElement("h1",{className:"mfa-app-title"},l._t("MFARegister.TITLE","Multi-factor authentication")),s)}}t.Component=O,O.propTypes={availableMethods:r.default.arrayOf(l.default),backupMethod:l.default,canSkip:r.default.bool,endpoints:r.default.shape({register:r.default.string.isRequired,skip:r.default.string}),onRegister:r.default.func,onCompleteRegistration:r.default.func.isRequired,registeredMethods:r.default.arrayOf(s.default),resources:r.default.object,showTitle:r.default.bool,showSubTitle:r.default.bool,IntroductionComponent:r.default.oneOfType([r.default.object,r.default.func]),SelectMethodComponent:r.default.oneOfType([r.default.object,r.default.func]),CompleteComponent:r.default.oneOfType([r.default.object,r.default.func]),TitleComponent:r.default.oneOfType([r.default.object,r.default.func])},O.defaultProps={resources:{},showTitle:!0,showSubTitle:!0,showIntroduction:!0,IntroductionComponent:c.default,SelectMethodComponent:f.default,CompleteComponent:d.default,TitleComponent:m.default};t.default=(0,h.connect)((e=>{const t=e.mfaRegister||e;return{screen:t.screen,selectedMethod:t.method,availableMethods:t.availableMethods}}),(e=>({onShowIntroduction:()=>e((0,p.showScreen)(g)),onShowComplete:()=>e((0,p.showScreen)(v)),onSelectMethod:t=>e((0,p.chooseMethod)(t)),onShowChooseMethod:()=>{e((0,p.chooseMethod)(null)),e((0,p.showScreen)(b))},onRemoveAvailableMethod:t=>e((0,p.removeAvailableMethod)(t))})))(O)},3954:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(7363)),r=i(n(7086)),a=i(n(1196));function i(e){return e&&e.__esModule?e:{default:e}}const l=e=>{let{onComplete:t,showTitle:n,message:r}=e;return o.default.createElement("div",{className:"mfa-register-confirmation"},o.default.createElement("i",{className:"font-icon-check-mark mfa-register-confirmation__icon"}),n&&o.default.createElement(a.default,{className:"mfa-register-confirmation__title"}),o.default.createElement("p",{className:"mfa-register-confirmation__description"},r||window.ss.i18n._t("MFARegister.SETUP_COMPLETE_DESCRIPTION","You will be able to edit these settings later from your profile area.")),o.default.createElement("button",{onClick:t,className:"mfa-register-confirmation__continue btn btn-primary"},window.ss.i18n._t("MFARegister.SETUP_COMPLETE_CONTINUE","Continue")))};l.propTypes={onComplete:r.default.func.isRequired,showTitle:r.default.bool},l.defaultProps={showTitle:!0};t.default=l},6910:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=t.ActionList=void 0;var o=c(n(7363)),r=c(n(7086)),a=n(8631),i=n(1624),l=n(440),s=c(n(1196)),u=c(n(7462));function c(e){return e&&e.__esModule?e:{default:e}}const d=e=>{let{canSkip:t,onContinue:n,onSkip:r}=e;const{ss:{i18n:a}}=window;return o.default.createElement("ul",{className:"mfa-action-list"},o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-primary",onClick:n},a._t("MultiFactorAuthentication.GET_STARTED",u.default["MultiFactorAuthentication.GET_STARTED"]))),t&&o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-secondary",onClick:r},a._t("MultiFactorAuthentication.SETUP_LATER",u.default["MultiFactorAuthentication.SETUP_LATER"]))))};t.ActionList=d;const f=e=>{let{canSkip:t,onContinue:n,onSkip:r,resources:a,showTitle:i,TitleComponent:l}=e;const{ss:{i18n:s}}=window;return o.default.createElement("div",null,i&&o.default.createElement(l,null),o.default.createElement("h4",{className:"mfa-feature-list-title"},s._t("MultiFactorAuthentication.HOW_IT_WORKS",u.default["MultiFactorAuthentication.HOW_IT_WORKS"])),o.default.createElement("ul",{className:"mfa-feature-list"},o.default.createElement("li",{className:"mfa-feature-list-item"},a.extra_factor_image_url&&o.default.createElement("img",{alt:s._t("MultiFactorAuthentication.EXTRA_LAYER_IMAGE_ALT",u.default["MultiFactorAuthentication.EXTRA_LAYER_IMAGE_ALT"]),"aria-hidden":"true",className:"mfa-feature-list-item__icon",src:a.extra_factor_image_url}),o.default.createElement("div",{className:"mfa-feature-list-item__content"},o.default.createElement("h5",{className:"mfa-block-heading mfa-feature-list-item__title"},s._t("MultiFactorAuthentication.EXTRA_LAYER_TITLE",u.default["MultiFactorAuthentication.EXTRA_LAYER_TITLE"])),o.default.createElement("p",{className:"mfa-feature-list-item__description"},s._t("MultiFactorAuthentication.EXTRA_LAYER_DESCRIPTION",u.default["MultiFactorAuthentication.EXTRA_LAYER_DESCRIPTION"])," ",a.user_help_link&&o.default.createElement("a",{href:a.user_help_link},s._t("MultiFactorAuthentication.HOW_MFA_WORKS",u.default["MultiFactorAuthentication.HOW_MFA_WORKS"]))))),o.default.createElement("li",{className:"mfa-feature-list-item"},a.unique_image_url&&o.default.createElement("img",{alt:s._t("MultiFactorAuthentication.UNIQUE_IMAGE_ALT",u.default["MultiFactorAuthentication.UNIQUE_IMAGE_ALT"]),"aria-hidden":"true",className:"mfa-feature-list-item__icon",src:a.unique_image_url}),o.default.createElement("div",{className:"mfa-feature-list-item__content"},o.default.createElement("h5",{className:"mfa-block-heading mfa-feature-list-item__title"},s._t("MultiFactorAuthentication.UNIQUE_TITLE",u.default["MultiFactorAuthentication.UNIQUE_TITLE"])),o.default.createElement("p",{className:"mfa-feature-list-item__description"},s._t("MultiFactorAuthentication.UNIQUE_DESCRIPTION",u.default["MultiFactorAuthentication.UNIQUE_DESCRIPTION"]))))),o.default.createElement(d,{canSkip:t,onContinue:n,onSkip:r}))};t.Component=f,f.propTypes={canSkip:r.default.bool,onContinue:r.default.func.isRequired,onSkip:r.default.func,resources:r.default.shape({user_help_link:r.default.string,extra_factor_image_url:r.default.string,unique_image_url:r.default.string}).isRequired,showTitle:r.default.bool,TitleComponent:r.default.oneOfType([r.default.object,r.default.func])},f.defaultProps={showTitle:!0,TitleComponent:s.default};t.default=(0,i.connect)(null,(e=>({onContinue:()=>{e((0,a.chooseMethod)(null)),e((0,a.showScreen)(l.SCREEN_REGISTER_METHOD))}})))(f)},3324:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=u(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=s(n(7086)),a=s(n(7820)),i=s(n(2949)),l=s(n(639));function s(e){return e&&e.__esModule?e:{default:e}}function u(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(u=function(e){return e?n:t})(e)}class c extends o.Component{constructor(e){super(e),this.handleClick=this.handleClick.bind(this),this.handleKeyUp=this.handleKeyUp.bind(this)}handleClick(e){const{method:{isAvailable:t},onClick:n}=this.props;t&&n&&n(e)}handleKeyUp(e){13===e.keyCode&&this.handleClick(e)}renderSupportLink(e){const{ss:{i18n:t}}=window,{supportLink:n,supportText:r}=e;return n?o.default.createElement("a",{href:n,target:"_blank",rel:"noopener noreferrer",className:"mfa-method-tile__support-link"},r||t._t("MFARegister.HELP","Find out more.")):null}renderUnavailableMask(){const{ss:{i18n:e}}=window,{isAvailable:t,getUnavailableMessage:n}=this.props;if(t())return null;const r=n();return o.default.createElement("div",{className:"mfa-method-tile__unavailable-mask"},o.default.createElement("h3",{className:"mfa-method-tile__unavailable-title"},e._t("MFAMethodTile.UNAVAILABLE","Unsupported: ")),r&&o.default.createElement("p",{className:"mfa-method-tile__unavailable-text"},r))}render(){const{isActive:e,method:t}=this.props,{ss:{i18n:n}}=window,r=(0,a.default)("mfa-method-tile",{"mfa-method-tile--active":e,"mfa-method-tile--unsupported":!t.isAvailable}),i=(0,a.default)("mfa-method-tile__thumbnail-container",{"mfa-method-tile__thumbnail-container--unsupported":!t.isAvailable}),l=n.inject(n._t("MFARegister.REGISTER_WITH","Register with {method}"),{method:t.name.toLowerCase()});return o.default.createElement("li",{className:r},o.default.createElement("div",{className:"mfa-method-tile__content",onClick:this.handleClick,onKeyUp:this.handleKeyUp,tabIndex:"0",role:"button"},t.thumbnail&&o.default.createElement("div",{className:i},o.default.createElement("img",{src:t.thumbnail,className:"mfa-method-tile__thumbnail",alt:t.name})),o.default.createElement("h3",{className:"mfa-method-tile__title"},l),o.default.createElement("p",{className:"mfa-method-tile__description"},t.description&&`${t.description}. `,this.renderSupportLink(t))),this.renderUnavailableMask())}}t.Component=c,c.propTypes={getUnavailableMessage:r.default.func.isRequired,isActive:r.default.bool,isAvailable:r.default.func.isRequired,method:i.default.isRequired,onClick:r.default.func.isRequired},c.defaultProps={isActive:!1};t.default=(0,l.default)(c)},1824:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=m(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=p(n(7086)),a=p(n(2949)),i=p(n(7820)),l=n(8631),s=n(2827),u=n(1624),c=p(n(639)),d=n(440),f=p(n(3324)),h=p(n(1196));function p(e){return e&&e.__esModule?e:{default:e}}function m(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(m=function(e){return e?n:t})(e)}class E extends o.Component{constructor(e){super(e);let t=null;1===e.methods.length&&e.isAvailable&&e.isAvailable(e.methods[0])&&(t=e.methods[0]),this.state={highlightedMethod:t},this.handleGoToNext=this.handleGoToNext.bind(this),this.handleBack=this.handleBack.bind(this)}componentDidMount(){const{highlightedMethod:e}=this.state;e&&this.handleGoToNext()}handleGoToNext(){const{highlightedMethod:e}=this.state;this.props.onSelectMethod(e)}handleClick(e){this.setState({highlightedMethod:e})}handleBack(){this.props.onClickBack&&this.props.onClickBack()}renderActions(){const{ss:{i18n:e}}=window,{highlightedMethod:t}=this.state;return o.default.createElement("ul",{className:"mfa-action-list"},o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-primary",disabled:null===t,onClick:this.handleGoToNext},e._t("MFARegister.NEXT","Next"))),o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-secondary",onClick:this.handleBack},e._t("MFARegister.BACK","Back"))))}render(){const{methods:e,showTitle:t,TitleComponent:n,MethodTileComponent:r}=this.props,{highlightedMethod:a}=this.state,l=(0,i.default)("mfa-method-tile-group",{"mfa-method-tile-group--three-columns":e.length%3==0});return o.default.createElement("div",null,t&&o.default.createElement(n,null),o.default.createElement("ul",{className:l},e.map((e=>o.default.createElement(r,{isActive:a===e,key:e.urlSegment,method:e,onClick:()=>this.handleClick(e)})))),this.renderActions())}}t.Component=E,E.propTypes={methods:r.default.arrayOf(a.default),onSelectMethod:r.default.func,onClickBack:r.default.func,showTitle:r.default.bool,TitleComponent:r.default.oneOfType([r.default.object,r.default.func]),MethodTileComponent:r.default.oneOfType([r.default.object,r.default.func])},E.defaultProps={showTitle:!0,TitleComponent:h.default,MethodTileComponent:f.default};t.default=(0,s.compose)((0,u.connect)(null,(e=>({onClickBack:()=>e((0,l.showScreen)(d.SCREEN_INTRODUCTION)),onSelectMethod:t=>{e((0,l.chooseMethod)(t)),e((0,l.showScreen)(d.SCREEN_REGISTER_METHOD))}}))),c.default)(E)},1196:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=l(n(7363)),r=n(1624),a=n(440),i=l(n(7462));function l(e){return e&&e.__esModule?e:{default:e}}const s=e=>{let{screen:t,method:n,Tag:r="h2",className:l="mfa-section-title"}=e;const{ss:{i18n:s}}=window;let u;switch(t){case a.SCREEN_INTRODUCTION:u=s._t("MultiFactorAuthentication.TITLE",i.default["MultiFactorAuthentication.TITLE"]);break;case a.SCREEN_CHOOSE_METHOD:u=s._t("MultiFactorAuthentication.SELECT_METHOD",i.default["MultiFactorAuthentication.SELECT_METHOD"]);break;case a.SCREEN_COMPLETE:u=s._t("MultiFactorAuthentication.SETUP_COMPLETE_TITLE",i.default["MultiFactorAuthentication.SETUP_COMPLETE_TITLE"]);break;case a.SCREEN_REGISTER_METHOD:u=n&&s.inject(s._t("MFARegister.REGISTER_WITH","Register with {method}"),{method:n.name.toLowerCase()});break;default:u=!1}if(!u||!u.length)return null;const c=r||"span";return o.default.createElement(c,{className:l},u)};t.Component=s;t.default=(0,r.connect)((e=>{const t=e.mfaRegister||e;return{screen:t.screen,method:t.method}}))(s)},7442:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=m(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=p(n(7086)),a=n(8127),i=n(6648),l=n(2827),s=n(1624),u=p(n(1196)),c=n(9861),d=p(n(5695)),f=n(440),h=p(n(7462));function p(e){return e&&e.__esModule?e:{default:e}}function m(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(m=function(e){return e?n:t})(e)}class E extends o.Component{constructor(e){super(e),this.handleRegister=this.handleRegister.bind(this)}componentDidUpdate(){const{disallowedScreens:e,isOpen:t,registrationScreen:n,toggle:o}=this.props;t&&e.length&&e.includes(n)&&o()}handleRegister(e){const{onAddRegisteredMethod:t,onSetDefaultMethod:n,registeredMethods:o}=this.props;o.length||n(e.urlSegment),t(e)}render(){const{backupMethod:e,endpoints:t,isOpen:n,toggle:r,registeredMethods:i,registrationScreen:l,resources:s,RegisterComponent:c}=this.props;return o.default.createElement(a.Modal,{isOpen:n,toggle:r,className:"registered-mfa-method-list-field-register-modal"},o.default.createElement(a.ModalHeader,{toggle:r},o.default.createElement(u.default,{Tag:null})),o.default.createElement(a.ModalBody,{className:"registered-mfa-method-list-field-register-modal__content"},l!==f.SCREEN_INTRODUCTION&&o.default.createElement(c,{backupMethod:e,registeredMethods:i,onCompleteRegistration:r,onRegister:this.handleRegister,resources:s,endpoints:t,showTitle:!1,showSubTitle:!1,completeMessage:window.ss.i18n._t("MultiFactorAuthentication.ADMIN_SETUP_COMPLETE_CONTINUE",h.default["MultiFactorAuthentication.ADMIN_SETUP_COMPLETE_CONTINUE"])})))}}t.Component=E,E.propTypes={isOpen:r.default.bool,toggle:r.default.func,disallowedScreens:r.default.arrayOf(r.default.number),backupMethod:d.default,resources:r.default.object,endpoints:r.default.shape({register:r.default.string}),registrationScreen:r.default.number,registeredMethods:r.default.arrayOf(d.default),onAddRegisteredMethod:r.default.func,onSetDefaultMethod:r.default.func,RegisterComponent:r.default.oneOfType([r.default.element,r.default.func,r.default.elementType])},E.defaultProps={isOpen:!1,disallowedScreens:[]};t.default=(0,l.compose)((0,i.inject)(["MFARegister"],(e=>({RegisterComponent:e})),(()=>"MFARegisterModal")),(0,s.connect)((e=>({registrationScreen:e.mfaRegister.screen,registeredMethods:e.mfaAdministration.registeredMethods})),(e=>({onAddRegisteredMethod:t=>{e((0,c.registerMethod)(t))},onSetDefaultMethod:t=>e((0,c.setDefaultMethod)(t))}))))(E)},830:function(e,t,n){"use strict";var o,r=(o=n(7363))&&o.__esModule?o:{default:o},a=n(9691),i=n(6648);window.jQuery.entwine("ss",(e=>{e('.js-injector-boot [data-field-type="registered-mfa-method-list-field"]').entwine({ReactRoot:null,onmatch(){const e=(0,i.loadComponent)("RegisteredMFAMethodListField"),{readOnly:t,schema:{backupMethod:n,defaultMethod:o,registeredMethods:l,availableMethods:s,allAvailableMethods:u,resources:c,endpoints:d,backupCreatedDate:f,resetEndpoint:h,isMFARequired:p}}=this.data("schema");let m=this.getReactRoot();m||(m=(0,a.createRoot)(this[0]),this.setReactRoot(m)),m.render(r.default.createElement(e,{backupMethod:n,readOnly:t,initialDefaultMethod:o,initialRegisteredMethods:l,initialAvailableMethods:s,allAvailableMethods:u,resources:c,endpoints:d,backupCreatedDate:f,resetEndpoint:h,isMFARequired:p}))},onunmatch(){const e=this.getReactRoot();e&&(e.unmount(),this.setReactRoot(null))}})}))},6388:function(){"use strict";window.jQuery.entwine("ss",(e=>{e('[name="MFARequired"]').entwine({onchange(){parseInt(this.val(),10)?e(".mfa-settings__grace-period").removeAttr("disabled"):e(".mfa-settings__grace-period").attr("disabled","disabled")},onmatch(){this.onchange()}})}))},1924:function(e,t,n){"use strict";n(830),n(6388)},42:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=function(e){return fetch(e,{body:arguments.length>2&&void 0!==arguments[2]?arguments[2]:void 0,credentials:"same-origin",headers:arguments.length>3&&void 0!==arguments[3]?arguments[3]:{},method:arguments.length>1&&void 0!==arguments[1]?arguments[1]:"GET"})}},1661:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.formatCode=void 0;t.formatCode=function(e){let t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:" ";if(e.length<6)return e;if(e.length%4==0)return e.split(/(.{4})/g).filter((e=>e)).join(t).trim();if(e.length%3==0)return e.split(/(.{3})/g).filter((e=>e)).join(t).trim();const n=4-e.length%4,o=(e.length-3*n)/4,r=[...[...Array(o).keys()].map((()=>4)),...[...Array(n).keys()].map((()=>3))];let a=0;return r.map((t=>e.substring(a,a+=t))).join(t).trim()}},639:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.hoc=t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=i(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var l=r?Object.getOwnPropertyDescriptor(e,a):null;l&&(l.get||l.set)?Object.defineProperty(o,a,l):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=n(1624),a=n(2827);function i(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(i=function(e){return e?n:t})(e)}function l(){return l=Object.assign?Object.assign.bind():function(e){for(var t=1;t{const t=class extends o.Component{constructor(e){super(e),this.getAvailabilityOverride=this.getAvailabilityOverride.bind(this),this.isAvailable=this.isAvailable.bind(this),this.getUnavailableMessage=this.getUnavailableMessage.bind(this)}getAvailabilityOverride(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:null;const{availableMethodOverrides:t}=this.props,n=e||this.props.method,{urlSegment:o}=n;return void 0!==t[o]?t[o]:{}}getUnavailableMessage(){const e=(arguments.length>0&&void 0!==arguments[0]?arguments[0]:null)||this.props.method;return this.getAvailabilityOverride(e).unavailableMessage||e.unavailableMessage}isAvailable(){const e=(arguments.length>0&&void 0!==arguments[0]?arguments[0]:null)||this.props.method,t=this.getAvailabilityOverride(e);let n=e.isAvailable;return void 0!==t.isAvailable&&(n=t.isAvailable),n}render(){return o.default.createElement(e,l({},this.props,{isAvailable:this.isAvailable,getUnavailableMessage:this.getUnavailableMessage}))}},n=(e=>e.displayName||e.name||"Component")(e);return t.displayName=`WithMethodAvailability(${n})`,t};t.hoc=s;const u=(0,a.compose)((0,r.connect)((e=>{const t=[...e.mfaRegister.availableMethods,...e.mfaVerify.allMethods],n={};return Object.values(t).forEach((t=>{const{urlSegment:o}=t,r=`${o}Availability`;void 0!==e[r]&&(n[o]=e[r])})),{availableMethodOverrides:n}})),s);t.default=u},2017:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["ADD_REGISTERED_METHOD","REMOVE_REGISTERED_METHOD","SET_DEFAULT_METHOD","SET_REGISTERED_METHODS"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_ADMINISTRATION.${t}`})),{})},9861:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.setRegisteredMethods=t.setDefaultMethod=t.registerMethod=t.deregisterMethod=void 0;var o,r=(o=n(2017))&&o.__esModule?o:{default:o};t.registerMethod=e=>({type:r.default.ADD_REGISTERED_METHOD,payload:{method:e}});t.deregisterMethod=e=>({type:r.default.REMOVE_REGISTERED_METHOD,payload:{method:e}});t.setDefaultMethod=e=>({type:r.default.SET_DEFAULT_METHOD,payload:{defaultMethod:e}});t.setRegisteredMethods=e=>({type:r.default.SET_REGISTERED_METHODS,payload:{methods:e}})},6683:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:a,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const o=e=>t=>t.urlSegment===e.urlSegment,{registeredMethods:i}=e;switch(t){case r.default.ADD_REGISTERED_METHOD:{const{method:t}=n;return Array.isArray(i)?i.find(o(t))?e:(i.push(t),{...e,registeredMethods:i}):{...e,registeredMethods:[t]}}case r.default.REMOVE_REGISTERED_METHOD:{const{method:t}=n,r=i.findIndex(o(t));if(r<0)return e;i.splice(r,1);const a=2===i.length?{defaultMethod:i.find((()=>!0)).urlSegment}:{};return{...e,...a,registeredMethods:[...i]}}case r.default.SET_DEFAULT_METHOD:return{...e,defaultMethod:n.defaultMethod};case r.default.SET_REGISTERED_METHODS:return{...e,registeredMethods:n.methods};default:return e}};var o,r=(o=n(2017))&&o.__esModule?o:{default:o};const a={defaultMethod:null,registeredMethods:[]}},3529:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["ADD_AVAILABLE_METHOD","REMOVE_AVAILABLE_METHOD","SET_AVAILABLE_METHODS","SET_SCREEN","SET_METHOD"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_REGISTER.${t}`})),{})},8631:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.showScreen=t.setAvailableMethods=t.removeAvailableMethod=t.chooseMethod=t.addAvailableMethod=void 0;var o,r=(o=n(3529))&&o.__esModule?o:{default:o};t.showScreen=e=>({type:r.default.SET_SCREEN,payload:{screen:e}});t.chooseMethod=e=>({type:r.default.SET_METHOD,payload:{method:e}});t.setAvailableMethods=e=>({type:r.default.SET_AVAILABLE_METHODS,payload:{availableMethods:e}});t.addAvailableMethod=e=>({type:r.default.ADD_AVAILABLE_METHOD,payload:{method:e}});t.removeAvailableMethod=e=>({type:r.default.REMOVE_AVAILABLE_METHOD,payload:{method:e}})},7286:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:i,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};switch(t){case a.default.SET_SCREEN:{const{screen:t}=n;return null===e.method&&t===r.SCREEN_REGISTER_METHOD?{...e,screen:r.SCREEN_CHOOSE_METHOD}:{...e,screen:t}}case a.default.SET_METHOD:return{...e,method:n.method};case a.default.SET_AVAILABLE_METHODS:return{...e,availableMethods:n.availableMethods};case a.default.ADD_AVAILABLE_METHOD:return{...e,availableMethods:[...e.availableMethods,n.method]};case a.default.REMOVE_AVAILABLE_METHOD:return{...e,availableMethods:e.availableMethods.filter((e=>e.urlSegment!==n.method.urlSegment))};default:return e}};var o,r=n(440),a=(o=n(3529))&&o.__esModule?o:{default:o};const i={screen:r.SCREEN_INTRODUCTION,method:null,availableMethods:[]}},7282:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["SET_ALL_METHODS"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_VERIFY.${t}`})),{})},23:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:a,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};if(t===r.default.SET_ALL_METHODS)return{...e,allMethods:n.allMethods};return e};var o,r=(o=n(7282))&&o.__esModule?o:{default:o};const a={allMethods:[]}},2949:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7086))&&o.__esModule?o:{default:o};t.default=r.default.shape({urlSegment:r.default.string,name:r.default.string,description:r.default.string,supportLink:r.default.string,supportText:r.default.string,thumbnail:r.default.string,component:r.default.string,isAvailable:r.default.bool,unavailableMessage:r.default.string})},5695:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7086))&&o.__esModule?o:{default:o};t.default=r.default.shape({name:r.default.string,urlSegment:r.default.string,isAvailable:r.default.bool,unavailableMessage:r.default.string,component:r.default.string,supportLink:r.default.string,thumbnail:r.default.string})},640:function(e,t,n){"use strict";var o=n(1742),r={"text/plain":"Text","text/html":"Url",default:"Text"};e.exports=function(e,t){var n,a,i,l,s,u,c=!1;t||(t={}),n=t.debug||!1;try{if(i=o(),l=document.createRange(),s=document.getSelection(),(u=document.createElement("span")).textContent=e,u.ariaHidden="true",u.style.all="unset",u.style.position="fixed",u.style.top=0,u.style.clip="rect(0, 0, 0, 0)",u.style.whiteSpace="pre",u.style.webkitUserSelect="text",u.style.MozUserSelect="text",u.style.msUserSelect="text",u.style.userSelect="text",u.addEventListener("copy",(function(o){if(o.stopPropagation(),t.format)if(o.preventDefault(),void 0===o.clipboardData){n&&console.warn("unable to use e.clipboardData"),n&&console.warn("trying IE specific stuff"),window.clipboardData.clearData();var a=r[t.format]||r.default;window.clipboardData.setData(a,e)}else o.clipboardData.clearData(),o.clipboardData.setData(t.format,e);t.onCopy&&(o.preventDefault(),t.onCopy(o.clipboardData))})),document.body.appendChild(u),l.selectNodeContents(u),s.addRange(l),!document.execCommand("copy"))throw new Error("copy command was unsuccessful");c=!0}catch(o){n&&console.error("unable to copy using execCommand: ",o),n&&console.warn("trying IE specific stuff");try{window.clipboardData.setData(t.format||"text",e),t.onCopy&&t.onCopy(window.clipboardData),c=!0}catch(o){n&&console.error("unable to copy using clipboardData: ",o),n&&console.error("falling back to prompt"),a=function(e){var t=(/mac os x/i.test(navigator.userAgent)?"⌘":"Ctrl")+"+C";return e.replace(/#{\s*key\s*}/g,t)}("message"in t?t.message:"Copy to clipboard: #{key}, Enter"),window.prompt(a,e)}}finally{s&&("function"==typeof s.removeRange?s.removeRange(l):s.removeAllRanges()),u&&document.body.removeChild(u),i()}return c}},9768:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Printd=t.createIFrame=t.createLinkStyle=t.createStyle=void 0;var n=/^(((http[s]?)|file):)?(\/\/)+([0-9a-zA-Z-_.=?&].+)$/,o=/^((\.|\.\.)?\/)([0-9a-zA-Z-_.=?&]+\/)*([0-9a-zA-Z-_.=?&]+)$/,r=function(e){return n.test(e)||o.test(e)};function a(e,t){var n=e.createElement("style");return n.appendChild(e.createTextNode(t)),n}function i(e,t){var n=e.createElement("link");return n.type="text/css",n.rel="stylesheet",n.href=t,n}function l(e){var t=window.document.createElement("iframe");return t.setAttribute("src","about:blank"),t.setAttribute("style","visibility:hidden;width:0;height:0;position:absolute;z-index:-9999;bottom:0;"),t.setAttribute("width","0"),t.setAttribute("height","0"),t.setAttribute("wmode","opaque"),e.appendChild(t),t}t.createStyle=a,t.createLinkStyle=i,t.createIFrame=l;var s={parent:window.document.body,headElements:[],bodyElements:[]},u=function(){function e(e){this.isLoading=!1,this.hasEvents=!1,this.opts=[s,e||{}].reduce((function(e,t){return Object.keys(t).forEach((function(n){return e[n]=t[n]})),e}),{}),this.iframe=l(this.opts.parent)}return e.prototype.getIFrame=function(){return this.iframe},e.prototype.print=function(e,t,n,o){if(!this.isLoading){var l=this.iframe,s=l.contentDocument,u=l.contentWindow;if(s&&u&&(this.iframe.src="about:blank",this.elCopy=e.cloneNode(!0),this.elCopy)){this.isLoading=!0,this.callback=o;var c=u.document;c.open(),c.write(''),this.addEvents();var d=this.opts,f=d.headElements,h=d.bodyElements;Array.isArray(f)&&f.forEach((function(e){return c.head.appendChild(e)})),Array.isArray(h)&&h.forEach((function(e){return c.body.appendChild(e)})),Array.isArray(t)&&t.forEach((function(e){e&&c.head.appendChild(r(e)?i(c,e):a(c,e))})),c.body.appendChild(this.elCopy),Array.isArray(n)&&n.forEach((function(e){if(e){var t=c.createElement("script");r(e)?t.src=e:t.innerText=e,c.body.appendChild(t)}})),c.close()}}},e.prototype.printURL=function(e,t){this.isLoading||(this.addEvents(),this.isLoading=!0,this.callback=t,this.iframe.src=e)},e.prototype.onBeforePrint=function(e){this.onbeforeprint=e},e.prototype.onAfterPrint=function(e){this.onafterprint=e},e.prototype.launchPrint=function(e){this.isLoading||e.print()},e.prototype.addEvents=function(){var e=this;if(!this.hasEvents){this.hasEvents=!0,this.iframe.addEventListener("load",(function(){return e.onLoad()}),!1);var t=this.iframe.contentWindow;t&&(this.onbeforeprint&&t.addEventListener("beforeprint",this.onbeforeprint),this.onafterprint&&t.addEventListener("afterprint",this.onafterprint))}},e.prototype.onLoad=function(){var e=this;if(this.iframe){this.isLoading=!1;var t=this.iframe,n=t.contentDocument,o=t.contentWindow;if(!n||!o)return;"function"==typeof this.callback?this.callback({iframe:this.iframe,element:this.elCopy,launchPrint:function(){return e.launchPrint(o)}}):this.launchPrint(o)}},e}();t.Printd=u,t.default=u},4300:function(e,t,n){"use strict";function o(e){return o="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.CopyToClipboard=void 0;var r=l(n(7363)),a=l(n(640)),i=["text","onCopy","options","children"];function l(e){return e&&e.__esModule?e:{default:e}}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function u(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}function d(e,t){for(var n=0;n=0;--a){var i=this.tryEntries[a],l=i.completion;if("root"===i.tryLoc)return r("end");if(i.tryLoc<=this.prev){var s=o.call(i,"catchLoc"),u=o.call(i,"finallyLoc");if(s&&u){if(this.prev=0;--n){var r=this.tryEntries[n];if(r.tryLoc<=this.prev&&o.call(r,"finallyLoc")&&this.prev=0;--t){var n=this.tryEntries[t];if(n.finallyLoc===e)return this.complete(n.completion,n.afterLoc),w(n),E}},catch:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var n=this.tryEntries[t];if(n.tryLoc===e){var o=n.completion;if("throw"===o.type){var r=o.arg;w(n)}return r}}throw new Error("illegal catch attempt")},delegateYield:function(e,n,o){return this.delegate={iterator:D(e),resultName:n,nextLoc:o},"next"===this.method&&(this.arg=t),E}},e}(e.exports);try{regeneratorRuntime=t}catch(e){"object"==typeof globalThis?globalThis.regeneratorRuntime=t:Function("r","regeneratorRuntime = r")(t)}},1742:function(e){e.exports=function(){var e=document.getSelection();if(!e.rangeCount)return function(){};for(var t=document.activeElement,n=[],o=0;o{(0,o.default)(),(0,r.default)(),(0,a.default)()}))},460:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=l(n(6648)),r=l(n(440)),a=l(n(6021)),i=l(n(9521));function l(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{(0,i.default)(),o.default.component.registerMany({MFARegister:r.default,RegisteredMFAMethodListField:a.default})}},7355:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(6648)),r=i(n(6683)),a=i(n(4180));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{(0,a.default)(),o.default.reducer.register("mfaAdministration",r.default)}},941:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=a(n(6648)),r=a(n(3311));function a(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{o.default.transform("apply-sudo-mode-to-mfa",(e=>{e.component("RegisteredMFAMethodListField",r.default)}))}},9521:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(9487)),r=i(n(1284)),a=i(n(6648));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{a.default.component.registerMany({BackupCodeRegister:o.default,BackupCodeVerify:r.default})}},4180:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(6648)),r=i(n(7286)),a=i(n(23));function i(e){return e&&e.__esModule?e:{default:e}}t.default=()=>{o.default.reducer.register("mfaRegister",r.default),o.default.reducer.register("mfaVerify",a.default)}},9487:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=u(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=s(n(7086)),a=s(n(9768)),i=n(4855),l=n(1661);function s(e){return e&&e.__esModule?e:{default:e}}function u(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(u=function(e){return e?n:t})(e)}class c extends o.Component{constructor(e){super(e),this.state={recentlyCopied:!1},this.printRef=null,this.setPrintRef=e=>{this.printRef=e},this.copyMessageTimeout=null,this.handlePrint=this.handlePrint.bind(this),this.handleCopy=this.handleCopy.bind(this)}getFormattedCodes(){const{codes:e}=this.props;return e.map((e=>(0,l.formatCode)(e)))}handlePrint(e){e.preventDefault(),(new a.default).print(this.printRef,['body { font-family: "Helvetica Neue", Helvetica, Arial, sans-serif }'])}handleCopy(e){e.preventDefault();const{copyFeedbackDuration:t}=this.props;this.setState({recentlyCopied:!0}),this.copyMessageTimeout&&clearTimeout(this.copyMessageTimeout),this.copyMessageTimeout=setTimeout((()=>{this.setState({recentlyCopied:!1})}),t)}renderCodes(){return o.default.createElement("pre",{ref:this.setPrintRef,className:"mfa-register-backup-codes__code-grid"},this.getFormattedCodes().map((e=>o.default.createElement("div",{key:e},e))))}renderDescription(){const{ss:{i18n:e}}=window,{method:{supportLink:t,supportText:n}}=this.props;return o.default.createElement("p",null,e._t("MFABackupCodesRegister.DESCRIPTION","Recovery codes enable you to log into your account in the event your primary authentication is not available. Each code can only be used once. Store these codes somewhere safe, as they will not be viewable after leaving this page.")," ",t&&o.default.createElement("a",{href:t,target:"_blank",rel:"noopener noreferrer"},n||e._t("MFARegister.RECOVERY_HELP","Learn more about recovery codes.")))}renderPrintAction(){const{ss:{i18n:e}}=window;return o.default.createElement("button",{type:"button",onClick:this.handlePrint,className:"btn btn-link"},e._t("MFABackupCodesRegister.PRINT","Print codes"))}renderDownloadAction(){const{codes:e,method:t}=this.props,{Blob:n,URL:r,ss:{i18n:a},navigator:i}=window,l=`${t.name}.txt`,s=new n([e.join("\r\n")],{type:"text/plain;charset=UTF-8"}),u=r.createObjectURL(s);return o.default.createElement("a",{download:l,href:u,className:"btn btn-link",onClick:e=>{i.msSaveBlob&&(e.preventDefault(),i.msSaveBlob(s,l))}},a._t("MFABackupCodesRegister.DOWNLOAD","Download"))}renderCopyAction(){const{codes:e}=this.props,{recentlyCopied:t}=this.state,{ss:{i18n:n}}=window,r=t?n._t("MFABackupCodesRegister.COPY_RECENT","Copied!"):n._t("MFABackupCodesRegister.COPY","Copy codes");return o.default.createElement(i.CopyToClipboard,{text:e.join("\n")},o.default.createElement("button",{type:"button",className:"mfa-register-backup-codes__copy-to-clipboard btn btn-link",onClick:this.handleCopy},r))}render(){const{onCompleteRegistration:e}=this.props,{ss:{i18n:t}}=window;return o.default.createElement("div",{className:"mfa-register-backup-codes__container"},this.renderDescription(),this.renderCodes(),o.default.createElement("div",{className:"mfa-register-backup-codes__helper-links"},this.renderPrintAction(),this.renderDownloadAction(),this.renderCopyAction()),o.default.createElement("button",{className:"btn btn-primary",onClick:()=>e()},t._t("MFABackupCodesRegister.FINISH","Finish")))}}c.propTypes={codes:r.default.arrayOf(r.default.string),copyFeedbackDuration:r.default.number},c.defaultProps={copyFeedbackDuration:3e3};t.default=c},1284:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=i(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var l=r?Object.getOwnPropertyDescriptor(e,a):null;l&&(l.get||l.set)?Object.defineProperty(o,a,l):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=(o=n(7820))&&o.__esModule?o:{default:o};function i(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(i=function(e){return e?n:t})(e)}class l extends r.Component{constructor(e){super(e),this.state={value:""},this.codeInput=r.default.createRef(),this.handleChange=this.handleChange.bind(this),this.handleCompleteVerification=this.handleCompleteVerification.bind(this)}componentDidMount(){this.codeInput.current&&this.codeInput.current.focus()}handleChange(e){this.setState({value:e.target.value})}handleCompleteVerification(e){e.preventDefault();const{onCompleteVerification:t}=this.props;t({code:this.state.value})}renderControls(){const{moreOptionsControl:e}=this.props,{ss:{i18n:t}}=window;return r.default.createElement("ul",{className:"mfa-action-list mfa-action-list--backup-codes"},r.default.createElement("li",{className:"mfa-action-list__item"},r.default.createElement("button",{className:"btn btn-primary",disabled:0===this.state.value.length,onClick:this.handleCompleteVerification},t._t("MFABackupCodesVerify.NEXT","Next"))),e&&r.default.createElement("li",{className:"mfa-action-list__item"},e))}renderDescription(){const{ss:{i18n:e}}=window,{method:t}=this.props;return r.default.createElement("p",null,e._t("MFABackupCodesVerify.DESCRIPTION","Use one of the recovery codes you received")," ",t&&t.supportLink&&r.default.createElement("a",{href:t.supportLink,target:"_blank",rel:"noopener noreferrer"},e._t("MFARegister.RECOVERY_HELP","How to use recovery codes.")))}renderInput(){const{error:e}=this.props,{ss:{i18n:t}}=window,n=t._t("MFABackupCodesVerify.LABEL","Enter recovery code"),o=(0,a.default)("mfa-verify-backup-codes__input-container",{"has-error":!!e});return r.default.createElement("div",{className:o},r.default.createElement("label",{htmlFor:"backup-code",className:"control-label"},n),r.default.createElement("input",{className:"mfa-verify-backup-codes__input text form-control",type:"text",placeholder:n,id:"backup-code",ref:this.codeInput,onChange:this.handleChange}),e&&r.default.createElement("div",{className:"help-block"},e))}render(){const{graphic:e,name:t}=this.props;return r.default.createElement("form",{className:"mfa-verify-backup-codes__container"},r.default.createElement("div",{className:"mfa-verify-backup-codes__content"},this.renderDescription(),this.renderInput()),r.default.createElement("div",{className:"mfa-verify-backup-codes__image-holder"},r.default.createElement("img",{className:"mfa-verify-backup-codes__image",src:e,alt:t})),this.renderControls())}}t.default=l},2469:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=h(n(7086)),r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=f(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=h(n(4510)),i=h(n(42)),l=h(n(3141)),s=h(n(5292)),u=h(n(1820)),c=h(n(3947)),d=(h(n(5666)),h(n(7462)));function f(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(f=function(e){return e?n:t})(e)}function h(e){return e&&e.__esModule?e:{default:e}}class p extends r.Component{constructor(e){super(e),this.state={complete:!1,failed:!1,submitting:!1},this.handleSendReset=this.handleSendReset.bind(this)}async handleSendReset(){const{ss:{i18n:e}}=window,t=e._t("MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION"]),n=e._t("MultiFactorAuthentication.CONFIRMATION_TITLE",d.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=e._t("MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION_BUTTON",d.default["MultiFactorAuthentication.ACCOUNT_RESET_CONFIRMATION_BUTTON"]);if(!await(0,l.default)({title:n,message:t,confirmText:o}))return;this.setState({submitting:!0});const r=JSON.stringify({csrf_token:a.default.get("SecurityID")});(0,i.default)(this.props.resetEndpoint,"POST",r).then((e=>e.json())).then((e=>{const t=!!e.error;this.setState({complete:!0,failed:t,submitting:!1})})).catch((()=>{this.setState({complete:!0,failed:!0,submitting:!1})}))}renderAction(){const{ss:{i18n:e}}=window,{resetEndpoint:t}=this.props,{complete:n,submitting:o}=this.state;return n||o?null:r.default.createElement("p",{className:"account-reset-action"},r.default.createElement("button",{className:"btn btn-outline-secondary",disabled:!t,onClick:this.handleSendReset,type:"button"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_ACTION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_ACTION"])))}renderSending(){const{ss:{i18n:e}}=window,{LoadingIndicatorComponent:t}=this.props;return r.default.createElement("p",{className:"account-reset-action account-reset-action--sending"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(t,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING"])))}renderFailure(){const{ss:{i18n:e}}=window;return r.default.createElement("p",{className:"account-reset-action account-reset-action--failure"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(u.default,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING_FAILURE"])))}renderSuccess(){const{ss:{i18n:e}}=window;return r.default.createElement("p",{className:"account-reset-action account-reset-action--success"},r.default.createElement("span",{className:"account-reset-action__icon"},r.default.createElement(c.default,{size:"32px"})),r.default.createElement("span",{className:"account-reset-action__message"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_SENDING_SUCCESS",d.default["MultiFactorAuthentication.ACCOUNT_RESET_SENDING_SUCCESS"])))}renderStatusMessage(){const{complete:e,failed:t,submitting:n}=this.state;return n?this.renderSending():e?t?this.renderFailure():this.renderSuccess():null}render(){const{ss:{i18n:e}}=window;return r.default.createElement("div",{className:"account-reset"},r.default.createElement("h5",{className:"account-reset__title"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_TITLE",d.default["MultiFactorAuthentication.ACCOUNT_RESET_TITLE"])),r.default.createElement("p",{className:"account-reset__description"},e._t("MultiFactorAuthentication.ACCOUNT_RESET_DESCRIPTION",d.default["MultiFactorAuthentication.ACCOUNT_RESET_DESCRIPTION"])),this.renderAction(),this.renderStatusMessage())}}p.propTypes={resetEndpoint:o.default.string,LoadingIndicatorComponent:o.default.oneOfType([o.default.object,o.default.func])},p.defaultProps={LoadingIndicatorComponent:s.default};t.default=p},1509:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=p(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=h(n(3141)),a=h(n(7086)),i=h(n(7820)),l=h(n(8488)),s=h(n(5695)),u=h(n(2468)),c=h(n(9831)),d=h(n(8628)),f=h(n(7462));function h(e){return e&&e.__esModule?e:{default:e}}function p(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(p=function(e){return e?n:t})(e)}class m extends o.PureComponent{getStatusMessage(){const{isBackupMethod:e,isDefaultMethod:t}=this.props,{ss:{i18n:n}}=window;return t?n._t("MultiFactorAuthentication.DEFAULT_REGISTERED",f.default["MultiFactorAuthentication.DEFAULT_REGISTERED"]):e?n._t("MultiFactorAuthentication.BACKUP_REGISTERED",f.default["MultiFactorAuthentication.BACKUP_REGISTERED"]):n._t("MultiFactorAuthentication.REGISTERED",f.default["MultiFactorAuthentication.REGISTERED"])}renderRemove(){const{canRemove:e,method:t,RemoveComponent:n}=this.props;return e?o.default.createElement(n,{method:t}):null}renderReset(){const{canReset:e,isBackupMethod:t,method:n}=this.props;if(!e)return null;const a={method:n};if(t){const{ss:{i18n:e}}=window,t=e._t("MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION",f.default["MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION"]),n=e._t("MultiFactorAuthentication.CONFIRMATION_TITLE",f.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=e._t("MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION_BUTTON",f.default["MultiFactorAuthentication.RESET_BACKUP_CONFIRMATION_BUTTON"]);a.onReset=async e=>{await(0,r.default)({title:n,message:t,confirmText:o})&&e()}}return o.default.createElement(c.default,a)}renderSetAsDefault(){const{isDefaultMethod:e,isBackupMethod:t,method:n,SetDefaultComponent:r}=this.props;return e||t?null:o.default.createElement(r,{method:n})}renderControls(){const{canRemove:e,canReset:t}=this.props;return e||t?o.default.createElement("div",null,this.renderRemove(),this.renderReset(),this.renderSetAsDefault()):null}renderNameAndStatus(){const{method:e,createdDate:t}=this.props,{ss:{i18n:n}}=window,o=this.getStatusMessage();return l.default.locale(n.detectLocale()),n.inject(o,{method:e.name,date:(0,l.default)(t).format("L")})}render(){const{tag:e,className:t}=this.props,n=(0,i.default)(t,"registered-method-list-item");return o.default.createElement(e,{className:n},this.renderNameAndStatus(),this.renderControls())}}m.propTypes={method:s.default.isRequired,isDefaultMethod:a.default.bool,isBackupMethod:a.default.bool,canRemove:a.default.bool,canReset:a.default.bool,onRemove:a.default.func,onReset:a.default.func,createdDate:a.default.string,className:a.default.string,tag:a.default.string,RemoveComponent:a.default.oneOfType([a.default.object,a.default.func]),SetDefaultComponent:a.default.oneOfType([a.default.object,a.default.func])},m.defaultProps={isDefaultMethod:!1,isBackupMethod:!1,canRemove:!1,canReset:!1,tag:"li",RemoveComponent:u.default,SetDefaultComponent:d.default};t.default=m},2468:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=h(n(7363)),r=h(n(7086)),a=n(1624),i=h(n(3141)),l=h(n(4510)),s=h(n(42)),u=n(8631),c=n(9861),d=h(n(5695)),f=h(n(7462));function h(e){return e&&e.__esModule?e:{default:e}}const p=(e,t)=>{let{method:n,onRemove:r,defaultMethod:a,registeredMethods:u,onDeregisterMethod:c,onAddAvailableMethod:d,onSetDefaultMethod:h}=e,{backupMethod:p,endpoints:{remove:m}}=t;const{ss:{i18n:E}}=window,M=async()=>{const e=E._t("MultiFactorAuthentication.DELETE_CONFIRMATION",f.default["MultiFactorAuthentication.DELETE_CONFIRMATION"]),t=E._t("MultiFactorAuthentication.CONFIRMATION_TITLE",f.default["MultiFactorAuthentication.CONFIRMATION_TITLE"]),o=E._t("MultiFactorAuthentication.DELETE_CONFIRMATION_BUTTON",f.default["MultiFactorAuthentication.DELETE_CONFIRMATION_BUTTON"]);if(!await(0,i.default)({title:t,message:e,confirmText:o}))return;const r=l.default.get("SecurityID"),M=`${m.replace("{urlSegment}",n.urlSegment)}?SecurityID=${r}`;(0,s.default)(M,"DELETE").then((e=>e.json().then((t=>{if(200===e.status)return c(n),d(t.availableMethod),n.urlSegment===a&&h(null),void(!t.hasBackupMethod&&p&&u.find((e=>e.urlSegment===p.urlSegment))&&c(p));const o=t.errors&&` Errors: \n - ${t.errors.join("\n -")}`||"";throw Error(`Could not delete method. Error code ${e.status}.${o}`)}))))};return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:r?r(M):M},E._t("MultiFactorAuthentication.REMOVE_METHOD",f.default["MultiFactorAuthentication.REMOVE_METHOD"]))};p.propTypes={method:d.default.isRequired,onRemove:r.default.func,defaultMethod:r.default.string.isRequired,registeredMethods:r.default.arrayOf(d.default).isRequired,onDeregisterMethod:r.default.func.isRequired,onAddAvailableMethod:r.default.func.isRequired,onSetDefaultMethod:r.default.func.isRequired},p.contextTypes={backupMethod:d.default,endpoints:r.default.shape({register:r.default.string,remove:r.default.string})};t.default=(0,a.connect)((e=>{let{mfaAdministration:{defaultMethod:t,registeredMethods:n}}=e;return{defaultMethod:t,registeredMethods:n}}),(e=>({onDeregisterMethod:t=>{e((0,c.deregisterMethod)(t))},onAddAvailableMethod:t=>{e((0,u.addAvailableMethod)(t))},onSetDefaultMethod:t=>e((0,c.setDefaultMethod)(t))})))(p)},9831:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=h(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=f(n(7086)),a=n(1624),i=n(440),l=n(8631),s=f(n(5695)),u=f(n(2949)),c=f(n(7442)),d=f(n(7462));function f(e){return e&&e.__esModule?e:{default:e}}function h(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(h=function(e){return e?n:t})(e)}class p extends o.Component{constructor(e){super(e),this.state={modalOpen:!1},this.handleReset=this.handleReset.bind(this),this.handleToggleModal=this.handleToggleModal.bind(this)}handleToggleModal(){this.setState((e=>({modalOpen:!e.modalOpen})))}handleReset(){const{onResetMethod:e,method:t}=this.props,{allAvailableMethods:n}=this.context,o=n.find((e=>e.urlSegment===t.urlSegment));if(!o)throw Error(`Cannot register the method given: ${t.name} (${t.urlSegment}).`);e(o),this.handleToggleModal()}render(){const{onReset:e}=this.props,{backupMethod:t,endpoints:n,resources:r}=this.context,a=e?()=>e(this.handleReset):this.handleReset;return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:a},window.ss.i18n._t("MultiFactorAuthentication.RESET_METHOD",d.default["MultiFactorAuthentication.RESET_METHOD"]),o.default.createElement(c.default,{backupMethod:t,isOpen:this.state.modalOpen,toggle:this.handleToggleModal,resources:r,endpoints:n,disallowedScreens:[i.SCREEN_CHOOSE_METHOD,i.SCREEN_INTRODUCTION]}))}}p.propTypes={method:s.default.isRequired,onReset:r.default.func},p.contextTypes={allAvailableMethods:r.default.arrayOf(u.default),backupMethod:s.default,endpoints:r.default.shape({register:r.default.string}),resources:r.default.object};t.default=(0,a.connect)(null,(e=>({onResetMethod:t=>{e((0,l.chooseMethod)(t)),e((0,l.showScreen)(i.SCREEN_REGISTER_METHOD))}})))(p)},8628:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=f(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=d(n(7086)),a=d(n(5695)),i=d(n(4510)),l=n(1624),s=d(n(42)),u=n(9861),c=d(n(7462));function d(e){return e&&e.__esModule?e:{default:e}}function f(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(f=function(e){return e?n:t})(e)}class h extends o.Component{constructor(e){super(e),this.handleSetDefault=this.handleSetDefault.bind(this)}handleSetDefault(){const{method:e,onSetDefaultMethod:t}=this.props,{endpoints:{setDefault:n}}=this.context,o=i.default.get("SecurityID"),r=`${n.replace("{urlSegment}",e.urlSegment)}?SecurityID=${o}`;(0,s.default)(r,"PUT").then((n=>n.json().then((o=>{if(200===n.status)return void t(e.urlSegment);const r=o.errors&&` Errors: \n - ${o.errors.join("\n -")}`||"";throw Error(`Could not set default method. Error code ${n.status}.${r}`)}))))}render(){const{ss:{i18n:e}}=window;return o.default.createElement("button",{className:"registered-method-list-item__control",type:"button",onClick:this.handleSetDefault},e._t("MultiFactorAuthentication.SET_AS_DEFAULT",c.default["MultiFactorAuthentication.SET_AS_DEFAULT"]))}}t.Component=h,h.propTypes={method:a.default.isRequired},h.contextTypes={endpoints:r.default.shape({setDefault:r.default.string})};t.default=(0,l.connect)(null,(e=>({onSetDefaultMethod:t=>e((0,u.setDefaultMethod)(t))})))(h)},6021:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=_(n(7086)),r=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=M(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),a=n(8127),i=n(1624),l=_(n(7820)),s=_(n(5695)),u=_(n(2949)),c=n(8631),d=n(9861),f=n(440),h=_(n(1509)),p=_(n(2469)),m=_(n(7442)),E=_(n(7462));function M(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(M=function(e){return e?n:t})(e)}function _(e){return e&&e.__esModule?e:{default:e}}class g extends r.Component{constructor(e){super(e),this.state={modalOpen:!1},this.handleToggleModal=this.handleToggleModal.bind(this)}getChildContext(){const{allAvailableMethods:e,backupMethod:t,endpoints:n,resources:o}=this.props;return{allAvailableMethods:e,backupMethod:t,endpoints:n,resources:o}}componentDidMount(){const{onSetDefaultMethod:e,initialDefaultMethod:t,onSetRegisteredMethods:n,initialRegisteredMethods:o,onUpdateAvailableMethods:r,initialAvailableMethods:a}=this.props;n(o),r(a),e(t)}getBaseMethods(){const{backupMethod:e}=this.props;let{registeredMethods:t}=this.props;return t?(e&&(t=t.filter((t=>t.urlSegment!==e.urlSegment))),t):[]}handleToggleModal(){this.setState((e=>({modalOpen:!e.modalOpen})))}renderNoMethodsMessage(){if(this.getBaseMethods().length)return null;const{readOnly:e}=this.props,{ss:{i18n:t}}=window,n=e?"MultiFactorAuthentication.NO_METHODS_REGISTERED_READONLY":"MultiFactorAuthentication.NO_METHODS_REGISTERED";return r.default.createElement("div",{className:"registered-mfa-method-list-field__no-methods"},t._t(n,E.default[n]))}renderBackupMethod(){const{backupMethod:e,backupCreatedDate:t,registeredMethods:n,readOnly:o,MethodListItemComponent:a}=this.props;if(!e)return null;const i=n.find((t=>t.urlSegment===e.urlSegment));return i?r.default.createElement(a,{method:i,createdDate:t,canReset:!o,isBackupMethod:!0,tag:"div",className:"registered-method-list-item--backup"}):null}renderBaseMethods(){const{isMFARequired:e}=this.props,t=this.getBaseMethods();if(!t.length)return[];const{defaultMethod:n,readOnly:o,MethodListItemComponent:a}=this.props;return t.map((i=>{const l={method:i,key:i.urlSegment,isDefaultMethod:n&&i.urlSegment===n,canRemove:!(o||e&&1===t.length),canReset:!o};return r.default.createElement(a,l)}))}renderModal(){const{backupMethod:e,endpoints:t,resources:n,RegisterModalComponent:o}=this.props;return r.default.createElement(o,{backupMethod:e,isOpen:this.state.modalOpen,toggle:this.handleToggleModal,resources:n,endpoints:t,disallowedScreens:[f.SCREEN_INTRODUCTION]})}renderAddButton(){const{availableMethods:e,registeredMethods:t,readOnly:n,onResetRegister:o}=this.props;if(n||!e||0===e.length)return null;const{ss:{i18n:i}}=window,l=t.length?i._t("MultiFactorAuthentication.ADD_ANOTHER_METHOD",E.default["MultiFactorAuthentication.ADD_ANOTHER_METHOD"]):i._t("MultiFactorAuthentication.ADD_FIRST_METHOD",E.default["MultiFactorAuthentication.ADD_FIRST_METHOD"]);return r.default.createElement(a.Button,{className:"registered-mfa-method-list-field__button",outline:!0,type:"button",onClick:()=>{this.handleToggleModal(),o()}},l)}render(){const{readOnly:e,resetEndpoint:t}=this.props,n=(0,l.default)({"registered-mfa-method-list-field":!0,"registered-mfa-method-list-field--read-only":e});return r.default.createElement("div",{className:n},r.default.createElement("ul",{className:"method-list"},this.renderBaseMethods()),this.renderNoMethodsMessage(),this.renderAddButton(),this.renderBackupMethod(),e&&r.default.createElement("hr",null),e&&r.default.createElement(p.default,{resetEndpoint:t}),this.renderModal())}}t.Component=g,g.propTypes={backupMethod:s.default,defaultMethod:o.default.string,readOnly:o.default.bool,isMFARequired:o.default.bool,initialDefaultMethod:o.default.string,initialRegisteredMethods:o.default.arrayOf(s.default),initialAvailableMethods:o.default.arrayOf(u.default),allAvailableMethods:o.default.arrayOf(u.default),resetEndpoint:o.default.string,endpoints:o.default.shape({register:o.default.string,remove:o.default.string}),resources:o.default.object,availableMethods:o.default.arrayOf(u.default),registeredMethods:o.default.arrayOf(s.default),registrationScreen:o.default.number,MethodListItemComponent:o.default.oneOfType([o.default.object,o.default.func]),RegisterModalComponent:o.default.oneOfType([o.default.object,o.default.func])},g.defaultProps={initialAvailableMethods:[],MethodListItemComponent:h.default,RegisterModalComponent:m.default},g.childContextTypes={allAvailableMethods:o.default.arrayOf(u.default),backupMethod:s.default,endpoints:o.default.shape({register:o.default.string,remove:o.default.string,setDefault:o.default.string}),resources:o.default.object};t.default=(0,i.connect)((e=>{const{availableMethods:t,screen:n}=e.mfaRegister,{defaultMethod:o,registeredMethods:r}=e.mfaAdministration;return{availableMethods:t,defaultMethod:o,registeredMethods:r||[],registrationScreen:n}}),(e=>({onResetRegister:()=>{e((0,c.chooseMethod)(null)),e((0,c.showScreen)(f.SCREEN_CHOOSE_METHOD))},onUpdateAvailableMethods:t=>{e((0,c.setAvailableMethods)(t))},onSetDefaultMethod:t=>{e((0,d.setDefaultMethod)(t))},onSetRegisteredMethods:t=>{e((0,d.setRegisteredMethods)(t))}})))(g)},1820:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7363))&&o.__esModule?o:{default:o};t.default=e=>{let{color:t="currentColor",size:n="3em"}=e;return r.default.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",viewBox:"0 0 512 512",height:n,width:n},r.default.createElement("g",{fill:t},r.default.createElement("path",{d:"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8zM124 296c-6.6 0-12-5.4-12-12v-56c0-6.6 5.4-12 12-12h264c6.6 0 12 5.4 12 12v56c0 6.6-5.4 12-12 12H124z"})))}},3947:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7363))&&o.__esModule?o:{default:o};t.default=e=>{let{color:t="currentColor",size:n="3em"}=e;return r.default.createElement("svg",{xmlns:"http://www.w3.org/2000/svg",viewBox:"0 0 512 512",height:n,width:n},r.default.createElement("g",{fill:t},r.default.createElement("path",{d:"M504 256c0 136.967-111.033 248-248 248S8 392.967 8 256 119.033 8 256 8s248 111.033 248 248zM227.314 387.314l184-184c6.248-6.248 6.248-16.379 0-22.627l-22.627-22.627c-6.248-6.249-16.379-6.249-22.628 0L216 308.118l-70.059-70.059c-6.248-6.248-16.379-6.248-22.628 0l-22.627 22.627c-6.248 6.248-6.248 16.379 0 22.627l104 104c6.249 6.249 16.379 6.249 22.628.001z"})))}},5292:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=a(n(7363)),r=a(n(7820));function a(e){return e&&e.__esModule?e:{default:e}}t.default=e=>{let{block:t=!1,size:n="6em"}=e;return o.default.createElement("div",{style:{height:n,width:n},className:(0,r.default)({"mfa-loading-indicator":!0,"mfa-loading-indicator--block":t})})}},440:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.SCREEN_REGISTER_METHOD=t.SCREEN_INTRODUCTION=t.SCREEN_COMPLETE=t.SCREEN_CHOOSE_METHOD=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=M(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=E(n(7086)),a=E(n(42)),i=n(6648),l=E(n(2949)),s=E(n(5695)),u=E(n(5292)),c=E(n(6910)),d=E(n(3954)),f=E(n(1824)),h=n(1624),p=n(8631),m=E(n(1196));function E(e){return e&&e.__esModule?e:{default:e}}function M(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(M=function(e){return e?n:t})(e)}function _(){return _=Object.assign?Object.assign.bind():function(e){for(var t=1;te.json().then((e=>{const{SecurityID:t,...n}=e;this.setState({registerProps:n,token:t})}))))}handleBack(){const{availableMethods:e,onShowIntroduction:t,onShowChooseMethod:n}=this.props;return 1===e.length&&t?t():(this.setState({registerProps:null}),n())}handleCompleteRegistration(e){const{endpoints:{register:t},selectedMethod:n,onRemoveAvailableMethod:o,onRegister:r}=this.props,{token:i}=this.state,l=i?`?SecurityID=${i}`:"";(0,a.default)(`${t.replace("{urlSegment}",n.urlSegment)}${l}`,"POST",JSON.stringify(e)).then((e=>201===e.status?(this.setState({registerProps:null}),"function"==typeof r&&r(n),o(n),this.setupBackupMethod(),null):e.json())).then((e=>{if(e&&e.errors){const t=e.errors.join(", ");this.setState((e=>({registerProps:{...e.registerProps,error:t}})))}}))}shouldSetupBackupMethod(){const{backupMethod:e,registeredMethods:t}=this.props;return!!e&&!t.find((t=>t.urlSegment===e.urlSegment))}handleSkip(){const{skip:e}=this.props.endpoints;e&&(window.location=this.props.endpoints.skip)}renderIntroduction(){const{canSkip:e,resources:t,endpoints:{skip:n},showSubTitle:r,IntroductionComponent:a}=this.props;return o.default.createElement(a,{canSkip:n&&e,onSkip:this.handleSkip,resources:t,showTitle:r})}renderMethod(){const{selectedMethod:e,showSubTitle:t,TitleComponent:n}=this.props,{registerProps:r}=this.state;if(!e)return null;if(!r)return o.default.createElement(u.default,{block:!0});const a=(0,i.loadComponent)(e.component);return o.default.createElement("div",null,t&&o.default.createElement(n,null),o.default.createElement(a,_({},r,{method:e,onBack:this.handleBack,onCompleteRegistration:this.handleCompleteRegistration})))}renderOptions(){const{availableMethods:e,showSubTitle:t,SelectMethodComponent:n}=this.props;return o.default.createElement(n,{methods:e,showTitle:t})}render(){const{screen:e,onCompleteRegistration:t,showTitle:n,showSubTitle:r,completeMessage:a,CompleteComponent:i}=this.props,{ss:{i18n:l}}=window;if(e===v)return o.default.createElement(i,{showTitle:r,onComplete:t,message:a});let s;switch(e){case b:s=this.renderOptions();break;case y:s=this.renderMethod();break;default:s=this.renderIntroduction()}return o.default.createElement("div",null,n&&o.default.createElement("h1",{className:"mfa-app-title"},l._t("MFARegister.TITLE","Multi-factor authentication")),s)}}t.Component=O,O.propTypes={availableMethods:r.default.arrayOf(l.default),backupMethod:l.default,canSkip:r.default.bool,endpoints:r.default.shape({register:r.default.string.isRequired,skip:r.default.string}),onRegister:r.default.func,onCompleteRegistration:r.default.func.isRequired,registeredMethods:r.default.arrayOf(s.default),resources:r.default.object,showTitle:r.default.bool,showSubTitle:r.default.bool,IntroductionComponent:r.default.oneOfType([r.default.object,r.default.func]),SelectMethodComponent:r.default.oneOfType([r.default.object,r.default.func]),CompleteComponent:r.default.oneOfType([r.default.object,r.default.func]),TitleComponent:r.default.oneOfType([r.default.object,r.default.func])},O.defaultProps={resources:{},showTitle:!0,showSubTitle:!0,showIntroduction:!0,IntroductionComponent:c.default,SelectMethodComponent:f.default,CompleteComponent:d.default,TitleComponent:m.default};t.default=(0,h.connect)((e=>{const t=e.mfaRegister||e;return{screen:t.screen,selectedMethod:t.method,availableMethods:t.availableMethods}}),(e=>({onShowIntroduction:()=>e((0,p.showScreen)(g)),onShowComplete:()=>e((0,p.showScreen)(v)),onSelectMethod:t=>e((0,p.chooseMethod)(t)),onShowChooseMethod:()=>{e((0,p.chooseMethod)(null)),e((0,p.showScreen)(b))},onRemoveAvailableMethod:t=>e((0,p.removeAvailableMethod)(t))})))(O)},3954:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o=i(n(7363)),r=i(n(7086)),a=i(n(1196));function i(e){return e&&e.__esModule?e:{default:e}}const l=e=>{let{onComplete:t,showTitle:n,message:r}=e;return o.default.createElement("div",{className:"mfa-register-confirmation"},o.default.createElement("i",{className:"font-icon-check-mark mfa-register-confirmation__icon"}),n&&o.default.createElement(a.default,{className:"mfa-register-confirmation__title"}),o.default.createElement("p",{className:"mfa-register-confirmation__description"},r||window.ss.i18n._t("MFARegister.SETUP_COMPLETE_DESCRIPTION","You will be able to edit these settings later from your profile area.")),o.default.createElement("button",{onClick:t,className:"mfa-register-confirmation__continue btn btn-primary"},window.ss.i18n._t("MFARegister.SETUP_COMPLETE_CONTINUE","Continue")))};l.propTypes={onComplete:r.default.func.isRequired,showTitle:r.default.bool},l.defaultProps={showTitle:!0};t.default=l},6910:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=t.ActionList=void 0;var o=c(n(7363)),r=c(n(7086)),a=n(8631),i=n(1624),l=n(440),s=c(n(1196)),u=c(n(7462));function c(e){return e&&e.__esModule?e:{default:e}}const d=e=>{let{canSkip:t,onContinue:n,onSkip:r}=e;const{ss:{i18n:a}}=window;return o.default.createElement("ul",{className:"mfa-action-list"},o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-primary",onClick:n},a._t("MultiFactorAuthentication.GET_STARTED",u.default["MultiFactorAuthentication.GET_STARTED"]))),t&&o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-secondary",onClick:r},a._t("MultiFactorAuthentication.SETUP_LATER",u.default["MultiFactorAuthentication.SETUP_LATER"]))))};t.ActionList=d;const f=e=>{let{canSkip:t,onContinue:n,onSkip:r,resources:a,showTitle:i,TitleComponent:l}=e;const{ss:{i18n:s}}=window;return o.default.createElement("div",null,i&&o.default.createElement(l,null),o.default.createElement("h4",{className:"mfa-feature-list-title"},s._t("MultiFactorAuthentication.HOW_IT_WORKS",u.default["MultiFactorAuthentication.HOW_IT_WORKS"])),o.default.createElement("ul",{className:"mfa-feature-list"},o.default.createElement("li",{className:"mfa-feature-list-item"},a.extra_factor_image_url&&o.default.createElement("img",{alt:s._t("MultiFactorAuthentication.EXTRA_LAYER_IMAGE_ALT",u.default["MultiFactorAuthentication.EXTRA_LAYER_IMAGE_ALT"]),"aria-hidden":"true",className:"mfa-feature-list-item__icon",src:a.extra_factor_image_url}),o.default.createElement("div",{className:"mfa-feature-list-item__content"},o.default.createElement("h5",{className:"mfa-block-heading mfa-feature-list-item__title"},s._t("MultiFactorAuthentication.EXTRA_LAYER_TITLE",u.default["MultiFactorAuthentication.EXTRA_LAYER_TITLE"])),o.default.createElement("p",{className:"mfa-feature-list-item__description"},s._t("MultiFactorAuthentication.EXTRA_LAYER_DESCRIPTION",u.default["MultiFactorAuthentication.EXTRA_LAYER_DESCRIPTION"])," ",a.user_help_link&&o.default.createElement("a",{href:a.user_help_link},s._t("MultiFactorAuthentication.HOW_MFA_WORKS",u.default["MultiFactorAuthentication.HOW_MFA_WORKS"]))))),o.default.createElement("li",{className:"mfa-feature-list-item"},a.unique_image_url&&o.default.createElement("img",{alt:s._t("MultiFactorAuthentication.UNIQUE_IMAGE_ALT",u.default["MultiFactorAuthentication.UNIQUE_IMAGE_ALT"]),"aria-hidden":"true",className:"mfa-feature-list-item__icon",src:a.unique_image_url}),o.default.createElement("div",{className:"mfa-feature-list-item__content"},o.default.createElement("h5",{className:"mfa-block-heading mfa-feature-list-item__title"},s._t("MultiFactorAuthentication.UNIQUE_TITLE",u.default["MultiFactorAuthentication.UNIQUE_TITLE"])),o.default.createElement("p",{className:"mfa-feature-list-item__description"},s._t("MultiFactorAuthentication.UNIQUE_DESCRIPTION",u.default["MultiFactorAuthentication.UNIQUE_DESCRIPTION"]))))),o.default.createElement(d,{canSkip:t,onContinue:n,onSkip:r}))};t.Component=f,f.propTypes={canSkip:r.default.bool,onContinue:r.default.func.isRequired,onSkip:r.default.func,resources:r.default.shape({user_help_link:r.default.string,extra_factor_image_url:r.default.string,unique_image_url:r.default.string}).isRequired,showTitle:r.default.bool,TitleComponent:r.default.oneOfType([r.default.object,r.default.func])},f.defaultProps={showTitle:!0,TitleComponent:s.default};t.default=(0,i.connect)(null,(e=>({onContinue:()=>{e((0,a.chooseMethod)(null)),e((0,a.showScreen)(l.SCREEN_REGISTER_METHOD))}})))(f)},3324:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=u(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=s(n(7086)),a=s(n(7820)),i=s(n(2949)),l=s(n(639));function s(e){return e&&e.__esModule?e:{default:e}}function u(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(u=function(e){return e?n:t})(e)}class c extends o.Component{constructor(e){super(e),this.handleClick=this.handleClick.bind(this),this.handleKeyUp=this.handleKeyUp.bind(this)}handleClick(e){const{method:{isAvailable:t},onClick:n}=this.props;t&&n&&n(e)}handleKeyUp(e){13===e.keyCode&&this.handleClick(e)}renderSupportLink(e){const{ss:{i18n:t}}=window,{supportLink:n,supportText:r}=e;return n?o.default.createElement("a",{href:n,target:"_blank",rel:"noopener noreferrer",className:"mfa-method-tile__support-link"},r||t._t("MFARegister.HELP","Find out more.")):null}renderUnavailableMask(){const{ss:{i18n:e}}=window,{isAvailable:t,getUnavailableMessage:n}=this.props;if(t())return null;const r=n();return o.default.createElement("div",{className:"mfa-method-tile__unavailable-mask"},o.default.createElement("h3",{className:"mfa-method-tile__unavailable-title"},e._t("MFAMethodTile.UNAVAILABLE","Unsupported: ")),r&&o.default.createElement("p",{className:"mfa-method-tile__unavailable-text"},r))}render(){const{isActive:e,method:t}=this.props,{ss:{i18n:n}}=window,r=(0,a.default)("mfa-method-tile",{"mfa-method-tile--active":e,"mfa-method-tile--unsupported":!t.isAvailable}),i=(0,a.default)("mfa-method-tile__thumbnail-container",{"mfa-method-tile__thumbnail-container--unsupported":!t.isAvailable}),l=n.inject(n._t("MFARegister.REGISTER_WITH","Register with {method}"),{method:t.name.toLowerCase()});return o.default.createElement("li",{className:r},o.default.createElement("div",{className:"mfa-method-tile__content",onClick:this.handleClick,onKeyUp:this.handleKeyUp,tabIndex:"0",role:"button"},t.thumbnail&&o.default.createElement("div",{className:i},o.default.createElement("img",{src:t.thumbnail,className:"mfa-method-tile__thumbnail",alt:t.name})),o.default.createElement("h3",{className:"mfa-method-tile__title"},l),o.default.createElement("p",{className:"mfa-method-tile__description"},t.description&&`${t.description}. `,this.renderSupportLink(t))),this.renderUnavailableMask())}}t.Component=c,c.propTypes={getUnavailableMessage:r.default.func.isRequired,isActive:r.default.bool,isAvailable:r.default.func.isRequired,method:i.default.isRequired,onClick:r.default.func.isRequired},c.defaultProps={isActive:!1};t.default=(0,l.default)(c)},1824:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=m(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=p(n(7086)),a=p(n(2949)),i=p(n(7820)),l=n(8631),s=n(2827),u=n(1624),c=p(n(639)),d=n(440),f=p(n(3324)),h=p(n(1196));function p(e){return e&&e.__esModule?e:{default:e}}function m(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(m=function(e){return e?n:t})(e)}class E extends o.Component{constructor(e){super(e);let t=null;1===e.methods.length&&e.isAvailable&&e.isAvailable(e.methods[0])&&(t=e.methods[0]),this.state={highlightedMethod:t},this.handleGoToNext=this.handleGoToNext.bind(this),this.handleBack=this.handleBack.bind(this)}componentDidMount(){const{highlightedMethod:e}=this.state;e&&this.handleGoToNext()}handleGoToNext(){const{highlightedMethod:e}=this.state;this.props.onSelectMethod(e)}handleClick(e){this.setState({highlightedMethod:e})}handleBack(){this.props.onClickBack&&this.props.onClickBack()}renderActions(){const{ss:{i18n:e}}=window,{highlightedMethod:t}=this.state;return o.default.createElement("ul",{className:"mfa-action-list"},o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-primary",disabled:null===t,onClick:this.handleGoToNext},e._t("MFARegister.NEXT","Next"))),o.default.createElement("li",{className:"mfa-action-list__item"},o.default.createElement("button",{className:"btn btn-secondary",onClick:this.handleBack},e._t("MFARegister.BACK","Back"))))}render(){const{methods:e,showTitle:t,TitleComponent:n,MethodTileComponent:r}=this.props,{highlightedMethod:a}=this.state,l=(0,i.default)("mfa-method-tile-group",{"mfa-method-tile-group--three-columns":e.length%3==0});return o.default.createElement("div",null,t&&o.default.createElement(n,null),o.default.createElement("ul",{className:l},e.map((e=>o.default.createElement(r,{isActive:a===e,key:e.urlSegment,method:e,onClick:()=>this.handleClick(e)})))),this.renderActions())}}t.Component=E,E.propTypes={methods:r.default.arrayOf(a.default),onSelectMethod:r.default.func,onClickBack:r.default.func,showTitle:r.default.bool,TitleComponent:r.default.oneOfType([r.default.object,r.default.func]),MethodTileComponent:r.default.oneOfType([r.default.object,r.default.func])},E.defaultProps={showTitle:!0,TitleComponent:h.default,MethodTileComponent:f.default};t.default=(0,s.compose)((0,u.connect)(null,(e=>({onClickBack:()=>e((0,l.showScreen)(d.SCREEN_INTRODUCTION)),onSelectMethod:t=>{e((0,l.chooseMethod)(t)),e((0,l.showScreen)(d.SCREEN_REGISTER_METHOD))}}))),c.default)(E)},1196:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=l(n(7363)),r=n(1624),a=n(440),i=l(n(7462));function l(e){return e&&e.__esModule?e:{default:e}}const s=e=>{let{screen:t,method:n,Tag:r="h2",className:l="mfa-section-title"}=e;const{ss:{i18n:s}}=window;let u;switch(t){case a.SCREEN_INTRODUCTION:u=s._t("MultiFactorAuthentication.TITLE",i.default["MultiFactorAuthentication.TITLE"]);break;case a.SCREEN_CHOOSE_METHOD:u=s._t("MultiFactorAuthentication.SELECT_METHOD",i.default["MultiFactorAuthentication.SELECT_METHOD"]);break;case a.SCREEN_COMPLETE:u=s._t("MultiFactorAuthentication.SETUP_COMPLETE_TITLE",i.default["MultiFactorAuthentication.SETUP_COMPLETE_TITLE"]);break;case a.SCREEN_REGISTER_METHOD:u=n&&s.inject(s._t("MFARegister.REGISTER_WITH","Register with {method}"),{method:n.name.toLowerCase()});break;default:u=!1}if(!u||!u.length)return null;const c=r||"span";return o.default.createElement(c,{className:l},u)};t.Component=s;t.default=(0,r.connect)((e=>{const t=e.mfaRegister||e;return{screen:t.screen,method:t.method}}))(s)},7442:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=t.Component=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=m(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var i=r?Object.getOwnPropertyDescriptor(e,a):null;i&&(i.get||i.set)?Object.defineProperty(o,a,i):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=p(n(7086)),a=n(8127),i=n(6648),l=n(2827),s=n(1624),u=p(n(1196)),c=n(9861),d=p(n(5695)),f=n(440),h=p(n(7462));function p(e){return e&&e.__esModule?e:{default:e}}function m(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(m=function(e){return e?n:t})(e)}class E extends o.Component{constructor(e){super(e),this.handleRegister=this.handleRegister.bind(this)}componentDidUpdate(){const{disallowedScreens:e,isOpen:t,registrationScreen:n,toggle:o}=this.props;t&&e.length&&e.includes(n)&&o()}handleRegister(e){const{onAddRegisteredMethod:t,onSetDefaultMethod:n,registeredMethods:o}=this.props;o.length||n(e.urlSegment),t(e)}render(){const{backupMethod:e,endpoints:t,isOpen:n,toggle:r,registeredMethods:i,registrationScreen:l,resources:s,RegisterComponent:c}=this.props;return o.default.createElement(a.Modal,{isOpen:n,toggle:r,className:"registered-mfa-method-list-field-register-modal"},o.default.createElement(a.ModalHeader,{toggle:r},o.default.createElement(u.default,{Tag:null})),o.default.createElement(a.ModalBody,{className:"registered-mfa-method-list-field-register-modal__content"},l!==f.SCREEN_INTRODUCTION&&o.default.createElement(c,{backupMethod:e,registeredMethods:i,onCompleteRegistration:r,onRegister:this.handleRegister,resources:s,endpoints:t,showTitle:!1,showSubTitle:!1,completeMessage:window.ss.i18n._t("MultiFactorAuthentication.ADMIN_SETUP_COMPLETE_CONTINUE",h.default["MultiFactorAuthentication.ADMIN_SETUP_COMPLETE_CONTINUE"])})))}}t.Component=E,E.propTypes={isOpen:r.default.bool,toggle:r.default.func,disallowedScreens:r.default.arrayOf(r.default.number),backupMethod:d.default,resources:r.default.object,endpoints:r.default.shape({register:r.default.string}),registrationScreen:r.default.number,registeredMethods:r.default.arrayOf(d.default),onAddRegisteredMethod:r.default.func,onSetDefaultMethod:r.default.func,RegisterComponent:r.default.oneOfType([r.default.element,r.default.func,r.default.elementType])},E.defaultProps={isOpen:!1,disallowedScreens:[]};t.default=(0,l.compose)((0,i.inject)(["MFARegister"],(e=>({RegisterComponent:e})),(()=>"MFARegisterModal")),(0,s.connect)((e=>({registrationScreen:e.mfaRegister.screen,registeredMethods:e.mfaAdministration.registeredMethods})),(e=>({onAddRegisteredMethod:t=>{e((0,c.registerMethod)(t))},onSetDefaultMethod:t=>e((0,c.setDefaultMethod)(t))}))))(E)},830:function(e,t,n){"use strict";var o,r=(o=n(7363))&&o.__esModule?o:{default:o},a=n(9691),i=n(6648);window.jQuery.entwine("ss",(e=>{e('.js-injector-boot [data-field-type="registered-mfa-method-list-field"]').entwine({ReactRoot:null,onmatch(){const e=(0,i.loadComponent)("RegisteredMFAMethodListField"),{readOnly:t,schema:{backupMethod:n,defaultMethod:o,registeredMethods:l,availableMethods:s,allAvailableMethods:u,resources:c,endpoints:d,backupCreatedDate:f,resetEndpoint:h,isMFARequired:p}}=this.data("schema");let m=this.getReactRoot();m||(m=(0,a.createRoot)(this[0]),this.setReactRoot(m)),m.render(r.default.createElement(e,{backupMethod:n,readOnly:t,initialDefaultMethod:o,initialRegisteredMethods:l,initialAvailableMethods:s,allAvailableMethods:u,resources:c,endpoints:d,backupCreatedDate:f,resetEndpoint:h,isMFARequired:p}))},onunmatch(){const e=this.getReactRoot();e&&(e.unmount(),this.setReactRoot(null))}})}))},6388:function(){"use strict";window.jQuery.entwine("ss",(e=>{e('[name="MFARequired"]').entwine({setGraceFieldState(){parseInt(this.val(),10)?e(".mfa-settings__grace-period").removeAttr("disabled"):e(".mfa-settings__grace-period").attr("disabled","disabled")},onchange(){this.setGraceFieldState()},onmatch(){this.setGraceFieldState()}}),e('[name="MFAAppliesTo"]').entwine({setGroupFieldVisibility(){if(!this.is(":checked"))return;const t=e(".js-mfa-group-restrictions");"everyone"===this.val()?t.hide():t.show()},onchange(){this.setGroupFieldVisibility()},onmatch(){this.setGroupFieldVisibility()}})}))},1924:function(e,t,n){"use strict";n(830),n(6388)},42:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=function(e){return fetch(e,{body:arguments.length>2&&void 0!==arguments[2]?arguments[2]:void 0,credentials:"same-origin",headers:arguments.length>3&&void 0!==arguments[3]?arguments[3]:{},method:arguments.length>1&&void 0!==arguments[1]?arguments[1]:"GET"})}},1661:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.formatCode=void 0;t.formatCode=function(e){let t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:" ";if(e.length<6)return e;if(e.length%4==0)return e.split(/(.{4})/g).filter((e=>e)).join(t).trim();if(e.length%3==0)return e.split(/(.{3})/g).filter((e=>e)).join(t).trim();const n=4-e.length%4,o=(e.length-3*n)/4,r=[...[...Array(o).keys()].map((()=>4)),...[...Array(n).keys()].map((()=>3))];let a=0;return r.map((t=>e.substring(a,a+=t))).join(t).trim()}},639:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.hoc=t.default=void 0;var o=function(e,t){if(!t&&e&&e.__esModule)return e;if(null===e||"object"!=typeof e&&"function"!=typeof e)return{default:e};var n=i(t);if(n&&n.has(e))return n.get(e);var o={},r=Object.defineProperty&&Object.getOwnPropertyDescriptor;for(var a in e)if("default"!==a&&Object.prototype.hasOwnProperty.call(e,a)){var l=r?Object.getOwnPropertyDescriptor(e,a):null;l&&(l.get||l.set)?Object.defineProperty(o,a,l):o[a]=e[a]}o.default=e,n&&n.set(e,o);return o}(n(7363)),r=n(1624),a=n(2827);function i(e){if("function"!=typeof WeakMap)return null;var t=new WeakMap,n=new WeakMap;return(i=function(e){return e?n:t})(e)}function l(){return l=Object.assign?Object.assign.bind():function(e){for(var t=1;t{const t=class extends o.Component{constructor(e){super(e),this.getAvailabilityOverride=this.getAvailabilityOverride.bind(this),this.isAvailable=this.isAvailable.bind(this),this.getUnavailableMessage=this.getUnavailableMessage.bind(this)}getAvailabilityOverride(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:null;const{availableMethodOverrides:t}=this.props,n=e||this.props.method,{urlSegment:o}=n;return void 0!==t[o]?t[o]:{}}getUnavailableMessage(){const e=(arguments.length>0&&void 0!==arguments[0]?arguments[0]:null)||this.props.method;return this.getAvailabilityOverride(e).unavailableMessage||e.unavailableMessage}isAvailable(){const e=(arguments.length>0&&void 0!==arguments[0]?arguments[0]:null)||this.props.method,t=this.getAvailabilityOverride(e);let n=e.isAvailable;return void 0!==t.isAvailable&&(n=t.isAvailable),n}render(){return o.default.createElement(e,l({},this.props,{isAvailable:this.isAvailable,getUnavailableMessage:this.getUnavailableMessage}))}},n=(e=>e.displayName||e.name||"Component")(e);return t.displayName=`WithMethodAvailability(${n})`,t};t.hoc=s;const u=(0,a.compose)((0,r.connect)((e=>{const t=[...e.mfaRegister.availableMethods,...e.mfaVerify.allMethods],n={};return Object.values(t).forEach((t=>{const{urlSegment:o}=t,r=`${o}Availability`;void 0!==e[r]&&(n[o]=e[r])})),{availableMethodOverrides:n}})),s);t.default=u},2017:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["ADD_REGISTERED_METHOD","REMOVE_REGISTERED_METHOD","SET_DEFAULT_METHOD","SET_REGISTERED_METHODS"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_ADMINISTRATION.${t}`})),{})},9861:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.setRegisteredMethods=t.setDefaultMethod=t.registerMethod=t.deregisterMethod=void 0;var o,r=(o=n(2017))&&o.__esModule?o:{default:o};t.registerMethod=e=>({type:r.default.ADD_REGISTERED_METHOD,payload:{method:e}});t.deregisterMethod=e=>({type:r.default.REMOVE_REGISTERED_METHOD,payload:{method:e}});t.setDefaultMethod=e=>({type:r.default.SET_DEFAULT_METHOD,payload:{defaultMethod:e}});t.setRegisteredMethods=e=>({type:r.default.SET_REGISTERED_METHODS,payload:{methods:e}})},6683:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:a,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};const o=e=>t=>t.urlSegment===e.urlSegment,{registeredMethods:i}=e;switch(t){case r.default.ADD_REGISTERED_METHOD:{const{method:t}=n;return Array.isArray(i)?i.find(o(t))?e:(i.push(t),{...e,registeredMethods:i}):{...e,registeredMethods:[t]}}case r.default.REMOVE_REGISTERED_METHOD:{const{method:t}=n,r=i.findIndex(o(t));if(r<0)return e;i.splice(r,1);const a=2===i.length?{defaultMethod:i.find((()=>!0)).urlSegment}:{};return{...e,...a,registeredMethods:[...i]}}case r.default.SET_DEFAULT_METHOD:return{...e,defaultMethod:n.defaultMethod};case r.default.SET_REGISTERED_METHODS:return{...e,registeredMethods:n.methods};default:return e}};var o,r=(o=n(2017))&&o.__esModule?o:{default:o};const a={defaultMethod:null,registeredMethods:[]}},3529:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["ADD_AVAILABLE_METHOD","REMOVE_AVAILABLE_METHOD","SET_AVAILABLE_METHODS","SET_SCREEN","SET_METHOD"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_REGISTER.${t}`})),{})},8631:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.showScreen=t.setAvailableMethods=t.removeAvailableMethod=t.chooseMethod=t.addAvailableMethod=void 0;var o,r=(o=n(3529))&&o.__esModule?o:{default:o};t.showScreen=e=>({type:r.default.SET_SCREEN,payload:{screen:e}});t.chooseMethod=e=>({type:r.default.SET_METHOD,payload:{method:e}});t.setAvailableMethods=e=>({type:r.default.SET_AVAILABLE_METHODS,payload:{availableMethods:e}});t.addAvailableMethod=e=>({type:r.default.ADD_AVAILABLE_METHOD,payload:{method:e}});t.removeAvailableMethod=e=>({type:r.default.REMOVE_AVAILABLE_METHOD,payload:{method:e}})},7286:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:i,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};switch(t){case a.default.SET_SCREEN:{const{screen:t}=n;return null===e.method&&t===r.SCREEN_REGISTER_METHOD?{...e,screen:r.SCREEN_CHOOSE_METHOD}:{...e,screen:t}}case a.default.SET_METHOD:return{...e,method:n.method};case a.default.SET_AVAILABLE_METHODS:return{...e,availableMethods:n.availableMethods};case a.default.ADD_AVAILABLE_METHOD:return{...e,availableMethods:[...e.availableMethods,n.method]};case a.default.REMOVE_AVAILABLE_METHOD:return{...e,availableMethods:e.availableMethods.filter((e=>e.urlSegment!==n.method.urlSegment))};default:return e}};var o,r=n(440),a=(o=n(3529))&&o.__esModule?o:{default:o};const i={screen:r.SCREEN_INTRODUCTION,method:null,availableMethods:[]}},7282:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;t.default=["SET_ALL_METHODS"].reduce(((e,t)=>Object.assign(e,{[t]:`MFA_VERIFY.${t}`})),{})},23:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){let e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:a,{type:t,payload:n}=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};if(t===r.default.SET_ALL_METHODS)return{...e,allMethods:n.allMethods};return e};var o,r=(o=n(7282))&&o.__esModule?o:{default:o};const a={allMethods:[]}},2949:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7086))&&o.__esModule?o:{default:o};t.default=r.default.shape({urlSegment:r.default.string,name:r.default.string,description:r.default.string,supportLink:r.default.string,supportText:r.default.string,thumbnail:r.default.string,component:r.default.string,isAvailable:r.default.bool,unavailableMessage:r.default.string})},5695:function(e,t,n){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=void 0;var o,r=(o=n(7086))&&o.__esModule?o:{default:o};t.default=r.default.shape({name:r.default.string,urlSegment:r.default.string,isAvailable:r.default.bool,unavailableMessage:r.default.string,component:r.default.string,supportLink:r.default.string,thumbnail:r.default.string})},640:function(e,t,n){"use strict";var o=n(1742),r={"text/plain":"Text","text/html":"Url",default:"Text"};e.exports=function(e,t){var n,a,i,l,s,u,c=!1;t||(t={}),n=t.debug||!1;try{if(i=o(),l=document.createRange(),s=document.getSelection(),(u=document.createElement("span")).textContent=e,u.ariaHidden="true",u.style.all="unset",u.style.position="fixed",u.style.top=0,u.style.clip="rect(0, 0, 0, 0)",u.style.whiteSpace="pre",u.style.webkitUserSelect="text",u.style.MozUserSelect="text",u.style.msUserSelect="text",u.style.userSelect="text",u.addEventListener("copy",(function(o){if(o.stopPropagation(),t.format)if(o.preventDefault(),void 0===o.clipboardData){n&&console.warn("unable to use e.clipboardData"),n&&console.warn("trying IE specific stuff"),window.clipboardData.clearData();var a=r[t.format]||r.default;window.clipboardData.setData(a,e)}else o.clipboardData.clearData(),o.clipboardData.setData(t.format,e);t.onCopy&&(o.preventDefault(),t.onCopy(o.clipboardData))})),document.body.appendChild(u),l.selectNodeContents(u),s.addRange(l),!document.execCommand("copy"))throw new Error("copy command was unsuccessful");c=!0}catch(o){n&&console.error("unable to copy using execCommand: ",o),n&&console.warn("trying IE specific stuff");try{window.clipboardData.setData(t.format||"text",e),t.onCopy&&t.onCopy(window.clipboardData),c=!0}catch(o){n&&console.error("unable to copy using clipboardData: ",o),n&&console.error("falling back to prompt"),a=function(e){var t=(/mac os x/i.test(navigator.userAgent)?"⌘":"Ctrl")+"+C";return e.replace(/#{\s*key\s*}/g,t)}("message"in t?t.message:"Copy to clipboard: #{key}, Enter"),window.prompt(a,e)}}finally{s&&("function"==typeof s.removeRange?s.removeRange(l):s.removeAllRanges()),u&&document.body.removeChild(u),i()}return c}},9768:function(e,t){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Printd=t.createIFrame=t.createLinkStyle=t.createStyle=void 0;var n=/^(((http[s]?)|file):)?(\/\/)+([0-9a-zA-Z-_.=?&].+)$/,o=/^((\.|\.\.)?\/)([0-9a-zA-Z-_.=?&]+\/)*([0-9a-zA-Z-_.=?&]+)$/,r=function(e){return n.test(e)||o.test(e)};function a(e,t){var n=e.createElement("style");return n.appendChild(e.createTextNode(t)),n}function i(e,t){var n=e.createElement("link");return n.type="text/css",n.rel="stylesheet",n.href=t,n}function l(e){var t=window.document.createElement("iframe");return t.setAttribute("src","about:blank"),t.setAttribute("style","visibility:hidden;width:0;height:0;position:absolute;z-index:-9999;bottom:0;"),t.setAttribute("width","0"),t.setAttribute("height","0"),t.setAttribute("wmode","opaque"),e.appendChild(t),t}t.createStyle=a,t.createLinkStyle=i,t.createIFrame=l;var s={parent:window.document.body,headElements:[],bodyElements:[]},u=function(){function e(e){this.isLoading=!1,this.hasEvents=!1,this.opts=[s,e||{}].reduce((function(e,t){return Object.keys(t).forEach((function(n){return e[n]=t[n]})),e}),{}),this.iframe=l(this.opts.parent)}return e.prototype.getIFrame=function(){return this.iframe},e.prototype.print=function(e,t,n,o){if(!this.isLoading){var l=this.iframe,s=l.contentDocument,u=l.contentWindow;if(s&&u&&(this.iframe.src="about:blank",this.elCopy=e.cloneNode(!0),this.elCopy)){this.isLoading=!0,this.callback=o;var c=u.document;c.open(),c.write(''),this.addEvents();var d=this.opts,f=d.headElements,h=d.bodyElements;Array.isArray(f)&&f.forEach((function(e){return c.head.appendChild(e)})),Array.isArray(h)&&h.forEach((function(e){return c.body.appendChild(e)})),Array.isArray(t)&&t.forEach((function(e){e&&c.head.appendChild(r(e)?i(c,e):a(c,e))})),c.body.appendChild(this.elCopy),Array.isArray(n)&&n.forEach((function(e){if(e){var t=c.createElement("script");r(e)?t.src=e:t.innerText=e,c.body.appendChild(t)}})),c.close()}}},e.prototype.printURL=function(e,t){this.isLoading||(this.addEvents(),this.isLoading=!0,this.callback=t,this.iframe.src=e)},e.prototype.onBeforePrint=function(e){this.onbeforeprint=e},e.prototype.onAfterPrint=function(e){this.onafterprint=e},e.prototype.launchPrint=function(e){this.isLoading||e.print()},e.prototype.addEvents=function(){var e=this;if(!this.hasEvents){this.hasEvents=!0,this.iframe.addEventListener("load",(function(){return e.onLoad()}),!1);var t=this.iframe.contentWindow;t&&(this.onbeforeprint&&t.addEventListener("beforeprint",this.onbeforeprint),this.onafterprint&&t.addEventListener("afterprint",this.onafterprint))}},e.prototype.onLoad=function(){var e=this;if(this.iframe){this.isLoading=!1;var t=this.iframe,n=t.contentDocument,o=t.contentWindow;if(!n||!o)return;"function"==typeof this.callback?this.callback({iframe:this.iframe,element:this.elCopy,launchPrint:function(){return e.launchPrint(o)}}):this.launchPrint(o)}},e}();t.Printd=u,t.default=u},4300:function(e,t,n){"use strict";function o(e){return o="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},o(e)}Object.defineProperty(t,"__esModule",{value:!0}),t.CopyToClipboard=void 0;var r=l(n(7363)),a=l(n(640)),i=["text","onCopy","options","children"];function l(e){return e&&e.__esModule?e:{default:e}}function s(e,t){var n=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertySymbols(e);t&&(o=o.filter((function(t){return Object.getOwnPropertyDescriptor(e,t).enumerable}))),n.push.apply(n,o)}return n}function u(e){for(var t=1;t=0||(r[n]=e[n]);return r}(e,t);if(Object.getOwnPropertySymbols){var a=Object.getOwnPropertySymbols(e);for(o=0;o=0||Object.prototype.propertyIsEnumerable.call(e,n)&&(r[n]=e[n])}return r}function d(e,t){for(var n=0;n=0;--a){var i=this.tryEntries[a],l=i.completion;if("root"===i.tryLoc)return r("end");if(i.tryLoc<=this.prev){var s=o.call(i,"catchLoc"),u=o.call(i,"finallyLoc");if(s&&u){if(this.prev=0;--n){var r=this.tryEntries[n];if(r.tryLoc<=this.prev&&o.call(r,"finallyLoc")&&this.prev=0;--t){var n=this.tryEntries[t];if(n.finallyLoc===e)return this.complete(n.completion,n.afterLoc),w(n),E}},catch:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var n=this.tryEntries[t];if(n.tryLoc===e){var o=n.completion;if("throw"===o.type){var r=o.arg;w(n)}return r}}throw new Error("illegal catch attempt")},delegateYield:function(e,n,o){return this.delegate={iterator:D(e),resultName:n,nextLoc:o},"next"===this.method&&(this.arg=t),E}},e}(e.exports);try{regeneratorRuntime=t}catch(e){"object"==typeof globalThis?globalThis.regeneratorRuntime=t:Function("r","regeneratorRuntime = r")(t)}},1742:function(e){e.exports=function(){var e=document.getSelection();if(!e.rangeCount)return function(){};for(var t=document.activeElement,n=[],o=0;o { $('[name="MFARequired"]').entwine({ /** - * Enable or disable the associated "grace period" date field + * Set grace field enabled state based on whether it's enabled or not */ - onchange() { + setGraceFieldState() { const isRequired = parseInt(this.val(), 10); if (isRequired) { $('.mfa-settings__grace-period').removeAttr('disabled'); @@ -13,10 +13,51 @@ window.jQuery.entwine('ss', ($) => { }, /** - * Ensure the "grace period" hide/show handlers wake up when the page does + * Set correct grace field enabled state when value changes + */ + onchange() { + this.setGraceFieldState(); + }, + + /** + * Set correct grace field enabled state when form loads + */ + onmatch() { + this.setGraceFieldState(); + }, + }); + + $('[name="MFAAppliesTo"]').entwine({ + /** + * Set group field visibility based on which option is selected + */ + setGroupFieldVisibility() { + // Ignore radio buttons that aren't selected. + if (!this.is(':checked')) { + return; + } + + // Toggle display + const groupField = $('.js-mfa-group-restrictions'); + if (this.val() === 'everyone') { + groupField.hide(); + } else { + groupField.show(); + } + }, + + /** + * Set group field visibility when selection changes + */ + onchange() { + this.setGroupFieldVisibility(); + }, + + /** + * Set group field visibility when form loads */ onmatch() { - this.onchange(); + this.setGroupFieldVisibility(); }, }); }); diff --git a/docs/en/userguide/02_Administrator_manual/01_Configuring_MFA_site_settings.md b/docs/en/userguide/02_Administrator_manual/01_Configuring_MFA_site_settings.md index c05fd6a5..79ab3b4b 100644 --- a/docs/en/userguide/02_Administrator_manual/01_Configuring_MFA_site_settings.md +++ b/docs/en/userguide/02_Administrator_manual/01_Configuring_MFA_site_settings.md @@ -12,14 +12,14 @@ and select the **Access** tab. Here, you can select one of two modes of operation for MFA on your site: -## MFA is optional for everyone (default) +## MFA is optional (default) This is the default setting when MFA is installed. Everyone will be prompted to set up multi-factor authentication upon their first login, but they can skip the setup process and continue to log in as they did before. They will be able to set up MFA later via their Profile page in Silverstripe CMS. -## MFA is required for everyone +## MFA is required Everyone without MFA setup will be prompted with a message requiring them to setup MFA when they attempt to log in. If they choose not to proceed with setup, @@ -37,3 +37,16 @@ be prompted with the option to set it up on every login, until MFA is set up. ![A screenshot of the site-wide MFA settings UI with the 'MFA is required for everyone' option selected and a date entered in the 'MFA will be required from' field](../_images/02-01-2-grace-period.png) + +## Limit MFA to specific groups + +While it is generally recommended to apply the above settings to _all_ users globally, +you can choose to limit MFA registration to specific groups by setting "Who do these +MFA settings apply to?" to "Only these groups" and then selecting the relevant groups +from the dropdown field. + +Note that any users who have already registered MFA for their account prior to changing +this setting will still need to use MFA to log in, even if they are not in one of the +groups you have selected. + +![A screenshot of the site-wide MFA settings UI with the 'Only these groups' option selected and a group entered in the 'MFA Groups' field](../_images/02-01-3-only-these-groups.png) diff --git a/docs/en/userguide/_images/02-01-1-mfa-settings-ui.png b/docs/en/userguide/_images/02-01-1-mfa-settings-ui.png index c155002b5121a9fe6821b0e2281d5af9b3f4a645..0900f74597ab283469a8f1736d3828f4bce0cb2c 100644 GIT binary patch literal 69855 zcmd?QXH-;M5H7fzAR>|lR1gqBa!?Q?qa?|aa}*>8$+=rlK@iC~O3pb*M#-@Wl0%a- zG&w_0d+&X3t@nP+%%53n*31t$r_VWipQ_qbwX43W^YyKwH2$53cK`tRGH)bQ0Jx1l z#VWmxi9TqN>ij)GoK&P=Lngb~py(gC4sW!b0Kg;t`v(CDN%sN3IDIRxCJA&R_YY6H zW)BjZF9ZT_tTV3qh9;9TEBr%$*n5RKK_ddfGg7jv21cfLkcYoJ2gj!u`bK6Gvgs!d-am3!iF=BN~ z)8>0lc^kiLc6?306ts}hIyJ9#Y-E1p=;Ul-d8?*x#xkbfC8a*Jv|s5{sc&Zcvkw{d zEjZXel!mCz{k7#$285n7gsjDzQpI0)JLTh>Dq@)&u>_ICH(va?;e`Ixw#=UitU+N zH4ZQJ3rUShD=~424u~m^$@m$TQn|FX|H>;*+uT=5!+vxU;ouYA+BZHhy3o=!IzGFa zQT(g2xo>1@DLJokWdpf$aC&)pDXZhOw||sT@bhO=_tfl?Gc0O$el;$=Y;9wwskOho zXQZVao>g3*mRD0;{d;%s=)Ff=Cw$VtF}z_Aq4TY(e|D{`Ybqo*$H?wea8#C>iC1c2 zvs++>xpR<`zFTE|hx?~kT}#-;-qFGa^7QPYthUY2#{Y9zdf)Km;OI<5Vm@MVrMj`J zsdKofvc=ZpyS~-OHRN$ZX1PybqOze!@8Cp1MRQB0W8QU|^u20L^^u$e+>Kxw(#x&gJFh&CSh&gM+j4v+karrl#hN zy+ie{IhL{I!LfPXne|DzH8YD_y`!@_A^D+Y?Vs|RE%T>KhPGxl4ino~1L_x>CU+qp z+B_-{%E@CSo?TqQaQe@EucL^FvL!hK)O?gg6kvdk)T@&wYnxc2?~Ul@U3 z=>dSfOn1}gx!dT*gFcU$a~a|~nj1o!tB&WmWb2@pG$s)1yPj_D{0PM>`|$T#;D#mv z0E@qxQKBE_5#lyUf5(_yL}LP&JM3RCaO>0mc5K6Jfv%6EkfKCjQB1zs5db2>8(}@j znAi2cQ*z+^pN#(BXZ!!q?+Sc?7fHdcD5D^k+As7#E`}|6RtEsu2EpBi!vV9VjQE?8 z8JD%>AMaBigBhQ-WbK-t9~T~jHvh@(vXx+&aN*$FrG6GGHe(n7aMyO4KA+us)Tl(= zzn}U(x;u)}(v;1v(;+6 z2#;TzWGbdoh({0VeCOpSHRBDET#y?-r}YW)@k2mtJJC4gJ7Z6#o`@g zUIc!>U_$vWXy&@^IhtU%H+d;g354|2)Q)~WzxpK9U{{SdabX&6GA+e>9t7ln)K&14y6??EZ zI{;i2Uh+z!*Dd;+=r?|Z&@RQBzwW2525UD{N82OWYj!?Q#77d?Ky}qUN5@mKa9t?JY0u%&rgBcE`%!xoLbIr|%Y@HW$2f^~l!bZMYcB z)?EG=utG6rj~JLb8TWFOd@BU*eRaaFu?M;I=HCVMBr65a)c)>}he`y%OQ`>-q>Pvt zI2tw|W?dT8CD!1Z&id3`A)VZsV~#q6IUA4a`FJV<*jt)kG$tL@ZER4vT*dPlHX&EM zVz3|8Z}rC-)_IjUW*Z}shIPmqH`L>B*@iJMc@ew=2$a}<)9@V!3kzb? zBN-bOuLFWk_Ek|ewt(p|%gJ}L$O4@QeQyvds;n2m#kmDeDn9!9;ws|$?8@)-^<`94 zT=XA#)#Md_XJ;tM*7i~mQ5F6QrdEj->OvvHx z&>2Z7G^)aJN%x{~y2d_L2xZS}J4FlcSZte8NKZv{>}(O(K|2|B0|BikjXP#b$0Hns z&s8J-70;)JBm|qg!^kg}#O0wElw*%(_VWdt!d4_z+Yr^59O>#QW$Lb8w`jVyOUrvP z3R$&5p(Y0jlVUlGI9ZA!EW}hMe{-2LCO{q(H5fFw^JCp9D->Dej+z6=e&2}&Ag3qOYvwg*wlHnMbA5Z zX>tUAIwE%}bh_3luhdM=}cI6{9}Co^}(ujN4E;y$rz`UVAP!Mz}Zc z=e7bxM0WBv(ODgGdNi7~$B!?$9KiGfSD<`0VHv-zcKQUXtztSZ!S>sF>@IcBet~Ca ze$`$OJYdgkj{67ft&{f1ue!B4QbX66c`terLX<2A?qlg2@JQac$UWXHK7f|>bZk}y zM_+6{z-$>7m%tW2DBvB^`_r2(KyMCf%@YDqrQQy?p^ZUy{s0)4g1s*rnhgv$2DKW& zz#(8m=?ZKSL^AhM0{Lb$sMD!c3FTc)7!CKeBAXx0;p}nc27KFmAUHersiQJqRRUtdAXf-c%_X8 z4ZjCqio|TiIe0C7rz!*=fca2tSmvpuOf%fMh6H>^Fxp)o;zU}O@PRAYq(G>=lPxq3 zgALx!LEUv-wPD74QNA(07`D@IC>pcH=gKGtF|nRA*L~7q(0s|?94;m>d;1OZ_{y}T zhmY0u*o(v-$p9EFL@Z_g^Qlk{sLl`Axki31xM))c@IyryTohhU9yf09b3|MlhukZU zz=j>$Bvhq<(pUT)P>CaIqh!1}9n`$1?_Tr8XowO^*^{$_bmnyXgu$(4oMRud9o9dw zQ&Bo8QLHpqhfbHTI53Z}KyY%i!#BRW^b9VMstu*-q3&S)Y3$EPb!q`34DhKHvqkty z1GowAImeKIdv4cbjDYDB&%OJ|3x3b|PU+MM%6zD4uj%Eo=2>WCeDAE;^VwAAnr>&r z)~3|iH>_c1u;&X)pBGK%={>yD_}Crn*?MW}E}J3C`GjI2L5i@Fe7q>UQxW7hA;1zYRoh!Xo5? z-o+U1zDsy>pj2I(2q||)-rUF4hF+Hl&V+G@*ODDYDBvBtLrZb)dR(MD6v~NaCD@Y> zzXw%JU(U*DT6fmhEy0*D8jOby7wD-$#90xbe#f|o_BYqpBiT5Pmp&`@#FZM)+ATOnm-?-s;xX8bY+*%4elO*w{C9?>=xV=JaZE@ z(V+_?2B;@%d6Z2-mpCkJEs0h1*5=H|Z4G)Xu}tlZ=eA>M2p#SpE-pB4qD))1{6_KCU36IpaD z@J2cO=;v*qOS3xC;KF4CZkIJ!+}XcO{T0A5rwnB{H%bP-vBB{zKnEteRo#ejp0TLdZBoG+cO%-Jghda~11P9G~J!LB?8vRy9Di~@g6_vW! z&Owr-07~8M&fbwiXqodeeVm>JgW^!SIW7Q}h#|1qJM&6~V`z6g4_OJjNR7H^oM6y=|VDY0cv3h@RpKh4wv#@rMSp` zmNkdL(d$^Q3n3t4-%n&a0HyJ{uaXPU1}QJ@2vJs&YSX<1j9#KwsWr2*ESMZ-m}ro% zDBI(6qV&`?vV|WDhRJF5RKV`}BXiAzW;h4RH!|cbWJTn?ry&Qj7B1X>LD#@JC$OjM z`s8tHxY$K1hP$-o67=T7hso=wW=U?OcS(Sj;ji>lEz|iNpmB)>Tt}(v#krur=fBWu zLfGD>h_ztA%!jO7Z^4LqgR=vhZEX_>pfWQ2iULtl&QTV@7qS|doNM7YF#S2~sdIJk zfPo>tXP7b2RjR=ZfG-(Xpms1}0v{C(_5>q0#yMwCrAOpKd{U z&1;(3ICHTSOyo;~)tjN&IMiMnl93xC{BGMT_Oqwy8yn--QWzTuj26m8gpcVlsVx6{ ze2Apdu6qNM1R&}*LXaxmL>$j;87?u;6k4WTb=AWURZzXs)E+f6Ij1nRAJ(K5YO`m# z`g0-8xBJ%f^z&`-IEF%j7&@&JXv3dUc764*sSkHkjWYOFUgCA25a?2es(Bc569Shx zO3<@lM8C+6c8ydoz)VJEH>)P(N?YWF?|OeXvz~@)mOmCaq$;I0A`&LdzQAWXDK4_l ztdW8zI2zXqoHu@{xD%HoUaKvbr;U%eNW@U&Fl=jT4X+8|0m=!<4Ngxp+d$BwM8ecZ zN#TCy^l)(w1McAGX&RiRGPg^pHnVF<32O{y@8q52fze4wPRn!9CT~VQo`ACr`Ao(pA|YA6+5W z^}SjR6v?UqPM6Qp_lUReWZZ;LzpWkYBsIc!uEht#Ckvsz`N{L>OpM%SEz2v>G2~i9 z!@d`xUm>gpwDvZ=7Ka;isFg`EIcG{lv^g+Z{18;e;`YMnMdJxz&#Lw|z@s+iyJj`) zx05@vivvW?=>2HpCN|g?qP$T2nW0vp)3w__s}KkAQG}mt+i*xta5+=NmCR@u*RkrD zmvO%iY9fdH%>|i{Q#a^Y{@ty@qSuGnBAY%i7cukgo&JH?GUY7*D!A(b(b6$owHD8$ zzau1J@#3n0(wwPE*U-oOx})WAA6}xJ(f9NCha2^``2`8R7lMPo5XDXJsr{V*taqr*i0rZ`z#2vE%vk}mR5aTF(BQ=oA@I&?T! zQBNq=5#W<Lrl7WmcEY@Ibs_s6+>q6brKIDZ?%{0xMtl|M(wMw6XndJcW0 z9r>k-Np^P$ogubdy#lbwx!X)NKe8Ha)7npYh4}?fIg<}1y>Q$e)-yl2U<)4VJO?x5@??=z@ z5DN_Q0eXfPD?Uj=rKK{6kpC_Uq9=k85TT(^e#}&1mNS=_;9`13>W=h zSq@>* zeI0d>wh$0kbUS!1W5ueB6?&u*WKK7M2916{F~A89s+Q)`%oNOYeX0FGmWFyR@2G_3&bxeK#Xi&}$bj)X5xmBGV;f{gp}hOX4j+^cBrO{T$e{ zThAL~N(ptytI0XX2QCu*Cb^-xMnQxMqzX@fgKgAr-*p<$B$UC762eG2fBvVEc{w|> zZ003^-ImZgnmf1!t9h+>lxv=F^T_(W&f?fK@6$ee5JsT<0Cf%_`)R>UW0RGV7l#ES zqgfuf6tGj+1Et&kh4<~H#jXh>freI6^Ipq zP7wSycXXxZJ(2N{*Dp$ta+g1x3Pe%+5jMV9I`+dQ1$6iJsUOgqzqsUAd_vIkUR?F_ z9}WyL8C}Z_j;d(i9s{TRbe9~|)kYCnR%`#_%ty7^x#(nJo`_#xydG%}|E?bXGiEmT zRr4j4ta+VtXCS?TKwG%;nArHwcVxO9&jQvBG}j#VCLJGrf9kSIa^6^YQarr8vKFmb zKJ{f&PEe=Mq%g0xkcVA=YJ+I4x!|xzHgZRnR9sb8(x*MnFjhQO>7I?#A=M<$x&zw^ zB(1KI&dZDwl{WHSsOihcKNtH8FvOdqL&s*A*Z?t7 z?fQ!T|7$Zn=e?GRA37B$?B~*K^D@QWC*5CtEvNdZR?D)8&T1Z#HmT6Zm0Fya5<2*^ zTCgE1k;PzVxvDDb?Kk}Lx;Yt|=>4*utdwrMnRckP4C$VdU&_B z4IWwksDUqB-z`vypXK$dMAbq&?$kDpm~ykYGZ%byf0LD~E+4V@=i0-2*Al;Y-PGg< z2Qb9sQng;-@ud^C9DQ=HziHrsiwG9vU8H&izWcRkY;k*R_?*dELi)0Rx<_LX6jTFFymReiR z^u@pv>l!b+=+pI!Q9<5@o-cEgdk#ZW_|0D(cJ>)8z{Js?yL?#Rykpf4ME5&$bt8f{ zo_ILm*d@Y zoyqZ4{m(twB3l`kU=3&Eisunarr5GrFm}@o3p*JnRi6mc6k1;kmXc_8aRLmo6px+d zB!}o7gyCwsiAII=@^JIY`oW!aVh?!^r;JF!mHwh-Gv6uM<0pcQm+lxZ-~ZUZ-ssOt zAqZ8OXS`Egi`iYD$I0)JfDMx!pSYQ7CBNxigv`GtbP3I@={h8ozUfVg97#<%R71hx z$(J*ckO7~EnYcztDl1T&=%UTE_OW)%lMa*3ZlkYKR|0T~VUlx-%}kR3ABmf)qzHHL zX2@I0gMYU&W|aev1ON%?Om+K4Pf8e9=MFm3R2(AR?(Ap|#KURpr99a$tAZD3k_i!S zOfAXofww&37=hlgnFm4R9pAeG+;^zfs`x^46Qi|j=_`h!)wJ5P6>F>rGY-4zJ~hi8 zJ=T>Hu{XBMc=c6XZPV->4XHG#fS8Htja%&9Xk#=NK1R(1M}(|M;vhU6u1VA7=ATHe6!10GG3Tv+ZnJ<)6xUJ?J_)5DlQAY0Tdp_#q~|zk z(AU#(ThvMDmoDP)O|6uD-0|Hm#|Uxxxi`gk;SI@^Z|-Jl^f3SUz{mN+vESkFRO&p= zyA;~T?OzLHz?SJ*4PJs6#nnj3ZO33`G(aweE^F9QM;F)}J*FwQQ&!h`9DAo7-1#`? z9T_;ywkm__g!?hYxXBFXGhCK?qB?S6r`Wmq8^>(@sDA_n?yHIq5bpepA?DNKA0`@mqVw3P*r4X6`MZpVGCl0eMGPv~FUo~& z;>i!cmBV*WAJ|q(Hh2Un-~oqTx*|`)VzN^VZz1{UNX(Xt08^xmdrfYt|O%I+-3poZkO-Hhk zu{~BPW@R0kFz^(GP!mFa zlyfap8SS;I@7di5LS#;UIh4CIA@NA9q+zggZ2AqE$q!YZ1IOjJ4(YSV9$}QyJ#VK* zh?w`FK)MwJi1X@7u6CA9fNnm3p>2!5-}P#Pdkqa=Teh_M%Qg;B=+6C^D>ve{UJP#~ z*;>=yF%f3(nb4*wj@483P2KnV{IHF)G?outfSJkfvYPAgpL>4l(6!`>^Z`M0?*gtU zgCisYK88rH=u!x!8;F)BBjlJMm|{asn&R*m!9I?!MeZ5=)}32vZMs&e&&BglW1Cxr zwEXxkqsnnWCB?~bU`uTmN7ds-%nT8$CF##e=U|W{EqHn5iAfEjzWdKqIyxjE`)rJJ z%2^w>Odu^;1a<8nw}-0t6~|hOqFyjNGb6J~WexJRbG?_hO3UYbf~{W69$$$n@Aae6 zsQp(jAYxX`F%(m(bqwYmh&^_JjHpXE+?RO(O`C?#$~RP{^j9f9ZvXU+CUM&gVu%s5 zD0XD0uAr>&HS4f;<-zqg^#sGTUMK?qPDC>8x~O9NWG_02jTp?9rL8!|p5DnHsHgBM zm=alIol&yqbxXn3osSZC0rGRaHTh*`a7UK$(0qNcMvr8y`W>{;+<}GKK)PIEPMY{5 zo5wwaY)ln@UJv|g4T+QmZ-Z)-B%|xJIh$M4ebB!0kle9Wo!zE!R;4QPT9a8p;pK~Q zs)@W7bIN=hN89pbs~sZK$GifhxR~+7iX!N6-t_D%|-(RApYm?|uSFvqr%@8|P^BToX%0`^M7qE$=+f%1*=*oMP5 zY}lQtLU~tokPw-23xf395!YZjno(~-k@i0ZrR?!`NwoWTiJ}#^!2^y>D+(!X>1G%h zWJM~RkHcL@!Yq!%qiEMIA5;jz1JOy*_XoYR*)0cfta?gVHtGD*b|LDCq;>Sr6UTk1 zX3?278rfC)1m@q3+&zZ!qNUW^teSU1QFuhG?QzPF01iwo4-Mb|T$ zF66Hedn=kh6d{$7>bBhBqT3NIAWZiS{u8=KRmx?Kvh*PY*xpie6#kawOTS(NB7E+c z`cpp~n9(R2sjsFG9^iPSMoo3(U3=A`Q)Oef>_)2i6A(4sz@LIrg1t?MlQ6r+_c|ZU zmUEFR!8xYMhDQijRS}wQ=U(-hVrrh0I}~6UquET4nL`L1seD`y;d|SzJ}+H=t({|l6Rz4dkb36R z@%VTt0DZr{t=QQ?jC_V#@yLa=3~s_y9-)3yCuGcsTRckTAHrxsub~FSh{5Cg zH(kjb{%%oFT7V(Q@kT}Jvr;F@5>LHLI-H`etIF><+q^;}mY82$Lv2iCa3}xX1GLzf zDMNaq&8>2xrzV1XlSnnHJMhLZteae=_`x8Z2W4MJQQY!& zbIHyAL6Zt04+XR>?q}c{986W!9GzZD{Ni&{nPFhk0$~}Ff|vJ4?CkU7Xi|Cs{N@^& znk;fXi9q@Cwwb}?&Xt?f{aw!RZUecziOD?0d6QE!oAvAzGe~M#o2-6qL=-FZ$@c+d zCnoTZE1T(O2R3X|)i4(fcfZCxMH0>vrF%v1aE(-lL{1i`xK8hVw||A%;?LdxA~AVb z-cEZ!h;e-LeSMote(ggRup7+K&B>UM_@(IjRH} z`bdaB5(3NLNRFd>mfE!)!)v;Ac||xvqb+0BF2DNO7gGta6@Q%f0V*q>Y362Ze++r- z(y!GL4^kLjCtu1oa;Kp}U>YhPC%GNJVVA=I?MeZ$QjffGYTC4nFx!hWAE~@?+2X5v zth?BEf%5ZrwTZgGJrHrny}wmbsYv(Qy*BRRM@`Vh`0kmR^7&I`sZ(L05oIUu13XY- zhY)Giht*DQN12fy4?P=JgD3=MIH3S7dky~z$@FzNvcdI)#pUqnb&~2qY1RlwNQKw# zmpfp4)!D`5jR(1yq9kE`TCqZ2#*VC^A5S`=w}#~I=JVPM-CON`IV&nsV^I;A;u4O& z&uUh5*{h`v-+y@J&mXU!wI>#3XI0N&~y z_u9%Y>x~&}ug(Ci0{P)3Vps7eDbN$cIP)erHq?1z`XI&QIe>X^A=;lmwwjgE>9hh)whN0itvc35W;`y1$=KiefW>2VrekI>sK>PeqkL6X?>Gv-d zg4dHd=I}CBAR_9vyPcETpM|0UuZdJDqIDE1@oMdqlyE>wovq zF!I=DA*lZc9`3U}jk+7)qqTk0@57-h{aeHV z4Nb3x{%w6*t@g_Pn!QX@^iC5Lu&zAU_l zAMIotv$D{Ac94I@q2n^Earcw3Cjt1p{8YnHt&+!7Lv8S(@>L(#8?(dxQS`$S+5bNL z2A|(;a>UDaxrYQ|#KK=2>dMHt_GXy8+?l5)vo=qpTTq-+dovx?jvmwY-&N)|GSLD`_vzZvUto{o-{#dQ>Su%l1cRJpd6nvksZ?j@Lu7s0uUp^F$+o4 z+Ielv(NCp?HDtH{F*D_sM(IL`YaRBt>~9`lu5Ja7dfMZG7MuS>XS%RQ%esHA;0u{= z_^fBA9voMlIJLHb9+KO1)L#?Z+;lYS7TeTxwZj)n1OfBB8GmV>+=~rb)~1h0HN2Eeo77jeL;WqgKqZmsB~x$@AdQar_I12 zZn#aN*7efknc9d3$t)+9#A>~LbCcta=jtg%-zpx$+@RTYWy`)9k5_-vK`v@sk8ft3 z+YSwL9z6UXGT9*Lt{Q$O;_%Jo=nx+?syV=#`J@Ssb2d2TJRrhyJ9RAa%IGY$+!! zPj9#dxNiM3Pm`QRh~VUB7;~XpDhYVbr=)dO0UTL8mrp&X{=D`FX~A-_C5B9#2dcgc z7b|j*$br9I<#CjM2lu_tF=eaLT>0c#VY+rl@4TdBvzMZoFc;;Badu;3L<)m~xbpF& ze2du)?I_`*N}J}|U*Vn7i3z>3Bg0wA-<|jE474rFg*D@O3u-cMOb?^b16B`D1j;i% z+h*kz_43%S2v9xnrtMsqUki(IGmUi}%_oe=wJN&5ss9US`cZFYUHLGH2k8{cCTqvT z)w2Q!Y&!72W?CX)O%C(9+l44eNxtWpCD=!JK;d{%L~&`+Ae155+r}y7XHA8^(DsMk zQuhXNvSu1A^&mXqg!aVqs#ll5d05)aWHT$FiukL?R^YNld7*A$LtL|kUFF`hCLdBY zzIjunBvaIL_a-c{#gYGfWBOWv+($;xCIgcbJyY7E1dasZRUgi8j2Vy1s{Ou*t4+Q~ zvS-OsgM?%rfm$cI8lj#|WM%ZGw5#IDS1c}*A9ewa*IdV+ZUg2ho#}|p?0ZOEUkGjD zQxStR<$kQm3G1b0MQh95@;&^dG)VA@gyqOHybz?4JqN@71T%PJ`d`UK{OHP^!2(lE zc_@Tc^x`ie8Y;$Qm+>6b3vsgk+d+h`a2$Rhe?0Ww)hl4L{R()q7z$C8dq#bs-|%KI zGc?MuyhjHD86|wTJ>)+v(*Vb!^n6X?qOi=BKdri`#O`u*@|4o^nPkhZr}d*+&loQF z`j1aQZwi44dA;L*i{Im%mrC2Dpgd`rNIYb@CoG|mUh#TOu@nr-Ybe*}cmRuR6NCMg z&7GboPmkpH*2ufWpbeAGDXGVY{ysV}YRND3DbIctVN)q7?;P|{8J_VTdIw zlzL&phTqdX1#eaxB(b-tN%P)!D=ur-)$63l`3$Iu>x$G9rMWK@p;7>C6S|EV3qy>q z){|X=u_e!1^ZKvQ8n=xS3#tcw^OB!N4RMeI7K@7Kp8uuD@84Kv#Ad#Yg?zyS8+3pR zKhj?!M1|aIENUE!egC`KbU>k6t`8+3A;u7srv>y8NR9-5!&??j_xFToQ_(5z*)^3J z4e^UNf?wMtFIP>-K}4PyPXphcB8*_FXyCnl#8j@9Wi%4q6T$Y*+SpSYSP1l#h=pa> z<*7!@WX^=-cBky(gU;_kl(;*LSx`Da&w&Mt69aGP$BPsElQEeP=1rdcP#yHUnnGpU z2bm_bC$fAN+k82j@0Jdv-`iKC1`m^X`lWYFnT_8q(nBLz4*+fL`n!{NENDPauvYR* zt}#6RVY-crY8|?aptga>wUQpre{BcmPd)-7(%azc^6yb=KEK&JXB|}q6jwP_!^Kpi z9w*yh2s|Rb-Jv_l#i`xndoMeRsmO<15|tR6qGvXbn`w}P;*deXvI(jp4p^x7T_{j9otva-`~ zL7lJnhljcDEPnc+h+H?rqvEGbD1WV1O0S0sRd6cjyLZuYS2VZoaey~f!j5hCZ3f7a zLE_=LIy6|K6PA@>vvfo#R&!U~1oMSm~5qCEr>o1c6N0jvKh za{{ZV!863$Ct~MKl<&_!Yjb9%uxNFs>d0Upe1t|MwgZ_SDs{niOwjk_U!8n8?)%fZ zpUoUh;#ZtcWzo=Cp-x9l7<6^*9YwzOq)J6ye?U4gXva!iXE)hN%=~h_yZ2;AUhPd_S3OHKYCmdgDibwL<%p2#^eYwnpe*?;ottl=!;YDz2pF zS=$-T8EJH84_o7GuYbh(yJCNJ7Trf+NCZqU(6Jv_#QVoK(b2p2D-ei_g}xNX`On&- z&-StZnHk;D*z^xQ=u2%B|8RqjFVFn`Up86nZOoQxmx5ZC>D8LIPg(wDB^(=;SO8Ti zOj(nSPy0tm!G_R7!bv_u!@@ByUFYXnr?>hh|LoLnfFTlNycW?>um?Y9kNSECLc6bK zc(FR&YiM|}TQ6s5cyp2{_v1;+dHAqwffrX5!`U>t_WfQhjU8*Sq=Ymz$B;8vOS*{oznm%b{OqHLZ@BOtG((U4c08yi`1`m+~4GjE%_8z zN}qZ!kHW7JN#_;FUtwi+23On+`F#uS?>e=3DvOgP<%0k2prl`*Mw?Kz{N7PbqCxBH z9u~RDBHM>8JB0r#K))Np*JowwxDUx0*H6&|Z}8pe8Ate1IKRHcs#V3={LU}?)rQqi zo=5;>Mn{{fg{`g}dHU05HjfcXZXYtyVKxrx!6 znIg@8EI$xt)O6XI#X8>HTvn1a?Y4BerO9#qL<^(Kap;G-i9?%gH7#R`Jpv5AAwb2Z zQ-Ozpva13mw*jk2*D+Ka7f4$UvD-WlqYHEdr4iB_lr;u?q_;4{Oll8yvaI9zdV+;| z>`e{ok8Hy#fIiOxvvDu87DKZwX3J+>^GK96njE>Wekr_P(Xr4gCWuk~@Waw`&_Qwx zxOATC@*BvT)_ZJy=2k}UHc|gukUL0PIv`^?S9UL7K7zh}DNc<~`vXhS_vS8)7TNJ?lB`@A z3wlrY3cO*8|`mAtl)jSjSv6Y1O@2uF)5zzYyM%|JGz=X67&2j*09Tumo zEkBxe_HB+A8sP4woNH@GC-)R-yisZX{a~CTu`w}c12b*b``P0vxnYvcBx6xb`k!b6 z|Ah#=KqdMwMqtjmrlq*zD z9@_92JJn3aveE6R<0gQ#*{hGsvwvcf*zBzzg`bXq`^uR$7``hD{-W2;dkdQH^wE`sK!3#DJtb zx;LH=V+)GT1^Qst5Zk7;Hl?>XtPy|Or}7H|CybwSD(6+kDWM%{*8C18tpLQkk9Ev( zb3x&%-&FhYijK#zX|K-0X^hop)uU1CmlAZ~=&f|IUbAf!oRV>QX*>B924FXl9$A%K zHt3KFnDoL4deKN6bI>lsaDYPd_|DI^4rzX<8-TDVzs;_~jNgr1307ANEq~T8!13mB zjWz+m-gbJ=-`z7UB_-no2MS1ry!|b{~RMzrEIwmd=X`-6`33)v{TQN4Lrcb0c@6 ztC^eOOM7pdb+TX-hs9?cV9Qo!1pPMdlkB&(6 zZ5bh(k^k`m7NT7DN7z^R@-+(6P~*v(~%O8Fl& z?<`NXcFa}ofju^|gN$pw?(!N`VDy~n6F4!05h=hB!-%i*_Av|u4%g*~O6H!job-Sf zx1Dn-(yTFC=tUKgdmC}+Y(bXLhaBWLXii1QMTi(R&KG7hj5i{5?@%yn-j~;w1VnCQ ztj9dDITgV>m>6Oq2X?H-GQ*Iu-~kiLF@w^$r>pDxmeQx!HojYXl+je%`3pVh6zzP~ zebk+N?e8kq$~4NgqI=-yJQwT zeZKW%IR>?p$?;5Em=GMi3cdd*=Q%l;I(xI#Oay3)eIg&ABXjf@4EDnWn#bTJWOzlOawGg=HCPeJeqGL4s$vSTpLY-?(518tr4=jiXQ5?9ZX9>cJRML;21!5ICMG2B(C z2?YG3%XQ;Vgx#1+3ayIPUCRo>E-w*JJ*66c24KV1D)D2kuf6I$bl)#oD;L&(KzF}} ze-gqj<($6M;?JT!G*77Y78JZF_{i-;B%Dwv!zL%^w~+UA}qsMKtE}Ce*#qEh4=$cW;RTT#*x5g1u?9+2kJWq(O{c8e_I7)UFp$+|2%Q#qefu z1{OyTnnkBy50Flp6|sRCIp=2gcpTW$)UDnp*VogYtnRw2=~yM7A%SObVdc<@KAXeH|qZ{pu(9@nyN&WTn_!l?}1n4dj&_Y z(Vb_1I(JFZ%G5Sib}4~u;U9*zPcs_n87hBs>%qY``BV@C{H~~2u1z(}mNw}Fc%8{+l1awwcInj>9XYpJfIFfM6WjFN4DGWL47K-$0rcY@qp6uqg)> zFT8mEkjG> zmNoUnZy;iuRS~SB?JRa@)4k-rf3y1+XU$pp`B9oaffi{ajKDOTh>T{}RfQ0l#U*dr zzgtaiuZ+=R%&HzkptDXiotPQr&#)v9F2` zOw&->lrKXK!OLRm<{Q8nB#w#wb^Q7{TcBH5&yjqyG5y7TOZ^etPam zmFhweKV4r;RBXA9o$e*hq^cxTi=#jLNt?P_?b~wxY7RNW0+t(0TQ-7B7kE5}^$Ydn zU!^zC8nSf8hAhjzpY&94j^0z{Pbj6_swWKY7eFxKkeU0oIx>KlA|}a>Gg*tDuJS*O z=_4Z28wpCa`85oc;R5GW5997!{bQoGIvek&?MNx8;v$2!*A^nD)=(EX0D&!m?zV6{ z>u_GCv~LwVu6Iu?I1N5T(_;F`*!vW8KAi+5M2sO}D)f#<*gX`dnl) z-A{dpt#Ka$q5YwEwjgVSF=5_x(3(VJz*#0ZrE5-r>s0C>U#n;zahw!7XhCnBseZYg zJgulN=8p#(>T?2T_G3ryH-zR4Wv`^5qOs(v#wRJMc>&GW-1enHKW5khMJN8aut1QQ zpU}B!@wI!uC>o9G<(%tzuDZ6-QMvJdu=kcxbu`i1V4s7NKyU&Ccb6m(oFot|xI4ie zf;)#K1b24{uEAXrg1cLQ1b25i=j*(A@4erex$|$q0C7-rF>f2x2SHETo)bQi`hQ#o`L zE#c2Hfmp_HEhUHE(*Y7O*G`)@*X=+ZE5u0u0%a4~B6~^QWyF(IiR;AN{FpE)h5kDh)$8?4rOgIDv#;Kg4k>bvLzvDZQkGZvBuV;?|>2{@)- z0f74dufbFQ?*-2OZUaPy#@t6dvml1M@fhH>L4V%! z^h<7`AA>;GghbDmYASMS@TQn|vNdpJ9z+sB9L4H#QaiI$%2-7nEORUl-UNc`K*aCX ztMC^;_Y1@9AtmMvugf=#Qd=1RbU`)_NsOd%Nii_6&(rT&=+^$jzn7hnI>0c0uT8q=b%JxV2ewFe1*clqQ>$w?jWC6{5kYJ_!O}BY8)IV` zN|>M4ENi(iFYml;s75fqz^vDZT+p_g{cfbfU%lo0iF+D|Z96H!XIp#R_$>=FQDE}2 zuD8cL57_JWDBSN?p(zc0P*`Ttwt=cm8OAPZKb!1QsuPwB}A-p z*Xb==r@*L0x>1N9$jME+Kg_y;!@Yvt-Ta&3=M^u6(P00f^sLmXkDQwuPKz?YIM z{0c46W^K|FmjQ6(kS|XveH8$QBK+p7c%%v;L0tn&YB>PM9La>Qj0PYGRiXfH4u$Cy z7Gm{Im!lKcW?z8%?4`qga{mjyaB0gjeLPhIgX2*FvQ*&DlD?EFZ3>Ym-s}}z0eXd+x1?^<43~P_;;{w-*+s?_jk28Tv|{oLF}g! z@%_tc7HmmemEjqq8j#7@=YI8}7D0=TM`FO|%h30;fapx)&%g#|DRS@S3nAT%hX zy2qA?G<*ULjpm=8Vt`)(cIbr&gcF?&uysheRadoeqN5Qa34vcW#P*JRw6w=<4UIy6 z^~!*ZM)|iP5~@`M(VlCztj(p09z-2_jDqabV|{Rp8-6Ol=2nAS$NXFWi!uZ{fU$kX z=y!iMI9F{ha=*)1aJ~ed@iUi_jq)p=@s4~OJeaF@{c7{V{L+&Xtp)tJYvDk&@J&9v z69E=77FInxkLuJaPJ<8q77B7GqlrB~F=@uPH@b~vw7&Nw>+l5;Gv}LXg^>)w%WGl- zZ{LHTa|)v1rUJGw_z)s?F~E4gm&6PVrfj?s%Wl!HlXzI8{PLLwIV~vHW^8-9@MSWJvD0|by^!X~XB@9!F6ZY(W};uL^YU~GK$+3(-!{aMEDV#TEL zq40x8MRpBJ@EH*yl1`W5y^bS?e6t##28nvP>yxnjyHj+BjRD08hIp*VF1rD%&jp+B zimGo}e%@pRpQ+@|*pxdjbf*^l*qS|ZsNT>U*-~}d&MKj5FZoTx_kb!}d=&bXwu93c z9F+rxnVd)+;>N)zs`-=eg)1e+Q$ z-x++r;fpi2*i*(XKQ=?6e8>{ZA4sdo0#h1%0(@w^9??VtVSK$k{dN<64@6jOcXlt5 z7nL7z4|L-w0q!fA zaNiIsV7Bfu96eva@zCTpW1;G9r1((>HOs1~Xcm;1ef?wE z`0#F?Eq|CqaJF6D*}wFHmVbTW)#pQ{PDTud;eKWW8v#<(1w3kt$Z9F{L;z-ytk3PM zY@u#w$790jV~xS{wZUYMMgSETl)&`07<5)-nf__zAPu0ZD1w-ie?2$Zk0xuWJ5CQU ztvm;|Hma*riV=-&S9|8)^5y?#fm*GuPy?UvTY=FPOZL^y(uHrxF44`}9%TtO*FwOa z83O6OmiX;v%@h!9VOIbcCV-q+)ZRV>EPNv9W7XWKDs^orpg69s-84}C_JwH$zuH*S zgdhBDI%ND^t%9nHmxk-bs1z#Mfs2Xsg9RBCoqO!z;(yXP8~ZiY?IrK~HkfgNd~y%v z;LhK<@e!_vm``r=SR}iO)JH7$)tXt9yU9x8D)Tq0#%r7{3uuKMj^%6#&k2ovg)4bd zdSsgCcds1EJE{MqZMvHt#<_j?H;? zIqG7q&?+y|S>?5H{#t}dtD9)z88#&cndQksY1(|%UNQ=l0!Z?9mhW$wVO#OfsQ z>$0q*t{^^PpRd}Z<|+fDo%3F#Eb8DfLuhBEP;Wsm=@zM5={TEo%1*xBp%i7F3>)y) zbt33QTbN%Qc=2O-Rr$sN8xZ?L&H!^oSc7H_^qsQviXwD3*T1pkpn@!~#TMGwt)59$ z&Zg(#*0)`<|{V1>Gi?ANx^wU#<=!tFxyn<^_9hE^AII& z4KU!y?z809mAtWyaqN139pu+jzZF}ZapQNer(uvTyeSQse>{U~${*-Xhrhm?7Gx?* zMiA-#N6M+_8?4(BE+;cVQl%3dL^qL(4$<6rj4Ii&?39cz?% zYh3Mp7n)ymkUEvXkNcxf*6lUp)KiN|^KI{uPs@qEnd*=64>K_D2x?bUOc*^h#>H}j z$u~}I5CafHW!rbXRWDM-f!=(I*5*p+4_c6MkTm22uv}+e8Sic7CyB(M)gN^ugjm>0 zooDNN{q~6azwih4&Np}?zQ*1Zx1P#}$5elDm7YOPk3zhfX=H96vQuz9naD|xdsS4+ zUSyZaFl)&=6}gwThfnYMrJ<+917 zmgIc;`X<-_RjZ|S(~W;KQ`>`*T#n$o{I&2*;nVf)iOjTPI+&9mR+?uTr7t#1>dec~ zvQV_W@UF?&Z~fT~qpRN3?8)02-17fqqV99%%lrs=$ggyialTmk)wRFfbI8{&c2)Ow z_>rwRr4_GLaIDR9*FfC}t$~jt9D`rJ84VH3QA1(N_43%5@h5!Qs`|!YZn>GkjgR)X zzd_Izm_lU$8~G5srCsqQ18jYTZ1XiXz^@*PUTv$&5)6#Wui2G6sA7bKVS!8oGkie# zI*!r6u%=rDSo>-KIE_x0;sQ zbt`eN{mP{3m_Duw*9FNYZX|JoYQAseq8Irwek4+*_J*{GUi&lXz=6-Uyw#>xym%a!H__if-2Rcc4K(|O}m z_8v@Met}NE?d-OO#hwz_FR*Y79c;*voOs^xQhlEUB99G>n^~=PemoKCzpRL^r69YF5HdJfw@o)18Mt52Bj2F+Tq&rK~`38#gM<%5>?2)V)+3}Ey z;!h|KyBAj~OrJJhd#yw|N5n>WnEk_(%oA`l?LU`d=5X{!CkEm~XPf61u$p%z@XNz( zm7Z!zG$nzFk#5JvsvWmb)hTyG$Y!)edeff_3$`vyiZ6N;_wfwdF;u|jpDb4b#!}Y8_xT0^;dMcL z3YC_G&4n2V!4(twx`e}b%lAKD2L3oluSgJU2bA1 z8Ar_&#H9f~&HeEQ>sY|N0(a@f%B|v4TeNd&xF(=UbMi(&E)9$e)D*u;d-Yd7c6tq{rs-+PC^8SnP&T= zj9&c?zKv7xWEt=@#7 zN9mB|)I+=~gEmAfx@!l|tQ!%dPTAbBsCUs)z9%x#dBrwByPmD-q!RcdX0>T^Tj-=$ zM(u!u&3uT~%-x+gV^b+ljoC}rekP&hDT+;mBW5^p3T8XOTMa!D4Yf);51(t1mzKJK za+>VKQun14A#krBHvyZy#?w1jV{9)C=YlwdAMLs%b-^9?yP{YtYF*!|1NQH}zXJ9& zsDQetX-(kt#P%x4z5O6h-%{)+^FZ7u&i4k`g(}Ky1QmqrR4m-3#l{}_X)alG$YPek z`NY8U+t4ut*M>1bkJme)P(jz-D0987@#J`J}N=R7v zOg=Yw2TB*b1oqti=pzA4smOW8%HmD7)u1{;E73v;_!=Cj>KDkesVG{{PQH$-&{29< zmil1=KYbtsV9LoNhM{}pusk@4^K2GMk^v@j%dquteSJS!6bYG^r`by0eI7vRXz=t1 zhC3!e4&P}d85QPAv_6ME z>12MUZ^3e>%%$gYEX@Jf>ictY0L;UAmiB6RHxR`On%w;s-hQ##?2qg3E?aWZ#UQ(w zh7tBp+9^&$Yj~q7J!#I6kzr8e4x({97*BE3p`Y!Z@gpp0-=)sr?KYuuVbr>YRlU@j zW7LnNbI+8!4_eyRpbl!8Tl7N~M7C zJcTtH!^59OhxXS9Lh=BqSQBnvF%7PzmQ1w-EZGo1s+1LGbI_#=h-As^lXt$v!-xb= z--gNM(gP>q)!L016&_od9_|$B$8FxhpQxqA3H3%3Gvngq6$KI*+)F$}#?o~G=wzvP z)7oy#;gD~ht1nkPz+`FTc+Bm3sPP?nglZrMv+^@`2C{|j{km+9MxwqR(!rI&#(1yU z%T5_!o+H?EqZ|iIn{tF)(i+u$)c|p`cXK`h!aQVsDG=-^$+G-|_3R!tpn#>wSl&W; z=QXaH3TLx-)299m9-+jCmY46On;YoDHu-g)R+;II8f1Ck;x*sNPUWj4y#hcVQ9Ix0 zKakl5BweU?X#)(CpFb6Nw_V+SDOnrKwdfime~I3~V>;8|k=d>bsMic_WbTtCVgP|i zkgowX$S_l}5{2P?XHCmG`xed$dF8UCuqeKaS5t4-y>qx&mbra)Ua!`!K}T^_mx^wB z^*Zx^q-yY|RUB)-sMt6*D4W`-Q1oP*U8D;$Yz|3HN02 z+Gtf^*EZXAg*&ai(1^;KNMC{X%@T3()aEY~%(7(pcbE{+@=L<|hr<}HQIl45Q~v3E zchSm+s@5i=faeq;Oy}1nUnY|{i=YmZs}w{!{V0ad#fOS{*%Y5GfoG)MK0$}E=Q08| zVJhpmjS40s(ioTPJUQQZ=LO$b?pcgyRk8_WRN?_z?5Ig+rQ)mV$8o`KDBhQoP=t)98OJ)ZDUWzV5~HF#TF# z^zp50UQCzoD)U=vV53AH`z}2|c|esbinQZ|u@xNUwV~K1c`=IK}91O(0SxdFpr;BcvN+wM{YWm3U35l9n z4K|N5AG4qhuT4bj>nwiYZ5JZ{c5q^pMvWqICTa*1f9RnjgsW6!nbm%DB}XVv_9bf^ z@sUCps%2O}Ki$jMzTPf@`K3;PX{?5XFBSD#xdwS5Gm#Dpv}!+>C+?7mw~ls19ojT4p&B zm$Z4$h+(up1Rzm#K9XXw`)arz>obbrad4P_Tq{28i{1V-SxFYXQfH=vfyf3{|7GhK zYqzP-o(}1H|;yc+{DKgylcQ`K_TGPu}#v;Cby(wR95hSW;Q_*Ig?!WmIDIbJ4{qnW; z5!yDAHN>H|3M(rbbz#M?>Nm_jB@juU?5WAZ$V5v3@b)+XmNprfL-k!-Nj`Ole<%Li zmz1g9PVbD<3iYp@PIqzdDidDve)>@0U$9If|4s(NW#D4EZ#?NA@x}jVL5|+Z&KSZbP1^VRn_pBWiS_%?2pub3!^jQnbl-1)1&A}~j`ugB5cr1EV4dkf)yfgbsk&?8Pi z39SK^P?j&+>-E0pXadC=cs-`fgIFr>3yiBearqJgsAF=TvNv^&HIYu5pkr3>uu5c+T!g+!B;*9 zAA$-?d|xM^1BPw@=vRGc0kpV`O-$OGh_y>94Ai4*-c>}}JdHi^xcvFsOQW758o!C} z08jw=TiNExx0T3lbFw}a!v!MKPmzfCuL}S^`#WR7a|EkeEyV&U=bn%-#mPmac|1M~ z0L+GiN_>Yvht=$D&Z!T1U84Y-H|Ci?8~U^XZ{O36a0QX(wrjlLCv=V@cKU;rS8uNS zGHOa5y#YGpq2Mc9>41ReMS?1k>*<*%^b9xqFU$Sz>J>y<->*(6z%P#LzPHoWo+Z@o zZ!yft>s)qld*O3I06`ScrY~YZKpB{Q015#46Ey44`hUFit{JNMG}ZCz>{4-Gl$(P= zSPOUvqM^AzF#FvV#V~-00l~kVV$SX4k`(koe9TzE5#^7>iJ+XnF;KG7Z`jT1Vm80f z%=9ydtH&7paF#u`*qT~L2Z7Hs5*D$bDn&%{WKbJmce_<4zI ziQ>iIC7{MSGSHxg4=mBe*aBZrB+U0X0=h;i^K09uO7O}n*j?kAa-gPR%1%ai9{6fQ z&OgiaGvuuJ4_Iw2?>PfPJ^??fsu+s+SxZ!7QnU#cM8gWf?%Q4*1@SbB2CTmGf46xoU6b8(`B8B2m^&fDkGK4`D<&n7MF`~!s4Yu*tso-E#S?b@n z5o_XQEeP%!k7revXy(9os4 zZVW$tc)K!Vk!zu{kF$2T+{W)|CPQVfa@%og)!eDzE&gI)%5HuAS_hlpFX>3TW94iR zw!V1uXRPXJv&yS%=77QHKx~|Y8&|aqU7j&FIF!pFaS!_|iXdjd2BOUqR z^9Ymy+97wt+$HhOwRqAI)s_px7Mx~9{`=z)Qa{NFT~5=_0}9S^YsCb z4wmmvcJ0|7+$1oiJe_joSCn02uVjkS1x}cH5dvyJ6APn;oWcHApcJ(TE^~g7AjbmS z#|^<%Q5G^xCV*Ka&_LhqLLK^FCte2*u#Jr{0jsL-{YP}Nt_vL4VP&U7?e@z)NBf;l z_720scNgCl7Z7zkupFH5Gy=*^p|x7~;}$QJtXSwqg{vkY5LCzB@CuMw5;V=oM(>~( zI78M!?a&AQ*zI$qC#D~7%P4ZB_X#^_rmC&{lM-o8?zztfN>%(r3riWWi ze*K*Pcz8f(09_8(AQaJ;Ym$qT2)hb_TU7RT_n)I`=%%=*aDpR7W0 zc3bB&Cfrn$rzSN-pO&}C2a%Jpm6MD3br>bQ>A7;4+QzozplX(S`76lTuqA`U#P{;m z{t;|8B%&j(3fjhO>Q7k2sF6{UKe~-ts7RuL_GRnwV-5;9>`)LN7T;v#vK-bP%{4b= zu&m#n1s9jq(z8uaxa?RWu%NQSI-^_IQ1ORNj_YZprZV~+WUy0+R8$z^Lccy?;<5A9 z%1X*d@`tMX`%~0(i2U&v+jNi&-G^15VRL(piny@v#q@lX53*`}-)8VlSD=!ji@j;^ z+59$7#+mGHy#FnIVI$@N!8pngMGgfKom2B1b3RVw&08R$@5@@Qf|ZBM0~)6zQhb=d z4ZN`uHss*abWOk)`sGVbQai)Dgg2}Ro|H{f7pwtQHGzJOW}dzQRHtOQ1f?%bErT%% zdFbauA=Jzb#E-##YpFuFc$P`DjW%c=z-Eyv?Yoz`6y$?Z;-{X;h5CfeT%-Nid)-&p z82U3nsFP=lHSFl{(eC_@9Y^3Sl@qh7`>CXbMeOOr4vK#|SqtsuJbE6_kgBDk_aOn1 zoVPw)W{2RQ* z+D%=Z1RwUMpMNuZk`sMlwou-*4q*<@1>%?`j1%eq+z0)TMwBOxMOEvjCg@3j@ zsY)gCI&E5Kp8j?o5;(tEoXF^c8kP9`?PT&)x=m_xP>bw+8xJSD$Cvvy+CZsgmY0mc z%}{2)ReoP7n}^Oq%|Q(?TL8{l>P0hHN8is@l`Af8c>CFS=l4%_F#T1*V-Hf3m&#{L zKgC<`xznUgBAAj=WZ-Xq@|KKd8`j@L>f?_1TvR ztBQz5|D5|W<%tKUd)(W*^=a%0w)j<Br6=es)gDSbI;f1yI-aNrkfjcb1J2 zZ{ne=1R?a8Fl{I9!L%+ev4HOYik^2Ok+T8m<fejj1ZHKZ1=Eq13XzlXt6UPn(C zD6P{Xg7JzFD!Ep21_O`z4DewmtoIShaqcx?V;P z=>j9VSP4&ki=K;=FBS9ukfvFII*-z(lqpjj$kN*VlE4zsphKZiOzqZ3_g0z=?L z-Wc})7vu=n66uw=4qcy`YvG50`X?IS*@hv}#*AGkVyf8UTMf!N9}Ah401?FvY{j_y zF)YRG(UHU`jb+v@?t|2AzPGU_nQ+HxoDRPz!gGsMiVEdXH?3>}ney%%5jGcVFKRPjes5bszeTVTEXfYu)S zCwHY`Gbaen)YjAaRr^OuzPf-m2o4)WmK1p&Ls$snGyuZSzYD`|&2F$J=nA^{Rwt9Xn$f$iA129xG^!_t2OAAh62=r^B)D7k@-S4cxOcVzL;Tw;*Y9g4> zNsps*MSC77i-h#{llB47Md(?rWEy`dRcd~h(Em=GfD-i~bX38Y-i0dhjXPdOQoj*I6aKU#R6j)3n8VyRa#ThdHZpgx=t%(OamY_BVBujv8=? zo{{1|17_X+m8QW>R2t844=(Ja#ovU*a?cz0M*OL#H6*HK@~OJzR>P7uU{CCx zNJ;h65A}=UB`#SBU*%1o{o02l$XRlh=~IBiYFn~z=d+>>k{_>56r7Qz>8@_Yz0m!ofw!!)#Xu6T0U@9fB@zS7j{Gav z)keZV6G_&t`ii^QOpw(BqnH|XVL7`c8E^)q5p|c&%!{R6&iWiek7Oa#ug3 z@S1x9AY`Ex;yZqY;*m`7wsO<`w2j2C^I4;qtS%3#`x8n!(c5nk)U{wr0QwfF!Vm22 zP%b+-kK74zFkY7jFkAm0s`MK%J;(kP?o{q|iI3T%{ZV}E!tv2qlErGKIG86>Dui63 z8`X|6l!PKi`VZ7VD{x0{&e}fxBqtjClr290&2@ofQ2ytKP{kyfe9UnC#WpKx%eYaxi71EoQ4bYLH>7!)_Pr1YP+D^9l?c5DtC()dfXW= zXX1+YK}$qat+4E?%8q*cpo0ofe)*|3GnMEXy4b>ZH%iT&8v&Z-*f;8WMjj4M{j3N1 zRViO1&cEOrRjUh{Dq$qJJyAiXatH|L!6_r;TsucnEp%ob*`eRBDje-qW&697>A5Neoq8RU5kzcUw0T`CC6>V2}Rq zs-;rue3!NP4)_=g&Blb$Iq=)oYJf81DQlT)H4h8nC|28uI z*-A?W<9PH7iyzMT5G4s!g&!BwW$)+3c95wGleyt9t2l;w{g+_tsC?IB2T%HMD{t+g zKr-rI_tw35c-TZyjCs`E7|3xQ%BZQwp|o`uVVf3>^igPLSXi^cLo2=vL(FE<&u}3% z{@u>&=c&X{LwoQm8U?*0V-@aJf7on-7Ui+!xY&Nbh(CoOjz4Em_~K=x?Y-)hIDw9c znN*8yk2eZ3`&&_Wx~wBQeJIspeFW@JO-RleWnYjHKMTZS0KPofV z!R$DuTxr4gy$z&XJ6u9!ANJ91as2yS8wOwm(QrKAXHb`7%M92s@x)jE7R4_M>=acp z3H-iwfbv%)8ydh~*l5mIv|MLUo(6~(h_9yxNdJ)VfMFwii2KX6TZF`|<30Pi3La!@ zQZC(NGo1?=27!PTezEc5!ZzPx!KW$P-IcBzP#`#B0M(zSY26IaBOPjBgw>!-bZJ%* z%kTm8$jZ;}1qZOpD8Pui=}T{>C*;G_?0OWb@L0nQ>)#hv({=Q)!P|4ZtA`5+kY+ys zj~xN{#IOpIFyrixU0E8Xuh)a}pENd+{(U_@>=ELoxo77AfQwK=l2QRUc*nh$DbZ3I zAuZ3}EcsV6`l65jk`K@{|Bn{?Xoh;$kgRUME&%+h*is94`Udhse%+?%oU-t}@SRBG zbqUPZ>gU*tUCqBe>DnNN6#ZCj=YkF0K)5hFN?zV1C%#xM!2gXeUQr!vaDO%dcSi&M z3RFh}9KtWdxZzGnQqzyb3O*@F87~?RQ2%|S88nIxUce4i z#7b_9Uu|A0d`382ki)O1aP$@{sdi2Ntp*OBUCdQx9gvosn|bAiD9ZJBKpH?YteMCr ze^4cl`k$s#u@?t?>gnrTx|Sxzj# z#=Q1eXH9?f&BM5vkbuRqpO|qR3#MV4bt#z>+6F zhP~DUF)I%E^||@v$nIg9@a-^s3zh318u+hgbxVX_lWoyE;Qv}RIMM#jsvc=XwD|(D zn492V3!@1D=xm{dCw3>M{f7&f7 zGJFOeO(>=fHv9vp`SQwM$MFg3lzBfK1ph)@-6-gHlP=$B(_<#VbY8li7P?@3 z+CxtbFW`ZlipQBR5AEzs;zC+6qd)-e-BFx+E}gT z9C&Ir7kHT;Z}e@By_67k|NR2xSA9iG%ST+t$Z8je1+6m0JBDDEA5KGS=JdWH>n|*-L2yOWj3O~?MK@O9rk>@`ak<{8tbKL(F{NBTrFP~(ukwn z8B>OLT@(OuEp9B^Ee|m}&iyohAlec4r+%7d(1eDMs|2lvGu`|zfu<$F6z3&uOfg=R zcx7AJ$*q_qKz019fLEDvh7t6uSiJ2WnT8;WES~``Nd7_UsV9*=$DYIz0VvweiR7r)u$!nTB>`+SG=hHMz} z;SRM<$_c_^mT46Kj0&nJ=VxpCQJb0Kv{t|5u!NU0b4J5Juw+BL_TfWf;*r7i>XB7{ znr%ZrTlviG-=$~XddF}5aBtn8Q6Zx2lkzBjcsj066)MO|+&|r~{V06$R9)XN;irEG zH*ObV2K>$edzk>+D?aTNjs^sf`WkDF}DFg_S$EgYw*L{^zchWY{~G zffHU?a(^E1AgUK_n|lRFe*+Z^6p0B{P4jF9Cn+BpH*XmEYPS&AL#dh8*bb-op)5dR z=CEva$h34@hiQ>*BV5}qRj3jVz2V1s=$+sAtI8sN78Di zB$I@5tgK0pDo5*)pgo?T@_>+Yw`WCN&xq5|)t>mGZlYzibAcXD8huG8IWaJyHnTEN zR<`R>X?k{6b(-3M#AE7jl!A?nIq1b2WT1!P^{zqnM}FA2g||_RBOL=U@a0*7_l!J* z8ld&2VD!Q}1OUake4wSdvhw)naCfh;94S=s)m>|S$@t>bn{2gfV|*nvV%Pzbf(f3- zTfKdnGRsQE_OqfV$NM-6ZU;pKDieDmqT(7mSE|PTzQH@V@Vvm*8rv`Qi7g*6`Gp8V z?In2J{1i(Itkkq|GRvhmcs{VDFyRNF&E?CM)XH4M7Y-Z+3%?L%UBb;Ij_pEQ8{sw` z5bkj*>zCx3G1EI56Z)w0$3{@xPrT0i``j>wAT=`j{Ne7WVgiV*9<(OD0IRYJB^ksdv#aNkOuqqfubdTV`g9Iuvwj zg)#i|ePQo|P^->2J#?R>bNjfq9M_PI#7zC3{=<@)dKkQ$6Grp7_Vfw(!#D>Tqie|N z66T6Vq6g<$V#q7BXn8^1lD!YHAZ%9lj>!?N`4d1ep&5+~{!?5S;(k389!^>q?)55s8_%Si&Q*`i zf#6wkO>Cd&bt?~I(ncVS;nL7e!7gro9Xw_Mh0NPyRUdQvU@8Q7d+XxG;rfi#IwqyM zN@l3XwCnZ0)6_t$!UO&NE#E~Q^FNykt-eS-d4Wafm-3-a8~j82s{dC~Co zY6m7#&r6tYmcrrtO5-Bj-LwFjC%QgXE%b=NH}>l1uhC8S>S0$bCRKqlv0}d zyGV&NHJ$!cP!&~JfHzfle zS$-m#t|#X#07JiCT9Pplz}k_HzUXtQ@rRMIp+dfixZzbj95Z;CLh|t~-+4#AC^T?@ zhql1k+ZQiY`28Ao3M_*cmAkB`BF`>|l1fo@sphp}Kk}Y@!me&MN0OMWuhdEjtJGzU zPE3;fsC>s>RvGq+C^}JN<ezc72Z*z6J$F z5#QY;wubBMG|>A14VTY^N(00ufD?=BYl?59u6_pp%un}`B@Wo`#Dz-58nsz@Kt*VgNO1h zcgluj{^b4vPv&L{4pw#OFEPUKuHBHZf<^a)(ns|;pvOskJ<+m}9Z`zX@fC?h1{(%a z=T`WEn^rD;7EH*=)-t+-2_&lcM*y{;Mm-In%-BqOU6KBV4*<62a)7(_#Be@Dv3x1Q z#n^ZiWx$alWb%Ev8qR&qzWdzU2MhYs(YdsM6G6=3Y@pU`(yDz#qPv_q3A5aanU=7< zlA`U%q;$4B$}SE$9;GAcda9dwb%TzpO56xO-}X3_-ZT*tZG8hX(KFtXRvm!r90HBHl{a*JPq1ocS3DQ{z>) zX%ykfB5zN#ln?Fmb}c_=K!8{K-T=L72BCLg*!HCV=bm&?*oT#++QHIa=+WclrEg~X z22rXk_$URn%F$uUYG1{VXZBn^gY;8CsQ;|@rEC9(3LF}(U?DUqw2hq!fcf%^<=3usp6g7kU6x|~&`pC9pZbbPOOz45>7iQG`Yv*Jf8Nn0A2y^k9CQAA18Uf`)89}W z;xe#1aET!Uh5!~ISQ5ZnFS2D?HQ>zaU5hG#z_qFECk&YNCpQ$XK_kD$gx+8M)@9_e zgdMk&EjTc}o&;pW`$nu`&Jmy9d=oNv=dmUeUEq78_@O%pI;T~fy%C?Tf z8dMUPF$`APo+uXNYBK4wYKy5FX{z;{y!DW3+r@w=YUgaD7>+5ba4Z*jtcy{>86<^J z^mh!N7!_FyK%|&D`^H5w>4;);YnMK+yh&&!GHlc=W;Ur_@XE8psyg{fCsyw^ZO9b@ zY+dTU#s}_yYA*_8Y6k{vgK_5^DMDjy)x}4}F3(;8m`t->7yezV+O?aK7pMiFyA1)gVi*8@?EhS)9Y=%h+VXVlvfnc{CWBPfT}HZQ|3=2qcv^sl%;; z$3|QYCFWWV8h|ZVvDdi3#FEVXCzgNby^1)-w=@jc9?^-5D~pVrC&chSiNketz+N=s zIPxt-|4#PBUC7-fpR~*lvKTh7de^youXa9gcob=Vi}=And|Rt=N4&WcVt(Vhk?D8f z$L?+RYyOoVLa6rgvijyDBDu`A;&9nj?t?MN9r^p%2Mj0;^3L%q=gGe5S&33%Y~_U=HoU?P%z)9t=;;@YG4a2S^IqSgmA?x z^^Ws^c@>MWkw_f&_|3ui>hQ4T@Z>+Virg~)R`C}v2Jo*2T(G7Iz**S%xsehO;d@14 zo32oX@BxGQ#F-e7t4(5Q1IXIeE8>N$m$ecpAS*d3?H^Whkarcz-Kc4p z34x2JU4|N!*5TFj~NVC$8`EacB}w1iVaR76wT1zvdqf&unq;PzA@P{6SG`$Put$oJOb`nN* zNR)lrRKJ}2&})s}&WZW3%XL}0hc9Eww?4Gp<>t0r9q6VQ?&2!QF7}}q`fqf#Rt~hQ zmMs=(#4X1iF1BHB3!!vjd8%^)-8?K>RuQS*nUu!Kbek`nmbm|w`b=ZRI zr)71zO>|3)GuyO!^H7{DGt&$DOtp@mxHV=lK9EB_Qf`3QGe9&&my-MfJSMGn^eH?C zp$^3{0vn%d&teVw6bJI6KV6ZiRkQxLl{wSY0R3r+ z5j*f%R)W=EzbR4YUCP9?emiA0B7WQw;v*oqO}n~O#}=M?`nTxP$-PV z;Eb$V-eq9v5=<^q4M_DcTfh2|%lo{iE$-6LJ|y$0m8--L#lGm*0~D^RRcq}l&qzj2 z2^tknm@~_lbtf$OGV%!iELrMg@#!QA(+{}<{^hBIpS5qo18HP@;5$suH)M-}C+7`; zT?vj5O)RDAVyp)Q;g^EQ9U_bYK+Dl`59ilzc%%!zpS>_^4?-h`^UE%pp)btmcb+=8 zdGt;LaHsT^B46r-ko=km_?coMxDvqFp3eDW*<}49lb2%6Dv8m7 zi&Ci?;qy3ADd{Z&~rAS=R9bQ&o~9Xrc#ewBPnmQ zNoc`>JeX+`gVnq=nIcD-SerbhmK#{(0XF4U*5ihUF_|tIliX(nv8^k5kmbAYI0*bE zD95PAi$_(T+L0klRDKRp>^MdwUgTe%xjv)z?H{wdin~MqSwMLZLBDbP-!Z_+{%kGs zaDY=aMl|^Ft0GgD$8xWMg!uB3Fs~9pBirCV&iC2>nf0BU4zj+TT3beU)J@QUC}m)F z0{-Rc@8w>@pnxdd-OMN|CEbl64boksh?In+bVzqMGtY&7zxVI{<6i4o&sy)h-uIcmX0AEc ziG9x5=j{0GZHl}V51w$~WV4ksh%4zEJ0KN1s`$f+axP0Y(b+GgjJOOqlP+J96bRSL z6}0K=OX)hC7Z%VkVGM~7(P}b_Nqo@NaxI-Qx>)5C_PxC~Y&bWD17q28R?GOKq1;RUE^&)7kLJ=; zZe!kK*j>;xjD-ICI9_VB#B48k(|)U8K}^>Fc*`jT=BP3&wb-IaLJ>xMaxZ_-{MdFJ zfB137D)b|d;bURaYdju9qATx=gnJYt=NR&mwLJYad6O;}3Jb(gxNp^EdWy?UzUIS5 zvGR~7+}$h;^l*+p_-dE?jXLabR84;^7IPZ@G=Tth#V8rbMKs<>Yd^^IuivrEfi##b z@4#7G*?B+hLC?do9$tNKi3c0xGh3@C-xZ#K(daijAF7&LR>%=YoQZ2ULht6{qhw;R zml#f7R7qg6Zv)wh(Lw=DDTVa+5;KinKWL*iJu|dEbe{aG;_G1alP|&<+1_m@>D<{3 ztAN~ke60wbm9g?A2PbknvvhV$_=^(t*-cqWEr~yDz1K2+$Q-^}#FG&wL(URpRo5ZI z2L))0&7rf=+1~nOrG=pe=#<8EGZtV7fX6%Obn*SF3_d&b-6X z^QPvRTB)7-XCa4oVhHU*DpQ2ge;#X*|7;A^34DE z?D;|i?=uejgwc`VxfC~Lt}YzZ{q%ZG721>nw)KadtyeIxUO8r9s_%9%Vs|tW9BiOZ zj6we_Tlm)0Bwk5H#G8Wcmi1lelCS1w zRMdYT+2T+~u&Y_V?%=Gx`+fTOwmi@^W;RvNr!LA3!MOOmE;45wHH&7j@=WlBb$FfS zzJqz8b6Zp-6UkMk@*OYlPAV)-X*LhKnCry{%itAK^d}#@EsKKhYP51AgE_eNDga>%K!>;vdOwxYFy2y|?04W(D+!E4t^F@sU{VeKf8* zD&=7;8`C)77Xs_T5VvShUCNl6LJh^u$tx?4l+x1A_bn%gV8DeWu^cYAn@+bVLD+;k zg$+1k5DQJTF}Ao)(Am1NZzuT4&5Cvhen_+oy^h z8+g5Qg@1axx+N3CxRoK}iV}uR_Z)5eo#A(FX@c3G=ntuiXlA){uN|#uJ_rrWKqiK} zL-_hR5jHYXLH+FKk<|_N%T{CQ*)6S@>W^y3L;-Y3@(Ct7Pq(L^wro1L|2MNO#!XY` zBOD+nsOSdaY^&bW*#kOK} zK3VaioSzIbdu4Z0BlYvnqV<7AZeXF<1O3T(L$Ukf=Gfi5q~J?wYPQk+%^gaRw3_Pe z@cWh}YztD;3Wy)Coh&HabO>t`t8>58I!imh=vZpHn+`y0xGs=pM7@a}QNtu!ks=Ms zaNmRu7hZHjWas7UGt>C{`W6RaedKAw%F!bkQaf9pyZ!^^ij{F)H=+)X8gVS;MRPY-<-f@7tt zB#G3|l(=jkeR2ZjXmU&BRj!5mXZA2R6Z;>E2z)<-)M>8f1Z69UJz-x6UjcnwF6Ck~ zP2v@Qt>fIo90i@FHf52Ycb|D_w$E4^Dq^Jyoz|k)zuYsODk*rPvVcBAuht=WCI6WF z{2(s{NN-f#gR<_;ZWAi@U5MjEgJxS*B#XL3{o@@}(l5TZP>BdaK z|CmxyS8h@w_bIvbPB8mFgDAv+&0l-!H2%{8P+z^huq#4`$9z!-@&?3UdYX22lv=-- zP9FCt6*)lo5aFr=W$WK`~T$I0fA({-KliIap%xT^xjY(Z=%KY zZ+EvF(T5xm(S(>y&fYhowd;cOsad@ z9;=YWc^dn|6txR^q>bd72=p(7*FSaU2z_(5$&Z6NsnTuVRSmZ^j^e28(_@GF3K{;3 zamH{Azmcv~aRHXiWcdTVOx2RoYw7*Vg;$}mV?o$~H|ucTM`E?P)&!D)Q!6Y@K?thM zr1b*mZ^=gxUIT&_sE`U?r>82~jFnh$Sk-G;EtB;&$6E1byfA-E zjE1{;(zx|l6B?S3R~K+4NOX9~=O*t{dhk?8`8NrvhQd=t|MxnIsMj1ck&HWCoAaS+ z#^k4oi&sK7+8uy28A?`KCSu^)yp%o%b$=%AtMFJ%VJ3C^z-3fvz4EaXRBzqIGJ@(= z??K0e>$#&sRiqkD_x#fXvbl?K6K?%X9S-@kkJ8N$M6T7 zJi`FYQ?=U!JGii74ur}9*~`lijgZe_kY7O`IY7T@gq&w>zq4PBd{iN@E+l%|%?4!s z-!jPEPsgObf~ScV^8CE>m?Qf&RrXsge0)v+1-x>0U!Wbu^E{pI8x#@q4-$%*3%0e@ zRFQsN(r6~p;!{q{_ON_pgbsk~emCI!wz?R33E6iSNg&D65@1S>Ez0?LtM^!g{{<-s z+Hsz9ws!A1ptG!MJX@K%YvApk&(c2@!R%6W-r};Eg;lI}v0%7haf^r>PS1|Bd~?hP zxh9)B302hZ5=dt6Ea-plF~GIzBLU>VJ^Eu#;AbaUgpeivv;-S94l3^~r;+)qc*gvJ zmci8V&Vj(xIC`gh*kD5GGst(W2u@jYQVQK)8~Dw|+sE+r3%5~trq^!)<1%*79HrEa zhh6)Lv86_aG4xxXWUJhA?Z#+vPz*4LS(sl!=A5K{yfmN4knWWmKJW>RtB-;pA6K7> zS5)Uh!PFrjbkv&3#4LowHjd53MWsVY(RgY+7xO)%i2QCYQwjhHgFcWUXSV4W~)xO^Z6t?pm%!CoXn z!z)tZMnsgNhWu+2v<=jHtpDh@?Ay|7;ik9YyizqrD^WdFc@zy^kDbT{6x2<~AZiz$ z-`ATgX=o8JK)4^GeZSfcKl@x^OTakZbUHsgrA@KNrOIcTx9*S@)0W69o)IMvQi`!! zvz4^w=kk{G=_!zdOoIlwlar;7aU^S!^50l1mzsk$*ah1nf|;q2pDNro*Nn(&^NvtH zktXoY00l~U6WcOvo%%L5GEflX2d{{^*=*^*?ab!hqevHu1lloE*!B8T;>^*#z#_heMLG58Kgf{ zE;a^hIDdN(wwcL%@TTEq)b}|*huGM&*tzzU%fg(2iYrsXu~&#bKYr>X7GP&|6$#IL z0}<>3gga(gF#7OZ_a~0-Yz98bmR=FQQim-|j06Ovv2kxbAaiYM^lsXkq2)2J-!9%l zuNQGm!U_8$D87b-YuucwfEQO@eL{uj;D;mGXvbxcX!S1O6}>teoYZp9kV>Jr=MN?h zJB>H7P2vvCr;;01rREXi4=Z-1AByI;%gzxiwovB(1Lc*G=D&=3N2+S}ofGs0roNdB zU`ao4<3KdVw$)V&KCU16h_AF_%M!(taXvz1*O|P@P>}4|j;g7^o0@pshHXU37LdHib^dQ6o#?NhTL{-!$E{OUoNo! zL3?xOgZ>q@N3gJt_YaIXfiIBD+<$51^xDUJd_}lha%C6^g+;h}1QU)KXN@j~ctLAazNj4pCf8+}3?Y*@~jT9q>IB=y1 zo!yH`&lA6dbl+SKE|MgxyNj=^l@y%=YFIF@Lsp`%cYYn3Kcwe!wee0Q#Ta899cVs) zP+#{~vz|#&OyVsUFK$H@^(((DxI#~$`i?nMZ2q$QK`Kq!#e|0r`-Qn_f z+LB+5FvGKm%X})UF0t5I=+Dg#H@rV2{RVvKota-T7J61X#9DaOYHL2&ll^KFuMreS zAwVfT0A{er_fGRy#z;Umm=tCrh+Lk|V%GVbWNOet=VEl0`jkuVqKf8$fgly1MZ zPQ}a&VqPlV#0T_7>5IbBKQpWxV!G<4hmCJs^>>PdalLQPbe0vQ`PcvUQ&Qb&8&ZbOnn|0#>Kmg`)?WJqr;%Y9l*|w?8LfId#ruTjee%++Cb>h) z43&C621N+#00C5t=Rp7}HIsJWD;tDg8m8&xTn-@vr&pk@1G)c_O-)r40Jr5#Ki4LK zYx_Z_%F(J6xwz5U-noG^H}Cg6_yeTTKh`FmDPG7TzH_r#&@xy^YGcM?zAMx`=4;rf zNyejVAiv}m8Mb6$4V6jvbqRY@*F=wQ+O)Kw&AvAq3V$&M=2R}}f59_4r)ux2fwr|{ z?C7bC^hitNO}OE>mm=tJtscG(Txg;52?^Gija(U$6s`l3jkpez{PTPG-?iVN(ni5^ z9?*Fv>l0t)-7B=53xO=(3HO)&GpU6(V|o>X=5WKBuICm!uq&A~H{<^zc`S8J6TzA?bS(UV zNNL1LgYIiS#vHT4A~TqenTIuIhN`B^)|%R7KLxjuT8H1%8etw1 z{+9e(KCVSba)pg74`>J94`%}w1mt)2-a6UEur9~8mZ_W`lkKc{W(xkNKW{}xvs&}7 z^1+J77q|$J_Ph6Cad(`ua8PKh3kl)~Vo< z;y(x(Q}f?XoTH7&Q`uGYVd_-heeeDS>d-m=3drY6s$RCgXqgWi;xrHS#p_91`Kp{$57hVI6W>uFX(4~R3r!g(5rFB+p2xaXjGsd za{VW2R>I~xteFea`|uwW3WNrH`34u9692Pk4>wpJ!#_+knR4Hjt&+<8{kG5F?2#=O zh=}$0&Ot;!tVe(%ycU$}UqCJ%7#Q}eLw}IgB)3g@rM{>khS?XyeNWK7620?OOWhim z?P_`#mqI%`iKP#dqt38Xqaq*H4~;tEz+zIH@qc^t{|qvQc$JyXLX?lw^J}hny28^S zzt4BgmuBgSsZ4UKZ{^yv+;Wy4XKuLY9UGyl_s9D8aw^x5EJL}k5>wwBSvf?B#S}3Z zC49X5)sdV>JuLR|m#d88edQN;O+^~NWUBuW57Q|8;ZeXW6vR^RpOrk`v{>qaxAk3U zxZ(8DyO)Jh>1Liaer8X~x0SC02YgM2HyROyGrSugRop9OosLAhHGK+&q;JqK=x`_o z?LqUx_-6a)-bigp>e$#Lav`1f={ z09oq8FM~P6cyz19CyM#d{3X0kW)u5mBKPK3$4RB!?1Dmu6Yu#xD2|0Ba5%Q1a>>EO zgfte^cJVD2cD_o^YylX+>jffC2D>>DwPACq3c&R0zs_rPh1!In%IZE0SP#typIa0$Gk z`MW!5T$`F!J#siuw2KV2b37@A&Nb2>cSS1g9}yGoJQF!IoLMl|sJsPAR57ouZ8hKL zk_=ku<0Bi0{*pK3bZVk;GlE`n;bW&W=D<~19b=$Alqed!5n#R@-1A)N#+kxXEk(3u z;I*Lw8{43}%3W%rlVFYP?*jKMn5cE#96HCF@;RLrKi#`|49S>b7Xk*v$AbzcFbk81 zt{Yy6&BRlD3?#?m{b>~vl9T@L_mpRXhVlRAIAmxb9d2PZCDWnsUuBn3Cw%K`MsTof zlY4@c0~F~3YJZxuk^>Z3*`aIAzf^_BYPl_x#r9YUXf~cVlZ-tdsFA$rq+pOD&NPn% zdS}+4x#`+A;&<#~Gs1g2mJt(C?)ESYI~Y^erG0Fg?tI*%zA<9`85Qu)YhBpWhfQrS zF!o1~7n+qQEjrvCwHbMJla<3~J-G@axc2e8fi;gN2fP<@;nJH7|F<>l>1Ilu0R;CM zOz0LY&^q{bXvA{u(q)KL9#dxqewXE&w= zBez$!WBjQ+BSulPL~fA;@o{w2lNae-s9B(oU{F^CIL^Qz1~rid^wT#E z78O_NkoSV6yAZWGr&%%S$*c<|rFy$11|w~A zym{4K|D~E~zzG=+iafCR5bwPvSdAP&b-Im^)lvRMa+H`$fP(Ls*r~Uvi?~~}oimVK zl@{yPZ=)&FqWVMi^VfEy5`7(0dhITmXOzKYcO=%UHadno^!1|`m5l+Wv1 zU?dRuf0KfOvp0afAYxe7M=K$jMa{MrJ-^}KsH(9BX*qWLBl2Qj>&kzq&xqN19BdidJmrM zJ}UUTBpWhwmzYaN#1oNipd+Gh-@y?+r)Mj zYr$6a(@SQ}U0?l@hjQz_VNSWr6!cX)P}8pt{%0|I{(@b2P``q2-J(Pa7*uL6%_?83 z|7qZ)-F|o~bX^vaprwy)+9c{w(+{WGvMABx*7md?g4A9*bdKbkPs|$Z>uwN;;MHFs zn5H?O-p6_-;kfXl)|m+9=M}?ZIw@3gmObqJ8r9i`adIOf+TK)TI0vtXSo~-O49waU21^Wk>$OfG15D~pV2*~CD}0gOU{-B zc$kilAfIx7ofr=3MGsKsg3m!hz?p=p$BmSKUY~J-9l1|`Yw1!DV)$Dj^yC5-4}AnL zG{^sc`lfvug*i5WdWPahlVGEKIB}*C7#`@iAuWagR?K)Y0OS)aSR435Gzfqj24jMr zfxAT5OjwZB2NS!Tbn%yGDh3bMM%oU&&t-B^KqOG++n@Un^j#A7HF$OTPhEs?SliV< zbx~u(!`PWFir&S?W`eZJ(B~B?zGN2i;#(UNDe}o5WNDZb6NrajP@BnD65PeP*y{hE zR0z2*6O@%rw6o&eFDrYTO=bByZ()ebfKs{b-N?vSr&#m2^rQjw+ z?=B>G708E!dQ;0da_b_{5!9QG>w5UBdKaOq4DUfS zx-JFoR$|5m@N!k43r&ouJqf6 ziyUD_>JE?CRy+}B-&(62NZMGoyNu=hKkk!x2#MKzy}w=l^v82}C8?Y;#r0VKoA}sa zo_aO!^yo;{%&MhtdPk*JJ{{#I8amKk&8)0s;1OdYmD<9;hArcXKI&TBjgLpTlr%~va268uEs2VaNMYm6sbo9j^iB7aw znr*O^M8#e=4KmG$)}kd4Jv)9cGrQy$GE83BM^f2$o1cCxhtn#}depRD<1_hf%@R=T zg@@2@jeMjVEoj6Ozqz9hGvLq&tZ58#F~)=mdYosR?XHvM)25XEa?ry$j(-DA`PrIFMX?4-8}3up}L7W%=@oK8XscgDvOvT3-|A^#nR9z_2Xr?@;TK%+6zx zrh2=qtj@zd_02aA8t=586yIeh6^8MOd_NBt;~O}hq>A1*Jzt1v5H89Z)C4$qjAzqZ zhCV%MU2k;e*yg{a27Zk=Q>-tI?h6ut%xicI-mmIp2hMy4dM%GjgN@9w_R~^AIX6d8 zcY_;)bcgc&D~mclkIG!@Pza_qYb`gfLqs&=N@3g7M3@cao%%#b?UAFKmr^FZO|rQe2XviuTBroQr6*^bLP$5g8O!7UpI4?a@K7DcMJ87cxOdoJ#;d*t?Nz3`Uq3K4mp30lt}#iG0i1VNa1I0 zxLJ`x^KIZE_0_WF5GWnqU2IS%O$++?w|DBp2hnm^l9j0L9mNdb)ht^Adj0C7zgJy> z8Qu>cnkkC9)?ZSdd*>*U|A3la9Qc1c3G(NdCuh)|{asmdwd{4R?%MT^6N>wSadQXd z_&{&qJ-*IH`z=A;9=+S;jJN>sU6B4KE~r61uT(ZS%;fC@Odjpq!H}Rm*Grzkq1_~W zpqsmFEe+xxf9fi)i)(1srn$Oh?@}aM{o1*jfEGxHA{c;4gaOW&adr!LdV%dAakl(q zS))iIF1sM$TUsY07`ckKnwvP|_af0W<@}f@MZ{yT#^CI1#MJ7H3V^PMpjcr5md2BK z*^tDzEgTP7OBhlSkPkDIO!2F)tJI>0GQ|g0#!WtgJb$In2Pv~kX(Wau@U95ld&vHq z+E1&1gb_%`$}oV^=<1L8ge3$#tM<~NG?N_yT*;!DV(&Rgh(Rzz--cgtpf}|%N%O6q zvmHv=Q2NusBE)(A%hnL|Y^*OAfDH_U5dtk1lRp?p0RwXpm8n)ImgIZg5=V9?5JoFU zFI~-7=XwNGWR-)QtA-ZUJL(3E#8FV%^t6%{)`S)xVq$#Ij(2Rfg}zesd4Z3jg4Z$W$FQX#DreO(eM zH`q%LeC6D!QxK1_X)Nx5(oWy(v0HEEaeM&q^DrODkoyhvp0vX9pLXvD=wGJ!**km6 zlyWYuu`$&-p3y!P}%CXLuRm06!7YP{jVR^}x+F4cj0Q+ixj5&2w za~ZQ+{g~+cCsc(X$eAIA&TS`XeVI#vrH58f zbYue1$kpL6$*p|2{~q*eu&)y-JUDLWRv%upJ>1h&w@F_bvSXzxEad~_1WJolWAhesoDw^2%n&-!Z7LdSA-wvnkJ2&>9e zYsq0){?v_ab{VX2TUf95OHOjRpZX6w&Uenyt(64q+%=oZLvfjIF!kV8&f^Yo*ti0> z1p$hE%y1KW(DscdTz6_r^%6LY=igmtnr}7nDV!I0ppGSpVPt(&#Rz$Zc|xl<69>j* z9qB9nQuzV&y$2z*u-g6-2?eR*Iq zbbree)}}xqz*e+zdI@o#3ADA2oMZKQ&V9GOPQ%pMEWj2d^xXIgn8Om%KY6SI!l0BG zWsu(zEe&*qbf#RNbJ;TDm$UCzI@tEsuwr`IEqI*GfDZ1``z|4tU@i1ER=N%g#S==C zhb}tn2}R#EQ(N^E!NoyZjgGphtS+JatB42cM|8a*oNM=t!aQan!hyQ>S?0By6sy*$I&lR%5$uV zp|nkFl9S&xg1$ZQLHBjYUaq7Z@8aK?THbbRT+*27)OT}Rxx7!LSY;ZeSY;>;#Rj

$kE4y(tD$iGg|ks?f7yaH?9VHENF_H=93!iZ^w(w?0zRPP_8JNF8r?1 z+OkgB(4Z~2dj-l2&$>VtOXTXIzIxo(G8^sdb@Hlzox1Bk^)rF$_MTAleaw<$llMZr zX=**|OQrkxLwJgW|CI{!&ld&S_shz7hS7_MXW|*)?t`YmrsD zjc2J=%+nK_=41vLG380=WsNFv-PLOi9ME9+rrunE0aObqSbGDeZ;f6<8qj-g#B;XX z>!I(5qj=y|6^&IHWMF5A!0I!rkT1y>w+@NhkdF>A#6cam{nD8&@D&hw%Wbj%>8fW3!dP~V-~ zP7hiZGz&1piTj~JB6pAEyU6e4!z6z+Y%M*&#G&fiGj6>T*4*|s3d{O&1ADB43XnB; zi9e1fnl11rsTa#QruYB}MjP*dAtg2t_*o0+JX4^YjK*TS^+V8%{HdM;mS)QHg4N)L z&7}G~BQI(Tq$SNAYV)JKdg14d#A7*MTj9u|E<4K9lP^@@gfv%7)G@#VZz4tYITWrO zpyvOf(NA3Dw5LeIDNyI{{ao^dK7J#V%|rq6vKFJR_%8H%XAkDvFhcr-1&HPry}-H| z3}Z@l7;tX9?6QX(yO&_|<>H{zhZvC*up>VwL+v(Qg-uuW_%&dYdfCc4f?pMlL(CsRT>@CTQ#69 zeKL6Ts>uGwS##!_!>CtupWnFt285meSi6-Jx;>SZycx1T+y58r* z1G`*QR{$6%fUZ9Hz$RT8dvA3S(JEHdMQA2;CG2n2agP%F$`{>Nh?oQ^z|+3L)l=o2 z7oK0Q7n&mOHdP?Wz)H*WM8pGqe$|XSfNw*^?@F6<)C>VWfc@P+Jkb7x_D=wUWBO%J z;!4xLI%G<{5dQcN*jlx&Am6 zb3XrYLw$3PZKcMcZJ+g(kWU`fbu$~-zXVSw1gEU%8y^BrUuuerh+_k-?I}Y4E*!5X zP4r>&UC4rsbu&WH>3_14m`e39Xdeeke#swJwXv1vvBSN~=qyQ+p0uu4UtSUV0}Ca! z^U7*UdgV-VC7EH+Lx1|?9kE)0Fu#f9J4_(X_V1!m#YNg;xC(4r3%p#s@WE%YSr;g} zlP#W=v#sn)K=p}a#gson*tWR98BXWZ+ldQ5;0?iw@+KJR0yLGo*3rPuOM|#h$LMvn zPuk?NYW^amwUU*a+PP|gPlaPx`*)AZP=d*7RxeP^>at(f{1Dj1nx>Y?fhG^`96ZS} z|II|PdqPWtum(iIB;U{0Y*KwE1EXI4gzA}lv=0j`7AQV|X)@JHzy!*vu|e#ywH;jW zVBFUFgtrmt3GGqr07U{+!^6oWibgsmpR$f>!HupLszd$6&^6fl4H>G)Dj!P!2zu+; z^uR^})zEWhm$Apv#xFW&_&M%#b7z^rAGZ2|X<_IRm%|LF6FEtAvA~1^NVCD0ujmJB zykgP9X_00#b1)tXNLPv;&RdSmYd`xIoN4NF9F)=e3m;-|A})KBO@td5%6k_r735%{ zz7_fL-5C&{XV~P(a}ynZfdxmM&tqleWznlR!3>v&T6X$IM@Jjq#}2ftK^g0Y^z_yB z@?BOp3MX9{jOOA^5$K@B5C-oJN(sc!_no4)E~3E}5+La>49;#iksuLoM@?zC8eRE< z2^II2OY zylg>n^m=q@%D$Y#=OmduWKfFeg`MX5O?=Z*g!7@D{z{ z`D{vCA`YrD`;}W@CO=8%d)iNrPWl`U`UFdC@isU}H2_shma!I;8L_aqZ0P)s2jI1> z55AkXx2)&k7E`_V6TOz1=&2MFP1Xx@S!l|QY`=)- zX?Ma=ad$FrA9DX-N_d{(0vDAlJ7Tc))N#>HR1(wd(l7C4McyTu@47v9&)-aWRiQ*I z{Ss(3_l35X$I8csN>!a=V&Gg}%+u6KTc+5gEDEWK3}~^D0twLl$}^y1RqN-F=g6!S zjoQZ~^ze_z+3-p)Ju&)MFyvirUrfXPo^&t`2yF9&9BSx{*)~gMu>D(Qf2t4VGx;)l zis&uHLCuM|8;C=!Kl*dmWltkQF>`tl6UM6At+Khy(V8tlXm(x%$+*>ugt}ldosM6; zILVAvPgE}57-P&z_=Ev`Ca8)UvbRD&dZGWQzlgyA#Lu;G9k`}kFK|`(VZt^}}Qtj^K(9nx9=_`OZ zJT|$z41`q%xRk|`iA`prL9zaR&JP2x_79OCpOB zZ9F@};|hE|P2rFT{1W7}8x8~9Z3R5%sL8Y!e$+mO1hn{J_v$L%{o+=|Mlz?rF9T@< zjy?~XB6jA!r@4c?S1z|la;QOCBOYvc+`o906aVj z^so+NG^Ga=PoH;LFB7dfAOu#Z-IiJpl@zn@99E?r2}@mt8Rk(9v|>pbSmdauY^qr_ zNr1hl#+?r7u`y-Ac%SkcaBNsQh(wtnImBa~0rJk*Z3G1w6ULsd1~wY(#u55tRGx(`jVVecet zn%-xqXtWLYz!EmS{WI#z2^2Dsb(WBHKPycT`BC-fSs+G(90OseCZ+Z#(a>;V!Cv%^$w|Qed4;Lw3UW7N_83Rj02-8Dh9Bwvh zXpOE|Mnb`8fn8+WII-X-f%ma8g8_)?HCKk=lqnIf&C!t2vmR)1M|EIc>W~2Q#3-t7 z-RoR%l%V`(5s%gMI`#xx5tolD#B!gn5rJeKzC(E1&uqAf0?ti~S{cxm=8JBKy4EmK z_pt3FCvyrV zr|G=Vqtt>hZTo5#L_<*hL)}tZs4&AtVFIwzM={aIBVJX)QU{e?y(rrOX*s?IQ2Jo} zFi+2B4tdl^&vgL!`T!IYz>%lwjYobGP}W6C%w9Gn0@KHc*)sCSw@a&Z(b<}v)@_29 zn8;YK_aVKr2P@~3ldlVprjO?Fdno`r;=fnF?oOWbnP^IVpJR=dPM)T%4n}>C5r;C5 zbZ>MfYrwCDr-IoRs*YK5Nooy$PtmGy|B%Y0%E}o%IMR^`{DQ<4YxG|0RMXjt zB^KK2I@kKQRJ{6wmCh#2@6>`yH8@xwiXA$|lB~kY`|Q;vZ^3&D=R(skO8DpI{A@uP zvp?Hebbh>#qgIVmggLH=H8|tR$5v5(dDbtSM3upr3!4`2H)*6V=MtN~@4gkPHoA2~ z)`<@~6|4Tzp|1X{mC}HI>m-VEB5D|~{$!Ss>oa_y|B*%S37+T!>Wl&`Nq%chTO7CZ5F43WuBvZR-*C^7 zO(I#G2nGuPQV++q*kuSgGILZNRO+9*HP( zDQ`UXo~yQ2(<AD^^Ui;>`G}V5dCF?~3|yVZCRma=BZNx1WnYHfb>{s3!R{spE6=vAFdN&oE`B`i!Ka6e^d1 zJWRhmbu--<4XJ$e+e|I*`Um5<1uj+F8|as=9ue=X(2ZslX-h9(o6wm_dF0ILaAaZb zr)j)$ z31Ie!J*YL{*G;j;r_kUAL0Bs#!}BG^mMZ_8D8ZAvCh75z1T=7QKJci69z}!9kWQdT}6w3l3KQ5t#1<+CKXu zFh?XS54;=!yHXI)IYf**n=Z9iEr9r8j?(i~Mo6=GZIe%9!Vz!%(&&Fp4fm|)as>`_ zI9T%F*!+MapP{b_qSX3IDD3Cj_5lRjz2BI)59`DApv69T+P-OB?d!zLz}tpCmcoX zNN);5VLmDeEW@T}Piay}y7`j@ZsAm2cE4mO<*xwbC)UGPw@a5jIN`{r-4%Dx?fM*B zo1OA5^BWW9ULTQWxi3fFPb(}?T(kEm5mvX%i$sT(6~ z9=m$jNb_=bMbDJhN0-gC+m#+u#-5G@WA6uma?o3?+~8}tqd9tmXS+|SvAq0E?DjkL zo>0%*IC#KV@6If5qG-*3Z#sA09!9(1~S|9)~gF*xlJm~hHkepBR}I&h5Mdyuft ziz=slvw?RLjuegYk11jO0!yac zs=xGjIh0MoSHS=0S!cjbG@rd=h=3qq%RUiOW+zeL?==!KQwDa77rMP$;ECWqx+XIF zAYWlKS;$pY=atNm>&XwFVbe4HtUbx1 zg|?0>KWZFJ2TFZTe)ygJY$bL+`O%U^VA_3ze?685OC!n6KKKGNj2FHeDstyN<*V1RYmG#6g(9LkDfOLu z*F3`i(sT4JM&my(XvB3V&tKVG}NO%#RUOjpT*s(@Bw#U<3jT3Enj_p(qg|CbZHFW)$zu224m~cNw1G3 zOn!=+Q?d=2J$<6a&zpaBm{Y(cl~y|{_r;SfD}GxkSp$qu3*e&1zm49oz|!Pc3y` zr`VM)f5mq3;G&sr`F)(VOL??>hO_T<{-K1#Cu!7TYsm`92T9H87q0XB4X zP*A`^z4g=~kRW$`t+5b9*5R7s!`g%^UOZ0!j1?vfD9OGkkwMdW0 z7%>K#0$p&X4OGyEwhjq{=tJKH2zow-R;E_-*K0V7hyaA=Ad78Z;z$z-DN6wo!dSbQ z+XKOuf}IQZkJsWIDcz>T;;&imbBd>VSu%+4qgx0pcqCJsILp}VvzF^?`Cha7F6e=% zuif2iJf*%m2e9g2PH4K}IkXKDx+|=9nipAKG3qctad3{i~cj=>S19} zZ|cvn_qGpHzwomz6+Lw7Wv2i?NHjtL~M3FxxL2FaKIE?%WX?wl#l#%15K zf~JX63!u{3paHg$HM+mKcMZdlm4W+AqJ>pJ^oN$2Y+UcvQXI*3bhhZO4#b!fyHmw) zpznn+ITexf)bDf<6g3_!N;DmCcrJvYA?IQ!@$XvSEF_uu6r!8U7*G6uC0mJuHr9$r zFD{VdH$So0vqA))jpuLMY{&}Zx;Ungt}^8ou&v}n9I+115ONJOB%_ilb6tB(a zSH<9omauBOq8+;fcu~I<1Cr#Ipm^rfGQ%{wl}}{&4C1WB$Bk}+6Q3%;Gq+z`;R68W zadSuI#TC#^-F?zDHOE*22{^>a3u`4DImOP8rP6;KWaXfrDT%<;KRxd8?sd|4-=0OA zz)|d#ziS8-DWlfxB5;t7R-=;h_>9G!_ykAxJSkd1f~#L$XJ+4J9ZF2g3U+$z#Am@x zNKO;K<$Bu@px$l@P-kOma(ZZ?9C=C?t;IlI6u!#4;a-%-OpS?0eCL!?K_WdKSZ_&y zQR^-%qh{VQ-kFKy3c*T)sq*$q?=)iK`hX%&1Bk!*V7yQbU_jPBfpHve_ni;6wcPy^ zisYZxED3FAJ{VIk{CK8JV0m!Ap^UKHVJzUF8NzC)DMBY7iFyhE;a3X;TczXmih>N^S5#i68VF zR6Yd$Vt?wQhfA(8Lr;+F2}Ho4w5~HL-|Nyvb95g^z*bo$^&al{-!UD5&=a@LO|*6 zj)RnxA{|OdN=Qk^c{kwifA9akW4z;jc|Y9yZI6A{*=y~!=9+V^XFhZ8R)#P<|1JhD zYh&d+J8UG>5E}6_;5*vUl@^qsk-{^qn&PL*Z zv!(Al{Xhsj61o~W@O0fV>$#FMUq0Hd|0BO~hyum#4x`<;bhKvzCnh%tn_fA^M@MpG z92RyQ|9~|*YHcl$^lGQjXA(58AP~s9i#LM!H;n~xM`-Ow=!0(oD|~vrxcd~}9`4xO z`aVJ0c!{?)!q?8AJQ0SHO;2a_0zGyalH-L~qoq zP7}}PjNd4>5A*a@UPJIhRRzKqibBG$-tKJ%-ej>3D=pVp(-KP`+7Vm05YZ3o7-9lT zPzh0mzTj-$W>2F40j*2a59}5JF=H#X;jrzGgj@mi>2&MG8Cjv2NG4mIXKk*< zZ4efEwq(Q)Mj>f5CKB%5rTo)U(PRBhWK($2tWG=>|4 z_*Sy(jv=~GfE&~+?no)GCRcu76CQ<}o3lp=;DDDN3+@xsOk4KaFROzGCw;iGT_1i1 z)8uQIPU`KS->|S7-S}eW4^s-q-f+8JC&3v<0|NHQ$Of2M&Re+aklF)`}1$KQGalRZG1gGYLJY<+4v!O!l&zw;AUJ` z+p+P&yl-J~XcgMV;~Qdv0h=zQbwf?zNnditmwY)|-a>$oh5ip7K`|uXHqWD!^@BY0 z)TG~@Kwgx`2v%dTM{fU4%*Qt#Fq zkAgqiA!bO6m#q?hQ8R?+wD=?@2pRm?(deBuw1x~I&Rw`)crEv{u9RKy77BlF!PT;c z*C@Hm1LsZL{4+24_b+3HVaQ%E$Fb8NRHX~pr)0~`Hh*e-$eJh?>Nx*)iI^OI5G>-) z6tV218*tg`yxjLhhk2g2l7Z;7Mn!3Cl?1B1NdcSb&U51wePJx0HDsTgzEOM5<9 zEFL-RD9FoOFg`gu9NReCUl7Lf!&QGRYAK>%mDq$~a|R}n5sL}dB4iUn*9=60>pR!! z`L_zc4Z^-2h7$wB{P)%=0lyTP%`q#gTo$+*uYOZ5FFt6YyQcBQR7cHY{=j{C*+l)$ zfx}@Jmy4@ao$G4OC3^S4Bmo1mgBy2!>m(3iA)$9oPqj$HT3DnVZV34S%q1)-2F4GF;GoH9xN$X?9xVV zeK+*ra2DV8&X`XjB~SE`o=zrakbB^=mCrC6U!cq1V5 zpExu?HJ;7$e*uwPE;6Sjv;%+9Rf*xI9JZ-T%Jpc705-2!+#NwV-VEe~`jxtwM>8-Cqz zS!{oP&=S73=eK?I*<~WLQ1iX^q|xgUVFSqkmG71Qn*-gx&mq_of9$|^>XY<=X!kPB zZf6R|wIbSyYfHs~9d0z58xReew(Dyu{lNj^uEsE$9wP8ah+>DM(@K%Y#qdw00O zuh%mbU3lg@y1(Vh-`{BW`PJ#{2eb!YN(b5=?XnQ~y1bt8-ebCwSRc4ltWo8$8Iw_S zykluTpdQ(${ch)h8qG#WDVf)1kj1aQO>gs*4p&_h9U_x)h_7HFKh@qGmMvXy?VB~5 zJU0a&9W83uDfMW0yUnDa}!5Y2M9tl%QDZhrdM&3uTnfe0nC`L1$nhGHdW97$FN)vPw3-;(8WtjHVm z<54LMwvrA6WI)^TLlXTSCawENjWiD{z8kwQc?M2_kg6zS?rWN%m= zzGK%={@e(EOqLo7NltpdmbxKD!_fPCUf5WADUTIA>hk#|va8PQQNLqBGC5opveah_rh72=)#Kas z0Pxv>Z$o*Hx;|D$!S#Fb3jLM0nNqK|R%hGnZV=!~;vs8G3I=M`P=^%y(<4F`SanEIB%04`-TNy8=M=ceS8+Z;0TRNzJJxB9Nedy{L3`xw2?b##Hv( zlyZY!H#*j)o~&6~yZ#df63d0>hW{m>8tuH#GHDWiiE^y9)Vv>QjW=Vi7zxNu-hSWg ztH{xrhCs3pFSJPCl$19?$`@IJ)c)Hg8fz)K3gnyIAjDxLFHk0t{r;32PK^F4>Bf8y z%=CtXes5e9%@Q!MpN=DlR;y5pjqA}*%H*B5lPp%Xiic4Ad*{ajRGTiiJJFg2AN_3G zL=U`oN!_=EKkm0{ox%`3=Gtqq51I?|S&1?a%Zp*MG~QKjD9Wnz=4Y|ODxFktfnVFi zJ#sET$!Kc<`AD1tGdSw1b~l1Bu^ErI>W2h)Wue@4P|4o+n72f}>}l0tnP7kb+my2f zi0^9Bo92a?e4z!EuO;F>e1BVD_%$-s&sXbM>^cTgslUz=F3b3@`J98hTcz})ZdV)Z zz_RUAjV#_tFwaKU=IQcge~`{=kQ{|`J%iw9k)27r;S|$XX1O;{N#TfMvk^z5+f~G+5_+v2V6(R2@Rl^4b5JVn>9nI!YiB4?60R9f2 ze041q6E&;i+`zO0k=AKpxOhIEC>d02X|(MaT1?r4%iXWIdKpaoACjq`WWV>hO^uMv z8RtNNXH1~=G8`GU2^h+ITGRT<$nrYFB!Fp!)( zdOF%SJo;FgQ|5^sW+I_-o>!#ODAzB*b6KIXL?VM+B7^VNbYOqym4jwlqj4vh+$dn= zg<eQzfeWXH2+kua|pnmuLW<=WM`V3G(jKb(`nj?d*lg zt{9muV~E9n_6&wxn_CylLs5I1@ZEmW1r$~ zy47^G`27m%{-F;{SvE#1l|?qBcW!Vb3$GGQGA_V$RicY7&m=ynKObPZpJrDO`9skc z_+VACK!&M%^Fe6b6ts!QeswgT$@zTP#=%qh8>-!@v?8C)53Elg2w)@MYj#=TOg2P% zP6XlrNgF#14>63T^uL;75Mq9^jN~DH!4atIZqD=`=C35gRCGBOa7~~5v0vnaLS+*J zIYLfx!6KVwN3-H{y`#pe<)fb71z5<386SRsp12wPHk;RB{Qb=4?i|FDP&ml%dRkiq zWjVltwPLMxj0qjO@F~F@oGAR)w}z)u$A>o|>01nO^jPc=r0(54H>mDAPQuHggXOXt{!;XML~JTTaJ76y2&9a|GVC(xr& z^+JBHD(kL8CJ`CfO3~mH6`l+A`T4o?K~?F&rp}eC6nzL}(y$iCk2yd6dMyi>0q0s- z5;pL%d4EUz%Q>FTI9;r~-Oe67wq=o52RlR{eeHtc*!{X6_%itdst*zSf@`FI<_YIK z$55c+LBR3A$C#MJpbZ}y%m_HUmUj4$i547X8iU~Kjl{r6E%AT zD)==HTfJc#$I78~M`i8k0`r_L&nbR~xy+WsSXx!wh8$kU{hs!PDh=*UYZgFIx50Z1 zsZ#FEg$$RadH_fG-c7T9!kkp{jTnJ98Sx8x#+?w_uXoPZkk$PSnj%^#!2$ zqIcS65?E@LO%y!sJ_5=2(cF20jsWHMAHT`I&yC;_vK|1%cT#ky05{{A-T`9I1mUvg zZ8NC2@#{b+*6PJ?Di{Q7ltAE3gfp{f$wBz|RR8yBou3n{OW_Wl+(7hVOP*mdRtQv_ zKbFIy^7%m+rxy!YKRLTJmBc`f%AK9yCLrZTe+D&-62cgF&tU@h83=T&tLv#5g!C^2 zu^ChYuy&4v{r6zE{}wj)uSRdQfG5KI{Jj15@gs`dGH@`>KOdTQ+Izt==x$9rMj%;Y zI`q(a7cu-e4jB#U{SF9371TZG=sYyxxnNZ&f6zcHor&w5ignj~$rZJs3fbcn(hMsXr76AcBYF$u&!4P-)44ibniUB(Q7hJ~; zVgipuBQ!Qb#6kTCZ&jMUYaX`e`l#pN` zgL^6@jH9}C0!eKgx=%+OHzPowA|nukqGNUCynwYRaj-P@m|`6VBxAynv(RBec?FJA zvytyU{d(RQ%GLj;v1Zl+mJ>thzcsD~YSQJbIaANQ!II2TTKX@!BO17DO>HLoOl5WF zldQeO0$L?6ZpFKVC%I-FtuJ0YH5V6WGE;eoAL_70gb&0R{`R^AUSAj0GPlZxnW|hh zF?A&}HAd_zy#t|3%%)=cD&>8N@>4X6G-ixEJoz+fmBi1g3)5Ff=_0ZTDzN%?ZPMxGZ|V+)m9Ke=)< z8ip#i_t#OAmKd^Sxk%JfZwFo zfu@zxTirC1I+Y%T8ml4^hrwU)EAd2Iev7JV8Z*r zKV6F20RpP|IXdSd?lUp4hZN{_m-#zTnEA1O*OPhXob-%44;Q}f{pyI&%oNIc$FrYxiR(MjEu%Qbov?-b zVHqgmftL&-vcZ3S4l|f+QBfo74e(GqPdD)0YYs)berCyOQjW5Wlng&Ol0C762+a5s zFV|{gBejo?dEq;4z~g=5W>g(YTYE>wotlL?oqUqkil9dg^bVks|Nd%;}0Yn zF6!!q_1V_dqxsqQVs$9jVz9p?ZuZ%?kgpslwCr2xsf+vQ7I3$3#&IK18!w_r>>dnK zl7?B?8{0`6sMN8gJ#>8M>EQHj`P7FYLA_Pwo1cQhN;<}TS!<3HrHM!tt66Dvl7M}D z>3-je?NXC7eN^C8umyuhMUtd_wv?gK`;Wc_W;Mq)Uf*PE0>^+@VO30qj7N_k`=G?`U zDQo%@I(?5e-|iqV462iwbwFkZ}=8Y3Lo8d1hI~RbdR1&w2a_BbeeA!EB zz#+IV9at}eva%UXy2YWjnt^8QnTQ|ZkVz*!b*)wP8DRT~pg5GYvXxo+G$sXvR49FP zI%p*Mg_e(82OBHsvJA!3nP-n3ZI?sDYb=NAz2mYd zzVM{HEmp}1&3tQcn*am`4z7BNeq_h=(5*`Q}1g}}c86+O<%b5>ZahUbj z{#v%iMUU0k&}`RY)o(_>DlvV^W}}#JiW1adZzrZ;A+ypF72LjbbZ`X zW7jGhBf#3K{_mhmAEa0at)aT^R8I-nsSFU0Z^BMZO+m6F2!<)nB{7x3eaVXU( zy)91lDc4lZ&(i%bY;6iE9mZL|?UI`Gc08m|uKBs5y2tRSK(kjLeGQ|$A5@cFD1snN zFwYt@w9A~q`2{x#8`aUpS=7YV-st%@!|nLWew4V2{VSwriTo7`h`YC-ygAEuLdh;3 zGgSL4&`xhi|C0zlHNb0Q+ceO1qfPsAm)}eySKHwM-q6Q(%Cg#;+lghV2_tfHAf7us zQb#6+)bOFp&)&)hjsEIz86WL_Bvd`*Rd8PH)lIIo;|JPyn4+N$WqL}&5tr01HY@3% zw6C34yqQyNt=dmNa?-`6#VxyxO>@%B>rkE~X;7|AG%MOAYOwk>*ZohLH>dsoN;6a= zVtf3HO4|=^xI(~LF}XBd{Mmb8DAsl5Hi zqPTX2CgrkDd~1Y&&^^%iWk;{->977vn~p<=(}CjSGchr8dTrWu*sL2xmN-Ce=VPG- zd81lGU)qqW*C`L~I|>-eQ>@_qwyL@`$UTMHleIq zk)C~GYv#`?O)PRH@E9FT#}+o*ff_dfxy)O)s5D$S3i|fcS&H&?DbO0uXIPMQWYtxw zz<_KxT>vfLMNgDv+`@8=dHvS?D=|$G{yyD0MZy@!YE7H$UBS&gLEy~w*UI96d5sDu z0-7ZTT7acAjscXPedX&8ixE6*$PD#{+fMLT5Fx#<81nGC*x`2$;M2ss;{Qo8SxkQ& zWXC)a=E@YjL`k9z;jk&ssFVGGcA0;e0z@4FN!n34b zC>vY}_gx2@G^ysohKhm4p7A> za7GA4PmQCfKsnZ-0XH1E=?vv&fAH^$7Uqu8h4P$57Th4vZasl|xkES0L6Tof|HEl@ zwA0q>Ll6EDDxfszVXTovJwrzWB%pKd`OvQbQr2&5((HiU(y6F&P0hwAxh3Y!DvV-J4;4>sQh_>m~O>07$VHSXf}iJyg;# zG=*gT%VqEwKjQ^%X}x!CE1r`q_^W=NAyA|?QUQx3L4<*98dt;k?eO&g6_Zw0XrS$^ zPrgOLWgEo>W9Y1Q;Ty-PBT&bh0;AmQAX;&@g4%O_PP1Y5WZBlnw{yY&U4MeS<>I{@ z&)Tgd57Jj$(ZiZkpExaTHJX+ONtnUqN157tiN@TP35Dv9UOw?zvua7>gXJ5<4f5rv zDVbNSH*acKb-ohTNJD$Kz98MT8W>SLo(!~$Hhd%g@nIAWojvpWWsIHC&LPMg60v0{ zvE@5nLCAKo+T53!zma=QkxdzXv1X{NY(1+wrMEe)_^>d*8n)SZd;OQ6q^L_d&W8)Z zQR%n*=)vwRos7|ex^~e6IEpr7OGfBp!jJN_6xD#pw4A7|S-QwjWau zy|sJ`t%-6;j3GN5y!Xc9UNTrLu411|648lr#Ki&aE$>70z+}KE?2Ma5GBaFIiti1c}ZYeTmAt2HqH)h>LjOB2G9_A`_K@QaVj+#;C z+{rkY-@b-nUtDXLcgOd#tnUE|#q)tbpxW%c&lF1hrpFf}qe2H%?V9M9cVx?7#5(8m z3Uqq-7JJDMh+J#IV7sJ&yBOk2qSq+2C*ykppsG$<_rPb7-wz7@S%`2BXof*`(JWPIj)N7 zD*YMwON@b}Dmmi20z^J*mRyr)5ow*IurCwpV)gIHzA1vk3#vuz50f*z=>;> zPGhb_XK0CYYzQ1>5j&r92iY-R=UR(67eZxLi1nG)C9}Qb&iCFCdG_Zo{ZNUC#qOEq zfH+DU$ zc9;&JSN80Qk8l~lZ=1>!lLkDbKbX0A9>lt)I6*h=@Z@1^%u|u~M_h1<*$ly`lfdbE zu<%rgJpyHoDn5_P=s|(Xj%TXqYgU$i6Nj9@3Ip$gI19DMNkFep(SPmg^8PLXzSEbP zkCRmBf$GOQZ&eG8Llrwk?Y^4af;MaeKa9~CV;W)d?!zEDpFs~B=!9c(ujm*hCFmRe zD9R5f9K8*jUKT#pdF{6LHhxOD`bGd0`eEGtgn>k2A<@S~#y+L_N1!?fmyzi~zvb2P zPNoS~VA#kD&EKy_0$eAzd`=8XJ9_g<4n zDQU}1%2@Er8A|UIg4*tJRIvXUeq;L_I3En;=i9}#ZhtN0z-4?Ug6uXitSgyruZSF< zes=SpAvwaTThu0+;xdQP9k<@2J$^mDv$B$Y@{%=Yj$jtwDf+I)3Yjbo1~Rg=v@kJN z`ed~$W+Ucgd2!ifVljmgT1BMdXW$%}RvvJ_fW^jSz~r#1$Zy-u1A`S%-oy4})f%VW zAGhMD7}A01GXUQEowZindn2Wz!tX|kf^D#?|9B5)rTDtf_cu8{>&`f)P1#L(!aFrST09U`>KjICdPqmzK?y@$qb%-vB)*&?t2`}%g>>1(9vJ)+M{ z{8%2?uIVC&v5{ZPq(z#Xe~sTUF>FdZW_zIo;wYE$q&pM(#~s1i!CA<#gz`F|Qu*zL zK>4HbO**%ZGMPX;HoQ^Yz)t;MGS9%_~58<_qgd zG&h%W-JgK@c7l>`Ln{m>NBj7ddl`IxTsJUHJm%l7Fa(esD*bC|E`d}0V{|81L(?9* ziei5S9gP{J4$Cw~I?-O0_})w^tCxK%g`?u}?NkU_Q`UQMOn1O*QkN+sx%@cp}; zY|duN%chEv7>NL3E@eZF>SJ#T8uk6q>hukl?AT|!$7~n?ISQS9k4539OhuQLw?x;~ z5zQ^j^|C=USW>2=$wO$uIBR$_|gZ&3krE^E+ z_k?%bgoewLqsGnGR5!&$wQM87#@DYq(m==4;$(3==cEaG1^0E}Ut`rJZ2Uu}<|;3R z;f#;()k2uzX%dg&NG+BB8@Jv=wSPpX8Tw|E$IJFpw5RUcr46l$#VLgE!PGN8*#1gD zhZ4xq2qCI7QF5>vnTTSw>3x&Xk)^D$IX692KmgMV)jq7JH-)T4{)2wu4va{Kc`WBIlbTzwZ@)8s*? zrmf=J2`)uL%g_$%P6;d9?;a^C`-T>c4(?{AdT|BQG@gBbE31Aq0MZ4~G$Vy3KbP z=#s~%yq|YPZ|$5wo+)t7xeKKWUEA~6v_+pV*zz48c_=V?jymV0wy0u$e`$tXZESX` zT4V#0S?KYm!Yc?=M&u~!R80`(-`ug6BmOj;{8;lou@02p#EUkej6qxQ7#cQu4|&s? z{#CgOu7ZsIPtn0s$7xNY0r%@}OcN0#y6z{!D$JQvI|!1&2v(8fb4b#<8Oj*;$>l)x zd-BZFvTy!}_ON{XnR$+7n^Q_#V2S|Jly7mM4|2#2ofeMmpJuBJLi& z7hsk*wn@$5iqTw1AgnQpd(Lz>~D>*6qZF;`U$3vF!+K?uBi&j0*jXsDRwQiy@Io=NASPn&JojSsGba%cU9-CBCLSFVFaV;iF zh`4Ww=EJEBeevmT-<@T#h;*zy#CPrtdYd&D2RxAfX8Nrv@2_nP!_#|GP3Gdx(_KUS zf_N2wy{UM>|E>1ag9HJ;Downx)jCX}c!xbIopeA8dBPUu)`83(r2ymi{xPYzAT0s> z*6Ko^GGH|>zr+Fx>bcQ2?E4DuG;CK^ARY(g<=?9Y8}V8Pkk?eFr|03%wKUYBZ^D*5 zbGL%k(vjE42Yp)AEmAgfQs9U#I`^Nla4Es9OBnkq_xpY|aRq@T(&*Bn&R6N^fbDS+ zU|4(kx2@li^7?!%wtqq$tXwE_#HGaQp*)Py_s70BTNujf6=XjcOx55Dw%l$K6 zBCvZ_7(SSXgHNkZxf)pkw5RGkS{Z!lMio z1FKUePyVYzymUwjox#pMTLdV-JqMdE{Sh-cKL6L=L8)z_AqeDp)Q^nG@eKD9C=`i| zKf4LJ(9)%Kg9b<0f9(^*LSo(m({--%Xj*sb=`FO;O$6jqoE_EV=U}p@f0ohWUxrjC zHg%wZt|9?38B~ZDS9;1VSOJ+gVrk-YN(dFog!017nO{ zf$R}bphLv}uUklT(+`PE7-avb=B9QGxo^l~0v@8j-@`bldpZy&cs6p)aR2Bij2X$b`pq+7a?9BB{)q`Q%j?!JT1 z|DJR1d!KvW^J&<%_UgUY+UrNChMEE%HZ?W?08dF#_6Y!($Ujj_F;S2|dL#zOALxmO z%2PRD@L})ZxNBxVsrmdt$hBSOW$)m`m#m7QsPvcKQLg^6!7-UBIaNQ0rnYttS~>^D zrWSgKW)gGiH@5cwZ12r3Z4}mYF8}`1+BGPn<=`0@KfkmVmH4%^u1Ci%vc7G=KPrE1 zbLZFC-0uF--0G&T{rlYVHZhN!&ozDW{)Oyzsrjv=L-Xs0$EV}Vn>D@Dw(<4uDfLmM zed=#Y{j%EmoipnZJ+e<76?L60oP%F@L})#Gt!C`uAND1`tjW~%gCjio=H{k#WN~VB zoBDZT=lIgf*8cJ7c}QVLdgEYE|5#VwsP1#0#gz^3cb{`h>OZCw8NQ63nqRl|POSaj z-#s{WeSJ+}_Nixb^;t}5U}S21T8X)PTyT7Gd}eKQO6Ah#-XrgPeQQ5?otGmMb56c7 zt-WJEM-~uWBV#kGnZ@5Ln|p^Qmy+`vSJrp7_D?P@E*=}W?(Q9C7Sz@@bx+PLxxqiq z%&#V7l>J`cYHICk?-@e0_h%Q^r{&iaSGR2M9$LLh=YMpp)-@UV zDc8*LP58&`r{>c*ax^&MVsJ{j7=*LM#W)^|=$&&$5Gnc4@vjn3%( zH8C(U9h>xZZgHi$v8$=`S5YOx;njQN7XiO_juNxVeM6EoO<(;O7%!-34*8hnACatL zJhhbZ@$t5{wu*|1jEsz*KYtb!Ac_ArG(0jhJKNFGxxBo* zv9Yngzkhmm+TGLB)YQDbd!QYfYx}7@{8PS9R{fW}n(4*OA0smckzb?A+TY|i+kTxY z8Qh#+KS*j{4X$5on%IUox4o*E(@Y*Ee%-|v-p}&3S32(3z~cVW>iVb7SoKT=iuWWS z3^YvD^2gtMR$$;(ZU1AbD|aAc>d&}z@`K;|tNW*WL5;reTY`nd#Ug4G%>h_yRg!)5 z)C=-w^nL~^1jv4`+WLM~a@H5wQP}ff;}9>egAh<#!U2E*1^@^FCOiUAM$(u)wY_aq zs#BX8DgHBpG%f%I0D_!M2!@;;a-eB!P~^G@nsX@_Ku#jOH9=IQ*#QWEBM1KJf_D)A z`+@(QYa{S~toYA?{{R9K>Hixb@KuceYump-;EO0`!lqohn|&S$Eso7nxDbwkJ+}wR zH~l|$yN}#@C_&B8IuAfa&__MrWmSm*nuKjK0Q<0K_SJQjvpC+DS0Cu;wBnrg-;gCD z1Vb6>@MQ_n#mMDc9+@r5zpO@V@n_^Rc+yzpo=6?kxO#UwLvdunEd7s@TpoHR26!Gc zej9O);E%U>qeHhUjoV38L8}NP`z*L_xJlrF(rN+Zq?%@Po{<@gu_PJ>Iy@O+EiFBb zu6Hik#j4!JOm!PSLwEIsG746MCLb(!>QccP3m$RJI)9_i2A6h&p}|j5#?y4lu(Ug)Q=V3m@wsCJPNpLMkdMUs*vBNx`2f^RCd1~ z2WHwuIaIGNg@uqBhI{Lqz6il$AxZ%4kn}>gU{e)$26)^_CkD6s*H%jVA20 zU7U+pK=bS!4&sv+KZPI z9DAR50i67pB#d}BVEOePxv9CgOiqnqZ3{tuzVp)8U}A>GH}QboPu z^3}wI#V6%+W!rj#wZ$$Cx}{TBlM;yf>8qJxNe`79O+WcVye;AtLH?G+$J_jfrT;!x9QYeBnRt7F^!g4IA@v z+{+Gn?OI*1mCWnKyn0iTH~&?mR^r=?1sztUW+FqEYfsyLgoHe>In-!U1z!zFzlV}( z=Dx~~Y{Buspl$!sV#Hep1@sKF^{D(tU(@|0REzwq)FGmW+~zaBvV~=kJ%n601rfbp z9yWZ(E{uL~Vu%4rQEV-guQyS^Cb>0(0hJ+=TOX`-alHej5I;D7hl@!8q<$iV!}&`F zmy{ufnj<|#Wu&kyo{U)Te+znfR+&svV2srOF=WGEkT{oy)Jr2wnHo*qoZgBWd z=2M zCcL|dN8jsX6n=VVeqeP~uA$-E8B}uii-OO$Z&b5vV0^uRY3C9 z8wzcRXr$NnLzBac*VMvDpApKE0$@)o-8g@YqRwO3Js>2Bh@^rJ2&M}iUpCT|CXTQ+ zVGj_%)@Otn9jeoL&<@c6H%zb@6{-Hhw;YB8wc{ef$b!K2g%z8i)eW0q9?lJ*Nv{#< zIPi+X!d{trJg>E^2TWy8X6`Zg9lF>z%Hn`t+9HMTjhkOlR@Ihdt`c$7cUS=)!zuY3 z1{{AMe2=OFPlE##eb4qGf4N=^RPsuoUDk}_#6VfCxhjhP1Hk>G00a^f9?Hsoe$be^ z-V`AA!W>cc79*&*LaW8GeFbIqLl`Mf$#6X175?@q%O7DAKONiO95fbdzw$VF?nK4iI?Iwmv7v? zvEZ}AI}7OGj@%#cXtgr&l4r5M#_F#fmoS60CTv9CJ2yyaj_N4X2VG^bMTOa~7-qJk$=POS);*{Q2LltyPqn$!@7^h41ReNN zC?)!!ZL85!8R%deN)d3p(HhoN->A84js{5V8UW#a`WpiobiVZ2Z&E(RWdUBU1d#D* zVt6WKo-_kZQ1~eX(?2}qsM+{p936R_FimKIHEm#9$eV!!lRWrs2+UUJp@h#zEdn7O z?;ves5VW$Gq!k!$JbfVx{whN#YMNeipWkCwkGLmtwiCW2Y3mTsOmPyTeZOy`j|9Y6 z572RfN0JY{CJP;)T$&->E45Iw;!iA4*rjNZPHZ8;f*L> z`W<54O4X78lBNs6Ep;0}LlhmIhN9pg_$+i`W_w!FPt}`$)kG7Kyd4h-5%BhArn0pa zX6T@*NC>nfh6@>k$HP1Ys?$H-fTx;X@|ZCDv7<2AjC*Mu>>ik~bjk@F^J5TltQHNp zJ{XCL-<5MlL)^MCaVZ9JQXhPbc3Q<192Zqx24S9uhx3ZQC3 zqjitU*qfi+BuPYhQh?w+m9#KkT?;x$$WmG@j}@8~gyD!GEMlScu@QuCOt}zz`9)oe zaEUQNJH_3*L9|Jtra_$X1vlOT%+=W}&t0eC-?BJr<;kKUK^Eu#aW-GC-bk6JMV~ud8pm6Q2pl98R0ESB2_BiUrFW zkglpHA#(|btDknmqW1v`Uye!nG5<}pm|_POoU*M%hrHTm%S&USvRZ_*gb+MK*Wxb9 zhWPo|k5Si9;-RJ#qL1j98t8wcCS-d?4m4pZ0L~t-D>ixeu;~ftJtF1=HAHqUkAA;D zr)}z;+q0v=6yBY^MomN6V0wG%bYXEggf|#@>fUWO}yf| zVt|?nZB5Xa9SXJbAcKNo^fzLOY1{qh`}a90aaQ&i`s-})W1XO|ab?m-D}weurdkbq zauD?Rc{mCFk_7m!^cFLWvAKr|=}j1Pv>|-hn&u0fXo#o0-=Wd^L81jTi0OB=zBkal zcX%Pz2Fo17%WofSRq+fFnzPJP78&S>!2qRkat20lZ>LlKu2P^rQK$ed2 z=d75^!TCY>=^C4pU&neqfn#XXjq6g7=OQKohoWTv_e1}bmh%(jc^Gzjgp$gA)Gp!! zxe>heDf}YysL^H+J_}D#ae2}^SsZjJ-{V|@C0OIrW{O!~hv{GkIxGKKvgp7d;Q>zN zB%v=@@@`yLUmR(j$a&v{FRHn;;Ta@{GlSjt93eyOsRdBN&)I7k28_73&|{zsO6U;y zFg<u8Bf;xTw#HeZ@Y$%NRxrvhK?hG5Kmwt_(TYp|`*EZ(Q`%Zv?8h5?9i@W@2;eDxU zw|OODS^o~mK(iN!elHJttp1StsQqTY?QcVjK0^^pPGz`VjO_T25Lu51QtH5Pe+o%9 z=n4T{iMQc#;phLlGXQY`ck(ci(K3L-{&%$e@2UES14t0JQbBI?&l>nG)c;r4e{hZA zcGkZO&5>XbtIWW0<}o2yfii%fGd}yvtKSxAd5juFRu<798b$y*e{-aHL!xGsx*h>I z?g5C?&3SF+`&3?GjTD`5Boy2i2;y~;(SJH(q{)E=Nfz6<%4cCI zETzzKaWW(X5bLDXqXHw zsBidHP{ki?^8HeG)QdB1FH+oi{ys9Jr5MATT}k3dzsrOEs6m_Mt6&LYh7zIL-jWY2 zN&?{Ly}PtMg7E1O^GmgzT?| zg(c-O{BvZPQ-y1j=z!eiJ*8L{l==MF{o(S010_%H8%`?Fh+ue2mBufxdMD%uAe4{x z7l+OtSiQc&8SLwymXmBbjWlIdinRong;|&O6Ma!(3oFS7@i&WBqbku51cgoZst~m= zhw64s_jn8{Y-Mw!L;$EY^4v7f-guM3vW=6aPl=EKnmT}2e%583F1XyZZD}_p`Mf)a zJ^%U12O5ZmCjv5n&n}diP=b(oA+DE>3GUi~JB@f{H>zl*-|Y+YN`=hhV_B3;Ex=_~ z)}?m|I2~mAa-sj~%LSyA_cGTi{rq!jpd9bL1VX!(JUYP5Os5_kUYAgCVSLeQwXJbj zIzw_NLUT9jz3$UqUh@0TdJKQ=$cv*9sPkw4+T_mEST<%EBPJO9*#Ex7t2rvhXT>-( zXKa(qRA=i5Jz+TZ)aY!jw)6Gt@Vfn&Gs*t(=tya^(h)7aHmjFJLf7XyQ6t)_jC{Xl z$C{?qlV4^02{zm*LVOuByaz={O`14cJ;tRz84cgzGaRTPwqH#*ys@0TNsLMzwY751 z41Oefx3-~Vyngh$xK#H}&6s?;?u{o8ozZbb)Um*sdf&#vdt3g@fumAizpt@KCMZw= z_s5TCW+7=03#QMjp=qnrkI-PO^GvpOQ+W^M1>4r}y48anqF( z#6%R`@L&Dz!bnV(uT6A@(OclY4KnvKC78hZlA{49bAbA?RSn1sfchKD*YcC-e+EdO z#ImeoqRjiG#2)UiN@2kb2TY zg_-A*c6;r3-WkUl)jdq+)VsPLM7}=#NDXnqJ1+a4-okgjZ)4a_O~M9umO!1fb$Voc zRE1Aab3V_*{0-BnvD&GQR*yw2kEwF>i|Djk+3FJhA-8ZzUkKFed1sH)U>XKx)=xpr z(bnXu+0KX&YHP4|$W3sfGNoyQiuk0Y!bOgUrj7clc63fbYwE^A@SJ}H44!NX>OX>X zi=lpiIQ?>V85NrEu;izbekf$9%E4%SZ`x!m1H&s91LoHeVf3ih$;QcO8p$rjEXZc5gtb+!G2fVA&zeMbSdyj$)BN-VRzXs@jnh}K!q4|IH?nG;V?bZ zA8{WhmvH!0%k_+(eB!u{eMD^p)B1u{l31!DKwp$~Dk|S$b;u6AWQTB4xo+SL(6@-& z%Ap9+ZM`!~?DDC7_!F{wwBg?xO9Xhv3liq#*a^nuS*mU_W45*w1+_s8-ZrU*oHm)c zkU9Z~=v4H8NGy~3L?!Uy)l z?IxZldP|-bq7(%vJi~lM#pl03U;=h|3u#u3pACG8-S{8f%woO- z27iVONHaz|;~KI?P6l-hD9qp%E`v#nIw~#!e6Gm&`$4uDw83`xK)0NIUL76oK)lfM zi;`f@n;B#zZ9Z-}w;INTpG@2Gd@D)rQoqKAw`jYC=zV2aKS@uuZ%1|4+HLpfJ#Bw~ zoxt~&6)EedmS9*?=LyfXbrj$ee^}xh7wf5Ym%_{H5n5EpDRWP%9Gc5j&= zSFOq(6KygwzZdNC-;I!CVMl0vBH&zqWFWHc4%Wm6E98P~nVf6Ak%!z* zFdt2W$og$SMliA3X$fQ{ITNcRL!A5BJoSLIu8`}w)`^8^3>C;8=qaFMjHRp8(nYQO zlTe0ZEBQEs^B#rz2lWTHZivE*0>0Q6n&)Z zI?7rYiuuz~tjFKuOMnOWp=JP2#ijK}7Gqk1?Q^<^!{62esw{!Z^NGAK2x_rNI%ZJ) zXZJ0hjHLwInr_w211dx99|9<8doMc&M!+fcti+w5U^k`&D!?e(^6q);6|)){{Nmw; z3dv{uF*jPE1xo*@z9oRaj12xEipEgaSd6(j)u9E5wl(0D&xruqX9$eFIEK@Fl<=p< z7=hbX!XVlkt;>%rN)G}-?Pa+6{^m+!Kg5e^mT^aIqX>nUt@;XYi>FUjPAnA%vRlsm zVf+Sz1RU8cyB==PT#3z43Sb~eeTL7rD6O9G4)j<0G~}IpaN8mS%}XrdvXB;@HAuLAVWY*YEN!RCMLEy7`8IahG^Y)8BUzJ=5;OzKahw zp}dS;xs1YeS{K+wlJBJOE zz*cUFT<8iOcep6&j#CUwxxZvsQRd~ErP$0t2I@7GR1v{t%;#i?V+^^|hQ_H9Aiu!D z9QjPS7osuq=2|Xdv*KF~2kGKl+YY|OyQoHT{}O>$j^&a44yY|M8Z&utI?OcfpzO04 zSSD;2XUZ)`3HrIb7bV3NFqcTroruo_F%YA;;-u0xA%jlzYR;Kl5z=*VAhdIg4PHAr zp!KbT1nDK_7x86nZ{)sU+7`^bB{|s&XvToizx7P0aHet{K5b7wn*1onb6XH^|fEG2oJ_tV$lL$*kVzr5Piv%M$9rkBm0P!U4%{%@)h%5Nm zQY0xtH&4SlAr;WAl|yBChq8pNfF6n?Ud^Hu3(+XJlnVDCM&NC|XMbfrF{i;ZLn^cj zt3L>Q@<|!88?*vY%m_fh8x;!jup#$Ts1U|#2@+Rr!g>3IgmsJ3SXq6@`)|x@+FFYN+a~@!{vE%RrCxY zDI%vjjfIGri#>sIFgq}-1vfrJc#w@Hm{rt4@|r`l$wf)zrCVvJRY%;^_y%i2p^6R%(&1S9p+W{Rv!w_X2gJhlcTe^ z)y&#g%9n8elRwIGwiheqa-#m-IV_{sVpl{_2QEub5T7EGyq6feE}HDZ*-V?FQXgl_ zUdA;&G^my0?u!%NRzd~e$V@qM(x0af%l|swAbrcdrA5M#Uc6C1yD?mLBGUQeB*o^& zoErz{N_c;57FV&J-03iLy$^oeibF8e6K2v`OJler4eyM)4GGI1_-|WTF;Caqbw}es zG-{$i*Ig#yq1|L(rKyE|cwhI=l?P%_eRH~54EKN%89ksQ&{zv_;$MCoKfP)C8n-B6xDq{W2X$UK3oT z&OweDqW;E{2})J&HA5ROxaVwukFD*3iMgCaMX}3jUZi?V1Zs%9q=VDVW$RI6@AF%( zM<-Zh9TDs>53VU}#eu=D3xb=}nFmAwyn|4#5%5Jd`Jt>Q%MueHfEnNkDNLDJe|(04 z3(x^Tfg_U#fD!<{+ZHaeg|sg4-*lz=K3ubXF*hbk$3Ck1NY&;Ey;GpdvE@pyP56tJ zWn7K{H6D~Nntk2LgYi!c2=6elY4AsdjC`Ta-!?XtR!RcMUWDsUUn$QbZB$g)UTsZ_ zpJY%@v;R;xwQt4fdGcqlrkeXIaBs@>+1$q@CYO{D4nPW&VJXW_m7&38IgmH-X`!$X zWbaQ?5MdS=EVtmhBOGt#bpH_%QOp4ez=q@Sn(o&En;(o-Bv_stOicUt(c!yOv?O3@ zjo;>Tzy~HKCT#e9I&iYhQ!P$VIrtG1HGu$ib&wcSaA?_2xRJ6pCiiX_(Iokx0ud1r z8salPyn#e`rz+VK;10Jd;{P_Y{RS&{XH--6qkHr(RNR0pQQhXt$7h5dV<-$ePQ43F zt%LHj0oM1#MiW}Q(6%3cC&>&634zY5V8GCA6X}i_+?{Y3Vq{`-M)k8!L+5ZX{#(5odY zyBvW5ht8*yz&k%3)8oSp$17wF2_=K}El5A<>PRK%=*BaX5@~`i&C?^EoZrtjRPJEH z12Gn+*)1yj%wqRtWFHsUt;GF0e{GxHP;C&VAu9`E2;O^2Op6Em9RTL2)7 zCjZIQH1$Reo`b{ay=;O_@!oKGKU0f@6+ePqoPHD}H8yxoY>&#Fuv{-mK{zF!;;L`g zVeFYBFPlyMuc4tXspO}lkG02i{Ktx~xpk{5bu@twCvq7FC|)J(xtxua7c@EJaa ze^8ddJWH_*APTC+XXuhjlI@wQTGSY`eiv4?<+6-{3Oi61>6iSw)XRb&6)`mb+Y!_{ zT1$k)*wZAS@jWD3AixE8 z%+0I^7$|1l*DvqQueOIu{tmL*wk1I28Tv(zNy&0BmSb?96UJsTA8J733u4W%yv z?c#NJTN|PaktEtofW#cLA20u-v7xcTxJw+TDJHxP(>|QX;5GesmwFVc#7i-~?W~2g z^;vPQpvFoT*HSlp`ZIh4a|2$BfLB~SF^rd+pFvu%Ma>&-YP&4Att`so4zm(Y#tq7wbu-C`3Q0|jfuv8IZhkI zhg;M2Z#K2z5Ri8!#rncxFG540FjBBzRzBjMRn*h@0cHMy<4k6LHx7mp`znbbS^)0n z)YdI%cNZ@_sMnK8Rf{F)x8*ZJZn;EiXBEI8H{^}*RRNXWFi_Cn+mYBvBgFkId39XK>v_G8KbglKU4r!{r&KbAOt zp#*o|=u_;OefiK;?nq7L0&4V6sPXqjR9yRAxyrZKgb+xz!U`$nxpt(Z%%)LvQYY7~ zLRlVHGl8(o_tauVHO9Dn^C#k>ecT1FVWw1d|GoJg$Xa(kl%9x(+(F|2z;}z zipU3=OBO9eUU-ak`W*q5)YgYS0S>my^9*8dQ)*b2qWH{p13VKfH<`aMfd_kearUYB z5F+`8)1qX{77X@@&33nk6W2g*90xAaB|IpIb?74XFGWTM&jXqw;PDUfu5bw@fwk{N z?@V2gMMfV9pebXFr)*om#tt;NA`b3~79uafM|}{9?d0`6l2rC(aXAoy(sk*=DTpik zXSOTy(oZU)(>eAoZ%ZoI#5DulgxE*Spk$cM&}vd&&@mT@&Ga z@~a0FO&&M2GO2dR=8i4V2stjjmw50Ryz$%2&L*tP`OayPiwW@ip($sU^|V06 zqlL7IGRO)1 z-mh(`s}3*o*mmI+JovcZNRjl7y=*y3?lhFhP;oa6XK$NTMDDNoi4{H(#!0)WxVRZ{ zd7C?YniCf?UItJz8)2Iy_`=Ccig9qyTAh|1y=^c}UN5I}hpJ zZbAIJA*AyE&!PVx8!yvvfa~iTQwRTx3oT7>DR+BayFS`%_PjhFX2S+|c}fcX_=<|T z6i&xJ{??D{*OGX#&Np$~qmByG13Rbb9OxvN5ByyhcRU`uZMrdS%tG zi>i~W^6uq+?6>4SxKF$O%ulyl`2^!sm2Jp^-FPOxFg%y-uWxzUQ$X`0?(xXee6E*; z@tooYFWEgr!^Nd3{pk8=BY*8<-o5_F<{X@w6!>9ohz6MWePDOG?k5rST`HnYS;ZkuF4RGP5Q@ildGc|%?>tp6*_l)^?pCw=A)ZS z+lr%Tx_pHV*F-(-M2Fp3W4%cNHog;nDu8RASgwf~4Ng&ietoijmIb1F4DvT7H+CjR znpeKYkKPlvq@FO@u0_xKsR>9c(%b0o0NsE^e+m$viNYYYrmC^*{RCJB=4^&bz;{g5 z`;oBzj~mV#j5cYTG5T(NJ>iqm&;xtLV@-HDu zY)P#81_tJ%N;#7JMwZqY1P!E< z=hw6xSEZ33Xo@Qy5LOkUD&XIAeraE)D?{t1h_1P4-u>$2vc^IO*b{s!@-8sSTun&8 zQ)s0bW$mbY7l`lA?!2nw2x104&ZIn)VWdvFgDosXW2#>K?RTfL0yK^AMZv6}ZdYWS zMqV5TKE`bje}3I$dVKO4LOAyAx*6hIci2n`e*Msu`r~u`dHx`o-lUP`J9_2&9ziq} zqP}$7CvP9o)IiffyPOfZFNRc)Lm5yM4y1Bq4PxI$YyGikL~UfIVe~a*SBgvcVxIlp z{0oIdsXrd%5tGZ$elxubdQQ_70<)7&>NF^Bc9H*irJ_Sd7nFTxb?Wqw(raEz6*OmLf6|9X{!!xR|Dx z8zul+{=o43hJ_03W5Fq;uzyP(oJH}z7e^}%HGI0DIk6`he81=ObANGod;C7p%CBe^ zE1DiLfiqe)FWUD!azSH|Uu*s`T{{L#Z|=Aa}~))98ZS=VDBo-4(I+8JO&P(i7DA=#E$PVW)1ILxneu z{L1VbJIp0!Ug6v%_DI{=P*X^Jdj9x0GsBwMN&BbqyN0#r|TlD;<^G4W?BUD zCa=qv$jk9Ng$Gdw54+V`xq(Uo^aaLx<&_1PF^tvVJ|O2GQ+m3e zULSO9j{y50A4?q3|On#E+V%s`-AxO+=a*Vx-0^4?^@5 zp5AW=l6{J8_EiTghpcPtg&X zJGr^R>jg85=!Er>v!#7&1GkiL z5PlH&)E!_{bV~*rSRrCpItP}3Yh}>vjt_O62#-Wlx_KP!>5K-?Y}1v9`#3I~A#6{1 zv%ut9Msu0j)bGrdPVz4`L)%IHFJ4z%kZ9wWMdB+l_nJZ(w(mJ2X%RzDVbb_Y2JkoA z>R=B|+8!IBtB>>lPNw%#izu~JdKO>%h!Yr02)+^gEHLm`0R^Fy^J)~Sj?Ta2v|}|S zF5`u}m}Zll@SaVhr?5h54PSW-BGROp&$UDVYv-&xFPFYx z1c~mGUZ4?z#pL5eg-eGA$NX#+&02>vh@+yj{0ywtRqp5ipq~{DHLHDgDK@7jC;J!s zaSXO#!U+s`>D6OkzW|wty~Ta5X3x7GD5BvxrlQM6zFJdxVm+!UD4D}o;;KmpBxQS@ zNo2Ty)fwMG1rlY|^V#Plz|(k6t4hpLIW8ZMvgW$Dfe`!_tc=a=oN_$z28Cc3r5(jW zHl_F-9WcpNFcL_HvK64rWATd_v1s8^icy2P*t?-jRB9zfh=F8=A6)PHf>YVT|7uN) zZ{n5?1XZo#rFK|69zU=@_UT2ciYXRc`}i#~&dq+mkomEun?WAnM~Y%bD{A=J5#~^X1zf0GNgXvCfei{V zO9+_`ytdR5E6r>rmo9!w6!lAq++`l;8Mo zz6Q>sO0+gy@j}Zd4){@E<9@8bkx|71nMQ=~Ro?8pXhhw8xMY_Eocj5?2M_Aj_fLwEx{z0|e7i)ey<`WRVyWF*S&phQ1G>s}CmSoc% z1s+Dpz_ai&r>&L9{IPA;8`d9G_QanGvElltDI{ZW(5~6U7r(54((0KIRci0k0h!)` z^tJ@_$umz$=51+7KDOywCH6Vo{c;2|CVgO&8hrhR5(s-sS^>y1=XxBR=OTDb` zoQo8d5Hw@$=JrftlRWilnfqLT2awV{kG``P=ulrY3 z;n|I2ED7kV;%)BBX;l;G;Eb6)MiX|lfuI#BcvVcaLLy!69R~*dEqyXeNX&&#dV~o-4YSq6Kye z6$-156SgwBI(h39YuHMI0V_Bau4Ex<|D`9cu>6bAg9vZ+DJR%hpNOG>eQoP-3k*pS zVNk{(FIAB}c|C8TS&HixdcuZO7m?_f!Z>I__T0N4i?Rt>|F=5Vn8G|FaJLFyA$11k zpsXt?gnz~9Pwr1NkXk~?zq=lneU7ZYsD1j1#H=|i+AKU!qQ{9eSKrat9EQ;$rAF=$U!H;Fj)l z_;#Sdz79hX?s6K{Q^rUIYJ0P7c9<671iKE7RsoC$XGE4k9fUR{C?PF&!8;fE;T zuIO)My_JuU?|HxPcF9SBKiTe8^S0~FWu+q!ufAsYCy~46Z!cIVZ$V**$osic`ogDR zv_CjCCJy2htMstL4pjM(?ItyjJ#-s}xe>ivD0)>=DBtp={oA*Xy4}w?qDFh3_55PNNjpVMj~>)w=gpMitN=_2)rt|bz=R)3_rS}{ z)O&11tT_^2A$oc|NHLkn+##U|=R0j;?O4JD8mV}(l)%GV(h-DA&0*&86;nwk{1ww> zul2R|RTSjv$N7199b}hm_rCYN1*SA=_Uq?lk)DUwyxxLz!1S&Y4^=@0BCjbcEnwuk z5Ir^WF~{at_@|WmsubXL7Wl$$r*7cU5h_uJ#lDKTN;GTPRw^Y)yzGe@)eXerY2V0Y zF0p=!x?s|kIc>fJN?Fef5uwKuDe#CQ9WvX=GwO=m&B z)y2mS+gpxTZ5du0U-d(7yyu?WNB}Veg$hNZ-Mu;mcVB%JDD`XJJurat2kVC+Hla0& zhW&J}?bbR7ogq3(7N|3v+O8B?zE5#CQ+EP|>pS^^9ar-r^?rjd4KBDwj zyn(QPIb;-+p<O<3T8&W0m*i!D?gxU)4pP6LxD|R*^V8&V+T^#b6ycrX{NO4>{d~H)6R4pN@Wr_W``hl4i04igqR3efc*z> zkd?H?S1M+0VVyaZZxDvg_Dk&dE5r?c6aC!97oFjD9=_tD*-*k&gaZRU5{Dl`M$ff4&G%{1FQ{isSYH;ud<@ZeW!Wxn+GkbZV`6z% zgC1%&?&wSTiKy|Xhv#de6|efK*73Rd{lkS+x^paKnJePG3+D#xw)XUeIspG!hWg*v zoTC0uOIQD+!1e!Kx{8GLug(6O3fTVu^FKxKZ=EdiB@2oq?RE_cI7Ndn0AO4y}-Je3eEm3q>0jn~o2an6r{jweA*$f-`r2`jA3FVP`p@mbso1nHKs@&JWDBSlL$$p~-qfu90QOy(fV%sQ)GPF*Dg;$|jR@#Z|g zUqfgR5gM_2exap*W6>UHsq>(<#xbG%`G7Iyx;kE%4u_TOrpXumuIJfVo!g5aaX&t2 zbu{+*S*4+H)8>GFo42BY&Qljg{NYp8lFd*$rQ4k2dRA!p{l59=xOz_^8p18v zuX_+^7FizNtO4>`7;x<>X3uR|`@?owOLPzGyT%3Jb2114y2^uP?~G@#;oq7T%q1u= z9K&(7iFmU!rSucb0P6dY5K8bYqD%51FTrrrLJIluR?*Q{lTBF7jmrCQ_GH<|ZI#Y4 z;_o9TJ%A-QY5PzzLI*GuYkjw0E6!`JlM>mhvM3X6tfEI@upe-PcCi~pY$ z`4Hut({f?DGtUdS4NfNpEV$C6@3X*EU57}~4A2XRBa70KWIc!}2Hu~%q%vB9!pkd#y*h|k=x{5?ct=as2@hxStu^=ioCk{FE5fT zmfrtaNMORB?|Rf{{~%e2l>-;NKHfi@JU=fOD={r9DUtB+MrFuwB?FTb{^P%2a{{#} zdeB*)T*uY~CI01s3k-ZKs;^&no=+xe%gMSmLFdmeP$mh1?ct?-NfMU*mrYQ+>6cOM z_H8?LIR52y;`!)R74}aF&t7l86`rpZ%id#GMU&bt&01UgOW{XjQWe*W3hr-Av!`E? zC49M1OD-pA#y+*$R?zxm?=8m5xR`YPt^6QMrf{^$3 z$v^?dj=wP|*wCQW>mWuk>({3%!WregAvZnwU&Os-Se0GSKf3m&yF)r9rID6RgLF!F zDF`Ut8zhtlDd~_9Q5r;2kdj6~It1x%rOxg1Jny;w=epi=zMd}|_S!4wo;5RT=6BD6 zMD{i*N@HuwMSdbXFxmgu~E>*M!5rr^og-4lZO zsgKh-$R`3O*zAvP(e~H_VGPK;do84DgepO0yR5N9GpS9Rt=|K)QPH!#&w|VF!-X-r z-k4vcOP;Fi4Kn!kzH{&RJ%sGV__TC-Z~5X@4T^vh0tv*IvtbE)kUXlPt;|d*fMQ9a zj!kEoMjqLTg-q+hLfUL_Bsmv+{GytaZAYpA*4s2 ztlxb9abOh7`;5qnbL+ixSLLSU;CpL26dXQfm(#rAahS-DYYuwfJqDZf6IeT)2oSQXeP6=c)qQ#K*fZ`Ndxi&3;`&$Lox)_T-JPJmg$nmtzo1%!;o}PO zF{g#^Qo{$tYeLe;r`1!A&p~e!Pm#vgNw2`}VZ-v2J1wb4&L3Jl@fE%=JmA9_e%AP| zW&6OqB=p;LEY+MnFxA&8NeI6SUji;?u|I^wY4F*Axjh(wajGm7ApNvKw>%x@8g0<74L>4h)Bf&4V{0`^DCHaataXajFeNzRyPAYp zg`)7tJC*|9q`8PR?tD=fi}fOishsLYkG;m6?*kez_Axru((tg5u?=JC zRb8?JmuZKGlw@>mdiXgR#&cvYN~^ghYCBo?<0E!Ib5tZnB;CK{@B@4ySV{ESjLa8m z&&jZog1C9vggoou&37B!knLx)^X{~Dq!{9O8<(4#&v7VfY>Q(@a>_n?Bo6}0NQsse z7n`i}&oJBV<@Xt)1>4x18OD+w%M4)6ln2e_2l+jo+T@uW<5(0W79+(b(`>a!K+qQ& z*RAhU7m8|nbU;rg}WapFc?q#WIdF%Peg)HCqb_^Q`b3 zn4>Gu$(h|zDzQUp{ke;-CFj(|0mPj8-);WqLH=kFzi;|nD!hOP$ z{Dzp#5*`JT-B;PN(?M4EPd}=!4vkDA|40sh zm~6eq9|hRqyDhl1_>m-lR}#!ovNc9}9+C1SsY8@P*rmR$uv^ILIYL*_KwtWaqz`#~ z{Jx#dCMF?%&5+F=qMk-eu+;_&}UGYT5u$r89qsaG9G*hhZF z1oWtemRY65g)-_BvkHpBEF7P+eOo=VPlWo0U8O9!>; z;dkNs$3{w%SGS*oWCUWnN5uD6mR@|C?k>76TX#%XVG$T3o)O6)g|=Tm#!`t@l`st` z{GpTafd(9L4~@Rve7);`uDv1$u8K?23Dg ze=xT{fA#{lB*Ay?bZ4Cg6>MhCMbW}BhsKuOL}3TAC`gJC(OBjrTo>wPJN8P!fsPM`yvoAfM}HD*5PMRfW<|r} z>+=K#URjJu;eRD8;lq-DgR!QF-kwDR=3W8Om=8S7y%6f0iYtPI-Q6BsSrZ`dZ1|4F zck8BEqnszzdN55{J*;q});|KH`JOI?%2qhS#u=i&khNixiq!bP_s7#^+sX%c)j0Y8 z#}c~)_B^M(aR(ld0#ms+rp`8<*dSVy7Nz=s9xHocpL==Is`%QSp3j)buw7qYYMC>I zyee0W^q(!$>G11S$ICK$FtH3A8Aj?&t3%weE0oaMg~MqoWr_)q2EAqkGBr7FA3#C` zo4Y?FEn-#p9^SyLQa{RQB8-q08w>><-G#AKT+H#p=C02leW&-1Z$(||Zc!Bkb7#O3 z^Sv#}1f)T*YcX_ccWh!M)^6vrWWtZc&q+zyNk@xW!-VmbRYm_*sY9P1qap6Hms;B? zRuoB^h=Eljmf2L=v+xiV{NxlIE?_^RQ5DBoMs6eHkfPJ<+d;itPI_?*fw;zP{VuByk9RH1#Z?il)dnvI`L&;z1)Y zYM{-$gO-KS>z*D(%zK#1Ati(7Ph-4}x}a;Q6rSqzRgB@@@=M4QXGZivrslrmxd$YZ zpul1|;~=9itqVS?c0C+PHZF!gh>g@V+;h{aPhZ3N1u^6jDuND^S*G(T$R+wji;om! zko)d1o4=^5Rr0vW^J}vw3ppJDz{?~Z8kamL+#Icy<^(e}Lc7Ze+{|Auy%QQMSrmI= zJiZt44z7+bS?I4c$=QGPTxT zN{R+V_xDa{2mR5hB`W5q(0JbdBeW!6GZAmVF7eI-@g59?`d6a&(mrjx{KE91vNntv zj+pVZvW!5tSk1*i3eAqf+`_Oj$o1c3C0T@tjNHsd(sp&@-qE*n<$Xtcye^a=M98|+xtDaoWWj8RU8m|^XK@(*4Q zq$IFzDl(`)|A^`jYPGJMz{Vrm=TB%t*f$lKG>>-R=?uP6h(BZ$L!%L@bT`BwRFb&i z+Qw&zLW;xsZWn8#ax2(%Wsl(u?LLjlKts#__0}99r_~;R_g|;qaJ?3@vv2_?Dkxr3UF56nqj78?@Q}OK5(Sj-`kSGmQuGAeSPUfAO!E^IiJx6e9`u;NWjrt0ngYSm2j63vt5IfMQzxmG`A#D$kdVF_M$M-PQ780UPcL zV8fz7=wvd+S~a%NOxSfKxxo(PgbWzn2H549nX%aE4pf%GCe za*1umqy7n)QPO@u2byCxE>7IQMLjWatIYYcc;ntKas-**Qne-cyl#gGKqEJN`$3ie zJ0=i)_dV{}##&3}rUP-)$aQ{d*jeHtf-G;y&3A7F1OQ%3K9tE#b? zZFOvYS7bfA{?V1#f%aN8>Za`1id`htq$uRkMu4k(!zfEN*pKX$f?QsW@4Bf6n1apk zShp`ps1Aakd`S@wa;ettM2Fnk!!W+niPc6jin^I0U6`%(r<>gGMf|rVpKHacrRohP zqO%+T48YrQ-cESqXHS0F!(#-7y?i^lhz-p|I~*4t&M;_5Kv8ZhoK7`^e6GP278>80GR;wOPSW~>|M)y(sTD* zdFJjs4?h6QXaF`+#28#|M&^w@dI8fvrvgYfsBXI7S-CU?$aL8rd9MsP*1;DjTgkzk z1BxXgHZfNs?>9PFk|uz1blmax9(ir>x#yXrOB7k{UDkZ*?AVoz56GwLpUDnBJ-70< zK8G`f8hqAMCshfWndC3heqv|d!Jjl0SNC$JwXk2ztx{4pvVOO2;qtb8?XWLvJ$NV7 z6}aD}-#?T5@y9TAL})9c{uP~iQ@_BE?xT-qB}3Kh_Kq`Mn9y6)m{>?^TJV|n?taUb zH<&AZnV2=yIr3ex`dlFkJ&>fZc{GerRv9Qmue$i{?5kZ8dg;Rv4buWX)-|VzatGXZ z*J*qQYOC(zX~u|T{Ot~4A-U@f&$yAbe;$EXl1bd#W^x(iZ4~#h8N&#Pfru1PbWD%` zGXbVLc+@Kr>?S_&rF#DNn*!HiLRPc@$qe%m5CktPSz-Skg0P(K< z!NP!UX$+=bc+lu8CBM8ee;NF3p-m#{;P&-U=EEPp^I-`f0cg$7%*an$%3>kq2s(WG zY1H2<9~!^xJ-j4f+mDkDk__@bTE2c3Hb~e4Z) z^6~g{^R~A;^hIekh2xXc+!3ss*NqFvi~G`VIX)Av3KP;xH*=*9Wv!z%G`a0ba*-_tUi2zn ziLLHZSEbEhE^S{IgAMtO27Kh#7X!-`c*st|?nT_&RbYs~=%UvOayIn@h1)XTQQ!TYzwv6H^n?d!%;oALY&|cC0FoR?QXc{tpx-$alER7 z5n_a{#-k$kEw0t!OK3A35CJY)ZgAa%WsWLo??9f%=w~7-^O4R8_MVDV!YjS6ES9@sy*~k&DM7s8Q$-~HgEHxd|0xtENH+yVi`hM#u0-*VInerY2Zo< z=6%DeFQvr7lIoyTjrjr1&A1G!Cc`j6mke~I_D#d9-oBEWj`2cq-S8SsHX=@IMp47> zA+PR_RkYYTy9O*0y+>AnusMWRDMeLvO!x7VNnoB=+2f}(Q!Fb-Xp!gC!z~HS+0^ggPTV~D{-7~T z4+EEEp4)xc&yuhI=N_k8NZw~pjwd&Ki<>WU=Q=xE^^dDD?oi6&i}b&StLG#UuNdx8sqGHhYqYP>2&Dx% zkVnk!p)bNp>7{XWqncl^Vl%=RK8gT6v-z982lt6+_B?e>OM3f8e@_*1bq~dVY(}e$ zW@}!>w|Z&%_38dD-mNomGMh+accA2;!e46X$8H0O{!>n9n2L^8bu0FgtlKOO7 zR-^8GE0*Mjn!g=Hh#oLd@Q3vK>ket9@=8r*@2kZDl_U)F0cV1JyH<9j#;gFJlj{9U zG1$d(oEsSZ^VX}-TMY@maR#u}vsfu5(`_%oV1tZ?1mDYT0`Sa+R5Obrp6ZiZ4yn;F zhD6%|RrD%TC3LVyE&hFX~!x5r)XH3r68NqMP(HN)0PXyEbPrYBZ>*w%f#$ zu`vojO96(R*3$1T`5X<3(Q!pEL2Z-D=h?)z_mX)9WwXsRFU$urCNer(pSym$vo(fJ zkH_qzvGpQ_naN1cXat()ZFxo~!?mQ>*b*RHHm{iqclaxvF1MabK230u=OkNfG2*;To?p)ve(MpO~ zE|XO0r9uv4JP=dk402F1s(bHaA_FM!%m^%X>9n*{gfd@5r;j{VR=@E0wU8{B{0o2Y zJoAuP{j~}zw$N8XuQJ$(?HVd{pwY3*yl)FlO}v#13|OT?^n>_(w0gKJS_#jLRJz6- zm|S&mb`Qn_N57Xn5GQbA3i!@#QTGsDPINw~eANLO~y!vB6hWqL%%j<^g2bWJAnWsWFGr?7*J2<{t81)B6` zDo|mVC~FRpU;=)ZGcC77p;6=)uBS>j1-cx7H}rBh`}W6CfmjC@VK9E^1UsOib$$b} z2c!m?rCrIv`V-)c;%#_LnZIxshVb|0k7T=Q0B$fW&Y%97?d8>WSe6y3^!A{9?0{yw zJRRjT4+?`Z9@5BQYUwX4+!D11zJ;Xm^N4C8g{$EfpM)h7Ze1%hM9mu$d|(IBTJnpi z$z6!l5L2p4!_z+>5h4AtjEu8$NJ3Qy{QmjTGavS( z?#y>tvlKSsvzCg2xYI@sNT#g&A^i_6_-C!hVJTya$HOkk%8lZ8ywR2KAA^y|#yX7a zTRJcd-3LJ4f5IHBEJu3Bu0KhZeWOg7Cm~4da3F?jPS&|F?S~zyV>$ttC9Gv9 zj+ni}xPBpZVi1@$%W4T};YW_%F+2e*XQB@*BPrY{aaMj_YIYdDdT)~2hh_N`ZOX6= z2RL958d~64?c(>>1J~g)5k5UUq$lrP#rsl*Vp{ZCR*!q|`}dO14V27LyiOO!1(WU4 z2o84l?2)72E}45{Y>`M+JY=_E10DEw5!6nyz;Nx8S7Z0D%+MCSXBH!jiHsh59P$Wn zxIEw4TDrFa4a_dvw1gD#omHTMCP&}-oHho$>wEsSkKO4aRp$LLj z2DJ!GE<0ml;&t!qqagfip6tZ2jAQ7Hv+&Ew?W<9?e~b9Ikm(okS?wxO>CHYFo{I@U zY&=bP0)%oJPk~m?B39Tz)HvUNqT>Qxsb}w>JPA-q>LYaWK-! z^1&C2yFWEu+dPh_SwhX6Lj-+#sX5b^ydi`B?`k_nH#fC6cdo9=ZLc1M$YLJe68;rb zqz~yerE{|a9$Xv#A-MEvzoSIe^NfaJ51`&+cXD)$vQM4xcstHd5thhehNtwJ_si07 zRT^2(g^!)=iOhZZ@YM9(LX&UKyh~DFbYq{;?5tfhzP#IYWhCyuzL2QU-i~DyB z#O>jf;NOFxIzRyK-vh2x?y+2OOHC51_pE=5#h~JV%f3kIw7K{aJR~l35FMZc3?S&} zjX(X_;^pPxIIOa@4GPD9vfPjF3|>ol6`Xaswcc3*O&qY|0@eq0e@1T{(D=;2>LSRh z-R*duH{R{kzZ3Si!Y>@;%Hp<4^6YIn_(%^9Q(LwqclT`3MntPI=I#0B>gC`7Adk?H zS-L^DHE?!(B!w$a_-|lXxo@rF;%K5F^?s16&ei02%BjU zCh}yJ8$Qx3|DZOz_TMk>8_0m)<9=EdHtDH{1j?58yCqe!2OShTX z^AGklWMu*WELe*h2U+$H$F;W;Y@NP6c>AM_3Zgp#$lqWmmPJ6#3Bio1TC3$V-4q1$ z4HLP=4EGt z)DFh*_g|>9|8E2&RO|nNfaC!OsDGP6h3#nnf95;|a0JAq&^#cLKz#PUphW+lMgME+ zRH)(qjz2vhu>Mw5Z=kAih|K_v;XvsB*k+(^jq-yB7Bm!UJJ#Fz?$6Xu*)ky~6Scp? z$@lJ*v*2IFJm|<=S%p@l9+98+JJ0tEd^RYFpWiFCS=$tr1x{pSreIW??E2fZqf=KF zPCUU;gxjpcUT%+*l7#xp)#uCCZNI&hRi1SjlU_R&>!FkAiGbjouLbBi_Gz zRT00pMHD`Qxf@Ohq-Ae~VV^jD1X}@-cX#b=-8u=8OpNLAbY?yA)+6X|c~`}E+&NPN z6kzS*Dd}9;2uqZf{KWdyQZl#E*VdMnnC%!C82eqh;t^m39`W*!)vv{oL!(u7`a1`p zweV_t39r1As<;(sXj}YnC#*mru`wV6mEqvm^g1K3ckF5jFgY;%1icI*tFU*HACJ?1 z_fNpr%8Pu@(bragJGa=Qr@0~z{zD15pkgVl%Ij=WDK*}1dSHVUG*aaL8E4te?$NOS zqBfqIW5bE{FCi?jGL6$NL|A^|n}LHseZx+(iTlQ|!)W2qMqF;PAjGrLCQa<~J{lhCN9Hp7rA4%$Z z3|mhMAIT2=G1^=zcd{-Gyf?0hHuSke{_JID%O4N9WxLPHBjm=%66?kH)KWUcD>nC z`PU!muvwV>R%6Qh>!Q5Uww*oOVoq_z)X!Y}ymo?`DjwZ-2qPOjF{W<4(#k4D`DC!B zUfOt@u`bs8mwZu@7fXY5a;{URln|Ooc4B2bw_*(oPBoSC&EK?(Oxi=ksnp(@E_T&>;Oexsz%CgkApcwJ;8J=0p-tJgoTZO( zX=n%t1s$d#i7z07> z&kF0r-jHp14;bA8-t$vm(=(jtcCPY2Jcw*@k=G-H)Xdq=*fVqT?zTA8ALLtcof(_v z-!gWfwa5H^eTEq4F7qeeXsZkw!ei-kDT}lg zI8CV4BqFI#HtePIMCmW5mAOm&G^-NkjE?_A`6&UZ>_Pii6y3GZ?|64Eh6!WksOv=( zKOEHSW3`tRGCkLrw2iVFx7|v*WG(5)rJ0J8QboBq4|;dAKmW(d`+V)*JUF{m*MIwa zd7YD30amKJZLp(@&n;Z_eB-WSE5V?=7ao3^)F!G|7)Wo)6eQ`#ruw>VOI7@WXp}ex z^Mm6U5{nUTmFl2rmm`O~CwY)Uc2VXv^NYK0-i!l`m1deEOA?&fB!$rs*vJ}dDun^t zZ+)ZBPexf481cyF%Nf!k9Lm9FcWV|L0rHER?TEyIyr229n?hxTlL6iX3>*d&`Lh^K4AN1G2& zGZhBH-kSnKyAQ6M>w`Oz1EvgD8-qy%WestIIi1R}RUfdvR?FMt5_QIiUF#bA(whOx zT_*nZnO8^V2j_yRG6d4pg`S9=u0fF*0vh6r+1qnCX}Lq6;QuV+8Tl zNbbeQ5f+kY1V*Kvb6Af#9BUi!-&MLMw>Dh1-j^fWN?d_%xylf=VC+I|SBZJ^tce?> zB&xz0T=6=dMN&TSG1Pg*biN~ojPjiGHC? z{dp@1b4`sBG6Saa?gy_Kx)-AHmbpt%9GNLB@xKYr;xv&qvVfyWj!!kAlu0Ks?Dt?( zZB3UC9L`-fN!#iA%E`Cu@Ya4Rfv=lAeD0j)wmr@1wvC1?GRdcApfasmK+&62&0b8~ zSua_&F0;3|c7{*67X6Wa4h6q_sNaQCiP<+D$nOAWi2qDiT$bf`=BMr@lST;fm$1PUvnv8 zgF@J+e`qvsvj`7{nn(vn(Mj%Yl#YDFg_ehAj8rbqcklS{NCsC2Y_R_rCQ3fkdBrVp zDNuZGjFcJ`hqC;eJGvEd470)CU1k_LNe+C+V{KAU8Oag&p_WEK9G?V;8AF6%f19sk zi{|)&6$pLpHu6SiPJy>qPHh9}Z19&=rWkKKa|y7U&ntYcIy+W!f3|Uf^$^FbLzU9S zmg}}>-9;mdMuN0s(m&ghXr5SPUTbC@=8p6nMlWX%YB{3ZXuZsqz6i!DSsV-!SBDeI zWDx(<3ZTqh?RM)r-TRaHF(pcLsq7Qw=U3lq#mOAs_v_9oz+M{QAo1klu@RYuF(2$6 zjuXWi!YVu+yfi3)Z!R`$it!5zpR7<7aGu_Jeg6}ugUwywi?*Ql>M@faYZW%AN2CBB zd@|tcg#D!W>zd##=F*<`zI)Io{|zN@%3jllmIvM9(%Vg(z4lHezovR0-fr0#G!qh| z(U>)4^|JVPo8OZ!OntsXT$o7=F>1U2YFTLP@hbZwa8VBTHv;GcWdD$F6(V299YCeR zR^XhBnuqp=|6#|&F2*0@1>4@-H@YC*QRAfS?L(>)vm{j{9@?ju=UIGA0>NP%!)& z<@-c94>m7WH|c;L>46HTO}8vTrtfYfPCNeG+rr^-m2#ao?QrL9a)V<}*vNSz{}+Rt z9Fx9}`8gO#q0zmuLB!6LaH39B6;!_gsa*0JWw}og$g(P%ocqt>x`hZD2@A?3{rOZwt+*#Onv#o{Q4v(0 zR?eG483h78gg|Vj5Dh`kd35y6Z>)+*hZq>kCk?ozpe}Kp*uCrJLI^^38jT5<%4j2) z>IxGUJKkNE5FfY^{TbxnCf0cSUGd#4F2f6M&>?kF1BLyxYvyPHXNjnI%Lw) zo#nasT>QA;9TB%^t9=@Ne*B#Uz$^is^_=!I+O6y@*#`WJm+mbE8|!2&uLSGr2Fx8Y zD8F=~S&~p2S)k!t2!(TkB$UL{Emxk z9+12z#{0TiKYMJmJ;(nt0@=QTgTyIhF>Jud`E7^vhj6d+dwbr}H=n$x?2uNaA6U|1 z8Sl~Znh0L2Slwe3J^K2%T~_~kz!E76^Jm^PtRG3W-c-r&B(U(@6xtpW#`gZpUgEOg zEtIRPmay}u=sVCmN(WgOTKU8xd0S#b9O)xymegx93fr7m2#w&`D~FcLzh?>2NrhX2 zF74~wJ$k+evGfs9%l>FQtzLb2rtFf3{C_T{Z`cfmrkL&yQ!VlN6laIUbWh(zFKUzk}2<<{w^mnLdK=DR(pTRCN9VZ#d;+68R^3w?Kl(N5WC-YHNxx&yIiy7t9=(rTEV+fiJkRLHM_3vXa3c0H8KZPqLTj%6#s#f8_)*2Juq)b} zj&FxAzHy#0Foy0KRF&}Q+-c#p-YhqjHmZyEAn_cAZ|fD`!M~A3akDH_+^jWRw!G9l zFNk{rDakRSzbcZQZ{nd1m+=}ZyfSvmP`_5(*`rUpS5Co!G(}T{6cvf)CrAA4b)z*W>+>OdWPEp?O z&%1!-RCULG&}d0I9ut8{sowf*>mxjmA+MI$0TuBv6^tZ=K5#cfe~6-Qsk21;bRRAE z!8UMeyH|+oRQZ9P3B0Cmk8s!i65!pXmK_UBf->QQ8l)THI%)M~f!QNh>K@ZLK0n?D zK1{FN_>#0(EMvyV)D${!bcDY4ePf$tO915wu3_ejS1I%uLfc2=OAUl|ws}QfGYxrY z@oZo~Sm5>1@}>oD^j6%0=k&@mCPG&mxCs`AO8tOI?riF#PoRcAb*-A z7EBNos{S=@?K(K~W@c!SfAI7%5rUOnU-OO>5&Xfy-*9#e|0AqJ{mgBc#bpW8A^J+8 z69;=m&q{7yOd1wadT5FIL3~4D+f?({j2bQa7Tkkx??LkK+>hA;FwyrLx~}yUCes;k z#CkbZ9uJg`rLxAMN)&{ zc6$k0O<;W4KzdPDZ>)w7W@5jr-+H!R9{qqV8g&q+Ot&lI!3;yl8DzX9(HUwal_9&{ zSceli!6Fq(O|>X)yoDh)tS;gQf`et$e5v&3%;>m(Wug|W)F1j+{vkr0>RDMcXYrV{%4-)i<0A4i`*m8)%N$q#3?^ZDsc{^bT7F+P+2eKF1MdESe( zd{dEUN9C*B1&t@)P=2+|k6Y7k7O<5-7wCvc>AEbGS%C)E`L{joXbwe_LP2keIx8qM<~mo_wD$ERE$Sy2o$c*}$OdfB+ouN6 z(yJn{pQq`<(|?e;6*L^+in1*rA-98y1UO@dxK*xM2#5I`*F6}3b{SdPH!f83C%CXB zA+WnBPeNCE@1)xO__75XZEErI=5BVDX`8M>lDR>#zM-7zd@o1R;W6(#I;wgC0pbot1wVkH?cIB7B9 z02(J2t7DeGL`Xb3NrD^sQ4y89z{VrVJjko<(#tjY_I?wwW$^y&zSkzd51JP7$&s}M zD)W8ylAK$cbvmC_%y!Y39u=~Q`lsl1gDQnH^-s?iACKn{RTN&5I|aO%{W9H}DcLsv z<~R26QXs4X4cUY;RW<#2Tjaiqu_YenTEP=3@G*||QdXx(xY@&H(9oM?X-3LM1otM$ zekbE$AAU%cMfV3OL9b4t2{a@Lc0)0Tje11NJTJZfnly}$FJ?+&!dZQyvMJa*{(j3B zdd!H9L}gJ@+>1et#%qrWDR)HE`9)Vc1`d?N6$e>bgEB>S?+r=+tkLt1N}i`5;S2Q( zzdd+$Ym2?^jr3KmeB7()d1>BHuAW_gH>BH4=LJaDKC?NU!WkR2IJ2E<>|+7|w1k1u zS=f%BlVQb8&F}9Rp6&GmzvYss!C1_(Qp3BUnBzx1^?`zdxH-wGkLYd8>=)(-G*%0q(zY#s$nd~2^X7e2|S~RHfC-^0=83PnY1HeZJ z)C$>i>xldvni9Y&9oOwWYwkSy4)qMK|AyKA1`htlnBae72*|$(Q7D}7e-tCZ2HM2V zyo@Hv_H57Lr@tu?oppki(2cxRO|*y`)KrZc+iAO`o`#Htj@yNxK737IMq`bq_ja8X zHy_K7P?ac9Nz-8_e<(SG^AGB+Y3@Yh8~5N_dC6E;GZ`4ere8O#{1#C4S#$wx@D!n?dGu33Rq-bmLiy(}gp3t$1{ zBj0c&JHO4JnNQX-2ZTfE)ws|X+gyehu+d3Kp*j#UOAc@|%N>1#jT~#{&YQP{Z$;CoZD~nV@#h?qmb8+nE%2o5%4@gkF*8>8ypsiBok)UcaJAg1*x41GqDU# zB0nDrkZ###mwol>$swpI5Fw4S9K8>U+z0$U} za<+Ho(iqg}HCyZt2*wp0e`*u=V|7h&_}s;LP~u))!1rRyxf|2eAiB)olU`|9#dh2L(zu41>Wl(#$^l3u^^j7|~Xji|Btz2E;Kz4_U=0I04 z^wC-ynx%VNfh+qzJ(&svzV4_XpYzgwMy2AatB#AaYXdp(sS{IMBwD!#4YFv9MPfu& z(d*y&N7LY$Q0~}t$#dJ_BaipnXul*q{0CF}a|<@o7o}ZZ$@${tH?o-OZ?E1&fKNEh zc|4f47K8wQ>u7@sBSFVg3YjVF-`G(qc7DFLtjF>1B&0yVc#LI?{w^W`?X4l1 zTsloXfC`Pd08HXLUIWK;8JAsp)kv`gF48^fivh5AOm@s&^igcdnnL5AiUBb zlrrR+OZl)kiZ19+z{%l3e_Cg}Qm!^wjUxjgyWKYbkV)fk-7(Its`kGZ^gy4?6A=#;QYa_5E z*Oj!;^ZnJ?872m(_C-D}Di;-M_Fxq0G#2QIi{5zX{rnw@Qu>VivE8jiZJgVuI33CY zBPxv>4HFP>#p>ji9^ACXPessN_!m!M+7H2NEptEL=YIXc=WCe*r4uIdN4t>ceu&R& zSY^chtv{r8xx%jIi-q=d8zLC(zUMvUq0Mhv18xjCb3e6`OXd80^h2fbgrH+9-wV3rx_DP?=t$|h2cTZg|FH(c<;Gy`A@6B5z z{P&#msQTgT9`%g z$22C!a5)843-{g!1O=us??l%LJ^9SFma~KUiA~mLTHJ(z<=^N+4_a{a*gRT!CZBf7 z3~EqjTm=XN`<7D&!CfnJ;~ovSpR7VFGE}l7byL}5unH%H1?NW^A#cg`K#X>et3Qs> zO@^zUtYN6g7!)t)lDq1mKnWQrHG)G9zvSePR|NZwyluB@QFOEcfk&Udysp4d z($09ga%Wr83ODib+~K^@BYPCX-O?6?MkZzL8jQu3ennB|!jb!Frbh*_wjxKj3qkb# zor`XLeAqEhIiJ1=mn5AvBEf@I#z;tXN{B6q^-*?crkusl6N%tGq4T2|fID&6ov||c z+fuERN@w~K9FK{6Sr13P8C=fZAwV11GlbjIsx%3*f#4vS&2#2`UT$`86J-7|{NEKl zZXa}#gP>Aa$ZgH!IMb5&;b&XooTCE-Y{3Wkj|K3!-?6YEIacm{dnGX*V|`vtgl}fJ zYo$QEKzH^#!S=Myk2?)ls?POwcN(nAWm4V-hzhT;170DLDGujcqqI?lnDd7&M++p0r@BE>1J#Mp(j{JSmeeO_*h=6tv zG_TQG*T^*jfUEg`G4`EdQ8ZoJH3JMeNzSMUNX|jhC|RP341%D5Z((xs;ldqy3e^^g-lq@$}%*jm1&$+RTNbQ>2P0AVT|v|L0t%$sML?rKW`^xk9!-yUy&$pWG#5&g%mTU zJ(11qit0@avJT7cO>aE;dN9=XS0GjFSH0?2r-X1(EAJ`LB%-hTez~%G_=ETe2W+qv zpYa!ZDzf6Uu)R^HsWxFvjYb6IJrg{+3Kp3styg$kUk2{sWyOU#a(a{Ny3ti$9l#jV zkALp)ZOMCyv-k}4NZjV5AV~UVP)9@uH;Cp-NGIE!k1SLSIvD!qqxTNdNdfJ>?EFEI zzY>UumJMH(g))8iY%IY90LMSzX#K_CE$JE{iShS0s;kGfT*J*G2J~2_xc*P$7~{en zj*Rj<-$^LJssraYn|jZkH$o!uDedJU zkFA-d1fP{dur1rpB=D>V;2Bebo#{j@QyQCpKzEsb&O_Mf^d*Y+?&h!3(}>Jwk)&{# zBmXl^Z$y<$+{sxYWvV0lZSO-v1kCe8@(Z z6G3W0etf;K2{o{1z4>~-L(R0`xrGefq3_QLwX_H$%f>BmCKT+zuWl8(#pCN7Ey^3mi5ecMUH~+?PnTEQzs5HXkZQQ{XdygKP!CHCWKh% zp~R!nezKKmv&5Ju?IPPjC6~JmN4DPo`!(AT*v-0wAx^+T@3yrgP=EH7fM?x)+`m-J zkDI)8o>CM;_}xA5jb!O8~^PQZ}VoGP`_$5ZSaJKGt<1d zT%sH4Qn$4Gm2gzCnJ>BU#T-v02ER7K1?gqb*#As!>p$k5GhS4I)}q)q9;lu}+gTYNwWYz(amFa77C5X# z^q;vA=@3?|y{`SQ_x-!4k*uGyCP;c0`Px=Qy5QBTjWJe!=tu^wMNvUc@ zyG;S`zLtmaQC~GHP0A4o~8enOE1GF`XD;Wk0G^VgZ9~;P?!VO7o**XQ7 zb=2I_!rJ1W$4X?6qNRIsDMZ+IV-~V@-Zs28oFQcO{tY#|uzN+c(eSH}gh|ct?=R}{ zDYe4(VOToTvob4t0{q|2IlLXT_C)1aKIw}!%@Npdahw}jY(Qbd@XHUtE|cM)czVNQ zaNw65W>@D`ITKI8btPalEBRu7FX2UsoZ??tZR^CZet7)$eg9@|$GR4|G^T2N9ap}q zyFOT{=8nJXYx@1Rx90w-cp>X9&{7XLeJIPd5%*on<>k)-> zW`94`cXMY+RUdLkI>0ag)pNsU-1M5V@YiG=}eGIJtJ zt9F`FH#EEEaGLj6Jdb`(LlhUQQ{KCH_e$|wg0C2S%cHlLSuGyj?OJhBZcxgO(`u^qElfGB12NV!i5rJcJX zLx2*uGjGG;*Ju*xJSOq1cN7zd%6>po9L*_n^a;e*)8IfU_f#CPQ@C^(e;hO z7UlM<+^or=IKo#4$BzLBLCgW|w1*aJv$K#|naQmoiR8s<(Yv=#DO()vV zKu;$&mUIZnp}2B+-jVPgK3Vxv(j@ABfB8!w6luILRANpvvy8L({v;@DMMKbL#MSPI zOs)9DwjpP|^@mLMd2+f?cAyl--yz(y@wUEEyiULd&2bvCa~(DzfaVkN99VeD1Av&ySYOjTr_a^H_*pFr>!9F`x0M zG7gUb{Q-F}VxMz{2N5;E*0Ede2ao~#H0`=iw=|fs1o^R}W%Efu5!W zM0}?!))5FC0onQmcL79YctJkSL+7W-$&}-Q>r}ZdyuOyHxrGBv!1J+NCrB|3Nxs<| zaxr3e+CfvJhQH?v;f2bLnI00$7bBT;C7#*KizWBrDvZ$$*oZMSm-{>rG+81+c`TEl zZ0V@p{@T|(A4r8;FzqmL4JnhEdBqXe!YX>lZoB9`|7!W2%7{(4<%Ze^-c)y8aQ_w@ zMQ0m5T33Be;c_JnyqpVfad4c@I4Id|P+6Bl%69PeJ$=LUU8uN>G|9;25xUD5rcF$U zqK)7w)^?_XX4WMf9Q2C~B4PXTpI+9|43*ZG!~zoJUp-*`WwV7g)dSM2P<%VISHPF7 zZWQ|01BDx5f)3>(@5Pd>$3;*?0S0x9`b}`Gp%a4d*gABceuWCjk6s0K8^h52@l%=~ zzd{q@%{(XQA0i<{d3plho05&(@@`4d4nKaPVY|)Bo@?&o?^;|K^|xmnErG?a9Y5*J z^B#Rn1&(XvK$F02ByG-`fFsC4G}J%D)i(83&b9TiE3bXB2AXM24QJ{e{>g*P-PT8} zK}^fC@t_%ED^-aUewbl7Ry{cb5*1NvR=bi&VELY{$}8wEtHk)*|FX zcUD-EMUs{oOkjIQ9=^3*dM#>2(1~uKxGi?*?8K z*vKEZytgYmW?I54I49qM2+UHayIspnW8B|-yy!7>`WH4T(#k1msP_PxgDSz4pvq&| z<7MPKI0j-jgs2D^*S{*_po15NRNOH)Z3ScMzwZIB?i2#fhG(PSGroN8Q)$L(nD3KQu0BwAL z{V)7A^z%Q7g6aqV384O8@aIsK5N7@S7V0+i2z2#7K-iZl&#S{mD|d8`G(An&diUk9 zysUDq8)@P!s}*j)WnRw?npglFBRo~5`Rir#Lay7-r(5scq95KXx)J`;Yq8IbW+8=r zjK@w|QJq1nTi&R|0nQ2{Af_+g6VDYwlowAi0{!6UqcY8^)kQ7$qL&4kAdBOq(|ej7 zsx`4n>d<wt{ic97iUOrW9g(?L8gy0-Je3%p*Ajc#S5&RPo5B?WOF@d;dOsxlzoWQ}pLa-3eN(qvU= z%2=snfPtMZtZ{KMhd(LvN%q&eg5e_7{Q9MxPqhpg-35OLsq)E(?1a zN#W!`A<>_9(^<6LI*7yl)_<}bD1}r7wbDwD@`L=xkA>%Xxot#nkq`BmMjtRaP;Wqe#Ts_w$S6$&Zdo+e#EvO8nu)+k{qA?F&XH$I zf*Q&dMAJE_k+Y z4Rr;3L`4FAg*Vg*H=$qF^`VhVGEzPG{zLNX62d4wiWUmH`2081NFKF(-1$#` z+hzw}^P25qRUDYE0EEx<{TES}ZBF7dHcj(=`teZN@tIF(9lwl`|KaPYlDSWhxlRSt z?!UmWE+|NeX4BqRyL+Ghq|~hZdp29k-B5R_0_lmw^t)Kwl*y7#iWBTX*LLh0l^R0H zpkx**pi&6dC6YFlY_772hGDvi^l<|6*6#sb6xU)o`P~XF+aGA12Wktz z@eV%LP1!ti*6dL8JG|G0c?Ip4qV*mHl5lt3^URFA!F^a%0>aMdE)HEx-h)(9!A&EC z3@#~(NTg*9CXnY`B?(wRoqkVz4(q}qg2>;qhpQrd+9P=%?qFqLrH;n5XzhuM^{@GtH_B67EE7QU zQ6RM^Ay(=crW5E1ILWGXKPU1cq)>#XG7qNb(8=Z#%dTE}kKFR5XvvU)MG-HvfFfk@ zi%T#xwSsjP>T0@<7!?9k2;MfPVUJV>qX)Kr(^_5(ODSWMY53=M0ydg}hsiy_To$~Y zPtQC;!^mJS!b5;@o`-f%BJ(d?WPc#l(;N#jUObfSzScd}r!b5{%x&CVQt-s_O~T9U zd{>aZPA+QMy~;Y*rP!du26(JK<a~jnB+F^gd|iMATux6c^tndD2>4iUJ*J}T?k8ZOqH&aB0n5Qs zDv$94ho1qxI>uN`m^-iAy7mGW6&SdqtU>Uj8>StIobGsEHJU#y9c%Rl#6Lf=U7ZSP zgE{i7p3TBJWk!BnLg2<4$dP@V6mW@hj%HTA(-Fk2N2ZE}x1oZ6aeOz3Fm1*|nV~Bb zlU36Bg0o8Dr^~qPZf-!kNyNS|))5Z)1+z4CX&nEfyd|yG3tL#&1n|iZK@oIs{a_La zO9ntIPXJuu&5PrgV){~nQ;Xi-T$umYNZ1Z$vK1_J)nsT zyeu>_PK>TL(#qh7y-8R?yln}Nrg-xOK+H65W5H{FcpbIPgm4yr9M*T;*@PN)| zMu>DxkM>-}b{}?5V1S}P|Lst1*l^_smXS9+5?kBKyo+rwT%-}O^@YQnic`PongKZ( zNZe<@(d?-W-3Murt@I{&Y_w3hC);^CoJ$}BM?AaWxT)86yvw15Not}~SI#tW8Tp55 z^|N_(x#~`HI6YVR*3R)`jmZN%QZ^~mB)V_1Ls=)yQ#F<=EqIa7iz*lnD$Y*A!;cOS zgQXSjc|#F6u&z+r5KLCuWjVYbpKZ!k%S+z)BrzLo{`_e6v~pY}uTy+QYNFJ#dpdJZ zI`$iP;jpClo6L={O!BZypto_uY{T1bcIS=*alNb-?$)z8zht2}t^)5B-;C~xygf3T zUaGQ3AFhteF21O`daY49VVC+=We0Rz#2OJQwRCWF)_7PSvczxz*Q;@Xq?rX-PNvC* z_w=s&B3NynH#)tjuzV7Bbo(Z`sO+4KP^3Yz|o;coSU z4(i^cWhvsCXhF{>Yzs~5T_VZ9MV>infw0*2%MWy(2Zkh^1TM z8$+nsZ^{=fXwxo`F?PiBqOz*VA`h29vCa|@415;s^Ly*1e?s#};Q7)p8sDx$U!pyv&Jnv+O2xp#|0QYmxl+Xct(5VT z4?yqiSmVzJsim@jG7o4(Vw-K)%f4t?G`nAg7E$T@O1JoClS2HW6DaQ*fbF|3436*N zsr{tUOLL>qUraPf)jMVGM}|j;}`+F`_I4SYw8VXNVP?H{TfQ z|4Yj}dwA%^`XX^r8&Vg3*f$p2V)JXJ-@Do&io-8NS12H7CQTmEP-zHhbZ-NBvk)PV zws=U?b?_C%-RlZs|4zr}Fzr&=@W-n{FFU^3D;WoCsgWm6un0n}u87#LRuX#@&%`Tl zA^7S3I>4||Ud5jd=uoBz7rWa8FB7pauc%OC?_GamZgRNAB5@1Q;m73J*FmM@y*Of4 zd-_f*`da9He!kR$=R`wFbUB}X7mrTaxHir4^olNqO)^609pjeOI1seD#VFRugjtF+KZ+|iHz z!RVi>KTAiNIOnXDXN_vp1jy1mUh$E9isO-)y)y#!>G+~gO<d5KbGT1X~B0rNl(>aJ0y? z9|F+KOoXFfn=H;6ldp*9DIc2hN)$=~uE`FAAINvikQNQkU5GGNlVcWmx6JXaEyw!f z5Y+7scM%*U4SPaqeb9D)GLV=8m!{YCAT^BDiK-)Zd-GeU~2RFW4@}o8NTsO1_kFJUE%XjD`~}MV{Bdv(%|NdJMnR ziU6Fye}L1-fdE9*`xzRyKG?oTS7(tbW$0+71q#g()Aw(Od5PGu21|5<{b@tFxb=P( zim4(ZU`B*>H-OM{y4s6YdtoRd6AHHdT4rNndNvNSI?yQw-_`2neo80eIBIDf3O-Qe z1@Fu}G_^o`cw>6g=*g(1a(0F^mJf~w%#``>WNn9a#lxRS3!^IDwf0jA=y^f{48qau zv6sx5HK1Nch=9|T8nwfcV9ymeGKLnna${)t<`by|cq&P>$WQ3Vm;y*wEaRG%l$NTA ziD0n`fB%q(BlgK2P*n4pcSHL#&&CB@#^@4j60r48uStMdY#D4{ZZXxK5s!v>7^(q> zBNkffE*ca9$tTcmdOt4MQw9q;TBe&0RwpXzCw?wG)z!M%ZX3(;q{RqCO};J~?F=oD zF%;pJdG=$*JGwD?(&en{GHGR|U}VM~^)1F7Zs?QPpbB1g5<=_u_?)j`A@F?Pd&m?{ zd8_hSE-5Ln;{x%w38h|;f!A4Q(5L}LcYB<~0Q9X;{w5LY@ zQMm5p%Hh7C9EXioQ##*~>cVZm1-OUcUWN(SXj~RR$HkLv3ZgAT{kE?J-3z^R$_ZO1 zghjP)dRbhL==f)^oUH{tG;!h@j(Y{B4Z}X<43=1ht@ode3>b#`RXXe`lb7z2R>B<@ zP9{{rGWGjKOSbpwI>H=h-?^<{-o@vLc6!PssN@vfzv}C}H-30nRgp5PKmEG*_m74+ zrImv>P#(S}S>S)V=68}bs7!OnUzmD=$p!JM;M=edErQJ41P>jx+t;Oa4N)kY+DMU= z0ohd>P)@vO34Co$9`%wwUX+mme9d4BhL)LfB>9+hYR zG$=M8J$Ir@mlSp?yxzD;;7m$7rAmK#JwWnH(LA*(M6NZn>1C^XNeU@nO)h=#ofA_6n%0uzzXQQ+CQ9|*!B!TA<)q% z(c5qG93|~_4=e7GO4MGxfcas3KEHhtzWf z4>ddLiYn=$7}&)}r5x|76&!k*t6X!9b1=DWRDCSv$4eHlgN26M$O4H_9B1YQUTQyt zDUqK2y-b1VG5w;Jzw()0O8yx^crRWIZb}xI;(j}|a-JL9X1djL*o4(_xN-AV8U9g4 zDCKE_b}|l`9}^r?P7b*9q6FFWML@o=KxyfB=J>hakmC-Ts^XXx1x=z;wF6Mv5C7~P z5rFe@jR6okB1StewJOJJukF>yeU?@4dj93t;S!Ug?tVrTpFR<|IqUq{pDvh%+ZWs{hElJDAt&pFv{oX-PsEY zNAFC_R571FSZLf5a$s9O2v6c+1|O`%bR_9j8(|EQF&DZ!iyw9gG5PtC86@oS!T|3| z=PO(kJL32(cy{PHpEx-C;?d_3=YQYE$!&XQpElL+7aod>#{k323`9x3IVzJD7PJb) z{&_=w-djh|*0EipYwxOt zKVv5EKz<8oM?t~@T9%bK#E$@QRBo)KF5Vgme^ z=01)e&i!;yfTMb{X1DYkAYW4mlnE3~$O_XArA<-$KK+#9IT`=8i#`9~0t;qqzu83f z@=vwf7XYDQG*^oJ-~{sW&tDfefYOb9MokafJ9r!2mu^9rTVy3Av+qIQK*0F!j_yMQ zgvvZm*oJW<^WEMNkF4?DUMY#J_C9VOh-9Ur3F=Cvy1LG&kPXI) z=g~o<*Dl-~jQ^a;YB2|#q&$@M+8it9(5gP}%w>@?6SOvc<0TH*RCVewsdtxfZ;f&T z8q#S=cZNnv;x{7h#43`sn)z8J=TS;M&@j5&q4e(Un3Sp@ZIGp*N@|p@s|NW&?Q;<&K zEd1Y=JHwKkbW=Tdm0=5*4~~^Q_d-GAne4kYFEv8CR{4IfgS2>!*>5Xd5B!Y6zdL|y z>9X;U9qs$04MKMD5&Yfu50d*H$9*O}U7uwR@Lb>Kj|@_Tn?Alo*t=6-p#>$KYrJe; zSzzB__{&bl_?O#2Rk%p6=cjb;Oz+E5Mw6-}e@OZpn~vn@Tl=%8UA;oSeA!HHThUqh zJ{9UYN85t&O8MO8X1{j(D(HoC@R;O=Tl7;ItT0xoX!IJ^=XLhfN}Ff@V;j#!IraTx z7mxOnYiS-)U%78I&Onswnxhl^Z=>+_?)*j%?pmewW=GKHNERvxxvH1-rReA?w9YpM zdf983Wvm+?eWRjpqMLpG#y%g;YhnJu-!Z;b8*$qu#hrmABsM|J^^d#ZO~YxnyxY5N zHy2hp_1^aoXvoklgghC_Ji9%qFGrSX->D;p`>|KAtLR)VZpXo__cx_lJQ1zEWJRxY zXg9HtshyQ27w!^_Vl)k?J|1^H(;YuJ{nb=^1=ckW`Q_+>pqDC@Ntn&t5wc+LPWf~n zkA@;wRsmk^WY~tQIJGWcBQF%IGbp&=rubR#0T(#@onSDTiFHCqqx+<5>`v)jaUHRc z`}*(0!zmnzlIc_r1u1&{GxRI`ep95`uj$xH74^(3Lnid(!A2E(r zm2rd^gfq_I#ZZY)L0%tn&NbGd=l7#5#6sWml$77uLyd50Ujdl{{t<191GT0E1J)+i z{t!0dyUeK0LKmNK_?Ok_HbJ`wI5j$m0>=arI$b+ONh%hdmI&}jgH5Z@tTmI5{s&JB zGo-q}3)LYjwFA8F?;}vB?C4K5l!VX{_jFGyy(A1YTeFwpLjcNuTiH3rFw`pVTXMOt zUy>ZnfG%x?WK^ogqzr!(U85}OJ(2J`^<1u2RHWs zQjtFX%C$G&%B>>IrwC#jiQe^=&@oVP+?pl+>r0w?ewfQ4SE=7is&$&J2ShYXlP!oK zH`xDRbt}_a%@v!K7Tn-|WQ%-t!{H0a>JPYUsUseQ({tMe+=uCAEdZ_-k$2Vtc8V8>pFAt*J`x@InluUNKjb6WFsaUg1jdJ?^uc4X3X_fUq4Do|w7N#G;kSvd8%80!6 zw*R{^zCw&*I9wUlZn~lOh2c6mAmL)By_Fd|3)bs2jKxqA@0DI6dUU?Mkh#@($5J-^ zVbK#D&6UGel_z8weA_ipREBM@4s(;!V-j0cgIB$`7iucvVhVEA^9z00aBpD>alLP< z`y>bBSXp`a;BaN|cIWaKKKR&k*R5bL`p%U!0@!=_=pVX~fTN-0BV(z~&gA!%o+`y3 zxkZlU7~j&3oOx=VZc0aY5ueQ1)JGR1)Fm!fb?Mw78V88ad;hy{Cm|QJw|v8T#N6|E z&zedZcAztUnjr)c&YukhC=+IppmMF|i=Iz3r=4Kyr8huo z02Nx~0~9w^vVfUuB>Jr=1qzEk^_;+IiBVhgM-ldq=2L<)yq3&SagdBm!=0{v$8U6i zuVS`9$H0Q{$=mT@vv8qPd0Zze|LK=iElEX!JuJu8{<&aoeoa6&-HjW3gVjh~tiee1 zdnQ1BTb2~g`uesPOYk?>>+0n{N`TH+2iW}5>UN8_dCm>Mcc}`?Jm=YkncW zhz}9N!%zL`&KSm8=Bni@;K(%}nqmB}DTR>`ujUqlH%^U;Fb8UubBq3T^OL_gwvJvV5X7qoUX$~$$@bZ>7^-gmfsJo zI^eux-IhLKBy|M92Fu}5jpr1bef9cE8vc@n}021pI&y_{(LyA)}Enw)Kr6lK-8 z+~>whUGVuaN4mR!?Zg<|d~lOgKzOG#tcNu#9D!;YXC;}+5(3nIn!g{dn${JSe2D$J zboQ!XjF|#BTpAntMuOs22oc=egY&Ntq3RiWOHbB3*0iTvSAk>h-kiyy%LjT6SKLwd z!>Og`-sbEzVHHa!;lIR}aC3)Y+RHxX2Z-O@-`vt6TFHeQRdRlgL5sN%Ign3G@xis< z98`%)SeTW*T7H?sc|>0>Z-AETO8)tD&<(rzZhQ}OVX}fT{D3A!r{yg3T@so8Zu%EV z@!@D}q!s%Yvf-g`@iDkJTV0Zt3P~bvc%Dgoa5|r^Hr)m;;@@!ztVr~zqIIhXR>Exu*RsJm+qVy^ zWOPJbWagR)P@6Jf)e6La-o%n2g0pTA*jHZ@mg7SQk9Z$idBDC&L?+u$W~5?a{)mml zr_}3RoKK<}rrTt!?p^ml@nqlJl0c-khF`brGHAPeyNbsp^%~<0Eb21N;)n9KoBFh0 zALF7bjxNsRS$&?o8-**hLIb)J>?3VHF z;z!l2>YX{rd1B+EPWGS7ihVa}bouLigfq8x(IA{!{UCsd)$X5)-em>-RwHO9CI49g zP0)CypeBV1xJuweEttiw!J73NB>kKz)_xZ#cThxw!_Bjw3vw`gl%LlJs~vc<^0~PK zBNNQNi|D=dB=+Y`FG6&H3E02AwtVo17d5`_Y+_PpCiLhbH;51_A&Jn%MaG5PC#1+d z+4dh<5Jyf>G+9ps3^%HoFU|0nJStF@Gpu*{dmQPjDd=kCbg3MCgm^xuvCzctr^n}g zK&u9w&$@oC)ht6R{%dJ>9Kh@|i(BykM)qS9Yb$c7X=bFnq{=V%WNEsorg+E0(9`Un z(`&I(-3daU`p7{qA6y`XE950$vXV+i7_hL8GO$eRQ`Fr@JV?j6>9TpkPIIjDY`Z1H_Ml~9sH=| zCyvloS9o#(92G31qq#$XRQ6D~Y??C}0G+R$+g7O$5}tK>!3rPgXq>QOceTeC_(c%cKBYtO?S@BTelahRekPkezuRa;fB+ zH!qmYGkFa6(-E|Es%tgxFz~@fDzngjPHOxn%>)Ep=(%UpaZInJBwnA*@+EwjkimHE zAUNuMtOG9c^?REv1DKw)&5ewx1%nHlcb!2M?1ST&qkJ;IBDS+?sf_qNC;~rqGvTt! zN32vG=}Fds7Rzgwor`=8gMX^Oq%2?phc?d^sZhw2PLu=5xcEi<-z88?B~oud_}qTb z1xT0?`Z)WT(fGAHas|xuC2-unSCkMG*dJkc_P8X%?#c@oCz1Fl9|x0jCX(~2MVbY? zaUDC%ET&HJN$p3M=@+!7WN*3n$I%$p_fPEGi8P;4VJQbo)VFmvI@dDT=@ZVZO zCZ3mI{a>J8c5nc&QQ*Hl^{-nPL)iLVQfvU~anasq&G+_&{`{#%K)al{tn z{NwF|(BBk)TCr}9DsnM6ED=UImew~gG>m#0mPL=JKq0LAH z+OpQccQ&7!BmCU~Z}N_sb3(uCCXIol#W_OrN)QcL_3){Mm}HFHXR!$DpTA$u4EcGb zGwX^fcj#g&0(Fiwqy(R8@qIquHH~2^Wo8z7t6{!11vn{!a2oK6h&7|#L>$4oj1VT=R2Bxg5SJ$ zkA~v}C&urLd}v)>Xu64(Pp0xtXMO{dll?ML0Y)qTy1M;+@kP1|)N%?Og?m%&YqNaA z{Vr!Ti9MEEvQA{Zv&zS71raLK>r5!sFw522;dIe0cz-)>zbfBna;FQ7tseo<{Gh+i zLVP79{}Z-0ll#y+gmBz`a2;oSlrh~0~;fUbrQCSky=F_^)YM$EUAKLX#oh`0M z1{0%3oMu8kn-e0{&oQ6fpMm4OK+#|31%X9t`Jd{zfP>#0C;Wxr9n+qBKMBXG;qlnF z6~$!g`C9B^48He>4X{)~DHgYa4sj^EQQ2VW!U`LvA~jRj93A@(3_qEbPA?d}l{g>+bcRS!k}*SX3t`9!tf>9tAK74@hMfEk z_~z<^zmED4oc2pTvU|{ix|zwP0)d=T0KIo^Ks*d=P2E7JfBL&en_0wY zBmC;pV3iRl#kcJ-fcLLdN-8<)-38mvA;x$hORTAq@yz__hHZP!!N@s&%!2y5}RYg|uRza@&IXGP=15%OH01gNRj55G0#aF3ZP;=jPk zejMMTYt|^RZnsI+l|h?DW2M{CSOj|7m$?8(+?So7?>rp@dOWZUUw`I7vxk2{`(%=M z{?n+jGJj$nd*S-#Pi~~h1Htc8?VLJ{HL332R86-IwTH`cL;i93H{HOg| z`-5shT{Dj3oOj}Di7(-(d$rf^Enoj^lKN*{J}3y9RHB&YlDqt1H}Ft!SlawVme}_( z-!{V2uI-ZS(+KhPG)bKXnoOFH3?^12Bbh6z#JeeFnPdBLvv8JxouVJkrH^(7@gHIg zx2i)qff5$?&Z;q2p3>002ew`Gx4vfqS|b8*+{1X_BL!ZVFdug5{qlTHb9NQBeipyK z&@MjfEn6E^)+}UiBnSL8V&nv5SfTKSnx0|WtUZ{(R9cLYOCt(_8v{o^jYsdzcI8sU zOAw&s5~5AwHi9g3jWI!Uof;3Z(Btc0Ve4dPmN|Be4^3_WdzrKPSS)nMX^2-Rv~D$g zkvTecphAz|e^V99TYEdqQTsYbf3dc)$e;PgCM?{81cmFlyJjaX64z4$@^To#NWAdC z4&s{20`!X+ln6W-=O@QOxz)(b2dRG(G{Ru+0u^Gp+-Z)Uw`Wj_`Ml`Hqctb#u^28+ z_5_UbnBIUb6LJMd0-e{$WX=!nlii=c^a49(=2OwBy5MbV$vA-* zvG6UFEVRHrSQRp6e?Ovm&F_#}ChgbLQ_B_;aV|Eu>9CyCjbwfnS`m^m{c*wwUZ4Gi zdV|FgE0AZSAm~8L{j1|?c`Up2l5$Nq&5^I9(o1jF_gq6W{+Px3hAYbZci8*h*iCym zO3Xba7GIUiunC@5F&a0{Sbgm}-zc8!+EWAP*!GoH>6H7xOoD|HoTt2XJaQh+6ig3{ z+j^+F+om86sR+!w6ZUe(*2i})x3Frv$)kUkSg!%2(OUAd%%xJ?reP@(*B>QA!2eB% zxTD1-*BEcdpAo;=^q;5X$S|(|!P@KcTLn~)^+!I}nuR0Kd`3$g^T8)*68*ONox)ph zMVECa@dg4A zn}c>92aGpQ{cA=x2{0z|^1 zpU@s2M=o#5Y)(WXX0NCc$}BlgN+5y}u&xHIzdpB|-X zIvLBG?BgxeeUL9Ls2Gx{!9E!~-6?8ZNPjs^;q8)!5hNN#A8+@rSgjGm!xn#pO^vD$ z>N>2eO(%=b=cAWY^LMj4DZug4V(t=~c%F~STo?J?27Mu`Y6arH$|kuJiL2R*KJp#M z)?9E&U$3Lx!^bKo>H#`ml^Nb-A@@49qJg;>7emJAV%=wM3<9iqCh3DS7@dLhPYipor=_vNMe){Cw`p z;9|`XiKnFK*wOqVSi0P{b+zU;H1`F#}op?kb35fNeSN2{Qb*` zla$5lMK9O!%#9n9UtpNeO}CQ6(jHax2X?6d9xs;YVj1317xO5*#u$*br|LGu$-GdO zzz9-Qgz$XRxM4g|qQ0M}$-QpKMj(*%F4I?ACu1P~V8zIZGW~{8$D>?oIWsokjF$P2 z0i@({&JK~+^u=WzsBcgHL~P`o^^Df*6^5qZkI}xQD2SLZL%tqu=-PrnkgjZku0KWh z7bH_I0UNfy#|1%Sne4b|aenTp?ZH*#%Hu`ymJJXe5@4$!nM4m{?$1j)+v{uueuAwZ z9h>rgG7|x%L4+Mi7mh6?+!VixagF@X3@H7nohYx^Ze%uMWI=>4ds#vTRFmeXHC4Z` zUF#bX0L&)I;Y9Yb`QcLD<68LOb$Y(-!+J@Xz!n(Um6m%72Ukd@+rj<~v5$<!&0xW2curl2}0N@TWC zDW?89#Gl7EFNu_g_*8?>g4sr{!pOw#OfH`%o;bI*%Hy@HW@l%B1WadPNaW2_S3qs| zSgxS29-3d16eT9J<>|bNGe6wDQ%w&LvOO-@H2O-FTDpD2D5>;?)+|^mpH$?-?cPjm z^a|@!fACx!&iZ_R@TIeaD46}B+-aHK2lB|K2h~tZ$k2jwUcZarf(R?>w@HiuH!I}e zN~mTE7XD8^y=x^`HbC(N9^mP6`Z$?f`Ll!O2J;3|6cDf{FLb3{OUkyn@k(DDM07co z6c9kXOOJESsORw>-3Hr+D%GokPix45v6Y|O#pn)n$yO&Ju8D%-EbpLM6)=y!Y^nA4 zBhmvQq|ZgHR;i71(PO;nP+bpAd>H|!rJ9s21>v^(Vrw)L8_HZvj6A@@k; z?TzACP@ajO@g}whNid}pUl#E`pdCjn$6BCpcTEH0l~eDVn0Z9sB`E`v(gGTlW9omr z*0Co8lbll}Y@O}`%A(-7nNoFJ76d}%#-FUC|E&u=_=nROzzI|H-SMIEB8d&8RYjn< ztI2^bxy4&?`o+%GAgB1>*(6b4SY=n~z|$zj&^ zsatJaLXoPTAMruyUCtCi@KWhC^i7fvlBX`j#w9>sS3Lze6Hp$0Wh^AWe!7kD7|8x|lJu!HtDF7!5mS^)P`RdDR5~H+R(5WgqKoj7R5AzQ)-d@fP zIp9cK(<)YCcZgFJ2aIKN*AlJQhCQe}B>YGk1FOzg-ySllh?)iyZ z$tA?msEE(Q^TSf;xU_B>2Ypt;&2#4uHoE5XGpWCQ4c^a&h_L!?vCt7u2Cn}tIh9KQ zGTZCau`tZaf7fTcjW`@6=aJ1jSXZY)J>y@vC*Fn>`P9SIc-pgH0R@I3VkGi6DHR`+ zJ*8~HTwN*=Z*HryC4B#=7$t&XFGi`n7W%DlBcvu|?XVhnp1`qDkj?uLj@iZd*+0C9 z4V?za@(kRGK|8KXf zF7EjsT>QW94@dD{N_{_wjRL8?m+-r^dEiK(%_-DKiWI&ovp_tGZ9l|8ABZC=Lx+|ph29M zJ2D!E#qT|XBw~e}0~cL@Du=Ei{u3nBIaKjE5z2Wu8TN(9co!wfF8Tn4nEg*r=$`kH z^}GV8?D=!&wVs!~&;nHJHV2qJ-X2^NCKYpDHe*g8Tv{1b##|t zra3X1I*FBp*T}5%u*K6t@-Wy!fAcAYOiiPgPiRL|fs2AoJy(#VtgPq2A1h({L%UV3Og7r{omf4y~@$_4J)eG}*tdSFJg_n&zhwDSH$v2b{=w?>b+>FTfXG#a0$&ynhZ=t=^0mLK zcz-uMn9U zAA^UCH+WyKIefP3fgwZAGrD1;4OG1ZlUfqnKTx|z>%bh{>dC<7B-f9+yRX(h_#1>3 z^2z!bCz674`HLnp%k^4*B|c6#;cT*e4hFft`g_VV?ET_b$)+e*E!WK7}D}W5M<|r-0jzu zLy7|ejX6Z9aW1(ceALq)ACO;T$1raO$XGVI4a`D5IUO(_35;b5S2$;ImhSZpb=sZ z&ENBBw40=MFNJe&^9l9mZpreFm~lA9uV@jH{_s)hgI?Ep`oHy=MxH)!9ykz`#vFZ# z)~Oih1*h{?-=PlZ%--#Hoxk+A6xq*_ITjsZFIs~<#^0W?;gBm5qQj6Z?)322*; z@vj9!mVgK#Ftkl&kqV~(%M=KJxnBFg{h{wzgs%cw2~asN{$E{B0uN>P^?k;ek$uUQ zooP{H%^Jg0vL`PU*&0hE`&P1!P%1kip;D2EiL!)Dme4|r$o7(*Y}t3;oqFHj|NDR6 z`}+N!-`qL(+~Yato_n5i&)nx65>o$S`Gzi+v%SkkKQFuB&D;AO_Yi5~fQ-U50MIm! z0Rn{xdH)3_&(J>L1$*Je{!1ok_z6*IU>Z6NmDUBRkgxv(I#P}XeCN-iM1f$kGy*VP zUpWBMpEjY+M9SD}4Z#^nE!Di#ed|V}+^{3#7KRTNjY5+j=p$q=lbO3v9?&uYxCS8Z zFX513`(GP>p+e&ek>HqrYd}0m7_MQ6^t-X~t-?pB;dV&e;2evnEjo6kllqOngXAQ{ zkt};VHChNOK@e|yYeuSjb9J`MtJt%2ki~EnEoU~SzJd{Cqu#}KS?xJ?tV zvDVNIQPWw05IB-ye*3Tj@^Lhr`(gcD9F}Zbw0#mJmxQ{2$*I8^R`R3X)j;Il-^A@A z3S2otcLB+ZYW1OqfPUzHpkH$kUaGJy1CLo?$vJdHER{d;QbP|Rlm`fj9U^>p3{u#& zXWVwvrpWwklBKph6G6*XWl-~bxdo4Ov#Gy*XsTelL}~FyM`!-&X7B6AC7#zXl7EUW zws4&;kgdp43sRV3{XA9ta*8J_pzJ88upW=C|7%gfj*{jU?>nqKrYWv>GKaL==y#n)8F+qc5$CpR)$ySh@{A zSYM07cN=2QZ~*}sy$_G>Ps$lq|5Q`_%}byv2td~Ge&1a+n8-qQ@>d(N%3+_?C7OQ< zJ`$^-_Pz}EQoD+CYT{j9+#0yQ-xGIc#Z%XtW%SMr@ZU#&Fy-R%AE|Ph=A4hJ3=&me zBA}e^Gd1%}>&Si`Jqw(qbZ4-wZ_S;(#y7SuGlO%2lD1PI_mF`RXL5Z!u85+Hk~Wx% zG;UAMk~XaQ4>ck74AAz8%u{933t4yEO(h(C89oUs7EMR2z)KL%ZZh* zw8H;6Ge$Wbn|X2@Lw~z&CTW;iE?`TFd_-Jw`K~SwNB{6}G224(+8uVC6@8!{m&88a zI)YCvSGb0sV-ySBcegd)rELa~tZ$iFcywKp)qSOxapq3T_XGzW6hFW1X~M>eeGC6w z=8z?GTsqW!I1|;ofbYlM{NlD;;OP|wTcuW$r}WY~iR$jmg`$^JYq#Lh0K8vNfw@3M zt*E`%RUKimRX-5LYGBO}E?kJO{?IE@V5miS!S&s6WRX$dzZId7`|?`f5)x290<2S+ zvGBL!dl>2$mFuf&`6UG&lB&b$2YMuK0ppIx2s_31s;Nf+Cq?gb*MhlPowB(Fihpmo zttDwnFt;U=e}w*Ty;cP6x_bK2nkdqzqWG(EJ~N?D#R6OneWLu!BqursmaK0qz+@&K zcy76iuDZTwR$|36yx+{;0iNa@D)QQPeR|Loq{CboIG^at%EUE6P2vLVjMYyO<*>T7By^Tlh%GjI?}8&gSsfP-Zg2 z(e>#oB5l9z($rTV8{}mtf~+=Q0`BKoIwu~%w>QimUQd}n1<(a)Dipc;TLS*R5wH0) zU+o}A+yYLR^DO3Pjuw0GOC4$I>b^@yjp%&Sn7(sN9ZeOF1-gnL*^9GG2?RXGdR`}2 ziQk8tv0aM5P!Z(Vpo#T??OjQQt@R8-NI7TApzu?|f24F?e26Ff1ReFTaL+Kq3d#GG zzUYJxlaraHNwB-+DI~rm(eB+<`ev~=3zUGGCbKQhenD&fw92lmTl6CZxbj5RwGTp> zqo7=TQx{gWFJ*Tw-*vnV7{Af;?FMP(lyu$1;RUI$z~5&62#9a^=3`ZE&|d0hw$ijR zEvoFX{$*7RF!R<~f5^^(E8G{Hm%&nni<^2UOTgHJs%l^KQc!7}XFtn$N9f?2LKG1C zQ}3IrUbNlM7VawPsu>h7et!{s<>OAHP zLpIBShAQD2uU?7U9S3q$Ye&IYrMseYRM6T^FeR{Htq8K-NFwp=PO8n%*406q;`Uk4 zGxty`W)>53Me^^tA^;4#Ieg}P5mau!TE5|M4%;ai_hz;U z?X_Bma@THQ=f*X9#^K!B5Kq;lNxk6@sOyNH4jQRpA(Kv5_fjNsk*X_0Jcxku3R7Z9 zzlH|3>Iq?F1~;Eu&aj5#)o|6oQW;Y@n(YA}v=q^%DAFETe~A-vSMoT)BDB)`8n<9g z-0yvtmij3P;!V0)^zomx^5>2r?w(0*e)JS~AY)mT*Uxn6oH63eut5PJ|qe;6g0m_WZ9nX2Xpv~i00Jn zC!SQvW&&kf34E?b#|P3Iq(}gjKn)5VZxky=Z$!mLh8(YxvSdOnaQad{LKcX4$O(FM z!6(0$^e^?{Qyj)9uMKiKous>0%^v5{W`B1Jmg)gUsUk+s=qP_qF^LWzFfXvXXS`9^ zdK@L*{P-{Z6meW=Y`p90us#{nYP24Gi{HDrWTxh)W=f2XEBEH{YbP%W5Q5ycgG(-t zj%u%SY2KQWN}O~ms8*N`o}ZKu&QPzKFCx$?3wDW4UcR{A4!P!a9dL+8kb;psH;*)1k@G zN2YD4X}c6!+jCmyozJAxgrF#Npdl22-Y60L>Vhume}nvCx^LR%8oIOp5>bF7MZv`X z3Ova2)5y7YH~`8HvIP>40n&&l_;nAE5Q-!W&}3j(jrJAZo#=m1pl|;V zAc#QY0TP0)H5wuSMD*W5w79@OkRi90Y$Ocivj3t&mU+IBc(0xQH~*p#_V2tB|3yG> z%>R|y-=N-o|3p+Y9=DF7MS;y5jgaxiWi0@VRpHz7yw6qP z#GYg!zi1HYN{2$#$58pqqOSvR&juJ;TYWuFYnlUQgAIFrP6QD1K-wV2M;w;b-3gBN zIOsx+IENxx4D5NA3`ajf6M3DM*30i1K)52R-zEB>$f_gDJ^&sI0+)=g*2-QNtLJ-Q z+8{>c<3K%I;BsNN_C>PShI%+7opexfB)_GFT8dj9tET0w{?rkEXQbiAF7fMJX+@MX z@7$XvzTFDjSx_8f6A2Cw&`vEqG7elVkweABcSm{V!QBiy#(60TpJ)MMz8A*y{|1|hyzR-(~U1bM=RUh%~G9E*{!po*jv%V&&{Rh}u(8j3R9&DlP_RJQQ03 zt2GrY{3N@b%5Wf?Pj-Vkzjl#J*9rquOl{88FQx$3P_5|?&55Br=WF)-Sby~8Wx-V6 z4L~_URrcF67l!-X=fJX2&c7af6M;uVN+O;Vi{*p_+~~;_`osCCR9LWNT;P+3m+-?| zZZH`K`}>T@ghBJQ{q9$+2IN3g)K~yAt8eHgzU*rnUER~u)x%z5lczRQu*Y)ZN=iW{ z3~{7kf(%Zq$^zeTT{HPghUzA{YjWv(=-^=%cwAPdzJ7_5teN&C>3ZU5-Jr*9+4 z)kS9mCt~wjMW*{w7h$*w%a_t3m|3!hVK!~$M*dvcQfcw<^m?IclM}k0ZzB1o zxeI~JQSPo8=0=;F(}zHPy}?7H23Sv)l8_bJ$vN;zOglt{ovUPKyV4A}bsGC979M1o zy;S3{I@|G}jEMm-&HBDp1a(r?BOh)!1p#foXbGy;z>toL^RbAA`LK2)R9TwE7>zm~ zxE(Gc>%F2I^;8DfOh|vPqGN>|5k9;)K zhcg-%+romFnt5*S(Pr-ZDv>2JmYhW37`6we6SL41KSyvE>S4VYxo5elD&(vo#=rDb zGGZc=`^Y$CyRQNDxH&65U&3YL0$WYe+~~o@)m9VXO=k|Izb zvogIEeJNiSJ$uvYM>MPEyE2cqBPgmqyF;TWgPo|bP=Pu#`&fm(0KKK{Qt`|s+xn3H z5t+-m*L5xRy0}xq+~r4Tie1iO{QX&2Z5Cg*oA~0&oHmiIW-E8-M;&(>It@d;g9ov^ zJHc??_LeUoeJc<|D7LA>N_c{n&)66T^}WZKi}JRCoVxWJXe$OzQ*STs)!iIExwDil z;c|`F;%RDrF*8N_+ovvbjYY^i|^xGSM)-K!j9RqOgo?g@p?DVK2hxZ&>X9Gi z`?=2nQ(h*J7{rCJd0l+ZgQYRHqT0WDF-vTDAva$WTXn<|S+-b}r}oJ>@{=6d&oYy7 zvVO1}yC7lU8#&i6BW{PkH5KnZ%Q0ripjrLZ&8`XFiNzG~mwuAr8^2yIrJt3*dy~&N zS6bw;$NI8}<@o()@iAn^1Q%GRP);hC{v9^`zS}j7Y?Bj5eW^$tD@V>~7rK8Unm@N} z5BY=Y??so%mR%dWKbVm+6mIde72&l+wpZM}5aTSgKZ{LNvTfy|uO~n~9YL0T>|~TV zub^6W8nYBMs-GCKL`UoQ%c$F}yoE*iyFF7jV>R=4yEsj3`*I=iUWTm)g{&#r8+}F! z%QniNt>~dLgKu2(gu@qRi0`{h-;vI~9n9K4E@)6u-9?u z)^)`*eKMKt=cLrmK~?+o1Wny5*C95$8CyPFI~{Ht-8X|4>A!j2 z6HLehfFX5$K3ck47JvnLAou8+VHh%oB_mOa1QH7~00b7Iq2*ef8zXE7vk>to#&u2@ zkN_Av2c&)0UJLR85FkkQ7x=8n>=A~5dqqfjL8vv^mNs^ig*xmf{6*x=sv?a%0nE%i zt5RnhO!=(D+A8yliY+)#0=OJEt41j-n$BeWJkC3kX4{pqR AV*mgE diff --git a/docs/en/userguide/_images/02-01-2-grace-period.png b/docs/en/userguide/_images/02-01-2-grace-period.png index c8cee60413c16d3bbba9fbafa0bae5afc5f3dc40..56c997ba5d0fbabc64946a94a6177bd5e4e0cf8d 100644 GIT binary patch literal 70420 zcmeFYXH=72*EPCBS42>nN(bppML{|$h=71}=}3{@dyj(BZlx2Y_uhL?q)2blJJNdz zH4w-by`S$H=Ztawo^!q*?+->olIyzmUTf{O=bUTpkT*)QB-ig<2LO=By^>Z1fC&2* zuapQE`|_4t=g$koSylEqWU`CLAN$WWhgaIp01%V^`GbJ?#5(}sT)ug&E(3I;4-QXy zhbEJx4vkO$?irp>$Z6c#J>1?sSXkaDs_9%< z-+7^C>-I4=B0j&Yv0KynOI_>W$H;>9&As8t#RKHY;>xDBU3hkR>tmO!@3nn$&>~i= zHN+4oDXp>wnyGzo*jw2m%LukPJ5jbGhGo}8Y4%KMq#G}JvXzOuI6 z**B(X>f;j}pHtEhlU$_d5IMcDQH|*98k)Yk!knI+lNrH!XI3RVbFE>GAHSr;r52mG z#RbI`!!qmMxy1YvU%t47eEZ(d(J!*CZ@h18e*fSY(KXsX`g>w-b!L7wDy4d3XFsI? zzPzz_bbNMsb%i=dE9f|96x7x>cTLSMxjN7F3{8|$inNpdvHc!O`C;l z*c$_n%7&j_pTFr^LPuv;GE16gS2iy$F4p&s46Hv6j?NTU{fJ7)Z|?ZDv451BS2MG? zW#%005eT#O{8~@}-`qd@mR=eblNB7D;r~z47g!EZ@;}-+UTR+)PVDQ1BH)%)bvi|f z85L8dV~s}T%_bFDMfGzvQ!RFNCnsmf!{fs>Bywf9Ks`NGI(Bkuy1o5pWo2b%W@b`S z5)z5*@9!@tD5$He8yOv)o15$E?p|12U0GS#+}zyR-8nis%F4<@p-|1uaE*{0o9`82 z-|~Dzlj73L48jZhCl)sL55JbSw@&XTx1dFWuUt!iTjo!f{@P0FSo_kvbj|fAaBTCd zT2M(Eqx9)|7&gHAsrPy8ujSp7mi|dtN0dUEH1$_<5DMTk4G-hE^zt+uDlNO0Iwm&9 zvieh>B?&JdEG74RJ47KrG zU4mzcu=68FaGlo2?+qH<}Uh=Nit~e0U$N7 zUT<;lrO;ylpvgn7Ly!Nlv%oHI@r%R94!*tcFU$7O~e)TcoJIQpL(|9@kOveNf* zhRJ2dX74pmp2u}{_4VmaGys5@@pGBBt(m14`_3RTkUwpwyF9g5yHhPnU1vdi2kU7Q zrY}(qAJq$}$sn4yD0wPT5Mab-%|q3r|Dmg4()8WB*y&pyNrRE@u-&S+e&y?m4VDV3 z+q=3wGdW6yOXOSBjbB}91n2xQxTF$CrQfD1-F8?G`O3e;N7-B#nNH4z@Znp(w51X# zbVF=dxfOPJAWzd-L5@k7PsFZ+4J9cVHeMFL5JEf9YK_K0_)rFZ5rA$(s`V@hl{pGo z%7xCZelasMQ|{~_mF%LItQ~w}X+YGgD9-YqzSL8uIqBWDu zJ32`VU0WQf?}53Zn$^K3tA02tfu^$hG*75>WhXur7!>Ga&p zlPS9B2-kI+we~z`tKMDZQLNHEy}=D94GBt^U@=Q;SR9bhT6M=9_Mjm~?%I_F}imzU1ePL{Mc^8h71c1DbIV{iSg!lZ;Qm*Nax5`nPe$`vhPcqv-M zpg^~jmCK#xtXZ_AZEMdw+>OV@v6&mwvb#2J>-9l=qBD7-$%JrkdVXhs@>U3V!xm0C zQx8dvv$--X5le51Tziha|64B}uzl!04DVz&1-a9h9>bZ-Em7%tM3Vc=k1OBvuk)Er zm8;|Mt1gAI;*0S(!|a_JbT5V)?$^h^ceNA$Iasa0?ec`$eMXI)eHS&$zk9VqN67q| zr}K8KsLH7)>#E#BR}gjmQ%QhuN5jOY-fFrzBw$c=-axPi?3X`%<E>5DJ4XOo1(&b~mvgIiQ!)6d>hMhQLUG+por6nf1tqd&lzI{^9@GWyad7`kHa z-dEKE#XT)QUPX611&R0uy`4hZU$DHMJyv_@DugM}Kh;Ieo$eARy-m%^cP}}RN9T%B zIeb%;Z1CP8FOe+QefhyPLD2R#-Eq)lfKZ%x&y}y=q_60_kD_jTdr&|*JEpUTAKs|c z-$}LPXxy5uXv`brE_QbQwRK=~UY!64pCcH6Aj2GL!C9Hs)3)jSa}aE{X6cwkl-_K^ zcsQVB&&NRbY0LQ{=PFg#!R_O-9IqKW?X1J_sWVH+SDa)*ozZAKu3_5EjC&YHgj;#` z%5f-r0oO>COLIGQwOyC6yqko+It#3zSLe+B27rc?f(W;Sm6}DzD`no(P7rZeyK*qU z<8RitC$k2n0`v{1W%|mP-S9ZWC%sKdqjbi<=XK`dqTwdTzI_F7?-^vpe4yg&yE3#B zra%%E@CtPBoL=pYQoEPILZ7oyS>$ad-61?Xr$N8Hx+Um&hOZKz;wd$vYmg`-F4017 zV^E!Zc`>ycU^Y-V8n;TkH?wL86Cp6l5#)htY#ftz2MuiW^OK1K*KJG#3?B!Pq1^4x zXD!zFx^OL|^}7G!r{gWXdKQAnF>0+cp)UFKX7A@Iz1+W#r+O58XB#1mB~hKbCIfMu za{+z^SKO15xZjxp#evTo;ZE3>M=jVee@YML%Fyb1*BAIS3(UY-AF--xYthM$-S=v8Q2sUWiZdxI z{Lb61On-L3zzbiFhF79hcFT)UOG~ayYBkz^X|{dSKGw@4S0>6quXzT4sf#LckBi3f zP77*kW^Wt7{f3_jGcrC0Mgom>?`o>ItJz0Cb$q3zQVs_D`xQQ93%lkilrM=1r}a#hYPW5F825@O5jHW5N# z{Suv%{7*rZSkc!VbePG-EhXF|LQtS9_K-(};McG7PPUY{PhK&Dqev}-uKYW=L=dpb zjDxu6$O+Ym^Cr!ONL6jtJcCFz86Zkl`Y(L^@=h)>N+}?F>iTfEIWAO zI+QGEZaprOQc&BewLJ~H-A{bQGPQ82Sne;O3Ko3#5`?UYCC^iIRF!wE;?QmTwoD-&DBoa5w7 zRY(r;JTgjyv5k&T(cbSrN#O>$Fe3SaOv-J;nt0rAx9$SA&MD?>=a;e<)TiFK!00+N zpe2LhoL!rr9K(@n*N6LTulXD$@qt|SqjoA_hsj$xFm$%pmEOB7`FOq`kh4rAwIO6l zVmvdyR1>0ql^TMt6J^Za#I||*?quDynw#J1qFORUe47ZeU}Q0HQD4QMdu!pt@w;(| zQS8esD`ZXMgQG%Yz_uBUhmy3^EIkv)bK0Q(R+TdHF zB@MkjM~nzX2cP_kq3saT0)wIFcqC>1#KAM0TGf=w^wp^M!!fkF8sDIL0tcEfG)|!#c$7du9D^Hwk1(;AOEQx#IiW&%tL4S9Lg0 zH`V3n2LM_d{3Kgmu7K$jY2aN>E7*I>A1bFnVj6yMdIe`fYot4}QTfERNv13(m5DANS8` z?6zC0vqVfy2Mo&JRtlVQ@2*(;>FWB-4`4jJJ4a@xs)!B^eV?qIFkHUcZJd2yMoSd` zcHLYz$~Xr}2>pU|^6Q0%UEu5k#(MPp5g{}+zk#Kc;fiD06E4XEN`27*1J=)f0-orL zQ?o~4zXkqo_S|eM{RlfUGBe);3g@t8L7}bem%$7jC2X6zcM-~WL&U-Bh*AF^DK)0x zl>+zXTuTF_Q@43=9?R^>BO%byaYM|r#A0?FsjqI?^YJo-(0OgYy}f`-{5@T){msiO zPHZKQ`b@;6F)7duo~q1B)By{du;~z=+Ix&ZO5F;0bflk@_0U5lb^LyGpN6|% z_O|fft_{X+z0RIj%?>Tb!jWV9-aXUkqdk2eX4Cv#$DZlEG6v=Oo(3HHX#N#+yx}Vj z3+xVq4Hz^83Y#V=OqIL{6x;EOo?7ECo}p#}`(+=^XgnBxcpZz0>yrY>JbPc3f-TY> z_A81z66>U3YflRo>OV@ex(x{~Z}teSlld7^kE`}cF#oke58G6}xY`g~x92v*NZAN4 zO*augLQOrUqJ`OF_H@o^T(J)XjLM8>!_oE<2-!V4(nNfOD6(gF=B$w8m{bhe=}Z{# zlJpE0st4IKGm=A8T@1O31`t9%pZr}0?K8|tPBSU_3W=?-y$pk*3X94GY}LBabMxMI@mEB4Q7boQDmb^4m69aV14`e8O>3#|B8@Yf@Pl!f+E0$i9 z6->{2%Ao0d_mZ9_D`}km3J*mvoltyQFqI$|)@1hUkP&_Ha%?XWer=C{Fs^ReF8mZ?)|o#(vfSEX37Fukd|5 z-Ws#jU4@U#R}3(`SF`VZh^by9-7`2{UmeUz(Z{R{UO69@+iu;Qr*7@Ln6McL>Z7Wj zni#KnMQjo6^iU#Y`MVdcQ-pzU-bsvd-03j#y%Z12%};YTI39z{tRBj!8nG96(8N(6 zc|C{PYE}cd8~_dq+T|aq?VLwKa*5j>jq@5~S**Y#4(@8#U;aOu6Qct(9Yu|frNcvq zV{hI9zq~Z3ZJi0BmFXW<2}j3jhc$=sQu|B4&MA;djBRg6RAcQB*?tiJ!Fjx5F3 z4*LHzn);6L{qTo*|CK(BXlkOWk_=Jo@XrT#>`MnAL zZrD-a{#8&WJ8jKrk(nPWJ{=C+03h4w&#z4q>e4;7kh@3MO@y#paa8dC=q~?nOHg;h zZ!?bBKEx_uKUJ@uLjaPA4L*eNSsaoYtAX2*$Wa2uhZO(y z@Bc_;|3|8ZRI07jwz}zy76ktam zhE=VLqrJZGpSOnbCghpC&@N>u%Vhr7z5HY8HCQ3V+CJSW`*W*V+RcvA7_3}+aC$}P zf3=_Cye4tJKfusve^dLGq2R$xZ4-%e;70&Fjc+0cZ*s$BLh`0ce?JfSo8ZbTvF_`i#-Ls!oQv3 z%-|;`i}$L4-d1_W4FcNOex}z5mNr~;_E8L|m$ICRPEbs1-L?++hm5jYHYeC>IpZb& z7w-1QwG?phtZ~@@d0H#ns@R8?Wm1XUom94zX{lMp)x5$ib}%CdRm^SK(tqRG-2+lQ z#ynm$xR8aqTmf-(?&jp3aWCuZ*FZ_T5U3<`?UW6Wc7u65?%g890YXaLDAFZdgt`A{ ztp6>@)wy=1r&d(761&q90LEk{Lk;tWn3Oun&DY`Q<|56`mp;}rZaqH(vvweFxbk$+ zHY^P=WLv9p*P8q*U}0UL`)7=ixQHEF%4>692PCfNVR#@u6s(ZK@~QK#gy;zpJn&5! zYh902!Ud0!?{9&J5lhEvvww3Mj%>GE$Jt!hdrNN+b8nMeQkKKy3Egc{!d!W|SKyUj zB(7A8FIhc?{{k>G;D1Z&(iU}P_rO-CR&SXMc?*z%xqn2+iNR@??ABG&_Oa*Kw?`18 z!&XvzgKC>O0f>oRq+NN)>^_&($)MF$=Sl{a{)PT5AULsTI^uI5{vNN~^8z*?p)T-d zkSUyw!<8k6ja}fpea;-7^IVRB;i>QX38L4QK3wFR-NbMq$1r^zyZ(@Ge)sUwZRMWd zuDtZh0dLbf)N*m%bw@h=wxPCP=}MO{+tW>v{fzO>C>FuctD zW6V32_ZMtfpKxcWbLGrzPg{I17LFceuAa{DbLB;P_itD*Jbm(uIoa5-N_D)-T=nuF zpOY6)?q1e(K2XG3v5Z>0FFRKNs{oZ(nRTz$jbp7OHPvL7oMmhmDR`T3(cE{eg$jv0 zkB}W@cQDX#+WyOWBduw*~S!mp7$N1=v)_1E!g~SKwZ6q4KO(s9jlD41icCi|R ziRE~9NZZ`~szqh=1I7IV;N$LAu#VWBG2^&eZs%! zT=e7+=Ebo>-*MY++}pjgPwJuGBB_$ux05`n5FjAXDh6(NO*h1|7quyWrGP9nhO?aq ziB2N%%ls$9Zm)wg=_gv$Qj})p{y`S%uamMUt0`x9qhptQ)?eh1kG5oR}ppXQvmxyVbxR+X+dvNyfuU{idPuiS4JI0@6D(%vSafhw%6-zPLTqmXat__`Wkp z9cWx0qTl_lIiYtqE4?or0LWyS;!P{xTsS5=l6B2Nh(Hf zJASq86wC~c#gng2=w$ag4f1Upa5l`lX{aYBt4(n?h7RJx9_LG>mBIscRg3u%9tvk& zrClJ8k5Hy?bapiXjlAe*lm~scAqYiH$C#EERe!95{81-$DcON{8&S8f0zL^w=9hQE zezFgg-*0a?I+T9>i-6EgWu|OAwRNL49it8!Z3AgRYoSHWmJ3XYXtOZC4v7 z`|$b?xM*?Pay!y6F!(HXt=*JZ7#ZtU9yWUP`1oR+>O6$mu9y#07BKXso#BFzQ+o?5 z`LK;JgGx#N#S#pI@5$8#gU_-uNI?tRtg_{=;KLP9!b-tHOrOScMIKVra>WyusG3p@ zzYpCMm~Ez%vcT$Y>VbVv2(Z&B)YwCj5Vk8_kUOgjQvtUUlbi4py~#V%8}p52HtY-3F$SKRWP#p=(SZ{{~J>J>y#f1CB!;Z%Y@|c`Avld4cv)~s(mycwI}mV*TFif zb5NEzb<&%jW-|3*y~}R`$x-^^SytdpPnEvtey>JY>l#XM=oTZ66sK!LpoY)9XkXXq z%hNZz^vy5k2CN%??l6QJrcHnTsVADU!Bds59Q*>X=e;Z*dD1CwKsq$|s`I;dS_%hp z6{}~XQ+cIbt$@W*qyYCo7EcrDC1fGv)Uy?iiIfCBcLWb3bV?Lf;!;NWv`as^A9Oy> z8SzBD3bQ&!lU_X$)niIIXpG%lp`PFu!NcNFO`9k7vs)h?)f}W*v|iwhLpVfR+)<>k zS-2vfft$m0xomeb8F_+xu=TYpBf#N}Lai(CrYe4(nDZ!J_tct8=c{Jv_g>QmZ@jBz z!2X*ok(!=oSF`J4=^D=p@>BZPmskkRz?%VS;{04sQ{H7t*+hFr94KuAJ4u0PPF6Kq z$&aIfZQno)Jgp2;LiwDZ#TiJne8Gpx`O!+f?ZQPs?XqkJP9p-scY7?xNXCgTr6Yxe z$bhM2Eg#@W@{vxrH?nT^G2HL_RSenhsv9tE^-tBO*pCi>zNW|?Kh;7K=^ERD3-ua# zK>!tVB+7n!tQ+2%s#^GhB`kTc?=(7?sK24MEr64z0v8JJ5k! zKuI-3&^v3riCQG&Xbo?f^lg{mV^1d?5@2<3vcaAI=!Yyyu{+s<9^5NhcC`{gT_|z5 zR!f{e%(c@GL6HOegeZuO>Rh=G{%pv4gIKt>QF@7dwztI4T+J$B=&>XTo3 zX9A5E9q>QBhyoLGVw(?|=0n<_tdP!dwx7p$|Fh`1+de4Sj< z8Hqko_wF+2wf^K?3`%1u2YiAGInxP^-h75ACbjCUueMu-Y98mV-FRhJo=-S!Zab1j zF_p)kkOCj;$CV9j?Trfn9+=MiE1DCD;1n=^>imIegb5s!(zw&Oc3bh3cuFH#enFn zjtx(SbDYw*`m~s8FZx8zvApry`ZsPsF;z&}XQgo)Vx%g1X0YaV$al_VWw)kKsdifH zHVS_1FgQl^4>;MgRe4L@z|m83n}i$k6F}&Zuyq^vv`2}24I2$31;oK?FC>OO;z}u; zbD=&ox(FhvY4|_901Q1CT8S_(BBQ`?&zSl)IZPTPwO{V|5=qhHn6FM6VtUXV8!^D~ z)7XL1Zssi!SbR6<PGnevqE+joHy2Z9h9{At6NQxi>MII%&JEgoMza&upL0Q7GaOH1A|dJpAD%R^jm>PV|fU>UGc!Y>QOG!id17 zDJ_$ulrm1%D$IjMN2+IUB_6-%_GqlFDh(K3?8bm3l_EKH|u8;f#a#SenQ$| z6M{k^*I+_}(`4r%RJ34f8_ZU(db>Gbpir$~=_F`UZSzSW zJq2-&4)~UH#m@mKBK!x=)PyaRu8{zAA);c9k~N3TVgXYcYc*l8j8a>+UCP)%rMr$w zSLag3o|3+PYGwAB41&;ju2zVw?WTL&pMn+0-S;bQ4Tx@6t6qNO0dEMVKTnEp3hxLS zbcE{2>D99b(Dqr%zk>+3x8LYjWhK39+a&h565A$mXUOoEE7XZ0airR3_}! z)kCku^T<$z-vb}OeogqiKV}Jzk0aG-3H8jJKCAFS7`_Fa89KTpf&l@ir6Z@2B~04_ zRKn{N7b@<-9Nw0a^x#`tE-O`weP+JJ!9qQ8&+9NtDv8 zy7Eb5;(}a?;rGBqa-Q4!y2jfJ4y=>%Y`$04o7MRx6{EiShJ%V5|DCR;MtgR?>lX19HgCf|-7KgP zMc#qFu10q8`fA4OEIxDkKnzK`n8tLRZTU}pf?lu0Wtw?FYWfZ$#W~8H95v8f-raSL z26e`M6ZMZgJfJa)n@;)}$xTrD7Mrlz@qs7j!ZA&c9%-@f;`eeEbng#WSF;YGZJ*Tb z)Le9U%%!DCX6$`<1lUKjg!j5L06V5Hzl=uh=rU@z(V7T73-HECJBv}*u(Qd2hSkUA zGSH*?_YH5G9anA*X?+!30Dr0<=94)`oSOF8P-7mJH8yn1mFHQUn?d}E=5kTNNxA!- zDDGX(m7Lrn9{B! z+2suh#ICn&oo3aGKrtORxA!W(?a_R|7qi0c9;dpU;|sMV zRYby~kLUvatF5juhxvp<@zyJv^(Qw-d#1_;6V|9=Yx=wu=!6(*<|m@*p9++6=-a$m zD)r*>WAV=$FhtP&(nVJZ7d87lT~?KnuT-WG&{A>pn%-6{WPJG{0dimsA+#f;ICw90 zc(Bf2oVjdXBLj~cvQcn5b0+|$PYBu{p=1uND|RsKK-~ z5phkKn{o~iOFVhV%CqiWiV77`or>Kh>m7S&*x9z4lm9{ae%@jhbp)3=3(q4v6>#BWpiX&WW^UrY|uZpmWY|NkL#V_A< z+g#)E2pOh2I>6&@ORIOoeM$!ouJ^nfxf%@k9!QTW928(X7V~=lj0;;aB%eH~t+-I= z)MdhjTEBlEanj%Wn4?>>oPK9rZ#Q$S5`lARY8!&V1|`T8{4=Pw8D_QnN|yt9%P-I$ z2XOw7O3dVHbSnn0CLpfkSPLuM_agqid1s85G`ygT4$G-><@*Jmt4(ch7>KNdF7acr z`?r8UmcvRXFQmCek)t6C;Ent&-#f}kFBF`BA?f8MA%NolY0Z4u%NrFfCp{LWB9uaO z6DVE36X&d@CTD{7=VoMcO);!JW5A$NFpdW;YpyTti2>sIpWaRrh;5XFNSlI>$sN1CLRd3 z26jW$dHtW8P8}q3K^@-rS(&bHA%X}ZV_E%b%D{gfKV*!eh&c)Yp(sxQml+#KF?)OTD`tbev>m5Iui z6-WSHp3qFvOFFFA{X4@I%90Do2#%PQ6PbP0(T_`?8#%OFtw zhGdV*A$E{r`nP+mXr(vq^4QpW-u4pw-km9G82oDW=Z{D50HJ2oIg^XX%0@3P!R67wsXEp&SUtYuSD0l-^=7N3<*g14Rxriu+^C^WyFqIJ9>#UHB`Hg0|BviI^n%$CXcVS1W!vuBY< z`9Y?}>yVuaHHDfl^NvxNp1!t~1RSX8-+J8Nr}p&xCIrjRpgo44`)O#wz5hyU&4%;u zbEX{K{V7R8!Jt`2-UhOW+$L&#o}Q-a1g1>d{c+YNOCsFcG|EQ>2O-~Wvn#ff)${@O z90zfKvL+iQG?^DDsU_22*#A{cv+RT0X0=Wb!S$e`$}HZ%Iw&PHUkIj4%J{V`T{Y`i5%H4Lewm^A~y4)`G z(ZrP(Z;`|RJ4`JGFz%7njru1Lu|5VP!pnX4y@NG5<@r#W2YGzu)dygqK+#-H;3)2` z5fsk;pM>=H!PF(P#9*8sJ9`SiW#jTnLPT!PM}m{|avX(KMHv$cXIq(p%bTp+vqCRX zWUQY`&Rs2g?Bndov~%@kpTEY#htd*ywvD)u>uOxHjTJ~rixvZKbQR!m`Z zd&kCP3rv_NR~56L%vq@d=|{r9;i$bGeUi@aE3Q-gv%Pm3krfs_yj;ZWa* zqd}dwL=IteWdir{aHP0Un=LlW#E?FNGcK38R51AT6)tj!Lb3KN&lidCgFhuHZO^AV zczp|ORvn=2%Bc=GJtN?QG~U2ykMHw&gS;njh*o^kh>-6$JUf4xsQ{TjJ8wY^deT+qJR9!Zn{|lmi&A^hW`B&hj_LBrDxO}Y zFhL7+4kcz&P(`Te5v}uRAd`-&4IJI1*t{bz-;UDkh=53}T6bK{DL<={PlMd=V1 z^2vV4QijuMkW)|tOUSTZoa$m%?Fe?;2SAnjUxUUB@XK!E)IRh^9hPd-)eoJ}h5m2C z725E$AwQ(>g&@}k6(sd9Vd7XSBmyLA(gCHaMtx3FeT-?i>$hczD=?)=mNTXP#Sv52QYP%?)*BJj=SzZ{kQniogU~)1A zdq)S-AW~gPM&3)+5<7NM?L`v#eH@8#Ill+~%TSUpetws)j@hZ4p|&qvRjaB?6T*$> z1{{47R1dvGHzj<^!sN@=mqWO2$aV78z zk;jmkZ)VCr%WZU&4F=^-d`9%E{DT@I=UHO^>)tc< zl>ODFL54@{Sc-86hJ*6}7Y`aJ1ztTIFD}JPr6F{P7{%=CLi)`;8~%*&eszcbkOWKg zvt&UJ24HmU-_XjhJDIJTq|w29>ap~b$J_V^w`JBnKVBm($fWZ`aScqm!~2S&=CzV-AmDFnF@rU1&nm1M`}*OAQ@IUNko)De~%TqlY~& zkh=5ln8ep4;SRqywZ{4N>#s&fiK!(>88Fnir-66qo=$MG=Ww?#8(_Ocpm^BvW1pe! zlB{vHSFDHnx&oDn^)JpcxnI*K$uan3W@hInk=Wng{F$mYA8be$fKraX5sZbjUD$2` zra#9W80-Ez75nZ!_1__2Z@&ETZ!*9h#nB@Jw{fuBI*20v>jEsyaQZtt>_@No{?E9X z!aoqBi^!^$$Q=b;4mC^(hQ*T& zX)`+_;ECTFn{|PDgggZ38Y*z*ZAomF{~Wv$hw&Mr7rQ_8Xq6Z=JFJ9-!T4p8%F6tW z27l9bZ~ucvCJ$A6&gEIUcpN0u#ptP>BrceT$|fvbP|@A>wx+5vJ>|f(WcW1{?4ZKt zIG_~Rq=8MYoNND2*tCj6fGReM>(D22ylMGsxv7j=^x34srQ^f`>x1XIFOr27zB~E` zxt&xAQ`M~B=hb5NYiLyz%RG8pU~e}J?0o;tNmj*vj=!h0#^H5GJKNheu;#j}(JEp? zy)REQre)`bXL(zbxza;kd1nmaN(oN34VaPu%KjfeBXSn8FvM0}&7ir~EQ0{*sMFHge#18BsZh-zdt7fs=cF_dY_&1EE=Jk*M;o#>iu?*{xb4_@@D>a zBx!=J`t9F{!y+1>6vcj&hrQS6OgI)Q_<$G6j!h_aEO>kCV0FQCo4C`S+K#il0el$2rT9Mfu2n&IqPctC4>V{ACcPRnrf z50osSS8`ZMPNID}nn?AV6@GrDrdwUj*+(BIgPgcGd~W@7a#)yd2RG;CvgU|){Ys;! zv0A9OxcnM2Uu||O|39>FeSAu}Xmhh6yjbE1^GT&ASkFryk_so;}bM=bm02u}Y65Snv z>(IRRJHTKV2Vw0zu$JnN?M%feRUWT~zURWOQ%+ck9_GYIJ2+t80PZC0((i`c41Le8 z!p1|`%AKDdD!x6wLj(d zK*``2xxp`xLHp*!$d?{LulK}uZbU2^-vA|;@Inmc@OX(Wdk926Lu4QKhiQqtZ_Pkd~T@}%kiCg)hq%N?~Wm~ua!)-i>ax#I!GrYiHo=EvTx zN5VE)y!x$lxYBes`5iBdE?0&FtYU5%{_Isrj~1XCs;-O3Z4=t%<71i+6zECPeQ{oK z+XW&8N6iX&TROb|Y->$?>nj9W*Y3r+KrJY7c6mx_=kqRk65Ez(6UBBGj=T51x_XSZ zK~2KbXWm2OXW40WczDkeu5vggrkU z3bh3_(KmpENRLx!LEyRcn9;@L$}JpVwx6{9^M;e)ewWIXj#8H0yr>ybIk37&ueJv@7 za)A+Ju{q~K#o)_UA5K@H(;Eei!Z%&-U%9C1b}Gcqfml2buBd`gmF+Otxt*}z2_c1kK-qw>e5r9cpLVH^#>c4n`_nuF|C(6 zowsVAW6$_V&%CDs*`xfgsIFEvsaf&x!R4woM5=77nH31=lmmyH@JBy?8XTz_UWAZ) z+xQsUcryrJcYA`F)#S!S0O4un!miTLPdZ)WmHz&5;qp{!@1kk{Om|nO?IsjUamSm9 zzgMa5dRwu1WQi2eQB6Gerr6;DcL}lcSlo7zp=vh z@sBeI{i`ERiN34fJgE3=Ef7!BzKZu4rL{&1Zq?MiX^=<6Op)B?{S%~;ATdo2AJMyd z4T!?Sjm?))bR(jOLcg%foZ0T|0xeqdff6S6iyGM1?nxaPz>%iBVoIqIKD&|X`0&7P zOkBv&A({m1yZZ7Cqt3!LQRD~Z5fZ5Ku_g`NzzQEEWRcy!dTKXu)A_y0U z8mF9+c3;vPy&-`;62~&dp7Qi3E&{@R>7e)YWq^rEL05d4B&#g=$^oGMubZ4}R{nt7EsG7r@P5ec_{|Zl`zP>+7z&H)w>3V~1TH`wZhk z7#9Wk8Ns^HJOj{N@3?{UZEyy%(0Mu!zq>((NZ594!>6r0*WaCJJ{>Xl^Qd{>(t`sb z1|_$}SyN^Pa1q1jH+#y;yw9%nef{O%e5a#6;V~9bbj7X*f#Sekk?Dd0Ih2w}7Ph6n zReeLGNEBTpeGP<0kAy90)dt0ex(IXik9H_qk$TBhe9T`Ch)e|!lwvmrKk$?vk`r>R zsApq)_xlXGs7e%+VQU9kTg)%1RT9!^cq6P!3W-rROn>%@#JSX>+;5|HJ3d`D?u_k$ zc+d#SwtL{YAa+hxmvq;`>SJ?oM$LVGMUFWN0EWTz;Og$<%Q-9V$RtokUw+zRDyL$3147;PyV#Fwr|X5PS1P3%OEx8P0qkw z7rGCf5Coh?tbH*sA+h|v;DPvAD(o?fDft@S*fCalpgP``%KFi;?b#@8uCnH&|qge4lk!j2P2)PZae;K_J@<i?tITQ-cXQrR^#Fr5E^F{b57KIwen!6JTfTqv6AV=L-AnsA6O zAku!;8w5TI`NtE;^jk&a-U7YW#n=N(KS>JL?PvHH2>I|TeOZWcX_yTtIPL>685fub zBLT#&MkU(kiouvH6?Rfkku)K6GUDfnK`fDvcnf3+3S$>iR0&`2%Vx5{?N22w@7Kc_gRsZq0oz5~ zA@$w?I8s;g>3@rzZ5*Fem^(HlWLGqwfY(#GZmHw)u|5gNMAHNjfejX2S)-;WNIZnz z$y6I4-py(Kv)b^KS7Bta>KbK51)9b)9o8SK%nXWx0qXz#3<6VjHd5GWHW#|B#yWMNf+7$j=tl|B%9&+kuf z_Mv)lhG^;V#f@Au9)b$q$q$#yE%fdR`pYo1)2|6k$a8y*h?H5XiEDN?cTd)+sQ^V* zdZWa?m0xlL`}%umw@s1a<(uO3qjjxOQm^ocuF7-dyV)p`4c;`}r+eqd6wRn^yexhn zagb;F6)Z?D*~{+lK!s3-M22iGHxLwi%UjMm#5N-}{x*dPJIU%^U7j#(y}mM_(bs#@ zdB^7?{zVhUNc6!8!=jFNG*(Xfze+=4&7MsyB^LJ9-~5X|DcEcAvpg;$IST(k1P)P0 zarDyT>2sj~(P(@PBz(j{z}xCD21_u%euW|O?% zch|jZ=EwZGYwlXZuLEb(ySuu&y85Z7sy9es)lc(;o{^~z2@~i@+slD|_WHEjgqghs z_Tpm5ld_$_cuhTmZ&e<5Qv_7I`GnTyf^ov|y0}RwEU$>mb|~JonAm>kh8>b#Nwp6d zw9e9hOO*7C#S_TR483-q5F^xpF=?KllN(yD=4y zppC=JS7~LrveRASIJ6t_l?w(Iz&(U;piDJ|ky%C^*gq@FS&sx-lf+{%Am?zJw;j!_ z2jANA$4FY}y$}WfgkEgm#{aH!a#DNuQ2VWih##wFvYWQ;a{5~43b&H1J(we#vnh~w zv!GXf^t1;;3kMu}0>SO)v?ZXTWjkNnUYLT6Y)XjB^~UAWT@1uX`!{m*bSCP;;}CAw zL0G9&_h%dlFdMhN3AvbPoPVOJ<`hOTh{J)h^bTvZLA>4;{)SBgawpk_~A~?KP z%*Q8yz==-`3XTe!3dSEC@;@NeQm~4_s=Nuz|0Vb+Y!&>q`0zR*Fei=<@xS1!S|-3x z_N!`O#!ap0+lCTj`fN$CoK__9lypcE84Ca>+BBgF*_FfS+d+G``_o-+ zKTv@90i9xNjdvgD7mS@u!?=$p8}@`KNQps)KKWHg3GS|IkpeO-rF;4iSI!>0WbO_@ z$a8zLq4v%$;w?ECHMqyh1MPvB^!gNq3Y7)dODBsjC;&ZSgm4>bGp@MsXTOB&i&Y^S zwa^e-w@3Sr3HcW@_FixTv&Io~5bs6IMk>-|G*~ z0x&4UnWCUp^augcJ|5=ureasv6Bsn^&$9zEv0VWr9^=~ z%@pA`X>pG)RV|ZIlEde}JJpGQg8~L8V^(BCdKme=XzxKG0bNuLV6Y*KOWpoUXjfMB zg{Y5K#6<5DLbBeTpYRZaaqK8fmNW>;1yQd#?SrM3SoWgDP!k;ohy3x^#YMpez?s{S zfwyy7bmIeh>mOX`!7%fZafXqNm_c>A8+bctH$hI}aDg-!o z$Rf>Ag0w2Jl-C+ojD;h$>z5#lh*}G4`1-QokQaJLY`h*P`A z)Ns}5<%XZ2P=I3Il@~@Qr?65VO^EOZs3CwQ%U>!O(P`Ya>2Bk86w|-lyaR z)S;kjo>o1S3#JJjJHq?sVVLwGNj-ZWW3hguUR~<EeS8db>4&ACl0nF+ z>fy~v!Z(|<)uBQ+$0++x>Y2b&j+_dB`%;%8%a=Y}K$F*ZZL-h{nuXACz9pm-ZQwyO z4P^ully0tX-LU5GK9G#NZ8RhY`O@h8P7wc=dvoY^w%bVangxLe42B2I!!Le0C3zop z8Qitp@t!Yrd5t4qC{2O>%s00k_ z%RB{0jEWTob}-414Z*B^sY;ED0gat$&Uf~7B`C1{ zRz!kbcP^pwGzWqk(d>M2Me#eNyBszuLf3hPH^Ha}69cJz@#=!pi9eaFiJ$7fuVCKM zSX$Si9#{A_S8h6}Q=0LMie^Siir=~Dibn4#Lj6Opg`unXSw>hSju=)`KP%RAA%Mg{ z^lO~kLf^r#VJYcGk_=e9;bXR<5TAr9B^f6O`O#%IXIvnCPL1&1Sx~SxYMf|2r`ueGS<*^k_=z*=Z6LEHsr0W=5eMluDw-a>~-IJ!arf*f+*zr6Z{{ zH2U1P{fv$nJD@h7n;{FVEqoWFnDi07KX7 zEZj=lE>d8$@(V@0&9b>{QfhW+w$=6l{kay(rS=6oBe3bK6`Bi4cKE!rB8cyCYme<= zH0298eWn8hE*GAWUI`UK7Mu8$I#9MY_+I$f7!1$vncHCyg4Ghnmd&3`)ko5h`brB$ zKZ7iuag}T*s2=SmiDMRLV9Z3Qz#5cTLjpoj=w-qm*^wa?jx)A=Ab|j8FC+M zBCX;}>zQ-TTpu|aTr0yG!^E>NPTi7}my1cq3n2nBU`wTWV>{;iYu#V@8Fufkpdm` zmWIz6xc?;eHT^p|)Fxgh)4JcJg7)V6l%qRKN5JUI+^hl8^*H<0jC0=JL8sMt4wr(U z0R}@tVc|%@J6Gl{mY96IhjWLv7KQo=-!dNT4RXE_v_5HBPkU#;A&LP!Yjknh%YV03 z*v?h?CD9_bdWLOvM0zR_TIwlKjV&Z0ah^l35NanEWc{8Riu)ll=Kx@xlbR;{pnlW| z7-EsUo8td$3;@JnC|y$ou%KM_^Y}0Mri93%NJb4U>b&_m(!$L8IX#gBXF+^Jzg4m> z7B2PaiwIOIJg%rbS1+8FNNwG6Y4 z4?v0(r45pRrrHWWhbrwQjH_AJcw>?=yXk$&i5>b zQcB^dby9|s;dFPF#n0ONYUnUX*-m3YI$wL?V_SJugYtPWbq<7lwW=^%L)MlqGbgzs zI4ZW5Nld6M}oJRfm~? z2mD7E)el7qE^vi=&+X^~_pNO46X0#D$77zeIy9e$r%XO1kkB~QO4@R0KGq!Pl&CE0 ztIqP~XuVsnbkE`F*-b17{FPc?9?lleui#}_v^VEzGdgV`B>1YLPMljOXJCc&jUOu* zh_E$lmyTtZyQ4Dew0lb8c0Tb)?&!D5s=%1=tgdt`ywi2c!m8$n?OHPJv1lGy<#1Ht z(pQMy022o0-|SHwzcY^^&EK~BR*B`xi}@XUvGp80?CiY=P04#|N@o4n7O8$eBYd#0 zJS)=gZUP(c{7$B>_x%pO2}8V(HV&%uS_^-Nk$mlkHlfc1*`0SuAFUlb(kh%-oE$!9 zJ=akBhtsDA?Tjd)NTNb7nc#26;y5WS(x2$pV(fQ`4wdap&FiWd(vh>nV(6&bc$SS8 zY?%$tLuUA&dFYd`*x^nIsyAK*Sfz9VytTUoBVLck#x55tlzh*Z;^&Lz&*2OM9M|l1 z9}xh=HtIxX9hM^BAj$Eayz@9IRFK{WAXS6_2ViR>l_l6!io{eBuljtYC(F_7mQK8D zR0{JpnxLIYS)gL1j-SjRA@JKP%U0dNH&-fZfv0!>%GEjbW9! z`yKtboH|cPCMCX?9ed+fuj){lS0I0dVg~t~=@R2K;`*ywzp>zd3?jx0zvO2qa6Wan z4JUVo6x_&0EK*}$N~m-h_=hdj$WB$ItEzxv)VLR;oFOLcP6dx|E#;ak$<6}yiR6kB z3dI0+8l&GHx_@4iB?2NNQdyRI)pd~p5v;#5yprgEqw90UwS696{UVlEk?U{R$cLTK^RD`%B2yIJHtVBMj=WdzB8K_1l~uhn{7Ei%3dWXO z&|7sOBDWvvqZ@S_HFmvNmdrI>!sIf8-(UmpH5TMum0UdIpnh$^UAYfQW0q$+f+TBe z-aMT1x`Xf3?fVvO^fgImK1S$H$^~8PnTE5HO4v*i?7N;F6rPQbi-huTc$F z% z93kqHnIvWIguSyG8?Q;N|2T@AlmL2V)>o!(K6h8*erVW+{&c_k{p-uJhte+ANR7fK{Cs*R$Tf+Hplh*!er)=gVi%!EUE=74#~Yc9L@6k-So?slOK( zNnM*mqz^3jHFe1pHIx6nZ^xeEo<t#-Mv0>fCjkoavM}d z%oAd$(X0s97Hc|f5VRpQ9ewxkDoyeEebZqf1(+f*Xq>7FB9;bk^hq>xC(gHHnD z`jpsbY^2Uhykv9Lu6|%dyGU7ImyFAI!mg(nX_~2A$bxTKsaVkE6mKwYpZnrW-k++1 z2-4}qVr!lkfejpMaSW#mT#jUJ<#8Tr>MTJA_a6^z^V#DLBf$h|@Da)cv{#K>#zO&~ zLJ>eWCAk_{pS1p|Tv=q0j;6keUDAK*iC^W;B2{s~64i*pR*|YEp2ZZurN@-G{=!fh zC{MI7gT!QDB5V;2>Gs8T(g2>#tju0(dhweA5vvd@rMvaUg@>Qj0hlP)4SY7I{K7WqK1`>}6qJfE!^t0RCME2>LuM_k;H+LA@HV z=p$1Ga>W~+iNvDMm0RUB*i;f9N?7RbDrIV!@%$2#yx1+C-$)*UJ2a^p+Oc!CIP_Kx zUM2tjEY*BA`hbvLxnDs`4KVaW*22_b6ZL_f{v$XsWp@cIn%a0ktS~S)kpOT{_p%Kd5gA^-x0fG7Ob$A)CB%c!yaaM}LWIIn z9;Qlhc;W%`2+&1zBs3Ah%c*Po&weCXbet5DJSFwf=Cqj^dxxe0TyN~PonlnDFSjq_ zxqs*YTwiebvtr`P6+VDM*dFd*Xc`lUsg)(Mj@ux8+D@?k6O;iFHp{zD5eqzF_~7S*XK2;bH-WZeEm%cwWLnFSrm! z-|#9pi=IQUMP0*h95L!CPzP%+RlhNM%f;|Hun^TUZWuqnV+O<|vewjshcZ{z1l;ew zW5Wi7ec@o;odHx>{gXujEZ<1k&-oq9fS~AB!ndWfOBM-5ta_UV@!j<^XjXCzS?=?K zY>Z@R+dj;kU-D-ne}@kL=*6+7yd#)l>ZJrKvkE21W)1n3e*%;J>K$4D=GZpcC-z;b zC!Vczl+0v4bU>b}_6Dx;9XjOmlTS?3Pe@OTqX2hgR2Tyu7{P>U@4w@erJDXpJ$~-! z7jCv@6c@$*Om&Wfi9oZt?8gLg&&!qXv(UjjH#F3UqOUAnQ5sS4>)S}=wOR?A%Tlr9 z=$B&X1A+nG)B4@_s-Hy78z({=MK{=$^x_JqPX4C@gm6p@r~fC{lDrvta$XYL50er; zK#FQH-Rb91zHCzoWOF(@O6aHGM7Pks$m**<)};QKd*JOEtd5|v{AAlFarDFPul1qF z+9!?&v~7h`c5g@_pgFwNo9^me-9nD}vqyjfH#=#-Oj{@QcY#P-pI+YfjJimVAtfsu z7W7c!LkG#y?DU>Ut}SW<06ugP#~%$yT2W=7@S{)L7|lO-6dYRTR1+L~gLb2Enf;-D zp|C*3=A)F=ane~iE?o)37?rn#f4L zy9nk&A_=GG0bX=wIy@=k)n09B=EwhWq1Cpz~}zGqn*brq;O zudz!~2+lNIxj}Qdi@ddr{dmQ<$MB9Ja&e&@w{E)C^L|m><`@&fwJWCCa}Y5e0lVNf zI_}&SP&z;{Dq>k#peQ2}q0mLER4RcPH6_wO5bLR?uWQ@uM}*kL(Pep%@tM#lMf%SEnkyNSjEvDL12_C6J=AE<{KgUQJ5FjqW_xmxN=kbw z33M>pjAdx*xzghzxdKy}yYI+J${<6kGC_p;y?1bCE$s_|g0Pl6j24?v1_mdPq=%*+ zzRj=}7#PIu4`^~3%r!mCE(l?YeK{B-rD$TRm4YaoOA?FB&~RlG(fH%7Ti)MA3NFZq{^L6+P@LH*QsagQ4PHQ#MJ+YOnpQ33$6MO7lIsA zx(5ts*RX+zoqU842JEwaEvAY`FzI3DI!p58RR@(g+ner6bTBCu++kTEo5w_NU7t0Q zHbtK57n<0mWf=g4-JZ!ssllp)w|_4T8K2b}q~++DtyQGFBRpYL=ZtfM1wax`^( z#47B>>yHiKBUW0~1*V{b!cADPn}otOxL4xC3+)yhTVW}uhfvno*c2{!Mz-{^exy^S z!_SAdN7;7u=ZUvM8ukZo;FO%>JtI!<+=8&2gW_Czn0gt2v#dg29#OrvioAAbuW)Z@ z@|?`f6!EA668M_&vd!(qj(FOtxz&r}7_^ouw$v;F(D#_QD%+d`RJ1>VybUmj`T_*%`2*@ye{&4 zT$F^CG=JO=@H_-(ZfOa%DeX0=cJrM*R(xg`tD|#kFC|-LBFD( zqbfn&HDwenHqf*LfLln1Bp}~vqOO?0h4tJI@v>JR<)EwaJQ_Z*DR}ho*{{*&?ME*; zJ;Q{6MOFwX3}Z^bo3xqT+?*gBFWYhVGbtLGxBFN+kfeL-Abbix%$$Oa5ORO|cnEMZ z_StZTznEtQ79ZXJ=L#jTWhE}I<3hHE3^ZSpu_G-C0+YfT!Z#PUbAI3Cu)o>AIX6k9 zs$;Zs9WHo52mw&g5S#G7h6Ab-yb_V7s2RvKzpjJS_-*Ro&5c4gn_FWb_&R}d-F>H4 zVV>%{Ngmqi6VSfS@YMJi021%FM=7vACIFBifp!46k3cOl{kMNAHh^U7bn5G3fzE=}2aaFx%+LLMVCpo85ewY6jDQT`LvKQq zsBHUWI_;iZfB@Ey54d04jXvlW@Sx{J zj>D@-0SOEiP-21NM}GtxL`H)Ol!tZzCq1UbMm--y4-b3M&MuuLif)=oDulmCfz3B5 zA>X?rs7(M}!ctHya!`dd1l87-D#yz@PeE-Ue7|M#qKo`NQs<3ffVUV5+z{+5&-8tl z0LZI|%_~3p7O|WB`uou|!@oW^xkw@>Nsd6ddUgNYy>^3L4`aH*MR-#Sj4H;AjjkBCnn`1znsi`-#>*R~km?*=g72R$W) z!LOGwESgB6=J@dTh5xR~0SPIBkrd&KS)9bYVAd zxr?1LA?MNH+N-N^dSenT_<%9}%r6EjLUG!!`%3P%WwCkBDF0`zv0vj4-NnZO8)Jei zMXvggrb7rQP5+08syYjOm`(Z!Vd?o**02_oBNEulYOj@c4TIVG>r?IpZ=dtM#|Cph z-*QW})JWEkXYRy}Txs^}O!Bdk-^s@s2?@4&j}u15tGXt85w1NoIzJ!5$0pf!a8W_H z5l;Jwm0;dna=%c#9>Wq-DR>(U_>~Ie0QD1hc%p-5-UXRvF8?G7bSH%0K)><&v}$4Q z#@FlmI)1_D`gCsFVE(Nvp}eAvu_GTbc6svLMtJRO=20(lfXX|dqsumW! z+FR=P8*jH<)t@hh8TAK9=WKt>4M?MNv8Y&)z6`qv$7m8)4c#LQmA6QuPvu+Z4C8VehP*S%C9NnJgr4g=S`)=2R}0I(sm7h$d|_q0Yg~M?bQ>8fcx-IB_c5qqHt@ z$ua(ET&|(Bm1CbINW_IdxiTc5`fk&`(0DIUaxC%1SsLE8KneJNgSyQWNQRu#R)RNI zo9KNKX=-&)V;Q7HO$5*~y?hU>*rM;FYIgVd#{sI`RNh9+u!e_G*D9&HeljlsQnV^N zzw6t)fl2q%YkT{J(kzmU7`hP>8sd#ulgk*2Os_}PLXTl;%H=U9>DU_F^pq$?4v-iY z{G{64i=aEsBuyN%A#SD!mod`PWXnka(&551>7W_%XGWJT_vb=?V>r$8<7Vl;^`Q%4@c58Wg!NHDCgmh$h*Mas&9D#`qEmfB9c zj_hT&B?Tv!3`cv^GWvso@_cH}@7Rxxx1mGRlMR8@|z!3Go z^R>-BwdXZ1L5#Vwxc;uOD$;B(05;Uc{LT`3y0>vGa$)x3yJ(%ipDl}L+2%P*;t}Od zY}3#IXwy5`5UP<5Hr(K0*+gs zw1>pfMOoJM-|+6|zz6~x`B;r~GE^uTP~3Sn(P6z*+g(|w@~@8j%+W*?U3qdI96fJEw#m%<}`<1kSIU5qu~o4aj};-KhBJq#@BRDaM z*Z|YZBn**Rj%VT`YEtfay5v5Nuhe$)IE*|4h?UcUPPH;g7mpyf$^jf0#CF%Cp@mJ< zU$Xi}qD48>PLO*>$R>E}5(w32B;9%ZDdJ7jLa@4*Z3=g>}u%u6MCG8^hZW`+hhPwCg_krpbn8g-?B#ov*j2~ zhFmJ=`V|7`Q!I-se$r zkpz%AAcOH83R}+*+Y#}JBTCVl>|?)nd)ig{OcEdoE*bg1uh>G?>l8Zq0(QU&0yPx! z76YVvUwi;a#QxEu+5S01hnXm6ukJ`1H55y|J}Q7N=p$EtnIJDZjQF{&!_ByZv@KJ( z(%Tfv`JA~@>8y{_tDiiA0Y)WpjHk3T!uvdrzR8%z0h^!nx_#{ul3yCXw-D!)z)-!S z6s&YA+x=A;L%%h`tvYaISKnwN!DIY_3sP)rSOhiX2Rl>q1sw_aO7jTNfB_^_g?`N_T#D@)Y*QJ5!;o}e^iw}{98d;gFgK%)8|DQQ2Yz^ zp!<5>Qo1yMP$6#H9bHJ=(_KzHerzocym?E=@K{HGm2vum7b zp#Pf%dT|11A;#ObkW&LHE7M8(YeIRY9HW?=V*@tIFkmhSUIf7Q(x*W0lGk_KORT(< zKnLnS3v!~+&uPGtcF}7=*DbEL(3IzyvsS!TAbf&-=^PI1kWiO$>iPTMs*i18J?pOBHQPs<$(UGg9j)x zCbtb9@6i)p6y*DQ#ss2Y(uhrMn9Y2$EvcmL46PTH#6Gi^xG27RvVQ5e3*!7u^B;hM zPr}4X?yJilt-$-0hu|@X9FPiPvEx;P%+55NN_-{zGOEGXx-k9X1 zhvN1!-6uT_sn4#l_iE||msuOz+3@ijo`SaO?~_H507Odgnq)?E@Oz9B?5DuZs& z%b~-ZLRI=*>E&ezA=SCQXbBBOkp}C~*^{z6Rtik=7O?tjOsr;am-fyC^&tB7Zuap$ zhd?|7P0)kAL>q%2lXxYr4H#p!Sz}Z2z{kv5`JL-x(icxlYUXeu4&{H|xW?{N4Jv29_#(L0kA6|ChaYztIMI)6qM@qkN^ELRa4Q)w!E^XkyJ=8XJUX>+f1U z`FYlMy6x6*cedVV-v|~2`mjacAde^gB{l^84@V+L)nD7Iv=syR-nOu&KNGVM3Cx z(SqLH?-7K~msns0SMX=vh#TU56_Sw9D70NZtpr@Cn((o(G{`$!zAgDNjPgB{RGa+% zx%CW_d{eJ<~gB?)aY$IMTJ4`DR;1{NeSSNcIDQ9qoM93{EqGuaATxx<+~gR z65>&y;1f+cI~0HdSaV75YB!{#Jk;wEfQAVC`NkUj#{M4~QVV=8f%%rL!I3aT_~}HSlHwf9*Zz93 z4wM+P$pQa#R1LWMx$-Indcf5;HNw?6pGfX`)9f@M_OI{d0LN9Zfu?Od9-79R>oqvz z-R*a`){PAW=cPqQEv$dZ2ph)jbpN1;Q+Riq+dk6o-8NTJlqRCg5oPb)}l7a46H9wnL|1Us-q3K z`R)unH`X)~c}RZ&%rEbsaSy4-Lb5R@gWm5~;LrW)S?ow4^XozQPiv|gX>sC*9^f+H zd#Pjij|Q#gKs3F#ySzDpf3Ma*EnFf3B!quw>5m_O-|qbX)K4JJvH@y83B#Sg zG7BO-bc6Tv*rfBv%>DmQkiRD7f2=ed@I2rj{CqBk#`4H~E{d?`{YE>$A^C&2Ew}>@ zt$@MPx~uz3OBUcgchy%*9g5)OKf4cNKY~$qpfFy;8wJ!w3UZ#CKLq!}|$!2{3$HNtHc z5EkT@y32649_y7z-PHd|23u+NMOqxz;pev}u^{zGrz1xuf4RH7k9ujWN+skg9XNQ1 z2mAId@y9l43Qz}65xXCySjVfT5h2q6qpVpz9u`!Q?NM!H2#0M6)Gks}0k zxTfKX*kBpTD&73-uGn76=7$i+o2-2``a(^zPNvi(qZWfJw=pSKA;ln2^Frr8c-KRtcE2}N?T zBuNjDd%=v9Dj9l zjRdP>S7c0=oJ}2}S5VPURLK`sNvupatGiSt(0$eBs_Oo#wHq>?SMlL7n|Z(6)B8XK ztxST8p6Aw#xk7-`1c?AoEILeq<46r+BW0nemn>P0XJ#%`KK(Ys`!iE(+K}(%siJD@ zWCHP%1id7(@D1#cTtVCf22S?r)1}9i?(HP_yaeB?r+6Ce=^K^vD7G=>Y%tCDoaSWv zq_30f7p-e{bJv)8_4dAim7r@99WHII!Ia|bkXSTdzcK}w5}95~wMBWiZ)JGz$afcl zC@BfjZZ;+`>ZO|L2+>TS7Hl_+NmT}JVhLjQo=<}p#7|`bb=75M$D_^b-=yN8h=w1< zYtLOc7QQ=x85z`1O7f2p&)e@SO$`B+9z zZQY>!!qgehzWgZ#{0#Y9lC6(~_mi;ZS(%_&d6h;!dSN}KUCZbB=}A;_~X|q>6{xj%9k-eMc#>GAEYGM#?q!`hELZUW@e0s7iEbv zX0vscc`p4*J{(hAB6Rx!dXDSU49ph&)_y);Ha^ZL8*~vU+UqSuJ_-;R6za z8B98lUjS#gkJ8unH+Ib#x&-vj%2&RcGusZl%PI(ldg1k4L=s)UB^xfdkfUGG6=QFaAPk^6qKcg*Cyfw7Ft~Fuqk2d z>>R5Y7C0J-rljW-Kaq|o<<+cCOy)i7e;TA@?7>r)@!4#Mjy|Kb`7nggCH_o3XRz&^ zLu7rlhChI*xVT*7nH#*Wu45)`x+m1Be`p>|&;R**L5q&*>ddr}y}mVZ2-DGZxXcn! zl&e2Wk&1&4HRt53)`ccq^b8H1NxJ9$zz?bg|B}N9QDU>AQ;0I(FMRd~cF&2jbcnySjHoe8SK!2{VItMD4qM99rHE+rhkS$4hvU!?p6hG{iix44uz5+as1 zWr2Ue#$y8fkxvD$aAy%)&?Wjmq0DeJQW#j;I2$>%Nv%2ZHy<6AxFmG}x#{Yv49{ii zd+Ji&1nKFG_%PF0{jiBOh>9)zx>l*PA3m}+j?{EE8gh{nJh#JDDP;~R{sA*|1m{Ud zhwgexnoS{kmyt0v$oJt&UEWy zzR_Sz1_Ov%C0Ta)8-EB~9yR!FzedM~u_?W$%aT`PBDge(=xp2$jPel8U0@-wrhOJ9 zi4Sr5R-A~Zlr9@M;ls-rWaQ2(mvi%-K3;7gZXy0zCelmt0FUSo&(IO2FJ{UjhHqvD zp;Tf53;l z-i*b_Sn=~>z}66*%L##* zsVx(*H|B4AR5?=dSgTM`V}N3~e(Q(kAJ($CfQ#HHl`e1a8?d@_nH0qR@UH*Xk61c!d+9?vE%|WLcZQ;aa^eII#=EDg?gad_d&Q?h z_TdI+!iF9eW*iiM?94_F6C$Y3B@$XF1MpxgU8ZDCM<0;qb zZ`Y$cv;pnFt;}L$Jn<)AD^4XDjWJ`EHDCJEn|R9mNik8%lxbSO}~1&QiiV

b}} z)$c~?BHa?RoqH3_t-)?PA&7yRI*~2LpPP=2;krop4A6kfpf_D>oYKScv;sHEZ)%j* zz5Wv)_XxZ;XCAZBwc@JJ#4SUremza!!-zfe$TYY;uMo$KA8>{t%aoh3JW`mrE*JkdhZz z0-%~3FEDF>;*KgK!>CWKy51K0s7)!x_RxdbuZwpoeKt!tW$%OqK~Yiy!8C!)``nEJ zc4Bz*fUqW2zk3EUzsoXhg~}lq?9c;vI&h<52ce~q=6<{0>88B~P1bXu z1JqItYQChzkLB6BKY0CgK-iQ{Z#C)dNT6x=ND695o?tge52m?$Cu-yJ_%#W~71_fW z^j_OaWSnC?$A;OLfQ`Z&EQMn22JuAfM<*)mHzFnnq&T5KUJ}SRf8(plK^<7i=EMy2 zGL1`kNzO6?KkgjRVmVM@EB%RxB6yb)R83DsHc%tBoGTaVU?ys=}6Z+-!> zZA2!eBXX|r_BMD=jO^zgfjep)sH?9xorZD*fHy({XP0Rn>S<&-3&c-|JfMaiN^ueU?bDwd+uT(;Dtt=a+bwUEES)RAgta;*^6L&dIbrLAq~=nWY7ImPF+%(K$6vRC5)!3?)pI{a@EL)P z5Xd%t3zlu~gr6zm;_;trY6jS$hWp4oNr4hS9%+T@0iN$i`6)lpM$x89WPcA%A9btp~Y_;&+UwfEZwiDc_bnvvnD9l^I z0g{aTLa3>hLS#`Hfhl*7jzKkvCVAjR>+BbB_W~fqC;e#|s2POa(rvcnuZqUFx`LD|y;YlYHa2bWt z8+i3>N}zD*3;Q~s7(xxB_D@_gV|TT^qA#U(u&_Ft))H#7>o|>*RCJZ zoS^#uVOu|0*-@d4={wUeq?tCMI#78U)dY_W<(s_To#tzkbWi7kTVgS&Fx<1PQC{P& zY&^FZIms-{g1LWlRZRUWr^EzjR*XOZYSSl}$ zaWkHZ;lW33onNx{GAD=%WgIC{z(Ds1M<4s$osrW7x(z zvSJW}+nZzAOJOhCMS3UyV`{7m&@|9*DQBJ_LWDFG?kU@)M+);PNw>dw?U`ECmBnqc z{cpd|Jpdho+IKY<4@l2-kdLcoUAOhRDM8ZgSJNBoF{^=e97Yj9y&@$q-`u*!NNnof zW5tvV3}-Sb?nOST=p4;ETDCI2>me6${gKg9BLCoG)`Akc7#1c4+_fHE33IaCwN3wq zw=E=E_uoE=0A%G#*PMi|2B?~6B3Gedqd4-)i^E0_n5={Ck0q#qqAm$JAnLQUZ&F%g z^HM4+B!>LR62D`|CtKpx)I!g$5PDQpYo~_Y-S5|AZ8ZZIYqa!K;t%9PL=CcDhDh)t z!UiIRCb)Lfa!5zw`JCU;zUXaGYoS1H(ik33es1-Os8C&@?Xyu^B?q4l$6Q;Z+N&j{ z**C5{|DtgBZZlA!KLCzPQ59;Y(NnfGsD9aj;uj9fZdO3~i&nkQ@qv(1| zeVhebn+@0_AcrL|_7RAw9I|Q}x2J=$Zf7YXY)#4256MgpPfJUkw%I;R5dP!;Oyzcs z&gxxy7Im-em-ou~+s)Gc)`d{q5Wn7fq+b(>~z|azsDpC^CARrB+l+uWFN(j;+U4uag zh|&$xAV`DssD!k1!$^16Q1f2segB{5dH1LNY3~o4FV4@I>so7_>s)J{aUAE`!$aO; znrJS4fq_=;&@H2N1{QpLop)ib%Pc&=5B-PLbE&PAjV;Y5_e^}_*~qM+JG!{rH|`$} zKI6qua{zu)cSv~_MzIpgXS!lHrXP1!+TYJ`!ip?6q?$c4(l|LJ{1^7!2b&QW`_;jz zuHv|M%1+n7-leiDpO#sJc32H&QPeCN(MDCA;y~Wc(tLZvjQ!QRWB~%NbH><) z=;Y=|b+QFpa1(LUwrnkt1giOtNkJ{WsT3sNLGc8{X2(@s82B>ySk5!{!b+D{5hW~K z{YS2X%M3tt;td-aEQ!1KzcRg-+7LMhDnXGrDkkRrk(TCt~%88I29U9dXx8*Q{&&rnOr91?cZ827v(Zt^Wdm*I`z# z0N|Kke*xg2IwxUH7NWz#)ZS?X%%1K(HbBjmV9tA<-A5{unpUKb&YIl!Fcxda&QLM9 zpwFbH%Co%H+;s9qL)tVPYo}8!(`xKs|E$YHQsx=7R7bVtGp(`J=p4IwQ*+Z(#iiR` z6+cGe$b!u@)HodM^1eLUD3BhG7mqLvt9h!U(-JX1v1KpXgVD~b)bWrmnM}A(oBhSI z<&l9A<$HQr`r@X{Pr;%$80KFGh|?h1FzyKi)*hMO^>rC_X3Vy}2CuIW<-@j>RH881 zBnO`nqt4eC1@j(7(-Xx`eG8HX;!6sxEvsdxg|_vWQ;*%##GO^iZ6d@xyomt`USQ+4 zE62ZSvL7ifF0H?Jrld^d-+dWcK#f#eFflw2-XP2$d^|XjrxP+`u))WHO~>XPj*pmO zGNr>?K__0n=kKoTB?3h~s1ENnBCdSz&>`#@TU9^DxKI&UPK1h%l$spPT_WBlI%HF@ z{8le*miPh>Ow5kuPy_T>ClN}ScTl~4n#}Nh6AxMg9A)s>Y*Gpf~*tU%y|# zkY7r2tcjs_Ou8n~AWBFlHV?7UO&YghHg9+a2K$+sfgOHCm1;o1?^Ni_he3#BS1{Je zXH6?08fZYa?-}^A!7Z0{jhkedZGcDUgMqm@bC&F#-w+;kl+n?$bQgth9~V$@ATaBF zhdb;Wws<%S@q+*xUVfA8lkRkI0|dTv*{%%nBms{4hDoIT1CC8BG-VeI#v~K1@Oi_| z5@}~8*#V^M0yQ9tQ@WsMyw=>u206j<2%O~+y+ASp+u)7JfHoFI@)q%jyMrDBE^l7t zG(;!ROe{A#Wd2MHBY>mLeid12RG59%E+z~Yr$`Pp&xEw>CUU99X30gyd=7dSZZ!AYTe<7nAV>4X7~pHc^!>f-3?eiP;Afx#_6Ohbzx!#58gcUWckJL1FD})S zxAr-%&zSorLUS$b(BCx@CqV%GdukAHBH{^obd6}qKyvF2)14Z}+ccyBdDgk5jV*Um zTum<4?WhSfipopv!A|W!|NdMzbHMkrl6CF9;XGcg4@{R^nn2325WI7IWb;H2ZA&J9i{&kF;*Z+)^S-<+jTLzn1{OF&R=Lup^S=j<^A@BcTT$ z?RTFg-ao3)0Kbl;xI))609yTuhb_wO*UvovK$!g>nP>`YRt!kpU7K9b;uNHg&`$KH zCLl3fJ*j*fP!u6=UP+faH1br|_9wMv@*f6Q&8ZTwDPVnH>yQLwKM8SS(%HqZEU&n z@<$wZ-+5RbI`i_h|lbCf*5evV7*)8KCzx?-;1D>0AdSZC)5C2)|HysoE% zlmlcBU5A?bftrlP|uygXgBR}ois<&rEb4&V0_U~{=w(pSO z$D7G4bD7^@3>Cb22Wv#=pd-vVI51CHFn08px(QiE^ts~~8sG-DQ(V5*n_ZQioR4qV1x>?v-ZfV|Et>F#h~$#k zii4R*r>|F7_Xkk;?Q=&-^xR&uV2+ks^m$&(^{yZVt$Lu6BRlqZ^lsY)Lp+eZc%MQ_ z9)7K=V|agJG(}@?9~mGdg%ki$g(5k;@A~V6-hk7N{B%V?dW(;^+f_4IdDKG$d$?BF zKVZz7xm^TRf6ROcFOHtaEL;bQE4T6#wd}JyKAXI03X|B zZh`z+Zv5SuZSn_RDUS&X-66VJI2Yz`GS|NRftQx5w7n9`9co;RXt)Eq1$B-I`O1x_ zH+#4N5)s6_OrB6er7&>C{oowxA1H60U7`RsogJP8(JlM}M4+Hlp3y`3vP0^8$*gsL za9&oaLY|Gw%yIx1kNrfN1iAOydcYoq&y<-ywRQW@9G}yx9v*+p4MinfCb%pII8I+2 zEj9X-5Nu7?qc^7wFzXgTG31?fqbLrgjgz&fR0Fg$SMn1pu`b~4bwY`4@@2Ap?xn3nFig`Q)*GBUqfgHq>gc*naVpDVn9nvD!Pc$F|VB@U?}z86|?F z_!W`^_=KZaF>0I70#}kB03o3`%U-){v5C>uB^w8^Mn;Q1Qe{~!)4Yy;`_qj&>HMCD zGaj>3rvslTO;fMSQ)xd|6-9rdM1a?q4_{7$<-~oQZYQf8eOLSf;Shx2xmnUn0qum~ z4!fZM6e@)>adr`~aG=e!qI@+gTxB)Q@Micv^4?EG>(xiT%3!2Oy0RF|1{&j{j ze=DmvxM69?7#Kv!*2pA^uAX%&ny9tA(x8%Snop0;eEM|19$(a$O!vOSrhU>quFme3 zY8o$)^dwkY{7Vc;C@)$lEoALC<$OQ>re+#D?cB2XJFCj2H|mQ^og1ep{9rAdMuBw| zD}|wN)<(UxtlozOcM4lR4Jpj8ope+mKK9epO0~Com*uxq+`Cfo;6T+_q(X|p_~!bfopD%aj~jlKP-eZ!>#=HWvEgG&wE#mHYGl)~IpFZdtrCCC z=BB|>OcsTJWzu|$V;5^|WGFs0lxcK%)H9ZXn^p2f%kW~#_fG*mY;kY&cD(Mi6xJ1K z;b6^m>B?a>CyOp6Z%uV~ViF-!4X!_CP*cpe>;$VR(;6M0gg&`< z!#M2cgH$gnt=oh0){ivc)IlklB9$7YzP@(TZ1=uW?xl0v+}P>z&xq3!+myX6@Y^MT z?-M>^(2!gYipq-`j?;=W+M8j+%6=Kd`TXYHI4{13_+H(%vYh+Bt3(O1Pioyhu1?wQ z>*-P#5306M-b{O;r((l#ho@}>mRVI?X4r1nB_UKs@x?Kt#idljaQwlNF+MAVkKX^e zO&H_gi4H)kbTv>D2w=RhwYj}zxs2(PaNVw-Ji3d(u}waqwck^ILY!_WmuZsoGqY1r z!#Z9xr^SmPSWz)$Nr`;nmWB`1#Xm@-|HULnDj9cD<)|9SE?-Xic^%+bdb@FHMsT#- z3TxVW+CmYb&hkTLjY5AuY}ns_W#kV!9-I~?L2i%!==<$UFZcn`_lfw3^mMDw58vhA zdK~?t8?^a#NlYTsH=T((02B=f_yJ);8griw#;*b8WT+9H>g?)*C`GRdG%L)~FW~ix zGh=x^1={nQFa^Kxw20d8Um4V{C8a6HPvK!LCbwzIiU$h%aYJwZ!bUoO3FU&|b<)uf zKk&zSQ5@aT0%tXKRu;kK-S1K??68pe>F%I+R?4NHn@W=vLUep96aM@SoeV%5nTU@p zbPu#>3m6bAc&i1fjpNIV-Q+LVfp)ULVB71`Q*K3o=Tf4NM?fh{#Lx1)-g|uo_Ya>3 zvaUTn6d`2C;`Vmna7y|9J1Nq8F@{K>L3oJ(Jz`KPe`As(g1xa%K9vVhbycyzM+Q~9 zr;2xZWe)I9{`A_<-nmc>t1Wn0^asS$lEn7pPCUdQ|L9tlNp_W{M7j)6 z6zqtHtaOe7Xx0A0lNF~t>WC3jCZi4Nh26RAQ=n)U3l&%R()P;Y$4-rWNkDouhkKbS%@HMajEq(l0 z^J9}%W%w<>#UAKRJ;1r(aORh%BJEDw%&u(F{gZSavDk1*Te7g`a1t$NvuwO56*!foz)Kw1OvmSKT@00!DraV`q%rOP~VU zN&cB7VTYybh-7yN4fDOjly&CCm&6eDuCec5iS|dGDZm1NdPWbtb@D<+XmxhA@y6AA zb-+SwLeKD!2v)#*|KzcGTEWDrL)_b&lc_N(fWMN})Aic%qh|&bD}$N&w0T=! z%NrVDxn6+B5hW#) zgXL59noCkPCi?DK9#lY8U>o^^E)i%i)Rf}&pfcNciWt2)fcKk$_G))D(<%0mvK}__ z{;2H#WSbn^op{nYShaQ1Ik`af?oah=ILvV)pVBL8rK>Od1kFZu@b z4^8xnzTv#wTkR^0+!P<*hZr#?6%!P!RmF+!g%Ys^11UM##W$zGT?Ygb2&k=ysy+R- zUww_|S{1d|gDH@eBmLN@;KM}nQENBUG}$&&41Rmqj_`#X=v0-c(5z(^keZ|{-3SOM zn^8yZhK;po`q%v&Re861$Nq}wXx}fk*}^J!LadN`012w%G^GM2agL_2K}w9@%?Pp^ zApmk0_7AITbhIWF7dp{&>83sR3-OSGcB$V1f4p5f7%1gRcoLVsl<@r-E4-}jNnDcJ z8Q%|K{~TucN8>Y&RL`hQv4?`9mSB#_kepC9P+&0dryfWrrdUf#-P3qOuc`GR<{&l} zo83Hd)BPtgBGzvDUV66KowF&svr-=Yywnx*-j6Akghsi)(HmDxjXy#>9in=sD5Bg8 zYSzC*zN+=vDOa%K$c*r4>e3h68>%7wrzO@}lcLyg?)%?2U%Dv&R*zk}SYEPdKqe#* zF^n(n{) zw;o0-O;b?PEgbgRLc6Q&2zjI~mz!dEi-hD*q~xB6+pCN8pHf7M%tpGlAAiQ|Ps4*GuM)k#UM-xLuxKk$mz0xx~wct{6d@BG&*L6rq~fJoEdeX8%=;k_`llOYGZ7Xm$IkjBNo zHS-+D^c|LG>>@@_6GDZw&`W|g;(GY9KFp!Go18uyqT#YlN#S!HaN8qQ%M;E_@fr#S z{o$(`0U&R%ZJK_|VRn!bHS7bjSExx!Yh5zOP+J{Gt)VJpw#)VEjXwIRjrefuy7iVO zl6A5{vd@!}WPrl0zaplc^>tfMwqF8LHa9`K_96TbQ+!BX`(uSJA#JByxe&2oqGh{& z6w^@mB_KfIV5MMEl7k$P^$*P_($>VV*?)N*B$%Hct&5MA1ne^Gf-d9^9_Za&tx=bV z#dGPYrVFfnzybpxWN`mVIF3|48VjIR{d3ZQ&g=hyS`z=KYFPYlwhK;iyRo}B1uySKLpj<iP$=SFVP5_w!|PU(8FNinAnzg`P9vWax!4pZnb6?h@R#Sfe7o^OtI2 zR>J_-IKWiQ5PmquI@dVBae5E2-eOw2oD>}tuArc8JU=r_=R+tBX4^Gf)Rbeh%({{y zqA9HJl0%&eDg++0q^52gv7Sag()^N){QVEVWP=sBw;ZsWLvMMBk*~0$@Z?e0V`D0s zqD#1Z9FJ($P_M)%ii)H>WqXXiW#XNAuT*EN6u@OgVe0_;d!>|5Dtc8N1&SF!S|&DrfM+@6=8i+V5ROY>Ep4v3bmP8^q{5}&Z*Dk zCgC+Hrdf_b2>r!!6v{sCqqO|X@faQ@Ae&PchVpuQf`B)#tT{dUM{m7A#CP6hr7NZ& zo+|yaX9b3|N98QLyI&p{&J+aBfH|AR*jDPhGN!v#%JdM`H~=I(+F?O@2HwgUdpLRR z^8G^q+QUa`a!od4=H|khH+4@oNz5!zXKI$1IeH8qSRh_gx7RQ6uC>#ab7s48XazQk z-mHTaq&a0K7RbcA4*h=i50_$r3_-p4t66Q+;*%R;cN!T|O{s19y1wx_ZvTE_Rlums zDN7I#V*_Pa{00)a>Q;7J-MJ}te*IU>8^o_gh8+_m3)a##Ic_rOjr zLWw%`y48~JDxoTLhw$Tdaz-p=itAq9x9JENz}Em%zX5F2_!%08x~v#)u6_AsidXCc z#%sOnUm}Eag2L#}V-|7VavQ}2Li$QhbiY@-3V|=uHTbSz#`j6d=qy!lOgsZ0d=aAN z=jgSaC$6shAi2t#>ND*N|GB+26k#qJOg>(g7jPnLsg3)>S3R~4N8Pt)MpH7V-BlJq z?;ZSWkedla_*>TQmjv`sA!f(Kj!zfW2INMM4oeYN--F5xrcqDU={F=cAHGlgJry(K zwF6$;0DgtycBe)tbgA8boFu-%i1@Sejeo2|)gMxLZEDcBy#D7`4Lm?eHk(4P%r^mgoNg`)GTgOzfekmFcwy^k2I?l zNb5OQ0vTmR0-{ZElX4F?~-QSky-?T{Q(qPAE zh5**m<1*Dv$N%*NIf9{hopAJIzya!H)}pN>rPg8Ov2P7Cwa8vZJ^>AdG2E*pjWWQa zuHJWmQ}D@I2l8`{OK7VuS%DM4O}q|T5>i)Tc`&&yrt*5?JD*$*@Fr`1FS*nDBLzZT zP)xxpvtO#}{!JlAQ>F=dqy81rvoV3@rt&8eu8Ln)N+d*mas*nXhUKydhGmyqM|X!K z#-qt4Cq_OGHRa@Xc8~nabwMxRDAQ>3J*d>bqK4d6>VsuiHO(vcgwK$YU6tjzW6Sb9 zv)HD8V51E^TLznFTeEp8&+s=;S+c5XotbNY(uvk?k8u+a;@o^)HRmewZ*+9?q8uD) z=~b;cD9lug_oDhVMxPx>e#+Wxlc~xMTrl4#ZwI#sg^k;K!VsC_&jaUCB1^3SecC zb9%j}uoj!4vMM%vtGF1G-Y6UxS=exl8IMQcoxoJ_SkGK8l z;W<7Gh;x13n{*BkBZi1MDOru&TE?xny{f83aV-02g^l~?P1 zH;inAglu@bL%K4oe7s;!u`t!mWL6U9dtKJEQ%cr+RBhZ9Uf03Dwz^&`g;9qLw@5<3 zWHbVRejuHr0O*2S&x|U03W1e=D+rA_aQbV^1+8DOkH%)n)bfWp3gW$o=qlXHU)Fk} zrs3VQCm9#zt?_C1w3Ln&7~u!Hyh6G5_R(P%`OitE>mu)s?r`1f^URcxw6hDSizMEC z9jN#6>1e&idu!CTd<@mcd&$K6sv%$IWq*RUNpcIDlDB;Gr5-j|=wX+=()WA9A_(Y2jo zOTG{dYU`3!@bWCl#&Q0zlr`jp&5r5|S|9{|-f z*U0K-l6jq8DpzVJNE3m3Q}G}1Qv!`2JSO9pcGSn7Kt5zG$j)T|Tw-J9gwp9h`eMf% z?!XY1Miwc$J==WmgWgE0)?CbUpb_;6PzHr_LP&lF>9|CgorlwP#LWtk*OjsD-p_Y^ z$)F$1<1$N7O0=|DbaC`SwlSA$wab`M%;hX*9lh-Twu%4%Ie-_Cv4KgEjB)EEK2_5~4wU%t644UiB`H-_M#?%UmAT zkh`DKZxuXuj@*3(H0+)4H=~C+OU{oxn$I@Df7gWjq%rRd)IjYkhF;A*HRAOUr{rKe zRwe~PEQy_Wv|1N9IrnwGivwAT=C4xUPHc633^Dz5o*|JO_2Y+g0#L-9PHWGG3z0Ib zY{}Dn3HjyvGeI^XzFE8)5d1~vRcxaDprEM>Zwc!*b_R8XK$*wM5FLA0_*sw9W&J zeHVwRRa10XMV#l}>X>-#Vnl8r_GjMLZ(^~$m@q>Hr-siQV+T}SdsSqIJ z9x37tDF`CM_bLxFBtSOG4kkcea_;D1o6`0yZ0>7dGZ+QM3_N5qL15O?ItY6wADVZz z+RL8#c;7#?=w~YZ&K9&DjE~gb3ypoPLvGTpAT2B9aLvb8imZp^33q%j9|YxkG_JII zVW#}45hyC;T|a*U zKygECsZF-mZ5ei1W*xOwf zw_FxVk#e8)QpH{4X(Oq@7<{Yl%%f?}Mq5Zf++DYWm@utB2UxKs^mX9{l7Z4py@Na> zvyV+zQ)RkDrRi(t(;296g8l8)r#T!4LSz_ku#5F-7`NgJc zwqjk+5)1iA% zHy(UCt+O1R#bN)ywh^pDdkZ+fBriEFZYeM<#n1cmJmh; zc37NSG?uw_*vj<;R@qnhh?Iek?r?`ji)0vIjE$^OvtxCcbcLIb{25jFzw-&!S!GQN z5K00XPJKP~mm6<$uLI$+!M+yHGi2@RXj@2uvYT)GXW#uwK_>TDl8p`HFaq+ZG^S(A zasqf-1_Cld!pYKBW$W)$TM6^do zBRS@E?N+VH5i){p-P%au_;TKE)7e*KPyn8HwPi5?9WAcS5v)M7AJ3mza)(%Fr1>x_ zJp5!>!vjlk-#5HhhcEJNlj?+^AFCFavZXzyurZ}X6jx4t)lTY&e_c+9@FN5-=mS!( z&SP-M+X=1TQA?S%Z7c2A)8=#umOZB3_QNzKvd|g)aXhBsrtNY^R+9D%~AoL zYiMVo{gcZeZ{T={zLnWo?%d7C+Gtr@C}&O3=t&|l^fS=k=cn+a8bY{NF@FTyF#{`* z4}v%OKS#g2?CKwN_L*JIdtkphnJ(mXJBZO3XoE6tNT_bidSk@7^#N6VVR1X zkE^}Y16GNY(`N-J*9lLwfw$!t^uIBk-9>tFP+wRK6j$h9n%c-FjR0<9E2Qsy<13 z^T(T35?aJ~@bcYGdgB)o&p43fy}L$^Fi?=VsUxWM;RKtZ_<2>DwvNu|tV^dzcL^cmlK1-OwYBhP)AbSd z%MV_O^fF=SjlEY%y0Hw2FyRLW)-vY+z`#)kh9>(JfOB^JG`&jiCsYxU8aAGUa5e@h zh)B|SdI?Ea%?AO!XI#t`-^(4tQ}{0VG$P3StGOekh-qJv7TXnr21(5eu=dGQ`1*0< z1A_&P{>y7;bemFDA&nRFCo`XYwskxETp(jj)nNI;l8@FiO=M@sw|ap6BgZ9PrBRaG zE-u?oytYQRFjB{}gqX2hnhg$Te7JPeI43pGwX_q<2)a&89G5wwF*2N%nU{$IshwEh z#4%YX0u49xft{Y`*cl-%aa)s*Dj(3Qqrs71@T^6&)iX5z_rRu>5pW`H8{tixM0&}12a&k&yk+>myZj{3}DJRDR#ycvs-t{ z?jwbS1Y-#S$?ppIs)b~Our~n3$8GI2Gl_`t8pmZSc2cDpr__X2HU71?26rDzKz|v8 zFPcO7TCKhi_(%l1ixVQ5I=cty`Hx-><38u5ALD7J0^5s9J)%NLJuQuH3}?{qBgu=h z8xKfObbq%#uhh1&0A=vOME0-wfkjO_qu6x@Fa6GfGy*p+($&UCH#oDooCUM`mPT+) zYeHoJsE`@VlNI>fmiXgTXCT4F3X;%jfUk{x{9)Q`T!|QLD@4_Y1Ue<>Hs=;**PpJa zm&t+x^r&#BYGZv}IKSO~X_{V3jJ!2e8hH%t1R)-Z)oDI?n2Zj2HF2A8k}A-Ml^DWz z^Pmm`8ROr$i>oP2iPb4f(ZhP%MHxvLm=$$Dp=QYKtFwTtnsCz+LE$ zxye#-@**5_VI~1s&CD1a_ZaNt>tz@21M{Sa+M(oTJjkz_ogCowiAwF32u=n`|B!Ra z&BALmwWS=s^;hxnd=(~a6p+5amiScWkP#yCcwCywv2E{LU@x?^B+cKLmkMX>Sb^T2 zBJXJL6SjFly~tQ?%F|RF(qP~qlkQxO0Qo@bCx$P5dYc&t)K`imOc%=_VG^|gD%rrj z7BRsL2kz_EpVBXppQ(US3TxYOKF1BMmZwBKJ9y+Cn8NKTdvqK*Cg+MyK_q$I6S8;I zq;Zeb2F(J{eLWbUHU8{z9pRfv>BFq|GA2FoVP*bdAhF0DY!r75?k>2Qb9!<ehr`-nl3n3$)>?eYzE@gziiw~<%K=c#m}EcgC+(&n1T=tq`@Gn@&K;lGPxD~ z!fW`*rp?9^!=|F$h9G)5;7C$gaQ2bZ3vGzf);eS1c})|eJ8^y`G4s=~uep%tNrQl! zRH5UjVN$L*0bK9?ZNXWc508dZZAwLr{!W2nCU(XR_e=`21rdrmF3`Ru-frf1|V9opYM~wjDh>-^}Ha)?8u~*J{%OIW{ zbfCcwQQ;vbTUdZoWs`O7ebK1edMz~E?$0w|(M=VQ1XFWvZF`xdgAS@@y=6@d9>Z`w z2Ec(l9awo$JTc&C>g{D)9=L=6z}|uop!?1Qzz#)!lXRr??jT#b_vvb0+W9JZB->>H zc!0y;z!VNN<6iGsW7>cTB`@tNxYN{SSy2?X-P=Z}~1sV*@>c$x?{+WisIO@iB-teIl-!^{ST z9s3`3fzD2s+ICm*{>*``oFw-K769o7_8SYLej{(YkN2|Y`sG{b`6O@3-aSZ0)3>Z( znX53v0}p3Q=|x?Y2UnnlO0X>SBpi6!_WNu%_zq57D9#>eoazY^!b9(WAipK zLb%j$Ok`H#?E{EDF=%pIfJ~43q(E%w$)&_)w#>N|&W^>xBjio7uWz+);(mUi4=$v~ zBF#XSH$+sW=70EM-~wh&5a(O zzc}u!xX5)AP+FHRPM>jG@4ndhda(4}etKVNQivXz=aW>YIH?NU$H zm=(Y+i1$s8UsZCY0{!2$u45Mo>n=|3O)Q1*vR4-mskJq1mdy1cOM%6affBP_Fqwh(YuTd1>$vfmdbThOmSm2q^LWa zdvNb~NK=IiqN^f$4fl|MzIaA#(UdzjTVV+sU?%xzR42#Fp?Na9m>2RtfwcEDFr@9_ zymhl@bJ)mRY|}OVj*Ih7nmJcUE~%F8{<{y;4EI*pVUx8A z(o;~Q@iv_@P}6(bbbE5%P?m#Ip%O-5vgMl}=fjE9ZNYz?>Nt1*I~I8d zteM@QQ?2Ej0E9%O=jl;V&}NeGV>S7k5J5f=k~mZ>7?OP?2R=xE8vrXEM8xlO)BV(^ z<~sNxPTNY#_4Gh5_{SiX#c#)SDZfIM$koT+o29=o0%{mFb|6yP{ys$FcA5@&UK>}K zJdRue569u_5x2O!BC5{nhC?A|<}wB_J_zX@=qPAbWao+MBbGxL0hiiuI7+=$WdEw) z92vq@WxH~4wmufFsY&|@JtS^b6ug|Al=Se_>BrmLTn}`zs|usVZ|dYEo~rgi@30lH z?8_s_NqP?+qBkD8A~*OF%&`CQ)e;pLNfbUt59eDKDA!}QJ82aFm?EWxA*f=(%iln#^Z z<4><#yk085*%foO{5ApR0Mfm0S|0YOh5b95Sq&iSp^iqPuH`)u1f}Nv@Vs5rxoP#F z{`TI%)^#^h)L=7(9}tPzTTOTkc$xM|a4GDI;~}{^Z3Jf>!R!eN#t2A_Pxn<|Q$zV+ z8NTsluTAx?6%SFPts6xY4S2qv5M&kkg9zxbZnJ%M0ZAq{(BT9(z=%Dl)8#|HvuPET zykaQn9NTh|YN~x5jrC--cVzw`kbb$y8*p?oFMVeD2%yb_tTo(9TamhCeFAh=a8+F< zhdL0`{kK>EGd~Q$(nsabA8j)hIup}FeVgtnyVd@zl3>IQcn#Df8z?RGhXlM5imlX- z{CDhwR1my|i(d4gW3v_QH26Vjsv12awK7f^GOP{6hb#T&nH{W6yJ~$~cWtCNvHld1p zO#f<9K!l|0q3LF(eF^Sym}Gbsx&)H7M0 zO?aIt_@)L7)jgFLebTeT1qz8UQDJH`a01ml%-m3Z$gSO5-i*Ox1yx7fYSW?p5)2 zeZ0I}rnoE@;oN=$)n&G#^NLoYcnIT5BDHn#sI3@q2M`2zfZRjqPIOq&J^!_CmKOlm zOuDqsnmyIHS3}dUmiN4A&B?76RPKEZey1r_i&CJhr&a~>dP|-BYe*4<5X#jB|Rs%g1*$bwwL#rIIBxfmM2Gk0~$$J>R> zT!5j8%E?-sA-D%I@jCEgpR+U5n0wmj*|;oUiDROr=Ip?`OMWqn&bs3AB5`IHaNS-5 z*KMUSpj*_aO|oO%dp5!=)X36neEr%UbrR1{4vZWRHrvaKqL4!z;gslz-O;r9Ps#X* zaFjqv~V zv(YRU4mjb1rW_Ik+utvyLewPl(AZX|lf3^v=;(R&3Jl$PoXH7v!MgAyvT!ib6)HhM zg6-MPkfX5B4J;f-vVmU>K&kYJO7G4XJq1E(n?~?mH75P1!h5TxKmrlp0RP>mZy*w9 zL%fFGO?X$vB>9yX^?_b}s!4KwaNAwxeOKlqMlvGbS-NBI@?+A`sLq;bxk4Fhfy23a z^_4RPsU$WxDWXQM=khvlw=)qkCzo&;rqXer=+`P}jP2Y=2MGJoLjXrb@!L4Xh~l7L z#RONVEIaf&ezkr%RAI4=^RVlz0HI<%z`N`0O0#PGlMC6Nl_~aT^`0fR0Av=Os zHYJ~6ql%A}9Z<3U4xrvH@1BK+7u6U>-GL_CLcadgSrB#87`i}<0o!|W&>1PV76hf+ zDUK1Q1I?PH${U9(=A%lN7TblDNCQPGFcTCwks|iv^fA*apKcI#03h@)gA0^Qs2cFF zp+^U>sdHL2s-@bQrq*4M#%$FRZY<=a3*G^WRQFB941+Xq|zF=4ADGAE;u&mFHMKS0J@N zKF**%1jT<6p3uRj1I&SSgQl7maj4oo?%x6K&DRc&rp?tK@4Y}+@$M7@s<+O1nl83P zrE-wgMa$P?fpA2RFORdCGbfOHwyA^3*?c2t|;SW^U+X& z>FaauJo#O~*uM})xD_8M)k?iR7~rBf)UGy_73qEE&~s2j+19+f%H~4(2Yw!Cebj z|M^c9Kz`bS8X>IEs@VAZXJFCBL=X%2yD*Yt&t|#RnE!fM1-Lx$rU`iW3~)So^rU?B z_uBjKOuI??Uu7De50+}nYQjM8{OV?b3@&?8ga&3W;Kw{>y#zBGoXL)SoLQSZo31f* zCt2~5#;Z1vpw*U9C`1PjP`|o&0j>w0e4_?GE>)_(0PUX;S-ygrO}Cb^=su4AfSJyp z@z;}I+0mVFP@_8sY#=Ag>IcnfZ`U+NgK1IesRPtx+3;Z~oJU1B9;~(|E)1V*5zA z=OaRORWo!3PyA3mmxf#s`OxN!NtYQbFSD4L=+UnlVwQ+UxDoB18Y46$;;R69c)S6!BhAj;RWdd z<=-9kE-~)xfCkRCy#)?@9QQrZeP&a>#gGw9PfUl&Z7WDPb0LLr{->;szJR<5^!W;& zGla&5h(%XL(}3Kw5&9oJdky&N900m~4L98I7_5ADdHT)Ljd;B`ISc9~On6UmGVu`` z7uydc6(ZBN|G)CSGAyd^ZFkMk(x8MOgMffYhlsR*pdg{rE#1-}H3$MqT7ZCnw4z9d zAPmx7(hU+ycMZ(hqxk#3b)8S=y594iGoSV~Gkfh7&)RD}_j5n@V(rwzaP z@OgTB*C|YB>=Bfxc-o|SUeFeXL6n$?P4%Q(wYRbxQ<6{0dKpBs06f8$Pb9n@&R%5q-q_w`Je|LpY2IwzbVaqyip_`N@iT*P7@ejJhBwM1%m%6N zby@IzYaf6R7c9)osho>9b!A{BV8XZW(R$3i!zqD}{x)Y3>rf7U9UoRnfy%p+O9 z8QWDzD-)<iCVZXUuU$_3A|TlMVL+2cP|TQTwQ)U!{8FePsQ6zXnIdv-&?e z+VtwW+s#}_v`}iXb>0AOTqEpY{(Hd7mW~B$V!26*N`eTc*9u4CyQ)Okm$~X>%K0?I zcj@Eu_pPe%wX3PLH+|)=B-AM2QRdd3Bt0tJ+xaf(_AYSMX=_Wd#?-Yv?R{*z@a{YP zP17W?1Sofaty25r+0Sj4RhOpevwHkKJ>mr~lCGXXj)C>8HGl1^cm|UN1%~(U7J!k&o!GzuMvd>ynZF zB}f6nwz71-7AU!lK)z?y^P0+yjwo8B>F|Bsa-`H!wUZs!ejx+1riYYE zZWrkp-o?|rn$mn0SxyPh4{0ps6$Q8MFyKw~^rQ#1orrzH46as57j{kUQ9Gvx!=PDa z1-tg2k=EFI-hEk5H3Bd9WwoeoeCp%cF1G30&VfI4+It^5NN{D@dx>1_t(GZtF5o}l zs>9EYC!=2$5+A%M+Zp=Bx&#l(S}`R!=!+Q9-kqobv)A_J7>Au zB8OO=x7jIHMyrz*rd|7~A38vr_sWcOD|=-?`$Cd;aTiy5{WD!5pGa}G#B=5;wL@M$ zWMGj5+A_!_LcOSR7Iw{gKzmEj&!!Wu9(%`c$0c^aB~MuYs^%UmJ3+)*#7dM1{?vlI zi^{v6>aT)|jARAdo`?)*3;nRD!qjqQgO7J;7uH_hYRbzv@8Q;Nk3uwE+1w17T{KZ3 z?McpmfHN-C&{L-ciy^Y^;A*v%xbdoi?Lmozh&ywQ(XD$?PwS)t-_3|zk=zaoJWrpr zqPvX9lQkNlX2i+YYzJBA1;%ISc61l0ZJv0%RugH|dxlT-=3Puw!=W8+sw?F2LCKu0 z@{n4*aTba5zr&Ap)KoK_(V5-xiVqRza32uK(CkQDn_~`-l8(D%DOI&Pu?kT?%z+Bf zx~Ezv`}Lb*Zkei>j`AgRtrir1vN`bi^`1QhEO(_nHoEui85CM_^gDT`sM8q(mIJb0 zoKN<)WTr-*dv)Aw`jtDpkbI}|bEjfSRm-~>?q@S$VJPbR ztM*>pUTTt{R#4~jm*WH9)vZHLWNC7u3y|lBSeS0`IixaiD-w~4b&^-!BZ1}UcBbck z9nyTWNpyRu#gqia)!Mn*f@j9rA0`!1J2o?l8k8e}`CgOo@~2kN&fs;nc_B;?x&TwoNW49il2 z>kHH(_(f!yRH4}V@`5H#Wg~Ns!dS$7m?I9m<`p-;p0WP9#vWlIoB+W#s@niS2`Im# z6L%o=vHmUy^*$%X3BFb;dwt%myMg0X-d50Qr{9r2{`LM)bkyP@a}N`R9EhS@BkQyE zPuzjkG7s+?0wd4N=oDZFOkqo+RvtNODGS8LYM`O;K1GQK3m~U@Ye?@k$9 z*6wBfQUvTvg8T86CyG@jWxfU;OUL%=-k*CrEP!hgz2PW1w>bBvSfYt-Xv~4k-;UXM zeMZm2Ja2cBCj^8wL@YNHvbt)FOLfATN0`W-WR26Vb28ookDjhyNQNfTG8~os;O$P@ z@y5<;U3n2RpU-0t&LOGH)bRl`l*|5m2sQuk(rOtFKhleXLVgj3RFUbcCw%v7$FBg{14&$0Y=)Jj6<=3GXQ^gH+ zP+bm%N_$;qec$tk#KV~@!MCDdziU3kGPm-tONV!*nYJR}mqS_?%s+GirPFmB5N6YhlduC^l!yet?1hZ2m zy=b(HP~>H>mpK08(Ii?}%ZHEuE+aKu-HKO9hv72Vec;n#)$6Su%?td3?g~Az))0cL zLwnkgKV!9c?reMox&=C>GAb{h6wWAbKK_mpp#G_g%p1O~{0L7nIDdHIW6Fn#0wby~ zR4;Ws6yxmRUF6LwXh_26JUZ02*wj1JaoRkf_4deVQ!XoL@h!bduJH>1ft7!S#cCbA4#_Vb5ab7@r)2xXr zMFDI^*2Vxpd>Wv0gH3HMnumI4fLB(!w#T9`Nw)Fzb5KpJj%r-ZG|xq2!S{6*?bqs; zlqu=tNPjL{+%C}mc-2a@!0?H+v7O#nGA-BJ5EOb&ypQ{AhSyU6N zy$-Y*2qBz%Aqh0g4+&*B{sv|tnt7DHY6dYa(tY4?af8v!CCR+TfCKrt=N_MGJq7X+ z;pL4qIy5wdXRtUu@%RsM7AH-k=IGmp<5zHH z)J9`lTIsc~x5%O7No>p78=mg~?8v&dG3vgq@z_Uj$={B>t3riic)pYMMi8$z% zY0`)`FX=ZjVC;Tq*eGD=9DbBOzzO$=yQy|Q!%hLS82!LPBTEdY`-Q@?JLB&3@(*|A zaF#JHcawFoHea#J8dNylPfzU~N-4NXbry)e_oPc5G|3|w<6S1=^@RXqNFoWl zeUJeof#WV67a3N#K%l^I(8y&`EpP7=0ip zCh%^H4oR_9gREY%yRe54xCx#z3;OYyxlB>Gx}+J(}SBBX$~omVDHs1 zgpiB3bblWKIZ;^l#b1Z&f66rkH?AX?VgI4pjT=X<9lNL&{&r~-+0!bi!cj9d5VJ@EUkJhgnjoYo;w4CuK@$M4 z7z++&!1Nau4A2JNFQ#U&Yj*D{r+c9{A$c4Wk z6r>f}h4nNDA(RVJ6-xeZeL!&;@Lls+NrAFoAv_pcuQ&U+Cb}aLUx{%Bs1+C-h*m3d zZ(BMVlzYl0h}83OpSM;P)44+Rc~W__+@$B}l#Neye)#h}9N@-s+7^g7`lauK;oyH3Ck3-1sz%&miO;_^h+w42KMqLQADY^TDO`C1HXg>1z|CR~m9nlWeF zk6!ngV|`Y_57YVRU=_fWlEY&u>SO5<9_KGf+|WTKd0uaLkpPi_XFwNs&&( z%{Gm-aECN!%OXa+<^m#_0zdiG8l}Dg`4%f9w{ob_uK#NEhlorc^ofb_S4rmR?=)e9 zUq=iZ-_*|M!zzKWYF7ylj?Sx#zxJaJ+QZ4PR>b>{70Kk_p>Ba#O-attV2i2y zYUa&0+Ann8(%|<(j-8~`gUm8!dJ`p`LBPtc@k;=M@SQm5)DALumF7oQ=F2JRHbs4D zKZ=YZs-OnF{M#VA^HcT*mcg^asKDB?AYq5+zM{3x=S>Qyu_2z7qvB zZ2$3go%ELdkJ?Xu?Yu))ef*U-RsFT7WX$J>W(7asU;{oK1-NL3e&@Ce%Lm_hL&nKL z_s`Q8RDBV{6z)nVWgGf(Lqch{#JMxgTXH_T8&Z#9nI{(Ks5?|~YBa$Ip}XxbD{9|7 zA^T7FvjSxfTfK9W!&Zvx_c@unD34C)NV!mVbGf+WcZUdOAD0l@zWUbN=hT&H*&bA&soxvpflcA3@&f z-~>X~|MOnKGElAmk1Qh3CsQc3NrR!{B$^8Yp;dGqk-n`Z&qU{jSzVcZN z0Qt?K-Q3u#TjV+ve-_z@x;?9U&Cz?^_z=aGuI+AVs0e^my|9rU?2^rz2lXcC z^NtC(_vkk0#d8X9K}?Fg0bvKZbxzH`tfDvxp5U-VXl1)ayrxkt{HY{5F6)kY0F7Op zn_uA7(M@$%J^eIJcN??(<=7XwJoeaP1wBVQ#Ah>HnUIcpVwsPKVCPRA@a_=ARctQ$@165C zVwpy_A`x-JHhw&l7?B=dhZ`kVKU?fs%c=ZI_@ceW35&5Pdo_<|BL6GF@@_p3*t(ne z^A{3&JCgp{{X?f3xfZj`ny~pmwDs_kG}G8HMo8Z@BZ?BaZ*2q;I2<7z8$z%+c3M-2 z@28Q-JW24O*jp7IBPcoht1yDZ$J2FqYDNr)hVB@CnK<_B+FXx~O^?z_XIh$@pJ@-F z^QBMLOqB-3+KBu2B}_hNhGilKPZA`3K!Kb&X23NyAM}o4{u+1Y$Q%K9Xb1pW!C6Sp*f;mJ;%Z9Lb#9A< zAIj;EQ`75MxW3qzo&7Y}vtvP#b&li9%TWJZpcCG=W6R?d-zbGe> zGq-A3>|DxSeLK->A%A5n&U)DlPal{MGYC8EHY)hITHNXra>=FTzWr&y1qU6Kc(YR} zMT5t;o)^5E+3#WzNw-z~a1l@!KdqzDqKk{QPRz|BkG6*8XBHTnAugFUNk`Jf)CQGT z*}T4*&2pSFZ=HC9htWsmlUL)n?_&`pya1#Ipeyx>q>!k0G-J~oa z*ht44aWi5qg~UMB^xD?~97;Hyzi4%6i_)>VSw*oQ64E@iBBTb&&i#6gGrisSR7H6$ zen2^0Ii=mf?B*T%GR;~% z`w>YYzi$gt_t{g^1}#~Q6?=T(>k=Qq@{7hPv$jXXyL*G!;yP!@`~dvA5d zxv15k$mDTYC=H}xf2V51i;JCC1<3DP$iDSMf3Hp3OBqHo@q&Sw4<%eZeZ0wqBP8W@ z-siPijLi>P&Yw1{k*?bNM)v-ldxF9O`WKyi9$w7w9;wf3WZ1oRo1iTZ*T&?g7&VEZ zQW>^Y=BKUd!8Hji)mbn#msbLoAD=Hi8hkp^m`nfh41=wSWq)tPa2?IFhe9feFCe*AOfyp}$1tY>blrpH@R4HeO6DIMYO zdm}mnYj5as!zpY87|a$Qrqq)t+kKH+1MXegX%U-Cd%#EajjCZ?f}=%bNz zqGDbSJb%b5u8qaranUg`vX8i(op4x3!=f|xlZ76&HVr01x7$g9w@!I=eyu2jI#=_8$3 zQj6xp@yrVlb$=m}NO@OLf>=4Lnp>(q($? zcpCldlq5s5Mpq{9Ows1HPhFnN8KCX1q6^_5h`|w%Sgd;)WnKs zqG(<0=bjT;xeptrl6rynYn#N(dVHqx*<*ng5`9+^7#(-ifc1d7$X#W>m~#{Ehrt(E zb`?_am>bf=qMe0^R}*~V==t7MHqVrWn|f(BQpaf%Y3CDyO1}VSn|Qibt8<_z&_5^$ zT4;)hP>i#el@U{MNl-3oqd(7Guq&l*FVW~Gw8HFaKdrmCuw}ZBEz=8>aP<=;je&eXd})h8#Al`4`Qg^kt?nY7#15-ZUERgPOv`IOD%Uid z^BW$QokiZMO8ok9WI!kXW-iU~ew~nu0%JHYctDhT;<-Vgmz*2w=Q`W2ZK9Wm zxTH4S?bqxxrn3*kOln$LXv0ekPHHVx&XQ6>Vgh^%BzZ0U#d*_k6P`|X@RNSTa+mwE zt1y#S9WH8LcBpUYGnBq}-XX1g%d(A4aktyR^s4Ftod0g;{%HKgLfkchw`F%eC>YJ(P&xMQwg%v5K<;LLart?RUc57j5UPk zek6wB&0CKI!-}%)`X$1&1wO}IuAe#~8ma$Pdvmy5Caa5yzgFi_7Z=FX9KmV839-7b zZR0u+OoS}CmIxN>1dGQWc>Lr&DS_6HEdo6ri2eQ4IF;!bgM{h2y`gUzHTCf#XDRWk&^f> z^j52VFuNn3HS4XRetT%%LTlFJ?*;|=4XVmB*X1L68G)KBnmTbZh9n;D|FeWCWl9Jm?!!ul;?C`iiFJNc8`!32bZave( z)xxaGfnw^0e|Tl=tF`W8Qd8_O@`A%K+ueez9W=`8AwDjha3OogH)UeC((8nsp*Fk^gLV>i19T)dpqH+1(COR94J*@>%v} z;dq4NPv3a|)-YKIoy?Hei0jq{MUrVB5_>0A)EkyFeW$-!f1S2DzL&(uec@sP2mTX> zia{0UIpRc&4$m#>+exAiOzX3i$;WGay9xcpC}MM#b`=ckTwyWyPi+T+xt(K}lCt9n zKP>yu`+U3xWpAGDEt$b8Edj8;^k?dj;G&LaAh9JZIUE8xos~gvNSBS2Mx}t2S7p=_ zyM=%MBSiJ)T3F37B_N<{&*J*yc;LsIT=NW>*p(~XBZ{!=g zLY5)1_d-{|39Ie}^%?*Zf3!iME9e9-tN;h}fz&av`X12de`ErDya)+p z9zQ(dgYbTk-)n(T0*lyQ`G2E-Ao!aAVRXVr?tD;3etmfmN=-*%hx-O2e7z^sQ4y^q zh0ehVz=JHV9EMc~y9k&fFzo;m>%dMK2JBzk@TPFe%)SaO;z8g17P-^o1PlJ_x&1*IPuLm=r);|r;4EZI8r?C=$C^udfH*~%W9O9Z)M$M3&CC&*hBGN z#dOvHBIucH$uz{MNKfCA@JOd|XEVi+_8;&+CRwZw*o_D05+{p^W#SMX6^<@VAss(X z?X_45Fn!5WKAY#0lP+iFf=!8q#!HU{c*+xFlEkk|c(LRBvE4Lp*#7RGSp$aGusV7g z*@2}TLVry-hg@jP1np z=i{qLOXQz_L7E(+9i=p-LlK8rdxGq&t11rpd0eZk43yXVpIi5=uwf2miv zhi4-S+uv{HNHI9LcJbn*s^SS1R5>LH0bFKZ{3(Y?NHV1c<6#9;`cQ#fqt%wqu_4!@ zt(jECD}4zJ4(_AR?MolAO;_T3{@}X^4PiaC99Sj=ljsv3mR;X91_*8OP5}4|wz4h+ zWy;T2SU{X~+_W(#DutTn@Y00?WvGSB8}hVB28ZcmyGj1XU7c$X!-@A+q4>IHKld`9 zH>T&UxMEFB@OzmZ%@uWPA3{`0&H7QC-)@|m)WKAG6Z(YjGaK)|>-E3p!3#<+gUK)B zIo_(zz6ha2Uz)MVa1mqPzpG=(0`Gh7mA!&eN7_;jYW9XhH;+S81aYio8BlXI{)Y`_ z#=eJT9*g{o&BiyN9(&611^D(;jX8a(4a1Nte8PDC-0UxHy0vGz5wM}U^z?1`XdQr< zfl}*77^dro#A|r_`?EvOk6-dd)|B!|{~o1$N=;DhK(yjX=lmnYBo{^gxpH>N(^sS& zyf6_%>W;Go3j>(aFHF@@pL9tbY&9WHW<@Y&2yB&r z&QmTBTi}n8i`&2`P6~FROj+|#7&(_mt^mZxG8Xs^Og>=pL_=*}1 zr5Q?&ECM3W7fJ5~u)m(3jl*r^VGzK#s}N`H zT5azixlWt90$upT`nmp&SWq!AwI>wngLd`OO#)448s{M)Dj|eeT3A4TdV@ z?$$tos{l*K^-VMKTc%+6Ny3FX)9)W7pP2Tt*83R4}n{jLWy z>D|r(_H-=qhHk=EC2qUj7r^n7)=TZ`A1P;1PsE$5Qx~=}#q_BKtzl;N0+=p!#qDa~ zq+OATVl<(|Je%aJJj)yKa{+EbLWkzmQ9q!-JlY0Qjd zlz?NA`ND>=7!GF?BaBlw?OYl25#g|JzMsyI%&Wv8w=p7QxAh(&`DQ!K(wFtK)3j zrnQD-h2560a{Hf4HHGbK#x&mpYxMh3$)R0mb#{jrvTzMH0uBm%cLLgZW`tO!Up|el zc|}SRaMFvgXf*lTb|@8X6#n20YOm6FWyx0<G!RUL75ehk?KCAK^nlA>2fg8iA*}aHJgDkpzZt( z1cR6q^=)SbVO(F^Qa)d9JpyK^e`B^G57Y@#b@|fGB+r#K!w-!bOtnb86N6^Ax`5mW7n+#w{1v zelFp00Iha)F`86-N&atFLO4mbdt}OI{cm-iaz^?0RLIemi^0#!!tAege%xYnScDH{ zkjB>=F?B!V5HobF1O_K}$w4$S-aOt$XeJ(g${p@16X$JMq!CIbT;$ zbf>#3a(|Z`dEC83I>Jx*@MQ#=+&Wxb33zo(=4@@Lf+CzLM6|*RY`@atXKKyHYvjp% zfC@Kk-S}o~v`(P5`7L94h9d%Ky+N{NUQ&i_wH|X)uB@HN=2u`8XX^JH^X&;!(RWb} z@%YVqq$kdb99SkA;nbC1wq1? zhWVN;#C{VEjDjO=74PAt@8&2M-}=!53lYp`%k)~}6LMp5XWcI-JHgce<^e(^WCJq2 z)PCYqPVPh;L!+3tp%Lo=b$7HBti3aKxEyrO48`M@JDJ~Xf>Jcmv*8b6`L?U%(jUMZi9pVqT9K zb$F3_VkDz+6(`|)VFz+o_3Q=0HR&N!__{G>$Eruh=?tm~(Kt2}>UmybcUTeOSE^D< zjqZTnSm|oUTLIf|FvLBM>+ht?!@5I_*E9I`>&h4(W83h8$`G7fy1kE?_w;C8uUTd= zE;8JYiw)5w?}Kt|JssmZ2#CcWTsC2dl|>dD{17@2-FZ&3g;*c<=ibG*zbSaNZuJfy z6OHNQ^FI(>hPGnhZO|e-f9(q={yHf=W{s@U-*EfI_h~L37se?n9y5RaHuqaV$Dn4j zg#&>oPo^Ipiu9jq^MFY*#828Mqpyr{^Mih`_vJEwJl1>da;mww8{m@n*)h zqDo;4PGP5?3T-mqsBB@bW5sA77pjK}s;qjk1MG`IobVFH4N4b zYA+sca9}|0Huaeq`nxFPItE|EMbaaizI|HwovJztMQ4M(u-yh0z5ZLhO(>mgDIOmh zQq!1#LDzz9a1Lq;5B%XpNK1zh^#p)!7C;LH{KEmnXa4&G$$Lg;a_{zh$cqNxmV&B$ J-VKw-{|mx)hOGbq literal 59298 zcma&NbzGHCw>La{Z@Nob=~6(tl}!l<3Wz8m9RkvgAh4D0ZV72YNGpLe!rs65`R~0RRY^(-YyXFs;?=e7p^1gvy`zQY zH66RC{I9J-E_o@nJ<5m@wl^6?ZDWI|wVlJ0@ul_Jp4rz46`1-7-np$&XEI6Fl8_4Re@$imd0ZCbO` zKU;f8$7cbbJF*)Ge)WwluWWSnjJ_~?_bxcKpsYSVqeRakW(xJU2HEp-VCw4X`uOCG z#3+`qig>`f1U=RN!+qaR$mCb8AC&}66VexsvaXG%>=@Cf< z;HmGy=HX)d!qCT_E(EgKs=7|M;pHO;1nX+uQ5y?JX`YuB)pX9vPXPo&EXi7i!_p^78W9 z+S=yU=E1>1US8hm>1k6_vsOrfO-f~0@@MbR^u+86gQzdPEcVfiy7U?`=@*F>pf%I!Yf8gLXdtU zVdBPpI@SOz87a%lJokWXjABA$Whg+omsr8&)HBF=Q=YcT9SFD=OM)Ic00Q9P-xuHj z{Rsoj^M6?&xnYK&ng3k@`hP9vpEe;VQ7AwF#+v~S0Z{al5kS#{n-LW3FMHNYXY9V$ zdmJGR%{rXz3`^g4ux4Ig*!j3=ro-wGuM(38n7LHq3z=X#eh~K({+7VfIqg*(6RMY! zlpBq<+t+{G`=)V?zuJ&Ak-7ApOLd%g|9&8K*>K#OK5oinhT`T#BxpQWSN{z~Ldy}v za|&VA-Rgj2LBfbS(D*7W9*61iP=#uTQ&*O3@L@UG-D3YjpH_^l{1?wmF{v=W)#&ND z9ugAL(Ta+s{M3B4K9cxD(f5~WK!nqV?*mNK;_EhK{;|k6MiV|_N(&W-d&v#A2<%KD zXyK=sxbUvgifd-D{*oJvWNZ1)@j-S**1yl@cRbm2nl9vtQ%bYj4GH@iKJ}A3d%!Z{ z=$pK2h)RT{<%upHGLliG`8G^>r9N0cp_~&kZ8Z~l!bQ?+v?KTr@M36r@nbP6H=BAu z5;;?E%=U#i?17faHr){pvRZBIFoJeICg;+}_H7&S>b?-`AT)aT(7R|O+rvfK>q3|c zVK*`mBAiA_+*Abk2wM5By&+;QVvSE2C>52!mCD8~#oIv&eQ9o3S&^e#!yz+-P81`F zxID{IY~;Ls{NjZLy$lha@nBU46S33u2kJl%TQ-V`I(bWki7=)P#6+(y>>b%l=tcaO|KF@JUwT zdj9KdHpEMt2by)(G$!!=h}|}&ABMmnyzu+}kYa#BWfPpl1A?)JQ7B4Ys;M9A5rMkc zUQPP#h|gXf9Z(ND8youG@CfD%2D)MlzK)L7H#Rl|;I8yTFD8b;cta_#&mVa+KFN>W z_jOp#hN0acc>`*scWdnV>Mcz2$Ka!}vD4+`1rw4b`^+pMdgE@uOOvd}qptL~6tXyr z$l9nlsFd?cK5#lmdmZ4#6_MAJOJE>sWzxsXGB8zt(W{NtJb4@U7*p>~6vtCPW%1LIMWt<6O7)9) zwc1{`D3`EH2-6*^)b9vAbxqDNE>1FqID|9$;Bqx>Y`6f86D`2j;<^M|Q6IpRdG6B3 z0F{dBiM|#llQhk$Jt2HzH@kL%_lonS8}`Tr@lC({ybIJBJ>PTM+`9D`&>NF(Nxv;w zD#E!>f>778?3=w3cdQ~d2w--0Dy#i$(oAB`Mt*5rvHtu~_N(@oIP#IPC$L(!qBD-G zYDI&hs(=w@uttv>7JAT~nYZPs%5h|?l$%;PWwY&s8k*kQf8?Yz_p(^0e<`x-9giy( zBA?4F$xXCq9^&3XgkZX6qryQn>tC9CJ3O=Hsd}TZU8|T$@+28xWij z=>DMIBW+=5*63B0$=udhRfK0K)7S!3U6fV&4`$YjB&m!&)_h@wd{CRYO4)gFbQ`Go z#Uqp+gW(7@+V#%{ZC{3Vv_-jQ%hERD+$YwTwE-^%3G7wbxLNNm1#IPBOV?ER2@%}K zzyL`1b$emGecMNBxU?L>LjpGNG7>8HGngY&G1K^KdvLuOW;+pF0GqVF6GET!%CeG) z4n07*frDoCfq;e?F0xx4LIRV0o{O1PJ^g0mn~{~}s2$Lj=7LE4wcDjF;N*Zg*Ju%?b)~-;#y^_*xweK?-OcEsJ!GPr4Vl6gRAy@z9J4wkDN<_X# zY~t~5?b|9NKAO+FMC+bG`XJUtZKeURmIyZ`-BCz(JqR>=GN^Yk#;zA{E$r2(hYxth zL(XUV(v5a+A3FUI3rcQ2VM0~`A$RC*xCj>OH~y?9hgn4%{$^?}j0MxwG)#17QGzoZ z2txBYAtyv>exn)}j-%=+FU^fR<4YdwQ{C(^ByvwMftq~|Ujz4>KTabzb^y;8T1c?a zs=Qa+S`*!hpYFJPiWdwCRu!q?A_^)h_+|ST z<3p=-$QwsBAkq&CyS^k@LlA=NHCYQm8Zg#nmJ=4v4!@I$XVCIn6#6H;z$F%&GvglQ z1d`T?aA@#wr26^;9UY;3MpqQ@YB7R+D9ODCWD>0YPk?743$WHzs12&+`aN@=b6^#d zqN|Xq**|uVbsnm_H}&H#DOd=cXtu(XW=q<8sEK!H2+xZjLcM40rdQqR(vEd(=!1=9 zxmFuiS`DLfgY>_-6X&K4%?hq3%Ee?fN%8NLu+z@ex!(zei%InPKK#(eUhrnGuVsP5 zM&~iu`mlig4iBu8NXlqX3vo0@oE*eL2wEHP2=Ku{@Eb(ASPB{9@Uq@N8UJ=lIWBzL z3BxE#$(bCVjf!ZGbS;4fb& zKX9+j3L%$`F*vTN-QZ7vWe})DZ)04I12mF!UvG;ZPlOPDpKXEz+Mys&jaj>_E0s-; zNZhbJQUq@dQX^F%!74q}cA8L<&toBm`8RQt3ULE)t%MB1m=VRec~T}vcdCK|Z+Zfn zS{QRr^lTa0YD8EZEz-#o|CzJUz_MOaz#oGjFQV=nR)CL`3mBXxTF*~kzc~w$bG8W;F5g&BE=p(UjPRci-fx4RfSlJ0%+k6}11xIO_;n z`3U0l!JR^m!$g4mC}sn`%vGucTi+uColF{l%K&ee?5s32EkR)8Q*=ytdF?3qXW(8KcKZ(=Oc5cHn(oAVH!6GY zj$gloIEbPHMN(<^f1o=d+I=jMfL)HyNbE?b-PX~W!~w8}IB+CmFpwHLI+j|^ezpHG zs{_#h&d2yjIi^2EL8YOs#-zMD?}2)sZ~0CDLI6QtlD(GCUHEHUv;AWsUXnMHdx6W?uhVT?_?TiZAlumyN}dXMhJrdA$wQtr=5b ztOk3aXfB~UqxfmTAtBnIeZ%+`9+)p3OhwR)|hw>SAm2a||ZGrLiRQu8gW9)OFqVMyGgPm~PfVR9Ao#uThzn}L^ zil1w!>gZUWEKWHolYKn6{&G0SJTKV#D|;yq=1k&Ax9!o_BhNZYFg_3>Xwp-`!Ox>OgB%4*0I+7!{*M zHyl1JsJLEbqCpr}iQb_EhaHT&*d`nef6-j%^nn|+iQ7Ch!~p>_!N(|u8)s`pFNvak z=^eZ4wx(p-O5b_x-&EEH+8}sW`h$|twa%5j+d2?5VFX#Lxs9?<`|m0}hlIxT;~|!a z>f~i&SB)oM)tKnibK^fUo0V+sybq9Ii4UZ0ZC>uKf4b*J1Ykx0O``^Y4`2a6fPjGi zg9JsBVQ4ZEpgH+&I0&y{0YL&ZEA_H01M54fS?(SZW#VI(!Uk+pOO*t z4F7BGf78Z)6PRTyXK;hh=*?ME$|!Q(`O@)4U(ju|g7E6Lo@X?OB#*yd4_0qbK3x2% z*)>C7)}uoNnteBB2Gq!{=B^zv;25zbr{1Vs+>mU~Z64;^miX8?b_q4{*Zko>MPbS;$eik*;xDe?&(TKinWBTIbNR}RDRdolAr9v79=cl1-3V*V5kq^b2bv?;9Mm9YS)X>WySq^c zBXNaBzjV=x&LCsq1({bO)MqPGwtz2IX1UU0N54fzfVKg%}Mp~^(a~Jb!@g_@45#Lax%YjiM3k( z?)#R!q6#&7bN56G3+b*oTbXe!8E|SpIVGM8cqQY-ejLWLDxcB9Q0~>J;~Xf8LDXe( zLUj8%{bqm!XBmhW^k-WWD75>bxkk2{g9AR>fRBwOe!kaqW1vR6m-oeSdU64)^57UX zXfDERzHbcKTw?5lqmK42n)lM8213p@f<4Qna{=axGs z9diViBi%6G2e%&!^?7h&2+|c7kL-HBS%BQXXUJwCeHn?V`5qA=D?!3ER;B4Odm7OM zA7(Ky$gyK4q0V8a#u-l;%f9@b_BN&P4bA|{TkAoJhh)84%fq3}!uqyZc39sr0FL@>;&<>~(MAd||$YBNPg7UI(V8E}G;Fz_Eo}PRHVAdK#r%)27ZYzKu`K z=8iNmkn-k)eYhX}r){!7?K^J87CiWe|E^bQX3A3=Gxp?bEkQBShPy|c@|i?hodulA zu`Y>_9XOArqy!*%sa504g5HX;dGHw|L*KC;n-ZO4{9uZWK*r-B>iArGh9@|f4komj zJxG6KCzDrJT*M?TF?*hWqO;2V`A0TTmM0MZ7|2ie3+pp_Ba#O%5y=&m4nfH)avnd3 z^+%u1+{2XpCf2?ZSXw|+Z{nGkrBW08OM`J^&}c?uV)-?bnI-n?xPEin056cuj}ym~ z@%6Ya_Osz2wC=d-4MMU@$jD}qXYF;{AAM3MsAZM|sW+cdVP(2jTVy0##dx z($H8|WeaLBW>@sqclufy1G)b~>(rvlg!okdg1VTBu|I)_~8@gpR)4A098kljrv(>DRbi1lxGtPfgF!<#B z%oWX(B%9Bvf6mMZZNdel9#HAHX7v&vqWHhG4OMpIrS@$=kp{CGN#M*O#tg6f6clQ_ z`QyFr(`I8vDK{KoV#(-@ccJDT^AHt53aZ(>%owI!D+TF@bb!U9STlg*S7eN&pHwu2 zXsd7kozwMIca@&u4_xXi+WPKxJf~K)H7kw>Mut3PAr2b9mm~<{M#gW+dCFmc7dEVN zPaVg@wONFd^zvYzV2@!64;ke~Ki!jGo10;Hx*B`^giDK&#m5RgU)Kq+AXwJsg}-_?*ARPijO9chOJ%i%0sh z(j?rHUwMy_55PRG>D~O_V5f!u(G$QTrT?mK;iAtf6f=5iLB>ttxz=qHs&Ie|3^L2< zV%`6P6hArs`?u|x5B6&HMg^pzyW?{t*W*|hksG~DJg;qfuXA8omnmoJeF%=V%7A-* z$HQr3RXI~@$dOS+ThYUMoZi-32<&ev(^^`*A5}qHd%!jANf*v{C5ZuJ48(nD&NQX6 z4+RvXq%{Lo!Ay8%adb;(i(;;V4q=(*Jt6V=MoaR6sq7fPf#oBH0D`Y(e%eo9XGtiw zMh8q4SXQWPda`M8RL&_TdlwC-!Jk)VFQpHBbM2tKbOrMS&&Y2_4H-?unAc&$j3kZ&z45smIrmh>!lVm0AyIN)2v_ov};Ey=rUB%?ox z#Ih;AcIh6Chup!lFMp~W+Z#!MP#nuF{9cc*h=nvNem$R*IV`3Q&;+{Jq;RG!5k%xW8IA_~jG-@h|2fLg{B_55ipM8NX2BgV)IR3)qMmNE^a zhSfa7lxf>ufpzLV>eygDyj%f;#PW@ga%%%Z$6nXo;AKkcWbo7Ra7xEw| zlZ+{k#yzd$Y$&5l=>i*J^*9?jCoM zYWuv^14=%g{vskS#P~Y%oq|3|0X$E_g0md#t-%w`pmIXF?-OBO;n`j7f=tS>1c)Qw zS#=e{X}ShiZ7_Xl;BJrlDYx5nQi2@R@wDqgv1sKZ7BcJ=2N}3O&}n|4E*Sor z$aowFVWteee zV;&;IrmUt~k${ERuN0Q|h5cx5e0xTQ`xU<@4-y@)Ao3)RzGVFwIJswa({p;=&VU;N zfAw0JfU%)tNUIi;@t8qt{C7$caFRkXhvq8)J#Iqa_9PR?E8aJ=s!Mfr1?y%Ncw$tga+k9^Qpde z6c5#NL;K$(rEl5J(;x)3#NiXpQ z9e;ODaC0W>rN0H-+UFxs%=nP<(7VpE=dvB-A^8LFr>0l81i1Gg5AhPl`n7!;Z}ib;SwtM(_vsSNZ7i{zWwV?7mh zSyu**S5WxxYnB~q%9wVn0OjGV#8H657Lyg-9vYP2sZEAm!?(5y+Zb*XzYCJ#Y7CxX z5R#zEjPF*tN|&_~#lvwA2}Z;kGO>}Y0isHq&a`2}nC*k?^ue0$8W_mJ4^?j`vI2C% zHCJ%cT1+Mec40=ePbgA%&cf}WzrD$}AvQk0Zo84A$iCy#g)SF^T=yD-CBf z?G@8?f9_Lft%OC43mE8Wh<_H+Ic5~Ow}X=dALsqc0u#`%XhEy-_2irS#wf6C3;t@E zf%+9quPZMEqZ9|yPk0-dk?WfJnXxE z-{9p`uO^WCuI1WIRY(Z zRlj_Jfz+l{Vvj`zCsnyZ)4jcwvof*PBY)i=!xsCoZw^CHy^k5$V#EI0Qt3&ezBS}) z{rlA3n?zmkBU9=ivQ`+3o3r1stw#8|D#(0kp%o9WC)p};g}7cg-K0MtfD^>xhowLHQqR9ExCV)|ED3nvB z@glrT6H?A>aN8>fL@F?xBkJT}2>bUTg8((IP5}SHtHc!7oRmeBd?p2cv|RC_l-fUs zxj`I8YV>wsB2L#@N!+@<259Piz%Oh5;f)?UO9?@A9Czt*D!9ZGScWkQJ%mO$ zi+Q+3L3_Oimx#P5b~?u`0^($gRKah#iXjw@8q}ezrd$=2^RGjrLwE4mZzA|Pg)i#b z0Z>(2Z2*?Vu}A%T)F z<<4xzVJjk%34sx2lawzd_4}%g?S8Y^O|;_N)?L3`XxW!cR9QCk1{Y4@K`{H{BC7;66_t?0_Lel?}&VKl_Zktv)&xQ08`W6S1J zKOY=j%`WV=$L#IkqsJftA|O+%WpDi4{zb88{|5q4d^hVeN7G0D;+PfmdRqmuvH1?= zs8CPND}Ta<&fBrz=a=`)r^`;<9{5@|(lW!4Z+eJl7Bw;y8HfyE449USiqxGBD#w%NIC$;xQBk#eX7`bw}_pG=z zKE6Z{)_hW`U@`X7*C#As8MF+D4lj>@`TN|iL3Z52;=zkVkY6&m>3=b!-Eg)kf2(J4 ze0%e^7%m1Mhx`Dtw6HC>Xp@j)ho+b%9ot-EEKveL+YkX<>kV(k7=vq`Q=a}{5o?AMmP@b0;{Rdc*aA<(_H5dBBq$e|0ulW3gqWcxyDnrI$g3z!J~(n zEn)9`V(CAeA8zOsGYAr&DAR6-UEuUnyhL(g?jKG z6&KyW)>SoX8SE^oCPwm|u{7K^*`icwzBpUIpSMu@v-qY1{0&RZZ7~xeV*wzzmVfiw zGBQ$Bd$}aqDX;3A;g{#d2@6*SpP&6PzriveQF~?pU{p{9O`FGiVwqX2&k2vQ>#HZ{ z2L_BwYP{6%j&Pza9$iKRD)aK-uc#gLaS()6gT`2Xq!QWdjq$J4XYP#>MXCKN2>4-j zx^zuk(pQ~qsVO;*7lq*>6O zq5-;O+Gjzn&03X{gEvt1oS)iAHQZ-3jaBvFZ@Qxz#k`1tY{0Jj)+%QoEt6q3=$CS^ zGo`vn?Djh%Pu;;4_L&{BgR@ytw`tX2Nek$9h^h$`8&?a=DXt>xCU``3(}A`_{mVps z9Z{^6%F1pecON+^CV~?zd6!&WJU*N}Ux%S+p3PLbh$K!`P-n3bEGe=0wcsf4GevVm zuzeXY`P2XCQOB-JP~r)^c-)l1_BEck6J-Xl)nT-cVv($BpI$TOpYv)8NR=3T4mv$e}$lgSbR9p`Lwtc?csO;7S+5N5rk8 zmzN%@iua?<8Qx(^)WopN83z*5Ed6{EPD4o3c0wR7(jXi9j^4&09TR@YY{PcU&OSlPr5 z&RZuMi|luyZX&-~6xav&d?^8bGYtrVfF?cbk7i^R?{cX$Bn(bL__uauiqkDFaCIaZ zEq$G`H#2VEgjw!u3v9A88NwM|?DP~P>5-NDkZ8Zo>j9NNkki5@wVefDZRJQ^hkW8%hw=ZVh9Muo6kO`|S+j60u=Y zj5LlWyw?>s<Wgc29Pdwz3^bEdIH|=-MaJjli;ce_9JGOhVwme0!hx|AxtKy zVzm-XELS??S5;(8et?g#>1MUvhcon%{>!V%wQJAh-~kKs)ew@OMk$f>v((|?Iq5Y* z(JYI0xmMQhP@^Ay+_o~cUYl0$MaB-2uz@#qb~`mt#hQ=mr&I{EX~nuNZiDVKB8|y# zt2U2Fbm&F*x@3FKnN}vWl;M^;FE&ywjzM7@yJ3onAqpZBYh_d!^yfoo6#Y+;6BFW9 zPb}#@);VLdWHS>|!Kb%QOjt9y7qB3Fh;|ICrX#@qgt+EOY-zJe+Qy-AH*3#J_=*l_ zkiV8JhaE7F#K4Ju(YPNTY3n?Xthl}qpG;q- z1;`K#ko}ATJ2uCIl(f0pSgrr@t_KW|d6YzY+{^x*=P&G|R%%IPBCcngsbrXM9vz(rD4&M&= zp|Ok#78O~MyY`fj2HgFFcv80?mzks1^Mkw632p*puU&=q11a95DB|Mwg)O3H*&RZg z6mf~!NaT^p2WDn>;eQ+?Xk_91^78lv_QuY=c8izwWTZYuW~TTpKtX=X<7R*p_}xs+ z=&}A^S=YbMt^Sv^>;LD|KQ8(|q@%5IlQ^Kg_rHDmpGloNAGkV5Vz}*lIyAQwMF#%K z#dhZyF2<7;AdG+PDh|5Kny;SS-AcVM74R^m!BU_AhD*}dS19QtR&+Fc`Pl2c{c*J} z*VcBzU2_p~<@*-zt`d&K4gMBXW0Xy5j9b| zh#1xHtqolN_;T*|mtSt*$&6RS4;b3}xoccf`*K<9s(ZGvwkqL|FMR>+{gNN~zZHX+ z6pXT9lH5j5e=B4DGI4uilB?N7@yxDT#9Y3rjk;`Jw4C5onyj<6O2lC>y9by1d)Xxc zN|%xnH<5(Dsuout=ic`I4CyiLeN%AD=B@7do5_uk$p($_R8yM*P zKH+Ts8BjfG&80h5qn>JRrg3X-mca+dZBAxy_wMJWr4nezvgA67O6e%^1gJS`nxDn0 zP)#awZrC%ud2YD-T!2qe-lF4?ri$R%-LnggL7_J)R)=Z>9C%XUvqeEs1OP<6de(H9}v@&1zqF9~k=Q4H_+WO~sN)@QR{zPG6NqS8vlSC2Iv zRK1@Ca*FNNT5)YWBmv^h1@BHvt}s>4FC*l`wDVeVKj0vIH*a08mxB|n0hbGC)jc$& zZ{W}9R^K;XC%emr`fBBm8vbXW&FHBu(#$TCF%sxSpp4i*AEydUs;G^8DF?})F^7hf zidqyTsY|%e7W)fyPd+(Sh@GCJh;B{ajgkRz#+F?$1zdh)&m%hUf;)xhuP{?2)Ei5-D_6hB-E$nQid?|CC zsMO`o_sAwE*mYP&w1e~>74Jw7WYqexhX%4wyHa zn)TGG)s~qb85K!zj&J687{Or^*B1NA*H6;MM#HsTeYN9pULRmoE^@Q&d;?$Lrh9^X zC@VulZo`N9aXFuWh3q1C%~_Thfsug`GELN0J-P!+zXb(}Qlx~ss5Oh$&RmH_xmbdT z$!?7>e+7{$iHaYYbnXOpwW0NGxkef*3ujCpbhK;xKyv8>me|BwPgbRf+!6_OCQ!Rf zmkG&YtonrRO|j{O#>RW0P6r^EvGnTV7iQ1Fu`XfmK?@-Q6W(bmNxdmfyz*&xh6>`4 zjeB1tLKK{cLPQMJ#p^EKyyIcEiF45jbLBI$(V!WB72LJi>X8S!$V}s+jr-nk^x#qc z4JVN1ulq!5_p6@(+bS>=lC>RMQmz)m9%d5&9MYLO)?|h0@`F>T_hOC1g@caVeMI>O zs#<%}Z!{6ZvrrF9`o!ubJV(pl8eO6Xl1nDAmV!h64n2=R*GDDUV*v3Ar4J4S^59(z zLP5jMpM)Vjz430v`$5v6=?nc6s?UnV2nxNNN<-a^$v9>uf|&-LOoSW;GK9ThmRIjf zVfkh1uhX66S^g-*5hbwVMZIwh6EMjd8h=s;3Ps$$VCh!o^pz-^q*_9b@_J=VYPsYH zoO7-Cp;<8z-$^<2$-bT&0q!`v5aDiCb;;Lx0)o-wj*HZ6Fn7CY{*!qMz6Xm;Gt5vs zeOhB)@O#t-78vrAQqA$J3E1hrj|r#mX2oF!zb`LC=Z|J*HwRJML72!qOq7ZOjY5MT zp(20D6?*BD6wy>^jXsH`cRayIa4v2Rf0Rtf3p-W-AI*ML>Q{ns??=m}EDGC7S*fKe1yD23u%?M= zVk5UaHuAg=&jiVoV&6-OZc$%Evzvnli91;}AHC)NF@1**pU%loDR8o!1U16Mzd^2g z>D<>Q-2-Jzd?q}T@IF{#tF*3w&+tdyRrq{lc8Dbeh1B#O53pOtr*WP{$y|z)0*;iO zjRbVQxd21q4%*$_1;&eWznmdER5TIs?vs62W!n&?toIFwVpgSi`)V=B_&U}p*9@1@ z7b%b*@-sWd#Tz-?0+N~ZDR`f0J;(?w>Uk6>ez1C9S_W%ty4KV|&P{U;y&}}A2zt!h z%1H%YTR;4lu@M0?q!^^&Pts+N9zQPd8DDu$`3857kOt^*u8Q9-F$W6Uk)Ip)*+=gf>l z!VLWX7&HqDLWV~7dbs=Qy7Yh&**tR24(UHY)Qz314>Wp{Bojlpfe+y2N=@Siyr!97 zI9C=nYBtB{n88yK$7XHhkUFkGLr1453RMf2n*3oG6?_ zucZ~1bufnFPVB-TW8{}pa@Gu_QDVu(>-YsV(*9s*_yXGVMY_N1kqG){aP$DfYsKUb z&m7|+QqP45Z08T7ZQD%^R(d0(u|$O)TA+xSRJ}Wx8p^-zK#acrVZj2;?^pm9Th%|P z_gf(9u$82Z5`+#Vuzydt-GI6Cz(IMw!CQh*iW0*3(X20X<=(X*@?w9b?G@x%gk5%Z zuhsYzdIU_yblkpzp6s*$%a{rZR=lUsf{EFhFGO8#RNd3@#(WVO;b~`IkJP!qfq9pp z{4kYbc4pUI79+MdKOa8=tP&H6Q+~;5go}4BUqJ?+FUZFS_lh|t^(ef5u{C{S>d>me zD&YAkE1>6e9HM9vOu_)z|K-GeOeLN&cbWM}XqS#du&1du%anzVlU%Mc^p&{tXNI2xmt z*_JGtnqwarz2Xx%C>3O4G@FMZVg+Pvs|D2iur}IXzA-yFJK<`5POEf+u>8UezEmUZ zjSXb8-xD&xoHX^0s;OW`GO}uSUk62%d>+8$s{a~|5PHN036Cw3Nl#OI0_(o0+wDXJ zzQ9JUu04j$oE?(pYOZBj@U+I` z`r;GXee~{bo$zj2*dQWiAL{}P5)C2Sa?VN|S4+P)xe7P#G3$}k6> z)oxn7c<{NT>=QMJOLr8RGG}>RqyjZ6I~;7{mk$=F!-Y6Jn)yeUpqkfI&m(EPA;k~D zpcDQs#Hi*^4%)pgG&22Zj#hydJ6e(Phh?WZ7t*k^*4pdMPY?%&!k6|~sgS=hHM@q* zWiHb$fmNXPevTbHJsswm0Kuhvft^HubIIaqRi?;2eJJOWDEbuCBV9Thmt=|y7x~lq zp*sTO`3utpKi&QZo5YLTT4XxkkAzKi= z#da6gM51SC1<6`6^IsSpVMIHM#C<3XCSm0&zLK$N0dg05(p!cLvG+LcP z#Ab+Bo3fdklPICV=_x6C;Mqu)xu2kgj~EVOYj+6T4jPK4RUTPw?e8Q6#e#_iYA*zJ z|1OeXIAS8(S{XdCs~WGGcJVh=5G!Fhk#vno6s>s-uk8sqIWlm7v6l)D;?;K3b>`f} zWWF?yZc@OsVrPp!ex2Rx*W&&MlW3Wt%*vTXq@P0`GRu&>1VoNyUM~h*<|FoS$Y?>EE54Jq|xX$D;WqDX}Iu-RGs0ikx=$S`s z2cdxEp_Sx)5%;~*5A5i+-&M#lAcrL8Kbevru*cEdYs7xl9dpOdmL^y2d00fGDhWD; zIk|<{_I40iS))SSQoum$SiL&8^1eLno{5N4JEIu|0ueC+o~;@Yo7VU z8Rav)o!Ok<(0pyt7ukb@_klA!@e?!)hRcY7*N-4W+?5|1?#^%uMyQK;Jr%jNaXq8Y zeIC)ui@q_c%1(zc!-wlDUhYUVN5TP!=DoQ-iar2~zMTmm0D-tGCBgCjFZC05Bdy`-^>Cpf_gaMAwA_0t;F= zpumQMs-hGseKg07ZKo%`u084}Y+< zYj_D^2^;wp(-9(fSBG)ANG$dNWa{hZ6?>WfLdR&rMXH5_`JgVL3z7W0urGZf^g& zlDRUWrP@zfUw2FKs33{#xcx9+{9bA6VZVo)d}zR#_&wIP)I=QApU)?c?$7F^yHtWd;aFqi{$dBhRYFl0gveW% zM1sO=M21Evbw6uOdVET$A&DCWId?#?kIX~T-C|5y%GJ{G}boTSO z8T!``Ddrtuot(()%=x#(c?KWI=eo{P1rgGFc4|MS|4dEB>`4)~(3RZv4Q3>-ph+J@ zs|!J_7?Te0_)o7V6p5uKoBW3mOx8RVlPu0sK4v2Q_nVl=_Z~z>fy)l) zxO_irf(W5N(dJxo8`RW_#O#+g-;Z3Yw*HrXtANv3>FM)&!#$Xh9)0t8@MxR)8AP43 z4uHBl=@KNKEig?_Ch)IQ=$et9t|W0j%xjUO7*J ze7i+9Cv(crM|O`}VgO$ZmD&?qOt_u|gi&+>eEB4*g$2+*Id>oqKr`uh?Xgm>L@vC9 znC-4243)G6`rD`!HFFCgFSvB{ycvK5-^DsemY@aCN|sc?AG&|)q9A+(6nP~@wSExG zRvOX@wHb)I%kJvk!1fn0A4xm4EwC9QLp@$QN&%@e*&k3lzMGxU4@96b@5pZ}S zFF*<}N&gB%m_3rW2XA9o^QSG9?!&M*xy}R@KBv-0a{bu_<)5BU_v!Iz{J)-&Z4ZK< zG>1cUb?NWFAJ~1S8dAua=XFg5CmI;6!u5aCtNuQPPWO>9ZiRwx=yWEOo3K`2><);< zSdd#R#_JFuKwQ(3lJbL$#?7NLhi$O4q@p2~z5QdMD6$ywtlS*eW7ruR`CDEU{<$oy zSPYXC$A!x$-35A?m!G=zr9p2L6(~^QunQ}IJ~@koz^8iG zeYYQQKxzn?v%7Br_c^z9MUb1-8)jb{_jkf!A^6yEC)jj(>?a7XlN zjlS9D3mw%@#fXmW@W^+I);Weg7gp}uFWr3423F^<$s)vA_$E3+9eaB(IBV~b|JK** z^J%h)^tn2SoKLY9%AhSRolh@N2`GG_dr|2~DL)OV_4;kmf(^F?17>+-0u>+Yh9NsV z4nsTduvrQFdBbrz4Hh~r_ZlPsV=>z0cZmkm2dMDNwQ`? z1t0Y{SF&L60|jy-a~AF-^pQ1~8eyM6){K>JRLOxLc&;aURvc1Hbr;lJ&Ry3Zftm<% zeFXwK0tAco#FT3xgAY|^B4T&y-v7heTSryZb#KG#9J*UVy1S8(IFcfQAR#Rs(hX7v zkw#idIt7uI6gUbBNQVM~bcZ0_eB1kep7$N!_{R4e?;r1fXY9S!nRCrG*IaY2ea&m< z1~gNL9ZeD;S%|g@7=ZZJaOT|1#pxH1d7jY7K~nJaa%Sbnv`!uPU=b* zl5-+|pW)>DKi;}Yzc1%z7s!^bWm*u?WJB`L65x<8Zcfb;CL2;EKOjaZK{+`du0AZA z>Qf|5Yisdcm-zO^-LzH{FV44I>_LPVTNxlmQcr=flOxQ;g|b z!9;FBp^UorL6T8VakX-i5FH%}2&sGjHBO$Xgx0w9hOD%6U$teS&Xla!`~25$x(V@ncT@SI2v}iK)=)E?m4;cvoHF#jQsnk#>A6&H`escg4Yk;XTtKl zM;$u-)fSn?_jS!XDQ`sDVS9mgKO4dC2bu|9ru`xCN83{&NlY3l8jypckG0u=80FMN6__bkh8y&GnY{FOaC&)t7h$*ku2E! zj8}Q>_$0sm7oCJ#4%Q`A#U2fx-M?XRz227=j!|sxcwOElaqDjP*{L#F46B#%ctW8j z;sH8>>Iv;nr;^h<&Bo5438sloo^;Z(JjC)Y(HJAz2Bg#qp4#nEn*H1#RW^B9X2{xW z8R*M%uQvMh4t|F2PaQ)+Q8dw%0>PK=g%f~NFl^`PFs3z?vuM(I17p^3UL?t#K&prM zPgBilhD(0EyqD9)u@O-;*g1SKIvQH0Am=($|NBFZedW3!g=l-yBcG*%o8M_}u$jO` zbfN<8X=Kx;xV}^pj4_Gj02xuDsEw~E?Hoo ziH*eL9ZpHG>cB?wAEM7mrS%a2aghFrxA)FqFY6+!_y{ZY%SzkF-&Q3B72M@wdx}dB zwUo72?pI))v9E1x+4=Pb+{$NDqV8FL1FJ@Unfar8tCjX$59jz2rMeZI)r0gISMgYw zEG}}X=ot;SvTr!xO{q{?NFC=NG4i_zX{b*LDjJZnom5 zryo64!PvVJ;czrhw8CSEfC&l=rM>QB^%R&=$i!5SSZh|R30oiiqxH0w0#)9FTLob) z_Gztaqe}v_(~z2yvyxa+$J~j377(gONW3*t%#jC%w+E;}oXHb>7LStg#^Ee{ zA)|ZLyz(^oFUaa9UwS_Gl)kOBko~?QAulv8CeVOX$UhuY38aLq8|1iT{au~6L5x0Q z^GiB+LbRmYkfo3w0;+tDvxoPdvh}WD+enhW+-B;%Gt87mJZcxGD~1NV{xp;07+Q$A z36{z9CmLcp5V12YYlX8 zF68FDc7N+j2pj8eZZkRk`tBFG*U|N&ZWgoO<#UUkCS4AC5h@OMaGW`JauTXlL}R>W z#l!BVRkNG3ivzB|Ta^B^u{m1`gTG5}A-f9Z+W(nBDT*~lYO}tGI7)^T%%G?V_-F~x zkZB;Hd3L6-?6T(5vPw*rez*O4q1-9;_^Yq`i%xWEi3mAG zeYW0j_kN}FJ`O9Pe_q5OQM70&-$X7+r-h#2I;}OgexoJwl#hw3`-J23sqX}*A5>QvmY`G)(mQG-69$; zvc~hEb>q$dFv5<8YThDL=Bj;3ZxEtM$|DlUmt66EtPs;o^VkYo)(A+1bDX5g3nQ2D`D9MF3(rDO;{f|1 zI%vywzJ)k`QFTp@5+?z2IYGE)B$g32fcGaFlF2d2=&hU&7dfL;!Kizv6aAYTK6eT+ zsR@H*SH=8TPCh0_kFJ`Rg|Ale!CGbAFKLDN{#?9h{frHVjjZ<~AgiuNnXj8R8qFy# z>j57R&?C{!=)@vKL%rGa;7r9lK2!d8*CbX<*IoV+Wok{@oea}dNqxbc-<2<2-Cbky zGL&0&Wdk&Q=IUOpzQ-ia2js~Yk!jJfU!+x!6PU*eNernX7wB}XHI&EYf_f_7o0^gW z%=hkPXx&v;%&6AfRS(c8x0~~vBu_jhNM)VLPmUURjW>}-l|$m~=v;p!cln$%JdkJ;YhLN zCS(c)pj#J;`*w@IU5h{MHgE=~Ariu((u%|?%jUu$HAGt7Z92b7wP(bW`uC^{U6cys zML4TmygWhtOl2dUB7C6Y2_64Ejz=VmrxaFo*fAu>$Pkay<9=BJHpZU(x)B9_rhZCv zM9``X!8Nb*sg!Iy+WcDM^t6jyH*7DXW8z+yT0XijI~wAZMOEDOK^k+kggQ>~K%zfg zRL)2FV@+Php(rm?)K^Zdv3lA9io#F1_}z4B5^R5C4PnKoYwqO|Y(9PG5KtB8lyhdj zH(f!G;3jo11WhP;MADTW&_PN^{6q=QasIot>njljX5yxI!#U6p4h8qLiPnS+y|rQp zI`)hU;HUOYK~mtjf&oX95hK>fdP_8$6i5^zORd9`%a-D?kd_T&XnApa z(YpM!IEus5rK)#TY@jXdqIO&*R1er0Y(Fa!Gk@js`rl1f7Tnu9;CB^-Ub3mrNGI^v zBNpx($s4jTocG+KCT1viMswee0`mk(Zb@Ibaak!zdJ_YlhRFa=&mab{uM~U8k04Bl z={Z#$tVgmXc|P8RcBNyE4zyBWj1Qzd9QX4D`^b!-_4MD^rXjj~2IpCP~fYF|iT!l0(o;LertEWFf zn$R-G(qvtPl}E}s>+hUqwN?@uKQBvNSwDcy8>@9YIz8c)lZ=^^dJYr56+a(q8G#U~ zOf)u$AYbEz($zdsT<{|#?2c+B?R|-rH!JS{?58*h9}9;f-b&vBGpWQT=|l2{1p^f? zw|^T_y-m)-`XMf_Wv`-aw;BZ|cVPp{WIe3+&;1cit^B<)#~>YxS=|VX3lHOoQM+dp zF*8l?G-&=p{$@F$j19)`|7A8$JKIWF;o>9~;$#>bhp6@ES2)@0RZxHxIi8JxdFF%- z=W*7<@rfI2#8-b<@XhtI0NOrN#mFcoA>;*2Blbh4(a+JRhUL-q3kF&_U3qhOV_YuQ}za@Ix_pG+H_UzSwyc2GG#tm)z(wt4ee3xgCE$g36 zm3O_T|4g8I<=;$mI?+t*#a6GucBvOQPqIwp!Jq?0&WXoh`19#~BT)Sd$)z)K`nBnw z2bewhF84bc4r!gAH#EhHt$c%VsPXyq-gmUByt^Kmu$Cg9<^s3%Ac5-~*0#l(`vYpV zm_sa`9n&$5WS;x{l$HU_`euG5zC%wAHyTxN=Pz7xPvKmm*Bxn#vK?9Tc&s*;St*f} zyBukIM7u44Nz;?73^^zn1B@ZTr~1?nt}A9uDG-b7aHyX=gm-8F&-bX@F51shuzlH7|6*6k*# z$o-DRl-D18=RX}j-v3kXg4W0=+^X{WehZV(NZap3}x1&FB8Cr2i zLqX}f`23n^jdx`Q>nV}z#l}Hem5>T;`m>&Co{(-XCC44^m^H?@c?|{b1uF#8#}C>CswV>+`G;cU)Pp)leTDv9n;_+}nY!e-04s1u zY6!okT~_!b185ScR^{S}<*{)94pP$bPd;mX6oRc0DyqJrh1#=1ty_et8}L9W1ICZn zNE}(O|6J91k7kCGk4vyyGsK~R&GZr-iH_>oDx+*$F!&+aX}-CzCuREbJp+2JzxG1b zU<>Q29Zfe)*k3_N4mxly`>=iCt1VcpE>bPI6#Tf(d=?<69NHddkIVFum=rvc0!hQB zSXg-UtZ+TBuA-v!QBo?CjblEjv3hc;+nDkVu4^gROJe!^KzajkS|)obFp-bDz$C8p zElk+s;ZFA$o^!tR-F%q<5`cc8ITy7K+B{o{-A_aY!7rTcjewv3^t}&w(E{-ZGa(8{ z1wC;YEV$^vYE9Ka6d5!~7$Zz@oCviug)fT_dquzAU@-d`|IHq4rJ8-1$V{g4f<3oWH8% zxyQA`zNP>(5-#ol?0uog&5e!k5zmg!S65pMuUx&J8(KS53W**v)PPTn`!_DZ7*ZPt>2x?uPJp>2 z%GPL19zVaoq7AkI_xbPOqlE=) z0@}3?C;>tw$^7Xq28vD$98!A)K>tafhK`D4Fg!E6OXQSK4P=n1k%`5`qK^V`Jlrys zL+qn(8tP)+O%Hu|axyMEXKIqAmH1=0vqZMvGx3va)JAsCCqxT1P+K79i&xc*CI)Fq$!-C3pkE9I?XmWMxI z{+taLQ{v4kw(p{~7R_3+7#cUdQ%JArR*IC&w3zY{IKETh4VFt9Z=aNG|CtxArpSot z@3xDI)2KQ^FLeAC_7tsm&!RP>a6zyT?+EL4&-&NqBt&CEfEF3+Zo@$=Bb8S6WJwi_oDR>DV{~b7zYKM#$z35tAfIjy{nS;uSh#5~ijOwA{0m53~q z9=(??_IA7^qnZ*`eGYD~7Pf|5BsZxKGv9O)uOoBrPWPksOfmPp<#I%g^j}Id|H&9p^SPVtpM~~Kh_rv8 zmSDn)eXyG~?vcRIZ2R;1ov9W3l#^FW)Vn&O4-+DMOJw>meH41`(g+yT5>COeo%0;lXS}+1jVH_U?NO+RSid6T-w9;cD^BP@{ zV(`oFhXk)lpy}pKA&mDC&#j`oxt8f8&FrE(X=cU!Ln!M7wQ3?tFzZ9rxIOH|LE3sowIj|??U<^l%b)*%T&_&=THTmVXBr6;afYZ zYWhT#kURg(lN$d8=szr3T$S)i`d4}r4UG6&?;qLoVETW_4thoja>s#$qL!^TxIZ=b z`U!mgCV{V@-kHNmM!}=bX^eOaR1m zcV!$Xf$cL;gfzd?7JmFu9aMJ&)kKP4zJu~14Q`9OJgCaHB5d>042F9b7&+Tt?(oGR zm-s=_D==AHjP;KbR2ogBYr8gi7JJ*(Ohc$UZT_W2K5>L5r`5|{I9@PyPI1m zjNNw?c@N)o#>+rPCzU^!eH=^;4lR>P5Y=4>pE%4w3Z8FCJJe7L&_oH0u)o;TAk&QH zBTKH8!KCGh`2)$k0&|?6fGhhDa~IC?nSYk@X3mFPyOcg(n>nxHGEBr)#$5v7b!h|o z=h?!bk&=P}OOA;h`26|HXtw!k`7uZ8D8w|#!;0|>KCD8^JDZyqKBjspr=dWqWZl~U zjg|Sq4oZp5aNeS%5AAf^U5ZI@O5~0={x1nPeaciQZ(d(>` z97ME`e+=VHWhyLhaK;V1U7CgwPYB+FwlB!s>ysCoN5f4mhw#`AIhuo}f=- zq0pm!ORwS5SAxJ;c3Y`;U0AT^ZTJKeo3lT^n)%r+0CEUkSYK9wI-?F30Ry34kz z5kw?d8{7`iX2YRcVq0AR&Hd!Zo+R4+MIuW+yjbqP-fud{^0XEggWr5j88Q9=w*__P8;9XEVk0*z4{V<8&)md{H#Jl@;e%L z<}E>$&Vy!j;G*|rR~_Tqw0;1zkR; zuBK%l&M{DDSPiMvbl&?_6-@nvx}%}6pIOajQsum5;VnH(jNdM3L#eYHd|NypCQ}0| zGvSipC1mus*wrG{c&~T<<^J{U+tKQ&aL3G@_SQs=+}-Y>3Ez0<{|b?4FPG&-8WunI z>Sv%Ft~a=b|2iBsSV5qU0nyStQLG@NZk?Wq+F`XJNY!xQB#wP z_;b333F9EStjFYtVZ)9*klT2ds}T#aalj-g~UZr+oi_7 zaBwHNYW+u>>4EQO>cx*mbh*XXo`_%Gh8L>Au7yX;@-^M}?n;;tdZQMi52D;9&(NTR z|8Jgi+S%K?axFR+KWE4EP5R<)I;b)D z^G(jPB%PS#r3)NiX@U8ZFUbeu2Skiou;IZ|HLIW7QZQs_Xf9whhmPwgXfa?3q5uJ6 z`+J@;H|aqbDr6A`QpkVPASP%`#*!QzLRLk=h^u)6M`B>rA~{?3F4B76Kb@M2 zK(;ZKYp041U}U_r*Y46*?|tt~4F8MI(ota_-v2>_oc>lw4?_R|?udX|_QN{a{c;|- zS%Jro-<8hBe=%DCq8qjiK0UbnaeNLVp8N>?DTE?JOuv*3o(i@!oOZxMjkun&f{%yG zRjrRI!?$-EHEx>TkwLAx1i`p?NGHby!!1-MjMxut&sM<(cVn-FCto`Ty3ZH{o4aw1+^V8@q$*K4)13hZl=GXCt0dERuw^=W~48c~HE*zR#@ zD1UA#`Nxw{@(G%PBoovu(j3@%-mGC%Z{7tXK;m0p*r2{O^*Ul%g`lY{MG0y_+zsJy z*mzoQ%wfFP$m!ltJ5W@-eYLCKFwXtJ&3(b%m;`DCM+uc!`L#z$1gzXf=J$)~j9HUx z1by_uf$mvQ0|T*r$qU*OIA$JnG9rV1U?$0!|E(CplkkNTVYeolf?d4 zDX6x0-~t_?joT1Dh$wH}Q{-*< z{9YRz5u7IfRQFeKk=+);J@Aq4o3&9Ukc0yQa{Npg#|9S`b zr#pZyGeWxkJ2PHhJOzXE*pf7a)H`IUH=!- zlJRf9{~1;ZHTZ9zy;Jx0y$(+~8J5P5h&;;qYch?1SV7)VX9!wl<B6BNIBtduCoCi|_b6H>nJ=OG3|FzV~(J_8$uP?u{w@j1cL3CvrHN zZagq@(B0Ug5n*fY^_xv;L~1H6>hO5rd6Y<9i6Q&QN z?V3V=(S@UuP)cvL{@TpdJ<0SI$?5Tv;$A)Ga{)-mh4hV)pKGujS|q$@q|X9}>-qI% zB)gO}hUjq6GJ7G`NhOOS$#3}#Q>{;`jB4zX;GK?z6kf<+G;Y|U0ml4RysRMkkO{Cr z@wy2k`;4f&-K*k2y?ihmx*6`-O(ul>S-V-JL79}t5YW#&hHJ7DO@C_J+SBsnK<39Z zd$dnGvszli5Inm2ym&|!yeG1u=j#sse2;5c@<61Wh(r z1;*ex-XOdt@0m}8g^jU-SV{rlfvQ+Jk>m$4doS-3D^(@qA;`kHZQ%W5b@`f{uv1Hy z-9JWO4^(haa8Fqz0TT^^jC+E zp)a<%Whln%fl?QfGd!6uik?k%HP#6?H2O^YPMA}zLt-hjHZRaa&%Tx&?lhYe{6J9F zBl5DBJ(pTYv46wo&syHs!@NFxmas0ti(MR~b?)C{oWticgsCF3f(D(%pF;m0m zf3{&XMbcsj&Uke7Y|S5r*<)t$B@GGLw#qCnPfLFYi(qV$$Ir!zjWL-t|MHg8JI9>m zl+Sf$XP*X1AN%TJpa;Vo+d}M!bm&FmMhWHDUpvpP=lHe6kUOn93U}WmtpcsB#u4Fn z2NH!9?OJgS)Cv!Cg;yFTt-s^(jiW1%3@XeHqwE-yF;AlsIjd-YAvhe?DBgU?)+P~5 zs?%wlD%MLXHzEbi6J8M1b0W0hBPIf}6G;|@q+#4tYY}HrYv{@*Q+ea}SvvIHHy29sitpdpf$qs`DkKe0W|6IXoYA za~h@Ogl`!G_J#HaRj0z9N}?i1=2n%E_88mgP((_=-GO0m@8|cWAgc4U)ZUB7_wrER z-t0M+xNC8sl;{2Ez8r--#-`rhL)CwoYQ`ig86;MhXZZ7>|IG=*Y_rEnyFDOkFQo}T9T$!HUJFDw)bZL0Q6Ug zxbovyRKR$S-k3PEIe4kT8Bbd5DV5b;$-I0h14}@g=iQEFs;f&*E?h}(Q;U}0yUCD^vyv`cf%+{l%@b-M{*YOu@2i`EU6bc?j6CW) zvd;0uV*Aol5$gOvzpl=BVetz;>)H6*?@rmI#|RgWN+Nyp-39y@+UhP0z$Ke%*sZ=x z>S)YZGQa;A-`R)kwv37qfQ~* z^qI)oZ$LtHfT_`=@%9_X@W7IIYL#C$X@p?s^(8kR=@sD8CbXs9UXYr^-YmfE`K(u>7Uj*n-BHW!rL((6{> zG_gy<;TdB*fGcRBBdYinXNSkOeEfY+SqsnnWIN4nibY38i&9)QY|=G7n>tTBUZq$A z-_sfkHkK9MubLVhbQuq0El_s)S)=!2MGDhdxMRQc1xq>+j_gZXd-sn7#9GJxsVNf_ zdQM`Nt3bJ#xC9>#V_K}p>p^E!k3Cb(}0|8Rom~0~(bnQ!9 z9b2wD(H81==fdBqlgp%+&22yC>HY46i=5fguZf__w|Wom!|uZwm3VNFvZ+Q10a8@2I&zD%Eqh^mQ0*Sb5boaL-@;CFkTh1zAt;1&{dv1wR?B3!G8TPTuO z1gqo8uyHm<_%uXlx9vl?lOF0mE-Y8~6dmr^mBS4CTh96-&4ZAthzIHP!?YDDvWC*{ z{SgB6wioyXhc5)vfa8r3HY$7P8ynIosWZ!#cx_< z)hIX9^CI(^K2?L&G07$cMU8#@B(yxpAn@J9MNEe21wAc{c?n!Uzfay^MLMV)$cM?}pj7;`x?PUb zaQoP9`<`5ez)^OMJ@b zlw0zd17_Y)a+J@R+EG4e*Z0o`S@XH7W& ztGtYf5p_bdmQ1;&w~LkEvKc(cN6G3xNrf={65H7>OR*!(I3M8ukW?%W4ch-#Q5iEI zFH!>iKo^!i`xG*TH7udsmWvAFJoRK64em;E<8`Hj>lH>_{JR*uZuE&%yn$(ZzKDY83 zg^H8$jWF`0J2FFlmkleDcVH@3I++-VVjyI@nSl|-30PFrqD=6-qe6yVE%(Ek1X&#( zS^Al_@AW&VSX$~CI%8cG=z*|skHiiZU0|1t=<^HLjUZFYIvfvCrwe*|X`V-ltCN`g zXz>8QzF%&jNwYKcS?`%=F5QS}W0A5pdgymnWC+MWq5T1*=ad^ zxUCA@ANd9?GA192K_nMitP-CQ36juPp8Sg#Hy$!@*qlb2IGr(UahMb4yAOR$K;Y`D zc>Ku&hg%hlYiZ8W>cK%rXQJqGZ;M~uG(=@MFyPONv3j-#Mu!MOo`lkz}Y;}RN~|z>@;Hz zt?A(4I4B0}kT_OiNAKp*v|My4i7oN=7DK8X<_`I&$_DPf&e&k# zX(Bp{{=2{NhmH|Et};R-p}+ay00?gZ$)BMZh~M0+``>JYo5Kg9fhJt5mPwNYNx|Bd z$|Jl}q)AJ|2If*8Ur%f=bjTf}cLW4s!|W7OuLKB&`Uk{m#DdJwRry3b4yNajT;6*n zgu&OVjTrOdOyG_$sa#yF)v&0rd#7E!}Ia>V3Mk;AE16SK8z)CZ_0|x!UI4#z~W( zYde{XRekm4O7xm#vkCk}Tr-Iq9?k9)j79YyS z!ezCwLjU?!F&a8z(+dru;#XBzh=(NKxd&(Tq9}L8J7;_y+>? z8>Rm^GCgH`?YtuZ&^Re=i2bbM#us?mql6L_Q*5dgV>Q2$gEQI~!1y%i4l+!W_fe0f zlp3GV`%99{W>7T$>|GHH?naNU^7^MGJe2Q>Q^0V`(?exMKe(=XnQ`MF4u6n0RA0wB z`T>qGvEyX4)qC8m+*)*LpCNS6Ztjk^_58(?%NGAKjZNdXybUL?y8msdg%Ni_E?N^P zXc3WuvUlm8ty)=(8omUDP9@;s`cL*z9TKD~x}~{xAhY?o2stj~WgmSOvWdDXJ9hO- zE_0u9uH3}O2D){!Uhw(nQ_9g~G2wf_ns}qtIcbz}f66Hd!8jUU%qfnLBjEx;qwWVf zI0#B)&bKDKhd*!u&*CvlK?CDFOLA7YS^D}2JM-8$-?hCR)o|MdHlRpYzF1>*n-+e2 zf*QaYWlUmvaL*Q}+#i>UjEBH-Us4Y?Jkh4;ef!Wkbwed1G;09P*Oioh_jx$2$(~t+ z9FFNW`#xcl0k;72C(__15^5=EgJx3FwWq(GBqo?1qV{w>(3La@7$o zxnqT|)?IUcseqC?gg0ltIhPf6Sz8Rkojd>D$saLbIHp;Zv;9KWy0ihC*gj>jtU9!d z(_c5D9ib>okSNa-Q!LBc8p-a6yo)9}`;~BvLhf)@o-`eo%*!{Avhe|1;IS)w7_29{ zovka9^c0Dp*5~_9g&7+t_d>BQf~YkqjTg$ZVabqZ4n{8uIlSnoE@7F{_;4n&qTFTg zf%jTiatXHDHNf1pg$=x{^7xADP@@w6T9q7>P54E?_}&%zEMUXu(dv6%kiU;wH+f9{ z_(@sqJm$>c3kKJxtTCWoLFc0vOJ2XuQz5wH&S-7{^wi(bj_?Ikjs&fQW? zwwoOJxtZy@x$E7C7RVXU92}su-d)Xhe(z)1NJM#th0hLSHR}3|cD$Q672qiWt3F{9 z>v|R!?sEwajeb?3AjI4Qi}Z4<#P=)!ZmYNO{L6k1ZT z#mx*J8}Wl{{vbW4y1w_G)qnGRTkfb4;_%r&jXZ2zm$$2QvTqo7 z%!&e8jrY!q1bi$04C(M^B!#fOPCK3}*AnIF(TY!`ymm4O*Yr9BiUcR6ueL|_t<}R6dm+)ak zDB2kG_{~WvK396dd!x26)78F~4o6tIyn2)C;1e)U`$%CsRPeJm^MiE4Q5iv}9EaV# zFC6Pr84|bgM(|dCKk~w#|MbXbg9<&N;hFkYecG|5_z$W3-DZ0gOY=5qMjM=MaUUiH z!#AkzkI+X>=~@jA9D7O^$gK$c$w}Fzg`T}T`QQQj%Ta%*Z+>=Mk1lpR&G~lHNBN+N z_LLk|4$t!-e-k_b?JfNb=rjJ8aVtkeY61bid7whU z=uRv)f7-$6fZ9XAyr$%ase0TwClK8sVw8X}-`AJ+W#MUta+X~R5FAug%&DdvQRT>r zkdsMRyXo$`;j(J;l+PgD5^OVZOuTjom(NE>?wohqT<6w3J?7sF=#O>`M14QN!bPdy z>8{e)&$hFIBQcqXgY+)tRdOg@d|g}Pz*FR&1PubxHx&<@j%ZJ!4;Y^hYW+Rn<`dhrO9dB5cEOcjb)Fuh$MJ52Y4XYuzTei5%A_CvhFNZe z+V>GYgz9Yh9r@_0*Wh9>r>i)=a%V z-VkiF`763#1}XXI!PfPIfcncL%i|8YU${+kY^lEkS3KWL!(Zhcw2B7Dt|xsmaPEb8 z_=9Yv*#I;gn%1B_`+HbRVOFV3aD3Y5J0KJdteN&t%u{OzO(XWW7H`|bbuF7tIMn7TU@2lXzN6#Tuz z2}?KztA{tA_HQP_Nx{GEeFGce*TZiY-uP6tTXVu7P?;ttdGy2+K;Pjc{WJw|{#E5q zIUZ`7A<#_PcJM~-!W%VpA0F;zT;)IQKvucZEWd7Rw|YkvSI~1*;}e>sS=!=Dwq*5W z_A{_Sm!wK4#npD_gDRz<#QB-CP03V+D1n&HpG#zqgDL8=_f7D%?%&ewk1K!qHvhj2 zlm8(U|9{=WK=G`bj=T6Yp_=zknS+h9|M}=Ua9_>hmRTvgT8IFPc7zWmt0;~b+-1pBTXbR%#kN=8I;svAL z(GJdMnag^0Lg}&Xdm}lm{{D~q1gl-<7DpS#vP9Gd1J61XFohdTzI6Q-Y_Q*Dc9<^X zgs8;oWu0!mrGL+$oi<69tF7!ia$kBB{@ZcuqB6`6%S$<$O7lMwerr}7BK=2iGh0>2 z2`=lAY>KPKkx>6>eMpzMoq)=s&|CKXA{iQ1kE!U;1m4>rJXBx7chktfbM1xhTJ|hWell=W2(%-M77?}$?Z@uI{x5vD5p#Rhh4TuLFbVd)J z8scXiEx3Q}p2H{DbN=%bsI93jeC|?&n3D4VA|oWwsx>xNh`ocUQLMGyMH&b6A>Jfb zy>+g_M!H?%qnT0>bjQXDu0BL-*2Zj!Yo!8xtHI?K7Q&MMGOmx}XXSOL$9(Li*Pxn4 zTtO!eNIvCb;GzU7M3NMuFOhN7Q!rlHO?X=2>6iuJ&8RvQ63fW?*I0hxn4BW3Fn`{> z&h*fQWKiwam7WpN$_%9B&=D{XdfT6VfMM>t?9I?D-CWqXme>0jh=pWlOE8#Bcq#Fw1o zucjSUU)nMTJ%c(n>_1=7CP46xoyy!79G^INj?Ye)pWa-bbZErMb)SlET$*f1G2CYQ zi!AfZj-A2pfAZZ35N}l=)YpWI zdFZ3>8&kb$2TOG^F?CA^0vxub+pIM$sV8R>Sd35=$QeuqXFs)v5Y&)VOHd^Ca);<=8>`4M5e5}XUJbDB z>lYSB^0oB={SU#_X7pS26haEgIf@T(z{)wt&Z3;{%A2tVE7`@5CEK`iuS!i|=z-YQ z_Nw-K>o;n!>KH+YQo9RAdG-j7%CZ@e1J^nr*gzWYBBzz0WDZclx0`}r}w9&-7)l>0RPsPvKqauBbJeM;@pD$ zw7RXT*FIG)ZSMlwWG^1u#KQro}8d$_Ae z7(Utvt0vc|u@U;{d4nCXeQ|$ola}wiXW{s#>1Kv|xoUvd?)NTQZSyDH24rsjo?UN0 zysmLgjcH5vr@qiDbYXvb7*^`n&26*QI27Pp(@0W>#(4LGlbn$y!HOo`UGwNy>hF(e zgl4~m&jFEzFB<-FVV$vjI>Fi@v3ySLlWH5!K>8SOX5$={Q%%gHzc4@PuOLr08Ebyd zdt`C)1diPnJ0i?5TKy?Jk&j?l5AH|?XpN2+^4Nd`T`#PM;LGHEz=q0e+s+`j+KI=N z!QWu6-a!XDzZ|}_x`?mY>h!Zn4j9FtnEfL2F$i?qQ?6`3LV#a2da{#OuJ^ZF%xk|{ zJjY0Vt0wbZ(DKS+zZpvz8mMK@+||XCuBUGV&nozbPt5ktiQ4|#b@MJcyZNOPPXgaukRH)wO*FVjjW1*foYf62C7fOe=&9OUbNLq zXIX>cX7S0{GJSFEr<#>0WBIm6(wf*oH|M20>&uJd0as5x-ffeJs+r>h2eaAHYx`dOG&??(@9QjAQt}dnl|>h zj{PSFlJe?qNH+6cS_bj(EY;8xnfsXbV;&!5cHz^vzy6jAz}SbF-*VIq6eJz#?cQhzY8R3xbwhaBGDU`=QwwL>4?9Y|1WOKb8El!C~njab6G^S?;JK35xbovia#O{d#qkWq%^Cx?PWwNHELbL zp@0osc8W?~u8R>(*coOD*%?)5hDJngidyf}oA}+aCRnMq-|m9TtB4jacyPl0TFNY< zWaX#*als@%NZFZ&Aq2etnh2V8lZ#ekzh8RAm*Q{2s(bG?5ZBDY^HwNk$4v{IEg6w- zgNCppSi~1wtSPpZ@67x^l)ZOY6it^mTr=dHbB>ae2uK_S1OyQT1VM?Ca~4U1NRlWD zC|LmkML-Y`NrNCDIp;8vGf2+74c^c0v)}dZ?)&{QbMc+gEdh8E=vLe}(|>Bpo^#>kPl+l!Iea z86?l^hEuo`bjmsJeO;vghj8e%jSh;2U@)G3CzwdFY|7PJ;_H^fGJUIA-*Ch=@%F!h zZwG29KZimZTK5=WE=b3}h&-hs%~~&fWRV?UWG~vjPpUeiz+Z%kIzJR?jUPH~_Me)1 z49<*1OT-5ku+YpJdAWA!FoI~XC~p7$8jwi7b+_2sok?#-b5x$)u% z#g!M`C*?lZ!01Nh7|<%8!bQpx{sZg#?&UVh3p58HHxEbkF7_x36C4@*q(QlQ&L2jK znX239of!1!_%-|Uw6PNr>5gO@Oq7Nk@OsckKw_V2;T+^TDppnjs)rXT!9ODU`z@X* zBi8oE|7sMW!2S;cxiHN;fB>D^al4JDcYf0%HVujbiK~t6uYn;H;9oJL;lXkbl6R;C z_;Vdj-(*{2h)8!P8{7;}tbYn9A6!MMH9dWLTl~(1S`?S*`g$(bt?GAgwj5gj>UDq7 zy2HI;L>}}rcraWlmGr0jzmytNB#ng{5T#N_nMEWnvB%d#nR`g6-Oq+=VBH5pX!boD zR7R#Pw$I#aM~qR%Pv&jN9@jx77_DVOp9u+|v`eadX|C~!g$l{K(mS{&g_%)WJ8v{M z(tquB!-p@>%8rNOq<;*woVy{s_gDo6>pQb&(4z=~7WR}yM&3JS!4P=#P|Fh(L@&>3 zn=-BAc@ZP=X8#0Ldp{3u3#*}}^CgkB)@Z1uBkEN6Qj}W4wG~e7(G=(drV_{&WAOuWkyDLOau`r2zn%hg7ZJm)3f0E~H#_>bN`It_g zWKM-?J(RO-n-6-3+al1gC~I#{u~}pACxm+$R{WXmd->|Emhrwk7Q;WLGB}Pw6%hJ% zKy`O~@B)1+n^F?$mKT%uMhJdbCQC|GP6BqZCvcD@{=Q#Bf>Jf1cLeB9zBt{j$QDC#Xz)6Q`)vw(+-SdU^7sQsQ0mys)5OR1W`gX@;OJ#MLb&dxTgV`st37~WjnhOQPf*1Z~t zsK>iO;WEG)9Q0(Sz@ooJQ_`9J<8|Af8M*qx`3F2<%fk^%=}p0Y=K+sas{Nhbh5d_! zO48gQJnwaDlFEtejXNpx!rfOh-dWFWyziiRnRyrcH`2}obL)F7+=M}D|e?YS&Ot=PuNN?|{bKyrBNrw$$!O92ICsaGI z18hl&y;m(Pr{lmB`_svz4%>g>Y)SOasvdqE#@j5s2T=%8aKcsna9}Shvy;_&T3?^R z2##*=&;{ze%#Qqr9n+yC>!F-`KkxB9%6MeF&4L>vh;`W37&S2PESLoC;pth~kbrh> zoy-3F2suG!bu~BB=u772O6t=zH)ot@Oh`i@K5Q86JP}UbPoR((8ZyDjJ$f5JrP9A; zmY?*=9m5hXs+PN`D#8D)T)7BG4Qt{qPl7?ZNIW22rGt+i!1)Lc(5>pZJ0o{KP?5W+yeB_kul$P{7fFNxpgsLy_E zU+-~)+0Bu?x1hCe73TD0n28rkqlR~pOsy94x8?aQ`2&B7dpb;;%F{lml{t-1ex~n+ z&pv@+6fp+c2g>V*f%<&-uHXP8N$ef*HT`KR?k1&`H;b*WhTlesfOLwB8*%&3sgKrK zZmcw9H}YcWMP$2h1_r@4{VtLgZjR`?IidIOsNH8#P*2s#KO6mo9(Oh28ZE0-(s|EOt8Gs%p>N~WaL2o82T^-ILo z_WiYVz&me}j;XqrQ^V)iG9N}x7u=N5xv|Og>AhgS!l+V%Cam;`4lumz;7W}ggnuMN zVqQps=s7>StMUmX_*d$Np%SFL$c7EPW;^lby`-IWLWRIS?fm}HmH|eGmj;MJCDZl6 z(1o9`iGD91TnBR6#=lc_fEpX5d4$KDaDmB@VMh!%7B#1_6&ccVoJk2KHg8CNgvr5C zLg4-&`Zj9m6ciUYfBvlpoOBWt7jbh5k=d7AO#LBo6U!&aln|~&2xI$&Z*P;n@GQ#@ zy?Su{TT3A2^+uAOdq4Y60qVVfARQVvnS8n4?kXU^3C#c?oQA}YL1@KlJ^K(*~e z34Pbn(MPK`K*RzxDZjzMep+~6MW+{`vQCJDbPD+mT2grO_X+YnRN)udA8EnL2(Lm* zVcYB-w2B8&f$;NBFly!r`n+rA^#X19>jw9*3}dknwo>3V1>^HNk{&a_`Rt)qExX8W8X=7u7qn(nh4Skexxz$ZLYY1&_COY+po?B1ivx8J z0*6f>nBEBO`0*-8JGG5EF3BhbAq?5!mvE32G{A{$W{Yen9`hnap(xnFMx1LCz{2h* zM`E~%tzJufY|6mEPW4*3&HJ`FLtf(Z z7^XP$-;_qFqQVQzjlS-yE~UVo&d1AI_{CQjxzDp;agzL&1LSz77pW#O&_fh()Y}_B z)z$N)gDcZj+kU*E2v}cIIoTsTDQ?ilPk;t|r3?QL>}+ji8g<2UYpUG{~b6_37lM&Y6J1a6;wg0%}?cbo=Odpn=l}r78)t)4o!XQT`W=qEfL}wv<^Rh8>%}EF zbm@OTKte5{yTHN!{Qv_2Fd=L-;sQ$jzaNlZw7Ec||91xvWSkVhpf;q);i{wzi9zw$ z8T|be55^^$?3Y}^zR?5@4bxxybDAXf%y-66#J7xD)nojA(-#>LKR~xx6_epceG`1Z z_{#x4LCPAGef@J*;?uL#cOQ$1ilWEpp5ms-X8erMsM(0TE3vEhaI^h$Vdp1dy_kUk z91}WXjD|H)`IqSfdJJ{FjmxVX_X7f<_;EM_&Pr5J%uZsO@R2g}RaEo$Petq9W3cw( zcLwckDy_}a)n+)1P;ou&gIc>B(wirc$%_+oca&5_!%eYQJTXiu4Z3oN<3gR}d!?oO zfsI?FkCAgg4(YTC>qSf1;oqMXX9g4qkTj*G)wxJUqAp2bWvysZdJmT^01DnF2hP9o zddQp6S~DQe8dI@L79^WMQSl1+7t#EmEgNm$-az346Vsp%lZZ$v@RYUqnSK!B%^m{j zEr8u5LWj$#8j3HIlH&N5IhnoY^GHpEteOgI<~s$gOt!MJ6vsz|6X}!9n@29f{M9Rt zS4U1m$ekZYDH4UC)QK@AzL4YYyoHhSMb#~LEq=|OjHuGoubr(L z{f5`O7>*Z{CB47ToH+eWVt_Dkm$orbNhHBS2DrpE^w-}oAVMD0^B<59-_uYM?VsCb zvKbaNXD1qZ=xo&wuArUrcpoX*gkCayGv)ezV7xb|^WcXQrA~oUWzA=2j1;V?J^XPWv6AQG zjpp96Uch?9#HHhCpfLXR;{I#a6UXn#b}n0gl|_}W@sP> zH3q+>Qvq- zKA85MEy-9@B0G^6kMjetNc7WR_xiElRqab|-l~vzbn915_J0tjKYO%<&HT{X{z(Ke+P=3Nj3a&gaFR84- zBB_jymWCCB=eBezgHrxs-Z_)79&cagNeN=0at-()bJ;z-Bk6%KQu+Q8g_G2k+#?!0 z4A$vJSwXcYuj`_m=Vo^f8b*4S4iA@lM#5(LD4--7n5Zl@;6mr>#j3>su68J3h+qvN z!m~-3OMreFc!HO0Lw7TdQQ}O;(%Y=EO37{A7%Z-bVW0?x9}KX9#hXETkGjp9I#nHk z3wd3)SWxr=8Gv5#S*A=L`hBlH@o@cfHuL8X7L?Hgj_%$g=BkqVB_y zGn-*HZxs8DD1f`cd$!kCr`q_VdPI77z-Y0W4w($Z5P{S2S}X6ZRNBmUT30~4%ZFCy zfV1nEs6&&x!iAcJMJ6eQMRyB@G|!(-?l?5dejFEna*eg=V{`irzPnFPu+~oSm$7~6 z5m9$c+fLOGrNuxjT;c@|`52f*#BX4%U2b4)HdQ zS2IPnvoWykYEaVZ=_g`~j@)#s5Al)@2Hy@`o*o_^?RHTW6)Bjc2Yj>fDz{*^NvRsR z-5@P%aHx-kB=e3XLEe8doo_2Ic$v!uA&h>Zi-DK|y(3)K$7gB42J7qMjv@@@W$N;z zWhS*-r2hv^5g4-arR-^3Q}&K|EQ`Ot^?`tv;LGGy(7E^JhTsH=W7Dl71_PhD=Ef2q z$$eO-%{?MuH6Bjv`7KC@52iJFueM_MX{O_2edME+z$S&k-#>;~@8d7G)-tB5H?`(0 zS(Ab*)+|M}56}I&c9TBET3@-->D6xZQYU92&XwQfDmI%u9|%a^mFEUcJ-@D8xm**& zzZJLIf$nrqc>3?|#xzh&l$)k1OACI>5xEE*N?{AcAGL6Tg<%0Ae`S(~)uM6~SgB2N z6%ybLJsiF6QVo?M7c0X=1tR!?)WVRK76wXcl*p7z^BQP1YOV0B6|a?is5Y~;i@eJf{uRP!OSxH>YT*_UqRUGWj-IntU&&m-t-%*u!NE<$lKYz&Evu3HYvy|A{ zs$~*+c!zQKT%ktLOP(OCdErXy>D1=Y?1@zWxI=R?plvo1`f*C}i7%M+n7hfi4C_aA zu62M=m5ypRCGN1|AGDPVtDkeP1)m5acs+70`dsX`rEHeiGi~Ti0mb?O4omr7M~Zuu ztXDBGs zF3*R7@>MoY#8XXSjo~NuIJ1kJJ+Mc8MpHo zSub@*IyKzfw}k_i!=S80DJg4t*eF~#PVZuE1|VufQM=yG`ri2df%w7H!L$V`oeBs= zS^KTLa;eb0A~!kN)gbh(!k0$>+U(8NC$}syXKH|fg2Bx{Xw-*wZ?+|m!pCdX3B4k( z=q6gtdT$U}vf-p92zGRg|Meqh&%1KPE)XRO|J5ZJ|EW-;j|y3Gu0zZ$c6rO4MtdPHAbdxm zvZpz|?JzzXdJb3H#G(LV3|>-1vHSZlD>SlqjB~b!X34B_r1BywNjz=N8DE?QJV789rDXcxsDhk2^_%)KXWE2xT>0`0RPWA?{hPyo|ar z*YKQ-3w-ClBZ{xV{~v_7z@%=u$MNc|k2adljA_@B*0B-H0sb_uCI3ZR@=OWK=j@ri zJ-L^JL}2<66(ugp>o~|zS?G;_>;6qeWT*@MsTIifwc$bd=3^o_!vyXqJ1pJ?JRGzu zSjg`tcu3ooQ@!Rp)}mseJ<00c7|37)Ro^K6e^;8M=MxW~M;lNXCKF~R3DGfVZ3-v2 zkw^qEmSbT;zR`M)Enm!8*5SXFEVCP|fN6t)_(qe_N(yx=%#^t@P<1Z~L;gRt$OXQU zob&t|;cD*|i6z?4Hg;b!22rfmwLSmLx4X0;@L=X#e6v}h;4}^zwBx>B&ze9W3QcwRT2NMBEj?k!<%1-xOP$?Sf)YaMnRYv}BwN6Tx0Ue_)|4(Z3>>xUq2KiY(Kb zwp3LfCQ|y@7bn1TJOFTMf*wlXXgswI&kkBkR^P`!&0}wg%gN4b%OP<8yoPP&)?M4l zEn|ttL`t1J(KZ4@Igznp9qnGaa8n9~g3+KpS7GS6)CZ(w{HhgW=fD#Qrg;L^gdL1c z9F76C*aTp@5sGcomIXbknd%KB!Ru2yAmWC`$y}4R8Nnfk#uEpOiKr^hh{i6D+zh`$ zfDAl2b0#_sSZn5lu?hv&=n|m6du%J8)fMj^-ZT5?Fi|S~fEb90F3%|%XCJZa4#b!` zc-8TZ$K(1BV9CNNO3q9Mes4JQf-5Lv21t-2_G0 zhM23Rut-J+=?|RokbyUc4g=rm$fh;ytEenw6l!V~%BQg~)hImHfs)xFZBozMAn40i z*Lhb)C^K})?>H(2G@`L`IiJ~rK{J8u8h2vNkx6@pR2jW;IW;mnQY&tc67d7uqV2=H ztA!Sx4=h2#IdlJ(xH9h;P3d-fl$@F!KQBzOv9614@NxRv6~A5CE<&Z9mpI7ev%Bhj zA4B9~zeI=BD~Mu{);xL)s-46u*s~IDTO#O}!>&>ddA}Fb=aVrXQPInbPEWaemJxWg zWL=7p-ezL!AiyznYcX;lj@S?dPnm~KTf{d5C>Md@vcv>nQAH=W^FYm(5*B`Yd^V0fxC)A`_ax(Zcpb%l3oZdEtqCbrUd{NJ2vt6KJEzdtr$;sj&^-C>FJt&p5YO z{Rtt}J|=UeFr}l)vFx$HK?>(-+$Hsy5d<80U*YNf7>Km#ZbMi%1&l29wF92RCr?(B zgAY2BkdK8~3g$v#`K17@xeZzliaE%)7TrfNV?x5i^VVQ-@FwdrFdJ0G-Kfz(B4jm@P3?`x}jKLh=CrVoqq+j3pU14xg72cl3 zort^THnLc;y%H6^SmA|?Pd>p2dgr0k(FX^Yv4TH(tmSKUf+LX_w&!;?ZDS1qW0@|IdDpLj( zsXPo*1KX!TQvp~uK)w8i={ zKHvN_ks~7jv}YBOf%u>CEkv_oy&fb81reEdb8#7Ng--<~+Qbjgc!$~F z(l`fBxT25&ca#Cd8k;OnA;}yuQJEyhHL>To!?tvQV|Xh}{kE@N(f*W>g>gQvo0_lq zp0qt4Vx1xVOA*GCaamx6{JG&EpBlczk4}Gxg^k)+7$PC-*?>Yjbq=0=6vFcufo1-L ziWEz!0%K~vYkGd!UXXqAUxIOfSFnVHuCc_KGjlv~&0xg&y)raHfVWcX9HLZar zN?u4KH!51N;I>9eb|3OuUs+E+^yT+`eecSu`6dxbMY-tHc75a#VLa7irxo&AJ3kfFFP4te`cLO zE1C9(Ez=Sm!~p16Ors=7kZQF1IZhPDWJ^tjQsGcZqyBY}NrDUTESiWw1gPqj1=Vjz zQ~b?MW=Xwg70DnYIW6cDHcY;+9}E+TQkDce8+O}Z*t>JMN%jffTgJq>e;S$8+AOJi zUZVy3vc{E}dhKmE9FP-36!cs76(uL1X*?psM)r%a(zrj<^9j6Q7aRC1!HQ!oD&yh; zx9i*lF9z(wff>QDKg*u}bZ;*Cq6U^I}@9W)3XNnHzzC*J&f2I&Au_G1OH9zZ@qr?W=l)*tMWTa+1ohcu& zt1#*qyOnm1ePIk?gRw5;1`IiPOQ#+CZp3tPdPf1^i19*gK5d# zjHwm;b{7+YA2uFx%0m3{yZR24OsqO^#)_`xyY=Ie4^Qhy=w#9bcc_zYOB$KrcgmD? zW>+Z+&epEqNpV&5)4QGas{O=!_ldw;x&Sd;u!~|m+xTv_`zStTD8G(6Kdth?ynbxf zD#0zsPentT6XV_YidP=hykGrRwWFk7O7p1_HzC`%)$f|;sf2SU_2uTdTKu|#_gauq zU?$e6cNRSJ1)iO{D8HCAD3SQ^ZQXxu=Df_i7E!9W+QxBqNZE{7N&~QK*Wbhy4|MvnGS(HRRC>kDN9Clj_J@V+T4;C_F{Hfdug+uu>9wy zz_qYh!nmvd?7oa&r)G?4o}W3(^{+(VuLIH*S#Z|p6i+{BJtTo=T2BU6-sx4FaZv({ zIwKPr#F(IWg_DEYDzEysMHp9OdA?LeIv&Vg#)bXJ$7?c`J!yKr*!Ray-37w z&J>9`Ag%2Vlh%vmgPbf0^-P3{p9Ce(+4c~^wj0k zLPf_j`21oFcu`Ec<6(54Z3JNrA`1^8i?Xa8dc=bC?GwB9(BMZ0O0Sm{43edJ-rCjZg!;JJWy$`IRS38csSirm7(Fi-V7-TM(Ia8yN4`VX+>qx8&S( zl{ErRH*&L#g?}U%!weYdM^);nkghceg{Yme*_2AI6Wn=z9v|+p1B-7j;-jJ*-@iG)i}kzS}Rq!TH<>@bPSpuU_WBr>bs&~_ zesCyVv%F7(Y~>!;oi4_1`=+bmlp8x0=XhcjzrxN)h0O69z0UKn*V+!QHA0$0P;S=N zjfqgtISVbS3vrGi&i_dD%EkMR;FD^SkOWTbb(?=@2q$gHlAWIl>GYBLt&nmPN*3Ed zM(Rmr)$tZOb8tfxG0+LtEeQ~oA6E*_#ZZ=~q9~kF_GP$3CO2UBGd%jKXJDkns5iFY zUyEN7J%weE2RT+~V)21|u#a}ViT-bi<*V0Vq{?!>kq5u@NO?VA-S^lggFY|WhsyWs zm5m-m4zdMfcgQ`_05&Ha8oHtvsW$5 zsnJL~oO4@Ot(7{mIB9~6kBn7n~tziWg{F{Jz*$*tT%LYwXl#_Eear) zkXeGg+1B%p8Ft|CeOnbZj7@oeND_8G2@>4>Dq#a$L<`;>rG_3++t)jIpMv??J)9?u z>@77OJB1FPJnus;P~J+J_r@*t@zI0NlkQsNanWYdP)zFeEp9FHmuZ54_C=TIA;woK zm$gjg&rs!$U$$o!?bOIC#UZ?R-?`+g0GBx^T?pl^d9kFvN5+Bx6>j$-fqxsgteJ1! z&iJ!CINYuuIc13p?gvnO`I)9pcOgQgkuq{R*jbALS)ltqqCwD~=d+>)Nn{-ufXe2re21(DwJ||^l|6Ve5Wme8pG~fq^ z3O;ffJ*Va6%wI`v`n10r3q)i8v@wl^tPBqg9-FCvoBU=bF^$VZl_%0@1!^w9B3Am- zTw%hLHWUkqmARy?S>`_Sc4k=Pd$Dkerx>kv!TSge4UyWY8GQVkZaE;2wt=(ci^gm@ zQNt%Ycw8B-mhQcKhGrk&-E6}A9=a|b>#-R%Q04N?RL7LZ zuSA5+87Bf9@I>VGOw>|g-~K4X1xK6GJ5uOr-(wfM%K;YKOs2KM^Fd?ubAQokJ-uI# z(~oBsb|X2kyPt}ZLbnV(&KeV`dG7z0V^q#-gSDOomHwM}$QS)%-hBAG2G~_{u`v7u z7hXij@0ad;u;RJ5{sQrqg|KkmO)jOgLxlk2I-eW}M_F=S3j8o#Ea;BwFP1O@L|ThI z1xGU5OPV96V`^mIU66|8!4=H)Ctyt~-}WNVcOTcmLvXQDsLx(2#mZFTHQqg8QSj}u ze}upJanFxLfp*e3`6tPnk+yx!yjU|@YCsLb*fngiDU*+T30{NYW&+f^JF^Sl2Z2YZ zc}X`L2^EET=BxV67%EWkDkOR~S42?{uHVDzhJ!vB@gKPd{$L_jGDf$Ps#-3T=wek2 z-ptNv$CtXNjjh_G2|!D;P#QiWtJEYT(rV!u@<^=__qInh2>%S&OG>d!6*8rnZ;NER zu*PIe)R<({(keu@Xr^2G178d#xw+ z@3=xOVs$BmeU-Eswd6RBKC`fP^+0o&>@6KUbG}NB1atNQn4}8*I}kWzY2k)>Ovv^) zr758~jQ1ILNx`+AQf`gdn{40%1F5#Do|btS^Glj!9#Ia_L6nwd9u9M5GRW&Yae%q_ zN&qk2Iq2o+LURIOqw(EI;1BUnZ?weR-v{ZpbEm7$sh2(%{Agv&eGGH=qSM)eQi)}q zrX=$nq=^uooIk@tLTn&~-|iz4L3Nn1{bIesN%sm(m|Tz4=1I~eq8GquDJQ3?H$7Og zA&eG`^#b+<;lz*tN-+u@T)@R}0TTNBcc(Y;Az&BO6%zt*T>`x@FJWOY0D-zLP9va$ zi%b8@X*fjkf)GR-`arb*U+MolwP&}yCWZP3=TA$yR`>n4P6o3+pl^q`$wct}Kp}6*T!H2H( z6)w<*ObKvSao3+L|eCGAa_Ntmcyeu;o z>{`Hq>#{4l>9{_+qwE8*c>-G!(F-p6{ApxpWH#LNI2?|ELVowcgeT*L9aBCXBFY#T zlgNem+=b|}RI|drz)g)JE}PJ8#5fFAaWqgl;5gH&Nvod70>hxsU|8ZWE5|?k6f9nO zS@nR8%A0snW~=mR891mti27x3>&RyRw=cKY@jAab&`4Po7%h#6hn@}e*haEVZJ0Ih zFWA<-NZ-ha+c@E-JFp$ZcK*onDr)!Deb3%#W0HXv8BO|q2pB6qAbUxK1)Qsg3)-Dq zuL^rLP~Ahl-oN86A`l;rl@z`jAcGOt6c88oGShWD_>XL~dprjYnfiZpBuTn;e%1JK zEc908TG17Py?npKH!WD%@IKaY;x(2B$9V?#mnERwHqSCnDllHFV*60O_;mvVivr{` z(og7C;CoPADt<%@xXja8PV)JZrSO;GgYmXsrScqIF5TvNkq_-BC=v9Fuj#&{uKg-n z9H31`VIo6_qp@TD4%&z=I9Us^Qdiqdx8Ira5B+V7Md-On!=e91o)oCj(PCP6Xu=0b~H5|*^A5eb71uSw+FSx;C6~I@)F#4;MJ6H(cB~tWn3`O7| z;TYgP&05c?RW}f*3p9EvX#nAiBx0nW+TXSvn22MVW+05-uJW%or^s{tEeaF)fn_ly zWnGXV>*fNXwl4;|Jf0e+_a}8~%~WGh+dMl_Lrw@#w_$E`gL^sGqlMz`U$%No0Yeq+ zPpoc6$;zb4RpWodU7)krmY$4P$rE#nS!u>XK0@i!W1z>YHv~C^u<0Jw)ra}4PLFasvhcigKvP6}=j{w(g1bRWsi!Y>Vw(ZUy-2Qxe|ocm z)-^AyfhkxZn*Ot_R^Y(!5^R@JF;{53?F)ec;T>4B#|`q9%B%qx3NP-H)MAtdcrAm- z?a2cae3zOniGc7zPZYlWe(JA4l9i52d;PjMYzJGswTooB1N2n~Ph5kcb`C&D)~FCY zr+tL<%?$5Dg%3arw5$xBpJ>+o?o*}&UV~Lv?6+@xp0)KJUihJw-((_w<$C?|P^Q=S z?l@6kA!`-Rzj$9Mh{!%>ZdOZqWES66bQQ^(6hyabweqnsXT-J1=Ji@L(yZ(TD<(d9 z*2wcVX_W;-hg2>gB87dd6k0;Z0&!_Uu~jL@ye9q|w>5;wC! zg=BeI6#QVM{+KzdA1L|rp+wsiBCs2j!2s|C{zN*mo&SQxb$pOl0Nfd{{2jHYNZIqUWVsxG|wLZqra@lErC2OvDt2JrP3r;>HHQG3H`muZ4Jf3{W$^oH#FVJ zl&h%>wfn1CJAwK4_g>5`#r%|K2Dve5nnGh4U7lX%hom?UMXxN}j^K~a*Z)((5x*>F zxNPNg_vXqM>0hd=ueq&P=~xuH>D*n<`4$-;4DLQX^Qmt74Q!ev{%}(pjp=_J{z72}^%sg^`?B|jUU zo58{E>7)tz?l=;s80;p>2w-nYR5mB3;PSm`LAKV>P_bd}cLHG&nFq3~1XN^fjvVC; zWu_nZCl>^m5WMN#<7ZnDPV)9vNnbG94q3tUB7};DvBFrbF5-9Q-?@c|HRGV{bydAw zI@n}z;~z8T#m~~cf2RgRH{6sNcYf#CtA7wBOD#0 zH$Fy)PQj#}P1T{E`(s}8{i?m9iZX$)$d1{O&10>)I`gg%aL9&Z~MJl9F{1>+%bVPYUo4_wEavH`1&1U?{ zk0u-Jj`NC-%>m~9`~oaAt7NgF4wK;C*C0%_bk-w;;l|>%#7xWl=lB$G;MrTdD$B>l zH+D1(5WU4t>3tr-!PiQVtO-Kzb=gsJz7lbaOkbEfsllUz`)Z#wV+Jfuqg%O&e?eQh znLm71L~`$_in+67Z`L>Ejo>9-?)aft21ap#aE9w zwu(4{w}U}z?|{n#mRGnB_*C7qGH@55m=f!_JxfVf4Rt6arJ7sqO7ZPiIC(Fz`tun% z6uA@_p~WLAW|-KT0IA++`{15rl>x0oo%PzaP&g~rYbpDimrfHr2#v_51Dn0RE(4Y| zujPG3lH)87vpb_74)8CVM^Ip(i_htc;$VdR*f4bNy(Sb}hDAhTDIRPyHQRqA_{?c$ z1_O06OZ)!o^Ao$wO)1Z)EgMi>-`f&?>QWAHSykHJeINNL8-{`Y?Xd5o+~5Mb!}e3J z|8=QgA_;;h`<}G@foc6fL}EDIF|klLnW2^)4{~<{{kFf@5Q+^qG8a5Z!9cV1E}~1+ z$fkSC;U@4<9ZkF@p4w9)D-X)mwy;zDD3u*<0|E1Z$BkZ6Mu3)H6I*g^%z6}uvLdlJ zsR0((NM)`0*S`cqsb^P)4?|TiLqfjKQA?JXs(m6Nc^x>}xSGByVC^7t ze0Z<&Cl<~;S@zF8d*s{SApF%=;S{Bm#Lfet`oPB>p?;gHVHT*Gn*Ajz60!dkdj2y5 zGA4Bu&JlWips12odgb{=(0ClMvFOQKTK@xirlo90hR7CB_8#o>_JrHls%K__O;1U9 z+B@HT)y85R)OBi`2NB;Yqw;R(3=tx+$;I_nVWuWtWE(cT8o0=Wfd1z}HN23+)9rC% z03@rx9>zQo`5shIms+J3^BZxh%iiWyNU-VOAVfOljSy6KMNSV6UKoa*s>!EjQ?jj62N#pghT zk7s}H2~#qZ_QNLB|B~`-<{Zo2UqsD?;is zepAvl;i^RD1$r6+%7J(lHOiZhZ72ju=4llDYY}{@GaZk=RETSHIwZZq@ zk}1lp7E#!!0D`>N{0O&{>?*8-f;>e`#Cij>RTvk z`UmW*r6vKmMMlT;g+&N%gHt(qJgygXpGQCF$D}Gy5@!@o(W89E(}?{uDT%yCuZdU7EH17pLF`RlBfo zr)(*5pmAm3;T65@8As>L2kwyRtV z_AVs^S#FM-b?KxS7r0RfuU}u<;fx%+dL(&nIu+yD*YaK}Dsqs#r3ovrowLFH&Gimy zUE=z*XkG^noa=P@OA?yjDX->l-uuJ)&5P;RT5V^HHSWO+e#ciMW;q-BbWAKxA?snt z(v`YusDl)%f?suqLL;>-6n-DoCD*=W@|M*?l7I?0KbPEh*8im5e zMM!!s_Dh98Ul#)Wr}!7Y|5J+pH}Q*0|9`8>Gz`O3>f{uX7E&?tHU{f@waNI28N(m+ zq;XZ1>WjI#j%jsk8wSZ>f8WpfH+o=c$G^g?`M>#gb_X&ed&wZ4agpBnVrK4F&)-}4 zI=(NooS)EoyYu;T4*qI_nMcW2jW`~6iSUln1wy%n1d zU!)W1)NL)s`+j`~)NUB8Jn7kjTv^(j*V-rC!_KzB>)6XtZOnh~f7SlBeq!YcA$ui_ zn~6$dWs;%QV8m-fs{>wIH7B5P?P_Ur`iCzgC-=X*?T^1Zmj!bim+F=5Z8y%QPZ`m; zzHl?3JI6BS1#vO|5^LZaSBy;RTZv12Z;M8!z3jW_j=C^fu`gx}tXuDKWk_vj2XU{) z^uw0z(ozT0+;>8PNqM$b(c&}M2z89Ms9n=aBPQpy>xxr8a~KyR#tNE}4c8IN2Jhw` zwj}*bI8Ewz)fY2K1L2y?g0DV0R=$iW-%EYBQN0Dbn60EB|9hg*?V$ae^7p31HgXQ3 zTF}D4>XS&`qp6Wdsou50bO_LRIo~0~xT+w(>V7RjW$9B9?Jj(U*H1A_b!810R5MO} zKe53sscUHiPN+0Tf6m6ubvtum>hHxjbzTaC#4A1BmFJ2RPxn&IlrLIdSk}H4usVar zUlmXSFo})XQ&{)?HVHc&TT0)(ROoKH&!I*r6>z7mWK)y{2rOW~tweXd?+s**etu(W@^ob){b|5V{b96&%o^ zE9c-FU0{DGkXe;QzuooL-7H2fYuK~PD1x4^~weR<8B zKplG-py}Jwjqmz#XSBUepOByE@A?5pm%cbY6z}mkz8Ui>(%R^{zK6cXz!WhuB)R{m4=}Dz9S#IP_z!SC+CX#N75}8~EUmwk~FN@u@2h z@7rN7uo{wIQ=-ZlG9x!ej0`Pwn5&Zb(3x&+a0ftIxEOh>?Xx=_e)8oCZ)RKvV>_&S zV>%i}FrdHS1x58WTC2rZgzx=x`JVvd4i7wJ7mbZPyeU0>yBz_ z+4^%5AcWqFvuUqaa0W6ln($=`AR|DMhaIA}9#tstAZwDI#5w zCJ0hQ`a9A4?t1^cx4!jdt*kX`X768qGqb0hnVqvyHpzbd8~}0>2VeyYQ`>|1{~$r7 z4S`Lh`nX>c<^Miq{?8_&YW$KW<%pRA(%JPEtXiI@Q z2w|IlU=WbasQFGcSEKh(_AKav;+9%mP?V&nI%F{s@3%e=Xt(!@fVcLKJr2P5bIf|{ z1lZoTbxCCbMi`g{u%{L=;bNe!sT5ytj`xki;9mWn3uOFlHv#IZF$+`y`JM&{J1TJY z&K3%H;&nviq#ei&t4-cs15!K1z<7rMOo^=E0fM--^_xRkP;;|7~dOxNC$&pv2POEHkV zrN~-D z6O?Wv-tHI8MoU_QM!pzS*~}ITSp0zVtWDC2XUUTr!N!++T^vDCv4f(cGtX1qeZB|F zYY%5K{y6_}RtP=bZp7(w#g8E7@89~TvkH(G0w4RJuI27a&diqsq(QB23)V7oknw&* z6yBQQe(fY5rgAEBh*$SIY$u4Kc=)N9k1w&*hiH=Jl*YE1Co~`_4`ciC=*KQ!ot9s^%^>8LF%+_ON$Z7LV40Dlum6R;f5!1i| z?~mv9R&0-u4>FZx&uuJDT(IMmi__l)%)pPtfZ#EwDKHWwO>7$N!_*mx4ENXy55 zO8(V9iM*`1`Nj}0ir@LK#nqu7LMoRp8{#e(Mxz@~{x;=ji7c?y+Nk?I%^WP4J*Pb> z=%wsa*_0YhFRWL6S5}#v96y=Hr(O_P@6P~QFytzn&SUNl+YZevhoI2`2u_}yIgzO9 zJLEw&11bfXmUnX1tC($-wZAV^0=~J(tdP2YiuC5p zXr@f)G_({|;?HJBadH0l++@#}>iSCZ2r`m{qh$n&wSadFx<}*H#sT1W-tLf3?_cB_ z&sH^pIhh);@O^IN?;%bvDvkv^G-(*}w4@Tv(3Cq(5wA0ux>XqA@00xSHkD1dKPQMS z;Pqh0vJ~AB1apQ9J(^Eg+ecKvL~dseU;jo1Upy~Lhx04fXC&Dm;B>x8n463i7L4>V1)F8Pb+`VAl@XGQ}yc0Z}0k}Ik; z-@RqyzrlLCe>ds5G9%E;=IldR86hU-qylb&)rn{Zha^-svjf2#_&?dKDSM`)5wJFT z$qa&dSn;k3_}dAx(?pNOi2z+>V2a%>+55 zV=7L4YQO>>z7?C$$?Kp%&Wx5My@YG6{3fM_;$N2%)>|fk8T-G7W>)|a%;YeJCZTLF zp~u7TKmF<4Nsh!~>^|5@*GHzV=YAeKe+EMe&Eqb!dlj-XAE!ODAiF06=9a>Yqf(ph z1u9;4H0}L52Gd^X^-AXr>jmaeqxsyUmOhaD^0M;|;%j~D3c#;jR444OMSAJo9&&E` z_*p~rQW1q`?X!k9V;|)k0rYH6HdSV=+)hP|nL6yU(Lpj_x6%eTOYE7S{H;dx4mbDTAPYb~0oqF9DZXJF0{H|SML&crsukDq)!PKN1~X2^V4;?jvG{UBMxFwub3?p4maW)C~P3Agy~MkE>ga2i{} zm5v#3EYo$O=I1}ufzaz0T!1szRVl7$?GqcUONaO29D|nD4-Ga@koT8^5Ft~@c$EWU z;!K$K{4j;zBJB+U-OUQisTgyHbT)Wkntur6;lhu=v_nNEvs8xIxY)%CWv99GRYLoc(bd!d_P z+f4|d1rBc3ZlkP1s>_FIQa<-cbASD0VO zy8qT3R#$4W5dDq9d((HC=DF41nExB#|IFhbwtrV=R|@>G8m}9B9wGmZ85Yx4xyFUm zN)C@YlK2OsQhj3;~ zo(wV+Q!Qz(uF9HQ)U|hWQHr3+m8p=5c**wGC+GyHlVE9;fR?2LOU3*PoqoD)9EaX_ z2@_t%f)=rqD*Q(}hG@6t^$X_e{f=#=J~AK23NI5YuUi*PRgjgBSH3zPVgNNUyAvgfU6#%JnRVggeBY<=VWs@+{n*Uo#0{m#3KlOI& zx7dA9P(~YqvUns4pg2U49zI}U%!~QJ90qic0YF3HPcxHZ_jfSJK%npl7>d+hrkvuX zwR-pP1NJ2W8rXTT+EElKu(<^p+YLNe=SuZXxKj@oe}04MAj-#BupR`5boOVtd`14q z0U@^MU~XEy9O0+qduX->^sj8|BbT%^@aQ?GHw*j0c@#2U%Gw`!{@`LLpyjc*z`y(> zc*U=HP4C>^@RKjfSBuo*z>JSp#8AzG=VLwjGHPARB0xb!*suUOf}2Oof?IDXYGu39 z!#jC;doY+DjO2-#$)Qp;fD^`d#_>aT-bn)#!hGctEVrr!)(uJ!!`0DW$!)RkC?7c*mK|wf+%> zzwS(C-7c{fr8ITC+%#Gwa%ktf@y~$W9R^gkj>E|#oBsCt>rUCthXrt*3Z-uN)y?YT zt1W3!9nKCvT~)HS1<5^6i@RZ!+fUF4Jmi6d7@I7t3?J5c#2mPN+bi^(1X^WN{ZPpJ z=U?}74#IR-n@09Ig$)%nzF=LR$OO*ndap?wn$JDGp2$=gAunBpOoh$&2O5Bu=BU1?zW-Z&2fw+y>mryo$cdLes>OaLK^W+Y5o` z*@4V0rq+ir=P1+_WnSCIB0Apl%!(`;xg+k_N_>w?O{kCEjXCSiOEqmia7L+*piA2o>45W>SO)tI%3- zb3o%FyH5gUL?qVE3({g?=>MWe+F?9Hc3P^C9bYNf&o5-#c^a6edU`zxF9C zUtiVmt+0ISy4`nN_UWuWf$tk<_whgt)6K`gsffZY8Q4<^JI>ehj9(S)p(kX2Nh?Bq zqgya-*J(46n;6cfssDe;ZbzCqJ(VjD5l3hwF*N{5HQO1ff0kp}~* zWY$ajygVpsFwpw^K`(fvWs$db!bH`QM#(n8VDy3zv2hO zwK06(Rm8QrSCD3PlGQ8{5Q}WsvrjkXV&yo%Un2LknIa3^43&G2-VAYlrIPoMlHYNn&ocrns?sw0^g~a@_eY!b;Z*m|jTNkIz+9<}u;M?i|bh zG}6E{lhoMzTI=g8eH3Z#!fiY-Y!?|(a_+jRDr6SFj@8z(YF2(6V~|NykWbBnANuSX zG;-W3qeFOoftENeWGsxOv*#De3bM3n8(GYEHjIDnK8?tMa~!~M$O8HFtoglCHQaLP zj%LW_y-x8X1R+Y`by?&-0RU-M5O3SIU@|^3yuu$3T>P#H*+difLVprRG=Xlu<4~%y zz^s}<2X-~Fu{!i3qJj8H+O^f=t^a&iaxfh4{bnQlfM|qdI+2rA7Fh})WF7-y^|Z$L zM|K$*5=(UOA$Z$XiSTY^dU+GMS^)5UWPP%jWA45b)UL{jE$<&ESiAU3^E6gn+5HjV zvnPTe0B01A07g;Uh#RaDuCO;(42=N$&H%>=tM*IkNV)93Ew_tmEK-rQn{bpzhh#ty4?m z-(T%5t{|Z>&jO|!n=J$y>- z`U}hf{~>U8Td3X z(&Ee1ohu38sLLTTWT|`CU)$9G$U+1FgriC!0{>|Kx2$mt_RY^vqc5&k1LUK3@|0GI IhRvOS0i(6d@&Et; diff --git a/docs/en/userguide/_images/02-01-3-only-these-groups.png b/docs/en/userguide/_images/02-01-3-only-these-groups.png new file mode 100644 index 0000000000000000000000000000000000000000..1b5e1725d085e7928ee5333bc1ff727040f6ce26 GIT binary patch literal 36407 zcmdSB2T+si`!F@9Vnm>wY8jbkrEmvY(}) zpljYsgaFRoeu_AT2&)4?K71mCGpJ?jO88A>^ zCsmQu_fumJAk?=(9Eelk<+3tpPhA7IqCJCgtFf0=v>`wm{V zGi0qR^T}}Pw&H%!XF_ap^_SUJ%}zn=O5dylyx9LhOB8ePYofjJ+}ri)AD=pqnd^|l zH>awqWCD7pXO?|o8Q9>dF!RY_3#b8pygzSovyQ2%KkRDtq=z2gptW76&MNzH*QGA*apLm5*%G!#%kw>(T3Od7*fP` z_Wd{1op6~=d6eA))(Gq1I}XE4(@UT483)^zS3Z4k|K+IT2HBh`Cb>fI>!ZE;<4i%zt@R}vkN2o%RWxotASg_ zlU-kml?HfE-peNUy-O|q)x1%T<1OO!J1!eiUqJhE2~T02j*vbrHuXLr^UQVGIi1@-|oE*rzx$#;3W3pam zEtc~>Sozl}Dd%Rotp#P^DN@h6#+!Fb?Oik=9al8;hFp!VyDH{Dk~3$@)Qpfd-t#Yf z9Q?;)>N{`niosXB$a^l@%Psx9j1FlW(mutE_8FnO)Z4e(&_SqPTNG8ply%4b$<34K z&f8>;XxpH$I^qqYXNf|+RXN;Z%VH<*8JE1(?fZU|J<`N+;mOBX(=oQNlW_AfHypZn zC_wMf#Qo~EhnlSy!^N@u!~>6EKG8^>2ao}ZP;U`5dqv8{wE`Q0%i38a*>HB}OTQ`^ ze!{4-f5Dggk{E(icm&2zld%rQuS^P2wog7Ew1}#U{7Zv{=Q8#pgSK$wS@w}_9tBU8 zaYnU$ZPL#xAI=!jGEB2dZdr#5(>|HA(og#`$ylMV+gyD~Q%jeHNfz(E9ql88H8HM} zd8&V%KM1o~&1Dv*Z#=n^G^r&u|0Et}K(RB4dUgN$ebks;o_roVU8g1eZ4@O^jKcAX z1-2?*)W?@~NbG3PqRy?ZUp_QD!oO4U{*8**a%MEoS*wea3Vj@iwveXi&F8a3C@FLA z=esW#U&oa+eqxqZG>S@nE*5O{F6Ehn-SdiTrq(fOcA=VFdVaTbyQQBYDd zrGiE%@?CO8@2F|i8FAt^_DNd#g+*yBe-k2*o99aAtvtNo%Oh8l-d8D|`LFJ$*t$0D zs;TAmG{t~nDKXVMBV|JNzBP+^Leh_XV6S8vdha6p3@o)EJxfbGMv7ux-i8!twj_Jf zWT1(y)fgCUAt+ti^geS~ojH7;Dn z%5BBNczdjJwHDm7H6Y=2X)p<~M_ND9Tk=s9NM#Qu;i(vhkMl#7Tr?&{XgPU#%A|cH z;QsHlVUCAj>-|R7TQi?;by=v;MStdU%ZF3Umj-&07njs3Gnn9%RpU%7Rtje7tW@%N zFZuZc=38J@9E*<2rpXI(vs#UNgpaUQ3N}q;jFc7rSH! zbmz`W#A@+lrS3C}xS`a?3(-X_1+)txZ(NWh$1x5Q-)A*K9tv7Bi=?DA?^uQAlFHTb z(2pe`X)l1&7p>aOf3y;??)6ulX zir|gK9W5M{9K9Z^``>j>Ikm?=&~rM<-)czDcv9k#*4sSNSq(^lp*XWKXSd&9XaQ6$ z0ny^WA1#{}a@%;s_9*f@#UXQ|(8J58xNS@oa`4ax?7I@Q&OA%dq2*hjfgJX@C%4N* zu?nFhVA;DulxdZ(GE;-fNB@wW?{qk>W3C+beQwjj{=X?4F3qul{ zn%gB1J`_%K?Scex=;N4qPha%t`hwcrQJC7LOET)}fmzv75xiRl;&o+3>JVHxVdafh z^4dpO{1uW&(lF~}!L2nb-;kD2shdASHhW*cENsLYoetHd&e%r)29z?EUqd|??(6Ia zU*6Y+CsClD*$4O>Qy~_PL8WPj)sN&=MBb7<>f^h%xwDdB%d*$$Cf8V~D8mu{5gE>eP4W{n? zo}&@tTy0%=gTd_L`M3*a#@X0G1!I^&0H^E~3y?0Hw6)S3kUdSI4LT>&_j zMqauje|wm+AQMhXEqW^*uw)a6ELAw?yZ2IHl9#A8q(*A=)NBtpa7N*Nw&+mt5tx$4 z$i)i`v9L*!og`0K8{xw8=l%s|C#QC;=RdoR>1jsSVvi3?J;E_f&%Nx zI%cnGObyJp@?!+c1oczRyR{y5*I8tV2;2+hsUEbT;5JGs11u7{tUp}Lh_8|k=yW@! zWB4Yck{`eK6=&|ty^vcTch~SbVrh7u%V@?`_{Z9GWsGZxla2Bn zo@ya~Hh8)8R`=TGZx-!N(%sMD`nhC-tnn$AFJ?)=yIMapdxhqatITIt$@>t;_DMP} zR5o8J>fI;qMSSB-2$?O67Ubeg8qamVn3F$04pYwE)JE#tjC>(Z?P}f-8p>O+qwG>L z?rl<>QFx=dXL;AUs^wsaf=d0~NIzl<_KsT4CsS7%f9I+wxtR{KiE`IcKD z;?G9GX63~WUrP*7cuepRCvG7A{yki{s9JZKY(0$F?Ut{a9QN1WAD+!))N?wG-C)^} z?g42klJ1><09mIe+}HN;X+%G;?XZZ%eO+W1!a5GRPW&BLcKqx66f69hI%HM%oSx46 zud^*UKAu~c4ngi@KGkZs&X8jJpx&|)Uw@T0dgm@XQcEg1ubgBSiYru2NU zm3-&H;jw@s=)fpp2e$Q;^vAlu6@37we5-TWV~sOe6YxHY;mlQXeGMQQLWks{-;Ioh z`n@NBq_*y8pB@-UZa=cU&*)%N%6zFt?96LghWZYj{xgQOa@3~*nvrDb7?v-b2juW zl+BBu2`MIc>AWBtmgBpzeijKWDX^=4Dq9Tpmu`usHyFZ70Cv5uz z%tO?2f8tA~e7J6G`rh6Xm3%}VW&<`=-COVqO-S9cIb1L749bP?Ka5S_EKYg|-vwBy z&Rn>^Ek|{l#!&t6?_YO94w330G0T-lR3e>tD+q`>++Cs4Z*7*fZ?`e zNuv_4soA^87m5pHpo*`>ciC=hxZ<&O zM8(_UedKLe{9F51t^9AI&%CWrj2j*M9gA85k$wBle{YA7iJYz1Td%w>rn0nfdilaa zKI(>0P@~QTito<;)i{`}pC33k&nK^8n{~H3N}laqr7jZ<*fQ6IiODh?ai2bwTqKp3 zOFR~lV}>k{bSSda4=6DiVgUW?2rm(xJ#*HYx%{!OC`CP6f|MN&Rz<>M-_`6@V5+-# z;({>gS-x6qM$PfPx7SytpH@mW{gLs(yAM7vJbpW1X~t~K(|ek}>k>!o!P?E}K7!xF z$>FE+y?=r=V;*dQGS_;Ad5>*T8rq4zd`)%W(6sAXKdV=V*n|jw-^|=AO>xtOETg%- zc0X@-NTGEtL<^x|lMLtJ=%-=9@~J*KqR|t$`HT|*Lx=RSERVVj`?{EWw)%Tka{;`1 zZYi1rcLk|!X(zUWt`&VM<{U)#$!&!F%GM8;z?iYI9PX|`tt4o68y=VPK4@xr?cPV9 zyko4CxRs=YDT!yOk;)fgXtf0@`Cq>xuMT0h7m>=>2$8z^K-57v5?!nmxVhB|ST1dQ z7Z<<@yOuuUio^%FoDm^kt{>3I9UDC=*shnalMI^UZDkU7F^IO(Ic;X|Chp?8Mfjvv zn+|((bjw=42&5@{zDZY*VKiqb%J>U^P``0wSsm#=(ksDdWBEjDGb)LJ(H!aI>cS!B zH0?WZ6|lP}a~EJX-@m^m6h#?mA5Y(H2|2BpWStfl>aC@eV-vd%$5H^hMm5_SXq&du z9&SG-GmDo~OeY*@^YHb-O;HHKD28H9Cm`5>a`JY9Z0- zSWZmWeo(K(^2=hRT4jL$3Ur_Awg$wg;(c6qbym{7sT=)F#U|5QM zp2yoVL(RhM*?c-JhKSq5*|>fHi`+y4H8s@Nq<*2IdMi}yuJ3b#Z=q?-l`_=sYMY32 zC@GUlm2hr_e{W!PKrTv2^un!|>Vqe16)+#;La`QDdlQ5`sr#CdMhbJO$dz3s=Tv8; zyT6$d$n4=H$@G8YeJ6ZCfl@9D(M@;motuCYOjCr~vq@d8P zKkZ|x@BTp?^}@a44MD~B9ck!p>_V=;Cc=Jwn^d%mH_$#xShoI?@r#uiLUo{pPh>ds z=03E04&nrl%uYS?qop!#U;u51VJoik&ICB7+y)ORDqQJ>b z|BL>tp@V2@5=g`#w!zhY>rm?|@>&p*@pYY44omlvj>n;=%rwW=BhCSNrK{%I!?r)} zS1Hn>=E&l`wI5+mfVkm6itMV8ry?u`M3O>Xa;$a_7O*4hl5{Xxl3kKaCs(Le2_K3rSTTTVXB^O%^WNAWhN!lV!t1 z`_XjR=-U2q2p$B+RFa^jI)sW|iA1CC#09YY7O(Q2`mFouWQ2lvK|>Qz6pkPq`s*Fu z|1kU0km*JKkbp(749ut{HSj6*|97%tMX(RN?k$0XrO^E5f{L5EydSb>n+^P5bKTBG zLv738*(EY!El>y~d?1}vR>|xIg;I%FeN?O%h@Bwt4gF7vZau2KQZ(d{91oNa?@*;l zurC8T_fqoCGqWw_Mj@`~8wCzr1|k63g*73*@aw?5=zdVi4gc-ZwUbxz?l;U@C>6}X zjiS_0cOUt}+P`m05LMu$v{|lbZ9;N*@i6O5!=P3Jc5#Lm`{Tu|gC(B*_TxrPWJL9c2C-sm}spQ{$}0?|f789yY}{ z%Bg6i;IcnU$mi{<9x#Vx+H)0s&w-Z?Tnl6SJ~BVa-?R-hIshK3^5F&Eb@eE|E4$4@ zldpj?bzJCXUmrWZ`IuV`KY@Br#o^XhK+@nZJxImsYCTW!-sRk`=~ef4y__*0wK+^J>K`0OCb6A!b2M}MUVD-VqFv7%n`rFV#@Oc<_T7!y zrnB}p`#O1ECe2&b+PmZ)tSWOQPR5?b)#ZDL#QoRObtNLuk1CjcY z7iIkWBE)y|JJQ^ z!ss0CT@YRmjopM}@S7vg5rCC1DLv`J0me*pBgz-c#RaTGK|Im4K_A&qNub&}h3vin z<-N9@^g}dQ%{F ztOA{jB`3wl!v^u!&yLhD|B#w(VNW&h(tOR_P^gsaBJlM3nu5Ksw3wfYuOVj3U(CL? zxN&j&+RJSoOcgFK>{ei(nRbz`!uni+Deg>G(fB>oZ+U$04}eM@DQ${-PNzgjG@T7t zj$v<*_}XR>nFkWIZ7v*80WiTU$OE@y8s>O#{N4b`iwM#CD?IeX*q_j^oYLMf#Wwh(jbdRI$n|Z>4j= z6h0 zE=SmRo;IV|^Z=`LMZk|z(`yt3mBdj45ZH=~yb-eR;$dN5x$dWiq7=X^tJdUKpJ_t4 zOO%8J8;Bu{R4F%5GZ2X=_D8;T zcP{+sR!d;`;y<*^qr!Y&{~f$ZQE0@O?q;@Dc@ z?&C(X$L7kzh%u%b-{$*C^jO^@nL5TN0a_4y2cSU;8O^cA!?v+v+YEG~Z_WR%!z#3g zd<1E8N_nr^K-+S_eEV++wD%G1wN-^D$ldu5bjNq~R!7FXDZ5Q$CVM4`*6!*Mru0DR zG24R@{nysKmdE5#XIW%J$OFamYuB*9tZFHBkM9Bvh+E#f)E^C!YUwc$R`k!fVWbvY z(D~ZiWWIcFWs_Lg!G$&byMiD?FmLTRe0b$84HsaTz6& zB+EGv|hp@Jqz@F;UD87Khvl8K?E_G0e0ivL0 zi!aIbH#3u$wBYw!F3bw0p>2BwB$kE#VGW2dDh2>K-Y$y}ktP#;nEqBGQ0xl1v9%Sx zVA%>Y3QQk7`34jZwc9;R8P$(Q#~n$DCu7e@5)gJB_PkifH3>z($3c(PcNf!MmNcEy z4_cDO{s37YFr-|rp9Y$AlEOAVy}N%_WCFG!vuhli(U>Wn&-#xTw=f4a9P7=yMH(4( z4%bX~?Fihmer0*E-JN;0$<&wFWcEzoUBxYW*j-b3_vJpZiQdKl(-b2J{ae~M|1c*! z>&IluC$=wZI{)O^Nzj zRL;O7*?VDigQI85TAQ!&j3l>V^hkEo9X>Z=jbJNl5@RwnoADs-b<@EmtKDBbU7d;s zdqq(Q-pyaZ#HYbg$_z)N?>ze~Ug54a09}S;aH1td%p@P7dP3<#W(}5Hn3Wr^WFc~| z-1>!2_CfmYG~1cemcesoDS?v~2GK3M{4W7}9Gz({^)&vTFBiD6NAJTD2V|3rpb!M2 z5L=OkhGL4dyge1@Y{q_!NZvoXqYW8N1p?zcc>ROATR>3uA1~Lp+SuEsmg%~>8d+++ zXn!jt5mq{o$L)g0)891Nvs07KGO_mxr8({`W26j3nnFYjm7`|eFmg>~oBfO~pk?Kh z8f8JVEuJ($c~idZSM68Tqx292w^MUweDWfAXY1qcmz2a~zrNhkx(*cN-H0h=@@4?n zgZf-{wQ%E1#7GMp(doXqn0UBr9RdsITAOk@f$KQ7v726(8tOb8gBTyLnTXt5j=%?$ zm0Qbt7B?TQOE^7s_1`G_+;aygI=$urGT4IvVx^m5hm}O-C0&kD7ReO{v-Cl9dWm1n z)OY#l6>aD(L|a;}SUfE82_9{AaT4V}f|OL#2;IGN zIQ=mno(+-4U%@)gOriuNqf^bS5gVVKbtep?I|oh{E5djT@j>GS=s||^Zwp1?q0v#j z0XgW9*8`$8`Bd1hIM9h8G{y2iQxtuCHS*LR*g8|j;@yYYual0Fy$%)A{PF3qj&un# zA$_F!4^)*EC_&+k3ZUZryKfrinqoz{%gc)v9*21+z#mJZc4K@sAs~Dow|+dS%~^M} zqL>mlG`!a#kM*lR>GE0pU5&{njEbYY{%!?vvM9u+yRA#^z(A}mhh01QT+e-m!J?kJ zy%%;@#aAcAsyo*)~&}6XSZlS6hioKl( z)s}$hPIJ6m*-iA!-0_#9%q{(vqryrY|KxPn^-!0#8W2smim3YwBj+Z+T{IQaa5cPU zeT7H3UIJewh@$X_1RZ9tnT^Y;XT@(yo%F0r2UU%H@o=7!1JM>yxOp(3NE*no9xhY# zsY~bi*4)pJ*7^Mh;)|1@5~T0q4TD{}#Bbt&(CMo60Ps*+`@q(>ZmIUd>$qb--0r07 zO?it=iH&dB$3A^_p8IvG>+D5Br!4A?o6ze&n=H)MrNTVIm?m5t-M4Q3o;CK?dC)sil=Hf zGpC1~OAZ^}p9@tuo=N^>hhw$rU^;#>J=Y|DM^}cguwEW|0Mdn7jsqeuj8zc($4Xtc z%F!}i($UxYgU4fTSjmHroRV|$dl|+S`kIHnr}jgNK@9g-fzM ziZ`j&imBQA|35Ke{7-&Ky_5eY|41{BTygNma!EcAG?2U&c(b@_V>i^>vBy?1$<=zI zmOzv#8%;fR$&_s}R}r8OAA-dTUY}J(1S>oR)VsZAv>G)#K}A+MG;{#RqWnV|7Jtnog#30R8h2 zzJTT7p;D9oJDzKo04v%N18xD|MP0ysfWpGnm;vi1u%add*13#lgt70^YyI4}62q~e zcoxI|{=j`}g?{Y|O7Y#FRSF8rB%&q7t+S%0PfeVp(EQ;9O|v3k#7tVh>rZ}n(}Itp zHv_?)=Jl1!V?jB4&PD#rPkJDyUw3lYvkn%Y1?7=C-xb{K9fF%c)J#%4a+Bs?;IPEFe?C%bPs9EfI3faxpV0v3ZI zz?tL<3(*9((GT3xiaxLhP&UKpld8aQ!McsCsEQj&8s`|qN&!Y!0i+$0hyOTZ<;@22 zUJqq9EDdWr?R~ig~E^Jv;Fl&DtbjKv&9yG`R-pI7~ZHt3l+FAb~yS=B&oGP*WeNMT~DtJJ`xPIT|p4pw-`NN>)@@`o-`jB6eoxGVnT6yNTR zNCOo7#OFRBW!PPu=y9iK`Uvk(t4~!Lhki#vP`(gXzFlyA7nPbb8Ki!D|>>wt) zw0&Ub8I1%of+Bs)Ilx_=x+4Uzj&o*9gCm_i%j{kku?-Akj8-@6KOe(JIZeXF{TyEh zGG){Rk@K#;$YWKEcd5wq_?Fh{Ji*jQF4KTGyZV2U5?nQ2zT9J8b!E-t=hs=8v)7lJ zDmR-B>}wSQf|Go5KJ|Ky=QZS^VR>!jZW0un+poxY7>n6Uwl<*(&Ti>^^o3%L+mp<> z8o_+J^DK@xH1tLbWcX~4s~!O7)m)asaXTHzZI`jlJOHJBumhXhGpR^QJb^)iy|~yP zI3&h1E<7qe-+$WU$E#iYpp^KJ#b2g3u1YX$V|oq4+)$yaCR#fk+5w0Sw9&)E0$d*k znw?vucpxQF$sc#0F9#MtD!vB1Amt+Mx0j8#JWRt3q6y}FSL=mygY}0W;Dfu&p4qHN zf=OP!K&jp1Wf-7}3>W(DrZ*JG>jRM?Q@_spCBG0_PiSrHtVAw5N^kmWJ?CD_L4vbk zQ6eaVy*d2LH80_W5o*FI57@+DbD#imOVn0sRsWm&W9Tzm zP^@55&X5~=2?P!KG_L%zRj0WyO)lvdUnsrC}PI9o_2^Q*Ly2 zW9bNxsSi5c^6DnvW%J5 zFx7p8*$YQX4S>==IuuTqYt#uOD+x8R{^>utsSdB*IbR-FNNa=OvYubPx)YHQOz04^ z{asFNk~?|#jGoX>1#3qmSD*2thT9Q+w#dat4>ceZX0<(D6Kf`Abya7pYC-iVxy^Xk z?J|+2b2y=6B>*G?LG_Rp)Gq%-y;ww)CqWEH9_{028PU+$jk6WN7`8h9>{}vVE&8de z)3TJrIuO(`cVY{^PV8f0rsM*nu+3zKI_*@~Tz2MDH-943)U;sM_m92TK4!h`WS59P zwhu}s_m3GY#qz@8=BUIaEnmZEZ)N?ql%Q?YmM7jVn<5gc%|TK2Gd74$c&%kbb(LW^ z3B-N4?P^NjeBpH`Hz$!{Pd{AlOhE~IMgr5xM*mMoJ6Uy9!9E=oO7ZOESwrW1V^J5qfIq_a1l0}$ttZFNmN=bySt zyL*93wU=|K77h?yf==?!a^oAWii3-db$`w^2;1q1jqteCFDvDtq1hYgcBrkqvvf%& zG<>Mma1Iq#e!06A{oU+~5W?PRMN-_Q8*B09({Cs)^fll;%u8v7shxxQuNwC;(eMZA zy8AY{@!EI#QD|63)8HOPc%NDpHcv3n1`%OdSO}Z!hq&fc{I|plj4e{eM{vzHWJ!vK zhKH3}EtjW?D|rWB=GPbd46Toy>Ia|$NAHUM(N>JV^vPnJc-RE?Zv!3)eJ2)sAsPKt zS;=t=Y;)j%f}fgbDB%@C_tp=7F_9NzgQ)Q3P-|&)>CRF@EVou=J>j1^_3&c`l|4%= z8C^exY=Qd-sA(oaZhM!+Ee{Kf_WRwD2w-w`>B=>FLzP-69Ltc7V-R?8hu4!LU41qh zftf%$t?BlYW9h9Art{h0{$rk`Q(cP?Dc$ZV5%BOSW~2-p$5lcLv2q@^MB-z&b?~^ztxYfxnIv)E_t7N zcV=Vf8lP0h8sZRmJi0Q*Kl;% zJWPFcpth7ODK*+4E~324m}oF1_O(r}QtPnP00XRIWYSZsz657GklBrsWOX2n^D?<0 zeGVQ+y_Skss(35&yxSqOQt^v4-|^DM02@m`z(YB82;Rdd#YV{>R>#^8#CU0&vo(<~ zWBK!)7zkCI2vDi)5eaJLC0lUx8@JZ(XbZW8I?wSEHJ83pJWY+N`_0```$5raRB@8g zXigZ**&&^;u%-wPUhbwn^qm^62}tprMmD;MAb77|{hEI71dS3s6&zBa*P^n}!=b8q zKyW)z`(_0v8f{V$|M$y%6-QXU*edWub!mEDYkV_h6y}->f8Of|*#~C6ZzfX*Cd-Q^ zjPuIpUVa-YaAV&ueyi(G$-+-pt*t8iyJ=Qd$o`{eSbVbnBB-AIOo)0fz7k49F2Pdw#xAUpiPbfq0LY?R4*L{yu6xblv=ig} z^E#aWTI8|5h=J@~A3MtvbStjM*s@s2HfWeGyV`j;K?y&(R%VG;~jiAMuph{5kpse}C!d8C`(=;-R|>f+*({rf{%3T6G5 zwUr?Z!xB#ed9v?<2=o=3%Cxoi3tMQcc(^st!=j=O{tT)avFA7y2GFI=OYy46{o{+tZ{QU1NL_ul2UP6_B|1$Xl8{*W$ABZ=&u=lz#u{ssN3W@u4NidBNb=Np zmgKc_5M3WChBSIj95GeN{Qfe9xqfLi3ws5>EvWc5H)i?kS#|K;d)KiCJF~hkqR>G< z3h|8T_3{42J1s7;zlWz=k}elmGpiI6A;HzzElR|}slNgO>7ZXvUp-(pns>$$cgR4CT-PvZZ^+=ku3}s{sSk=Lc+ypv+}gRXz~3tkgpuo34LE1$5dX z^=}H)h78%|&2&f^W=XEdnfjn*AMc-Or9~~77)@82Z{JH?(|fbKn4eLH@3I1A+A-kB^v?fDc48C`7% z*LB4s`tOtD=IxI@cWK(%qYgLnGipO_2~ZbpGj%B-=fgQ;xnlvG?FZO%9T2=EBrE@9 zdaHlkkL0$Zt0BsZWl6+i|FWhHCK*`<5A-4m<@4Z~Z+{sp9xdE9bhq2f!sK0x#-PsX zoE0XZ4zfH@yNgkK#Zu)-2Dl^UT@i5}xd3Dv0nd$6vxMY3>O5f!=3vQ}n;p-N{2G^? zJ_Lai&3p;`L)zBWBL||YDH@O4x{QlF6zTuj&wK_Qg6e@fM0xlS!h1~jJ?uGta02Q% zOHqFPqFr~nNapOHyx1JBx?5siVGSEI)eXP{yEz@VpdCIjR5bjksl>IbsPdAGF-oPP zkFUqdry-@ms7P^Vy-$2wSjYVRlk}EE@6TS}w}x?5#_$lUp<8~NNN1_F!=L`UBQKLD z@-}KTr7BWUE<|1ZRL;cec?>Fq!$9Ya3UO~BwX>(#cmC<^-vd2@S}M|JKT<}X2rvYt z%-7#;M^98{Lip}94d%eXp(7M)l}cHm4_^V+#{Hwlt0fo{Ddb$mS!pF$oF*HJ(E>_l zu|#>tv>!y=qp&@A#C__i-u=ytw4{uYID;RN@!%SmIS0O;h8QhS2vg24?iRf%o|N$r zTi>`;^kr*x>Zd-~B}{f!>^x=Z)<@L9QJ`A|j(^6YE3)RH{zN)w`q4+um^6V~2>auR z19g(*C`XA&XfIIs#3dxrwI#dqpl;ggTSe@oREygAj&0AahP6iuB}KZKlQ1zB0*H&Z zZ`3xHw!(SNCtX03hrvz{OL|&v-?+EYuK&Wh`&YuNo0A{X66f5N|A}E|K@8i|La!A% zxpIlgw}qs394tWNV8!?X=mWhKF;Xhr95N2HRbA^r(a4Eecg&gq_WH_?YWMxm?ZUA9 z_VA*NhNt@rnbP6J6~l)ZPm~(z+U)koSVmWkEU$Ek!Ejp`pXlg(iH?S`t+0XB?vL3w z|Ab4HNGR=A3bz8S3#{U$_68=<8O_DR^YKyWDY%vWe9{GrI_BE4;L#h{v>zg}iQcWV zut_y!pDUf}b>A<(5p}mK-%`HW9c`(kLKOGEnfH7Q-6(Tk|HYqV_z+2=LrZvim}H?* zzXLT{fCZd;aruJ=__g``H*W0AoF(t{%_z;l$r8yqYhRKo;Wpc?Jm0Tt>7x!g@9wnf zOG*vkLFBEtRtDOX4kdg%8{2fNJUEmBLQ$&us0E?NwDH;&F);k-SN)u-6W`n;9eR%6 z;ih8^Bmr<&IqadxmXxISfW6n3mgk*U$V=@!O`bT%P=WiD;oF>`rx|*x{6Zh3Y8n&j9vPUS$x`o7bJe46&`mxYyRkwpeLmCfxy@~Z>0~an0m{& zwNh%bQW${_jQ1OX)jS+6pZ8|iE`&{t2{p?F>#yB5jB>uQik|#u=ADe3cEipYcgSK< z4@i6<2O_}D{*yg-HK?)d{eOREeE|8r)Af1$|DV3lolKzpPmXT40JX61v|vX%HRnAZ+rP;05lE8&tyG89A&VQ;kIh2zesA*s3&e7_ za5mxSHUFM9SZMOPb%WG9htNpJI1N`?6DyD>A~faAee9oXZmfJu z7ap5n8k9Yq751z!Yc%(39cS95D0Er}aUlveDGNHGPEr}AIs~Nk{#U^vD~Z`~CtV0) zv4(wPtg@=1-yB5FaBXvW!DrFf9WIy2P~5NR?WGy)m<*env_cs)d+PDGu#ZXr3^<6g z2l&p(>p;}HS;p%PvE_Dk`!CGszk*6tedpIj3G6VMk)}ESIg~c^k%9I?N4(`?4X!Iu zvK=ix3mHg<)ko9m&RcQFdXrzov5_a)$l7c8T&6hKO&$lNzpl{QU8Iwf_rm_V2r*C| z`%mMj$Uky8r<}jot*aw&|J<$BSG^4Ch!xav#&cHk&>d7^Hd!O7w)8m+27#Y)|M;smwcj8akA^veylH-Y`)&( zmyrhHZ~Ewl1O<5%M%*tu1Ucak8ma8e0GGW=T;WJ8#!S zX0dDibnK9+0Fvsas{dTJXOineVRC};Oj(tRGi71caIe;9xv@X0@eD84>sfpku5R-@EzQ(# zA%GWj6#?^#FmZ=2-1F9U@Q=Nj)NSBZ=*&KOyW0|b@Gk8t12e{!mcrdR@TEV8>yBr@ z_q3Q^zwK`cW%;7)60(D`CHR60xYPL4;+M-B$i4&3R^P55Z>tY0;Pg|XVW$hbB_t|g z^@S6C5B8MWR4`0YqX|pn8ld&q-pt{8SCvHB&;b?Wr%qW*N;va)_pWqauq=Vj=DWEb zS6dzFeO3O63OlOHhvyNDZbTn^^B6EOKXA1_xHLa(iD=WH1IXDdBI{*dxoAAT`mlGj z0B5Tc0jAY6aqWxMk}?25buB3djTv#72lm0TdA738%_(W6qoP*jzC_&YDv?;kG&pv` z-3hdj6?y6rs%tnowV&LvO?KR74Z-gPC_X(75Q-bNh6CYA|F-#BhuWW@ua~MbnIL$@ z(Zhc_K)!L@adt_aP0&Pc_<5(aeP^drC`QG-{CE}xtjeVWkMx~!H2TWx*$%~y=J4IA zK0^rZqOr5&DP7d-w4*X1 zM;n-)9k-rNCT^zAq!G+NNg;aJtvE(Unp@3_l4NtvnvF&=?yaT6x|9xTgoQ**8qCjs zo7RE^#-yVO&Z1h#4=>?}c@8xvq#6Vjo( zc@S%QA3XBYf0-B-JA?SBU&6 zDBrnjr)Zj)sO7*SsBQ6$z^z}cxQZgcJfzb?tJb8kjtIBB`!#7T5pPM)&coYE&R#V0 zY<`Jhmqm>tZse_CV z_B$`nr;AnYL(>+~izV@Rq6Buqv($>fmcYdH*2%LXpJiW}SOgU(5TUlKKi%s+T-G*d z$v#RJqk(~D&)cEbK=Zg!Z7NTL=0=-rsqHVz8p!DGv>9*rm}BElF3ua}|3k*NCQbjKQm{J`!5=o=~lo|N5`xujn_O>^#mG#(C>Q zRNZA3jteCt&LUeL>JVT2_jiYvb}3N9XQ*#op?g_(X*U39v#8A%t5B_FCb;%GR{!*W zVbn#qc2L-ING;vc*N~1|C}jR zPdc-{Wue|JgPNHNQu%r^%xj&srRZF4m+BoI2yfy=b4q&3rIDlY)1W>Jb_L896Z=j# zN>hP=$9L~3HE{ivL;>yWvPXNIs4gdOyn!k9h%8bPbeMu{_!tYOgy+9bi9D9GQzY%L z+Q(jcX}hf7fFaLhP$a3HHhH;2N7k*TlqDXTY+k{GlamkJsBNpX*K1t+PRH=Q$Ff%6 zY9yqNQa!TV74{i&+K9cc+VImw)@oH+8{vY>pIM&hLNu&9G}&X{l;~h9_Fcxed9X03 ztW7|Xzh(ngbNOTqkTF3X0@SJAJzsRP2+Zg((B)BkFXt;YkG#GMO|HS~93UnV9Wl*r?l= zGjB)WiHFryI@y$|8|Gsfr>27#Uv1~p74@sGDFkKp)hlq3?gnZ?=0zu=rv@I^TU*v` zo1`-$WNf(d;Zi&W^RzSHWKYL*8$>tW+6$6elgaMp_dj)W`03R|%lqT_#VE<;9}9Zn z#aew*8h3`j>X*4S48($mbto!POB(s?^8+c_EVsJM!PWS5mj{Or-sgTg^_sn^wrkw? zYN*YyYIHJR_zk$j-_mJeAq-Kh7s1iT(oF1y?M06m2Zx@k)Ue~I^ zAlk-YbuRV9IjLCJ&`}Tg{^UM`i`Uns345~^S0aMkI}H*hxp&JDlUSno=u>LINN|!JE%%GR7f4GfT>siP9So6Wne2XNTrC^4ROVeRm&dN3lQJDt zR&GCXSr+4Hr5lI^p2IoY9|p!)MAQNlzS9Y=XBd_B;P( zOm-_nXFr(?FjlYusGbXPYDWq9sENLxlcBxy4NIl5$Ya7bY_FaJXuZJR|GaTSKlh~d znj-MlJ=X<2hzlHZ36Szc*JYCHj@mJ^&yy#=SjhgM*g|#g1ETQ%rN@u_zjVEXHKGZF zx**|Q0=M%Q17qEt^y}EnHSIC-z;Vr%1NcWJ3F(zpzmL$cMm4Hv{rokQHsiMy=>PDO z#5FQ_ltAlJW0M-yBF6LXO(>-=^Hlf*m+nVc@3uuZcI)yd;3R7HZP*8->fg)l#8cb& zs0|i08Mi?IJwf#~P8m{*cGTuenxGCUkf)mOpX*)%vM}HXVA=&hw;d0)g@Q)Gj>-mo zkGW%+%p^hiU_b47@51DtX_Wfnukg4E@k8)D7GUI-4ON-xA9iUNJ_ZF$&{(#HyZRq5 zjdgT-u!Q)UGWR+#bu8?V8uLDM`>&6oJYKu)xP_9YP0NM)Z(cR_0;`!nZc*UFRzMO!V^d9ama^u0o(fjaXbG#w)lC+3d;OH4~ z)GHaA{(Hf+`#}yTX#CjzT}U8|Y=Vwj)MxzOFIwg>GK~$!0gT6HW2mx6bePwEPz4a>`syMwepJ#eo<1cUBX@v zN~m{~X*7Z}xFbN5UKlnZvYhD@1xz2u9>0o!@jc#+d_J{$?5^$#XiqFqj0^%#$)R>E z?7GHJ1{W~QS&H<11=Z}f?H8Kh83b^OlUf-s#wsP?mLX3@V*ilp*RFayU{wU2KS_tZ zhjUT`tmlYhpFp8)#L&Asti;AS)fTh{fR+K=OIcn@0^kf$)DzgSSwRy`1bgS!0DA)L ze!&Op{b-3;7?;~B4I-#FWZ)&Jq<$}FLkSBu1g{LzX^Y0-Z7x`VPGiuP!o;aq*tZTE ztQs$JKB7BQr(SNv-=E_^fc;VA?%(wJ1<-Y_BOfn-j!OweU?gE?AB5#~&aijGgs4sk z&Ht^r_Y7)s4cA7ovX(ByB_c}@SjwV{NC~~z0O`Fq6=|VKml_oXrHb^>I{`xPEh0@J zp(pev5K8EQPy^o+Tzl_xX7)E{=9@YDoIeguGI`(kdG6;f*L`2tiyu5glLmRmU+X36 zwJXq8{lSe`ZG(qo%OgLh63i~4|<_V^ks9)jViK*t%N>o|Wr|>@_=;_C( zpmTG+_W|;gMy}N*cZnAg!S@jIf8LSdULC~*x2^_Ne3XF%5eLIW7_QbG9A#gdr>S%{ zOLH#>NEtS5^fxZ(f8O`A^J{PpG1kEi&~0Hmm{2fXw2Y*T#SoY(>E*5yE5#G_vsCR+ zDmTis!esO;SqPnt;(rphS6xQ7y8<~d`bHwQxgq9q?(&j(t4%0a3UG&1lv84+2TESBU&rMUL>AF<6thpAFtcRv179uZaPRNEm)%+uKlQw z2m>aX&@9Myw|)Gltc=YFU~_ksE}A z-V@Ng2E$D-qpyGixr3VtbtT#5QReJc3)MX9M|X6h%J^H1o`Z43Pq!r8B$RNz1?#(23@ARH|cu)l{7wiYYtjPC}2;Q zVNEuc3|O7+J7K0LqGzeTDu5;dtk)Rz4UxVK*hEvRA;S%Xj|tj(n_s2=`FgzlJkC1J z{Z*0GY}Mm6+0SJ_+3PkPer&>;8{@tjkkj_c9(2XLIBZz+l$hgx7D9tgzQN;QIb1}NFHot1*~?OE4p z8PeUW3qVO01bR`xznop@Fe2`xkFka?Owz?63E%B76lo;s`#9W04;Cai_or^Ke+EgC z70L&?bD%?P9?_;~qZze;30?_}NymVtX_K%+edqNVA(He3fXq^IG;dz)-H0&(-=Am0 zn30@MY_r6HbdY?k(x14-(Mc@~IiHkxvyh1eZ6GUXRnVme_@+=g{o*MRe)9(VMOoh* zMF=1i!34O{fVz;EG93=Xc@I2~+Pujcn7slvg$txeJY^56e+VNu`6q&8sFutUDzp!Y zNaeO4hGkeQuINP!p$ri@vWQ1p;xV-?(Q%iP}Bt4#8bdl zD(;0TkHkIK3IpU3x7WVCf`{cXG3qOb_VGH4_k8NY3ub6P$UzC(S1$75?4uYbpbN$5 zmkcBflCM^*fT*?V+(tPCM?7b#rbSOfU<@=ox$fD$mu0EvfxKIrcVO8JA69G>7AUyi z6fu0gaYMnWFBg$% zYNS`|NNk$ALZfpG9Am5ZMI$YxI*G#WYR;S1%Nn#Xy~jWwsY%4BTm)%l)H*`~?Q>P) z8;FznGr##9Oqhsytr{x0^F5(z1=a!c243W!f0t4?dN8kVob`ob4;qVRcJl9R?|V+s zUQm82lNPxM^g5{D7p+b20x6VgFxhjlm#Lar3C!%0%`hNm`wy~v4@%#{e$xF(qQP{- z&XjS!vluJn#?5kfFvJ;#wB|Rmo2YRCoGkesqkyGc`Bkf?cb{=m(5*W(Bb?{?h#uKd z0Gp7A%$&85E}~HTrM1qM%1(aOcr@TGvM%*g5LIugdp_x3*`~`^7F_4Hm$*2&hQZ2- zCDC3@to>Upalqqpa2ML$oO!!dEnVOr!H43|#rLnW;q|)(ko0M&R@k-3Yo=f@Ek-{g z*_#}RNDV-x<{n2RmOi=66C2$m&NlZ2+HKl^JI)kMaRItSFx>({b=Ae~f;@GlFdq^> z82^o+p?KbEEt*&LWzdsSdjhm&TzRPJuj?CY)q{y(baTcQfV`IMm&8FX*ghEj5zt>(;vA*TqC!jF5TszfwefTgyjNNbd^ev_7w03%71V&o}gQ4R>K z__Nkj0HG={`1Wxu8owF$ypF)E9p;tsHO)C4>*%=!$}Wl|&Rd;;2oo^5540KGpC_6E z8LZr91Rx@hVlEX)pQHN9^nY5;ftDXA6LUjPp8=Gd|Hn1r(aGurwefY^rrk|z^LFCd z6#bHV>z*}npYCq8SM9$`HYX``++<7pTOR$F!gVwk7ykX9BD5NvRPiYf_=2yogUbfVyOQ|II9I0coJyUc5q>AY?61rIZMH{+mNKvopo2!qQO zQe0WjVO{XmyWg3{c9~hlT<~$ycc>M5#QkQ1Z9l^bo`#I`-unb^xbLF%NFG10F7Y8I zTDBC|YtcK`T3IiwN!nW)^!kxZ9lCxru*XgOqTH2wT&3U>LCZ`eL5af){AJ;(j0n5zQ-drU>hH zX!-N!oDRXV__j8>%YEz$m%IIBOp4diDEd7l)#Hl(J@rU92?2ECy{KdcaR zw|Pq9v*&F1WTW$;KM=ZDPuD&S>R^%eTiRQ)2ekuy$t4#kf~5p-rgoxrxfrhsJTC3H zo8njbK%CRREtWVkG-N+fycCT&e0Qu#xkGBo9qunU_mLIw(9oV!SulA70Ktw+x8~o@wUn)PFi7i!gg?TwTc!NaquNe zZpp(dsYRds6uSL!>_;=1ES^s-P47$X~j`2YvIOO|8Q#_Lsljk5#y^!M(lL!7$@v&5r9+J9=P!4s(}xJ?*{!fHyz~%v4*8 zhXw7?Qa-GK;VJd6=0)Npv2H7W+G0dKn`2^Sk)Dl54P(Ex-L}h2h$~t`KJuIbc09`P zYn4iY4%nN^5KHhSW0G%eoq`$QJ}a(C_a>DadZoHuDnKB2 z9qoa-Y>VI_8lV!^t;L41WyFQ=hE{4v!F(+pP3}l}{#m-}nsG!9p+^Ac%Zt^)4nir9 zd4XIGmfc2%@{r8ga3SD)aqLpIe()GYa9_d;tqJx87+{q6V}VqJ)xz7TsU4;Pi;b)u z1T`k9QK8#y@!Dp|T&Wl0_eK>-m(h7ytj$43i9tENh4E-h2= z2a}aDV29GtvR*}=c2ELpiJ2@{9m!P1T6V**#FseKm=XP8@UG)X4mgd;U7fD`iV*gB z^}(-x)}v0u%5JmAIY+`T1Bxl6>8BEOsM1 zjUJwG0oOPQXv%86xRe{yL|)!pL08p)C89pBn$&CJcR@sfCvvo+dcDM!+2_fXV7T9w zeR#sU5cd1@qBu(gwT4E*k)2k{RKd;Z{axr$HlsK^G8^MJ!lspOW4iqC-XI8a9;aKS zt?uFI0IA%WA~83*_w=Q)dVr5afbJfrjW+Bvz2s?caEaqUhgoM_Y@QfcKMdQ?(*Dc*4S0qUfHnROYQLIElhRG@ z8hzW)cam+m@^0`m&p^;T&le9hSz90G`Wl~`k-(Xvjr?BkHKY;|V(M|5Q}#5-I8n^-at=Hf%dhR4 zFPW`#G=*S4;oN!)^ll*9P7q5PU~GX;ddOu8bHMingpYEF%;KwLz1H^^$SoES%~!d@|0H#vDTEViPZyim*P?;7iGl-bFX5`-U*D-nynQU6GY0oq#eY|x`y5o|5 zrF+r5od@C^bA7~-ZEI+hwQC{CuvYY2dz;?`uM&Brg7^_dp75G}IW;pNN%NPe=VqX8 zA}RdiCsE=_ALoIN)moAqp;E4~5K%A`=uMlPzYmQ90kM*P=cFxB)5l#k*$iI4Qz04h zMa#N1*LTPXy(=4@e4{%5=hEeYySv`$S8@(Wk58P1=x|a#n)4F^eos4NjZhHI-O<&L zzY|ew5T%ZX6Cy(AZVAKu9QUG~#`}_-ycGzhm8C_d(b3YHcQuPEV)A}mb{hGD?3s1S zCE*9IBh?Kbb)1;!nVozzXe*~;!rr5V8GpPB^VMX{gX^6vvdp3u33U?|8~>zw#*JuW z7$)T5A~NcM*#%X`je@)Bt1@oTy_%ZcJ@Q$qG~IvWU#cETSl{+|3a!-^KeQ%@Xpgp9 z=5uZ1_=>bK-n~UGRDP|BjF`)OnUS9U<&z==WGO?#5{J--=#?jyOs)BU2#4 z5R|%yhqIyh(r*hfSa`8BN>P$=!hgyM4dS=UmgB0rZ0-{9iHWg6w%MDTcIasXChRMdLmv@db;*qEOCc_hytrD$1gA61mKH% z4iL7OzI+en?;1>%!XZ!8loo~TN1H7Y6oks6pShnu%L-Legn#irwJ2Ot+JNU;tpp2&d`t|Ju1ZaZ+NdVoxKVZgam5+ z>_l(c9Y3d@dAn-ipABEkZGeQa%2WoUA)cn}Kyq3{eZe8~i9jo|9X5 z_a1*sa+vB1mcY+%MJHS7kXPg?FE&e(l1pMQF)`#iH*`r~Vr8gbsdkK(HH@yn{4oyF zr=j1*pePqIOKO0HYu{HDeZ3*L9V0&5@8GyaYc$OsPI~CDB^<&zZ8gApMmb~j+`#aT}zwdxR1Y{sQl@RwuQxcvM>+`Cc zG&AEkhU1O<28XA-@q8nT{8->XGjHQ-3#FoTt@e=Dy*`8ioZVu3QLHM`(VUF z-vYt0vMQM@T&O-7uV-{zVG;2ictm>fPTrLL!@pw-M;*iZvI+cjtGj*JL2Tme(t6s3 zMdF)}H$T~(kf($4;YK_AAfZw{xdy2xs?P$=c$eauR_N8~J)e!IkWMC?@fneP)A$?J zo!*2)e~UsUMxqlv!mxCRc+EG5F_kl*OFzFap_cF<5XDAI^+1CX{VBOJ5SjV_FOK4A zV5Lt>z|AuPGi0GT!?gB*xbr!WytE+P+Te2%3AC%}5={NI!UFpkyXwZPQ%8c39xOny zgZGCeQyQy8tgRp9TYn$foq;BtKB?~bR;D;5+1qdk8$I~ae`%e>B7okpYPCOE{^$)< zqi}H{TDvSKRXsKlnOV)%1*HH7Fg^LM_`8)gzj-|b+IffB`a;Ca>`#!5d$T5($Jxhk zaok>P(dY{35Nu4`m$W%^P?!pwStTkvS=UDu7>X2|KL(_L6%3cEl>*;Jpr|8s23F%f z{aTh@APwVlCAkbHuc`u(QNI{h45SdNo*&+Zp+GTn{sJYTI=fIRSr^aWf7Cs6uGfDT zZ%XW+@-CWVfNIzTma}AV@C#=?26l9k4AQ(gvwEb}(B(DvMaJhREGW}A)@g?4wn0YC zIB(D53ytV|ptF3W}K( z;vdvhe}AOpcU4i)ms{gm_s(&SdmZ{CnGe-${>nd7RPY0lGsA5LQjEc4)peV7&HBD* z9c?Y6O~bfXuGL=zgq~x*#f%9H_?jfSSAY3~S=w{$Ck=d0;4V)1epNQ}WhRD&&8yI* zqk-3UdC0rlz%j{atM&y1uICv{UGDd;IKH__qyO}Jup8HI!J&7p)$jv%4(f1D?aegn57fMDrly09yAqKa861 zL8|+;m-w8%lHNSuuREq1z>&ikci1DC zKfm(c{kY2V9zZdDrnh7t#9inTEs#Y3^8S6BWX7wht_!@xzh1OO6pl0fVCom%lY#f$ z|Ek(klP9u#@*(MnW{lQ-MMe-5NxL{t7O{P=>Ob+$#-IY`36N7$y6-fi9ab=-E}i2$ zX6-gQGXNdAs$VA`F9Sx+blpCs)QKHJ--;l+ZR$_dAf{~BpQ)u_G`}p#*l3+>7`U=O zBqzzhcG|l3l^!zs8rR$IZfMr(SxV>gf*eI%GN{MAN}P8$$4f1__Tjy+4~aw8-jpv6dX)Ufa+O3e zC`^Xx#(VA!Ep@W~JWo{tq2!8VUPf=y1*S%k)S%L|+eVZg0}-?pSVq6L}?#_f7KRe55!|#_*s%m2;;iH5aW$78|+pW zOJrl9N?(2h|KMMV9xR%Zi=?h6JHA%m;G05miTf;|SMt)ZQ*Ct=APj6AcS}xI8NiE2 z9-Z?OFwX=W*>?{+@qW_O>c>S>f6*)=tOH%?4?Ska*zOGoJf1ul5CF%Wd&suQu(eLQXKHiz>fhM&!#2vN z_Vg~nEI$F46W3XN+%$iI>cQ1t_VlBhPdT$^9d^rZ!U2n0k#=d9!LeSG_VnuP-Zj?M zRYi78{k8K~Au0&CS+sUnuhzD}();cG*Ibfzv*UI-$ zw&7SM6;-#}ivTFqy6j!kRPT-QdoyqwM2x5`mW$?C_(eM~0Dz-~mmWR~bQiw@%1JQw z!fA8tb=Q-1=*0G6LM@{Zw8ypWuPCVSb4Q@-tWi!|q5v!ycGR)~oPhx>u#Co=lmYF| z*pc04-Bn#*1jRTBWjf%CQHOj1Npr`!$i7>j>^!|rQ~`x_6cmRPv`V$H;P!AluZYYN z->;wSG1D>s!Eax_o8m{M3#mL#Iiifm{9C+ONFn_b;Mx=1+25q-F;bf<{1D=~amus5 z*##qFbQRAi@Z^K~$NytcLB&-Frl=sW@8dkp1H%OFN!JYSO62C2qyeRs!aUl1{-UBt3*X}5$9%wi9a8H8ScNC^jJi*zLchxMiG`XBw%E#sD7aTjjNvcQnvF0}7s9KM&l9+39Do6Q7IiSJf6}FT&Q@f{On9AV+H&mJRQz59_^mOERWXmTWSV zYT+NAq`U6DzwI?&?I$0RQYFSlEYsTqyY-&lIN<+&M7w8L^1?i$Hjnw8;gTAiBe`=fQDN?zD4oSCJkz3a;0v^eZHce$7| zexm8{f!!o%_wOo2ORONQrXr`BW@i16R&ApbWVRQkW{CEck1^119X-{>DA?;>}U^Hfx?Pk~Hgj|FvJKEm&yp0|akM3fcNn|9U%x!*S; zk6MI&iA5k|D74G-=HQ{pf!C#dT@K9*E!`*VPBjd;^21^-+ETcec%k8ci(-26j?cA~ zDZO7`;L)J)GL7vhLK43<;Zr-nWondu2{T~Zl_^Y1BZ@A>!wtxZRCkl!^%Zlie}8(j zzXS>SkBiSLd+oj>GyN+E0Wo8&s%)ps5>K=J%VGWS6j-yte+W5T1?F>$5ReUzJMnhk zd^j;4rT%T8(|=Mk7?(3!n2EFi(pRG=PqZj>RO~&_Oz1dx26Qb6!xr?Sou+@3`o+3D z?JCmfFjO$^Fi~i-98#f3N$5!O{rj`EoT)aSCq_{PtJOwQ*!X^dp-87Ni1z8vt^NCR z98$>80^u|HFGJv38F9w_m7C))9I&{dMZ(c(>YVinQ;jsv0(lEG)EldkoO0 zqllBe2r8PU;{!rcQj+`-@omU2Z48HeVbb1$?8%a}xzG;Irw}k+D>6jBKs!4-kM}xc zd7SQ=)(u(*r*Ftn-;Kj(%Qt~!44tJabB8{x=6mf1A*?E+76d_ zwVed9-pOf%6Z0xE66{XNx1E{7IvT%$_e+s}yYG!i@aFw$@XZ`Bfb|CDwJ_jE>OI$+ zp0@<9Hyw7LUd$@?3pR#Vf5ml~KuDY%wr=#^>70koIqe9;rK7E7j-S`OP;wb#&bNOlxavar8_Sg#Bc?Il$AD6LHZ-&fy>I_R;_+J9~Ck)*LNtuO*C0 z6phZ$&sU7%Ad}Z&C&!2Do~xslT9|U{p5tBEiRa9>4+kUZkAoc64wegwk4e=iTbg1A z&oo4~)$)Wo&^JMy9HKfxZ(3}9a;G+umzR&bXL`I9hjLpUTmqLWp73lYZ-SCwF*Bln zV89w3pI!*@SQ)6mMF{yso9z=<^M==(YSQ4H1Er&n^11Kb(~H++^jZxURk~~C zucCsEkUf5VNLn?ncHCJR8Bl`2KZb=Nkx1R;-gk5yDtQRRNSS4bV4zC~c-@?uj?N%) zp{MdX!acZz1DJwFqpKS2bZnhuH(|jCs#cx#&0y`$A=BgyTcoeSnxz1EiFXv5G zcmhOtes7r9N-yJwP#Kq(u~3B6Fa3zlx)BxkE>o+~!>S4nTzw8BU4cr@mj95F;laqZ zJ0O7@INZi^>1?l#RZp7o>KEzg^s2;lWv9a)K74EII`i#-^Ft`phTK)gkcjX!I=^-#zn_1AX^rL_8)ZK^lA4sNy?XXQi(! zS<-V2hfM76Q(*N26^HAve|kppC&CohVvdR8;h- zql2d{K9$Yda0qI}Z!)xaN7dxlX_M)a68W0H`}*k{UC^0ZVF+1iZfCKb-1!DHBE#vo zbzBcg4m9Ld^IAe*rhIfTE?8r!}EsOutSMp*QNaq2BC$>y9Ol>YUPL&*Cl-plL9R(EA!r7 zOvm^EwIyd~XBGgE0~c!s5U4RB^xMpZ7gp>d2dj*~lo%QnE`XPA>5T-ay57Oqfk=3F z5fLbe_3j8_Q>TQ-bt8uvKw>v4Snu2EQWK!}6#$UlLe}W$D*iN$+rj6RYw1Y?ZJ3ct9 z2fC?4>}0leL%YuzdtfMefn4PPXuOnyAM@HT)@L;9k>3AD3aP^Ox?H6sqmk1Liwkr>QZ&B)-UFSU z1qPY?LOi$e>1}8_)KRp({x7LjS#amr?w(}C|K?-wp{|S|^=+ST^h~FjS)Pc&e`Hky5+m?-SWDZ)4KWqH5CM za@dh4NBV@%D?;iQJ5KQ0D$OD`jkRc#F0bV-71I(tl9C$jtp|q6T?QiMxDWlh*BL7F zrX8cMe5c0w?Hv)SgJq9AQk(KpnqG~46;PJO>kkbA061Yuktn(@hmoM(N?9w`@n?2vt5K*f* zdaolJ?(90mDi%4hO#&5*&FsIIqVu09;a;tPlvhpe%;vRGuD6uyXC5r>eV`OkazTZtG7FAVhUhy@t_umKe**0a*QHx~pAU~G5jpueMdD)ZYVmvivhE zZ=-LxNw%MukA{8OV;eO9yV0&5Chk}15-!8+ zH=Z*RXnJ!QSygc5wMkR&cQZdG@X^67Y1c5dL{%R(TE^5oHpH`Mqk~w~c-^|n@Z8)a z+cl1MhdMHcx`?Hr`$}tV!;i}%gsA>2My6ZU-SJ*b5y_44&t*=n6}tC!zZ=&N@ZRy? z%lapkGhJq_a!h^kDt8gV%}>K9Jwd|8G^lN$o669JgaIEzw5DCE( z@PuSf&KI3LmunlI?|;E9FQ&et{NTcf=g}A2jcqU8qx?qMFtdz% zw#7T^Z+grhQ~jn&>6IvF!!v^BrCS)TOY?{dK?L=(6eqWUl8DV?pd?~#a~!pxJJEt? z6;CF(oUoQ$3*Y4s{@K^tInOd|`v$v#+Nx$1Mo%ROG)tpCA#x^ndNhS_Dxan@ocHGm zyTVD3bKGD+(Plau3{EInFgOfMV=a{-x)66prDf9rgMboC!WFMVlNRpP%!^IXRFCZ! z;9LZ$nc|KLc|REGotyWe?cC80$iG}$EgicvBoE%-Ywu7{Gq<_v>cyzU;!az$qfM=9 zA+w{mDW5D{eX>sofcWoJr#l?>EPsVo0;kYFt*#)pQOOu)SeYKc>AH43&h};TSJ(Qy zL0_#F4i0WT`fRz}lKx6&ULp3){Fh-45KdKnJ*lYV9N#ii$BX8SLIAuN+tuw2)))&t8Hl9}EfrVu1 z<%7dsWcj1VzT~pSY+RCirAD)2Y9^ky7IHMYCY@Q5)tWJ&o*UHVfoz|87tA}Vz?acu zci8ND(9oc*x-`3RiA7@5Z5ir0IH?5b^jA{4)X$#}B`4dS(F!|2z^)dWpCSLW0V1-D zOVwrty1;0q_liz>&%6mZMX_R_!cBd{-Q&ku8ym!$c}D5iS&R`17vj(Crib35;R2c_ z!mWK8XrO$@D;g|}Dyvg#fglY_TgQ8Z1RMvfb{(7m=qo<7#^WvRZ)9s`<{Ht6?$scV z_}uM+=EN0MuRj?0Y`1?9_)lhJ?3chm1s2|+SDjDpK0aibZ+eY=MSj_XTE}SXbMg@y_&Jz(tS+1{mM)WXD?pU%$<5g3>KqCE1IWcp~KhyTQ)U z&fd)sm@C)3QCB!TGUL{@XUUAzJ&NO&R`3vi_IVoXci)DAC?7JaHLnOUuqP%||FvNd zk$2u5oqQ7>4=r?9ss`+n{n=ut(b(=fy0y}pyllb8Z>jQhT`upP_{Z5~E6)sZUKJC;s>$uLj72SNm#b*<3vhKYU3H6;E z&eZ&P@fHYH{}7<*dX`0F!?wQ_ytOA)O4=%v3qR8Ol2BMY zC1iW&l|-*L<;sm=>b<7W`k|X@5XQSa&upH03liZM$+$*o5_73zRFvz8C|0^s-@-v| zAn@YU^C;<5hK1rV!B9T~gg~Am+K zgPWnyb5oTlUE>Jb^S7QQFPFqz;wi9mUna5qS^TzA?b`ZS)Y^5?q&anaFQ3kLeE7O2 zbU<&R(YmnO?Js)qv)g>mv(HrtPen{7-8iEFCAWd$k5?Xs)@|=}edw19FJ3aG(f`UK zyZiC+4PNY?vBtvO8XH3)=}`TpPcFRnQ~ipw<&V(-@HP-yVXPGkF{{Kpod16~QxI2?LrL<4WVN4J2PwRtz*Hp2&&lIZ0au znls9cIQ<+F81e5V3RoVG?kPhUAx1+t(Vk(2IXClgzH%IVaKLfD(i zLid(LP0O_hUEC#R&>FvOslN(!+(aLE|C2eafa#UEgRfF zaPyHsFe!ejaGpRr;;EWiR;$`aS!KWpykYmyVL}pHIN|>&sO{KmUj=g9Eu0M(?}GUZ zzV%l>j4-m#W_0cLxpjWEaA(oWFZ`gqclJ%xznvCR>US35+ok4%cZfA5^4gfz z8dWf6e&2KSmIrLUy=YOhc1wNz&)@O4pBZWJBYm)N@UpM@Gc?qf*J9@;8dyPswqstU zst5@Zbg9r>KkWE}CU?-FeHUApVSbJ%^WCeGQ@r3axl#17NO z9-*Fs%9+LcIa|!oo3O6|7TU>u!-5m^SkYE*~T$v|CUs=B#IIOy+&}Z1!L7&ceH(3A%gd;n8Op7fm zqfr+orVK)~H*j7xy9Tj%u*H57jS8*nV$q1n?1ru26?-^Zfa{-+HTuF?d+e(EV?W{gpLuv|X2}4i3Rs{WS zf#82uxQbYthN7MD*W(i6;v`hu6uzx#UE{vbzA$RKD;j>SB5mi*r3+Tf@7va#Ru7Fg zRf{q<lLzN!*Ya-^B1WSzcs)T)tm)ZR{ zcnzL%PG7kz1a;cRsNm{UJ?mpL)!yAJzi2#fbOxTpVBL8|nQuzlIrRFR75f^)BsUS* zVTr#kRa_|UCxEivJG+khbDIS)BsRc5fD55Y=gumFa+-S-v2K0twG#+rv|)xLK2LnX zvf`%BLUSw$vh8>$;xG^6ZV6!Dz9 zS&S9Rmj_Phx7YK)*VDp!r#DPHq9`pzDymhc({DdGls^@b?``@e{Zj$DlK<_;WEe#3 V?HOZeMlj`LMLD%6MUS4n`(KE|PCx(v literal 0 HcmV?d00001 diff --git a/src/Extension/SiteConfigExtension.php b/src/Extension/SiteConfigExtension.php index bfa3ff31..42fb6aa2 100644 --- a/src/Extension/SiteConfigExtension.php +++ b/src/Extension/SiteConfigExtension.php @@ -6,10 +6,12 @@ use SilverStripe\Forms\CompositeField; use SilverStripe\Forms\DateField; use SilverStripe\Forms\FieldList; -use SilverStripe\Forms\ListboxField; use SilverStripe\Forms\OptionsetField; +use SilverStripe\Forms\TreeMultiselectField; +use SilverStripe\MFA\Service\EnforcementManager; use SilverStripe\ORM\DataExtension; use SilverStripe\ORM\FieldType\DBField; +use SilverStripe\ORM\ValidationResult; use SilverStripe\Security\Group; use SilverStripe\View\Requirements; @@ -34,6 +36,9 @@ class SiteConfigExtension extends DataExtension private static $db = [ 'MFARequired' => 'Boolean', 'MFAGracePeriodExpires' => 'Date', + 'MFAAppliesTo' => 'Enum(["' + . EnforcementManager::APPLIES_TO_EVERYONE . '","' + . EnforcementManager::APPLIES_TO_GROUPS . '"])', ]; private static $many_many = [ @@ -53,8 +58,8 @@ public function updateCMSFields(FieldList $fields) 'MFARequired', '', [ - false => _t(__CLASS__ . '.MFA_OPTIONAL', 'MFA is optional for everyone'), - true => _t(__CLASS__ . '.MFA_REQUIRED', 'MFA is required for everyone'), + false => _t(__CLASS__ . '.MFA_OPTIONAL2', 'MFA is optional'), + true => _t(__CLASS__ . '.MFA_REQUIRED2', 'MFA is required'), ] ); $mfaOptions->addExtraClass('mfa-settings__required'); @@ -69,29 +74,28 @@ public function updateCMSFields(FieldList $fields) )); $mfaGraceEnd->addExtraClass('mfa-settings__grace-period'); - $groupsMap = []; - foreach (Group::get() as $group) { - // Listboxfield values are escaped, use ASCII char instead of » - $groupsMap[$group->ID] = $group->getBreadcrumbs(' > '); - } - asort($groupsMap); - - $mfaGroupRestrict = ListboxField::create( - "MFAGroupRestrictions", - _t(__CLASS__ . '.MFA_GROUP_RESTRICTIONS', "MFA Groups") - ) - ->setSource($groupsMap) - ->setAttribute( - 'data-placeholder', - _t(__CLASS__ . '.MFA_GROUP_RESTRICTIONS_PLACEHOLDER', 'Click to select group') - ) - ->setDescription(_t( - __CLASS__ . '.MFA_GROUP_RESTRICTIONS_DESCRIPTION', - 'MFA will only be enabled for members of these selected groups. ' . - 'If no groups are selected, MFA will be enabled for all users' - )); + $mfaAppliesToWho = OptionsetField::create( + 'MFAAppliesTo', + _t(__CLASS__ . '.MFA_APPLIES_TO_TITLE', 'Who do these MFA settings apply to?'), + [ + EnforcementManager::APPLIES_TO_EVERYONE => _t(__CLASS__ . '.EVERYONE', 'Everyone'), + EnforcementManager::APPLIES_TO_GROUPS => _t( + __CLASS__ . '.ONLY_GROUPS', + 'Only these groups (choose from list)' + ), + ] + ); - $mfaOptions = CompositeField::create($mfaOptions, $mfaGraceEnd, $mfaGroupRestrict) + $mfaGroupRestrict = TreeMultiselectField::create( + 'MFAGroupRestrictions', + _t(__CLASS__ . '.MFA_GROUP_RESTRICTIONS', 'MFA Groups'), + Group::class + )->setDescription(_t( + __CLASS__ . '.MFA_GROUP_RESTRICTIONS_DESCRIPTION', + 'MFA will only be enabled for members of these selected groups.' + ))->addExtraClass('js-mfa-group-restrictions'); + + $mfaOptions = CompositeField::create($mfaOptions, $mfaGraceEnd, $mfaAppliesToWho, $mfaGroupRestrict) ->setTitle(DBField::create_field( 'HTMLFragment', _t(__CLASS__ . '.MULTI_FACTOR_AUTHENTICATION', 'Multi-factor authentication (MFA)') @@ -101,6 +105,22 @@ public function updateCMSFields(FieldList $fields) $fields->addFieldToTab('Root.Access', $mfaOptions); } + public function validate(ValidationResult $validationResult) + { + if ( + $this->owner->MFAAppliesTo == EnforcementManager::APPLIES_TO_GROUPS + && !$this->owner->MFAGroupRestrictions()->exists() + ) { + $validationResult->addFieldError( + 'MFAGroupRestrictions', + _t( + __CLASS__ . '.MFA_GROUP_RESTRICTIONS_VALIDATION', + 'At least one group must be selected, or the MFA settings should apply to everyone.' + ) + ); + } + } + /** * Gets an anchor tag for CMS users to click to find out more about MFA in the SilverStripe CMS * diff --git a/src/Service/EnforcementManager.php b/src/Service/EnforcementManager.php index 3b6f6d4a..3ac9dcc2 100644 --- a/src/Service/EnforcementManager.php +++ b/src/Service/EnforcementManager.php @@ -23,6 +23,9 @@ class EnforcementManager use Configurable; use Injectable; + public const APPLIES_TO_EVERYONE = 'everyone'; + public const APPLIES_TO_GROUPS = 'groups'; + /** * Indicate how many MFA methods the user must authenticate with before they are considered logged in * @@ -72,7 +75,7 @@ public function canSkipMFA(Member $member): bool return true; } - if ($this->isMFARequired()) { + if ($this->isMFARequired() && $this->isUserInMFAEnabledGroup($member)) { return false; } @@ -108,14 +111,14 @@ public function shouldRedirectToMFA(Member $member): bool return false; } - if (!$this->isUserInMFAEnabledGroup($member) && !$this->hasCompletedRegistration($member)) { - return false; - } - if ($member->RegisteredMFAMethods()->exists()) { return true; } + if (!$this->isUserInMFAEnabledGroup($member) && !$this->hasCompletedRegistration($member)) { + return false; + } + if ($this->isGracePeriodInEffect()) { return true; } @@ -156,7 +159,9 @@ public function hasCompletedRegistration(Member $member): bool * Whether MFA is required for eligible users. This takes into account whether a grace period is set and whether * we're currently inside the window for it. * - * Note that in determining this, we ignore whether or not MFA is enabled for the site in general. + * Note that in determining this, we ignore whether or not MFA is enabled for the site in general. We also ignore + * whether any given member is in the list of groups for which MFA has been enabled - for that, call + * {@see isUserInMFAEnabledGroup()} * * @return bool */ @@ -276,17 +281,19 @@ protected function isUserInMFAEnabledGroup(Member $member): bool /** @var SiteConfig&SiteConfigExtension $siteConfig */ $siteConfig = SiteConfig::current_site_config(); + // If we aren't restricting by groups, then we pass this check and move on + // to any other applicable checks. + if ($siteConfig->MFAAppliesTo !== self::APPLIES_TO_GROUPS) { + return true; + } + $groups = $siteConfig->MFAGroupRestrictions(); - // If no groups are set in the Site Config MFAGroupRestrictions field, MFA is enabled for all users + // If no groups are set in the Site Config MFAGroupRestrictions field, MFA is enabled for all users. + // This should generally not be possible, but can happen if a group is deleted after being set in that field. if ($groups->count() === 0) { return true; } - foreach ($groups as $group) { - if ($member->inGroup($group)) { - return true; - } - } - return false; + return $member->inGroups($groups); } } diff --git a/tests/Behat/Context/LoginContext.php b/tests/Behat/Context/LoginContext.php index f337780f..fd561458 100644 --- a/tests/Behat/Context/LoginContext.php +++ b/tests/Behat/Context/LoginContext.php @@ -44,7 +44,7 @@ public function multiFactorAuthenticationIsOptional() */ public function iSelectFromTheMfaSettings($option) { - $value = $option === 'MFA is required for everyone' ? 1 : 0; + $value = $option === 'MFA is required' ? 1 : 0; $this->getMainContext()->selectOption('MFARequired', $value); } } diff --git a/tests/Behat/features/mfa-enabled.feature b/tests/Behat/features/mfa-enabled.feature index 3db7b49d..21315599 100644 --- a/tests/Behat/features/mfa-enabled.feature +++ b/tests/Behat/features/mfa-enabled.feature @@ -8,10 +8,46 @@ Feature: MFA is enabled for the site And I go to "/admin" Then I should see the CMS - Scenario: I can set MFA to be required + Scenario: I can set MFA to be required for all users Given I go to "/admin/settings" And I click the "Access" CMS tab Then I should see "Multi-factor authentication (MFA)" - When I select "MFA is required for everyone" from the MFA settings + When I select "MFA is required" from the MFA settings And I press "Save" Then I should see a "Saved" success toast + + # This scenario must be before any other "select a group" scenario, since the saved settings + # aren't reset between scenarios. + Scenario: I must add at least one group if requiring MFA for groups + Given I go to "/admin/settings" + And I click the "Access" CMS tab + Then I should see "Multi-factor authentication (MFA)" + When I select "MFA is required" from the MFA settings + And I select "Only these groups (choose from list)" from "Who do these MFA settings apply to?" input group + And I press "Save" + Then I should not see a "Saved" success toast + Then I should see "At least one group must be selected, or the MFA settings should apply to everyone." + + Scenario: I can set MFA to be required for a given group + Given I go to "/admin/settings" + And I click the "Access" CMS tab + Then I should see "Multi-factor authentication (MFA)" + When I select "MFA is required" from the MFA settings + Then I should not see "MFA Groups" + When I select "Only these groups (choose from list)" from "Who do these MFA settings apply to?" input group + Then I should see "MFA Groups" + When I select "ADMIN group" in the "#Form_EditForm_MFAGroupRestrictions_Holder" tree dropdown + And I press "Save" + Then I should see a "Saved" success toast + Then I should not see "At least one group must be selected, or the MFA settings should apply to everyone." + + Scenario: I can set MFA to be optional for a given group + Given I go to "/admin/settings" + And I click the "Access" CMS tab + Then I should see "Multi-factor authentication (MFA)" + When I select "MFA is optional" from the MFA settings + And I select "Only these groups (choose from list)" from "Who do these MFA settings apply to?" input group + And I select "ADMIN group" in the "#Form_EditForm_MFAGroupRestrictions_Holder" tree dropdown + And I press "Save" + Then I should see a "Saved" success toast + Then I should not see "At least one group must be selected, or the MFA settings should apply to everyone." diff --git a/tests/php/Authenticator/LoginHandlerTest.php b/tests/php/Authenticator/LoginHandlerTest.php index 8173b492..9b315330 100644 --- a/tests/php/Authenticator/LoginHandlerTest.php +++ b/tests/php/Authenticator/LoginHandlerTest.php @@ -26,6 +26,7 @@ use SilverStripe\MFA\Tests\Stub\Store\TestStore; use SilverStripe\MFA\Tests\Stub\BasicMath\Method; use SilverStripe\ORM\FieldType\DBDatetime; +use SilverStripe\ORM\ValidationException; use SilverStripe\Security\Group; use SilverStripe\Security\Member; use SilverStripe\Security\Security; @@ -573,42 +574,72 @@ public function testGetBackURL() $this->assertSame('foobar', $handler->getBackURL()); } + public function testMFAGroupRestrictionValidation() + { + $config = SiteConfig::current_site_config(); + $config->MFAAppliesTo = EnforcementManager::APPLIES_TO_GROUPS; + $this->expectException(ValidationException::class); + $config->write(); + } + + public function provideMFAGroupRestriction() + { + return [ + 'member in group, has registered method' => [ + 'memberFixture' => 'simon', + 'hasMFA' => true, + ], + 'member in group, with no registered method' => [ + 'memberFixture' => 'guy', + 'hasMFA' => true, + ], + 'member not in group, has registered method' => [ + 'memberFixture' => 'colin', + 'hasMFA' => true, + ], + 'member not in group, with no registered method' => [ + 'memberFixture' => 'carla', + 'hasMFA' => false, + ], + ]; + } - public function testMFAGroupRestriction() + /** + * @dataProvider provideMFAGroupRestriction + */ + public function testMFAGroupRestriction(string $memberFixture, bool $hasMFA) { $config = SiteConfig::current_site_config(); /** @var Group $group */ $group = $this->objFromFixture(Group::class, 'admingroup'); $config->MFAGroupRestrictions()->add($group); + $config->MFAAppliesTo = EnforcementManager::APPLIES_TO_GROUPS; + $config->write(); - // Test that MFA is required for a member of a group that has been set in SiteConfig /** @var Member&MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'guy'); + $member = $this->objFromFixture(Member::class, $memberFixture); $this->autoFollowRedirection = false; $response = $this->doLogin($member, 'Password123'); $this->autoFollowRedirection = true; + // Validate that MFA is only enabled for the relevant group, and for users who already registered an MFA method + $path = $hasMFA ? 'default/mfa' : 'default'; $this->assertSame(302, $response->getStatusCode()); $this->assertStringEndsWith( - Controller::join_links(Security::login_url(), 'default/mfa'), + Controller::join_links(Security::login_url(), $path), $response->getHeader('location') ); - // Test that MFA is not required for a member that does not belong to any of the selected groups - /** @var Member&MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'colin'); - - $this->autoFollowRedirection = false; - $response = $this->doLogin($member, 'Password123'); - $this->autoFollowRedirection = true; - - $this->assertSame(302, $response->getStatusCode()); - $this->assertStringEndsWith( - Security::login_url(), - $response->getHeader('location') - ); + // Validate that the member logged in successfully if MFA was not available. + if (!$hasMFA) { + $response = $this->get('/Security/login'); + $this->assertExactMatchBySelector( + '#MemberLoginForm_LoginForm_error', + "You're logged in as {$member->FirstName}." + ); + } } public function methodlessMemberFixtureProvider() diff --git a/tests/php/Authenticator/LoginHandlerTest.yml b/tests/php/Authenticator/LoginHandlerTest.yml index c85be77f..3f21a526 100644 --- a/tests/php/Authenticator/LoginHandlerTest.yml +++ b/tests/php/Authenticator/LoginHandlerTest.yml @@ -25,20 +25,25 @@ SilverStripe\Security\Group: SilverStripe\Security\Member: guy: + FirstName: Guy Email: guy@example.com Password: Password123 PasswordExpiry: 2030-01-01 Groups: =>SilverStripe\Security\Group.admingroup simon: + FirstName: Simon Email: simon@example.com + Password: Password123 RegisteredMFAMethods: =>SilverStripe\MFA\Model\RegisteredMethod.simon-math Groups: =>SilverStripe\Security\Group.admingroup robbie: + FirstName: Robbie Email: robbie@example.com RegisteredMFAMethods: =>SilverStripe\MFA\Model\RegisteredMethod.robbie-math DefaultRegisteredMethodID: =>SilverStripe\MFA\Model\RegisteredMethod.robbie-math Groups: =>SilverStripe\Security\Group.admingroup colin: + FirstName: Colin Email: colin@example.com Password: Password123 PasswordExpiry: 2030-01-01 @@ -46,9 +51,13 @@ SilverStripe\Security\Member: DefaultRegisteredMethodID: =>SilverStripe\MFA\Model\RegisteredMethod.colin-math Groups: =>SilverStripe\Security\Group.contentgroup carla: + FirstName: Carla Email: carla@example.com + Password: Password123 Groups: =>SilverStripe\Security\Group.contentgroup pete: + FirstName: Pete Email: pete@example.com + Password: Password123 PasswordExpiry: 1990-01-01 Groups: =>SilverStripe\Security\Group.contentgroup diff --git a/tests/php/Service/EnforcementManagerTest.php b/tests/php/Service/EnforcementManagerTest.php index fa7cd5e7..530c306a 100644 --- a/tests/php/Service/EnforcementManagerTest.php +++ b/tests/php/Service/EnforcementManagerTest.php @@ -31,190 +31,602 @@ protected function setUp(): void EnforcementManager::config()->set('enabled', true); } - public function testUserCanSkipWhenMFAIsDisabled() + public function provideCanSkipMFA() { - $this->setSiteConfig(['MFARequired' => true]); - EnforcementManager::config()->set('enabled', false); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sally_smith'); - $this->assertTrue(EnforcementManager::create()->canSkipMFA($member)); + $scenarios = [ + // User with registered MFA option can _never_ skip MFA + 'already registered, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + 'already registered, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + 'already registered, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + 'already registered, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + 'already registered, NOT in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + 'already registered, NOT in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sally_smith', + 'expected' => false, + ], + // User without registered MFA option can skip unless they're not in a specified group + 'not registered, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'john_smith', + 'expected' => false, + ], + 'not registered, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'john_smith', + 'expected' => false, + ], + 'not registered, NOT in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, NOT in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + // Always skip if user has no CMS access + // Note that this is altered by the "requires_admin_access" config, which is tested separately. + 'no cms access, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'no cms access, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'no cms access, not in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'no cms access, not in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'no cms access, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'no cms access, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + ]; + // Add scenarios with past and future expiry dates + // See the setUp method, which sets the current datetime to "2019-01-25 12:00:00" + foreach ($scenarios as $name => $scenario) { + // Past expiry dates + $pastScenario = $scenario; + $pastScenario['mfaGracePeriodExpires'] = '2018-12-25'; + $scenarios[$name . ' with past expiry'] = $pastScenario; + // Future expiry dates + $futureScenario = $scenario; + $futureScenario['mfaGracePeriodExpires'] = '2019-01-30'; + // Members who haven't registered MFA yet can skip if there's a currently-active grace period + if ($futureScenario['memberFixture'] === 'john_smith') { + $futureScenario['expected'] = true; + } + $scenarios[$name . ' with future expiry'] = $futureScenario; + } + return $scenarios; } - public function testUserCanSkipWhenNoMethodsAreAvailable() - { - $this->setSiteConfig(['MFARequired' => true]); - MethodRegistry::config()->set('methods', null); + /** + * @dataProvider provideCanSkipMFA + */ + public function testCanSkipMFA( + bool $mfaRequired, + string $mfaAppliesTo, + ?string $mfaGracePeriodExpires, + array $requiredGroupFixtures, + string $memberFixture, + bool $expected + ) { + $config = SiteConfig::current_site_config(); + foreach ($requiredGroupFixtures as $fixtureName) { + $group = $this->objFromFixture(Group::class, $fixtureName); + $config->MFAGroupRestrictions()->add($group); + } + $siteConfigUpdate = ['MFARequired' => $mfaRequired, 'MFAAppliesTo' => $mfaAppliesTo]; + if ($mfaGracePeriodExpires) { + $siteConfigUpdate['MFAGracePeriodExpires'] = $mfaGracePeriodExpires; + } + $this->setSiteConfig($siteConfigUpdate); /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sally_smith'); - $this->assertTrue(EnforcementManager::create()->canSkipMFA($member)); + $member = $this->objFromFixture(Member::class, $memberFixture); + $this->logInAs($member); + + $this->assertSame($expected, EnforcementManager::create()->canSkipMFA($member)); } - public function testUserWithoutCMSAccessCanSkipWhenCMSAccessIsRequired() + public function provideCanSkipMFAWithoutCMSAccess() { - $this->setSiteConfig(['MFARequired' => true]); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sammy_smith'); - $this->assertTrue(EnforcementManager::create()->canSkipMFA($member)); + return [ + 'optional, applies to everyone' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'required, applies to everyone' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'optional, not in group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'required, not in group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'optional, in group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'required, in group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + ]; } - public function testUserWithoutCMSAccessCannotSkipWhenCMSAccessIsNotRequired() - { - $this->setSiteConfig(['MFARequired' => true]); + /** + * @dataProvider provideCanSkipMFAWithoutCMSAccess + */ + public function testCanSkipMFAWithoutCMSAccess( + bool $mfaRequired, + string $mfaAppliesTo, + array $requiredGroupFixtures, + string $memberFixture, + bool $expected + ) { EnforcementManager::config()->set('requires_admin_access', false); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sammy_smith'); - $this->assertFalse(EnforcementManager::create()->canSkipMFA($member)); + $this->testCanSkipMFA($mfaRequired, $mfaAppliesTo, null, $requiredGroupFixtures, $memberFixture, $expected); } - public function testCannotSkipWhenMFAIsRequiredWithNoGracePeriod() + public function testCanSkipWhenMFAIsDisabled() { $this->setSiteConfig(['MFARequired' => true]); + EnforcementManager::config()->set('enabled', false); /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'reports_user'); - $this->assertFalse(EnforcementManager::create()->canSkipMFA($member)); - } - - public function testCanSkipWhenMFAIsRequiredWithGracePeriodExpiringInFuture() - { - $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'reports_user'); + $member = $this->objFromFixture(Member::class, 'sally_smith'); $this->assertTrue(EnforcementManager::create()->canSkipMFA($member)); } - public function testCannotSkipWhenMFAIsRequiredWithGracePeriodExpiringInPast() + public function testCanSkipWhenNoMethodsAreAvailable() { - $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']); + $this->setSiteConfig(['MFARequired' => true]); + MethodRegistry::config()->set('methods', null); - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'reports_user'); - $this->assertFalse(EnforcementManager::create()->canSkipMFA($member)); - } - - public function testCannotSkipWhenMemberHasRegisteredAuthenticationMethodsSetUp() - { - $this->setSiteConfig(['MFARequired' => false]); - // Sally has "backup codes" as a registered authentication method already /** @var Member $member */ $member = $this->objFromFixture(Member::class, 'sally_smith'); - $this->logInAs($member); - - $this->assertFalse(EnforcementManager::create()->canSkipMFA($member)); - } - - public function testCanSkipWhenMFAIsOptional() - { - $this->setSiteConfig(['MFARequired' => false]); - // Anonymous admin user - $memberId = $this->logInWithPermission(); - /** @var Member $member */ - $member = Member::get()->byID($memberId); - $this->assertTrue(EnforcementManager::create()->canSkipMFA($member)); } - public function testShouldNotRedirectToMFAWhenUserDoesNotHaveCMSAccess() + public function provideShouldRedirectToMFA() { - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sammy_smith'); - $this->logInAs($member); - $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member)); + $scenarios = [ + // User with registered MFA option should _always_ redirect to MFA + 'already registered, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + 'already registered, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + 'already registered, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + 'already registered, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + 'already registered, NOT in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + 'already registered, NOT in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sally_smith', + 'expected' => true, + ], + // User without registered MFA option should only redirect if rules apply to them + 'not registered, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'john_smith', + 'expected' => true, + ], + 'not registered, NOT in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'john_smith', + 'expected' => false, + ], + 'not registered, NOT in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'john_smith', + 'expected' => false, + ], + // User who has skipped MFA registration has slightly different behaviour + 'skipped registration, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sully_smith', + 'expected' => false, + ], + 'skipped registration, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sully_smith', + 'expected' => true, + ], + 'skipped registration, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sully_smith', + 'expected' => false, + ], + 'skipped registration, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['reportsgroup'], + 'memberFixture' => 'sully_smith', + 'expected' => true, + ], + 'skipped registration, NOT in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sully_smith', + 'expected' => false, + ], + 'skipped registration, NOT in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sully_smith', + 'expected' => false, + ], + // Should never redirect to MFA if user has no CMS access + // Note that this is altered by the "requires_admin_access" config, which is tested separately. + 'no cms access, optional for all' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'no cms access, required for all' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'no cms access, not in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'no cms access, not in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'no cms access, in optional group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'no cms access, in required group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'mfaGracePeriodExpires' => null, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + ]; + // Add scenarios with past and future expiry dates + // See the setUp method, which sets the current datetime to "2019-01-25 12:00:00" + // Note that the grace period doesn't affect the expected return value. These scenarios are here + // to ensure that doesn't change unexpectedly. + foreach ($scenarios as $name => $scenario) { + // Past expiry dates + $pastScenario = $scenario; + $pastScenario['mfaGracePeriodExpires'] = '2018-12-25'; + $scenarios[$name . ' with past expiry'] = $pastScenario; + // Future expiry dates + $futureScenario = $scenario; + $futureScenario['mfaGracePeriodExpires'] = '2019-01-30'; + $scenarios[$name . ' with future expiry'] = $futureScenario; + } + return $scenarios; } - public function testShouldRedirectToMFAWhenUserDoesNotHaveCMSAccessButTheCheckIsDisabledWithConfig() - { - EnforcementManager::config()->set('requires_admin_access', false); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sammy_smith'); - $this->logInAs($member); - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldRedirectToMFAWhenUserHasAccessToReportsOnly() - { - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'reports_user'); - $this->logInAs($member); - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldRedirectToMFAForContentAuthors() - { - $memberID = $this->logInWithPermission('CMS_ACCESS_CMSMain'); - /** @var Member $member */ - $member = Member::get()->byID($memberID); - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldRedirectToMFAWhenUserHasRegisteredMFAMethod() - { - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sally_smith'); - $shouldRedirect = EnforcementManager::create()->shouldRedirectToMFA($member); - $this->assertTrue($shouldRedirect); - } + /** + * @dataProvider provideShouldRedirectToMFA + */ + public function testShouldRedirectToMFA( + bool $mfaRequired, + string $mfaAppliesTo, + ?string $mfaGracePeriodExpires, + array $requiredGroupFixtures, + string $memberFixture, + bool $expected + ) { + $config = SiteConfig::current_site_config(); + foreach ($requiredGroupFixtures as $fixtureName) { + $group = $this->objFromFixture(Group::class, $fixtureName); + $config->MFAGroupRestrictions()->add($group); + } + $siteConfigUpdate = ['MFARequired' => $mfaRequired, 'MFAAppliesTo' => $mfaAppliesTo]; + if ($mfaGracePeriodExpires) { + $siteConfigUpdate['MFAGracePeriodExpires'] = $mfaGracePeriodExpires; + } + $this->setSiteConfig($siteConfigUpdate); - public function testShouldRedirectToMFAWhenMFAIsRequired() - { - $this->setSiteConfig(['MFARequired' => true]); /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sully_smith'); + $member = $this->objFromFixture(Member::class, $memberFixture); $this->logInAs($member); - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); + $this->assertSame($expected, EnforcementManager::create()->shouldRedirectToMFA($member)); } - public function testShouldRedirectToMFAWhenMFAIsRequiredWithGracePeriodExpiringInFuture() + public function provideShouldRedirectToMFAWithoutCMSAccess() { - $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2019-01-30']); - - /** @var Member&MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'sully_smith'); - $this->logInAs($member); - - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); + return [ + 'optional, applies to everyone' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'required, applies to everyone' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_EVERYONE, + 'requiredGroupFixtures' => [], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'optional, not in group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'required, not in group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['admingroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => false, + ], + 'optional, in group' => [ + 'MFARequired' => false, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + 'required, in group' => [ + 'MFARequired' => true, + 'MFAAppliesTo' => EnforcementManager::APPLIES_TO_GROUPS, + 'requiredGroupFixtures' => ['nocmsgroup'], + 'memberFixture' => 'sammy_smith', + 'expected' => true, + ], + ]; } - public function testShouldRedirectToMFAWhenMFAIsRequiredWithGracePeriodExpiringInPast() - { - $this->setSiteConfig(['MFARequired' => true, 'MFAGracePeriodExpires' => '2018-12-25']); - - /** @var Member&MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'sully_smith'); - $this->logInAs($member); - - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldRedirectToMFAWhenMFAIsOptionalAndHasNotBeenSkipped() - { - $this->setSiteConfig(['MFARequired' => false]); - - /** @var Member|MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'sally_smith'); - $member->HasSkippedMFARegistration = false; - $member->write(); - $this->logInAs($member); - - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldNotRedirectToMFAWhenMFAIsOptionalAndHasBeenSkipped() - { - $this->setSiteConfig(['MFARequired' => false]); - - /** @var Member&MemberExtension $member */ - $member = $this->objFromFixture(Member::class, 'sully_smith'); - $this->logInAs($member); - - $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member)); + /** + * @dataProvider provideShouldRedirectToMFAWithoutCMSAccess + */ + public function testShouldRedirectToMFAWithoutCMSAccess( + bool $mfaRequired, + string $mfaAppliesTo, + array $requiredGroupFixtures, + string $memberFixture, + bool $expected + ) { + EnforcementManager::config()->set('requires_admin_access', false); + $this->testShouldRedirectToMFA( + $mfaRequired, + $mfaAppliesTo, + null, + $requiredGroupFixtures, + $memberFixture, + $expected + ); } public function testShouldNotRedirectToMFAWhenConfigIsDisabled() @@ -254,34 +666,6 @@ public function testUserHasCompletedRegistrationWhenBackupMethodIsDisabled() $this->assertTrue(EnforcementManager::create()->hasCompletedRegistration($member)); } - public function testShouldRedirectToMFAWhenUserIsInMFARestrictedGroup() - { - $this->setSiteConfig(['MFARequired' => true]); - $config = SiteConfig::current_site_config(); - $group = $this->objFromFixture(Group::class, 'admingroup'); - $config->MFAGroupRestrictions()->add($group); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sally_smith'); - $this->logInAs($member); - - $this->assertTrue(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - - public function testShouldNotRedirectToMFAWhenUserIsNotInMFARestrictedGroup() - { - $this->setSiteConfig(['MFARequired' => true]); - $config = SiteConfig::current_site_config(); - $group = $this->objFromFixture(Group::class, 'admingroup'); - $config->MFAGroupRestrictions()->add($group); - - /** @var Member $member */ - $member = $this->objFromFixture(Member::class, 'sully_smith'); - $this->logInAs($member); - - $this->assertFalse(EnforcementManager::create()->shouldRedirectToMFA($member)); - } - /** * Helper method for changing the current SiteConfig values * diff --git a/tests/php/Service/EnforcementManagerTest.yml b/tests/php/Service/EnforcementManagerTest.yml index 3c56e75c..aefe3e3e 100644 --- a/tests/php/Service/EnforcementManagerTest.yml +++ b/tests/php/Service/EnforcementManagerTest.yml @@ -17,6 +17,9 @@ SilverStripe\Security\Group: Title: View reports Code: reportsgroup Permissions: =>SilverStripe\Security\Permission.reports + nocmsgroup: + Title: No CMS Access + Code: nocmsgroup SilverStripe\Security\Member: sally_smith: @@ -27,10 +30,16 @@ SilverStripe\Security\Member: - =>SilverStripe\MFA\Model\RegisteredMethod.codes DefaultRegisteredMethodID: =>SilverStripe\MFA\Model\RegisteredMethod.codes Groups: =>SilverStripe\Security\Group.admingroup + john_smith: + FirstName: John + Surname: Smith + Email: john.smith@example.com + Groups: =>SilverStripe\Security\Group.admingroup sammy_smith: FirstName: Sammy Surname: Smith Email: sammy.smith@example.com + Groups: =>SilverStripe\Security\Group.nocmsgroup sully_smith: FirstName: Sully Surname: Smith