From 9851f2fd287ae8c8eb24c7b2099231c1fc183658 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 18 Oct 2024 18:06:46 -0400 Subject: [PATCH 001/290] update mapping output --- .../Get-ExtensionMapping.ps1 | 11 ++----- .../Public/Halo/Get-HaloMapping.ps1 | 17 ++++++++-- .../Public/Hudu/Get-HuduMapping.ps1 | 16 ++++++++-- .../NinjaOne/Get-NinjaOneOrgMapping.ps1 | 31 +++++++++---------- 4 files changed, 44 insertions(+), 31 deletions(-) diff --git a/Modules/CippExtensions/Public/Extension Functions/Get-ExtensionMapping.ps1 b/Modules/CippExtensions/Public/Extension Functions/Get-ExtensionMapping.ps1 index 6a0ac35728c6..c81a8cdbf453 100644 --- a/Modules/CippExtensions/Public/Extension Functions/Get-ExtensionMapping.ps1 +++ b/Modules/CippExtensions/Public/Extension Functions/Get-ExtensionMapping.ps1 @@ -4,12 +4,5 @@ function Get-ExtensionMapping { ) $Table = Get-CIPPTable -TableName CippMapping - $Mapping = @{} - Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$($Extension)Mapping'" | ForEach-Object { - $Mapping[$_.RowKey] = @{ - label = "$($_.IntegrationName)" - value = "$($_.IntegrationId)" - } - } - return [PSCustomObject]$Mapping -} \ No newline at end of file + return Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$($Extension)Mapping'" +} diff --git a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 index 2a8aae7646ef..40aec5f850f9 100644 --- a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 +++ b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 @@ -21,9 +21,21 @@ function Get-HaloMapping { Add-CIPPAzDataTableEntity @CIPPMapping -Entity $MigrateRows -Force } - $Mappings = Get-ExtensionMapping -Extension 'Halo' + $ExtensionMappings = Get-ExtensionMapping -Extension 'Halo' $Tenants = Get-Tenants -IncludeErrors + + $Mappings = foreach ($Mapping in $ExtensionMappings) { + $Tenant = $Tenants | Where-Object { $_.RowKey -eq $Mapping.RowKey } + if ($Tenant) { + [PSCustomObject]@{ + TenantId = $Tenant.customerId + Tenant = $Tenant.defaultDomainName + IntegrationId = $Mapping.IntegrationId + IntegrationName = $Mapping.IntegrationName + } + } + } $Table = Get-CIPPTable -TableName Extensionsconfig try { $Configuration = ((Get-CIPPAzDataTableEntity @Table).config | ConvertFrom-Json -ea stop).HaloPSA @@ -53,11 +65,10 @@ function Get-HaloMapping { } } $MappingObj = [PSCustomObject]@{ - Tenants = @($Tenants) Companies = @($HaloClients) Mappings = $Mappings } return $MappingObj -} \ No newline at end of file +} diff --git a/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 b/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 index 7ffbddfa57a0..884c471a3652 100644 --- a/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 +++ b/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 @@ -4,8 +4,21 @@ function Get-HuduMapping { $CIPPMapping ) - $Mappings = Get-ExtensionMapping -Extension 'Hudu' + $ExtensionMappings = Get-ExtensionMapping -Extension 'Hudu' + $Tenants = Get-Tenants -IncludeErrors + + $Mappings = foreach ($Mapping in $ExtensionMappings) { + $Tenant = $Tenants | Where-Object { $_.RowKey -eq $Mapping.RowKey } + if ($Tenant) { + [PSCustomObject]@{ + TenantId = $Tenant.customerId + Tenant = $Tenant.defaultDomainName + IntegrationId = $Mapping.IntegrationId + IntegrationName = $Mapping.IntegrationName + } + } + } $Tenants = Get-Tenants -IncludeErrors $Table = Get-CIPPTable -TableName Extensionsconfig try { @@ -31,7 +44,6 @@ function Get-HuduMapping { } } $MappingObj = [PSCustomObject]@{ - Tenants = @($Tenants) Companies = @($HuduCompanies) Mappings = $Mappings } diff --git a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 index 24c7e6405560..f23540c267de 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 @@ -6,23 +6,21 @@ function Get-NinjaOneOrgMapping { try { $Tenants = Get-Tenants -IncludeErrors - $Filter = "PartitionKey eq 'NinjaOrgsMapping'" - $MigrateRows = Get-AzDataTableEntity @CIPPMapping -Filter $Filter | ForEach-Object { - #$Mappings | Add-Member -NotePropertyName $_.RowKey -NotePropertyValue @{ label = "$($_.NinjaOneName)"; value = "$($_.NinjaOne)" } - [PSCustomObject]@{ - RowKey = $_.RowKey - IntegrationName = $_.NinjaOneName - IntegrationId = $_.NinjaOne - PartitionKey = 'NinjaOneMapping' - } - Remove-AzDataTableEntity @CIPPMapping -Entity $_ - } + $ExtensionMappings = Get-ExtensionMapping -Extension 'NinjaOne' - if (($MigrateRows | Measure-Object).Count -gt 0) { - Add-AzDataTableEntity @CIPPMapping -Entity $MigrateRows -Force - } + $Tenants = Get-Tenants -IncludeErrors - $Mappings = Get-ExtensionMapping -Extension 'NinjaOne' + $Mappings = foreach ($Mapping in $ExtensionMappings) { + $Tenant = $Tenants | Where-Object { $_.RowKey -eq $Mapping.RowKey } + if ($Tenant) { + [PSCustomObject]@{ + TenantId = $Tenant.customerId + Tenant = $Tenant.defaultDomainName + IntegrationId = $Mapping.IntegrationId + IntegrationName = $Mapping.IntegrationName + } + } + } #Get Available Tenants #Get available Ninja clients @@ -53,11 +51,10 @@ function Get-NinjaOneOrgMapping { } $MappingObj = [PSCustomObject]@{ - Tenants = @($Tenants) Companies = @($NinjaOrgs | Sort-Object name) Mappings = $Mappings } return $MappingObj -} \ No newline at end of file +} From a0a32b2d50b28e2af65f5886e2d538bfe91835b7 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 19 Oct 2024 13:34:06 -0400 Subject: [PATCH 002/290] Extension mapping tweaks --- .../Extensions/Invoke-ExecExtensionMapping.ps1 | 2 +- .../CippExtensions/Public/Halo/Get-HaloMapping.ps1 | 3 ++- .../CippExtensions/Public/Halo/Set-HaloMapping.ps1 | 10 +++++----- .../CippExtensions/Public/Hudu/Get-HuduMapping.ps1 | 3 ++- .../CippExtensions/Public/Hudu/Set-HuduMapping.ps1 | 11 +++++------ .../Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 | 3 ++- .../Public/NinjaOne/Invoke-NinjaOneOrgMapping.ps1 | 2 +- .../Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 | 14 ++++++++------ 8 files changed, 26 insertions(+), 22 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 index 32a21c2119f4..3e88081ac40e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 @@ -68,7 +68,7 @@ Function Invoke-ExecExtensionMapping { try { if ($Request.Query.AutoMapping) { switch ($Request.Query.AutoMapping) { - 'NinjaOrgs' { + 'NinjaOne' { $Batch = [PSCustomObject]@{ 'NinjaAction' = 'StartAutoMapping' 'FunctionName' = 'NinjaOneQueue' diff --git a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 index 40aec5f850f9..0e2e54032910 100644 --- a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 +++ b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 @@ -30,7 +30,8 @@ function Get-HaloMapping { if ($Tenant) { [PSCustomObject]@{ TenantId = $Tenant.customerId - Tenant = $Tenant.defaultDomainName + Tenant = $Tenant.displayName + TenantDomain = $Tenant.defaultDomainName IntegrationId = $Mapping.IntegrationId IntegrationName = $Mapping.IntegrationName } diff --git a/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 b/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 index 129b1578ad59..0fa8b68671a1 100644 --- a/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 +++ b/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 @@ -8,12 +8,12 @@ function Set-HaloMapping { Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'HaloMapping'" | ForEach-Object { Remove-AzDataTableEntity @CIPPMapping -Entity $_ } - foreach ($Mapping in ([pscustomobject]$Request.body.mappings).psobject.properties) { + foreach ($Mapping in $Request.Body) { $AddObject = @{ PartitionKey = 'HaloMapping' - RowKey = "$($mapping.name)" - IntegrationId = "$($mapping.value.value)" - IntegrationName = "$($mapping.value.label)" + RowKey = "$($mapping.TenantId)" + IntegrationId = "$($mapping.IntegrationId)" + IntegrationName = "$($mapping.IntegrationName)" } Add-CIPPAzDataTableEntity @CIPPMapping -Entity $AddObject -Force @@ -23,4 +23,4 @@ function Set-HaloMapping { $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } Return $Result -} \ No newline at end of file +} diff --git a/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 b/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 index 884c471a3652..622dfa10765f 100644 --- a/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 +++ b/Modules/CippExtensions/Public/Hudu/Get-HuduMapping.ps1 @@ -13,7 +13,8 @@ function Get-HuduMapping { if ($Tenant) { [PSCustomObject]@{ TenantId = $Tenant.customerId - Tenant = $Tenant.defaultDomainName + Tenant = $Tenant.displayName + TenantDomain = $Tenant.defaultDomainName IntegrationId = $Mapping.IntegrationId IntegrationName = $Mapping.IntegrationName } diff --git a/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 b/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 index 03c6dddb8fb3..01e7e200e697 100644 --- a/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 +++ b/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 @@ -8,19 +8,18 @@ function Set-HuduMapping { Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'HuduMapping'" | ForEach-Object { Remove-AzDataTableEntity @CIPPMapping -Entity $_ } - foreach ($Mapping in ([pscustomobject]$Request.body.mappings).psobject.properties) { + foreach ($Mapping in $Request.Body) { $AddObject = @{ PartitionKey = 'HuduMapping' - RowKey = "$($mapping.name)" - IntegrationId = "$($mapping.value.value)" - IntegrationName = "$($mapping.value.label)" + RowKey = "$($mapping.TenantId)" + IntegrationId = "$($mapping.IntegrationId)" + IntegrationName = "$($mapping.IntegrationName)" } Add-CIPPAzDataTableEntity @CIPPMapping -Entity $AddObject -Force - Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Added mapping for $($mapping.name)." -Sev 'Info' } $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } Return $Result -} \ No newline at end of file +} diff --git a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 index f23540c267de..7bdba1ebef18 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneOrgMapping.ps1 @@ -15,7 +15,8 @@ function Get-NinjaOneOrgMapping { if ($Tenant) { [PSCustomObject]@{ TenantId = $Tenant.customerId - Tenant = $Tenant.defaultDomainName + Tenant = $Tenant.displayName + TenantDomain = $Tenant.defaultDomainName IntegrationId = $Mapping.IntegrationId IntegrationName = $Mapping.IntegrationName } diff --git a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneOrgMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneOrgMapping.ps1 index 6b5687d6059f..443e3d49042b 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneOrgMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneOrgMapping.ps1 @@ -15,7 +15,7 @@ function Invoke-NinjaOneOrgMapping { } #Get Available Tenants - $Tenants = Get-Tenants + $Tenants = Get-Tenants -IncludeErrors #Get available Ninja clients $Table = Get-CIPPTable -TableName Extensionsconfig $Configuration = ((Get-AzDataTableEntity @Table).config | ConvertFrom-Json).NinjaOne diff --git a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 index 43b1c597e3b0..4c8b5f357750 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 @@ -9,17 +9,19 @@ function Set-NinjaOneOrgMapping { Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'NinjaOneMapping'" | ForEach-Object { Remove-AzDataTableEntity @CIPPMapping -Entity $_ } - foreach ($Mapping in ([pscustomobject]$Request.body.mappings).psobject.properties) { + foreach ($Mapping in $Request.Body) { $AddObject = @{ PartitionKey = 'NinjaOneMapping' - RowKey = "$($mapping.name)" - IntegrationId = "$($mapping.value.value)" - IntegrationName = "$($mapping.value.label)" + RowKey = "$($mapping.TenantId)" + IntegrationId = "$($mapping.IntegrationId)" + IntegrationName = "$($mapping.IntegrationName)" } - Add-AzDataTableEntity @CIPPMapping -Entity $AddObject -Force + + Add-CIPPAzDataTableEntity @CIPPMapping -Entity $AddObject -Force + Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Added mapping for $($mapping.name)." -Sev 'Info' } $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } Return $Result -} \ No newline at end of file +} From f2a5aa575dc029ff3935c9d3ab7fad8dc96f3753 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 19 Oct 2024 21:58:26 -0400 Subject: [PATCH 003/290] fix field mapping --- .../Public/NinjaOne/Set-NinjaOneFieldMapping.ps1 | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneFieldMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneFieldMapping.ps1 index 87d243b8cda1..abba4fc1a022 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneFieldMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneFieldMapping.ps1 @@ -8,24 +8,18 @@ function Set-NinjaOneFieldMapping { ) $SettingsTable = Get-CIPPTable -TableName NinjaOneSettings - $AddObject = @{ - PartitionKey = 'NinjaConfig' - RowKey = 'CIPPURL' - 'SettingValue' = ([System.Uri]$TriggerMetadata.Headers.referer).Host - } - Add-AzDataTableEntity @SettingsTable -Entity $AddObject -Force - - foreach ($Mapping in ([pscustomobject]$Request.body.mappings).psobject.properties) { + foreach ($Mapping in $Request.Body.PSObject.Properties) { $AddObject = @{ PartitionKey = 'NinjaOneFieldMapping' RowKey = "$($mapping.name)" IntegrationId = "$($mapping.value.value)" IntegrationName = "$($mapping.value.label)" } + Add-AzDataTableEntity @CIPPMapping -Entity $AddObject -Force Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Added mapping for $($mapping.name)." -Sev 'Info' } $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } Return $Result -} \ No newline at end of file +} From 39a3d38ffe95085d1daa324ef16e3fc5c4bd19bd Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 20 Oct 2024 11:01:51 -0400 Subject: [PATCH 004/290] Update azbobbytables to 3.3.1 --- .../AzBobbyTables/3.1.3/AzBobbyTables.PS.dll | Bin 21504 -> 0 bytes .../AzBobbyTables/3.1.3/AzBobbyTables.PS.pdb | Bin 14656 -> 0 bytes Modules/AzBobbyTables/3.1.3/CHANGELOG.md | 28 -- .../3.1.3/dependencies/AzBobbyTables.Core.dll | Bin 17920 -> 0 bytes .../3.1.3/dependencies/AzBobbyTables.Core.pdb | Bin 12876 -> 0 bytes .../3.1.3/dependencies/Azure.Core.dll | Bin 384432 -> 0 bytes .../3.1.3/dependencies/Azure.Data.Tables.dll | Bin 388024 -> 0 bytes .../Microsoft.Bcl.AsyncInterfaces.dll | Bin 26752 -> 0 bytes .../Microsoft.VisualStudio.Threading.dll | Bin 433168 -> 0 bytes .../System.Text.Encodings.Web.dll | Bin 59768 -> 0 bytes .../3.1.3/dependencies/System.Text.Json.dll | Bin 293240 -> 0 bytes .../AzBobbyTables/3.3.1/AzBobbyTables.PS.dll | Bin 0 -> 25600 bytes .../AzBobbyTables/3.3.1/AzBobbyTables.PS.pdb | Bin 0 -> 15596 bytes .../{3.1.3 => 3.3.1}/AzBobbyTables.psd1 | 8 +- Modules/AzBobbyTables/3.3.1/CHANGELOG.md | 62 ++++ .../AzBobbyTables/{3.1.3 => 3.3.1}/LICENSE | 0 .../{3.1.3 => 3.3.1}/PSGetModuleInfo.xml | 44 +-- .../3.3.1/dependencies/AzBobbyTables.Core.dll | Bin 0 -> 21504 bytes .../3.3.1/dependencies/AzBobbyTables.Core.pdb | Bin 0 -> 13720 bytes .../3.3.1/dependencies/Azure.Core.dll | Bin 0 -> 415672 bytes .../3.3.1/dependencies/Azure.Data.Tables.dll | Bin 0 -> 399392 bytes .../Microsoft.Bcl.AsyncInterfaces.dll | Bin 0 -> 22144 bytes .../Microsoft.VisualStudio.Threading.dll | Bin 0 -> 441248 bytes .../Microsoft.VisualStudio.Validation.dll | Bin .../dependencies/Microsoft.Win32.Registry.dll | Bin .../dependencies/System.Buffers.dll | Bin .../3.3.1/dependencies/System.ClientModel.dll | Bin 0 -> 31152 bytes .../System.Diagnostics.DiagnosticSource.dll | Bin .../dependencies/System.Linq.Async.dll | Bin .../dependencies/System.Memory.Data.dll | Bin .../dependencies/System.Memory.dll | Bin 141688 -> 142752 bytes .../dependencies/System.Numerics.Vectors.dll | Bin ...System.Runtime.CompilerServices.Unsafe.dll | Bin .../System.Security.AccessControl.dll | Bin .../System.Security.Principal.Windows.dll | Bin .../System.Text.Encodings.Web.dll | Bin 0 -> 76904 bytes .../3.3.1/dependencies/System.Text.Json.dll | Bin 0 -> 509600 bytes .../System.Threading.Tasks.Extensions.dll | Bin .../en-US/AzBobbyTables.PS.dll-Help.xml | 335 +++++++++++++++++- 39 files changed, 407 insertions(+), 70 deletions(-) delete mode 100644 Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.pdb delete mode 100644 Modules/AzBobbyTables/3.1.3/CHANGELOG.md delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.pdb delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/Azure.Core.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/Azure.Data.Tables.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.Bcl.AsyncInterfaces.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.VisualStudio.Threading.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Encodings.Web.dll delete mode 100644 Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Json.dll create mode 100644 Modules/AzBobbyTables/3.3.1/AzBobbyTables.PS.dll create mode 100644 Modules/AzBobbyTables/3.3.1/AzBobbyTables.PS.pdb rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/AzBobbyTables.psd1 (93%) create mode 100644 Modules/AzBobbyTables/3.3.1/CHANGELOG.md rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/LICENSE (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/PSGetModuleInfo.xml (62%) create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.dll create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.pdb create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/Azure.Core.dll create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/Azure.Data.Tables.dll create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.Bcl.AsyncInterfaces.dll create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.VisualStudio.Threading.dll rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/Microsoft.VisualStudio.Validation.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/Microsoft.Win32.Registry.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Buffers.dll (100%) create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/System.ClientModel.dll rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Diagnostics.DiagnosticSource.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Linq.Async.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Memory.Data.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Memory.dll (91%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Numerics.Vectors.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Runtime.CompilerServices.Unsafe.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Security.AccessControl.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Security.Principal.Windows.dll (100%) create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/System.Text.Encodings.Web.dll create mode 100644 Modules/AzBobbyTables/3.3.1/dependencies/System.Text.Json.dll rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/dependencies/System.Threading.Tasks.Extensions.dll (100%) rename Modules/AzBobbyTables/{3.1.3 => 3.3.1}/en-US/AzBobbyTables.PS.dll-Help.xml (77%) diff --git a/Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.dll b/Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.dll deleted file mode 100644 index 72910599b85e73fd7f798b003080016cf29f7d93..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 21504 zcmeHv4SXEcb?=#(-PzTywAx*N+p@i~v03ZemThb>#K$$m9|mc628O?S8ANsw#Ar ztGcU$Xsc#W_1gTmz1Ci!1&OfMf&y?%#r@<#Tod>f@g<51t}DBl!S>7N6d?HgF=*c( zuqgj4U0sq{_?!>DI~XYvonl9f|C}JI1aJ8zL_Oon-iuBU16xCJ5i z8g{Sff>fw-uMziJ&DSX{I&E;x(vwrslx`&96I1scWre!`DC^TB=26zCM|?+FpC0ia zWqo=ic$D?%k-$;WJEg^-m!J<;#*6~soFqVf$Q+&qW;oDTZ4OTdRvBzuwdy1U0}jfE zZ16&jVP_8T{0!ii1)Ohr{Bv)Gob&zBqM$t!633RJ-9?Qv79T@o``$KFFgiaA1&fMY zlEi@3L*qfs)96-PHnv({sT!B4YV}T3_o_K}12t_}7P4yqoV5lGCFcTDhGHy|^FZ+s z&BqlZg8AXABVu1P!E{&>(=TVHVJBF_de%@2EV%$6WF{Bl(h$_mXl;-EW+&XtF4B zFf3%(10)*&9EWXTGm?z}MYQ8P#vqSjHH)l^gAH0#un7VNMpH2a0Rsc57=nO-QB({; z=Ct_fJMaZk0(^n-^EJ-Xoll_gJX{oVz6WgnoT+(CmrxP|8mc2biJE44_%tGnICvV9 z^;?w^R|Z<^^&|%049B%3#xZ2WOQHHLW26w)Bg^6HO5tgw=sTZ-7@`hnBucnLbmQgJ%0|aN13B1S22ryaTjXBo|v9o z4VIof7tltYKr}di;KPJi1H8f1IW$bu`4qFx2dm&mJcUi?j!~J}F2SXDA^^3jxFIfR ztZ~(@MTva@fb$e;NubngGb(jG5OghFhe8el^C*wZ^RX#DJ?5LFuO{8_X^L@Qxepp< zF3gD;HlP^}bl}1a!gL^bmb&oG;=Ag40K>-8V;VNb%Jlh@ZD=yI>INwYlozb$g8Iu0 z8+pwYH*BOLuGB7N7mqDNUgEM1Qnr3q1OWpbQw%}CsP!0v{F%;c9#R@&Tje_En{b=TbO_MXAjHo+pXRif^h;b3 zUuW!#B;wr+#YwVX!*(zCW34l1UWfHSTQprZ8@Df-A)AZaGFC^FUVhH+s% zkPIObK7pjEC3k^SzpGrE&TAz)g2f7OsX*vArLw&n@>TWG3VRO_iGNX1VSf;GhiHAYd%^7=nOtw#N_z3aD{0dXjaA{KMdJ+lJgnuyzfNcV?008e0h+GDI6JQ=&Qd69) zCqIm4c;Ax%i)R@|Us)x{?=Z(c0>%HPIfm_(YFQANf}l|hLDYP|2mZkzpLvWU8YkZq z&8~0pVpL=dINH7#+Uw6B!^dh@Z}&3a+xM{ed+mEL9mYhcx9=JL+=RT+9ID%B*nPN4u94l= zDCb+ahf$oSd_ULYC402qbYtq_|a)Z3y%@KjOz_C;N1l$lRJ=S zi6h8G-@#;AxT~AiVUr&PZ{en0of~lN0{tE2@`dZO?0os?NTqw`-(FFHI`n_ER+
N_hFqwY>fR{B zf07=3Q+oGd*cqZOv37QZt$HpTh`=Y(ZbKF0kNa8wLCBaiSowIEN97(F9EmujtfPUK zs#ai}!36an#)~Ok?qZ%WAFFBuZh#Y|UsXR=)q$M{vI(e5Dy|D}!?jAvzF&PywFRnL zsIOPvQr$r@{Bgb4qnjcPG?k_awad3Davja2`9ckVO44kq6>6EEC1=wjp;pD1nnO#3 zYL~JFh)&k|%WAH-5HZM9LdxoK!X}i|YoKnSf4s_kM4N8xF1Cbb0Y0HIygbTqcbK6Sn`LM;sLwTO=^lL+ z;Ol~aPfq~9M(}?$xO9!+(**x|bgr?Kt}_|l8e;gh>a(EdF(V16`x*du>n(sEGFl9s z{?@k~Fz8=BDx)OVLz_nD`PKsdrLi8cLExk=pKXlX>jJy0l>V##Tv`(7I=kb8z%jPju>4D zxS6h=xe;?*qYsW!9FGSS6@1lyH7MJqe(R5dI^t4aGd~J{6otAf_*TW$h}LUdYF6Ml z%5HF}b4)I~#iiP!Or3D4sX9}4xzt-BroN~sSavnEAVBeXlnQ~Hj1avpl(M>#{_iLi z#kpuDr$$Jgqkk83W1~<%(=MnsDMEun-AEsce%6T4^+G8vQTntho4K{>PmL)34^7P4hm2kpp1 z#uTb{sXvN50&1pEkJ5cU6EpQKRVJe{m3(KZ9t|OzO{JJn%Ic|fmRq(@%3c=gIQgQd zjj0sGrkUttv14XrMQ1HXpK;h(oX1{NuN_?V#`eW)3SOq z>7KHBGwA`Bdb#pynni!@Qm~5bm_z^QQiIh$ z1@*E^{bA*gjT(B*rEaMFDX2GHs4;k|)?otb@9|1K- zs7Hx?HlH@T6nlO??W+?l(%bnopeXUud>V2o_R@SBDU(dlakq@;N`kI+DV{3{`lL(o z?5L&NTq+idg1W<{cy=tHFSyipGYaZUF2!?YA$`N8_C%wgzU@*x$IhZBT&gwj3sBFv z6wjkY^t?-%;V7t=TxwhFA!9MU>QbrLBcT4prFb@COM@E|j*wbC3aU~l6%$FiT9t{H zl61W*$+48APrDR*DM=^F>cP z>gm_2Ol+yAw_HiKr5;CBst>HQo~m4mbvDp6mtvg_ln_ekY^0Y}ndoe!*Mz!JGD9Q1 zHKxpm8w#SUun&9PXr$>b)d#AHl0vC^&9q!7HE)|~jVpN;ZJ}mb?@}KH)k6DSs#$v- z>(Qky)eCAF{fSFmqrGXg(vO5vI+xRnZrQKt9YgIM@2TJ&B(@&Nr!N5-)E44>q6OSf zgV?B=v@O6VJ54&DX?!@$@>Yc9`>PnoW*P80$ZJ#q8J+&S=v0~~!s*bd)18rM)SzXe zZKBNod(LMn*?tA*!9tA`EaxlybSOxdVu!u4O2h7nSH)R?A?$%RRz+#4z|{iV1a=Di zfWW;1Q-CIo08XP{0nVWcjX5!a9{{YSO97YA2w;>lB7d#GbTIzZRbZ_FZfYSWN0Zq-gj{)ldsx~B#Hh<=6)#QdA-r1k~#X1ZJZ zV&t=Qn!XS^0r-04&!|SUou(^7UxwsU(MQ2QVt$vNqMM>m0oviKQTI0U8Nlm8&(Qs1 z$yWjYC!N-6t6qa8o2%cTHz`~l(rUGn{)oW&nx_3XU%j?OdmNc{3FLW)&hWIxxptQJ z(Qv!=BW*#XQ#%WNya@26Pzs!n`3AHXHMV?-_EsndZHq%!06wC9954~R1uz=EMSDft z5WX2U|4rmh?W@`=;V+=Yjj-o#dba9etwHrmd$l48&V!MMwd2}fnQ!1eN_p?6ksoQd zYJK5<(bfp3R{N6Qq+0Eee~o@zJG*+1ep>rMB&~0yRaHZJ54{t)QrGmu=wpSR4zT?T z;Pc~jFz^XT^6FTt?Gz0c`%mh%+Qt5R06#AH$AQOm?oq9_t@=TImf*K)Z)0sduDxCL z4V2zq@m-xq>Pf)9@H6_|@Wyj`5PO*40!B$Uf*AP#;7qCntidCVICgoz)z79loidv! zOwC9@Q)m_79NGi8koE!A(_MhA^bp{A^f+KU{Sa`A@Vf!q=_2TFN8ZwneS)W5$ec9x z;FbQOa83w3CGZ7-q;XwMU_xN6z=hgDYV|MC@^so=8J;ABDm%g3w=DA6+X7A!pCD;EBqzkpElbB?-ZF%k?9nfl<vg6 z+$XRo@Pxoq0@npta-YBx0#6BiK_CT1kHB>T_X#WtJR$Iuz!wBkg~$tBCvcy@qQDmf zQb<}9SQL0d;3^sNbgJ`6t$|3S^Ng{6+9L z4W|Orkx%AfMVpVzQHvdmX8L?YKQx1YEg{Cw2~+{@6#hj~<}A_~?hZ4IMB{)PV>1AM z?yCX3KEhD(6?~(TC9jUv0$y6Z81SY_hUZo@=j`f|ylP#wTi&9wLA7YbSYFvs-iorJ zWDlQ?@cD=jkl$?a1De>;==fFu29YIoU{!!2ctQsq1Dr-vP-{A%j=Lj18<`2HW4)gN zd^Vs?b3kdxyR(2V0;SPnKpndQ+;31FppIP2Cn*hpIyJ(#8s4p_1>THYtYJ5|5cpC# zQCSA4Q!94U8rGz{$7ri%CDtq zHoi=6qR-Nk+Mm$t_=d5f&ek5JoAoEagNik4SNHa|^tRBN-KlJ*KUJ{S_PGo$Syo=s zkt<{h87tqG>)(@dax5t2Yty~G8#4K!Y-*%Eo66@EQ}iw!uNMrZx2$ARy-R8Pa5kIj z%Ub)EQfEhQc+hfOs;hgOHP~l4ow@yXyPeHi=|aZNm5CK>hpAklbs4SMpKU-9^}Vb1wyMeyQ(avCKJqA6f-Bxf5anxE)0%B| z|8Uk?3t|U#kK_y1U{mJ~YIiJ*+MY~dpu4S`+Adpf_w|kRu&eS-UEOpjl^wQvdr>Lv zRVw)`-?YifSxzQR{nq}}aJJBvP16CZ(A%EPSh+%HKjq7bw8!0Qr}}A)C$#opZ}0k4 z`XCPfH)gCXN;cX~+M37~tG1^GCn@U2n57O_ZRxZs0mNSvB#znf^xqrJ|=s1$e z7xI(Hafc_eyKQF@?nVygiNfd-zf?J~V60oWSR)ff+^I2P47a6n7?A$Xegs0MFiFKO z#~!krNlMx-+mI@xr04DS;9x4(kFXqN?LegzPgt*v<89lBN9C+SzJMwzr(Ytm!*Oh9 zru|T0^d67Cf1>1S{0Bug?2MU5AIxX=dPbop9rcgY$OO(iuN^L~)9VNO_c&XV! zly_S)HATB@Z8GFLqCQcyS^|pK-sXRL()v572#=&&A9aV||>C5CS+OeN! zznD;($-*idhH)k7F`0v)TPk#AhOEu@;ij=kv)y)-`tHf{i3HQTluRnGhQ*>DX9RxC zTjVXY)PY5;zaJT^fCs02!v%}b#~}=uBUu^IP*yZ5v@6efa{z~VC>Hv z7*?~sq{Q<>SE_)}D$_n1ZY9~aY$la2kvpyZ-KqUnVPq#3#4^6}pV+h0%BGG8R#xsc z+2$O;ej-;WEAsk_9MeCXE|l78AMDRsWwa;AZKZM}CBdD@N`6sD{J(rJa2dg{{S*M*5I1)Du?tyFajyuQ$db|y#e5J;0-?X-lY5ZgvNbB8>} zQ6ReqDdSM&-IYqNjJW&Tt(n}V9`406 z2ZH60+6|XxqwIh-qjBU<>OPz)qz6V5iF99W)T9X)?XkDohaufLR##^Zw>fadWhjyv zBYTk1n-Hu>Jm&5#2~$nHN&(8HBZrW;aPxteVe*-Do~-cbK=m*^zuEkI~8% zQn1o%z7#Kc+H7SpKB}qp*rN82Ix|nBSxv1T?_xlc%A7cA^s=p(H2J<*B_6qzku6Et zmYLGRF6VInv6+<~U^WppcbEl;svUioV9TIJ&BePdo)0Kf=7V56{U>q$aM}5G18vOD-GSlL(H)Hd4sVPJATnC+jckduz^SH z9e)hl0DShap^E7Z$a6nmRm8%MX{qU+bFtBwfUaNpRoUTlJYWIWKD^k+^(~Yu6GkS~O+&MTKio7) z{j}6)jR*J`wQ48I504ssYdQJY_Hf31kHw`z+W ztRfI^zFc{V+5o5anik|7yauO@dRD_t6f_B^^Ygg*{x zjtH*p#S(XP2(lKs&ZDFj7OtTpnpUiP z_qKpP&V%RT*-Z!z{QddeSwOBSn5BHj{-qPDRPD3MXRCA^gw%DL}gchQ0wzU*q ztV7M;Jf7%<@Kovu>J36dE$Aw&-#vwn5A+bM`rZCQq~Wbp>gYg^y{$x#YvaTWwj0)F z;WgD;6~JZlvwbox;}?nd(UC6c@ZxEFuQ~2{{QkY!mMXe2Dm)LU_^DkON;S}>@b-#% zTJScHhX|+E(rEdl%StH+RAMv$5)vAmRCybfk_o87k=H1mMBExnWnsi&V3#8JxI3!5 z$OkJrA;DoicKNO&!R{2xKP_*^t}+h>i(!<+tM=WXdL z|M`tClP{rZK_fw$A4n|5WJJ)_{)DbYA^|Yw#*23{Z*C+IFlyqv;(PVEHI-3Kn@7{) z#rttFLRt-~>NOP!W}VjJslc@ONA!3~XEil5<55l5U12VmhxgS(kn$%8%F#Z4e_%xL zF#>3xbYMQxbT%cP0ZMTzG%Y@C#I5*XJW~Z@N)*H)Z?a^3kVP}78i@p9YwT#ecs!i& zY4PI8NUZo`4WxiSR|Vr;YvRRM*pgkaK@Y=LVaIogd3#HYz32!`eJ&R8L*iCFQWKx5 zi+bVzLUo+^=(v=_bR7?Z6WSDQ3W?CK0At0^hXO{tcw;OI5GEgBB%*^|DR{ioCHzt# zg!rRIRGh311mYiz@2!b&kMI@ln{D=>d3z-NYJw2|Om%M5!T8k#$j32+SVHgSM$mFiP4Ih{PkHBw#^*i|T>8ybyYF4OeMRt#7xZ2c zdpdM3wBVV(#z1FaFkq%`1`RV7)y;@u#yjz?!FQ@*&c!u$)MsL77~Bj_B;a}j5?h1f zd<1D^@LAwm*&E9xql#>*!ZiTQ+MS-i8P7nISx<>(MJZa|3uDkMkqEra=bIDq<7Q z8ECpjet8NQE-NHzM-3cIOsv5UnBkszjUMB<&+;O2+%|gXTfBiij`izm_egTm!)Cl# zpib8s67MC}kno0~RXMC7(T=|2sr>mlYq;Q~vJHu@;l6ApjpHFXG(W#}Y2W_VRV!Ae z`de2nw^~;aO+~M8a5c88a}+aP)_?Etie_kJs&kvMb>@!pCwho~_fMue1)8iBfhKR} z;FV(!%P}Ra z;8A`*jWC}ljL~Bc`Fc_Z5zZ^lq>U(?>%MxS9`hv6q?UmfQqD{e!+&Odl^|JuCXH8* zJ9Wbx=D22?@KZqy=Rlz_l)vEI=H@2+#^daFao>0?&_G*%SodAhwso;1ugCYAOYq&w zCF;Y?Ou-kw7oq6~@!h8Q9>mM`V?H~(H+1)O-PU*iiLY1D_-m{mEcxXa4h_`}AoG9rHd{FrM(Ju~+Xu*-~7bbvqlf*==~}K!bU_(_vZi ze9o=&&LXH8@1C*x{=+E#l_viGFJ!*4O{lOzs-M7Txy|@~5GDP*rn{ehgMVqV8%J2Z zfF1a+$hz^?;SQXR^y0c5Co(%k@~?fbzOCNt{C0K#u0^34OE z?C{+kZ|e7BQ_r8Xh->x8tp(qk^NoaeARq$tMc<`FxYcZF)8{#W#WP@4NE0)i`uPC!Yxn!+(XcUcA39 z_RWamrp!*@g zk&~j8Qg4+=?nfPLgz#A<H9A=|EWCi EuN+RTO#lD@ diff --git a/Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.pdb b/Modules/AzBobbyTables/3.1.3/AzBobbyTables.PS.pdb deleted file mode 100644 index 38ccee09c6c25c0eb05efdc33051073053e33cc3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 14656 zcma)j2V4}#`}f{)9KA`ipqxmPax`g*(k8WqKgT_h+PL{YH| zc99r0M*V5*nurp`B(`WUw%AbLXZChrDdzv)hliPG=J`JJ%rkv=HZ&zBltr)z^fLxZ z3Jc{G`0%}{1cFO^0}&a}fFwyKN_zwpX9)ZZf*52(5UWsLibf?>WUEpBSxDocv{5O< z&k)Z;@yJopVGxEu0US@@LuE>&EH$Yjv##oBSp5avo=q=WtKx3Dor7c|&3>bS0hEEP z5(3!(4F<{u8U%#WCjxPSb^?JYVF2U+G?eC%46*|esu%jPwNQxdp?HFrLzqJh=|yA< zA4TN_fd;+06i$w&n*n}LysSxgi@Hm7oAtcyrVlbOUL_# z4v-S4fRfcA-ni-zg9dVlAwY|PP7Xvmbcx|^x@)y74T!fCZwPi8f}Ms?Z$qfJA>rG zWCpzmX+S?yAae%K2i^iwbm@F&;CnE59`IHS9*sw9AS{pSipDeMQC-ov!#v9G$>33b zF9whDdoy^H--p4Yd^-k@^812CSpQiDe;DFsK=x1~m#&X7@H__J1Ni=+5$A7Z@TeV^ z(!2rSzlFF3kORmY()!S}Fo40gbmIS}c_WZN0N79$eyNoQ{blo zA5ZgUz@Gyi`3|+KIq>L*{DImC^T;1A1h0)p{R8u8Zbkk;1KxsxM}rmf2#*F9=8=9h z5HOGOVTy0#QNFg%XzfAyUY+vMV#CDyFnEObW$*}(`Ye`5`N(d}qkMk`kMaW;JjxG* zSsu%yx&|@$76u;(@i?0A0sc4$akO3_c}w7%AdcD_txZ-8e+^;qs5~?VnEAsPJjx%= z;E}x}7(B`sFnE-Y`UuvC^3fWJd6bXZ6!R!QoWY~~2nLVxBN;r(k7DpBKbpa#{1^t0 z@?#l1%11t9mLCuO4f6`fO9ZlJ_$!IQBYh)59_ORFU>^6+6iBmS;8Phq!jEF`$ez&* z9_6QjH5k8>!LNfj>i=VbY#I8~89c&gFnFYY9D_&s<3T^hBmJ1i`b97w_oVfs{*&2> zCt>{Ke6)6CG57(%XES)T7UVE^H1?znJ{b6129NqG`V|4Oz|Uw`B!mA1fh1wyLd8)F zv50&s1=XHIr?VigL-l!W3X9UCOQmpW8Ki+l^)c8#KwOtjN3#e)#aWF1NY>2-?RT`R zXpIZ1F`8MCXIaDx7qt4JT54ChUa+gtu1ct-VE5ySJcwp#ONw_JXbqta5L#7OMBzZR zdh`ZDs|48V))&HlK=u^>+^s)^4nWAWE@16Dt_zgESd9D-D6q#7xyCh|lok(|_!Dm5Wiks=Klot2=}gin#GHIS)RW=;eZ zNR@`1q9MpBM3z*g)`TN?p;k*F*aSbb%L5l2wy+GHzi6`Q-140^Z!<>@KdpDoVtER2 zJh7U+p-)9*Tb!j?ps`PS6$yEa$lX>8Asi7Z=BTdn+Py&e7PL`jPQ76b9qscHcU0UO!P|LU3}Fa+0gchf1nAla;Dm z6T#F_WoBk!DyqGjt5)W##H4wLM1E3=wP0$PNF$K5%{n7=CjhTZIXja@11GV6UrqrQlqvNNF)qpTAzR}<2GGW zi)Qmq4VuCJ>B&UF&+|;r94pLB^|x_Oy?$a<>VO_SU%dInP|(pHxm=`>bkcE_SG+wd z&Q>Les$TdeZR{jNtFZe|9+)mZHg3G>8D3-2is*g}GZOPil?XMuP}z;LS;oBE{CPg# zT_BzYJiYdv{Xdy6+!x(6@V>NjJLli|IoEf8inbKWNRf)6v7egACE@qC( zpKFy&%9RD=7cH5c!`phlDf)B5+BtijcYQuvS8n(zl7Kj7TP(N~${RSi`$|`9RFj)r%*d&9lQF}ed!2=<;kk+WY1 z<}kfv5<0b-G*!U3)xZ!FsU*I9Z!dmAcxnpGdyIxj5DFYx06Bc@3V{Y5FJ$IxNHx^L zqRkU?2F~%E<3A^iH!L{po%1c5$ij@Wc#q7WyZry1zI8%>TgKxbt@v``uIWXUmtb-n zwYbjkq_HFvzZ{^_!R zoDME=nw9<+tf#w5@8+KLHa~OsLz>+%x$*7v$Jc|oZbAQgo0t79dV25HSGPt~EOz`( zGxK9|VEBq9!v+m7A_4|9d&-!Y!Mo5!-!d_w5~Y ztN%9E2{)&29v0?(W#y{&P0+jDBpzqJYK*X?tbeobsPvSH{Wq|OAGuoOTin<7mQ5yyhHs7UXR8 z&wkwR;oSYfHO8&Ajk^XWt{gbNMJ;%)*TOy1|0kcdVOLyZ$6A@_iEU2*nCE*oB6`80 zNg+!ezBSE=94{>!we9bX-(@It^I7i?m0!3#ta3(WR{i?GmnDmgzw$q{Kd<`O_0{E$ zo|{gFzZ&|i4~tc_eVT(rDbAOZ3XR%f@H7W6v=Dk}7eX(z5PEfJ(@vb5!(fLTjV4b$ z*vm^Ln#|9ZYI5>3^VOt^TI3ZPzE~;uN)pNB;jk9vld?{DQII$3@1GUy>l-K$XZia2 z`2=No`}=tZ`$z&ay+r~3{z1OJSzMyfn<(ja~i-`g{g z@9XCu=*#zU56leo4-WDXXZdAH{C&MMg91qLAX4J(O^SW|1H?g@;z2>=ATpDXi4@uS zXs;t2KxkKa&n(dFDOTnyG=xt8q0HChsc<_!8`j{g^P z0=|#~m0;u$>t1x|pnRcHMe-#wI0>*0%2zERst980Kc_sJ?#Lr6@1<4u*xuVnFf|`! z7=qpl14{`Wmx%Zyn|Nnw5xMz6$&Rz9X2Et338EbyU%L;a74Nw_y$s3g`P&A>KD`oN zI6qQBQ1d~ISqePl)RH@<`TCSJ#jL5@0s|maGE&D z>zlJ*fVVGwG@iAz^a9aL5M{4*{3?63#Fq_|l+-+(_OuH~^ynZVqSEK5_sIojDxoR9!_4}hn zhw9}ma%rix!T_M5;f{ZG$jEU~oYx27OD!iwNu-6bz) zT?{SS{_NSBxf#tVg=!5c=L_=k@a9bG@9$~59ffzuh3>-8BjZp8cVU(eiq-C#Rf=DPplfNdX(5|?J4QQJ4OW_JTfP%0uxIGRYsoeB%Ki}&M> zGmTglyWshe=EbYJ!KUPqV(s2Z(h2N#&8FYiwXTBA4ZrY4FX>;@2A1b36;LtQdyz7z zD6nei3rYoz$6ev({%y~aWOL%Sp0GJJrS6`7_xO&L^%`(9`2i6Ww_|5;eM4G7NcWiV z0w_Kd_E-{X5YgqHpqsMl>72&3&c{ZSI)_}hT_au6y^bzD7{fQae%+_mY_@RS&)nf- zeXYOg9*&N=(8jR7zyR)KK1m%Qo_`XtBiqzLJoyLvf{-obGop*dHioDy8*&RU!0o?{=&_Tu^)HL z-Q27wj@~fQ;%(20)hoNfroz*YG?f(k6{R2!=1VlV>FQ%eR_BK_Ef0}JR9#6-Fspy_ zygNlorL42nm*M(4a_oyNgbp)V7W<6v^OdD{5OTFnCFC&W%V5 zW!#>e9M?~Qv4gt>YdwJ>cD^S^iGpTEZFuo%cx!r}$K680r$Dzrhe+JS7#-T6;BFc# z5^gF9Gdy>rM=_0#PNe2)74+x!x%wR4vf00Hne@E$X!O#*n>?OzgC}*5LF0+e={SGX z)GcZ3^L|`-?Uap4H-?HXbq`OM<{=HVb8*o-!UpG#^c)hl<0NbM!y&Ubv}3hpU^$n^ zCYDCI4T&3PT63Q5am7x7YIQN|JYB0=w!&3>CoFu~n8$<5l}GU;(-9J;f^7_AdcfdQ zgR5u%a?Le#L$5s?<7r#gx7)=iuS-9}=;Q3g8s)jS@mnlIW_lcQ5AGJ7Ceny=+D0~p zRxNkBuy4OO{>Zr{Yfqm$y}BJ54eJLylaZuolqxur(2l%7*EYyk*NJ1@7(eIym9Nh~ znUB{!sBJtvR#Fwli}LbF2{In{7>qQjA97JNq_6O>*^la310KI>FEL4)*Cu_DE@#!a zMXa4StHSn3JR*PjUc_pb9;JX|92h3i76`W`NRgbj5~CLt#cb7Y8Xi-=$+!3Y=87XU z8qQ0Tv|D0YzFZx6ktpI2&-|o)KKCt8*f!YPx%Z5*lbQ0`4uUoRTWL4FF8O+7v4i#e ziv^Lxn3CaB^5~9_>yAFKba(ic z(GzEUU2r&>2^pDBstVCVVH$IpcADL?m#-e)xe&d5#&|2Qy%N0bi>LgBj@NuazD6n6 zP9^lgW&)1B5SsN!7!X?eRkkm{wW$4sE6@NS)#b*^ZHO z?x~jlJwk7EM}Sr~Tnby+ui3=*2k`+x0mg~@r#yS}%UiJlEt^2%ed`mt0uE_=b!Lt^ z9n-LOjbUw3&9@A}C^+KN)xAPXKj3^`$K7>TFrO9LT)HLc217al-T@?&(3A5Sdq#}Y z4SUt&e0Wu2<-Xrm9~v?*oQWef=z#+osj3cs!q|*0&GOGx9wSQATqjKUyefr(O=@32 zuyp+kSqpd1%b1b|y^8w8*t<;W&WD?;bgfpb_p)0vpNu(lev(hBlc}14NhT-dlkgsc z_5()PK3sI1eXu;Co^yA>fP}a!3`7bE2LyPtK_jlwWu#wz8(GKAi`n?Ebizgl&Kf2{ zDb9swiZtLl4G~XG7_nMI%G zXrJLqm?Ynu`SwiEVO?+^LA zt-yAaHm043@Fo+(YYas~pGCK4yibbt)tZ-T}0)xfrx)eB=kyo^L}}sCf;?hBhqj z1fm`cDf8NVr0ud8ES6c(qIhu0iU(k*BU)Qp6rv zW6xWn=k~OdG3Xsl+cqWf{kSyLK$p`W-I->!F`=|k@nrI&Yw4XZ2_45YE~(jh;GO56 zZKHM%_*8TH?q$3$!j?mQsfQ8Fb+Cmt^8E0hxzF=9#I0ZOM}&jh^uC=6>yg8TG{ z|I{K><4wg~+KAsrH(Xt~xHW!lNTPKXCmcV|Xsfl5X+*d}tYkbG#X3^dBd1@xnif%f z?T=%to-T0vPZPQ{Uo&k2>C1YZG5@J$jK6oV5S|lBv*6VLdby_^ z%lBwqBKzq#H|iXTTYl`$zyDMhcz4zXMkvJ6JP~fkKWN;(Dsr20l}qTt>pN!K3>n;| z547Xpk*!2I8JFwu_T*EvPL}l z#uLGs2@5a%Z?f^HHj}9dUAxA@-h)Qr@oRohz1&1MF8+u4W5T|fv&fl7p~oHkPOXIt z`k3|7aSNKSx>nnn z;_$dTUnWv@J$_&t^Vj@RnmhMN#De6E&6ZPsUW&n;p6maKJDz0kX5BNH31uZe&9ogl z3-49hUjrn<6G<6$(4)PNkv-fRKMEIrjw{`C>D50OPq%g{C{?7+#eL)vUEJtDkM>&V zel&LO*nRTbE@$zkqrEsSs7ni^qSFPes9Q6ai@eJ3#~f|>W8zPOD~Vqyw9`53Azk{3 zYFE*U^Y2G&O+Tnw@Yo5Tz!{}eUZN|CZ5~&mm$N_pSY%!7y^yQ{H~V)jlR_oI!?8|C zzSr`;<+ta@Ry~sM8NEXi+Z73~=kOK@7Z*EU_j!$bPW;@rXAK?>|K=zLsYI}=p>9NB zr{ZyNpy_1XI=*B4`l!F7evNABLnGi_Og@>KpVxMD#3h_d&%L^6#nR}C(iV%&f|>XM zQhUF}itp{sITYw26ztEwvt;h(q5EmY9fv>lDg~Brp|R!)*wKCt?HnHFwe zYbZfz!!^Z5-x~MIh&(hTu0`@pgL^0vqz>)c+3Y#pX6n^ai;BI0!qo)}iI2Ok;$sz( z)^1Qc>=e%dgDaYH=c>H%OiJHUcR&z zA1P=Mwy>>hVA$@_`MI-7a>Hh?KW%pQz}Z1e^U%#W+B7U4{o?(MfFJ7<_x!NiUnNbho!Im$2dJ>k&LQ+z)g_|M+aUzX=~u=o8N9pDFrhh5oVFgL;B z@sY6o#Hu!;9f5kA9UbrXxrs3p&Z@~})y!bkl%QLbKE_Z9J7OY!su7)NLF3yGcX)Qk z8#wJ=*ML=XoKPhC04nxN1on6O>ymwNAF=Q(T{Z+F$?`^w+jgf31j%Kb7b*I1w(k^x_-9MK z^3cP)DCJ~+$2a2b?|{u%TTe4xi0t55`1I}`hhC85KH4@V8?d&1LJry13xQ)yb%%1` zf~u(jm*DGzDNbDYMx!@ZpG!pQ7h33O;KLeXoFViR%0@7mjZB750BDnYQ0m$n74-V+ z!e>N2CeB1r5l7OCn8MDsA&Sb`(9A{i*c|wOnr-Dmq_chC8Z3unW2p2XSjLmSLFPD9 ze=Ndlq_sH#!^4G`#)iH(Nx#rpcN9l|2+`LVdO3?TNf&i%Hlg6?Qx4RmH)$o-N zfQT{BVP|m$QmAl*f+4_}#MYwZ9DTS0jw&#c3wL>;F;LkYb8YLI^L^pIZ!fDZ&Dz@# z2_sn7mg7>bQbOtJWv31LQ-Qs9(AtAzp$uor>l|lo@ABwLC3^Iw0$(l8SBneMcDW$x z60vOvw2warE)u7su?SUx?hj5!!$<`8yn97=vDV5EJ`l)5KI_Lum!jFkXnpvcLZ6NL zHyf@olQ1=KChHUI={&g83|E`syBx!4s&bv$n6l1H>m4)g@UYg-UDjG7?VKqQJ9jE@ z(oSJco)qWdq76K#AV8ZJpv@cFhe{l(b&*i3TIfe5Mr&OZJ-`l3OBrckMiiB@^&N?d8zLUwF_C=bGDShw3m6T;Be_2krl%Z)lsokpDk@ nsP;X1loNV5Qh`A#<@=1WRA8p0oR>X`3WiRm){Ws4LW%zeW&Pzr diff --git a/Modules/AzBobbyTables/3.1.3/CHANGELOG.md b/Modules/AzBobbyTables/3.1.3/CHANGELOG.md deleted file mode 100644 index c7880a5f68cf..000000000000 --- a/Modules/AzBobbyTables/3.1.3/CHANGELOG.md +++ /dev/null @@ -1,28 +0,0 @@ -# Changelog for the module - -The format is based on and uses the types of changes according to [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## [Unreleased] - -### Added - -- Added Sampler ([#48](https://github.com/PalmEmanuel/AzBobbyTables/issues/48)). -- Added support for user-assigned managed identities ([#54](https://github.com/PalmEmanuel/AzBobbyTables/issues/54)). - -## [3.1.2] - 2024-01-05 - -### Added - -- Help documentation for a DateTime problem caused by the SDK (#43). - -### Fixed - -### Changed - -### Removed - -## 3.1.1 - 2023-05-03 - -[Unreleased]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.1.2...HEAD - -[3.1.2]: https://github.com/PalmEmanuel/AzBobbyTables/compare/d854153aca6c5cce35a123deb86653a0d3289b07...v3.1.2 diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.dll b/Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.dll deleted file mode 100644 index 1a9a170b6f32489943d7e5f1d1d0784cfb133293..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 17920 zcmeHudw3kxmFKBvzoeGB<+o+K{iLzvwjP#k5o0XNG8R~tWyv*<=C(**qs3e}N^Oa3}a zUkE+7^hsssb4&XUX57S>V;^wRqluw(E@$TxgI2;B&m}Us#J29<#Hc-Nr7A1KD}2+t zJBW5F8vWJi-FFsxdxe%IB1!|%W^hc8>)eEU0-phVh^hrwJ-?a3{>$|MAozS~G;o?# z`CsYolgz@k2zI*}86f%r2V&+mNmKz|^^HV*Gi8^e6GXu>c@XrDGCGyFZq0+fbrS$& zGFIPjP;w>URmyRlAyDGm01zJN7JSOCE#RaaD{DiMeWgi!*w!|D%C0R$Tgym6dpNGR z*f*67>RU_nOdXLT-1iO^tI0~D@ap$_cXjTam`7#h9PPdnFsZM;!slx64 z7puoHTwzCHRMk!h3AVxPWnc&b2GT@dz2IcPSFiHag-Z(?bXw#OMb&I%LwMD>xC4L2 z7R_>FAYHUGkFAD|BDn%qnBqVcZo7f`L@~ofbWK%r<1E+f1E#@)HCLK;2)D?&8fQ6d zE?HP^G_bm8bJ;Sg@oXBj*S8tf#i(PUq3Rq3)RHyq(JTN>)!o@l%;64=`k)!rXZHBW z#d<7_W6PF8pC*l=PlP#k=|1)3T=W)+D;Nu3zql$n4~*n|b_8KGXSoY5?oI^)@RJMN z39c^0^u`+tz8G{bEMt!Sn1)q*A)BuSh^RJt2|E!5v2dyYlZ!#yO90lic*41NZp08* z&RKHR{dNNU%1{y$ROhLOk{D!NDT>vk24=Y!O}GMc7WC%K49c9DH9DNGK_}B^Ev6$G z3Vz>qTfuLg8sImQFs3H4y3Lhqv{iLgaXLR6)1{d93UtD$^*$J!o>~Q4ix!pg%7rcD zZ_HhZW?}7Q1g2N6nY-#_7|3}O9-Hneh*nOrB#Cg+9NWOaJNtu0RNfK1G+l%R{;(to*To;Cbh#Q_Dfq*Zi}~~C@7^D* z;F#M4lVOQcL_3M~THYN-T8I)$BuW*gzDAo37K6{5rviBicQOo-=C%ccC$)S2n?uI3AMqudiz@j_%+Qp_KuYPni{ z!IPDfEGdgmF@IYAFn>_G$~#(9iVRDN`GewCu9hnK!;*{nW4{}J3|feqfK?iE*TZDk zj2b6UUvzKfYH{`aY-I4lAQ)J0rj1NPIv;11`lH@GiP^5Jza@bD!5(0`7(tlVeO;v| zpPNM8ud`7T!Zmu`I-JDHuZvV^MYiU#vC``z0p1JhPNH0w#}6C0>0W`hD<@f! z#Lih)!&TrjGouzWu{UA7Dvi+k`@EwAPIUCYO~v2)0`y0yQ5d9O?`9RFHt$Zjj0)_W zh1E~5oa?;C_qgU&!jO#$QRgq&fO!%dNV$s$SfNC)q-=_dOY+T`&SG5^YN%}&YL-Ti z!#~6{rk%w8RNeG7F5@Czv*fG z@wu>BZ&Xn92J9o-`NyzzxhlHIo9ujdr$H=6do%X589T*i(R>*T*)lXpZ z_0`v?$Avu3l-mgf9ON|Jz6O|kEt3lyGGN78(>ltyBC<- z2Vn07n3Y65t8>1{n)^Xlp4(8PJKqC|1$P}7xLuFint<~fm~~i-LW?YUgDAK-_J@y! z3TL=cT5~ULKq@IIcNr3F5_8AL)Fje9y!u{ER)c*L2uTo4Rz-<+Z)UY+^ELPVjPN|? zWR`Ijvire0i3MGr#Mu2!cL0KwlPpQ1Zr0g@pgr?m8!YhhHkXy!uw+IX&xP$8KP!aA z-Q+N^)ddbOV~DI?=5`LM$0lpKlU=*LPyFOX%e3Y#oSSZIBZIWN=j%>9df}&zK2~Kz#aq8?8A&U07UBQ1F~x( zg;-OPaLqi=0;kUOmVW*`J7dcHIcuVgw|H|_%;F}^cDOGWptxe!tH=3-=!dkhj=|+~ z+6?YBnkt6_dD0MXN@gJ9z24)}*4}HjD*h8R)(jn4mug5gH#9fm7{DifWGek%1Znw6 zqJyX$WB4rZ%{!Ug0eDCBBA$1)8Q|^hrCJ>Ck%qMV>b;%VeW)Jv$55%4Z_RT4%B5nt z>|gZhPzcqCeycPS&P_P_5XvFXg*^Lm*IV%64$xelKUs#h@=5{S5z3{sLy_m_5<<1X z^_L;Gg`z^cf^#cOdP?BQz&}Q+Xak04($j&3A(I{mJ|8w|uD~Az7=Ke>PB;$Tki1(yZtJH0#4*NPi}pw}j4z;`E`=|1wQ_Oik$~ z?K2aVCUt8mJxZSq4^%{{uWFzoOy93$I}fSnLv!fM&|E;@S3evvsR5dCx<_RTn}M73 zp!VTNoT>xNxldysZi#T)uSD4LH70xVggHcj?%9}--8c{Dz-BOpQCh7h{sYDX1ueK@jt_OO}fhD-tR`M1+)gZN!!K4 z{|U}ATB5Vg0DLg%vM9qFq%SSPJ^nmA1^<-*_?PwnsyEW_^e+KF5q=tcBmCd=_4H5L*Y!D6t$YhG ztUeF8PkR~g8G-Lp{t0-C@JB>PA?933tp90+^+$yB9l<|JzXazwV*bz2n@P`_0iy_` zUjpY|^J#r|0>hvW&3g%RrOMr_3<&}m`iKT?= zlhhLGz?kwr^@C`)5vJFDYF@b8sG|HbPxHKXgE5QhmoxPtx*x6P(XBr9h+!G?D7eCt zJ!06#eEO76{j)J)ETH5{PxjBoZAL9U=~I7)c8h5Tj!bOx@6c`uz35Y4Gd^l0s5a@z z-bQ~b=^3G>=qusR7%S;+972fhn)j2)UmB~ZnvWnd4_mcWv`VON(M{n_ElI6Db))`Q z#%kIj)F;Ubf6J(+jddj}DcUBKH=8NiDby)ipge1&$n~jN>I=qN`hZV$D1UD>&~JQd zKzr3_q+mVUJVoCE)kF(?>MFErrWHOl2Ak{XvpyA}zc*T_evQ}eYI@dKPmlZ5=am z9SUs@GfYHz7xVDl*t%3YZ1TIs&s6fx=JEOUaDo3@=<6aiE+Rbvo71Id-@)eX72NwV z^rF!171h-$t;NR5oDyEHv!IIkd!eb(sYrFTPA35kdKUgDR3mn{cf5s{as5TvxXSTA zHQ7#H=T<+BFx22-0iG6)2g~{I9{-&9b20r8y%bS!9OvpZA23Xp16EU`z*d260y_ov z2)tfk8qlN(z}b`$d`jS50`Ea3Sx9#PPtrYrSI`;d>y=yR3EH8jQ(NetWr_+kg`rVFDc)QJ_*i557WywL_n=n&TFr``yhuMF(#w^rqV?Ka%4f_b?W}Tbbc1$1B4$z= za4T@GTerdT&6=Wy&75{dx!G{Fkh(N*E8tC)AJpcnKMP$!A$7G;4OkgCtu0l*ANq*a zs=gGtOKVdT#vRn7z7_nG_9yfYp)Y7tbPAj)YK=S%YiBFJs->a%-?g)leph=HeO*B> z0luKULE9^StljO8>v;5++JyRYutJ|u51Kqjsj6z7^-VfUPgO3{?@+%JN$PD%bF@M~ zqg)}<6M9O&PsaO@jQ0)Ee-(WV>UW`EmY&dWM!!#09?)N+9aUp`MtviC2iDRk-K(oK z4j8A?bRXay0`C-fm%uLqUPi0wbRdQI7gc78YG@wdLfQbhoVEbg(d~fE^Z?-d=uyCS z`fI>zh2IOc zY2geBJ|*}m!OsZ(px|E<{2PM5D!8JuouvZX1f~T}2|Oe4YXV;tsA!@ua7tT1M&JRB z$8ttEq%%GM__jGI@Bx8e75IukGFX}rxJBTAz)67*2zmNwHK`T#vm-=-^+Yn7Xned=j-NSmXt)A!+Irr?Q*pOZR_|AXCUR+PV!t`Fl7 zL78aSR6%Nx2j#3A0#q^M+#-TEr$3@|6jd%)rj*B&H*AwYu_M~``@&=wZFfqp}&DPwG9t<C%cK7R6>(yxPha%x!n<(UL)t zUf_?%<*}^e*6mpPBvKDOFK;r)fmncL)Wwxf8je-RT1sr{F*%?HbQ!eYCS9H$G}P1xhrhv$~yO%dv(p zloYJ&v0S`DbJ_5|bave8OS^}FcedNvtR=|+YIkp!H9BZHow*TvnxNo7-gdar&WxMq z`yMMj+?~r#__Pw{$OugZ-I}I+s;I4TRNYnt(hG95_Hq% zp@K#!B5vwxD`z>GqG)F(cQ_@%Ck(95K4j%Qs%PACCOmW~o3V2F&S63VT+C$em^GA1 zXEVpFVcOK;IJUFL8nT_?&4>E?x2A^muPfB74#~AbsgW7I}+HlzseyipWvE zka^K+%*G3ne+@D$vAdy6tlB0?PPeBQ6b?Om+31lH{!q)mLqlY_F%ixXh+&T zm=~-aOU*`89^|g{s71mS%*7hQnA?Vi?D1S)Sm`nxKY<&wocx3c_B)6ma*G24Ps%EH zn=A;PKgu&`J2viEsdgJ*pzY3#Sv%~bskUQV?ZLqbY3X_*(V`vs{MdeLuuu^=1V!8% zjpZ*9+Gb^~yhYd$oTKaub)Y;952MiJ@zQy49GrH0bS#s#99a=qR%N21(q5kBA_c31 z;|C7#h)TRdohotKTo=VCJJFZPmn-(A9Yl3IekN!gwVgv3>TicP`z*)B;_I_sOMEW`qP)k-rf(IjOkNntZU?1kC|_z= z7&Q9hAN7?4g%)f%otr2L_8@06qn7aVnZZmplP{BQoxp@}&PjWKo!fHk-^V(oJ6_KuV4w*mP zDI?BLc>FwX599~75N}VDYf!3fJa2m``VPyUE;z^)tRO@E-MoBfCoU$E1*I*FPyu#e z$}ML)ujAGsYm7IR@|s;@a&mQI@|_aP-&gyPz^Q9oG%Py62?dCH> zE_G#w9NV==@~N#uS#QVg#M*O4uuHiGe+s!@C~f|h<@$vSYXN5psBRXchJgh zogg_E<1R;j+;K#-9NfL|$*I;mVjxc9!|t@hkGFP?8Pks+%xTMcYI0O1IO0r@9PQc> zxdS*8lRehoad;e?MqcpF9Q^YrcCCXSo+qeN;^z~)dohVtVddj_ducm4cur4K9=4+4xXfJMKCBS$K1mr~P=>o2P?#{x9cdgzAOFfjo!bb(C3%9Rxp*-#@u@ z1+B#&HKsrp`bxnr_heCuj!Nrc&_|)2l3w%NqGfu21uwWqZktAr7T(-hcpqKXbKS*T z^`Xrn=;q3GHT0t4M`V{>yiG5);oJ8z+e^2>0>|ndBiFhI(oytv1osZ~mY3LNKw$;K zXBTlS#i7jhhD){F4L`auPq)Ah&q!Ij<~AC}-+St-@#1YR(M#)I%;hlr=aIjszBXK{ zTsW2Y_b~LyGWf$>S|_ z6JF(cc!9Sb--A;qi*~%8s1jQNy!KWXt$lARh?aNazm9a!E{wVppX;e#sBN?xxzs6q zYQG9&8$%CkBx4=;?nUxSc-KIU)Cx%hzJX`hi0|Qf&AKu!2bpN$yK-gjDqvZ(vt(TT zz=px6<=3IrOdr-@6?9--v1fZoSu#`JKTS@7tD)CNG(U|#xIY(v{fJ6oHB-%Tcy@vk zcv~B$JuLBNe-mZ;3CvF#9`Y*2T!h#VAF(#vewpJvR+40H0QR0(l zV?E)7uEg7-vB~FZ&43#3iq{$mRf$Feq(}J*B{U^|eKbD#!(c#*cg6O`Yw?COwij=& zW0Nmc1`2nVaykS`jCZHREI#yIQC`(#E#Ib%g25MMVt zeggi?j!h^*^ftwKeDbssjc*iB#|;t9ZBTUZ-+)h1UpK8pV?BBp4Z?_l=Qgno4Crv} zd>IMs@gPo=55-{5YpbgZO}vo?4ZdTVc+96U9z=-U&=dHwX+gO$-zK`@z+hTb&z9E- z!(bI0^2~aD7sEF0g>8IJfJbwO3|1zEhacuFxotr>7k=X!mvUygIkH&gf_18siK-gaA z;)Ri*_~ctUVTJINz$xzA!=35H8rBh_%BD} zZD@=1CQffs;!_4z8pWqV0%HQ_Bkv)ZAHw`07vfWELSc9`wNk}e^Y2ipfn7{pyiJx& zZLK%~`w6ACHUx)alaIuwTEaZrQ>_@{{r(h9-mlh(WzTnvm#0}Z5S7XMG1s;D_6R*i z0y?sP@(kR5Slnu3IC)0ad~FpH-OFM$!aoGU>!dJW_eY>H4&z8LUd^@9pm@^7r3C|S z2|jzg=I!U!{J1CB_?38Bpw{(-NRQV>qbkZIp`@XN2?{1^9neA*iCaZ% z9QlHIMc!Fz5gk|OCS;w)$D@n0Mu5y~E~xXC+_ruadeQiTNeb4)T0vxZKQ7nn7R zZ=)zvLXG35Vvd-?;4u!YFTmRPVLgd4GUx)pxbPFWXi$+~#SvCMzF6y1=j?aVW4r8J z@j)FAjrLJjfu725OgDRkQ*{-Uu@t!&F? z?W0}e*?eXUZ(;k?P-pHSULWA?B&+Sj&sE=r8i(oksUe#3)g}9aYs+h?dr9fq%}qa! z&oKTIz%Y&_g^PWz!RIo3egoNW%4Dp=zt=6l_VjM+UH7p~XP$IFzw^(Jw0?X1_E)>v z#@d7SsI?aVIT~+b*79r6wbN!`2Ib<(d&rv3lo!Hl@hra9pQE*9ulF&l7tv0Q4G&W9 zj<%*292q^Qo-H_qfiKuQYsGip+!qf|e)4lKbl`t76s~^869sDez3`uiJ#If1$qUrYjgZej$0RK9d@LNopobG_ERh*VDV|PVD^j={=o@0zIz32%`#oDm^7# zXz2^0(|~b%f9vo>h8UpF8nopne?IGT9}^fCpZrlHakbGg{6~8m+WdT2dUE7<6x@oR zEcn_bb_)IS8v?v6gERxH<^H}~dkxq-lww5o!CvX9jQeXu{|&_t_dgf<965f5b#PB3 zR;7`=n|@Px&dK7BuOwy)bs4q}h$SBD7$U$UIv{T^NGixa>9^bG^D`>ViWutlb^YTY{hos|96BvbV7LiOK>!;6Z$q$~} XKj7Le|F4VkoBn{d|Iy_C`w09$$=8tC diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.pdb b/Modules/AzBobbyTables/3.1.3/dependencies/AzBobbyTables.Core.pdb deleted file mode 100644 index 252b9c04eaa603c20fcb6c6837c886bf4ac7f881..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 12876 zcma)C2V7Iv_rD1tAhNgMK(-2DPZtovjv%0-R52tEh=e3&fJhY(CoU8%t}2Rx3L-94 zq*hzkPpw<4);elk)oLAWwRQZ@P2Ph?z<&OGIJxhf6_9R#^e0FkL2AWdpaBdfS_tXakd`wUsG5nrcmHD`xeEgoxiC>P&_1Ac zpzncB1Esk#kr=2N=sTcSK)!BF6bn=UR1I_#=mn6CI};5BS_O0%$kIa(^#Pg$M0l`} z#DntAM1OiP(FY)XPbM+}vH|J`HKVxHvl>A7(qamppPTQfB2mhjmPbi z&QAi~8stW#K9$QO7on!X>6$MZx0jW+>4 zNQV!h@wk4%Xgt=(e_wU`9SCn2Xe9hHHBvoPrqRJYhM{S9+R>kS#{G|>nGcwxwELU? z#^ScDhce(-ANoB0!*8@U888#zNN{~1 zv0K5;Va7H1-HVMP#7%P@HX<}DOCl2rBuZZ$-VcccDnYs+TSBA}ibAoFKng-BQ!C&> ztq>!nK*?1QB0{PX3nWOckjYW5LZ+4@nLtfP5QDFjlbK&TSSq)IR% zNf9Viq_{XadkP^`A)!PJ>fmasnoz0`F%9Jt#aau+ny8W4g+cQVSXf2PTUcZ|r>4pF zZT9GqCk!rIRHdOK$#u+)j^ip#-Nn+Fy*nyfVl4jrI9A`{?6TTW{)T66jcbA&rszNW zxbMQEiiEFj#$?Yvlz81RmOoS4>x-o3n`g}1rl?F1D^FHHuoY^llu)pWWQu%~$mvnC z?CfGqVJO+!La^-elEalL2)oGX(Nvl7rU?l-&L~HyH1a_Vwuz;slSjDIWy=qzhIrjm zm6lb=mPxjK(~xw(*}rDUQ`hO+mK@3)JKBb3gDm$h7G^q?j*bzoy4U)1_3U07TTP6= zTCgWDp0jXDOVfcW^Q-gcTy@}0QxOWOK$0%YC#0Qq1ZH}71X6ayNfB={Gl%dteKSaU zAldKOBB}e(9Vc3UZw(DnzWmGfn_8ndLLw&=$}YHaLnrj(zDB1FI}YYWC|CYI{&c{; zuQHSKN0{s}iZy6#ugT2SlVwjaNF^kMKuMTN36)YMkctEfkw3@Rhck+oo<{OsW5GBS z(C|W#a3YmTq99vR9I1lUVzydEV80d}@s>xFN0%p+XF81ti+<;R(>As^b0yy^JM<3c zexvh z)QfGhKU2!CwDKle*V!63u0OVH-BRf=bCdA+_M+>TFSq?P_r|thUw+!?-`A|UsCwM? zEOW)uIjb7_ynnyrRncOujYY!SK;M`@3UeR*s_)#r*>vPRUYaB8A=k4eIlY)OF9RJ6 zbPefu|2{fivD#R$^t|4m*NlhHEM*?Oz2{N+gg;=A*in5a@q1tMlXw0d*S929RPf{I z{b3fZ-yJiEymi6g<-MDeZbqz$TOR&fmMr||>-Gr))(m@4Qgi;pDL2Ep-*9{k@7m@! z&ee~k!&op)pTOyONOv-KDFjsoO=8D;GcV@QMm6X1p zbF)wB7e4tM#k8xpQh#C3+_GzH+=NrJ7d|ez9a6Tv#91U0staITQaXp1IQ!u7!ACnj z_~7xur%RpcaD$!0o%2*GxiZ|xMTI==PzYsG71-nmWd%Md0!aa{Kp<5U z5*@rC)Rzbf$_exL4-pA-{QU#`LUVkB0(`^#L?PL}g5aQ_P=Eg%VSvwI=NU6*xfE(U z70gFqRxXwh3UBIFASaaL>m9=J4+skJ=lBf?$qoq$3-uG`1Z0bX{C%@Sg9%|EA@cPl zgnmK6!q9ACU?>qtWFv_{nyVJ%5{T=9w1b~_4p{aU%G5Aa2P2tUC0DDw^TkpTiY}H4 z3dAs>NQ#rh(tJXcB+ga{6vapeqhWz~x&V)fFuZGq2PBsWR5>z50g99sbLDCTg$i0k zN5~K`1e%=_MEHkP;srKd)6d0wf!Bwl11&kGMs>5-$NBU7X4&;D7ybk;A+H!C?c zD>juEna)e?D)IZQ#Q(FBfX_+-KPw6PtR(m|637Hig4QjLoUT?7nkkDTl1N}N;kzKD z8ac61%>7*S&dMTo%frgXQ^(59wTgIB<7g*8Qh(>287r~AL6BW=;e7|!u`jP% z^Tk4iOexDzaiWA07}tuW!gy%piX4Fu26U~jLrw4ZqgsR(&*Chs{-%uAF8q74YsQ+w zPV88*QZ10AsnjB|jFXfKp^3Nm!&qLyKHoG;Zrx0f4q~w;+6HashN)`=e{mInB9QWVf!RpP>qxZBKb zOu!3H{ds0DHmq)mUHhs3y{EGS?&<DsyEL39QnfG?mbNq(Zeqfk!YcmU6Vu zHh9xQm(j`V?C10eu+QJq1GX!`bMHBqZ6C^#mt>z*4!Fyh)dOIZOd3nTdQ2?TaTeB> zAHe>?G-hey{FevsE?Ut8Hcd_lVT~%DPKb2CgD>0mpWNaZxuyM@)7ZrW%R0aXa+wq| z#+Qi*31k#lCA5W(Hbgar>wCAoNRiA=+IrOX*tA{u4130R&8&~h_0)$bG^w#EtgU@q z;jo@Dyh3mv1uH0#rW28IA0?}@_Sx(kYuyh=RJ#wmVz*knxMv&PS}+CQ;yKx|#cURL z-C6d?@%}bn_6$!imJ?9NFnd4;)(PPKk>5^++Ev7r_kZY4xQ=M;upm{+B!rIgW8=6h z6LJpmTW=~Kd?dzObST3Zq%E6+WWG+#ol=#3QWCkNe(B&+2vKBAP3$x6q!qfn|nhpz`_&Tn7YxKT5NB?Q?Oy*Li#e!U^OsNtJH4Pdz zC_)w07bqtN*0sK7s*tEX>G21ei^JCT0F5TH)zkoWjLZzL%)c!t$U3IQ?%d|>3F-ko z!8*LBX*O15aST>8*P~h{3cfvmkG+*Qx4F{cmc_VgRSy+vd(VEqxHq%rH^UPLS zhH+|=mcQyZ`DjS$q#g{UC}c1+Q(2~ffy4Im9$PylEOq;#`R>G@zv}@A%XndaI+Pbx zi4^uj&|6i*Br&xY zlSi4g{r$2hLo%5}H}<}pwk>%3k1(+&V|B^&x9_Aq!Eo4Jiu@#5X%6S-@O&#TCGCE% z@L{j7Z~6?lb2_4cxmO1i?$~O{Esvj2*U}hqodjy@<2kktbIw!WltkgfC(&Cs4SRk3 z@!=_ybyyd6TBHV-;Wt-upKY(@&ig)!@i5aiS4X*9@1`O-Yv%a$z-hDiy&j7!90Lx# zqHx-U87Eb{#3IX@0>!O5v?R=}X;jV2))^bt*v%$Ev2YZRM^5bo$`wcmyp^L$oB}U) zU|o&1kR|QR%k%sgk{I42SX&Ylq_6*XV+5h4aT{NK9Ql5N7SXM|%&AZv2kX{AlQ`jh$Gn4=O~D zCni?C^V^d*mD;dg?DV7x1+vvGtTSY;T9{H#;q7SN(u^nJHL^q0Ak!5Rt$<|=ZFr!- z$HMDoUAycVwXx4mmT^h_hR(QX{<^g@3VnpRNF_V{mS1l*tki4&kgy)n;{+;UUPsTS zptV(QKkV5nD-cX{%r(_@NQ-l2Vt^t0lN zg^Z@_wb468Ua{A{5imNn$4Ft527!sR4&l=lAt)fDq|gh?61E!N8ktbD+27&8-8BbE zG;D{aYL~>MevLBZ94cd>7Xf0&PyK2}Z438xcbGZ8h_0_~Ae805*7u#UEA>ijg|p4P zbA_=Z=$gD~aM%wra4*>FQ_&H$oIp-OQ^W zJ7wnN!UOSi$Y?d8D8?Hp5_5qpw7yGUzj<`~hxqL?CtCaL7E#MSzNWnJ=9v?zR>=zJ zYw?5cB7ZXBt@=nxo(mES`tdS)0Q!ZHk+5M-}MeJrq>X96%TV=V`tw} zRQ(=dFt#f|n-`uKma>zXX!}EcaA>e`^4@7L{=W8B*o)L1MNsS3r(_14$L-cD%{Y7Jq5)^?SQ^@qrd7xsK;joWPeZ0R?< zoh>O093R2vg~}P#JzByEXE4ET~_vpNTs|<9t$HHby)-m7itdxyMN8rpqsO-bP zdgaOU!khM4Y={pcQQ8x9?VhD;P<>CXTz|FjR(xY?RNC6pKjxEwR3eAm&5;?WGGUT> zuk`m{#_;y1JXlvz{Bulq{ccn9H8THp72Hf_`@-10^$!-^I6l9iJG9$`@*@d-^?uR5 zRQ-RGcKbZayKlaYnxSz|!e1SfoK#Isld)2$y%WyYEcxa+cjtCA;L?Mkzjrw7L}{P2 z0}-{zq~Hxk02)&Hq!av;iQK@LHrbtzi`H(W#z$&x zg?EfF2`R_}d?jZLeD=tp2Fy>1N&((u8`_0!6}(;?wRtP=-x2xd)GYH^BidsTu1+W( z*Vq?S14Cn58~5~S53v(a8R)XiyMg0|adT&Kq~CdgQ}nW@(R$+dnba8o<+59?-X!yz znPAXA_0+@IX4&n~4>{4}bezP&34iCDOMw6E+p8E|`4Zedzp&%t89S(Z?>HmnI%uJ-}(P!Qf{) z!HnwKKPl8*_d&N`ezJ>ecKO(F;?4zXjYCBNv1<+%=yTe0(&3qrXW1|18P9IOL?|Kd(LD{kDrSQ>{E-}pB z#Uw1AaeQ}W!*OZ{*fYLc&-|H;;^4d;_xQJ7#w`&C$!A|!``=bF3aHft1?Ls1Km2Ml zGUo8i8-^{fWjSO~bW9JCLc9gVr&bCXh5fgtwjFPo9B+glNpd~HJ+!Ja=d|}5Q(Y`q zA`ll)rFNT)*Y&sOja&Q%M(t|Zxix*vVTW!YMX_8Z%T);EdBvPaNv;fLsl0Ah(&lb& z7IHng4Guw%9;qUn|I-RrNi7iWkU{)1w*AtAMeq4*hb7zOuz1wjL`SZ<^dNXrp^SFO zN!dtKj-GM((zuw4%l8kjcs76Ve}>Sl`tFjE=vc zsu>wF<@(f{IUgroeHytsYr*;d6&Zi*2wC%0TRUIEI)X$|{nz}SvdTn1iT~}qjOZ_C zFLWnS_~?S8Q(Kgy4>_-`R+&~r&#F2zr+#BKb@I>^(rt{T(C?ex46Cb^B-Y#sxRsmH zM3rn8w35>q=#${)`N)ZZ{C@f^YrXZZxLHJ2o#TOVHuOMgBf{LwwiW0I3uV2_Dxbn1 z8BdOKYmj;_@bfuj3Xf{IbS`dW4VoToAKQ!}?%O*^}U0_&X7|4KDH(e5q! zC$mSbtUO+7H@uu$cXS@Xf`wVR`Kfij5f@Np^iP$=!RWbjG8?~FJdDoN@nNcd{FDec4_D(n)yDRbDupF1` z1H1dwpiHis5N?iQ)k?{>P8Eu>$Kk0S(CZx+hp4h{H1~` z4KBOh9HqfBqR9`;Wa0lt#<$_0gv=o~Kg4ZjE$i)B@|^m{gX06z0a2TZ^s7hXzVuE` ztcu;S{=)gS)b@Y`Q4w}D4GPvgR-Ip7nIAoC!wIuf`%VSY!%GpU^2pFA_4rr+%nbg% zEqUj+&ApbfHkx-+*Ub|JoO@(kVroTWM43Lj|K11LCiq4Z%g`NPVhS|UXT#k>Ia_P2 zFKM&KBLp_1u7XilsX?21Y7=iwVillC?0xY~w2>ZQ(hZf()z^H>wCMIlliHzmZXlJ^ zo*3?088!a*n@*m8C>u|z6C&jfacA>0%NO%B#fHZj1*8MbH| z3vPK)>TnORL%oPp_ksIekvWul*<2Rf_3KGrLFx~OyCab^KtGHH_ayzWJ%P#KKf$j`WAIV8HSVp#GUz<2~&7GS*LcwLtCTu-63+^gPjo<>I6ASLHY06+a zSq56IQzmS-R?EDLRxzoisaGhcvWF(@-WtVe4#)(JX2QkQPMbxPHohMR+T}+7rCmsm zpxm2MRXTKupi7+P$)C}p;`{>NwKPT3%atbm&>%y&wi{(+Xobv};a2z-AY|SgjWGi4Er?bP9~1_VYn5?m_T>3!mZSisjW++&dUV0WasGU5O8S# zW@%$agAeW#n+Gu(!g1HMu`0xguWheX2qwz3mjzPeh7DKE4WT{_O;7}@*ceS@!ku9| zCX^ABVs8||hRcotaC;p(5afR#++j!7Ea*>Vi&%!<2=2Z^|6)z0&iCSzsogD{^mTMq zyn4fnA~Q`uOh&`EjE4U)8m{0b!!O%yfzybxeW8%*vC7VBc>A&+yzzU>vU8d=qU=&A z2gVl1vfnHq5+;6TLTrRF@?;e`AbVVi%wl^eL33QJrl#XLa5dAh+!WM}nS(XzhDdCH z0$D|_$e9Jh0khbeDsWTNi5lzWe*a(VI5=MUuu!d+wEwRcEo@R~0NfevU%nh*@l50d z8S>ObXn^uz7-AKfpy9ZmF-sh%2(68>FgBum2QDXMQ+_xMr!HlGX?T}%2Tf{O{^dyg L-mJVd7Lxx1C>C%; diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/Azure.Core.dll b/Modules/AzBobbyTables/3.1.3/dependencies/Azure.Core.dll deleted file mode 100644 index f7369932f113367cdfcf8d20d250ddb3cea19ea0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 384432 zcmdSC378#4)i>VL-M8;HGs&Ih-pOQ{2{1!(m&q~$Ne~jkCSeN@aV8@BmasJRB?y`6 zA&7`#KtM&=F$f4Ki-2sdxT7Gh2touG6nRzLSHk!Eozva-P7;vkeZT+veE)fpd#X;I zI(6z))v3MufR&e8j%8Uc{=fRFWjz4Mza{ef`akOs+}`(4yLE5&vDpu_?El#86(_B# z_n#j4Ck98K+JEfPr=8}X*?-LO{lS{k`d6LSzvn@R_Mhq>cl=OWTW-6E_42(eYyTF< zn)|+;KNzR>oV87VzGbdueKKWP8O3&d3+{fnp98e4sp7U(ZXzhZ{Pla51^frQJml-B z3rNa;4H$Wq+WOq1DeEA*!S}NX6Zk)qvhLcR0iM;0-(P<-Wv!t1jsEo~qDzbn{BLQB zJ9OspXP*gw&+SpZm{-W%{MT<;M-2t_;8-9J9litx_nUdZnzTpCoUs}1z#iNyW}IZBk|V*(p!yEnu7_EpgAN$97;If91K^% zdEl};aeLe2RmMhrt@wwL-)?av*X&J-o1Fj^L}R&43?!c88dTYeK?SXpJLlTgOtd&8 zQfOkEb3EaEur}*t4hu?E^Cng@Ehj+HoNnF@cWsKJal|vHvQxwlI`^s>^;Eip zIiOdMIL+aRnyYjvDp$z|!yu@?1K71lnX;!W(8!;C?#{@pipf-}-UJb4+c1&Z)Zl2u z4Q91~!4YI&2W7Z>{Ub@6w(F>xUKy6}C9!;c+g$4(g%Cym)fRb_xYj-?Dtr{X*9ZSx zt+2TmkhLWfc|Zil78 zoNNc3DdbBk-8>vmZc!rd6a49?+21-i3{mReb25I)!8M@kd7Vg2 zw9*)%ey=$JP1PsrM#Dt$&jP=yfBI-(11wS>mspZIW zQTS=QMTdrV+aI-CLbh8Gph&~p(1U>*o6KT(3bTfmP3WTuH$11&gD%GhM46mU;D%=q zi}H^l(OUlK!Z;Qw*sP;4*wa0OKo2(2vCx}s7Umdm@L;W-`q3WhmH0j%8QyvTt|1iV zBH<-c83t;tgTWoFBz1(X4Pm<7@(K1BiOdYw@|-TWUIg^dq(l>wLTuMS;wZO#Kh&hy^|(AMFY^8q{E4%fUJj@C+{!!{QXmFh@2 z<~?u$aUnqMg^fMPdGRe^66G?AVV zvW|ZV;KtTMwwf+vRdUDw0K+`L3b1JTtFOL_aC8K~RDgNL@h=6C@_7@>WQjHF2n*v+ zx{bBxDREh)TDp5%S`~l3b^juDPe)(63`hhNw943HY-yge9zDzSC-`G7Ljsh07R$u< z*?L*To_{%hrD$85D@z8#w7@uE)L<>xP1A<~*@M-RqZe@ifqJP3aiII!j~UrwuqQTj zU&z=78H0_`uPt_q27;F7t+YIqod0vwxB3UcVm&do{~7d=VPOs!`pVn{-S8fP-Qk@A z$Cb?Fl_z}(PuD6z&I0~*)g9DOvEn1trQ@gIFCP-&o%)r?nybjpxs78DnUk@PZu?UN;GJ!kY!U;VlBY z!%qktS2BZ|MxOK~JYP?*l7*yhbv31XtMIkM+XOn{?E>BKlLEWLPYE1XGJ{&lbm>dd z)wRPJvE%m%#4uZh_+(Y)~7?i@u~z*%s@5v5D8GC5|25BhU%&73hZd z3G5C(BXC^F3~D2J(x*I8{-`TndC+#;`u#w&CP#2Uz%ufnTH*QtLIIR8t`1Ls*j;!Hyvr|-D_x7n5zoPg$R z(26Sd*uF>(1Nrer1DBjsbDE<|R#jSx=-!z-uQX!NTo8%AqJolVzKnDt910j>IBm1rCvn1TEw(w zJ7s6hG3drH4m!y555&AYkI@xb_{%s+*W6+#%{;Xh+bXj&*&8W-r<*RgW6)|2;A;T> zL7>l;M%uEOOIFQ)DqYq%%FLosQe3PRujh zu9SI_=wocR-8Cp`j@!uvt3kr#Js=wU2Jr6KH}N}Aa|gRBDf0>XHPcSe zM+B6X)9gR(1jE3XZd3@RwhaXId?*v+JW|^R!g@Z`2!^itF(8XTk`mpx78jN<^hLXQ z9;8k!WBV_|F}201wmIlFJ6in9FxIK$#BF|tu$tSI>&n+5cdj+#)ts)1=b23i7^r!J z!LF3@X@mu*(uM5jY{@XkxX?h(Jc}Q}58D1O5Y21^qPA@&IJXgjc%ca{i1`gx(i#7! zARUa;WJyzrx!N|F;C*rA=1^gwk5X;x*rj%|J_C+*?*bw{>WBG%f<+UsW(4SQf z-slW&w4CK#o1AjGtmAm3W$m?}W04inP(VZPCn4Lw|HG$=HD!kzeYojb~k(*89Ctyfg6qzw5P(AgsJfD z;uTw9(D78l!-1gHAvq!G2}w`L2!uihIUJE=HslZ!gBnpX4yv=Z4HO$}x@XxfmbDG* zhS-$g0%}G~zb&T7{1%yKo5&5?1`F6;bw)&atxyuBG{0AxSCL0ltE!{c!U-M*oi>q5 z7Z$uzY*5nZJ>P>H#s8vhT8M?cgi%?V#C$S|84>&e1o=u^+W#XQPSIy>(%S4^YF@2y zt5`^zL;=yA_5eDWJ9BRY+JWl(;m@&2YV>!$a5%+cYqm6>IeciL_a8+ zrk5HQKlI7^-UZmKbCZFPk;?xWsqRmrI%;B)>Zp$DG$%-;h+z6!94stf%>fz@U6MbUlF_hH~g%PVso(iclg21{3C+@Bs|Np{eQvHn9;lb z8EE}Cp^3?OOULfpqP}2$gzB6N(Raw4W|KfCMES$-hNu{T-62XAa9qjEbX4TX$GRBJ zlcqvv{cJB?{tOU+-gG0|Vn5muwjJy6p^$^imt73eu_}lgVJPLpKr-O^Bh8e@Ag`l9 zmu9fzGcbd^RO2GK*d(wWYn%WH!Rpq&V;Hi>@xDMY5sRDjxdH@0`AHWiNt@2KY~*9!<}lNm$~ z-B(T)#5%K;B6_k5P)wcqY)4)>b&yk5m&Kk3r)=}GSk~`Ea5=#4HEaW$RA*~P>!#vy zOpE<2%OqDvk>%D#>wlM8!(Wcqmwsby+t$Kjw9r(Jiki&Pgjhx{A`%)F(P&tLW!a{z zi$RaR1m#j9^B(+!CzGl^jn32Ql-8MAgXY(QDFzM<#A^tS*%q|~tD^%1rWY|#sWuf) zN+j-MK*`J|NOiTl1GTonlnlXAW;zp`fgdxI!NId&Y_^A!b%t#ma=bCwQ1_Yz!SK6A zj;|?Ddn%G>iN)nHcF(r{1d;vHp@R@4y3V4us|P&sQdVbAdK4Fq(S z(^y5!)e?s1v;MQ4zMGCzr57zwT2tC9xC5mTn2>bD9w8TksP?S3P1ucip_wCm(+By> zx(2%5+WsDGFC4EuiF}&L`P^DAF?sM3u{56@iqQ1)3)X?rWRjj?zky&5OY?ez-&33H z=!2dNT!+II?W88`CD&L%*Ic`msaRiUuA`JTPJ>_a`YYtsZMGiiPV6K!HVF!7MLPDq z%9?q9Y$N)u+a8VAfOUm;I@%e=CDsnmgJaNK<0by06kWcVXFLYAv4b|HsC=el4f1=A zWufjA>S)nkZi*!~wiV0&G_m;wb=$(UOpGk%RKdHM_kM&_=V68=mX^B+RP4-M_5rQe zjHc!HX+;*`z>S6I7rkEe%vPh*HZ1rpIv_;$~8~O8CO-5mrcel@k6tA?(?bBMouo zOr$#_8yEXlsE|Lea-dV&&hzKNiOfky+*Cal0_|^y996bgnlsPBSn0J0p)@Xou*Y6> z-YeLpX~&jHQ>X1LLIngvl#^HM4XTt)8s-MNnj0pPB*mS%*Q7w}CdKUhYf=n?LVGv3 zatm*Q+B~1g+TPPI#*_=kyn+uPI<~<@3T%J}6lBA|w8-B(1-&Y(sf+_Qu$RmQpKnD+ zjInWU?aY|V<3NFnawi+RZ4#S^?evK4jMrz&j(B$r{?Mqnj%>XLj%)B=1{v_vc03F{ zR%ko?i)f~#b;|~t6jW7PRYQP~cVTu8%_EBnJ(0XrOYe z6R;)5n`ZdZJ@e9tvucFkQHRCAyoVVx;;#m$)wbi+aFu&jd!Ev%r9AWE%`vu2( z-j-eTY4LDqj`g~m2s_;cY!S{HjDZA6*qK^zr64i*Y3cL|-l7kR7sFtoA?!>qSTD%c z5t6VovtXSd&w)Ih*+RA!I%`6@bA{ZZFCu6GW?tAqK9*U>JZG31Vx4A@>*Q2c1LTYxaesV zSH4kPc@$SZUZ#`cvi)^PuaNUmvboN-N}s6SHEd_@`twlZ&2GR)G_JpxMA#o;6n{yx zXZL2$(q_*d^!z8rdy)u;8bub@7w_kBkZLdB8zKR*HxZi)=A$w-qlodu^f?c z0tLU->A~00m~i~CJsLJh4DFPQxyo{^4j%%#e7bM${8YMc;k=G?-_i4P>Atmc0>Gdz6=**#@4?aeIob5O9!)98}v;7so&cDTxa;_~v;?dBu5^zD&bI`qgbeOu&~ZZL97rxv+6qK$cSXdb(zrx%)aR5z!rs5!38 zcEy1eI%vWp!iRXWb^ETELL7*K3~;uqGo9TqC&yfp>mL^=evDqS7Qe1JaPet~echT} z&`VV3IyVt=sca=uvE|pi4I))Lfg2SZf8~rVP6f(=KSeWwna#;(?*!&-F2H*gyiWl} zOhmq40s1ofE>>`f0$6+^VYmq{Q*gNg^oT@$NWq5{T%q723O=d;T`4IsUMIL(!8Ho5 zRdAhx>lNIf;A09lD7aC<#}%N@CbOFr+@jzU3T{;xi!DSNkhW}J|8UAF9a3rYvaEwS z|Lyo0%#=o2GikL6KXCS`**11>I2>WEW)=uV9=7Ka(wK)daL&dtAAzWn9oVSD!HX?O zGQ<6TN6to*)~*(ms>9Mu+c=_KzXFkQxLxRB*{K6<0E;-Icr(XWB89f8{wQ6iW*4!I z&){m-xrs1W0ScqA>&S4vGV~8+2ILU0qIsg8E}r6*bwL*l@mEJ_BJd`Fxv+jCHZH`p)1T}Irg#9ff!*wTaRiMubseUP}vhTI1QSlpa5@BOK>+3 zcK~rGCO8_a;C$k)OmMVZ!QI3?mf&c{f|rPMig6mWX~9f*gT)Ds1}-?3xC;{;tzB>@ zabHbvG=0Id#Qi?O(GCVq3Ah3LsIF)fgZ+p*Il<9F1|J~q_5??B8GMttml7OpXE3D) zxHI6r-9^6OV zcM=?peDD%+sp)YVwD`fc@CG|4xQB^5h`3b=?z6;QNZhpvjvYgAKXKnraO@?5KM|Ln z5vL(t25h2h?FO4OpEl79VcXrUwqobw2$&#q3v7;4omIN{CopNavseEacD^=X7cHNz z9~l#1d-Ka+U)C|^Lhu?UudzpftZt_;SIk#Bz4TQMx|r>eM%B)g)1{Go+QU($U)f`1 z;P^Fe`XfGN+8gjq4L%s}lV5xYi*8F#3y*;{-SQDm4U zj^2r{(Lc*xCvd3#D6(p9#}7u@<~G1Cb7zy!QJ>}!mRbIE0OnLjF;=?=#P!{ff$$q( z48*-anEUW!V{@o=(D6S_iYM_CeqAZfxZENs?9_Zf)CHr1`<1u`Z~ND&FYNysA*;*kDvFXXHTdUvb6 zZfU6K_6&6deW)|;`nRACbk&c8Y-?>pftwEZQCLMzI^2gO9*vWT9p(`2#*Orb=$oZO z)dJAM=$-gBBlS)^rr>b`Y(mXr)t!lPCj|Z$aX2UPMdl2*(dc*Nw{aUyaPe(4_Wh_& z){e-Vvt}{7>Z#66gs9Hu5oV`XCm%Q~(~cu}jNR)W&)QSOO{-;!;gODFxv3{-OuZXN z7kl!hF(nRR?F*614+Z-Hh^XtBv*6Uk%Nz#RCtk^^)-hN?YbVx!ocmx!v<>S|a35&R z39KLAf;W$~;1l7g<+*?LUd)s-l_|iT1RO-EuL9%{Uuc|CB@H*j{AU{+fAxQd<4?d* z+pc3RhwM8;_KDR<%bqUR18eO8ZlIkW`KsxX2v?psc@oLAW|E?k@B|FArgwf02k!#) zQvWd<#&@8==#<5_2*KaWi`~)i38EW_k?^}jIMl@{NU%0F2{Wg{FN!%0j_`Y+ld;$e zu#$9|;#_ql|6W{d{N^}va{WKE7P9(FR1@#$nK#b=w;D&!sxE+77iC6~bj+D>@C2(ZzBP#t7N!0Ro{>NU#ZD_P!-`226KH4xITm-V!|kY! zm%<++0UVe85kWr>K8H`yDKlKBdNM5I3zYR&_<{S!bU&r;XXuvt?D#)}yM7krFhAG8 zUnGcMD&jc+^SrvBrknK^95>SaQ~Y2O@J=uo2xg)x`e%!C*M{@thVzz&^9v2bLzDIY$vZ4BZ9!e(UtU zX>xo}?h4hz*b?zU?BzPZ?Z8);86q+2(N z;WNxV;$0OqxoD3#rJ014?OfqI(1tErYEjSQvk3R?8rtXW-88DBez#-JJ=K--c zGls~~#VA2Z9cEa$tTa4>yN%ry3J&pq&M*!M#R0@GVuUz=_+^X`2M{mB2yp=Ms~8~; zAbuSq#DQL6h?o7PZX63;_E49#ma@ZR{~VgJd--w#nO~>go9}AvqS~g_H^@5b70psY_^u*6!fvR6VCOl&^Hy zWA6n;uF_+Vy-yr?HQ*vRoSxAevGj$_UX*BujnfwI2iDD;cNmbV?0M(0F{$m^4m{D` zaTeRGCkwAQCyVArielMClfM{PiBJ-qR=1#^KPA;nhGjuq0l5URQp$$$T%JSSBAu8J z3yHY6^Z`UMm*NNXo`v})@BE`YsDylaF9!@#_@BmqDs}-xw3wK=3 zHCAafWaJVoR!n9PL{)_(w#Vt*dK5&s9D(Hf+C< zZdFmZo>95Kg%PXzK0x_Zq!OhTA(q3o``8DOE>3hgn~JOt{)d>)g_{Y8 z6>1N!i>OeU*Ar6KvSZ5mSL1;N_94?zI(xAEq*x?LG}GoJH>abPUW?APT2UYNOzJ~) zxTI9s4|PatjuvQ13Op(89=j>|COQyAJ}H`>DAw4AAwq3u+hCbIH_QJBenX;c35XPw z$GVQtr+Y>tE+1!^p}CUwl2xjTxo;LOF|u@wuxnL+rs#h(;oD|sBo(30mV7MAzrhr* z<25Q*a$a^y!*nx0QKf_ta8)we!d*}vdqIC{JEm5m_A+)ABIGLDXf2O?=&>U!qV+{+ zq(8H*4d4Si6t&Bm-5r~$d9#{y4SU{P)KzX4NL?zCEGg+N$WZ0A%FQL?sBJ}+FptZD z175aKg*T7wW_w1;azQXX|H(5p z9Fk!JwZXyQmmHH-X5(jP{HV}6*!?R8LOLQTd*xm((dGcIQE;t->j-8!=6ZoT5aOW3 zzk!IoZT7k5V{qI424b-N|3~ynzQo1_iV&~rkxc*I`36UEYHzUUg?Xkbh??3QcznOBKV2?49e+xXk z^2rbkX0V(Du_WXZB#S+_HhXSs_N?XT@sKFa?Fdm`t4F2JxejH>K8kPT6lIR#tp6>x z#e;(>{&65*i;EeIHjF`56PLNmn>^0wD(u6HjB{tAF*7sXNGN$yv^N?u2e>M#*rIrq zg(J7dUN7iJZY_%<#E=2)$t?{}wN)l(L~-r#GoO)P16i6>l;eMr`q&7I|0&7-KY^@m zk0k>->@g`6DTShc2MC;MKFZoJsJd9gSV@y}7|QZ4`gV&Fa8v%>^zWVc+g&bL$aqfg zu8NM`l-UopBr42#i`9`b=#bGYnks_hdIpQY?AcyZl^iCCEJ*#nC@tF>L3v`l#XB;e z0W$ojyt813n*=)HzXZDBzXhhkR|Mih*sJ2`4*wx=T;rJmnZJmStIE0ZA7kNd*psL% zRSuOOT`%kNC96cHsF35j3)$FzVJv9vt1>=F8GkQH+TqIro$wElD8ExtG}sKPDD;_! zqx_~UEVc5oOaWC>)7|Y(V1f%#dmS+v!Ife}G?1fNOd$3Cs-EnSDz0iS&Krtzhk;^q zv!ok2V?MN8qMSYoGMS{pYcWyt#$#Lr}pLKkV4!dd$od}d#`I^E{O z@dY=!V^FXTJW|h5vizC112k`+XZhQXzGdPFbV6648>R%}9+$vzB{N3zMxXg&R1b76 zb|CZCRBo5?mAfy2Bx*(&Tr^oEj9^&~USDpwt=%mhl5+QHclSB+kTOthn_3QGIk?id z9|XP*cDBUC^sFAuSBl)|5-%R_%2(3r&Zl$ww2*%}>R8cR#{I3D;%1Y#d4@u~D*fc8*qjpQop6HCUSG)=*q}>hv*Fj%7 z)vK-Ra!Su<0R{fiBVk542m86mON|8g;jHF2WkCH9gk0e@(5{;6x%|WO) ztu}_bW;tA#n+b+}-7<}$8zKZ_Z2ep#`5l|gc2(M2T{-xwmg=1{5v zoOmDYBY=k>Z*Fy_Efp;ICU`hvzx?k*6f*+q%JeAk`&$XLZG+b_Q20F~W+fc4mz%3? z_828hd)LXfs`{|E`fJQ1gNUMF)CZ~jI+1R*rehd8~a@a0Qj zjp-PghG7yNTge+}TS&{1lsJH}V}v+3w379FgT;O-gYEGaRj+0DO%1c;+|OlzFh^%8 z#7t(Zn&xuWQ;FVFx~e*BWX_D>SHPyUqj)9JTeMT@rs{K$a_Et(Q>-6CPnsTkOmJiL z)K3I@0594BtginMs_{=DVFqE;2&I%N3UMIc+Gk?dll{Su zkVM!iHqj2d1Ug~2!0xa^;J5~x9n@CRXMT)m+PAR(U7@_5BCl47V~1@5ov>YCcbFGA zuE7QcfTc|Fap!~QPUE5PNyx91k8Q1t%O@EJH}uX@XsZ3Ga0>E?;%_Ig#|V55YVj1n zYP^W02o62NsieTOwg6OV7a=Q-IDqJm5#qqA1O{yhyK=6`NF7n+0wHwjSZ|AD-D2!} z>9&oruf#)#IID#t3K<$do&-Y#vcoI6^2;RVq%kb&WE%gyL2GaQ8RU5FRsrOt+)H8| zH}Z&E=M8n?72iatks&N#iGrJvI^ZU+Gr{Yvw40g-XZ1*wBj!bMbKV*ShJrIEqqJ!& zPlOG_+J-2|POv8dJ8#=y#&%r3j!B6W-8Bs+99fI%hm|~x>5oxoGMP1JBY{|G7P&tP zguf?#P=QVd<2v^2U_Ld+^C*su2trCbB}0^PI2PWB++`r@M$pe2&_2DkJY` zSe7>DAPUA}37<<=bwUNKq`2b1DO+bsSrk%5U^wVTEtT+;P8~G3?>K*Nu;LXBANzv1 zh7!;w7d$;sfM;DxW;F<4u$XC%|5!p0401h(2wM@0Hh^P$)Y)WgKP_svy-~ZJA7{!-H^KSaGR%|d(g#Z+9 z1OcOMsR+5EvIMT@fln<HsncAshwe^krntwB6HG!h1C4V z0g7|;NDx7(W#0U|iNL^OL#5YtE^||t4P_LLVv%QLYD)?~4sK+ZMyI;PxzC8*C_+*( zHsXLGDa8nJ0MQd8#1WsZ*8Zv(w=Y>F;EoYSzIejUT!@^*gbEsVRJ@>NIb*zOjcPgn z3~CLxkz%vM0fA1qoj^An6qpLP71$ll7C5ftrmDqDpZNvYlurw04`4g!B`l=}JHlm~ zUji-bDdoL`n*;-cnqXeq41>esMb}&mxlIkc8}k&{eAdYqDC<0t!4C0G4&EnpLOgE- z=!S0+*d4;;z(1~J28+$Cg7leRQ^q9!Z*Ss>vkCInAzsW8o(l!K;Ua;la2J8y;Z6d_ zmE6ox-t;x`=G^0O9RMF3yF~Dy5Tt8%tw;wx`<@Y*caDd zaR33MtW{nddt>G0IC2do#&!^7$xKRdWX^P%m7oANeaGe>kd!E9?xk<&B$J7-V~X zoy513n6$$Yt-Rea`F##~lcRpjYet7s@wg@BRd#@Q5mWq_kz+xqSpN;wzmB;O!>}zK zd)s4#{`DaB7m;pD%xa~9340lvRsetC-j%2nmv|UG)^Njn6_ajwucj9ZTSDw#Gdb|u zNr5ag7VmZxuXkcV!JvZe6&M9OC@3qaD5w$~;{+$7CPruH{FjjNP#8kL96x*=kbia) znVeaeHe9iTHHaE*ReR~<9$LSZ>+W3INnDcwpiy-f%p@3i5%-#SfUB_vd~0v z>Sf^t%)feBhyk;%UKVCRjj5M~8c+%9W#I8|9_PUBQd2@2P?W18eT#?MHK=c~UJ_BCBM-w3mamIM#}<+ZiiLz624!?()q*KB z$?G)U_E$-LSj)#i$InX6ZVnHIVTdF)^m`!Gs5^J8`Yk?yC}{U^FN zs{7A$KO^pN9+SSx9wY4HF%~?ahV^(RQ~xV`LZHD|+;QBJ`4u9TuS->@y83Ql#^o-4 z4y*cj910Fsev9VUq+=bi8+Jx(sOEF_76qmplM;Egm;_-3BGJMpOO^tlt6VZ znmIOkyl_uS)7Xq(Lq2=>}5eYSX-6`^`{Zuo#$fhlN=Q4!Y$^qj7^6!oo#K zngbr^w@Ohs4vN?yQ~usAQ>s_IFTW{3+92T z$lfkyK>AkL7|W=N^$$X15*ymNS}}MWN>W_VYoJuji*h(#g?iIs^&_q$x@U>t12P6X zOni7G?bWdZj$L7SL|w+(mx1;e(gw50hDL0<@jz6a?)I#3{C^_m#J*r-`cb#42TUx3 z8zaFtZ%!SNvVtpV)-A1&m^dyKj7%o4Ik+f3En<(N<1NdE6~>wfyAI^Vv$jL!Jr?re z(9|`s?Cu#P!}C#6){(Xsejdc$<|5UwbhCM$W(KD~5I*Uaq}HT9TXV}CY8JfUQIMD2 z^m!!5mut3`i#CnM??g;uY?zHsH)R)GgU5iqdI>+;_OtcfSIFOP zFsT$4{vKI_sgf?MGqZVcbtIBGDWMu}T1lBT3StNc+$ev_p4bmrVb1gcuyFQSHJkvvp;3rc-#uuqlB_9akNTSa<@hDY#TfZy`V;E05B80{fZC2|!v<@2B!_8*PZul5E7}~d1Xj#xA>HURCDo1{k1Yt z`s5zBp*)zI%I3Lv91(H4Ub+3EVr6kgCpoS|Qf8mt`Sb3-+;wj#+=n~O9Uougls7zZi>_gfUfk^6x* z4wm5C6-cPK$t{E4A+9~a@dH#CJ}hmfvoWGr*-V5(KsboQv?MP*as3i;2mH;fbomOb z9oc%?9kT*FL(E*^MP(tRmSk;-dP(s;BkKg}1?N<-W#qZiK2@h`Z8^q}2AC>o2Pf^N zFNtTc9fj$mbOC&tlnu`gC z^vJj8&>$D0TI2IJPH+pcT_~Dpg$IfcZC%#j!h^^hPrfVO6+c=ymf}4b*WmF) zIHhY1$q0oxnKq^9%cD5IM9LbcZ;m{E;^-T?w0fNTky{+@V+|n}3BrXQibg0hVYQ8& z1^tq)EJy?>_m9$*ym^fhX=u`B!JzM27HP!zLf;9uhjr{ zd_kcavtmz$%;*|r@5FL?nWr}+b=r5w$52IHF~`8B|5F%k&h7B}KMFWBL;XWtl`gLz zlU-{F6qw9fqdhyK(G-PGKlos03wGo#SdCiIS%Y{bwHfZ3ixCNx*vI5d_S2@IG~+1Jw%K=VCTHJqZ_jzXLn&{%n2I=aLv`N1=Cd%m zB8hq&?Qx=|SgV+>c@YbqXp&eo_iEE@^P46wjzVneUW48&UH0^R)KthK58vt-%CS1Z zNBS|@KZyCj0!C}In1EQTC7u78#29x=-wMW=vNuyWqk|}bcWrub0Lsbh$BCzNn{G07 zAZ%?~zLG@y=I{+op6!7Allem61DXZyq`*H!^A#KK@GUN$cS5}1PLc=lu8rbBF0bB& zcw6T2cTI8PJUZ5S;CU)}21nI60#se%Lx&R$Z?%MxhUo^^YFk?GJIaM540m~RE{as0 zk4?&mDszh52~{dS^H^l$Le`W3O%HxF2v3{JwM`tV!pbsBm~V48)|xlNV9A&mEGXlg zs;nSK-apZcH6`)-f2MEm=#J$*sELLb(Y0^66#3e!!Oo0l zuuUT-jq=FayEtIuD2yP)0R$xxggAhpOo9*x5EMud;sD~v7$FWFzb!)kPLq1X7H0S5 zF3z;zNY4=(d}&&u;t6*|!t)6HHVbTm zW9<&!zVOCwlZW>X3?bjR!Nc2l@4$-QJMhYK)+UWJIlqD;{vI1GvmE5K7~n&G+X9{r zevyz^Yh{W!;AW;n6m%P8U*8`;EMM2!1N3Kr-YNEczJV{=a5;v@5=)oFlZ zur4Z`u4r>>UN&=7TP2mvoNy!#4hcGYy|&eU@C(TAwW4Q^EUw0&2dX}Xss=okkOxWX z+jF!vlE{V*M*iZpk(<%P3<{&-Rx7ToEy<8K62m=YD!|47jAaS0& z55VuoPd*)-0g~t|t_AfqHtzCXU&R=t)SAJl!z*TFWRY`gY0<(|J9z>1TyWvZJbxQd z^X<~}1u@O_w-rRMd|E}{J~f9UV{J}t?u_{5)AwoYG$V421#hQM1^wp?rD_Nna~y1Bw^KNQyKD=4m{Oi<8vD@ zG`SvK=EI|JMpxlVZ42IqXm~`DD_cA?(6_@7Ua{^o!yr0bi7JN!arp3IxOkv!N~3d@ z*zjqjR3X)O_z<4&>@$d(>f2$shu?2O`_2vWK~Hh;(n4isgJm{xCbV*|Ax>cNDs)Nd zz8xYq@%kX&%7(aBzAgUFhz=_*$7!FFq-ur7X+=AppesB^g=J*jr>2RqeaBK%r+LGpGQqCx`FL*w&KQPZtk$*kdG?>v^Tt zjor_oi zV3f(T4fOGD2u2w^gZ&xEdv>BH*m}I2CVF!B#}*05hIR|S1bz3$pY>ffM@)bQ${8v) zXT?r)_g9RWkC@S2T~$u3s^aR9Tv4}%3C7-p-K32W|M%pPy)IScb#tNBlZ6Xh-^6RU6G*Q*45x?pNq05p()&Uom5x@nUnqE)$oZ3w zbkowJ+)s9Szd`42o4T)p3hihuvES^8yvhn;f{9lbWql@EO;n1>ONzJ|qU$v6$kYV# z2=hhWm=_QPAA&L@16Yfcl}pd;wbjJ(8k~}K&DL~gj+gGn(VcRpI7em3$cm=fJBcl) z^D$4IB>6THzs+Wc+*tU`7U$1!aSlk=PL)R3NtP;eW6^d)$+Fuo&M$x*>)UpmTBX%h zq9!%zn!R}oXz=I(2GO#u)0Awf{HSft!LvS2a254{GtLz}&4&STyrXtH`ag^VeS%bY z27ALupIjF@mvzQ5AvyTijQ0Eu7-7-ek4cO%M!<6D7}@wsFl)kjdqL{A=o@$$7@993 zHtz5>i-br#brnd;9Irowbl0&QHNg)eivJU)YLAh~e+yEJC2#ZyFEC_kkSs7WyY|Fv|WreJo_p)h!86xB=+eF{$!^hX|1>>}c zTggi*X<16c>&c=3%H#Rmw~zCaT}@jxc({>;jjxoLSch_>F$Qc#iszp>x5wCpA)I%e584`zjEFya zBEegO0qb=68lGNnDM#V@tc@p1*H?cuJbGC{=VoZ+TS=ojE8&`R)8*j*55)Y(NZ}eV<49KEAyIU!K%k-K)-k2>Q2j8Z58Rp1B^-+{jA9cwE;y|MlWI>py{N!R7Hb9vz`ao_Na( z!&wo-bQ4?XNWbIs?*A5Fcm1tNg6L)Gkpx>M!M@f>DP|_8>sogrKNtMpO*ggvwnQM@ zOs7W#YU^;Zor&(#TnlX$aHaJ+K-m0LT3sphq3ZGq>8!diDJuYvFEHK!;=ZXPS`^Z^ zV@=h1&;OF_?e6;9lU(7WLi9+k@F5Jz6t)#5Td62p5IV{hgpaa?PjN=s%4ntv8O>JL z2s*q*MMJ(gcKH(^jzqq89evHZ_L_C#HOuC8^4FeP|H&ll_^um0n)N8-_*$D}9rHOU zQDivEIx-w(JyXa=S6U>U^B}?KlJ}_9eEuc zwWrtLk*E)YW_nb8k@E0OKv7>NQXiBSsSiqv)R!ydBlYD`t6Z&uAVhtV+6YQ0PMjcx zArU8O8Io63_eXZ+NA|>7=rH>4K4<6aM*83R=t~!jtZ)>i9#=doQVp`v6&Ou8Lc4OL zug!c6c1q%}6#TAteEJdK3yPof(hs&@S-uDten{rb6folUwW=f4*P#w9!8?55%_WcQl4cnlK!8Uz;K%ML|pz1m=29Q!j^3De2|R&5(lI zl{$->?$&TxuqnKf!=bYg^qLr)DJ|ROy{LN^q0Tv&Sd3w4#hvEh#U7E3X1g_A+G!RLB9$U~c4`AcnD-L6W)!7WUx^>SPvfHO#~6=; zSNa|OCWnpVR(#J&^?{W^>;1GLW8_%ncjR$mHrfUsrdL)Fp?~j8l|Yc{ z9?oPWolfAphjWp~tspW#Wtc&W&W@UQkbAn=sShT(o%v!Xz5#%S-Fj7L8|-IW^LaCH z&Q#h9t%%=RXf5QiWAej-n;peRkH8C`JIY{J4ve#!qsqPoJQ3E6SU?XxB*6S)+8-?f ztM2p+3QSIERF7j04r4JnIy?-XBW+pD!{T3V!V$kJ`FJe(( z^LAg1JUNoRSp8#{MDS8VUT_r$$JCvuB@W9h;ESS|qHtG_Cs4STCpgDE4Av4$*fF~B z!*i?kBak8eDEBhGCGP0t=mAFATR(|CP_qZi^2KSKD0Orqp)(otS&|)Sk9`1g;j-GE z$dZ2)Sn57f1+uM|`Xu2H?r4P7IwN}Jl#>WvG_44LpJ2ah&_8DjRPArgVH0U;9ex_cxr=P_7k;rDX6Mt%h=!A8F z-Qnp1$2HjO1GZQjr_bPoJLjWC$Nvrr&cGnDkYnChElqgiz>e^Kr$8q>TVQvHr9t4w zHJELRyy;Wk!V4){A86t=CUNX=T%Z$%0^M*zV0XAy;JA{RWy+Jjgl9_5Ll;=@u?ehu z^PW6og)@$iCs|pIoXIp-gWRSd=5YjaVV^z8<9U*<9llGT6P_>74c{X$6=F35c|~Dh zwF8dsaGk($jmM1>W}ZG3lfiT4J!v7oLTyw-diJcAzUKfn*Hlw*FH z_)sS4##jjQ0nb}{9i#{!`wJ_ROB0(%vUPX`!uO>iwUjxXl zf}w;ACS*9Fgdb)H%V-7;0AIUQ>Z(6QQ72NPId${S5qu0e-Ng2X)us(z2+Z$q=E9@EXIZuSue)ZgH>E`jFIH@obKiY95)gR2b~PlO8D(oSE7(UX_>r&nAuRS+eYgw@NoHqLT>cFai*30oMjIaA!|< z*(4p>z7K2JUyC*pj)91_Z(Ja3ioou0Lg2Utn*$?T0;IVS(Nt#EBN$NH0pW!M8NzFw zKqov;pc}qRV0U=Fz;Pur2Pseb5}vMn+h{ZUXrl zNHRjw5t5Ej=x%OmS^8B$yhSk!WA*4MpHj)`s(+Xn=uq7_T)oNa-gIc<6H+8VNFYshI4($ceD8of6{PHjd`kC6S%$QcoGZZmRbgj~{uT*pjF zhNA41MkQnGs2P-%4yc#ea<;OTfqj|6BEd;i*)N>91!VYA7jf8K>@u&yJg()=F3GBC zJkDuhBv)Qq{|Nm4NAa_cQJ`RsIs2g_X-{%KfnQ9Sf|sSDp1*z>c!i%J^^jfSL8De- zg+>;+b!Za>wlxLP-8}AL`@2%x$dwQwyb3?GD_0A2!fOP&;k5!&;dKJL!|Mf(D>=WB z!uCg>`51n5d^r=mm#|(=77Kem*zd}D21^Ce7+dWCb{5%IMUESVza4&DpcCFC&<$@E zmgJUFYy(c!~Ug<;a@Iir2c%MKw{EWa< zh)Io(k?t2qcX*G$agArt04WfCYDD63*fmXQd|sm1;g$O5{?;iHVLbDD=WDh-o~m3^F=SA_~qQiPa(&3ki+&r1wPSx+`Qh1b8dK8 zVI>?Wfi7^h{X0QX?Ukdu>ha87K(#&#Wm$t8ExF*B#{+nG1FJJ+r8Cb#nwm-bNDXu8 z;24ZcBs>UWmlDR2KFySt;u*rZaU9zxF6-YDvu;H7vRCo+Yi=+)yG26(Ui{2|B${~R zkddC*DqE%9EeHK{3)g~rAvSF!zC=0&j|O>HnQr8BgMLU9%LOkqH4D0TQ zN{68=B?c2RoKV6!mA{jS-if;u+^yi#3hq&GuY&ss5LIIEE+6Nv{0rU-QR~x@-*sdY zT$*^vF1Rl7l5KED;wAgwfyB#Xf=3dsBq#O}4a>TLI+I=R6fXnG_TSXVl5e*}4hiFn zIW6WijP%hrONHA570#R*{XeK~SZxl(X`8o4 z+8<-u4I&H}Wk0;&$%kKYb5XvnjozSGevkb`Ys}1UY4l0w#UHU{x4_|PX4@~-lK4DNW0(P=#0XsS%%3LL17%C<|(HuCMJeYUBQ z>Swk&8!$SUfy#)38Q(_r;mLyvRxsZI5I!IUk6B**Jfs;u$PzDueaXCuJn;6ATNJ11 z$8?i@nPbgHUT#EQcu0fsBMsgFY0XjSjcsIoN5%%-8>QbVp+^NpJgmon|EBIQbJWI{ z@jX39(*z#YBt+vBo3v|L41iImi0#o6y1a^nN5IC;n<_KgRHl04T>5x;$$Tv6f z#KR@F5n=T6>JJidPlB0Lbqwx5(zRYmlW={|s!Ve0%O`nv^<>`r1&U<24HbZCdK3UtCv0=vV1 z3mn&AbF}J~KGp3dw%G$b2h5)G`)~Yeh9(}O1P?Ri9|hhpYWrv5mRHHEUj1{#%kMzZ z|2#Yc<{(7%zW}Fg_J=dBXEn%q8|2)aM@t#GybOeRYhw-iVqRKIr#=6R_ik~R>y$JTd27kVSbDUp?1J40}10dtWbYr;VS5c2^ zzi3`5v!gS{BUXQO#uPKU&!L?R;RTL`WcVne+U8sM#ag@nZ9vDBjXM7^;+6(yqa1@@ zurlF94xZbpFG93+_C)^WfH|UH=iU1X(b-UG-~`*ap{&zONt;ALYU?GI6BKaylN6e^L7F zNUC)(SlSSP3BHC{y1W;hlo0b>C1sDX>?0z1_+^4p_$8)^Wgq6pe;1@e-((I2#H+UW z<)bt5{#chejDaHCbjXG6X6R-GaQMJa8e0*sf{>rU$-?rXe)s;}bC{#1{IMrdk1Ib~8islJ8mOF|qu|LoGXHp_q!cmco zdeb%ZyO35qFUY!T?{fm3FfXt>%m^IUU~{b6BKjgbKOOD)Gm!i4{}1F|BXVp0zK4u7 z<$EM=z7I^={{en+3rd5`k%)n#w3}L5>^SBr3ky@k7LY1{H~8b{j8Z&H04Y zhOCHwIB)v2>gNhn>~M~9m{Ul57NZv#}Ns3`8w8ij2v;zcv8*b>q~gFB#%0TFVnJ0Jp}|#9${zU zX}HW!@S`EESkKRxqp0glb_5r-q>V_V(KZf@7(LsFj{`|3Ky2Z_2(D9VijK8a#@Cp1 zy>85&rkD7jSWOFdyZLGsSStgDXPtMiy_&{*n@W4-(+4;A4pdNj;ry%|BGr zAF96q(sis2v_>?kj-iz`$Fa(w&ZXpSWVBCwfAkdK22%bR1paCGJ@auecl=+0$AIt0 z2v-nY<|H7{_52#4-q?%s`y2UvNq+wezjY4KAQ#^|IR$!PI;r5DJEEGN2w9>e@mY#D zmS*aWr0I?QmMQPdl$k&Dd6F)MeQ#J|%DZb6&uNm^c_S>E1pp87!hW80Kl0A;GG_MZ z>iH`=4z8p&PJ%WfB=sCT7$ZBZSrPtJ;N@$|@l#e~s2C$noc!M*-!Xz*6v4+fb78TO zsxZQ28mGAZUjWEdCoP{E6=&l_Kx=c-jNw0xpEhrd+|12P;$<*zlEJJ(Mo>dfMi|zL z&1yg;_x}LOPUKwTu8-rU{b#@u-v4Q;K8wUT$t`w$`@@a@dw zMA(UJpq+4>L`SYv{|SOS@ew=ov^WZQU|HqFd&^B)V!yJ(*%5F6+(}F=(rvAm4 zwkMHRDzH=~tlD^;nPO+wsV;10f>md)I>VgJiJR7UA(wny0VH+GZ-IAaN}WiZlH#Cd zL>eGK#&%7*>ufKy`==wIHl@%mW^AByikOZl62o}xCd`=`+$kzW1fW;L*Q6bjw zsD~HuQ-2%F|GS6@JH@+ur=iV0fVS#1$&3{auln}QG16z`DxCAM&&a2x&#;H5rKP{9 zf(0|BKFJ3trT2JDZFi&hNNl&Uc0N*VH^*SxK$Zs~3)TfoSQW%s%z#l{GZy|MEwy_P% zGI$A@?d$5AcoYF${$G*N96odZH$Z&G591{`_yP|Wr})dqfO5iw@16K^tHw3&M1t^5 zFx_|IOXpx!o6-nAi+C(Jm~lEFOS~5HFl0h`-bS81C}!IBX#$Yw1%|-!w*a$ z^kA2+&fNf%tjcUgax%_?$rW8)vKgwsAFS62<3Vmc{fsX>AjQiOU*|SIMOvRjT0vna z)Zi0Pyyk|$|V8h5PDMsV^(!?T|M3ZmggB-+Ij2nnBMAwv$%&xTtp>kA^!MvVKb zd_pRC7UECW3tm}!rW~@IYIWth@_ox&aUhth*txcB_t1WJF)L36@XG>b6R@40T(p-f z@h>8&sa63`W6IkCh=3EA9*(yZyeJyZMPs`}FOb=N?+`M4;Q()G#wp}@S~Hg|xN}l= zXR5L+NicNAoIDuTCxCt&7fd0oy+-kox@RDG07|jN*hO2GBe_WI3n^ z$fYHZXckhLdJ8a}8BCoEIOUCX=bUc?gD1CmR9^fJ{Dll3(#riG*3JY@j;h-KHB~*m zP0vhvdZuTxk+38d(=&l2ER(RvE(8z(SptF!3KG^SS$)ieqE36r={DbG(L8Dk;ZB}SQNk=%+k>rZg| zG>10_cG;~lzkZ)QQ}7QEfSqUphFuzV!-d_GWyt)}=*h~r%J3-TTm_4-w`NAl?)~72 zoprCMj$Y@k)ZLyXcF2^sZCg>9V;`;V-vsV=yGv{uIb#&XwhIPZ`Vl;-92)t*BS^fssc@zOO3u!4fn z?m8A;wgwYDKvSC_#7gx0HiG+Bv222992+S5t(s&qR?8x=`)h)dp}!Ph#Xx{;{ta;S zrtQA~L`9?>&(mC~3soOk4d05(t%Yox6(;FNhb@fdv0JbBTuKjXOkTf5_S2sRt%D3^ zTI&pUx7HdQYK1B->ojb&&`k1&^`>j4zwgQ`z{5@h0Yw zsc)M@quMj+!Y&0ao^XDCRFdCB`z$LnZ3`zCV!PL*pe zqa50Y#wX8A!3XeX9!4?gY3)In-YFi9X@|*1J>(n*oSPyW-bMK7CEW6v(1`tcRwnJw z-B58Fu|F$+DSwK8_+cpBN0aDv9ik#R;Fb6HRx*c3n~3{(ZzXep&V7lu@ z3JNW|N_#54;K~Dwi^bNFmd}3cD1$-k(FQZEV+?k;SUI7bP%Mu&$50D<2*jj|7h=k* z!ssh`OUBpRb>0`Hv*sU=J}RM#u~@5^u)X?J`(&QdQ`pB(k*D}-C{@^Erh1lhIR!-h z1aR%lG0+|s?ZzT-Erm`|!gSis+&Ih2oL=34V>)}E=JCsfUA03#e#lE%#nqZdR`x|d zrO%kIaK|vUhVqHgo~;; zXDdSd3~F2MSaBw2r%9!AQ+@cOKzHj;0Np=$Ck1bewFMSt@4z`K$LHmEP3(t3PwON< z*E;D-0ov=ft}XhKD|=?spG1Dhrf2oZ+M<&UW?GvJcDGJ3$XhH1CtdI`az##Gt}S{_ z{lde&E4R~1WZe0t?SI2LQf&mbV(i+Zuc4POlXf_aGK$#^Z{s@~jqss$5!=1rlZ_Vh zJ+hulht%ZQO#s}UUVjIccKB(UrSYrg@yUg(>d}fVAuea{S;3hR`K9nyupqVdv%Gq^ z7|zjMJdcl~n;Dad5I61C4d_0&HDosT!EN`O%B`^>6FyoB2W*oKzo2~49X;p9{ynCV zXc_)sUr~PxJT;c{wL?m)f0R$_r5pPQC++D8MrA$ch$znyJCf|tBI~$V=TiuEN5kRQ zl$Kkimov_7*VdeYj=z%1?+Yv+{nir<2CWMXW?B~;>~39TaHzG};G_#4Ug`2%U+q5G zl_duE>ff<*imfv(j^AQA$jTC{J-|%s9E07hvkVTk9%pdU1rM)swDslQO0qWpiSSK% zDcc)OE4^d7JbMMKSlhqb+I7l=uB$E5d`lD7IMv&VpgY!zG3`h-FzWu zMv#TH_rfuY9&Rpsk$2ch-Uvy0U-rW;bQtem9NRAw)W1j8bno0mcH0YT^~ni}%plR- z7DmFIx?iLI!pG&teDv+hrieKk?m=*VmdmHHxFS#*?GG; zoEr4M0e#-v#3yx!k3-lI{Mna3Ie80Sb%i@8pmo~u-P2(iu8y>`DY>@Jr&}A@H=*Uu z`tOFPAX-VL%_5cXG`zAyN3z|u8`<`qOD4|Cv~0fJVfoF4=>*Y!5K7-m6}RD%E71}6 zW1Y*0swFM^p`7ihn$JE8L&YooNg2Jp=*J9z)woR={b~?@6Hf45z>gKoLEty}r z%<6^TVp`ei4|Bs-f0#H0a=Vzpq1L4aCtdKc?&^=e+I2JIeGl5-hIU|g@#wObm17ts zn-?F}i&G=v&BN>wp`iVWMp&1h*Lya!@5r>nZ5UZUr7GA}%Mly0vk@yY9KVeAM`h#r ze6Dc-j-Gt93ea0{&xx$e*{8epxRPtE#&1}Wt1;2{sLIfTk%!WTBP70$tesY>0kzIQm@xP<88QxFBp$q$}8ZhtgyK(-?hw)#l zYy8~zifh(phKsdc_fo7I_1~QxyVy+t-1u`Uq&7&di0}1lN6!~x%(vda6hUtxo-p{n zS6_v&nqe-6qxz}wldrOS(%w$yIcW|5{ZTqOSJ!oW+J3iq0qcD1=L~G#_AQeCu68L; z+P7rCAJ5aOBJgb24^YGot1Q+w9*k^dlRfUwJl@OJp2U&Pw(j=+ZapBJZDB_zJ>G9R znIh*b`{ujQP3qK@R#!L^XOJ^-1~V=80$828%HU9o1q;3>UGR{dP%^3Y)vi-+JWIW5 z_jlVZPSCo>V5Y^G6dFUVmcdEq9X{L9(wFPsj^+uQF;r~>Qp{j>M`gl4NTQ92OIHdP zM?cQ}<&BXBVHNbPjYR8Ob)ii=@`pOMp5JNc4Xj0%*iZUZQd1JxK7Yo)r zDf7P0aeDW_$J{+tp4&^saqO~}uva4eQ+s#8&yyXXb0qd;PeBA53 z;G?*=SuekXeVLj4Nygi8#=x;*1KD@5$s{xSc6w-yR3qL;MET~_N|UYr1h!U^2_KdM zpF%!#+bUo`=GA(F4~IiCWLaHdZo#c3`tz+N+PFcs%e~0xM~4tKI+UMcZ9_IX3fns^6T$0Do9owKgqBEEGwE%*4Knz|CssN7a>2>`C8`JPhFPGuW~HDeovc9in!f^ zuQ|jQ!TWvUy{~&@O|GwdjEjA=@3EiU>&xhxAKn(#_3qleY?gNRNv%aHVNC_$l^s9K zkWJf}|IFAR!|ksx)|YQY(MJ-|X6CrI_lYi^3$Iy>5-+3%ecj!SKQdNrF(+$XGvxK6JaPMX`H)9+dQm&Ta7F%hhv*5;@EPxnQUyRI};sc0vMiS{TAh{ z8ML~?KP!P-6J%!fAXg&%1)MQp(l{B9hLna09p=KnDe6qrKZN20c_$Qi@dp-g?o`(^#%=Ml5jIOUd=4dbG>sp0sB}7mjG7c|&Gs#-h02!ECE=iI z(vt0EeeL7#FnDhLaI&cWBIVQNG-qKY9yiK9eIESmk}h52l4(_lN~P6k^oZR%8Wk=W`KG88~j;q)M8-lfj!mDXstfXTRb}r?N_YNN6 zt$U`cXS8}sn)WlN_mlN*FZryv<93_-ThUsM_0pIicjh_5$3ZvC*Wk}jvWQX9g3j-q){S}IZl$VFprT# ze0A~akLTSlzM_*sGVh~HuI;Ro^ZSwc{TEG%{A?$%#iQBsSQ#sG_G?od@l-_=P5J%A z`JEQ~oi0C~RCui5K(N|(KhN^Vhjr(7ajaXHaTn` zlRa&IZ(;mmoNV**W$2GzIq^~`WrMd;IG0ws?Xu@wRHxVk(OFQAo`rKKR-Avk3sKvW zk1jOtv*mrByvc;6iTA06XwtkNFYm|C_8#Nn=j+V>9QkjTKRRkhFL6nyUG`hfao8e{AHt0=Qe8yA3O{xG}{xDzgy&itVMFHr>nE{)-`7%q?DJ~3P&sCI&B zYwwqm*EaRbvgK{Z`w4QUcgdqEAaF@@nZsUiVCkyn03>Po46;=R=>7 zoO>(8567WKrNhL;q1(xeW0!Fkeu9<5VbAo#gA%M94ts@(Qo3#H*Smx2i66o1Do`|F9BDC>Oi19taiCJR${P*xLjx@!yFaI30+Bf9J~7TtKEv5}E4z9^qZNEWV)HCA#x(*uLB!?^2GxMzXPk=SGyT@z)Z^ zO#HPp=Nxv0^=SQxkWTKt-W}-~6rnHi(u5es3~paX5e<*P2Rmk2YhM*u*7+|15!7Eo zLg6H8W1xbCS!=DtTh+B8V<=L7E~zdeU9*BWLVI zfgpOSd`=3&6*Bm*!%z)R6q)_7-cFT6jt@An+h#}K$-Y6J6mB`r*^@7$JTCRg8;@HBo#uKug`$Cf6D}0~W{$AJRc@y8_hfCcykzl^icqV|ce|U=fJXfEM z%cKAn)eIXwU0;3dHSCKp+KQEaE_v&BS#Qy!EnxAq@yoqarE=d`j?WrOxQ{#K3XQ9b z=oO0F!v)c^6}c=?!U2-estI9^g(`nNw2@plxT z!J=P(BS|p@b`|_>U>wY2o8dmBS;{Y2Q^+q{bNa-`4OtDjsHmu83VD17*hV+=dt}!4 z;u+tK^$1t2wFbB?Z)UvNbY{jI=vp!>{LFM34XL$j>5M>zY^aMaa$WN~kgxGkBrD6&R@Br6)780og0lDYt6g4;=f_aj zSE=m_|D=`*zD~>|25pkJiT}6p-_5_u!$$s(uD+eYF)33e#dtDupzRyE%)Dew&R2OcP z_0422pJG$xLtK_>ODQ`qupG&9U7xkZZ&O%J`r>8%$9-_h?Zch^gMp&U;}skubm?nv z(PgChKqt*&c4S>9yLfH70QYlJDqVZ}d7(G`O`5TRI7J z@4&2o73Ymlro0Ajh{K+@jd$4RJE2m^m-8DhqbHyEHb2%gQZ63{LoR9SI3tD|oDbBv z2hTGB6Q5CNb)5@@F4!;#&$ASod|Drz zPVfV0)C`2ZNRUe@CE?Xdu!jVDqHRi02B-k@IL6&qqvq1JD!JLgRqoxup z)y^rGqDh=7rT>3WIYdoIw~;9&ST4?JHjauTq z&xK)UzsyjumgbL0vzIh`=cHL%R)3HVBCwrSf!k?yHVugD#e?W+Q0d8S_%xh3%GRIE z=EiyDY%~~cZ>ugBX{=(1oDJ$K{R91OaJ3|fq9K=|uOZruxEfZ>KxiBg6Vq^T9%60u zEMk$$d=NcF1X#^0Ru-diTl@GD~o;!Jrbtrul%>feWCx9PbTiZVE?s29OjtJ z#%&pMt9{=}X{L)P2OF+~La_D!NRBz~+XaiY=LK6eNE1S^rxpcU_vbA;Ap}dcOM|Tp zMGPU>Tf4};>}eA^n*(=?MlrBkH0UKC7i?uNX{nmV@zaB?45F55FYre6=uLb@GDMe1 zXtqHgf{wI=sB9ng^U)52h3Hy?v{v+IcyLDOPzz~oHA^s-4|%S8&AWUk`1F)(31V5G zkB;`^M|18*`+2kygPc7+S3+Cv#m&>tiJxkod@B~C z^*8lW0c^b{zAtA^?~BIRla3_f%R~Fyg*|9 z8f$?Qlz$<Akd~4H65W4L8RGJf;3*@pxzWSI_m|mbL!00Kd9trC3JS_5MxB|Xjwpg!f&XC zkZm_Nh>pwm)5sIDu-srtgM~bqWhYST^Nr{6%^gtIo#djI62lhlve7H>uqRo1rv`cd zEf=?lyaeZ5g;7^$s@}@O+`0y9&ECdioLgm$q`kkY9O#MKlSnNW?zGf96DsWF$+jtW z-j-YB_3h*69A|cZV<&v=u;B>1Ei;Xs$QNg-O*5RUX;HHx)7VbVTcG1QS>8G-R#*a$ zc8W_%ip?wB%2}#oz$ejy`rXnz_O=T0^Oez$j>#A#qwC63*-^^q1|Q03Luy)C8LbaD zi>{1TMF2LH42$2xH@=&eXBAgFYL?=*SQeX#=*VK9xB4Tk<7V*oWATRNFWz1#-j0oV zGf2uZDyxxZ;L}A+L{cT(M*O$(XzU3yi2qK+89Rvhi$$E}XDe_9kx|q4W?o6~>-mu2 zhSUtX1lLCpX@XzL-xv$7WTb!-V|Y>wA0wzS$N*(X?I#)Bnd`RU!UYt61!tC9p_%12 zB7|4FdpuC{*}gTYY{yd*>gJrseQShibwH~*cC*t}KU7QX&~h1?>1Lz178ZX+-zrEelAp`PNXIwCIB@Fl2fbalTMxIpU?SNq-9jK{#!$v30vAK$mmSs6x+ zV$a6Ej;=Xvr~GJr^@0Ih>S|ThU${8beKiF(AI{j*`@3Z6$+23ezOFOF%?4Me9bWr# z`lvn1(QD6-$2!%w=ogd8Z7nw%{XwAR*$kP+{KcaqdOxmpvdgtoT&`^rU~S?wgWauD zfhrOTC8%J63MZKOE4<5_M`1ht!}9tKsH?ZIfh7a4;7p!U!Azdw#On=5k?69?%)-_! za=zTKD5PuS4d#5hoK$h*vy|2~eobL3o0Gc6n}w~b1)p2kx>&GLFcWP&Dr_bBuJJ1h zW`B)eR@lmHRM+?=1vAjbpI9)b;oscl+bs$G#C50=%s zmX>NyUR+`-9cK5~##6Vpnb&UbH{r2(&C>d<7EE6|vEsT?!IDr*2=%)?h8iK%(Z{I3&Pxk* zs!l!{_@L#}ZKUXjVy`FX^wFO)eW=iCeq(eu;j|YwBfKjY{)jfTihnbZk7~zg@e0+#M!K1H(k!NeZ!lfeQt{LAjF2NRi`uaV)b~U zscSr2zX?4vGiG^9!7YwX*Ix&!v+$xcZ8=9lcyKh8DZC8qhqr>>`3b81ZEoF$I`w$f zr7eDwy{X)7;x~?G*}kO@hoW)wn`iTB9k*??A8LFGGOqq5x(@31>_4ng+)R50YwLX$Y3UXzu*P+hX@wb4>*>{Hrd=wo^3<-vL}uO{?p3O zdk7q@g-I^h3&Ia7Y9J#+CQZ&v8tldQf~JwmhKt$snYJ_3PC2`EmB%sKBA;#Bcv|!) z&q7wc=*A_ObLg5Pve8YberjpQcwu9R#dM9=Oh?j-*0qiX zvNO)@ou{(A0+HPA`TnkK_(}=*Dt`QIHSuKfr^tOkZv}L=#>et=H^;%reL#WTYuyEH zd#6-3VK&5MX2)OS6Q(nbwW=gvuzc3)o4S2QQMz~81))B=`vZ+mxI7M%A{N!awS!yu zbp+J1*4diGyEJ8^!m7k4C(OV2a9dXskOWrBdR&vtoKyf0>)J5tKFc@D^Y$`Zs=8 zallo`0v9KVabrWvsP?#9F-5e}oge59!eh{!Q>nd1RrH-oc{5omy^s|*wTvU{`#GHR zNlFWMb?mx@te_E8X5p^}HO|g=;|%){%+adyf|Zm+pnn5c<9MxzaB0WX`7VP379!pR z$K$0=0#irE)Z=&OiU}dVsr;TvXAxV`O##%gH$&(?4pzIi;OXA4&Xh~#$JH?wR#+=w zwc02D)T_RQ2#wqLQJbCdj%b%Lmq$aEQwxgruEWPdk~~?e zP)2!{bgwhd#tMaaVyzn6XCP#sm1@Pp*rM9fAa~yI=m34qTcyEZe^Rr*^Vp9clQIH? ziZk1VL`S~eZ;RonHZS}FX^->ztV--%n#;5O2H}@LH>|H?`*r;<)IZXCH7!jdAA>Ki zuov=eo+F=|Ni5h*Voz;;`6@x~@lHN1$c+Zo$EV~H0elm=EJRzb#j#vpPRpejbLFz~ z!syXsjk8@|7Rsj!=E&iuHw(85E+ofbkUPi8L79{sTh2)dqL_Fmf>@9we^@=V{P}8H z4nrm2>*RQwmACy=*v?IfA|ixHM6poqJYmt( zWchkp7R6XV77ce;A>E@a=OW9Sp$Sk+NZrwJiamvM3RSK!R;rb9)EKwaJ2+Z@!f}*o zEB5v0;B?j<&8zOuv+m2*gsqIItg}MBM}AaB#EANdc!Il}vEiN;l`?K%F#^if9HjsI-?cQi`KD%;cyLE7pR#_EJ2tT)s!1=GH$ABh|hLE|lNYzq4F^zuoe?dR8j0 z6%pSguPsD7uOA!Nzi*}US}_*LYX+en>)U&hV}m-rIoZ7>7Dce9wz{xY1LyHaxpFYR zVs_JcaAEAQ+EGF7T7^eEms_(tPw@#8 zri<^Ubs;(n=;D>+H#-sbq>Hhqkr^}lPfC<2LU5k)-N#er>OZfQzboVaVP$-JNSIVP z*Jm6m$zKcEmZ=)c^!>CJ zbC9o!L%wd`ZN6IIwhmUu_5I$o4n$`G9jM(J*|QGD=C)g_=`f@K!Flr4>>}E&vt6FP z%ks2(b}By=5#J;)Eks)mCef^X-j|j`F?J)zl1C(mrtc(&;BMrI+uwIPInwQ~BBt73 z3(=N?Q(z{?R9X(j*o_>^9+4cHc9a}~yOAT#4^I2b{z>PDBBt`gLbT;z6m4>_S*c^6 zD#mW)U=*;&_F`_iV)STo2<}FX*dBealOt`9Dq_kWwGeGNu8Zr(kJEA}#sYG@nEJsi z!ye_BYmaK0SNS2hkQ^O*^nFf_8TP1RrtDD*lGvjwx?y2Qq6;Q)|=vrexPRJ+7^cz~VLTyJ(z(`W0(tnr!h1@6o9d-r&e! zbQs^ObuW)gw`1G~whB>ALb&vgC;k1DzJ^erMbNQ+j=qGy!sWPS?5A;35GoyJQ$;VA zF;d+3Wr@WB=S@<>kW`W;^8#u9W>0B~*50J4A;Vs#`P)6EDO!7zrcC?2O!N19N>j9E zrCFaRJKM>r9BICAo_u^@4{7Z=nZb54mUlD-L3+S>bq9L$l29q;jw>l?q~Wz0rCsfU$V>CM?5=ZB2>? z7t>WGZM*t(Zow^)Y7vB4;ab>FXuDTIYe4jG*m@tp8k@P~!{x`Aj&}6ogLp2mFKNgt zuTIw7+}@47kxSQs&$o22pqw0Qkcf_Rzp3dl*=$-rR9|}lGR(h^%g@D&ov965wvnqh zz5Z!;4=%$@WTmYT-{YjcTVv~zwa~z$%zCu(3#8NU<+RDjU3`@642xI`D2D7cWFuj~ z8S-~A1$%k;VYC_kr}WLL$5+WF7IQwrXQeyM5~q6cig_xobbN@X^Dc7kWEt(_Dj%P6 zR;sOd4X;^QA2@-z#m*wwoV^U`@FRqO>K?+g$~UI~u2TW*sehQL@geaW>aRReTOR%g zmUgnQVJT-SWPH2br8as0^Yl9SJd5C3nbsn>7J1`^j!a}L;aga7m+kA8I$RkD!X*l4 zZLZck=npB&;xy=IZNV+A926I}Qr^vfmhx_+Np4Y4W672aFqVr5p|r%Z$d3tRTn#(4 zKQOKK7KYbk3nSc$G@`9_#9HcDHTN>P>vtf%Q$>G30F?)=|8;w;GkWx4WnQef0VE`K zs!2OGbw;OHJAuS?M5h!m8>>4&he0x)Bp`T zzVsotJ+*Uyr!COokcp@-oKC83W}hgnXWD(A48|B9mK0jTi4^z?kctzat3T)^rjO%y+L*rH`&{&8aF?eGnqo7 z3bw)$VEntNf|Fb)t1V2JpgP(bl3OQS?5$~^@A16@ea}0Pv{{)ou@{vWxoPy?@}hXx z)P-avSXr1{^1R4RVo#jzu(AOSD@SSK(GDvs&9HLxPO#%!6l6z@^+7?7N@jxbg3uaP z8Cnjm8erN|XjwppmZOrL$U3wJM2425lAB=tOrd4F7+Q`>e&W{-t)Yye<){=U?sI4@ zx*1xIN^#=r4lQHE&~j9ICO+-ZTH&a0pkw35+&Ar_3noXUcj8?Rt?t%h%Tei@c%wth z+Ay>nmHr9U+VY|eF9%F$#x=v@GevqdlXKhbGx-=6Vn}ha{r4HR*T)W?H=+3)<@pA; z1)pLW{g=ZO+~)iY8{}=beui^1A9G$Mw@p985s||!Mb6Q#agP4zFmptgsI1u5vA9Ic z-a7`zm4gf3cgc;>cH86j;dIfNsUfW7M=Avl+I^g4%Z2GKoS(q?M7sjhHFwso*=l{V zI6UA-8>oprdAIUEl&|!Zd)&%@kFET(>%TXD<8M%+t@(3;xY%2*WC{bBY`8C#(3!TZ z^ZyG3D%mPW9DMMr2^YO%7_G8ckEIlNUrE5TKI19Ie3d_u-0OW(=Cy>>7*7OWy5 zWWwXnkw42je3YnkyGCzz646F!6}taJ0vlI7{P4r1qRAF*>PRON9srfVwOGpIz-~IQ zwO#J7qDR-&Pel&m8>acI_GLD8#ODDWO4Zo+vt!Hqy8YR{CcW*m7`3vQ(Vd?j zyMGYw$XNEj1B(;yR=#@SgM6rIl>#=r4xApy%-hzG{%o}`=Th#^RQtM9OoXfu)W)BY zLZIWHQak=G%RNV{>Jz$-YbrR$UwCWlUuJhi(m1ea*Pqd$$L$n6=%%Ww3ev zsni}pRtmK2tfJ&x6pmfU+ph{^TaC{#&_BlNa7ZX40p&frjw7&mS?jUQY z@6V2%NB{W?wL`jC;T$x`eG2=tE9dcY=7Vy+`B|iJy?uW24wX%llpq%pWc+SOa<{@! zT)XM|(70Cg2c11~u1{a$o%E!nPru$f_(RUE`CH8$ar%jScx>mF_92pr%A<;&%3}}b zbh|9iqz>Dcy0$Rj6+&&;(#dS){rG+H{z^J@kE3j9dNwB5TcV#s$}~}?z)q#9XA|1f zWMO7nml_B+lT9s-!fLRgvBrUEvjuWe@piYbvU7ez?Zmy%!3k?nS-rN zGmC^PTO;$8t$l)e?j!VkhB?ZijL4bh%A9;c+MiuEj?j}}*5v1Ld?HV#x- zb?)dK++)W((%9f*d_u3gRjCuiEoC#7Zdd5b8U!<4QK1jX8#@bfBf z(VfbV+R8d-V%QSV4!iRX1`lqLo0V8y4gfvr@3X-5(x2_O-~jZXJ0G~=4S2XCg1xnK zogf-Rn+ONTDyd|abM8Omnw@THZzit2v$ayc4R-RWnf@=pCYv*qQHAhMX_ta&ef(}n zvb(RN==vWZ8KlDS1scpEjwZCG#qMYO8Mb6`{hU09~o!;&q+TfeHnFQ zC&s2a8@FOctv=DV`~^v7sm*e+@|N^|UdQNmgM3cQQqM|&evjLx>CU|9Lk58(}%et z!PYfDmn81k%v&}V87pSOLtrw|nbnH9nWecKp2hMo50ecxrFehM#N+5LGI4p_c%FUO zAb|jay%P@Sh6ov3e8uWN*8;i`LdI5>vH2a+1_-?wH$KS5NRtPojSg}#(gp`0ZETQ_ zkv22{X(NL|jI@CPNE;UvW26lWK-#FFCq~+!0HloxN-PGk}WXf z=nb_(fuk?f6h4mrQ1j|I7KK_!7-cTZ#VLoH{2q<_fntz#-|#D2_jDkG>ZCtgL{N?p z3;^gcpfgRm7gk>H}<@=bSwE`0X2ese3Ih@4*~Uzna4W@SFv}@A+_p(qMm&wfen*pRLsxH}XoLlgHK($xcZ(?Vr@De;LA@rK2vHFY2%h!9YlRNyqZsJ(o=gyy0IVkPo#P3Ibf@kPu+M{@!y?4DWLU3gu!# zV9CEipcHBw6CCuEO9_E{C|P^0gT7Gv*&)zd?n?-~?q4CWDEzS_&|hAZ5RgT**BlIl z+KCPa~RIj`&rl3M7!CNN@$9Uw4V z9*GGgqZAuP6z465OC0@yC84%?j`frmmzRWJq2)3T^orq9Yl$k$Y6UFpvuHCb%gW2t zUM6GB4UeGx3p#C~X7kikGFBI8H<)~Dh{EOHI{leagGTi>c)1{s(vw@fnOhst75^*w z7k6v;U&nv#kT|NEfH+w>tug4W?SoJoX=!_FgTuYGMf{ie*D*(l+N-rYwezPzX=A(3 zfnyyk8LK*auwkFwSt=k+cC6AaSEiCcf&1*vF-=RLDz|={65{^lY?5pDFT-m4_Y3^S zc7|7yM)L#Xz$4l`glcn&Q_FkqQkP&on%}ez=5a*Mxqi*!x|2%Gz4dv^uOn&Ol* zDa2^~>JiY|1YbnNXjn>AVyVM&kz*lLG=b12_?=Y=7AN?gfo4e*Mr_VP2mFCf% zG=G?+sZMXfG-rE0f;2HP6FGM!X{t|MFwNPXk08xsI%)nWNmE_+f@#k7d<1D8+ez~) zNt&_*7EE)t=Oak-xK5fsNz#m!b{2UX~3c|=AX`RE#Y^v9Arx(nth^%hygOYmkFxmijL21hs5ACO0| z^OM*Tsq>(L-Dxg8-=#5#F<;2JKaBC9v z-#|G$AI0!8V!TXYGwI>E;831QwDafQiY(RniI#r%$7%Oqn)|E<6D)6K45z10opUVzMQh_}t z)_MkVvT*ZEiHq3!6tr({M7iqIl!~4DX}lU@yq3~Xh;_cHAbbjRMsM@O=O~R})p%)j z{RfA#nWsUS+t#X!cH{e`+`3A!&|$_~f?OVQWq2@A0m6ImXClNNO4Riaqs}fppI~ec zX}_QKWdzh+u3tA8w7z06)B38x?iLSD;?D&L-!R8e>q`bFUA&NEh&3M3(3g8iOY<%3 zN#n87vE60H8#q6KZ+Br?$bOb0o2HD#dttFBy~`|@+{uyk_I;GwS9Wv|hwcu4Kyde% z*5%RK{aHRh_(5#N1-PItr}mxx?bMIx=i$U7Qut)>HNCKmr*v4 zFFWN~$s0R7_2EL=;?*8$xUjqi^JJvmVPy|~G;X;R$l3vG6?Y>gY+aCzehOPR>G^YB z2s92etE)U%^mE)iffxN^77j_mHzE_Yr6(6&K?=j`6*;^Wq{wjP%QL`^4vrp29#*@< zt$c-V!dGS4y*qlQE2F=HcI#VK`Nco>K$58A01}9y-@GUM8eYr%q zUhPyBu62IBNhXGGmY_?v-$;p|OIcB&%>J*K(R)~Dzzb_dWq(O^OZZ!`tab+WCSnl1 zn$49(-RroSM#6S1b_ec}M*3CvSZom8MxdQYO6m;muXbv`TeQ=GDOVoL{4UB#btN6LzF-6FP*`qtsBo|)eaKviQnrJey?-MwT6cJ(TnJyBzha0Tw&CwpYxtf5 zUQR<6+a52MU#9g6fu;gRe1{h`)-&NWNz^|f86L*9m2Jd& z1FYI0Ua{Em%|_g_RLt&p6>)gpF9_cPJJsz*f;X&HrULJyq{ni0dAmZTo`?>8LPP;S zy|pEUD1)Ptu|RBD?Uo<0imT&`>ZhhSE}o6Askcz{Irxt|y1onSb0*-_;ZpriuXY4H$WsA!>iapsC4{bg%D>W*;)StfZ(3F0&kKkk7ySP%!^M_UyjiR3$ z)Fr*=ka_v2p8(bHHjDxGi}_7D_F`BDr`=-%z!s&h=nu9A1*)wffJeG(Mzb5}DZL2> zU(DMpP*~;1wvR`{xS}H=)f!2{udW@++l0ce1<$t9a(8PnpZ9QJxhxmI+P|m1z;$Y(i}X*o}Xme)!?3Ql;RR3#KYw zCw59%skm&|4fmBpZ+`5DgVcxHsTW)OgX*MSB=xr`_3ucQraUV}e^PLI=y2+0C-q`@ zfTA{)JG|*s7#rq%!D?0C@t|DT7Onyxt+pV_xz(|n{HYU@EHy5thqx4H>D0lMlD}fw zm61thj(Z!=DJ6WA$V`U(ve11XU}|EoLRZ640<%(}sKf5#SQZ&5lHN!7$LRF9Z_hn) zk6V8){X367h-rAB?Khf>%@@OS~4EfJl+MC#@o~o`^~olda`4i2OBiP*_=*SVW}@I({H{5FSW?_EPFLv z4;8CXhu~0)aVT*7NUK>Q<`-K3E--mJzcer5+tK*c*?v>lUVlY%0LXelEUVvqH;4w)CiuMvrxP|akcoxWJ4f>fD{2V)UV+JX@+)EA5eq9U!V08> zRg{#lSxIGNEIvC>I>L6)iLi;R*T1|it5TgID&1Ta1Gwg9?uWqc zW#)<^^0L(ddEd{kzVijor6%CV8L_>|+0 zupM+F>^$XIsm_p9<=Exxd+h_Fg_zZsDlLrJ+q>5ltW^nxe#_MbE^o!fW|yv?fJlM!VEO&#tG> zeL=gPDpsnV2HwZo^3nTCJ_MG0XCU8)ar({w{2(8ak|a$^VUbcG zC8eUwE2Ytz6p8GoxY~^(zcw67t2}q!%bp{8|MXr)@cHn*69G*4*C>Kz7I5}HuhOA2+iKDEC=cFjRiF5DR5#=qi(!>Tn}E-CYQv6B}cC0{L0@gm6u zxO4=@Y=#VSeDj-5?q?+e837G3jOQ9j@Q6k%isMh7#;19bo8oeGi8IhRQ?AdQ=b{ni z^u2Uewwh#)WTsX2SC_Xh=|2fQyBA^O+XBLS7%|UYVQ~EVu-Z4|#+kYk`R~MkGV!@! z{!j3^Tr<|(iR{&bQ`rydZd)457B=?G}w#J@_BrE2RTRO)oW?5T(}Dc zE1AJcH(tl4ye=Xo@iDUgY+TplvccE$<;e1eqI-bWH25ytg~;*9rbdHxkSb&o=sgR6~)n4l#aEgyaFZQlCtx%rqSjf)z(al{dTk(4GB|_Gb1ly$=K9w)^58=~rXb0J)z}T7*IX~aJ zOkncq{0?xAk`Bh&OJPg?q`>shio}{x6o_mA*sJS3^a|awR*jYsVdL}_csrA(gU*G| z0Gs3ww>f(^zqZ|8D)AtErUKBYg*v$vw0@*|g6tamJR0~k(}A!|5Y-OM=H7ZKQkU{g z6vP74-!!ZE6UxB)VkY0b6CAhc={?FE&m^q-W=5Bt@)W`o9q}JShF16|O5?hjSXR$| ziTWDPf*luNqu*3Oo;r#gi%mu6^Gba_)=z&nt`crZ{rG)&KVeDzOlkw*K=;+-!08Sw zUv7R^tT6Bu_w_Uv;aUf7bl@@<;f)Sl?ZC$zc&iKY0S7+gz*ii&R-~oBGtr;^!rvfS z{nTa5g#I3V?f3<9gnyWc`=xLe?wRdyziQ*|*^tEjH8{0rzY!$c-bRx`w%O;J`k&yy zu5B1yqJAX1?f(x*n#-d}>6J<_)4ByPdMWc&`o2~*fx)Se*ItX;tt+2^>?hJM*1vcf zlYSP`+G7`xdEQl5DezAHjAvF4)_SI^a@%aXUG~!FGe!GqN)`QVx8D5mF17ObJEW&7 z{sDm9QqMJMf-}{%x#7|-8E?62>u(@(%|F}kU*wr<3fy$L-+X{rQJn%)jT-#g%el{% zLp63Qj`5>y{H#Q{ilOyK!O7qAJHXsF24HRKX?{~!deKS2=^=LBxe>G?LFT!T>CF{d z;w$EE+HYHPM%gH0=RA*~uHJUg`S5D6oqF5nz2_6{dMi$XaGMJty}Y=~^DZ;J{0T4g z@)tl)b_3hwn7!hZ7c4m8kLFrOul}Nal^w#{JZ$~-d?z6^_PP&+hr9GMNQO3O28-Kr zO=+~cc1@z|eOwHOcW!hndBYDAVV*2Vf-21UNqR2IX6LurZ~hgo(wU>#LdzT(*{RHt zq?*C}o8aXC@jJjldF^yxuCn9ENPZtlUv7HtB5Cv-0BAp|xo{IY z^;doo=^Ouz5?fh(yzGY0DhH~q9AALE0|h|sbib)E(Kf1y-^}3LvUX|xL91E%aw{Cn zUKbmm)L(jEn9dtf?0oYOR*hA1LJcayoD}c_r z&X{*ronhaz_8Fz?jAY_r8zW)%8K>{PEtZ!(c##FY0P^xV+2JF|LFHOM7=LmRztcmQ zj()D0?V>3RnYu>d@}<4$14NH86~74Trs5aNA;r7|N33F{A{CbfCrkWF#f+9~yY5nQ zO?gPgg407|iHa2uN-u>{?*yASxm+uie!*T!IcRBpiXPJW%q}<_NfxUvgU9YxUrAed2WQ%7SaFt*jNQ+lRP2s zt+BeI&+xH0bKyn&Ql6g*W%n_gtw*d(t-9<+nG9FBOyl9ZFq*VHo*TXc#GR`6#!oTQ%DRJ#tYP9?+PoA z19(v$2LV0q77mv5yea-^4QO2R6hgl_BwfD%j;qnjpki~MH_M?q{&E~~xf3<@b5+5~ z3cu>-n4hWb`o5Jrd8n%soF3Z2NX!Wq_RnS` zHe6;~$|V;f`gb%mUK%J&51me4mkYH;vB$gcF#T0BjpvI%A-cxsSRO~$%FT-T^+5G# z%*0GP1zJ9GeD!s3<{C=VtD*DZ>%q<_eY+U|S5Q6X)g;e>=dgQM63@d*l zc#)$^0C9WxMk{v}BpS^=Pv>wH$U)|CQ zfgFH)3SIk=R<>5jqbcvI0~*$eP|7&fKt{HyreAE_@MtrYlrqyV2MSE?$FHVeKBkOd z29J!82l*h7vP~5WIvP0i*j;mJz9(1X8(yZoV8zouo^Dp5_}-k`a?r~9f76eqymtPU zX4>6VVjVW3D{OAd`6jF1e1rn3s4Xnu4l8MU7BE*mYB{Fh)G#LBfXkFv*;e}Rn_7vT zLrJle23;}z_WOn#Ih`5)&u*WvP;>-in_ zn}-0x8%_M%VM9{CUF=Yd-vNxJS7fTgp#qa@`BimbnZcIdgrzPBOb;EFNUtam`45Ol zGAjy3#^O^3-ieRv)jH^0_%5*IT_W4nJKC}-*&uwk^VfXFtFl}rWwITH7gw3_ZJX7w zRlM~7le$%9CkPb%j5$bl`k9+~BCZBw;sAy4k`?Cn&FEn~R|sDW+~zmlLt3pPiRL%n zE9X&imNWSVN7=Kh{N@Hxd@AnN(ei1!-;L%zg5U6E_{GJlFi;3ptjv0`a^=QkV%;z2 zTaOl;Je=QwydSb;Q`_}XV_P0F!Ua=>OY!J)Rk*kXlM>_&b0uOf+D?)-K{(J8eV#^q z?2vNLO_vX^A20V*Z=tu5h+`}La*41za64IsJ7P?5Fu{un)k}|MWun&+8Z7sUP;a>x zLVe*71BY?$PwcB=u{7>Lg{@=YiHFSX*EIYGG#ov^&kXGEg#A4~<>DBRl1jnlJ{KZ- zAM(_gO*d5=sp$QnFd>XvYxNrk!FTIeqOt9N^NCs(I*0$|^Pd@)u zIb;a$MvhC!+`W@y;;ZPi+@FjgE9FY{VDW#0_%HWY%M~|v94z;jE5qlP`)!O`uFM=g zlD{VDV0kF|yb3?7;l+jj5Hn57-E;SA<&D*>UMuTc| z^dT}S9)=AM42L!hs}59?Vc3#3qt(_4BJ4^~)ek?V67(yIrr(rDrOMt6U}_j0%>d(F7}9&gzzG#As1_16>s}|DRKj*llUEE{djE7vtP!U06)Du!B}z_;RBC zs}0rCwrKMPcD?``Fg;qxma3DzR7yC+4dvbc5tu@*aug6%{$M;|o`i=nWX+a$VKbh^9T-7~eO zVn&Enm_gUn54vW4(6#B7hul74oz;OdSoRP$?!glKJM~O+DRj3X2gVkZRi$1tOZ5Dye9;6OB%yA#hfUEixKyBg!IU zXKJs5&c#!E?Y{lhZ)o@J;w7H9`!d5rC%^3W>-O)0pxq>79a6FDxu;0on(1SR zgI%jLl0TL>e`A-w&Pe{y&0u<$dEPklK)S&3BU!rGaR8J%aadZB!q6f)e73^PuZ9>=@t z=5sTx-z?s?rg+O34}L2f^VV%J)5^uXQ3v69(gh1Y>v+@GY~IeAk2fL1JBT!cx1;su zyL>)I1wn0z&YqLvt7z%^t&+i@)nhQz>NPmjDj1w}!NSiuzVtPlud~G$SuGeH&cZNT zlkFpjM)kGCm9R}|WcYCy<0xLxx`0>|h6@F{TTc++%;7}_yIU6nwP37Jf(j<6aDoaa zXyHcLV+2_)6>{aI%gzQLkG+8DiU(6RXHjk4%K(1!lVagwdLKoC6MbvI{wd*~1;X$d z`}Qa0>-Mw5wxz?3Sq9OyqD23rc=dWag^Qi{s&Rkys0$K)T0tng8UucpHu$+JU(Gex ztn@fF0PAM91l&A;kN6_-a24)cb2YzXf;C#|8D9 zaz~%zXNr5K4`LGyXJ_2G7VP(PU1W6v7LFMe#Ioc*Pw}xq&F6`0qsu#S#IwYbU$ewt z0Oe1P@}*hgJBhN3B?|g*d1#hcaC+#7WGtt6j8ne^wlr0rlW6p1(d)1hegTT5sZ+32 z#Gd0U`U=i5e|kwOVDwd^xYF$)H|_>a3ywLKPrpWhsio?7=lJHsuj5H3CubD)L4;fQ zXTHqq=Rf(=avhsD)sNbJ#y2v&lwTkJJ8|8@|4Q7e!80=>wFKceL_68gu%>Y)yCim8 z?&^R$ee2rCwW1+Axhq^tLkwW}U)=flTgjEu!+I%7ilX$J#3 z=w!EMvNqeewrv+E)zqHUZaWunwaK;>FJyZz0NF0c4R?+|i=0x4M)B_*rvFE%n3pR(JLwS%55YwBEpQk@~|r`!3s z4KHM!1R(2$%EuON+cusEyB&lRc8?h=atM2kz+{tO3H#+(SYZ)XASJA#q=dD3DkEd@ zXJl*#9SfV}>+@gH&Q~Rxk~QPe%zE1_Uw7bztk(gM^+`d?al~z&=xIgvC4!UJ@~aiuuORKN&r$LHraZJFD>yyGqOzO4 zQ#>f$4W(X`^&&o*Zdh}$KPhMU9q_tp(LTP*M`@R>Y_VST0{P!Xv1`59MOwXDF|WvJ zYm+<9L4((nC}Z2pIh-%V8B3KV6&*v1i>nq04uQHINIMh$L z=io_o@{X19&)@g?$4K-3jjSyL)uvOlyl?Y=5C885Uj^z<_*?lu0NiI&c=@Ss_%b*x zo~n(H`vw)CxZHL&c)t{+vxA(yjIkiQ{`)Adwa9Eczg0FEv<3`jS`~vst$u@(E?D?A z@(&ADU*Ww(*M3+xhdpU^V<#z5H(myyZg4!{CR}6B%{5uLnHaGIHK)d|5==}{!=gqru>+Q5utzeKXVh4vmOBX4A9G=v@W zthV8GojGjr(rz1cUwRMvZy|sEBeM90=oz(N_*Cohq#qV#z3rwS=38ao?F7tdJL(|( zCbQi9-o$V810-;5$9;0C?bs!Uq?^JKw;iGLB)bF%Z&9<+r<_X1d)d- zz2NlF$uk7Whrf}pR(Agv$N0+JIe;nK7SQ2~3 zpm8sgR^hYo(aNv1Kq2{^1EvWY8_sx2cl;sSmI%CQ1|Bo5679R-Y+ zbwr2q`Fk)J0({62_?FrLj(!SDlP{1ul%psRIRJ(j!?fW; zg3>3Lpu!@kKuSZ?X=>fbg}}xU+6hT*#Q6-MEXM+N}pnUbYWeyTw{)ZR*KvYzC`FOEA^A zD^k+9=fXeYSqQ&Fly){7)k#sCkdwHJv8^sYqH_< zeYnQ1;_Mudqp$pie}W4)<*o(EoB7fMBrgY!yLEcS_H(Td3QWG2Uv66uzYEv9ZXyMa z(t@HX5lBt9D;9LL>#25>KWRzzGPyLiD*hPLMgwCc8W(;f#;@R`#tgey4F62@so`E( zD#nJTUkLvqbY&(sWd6>^XHGXc?-QT(hGUyTTnFLbTmY?WvTWyFZ@T#qUhwfT0OjIx zY~ge9W6$Ep!EpSJ-?66O{D^(AUX+QD+TJ~i%|~?uWBBD2W=q3fhR2fk`D9He*bk~@cNhSRmt8(5mZxVA!fJtJ#TNX#F>FVzCQ;NPAtIVoF6=b_GrfrtWVr znG1G*!^Df(Mu;6ujvFb{9QLsFA~ve+pp)K$`H9p%@0Xxm>T`OJmb9O0=hOMmikb5N z4#3R({~Q><`9J(B|37VCpW)Y8fArLQ$bS)5{(oL@@>BdO|1pr0{FjIFUoe&biZ>(w zQ%TDLjPqaE=nH%+|Lx;WK9c-rT4Qeh8**;`OGL|mNu1=r-0l3A*n6A*PV7PpZW6J{ ze@dn0zp%=G!Bqa6%yaVJNSWqlUE& zd;4Wxy%?5M^ykiR%bc^exZY2xL*(-seZxriB5JOFC=BszAZa*^bbZ**oZkWfvc@?8$JZ1DoHWR4~^+`CVYh3ITUX zwoeqxkMpnc@`tvxz9*PzeIH==KGG0-FHrdjTTB`vu>yoFD4@up_4@?TUv(Pqm8`== z-_uH47^21{b~*6)0X*_}&g>9=I0>QbEiTO1q3jheF?$w2PRa|#TZbv;EyO3hZCP_js2Eu`+)Enu`B?wOb<14>Lphg# zi#)U?8&kg3Z)h~wx`#MzCEcr!OzQ^%+_4Bq#^`6DpBKRcV|0e!#nyf{2KQV08w^^Z z!A$D_gWauF28UYv8k}^&b?`}Jb$x}5?rp5j9jVyxFSfe7ixjbIHf5tP>MmCX{@k=g z|28(k+U8e4jUN;a(+T!)+v`{Lxe~|Mjh1X-dFSwKtDls-+6Q zsYH02%%G#neVqa834=r!YZl!zI)2z=|z*)?Wvt7>63O=?U zix&3v1-?=w_n43qfP@}G^(M9Yc9CM=vxJ|Qw9=eIng~+T*wJZTVu4e<&MW$0BCz)C z#i>itV<)GHr38!V&PyznSexw1RNOe%^u{^&p5@)zjlFR$dq8tf7xDjoG~dfd5x4%d zet13*JE47l?qOE${MO+HgVsianbr{oyIT_mS9aUd_RW%%efI6~pF%At>mjL5|st7TD`-#Bh z5Bb&j?S3`jj2DDu{3b9xbY?Pjp(qep3K2H^DM{Dv=|WQ*4?nENe$p@UxnIOmZ;H`nq1Xa2uN-XBjm zzxnevch)L@2cEVsgYl5P>_uLjpKdR8`psVucEeAI&M4919Zc(ux~id>zM8?>mu_2a zr&+#koFp#T!1-%|$)EA74V*thfxB4Cgadidj0>bpAH{;s0nl@a`ORN}3ZJv5BxP(b zoaCpix!GfqwdIM3Ye{bg1J7+EI!DV_z8td09A>mlF@IAx$I6?TN8v+ccX%Xb=!S{~ zF+Jkj*5f*8YLcrOE=Tn?gSHgGt*k7=!Bmk(9jxs()VsPsuKup?2HjFl0N zL3L_D2b~ON)8m>qQHtKf|6)`Sk84%R;ySU71L%}#Kl~iO(QD+K{H>|yEUK&Pmjmxn z#J$n#%>Ux23#R>W2^GNZC}yjCmpky?(~@^?^szymW6D>C%TYah2!!OgztIgE-=|s6 zg!_<@vOBuH&CtF{wA20=04oSF)-{^72hG_3)04HeTOL@|Rs!+pXf>V-Bdc-|>#D_7 z83T@b-hCu8tRkJaXdgr>F3GG^GCdg{je8C4-I>FqnZYxwE>6b!ftStVEs1k{o3m1z zv;JCnIKKKbcUy05X}-5MTz}UYT<4v2ueHCL{>1IQ$P{Lz6?lUS^QX6eIs%7SJH^qX zx!mT*sFKTVPN0!@=k-sc{@g5n?FQ-a^+@D9bMj~8Y%$xwCgK{Jh>f_}@nEo4a?YUf zLnxJU`3OU+SnZwoJ-oOi-2>^^Tg7s>!x}!A;l2Q z7fAC4vq{1eYznIbmK>DjqhsL=F@|=&yqR%ef0Y3`J>T4)2UZv^A`L84Ri zhhmM74|@`GbBiBu#fzGQkV;~1T`4n${WW{r8}Ru0Ajb)fpv0BYvT5dmZ=IVM+Ez2t zgKLn-p5VhUHGT&0GgzL%@9y(ZlsQ^1&$LqcwXh86c{-IYIDf^yHg{OFn z&Cf&|0lX57e|$OT3%a<=1()M8r@Vg&)=@P6K&N6oT>LpRsRR{nZV=7C$3VM0>a ztS|g4oGdSVH|u=Z=vUBV5kcO~>fwbS_XW`uDVDj&k1+jnR0Zb0J5cmKP<%-0KDt2A zA!G06%4msqPw;1`4$3%3ySbNWf&g~ut+W!nJy1|3^itR#;fMFMa37TKX$iM@iGpHb zNbU>&MfUOZ6a#X*VA+Nt7^GwTi9yu4aKJhbmU$tBmt#QTUl=D-qGbAx+=~Pv6s-6G zXff|WEecN1NgAO)5GybX#fc7S$?P2btvNW)#z8d$Lt)_n`#-1QpoYakMIPVm63I0C zlKjJ3e^&DPWv+XuP>Cm^RRe6 z01Q2Exdh{vRYLb~1fu%<11ka74^yG(O1Mo7-#uZR1A kLSvb1+rSgV zSqqHYOon53jOQ6)@jPP?%ZYgJP8x%ED*PV2v99%HIAesc*yaYk$hQEpRN!L0tbzK> zgmM;Q)fP5}+hzM@9f0Uug5;Zl3_<(MeeMpBX|>eDIC!ES`e0%Gpt-jcGe?*CI%9+q z7}GZ1U$WNei$xXizLA`XQufY zz~FRXvG7~7YMy<_;$)E1YnfK-Q#53dE6Z4jMtz7U1@vGT2;^4GHuwa*oT8y^n^iLs z$Z%E-UE&axaIQJ^2Qm5g@$PIKOPA137jZOs9LSQgC)ZX^3ANTIq>t;OwtOBrevqV& zolp&|GD0q^lo5;|)f&+^w$Z5XR9MjW1T=doaC*(5&_>Cxs5yLO-UX%7GD2xE&0*9O zX);WM5spg z;)P#fU*8U%ccTGvDRNAX_p~w%+%$|jZhR) zxN;MlsmHvlu2(HxA6>6v@>R-!8+8unpwXw+MG$1J4+}E)_lD5)Ag>z$4$ep7|GLyf z0+17h0CLuYNjbk|7qJ-y%?L37qSCU7%2?5*CQ0mfls9kabEIxvA+`B_MqkVykquE_ z%UOwNmNO4MMGz+qq6!n%gr_PBi+M+y>*zU^7vG8MjG|aNdmZC3mH}rNMVz|~jcB>U zD64X*qKVkBR1Z}6&q{I7l|VyjKKge(dc;QcgR)?GWUQU2mcf# zxYZ6|k3SYNm&3mZ8n1Hk5{n2Q#PBH=6d%;j6?h)sfBbby9>PNg>bmH^6R1S}yZ{C>K6Az5wbm z-+&VZDhZ{B8WH^^B)Pq9;*#*fojVc7JC|Z~=}5$6Ee%6ZlZQNe+x+OCx`DTtL0UtWf@Mw?{qSJU#tXQngplk#{G^nmpa>H$U17ak-M zS$Y^OfHOQ)Y*%=Q*m%iU>{5+uq8Xru37IIa{O+0lHufeP-4PPSqB~LmXLz*OxC142 zMtHc`r5e}#LDMA^q3c$d>8sm8S4-q`Su;emp7QyN*06ItPUtLHigABVvfD((!P1n+ z3FpOdGH3yVG}inxV=akcEuyoYk!NJ))Zkpjt5D_>ni(FnsYk6p>N^#hQ48AIu}W#W21xt`uzZBa2-Zhf%ted%LWd7 zXB!gN8~RFOeJyl^IA<^=uc9b~an=ZpzL-KuzBH$a%5oq^_*l!w;Z`7XgQQ5&St93~$U`Vo0_q#orAF@VQOY1{f0#>3!EMiH{P z9L6yywB4D_N9be&bF_-^E(QXmE01w@T6Va(aTa!Pkn}&X!`rk}pOx?|cI*wR`)nB` z+QUH?uA~H4AcHDvi3r#{wX&6cWH?`l&-_(hx6=m#;6)0wEl(A0VY zxfUV;JqwGI3#@oq5TEOlY(zi#I`S&l;m0u72vK*1lgs*|AWt3zpZc9zp{hH47Fam`I}UX7TZcbomlN$RBQYdrF=JD?zkMo(>yO#v=ty za2Pc;BDq8WB`Ir%{!e9%TRdmUTs%(spE6f#pb@a~7uO}fwoME2{X$Dc%b|pdHu`fu zl5D!vQY~6#2D>0kK`Egw^fWF@{!0XFM8o^&{Of>rVGV4Yol^~9b4~zD z&LHnWJ$e?uHkLo`!m*xNW1i+E??aL0Sij&sP<{NqwR8Gv=p*+S=yzJ zKt#KA9xRL_YZw^7c7hv^XTUUfAx8LoxKIYhdqdw#W73)7p)O)}6_Xgj1oR`e7n@`b zHr<+H%z$kzkT5|^F}l+#Jr^dY7(cOr_!t7==>>RUmO;z*WD{dymVw%b1Na+($m%1E zhN6k5y1k)e;Ltn_b}MUP{&5NhMyhs^2JH{@tWPAt zTMh8ml3>lHT~!x*B+X|uRVSZ;AR;@S)t0SyyJycIED2LG;=)=gtBk}ER=;bmW5t$ z^ZEH)etH3-7u*MGhSz)!ZhnRVk~2Uf>Ye*l=#FGTin|6p&xCa*jYIrAZ}FvAiOY2t z&yfW=CUClV?o;F4uH!v;QatX(dn-M-_3A05~nVj0$4iN@O4+L)KW`r?Xh_?W2onm-d9ow~u~dm3@q*f#2Pb zw~uJs`gFzvCHCpLSVfJc?3a|e+v=%Eg0MxDu!N zOF}1mG7Wa*fi4zD=~jAm2S(H5k!j(f4g87+!?5KJcuIx}a_d^jR>8eAf?Ls1U)3WS z`<-ibRN$-J#hadzBpMw+jCy=TUx&$8H(4VL#Rf%dX_M#5~%JC{mH(hkClf@~k4PZ+@1b9lQeh3f@Mc&de z;l^sTypxV{5&dI-gf~ifpF}l)+bT2EvF$BDx55Ugx=YGKA%dW_k+4`ET3|Rm0&dxg z31fj6TXIXedEEqgP4G?v<^ZUg-_l@7>4lPltNMH`nuR2MDI;kj1{zMTe)5JxAQ_IS zaB%ZQoJ`A!Xyj0ji5Qyo+Qu5Cn6P%{o8Wp0w=Gwil%cRK72Vz z>0H2d0~{X6J#wXp!2sSkplz#Yk_++rdQy$krF{r#TWVr!XN1U?f08VqY1PYGx%QU{ z6DASFIdUWFhxOf2?z-jix!4&T2KYYIH8En*F{`me~`N$+)`*;H67MO~W!6y)SpurNmEBews50V6b# zYC$7#C2S)!3Fd!o1W1vMz*O4&SdcUVf3o=D?JkgJ02=|?wnl*QY>j{|VKxHTUY`sE z)L{nbg{3L<&@l748p5lcWLMC#T;k~n2pJOBkGPOprtLZl8IfFB>kHUmnTV99uv15PEO~SXiqHRR9@+9j zb8gEWUU2s`NlZ7r(DON0up@7vPkstB>0!xDDKC)&pt9R|N@%oh)d8pYV?SJkf`yB& zssY?q*=NDC%Dyi1^W2K>`J&7R5ri^d3=3fXacRPNMBRipfH39V~5o?{O`Izdv zV9lhZSMpFCQS6Ff2BxFPmB11F8N%sp-9OkOpQ(dn%B&l6XqQfd$qo{q>&iXyDU%B^ zfOUhmt!^-0q;4ce(makdtrbOK2DO#E7$K}u{HNN=l5iG|Fp~Li96_bFgr&<4u*;_E z@)C>^tdaY)9>oji92%{(biA3?Pt>45Z ziLZL~wCW~yO?=h)!tF3PAQ0at)dHo4LotDHGz3$g+#}x!FAU%dx3nuW#zxNXh(M`k zAxWm-!v>l+r28Y&#p|}!@houJGz@f2jKqBfD`T3UwE1FB-(rn*1XpE)e(W>>)8$%VI-n)9S09iAzJW8c1Hu{l~b0rz;Ipv zg4kWc$I4T5>5YBxy?6>HsJ*ku%_%UB=HW|5pUo<;<|DGvY^F*9fx*CuirxizE!-Ot!!vwJ1 ziH$>F&I8dahS$*76<$Eg9ln+pHfI-#?G9fDJLg3_;s84j!{EiV(FkL=5$`q;NxX0# z0Q-=*-G_s^ConbPI=WNshEBIhAGw6l@TJg_F~CCZ6Aq4rJ0W*ARDj)PU!u^g78k@W zvoH7xiVH61*G+W?k+bLm<1tA*3>Pd6aea~;0+H3ey!R>+u|DMmC?oE;AojO0uBwHh z0lGPCa%1l@&5Ik@=H+mE&|_emo5#YiAMQJ+l<)s1r8z47m!YMw-hax`XKV{p&SkPE zit%zCb^V=EoJ6)V$hIA_6+eVBT|%Aua3vD^=(svsBY36QuHYot?m&TC}69V)ey;N{_SDfhu2s_MYX z9V2uD@X`$2wu2Vq%xRD#fQ495Rw=_w996)c4UBAE$^+fC9V~%gwcNT`7MTtgMp!6j za?;QxCk>?vAaDi(Q8<(EwPHUWD0W2hbSa2q13@PhBBTor-gROK20%K;2uTsr9>JNy ziuoJl!TVWNPzeQRAzY(I&M%I3RyL~~ZnxmpRxk`Ade~70S0K@2VshaNmXmgsTx&9=8Jt?6u~XtQgmG^mMu-R{ONcexNOt(mrErFqF~}9Z zk=~Ix9GY$EhP?@xh>EEKcLhk;vqf zz06&9d~jiA@>|kEB~4#m5LmxVi~kMfA$nU6&2w zl4q`6<~g1HbDTJfOwW?WWT^>tOu=tPx=_$6Ngh0ExgQWY7)Bbmz^2?pI=$Qv+VLs( zYM`2HV8rA;JhRP25xDrsqj=uZI`p-k^z4ZY;)Y z-IX%T+z5k06N3b;%)Z2sV9Iza(Qbo*OH@@oH_?+cxmG9nVWSCwA~Z!H9dtXRK>vpH z&^iwzXjSr%o;F!@d)5-^>}DRw0SbK0Ive?0atBa(r)v|k-AKmiyv^_k-%iLAz5^C^ zxmA<`%%e!6L(b-<__?JHw2-|s|pPjCxNmN$-Tj$;Ud1D~kJn}MUhsTJA+ zr#!81F2NYXD7_0XpD6a_xsPBF#6_38;f3|Dxmb>DE29|VAO$DVELa5MhERde$7pw8 zRcPxYSVm|okb@{H)*D{j72!HL@1{!?)pyg$5w=IR(JH-@^fCH!A%P=ZBuNI~z%VV_ z6o9cnhm}gMhUz^%n-KcrU=%=m8X>yPt z)(+W)aXQcXOC16ze_ohq>(n0n8o-S@%JUq|i7NYN!?EP?h?Jr22(rr1y>Qyg&SVoAc zz(>lMq01QFe~>bEAA)RUOm@Op$XM8Hg^Vm?`*jzs(tAh_+plgGvV}}K!~kp~(XtgX z#sVEFWM2p;6o#WZ+RLs)foFYb(NcRv^Nyi9?{u-W@N|)6Af~uN;*7= z2T{3_cxF-cg4n-`YGuT|$Ou^<)^KIUG>kkVMOEv;DylJYSybh2f-s@;Uh5l&9AZWF zl+eg#uf43kh>YPL2;2L}AIoYD6f15EHh|kItISZVtPaPtm4_3}% z%yj6$&I2tCpcuk!?u1dvS-*wb8lP{6mmVk%a1%VZt9G< zkDe6QmQH420#A03t~dA~5=L|CWRvd+;C!$b!CqI(4`t9`VlC9?a+~cqh>$)D$0YdO zya-?M?#c`t69aoy67c0V*RV$tV3&eU+#}?irU$hq5byTRXUxnTe1ps9arJ5WN|cu9 zz@ys3)^{632bhUJ1a89wY^fnD=;PGaf-%a#b#kELmNDKQ_#2Gl?Ey?=Tuq!|jP_kk zTwx6HT@vbwmrxA38HxcfLopP!&h>9W`j0_YR|X!J6c*4yRc2J8aCmb#Y^Te{NoHYU zZn1{rL~b@AHo4IhK2R^s3FqT*N|O`CW8dNlV9FM6J_0!`5|YENKCP12 zoDf$$2E`%GIDd=9$Q?aCVk1eO|1-lA|Bc~pX;@f7ALj`a{5RIq7y)AkPhM0Ai_M#L z`Md}`+RD(Wg(skSs#bBxR-*zR*U%{@?aq~47KZz!Ls&OUh!lMR2eVdA)v&%~JwjtvcS zBk~KCPkaaEBr9hh^HD_49C#`+12c!2dl9UoIr~@t2Q@GL8<|C9&9Wmb$IEa?nlarl{=By^9q}cnSd26V~;H?35=rGf@5*{OE zfGGgMtLdX29*3u_MX>$B88D2K>18G&kVw^F8>JHU)By7duu!sJQl&nazxzcW=V^Ud z#1bMYiDm{d2^HRU-I2=4kNAP6BtfCr;fYm!E-(()1u+|)cE;fgs^T;<4)>_)lWH8^UnLe+0g6$)kbSv%sc@iB zCmRn;LqvB$g& z`qp)EJZLg+G)-RQF@jHnm?rxST!)dfmYV)VOG4^K5LMIXUx&FIb0aU!bDCs4n&kA0 z8C?>j4A&sNC(oYVWoJmw=kc$zr4wPsletcFkq(zFoJB$kQsz2~6P&qs1fPSqB|qQr z;JD){@)K-^a^%Zx=LxoeBf%TU^-6IzOi2hE47E|NrKINZBh}5kW)ky=?z+|$^n(?t zo*Dg-N;SN!7q6FwGjs4_4ZLJc->bUzlBP`BG_Il_MB0XVIr2km{CTkF^C#ri_INF} zgLop&r_*A_W)4g6@^#A(Gf`QC6OkjuGlpSB{{=*hw$xmg*~d0WzFpOSgH$p5s+KMlCWb9$+1HRZL>00yKlF`r(B!9gBZ?Q@(aI#E18QzyH4JtTIT zufTUnCkKj`G&$3ur@8Xk()wM@R}scW^$=qs9rlU$!+z$p>0N*h^e`|p+hF3#)oG5f zUW1*O+pySKsHVA=um!QOmULm7tH6wI=He2Z-r#(so)aZgA1)@%6CZ|2@$~mpU#Fkz zzYtAzp$iV8dNNl-PgqKP1M#6m0Y#=l$b?0Il%eTo(IGYQCZhh|bodrySh~X+t$Oyf z>C}Lzq|L<>s?4s8h(GfWD%DKJG!d2X?f;aw#VvK(#tVeiS_O85`B{4EPD?Qm-#+S!!@1lb@(af1Jk_% z={`q&gyjR)zdBy?IBupDh zK0sUfejmfQBf(QP z7GinLPXHOFEy}0xNQ^7_3>IW@%e$Uur|a^s3zEQL3>U4wfax-g%l=Cm9{E1j3#aA% z6xI@)!OxkNbR5y%9amM$#&Jyf1;V_Vc?*#(Zmj{whYxQ`{D%D|0CZ!=gx1xWmM#C)fNshJ}1^EB2YE*H?{bK74~XIv<*3y3VA# zOaF`R+-lmtrgx_NX_DzaQ`+PIJ#F?P2T{7wi#*M8kKTfy3?z*Zy-KcSBmb=BKL|hw z@1@fjQO!KeyvPJfGx0)?AM;aNL{9On$Q z^9BwXqxZ761v$0Ko+qNTzZ~0QJqYcut%9*`SXJ>mIID!Q^5H2$seHvXtmhJoXM?Fb znq(GVO}ku^m-TV9I_f29XI?;>(B!MIa1IxjgkOTo2)!)kD=@twd`<{Hhu}7kA{o7V z#;%O(j?u+!eYl0>u(*AgR_Ti{xwxH*;$AVp2+t!SRfdI% zL`TPoQ+d`0CSu-^vzYpPOOmpESB{C=&g;0D9u|MeV>D=I?Z1s zSn@Q4wZm6L&UX+5Igh}CoLGpOg_6pzI&ockHPm5*-UE=AjcMuoaB$x`9Z%bFDB2`1 zAv@L{hlyu|K7d)kF*a02GCG>3VuWzO))kx<)!QG)FVR~T9MoGw*w&?0at6J9M62{& znABT!=Km z75p#)Rt?~`)^n)|D=(XuY+{@7F?^z}&f?-_sKCzPugL768(P4N^>8lv7@Z1UA!HGF zKn5_y_X?gZ@DBvqBAR~^d8M@-XC{DF_%C>&N&cIbevR-1k>u=BckqdOKNycN7-cFR zF%mrW|8CyVQ~yMEHXa~@f53eNOH+6x5XD@`;4L|L<9oSboD}xq(vTO?f-Rwwumc{7 z1OmB3@mv|8AU2k9VJJk@Kr=KR2IJKK+ah-4kt(Ehf^~A6>NMhlPGIY`HZR`QlJqoL zIq^N=93}8x^gwX+!UdX7Z^MkpK^%k&99)$7~Aj@x~iG;>~7o zSF~Xxbv8V|nFG8W9Vt@-`kYulHRbV0kw{YSeyN(V3~)h;^Vp$~^-xsbcr z5$j)q;xvg8gBYJ{LyV4xeUflAiazJqv9tdboqFRu;Jy0%)m)i%~4O^-d&I1z}mpS6Y2}H^ioJ?Ou?Yoq z872imJt1}dB4#37co7piO~JY=czx(0EgRpu6sCm$>zuH}I>!P*Rw8d*MnEb1n31SA zqWaM9TvExgcP@phFSokCq(8)G*`~_EG~m93ZmLOE5UMd5v|%pwBIv#;bbmvmiZ%=# z6#K<1yz&uwZ|GvYBIuV_sCe_<+=H`8 zGVY--#yzxb;~qviY1|`JBzk10TaNX{yd(RDk#WzB8>8ca-$Aa*{x!?jTO#)f1VL_v z*`FTc{R0ngs4wL9hH$M5W`CGy9D!lmTt34XkL1`)1KB981i&$#-;$NSkd>BARz^8V zR-q!%tH>JjK3P`V7>|kCWOXXOQ}VXR>O{hj)dLH%_LJ}DK)wMYpBKKiE5m1yk0c;p z9Ia9pOv;BBh9ocP3;Af-?~~=5b!{{+ndm9<{ZHhJM-b#ogr((6 zfXf@YMC7Xmx0#KFfU}lWl7M_kv`T$2DPIjsKKepFS~mF@U(EX~@-fjW z@?kle-=0Mqnv5XGmkJB=;Txbgh-7Ji@hl?DAU>62-O@=y9hWOl$#n3d5_U#-_k-Vj zBOzXSN~f*AIEyP!c#Jgn$Q>vxc!m)Hyz)f5GGlgRoX&Wllm<#HAMYczJYH+Y2X;JW zb@(P$3;_56z(7sQKh2AQK4{{GH@0ek(IOJyG>k2%5nc|A4bbY3ixxHHHd)bGXoH9zh!6A9**H012Ds;KMw1QH_&QWXf-Xn z7VY9__r_pEVkja>pdObj056;MUetIBo{L>5I{3kYT*KrCa<~{6_2Pz>kMoJ#KwqHZ zS{p7ET82=Bu}ZazdslJ;H?GBkL61}t+lPcI#dS) zYqzOy_o@po^7l0Obei=5ffDJojna7@K~>^oViNPS6EN#DzTP`Q?0KR0Hb=w$S|zn9Y|~U zBtL;NBSd?T1W6lSdoOYpGQE4ss3|b6`|wIJd&&`v{tyq8pQ}U2U10SNG4inL5OeB2$-4> zY)KEK6xC5R9ENB<#Z$8*t~}uiGrtjb&f3#u?lgP`GbV8ZFkPLm%(Nm?{NiP6I3Oo) zWNJAR!+9||@j!AG<=ifXi2=ArSW3Gx&7KrS9GapsVQb#mV$<7Ly9xo0f%i` zwndbo7lK`k#+#Tpjjc*!Wks0G|=I0S`y{)cI&9 z3jo*TWCed*iJT*6kWyxrH&-&%B^`C21b(sG^*8#pTMdR1|)^JIV@Ls;2sXQWqCsw zlyQo%CM;o`avp;9I3?yCXLf?GeVl@IpqiE*TYy2Q*;ym-Og6@^ z3bS(bQ|%B0J+_AhJ*HxP2%{-iNf+RT&xI$(0sJU*2RMxoRz6_TTb>@$O`j~#O4CPm zvgzYkOZj*8py- zT;)S+*7`ng4|M{FcauZ3onq<_>gaPQSeM~<>G6%A5tz#dlAT*<`*7vpU1SRefw(!u zm_ab=!%-~d)B&v{E)F^|ZkAMr80PsSSqVcN2G!85ECNC#ugPmtB&r3k_K zJ6`jVccyO?J0rYA>{1PTkB~d^{|>GADPl- zynL}sf2`$vU}4dS6mWjWA|-KUJcpxhq@$^6%JQM7)@ymbF~r!BbslJ$VCyD4kZt@BBYio6q-}e{ zjFB*boCPvXs(GPgK5UMv9AhJ1o;Z*00!b=D9h(fL9CpaJwPW6q7cWs^q=F==Ee}T9 z*$a@I^$sPD!^}cCMghG9p1f}6G><_~ZhxzI+_!d{-B5gUhP(YOJtj^m$|Y>Bx^}0x z>^o*bmt4!_JL9Bbe`lO9-x(L$z~jB`Y}8E@c(myQ5sF(me%y5!45z%ZUGg0g4-W%~ z7JUpJNrQ{uU>OP<&#uwb$N{Y91Rq41Kf}6(Zqu0r)-4Jp-XNG0KDqcZ=&C3pioY;m&WDTqjglj!x3cZcO;xP{f+?${a#^& zM!_Y+5xkxTCmyeY*+4ZwhgT|*w4RakXVo*4f}Y3H(yxO<&)CVzJ#rVa9WPcP0D7in z(=%g5^o;TlV}MT#p;pqvKgn8W)vQ(3HJPQZY3oC7s9YFU3OngxdTVy7==zk`gM8t zk!PqL%b!?y<%*$iq5fld;x~IEV=X@u>Xa3$KJeon`h~Eq&1EJJ{ZFE$-_?iy(QD>b zU_*nxP(H27jO!z#K}G?Qi$DasGn%t27(Yb*(D+Ow0&Xk}M!m(=6uxL5*@TwlBpozA zvCa0Fx7EMvwnxfqWQ;csRBe0h9>sM$t;4Gj1RY*WmH5NOfbcRCOloebK=iAsIqgp@ zyp_bzH>+w+{LZF1CJN1!(9)j?faY>6&CwT{qh-?^qr^0)Ihe-yA@T>!;gH#xG$+YP zI#o0m^Nt)-u-a{}diSGfyFD3nE!{1KhGsI&(pfMoGu9!K;5CC@&hT_t=umkP+Td85 z{r+{Z`G?n0Bpz|(kbf(lqcuti>oD_g3@kFuHrW2wX@rZOx|!{KoS&h+zSvMao`0n7a`O(Vwp{3y_-CjA?T}lzU?;fjFAr72O^*{gkV|Y zmCIzjLVs`c77?ZfyvZULjxZxFM_}$H+7HjI017^c5e({&5h?}5>t&um7V`5}I5OL0 zqA<*XKSnX6E29|UOyX8E;w_q*mJuogQp-&;d|@=(@P*(KUI5bLy?&76^Qatp{6aZn z;}=Or#xK0o!|@A6m8(5)hv_EAaL=QgDa*LVz-c|39_Pc~(&II7o~lP8K#vPxRna5; z>m2#o2GP)v{40;;OV8luOm;SW8MuIN!X3o)+NBVC5TM(8@YEj==tO^*am(&HDR zN0QTeq?|E5N;0BHUVowTyEn-ja}e-w(*HR`$Q5baLZ}wAwF84T(&*~j1Ya% z`p~j zB8YOU$uK{|#imAOO7-WW%0bM<22L-&a_SW&#OPmUsKdD1(+JNkH^2+q9C|joU~up5 zuv-G|Mf~$82geZ^f0)ZThJJWQLVP^{e>&Rmp<||g0gNm0gXk(H9%q#BI}CqxRw@Ah zFB3E#agi4?r#S|D1PJom9_ZwR4o>i>O@#4-R`nw`sxg;#@aIw2jOf1Hqw+@4>@k|= zpu&HaRafaa?CDXxM$%`)@T22BDlmG)b71kJ^xXr_;(d5icwC}xrP-&aWg#9=h+ z7Cr+Cqh_yJ>rwBHp!v+Oy-#@5kYS`eeYC&WqxRlL^TS~@n+&8`ZxqcX#Werg>@W7I z#qI;x-q}^s2%KEzrq7>+-Ix1R&p7&*N@$CrAK*08szRC#`jP&qu)jD-J>l8BI!QHj zk6(^Gp-toAKh#VA{L81R4r1q#WCFFLa zm+ra3;ecN6Lbv@E)BHzpHb5ee>b`}hQ}TBWcteg0epc_-XL;1*B>E&KQin$pXsUVi zZ}AAtHS=$H*rVo;r}=~M_Do^i>{_Zkld&!n&MzDN&oYn7mfSoCbkfwboyqOq#Y&~A zx=&SvQF2xj|MNyPUztSnuZwApm+~{#%XACDm0$hg@fZ7X-h`p~lKYnnhsDD4WxeVD z>-6WbG5FAMru+B6CeXly;wH=MsiU47HhR=D zLFC#$mVY+#8u+E8Tq~~oa=%J;lg?D+nn!&%gyz><#T3q4?PsY@xOCkHkJ{`Z=k44~ zYhH*rx6Y>iSBRe95V=MVr++JGCP|$qX*F0Khcf)Pq_{!MqHZkJ^|zJcYbUo|Lv!y! za<%uV2k-PK{{s3v+>>U~My5MrC*6G$m)z`8cXgrr$FcO^@Cflc3Fh?a4E^lZ7g5)` zgo*RAr_uOzvfcUUqY^is>6bRmNiuMyVLCV zBsE_XH4CGE;r}0zy-6nNY~Q|Qc0+Z%Gcl98(d;yb<^_{!e)h;e%Z?j57iuMryDv%o zhI~m3e528eiSQp9+2Y)h;P@hewfzrBhh5_M*OcRE?qZnTxi| zqa5?^N4{LLndTca%Gai;4@-$NWiM&=n@2u>5u8^MidDmP#B6jm%?vT!Vz!2f@_ZfZ zavEZ#sSd;GE*i!hynB@7W02++agSd>_siXA?w2xfr?hXIdozD`OX*!SfjnGPM)Q?< zG|v|u{wU?V@&Gk3^K$y{guh>nTuXPs0hX&*%l6Ge3lmSDAImBG!Rskk|Lyd-Sm-}3 zwdUyu{KYpqCeGnEM4z6`@}G4raaJy)Su~Ti=7B5dF20(kH^jU?S895j5e!|}>wc7( zbvH4^!IIaX35P$dq4u7-h-UB+#w}S!>FR`73xd*)jeVFtZKSO3OCiqo*({CohtQlW zCH(Vr`j_28I_F$X^I}AOH&8-QdfDUth2cyQ9CIK?FTVue;mr3edk8z-Fwp+>-JmX z#{1O%HI(a{G8c4m_j=|?pS5fsZd^zI-u21JlXYocdIkCEDN;A-!5Z}52G+_i=9bR$ zt2L9Gplw+&my~Z1t==QjJtie^m6+SbyjP?ceLkuEyossAp)F!>{cbu<8J%ES*?rj9 z)rC>02KsJ798aXE&gcOMIR%<%LD;fE*dyo*3W0~V9?+uUgq%Et2IyP#_k=KN0QB4N zE=a+pF!TWA8=)beKrdQh9EPN*FDwWnCO|_i%xVHn709iU1v(;_9_~Q_v(-q_^l}FZ z&@>72Du@Ya;V_29$$%(DZ5GJKJ4OimO`t@+`T*#}C}O6mW&&L-Pz~O6#USU>o4c%@ zg4Mb9YCgtd1Krt!itx>v_6SN*Bc~9`Rb2$?E>J*q7br!bJk?9K!)C0{9yA5t(7i~- zBfS?c%N}%8wURqPDe9W*vIn7s#LXSjyl^&YcEFot#5~@UnCHmKeTrHf$FTF%MC4+M zy4sVC3*w#BRhpOW4C|t%3RG(yp>ArPa2*6@k?Nrq2=voTLOsQ<7H5QW32j&NBh&fgzV?QxPRa>1sXrp7S z@;kV_m^6+09EV*(hK;)artwAUa@jLXQNP|ss7UcCp%fLk{-*ImRH;lhi20LhXp|$&w^l=@L7GDzA?8miM=%de>ojnNGtN~Qo6)|2l#}yJ5n$0l3qfFAvk@RXht~Dt8hl3eb%W=Iyz3jf0P(8;A zfsX9f&`km@+DRzOu|@dovyr?say%+fTvtMk9S03+@UHp9%yYbDP%nLuM@7i>9|ZGI ze`5A>WICDNlM>e7(bUO!9t&#bq$Vmh5OaW|rIY1sTo3AVu;Ve9YTvU`=DJV}M}ht|8`F$6!fMO(8ViF-lU{A-W##80%y{+#tDfrQ=E`HF%GQ zm{&R`N!b4Fgo2J@fqICRf{rj6(c3dr(tB`+1_)6LW2`hxo z2wgAGJSj`l9V?tHA=9C=qiUw(W(mtjP8X>Kj(Y@peq^VCh3W>!PJyz9bQ-t^(EZMG zq<;P&VybV3=q}-GtK)=7dxvOns{@~AheW18cRQTu zte~aglwq4A*+pI7Iblpz5nf)c?xO6^&Fp@~Q9yoyKIlwnr=zySGal>Tuch&@qp^!6 zBp*<~*yG4`v1EG@GKO<5+7&0A01B!bWmvi;lQCCg#8VurSX^JHGu-f{rf%X_}hVN zUkKZbctz@j<6Y6<8i{wp@t(-{jX=uyN}w-qA*NycE;;t|MnY}_hqytd;f?+K-Hd(Y zN(mdVl3_l>a5Fbwg65BM7tURddOKw;!%}g?gYmvRKq$?~Kv;^ZEnzi{S^{-lJ9}f1 zs%bQFv-aN_S5S5oP*XQ^I{VRrGPF`go?{-%=0X0u%y@7 zm?mMhXE3a*F-JoZ*3Bpvt{jZ(dgTLjuO-wrkNYG}2D-8ET5 zYea*SFL*VKHquxN`IK7R`PJ|gb+K`;NL#-B)o_s-0EoICvyGTTjeWw)asRPdMQXIs z3#uyK4)$7+Eo0a06YK-+z6W*JT z&6=X78$l1X^ftnZ@I5aK#6jhOZeJ~{Gk|h57>e zK;rF29XSf z5WP5@et}+#TwP8W#%!cp~{bEZIF3-qdUw(wFQCF?EcT!C^d zC?wF6SCP-RoTUQ2bOE7vo%4lCfuvsHTqw{{N$)e~^#X-IJp`L}bo=A}O|-L8iv>>bf{oa<46aFYxYCAl6G2=~YU zWw`bUv_&v8E$Cv=XI<9;p;q8r6U)RSHhJ*H?+28e^{WrM4RKwo+pcB`vi9Bb7H zXs}3aay5=)o$e^5V6&^KKpUi-ZFe=3cw8$ysvdCVO4uDzT6eoz#j$N2bq%RJ1c)?~ z(YF4i9&vS-cw8+%s`j`pkg(&By;42q>Mvnjn?4F?pirs#5UK2Qjf|@XUUa;Dt}7(0 z5b@F+2VBzxdJ~WzW2fl?tpHTZ@uX|Eq_7=OJwPFWR&2(JT<24+GNGx{JLtMLF4l%T z<635eo^`FX#e3ehN~FD2^zwphtw1BBOuXh=FVHTj;qSOM+NgZ&x=q4Lu_%N7!L`{2 z9dq3;&~Fm&H`k*Ay(Q)4gzGVZ=1B@p_dXjG?>->V<)C>KYvWJGu_t-2j8KOApm1F> zlUP6XTg)OX>fXxRc|v)wElt7G|qYE-QvvHlu|nOVw`PvwFmwlY88mr3Q;n z8r(Q%+?qaix34pO)?_oZcYtQ?b7+ReXKEXU4$Pxjkw2p_ORWvefjLGfKO{8o5gdkk zJRSTkJVVNF>o=otNco^;G;7{Q(=XEk)@}k1Pc+{Sb2H2V<+qI`1&`{}JwcZ8$pgY{9>^;{!r_=*C4 z_Ox?%x^tjshZ=w!cc`QQ`QZDCe0_3Xl@I~^0f5<1!@rTB#E^7vcdu z&1dVpB>3Mi65S^y{HE5K!v~bV&~Qx8gIr1?fx|(;+-uD>x5`Pebu}Q`}F9{}*D`m$XJp=tyyI z5c3wnbcwr;q%u;>J0;dDlHz^BbMtJbTe}_2y~6W2_@HD;Nn0Z=fG)|`PYqcaO>LIyDg=do=2Md&nv9qP=U6j**K61e{vqFFLkC(L7ANN z1Wo^gQxH1opIixWf7 zKQotR=|q};)nkg4qUTi-cWDQ5Sl($C%nRW&p!{{DJD~iNbed0!`%P(e5B4U{uT9zs z%!bW&!@R8Hqr(T5--R}zmFhiyKT`aB_e7Wto6+Z^g54+&H=Rdwo0#u5r~B1Bnt`S? z+jpQj71Rcl=PzbEZ^Fz{iw_(G{Rj3?ldnyB9_|X!>d1$r?~G}q0eS$+O1(7=(dY%NI{{VZf>4@(W)Vg?}B)1WY* z{5>(>g{k|3NC}+X=p&T9(3Fpm*0FY!w{@q!Fnf#HGl%~B&tu)W<4T6Uz5H|d+|}V3 z=!&%|OF6cY<}IDRhURynB}ade|2^CZP3iuyJzSl0JXyeK5`XlzQ5w zG+)`n5_0)C_Keg_mI_Y!33Muv`*i;bcW~pM$gg?P`q)YxtmhmtpnPu}%?lD~&Pk$q zMKaB&Q=B6ls(L)l_Ymq(n-J8>O&0%h@!xhOV>zVf{bvKYJ+Xr3{kKx0 zkB~1}>ctI(iPhEHTaQ2kHF~g=z9uDe>Fw0dc75bi@A$x=f_W6!p^zDAb%d*-IhEcMM* z599Jtx{M-D#nj^p;$G^cq^GnzBR{c|U}_nphQ*Iv~X<}8>F)%Ir6{NRF~aCh6^v--gD z-zJe-n~oQb$X7G6`Xg4O{)0y}lomcqt>`xfaUBiG&rH;{EVW-uwx3yQY6rIb_qMwd zIIqA&nUr>wBbHQk;jJa`|7;LT&g_=6;r=WC8sMCO#!xrQSwnka%)nZ(6nWY(gSFtR zbec|apC@LTm=}rptAw@`_meQQ)Na)MEcKL_LvN#W-Zd+cR-dfZFb9eG^i#w+Bqn>V zEH!q~5ws!WuKffhq*~uWD6#K!+W`CqJ1J>D)T0Q_p^G?5>5X=SeBKV6--_50KJpOj z;G%AK!RHX_NR~=GpZt*Wfbt)uF7Fg`J$aZNnbt#~oV$`fx>W4S+Y6tBHV0sS+2Lu>se`@%x)Ss0hgx`2)%hiTVb+2< zpnQ9f8h&#q&DJx>!{{;Rg3mVBy#NXmR+8sWkQb@yg=RFr-uNo~wG^GZ-xI}ov={k# zX!*PFDUmW?ynuAxIG26*Pc3M!=}5DixZlb744A)&nUMc2+-n2BfZIxp1ker-p!tWm z$B4Uzn8U?fFXk&x5~ur9G>3}05N4LD-~LZf(Wo>bI|BQOikY$Guj+)sCs zxEG5#PkiFVy;0nci1~n+h2lR*%(unoH8G3DXQH^j@iRdZ%p#pTjXKz}RC@VPY%wlC&r7R{VzRt{aB7z|%-?%&&th zuNQajo99r2@8cfbfF3>ZL`nYY33wIl=@QOZKa6__hivapWFNXJi9Jpz`91jTaJdj` zaY7qhc8yS54x0I^?;RP5yTesdaJtZS!M?!M^iRb(hF;@rbZSUwwvEEQSc;4A5DTrE z%E>s9RL(?4%kuA`C#RxEJ6Wo{{lOMl>MQBvsB?#KsP#2+U|nh zB2uiua^hE*r{m-=X3#NR-3)xr#4$IS{xEWRXU%7j%gxGI8mAS}Tvm_cx92Z;cVxaA z@&L_U;+_XHOFh_f*6?gKY+t!6Ta6jF9FKBEQmjDg`KveK{ozQyd|~5_pwq(9%1(3 zQNN=n#p&0roT04uagMX68b_ErTy{;8p98g7%Z`-C_}}5`XXB?3?p7FadDJ+}m?ARn zaE(6+=kQ?SY|0>xrm3}Y+!ut51FFr1nVVcobkYxIgOmj@!>OBw!%U-|DUm~sPRh4Y zX1-`@zhiC{OTF=^0p*`tb2N@K9W%Jr^ua2b4-qnSRFX7%|ifO%oZ*Fke<;1!r%rI+~;{WwNq0fsJE5Q6)18LM;L z9xDk`;Lcwivb3Z*cc^{7q;}MNpLY4mpMJ|IKXyykkD~itxaT@{iTgS6e;H<(>t&k; zblra+K9Ra`YCHDtp;cRk(^H7$8cuOyOpbG=LC)XPd>XCS(!by&>@L#GU%eL^3rP#W-h{H8+$%-mMsn@H z#?^Y*i&Rd`WM80DjOfHJg&mWcIT;h9@q+JB?_QBP{`}RfJ2#YZ%*^>I=bLe(v6``k zKKq~t%p8YSgJvS_GqsezIt}KFSee0j*hex)vuxBk2}g%&c{Tn@%zB8~M*3^^+9NSf zabRxScyudOcts1Odr8l>Fq3x{faYGA5qyIgv`5X^&N8&%Feyq6{D;*zsADR)G(KX4l!3+uo0YGv5Ku<9q0}7%LUwn&q#SZ(r{`hKLo+hI?gJ>z1` zC7BloLFbn4>>2N$$sE@`BU5C)+v_;fjp%`~?0T5&<5;vt5_#^B%-Yc+MVB9z>WQhk zFFTo?k_=lLiH}|dDvN_bw_FtgPx4;YmlZwv;Tp6QQu7PykWI#4Az&nvlef~jM$-eAujVGX^daJud0v9QpLTtcFj`T7QYOW zKg1;T}{=_`UMSRT7_g>gdx0blYwXhxhhpsqh%)s(5 z7B0q)&%yE3m7ei!lXXJ2tJwM4G79DD;L`5EKe)6v_|)^kelqW)Ii!3u;&R<@wqW+P zaHze3V`vT&9gZ4>o?mo_{B1 z{_1L&alGu~xcdG?&OstAJY(q=zAFBkE$sNQ6q)b&tLKA%tr?x0XUg&X)eC|7Z#Xyn z2b|?+z*z0eM`LBO-Gc~i50i0wqLp}J8Qtt* zBXma2+XtVY;+}#T>6M;~;>R#CM|M4hvNt;65JGitb+_+9`21Ck{pJqWn{Y2qs31<# zS2k)t!5ztW@}Ox(`2X96$u>&!8A~_9Gx@}7Z35fL9j*$<#rUX(dtL{}N0lfQan zRG({hK8kkiB40gVRxK?jV?MW&?fmI5sfSO{+eXTso&HMn&K?!ky|9n`>~J*#4-tMC z_c`!Tm8;Xo!n*6k04S`L9hv&l+7#YLpGd7~3pZ;Gsr5yxG8k)FxQhnUp$f60g`31M zwTA!SVzJg2jP&oLJZqi1$w3m^hy=ztthl70V6sM#a%P@N8HEy&K72< zzieSng~E(K%7>dRDosOi^)Fh8WAe44VOTX#4WrN=e5at5h1vDeA8~gbQ>iEwx9Vku zweGo)`DQ`4O(QhSg0|vVj7ME+i|19-Z1LjMY+JlIRc?zHrxr!yW#A6kZT}x>_Z^?p z`9F^TI`h5`p=qtyv5K0lJ!+L2wRg?zEgM-fByM{|B0{MZtEDzUN@xT{t3|7&ecQBD zt(Fe;yZ6v)>1GKFqHVCwjba0S6 zE6WN=5AvLv8#_VzD^EPl&b}g*7p0VA-;rw65bqnYYos41J2mmvHtE4+ck$l#V=3&< zSD0G2q+hmqxib%2U2DF^+SuCbRf)Z4>yTF!79_>D4RdPMSR`pkcClAACSHPtzUCo= z`;`%IOp|u>gOsyKhs6A=#ukyD#)EQ6MuNL|*KLiIXy+-f>TEm3poSVOA5~;6jY+6k zgB7AOa1E%z&e;lYQv(_z{uLX|GJTrXWY;iOtmMoY!D_QVP&uq#=2u>xOsR({*|-3w zSmZ2{NA4V<*GS*?T&UG$)lg2}ufQqP5S7M<7Ko?(SsNL{-mS-aO0i2L-C2D$n(`g! z>(m;s5Ibch)_^70DJzL@OXiVg=H2pY%+650EYa6Z*!QS3zGj%acz^GXjA4CEnOYyF z!HM-XW0j>a)|}NwXD| zOCv!~v}FrO&}VJg3d%Pwz>SM1mKs1?vRJ^#zrEVAR8%JGvNoKzXNRObYAkruvjaPe zDrN;WRqqb$8R?5r?%thQi`Q|AaNc%h?WFj?0Zy$e>q>e&1Jv72S&4OJF{omko88%5 zO4(}tNxeJEB8>^E;oY6Bu=CXydR8jmJ8Vlss2%#Ox%WG4FDXT+7b`+RpSAby%_=s6 zl(Lulunr{XrM|2`3btTfz5BAUQd}81N$RADfFR<`C=8vZRFE(U0Vk9u0Q)7^U1mC&t8yVZU!*k3`@Z! zD}aqh$!$*nmJc-?tL_vj<-cMq(^k2=bssWY#_(#X-Y(rNTs1<4wei5{um!ECp! zCElToH^whQLN z^(AMUy7WzqQ?rG0WiAsB>4|?i?EaF@m_O zhZT|5_wW)rL)tH5OW6g|mm;>5{V0X&ST4JTO6NBgh5F>O`=tDpQ+$@O-$`DX(|ne* ze^6i(t>ZrH*w|K3dpbMdqp&>YN6I|(g-;&4k8<+j z)eE)t?03@jo=%~Eq(trFeKE#c<1`3mJ2tQiwnjDC#A@04*5@PkhOH|;TiH9Pbdm38 zpB*g7)-#`7?1r7PyzgFi-&Q5xee4fgwSD)q%HpMexduFU6tEtsVm748bH^bTk87g&mpv(-Z-BJvT$>&2`#Ezby*fKWs46L9#uVREtPW|xj3goX@0gL9n(lkr zR+*ey)xNMbJ@rJHv$pQ9nB)5udjm_!VGX^O2(?1V_4XVajLKqj>#X-Z$3jtZtvb(= zQJHw8bDk|i!I3~EcAo7(!F=E9`wjb5#`sFHWL;)YNpOa8nZ1xH`O4WxeJ?XdM`&C+ zhqHpq>=jb&+!G?^fs!q|%sR^$3+;MN#Kv{Pe4@TfzCW^floRW_%F;?CYPibgp=2pn z*%p~klyXbN?#dX4?ff-%p9K4WYwULvtbf1wUSqA{1uHrxy3XDv!B*-9>xGiNbb}2* z<*@VX{_wrQ!bs889Da9LA*o_=HNSi8GD#J>&z{+;1#?V% zUqmU>4P*RjWnW)Sd5!dQ<*|O6Qk?`x0=iOxAfH>ph$}G}&amL4$OiFoTz(^lU zSw{M5fS1r((yGc%t&H*!>66Oh9VTTLsrOKEW~v+{jU6h^OqC*3Iu9MvuZ){=nqn55 zrz+=3mEb&8`GHh#$?R(7lshOfrw>K=l~c}kXX0OuI7dkEdqp|h10=6xyrx`4!C66u z-)oA;I}poaL&f(pDk&9vgNoS~qgMJ=QQ$2t*n)lN{gGcag})~S^Sy==*B>Oytf{2F zq%71e>qXSVvNe@8Bp%(~QA;T%ZCkU`&r>-^y1t}9=nCn?j)j`1@(XFYSh75oKc&Pi zhxQInrS<@k`j7dmY;)zo zKXVKIL#zquGU_do2ezyO=}*kpjl{6N-lV3Oav-S^#zv58MnDbY zNUc%6q`BBHA*6v=N)+i6jKz`8qf$r@v7JuRG>pwBCF0a(lTM*NAh}`fYe|c6iZ+va zVJX{5pW=MjM_RT3rr{7N9An2wnN=Wm8U<^d_$G+bWhl%eP$kw*8HdVbbNjdO@1Sg# zF%DO$Iw|?2P;tGklTt`2LwdCJ@1$Hu$)kj~m3t`I_jmDsTd6P%YJjUFz5Kf<4N(y5 z@84BvkCJO~H^q+xYjJlaic-cD4)gD>B$85u-ce?uUf)r~HG;gYWTj)>HHwO<0sbg^Z_^pG5LT*xcE;B?Kk4oooCN)g)N69m(;Yv74_U;H} zDhYabq>@5{>vbcQnJC$xBb6*v4sVcr+<&C9oD>!XT0=S=3)+N|%hE`tfMUUk)e{w8 zlx+1xB^xF8Bomdv7u<8N+$|j6C*}VPL0|FJt1c;@vzOxzx1S{=P*=%@z^MDZLT~cIh^MEjAI4XzT z9N94-Tp4d`VnC$gkD4LcqOd3>4h750BL67miWk)2mN1cPWjGvfXQa6A?yUi{l?$ZLhfmUHD-THD4lnOJTls@jIO3uBdo{Wr)R)e}M~HjEN;#A` zClO~MbCgOl#^Jig9Hkb;?oQtoFjskHL+{h1vq;eNydIL;TeoA5#B;7s@PDLP&lCJCt3h#GstK+rA3{i)dNUwf8IBiOoh;#KO`fBiCWRio7m%wwvtv&J zmMit~f~b={`y|djU zzpIq~q~|q@I;~MMNcZyEJMxs>r0wDudV>-hEV3zS%x6zMw~fjQlG&}E+a{%mR6V@C zW3zHOM5a8nrg`~~6+Kice@&zETb2H#%>26LKT-Y$iTMuGuuXX{43x(1>{7~aQ<6wW z>WF7Elw?$~wP>1C+pf$YC8Oq%ejN5!z;-2z^boaNO7V+U0=Fw`QF5!eL-`1m!#oliR$-tFQnkIHOw#dD zpbtr7f==oM%EzRT1W+MqYQkz>poD~DnXF^jwwj+Rt4Ys-R`bKkC#WJZAM(oGsM=WfAH7DzCkHT6uzU zvZOi>#otVC9SNm4*^Me40?#U`q@+4M1HV#6N0r3-27awDc!0^CJO2ZgPnZ{u0`BCYN%4EZ)PYwK08HaL;>o%3d-#Z!^ zi)HefIS<)&Mcfh)|D62QoeQ<=N-XJXu~uDIl2B><>JCGsoF!xI?y8i)8;bj6%qQmb zPs&Zj50%Ec`u?QcRvh9RJutN!z2*e|q`WG{<9#2ppOvblg}(V^e^%ZmKMA}*!_^VQHD%Q?BZd|B6Qkswk zZ#38=r8OyD?C~Beok@$t9`CWzi*#f|4euw)0MdmGs{@}XBS`_391v6ZV$y*<&sfp zym`0$vd@*76nkH^k3mxkYHU=)o~AovU(lmWRu> zhpJjZwbdTBDhAb2huf+jRA1eO%3{lgb_{Byo+8~H*fFTF`UB~6p*PfDDPO?I?mL2s(tNkcqhg4(Eh3Z%?pKUSR{)LtEh%4B5@X9aaqAtL6H z;X879(A(;CjLEZ*Zt6T#u{AYhYfv|J2Pq|Fm(VfN;BE(kx~peMW4jd!eM3t9bxQY*1{Y{B*NUbf(Rd2d^Ay}Yk_8%sH+d?@nuvtwgL48Fb!|Be}O zEqwr~xE$Oaa0%`X3{d~TQeeKH4;omK67L5LRFzaHMNa!b)k4A1_V*&?tG2EO4N_~` zx*IfDZD{MapkZnYTT1WZ8T`IF!Pe`+W7IHP&4S0OxwhH` zk5|8y5@);Rg1yxL*s2)pt=_g(GuX$TKC4=fU|(AslLrL*+nN{j+=8#t!asRuBuM== z6(oBiNPUWuXGB4&o(3^Ew-^~5q?SY75_b{D2M4RQQSusKu=*y-DL&p5Bx3z-RTAGo z9822fo$ec^hLD2qma*Qc5^uNK$*E z0siM?-{x((&z@uI#owLpqBTi>fzn(8JN9N6103#n3by4s4Ad$nCNd>Sb$v@O)LD1u5nArG@HgR2rW*;2~S6dd!Ac z8v8gzJiDmYLCNFYg=%M8?jklzrW8xT_TWY8YRWfbbN=ZMnK)uGCL! zK^I9oy$=U3SM_-i%VZ}9p9uay%_AkRz7+hSdVYb7jqUy{c%ACG5KH0fCpxt}^<9*c zZy3x&^3>rZxVDz3`jC!)R9?g)QRzIo=R@%|&t!_N6X(-;>O9hoRM2vgI;En>w~6%D zdl1VyDzLvHFp3O1;BNpNjuqxu{LSMQpJ zY*fo+LYc5Wv9mOLP=iP#L~NIuDkav< zw?p=*c_iPFJwx`Yr%_Hew&#G5d{tizwL4kwo+CpJsx45NtkH)PLOxZ8lK6)=dKIc6 zq)H#%=yg=hlEOP2Md}um+%goYRu+^ATg*!AnA!%FCe*d&akamUu})q6Lq1odP)=4+ zJc)NooiD||><(H&g1d94)Ridcv#^j;>Uvu-A*a=?q?p2lkTdE&Qi{-*Y7q+NQAWsD z>P3{Ce_yLtNHCASR_kO#tL0YeoZ1>Cw>{_Vy@mIub3@Ll>oF$x78lg5s4N~;Cp+YV zx?7f_{53q%|AP8AX=>8)kZ;sRORxr|bDuRK->TzCaE0|dbvjC}ao?+RP_p*#)f^P` zXL;Z6)zva34;wks=aPDd)KJ`0yrl9RsKLpb2Y(!LN%bOq8BoLflA238<~vE~G)WQ1 z442eb z6?R3vY-?A@6*VqbwzJ&gh1yj$l~iM~!LF*aN!|Bnb-$)&lHS|@wCXi=Icb@QU02tV zHi+1D^V8u#B0b&nwCYXu3@V+&Gc~u=3#4N!kB8h= zugH{Q8omsN72G(DjgeY5^*p!Lu>qi@D1&AN#9k z&%pb*ENOUd|7N9MNyUoZ=ckZ|wqEpp81l&0Z@r&~{HC_YQk=Zjp`JCKs@+I%eekK; zM@qEJ41KDOM&a@j`iEL5V=VJfg}}eni>NFX7f?0yx%$@!&@#C`Fil?p%4AEYv?wPY z4aa}Q#+s`2Lls-qV_S!6+TWN`t^tOouY{zq>~;+`w8pmH4RvS(Z4C@9qs7`962*F4riDOqe^@57;;wOCR`=U1U!v;}z(gZXziw1-xNDrWn4R|xE-)mdK>dmQ?% z))^&Zy)}IU#Bx|zFRM}?Z8#~W*UqwiwV9|aHqO6AxqjL*Qn1i_+Q%rlt?RE9NijG- z>aR80i1jfzKN_e7k>LDju(p*1=SM@egCsaV8m4_tg7c#h+C>taAC1)XO;BbgyXy5v z=t!+13Tpp6V3aluC9jE()@I0*xK|saEvJ0jYiVI)v`wfS<}t`2bj4Qru(4YE%}@ix zs)UW#w%e*3=B0&wR1#|u=BM@lxI|sTg0=ozN;D`eLW|s5BA>7++Gn2#DVgG0(A2PG z?GIAFZs}puwO6;vSTCUrtublFsM%potv@P<9bTUqHbE9mnhjUA8B_`uoW)v`;j(y57Y-b76yN{1O644dpKf} z4u7>n3Z9h~+6!_rcvgCw_8tkImENI^Bf&GlJGD)=mU!>h{wBfG(fhOp`(!CSM(pv< z*SeuH#IwYg!wyh=MdE4fM`4GxJc|83h)p`GdFDgD92Qv1G3hg{8L43%_en)sXB13d zjY-AYA{6XzJ4`yQT}Ksjn4&Y<0}@Qp8BP2lBJrhGP;&ZiYEBZg?538D za^ha?rdB|LX9RC*e@iiV`unEV=OC2n6k68ewzh%u8#l_pZw_xMF? zSpfND4?fh=QJHMesQT@nlgU=G67=qK?H&qxH(bc$Q)o*Ln>%b#6{hzjwf1W&b~)iFxds^eJe1se8+txUZbKaU zqC-%MOzF^bQCVzQV#Fke{xRvT#JEY8{wXSxB_w7{DyJW(SnGQ8C%vM7Cu6uraM$ml zpvw5b_S;LC>-r;ZPekhn@KH<&u6Sfk<-_n~Nfs~o-%l(VP+vzDNIqeK&hl@-9a-+85mnY`tcCNmXIFo0P9!f4DJ$1LDl4&?2Qih{)*vi7o z;l1@)s7yA$@J4uF{UE95p1a}w^edz`dme?qr}JY_iaaLjuWv_XvL?0u2p^!|M?o)X z5rcH4xTL7k^+Rh=W=*OO31%BR)dix{hKA#D=J zXXEtCq?R7TBgX5GNFVf$^q-(VL#2r_y&@*+!;eGl8SIm4(GfoSCepIq$q|0~H59aE zRz!gQ2TI-{4%0nOK)!Tdar3f>Fx?X+m#i?oxr~W?t3<4`9lKC_D>6;@BTW~| z&@)kT?>kdpP5MuI#mHHDw^LAx?4>#SSX3rkx7;&wjvhgJl-bO4zMd+D+mQMCJQVa` zlgRnH+i55TdcH&CB7GXliM_N$pF{F}w{PSUeWk5ILYr)jj?B@&l;ZGo!!rFM#hz91 zi(IDnJOeePv1e7@i}*lagmSWgt`U(dbiXek=430Y#YKLo=aV9K&x%~5UqR)tOM|i^ z*Xhql>fq&(d3w_?WtoYCHb$=3>z@UQ=Y=ziBRA>uNJ`e-@GZLAR~W--->Q3{a#-)K z*CMy-O>O-exlPZurA6)1-M)r=kg{4-zTVSTy{P^AB2*S@7~Uf4pziSvq|9Q!AM6)( zNbgL#tqhAgte+rt(c69)=R=~7=x=@t`JDXA52B)u>K#Z4nNx+jlMbW$lAw2w z>O)BI?8s4l3<=(i_)Pa9!MhQk=}^AdG8nK<7ukY!x>ygxl-Vqz`t+z1dM+ttZ&uXj zdJ#&VU7yxZzoZ5iu}rb%bdET!cP2p%U+7+_G}c4ttiDUe6gZFjTHiyuGrU6JIei~W zZU@hoYFULqmtbwYV8>v+{YF2J`Le`4qP0=q=uc3xo!{zzqvV$1Tm6;qpq)-$J@n(K zZ}lpqzM=b~F6y471KCAU-|3A=^~IA_-{~z$-Nchs-{~DtvWD;V?x-AbrR~e8@AWYh`OauAbq>kh`y!! zqo8)T=-c`n%GY*Mjp)025enM!dh{>4`;SmVCVMB~t>|C%G!*3P5dA=3jgtF^$ND`I zECs*mUH$|4AmzK!Pjz1uY+E}={H4z%!4mRZ--METgcrJY1@g&0Q;k?I#{>sMNq#1h_YE_K)NK5t@ ztcu}{Ln`Df26i+O97<*9ixfu`RJPM{gI=ZUykW#`Nt6`M8fi1(iS<7gR zlJn2gSV%fHC^5R8u^p8uwkR3V^^Ms#v6px`@g!G6V>2m6Trq2C97f6c*U-2jW9%l& ziEd~-ML}DhR&8vUw`A?mmN$%7Nw8!!HR_{eTbdiGq{`J+M!#uXCKV)aiEeF-z73^h zu{L}6N4GQPqM(N3(VdLdD7j>HHrO3mpL6d*?QNrvt?}jFHnMHG)#_?oCiU&BmFZ^G z|4HUsE1r1iW`v=j21Wd3mz0+@69rf6zliQ`EI`5DH@|FmV?8Q|b;-LN-oq%AF+6(e zY1H@`YRF{%dFP{h8!t#7u*r2h!x6O^1|BaH$SOy9%kk;XHWtYNgF{Q~*q z+CRpqh?4VYoDqroOiQiyNAyJFAnD3_J;vKOg*v88C|ncbYg{0GQoUS^zi|VV#)87v zgajHD?n4df;%VL*F~LR+Qfl?4F`>pAsAIU#nPfC2ofCVKaH9w5<|c8>XY?e^fnz>n z3@VKc3-2BiWhA4-o3kVP#Y7uUQg-ZMp#`KXAC45tkrF*IPG~nOhh1GIjt7m3zd}1@ zpG`4Zp`g!#W2PA6ZB34eGp3-jSnb*AF-b-)>DTV_Vx}1tA3!NNEZ8qACdD|5g5_mJ zOq${Q5MoYVS?sxH8lh6G-RMd}(@BZrs_@yy3OlwXX0GuCscTq4%mU*&DQlYz&##WT&I*e%90J2oPAtMS}cQ0z8C{S8~j8r3}+v%~O2 ziR-2w(Xl&?SX=3_dyL~KnD2e-oqC+5TA2ez2C01rXdY?UE>Je<>tN6d(!*Zau?LJiQn`0Q zTclw56#B+iUhE;m?HRUH+zH(qTV$+2$tN_983iP`KV59xK{@%0s83^yjew!VlxVVpyy^LC4G#GW!Pq2Mm!uR?cFvL{X%4`dAc?3D4G^djm{ zk+SSxSfBXXjWYSPQ9+9B+S#hkX`=zDpr&K;8KWKPi&2#)pEbInvc&t1^(LP)=KTYu zWU|Wpn@&D&%z7c!G^_383r1(AV63T6Tfd9O7Dei6cCX3b8J?=tKO=`t{@%z&Wr_D9 z$4$Ou%yYelVI^Qu~htO#Y8C4h8+9u&ah2Dogy$!N|#1jY3itJ#q3i;~eRb z6*>93@r2Z%T*l-Z#^^FoCX|vr`KEDAihq^8dh#vf=Tfm-#vismo_yP=UKaCV%AbvT zsABBFpN%FmCdxcA`Dde}tuvGF8a}9WUN!sr`GKO>PzA=yV zBI*y3ayiN=YG+e^HP)hJ?Y|lyq0)J;EO!yxDJ9xcZOQ`!=80Ic%E6p|WSpZ?%>9j~ zJTfjxvEPr}40vSRL&;_EiQ(l2QwvWXHJ|dt*o2bXm*0&2DCog9Q+_kPu+?eGQ{#rM zcc=VmJhnAp%3p?FuA~PiO!>!fL&<6Q$EYY{qD(&#t7j{6$_wK?R5~BN+BrovhoPVc zGljfRvIkW&NXD=SRdX`wMbrwBG93jyxO%c?&PB=EH8V@bMD5ukw%yjcDY|*s*0w2z zd0UES<{X>C&0k4>`kobfPJ($P4#msE)XEyTSq=q#_Kk?uuyt*UW%fj+^T^z1Q{2q{ zD40HNs+;*fN=~1f=`CY8eQstr=|xm|kunJd(^qL~IWq$#YcFTcqu33xJu7EsllJz~ z%9Jx#kiJ0WN#VRLXCAfHY04|+WfVN;@y68G%%`8$4wku%R5(FZ>YDpVcg356bfKV^H zkIUCjZERK`bsiy5@usGGB`7nE zeK%dKYtHt#&e~@C~N9zmSv(+T-9kY)I)F<9KINC0*r#aeIx43uBi&ftp_n zax$2={mq`$AePRqZ5|WX-#m?Svd(?WHW*+ARhMOU73WR^%@0tS?5n-raRbdQ6kBRN zwFaBrYRHt!t%ceUGnRC>{BvuF$!p5k{qiUEp=M`NPT#f-hMMO|%lZbziNF3`OQsAL z%fv7Mj5N29=1hu=8)aT0eOvF#2BXaF^<>KL>rIIp zZQdYteDzv`(PmtI8GHNHlxFXnTS&7eJZ`aoad6qQa$`GIR*Bi=|KbC*%^>Jn{>1z2|apTQXq&5fU3Ed#&uUjm{ z8p(X$9}$1I)*MH=m-ltu31%uO;b?B$MDt5KW-xE_i5*)V=VQLpSe9}xZ#DNbgGdQS zH^upz`|Oxoy+HG_9orrkWHx!DB%eDAG5e4bj^@XOnu|%TBE{dSG`EwyBkRXaGXJpi z<(CaNYc!FiBpfY_i!eh;_wrI-i82@2u@iC8=6~$i*|=C!Z(5S?Lfm9?80lW#DmK-O zvtvKR#hJ(L*v+^E^PV01IWE!c)U0G0w1(46FH*wMM{&vKHao@}rkdyN*q?D}X1(Sm z`N}m+H~Wwhj;iq)=2AQMX<4UPV8`6zXPRYOl;kTaJKJnYN;q0MevX-9$2ydqXXe>4 z&-nS~V>|Xn{6f>CWy!R^8NbL3Ldk9GV)Gg*i$!nl6u;PffXZakm-LFyHoLtE`O?|! z&E1S8=5ACP+alf-T4L6C3u0L;ck_VwCFXWiI%}{~VL9ffDDh12I?yj9*puX#HCsWx zGaD_ACMkS{4&149M@UKj*Pq(UucegTk6f7 zP2xT?H<4~n(i#<+f1_Z_{wV&K>DdKRri*D8-)%C3P-$Yz-k|mgb8uH#N`nDz{Bv^? zY2&PK-Z*8(b(695K7YrbF?n|>v1BEjF=J7gEP5tSIBR}HF+QwZ!dGTKY0s>R316G_ zd&qoA;WhaMvr#Xp-r>~}zBT*wmfDtFFX20LH%cx&-;@o=6Q<2(UVYr$d@jT zr5Y!EZx#%Yr6fl*PPk-N90-z60$ny6qSA0FxNNpYT~++n>Dpzp8w#G^ZJF?cInP$R zgdfd|wz?!-G5ZgKG9hKJgsWzut^Ntu%+`ZTV#5-yo11KnNw{Iw7*Z1RPPl0i z@Voh$6pvY3nDEp*MVhm=Sm-=yw|LV2nR%IXTpTYwGw-0XnCAy)68ZU}M8UHApM<~6Qz$3C=l$F~M=G3fJK?!`2_@&|bNdK)_Itl1{A1q77<}{LNdj~H zCi96hMNJNMbjcL`DPm1g#o{ZJN}}QzPI}={F41u0lUn&!PqZBTeaKhL%2$0ov7Ez$ z)Y!Le;;W9jq!%9D6Dv91M5VFklZGT#b@-yLDq}^KH@%GjvDdM8^zU1&O|n4Wx=;MTr59Wg!%vsI9o$Hwmq^Wrq6K6YoZQV?q=a@};t9I9#iyS$m zs9IfXW;xc8jM~jvj^mguced1V7M01Wt^6f1*D=luYM0B|az_vf*6_a*mph)IZm@fG z7BpGm=;jS6Z?N}c-I7*1d{H?pYkGyG4;^zzX+ot)ed(b$Op@kJ6r9jkIG~} z_iIsZP08|EZiRRTa&3u>vjsJhTv}ZHjimKsU9n0(v-aqg$g2}_B2+-g4jjUk8YsfP*<(0VoslTJeN|+uZNf(h0|xf z@rkOOcf5*n^3d7uCtYw=1x`j+D@6r|jqblcGrRm|W$qC1X-DA@ZJB>n7IZ|grv_Z-EP65hV}#c_cIZ(scC zxPeMzVM_hbhmL2c9PvI-6YH_#1!*$MoD6Nr;SGmEtQ@I%FsLHwm@lY0>6MzGx}?XO zK#fW7?F6+XHH-tbBYpiYs0-;isu!tBAjJBUo(6!1kurOL#*p@-yh(kgLoA5YVFoCI zRBsPx3hB!P&@|Fkoc0Wq+(tfjTtzwg=}B=S4`(1BIh)0 z6P`HAlHf^%Cyv)h@GXp|j;bVhy5SFpCkdW>_|wr)3ZE}{?r2VeuM0ePv?0M06VDx; zN$|A6bH_U*c-r8(qaO*LHhAtBf|5(!KaTfpwRimE2$o_q^E}Eko+0z$SEf~d9wnDg zm0zCfT0T{Nj|5u{jjxDz#WcQ!1TmfKiLRK=E0Q2)@Uuy-n8B}*AZBu}6j#jTktB#Y z_?0wQ%)uX!AjWw{hAYN-HVI-DKkIbGEPjOqu`>MZOjoQ7ze0joS-xeKD^`{lkRay9 z7cF$f-1uq|#LDqmi(IjCJO>5yVHq#aPos*(8Q*~5S9t$SNLkF_E%R4-90}e>e~q6a z!B=Z4@{1@a->Q)Z;x#P)Y+noCKx3&Nrf<6gI69 z-%BxQOJn{S2})_qzal{?P54C;l+u*nML{XsgPZf$vaw|x-sx?{tC8UC-&VXXiHpC4 z(Tcx8g7E^p#@|56Em3>k_N7=iR608;zOB)oPb-zO z1D{m~vOQr0{_mxW7ksqd%2i2z2I`R{wnR?S{o%nf_Y;|Y8I@i_e z&U`xwmif2&yk)M~+k6EHVqJLLa#ySipGAULSKe}^E7p~FK|xQno7RmFM%_|A@#r$G zJI|w(knbIy{h=%0J3J2sDciR1$q%ArfA;1@loImw<}22?^7ZChND%A8GuFCdeRwtr zVtskoI#;YOPa;9A9}miN#rp9$62#u)8RFQaWKO@wvq=!^&oef?rfFV$_;%T9m-+N2B#8O(al2hHKOTaT)926Up^7=Y z!R5~nli&?5e|`>ijKRBC0sIaL-XaX*gZDt0$M7w}5S~GTH>$$;0}{N670%s78z3dT zHyFX|k>I_oNZuOdWNY8uKP{5a+XpE#S>l2t)1vrkQeE#!ZqeK`A7XNg8OsNg;4We; zk40s&-@2Wc7R#&d$5QZm&t%>d1ylRgw8=ajCEs(4K!W$&;`k>dc+V}4 ze@22{isz?D&`a_BJWBRN0>4j!o=D>SfSh*diDX`f1k;|vJD}tgrSMTCn4%Q!hm!Ls zg@>WiS#9m|v=lzmjv3;efjpEvE6CvP2cbUL_B<5d&hRP#$+LnCo|qlOZg`#@nyZ~kIFCS4=4st$*$zX zi=j;Ub*nYpn*_(7Yj`*bjyTuwL=qfvuHmytaKyQW=SbmGt84i>lzeJ+Ezd`#u~&kt zC9mT*QP677%j34bshkKFK?H*Ap^jHP120`FsE>jaBoU zn7p5-k^-s)Bp=`xZN(;k%3GdAWj;lJ7;y8b0So zQL={5`RAx~_Nmgh-sk)><%3dA@yp-1N;$>vksx-O2VHW-PV*@!S>_p@N-;=zhWq{K zN_mFIk|6d4Z+*iR`-1l*LF`Me-*m;k^XLYzfRg=rgI7nTv%lE+Y!pZU9XY*p=_`8Ye)s?9w<-Hz?9eUC4*V?QU~=R54!6QLq0eo4H) z`G7w`-BP}+JF&+D?(qxMeoHwi^pJN(Ia%Z;Mf_FII8+*2HFbWENBkoh6YVVD<1sIg z!ZLs3_fWFT-?;mISDC-_)+i`*DtpQ!QL@aZe65U$GJE!T#&=6$nSb&hQL@ZG`C}5a z^DoYS#XiF_|K^=hvdq7Eq>PC&pC>=(Tcmj0R5RrT-%TmUPgU3peg`GDC@*-8M^L8R zqP*ZuNw6L<>% z5|#qh>V!(?eKN&gdbCDMvCnI{rKnam>3bpF`VT3&_iHJp^}trm6w4a-JJg=e%JgoQ z;%2QPeYdz>io5kG>7LMQ)@4$s-aS()T8o~_e8YQ>OsQB)wFh#eiGlUsAZkC6&vqqb^8O#%wp}2wkTK63bK`)Qr}vH zl56VgRxS#z^UXchLX>;HM2UB^5<<$X=e3C$vM`{8Z2YDrZ%(2Qw)x6npue?m}AYX*(hjdz9?lW z>5EavQ(9VUP;!b|SzA!Dovp0PC}`*Tl-8E#UnT8a9M{I`jgswbV+|*rnsX(kjpdD! z+q$+^I0=@swpOA{iLGvH&8HZ&x~;VwmBaLj4^!G&r%~d#b;7fhc9#3!P`mh!#NZbx z?X9Pz{$56E2dm<98GGSvq;|4`NY{nlwl0z?_!y~Ot)PEo$~qIvr*^k)kP<}7cdSM) zWbERQ7b(50jwsnL?^-=j&@WX|-?fIyn3!XAQu|mTDCniz34N^TDA_N4tc9fga~q13 zD`ZMseWej_wkF|qh&=Y;ELnN4geXLU`CqK2usr9kWNr|?&i`Wem%-gq8`&z@r z-(Hnhm%FF-x7-zw%s0sLkivX}tVSrvH!yXuwTSe^sPU=8tVeb%Bz2_KNG&NdKJ|TT zAWHVjIBO)u3Tir2$5|0}$|b22t!brF`dBki(1UAJeXP}#GCyles-IO+lQn#uvPUS4 zG(Z1Ps=sxXv~lOD)Ie*6E>m7fIiDJ2xfxQ+^RJ|aShG-2!-LdGRxS$Gsy|aBtnDb6 zM=UMEx`vYTD8l-c^y++5#Qv5kaUMljmI*b;tzv{#86~%$5mr4C%%cdaB}(qmBdpFS z*-H^tPgFWOSeHq#Uzuv?5AqsEY*sUvcBHZEiKJTq!`?tn{Le}!QHuZYbgot&ShAeNpN>=mX%L}yK}Rx zViMe)n`2!h!QHt9R>$(LRxhxIqvSc|LTerg*4u?v&?}Hqo>MNgGEi5oMWUS|r4*h; zF0`^J24|5AtrZk|d+w-r7g={na3q&$Jt4t-SZrN(clFX@>mCVWS=NbHU9l|dA_-#I z)~457v1}`!1hFO7tO~B!5-XPku^g+YqAQkTeT@>&QH!r9EVaHT!Qb*(YF#5`qJEYV zbGl#JQcI}>r8s%Qz7c85EsJ!1!C0YJNt;krr9{2}5o<5SI>k;)TWOsjO*oX1_Mzoo z8OvlF>SUy?vIdhD1!knJwq{9*QWUnvTJ(}~QR&Rk@#VO)u#~&AJnIrjfhWV~rmeRgU`#$4zQL;G3HjvnOB=1a zAO)TbU!1nlYD!8G+H7?oJzu{f?PIGu=7Sp6rERfBql#Eu)h%hCSnEh|ZF{@5!%k_i z9o8w7Ty}R_XGyT^?zF<{;56VhkDXSm6fUhhtwf5!(z?@{MKQSMvCBF|f~9r0b)E$M zvd21K7t6$Zk$bFbD7p6UwH~72PUxfZ`z&5h_5^&7`hew$lIQk^tidQbj}BX_>$}Q4 zY;7k&eTA0W>#kU#Rf7bvBi7)CuGkUFiv+Qw*1Sfp*imaa3feiL;b+#TQesb%pH^g@ zAVHrMSz{YRJ}2+{$srN*l@j?35u1jReSOSIB|*MpR+BfdK5Nd_<7vmNR#Mp4$E=PN zgT6jy^`ThBd1um!t#u^m>*LnPDA}JUtYZ{|JK!g+6C|kbq!lARUJd&(sPCkeD24T% zw5C%G>N{yIq8QZoxpkKW^_{XFqvTfqwDkf7wTmkRmZK@ukj@4w7t>B#?kG9O&RADS zuwOZ2iA9`cdAWYy><`1kz2W!sci}g{=f8&!9cD~rZELuqGEM2<&xS!1epS|_)bQ1Q zOngl6EY^~m?TX6b(otC&j8|AujJvzS9*SR;t=s{_MKLhGZ6^HwCj@?F`thH_u>9>i z0Lp)PSQXK}15|sw%yk}HD1UGJLJ1evL*DPj@5{s6r^6WeE9-5y4#t$8_8(Fq@1dPA zrSU5u`oalgAWg}bBiOb^PMDVb^)Ou@1^;(lrQ1-t#y3YoO8Av!imL&$V9b(_N`6%u zGa?AmOu_jphh;ner|}b`Aw5JDR(e>D`JZyZ)VA(mdbuefRbDHg5hhk zVYq9$>sPM7@T;<4l3@ITH83p4yN0!YMK$)YCu90c;|JurN`T>#T&0&rS&LjUVOV2d z&VXFwQlQ=^`(7R{>1~<*2TWN~8mysrXRD%wc~u}+>GkX1!*Y$57qPGmL?#Tp#7! zFPScAIjo89?wY+ELdyTw_>#QxZykWd@;MF4S+f?(`F^cT;Tj*mLJ?^mV@q}(axIxT zVh+k}ug2V~xV!6Y#t_I=dOWm5XAwhTdM#1%|JKj{?)lPV#wSDV4X3zT=o+K2e{U6` z%`*M}Z3|hl&2&wjYujG3-Gedzx8YaCc1&UNSLTX604X<$IVk^?>?2Cj!17kI{J6?2 zJ#}*Ul~{=G!}8_!zm}L@xumIVC+^qe61cSce~*_b<(6Cy%Mwa&=SvTBv3FD1xs|Y_ z%@*~R?2%#2%X6ytLKyS=2asM4mu|UhTTwFYGAe8TZYboHzyIF5m2OYz;Q$}lg6-Z9 zbNuOi7>>qa7$cs#+Ye>R^}0pse-F#(Sq`mT;|9^v!ws;9w^xPnFf8_KV!B?Q-qKU| zzYWXwKs$H;t5yGQr#xmT-9NHVZtaHFR>iIB|5l@`wXnrgahv>d&%eCAf;6(sCc|9I zAsjW8jQ=8E9mBJzpD(tqqScdKW0nWNusoJa5Jy(3I2MAX zz4lHR|KDTu|IaC9$$#yD(%@Gf4=C)X4KN0NOUB48{MVJB_Hp7@XZyvk+_tMYMtoKj z$NYDzUhZv}J0-o>_%JMW8?a9r<1w=wj@%0+|9dHtY2+TtHLOvu{yV)~2jw)%U&yO6 z$g42d@XK?dbUFW?BmbVd{~l8^7e1>AwfuMV-(yPBm$9I2Q8VcH2qlyr1IwPqV0=j%UHUb&AeJ?6Wiu%7;XNY(|z|L>!k(%YYx zw-S)I^ij>rDWQB<&xpP45*P!&DuZ=g!}E)h{)F+RhsE>i+aP`E-xhsg4E&ayO~_%_ zamdT*WnS4Qez;F88HRH%d3FO^QL%SOh2NLk4^t=G|L^0sms3LCKDcj{zopNNO7Edc z5C41l`S+Oru0^&-V?%L^>WY?(ag`v>-EfJ5F(t!V4QS^TaYiPN(g#ETH|YmU&Kz-6 zX0TpE{`aUX|B%R~igIABfm|hXO_qG!4@wT~4r|lg)lepkDLFrN^-M{w+w~w?x@Z3X z49o3U%n(LUH$^7;exSV?;5`O?E0tNtF0S%GO} zO8NUgO-t#cn$O>b*2;4wx#tR;2BpEU%3Q-G$MgU1bue@V$N$6J`@lz4U3=gA%sG>p z`~mqZqJR@Ks324kXhmY3F+q)@mV&4)%8UsriV8xtRMbQQN{mG$s94Y$6RIe+%AZy+ z>ckAarNvf-TD92DG(&4zt}TLXxx)4R{nlP{6QuO|+~;}T_s!>X*7vNn*Is*{efHUB zpM54XGV@;{y)M7c=Y@K?677+mraoQvihEeruVj{DN6zm1W1CoFos9Ec`>u&S#$2Db zcxH!`KDLQ>y}H3HCH5GfJ9Z4>^Tl;1GS`1de?Ck4!*$nkWUwvs+6l~M>u}w*IDRwh zCC>cwl4tFf#f(6I-(gR7wuk)B>Hm^v(6r!P3O;LJ$Ts;+3EMx3_eGw$PwM=@^*mBLrrG_@Ygm(hGH>|} zT7drSC)VHgH_o6OL;rkFw)Qg?by@6l){9Rt{?AwO{ATNz+WoA(JiE)^o;$A3IOdfp zl-=*k-E-OfuJhY<54G`mq(}Ay>)(GWea0+ht$ukCYt?rJd!zkMb@t`_%$!%H{j-+* ze)lyrd*yan@;;mk`LMpn)_WRPy`4K9o@(zK+bY()Co5^c=x`!?pmlUS1)Tt}Y9&zH#Y$CjA4uw2`E|2y^R-g;f_lW*HD z%i(QeTdaHD?#J?jqa5#%$H@Bo<+$?ktq<*8mi)1IS=f@@pWk_B>{?A_D%baD$&Y?r z7N*+u&qJ?tm1581vzYVeXUm_rLhq^8VlSwC&6~V9t!%{<9wY`P6)`<9b5= z=zjPx+vjn)o8LNsZPF8KP>#7??zv8csa#QaWu@KIReDBt%=Z#Z{Xv3ld*|J>*!js1 zQu+P-9l_q&yCminm?7lvCKJBawa@!?-p+m8oiTQKhQC*lkN@yx|7`#0WzpY06Xhe= zHC|g=yFY#dkL3<|26+wAGrO0uPjW4#z*JyP;^=!{}B&!#JP^_6dv zrb~G&cKqqSZ%glbj_&?Uefa(*@?>QFyY_7z{+UeTsPTqHT6q5xtgXFY%*Tuxk#ViR9bx>{sb&*X0^&xX+oVPx_~8{_PQ-yE7^|ra2Mbp=^XB zXWh2PcG+EHKMC-gXBq98D|pS0$2uG8Ig!#si#g^u&$719VE%@gz+IGl)0)4^E|U7& zp8syh)}M3TEf>JsK zEThGa0N=Tn$JKp(ue)V#Jw3VJ=$Mb>{x}CCA>K-04&a%SWmNp)d#c3JkV&A(4%8`^!g>Tvw;R{kyO zYipU(L(WlGgzoPst!I7}!hXJ`yDZ234rjLMaCvym%OsWZa64Pi{$Y&;N9r^7NV~5@ zT`hCMH0G9gl9d@|*S>3pNgLWbEal4_5(Zp^%6B+$EzK<>7Xl zx2q1A|NmFr^7ZL{PLH-yXXA`avGmLCpd6Xv*(sAX5c~NP`q&wlXAuXi#3=QVy6u3Wns&?P_r z6|VFXPd-0}H9G0lU)~7CTu&Hf$a_+%M5lf>YukSy^VeBpV#(i_I%#|_m0BOobzq_FrIw#^IB%Q8^T*z0|7Vu%^6YP=U3cR7a?GEuV-E?+dx7`msq$;!%8MR@u?5k@t#`dmS4n&k@3|0g(cVM4*x9fKd-Z`shy?d_m6yb z=ze#$V<1P%|5g8d{rOowKGkwwXWu>_`8l`l?_Rs_+fR|%7TYf~;UiaIj$BbW(#PJd z@}K_V%&_~X$i8?x|7%ZW!ZHY_B4B+%G>Q4ehO=k_!JzD$dy%VPge~^3FzD0=PfsXKr@Y%Z|E}@wAIij!CbxCFaZh zSMk4kETc^?VcxrCT(WCQ9Mg{c%eOq&)%j_hyhq;N{iyA}t=pUEC$6~xt3aL^j2il} zlFZq%y|;G1W{G3Rj%@2M?`ogNPzSrFWNr3cc7Bz~M*hp! zSs#uGtPj__x<|9^$vep5t$n2B$g^NuCVVmTa!n6yf|ha3Z_$@L<3xByxZ-E~TfTSY zSMccBeFd*UR`BebP`hf^<=H(#{z#Y0b!XSso^4<$|7u+>f6x6bX6gBT-aYYYE_~~R zV;W@te**EW({=-|&EMh4k^9WM^ZI{QhkQ-!x=`1%Vg5|nnE#Fl`FC*LeQ4(@4defJtAbzD zlTTjV|MKI%?P*YkcEcioTFe)7#q`^obo z<9F}FcK_A^Eb;F@X8i8^pP#APPhT8<9>2(p^o#iX>pRGib+(qVI3xD|N?h|K=I!{F zFdPN$HMsM-hWB6lz8If<#R|sZ^2nIBg}=y(>t#zBZO8L0tNT;`{vUVE#QyaW@txy8 zdvEyp`&a%RWbaT%*4bL@^?S4uk7j>f=2{h(9mh8aW{3%ylg%)5CbqH8NOQUKB@=bV znQxeJ<{E6*VjJs}o9oQE=0X)ivHcd?SZAa8z1d{`fL{&Va&I;o=j~gH8V)L;1 zu@ztoU<+a^#8!mu7;L?;^>e<1ZLHJJc?ui{MxFk!9}5lukHdC6wiB=o!4|?+imeP= z7~9F%PQi96w&BP#!a387K)jL8d1fTyjf8EK)59I*^mfk#&jd$P{_)O#faAcZbB^P~HWpg}wsF{^&bdwzwz1fHVjG7o>P&D>!ZsG$$=JqW zi#k<^e-XBev0dWy#MTGfCTz!IdlB0T{Ezlmv5j>ubg)B0oAba7ep^S>G5;;laRU+deXNsI7a=yqq z$o^)D?5~78!6YFaTpyHekfrFO+;^N`KKLb^-(NmB#tf5hNEs&IRWQgr(r~#6n>cczec{-d0|kiATy z%Q(Fu9di|AFSAzU5)a?O>{L3e?S9ES$xoje+21MlUHIk1zRsiq=Gr6s9_rKAnFGrq z-~58_;0iK=SkPfbT%6?|+nU}j++23ovciC0$6x7Xcrue@6=yljn z&%NB82Fva6;dgds<(Ck%hQEL~F3>u7Ipi;{NVqk=Uj^?l(ZKGht=Rv5$u74laNJ{A z$S2$OLC#J64KkfP=&r@F;7B3+o2tN;nXXqAIOVot$QQA{*WquwIldk-)Yi9YdM{Hc zb&I3Uz052hzjt|-Z{5>(K=NCc=b*$hy!nBjJTuOl=R0F+jn^W-IM8C4Iz{p>fc;Ky zf$t9^YrRGsi(~2}S|k4HY_(VKTiLePH2UP%7$wz#+~N)N-Fk1@>-6!vEtdp-``Q~` zlkd=)5527K_`U~_>#{AMVgHuv{C>w*y#?P)?YnO3DE~0u+xTs)alWxz&i6;r@|0E2 z)56~lj7kq_lrypl_B(Kldz*Qr|1qP#M3{zXeJ|;Sefm4TRg!uF;%_tGs=CcT5ap)5 zb*SNL94T9)DsV>g1O8Uu?x{)0J0(I+d~)KG^F4m+r3E?h%!%h7N!=rscUw*%K~P|-zCnW zz&79G_<5mi=mRB?JFgiaa&T~zGikt~zw{H+Yuj#t{n<J+KmWUL5T7wc=O5I%QPp^zj>1Ukr?{el|GJH|yT* zLH5R92M-{Ar^tQ5S!{>Gl?6|>6%}p{lw5XN;d{R8o;qD*dEq>Xyg-htUXE*=kH7ah z&e!k9i(S@jW+8jg>_T1_{Y{Hp<1KQHw@5o5@QuK?1vk3vV@>Xky2lEe+{OV($Pe%T zJ|z23lgs|o=&}bky6k}meEsg;gi?4#kMr?&AjkRmi;v@c{JqFktg}H)nvW?OhPqK! zJ>S1*l)I&Bu{#Q_9r3TiIXx>d%;mV+BK|FMmRnq2eH>3tDtb}IlW~%|#COh1Un*LM z{ng$^u|(b9msJ*J&EF-M?Z0_hq1+_a2xlYHl|IIl-q?h%uGOO~G3W0Eg^&!q*Ed@Gi^MRo4t zA6*U0b7J3qTQ&AOAtxf5ClcSjj(V>4SbBfc8MtFgZI7_DDr@C8VRzU0UXLjr?;6|8 zl&WNpl{lwQ_t+aK{Qh&W^Qc!zyG`--w44=KCFf|0#~H#jZ^-)73#NHDZu(n~Y2Gmr z$`3a2X}NmiO+9CMb4nLOW}bPd=gNZCyC22=?7N>tv5S%B`I%Nc#Covbu+3ECc8obwZ`uOe7 zoxbC7Rd)LL+asMme&=(ikH25SQR}7Rc~W|(kH3A=={t4cpL%xs`2A3wK7KEh6P!J- z;F!YT#~7tC*5Ny->%HAmOCdRW)O**@8g)#gSQ^FBD3*b!4`wex-qD&QwMkN&B(>Am zbWQCsydyUpvqZ*(RjBjR$E=bw(&F)|S>^G1X%RcmxZkvhWtGRPrp06bU+3ZbACK86 zSItJbY9@LdZPs}lg&5QH%KBEW=+nyyPI;-|m|3XRYOhu5(<=38mHMQ`k`_x^EF7sY z_mH|R@J6p$iW$)Q0FKZZ=K|Bqf(?xmM3cB|a7O_bZ$qg?kR z{AzTSJL5IVxhY@oD)jAMrpi5K#_2tl1a6pH()&Fhuk@YL&v&BrPVK$Zt2ysX*x7Ep zqR;8Q3$3vlv!g9DXCjrQ(`P~N9NG=DLAQG9L%r9+r!#k)XOBdq z{n0*4eAQE*fErd&+G3Td62fcT0Ebki+7TkAk--F)l`1#mh`g9fcXIxwB zd4ApvOZ+?PZth#+|MH`ELcVsw`H;LDmiT!$^!)74o}YKagWel2wIK2t%}*o3sVANf z`O_z!@7vG67Hu^My<)W&_J8M@vXXv&_Qr$Wm5cx0m-eE5VMG{p%r=+braVGY=SZI! zM)p>Sz6` z0@vdhs{%`-`})1-TN*t8dDFR0|F;5x8HN36Ii^4F(YS)-9r!`t|JRi#VLZ8#BPY($ZxQXLa|@5r3K?j0cQv;*zY%>#eYiac*yIA zTs&Z%fBKWR4A=JcER&1*k#r&o;mnDRFD&&ocQD-<-o zLdj>Db^f1>zW=y&sQ-h<&BS%l6qt$D#{V5SXP&><-6Q>Tzm&cok+&ST-+$=#lMD9y zpMCKv?6dU!5`T~M(ml49%29g-JYKJWxx9iyw|_FgD_}0KfVsQ^_U)1aw$Dn8OMM5f zlyPY##wC0cqxaLn!v+ouUbf}Tfk}@wVV{p+e-eIwKIuKZ{Gx&V3O<|j4M_HL&Qxa& zY(vd|g`Z+;#E7@e-LZK0z_&bpBl!Ga;oM6L+PwLj{yuOs=AZvLFe}HH^-gVhsW|I> zw2bnF*Lxnn*EJ!RQtG{A~ zgKvpGp+@R6LY_fJ$TLVyf!t+eCN>MHe>`TESfzWeCwFK zCoCve9~D^a8;krPN7XSSIS zA`c9T`|n9T33=sr)(+|{D8QU~o4F_T!$FPWQxzEe{XK&w%E(jYo`pNbRe}EB_XckZ zR!=P)JO}--7i1rN*Zv&;>?q|OHx3xgu{}Jv%5A&{>j3UOa<4h{9{j!t{LdX+8aO_* z*KGD~o%@}^n>~*9d(EH3Qc7doKXvkuY_RF38-{d3-ZCWX zySio`#*F)_Ru0)4TzTn}Lk6L?tG!hsv)--uFLkrt1NZyU&cBQYXL{j)&h>A%lsT0)6!Pk3-%Ab@5Jrc$8R7)K6&CU$c-oF3U(~sapIl= zemnkt>>oPupzP0ab}a56>WzK;#{p))W%#D~Jwrx9cHB5BR1&zYzP#@$hgWXB$Z&xB z8)bi;!)v)omyO1@UC97ET zBv*~Z+-5GlZFK2GM8KRJ&)uuNDY8Ee(fT?y0ba{f#6C;xvt)ms?9Y?^1+u?D_Q&~d zdi^h@<9wgZ`A2Cb?5n+HXpLT`UZOQhv=*sDlk7Lj{wmpTmHigkUni2!Zf~Dd8L-cK zsaQ!FEs5X)Su-3Y$GcHHHwJh`4?>AmWrL(;21&b(5KC)-=gyINavGM0%eIT1bE@9q zC4m)p|F~bh%xvf??QytUJmk=@SXrisyzXY zR5{7DQ=YK6|MM{0WEXrmg6))9ZWVIvgT1_}c<4CaBUN99Y`bkQp3|SW=34B3a>=(L zzq;lT$op=75%Sk%zl1!y_wOO^zvl0dBYT&eJkHlpSPJ>uo@bu?V&Lm5E;_j$&)sW} zALnbiEaK-#c;Cr812yNZfMiYfqUOny*@o^ZltGa_PT3_rWS8`o{nFYw$;DN&YfjlO z_9d7rZtKk!t2^ajfMejn07poyJiP9n8ZCTq%E^$^Czb@O(9?RENg}zTa{sB^Zwg#h zFgLaJRE~iwhix-&ENvd<;eN__&RLUxJgh|buYB$I!wxuaJ<)4;KioT3dk37(E#cvV zH1*Y|zdHPY^X8VThKFIn`YMik=5UsBA7sygj|?9H`)Y5D_=khMHn-vT++QD_EVw7N z9ddpAo#C9LW{2sQKr{Is+r;l@5d64tZ@*roJ8<4DdIDCkEL|D}!7a zsFb5C4eVZ15*!$~AhF`Kr1#07rS6oVci~xqDN_IWg}Hg_Pn%yjeZbHY=NDc-U~sS$ zkzYbts~&p)v}uTsD^%i_26!y}WF2FgZ|t(apEe5-{ALz@zplrKS;0MX_qp?(-BXVp zF$HUbgCIG(nBto>;rzb+}4r z!2&63n(4qV(N6K*dCdEemp_lYVK9C|$B6pij>Y>%G|I1hO!57|^G42h(kGRSYz%S? zTo8QZxKl>Hh|zE4$juJt*i(EB#iOy$k#JezkSP;JE-Sng-zhTRdG!i>!>#XwjXmn-C+Tl?dYGxxc(#NN;4`PwPxYbVav z&eM0w`6`jMz7m(eu~p*o*LY{)O#S`z68Cq(k~2!&7fRkAQR1@wOI&`7@h<6myQE)j z#+?-3V=nPmiOdCg#&bcgCFX)$SIh-D&)g$Ny3FPXtN1%IH=ZTY=1H^#5^aIRX_Yvw z5~o$-6iTi_u@}OQUp^Iky+mk~2u-&B5}_WJ9Vf1m{TA_ACq5g+XS+n(D5={e=5{G- zyToioJL5AFB3lbNCrKA_wB+pZ^f5_1xt~3z(|7Fg=Z$GClzD>4) zY>EGsqMl>>`Cq(dwYL*BA3b)L)V#$11Mi}-o}X>LOX|PP&8)d)Y}kJ=G;eIK@VA(a zcz)?ie(6hop8Y2O&yKtH%X`oc?~UA#X!}MSlxPPff>*>^c}1KFct!ku&ypfp87Sh& zTvEi5xm6(WdCv>j=TWbezOhoy;~eLsHHXGcEaJ5}v4~HC6N~u#II)ONf)k5)g-$GD z%!x(vbR1+0OcDPn;y(rcpA48H{!_$%iug|vf4)7eKb!KQvtKNH;DSfaZY#X?o+o7g zsk0~f?s#;YH%(e{nzZCJX~`PMQOC?G;#-m$$iUcn;xkWt=84Y&X{CB;rABF`Mrofa zw{F!wcTfS(LQ@gfW}Au*4Ni}5D&ichspti)cz5Di^R|0l(PK6Rpl*3yi>0$;!6HH z^o?C^oA-|az0cW*BRzFgD~|N+QE55Sv>fRHZ|T5G&e<-hJ0*3Or0$YbuIfBomXmhN zNxS8w-PXza`8rw8X)7Go+R}FqT6k3ddaTv_wPdqbQE~OTd?NFkNxpkh)jjqj6`w3B z;?=!MTJ@l`xmV1-?G>|E@0a#@5v_WDBq=SBmFqO?H$w&oONtqxUomGRgNk{KN&f|p z{1BeI1}%2?qUB$Wbi)6qk&|HT!9 zgM0ngP5oMQrT;5!S0cipH4BjXi|R#?qwiQAorE_Xcz58Q^U_LK-oNBDNS?cJ@og7A z9W9Yh9gIMIejE+s=w6SGC|=vJ9g@d5rkH1~y!hCvKS#@p+i@LL7V`{Fgn!TTrXcmb zk<*ZR+IiC?wFasCM$AHL<#~?B-%xWr{wCSP;-4(O4w4b(Nt;hB=I^G>E2hu9V*1RJ zvoH&ukDfP6JQs-PEb&|*o(sftfp`wXT*W?RKY!k+0v^#YJa6JzyYPxF@14gt;D0-> z-naQ~w}S6d@n*Sj`Gcoa)Z@6$f@DjU2j*_MxS~Ap#!FZulINXrc@8R(r=G@QUN4Qs z9Ost=F1WRKxKYkpqnzLUm_zbTkxo8Pk%RxkkTvJ6tl$j4r6MO!HwUeRC*KT84PDN@ zwwYPi@{P<~tXFI^C12;-#e%QVa_)DyUzB*OVp*VL#RnDJ%uUPxR#AoL1*{RFZ{t5x zoR50qEx)gNX+h;)=f>~!sGQ_pH?=Qh=+dFlN$zduj;vhbyJP7#Z<0Ihy3v&*B-avO z=+a+dwfVZK<0~imE@++%$<#5DS}t-k-pO85S%+4wu57}Qj_O}mu=rbRVEIq1t}H1? zuYay`t*mD*Dfsm>KdM|(aN_J&DmND_ng535dbe_0!HrlGp#7uDRmB{sxbL4pIbgzD zk~i*OFVPxa|I&mP1D_pt;e-)(hABN~ot*LVAn$tX)TM7v;HusG6NX_wH(?fLT!S!I=e=N7@S_tbIX|Bj+>6=!tl;({?!Qn{ za>lIS<YtYSmlU!7X{rDA;xRQNF4$ho_1^8pT0kJX*R_58oN z+uWZd&c9$+G4JwAeA{p1m~i>6^GjwG@tJW}5uX`n6>(KC>e2JyQC9 zIgi`iJMRAIf`d{|uY^}X?(AAClS9V9-3#Alk=r-|n@ zsq-M2V}vEz2=SaJ<&F@4zSnsC!g-Qwp5&S*xwt;|_kl}%@6Uhy!UM8aHc;NR4U~6n zIf;;yTsg^=lU!p;IL?$yS(Q>&rIZphH<-IF3SvfoFXU`VrlrujAGPV+wGhvtKeityRMF0b1S?+v-IE}EN zMCV@AYBl!zn54+HA~%U_gY0S2PWa+JW~=P~)ER$qPqW>L!19Jz-gGX3Wv4S0mS2hG zUFTb{>~b0)GtNrLobwb?cT4Jr&U3KrabCYTX!gU>$9w`AH2*+NTyvc77ZdxK!9LoD ziHwSzAaat(%OQhiqWcy+XS(#fS>$TSAU;z-%MWD#1()Y#qx;T8zuE5oW@1nChFg8P z-@NI5fV{iK^AqvJOdp;l-XoB`yx&a>;!^;xUgR_5yl1cUnF)|VQv(amxW}_I3;R9I zY%hnH^SptV^u%+|mo9P5M(^QEUGtK+0&*v0PxG$GUEX8Z&v?&4=DeRke(1dixySn( zo(2LW0~iF9+p}^kG&4|9%hk$9nS9( z?DsJbid+U+XmaQmb_=Dh%qE*E%U652fY4qE=W;6vCS z6kGwHQ-hB~jtFjmJR|rE$oqqXzuwa{22X{2D0mKJQ}FAMj|Jn9tAe$ViQr1emLPlP zGr?D}zb?1~@`d1^z8*C123g{+Alow|CFX*>az6|*)MFK($jpqu=?_z_;t7IAn%g>gm}Ird3Q>jcd?J_qHyNr zC|B$`#6-D;EOAdEOZ;o$-ALVExC|x!qi`Yi4;J!_o1*)%?-e}=87z7jvZUxy$X-RO zAo~@u-yT<##Qvb7??Z-)o`Vb*y#RS?(I&_dMOz@xD0&SwJgX=TSzfdoa$?a(kPj6P zor;z$J|FV2;yb4HG1+4Fs7{gpF7klLLn6;9VQN(51W0^GOUbk7hjFod0O=Zkj~~O* zy9e8FL=T?dDYAcM54PvD9`B$JUoDnc54L|zk4Ci5q@G)lYg13g-z;+IG29;}a-_(( z$VDQThSzJ=G{J9&;q;qyaMU< zeeH@q=BmE**#?Q8(4R8WpY^Zo&vSQG|ND@7HSB%N2O|GnWb{~CCPDhl&Bt!S7&7Nr zjv@2K{+7rOAbXmt2kgLim(MwF6OMZAam@9W$oE8MMRr04jep=zk$TDT^toh^#20zB z$hgS2ME*)-R^)C-lskld`!2{nX4w$tT`h90$W0<&5xG_58zSElIpIY5SBd=KB<}Yv zW6W`3?wO&TR6Tp+q>=?iN;3N}nsMd6n>HPWx+VPKz;PhCXrZ4P9`YnRa<4>x+xf_{I zz1e(a%Nmg7Z3J1LHuY=oM*354HrH&~3eta@Fx;?1nFVG#HlN&58IXkoY^3QD_z z^qT+Bz<};E(|x2^s5G&P3M*wVxJwGtLb$@v@=M*g&_SFiG6k~sp%xsn4MFs z{AEALeE7m+X}?lUFO&4owhYzu(V8C7^r*4|WceiHkj>`nFHcY%UoIqZKi&S4O3^yb|`X`mmAoG!|57}&%zPv{DHjw`9V*k<0 zTS2zx4oMF;WHddi>;RvG|89_eo#4ynng;x1`qv;E~3v7>*gUwb#wKchOycpa*fOy8}yY@ak(JV{h%DT+RM6;=|eSrG|2HhqUlkP?N^~X z$?G-p3UTN z^VsImpqvj-&I8E&6=KJD2y*@~0c5!`kbW~Xy;k)_n!a4@7{5U2f1+a?1IIfzw64|k z4ayYAcx|e;gDjuqac4BWL+vE%v0KxffX(j*>0c-eH$6++eZp{qg9jX@`;~o#;f69$ z+E496l@)3ynQww}vJmqOP}&RRaaL>k4CPEA<{2RU7O6d{_BE=vX?i=zdXOxSidKkzl!LG_5>N< z57NJ{5aX1lm#R+EuT1Q?Pl|nZY_z6Fl@*#!GTvmh$3ULLK39l#23g)h zO<$zx%QZcz>1#ztd#Syx8>QW#OS_4Ec5H{Hcc`6YJ@%>HDYoUhAoGz-CwV^mijHv$ zl=cAWS0?t^Li!C=eY6nsevtkZApJ?kouHg73^&9;`o)#iApJ@D&rr@4V%`PPzfN>q zr>ZXmnU7>XQu?Fn%Z1^FHL9-#d44viy$xjCc93yM#@VXeA;k3y(l4v*0O?QCpJciF zL`T0XvHp(I57Mu%5bdh=p&;)cqtzY(8MmSvnQwxmqo1kY4AtkVz7UjlQ2Qd~a!pTy ztp6IdZ%}&*_=Ag`ga#=r~SgGsyG1M)h`(ek99F3&Rat zRo|_2kFkCv{Yb{~t6rw*q|{qkA@*>?1l1=CF&>B=-yuZ*1$iDiK>Cv`cem2uca!8iflPNnIbN{Yw6ywF4}tV6 zRgMPP{t?yjfo@5!0C~NUj6?GHCX0^yGsrmAAj>1^N7Anbw?Ii7SwO6a1q`gk<3)N22PCo10v#4J5aKj?CCqb6m46>di z{nselG`(HZNv3ZFc^p|y@6dFT>ARIUNv6WNzQF-mjtBC3^b2RlLXw_rDAn|c=)Y-* zsvcKXgRCFP_;qSusCJU}q}rR+PSW0{_O0M@XK9QaZkl5mkmFER(>p{*zXzEQi?T?^ zc?Eg?9Z=4z*wOz%`gtJdoh0X-e$ki4NR|@jh-KMWUnqRBr~QKd5~T z$n)K%>Ft_MvYf5TtfqHJI_9Nn->t+~M4&(Pf4~7*Zb(7xu)=xq0g~-n2eSNx*gtxJq&=zjW>AhFWSlk1 zHcf8_Ie*=%_N>}FK;|QvkECBt^l-y&wVVF*!#o^hJzUYzpFrj#S#Ofh!+wzcs1&4s z8OZ!3{YiOl2I&_C=~n@=J|z7}`jO+EAGA(TdkkbelI;)&nZH`>xb8rne|)io#F;6a z9;=mf%p*W)SCIMYB^~38aCU5oaC$5ON;`w}YX(`5HIk0&RPF5`>rJxWB5U~)$2g|Ed*IENk5Y1lJu_!mpl90$l>Pr z*B62GOMsJ|(;AbYv@^*5)C@9zo7&q!#?J_G{|8ymtfqHpy21CE(e8kZ=YcYg3unhl z)m{cNURdnYV?#APs_7M)PO_d8lyOa;q54da*EuQA+nT-*l=c9nJ;1lkJFT?id#i-w zol9R?r0EHe^-U_9LFOl!pOkh1KXsa3q5iRXUU~7W)WhoCck@=&Ga&u5$_|kJB>i_Q@ugDY z=O|r}etwXCA+?u^j`mZ%45Z&sv15Dy*-uIKQrIKAmdf5eTM3FsxMS7QhQSM zW@U@m!wn?9@h!GSbc~al-mcuL_72r^AkQnwe7iN>J>J&O56W?>UZ#wI9Ir?@4rR4+ zA;|kc0+exF?agXWsl83@?aB{#Takf^27UxaqqkBs$K6rk80t z$@D15=SWiOt&FRkq`eyCe6I#%`_zgaZdeGi{3T+4b#t@oZ6NcttDXUQ99gw@sNET4 z+l9Zj&G@At$Hy{|*XJy!(X^&sOUK$e?Sd$Tg7_BPeqm04wn(!uxm zvs_o{fo!)@ko}ir|0U^HrmRp_D{GYtmGz+1PxWTyTD7NCZxG;Y-IZl%GaKPcFWwR@G%(Fq}4~ZUbAf>*VUIEJWrustFNuGy#kolX{PSV~EGEN7` z^OsY*Inma~1*IHig)#|*AvO(C{>n;9nT*i{Uf5|Is)lep^T}$TJ?p> zgtA$=7G#{1>g~!5$nrZ>H>Fm0L8*_jOgRi>oT%y*%DA!`pl{!sdsObr{ zH-qdK?aBxO!bKB z6{=S&Ye2Stt?CO!pB<|QdA%gm-mG?#_7uqYZDJ2Mw1cc?M(tVEJCr7D(;blIk@RM_-;Rj*aOPW6S#dXVcxOF)*B02wE#>CK|gjeRUZ-3L z%K1{gS@o3a?W$)~?@%3ITWik)$owIY?M3qZl!9!>GEE;QI_eL~`B8gJ^|+*m8>-b_ zr+PCe{aD!{cFb!}vGx$i<1Yhw{1qVQALQHSFRzj7!D^7#0r{zOM`|HRfAVd!B-O0x zB-7g@9sN^?=fiGfdZ(tlr`kBBLexX`VW7;LRgY_Wwb*CG$hS?;HgY{!r|AoYnD2tD zFUj&+K&~H=Tt8|9*}m-{+b1pdd7C>_cZb<}m4QqTgVHXlS1T7Po0Tb$?b)V!yE3cn zP$HPbb(F3$q%2cbD65q^iS1Gm1W9^rjv{xRaPitAloCZdNs)MNye>H`$DxRRBu+MlE>G16Uvmb4diiW zRL_C@e5m=7EkC3z1?d-2J*J!~cFY%4PbgE$jItACJpl(otwApH}nr<56` zIYZ+pBg&YvR+&()1zG=;>f2P$sBT7SJY_@~Q`RaI%9L^&*w;6#J)?T3>gWX0j~r!4 z8Bs<-K3`XYyk1FOuQ5%JgRF0jrjv5rYkET20@5!u+Ll+U41=@}Q$|2ukEC3$%DA!) zq(8~@C8Tp^dmA|1g0{Q4ng{rYI;;z2{K4dXU?`P z1?krb@_d=`Rxbqk9*JbVLuwxe(l4TVOj)Z;C{xOevJ;f}Lm4A z)k*60AfH1MYA0z=f^5&ib1dV^T9C(^1nHMj-F(&RA!QU~{uoIAjM{6@wSEa@N|{k+ zl_sL`lo4fA8B@lUwaPkWLYY!#l%c4tPXuKBW6Cy=^)=_&bO&U5sWJ+3T#JMBs}bV9 zsd`q@(Vr@8zNj*;tO5BPR;PNs>IqPuE7abm%qpEqZ3pmWr=hV_bu+={Bl-Ln5*^o< z>Pe9GZ&PNK&iNV-NJ5U#IEG3pAcG4YD1ws^>tqk8`2M2P>Qvjistb zl`*kzYmBR2r%Z@F@L*E)Hf0)QIV9I5Ghl@?;lZq?J5{zk59D=9(yvtQQIPpb9#33# zQjSlV0XcsoX*U;HMnT@MYlPEdEy^|_`ZXy27h8su5oJBd@)N43lo_R&sQHu;WlUMC zOn`WA`Cv-8`N7a7HeW;;RmPNYWv#MKnN+rbtQX1l%Br3N*^Z>Nr0#v)9#075^^^dauSM-C)iaWg^QO9)On+SWApJ{0p6{r#PFXL+I)& zA+9&2x!U%JN|144s>earBMI`ppB3W$$2GQIQDvnN^F)xxTdS5S)Sgit zKN5s|hzs&~Jz=;ZEW|pm+T+SvP})`5ruMWD*O}ULsyi_oHv}?YRQ0&BR_zI8sv9{! zY*W9q5b;6UbE2buaT~uCS!@>8OtUaFg$ zZ2h7j)8ooIWm4Iu%!0iB%q$z%0cAW9VqHM(r1S^1Csa=){o13k_1M)nCK)GKD zF|Ss8N_5;`!3t;J(l)hcm8G}X{842LWINP>GOnvVqxP)orMKGjILPwrlnGG!i>8;( z*7(Y#G7B<(=^PUG0pW~T9Atk^3UR+s<|KXI=F;12z6i*E5(lMxWmeMhd8N7Z8?q%T z#QjH^1nHj@9pm#nEgz&kDf;cPtlG`DxIQ)dA(GdT1JW-9vV5}LX?=*4>kQ;^wFqy2 zJq_}F=hPm#-JZ8fQ2L$fbs*!`tG!M2(mSlZ5~P1z*{1fK>dv>VUtF04>2K!qy!Tq> zfQ(kd6#C_}anApF!tVZnUPh!V$DN~aE$7NYb$9VJ|jjyZ&S$+~^ zzitsbu4}Nu8U3(#C;d@A$n==9R+#|Vz9iF=ApM;MT8=U-3^!DQtan^EBUYpKdevKO zdaOd^oP@bwbof?0X+hg7j+<;=PU7M=vkE+txD- zN*s{aLj>e;M3pgR9OQYaRlOc$zJ%&6qBqAkq{+VkLm5+9_0sp?T>r7+wO1Le9@dkskcI@Oax%y-59>1LAc zV(QrbvzLcKUjGr%f4Dpu*5n9?0~N>ZKsdkEkA1Jr2^ZR_zI8N|{k+LFUha zoIm2Lh@>0`q&=j18f1D_?3n*7Vmh9~K$epg9qq7K>jQFJkAh6ERK_*E7OZd{ZAu7p zO>Jt=fNY=8ecFy7>k(DPK%Vb9)sxB=kn3z&)xGr)ou1blf+T^&sz)Ey}Fg z@w0jOJYmBM2b6L_*1t{lY~J2r)8ooIWm1^}SG?)x(8B^s$QooebA;yK$aT?=@(NyuIUNYld7jw&nV4z?QxKd z6H=X|9#KX?);FelT=g0u&KJn?>s3#x-X=Q6k)_O!ekH``zEvmrJQ7!XEm+}v^^tl_ zPlNK@0@BZWNaKL4U#04GLfq$-Eox7J^vfvCGCfXZ7?k^l>b1%`P|8(iK=#`lDEEzr zN!G;Kj5se<$ECQB<&H9^{mtMq%sZu2A>zos%{=(J&t+Q0p&UXSU{MbDBXdNi?Fd>c;WO;3>XO%g% zhgR}9Fg}5d8wTkg2U*`5)$3GGfS3n7mQ=k((^F!viulW;r#irxazf{m#wT*y$xjC3@FbhPgq7l=C2guey)0* zvL2N4CA>YBR^2>lk2j<&1*IKSkE&iN#B)E${#g$)URs%zblhJOHopflJqEsQu3T9Q zvRzY2_NRW2N1n2JOqo=slx@lk__5jgy{zg^v&~nkjDTFHi-PROB+IE(J*Me#(J`-5 zy-xLn>MbDan^HZa%&Fb9*m4|@?GsWx3^HFt^{A%DRFA7(3v!)30aiF~ts+_P7EsC+ zd;irbwYPyRC#%c}vF@|R+DnxYko_R8dJV{Ub*d*owntL+7EMp7J)_KOdQQ{L_ietA zvJ{klp?aO_S!L*H+b^OZ{c1s$Tc>(b8G1(TApKfEIew7WM^^1QA=WY1TDt?%zf_r2 zWqjHYKb-8^T@b3pos zL6#R&dtB``YHv}tsXePS>umi(Ade@atOFUhUWoBW?Jc6?J_Yi6Olx{Z^{nW49{7Px zcR_o=`hU zJ4t&=?IiV#>N$|*nT@u*kTRl-DH9;uDWx=Icy+!q$ zGW@DduK}5_Sn$bgJz-mnZQQy}|k>=)Kv+l>{@tS1tx zlbBaMVSZ`-L*RH{@W}{R;X{7WfBhu+v00U8dM*M=`-pztx|pWd zieCDIgwXeV3Z!2~^glgsc4$3+h5y4d`+pb%%kX@WP_}^V=PA`QO7o8O3n?SYN|63B z)oYdYAg}L)>M5o9wT%-|R)Wl5t9rfaDb>xp*53o^7g4=dnNphfZ2$2shCC=|`yfi4+amF&O3}>z00`k3I24uX@?``}rDDAI$LfHaxK9W&A)S>>M_^Vzo zI>s5*GfFRK%MF2Sr-CLK%FGfDJ?N$lOc~ZSrnNX&bUZ?e|QKmp1m-(|jA0cHW zDDgnKE|eK%Xpgl=K-Rw!6o0V7x#7ixricDr+fA8JW|X0iG+kK(GEPGEj572W>sJFZ zy%uD@iTsu2z4~IU@TBz#ko}6Ra1!e?AnT7G3bg0%WA^(#8&dn|hw)!&_S<+NWev#t ze_9#(#KsMSv`0Yc56XJAXH++T({hy&WlUKE%5kcm0$HE5*f9?Td3-t5y}xU@Aj_>$ zy;k*l)l;gQe^|dT$of_)6Cl0^Vnd7SX=P679kBjkWu>x4S+7hB(SD$`BUs`5V1xM& ztCJPZp$%bB&X?$yY^)a@=STG9#CKOYb|r0oY%uT?#z%z$in^Pk$kK=$vLGNDX?*E*kUw5;Ehf&Q^cZ!({$ zKlrin{kT^3gfb=eO+U_oy#B++5mpMZE~KniwkSP^et5o8COpU1)9*-sh$s^UjK?wRSL&;b zfHF>~9#g$W^?GGO?JcUOl{saq$i_*791kPK8W&vd{r-!PMUDQkLA$NP7X z&%G_6tgowXdfN7^RpvnPKcDvPGFznm+#zY2N`KS8@Em`>sf`C0mkvmvP5fwk-D|TipkiWh}`u#hg#lNjm#< zC+<$RWs2!FgwP3?l3-dO5L)ORVob+`4uOCTm>LoYAq4n;XLet?B7XV*e$wa7&d%1i zZ+CWfc6N{Qf&N9iCusK+xK!WegH(SwLA#G=cLOd=WJrm*b_k_#yjCN1a z^sBZ15$(RGT`@+*FVgM?(?3?xtKhQzjrL!y-S@P+SBDpk)A6)>0$i%cDcXOv_P?jy zy>O}hM3IW;hRf}#{S)Exc-8(5+C4$LS8Mk@?e2w3^%Udv`)GH$cB|m>duabDaJe7C zrSTyS(Dj{6eBs;;r@*E1cWOVmwBN9^Sk?0h?e5j?&Y7AHm-w1{mhw-8OZl9l{X4Z= zRieV%w7XZk?%68+M7Y!*RoZRS?kS~2haK1)9j@Ir?e3kc!mH+~@HXw9qTQX^-8)}} zyB8>TqIRpayHmSQXm_u6CoWX+tF+su-BaLFyY1BeY~dBptP?^CA$r6f*C(zoT?Ou8 z?#b@u?mG7=?i<|wJ?)-tp7TAAdtUIo<@wID#Jk>mymzPfZ{F;zoe_Q^8`MdMq%>OWdOu@>6Ul&|e@KZrS z;qbzP3QG$Y7OpA`7H%#)z3`60Ckvl1{7d1!!mkQ*2OTh|c+jdrzZ~@OprM0D4PG|* zkin-7{_Eh+1`ivuaY$sy<{{gMoHJy{kei1*IOMecz(p&BR(DB z898L+tdSRt{Nu<6M(!K=)yTq8C8N4VT|erPQLfR4kKQ`^)X{g3eth(v(eIA_$LKL* zW{p`mre@5VF-MK*7_)uM*<_KB!j`fc{aqKx` zZykHr*vG~W95;U4!g0ZIk#UcX+c)mhaRZCy7L^w@75%E{>7v(*{#leae)#x>B@>rUteMy}F)*=X;)xT_op{m2 zPbPjhQA{eBGjB z;pCx{r%YZjdCBC;$xV|3lcSSwnSB4`Hzt2HdGM6ZDHl$;X38B?-ktK*lz~&nO+9F8 z`P4(F9yWE`)QhIRFm>UUFJ)AFVbn>K#h^l5XaEt}?>)-Y}Tw9vF;rkyh_ z>%i#;CJsE|z_$+k>cFAXr%zu$Ju>~q>5okxe^A?ub7$zw1~oHgg-Irq$Yea`7~ z@0)APdurbM^M=o#GXKg2UoWU!c<#cx7fxJs)}r4nx_!};i*gnZS$yE)O^a_|eDC5H z7QeT6#gc|4+n2ns`qR=;WmC#Z%a)a`C_A#Ov+U@y9c53IiDk2w zZC!TdvXjhKjo@{!}rba(!i6Ww+H1DgTv~Hm z&C@l@Yny88S6sK^-4***e6`|-6)xWt-wNMveZTkJ;k(zDhfzI17-FDs;o3Ym_^L+? z5?Nxf$Pq(89SS%caD*5pMgkiJY#gv6FpXifQ z;0(Z-fOAB#m=l#bF=CoLK@`iA#4LHT zm?KXYi{u%&HRvq-9@Q^Jxja`?$@4_Dyhzl@i$$%xM68gPiaL3PsFzoX)$$rh*gHj| zyjC>H8^l^{-K>+p6MlKKXvH=}8@3YK<*j0qyiG*p?V?-WA$sJU_?_Xq#PRYzak6|s zoGBl~uUx z*WzyZjd(!j$%kZtd_)$?N9ADoq#P=D$$$VkY3r48Q-? zLg2fvr~-WZyh8wcESE zYtQTje&?y%0T)$MeATLVo_Q)Lstv0zJ=+RZbmtpg{t)G(>oAORR`2-ZZ!QMDfa^1f zTQ9(0;oMd9Mz;^8vixfZMh~TLF@nF>l#6yCG&gn~;2ppDJz&YjcLNT;o!;&=F6%Td z<=Hilg0iuJprY3$D7W9oo&n{aU%v!+%FuTJ&to{0;Y5bl=Ma4+<99GVGLI;q4I%gw z!}`^P`x#c)=#&?GZe~;m4&f!O*{sYiw-LW5V(Yap&c0KY9 z;3xNg52$+SwBy0_MEB7IUrZ466j9nc#u2=g@nacQTt{E|n+viK=dvpap2p*M`{;b& zs&sz~edTxV91O}79(PYP**(yE@<`AxV9NJ*6#<`c0_EAcih9NRyAK3K)k^iKD;}k^ z7am7>p2YC|hFOU74a4o6O6A}hHV^cB$58zFVS;1-Nbs3vg1-$BH+Wzh!SNRpWeE4! zeYa8R7qk-P`HPkzhf_mD>AIfaE&RT3Tt__Q^dS^y_Hu&nFvVF`dMT|}R3W$J576lT z#kG{fa~tbHDKBpVyzkZ{0L@V!U^>0ytvfq_H{V6Dhhakp;deI^{KFW6-8%>#RY6d3 zyj6Em+Bf)(ZemV*NGDMyc2aF`c$nb(o%BXm@Y@~7aeh@t^r!t4^M%!2$W490XMPt4 zzPXA*ujlVO=tPP$cyll4^9~_=bp=7iH+sgO4EnKaiElj19AkFqOi*5Kr?=kSN}Tp| z=5H0J(HAc|pK9{Lz2^b{9m9_5OMriW7f}@dEP3b(;Hr1cxbPa_M{^E`T}tIX&9yp= z`={b{eR0%m?tzM*_k}l)r8m9um>W=vGmevsI_WCDnjKWCU!PAo9A8cK{C?RjfU5lu zk5O$y8wiTAcY=OL3&C^C30}bXw+|8i(;Woo-*_LO8Y3TH{s{2n&-)YL;|vvD%>{Lv zUIP803*P~(;<4E?{$t?ZU-AWD&-kwaRiAYBQs*eR=`Q*T1w6jCa7*@#|2I-yv{sxV z#H9%@;NB~90Y`HFo~lCNe_}j0HWauTq3iA(4Sdr^g7@4(u!!+*s*8XZ)DX;#O$A(h z{tQ5sDmS(O_@stqfcq}2wxFVnxp1{3<`Ep)0;ocL7sM=l+P%ke=t&l3-PLCRH%qyI zLn(ii_M(d~1O8*{wM@73Ok8>sC}yfZa_EDADpe7`#eLQEc6%7AH&XG{x88LRwWq&j z58`~u9QdMTuL6I1+1r4NFMl7f{=AO?U%l}Q3x9gq*TCPqmwJeTzx?fwpgi+iqL>`j zeJXMCet_-A=L25NW8t!!NS<*@CY?+P-Ar}Zd*)EYJa#Q{=3a)+t|5GOh~Vy4f`i5o z{PqTdhu==Hek(zDEkVg}N(bTn8Qxey_{$7eo<#W4QwgrRi|N}4-o|Bp(nWmF+4s^p zq~bG*^NeLlPw||EhmJ!$Roy_q(O3aWF$U1U8gCF_5mFdpJW`ORXc+JbNP*u( z2Q;wS8wGqapn+B27~oR@4XpFV0nS7^18cnrfF+1)KsPr9uoP=UiPhjV;PbFPG{k(Y z4h^v!DWoU|GQ?Ju^sD1 zDNX=1#EGIB_(^~USXnLLsmRX|XNyAs&%sL4z*@5&@CvLV4RO6_0K7po0p2Q_0q@0% z(hv`#e2LZP5x^f7>w!N4Xkabs2YeiBRzo}?T0wsj&=7wTLEyUp4gBtL2k_m12G*(} zz&$uPXNV7QY|X%GH43;-9E~_10vh5Y5eNP;pdt1{-)4wU#1_EML@(%{0~+EBaSZS; z0S)mtaUAfk01fd2-rf*D;=K*=lQfz|hefQMlnZHU9=qk!w> zf69t{$0SZ{3~FW`~WZ__W?%bM}XaOKj6{wQ^1(~9561w1Wd@U0DI&=05@ahZip@N zTfnXIJHTG~J>WL^1K=_8C%|K+l!iD?x&V)t9>DD~3-AP)19+nB4|oz*{|0mj0|8Hg z7683n4gx$)4gow}4g)+xjsQGUjsiSOjsZMdjsyIK91nPooB;SsISKGwIR)@n&>R@z zJUJckd}t61XohD3UI0{FVDL+BfThImuf1Ahz9 zz%O_o3j7^FL;OWH0Dl+Iz;Ajt0skwYA>NnGz&`-Qh?9o_-v?-j59JZSKLRww$Ixv^ zu^$j)O8No6k^#VPWh>ynp!JaAJ3vGH8=4P8{6~gB`2i3kPHqDJ6Cg&M(FI%r8p1H5 zz+Hfba2rPh_W)uH8gbxRfQHC6dI0+wTR`a#2wrXU0uC~c0X)Ds4se389dM#?BH$$B zWWWQBQxShUAjXt&I`A2Q7(vFFfU}LW0ZWZ@0OuIz0?swg1Dt1E065>c2=NyH8luj) z1aOt{YruNra?n=;8luU#0{B`$Lo^##0bd7*(PaDv_~C#UO~y6Aj{?MKGOh)_0T83f zxE^>5AV!mMBk(prj2h!6;2QxkYK-3l4+CP<7`FmOjN1UC#vOp&#$A9%8+Rj43=n0zUnFmeA874_?D|0 z@NHKu;5#lK;6B$OfFHW*06%io1Ago}6!7n^2Ec!~ngG9cH3NR*It=iit|I^o-0J}g z-G0Df?f~F$cProscMx!-y902vI|Mk!y$Nuvy9;ofI|^9jJ{oYmI}W(e-2>R{-U8U= z?gfmvj{%Ijj|1#>Z^wHb4Tu@ReIoEUAh@*qWZ@1iZw3 zHYk?@8sa+lIe<61&jtLW`#iwA-4_7fj4WrHzL&_Ku8Fln*gVJeh)a!b1UEs&uxIko;v_% zdhP<8<+&TM#B(p;Y|s6G3p@`3F7Z4JxXkk?;BwF7faRVi0UJHL0GmC#0oQq+0X)L< z9N^%$c?&S&c?U4+c^5F|`72v=H1#6=zt;ANgHz{@>3fIB?>0k81n0bc1D2zZsJ0PtqdAi&>yh5+8; z83y>EX9VEGo>73qykh{Dc*g-YdB?lJZvoLJ-U-0h0Yc*SP6Ax-odUSQI}LEFcRJv2 zy)yuB_09x*%3A`s+gl2_$2%AB&))ffuXqtw(yvQ7oOGV65EuL1+1CJ0%Dxt`IQx3Qnb|i2mSo=qxFY-afOXlo0ybvf26%Y( z9e|@N-eG_{^I8F~%Uch4L!Mu}DIP)0H^pO!`MxL` zPy%?sfKsf}CIbIJOa{JJOa;DI90+`$I0*PYQ4IV;F$?&IVm9!P#2nxsiFv?377KuX zEEWOZFO~q`FUo*_B9;UHL{tF(R8#@~RMY_fOsoL@nK&5u=VB%B&&4X>{}h)2|EJgi z{CjaH@bASRf&WL`1N=YYKHxuy2Y~+|9s>TOcm(*5;xXVtJ_TIJr-2*tMc{_q1KcJ5 z4BRDO1@4xw19!_efqUfJz&-LWz`gQ4;9mJY@GQ9(c$WMSc((i)c((imc#ixGc#ix6 zct80!;Qi#^fe)0q14{r03@pXIYd-LNSqOZvTsyECaNWSe0FN3N2i!1lJz&c~KVaLy z9>Dg24PuDwM5-ZjBT@~MG2p{w0{C#b8TfFy75GTG4fsfTEbvkCc;KVt3Bbq7KL8&q zZwFo^?*m>W9{@gHJ_LNcd<6Ie`4sR8@@e1`<+H#i%IASkmV1CtmVX95MZOArihLdT zRQV?Gsq$^$2g&UGUci3&4Oq<%&i9MCa#el_;OhKRF;A`mK2J6RpD&L@=wf*xVlI{! z=bs3887NET&7drmw?I|4RNe{7GWlmvmdRK1&jfrElxmq@&;VFia5mu30>ALd*##wl za|%ku!Ezq(gXIF?hsZ_150OiN*U1&Y>*T?VuPm4gd{x1Gz|{o{0oN2P25c-?3b?jl z8Q{8ta=^n2Dgloys0KW$pjNDsEd|YhZ3Tw`b`~4~xUpb8U>G%7B_jm^z;4vAUdB*j zy-c9Q)p9fN)p9HFL*+K$hstAtuaU@o1Ym&ISf6TZP18-rE%e7PJe-b3Z#vQ5V2N%CxYp}bt~lsC(}u&=)h z`}S|hzsfJ=zoam7j6!3iaey)1m}4w8YK(egoe?lL8gb)T<5c69#wEtp#*N19#{I?< z#&gE2#=FKBMxJY^Yn*GUtHia)Rq0ykI?5Gs-RUZFAL)*}&v9Sq{;Rve6ZM?rIm2_Q zXP@VDkIS3yt?_nv&+y*jeZ>2k_hauj-ceZxWrebKWId4eLe|?^UuN}Yf0w-?=g^$P zbI!>5RZdpFQT^uhThi~Xeue#)_pj@Jc>f#v-_-w^{(Jhr-Tz{Kvqt`K9^4$sbx!Rd7bZ355?8 z&Kb0BP;k(rgI*r=)}Wb#=MNq~BtGQWA!iNw^^hBf+&AReAukM>H+1FD_|RjA_8-@H zqwX2?%Ba7LT0DC9=*!1kH}>7JACEn7+!5pA!~DjHQ(R}?Pl zF6u2hsc2`>?~C>nT{HgX@pp}XX#B46FOGj>{Eh>zJ>ZrD?mpm=19l%UdO~QzSrhh5 zIDF#i6aP5ziHU2cyfWqY(_Wi4>cBY%`VYMEz?Exuv#(M$fY zE3n5`Urrc>ntywIAD&CNn`5ewJ-!{6 zDjLOAIqdQM<`>cwWM@2hYoR{tRvSE6{SkisvL*`A|k$nR{7r|0qG$DsUZPrApt2N0bTKC zG|Fb^iF+X(^g=4=g*4C$DWDgeX**{9?U?PiW0v2J*?l`~sZJ5Oc=GTJfQES>o_st7 z&@&g}8H8sro*{UK!hUKPp5b^#Km$Ee{sMFK1<*8K2tD(Kn4>Rb9di-%%;RB8bpUkC z6YxyLLwe=Oc&5lJG4EapeeyM|O`Z<@@j>!B%)Hk@i+mk)$k#!Gd>!=1*NNG9O7YCW zGZz}>d3ff-7Ha`?%L`#&wFu8*Xoi>IS&F9&wpPpVEXPxhrveX76~WHyA>h4_6f|hPl%QBPnaj4#tirhX1*^l<9&&l?r)gkzQWA*6Ex8SpnDu3 z*Wzi$vkuQ;cn-&N1hlh9;#rU9DA;HD!TmSj3E*kL(~74JPY`<4c03(;I%O4fjYo1v zo+ajSpRLetm39x-?kerB*6teZHfpzpUAKsd>IW#pn7H>S?0Jgwwf}tfV~Q z{_Ow?FV*3tI=obemu7uCfC?(jlKB*Gu8ucX$D6C;&DHVdBA$oiH5X9)`8xi59e=)# zKVQe6uj9|pYAzt&JU?q&A*EZW(=F8L7V2~hb-IN*-9nviA<|`Wx(S0Qy)R3(*CE<1 z$X5PA+8v_ZVcNYyyJzO8cmw+>cfNKPYIm`Amua_ByVcsA(O>od8U3mMqy4piruLU; ze~I>Q%2nljJ5agz<}3Gp?LMsCN45L7cAwPlZn!s!9j=@3+$etMx>Y;}{CBQ{vKrj~ z5!blC74Nub$~!zW_EgK+-fG!^C*hqbFT?Xk*!5RsohsMhIXY{vw;=mD zc_*IxvR{(#xZmLCzHEK$6?iS zmf4l*32u^^P5NujjInd%fQQpEY_tYjM#oS8dV# z-oF>k$@)*xUhe_p*L!A+-|Jm4VZEnv!d~wxxQD^@@8JFc?)`8dh5PJ;;;c_6 zjLCYfU>u&k-suzfdg~`n&w9rl$ZE>%fO{h7C*!#%zbW^EtZUpGb9<(3%sqYDRaq}h zyC&+Yfv)>(c{Y%IY`$rL6qvW&Ps)Udfs?{gtee>EpA{IB041 zuo+9U7tA;;yJtpM_CN7VEAGmkU!0FVw>|s5;_cZvGq-1to7t6pGM?Yhd^vmPtk1I# zDfv9RyX4#K3rjpX&y@_x$)7zbrxVZRv%k&$3!YDA&(G;sIw@yu>7h9{;2ARK(3}Z) zR?YF`gy-yXor33Acy`P=I_DktF4seI=Jgvr_q?2Sa~Hww%Dx%Thj_lmbLG6Q?EB{3 zk@Gg(e)GGszrb_cg12&>8oE9EFAKJ3&sexU`?!Ul$*(>8bFN?5mHj0i_oA-sJUpWo zZO>kZC$?yOzlRq!dj>9^(Qo47{W*R-7vR~kct>{Gk{#J!73|3FzjS}jGCXlS_b=_r zeiQCL@f4OtUE|A|Ju~nuEW4=RT0AXfNMH7C_5)>S`*Xf6o1Zgg+5DVo z%l7BAAM1nBvNfKu_o9R-5hLN9gB7cV~J2OZWh_p-4;j$8xny;Puxm08+9pb_4}(r z@$PV-w=x`v$7j#-Qw?LGM6j&G?`LFnG#;XAt__5Hg7ITjl(L0*nG%YO(prOYoo$Or zMQzGk6QRwaL~ld1C)OG)vw~`3(XNJIEEEWbwgqGL-IRCS4lZtOO+;hlpEsNGr;->! zmQ}rxKv$@>F4)x)jI9cE;SCXwLyOH+rBU(8O!^Dc7P`J$(Nd#k&K$x1XysfRWC!UC+;MLJ^s1;x0*o?{NQ4Pzt^~8e3l~Dk* zSpw81#XkEzE2ELk_@u!Y;xT3iam&p&Uz!nL1Rso>w=udY7_mQq6>R~>Oq_C;KurA_vgNS!n0g7z?yIa^ettHr4dpe^l?oN23?-?hg0r@81|* z5s0*fRSgivJg zW`W994=DDPEx_xiHZVo+VR~bOco2;9?06w1mk|O`%aAr3%DMpYF0Mnvc^Z zky2+DWLAJ6JwC(W9u z5b6(MOlqpL1!JK7{MXGG#rn1!dT=}%(QKXlK9k)>Df^_pi>3i-MIheU5KI8$R&NM) zbfK0McV#HfuGtpaZ+3yIU`tQO+E8!{;?@SEoEoSZ8;BKaw zpPdrX5lr}fiC`CTjQM{5mRO)0dl)_K?ZH@ysBDF*O*}~5hd8_rL&KPJk)|Y~i9omk@234B?FOiS(umalF8($RiC8eu zrAcw8CmL?!$zF%Wf{9q~sveS)G^K^46o-$#m=5Y>(MS!3*0?6}M{l&e@y=*ZxNS`^ z(G!c%7&fDIYXQe9SIM$waBypDP)m5Kby^c<5Lj<0hT&To?TIAJnj{k4`XgHz@+a56 z0C5?OQ%6JN+p?`ak%L?wSG7cMfR84(*=i!1t+--i52Wu6v(*Ty2()gpr3 z^9x{nA$By<+7pW*b`sfQVM$aTjI+hMxw95ll33r)!(z5*b$ZlLovntd>dTd#7-OrV zu|%ixmqR3tfq4ZgQ7#aUtb%AjQ!D8KJzEdx*?Isw@}t3mdu29LYv3&)wCou?q;VF;{>1wytw3Ig@%Qq`wRoqZbH-Ne32 zHTy1AeWFy*N2X-@BO`n>yu|x63B0rCh$=`v6@hqg-W*I8iHctIWLmpvlFd^Qt~}tW zgwL@)+sYbxWB6Nw?GRG5r!|VTQY2yXGDHAd)65B;NHDP_8r#%}x4=i%sZ!?&#G@9N zquzFoddoTdmK3Dlat_`S-Zc5uoDr=SE}5GlR#GUnlwL$y^w~&N9f^ZKRPYoSwAU!5 zb44RUxdW?qfDdz0cU<*L_{@GuZ|LxXJ0!Oc!l-boRQRo~;v`}X=k)T(YK%Hbsf~!7 ze31y2sm?__`rBO9ujZ=8ovRvmE;lY0jyc&tXF#On`h#E)~o^Y^C z98w`_D@Ao=b2&5;vFO&`mF!y;b$C`lq)YL}9ey)qlQX6ASSf9&ef4IkT&9+ynqYZ_LRij9 zCSh@oWxtZObSzq4BvYz+@xfWBwFj&xSn~G6W()apCca2pDBvvACQu^V*VIrO-Mlsw z>j*`30?NNUu05Pt&`BZw*3jA+>d%CTzqy*W|Dyo-t7=N-bHLY3S!E^+|rxWBrqJJD;iaN%z= z>&x%ti*5;EAhz-w_~NU3TA-yh-%!7U>9y4f@#5Mb=1Ro0W@B`bw8>u((<`Uxk;Ep) z#FIQ=(^#8GUFOzDDm$@A4n{iE%7%-z*opXg9%xoysSilUAB|I^7b{ffXtNk$GXWjO zjNW<=T8cWgs44HJ;(?1r!<%(_^HXbY6*N~`>8~Q2bFZig_ryD`g8FPQ6~oH4&nX)1 zugggiqxDB~2-frpyk=H8`_bhcUR&Pgl&LZ@B~GKIeG-+kbIQcp&k_YF4`$_R_k_!F zN|+)|HgkL>z04909kWPM-f{;~6{yD^6HmhEno7*zPU@VQx%bhe`*S)MQI7!(W)$g2 zN~#%ThLKX7s=d;?9ke!I(pXkjT!#%SYDWEW6{r2LGHOgsj7fzyqU_xC7h*+_`5^+` zShy=sQ-qXPmbbxFaKvD%Hvz`dGX~TVrPolRSc!l!g6%@LdvH zEMg1;f_A@jQoR7x`Pn|swlmne2_fLd>=KQ3Na%w=o1oJqQz%YVuszTdP9z5~L(UZ7 z$FkLtC1udi(-Loug;-02QvC5`KSgN_MgkG6wguKD3Lz?(2RaO>;J_A60jviBop9Yz zv~OKqJei=>DmINOo=U53?Tn_<{H?4lwiDVFvT5C1LEG<-sZpRSgHI1^6GKW)Lr;C- z0LBY&^%R`x30?kca9+;^BgLn^LZ7@+EBLwRij@P!CwikTutAdbe+k~1B zO=-^}E9Sc*ipkuJi8yFhtmLr_v4~vFK)j)+wN>TU>GbF~UE@@&k?w*^c61P88BMWp zb)+>)b;4#0yF9x=<60Yzwm>I|WFqd5lT(gYz7^ARSaHUVDViq}V1Fey|qUmVkT z0R0!8s2w9APT1;DcQA}CaBK}mFbBmFdc$v3RCQU39E#KI0xabPDo9-lGOxfit_rFQ z1htAsgyIg5t_D5M(lrLd!7kDeCnrfGtJtP$&5Ud-+e`|@gSx9C zsB~WVWa$14km7i24PJW{wH@J%8ZD1QK1k5|3>*y|2A@4{V*XAn zB4|}87>hIN+&AyUNLORGL7~ZVnb1Oyn*1@Eq6t$ng`SsY4W9T_P3mJ!c{UO(_X6V3ZaI6|Cs(hSdb3)<>A>LBa;NR~zfpv9(b^82d#L^t+zc1mdc?=}k`f z*Fs)t@1;ELDK?LlXjs$FWi ztTdU!ngf_w*!)G*gtj8GYGvCLf|wbtKztn$s3NTe2R=+2o3}V)n)5ieW#}uKnL$T4;S9@AQ-rUxZ2b<@LnmH9L2lNQ10$yHOP(^X5R)44ca0;h-RTJ#ZWt)0^oCM~4X zgQo+$zeU+MWmgi0rZ(O3dddZ^DK4`d4Ma}LiGIeG5R6hlvenS#tl zNt)F&Ma(!=XNs6QL1&7SGFzudQ8Q#Z-O0bxLk|f>GJFap{$&p1Eq<+&>#ZT(Tzam` z?joJOCJ2*67!9WNP&WGO&KN}ET!s|Bc4#ZHX^QQE5X9K@EPd@wk*=SQ($LdQqHD?~ zV}`6qKe;)Coh(T2%0eLR4JsjPr>Crr#mFQyQxK}3A%VFofdaL$XJgbCX$|*eio7x! z=?En<2Vr%YIix(?S4bT;BKr;uZ2g%)y#t%pD)e2`Tg7a}%%NmgkvRn12Km8UGIKDA zbTAId97u9#S4+6BP=`Lek0{LFGrSCKXQscR)>=SffK65`kvUQWo0OzC8g1@Z_fQW= z&zNSnzQWidB`rI%wKIn{K*dg~4Kij)OUm<_R=csfqVH&WL6SLwBap1x(hE{{uMMG& z2yB@%MMz#?r)RJxum$hQ_SWfv4*QDqKoC18{uhAna*`PT+vc^~QRBa}-|&$j81J^~IwClB-y zRs)SmYp{>NidbM8uasm}}=w$NsBpTUPhu0~U_MO1p; z`fEFuEPcl5GY@Fm(i1r(?RqE$Ok&9EP_V%S5*82{;#zY^dNvIK+QI-2Ob=oiHJ!|xRDFfT`v~BL zE539fo}QttEL3W7GD1yj5?`b}nlYd%6o7^YT_IB{^VmdseyhPS!4-ct0)L~vW7Gw< zns$C^)rGY+DO|~fA}!1o;nTyEwhA_-vB1woQw;v+V$d2hsO{HC@Xb&U+FH&)X5ljf zU5R2O$7KjqYhT9{lqpU$8pB>9b{sMUW-y~oZyj@W$+n5E`kG9*9`>FuC1ZRuZ{4Gq{<7&{)!FEhk4kHn=V=dsjhsA}>)gZ0L8dZqN~ zh71)^edf@fV64~T7#X59#MQ9r<@#lausRAwcm_J{cV!@}bBgH|RXg43bXt7$6{d#- zFV*^rgY-dKcl8yH4N^K0m0oadFar_#Crm`qE~q2ah8Olh(vvm@V$hkV)9d-fL^_>} zZj}(wR}A&BOnCtud}XLBl%WJAY4;JRJIT++seobS&qmOhuw8#2<>*c8^!HSqIGv9E z2N^A$uHQF3fXBW%T97`Dpr1`o!2&L6cGH8D1e-a`5>PV-TYCERT%Aja%!v;U-~?6X zAS^((1bQ=vSykfoK``ShITjF^BQ!#PkX~n!gwv@_hh(O6`D!uNM+AGll{o^pK;|IT z0-3|KFqB?X9OKDQ|JATEPwOSClC99w!nGX;_rR?g(qq>lxHUanp0h9kRYWrcszXa@ zMM1LYBg7U-dNUOT6X>+eOa)hZh!0z6>WpT_u%1YS)KoBR!zNuM+7l0F$eqla(ouy;ql4aThO6KOPh17xLRkPma5_TeBm?bWk& zjwb2BsC_YIgQI=O#+;%x1zDv~y7=g(z^RaU0*aYH3|1x4ZnE=gh5!k=M&hW*YHY{j z?1*YCy^ElGhv{SM-Uix3z_+0T#PzY}PFUv}wjJbkB861$@6l%rdUwwGt@5cF9 z8nM*k=n33`Qno{sVO#PRiH?`DE23kjQmHCn^RRm02pZKU2adHE>`u*fnHe1h6)B`t zvj+WQB$&g}&c4e47C{+qI1o?hn#IKSv&! z_lH!2WZXI;J28`2Sj`bgGFt+_P|fP#g=YWKJ=*L`7Mb1$=FBO3P-I}0Mx&_28Nff4 zwd~LG4_KCBd$5xepz0P*xv2%9@+ zoaah35^a_VQim}@vCZu+j^fxG6J7Q`nF_PF#sm%sTIm9MGfhQOTV#S71|ODpD)e5y zATE+bPy^o#jwf|=ld2dzpHPP39vh3AK|Hlu>{&%oqKw6h9*scjd_hQ zzw||vj}vnQib~d=W^6U@qTygUK_;k}mw5UWY#dE?ju_FKgPK?yOw@#8aZD;$ChXA+Du0$Bl{z)AfUTbh5n4Gy-rA_Ah9yPcN&RRl7*x2e|%G@yOHeg1$FjNt9cCqF#;Sj2|=KuGyH3De1&6?CO=y(5 z6{(z7@NF?-4UUdu|s+^T3R;-QENLDXOx8Mjq7S7|4W?OoH zI*RFQW8b>2xDssikkMqv+`!Qsvjh970w#-QLMzF&NfeB0X7(z5dVgTLpBfHI3T;dW zEjRLDcEBpSKH@mSdK}k4+2lBFE^}hDaoJ;5iCU8h#75CrQ1P3Tgo#uI+i*gWj}CCu zKzFxV7SVoMYp0cY4Wuphw3~>PsTId;ms%Y9>t?DYJJ}?s?WfsosA~V^ok^ylvCp9p z#khw^NTXBVB*A6#3{&0?Qv#*cVB$KPS{HZFIR~Ywa8Nt3rc#y&Jd-t{pIa|$snwVQ z7G;|)5NBX2at$erz7KacrlW=FPADrchgAa?)S*ijiQ-7&&Vo{Qo8AhSdmcKB)>mGLy=xynO5-IX%zfi zv1sil!GmpeVD1yd9ScECr__*I^!&FPh7%~*PQy`~gDnkYaGua~e;k}%mrVLWE|(Fs z8~8kRRv|wZ)h5UsF$>S6oy8j zIfo>Ai_UAF40P1cj^vM9@e@=Kal`sZ5Oq?=Q?)or`hQ3WBuFvJAB!=}VzhTmv%Bip zOjR8_H3E&Go;XuctcgK;az%E_^KA#SOuDU$)SRC6un zh(d5LW(a*$S?yT!;S^Kb`G+)ZVhrPs=RSzYE+S?b`=M_1Kjjf~D3}+ut zL5xvMljqt&NtDXYXf%$?chnrkku08UWo92)js9p4AH~6f~gptAF1ZbSy3s?`D! zmWF6VMl36QmJQT%6h%Er`OxV)D6?0FHaRj^eTORJ$Vy)VYE#mB zm>rbT%j^L23pIuk&dlkXn!TQwv@-#eFWj57^qLZc`?j!N#wx=h!`e}32DDW5jJ$kK~h86B)vo8qqCIBA?4w4bW1V`91P2}R4N8^$~7O*>)R!mA8|zp1HeJI zDg!yeLDuz1CR(G>&er_SH5f!|l`Uatcx8!8Kw&e6?Z~9N{&26T zS|p<#S#!pDq!&OZsP&n9J22@3+GO*nM|^E49zxH@NptgRL0h3qH$B>9ti>r6n5<3H zVjPKLPI8jSj9RN>s!>NmYqN#lC1Vuytp*$sP4uq8y+CvfT-|)A)M;AqWf8{?stE@= z95EGJ;}X_DY}?A1BV4mDbfaE%VmH{Pgf&MTv+Xfn+i=v@F3Sv{&1o1ocRGS#{?2UE zj%=!1@uCSR9_;|LLu!?Y9l*j1U#4o)bbYIWw2_V7w_ZEQ-e$LHb`7DZjyNJ~4JXUS ziBL<3E}ylNnN=bNg16r42nyIAfp0%;AR{?7r8B1Vpo~`024N5Bl$G1at2dtb6h<<( z!qBl40>KC8o)yliG;S?3b$s3)V3uIUUK->p-Q2Js!9NvEp!z$Hng|G(G}0ZR z_E8g|RJhtd4mm+by*^NS1M12hr*NwR)qqeq zmO~0Ld!n+sGb3VIqEM?Kx@cLEu(6jC#+)IAX5a9t0!UiM*y5Au0lG_#_AJ#6v#O?j z1^PGB<;*-*Y3EmOqe1%So0ynRCxWz!k5TS2d{*AFjG%+_w3txGghWj&7~Do8yjo4M zt_Bu`!jG4unyO_K-C7JWnXWT(5VVRlokB4k)E2%llk+gAAkscUJI=d6P!C#r{KAwX z**=C!Ma{@jH@H>CR<;Y$DzN2BeLKIjI_ka>mBsL^jD_2I{g+Plt2~?$$;^nG9~S|u zyc&Vv187GpdqAT(OhBUVfU-VHt%MaQisMA}xcOK4G8jY9P60(sy_!L+#%w_WbUPw% zW|JrGC-16gMYPMJVdz-6>bZ1o!Xo);>au)6y5WU#QYus>jFX=a6!@TcXr&EO%rD^} z?cOz_AA$9B2&nDi@t+Bg;pVsyS%sNzqNl53Ei+LF@i!;mg)Kpnx0;o&Rag`$Hj4#> z;`0ttW7J$I=r~GEtv&pnTAQfv!{QA_9h{>9$R6e2{pLK+zg~~Lmv)) z%uhN3O^sSFn7 zGfGm9ty(j!h2fSu)R1k;_Kp!jQap&|?KCnXKxYT+kPIR6;6~j}gL+8&c zF_p@XzKW6>64CB0jG=eHVgNs9LZ6cN9Q8(w_F!h{M8Ct2q0l`{ar=Y`1lJg@qfvLz z;X0axsy_ zLn$zMG2VtQkD(9!Aba)g;Ecy0fH1P8tQ01YW);;pK$W+$J%xEom?rz9E%^FS$!R}W z1c{KSnsQs{q zO4wHs!9(CqEg3rX|toIBKd!h;{3_ii6JRJW$F+r{TAV&>?On>rYUb8%B9^X}1ZK1e%?OOL zH5{6g)zG>>^F3xFQwYu3Dzqg`8Bz6M#fZDt(5h{8cQ9PN(as*`0i9UFHlx58U7y8i z$N)zr#vmuH5M&ilShi%WJkCyns7mdOv~g^nC;hxZ4L0>tetgB6ePD&dx3b&w5e*Y) zij@tN9naJND}zl(bmrv^xERWg8`H{32dNgzHah~RAZtF{>CzJfGb~4C$n16WI zGPG`;j;%(KyY>7Y+aQ(`N`kDn>w^V8T+ z(Q<62drIlsnpz!Y-){LVg|Wo>L(M90mQHqEx7uxRuS&Qsjn1mJD@J~aURcRf_1vYnJ(!NHb+Z3cg+;%QEMh>K1dtc&b&0)B$?*R)%4RlBHHb*#Q;a= zZ^Yb-BLF6KC7I(nNNVA#g3a|5FK>{EHjL($!TL#w#ilM{WuPS(Hsx7+xg9T7azB}y zI)b}YM^jX4;g!M72xnnRq5d#aXfLY?Jrbpb!;tg&xT#~8v$zdpd~4DXsGH}sMw3;F zu=7!RR?|nZ5Zin+PL;us5WNpq!U=y1lt1+AOt^`UG$7a)<}W}lIKQ7<^W-n#J$Tew zjW+cHZIB@GyEE2;Q1v*}sDgw{GnDjV*tgPg={y?5M(u-`q9$AIw+4##n^*O!jU=q{ zp~fb&DIJVsJG?aJv&Lo?A^PP4?V*-;$U%;sY={v`baBMgd|6Yd0g@@ED58u-!fC}qByD!BLxvP7F7v*0A1X`j9?<_(j7|#!Z;6urB)aCQwV^sktH1}EN0uH zU9?fiF6BZC0+>`oM;OArCs?B~p0LP?VBKWW%)>tim^+R1Km@@288OI=`Ky&mV#6l@s9IA+5CEt$fD3zWj zfLEgQm0ms``wj>{#5!(y1`43*BhbXt&>lir;cDfZe+?cKq0O3@P> zsxOt)I|wFZ3nIIVsLH< zr-X3hLRjI88AxqZ6{VFwH@ZFurzs@6sQFOnK`uy7s0OyS*}?lqO_Xxh+Ja2Gt7Z^I zb6o$RWJ3Eo2(Cz`T^qA=qi@qj4TK;19XJw1(c^6*ZJ#&@=y4F~=*OI_I8F3>APzrO zDCx=xu2M3E;y^0oy$r?bEg%0z8g+a@rs1~GOX3Qo1Jc5vH#q2QK}}?5FBPp0J8RP# z+R+RmrVON=q-xf;VB(-X5@!I`py<`Avi5KG@vb%&daa$7Xo4Fyu`OnMt$R)#q$o6K zDl2Dwxfid2VLW)G3WXr;@KJ+R_2{5RdMrEaHkGqh*O^K#Q^r$)4pl{RfT`re@F^xGMsad5RacKTT?|b~ z$rRF(CsWKlNLn4B6M+Ro0fRb9s1=06?}xI} z;niwS%zT*YljteOn`rTp6mE|HWTL}oE_HFC$XlYtNkJNGDaoBHSDx^7->V*K3;v5tz(iD-H4Ot#jc(w@ClT1r2i>Syl%%I>LmAqQrmmmBPkvg9Y|Q=;u|sX7&9#ZN8dZ!T*k)6)z=LFO zagp>0O7NtS>x=wMG`>anXTs@KtYESYbXFp2a<0?>tq@Hmt7U-}ejP7^USlyPXa1mD zHtP1PqZ1>5j{@7o@>mBB??e*yJ&F2uK1yYWsRe4L0Q=~W9b2`m?Jw`>0OLhtJ4m`P zT1wbd{q?NYvO|cK**+G=ZLiWJ+x`Y@SD3$|hu>UOuVqtoDX>j+M5CUi+uV*>4~#t&sbwrn*or(t|_X!SOn^dj)ed%wz~OWCJnSk|=EkT#RkBEd)>!LDaUM zmX=6J5ZZ2)amOAm`>l^bqku#OrY22uOi>majCQeQEu-`nv{%8N)#e!(_I2A*ip6L- zAVgI7eP$Ul7+$}cY z(Q_oGs-v+nhP^y0l1^NJLI)FL0>3EKhGNufun+xO`_v2Rb9qYnfMqvn^|XgxlQ&be zpJoQ9KSr~b4of*%pxT?XMjBK5wAy1X+_jh9P@}}IA*JgxN?H?UrZRt<2p8L{Q=vM5 z_N1uK(W*BXOI?tQPDKW%rcin*v=X0o7d|!WZNKjQWb~-Iy%j`ztSV7C>62+XP?EX+ zg;k|fhWOhP>>~^-YRHLEeNTaz%v9r9el&(T-I+8smQ0`KFz6sA#rcD;$r@4ILXq(M zThuS<(rMf_$Xht{M0XW;Vt}DRtnNX51%9i8Xulq1+K1T8$L+{YZ;Q%8wJ{y*Cvl9; z0F`crHs3UcA&b1U2Q{Q$_ti&Hcz2StF%|`NAlpGrGi`_jZ&Sh8ULQh(N{g?Wqi)Ch z#L7oXUv+ldL8K~TP${K1?HQ}Ms*9(QvFu8X$*WV6A??Jx_pI_U$E%NbLh1fHXvk>i zjoxh&eE!xXFAV{`4S|^jYi4{0tJ*90=xB@&SnEh83EYEhSxs;18>xky8A@EcS6{b9 z$KxYyu*wykH2O5ICS9$>Fo{$*HM~uVHMe3(Oj+26jmWBmesWArKCDy3rW5X3umY5x z(Tv7=D-3v~z?zI5@O(;d9>`3n4bc_BFr=KM3lmI|lJFd5>7Tk4&RY*mnqCPJOV;L+ zW=QHvl~|FfGBM*gCpFZjRZU5XsX$MKQy{20wzQznQ7a>SbhHrfxYEUjs1n^cfF4U8 z)dzXcT8U^$mmsoOoFu^|2kWo&Gcnr0#jHCO1tw1_ly~=0En0Z#I#>gUE|{^Zi!BU_ zpvEcb@a<^GN{1?emyet3*TIyaygWN7v?)TfNDmY) zsBi3u@pI+b#=A?V>UfH=)1W=bv6i9ERGdCSm>W$i!;fpiU=71UHN$^dqRQU-Il=!` z9{44}|5ZB2tC_=rHG#!8lL-9ZvrcU_Og5MR|L^(II8ze;|2?nNI%?kcf6utjcEv&h z0!*U!zbL{SHy8`4-&q+TIeHyi6*>IaIZW6Yct$=k#FfWZ&!+=e}bvt>QulI!SCCrB;k_7?X!&!jk=!Xeq2UcJ^+bS#-dt?1)CEn6N+4dI7&`79dPMUtOZ zwQO)^#b{0T>P%QgW5q!(DFkN)pv8j9Z4=dpY+~uU8=B6^Pq{$?qr_%)9bRQvuYxG1 z-o#J|&6~qXf+sFQB5o55NuYnHg5vs!1V_wTh!BpeU8oe0lupXQcUWI#3vP}K^g7!?A!QTt?&&GO7#k|}IZrCNmLS5;4qrksnyl*HOOC2i?A zR0x=w_NfTkvzfG>G`-S2tf~y!1huU>73X&R9w(orM6V8q**b_$R)d{zauGl|Mv z16o|rcCDVsRAyNAK|KQ+5Omh9^y{sP;Fy0^RP5fMtFs!4QJSm3TOHfSDR#Un7M2`p z-9dL}GKqCe+K7d5rY9hP_8dd_f%T`I;k)f7HDXklodl=l6TB|Gd}#p8CC3Bgu4&mVps?kN_LTj0bFlB!k9)1QHl$ zAwsAd(4c=v-GkZ#mG`H+#@^T!sD%VJI0d^>XDnpnku5&;57qx#ym9?z#7Oe+>P-bSxg^N&6m8 zP;ACh2(NJm8m{n_2F{S6`fYiaR*+kLn-IcP$)PBC?#6Jkp54QA9^#FNhY#Rfi72$W z>pKZjb6e&han~K$5nRkRyfK_xVMdVcO2mkGGP>L%Of)y23ur}{&vtqyQ)1__2$sr{ zaGxtc+^-k&XjY~2IL+s#cJv3uysED^FK0fZJWtC9)!mzr^D@O+g@Ji*B0w{<0LY1s zm}fSk)mat4ID0xmI|nscQXAt6H%xZe!0m_!=w{bUo+E}u%oyH_iJ_~* zVq86dM7D_&VR6+QZcjw|VgYYCcrd1`Obq)zVT@fJcOsA5o=mWEW2(1h^CN#ZNnT$%<4vw`4e*~8rPLm z;wX2QuzN?f(L zC0J>8dv7Mk&+3)m2Ioj|AhV3c7-K-&2jd2S!t)NNnXB)LmCQR2;0K& z^>3b%L^Yjq(QF?l2b|5aYY2AChO#t~ zhNJzG0(NL^aA4Lp7-Iq606?;)Ad z+y$aT`5g8=@%-VdP?>$UVh`8cgt$xV5DCgN#N@II!8>g$Il-5*{lvcg^E!|agXyw7 zo+pW{5fV1<=*bahvJ8xc;C~dKsdFNM%?E+7vg63gz%nl)gw-VEHt0b2P%7N*|Ph#dH|gKq$&1x_m7aLdJhRK-0s8Y;=pGE08WquV_rBalPCa zB&}gWi7bzMoGHG4PVg{iF$^s0O5d_FbXQEc3*L5tX?a4B{bRiZ9IMV5&6}fV9u2VB zEG}!*_f*50IWk@V+S)#Z_u9)4@qHHiZkCnTf&r6`1x3iHDcS=JXJlesw%HdVN4%~Z z@e=EG={x8B^(kI#A$U+fc85@+-F7*POdDj|>$X9z1KB$LiF0yZVb&iW-f?^zZwNvT znVW{MD`NzWe0#bN!*q&~@DxcRw7*T2%WAJMdtB+kGV0E@0ys>>6;f1B*Vn!bt!|i( zWbpR4jsfU>bY{T*dpyR)5)4G~MIXx+9OBV}PWP;PI*@%u%$g2Z=AcFNa|s8nA?-$U zqXa+OPXvO85>{UfGmPea*?BBN?E3>*)I~2xbYr@R1Jk1O!$rm+@(-Z)e!H3^;X+B= zN$8dkITn!Q^6PlV0B>n+W2b39ok>Bs)X*dx!VLG6vX62tHh&&4cNl9%jDB42#vnxa z*@oP&MmrjBH6o;2KV?P$rwHaW!Q(HElYKveIMiuu>H1<3WC~S@4$>< z-5fR-Ihbgdd}xIgLD7ojSZf{(VY;HexJB&6l73vu7LO5>^JYenjXBpb#5fh3;T_|9 z=K`Y2$Wddv-@y1RjhIqLuI#c+f6qWQ*J3B{_U%ZC6l1;^5BDUXq|)z1WH05!#bx%A zOA5&mD23_%(KIp}j-hb2S8v{DRxjS>*=Ug3kfDQZK(Qn3$!c`J4kjoP7(Or9gRz?z z@ZHA{!b@WxTY5{*{e+JAZK{Z?QcAPU|JyWrn#FPrTdiuD4J{VGzRW;5n8#{{NVkX zn(_mf&wBaiKfO1;(Y(^+(SpU_cXnCpW`)V1U}EHs&+UsK$wPaeS+bl3a)gI7S23Di zpdSGyFwrx9oHw+E3s$Eby20s{8L_Y&L^13JTZ~;T>t&mm!E{Gx4rLcwG;CrP z6krTy?p2vsEPk!(m}+M}V#NK*F_ym7t74&+Xjhx1q5XVz3Vgkv9&*GWEcoiM8gzt@ zZywnyzPl#703@bm2Qh+W8z`V%6L!y0sD2nPTWI#)h3%~r#>PRmlIg+$#~~X(D-;Pt zFzim9oZev4RjuDGbLw)1?4c=#8Irb&D&#qJRYIYVHB^^}JBM;sm2ajRDUTxGWNcr9 z69uO$a0_Ku*Q17cM^ULZ{rCc-hs;d0!M913i`wGEQ#d5#fw0W*h$_Ov5K{JAmEpZH z-7+b~A6Mz}nHg-au75HVI6pXdblx<72(q-+HQ2|{!MQh|91_>P9?LE?P;U7`cl4D=LMh-@nb_ zXNi)gUR97wI1CPRSBHtVR1(Fw8`v?11L1DOiCyx(BW1H3IH7 zf4?UN?Glr~!{PS{AJz=G!dYI}4%d#uSDCBUVD7cGpgB7%q|ueL(KyEf5L35U^75KR zk>dHN^7EQ1EG*|F?U<6l^VoyOLs~dk+`0s2fbRn5=v3V%T0?-EpVC380UY$@6a%o}1lyEatLV z9V7FhYxX^jL|1&u@f-c(7LJQj!J%;QAnGf%>4`K+%Ul|3Bjj06>Pp~(qRGkLsORz^ z8t0sawZ+gfmM@&JsDe;9WF21o*6M1sj9-;+#}?gqblJr(QT!=CGst77rfbkejHT zx}QDf-*SxM;C#+y^dQ&1TUqQ~dXq~wVc_w-`z(uS>~566y*p;@1mmI|4AzOoMbo=c zJBLKM8yS@l)7q7tfeawBMf;?XAQG;az}R9gGuF6^;@(n3MAvuA7&;bD+JuCwc=2}b zm|YZ-(^H7Ske;_Hc5|pGe2Y9^ZQ+i&-aOHQU!lTOEQGYkUh;Sbkf>n%5aQ~5KJKbE zJ^*8FNh;_p zlEU$-8;j%(R0Bl&G(=L3uaeUITkf>`E*2HfL_RWU-avcr0nSVa`}PnaUd@Oa!M%3Z zBA3*h2vS0?w_Sh459z1LK2BMtt^^$R@diPg_-V4gK(G6Fi*VkeMhK+Yjz=_dPKErT zOB+);l@Hxb16(+)dz*8!gZu|p2Ac-hdFPhHi@q6m9bYK0YII9L&}|m9wW5XYutS)VAXrRQOl1Z5?2@ z=B6<>&$FzY<;Wsi#XKA><7TB02)2`Z2C#5LU<=>0(HXSd>$-M^*I)dA{mg*M-9sG{ z;%j{_pd-{dAjXVo5M$|=$F9MwR%5C3K?WRIIEcZ|`dzmPdO$l(x)6~gzP1B(7{TH( zh9Ez!SS=LevZv#mi+-heLN3O2UMPiSXRD%6!-8X38Dp$)*i?)$L)=mJiI*lsXI2U* z)WTYo>l_ZwaRW-4K{T*WIbr|n%wjPkb&!j`)`@MGj2OuY1rc(Uur(X=)+ zC@&7{m4Ot*8wU1uH_kq%FmE)C(p(z83L`6x_%R%mDf`&SQd?f^ymJrfCwu~VXa}D{ z^^n~FoC~T+vO*ybNE_$&B^-Fv@+3*+o@6drOp>9)$-d+e;beki&BpjWcR525ZELiwB zup?A{&?>mYU~|d6KveAvRUF~>Q~X`PpQqnPwfmBz{6A-<)WnRH;eruh$1Sf=IsFnd z)TR#J3Bo5ry>~#4ndHmKg-J5v-4xDAMG(5*_o*Zq;~c&9$_aK9yo8%#!sHmaX2^Af zdikb-L6fnAJVlgwN+xUmEV(FoAh{y>v*co)n|OYjXK6&OdvB6@cb?Lu>Jo9C_+Rz5 z29D5+Wav&(j(|flBz&xu3wQJMVLYCEj$V0Qj+FB*-9mc(<-zIQNtqy)Zjj1PGqsk-J}RQPZ=SZAtt5~!Dr}@$R>oGW%d#Bp%N1c zzMopvX;2-@lPsCoPOBm-ujWUzhg6GrK7qW#>QAY6KcN}I&ctFy5#>(mJzyl6Ro(S` z-6DH3Fq51Ivz!k@^tNO2sKY`ONhYUbr0xCfO-g7F&qzGwC*y+(RD@8#HPD z_v)gLzos?UUsB{473?>ZMekYQ>R2WKiVe&pS6PJ`KNL8KNdRmn|4o!qM>Kc!JXH%y zS1IM(2YTL`=I%;0``i|uk|>&ubiQ&izZW48|AaQxkEFFRj^622646t&qK`WK$I0$w zXL3EEC~+lDL~%_~mw+nAJ=j1+=Q$|t6Y;o_AR}*43>CGa5I$(4(Dh#?#&Av1*4?Kh zg_AVmEWGa`uSh3hs+gqosc_UFCHL$Bduc}vpbuDYAM^c^PU+^=U1{m-2pzV*95GrP zGwMhjF-!w8BcxMBFRqvYw`6FR66!&+CWiJRcwBV+L2?N>qR3ZBbCFVOG}Gp&LG%{h zE*6u?SVyL}srjr3jr8&{O6y%EmcAqT6RUAPNfsjS04yc-E? zUe6JV+EI)p=2#h_Y)EGqE=hu4moMv%CQp&!T>!>jxlC}mli8P94>u>Jdm}C4ApOqC ze<-%N!=|###oy&%Z;H)Do^ei&R#ztBqg40d)U4JF*U)NiYn~`98KS|IC7Oxc{JiZR zcCpZ6Zg$Qj!l>KG%4Abf>}!aNn8!INW^-}8(d_j5tXAiJNtWV#@m~4DLh>`tk_>ar zjnb+)>#dkdW=`^%kEdQ<-#JA#CZ*AZhxUFOQtmjx?x`|pBC*1?S*r@pf}kleL} z?)$n+)|nK%G_x;Bq6~}OYYAfY@potkHD~ivwM$dWu9JP> z_Lwu|9E&QqK{Gb!tvkciTXFkrqp8YL^Y2$8`AR5e)wrOEJQWQL@vzSc%>_x@`wZDl zCL&$O`Rc_xp<2$P)B8*~x~STie3jVwq`2^tVSX2X>{*7~7Zq~7&?#F-qIJ5DUoL&JC~bIi?j^m_AOt;8wW#3+)^)mL|u zB4b?P`||tTVq5rBy|m#bXi;n zCG{xgB#)@m&ZzAX`UrYmbFyQil4r*~7QW{WglPss@xBIOxEmf zOqW>N@~q0RuvCPU*R9k~7qC?Nj9_D8MbXu3_;QGa`d8&sRYNh|YAEFS%nEscO-lmE z{J$GY_VjIoWR0gvtLM`L9@7~uS1O-T^AzRRWbMz<)2K<4b@`UJ=TjzQ&kOn2Wc@GX zp7;|eEd_SirncyrO#X2SlT*j3oaA!G(JAJPW0pDnR4&wirrV)1`K2fF+?7mk1tx8!v~J!>Ci5lJ-mNK? zNolxh0UJ5%c~ZYA`4V+zy-voIBjTN`^7M#va%M~^;%M{oteC4C$1p$E-D5LII2KDM zXMQP7=`Nd0W~Fj?ugRClVSlDniKwL(x>}k3VlJ(xoi+KAxt7)yOXb?y(94fqEuOs+ zFK#W4?%BVt79`q=JYB5Eq}-$A69b5pW~S=7_xy64WMPBIa5W)dgakkLZEMQJwY zxF`*ib2FOE&{CFX1~)*O>#UXQiTsqDed<~wUnOWO<(HSvM>x|z3EC=4>**`KaJPUv zh2=Zd+|Ko#_E*Z$-G`O(qn+=h{E>>OxAP-E)hjVtZZOc7Asa zvDF@GOc(3xs^_fkdWxKuY$%q_`jASWv%71^_#n+Q>E*O!TeOigeYD1NIy9$|3c1rd zx^i!)F019Nm9-W0PnSd-j>`7;>6gWh~16|ughU9>pHc%8DI5CSn78V zye*eoQcBPkaxiOGQ1UaDxDW@LBqQF}i%*q9mc446XCqAft)-0CuBAz*#yneZs@a{e z$;Dfe{|L+bMr8h8FxZ}4%ineU?E&@`VB4^4c0=Ql>fT=iB6iezm(3+bVBk_f>DxDo6anDaXe6!@) zO)1xXC3bjJN)l7J7Rqn*w3|rD_6=96<67DjPpNdVtcO-%i~vC zBdDmqNDb2c;>crAd$&E^J(rxl$7<3Bf$xiLf*aKfZ&6e%P2NPR%Bmh|7|oy3hA*=! z`Le;{N>uPThvvXQv*rLficam)&bajNb)RWp)3M8UfijTPQ6{V}Gs&Ng(a$il>t8ky5^o?1v8ArJ3RE4oQ{B=yU}e z^onVNEg9JhO~d+eY_E;&0 zV{^B-N!L5lqKo&lIMVLZDDKtz_K)mC`Pq^$Tx)Hrzv^|I>59oW<6D}Ma?(kXEpD6I zw#~U$fopyrSmUWR+-_(hN=bqzBbo!DPw9bz%-_^Yox4I=pJ#dQb<6gM(d&*-t5%Gf zo5|2vGRz#=l#~YSm+hn+7L)lsYe^W@l{6pPLAT|>RyTYf*QaGK;UsoN05Rjr#O)p& zsVm>SKGo1TVPY3-P_Br>{#&upb*EoiL$1RWc>?Fz0H)l19h8Z?n(B*Bb%`|Xa^-WM zHq$i!N)lV#N!9 z-==rTSbpCxsa$QgT2k4C6}N}EyNeC=-4?orlr7kA$;d9Ad$3$MbvCvQsBAphddaGt z^mq@}n>OKhlT%io>^agZpTkn*;MUOH^m(4qOh#e|4L9lXThq>04yN1s$bZ&_CI;@{ zcRy*`V~uvvan-j*_NS~TS=;dp4e;hSCS( zWSFsEir8EYVRzVKChnp6UUqNy(k?$yFg@50-sg zzoE-SZ_P=wC2KOzAwHM$Od%=bGgnf^4|llSaoH8E%dDHK(dVx$Iw5^3l7rUyQfK)= z?Cyq!*>v~W-5t0dyfjB;kGY~t)^(ST7JqL_ES;R~D|uO1-GiK#{+K*zJsiEr4^DDL zubt3)oJE+gG_=WtTQP3^25WBPb?wyWT=cnWL(`})9Tnn}Q(dpLG%|XznRsSL#jt3s2lJo_u8~Ay{&$ksf zri)Xbhs9;5w&wFnsds}|n+)2|&DSjRA{wibZ9ec)hJHFr3qnmeIZ^c77zW;zzhIkD zJ8sNMZtK+6R+uC+J+37+8qC*P%3ajrQdE-N%d&fG5;QI!GYR8vh0?}umw+!bd-BzV zvG6*Cyp`C{CetYwYt2WrBFbl%T*#l&_7%TurJJcVJ1DgU)P?MUV2y}4E{4T3S{wU{ z-Yqp*Re9fqc3HOBZc8`1c6MMuJNoice3g1s9}=sN)2{=vh?2>Dz~!I22OD0ti&pHV zHL}xIfOF)_&n+d*Ki_63`l8B>$+&3ou1KgwUKCMe3}xIRBX6rAB$PD5K8jNEC&Hmq zEtN58X#M<(k z*CbxlaEe!{;m>|u4S6hF;Y5?$U2n2LqT=!evv^%jyQnsVefMz?&7aby({CG0cjj|D z3$CI=9Sg!ux0zsKJd{E@3JC+Idae`OqFIG?#0 z+wUmlqzvb5F|LqgU2^GWTumCu`Q(dG#}Bnhf!mq#TD z5e32*H;lcNA*kZXw3{=r-D_xHOH6UmG4kdGSF-9V@ZJe+c0WSz7I&{PirV_S!Q#&i5i2ck=(2 zEPXe2?+QIRSD5GdMVPt*$W}fH8wtgpC1)4M$Bk$8UGxcGr})`OEtq-8{bN$sddCMlt#$qnA^|tw9tK{4Bgr@T}!HSlz=YPnpajUpXQS zH}n#6C-`M+&g86JMhf*`s$f?a?#TvEzmZ(3i}wq=bF9)-$kll6POw-0ymvwI{NN>% zalO2k(z1?EXp*ttsnz&)rpOlCVbR`+;x{5l!rFT>GSpsh(R8|noXMJ4AD2SsYg`j^ z?*^XBKjHl?m!n}xbo#kPZ2;7~LSB3z0?{f|Q8bWRidx7#7(Ng;iA7fdc$Af2bSL|XX@ zRNifUm-u&KEtzYr`OWLeGSAGF_`7F?VsW(`4W(K35~au_^3{w+K<1lfwTs5$EOHwA z{MZb~=3CoSKoPZDcLOdXR8qN*wh*8r>V$TpE=x*tD^os$`i#naOfJ|mzfoM{YS#H^ zZ=rVQC-(uO=q6pb|l9xlPx=JS67lo5};c-N$$uGcr$-{Oe*Qc9PJC6FEC&)wdk`v(mVNm z?NaKkgHtJVQPX)Wx#AyT_UlzmUjP)B0uGb;@1aZ5(4~ZK!y|KgrO7#|9YJ}ZU7iO8 zc&^TwWKb?|AlAJ!NNi7Db4X|W)L%D=7T5DbpVYc1pkVU%6TJz!SGg|X zO?Jv3#ygtjTCtXOS$bE=&&t~`k4E>aXT{#iA1|H|Z^gAD$NPuwKpaT}CA+1&++X%- za;UE}$!GX0z5t*(Bh#mw67DxE;*f0Zrfm@iA9XG2qq*1Hk5Z^3dnN1$7{?ceTx_aO ze!9U0qxKE5{R+<0uTdMWYn4~#&mwcDl)i2x>88bmb{gbUjC$u(D|6qQ$l4G;_;!uB zUg1mlTbWY4lp8gNWV&1fD&V%WDv4FBR6NT0s2fg&xH_VN)^E|N;HbN}_cUAejKrD{ z#vAqr6`*OcqSZKd6c!MX%wabY2}W5v<E)#s+e(PtebC5aivKi_K%v|h#Qy4~sHIoxedAG#;KE(&a#14B{E_isft^vbW(*|rW23F=V!y;b+1s0O z8z~wi8-w^V=gTSUyB?a#wHA~W&byLiWKgnC7pX9lTzbG8UA)ka}yWuk^InmuY!TT-lVElP4K%*>i&YE?HDB1hs zt$52-u6Vvzl!({dsCJ_Xku$d)8f%^H%37FfmS?=;WwM2r&&Yg#T|KI#dS2vTDM_$j zcdAxO=c*?zzM^pLHmfPWVdY#>2~vXO_)2#R&MPZp?{t!1K_WKVsS?NW08=yxF$Q}m z^bb>W*Gnxo{KMdXHM|)%cDC#+D4`ajt&Hlpn4AWKh&*3TzPBVq|Lu79+l&b#>Vs5x%sIGQ(u^gxhT5aWfob`1&nWMa3RUoVhx#yh<=M~ z$VD4j@tXE>5W0$_&9Q3@7A_}g{-=_R_wXkVsz&Nh$?X2@%%8ap+3v=*Tq-_?_Q4~0 zr-M9Naw24g&Gppe-rBp&nAL`*OCk3@Iv09ZO=n%VmGaUG(wb3PxPMiUC|!LiA9YyX z9ppG_*pPhp?Jtp#Xe?}TKGye*s%6t)gNEEwTO3j{~h=4UUzeUoY_S>rR^^KF5Apgy3pG- zT5E9KYu9AZ+gK~Y?Oh4UhTc(1LYmHX?_=egXV>IRuW!Y)z9YE3#cOerBomriDlZcw zoB}?u2Pvk>l1;2$X_ieXHwiM+VRJghD=Xn>;K6G-&z7H1mZ4m#XxoMp#2YdXLw18e z!DsNX7ElPIEnvXVVbb?7VIFku+kyAP$+LCh9$U=)sT+AuStbF-aGdYXB zHreZFVcqtX%rTMGs+P6eByy@=sb7&=IQgMB=_j=x6|S^_G=#K<{%G&_#ZW%o{k&AZ zRTiA&4Md#}mjR}_ z6Wi1AH-IE5(FWUBu5CM%hzz%zdZP#tweIQ>PsxPRvz?Y5&^9@%Tbx`+o}BEzx)}c= zy*Ia;t^K88SwlJLb#=6IFCokr+AK|Jn@mi3Wb>T(U8a_-4aC!>%h|JerVb^~wyXT9D`zqC>B z)Wd?BTTV ze|94U#jbLA=Pw78xXBKGM!ln)z7Ze;KVMepOJF#|ON)sCC1%`Hqd{6}tISOv8EN)P z3onUD6ZnvHPt2@6jyX#iOG5hDdCh&DD2tnZj)poRL|j2g*t*h=9Tsn>x&79Cl{wwL zyIr}G$e8JCt>co^di$riucV`KzH8-DMehjg1t*(3J0l0_PC%U$cLgGj%vKwY?`GOK zLJqB$C7o1{&VuU_qffK<;5W;~RYp=*e^kpco>DzJj*`s`xt_&IvtT05#B!@U6}6a@ zWB@X@8BTGVlNmDUJ8R0FEvb{^d&nu-QhXCIV}PiWoDrN+itH7Yt!fbq#T~g!=|&ua zu`}X$iB?JT|Bl@0D$xCQ{`!?JcNAmDk`YhlZ)_FwLCz zb0y#O?qC4Q@L0@YmwB9f7x8&=dD(6{#2)KJp^P`Uw{JhEz_x;|`|YIa_Yh0g zNH}PNUgoI_dG$BKcQCvK_|WwXqr_e^lC1}lX|3W!)!U#{-f%T-H4)c%o@&M{C-?FO zeDcNr|G*0?TWF7?lpO4R{=>XQoA24>2o8ovN`*zawFlZ}Pa z1Sc;`rN-Q#5}Mxxb~`Y|8qG&Wlw-2dd;-wOj6%zV>WiZm3JKMjWU}7;R;k=SlTZ@q zlch415~iAZ^Xb9bOux!LQ<|C@tT+Es=nM|bB=zQt6{~0>(eu4heO}LB@~nEi*%aU; zRp}`#DAs8Gp<-VT(5HCP-?DJ}ZbTNqlmK6kfFY1ny4R#9eQQ2Wvbrl0OxM)tFX{G6 zG4P7od6@JFcw=a?(YmcXkxZ0ogq|x+)?52xRE@=G#Q)tG_)v6tuVih|(big3{a&d0 z>jH$FtyvE=S_cWVCrcg>by`Qg(0WmWl=a}vn3l=cdW+;Y026R@$-k@`=(D%hx|kGl zbT*_p8ttc4_To~bZGHZF2#_T}AcrMcp66Aa@+e?=6tJX|F-ZYSQoxd4jY$evl0m?) z{f3gjul<(i2>~@~go7^a_hTLlz#HxNA-&W3x^gW<8Tfk3qsGXcORF=bMrTW-v)!w1 zv_J5QLV$`|&j_M`UfFq8egCE4VP*|P2M$beN`G)CSz0%)kjWt?OzV5k(VCY6`fjIq~9)NPgtHw*< z**TZ|)9WE51XP^>2FCHHs*MQ*5OHuxkPi2P(X`F!+VsG=mElH$Qq{{Qz>; zevu3|98*&wV&|eNEo?%-yfB2Js~}8tQK=+W7#LOtNhyg^uvdXg40?%$FSGDvVgwq1 zRV(2MEgpb25OgB3)XwFEMy>uZL}WGKn8sq0I7tI%BltLh@?ceb=y|+~D*>yNp8bQg z<{1?A4BJ8mJsI;>zh_X?Gh7og=sD!=s^ivqr!=C_FqOHWCt*B2YK(P-U3L&%1DYo^h@V7wbJl1pULP;R2c zgc6%oeV&Tz3^yvNmPeBT1j}_*{Z%260U4V{YkqBIpwapo|E2?2{P1_|2KNVE%!~)E`tvg@QNIXdQC?E~3Izs<-Yp98n?sL%JYUTZa%ewEG$nq{R>W zlTw+snR$mmE-FQ27NaL>PLvTmHqRG)GA)2pX}BMmR2GHTYj8gjik(~a+k9!n@`FsP zG{A6{$30j_hQc$F1O`BSO5~c9F%3T8Qi$=Qk1!0=Z@eU_p&7)4t_b-tDsR4Gy`rhU zB&m(gFm8wFNo{IsYGekP6e18s3d;=w6rTsatAGiIhnyT!m88F>vPOgj=l{FGQUkNe zpB=?vT%YxtF%R(58F!|)L?pp_M5!ndkZpf>L1nBu3{k&Xu1)c{p)^%*JydT!V*ehC z0?j4cL(rf+F8Nv>A4YPHK@BTtxISXPk0G^H3%UX&VPtud!9)dutHcV=M)PO1X3!`5 z8P+)s?9`!J4jupP)go9KDA8gqsReZEAaE)ig3*WvVqq%ae`P(-g#} zpz%0Y88O28jgvg0W1y+2@-&*v@>q8UG%w1UBUI>*XO#Zk(vVvD;F@ov93ci|*glBW!lP2bP^mZHb^H~oO6MP{Rr~t6Ag2$+ ziD92$W4t?DDNi>#2d5FGlAJG+G%qp;!%Cll%ZLW0y{xn>0D~%16=5NH@G`WpplFK_ zAh|YG8?2P;%@1pJH+#$!@*gl^E{J)`L4TJqgiv~86P}l#v)1{@L*!?*Dl>qd55{1D-zSU_nSMMHL}hH)EFhQDei61L(T_DwLYJfkmee( z5p7t_1C>6gz<5s&IJ%E(+OWiGU1JD8Zhd%k%zzOyOL;U*hT&Beu`kr7B53K=JYjjB zs8$B4UH^-4Pief`1D5m@OwL%CZba7%4wq0JFIcv}5I6tQ<09H$81z{y_N;}UxA5~8 z{745t_hIypndJ)UOmX3YSxzb>wO6#bR;vllQY?g$fY`XOj zi7XSVwoF9qfUOUlRVvH#>sG0xV(X}q8qMdCz}~^ub|{GamVL)M5w`{1u8t=CNb{w2 z0LP)V=N+yj{7fTgH zKI#A|kC>Pq8BY2nJ0v~^C5uKzjIl@5|Mt0nYPD+37um#F3^gtl|1F(AS{W2;G}`B* z!n|q1OwKY(WerQ2il)kC85U1K*76{$VC-m?;e%zQGrHGSDnGJWYRjj3=M5q-NJqf9 zsB);*CRUFdcFHg*>E70|t9`MgqYBgD;4tmfSadfi(v@8Afv7bVL{Mb4)U>|Iq7A0~ z_%JJ+3?xYq5R$?$D>GQj|CSqjX`vY>~9 zS0#nH&^KCRY^*LOdO|JEO^-Hm+-?v&1Ylu7E%B)fb;Qul+B~{l!GkvRQ(F7D z*F)w+U&X|MY!it+kI9Krb|bpB3L0IZie)0Qu+f@mYV9Z7^#Tc?nNh;B$q6$$oXb6| zakCsXr2PGuo+&4(s^6L&3>cGc-J8BYT!HXTljqoe_-Jc)>iuJ?QhVLXlYBrt3u)RGX&)uGc$wg z(Oa-kqrF76K7t_|4h-X|H^js$L9XTtNJKnCS=`NoB@?|%wz_+pjLK4PDMS%-N?7?| ziwf>DBjlh`6B5EiB!5DhM`;L>T#P|q>IZ7l$I?+uWptIqTJw1WFO8A`$zV^bREV48 zF_32(51I7zG=}ZC{?IE>R1)cNp5DlL2B|OU>3JNY@$xnP(v;YN zU)W@6#=5S{W*XRy=wP zu+U<;R2i6-%K*y`|AeNPIS+7~Lcu^GB*T;x@zN#r)hp6&^JYDI-vZ zsCpQpR~m{}TKIAcUyg=mDRsM6LXGwub+T_#Zy(Saf?xG?k7eAW93Wt8m!B|$%Z)aA z?_Mu>$YwO%tDzH6d)8HR+bnGv$CJ5qEf8EA?Uw%0+wB95_JTzpska|1Pf~d=l<7s4 zmw@b$PHxGdl3N~1M3ENzRVC)K>6 zCiL9~0_1j@3YfvUB!^Lb>DDz`6L}#V6zvOQ{hIwhRaHi&+b#3$VjXuPklcQ<)L6P@ zGN>wYB16-v2(ZwMXlhjnn(mJ#A^4-$V^2=j+fNJa=w-|WtrMiO?CQ=n9_{?-7GNsN zx}RDt8npkCxp1PDRKH&?0*{*55V_!z*3*~{GW`#Y6RuVU%34#K8+hqnA-A+J zn$X_8wZ_uDM67|wtpQtKEnd(}IH`?E)H4k8(NMLv*II>8WAZ~wyf7pN38gMG2+-rn7B@3;Z!6Ap?suWEk zY3i3ij=@)jayMw(qQ3M>1d1R6n!am~0Y(FoQJ!uLU?8UNEk#soAF!OA0n4en)Y@C&XNigjMX!nZ+@EAz5p*=o4IL3bh`_FKtKSak^$%ddwJY%AlH1ciy z`6Xn~fyx>9vKhsv7_=R>Hkf7rB!XTlZXg=$WJr59Jf9EGSB-a}hyH2PQU79IuO~`2 z?Ynzj1VG4%h$;=#RMXGKJkQ6#tCEN9r>K=VJ6$z}PJqdy=(JW0;#Zb7kN8djf&>Jt zOXC9;+--_VMG zJ^+HF)U?bB5AUXT$_lA>7O*n}n$GH`*B1jXG3uqUODdz)vC-k0FC=2MqT0v!*i~}W zj0zaah$?m?&@ff@go2SzBUb=cji|%c|MH7ZmpUhxE z2a%4eO17H$X{pb*__gr2R8~nayBENrHtnYj@G&rdOVfQ)R@4ar_#IQvHLu4-5dfMi z*p~{TZl|XZCwOQT9Zj>20)$-z)SQ{Z)F&uHltWQ^8>$_^!9^mQJ_7NFH@XZ~&lq{0 ziK)1^@~PV`bvrDhvYkyz^@5#EO6qKi1)nSyeA3Yx6x6yk2(E(;>`#IH0Q((SNr4rB z6$cKbz##{Wq<|4}jTi|LCDLy1*M?!7=>gl8Oxc?JV=~7AzfTXWsbHyQ$2j1Rdgo#` z^qeOcQ{xGDjLL|vR!swn50x`e!ie?oYKr4($5G&QAFKRS>KlQk}}u#XM@`trm4%hjyy*@xnMQ`apG3j+^DF7GNiEZ)wV+)x?vIs1tB9kl98`bY8W z#MJN0XY3)2BPHi*6NIUngK%08h_&5kZBda;MzFIX?u?q<_T=iypekdmO?Z&ZKT0%O zmu4lfA1%iW+JTu+D^NWpx-*6lY5oe9>FmH3!?x1iF1yDURzN4B&}e^9D-R6x_YV$M zu-b=)hKEN+Mn}gqiu@zFtW|=?R%>+^ONLMxXV}>A*f4#;v>sBIcpw8Yn}-_hn+TyH zLufD!VXy}nHhT#12%+ILG?Io!)6kfQmx@`2^Ll2wXObjuepK&_ zM)SDQxfhM9^47QM zZk$>`bShmwPLL=U!Zj#3rO0A@s{gLFG>|vC7t^PmyemJoF%P8kOv#hPQ`Gb1fBde z4L!s^5g4OQfdG^MB5o_I&O_8J`aJ^KZwOviHq>n{zN~{5^!ab5YaE-P9ul`x&av%cYNA@}uEMFpN3)Idh(nh`cGN-wkFJH;A57-G3Efx!< zrEi-*l$)UWy13F#JWkb{KdCo=%tC2m23UGD*!GO%QC9ZXj3XELwJj+}24`Q^giaDG zYAYSBYns|5);(7pOrb_`6Np|kYL%7L0n@vtQW2(#G?0K~Ozr|0lRWjkv* zzP_|dUTf==cSkFt=8x_7CnC#F@bdE;I$P!3$clfl)M!38`1^>xM)OfTqlS|`CFAfPQk#Qc*ORuwG-`o9OPIid<5NUG@bKgxESD$U{D2YbXt8$fh6= z3Sp4e2&V33Mbbn?ei(Dwu&1%f(1*0jjt(3n9>YN5n48Z);65|$@k2X0q*1pMR66(?CnLqJPy_ds zSvXa5*67$IUg*|$QLv9fB(+p;zRgk>S0ug^wwYp@z%d=UiL>((tKvNgw$?j1qMMKL z1_A|sfi&k3gL&Z;ac}ZFU}K99vYHraz2}|aSsf9tD8Q+ZwVJZ3T=nK_&t>{Xz~JNZ zJQ(t@kX1eUeFyJD(+=nT!UT-~&`+tca&*$e8!E$Ka3x(~b4cFVqo{y})3{JIKgiNYmcI8LB-ofSr1Z0tbas9YP z;}>aOoC&#-ioKVnH3B_jy%fH%vI>m0iKu?Y#0mte=)8%=LoY!g_6CAH5ySNCi3t`5 zA2TvfnM7<|qn-;Rf4<{SJZi+LoS8*W2&*Pb^eTavc=Uqx&bI-3p(&cx$rh_L1m3Z; zEmVi9r#eApzB^c<_Y77G#87&@^A~?yIn!#wKH^+}U@Z=S^zyoMa1bL zv?V(y!&=^t4{tV=)RJ|B)Odr(6l}8eJ$W7!Bm7bfgPN`UmVPJ+*iKJg*v4TvN|DR% zF30at3EC;EQQ9esnNZI~{Q!t?!|Bi3-(HN;L~wMR;eG(^5l^O~O-y;*bT>#AlA@s=8supE=zh0tT}^VeF;6K z=S*{{;ZUby==)p@Z5m=G0%QP$c)i1`IWcEY%`^nqIObXj5Khl%lbn5gG64aaFlmSBLGC=5G3a~n6jXp#?3iu z1ryG@5KK6asFhr=Q*=Vd4HG$%?ERxipzU&=S|@l+fK??bd2s|bjYswlpXAlGgeMF0b)DK%i2+{FV9MwZ&Dp5 zM`q8G9BHpcsX=G`e#?GeXBpnQozc>$0@4GRkFlFm%3oi)e4{L~_G*#Zh69ytb-8%d zFN;$uigdry6fcF#^`$Fi37k`|FCTP2{gX9LK~9AOSSV#PbUA*{5$OnJxH!S_iOP`n zXxj^o<)c*iDYUAWJH_p#J0}-HXuk!1)`}qiM zAAwG&*3O5vZk1AQFROU_0hxeHzp$#_367ig{n|;aPO<+WIY{G?T91?Kj&;pccEu>{yRKKVAY8Oi!+W|Yf zGDHt%RCoZqFMw$X+EJHuE=NAOby6#t_KXBdjx3YH(_iQT z;t9Ohy1N!>w=`w5+U9z?OiKlDu7Pi;1Php@Z+yx+KohuM%-+gcYG2B^4O<=2n0kWZ zY~MERcCjSvgRzzer%V{kYi{O-jU5+>l8D`-w^!EEs}nAtqYRg%aCaN7B$pZylMJWU z{e~bJ{mGKp{6(+p={U;xk1ahOZGR`K3mt%xNfc1PYKj^{l`K6Td-J$9X?y~QIz=fR z2A*U>p&ar_v-Cm*eNgYLYPHLA9LkB;yJ-Bg9mL-u7<4&gmEy42mNn*_!(W1#pp)z@|`Jt6ObEh_cv%1}XxQQ^Ss%pwK+=6`oWtb}&GEF15Utwhx@uZy`IE;vt5nGda$mwWSKd%qkXX0AsLpc&A{}#0fU)I`LR%vcbZd z7VrtE?bb(d;RIGBvjg#oEoo`IR2k;*8+Mq`UIXW_3A7}m#nvJ!t;|4IZARqIGzifX zo&!GmIyw_8{gH5PYrz@$_bu%>X*ZD96SRL#RF5?}L5SpNzZD(=Dw(6Cycr6~ve!&( z4>Z2op)JC2c=c@?;>Yy6^gi3|jk${UHLl}ioVGRQNYJks^AFj(R(n!TA_r7I(e^k}9WubhgVJ z?tDd%Iq+>P4@|A%AldSeAnoUr)pFcsIeZI6h1paSq;ngYc#R}2;P1+^yOe_2E$eJI zhT1-!^m|5}D|4#a_|FdKEsqhcvGLA(-HcpdxA9~ETOIB0TU@CtWceIh+IKh%_kgjo zKe5m)&eFd1fMljkEy4=0HfTK%B`rbro=nACC7HHKrT6j$Mxci@e4S<9qT&@sUhd{i zV>@fi3$RG%8e5|dhA$X1e)X z^@U30f_6Eb`jVYmFQn88b7uK+Pk5;(;Yv?%##1<#(3M&$=P9zom`HnxOW(9}v{siOYU7%|c+CT_%o^Y6V0s&4`NLp3V zx>T0s+s*hQv9Ua@gOlM+4xJJ-5Yhxot@)yQZVf76Eh=EBq_nX50DJQad`}Hqx(8|R zQyPS&%hY)DZT@*J_N0D$QhoF7Kz|E|rkZc3O;L1t)?WESp78JdtlEec&mx7e;?3qt zD-piFl553gX=YK zh-Qy(`Qvqaux|=-Qe^`3E)w?(5K*G*x9I^BepVPeJ0E!v$qK?hLqRycj~dpG+dNo4 z+A|NHs=oSX6Mz5Ork~u&e`ejAf37vzWKl#7r$8f=+po4 z+85t?2Q)yiq#qW8Nx$O#RsD?XXGT9)>Zhq65ax$&^b7y~gpBL=5PmW#U!9b%NrrVBqwX9$o{V13ja+^m=;xEoyMgJRQojXrhH(D=)8f^Wo0Bti z`KGRR^NUS&S+wr=>er2-qq8= zF~5s3yHc%qAEIA)rmF<~JHmboo^GU!w+)r# zbvIuA4%m1ZTTu%k_mcbb!0q zbb+J3hof(%=vqDzOt+6-k*xMh+~UyrWzVfUL~F;Oh^gPijejdVerkLF4rQdND2tW&z-SC{VT9!y=MD$L^TiDFwH znf!M>^@(x6H&DIRNc-nybtC8z+MJ~Zr@h}A7(bd4uY-)&Sk92Qw|643zKNhd$El+h zgn?hln*SykWB7%nd|}e?`}j0P<4xqB@Cl+hquyqBejZO6LR5DGYSO5a$CD}bC_g#x zqLc>tDA4t~wp6oirOGZ$&bW|V%AIfi!sPd^qjoi}s}j`#G5n2P%^Xk85J>Z8kvrzM zST^{`>xizgzCV;=lguf75^A-@UQ1 z|GB$vKBN4pp$x% zb;Wo__Fg=@Is?Z$ndg$#Vv+3PWeJyA^w^c9r2o@Y*8k=|=}*?iYkIpsF8PU= zklni*@9(`n>;FH*^}WNoSJ?0EUF}y27e9}*^SL;66ER){_eTJl^Ze%Tf?Xem^me`MLg>5W;nm^0LxtLW-)h}q3 z9C6_+A#yrGJ^LKU$BB0dJc&cew2#Y|zty*Rx$SSR3Y!0I)=R$<)<4cH)$qIO=kE&t zZl(MG2mH%NlJbdUb#@7E_BEIOidd10I+Feo{fz2oOg}aKtkO?iKMnm%=x4QlCiQcM ze%A0alU1D=Q@fc0IlI)YxIg&qJ_$3EeE}@5WH00jbt%Hb$wjBiAgwH;LZ4f4-qUTg zhmxyKRY1Dr^uE4ZE+wtxCTfkwjUMxH)OQnWwa#17@f%rqY{S6PM~)S0KDoKn{PW$5$LHq`ZQeb%f8p4H`Nhq<=8hdYaQygz zBZrTtzznu!e*V~jI~L~WE|@tyH-CJ7-{IMP$7U~>xq0rGid^yO%@^ta3ud-19GqV` zHh0D0xrO;-`wm_(vuojwg9rA1X>M`Pk$dJ2U$KAxXYaW9Gk4y(fA-U}v$L08JXzXP z9^ZY>fuq!P;LZd4_svrsZ!Ap@lm`d6ANJP1!N#0<-*lrZfTQI>-pj7f58_zj{G44S z#FcRz76_N23i5#NJN75n?&v-(yEJlOP`BUImGuVs@8i4Wx+3AEe)i~M&S^r;SFFN| zIeqYw&N2T$KW_>TUO1~wg}R#`D*yIyYn-lPQ#O8h0i2)qC93HIMMw3sB-jPYLOH!O zJUFKP3f{ow1!>UHZDvZiMYYZ-WYGo7^wZEsJEh3+5Ie7E9f2y-RpnN5t;_YZO+R<5 znpuTz)z7{9Ii#Pbm2gy{gRvt*yw#+l5y0(p2~cZemOo|jHy_J`L)ID?#VhUS zl={9xAC9PrZ|c>3gLXu=wm7JBLqJsTh$vpQ%5PxD;2}%#w;!mfvrKaHQT@Ec@rwMJ z-ich)9fM7f;*|@VMZfeD{WDqB) zH0LbUv3O)Q%g=RYmgPNV0eNNC*-Q)iF-~;}I_R`z>}T@@we+eQ(ZNRb6tXrtZ;q4K zH%PR}NN)uF*<>C{W!$?HlHL+k(gHQ>zz>9wpWO>bQesq%{yY8rNS(P(p@;cdHeOq; zem^Rdnw(uR{Qd9=IocYB_Cxx4KtGr1XHhp(bsfwQd?6B~{ZI_G7D!mSMX56qT$&J# z_IZ&U9=%AgYr$e^UZGw5EZq-2b|Zoyn)>bA1^${s5(n)Qv5ux@1Ka(MKQmPczP+n_ z@2JPWQ0R62ycdgEbm=cNMvzf2=!*>E><*mGW}^tA%|9TmQYeLAR=G3@m&9~z$3aDn z)$&xRiC3sJ$#pb>-5iCWDk0@jM>{X*hgsR^yrQ3z#);WEM!`M|#n_Ti!+w;B=9Wd8 zjD0kP2XE`{7nZ>e^!DW+<&;1bu*QB`@rNo}3uP<2hkKp0=O8sRlZ z@~G2|pON+uzxByv?08kJB|BaM%mjGFajk4%f*dh~NwEy~jhvo)u z-gj_eF3YUqdd;fFW~X-hZ`HGpC#=r?%dK{}_SV%28(FurM`I(-k9N0|f4nx%1+i?% z&e!Md1nxX%&Fb^Dv6;U5yuEm+chfk{%+LTQT+xd|=wj_9`iH4l71rl@r4KzVZO+@?Cb19*x|-5X1uk+M zL<-b!63Z2b=+R|u&|0`Q7hKTJp zUW`S9OezD|qw^Za2AEfIF)l_QVVNB zS0-`th+ihV{hqW2S|=@HmoTZk&eM(ittHSEY0kYtdOhc)?e|kBy)LnVys(-pcIb}XW@_TA~~D_DNs?4gl_(Xom-@5^2Jym`y+b7!3E&+X=X zwx==>-QxAj2iVQmgI7a!Q>KEA_J<%erFZHz9d)SUqE)xECZ{PZQ;c7nM*I%yKELrYxDe47 z6xhssR~HK@PE0vnNW4pkvxL^T-cXW-4r3}S_Aiq~hPvHbOwCx+&P5+M(MFvEKfu7& z@U|~8aQhPD8w0hLEP)qMVLt9r5_TUNIv)mfK6E@j1kOPtNrkfR^K!YP3yYzDE4(co zkFv4Dox#8X5d-^Gb?gSo(K_GuWEJ4wIV%4!^a<}>X?Hh`nE28@uPQ8NGJ&DBfeArd zC9t&z8+&mVz^H>_e4s^0sF%hnVMl?rvc?FA4 zeSjy|2{UCC=QWrZ=9;9%QRW6l=6G5EbIU5TgZqFv)Qm#aE!2U-us6AVX}~y7t=Zh= z3F&RbhNUP}Kc*#z3_}Ent(&+8$gsVHb)R7!C zmZ1yAoVVEMB5hz|$J6c>Y|Uz(wq|{vwq|Xf>dY#gL1Nd+<2+0_gbO8*Yu>eQfq_8M2gst25K)4?DZtEIjwZa4H zQ7_jONFWADDFtp&ba61pbn7xCko;q5uLzF{4@p>)De6~66JmNqFzeLU$iXnlOyPK_ zT`{$RD;otPYID7PE@R1D=h$i5+%H2Cp(k}XG{C-iEJD2 zK)D~Qr&d9sGfuS;JvDy_>&6QiQM$uH*Ad&R=gQF!K>ybyB#={C)S5WHp}a*!(U+Laa|nHfCj&KtDz?oY<{li4XDdi&7N>mAfK%tmhpJZa`LGeR*`e zzdr=m_tnM+2GYp-{_*j_!CZ9xKx3S9FkWtb-}?Ub1M3G@>qU+tXnkcQ=`W2B`TvMs zuBzqOn%!kEw-5tBgh{vKwH`_`w@(QB8h7fyjhGcAe$xk4|)~uHq!v0C# z=G?o=129^eR1IK)9I~x)w(eApUOGqUH~!0J0$Ar~nI0lVnM;KvIGBq!h&-R5}kTe*&`gT({~;mj7<5!IFZkGrCljqNpW4B}LfAkh@M9SMr$MXYOD|qR1gN z3PG&cU#s^L+SWH5I+t&_4{kiELOy?c&;5IOGF!q7}B>Y}JG2VrhS#u6j|x1>sN z+ERfAAGGez3tORj3(SQKz#`{Mi9BVaJS{Z9w0~F(`g4;q7#<8*@QlQXOTF+YU>gc- zrq=noG(*V+pk}>gGE%ne_Yr<^$vcT!jrJo%m=Fm04%T0b2k>fE?g*gPBem(`8D!ptBAgiWhalAN1-emP}(| z5rZgeaFZkyF|kINbO@!JIemWE&PTM!Nv95eb<;1KA>y?5OQ{ROIZf#}9&7?~{xn}aW3)h($br&2q0CS zhzY(dlW=aoA%sIx+Bv{k=hDpFIhp1loaM;6|9sZ{=dJtCS67AlV&+>uIUhCGl0az@-Yawwk6p~$77y(4roLs8B$?!C+p@Uyw%&#qMb zS;G_UqlK;U#H+a?+(g^k;;UJUuUd<*R#)eV5-CF(bBd3U>75>3*E)HT?DzJMcv(Gu zpa4#<<)IVFI_{LpWx`pqo@w+jGh$eCwK~QAncFaL577W~0vjHN2qBNFQ(T+I@6ykV zr0=`UvVf8_L2KCt;L1k(U7uFuH^uj^@icyIOT+I*0$m^<3y6>0R}j8tN!;w$_Pb(K zzu!i3?;(25J|4~^JshLzjKnEXxFn#e7`B_<W3=+fKvs}8D7WPm;O)gHz9N|HTC!;_Vl#id=8Zr@Yt50UsBL{5|{ z0T`b{AwFWF@_p_k*%U*qC)3a~X=pqBff&;%0CAv6jg5nAQYm;Ac=B;N-R`Mj(f#=d zdejfgP&|#A`ELt?Ik z@w!O&F%Id(9gp|%;zH?0>ry83R83ZO8ONCVF(t?prW`9$@=pz1RAMzs8eAh!NO+)` z6vKAX1G7pGw$t?B?nFI!cU2FrKh%RO6ZPP}L_N4HQ4elP{6J*0iyRfu9f<~MZI6K` z2}qCgn5x1~d_J}PzJ|m5fD=X$9+YP^fGWUMh1$Z=eo@=3F4~h>!A*Y{Nga111eUkg zwzM?tH&aY6amgf==bQTnWv%+cDaJ`+Dp{_W6yuQ1gLIDfkrv0}^2hSCMzq#fOL$_T zm>pzFo2881>8GznaN{Cq^Pxm#l7W13%rrY!>L7K+QkF{#dIimGB)_GiV-n7_G1p+X z$PU5?GJAu2fFNFK^|wx9-yp!k{etYTJ4tU4@j7dXWAOWxO1Q}|w4i}`^6Zu+1F5f_ znXsl-n#Y)K9CDG&l9HtdFG;XXJ1*b&ma-MYH4rR9 zir7nM46mlmH2$sgy>AZ_;$P$v##^hs@|jv9uJ}?|>(SN5g(wXS3cbX%O9k)=y6x#v z-z#h{*lG!0Uoehe#?Ted!1222K%QSM2KAkeM=(Lv$<|uwb^4=K72EKp@8v|EGHa9l zc8uc%SeOeu*>u7|&6=RIT3&5jkIar5X$vIFh*cCfsABaQeOX%0Rbn!0^)&&$T*VI? z%Cu?Ni*0YEWENYXBzllM#?n@jnL``}iFs-|{PmnZ=M``*JYQoQU*>Hv?ruQj{nB<@ z(ZDn+lUE~Q_OAN9bke+<_P(+b>TOmJmZLMN8<~&@lgu1G5C;KKZB<0yTZ~#%ZWd>m zQ{^NE8XKYO6N&4Ft9Ba>nlcJq&du8xO54J}_BsCa9}x&5<}Y z+V2t(yCL(Ur9zP0{HBv7swxh5$) zhf**lvGg`V)QHFCn8xC}(Dehg+;{-8UJ#z+$? z_5$w}wsQnS*em>B-|d;Y1?)}vObPhwnj zNR~(AoQ_Xb4%i*m3Y0N3K2xz!+o~^Zp2Y_-C={!EDQFRcf6bShCzd&}V zLLf0VyZPs3yZHpQyJ^`Aei=1$lxC``zO}%w_QMr^z`*2(_Zv$%QR~h+-l+5)e0Y=R24@J zelS+-__a=ife@w87xvp!PQFk`8&+}id4X|uQW?KW+^1jMNrr*BlSUK_UZM=#q7059 zEA#)h_Z)CdCC$GVnsgKputq^ef$$OtMFFLQQ~^ar#FPg_APFfTDAE+=?7b^0%GrDG zz2Dh;!_L_|dY1p}OCdD9`|j>{e&6rUok`xl-PzgM-I>{$+1*Xl?>OpHMx_)|pVQzI zqy)P8PzUW2Zvq`>tVGLL+a8wM3V75)8hV6UJ)RuC2*(lF9<>G)>Sd_<(gQ3g#2^30Ddr3VlYOuy{h~ zzEP2$dIxGFdIu^ZP^cJgCxuT7s?1K5yZ9vf1Sd2_Vd&#l6dDS#gt8S|B8scnEmcG@ zPAR596`n~IQE&pq$U!p}q4KB+L^V^vPi;`3R2;2&yo4i;6bS=|@JKNV8IDVph_a

B2-gsdV%U{_&Y?KA*>BdAfOcusqo=E*_j@SFXF8hnpMWl1#cWT{&Dno6RN(PcoUy z@kr)+c#!CUnG7M&JRXN6`7F{S*@NYh%<&}2WS3+9#r z#63&|6N?}TgaBrXBxwNxsW_dJgCYW(q9Sxv89HQbfn$~t0-i)96(!5)Fd@Vu2^DHj z#TDwskm)2xN@AD`jxqKxqc@n9LHA8hr%MDWsWK^DLP|+V7RhH|m=}(@$E6CSbogJE zO40=x;&d{D6w0Uy=%QpQl^P~=|8xPophpYDWV%2I6B)|rF& ziIbF{=9DawIKfT`DrQrM6gu^erD8UL`5+Qfxf#CF93d~7lR|R1>Es}$gI6#qqtXI} z@(dE_FOvB1laippz_zG(Ps|g?Tor|*#3%=FHV3bGjzAV9lK6`dVNp^HDHX#$4Uz(e zK)7T7X-SX&xTL3MQ`Oj_X4b=3jVCmFE z*E?8~E|iG#lP4#W5|ST7a`>?_3CYQD@It@UuN0)BriuiQ7 zltcm~IbG3RPFxT@d^*Sz0ViFMtB@MmsRCXqk|+WpuwOAG0uQBU14E|6PPB{+fiQ(Z zkCWs8F!)Iq2}zZp>EtgVIWn>nU6e&i(nTCTl1dyIoi8G#!cH=JHfWA?j=DOi8S-VNskk$ z66i7!&=KfCW|5STMWtbr9-p2HwE`?Y$pE<$i(?V$B7X-O0MiG@JT-`;=H;P687UER z(*2-M9lUyr`Op=hh{)tMvx^DCJq*W!zF)kaAgRx+VW$3VuweTBZLnan)yQ&c*3=_W zBjkaSzBuOfE$TEV$ZEzO(Bv;d080Et2+)ce3EXh|Q7al8AS{r;jg7BpQF=OJ`Spf| zy7_KMNdD)=Jy7vFLQ>sz->)69%fC<>>UPAjP7QUws_p<1w0ue%fFm%%aV%IPvr4aK z_>mk5DWSI9`pSWc2xS7r)>?of;N^fck%)MtRAW*?&3qh7`j3EVR6+U*`RGw35#*9F zWTqUJ-RiDk0>(XXtXo5sgn-ViSRKSkI6{ys5?KRS0)RSQt8Q|G06;D&g*!#D`XaDa zan*x^S1bw5K{$3h!xw5oJ0)CNWjp-3)ObyBEM zNJ{GV6wGc|75aS-oSKR%V0GbuZd8XusW4%Li&9cRsy0>EtDKUoI4aZkBa zrru93kAr1t782P~kg-T#5ObtR=MV@%g2u!CcM>FKjSS5Y3Dc2g0Xf7H5vXo5K}|{3 z%2y$w19F6%447N#={deUG^0p<1ew7Fje^nGKvfAbKM}vtRsx+G8*vR4_ZNv_f4zFZ z!gy`GgZKgo=v|GGx4xFH9u+a5X?zRen$--&?;9?M__ijV1=~SM+KBpxFW{sIMbK-! zSdm=9BYh<)pfO2EML!6HpgkcnBb_IpPF4ohg^qOeT1cW^;DBbR(RD(wwV{HbV2RcJ z2O1x6M!GCVOx7J0O081axdEgY*a0cz<mR!Wg<9|v>=Wk9qclws@lbK=*lx6)EF@0IFb}n77OE_ z0pCbPMQUhc3OA*$0#*5PATe}DHb){vlPMeIi;Ax38FfSLs$u#t=&_*6g9;BlEuyM{ z`K4&EvZHdK1BHAc3F1l7pc@+l3?qQYL1a+c$mCKm7O5T@oDZ<-1^XVT*c#+Sa|H1-)NYt2 zLOGBhC`ggI4xIoiC7~GpIOe0lh83%QslsxFly_x<=AxCFW$MWbiq2n#p;S7k#i4RZ zB$o+b5eR)>Z-Lk|HY!rRY^$?M{MN9AnTj-lU?%156hzrZOM|GcV)M5yGc2LV$4LNF@|lY!WbP=_hZeUZ(z8`MDVmO8)`qUz@wMYp@NqW+~up^52N}UK~T`VE)@< zrZ&ADzD4i4GZtE4_TSxtgE)qcn*Oo+z`3@D1U3sYLo9=ZA+k#$ehE6V2pA_zDPIfL z;}|+%_1|tqZSK>$4%b)U%v9kFvK1Zn`fuZ0d-Q{BrHq(LR#|(gaRbLJegKSXYttdM zF^(Y>=0UX$MKM~Cd_}eewI~2vm6Y=8QBFoWEKCY+L5R^0(7f7%sAuiwfei_rcS_Pj z;^LxXkwp;wfMzLLtuPyDG&viLHe4797$LI+Ksksi0D~}Sltf-lEC*!)(TL_j9&Ld- zw9CQESBhRrk+TRqR5gJaf4E4USOaCJ`YYD94hmO_>dA{*w$?WH*YP#fDesFGvyB!9 zlmEA?2Zsg(#x+_VtWBXf7NB8ms#8633PpiOB^EJ9FsgnFQg0lK)_|n;ysB(b4(b$$ zj#7olMJ2~YOGHD!ty$wwu8AOm9^v8GKnl`wVO0cI z4h#n`RVW;(>79j+3dFG<4FRp~kyJi4=wU<#)F>S5`F$wLVMrOm6fP$eR1Rax!3!!- zHx-8W-wF?g3Iyat{w4e%8Z?7b<3~e52Y)+Epku)}SeAkXu%NgBORuleQR_%=;AM?T zSV7sElfogW_dh!+oZ?al8_iHa)xctCRET^r4mHmzJi%WF5h;JhP+Dk&gw8+eH`Z`1 zD&3JPbba|8G4k_(sFBF*J1aeWj&xX%gMUn=i3zyiEs^CQJFc=km~$lx7ZRi?eJbD@ z0?!*NrcB^9=&7QNz-Wp#!dj!~2e8I9O;)8btZe z`}=%QQ+VlMb#KJU_ifVE;UCBs#E4Kt0;1mmA|Awp3uO-esT^SniCidYhzo(N@#TX` z0GYs&eFNc(>w2 z3RbP=sSp8ZrSL82DuM&`LZy`9Kz#->@;fMxL#9Evp|v7+lV}vB53!oMiueWfp~o~7 zKd(F?85LDO!0t_rH?XBs{RXAilt(X=r!8w9#f$?mRkFr!RGSJtSc0l*hQt~$uwxX% zI^x)fG-{PfGxkkS7iBAAXVXd8!=xW71UD`C-uWn7IIIm}G5fu2XdBcY$cAX}y=;~c zc>xAHw4F)=6_nb!p;T0JoxFf{fqg?2!KDthLH3|XQ#X}gKNUcJ%~ycbfKZn#IAj|H zq^{q@dNrTSsE0NTCUeDD4~*laz^H`)U|_Wv)*i=ND_*E<57eM^(8vO1QNLokiqHwY z08$3NMJa}L!m;+X%Tm!>^#HVi9X+-41&~~MN*@84jUo^2am-fnTH)G6zEuBok(^Jd zDH@3A!*SrDVA!EHkI(@l>IYghX#$}lae_$^#Uhm78bGpfOhWm^6};_F`QB0NG9T>% zYA9;^JO21OYF?uZtN|vefxQhFREAR2OCcr7?N5%v%sfz7<}}Fo8+D1MQ~bR_q4?gF)){N1(#x z>7daa$|Q~6@T(oyS37D!6-fnA1r8d&QAHXcBsi9#IUF0@C(u9`NJB%Bius3*_|8ad zj<|iC33ZUZ0X6ZQ(40Ynr7N4Mh3%76mDq{3pAuefMh}@NE1aNz<|nMuar_(fzbzL z)DMVxE7c8zkm?0!H;@aoKIH#4@JD(m#I}+WeNYt@q0&atq{JWM?m{6>afmTIP{Eqi z6X;A3LkAIfW}#Ab{-|srs2!NGA|L?3qY7Y~6+&GvRG2J^<4MhHEDZ{?3Zyj$os=?% z)V4}cvIjYisUOrgwNH&i4n##7)gBBh>ubc)&Kz{=NskLFgGTmrzchTX@Td7K+`HLL zp)l*r{lSN4NKP#x@?K0T-ZpB|Lf1sCGf(pu&?}^l63c#JN2_o#dq&&ciWbo6|RYksb05El%s(Sf9{;lv!T7x1{yP-%}U>Gcy>ZPN6A@Hy7 zZ5?c&LJLDl@EhXnu|62OQMC_TzZL_(La`_;5}rfhGYEd8zg^nTzaT}`4A{xxt5%pD zRTJ1esJC!|A$%*RkTL~>tK3itbceMB;Gl~*Nq{MYYw|=?9y_X39Ch6)y6P8Q+^M?w zR{>f02!3*FC7M)OU3RM!(Lkx67qaX#SAcH!V0WJPG?HG{Tmx52%fFgxdbakWR64xyF z#fO?PpfJKeN|_UlJcPfB?&wL;d*5q^f)3FDM+A@+7q)8leNA~f)EfyiFb*(^g}DRA z1Hj)1pfI=`YL&0s8>+rwKwbyT6Yi4dVeZgF?trBme4~CzhJT)r&W4`yfd2?cae-$~ z$b+uDPljJCz>t7vMOh|1b0H7x)quDe9B79w)g__b=wi+s!17yoAYA_c?{B2QUL7i$ z#-iKb2=o6z{nt=nEmHPqG>jf5`k4BiyHz;!Y2l_FMKez^OGcek1O0pYHX<-LBsu*0Ha-oxN_ zedlM}vrKgyf`^UWCO+G@%|YVvvnF%%(|^(Ky?prBhao#%>|&$tXSf?By}ei>zq)bc z&w}LYXI(R`&lyDvm}ay1DT&E(zT+LPod_O%p|81V+;jZWK91hbE7i&U^sR$G^qEQ9 zy-W1=!-gGWv(_cL_#Ir2Cqy24@q*Xuq|T963o@QAZPljT`P~+$A6~7Ne-$(}d)j4Y zicj7;soOEz1-r(M9-lk8+bLt~<{R#HdrcR4b&4uo^NFxGW+^t7~y)+mFCc5`iu zxktJs=RccRmaf~OeBZgGwKoOX7!inGH`Vqbyvn;09;(4**huFvn-dmjaOs$%kpl-` zIj{+W&2&?sVT;fxum}yLD_U;l?%sY=#?Qy)v}r^fs;8}X1QAArmIapumiVW_ zW?VS7Cp$Zv0ednPhaFL;_lVO3BC*t&CrNjP}=!L2Rn{yX?KRmMDzdY7J4`bQth0IT@bhsL% zv+8YBr!hC@pSgO<@FgAhdK20Tx4V6&N@rN`c%gY0_YL^Q<;%7@o=CKQQr7vz^SG5u zH%}C-+^W5D%FU=gLQ$^pms#CBu7234J_mVPjpSw{cOnf)%vPn8KPx+l3zuoMabY!^MmTfM#J8#SwIKe$)y7soK_Qw|N?eo-Yea9=; zkLh|$ndBG{v3J?#mfO3?9#{Kyw>drgaKXvDcNYiR8}XgG1Ux7_J?L}r#!vF8?+-k) zjY*$l`e^Ia)|qdKBE4MT{agj#H{h5|JWB~utvZ8+C>;Hd@KZSd4oyid^UgJgXT^xX ztmcolLQ}VNlXT@Se{eplI6v@zcfx~3ussQi^Se=xOaeXr>yoL6R$m6tkPM)K41hVe z;>AaaSu4h>%fjVFW)ZI2Uv2K&Zh>FRE@@T$qnB^h^=P3Tx;_7ZQJWj?X@{F#Hhkf+ zf0pjrqn;OV3#Q+>QsW%{sNquw*`=?UA3C=xb>P`sb7I#UI38GYWtqe3T>UkdruREO zsD(~da@HeOOvh%<4_7pa{&hpZmc+{k8Cvocsjp9DyzV++Ve>aZ+i!dDR|@&;Axq16 zrcUR2OsT$mQ_uLqfSe_vogW(SE;G;GJ=Od9?{^*go3)MTW4|a@a=TgAEujN1KYi*y zsrbs!^+QWqUh!EsHt|tu)QA?Z7CQI4H?f=3YL~u;w)lKuo!g-0y>9)Q$sWVc&MRc&=TTPt3th@!jpTUYyBIaK2!BSDa|t zD=2$IHCDNEC9Npw+Fr{IyIP*_9rn<3p=p(E=uYdc0mB0C?K>dJy)AiYcWY13tV7TD zw~D`3Jnl(EC{eLu{H-Sm3)XzPu{Qb6z8Qr>pI&?#_As<_g}MFGioBG92S0I#B&~NI zaVdW8fIZpv_Aj4i9I&6@IH8Ao)V|7*0i_4^!w;Qb;_ob*_Fh;$gx=TDJaN#p**;M& zBd)F;ZFO^gtKmY9<`b)_*U`fsz)iLCss;t2DM zZK*5KAC+jU4U&k6DvKx!D+yIfA&^$}#T+H$AeIsKXe%TU%v+eXFj>{YE{SkSVzDS; zH&7+qK-k3)(L|)`8HAnRw}hQDPbKNT0bfQGE3Y)f}(q0Hkv%_Y>Ti~uf6=n z#GGFHIqj~G9;5S|2i`50oZr+sd#dN1D*mwm?;*Liug&w8PLvgodvl^AEvU=>pUifY zFViua^ECBiDq~t%m+oEC`iAn_>I;PZXHLIY{ATZj*Fg?9KXp63i~U^KVfFnrot~b) z@!Dj~Ec+QVBTT#vUo|Pc*!BR+`p%0(PQN6~-x%s?aM)n~;Z>{eufKB5a&)i2z8kl#vVnHN}* zb-za!a`A!07;edd);zZvCAY4=u71^g;p|S8r*Q@M zc5^tJUR*!iQhWC;-ymVm7Ow?P;v@p>=bX zbPvpK!#;d=(V_*px$QrOOl!O1_h8$CxAUv_q-_bCap$poNQ)=GxzEb64*Pm>gKet( z!J3bs#ymDG_)XAl%_riicKG;Px8xbTN#1AX^@)tyQxM;N;gF`RcDc`e4c2x4{pXYA ziTf6go)e$hCo&{(uivpbSqTOOA!(m;7VO)VkumsKjMUsXH~JK_$YudiWHSfWd_>{2 ze_L=hy6n?fiIx?vCV&Ac7lQg)Oe3}C4l7ew+|{g84VfmOf7U!(63#URwVCa;>E}9r zYNfZg;I}ar!8u!oSASa5ZEZ!_Sn;9@$IUXwWRzPFej3G%n63n?%%Y%KeM8~G76sOg z&1ubP2dgpdA~=jdFzeZ@71g)Dvb%aa$D`|r8@!n3E>KpmgV{o;aiAN%j} zdDtvrXHV?ah!V?%?{-WyePO<0wKFT|=Hs~OsV%3QWR55u8K`|U$Aq(I^5Ex>@+M9k zVD5eDmi2QRrxl%V^|tfXn)WK}mSwl$DTTj1zeH=>F1)|@$#xUR9hck>TH|`$x>{>j z{6+e#&u06q1FSMX?XODm&R{0Kn#5RGWYw7{vg)8Fu9gPclw#QR50oJsj;~C;7~dgq$p@- zI-DpG7aL0tjE(Hd@(plxa`p3MIR*K`;;#c?i}Goix2ge)&MU%R7NyZdzlH!EeqFnLmAjeSkMua54O*=DWQ}1XD~%2>1U(jeOS-fdgA|H(z0$PeT3r_yaKeVvSEENl9~t!$G2wbY*C@fPgavnzvW zv0pr6=6CYA61{hEaK-J(T@TA2(MJC4U^nyin@D{G8D@%ydy zM}6)!PUnrd`=fQcf0j&n*+yhIBW}9SDz60@R?kLVd4n%*H{yC`@rodajxo1;XpixmF_L;Z%bhD$iwDScOmWkLvZesD9`)A3Dma%M`DhZK<6x_Dj zeThCqTv<$6bV+1mGS9iT5lUg5>cApuSPeYD)P+w_)d_oMXG%p+SE;z5q7Nblg3(!N zhyxWp`nz?hwDdn#TV2ysbJVyF$WUcO7^v#iYC_qMTbrVESk&kh)M0v*5`Aat-l0~; z6}nyDHYxfg*hK5e>CN&L?an@8tR1#2EYnQsXBLIs zIj-k-{dEej6TA8{?-%*rEZY`F789yTCu_5AQ@5O%JM_ii!p@(TR0#Wfa`S(#_N!)} zysC3`?8s{~9#z>K>fvq}*!-P>B4R*Tcy1GvQeSFxC z^7~Pn;{)!NcQ7%1*WbJ)_1~7 zN(@I;YBy(#O2xX7k;~>kw>|Quxp&&e@h5*jI^gze(IHk@`Fq+H#-}k_^ds(-ndxHY zW}_C_+YNiXcJ0e)Dr+sA`C@eGm}dFazrX1@DyvxRJ0h}=XjW2U)1;h_88!v;kF{~L z-nd`hKc_$4@ko$q)o&mwGeK1Ls}Yr$<)MdZ^J#NJXHm8+%Q~ax$FXH8E^v*6zkCY!h z&W?YF=co6)eP`D;AFDwwUk5}TNq#>qHnabo;XV6*+3J=uGRW3w(>U{Avsru1tRD@^ z8yr&{ux07^pfo*;*N3v+mPB9Q7jQIlKrg0ynSqCJ+|x^@mpjG|^W@NS4=(>K5v*yw zV&yxx-RzG1t24W8Z!y$mRYAh=v1YC2#eCWPh}+@%VAEd{-+UP#`|HIgBl|==zp-;% z`Q1qq)_Xeknp-6n7$0|Y5|3vdW!vw%yK$7=f!oI>4Br$t;rd6N-ZL{&yUh;T^|X9- zZfEzECmt6EJ`55bXIkACC=CKk_xt8TRzqbZLaUY-%glBGVUUueJnRKdpE)YgqU2YikDXe|_Py)Z0IDpNnVsc-l_CREF7a zBYFkhIkRi9b$<>nJ)W{?;3fMk+8q~b$)yVVi~S#)8C>FtjE=eS$0U?3EpC^XM93yh zoqBm&^asOI&TBVaw)KeMYu8(z`Mmyot3zq;2E_DAY<8`~_BGKux#@?Rww62}_aWxs zNUJG(y)3V_a6i(-(z^SQ6@i=Iwiz|>>V)~tC4$4Nhi=*8Gx!c;l}f!;U#6dFqIrzs1IO;a#5-6CN!Zz)d~lJ#}KjrC(-S zA0+xHq<9no&ZIJMCaFC=f6~T=oJoWe;pPN)Ss-Upf0fV#;f?&mJyp*jynVhUyc@8u z)rKvr!#*jYJFj=%r!K219owehOuK~2`I4|t%S68ou-NPq8O$HDPIt--Z>Gy8&rAC= z-MU}prw=RVzaqVq-zFgdAK%|*QkwCCa{KEkHuiSgJ;G)Se{UC;HaM_p z@UoX%Rv&#-IxuS9+0)@!o8sg2*9q`|;lmbk(xqPvc0BP-_7;3TvClVj`0y#aPgHli zx5aYL#$SAvFnf*Ixrer|Xwgus)|RE?#9tn6I&I&g)Nq2^)$QRQ=6p4%a;>&wr#Rd; z-uhtdtc#WHe|yo%&%49a2Qpd0;4|}mo(?Z#y5#LVQ8jdrhdAKO#Fs}`bp5Go6K?($ zF)ub^+_R#LB|2vNGIa-=ZEW4!rSFD?;^bEgi)iOz{o{=+S71_E_`kavUu0_lZPe4% zaWK)Mwa~J}Qp;j~I=S`4FUw{edUb73DL*{m>gzHvF&7q;5C50twT6RN2d*>J!5)2R za)@YeZK^b*FbNlQ!&HBD0!x`d$cU~rHXCi6=}2@T43q$nPeKnqXf(ZJ${$UiE8c$W zABf(%X_Td*7!I}J4_Sa{Wd=kOR9;JOA$_6hH(pYv$yfkit-?aAxMNm3qaw>bJ=V}V z9J<>j{P&OJZ@g~p=NF;%^~%m??@1TuVP#i2C00eHDQ|{_x5R3DxcWBi?uB-iEddlPFMq6#N?_Swgd46@(il^>(4(&)QJ8W4@a%UMg z_iDcI>xZNZ+5sc0yzX0n*~cu>HYSR+^(l+&lz+E7DSK=~W*<#^Y!Tj*XrZ>+fkD=| zmR+u%&GpTc2_Y@tr?h+Z)W50O!@ULNcgGuNP0P2N+a+S?nPL9=MBzsb05oT2;crCY zL!$5=QMgN+KHkT6f$_e9W@e$Z{0D|o`YIps=ZFojV=kMH*OLx!J(MV%`2);@h6x7- z=fHjz)%Cmfi8Eb_-cJncqqF>Me@Ew^CMO^MZD(0l`PsR|#L+hRV_TE! zuTuB5%^A*^+|ft0Qm1RR0U5ARE>0Lkeyk+fCHZ@QYT+|{#({3H?oRIMd#mZ3=z#6> zAE!I;=KF2^5`VnI818ZA*2gd2MJ$OQ}|IEDZt><~(nicp_nEBl6 z!<94V#XEj|Vn)R6u0FR_d(n*-r`@~BjHd3u6OKK7Xghy;r;*X4#JNrmD;$&ITDw@>HRv~FK9?Ee6aIXy%G diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/Azure.Data.Tables.dll b/Modules/AzBobbyTables/3.1.3/dependencies/Azure.Data.Tables.dll deleted file mode 100644 index 33b1aaf7903e2580f113257d0edc92ecc8f7d057..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 388024 zcmeFa34EPJ)d&3KS?`jhxk>I#nzT(oQii*9inV4nJ*m zb#QGIo*Es0=HQ9PpLJGv&fp0r4@T?G8eDzW;9dtGHh5-u(#dn$+A`b3qz~EKvJPx< ztb2Z_udn6yytVaUwq>4Weaf?}l)>KpUAPC~ejd=WI>c?8audPw%io}HS-`LQwTF5g zcL}5NUjxQo6WclxbPuK*bbEz#9PlO2dT?91eXA9}Z+hCZ4v&Lg6Bw))U81Mp-#3wP z&N(N)=^XfbAB^k8x}x04zd_47ZcbEZnb#h&81gTKG`p(h5nJK~7j zS0$o_`y;}NB4`HIV$eiYbKMarukE?AfGmazhFqr88ajJEvf99(iaWczl$|Kh9UcG* zx2gk~(JWiNAqkH$e!J(&mxY$|UX2V~)`;;?qfNZ%KFLr>V$uuty2xXs2GM?QacfW! zM}ue($E!iey@@A|<@Lg6gtFa!LP2q(>7^nZA-`;_aEZ)Y_g>hmrtkwxmXciTNSb$hBk-JVfUKc(Vq1Skl1?1Jc)ig&0}Kp?6> z5r(J2HNGum+TeDq;}rV|W!|w6Y(d@Rs;41x#&`5;z-g90;je+CdOCh43OiF>Lb6NL zw~mG69FlX@GvhR8)zXAavlc&vI1yM|Dl*L+q=BBwRiijf70`Dz#y^wYIyg4VZr5p+ z6H`JVOT}|-bspl`&QPUwb_4~!w)!Uc*XuXqx0opu7uae&35^g7O(A$_cOr{tMQE$F zb~p-8sPVJm*U;{2jA32#Y^#JaW>7}EdJlv`gF~*Z&Iis`5`O%(P-3K==V3z!U~ zFC>IAQWw#&*dAdz#|`fXjfD5!X77E?-jC8tK21Xzptf@{nNBN|poOtN{5T^nFuw2s zdQeLg+~`AbL=lRQYF>=;Y=EG(*x@B`s!LfuiI2t*eL6RWP<$r6IHZlCYH3I0?C2p7 zLoqHx>WbYB0t*e!QQ)R8YFOw|9}B^Swo`ozVux>KhWpzheU3<@LO1e@OYQJ-1PxW} z*+q2)BOQt)8;EklD*+U`l3zT?9+`)NLB=6$rSNTxh_boTP8hhrBMC?0u0~j;EA|^o z8A;$9f+(|z8(u>ycN^c>1-9i5ReENRjl(hF-|bm`^;$$28fS=tyh7qlKN$erJkN5* z_0>rz?6RJs+r6w{`bX!aab15|aY6JeHjTQDrGSxfJz(`6_|dG1t=>s|Uv)25f0m=r z7kw0fvbh6jwxiC_Q}1H@i%`H$%h4AL%&mZsACMXv$F-|B!>Mk;PiDxEJVdcam^|tiC*!DF5gNXqNft|z+vr4;gu5pET(=TPLv`5p2pR9V)%(yL!jFJ5if#4J zYq21fR*vl;F~Yl9xDqAu9=Jv>fv|=5!Ue>A0F@Uvwo_v+<>0Xm5YNWxpwKeK7F5uN zWX&p4tV!RuAe0vRPR@xcEFijD$%%G?(;lIeM3|PChEq`Me)VIZ!)DvX&<&_@O);7f zm!e#)j_n621!49jEz~m&pa=nrI5FV85kLeGYgx&71^9OLWvRHbp@qGoq;f~D;0F6gnN?j z82YHYVh#E>u;iRz>6Ze)fpo&ShrqaCqR?PmJqB`OpXv0&FM&WM?G)A=QRqr<+%w4e zNbgE7TD;T$(aWS!uMo?=F}6=uX5of5BYC=5&`{WS&^)T3nP z9VWyn%*#eEfK2u4z^=EQE9XOsn_`||k1%1uR*wNFXvC8G21#rZ0G(S>Pci_u-Zu$p zYl&mFA#v5};vO}Zp|(==kz;KQ9`s0`NoGZg)YIPrv0AzRpdvXhuq_yb)Dbz!yse(OQ*nAa zS{z$_7c}SZ1RWP={S5qZCRbHj{Xs4!sU&i>|8&+KW$Zw8GnZA-0La=2(?BK%$d~#F zGEe=Jvt>dscn!!6_uAq2k-p1CAN&CvVAQh!w0<4+99&sfK&vmHt<&lBXwv!RVL1KH zU|<(oc7FNAoEP+~jYt8fpNgG7pguT|iu3@46uZU7c>~JPM?OsC8D!gM6ATQhA0o~L zf~sNiY&^d(*De$tyWp!A>M?A;XNCGv&D%r0N&VW6O7%BryC#e1NU%jJfVLFczWQ-3 zZ9RKtmNh<4(bF2F=K4W?4suV`%8-&WsGrnR+o@zhVq#lM`Zn86Cj--k1v6Z`&=jXp zrP4eT;43KpQkR=^3k!0Ho^um%T3r(5S;TE|66X3#{GdNDQur&l zvq5wo>eCy(3{N=~^n@^pGg(-+VybHANeni&`VEkscKBOHnw44yDlKj4a<`wBXyvS* z4#M9dFjLyvSHFj&0;M$F{h}%_GEP$OLpP~ zdM~1>*2IAs3OYmvYm8X>AaDF>*0h#sHjQo{rs*vJ#f8?{cOOAsHBlG2=z<&%8-_r-uqDst{ueQuh5G=41IY$=+COt5C6gn z_+x)%1Y;2QWKA+LU|LHDcG_aUv;{D6vZXd(mc?CT-1(hO!XSj_A5_< z7_^N|^C1`{cG9NtjVeRgj9tI2wQ{^>1A5jSzz?9zX1e<~04?opukA z>DCHEDX=?X`3t2K5`$QfO9`=fK<{h;i#~*$7O#b=W$bv*Lid$FcmMpb=N1kxO?SQh zotX0B?*6uME`S$EUS5JoKlql%Z8Jf~*`2WeB+xzoT0nLn!uFrxA!hf&;~l^wS0 z>_0z;mhM@Z2>&UtE9;9OuONxumt9u6vCIpO0GqZFS!V$ID@J>0B6~#qZiw{;tZ1!6 zTlHrHD7$#ECk{93K)xt9SyqZymrOFyrcNE6G>`JEI@OFDa3<$3E2UgRE3ww&T02gj zew%uF&kdGg;M%M(H7ZaDQkxLNj`aCt-Rgm`g=N`_fn%^?&9c?ia7_50;IfsA2t(rx zQ7~sp%_~h?!^Zn0>X6X8`+*SEvA{W1EX!mY^w|i+c9Tv*csfdIE7N%G)(5{ z2?NB-D41A&-wI#BnD%J{QeWB@Od9KTTT16_IJi!*Wuicj5X=g}Suw#NK~~nkP6yp> z{w=!hhC}KZLTS+>8MaD>1FcOtrkeA0t$UE~(Eq#ndK+Ls#4N??Ha$|HwobRxqxq;X zMEg0cEPfdfHjft=mj@ftxcpp@Hm-oWF$cfGAmI;mh&c`=M%(tADEsXHp|ZET8xF14 z3X@fOq*kz^rBawDOSQbXS}1f}EfhYk7Bq8Qt(2)$E@i6Ky#fYbL(ot!)(>_G_b;ZF z(J5tZN|~6lZMIOqc5lOB^{RUl1$s=?ZovBbyPU6dMcNWtDa_S=HNF~ z@2yom=OsD7`sZ6P_xWF4|8{@F;dR#d69swl}GKt28@BRs=%a?9>czvd7W9qzEsRUFfC>u zm=?1ylgq~J%R;JLqc#u`@+A5NF~K--A}SP#I2o5AS;OkVSg$;7kL{0o|5#d1i#DOAAK13oWali#do${ zRlMBp5w9~-zzTPu)i}I?PUFDdg)=a4>|q?uIha_Fybw4O&=Hc6Cez}#M0dwgDmK5kyLCh}IOgztUjn`WVbnpGNv|3LU4%H^NMGqG>*iSge+CdVCZ^ zupvqqX2gP_9fAoA_X+Fk@NefzEB5uT7wG8g1iJbi0`vM>fukmx!fFZE;pvOl;n}Xc zfM%ZU+Ss3v1u8$|G*-0Zl3a*_mOB%kc*_BDA$I3(F|9<5?g@uWz~$))oMYC8eOVhW z)^c+W#QOP~6y}Z?Z#c z%I8|wfMx|W?P!3^o*~SZEoCf+O%zVVOi$)~vYH{w0A`A4JF?k4c~~?Tv`joliqqPO zojc$#v1moHD_hyo!SKd3+JG`E)9(W}O*)pZA8T5WB%UcqmTy{%!b%sGEJ}Vj4UVi0 zvK^$s^=r6ub$Ykf>G|Oh+?B^SX8f}6hY;U`{c zuqXU(_^KF&GrE8u=(8txM)72IMfCvVgfqc7tmkfucSB6#OT}HWG9~f65EJAQx4fAF zmODu=>?2WQ>u{bi7xk@T*Hq4F%mBpsiJ1hpo&{ji`XdrD;ST^MWiw>9cI@gPP&E3F zWuM_&umcg^7#2jU*bxQ+E1@dAB(jf6OWIH86RM{NNI0T30FnK*zrsfLIh zlVo}_qck!VFH)XDG~lU(jZ5JQgxAQ1VSm@mfEGpYR z7J9da3$x0ZL3A`kvOjzs{FSyKI+ZfKjYR9g3B^6)8B*YwqbS9t(=0W_xOEKIZO%d- z^O;8-ZLd29vI4Q|_CxG!Wh$-F>6HC=Lwem>2qE(C4#I6W4-IiTPk2X_ayg6J>vP^k$@q8H@hJ_Lz-246_a+b3qh~ zGCmXp_PEiD=Hs_@Vj9J({UhcRR_y|;mXS~Hf%eGG zfOB?@ZUJ}u;#0R#F>S5Ab*RS#Zoo=V%dJDbF?PCppuwnJkkTx(#>}a)s<1|rs$I~# z5{&GI--^9)d*jO3-I|zIS z#4xxo=&1ehW4!y*djP%1m{?AwrHB((2Lh$vK)mS_OHsc?te=pQNY#UCah&jAI5VX# zXe(rdRc59P!b9*I528QaWDqrdW`;GelPP1-r0Je$LH|_Ckg)8lLjhpe90njcK)C*rRle$}RQ!j+SwR}qczh@}M4 zBk7%_5JydcKbrWlII}eN-_}SkuG2e);TOi?*=P@Rq3W@~t*_PYI7VpXe>}b5(+M#= zk+8wiX*4BF((t6_psf=@Co_m^pja^EIwtx!n{=o$ZMH4#K4hc=N6`w^Qy3XpHiYa{ zVAN?ui_ER2cMZK@3}YD~Q?Emg`gG#=PvQ*<62Tx!1dI=ZLp{y_4x(`;Q`zb)fDj{y z(wj3^r}5 z>BLU1FJ&~@``hpcE z@X$E{)} zbH1HWXJ~b-*k|+uGN-fkCj>hBL4mHuX%EZ=^ZMfgM@=*ZtA^treP+%V*;J%H24rSe zh>H@RTRNyI5VJ8%#<+LHG5!j$2J)J7D%of`8~RNs&3dyv=Y(%TfwQH3gYd0zwEE%Y z0EPK!e_(ca1)Q^e46vU=0(B5FHtQDJ0UQ3pFOe;C2pG48C~3O z9UdB8e620py5)H9&{i9ecQl65MwjA8Hh+r`*wrh6<{@p@jxGmYT}3~s+X@q>l4%K< zmYe<0ePg*WeH}+cZ)Pft7$prZxVDo(yjc)>J%Oi32wZhFGN@j|Tt;M~z;5B&5i#TEhv^kdS7yf9z$y6QbqJg7__8AjmI`%&dbl~fNM@CT|Snm-T7F5@A7&O!OIV) zQj$*>@cH3P>~Tv-+_M4%vEr6qsop{AL7@waAFOy+w$RmDdL0(tT5srT!}?~M9Lb1} zihy#e)Shca`qo@)E_>DL1yAMN^vW)w)s@Mm%54D%r%jDY`{n#*#3F`fOel_}m|6yg zcSg3bBp7eY4a^=+2Q?`K%@u8FQ-|GtI`PUYflTR(Yt*)AOZkazL(^6<{`=#aO(A^{ z`#ILGrVqXoHPv5|K4$B$2z2yU1-kmn0zLhRz`XvVz)=%jDbp9}Q||^DV}Ff<_HLl< zDvaL#(8vu4$&9=Qzgcwo_X3vF(;RVB3bs>oI)16e3vWblX)E7TH^I?rJE`z}a0og% zWpcusiM|CtWjE*<4h#Y!M11vD{H!;9X-{j~p{6g@bk7n~@Ao5){+!gu)(;7E^ydY7 z`U?W{`m+K@O*DlSYU&>P)a^)4Ub@x_)OUBvwd3*P5SDma0tExehrtDoWBxaY-eN7t zqz3;$*jE}%4Sp4g7WAeD%fQU-=oPyhAny-KiFCq z(rBO$!%+@=Ifzx{+RR4;5y+GPV1*|nwX4xOKW$$}WoGxqNfKO{@aeFPwcAeNKq!}CofEODgG3HY8l zg=is4;YTa*YmOlZOZ-CkK`^Nptp(ncU;|mF#(*_ki=w*_hP4$obM&Qp`Y*z}{v9T# zp-O+0Yn_AwhKkI3j1_6?T9k1wl(9S0?w4_+DpMM0_bM5j!d0h(ixsE4)Ygghi~}M1 z(r~c%Jr2pRE^&URGS>@m#xGE?L;dpBX%Vz9p$Is>>(LtaOFR+$WnilRz`lIZGe-&2 zo$2UVlnkQyEXsoOEsmR#z1w!zr*Tat@-8cF@x9q5jVoUYDJ^LpkCI}w9_QAmwKBfwsFgUFg4p

4Wh=_gFWX#}Ejw6tsO+6(?<@Pyvd@-bomuu{Ec;Fj zof^u7ZVufRS`a=f+#dd6`1$bvhL=Y!h~y$SMqY}XG^1t4Ei-;PqpAFZ<)1G<@u}Kjx#yJbBFGV{bh6?Z>|7*fWni|F~Vpz5ck5ANPghetz82 zc^l?kJ@4J~J~8jh^Zq*T==sObZ<@b#{^b1I=D&abC+FWi|H=84$Dek5-SL+lzwh`D z9Dn!mFCKs9g6M*eF8KC>KP~v@g4GM(u<(|JUtIX}g@0T)=Y*3_=sMxX6aI3-aVMU9 z;-x3&bsP`R^yMU3A-` zA1?aEqTejK?3B?{es;>sr_5Y@+~TtqcP`$(cxv%=i{G>O^NYW>`1mDPEqQRsca}W6 z#GD#E^^#Llr`~ev_fP%DsTE6)U3$XObC%w=^vR_wPrK^08&7-ov_GA;>Ga9dKXv+y zWw$JQc-dc;Z9n6lGb)!aTVAz%X!)+?S1kX?@?R}K`ONFiy#LH!ocWJ4vu7PT>!q_g z&K^B`>g?B_eb?C!o&CGBD^|3v*tTMP#dlY{xZ=2#D^^~z^8G8HU3t-}9jm5RJ-F%z ztB$RTpY!xN|2XI5>gww2tM9A+d-a@}vucKFZmIoJ?T)&gb^GeV^^58U>Tj*Tq2cL< z7aERgd|l&xjo)fq(sW)^N7HMY?rbVsJ!|#y)vc>{uD)~i$5(%D^_NyRHP1PB+qqYr z`@wU6aBlya%h%ko=JRWQvgVkzC$2qh?Uid^zxKUrFF7x9-tO}bocHtd#@BuD{Lh^K z<@29D|Ih{RxZoof{Oy8;(Ph!vXlLti>y@o{w%*nHz1C-2|I&I&+wQihwyWFT*!JIT zkGK7yZEbsB`;G0lw%^hI;r36pf4=>j?cZzP+;MfsO&$N)ad*epJATs9y?)F3{p)XD z|IqrgH#BV+-SDOjw{0lzoYUFX+0{AF`CR9VoqzBA?S(I2SiZ4tW5>q$#@xm?ZoFyZ z9UDKq@z)!V>6+VpLif^c(>tqoUhl7Z|Ju7^^XTTx=6##X`{wkW-q+mswZ0$s{kpHM zzq@}+fB!&g;NZZM1J4coX`pOy(O_zD_uwOgRa@3>xp2$Jw%otvyIY>W=*5d(zG(K= z=+>UCmu~(2)|D6UymQ zSN$2DCt)%0b39Msc^c0%czyvr>$7-%iRU>y&*OQ)v_OVyf$Y`-nXLt~S_|~39nhk7 zK!@4^4QdB&J?p^EdeF<9Gmtmh^ zoGx(nKFDtaklVIm2Y+FC;mx3gh zf&`Z`^PD_MZ;;yZkk;~$((;hb@{r2%kjCE-~Wngft#4wxqBZ&y24nPxoaLW{cw&ssd^;aP|0d^{K6iQ;L&(~74Jdfs+uc{}i| z$Fl)XC!P!OY{b)rryKg;P0;4{IR9>X@odJ^2fc1To&h|A&ONXkyT@FFXDgnI@oaN` z014=)kY0WVx#ahdIQ|G};g6W_|A<-rkC@H>h*|van7#jwS^Mvptazf9jT zeaH1ZtnZ}0NAfI{n8|_yG++sNn}S{2;FT(N8Jf7lTtMRYZ_}6OuYc>A08vk17%;SmIUF*DY0i`>n=?-bSLz?c8 zraPqR4r#hWNJkBI$a#U&-{1)SyhYz{#hcpgt={KjZAfP965@^!+)-->vWa_5FapzozeR==)px zepKJz(f5z^{e-@Ms_!TD{gl3+(f70Zeoo&n==<0D{;j@$ukSzT`+uC*?xptoALnmZ z(|7z;@&C~GOZt9U-=>V{c%gCljcpV4&s2YfzAO11HgnWJSKr6!d!D|J*Y}C~KAGQP z)1~iCitknbW%}Ns?;#DpT;F5*{*1ow()Z`}{RMr0QQ!CJ`^)-%P~Q)iNxM8;ChhVS z^?ybEUsM0r)cu==*p2eo^1ML&7I=`kvJH zUVR_b_thbx&#Oa1pVz4W8ul+V*J`}$6@R_PyHWi&s{ba9cQd~inp^aJtK#3M?+@tv zPJMq!-yhNUNA>-2eScElpVs$h_5C@0->vU^^nI_s@7MR^A!+}|L(=|FEB+Vy{-eJC zqVJQ!(r%0N-Kp=5{9cG%5$TUX#c#)(=ze=x`1Pgw{)L9mj!1rU^nHxJ=j;0feV@ed zF!bw^e}m%J==*$qNA-Q}49WKpzr*H@`o2!z*X#R6ec!}y$ddZLMc=pT`yKoaLk}zE zzf0fm(f51#4GSfGN6RJN2{WZ0Yi8c^5o(7uGd}~%1z3G4et(68U#ai%*~2G()qE)Y zU!i-$cj5Uwp2y9+$kTX!gJ+SmV8(JMJEP9Id&W!7vE?s03-N3!-|bA4-{j0c>YaGr zgXbf7K8oklch8#!b%Cm5W0QX556bYeHM*bcSx9(;d2R&P}0D&V5&?W@b%j;W3Ye zzJcdA$7E68n$S_l)`aHa$shZYbH%YQh8_d_i(}_SuE6_6JpaTq^SDLfZ{m6WxOtJv zd5gmJ^J+rd<~O}v+$^^$YuS>2)iXB~6Y zEqK0v*1_`M;+cQ;x%j5H%(yo^H*)FO=O6X{v-^+wF`mDieXxAtii71>tT?Ld{VU#$ z@Z0emEN@#m7yWUtym#e?j>@d;4t;9n!SV-Ie!Kinz|UCq?eb--&W)s2z2tmx)dl4b zRb5cNV8#XIFE6~H{87N)!}C)-&*S+6o`2$*an4Q7trg3i)H$C=-R|Q0jaMIY)H|vV zmVW@xBh}rZP|fz4i)!LCn`*j4yJ}u?cGv8l`Dj%R&%&9*b<1WQs$Vthv-K}In;YH| zn&0?3(AZm$&w)@=(`Q1U>si;Xeqh$0@hob7eAa05-Wj9Kf0~6ptk`t!qKf>v=Ttm0 z`%kkTnSFGmb4`E6wQJ_${lKj6u9>V@x%N;+e(hP2PvQNYwePK%cisf@yQktE=iO8B z{CS5e&RTb<;^K9WRqV(6LwKIRv*7$g70d8Eis#q#zTi+rcXZ~_R~&m!#mA%fRJ?>| zQ%g7UnSbuW+kTEBO8 z&xXCTcW>wpJu-XMtUEW{I{W0#TW42wJ}_$x&kcC)?7YeOMCZ(-Yq~a9UeC=^` z_k6l?RnI+@ug7y^&;H7H^*m7d44zYZzgM}j_a~Lv-uXx0+55Z7AND$P7HoFr)NQVf z%s=W5)cGZh|8oJOtiI+s|HKpP-(Pt>p1bh;rhoICTL#`T13Y5R*@M^5Ie_QqgY_JL z>y`&9f4Su)XXizWoZLkXGjbO_P&swc{>rnr?ytN8&tLJ(x%h8$&c)Ml@g3;n<~a{t z+&pLIw*8e&+h)$af7=Oj`?v3}e0cj!&U4$>%JPkVaJ?f-izn%9p@Y~9zW-pAH`db869dp=E|Yt zv0`3;Rq;Z+Pk>h747|^Re-++WVzqt{)>sGez6#b?Z!}LhZ^CmOo;TyU9?uPUZp8Bz zJh$U{FP`@y{wML=h39TOkKy?l@K54-2G1|>Jd5X-c%H-aJf0Wu{0h&n@%#qQZ}I#N z&+qZPi02P@XnruG$$YFYnVZO@bII1RcrKS3NhPzj)zv1JEsc)#=i~X*a5S5ZPj#kK z`GKj4WPj?4KAGQ?+?TiIxnZ>k zYfBss4eJ8C*w zRyQ^`Hq~@A);85d+ZtM{8{68e>+4&po2r|d+G?6x+uN#}n;Y8UAOo#hdpe)WPq|g2 z05kx%UJecDRk}e!qQk?FtqouR)bS^$j&DxpHC$s7Jn45bO zVy$bA#j0ZfTC+(s&AK7=627K}0#JSw>Gz;s{h7(^FvpP~id4&yq7xIzbYk;lGCPG% zNul6mg7T8kb;Ge(TPim(7N25zspB-g@oX+>E46Mk7Rx2``BZweC)<`BiBFE@UnB9j zDpZr+Y=*wJ8&7;Rc~L6AGc)ND#+LZlq>=*4?$=#F5Twa<0 z@g$hPI;krHY~`jT}O87%2P>w=NP!jnbbS9Z#n7IcgN?{%rm= zHT9HzpeY55tQjcGn#y*=Ya1widwOy_nMF@;NX8S%Y>vNxLjpOM#5QpyP~2()+(uwu zsk}J=-(bVgX7W+(;}iKQ5BnO9$RuHhI(R}$Djf$!#q)7W)rTs3nAg-aQxyVv+dPw8 z!fQAZ6Q- z_oRlwI#cLm4dWUrT-b?HZE(YCLk*#cx1jGZrt8`=`N9hJVrWny(qK6ZqkeEnBG%Wq z5f2+DHa)Yhv7hVKsRk%~YFB1>S5MYA1c`YgXnJm}3Gt~D$!y-wyEMd7fm>89^25ic z;$xUN1~UD5Fs$){(CJH~w9<*(0dA^#;EN^^pz5m|I-=2<_V$j(#^(Ck)*5jBj`qgZ zw&rL@b9+-Wrh-BK}PmCpCZQ(0nsHfj+s=t`zX^E-(dXc?;s@Qp)4uSV;ewS`1)5mXV1Gs!O> zWxGVd6Yma+Q^dAwFj17kPlKj8qEz(h(BRaiqSsD`FCD!GY_wE1HDG6@@D0=98#Vq& zEEY{?(o^G^$sEZoZZ5Sol%I$cMe}w82Z6~H;p=NDiB4~aA=e{{RY$Ry{T0Xz^$mod zhKF$2^aVE-WZ5~=zAu%_dtya>Q(<_qKvBP%!l%!kg9j&a81cmo(~OioU+^f94dIz`0e6|CH@5}xf2us^ z0we_1;azyU6#(2bL7x;KV^BNVN`Ju73oNT7cP-|v;Odb{>D33O*+ve;@~T8agbg4#ATA7N zX`R-O<^vTEW>X|9Al|qviq!Z1rOlC|M zcT6eN?)VsQ(e7L7W11n-9LV@%YHofM$vL&m`|*QkG6W|v>fr&G-h+wAVZu13bmzE2#Ou)5Dz_miaC<_FP zc3IaHi|qx6K=>Z=dPH1n+M>*}iO{H^X&mDC`B#Y&#O{Ze}^Lb{XL(PYuYUI)BS z^6nhjl*t!M6?J9+u>zDX$&|zq!AIioxg-vlh}d=u5f)H8b$KhkVXUPU%0OsIW7H;+ z`xI4*zUqWz>V$>VX%Ey%4W5|lw`N{2=gd= zismB_Bm`@S0MT@!FS8eHz%9G6!3nmvGFin-)IK79MgnQ!EnxR*`hO%99k=4y;>MlBk;O*Sp_Q z1C$rl&+ZTa5-XxEAbrbbs!APDAS@Ms{A{rvAtl?o0e0}sE%l91CA76PwY4r&l+FB^4!Nkn~XMThYjJU-O z+$1fC5Z?f=Sb{XohwSY~Amgd#X9kn&sk!X*a{=pU#ZEG{pO>L&Tr_J>DMqAs>`gYURZZ^^X z_0fTLQ{7S*t#4^=Y{8C4Q)6{CHX^X;QQOeb+T7k8t?5AKt*bjAD?}TrSGRUl*S1$< zdt^0sKcMSstM4$aeO(=>UQf;t9zqkZk0Okd~v4GMPV zHpMrgL3>R9R1N}6Rc8;l%~&Sg-)q`8o1Q+?-)Ghjn63e{sb|2nb#4)gip9*9R4$e8 zijNN^;+~Fx<#n3*l3P+Z@i0Q-yX(~=WFb&RYEvd^23jX``OJ7UpU-xG=>C|`}(y)e(LR5f)8rwX)R=qHnNlS8xH~vcTI-uEj#YmenZj{^*x@y>r)1FB( zhY^qgm>RZ9%3S|Ma+sU6GuJygglgGd^_IxFs`be<^tCn~ODQ;&GLp*XpyeD*l0wGB zXocbVAa{^Z&Ox+n;(>)(l{bD$uM%vif8}5fGiD`ApG+!zZjm~s%Un@kg@A8%x+a4qtR6I36cZzdI7cd zw0%gjDYxt)^DVVbmn4Vr+!P#BD2MD8d=msahY_VjQjf#q%%W3xc% zA1p?yIbFB;nnf3l^ua}}i=8Wy4KXxm!Av<7O*|$j4_HEV zlV~&ewXDWRm&Mbch6T_b9jNG{5kZ&O{gKkB^OC4C*hdoLY;j*oq>_3HqqJLMU{@6@ zbVL%Xq9z1^uB+`BsK(CmfpA5lgi@501|eIb%KwXv^*6zO%(;iP!!MQxk{J-sPj z#u{m0=`Bg&7bgUR`uQUSL=A33J-r(RB$^BCeH9z1>cZ=M&Co@391~ z2DnkoDxC?FlNb4TQUQu*BfJUMD(VX8mC>(>ft^r5B@ncB-B>J!=_ijJITuOsmCv7?NhrjkgpI8u!qaa zcE4st`a%9!1~`v+n&Dx6%XgTr3?d$m?mZe_dzff`#gUCCoNT40>KVEmT4szCY!w+* zS%5pivp$*c$r8YND2(}JGLe)Pfp)Zi5-LMR?DTv1lVs&C`-CLFxalxdpt8<)_Vo65 zk%fjE$n!K9!}_tz5QHeCFgX}wXmP#CEH9%eU0ZTE%Nlde08NMf({A#`>P$};t1}0= z%S+S-RUES%fPNXl@sPsY< z7G^PkEquskH0?+&B$BnuvDj3u7?bqH$IenqQnr`y9nk$?M7iGXcy?C@Rv-w8=7dvC zj$rVNJI?#YyTU3fRmqJ!xP5_*E2ZTl1T zOK0*eN$JUi8G+15DjEKkcG4_^Zox+A(+a$t%EM5dz&%`ID%>(jL7c{h6NaKzg$ceT zN$UYNF-t%W$@QLyQ?zH|;dD?76G7T43eHu@=3B0+coWmI1X6n^m$bLFc`{?$wL6(e#R*44adKiJleHnVqCuMuWpYVceZ}*E7*VW2rU|0N(*%Lz zjE&JMO(z9Z4E>YY+c_enFB`31pf-|k6SgpnRjOzu@K0OyZr<%feNj?ouTl`k7TK~9 z(?rdp!a>s@>pfV^X3_}qB@p5w!$`4i(eWU*F;ko3<4`n!)>DF)ML-6YMS_d*#JYYG z!O-mTdwnv`@7OSJM1T*mcT;jNzq@EtFFw`__Lthnn6+F%DrsGc_QH~5-~-tB*^O4h z0tY*R0~uN9N!VIhed@Av-L6=yMYiTN_z2djN0!LHa6PgV-YPa2zcUfUsmK!ya3z;u zP^*Y7B?1bCl3)Z9H-cESa_Ip7TwfwtskuHFZMum+81oh9`okwFIq?URxD$7YX+Id- z&$fvv*cm<;)6KV(KoE?680jDwS*O@wKxghSK}FMXFtyB+LA?K?rTuMfe{j1VJ$sC(?qZ2#Gq$QZU%nj29%er^^86(d~9SEQ|Ayg{-V52BUH2Ln2L`)ElT3;=UsbAW+N zrYnvO?_dnu(XS9q+HLx5Fe#)nd7navRCgp$tk04ONS4~9JHAh)4$HcO)fr63_dv3z zg+nlqr~E)ac+x;Hh@>}?69OSU*%a0>@v+jOItfh^h$YAP&=`w4!Hh{@OqVROpY2=% zHK7E-YC|F1)}I^+ zT95?8a-4RSGU@3PSk*U|(Hqb24CV`lzsb>imjKCD%4&?`%a0P}*LAl(U8#0+) z!ED-~m=n8uuHj)~qDk2{GnmIM$&_OWe4+eL|bNPO#*OM>|4TfUD4y8h_ zR1mcK*?h?mti^^>iA1tQeo9Nhg1jyahFyrwM5wD|S1uU5KAGuDy1RD4aB6@Q%ymhn zQ8H8%SHU26BS>^M?mlHOCe{^L9S8AkQ(&p7Vb9zQYewk2>T2!q#j%wD#gs}U!>h6W z)uuyXuRf7?{O8pcN6Xw-o2D&;z0KsSPKC*N0EVZBP3Kw*QnO<_{IHQrb=AL+Miou3 zwkT=y!=>`9po1iXLi4#i%oKw`1DO&?$txJS6N8q98q7)qWVv;GjHkE~K_vW77bep~ zFgtV!ri~z;#Q#!wY}Uh&01brA?p!e021vit2Fi{_TPi-9&hQD(V0x1A$ke1iiQVx; zi2_stlpZP(&hrE&>`fVOY7Z8JDG*ycR+Em|KN!V7|CI=quA|AZMBpaU>e10HoGRE$ zc5@}-==!Qe2&9Rz$wV?bktz|`zbiGt8krJdH1m}}L#k$aio@h4Ku+48BF~lx*O{V3 zh&NS~2qdjx939x1=A)<(5PQ;XDYCK$WxFe%5(&xffsSehDvBu(`qIR-;rb!dhNDo( zKA`CmdBfnK1Xi@HB?7P+Ku315!sJtIC1NlYM#nJKC#J*#xWot1uKLs~M4~eA?-uQ&q7Zyu>^0*OdEmt z804i^+QkbdFP6KfiH7~Emm^ z-*jLBM)!NLZ5Pa=6*A8#4&4Mp+IdI^@!q6_&Fr0aEf$E!+uyvsgfD>2!Jb%b0tW4= zT(W0`7a~1b3czSA+}{HZyB-1DgntiE)5)h(E|kLaW!dK2=FWtPIBbk)J!CPX8)Alz zaB)305`Zly76RErwd2aNkJX%X6p4LU+3_3eJ}}}m!&Ys~p4cv%v7LUcs*OwIb}Yb1 zi@PY8f=nj+NVCWBMM~gLRj@n0E2*Y>ioy0hs!x_XWXhvR5E<-;`jWC^7T5E4nQZSE zRCzlybl6T~(&w&E=6ya)?CR6qH1*-W5bOizY~VQWq?vRQ5+i2Hcs5~nC8zdg@TNRT zCxbQ`L3wJELyIf%(U!IK!PFGyjy>6nc0$a+c|t^&J#Dl}Afz+ri$FjT3`0pPAd7z2#ITX9 zBC}$Ox7YQzLg=>MeQWU~Fneyratzbw#6N#G_*0{sz;j|f6-AhgMerrvlW0UConem2K;QxN1d z8WM=@r~z@|2a3rNQYW4U%jSI$))`dtRz(`OJ8u?nHwr{wtvdypiS>am(9}(IQgDFL zY{=&)iXvGrzCc>XBF5$Lri@G3ci_Tx4?@}tHtN<7dkmIvl&y89#TQFW2rvMB5O4hR zc^=55uHWh=?SUHKSq41~MqJ-L-@r90-tb@~z8j+@U$_;*Au|2gZ4G7AY*VQ=kOIes z$qvk@MhQY0MkuUo5(>2>v6rB*bQ=>5tg`9KCxNL~FecKkev?Eykxe&=254`@M;+`% zFSV!lq_UYb9TDFWhX#~lQK7ya6*G{r=jm}sTQ1k3XkyYq+Dji&K7>p4VPkPJ1oa^# znh!xo_^J zPo=$>s6U1RucXyp-wUHJ+1d@xijP*+F^yR-Lb|}04AL-HEl)kd&Zp=7A}}=c!K8*H;x>P;|rVg-LvLH=V-f*Q`1LK53$FccU?^02E`{PcsabUe{Txb z!yFwHPIYh34aeygIqFC@F@wTixPx$@BTK<8O-ct}bl}{n)~&67chlfZqPx|}Btd3M z92E`C()Lrf5LorW%8 zE;&T+PM*0)bV+t&@+Op&<@r&X=kc9f>P=0+fRys$r6n(6TpW!F*AtttQHk`3C7C3T zbZ$FlCfep;8^*UTAl`zDXZT(Wi6&)f5)P&;iOFzYu04R9c3`}3E$qhY%<1ZwF}h;K zlEUWm3dRG%AIPGTQ>5$?mVK?6ByLn>upJl0Sy**cR>pUWB2kz<`kj&oi+T)VO0lDy z{oOh(avj_wj~qlzp~cADZ$AgK?HGg|9JeA2h>|S3vtv^hBP&H%s^;~s2byI$F3BZs z-n_D6AIVe0+&Sf9mFeF@bRoeF0wUQa%1fS8P2BYa1 zGZ8MkM6e-MB8)tQe67g``-JnmW*}yqX9CYpMPg$KLBCQ*qS zo4?&N`r({>-dNV>DQ*pxuic!ALq!-Wj03`huGUTB-r8$a^Ws}oK=VQi46NC+Q)n#! zG#hb;U$l2GEhn)!;xjySyAF%Dy5yr2!hsEc|1hjMNIn~-^se*+O~E+G2B@~=(B$Z7 zGTQ>ZD+_o$(O`y5VU!giM`TQC3_hA6aA%G?TRb?9qG!VWJwshB;f0i9eEJ`v9MhfJ zC-DIAU83S!yRHUT)pCqj9_M|)04TOSYr;(F0XW-hd@^>LS~ z;>A)GOHc(dO0AwW8WEHv$hi>VAlM3e*aCe}t7M^0+Dn_VqTUvE&B9KNhtUOC)*eCg1uLWV%9 zNg$0=FmN#KY9obF}Y||5EATOL^LE-jNVlURFu{$4tdgxNAa7KjC# zj7f}}Dd-Z_%+Jd~H8yBazZS&{x5eYzSqZ~sc)|ATMJVta;CXRu7GV0r*%WUhc!72T z&(W3@s0<2Hw`paTZiALagb**JpjZ#Bb6;_6Xd>}x+v8yEQm)+ zAZ~ry-P*^HFI*W5GM|!t+9V9gXwB}6qh;A~;C;01AqbU;$>Dr3pfxiw1#QAkUl4sq zGTV=98pd!^ALGJHrRB(~)HCwn1bjbkPNG;;K^x8?vGaT z1eHW{4Hmqj+}%CR$hWx-tzuEAo8D*TUKHgpC!&HS*kux!8#M6l5#37*eYyjr5~cKkAul<&2^c-KoIRQ>&!icq2%#_Dk4jw|yi?>QIOiauIQutIelc&~S%6)gt-%_FV+Q zGGc#X7wdQg^$OY;iR5o_l38rhSNeSkT1WI`rSg)7g=sfAmY#GejC*cE0*WoO7%M?^ z3PK>{EP{Y|IbYf26a#BPtJ0gV!|_G*M@iD1-B8v@u!Q1?G|xz)c~SiwJ_~mhT!7 zFMUNxs?<$ji3P6ariQ4<_Dnq^BUn%hIw3Zn;*n<4Un>w)fxV+2<=Qw3vbZK}xmXYc zHs;z4N`Sj|C$b?sK|$-lX7dz{SZEI@$aHdVL40>^g!PvMPz&i6i)DMfoG-@NZ5B6D zXHM+pB^&6?ajr~Yk4F3!ZxR;ULk3~2J0O& z?OxBLnjG)m4);2?DqL-EFE_VWP4#xF>OXwjUvwT3T;u;Q}l?Cg;+K zSwV0hN~Gyu^|h2xdqE}TDqVX}2r)xHd&ibefmawkEzqRRsXnUdNGL{1%@c1>OhN~# zdcD0Li}1F66oX${Kq9`9LoxKN(9R9>uVmSbNrx0b4rC{7IE?7IRHLWr(;4LFcN^=-{2hjJ2MSsFY*I`Xbjnr_$t`q&GYtG#t4#Yx+|7*1 zVQ-%|&CqzFC3Rl3rZ*D3?AOe35)Kok(TMV?eI|VUU_JN;*Ci;vy`?vs|f3 zeTPTgcqr3_Wy$Tb++;!#x!5q@5KAV!io!V2PxRts$3|RF0$mgsHEGcj#XhIIjQ>+Oc;U+f8IYW7jS=MCmv|vwf7d8ZdB0bg+ zt_8yNTnbPVcH)M$%mm|On2)lu^^3khM0Y2O_m!bo^-bFue<3;3cc3;9gnLYdbvR=kDUtSWBiO)xM6E=^T z!iN_c=S$rR1H@FORFYhY*j#>52E$%m)X1Xk814BPwR7iu$j`$+I*h8) zwe(gw(G?#`j#+uoFK&x;%6lAM@HjTXF_8)u`gHv*qCr?FvZ>A>_FTsdS?LLc)pzmE z9S=I)EhI70T4N>Jz8c#1&w@W5lk;!2e0Ulv$BQEnGgpsUR-VIW2?`2J>vJ5F^{>8Vq*I(L95D z))biG0>uI6OZIA<9RnU;5Cc<2rYMTEoT1q`I)>9!n4`uqyQjtt%(@eqaRXk-))525 z_+hk)J|JrlEC3jRjr7#`u|LW(+GRd$$6Iy7DyF)boKw%QXue z%SzZB$@8e(P3CN>)}dL=1<_DshXXq$cSuQYQ1?i`TjdXyK`w|KT$t+5?3FY`oR(A^ z=q>g~aUVI*NZP06-BnzMAtz?0o$1foV z(2_?04YHMFdE(CK)V=a4B6PTPiJql>b$WHdXkr+0Pi{Pu<5AFt>)2CiLkcczM?;y# z71Om2_l<>1Y}?x)OlRZmy^`w*CbKsY4t@fij;qI)wT)}-ki8PWO@QLo9*9v20mgX|u& zFS=*zP=F*Yq7T7io3wyF9P-QI%#?50XK=xyF9OunSfhB~C#yRjBI$)uD|uo+ccITa z;V$yHqYG{w;kbnu%B=9}5hU~9L_(Z|%@XX{AkXZ}#l(n3Y)ohNrahFkd+t+41Xkq+ z>MBpvs+f@U)RE!aNJ+@{4?ViE)jfn|;<~-&ZMB;Ogif*xA~Nx=y_fkcO2VZ(-Mhv! z2@mC(4|^yUC_FDL$IzRQx_u}dkwgdUZj}$8LGw#Z{GY&MxDUrvFcC;7q*tGhI-zY+ zg9bn>-X=dL3BS+Er*4t%zL%EjVO>0)fE;Fk>pTnna7YQTt16j+UOul89R96NU0*zrs2#9*anzpz~E{qT?%>0*HO&d>I(tjn@v{8}e5yg`U zpH^RXtVsFuJ_Nv7_2Z2&hE1FA*m|S^}ec-s5XlIo00yV~$EcApdd$2l%5Rso^Pm1!OJM~3=+?LD=^}2i8rhhD%oG^5+ z5jQq>*d8>)sp*uQMWQ1%evZO^$SbVegFbH8rI( z&hH%2Sw0-Z#R1&I#YXpuK1ZXr;!6E2tq5W3pXEjrGJuwiP8zF+FY{1%oNfA~73@Yr zFD|GTivmc@dHcJzq=XVN*NBmxSW_xWHbZTA;r@@SjL=}}1_eP4bOw}9k|(pe$Z~Vh ziwKOh_y+d}sp?OL*aNswhVac2WL-4hyR^M!6p|PQUM*d55Yj|g_CzB6|8JKOY|Zf2`eE5H~Q zh1WQ3UT+{Cmm7(fbxp+i#0wcl z&o62)K8W|k#B0@p;#0kYc)X9+l%n>?iO*JudQ?%p?%G=s#cNsmB)eqNUu?(L5)r;? zF7Rb`Rq0}|oRN!C0wKd9grQ0G$4`0r{rHKbVHn zU{?3UjBr-|bQ+7@lQ~@7 zum^SmY)ar#4-OdQS}{@CV`P9t;OS2iT~SDEms}ym#NnYi>ryx!&aj2BIdD|Iki^5q zCSVrjd2`88+9vT3Bsq9KI+W}Aa&FG{#t^FK;nq>n!W%-0e`gO}>yN=-9rq<6gzPhU zXHpJZo<_sQLW!bYeIAGTv{$kA!&kogqVYq5ub9sE0zS7W^5qyIY&qjA*ws19Jc*_y zn*<&fL0N%*r4su@Nj)8i$ZMJ$A<>&=4SJ)^=oQPsDIUgqrdOoEw??M2nV6k6L z&iJvqIZ=R0xR;CN=+H770MYt92R@Vb{SFd^78rQ3Vgguf@jzCQ^&v<=ukK~5KkV1+ zqd<$}yBrEIw3%l^N6{fg7XV8$7hVcXdwx;hCBa2Ckeh?O%FA*c}8FAFlY5?&5hg7JLgN!di|B%nibqn-C0mQQ5Ln!`v^EuGGLT1~9r zu`{ItFQQRjL0TlU7rx39Cjp2^@imyGT#UwoaWtf$3~AyJEe2CkI<-Vo4f&}T(Crk7 zyqNEykf!Z_OwaK1jKoMzOvb?^{cVDlAc+-33R95^2NdqoEW~2S*_?xjVm?IiDAykG z#mKW=lk|xX%~Ffc&(VB-`d*HM<)hy`o|?uN4a3am<3z=l^I}>dZQ+YcTmSB7kjuW34BEkaYDL4#MhS6*1S&Oj<<9r80x=5406xG z5XC!ZQAF!;2;=@hngf`gB}1AQxPqF0Y!~g!dBuwoL;TYoSd?H4bhY>54bkt8}vCqj2(dOvBfb^zkVN;zA&u8M^{mjjhjMC0BAYaMCz)v}N) zvUop|tX`=$)Q0ThSF^fpS#nr*79aRePTjRQ#UzFsuk*kfefL4?=opGD;z9AIX79{_XZ2xlo(6Qubmwi|dCL$-*>VzzVtI7Dr@9b9XZ9 z$B6pQk3lo4qRe86ig-m~5hMf_AY!cAvcbM-!=ilaPKy!&q#s-MxYrguk z8*ePYiD(Kk6T#CZhfT?R6|uM~Wd~-!0`!4?7{d!!P}$!(;R(73l`M=w87L38`A}yR zp<>F{ZImMRB+Evo4|{wI3o*1OX>M#9Zg{aLwg3ySs6~)?_5P z*(f?p*ZY+mHjE1`SOeM+FO|1IDheZ};VzhLSiw}GD-#s$Te?o!s9ZQQnKsO;*c3GZ zRxNVr0C5ZcNd=peH}hGH_hAJXzA;+XeFbTMe$|j$_?xbv2%sg&-yKCtV}8OS@HM`aQDKt1P!WH| zD=+R+HP7>K6vOwyUVy8lX~+GTD4QZGleg9g@@WC&`efer7Sh2d9qeSzxa>dU;82%v`XkR9_$spj~Rgk7g1$h?|D&cq{ zo{uXIJijxcuoa?RM1jWJ-Q3gIR7)jWv8GXcY=jTalU9PqQTx95aGq-d0CD+p`Lu9g5$PY=$>Vxwk5BA;hv(p4|lUP$Txp#v`cM> z7jl?^uH=YRf`L8~$8lyBxG{1D`sj)=uB1R%%EC|k>fZi2?||c|UCdgL5)46$twmw5 z)`m;ZIeMYg!m_CxKZB+mF{mlDyQ#vg9O%J~m%MdL82>FHUO-1Go5SroHlBOH%pwNR zTG$nnj}WjkO1qqj7okc$%x-+v=8FD5;5GkRPQ+_$)o2Z7Jz4n>Yyy!93|SsyS&>GE z;i{g!egyB~+1ZFlhQCndJ(2vWX&I~Dlpb+V?1q@KP) zuq%EfDT=@B@X72pIy8<)l)JA!qERDxdhNivbyY+_|4RM-#cX^P`PW+iNbBn>2u*pU zsY>+1DgFbYuD96BRh#7YzOZt(Fi0xXeehW$~T_r5JZYNx#Ssx zjczxlA2o>E0Gi%34h7*HuAIPiu{f>8`<5C>_&D#m+jLYWlo8&qXX+$C822(MvWY81 zxcW+)5BRPHixr8go%Qrk{83iBS%h{I7va@ggoUbGn#jipNyz8JOB=wY<+SMp$e%7n zVhmZ2G61!Cd`cpbwnzqzn$G_u{;s2)#B~CU)zSW3qIMELMFM zNsUCtY1}Rhka1d1mO-2g(-0P&*yrDc@UZA!DBC@M7i|?=*=#qdat&=P0n1_?v34C5 z7B8lu9$JRItQmV?285fUZ3+nzw-6_a9*ZN3S&S>bjvm@3Ye4JfgUg~o?$}eb3CPQg z#v-JQ0u-IY!kMGO7@$LRlv*Mc2Ju?Foit3ay(kPqDo^!R7zEBVT@X@HD)?>&q-oCDIpzr9%G2|a&>*AWTJZrnQ`>uod+VLemzmhCej?iJB%nezNg4^ zV=IM*g`I(Ei-|UQP^V$OUx595?*xb#BRWqA&-5Ov2HYs1jcJ3qc`PAXBolQ}L~VOF ziXMZt{$VX{((IukF>-KRgHF8j2My+jH)RCWkM-ZF2=fp=Dg^c3J`(!DL~}_VWvt~i zWcMu)wW-*vb4NfQfE^^#He~Q?fQjTj?#aVO;CiOzdO)rkHwv>=$$%k+qLNxV4@-$#-EQbR}6ECU*yV7-|gMi^3^9Y0Kw_nw2eF1Qq9q{uxeqtZev|ElZVd$t0!>t%!NR)7$MkQm9Ew5*kujeB8$K zi*h0k`D8ZE2_zecRE)zFeK~OBf_PLX<~Rjd>Y^Z);+FV5$AXk}2BrWp;jbx;9&P(o}r;lKJ<$PsWKvya)T)NigJW)EMHPIllruQ)aN#hFD^HV zFT6x^Xec#=f>{=q=?B71Yy@3QH_BnN91`a!xJ7E8vMJJpZ^~Rq%N6{vi3ZD$QqxHn zW>YR+*p=(ex$#BE@7i>eEC%zHoS@c(bQ)X%=M#Y@MF$V3yTa51&^j6~B@pfk+aWSBy`NNj-0r?d&N zo>qH2tGcMz5J;6{Bha0%V9G>$0c4y=>GY;T(Mj_yJbW`1-^EOs%496T3j0hyAw}`_ zhi<2Uj$EryOkKIjY|@7is|e7M7l&%%^Fn(nmv&`*ND*Lth=iA(nua5IYermtX@FF$OB7uvDSA-yX76)0klLREj}+4r;Kl9Wjgr-H30XaaZj^c zs#kVu5LN#O&(Bj6TRMae?#MDg8ja{*s_Bn-Ye-V+<@Fnh>U4Py)M=QatWWlGtq&Ri z(IvWwg2;60h%Uy#8p(}7-^y|uG+ks)+>;fb|4KrOb2pCs5h(*4FdUyi)nwtJo&jBU zOTUZsP6riWbFkA5LQ}}DgNwloT7)5cD>qo|tX(f+yYPfw1>s$}1%6|V@o>osBJP_q z^tWQa*>9GZ0TVYvX3QkbCP3qOFEQug*>9@Nm3Uu?f2Lv&!p6)bLd`L0xcdy2swQR9 zW*0CxRcUf&!erpjQJl^F2#@2Lg#TPOx0QhU5uU{&FJ*=SEdiY5csPm+C;?0w`7A*w z<%ab(yJn89&wf)wHCnaLtU_&baEDQ|l*U`d`R(SK=8$?7LK4Oat;9Es1K!7Fn9#Y# zgq9jJe;hG!sU|`uP~R+|bBtNA2IUW-{7ICZVEh!?#2izMGqC})6FDw1BV2)>Tz@22v`AAT`Wr=%m=ZAHn{$HR=n5U8MUrXJ3t zHdMkD_`VHzGiFT`wWiihBZbf(^|CMs^*Fxx*>f%u(jrBBY zMlHA(6hoAs1dpTnkGKm_Pib!MtUB_tQPUoOY~ktD9@HoP8HC0il}Y@8_#Mq?apBk52~&3RGBB! z@Ke1J@2W%o2|!qu6#|I7Xv&wSAaQ{h4-MfxE~!<)*NW`2{E^gw!ZfLJ`&1|)QG$e$ z{iYUBFuaaLjRjrk@?o&&9^~Xz-jvI5GZplqlB-#6Cm=5#4d7x@Hs#AuVl}3M6&PC7 zxfzhqYW!<3&46kkvYd@+sn4`y8jRvQ1{gARn-G(}B!@4Xz&|2U%h0`VCuSwJ!bBVz z#M5R>LkGvU0)&v1?XqBgG?2kaXG`ZvDsw7Lqu%h9p+PK@YO%yXq*|~PZ({vKg46@V z{<6k2A3mkmvw@T+M3K(~^2orIl4$UuZdY$4?p91~!folp(r8LcQC7+&iENT9OSDhp zHN`xiW?Y+6Xpm+cDwIZ(9c4sjp7cs2M$(xyC6N{7NBq^!#2&ApW}pruX@JO!iEDUeI#+#_K827J$(sr!8{788EbPbGcp}2kM_EQrMbHEyqt1Q`R41JOax4O5 z1k)tGoJXMT6kAae0C1BH;uBp-rM(>Olu8qs%~L3d1&w25#Cml#%X&DTh$T}0Ran5# zxb|W>XGI|d62~Bh9z_#P;R}W_?uG7rF&9v0rVvYLpTsiiYUhN~`13HHA*#-_Vyc;6 zNYBE{%xQw9#gWaCx(`3}gI1u@F%h#UPB1Y}b1K!9xChmmh_CpY48|{sQq&^}a1{Dp z5or~39F6>8PD?R3R;Q(eQoU~5-f|A&0W@(_ewGtWF$^ZYfLeU7>4U#ufp}6Ch<*a) z$yeF$<8NxHG8b{3^F}xpaZs-WY3V?Y%Z?KL9O1&w|EE+b_g5KiQaxWQ97ozQZ zur#J=f5=>}Da~=ge9Yp)lrk2Gim45-;5c;-B8fB*p(RprkjkYH?soft5fC+q6UdfLl0<3H<3tBB9Rejk``}7W_Y8Q7SVKGzessfq6tzmJ-`22 zXP=K-RmLQFBaPHhzGr`~z4qE`ueJ8t`<#t=#R7EA2`D*7IYzkcAft8&QM4_()2Jom zqHwvV+(li%%;jAfN>4-IDO1E6)ot`d+$1h3T;pYg(J5f8TCNSrU5Iv1Qex8PsVH`* z{a>R`{(p^S(@ns+34A4&?;w9n^7#YSyN_D?RPXwWZ!g;RfiSwL(g_}0-w$@QeRWJ% zrOF4WlVEbq#kCV%*NX9~SiEn^r0szV!HjNk%mQ~@1D{)!`$7lJtty*%8|`FpHzc_4`dE)R{Q4 z(WShDAr-{5jIdAI#23P@irt4M>m^lq^33h0WUBsCwXQWzUby)X2*RgRg9&j6^1s8o1N@p`zxw+`8CaF91BgHwdD#c7$L)YuJwiRki&G6QP))Q@a^KY7e z_hNE~!II#-6PDG`7DiV}9b=Gvm|eihFLylm|7TF{N22HoiRY8#$oA4$h~5&oXP^%& zWPD$4S4M4ju)6uDca!DI$ZJ4ShHR)RvZ<=1>2kZ=mz~lV3TYiAi_G028thh5+-=B) z^^u#nDt8y?oHC=4FM~ye(p{i`R}@_%ouc+vYB{yHqI$|YgGg;RI0rKfN~_Co-iA=e@M+cA;B?a5(nV7r}0pI-j$rtPL?yba%G>pp8Y1U?plW1~IR- zB6A1#Ueo$A_eC={5r7r!rs(M2=rfFiR$LG9?*UvL2Z$YlJr02D7(F{|Id>7djj+o3 z%IpxU!b6n!G%2zc1Z5xj0sF8fOnWM)u14Z>&^f;jTW(E7mp=f52KS2?R(942aEE2r z2)ldHxU{zL&jr-GdJi2Fku_WHAS5F}#F-#IMyg0CpFvoCr-r8n$Cqxtt{SI|Jmgw} z$(Zp$bB}>cKKDlmZLMqE?<3<%48g4Hb~7GBW}^@mYmbwzF37VKtq;;cbp`tjB@a;Y z6s2whV-ZjNkjdq#he(@?c11ffCHLD*hq%im6)V1$ zk!6^5_pCG{e9lVjIVpX)=r)yBEfSkfZow3Hx}_YrG|XJ_PZ&I5q&cmcknqx5ZL9<7 z0=#G-OHjcR0RxGn?gIu95?`U2r~z}R8mJ>cbaya>U8nX!+YqZ;L}J4hvZb3WE$f^s zvzspR(`YcYBG533&8S_`3Q3Hnmc)QjNwWJPJ zwV?iL_R96Bc^wws(G|YTPMzJpUbqpv`;^+=ypMXKgwtbNG93!TM@bdiy36w@CDNt7 zOE2|Co{o6EwoMdwrn`vJYn;V7E{c@BP+Q8=XjATLwJT?u+7-s?r`D!&C8&>eM!aw! z9VefN!cbf-C}FjG7iG0=cZ5{$L&*CiIcKB7=m&vvFO+%|C2ci7{y}P{e0~?0XdDac zZp?5$y+{sURx2(xXs(M2Ti*|_XieH`lxtx>kb?&x>d;1Gv^9*yY8)4B3?;JM z6kT!csyup&aNQ`6QMQJqZg%w~p3d`i)GNCq@M^S9#%H>cj!JUcBNwjJ>R2*NGwKlk zg1nT^M*IR_ZhgNp5uAJ#5 zEvWw?G9)e#&$U)p;Omq6lJyZwN^Nzi zEZ$1DX(i=llF4$9)~E9-NX3X59`Nw_o5vzL5XMkPEaW$meo6J$Afp((nS<8~Yz(ro*lj1?8{Q5f3@!wb$Vk30k3k2h#Xo7>9p+s$yjnlytrVANHfla3H9oqs zS1+|C!@4dk&Bc-NA(rl7CtkQ+*E02dyH~D;X(~~oRYy%r0$%N46l71xgikHP*tXfd z8hmNb)#_qRHrA)>4OcivVKzSJWX!&jcR>?LB_#&JUP{)y3_BanGGZ$2EvF9LFd2Q- zvhsutW~Iz|wW5La_S{W7cEPFU>v+}G$&66fw;f$+IINY02qIx!y3eB8(ZYAf42hMG zU!}`3Sre{F(gx;8b8b$L!2}s5mxE-0BkY<`63Y*_I1FEJO74i1>b`hDozsCLCywM^ zDhs0P#p9pjpY*8w4ngvYcYNU7YNx9k-NUUC;w!g4qmA0_9Jam9A$C5u5gS31D^>rr zgQg{g zmAFQ3GwDCH;jsFeYM@qVl0_N|(MNQ~Hrtl=Q_{z&FR3WUKx_S|E*%ss5b=bMmwa6s zZ}r=`GVr`CK*99h``pR;;zDVqsf-<`Sg-Mv)AJ;Bjt{|X)G?4&{0iMcPe<#;<-4K8 zQ2dX>F<}qtuDNHfDWJKNWm9C_)eQ>k1@1&1OD@Dtexcd zJ_hC!koz#PQxKBRxv*5&kMrvjOh`GhzDUV24kZlH@uQfXpTX~Ph%~uEZU@2$W$vdY zS9ef$2YI`I@_7u6PXgg63SA1*ATi+OQZ3;*{FdECQVT65}v`c7TiKIFCFhRR}6UuYPdlvgTmZAZHF;bAAzo7 zSuM#P(C_-7{Kd3d1d_Jq8er;lF5!j6m1LFA5cjf3K5M23v;b&^rzmHSI0WQVgf)*` zLEatvmDM3>248QB`;m049zo?))+4*0dLry#j_iX#k^Tt;KR{S>NS3+elBBU#k+NYV z0i;9jCe`f~&Gf|Xn$G%bbw)-W+K24dy|YJ&?S~;{)dzp=0b=`z%eQ-!yt{xbPwqXi z@!ix_s&;$jPgP8QU-#@rv;T0tlROM-=UgA>{~`ORqbKUS`kCwLC-bZxR!187l~zc> z{917>bdUHgtCzA)XXjFJiALVdx0PDZ8c!P9rpc#Q#x5NlH#b*WF}=^a?UuZjNqv9$ zRf9tocWc`%aB_4s4NFITu-dDvoGuchEdQifM0?Zlg)mZ{yn zBG=Bcq+&1fz@VkN#p~%{BE|O>K>baAsKT7;%u(X}qWTi+FN`OlcFXzv&P;p+4cT}WPg~v$CuVpmGL2o!=gr3GyUJwn4ubZ4;DH2{nlF82krS@M~5N1&u z19|tGiR5ZeUgEu(@Sy}l_|o=5rqG>y6FiD;6prF8^kdBWoU8OgOlFZjJdmbSakxGo; z1D19OS}JzPem$QQY8}EFh^~CU)@TRcZz=`Y(b^d7{#pFhAsn^IkDQ&>8mVO~9=L*X zrCBHqC3(tV6t58DmuW$ocGnbhF7kX*EC-)rn_kix!-k1E_!v|Sh1a!8I-;tlpnKe& z>&D=}y`+h^@Z|I!z>wD-l1`gMm+vE2lh#K+$BpB6f`f#Zq_XCo{D=3Gre%Wa-^Q=- z)Ip2@$EP$m(-{wk)xMP40L?ww(91Blpyy6K ztn;$TnTLwUrF7<4DUX09v;N}b=-TBjq_kMO_G!)RTL1G0BNcxr^q^6A#>6_-S7K1HjsJv5*>AP3Q- zl$iI~t@j(EULUpi82jeK&``7XDB~tWDB<*O$v?>hZKY~% zXiG`6TU-}iDtDaT*>ejq$e5rCM0Goga;Y$oOM4!g)xqirIDv(!45?Z_@)2EnkQTH! za7rZgFPDPTfeMXzOI~-Nc{HH;HEo8JAI^}084SUwLw=p8^(RHazKL}QQ za-X~v7lEV8-#=ZcT=sORbRBfcIDXSMj)H+GkcYv{{pj*`+(d0Hxk5{s4M=glXroyz z_i|<{Gvjb~dTR~kF5zfv>&PuDVUBb0gFJrAa<9p*Z7zVrurCQ5jvFrCONY2Z->zsi zYQzI>)EiIk&c2GF5tfz|mJU6@bzau7fOvGS$Q!FkjnSk8(8j@{%q7Dp7QOz78LSA8j>V65A zbbiCQZ~Fg`8YLPy7^XzLN?iPOnPR~rMtE)ZTW0kqtdrWC(&gGoy^D|u+efR?H$S%@BwdDPR0q?;f zcth4l`U0l4ePvb$c)!Phpz)D?Y6of26ME`}fqQ8|v~=4oeuH7XQ&iiiS`}$zqmQp{ z$*g33FSBA6{%KfArzhonnJRX4m7_t@YrbkWUGPrW;K}sY0ET@kXEz^|tYcIYOpe!C zh@&BqNOCnMC#(dT4~0%ctF}tZIT{UXkt_f2X-a7UD#G}}*Qbnjvcn0A)oS=j2%Rnr zteAbdIC^NMJvtdLgqD40&NmXn)N(^vi{Nx8Puqn4hI%}RSEOpndlo)^ zp|<9t!oF<&abv^One2Ps>01k4M>NTrOwk=-OoOu^JC0&#(KBDiJ?nvWVDwF84`MQ(R^pFXMxBOiHwM-y#`!$;PzUaGPjxyj^2Mo@bPNSWqEaGIoD%q3iv`C) z)W&VH#_W(I)_}E=f;mVD(Z`*gR3gfr-MlvWDMRdA|J;2q7ks zhSvuf{L2~|*w97)LW_4#c7%6PWhHHENWuf)kirTZMsAgBuyrWep-HPb3%W((uvc;t z7J6m3i7Yl$S8BsR!a;cE_c@&PaK)~AgisnS_zi@s20;U``T<4v*W}8+&yl`tS#2uj zRxhj8)r#s^Y*RR+i9rLSXl$daea+pPt_hIZe9=8&;%9|7>SG^hu#(8P4L(jm z;JM1s^r($Qa2MydW_4^p;{;8k(#}hFee&;qdf=b`<;{?1DCtOlhM`cxX*)XMj~6?G?W1sv$TN1R##RW+?TKjK-f6|G6A)=snt zN^w?!UM!p|4)phfL zK&?v@J|_~ATU~g9*pqD@D|_@@vAS@cly4Qu`!>)?|4y}Wq8#cxCulzeS`UOV!0V&F zQVh}xRTf_EiUTi(z{`hgYnf~3-@p0F!gm>FZ?hb?8lVO6n@Ta#tr=plg%|DjW#Rcc zcy@~#&0iC$Q2dvoz>oCPP#$zunkemMs-ju85Jc{*Ed02=6Z-TqMmd75QNlU65S%H| zIH6+SQH6Jlon=LyD|U93h6;s3AFcHSOvG!NIn?R_jgBa)Hai&7fsV4!tu}u{Djl$A zSFKQOZm2eXzs4FPKvcr1e^YTwv~j4Y-uykmEef0~ZlP{hPtof*xZlO#^b}U_t*OQN z)kZ;+g@j?v6{3B-l- zaA#Ks;)}^tLd^8iUHwW}R!jyrD#r25DI_y_PbjbXjZQea+~40;DwI26`*NSj?ST%j zv(*4>)d+mMP_Fce8wo)XP0lTxPAHT$QJLdjM6*{?+1gT_E}Khz>kAtwpjm+=j>}dW zn=k7V9Rv!%2GL51%$1(j!aeGq6)S5n7k{LdkqX|jPZjhB^A-v$wi^Y8J9-qh-YlF) zUKGpL<8rwzipr&^y{!L`58zr|?CL1BmAl$HYi)&ce_3LnTv>dRT5VnJQK8&sq#ZT# zjRF|birox}a*w7!;}$_N&Lb$96esnT82r7GLlR?F7uu>sHx#QjwrWZV?X`yXeTMd0 zqy7P#`He&Byirf%2Qd1?Z+VT_oLo_z31;Oy%~hV#AbGhRO;$jb4Rn;~-atoJ*VFP0(TNmg>PYf)sFU?cz>ygMUclH&c0XVaV4!|1^@M!NuXs_!lAT%0N za0c03U20pJrH{kvmBwcY#R+l2dbVIaDLC#0m0*IUp%4Q=%Y6lLMQ9+71~BcVVwWaC zS65dz1q*#b;v=Ol(QVu?OMWYjQ_B-=U{7@$vXm@Wqc*jcR$6=$$)z~crE6W3%WUhV zNsae7owAwHh5)cQqud31hVa@_heH9+t_^u8o>2}cc(j^4@NjHG%PPsQez z&Fx0FC7tao!Q}mnKa;T(6{_=<#h;6{tMh#*UO1x+X^TuL1(5-i=!cT!@`e)pu~*Gx zc&}2Dab>z#=$9dNtz8c$ilC8JYa^~`sg0O`w;^U#r@y;Y?Dy%q&L%pr;mv*|!P+q0 z6@k3npwQiooCQj^0>z$E7XkaPxTS4PDMXanzP8kpjd%2x)}(O?be2nNGYO=Wgwx}U z74%V#5v$wg;3k`Wn+VhY?ou1VvRrBSjNjXf9+rs+n*8-J`{I};w1*H!FHxPB48tl2Ra7(^2ZVz{$!)ud5Z;iw#u63}Pv_ z#UXFmo^74gdF&KNW37#F9D&FZh?4t721gr20T;B5(4#UtBdt-~hQw>+ak&=JW zG`dyYXh^*&iThK569iiA?4hwTHW_wBwUN)REK8w>R#D0$fl?OD(kK>ip|7Veo5WnE zi1n@qs`VGmlwJ5KC`i2YseZg5q1Y=n5?J+Va#G3{CUKred`fBXdej9^+#EBS%@O4# zfj%s%+$u%#K2+WR~}5YnL83d!tfWmUS+nXbV;JvQ{f&?GYhV^gWzMNJ92SO=hU2FhI$vR!QmK+i-T5?d2VCrY27oP_WZb@rFC z)D80^YmhJtFJjSGo4squ`j%E)L|LVVS`QaG%#vZ7gM77fy2WED^; z(}jYiALK|E$vo__73AW<0*ot==c~<)GBp-nyrI;Ku6Oxt#O<#%ud6h-+23$w;k%XQ zPW>rxom8ZLF$KCXIb~o{&VGmWyYO9z#sHyN$k@p*W&x^&`H2BC&>;deN2$r2RjB96 zQV%xP7_$SpQ(5>8=A08NB%rBd=2-ZRB=W+qB@G{>W4$&m3qN68NHx+WOaJM~3s)UFwjQqrt07vTqXAj>ht6tit0Vt0b!0a~bebk=m?1ti6Y=nTJWNHo7tS z=`W)NU!fkJVBoPImwNliP!f-l(f+;iKxqvOw6)sY3&kqU17$tIrBOOI06ni8v(&sj5_;ptinufvN&t|0E$*(G!W= zEO-G$&8XGDG||Jb?iuUv84J%@c#dI3yD;d#2ek)kwN8n=NMq7C0h_tO4)tV%RvUk? z9y}o1Ni{Tb;>2<`9vkpqGWhzXOjvFg8PRI?+xr$^kqR1JJYE z$0lJTOEc~NR9s3=D`hg!8&sMWx*L0I9U4$MV3Hoa6f>xv6l!#N9Yq-wO3Ut$kI=Ds zB`&U~m-G}doYkl-K5xVLybb9K7Jk9P&sz9d!KtG7%+|4|=}OePI0$VWhZ3FsOUtN8 z-{)+Bq`<(k0oWDFT@zLN+m=kJRO_qRYT~&*O2oz8fb&G>yf?|jgA3a7 zHNv$5j?d}5)9Y`@*6{1;^it^ZQajxC79k2!r(Y!b9#O_$e5f3ATbiGdGH%gZVJj!S zn^YR8$(TkU;O9b6qNCo8ZC*_evAp?<1mAt3l2~y|Z77!tqt9fLfcXI z9tu-OWr(khSDNdkr@Ij*o{WMo<0y!m!M_`Pm9*JgYG<|Ayw6Me8dpnutptt#Y1&Z% zJ|JL%^-=7^W8_^}Exae+)vuW`SsBBCZ-A^Bse>4iyfOLlu6jZyHjfKOF|87Vp7T@_ zq-xW7Sp}G}i~rGP;3o5!n;JBSt1YuYsu27A;LOGY5(13}k`zcw3crqqyqrPZn$!^* zN(^YY7u{P|`Z}}9j1Xb=KojN~X1oSreKb@OK-BEwZ}^KX5p0b(WTj$@#KSUktT--; zT%pS1n_V(Hvk+l`!u{0oZE`0a06f$k0c5x!cPqa6X zvau(Vn0jZ0uSikwBpOTtG?_It$Wk;w5o$?M$@%7iHOBXFs)`!g6d+0#HX4@7;>#Pe z>#t-rAvcQq`phgkF9(2)Me}?-D9!WL*i~O?%F8e7X*4Z18j6iVBwDh*i%Ae>i@$^F zmY^LIi)kh@g3Lsm&JmtN{hEWatmXFN@5M+iqmYB*eUflC2;5SX1!u7iJ`mBtieDC8 zxf3rBxEXhBTNibBzbi|_eWdm&J|IHG3G99J_gCjh(4^L`j+U*r+O+C{kF-Q(ek=24 z+Qo1sDM_$NNNJVQ5G=KeE%-$mE$!^G#XzO`TnPtk53OU@sA-c`qo50(1#p*8Dzy*b zSK__6jxPBwiI_u^G_n+JV+IU#s1O|ABQR^DHekkmF$O5~D2bsY_cE3s#eoi|JLO2n zbuPx}CmD*uoVL_#z6hQ;eX-1g*S2YEv868SOc(AgNd7)P&)}f_osPJYU|I-I7h`&nn$7Oe&{Z=VKlvu#ZgiH!DO#&NZy}>li zALAeNg}~3~i@7$7a%JMQ7g{WAwPyH*yNhr;R-13qwg-w`29BMgHNkaHwm8}IwZ3bd ze9cEttj2Pf*QhwRT;6!XRvB!=}1;-oUI?kSc0pb2)0OF5P3W2dFIeS-Nk)7=%F( z%LmCFINezC`-Sq&C0W#HE-z$KnOLF%7hzur_AP{y1S>+Spa0_&sTttMF%eef%y+i9 z)dUkI2!#^1ivmQ6EKHybY{}0?FWX1OUI~yZg}NDJ)R)O?4SP2{EQ_Jq;HZH|VHqol ze4MY&D@)t*Rx6&69;uevZ33wuu{jd8{zPQ$AJtr%vyMH6~5m!6aaloIP9d5wDOQ4Bhz_Qu+*(Q7jHxmd;q z9rqlbS#*YWtN@G?s%u@T-B*%ei^J<>vCYyr+k~|BG9ls^5igrC1HMX`nrfWFO;&AO zRc$;oLDVW23vc8@mBNUKuXgq5!o2%s27mWRV z0miMg{#Lc|O{=_rbE(5Be^ZIgmjMy-#pg>?^3g1vvW;M?Bv=P?u->jVo;Fwq1FWa3 z&9_rn%D4Ios7T`~BW$Jl6n_@%0?RTobQX8*f+>bD@bh-~?D8MpyaPgaZAg zl2%|M<%j5HMDi{t2z3-ZFqb&(C2M{Yd$Dhzv9d@ zxeBjYg)^bTYjFi7R~xTcg~?n6bCfJih6*pl6_i|Uyf6|IV0jndrwjDr!4!u3*M+G$*dxYl9rBY3_wlhNlo^ak+PBE>yOF8h*#n|8i~! z-ZHem9ERX6>T8gdtY3_u#cc>?Hq1+%*hA|IVNE_>D3!HR8F+?n4RTt#DxpihlL)w zPB7tADd*gb;bdOdrLS4|>ryc#k4BpNhV*f(xEM6<@s5b;$RErAdm0;QL7yl*CZ3F0%b#qfI`#3J2EW zJxB;^Cfk63I_O4Wa|xpgH1uaU5OOpO-@{j$z@s&36N$@s&OdFw)@t)rM4*tt721?& zC&l{yOkf7aMrl%T&(Lj?p3gA?5}?hE87MZm+D&>TzXdfPZGb0 z;B`6wycwZOPrDInPkC)!aLWz*J9BYZ#)nHNsgq!AmP)Kds?BfGpmmK|Cg?J5I>c3y zfda26wykl9LZy%*htJZhq~I7awV=JC)SaL0ZT#k}FbqdTOg=$O|aC)kr`;>4K=Ry!RSW6UjK;yxh$+A5vfQ z*5y`J3wo-B^WK7@S7eFI3Z#{~Vu$8=yiGO~cJ>aMCvo{!i5uCMp0Z}D_S_&L#-fBD z^ABtIx-PZp>w}l(I%%s*-;As4iPt(;vzo6d=d*E}s}J+DFG*`x_!SqvvP|G0`jq|3 zV5!r&Dkppso-#IvrY>F=ej)qbxXTg}u@ehY*VC`}2bdDt?z`bYB0N$J&a$hj&8sBzF>adI#^m(*fqjR|NTxqU z6p+xr3K-SKJ2q{b=QaFfp!TRATP_?ZwE-f}0$7Q*fO_1dRpUB8xv`Vw7K=FhYn~BM z)^XteB?V+6D~MaxpnEx;4by^mpp5GTn;ThLW)WO2_LjOUOYfG;T2ygD1a+ZZO&{j! z8IbrE!e4T=7qKUgN?oUcrq~!9ur2n*x}8{C`U)6Um(H2@X>p3p%XS?Tni{~P+zAam zY-)g=bQTUA>7coGhb?*D#AV9T#AP^+A{K8L_luwPKO90@eQ=nuU&;dP>^*F`lfgT(X{XM02mNo+&_-t$u{+vnJ=5sn7 z(tmyFGR^~Z727*HIktokW^HfJ8dRM-edJ?$uB=l6EVy)vnd8JZYdXs9Jw?u^(s@c$ zmcBzzbe5p}AuJ)rgXLL9yTKLjDZx5b++6BXL<4Y7KIe*3Psou%3YkewxVL(4gSIX* zJ1nt0K+S9>BfCkG=2*o|@qusSN{YTI)uhv&**cbp*%Cw(MUX{F!uM2%1kIy!{hCMT z`ca~k*0RC2h;8DR^6Jt$K(mC~ z#+jP~<}DZ&1Y8F48u)J)Gm#Src66nAevMYBzhK$(S7q!q=@Sz^-_vj72jXON#P#=^ z*Kl#ZvUnD{RGWL$lg3`*;VjKr8DtAC+cxG2e>FBOSW$1Jo&->3>H7#Wiet=XP9Jjk z4uKm_;)7widXQrs-uE#VoJ_A#KV^9fE|X$eb_?fmIV?^_IcnE$aBWM3G31@hfH? zFEM>he|TVB)SmeGsQVQumTpRX#UMOkzh5ypU%~5R-oBqYs{As*loUazw)hK&NKJcc-@^jhc-j)--PQjxojh5ZhemxSbfM{Z zF$r=Yy)}6Fx^R(~?F6I}m;&;dmwWZosUJK3-J?*ue%1mH{bJ$@^$WhurxP=wIf{)D z#x*>dXD|Do;1jZ*Jhe$%52&=pQ%SxDE+K>evU>$vNfG>jOna@W=`|_WB zo3HUlrZzz+o(^@4-}B_DyfOmL&zsTt5-DpjpsLMhJlp8~uB=6P0&7vzXW62W%IL+OzAc5zbVeLldE5;v*^k9*YpdAAngT{Fkz<-aF|AvG~Ar`*M_jO z6068x;cdtqEw|--d;mRD+@=YTj8#*J@>Ha;jpF}I)X&aCc6s5X6R^x36X+v`*Upun zd{AgzsRPFS;WD<}&urmf@cQWbQaAl$eJf|4%`~2FtNy?|7Mk27X`aaTvP1YPYKsTgwX}w1)jOi zBV2K1$(xny=j14@81WJT3n48mJ5mzz2XJ{vlaRD9a6p~ox_-7PDTBl^Nos`@k=V0{ zcp{A%Ph_GFYS=`6Xe_DvK1iGtzKM*DYjZ4keRQ3XFyRT{q@98o#Ek`7iE?JE$;xcK z94%YR&q<4&JBhLmhrHs`Sm#b&V{G(yPJHr>y?9;_-j}X2ynp8?UR0H(8?2$0Di_t; zFXtHIs}Ggd!B-B52_JB<8R`)RThrAea6}y8fGbI%d?*@9S=KM0951O@|E-#I@4|~B zTnbdN6slq{LTDola~!WMevOIj$mF{5HN6_+Q0>6+)lJjHrUBX&2`t@Y94C znKU8BCrQZG3}ICYVU@SAI=t|U*!U2lae8cVw4}rx4RzxglPQ##5}7pmuVcvO9ZulO zft*HIEQs3;BNmg5lbV?czVV#(?0C+4B+OZlC37r}db>Tgd16bKTV2tJ$f?MnPl@)rp9W%; zqiwrbbZFLO_0{uQx0=>tp-K~kar?OKh^%5Cc&YH-)021^~!d?bMo&-u! z&MV7ulp?kFD$mVW5;?D0;OM(|QXpgWVP*c;@>Jc+va~9`mDdzK7B}U#&NH*pFMGyOPH# z0G#`*$|^KG8Xwqv}= zJ7lfA$Fn|~;O!&;Ckw_5M>E*qom0BRV;Mr724Jm#O@=ff7EWJ3k?m zM!T67B5*MG&u2@DuNI<8fp!SGr?eZUu zRWpa{^*s_3Lwe_vslg5jRnC1iECu3_t)Jq`+S7=WFVTx-Cu2Dl!vSAg)=IVo^}s8~ zaUmDd-pJRi5$V17twdXVobzPUfJwTRc9l5CD}Oz~&_iCr!^s;VlE(12wrvaU1Qb#! zf$YsS@4h5f5gkDUP;u5FnSkmc4T&y`m)wSk$`q{9SB#4ws^A|AY zEqIcCW`94gG=B*hpA z{>tBJ0a<_NqM5pV5!MB5F`$U>2r(v=BF~6A+X&s0H6O01{`+ zX@$@4=s2wlCp%2b(8bTnQjH8;UYZN~wuP_Um1t8>NydA3Qpa8oH}_a`oOBNCYsqgV zE0$uK$wFj#3RJE%^}!1j-oew(7kiSaT8UrJy&(pLV6lYoT-uXVgW+LNI7X*^?jc~f z-NSg`5bp+K2fS9=&06&)Ea=Dy6}(N9?u%;}Ot7=3$Os^W&0?yQKmcO)c3ij}h z(pu2?NsNXL+$6>9WSP2d8({}*6bNP-8RIOq4W*Lt07}F2%_R*kDNGN>Ee;qIGZJHf zOJg6wr$W=!3p!M2jlZmQx%7Z{O*pG-FY%Y)oI&ovT&0Kel{n1!!b+7U_pyiz^q>Jh zK+$-Gb8t!VBzeUHaTyFwe6m!@0`udIc;jOaj}h4S8H~js6(kH)t7J|oXMmo}5%FZc zTd#3EF#(^cbY{D~RUL-;^=jjdv{-ZR3aw`<&*fU2%Y)LX(2EE4SPs-NkY^=YPw4b5)m-EG#>~F7B?5pO!Yw%*+p=@?H?+J4}gx%fL zf4F!k2$HW!Ct|a04`k}bcrR;*L{uf6v7Sz#?F?RfsL3ur$loK=#aUk zO44(5Dy$Q!2A#p#Dij1Ib?D#)?f*)2 zs>-&~T3K}L`LqB+bBA+wDX1}<<8nXAieYdJ5W5&9ej{Kd52@LG3WLcyf5dTaI-G3sY;6ECsA= zGM_bnp1nd|%Z7UnTVSP%!ZRvM&$HXSdg&bC7e1Wu1U8bqvRb|eK`ne@MB_>E(u1bH zy^B!H^h6k)pfplqg%VOD2|p&Z&E$G3S{BCxk;&te3O*=Aa1tcHCzh z%hzHoJd$#T+()?~d^?cYN?I%#!ne!GT(AZ%Nl560;ihHqUdzF=SOV|0JiOOh;DNKj z`$uL~xq1`(Hixo33v~FC$nZ8~XlWhtarS#zvXD};7FXw9pmV{1Kv6M_q*;!gdOr6O zU)C@$i)oNB^5v3#QZIA^&{^E`#_QpAYq z6OYwRMu}w=%DI|pD!!W<&(LgzWt!^TRR?n|Ns@$BVHmp*U&gy3!n zu~ewo(sz~N%w`@VagEAr-I>Km@f9&r#tIlIIfqe5NH9`D3r0$+oV#H}W==}ccwRrd zta;6~XT9y*RDCu#wJerQt!G=L?X#70Lol43-P_#3v1QHx>VO^Z%X1X-p7^i^hBD_C zDYy7tmh_tsA_@sV2)pB4Y3E_CN|qn~%sD%CWGr?R@Q~kvhrAVFp7V6tMm;-fw#RRu z^pcO!tH4!szfW?-Tn^aRCjildr(T|6@_2oYx0N3=eAqF*07B%_v@x+`%yu)nk$z~W zSbPq0V+L}S-=d)sXPz+o(%17S`AJxJFI*# zJCcY7&?1T1;cyd4>(O-U$Ku+eXnsYXeY1!8OKo$AQ`hk}5m^k1O6Z{li^JgiY@IBt zq;XHt`%bxsJclhbor$S7AMfO?XOTyiNK3cUw@8+Mkq4WDm6Go}xknK%WZXNx7Yab_ zH!-Yyv&O`U2wX19;cUGktJd8s@g%%7}pU`5PV zZtR=%<>PX$p3_p_tdp2NX0T)sj^pvdzuHvXX_BLbl5?~O2?;F>P`>9%!gy-Yl%D!h z*Bk$M{eOOQ+h5<)_0Q(Ee){Kw`(IypI=U)~+83he>s(>cS>%WKy+`*B^Y!Sc!2jJ} z{Hu@r+rRx6KmYbq*WB?&q4Vh7_5by6A1VFqucrRuriuUkZx{a0tE+P-3jgxmzx?w5 z_1Kor|EvGH_bdNq@ap@oIP=1P_&V^tIgy8a`PL%edgc)lkR{0@)tjQ-T(C3 zw_gAEQ_p7jr9+Er8k&wul&U;p=a{I~ye-~aZ&e|6+vJn{Hj z!{00YVdNie`rd#16=;B9K|g4ih{NRkbm@n0x<>6a{oJab1^s|9KXjvA__s$CZ0B3r z{M7jQ&-`~odeeON;+$=EjNA8h75r zeLpuwMgDGziXV@PAC8K*M0?)v&hMMJBt@5$=yJRC|Ib95!o@_BTwUZB6#4Z-mxYYw zHx}LX=e@9KL>H3zJw^K6#zkVflt*H4foH~iO)qnit3)JTOxg6KiV)7 z>B8et3J!7EvH$j@$ZSZ1=`HRB*!`L)TKH#UNr%(BXKGv+ueNj(jo;lJ?hUNbuWI{lLKP6>uDC?*+E+!l5E9b;X(WlJ|` z)!y%-@GYwek;j+^C!NwA(@O zbcMiet2Ou+Fr(yQ{wi|y$M1nt|8@P?cy#!KfzUmixJR71x!Psb zx37k6zWV#!RsEqc5WDbI)j8UF@${zZkF+*-zx7|&+qD+0Ik#M(K%Rctf__gZ$Of}b zw;f8NJrZSaE1ZlzCVX7X{V|tRw-A4|JE~VLmhZub^U>w=$8V^s)Hm!!id^jV)Heml_Z!=PklU$0awkoBN9?(sd{}8uQA6`vF{V|tP(^0?lRd8P0BHQetK z{t$Cz`Hj>c%1Zf_FQi5hTDe6r1~Znjmh1cJr*1d()$0Mm zTD?f+9F1k4tYcZz`eu!xu1B9e-GL3ZOonnfK&P* zo_o0@RVfcy>OSH}EOdy8c!%ZO1EjmDt6Fzk>H&-0#qS~heL9-?hwEEb)@POa+&^Rw z_tRI=M14L$k3&DJsYfVi`OA(XgZvWS$@rdbi5d;gWvd&aeYya5n_Xo;#}J>0*1FWH zGuCs_ro6P1ha|o=`~8ge%kHAx#{iKEn6Ln;g{;+P)rL^ORg_OPmNdTL(F$6t{WH;~ z)c~x`R@|VKSzvMr8~IAQL{bI%v$?J7oJ($nyVJ_LhgdUU!vPXcF-dN-so>6_OAe5v zE1_?r&NLcBX6ET=Qz+{bO_qswBLT9X(!TJnM}4969VE$)tA+##jJaq#_x!db?TU7! z2py%2Oc2>752PLgRSox8r;B8%Cgr4e!`GN`D+{_>Y+K5mm3`#<<#l7LxSo33c02H81%f) z7-UG5QkS4QI7tiB#yfMg?G@CH*yLn%N#2+VbGbjC>{B&lZdfTZv(jp9HM1g=S>XJs z=_hNtwXm%WvN+4Wl!JK+vGb9vEDQooE8f^vvC_!y%2ZpwW=x*ghl9-=-PeFB;tCUy!`=Xma8^d2B}n3DIQac^hp z@1*uTNZgB3+=a@z9hBzz{X8)5i|(i94E4Uqls-iM9O*YA%7>}(8A=@i!ri3KSn6%j zL1axG@40*tcYxU)U~vooZ`ejsEB$IBr}{TYDM^S);*U~rkg&vJk0gPs`|2?G>?UU@ z{>RQrr?x6e`r*5B+$^V`HTqerpI-fx^|MYt75!B8vtBKm3TNI?(h1?)I|{*pI0a}*9HI>AQ%XOi5FSB6A#_HeBVP6qFMCH+ zoQ;apQE@IR;+B(vBlBh-z!fSK7QQ`LSokML&(6-(PYoWePt4Cu&7B=QQlB|BH9I>s zeR?)YOw;zx&CN_5o1d%SP&-|po1Gg!Jvlxzc|+~~`i!dFGBP-%|8J=6n?E@>KU2Tu zbbWqqX8hz0wIlP#PEJjHvVL}K`g8Tuw@ggzJ~q7l`0XoW5vFspPM=Z zq^aXm6XSD$<48b9TW4hl7e~%<=D^OBu?@&|zWTVwR!$At*|)_m9fa2DH%p&a=Gl^^k>#pfW z{$u#n#@8vexQ!;d2sGa9?7U*}0JqueVW|8>d*DwC)HeeTjb750-dQV@!p9Jy-5C{P zf>amBtus2ACz#I&!c)rJq0qHTdq>fS6@5@YB1ZF|er^qoc=Q1pQFrudm2(F(k;TnG zSp14$?G>>WzoXMS3fcJ{GAhlb1lChYXjCzhCN164B-%rTra0iwhht zOdB@lTKJs`^Oiq{5_I@brwHPxYW$su>@VxUOSjbv zy_=G6_N`>7-pOaYEm*%X{^vu}NuHm+6jJFa3z2Slqs@0jl29r`62bChjZKQcRf1s| z8N|g5z466ox$mrk-nl+W6u5>jhB9&+@<_gwM^b!}FYtE0Kwz5`HBIw#JHX)F9#P4U z2nGh?>x9ZVOc^fo0Q1b(T9o!!(wLtd5v&dQ7B$9e3c93(gBgV=TFaiW!WQWuA&Pnm zI{Kh<8&N1}2O??(ZaCu%T3KJ5YUBHk`l4i^vO{0MYU61)jaGJWY>~+AeO!vJ*V6S3 zD3dojPo{I)`Pcp}6Am!}PQ-3k^9$>AuKt!jyY=tlz;K+3FJ0MXcOb{nsXw7MZI7gF z3&9oeUe;jTYkl$AI!3SlgkE19m}N-Bz5Zirr@i)%R$pANZ|mb0H$Nm6-v8HqYd>CP zv@;0nHbQ%U0-QN`?X}hP2dll4k55v&rN^Y`8`wOuM@TKnhUMd4tA)2H9-lH@Ry9qx z`u=&fg}+B3Y^XMV&-GyI?SpHX6uuLDiMNuL(ua}xrZQJ_(^Q(gh3}*3d#?yBZoTr4 z<8S0}EH|Aq<3|xr!Zg%ftgzzKE-1$e-o7n!RV;(EHb2 z9;_?KU10iR7xR$s^!#@Yqu5;nrFU zY$>koYj2N(TiVKf9UVzzOM72mXJ;n5rK8%%3o`<+rMRVSOZ%3NEu9-^q9tid3A_q@ z-Tpr}GIQlU*zw!lZ83e~w7a`=s8E1edxz|TdHVG@F8BCVZd{m)0m_1V3C%d`YawW$uIF8H!R zU$7&>A@KOacAN<=a0oSyb*-_2S`jo0e6S+E&&~2_6m0pdaJhU5%gy-wudZ^?7i9Fh zRD}W7yHRNh%n{2HG%_cVEk`o_xees#6lyN9PhaN1_7^NJ@?LmOWMKtD&kFte2n>`P zu&=?Cd-Sn_QKfmXU_r{YDd1l=8YXJDK3@`XWyr5-zS02I_dpU^RV;s~Pp8fse!t(s zPoUJYBA3+oByXt4%dca+0V^>VAFIbO7P5S5iI4$5uX)S8(!Khi2KwIrcFq-7jLaPtzA(ywoHc1Cl0M;l9Y5(7-ki0b1|zhp{KY3h7f*AzvRV_ONBy zZ6EsJoRzUJ&owvpbHB9)WW~F!jevYQFeWiojl_~*1d-1hfeED?rUyv8#6;W)7pXDB z@-Zu2ZyTc<<61M48*-P{5uRk`=9cj1f5TcSAm zx0z&xQQ|>p8ko4CBjbQQye2}cSppB^{Mfp18Oz|>d`P}6g$yN4ABbPa;F2LH4 z)7qBIjjf@CkU>saGTa3MX$39|LBj&G+Wb}wrP};JW%=fL2(2xyjXG4$ z2$6{ZA(ZJ2a4GYhB(*CE^&wlDUJC zOpl+#hR|~~eqvw~r*|@!b;Yf+l!t`len|5A?Y@=fRv!VrSTkx&f>%_~lGK7K(f_S& zKA>AgnfJJ;)&_1XEyVe{a=l!0ru6v z)}7?l=J$-a#d1w{a<%z=kDBUzohTBR)E}%v>+*b)c7BQ{t=K``a+iJGS=UHQ1~4mS zm4|CTMVvyhtJXmZAK2$}Ao_F$b+O9;!p$-CWQj`<^)VkaEBrE7VCi<&G*NfCnhdf; zj9bOMkga(dy6ZYEW9A#5nIw&Og8Qv7UyfpQ-QxLcFRBOZ3o$p__l_|V`B*qMq`JZ- zt=0K;ST9Kg^I8U`tupuyxA|x~ z%`35RGVRO1m@fdZEh=NEubACiV=;r8WYLV8uEqcv-H>DjlGysR$D;8|G9zWeI&Cc) zdbseMWk690D}Y;ug(|fU5y8o;sr=2YHF+o#;>&%T&88KM>9`*&WX1sXaXRq~0I$vh zq@p{NUx#UuA^@$$KvylWp(g)dQi}i`*<91rjAtLy?qULS*o!g{-_uY0>*yM zWSUm_oQzw;uNm`Yy4iZVW)91y3r(PJk1TYsfFIz#CN}LMT{5_&Cbxlok)^DJ8m%+Lyc2MBm3tIfle<^vcN zl041BGK=&vXDv7RG6rK=Rm^5Wl4J!)g18ju8IBs9I=jiCTQEG_)R#n!&9(L|U0NN6(^{1YF`Yeffk^ z6_WEQANGO`+CWF^h7GflVy&Ds85eV(_3Fi95(rv${$!{l2(4Ke-Gc*``wUrtOF79M zYq9mUj?iBS;c1sC0p6XRDGKYhhY zlQ*t-70BA;PMS<$Doeb$@SgLczELV~`r!}9-7yw&JTsN-wq1FIByx|y-JvC(*k2MF zR-_W^@1JlgK%?6{FB!D(9Y=bzJsLmki8M83@!9kbk+WU{=%d4#h2 zM?;jW+6vq}7*)?mYE;kgxs5`9rno>fBiiDZ^`W)|2(fnXK%YqxdW{il^Yc9lsVtEW zS+i%VQAY+GSjq)2r&Yi}DeK}+IEd;Q8qzmqm)`wwYi(oS+%Bk!Nys5x$~gSR7gE`f zpvoe-8!nRJP%OI)lZWiNOn5XY(VM0=dXvMOb5D>BY4JAA8q9D^w2Oavg>T#!axxXv<{)Ok6S-clVyT(%#X`BtA=B6NE zO^%w+9XS~iO^Vu1iP$g}qT&UKP;_GRW@J9+NsyLQA<9%!M6_!Bu589Bd!$Ivcm~6y zp7_0dqS@SDlIddv*7x5%*~(^R!DlAQfVEati%nBUzNc^}}{cY|KXg4=$ zuh7>q2m5P1^gWIM5>~UnG0pjOu1bcGPKse7weA)I0dEV_ghn1#BWAcfXf+=6iU(tB zX4HHRjlBp$O-*oW>{YiHAGhhV_&6aO6MJyBO66F3kMTz{3YoNfcx!E4indUNJbB#l zyx>E{$-*_`^T@d_Zfs;>-8CQw4m*rGm9@CpWfi9+G~kxv&2KgtEMf1d63}Uk??Z>` zNeQ7xqQQAW0X7R+#&0QTuVRtUn?C7P`q++1Bjkwntz~|l3PMao<|@RuEvw&l!Cj9WIet;1Mz--3wGdrTS%GKqB)F%CjXq1! zU3yG-&A-$G;?g#8h*-fFaPRy4d4+b3%U`h!-LGc|zv2j!{fZ&{N{sL;C39KPqHx6W z{I2=1T(s#HLrZ_nQ1f|#bshWoi_!v)8&!ReT`Qeet_K9 z*_9;Ihm)ohO;Y+R=v3IXro9h;AVpX*SqkE#+W0P7??oZj#6?L0-{WDdg2hZ zjIa_LLK|_46=Rm!p2~TXaO{no_W`n#gEnn^efqPq7DvsWa*7aX^jFvtPyqVyG5Zn= z7q?4P0DA@DXZ}p_@zRign0^mv8;9H1-(3`RgQf;|u^TE#wO|aEJ2t9UwsP`QTQ&>3 zE=f#ePmM|7Hy!$Sfy_U{2pN&Y242%U;U~v@+_hDMRCFz>3u7gdgzUM)qME*^9}^k` zg}zfA?24W3*YYX3wrjbP{Mx9pgP-a=v0?{-Mukw9g|>EI%Ve|TARf|Z_bJTzU4A$) z#@F{n5K4)>nNY#gzMrHKDsg{D-tYYy3=H`}FIn<4R{33p8|T-kX1EE`!hTVs z(lt4?LE>O+%Ba#}H@`5G4W&)ku7Wv~V)X(Uo``C$@ z=|^V^l(Vyj5$A`Z#>Cz)a)f?x|M=Ya;Mn-Fll9rbvHI-XZ00ciEki>iJBIY%jy?7m z_1MtRuAvc2i1T-j?A*R%c>AzQTDn5~n;hObIXQ7`WOUb_JtLz#w{PDwetgHV-MjYe z+BLNOczxIKj`3rYJ9qA^4~^E39~<9u{Mep7bw!4cbAW$hV!U3T9I5X)zGr0n@$u1m z{rL9dlasVPy!-gX(C|ooeAn*DksZ57ckdh?A3C;YVrb9q@g2i^cJACUd~DCo;bW6~ zjt%cRzGrfj=#HT}DZ>-ThK`NzqHU^;?ym3Ly<=o_WY^C6o}KmMyGAB=?%FwdZ0FGU zuF>)OFl8op?wH&S9B|w*d2IXSp7GJ)ox^}SHgRlns6Ki8*s=P=`1r`sIHjnwd&kbv z?UUoghKG;sh@!>`NPTQMsd?$)_e$J%BY#eIpV+x$ z_r&5AeAX}K=b>zjw@WkZA z@zLYEhj)+c7~Z*asIK`wJUTo)x)X7>Yxl8ZJC5(#flSy_9~mAQ-o9t(_~h{9=;V%F zOKJPS6+{-99?9V`8E{eth?ii5+`(4cCt&cE*n#-vufoqr>&dq4DjAs^Q`7 z$M~u58s9y+ok*Q(dq8~m(2kwF-4sO|3sGOn?9S6sbVniDJb2fEv7_PLsqpI57kGCH z-B8|e`^@;M`lHh`pW8n*d*#ot!#0Gd^>+RzGc8s3zp5PCrt6bZYKIZSF)p1Ks9y%{p5Xyr~Ir5G9632GLN1 zBO}`fckbFgv^|P;6rvlIIyiFuj_u>)6HxK^_^uth&>5r0M|SNP9YWfpF2*N!jnvUh zBfF`zz7UnY4X4QdPe##=h3F$`|CUMemR>~BErqD}-ujv8*{QkdnX~uJoczd%xw$j5 zH{E#SBXnr~*xZiBecQlH4K>&5lFYgA3 zW_#xWh=v~Acl5;g%$Y$(r9Q|6t1~jwGe^cBsf&IG>nG3fy4>|Q@0+QQ&(-(No;^Jg z@;)~C&_lyR4-ZGtNFmzhT`?$k)=z=!*v$CpSq6IU`kR@&6ZP3ytF2liQS`AwG@7l# zD|l09#%JdCO`k@zQs*e|){UQ>`eJ=-`sf^upGs@f;=(^EL<ABjmdJR(1M19hEVH#$bsRa$S1z zkWibOhRt|`u>OU*@r`QpGT~(H1g!#VvOWkYv4Z&JzoUid&ZO?210TTdDMZ^dM7p>B z`FTbxek7Fo6z@VprG!3A=Z_bnn=%zG>+tl%=RO6`+&_MDzW(s=^*7&9pHtf1GnSH6 zABMd57ovMI_4l0^KmACZ0iDoP+CMcRGmuI4@W}Ny3(SGj^QW9|KK95%4=Lf)nYpuR z>X-IBH1x5_C^}q-?pPJ<;i=gW|GGo;v-xyP1C`D-WGIbFzMlxnZ&EZ@%x$Br_5*8&6A{ zj&u*9{ej>xT=&+QsHbPsPL99>w-=(l8GI5v5|OaKetev1`>FA%If%cH>2b0y#z;st zBH8e#gV`=HEv$3#*evVYu0JO*=Gtf>+OZOy4k5^9PLH3=j?{cA14oz1z@$&1=4~j& zRca5TUOrifZog2&UVYi{EF;J;O!H@h1$F;yuprUiLUi+m`Y3_1tcM8$s%L*91p4zQ zLZBBn7oy$o*Nb#IXP9IJY15)96D~P2eez^|=0e@yrHS*$SKp)R*dKdVLjC<)9|re7 zp*C&bP>8O%P}}?KSez#Ikfbd%4n|5MtuAQ5j1{80Gc94S%uP>BpG;^iHnaR~GH|vX zN-}O9``EU0@Fib)8YfCPMU#%fR8P+R(pdw3;zal?4>cR>&dC{M@~=A&P`1mot~eW zsPCP51lw$;UYnoAbecMioi;I!A&+&nzoqD)0luN8?9+7_jI!g;%uJ&J=cekjBm#np zm~v+@U2O$Wn?7yU+1%MPbuwh>pBZP3Xl>2UDju&O_t($VPfylQPn@ldhc83SvVds( zt3p)0w|@L&-OQT3i0reoQ?s3i4v!3t?9wWy_Y?DUD17Ll@t5jn;tgwU6#VA29642= zJ27p>V(pB5P9ocrW#~_x#_$ex?i`=_-0kC2Ct2U9seJXbwfHL-2?qGvW*(`}9mNV9 zJOhU3xknbS&s^hEu1psN*Q81hXs27|Su zQ>Q0@$Vg9HGmNWuI3B384B+X>({(IOdNesr8+*^3;d2^hw$u*cHqjF927#CuKV6%h zKO<_)+9(EGz+EUDpP4>o=~?m&HZYo27_cjRz-|(YPXY11(=+ws^%(|S=HO&~`A9DO zK;+G^;RLJ(-A?-oVtPiTJjGzZP2;n*)d0f*6XPPo^l?LWUiM;$tT-Q7g|JS>Jjjq! zb3~l0eltx@&qIDFXrykT6IjKB8ccOl*7M5RNsC!D{oFoV6>B*)hnR_HQlcRDMA2=9 z=oX*u?*jolaRmrkEqo9VvR5(mrzTQMXc)(4D(13S*wQ@Pi+kqlGiS5dr(*7c^)kZW z^aV)&ku|~fB5R_Z7~%w3X@oznri_4e&2qth8hs9&o|}@qOqw3SSWGqCMFKdhwc-(0 zl3SaV)?K07xwfjR=Ux?F2(qFz6b32z?ojeK4m+s1-vE zMi2?X|LQDkLxx#m<~A%VsB|?V0sBRk%)WL^Z=(V&|2OUT$5a-6Hla}_anMDMv|p9K zm+hDiM-@7`*+hccADA`p@foAqs`$M9ZzKi99-9;&v;Ib@nS~urYT-Agu&Nqp*!z!2 z3{A9$Ye{v?%;l%fg~^3;*f=d)RqMxj&u>!u0QNFQ0%|mrTAN5v|AXAe?UmF(RYoRk zzsz}bTBeSo7NG`;@;5Z?#|~+C-__Pw50RXCugR`E|J^@imAW2UJ9KMbG8wGHT_6iP&!U1Ma#-JVH(s-W$oq{=$ zVDty!|3rW(#bF)N07;BLxWaqZp%E5SAdD7|zZs^0+TRFj^;2E`n!cbci>u zLChC8@(_takx0K``1uE*15x;OVh32I7*!}{L?#r$4F8BVBOXwnff^YTiw})J>>z+` zM90T1(XUAwFp4$YU}(^Gt%(Hl|1N)HSOZ-h1BEkL`EzN9Si_45bEJ{s(LXFANDV0_ zOku|0>!846iH^mbm|Ozx5(DGUVQoW;E+Z;C3M@o3j0Mp5j+Wm)A^K|^70p2YO_ZUN zOxgrHj$myvY1I(2F)|~MR5XD8JqFJDl$RXmyjmbkrO0t299q+(LaxGev3JW3Z8#XAUi{{;y3d(qht2^NgD z|I=WDIZn~__V5_msbPfjQB(7P1${dm^NgWTfS=1I!gb zZ0CpoE;zI}6dgc}0>c#XlNy=i35X(-BmvzI4qq2qjp^~HG&ma<32SO~^2g+>_6cie3jc?Ql zf}{6I>=q#aPy*`ggQ8gp{H?Z4gNUei%3CKYAjH-~2K+ zBD_ISe&&P74sNZh8o28Cz<(%!uBF2JP+UK5DCIRK11X0=t$Jn5eTA0!X$iJ!5qw`>TVh5Xu zhV>M58P`*0lfWCnP?JMC#cV53fgtUf46UDFdfA`W~&h-0Y) z0&I*!%(D*l6YRsC#Bd`-sx#cPz&$7rCr%&j9Ko$N{+?a7zMPiKFb;x&J# zOfGv!$MH49C?Q# z@S#7WE(b?r$7H2Tcb1%6X`Qj?!lQf7+#e$vN*+oG+V%r2i&P5rTFTf$H+uWJ($KC% zrBP?c!&b(hBPxdZco7`U4V2Z?2}4;`GqZx?NEo>8?##A5l5nDf?79kAW?p;Hy(BaA zWcsW`adfH=&+&e;9w%@M-ebAB}@!|dXD0m z!|(k2EQBhC5k!yR9?%Pd3%Hf=fWIc-3<9}^K(41e;J*#{vMIJ&??LxG`x#_*pARFQiVQ}8;0T+JXaKgek}x}@<`BQB|fASToM z7#@LegfbZj6M?4@uRlLidJm`2!UDkXk19C%02vTU36}8O2y#R2|9l~5G( zKs@BJ#1EcJ5=Q)WNkYy{dXf+WIk!ZfpOJ$fbXgIEhWQPHm?7Ykh3RPqy&sP{DqRG4 z?_hY#8IfKhK@Mm!Wrcjig2$?K>mN#2xkEy}ypea^5sCbn zPemBBBHxCnK_~)0RzSxer-I}b2J%G`@rT-rf;c6=sKN1Ntccew?g4oe6(k$vgN9kV z$hi{iXMvhWb!$5m6KN1C3$uPu2x%xlk$=N;9kWcja5f*{p+FP)@M3uX9+A#yT9Uwn z4YY12;LZ{16!yHswHhQnHvQO|V%8I?BRTNeqXL{F|3N-*M*|J_gc?(YU*uIt9o(n; zK|J(C3uvpuy${r}2A&37wnEq!>R1JSkoO%_%d_E7X4umT@E zMdP$S?Wk|m1nVMVo6@A>Id)}=A_aGQj&z4}ugRlx$6$1pcNm@gR~{LrXC!`T&t#k9 zbK>h(hdz@-RYbNyWQUj~aso?G=6LX3b65W%!BVYU^W~T8bag4 zc+f*ue)tB-2M|FYnm8tko^bGw|G^SX2AhH2lldh^zT&|@K|!-xw0FzS$UssVqtP(& zN!-ft?GR0!rm3o;thEq=st|+^O7S2T^>5*Ch=1}g_{ZqPX`=-Nbw{QXd7-X}93(nS zV(+r;-z2q{C>U5a-6FTo-)6=>KPjsGqmZ-Gx=z98KA$*S!^dAAQvJEme*dl00>yiJ z&8E)JiIq|2Wsx&mv9U6&b-s85_Ur}Q?v+8;D9#5GzxSG-QIU4E?FrW4@))?C65Ua; zW`BU+#}~81g>P`#1u0>ufSxcWXXBuhUE7ojOm}GwmP!7O)GOeR9br z)l`QLd^&b|V@$cbiebZ1qN`2gt5@FkS6D8H<_7og6BVC&vqqq~x8q~<_kam}{j;+D zbrZ@X)h|iqR&QLlIev@wRc>LSV~@1oN`}svX`8IhU)rG+&;4Q6rq%K{S6-({v&rRa zXNBFFoAs6iib^b?6C*()p_l~Jwb*ouFeWst%~otgDjVoJ3kxfmjESKLJQN{{!0rp$ zek)(3=LJ!x7uMbIIMNjmOTbLf>j@NHY);{9Op~cxoWH0Xnh+*{l#7KQX%2jmET@KH zYVf@w&W03XBT2wK#HYuO&1JnWPw@b$9qk zEH*Y)F?jeRR)D>g!U6+A!y=WuBZ8DbgF$scaY1L1%6gzb3Ydlhrl|<;F;8YeiA0Js z=7`xd!x$;WpQUk(SaG1_lzfxB@bf&`rk75K_MJ!%ICP3~ zXls|POGs#Z$h95XnjN1iC|Lp@w>B&C3V*xceOKFI#R*{_YHA(EMpwMMR_oK6gO&wH zy05?B|9H7E_QeMK!a%aX{bz|@9eiXx4i4A=9GsHu7%y}xm)x?dtwfLoa8`U)WI5NlfLTc#}(!c zOAdO}sm02@kUs0UQjlJ&k?Lye1z#xkShX1TeKXwZvhLutt?y;z9q;!RYBdGF;b_a5 z7~Myf%5M5pu%~-t%RFu2ybPA?t41}?c%oJr=*PL7dHe+YZWOs$sNb|VxH->UJiFE4 z`v$#%6Ivb@68TP6s@#{Y2ws$?VZDt~*&%Z&_pD3*oTD?^|GGrg+?pY8Y<;%m#FVO8 zQO`aa>WMV(JfC#s;llzG87?1%S;mi(n->q7ReX)k{80Zw${}bM?~_xRV&MZAoi!f% zelJG9&*90F-iljf@)%{olGpuP`cpWV05wT6zwAhV?+^;xtBug6bbL>^ujJ4!HCQ2I z_WaQQYhaqnn3@)b_x$R3kcOe)f7~+BNk7{F60!j#umRBK4!-&v!6&MCxGm%WozGge z>dlGyQ*#Zc%nIyVXm{WgRdX`MqH1M5m-tC%ke0Oe0^DaiCk$sd)b|B3ob97%+lu<^F-NU#zdvwgKT!! zj~SnIZ);E_M;~1Bwki1SY`1)&ccxYMHGK|+_^8G0%k$<{xS_xGe8l~Uvrk$qYU}Se%2?ID{OIzODeb!D8{MCz+OD4b zCSPg6qjYVBQkD6QCw0Fm-#A9rDL-1aMKiH=Pm=tAjZ4NARI0ed@42VM(ry`x zJs#^GOn1LA)l%1?;rKi~Y4WR2HMi{R-6MVv z>b55@@4ww|*=r$N%rCRAIKe;Z@p`W~kE2Sf@66lnRvRlL^SVE{UM5XGO<%*du6vDf zY6H7fSr^D z+c;PuhYuYXmI&G{v|4Da!^X}7Q}Iw%#*N(~rf~yf=YZK^Hq0;>JHy`@J0)+XrTY#2 zC@eV_F)v9;-i{?_V#yi9LQ*7S$*V9uW_Bc^kjn3}L&n=D)H_lsjIp-p9Tus$Bq|uw zA0|M;RK=Ag#YQ0z9yn@)Feh)oAv|FIi`>&9q=Si7DN2fs=}>X&>;ERDDEq$CvdM}! z+M@iY?c&@vq1$`Q4#RB;t;@L5>wG;F<#j*SN3;a5`c|X&gyXVytyxLI+kj5*+G%P< z+ueOvrzdPMwR3Lc+Onc`vZd(TIffe?nvV1MXG+n{<6^OyS`YesE*a~@ z#Y?^APuQ0pwQAG5rWqvDS?AXCoh~e4;o8-|XMMq;*(MJ`YhCa#91=B zbUl7+KhCqqtOvT&R*HrSCYTh*^yts>EvR>Q@Jgu{^H$%Ua)yS&@$u6>n`cQJ{9-1RG?4SLHt?k7_6N_R z<0e0Uszzb*X6I#Bo;mtJy+7 z?8{GCEmsPOUUVc=^7|VjzTAq}CZQbcnK93zudr>qId9vw15cW(ADb3@;o5e<*Qz(B zP*CsFmfbq+SK1HWwpdg?ano#jnJpTQ30K!^U%Qd`?Zv)^^g8EtSC2)e$MRp#Zx%dy zWP&b-Z_BbN8+jG)x1_b4E>C>V+0H5Zr6*k0^G(ZHiX~TNVwQ57bMvh|jf0IcT&k13 zKioD9zu5G^V&aXim*zrVkJgr6I-PKQVuQ2!r`?x(^XZf1G5RE#Vd0X=L>hgPFgz0& zt|0_SOk#mYu<3#PGax}HE}(KUwSW&W2|CdnWNQp2O&_#*i1g|O9Ax4+h=geQ1OUySQK_g7`MdC$E|`h)5@HPw|Qs;^-qW_L%JAHETU16AO#DmVc~MMF_d zOL-wiNg@&76jFXN9GqDA&XX#6=0<~ zI81VAqfQ=u!g3gw&xCO~?+6}4yz4$sEbHds15*HHB@pk9R&0dFtoXMGVyI+fez9>m z9ztU<1{yc3)d-_~!A_CS$jYq7fbIsQZI#LIrm1Z`>oYpmih1^~n*MW)A)x-Y*8f zN-sZkFZtnf?-_@bVzTsh?wLV4+_m(~+K;4twIx1>$t$jL{1qg_dhT*rP2uNEgQZ^C zr%#o9!KhO#9(1*C6s8+c@o={CcLhO|EiW)Ovr~p%SqN6%~W~?@Z}PXMZsJ zB6quQkETpX?~aQ5n%QCnGFx_GX`8)Ce$+NRz&yQ;f=VlMMLt$Olihfs>j^A?_7a&9TB z0P&%g_eAAmJ-(+YJlH-@zs|MYR3Gnot6YowzP!Fj*!-$BK}-LMIx%9f@PdO`d+XEy zk=D4LE*;%`%$;p}?h5&)iZbp`F4Kj=DAIPf_!~u@3cE%2^6sdrCo>277SJo2j2hO5 z>>W64O{6aZ^FRY!3CeuT z1#`-C$g@ka`IXHZ141#5SeveljdV2-fTjz7VW^JD&}8u;dJuDn3q$n9*dhR(hk!U3 zqTBs3FXkxy@8vcYni4{Vn~s1gE{ubjFPRO;kHvV=bC}eyCXMOz@IkbqQ~ObFMV5r3BJ81vSr=kNg5w${H@BEBTS4un1ak#k0 z+|N?PpJxqE=~17XALf{!ofu_Y#Ao?hXvu~FWyDP_%I7-k&39E~>J(OLbo{`TrFPGwURQsqd^sW9H^C~srN2)^)6gY?H6?$xO~W?#~d@_b?$G+Sv$7I&bQ_PgGd zS(AA9QU)ji*AnyM5yZu3(7j;?y) zx4HD3rOcb6cvkV5ErunVg18Mc*9cYcMGJk}!J)Wt>a2>>li2PaTIG`dYH=`EFNcP4 zM~JqeYA2Y=a4?k%Moc9^u(3BVhqTLL2aaV4j?tR`Ian6MZUStjg3&aU;ZQtS#Q+1{o*(#xuOZqaWHzSzym+FBB16MgZr+PwF~l|ggw zKd7$MowQixyPNF=zYkfC;R_!m&RzKJl)C>KQz@?FoA|HCDxc*OezG`WslzJcllwNC z2C@pgZHyU6vHPpe_+q%5JxwEzLo;Mk{~g}88ICKoJW25l2L>Yo%ES&HdaquiHp8bQ zTf1uVa+SkLu8AA@ME5v+JMqM8`d>?Vue-ndw%PIe?dNM;tY6+ev#Ic5M%qy=dHdac zVFBEi)fK`v(=MvXR6nd(D_wv8Qd;71r?kI5vp8o5FVWsIsvxR}nM9L2&K*hkEE*31BvR-)veykh3ubb|D=|MT+kA^&srlYQ&g4C z`-<<)Ni*U8;wL*+=vj4^Ejsu1R$HWwkxiY7mepp`8N(%td{0-~n?7i%UMjrMlNfo~ zfA69@GBKnFD#8(WiX~s2`#h23j&~^6C3T+-u6g@bO?CIcqB1fw+bZooai)5{Ri~;6 zuQu!aYf8)D(VL=;f$!ZM?A<4JPOmDnV~G!HoFEqQa?>Y=hBcG6o}DAuIa%WZo1m~> z+(DBQ1LA8Jb)@A8MFgBLU4HVU?$QT}hnWWME*Q9WY~nEH0!S7M{tm{w!{`ICJJ)s!H()LdD{hOyVp1L~CJnFj{6mZl zEhb?Kn7RTSqKFog7BY<{7;m&bJeL^;ty~YXzU?r9C>A_9dt# zKT~+xi#|X9*^btCv#U;s$F->|?k=Ib5XeVZYEqvB+^=GPvHafB&>GpMkTyN@Xkxo? zS1_GxAXv)jQJiD6^t{Tuxo&Gqcb%E{ z^|xsr`tV6Mwf@YcBTj1!kA3CJ*&veI`-*dE^0{OYLlKAQ_3G!u>OCVB)QG@TTB0~8NMq`bt zN8;P;zH!XIt3T(0Q}7<|D0BI88#9GE0ZMqS&nM}c$l%MH*{hEc=UF)Uv`5}qDeh`a z+`LdEBal0{Q06ax5gF+!P0O7jU#2<*E;X58R`U8}>BT3hi){C_He1CUpXbD09zZls zT#@e?6#0$g^m7A0oq)lnIs=Qu#H}?=AGIHy6s)bdrdvd_Uwx*QR7c;te3F=8>ZY)7 zy~mqnCZ}?ysdrRaecJV%qfhmtw3@%%eeP3_H}1IIJ?-hMnT9&kGapAqxh`$V(d|#n zqp2jEY3f^Es~Kk8lK%SQ!P)C)vw5v-5A$}k-t>YVT*Sgx7fxNuS0U!CGXGe9nBSXx zI_VC~f6!bX+CCxwfA4I3uM`KAk(J6K$3rGfCJPeOrOZTpJJs^8pI@<;yPPLNx)@fLI7mz6O!7X~MjtU=$TK)rG?kQ~_5(53pEFX9TmM5NS%# zw{Q#*Kx+~l@CTe-q?2GBffc`>FrN`&uo|stVd|rjlh8JfVeAiqK%_hlj146tv*t_Y zGw+Ehd87LlV40kpOju6rjk$BrO>m!9&;#MGF^N^{%+(B^Z?}EPr;c?Oq_TJ?E~8TS zQtY*Egc`4S7ozzg(9oz@>5cPgHP)vYny-wOnewRAczm(jQ+U{a@+q+`yB@8dQFq3) zIge}pMO*3fb7DPaD)Du0aJHo;^c3%1XV&So;kMs|N9-PF+A5}o3!2gB6mE=8VaGw) zt^e5?#Ua`8ke|_zES)$Pn>-BM0Vd1+12p#&>`HB?@Lo=>?5q4NA@-hU3%21UrqW|| zwX9S)Nm2aF_ZTes^C$u&C0g=REV&m;euO1gQzSjV^C;}}J!BiVWA}2imIWI9`kQV9 z*f*wSta})Lmgen;C1?K+XbR&C4lw7~uE$?T)Oy70vZ}U-5A6I*Nwmw& z$#eQXS|I^eqtHnN$FK$q(K#lj38!1kZ}wN$E>XX+cZL27Y|^Pk-&5JWYp$}D8h*4i z^=qqCjXg)0GN~@_WRM#7V)@ruG5TjD?%%(*p42dvdi6PB<=TP>t}B7!8=XWeRTs;z z&GFWXX%}bBOT0PHT5CJsr`^_4GO>yz>9o@mc)z&pT>HHtN!RfCDZ#)T%GsoD*-W`` zqvCu`YpqQ_<^y}Mgs(47-g=vm0HVZJs&pd79g6 zU$d8mpL$$qEZe^BcDosVrSYU#iamGN*~gCs3tCnPf3DhUXseg|a>e#}IkHyu2TW7h z+`Nj9R&#Z>->jKYd0&4|_7nTGtYe2}_&bYuEPa}gLRgTM+jJp7;+)ES5tSQn%C1VB z>WFAk@DX9}6s0;Tx!JFF@!y#Il5dgVtmWbv-s(c;?Q1tAvy}C(6uNq~^f-N@TbApZ zZF_9*%H|uSmAlTNt1hTr!=Gm5nUUN1xNal;NltrSQSg0_0iQ3<6k=WU^5*jwns>NA zuUfQ$w4@hfSAOu?CF^Q@_qqz&zAQyTU)6?mQN5PnnW5`vXoV}pKgH~y@d#S<2TYcY z+iL70%X)h44**FGA*| zOl$SV1gt;#R00Hgl@A5uN*Ru;;{SD59g0ctnGJGdaUlihJY3Ly+96cz3gu#iOyE)( zk5D39|Lu z9ZZ)n6u297T=1+^UU17ouQJ63f zcONa+wE=d8S#$wNX1jPfG^2;$lDZ*~>$}P}a0Ql#F2FTh8{uX>p_wBTpjl&l;S>rnIfgF4R2E%;QFRjo8eM=Z zvb3}T+Ire*%BH~3veizwMXig0l4@{duDcb(LKdJC4A+8YVT-|7DX!WX*KS7Jva}^I zvw9#Ib zFhD^b#9qpawsUXbZtHI2zD3^>xA5Ys!G8sVwe?-RSj{{*t`NvTFxCWgg*oFQN4(O( zJ}fU|6%=#TAQKvKhz@3KyJSye+SLzeWOQb1+hosRSBPx_W1gpwrwoA7IZ%{x4TO?w z5CBgjnn!HlVeQ%ya1*|3E4YYwG+%2PGB5$x%No1@TZbNkN6M=23VL`5xIyDVHEt2i z1Y4vZ1GcFZ$AaV8z=D&9`!hB2Y7RwcPg$`o*j^pnUE5$OY*z@V0!PxNvMm&wxf>O= zgR6^|ZL^{fD17CH0#t`#S~2E88;Cs~$_OZbFU5kb6A=ooiD#!)A?)ugln099k8X-; zm9^En2pOiAm3DMwINA|;)S5n=E_LR}jYk3{Mus9lWR0*4Ri z1RECj2ay8t@Vd|#gXINWWmn*FmE8bpjY8~CAqdqt-CMAh;28q(y4m@6WrQYl3Z-yF zhmQ$-2ec3|B45T=3`+^mY&O7=5X78{U>^e4MCi~dL8Fo@GSs+6$0i6tL`F_Y2`CN9 z=D6G;DKZ?c8oJhVU>{^D%7C`Dko~ zR=|L{XfMaXh>ISxy9l_b2@k__ygfi^V-y87yYVpW$;b4~gj>zU<m-}i);w}j?o>y06jpMvYw6WoHD{Njg-BNv4kqp)}4*Z z8Ucpo1Wp9`0yL9_;Ua|Te z1;BIQRzo`u-h%?>t-}NayUNk>z*m50tmDCC0~Vpfz*hiEB^Vd4BEX)Lc0BA~fC+e5 z3LjY!Y$@UK5o}z6$06;Ei1V7G-UJiCn#FqdL(wp76V!-cf9WuAcW74y-qZznLcm}p zgNOBp-rNxdyl|NJJY=oI%D_tFkS$^eZz#-n9$;dE6~esdL2teUI}P651=e5yDgh}< zn3Y1n0txQ`8Ur;QV09G(Zvr*Oq!78F4u}TqGMFb1HA9hz)x;b{fF<#yG^*n_)&ho$JT`k?C|J=OrQ5qb>srs*+zkg`ONaRAeP zj&L%m#!z#Uo`?I}^&NKTJM7eV*d;xNdw8J5_|y2uDH=UD;L+%#0gr{~CI~)weCDtU zEwmW_F3Xw4Mh)~l3gT`PJ!TIWqpP_Adf=cyJrC9ciqm7REG|mc)m&gIV)0Ohp63f# zxgHB*8KF74npkUNwAi2>j`a9*gmcDtCW-Z0ERT9c;Y>v^Qy(({ZGu+mWtzk4+NqO* z*v>3dbWn!{n_=vv4vRK3N2chK4tvRO$1+1Vbr{zu0Dx4SV>=X*cM}Z$bbB%ShHzp54$r9);7kda+G1_4=X*8@XFCiDhyeo4mxZTVD(W~ z9d?@yUW=pzE8{DS<5)Imw3Y`m)(3c#wLHKQS+;1gu3aY8i`4*~(DQ~vgt({U)tE|H z4(P28Yb?lOIU*ytX#p=lXN(81gs8a|BR(%g-UOS5YD|lP7pTWZvYMhK9oASdljVYv zwe9$i%#Ks8C_{(w>)Asr$<<=0+LS_W=ztCrnq8vY(0Lv9O|X*XjvndS2?QHh9;jN! zyJ@-wu;$KMJ#EZ(vpi9E9d?d7$nrv^E|^z>&Ktdk*f>RpNd*-0L3YiwJceMG308rM zj4rTz&@C-yS7UsI<%?bttPIA!3ZevpyBBPiJn9C^4>i+beC%g_sD+M)ZS9A860Cwq z@k8la9 z(=k{3sqMF}RW1GRC|W(Wx_OXZj*-!^aneRw7!G9`T?Ktugu+ITaoW~#J5acMpNvAQ z=R;zdT4;@guphut+X5g5{2!N_02F|C;Aj^F&>Dr1awI@|)B~UpNeD$wV1EMh2`nLS z6oC~4&ICxI^#Gfp{iM8rz*n%|#po644eR_BS>LY^Ue~XX(2PPKNS&EfXI2twK;c!q z9oAMR#44QIOh{HUAsNmDY7U2JfMcEmlvg2VLh&Ry%#-9ZPm!A#mfjVZCgz_<~PklgZAm&{| z$5@R4hSh6M$${<-kOqiH;YaPKJnD6(j-yWOF4S@AvRPNEHOZr`NltA|{JuX(E~l4{r*Jf*|L!sWtm=e&vQ6tI&PNuxjLz)k#mKa8%rvT&7A9Qon z5*_6?hX^r@F9J=T(jwU7@!29|k1PN>AqJoa3IgbhN(h`w;6{M0&~boa=mnv?2G|+# zIUl*vG8&09byi-7Wgw~yqk zfh7c161bRf_mT2l0ucvG5E8hU(-iIE!+|1bj(E6tA%X1(OyLpzdANQtfhl}78jT(biG(>bOfK8zm1*_E>%Fb|a zL_x%`g>o~9`*6PjkcK@7-Wj_Aq#=?t0@w;1FA&CuA4+^DCAsf*I*McBA0LFq(C@>Y*K`4lhhOC6Zg7zREA9GNk zM_XXRoe8<(hcg&QpobaBsO@xks1EOj9KbpVveOiZYWS+fd+G3AI$W)5mj_obc$DLf zVj$DSpnMccjY4xN9_)?yXgFB21R}^NuxAMt+d4QXIoU^?%%Ii@@(hI}J4~6An=RAG zm5SihS`Mk>gX=^p1}L*+VM>KYuE>+`3h--A}>d# zlB8zKQp5^+D>Ogz z;`6{|>zrCmrY2LRR4DV*+4(=!SI9JKjYN?qQGspM#M{7|b8=yRA_hq_C5j9g%qw0h zC|Ra=d7am3eF3|#!3rQ9{*t5jU%l5O&{iYQkzwn11T8>N2bl(A?N!Pg9fdeCabdm1 z@zf&FvCaz!-(ccVcAXQT!~~5*Ba4L}8L#@Gvl+N(LGraP+#VBN}RzAX5UdOol?#YVeBe{Aig*k|xne zLNst}otg)n2ym9PG+A051<#{ATc#pQ7sMN|^p%p-k_?$1L*cU2yo?MIzVw1)^0Ku7 zO;4#+B2lh^IA=hHxCntqC4o3(Xy3Xj;Yyi0Myb)RtH|^^MxsOoHf@h*bf8j|RmX^y zr1){05Pd0l&8EI2B|Ysiv;iT1J>MH(w>s$TVPuMI~Udpryiqs$1b&UFzi2x+so( zI34L-l0=LUl}eIdN2{$ImzSC?m&Pix4S132c$p;ads>~65Ec~%m36_3giDP)Rh})^ z7;r=LVNv2ZVUR?SsxF~?AJIr`tP5#cbO27tsC~911L-nyVkQKNG{{=NjzGVTJGG5< z`igY!hNWm@82ZKZq6C>DEmjq$RBOUurKCcJ#X%mMSC8uhdTo3HKZItmqmpGKb+Wp) z7%i8olxk(VMieT|7Lo8v_6q3|sZ1?O%g)wmh_n$DVfV+uRt^zPmI%2=0f7?ltF-Gt zOG$>;tbQPANL6fe-4Ido0PO-q-Q=1~Lm9fHW|%6!kG^`N$uJWaVn7lBC``T8JtG_LmA0=<2ADiLq7m zvg$anlc+;rqLCiMsaT?sX5xs0a>$kfvIs&p9 z+`nUMqn}LmBVWH(Mc688k#;Yy*5z1OeX#e2&h(2&%Qx8f;)Sn9wc$#Or4!oELx#P2 znk)qFdh*qB!|{Jd{xOJX6@#T9&CUZ=$T&fS-T*(2K%eZ?WTFjc2=;(KaLJYi{5_U9 zxth$qZbz$gLp9O|Wo`QZ$ryMOk*CJqpet#84w0Lrx;-axGtz-BU7%%7H{pSlotD>xT_KQT<<3!2@qE!D}a< z%wug?nVTG`koAX~P)KC>mKrsX!YP6RX^LOiauWgJ{-F3sXv$V`MR zN=LAe=~x0GkP@Meg^XuyQCtiq0jQ;=(O4$b1YwQ{E`x|HE{h8ytq_}QS-b#)xir@S zcU3%-a^NEhsFuY`@UXZXA%dbgkLzGryxy{SvlcqQlYeMM;CePx$>Bk(9E;*xa1caW z=2+$s)@BoP3LaX)knumh0F=T#5Z)tfA6b1N$FlgImh505vnYNFeeeJu28v?Mw)3%C z1Os)zP&DOWXKqf@K;2Jli0x=3z&MC@;6Vjw<$&An79bWNbD`v5#AE4Hhj|3+Y83&I zS{q~g@pzQA1ss%x0V-0lOniwLu0>#JDu(|oC3aq}J z_PW)jxDt-M5W5(mDd1mReE0--d_ssApRnPl$eqg%og9=nyTy(z4O`iv`>noi-uNO2 zY1r2O%O0G(HZ+-iw%+jmNxw}RzryYL7mKqySGQVb_I26rMNPB&jSCP&U1Ytl-!V(E zt7(tnO9MMND&F=#HEFS=HQM%3cG=;~-II@Mq|EWk#vx@%^X>n1KILY6q8#66>LpK&FP}c#oEQPRi5V*V%wlMa2n%EkbEM!J_ z5{OTOV_9TEWq5iATOL<~qUtFON+#9Ntc2|3uYz)gg;ZG=$O zoR&d2;m41Zl6f_N642#q65o?zvPO9aJMQXH$!S6WGdK`$kIgc zJQ!YPDG7r+r~z_F)k00CO!(c=9}KH?Vz3ZwsH4{%!N5-tVDm*b+k~Gf%ZAOUPy+`U zY9ZW)3V*VtNT~fm18n-?ct9vu3l;E#1{LH6Ih@-G)i@u*21Ym#cGW+%7L!hhOnh)D z^o5u2Oa-O_*eB&E;ciQqqy`!IKtDhUIr(ma-3e1RM|~3HJV&?OK}m9m|<1ZYF7K4VGf(FY|2B&9Qq06B^gU>U&lS$ z)52;a3Rw1`II2x^g*`exL_c^=PC+t_wuv#RUGL|O} z#X6iA_kIPUqT{fh#qfOtZ|J^h0R`O$4;S9#BQJMo65!obaAm^}es9(A6Q2;C5YzwW z!bjyzqV}GDKj_a9v!7!b-pSs0K|_SlsJ)e`{k-*l{i_>xZ#d(TNz^iLgR^6ZzyI7w zl$(}{5;}(X`1vE93MOrJD!?$^y{0vh9gXYPW3J0S%|RGS?dKLQ3v03OueCqn(NdEk z*uXhPv_!5zIch0H9vL}WAlz>*Amm4L7)XP6O#p-6R1_N!p-2Kfg4O;L9oOp!-|i_0 zZQ^1~``N_B6Vw%+ohJi~K=DwDgkM_403Hdjz4ljEXgB-MuUI~Q8rSCpe)E?{1i(hKPz&$sGkziIB?s4G^#59*RBQuONrzMLo+9*?1OH^uS_8cxcmqKNv;iP54XA1` zwFYHENeJ470GYmraNSR-sBOcTKzL_n`XVgqeEY){;~4{#ay3W1+VdKW@_+)Ea~ z43LWZ$I=uaO#@dI(E7uu0^nFT8O(s_yLtJQow4-qTj0L3$(%{a z*l?d}kkkPrD&UK~N&182U(NV`Lb8Tf2!2lqPy1{A6VICh#vB7z>~r`NO?1S*s)lbm zj6+Cls3Km5y|V89HVy8`DE-<92MKBzA0B0{L9JiO6roV4nGLq6^L@NZfAm^}@XXZp z(Un+H4LxY@u<`E&wEpNrJkt+};SFd8X@h(kyemMF)vuMS0PV94M*H(v|6RRA;6He# zanKV%A5oxJ29b_^AQx=o~Yb%6E$7`on3SLpz!?EwGAdX-U zhAl7D!()uq)x^;XkFhrLVN5%-KllGXA8R|v0F*A0rNN5EUjEO%vj()TU8M+>!g~ro zw*PTPYv+@JH?h)SCWGK#I$Q%_PG#^zSU;fpz^Ek1AE=lv0o(^-WdO{5Dybm>dLU^L z2=)Dl1nd>~6A0TgcmodXh%K2zVl0jdf3FAjum7c=IPGtPUi$to9smFGVdHxiIEzC} zsjHf6UDRyNH z6UEpXQ0g&8EDBY!7t+Ou5&zJZEu0~9>DsfWZ~3{K&zv^o9Wa%wUOqJK_`7IHQJ3G= zj4I5lEH!<^lyap^DZ6te3(kaSD{xH~dq1l|(Gku=yt4xgi`6MhnSe?~Vq?aL%SvK% zt>~l#u@z&15x$k6n?wz7J7j2-3b8q3hKW2YUc4*~Zo$*Uj*J7Q2&{g6LLqi#nqfZ6 zsa ztksW=j~SR!YN4TBV5(T9)C8DXYBXI+m7sgKqAmA{dbW@Zemu7F{Ywi+|I069*QEJn zFZN1Gee_rGsIhzfKdzhY+nTrS#puo}PTc=caJ_LiX5>u4{&{=bPW*iZ-&rkPmmaBp z@L93sR$otz$K_s8flIC8!|z_*E0_6idd?XZka*U-U(uD;u9am@Pc_^4TLh(>BP-_F z8gG4`$DjOqtZldS!@FCDtnE85>riCdP~Vq}w`+L9dq>{{HcKwwdbWSNVIxj79P(Z?G?%T7*$G&;++=`9^z1VB3hNbr7IyRg==}ozN(w9ZeHgo6h@3;8M&Q7kLzg1Yb zsD9~aB}?&|`F3Kjgv6uMoK9QSRNi^qt3(&BJ$^UoL8T_`e>HTR$PXMo)_CIYi9*uhNe#Vwh@T3SJHw zSedr)Z{g$P>(L?rpubiPC#*(s{f>&XM{%5sr7LU$0-A2l`Rzm=J(Wqs{WNArGo6{p z$_|wgW?O1EpZBa|>WQ{l-GvTYLQnNbx-+KN@4Y@F%%RG4>#z@JpSqoj zaB!P{c2M&UC*!t?_qTs}%*&(8rqpEhTTTZL@3wbGrB(J@=^A_RLecfX2MPv%Juqs_ zrQ?xt@|smDhmoI7mTm0NMpd=?sp;%4)4McG9hv_7n%N)vY&!IC?~||93s{Gn4C)^C z?#qA$v+U~Gq_9V|uzEbB{EKTd(8B=CD-pvGC6J&cyomR8_N?P zLtcJKv7VB3y+=dqKe&D|w#Lc3Z5RE%HMo55lBV;5B}e{P>QN=Pe`y*wHmWq(<*0D| zvaz>&&YKfE>i(r=>6dmEB|KaFZrt?ugK{p3CMB=9>g}w$wUnQJ=9zn^N#~1QKZK`t zv^#d~`SD5nCTYGIE6R^}ezVL_Eawe(&mU)GfB9CJJ#)y~_wB2V&&NHUDc#m{NFiOS{LuJjzmIXf>`u?W zyZJZfW3iu6i?v@~jMyo;r$7XOc;^}FC4&;XTCnsK)MNF0(}_2ASMVW8h?U{8I1nd z6JaUc)X;h)2hsH)2hjo=uep^kKdQ_fM60hVR+O4Yx7hJ|OZO)8L+#zOp7xAev5gzp zkR7>W=s^?5TLD=|EUy~B3_LKCyY5)f?^Jzp=*3Z{`Dr7HrldG$ubme;=V@l&3wLHG zY!G-JTzhS~$C|-LYp+b}aU!K5=V|(YCqD7bEWIDEb;56*yn;oq3aqp8~o{Qf* zcFKrd`i#oNDeG=rSXylmFQv>nE*oa9XxJ{e`4)zk9BcbCXBjcjZ$aw!f6r`Ek&KdQY7qciC+V z9}@9!|3TH@yQ;^|clNfQdHBx*4&82)je8Lt$t+tr{?3bD^Vfd9wJ!bs{^=zJ)t9R~ zKaO-;X63qcSz$(T)#%hg$s4?fUFkNb_uhf7uCJHcK^NM;iC>2MIFAh zB+Oeg^}XV+LBj5yR((>Y&I*q89d>=)NZZ@6EU%s(UqOcBXwB_venONj^sG_Ls$4c zK9Y%G-NLGc#i~zs$&7C@JX*oYu5WE}gJc)a#4$0oI3&B!e@b@V(%MY-5Arok$$YH5 zkXU>Vw*F9~Y2u`%x+hO^l8u<ioa{JC{svK|EUL~gUI+So6-w7Jp1DM9z2rX3G& zGib0=jaA{&iJG!;Z%#I&+q)kaZN78ya*oOD>dcRsqN$bcZQZlFM@kzT$rU|kOnX@N zX5WOG_8zxCw>r1m?@xuxnn!D!SD(98W43mt>+~7XW^IgL^G987e9*`4{>#H&XL`-s z6d5EqA~>c zr+>4d-y@N1etGkVJ$uickfUaMPlYVBvHnjJO%&Yip*X+@j! zbGydG?k(=tbip7CpC*I<3=ynv`{}n+i~H|oklFNiGJq} zH^Oi)S$A7(EH;DvXB}?Mc-J*#i<`2AUCymd>?8;beg2_GIf~8PF39*Cm*&-QZVfB) zO52K?X-ud=a}#k3#;3A=vE|Qaj0+kT+x^{|He7a)iP@!8aUpAU%Bv1>>5_(K-PRdB z*zMBHY)IGR-IB~db?;uh@1WhQ{;}0-?{073)Vs%RRpY@Iiqbb*SE-r zDYG)pES*)|VX^fb^|L4ZUV|>5T639~R%$z2V9tzu$oqY1taGfmQ`gv|!v{5=-u?Wf ze*HdK=Dd;LEbl&CZ1L4IQ|xaU*=%KDpNXl~_xkN}OUN^s{fB%~ajV^HE#o~uzjY9K zoa;QkWYLxPc_}ZiKI;5!+uN)Bxu-@r+l-kxeEj3)Hx3DlnzYPr&~4izBcJRnZyR^3 zjsaGtE2$-eGf$oDIb@ib@2qvEy+)VsNJt&r{<3&gh0p%bar0wj%JD|GV(fAXMuNRcs8Z)J~JpJUdSd_Tb<~>ttQ=|6~ zeEwqd5J-1viuLpPODUDaHLmqSb2x%2rNUuu+d)cg4Xa5fdRPwui~7X@Op)NW&qmtn z^?g2Nzdd33$8B@2TJ2w+`8?8MP3elE6?15=G-l?fCZp`E;PApn%!mVh#D0t~Bl7oc z(UV~p)6|>Fl1qzA&NC%v{v+FBH>Nq>78_d`ycwc@)mJTy%Y&S#6voS?N^vvBSzEPH zBK(XAUgJniNDxLO#I$5W{QSKle0_qvT7C(02tT;-f;VS!a)r8g zVk%25`ocYdIUGIxRd@76E%VzcI*>Lz&J7Ng5w*;4QQ@0|A^#C0=tjn}s(T4XXrQs~ z;EB;4Joz#{;y^#KkB|1?$xkfSq5t2_5!^`p^9@F|Q{a(Cah%(^E=wQvo!ov{gZuXN zysE92RjxbKeKKq2kmps*Bf5Xcoa&$t+m^AaSl8~xZr!4o~S(-jG?eMgci;EUGI}ZHa zV|>t@?OB!^BCAI&VSPz#6msCyyy;UKoH-D>&u-EAo5CY+8}GZ=f8J}V`g+iaPtO;< z3kuG^^R>wURiWFCq1G>N$8oxE>)^M4W_tGfE?J*SkB%JOclMBrUvn#|NoL939nbe4 zGiGV;%EkL7RWCEjG74fmeEGTMZJ(FqEV;fsfcvb$>LU}UJTXr=|0H;N^N0=0tFG;; zl8Pxu&!!z$yB)r}+Kh=YxbdjnPqviCDX;eI~4srW9mQpwBBNu^M$H5vbfVp zubPxPJLVlK9@u}{?u3A6#@$aYHY)NA`=eLxIJfQVyKdf7oO~@kh41zJo<*y!gT1FM zJuoo;=<$LNpAK`QcI;ek+a-is5;Aac?C(zTRX6>-8%U~hJ&q0-eD2HZw2^mDOwTz3x1}bnF;U_CV#8%VVFoUJ0#AnbZ z3FZT9Z!r8J8u}RAPBhNmHk30%#0*#7GYe(ay!qHOqU^i7g89p=`=Gw5eahZEx*%I- zpWxTvsftO4umOi(-I=aTVr6_~TzSmj<=P((zqCK}aPeX47A+vKYyrY80^=%nBew?G zwOebrHArFl!r8j+01$2s;{Ih{wRZ>qUT;4hiCN*nxv)(bL2aij{twZO?9^i|KZv?qOIpEkx91cCEX9Zt=`Lf(=oOSk5Wy4d#Tvz!@BQ^{ zLZsK?Ll;iw+qE%DuiEg$ZED%udUI?(EOBQ;T1~w$z{Dm$<6n9S`|#W zIc4sHSaY`jbkh!B?*6uQU&O^N$wuwQv{w&WA2EDfQ+`(F_$IgRe7&(|Ja3sM?({;A zX2rp_UIW^$k97WMzoq+1o7GmWhFo0ymThtS-Q}UPc29aNb83dH+u6~ft_#Ol#oX8y z6eglgy$9_MZa&0oNizMYe4T^;@_o+BD}Gz+IBdKo+NXit1IYl3IlglelkQdJJM6Y! zIX|ItaL{g#UJI{C`%U&LxV!bvt1tbVTylTBJ)@+@+VDFu`*I#!=Z;p?JX+S*@AZ>g zeiL3=b5|!ETYfIN#|0n1HYIZpWhz}ee?ILyzk|o?CUZ`s`65dGy}x^Vux*O(x8AWw)89``=-=~xQKz0?xA|ubZ|`KXd7RbRfj;}p z?Vh9*_KPnI-@0^s`z&7ln!^L$mdD-PAAYQV?=IqiNf&BSW6d4r#(&-NB-Q0+zj|l;y!kpl;q2uX!@EZR zd283W#SbbbYzXq~GUsWo-1LOMSMGT6F+bPc4>pZ(K6v-|grd!f6K;OwB+balY&EO> z?&`&B2D=5UI{CaT;&FS$37_Bhl{39#J@2P(IKBP;xRDR1t)e>Z+|z%#ZLf@!+kZ`} zaBS4(i}0+vFl1Kyywiu0Timi7b@|H@VPVndYx5%RY*BgNC`>Niabrc1{|o=9cOHu0 zEW13}%V8}#uU;A*pqb*(qO{&i^VeHD*i|okGIL1Vs2gkh9;o^Ks=7^B%zodXsPXi! z&`go}vteD@-#@>*pIuK0r9P3du0^1rWyjh$&fx6B7L8PY zj{6XQXt?dV(x3+6LXl2Bfw~izFUY{_}MkPP8reN#V;C}Z-t825_Ey!lq z7)$-Z4jh+p2oE;4`Xe+NKPz%y7XLNv(5yYB6|LL*xt%rt=FR@YAPxR9%k{>IK&X2T zW1>5eiz+LGJM)nL+38U@K0T^?@t2$){W8t`UpdJ8{ax3S6P_&Wotk;R&6J6~uAG@= zcZlh#P1&&wJh7^TCsz8$N&mxxJp9Cp@nZbFe0)i!?pd28AyeaL-koZ3$kf6Al&ODl zi1)p0%@5&|B;C15g`eG5-}7voL5ZDv-J7TC{CT5QacXt^5QE;c9a*x|d#nrYQ^Qdcfw{uEO-sU(ZJ{**g=iF`kt@$8)aS zmVfkVcx~F73GXVXcV~`hzPyW4Da}{rF^5~M8+cCC*l=FF99I(n{;>EN}$ zKD+22g+PVNthEGnA3 z=j30l9&WYXyXj2u5^&F5SjjxwI$e|<;PhuPl*Ph0%u z?3dwj*K}Le*qN8_HGTH7d1xD#DODOxuYTv}1y>hUihT=roqSrbH!wH+{KQwsR<<17 zlAk*CTCOx9dfXqSIZHU^`}=eInQv;8qhfJV55aUo+yM zst9d#lWv{qe1)(QSXLr^gSJ3|jCys&Cbh zP9_PDce=NoyLQ^JRI5>8LwsAVglEm0=3PiZywlYuMtE*ndpz`>r28K$9m)@I_NaER zESfG(_nP%YIOcpwo0l(~+8&vIR@gtWmAI5`3a2YDU^w%g{NJ5Wa^m}|!yUsD-%_d* z(@=jd2S>i9-<`bubgFCXmSB=7J>GJwy4jar-A3m=o^T{Emc^u0`4{XNab~wYQ}WS3 z0PQU(^Pe;6UY~i~{qZS|C~^{Ytlm_5M69oKg0By~|VV6K6iWF<{g}mA!k{dpR3s zJlQXO^<3R&z17!nO9xibZ`UoGkaA7s|CiAPZjMts>Z41B#i`6E-{v;DKX!@N zIq&LA!S@nIOG-Ez{iQs0kISkyX96zSxo`x&MZNB+DuQczv~1EYsoZqJo0;*$0ukyc)o&!kT? z%?CTXh^Gi9%V$!B_Jg~ksCBvf4-fK6m$4MKGx$m4n=Z`z92=?WHzGQHc)}mAr~H0; zip1;j#S1QOEmk&)F5Y^fVTAvn?za}JMvv!AX_XYy^_l4Vl@p4(}zPK67UW}~HXm|1h`ac8{mp%Xh diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.VisualStudio.Threading.dll b/Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.VisualStudio.Threading.dll deleted file mode 100644 index f3b23c328c0f5755c557f6b6d985d9d17ab4b67d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 433168 zcmb^a2b^S8ng5U9zPI{Tb#?d5REMgbz|1hv&85P?FvKAZIZ761SYd`JNiJ3~2vk?w zy1N(%B8pkmQBc7(C(usQ@vfA7z8?yb<%;QD|48>UWv&U2pg zoaa2}IpIF*ygR(W^SliI{`4o$`vk83Hrwwr|ICuSWX*$1ypIfgb@xy7o%+??&$;}H z#@cJ^@$>2zK7Z}S7hZEseBIiME?rySan0H*u33BR>1VHfetgNL>xYN)dnTaIIL`A< z?F+o$&7Sq%w6-65>(&nT?dy40hMt#qu`hWU{E4Lx7PEvudg@i7ZYi?fujMvx*JjJtIg}{mtGx{QMd|c z(ZIWImwZPnx%=;8(Um{p=6n6#&u;1SqF-mc0gHuJH-_HphduAzH;3MA68B8bYCk%d zPAjMG1upEDZhO%4`X-CPn_GSKR(VqrA1n-lcXukhnJJ&UyLa_RH8Ca5us3siE%#DWC(2tKGHCqk)>e|`upH3AI{r)zBekG zjP9H9R^rlx!cs3fk^+O-ALj9H#v2Bi2ttPCb$-w)r~#w<_8EKA#=?joC2!zG?zQvNk%lDRpm+A?2sFv!|;2yboKa9o& zwOBU%`@E&NjHQCBB|qXtuuR@?o)FHUlei7suzZ9I2Np~H!UY-_E(_CAJo*if!2}Pv z!eh5x@PISHL)8h7V}!>hKd1%8N?)mESd?9IaXt`z)(V2COJnIC+U@9@1&-*;*l_e! zdKY~yJLUIKdFZQfV80#uMoF6%Np90u^#nUqi|8v??E;ZS>8o10=v$1|E93k8#<4WC z^`;>&<3|X`Jneb20{(osA2}MwEBP(Nl=t(a69_~|%255ca^Jwa2^YCjSlSmcr1RBm z5S@ezp#+gZ5{~pmCllj0?H~)+1EJfy%PR=K6t@#g)u4?CWFPH?1-OWqKNnm ziWfI5amn$Sgz|GM9hSAMUotG`^0{i5bv1?6HDUa9VL1{+XOTS|$;^+hgX)D$d^X`J z(Zu00=pC@Rg9{w3Kq0seiB2CGLPN#j9Dp2YgishEH7bL1`GIPfb5&-m!(kYIjXE7Q z+HGCtmG*M*-{(3lD9-zJIQ!bMh&t4VZv~_ul(sgWO}Om zi1=J`m$vv#72mj}vN?JV5i`#l_A-;T($vglc;>@zfsygW#5&=D*4{LC%Rd$Ig3yb@Njf+UQiGEv&Y+wX>NaTV|MWG)Z zNUr=`F1lES=iHbQ|LAY&QZKhZ>@>=pbA^lY{04CIt#_++HdKQ;GXL7>Qerh+k>6qC zG6HM8JNmrF^YBg98I9Kl(dGDK;N)BHQt4vQxKe@lD9}_?d=+76c0YazU31^(Pv1v) zBD$KyiS>*Q)je~s@-x8TWQF5v@IvRA7&l_tl5h~6LC#|i5uL9ksntm6e4V*LYez!w zx}&#Cj+iw>Z-t_|AOkD#q`NRz6dH5zUOx0&G3jB@x)#S_St>?M&dh+N^p#nkt zQlh5H2d2T73Ba7+I1abWat(ZK!f&co@oSYb80~LjzSJOeRPcct|rh`_ z{#569Cnf0)lLZJiZ%qAh50UDRdvTEk@51q;ck?SAwQhM2fk8Bo`*6#y(L=e~3O{Tr zbEHm=d-CL<-~GfI{bEq4xG{AIb)vZ?-Q`!LV&U#DI$J9 zKdSr#xDIzW_Y{GX&OIL_O>@tO%pGri*xYFs9Su@HvQVLDJ3nsjIT>8^=i1oIf?;$y zftX!{~X6t6#?`OAPXnjKdp!I;nMRgfv@kHyO zT>MFum)xA9eI?PmDJVU9ii+)`C^)@qz$>ii=v@_HOe_vVH7=@5rf`aD9GnAv&Fx_j zy<8-8^57icE(h+I)_{gzk1{9xkVqt{mOQGYV!HLZ(5lW>3%jb2uKrSzy*i%HcTeOY{%wsCTOhgN43ztY;YNQ+!Mx;rlg+|gBCn^5-` zD8<=y?i%#=?6m1JYZHT8#I=E<`9nNX9BX_^Ou&L(Ge()g^!K;Xa$Zk`ec5eWl@!78MJ`0R$&W|3(t@IUl0oSJEs>u$#3xH=l zH$U3^90hB~?uu!ew3{D&-s(uy;=TOFBZTKiTPoSD3j0Zs_)!wdoi)#>x8YbTUi{QtNYC_k{Ex9pCJA+ztv1BUtva2wCku`^cDQ9U20GG(O2e_vT zKNdv)NFkR`!&f!gm^~Dn*FN)@9b?QsN&d-NI29GBV&P~@={%LlkZXcEYn*FkaYKp4 z)YVltOE3PDtoFSdsC)Nz-94OYeSb(#-&ca_Xm|I=bKq1RXOYk*t>cLN+&FU1IHHFa z!|ITqd4b~NA5b(*=rrJ+bAE>(nKHd~ZJbOMtlz7~{E#9{DK@BjrW7}*92S}|4V#CQ zd%mxdDIuNEL=N?vKXOrn%sKK_m_FNMF#a(yXrhaazVG(TPSw?^yfM8kI~M(uiZY4# z@jv5(w28b}>plOrPP@({eo?t2D^44a#Zjmxav}Z~Du{ogpF8=fJ=!g-s5s?=<4 zu83Hmhp=1x*UTi&MmrdI-X5ZF{9@ut(JROST^mORSZDp_XPITz{){}RWfb`V5PsY;D;<{b%Zqk~ET^k)!c*eh^ImK*^a8kjHEx@5eJAGM2-}FO)v36d6V< z@vmI|FDU;9d-HGTv&;N`wwqiD1~u%qMy?9;}SNwTw!Ufw>Ybha08_3fbIzxLN7{O?reXQZW`O zsJ;h!!5pG&zcVmOk;S<(^I&hDO)03!S*3IUx<@JDto|e1VlgU`wsW#n|9s%0 zpTKQLPt-r0anX<9wxgHVclHxq|A>Ca+R-cOU$E$Z?~Ptr&xFc7q2G4yXc-l|xfPOo zdusgGt7M6oiYrr%KSBxCit#7}9~$xJix-JLB5(XZ{7m`r7%A1suznbYTnJ0=eDT6G zpEIH*nTM5m1bFiFfLTJs+y^x65BRuIz)$(p-2|-U{CFu%TL#tS*8aVIh6rW# z8)?c%teI~dqt^Sa$Kd7ils{ICZlNyu0_RixuQZN=tj;DRw)GnsYHWSZy#4Y@w)qY7 zN^B)wNhH4!DuaY^;+33Dyb_^Kjc$F(yjkV_vb=5y>o>}v*!qfMg4V-wGOe%TlrQt6 z+d;Or)Q?y^hin2wOhI9}q!e(r6qdu5f)1>d^?q>-!{a9uk{=sk;xBc@m%8F7y5c9= z@vNqWuG8-^zltX13oy!vB5{s3M9leN=ii$wb#Me%VWWL}foz3^b0Hk2%s zLgeaM;!U*ImKkpwa2furlVGU07zk{%$gY5jyY>vu(7|y zZt!kd8*hWz+IM=iG&0bAoqge=cfctr4Kv;u)E!yfT|7knhwobd%1-?Q?fTo5{o zM4w&Zm6LVn(Lpuq%Y+t|Z55mHLQMTk$*j}wBCVSjni|9LQpi?XzrxLGkHe+D1b9A1 zf|*j=SE_RaAvLnAbK?;uZ5Z&QM}asrH%#aAWYM-!_1v-9$qAX(eYg?gPsz{gNr3)n7bo2~Kbb6lWbT zQPVXxDlZJ2ev&(m<%#KQD8$}@{HvUh$(-Qu4dT@R-+oqQ|NefWgmoIVB(sEELG*F( zAj7B&TU*jBnG^a?*ha2xY&?|$H>LLlwVQjSX3Afk^}Wu%d=flZ+9D^H(oM;3gCto2>fWXua4F4at~v}LG+!c)1f{^;rrcB9)OW6ONs@Z7;&`D(j$ z<*czZZf7;butRmphqira%6s|yQ(5VI+iBN&^-p!{E?ojKh4D~jpNw@)uyHt-u@1nR zH9S`iCN>WH86&twEQf=T^vnEA?Xm8vHENw~8uE@mt5Y}Q+H6yfI;D*V1U3Pbwv{$w z#9u&4*E&bNp}C=sRkzq>6Wq-!?VrMTGJ%CuVM(So0G=PBE!CrU0gNE%9fy8DVm%W* zNOl=lJ|+_EQlV>4(c9;^v_9WEkM`^%9_iA(RdwL1=7`S1HtoU}L;bmJ)E-#vx#8Yw zJF;(guX3uZR|<&u^NBvs+n2hrOD+_5i8NT3sjYDgS1Se46^NCXJMT^jVfiOJ)S~K3;l@qu7Zwo+A(6CRN}Ni^eMcf zxk8SEa7L*@E?z6aR|(y8%Jx|AxVO~qnI)9nQp$J`SLp;;F~@9yudI>S}}>7XsD2S7m@LS@`B2jf@pa3qt;jv`N!UlR-&HMQV~6O#N_R-hoF z_5mne8|(Ng}U~iKW{DzVskUCN6qbTJ!0;XOzU&z8E-vg?zAfxt%Kd!pjIf_4m{J#PE}?6 z1zkF^TL(BD?RRjS>1deRB}Jq6L#^6MLK-hFG)zcrVj=WBjqzDvuFx3onp^(Nd@?2O zK0Ke)m#OZZFb-#U?nz@)ezd&5YscDR)$flU0XdZ6&Saa+IkK9JI|dk<%Xe+Ft$vdQ zQUS`@dTB4(ekOZYg<$N=r`@+&e~@c~aFnijfZzwlw+uxwX=ps^+7WnHlLvj&=GeBX zRYMK!%wC%+QKB((qLFou4ONCw{g}a2K4qhapbk?=N3$;O`=!cQP-WZC;)>cnLUfnd z$&n7d13rd^i?zLt#-wtFCKwmDM?OvaZfs8 z=96?om&N~3Bu`^+nl?GBl!&2MnfX+2p2L&}<1BfU5@B9oi%p2k{C#iE!#mKF;-G!H zH_s6rXi70?(ND1T4dvnrl@vFy-PdmAaD|;93yJ>PEqn!_(*K{HsasLa1~l|I+za=kqQj-gu`&&e}0ug1yEOk@mu= zxZ$uQBnv zcs)%YsvN?h zvyX2Z2(q=egTN?~`C!d|lmwvAfEe^4|Wp=Gz;hPPjc3~I!iyK&nw|ld=FUmq^cy2hzpLw5+ z4BI>U0JSzYK!V9x#d2PNMRh0>wliZi_9M-VcI9haRn-ya#xmL^20eI5bIYaRw#oXb zvuCi2?J85o2!C+6Z#9GUzt;m+v8bIvgYW@L2p$aKjV_7o(TcR^M+Npf)1r^5wG-+pky{$uW+M z8Qy!co<>#{BB9?@$;LrR@l160f=Fe2%OY`aT@Xjzndof`A{p@lAH)X>J}t0NCO$;L zx-+gv7i%T6i5Qn0AF4zS53uhPVzt|v>J*wk52b%nz2z|SNpCsa-0{{C=1#llXm9$3 z`BNb`f1YgT_L2t2M-s0}?pGyle%=gx{Uv)6--6hFgC$_T^=EUM}I}f8RScOldebsCxssNzu&XcL? zF7vS8{4NpIp_wOeMl(-gro>kIGk_I0tZ^Px??QiRtHY=%G|2ZW8WYSMEedcblcTRQ z-*5@os60Q@h{0ReMScUM(J)-<&-@{sbbgO#KAa{)a>!pPVZ^D^e0)8zfjjAaoWSlM z&it{rTubHLuvALO2^WpWkB{4UjBg-0j2ryM#|t2HcD}~uzsSsj<3xgN=f*D}!(6d6 z$RZ^A4^Zs3LQ55kZ|sF5ftSuvyU{}FzDU^i9Cd^rTpgVR@QmvS?F0NPaJ%;b<|uc# zWWXWc!KbYN^+oqqK&hq9aLC3d1Fg8>vaV3$6rw1mw#1yV&a<#Mo~tYPti=nDqQ|F^ zG8HB{PA8C*g+n-;t8!yTiOT(cQ_L5iNmTcuG_39u#%B@97UK}77|zCPq``j<{@O2@ z9WwL9GupEQtlDR5>4JC1+Z}m)?_=KbucdQ@@5z2}1a$DPdm*gC^sL?rX+33)Oy2XaXK<)IdE-^GPLs=h*&eSYIn?58ITyx#Pjyd|B zuYT4IGeLBNthWc)1QIi*Hu6F5>K8h?N~dO826N4~;-v*P>Y%HOlMdcWg=_Nrj0gE} zEIyBbix1YyE0|I0n}^Xru=%n{RcyRWtvt=IpQFh27TLH>alILX#?3|!)6rNUdPk}K^_Qp= zra?fB>vkL>uP=;tBLCg_PbY`zQ}1Zs%8KtRzPX}MtW$k%scf-qXtur@h?O|@FwWqoLtx0poTWigocG)9V z{UrOW9>}|OEOXfRtmSkoN>MSv?jaaKzrZSuaE46;8v<3=)zBMQB zMB^&?pOT-ors5`RxhcE)#WB9CNsOPb96u%{Q$5VrX@YR3O5R3#?-4oD!DllfhdNK0+IMJgilxj<;zMosO{XjpnR9>2KvuPu!UOL8U z7&WO&2)ROBeQ5qbh1oU`;?;2-mBZtLgD8cH?wxIhvhlSbl#O4&FPN%1RLEY7-F3t( zDYQ#{0$Ux-u=r*=epIx!lJT9I^Ov>ZkoX=FLB9_8+LXgY>Zwt?X!KW8-Q`Pb?c5EE z(O~W(zo}k{Scp|vN2{TwEiF0zl1$^nP<*t1t}vA*ZMCHN6|NKuLySdv49W3zxM$9d zbsg^3PPbbBWXV<*Fcu8rvm12KCFvBqv2Wj}DZKrf&k zYeVHJfY6k;Q=GU045v9RZD{){wQGM7XoK$ZqKAUWT#Gg#4$|o95BQjM}G7c zs~sZPoHgj3`W#1}d2VIf#5sUIWF4LL8=s<{a&iK=Hb4%S5V!<}{S82Cd{Vh|*ZXGp z{{-3-)W5AEiW#Odm4IcxB!QLyF~ev+pvjfJv$=Oj*lL5<(R9G&C9DdonXt4auf4cj z_Vz3G`+C^ku%Hcgkl-J-P?7xXFdSkms?&L_^VN0lmrAa0JHB1}C z|Hg0hD}K=a{|S!M#TdCk95T;o4P>EA94OdM%=9MqD+tAP{*IkDy_HaC+(gCsuzoHz z*6XUaNksio`KIw@8a!-}Z_Myx=Mnp>E5rCj%JR)LOTT5YRKNb49ypCza-JE~=NE}} zVEi+zpbG>^pp>2g%rDhZJPzZP-1$E{j5p=hRvGu+1?}+btH`JK8aR4UUoSuA0Q7PtGGao*x5&m2HadK8Eb`;Y!!JThHH}Ou=oUkiwmh-)^8J|id za<32fWXjI`3teO+;5gk&$WbeV_49<1D9g!WeuH+x_B0`|giJf(>NFu^3A$U~gVYU5 zXAKKdGe4omh^=4Uj{XMBg=v%p7x=t|0pNg~fF_tZP{Q_4)-CIQQ-%e&LceCt)6 zxO{IK6}YIz-+*`dVZYOq_-~1c5hK8Dx33eab1=JL{h**GSpRGx*5c8?`w}>dj(+{~ zDYEr1;p^hlc5Mz_4(Iv&3?lCe7A{ek)! z9}C9$eeJf@ACecVN@c3Q{_Ql{HxW4VbNDuXx%wr<)X<5uF+b@9=FBh1v^*VNze-Va zLQ})bFC^F|!)tP)K0#C$lULIm^`r3x^$Qe!1=V(%x6=mYU^X+eU$30|2g$ix$U8Z! zln6V7J6O(%JSQR4$L?Go{ak3=s^%o)VJNI?JoLx65t$B!;jpgJ!zi%WBrCBRAWK|c zu1;|*U2LpzOr6O%?v~T6$gb6`e#DkhE=VaknuNQl7?$tt6?&J52I4*jO?%oh$>-$v zjnt{X`ZO6kIc6o27fe#K5}Ng!d-F*sE||7vC8p|k^yU)_)bH+%Q;%!>rth|}mSY{~ z-t-8|uV4%8H8oV_f)rYc*&S=4c+$*6A% z%cF&5Q2(L)m(M^diA?+-)q$yiI-)nJ4nKY~&LP;Sy_vV*qg8|K5{+-C zmRzMA#&;8`LtmZ9aaSh3j?TAZxQ(}xN4pwt!>z5YuNcw22*GuEc95~YmPnIvgYG2B zo(jL6JQL?>y|EKt{n|9o%0#?|wP36=k|L3r;`W~zq!6=~!~}`F&+nX^;0VO>`t_9G zIl02s9bqBHmWa;(4q)HeT4k5W*A8F@eRo+(~v%Y-H_2r>yU;1{& z^K7f{2^C=3D&G0N{3bn(yU2Vd1Z^j`d0Dpoi!p5u6TQj6w@SHn^IONB#Gu(Sd~ zIJEvBqsXqHbHX-*?SD;SJC~W|3v7WD-wU;>5pUJF^ocaNr_kCo7ID)0y@qGMAN>b- zwf)C(A-4F64EOW9Q1s+Ly|#8Fpi32Hvoq|v$03s>f@bW=W}x9z%$x1 zL&%g7*6U|}r`CWLJ7n&NALb!l&j6y@@i(;NT(x5%{w!6jMZ&+^uwgW)W!QT>&2Re9 zh23d$VJes%7AGuSw7mGi6CrnTP5SEg+m@h-Y9ZBz4) zw8SL7d63%bD4Ib#0*`%5?>U`z7$dNC(og-h=lq`==kgExeyQfblS^1=mJM4-+PC*=HWE{F7KePxOjG` zbHWbBYkYu?YANL6Gyx6>v}RNDT;@k?4TK!SHaGqt1$5)5$VIDUXsM9Kj^3Bk=+H_3 zv9e7LX18XoVt-v+nwGyi=FqWxm14Q&%vsN zvgNT5a1cKN#Ahy~syc;?SFI3_p0#;@A=cCXORJ-g0$T?VE7)8Timccs5^?|IjqMh; zlTwM}bkg0S47LF~Cn@2T4|N=SSvaw6Vtqbbv2BIDI7FMtr@7)8@^9?P&n>UE@Urn8 z*tr8Xx&QCuyZI;D#{t4($-Q-^pl^}!g=`5t;{XQVbPQLLyFxy%B^~o@$Aem5oJSu1 z6&nA~<`BR2SIihpCC`;JtzUbC$d67F1CII8>A1FmGnl?~;~L3a@_WrC?}L?!jt65b z!(sW27(CxdWNHUp;z!u2SZNxlGI|?!3tLxOmafC zxbbNBj}p1MuebWNR4%OZ4&37Uf3+x|xx>6&Bg%}UJWZ2zj}zL2!cpId%`fdA3>C7R zWlf%6WJ@<&8a@~m)8p8$&hl~)WK)JIY33A3jRzogwP60N-7xKsUknrUSMwY$XK8x` zS)aD*evU$!s4%Jc1Cdsu$i-#j2Z23R8qHNsOeFmNPAGM9OJcYYQ)2Fyyb_t1#5;qxRbB!chEN09D5eLnFh{Pvy-QhW+><@>e&LjjPuj?V`}eVSXYu zfWwyJ3PY0yf*l+|BBzFWbvT#!;?DwsiuYhFZEF7MPk)+QQ5d9W2HkYs+fTXbKDqc| zp}2%|0!yOL;f3s33 zc7^Vq+vc{u!JYNj5P<3t|5oykMO6DNv*OQz>t2rg6z&kN{uKWX{+&qNFBimvznzs{ ziMvFZ`BVN&_)#6VE{Go?j<+McH+RKP>FtzHLGto`!F3rSk2QuRM3AviM2Hu|h{qoH zPF%^Ap#CXIr%P#e!s{J1G>uuP#yPc>TQH`9Vp^brMT_XwR)Siv!goo^g=0-K^1TNEvXFJ&AZ_)M<(fSzo#wO1`>Tb!c;>4 zOF1^xm-&dDU;6gl$Cg(N4&d8=SrawPgE zRZy^{u*7&<-XK1>^u?iI`ZoWhUOw2|9*bF?wXwSVn8`Er#zwQ1^Ze`x*F4ywV^c*! zEf*h&G@q&*RT!uqZj(ed`UWsJd)|HJdcDvEG8Jq$6p1f>Qa;Yg?us%{5Vl$43FGc zsseYko6*6ML3_w=Zpb<^w2pkTeAFdQhTOvV&|cIh_}49qnuJk$z0dQnTjuJKqvx+JrT_XGZ=a5VnjN7@DAtwfvEjNiu$j|>bCK~AzD7d!beY7aeaO7LSe zR9e~BaPt+e5l4^XW2hl8LqcCCRQtK(^lK!_)~V;+s!8vOXmu6;lCkGjPKweJ$3>aI zpC7-Ha#+!{#Aq+;S9jFu#9nrYxAGjj-*|tysT$4UY%7* z1~q1Tw42aY8wgj~Aw*aGu@%#X!K-_0oe@kPL3X11l@2UPXYR56eOO=7p#uC>rs{8xV9C*av0N_w%Bo}`Zk4(3-#Bv*WEa zequ)(a*iAN&v3Q~XZO6$TYaaKeZv2p@aRR>c9UcsG4ynknsIA&3GG^3^m+Ko=vs}G zNe0z|Fkae!hACPOt+`E@_(dusU$REwc|wkVg_S;$^XaGe0lP0I`LdROS3>Dm@Gp;F ze~Oo`!_?!whJUG?lH8$x-P$M_GQ2vm{+xu#|9pq1(ke(L!qcP3pm1x`nz!ntbbejq z?SHmIXMN*)5M@@@GP7T>AK_gL@1^I#&w+$G5B_X(gBIr`2#>eUHh0=3M`tmtIA^C& zv>gJl4PwW+gZjHP>M+2X9dij(=2e(Hj_fE3${my|BaC@4H{J~Cm5^kd9#V!M2lbB& zm=kL{;u<<@rDb2gtmu+2W$KE)Pn*!`Bp#;9=XMv=9Sn(S$%@p*0LI7}RT?|_Qp$ct7AIa=9TS!X6> zkLQ8*r`dLu`qJh0j;pXhi%_R!Z;KL+uX4qbINSnRUj z?r>4fJ!)oK@^Mgl1sbDdpNUkv7M06#>WyB|VPLJNYER7-wX`L;j^L9W`)@X;SMs+u zkl>@cD2WB$`(q*Db5miji`?|Bmuyc=zDpom%Z``2w!l4is)zI+FJ%tHIXpdR7-^nW zIHsLliGG9};dPB9kq)(I@7^FNnos(@JY)AV(WcAHjVNBw3-;RG8!6>$W5=$AMR&`i zhp8Y_K6;Bn*#UxxRJS|MyJztaJArT}hAnLQaSfjNa4DK!<40teoK;GM>An3fTEDE0 z?jb!L#^M_6o4dl{%(cCsmUTcWr31>0CH59t{p$>{^zE~!HCXG}vqYv8z3=^7%1^`I zuYT|PK66!UB>}#RP0^)`Djm4*E?jl z1DCY~^ZOUc5;1IehwR4?iS0SG@cdw93)&e9uI;k16v;=BFf^;ea3vaWHiZlq^+x*R zpODP^K+Jg95SSh8G)T;(!9@XM*~e`iGvF8&xIZVU_ExuriG?fC?!+r@j2+}@ z<=&+;=@<*W`@#Ei!}~wmcn9@A$Vk(1!S8wc!`kK3q9uApRvD&h;^pekGrt zKTF#1bmv*R8}*sR8g=_3jdE=|$~*4nv`v%V^>0es)bD+pHlc6R7uF`k7?OVG1--0S z5bOOKG$&`3qLp){@vjQ&WM97V@BFZMi~j?6s1nnT-{2e8R_=h#{eMv=+sxdJJh;-@ybX8>|NRyaDgPZjMUDmCH=Oj2EguKs3)PwbO_|ZKvWpT*7-)nBX@_Pa)-X5<<0Zv~1wP^H%*SYwV6F**>+;1*$SuEf7r#^jLH>#<#N zvYnt4zA+8i6$!?`Ga&Kmg-GPPkr*rtrbrBh_=o;163Kwt^w>OxHaiy3JEo30)#*{p zy&iT8@5B5{*Kg9VzLLZr48^2eRq%g4%2P=hM^xH4x8G$ zf`hDm?Nz~{Fz4PB%sN@XF*7bnWgY#J2L*pGtpF2FCH@1nMhql!V70e0c^gey;Kt)T zdnZuy$wA;mTMCUoQUGJh2$NFRbYA4*u%hDsA$c@&@IM2RZTbIIsGrL>!*=q(rj>2# zZfW6M4JWz&4cf$v!n9-07^nOHMEyZn?jaCi{padKcZR@5PyM%@2rL)ktp%s_f{FIH z(M9L&R9h_;a_w;?p`9F>Bl&!iZ)HQ?5E^g1@mIt%(v7VT+iTealSQb(VQ&Kx5muNsp5RAC~w4JWIgp* zABJ2}R`Dgpm#%D0SUQIxP)qHx2}9-{@L;vVdM}J~%08}a%>O*rJSc4MGeo7I!Klez z$_nz-PJL!w#BW+I?Y2J*h?YW6zeI4k)4lc8-s;0rSwHS=INl8(wDFYyF*V&hJcCRfz?x)qsa-uOCNQ+;UmNO3#BC^Jbbm-l1uYvx$=^={8d7#?!$T^lE zT9IB&@AL5Qou^ z@fJ9HQ>8V!Y(6k|A~JX>IVrFVhu4_*AIZ)aU)tvPxjnm$h8;Dz_n1VnT(EbW_Lq#j z$~)pcuCIJ=vv=bIsh(W(UjInipL=@uC-)I`Hg7bceM%!PJ?V;yzH)Y2P%nsyF}q?z zYWz~M>)5aVTY2h!^d8(QGn)E5*#fUCX^eg0Qv5l*$pujHE~3D@mcHQqKEbpFTz3cT zDgvDV4B`UBsc%rBn;1IXS3?4mGHy$5Z`TdO#i0REI$49v`i1-Bl%HFH@ECB`S7w-= zvlsBZtt-}fYmZK8bdguQA@wi!uKJsF-gjr0IIsKvLpw&n-O)-;doq6g8Y>u8gc70&L-rv;NE z9eln}4a%0T{EmtGEF7pQfoljQnuJi2UGHy!u|ssJwlGdikf4n{-Tj>}zDz@3s>E7` zvU@BT`L~=r)ib(j$9{o?)i8J82AD7%vs+cHWmYIV6Dlj{-R73F&`$YYdhKR}gi~C` z$}FhC#nJ8rZ|(E!i6bgL+&duYN8KrVm^{~mZ>F|i{mZm9J;m)eHLbB&TeIm_l#@Qr z69%^;aQk*fYyt9kH$UZ!y|1iK-YK&Mwv@K4S+=FI8_D^Q$Nq4qmiEWR=q!$Hi#S)0YO zk#x6)4-a$4Z4wMv2o!naZc1KMx}5CEq3M{!?nP|vM~JU*zW9pvEI}u_Gf@*>X`fWy z4}0qmb^NauX=b8Y+qYi6D;G6^?goLW&g$C}m;Dy@epeG) zrHMT(|ae&hr0vpWpq+LpulT` z`avrgeivF*K^(x3LELY@S$?%A;EZW00@5dS!%lViI)@ULzvS0X5Rg-xpg)i}9eYi7 zhqfw7)3>h&OTuUbu;s`8k|II0N@dJWibCSfZSGoSm(9|T+emcJGKPR3?FO`GH0o1_ zlZ{ocbWF;ZtG#`m<@j&Eq$R6`6?gQz8XrVsiafVBlJ74l_AjH;N)@@R2aw?(L~E7u z7gBI{mEnznE?lEg#Vy3YsK_UhjESn&wzYS4>-XB-3hS4;p}RuSgyQ}pEd6MW%2+>Z z{Wh(!Q9pAf{9|^dpngTi-$1cseA_!+HD01LjeO9yl!h7`NaHNfrJ;jHo8j!Z zRzdssC&Top|JZ)r=HO_)vXaA1GLerC<~UH4qA}>u$U7s$lXDXV9Z$C1%!~dz^?%$u#qTqdh-BMow5(eN%P&WE;xh{;B(-lGX%rs@0&-Z#)5Et5BU8$_c@5&$Z>m6`G{S5+bTdbM- zC)<9>MwKkDH|VqLkQ|bjV|JsL#a-80LzgI7;bGE*541i!54`o~V~f?_gnP%SH6`(r z>@nF{`LiW_^e%t{;a*Svo{%uv!;29rk!elJ@f$y37qPXcFhPDQseGOvVWJG}EWO<` zXr{?3qHL;@gRbuJp9AO!JM!B8GO#7@mq5`1iLsT0v`h+$jlD&Mo=85>Y>^z#ERIEX zjuUSt@j|3xbP)|JpBu3*4tX$iEEBOkSBVd#dgcL2QI55+>A4*FvKEHsV-&ph9MyaQt`XH@T$)6{SM@Kq3Wvq;SX&&Z{wwO*+l zW35+NMg^*T(^h1wp6T4Mso3~cWUd{dZ=)Vh748h{Skb{YTzS>-bn?Up(Y)$0N#Okq zgCSOSAHc1w=goDi&JcT4AO?vov$V#J7UX zf1;!vVF}y`mhyQW%J&tKHF7eoyW}(#a22vF;_Ly( z1!(?>Y4altw0ysytJND8X?5AbnGX+!E{#L@37Z0+;K(d)9b+}PCh2xd#d*=hHi=sf z?A}{k5Hgv21nrrXjOYx6>fTA9dvXn8Y+K=+UYqG!RdB9D(I_|WOv4&)AWHSkjQ0&- zL$7r0d?_-pyBcgT#!U}G4L##Gb0`=OjSW}M2|1{K7=d9urr<|x6}Tg7D}WGQeV)BN z#iIpQAUd3k)zIv4ER-;*g|$(;5N6N|8MNw$0KlDJ!HJJh_Pevi4SX?B)epo+65|r1 z&3JP<3>wa@nwnd_7`C4zQQr_=MdNs#`=uZA0=j@vypQ*a2kb~BbPc@MlKK+bZc6}6 zQCbIv@dXst`FA@|Y>n^Gc+h4unqct@7kqriTqdR5% z{CTqm4t~3&{UBO%?mrxNJq9H{cC$ z076-P{Cn-|=!ClBZ9dn_ZpJ;nej{!5yFP!hpRa>fd_z|Rvw7`s^1%lM->&SXhBS8! zUG`08<&q8|ybJtB`oh+0>CkNBL|RbR)xuZOa&5yJEH*&(wpfAdb|;ZR&p984|7844 zm9zVZd}whyg$6jL?Ch#`4RNqE#10Jm)%o0fAHGv4v#mY<|FH`NL|G=V~6*y z+Z$jYpgHepX#0U^1=u*#3#j=*+D5W9~4DYCrlB?XISJ$0&@xD(Hn)b9t}^Id%lnkkP9T3rK29Lhy({fojpdUAYij1Y zQKBNYjx<-gvmY-ro{OFZ#;w!%(K(sZ%?(;-m^MXTmmzEwK5YuM_G#HlUGfw{r5evscj)VtCaHb{`6J?5nC6P#(By{zx)-h zHe6Qr255hv@8#%BH{b7Wm*Xa5^jwMzxwu>yolj^m%x?U?==!u}E_k{!vh`{Xd4K%CT>%3vKYS8+)`j}*}v{JioX4d z(iY1wm@UQ^QCF6?drDhfCJY6VX)u9ztJ>&lSsyUEc^u#Bs``EcO5|k+g1esBApA1V zE=+734YO5yLFgT-+YnMhX{%MqZeupOggQg!tXwvC`xV)(5$BomITqZ}{x)S^MzFkM zrYt7-Ls0*vgzB|wbmw8V>TZEPOr4LgRaf*e2Hs{wq=x+ws{x+uN9DUxP}Vp0LRill zs5=w*4di#eRRKE3v8r++R!E_HGwjMFQ_xh3OAcB!pl!L(Y$HMoJel zTrMx#M=^)NLYf+^-E-W#Y~LXs^k?2_Qkf4Zz5~yEc(x|)1_dT(l@f4^ra{w8ZOhuX z%i3vn@M)xCm+owCnx&dGQ7ar+vva6TYiXJZ>tXR)~l$a@ls0WSwFoDm-WEQar|)l z6*x@g)3+#g`c{Q}hr`;isYKQVx8c~bNC!8<;p~9Zv2rBc-cG_MUy1G@ILi7$(0VZs zn}Ur|<5f6Q3oy?B=}zM9bvGl^S{j>NX1N|pw|VP&Z}}@-+wN_=ni9N`@ESQy{no92 zF_2fL=EJ)L@3s7tAI1c$F6Ml7Q$2eoAFog+axU3#s*}!KLX0}@%)lLhmJELcy4|V1 zX}*q>9g@RnAm<_&{pRb5*}xqO^EfGdF!PH?;#yQzZ(qGy~iE(8zNaqQMmCYeNGX`C1g*jAhWw*5CIGL8Q za|O(4w8^ULL!5Ls?lNBZ*%D?u(?BvcZcd?XHE29&qT>57ZzQd;5{5?-A#G5TNzP4U zTJ0pI_IqnmX#!gh?Fk2tI~%4iaVWVe8gEoeZwBcAr$TEwByC4%ACU&GAlRgp?`jw) z=9i|3+C;`<6x>l&r5*aox@d+Qy@Hu>Qs7V|sSk_DHT!jIlVXC#PwDB_VfeXk9iyDm zXod82kCS!BfS>*{*et}zl8WxswKP6`9; ze@fj&dvz`Lg8jd($FLVp7T zUT`hJD;Xhbn?{IQ3qQ)yxrw=;ew3Kct&uDjPdM6ACiRG>#i5PH_0jjLR0*i=rNrJrK0={0sz z?@idSz9ayRcMxiQ8L#0_hYSCnjWID+AdbA%FG)w{`?ZGN7J=skEV1()igjQpv%bt)(JR4bRTs}F=#wT#5>DxD!&G>GP_hZ^NvGu zl;1aVB5}3V^(I7p{3s~lUUa@65RLcpGplsVgaUpNer&?C=ANsiS6Kfl1uY@|J5`&+ z?zVcd*z*^S{otapKUg$&aLru z@Dup1^#Sq9H7*dN2H7)a7U|-!)Ykg_HJi7W{WYK2#*SKPMe^KJa4Q-or!PvGTQ7oL zIfl`n#4KNualYt-g8twBMEXS3|Dnv}iX{mgSNbLX^7MJkg{57FoBcI|yXJ^Irm3AS z2dEG6r9$B{<*ylzKAiZLI3EC({#gLa5&-M{H3fE*J|Yl|-H*y$-$2(7XHU_fbZbiK z`)@EA`M>l+#MT!wGGce5G8kmzk5OnSYp;Uk+}mI>&#^YeoL?Ds3GV5z`94(9NA+FQ z!0ww0W~Od1XS-l#vO)auzYORjrSkWEcOq^-ASD(teZ^HwAUgt4G=r_cAbK%5&|#vN z$el}y$%y{U#ZIDl*)IkWiw7Ox3!*LZ^Z;O43!I*MJKxW603f#kfTps4d<^%E(7~^d z?*VO@K6x+My}o?NTS)WG(rV4vggroZL2C!s?Bh>Bq$yT{LE`~@dA?#X^B^9xVt*3P zeE2DTlka0FB`ijNj}w2I9|w5mGk7O!%co{sfrkh-KC8G{rSQUKx~@qt=|4>LRLHqR zT;mUCzk3sHzzp?yVq1^!qc!rQ<_4{QFn7H51#_oea)gz+!dh9O=u7-K`y-1@eSfmO z-u@Z0onZak+@SSKb2F`9m^jT-sqK<}YU5j`knpXTi`~cE@z&nvPP=4% zk6w5x)W*}%@$N1#ODlt;ftAZ+*?&X_p+m)WK57(GhjB6updCy2p6zdAM%{ zZddz*`jKsRbF|`pNNa%vw# zXEPbOE)zggL)rD`C)A(USbr)d=(ig)Sh0w5^vTH1;O(^fPY_WqH$Xw-TVOC&Ye z{MK@FgVqXjGp&{8j<-tYPP=RoQbxR~P#13s<~zG!{*d~_n?Eu)X#LpSOzWS_9dG@! zxzjFNgq2V*6>7r_?c3P*0JHHg#B1I06WpX@#V~&SQz9}Oj|rPfsUG6b{0!H`)z9(F zhri%A5m!nMwkZ(mB)2}8$YZM zynBV`*XRP_S%fxS44C41RM=EXl}~_WaJ#thfesfc#pUa+*+!0G`R`QT8dn8i`MAnS z8g=J2%Tm}>924}Wf zC_{(^L(j=p9&Te|$~S&PvAjRS6ZqXNdQh1CCrOjDN(m7;|3zq!QZ@xP_*hfeTjY}} zay%d>XO+UMzO10!K*9KCA9R?>_7?e+iu~4UQHoyvxI<;&#{AmO!!iF&j;YF_35;AX zjK3F*-x&<0WEU1@^m78ks&9Y)dcxcDFt;v}%(;yIf49-r&fJSN7m=U(o+jFc#OCi+ znN|A_A12WoN?C)xZu`27K{~?pqF>GFm4EOa;r2X;sF0oEz*DsW~ z!V-Zb#?C_Q39w2v7sUSy1T+J8^kbBT>pT(hpY-DeN+PNcPwZO=$dViFc{0M<@c)N8 zG6{ImkZHwxkI~R39?T6D-VVJ>4KRAn1Ylw`%ix(0`}s|1rWAyxZ=zIhg@i<`?exAI z;mLrN-Dwkbolaev&ek#Q+u_N|?76Ud^8FyGVzbXtI6?`n%xX*&omT^bi9tH*DZsf; zI6D)YUheoi5Ka#%+0~*fxU_QouuLA1(^R05=Z95EQ&C}Kkl)r2KbX^-a^qnIutO}7 zE4!_ZJ=||NW7HCeQpD$>0jKO?ye!QpUhK(N?8;|gU8Ng&0X`~Fs#fzOKK+-+s?n}F z$ubIp?YN2a68x<~`;ffT?O z-oD9w5#1Ks^F>Y;q@A};nd!VeYb z=Dl#!2J>0-VcX4(h^&3znQ*??Mzh$KPeWcgIoBsZa4D6Mv|`w~Gw zqiUH4ke8+r=2i5I^;$*%hF#bU6 zDml|v@H@guD^^*Rx%2&|Vu$@{IrHNO$-Ft96ah#LAeB6~J;KIC)Oyq0az4JeX5K+G zP~6O4Po}xi-sor_B9VR0&c4KZ>0RD(*-j612m}%B%<~bipmnvd%Cw%3qmDQC0)JZ3 zWBO`mMdy*q(PmlN*Edjl!`W+GUPoBtStGG%_W-o}fYB}{Q}aC#$ZuYYH{Op5+1Y5m zfPmjrYO#UV9X2+S5bw`VWuuFqzK>FT+J(Jd+j_duOQuFwSe^D|Ixna&B7g{P~ zp%X+$D!nskq)Wh*-iK%}l5R7pt<9)jS}z=B?s)4+bEjRjzUivw zg$mO;h8%)*thwW@9r7LwfY&yp$`oNquv@?|C1wzM&ST z?IwtGb_cMY_y73!LVELG`8UQP%50OR@q$g_Y!jt4KZ7Ef-`M}u1khZ}WQ{ih2j<5g zr<%e*C9h>aOGOYHKM<0?p1yAiLV=*<` zFXUUN66H_Brlk83P%BSy|D0_MC5)0JcYgedl*?2ONY5hHAvv%EovF`0Us-3?Jx#@i zM}~{h>GCb%Acv{8BOw?3g6?=+eT{>g9!{F^7Co8Cw`BM3S+i%SM(tA$x>B(XM$}>m1UO znwR;}PHLWep5IjL=rVs=ZkL#~YL_`NJ36ofZL@E5q%gwGf)P_i7+5A)tyxCR!f2Pg z?L?>YHob$t4{bm(_8#TmGXAB1OYj^DSDnPa<@ghstbR&l^386-3hG@ShUVlyl9E%L zta5DvyoIr96QFsJs<);Q<~d@`eB*bll{lMl3gb|^3@heP_9Z*1sDM3>Yc`wJ;PFw$ zOt51+G{>%s&ZZn;Z26uI$xNTp_&t`q*g097cFCDtCZFqwq8T4lJ6|mmZG65 zTr6s`*85d1j4Zqe>fPi*MwGim49NrE&YpbSI7Ng*W%p=NNj8S33;jZ;KH%{074EYkD3!$q2Ik$dlAVz&~$C5sPXKs~l z_iYBQQ*Wj0s+LsQ-Mzailxm(v;;;?tKF)aa@CMbn``CKzbLrLI$R!#y_;*j<(D8Yx z_M}_WHLmX+Mk7B#n~~Sg0j1VyCZGKmP>zF`78q|m%iL*~7GYwNpj9Z^N*Vix$rj)+ zpEJ*?;nfqn2=^D!YHqBz#kvreZ|lDsy`@Jx+~?3nUQ10ZW#n}DqV+n(HubBo3$zo* z;yvLStzZS^0vI9V)d}|mWna$)jj{qTpl}} z>~e|0dDZY~QaB;=G$|9L+_?)h)yWAE)n6>dbXNE@nfOxmpU=bwba$rncByVmJk*Zn zOr~qoGDUO3LFDNEGP;2A$beF{2HyidU}Um(HlAd@o*!rJ${COZ4ok+cfu+MllM1_Y zk4$U!mkP8sS@gJf!f9BwTW=&AYUi8e^tbMo!{;~NBDY5*d;PZO2A>vf#@V3LHCb?!=v}Wl=`ok)#MK<#?A|Emq7!gg_}l=*m^& zwbs4|mv1bX8%w`f3GWn@!_Yn=!3Y6pTxxp*EP_KFLM&=IY-er)?-#TU5y_e6w*fIa z3rK#%+B~eC=G^TYIKE4r1~5uraHm2sLzc`mI)PZ;amxqHMWbTGPQhkAs$3JpKrw!H9vk8E#YH{ z(M3cLa>_;gTPtuJ!ANtTctSk_n}|oT^USND3QVB985CCCN91eNqZxX91Iv? z6AT8EG1=GzCrr*@a^?;j+vH@EF&y9ftDc#iJtV>Z`Sy8sy1P16cUMioxn?T%AL(j1w00dJ00w5 zW=F82nFB6Z;VQ7_1bA2JK*d!~Zc|_7qJpY%>ly+~KRr=porw#=og7>o&`>D7b1jmY z`z0c*Vs=-@DeHiKS*e!ql^ooRL=(F2iQL6`mY{U++kP{>4HuQ(eNp^xO~0)4`%25x zDuXwufYCgAN@{$o6V|aU8{1~bwzk+dF}BTdwq;T_f8e$I;s;89#Z>?ImO}y<%Uo{y z+RoE@yo9n75^l|{*?n#^7Fpdpv8!+m4*0dZ$8bngE;a!z3>u+-OPI>>mLN-l8J%hB zws%z>R(|<*%3D}cIB9G+oY~7gMz41OrzP&epnEQ#=~`pi8fdkA7l6d%$1mS4z}_mE zo!)E@?gs#O-NJcQ4S$PJ6Ru-Zcjbth@Ie^^ck-2*@EY(P`j_P_4>W}`5>r^k3N?kp zO=t&OYYl;66c=|w0M)Onu)i=Oiq08R7`|1S0-Yz*Gq!;4BvTp>{mmQ01+{fWbo;P< zFAT-4KYt@`wg^TH)lN5&c$$S#^Z^p%@MhmyC@B`M4_(KU1dA@{{~&L_{9OuK@3+=l zhQma-myC7)AS)Z0g%-O#!rqnGFW*Out^zHcSx8CBYQY|!5|OEW%j_}WQ2>%@a zxxh8yX2|ij<3Ev5NqxgC-1`E*2(t-O=_vfYxW${_85Lgoi3tSg<1c@OM`tW*4D}OC zjW&=(nF<~P819CC1go}u+u9>I@n(a@C51rh$%rP{NY>$^lph70>_Walg2w=N_cFf9 zKX{lA8(EbE!g(0gFDsC74GZqvy$@60@-Sgp5vPYk9C~-B=rF4m6MY%a$KjPh{;L8N}~DL;S{gjff8%*?%_!m%`>_BA}f!X zUdJhvC!FGG83Rx76{mpsyNA9bEE@;cG^D0Bc-{dM841Ak`ncP$Y%9(s5EXw?%RMnMAm1B?{b`^o_j+~>sQxS z=d^yaP3z|{s0&^ojSvIGi|d8KY{NhvW9s|?nF+3G7}S~KZ}?ccZ&^t6Hu|MQ!O1Xk zAZ{Bu49L)KY{PaCo+h!trNe>G3(<%3Hu|lNR)sL60o7>X2m(lD`VB?t5@BQbtxds; zgbWc!QHtKEd*~!;z%R=~ic*;gMX4d~6s3MyEjEVBWqZ0>8^crDsn*7M71k8Bsv$Je zaX1ZtN;5A;WHo1P)|yYKG%MgprRmN7p4x=_g{aUXX2d(h8w7uz{|s!Li!dIed6wYf zC078uiGM=ZDSAz;KOIRep$M3V!8+xDoCQ%lC#JBL%7R~*)P|<}-%w}yEmb8&!TDEAIP4@|h*wIh)tN>4Eg`?N7Z%St5l6U4y)<7LYa#6@EFdx{H+)A< z7C*~!bMEnIImI7qI1A%>&^mLKV*pBSXG;rwW#N9GEyj;6C>Af}U8oA@=a-Hp&EPmb ze*4(c@p7CXhcWF`|0k+C=I2&*C(6Sg$()2)I$1$a2_Zj?A*Y6r(*!x4Pw=x4az+eU z5JJw3AwLfxzlb4cVWa%g$?gK4%=$T}k(mrOC|JOzEM$t(e$pAuK58;bHKoM?JF%p& zNJFDyriy3tt(u;akDEhH@uqF*=A@bnUqrsFz?1J-U|iYzVr502FB%P`yyr+PeD5T&;{$X`@nC;nzSf!S^D}-WS-` zKtYD$f^aswYi72t^E|FvoG8Z(4vbC)AKY!GKnfr7b2{MUeT%zz-N!pUu#a)s?_7DA zP^yuO7xMvA8^<@oe37-eqQ{g3HZJ2UnQc5nO5JfD2Z*iDpODEmz?x zKI}Gk%{l*ST&7{U2Fpn1TE3<01RIo3fhCge!Y%q-j}v6HSMN}8d1T?VEc#8fOX&t; zF?NV@Qgs8r#VFp$2hw+-k<9OKmVVF2?RT^qFWiK?d^4ZoEqs!7sQPepKF-@Jd?Q!= zYc=4H8cr*T&JiKmpH;k-*u2V=DgFTqs=mS>F~b|s-x@Y4%@JdGhIfoNt~a8&wD)s( zI5K8y=}$_AeUpDyY(MymjItcx?98eFC-rPBJS5#@YI_l%jWo~1*R(HP!EKg^zP+ij z-8Ef}?L1^;ptc#rx)W!vJ`>!9Szlk4QMN>R-brk% zn?%Lng1Z$U;osC&JJRt(I!SA7cfXJ6yd=+3%+AA4#c}ZYM?;) zV80im$;1zJ4yEfVwsfE3a5-8gxL+Yz?R~(^vYcfr&4bvoGskiqtO83hId$9rcuOeq zi3%p(tAdFuTXNk9vW(SA0eyFORnxo5QinkK>-gpS-a36X5;@SF zP4w5<%Qw5$EH?%A7-b0w?^Ifr%XIf)>~uHsIJot;;v*!ftz3^{YGnQ!X8(l|`2u(h z03A|3mue|3msSBK(cGdKpQz=d{;PP5-tWgizuzrn=*BJQ)cl4=zIDpoQx~INQr`vfyGnykK{-P zpI}Hv{ZOV7G7A9t%R`Z5Mgc#K0-6Pn&mw?XG#2`Hm*P`u%Y^LY7Y;>MYv5W5r}(DK zhXL>l%$`{P;1&(cr1(P@+eXvl=s5}cnj7QN-tsfuc+{s!L1yrChojqtwoIz?1D7*9sEL-%qOylFc*X0HQRfXC6muJY%$K(aMTt zvr`2VVH#iXP5)ArMyl|Ve8r2@q@(;^j{Me%{K`t-RsfftIgxix<LEts2Z(maBx^@2UY_sURr@smNH*T3H3`;TWL36Hy!@ z2YRU@*qMxxn#>-(<3qqOo-bBO~obu_Hh(2@b{3FrEo78m#78W`x z>kIOUt{b$KF}K&Ar6FbSR>nYgF=@}MPJ4VMZTX}MuYf6g8+U}@7M8Z#KTxY$Y2dmk zUZ})6Kg}oQt`1xXh;{b)Wh==<<)#(7LB+6cmXQUKR%VGI*JY3ulng{48&aO z@$@IEaOg|w7Y3$O;qO?c&kv%K4Om{2DnAl{J7q<8z_@HaH{hd^{#GHh*0C}E`lb5+ z)Jk^i8a-Rs`GXOvM`0PsOcSc^WSD#wahNT_o3-(7`o*g%G>sv%^iMfP1^8DOK;~$? zPc*#EhXo|V`|8Ext+4a|&BuuSH7p~U*ZG#-5NuFB-@yA#fK!YvR;3=NL7BZR?Sn0t z7AU-R0%jae+rqg)oi}YpG&k@))|b5(Nw>YhA|cM?nLVEe>D=bhWiuVGjh)H9$_1XC%E|j@Rkn2E9qZVbN|fhhoY*>6yGO!aXw9w zDSm*pfMPsjyS#_C$3N$w^~L|-H?$rQ7>Sc38@!*CUD-TtP@8a#*R~Q~JJ>rogQ~gG ze~B|F{23wL=)(?$R@^+#Vc#+KZRcC~+6JXC*xoz~V_uzniysQZkN8Ys`7!k9lE=pe z)0mnz{rpQtYh&?ZmbSlNVq%&Jma>H0cO3RWY4WIyeU}tKX*obye*L8>bRza7Na>+q zrBBEwFoYanBy$}pmp&DEX#$`+IGUzSq|sIU49^6B`_2hi{Ja`k`~r6m+uD>(STeJY zDmN2vfd?v>j%1iyXWagi{|S#}43D185@{8`#G|wL6<vhS3i1#MWCj&?x&6?%?-o+!PKd!%tk6 zu=u=I(D1U8?kwwe*E;Q1iw*g*0KNOW(?L+xv?DT>d{nM()Ja zPjKlRbmos2;Ow1x!S&1XKOfj7{HJ0U-LiJ03P=@dm9nF$FY$lbXlepp(A0*0>1xr` z6r5b=Y~P7|14q;jFi8N>cjZPs^sGNXAe9n)Djw+M;N=S4S;~-IpdJ7b{Tp1OWS0XJ zsDJ1+j7-m#5nQp#f=?iD%bpg*`Gq~p0=VuKhYbV79j%*5qC7`3XmA`ANzriyjv}}A z8=2GzF=3mCj94`pNZ}Gt>MYh1!Zz+VU=fA!ph`qpsxTH_3Ni+k<*S94+eKM$e+nrN zmS|;+bbJv}mST}k6X{GDo(K&soyc74iB=*NBUA@=8ugWhroH)88^Wi$(;tRKyK632 z^$wZnEQl>ME-H|lUPLsuFKBBHrhV}fvFj%q+nWETz(h|G?a5Cx#!fnqOX`v|rm6_% zB~BjON`d+LDNfwyD0q07wEtLfp?UCS=!yh1m!EObNm^S=1W$&R4 z6FzN;p~`xhRk`FVGMVxakiyEev9mU2%ELgKxD!b}7;+Btz+e2V3=b>S73j6$jJju= z&M~#!bM)qGo|@3L`Nf+-$4(9)23b8cG3nz56;Q;lXPep-1UByvZDOVP1*LuUL}eQX_^+29Rl{Q~+eyW^V) zt?#vRRKr+<#XAe$@b@@gcq%}QgS}1OkNI~t43#ig)VG|=vq--Gy*6rKBcmG!7_X9l zkFs#qE=!bkiBi`;Q_#(T=IVQwtm~g0Ih*QwnyP&jr-?X^Q=S^Tvr6|&H}r2$lp^mC zz~p(tNugc?w^o+Mc~+1W4_;0e5Y3j?T6^dZh^!vl6ZrH+$fF@xQ`I&8D?`4UDWKd% zh|P4nhwes%$-Qk;TC@E}MaUUY$AY;3zqKw{O$l^a{H_L0euZg;DNQ1!-m6><(_55! z_nKf5CtN!^VfuB?IPHhAgvUk+w}lnl*`NkPahZ8pTQt1cOK~qCrhcbVLHetC^i#iC z8uK4&zo>nLf}M@2tP+UrD!0T&3v(*I<|?no?eF$kh^{L8EUejWp9T6=+h?%`{(LW$K?dxKP?{xXmFb^GN7CNTKF|@-q{xEsw515p36qEF@t;`xmG^MUh;~&wQex|6%~qty3;c5rM6t zh=iujo8{`M{==Z_OD1#JK)Dq*Cbpi1X*iV`Q_UrMMu&iIF z%~0IN5Ldzy3&UsDe|eAAcG;++5{++8(2LstUvay*_E)=A+TYs4+8^z%wf}7V12u!S z|B%{$f4{(6KMkq=_f_o(6sFBuPx&@& z#!1PgC>$*`x-q*C+k!CAEUgUu;+lkUbL2xP1L`33f4pMEOh?)AY-bu3+%kJC)3>98 z6yai-#0zL)KnK1Czr-9ki~(=YEc&U@aLsp)*Ri9Ud+M!(75DPOHH?&LajQ5G@Gw;c+K>)!ch z9fbAwzB+B3&RE556G)qTg@eBo}P3=?!ddOe0b>&dft2om7*!d%jKJGv|S$x2+) z?9KmKRAZ-Gjjdi0FXaRI+-sCipAGMs*+qT$VWmG22CRbW6#E81shch3q*At#Dc!kQ zBuhR_-7u6Odv1lFWTFS?-LuXE?3Wd-xDWWxI;G+sMMh}wEtr8tMoC3_RieFpi4=R6 zg@wftL+f9NUgCADhCs*+FY=MPWIF8hRN(2_mwg~I0DZ#gL^k&}J}aWjS>6wS9nodl z_9MS;W!{>Yy({|#6fb(Z(aPR48OwuIg6_|VF{Cr1_{r!Qs!X70qi_(27gM+Jd-ACg z>MM>h7SaCb71a%WtHa)`ZyrFXOx68+m~R*!+Y%cZVdH*zd#uHyl*^9TAS$}A!L|fe z*p`o9-T|M&PoW}nn>t_G1gY~?3R`D#r}&kypAB}BF|Zxqwi>^1AEYyUxL+2u(I1eJ zSY%QZ5|LVdI6uW75E_NAD9XsV;Ym5E0xVI3+g^9yrCje8hQ=>CM6^hx_Tg1$?JRLV!)`OmmUD3B-XCWRdK@dkjhjM%xmzTj!3}dk^YT1RpFFmSCgF6V1^a*iw6vK^&Myn0;@%`> z*AClW$@8gc+bekimhkMq%A(ELKa@GJ7vDDaO5QK}VLy(b+9)Y=q~mA`YC0)JVh7QM zBs1)k0t3o^r1O`Aa7qE+K{^CsjWH{lvAisg)@)*pu>y|B$D6$m(WqCZq26-*>Grli z4a4B8W3JCX;NQkyKZXAlf9a-LXse`tKm*nkU>w*^?)g)36Z(Oawx`w|XvyjJ!6W5sDNUWeW7p=aqpr<2FGH)e_`%{eoZk{pjTmUTB{1wSInbbmmG zdwf9K_mrj-Q!Ys=0O8)@;MjM^s4^u$9-mCXdM!dHjx@L|yA1jUV#q>O?|Xok)>2i!4r8t^P9hUw5_HmgAFm?l zS;hL0wWNxak>hCz&REy8d|mM_;*4qH$)u(N`@9>9KZ5&VzXyBo+w9?K8tL2*dX7>l zp|Q{C)sL!IwvaBEqJ{h?OI@ywdjrfSO#Q@XHsRk2Y#08G0`e355ZuxOos4Nj8p2n@ z+z;5r3Aol#J_e4A0NpKuMn+QwcN(Z=8xy3FkjAps+N+;Ls?M5fOS>jMqBYH7@bsQN zyU}i(zTiBHC?QqsrA4N2Wi5n2TNc-pmp%I0vq838A_zLdiKqx?tBEMCy&uohDTO{o z#A6*iOgr)7aBr9>dF?!T44V)LQq{?;UZ7JwyZ*h7cfre%95>zj%WJOcr0Y4AFl?Zx z>X)hhYt@GyG~R4o0e&o$`Eyk-nvxAz4bXgwDi`{#Z+}xZk|3^HCtRB{F=Hu zkgI44)2YwEOj#cWxFU|;SD_Ea+jLDtH=*8fS8t-WF!0+y`Ko5RbGwuer-svIwsvP- zH742IE%ErKZ}S>Ad#H4I8duXD2bP$SoUb|L)goN}%PC{{9M^oRMS6IyU1sGv9~-s9Bya!IqIO7mcTk28Mzuq_{|>bSDtXw z$D(zmb=W7-4X`LCodv4|-hWl^))gDN*UwmgW309Q_HPSXpi z#wz>&O2K9y*o7%-p>^0<$ItOd5ZB3VEi6hS<7VltUMe+QQ zy)meH=XA!IPYu6{Jd^5QsU0Mo#%j^BO~g^5DC>sHh8(pErBwhq36ahj_38Act+hLC zr`c~fB)Q?Dse3tBp{beeb(4#8z)X7TuAPeOVQrrt*X0ZCIUY@n5@iE%m}r(nbE(qW zgr4k@EUv3W(ghS}4cyOaB<4n%o{gMojA2Y&_jpcWi8GARxvY>iSmia;_oiCm@O6$c zJWr3UOEUF(`h(lg_ny}?uEzMf^h%mz=$DiWQ&oJNJ(|hq(_$Isvo80MNf+k0l zZs&L}BCXG?T|VrjEgp5ev+^jj-6K+KoEyF)F3w2*6eQTx-CSo+QK!Uq#C__VZ1kpG zfKcaTnk<8M*n`$g_e{$a{zeAjxWHpcS4Bja;?i}!@yt9%0|U!;$|~EJ<+6PPxVl); zTXJ(Z9!OT<2(I_}H)zW4s|{&N!)pW6AlI`xbE{oQaYJfY_hi`}L3Hh`H4Y<))^z8L zF&tiHL=cPW<&cKK>x^=G$9LtjJ$c@N6@?oeaA%Wq85yK|*RSv8>2T%jq?YE|t$J3d z-O3FxQ@SVDZq=KuwU?~77F6TU6zZ}uqQhA_LRZhmUgN#o@M)$as9N4btaSvXtB)K( z)jHl^>nKU@A=V}-DY_@&ZEtc*L`QDT>I>?w6SaYQcw={?9>~o)Zl3M^FH)!WZcC3T zeq6;%EJj0jJCcl;U8fEGF}Hh@*9KGRe7dW)fc(v~^{M_LwR5Ceohyc%4i1%(uMG~9 zSsNT~&UA1Dri}%)+*0Cs|5N*x6~$eHa1k`DYi2BwvZYa0RCb#vp_1iDJnf@g1@p^M z@h@IPe7~%W!$c54C3LI&D8TKEI|C;5{I-xz=44PLYCLchlu;ZqD3Ie_^i-^{Etf$;^jQ|4Sw%wK6y8CbCoFdXZa2mb#Y7X#*z% z`lVC8A3wHrsU)kPK_PTQNDsU#8NVV>a;`@qlaogW8CZ+@D6Gv#DhP#fkad7CG76x> zCrY`swzRG)PcepZVn`H{k8|d_`8{%!$sJFRV^SU7ZqLnKA_>x9UGt{F>~;vaNn8Rp;{7 zmKv5@=g%WdckTQmG3;vBth+$Pj-V<2XjvVtm{n8tMFz>bRPFYTage%79d`TNz}wWC zxT3(ZkafYxadD=)h;FJ)6lZn)Q@g!GTI=k2;^F#CPi9r7qbM-ymqo3Q|ci#2$&$h*e4dEm1-WC-&1a1@qRT;=zDGwRP zW3M3m=pL|eJSClcVmcKZLsG%mE>RmLpw2B+EcS=Ci$PRI_XDaf#xDDN6%bxsBy%)sGtoQ^85Z(%o*SV2Vww=ojcd znZjcd^=A1c1pmzBR3LB1_t&GI|1G-iucVVc6e{%_Qu9v`4rn?Xdh!{LQ)J3Yex~?x zGNH-o;HOHD>yNdz*vn4BQ*oyX>r+t1h|slxT)K$yd$cweF`f@SO#hQ#KAEunFRKuL zS2yko1n?~@o0NvuwDgjWza0e5X!hBTXvMUreyP4){Q~@gh7gw4uI`o9#>}B>5FRPN zuFiJAa+%@W14W-@;cbtLF@KO9Ly_IIYTdYB=o%?y*&@0xcr$mc@P$(a2baWsHZ5l7 z5_-mh;xVE~tAWCXR6s*_8+>&mQNa9-`4-t}o&mB6_TGP!FN%uBcsl1Qr-z}zisZ;l z)&!t3P%ttTYgJ1Tp5r%icwRsM9P4|Vs+-vcd^Kzc+)O~-Uo?0kK(^38o|(bZWRG;4 zE2g4H=%J_xNVz4aZi=ZNz3vR+xQFPi*ZmA9P&3MB%8!XgCRiY_L5;lpvH)GSR_e~c zMj2ef;XB2$B~Ycvg_aigtWgncjYK*wUo=tPnzA%xx>nJG*Ou7bg4d>0FoWA(9HU~1 zLFWBTM|P3L3g|Ar~NU^ExZoeKogk# z=@J;Whh`~kllV`@tuX<1pnOt=t(3?Ph+A7@;g*eUWE6Pe*zIZCPzms3T^UeEAC)G{ z_^)P0SD88YNFNu&DG7U)+XcE5VRlKFpum@#9X7ZJxt?kc)3a)fIgIof*P)p(={6Uq z$8N6?Ot&DK-^fgp)MW3NSs$V+-#F_K!Oj&YyC}RfyZksv(308770(=ajHF>G`{JqC z_Kt0Ddi+=2H60d=K1ig@;HA)c+}$(}lAMc5i8GT;um~O~)>7D$5JEjmb&ajHP2Bji z8pW(@FK$o5+`*C2zRBI8CA-L5d_h{`mT6v-+CuYn_S1N^RtJ}p9fi0OqcJmuzOr@J z-p1BRwQfQ)Z`y%WJBvH=wZ*)hu&9shj2Z4US0d~O{*4Uxa5VdYIRnR)O=Qi*jd-vh zSjI>P+uz(ybHyT^T}X$uN(S+U(yrKpKJngBVHGlahA$FFAF%^%*VH%E_ z14tErKu`{*B#zF6<7vIuHNnmGBWyQ?(_5TT`iJQMB#b@_Dr zmLaRDgk63!`n2F(J30Ike)M_gXZuDonU21WZZ1JoG!zkHw-%9C_(F^05W=d8LnxFT z)!ZKo)p3B_)R;NTa+MAgXcubiFHizOZj(_P{1t=SZOek%4r0G-K4p0n4^kxNl7~q(H4>;K7#=EhMWcHG{HXo14gYx0(a5{-ztSub{ zFt}r3^}uKmx8WB=Qhoo=%vA7|nd#t5GdqIM%^YyS3NJXE)yw%%dD?T&Ra`!XF6xYAw>NGB$LG)F=6VJ18yDqNQ(#&W=OjNSt6i3* z+aQvVgM8cj$@&p^K0rvWN95~9f3%z#dzpI}hW@a?yCVFcvM~J)#q-9D@fxD>cIl;^ z{^G@OFZIu;&uHVzk}AjVI-RVLbu_j{10 zINW&-K{Ca2`4)f4r>7-TJP*?tzBr2Mdv#krZ+;Lj9mPAJK)rRD;;&>jXNnhKYQvwj zL9B2oK`nclN^r{j3vn9N38RtBula_T;L0Z*-hN9Sdh=eg39?Rzqoqv0u#|^WT&PL& zm@I(db#!op3k1`y|T){UyaV4KRdu=JW5-W1?j~L{YcJLcMW9_~u zR$C0j9``zXZSRu8Rd{w5ujXsA@-?#P*_vyygin(QW4(TJoy>vj`RetXVK5&0oT~84 z^3dc?CJ!@3;JB3AkUmL0m*}}3)sTpmM6WYl$oBn`7LhY?e5rz3!1bOGx}w*oD1yN{1dXTkPGLQqP?`ovWwSg^zk~~E2NKu0s7@P z0l3!y2i}r(A@tD*eaLVA^L&gx)JaD&aP;Uzo_w;7KHk9!ee4f?DDB`~J{9^9NM|4t z^x>D^2Iz=Hv>_tVgvw~d-E1kWnNYna!@UH|gzE1i5mrnngglr~$w*L$Vv&w01V$)4 z>Wo5Ub0xAJqY;G&@oEY&NJt?e^ja&%qa{dV# z5oY21X#bRZSo?>t2DtSH_`u!&gCUXHoMpL6us>9;)uI3ELVu{x42yEQTM;BXvwckX zz?UpoS)r=#MuE46*Ps|5|8C)5rrJ5}vxCp6IK7V>eB^NWSU7;OIm>dDV9D+-lTTcb zPZeZEe?ZQ{jSz-gk5ay4g{OJ=Wd*Yrjl`k1B0IzLcmK!mzgPGW&zrCZH}j!pZxI|k z%~_VKbgMwRo#qcN$RFhfPdN*Jk|VC4B@9msS5~mXpZN&SzhD}kxBVZ(|5f2beNfuw z=o+WoW6@fILLq;bZP{m8&#FK3p z(yayp(Sh&AC|SxIhOc(!NO|xcMV#ZOYYX>cV}s*;0+90kG9^!#rLRQIWd>`Id*iW@ z>%`M@rRFvb_jES0Gg8;2iVrB}hEAABOGDfSV2Z2LakTw7>NGXC+sO_O;+H8t#Md3W zWnh+`Y+1soUea@W2sgR-Fag?&k0_zyqkN;mT)F<9T%8{>%ir)Ee2hEBzlHIFRV0r^jn7|6d&fWaX?$+}A!e_KYflq;%s-%6>O zDWG5Lj)Pu;ggs1Ls|mmS3f6GOFKF>K70DCs3!DI@Hf4%&A7V0UtR*+>M#?AC0UDqCoitF3YNmbL6N0pbOy^{tacm8a9M;P zWdY8c+XkSC(Q^w{&&L^jNxnt)!SFhVjXN44HSVYZY}j!lr1EEk952JY^Gye%gxy1b zwoK%~2q_~m?kE=N*h!ShT2d8~EM1K){R6BW$_8Vj>0xBbCB_a@R69c0Ib0D=-*252 zP$W`PS0E*&TajhPw<61dCefZHG?Wcj^zD60-4s9-up8kb{rZ-a<1qgB@{jcBSWUlP zpt_gmpBUftx_NxIAZn{+tgT+9Y_6^Ti7jj^S>v|)7Y^F$-!eLb*D%7iGDul~^X9Vk zXvwIpURTKS8+?mz@>zUaDSz7PEg1uE^VM|`uUFbi9<-H=L|Z9VRa*(kN?RGqWqp%v zB}{268NQ+ImsNyHTe$)$n%YWc+*Wc#ZDlAMu2pSS0snusmFghTR%!1%+LHZF^s8w! zqt>z5kI{`aA*hu0M_dVd0n%T}%y-_07$DCcAbweJyI`R34v7bSI4eS^QbGvj8Ua}n zlN8PEBz`iCCdE%70XZx$V_-U8o$-1@4fc`pEX#vqUNREmr(%(g#7~zKi#BUO=B!s4 zc5GJ1L%1yJT?BW*pygg4tU$mpcgW>Uavwg@FAEB-$VkwNW$pSk{ZXYH9*c&b-4M!I zcLEv)6XAd_6F?4H+TM`0+^mq%y&={sE8x*`=Txd-GVS#}{?g+|Kgpf@0y~I*qF<`| z5^bH*n^fKeYwLHZDf;Cm$n#cb@AEC3fl6eN_b=)hUBzM{@&g$I|KY1^ecn>_{0QL{ zH>;2`64j$9w6t4=R9?las0ka&uEx?B)rBQ(X;K$k5YEliD&T0Q=GK(5-U+A0cQOi- za1M4gSMOxwK>9Bg|6`=;RL;E4*c?r)aS2 z-oPJF{BOK7{V~9XjA`t-ZHYN)Rj5z!)hmz_$>I97AjZ_*l74W1JH`Owu@}z@zapOU;s@|K`Bb_1_A(u8=p}UH{E{ zrK98itISh{X7jeP^}@&CbCeAMS?cHYG1x{rMXSVXGyYsi;j`smN~)a0Mh$kfuZ!6Td8|bZIh2I_S4<=~ce-jLnwMBER`CbgxGvrw;r0}c@g95Cwn$Lgy!W54<9c3?tV2GzZ=`k( zHm34Jb@ZlK?cLEOiJ4KqEX#M)y)!VEMcq3iA$y9oo8mF_ZHCd5?P<(*^&QELF2BZ~ zJ54Oh$M?YQE`{l&E{a`zg6|Ptm$4{BH&>I%Z5O*-uF$!K8sUeZ;f&nr06)mAdx%d<#V z{|)=Rpoms75`A7#NJM=;%tUWx40qY#c}vd{sxK@-1G;HN1zH#f(Crh~?BUP>uS>di z?a3k8RAEVZ_m$wQnL)j(DCW5V?ZZ=L3EhI#|0a}Kzf^xqFXP~cAkCP_9lMnmO}8Zl zlqB29D9cgxgq;A1ckCEyEnT!0_H!|M*5RdU1=P!3?mWwy%Hr=J_i;x-f+Z^HK71O7MN+IL5i zA)}o!^h6;uq}{N>1vkt(L?#e(5i*;btttg%w(rYuFYY0;Axn1;v4b6MC=bLo840mX zu|lyexj#lF%-X|$iS36SZu?<*7vd!LAa)t5zJa;VK%UwwWD79ElVN-lvi1sL&)96D zox)=62dkR$GA}uE2LdsBC%NYa>D6*BB2jIeu^Yav%vM-#edHG4kS;6W!X$vxJ?)#( z5B}@T=Fe)sCyk6~)W;NjL;f%E*E~4-u|BH3Cmvd?IK2EM2QgdFzCf=J^AM-pfeYJM z?VH?Nj0YmS~Vz5Ad3ZDW>vA$&>JzG%x42WhY6?D~iGv1L71*q8GMYuy@g*ofASVQP-SbM?5f;ddf zx+qNIa1IlDm0d_djEpbCKwep;i7P95C}+^ihhDoY zvJ0D0kX=qR1TVKQ*JCym`v_6^f^=-TV|iRAcW~MyTD?=+y1!xuAm2Tv!g9y|h%$sA zNF~TaD;_f0y9S%FD=ZX`eS2K$D0u{VWhHD5gCZ2pEr^|*Y0q+EY*V-#SJ24cp34dC zJRwUGo%ZrfE_|)8jzj89$%ycBy%RHa)?Gu6ok$C>-OzSYhjx9iGO31W*ZT#SPxtU4 zep%2l_5Og&#HeF9*Sk^2@M#)e9+ttXfogK3^BF4M9Urey>k(@oA($Z+HI5wH@_g&9Ue5S3eKOu}i6$RADux z-B*I8X9jhPdfct5#<40#Uuju|E-x~4UkT2T85~$-fKkcO$uomTRfSF}==(}syVNkq z{Zf@)RHebEOge`?0~6l%jXSFS^0B0i609qbr9jp4Y(R2%9n227$>$yBWu{c`uanHO zfOdbb{cx{1mq773@@Qh63 z@H7TV)fnex)F>n4+!ZvIyd_IVolST*BddV31&*w$OT>3T?0{W;U?={Oeo5}t_-o3g z@v)hI^kWib=Wn^l$@&m|2bm^^|E}X+@FiDL~@B;^eV*;xqq4 zPC6N6kd1ifhqKdcBh^R-o5&2FnvBK$C#y;@?kmv=GlQom{UY52t3IT+zLUGwC;v=w z1HLAYO#f5zv~aqAyUNMoRDk+L66FFJwZWM#?XsX?T^3lT!8wc~$(1FuUnq2!%4t{D z{9K`IYfczk{)%>1u##I(=di(&e;zY_Pwvy+i4h)+<%1#)XTZrZn}?-Tyy_g|9kY);Flx~gHjI6{N{$4F}>T5yF&{bLPJG#s13od z6pneO0(K)C$X#3xAG%I!)+IAGO2#IT3K@o*M7Z9E{emim38dn>3FPLgB`xmGUaE4x zCx>!$UdK%&sepq+q+DXs4_oFFNmN9k5+tUN=CpZ==8tS`3hUX;AJu%7`J|PVaJ|q{0_(gV3^!r6xz>R^;EvyKhvWxm_r&8!3F&^<(7L{yOnvkn;}9Tx*J zNky?pX9nqX|HvLN>5_oRv3hoZoCqH3d^WH=Gn>~b0^a1sZ$eav{5M(X~x32UAEa^<4U$%6NC6}8&3p< zjs|2VL>enx)M-sZ@ zrJ@<;9PyshRoI}Z{h_Ox*%7R4=70lB=GXpvxe9waa&(jNnEqzEv^J-%0=N&$@P4qV znH>Sgx^NFTuqGZ#ORmDU1Q*?rf;2p(VT|Z- z3oPL_K2@G>F}_)*+x^ayyBVSkJwVp%cELkW?#dkL*f^3M6pxhPTOprQ{j4UW7mi+6 zaVrIFY-=oREsG@lZ5$dB>>U~n!7Zc`qQP!f_U}h8|H^}tECVt}IyS391G1<>W4H$a zZmK_^nk;OG7xyVU$My=xMOW2V?kSvW3MMHcn32p*P*CZ5>aoCqugsWyTi$hEJpgQ- z*F9M5(9Q+75-CJG=NFijbq}3FRrqCjj6wM=Gtqyo_HwTO+S}`XS@l=o!RO4&!#!h~ z)uS!(c1Onv@^ksLHoHzfyOZqAiR7X^+)B0{A~SE^l$x9cdjJ*qbg6AfB!({z&?E2nBgKA zMg378n&iq%^hd=bCF_rM>d>m6s{UAwUf3UX>6`UOb<9M6bZ9gN`;tnC2G?XaR{Enn zm@W^%euswU(9Xb$U-^r`CpD6hCb3hj~1kNK7^P=9O!hcV4<&4pG# z)-i1r#q~#rc0Sk-zYy)bU&sk<*B|A;2 z?#MVneJ-2UmcssoAD;THA?peU5D(dX`7NPoN+*i+U0QIwJ@aIi%4A&5LP zcsD&Xmi~87X>*%9o0FcqCG67<=*0e&F`n%)@fg2eIL5CZj`4Hc81KM^Jk`p$EY~8& z_*D~Q{6V0mG5%mPJA$H_0}fnhc4^5KkMXtMIgIfvr8CAqL1Ew?Phr4Q*1G{lk6 zOzTf~qlEP2$n&%HZN9cudDdD>qso}vmzs}$x*%MqU9I8f14bKy5 zG?!Ya)S#Tps*+f05F{ZrD8Fx$8q^$OGB3z<=gyECTGY>8GpRuyk{V zDlS!x-nU2%4vmK3MN$dTKx#mv-aVvc55FuANewa+T*}Z$N)19I;!>)~m`j;s;ZlRV zVlE}LM>6o_?;f`qtgH9;tCG6lDetCgc8Zj_sAoH>4DK#r$7TVUD3)Q6k}`v@!x3T`1sUchamPE* zW2Wb#CtlJH*T()88HSxtu?(|iD8pIVNb#Y{Sp#SCKv(4W5D*6ckpHc z@TCB6B>-Ou@Lmik%eoL5M#*KZvg|-|@OCAJtUc_+Q;@P8#gjm~cf1Sk;A2ZC1Do7r z@z7{U2{-UHVI4bjfjWbCfjE16@D6qU&K z?_<9D4cTX*ywA$3s*HJ`APL?lB)*OJsTsxlSfFC`{sNbHA14R8hYqqr%R{_RW`g%A zUKQ_CWmfUNYV^K^_c=5g1HXa>yl)Ai;Y2Wbi1*1%@IFH$$@_#x#QRi}G4C_S!g-&( z9PjH!^E#R;{IVdWQ=lKC31-47+DHc3KPew+7H29^saFzO6<4%;kRq3`hT)InR5WIw zkd-{dA7v)wBP&|ov?@cV)4MXAYo4G^=IC6M%JJ6<(KmIDX{l>#v6bosxcF1>4&9>Y zzKPkcKWAA$S<5qz|vZ1`R0XBPPFK$KwHOlE8DIj90QhGr&Y5zoab-2{JDdgApqg`bD}Fw74yBYltH z?2q@j1;r}?S0zS2$!s43OTo_)dLYq%LS{>QJK|5BFdCgk^-z(gV^sLv&u|52@ZsFK zedQf2NC3_h;O7azF9bL%29#x8h|H$slKk%MN(@=W?-Zmg$0&X$c*yT^f&9@J8NWLR zd&KV)s53a1uS=*s_$7AnySebYov1Pg&$iXFCo@t8H*xdO39&Z#yf}7eaDHsBp!5xf zmvOzUHB+UM`jur|ts<^vS>YQhDJ!t*(lIIMzaDB$1(G>g|P>4p8Us$Tb@Z>QDb|f>w@C=P6r;>`%h!~z~GG=(@Fop+1s#ZzK ztHSU`lZ9Uv#4$V(1q@F`8_8TGa7As^0=F@>l{jA;eiTh>K(1)b!Nq{WqOnPv6KWB| zlLt!S0htMb(2CaV)K)`(qJzd9&uUh*DvoCkku`fCTI<_dLyi}NLyl)|q5ps2c&(L3 zc0xV2Y9i!#W7@>;tZ?nF&krPO&M2w1EulACY{*#V)WRD@-7DmG7vV_qyK~`D;&?j#xYbT~=u zUy)JSxf#o-yOM84CB_OD@E;X|wxXjD} z2QG|vX~~t4QPc43b&Y2)OD6EQNf_eU4^v@&iP<90Ndw|-WBbZGXiWfg(M-^m0O$sq zpfd)PWnGAjs^qej%VB~sl^C*$XDdiqj^gDYEg99W!!h{S(iOmvQRQD}HSHn{v;&A3 zw^HZ~I`~Gyspcdu;9`W+E+V)90%c(vkHgj1_r)O)JM)lOU_ zj^84oI$RoqX`~Y3f`q!Pa5-C5SC)q)RGA5eZMeh|Y7&=-YpYIUu5FHmi>dMoxi<2M zsxv_tFlj+XGU$Z9i&W~0lMkj7DJ%|B=|mOhesz;e@mPdtK!n1fKlx_|34Oue`rN#=CeG{CdX&CdexKc7&h@{JL;>+LgbrR+5 zeJBg%*_kHVg#RTtlKk};_@wqPvpuYezy1T*(S+R__z$s1Kgo^kl=U9uKLLBVemD`N zs^rExc+hO)LBFA-@Sv+ODm>_F75^GOe%XEH9bB6LTqnTw3BU~k{5A%ZWnGBesN|A7 z=*CJ6S;d1Cq%6lM9wd0kgK~lV>q8zSkAdIuiFl9zox$(UiNRE^`eNR1Acrr?jH65@i?$R6kJpT$imo`#!Ji2p76(a@ z^KIQj57D{&vOFXy%1lU#R-8yuJf4t_5m{A=D#eJ*Au6sG69rCqI!2^M2^mpE1PnvT zFH}030BAV3yUuIW5D9%tiVc0kHx%?DKC}z1BtCTMC_cm%F5^SjVn+K&38HgV-U(QK z1bj3f`YW(U_)j2A$cIFop**L(iz%;;xO0pTX-5+!*9Ir{v%#LcJ^A0xU;0k%LC%)7 zr>Ko1V{YojS|u=T`RUo8TU%{!&WB9?Y^#}ew%Hap+uAnUw(Tkl?V?{zrrSHkcFHMg z&SOc7SGn=f!9SUa&25UuB-1vxecv{>=@^dN+m_hU=913@t5=fe?ki4?MZ5gvq3f?? zCbqO$@|kc;+m$NLUWK2q+1oY`^~<77Y-k9g35?4q8_cR?#3nYXDZ0l(9@@ty(|BTy zZPK%hvW2;%l(j8aiKC`s1*6XZEWu>S50uw~@V0I*@s zw)tB+R_AQp7%8Tiy#x*6k*-y^-3rXcVNIwi6VjOtkU)FEZVZ zId&~_;H!Ix9iC8-JhW?3W`cqgkCcpp4m1jKdAdE4+9XB?<2VQHoFFKdTQ<0@k{j*Z zt=#Scf9_;eZnU$^1VLGD*^r=i$FKNT1*D0)>>ecB7p9AlY@gcg__42DGh>%weQ*b$ zuy`~!d;jhBHbK?cGDkX~Yj;S+a;q=g3ABmUZW5cZgsgsAn-X^dRKU^6*W~`lGBtQI z|3rIlLZVf7v^{}8yTOq!=RgXyw>C?RYHywY$d>R^791UEbPT z&Ac#LY7ds}W115vqcFGaSibQje(c}$&cs6eU+X!5LW!uXbs zFIsTO)CU_?kbxH1FK!)QP|DW>g})s*Ej{s~%G zkE{}XKkYq_{{}`2+T8*z9E>rF7JfjOZ22%eM)&;ynDzbnSh8-7cCme5nW*pIEz|9! zq3_e}yN9+W7Y@?lp}sFOK?{mEy6-E`#rJ)eTQ<0dkYR50{Ta&bpGFJvP~VrCpash< z>ia5pH7(Q!Wner~>S#d=@{T#6jtrTD6oJMZG$bULgTtsHxR*E~M#!0LQa0uwsDwL*|g=4V)YBqyb3K!$IVf;0-D7bNn|ndeEvP^q@t^ zQS^Xv7<$lx-)P>T)iL7@T9wL{ZQW|Iyg`|WH*77_)-=T%*l687#6eH!K_21_G86P* zOQNAP5%C7)xp>~-a?1qURC0qitfbu7u}yCB5O0u~pa;t>;teXd?YYX@s^6Hp&N20^ zb!Z|sWv`!uWy@NHDc(orvJj(HobcG7-nI>wTe7wYn&2VQWt;FIl1c2gcStt`+g6Z< zWZ1WAJVa2DjLZZNF^n6c-S#$|SUOh43?~)gp#rY(5Cl!hr8=uH2~#~YT5rK=yydUJ z9^s#$C9Oy&cnd-+iEL!Fq*Z5VNsG{EBk!h`Xa^RZ;hwj{7v-l9yz zTke+#xNUt>E>YW8f>azoR9=xaUKGLRyl3Jfx)ty_4*g?zlEXVN5`Q^MpJ| zs}jb8L|F+Q*;`m4-`Zf(IGejWG|(OF*%Ntmv)z1P`i!BOde} z=;=*en&IvxzFc+(g7Z*24=Z8P*Fa#-`U1;InCVNPs7 zG3F$wn3K!|b25~xnUkesbzH@qD&UAY>5e|}CR8)t@|fFTj^<6b1Jk@G!JD)aQN^2d z!2xr0WMHi}KuecmjH0DeNh4d9!frHgl8(!GlXOd2r+r#1Z&D`WO%Ka-D;w}8HraF! z%_A2sPsc;NNoInU6mK+dQl5+FO)j@=@CYHp+~7?tad!`~7oFVXA>Jf2K}(if#G9m6 z8O@Lc%a)}riD*fhm~28jv@qr*E#`M+P7d|P;8Eg)sKcCCc{1iCsF;(?1amUHM=>W$ z$ZEQZIaR>X>N$GX`}5oSs%ac za6ipj>7+Ra7WYSMcMC%X9)&CGi+buNJx;rHx)QJFK|QMc51 z_xFNQc9;)%qw^WWLhO>2& z%KP^#+}FT%Gv7~ci)sBx6w>eQ8O7U5jnY1Fv0?S58-A8+P(kG!wkYQKzN zyiXfqdSP7h4dZ%w5?ox_I4U3F!sX4Ot?kArk27csm)lD3M7AptY#r=1y0NqE0QM?T z-rF$7^u0HuIz5nl<-2N4RLVB*rLg4d)GQU2yv=+4?kEP&y@vShcuiCrBQf@$A?7&j zhr!vkF~!ojs_nwD`m@BMgGr{~d& z9qdU4X=nQ+hTR*(mhOn^K8WMC#rgJ*iF~h(W9%Q|m+^ic*8OuecRuIJmiKlHVHqzC zUv#zB8Ru~{={eYDamri8wi3O}(K9;&!*I)lb^p(}{xaSK+R~M1S-61epws*FSJX2( zc6w{!yY%1HGDpNIPx~l}vDtqj+n%(Hqq@5;k6=$hFB7c49RxpczJsLa=-`|f`zHzK z%5gEGwBu%jvF+rT>ei(Hx;A?FrpWegOzk&>sjTW(DB?l5s>`?T0%yB5K`$?o$0?7h zY-2xjwpINRda`~Q@8R2`JQ}G9SCcc~@-Dr#s8eU-C`D*H>uX1yZQdc^B06pJP6&J1 z&;3e|8b=J5-t_-Pb=4b}=v?UKeEMa^`vdqLYWN-hTGR($hbv!hobcW&B3lo&>tH{F zV>;W^-$b@kXaNViDo!O8xA_$@C9WTjDc=j}rIe`2O=wkD-Ye;it`%O7TeXee<9vH! zdR_)faZ-8k=;P}iAntGu6|71hS;al4%iS8(AL#Nl=hu^;EX z2%WmP2Y(sm*7!tZ8AHRpR1;aqul zfHSyqT>EfjyCLr9OM#W^Deb`A=yDV>TqU4QbBxMJCjTD^iqOvP_ zgZFD_SFi@}s(YhS=E%d1u-HMiW<@k3@L!Z+g4t7vTLmBU~m?CbCukR_y#B9>N*6y^fxz864?w;LSv3Hm|co!{gjpF(dA z^6RFV7UqBtBFM!}D;wma|3#2Xn`YTPCA-3Z6|1A>+NSjkvKlQAK{m2jvl$;<%GWk+ zW{@6A=^)oNZDkOR@eXox({2XYFvjqfracTYB@Xkaru_}_-knj(w>KT_9Zk7*g1al7 zeY_`{p0+SgT^EIUvgvj2XlivHRORw|vFRhL`E!0%fe?vwn&E#g%*#!FjbcrYWBs!! zTcbME!|4k1fcMX)`Wm(A3eb^@^{=LUjau-Mw;W`F_jc1ngP>QjFoI07bl!qeU99(; zrq^5yO-ODM#PdFETFD@9zf^&&TyqgVMYd7|dSrnRgTZ$VKm=m~AwcgZRo3DD-`3HyL)Z9|O>iJ#9J3$tB({jsLtUW$;VYaWCo}22|5aw+pMTObE zraRYd>1_Ubl+FsdnHG!3cfyoc$gONCzY)^&0&msaI=*OZo9m-kvvTW^vgiFiOy>e` zt=v|Y&RKC=%n2b=K96#rliS*_2cIb+h6}v)b2?1Z;+^=9DCLcFyBK6UE#vq>~EHv=Zi9D!@*o_?2tRbAWOxxxh*V+7RPZD%wG(0C?jMdi6Oh^Za2v0 zaXP!_?l8!kahN@F+)zR8`@~`P%yAwb$op}ay>ky5GbFRZV-qr40CwyRf8fT&zQz1l$*c)tiC z8^t9(EBA?oS)H*$zXjgexi9=CVm%edIyd(v`j{5)-_N@+f%nT?L#mcA>R3>q}L)#SMZGX1TalZ_lk`kO!e&{T6t4)^MZ_ zyoYk@8RRoGIxfuPxy@45weeDJ^OVYdBYf3`c_oCr7?=GYxh*YBUkv$YZaXW*1#v0< zo!iCo+9b?~g znfV7Sue;+Ow@UsIgFGM7PvEVZ|C>QFA=L%mTKVUU5)S;M%WIamUj7w>Oo?fJ{rqe6 z0&X#k``||TcdQhDe!#^Fye$QR4r>-fIB%Q(a1@3+=RdYE2gF=r*ZgM&*;h(Me(>k~ z7gqL3H$>^|p8wLqlw1(nYtQ_Mg<0Rt5 z<-z$}ItR`thTLX>*Pm}ot2g~5rm?yCX$HACrm-XQz3E26JbG7@`!V^I(&7o{z7*wk zLVlG|d7YM@lUDs8(uNrREWd$4zG4*9FYtbz-^lWMJgilCRDKf+Gkivr*Ev9hVKgIO z;9Z#CY*b#C=C`(32QbX(x4^qRznwv}uTa0hyDGnfK`MOy`ur|d8I=yrJI*-W~aa z46<$vxhvmq^?VePo_-6wyYq)xD<5~Qg9P4v`NORgFU5TIfqXfA4E6INvX*{<_eef4 z$nnDwKROF{H8iPJ_&gA-U#z4DxaeX>PvXAe9Vc?Bve$*hvxLjH20=B8Rv_>V)#5#HW{ESr=Vf6&}w>9Ehueu4MH<}n6&BOX)sZSF8gQ`}w$ zG0m#tB(gPO-0L|$3&C{)1Uxa)k z@Q!Wntrdk==DR@}etZQk1;`M94x+`NxLK5TPsy1;v)d0&J4 zFi!d9<{ytr`Ss@gEzFAXDD!6XK?a!|r~IGhqCvilY5w!(pBUu0IOTLpX;jM1Er(i| z-^Mt%wj5!Q3eHQk%ri&@=Ve<43{t_lyJfyXCdc)>a?9W-$eJz3jDpN*Ic^kWu;H=XI=o8n$jyY1jx^bMK6Krg58H-zc^ zniim~F(wXnhcK%mx;N1JSICK6n4nF%hXAZ6I;4Aky z_d6FmbJlcc4xH%xZ+zRiC+zLq&u#0>GsE;dx#C&)d@l^Y?4!PtFvlhFNcmviqCrvJw2E}iQ(aOShSIrGJCXD)fGGv{6J%!6mS_&?m#ng5Tpvw*Vd z*tT}nKF~Cl;Mzz-Sf+}+)wahGmdpp|wkI0V<=5L|=11b2eF!@p|Jd2UX)xp&+* z{=6~XykFHSU$v_CK8HSInjt-FI&cK}PCam)8OX0E=Y;8R67e^qvulF$g+i<3M0$SC z*TTBsmuzpp{F7-@E~WUX(G;w|)M}&;qQsaOtnmN{674Y%h-f zbe?|syfx~5_7m*h_k?45A4Q;LYvT^D^c&# zpW?Sc{ula3{@&mVRiTrcL7Uw`KdKc6tLESVxuKN{K^JF6etoX1-%_MMIu8xV18q|d zIxraaS?FikxnFj0Kg`IA{NvAHf4MQZ8`EO~kZzrWdQ#`6{&jt7S2%X0DJs1dH+8y;Jmgmw74WUz7L9O=CuTP;4&c}GJySoR{ zJIX6OQ{Py|(NpWd<6A?U(cjzjKz{~Qggy#@1~Jag?f@Rs4?5`$$}eVIAI|kG#khI6 z3G8;Vo)7Hr_;)DRo%`=R{pQ^@r0-Y_EzbUo<9r|MhWZY2AI;4MK359*6XVs;Ur@eS zZ|DzSpx3)X%T9on@`G09y#2v=I&db^V@jgln+2hF5<*vZL;e=}@q-~qPgx6k>;dxM zR|9vDpC&Q$|3e&fJo~Y^3-~hQ!D-G@yUj?S&h_pmj|QfEICW)y;;1;wl z*DoIX-%XU=oA3gG;+pa~P9{~k<#%K2N!e#O3rUDiIZtHAv~h;jT%C*(Kee2(O~ z>r(;tYg-o`<~s`=Jq7wxUufdmuz$vN-oW|V!TETb7x`H@u2DSq-5#QR6W(i|Hvs$5 zkE>9-Qvd9Ude*#xo%!>jX1|@=0Da8$9WoGn!w2@)8NW6#{x1(fdfxodwrtn?KFU4m zi}b7<&u03^KKfZN-uGT|p7v2=sN3?Pe8rm3Al`Sc(9bh-{)dt0lEcP>L~GLCFbit;tNJ{=k(e=5g!dJOX4@w~~*_^>?# z(rgCu8W}O&_7&v%F7TU|gGf9qEg6vmM5<6TE+Va9SizmrjA}w*!aMZY$%{{TfK0k{xzkTY(cc0#D}s zRhI;J>4bd0g*RZ1Erw7c)rx6-O$k}mzn$U75(o4_vdkH8Sdkcj3c{veooGX zdf&2N-*|prErWE=R?rywdw%+16z|P-ZzI17?-vP&gHJO~ZSe$$Ooz5u553HLX%?Oz zUAbN(c@O_k1$OQDoY0AW+=ctK2K87%*lkY+UB~r&&U;u!`tK;#pNjr7jQ;*4!>`KcU>1 zgh(&+8~6nG(Qf+n4Bj_Z@!a0UdAYC|_Gf&dpL3y}CPC1Qg`kxfZx1qFj%f<}3tZ2V zT%R*sujYG^pJXdEjQgx#64ZB%>AMPm571v*a-Y25Ir>9Il>c)S^d8su8{1#Z{j@s} z^~~Wue;oz;<9wc~m>&7xY9syn9_XWb(Dgjey3GSuXZ+Yq|F1kB>HD)nH`G9VgUNx^ zKT;q)6Z?^s<4VK(P1D>c|8NI%YYS*5`pNXkC?A@U^-O}^<31V6``W_xD7T$@XC3(J z1!$p<(AA6!J2|c_JfFgJqESO|7$xsLwa2OUlz{dx`Pk|xk3oR{l8z?tts$8(=| zp&u^bxYm_IJ8wV0u5e=LZ^@w%si2=zLa!x&-XXWxBI04WXBILc@MSI};dZ zf_o$V4CgVp3OGL3X9wfKwnIq&Jr;U}_raE&rvmhwJ=}+{nxUPVd0_9w@}Bhf)R~ZO zev8`7Z@P)FFXInA*@oq)-RYmXIj?gV9|Gw=MT)|HBG31k)G+%0{qm@{YhBningcBu z3GKvqUXSDUp`Tx1y`^{#-Qs&XPujht_VPvj<*7e#e%7=`{UdqKo#H;uGZ*Pu+d_Y3 z952D=y-!@9fxH*@V!C{#&YmyLb-T3yoQv~Qm%4!CKEnR4rY@i#XQV&mqrVrbh5jE8 zf&NCjhig%POP)8K>Ay?eV7H5LIZI3MEuN#*0>Ihxp?oa;F&X_}I`^L+<3l>$M-uUz zsuqWGt!RIS>o;OG(kBmwrjCJD`T{-Z0bM|Un#%Mko=Bg<`V!U$m*#WC@Jiq;i=n03 zLkEUK8-8Uv^NaEx(B~4;vvK|EkHWaKvb`hRA9XLo&aD^nM-~C!qQ5L1iu9qZr^#{T z_iKUl))C-ge13@Gd>!DtM!iD*?DEjb=b>Zh4`~mAW9y;559h#XIL;OHH^utyEknK+ z`#X6X_^LO`KVU!oPau6L`*%1UxNJM<6><}DFZ%m|t;pa15Sq9)^bPGRQcveb`exoI zYx2I)&K>A!2JkES5~6SZ?N?0+f;y*(0o${%*gJi!lmju+;8g%qWcU#KGV z9OGjt`sos$J3n%spLRw)w>X}{EWd=$r!Dw?;S%HIkBqx{s1EM)_S|0?xvsSW(0-dT zsJ{#2Gi0kx(PEbVLDYYVMbFQQ$US=!f+i zcxPttXvX8-9RHo{$Une%(xwEsXkX}6`qR*yDDQZI^n4qjRa!x_aUJF|zV&zRGuD5C z{k$3n`%&kisaW5Dn&9bmpu>8hz0`itmZ3=RufY}Wf`6gkC&`5LY~0rcCxbgwgKmxo zwWgxni80WyRnVqf=cAlA2f3dI%EeHZQIjg9S7pDFQ`gY{&T$d+uQ&y=Z; zc72LL2XNfgdVw?bhGt`2oAVs}BmJo<*K;k?m+*czmGxC*xfxz4x0&(2_DgWirsz*? z-a9&OMEdyVNYBXo?xX!kFH7ygbAQV>q@U$;%2vjOf%NNI1yPR=$JMME*uj1IfaN@5 zQBQN$Ux@2Fl>I5c7x@AEpzpRptJ6PxxE|NJZsw0mn|t(~-LMNT20lsMN`1)nO~Lbi zTOHUGz+wzppTU4{C(`2b}*i)cdq+!2IPAuv^&=^)BxZElPi0$$e3Q{@1cB z>|2b1U6%e}H^!Mm3&5?YPxyR!hFXc~pXt}L>2K}1-&fQ_`Dcw$|2y8FCN~9t8VAk6 zdWwt(Z<~N}TdRU^a(^{teX}@Ub7?n<`@7Nv*r)0M-8CNdB*_IXm=)YD1nTw#dcGa< zFI5BQWqoHnz)h+kzck0?#rgV?+MVZD)bFsLR0!IxE6UBF-S1d^WCAU_bD2#(@vKf0 zI{DH6lzeV#&*$+*U69_A`@)O;ImLY)N&idk4ZE2Ojr8=tfp@cCPeYOZ8~1NXj=MxR+EdqB;Bs8|BlO1y^ydzJ zP;c+cP+cC{htEGd*uNlZbZ6xEU_W=aVma1-w<0+8T&Uk|=)LvOuce?H=0MN0zUs}v zH_JgAu>B#-?-&o`*tib)uh{Pny#LIcjP!-pOWWsk9XkF zobOe=(O&tKP|f;I=7-%?#@*d+$REq}vI)TF`#@top+BcXxvXu$Z5U@aa~_M+&(>~- zUFlBHuRPC6^IraEb)@Iu{V{EB)VHq)boDRDZ_RV6=}Pc#j87}Zf@g6(O46Sq*`F=c zo7CtYs5b-K4`RF-;)i;UO@wNH=wR+suhrnE^!qH_e{-)P{c$_!37$`bcz^Jog!Db5 z(C#4KhmUexp5&?pV3(=^bhsC^2{j+pm;Mw=`$t@-Q!Mv@_lh!H&x4Gkbr|njbwRyn zx+ErdSde9Yy(dwLe>Q>H+ZaGqL*gFhFB7X1XxKz(=%e2e?E1*>(gzm>Un6&AKhkAI{$s9J@*3bW)D|rFk>$Se-t@3B>>4(K ze&%{rsts<#c}~xA(Y{Du&vI3{U!UbddIHw7p8i~RCeqI|gC5Kao!A1pgYPxn8SgqD zK>BUIFImj_d+CL7Kj-s70{YVvcch>F1Le|`0+-=>#4s+sk4C;b*Lg^F*j=Q5{9G6L z6Zn2=Q#Noqjw?eUaBBAdP8yVt&p3PK67t_M{&@8R&+v!#$pgLf40^aC%ID?!_s$3& zO?}0EdWZEaWWRdx{;xewq#W3m<|vFdi-sM0&#aNFQ+%x^@lp%v$Je#&&=~-(K|W$ z8sovmn#fPV^%=?iQEwp9L+L+D_*~L~`}RKTb=-#Ck}J@TKIn%J^-~X|XYC1%>H@9U z6?%R&G&lY4GoKR*^g}%fsGqpsI~In0@^;V+j1xaN+v9i|@jXQfj^kq!)HlxqSL?@y7gP?vqH{H44YO>$YINqt`B_&|ro8$eR^LFYd z^s6k-qqNky^^yLZad!yqt8@P9a-JS$h28a3(4d)U$BXHQYa_k)6Qs|}1m3d?yn*Lg z1pVXvGo){#-5SnYBRVTvk9s4`F6Vfa2 zevq2`+2T1<-w*lQxPMko1n*#6Sj~B8b`$A^xV}9ZcasIsp6l3)_un@&kbazTs1D0z z;e7AwgnpLe{&!0cp2_{cn&;b>yQt@AJ!s{4up6)vJhwOWbXjOIo_|v<*uA1%ifZ88 zwPDxjIy5{8>B+c08Eb;8CZm>srXL4;U#9P4oJh_4W4l_gdrW_Lo)Px5J)v_BL60)M zVQbiL;d<8OIxna0<9nFtd~VG18s(#sqFnOoV1N31825WD?=@$5jwKimyGA?*dUHM9 z=`T0AFCSHcUD-mYzg94`+)bc+=m*OWf?qNImKllqzGZ=yV4Ty`ye(iqpZDDYwZNY$LI-DuPVWxY z^PxBS9Jhh-Y%}jMMc8i@1iL+cXm=amSB$Cyo=!i%IumvsxSn~bAsvxE#~1cXd7qe0 zoy++?OuK>f>(RX5dGo&7pX(FAdP<)|y&G9is$$?Hy#K7+2`-)+?N(R>?oDmR{I`ja zU$qkQv(ayV{0#0o40><`v{@bK8?H~bY2YU8Ujo{N^Sn*&K>gi@!mj9G==uRjug3e% zHJ$Oz-~ZkXeFMzrH6pCQiJHH@5&%Og!k^W zjH|;KcRYSTdz*Pr8O-}@mtH7WurqWQ*P%Q8egXaH+fT?p$oIw18lk?U6_DO80NQ}> zPa3fP9K5HfNyxv;{gIX2e;v}lD%2OjbLeV)q)%l3`d$Yg=nfsnefr=YxL0qK&-DPj zI1f1SJn$#R(S;m;2l`E2#_{xrVON#+m^2*cZH_A+$8(GGxuZMkzsKji;dfE~KK;ly z1GslP=r3QOH~E~lpZzP78|h7X-v3H}+su7hE)eZ>4~6y`3T?I+<#utNhWAJMX0G!` zK35K;A3Qk(`yTA~7(UNzOo4J&S+2)d*wv)J-s3s4l+QH@*zc~iKgRiQ!uK-wo}m0< z#^<^`ze8xBB@FGk(Y_?pFL0ffalNl|pKlI9eQA841)Lhhe$#JuoJao0Gtd*fAH^*N zC(aN1bUX*D@g7w1SLCl|eaWVPtK?%p>A$7;KF*!zYrYuRjb(gGR}{R9>k>K&CB7qlGLDd%i(f5yduT=#;PkzQsh^h7Rbb=EViA$Te4 zYjp-|+l#C0hj-b8<<6s~76Sz=)@EFclTHgD6 zGA^Dfj{FbVp@Vpij!OWpcN+B!;W_fLI?~T^9XqnVZ4;0_ZZho8^WImE``nXyh~tUn zI4b9WeLL#;oZw+R*TxL z#ifVcbdJB)Rpbw#|L>q*H_3wZ?(Lx)(?c(MLErK@EQaYrs8z-z|L$w(W8OcT@!rsc z;|kq?{JagIUX7twhNFMo_&nO5&%>p7Z}IAh{6y3fJeLZOK>9eY&j`+Q^Gm3=8`Dp7 zU1k@9eS#`bPsZ7;{;*HZc`3nl`;+zqsov{hH>3}A3CFoMFY4=`3!0wi!s$BTFve5s z1InGRi}ZLmz!|A6ct1SJb??c3fAfa@hk>x4whUUXE7D7G-R?W@gFFX%j)h$tuG@yk z;ES|x!gl`PI$h;HotqZ*HfLOo9{>)fF5&)f%Ke&RFzRi>c(8)&FfS|H<8#tv?(@Ao zXQM_Vf9fdckyX$ihoHTnd*CSU)8o`XsjI0YUct^U6UwzCr{Ovl=J}nP+LLy3ilbbE zywJFV(E4Mb@5Z9Obo8^W9B+~t$bUq?UdeIAaNN5hkpG$I`z!9Vu2+!$k^cUi_QScK zEAaW_Hv1LA{;y!%jJk>PVf4F?nZZZdkCa^RdVc74NG9ap{so$`B(w+p{6S^#cD9#l z3-}bDGoNNaJ!$!zR<#1SIQc#6S2>a1kLT-j&c{9W?>G8Ie#R-E4zQnJ5$*M7Tp0KP zT#34x`+Pmm`HfM?@4@|+Gaa~WK4=EU@rgCSi;FOgz;*FP2d z_oN;4TUzArW`9?69d^@yi(W^55uQ&e=$HF1BRxC!%?$EP=Y5CqPF;ZAkBo;)xDT?k zookGT_aDQ~{|>a*ZRnM!&?mHi&HbH~?{Bs>!#JM*1U<&~H*(+SVLZ&p`PjY(^-Vbj z&BM6x$OGl`P=7d!{3y0piu>p80i;*l4sDYF<<4^7k7oNBc%M1d2X^PuL!a>dP^*RD zWgDS4ze1CKgMP`3dKdF~--~*h+JO3rb%0JuQB`EEC=%IGQTY2TQ1fUnhyC_c`x`#J;`-7zsqF4 zH&K)4=U&G9ejMKlj;kJZEZhH;>rLQlk4y!@5?(%AU~AxHYK$)<6h1@$R9|*t2YYV zl{$v%&p5H85Bjs966}sKJ`U&j`f^^PXFp^~CFqa=D73KaJi& zm$Ba&W`gJQ{2k13>77W=*aqbfQ2R$CJ%AiD3HfW6Aw5M#=s?a}D#inE?uRp>u%FF1 zR)p)`hviFg|N4?AGES7_b698I&nHsryheLzrbFkQhZf8P{gwOSG@l>6Ip5WIo)=_4 zQx8MG;_-exgy(N}uG@3Y=LW8me?ip0lKy?GAyvKAh`N zfjnUd(q}Y=-ES6OOmK2ij@R^?%29QqDrU;(hTJ>pjQ%CbK?YwiCjB zzUR7EC2yoI<9rO`ye(wbLzZk-KFTwde7KHqRyP@fr9>DZvOb={; z{%)8Ay9MNPuE_FN4mzmU1#^;V1P<|XWnCIay|i-+|}cM#kwA^w(5>!u}oaI}0|06MLXs&;aNl zYLolOKQanhm-CSFJb3I$XmfIL>TjHx=45PuRxQ~N)??}h_E>#x!?-&;@e*`aLeJ`q_{dVJ!e&Pi*U^}!l z<3>g9hswO?deMK{aXsg5h5Z2PvB{|SEx9=BZ_fE|#P$nkK)JN^gTif4t`xZ%+lfzI z&i!@i5&Jg?_H|kAKqaJaDUI}%eZeoQK@*indX+$MYx>2nJYQ=CBfW7E*p1E)U0V$4 zg_)nO71G1FPhWDqp0-DNUHVgrizwHdO%WvlWF$MSegXge&!29xs zGvEk0t zK%~dxI#p$RjcNq_k^n(_qzvuD*=jZ1y>p1RT7^fx|LVtdl0lTg#z(wAH zOVokJwL^MhK8L>@3_i9V`R9s)>odMQ`Hb`dY^T@}a69Tm#`A6CQErnj@_i>jV|l)9 zqHfNE^!AK94{2Y2EYf@MynD;}2w^RIzjY=eJz^0w znCnz~IoO+i(u()MlZ>w`87F(vZbl^R2e5oD#yg!2<6cI;8@C5`G1UFH!ERi~ltHl1 z#B!x?AiwP9ik$#vui@Ll4(tWAxIBz4kzFXsvAI|-@lIQ)|cNsyBHQg(4(V%4 zLl-nedy#I?DNOIx5&8SKLtis)e&BsE^=_nJ>xXiUIB$+pNKejlW-#kL$o;*G_92&8 zKif+bihAC!LHbA9Jxh%AbF6Jn_oAIJB_xXG7kDy@GGnnVr(ps>8 zUKZMypOap43R{7?w-IdOPPt`C`-yT(5ZK@Sl;du0YLiXqnFiW)_F0nvC>8?C%u% z{ie4_|J(p}J%Yd~J41tOBYhFquP^su$B9S}=J}T=BkT+D-mqdMII<6PLON(e`gin1 z@Qy{$)pejlTB6=gt-;M|g2RSD7c@h9Zy#uVzW+_i`*XDeNOz--ZVY}?4&_r72H)Qa zZ8HS=k@Ikh>X?J{)3c%5=@*mf7r!<{`aIsd%do#US|NQL_h~_%^YIzCTjxYSYUhXD zkp0kv`JnN`kY9Eh_!*!7TJZf-@-axC!1H<%`Q>P&r>~0g^K*kYu>S4ji~Ep%WiQm5 z>ro~x%BAr@`n6-wRV9($l>T+t6TGk@^l^OX4~$2<7L3FE_fj_)An>-ab1Pv!G=BkrR@j0^tR(C<>5 zueWbtpPczwR)KF_hi<2~ZH#i8`JOD5AM(34LV5*0=U&Q&^eP>pigD&g&c}-uNMAW0 z`k42oKyp`VS>Tb446^E$@?Unxmdw zuc6app~pI4T&;Mop8Nsn{_~)3>9-GguI9gu^y<~2BiJ9GN~k9}*Leijvh<2b#@WjL=9@YH-Fq&}*5XZw5if4uzJ^g?jJNpKov;-q%2W6zAKcGVEGW z3-Vr2o9FkUaM)ij4c*1K)#WGf!YU~5T^>5A8`9r!yp@|Gy@rDRR1^6jDZtt8gM0Rb zW@rD0aDU|H_)BrTl}5nMpZz?~=Yl%dkY1GQIi2O#@%)}f|GPB|c2lX}c7rc+{_3#( zU4xO{doA?TC+Jh^Oy}QS>D7TaS?aO{@&SQc!$WOEc`ZLoD*2DaS z)PjaiMSjVr&}rysM*58=&?;P?)a<_(xiI}<-YM8EWPP=0=dljyB_2V?aeTfU zPa@9SUba)O7VM^#Mn7xuKK&c*n)N{bhtAMO)FOm-CbAE;v2+^^i2Ew}}P) z^A7TJlCN+dJ=}uyCcJ0PJ_+8!`qTul|1Iblrk~sdF1Hz)kL5a1uLUA~5a+2m<4$h& zV_I9}$MX5UK@#-y%X*}L;CVNU^Syx2C1>U!f5QOiX8OtgHQ>*TS05IE7iWZSW4|6# z8@)k#Q=Y^7ihxJCqaV%k8TC}L_qDnyIzcotzNhMcPOA|awJH+_p7+Z9zKN&$S@Iu= zUB~BIeUx_;dtRFK#y%w{LW9MB4X0{mw1^saKz@T>?5m&G%Hi*+a%|DcT{Q7$`CV{- ztv;aZ#^ZT2&A&PVGxgCH4L!=^yVw z7m}w*e;P~r>zi7&7Crw-t6tK-=~vLd$n9G77f#3iT#V7cmqgD5* zrhH?cIlw4`%O@5z5{PK5M-#m{n4l}Q2ADD5Q@~w_*l_R~Zi*N!*Q=i<6&3Y73 z$7Q}-NxNphn*D7pg8f{XzxLA4n_u8pePo{ciQOC-#~{&$C$$rDNZ;6}pwwsl2<>Y1hVjg4x6KclE~CC(ZiNS;7GOg=|mOWr~Dw6&yaAoZ{C zFR5OO-xz%%yeOcgx@xPZn)y|$rdd4I0a?FPS+vR~<1&7>a}MTlKK0u?iHp+T?>V*P zo4Ad1@n4AtOXJC!i~Zw5CDoj?O05k@qf$DQoF{JTt?Z9?@!V9Ovs%3r{q?5oUs>P1 ziRG7ivuS&OZk2X=ia$oiNBJEAu-hscY5S9#S|R&pudr)tckjz&dFRccPzH#wCQ{P9i>-VeCzuHMIe*R6;-^zYA zI#}|*$-KS1XzKY(r%F5V0{>#<7g6hv$zI6lshs(_7oz+v>5nOodGJ){Bu;*mdJjmx zd!VfEQM0aEWqd5LP1qTC=gT-v{9PvdvPLe6kG8+b{CqP0FXu=Y;#MB z`3;d~e>?k;Mt$9>l}BJ2by?zfK~WFka)I!J%EH^kk4*ZOM9>z=pun(H|tiNA$gLi0GGO;6zeyNT8c4aZsyiqTl-k z=F?4$m-%1e4?l`0b`PZgk@4MB1xYvOSmzYVp06EJpP4tOzoR~_c0R-Uf0g+#amrcm z6MH@7x8|gL9j||H-|U}wQeRc+?=049&Z|}8pGFJGe3<$g$vkW=3csB%cJN!R9!P$* z@BDXhApFhfPB~{5%X-Bw(<+Pj1@0Yx`ID0y$$skXl7DldR&5eVTwEh(tE9hJ4P7Ff zAcve=)D+Z3l5f(li$6z-{goS9ZTb)6ZIj43f1aw4l=BOa^GxE!I_c+P**|^(o+?~) zyRb7Je8r#2iT(8bxX(O$XV&fCd7tgyp2~j#@=yPb zizu(PatD=q&PsU`_nq}Pb*Stcb6;{*bH6p5O5%Ka` z&h^3m&O1rgA-+rVwtaCi5pAhzG}{sGGf=n4g0v7tY5`RNN*_V z0m98hTgZBLmj2fHtnGW1>pnC0Fy}r?D)F_S*ty$^eKbh=>uPWAWlsA)#9tH2_|Ds^ zRdyLyKk4T&iEk#Z;d#VU-L~%mTHUhK|BBlto)4eY!l&X_Xu=ri=^4aUJV~q4Kft*w3+}$VhlJ$pwUzb@cjQwBha8CL;qJVSXV7~lhp2Ur0 zz7es{9$;3wO$X2$OMq zl={p#n$43jNPOBdAMq}U?904qF;GZ-_3KR z*_UpU(~-jLo+;r{Jr-^;fob>scsjrV#tW$yW}ajiV+0}D<9kZ)qGB54L&g|PRqEojbPS3La!MQ$eD&~~A zMUXZk72&V49!_p6<<0t-_-)Sn8JQ3d{6!5nmVIyHf#L7>W8V96uF5_fA$p$Ud4I%x^`Gl$D)qb8W8UNZU+Z!D1D@~X{hsv0ymwk5 z^R`0N)t}^f>u=+6^+#uU^cU}wIuz6D!!vodD(0y&FTuWPDRJ?naD_)&9hH3Z-pSbY zl=EmyQal$YEAFX&mHk_+_}|-G?u=iuuT48Yl>B?X>5qwTA)d%LankIAX~qB3y#n@I zr9QKd27PzV?qqwty`1gAfA)z#m6HAIyl);BzuzqJEM6e;k4wHeC-W5kd;iX`zQdw_ zk4JJ=h`*ZW6|T4a`_ksUPo>jZWhx=hn=+3^_ewm=RKimYko}OU1ln`tOrxGldw=GT z`_VeBhU9cpmn4pw`{}D+*c2E%lMm#o#6yh&lZ_C z!>;~&MAFUtntC$I`C!fs=Q&nV{N_Rld3Py(QzjS2@lx2#{|_b6&x`+>7u+}V6h``0 z?#o+}Z}zo`hnPR)-)Ff-9^iGkkv}V=^Sx>sl~4NfSmxEWzb}N%`v>!U?2!IB=l2ua ziywshjWZ4;5;pt##~`$mo^0+Zy(KQ0d*+3C&?~$@WnX~%5AwB|Zl|MsX4aEE=)e1) zrvK#*`g{MK??1*A#C%>YiTQjcYMvvF|C{x=S-`df8Ceg z*XNwKKg#|0`lfw%UOVH5i4!I+d>_Be`!Mq!>_463CJy{lxxE$sIZm4W_D}ZzseZGM z{>lD7)o=XqpX~or{l?G!$^JjpZ`SLd?Eh2!W&DbcF@1Fbd(B{g8zXZT=HGBw1`_p`@yCMcB}3w!rZ z2jp!)P-+#0eD`<c;k3cI)hQSIGeLRO6`P~&`OFlYSG`0&=QFR;+0A%SUpC24NH*ii9h^@kC!6sU z49>5-$YwkRgA1y{He);`gA1$bHao{tMD-(MJVn(co1Ok!R7JS3hbpSJgVmY{`6h%_ zOdWOM+Ubj_ZeFIpfvTYNPd+17&u#Wq!`{f-G`HfaQ4Txb_NVyrCl<$o)qJtvW0h2u zbGqi2RD-~5uaxp3|2f6jms0!4oA#UbN~!nc#diNnslvJbsxO)3F9N#R zR4w^7mfU~2U*)UV@}Gn8;gojr0eyane6kcQUkSGJ59m|EgM%yniw_F>1Xm?veNO4> z|H?PzPZh2CFE-_ag5|47@}EN;&?sL|b+Y?|@^Qfp)Kakf@#$v&Hc}hO9$&$i!K%_W zd1}noNIfL`$^6$&-&nl^+v_>k(L@!>Yg!C+Uq8*1Z>HLjU)l9HQ(@$W%%2BV!=%2{ zRx`E6g?BreslxK@Tr=M-Bz}!n%~fR=-r{Jk){`H~+c~XTsL$lCQr{k{g{oY@ls};U z*lyOlg^IJ;xgIUlMw^}f-a;J)yRVe`MoWF?$(w|e>K5vbi~XYDmddN3-9Pse^67=Q zYOQ*K>94KT8W*mezO~v#o^AVQ8&$ZFU7q`;jVe!`WbdCgDu(>l9#0z;uQ2RqNc@%0 zn^aQr&llxQV7xXegU!Awa*jNUAU9Y z`}7YI4-Ky4+(%s@J9cSx zBe<`6Y_rp!`>D4s?4kN8WrrB#KMn4$W`f;M&NBY%tu~NXkWY~NkpCbzBHt$$CBGsk zC4VDNBPXt4#uMm1j+~YZ|MFH|Hv7BRm;E$B`jekrRQ%y>u(zsC?kjKmOn>WY@jZ*_F8+*wYf2$BO zPK_W>Vg7isyYxq^amt76y-KTUVn5ere`UB{$arN)wR_wuPg$V64kKEixeY5CMxKDSoS$$Mq}dWZO_&DBhOzRFAd zxl70-6=5H7zV`TshfG#UY9K$2tY?>yVAYSjU;N1@Bt%^yUzhVDG-QfuW*>>ZDxUaH zY)F)9MGlbip&`+#nSDh1s>Twpeh!IKC&@d+{}zQzRjM}HODFN;*N|zdF!{LLzkd#y zuIiGHZZ`GLP$S8iOuP!2sm!m0nDML-J`yrZ-5{I!>k=|gm9B^U^wR#NkooE?S;UscRaiTxT?(`J93PivI<^$YQDn>{4o+l8M7uT=pyW552I z>sK|MZ1!uy(DiDS3;!zrv~&;I?AKp&ZBpl5IAN%K#o7LEU;N#&9|m}BRgdg^e>GC} zL*Yc*)dv?Yndmp=-pmy6SDV+F@$OVP$Ywv*DzQ@)uz8<;BbzN$__CHr~5im@5-JHFblZh+l)zcT0d0cHOB zmH3B|8eL& z)!ODb)#9^!;u89&>TR=ge2Ldt*bCLG132+i`L;mVYxUmdI8|8of03{^s&q$_53UgQPW|4=F!oQKun+2) z&HGhf*{^rfe^g({-y~inPV-46>1^!xt7Y=mx^dVSm4Q4(xK-F!mEY!QHD$F{ox+rU zPM&vNJ`oO!r|Wew<)fA1F=1|cGC93Ge@qT@*N@3PW&I<=lIV0@VIL&%cvjdCdXNh* z3QMNvlLI6_GAxBYNxm!nUmKQ6{~}i~(_X?S@(sc;551S1R^sKXuuS?axtQ#~{b5;j z*6y%xBkQv$%u}~=;qzhH^?I`D|Lw4xx_A%R50~e|r(wBu`JR7q{P6sGn$3~wh413+netsyem)VSXQ8v7^KI6hw z!prGDRnqU6KS=gVWk+Rge$~#z7hmCIsr+~%?guW zMJKb_*FC3jGF3&VXMX5Ixj%$g)t=0sE!@)l=`;Jk1M%}tG5ewVzZm!9e{s^=a)0O= z{ueiu^^)7*zwG_PB!2vrAHUfb@lO|yXLF5z+0T>b^MT7akKIojPr=KD~12c3~zLGFj?vUkw= zZT54&CiCU3I_Qh!ZBqWY*xw+Z6uuPRQ9mSqmUwVCypw)SelGsMF}RaXH^}tI&)rwv zS3HvZ;^aXxKW~N0lVgPSl+L;ad6TfW>Y_W6AIW_vsr-qD-sIl*WWNg!B2Sa^D7~;h zd5p}bDgOsKyZCn&$xk*I{i#H*K~669;7E!?;fkGHvf9gocH?AUItWV}D|yVp?%JDtRQzRNcn=*!?rraz$hWFADHp{*Kkckhyb>U&A zeLvOYiB=`#Cjc9gZ`kAMt%s5~zL9T1Oa88r#(uA(#4jfP_0zwTy9=N7>ZdP|^92gRNSnVRW%|=p{Lio&55Brj{uRlT zLApA*fIR=#oibP-wRxhNBlo>#Q-*2x3C2EB4HN%tBYenadEY5KV9F@H!q?>csuE)F zKV_UQJ<+!3`@r$Ky3Nt*Vto15^_1~?ip|dFb057H?0!W2yKDGFy@gy=_IG8+M7^8b zL^zq6sDHQFxgY)XX)^YspS}#{`ugcxD6hK9d^8U8(;59t{{oeg{nI$iUl%7E|7kWQ zKzAk|5&zj^1?Yh;TswV$-cDYBN8;0zKwaM7)OSyJljo(`QzmKm0K+$R4dECyNt<6m zGYtQlq*IXLUz2qzGW;t@7a_yHf^`Ej-miq{RyI4|uY~AO8H!n-Y_fm$1c&GcWRGj| z?b<0}dhR6TkCo@KopK2uIvJc#_UDZ$5xQ3p*h9wic1oo73IQkECEo^%h|)`J_Env3 z%eUzwqIK3VlaKY&Dq0tJ;XIOm1?-Oa6{|ai+xG6W#s7;%#Ohu)`?{|bE+agM`JLoG z=B?ti4|%xwx8V?*{oEImr;#^&F!3->&$Zdt{jzZ7h&a8J`K={>Pf%0!dU8|o?-Em{ z>Z|0g!i~eG>bEvK-)BwJ))c$HD#arCSA7xFbQ1DW@gHwBO&5+p{ta?Nn-A!m-?XYP z_Fb9ZhSITpNE>_t9;r6MQ>&Z6b{@*?I zN*(2rzanC_UIV88twD{;bi~G}AxldalvQYz|ad&$T)e8UC?W z=Ox2G*6LC=W4?ZkSgYHUF<+Gj#e_Y zYM1b8axXcr4n}O&cgXF3Gx=L}zv-s_Xw}N*ZF&@WrJQG{BDU*r@;2eC5j*rka({^z z4ev3S=J$^?0z7mhRM4r^c$(@An}F%*LePZ zr?byB<@akme}B+L$awz#s4J84{Qg=0Z1X<-n>>HrN&iJpnR)K*GsBv_gI z=x#?!>p0omH?}xZS?|f_e!4MUYRhAhU7s@dx6vw%Rn_Lb7Vd{>ta@bJ57St!$+#b; zwffl{t$vd6d`pww+5~oQE$=teWzT3`vDvwQGFs1U4pip;vg*f-mj1=Ge^Z~iB;U7C z8Lc14xX)y?JZuiM?^8*2MynCo+^3Ri56hoy?nh;;Ox6vX{nQ;fZ&v-7*?Mhrq&g_~ zIlr`-tzL^wdveH0dB3z-t?M>B&x35%6Px4QU(54;X7_B?YnuR$ZH;)zxDXAEOIc4ao5&9(YCpU0NAJY2YT z`qGw<&HHp}8BbDO#%j01l#f)U&dK}rbY-nTn|;+R*>C;Qm$Nq8?8o)3Y=y2g_I~#I zB-K@{VynPrJu@e(YBeL{^T?{!3Y#a|^W7o3s&&)mK)%1NZoRfS&VJw4Bf7d}YLoem zUrOe0Nc2yCWB=&dR`u0(zBcFW?C5${8=IZ?r+QXzo1OQKde$g%Q@Kycjm#QrbEKO0 zNvnm?^{pi~W4z0w8(4eENu>Qv(T%K6F1$awu~lr1Y2WFOO|8n`aR-~>Uss}=TA?;O z{im7rm<<1EVcl43k4M3OT3HWl4pcs}A8tptvR6UuZH7PY4Nw0(QU09 zHao}P-YRP|;*b3M6sxMu(e5#FfBPKW-WovmmHX#~1nsS1=obm(SZwdn3q0<^E+jjC_vcSzt5Pvrl}PZ!pi3 z&ek6`%k#KAZ~u{@v-QyCKxO_lQNoz6R;G=nzk#ZR#D|nIJ*~Fn&St;H^s~m2(@Fl; zYy+&>;ory&?ec@H>*UdP`61Sy^^fyjf;@>%AhFhInxKzwYYXiB<5qZBFGsb%C!kuHrSzen_9{Xd0 zRlw$GW$gRM_*%Wl4TVR?_*?n682d=&E%BgU%p_~13-^x+vX0surv`18&rf4Qt=wBt z{~Pi5=$J5Ts0+`DnPTlE_m%t5`j|-Ts0$yAiMA@64^m`&-JfW6J|@;Ozxw3l2QhKh zH1c9OFJ8nJ9XsDzNbW4>V`$7G z>lYWU8~cm3#)X^2F1EIlmBhaeu}iFEzo9+DePWke-N-fM{xdpum6c=%@(oACuCvyV zYs>S(tk?}!l3gZ0TABG+8N1mUPyRMq?mw~HtN?N!xnCuXzs-uUIZ`#U=Wo09+J%qC z?ywr|R`Oq@YI9zmS7LWt+rd2V_geAxn0&))A`}dF>MO z`Q%Y6-9D6mZts_)Rt~bcUp32m)GA=}P2EfGR|(>dT4l+&Umde*+3cr$Wj}bUW7Z0r zqgAl%w{&sGtW_@D#&O(QW3%&oI%#eGj(2^>hrsS$G9GVr(mLsq?;(8Mh2@FSx=(v| z+y0dG%q8DL^1m|wp1e=W6nENk+yB>kBvYrY%r3k_ov{jl-BI6Js{|S4&sr5+>_1v( zt#&S)E$+NE*oEaAy4GlxKeF7sU%6;abjeR9`H{>=dzY-~F8LnnlC{KU#M?Y^m#s5k z_vCUvf0g*E^@q*A?z!yu%U7*C%vVR{`znR6S&x~YTsSV{HS3Md&iHoSl8>zAKj->f zx02ZGr#u`=zAt*+Ds1yjZ9dwtw4d1AE5b+g2Bw{nSM_^ZkU|R=4l+`!THly|7-msKT46Kl z_m6vN-LctO{+0F3B|kRgmF0fYF7N(9?l0czwUv_m*xui-ty1K7yO7_QyocPE+)eIx zrhEX|jl7I}h4v@NLz(}YoJsC41wvk1iBF+FWy8$-+SgV#ay8+}Zm+G%xHnd+)2I)hXMV6+*zD)NLCQ~$`(Sk-uUsh46T;@#k>&Zuy|$dc z3x!9LO?wT6eaPtF2Wv7J{rg}=k`XUHTGPo1rT%4cAFX-h_7WcpgnYD?k}HdUc&m@r zUh)(<4@*q>XdSWH*F9S9b0+@}o1LG(ezfkA@%if~>$%N=_UE;JUZ1UGXYKLW{;?+R zvo(~g<$U#4U#yqpM{++nkmif^+2%+!{;c`F%U5gYIaA(OMSU>Ox8JNgWb^s&rnqm` zzVjyE8DF&HqRsMox;#&KEA5DX!Q?xim$f4a8PC%Whquj6|BUY#YqP`)`MhgqTztoB za>z#$58WI$Z1z>t<@`^a#?6uIqN(2*Z`>W_Yt$!0(GLp-I9$0c#pChtjPIH{v4xnpv} zKRDWx`=v7cqoXHzW@^L99D~UD(-=6^!%B!_mZMl$U?6;^@cx_N&c$ zW_AoDoAbn5_&GRX>St!ZWp=!0KEB_P+3}6}_XLDP%IauF z#(CxGh`8z6KTpSOo8d266J>L(vKjGsPcARV0hj!OUS5u;$mjP1ayk;;GW9w4V@^j7 zGWKIGM-`i~ACKqC?dWMU+H38V`~NZbHt=1~`~Uyz{eHdP@6Y>lxzE*V)gra7SS*Ic zP%MgJV^|p$Lor&%P+3Q5SXs3+ZDX+*6+@V#GE^pEhdLHvD0V1@rA2A@JziIKagOgf z|L^U8``vzZ+x_)^zOJvY-tW)rMQ@j~a|Xtv`3XnUJC%L;ecsWuOvt)@B+@!1%l;#(jHMfuNL9ySpa%eIo-$;4gVSMi} z{A8M~KkW%;&}t#;`Z7;J~fVhEM%Eq;fgcqmqOP0eHJ~~%{;E+EIQyj?jGX< z-oG4GF`f=l@er^JeLXtI)5qdy%DIaSGWd^m@u33;9~Sj->Kq3Oyz zP0Sz9p_eH0AF*vpz52c=lkS(Y@ISL6lg9ke75=1(i|Jq~EAxwKvXoW$m(UU+ z>+mk2txA^RT}n@Dm;TA`nJ%MeNLlzdw(K%GLCVU%YC{!gY0rMd7wo=m38lzqOxe^tfhw5Eso<#dgdRrooyPRKg^97^`__9dT#&$*7~Dme-J)m)y?A zHYq#5qkS)|$fsW@S@s9{v`xtO5c&JOeCqmz`={$uK8*-jr!Swz3wb`NwFtfk%BNX} zx&8U%GK1iK+0Asikfr@471L>1H@RtW0j-g;^9=TH_Iqd0)k0qG@ZVQ1ub4rfS2F*7 zUIixklmA@4Tid}R(TP_mq_%%MrYbNBPe6+vFV=Fmw(-tAuU zJzqb}p;M%+zE7P)rz&$fe}R9>+>80kI~9MWFDO~gU+$zY3t7i!F5RKbWqjt*ol2JR znMW@*Q1JLZ@qL6pmd>MBN?C|41Yd-S;(^f;`=E2 zfsh*=`TMuK=||F>%)|cutcttoZfQ>V@6A51xR>(VV34zf|K6Tge>2uWG-4tFO%lZeC+3prT5dTl)Mb`*A@5EsY)J?_5KeP%V>_p{nNj%Tt;6O z@-i|O?dKrO-&68MnBSO{%W12Sb^lRGJ8kY>_aBwi_z4>#BDYv?c`%lOAv*3k2$>})`PcXppzda;n_IqyJzaA_^g zQRe;k^ZnAtX`V7qf^3n;=}pS~DCGaql~2%Hm3boMB*=eN=DD@}`_xtR9%Wtt`Q*w~ zbcv8jDOw<9XW=Too~fgyLS9DX_c3*Jmy+f8H&0U*;Nj!<6?p&iY1y+hAx6sb`UG@Wdu4NB(U=M*g7NRuPdJ^vo4V#y|&t7QH?&^?u#X@iiL zlBUOS%46m0G$+dKFD3WF{$rJI(ArojKL+`^%C~5TlKY|kG*mXxwSBtGn=0RzEX()n%4T}GG#B;zK;=$aCgghve_z6?KBe1~%;!TM z$Wgv9R{hI?%1>#LkoEW9U(mOOtmj)_&}Jp`{$%cmFX=96U(NqoY4QLWKe<2BN@vD% zS-0=6XswWCe1lbA(I*CSb6p?z(6@xF`=>p$Rmk(5Z1kVg$zJ+{lH1?l{ncLDDP;M3 zmHt(GsqYBxpOlAHeM>JFGUhk0;d{%f@97LB=L-1;dZ&_ecJckqcDh8#m+$5MaXa0p z7YT~)7wrHg{<3CJ53hyd~zn%dlgIC>9`)|`)Il{ zzgqNX`{<*+%%4=|eKB5dHuuqHA?yBXADugxhp+qBeRQ#qWqy~~Khjzu>))H~r$0&i z>h~u5DILPy>+;x79VN^0bw6FGWchpb{j^rdI{o|US|RK7?x*X7JfBp+*Aja_^(Dyo z$@yXj-8Hm(d^_m(Le}mN(1SvrPdp;M2k5E8xc&L$G0aaln+Ir?lD`V``Q8CqEoANf zCt9n_-#~ua{ePk_Nm;ayv-SE|xNq`!C%WFLSd}CCl$eeC$IZ>+pQ6t(*N@mIc_@qr1Bg zvT`L$_YwBFkQ<5oz9hna5VH0!!q_og?r&KZ%d)%4#moA#Iwed0`m>*fEZv`1)t?0t zxqG~C*udN0Ko+Oug^=SR7YlhlITia2Ez6EzYoxg-U+mzrb-m<`%Klxb4<+`I7`6Dn zE!K<6d3zqjqN8|tD*giovGb&?-hT~Y7b`jb3B3PI8p1AD@=Ww6e#qA-S?*^HVK*vS z?q>{Pg-RY>!PAq#ij;gF;C8%)~00H{u3EFp}Tn^3kX^Ie^$jPHd4xBeSK-waV)im z`El$rDXaDMXqG2ry`CP;%9Skl3yx>6OZ#fPI)S|*Wl>*ps!m{^D04nO=2e}@zVBgv zBKu9sD!h}KFPX<*hj%hdRk92(h21D*y+1LA-6UlZUTEMLHeZ?Z@NTF&l`ZdKp30t( zvI_5XRxe~7-s!AW$uhh%SmZ<=A06IU7AIs`pPz~!%T5xq9AAq@pUEakbLXgc`1*G| zo1)|wU*+#}$FpflzU2-6{pNU9BxTYB^UnD3tW3zdew@P|mF6OSe~&+hy`bE)=lOoe zx$I>nM)7jTb&c%8+Fa82{ zK*`@hF09I6&PhB!=99BUeZGh#Df!|kA+xJ4W>+YA4eI~hRhO_Eg{;$a8M|G`IzE@N zxypV&_+MgQ#-8Y5Kbt+@!+ti~pzK#88g&D*+14KRC$r`r_9wFzW&d8Jw{E~>_Dv7_ zIqat%_H!6HS*FiH`>z|2!&V7d$Nx(9f{=CmuVf9%{w%cDy!b2GXFbew*;mTE0^{oj zZ!U{T;r?s)Q&?XiV?2j>YriQhO~|^vU(I%n;r4ZVznZlxS+@6USm~+V&97nAN|xq% zZ02d*>4^lBM~zEcf*8=GU^Dg)Hm$j3cjORYI2I`M06#*-B|&jptL@T4^r6FPKiI zvi@gC|K$6Xsq82r>+yIhOA@m5zw*ebY_XJ`|R3Yo%2Tx}+ zrG1s2>1?w!SNk2)*;~q7?x#&>9|&28H=XTM_C25Q@0$zQAtlTGj{;_ld2wPpqu!FDymLJiU)p-NLejtn0_EY|xo9zvcU}TUnBlW%=I5 zO3vzTej8gZWLf_#aywhA%;o;iOtweK-2HSilQpKv_{#mLne00u>;0ga?0}S2{>)^Z z%3SUT&17u63}5aC&0^;$S?0%VmZ4-B-#b|J?C$ZsgAEq4ZhuAWSRw27Q^ZaZ@_aH5 z`;{ej5lfS@=r7k-&0*C-*7fgB)-Gi2-<_;e$lAX<89RrEKcBpdnM{d&Crc8t&hNP_ zZesWN&1J)cEX!}iiSyXWQg-<7U#AT(W@Cjc*H0zGirH<_oE+bXQ%i?0V0Q^w$ETDn z7P5{{DO;}W|AP1ghLy5MdYCU_tCaa7%)ch~Tf`cBm@j5cz2s(P{{Z^8iTxI{3(n=~ z(cvv&*+QOA($F7G?6-vN60%Nz8EZ-Jp8hiSjgWQxm$ILPto>WceiQP1k}dLcDf6B$ z^LL>rulre?khS||EJ4WH{W6xQ>@O4Zv1M#b5Bue8d=LBO?0jXvQGEYY&L%54Uxfbv zyS|6};jp8 zvc5maoQ&@I`5@~fWSt)mvB5&t`SB1-6!Lt2ybbE-LoB_A{c4uo!+tf(RraT1eA--9 z&8GISzk(I^u)l&8Df^d;`R59@Qp%z|y;b!v+a_h_7S!Jpm#kzvmAvdTDeqEp_I|#< zvXbrT=00=LO7@#FuSNgTT=gikGev!Ho`(D}-?%^snR}qUevc*cCM0lVt!I$KhCmyxPOA>^>F_L%UAaIpp}%^Pq5iq z#`?L$Ud2kf*|*4QRx4z^zrTjHC|UNWYgq7No?gAbzlJ3WS@)-FShAE=f4YX9s?247 zx`w4GbJ?Fh$?jFM>`$L!WlEOytB&Pf(!GAwv73dg^XF+cQ^@m45dFty^J(^SFZ0H3 z=CLq$E|vaC|DRzcle+u=469VKG=G-GUD4hASvE|_y1dr1_H*x_-tU03R&mx2DYJxc>`-y<}!a9m}^G& z^fa)bkY##e%?6ewWF6mE*w$OS$LAHcQ^_*EudiJ zvNYew=Ki(2`9@ZzWNE&MmCo&MzKK;US(mZ1U+PP9s?6CR=KSVM9PReqBXm-F^W)i3f3 z?>*|I%x@0i=32c^ z62YJ;ZcqvaWjeLW}Z8aFAqQ>yohc8&L38>RWZ${$|OczE5@!PA+G z{4mj8?PXkLWabOfA8n7{z{$hWvR1i1PY0KSK}yEMPB6&GNaRCTewpO&qCBN}m%fgN zN%HZIh`YaD#24SQekk3`aB+UNs^>b~?kW#|s;r{6M!f&wQ`WI}J`no^S`cmy}-z1YneWHK(qx+ri^_Kg~`yE|h|DCMs zrw*6jkjL$r?@RR`BEI+?@!>9+`&ay!ly!aPH$rv~=S_@PT;?}P^7_GVaOCw%r~A=0 z+`TDo=;Gn=n<~5hX&K+kzajnMH(hdj{ANh*j{D2&3HO)R6YcMxne!VgxqIFJ@SB~v zKZ8X*!|&P}dHq58B0TOdze%XOzucVLm-=1#9#P}xtHPa0^mw7=A*y~pEy9!O;qj35 z)D$j2j1sCv-V*(#O)6gI;k!sk#2dd4 zMSOU=yT^~qI-E0A{>k{6A&vuhkmSznSEa>i<4jE6taSaY?t6uJE)zzuC0w zAI51he=|v?XqVaq`=-L4DQ-&T;qn^`c|Ke&#zRUTLw(@wtLiJRT7=(Z-}Ucb!`JEM zs_tL4%Kg{r*Q!pxR{4!&Jbc;DQE`(hcb6gRyFrc@?GNK~4_WKucTb{y>lor33CuIN ze}((GieD*;{5Q#6?&qJDJs_ot%Y z<^AYTj5|CWoew?xi>`T?*8iXCMelxv``fuk`hVz4u9_rMlnc&V6*9gPQs&QoBJ=-y zq=&~#j|)0py;Yy;r)0m{)&FT(_d7b?vR=p=X?Z+)%6Q-0B;$9s$ahLk7VWxAU(0%2 z)9$sZ+k;e1a*XOvt zRLei09rOO^Mb%IDbZ3%pRlU;ocZvF?{nM&RBD=cc!N<2((ZBHdVyUXPJ^jV++r+%t zBx6;%^KiJk!)iS!!$mt0`9aA=Dqm##Hi*tI-QKm_z1{Ns<@1N`^Mx$YKG9DI72~j~ zfB!puU2ia6{#X9|t9?C>)N0RoQPQdUiJs$lSHIFz|KE@AJRfvB&?>*_m+R~B{#}0= z3|fDL|3BI5?hn7Yn9BjR&XDt2x$fcmUu;$3{ulkU?sv5ckJZ0F?@xR8YrXpkEq|`Y zr9YF;+Qs8(lKL%NrDV=eGTysY`$|>m(C)R`v;RjwtLm8?54z$n*KJ*L-^J2@eq%7t zr=F@@CwJ+0$vRv;FV!-4FZy512YI_P(av~#%)va8j|UeD*&=d&+ST7{_i~<(_K5We z&wnoSb|hs=PFOAD$!|*QYF}OH>8anfKIJ#Ob&uE6YTel;>O+@%DdTrQDxZ7iWAA)L zeyRBmzqy{5+tLmhKQ8n5X<4W5%YRCJxo)C=%#XRu-E(uE-=~Xy-&E^Md=mU4*JtFH zegED(SD8zD)}Pqx8h36{{VBg0orkwkg~xAT?~-v|sqh!$rBHF+=G)xdBoC-^(DLcu zaeexSzHIMZ<9u(qcm8N|xen@Df5`cY^oNfZOJ9@m)An`!({gY3QeXE&C=b=1wEf;P zzX6!1Uz_)owZ2wOu@A!ICCihMM^G=h`*JbPn&cEwPbnFu)=}JFUN87f%Q~Dc8Cv3> z^uJ4Ahxe~4zmb@ihumkQf9$jUdwu17xAe(=ysIASbobWh>tIozk$*hBz4Kk>6D37z zKBW8MoY!Ui^t`jDjGNY#ed*pL^F{t(zKeFr!yAmW@qGF~^?y?B+BfU2&-)wQ&ZK@< zdRx`_AXSs-dD6*heGsSA!)iYAqZ(JGKKdV}uVroiDe{HKPrKLi0@;qc@=3=_t9m~| zt|RcBIL0lW-Z>T0zuxN*ZBOpwm}InykM>WidcRrk_vn2#xlbkQsb2Tmzzqrc#Z@vGe>w`|Wv}clGYCig(`dNNMGY_Y?J-u&s82vjp@2$R~ z%Kg7ppHlN$t@3p{_qVtEohsgcrfT=P-1rT;fBsLeC$YcyB)4ahS}`u^a_Ew~=P!>J zAJ@9u=lgHG9_jYETg^N5ep~N-xIf#k+o9&e-S_8syZ`0~nIF0wwK_rdcmG>i=hJb| zO8<2`lIhSn*HzDSebee`s(;n0?#J}LT5q{`KJtApo^N{JkM9e1mwVfn<9*kDgErUU zX;tfMRqg|J?f>=E?@Fh(r_J?#yG$SU#b1{Br1MRyr=i{P`k>4IY*j8gU!;uh3?7&6 zwY}c&g?h`nU(x%2EoIXE7S#{Qc8U9HR5?7L;`g8G{eLq5yK2AsJ(5nhEcbtXU!vD( za=nfDl$y`bs~qII+En{HUHaO-&iCH=JpLatf81i8WRe47|D>y(r>cDW z_v>p$=Bjq9>-V3jdVfKeYj5=vHP3Ans!8-Zyr4U+foQ zpHir}H$kl5yVlV$-^%>xy-)Cj$`|dQUgxh9`q)3mI=bs0&f`<*ko#4X7!A^2t3^5LwlDhyyoVI^mXS+T{AIWXam2p1N#y!cj^}*;RQD6T&80pgw_x7K z_x*JH`fu&&_TE$N8YkaV@zLvOz3!E&oR9KxLCd}8aY-M^{L-qfFS;IYQtySfM0l=u z)mLp#*F$L!^?JYbPwIEc@2P(1+Gn_V*Zi{k`i}eGbG^pH%XJ{{*Yvvn|5bNA z`xQ#g68&%2xTW{qbU&%rH*#I`=krBvU#lsiU&MD3s=w9crDa{7TGiuU_jL!)Pc8SX zZ+e~4W!~HU|7>5DA}`1P$nc zsiNM9`4@gKtHOItjVn^$By9&|J=XSg{{ES)^?UoLWnB(h?rp!PxsF#?d(-9CTYcy^ z9#8!b_l1al)g=EA>m^ER-j?a;Jzh(9UHQ}7pD)#XbGMrR_8$Lx$KyYZ+uFWPx85Jo z^LU+pZSSCnH@>G4<%Ipmsjyjmrtp2R+cC3ixTf;x>Oy$j;B_2 z{Isl9T`#nGZ&~}N&Gr09%W~W@)%z9t$NLo-|E}`U{j3i6&(!~}9J=a@j-OU_{gmCSQ7}J=oQc0hxJCP1Tx+|RjK$yCt_ZQf^1@bL$dn@#A!}DzD&xU>x z)FP;Jpw5AMC)7Kk&cok){M`%tCHT7!Ztf#TlO>4l5`?n^_oy#HI7^^kM*8D#kx@qa zKwSWJFL?lNs-Qjy^&zM$@V63vuY{kE;(0an*C3zP!2TM@PeFbL@-vX1f&3i)HbQR` z{$7W>*WvCBsBb`h6Y85#--lT<{`mh7@b@8d>O;8y5N>xO$3B98A3^>I^2f;Mj}gaD z$kn6;c0a}6XNdP_(EAMW{tWg$gT2q8zZ>e8P`}0BK0NP-dKh*O!|q|&Jq){tq2CGp z-|Tt4N zsH2eYG9GU!b+=GYK&rX^aO8_L?`Lo|NJb0QAoGMe895~NtAsj*tWl?*u2H9+zNPH% zGr7IVWV^b(K1BIfnz%EW$lC)$RQ?J%M7ew?Nfy7_SxEX(e%fw1+KjZ9ru6qx?q405 z#JGy@29RjlL!OjBiFC)oV8B`ce#Df_|jj`9_r}C_U%71NCV;oXy zv-1CtQd@+&-I!z?|1?f{hiW{;^C{D~5+l_QhGF|Kvp#5K8s}oi^LL|_v_d~%HWPVk zc>=yZr{?H^&*^+!`1Bu6X}RGN7^;m!JSO^8DAgf;dGD<@MkvJZSwNH z4)#BQ%=P7|rEVsFz2>%KFypz6`jmfBq1Mo-vA>F!Z`8PT3ICO9rtu}-EWZH#OA!uk z6%qQIXuQGSZ0(>4!X0`7W8OxCd1H9D@tq|WZ}1U53iXmL zT+K9OyyBI=iORo3;{|+algSc{r$s#(WAAy#Kd$CiT%My)mumgB4n`E>;$kUf- zB#Uqp4SD)+vPxIHaUH_p@q7vX;1&^s?~oL+RF!|pB7bI+R72jP60g#krs9#N;*nbd8%-{abYFTzj)&s~gX^<$s>RXEZ;vbYmpy;CTa>%kg%2jyfDxZpt zC(!=ze&2Wq`8dWbHm>*@r?6YqhHS^xs{K~~;r|YpbNljir&8gcMM@3XFBBX6RHvBVTtrti~edlDK}*QQ!H*H#r@;R3Wlk9s$Kk<Ss&&BQqB9v&bPL`~6I74R$I%bRDv|f1kQKL^$|vNU2Qu>r-lns&~7MQ;`oo zXSdOcdK-4un0!1u!tt51d}i6_zRdgk^``7^I#s=xWqkIeLC$h!8T?nR>98;B=@fe$ zR-%)fk@lzPucknK0PS`X>lC*iE_9;8|JfvJ%5i$6=)YDuhWT|1`X^_-`5@fAJ}{Gy-|OAUD*nkT{#Bx1-)^iI?*HL7%ukSxf4bMG zd`=bWPwq66zY+0z(uF+8lWNXH|B|HClRRVWHuQ^=X{sqtQOz=CzmjG0{&TV?%ar{} zswq!l%~Ag6Db+At7*Ac)5aY!v&mACbE90SNOe!8iywt=^|gNRsN)_{-(Z% zyNi73YF;&wJ&Jz%FYt$}kNdU@duTCi1Jd)dZwhybkg8Z?btgj-?HvoEDNsRZbJ_AJFe!>6i1N z>-|kCzRfB=%_2Q3{4FLQ@7F_}i+1n|)Ya&ZmRc?5d++h_u1%GHtMa!+sjaHtX#JzT zhcRDS<#ecW?@;ZqL$$NF?1gCWeFMAA8!wRyAI*x2KL&A@rHC-U>@W1 zq5{Zk(H@EeKGm)>?J&Zr3Ph@pzxT1^IJFOtSJfRfL06C)N5PO{`;PlLRXJr&Q%% zs#wp2z3Iw4U9E$%g#I%zIZ8iA>F3e2k>2SzZB^!DA>p?JV#fI2_hYs>8pHApwA&c9t%d5 zzT2Mo9bYe$E4f^yt6Zh4mh#(K(n7TqQ+SdQs#9vc@~=U;s}=U&4>gMLzYR6f(qDN! z!6}1CFAX<|a`c58l>dz?{>>`hEh^r1RNns5s{C&g>K40Al}nwFv96KsoQ^--@$y~a z?@<1Bs(3Lb*MB}H*PDim_h*A6ohlyv>;rgHbbh2(*-w=1)QKwlV~iE3FZaM)`X6O- z{ES!qR-$UJ2|~6=qS8-R>LzBPo;O4`F+M-o9NBHmSjzj|DfSMiM+f4Wtl#lWl|Pg9 zIzhzyKqOVg1LLEp7pW@zMA1KtF%y{Vw-ZJG&Sg0tOklDfPh>paW6WfsuJF5EtI%KP zM?bRNjuBgE}Ac zu=Vgqj`NxJvlyTDM$<+7!`>_v|11@6x9e)SOO8!raz2&DK7oIku`AVlNvc62)hm?# zwXt%2cWbQ7?=5zY%HJF&=Sw+E&M$IQ{u$=INard~9+S5Qu{5Hcgpr4O3#A=_yx9_Lxn1Sh3sC8-&^_=GC2<@68e6lh{=ASh{=9{seU2Vkhen?Gd1oq zJ|8)`Zz> zm6z*gsLPQbO-lW+?;7(}tT(ZN42uG_`+c#WO-|&oCn|AuS41IV0>QrB4jzPcc}0?RCpcAzYZo(8SG&4bV0dK z^J>3IE+6`V4-md=*BwlrHrT2B?-c3U->;L&QwEvX$J%cAELq+@i@$mOnT@kAM|q9t z9~I_j^`GM6=?jv0i?J)2kNi@{4G#aXR)NqHLOVemmy-{iWKbREtRYy1vs?yc0!wEMKxv69*JBIUi0H z=2s3#vku{Oi`$_-(wC4sp~}xBt%%=`tk&XRie3zve_^wO)>{0R+Uxzb zDxP)1J=(p+za%Igm}wk%j?XLWt^2XPw_-rOh{w`__1KZ%r-jM*m)La{|DyB3fpwNV z^{YYnqw{&~z;ZE8l-O=ogMMP~z;w0WxKi2MXJ3!`%J%~smE5Gtr@4omd_;>i2d8AL z7|_yQWIf^gv_rPxSKCJ%MK^tguk4N}WPCkVb3~RU_n8WrTu-%G zzoA@K3}_SnwH(oA$y3mZEP0w;hsF0>$&sDb7W8*fsQe4npBWSDjFCtBgnAD2`5V@Y zAknZ{b=$6JG*6Z?AG2CY~7W}A%CD)euV9z7$I#r9(NMy zzEkZBb`p6?SfMT3ccCrYZ=tQmbz8RgBAfT`_Z?MatMOUIt5}6oto%HqntQV~DT z;BpneJmYno9u*H+#&41-Z#$1( zA5y2h$@$CPfg>r8ch%sLRK|NGOgkA?pjxkUfnG&ocB=jAFN<@mE_ z@KQBSjIkDDJ`^`(jCJ*4>|PIUzi|D)+0J)Vx;O$4XD>PotYK{?r)L=$VL5 zjj=$)>%1WgRJ^8%a4nK)^Yz5w&)=f{^r zo})59o})4!s#SfiR`vNP;V(;APkDX@6Vgro#q5z#<^E8uuzzeqtbj=@~svXg4=L%wiX-m=s5hrQLX=Ng)7%G-8Q%{!DVZ`(;V!%CL7?WCHI z!ynhsdXfGyW`k&tS%aEYdu&ndvDN0|ed2&-)h_E*zf&*lFLc^;yEo;nL2X_3M7!@$ z?V(fD|96IViu&*MblUt2;r0GbTaJ63sy%e5cGIES4Rf{Q9G7o~G8Z3z=`iM!r?vUi zJR#LgcpmfEVNumSqplAi-!iO0^>0y^JiV<}?VrSpbxg^y1Xn6jEA~PgrBC|rMb>W zI9bEfT-S?oOmoT8;SyY{(JsdfPgnNRUF#udLFV>cL*rfYl)HGBJk2iMB~Oh@Gap9% zd|`OHXy==U*Q$P@R`dt&4$pF>AiUWm%T){ieBm_nwlcg28J?r`bCiCLYbg4G;Um(_ z3t^rJ^;~gkb(YEdmrDkxn(~&Ze35Ur#jh9p_H#$9SGU>hHtt=<$Av>;KdIE*XKxhy zBhOKJ+WK=;p7NUK;$Iv`S-wc;25-KS3tbnYTvrSz6y^H-h(Z@X6|QbTk+8SjNEiEg z?+z#yn%E8NT9yN6ic2k~pEks+1@bvlvrz40TfRrs}{pZWQyIv4L>JcH|9vVSQx z<@izWlKpdt4Ho{CnsU4-HRXGxQd5o>V??;|q(S)eH`b`!HCenL`}wFQ<$tsCzgd~f zdCf(%+T`Q?7bE5V<#bZ5_V3b(oQI^V_ePV%`+$Ji;*#TRi;M3o_`?0{i!nd#9J$we z2jLxibgRn$Hl=3TUmd`E(W491JgQLK7P8eU6t{%M~AX6_oX6sp6E~g#wO!2 zF<#^JFPJ`UX#`&Z17^Ch{@Wsy`BpHzphqx{(1lJ8g3 zgg$n>oEexGt@o!pa(9)uzh7)ZzC1M!6&7SMJF5X1OEdS?fgk?zbC_%AY3XPm}Ox`f*Ll zpC;uGWZ_Sv@~2Vx)2!ULDEBSG{rcltl=~Lt9lK+*T=OwLs#Nfcc^1wzSL?{;k7w(UEAu&Q{r3I>GATtZNO}GM5dNN&)T!dz>Bx0%r%FeM!`G>|59n~@Y3!ZO znHaa)j_Y)uLA~BVGmSY|=iHve+_GN!+_GLq-D;lh@b<70{>yoF)Gh02rz6|N0yY1g zXUg$to+-zpc(?0izD`YW^Z1M!o#5tQDlfGX-Mrm~1|}-~M5Q0E!iyL2xNvl`h{x5V zQ{B?vRJZguO}H-_o#y6W8h6k%_verB{7!T47UhuUmg~H9w_HEgs{M*Aw_HzWx$lPk z_5N|(w7T8$%VZh5MDwX$C=>|Y*V>z3>BTDM%s?>1Lp zyeK(d&aW*}=a%)g&Mo%?>fC=rf41THIyW!pMySVO9`ZA*bIW~#I=9>>sCV;zVmr)b zzgOp${Y$2C9p?S)ga+krgD9^kYjDebkOpPHLD)aJZ<@{Di(Pp_ntkX8yw`)u$B%DA z@iu>tHGD*tc>m@LH;Qzv@Tc2yebVec4dzWJY!dqdC3ds>GQ1Dmc0!Arzt{itgl6{< zh~Lj_lO^AWZL;J#x!KL%yYD+euCGXPt6QFi-RhR{XmwxzC@<$$b!v9h=Ii-ja#YNx z2f#kBhck|BbH9LnfD@9N-7=mn!r#>7LR*ffg|?he6xy=iFSKR9Uu5(A+ClTgykT*2 zzM3}_*}Pp;CKog5K3~lv#uz^Im#-v`6XBPWkyM(Gq|*P9RIaN>QtAIRwSU*4>RE@X zXB}=ipPWYd{^n+L0hQy_0_D#F<1C#I=&R;Or}i<6m0^$#K+emt>5 z)AYx{Jj*>lc zevvA|U!0t#!cSA-rmOg6srcn6^BiTK?2+@8WRKj($W#92iEwrwn=kyw_XD2OP>&K% z&R6<*9yyNYD;4g<_?oZOJkKhW$CQ+O54PaYpXPhYu>M|Z<#~8Jzb+-u!|P=MRGzM# z#};~IJ8`hnk6g=X3Zc(^;<4S+3Gq zs?u4i(pjp~S*p@kuF_Si(p9VCUn|0&a7wL;XSGMJYpO*&(SNG)uJ*|Hb@KiBSEtk~ z`}M;8^y3;-y6Q!`CY;is^y^i68k7omB3%uCsAp`%`<_$lRk|8HZ(zQ=)N1hjg8t{$ zQyWw|8&o>$RXXccI_p(B>s2}%R66TbI-68Fn?!s*Ikic}yHTaHQKhp{rLS3;Hw*ii z|EP2|i*$W*YKziuR_SR`D%^>5wfv#-bbXrI;^F%;Q&L(~x>{6vT2y+PJ$&AAT}rb` zPqRu-vr12kN>8&&Pol8*DcUEmw?CZJ>fz%QzHe0XghXNQ_0v+-e56Q~U$JsmtlSkV zd(|HKezsPb*DCW`W!|XFo0NHzGH+7m0lbr0JvKn1n7>soHRGdAn9Nh$po{>rC<)Z9Ly)VV1ZyE zxfahe1&hcHc%Dn9gTPlTw{kKI`jx`ZYVub+*O2*OEhzz4i%{ywB0R4p z_k;DM0$fL`!3MGt+(@1P8_84PRPyaw(hjbICT3*1HC1zXAc;2yFQ zY$Kn7?c@uvgM1AhByC_P*#{EiCy*J3K?mD7ZsId6Flczds1XCk8Bs9a=m!omjsO#k zA>asO1ej=y0+Wp6!DQoPFvUm(Q;l)s!{juB=iXT3Y&?$>&uPYacpfjFCm0#9nQmMH zo%4lGhA|mBS;kdhwvh+s7}Lg^8Bc=c#%ki1Rj}509b9c} z1?!BzgKLd{fc3_Q;5wrP@mVk8(_rj|&PL-aguY3H-e`P_=QqUjR-+xJO~wJ}{9Wj5 zGk(GIcJbV7{0`Hd20J@UJ`y@DhWl)krV#*JjR?5Mhy&Y1G+2VLkw6 znGeGB5@DKcJ_4N_vlh%X*MNEEGvHM71u)-S2NsyG!2S$jztG$aotfsFV3FAb&Na7# z#pVZKiTMdwYVHEd%zuLA<~Lxa`2$#Oc7QeJA+Xl`4P0%~b5NS51FkjwV7(az*O`66 z1~VSqXdVSNn!~`Y<}qNCnRE`yPUOZmlehh5^F-+E5IQ@}Q}Fzecy2Mz!1Jf#d6$_6 zx2@(x==@XY>@hEZPMdi#*luQn9p)9_LGx;`)4U!eG#_Mi2I$b+Kp(vW4AQw^l->=- z(S=|_s6QeMh~XgPEeXccsZ3Y`)3Vdx~%$DlJx=p@nA&`G9GgDLcRFqOUp;yXMr zjcx)b&@Es(edipLoKJZvXV7iX$)Y>JZ2B>LnWcU@aX3uBNAhb@VK7Eu8??)APY~^dhi+RtGZn9O$sW zO$ZP-^UO!tv6m-=iJ$Q@3bKtbjj}huIQBLe&)x$Ev1TxVeFU3Bh0PJ{GdzzJ&x!0y zJdYC3No)^nCbRFr6!s&S%60%m&k$7tCNmFpI^4*{uIWl%4P=haHLM zE5vgyOThCK@tns-;`v(fJe3_g(InFtuLJq)1U%m)o(otCd@E$9fiu~eus=)KFJk9F zXD&+zi&-XE!Y&0%+2vpv%LU8XwO}Q?0jy@z!5UTw*0NdPYW7#Kj?JGKAWyRa$i20! z1UmI>5x9=s5B>E*zkyXC+*d@n8(B4;H;Ly)wi3^8i07^B3Ak!vPl4OmTCkbD2<~JX zz!vrzxC^)2pp@BL;2!oa*v8%m+u2UAgMA7fWM6=t>}!x%Z6LGufsXYP=(7%kIQj=K z5~7v`##tUP-iiSSSy3>->IaUnjsO#_Az+d<0!+3>fhpGUV5)U8IMzx9)2wme1nX=t z-8v7k=^AnhfSxSAn@!9++oM1E*RygZb7iV1YFgEVSl;Gp)P8BI{ldztjMW zt)*azwHz$99y&Kn7FoQ0mRU7;UMil;t;b)={z zD_C#+9b9Mq18lH91UFhOV57Ag+-iLVHd)_-+pKo5**XC3w0;3wtlz<17CR4RVY$IQ zRsd|XB4E1}2X@!6+>L3=D1wa0^T_PJoZ zeIYo=&H@wcN#F?kN-)vB228T2g30zxV2b@0Fx9>t9BUVWY4$vDf_)E|Zr^tvW-K<( zu?)Km&za&m%YFc++4h5Aj{OLjYuAE#_8M@i{S26IzW^54>%c<$6>z4#87#8j1n1gK zV6nX&EU`ZTOYKjz&870u-(oE zJM1gKgZ9;6r+qz0T>0tv^|*_d1+Mvkj^nxw^ttW;gRZ$?)O9x)=UNEjtt2?eRSqV& zs=yJhhrvYGV_=eNHJI#r8ccCL52m_a0>`=c2*U@0L>o~B+l?>Lp#(=9`r-OB_v%s~k31GeJd~luXBCx@A z8Mx7v12(#*fLmSHflaO(!ELSru-SDhxYIQoY;oNQ?s64_t*!;&9@k>9&9w|{cU6KN zt`*=x*P~#kYZXYGI*>WffsXSx(C55-KE@+Qj7QE!=tP}2z&Ph^Fy46&9ON{E3C>60 z29u@xBw;M*kHQjy#Q@Qgp%O|@ti51vz%C% zW;^}C9OpTjZQV#=&S^{ zI!}O2&QstvXD!(5ya?`eHh?Y8Yv3-Y5o~qd0{1xYf^E+GV7s#u>~KB>4?16fozB-F zakqiYy$^KUKY>2?VKC?>7dj;5=Bv@D+qy7JV%@xq;@lqS_Y=?Y?wAWvI_@Y;j}kfw z?tai2;XVRPbPs|4D50O^9s!+X_b4#MeLR@zJ{cVAP6gB4V+1I%(? z0%p4>gE{W2z+878nCG4bPIcc5=DTkJ3*0j=#QfaNXMKh4InbHuz6&gJ-;3DJ5pkI7 zE=7FiiRWVXQka&wmxHD5hrlv-4Os4e9ISLd30AwG1#8^(V6A&SxZ3?Hh`n%dt$Qn2 z@BTZu&ixOt!Tlk)(cJ?cr8J;pQ%ku!3?RgN)@jL?NdTPNu&zcO(x<$BCJJja0BJV{`) z=R|O)=afu`eB|N#DlMKfGO?Z#G2i7$gK4X0BDlwM0odlb7;N`sgB_kLz=NKv!A{Th zAo1pd%sT^gytjcq?;Y^X?-jkDcP>H+dHLQ;)O$Bf-aZ$ZWPz8Dv!&hv&?)l{ z0?WNa!AkGZV72!+u*RDV)_TW)tG%a#b>6eUwcZI}z4v@@o%bTJ!Fw6F(VGLGH+gw& zZ}d)q&Q|YrV3YSoaGSRPZ1&y??)1(ETfBFIyS&9V1pAb-w$-244lZ(N_&N`c{Hl zeNTW*zNf%#zO`Vp??rH@Z^OkV`N+rXLyPY<=OUDA>rVyK{Nun0{E>c1Jx_um2*_-BHJ{yE@G|6O2_|6XvezZ5L?F9l2d%fV9rLtvS| z1}yhK4p#b~1grhef;Iknu-3mGT-~QR*ZKbeHuygTH~L$^M*nVb ztN$yo$^R|5&EF0-`wxIS{l9=M{@=k}es&4U!tVz6_yb^@KLWP<F8K=7b{FxcrI z4w673$O5B5CvXzz3!DlD17pExU_2NXI2Vi$TnG*dWPu5RN#KaUm0)7v8Zap^6-*A? z1f~T30;UFT2ge4Az_h?Ta6;f7Fg3oH-(6RZq;16Buq0BZsr zU~S+KxH|9~SQns|BL4#pSRe3%>jGi0AEZO14n^d1H-_kz%k&qKoZy-I1$_# zI0bA8oB{3%q=Bu0iQt~V1z=m?Vz51s4R!>s01pPP20H`SgCr&&WHB>9C+0TL7jp*~ zjF}5YW9|myVitn&F-yQfG38)FOcgjH=3y`~=CMmnGAf4G@T8d4&`FMY8cd0K9!!mS z2^<^K0H(!k0w=_50n=mN0W)H@fmty-!0ech!JL@S;oB9$x7?Uk=;X!h1*gV*59Y`0 z2Mb~jf`u`^f-_^x%TN|EE^uy)4=j!efh940z|xojU|Gx{usmicSQ&FPSRHd5SQC>B z*2athSI3+V*2SC!u8o-h*2kO=u8X+{Y>2rG+!&JsHpWZ=x5iutHpScsZi^`Zn`3ST zcgD;HTVn16cf}NgtuYJ0Ju!>HwwPsLdrT$R5wik381pFD8M6u`!8(uypSvtftRU|v zo#5Y~;|snF27?=+9}@b};2Y413%(7;2j2q+1)E`dlrT*QegvHn!Oy_N;Fr)JCG?Ym zd!UmX{0>YB{s^W9e}?I4!gOq~6FO-@BO7HDw6nuxqR>wddZCjM41!s~STH--AEuLp zX-@D+=;Q_yz`Wo{=wB=Jrv{IOPJZwNuppQM76wlPX9mv%i-PBXbA#z%aWE4s30?}8 z1}_K8g1KOM@LI4kcmr4+oDS9m3&GmpEO2%3uV7tpKDahm0@eo?f$M_zgAKt7aAU9< zYz(dhw+5d8n}Sb)+k$Js=HQFq&fo^HCHNY+E7%CO2Hyhr1m6YQg71Uv!JS}7@Kf+$ z@C&dr_%%pEZ6FKn1D()Mpf7Y742H-gw4IOz#)Uj!d?*GS6pBtl8HISsCWQJ;a>!8e zJR)=iOcO&xz@*R!FgY{|ObHziriM-i$A(hDw9q(kLg;KTJ#-$J5y}9wLYIKqp~+xQ z=qfNbln3U8rh!vKH-q`1TflwY3oHuV3(gIdg2kbwU`c2>SQ>f=EDP0u z<)O#H%FvTwb?8~JCR7jBhSr0tL$6N4IY=Si1Js3HhtAs2RhrJroCaga(2K zLxaK2&~T816G0Xp4LaeIKwtP&Fc=;SM#JO5xbV4PeE33eP&f-r2u}h>gs%h>!`FaG z;i+J9_$DwV{1-4ad^+%tEC{ay3&XE~GsBy~qVSvG+;9_E9NrF=gg*dF!=Hd<;ay;P_@7{9_#3b~ z`~z4M?f`4Uhrre0-@v*sy&U-;cEI|uA6yp>gAL)n;Kpz~*cd(v+!`JRHieG?w}q3y z=J1K&&hRN;cT!Ydeq=vb5IG1IMt%in zM$8=Kf5ZjOjrhRgNC+&6^Z`pF1HiJ#Ah0|#6s(LK4OT~v18XA5U~Oa!xH@t=SQj}9 zTpO7H)<@0<*F`P@8zPs18zVVjV`K`rHF6!;6uA-H7AXLmBe#M(BeTJl$erM>NHN$N zSpe>dEC$;m%fR+XCD;*J0UnGz3U)?Tfh1Z7vgmW56a5?Li@pp7qZ`3!^bIgB`ZgFJ zeGeQIZ3YvfAAuvHpMi0og*6D)~d z3YJDM2g{I%Tt^~J6p8%VpPl4N_Yr*E|i{Q@a2Cyai8n`Rk2)0Jw0{2AU1>2(UgYD6sU`O;* z@L=={urvBKNMhSS7P}90Vt)dCv4_E6EV&Z-A8Ubeu^uo!HU=CN8wC?$`+*~3j{p;6 zhk!}3Bf#X?QD92!@nCA~$>7-7R4^@e95^BNY%o3cJTN0R1I&uO1k8?|4CcgM1?I-) zfqAjhz^Sn}gZZ(yfCaHL!NS-%;LO;&z@pfD!MU-eU~%kHuq1XlSQ`5fSQc9Ymd8F0 zR>nRFR>wXI*2LC>wXy5L)v>RFb+NDiAG+=azRI}|{P^!W=d4z(TH3?ecD9|z?QA>S zIa{limd>;YAr?Z|v~ER+h7dL_8etTo=uC^$5ItB4n-)DG3Q^d!2%($YhVcLVuJi5n zzyJ5^^}k=Q`~A6ozw6;#*LBX$&Uz58N!*6(65qwv#1CGusG>jEJ?Z%OOtNF zaMBzsPpZRlN%!FRr2BC~QX@`GdK4!mJ&BW(mSJU5Ggc=(kJFM~#2HCzab{90)+D`- zvy& zCHFrm7S|>9$JV5iaC1^Jwk0{RBguu^lCp4DQXcM33gOPr3?K@(i>k-+-~nH)CA#?HHe2iwVi|(4KrBI+7nk zXYwNSCO?7x3{m*JF2b10GI(5RW7;#G}cJ@mTUx*pvJW9#4J_ zmAwUR_Lni%z5(OxuVK8s4HN8J(Qe;?4*UD)wC_c){ZsVYzrcX~AcpLRvDp3tme_yB zQu}WhwjalGyKyD=-`)$y+xy`Jdpu6GC*mY~Do(a%Vx`@S)%F~mW-q`Q_8~aaUV=6D zQ8?RvD$cQ=j{D^E{c2olzaAs@8f>=TiYx7RVvBt) zuCdR@b@m6a)&2->wm*(-_NCZiZ^CW%XK|N(HSV^r!M*nNxX-=`57^(tPJ0J-+qdIk z`+IoAz6X!m_u(=7=h$Qa3Xj{rL6vd@Z7Ki8*p&ZZT*{vqpQ5I4|5IYnp3)Z`DFe}& zl7QZn6!fQLU?9bVp%gzBr{rTvN)eW(499RvDVC>{;kcC3aD2*HI3Z;MPE5G~C#771 zlT)t1%9LuXPMMC=Qm(@pDYI~9%51DjxdUgX+>LWm?#0@a1z4Z*FwReT3>TywKC)k#906S8;a9hgP zxGUv*+?{e1_on=c`%?bE11bMtXNs+w`=8PW52p;kBPoONXo?+=rKDp|iW`roWTQ$A zpe>cZI-z1yhhbdmNQ_SnV?yd!w5Ohlj?{C}nK}`@sTZR^^>PfPPQg&>G%QZN7E4lZ z#M0DTFq}FE%Tw!cTF>r+3#`Kce{g4F%knA(YpQV-$c)bDU<>Q5L+J%-JxzvIf( zzp*9NI+gpM8jI^v`(tbBNw_&R8QW4F*pceOZK+wfD>V;yr-pEE>QLO5dNLkJ9gUr- z<=CBi1|Cj52alvy;L+4ccr5iY>`A>6kEdRRDs2YZ(r&=mw3{(5?RJb$tHp%0d1z0& z4;^U_p)+j}defdjf7;U+NL!Afw3S$#_5zlqy@I7_uVOfDGnS{dvQU`wM5MS^mZSPwS1fX>nMeHVEgZ zCE6qErD;Koq!nXx+6Y{kb_%wnjlnf(<8WQt+1Q$PK5kCC2;0&o zV@FyQZcFu$K-yi{nO2Y8X$^Qd?Lj<}wh)h|EyiPMPhn5m zGk84hIaH1ov^ieJSjPs8bG(M}jy6niY(=|c2Ra<@qtme$y^c@O@Av`(j)NF-9L8eD z4_M;(8A~0%Vc2mT%N@p5+i5EnQu#YRUZE^ez?J9G_#4<10Mw_y$$_5wxZM8)MV|gK_D9VthKkp{x?pW6+-7 z7ai#X(V3or-t-jor)OXw-GiZYKNhFwV@Y}umZlHKaC#}0rbw!x`zbaAx{!tVzEEXQ$tdbJFj{+VlljpZ+k;Pk#&- zq%Xn7^aw6WUxAC$SK-q1moSpP4x7_A;>z?luqAy9u1Vj9>(bxF*7Of?bNVOPmVN*` z(z|e5`q#KC{d?SEvAAm>F2jkInJ043<$DVXI z9#79kl@UN&Mj^0ypLkrcA8OyLTqZz9+p2uk!FXD`h zwKy}Q6>BnH$JrTg;hcsdf zV>EVVlw)_s8F)D396XXyfk!hY;jxU%uqWe6Jf3kCs>~T^%e(<&GjGPY%-bMc#*WM?+?M$-+?9C^?#`TvdoypseVMo6fy}$GGqWDMGaK-5=7V@7b0HqhT#Uyu zpTeHZXYhFDbEupxXmh@dvCa(`=X?$0oo$%l+=_PR4smOG6Z+<#{;9PjLh6P)ol(V2*ooT)h3nTeH7FIGEqaGJ9K zXE=x8OlJw!I7i`Z=czcyc{m5EnQv#YSf(E^fDFNoS$Ql^D8{={05cl2-;l###q;XFwXTS#=F$D+<#XL z+FgCo;TnieR|0xnDd=})V8G?Ukjsz7u6!(U6=A7sIEG!NSnevrajw&Fyz4BS;F^FF zT^Haa*CjaFbp=+sstUSldJGr1 zmSCeRf{R=$aItF@E_Jw&6P0yV&ab5I4I%!8X?c>~MAA zHrLm<%k@3(b{)mNu3vGV>kmBO`Ug8*w(Ge6u0D9!H2{ye2IEne9gn%vvB%}ctZ81D{af_p65-Djf1eJ(oP6VdCw82#?cG2otpA@?*ac3+Dn?i;bx zeG7)&bFkc9hvVG$;CT1_IKkbB6Wx#EB=?gz*}V)a-OX6-ejcZ}U&I;iwK&t=iZ$-n zakl#{oa256Yu&rB-u(g2cYllv-21W7-HD6bhj6j`J6!7i2_x=f*zEotSGxbk7Ps|! z?!P-0*SY&+tNSF}>`uluw*x!eF5KqM!d>n>-0cqGUiVPk=RO$^xJP5ByBxdSXW(J? zIe5fffk)kw@R<8D>~UX-$K6+<^2|V+=LU@R+>CLa+cDl#iwT~2X!qQQ4$njA^ejTJ z=Lz(Cp2mP@IfgtdvDothmUv#lQqQXx_UPX`D>s+Nc{VdM-qVf~Ja6Mf&rY1=*^QGu zA7Q2EGpzP}iPJpYIK%TT&h-3=}n`p0lyTb3ShKT!gzklX17F z3io>ch5J0$-~rD}?DX7(-JaXmzj5ZH=x)18v4C$81Qbzkaq_bd*8`Ur{W^->A2WC9+!I0!-)4nZ1!G?E4`K2;+=|XyjSBo z@AcT~t-;OSTd~c1Cw6$};x_Mm+~s`$cY7bfz23)hpLZ!9@HSzm_gU=ruExXOHF(6k z9*=rA;W6)<*yHWMgcE(kagwhTC;Q5<(svqG z`_95?z6m(PcLC1yU4k{fD{!{28t3??W3BHxtoO~r`M%k>z;_2W`tHU>zI$=8Zvig# zJ&Y0GW7zClf-8LyZ1JtYHNI82&i4|w`qtrQ-$rcny@4IREx66M4R`t8#ofLSaj)+a z+~+%h2Yg-F>H8YHec$6@-%&i``xTG+{=j3tf3U}Ao5lV2^+A<20Qt}6U~HBhS=ngM3ZNsa5S>}W(3>?9{aIlQWR1m8)|ptGbuN}kzKV`VQA+{e-Pq z$8dAj@7R|0H+E!MYq=JnIZp+2^1wy8>ggCt+OnWf-4*B_?EFh4$}$&7WY_D-CZy&Gp_e}pr$Kf{{rFL8EuH_pla7HhMA#QN-CaDH|VF3A218?!ApasRV> z7!9ob`WTlP5Im3=nu z&ORUaW?zK+vM1w#>?-Wc{ug#wgXX{x%Hww_?b@1B?CdV~Kw+mij-%u>T7z z_aDS@{=+!l{{v3&|BMs;zu_eRah&WoZsz{`dttS|A5Qbf;|zZy&h)2ZjXx7-`@J~F zpM$mj0<8BB!TJ6YT;Lytjs8<{k^gjD>>rOy{pVrCe<3#eFU6JqN^J2@#Wnt`ah?Bq zZ1vaRX8*0&=D!m={Bv=ee?IQ=KY+XakKkVa1KIbb;$oU5CIY-cu^KW$K{0F@`f1*D} z-NOCPiNR1#Uo6fUh$T4*Selc9;hYRC&+*{696yfF$;SyfML02MI8Mqb#mPBkSebJg zR_C0B({d)@jGPN_X3iy8lXC^m&Z)*ZIn%K==Q^yHr$o-F7D3x z5clSMg8Om~;DMYj?9BNZyK}zB!#PLsNY1Z#H0KXImh%tx_G9u_kvJ&dzPd zIl0ecZSIR$pSu?4=eFX4+}E)&_bptM`wlM7-GxhYKfp-t$Jm^^A6MpfVoUBJT$B49 zuFL%iTXT=$=G@=0E%$Hi$hF?e{m+fXUAg^nckW5JH#Zsg{t_wSJv#>ii4-e;t z@JQ}ZJeqql9?Kn#J-Ow0JogM#dFP-luL5K9CShFOWf-4#B_`xuh4#D|=*YVPoq0E- zH}7`z=hb2$Zytv7?!)4|hp;4X5timXf#JNTu{>`%j>}t#2q zoY#((d2eHN-cFpBw;N~VeS|afKEs;4FL8EWH_plX7Hji<#QMBnaDHA7F39@}8}lr; zasTsrKoR@|x^PJd{=fgF5xwtMbh^=|WxH)eGw&k6I9eHDLTi!U_ zm3KDo&O0CX=3RvQ@+RYfyejO>`xkcSU4w`7X5x{&oA7AfZFns2F6_yx$K!bor~(h7 zEwB({1B)>(@D#=ep238`b7&8=pd;`yIs+Tf8+Z- zaNr9p4;;jCfx|dH@B>Z={EQO=zu~07ahx15Zs-07dSP{-A5IIz0;~@V!TEs_To4$Aje%2fQQ&l392k#F1Lt8Ra3MAaF2$9BN^A*C#WjJe zab4hgYz@@l=D@Ak7Pu2T0&{U&U_R~&Jb=3ckKo?GUH(hhn!gS==WoQe{5P;8e+zEQ--f&L z-^JbeAL8EpPjFxU0X&f3g`N3dV|V`dcsTzk9?Aa|kLLe@$MXNdo_yOK-2ePO$Ui=W zwt~SJTVThyf^>{8aAQJ2HrfjU=qM;eXTdP^7K}uHK^OxCV=+{4CKeZ*izNjUv9#b~ z3>RFED7XkHQ6{DM|oQ1Ci77QBUv3f{rR1-o!*!3P*A_!yfD_T$QePHZVS zglh`E!*vBeVQaxL++6TGwiW!19R=1qx&H;RxT~N)?k+e9_ZB4Mz5)jxC~#qCK^Arw zB8B_;%~LVIuqI)XQ# zGk7z4gSVqUSc`$+JPZZz!{XpWSQ1=>rNJjK9DEwfgUfMTa3zipzJL>gui(Vst2imR z87BwZu`>8JRtI5&Q^e20z1^;FmZ%*o||7-(qd>N30M2g7bqtxFGl!HU=$s zasPw8ad9vXmj(x6B$$NF!8BYMbYe@;hiihlxGosP)?hJi4vxUK;3?P<9E00}<8W8- zY}_3@ANK|?!hONXcpzAXoxy)$ckmiK9Gr+yK70afThw1pO8 zY-lmYg`UFr&@-42dJgTO7IcJOMrUXPdPA?FKh%bS&{hnEc3^SneJly>#nRBH7!G}b z<)MQ(E_4{jhkn2bp`USL=r^1cI*yY=MlJV0)C;Ra{cu_+9%qCSab_qLYeJbgJLJVV zp&YCY6<~d62+j|c;DXR7Yz&=>i$bU4;?Q_p8afXnp$oA&bSbV3RboqMDy|7#jq5_! zV{51eH-~P;w$Po}5t@tJLi2G~=mFdvdIa}|9>;y5rFbCJgq@*hu{*RH4~N#^kk41O*1~nTxo{)46~2KTg$HRq3@krsXc(m{jJXZJ*_7vLg=KdG=eY_t~z&{0%~&Z1%HEgFgbqA&)E#$u@GOe`)s7fXsJVrkLE7%sXT z%ZsMqxT0w|zUW$0J70toPMRizNbPrY+-H+3X8t;x(3yLbsV^w3(>A0w9 zJpX03#vza1JwWXna+tNH#cP*>WwGi&@xNKy!%VC?UOXPv(DTqX z^g;{`)$_$e^?b?DTd{QL;}{;g6w8M;;kcpC;`pJfal%mjC=-XS$M|9Tu@Z*qBiM)O zBRGcXBRhxbZM?(O*jVKsR*fa*mZj#F<>vA@b9ubE*UaJiI5ordab^$y4`&-H`4gQZ z^t^Y3p7)Q?#}ACq#}AFrXI?x)KT636{V20fu3>r3$!acl;N%$GY|gZqGacqk=gInL z-6!j#9X?qf?a0acdP5`iOz}wb4vc(*qm_=_g5ibSM4ahP5r3x<=IN9<@~qn zbc@tC&*oCMI=@N!_AFJ=p!cg# zf1Be=Rqv&GJVl*r_8N7$*;(ouv$v~dX6LFWp3>XhFI}kKG{+0o@u!9`pQ?5&8$(xf ze!6{Wh0ITpd0jm}%bf37GFRqx^}Oy{)w5xqxxS)dq1heFmQ#IPUA>*|T9x_g3Uhr$ z!&7dM2d-hT|;!*;rQ{aC7xQ(<<;vP!DA zn?m*RboKFc_4ZS#-hP(Z9n0oYy`8S!PFHWYP}WDNKHhSf-$HYF-gWhHba$#%uWps` z98_*X!!_F;rjYU~|mS&!hVI3(YalzpU5Q>sLtEn&tY;^*sMFzm@9!_n2d@&s@*-$$H(L zs^ir|GXBLZ*JqXMr2296c&FO`YK)8ro8@|`K3`q)dZ}AgHw-byJxj*Qe1+K^%cfAh zy{_JVs&tlFu3OgY>h-$%>wKX(=K5v5u3o=Fy4Eb$FY9&n`mNGEX1RWNcNdzScQJcjD?)796btFLFQj4RA?9n`!I znb+f;D!z59jHgrm{yWPYb3IgVud9!%yHnlRx=_|Hm-V`O{aTsdV$SnAmH9m~f6$!g z^(phe$h?*RI=z1X@KF7Dy5@Drc#Mq4N~h58)$*sO%6Ph2&X=0!EAx7+uWz1=S4g)| zy`8RpoUPLBRDV5n(*3IRY2AZrzFGZv2N~=AboG9Rq}JZid0jo<$Lx+}y0;st8$7aJ zSFax;>&M8vuAUz&J%j4!L09izNmp}!rpo&1GC#{4bKTUuZdtF#JJpM=^|F4R%r7+C zvt&8d_j`rRx6%Eo<>?M{ykpsR=^p7pYF@WFu4w2s+q2|bs?X2L$Dmx^?{xKb=<2Vd z7#a7Wdb`2qn6E$jn);wsccH=aPWAQq%=HxwIaF^yhU&-F)z1qb8#q4iJ7y~y&Y*g` z3Ukcsn=Ua1Z=5RYr_1_T=D24`Ej91ce^sCFT*mtAWuCcRMMDGC$6aWSd0(P>KV7}O zuHJryjGw1^`?cnn*FDwS>+0=wR~zAt9kPC_%xt^`&${}49Fq0lQhnTC%rW1u z`CzS&Yoq%6ON?3G*Ua*DL)WS^H|px+>FVQoWxdZV_t)%>WkaN6sNPRk@29Kx8*8rT z`?y)&*XdeSssECJxt*@wj^D~O&u6Z={^pIk`Z&6JeZ9H9XUROXeBP1qa=KP6*r=?=&Gk2L)Ya>C_4+;LdhQ$5_d{3TXWg~xnT@)7dtJSKx4C}DvO{Jo8h(+n zm48K2@2{)(*VX&$>iu=~{xPzCuvzXi)#t6Nx6{?z`ONj)U$fj_=@_aXM^`_N?pn2d zqpsdxSMNVo)>oM2e$%z;=8d{~J6*k9wYi?p7gT>;OqcO2>0Fx2*K^weLYUPU;X*CN9KJpKSsu9m}9;^ zWjs~ZPnY?*GG9;oCUM@fe!0xAkn!_oIbWIYpnChQvi=~|=c}vV->h-b^RrRCormi6 zy5{Fq8J|JF=jVz_dQhFVOjp0(PoetyboKk$R2fe<*T1r4F4f1=H9xP?o$BbudaB>Q z=TW`?a;mq})!Q{weLgE>{aUj-mbKA?>TOub z)7`0Tn+{R^dF>Z-p7)Rb(d)8Oz1?85ydTSWh>XWj{rrxlZgoRLh0ITp`Kjjo#SOD$ zey+^VGsj$~j918bi;TBY{W>}*<3qCk7qfi-7!ZA4VyJ#x57pP}qxyV@nC0g$nb+0# zd#tRlko8k!y)NJXH%*oGvt<2Ts=pp}^>OD(7s~qO)ciV;`L!~?h3e-~*L)si{Xyv= z=`Uuvo`KQh45s@1+GCd2A2qK_#zSQN7#Zv8^*K%XukW9(ULPZ4&wo|V`(!-C zEYF{eb@lqOGOm#IQ)H~G*H4x4ELlHS#`B~LWqvs|pEsFbEAv}qeyhyyk@78!4q@j)3M zlChP4<-kCE~pbvM^fq5ApM)$eapWqz(X&*wxLFQ@vrTcii2*1^$v z57oyRBjYJD*45WH*Bo;^s?V#zEZ<+udA>fVKK?;jZ{=TsF<&QC@9&YZt{#t(v92CZ zk+JShmA`2&)yG>d-6HLv`h8aS>Lk98^RJlb?L1UJ-WVBAkKH`z+P_ z9i;j^R8n-_YL?f*e^sx~VXVKd!?N9&|EfOD6mxw=L#@oum2pJI%Vpdq<1PPHy}uso z$2n-uS2QU8)hT_RR;sTvEaO_~T&nk5F6*1ATMgK-MaG@f{5~OLt6lDwG)(ua-OI*M zeH>l$`H=Ax8CT1AF4eCSUA^6M8SCnC8{Mz6BU@x%*SsDXAC$35k?W%RajjHu=P~Cw z52|1HQ>eb~xzgp*Ez<2&|9o&z#@1B1KIs@~rF4pPI@QnPTp2Hywo&tSA>)JQnDa}M z^QGqbQuBOeJVrW&>ibh`wr5F1+GdvT>r`J)2i4cN-R#2~4$AzuR9}zP5#7#7_4h3g z)sL&IA2%%XW2in}rHrS@xK_rx`_-e7x#pPHiL_1D>+1b=t$fbhBIAQnl^$Jhl{%#! z=@{u5RNv1jGM+14F5M#Spn5x9{q@^P&DW=_w`N2i&qK}kBN<4zeLr278p>iefM^?ms#qN|T*rFy-MPT@W{W!^*e{Rzu>jEpN~JVnN}GLA@> z%X}N%uf{iRk#VQ=pw#M=>y?g?R!XNxtEu^VmGN?EGu7w2MaG>}U(Z1qcguR^ioT9? z&FiK5x@=Ux-aIlMBb_3hD_t(#BJHH+aXK+YF>woouTM{wRFFl_>8W3-=&?hUKK{S<2QrYZuK*^VtHJu z&##v1{UTE5(CECbo)61dSC4CD9Ff)zi*6qoF2^g;t!Riyog?&^^QZdyyeG?jp!&LO zBct=(rO`HzinfjF^Xrs`Pl=AJsXk7#)EkbDtEC;%wzBB?c2a#Db!xOWYVJ?<^He!T z-xterUGx4?ef}NPJl}F%UguQLx0&U6rTY1>jg7XP>h0^L5vq^ZY_9)peVdHC&GEUL z!l&uSy<~Yk)%$fwt51*KmwIWlSss__>*%2Radofe=iN?ozGq3djMX^3UC)xRw9+j1 zi|WVel(F}W==GPIy>wHAn#ZU5dFhsV&x~%@O!fZV(#~_D+lSBP_ZyAZmsgtI*<5S( z(-jf3-#pu9_UN;nW`BQ{f1r!)=RM~%J7{It>{BZ%&E`B`Pxbv)=S9CxozgJX=cn6` z`&ucjm3dt~AEEoz`sdrs_Fko{=R2k9e7*jnRl0iKX^x*-rK`tbX{EGQ8j-e1`OUKE z{?aft&rimcGS=0{t(8V(URTdIQ~i9l(f#VsDqTI_X^sP{b@iBk(#$-*t{yw3VQD!v zU(YhGmT|Y#c0u&{^Gd^1pKmqQk6$nI9cFp{rPUWk_p7D)^y(D2)l`3fh){jroz%*>TjtfJa^6&bUU5==JlkY_z5Mzc)!SFn{i=3#wanL3x2o9` zG3UQr-7NFY%Vc}1k5em+NZX{Hw4ZTGOZamA`26~mSzhl~=*Nk)IH~#dD=n{#-v4@O zxGK87R@!!@+=nT0J<>{PJ=NC}k#U=}L*_eW+%02O9X*bX>ixXZYU);&4b4(DRiAGU zemR3q@r4ebHv{S0ClKrJ&X{EGQ8j-e1)wJk-VQM~a(pqUV zHNVbe+#%ym8LR2h{hZRUv{u?l&DZ(W(T1gMQs*_%`C7BQ&(i&B`U~YV^y6OKP)qfF ziBSFeXp?qI)wS~aqvq>R#$FkRWn4@3^+l*YA9Y=HKc_S-t(4YEBhof$C)KY%UGwYc z`si3u^Yv?vIbUfr)#ueA?Us6HM(4|=)zXd|^!$!xwi~0Zrk5n$wW--0^Z8BYJE?gc zv!b<8^KqnYHTpij_d?_*y`G=fZ;oDnSQ?@Fe4D9$Jm)RZ?ZVPZvwS|LdOPQAy`Jxf zRBzvAj(LBOhHs7TUnz}9+o-iKdRSIW3n8j&_r^YLWdDOI;e_xDo0 zJ}l!(X{|IOZIgCTy?yN+`h2-QYTgHGK8}pNcj|FPLzwFAYNSf$4?UZ@l{mS`LH+8FrH>d~ncQ;@LA~N4*&aYb2DP!IJD&}R|gL*s52Cv!Q)`zJ+Zn-&b+*C>Tt1DlwmT|4D z*WIt$Uapt)jN^K8C$4;uBPp^#2rM2cfUw2f$j#Oi`HmZ-~r20H`^?I*4&wZ3} zrL_dsrWj?`KrMu66b2+*+BBNZX{gM`S;$_p7A(d5%bJ z3-#mh`{&d={-Wr0hNbG!=-4UsQoUWdv|3s(jZpLJm+H?KZ8GkV_1#kMW6|?3r+T|e zYJMG>^L&1ialMQ?%<^?i^>uVpy`OqKI<`^s{AKKwaahKc(rR;__Zu14Q}c6>jGN8% ze1DL3OZjJW&BwJ-{WxA}xwKN&SIf9w+AM98^&K*HJ`p`$t+Y+5o{Y|iseYbnrEOBR zBs%Y;`t?{T?Uc4Hjo!yjY3^NzK<2 z)z4p>InVo^H2jQgw_MJH>is*V;buABifC)4>RCBIYChg`(NqEwB zrQV*Om#N;~DGf_2PmG_J<4S9(c|B6KDmr#b!_rD=t+Y+bgYme0o}s+oy%ILN(q<7cdQFjy}nlJd`Zv$yspyhwDl3H*LO;t zYog;yX++v7b-pa?r4ebTw2FUyT;Dg>V+LOzo$Je}e!rk;4w>Uaq_Jp4QZGAh{$1$Fa)v@>gw}0o|f~MmQj5?UA?}F>f_c)yUg{!tv8k#=I?L1q-E5+ZmJ)r zO6Hqn+%D^N_3w*z$yis94gNr?eq3EWc1g>qd0jHDlCiGdu1?w{^SXMzUB2^Db$bv`ShhZIZTA{e7WJ zTJ}P8TxWL2vLiy)V%MTbuAlQ)Vx13 zu9G&suGc@cq3jL4p4T}wU%ym8-*wU^X}h#bYP=cUPgig6GRGASWzs6C@m6#@m)VMj zI%$)%UFzDRw_|^4owP~Xbz*%-bh~zGm()VF(fwS~ zGHI2xPTC}GmzKQ~-LFboCpEUo@uX$acC$S0cDyGH-H&K1vuAR}ANvotyR6n2X z=9vAZRlB0wx0~hr(z|-RW0{NU>nf90N$aFdRBzXAmaluM@m}vG z$CtYHM$eZZr3Djml|J2??;)miR$xgmv&KoKa9@kyo;LmS6U^llQv1)rCm~^ zOU_eTCasdzNt>kY(k`j-mFzDqlU7OVq)pVVS~s-I*mY3OS6U^lqvq>NTGk!iu1Z=b zZKCGuMOt+zx?PjBUD_or`&y18ZKwSFyrIi1-zUF`j_as-pUp9!_YOz*b4lx@P11I0 zm$d5J==OC|*LTrznY2mTE_Hn`>!npE#z&&(QAPFhS|@Fic1evNqU&AKGHDgn-~a1m z++>bF+|Vv#<44&~S|+WddcP(aw@ZzmWP53uv`X3~HIB-5(lY8+Uv8+Aal5oj>iTzd z`!Z>jv`*SY&F5LhT~gy`dEHCPq*c`XJ}cuoX_K_wT+jQlwCb1WKQDu%VZm5%S zyNq3b%X+HMr%uN0C+7c&u5Y5|`O4U(Eaq{`q)pOxsbNIdyQFo}CTY90OKMmwO5aZx zHP2VtZq8ra;IhiRwEe``7M*XR=K0Ckh>^#a)=8VBT~ec0bh|QXm9$RUC2i^*-L75g zij9uzq^>@49BGr(=o_7HlD11-{bYZsD^B*8Hc4YuFXiRelnteSz3Uodp3!W)WUMt> zjm^gAhSxIMa+!IlV6EwV}5?)*Bm$Es4D<_S)E|V&9H^FZQF@gR$Sm{t+9~r?k(wJ`?#z;i~#P z)n`|q1AWT-KG65WzP^4X{m$rD*>6U_t^Gde7mS-8cW2!CxbNbQ$7S{(-T$=y_xE4j z|3Lpk{VfA78F15pbpzfW@cw}0f$0PN1BVZMXW*fM{o>2xC&XVIe{cMY@on+D;*CKM z3>tJ&nD|5D z?}>wxQj#Vm-Iw%A(z{7Vk_IQIC*P6$NOE&>YjU~0*1pGne#)aMDXB%NXQZB=T9ew4 zx+L}I)S+qLrww$ZIkFvN95WnuIOaQsrkABpP2ZXRLHgv3mW)FgcV<4DxjM7bxzYKD zbC9drb*t-X*H!Kt-M70Jx>vZ@x!c@(++Vu?a9ce6JOR&W&sfh?&mzy0o;$pWKDTeK z?*-qbS=+LH%z8Tev+TdJ!~SZ2jsG_Pz5e_Ci~QUDU--Q_*XL}^c{At799wQmZf348 z_ln%9xwq#wZF_fy`ld2xZvz}Uddz+-_|18)R6 z0{a4g2b}rC^ULxt$$v6Gl7BFNdcn$qbp?HbiNRsP^MaQJ?+h*pJ{Q~;+!OpgI5;#q z^j@f6VM5_4g{up{E-Wazv1oD8H$~Y)?j7>{kb^_Yiz|y?DSo?nSMlLu+t5`*-NWV% zYZ$g{*t%hxh7A~=I(+o-Z-;Ly*<12^$;~5jPabyir6>P%^6MkFkNk1uHKmSGQ%8M1 z%6ZECQ}&!PW^}{o67!XL?ruY!#$RPJRGhN%N3LU30TY$en#&*Ss8{E!dsKzGmp`H~pFbXOAA8)d{-qvLSMiIl)6{e7 zI(|{{Mzu=K;*-QJszu$VUQu(@I*ztp-K92gv{yM&t7=di+4D8_+^iba8|q=zrXEr4 zYLR+NEma+AncAkB)ONL8?NHCFUHnqtd+fQJtv}%J^n9YWs(tDm^(k9@#ulG5^93`V z%zVXCw>qT0R==rlRFC>j{i%N7EBhpVdis`MNsgsIQa%3pzs5JW80t61A3hOX@8sQC zZ`Zmw+TUcpLdG|2GSr`}-@~UFz1J!IlecwabdYqZRR8Lpd46*I^EeNE{9$hyDuLc}Ai7?EmriB;SbKDQ z9p5GOejm$uPV9)DU!N6*aJD!9|8@WV>pr&+E1=(XN)p$n$*} z&yT*ZS8-n+qbFVm|G(p$c>EJRaX$>6_oeJ#A(Ti~ACLA_?x)^v zCtn}BBbG$_h|Di*i;ib;pY{5u`8v@3n%A-Ja@p^o^gKDQVY2;Ivi(6`=X(3u$D{pJ z9_Pe$pZNManeEzlZi2s+)1v9z%UcSMa($N*6v7-TyDn-+X<_+##tY4Y{hSK2A_vt@jH zm!W>=c&i?WzFt0NUVmMmc-#|TUmKbKhxwPAdA;&GU1z_`_Ec}L&+o+kC$7W8cJZv= z$o1>vmvg`Mc`f91s$Y*gxSx7Fh}Vbi@BGxHk8|Sv;KbvO;q{foaZ*+q%0bWh*ihND zh1XYro_M@*a^Lzr%hx;eC-&FZG3vj@C+7cuE#$h!{MT_?<$1ZC^V8RR;{0A?tlzIr zj8DAZzAMkijueofBff6woK@0Wf*oz3?B<^Ab#-mmrRVzS(yO}yXK z|JVA`pQHEf|2Wi+X@hJr?yKpLr~N-UwnNe`MOiXO1EG2%mi{Y9XI~EPVPHfsb-t7WJ4K zg^#PzJo;j^s3(;EN$g2A2A8O@cvzjz+HcXq?=YT$ZsRQU8E0dbaV`do^VlXIEvmq% zU^$2u6*4YhxezU?$he5*A!t#Ew7Z}%aoD0#SE;6piNyZI$u`vrTF>Ye*rD#!;ja%?C<5s-fxE-%B?!ZdpF03-@ z@JeGYPBG?TwQ(=|PDP9Qm(hS%8TaEf;{lv*JcRcc597VYLbjZb7S&)piuW0h<8tE( zY&Mp#b_H70v&K{SoUsg78cq1Tv7EK5(8AyRUx6*gbIiPe7WJa>Jnl4B<1XU`eAjph z-!opuAB?s5qp==;GG4`_#zyx2H(J!s#%nm(@;W*!Z=&DQj^&muc&TM8PPV+m_Lm{| z#IhZ)u zm$i_i^+t<|wGP2P)}h$XIvnGyBe1`9Bo45S!hzP&7;i0OuR&;0Ct1hfVCz^+u%3>I z)-y24dKM;I&qlZPTs+Ns9*(nC-~{Uhc!BjIoN2w7quqeqZR@2t%X%5sSg*jFtW~VN z87=A->lBt}Bkw2Hsd%^bDr~S$#|N#~;A7Tn@hR)|xZHXJuCva<_12s4b?Ytoq4ieW zYrP#mv)+LRtao9jwGIzk=i(36c|6vS$bGini&k3$GdASz+3sh#7g|(r+XF1eB6rXB z5X*g$J7aqo3v3Hq(w5Ypm%dytB0_$wg z;oY|9Svwaks@}Gm<$1{0xa|de!uAqIY%k+;wzc?zZ9Tqddlg@@ZN#;<*VtzMs`e$3~FT^&__#HJ{laka&x##_$j`@{K`v-oZhvCOdKsb?(L z;b)eac))TaeqpJ>PRq^sm1VXi!0T-WCRne-BU?VyjZaRM>W&I$7Olo5D}hSI1n7Gh)tD7pj(+QTSraXmyEdWBC&G7R#5b z-7H_OK4ke?b$72(Sl??j-`nQ*8jJV!Ivp4Es=x<(orR6P&c;W2U4V;voyYgT$Jpz7 zwV1tbQXjK?liJ7fz3TGbqp-5~XntzHlI8iTn&pSo)4j)Hr1$CA-1|~|w)a`MviI4z zs`q8s()&EVU#?-xM)e9?HmY^K&%h0A*{E9CvQcg7eJ*Zh%SYAM9RE>unBzaGjXFz{xF~isKhHlId$wAwRx-0%tzzaywV9bV=cxngYqme24zvB|>N}P{S4UX>LLKch7Ju$@I{v568Q8in& z#)mBTF}`BCkI~I?U*l_*`x=K?9$@saJiz#a<$=a=mIoStvm9@zexuORZ?qa@*jOH9 z^kVrWBbMcpjJ_-nHsV+wYz$yI!H8!$!8nQKL?eOaL?emiB*V^fl99@Cvf*Gk*~nmd zGoO;T^ZyZib~=MkceD7_pC|cMomcqvpSSomlRezE@6|D`HpUoiq!}Kg$S5<;Hy$$D zjU7geWwPaS%SqO9>wVV6*7vOYtY_G+w#~CO*s+XS2nm#du<7#Wch$i+L^P z@0iniJ<#j1ULW-Oy4OX$XY{_K_anW#dmrijYwy2%FN(dX&s}{M_1V(rNFPhzq`njS z&g^?@-#7aH)YsC_(eK87uk`z_-|zk6;?9W6??0^nb^Rah|8oDg`@h%!xBmb1_Y8Pw z!0Q7(8PGZ4j{$QBE*Q9I;8O!v3~U|v#Xx`j$oQM$?~H#k{-^k!_>w`B2TdEaW6+m_ zej9YoNf({eaMJRVT2A`sr1-%pgYOu;aByVs^MhX*{LkQ<6aGxFC2mhVlsF^ljiiG~ z*~!7=Ym;wEZb|+&Inh4MezSe4eXD(!{Y(3>lowLIPZ^NvOdXjzDRpXUY??Fe!nEtt zTGQT6`!(&av_i)?$8yITj!ztY(mm;CrO!!kNMD}bCnGZ>D`Q5+9T|HwdNTTEre_vs zUX{5Z^FNu1PQP=6^GxSL=d;dO*HG6O*VV4Mt{+_%cY^y*kJo#yx54|Qcfa=!??t|8 zzFU1y_%{05eVsl}*7U49vo>UXk@a;}F#F8xE3&`I9_)Y8|BQc?|26;n{{Q&na?*3o z$+;kBa?S%ekL4`Oc{b-*&XC-3x!2@=mHT7vh`dwt&dO`ddou5%ywbpqz^{RV{PFpl z@?8a?g3$%D3LY$Ytl;T_Hwtza{9TY4938wW_+aqm;FrOF2Ma>ihwceI6j~fgFZ2}- zE4-v|Mqy3iBZW^EZZ6ze_(kDAg-JyjMOj4^MOPMGUGz%Pj-pXR?ilj=khUQo4e3>! zUHn_|S3|!WddaXU!)6S7beMPegTo&m9vS}X@V4RGho4$9d0E!8b+N0Z~ATXma47+ z`?=| z8oulJZs5C#@12nKp2qhse9vsW3i{+%ZTt;<@5c8Z%Uytt_@cm7E--z#<@ck`( z-;D1+!S^lr{!@J43a$9J;rn*TjNh^GTF8ZOfK>PfoN;f!>GcN4gKva1_(sTrZ-gZH zMx0`AgcSHj$bfHz1o%eCe_saL^<|L#z8pI0FW>mD@qIVG?}0S=z0jn8AHKhj?;qg% zZ}7br-}mGDZy{&?LulFG2cF=++qe&B-hI%FzjfmW@Vy_h=0C>wgV4PH5WXMA_fPQs z2)+;C`%y@q{{y}c;`<*VdHxu_AK&Of58m7O5Wb(p_bk5u3ExlQ`=23~{xrV-1>gUQ z?`QD+Q+z**@8|G+7~e-hc!zTd$2FR==K6RY5V$ISm0X8X4>%fEwJ{#|^(hwo#U!QaRC2l)OF-yh-oIKDr| z_kZB~KQV*<3N!exF?)Z4nfo`GwdXNw{}$i>h3^xXt$&9Z`M)tE{|`p^llcA=BmD0% zx_^cbr{l(_Fk1fs-~WqmWAlfxLm>g;+roDO->vvgZvM!|ZTL>%`z(C7<9pHO2R1$% z-;43xf$vUyFWLMQPQL$u6YmzBLtC3K+q`Y_b2m?Ie%|J1Z+`yfi)E91$;Nm7j_#H> zY`pky@Ye~f2K|N5<>}X58=v#fNGDEU&VS|mHOEeZKA!SkPH8t%+B;L)-%4rUvGFZJ zfi|#ezaLs{{`bLz_haeTPo!VJom%kQsRh5A(tbCkeJrJYET#QHO8bM9_D3o0k5bwn zr?fv#X(u*)G)|^pQ~PxS`U;1hPrn{c(636r{#t^*EB$(R`t^0`*EghJ-?8~xXu0{{ zf1ZB*7YX{e)35K^{MZk1W;QmyE8+cD3Homm%k(Bl$DeXs7+K;AEel)e}$I`E#-SqYM zvzxyDKAh4%oYHDL?5uQ%DR6C2;2(*9)2 z>wP}``qT95&(g0?rC+Z&;W@q_{d%?iI-Fi^o71nmZ}r{twv_gcTYY7B z5_C5~2kF9z?~mc%pLxl1o9}+<*5*&( z`zxP=GCt?GHvjJDJim4JFKlgo;*KBR9N=G;HGJ9N#PDUS6Kvx*e(t~7`hgd{`~>U2 z_4Cf&^6-nk`NV@SdF6?p0^WCh-Yb#*Dtupz@qX`#zw-I7mbN{8;-8-2xPR>Pf91rT zFJGN_;^iMd@xhlryYcHU-`f1_SNz3WfB6+#n}7a_v&i#F^y`x-e{1u~E73=MfBwo> zBW)%1ea;uW55He|E8)X0_&c}W`l@F)J{R9>U-frxz5i7^NFU?-VtmhU{n4wY`1je3 zx4rt=jjw$5^IM<7_j#{*{?_xa86y2jlyml$Z+^|$TZUh7_7>Lv)35o!=1<-Efz9); zdGy5ej>D6`^Or83{C9upYfnD(+HX2}{k88s@m;SyJo&mWJUqFF@8K`}p_AY9g_!eG z7f*il#j6t!qkSKJ@yAcx{YB56eCUgQ{;8jQ z!(&^V-*0~7V_T>1{Bg|nk8j@dWm}uy{$*!x`I?v9ed_Vs-gD~RU;ds`-}>e6JN3br zAD$e)=~=wO^X$g^-}LcQpTNI&zWL*)zU8~FG8@b6E)`RpyPKJlJY|NUFu zbLvBHIXw9Ze7Bq)VxFe>#`1BjzVpoC$$x?GC1(#$zUJ(EPW8`jZO-t$AKyPY`-yzSYIpMKkWPkiic{Zl({KRmg3d;io|za9DCj{NxdMPG4vvV-qIeDkm9 zpZcn=c+aW7hwpv(ejaJJK5%&QjtBauKL3IDocgQyz6RgZNc$kZpF;YF@%PK$@t#w! z!*}K#hbOP#d-@&yQ{RBUe-7VA@%iFu7OOHPDZbg36#fvwtUSpAGq=LH0vzp2VoIcGK zEUrB>xbn`cPaJhFU+x_}h4vg>xiLGs@W|1%>w`x-Pd#<*>QmP)q1Vz(%_HrX-0UOj z?_Ria@#ym93txTtXmR2C6WUpJOOQ|qitSvyap~$6Erk`ckTcqZtDUEwlqSoc1l%vb z=0`UUu3bRxM_4K`G+pXv8E^8=3VLH=wYYjvz4Fs%_-p6t<;z!})(&|47gxJipM2`_ zQEISYN`vLs!KE9I&u=_)S;pjyBrQ@O6t}8Wk)#Axik8Y4&5mx|ymn=N?icQOr>={X$-^2<%x_*6jbouC=T!k!DAnXh$>gvrK zgDaOWUAc7Su>@UEhY`J>+An#dh~51WcjgsqJ+zk2i9#iQ$stII1-T)Fx* zSDkHYL90vA%v@7<2^@4{e(~|6M{Zs|>R!EaYz-=SpMW_u^22Gk z{&DfbJCAU1aH&Z`W5r7<7iKt099ffK1U8$scT&18)?@!;~I!c;~ww{q+FGTM4 zjxIlSq~}MH|9@Yx^eOG#nsUToc@nvR|~BI+?R>`ykVQr zo0c{spxzEEmn+_I zyQ{&tI~h$oi^2A=zd9H!_Et&^P}`Kmh^?+gds z1saq01Na~O&1RC*!Ozc_)A8)g+&D3$NS1!az_OIq9Oz!sS>l!p>a?UuLGr6OyDcC1 z)|M7XYVI%Sp`puxmXH6^{DIny%YUpmCHkC@>;4C4Cj1d#2CHs%?tE+Z712FZzS z!tczGRVS@qir$| z*T|&EUtbG$!2SSx@aUz-ZeG*uou_eXG$2A)L{tdi@l_Dat53JWY`i1uK}rbxD_3t` zzx+(Bh8>waI(hWQ(Ur*+HV@~(BbP3M-NEm+15oH5V6ufDBK5={Y+XH8oQA+p0t;C$ zK7oHD$A&*sAMjgB9bUb7;WGZvBf)ZC}26@d=!@ zMdHBo7OB%~S05ugEbAr7Ff5w;g;H^_DIX|t5wR&~QLB3@xysP-Vcj5ZuU~}9G^Y2ad7F% zBUhik{wDm3zeblXUb}kz>Z3R8@4=NDNL_o}IjDydaJCwZrjz+x&ez3cwci;IdYwgo zwSNZfvqKO+KjTBtvO|z$?kHFqw><%kik6z$B$xua)< z$V@L>x`uSp3ncX}3H-vfXOQN5jqR|#cBa~E0QDfcK6VWivWC39-g4IWSCSHB!QA8N z{#V)zXa9d}2IMhLjk)7yFvwji{Ak$>NDWK6XcIub%s7kqlS>SzjEGj6LOJ{5<(t>B zc-d`RG@=zNRva>$Ix>w6lIn$kBu?~Mo#?Y03z^KbX#xnh31IH5Y9b$YmyPpIXE0n1 z&fK-J1eLnyu8qZ2{a2|KNYbd&-5ZSit4_B&Sz=#yLH8CA-lj9`(z|pZ?^@wU%Wxqz z3>W?~6_qo6NNGr6XdIH+G5muveI=%mIDNM@eSb0>?ao%yVgLMUJXx$}ok8zzZxDX8 zGzh7oLHMiOnMklfo?Pjb8$4AHoQl_D%7x3ih+B8$>3h6Y_|eiTq~h3lBr-)kBYmQt z23$$t_R*tPuN}z_4eQ4U)AiKE({H)gE5whM3XwW#Uy8Ym`@9JJXek1z6$gL%e&%RF z)-*O)xGWx{NTSGUS_(~A#~TB8bd~z52W;N4D0?%Ao0H|N+g}alt7&Jp7<7hmdRgWJ%jtA7tAWe$tlypNjt37{ zxdvl7%Zrlwz5d9@1!F$zjaR)%e-0Wj>MXi@s~UkLO`QG?=tU1r zX<&2~3)!haX#;mViN0Wbd;M8iz+fsGh;x0=o=KMq12la#?kpyumEBy>5VlezM8E z{&;}F=}e~qmUC`*dfmOwEWo;*;c&Zy8RvQ%GOy3EAm#Zjl66vLrM9G_af{Ufm&kS> z#J#twibDUC%&)qj{(S{&k)z41_}fbd>(-gg3()>v4_j}Jov=EXEQh_-VupbsGaI`% zT+XplQ4!|8*PnCI4w+4{u=e&b?J=Rhzer=%-zQI5brZ{JGVXO|hcVZ* zvx@}`ru3oZBuy>XQ-3^J?(P-I2b0-3?xlHuQKZig(WenAU-Wk|%7>&t%LTM%lksZ0 z^!0+d?rj^fLJ4}j0t4x*VFFBt>=sZToOqfqf9$YkBAaS}yf&DKbu>A^@<9!=Nw1r! zBxifC-#s^-puwutn@0EuGql8g{ zBM#oEBMTrw>{thpJ-6x|5-H>%;ot3#u}Zodv;HnO`e5g9wb-LHw(9JTv9c4sl{D&) zwz0xUj}FIP7B=Xzw~~pr5evZB1S%y5yUUr*-dbGYLdq)aoHBiPtQ-&wy6L?|@?lP) zx2x1b%g)sh(_}P3VSB6o`6=|~n9&ICpC4cZFs#T1#tpkJLdRWZ=67W1P+i&-E0wm<9xv$IWsE+R-dMpn?>F}B`h)Zs6m6CIZB4D#;` zC&Uhn0VNEJc)8e{U`q{9IN@B331_Z*WxfDE(3^OvPN6W@BsAPSw)W5UXXE}5wAd4t zAV1;H?#uzbZ5)`B@nSX^u3{QaP3-aW-TqYeb^^^ot+!=3Y=Ls!jJvBntWw{2C=%_# z79d5`1#FEhG8MkJ6@!!CpS9uW0gk>pr9lHY2&ll$_T?Z`!~)`TI-f#4gDt*03)#vO z6J)8|@8?3nmSQE_aasd~$jd=nLooQDRNSzwVDzFEOk43}#*HL_{Q$LSMZ?*+64YaG zrfACx;qZ)IkRlVD1h)Cd*%PB!SSp9G?f;qMcW8JMVFs;HVp#$wXl`O0Q_xI5&Oa(=*)&f8s zKncMK$@wJ*l?=l%$fU_QLNFSi7P^-W8EJ`{$Yvf}I90J=l2e;rD4$F)=4J+Aw6$P6 z@!DZ?P#PQu?KzDm%^^dOi)=3e1ZD_2+FOpM?HI#}o?|*@t%Z;V?GI*)CHi2DCTMXh z>Igh7&Y)J9kTQ@#FxT56u*&}_k6SIdP8Y|yvRAEeJ!Em#>luO5N#*u&Bs0Cf9C@?; zV2o3fB7`w)5s9KXh~ptnMjXcxVk`Hc!;^bHg5?T5ia)wG1wh#SG+yVFF zlvHF9a4X$&af4fuE>x22`FvVSwF&kr83gyGTlfQIjQ4Au*=gDkZs#APQv6Ho$o> zLtQ1bLgWSe3iZzvNAC>B48z^p@dv!${(S-@8z6w$$f+5w;1ndb(R8V1Id z6@$GV1dKUkIV?I*nI7bCJ1p7p392GK*3@7pgZe$tNzi%I$p~u!`Du=}%>x?9Y5zQY zDlmIJtXb@8mQ`czPB95M@J#?w{eiUs%WMs#-=V@bD;#p8DM7V?D6Qkr6{ZqD+fahc z)CR`rFTuEqc+i@EzL?A)U4y?N8`xIFxWAxG-3k-Jv;e!_(y#8~JS}lNK{$?WC~avN zzqVxAIZ!b6A+2DU7DG-^pQjGCRS94da6*%JE;5*u$EoF3oQ=UFfF@!D@={VM7v=W) zN-Yy;ycmwEq&Yam-6dFgFmJo)tdQ4~0gFn;VK~Hc4V1OSIydqyQl?j=wglRyDifVo zrXa+D8ABu$VpF22DC&xf3dZ3??lSeD-#NEB*xT7Y*S8}i^|9NTlDU6a_6w*21%)u2 zB;qM4>p<*K^MgV5e34IeUF2plvY|X@G%YcgNM_tobE>l5MG4B+PjSFQc~(GNRHJ5U zy8|}4fXaxMNd=reEfOeVBqE6Qo2W{G#kE)@Q2z+EDfA>*ngNk9X zS-?k(C|rtA+dyd-k@ja{c)B}Kl0c0D@>*dj9TQ>h70AelCSpmOuk`Ba0Jb1)jDVfMNe zGVjio+sfyI^@+om7HgTD7>Nqq$*9_CDj<&=`pgJnZV zf|VxL0QfATmBKk!psZII_jjR8)ETRgAcfBkRmD?7z|u^Y+e5MoWDgqS)l5YPW`iCr zmlZnxJcrFP?FNb`)oN@;^H)cT06=bI&;Ut zxM@l_1!PE-NC*4Yg-+884NMRjXP(0q1}C@=HBZ;{EUMJX9N69f%-pQI2embK7g%Cw z4Z5cL%4n9m1;|}N9z>-$lFBl3Ueh9M7xm9)-PL@yzv@Bb(S$-g?;N(Io5~%vjz*-J zMUhH+RsJdfi7*tY7#8p=cw6qiW=Is zV!7K|5PZGjh!Ig*R7OP|rVlRCd|`{GxPaIQTc7s9#lhl%sV+okgWr6TpghXOn}RA#c*KKS@Po48&Y-MQ2Q*5e>NVT-4`~AB9Fi zjr~Q#Y^m^ANoHgyHLy<$H0__56b`{#t$~xvR-<$a3VHadPzu#JD~g&pM3C5w+<-pL z`Uef9Fx=o|i~Jch?PFJVYq%(F66u$7pv-TL@;%hVQ1Z)(Yr@J6-Gnz&*dos4Oyp@2{z>CWCo*~frM(ptfRJ*j6Y619LP4nxX7741M{ z>4YQJ+<9l@uE?Rid2Nq*hzntE1&g3ugLUPDcN@>i8)6us9>Af{(v<0VN-1GHr+Tj* zF9HX%ht?wqA;mlymsoVN(4ZBN1^qV)RdNBw=x}^NnN87LL#b!W`jB#pk(prVgT`xd zcHk@1?5rz(lfJ-?U({qe#IhYwVVU4kq#xkcRS;?l*t&GMTfnsdWE%o=k%8PfG@eBo zdT5%VWX_*dC`tr+lljz+<>6#JIxI8b)9t!@&kS z7Y4PgaRjFV@EpUmFd?47%q60Ajk^a5&CaB4HQB_d6@G=*tpZveh-*z$g?}Q&m~Oq6NPLA3Ad( zH#{tn2jQBUS|3?PHmm?P5`6B3MSW-qw<3`9T$qhhx&X5a0~j8&A+jobQ}otdV6v6~c`~pa0o2(xB zKc80`(Y+=pW`{UdV9_ySPXuz!MUBmVe=$ipr^DqgcGDqTxu``bU|F(6Kmw>PrYRSl z4NDXZ4&{tb-V|pN{42zDJS6L;!G;Nri7}hl)y$2vEHH1k(Fg}=%#=Y7)u5#1QX@;5 zFH(2&ohT99`c$U!IHpfVnF<=E*9&kN2%{%{PCgib?RM+LMO5%|zQh%6=tqt_fl& z7DzLvds6ZcPT8~#GL7nES%VVEF%S7FC*@aU5$E{|LM*}exdb`OV zPP)7X;VH0-%u&<~n-u;_o(i`Xni9;}2mEsesb}zf&Rq$%1g@nexYjsP;agy6p%{HF z6_W-51bikeRH#3%?=EgjV&{Tx!mW^krYg8n8zE;x7}!M@(OXK+3F2cVhckT5GQ@rG zi$n|tTsDd%*(gOyQ6|T}fO2h7fnbTb6EkrN1TBw^z*>SRQ6^$7n(ti&@S;m}Qz3BC zgpxToSOdI5f~H`CNCPl(+fXFI)SJga5#^eU4U%|{?oK4V=Y)oWY*XRokWCao@BiKq(X0)42WPpDm|Ks9LE|<~( zU3YDLo5U0lU=kZau!2l1mT%t{v-2=@n7UgP%?@#5ERBH@rwdP{)Dn(109jhredB`w z?xDo@!qy^0YOGd{Tv;ZELab|W(pSMPFWieJ|j%*p!0DDR-1{?tnLIX zsa%8e!N`Xx`Q=OAo)zqgq<{sxlqNw%%?H9IfF&e64S@HxW{wg4xiQTW~fw@GyW|qz0e_JaOB3cyq6s9RZ$20ME3goc$qw$w!LtVik%wb6f=2!|$udQvYpM{6 zf(wFC6fbCcB>`mB@KWXbT@u?ml|~@Z;k3Y7ubbokh5CB8WPp~eC3QN05~8jb&NHw` z?KILwZz|5DdYi7!7ZfKoNb2F#*8pGDXq&33YlQYpX~Ft-th42|s9^pIz-YQ7_8tqTDNA=mMmHWRj`l?sWQQAHrB{96~O5V z4jcR|x}BwB2&8HsbTWedAeY$6)TFEvL%icE$tf}2L=$WfB?1*3Wy*u#9?407O@bn= zgz?maoyty2kT=jh+=cTNI0-W=FZx-+p^@lQWdV5{XL8Qx>7uP<)fF5=j*%99BiAI> z8RUAe)VRtfKy$_Pnu8)tRJ*+9lnUf!T%qz!kZhvG1h#J6St&BvwzJSMrfrjr!b-?w zPIC=%hWf^@U>IV$0l;spKMGlr4x+aW3Lxse+~BD0t6;_0&dG6j1787{buIlAQ^`k6hVo9$7T)E-5%P zQM3rs3z!#L;7(DJp{!Yit#AqSB`r=dn0y!Nj$&t8K%(%12jSjC`&*;XxiBrs8kpQw z+X{DPO?|QH2-t>2R|-fXkc{%$uB%B~WIak)B5k$6bVUXI+KzZz)m?Kf+FAg5AUcor zH5h?xYn*Q&6q0CsJp{&@?I6w^^bD;dsj7H)=$cLFXf491-k55ydBCf2W@_=+UAAua za3Qp{BEJXGR-)5eySD-%kK92Qo;#61wIRy* ziNFYT0O&n;l zT(aoG533Di6fg!?p!Q( zG^X>Oj2*moaMuNX2dV-GMap1w)xA<#Nh5oJgOp8iyIu)ZAJ;sNDJOw5dkW7<*3b^| z^EyFQ4L_Mpp?T7n7ya{lP*CQkYlrGo6A5!bkSY^&XL9|P@d8Q^FP4cyP;Wy?fRr>& zs?Wl?2G7de1d;){U1=Ou4UZe%dsyQ*DWNfIs(Rwg;;B;*R{FpM&lA5k@6-6l=s(ld1|Wp|aNz3J^>@C2n5n@Y3u&=fRWiE?_dK zP((1c%(mEVFEi~mFq}E^W3DctWUd<7_j{sIDQgYXz1QD6geW3(wUL?1ZNFYvG+VlD zcW$S+(hj2|$FrdoCf8<3#pPx?fl#-AeSlN$1(2Iy zztgRkwIe*QB2zjvQFIfEvtnXm$_^n&Q@R>lK`^`sqbc{4r_y|eAd3yq(r0!rxXc}P z4tQws9d2gz*kB%BtuZAo*Cnzo%56VW%Nl(jmg*wvk7a{3YtI(%ZCIhf2`2}S<8Vhf zV+M4*ie_>>0?YQ~;!_sy&JIEa!sOGI%T-(KBQA%-zf2A_cO_`HEGSW$K&pkj_VZ~I zQ>X?VG@}ygpqc$JfxDDF$?ND{XO^1o7bK+pxpH(Z5R{In4MO>L7=+6SXA^ZjBx|1- z{S`(K`lCsJG+BZ4BGJgTMwi+I!)$X;txghK@`FvngWr)j1{Zdf4u?j@*{)O^gWif} z3V)7{-fbfH0aYKQS@uz5oU)T2$q+EnyK6v$ zlrF2wBFkdF#TPG}6Rk^n+}*h*rRJa)~Z3vz|YYB z*M`6aq7i>uQH){4KVtB%OQ0c{B8gS7!ip|CVfneA*8)L4TY%)j8Q2mwPB@U^CP-B> zdnYWj94%$7rD~&u`LXLHri98WFOyOi{N^jfTu`+&Na&|Dy9Ae4^V=}I7Dhgo6R0de z=2EQU&2*@v?B2NA%}b1MqDS{jN6Kg8eB$cs_P(XN9vWrM3(&L8nlDpnK9>@Ut;BLq z!$oJey$%$^bvEpecVQwcGg}oxF5#E}Mf7oKy5for#W56)xV>OqhK(E;T3$zqJ5z*g zb47rS5dKxlW|dgFK)I{hph1UNX0vYMIuaw?;=%^oMO!48O$&OfZOJodRL-=IO@eZb*D@9cPQE$ogdRQ#jPq;0 zk0qE52iL}cR3*R)PAjAbD$YOkHFm3N%Kh#hnXqNl|eXQJh^4ytVKm5hucYw#W%YoaLCdED6XA1&=cT zLQ$<>t4T`6fd#gpOn}>@$UZO#$*npOeN&E-ljshigf*_fOV25AS%-`vtaO>^3~x^5 z$q7}+9RGq?rZTO4ZRrwmg4m4qj~gI$9+PBoy3-$^YNG|Q$?3^SJ!t!J_**u)+pF6# zCt}-pmrYhr_?g=YvoV6ooqR{aLWi*jlt;0OXu9@7>##&A9|k2cNATmvy*6*B4_BR- z&|#4x+hVmDdYR~KJJlLEKDlgDhS24B7I=99EOu4d60Mm*;#8xOplAyw(PIK*apzj| zXu7Qm=XVCjT6y&oMNThYxPd21p2W|5;t0#EiUWqKmOw!8EIa3|$8xt&F2vl!&97?F zAZB7pTMQ2@3OUvp0=?uBmFkPiwFa{VmF7@A zs@SGuDh6C66~sY}V6+YxNvX>XP$FLhNk zMj}K#UfF4+SD`xVvgnEhj|-eZjht|ZZ%f8_;Am=KC!emm1_|VvsA?l0`4OmKIq!8& zYR9)H;3}G+CbzT=r$CqjT5w&B7$<}L&a_!9lMh;w?QR@=0%T)~PNi?Ov?x!}7Dn*3kSclRItcBe= zGu!5*w1&w>bhk>o3RC06Ra3)YPcb!a9Kx7Gde!U^HcnDD#jMbzA&@=%2d{!`RBI`GL?lhzox{vjl!g0^>{081#YDdH_$!C8nN>*gY zfeP)@^_EoH5i2daRw(C5!d1gt7FJ#O#x_t90RD%50#Ia`(rlccBmj@WT-leLS1pZ4vQuVP%U^f<9Zbs#JUs`THJ`Pli}$* zoeH57FT@(`9l~0W=*TtPTmeKatDauD6%z5mz$;8jUeXBYgulgYy7&p z0FpvT0F8c;wwpmWmZ>avT}Xetzu!@-YD7*~r!ft%DS(BkGx}x(6AGTN2@hRghZ5Xx zT_KdBnAX*qBxy6xxY9L-ZjQxLRvD-u8QpdqY@B1^(sT(Vvj)xi=(>0zz;1%AfmpXf z5mo(ILrn!)C!4*uPPXA%2bGucpbKLBt~#qM1Ky~q0c~k&@)uW@8r|uE8nJA8K>Wcd zH;Oh~>RP&c_QY3Rp5EoIQ)NWO%+gv7R{i3oWLaFkYxuCoUPRjj97$A_YI_?n6+3w<$9rJOcgA+ zM|flnCQ;OOc{Mpeti@nd5%sSV9Tv53hO3)IL-F86i}`8~W01unc7A+xy6p5aZz06k;RZCYOc1GKH zNpS+jQz1E9tLFVa-iD*wD8*(=ggZs?H&!%X`b9hHWRbN^H!Wl$Mb$~s%To8V8-@w# z2Fby~p~ovh?A*MwqZimqkhTOHQJhzxuA*e0>%z?$G+M-cOC%djU4K$m%0ghKtTgol zkK7=l(t3o0glU`IOzLvOPOhMUh|lSPn44f~u9dB_Id2+gs9L`{uVuO(-}UpjRJnQA zMC5l?)Otp~*yH8N94U)}m|Elh5=)ksmQ`hD8BBDkQvI}3zFDJ%FR(P$pshttL}IfoGI~PDq@fGqRf8(DTf6q9l_k-NSyRTw$$wf`2VZr%-E5#8gYT!o+jTk`ncn`U&@2y7%5>#z;^6a zGy>O#5SS>yd}QS;!lLNx!?{9i4dzIcdMsC0!I*PsOPG(*a2pO0Vg*ctC~R+)n$;4^ zF<)+@8%0|#teWi!)z}p{*;u?@GJ{JRAFW!^8`uNvPT~E^RBBmRlXlS1BCIB|)Mq`1 z>vSw2P&nBd#+s`!)3R|lm`i|0NymJ0Pl$#nHB$6QMLy?eb&VGwV{-yuCE3kkp+F5s ziaO*K(E8G#4`H9j8Xadu8!LKZ>kYXT73=ZF2NdR1AsdM7nimk$LA*fya7OYXi#!5p zr(#5+2FSDzEl@9(YrCk^0U$yW#T}mDp+&*jI+>GbZX8lo;L}sYHqcgL=WXNQDiMWG z%ZY(&kmz38vkW(0K`%*5Ah8;Tb;EP1JsH9ePeTdwS7U%^!g$K-Aw^HP&Z9wJ8_Xbr z5Yw=0a-W?Sk{7KJzzQ2(-r=$#aj-hoBjgJh%;OL!aK`+3&H3~o+Qhj*8gUK0HtL-7 zl$=5QCCLnvs#sW^(PSGek+m(LnkoPT4Ml^2xs1SS!GNWMM?1vOf%uJQ=5cXN9scnL zYVqS+7-@aZ0|%28m&jpSzz7g7-tVM|@v!#G4=iSin^*$ZH4wFD;?W&oq#YCrmSd=r zaQx(|jlo@x;goV+ zE$~vaA0{@sAPj!run7dGE0H8fRhm%h`J1U>zvp47Yn5$bvQWk7H%p{$Sx!*CjGapg zo1X#uGr)HJX#2FBpfx~8LY7)J7FY-fjJF12elP35=F-v**1%$I1*gT`29(v+29P;k z3*})42LyS1x-GX)O9>0Zsp|cD+_EmehR`2_tx@T@h8D`-8YsHfbSp$|(wJMCJ;--_ z2GRif9fUJPEk zvAr=H-}5*#hf|FU0KDLy+r@om_jFanqp%Uk^*OwM!0~DYQtw7vqHC`Ml5X$4{&EI! zA9tsE9l7s|NDXtTLE(1&4D68wTdLqn1!8zEn-JOtM}yrxiAvf6C#xUL>n$igW_XKM zT{*32+<_O<8X8rk!_!H$gGHhjQY89m(8cO(Mesz7+xCQVMUkEF!hup^9>}+tI9#Hz zdtL}*WC$y_9>wGUy@_}nT6hq1>?fJ|kR%G)gik-NCSfCemc)&WL=B9tpUb4p9bXeZ9;B{b4C-)^< zXQ);nNbtn9We7=`(q>4(!RJ(pVl>2WcMJqq3J>Cd>dI+7yaRv)1S=|}crVLTXkxhQ zr*QwoARu9~FXfai{?6mPcKg3Q>ioxFi+RD6ac&g(MWV`VVMK6Q^t_wsMML^9SQ`YXv_xq{FYR4S8Gd$A8$P= z7>ykWL{&0Y=?r{VC<8-?k+LvqHNLmBDyA~)#?sP-Qr7}jSy>{VI;|u}Il^G3(FTAJ zaIZ1ohH499gCpT~|H?dojhB183lTLhUWfWI8!I9)6|GNNAzYQ~hA6+O*wW)68P6`x z%~(E-7+${wC!#+CbV2qyNf_0LnS4Kv&k{$8*VJJbg$2nTY79kt0~UC*JT}hL?NG<@ zHJH+dnMaz9%D05YEiVH-y9D$MnRr;`OyZ4}GjU%9TjvhzxbRnHfYyfW}zVwMI^<6EAR6Wo(>-y`qt zZdw_tt{?89#q{P9_IrgIIXVttJK;ZxyA~*s1QK&DI#vXd45LR} z)Tyr*Lj+C@c}+*pbVJ5H87Pd|1yz*bSb-!4@0xL0s5Ap%f`JbgXyFR11VV8A7)ppD zIdhsgy)aP{8n(bNKieYBd!1BJIDb9prBPPsI>0-PeP}-&yI7e+rEG>}%B3hT%c~qp zm(kt=E(Eena^XbVU*RJ$yy;YC#7pF&?QPFOwKI7!1dKcep)Aq3Tsj|Vzy%B$)G=b1 zE-`(4UESs`ZY7qy+YDi?Or>pE9@E7pgCZLwEDT_pFx3{7OR?xvYc4LLB4<|Y70GLy zX$zdSeT+3bp#a^2V!H?3WLi<+8pN@?ho^?DAL>pY5=aWv%PH8}c#EWm=ou+n#`5YK zDCE?l?I8aI1epwVs?qtWKnG0Es1TrA903_@hggadD zr;~jEw|Y=YK~Sz(_)o-xw$Z|6FGieWl3^Mr!i3I{xKmZ1WGj{%{#;5;Et;Ap^JX2>i05VRGPBCHsj z8tSO!c~gwUR@Y5mx-5-g7z%S_*nsHSktdcrPI(H-sS;o)12HbC5TbR0^WN=Pz%H%sp1dSI*8LQ{_8 zu<~uavPb0d5k08U)9h}rz8&N%ND?RwmZkdG(*a zQ$%X?dw-nD%gjqc`3MvI9IS_n+O(4vF;kNK(sQmZ2Aiy!K0O!JjaE#pqs*nRf$+k1 zOF2Tsv#QgI$1d zC;KUGt_(g7_Bw*t2YEn{6_dLk-W9tfAx(qiM-6o4bc2NMQ63Ht3=5VQ&Jge(^T@^|>Qkl55nrY05!6=e4B+e1S*3%?CJY}r*xIM77wj0_TU zK*9&#WzTts^0IV*WdLCU7rVTw(kvwG66@_I1ndHFOoXl<%CD51w?Pk%b<}@)cdQR( z!D$6)$fgR{LVj7!;1uCzY8u82n!WCGn!7hu7ttYGWSpQSDAOSpncl~}Mhdug)Gz)P zAn^d8dl%!@6?LJ^IXp;7%u9fI4?_`%NBBxu)rlgXz#zTp1KuS_FY}P$EPBh>z=(no z^*I%ejI*+*{%}-L27II3?IISz;*w_4!sROT+BxV%TNSOfqVV%;xb)L(<>eMlLs z8R2>XB8|enf^C)C7@{;4>FLctFE&C!WUynfFwGVi3UtMdg_k4y(}vcTrrbyyBy_=u zRBVmsP=AM_dm$rTYe-2cK@~V|0@uFq78qC`4d~-D8H(9oAP7+CuUBq1-3TIMpgg!! ztOyNdX1;X|0^{f@Ia!0SKW%N46TXlTn&9((jv$VP5rImZD#Pmn&2s1qGNdRl?gm5=y73h=bBCFy#ZsK?Dt`nflkO5N{I258Yuz~PC%SHjq7-7M^Mc8`K zr3l8sBKIq4ZMV{Va6sqj%)`wd*=Y?3U*Uq^pf7NGf&r9-ucH`N<^oe}F)&5E|JR0N zo=)w+bT}qkYp5exRTEY=$woAz%gMTx^0gJ}j#n>?jjME*o zut?FdG-3$qS~MgYfSqt*e}|he){}^sEyb;<&bE+KK@hFfCAwEuN!6du$TY5_VS!7` zI4oe9DeyJp0VdEI$4a+GmcwES znb^Yt9$F0*^Lg`FYXOJ6Fb^M-wS<~8H}0unF<{Z88hy!$9AvG~3*US|+!ACT!0dws zs=6CX&z`X;1}=8oDX}0tO;aXdAbYqlYdi(V8Ej*&$D&}IMm>7t(TAnKz1(H^nkrpZ zdVz_SCQD!ez_Ri;kBf9_TGlwDwNZqfcp!I&5RljsX%s8 z&Q>)tG{fIDP%tu*W`-0*14EoDdA3G;fXbG;l*AamIK8TVO(#<*B3!>B%A0e;|Wu ze>j4x*9F`~ef7id^Ts{A!FjfwkC-YS^UODk zlp->y#2UPIglH`bnIt8F*P4VU z9^sOJ`x{gl(lo(hJ;PhvWO^AHYfTn!nCR?7QJ}iZogF;6MZa0d78>r24B#Abi+MCb zlvF)|o3cXgbVDQZ6(VO7nT6zuPExq*pqeOT*woGy@_EaLJ$QYxxJ z1zecnl8PJijg0`8i?l!KmrLma)fbRF-g&D&%v-yWIv~Zi3#;72^-U|F z3B%RucCg0>UyGn+WBzB0Tteoab6V;!Q7ICL>bUQ13Sc}kmy-F2Q)eh*l-?;uIF`_h z6t9Pud^0HWun^I4=E70PvPIX(8Q*UbSlG2}7c|#BSOqLglYq9ta864&49cDv?t~B_ zM&w%5@Z9=Rg)F1DYpazokH;a{g5i)^Av6$SrTU+K2FipfAa^|n`odO{YYtWj*RV`9 z0&YPKkxElxx=Ivl3SO`&G1Vo5UTPI24=$oSgZ)wKWSLuWNCwpxg~~|N1qx%bHe-&C zkS!in(crs^mQvp0MZhW<=bp-DEiiR_DvQZ`%vLt02AehwU4*;v&i!8FxP7bwG0yT} z)?MN*K8YWE8e-WwjITIRwLbhPMpNy$A-MOEaZny4OVV#_iz6zzGV@WxO84#JnQK2u95h zij`AeFBj%Mkk96e?YS%us;4IjF4Mv{Qum(aa!GCnH}?*}?5cSv8za|rW}z3=Fuv8;tER|_qN+p*ZY$Xiz2jV}B zxo{#z7>^Q|m~q@nC?UuOy*R}Xjo03Q>UoYK!oxaMUMtm%X=P5zPqHIHW-v~SIWKIh z4PcZ^O9)qNQtXu=Cyrw0%1gm@tp_ByJ+PwAduEhuuV})`UO=%XR(^6+Ep08pVhxbT zDkzh2x#mnxF3QxF9W7oiIbYfqxSfb&ki-iXUlWJ#2zqrwH~K0Y`T={ChcaITC3-DzTAzqPT^v>TqV-O|MthKp6spfJQm1 zE8+Qoag^;>70YE(s0M9~`1q0)h94pn#XuBqA18?7FY)ejQ%!OQXhgk zG=NoU>;ZzmA{-Nr8pM0V`$5NG7H94{#2KRS2sNv!g5-jAfWTbI3AsWrRk(D{{gf*d zvVx;7JigYz*`4iyc&Ao58&gHz4>SX@Vk*qE!u++r8Ub0b`po8EWwsSfH(8o2%&p0+ zyXE9_eL6b;N~)LpT8blsj|(+r=FDk|gT6>r&iYlTxOkt8i!}&QN9+}P4TS|;Ne{G! zms=}Th;DJA8DFFC9NH~8djS)anqg2GT?;Ie?WEjZ<3J;@Jh><&GI|iXd^95z;?lK* zl(mAh3}VcUhV<}i&Gd`qLfN{2VXDlcN?;b+ZSY{wVe8D0~tF1zayo(s!#L^CP z)MS|o$sKp*i|lpPJf%btkUU~-rHPM3K%g@X{Pf9aSXmf0UL2+V9B=4iuB#@^f%NXZW(#CU83lIX3%5Okr%SoH|76O!0geMi-M z1p`2m<_bvafGIV2Ot&JaiNruz5=xiPsHV#^4x>^~vjkY4NMDA%$-weC$$-Av4IJ1Y zxW5l+W9mp+0DA}{zGdX<^^Wi`;7KU4xL1g}lp7`5cL`wFn@fP-3S^qSc3|-1foCA* zlBxm_rd$S$`m{uF&w>zT&~9%)r6b>1hX&}JXE5tKAK-$0BBdKiU@0K=5*ddwmF1Ft z(}C6gX3ssMiC70!lL(5OP?AX&wnVa~37{OJoIh5YkD<)9rC}cN)E}IosgZI#*;l;@ zLSn^aXQc2i8a2X#EWpW?vWFuwl!j?xZxIL?>=^}cHI-^?A*<1FWS|g?C*&3l1l43k zs`te8Mj-<0Q9F*0n^a;C z#gv#zAYx^vx-T9*PkZbBVNX4W^ zQ>J0+6@-wGY@eJ#H_`?;ld)=f%hAiQ+PJSoln_vEG;`2A&I^&4_=i(IOgedP=TI0C zRgQe@HftR(xk3WW2_(|iD;66;DDB`J4s5-XPxesedXyWewMuT=CH)>LdMTNg3aWpVTZ5#-&rhYqglO%@R)4G=YJmQCiRuztlHgqmR?CSw7R3ti!?!B50& zu)^>M9W(0W+&jqZv;^{|mu1N?JQoGFqZKsAoABL-T0!dWCl|}S5iqy5qS`goM#W+U z4LQ&YOd1T7aLXlcU4lAG+Af?DZ>P6+}! zuT+3>-Ow;-#F7=<4nRpn=NIve+LOq`sCP)CMN(g4w5n3614V0i1qx`8xOsu2M#4mh ze?_XXXqc~N#0v5$^R9cfOG-g?5 zDVD)m3x9(>9xon>DY%vgJ-o8OaCz4op1IrsG(i~hP=tt{b)uN9@`GvtT_6bHNwbnX zyvQ&pj88~2ZYtsu~B3-rWF`<-)YMt=}@?M5fIJ zn-x!r%_b0JMqV5w*A(51{=e!dP{3&rgk}MJ4Ku@L6f!fS#|SjG2@yMDGg)4)(Pye) z^0QWON5&YyMSv*WU~oL)mrMv&VIjlZuE!C`_HL|I&WAcoSZxOg(r*t(dHu5;GB{Y! zj3tKx=x`umeT$4DiE_=$6dNeh|LD&MSDy)F@I7xiZrI^nZdKo%m&fqnO*I@iIIZwe zN=cd_B~^YY_IQLAs29x#Ga-aNW6G{a`y>uCp9a0!d8jwGzG2v96=Pw}Vj`ULssxLb z6Oklmdh9Dfpw3{#Opl;Nj)*s(x-uDkst&WO-eJ%}v?Ae1aW`X9CT9$5Ty&O4Pmzo?eLir4!^cMrw;F62 zaI(?IB1>L)(63R=xInz5ZFo6&cD>us11Yk>6WumsP5x_1s@pEpjOLh$#HzN{PcMqe zI8X@nzJ@s#3|R@0P`yyFG$CWiduP>nn!(CiVJ+}L6&*wk6L&TDIi!PFjS$wQTZIyr z&{`t6V2~}p)ms-QEM+_c-9Tt#=j!w-SU0+E!lB% z%c4~00{nq!hA|fYIhO82Up!q-&Ic0A{EVn!L_$r?!Rdf_0uVI(c_x=(n;7RMXhI8K zUTW-utKCh)gFH{WO)3tX3@(ThsJ=s@d2aKOXDX9L-VES%>F_g`sBt=>xej{9VuA5x zni_=iLBzQYY6!1pwWZ_KKi5FUan9#L>M}IKds0m`;HW)Yl$DdHivS83ZE&d=rAB@a z&kyw;B4szgP-~DShm5&9mPOi9I7D>}57>id_U3s~=eK#vOtq;ZYCKG`c!$YZs!;-L z`2&LczH)7)2^2+{>HMkehUyMT8i9kPj|WJeWgLevJ;H;T^t}f9MsQN5&eGX^HLXWC zeo|`*k|;c^J4Ppm)`acFCS|87MUQ=^HmJ8U5#S>XA-J9a_(qabi2j%%@MDjSr_$4m z5f^})eQ2x*?~wOg+~XQpoI>1)2WJdfM2;S)8hn0__Ab{) z@^xh)(d=g;fIc)$NLrbq>dMR-Sl%YGIbBA6p%pJMc~Y!17p=&=fBC{Cs)Cu9VR$uM z)?aIBIH~9j5>KF(j)3X_ae7X?eqcyM5Ft7&8a9Ti`k>^<}5CjF(Sp49rc>`-&mh3T-n-Gf8$3TO8C=2lSQpI zs80hMh1!{MY~49pUjt1z6NF;omcZE`I%tNZ4sMlW<@G=p(ssq#Y)dviP9l4e2nwGi zo{lMJh@>PvjiolTYopHV28pOR6;Q!!0VlGUOsy+4_)zd+X_1xn8Lse3EfP&NL%dkA z>ThEXc{Mw9H4qsTDsR%sQ*j!m#1ERQ?E>2+JvavFTex`!d8jlJTj+ddU#!#vI!k!0V@t~_ z7Sj~X`y(*pxNc+!S)<_-@*tuZdhWgD0@pkxNac(NF2c*uy~@CBRGmhq%$BF<&ZyBu z00l3QUX5<^=j6h`WFTau3U6*zTB?k0m1c`ErDobHj3ixe%R-#G$P;7ij}=~|GmjW@ z143pH+Mu4j4Tj#dC5Hkh2uTc;985)2(55yqqlR(~iNeu`zrAMZkUQrEI0})$mkTAv z{^ns850x^Nibf&Z^p6ykkzXh-@gnn9@)&YEpwnLMqA5tN`6T}cy62rped7< z8Bw6oRW3ix`Su4U*1Z_zf-EbJQ7Do$A|kf2YOF&#lXGHZ$N zx3Dk;29_00%HsLbjHdEr+EwbZD?QdXOi08~nxWwZu01-{c>?clKA8V3?2Cyjp2X&= z^@FCZ&`xwHAza9Rqbq6yrc*;{$?2M1ug*?b`+kEQZEnqDDo% zz5*00Ou`PO^`fe`oSiPHLL|V*FmMpWVlP;j=lnPK5;hNc8b`?_o{L*po_Pks{g@Dcrss!~{*Y*CL$&kO!VCSRz0{(X@=*~JK-3IpF#!b1v*n3hVCSwSpzA0bg@ z+ygrh3n+Tv@=QeVZu^~%2-Dhe0NH(y2rCQ5*ebVMq2$1XyktQOhmAY3!=Wt2G_0UL z<8t7qJVmOr0STHHV%$06Wq_4$)n@(>OPM?aw6L=_nDF!oAs?AOT*7aJ%$^?fUWnbB zJ8O0lFgsw7Rr4FC4kskkTIvj)vT?WRjRa_c7+Kwl^RDmk!DdVI`gO`I(bry)h>^FO zAF?+XEYegdYSQNUIp%gw2>&`j;Hz8T?)j1Bvx-s!d3=5oQ(7p~Nj zyc6CSXM8F&d)83RncYKZg}~Ta5wcOEZBinBz~eb#M7h)}!Zjh7n@H=$-#N4}D!dAy zXAMrvmaSkXi#)=Q241rO27f=Cvl=VZO61*Kr`jo8Zh(1P63N#)Gz`9LSX2-3aFjdf zQ<$9SK!_zhn*|(OSGzcrx!h=IO9jyP(QThFl*lzaFWjq75_SdG(~-Im+)|)bCk>SH z=5jQqR92n%G9Dv135Bi3wRg`cyP=tk$#;(naHjDo*17;-l7QKbBvfKjYmN6HE~|5( z{6dknob}gfJ_?YPQaeR5Oj|NdPeegWJSU$VUo~Jbe1<4G^QivHnjpn5r&OC`4za^2Q$Y@=X$04G;$RWg2_{Ja1I83( z`TT;_hgpPoJ$)k-C!#31eFPd0nLzq1YVDlg@lqtT3Syse-}7QY>H@AS(mT6I6Y)yq zOWeUTOop)$~U$5gL(Ri$(05g$>n)#B!CkqJeKgF}@p{*nxS9V-BbEEj$y z9CHL@vKH*!5doSyFdA5@F>${)Y9^BVS(JDx{`qLc63}?_+krO=JYFI!uMbVlf|kW^ zpzS+m@C$WlCZ7&1Ve~7;w)Oj9MLtYMTY3v07qgY2OF&w|=S4VfHBsqTrBZ5wfujY& z^#_&ZV27^R&5Q)Q6|GS!fjYHNx;FD-nAJNg`G&-XnlQ%uM!3YSZ*@mFI>H#c*10?l zVX1Vn#bXw(Z)h1A>a7zw~OeFQPU7?rSJ+Zu(X$BhHPQt2_(1iB6vpUnl=C`TANN@ zqG;8Eu5-OUbxZ#EYOF*kyNoeoLKP5G4{;6nGA-a#vSE#9*Q_GDAJ&O))um((F@~B~ zkLan}P^3y6Gs5*}kD5jSVfjg)>`>?CDq0*sMJHp6jg+l zK;Mj@rt6?%yoxKz{4tINTyYQWX=l}hby%;%FT%$hYg9rM0S8QCIBEE4GiE2oRwLJSpwliLn=>H{*j19J@mJ}Y|y!&Q_cmdKPu$S`2qQQ#RRxr=UM+?CI%8OsAQ16K&rPa{D40aef z957g^at|C&Q;9MS9LrWPLQ>LQB7^h73Ckj86^lT|r=4xJ*MlgNYQV^evJW~V+~^U* zj}_q3YfJ++IzR>#x@^3t6=AAkqlD0sN;a^9pe#YesS0AvoAgCSf^i?e3rO~Bn|J2c zI)Guoz}0OivUtG@a*Ts$`@=zg2-DoQr-d8535+oVONj#;*DDfYQ%J}l99J+?FgB#g zvS4xtU9TdQt9oHiW<${)-jByV^VEb4FTzF|sIu6t2+AZeXF1oBWt7rGLdu7xko^OS4IqdXtFPy3@#!L4s1Yiq5tCbjPlx2&T5R4 z>~buFRHToLvW{MnUUy0TmFO*CTlx-X4f{NH{iw@;F)h##==53S8h$JgrLM`AuCO&K zgi-<7>S_uR&|OgFG1wY2EXyKOjprg$o1=J*OM)53PL)_bLcTaW6Ud|l)(|sXaZ^d; zecNoFD-|1oDvE<~Lp(BagQ7}h7`)vyVOg090=y5ehYT_mm&)K|Z;~mr!+U=?@2U*q zsssKC1Fyy!@0zbA30s(|wkah$xQpB0APP<$WKF`yI?>BH95Uu2nx#-D8Jx9zs`{Zo zhFAVFg3@A%Z$@4PgwaAr8QN0errM3YkU{Q6f7^su`-KWzLzBML$xl_OwS* ztDf|p|$_1n&Cs<%*PP&(?K z%MmI(yE8$mTuuQjYOwgMHlT9L6AKE83Iy`A-d7t6M>QN@~{>0%&{k3=s6-g{X1jSzfATpdcoP`F`8c1jbR-;bxpUSl15!-^A$20;)- z#-yk6i7x4mmv&A}bbAHgKH-FJIFfQ42~3(!45Yw8HU>ed^sR)IE$ub!R(&awvHGF3Kkcy0>e0UY^P_qC5Me8Ps`Dp68p8rkV6He#O-=2hRyd9;&40p zWx+R+&S#+rY=E69pI9dG=W489f|?P>XL% z16NXgPD^OL>2#P=lTb;TPqWxNjI0_dbAQa>(9UC^uhvHE4!AaXbuk!P$tqP?7>_jw zfFO2H4}JzgLiF6JZKLIRUZ%+9W^$8oz(WND=N(Z#{rf1x2dL@Mc%FE>yiO5Sm3nv* z%D`wq&!Ws^JX8RpFxLVgr$O4)217&u2=N&E8O_FUQ3U@|mYT-hLjW)&OV*Hh%Tni? zAnXMl5!$r5^T1kzAwsLjNO%E$8fyRWLSlj-f4fV*^{a#B1e)gPrwH=C%3 z3oN1DynJA@@9?8Y?ZHYhn-3%vTG4a}B8tB~tPyxx5J=QKqGmIDIFa!xSHF+vW|~MI zXVqf!w_sQpK#ic?EWmpzPCwAU0%JXrgzjmAF&0yJoj@Sei@Pl)90#Mgnd4jX&GC`l zN^L2~+ncP7ahRG-vvc8iB#_PI0?{l&sp+v8?myAYEPb1+uS>mzyesBz*38WHAs*d! z7#72k*FLp*)Tk6-UHu}IVb$WyX)oTFU*5!V1$zr+-j7FVosae`#%h~5*V3?joOUPX z!c5CO#J{is(_usA*NB9-w}@WCuqDpJ?o)dNGm&TD%*!iLo)Ajq<58ZB6|TBH6ZoJ8 z-rY;kiU*Y1J*PLxtx%%p?(=dcv`db(jTfg<%|?+Dj8f(dK8}K)XFVQc;@iR?xbfH~ z<-?UszB5T@JWy%Hu$3WCutWPkoTO$nS!QPQhF}bY(4~fw<#r%AJHK!$_lKwfgbm)o zDG&4`;Bg9=Z&BCjVbLT}rN%`Y$OcGk5S1pYna41T)mR=LEHJo@#q@d}L*ngnB_Y*$ ze#axi)9lfisVGi1c9CLjvp^v-R0Z7p$C?0SOxhH>>*2&-RDN60}aT~}b zV#AM3*GHaYsd;2)5f=A(Hns>ng%LquZ#Uos*V~ZuLZbXR8?dcLYQ;2NZd@T%s9n7Z%&mirHCPh3&NpZh7q>M%0Z~ zcsjOle=46D)Qa**?bABMMYTw_ik# z0u}KnFC#8aMsX6JjxDp;aq;9DBnB8c4lFA;_FaaJDtAd+I@)?7bNys2w+m??WzI0P85>c3PjhJ^bVLau* z=eg3j!1cC@Wus9H`P3z%ycb!d6I9rg$;#8>0W7e(&=NJXm=36fFc(x>fJxW_;j?n5 zb-d6;cB3efM2mbTFMB{lH%8k=1u>+$u=wH4kQyS{;QHDQu=2{nJWHACSH6wA1JLg5 zIM1Ia7InE54{j%JY|U_q4cvpbMOqDFd=uK9(=Ze~E$pRK)VG6e9hMJ)4AO*qN^6jK zXHq#_yyZyEn`(C;+~Da7`be*RbN6 zLR!yNmwS7Nb!tkVx&V{-Gj~|!RX=N?DiwqhyB#oo8WL(qi(F!E=QCXD(Z>(4_Y)8X)n=@D>zVW!+bhToY{l@>pLLs!zd#wNxCVF(nmjU8ZFjjyN#>4%oC1qBCAj6i?5C_C!)=%dlQ(+*}{pZ>AYb9JuVbis6#MtHc5jz@Sa`BrQ%K%p2Gl_4Omi z!=>btTQr~q2`A-A*dWX)(I23P#E{6nyiMi|}&W8@t} z7fExQ4_o45A=u0=OlcsF5k=*C3rNxqfLvby7=n!&Jw5s(i1npfMyMEA@VB5xd_?1d z5+*(-Vj8g1s0xBjIszDN%-#eklijp$-HX7YA?HRsmBgb}2O?tT{^MCfgbv2? zu068&3?ZKz{>I_|N8P)}$9bLioiD%(KvKL6AX<_I%2Xo9R$@`4?s6nq;7vqK5;Osd zaw?Y|0s{gPFaym1q!8N)E=+TC8s}O&ppOX?=)@3b9bhMixYH^>9l>3m~>n>)SWoU zm8fu6v8-XNHhw1dtx3g_UcSyOL->Z?Zz}aO#yTU#k-h|Fb`cmPUxr7X$@u_m|HBdw zc)cT{VLR;m!YJ{bdYARnw*LDkNgiwu`&ie`N$}!URTvU=AhP9(D)N*v9AnFxtFm;f zh@D<6B?iV9)rV4=Zb*xV#tw-^a0-w;p(td_-4IEHZ{axEnwN{CP;&m6UH;9SS;YrA zr*51=p9949VmWhev6_Rcos%pD_WUq=2^92|c$P$(7?K7BB}cjB;F;4{Oq$tp(g|)n z{$8$N=#n(9D?>U8;3qlO1?)dAE_h7FT1JwwEw=20?DRhhkCNb=p z6lGYDZY*jfuyZgM3TUCT3h|o2_1Ny|$RH*uL)1SPLU)D>$c70O`tMQmmaJPaGi67(l!y~0iC8Kn?4|am7M`?qR4&opvt~_!4 z9KDve!@tSbAj|3Tl8rJnx18WLZ3Rd&65yZ_duZ*&++Sc8Q;8J1=S%JjkEfzaoj=Jz z!r}y0Tb5$|Mhy5b4e7vGILDLVA?EQb0a6TUD#IQ*__g(?g9Ky8Mk5Z{cL=+{-1XtV zer1Di%T_1=GzP})_%7SNVJ32>9EeS~H|Qs^L$Z`MNLweKpzqUZQlU5miKFe}P|OL@ z9ZP(6h`+5!OWaM$=0EgNWGWCCmYaQYghp!{N~L=IVkxr-A_ue$b}sTx@+D3wB1-&fUDM)PLUZv?VbWRGa>+GHmY8Oc`%6Cni{t1~ zhT>WW^jcKWmIDqQ>kap|L8bxB|V~7@N3Ns&WIB_rQ zHBED^#cmqXk}v)GWm`^811O7*Cb!oDAGTc~&5QpSbm%IGjCUjZb_07h{*_V4pr3?@ zTNa5x4yoNFYrbm`n_!9MIpF$ERTw*UQ$&|Fgt4QXmm+3!@NvbyXZ;rIpPlj2d- zM!qwzFkdj>f>ze0BKt`_bBgIGO}C~(+2mwZw_JRo6@DZhH_v)CF@*R-;;~jVlrFu} z;9*Sch(!!0{$-HKCwDQy)&nXx^C$+*DeF8bVQp~&!s)nx@aTrRdaB>t+dWTdha?=m z?B0gmy=Sw^crhf|*ULNVd%i+M0*npvy)C~@s6si*NOI|NaA7L}fsy!QuJXC%t>pd! z@f8!j;#X$i`<_-f0~U~@Lk(vRmcLyJ^>yfw`ER78?M2h1EwL!vrbU@}*9Psn1&jvQ zO*IAfs;Ta?UpGtFWOoNhH8Zi@R@hV94?=a#BsT?9=pSsYKSmB0buI4afZCD@T*8Os z>|8g!v{SZzwy;&uR!zXc5qG7ea~$0g9p5wRD_V0E>Xd};rYv||bf7s;bNj9{RjY{a zwe1s@&eZ%)5SDzAYQo;XF6o48rNpL-)I{vimf3*^^D4vWv~QOmG_s3{__=z11(C0h zL)-dcI5@TaV2b&Hr3>hqM-&#nlSl=wlK&ga-L+1g;J}5%C|TBiscX5>$nA8m412Vv zhH?AbK#G1PDp#q$?H@vvD-O~O?CVz-%W2w4DMNIa**CQCB$&3wuZWkkn4yjaR)&_} zFqrI)ye=0$gh^@dH10DTBIQ~lj|x1yEj1A!>trZ46n*;3wYz}BNC65Jy3 z9tb5A3prTjswgc}sIBcOITIHqYyfGwWTW8NTXEG}rje77bHI{xK&X#>J2{ECQaXB3 zY(FYwigz6PS$rvc9G?qmk*v`6>^wj?W0B;L?B;x)PMk3&eZ-t3UhPodVeN>X)=x;P zxkJ_ZL~XV)Evng>V_URbk8M2ynE)R=4hZk66-5)wAk6kDstezWt z^O3XRU44$KsTAImd5Rp7Ck~JJPPR7@%9z%Yv>d?5V;wtSn(fGvZdV9h3mMpD8b5{) z0S!jBFG!BPaG8PI*ZrJrsVp9RByGU_^6EDD5q_AU4HT?`HmJJm$I;XA7kwfpJsPRS!Bzpsi@kLFMg9Nq=Aw9m&2^r5gaCe9N0wtpPdTC{-Jq(-+kk3|vDL zFccF~m`EhT?K%YW*QGh4Uz#gEWrwFpv7jy*C?zCpgI~)`izF$JmQ&(MDjYj}tB+`5 z*~lZq9TB1bi4xzL$P__3Itc;Wl=~vhlJLjV#qZVeedArGOOHI3a?o;)dtwgPVgggJ zwK{s@;ON28*gNwe>97NGLaY#hn$+5Mh$26NWQ+qZ+u`B2hEbYLz+oD`T}R^^<)leW z33s5BU>_jkXK8W@W3I@ zMc*TakS=+L&*)4|dqrBgxvR3&1XXrVFy+)g6ir;_><$*|CJ@k}k<*9H93SSQlKcdH zNMViGk25EGY&mh^6}3+x z4i5S`7L<_ORTYO6PULr{fX`fKi8_vN!*(R`oM#W7LnPg4bHYYN~EsBQkIDS z(ub6>{`_~kLVe;&rbmin$$r#Db@5zA$ipy_lQiMigjwT;mE#eGN4dJo80)CcTiMT4 zk|%tpt}kI@#`x(ELJ5uJWDd7(X!=v2e#EUE7FE*dR%lPBzdm8!YmLa?lg32qV#e$U zAywH0MSUr{5>uJ1?y2ss^6P$Fn@LJD=eFPG7lNUio=WRZwEnQg1e%ykBrUU^R6{3p z-UkOFyA5fAb({~^wbjB=Zha|`Bhg#{&??6VBfd4Wh9WyPlO#}&(h>+wYI9aU3e9bW zqvNaqE=L+YMP0>;G)IUEGETq!D$t4bD}3t6&s4EdsvlVkiTb7_G#E}Iu&2(irLmK4 zClC(ey1QEDF1aF2A0Ih*x+r`4F@&oqkVA8fL>#+Fl!_3GnQ9b!2R!u7PEY8Tt&>=r zkWQM7-)Z#oUXcff;;~8{FMfnA+5ko;A3X{Y7LbC^NMEP+QmT*|E=dXS0_$+C_43Nf zgmg;Drbi{e{vxBwKSH{CzN=QEz1MPaoAMwJ&^CI%v-z5_{W@5(<+SAs97wFc9v}n8E>*lAr!+mbXSPquRAiCIF#gua zH&LCRb;KuX-)BQs<8l5XBfx436xWf2z2qf24`)YZA@tkLDb`H92%s%JS7pZzaR&hm zLQU#eQPCeiSY?iv0;n?&vBSYbA8%4gli~z~{cvMWX-QVPj*LN?;yO^0jqwfbbOzOe6++CtX^t9>$Nv$x?()tQA_^F(c-I;plN&SyuSu1zd1 z)V`;2K5Ja6(~M%(x$`qrt>_c{J@C*(Hn!ASsLky=)R>*EO)Shb>Ma_s*P1gE*>LOR z;_R$CHr%{$bg@2>O(_U9kJb;@CTAw93%JQ_D8sEKQpYaMEKE#~H%?S%>M4A*ey}#x zXx5H5CZ0TvZ>`#@O?ru#a^&fW*~Qk(#jaVdl6b0Fo3A!&r)#aoVsoPAm4du7;4BzA z+Grk{uGTMvJOOmNc44Nq&|FHBM(P(EPljw^yocz#*B!d=FNbGZ^Nm(HtEZf5HYRGV z)>{^9iy`@N?WyF&3qC5k$@`qVjnrorW~#F@-xpHP%wK3$Cu^FH(-4mE7<$0`T2cWz z+k_m7SCP@l#)5k_Z9+w9UV3ciLcKa0db~KxNM^&EN;&-WVu*}4myXmSGzUA9d|LAs z19Fa4>yxv!W-C-&o+9QUpU>e5A!)sAhZ^;X#by(lP4kV_7Q8^{e0@?=>7X#FN1l!V z4P$&}cJ|2J{KAswdEkM3Y!6*HcTO*3vyDrZ_|7}e?SE)8yK0tu?+tkZX;{IB&YufV zXs?*Z0({%VLZex{p03R|nhWt=Y~w_=UcC@k)5v5tmoK6AlqxIrVyzw8s?AmBryH+S3aGzTlZv?vZ9=ah`%?4a_Y4JOxbBcF<8}wMsvxMomaGmC!SiIY1Sss&MZvN)Z3O=wpd6+X4tnm*cW%$;pE>K79DNXuVNH5#)C zxZtlg0m-Y-HwG)7rlQ7TYj)|N=ELYAvgGVUb?JP~;7P#=1QOjFttYUtg=(`M)~vM_ z=W3;FqxGakt*0o?#v9DZ{A_KZoL_w$X_cy&DZe(-UX0eqo7H*?hS(6DCc-64lNe(u z?X*)t=d@%8xI>$tSb@-5D`uS|(1cg(F4;&IS-Y2WxRxEfbmNFE5J$$D++`W45(#B#JQ+15#~f zN=gXveWUffQjGxFAv$g5KqtEV6=8-T$zLbJo*#T7?<;E;0+UEl^O|$ZBye>WiBY_& zZW<)tqIG6WGq9+PVvpTZd>uK0Mq0z?5t$SG1V_52QiX1HkF}m!50}q`$7ZtE<3RoN0I}Ymd^wD;n*p}K|_{SmT)i~x&C$zHBEQwztct&pa-9PLM|i?b@g zGHzTNnToI8r}#D%GL>->gpW<*32K=^kfckg#gvLF(4%OeJj%fPfolPdwBle2c<4}A z!?tRR#88o(|S(^`JY#rkk~kGbX5wKty}NP*C(p zowAFesA?Z+we&iXFdLihB<(bUpw={%yqSPCrd&@SU0jd?@>e5)P8%^yW@XG^Ni;5n zp38S+R^lNTXRXP^rK!X7^RqLx$*4oje4k-F=W%)7gN>)DFKDJ%Mw3~bRuoLLl_oQ) zK3$t=T&P>R#$1TM;i)MrtdfP$PoX~Vtb!S8s$F_yk*C8>Ra-JnyKu{6wb_{I>Zzd$ zO^>D}Dc1!QGUpSP~;T_-(?vf8B9<9VjFvyPO>t)FW+x|9l?zq6{5x@<@0qcbV4c^F{#3^vD|<S=t21BdOlQKW#sWCSFLkDlE;TVNJ1;6b z3tcLbUR9fPUq_eZU=Ve-6V_5^0>(EwF30l@H5Tg&o$0Xu+#*;nOYKq{0@leGdbdvM zN%Zf|_Jh#sOgMvAw>i56+9S!A#au^;>g=WJQtPe8gXb1o3m$V(>nKm^3d_eVtLYiI z_7fQ4hb)G9xL$UwbIUSeAyhVZq%I|#0FkVR1jn0k-emZhYvQ@~A}L}Kq`{<&>DmSS zHAG$4l9&hpv6c|6ws1-~JGW{R_HO0UcW5lK{tS+b1jy>Oh1LQlQniUD-e?$`#nhds zS!F?U6Go)Y<1Qef>GppaI5s;&QmfXysAulX4)u)G)d(+#Yo?Rt@6q~@O>@z5oUUE0 zHPJQVJA(7nOx=v$oJg~?wJO$BAld9v=`B_Ni#%YH<|l%oJ?YXdbIV1`w*)voQ^!&_ z-V@*yJdbw_zOEyz7&EA$rSx^+n&@_!YSYpIw47aJYtqL;0}j1f=$0RZX+TD^K3w`5 z3dnxVO_%~4&{6<$=fIJR&`c;S%4O11(0DW}v*Qiydq@OjNcv6=$FwwYn;GrRvwRjt znc(KkWKCX3xaRaBbOk3}Y#@8VlRZ&8%OYr8YTbK6$){267jRZhEZM7&B^AR^X%Upu zrHR>^#pQOih)-`|+XkUYd#VE3KItnpXSJ4w&$3m9OvY^?OV_pt`iPpJaKEp`Q@RW6 z%JYZ|#QG+dk}BGO)8Jx4wHk&;=Pf=bKwZK4vvNRV~^%6|MFyo6t zJ51RaZV?nKMFUky#SV}|vuw?UxLH1)k+r2vVmu-7u!sl|)*>m^7Q8)d4$y1>s$sR5 zfIxt4A3_EplQINNFoLGNVcb*lFG2Fz_#(~>wpiJ;IX}BJKC{4^*umJs60yf*L>Q~F zh{UQzrZnpo)9SQ{6|k6ufko6yd3W-c+#E0nY@sk?u$L!mErVN49#vHyL%hw2iNyYB zp5nW@mA+3TY3hS0f3~`0WtBI5pG?vs7A#|3E%|1MVpHmCu6@8><k zPuEuHbwFC}lEvXK5{8*CL^Oj1HqB6W0BJ|c7GViGR$C~&Kk(3<=gy%K6y+GNFJYrg zNX{9E&lT?5%-0U&mGR|>9)=0CsF6tqdBo{2V{e7TJX1iWy(g%(_kdc9kF+8~3ahax zu_Jff*=clRLr&B&&99`bYewqap1OEj`&=+uJtk$Nc;v`i=Ml-N=-*?gI#@8>t*iVt30=@ z=7|J5c}g29i+b`L=6{~3ws4LG^lOP}@R)%)EGWLUktsM*voQ}@GEvN`s~)hbHV+}& z*z0C>2ktuQEM7Sc@ffV1A*yW)-E$hJvz1oF3YO>zg$K%(p)1&)9bS2+{$!nV0g(b7 zezyP4HU5ki&c(Y zR&_pvanloyN)x)&Xg*maKz*z#)NW32<+*J?Unlnp5VZ<0G8H04iaYu`z@{3M>p(vc^WsY~fF zeo&q5$Th}^NY>ZVsakVx2BFxkdN6A0oz>CV`r%q@qB-N1PTsZBycK1F2gxy9fbsOm zKv-Bh&GCR%0XKu-NTF>fNk?a^7n0Xd@nI%(PJ5qYwQ6%>`c!pcI?3d#-i86ksy=P8 zBt7DjQ;L&|6AMK@V#1-u{1R^G=_HA-XpIp{*D4Aa6DeLrAI>98G!_YwJc1QaB%twB z=Z2fj>QVt4X-Q^{)@Kt~(X+YvYCTB^hM)SzFwf7-GRbLGY?uz$Cxf9WX&j>mm*Azv zMxgD#237jR%%r~tAB4XkGh|1G6rBt@%YyXR1=AdLOv~RnP{0iNu79Bd;C7PnBDo!s zyfaXv7n4S74xhT6SacwL4tv7Zecuz##?96+LG3YV${wq^M*?o|?{wUD?fmULr*AzL z6i zi#iNz6-%)~hYiYqe3^)m@g_;<(bS*hpvFv-lYZJ2w~}lrYGWJEZa7Y?t@0LLJn`XS zJ2;8buUQN)8Y6`~#d@IgdNQXn#IGF1Uhx9?F@I>`#&i3hm8vaWG zM)I?}S@avn4Qg4io@J6_Wm9x+eu+nJH{h*@L)b{4kuAVT1nlK z${17I+=_wos~iqmmpICt>buB7pBbs2vJorGI^}_ba;pL%F&`3 zgpz#e+RK?bYrx#=Zo}Ib551qfMLv1t^eBo@D~orv19?f&Gk- z<)H;`TuvJxW*NFHa2PtGHc*tQHQcNnT+$&}PqNj@CW!1R>Vu1#9eHTF#+$KNkG7ti zDX|pQ^-mf(6x zu6d+6#T4v)gyH43S}5-+)|#Ka%S$qk_1xf-ZB(2l&-0A5jMwDv^s4|sjwaUfRB8-v zt>C3%v%=+8o`nMe@GEBBJ0o03uz5LDt*gh zQm8BfMY_xzttax=lEN^cAbXubgGD-4XF~I1o>~NIiz_%bk5|vvX2tQNSJMF)b%1@5WL>@* z96kR8$E3CCO+VsCh1jQc6gP*)X-5>nhRDWdgEM(&H4&^+#CaYY`tjODvTJVuMa92S z%gkdiJFDGhKJ_AUDLnbLwBb`DciypY65yMUoaWp8@bYp>u$2%hWW$EVWzpcI2!8m( z7v?~OA#uFM_Yfe{K$C*2ctSA6*Ei0xWgcdd!g5Vs{Xh_sJ+~-rW8KOcztVAdam*%_ zRp-2?e8p)R8eXTl%=gjFc9cs_MykO@J{G|Ooy$h&<)E?^qK`m1_!B-LI(7Y_^zEp8pGZ~|Feg1Zf9IXwVWle&nAuC>3pbwDKqq(PlT;}tty9rP(B027ox3G z2TkQMHQ}_M9I5f0sYEl26|HjwN2hwaAI{N7C*|Whj-hIPg3;Q-+-8w@E7;n3+_$hW zqdjTChOIGYGZT$Eg47PE+!yR3t9o=SeT(tvVoAJgxv#mKb1hGd6-09vtv||Ov-HC^ zI@!8k?_}{nCIn~7B2vnVJlnxkE(RjcLUSuHx$MmmlD`->^N7N;Z*z64m%_Yv_ECMUAg zRxah8NT?+qdq}1y8$+)S!Z{JhxfT%CJwp^rE#4Z=4}go@U95>g0FbmQ0lF@TQVtbK zdu_B?%8?GEGZn16mnhKAxX%9$4hLh7#b5Y+ZTQl57V+zA^l=y% z&stS!5+b%8#468AsykA0i}Q)%+i`bRuBqZBNXFxBgRYPPNV7=i3cY-QjneUuH(d&7IIB8YKui>xq1?8rXnS35+EV} z9;`?mVPY?^WgN8|+h{D3@vd>Ch|`{n3!_tZ(y&O2Y@udEf==Ig;w_8ir70FAr2!Rh zzJsSj04}47lwc$0=qOU)EMur%IW8xvi|ob}@ACU#Ru_Qs@-UZRk(hs8YTq*#aIr=| zp0BC4?PZaG8lUh_SOt#^D|oEP;I32ACTDM2D&f8%i6hicI~R~&2BPy>$+w2mx!_QU z%JGILQ|a01BU`4~k>a)lbS#6S(=8*~vEx8yd+?(6PTbY{C|Z}##=%9-3P-T!vkN%)E|k-pa$*G!JhX7` z-1$&j3u#8Bsl0JXCaC6~H&YJ%{tAcj*@BLnaAM!jon(y#j=^DEY6~ZyZbbKpuGQfL z1Br-zK2*m!4Tmj(LGQsThrY?f>|$ESxA7B=`plDno3RVw-JGQ|ut<|bNX8$FO1Gbs z1`=Urz?nf6A&q)@!1SpV4xBc#=}=W}Qcu9fbg3aXgyO>5R;eDc7%CdWQT(kI*=(Lv71;`Ri; zK;&hmA}(dLQ1^JW!i$z=h-!I+=(Oi_$6GT)hY#P^I8&mMCu=4uF_fAavJ|Cip#Vrr zvy}W8qAcZbX+rc&g&EWrOzx_pnF)zR|Eej#B30&@gbf#>AxAS7R|+n+V33VAkINI2 zEi{*gFMv)H#D>eDlo*?d@o9v2j29b75yISrv*jX#;_y1eL%q?_(&n8Gslk2|(MI_d z3)r#PSc@GCtcF69mt2#=0#*yiLF5gQ;npeCOvT*XAfiv;{6+xGcQ;n?Xw}%X2<%ed zz!zJ=&{lJ%(agUc;ABwb$Az|;-@dgk`NZIXeDOyWwa6Ct&QDcmnh%Wg_69!{@X$lL zKrHh3SKie4H(4%pG5QR@wOU+6e3NyoWB$7{4aT?6IB>i0-503gn`~5=e+5O8No|`R z$|sXm3&%H@w|%;cfzTdf^naGGE$nVLWV1{UQd`}@5?M-y5bThIj5UeG*{RXyF#e{N z5=Rh2?HVB9iNwW_8rY{6C{kb0qgk6W-#KPRjgMx|x8$!^?I;vFC?#QzT5T6&gba~N ziX#ig?ZWBok%oa5>Am>eds{n?fnRbb9KW@d{vq@b{4q_+^hc8`%|jrg&z zNLyO9=+Tq%@sd&B_oR|P3Z_=Bz$czjT2h((@S9VcsW;YAh+UM!#?$ObW){yn`kT0) zD)KjtC1pVlorM{BEVb5Sd4100@hKho3`TY<8#j9aM?)*CD#-VO&#M-09-C=#nde>S z&gqNL$RQFQiMha;Y-V<;MS4NOCGdH>pVQ2OpvdNDURqhrL=I~=o)&3w*^4fsksK9= zjqk}Rha!o^$&R$&1>l)EBWxE`#$x&IeXGMOs9A)s(6-b;V>@;tARlNU*_DABjvLd=yjAw8WCJ1TR4 z^H5`p*x7-fd6Mc2V+9v*e@>ZRRj49uv30>vsG8jj99iD6G6p;Ygt>m=f?+TnOk@hJ z%(jZ-{HX7?G2G%jqFs{3Rzi#8f6Nund``yM%4=aYn1#BF5Uy3tVb66@m*BW*1i79?^`L856cnT5=<_L6Gy@ z$0c7gM3QpK9D#{d;#yk15Yv=0DW{Z^=93(|8S%yfJ%dgpK(}%;>V=J37mKV-m+lrRDvgqtEL^XLdopQC1f;3cK z^(MHltQ}4fG27xLo`xMOu~kPS4TrD2CA^|e3AU*nqLE((l5y)cq)mrs!_F1qRum7_ z(J}f*#6FI|vf;c2=FCJqyCFg}Vl-3NWCH+on!}sKIH4Ner5V_y=oU>*jVz!Tre=@U zxxPOsrI^S`Q@k6YN~dh>6)qyt;e_yxUQe&W%K{1<*;ycZbaCuN7Xh~UKAd%AnypPO z6iQoWALWFjUQn@cCxjH-nAU+7Br1!IhQh~omF80Vze=`Ogp&)b z`){s}h?j4ohHn)&FVkd-pEN6+A|LAm58ZL@+=OpBb|VOAIi^l&(=bT<1Z*|CICEEA zh);y)E4%d8BpbV8C@dbG_Q#wZE%dliiun<_M5*pDnLU1Ic$hsGrrPiH3}Sk&h!xaT zq;~9~7KKXoU{ONDH4!ckP0($;km&{;(Dt_NoW9w?HjKlCjcS}{ zMp#7U*#YrD632yvADd8T01imlL#V<13^xA`naE2@U|JO-9eZ&z%KQ;s7be{?#lI_w z+JR@^w7>u}s!kFkUG#zK4$k1*CUSx?86@aX z<4RSh0)-@>db3@X7yy<@XO!@l*cs1K;zE85zpd05?wjC1?5OOL7%!ha&EiD0tB2AY zCmUhupW>`gnt+_sCFvZyjMtjGIG&Tntb}-7bur zbg9@?dR(|2E1X~j>1%6IpmnxL@%NY!wWwB|Gwx|?&VL4hewd}@eNIySJL|A868Oui zNZk#9eP!P4J@{tp5?yqwPwOon*Nnrq<7*ls2Q~4{M6eqgK11u>Ud~3UV^mWi7FRy2 zV3fyqip7MllaEDzWNJ$8LUwT1uj=JKDzU}#vYEt4Uj74>(g(#?=~D-_cR|A#A8vFX z)sZT<=GrGg-O~d@TBo$_3b`CyCr8I3>e9Pb_ok=tdgNj)62*i|qikXU<}=@{U1S#r z>4?;a>uSfH{h`LC;$8r~w0{hsU!xLbNMejP+`Z!7miQ7*$Ho&!;ebsRe$NPfzV@_v zO6*h6QGH27jcnG&&&te#rbBi<$qs3`UU~?pG&h!+Q_sP3y5+(XlMOpsn3{Q7qKMJu zx8oI8Oz^?{BA4wyowfXd%&bjveZM>vc7$y5;1aR~cCOEaWP{sEFsFlWNG_euZ&KA| zbuhfqDeIlDx47{#u~d8|sL$DhXiJj6Sq32;LsD{5H1tu2!94LR1hs%x(FB*4KS>5py2=;7d z_#rlq!*L;HII%1FT$4|o3v(y|@AEQT2N+DW$+1QI1vh;v6-qh57Yxx3TSe6oDG(Q; z!#gY#|FW-6kD*S!DCDY_d{1y5^vu|n3BoN_$!%*V@f>kgEHGPaLBDp}Fsdq2CAe*^ z$QriODdV3j`c{kKB#@xKSBTMiBmX8hf^6d=exaU!b(zwzpYf0R(fK%1n_NZ_6M`29 z+@umIrlt}p!WQ5RF>WU?6?526A-@>GdRISge4 zRp+^3WMN5S%_H(JhO?FCcdWC!VJ9tJXV+v0)+mx;Gso}eF*GNMw$C3gt>BI_|D}$6 zZsK;A6*EiSJgj>3TasDKypW z>Fl`% z|CejKdYNoHzcWfNW*AK!q+O&>vkaN5Rf#F3LEk}i-#fDX*}JlAut3>ya(tiCb{C}% zF+T381~1w039D06pgQ)^OLm`g{0VQbCoSS*EKI~{ayNkAnq|vBqye60a6Z5{GPEfg zouP{=E_5~s)zPQu^o*f-FR(>odS0Trz4=t_C5PUpNa2V)x%lvwIt0A{Ja%TU)iZCo z7U+2PnkrK}Pi|3}mk_#cXPW1LX504Bn+qPl@u-y({TvQG5*pRt?7D-bE%1MXyyJxW zo6oYHXKhrmC)x6gB4lCljWlvQ@ovq(5&F>ow?m}rm=kb=;i=P)0%OabvV6%6WRVVN zmiGk$=QbWXB@*|!-v26|i~ zb(a5y_;aKSRR@R(&73YLbssr}>}TlEf_Z#{B}6X(d^#rF8=OeSs%@^*PVeHghJ&MYR*F` z+=6WJ&ax_hkiY%>pADX+oOnyEqm4tfaDR5E{bf6=(4ts|ayBV9N}G}2wOC(!fyG{G zo%p)Tmj6-Y2Ky*nkZNbMV&;W(i7fa46~B}J_hvU!X=HMb(1`_B{Suv!Sh$t4M~ruA znYN4}dYYE;>p@eLPZ22^MA3(4KKNV3FgHm~Wqq@b@;y;RsdrkIV$5;q*^zIIJ;#2G zGD%N_nrLyUj9zir7Gtg(Z=LOm11Ol4-qm&pdw3%LQ7; zLCTWJ7w0Ik`q#G=Q$_RStz{Q!Mq+}qj+A_h@ge6$q6l$5y(xbS?k2_J6z}So3yWe3 zVq1meOKYH`?<)E!y+D)TD#a+R9HWP-Rg-hb;u0L1tU}Cm8-=t7iNRS$T~GS2wk0A( zOf{3CpB%Al+AWifI&exUAI>U0UN34DBeF7-Q_2*LFav$2Ul^QK4v~*bBvU_-Y(xq(Y`f z87Fg$_ySZ}rn-G-olc!vw_1^N;7jG&b29C3S+8v55V5UT=f3Rf>@a(C(esz*NH5d7 zN5p>$a#n6?kJj&L%%8Q&^;~@f;$5$#_N&*Djg;Fgmf|a`y~v;KOhp4W!}3aj z;%|1X#$^&!It|+S$oeZb@*BuzqMdBk;|fw8Wqs5^saWcI`7~8hj*DfO4RWx}^z=#K z;ylR3+aiOX=1mM@2Hn2kK@uTi6k-euXm8V`MZT3?*93ln5?biu#KAb*?Z%imo|eC} zn(R8sSaH=h3uC)fV_6S;36o`Kr>IXc>9RhygQTUSbe8fR*>}J)#JrrbxizMiyXAMY zP+DxWz5N^8)%8Lj&c>$c2adp?k4OB?*+}-m20Ha`^=1y;_#%C~9koze%l*W1Lt(q@ zrzLVp8f1Hl*3y0iyKLJ@@(F`rX4`REtAjt{l{hcbaHNZ86@Kvp%t|tT}*N)+opc0kC-VK&fbe`J0~ZB@qrP!vhA8t*Y8CeW2Ln5 zG;NF6y!xJPno&#iKkbEV$%86_i5El(eEt#0{V^q#F z3L02KjJ+=F+4MT}hMw!nBRWZbbD3<3l$dRabf_6$fRcp)(P#0N?Tq*ec)20I3!}14 z^L}n~9_8~^_!GqCgv%&svpp(#5vX|IVgA&rR2z*W+q9Q4WE${VxCsP$daq_*tE1@sVUJ-fXgS8`(A z*`7J9qIJh-sp4kd(-SDT|lEW~5!@8wdg^N&`%Aoddb9aZ) z>7{Q>x&I#Ush&g&Of)AB?erwfitF#gj}V<@sWga+3^>|W%$%saP~&o{x$Y8pc7KLe zS!^l0(%(&EY^c<-#@tUqRE{MuBr%-5R!d5F8E08(DQi(51cUB?aExWQwnO$>X{EYN5=&;mVR00p?T!l^ z7B_0FTq$ORD3(_kj@fHG?KWE0JSlZ=P`t#{dh+_*fniRJTg#ekBx1QqQ*k1u8p)Hm z388j-9{3HyRy%xe_U)ADmI53lptD4FbJ5l?qn+&RP2~hwF2+txm2nnB34%iDIM+xd zgbKsgJ?x^A=wQxviz$~Gs@O@y2rX=naT^gr-j{2(K|*e#+c>twab))vjAA{E?}On; z2)JkvBcOfGPesp-#^PdC#|w8o6`Wd2|2^9iORF(1d7YwV zmt*L4Maxo}Mj36l{%51#m|%(65uFw0Ln1J4^f@oYvjpw|9E8~WeICmmDf%WgUn*>z zgH(hFr>Uw?%%qeqW^<<$JB?V56V^*5j()^A)?AkTz$+V_Q(i2!FMFlj>t(U=3dMGN z`(;DQy^#gBUxC=ZE>-6X8qM}deRVN7NlYs?Nv*Wtaq=WZSa!4M**U0`o2X7iOo8(~ zS52MhwvN~HDR#@-KK4lGiE32Qn8YQ|^EB6VrCly%*9pTuHVJjnpA4VusWXgE%8j7MLwojoaL*!pouGp9DS86cfTwTR1#l2cQ*h3O{RlZGnF zmeVEl;DD!;DONm1xZo-xFreILiy3-dq>+@$)Gj|LlB}(4ccFU~+G%#{81Td~qOwa)<8M>aXX{iW1 zG}=>3QPfg$$@K}RaNZkY31LpWO7kH;n%z0Uv#3MuMj5}Zf!$^m#{8MdTi@!|Y%a8uutygnjrc<0%lv4{OYP;D^wdl)7J9Itnp>| zq%->Us`)E4NN-EgJkCHRVAg9l8;pjO_>QBzfJH@{#bf)0QcEPC{pzd8e*+{*>(&63-)#eT6kBfy~4` z9@%iW^lqFnTmFSqJ(5YP!;)o_QwKXlymR1IM=_!sRBvb4t%`=MyHj=aW0*gw2i;WP zy(kZ2pIU4>1f+8|Vn1#oi(&i87Yy5-Q{@5n`LMG4i-Afpl9ZLx!IdO;E<2-bmnhkH z#nDPzQ2#|;o#WMhLiQS|Ogf0=6y2c!P53Aa7B8kPTzGzsQ!$NEs(w5$DnTG7ue`3j zP7|wIKJ6D2HPDCMGKmW&s=X2>`ervRr5wAu6vyd%DPsP@z8F;w!F|(hUnUz=A3Y^% zIoa}u#-OBhl6(Ns&(KZ;qT8|sA-;WyI>c`k6RK6CPr9a0kl1i4IYd5^=bBUzQ5AB~ z^y*FPQPMyfs1z31!Sa8U(AApPNDC%AX7eCHv(G4FDR;m{T#3qx{I9nLN9e9F>dwPB z^AbmLN61C5feA61&zSxu;-aI@lFA+Fp;LoV>dT9G35C-A>={_OqDV~< zHN0mB*_S`k(+gDXuc~444Q4U_Q!)Qj*7WKK8Q$JAu=?%*Uw%dg+9IjVD$$9 zsDZ(ZHyX&FJv%J>?#jxSdk3>YdtL0wUw2tQc30NkzCo#jy#Q7}M|uwE19w|1t1oTs z+tk}zxuvqda+ey~)yv?o7ml}X>FeED*?(kLWq;r9%JPr&RQC7p&0e$m=erC+{Tuth z^QNq~_xkHM^z~e?*EbL`xbVIFi(u!J@bXJNLz=0f>o>s%mOotS+Za=O2bMoXrv8la zeu$*a8QFIAl8<-Q@sTiRy(HRHEdM1q*qHV73|-r|iK2N;mF4G{UWNcVcJ^%~sW(sC zwAH$jZRqLUv12>nf7}!6zR@~UysJksP2E`i5rr%7+P!y^r!bfy4Py1fKsPbymB(yY zFZS*40ev@RG$t6-vizYr++m6aZAW4fQItx)mfTj0TpLKkXidUIdzz{+HQU$#LdSTD5uQRdLb`4LgXCKXdF zLv&hg_U^DAy|jhN8(4XYe|le;?cdeYdsB8(wqxs7@U!w-^%`sup~ruznScn#^&FtK zB4LmwKS9Hll>>cy=@{s_X0MmA7ieG{aPQ`!O}hsk>lxY%fX9x|id8Obf(7=5`+RO!W%F3@v|H8LeaR3eUlUv7G%(&hjTJE4ONu z8$Jz9w{D^1m6fNdKsohPMKAVl?$_WP0v#Jk3~dJs*1}D+EUvIJLIJ~}_txGw^=%mH z?d?;@wC(Bx)z0yHhgdv6ys?kxKmjF>!Ta~JD4+}RySG!VRnu=c_(kiU*0JWUckAZY ztel`9A7KK+qi-XX_G;qDWU#>ugcdJi*%XF1&|#J)tb=9ilVm8fPBQn!5FMX%ovI4x zP1*Lny_(s#0H+ok=N|FKjBxX=o@~!eP8gPhQP4A?O8Ga_PhP*XZ%bt*gW{hZSgG=l zRAb;g-wOFJ$LGNEdst09L;bsY#RrEpca~urkxx?o3YlNM%eqtRxru>O&rK2&pVac{ z>E9aiY^Ag%4ra0FvLuJn6@e#veU=HpYu2mOG88pmsTgKrvufQ~+?DHD!Jb#$3BAgb zm$v}a0G4-bwm$6GuoVesz#Sk2pdLwItFf=uylC$Y-P+K|dw2J39$1-!om5tSxUzDY zdJ(9IZIC;+gC)Gf80v=r>=;t^kK<5Oph zBcFi;23FoS)Vr;36OB6l1_)WG{Bw%p|`12Nj-f(vXaiO{f`!>hEEI-q4%{&vQ_)2f20NQ&dP%{zl z`tmdI7HGe+@`C|mjxL`%N0+n~q04euA9}Xz-AMM|9ir<(1FO6jUJMSmtJ&W(9cG)Y zmuZXBnn$+6T|)X6s{FX6?u4&YR^FYbNOKwN2`u7^8wPuZdWW_dkNvdeSIH2gIR?=<6fSEJ2n?!IjS{x1~#fG6eozvzH+~M+T_}q)TyG z`D|bSk_|(~dS6tnhIlK#yRzCNh$^%s*EW?uZ^Oy=1w$;k4Y6JdZcbS+Syaf>SOahosP~jW9pGJS-QajV@Ht@`1#5z?r20 zfDW_;$p0qEvDJQ_K4jzVR`Fh|aj&#P^vi5u?aX!)`=1mEP*oWE>MdH}%O7^i^CU)& z=9)nttGh++L)Ql#EWElJ_DKe{1IDxZTK=&(23BwJGD@cE0ls=*bG8AMbH`39_@q{} z5=pscYw{vhWnlGgQefErq(3q$)H}u^QbIATEWaD*hRqNtv}BYjnh?cG4!_9L(Dah& zL@yzU`}#J*$AZ{~eTay}_>m+~6_mXC;0`*q39IUQ!^BhKtg8qVxqt?E2pvQT9kd#kIvo)jOBVuA+%4cujagmu7_h}WNviw<+vl+WXaoTOKbfWZ+mvH@tlvicjebA{*gdU|`$ zhxQWCZv>F#wwXR`h+!tc)-#pW$z3Q7AYk=y7|fMi)GuEN>&PP->6L-Le(M@Ye!D85 zoHA(&ufXU$E}fZa8P||499TBFyE<)<>2EV6Pz;8&{EYExue_KLRb;8c9~@%&nR`rE zl^UQGZVONCo6`ECSo+t>Nv6^+zX$fo67`(hM8B&~1<6W$?Oh%Zc~oSOnppWob-;G9 z`b&U)GM-F6Rq5VaL-ock@;*hnqP+3GJUB5#A72jj!}Z9! zYY;aOC0=PCo*h`$xQagLO?_Y;FF&h@div}h4axfG>89CHa`{>DKc@+mcqXXmHdS5) zinCUb)ukmwB$OWMld)W$onoBH&>U-_Gmtv}Y?||kS}oNRM&RBeMzH$sU2ZCT%`A@G z>JYJ9BfWUeM!G`^{stJ|jy)T0?UNvl#6hw;{|wB^doQN2!Ta8#Tb(yyO+UEfwhTS)MCD<%rF_8|nrGZ}h)S-T4? zfL~=CG-jrh7vEw0GzZ7mP-}WaZl3;0SDQ;FSlutv`3Xu1}cJntoob ztj;t1(BJ39&$P%%c|I6&FCz3vmZg@Li@f0Zo8$T;d-qxxTz~%n9v~k;7~a))t{jx+}`5v^|-pQ@|=3hLuwJD-_^IdzaR1% zSY33*8^6hFRo2|bry{9{k&k???6+l<`@w4dLxBpdskIcW8(vvJFGKhK7c=niy6xc3ZDNeSP#3 z=gS8EY?9V)?%#sqNjLc00xtXU$zT!SOBq4ZYgXzG5>l zuv&Ub**Cu@p)q?;mX+vbZ-mT1J+3Z5n|h=LXz9tRXOeu^0vea2J*x%!vC#9#**i3G4*iXQ?d1nh#|3m_DBO|X|N(>96X zP(c36XN|^I-bH-X_9nElKD0%-EGAXoJnJ{~^^=>PIh=YaU^?Wh_ipOl#XEn`?i!Nl zv68z;-;SEBj+ylQ&~<(Ed-YlRNKR6rT2jr;W>9k)YFL&1Jq*E&L(0CEm7t}JFF904 z3UAi)KFGOG>*{>+C?9g418B}bPXKMm2QJz5@ z-hh>#e}?{#i<<>+wsBf`Q)TtD*1NAGHU?JTPrnUjdl0Md$2T;v`h^q@MAWeQ*&?S{ z5X%pDEB|^olhTj9rw1!%qiBf#<(JTS z6?fjGm|M+XbZRqqVvM6G4MIVKJ+BgrUHvNP=CRv3$W7Uh<5T=ds8;eW);+z~ZqmT& zSFm4|@Mp>(lEs6exd4D)cJGG5twD!-(CVMlURSIi#|EOsXPY=HFs9Hl)fy2D6?VHp z$XM9!#?96;>zt?!?3myuRY9DP9!=e za@E*?1)c>!l?WNmubCM0nE=3mF&?t^dSvI?UNYQ-i{iNuhXf5aV8f48WvrU5xwOm{ z(9Mvk8HB9urylFWet?70wbQ&zhPF;rwW@kftz1tDLvm&H$APl<2{SrE3a^aV^lBv- zW{w+{jyq;fk**r-$+(Y`%P}N~(aYLlV(qhLKv>Gk&Fb-8l0#Ub9u z5H;po0QkaDeOk#YKWPqu)m!0RFW{-9kH!{X@MTx5w?G%Ww2afKRkaVqb{?Re0qaP* zDQivtrY0$43~Lsnnd@zN3-fH@+FruitZ(ZEcbmYy10>%qN)21Sva`fmLa9L&Z%c>0 zthqB3qNBT^rR{XAs0NKWuM&PhOI~BIZR_-WPjGA|xuDF?mpf8Uq^Y9HB&rcSRW9gO z_@Fe0FSkSTk%Qij0)W~}>_l-G zco@gw=PS#fgHT|ZL~O|}e}3!!UZj;&Z0!*#&&p#sfZ+51eH-DhTzjS%t~^fhpd_w5 z{_TCp@5Ail#zdam)nnV-1x{v`1Joa3+em^OAXuNK%>X6Ibob>8`gb~eQ~ z^c30I7OFE2fkykTg{sDhS&OW(ftA}(`@J^@*anVKp7$$TW#w)jm6c%_S7qhFf#six z82WND$^-aRLRR+fyo|9ot3(i0Mu$8iM@3%$)1(O5D-Sw<9M<0XFrG|8aw%C`te+QT z`SSrH-n6nT9wg^qW#ygh!Jy>~tbCxdcA0<33)B2=t*pG)(DhCkw<|wuxO(Rfbb}

+!qgQ$$%} zLS^C%;pQHg)EFbR%HQ+?z0{lp0{wM!mHsXeL)LHH-nWxN42!O@15;V~TxI1mRQOt{ zbVWrr)y%W%v7FCK?^*dggyIAEj7hQ2sTo!Ad~EM|D9h|-@mR4Wxd&db%nw>-Na%UZ z?YpI|f5KL_c7tey%wZqNG$@Ztid|9GPvu$Ze4bS`y=Mo;v6hZ@8^E(o2SDRAC--`Y)R89mH@2*bzo*3Lw46sN9P|mI1 zdEVW9eM7z4PZWn(5pL9dEkeC)+p9hf!Zb+oC6a|j4EryL{#yqw1?#^TKj<2 zR8*;!);?&!%F561ucLO-|9(CSFV6l;kIbf(ci}jN^xvhicqKMK&n2LjbfM^jK)A~g z7DK60S8FdkH>uhUL&Ok@3oPR47(V$6=2Za zmgS@D;!^p?90AK8maDoQwh`BG?_eOsG&6@xK zN)^?zU;ey>pA*l9D|4Jpj2I3FlQOn&D+JCyr<~4$Es~f(2u2lJ`;-e= znld*0DL<@)2Y>k`lLts&S>iA3=Is|9JxP){PAM-fAw>EI8KWw`9~Dos68ruI>K|C$ zV!dCz8Qb3m_>v0zrC69{bMe_PE!zsS--|n((l7D8one33;7Yw)CnxN@nk@D&s~yYW zHF0E86_~zmk;>{`L*H}X*0*ioX}bL)y}8BrSBXFsFiO*(bxuu4v;MwTg>+(4E8Nb* z$^H7iYx}nL_74rQ{f2t+gYM@b@cn@Im_Ybje`V@PmTd$927M>bd{)`D7MIdyT z3z1%(CCVkAm4DbmHr#AOXZ787B<8sxPHE7QO+DL?{6oEXP_-$+D{{C{>w>ge9ly2@ z$LsR5mbbFHv9hXTB}!F%T0(sFnB=^Cd?oL#x*PX!=%qR4IT>W6FaOIkclT{)zshVS z;gLPGU6s{$;`^K=_x(`SA5p`ip8Oj?FO*ODaYo~b8dgoIidZ&OQ)*KsXcq%(U)ZZY zJ(D+W>MdSbO|tf2=!`Ke>kRDNHf*l+6AQ_E%)h1$1(gZOd1~tK_3Z?!d4-`}(I(v5 z7x+ilRQ(mr#M&2LWnen=l-C&&Ip&}-fCKzZ6vI*bs=m#J3tb1gAvz_VvZu*1jOmdV5WHr-WICQ(0ZM z@Uqy!k}GH|#v$gw6givMBtZ;Fm`9yoe(vVJEzr%oi2?p_M^-2dD}kYz-xkju1+@{o zdKmZX5ZPJEA|%_2)sAI|NFLmP+qPd?j(8&NCE7XFq7AK1Mh$uO1FXw^Jmvhy$?$JT>b)maF?rfCVvyJ5dSFv=7FUF z|A&jkZ5=PHa{@_bz20Axm6xRisH{FC=Ns;Aw|Bm3jJ&d@rx>}pGu__tBzMh<_x}c2 zv|i;*`l_?{uNznYx>a>KII>pX2e+}Ky2MOcSc-VC0ho)`Ps9_i?$@#QEEi(Yw%V3B z=ME`d-lYaE@A3w&rD8gASx?pSDKDp2SpuTA-ilYiewe*;63Obh#p=1m>v?^sM^DxB zdtQ%T%|ntDMkiH&fW(^avzqSnn&i|_kMvYcpZ1#c>aH{^XQ~k54bQ0#X5xsnL%yqD zky(bH%N>rY(bHu3NzTcWD>vm%V>c>AcF05eIsPMP`Xeg*brNjq6uG@`3q)?knI_aU zsKK9ihi94Y={*3KK1%~A9ev40}rd+ z+fa#ugr|8Ocbj)Ob!ZCR;25Wv(LPQssrsg6tnArkBI|3ipxkAr4-=BtAn4q0howER zx=D5Ir>^VsqR~%Ay|Tbw6{=_htK41I;{iN&>bX2>gV`-|L8W~ zWgiZ89Oj9+(=T0O;8;E(aGK2=F9sMV<2ZcJa=9xt&8f*aMLo9lB3bpqrp+n}H<8yB zCp`oL!-?G0G9wOhii#wbSE@}a`5$Csm1tu;c4wRew<$B%<{%BLD~}P)o6?J$f$mAf z6<9%Zk*#nQVjY-)#l*UZ*A(B}hnvyhrM$_DPIj9?+N(uxW-!M#q%+03dof9R#TH%! z<>si|#K{@97MT1Z6V^l0A6x{ST#~80Hfgjb+a)+BWlTgcv=u#}y|(y2M{n3@Q5oE; zD77oIDA(wT@p!<0F^7iCrs1h>50hT65Y&7wlTHhXKRunX)Jixx)6z?w^ z*D?Fa_%ShCM?9HCR!w3@3FFIO6C<`yS)8Yn(N`dmxX6fNvuW~HZ;@|fz!df8%yT1^ z{W(58>SwaU$sL&`{IkO@YhU@czO6K23Pfe~GD{atu(I;i%F0)AEND2FwK!KVGaN}Y zAS+)LWaX;?V#ykBK);KBjRFLpp$*O=-wwVOwbNN2wLST zj=pDo>?@x|j2qhh$#-#jN3i+xZarmt-WSx?Q}Wr#n_oIpNvpZXTDQOulV z$P1iWO6TeFu5>ak?+TM~d6!Sdr~dm)#|8ULw9W1bV!00E+v)QYC*S=oY3+XuhR{W*tR`B(x@+_%Gkm zAI>ZfP4x|`PY9rNXy0P5%1c7M)0%j_VQ1j7kYXRL7B+%Z7w=(tUR0z!FM^cjMF1`S z!a{h=rsOf7lE+C_<9gbZ+(pEvM4+=aC7+Jvzr}Go@psI|eWlsBFHXXJRm1(K1MZog zZ?XCAXqTD_E4pk02hWbFGM<&EjAubgcoyImB<{f4e}=QuQ^}YhV6+iaEPN9$mCFxn zoQR(g`CN#=*)KnQPv3Ut%($bLd|P#2VIVRKc*xk`A%g-cijvEOPZV1If~e$ljTc~^ zy#gPAS7q5=rvY5<@6w_huesO>V>lMaU=elw*aLk#=(_RFu3fi^Li?dVJlY2!hMNyS zFQu*ua62d(xQr&%ft+-q77C70)#b|NQ?bhyQI}60X5)-5Yu$D4a>CTa6|ataak9MY zdMR~XfbX=f?_a0u(0OOCAB(-Vh}R+mU~?}4@2AIx4`dtpAejIAUigc%AOE$_ zef96{yZkFVf9)@~fB8#)`NUU#;)nk0hKsXn$KUr;H~qu!{^Otj+-LsiH$VULzkko* z&Asp0)_ma4mw)yLKK|mRT|e>LeV0aW{n8yfe(Fy)edT}u(#;?HrT_G$uT4IF{F)&?%4Zl)*!=AtRg9jJh*0}A9U;F;Q{ttG3{O2D0j-ekNI8?iS@7%|J`mPh- z`};q=L-!yQcVxZ#06*fiFT0Pw16;$d@IZDq|L@Pfvz+u@-040^V$HJX3aI<|(^asi zvxmRc+bVYzZSAMd{n@E*jon9+caeA(S3Vrz;)y%?+s_>?_W)79@8JLYNV^AUjno?O zd+o-H{lb0E>auQwzQgKJO#k0Si5S-pN2vbvf7RtbDiNV+`MXKGo0io6o&0&8w2lai zPxa>j_Zd|wcQ1Xti*^lDgN#y zJWrlGiQU8hf~#K>l+gco&}xkwcL3GpY5M6d-2-wze|PgY!T$$%3L?1j-2>!KD=8e@ zPwm3?y_PmXd-v0ZaHf$=QT{IK)kNM)xZnEab0LU+kZj6o(dbmG=1Be0eI)y-L)X@5 z#+0t!P5>2_GstjQF_j4`uG)sh-_Os_5-5YEu0Ntk3(23zNdho&0|n{|md0Pr>&3 z6ir!ELYl}{S$yiN*~T7N#zygtjWCRCW4{9ab}7gK|4hL@SMa=ok1F^V3jU>n-&F9g z6#Q!iA6M{O3VvI`zftfB1)o&#Zx#HGg5Oo}KP&iO6#Slo7Zm)yf=?^>0|oz1!DkhG zPQf24_#*|MSMa|n`1cCFpx{LX|3SeQ75pCx{#e166nt61pD6fK1z%P0|0(!y3O4i* zY*nyL!JvX`73@~f!C?hQ6+EKgn1T@n-=pBo3XUr{q2Q!~ zQ3adXSuPJz3!P^x4bp_`Xyj?+6!FdG}3MLiQ z6ig|&pkP|TjDjZ=JgHz-!JLA+f`)>51y3nxDrhNKP_U@rqJm2bo>s7=;QJK3L%};0 zyi39NEBFBg%L-N$tSVSja9P0*D)<`;en`O&EBFxwKdRuz6ueu(k1P0_3VuStdldYn zf}c|G(+Yk@!OtrAIR$@9!Fv_FPr=VC_yq-56ue)--&XK<6nsFzFDm%E3jUsg4=VU2 z1^<(RUsmw<6?{m+uPFFc1u!3Jx@DCI`tKc~W|4_j{Qt;~v{;`68qTrt@_zeXg zQSi?c{Bs4*EBL5_f1%)CD)^X!-&F9g6#Q!iA6M{O3VvI`zftfB1)o&#Zx#HGf=?;< z0|oz1!DkhGPQf24_=18L75oPU|53poEBKOvFDv*H1%ImGD+*px@P8`!PYS-O;A;y0 zF9rX%g8!`GzbN>B6#Tym{!GE2EBFfq|5d@)6}+mK;5r4@E4V?ys}p zje@=ZKYRB9A4SzKaDR4FNg$2TNmzOyA#57G1wvCwNJ6hEOA<(9cSA2pD1y>KMFa&z z6hsB2_bx?1dKZw6RHaIL|G(MYB!E78z4yM)^LgJJ<-1eQIdkUBnKQGqbD%7ggYr-T zDnccw41Q1rs)9cRKs5-2>Y#@p2!T)tgBnm1YC&zN19hPu)Q1Mp5E?-^G=?S+0ZpM9 zG=~<@65fKhp%t`-HqaI#p&dj)G{iuA=l~s|6Lf|y&=tBtcjy5yYWI}%!00UtV42B^v6o$cY7y((34LL9pM!^_(2gbrU zco*J-@h|}AT$l%+!F>1}7Qh$qB`kzR@D(hEui+c`7M8$L zSO(w0a##T?VHK=~HLw=e!Ft#L8(|Y{hApraw!wDT0XyM)*af>`5A1~>U?1#<1Mnjp zghOx`j=)hk2FKw9oP<+w8qUC3_zBLzdAI;S!$r6Rm*EOrg==sfZon^a6K=t6xC3|L z9{dWw!F_lD58)9!h9~elJcVcQ9A3anQ0xQ^Xu%F><=Z=eBRGLG6aW`+g@RBBczuz* zJ9vO6ctK(Ch9XcDia~KG0VSanlm;L0g)*RnvQQ4nLj|Y^m7p^CK^3S9{ty7wAP}m9 z9)chkLf~h(2$$e8T!E`_9d5uca1(C9ZMXw>;U4@7zrlTY01x32JccLmJ3NJF@El%1 zDSM$b_<%2z0UeZua!?*BKt-qomBA0HKvnRE0H_9mP#yFT1i=sjp%4Z&peEFU+E54T zLOo~&t)UIHg-B=zQ4kF=&>lKKN9Y8dp$l|{ZqOZiKu_oeu@DFGkN^hg4T+Eh$g=sJy-iHri27ClF z;bWKuvtbS_fG^-nSOQC78GHxJVFj#&Rj?Y?z*<-b>tO?IgiWv+w!l`{2HRl=?1b-O z7wm>Tuor%SeXt)6z>jbc4#8nK0!QH(9ETHd5>CNsI0I+lCpZV^;R5^&7vU0IhAVIt zuEBM<0l&aaxCOW24%~%%@CY8m6ZjpT!ZUadFW@C84uS^wF^0VzaMQ!y0UW^zP!noFZKwnFpguH!hR_JYp)oXp2xtn; zpgFXFmhcw54XvOxw1Kt|3GE;Xq9F!&%bk4(=m@-I)V?!xfv(UEx3B7<9BG|`4 zJS2btdP5>4K{E7#zK{Z`kOt|H0sX)TCNM)L^oId35C*|u7y|rS%6=FOhY^qk*^mPx zVHAvpG4KwIg>mpMya(f90!)NSFd3%6RG0?S;eGf3K7<+Y5zK^-VHV7WPvBFS19M>> zd#bj9uN+Vp$SAlQ)mXwp#{jR-lUwu+t3PHLmOxdkJM z&4+aD{?U2;9K~tO?I zgiWv+w!l`{2HRl=?1b-O7wm>Tuor%SeXt*HzU^t9`H2JE*eh$oqdGHy`htFXF@NI;B z5+p+(=nE;33TcoI8PE@mU;;B_LVuVEAHyt|4L`s>*bfKbM>q(F;4mD4qi_t4!wEPE zr{FZ4fwS-voP+al0e*&ya0xEM6}Sr5;5yuZU*IO(g4=Kh?!rCz6@G*J@Bm)GOHkyC z9Q#U88T_CMR0V&~Ll6W*2!uieG=*l+99lq2cnjW!R?r&SKwF4}b`S;8&>d<;y0LX)2vMb;a90qwnNsc2p2FKw9oP<+w8qUC3_zBLzdAI;SgSMDp2Ye@K z?*NYA1kO+ZT)-6yLLqPicklpD@PfkN4Mm_R6ocYW0!l(DC=EW~3uQnDWuY9DhYC;; zDnVuNgDOxJ{2>6UK_FBIJp@58gg_{SK@F%0wV*cCfx1u+>O%u)2#p{d8bcF^fTqw4 znnMd{32(vM&&?8e*V5bbyY~2|7a;=nCDSJM@5_&=hYaWkMlgXHGNC^VfPpXw2Ez~-3d3MHjDRf2h8!3PqhK_Qfp_2v z^eHavDk1EKJ+K#kfPJtZ4#1Ca5Dvj%I08rE7#xQaa1u_zX*dIC;U_o;=ivhU3>V=N zT!t%f6|TW`xBOftn2lb%=G=xSF4vnD+L_kw$2F;-bw1l_dZI}#GU@A<5_u&Kh5N5zfFcUt8 zS?~#b3UgpC%!AKhK70-f;0yQ?7Q!O<3KqlH@C|$mOJFH1gYRHDtbmoU3Rc4!SPSc5 zJ#2uDun9K97T5~gU_0!9o$x($E+uq}k6{+fhEKp* zClmk|aD{?U2;9IOJirsYpfGqt5hx19pg5F(l28gtgAe$E4$49~C=V5&B2VHRD(dM4tfZJU6KX+ir~`GO9@K{h&=49yI5dVP5CKi088nAfNP~39 zfPP>E6PO_r`ojPi2!miS41u9A42DA%WJ3;&gi$aW#=tu;7RJH5@E(kZ2`~{R!DN^M zQ(+oRhxg$F_z-5mM=%pUhFLHhK7mhR4$Osl@EOd9&tU<40bjyGSOj0eV)z=qfp1|6 zEQMw89V~|xuo70mYFGnnVI8c84X_b5!DiS3TVWe)haIpJzK30~8}`6n_yP98emDR> z!a+C$hv5hug=26WPQXbx1*hQ*oQ0p@9Gr&>@H1S5OK=&kz*V>g*Wm{I0yp6n+=e@F z7w*BY@EhER2k;Oc!DDy=zr#~_2G8LIyac7JpaCt|fju~YBRGLG6aW`+g@RBB+`t_? zz!SWnFnB`|C!v@$0n_x3+fvvC&w!;qC3E#sm*bRGNFZh)gsz6onhXAMs zflwXv5Cp+c3u;3h7!MO*B20qGFa@T>zop$zDtEVO~P5DD!d3ZfwfIzeaX0$rgSbcY_$6M8``#6dhH zfB~`~8**SIjDpcH2Ht_OFb>{@_h39sfQc{(Cc_k%3e#XZybmA1GWZUb!wOgltKbq` zhAVItuEBM<0l&aaxCOW24%~%%@GCrkhwum!v@#_TVWe)haGSZ&cg-x87{&lxC~d|DqMr>a07mU-{3wxfQRr1 z9>Wv(9iGB7cn&Y%B`B2z4QRm*cpTi`0UW^zoS^`?fGZS)UBSX`*aLgv2iOPu;Q;&y z2jLJLh9htkj=^y_0Vm-UoQ5-S7JhWv(9iGB7cn&Y%CCKjwB*Q=pcEDru_730(PT&j$zy(~PAQS>Oa0d_Y1TQEI-cSUJ zLNO=~C7>jfg3{mvzEB2qP!`HTd8hytp%PREKd1s#!5;#k8U#Xh&_fUeLkNUI7}S88 zPz!299jFWSpguH!hR_JYp)oXp2xtn;pgFXFmhcw54XvOxw1Kt|3GE;Xq9F#_LkH*x zouD&xfv(UExHUH0>8skcm~hm1-t~M zrl0{W*nvGbfFn48GZX+9aD{?U2;9IOJirsYpfGqt5hx19pg5F(l28gtgAe#Z8JJN= z_y}gg$1n?K!>2F@=E6Mq4Cce{mct5I39Dc= ztbw(#4%Wj4*a+9)I^2L?;3nLHXYd?ez)Mi-3L4OY9q@x8dq;2rXD9$J;0gty5V(Om zcz`E(K~X3MWk3gIp&XQl3Q!R$L1plRDo_>tApojDAXEoE1VJ!_Kq!Pk4X6pVpclkK z9K=Hc7@#*K!c^D>+hGTsgi~-D&cIpt3C@9EJ)sIz1%C*DYA^xr!aevEeuMk)03O04 zcnnYAcX$fV;5od2m!Q-aG@u1L;OAZT4&Vq*;0y)81ze#Z6aqJJ2M_QBFDMM&Py~uX zF(?itpd^%n(%=KWPzH2R7Ro_+r~nnA5>y61r~*~N9|E8n1VVMtLl6W*2!uiytcEqP z7S_Rf*Z>=06KsYpuobq!cGv+s;d|HxyI~Jp0Id?5Wp57-;0R9O3KHv*wpd5HWRq%%Zs0M*h9pqQIS@!bt<1BkcCul$mc3=+< z;0R9O3>x`)rMOIKL22*-Unm1QC=2DFJXC;+Pzfr7A5?*=;12;%4dfjFo8@Q}rXa%jI4YY+wXa`Xc4KdIjIzUJ01f8J^bcJr9QEIbSYqKw9NTbwY*9vxE4-Vi6 zPT&j$zy(~PAQS>Oa0d_Y1TQEI-cSUJLNO=~C7>jfg3{mvzEB2qP!`HTd8hytp%PRE zKd1s#K@YN7Sy4%fS^mpV>L}IaKa&!#Bq;_ZRf(11K>19TDMlq-#?qDEvSgr)r_1!} zN`IMFU4G%tZ~kk`P=b;u(^KTNfJ!x`fud9Fl}2)sQ9NL>Mo#to7X7*45v^p(!pX`Y ziH4}0+en!FzCLSipeE~`=s_m4AvG}C5T9vGHV+DnG#FEpO{V1ZG*j-xylLTPvoSd? z(`*RPr5Vg7b8K2dtT7=#*TG<9mHNSfdj1R0HOWjdXBrLl(+rtrV{A%*E;2JNB{}|W z!=RY-zJ|2=@$og|f3KnoO?}6<+F=1}&v&9@ds&Z> z?rMx`FVAW)Pb8Q#xkc}s>%8O-uZeSJ^_*-8=%DO~6cT@5 z4O@M0D{FraY;JZzHBY7M9ofrnOo)+H8p*#1MtZ54wuWfr4QtumBot3N8p-Y^GxGOc zq9)k7Gvwuo5@q%%pd=&^(p-U86RVl&mAyjkWI zbwqu$rk@(+=d#z-a;W#PY?Ul+?a-OkLvuH1iNTe4%l)c9)SPnm{M#CTg*|S>u`brMqRTWfjY-o=N0pHC)Rpm}Q}?yL5}E9vAXbIWOyQzV|8F z4jY+d*)2J`nFR5pg zay9Z2T$7!}YsxwNMoP-PM%e=;WE5p)RB2#CM(G_iiu}1~6fK`JQczAa3@REKDWp*x z)Dd--yjelx;2`)oNMClIp`H~y6bH{xudLCY0iJ&9hxFOSbjCgPo&hWt;Hh_0>^wtd zpN^Am8a)FFxGMHi)w`?1gjrl7^sL~ZXo{g?B5YlcUWtDDTnrvW{6wUv@W{Wa)QB z`W7frNGF~7_%I~Bo~b>p(-DSGLCa)$_mxbQequO!)yhiVt3_8oTCEzLTlf~L& z*5pEp)HTT-a$xX}SHg0L%#wVPdS{mOgeU>2m6wdk8*Am*U9OcirB4^SZIF(2=t4tY z-6lQkjFMq>)^ux^IBEhU=`wqi+U1a}Hp;RoGHHgIjA3fej|ZjZl=n1?Zf=sF5|>1) zo*HE;qq2R}pdMQOvjjO-#$9!EI>eAx>#Vb5Nv&2^VOavErk$nct|c^C){@tAnI~hG z)X1=wj3p~20Qr=_SVH;^llZmL>zJ1AEz}JvC>x|!kj&>LzI+zb$*aYzJ&ee}X05!3 zOpcAO^Y-is8IwLUt@~MCZOUw0k3Mp=OQ#KzlN$0{t)4BZRtM$OE;~kEk0ZB_2zG}%jHF$YPV*v@xT~W6vr;xmu`@W2;Ydn^>@2P9h1H?kLTVLLl zN|zH-0C^X@WauTCrM0c@XMvmwGw%{x7IVuURbU<|YM2E$wa|wvc37DC)8hp|P9< zq(;ezk6Tg6P&GrKW&6QfWy|Y3<(Uf`&f8?4;vq zHy0__^5G*#qI!T@nq`)9U>Q~q)8&pjwMPs~_RLbJ&6i%XtR<0N*<7uMs-#(dUc}Mc zPj*uA(j3xRM`bMUSmwkkZ>}y~+D)>kw2Y8EX*G}nYtv6nfpu7oZI>l^YJ1L7mB`_l zB?q8dV%1?;PR`4iwV8Et>RT3+Jk1%OJD9aZ4R5jK2wPg3!_`?Lch+gWy78$7lTcW( zm*a4j6ljiI>5D_cD593H{8K!nfRQH>FZoW_REsTzNk-J|vGk6yxCptE)1JL+J=4=k zy^aIsjj7fJmawe48hwYTV`}-xTI{1{^##hlt!tEgfvTCGGrkbjyV|B8CaGs+EAH8< z-FucDY57pAV$YluwI;~Em9<`$rEx4DqMOv_Zmw=pElEdJQih}+p`U5O zr%GXnes<){W~cUa#DHbg5~Y+RsU34N)Htq7TFGT8r+mo&l8fpqm>E`kidCm-bIXo8 zn!EU7wZ>7)>0((S-(rl)O!l00e=U}yiVcumw%Eg2B4)($F{>o|LEX>N&kM(3Zp&=3 zyP7n$e|xnY6t#q6UECJCr;`oKlB$e4mp!M}26g$ zov0u5kn=mmq*k+jp)IFn zf2ujkyIgJi%rY!<)S6^FWlYYm(n`tgK3XF6%(3iYsWa3)WjhJV4z%uc%l199WceBO zjFjD8D`j73w^wv$Km%?T1^2oYnNpL=P%z=}^X&5sJ5m zR=O~=W{ItTWN%r@8nyL9Ho;b_NtcCkzT|u=|5J)3tF4_Q)7kIWUO6`{$I`;QHL^8- z5TxuUiO05$5)mB=yD>=uwvJkNqos#hwN;>=M2Onc(xxC8x1_6DiCHHJ$xU`%?#Uc$ zXyn*P*?9}qyc_8umn~Y-ATN!l$6)ofx4sG|W7$njU8NXG$y0Zyt7U^*(AssEXw($8 zl6B z-yybcJ2=%^S13RYFSV7tBUT;Cw6q9l`N^4ABTYxe$IVg7u-3&rQw7v3AmAJhU z)Zpf-_EQ5LD}k~j)WV!~OFpIlsZm}DYSFQ_n2Cb=M!iWP%S%Hdi`AqxBp=eE%2MaX zS_h=BE4gW5-F_KVQzNG`*`yTNTFV@@6-$y*)N$^hWuK7HBr(@5X<2BwsJLc1%!XOU z?y8A?hB6)AfxN3l>N8YmGF`am_voQhK7)K+Fr04bLCWdCqg2N9=ZQC^|1o<13twlx)qx|%v(Qjrp*E@q2@OCB{Y zHbs3wGmR^0=1T$OP1B1do2|8Mmb!gh+*xN)4ROknm~U}ZT85=h3d^=fSo(I)vD_Px z+PyT58Tzb{KI{o=WI-~YxL6Sp4)!0d_+WwR~Kx#5ao>xnNq)xsJ@T_3xr)U|_%Yd8Q zelM)ZfU|=iS5h)mnjvY-`N`osLsjD-OG~rgPbvyEqbI8iFPF&@lby5FKQhbK%qE;& zmSru?Y*w@E078?dwJ1$%Sx%bP>P*@Fl6Kpmv>XZJp6X)NB?Xu%^^D}3L@KEhb3RvH zC<$;==c|>Nqr4nn7PI%0T1(bt&*Dgs1r8crgr7j@%KV?>eI)AQeKXs|Gs*^3r zvK;!dT#7nwIrLdrdPgMqvxG5_aMc5gY0`#O6TOB+%iNrsuIg;*E0wBM@?EP=u=Xv( zBGO}?MsZee4EgfD?HFy*j>g!GHtA_i2gVyRxXB-rWK17m(#Ue^jU~lPqZA6N8CWYY zC^RrAC@f5`C?(}wV4dV2oDgIP3NjdK83LoC6va*MI~mfdwU4&ke3F|~ax+T8;+qgf zX|7R91h#1!6K(sV!uCByfBB+9Qsd^`%ov+$7?5u488H)m3yE#^lswb8>%!DL@yiE)k!el46J_ zuVhk8WGkI~>!M4DHOKZ&Ngtpy3^W_kEZ^7YVv-EHx6+f-V&hT_F|nq;&0^!t>Bd32 z*c4gPlp9rgrYU8RE-ocKzHf3`qRuR9wQngOMni0Zu6Mf88ZX%rC}Ad>bQ!VnePa_1 zIvI@3$dE5`h(Tvgm!u5Rso7}NKxuZ8Hh4uq??jSetTm|l_aw{!&Ikw^~7XzQf6FWe0pm2RND@z z-rrQsl6ZCH8nV-K_eNmHt8D@*br2+Mr=r& zrO>D)^=*yPEN}fkPGX?C@0z4%rkN%5w5I(HX=eX=(aDKvu_@}T1_?cThFVH)dy_$D znd4VQmz*YFx5ZKhq>xH6mA^I`rRCp@PYR$Z(wH7^FqvA*mv969>orX?8;rRz21%4} zX_TgaFSu5*g9r5r@~=nHPd6Dl#HM5#a)Sz%|8 zugv`Wn-e7&VK8=-uN@7>R#F!I>oqr+8IVISzArggTT$eQmU^LsMrrr=HtNklBV-39 z8YL=%&fUHseTbr@YLujZ8f?q7{_;&`V}l$o26Y<<-dZcPkRvojz7owBn>-zutWgsF z>#;={OzD}%cs2FCg8l2YrRq${G)WDSFUEwtsA?%nD~;0puVWezn`~~HTYLD|>nP*R z(v3|ACYy6ZlLFOIqeT7Vz@iL^$tJULP?MzCw8Xs96(ptWZ-v{E@+}8ddvkJ%)QSd^ zT1eF7MH%E9<}|gesI|C>5+l!x|I=`rNlnotJOHCiB*1DYL{-+;CuqRMb5YxW@U&Y@x zBR)OhfBbO>M@z8Myijw4meIdAH%P(1J2%)PlnuN8%MB@V>=9{0xXOn*P*5GndRLlG zG9-=L_L+ZGc3TQeJ6QNdjY%Qw`~vX3`};ER(C!#{bPwYOr<9G)nk?H5^N;HMgY@BpcO2 zqcr(%1{16&J@RabLqyZY?VBq~4~^3KFT+$*!9_^RG-=w!rX&wG82#%ti0|3cdNJN4 zCDvpL>ZzB8Ni{BH8^rarG(!Gs!PByNBh(sduyVnX@3O}he5^+4_V-f%#??kRjcS9j zwOn0th3;Q3(O~Y`L|T!F=|*Y2QUd;V+gHt>H)60}Vn|L|uiJ8Wrd-fuXq3MHFy()* z%_dE-7KW4zgOM$f!jqs;dj8iVeC?XX5~A9&x6R4js319D25A)YUq|xVJe;ITBRz}R*p)DiE=+l?rBKvm!6uDV&KNh z9~SgbwV-o1#c0kwfc{o1KFT1icVn!y;0>v<8A)=T>)$5b9A$`4Pn5e=hJ?Jyw!F;E zI;jo*)^_|iq6ntS>8Vk={N?`n<4EMbMf!k$xe; zi#;HfK{t)k@qZ)eP}1F9qjdTwfj2W6xMh<1FOn|#{!jPo-w0jJ^}!k?^Pi;t&&vNB zrx*30vmXAIqr!G_8LCkR{BK4b+*3}*a>o3_$OmW?<3Ei2&Ew_ujh2}IEZ)CWga6&* z==FHz&cvT@@!zV!{~+eqkFP(7^v^cdtWnbcNhbeQlv0!b`F3V%l#G88=^q?1uW#zV z*suSzJpGMW|K(nFwcZ8b(PL?Ls`p3o1~oEnU4nZCxx-B7yCL<@`uMU|o}f{b3L2#h zceJ_j6KFl5N_#-Y^4+m7uTgw+7iwlqPqkck7!vX=Bi|G`O7KKN+9WpaR^%o@ooIbl zTArt1jx`;!yrjdrEo_iABo<*o+hXckwh=WR>z1nPSJEh>`l|Pew1w0Iwzd2YCs~>Y z^37X;mTA)bk=AK~B8#>1{#%PlLb&tvFGH)YQA)Ql7!%@R)A|NBPc~b>WaAbcIcO>r z5?CWJC?q5>D7aRrG^!-^PD9jY_b^2%p;5do-;Nj(>ga};)UQws2{NasM)Axyr==;{ zV3x_D8l}4W#fz@KZiqTCOnz=;X#>fwkcsl;5Dg-OZDm<0R$BBeO}R@+MES;KeQB>J zrK>B;7b?a+8}oQX(jyhLjsH;(G4H&#Q8malA$fv+v-tx?>E*zWeXij6a*$lBIJ zOfpRl0b6CFl>^Z>%(0iZkc?Q5T^Um3;U(9MSZ;o+zjn)AP|Y&F1Ld&th%_2xAk3EqD+wcdi(d>*~r)w`IquWd9dw#%Qa(wF4YvDZcIsz%lmy^ z=->T)UR=$Zv0?FHHG*n~gc|gFZ*zTKZM_xW{dwSL^&ofsd5-wNQmAv`v z?E1UI%2avUwEqm}BE9<*Zom4f_t9%tN-AHh(wlyn5gxXCPup*^4z|tyu**P~=j%t% z>CY6&l)4gsj10Gs8kffb=)5dO?n7RYd9CH&Hkn>n{?Qi|9lpr}3Cb;5ZoG__m*skq ze)&t1=|v=*4`kRR^Pb7@BdOHegv(DiGvr5?$@1gL1c_phlBWKIlb>v+$<)E}>q@hH zGS)=ZEK3fQY5e5Utc1(DDKa!bU7x5LG?7)(0w3`#$lV~}}frJ1^1s?t$DlVv{FuzN`4PgbDrPYk|}IE*|c8* z)wPlZ2Fn5+O%R&Ok;cZrtTfTNI~g2%}0)-s#L^XCLbC0SNvC6juySSEC8klvf|F;+Y`6!O*4h$dm+~k!ebj zB==4>n#_TkfbbN8lBCGJIC&yUZuH4adG?CuwsM=aItjyU2-MV8gG`q@v}(hG1WRV| zxR*g56;tncCg@@lV~JF9t-suMw`_Evrf_)f*0UYSMtN3E6P3SFt4l~XSn^RCNz&-F zr6S()oxY?QZBkeI*L^p7kO^GCNSGYm+Wtk`9oq&8Vi{QnnUC@>a5y$NG}v3A>8z za*HT)A0&}Tj0UyznJo97S=98}etNZh>INhw%L8^v=_x!ACnZlOPx8qVKekerS6(Hl zc_m7xmNZ#fz2y}3+VfR`ni{R;o-xnyWn`viyizobnQ4}lDOB=RMWQ@Jm|{J|q-5}5 zp_FXd4U$d+51RyPLSNg0yhFow0hYjFDyfN%3C|6xPVS9A^ZmcAY_5wXlgA8Avg52rsN}WmA&yCQ4|4)FJ=(}| zDU0N-Z9P^^xrd$g`hd%MU8|PO+DbmiC6w$6DH&wTAEvF2C2^WtnsC`xvs^P}m^my= zQZ2jO}h%2ukUyp3q6 zsjKdb-aJ05?uS>7BXwt3(~ywdySE(IX=ZCp5HFQfBRQb{q`sD{%gdI0G3M=TDHjq# zjBK^7Vz4~qN@-AQYRdskwpbQW&lPf*l2lt=8>k6aAKJ6jc=FwBwG=tL)EYllj&-%D zNIEQ4V*rPv?5S6eQF(?_{Tnz%d$DwnQ>kI~FHRT})4T808bgCewsJ_Se)-|OuWCOz zv*gaVS<6lzOV)1sZgpboX3M8FJnZ|h!I_yaj~n0VcK>qcBQ+0gJ=uS3snK1Z^eJ)i zuxrAV)-_`TI=Y)mz84nWxY67R^|KjemtU54vwmsW zE#IRi@>um>t{0e*5T``92oDacp;(hM&z2lExpngM#2fGI8FA^uK<|#SS+>7^4C`!T zuYShoTTZ@ckf*gHQc_w=(N@&UWrHCwAtlAK%FBup$m?12YH0sA_Wx22Xw)51T%Ia= zHA2gyg7U!Q8`D{?h5YL@$5C<2D;qK_54B2bJX+}~HdUfzsHM_YE*g5uXB)Y$ZOf|4 z2KzfNxcB0$cq+ct+|*CGEvqzC=klT@?n}M;7a^k>^(xP(ULVtFZz=8F-qH@{uY$T( zjI|YPvR(~XuG`cFlqG5(s~SlYZDq@q16SIwhSXRZ+Zy$4P`nXJ-q zy5*{nYj;}QCYc^CT5eb9a)-E7c=N`EPA({jm$y-IRl7d9TQ7_>Lf+n!_dhUYDO001 z3BRnYV=H43vLtUNqYPw7ta)Yg&2@E?_OWPW<)c_{oc_gT%!hq`WwS zFQ8NnQo`gv%61>6qO8l&#Ko>rKFNo?t^4n$FHrK562)JZ#4X>ENIZ#Z zEF4i8l9%L4qLdc1EVEGd!JBdF)T7TROH*R@><8`+3?dMIZFq zy7s!DMnBZAIx_voCWAjd_hVCYZ*7xbeH!>TnbYik_@{6Cj&C(5$2C!(V=uAW9iL;z zySoa@Q&tX2c#x~UfTNwfW3sTeeRNP^y(c5iggxb zeP@@WahH9qana^zG|G-CYpS)nTVU(8V++qa+;6dAQBdj91A7&`sx4uhl+e}J_|v32 z>F0_!n78TljYo?k10%-%__$|}j12p@BOe^gcyHS7B)46~Dot(>eEPC}m`AGToo%Jd zUDWL^?OT4}wtlw>vq;gP7|6U^xY+uk(leA*| zv)_-Gt-tT!MRx-<>N4$*hOQp+bJZ&6#%J#@ z+q#E$y5E~>guBjyWQt$?(S)x{!WvhQzyCRd^4zA*Z2)R-LdJ8B%ArK~$RIN90heOSQFzNo$TY?qS*^rd6N=Kiqqt2pOvb*hF{DX(wJ zY)|_J`g-&0=xf;um+PPGoS>q5Zwi+~VM?zGT=3n@d)ZYE?fj*{p7v)4_o+T|gy)CFKl;G2xT#s`TVs73 z5)6-Oe`0sze3Q5Rhxv{^UbolWwI_BS+&^*Dg>iki3|#Y3ovY4yCJdr03ilgfMaYQKNM%SHuSj)*Sk;NN`T_~<4Ne9Ii( z`@-end*zOJ`dqoV>pRCzD=ywNZq&7RU8Sv(p=|1L=C@0pXAXT@ebyjtov?fFG}Y%g zW=OTy$x`LH#1@QdrJjuJUdt?f_SpZGsw7yir!?9Xu98>PMWxHF{U)++E$<38=)yDQ z0UlmpoLlKh)mKw5m7Y{~HL3K%ETdtJ{@W|%zpDPOyCp;pN?fu1;`0JZt52pce$*l9 zM#PB&J36&p_<8@KsZG}&u03`6eBUQe3^|vI9h&q!VwUqY!?gVY?MH1I=6o^G|I2Xy z;;ZJpoz}8d-y%*w9XzykoNvGB`&Nv2d-=D{Cw>@vtZ%XDb*AmF)bQq&7ojsc9`)(o z^5L?ofk#KL>)i11;Mls_TOVr_R6U+G4=5 z(an!~tl4>O(e3y8RCDOoYv=N+U1yaq-LvV%lHR`QHTRYX$?7w%^=Ey0#}Ax#RDa<8 zGPdgPqEvt9)FxVzgE z%ox3U?y>Knx05R1l^X8o!w!2VU7Ob}F6m(X>65!2-#@eX_Wy1TC*@X3trS*k4OgRD zaLE5u4fiKuoAueV*-V{%_WSzmsru|mxtSAar_avT*SA%sT20ZQKdnq7-)>nwAwAwy zy-8$r^#p_ZZCqfIIaS{%cXh2k)Hhh?lkc**r(EiBqllXhgXH!aw+Of-=2Fdab1G2h z^IA1xmm@p4r1?(AwpE5~FFJbQ>d3?8o)wtAIOoI1p)acjeE7cC|wG|~BD!+O5c9_vRJ z+f}>Kg5z%Am9295^SR06%T4>iJmc!z=1qQ$UcA{|pFHBlp^CcH^w`7aoQ|F}Dgnu3 z`qyuFdO__LyKBa#I-QL!vGi;MlwcV{U%w5%F>S%4Nyp9KUZiW^nO_*LL`nJv!ux zwtTf6;d?jvwAxkl&eB;Uo|SvM<-2J`E-o0+zw5#1K~qN0K6>bMeN)(P^}dN&7S+7Z z=0%0yKQz(v)JKUug2z9tIr`w4%+a&n+1aJz=&hU17Me8v<7&SwzkQ(c;T1iSf1h8} zUh_qTMAL!RZCC!}(BZ?ukFH0xzCXaB?dY8+T<=Z1)wsaHLj5n6?=Y}jr5YReEFGV= z$mi1NQ_Vx-Ce7bHC8TFR-$vigFzhaOt#R3k@0PCC>txMw;p3_nbw3_kZ+cR%s5{4+ ze>5kn(d{DH0~*XaA6>j;q))B)Klbe%Qn+&MVgui)vA@l>p35H8Zyvq!{N>ZGvGuDS zpBk{gW|szy8VAiUmmey0_EL?lb66vBRgfOrPj9q+-8_uN?baIkNLy`I#SN z?g+{$>7vgm=_rkSy%gJja~t|k+xht}J?3P8qnB#O+VU@87gR8}sV0{q(wfh^FmVlX zlU7IGcoBW|ycO+(%Gv8i4RowsZp`SaySLY!6Yf}TQt)SER@^S}^vrX&`+b^3hhNY) z&bNBOpiq7A9PcczH}6KxEtysP&yMK)hn+OP?Q=BBh|M|iR~$nMo_=v+W5l{vZ9dhG zEp(yOgPMnHIzGNPXJSOHE2F$umb=rz%QSk>%%wZeO|3ZKlb2<0UcB~bW9`o>Ih<&5 z_3awd-b)|m@NTVCw~f!YH5)PKbeqm&KOFK+deWoYllRWPR_~j)v!+FyyRoaGccDgu zcBEb!F#g(uBe$Qt*w$g4_s_-pOyBXaude^pN=ig_ykjl@GDW_*@!h%DYE?$waM)D5 zM!Oz|@0eH2DL2cne6je=cC9C_UB1XYc>Ul)KRT``J96|}x7vpmOV1i!r$|rd&<{;f zn>!q;_|eqL?SGjzyT;l6<&PZrWvq)wgV37m;to5N9awGJ!)^@<6n`09ag5WlsVhc| zh~6?cr`U9TPO-_knQLdK3Cby!CDVrH?jf!~i>1n>WUa>T%`4CxO_ZantrU33MQDyD zT=KTQoXBcRX|@JEsnmCo^G%CRO6F0TnCNI-)95yJ!u5J-*@rdN zSBt0}S~JKRo?ZU%__b^``7wk%q7ZF)v|>(<=M8<1lTI%$49vUo*8DiYdC{HEitRir z_W%{mkNHb9SKdSaS8|||z5<(OSJ)>n2lA!(wd?M%;IJUsOF^NQ>uxT(Eu;V6+Clmp z?VH#0TCV4{ay>66^mD--ub%txPDs|YkNMh_Kke&Yq02?58Fo*~>#sH#wasI-%ZelS7fiko-~7wL7dk&p&YAGTr>5CQz zn}2g~L#H84#+_R3kalrF&r4hHjPnVq`C*|_sX?1d>sB6{;nk+&`;AZ84{tMj=)*yM zoWH;HS;5;|R!vS*ip;p@f2FC@mfiJdEtnG0rtXO0`+~m6%FNIlbuZ9t%g5h7D0b$j z0o`|M`ue#S?9_jEv9>ciH!ZI79$Kv0oYn1{&lxar-|byX*MHk=<3g&m~Lkoj*zXJ~F)8#H@+E&)ezG*69A;pldI_9COxj)1jze zN4Z|Ud$ITq{iP%A<31SNxBt}Al{1@f3G>~z|CZ_ghN7F6Z;pTZV$-75qny4R^_$lF z!v=lYe4}qzxJtmWqV;MgDVJt6>|OHw`d|DHRc-8ie&@3NqkWcMx2R^(N4$C${(XGoXBRp~#&7d<9k!}gspco@ zm0lM!wD|{hwvBS1)hm7G-Q7=jE!+S7^Y5D%*;=mb55F~bth{9Xs1i4l5^B4QF7J8y zeD<|3sz0|i=vzuX*fd}BJ>-IB^wdLH4W|FnqV?n5tE!l%n%lk73jg$rBHfi9aotDW zzkJB>MXBhp64#CTo-}C7*mu%*(8tV)niDyu&7Ym+xX+NDVN!23uQbCrv}JAZeIn>x^? z+(G|e-%IHB?v+jt{rfEM;Mk%5u`XlYt-Z%mG}~u-|@ORCdTjK zqGMs9Gk^H}=^ovobB&+RUi;*$em^}e>$@~^ji0_%|Mp+heL8LPj9EqfcARK&?84kH zhY!2b=e>=G1GYCAacocB=qrz+=WYEqFm0Pt$kl7l>eP2^H|+H9m3lpP4c!qkxNStq zyM=q0e!Xj|IwQ2%_$jIHD~qm-dGOBN^CMgDIA81JRmI!M;lZBgziv+H*X-@~`|6zf z{q*CRr9HEzE*bOToVdG>?tb^h&8O~*3!i#4dPMt?EdnC;I5oRia@-LAlCg`|jNAKZ zhQ5vK_&#UqH{Vfv{l^{N>bk-?dQHQ|+c(&k3!2@3sr}+c1qv0aTmS1?M{CsD73EUm zy6K0V9o=;`%YW})YS@*>d&eu=_f2Uwde+X5f}YNE9ufBW9i*2ll;QaPZl-_u>!ky%rt2IBB#;gOd@9u5NvLeEp8d$m|MEOQ(BY z96b6;y)5IcL%~PS1#BCq)N8(HP_HCMP1j-iRyt)`r(;3+54&d*9Hg%uq7SMS z92^`bC(IDNWi*7*fAi`5uTF56E-Ywub-A&u>!5jik5?G9!R=_y;pew!IXN9#n9?S5 z*PgJB4>coF-a7yDhBXa}^$K~}t?l={AH5&luglNF-|F&Wb&bT)&B_;CF`@8*0l}L+ zieKwBtWVU)h*b+FHtXx;{o9WI55`2E*%GmtLyOb9;IhTy;ylIuHuZN@MlY!+K_|J-ujn zjhi)EJ@ile(yQIIO%8US9W*UyUDG_hbZCzIU5{T^H7|bai)$YZZP@Dcw>`H0cJzd) zev>v^LTa~~s9oPUDbVA_sCLbMKDePz@h-6%)1Jh6J&ybJ*Zv$*+<5#8-QBIfd$}Bs zPcOK;M#6ht=PVdmwtG*#dCK(ZC)PwhaUB=?TMfss;-i|MK2z%8^JPa$@96umTU5L5 zUZ*Rr{Wj8JaLNu(ALE?~PolPuE;em*y&|Ve*8JYNNb!aPziPVjf$uv#PEGoxs4;ox zH$zsfYS8EBz^`p5xU+JCJE`}|y~iSVtQ^#N(s0hbi>2jGebq0bULIoyms38zk6wNy<)vjXMU~vR8P9I+YftI_3H}(WfC<(6}n#d#Q65Jh3PlC zd9Q5Hrg_4^rH<1+tREDzqW1Bv{c1Ekm5?&@$IRNP>)eAbZJqQq<>1`u#mn8k-aD~Q zbnCM-)~@s&c%nw&tc5up6uTu38^>KsKEJlW?IGv-q;IUUH|<2j7MYrp#eYi8Dfl3@ ze9WbR(U}!Gt~vYZZxie9{4MF6;ovr9BC5taFFjjcZ0VoiYoeTSqq3@9+r z`}&k+3%j0c`I))k`kPa-4%NT%R)gMk+pZh)dvM8JB$n{2u(sCQGt-`yjp^H`sb}+r_f~zg>)N;;ZD$|)u~q*S z9b*bCP1ZyVA38TS#q`2u-Ocdc^^>3P-4fn%`0!~P_dc$BX;qO;%l9|6Mx95>=*MtpSZ3Ab}nKX>rh z($BGv$8w+cA)UUPo6-B%xjA;NQ?*9ibzvq>AkqXAi(ZS!%PFvEhh_Zgw zuIRh-ruRH+h@R3X;$`FEcUp~`lRZ+Ooi%^>zxh1<>KAxg2j$wLGEw?+#oetpOoD<# zg7sngF1ZtetrPTSeVx3!GxnOG0DV=xi!}hgb8r&mafE5sfx>$&bHBS3mgmbEmF1fB$&Ryur_A5V1JNbFaT2n#;yQCv^3TV+i;m1xi!&=e^epYMCr~NNZv08B{@}z9SmYV5Po^}>lv3zo0UFFGbE2x?H%n*2~0C2*Q z6P%$Y4{Uk@5B*{rXhI(PZDRB?kb(~o0>^%NQHB69hIgL_{@PLVsq%#78@`^0Tq(WR zyn+}1TL1osirtCr<)&7D3>tqS8Nj4(*!aqz@wq|c6NARRED9V`9oXWxT>fu(*X3r9 zU5)6i?|k$7Qf@v?kXyIql0D~jgT@(yAR}TAIN;c})Qp=iQ-6AVI69%QD&7V(pA_R&@1GEsjo8ze7(%q;tk0UdQ4vJOqETF z6cMwStl|Cf-R@)gX}9clpIf}3)Z>C))D?$`=cjG`eMi}I@+{AmmGO#g4(#0q2FK#{ znU3fwn;xs!m0+}tM@RP|-|db+eN93u6!vvawYcw=@Qg>6t$SAE=KF!iI0TpKezciq z`=c#x1v(D9+2hVtMDz zip-L=4d%|?v!&FZH7vcX{630V?%|opdB=_{e=H)d63n+T(}mL@yKL*FHH+5oc+9td z`!$CB^ZWgNJ3BI!xd}!7J*jiVFu+AtF_3fnOUGqA9u12^*sRv+eV*beIQ5LE;a3y=Dtoy-1eXgpU0;y9{oqxKTWtB zZKUJ=I73c+y;nwrV1Y;1^Tr;QUnf3@zLQ#9{@pNhfp~(n+V9srXP9&D&N$9{^j6LN vghv;@7y7e{?JrSJ7LvTr{FBep>gB6LLY-Y9PZ+I!Zgt(%b?OMX>&gHCq2Nnf diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Encodings.Web.dll b/Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Encodings.Web.dll deleted file mode 100644 index a4d360553c9d5612a998342400c1c66eb5f28199..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 59768 zcmeFa31C#!^*?^!o0&J0$)1peEy-hbOdw=ol{G7bHIkr2(J)CS$v~2cGYNtS3GN$8 zwXUs#xK*?j_i9yeDQeZ?(pIetxYeavw^nVd%IdY=(qhYzyI(5`!O)*o^w9; zp1ZH_zR98!wg`t1!ijG*D#S10(q|6SA0~Z(lX4$S68FSCH{zGt!skZRwFM()S2)xf z_IH>~{?5)&x7ipl!#$m5u+ywqQfqdEnga!iiQdu5bWNoY3pI!MaPlwCvtrvXMw;EddZ(klA4c?Mbe{#s0>m_IFGbmFgguce>e;Fv zsr)p0z(uj1pby%BM&Z;Q8yw_hZa_PC=IzjZqfk_i&}dNUL0?b)d}Byq_nM=x=O80t zf|+9dbi#dOsjSyHY*JB@?vTFgeMK@;>)9*HEH-q8yx}12&M^ROw4b#r5H;FLLWHE_^FdUX>EVDkmkomixvdE?)tNrLw#@eG^D4 zO}LiJdPkfT_gc6v#O(}Wd__rf>#!xkpd=Urk`S-#yV-t1nyzHSmINn-@Fu3I_T-R> zLoHg#FjO+A3@0HC+#fk|uWCqK0uu*I;|8}HN3D*=CeyDwd`Pi@_QCZ~G0=vCvy)Xa zZh*0z0md>zB}mUelV~9Zw@nOt0>i(mlL2Xxw(E-$bjfkyI5@*-w^kHf8@3Efzp=un ze4l_g+_5-hK+d(33Z0A4>Qr1Zvh{g054sNn}v-B*E7QQgrs5T_aDGuet zgQ@Cp%Wc&%_yixCs+UJu)yWJVVP&u55jS4fjWG#427CHPU-!5KHtNm{O@;+DTFOHX z$_dLE)C-N(Uj0A@T7zyVzs3N+Q{XqA(l!kV#?az}!aMZD%}BpS^_1!M7(NU}-s{rD zQ1ayUa!t7}4i>-b&g1x2pp#)ekecZ=lBI#tQmB%J;X4Ka=El2y$*?}o>qIZBbGYj= z^W5fRh}irq2v2O&bOeyf`r(c7@YiqaZ}1ee)tcbR-96(EP`N#5pk^O9yGspn%9U=@ zgli@zTIO$}0Om^M)a(V}IFH%FN=mw!48qFs8|`sVJbhrq6IQyBx`8p%TvLyf(6n7X zG#ZT#Ffjcf1G$GYFb4*v?mG~TW}%4c9Oid0RW~HBpC6pJX5(}e<+ymRCm-rHKW`(( z5vOk^)LidQfni4=$5?+*S{l4q;55a%v+5HZJmGtWH?A~ty-h2zeBpJAA=faFWj$i) zC6Xw7ZtoG0Jl`qC~iR-zu8&6w`v(uegzzFq@`!|6ks4NGzIMl^W@P8v&X-M7Gg;Kr9$-MZ(0GeFQH-%d}whc?lC^)&Mc@u)!%7OpLjc;HV8w zwP0dQS__#W5X(4L!_qi0W*5PtOaDfFAV{RijYJ(?OFfk_fm4HF4(1jLEj49Ah&0h3I3of!?V$41u=2jbw6|QV8 z#F*O%j@sZ73ns=C=*DI*dZT50q6HIU_5m@s+F-16>Y2xBe*u|i{}lrS-74Z*!O7}J%6i81>K-e-d`<4Bko zb3egR8(eC^#FzrZmzfJ<#a(8>#F!?*ci7-^3ns?gNpRE#qaVw-i7^ERKeHFaGG1xH z#F%{q@3O&F7EFw}o8YJoo@>Fxm;ytmxdg;AKF@-QF>46!wZYXEOpMt_@Fg~Qz6BFw zZXtM=4PIcu#F)DY-fM#wS}-x@^8`n2@FEK)#uOOU&0Y{I<%=zt7_*PyT{d`$1ruZL zCOB$?Yb=-;lQtb@6vQ%qtOXNe3d{*+6vTp;S}-xDz?@))KrFb{f{8J^2;ORg>nxZU za~r{XZSXP+CdPc8;HV8g&Vq?C#R$MlK&-frw_sw-8iFse!OJa}7;_83Q5#%u!NiyX z)0G(ov5cQ!!NiyX)0G(ovEUOem>5%Fx-w^jSnvu9CdQmYaDxp#$%2V7R}vhx!6#cV zF{T&;xEI7S-eAGRn0*9qwZSVbm>6>#!BHFRw_svSfvM7rf>_2IEtnWnV5&5Cfmm>p z1ruZLCiqhu+-$+bn4b|GwZQ=kCdL$)Xw4{yWxU0Li7^ExTC*3#f?F+^7_*Pys10tj zU}8*xdDx7CSfPU!OpGZo51UaC3tnZx#Fzr}u-O1&!K*Ep7;`1Ty*9Yrf{8Kv2#(s| z4hts66ypI;0I`gBS}-wYA;G;iIAp=Zn0*BAv%y^!OpLjo;HV8g#e#`3MFANHvEmL} zFfnEy!BHC=v0!3MF@fR+u|juSFfrz51V?Rfj|CHBibBA%L9EbgESMN`4#8V(@TnF| zjJb{As106g!Ni!N2=D|D%lJAACdMoz_!1j@ngtVMZXtN94PI}-#F*O%-erSNw_sw- z-2{JXgEv?(G3I9kM{V#%3ns>-#}Q@}#7cRu1ruY^X@MC9vEV)nCdL#K0q>_xV4gRSG6JzcsIBJ8hwP0dQaXa8UUha?kItwPo+zG^t+F*1y zxdn)fVvxea4cm42o3ns=C2LLC7SfOvQU}DS^ zf^%&!I;)JE7}F$pf(^dOf{8H;30`7@(HmuGV$2$XLpB)QO~S;OT?9vMFq*uCi7`bK z@TVYF%F*m3OpN&%!E~G{;W9oW;luFAdvsQCf@6Gq_(VFlE2Bd}9Ppv~oOyKa?xM9G zpT9c1#;~S%BR97pL0?a}`;wz^XgFp;mIu1Vm37MhsDI6WO9KMXGc^p>w1rQlrv(N* zuE`!~o*v$mBUuX?>iFr6L~&66O5Smj$5Ts6&&5H?o)?dOSqxP|==R{TsLZ7G3?UJ5 z9h#TRDHF|Ee9kJLHw;I*QpoSHCa(ivyfkZE?(X+V>Cc5f4gNB{`5C&ycnMFwt9^e) zUdHQqXirD}&f@no@|NO}{FJ!dQaJU?U&zZX)ImvEY$@}dQh9t}m{}Gx)?$vbn2{Ef&kU{@I3irAiCPifpk@rYsk-(1Gf<#qTvi(IZu zJl}ETj;(djgFQ#?D2rKJE9)FeuB=aCv{oP5lp-91>r*s+{09y+0%{c$Y12Vx@SIsAA`r0k-_ z+%275r7IgwdZ8|kRcXyxn$jdL>cn{Lz%`e$_FT430?_+n=#{1bFw(*zjrf)=f!=GxIaa4*% ze}jZQYS(k&rsBUYd&DF?P2d6WWR#QPaHi=#FM^F5>UMajO*lREE~)XjT=PB4>$38= zrQu`@G!Q8oFv^~olx=QOR#O3OGLQ?LEYsX~eHeTCDB|1>qeQh5V??7eewS8391C=e; z_EEtPREDqZqgoiKTybq5RSE7O7<8qGj$>141jMWsYrTBcz&98v^%|KIbVr`U@S%>p z@jMIeKagzFgOtcTsM1kCsZJkSiIJu|G7Vofl=QgT&_l^Ez&`n@c4C^2N}UKej%B(t zVx+rtcd9GRNONa}GU0t}s(V~~syofakN+pTe7R7jX{m;9KEFc1M*F!@Oi8hFp$cSzHEfl zxy^FktYUE_IlX9dhOZL1k>o5GL@m%*p5!#@WhrD)lvK{E|Hb$)9rs6u63*w#L9vRk zVhk-pUMa>Qwix@pbF^rOF0oukdqh5Qy#Za=>rK{ui>VlM3sHv&x${61Gt*s}=|*O{ zd+IkRl4L6CW8i0Qx)ark0l=7c3sR3de$khM{G{W7>&A!BfJ#QBVvrt_ZYZO(cEcM~ z_31_yjIk6qJ|2d%(p^*UWH7U6e6p5_7?vQ0bZ?s1>8k<9kxm1Xq9yA8 zOJhE3!Hsvpc77{-#i6XEzho_ouOp;r`Ez2H(wt}_Xlq8gJJmgYGLkQ6$Z@Ggs%tqc zTgfg;AdO6PeiGEOsAhkOhw!P!znfr$u0t}9K@SsX$$6>n!6n&AuJI#Wmf`xkB&S;y zS$*AL_{f@0!v#|4$sL^L2_>MA$1U_NgBee%CoXqh=r}5Z__Tz$)Og=4@Ty+MrReK_ zg^EaZrX~1}hkkong40K(G;T2pC|(s${*dp9dq^Hi%cY7=C4Abq-$kP?V?Y`+^S;MG z7S<`e;7D?X22oQ-n=@$BO;2H{&2g8E!{D5R`)F7SQ2QH;^Z}w_U_uHSgHrjHL*d0e zFzQ|L?#u}u+(02u@$lnjG~Jcva?(9LuUi=?$#5wSF<4w?9xnd4dALZ{-F(w0&5`Cz za`{HWbb`wrx16$<>RevuvBrbbk>(7f`QRbT%Xey!L`sR#e>VsBSjIq;pgTQe+Zwu@ z7`kY>qCBdh%i+#M)1&^HtjBSpQgqnkl6iE%jU8HR4?#LIkq(E?h0Y)E-j5Pd`3fa+ z3Df-I5U0T(M%-Ax#txv7GR++~!6Pr(n7W61Ece!egjfS~FVCY*L4Kh-vj|n;RxQ9m zIpHodK2DG0-ZBnXZ)A6<&r5a2Q?b)9QvBl#y3r6CqUzj1N1<{&)h`aJ*%nLtB)Q7d zjmv6zO%Jg6V;3kU%K6SLYg*P{sC8vQb+evX?9`pOPZ6a-cn)I13a1z=0KFc{49!x? z`5lE!PrY!ri8_Jf8m}>aFcQV<;AGA-?iw;=Y&Y@>!X*^`1TuOuuHYi@W-sZr@3Os}tjV zX!*wYB2|9J+=ggqprHm)`VR=nxVwez4c~W*d!d%QR2SHIu!$<_@g*p7E9O2KGsl|hdZ8Anz>QiT z5|!$Hq1G6@-0L2U1~CWARAeWghWP#I9z8DA!&@_D#;8wo^5`^Pf3xUKSLXioxYylr zz68X&Jl;TmiuKEik1%*#C%!uy6;^W z+3+wG{9Wqq4d&vfsK(^(y59q;xCreogp?Y2*Y$h;-S>FTBY(IVOvW9)KOr8}E%l*% z#E;za+UK)aU^Lq_<=ME5y>rubpy_^)hc=;$Duf%V!Wp`iLPsbY#p%r-YJ>oKqv_%lMFF-IxW#<+NQ!yRB;Tq#W4fP$0ck` z0tQ{lOPA&i&+->I26-Q^_(Q&5iZ&O^AFhe1l0^OzvE#lbbTrB(mbFiCot#U^_aPNf zthnBn#q}?j7x|AFMR`#<|0nW7X8xVL6dXP;A5rROGMN- zw@2VxKb@%DyD^(9xAao4c5itDwrCXK2e)YK!L~)C{laxf3o1YL-`SsGq@gF!^kh&} z;5!aqOjFpOjVy4}CapMs>c%}tjW>V##@+0eYW#eog-a&Hj$K@!2SOW;DFSPrAsjtww(?M$%>|@z#b>e_Zce<79k#3TcJ=PgH&11adcV*?BcDU_4<*AP=1nHvmEr*M_0DH?+m%Nf+ z;=!bKGJ1F(olwvoQm!l23YTwt$J3GR7(l$h)!msENK3~7>%hwS!*8L_pX26nUtdqs3w#DUZaD7T zlepm-5Iu|iB~J(GFV?v$>)re#N&-4&X+eoJ(CA+ycxk+;NhE^yKf;icTrY5zf7YU4j-&R#F~i( zg#{&rB}LOn;}Y$l72|~%wNZ$jaJx{tqiVau!OqqQ`7p6lqW$rxWwl~0c3W7Qh*5Kw zRnu5{9^`FtkjvUbjpP|0c-4;Iw>>`&%PjE^t%Mfp6g#rU>voiwSOmqZa9#MW#Mi*L z5?}I1Uphle#Fy4__u=ct*Nd-(I~0$&7!%?+99z)G5ced$I>ZoblZcK=ChAVSWk|aC zJ608jI3ekUL5BEI0#R==(K}f)mg$p;qr` z;^73cKP8#aGLz_f#AS$JBJt&HVQ>7~Xn7<@BgUmH*KrySSquxW^gMpH_PQr=EW5@$LSa=ha0 z)CZwyhQ=$_Ws{$6%-=uss?mnnl1S*z!K5FOL3B&}=gEec#QdeBNpn*sQEy5b{4Zer zt0PF`VE*Tbmr8spRU&Ez<&P!WZ3%OS9UGIrLM@O)Z6ZZ{fzl$$A^ISl1G~#0Ia$gb zBPFl!09%=rHadV%S&R+K`N+ErZKXtLz-GpibYOQw3W&X8v36YFqRi`Xo_=N8^`Netn?OIzzTH{d_jC8{&Qx(` z`W?{B_udX#44NwLjK3T7*fgRVETxK{=|o2}e+TnZncn3f{W8{H#+p^kpTqPGjnDx5 z`3Y-oWjdREKEw3)jQ*PSqgd0$^fuPN#rplMak8~N8(IGdYaV6)e`Nk$=JVLkt4xP+*smDtX-#WEwHCC^PM+p&xJKuJ4OT#!Cj((gxa$4=mYl*HSkU66*4WSinXZ?Y>}937JeK{`Q7 zo>$X`x^hGtOMAp|DKBDOcCEs`$u?cN;wBaDi*z5Pw_{R~3)f|0(lkh!qhx$vq?fry zh;d5VoUza~N^~jd&!diajS(Nmq?27f(KQ<3v~$D;Z?h{;+!K>ha4zK>LpC>whS4e5 z)wi)kK7+3D;`x{qa!n9(#>&_?c-Od!#Em4u=CkR&u43^XBoC~tK@2708zrqmDNPh@ zM@gR}@UUT$_%TW1N1{IcJl7=g3QK4quFa6<98Eqi6YpgF#5Gl{BuQK*mL%T*X`7Nx zOa7B{x@g4uo_zj%)a|YrqLU=?BhSm}ce-YZUMUT381ew5t5~AG@-U>2rQ}&VYP*;% z{>suO&xNC0kiJtGwSqaql}|P|d8if45lJjvA&yRX+*K;_q~zHi{~K4in60GhG?Gq$ z^3FsN+;(ArD(OPDvO`IyrI633mGm;l_kogpUc%f(GQOiY+*l<=In|X)x|37g ztfVvIDBPJ!8pkELT}d~y%}13~noK_TE9nbvk#tj-a{E`#Q4XG{k#sNTVWyJqy`8>hr32eS93i)prq%yj$TpHGRD4EQZi$iB{II{9K$3f&E>MLQ3ENyhgir)7+it{F=4RVe8lPD_)LHgj7#LrJT-y)GaRC7r`o_9-c!({eybo$NDvvW(rqqtpx~Rk3uUk{;mlJWWYoGj_F-?qTVdN-AQT zFDq#{=k_ZlJ(q){#A1P@l*U?TTb@OPmS4lT> zDg8xB*RhpEdYpjxwsWnFQ_`h8?k-SLn8U47(ifbv^OY23>1RsX%DwSPCH;z}KPl-n zmR!?hd>x$5(Mqc2dMH;?K9^^slCn8vo0Q}oL-oE*N&7i}yOi__`+QSL@3GDAl+?)5 z@MC1`m$A?3N-E|4eu9#wa64P4q?5V+u2ND0j~e$Y>0K_RKPYJ`m&D(cbUIrZG+oB` z0Jp3XB_(ieE>+TCmQGR91TL2?O3G&|cPQykJofxnNq2MJKT*>AJccCTffm)~R!()k zl5XdbXugu3;c!7ERdX9WPf7E+3uD@ZkWbD6V>=-3o$l>ah z^hdV2R!Pg*=aovjm#y3v+?3yobS5k)eb4ag{gjMB%xUXCb1QuQ_#l`>AwNT`< zbeY&}>c(O*M@bi(Zexj9rlj?`2}X@*CkZ8gy_sRuiini3b{h(5eM}l*)QK}$I*WHw z%fy8&(OU6nW0`oIrOU*IoC(Hp;-4{Wl5xCKda-+@z%R6q0V267sMN z(mgS0h0!b?VoBy9Af8}J<{=#$Tg7}OQL5WSkbTNjuM%BS;#98^ zDHUWzrn*x!D{08!DkCiRONsNahP>gk$3?mAmneqQBm|7g>~u>?q*B@-&a32bT6TQ1 zu|c#~k#vs8jt?3eMITFhfSqFWiO*uvdgCn7HdlsAcb#LLC!Vb)=`!(M+BL>z@j6Qs zZl`gX*fO86O|bcdag`X1#zj(G{PV^&Vh&4tw5an{<0oPdOP7fc)800IDxO!;lR2Ll z*9l`Gf??k=HM7dtE{2eVaw!`6jd8Q6U~H4nQ=-PLVvWL1%6!1JL!7~qtfL*`8i{e4 z?GQg>X_Gj?xzpGo5*Cw9sxeL6A#!8V(Z(HOVN9B2>=fNB?a`?J-6_se()~Fu_g&&4 zB|ViJ@4g$aHIU6c+Hvt2?t4VDlI9GZWZWyRP!jdc`@{`OqF#KTxJOCtuzA1uSV={& z@=H-zBW-5F$^)X2r87lE&d06?MMzXf<%#!R!&x$W%(j?JS|y%EMkUgCzXC zBK3e5#Dgr!9{zjrI!jlG@|3CW--|iR$S1|%!gHJxSb9rK!Y=ubVuh08un730cvDJo z)g!k<`jf(zndI{mg2$W>yk+$sU7`h zBt3;HWB)tY&yHjrnr}wxc=j+*PZlgc7O#s-y!2agXMqkxWh~PFyIF*OjuQ#XkA^b` zO)N+tx{>vge~(i_R2QRD32hlf=`jacK6OrmL+oRp6jm2AOhP~K5S4ttMpr&5C6-N@ zDrsMadM=y7zT>61er{6UUydWqqAb!BCXi+pr*;wNMbhhR>9m(j)nJNiDySyH@fOv^ zxA5-}UvtV&$RYh^_G70XWs?3V&esqw0lQ^cJJ)7XdM;s~uMZ{v9;T9)mZj!UYoyV| z7s!P}{3AujGo|rdw%@0>+rO1l`(Lp$ES@kJiSq{uJ#m z*;B!jev=j&-KY&0k&HHNB5TgqO482(ztejO=&Na4wX3!H>9=Y@?Tb;jYcmknlh9*7 zq207X&5A?q}juK~z4ekQ`C=}6jaR%rxaUtj^u>%xOXhBQFi%kE*)afa}6Z@f{la($5)vA^e+TvC8yp!+qrq?%lqBg6?N(9!>llrYo8DG2O=0gVErhczH@-tQaD? z#UtW9@wFJL&D5&2C0f1KrS+gCzofmYeXFJF!}Jk)K>wNkp#G%(y8f>IweE4GJBB(; zM}cFK!;MkYgV8n)HgPipcXDpU4{Ghe`);@4F2v6<&in%Pe+OF2PP`XzCq|&VuvW`X zUEmhto6$tyNLvE>ZT2$I*V0b{y<`;WrJtMQ1K<~>5nV8d=#wVV8(l=#8brSsPE_O) zT{n#AYaXI!Ff~RH|9Cpl<)ew7%KDW|KWA%yc9Z`645D!y%W6hnXSA8)Iwh6R0Mms` zw=kW`KBsdEk74^yv9-Od*~ff2`}_&p|4ybPi>&>O`JJr4n(btBYJHsRRYSv`oR|1~);k6he=l1*Cyw|+PRS1TQ<+SfuefBsVapG&&3oCWD}m5ASbr_2 z^LL!)dgjxaU%@^XaN3;N2L3exJksi1Qxe{NBWVE?{&5hYhpF&9y(D>BF3!e=`3|rjyu@$+0}jrF1ms zuWlfLnEg@g=_Nzj(rBl+sEj`TmmVahT%+0INk}2 ze#CWsKgacFuG1UX+D@+Vy{uovWwMx4crk01u>Fag>tC^*HJr8!Ijqhp+|2QgXU&OR zw(D8b$mlD~U&8t~+0P2rJizEp<|>px{b1_XH<=;OtQ4YBW2ZNn-7)=pBgp^Ak?Y(# z#wiCznxUXNW)c@@E^c_~_@Svd&}o=yuph$cqu~}|BKTPtfiyh#Oa@E<{1IH5Ob9-7Kt&Si}Aj$j=wcy6_`rT{I$29rNC?pv{O!$Gxv*pe?Yii&j|GMH}qtA_z;m zSOpupSdGxQ0fBHjey^Nv$#uf7E<*5yyU4(GaS9L}H-JN+5lA}bfe2_1{^_{+dMfCt zVjbvOu^x0C&arg7E!7LU9%oCsI307m4(-{X8^yVxy;uk8q7O5x4j-FA&k&b@o{5#A zF3!TdtHbx@py!AyLC?inQ5WZ7_SF&cTF?u`R?rKv($mF7n2&W>xe4@QaSP}rm|JwQ z1v85di$4dw6f=tsyLW=(t`F$t;$F}z#QmUGV*RO$tHiHBuNDu3UL$sa{sb#h9d8yt z4tlNlHRyG?g{LF#r$M)gXF#tP&w*~oEju0QcmecA@e=4w;`g98i-=BF6 z^j7f(=nkq0rVxT*mdzcQ3CpVF$we!VhZTXSiNH(DW-$IDrSP> z)CTl5tmk$7k%w~7H*nuk7jNSIFq~M3YS8^+0q9$}0j!I+#S+kW#Ic~Ci(1fsh-IJ$ z#POg}>;iP;{6x@X?Ih4iS_9}YnjdtQ)&yFu1wa>Qt=eF5v0jAr#}>T=^iq8i=#TX& zpjYVAK(ErLgI=T0L{D9WR=)*zHv6*HzR?4#Wk?JoI}rYLum;q*m^ z#`+wC*XM{QU($~d$2fj5+R|Bmk8vbmA1XgsiHUV-^bTGcMx-qC`Mc5I9@5SfUu#!` zr+@d0FLm6~lK~of3h@yQJw?(fmQIOuN~Kc>ki1BzSUM$2i4eewrBfoELWC!!bV{UC zI8j=WPO)@Kq*FLa29QpvbP6X+rF06X$l%f`mQJa33a3g;I>pi{l}_O_iAkqeI;GO7 zl1?G=N%@mbv2;qMQ&=W3=@d(+R614CDJ+*>q*E-NQt1>{NK87#(kZNzO6e3!XQFhf zq*GWWy-256I#tT4EaK!&DJG{>Iz^={RaLT6QdB}%;UsoSr%GpKOT;z?4PEU_t4l1}MVshlR2(kYfssdNg_ zL}0U2I)!D@r*sO-r6iqV=@eE-rF4p=Q&`E$V&xP~Bb#{RflW_jr*INGMdi{#dxMu^ z>69o3tq;ng5{XTc(qwi@rBgVSr9w19_^g=1PSI59phVAjVW(I+MP)3NN~frt zrJ@RUCQ7Fm?G)ikC$dviE~TlJq%4}oPN{NASt_nzr=+NgycAE74jL$=DspC2b~fRU zJk4rtXpmfaC>%JwXktU5sIKhn=?H}VjqQPzMWQqu_OGi6h1$U{4fvavbhfXn?ecd* zv^;i)!jP6#cXpQ)i-v~UZhv>MiNjTQ2D|Ilbp>jJrv+wCEt*y=W&~$VYG{BvH_%<$ z-X1zN&|Hpm)P#ba-H}<%4Gl$;L~EeCVOd?(R8bY|Y_1B1Bi-d~{;e4M|%Cr}j*bucnxQK-46Jupkms0jzx_`3tu9bN5#jzA|RE!0^N z==KNO@!R$kQz>#9Y^q$_9q4QhG?%ijd|f!$-hQyQvb!x9>N;4v5GFeZ2A}8eZ0%{E z@9zi=)Gu1+@9gl02P(@~tzOm{YzYRMtD6J#H@UjnBJ3lAl*;5R3Pzd&?d|@~K&U6O z$lu)-=%6C@x7V)gXbiPSq%WC~ns6Xu<+Caj?oeQDPnT5!?Wmg2sY-uvPRls|1M(zQ zhvrG@56Y8L{s#$`zP=~H54x?)#XbnDjOD-*48x;SF@ygaUDmz0Dol7-|Ux(2y`{INwzlF*@ni; z>bf?+zf-dFf?o1O)^-U=4-$hl2yu9Nj=oAQWy5`eR*}LzjiRLLH%& zSifbZ>YnAW+l&CEjiGR`HP}hr51kT&hwQHyJya$;8j;-2)(VtunDXv#U*r$3?)TNW zt~(GZM_FNIh=)AL7(-33Y5Zv{V$RtfwuA!de*UZ0&BFwYs69 z%-^&csi+DD+M$=@s5R6cf=3$s9bJKN1T`Y&Vt6R+Y%cBU!jLF1a0J3-p&qa_Tr0LS z&>iWfCKHyKuJZ>M21G5!%z&61=&lK(!D9kh8fXciPNlM6=)v$^8|n!|ACZpgM%+$S zuEp^fgXM7l12cgv^0q)Yv^o$F81Wi|%}X)!c#g zL9Lk$IS|zq!AMsqLb(ygh1xOjf}t$Zc+9ac4uL6eC)&`-)E{XI1}h^?{w`z?I>quN zMe`vCt3{E*L_|vS{b;wAP}YO?6%+jJQm}@a{sa|B7O`{oL|d@6troo~)QZefb@dCF zJUh^4p{{HWV#Y3`Ie;=n({%uytf-*@H4654v{_1abEpUKu{|M{PGPq+5(#uPwy#@+ z8MGNAQ)xF|4sGm#kIIh5Kr>CCF->`>qYGsf=J5cAZP2pLH5ejVf)qbZ|NVigBW3H* zP8J4N+msc7#-7$z^4#z7pj`9=Rub!i-FE-gC;&h5&DmY#Z)!uC_6J(h7zwopx@{VC zPm~h|G=F=)x9ZM*UM4CKo)<*6ZF(MLc_=90uG?qp%jkeoX zlGMRzCAl=vHE=y;_k;dztvtmVT7P0_uI}V@+>RXo`(3$3jP`%kr^slznd9%{7)Qf}}Z ze;v9m=GZo|2y0Q+$XQ23U_`O908!R~Q+j9u7@(edkhVDxLFsTSQ~nych?Ib(e~-Vt zx)VjGH1u~_72D1e9;ae~f1ST=VUYRb{L;m`N-}eM!W})U+oZ6hy}T{BTJmKufFYJc z^{*aS!~`Ge4lee$hAkVb&|bS$I9i#}A`A1Z2u843@wemMcL-FLivk!?E?KW6kdnrK?Ey74me=#UD|97Lb0ZSoEKoL6$m3bOG&LC6A#u-7)+&^ zI)6v7U7&uKVZvg=nD#`2AH+V_a`Qxm^O~@r87Ky+AM&!cgRIb|ur9PT(A^X6tP9ch zkfXrDq=OlBI263(m$X{kBJ`Ja_)0xSlo#%9 z^OMvbh(wsBp+jy(7Y4gA15{!dhmY#W08!4D82m5`G{=@xWx?(af0vpZRKSMj!+I(U zwki))*>lxelJmYO)JbbzL`qO;7~4(~oc!6t57f>vLcE36(TY`u?@h8?NeSYm-! z)6+@4k0uoc1=_1{eCJYwZ|V*}qA)i36r4Iux+5p3YE+26$Uj;Oxuh zAk^YMRw}BQa3AJ#6RWr^Akq-VGBn^1Q&M>qCugft-Z0?wrmNlG#HS!+Q(%(8I$srJ ztXLWr`Pa%>iabTI-r#YULqt$7oy{0iSZbk@8B3t~Iow?x!4fyvETcuAV`;!9hLR?y z#DVG_`%Xs;wAO!g5njiuZe<@uH*h+S&|Ge7i37dM>6!~)9a;!pkjn|MtS8vs90=o3 ziPuZ>x;xa~Bc@swj%fx?z*xE0^1@4IEEa&4^aBCf-dLUjyf6q0wX>CL0wL!;5yBZy zn3KAo4QFv`Uqi*tEhJXK(pa->%KdP=-*#puxT5+&8Vv?iGMgMw(=rlnfc@c``eR2n zxP67iskB)LBZ_u%&~mYE#@e0)RFAAEbu4$#y32liXpIYpIYub3?ZswTJ0Ln~oP~o1 z6eb^4VqJeY6SklSc`j(8AO%hAP=TN|(h=Mb?D4raP~PpK2(~iqU6^+$ZtVW8sIlK~ z?F?aD?N_PQshqGwUA2Mm8tjl`AuO1N2-+&eaJjj_phOdTL}1pY9?t_^#JE+34neJ?4j4cC&qxQ< z2f{CeJ$ZnE3Anp0f-UXDh6WtjM#Q3EQ#cd}wR9KoW)lmibrGmJ;*dJ5ndfhB;ZvG{ z>Vwa47_AR3#YqrmENKJtMC;mts@kqV6BgVOmnmz zoH28T7W4X}-#=2_5$deQ`m5;>Xw~Wgwb~!3y31clNAa}7wGsjY2kC0su-ZjJ4pLiZ zrQZYFmgKg8)HdZ{W>d;#xlN%)9&0&M(7z9lb!OY(#pO{J#zThoKn?a|SgfNH$JX-Y z{w{wL_Nirob(l|ULJ`q`6DAHs!>#0&`cIWY0}Z^fSmZnr>-X~l?KqyZ#)M^fgfVbQ z%f0fDmBeAz5C=~&mPwijDIIc>;55eiV6X|xNbAVK=4s%>f$lF?PBtHuC7VTzay0zn z@lGc;irkMmCai^<C(F$^PFT?pN?0%yIDX|Sm6z(7oGl>_5}6>E9VS1BJa4JdBwur(r=ay0hH=Uf7N zd5dMcJyeHWkaPfB+ta87A#;YlK*v@+GCukEhNC`Qhlc^>Bht_H1-z@+f^$jfhhn7O`^JU4Ha!? zHx`^Alt12f6!q5&E9J9?gOsKGFzz6w^$g-5wRQY|kh)x*1s|l2owgpNx3+EvslRu~ zJ=ou>)z(~a5OU}sWb;tjxh5D6b@X^*mD!Hzpd%Na_&6zD6$FzKF+#00oDwNNOTXXaw znzC_nCLwj<=JkegxaU>_00 z9s$;ke?hhhO=2T%X|~`W+ejRX`h+l(n?XVMopAg(`*dQu0DD9MPG)JU>^12o!&~!*zsU&*f17Z3uD@A}-h;#v! zR3^Jk@InT{kek8ds2f}-C*DNDDB)Ci{h<~i>b1BM*PkG(kRm8@vP6lJNwp9Y1snnr z22MrYj_Y&<$RZU{8;23Y1{VBM#6lHD=@A)+W=(1ju4riEsXApyk=V}z$u)6-cnmHG zAA<{pvvEmx1+M6xjO)GYadj3=NQk1>K5Dpb(4F(n2sGRSWk7f5Ob zu}Lmd*OHQm)mdB03dyfCpib-CjBvVlf6(}l;Cks8z-@j@dvT|foHo`e+q#%7Kn zU5;>gH3xjBz_-V(CvgC;smlN!5Bw)3QTPsomrA#r%{k&s&GP2fJsc1!6%d?aDbML5 z$?fz=KV-_`ktQ8UNFhWNj)S6y4+7n6*Wro7UpZpCz#Q59&n0vZBorw!gP$qZvK?Nx zgMzuT<0!viU_6c)P7Wp9ko75f;7JsA~)zs^PFn1i5N+GtL7hZg7Y;9755-y0r}o*m~zo~TB%9kAnYc(UA7 z3dm#XaH}*>K^{+>K$f9S@_6yntCI61;V*ts_H#sb4%Lq7KyE#rVeUkaC)ttgLR6`z zc(PTdImh6Gnv3g?^X+lrj~ey87iT&V!jtSmyQEf->NYqM3NO=>;C6YkIX0>Yx1Q{% zOmV~-N(a*5h7S+oq%wEu*)AhRqjaJDxKi9+P6`z<2c#=U>Sj+a$+5XehwON;16E?vl7 zaLyCYtgZXW#0T#iI(@Ksd-{QU@BVn2=yqmIzU7@~UhQpg?oB@Xlx07=^x_>y|M|Pr zy}$bT^jne+-16`ZBimPPp5k5jlH=<^^Hz60G_wBeo2Smr>HOO%&t7_?e}?$wKLURk z{@eY}y!T~O;nUl4OV3=kb=aq)pFKKj&#US0+*Dd}Ot$OQM_$aI`i%3tC=wWrrXWGM zJM83iX?@ohXnp7Yz;?30n!ozDn6amw<4oJVi*crUN<6a|zv7I4!rS zxqeWxa(J*9mlxx&GUG)uvmMAYDhPSSD2ZHUW0a))(CnaL48R1&c^&QHX$&IesfO}Y zBlA>4c^6hTq&G~14j)EsA2%AGY&32U*PzSkLDdkMNMr_)8u%XWq+9qNdYO?v_+=kW z)ajYWhfLr(l#YF{0MUxAQ@dqz7F`=XYVoCnA;%U>G zrxi|XX_?$qSkg3k@;$N&aaq{^CF&&{Trd4oKHyzc4AUlsrH#e)|D` zZqQXxS+;C0E0AlH92K+>i#1XGy(L#bg{dBiSVzP8KXf@*EZ4+RxZ)19#O*n=Gt_NHtOti?u+yZIU=xof=w#6hwV3O0@yu*e2k-c6D0rntIQf~h z!22gc%)qUy)q(J=M6YSi@T=N1TX0g^i7K8s@_Vy1l7k>nH&Xep1hAKZ6&S%sj2~~} z>8BZ3i^D-=a81xpnKb>8j&UaLTwyKGVQX!tw-x4%?aP*4|f`V-~u*1mhTTcV*=$@7S{x;ydch)5GzP=a^{7m z@0_<6u5J7Mci*1l8`H4ov;CWY`j4_PtM>2NwRY*6iliJu4`t-+t4c+zV!j`X}@?Ey=&0hpQ z4S)CEWv8EA_x`Fuf!f-IuV3}>?QM>@UDsDkd45rSLd)w*ZlLBkUVr==p)IPRZry|L zPw&U~YC`0P8f`khN8y`_cY#u`k$Q`!Sd4O))>hQkKbn5Q?G-oAzcKOh`$LZz-;#|9 z4HM|rO$&CtkqM#3RTI9q!A!7C>f>>%C*Y3+zTbC2S2M2l&MPgRG+C&4FBq-jMc#%k zd~@s1He>8Ou;c!@E0KQda~kocB@J}jZT^I4K)` zLA3wVO9=ja)&JDz+s|H(M*sP5Tc;HD%4EH-QYWA~H<#!>e82y*OF{43y*MZweWZ4F zv={u6C{_&gfl2)8+c$(C^7(Y@-=op*e*NXvb$vVcB2j-im*kF@&Yh;8ygS+}{;~_X z`|gu3cTLyC-l*fiU)cXAUv8bYoBWH9pPc!J!B0jXe{$v~u{#=dNB7}R4t^JXXWz_~ z?!D1IL{0LiUqYUOQ$vu9h}f0v8Q<=Sj%(S6iLdhtyb(S3<Br6;N}>bCsMCjY(BO%m3D9pgLK}`OPwbAG|(RUOlQ}BLNrZkok zg&yqu^I*lHvMgiJ9l&NwoT`8Cr_t!^z1+-CXKnAk=$Dj>T#~34M5CI$yhtJQF1i0U zN`*zO@xRUB|FMRssmwk!b-k>TbO4%+<{XX2`eL8fhYAwC>NCJAYK%V6+1do!{P%ul zlW!RT{BT6JT`KER!|EgCNC_M%f&cju;CbnPKAIyj94Ub#C2*t! zj+DTW5;#%K&2bFLDwDUUu5zE{dfEza9w7#JL9d_#NnjT<*&zpjv&btTgY)RE7T5;#%< zM@ryG3H)y>0Xnzr#psL=KQrNj(<9_a2^=YbBPDQ93H)1w((D1gal=gD_jSM7kI|;# zwE++wAAZmC<%7J%#Qqg79{&q_n-F~_zH|{|DqJ}HkvM*B9y-$@Pp;QR3S!$bT*6!_h5N~wS)f!~eBwJdyJ#&-g~bZ5r^NS6@E&q#a|@lBXM zPs8QvY;A-#O*7^U)9BuH*-%`!)P`uz3fw?W{6H(w9NxZ^qc)`!Yp#zp{GBjYRD&`1 zP5M!qHb_goRiCOklQgrh&snmm&pAa)+@X&pO`4XgkI~$B=~d*3-G zxpN|P$Km(B8$c^jcC{$EC1NrELil2o;}YOPJna1R0Oj~0-6@ui&j3fIl!%uN;h~F|VgoTCp4R?*-ndykVmo$$ zIa|T$vhq;@3lR<*gkO99|1;^7zeR7^J`T3&&7uA>orpY5;c_Yv#i9sO5&lhv2KO@Y zS%H@Xa9a{3A>Z2RM9SN3IsNz3RDklN_l~H47r^#Hq^XsyQu%bDE~sW(F)H9)9{jes z`EQhE0eqLTb<<{rUh|>Xap+y9Fn(X2-gd%GR8Y#>66KRx6Xne+E0Sbw{#WuiAHVsp zVdS8efL|^|y>{D5?{Mwp7f5XZ{8XYPT5U$Qsk2Zk2irQhMoYK`sTND{-qB81id|i7t{@!ucdA;s!XC!VaJi`?&Jj3z+Hixe1dU^?#3g?Ei!Ws2*o}@J!Br>ZK ztHmQp8;jx#;|#|#r;)BNt1U_|OeMjS?mZqqWQ-qPz;AICr4%NS(w**J8feDvhcp-E z6b>hiH~sK0Milu9#}e*H&$YiA(Ht;qgZL4#&Q`Ogywof%#GgmV$x6f@K)`S57fmgh zHgU=c5Q`v|D6z2ne{f_TRf8iP0NP9t{?i^=m$*611tDk{I<8SYOIzDpu*Gum9 zjvQLB^3o~FZ5`J2W{O& z?@ktGlZPZ{rgP9a7k<+^>fsM>Zyxi~s9UDr_uR7Ij(MiAhTv3Zb>Z9_D+|m2S9jMP z)kL$tAql+-A{_!q7qSU0^p3rVPmj@HbiIj8%jgK*#6g(8H$IHlEkrBUtEiuf}5?^wRBv=e5 zy-1J&NKrA~0j>88Ys?=~%T}T3F3ymdUw3_|Mzb<9Tw{D)(L4X}O`}@|zF`0p!$-xT zw_4-mfgCgipk(&prge&ID;SES+T=-u}r#rlvpvt`0awpi4=!=D>@Ob)8y zUgme3dzb4&G~A2G9Bk8ke-Wj#R5Dp{uo%6iF~$`yw?~%NYK~>-)%lb~s$;!Cwo&+aHALBvUUaqlSEOt^Vn4*Cc(sEfa0=)qy9M$s=_Q*3WcKNl!f5zN?+@- zc6?8#pbhh+L9+Z)jdsgt8wMz<{VL}S{>o){@}_dV(#P}5CEY-4nU)b+kVIsK|pq^hy=HykvIRxK?)D~ zJsd!YZ~y_}0GxBTKCSvNa!D2sdfvn{>PgqkS0Crg(clzwpEftVd5;{;0mIasX{O~F zmUC}o8l?GzZpt7pYnOjUx)-T2aGoyM;avD7oBbzCvoTkvU99>?GmlnKA80Opc|*J; zgsSvKs#&KE2ide!zeP&(9d3I% z$OK)_wP%nRP)k{PGeSZ4>_l(@M)V!s!(8UThnJM+*4~JlGxF*k6Uhtl8Dmnoi?JG< zoz+Z=e0jR!bTsEnmGXGY_va0wIOYimv&lq7i4v*ft#?&6Q3I7wXlN z{bNadGJ?(Wo(^Y@)?8&MW*3O+TC9OaUs$&O)N529f9YIp1D~IuHJeCvx3CCWFkSwT z?32*)VD{_z7Pwg1kG?;m>}6Hl`ZhqE9YP6LeOR6n9T7E%}(h>`5Vzdr;c_MHp%LSVE!)Sw>Y5AsS) z5_N!v=1eh8^Ee20%dw_!Z3gNGL#%iJJHKlIf3sD13zM6F4som=mwyg@H%} z806~ZVxuuXPzXe;-^1J%#(_%~iTT5~kO-W&;H(8F>kimi15(x~)E3xTZG#&Kc1D09 zpub%P!A|3^zz$)*jdXuezaN0hA$A@P!=(YZO8_ouXOJYJ04@?x-EIy-x=-q_nj?a@ zgO|N8;uM(t5KIDOf67n)M$c}Id8u4I&C^pSBNrPkF6fAltSk1`$;^2QmQ0lj&-M;4(3fV2q^0Z8E7QzVo`25U zjAEPk)GG1VBKrO*$KZs-IgIq>18}{4tN&y%Dx23D=aUW?SKDa8Dt^>2M!wI9K{vP&8%6(bK z^bP7GO!)~xdr*8KbL!OPs%u5v`Ie1@m`qdeWBR(<4H_Mp0T$E|y6zjnIgNE59&Q~* zzRYwXhCN6;iv@sZF$L)#fV=!p1J|E2z+I#?7gqv+4(JCbq=F)8cY=73q=G!}CuOBU z(u48m&oT>u_<11=$q$2DtaC8x!fA3JojaMl*SO7pVKZ!{Y>89>i}q}hzpWGxXzaS2 z7AXy&a`#3s{a)WBa73{E*__@z?LcA%!;_M@@-#n=FOpVU-}felwa83;Ag@}E9G1%J zyU36uURNk{X0B%Wx9g$l{EM%5 z6q6el+-yG<)ph-y0yfTd);p<#3d};XU&``ifNB3(9rq444b&=q8`l1AOb|vbcX1ge6-TK zqf51+8SBTdUtt|T1zLj*$7XFi5B87nc-%sNPbLE4{cj3lI zkHWQ&>MNj7veFXTQc~Iy;9hx}$RE`~cUNZ&?s*{rCWZ7k1^hnFGIReNfL%TQA;wRfF`J~?FjMDrZhKiHYUti6VLn6Ktt z^m`1U(neN2a3!0gzcQoZ*X|SbrZAeBx-9;%mKOZN9YalxJEJxc-}u@WyNmMe(C4+U zUzC-fBg@BZj5~0u!WkUrZG)!D2AkQwL@UE)H`woH*PiI`uAs#8ne`q%(bAPxc9=FV z`@ml5z?<4(5?HM(Dg}A5Tk?|54_@##7$NF9KO@mUsr$Ej3p4Q!1YxuQ^>!0b%HK?1P$(oN zIYLu1tb-)Vc=qCFqqe--PYQ8M*W2{ZrZsF7%M=V5|WcKPat@5$HGn{KpCdQa=c zVN-=)OR(1a20l;Ubn}ssfh+obVOj4>lqy=DQd-APiYyB^^u`)X4J|HUGGBX=#D7^U zlbmy1s4H7e<-Ow0_yk^;WjI&|W;g{c_c*4~_A$71>WE zCg*FrZ<~G-a_ro1QTj-lj#jBE*7UTPIR32F-60azkAacPY(3_1i`cU0nT&Ky%4O+T z08j1>IzF>)5rPUQwk1M9eluAAJtD-G;{*5Sl>=2oq?D|T4AJq)d@o89i~q1&{yR@~ zgPX24a8IlPd}f_FZE5w4>m_$TW5#C%)Fk+`YqOy)*aOzB%~Q5b0e4lL#4SFt92JHk zdDS^NE^|MoVonIP1T*dj!l2ZdTRV#e17rWs(b)~bsXg)-Y z8u{s!K6z4g45iHbAg;3Mj2@+T2(6mJ#n%pX`J|0-s+6Ff_1cCGElaC?S4qhX`1Q6u z)mzY0P5dPV|3laGZ=vANz8vei_&)E1olBqcr9_JtkFT(`{C}O^4n_Xq^kgMaQvWWe z_a}9O)H|2x=fEsr-(Vn#!6gH@i@##uI6!&Z|AFiq`KK<{5R3Uvy)_MwBEU50#9hz+ z1@28u=K7O+6aVT${Ikg4a&L;aF-Pbo+Q!mVao$kntZM{5ugZ_tyO)p;pO8)5*jzRB zUka5xf@D+Wn*P-HSF%u>sv`YU-Jz$G)Y1e@-ys*yzR42^LaF1y_To6dL}H@Eivf2NB{WMuiWeC!Apy61=Ok0`E}VG zB`}T1dsPvc{AhTU;FQD6@?w3sy_q0Gh@`w}K%Vza@>quR`)X_p_jFwuq(68iqP4fD zuy-yj^3%AYH`S=6Uphaf?W;0F9E2o%@d>we_X@m$ z>nfzWE&pJqt!of}$ESyT@!nZdo`^Nh^J2#G6&A1B=}a<0&iN`*zD<|-aA8bJl1X%_ z0bwl6x7>bP|CPwS@*6{`6@?mk9Z%TR^~R#Vie0(3#|apC;D^GF+Miy^h(&Nd;wv?) zDtWD?lxFDtg3#Y;^2T+*COJo!Ybf(-j!Ky8 zS!K8k4`t0O*`WdJiz9w97$yQ9@)(q4!FQ`5_g*3V@6m}o0c!BpD9Fjg>7ft~C<{p~ z?3d`X@Xki5KvCGUJL(fLA@1q9pf-k!$PfRA@oLwbDKaqMBpJz@=h?;pKO4gj{wD`W zNh1NY`OX3Kj{`s;=v=;Q3?SKrks=Xbs0ZeE-Ku~nrc#3+5D4#M2q=J3Y<=I;_5Fkw zb5DsU$nLrvLVOjyBU%vID$iq-sb{MTT1O)-5ws7dh3N+z2b#U98L|q*76N) zf8EgWtkg{Hjv5vU_qEr6aC;DAW`UC2^TT8-|9s)Ra6bDdDqWhJm z@H@RonM^g{C1m8T;1Wiv%$(02;}(8eegC$?#70qN6Jx%* zf=--&*Rc;B1xmufvQ0O7?sfS>cp{ypE}6JpE&VEPNngw2{|Ceb*3kd} diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Json.dll b/Modules/AzBobbyTables/3.1.3/dependencies/System.Text.Json.dll deleted file mode 100644 index fe2154a3bf3a7658f106424bf00f672620b14e67..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 293240 zcmdSC37lM2l|TOay;tv5y{hW&>gulQB}sKcI$Ub$BwZ}sVGAHzWDNnj!;*k3CJF`J zpqNg_fQq96E{HgcI*KC7IPQqzh~T)7ON4R9h|6yrbrfe@$0hu}-*fM)dR1MW1P!16 z|Cdj?-d)c<_uO;OJ@?%6?mK4OQhqqik{H!z28NRA^+2y0@ zbgyJK;UI+H>RKs0Zn@O8HiUWm z^BlIUc%)n$@lzu4(d#b1;X1@$f1>FZ`wG0H|AsAV^XT-<^mC9XxB*8&<`g_5|JGu- zMyD@-ehmeQD{&TB8|IZeK2lABZy{arkGR=Z%-VUdZN2F)9ach8Eo;$;YyIjdz(xOe znzX$=me^{gWd+67XOJseL#u3SH7a*lRz{&&uk1S`6?=tU>X3g>A$rPNh3M??vcE6w;Cf7wxgC@OD~nugY!y{48$5WV(Ktfd9PDmp=;%BsU|;;V4)5-s2m~B z;yc@6?Evd2BI7LkU^}#R$&vmhBqmt=8@l+iCcGQPM+Q10EyOxqwT87m=#~#Qs5=eR z-6qssbtH>A#T`39YImfPTd^w!eo}^J`jz3HyUx=2!M%b zq!x|5DjNAfH1eZpsOOEhw1G6H%w8o4tXxj!2DZ8TCyMF3nBjocoMJP?h1JsNo`8tF?%pgk`d zc_12zbw-LE8I5d;M&1{V{304Ts4D{CoM`0UXynOg=otH-=Ux-HXnMkopG;(S* z@{(xe%hAX|JrMxUiAElYMzYyRu~Vaw*G3~>h(vpisc5cPmI@DD1QhSyabM`DN zDrgWT^(=yD$$*YmQYSHEi7r}Pp=;i@rFeW8(m7LHYqP5yYZ;yZm}zc;kb)jdoeW?h zzQ1#FE0fa)H!u}!La@%%>U0=ZP&5KtH{?v}-d=%q`cx)MS4>Z!AC!u1bFjFSidpCq z8-X9N$w=eXdgD&T$#-`+wmJbT`|}O5<*>Zi(k>t!rGNtbSaIb{H6J=o97rR`F37G{q&H-!uiQL zsq?9No$h*_utKg~1&)PlU537bBp3^5cy1+S_uopS<`@ehP6b|%tzLyTlfEu@+mdhvgpyf5<7Z=~Ug@1Ly&DOnbJ(p z{tN(5Y#B4o^AKc*DG4(Ehu%V>i$ET~_Lx^tx6|u+LN2%j&$BhCj9@AWndozfW0DW++=b;b$ z$2yk_=;^b;bGxu<84~rrb_G)Jk*J{LOkcTBzM$$%W5;w&?Ml=Vq-|&V&U(Uo*$YTd zaI{-ohR#ZWc)VDnA$U9&bsa&&R`;UDEo?o4(H6-k8n$}(g84+lR{wyrfCLVibVmXg+r!qkEbEeC3Xzg?QPRkqQ`Qir6PpGCy0+; z_kIZl1S>m$f7;@~yB)1x?iZQnmB-NcT#~DFmkehU!sWRv~R-YpSD&B|~uE z4#Ac4NbU@izY``$Tj|!V6uLF2ppZ#=h00+muTUCYj?ieKRP_pLMpt=YheMpg#yPTv zZ;%A5I-aCBU6!w=(P8y4ho{kv>==>Agh+h19THiCL^edC7f6(*X#BGJ@i%IotML45 z@#rH3b6L+XbWa-W)eP{>`lW+1-r|*mjx+l>ki(FAV3o-^MlxQ05>@h(Nvt9(d)PN@3tQjfEp6-L&f{svtQP{)26QcCyG9|0)SNm6(*Dct{byQKB+Du~e~ zyx(AOO#TLggNBL2Vm=r*=HxbjcRk?dPj1N5*5+7PV`=)#IJ4hlw>u9{xO@8aTy$o4 zGwH~tBwebC^2{tpOEYWha5rY+){Q!QYvHJ^8z+Z%zTu5Xg3j=>82I1uE)O_Q)ODb{ zH*-CHXI_Ax8`7}u! zhVk*{By?H&Oq%tuZvXshmgCJpx2R(S`62K^Y_xr`&+0rV#KpA^#U3F`c(arM71BgY zPLZfmsv8`s=WN9B8R!cxOM>;1dx|`TDdg^OJR*vZcB!8!EpjiS%+XmV~0q2lKw#nG` z0vG&cY_T8&-t>p46wiTtREX8Tv*1VSpzU%_twU18@}SvG6_Bcf2dIzj$Tv3q3sIgQ zM`JMK|0xqtBph+RU)a38Q|@W3DIwj0flydKSSPeD0dqEY?SH7-!lCD5$XSfzwrtpstagq%B5g*x}R1A?6Tj_ zp}U!#=CCHmS)b=jo@WyN8vtm!K;C~ah%FR?SX(T$RD$d|4VCp8pJc*`k%ad$;bbZN zb_SP4@?OUTj77cnjZ8Q=l5hn43h73OgZMh@e4-$ToMVF&!%+!4^6Tm3-gf}yx5=pp) z2~{K*s+V@~IIkYNhKH8**rjS1v1DnZNE{W=43vK660!xJXfjBc!sc- zsY?)x*6XHuA)4YB^|bsYlDCc0$mD5@ww7T~47dr%%(w200rFvjmS+3 z2xw47=7M~I5IigZt+IUqE#*fQR93T`k12>84DB!QTO3oE=bkC4{Pi$zkM<%Iz%WJ}^Tk7VSuNO%P#_vE`y>#j&@RplVx@GAL zO4F(r6=Mx<4@#RI8W%;gJmDIR$WdcB*6L>GAvrBRc~^2F)W&e9uCgQG8v* zTk$O|Q79&`&o;2J3?c3*pxhqz*z}vZIO#?FVjh!VLsfe@aFA6toSNXRm@GnQ)^d7z ziV&2Kc6Nb%wKYwrl-yqR3T7>%Mb)#X?*(v}qFzaOkbVZ}s}L&E_=(0CtnJ}h;tXQ-|9{WD> z3&?k_#jh=AB6STiaOEf?sJ)9|TMB%JDyHl6cq6FYhXT6S*;r3Zx}9?4wf7*|mEL24 zdp!!4Pqnu{7hBfZYwo(or_A)LK5 zxO1Jlh)L1ubu%sJdu8eS?AjYh-i*4EB^$D8o4TSU0hWKzmX`nA%$Xoi@w0Yc@64U3 zJ@9|ho9hh@m-!cvk7B9*-4i-Dn40b1u zx`~}Q!&ZmksT*~aDJAS3po5j=Bi{7s99}{DNLt%b!L) zOqV0PnSVeZwgJ*F0jbi3{ab#rklHw@DV<9>h16uaH15W$aXXux2_@ zNFn?r!W$>kR11+XnNAp@{u=3H59-D!2gZTxNPAoj#Bz*H7x7aEn{>;t!lqzDmNPZ# z<16+K<3zWtP@NQ8TwS6E9`Tmc6xp-&3jm>t%Dmho#g}@nFXbTU>12n(sQb|Z>EYylM{j1fCG|MySHe& z3E@tSmikB3q8vvlY2TLi*F!&d%zX@Gc!+O6~`&LV3#R4Pc+a@3fd{(tESz!ob9VLnkn|CyKFhzANUrntHWH$ zR}IPoN8a+(r{1YdDw{0z$>DXz)yLjxee9jgB(pJ>F117(i1);M5^6VuG|$TOt7Exr zP#UnEo>(rU55(o*Kc)uJr)-cY7aBR)bWge=PZH*o96K4!Kab!ExzMJs!Z4mNOwtAs z7MD7PaCBG~5|LrRNFhf?p`$ShBm_ib0R4cE)i~WjDT;&gy5_7!7x3sO5ss9L^Zpzx zE7zhH?Gz=Ni+dcTKy44YY!gs#LvM=-mxkRE4`eY!L#m&Nn&%+zEd<-jyTyjpTRAG( z)6qOB1Pe|KLA)n!kW9zX@ISJxxU1d~w&_}zqs`I+Z7z9wZN__?9yh13&IIM|4Eda7 ztj65L`h3yNt;Z>`9z(WSKA>&hvtMmi4rrV2oZsd-?B_X6{Tw}@Z9M=cC_Hy!5~G>*M?)BtQdy z=5YDvHn^MzT%bf+)_HY2NRz{!Nj%<5Jo*|m2|$w@C$K35E_?bIFt|7tHh&hj18r&Y zbY->{nCdP_=g7ftD9Ymy+;5`bHh2|^tKe4Vs0Xl1z}b1i9D>#ljP;sA{9vzmM)1Qr z3_?WldvhE7J{sc3;zB@OPtPgreW(K;K>UWk1(2(G>i5hoK+*`Tw-rSMx=?3hm^dx=QWwBYKLTAD5 zB5$Sf8UDerKvl{*8-G*yy99qlxAteKZP@*&m2Atc{V5uSXP2w0lA+Zpv=vdNMeU{< zOkKBD1`}GAjF)AECjcqV(WKCprFkBu6(E4ZYfQD2nhF6uuUJ+gJ&I z&}qd!w-(P+@mIRR?twcaaV}lu8l;;waBg~p=5?$~Cm6I#Yg~+ytmK_t#C3HCm3 z#csp%g`8Qx#}|60BE@8nYFKwVTg3G~`)eX$>b zG1j8}T#&=@PA)xu3=-hQ@Gu&Mn;tw45!gaklYDiRS9a;0mB>$~L6=OdPyG>X^my1{ z_Nf@=DR*UYJaeh>Ut(%y-2Uq2ZeGEw9J?J><5two_;K|YRCE=0{Mop`LQ@}On?X+? zy0L(kqI+006OStfVk$vkiFhV4i^EZOGBwV#*Ni(*9W&_ZHX7(9*|I?oKH5YtiH@Ew z)ds7x?tn%x)j%-iYXmc?gtUrYCq{v1NIsczfpdPcEkO8rf$b;$9(7zzHrfS<%=pWY7J@Jo$heEEhY3~p3a)&53#`&n z3lBxcT~b}_%zhIHWVM2+KFK~osy-Zv65l)Td z^z&%&!rB~cD<1B+qi_mW=$^N&crm8Pdr`N)n&PXPunS{_M5$wJ06ha4z3O=U%G`0R zS@irk5YgoEwDMzYpbLQq5eQ2o`f)@bNJd0Jstf0sJ)Ff^{KRuUPs&PkZVSA)G?Lyu zyn^Woq>Biw&*QkB!FvW1MdLGfn6-S$8pb-;L0>;??RZv|;Y$NAi`e#Xg3Y5t6w?hE zyfNP?GNjSu?t@l%A~`78>n)lhVY@JHg#K|$54R3tyBD`K29h2{O7ZN5vi=0%(_`6l zzXJ2Yyf_Ev0X*F~_yEwH^)L{ads4!EbC|lWH_MpbL1T?C^;p}PKrbz^H?W^vU!Fz! zTk2ntjIQy`h9)Y5mLgi^&4xH+Zk@`e^P1LKH%e@ppgrC1A**zfrnkJA zac6|cp9Ut5I+}f7VZ$bO979@0!*pbw$Z_fE$V+^*&Bkh(qaRfKvmq&*2}#VN-!{!n$5Eqq^5ZaE95lw40-m(Rr26X0dr zzY$u6?ew0V%O<{eF4{Bzf=pl*?-&pSf6HkxpWz>-igjnp-#EGm2o%p*xXnDoXXn$w z;4!JsdYR5upS9J;8A?uNQ?`15z-Vjw42W4qM?cC0yr+>#K9EU0pv@@be*i{3=}Zz* z@v|tG9{&jvZ1o7r;-w1pX*|>8k4YLOdusf15*FZHJzX03YFmqaz664K6ZB7JyG?tU z9*l@AKbdaRBxPOy)-0xmw36fAjO}EzJz1IKli8k9A5Ȗy{PvZn`TDgw*&Xlxf8L!@KuU+WM^zL=&?gA3KgB4~x_Y9&n^em_(5MUQd+x zfx@@LSgV|bG0YPoR0045sf9SYWPP$2mV~7fEa9D<&n9-~S3pIo&k~fcZA8UAgPBC} zIBZ1u54H|#4@Q|jLIJ{*6HLDf@#FA(FP?dm&UpX;*2#K4Q{4-CI`Bfm3|y8x^?CgC z*qG>VM27kuWO|P?Or=tJSWi74MngxzKiAvcvjRQi@dyZm(;nnLZpYocXz7@T9gENi ztP|;Dtbq9N7J~dKP-^gRXjRM_0EVXkhg{H`bM3@$~Pk%58r(_d@ZPZ`hggq#-{|2vW6&fM?i zslEbK=6);TzPaDv>CG~xWjn^7vYiQP7YY(S$Kgd7hjk(o55uT7ojBNeuw&hHj4;o0 z^3_CaPajqan0I%45=w%xoY%evph<3C!XuhO>RZk?(*7`capke{Xf~$DGx01GK2KhU z10lRz#@BC(d3HR3^htn>sgr?M(X^6vaga2Xjg4dSSeaPXoG4+wM9-hf37jCXSSiCm zi23A3BeOrfLfMX-8X&nE2cZ^Z!0#wu_@u;lo5cRu_MHm6(G$&O0 z>BZt46AoL|53ayM%QqDReP+XhnFQQ`C?_&8nZF}h{UT;Ikx9^gWDX}X@f>6= zcY{6g9Qf~I!PR8aS*=vgb-Fe;wQ~3gcT>yGXH&bUb{_}jU^oMrVBX(sI>14?h=#`# zF)drN^Pv=lz`k?z+@7bN>V)A&PqB==pdtIgFIhWJ>i|o@kHemQ7Y434?c`T?%j>G5 zM2kZ`URa-#Occ78g)WviwfRn~dW5<+@+BSl?`A&V2$TT%PTv)C8hC^I)Wzr?bV+p@ zD55?@vLFIaR!_apMAk9#0sMG;;c@Oh0K}pDKN0Sw_AH|#6=y{b?{YFt^`Im@{?B5y z+Znk6ZzkiZ%j!~2t(Q5M&d;f3nW1&OrJ%zy;K_6K_chc)ZmQ2msj}@AXTT}&&e7$e z{Y!b-c272!;J&^of2t{ey0r~CIdm1F6t~Vt6Mk4HE}V4|vox*Qhtp+_lOTA1B{7=C z+eD+O=`Wy1p87t=D_6|7qtfD<9GbPI-y+?Fj3>4})){OAgt-vuB#inM0k^HXm{rLK ztaqlVcd@A_K7Q@%Es54U%hcPv?|Ox3y|YcdOZQ!GI9hMLsdw4F>n)Ae^G&@gOufC( zWm&Xd+|+}&(7xz-P_*7Trry?l*IOQ~x53nV{=VytMC(D~$+%y=?|Lhu_0BW(uGx3J zgQNA%H}$6XT~9^p!N?|fUbpXhheYc^KahGa*mu2Rv>x;=sdqzDy>-=w`5hw1O_~72ne8p)_AEj|w(gc5xxnvP;TIF9L61G(O;I8;^Z0 zSFo8bYz!doL>9HLlOK)eo9pyP>ReNAN6W|)xw*%FgwEVnCGupLe=AHHCaK(G$Fil; zj?E;|j&I2CH-%iXJn1E;Cc}wc13RdTelRN6YvL5<>n>q2*(Dt2+4Zsa~hlD^Qs>ifwG+ zaCp=~d<5z?#-ywxK7(8X?XWBkPc+96R{MO-fqFa$CtO1tzG=9`X98<4f1 z+Cn%&Z!~;8HV=Oip}c51(GQC3$zdO&$sh^(p0?>U@_#ns(nfwy3g~`@ZkZe4FDbG_h&-k$-lbQ2#a+@n%%U|uOXPO1Z`J%565~CQZ4s@JuX`VreM+KLmM}Ja*hWp^KZ? z;A781BIrEWmd+o>7_cAj!ISiR2cGTd{CZRF7E|t}Qf@w-G3f;!mQsNSl>zYP(-|t3 zl!GoRw6x?EpkPax5GuDYPYI#Va-$UhMH5zFQac;GABb*zxdLy4sdFR z!`Su}O=>Zm64I?=$oM8^$ZleWiA~I~s)-qfG%>?=ItIFh^6et%7`GD8d5$7^vQs$g;`!C6$# zD$YG2Xd-7k5@-R7$&5=o2~BI*f#6*1mseoM)d$}gm!cPj8GfJ@nf;|od>Q8hU3t-2 zyy$>^$=SHO1lRazlPj%yn4-biywijB$GcJI^1bj-yW7AP=4UNR=o_0?PokMrygUR9 z+Osk6>gnJC3S?B{*02Q%hj);y1-@4RUySGHP^}!_u^EqGcLf?X_w{JsCd|^BP!*<-9Y2(+e zZ9qx~wcj+g0ioV#qthB5ZL~2qX2n-Y8!-#}S~@5-wQ(x@5w?Ld)!zcJ$m?{yQ*1DS zEDGlumUMJ3n|mVbKF%Ie0C7=~_92^Xyy;pzK~5kM?zGmN(!k}k)2x8FPuh??}D2&Db+<_00E*2P`x2pd<|NZp)v499lHk#nz@yJ5Twxm_>{UIR=|PWpul z*Zv12Cf+#d#`#ktd0Dl;t0NX$$8~W-T>T!U3(MAze~Btg;p#S-!TRy{N#=B$%=G&4 z*GcAuZ89%hKYqPru56RJa{V}!EWdDFo6N-e@gpVk(rUgH+a>GAVdX-_E80{{tslqQ zjm+!U{t=W$$McheatKP#)WQwCk}iM)N(@xtiwW3Y4nGA&Uv4*>xC>R7`Z#=YeN332 zVtm~JA)xGz+`-AQC4kvKrKw!FunM0E+?8XZ*N?{3&rkPwWl%JX$2J2XIO$|t~PW=HrfLZ-MtP>cJb1P*Z|m%`-Xhf&I2blK)d*LUIYpWGr9 z?ZUB}kmmMF72tR1@%1WCuu35{zs{n|bS>U*GY`_hhGHE8ESO1f!?rC-vK z|A@}#g|SU10g{e zUbda7;!{w8I58G8*kr!S!l?9PK512vz%jTf2?_S>zvFl7Bn$kXuz&>E*X4liV$oj979IfxjBv`Bj09(Ol;?fH^OABIiig)ah)U92ou#g zB8@OHog>Z&6VbURbeMR~5o4qi%{d~BFtMB?zV>$h%4I1PybQ-kVXd59p%l@dV@H4_ zIR)IVK7sKk*9-sX5uGD5{nw7fe8bh}D;gN;=1Lh5dmEx{7!;#K6pt1L5fW>7O`1@T{hnfPXdN3x5w)aW(K4k!SclAM*P^HLrb*;Bv(L6v{n> z=h&}sldqn%K#fpgEK^^>6NAsWbUNVI2w!}u4A>#OFDhWlWiy=`?esUbQ^qaIx}hfl z*b`5xT=8aIOML_F;2LH@U15MJ7OgPh@nk=}ouz1O}}v@L%e)zFIz@Yp(vKIQmU>t7H{ zl~!R#um>St6@UeYo0blJ7bO&pE+Ae``Pg%?>SVISm;G$@6e5++Q6(3eqLbFN(3Hex zdn|3*8|yLgMHiS9zHI0jlSC4yA=sJ#`^ejb<}S<-5B)BoX$!)f7dL^gKW*A#-;#dV zyRlAx(blk~t!#>3(5AOpcl;kvAKhV(<(dHLGB!Ek`;E|j`bIDA>WItxjM`VFj$Qfr z@r*y23Uj;hI%0gQ!mz`)%J{1CUF`=6oW5!V?g;wn(rVnjdN)u`mkti=!-+r$oQs1m zgup4FM&hoSg7-)QcIlzfn7tTlkfF6L?@(VS{eJ|&WURl10LGfMr_F|da3#lB2B+=h zhl(>$>R5Dvvl`bz=H$$m>(cdg8nO;)h&o%xvQ3q?Uf_U)=FVH!dJ*bvWWC1v8IiVQ zkWl@(`cf?t%9MNwrm$^q|0=N2t6yG^xCm8~GN}c!UfkdTrWcF6mi2jAE<%2r3-OS( zuiP2IC$|c&n)$+93mUTEl~)*SKL|=uo-S*}HaGVKQS8@^E`+f99tjQ{xaYnh#HBq= zGIp-D5nb@5e>F)4Gn65`NIk4hVQT(n>GSlWuJp~v9<(BmOo2+t)Ick#>0+A@%4 zjBZA^o5u1O$jldjr*Qjy=#LxMi>>-T$UK2}kl?A*;GFt4a(LBp+y{puwl4S!3`CoP z1}n47i>@>AX%zJfE30YT)BZnz5RAW{l_fJ@eXd`at719)4szsLCcm(36x;$aXdH%( z|F3ixSNl_|;nkkhbl`ZV{*xfR$|gIZDPedxWAvX)Omw2svARL5z<%K(E}V~}Ug==q z^dkZ&6?FbkHK-@0LWE0p9y%&wKairo(Y*MwkQcQUtf?XL;Oa46mkRvKm)Ytgs8hZ$ zGHJ@_-9YQuYc=Y zSWD{~0PEx2Rn``#Fk9VdaDD~nj-hIF$e)H(5$!WCisv}gNXsc)P(90le)SDHo03Qa#3a+-ORF4&9o)bi`FL)&%6y`hh_7XG8giwCdEb@&wgsOydm#~87 zS7=xg7=VhWJ7j3@$X)+0q`a0*Q&75?YP_@!4M=P;!=v!@OOFOVypedh-^rz?pZuywyJo`4n zav31U0P*iKUPZMi-B9Nzy3Q3m^>_*^uC8BK{A% z41UBdz#=3fYqHs5>CT(%CXNi%Exk;G<7h*~enY+)lMC|6(lMrpzq(9CPB^X$5=#Q3 ziwq})oDIH)RnRNBK5lT68^g^l6k{JXM9!HSUZ@)A8hkmKeWtvDeu8(0jORbx?5@Cd z`!M4r3f;+)za&|53j8z&?$mz*qc8Pha{1?V9M;L{n*x+FM6s7Qxr1l36Q8ggP^0st47R%xUZ6HD6^AZbMuD57FfQA zL^#PfyVkpb<1BHE@G0KN(;TMW03?%sZfvqAyze~~$E;r)j(GoMID!q;UlhTd-tRAN zl7sz|n%dkY`s!!GvU=7j1JDSZd>t&5P@EHTQY2)g$s)oda2U0=6K@e>ffjN}0|ttV z!3!@teh@XfI*f4|cib$irsES(rY+>bY(#J7svn1OC{=nvynKOrEf^}Hud>0`uCEFu zv=?ujYAj%oe}egi>#G&hSY3ef<|Ty}2=Tc_7;(GpQqoKt1dqmvaetyPj1M3cumfy{ z)&j_wRrN$Z_BiYw_^v0n0%O=3h?MHFL6{aGzLxKvh<6B-7V(bBWNvzq0m`=-Ah$6< zLgO<*9q6MOHz*z3)!~Ken!1Cm3%2WP(V{$eYG4dojFzVH<$xf(e0%HxbM{K3{SG}h zXeHvc906V=1Oxm+c&?xNNxe~U-Ky#eo&QVZ^Atr&WZa1%Kxz~$O|m&%@=2D&8Hz3$ zoA__^r%^Iq7#%Ie3nz}Qh!-v&U22f7i-5)0$eA(sWXw^%x}gF5R|Jk7rUvd$yuJna ziK7P-?y^?6g+wc0fmyg*Tg!w5|J@)#qe1p2osi}dk9W;JYO!JU7bB3gqBOtK zV2i9WatLx;aM6wDg0OjfjiQd7dJU$YCsQ*w)(IBZlL3s<)H27_1w zjdRqmK>&(?3d9mlz^cn_PjBQBdS&vpX(Fy=C$@F08R{X9jqf9~t;YVTd_*MDUtJ2N zvkD%d#>pnYlV*1XmFG7kK5+QGJR3HJO2%FkaU4dAo>M5VeIDc(W;MIDz{1@|E159- zw=%3b)x2Y$()}x>TQ+47(vbx}l(%QOnG48W#^t1uG@?i9{y98gqsL_H42-RQBh7&loXjinQzbkP966L%JXe!qDZ9)U# zzVkeA-*Fy>9{m3u5JS;^h%abs3(;jPNd|1f6Xv2;Dv4ca;s`>=IVX0e7tI4mCLG7h zPXGu$YzFAb#((1X7V7^BKSU_R0rN)SAub?xA+E<8a>ElN(ZoYY8-Jjlk%wMl>{_je zipYRmq?CkQq?CkQ6!a@Evg1ugt%Q~p5P~dLx=^<|0L(PLl~YQm=(M3m+M%UG^#mv{ zT?hwht(?XcGa3#LVvG*rh~Er4VwFzAo5>stJZUT}Kg*dv3)VX)gEy8%ZH47U3zSLNBM zECs6!zZpW~)0(d$ERH$h$ijf9bM9vjrU&NTcR5pT0$)~gT)LWeWaGD@2-mME7JUZS zuclVptxDPg(;_)2?B_F5cL&A@AB_Wvya}0M8u4(HL|Clnpd81MYAY=608fdqXhICa zqJ==w)rzCgZnY{sTckuYq|iJ_2HVGK)l^Zx4gu__d*W=u!pODV-<#cbZuP0yz1MYs zl~ulImDe^+Tm3Icgcn_l&8dH8Dr{DTmCf8>)Di4*=VkG{%C+tTK0ffFa`s06!M4v` z*Ef2MyAFqpp{5TD=7sJ$v+2!Gt%OyJdlHQzjGD)CS5z{(Pi1v|ComFjl(Bo^$CD}b z;E5)C=g=ZhT8tA*ZV`h@912>o8&R-x&5GVsO{j{N~FPlfdG4-r>OA-9r# zU)Am_dj2FjU`%3?JBqh9*$`5VK?Pjrs6V08rH{+loB|lz0MlUDzp|r92dHak&_y*f zB*QyVth&q_eixpjac`I=n=01sk(Ome==(`z;)o76V{H(6P6JqBrRW4;dE8=19vj5_P! zmnIp~m-}iyaU$DgyX*WZm}q3ZDfO6vA~>_NG<(8VqA%dzz4Pu_&Ai)J=UqLJY7aS; z{5vn_DdyOPgIcT@hJ``k<#1TmCIEd(6z&Vw0x$BgyqC=RA$B}1Wne>z?6$Q~T{KFK zkXsY&;j+jW;5Z+eU~yLcm9XA2J;Il@R0ljx^kph?fxW&uMuKvSJ$R(U`XKPf`I7M` zN&52I)iNZm!(R{nj>lhszcu)?@wXm-WBB7jI*7j_{z{vtZ%2zk>B{N1%X8E8{qj72 z`U~r}8{v`uFl&IgPv0Q2*fRgXLM6K31Oj>C@$j9n{012Yne_ zvXhsJqg{R%;geWtaQG-mR*5-b|a7;(r3|@scQLvDYfx*H))LW;*1sbrLw`b+D>r;#`fhH+Z+V6 z_P%P&LE5j-q;}3qh(i{>JAkSaYfx+cDh~%`IgtruPDsH_`+~NfC)$5ZX6nRG!QX9zoCISGfXkPPeko1 zx}6DBtT>l=+z>B!+rBQ5mx&>F(sE{15+d2JRG*L<%^e@r&}Z==0>xMgNAmE* zOOx0m#>xWp+aAxGRj%ojej$$$;6a)59_VDR0zT$gef}$;cn@C-0a$*xxTFo9rou`v zv53oO8`Yaf1)V_FsNbfvUZ}QU^D+aOl*JJqom+X5#2e7`Wq3Z`4M~pUER5eg>4H{R zd0H@`WAJvaR+zj^`AvY?MWuxYpF(Xck$S1be3hjXpQw;rb3NfymSUGHV=tYYs-EJa*JzaTbZT@l_V-KZuyir0clyMEnm#?Sm|n zNl$|0UjejMlL3uWJo z$Nu|=`~YoAy%_yut?M|Cn*_-;aK!q#*JY!fBz&3gHlKh%uI}|G8Ut2n9n% zT=6hj_hK<(jW~%^<5kpphoFf$ek+=aR19&~P9C{zT#U34T=0T4aKZc16W^i4LxJ=0 zMB;_j6mHbp(}9!|nGzTG3h{}-H4iCBHC_bKS6$qoOQAQDXrT-MUBC8w7zu+@=pvKL zCW(4BRoV<>Qid>TNL3uvc$Fy7zD&9mXc9Fk;VH;Nh?(RdJOS|fcM6%Y@pqz43F2LD z^PZQa$2`O*JIfpL18O@dsLRW`ZMiI}>qed&rqyQMiKtA?z z3RBI52NuOx>8_Thv9SypNB1t|sC_YIiRa5?y%uul!Du9MXvXjR^HWc8pR){CLZ!{} zmGB#jm#w|Rw2$1+!MSkvtj|-U4mE5N^?9n>inw;A<+b3tYZqr9ox2hf@OrRtiTq|V zunU&PO|pAB(&J|#o|xbguld>4{EVS!0CO4HLu$q{}8zuLEdg)R?M+C{FSVtFJ#wR|3Y0iZkc2~M&|WF zan_0N9Rp^%f@2-6G2KWTK?FtZG}r(+-&v6MNxU~4@fB=gpRgwjIu35G9~Z(8!E^>% zpmavu_?|A-t!{sj{$Mg3L|4QmbVY1*YrYF2_BD>xkD2spj9Cu*_tK&W8104FOKxm& zyZcVq-DBw!VtRoMjwnf?Lw>!R4SQy5fi`2+QY6`a@b<@B(x6j!!3=R8Tci=5xClPZ zK(e{TRjsRBiT18v{u@j~-|d@|6^Q zgx4VMJde~US#hFwpgdA}cK26#r0T zjYn@_LZ8%zNqu6heZk22;9h-F8v{d^R5;$@WP#W|LoTU1_Md;7-7@tiJoIQi8Z#A3 z5@&jTe?3}ph`JC(;g=TW;t5<4(ynNfjXk(hHym2YxD)R}t?{=B1%-L{;n4a*mfSCg zR`Tz}Izm4IKMOjvt`LB299qf76VOeqad`bSIkf&7(wFc;@53JJI~cu2OqySCSb`G**4IxWlCZeep~{WV^%?U!G@ZyrCA z<<0SKlN0PPGxS;T8rYkyaey}^hv4gIa{fq;{yl!8vMx_2*ybLL>6V1o5|1F&^ezYyH!V~}2 zMRqv)+6VX&uYEMvG@i8FbN&T*-cG(3PRHlB+HcskU^2UQbC#ZpPtcMV(fIn;z8?ua zaJ~8=d%&YX6Xfw<6Aan-^PWKN`+3Vv|5n^J`f;3D^>3X@Y@L!1ra@gr;>VB(L#IAv z(FU{t7GF6qEah0@L6nfsx6)}#-^?LXqrHP-sT1zyqRVRU5xU>W`P<3h@z;|UW_4`O z=aIuBeOPYXjVq@ZZq*)^O|Hv^p9>3@aQOXpa|r_NC*mv%N3WHmxO$^VAA0z6Ho-(P zoNe}sYv}IGb3h(9SI#vE45GO>eV^b8+5{96M{5hqQNk3?FHo|MZ@ipz`ZwS$h=Va- z@D8-2mNOtU9Rp4808P2~hke8=9|Fsc?p+~R`xGc&x7&zDqG>+dta6?IzTI9S9W5;L5u;eq=2FKI|_@2?&Dd0h!CdA97X!yQ7{U#|c? z5Qb;=e2;C=S37Oj4RqRJ8=o$oEW*eVxfIHaPtx%j@54rbzOPS@*>z}>`*!r~bKshC zM-e5fqxFH)p4)@;>EdL8s=$ zqkTFs1lMqVH6F|ly!4MZf$;{xk8w52>YLGctJg9dy^1>pmWSP#Kjr#0XDNKg^{psf z^rGK&UyHWkN@&`qfY;4n$=ttY3^ewG?U{(6%Sn-1U)&C8FQ{Np8m(Y*W(CjSJvVB(GTd5hR>JO+kso~LVV6Q z3L4W1Z%pEY^XeW7@Gi6d$MFp)e?6QdbL&I99oxC<0JQUt{b&b<*T1W8Ymy%lA!3mToXZ+PQaLJM-xV z?fGvWAH2l1PrAMJ0JQT@^V(^q+jBrS=zo7>fAsyt>YwK|b{+-^bIr2OGvh=(?d}8B z-h1Y?cRt!Xi0$#;`H?o?exTZXFWb!41x3Q~Z=Aq&&uCX(0MOqSv90f-eav-3*B1H5 zS6U9k$!A<{i4Dwo@OtyTY<^<><7fpRIQR$1xk>_%6`IHu6I*x!{{%i+;ptCS;8cQ^ zkx!!-_lDReLavwafanf_5^RptBjo;4OvFIl)eKK(hZ;p38xoi=yrStGJ{E(`Vn_I$ z82?5hA^p_Y$U4n_LUtagejajw`>Em0@8_G_^z)-wGVnbd|3+4le(KsHU!FieAyc1D zKhJ3lj2X{itbW$k)f~_@2c)9{FamFWN8b|d=<;fw%Uz=JVI05p!#GQ9bqqMAIBh$- zo&^?FMe0UXyS1pKnB27Vp%p$@b_*nLO@>>M6-*usyi zL1D=7jH6x;#4DXnu9in3g|qdbVmn2rHh>V^SO=Lp1)RJYyboi(Md$GR-NKrNeRydO zAI|RX!j035kbkN`D8B%2^mbWlF;e!pNiVm@_BWL$PzW35MzPAlk(9!4b!`YGe4eV7 z0Kz%=B!`9`K217b8|K$J*vzpnz~MOi_)5|b*VF$V+JBLkcqC{;cw49yhK$z-Y1^J>Eg<)>;(@$e<0lO_vm zSN*{EYRiyr`?Z7c*prv-p*Kz(#OA zo@%qC)i$EPPOXMtbsJAyf%U|x2?I0XK}L?OzeXhd!|Kl`5x&3AG{$ z(u1n@U1V1V5%@L(nXmvVmQbWLh=3GHAiyHHjt9^>AUecd7ao!s_qHu^6&?KYpU)Dj zut&WF0cpBc2ACD`S_O~%~um$b*Z~cDIL{$b{qrvYYbq#2JbPrXVzBYVJDFK zTe1)b=Y;_7sGHap>_XSDsc+y1p9N2w=$j>KyE1l}L}c)s-de3K)Z zZffp27-B`lT>q_O2#(}--4v$WJ%TIsIZ5uW;gzaDH*qoIrfvk2M)URd>H&LZHENqa z+iE$6DeNle2=w1SU59qHBB&*Uy_mbEbUYp@jtm4RK@{x+rf zuq-AqW_VnRDzu=X1ona(03WInzMbU?y=%CU6;tjItnG&)grV7m@{T$Tk#quDT7^Vj%LJThz%>Wo(Eb>#}SG-fS@d#2!6A0QXl&UeitZ%D+}P2dp}Dpt(OXVf@Vm%)T zcy&J<>#jgj?GZrJuis#RO633!EllSEEw)2UeCvH^7pn|4!=#V8wi-cMe4h|F@!wOM zgYg*3`2)v5^#NzDK=##vzqooNR;NYUI(>Cv)umlv#A^WM7gU>F;|baM#I z-wbFE0F1w=T0!+ljrJ8hR=AlJhN_EDAp$gn8AFlM6?J@F#3udx>cee?IZaFlq-KAJ zPWPo@O@}qh^_n(fOW@jrPuCig=+$A#4rF1U$(N7#?%ggR^nTFIv3q;$nA#392fI!U z<%Or`ChUA(?HG(%(l@KC?IYz_q?FI_YHRUKdofvm#B05K)T6I;^`OLUTl&WqCvtby zjzgJ-98!0Hx@9+!zYE{XTmpyo+qUG#T$C$%yUq<8*KIHJc2Q5#dYed!Zcpt5niVkN zjd+%myZXWcBB6c@?uSh-W^sA?0Q%O*M<+WR-ARM~60deVQG*QAZD`c+I^YRN4!lNP zodGkTcyAewo|G0{xmIKX9~!qSEAVk@=F_7dFx z_#d_=?@C+a2fZVLAMP#E$x}_qc>gtr?`vaSXrQf^Rdp>|4D|?5k#}ZfVvgHmm5gDRbF z?PAa=ov8gYVvsu6$4L{tPR8{kpvJM8wH!3tfIj{jBx#UKs@M3nXJIfZ&-K+DAeCV_ z69UG4wS)1qT3VzRxL?CtrEu_u@YRhDAtW4C&Nvw_+E(e{=C(_De8y1_?QG5<0kf+T z)}5f=he$uAFfDucI9S&bu})7xLGy~8u}ZoVop)ljE71M!m?I-OfkoJI+A`boI%DPX zE&$hS<)B%%J6$fdc{tTKSD6VoLQI6WZbZwU8N90xbO>vj2l*^@BwyC zZ^`eB)t&>+C8c^bV|Qz=EXS~rl^i=8b22eaui`#X%fw6rCAI7L5QVm#sF(B$z4)h2 z#Hd~e8rrGeG!Uygpdpo5s*_6&OJ%(LXcnQ-&Qd>)2PjpblvYztr%P&6AxeWEpOkxG8Wj$Q=zct@k)%t^p{WG8bJHq^K<$#G{+L7KP6Tf_WQ5w5Mnk8USs;Sk)q zpK_=!R~6L)0;2X6e*0=_?5Zy{OCBv21;4`t%0_wS9) z%URNELHmz@CPvI{(DJNyx^$#`f;W9WF3nMAAX+)pn|^maaQH7E626 zcZQL&_A?c5xB=!6fBJvJtjeH2eZ)|`l0UsAjOa=?8H_>+3q>{}ctr=L4444^Sp740 zFPMs)h*vU0b$fGIB}_5u_T9BJ(Vt$07q{x)ia!i+z#gE3>G~nw^t~ZQ6?E|1^$0qc zTx1Z}xS}r4Mlge#VJz~dPYg>|Q0>KGL|1z#?BWjW+T94{YiAR)9oWGlmH6m{U)n}S zB&R7)uf+>l3F@0k#X;$gfdV|*xKL0wFXH+X|X7ikWs|b)7YMaU~VM@SAcI=i3SVB zV(g=#NdPm$ru4%CT%R?mxB&_s2a`>3ru`k(3HcX_(p~ih7(#j1)^LRH-pQ#}FI3l5 zSm@kFA~tMa~_OL{~W}wor~a#5t$-k zm@^~{bAp6n&W|w6=@EukE^dTpBH@ok!cRrQr!Hxf|NBVzCz0?-p;6}gNceM+@FByE zGB1mSza0r5wzN^^)sgVeBjJ;mHOkx*33nXSNZ%9*e=-t2XnCW|OCsU#MZzbHG|K!_ zJ-m|>#*73dN=Qx0kT6W)5{9GH;j9kRIjO@iXKEPc{0_sMv^u<#6B3I_c9kz@*B_(2 zm^}|nAbV+h_Iw0Q!aritnV@WfXD5-@>&#B!p%pou>(yS5l3p=zBDOefDjnQ`4X;}q z+yTQCzWh0}5e0WLY33CSNhQxs4B%EDzRDsagGnNZpZ96oiRGc6C`wGh0 z3irx*uon@*5)L;$hi7d)cLIk-A{t8Vl@L@lyv7dow*^2#1Aw=gG%qD3$yU!pB}0Xa zI9?-IsknH3V4!@;jgvyb~#C|FB-aYDSHRZ z#33OxUb6WuwuN4Sr=jjI$4XLctlUwp1xzWHyk86;mTG0VKfCrxPTA z1n{p;kbstdm|^k{I@(tW*;Q}hBc{H|2R8g~m1j&*xZ2ohy;GiXMVV{IH236V?e?;i z5&yzc@GHinl8n_Z0|h8R;5GOfBz5}b)9g;a_Bxir^W_wju=+vp)q@JAy+A#H60wFQ zLQe?1(LYCVP_zg2(*?dV-}1Q9nN8w4*3P(WBTd0rQxr6TwNleW0!V;)QYT0N39wV@ z1PLGk21}hF0VEt9CP)AY$Ak$IKms&gT}1*&z=YBX5|HtORZJ&I0A-F36C{9968Vki zzsP#U=>y&>`(_T6m$}=Yiz>4-_^BlIkpe&G?Fkn>hT@RWAHk!Xu)$VeU_wk>*HSV0 z#%&sB^H|n!>Ta^_IMnW#`W{P~_PN*jgtXs)^u-3GKtoDuNGSqhF20ErH*oHtf8%+2niJ<}}?TfCSiwbbN5B0$RUovh16eCgD!Jpp9GafA1-6m@I=##FcVBm_XRDbe;_^#f)CHuak- zo_=Gz8W6tJfDqInFwyox2z#yn<#zR%Sg(H`uqT4`uH(p+oUS!X!LP$Q8&Ce5c`4S5 zom}5$Zf1x}{>}a>kXA9CDg0 z0VH60=mZHMVM~}G0q*7R)9AqQ9Cjs_mZVM}GK1EnPMF7T<7$2_(&eO5i=j&q142zl zoKT(e>O-VPXI#$kP^JWBQf);+gn?{xd3;++-QQfk%<|7e!BQVGsXvD>P0`x>kw$_( zABFhI>FaRZF{G|y414WQAeVL_TV0J590222JQ+gXz=??UN$`eyPZ#P1o@9!HE^6YV z=;;NZ+OA9p+2?wZ_nakwhN@Fb?!m#U!c~TqxwaI^kK=^m`prOy7KHNYFce%*V9(OPVC%}m9!zjT2$;NL zI4s6F9*&|l*e7=5$hr;OObmc8Az&OumqU07z)M8n1+a|;wHFdzq5&__4qhDaE+sse z&+70}fR~EEOJ|aqbnOPhOEuu7+QCagNKkOjr!~f><51|T)|uAOR&l9C_|4YxN31?% zA^Zz#d8WgJkM3B0i4Jp2VS=z8`5VTRmJy8Ud4BCh9ELMuHON1V>4+ZFd%(pVX}sy8 zW|4dybtr_lBV3!qj~VI579Q#6gd_bNjPwpvsch6uV5BSINV5@+bdMit#+PP<3u-S$ z#c=$;xbXPzjlN(h(s%XFkiH+X*8D=#muvasp!27Mj!+ANiMtVXMUe`ie?grLlHM+C z10!35vhUB_hzuN!J%3)tO*#XUu%*UJbOw(0S~6a$GjJ}}lJPQTxcOT#{O}p@?^ZV> z;X0bEi*CzqrR>LMUfxtZ7A^jeE9SU{4U*;mu5Ed;1?<6&1xvd1ub@jWBxS6pqqZ4~ z2)^##i5rG%&!zxL<3i3?AhDOXRARG_@?pJCFHrBacJ=6O1!bJxR<9&V5T!pvIStPh z|DMkPo))kbmcJ^f z1*;JV!#z&}H(6pjomtFF_a62#DB<1{S#Bh)vF7Mp-P_6_eEB#Y&&JUTO+V@ukgj%@ z3({*G%BxMrt;i_jgBp=y52KjDG^G4(96VTIxDM*UfRoLrAWVEWfR>-Fk7N1SX0P^K z;0rO7@N2I|y`W_Fa9YqxXAHW&TRRjQhQSS|LVEWlt&Z;60x)tSExdan+WH*YGHq-n zO)vmB27L`0;oB})5d-c9!}#kE*A9mJyEO!x-i}J*>u@F7;~H-BdW4{bN15dAxC6fi zY1KnmraO(e$4MT-F3ct_3G8DSFet~5)ZW>eNU8m|F)IcfKO}^3YXj` zuwmFP9|fEr3!EZ8T1A@S`X}z_jVRvAd>T%kV7wadJp0Tm;tS0_tTS&N5xyFbeS|WA z_Zg(tw7CXORliq&*8{+-3FvNZCOWz`SHp>`&D+D7&mu9;T3m}aMkLRB9lX)hAyyW$ z*zO2hS%_XcJzZs2j3wg^?;6YxZm1)KyY1j(&FT@aUW?qCa)rp&O9FtOQD)lJ$Q-G7M(Lk?(2Ol&_@1|j~ z7Wokmm*6@oJS1`pdvO#h7ZXI>^Nw;qNk4V~65kL$E>Mj(_la4?H_+xkWBnwfPI;g% zjCiFReI8RyG;}dCe9G(uYyg`9?NvhjBo-n-qR9B9J@sl3&;!nzO`*i|fgB7z38#~? z-kGm~hC)9y>u4Pz#O3&{bSzmnI~rxDNBR=@fS9VOLmq}IDp4;q^3)Z0r4^>w9lKWs zqi~_RR;?3I7pVzXnVHYCOKGs}#bDbNSQmy{oofwpHF}jK2u#nggSZGvwuBD43L-at zi1yoD+J5_K;L?60e4hR_==kPp8gDZ<6ws8093W2d>C1@*>5d*Nx&Kj$d zGzzy11wrYOPC2&j$H~pBDg%&0yk1CpR)^M{fg-W*wYDm(f!)Zeht{z5WRBbvvvrgz zSz1t;VzDddHR#uCRcY>}EP8@2nr+ul;Mg3b#F8|iY%`vqKa6b*aeK0hERCQbx5y~9NUPPONoW#hndMc_V z$6`F;BIKVEQg#ejtSNJg$)w^0l*pwDP+FBtN@_4s1;(w$pzWbUJ4pcsQs#xb#zdi| zlB=p5q;^wdkVIZ(nX1DP0uc{9@lcJ;R8&t<~1|VV;mAZRjBKOoMno%zoQCV3}R&vqA5=bvIy)3 z=U|y`)i6tkDHzNA1CfkFFg_Z;$kW7?Dce4}95P==v-Xh6V$M;+yc+MWMR6#Vnu z@2yacNKNwPO7GMm{%xHP+=}PK{*|7q9rO64ro&)5uM92z6f4; z7&vJKO_VJdT~t$FhIEjKHQM_Lc+(%yDf3-N`-ytzM6BT}zdzM!Ks3jA6==D;Fo5#g zD~LV8()Tr3`o0EBj$(4sGX@hl*?%9k)O`(&A$^ctZR{O|+)-bFA?41jLNV20IeE~v z+7~Z9o~GFjtsGIRZH4srM`wrog+9M=`A(;NKN#G zWys7eT_b%#zCG+#CX46@7IE#&LvV5KYZ)n&`zzFg-~5^c^JRk}2w-`bG6kE&4R-__ z4%bp_83VA#wjyDMPa+(;n<>~wh(f?#YKV2#$?L6(4&Hf znY#%p3rtYCFUZ@@p^v~H%za7T?w9e(-7N0r-2dS1Wa-1a5y(ykNYsG=?pN?o?Pbe8 zgvSIvHXf}Wg_^qeWBkQdZLCk{PC?~rZQRv@3vEfxd5sTe?=LuBN8qINMe_6;EBF6I_WL={Q00t1Tnpo4Ok3O1oi()1t#OkK#*E zi0xj0SZs8tr+YTsxQ2bUf|V6{iwo{4nKgLI!tQn?(|&DgwcR>Kgcu?EN%uc-b53|z zSBDQRETW-G5hmm{Jw-S^h=A1i@bIo0;1WfW@!fYYO(Ht;>v$tyLIQ7qXUiEib`?Jr z>TEf64SGpH9jC<3SZG>b1IzS&qgn3;j&HTL#>U&&*3D01I$QQy1IukbJ%sE)>4PeL zO{0U%4!^)T!XFpkk^6Z1+JRg!`)8Z{v-=T^qbjZf3GwOaswxr4RSr z5BJ6dU<5VdwZWc+@(m(e_;5VhBPblF?~5-QKy{`!{8Qb*vJY7Fb z^ntEyUqLMz9hca{Y?g>(IFtPFs;G|^j>6IiZ`y7*avK}44cnb6^NZJPI z(FLg(Fk2i?9tK1n;&Z&kC60gV5}8Dep}V0xj-meYibhl5Cx$+bCoZ!2N7JLgiMOCN zTf3^=;~^xizHftt*0L@fSFlIG*h1b=LKXnNg~YwrVTf^e1}JMaxj*WCSl0WZtP;IE z%z+*AICR*i#BxWYl^7py22B@*O0JMet!e%e{@Ms~f6atawGzz>R&JeIypSEf&2^zDrl#-2li9 z)v-t{Di=f6bO)rUyOB1H+02jduIc^*@KG9Tb@#8uEx>CUY83EEDl&gb?V|}Wbp|@*{<;3Yq1UJ+uV6l3I zZEBGQva=7w9jI?(V?(2SX_z?a6Pk?;sm21#e4v%6i#3$A)|N)}*pSFPJJzJe2m>QI zMn8OO6%JVRBdIWi(|6#w4K{765EwS7JWzDSF;Y}POTv99Dpxw%zyY8UVJQHB69)vj z_(D!=Y;NF}5_<@v+5Is>%m$2?)Q+|!#%n~j4sUP@ssxHqx&(Q6*1>q-heaUcNwgm> z6qftaIDRnvFg$1BeL3C{yg42)g5d|@4daGdK!=H2OoWtu|3%x!)GOHyRqX zTO>5Rb3%w`#*PYMhx4BJW^(5qsrf}|kA=($no#gMQH4lqh8KB00O5#LW((qR`{T}D zxD=4jl$K05feZi>=!Q~b%C0A?s||Phi8Gj)i>S%i|9A-A?(68)c6`PhY9X1I5MocC z4tKnI%k(W%eWP^~>@StZ_FAX{ArO8`4Nm<*0pNERF;urCd5LKNgak>9`+sLdu|_Aq z`(HC^NXMg0G4U1lv*K7hicjv1@nKguC^sblxwt=JBLF=E+6EPANs)+lZ-9I1bx7yv z0ImQlBj`<<}lcSysI5*Bn>WUgNds0a%S38_s+KDg`Iz(DAt%>3Pv#Bhl_F zkXz?iha6(V+XemqR_Y5f4e0C`E^Ykd}M;cl4eNwwA|@L=OoXeE~dIOrbf|7A%)vxF%6gH)fQaCt;v_?lW0pMq{E02+ocOds~|H+)>4^i zLxi;8=ure-#g4)ywxaxUHo}1i{kXb9Ivk<*CFEd(wVa9x+q*iv{O1sfJalG~K3|*- z>ni1y3#Gdi5b3{-K@TFENSUu19UKY{`NSNoa;$XHR06$ts}8qh_+d!@w2blKrQ1mV z^cb~pT6DF7Y~Zi5uv>wv7V~tU-X))B+(3D%ZOfkP1jVd1FZly+W>9OU$M&9DFf^r` zF@re|-Adgl5yDxszhE3gIn*ciL^(JU=F{En%)Y>*?@TQOTcZ0;_I9B*d+ zidXUk(<)I^kb6(Yl$aXP7+P<^UTu|vd;4LyGJXp@8w@iCFU&$#Zi2k+++=wNbDi?8 zwR4li!3*PY3Q63}xisERmOf=f>{3QV25@E*!Q`+6LCf8p`1v&{30PiU6?YG&+~0@0 z3gOsg8nb~re`epE#OPp>sqcGqet^z)W2Rx`4x=+MGq+S?zt7lZbgH|+%)WV8*vcJ^ z5blCs#5YdBEl07qSxvkMCXD3iD%fh75OqI*PSCeExNa>{Ni0$=D9$Wi1kWuF7B7N( zii5?A;Kjwk;zjU62H&DFh);<2?nfKe-9UpFFxIrvmX$(H-Fc)L^03CTrC%Hfm{$y2 zya--W94uZ0&u8!jUZp41t0IqQ&7m7f%_Rwv9#ITIyerM@p$NtvoIB>UMq z&~7iWf3@Teml(F5g-xq>p@lk{%&hn=v+rb#3K`5>aWEEQN7@}mJp)rCvAg5!EV_;9 z?u{~BD0ApFrn`t9Sg^$-^9alhyuGickw*UC>HK@>{QEP@b9gX+4?WL|r^S5{Z{E=q zGH9#dxNc_2Uqto?M0PALc=25v1M{m~{GwCgW;7&nl9SgT!b}-Vi6hA+%428lfiLaY zb8#68&h_u^1>eg=Q{{lNoesJNuoszY88d*x?}0<2x$izCinyl&y$ouEy>v~u#|;kL zkSv#!gfsUeMMyOHj^7lET`jX3jrJ~2W|>9;uwMr3*1jJTw9|JB7ky!phV$~gldL8E zMfAtH$nyu}X^MC!KE_#__X1I6+gQ+D3H18u$EY1O!?@kWU4bB|k73@xC(bp~5ih$- zF>i5TjL+bV5!UZDmo4Wsjg@m%e}l&CVwl$8TrxINxLeJ z2PV|LA{}uHxA#pZ^lGK+TkgNmBQ>YgnpvTgli7?UO;{T~)#ORsBsML6VwC75Y#U zZH@qmdj1*tv7`MUIXRQOv2PaOZ{X5W-!GA11N*9bEW^kK?s0Un@quU1*a`XnSIT$$ z5fMS-J&a6gUial)U4qMl9zmF-r@R^{ef|oJvw^7e8QgB+Wkx=Zb0C`WD$27mzXHgJ z!y9UL<_$GfnG4WBy_bPy?^JRTZc*?dWM>{@BMF@?13lIF3+dbuYKO=*>H{iqzJ@s9HR%Km0atoL3&7=` znh2ps@HH}m##yk1hzJ*GTjf!c)o;XpW|dIZBHhP<0CqT&B9af6U~(}LwY74`1Dt8+ zPQc5okiaj-+xjPZJG-OXA`IX2jaCj4wS!59XS3lWFqP{;i! z9BOOIlyebnuf~El%=})UMaBanSwN#%TWy{_Ht{&p* z8x^Rmc4*!JhO=>2?^jTv40>*4ycN#;8Wqbti^q7Y_Z#^L!PhkQ1w#DU>6!NW6H!v; zIizgv9BuX9mQM>otAO?1nGeG?vYnZYQiP60|1u3!&G;*MHG3L>VK{BHeCP(5 zgtahK?}J6C+5(F!^bo4Iu_9FMU_~gPPRv7{s30Jv3L{h<){;ELRNIQ78K}*q$i2T= z*lJ`g!+LEJ;$k(hO+y~>o#Al^d_YhsWB?31HxpE)=Vg{BTkzjG2etH$0@h$oit_JWU|*x?5TDuvX=;i(*RdC z(IhX1xa$WP2s6gub%uIz!4H>Ukl0g^=5+CLArb0+T=r8UEfK(r9E#T(^pAC&mX>YIs*|mDp%ASUSLFN2l*MU`B73qZH#P!gl#! zsqK+aeIvb(@zx+fcqJwl?{DO$&h}(VY;$Lt9hVsUI63C#h_yv5z-i3h>$&T5Kz+e zL=tQwe8M@w8{`ua8W^MW7I(}bgG zP#uoT5y#AL5!nxY8dp0znK`Ibm7-zL@R!wBS{4S79a+}ts24O}=tM68pGaYy#w9V* zGuEGphVZIYh~?E`Fq)}DElNdmcgLt4bzIB@Q`Mnx=6A@S?E5{QsG!@8(A>-LRBd(s zfLGri8LirnI6$`r4u3*m1spy&WE`d_9Hwd-)P-_l8RM52llHpw*p0 zakQmrs{>6m)%QC(0HM@dRK!{aVNFx?7Jpiaun?gP*Y0h=5JH!LpttZP<(kHIC{xM*TbM-bYgTSO z5-7JV)-_AXdR&=_v;UNkFec->k}Rbq$0ar8R?jSRi}+OLT;8p@>kt!r$<79dr04k% zJ;1X>&yxD;I#JJJt(=TavJo-Le5G3j(0&zkE9MVLdg@kRNAb+(yd(J z0`(VbXXhhcDL^r~bW6E|GVKtR>l@?@j6;th5JlpK%xN{QW2SvnBUoWWjRNKM3gFT00%a z%7`4-EJ|O8Pzx&tUIutgc*zr{=-WcOCS^KqlBHj06CVL=yjV>r4nom*?mQJJTprJn z7mSsuf^RRoaUu9?~Jyo0U<0fHpA`eZU$uVP|}=V-&ukF%DnOpnecZ zw9hZ`I@aVZ_~1s|l1-nO9za(OqEjVT>3wbOUmE?Vs!7$_$IT(mKymjM#m!vY7b@hF zxFzz1XV^hZeuNozB=^V6g5WT`46gD86NAHmbO8hU3K&#~lTt4A=bKooZ-G}(unglq z$TFGe2oJa7=Mc2!jSnpy*!0G)V=1yuOSRv`et_YK+Bm*vy7fMW!uet~< z_nXMs@vIlq6_8J|NE8&I&aQby1vQlx#8@xykf9#m84M-%>*_87J#Za>M~XQ*x<*S? z+FYnqu&X_Xr|XnfTq@{H+)hk8#|rQ~{VEnBcAhVzU2L>Vosk$W9d34F;$k#OVp!f6 zg|9X5L%&M29eFKX1CYxY`{^~ z{#%RhaN@WnJ)uNoNsoiCLnIpc8HxDri$~%x; z5{tf+H?4?7Bgi6s^2lq(r23ICVXgBDJ4R#b{ z2y9n@5NNU5mc`4aZRvI?nOay{4lG+IZy{W*5n}7kf6ZyK^Rn z#kWnKiCWkiBH}fJjdUk@Ge83jJhp6@1RX8eEC?I;VZkZqBfc(R z^O6>PAh-@{88o0sJ?_?`1^t&m3=+v!gpY>YUm+mf6>>?BbbSanyStCTiBYuPOwFtd z)Y@}|KSJ2R2RE8sMU7KY<)yf_sDoD$x}nIA$rqxJ+r}a2<01BOez=%&^e~x&M-oft zo1+%*2iYS>IIhB*YTNJde*}Np;P6TJ&KfhZbQ-%x_oH}}0a-J@ENJ48f+m-znmj*Q z25eP@u-*z`{T0HNRtQ^OA?$<-VQc1_z-5lKXoI=_qv%;~9f%wS5y==ZjGeXBWG5=P zsCzoH=c9J@)MV1!-8slW9z7~6>a6&5)R{)#a@`Kv)1)z4pz2vPjiM3?5T$2|TL z=-{tMHGloAz+X?4^4ADV_CgCP@>h8&9)C$miB|39lJ77w{qEvN^!#niSy^O zahXseGPx=-3$MjJDLXOI?0HD!2G;$JDzvNV4uf$Z8hQqs+_5H7ou}I>qy}kxA;C8wQhVLN8YTTEwqIFq%b!oB-N|L1x#mD0X5DS^p$X)c+ zN4IZybHkgF{sAh`P(paSZ z%_j_FFBp4-47d@mokw*F>8Cs)Q9_(3GDep7v>Q8J`%h{;!Ne;FX*l+1k5Y*Z0y;5c z8K48jC?cv_Noye_qemQDIaabFA3>ooUQ$uD?{XZ=VskETJz`~|X60U^;qOjqTx)cb z)j&IFXIn3BIbvme<@CK7AB@#_NOiwKI@BogjPw$=teid!2|=wIQmeN64wb5eT5VqX z)|Jy=LJAPCMu=CN>i43Ct(=aTixfdxeu-`zWu5hNaU9rK8>=lPDu+0Yek}kNh*~2= zttlZYixjfeqGGjP#XvIPUK-9&hWQBT?E6y?4!hVLl4!+YFpGzk3ma5{#^SQ@VFQG> z3=rOm#XE~2Pi;Al=52wVoSNtv-WSJkv4MjaSAs9%8}T`DOg6Kap4lz3G;)E3@AT<_ zqjL;TYHwoeGUeClTT9comZblePQSYX*Sa;p(Gta9?G-N$1boH|5C;N2&4BTy`zMHv z)+M;_GkX<6crx*I;zL_{+=_(`H(?tbC)4GOdFq2ugm$0yT1c8 zGrrP&neTO1AaH9lOrmWthI~>|LLh7)nE^9ItP4gZNvb*UXZr9WXVssnG_(ozeKW zvGLJNGL}A!cSOc7A(6kqCG(VXkic|b0#VW#RWs$w3?~J3>!=#HAp|SYFjb`@s%ZGW z1^9T4RB@y5$|RW6bbp_3lT158R`w{K^HEPQ$c#oL*0}_Qw5p0mVT=!u#CtFlTFFhC z09Bd*0f6}{OBL#tu)b<4MHf@P;S&X2FcZw}jddw(=opLAa37v^b zV>2rQ+;K!$=xZ9Y@UGTy_Lsa?ZnnJD7SsL2-JIJOZzoHif`@#B#{jj(bZ;|pg!?Zd zKTLWcwx%SqDxgILNPA)qDnBI_#9}bHE-_rmhIrh49^rd|Qsi%SDp zOVQofHvE}cO1AVcGfUCd);S^37RPoLdW2qpKpBfG$|Wpaml#nT4;a)-!Rkh>^rb%{ zIVX|P(6FBBauS6>qHrmRYCIB+YQPqBk_cy#_^l!#67)nd^`_^0SWeW~gv=_p74`IT z$z;rNzY759WQ5}=5MF``U_s%dFq3mH1$ThWY*J6NSs^^D!Zo*j&vY*pBICRn-*3e> z&!Sa6E*VfjXb3qx1bi8@L(Ayz54)gEpljkAmWofF1wGuK;}LP1JF!-QZFf~b1}cH7 z2QHeo-A@obm0p+(oy2yp@RD6l2iLJS0CpYPyD0+F(Wo1Ae*wtRkXV-{wuHE-&lBT8 z^#yy__OJ&)-PsUQC&nYPL5lkUs;zL)ha*mJJq%c8{`9yUu~azXc&luq!sm0)-R1k` zGPHjsztLaa6H!e>@p1Etku{7YZ9fKwX`xYS>3EA~^f!vmm>pV1-6-rQ72D*YqBf}~ zcBFb89Rs$>r@UmJq=RjOy+zp5rrU(`@8UKYrrM=LK;y zQi~vNVm5b#JSlpxu}d{f%VI5rNymLq*UB=u1p=m}RKSQ;vy$jV?|;_M?jy8EWGcsn zI1#bj7QE0Xo|j0996c3y@Tb&37fs;ACt=JLY1&nnXo+JTF)vN6#F1SPwIXuek~nVN zV?;-3CR4-4WW*6Y)YD%+iE?9Q3n;l9F)>6)dTnd0 zfwgadsL1@}E$F1!HXs_F3;h~ux*~-Rf~Ll`QqoV^NiGL%SgxQb;=dyFh2SVS*~!G| z?na3^-5U&X=?aO}YrEfPzlT6_;n!Vrr0T|}SC+80JDOQfN1pq2-m&F*5&L5uyHi;# z&>y0_9LJ)F-p+Ikmalm18}H>~wN$=$ONJ8jQW?tnzdPeB=}|h)UV(eI5$qS0q8X$} zI}(2vItEIW_EIJ3V7tl&6v(bRbt!|3X>)|C1c$9*OPrn&+aRj)>h%D!i0bt~QDf$t zR@l7~XbqBNz^JK%0=Dsq>ndHXYu z1evc&G2bB5o-y+WnZ1y(gXC==G?tXF3Mn2P1PItvWHF3^gVLV-`X57iFuShuTQK{e zgz;chm{-0-E#n)mJ1Jb3P#Et4*ANG4$YPA~miq%e5>GD6ipV>4WLH__5Xb0USqd@R zosOZ8(Yty1Sfh7$j3(yqoiUp980r{3)gxjz9RrQg)4Wtu=wQ1ZiT>WeamgE&6QeOM zV@od8V!zqT!4$$NokGACtju1c8nnLIh-+c6z@%(CLC>Z$SS$r(ND0V6U_d|)5(@!2 zNbH#TiP11qBu3}W6xDXP!CwDaR&f%P65byP1JqHFZ8*mD6Lf?^Kx3#O(O%1(!IX00km#Zw5AvZrQ5LO3|6#qY7a1B%TrsIkBeOSg?dG8J;^F4LX~32 zU<&4q(r+OY2Pp%sF-UAd52%bmQETAjE$(`32o_ocr|YaZmW!o1f~q<40lYNKE4#co zg2l>9<>H0!zoXm2n?2|GzX#3Y=@mP=Ve%HuZJc;lu7_Eo)K*UA5vx+{;0*=6Vvt5I z=~VARGm5_QG}^HVeahF4qN0cxi^2r|wl&0%8S^apvAiii-;&#^Ay$AUU2@y>l!{RD zdP;>@p9WbW)~7*Mh%ISp9As~_VbE=Gd|fu!VDp+h>9UUMviX314&!IgF4W`9J)jYS_qfcfkwT>a?K&k zOjQ&y`uw>9z)fEdORX7qGKQ( zXt9^-a5|_1;m#=j~3 z9gTvb4(4#0I#|S_4ya>2vlcobdE*0`KE64&TEgo|Bw)f)GwiovE2)60w+#$yFxzS? zsQ`_vRlERL$xP`}=qkYQ*-9$Jwr>Y%g|?@Gwk?(H7wmpJ#C}oHM7Z7diwe-T!+uc_ zif1FJq-^`f?h1KHeZK*v0bjY-jE$8qQKvo5))qp)LE#9>KvHziTU}c@LzudsV9Lg&&v+` zZ5>L5>QLDAif4rZbR~rx2GG0p0NMxt5C_mxm^D9udH`0H0mu)aUXn~%k|EDePh*)J zKYQsI`uMrp%g6e?yW=M@fA5T+q{mRl&(l33_R}%Y_<4qxY7HI#?c-Bt&SS3Gti zp_)4uCtO#a&~|-Epmg)Jo9%8WOGtS-gfmJx%3h9>XVEeAadN$vk0rmm<0LVE?~IeA z$56+~FMCA%A{_&blQ(;*zC?#_o9Nl}%L2hi;nEECR_8fB#7w>gf^*BV`W6VzD~l94 zG6cT*2#X~*dyYFbPU8-mw2fzqJ#2+H+>YZ z5A5{z_K8-o-ec#Yw~w+y?2cI<7`%i*Ru6V9Up*KcmReijy<7gZg`M91p3e&AXWyRB z3bF6Z+QML(%9z2--)nV>!t?{O7OR^-*cxdFn**?Gumq zlkfai$#MRdmt%N(#UG(x$hkX(HI}ruXTyD)*Ne)|ycHyGS=6?R-3lNEEVwZFE6ru& zD3|oZCFqB~b96j9CwrsYc1$O%Fh={t5*V9pT1uYM@YOSa&s$3raQ4(?HtO9j-13$wv;w?ME)b*Q%uWtDdx-@OC^()~09n3;&G{apBnliQ2M#&mPftTbA^qpe)4yP++w!!w z`)X8{e@Hfw8;C3$fckW8e-#c?x(qpJ|*X^;1P>wxYDxdX< z^6goDe^=ymo#{zxb$;gSSRd6A#H)%N0o3C@?sE6*JYJIRTzMZ%WDg_`A%eH{nBlgG zXi&s2Sc|SPP`6F!4SsC@JqH}eJko6Uiu+*1`A-=2{wci<{sB^dCMp06^K&!~HASyrD>_qMV~4t6Wu{~?gI z1Kb0&(v>n)N}uy<%*6gT1e@@;nU>?~9dtlm516lbT)o}PM~b|=<0>(K?~JRY$56-B z?|DT0E*%5egum~lx|0sJPx+qlrtKM03wH-p?D^i%_pa<2->uy0TY1lT)Bndke?GCRjO%b1O^PVR4&xq8tpuD)I0j{75I zk*hQB8MH*e3>s$v=1ABenj&^{=W=bevHf?qPHL8`Jk@oe5l5~Atxh$Bp5euzID3kF zc|$I554FO${9JBR=EbtGUhsNQxwAEYJ1D-eZMnp%bnv^l{5m<_&UhaykN3TN3qNBz zQ*1xmj)O<<%Dha=I^2IffSv6B?Ysi|fuFZ&k1679pBCr1KL#fVZx7y^gtz%kN8F{S zc>8E=(Jtlfg_s|!3y8tnhr?5yst@4?Adj<;L{J%L^E%?<+lYm;iBqW}H2`P-RCD%E zgtL_n`%B>KTYva(nuCiDxYq!4!W}daRn!Ro+vbA!>bf3SFq4+?WfM6_W_o{uYlz!- zo@Azb`Dus3McFp)jJMQn*wVyT&c0qKFAbsh>ev^{Vo$K;!riL~ zhxzf9(1`m>`h3&Yhw0~h0iPF^vCejX2#EfH#r4LzD4;m*bI6gxSYf+=hHHq`&sXLi zjqXcjd3{JdMx=mGFB($Gi|6xYmeWF)c@3fF+2U8a zjG(arbl3OFD_dRh9p>A3ue@FHUU{onl)FT-RE(G0r*6u{w8gk=^L^@N*vNhA3Y)yj zBy3%(E|C}Ct-FcIHkI-5wUt^uE~d{mw$;$S0WeTo;lnG2h2gYZauo3?`$p6W^(3}- zl2t>F`#X;j|Cr~&im-&ki(oON7}oDSSj3Y0Yf$b#FT<-GRykfTd$36VL10O5e+#_+ z;K8EERIu`i z)f977VO0(Ink%MnGV_RqioO>SR;7jF_%v&wG|WA0m#tdDy&?Uvf{^}Lfwa?`;GcFM zJ&pxExFMp99@HPh@&OC2Kh~t`!_*%&HK;$9Q$rL;p$4x(lkZswHBQo6YB@Dn4ydsR zFHnPuDyY!_YM>~O7NV<`(L%}+S`^9>T2$yeq=jh2`g0mW3w&?h82!%E;vMD;Pp+~0 z`fDO(oT20{=`qGfk9VxEyrbMf*-)XU__<>s^Y81PeEDBG21@l;FV(AqrTUwf>Mw(( z`n#9vH9F9Dsh{Ahw|-lJmS{c0mTbqRweO0}z%yr8*r{W}=yE0MI!F@Hqo;ybeRE1J z#kO~2@nB1s-Xd#-#o2%F`tD!_4{_;t5D?mKgY)=)UK+NS_ z0FCq}!gr2F;55BYt$g=`Mn-l&c&RG%tO272-UG*7WJBza^L2kL*@s?`P20a2eX!1% zH-r2K?w1qlzU3Z0-A}&=`c~Sn&lpDr5;300> z`4=DkhDzykZe=E|YY$=HP7q~_i7!OQVEH`j zVFb82uH)q+QB=Nn%l1XgOXfsCh<2R~sLwn8{Y#CFZ^k;{WGm_sv5Jm?rexJ#st6sN zL;XM4x3l~E`*sF7+DGcVzi&q!%-9hZYxwr<3_x13UA(_XkN)YiEpKio}y%Np9}>n5M|OB_;d?VAf*Z~ld zee)5rR;^7pvOTY|WC7Y*e+^Hy?g5^0_r_tZ=FXt|0(N(y`J0&R^irmXYo=)CThsap zyvM?B3?g%BW!RE!*t_IeB`S%a3Hif$m12|g)%mjOum?k(FT)k&a=xroxO=H8!x}7h zg8nWb&Nmu6p`Il+4$S3-Z~Iw5ek*x9ZuYHk84t*$&w*4r*X)t0rpimD$mBExg-m6l z!b?^e*kG}s)47)1zhk*E@Q1rkF-Nsl1WEBw_4R}_g$N)Jg zl)=gXrS2^si16`UcO*DN_Qs8Xqj=~Nor1bN?k|recG~76$Ax|O6)(E*_@a``DETB5 z7I>?zclL{V>?>Rc;rH}BnS^hCd1Kq#xQ)Dml<|%q`T1@ejjoj>N(mMD2{r4T{Sw{) zOxNx)U80QXy!qpMjOX5wFBtvT^V~b~$(jLpZmh?1V+uT{zi2|bZ-kuV{Zondw;|^$ zs;!nM=#*~omS2oe>(IROf%iJ)Wly5V`_|ywkUbRzv0CTZ4%vfUXa36v-tub?TP$@4 ze%XwO1JQV|ea2O6pS7R|)(T_oY^Z;C6IHx%T(!$RD4utYd+nm`e}2z5%|KUM8*SJ} ze>Cbe4t1(CdavBsIL)2H8Ou~WB2MP3*g}Q5#~(oSNkKb)SUhRCC&S}p@MT}@D!O=u z7aL-1^_JF<BdVUZDT#y3;I4|3gdMSe(n{IJV= zfFCN|p!=WA50!7f#oVBnAFj*u!=C?set6xR;K*gA6}h6*e(6Jz8{c687EZ zWB4^;e9Y_d@{h1{5zoJDw$fC$DeYe1d+$!A2ds3nDc1_Q602_!N;R5t<&X|kHy5c% zcX9wjaW{Zt0o2`tZ_tADeqY9I>(-1?S*=pF|YT0`GLeU#M^ zGTmL70P%8gY$iQetl{Y}gv~0;BmK*QhN{m@`%h|lC!#P{aoqhh*uD84py%$Z)9k~y z@Wv+rSL-IqmXFh#@11-66pl{=#}b`I;ky09+`mO@@mR6K&SA6UTYMFgsPilAtMxLr z=+%{?bG{R|`D|9%kzYBRReYM=CCij<2LVs=WFUBQHeySxuo#sHkg(q*+)CYfIYXx%XvR#dd?c&g0~UXa9K^|qG- z#;7}5)m;rmdyI;Ce4EeL6`jzsT%Hrce))Knn?ENcvba=N!nnH1{Q$XcfN}Lu#L2jN z2psQ~akb(upZ|(+wc<9C$KC1BlEvh+;bUCuzUX7H(u|8IlAjsZl9=$B4P4Jo9NNxv zZhdhi-SAli;3DR}8Svz;g~xQK(>!P8u4ByZW|o0gW+vj3*Vs5ZURW?UvrLm&P7YGZ z?942to2v7C;4H^C607TU}6WgdXCo;<27BC`)6-yUDktu zaN&nBJQtGh&v?Oku(IvUY^GaYR=AZpV4#QtE0;XVbSHp#NxVtKWTXk$x<|7=Sni4J zJBXnd@9d4F?-&qT97u||V;F~?W@k>;sU>88Yct@sxqAYrdpRL@76N=Q6>PLE=NPBr z4O=H{7pH(U9Z}PL#KfvIE*3)XWDuH~A*OpDo|%s#Bx0>Q30P%uji24opghinaTJ|n zP||d(@j44OE9bK) z6pOM9Sg8iXaywwp1ahQH0k=C*?{uw|%>nQYtYsuM!gN=$iV~Iql93BpITfpF+cDg9 zZ%59KgCI$FLss`fB+IB94ur7jNjl;pM5K8bxsdEG?4H$_dX&EysgmH|E5coDu49OiyJ3|lLj1#h^RHx;l$s+lz>oXHkTB50`^&(oV$HmPoAzXMcQeHm} zwhIEkzRBGWsru2u%!t;jb^>e{Fg5pqz3m7pegi5J%p3*AjD{@7&U_MncEJ~jGTUp2 z`L59Ue#?Aqu#;Sm@^;CW=U$5vB6jB2Kr24!bUU6o2=!gF9#yCgr%woH&O)>j*RkV?oKrL)PhL};ZLG^EMFC1=j1WJ$LS z<%}mcB!EUcPDCCnOz%rd>l&izG?sFZXz8+Vc{Xcw*gS z)4t27X^3)qA8W@7&>^VW)aMvTteoE6Mtgz3Vqi=HFUbe~fPw$S!|DBfKJZosz9@mS z$9UPVW8gy)ctbw$at6{!?DPi4dMP(B@Cy?7eJ`-%jP5HWWb95lS;wmG4@t;5`H-cl zHBRqSdGDgs2~O`m=s*Z? zn3viq*ju*?9c{thlf}^x?0rxiRc2F@5>dgqz0;D$X_hdEi+({tLw>}lZlu9OCQLaE zru$K_Oa#Jl8HcGrGL$(UR1aqkMK3{bT!K){>oTX|-DukmdfPE@ju%*t!0H&dpNIg! zX3Pc~ThUlhwbxy0sw^jL2Qya{cbM(QZ*?X7Ok-cv6wa&ZUL_tV9lx^bduKzbRsalFdoXi4XeIGb_3eZZ$MvHgOOSccI_ znrCLBPVuWE%F%LFbTe*IP$NgH9yuJ04x#+$0oKTm5Y=G{e2z^Rhj`V5lNyJTcjn%R0w#EB} zK_P1A97>>V8L#6X#6N*Q%$!2OZhRubz`BQviJ3E{4j#B?1C71?bjE^|rut4N(bC06xNV{JpN3*9P@XG9>U=f)!K#)dcFY=0BHD!|iw z#Udv))-}|*AMhoQD#)W_Q9ynZNdDv7mLj z&XjlNX!i82fuxc{ma#8r36(JBYd9Z6q>rgHx5i21%th!_5i?6BOQV_j#>ESnYyO(#^srO}Sry)&R+h?17B#dJT&<<3;3C7K$I zxY;FfJ&3DrsljJXSlU}b9w;{<4^*mx97+D$x0;ql ztYC(7W~a22v9*{GHl@O~I4kNe2eUG}*3R6{v5_tppi;?4tjs@wjNE6}i^A9U;SuEB zPALgn!?4pOY$?L5Oao83qVdl_Sn^yUToXrOX9IIe6KOwlc|6DSu$b#(+^N8GG^Ci- ze#Q$kpPEaBjQB{!d&B!41r<3>K9i8qV>&%H_xS&VIs$8Js$;miE3MTL)EY!5@pOW$ zj==uS;;yt#M|61+A~#TYPDfxzfyyBg1QF{QA?;-uZFui4^;LRG9Np_I#HYI5insDv*ojRV+48gtYt|^T>6@kKs)1GCCzg>P2Dm= zp)WDwxQAd4wQ~ex26N13T8Rk49y|sd$^B7*%)?X<~l-ca-)Rj zbOe(AtrVt47HO$xAA@%{+fgu6MPIz4^@xdwNG2b`5nP^k@d_`+gfYq$cRcJL1Uf1# zYC3|KK!7a*{aW*lZ9q4n&RkMnqI&UUn7jS~g24s|A^T^z6fjMj-B6bX!-ejj!bVt9 zHc{Q9TaNXZ>eXFH<+TxNvZO$5psEOodbmW_PnRTZLYC1AIMRNS(i-05vSfbyi>odv zNdt?YF@-c!X-0WzfCDjs_#7F4@7T6mgFRTGhbi4PJKI2|sJ5 zU7xIDNu?D^%m)S|?g^9&jku)VD%p4>i#XCLCGAF}g^>gEZ`TCs5!*r;7hM7&TCK|n z3BO}I5UwP|m>LmY*G_O{s;0q;yB~rGnuDvJ4MBHg7pCSdiyLjCJp2f3MQX;ChK{5f zHz#H#>2|bLp@#FFFs7j#*}W zTqMVQxSKxrD&On=gl7ZRIgUexpZW}dn^{I+v*9|vw>BfJ&1}~B0O@={s;R0DyU=M; z?)Shz=DPnyN~&t?bKfFM?G1Ny%Un-gTHM@nND@`1$b}vK2soqiu4!NH|D7t_#i;5L~!|{h6Zh&Eo zJ>XV-M|3XZE`(u)(-?+u-H*sVmU}sY+zUbePk7Dd+`srT*U^{#l0h~T=a=D(XPVLH zb6XJwIcXX!dyI@(%oLy8;?I_4Sl^+@kZi!rkXk<#LFR+JFknrMnX6AjD6}$Fs)H4C zHwF=ZA%lxOyMtp{uAm21Q{`ZqdS)PWwGRk$8Tpw~zREP2R$KAMC&azFu|iOD1Yl~U z7b-QDq%EqlLJl7+sLUkRo4^G~7^V=5K20of`iK=k3et)7ro93)BJ?%pi%%Y5t}En} zFrio91s>5_6wy4I%@UenbW$`U5TV&{l7PXaN5Mmyv3S8!XvQ2&GmIGsT+wW$A{n{> z6R1pzW`d{CEMG6ujKM;)67)6A1d0OYrS^jc331y}&SY73&f+VW!|Ic5*4nus-ngP? z9p7#U(^u^b)0t(e9;>Gh3ri7xI2+m|?V(qIhfNo2kl2Z=`$QY)&3PH;8)lXXph5ks z({@_ABE}Z%sKnw})??W6lMpCRSUKUI`oSL!hzdd~Q!Z&J)a;5vs7r-mV2=0IgX$3|K3F!3)@7F>bn66b2l<~i)8kiN=i^*q^WK;UE+(TB52iA zH^C)Mm2a!7uddiu1z;80iiP{yirx#aD`~6!^R!THMH&~{O2A87K~hUw;fzNlN9ssh zeSsx-)`rvZz4``ryKEyn8_bkW-xmoEiX;pQeS1PmY-mDMKF9FBFA+eY<9!)k-PkuX zrnIdYU((k9gP@9S?eBNYSJLmKC^LHtVpPBT3S4YxMzG(}pYL~dz$Euorf87_USkRr zmDKBZLyfT>(~wwq)79wxm}!i1_>6Y-vk^QEf>Q7TQw4OIx0=+Y;kK zBu4^BTYepmr0BmFScY+c!1@Nlu#|rj`$qPg@LmMq=W_2`4HcNboMJvrPER(diO=8qv# z>&c{p84Km^=6l@_@N9rUJ%M`i(I#ob2+T^>@$J)-nGcXePsU7_x^hPqFeQ4a$)F1> z5DTvCQ8iI`#ezMmf<-vb>=3n3Rf83tM9q=j9DVT`Gt2s?r=s?Bm{M1_0XPbw-4m%* zkEl{4?ZHho8ayeySQWTV+9j)qM^Yg*OX#~t02bQZ9md9y=FgrCcDN0*7md8FVF{F} z4+!Tdq!sO3m+o^u0%cmGaJ+a0Es8THW4i_ni|j8)|bvHKVQ;=F{|O}Ss3UO76audMEykYLLs7%QNC zGuhCJebU!2WOtp64bd&b8lzOog|CF4Vo~>AKvhb4AvnZsgp`BS$-!yHx9~p-jz;uR z^t=3z%Em&3p^y1>acvlHdXE81Qm`olgAYkgpftZu)C5B@vtJO%IxlfWVziDzRi>o zYmJa*mdOdJkR}%N(Xk(x4rQpZP*Ev@JRjSAOv zRO37v^7%=Od90q7fHYtNp@o-#9`L?H-WPPG31Jo7gqGRTSRCyB41pZqW?|)J9-iC!)&9T0T zynq9Jktrh1ewZ3cp;VZ=@#ofpRrph=eIEbswy3k7;FdPB7{F6zrk7DMYG8LRtz@pUy|MmPTEZj~Z4QbzMGccxlw< z^HFW3Q8(qIMwCYVPd;j7Y1EhUQKL$u?#M^s>?f=0tJs}|xJYT-U4^)4Y1|JBan+@9 z_ZH%6O5=W3h^sA)d#DgsR~q+lA+EkO?$JVAtTgV4LR>>>+?GOIV`<#43vo@Qala|V zDb~r;GtTK6ImlBRJ+IgfQee+N=lNRci)8$Qz9@Vs`r<)Q+?9?v53aoSj_Kbt=78WW zOakVZ*`K3lSu)OL9%3i+<_CwE*qE7nAQ1%m$!yPrD>}7lhpSlhyao~At^9+m#Rqh**ZzaPF z^-z(ed&)3FfMz(i4`1tM;mLD#D}mdVQ_L(wtIc(M`NkM#0T7NcA@?3|O8OOo-6y4@oU21f7}wsCw^tJ#%YDkDLr}yBlycBvUqpcp zkR_nQ6d2lRqlS?kt4psFqjgsRg{{qdf_{odQx2ENmk>GSS0qwaaCI4wflQ5r;_{6L z6`pBB2*y!RF;%Sqzz3Ctfg@GiD7?(5 zw2S+OQiYb|M+$l8V= zAoRf6MqzL)1bc(yELqzihhWbpD0UD2zOjxJ)ngrOPz&b3421;vRpWp9uALJ*yC!x` zn!=EvaSEPCKL>m6dc*iB-rv0p?gjn5D^{J@#}pqqBVZhczBhK^0^>>Sy(VjpoxSkD zeer%7{;y&pH+Jt+GRv75Ka6OB!=JuBRmH`~Hv(M-#!i<09sDoCAH*}xbYPFcLM3%s zGz`CuWgLb-(*^MdUmIAjlmOUm#O4Wes1a2`T;pUp#yI@v;g2>lFj>d%nt6nQ9$d zI-a?V&#T5Wd|8kft~=xKe#dB-$B;R3KCct}(r{)+k4$0g zWoSFcIB)jt=QS8vYbw+4N!)(E`1l2{8b^SM9pehY|J8E|;g*Z|+za?4rQkD8XmwkV zFgISp*tw_hdEYL?t=75r!;bMuDRC2?pEagqMtNR9L2f*ba4r&FI(-V=^VjiNbts?X zq+KqRvK|o3&y(j_@-(E}uL5S=xCB&+8zGA&9yON~JO3EEpB|rB^)sQ&Il9C*q%LQn ztcdXj=s(=J5iJro79&^OxK?uQbh=z!9 z#OH}NpJTuSql`~WJ6;9ag64Y}z-QWFj6I>BxXnObv}2gheP;4`>Ct?SKa$TW^=$E5 z!9NjW!(3xk#29njJ%H0CAyvKPkkghk6mov6o>U$TSwMG|uU&I)95^+1@Y?k}mqgdjV z=wFmFzoS5f)Pl^xkR6>iX7#+h?+C~o`X~?Ujg{a*`YdAue7~$&wR9nTw)P#rK>3*R zKuCy%$hAhK-~E@|b6yTI@oXcExLXfhyL2PWU1u8s6xnsa+NC+jy$c1(_fB66n2qpN zA>}LQG3BAgrADB=-nj9IwM#F8q`XE_uIXpWMaEYI${xECN{?~3#JzbeKeY3^)Y4`#t@0_!l?^^g+dbW?H-w1mmeIs-9eaSdfd^cZ8-_6GP z$Y&U5jU>$fF)o!7de_l+tM)Au-yQIgW?vD^zQ?%H^~Pq@XjkJd<7R>RXfI*jW!xgZ zXQ$BjBjcOmTXGD2KQnHX60X>dCHxi=W&=jDT~-k5Kfy=J-y2-J^h59+BEILu_lmJV zd=Fl*cInm7oqNRh$)lL>&ocL{H~uDZ?SYS&8v*l0_!b)NfeWOBW0%o4CUA-P?hLP8 zdabd4;5P#0v+zxYUFPrN+ZW~S4PU_82wYw|iTUOPA{ME880bmgEQ?qV7p#{DG8VD^ z#c_;V9yrq?hoon-w#NrPEWQoGFDC}h72jVbFz(dA#geZcP`+)P8Th=!eL_;M4csEW zrio0M3w+ZeV^*R7b?kJg>S3To9NSB=;P923Ps6 z4;&pNUD~Ht_slbH)V>=|V9FZ<#{{WS?1#9Q;X6)Jo^nZb&nw1FffeFA(o()tf~3SF zQ*sIkKLNh0#rNT(H}$WC@3Z3j(8Nvs ztKhp{e8aPw`g`HKL4428-PC_Nd|wdXzuZmzYvKE{_|8XpEd3U!R`teB=BEDj@O@3< z#>O}GpKaV1__p}2ifrmX7ryU^Z@Rsy{{r~FCq6U0ssCd5?iOEtZd3oI@cl@9pAK&7 zzXHDd#COsMH}zj-{3P(8_->oAss9@IHjD4WyKL&e9=>0QZ{nOy{Wrq*h{}i3zXac7 z;;TmKx4`$L`0fsE>i;@?PmAv_hivM<6~1SK><`vSn;_kRTRFx%#8SI0CS-+-CQlcapId{ z_K7bb^qgs~5nqeYdSCMlrxDPrV3gZv9B6(}e0xet&-Vr>QHVPgVbK7I&O zp0oc_%kRc>1;Uy4M@V`0NAAP(;bnZT6Zh73hQBJ$4QuJ{ljk2KTWb0I=?XqiIEBx9rt%p*h|fBCz9hMJmh{KYW%x-;`RtPLnP<=)T*&7M@;vi= zx_boX-RoGp1A*#DV7e#E zv-$&c8{&RZVh_zJprS;*)AvG*q6 zIbPkP_ulvTAd*Oe5JM6Yf|8JkA@e*unayHOHAo3!2q}4xm_h^%Rc+~;wp3bFwWz73 zs;w3^)I1eM5n5W5I&1B{pF58?ub%$@-#OQJo$ouY%gX-kwf5TczV|&m_dOKqVy$&# z*g1%~5Q=h7ZImx5DBGG)E@3f&Eap!gV|M$X?82l|+Bw6|Cf`dC-*YO;H{(zyG`Ivk zI6w0$$cuGvVV~yqg8uz8?$@p!WJ7}i-f4xyU~Xm<9)%H3$z>*EdD=pm-A8Xo`-T>0!s4`lr#!uXcv_C(&cW}F>`N%4l#|pp}bXB zw~4OWvBc^>=h&f{J9>f>Il$C)JuYN7SQf6|aXKM(LY=pVL;fAReLSIlara^0? zP5KS+h1NKhkMevZ%2IEXzb<6)t$iVFTGw6hI8a*GdQNGD`(gD+D=dc93C@wd0=mIj zr&lD%{d4<(Wgq7uAcNdSf}~AQPH%`F+BO*ja{s_Qke@aDu^}b8+loe%v|-_N(Do{H zY*Q(x6^?I<@_0Lx_Aj6u%EFhK_9oN*%3}KQc!=p$7zUQT3cqG@Hj~L<->a}c3;VLL zE7m*z` z3BWcy!P@FCCV3k+Zft@07aJEt`zvkcLwFv{CQ9C6GL*?HOolbY_?>PjFE_xs`8|^t zVAZAMf*T$yd5^4M{wo_T1#hifv8SfFVyd^8?B{kI9y%K1b^+wmMmOLolUF+Z*f688 zJsiI}k&)w9H1Z%l#=O?egKQc7Znt`5z?ee_igo1s2Pg3FO+GI9ysI}^FlbD-PQ;S;JG9vRqDPQ>^rWW{MoW#XhnXc4#Sz=Q zeMBwTOf7@H(8ycu;n+dSI`o40VclNcC(trKu3mQC{m6#q z4L}|NiFvto$GqG@^1RO1@PBp0CNB*h`#^6;TBH1V5z0xEQ9kL3a`+OIgyoVlsSS9> z^7JZ<&B8XhKdA%w_l5lfC085mf!5dvzvWFUd<&!>$%dnOT44Kj>v!mdGmx(b89w_M zw5NUEibmFTILWz9_g;nj5>Wa&wt=*RVRU)G*sGL1NG6N~4-zr{rf0801zNaQ;RBd! zX@zIld_2wOoj;r7(^yP2i`l_efOHnqip7+(dHO1gna(_HVBytF>%iu6F!LYEET^*= zHx|l0^LM2Alw~xt(|C2oqpb(Xb-&)#AMaQ@DMTp!k%O($Q{~CAf4(C zfZj|UjN|ZkSYzSZBkSc`IT+p$it^p2D5GJw1|tNAm**yB87xqpC zNDnd(WJcjPtjEW(kx&GZ5*L_3lq|OI<;_#cq%Y(slU0*2p3j~4Q_!&VnHX%sa2;td9IZx8c?#od z4LjDaV)EZ(yh$p|L~r5^$6Rl629A&3?u3=u3EGhZ{u1hR(!0=ziI1?X&q~tew zlUKFP1qgE+x)A5);{{PpX!8TiG6x)`#C2>QtiXru%DOioXJ|Rp$m;+2bNyG>_Y>9* z=;xyUj}2|x2i9RF32NO@PdDm5sus3GpE_9Pbub<%39!TPF*{t-C_#zsQ|*5Pwk<2? z)ks{6Y};S%j4SgRWiymHO5X<3&$J6=s~ z-pZ7Ckgrc23DVk+-$P!mW6@_FX)l&Ri~%eU##{RrwW;oK5=)9*XXIcV`aDB}pP_6Z z6DcFxCZ*J&B!}si5Qq4c3MJbGMNIya%H)bcR8onv2Z4V}NW^55WFj#J-J^D7oIwpG zd$Q7?=2AWKtwF7&`UIw$@X}FgOxklYO&@xsdsC7u=yuB(&!(imAblcIwxBk(ktPWG zwHDG0L1Vfgl?n=4g0xallpWGqL9ggYp9qR$KKBT!%jl4xMl9V~L0#ryx*LLSEJpf6 zP&CV3X~F7eYLkz;dV=<{8Z{F%vp(wDT6N8kx(HgpC|b~~nW#$_^bXU(JB6?XO+GBY z9ING6w9FUe)f1^$P*av}iJ&cMs9PoIc2lGe1f6A;+XM||^p&7+Mn?tRjKp*o1?^#8 zZVTGp19g82dLawR)RLEaXE9QJL7&7Uc?!D3sDq&JDAWZBk`s{P1*wyedI>tx32B&B z7mbuFsLBQD6+zQk|IHKh4eP&Uf{wF3st}aHXrrJRuPL!WVUG1a+Q@v{_I<1Eenm1=|M z$s$4P;#`9|66Y7t@+zG&);lPGbYZlQOc~oQs52QLs8zyAIgpGN)U3s6DUcK~!qMXw z6i7ZWC?+U~95HCU97Zl16Pw*AG=+nV(2#}x9c_p5d z6G&H~YoF*y5=aE2eWvLxPRfZSf$PZp7LM>fhzulJPL>TG6=Wu(1Zh#ZK}lq?L6d?~ zNs&R*f-=ZrgNlNBk=00~oIIXd8q}A3$Y=>EPgok%k9;nuq2n7t{mBVoxv%c}pn=5f z%hTmYEeioy;<5T(E_l5agU$7(A2k z=f28G&;FaGBGMo3G-0}){eyywNfr?9p}X{-7d)HH61tBwH%oI!iJ=P*o=dh1opWYc z@H|omSru_1cP1=UP4M3Eg=W{eH6TuY%*wVa5*^ygk|}*|MuYJpb^ZbxD(FBhJ>)}@E2v9< z$B^}8DG;_qm;Q}IHj>?puw>pLo5}t#p2KhbeM7dAYd~oETmQ~L%fqb{60(il1H!WO zhhF)N&>;pFvHbqk za!klRg5O=n+$$X>h3qG(f<|_m6!JBhC}?&6`oZ6jR|Gk=o)+>AStQ85{+y5lE95W<5p*YQZO9SQU(lQB1453GTtR_}n?jBgC7OE) zOxzK2g0uv}`W5y5HsmyMjIruYgq$P3KwS4z$OW=e=#~ZD3b{ni2yzXY7IKAD30hJA zt&pEdy;$yL0OWq11Oeen`>A&cxj~{B6`Oosc@%PkBr(F{*i)cFMpx-aaGbtPu5n8; zbbx*6ZQ>Niybyo?`k_?>-$V#L$=0N-+IPrcL0w;Q3%yJ1;<@hN9M90-NGc->c{Q?i z=za27(CWyJp?{Ey1a7$^p?l~9lA6eA;@F7LM+BC0_&1YG9GevSgw#sn^nE0}4uiT1 zS`g7El+qG|28YTNUu=Tu7DT)hs?t1zMu+P3nn4pnYthUUt7SoG9eT*1nW1%QRH{`s zFVuls(H!<%7M5&Fs2jEG zVYU1`v?<*nXn2CJ+MFI0GzG|=J`nUO+0|@N^~d_e0y#Tt;PNM;8+I0zK7_>juG9 zB|myk(7cY$VSZHV&wYL|&MmAHZOo_~(s_mj&~^s34-2Gw4eB1&l?G*Ex^m*-5FOT? z_Fz;-k^`f|LTIJX?dZ}wES≤FdeO3=4~-se&ekj|z*XnS%1eCxpe)JVs??V)!dz zakOACro%eS34>>Jhj99(NqJZ@?J|^;>hN}03Z27fCfOYMNmv?n&q5v2p0FOYfRP30 zP*`soHXL=urhT#J!ur!VL8oGW0(w!Ky_Z?W%17VCUh|M;so>Wv^0c< z3G!X?G;9dXHAoE~N*5XA5I&5q7xcoCM&ViXfI%MN!|Bfky%3&Fm28$DvFlMnMp8dP zD`3Ytk|qjTr*{n>NwWogsE37*qQ!zvg+>Fd5_C2+F+7Lv6yzV40(3%9U|7%am+9|< zcGT_*yXQqHIAg|6`&r2RtY#pt5Y zy*Rdt=ELPlp8JbqkAzR5z6PBMpGpTYnn?~1yAobNrx;WfK8?OAEb(YjNOueRdG5n- z3%w`k?&POHtzX6*_7OaLvCs-e#blM=qYw){%*aCQJt(ozi=0dg=AxxCnw88nGz=~6 z7|n#4qefV$tI+-Gb5fo`J8>fYphh!jltD+rXVNT#&V>U9;thIJQ1`%b5pU6gNnF=G zurOjZ&6&(;wR>sAzvwDKuj{WzyhBs-xlSLpH0V9Lh0zjnxahrzHMGeT)GdLZW^9O9 zOVV)Y5U$BvX{jJwlef`jf^bdVMptoy94!F*P>Imtb(EcSJENJVHgG*;C;dw3@c6Kk9u$<~iMk&dSxi}; zZa^1=?mzqJ=B#GdFoICzwsF==-4257K2Vkq83s-3~8s({Qy^ZzN9A@S;)*`NPaV!Pcjx( zn=fgGK~;1g9fAa24i7sL{uNzh=+1=ir&+TworNs)JQDsjy)3AE;F0ieXlfDHxdVMm z!;6v1$iR4yhyyeg349i|a*zCuE(OA?O-`Qfk>Aq;%+f**!6JB&_L$ARSSBM~5cC|rxbC|y@sU5$JBvA0PK=K{NzE{Uv1BnrG9pjYLrXaY^com> zmS(=n>AgV%BhS+_f|gAj7Lwncfjp*>hAR zyfktJ*G=d-Hu5^{@dl>@6H~&k(=7%~jJ!eJ-{iW+^+rYBq#v*1fO@ zUB!tV5&oe21$p?Nl>eY}-obRZW=)IygJ!&ErTLMMXci+2Sp{R_F}=2i=MZg=)MG6W zjGj46_pw16$&~yJtMM?RJon&UYWi>vaU2|2d6iH9HqfK zISnZs80jp{+QliXaDQZdsn2dsFM_43wB>V7g-}~JDe4POannadHj$R@<@9jc*vO_* zm;Ib(6sCkXl~x)wF|wJYe9d(mUl|qYE5UzvuL3VMe5< zwDKUQYtv6gwv-$XancGeM|w+(1nn+765d*>_XF3x)wL?pNAhJ)Zj%B?vs6_1A=h(>m%J1gnL>a$?hokiMwVW zshuF)3qyW_aEA-|3Br9Vt!>8|kqiJY#4pWgX|~@I0WMbU+a9?q87nf8;vcv$vO43c|C34w7<$>u|5{E9D5n z9lW1(R1ogVJ4#U}xh3x4J4ssv;lA8oYIln3a3>xhxt!*Nd+*NDV?nsv4wO&>yI6H$ z^ZSuq3~K28II^ojP7C#@?$Wh0Xo=U-;aL#r4x@bp(*;X)&oVCr(}hSrf-qf})Pa$O zeCBnqUW63Nh~E{8lwyS?dWn>>1fiEGX`~?Z5+luLWFfCDXyp_qz0QbxiI*yb<&yR{ zXuNcpQ5o5u;1rc0O+SYvT#J{_VIc(s-HBIQL!n1 zNkCM8X+GDPN|tm7T8adFeM{QgQJK;KrYk2KOFoVoEGbvfOF20kup?@SbU{#bz`>{& zrBy$3-MoO)Q7=iS7+J_$O9n(`OAiFiT68IDq}1g)S}q~qm)(mREuFrBG?T2!cZh~} zj{L%@|037uiBdMBax&JxRdl{oa1(Xq#C7)RsA*E8TbvfVpN^U?1qmwi3XU$6W(hh{ zd^&1|v|rH63rk8$jAZRqspw7YPZ>Qq8A&~-D9B*z3cI2^s9!>!=o~Kxj`i!+oNAMXr#x1 z=r;}8=W!wWUs5H@ubliioHsg$n$hV_N(w4;%-e@7}deKbPL@XLAn z5XoYCKi3VYHlt$G@s1^AujC|j*E_laxd~m>d^jVLS}>YrQcB!_+6mp{4q@T@B!58* zI#hMvCj|@o)h8_cD=C_h#q_67Rrjx?WTA_Ky~cj2m(cZ0a3uSsK|tH6FUw&6_NwnV42*$SQwY+$2gbl#F9h}MHX`PrWMS#{ z(zOdm#2hws5#A$Wjz}{_e(5lJj!E+wSxm!W^c<6x3SF&1c`?VOl|t8e&=jCGTnFcy zmY5%<){ij5Vq)^P#GH~|=47f3x*~KBKzC8P!-+g}SQv9j%KMX-Y*)9}Vy;Rj z1g%^6TFf=c^)c5)dA}BOL+Z`QLbi506nay7nGs*lZcCFH@m1=!bd0AnMNR3@;I?#@ zr!$$SJgR?Nx+--2r^Gd=l5Pv#F!*p-mGpkdcL)@v7C(MXm+6d#pRF`mzh7 zy#&W+eR+`}9G?y4b_!bVB{)7C$@>K1_;i!c2*UB%R1Q*kS#Y&!F2@PN^`*JIfe}9f zdCFTD@%%jHb{fwC^J^*R3BvrmWjmegFu&Ha310P!Wx@Q~$YU7oBbZ-1xj+!+*G|67 zi09WqzR8G>i4HRSlpeg4k$2`*#B`8dYI9mQ_oJAO@;ydN$PDitG5+$$cBoqdPhWi% z6DZHJ=axS&JQCAY&W2asqL*t6j>L4A3*e3q($@SVF~RaZcw!i-&*XD4q4FI3kt6J1 zd^%Lbgvnv>8wk{mU3@hrQeK1vI#c-Fm}uG5fa`JsX>7b4%BY;gIM~OU% zH^p>lc`!C#e!-yAu~TI;qcSo#@O11nd4V9jKW35F7`lp>nerC6vV$et)$Lkrv3w1# zaHG$=V;;oLm*Hplg5OXUMCxfefghq&dkJ3Kj! zEl=}1$E}o)BS8+?lcVC^l5Yy#7n99#tK^*4T-SWyfVc{Im7unRM#Q}*9}~2>XJ*P4Zj|6p#QOPOUwH@YOY^pW%r?}IyyP*0*uLE@u zG;RK!xHEE~pz`^@1H}l!qy1SqSr8uW&&mS?of%z1&dDzddN|q*C{GYxqdqSe2*PXB z=jAnwW}4Q3?t;95k;SwVbQk2U!qO4Sa#8+VkPnpQqI^iuxTq3xNj@QHag-a-&w_5l zJ4+Kpd=mgZYJ?1czl$BJ`YjTVrm#)p?uge1jJ?hdb{ugg_SPY4=2As9%8{VMj@gSmDaS_77s5_VgL52UjfMqeozjMRV1qU*YTR-D`*6eNy%koAzsao#n(2{ zrDUIruVc{r*|*~Dlr20RyOvN_+06)NfJ*8r7dXMQp^xM3m4|}xX;6EGcH(V@PlMVk zbp+wlp!P}=PV8w=dj)>V1Ld@kvSILhCMBH_e-IUXeib-OA z32{@d2wJchsY+0CUnDh<!1iifoX*r{Eaz4zQ&|F#EmHRvkdv6crD5G+6Kdg6xhho=_>)J*PN$^za zb24p(c4?u+G1^CPl($eS1>q=fsknB>bo&U7@>a?$K{$5XD5fB;!?D{|na8M%M06dV z&`zlkl$AXu;RWS@pk3Ls651=jG7|e9@zO!5H0ZU24oYSS*Wu{# zQ%VG-!g%phE-=FJvO2*}aS26B3&HWyNy%cw+d4qGEGVzIG9gfTIgDH86>m%EuB>8I zOt9rcm0yvd$FQwK6~}O%`|Slt?t<_hQK;gJ1eQ5VkQOmrIr+NxR|%oYX{LjxXv*#f zhbw;wniYOOI6`rbz;xv#EcbqJq|!mq?be4AqLdgx6Mc>+L@NUX?I=5)5ToP^niYOJ zAy#=+(CcAY!EwqqgL(xgDCZ4|3pOiCB+u{luyMi3ijN@I+^pbKCE1|3;B+Mq33erI zhujbDq1Z(umBZ^AFDLX=_Qs$W*p)P|O6aYeMIvRUo!@JcBmA#x`WnY`PPzg(CH3Hh4xJWs~iOrnF${mAtB`#L_WH3w6?Mqyu%wuFB zmxfWYRM{^GpGI4%Toaa!p+A-?U*n4z;Td^+UU8{HdUA4cc)R&hC5}-s>Fto-YN_(7 zpikye@~ZN#pl{($@2kodMi!D$d@%7<#l07Lf!`ds984@%mI``#&cVcG%4I?B#gr^p z{CjiDPR<7tmn-)f6_Zcq9Zh^qsoMv2#pK)kqlqgNFGlcQo?)jFUsrkx-6!+zM!cac zG%W8%ys7LLmTnzSCBCIR5%g&Msl?Sv%f39nin7az|57$E!u;SJYRY$lzRicXC@D7# zT~*>5rA0q$S*jA(Dw&Kd#I56l#P^jlL662iNUT)02&yQP%pWQ-{du}=u!3z=dJD>) zjFim?`l!jl#EnXYpq9{PA1S{H8Vqf=NokkKOT8H^KUUTVN^?4xxLGj|03EfEfqr$( zpD4?$1pV--vKI;ZVg4MIY*DfYa!P?$SZ!547t{qt!#3p@Cw5nMnx` z>Q{{5$&O+7%uUpDhK?jPQy&{-N^(~lrtsWHmU$$#Rrd-yINp@hUcF(^J+rUsIF(y&a4{uyRP73^bkFRswtIzBZD&(b zXLZgrE8R19QI$d@tWo=nqW{sQmUFOXoE|1Qo5QolUr_Z z2}tUp7R=&Q+c`R^mwKqkN&!iI)acnrSfdw{`l&q`VU2QS{aZBu!R}79!1r8g(^K zQ9m@u!(5>LXix+5G?kR{bhSEmH5aN~4Dv9~P;&*1g!OEeN)~a;k+7c4R!amOg!OEm z`jJ5%<`VS;Bb>!6lNPGigl^!lcaj#VPYvD1q{V8}GW3a-Ta%Wm-3)pssa);D2xsxu zq~+=&gWgG6q3#zHQ1)fgO0~~oUb29)AClfuFAJ&|zcuM?we}LOs~G=IQibX(sK{k& z(z|N*Qm!j3?W9m*r=SX&{XAG)J+@;#RWleWCVz=5| z(2a~+NuR3|44Ovvs7npHm-MB2)S$nTzEWLQ@sfQ5$G@*tvq2u_Z`E0XQeeD%r@E}> zmMJh^4ymgIZH4i2MBQhQhxwR#Q_u=H{{5()d7GzO0mr|S>dk*~x(~;{)2jbFR`M{P zRX=za3FoaT`MkP=5zbqOwCd;~kQps8ND8xHM0Gs)oJKbsJn9lBqU$9jDsP&68zqd!>~el2xtChe*Zn z8;+xix)#gGLK+Uc8)4E$7&=E%OPga*Rbp-JjIazS>zrIiducuQxv@i4VqL97(EavR ziT0X#1J@k`a?r9iTJyUb;izq41W)&sg(cV1!auTlxf|iEWed9B{%(Ye7PrajMtHRMFuQ6y4PAC}W9^JV^+^-WezP^*nB-S~pYT#AgnO9VYdsm^n$^MV ztBp6PtGT0AX3%@d{#u1dH><3xxwCf5(0!ELMbkgE)?s^cH_erih0H4RFb8Qv4Bc1B zAzFdZ)mhNX9HyDJ@Uqlda5y06z_}z#K&F%-TD;<9~;vLOb zkb}$Jh)SgG|sZcTSL;sY(85vIEv@u9X{(3en_^;*u4)^v9x zHfXP&;ORaM&sH{S`x#kCnoG9wk+%0Fw_NX(t!&b2pSD^~PWf01VuY5HQ#NZ|&R8uc zr+lJKJIgKmM@&!oRNKJFLPohvPuZe{o#U4Kou;R3)m+b8EsImOX{n6RvN+{4?S!EH zPQ@wPwaN=<2~Rrt%um^&wZ3Rgw=8A1Hkc8nTbA;XzcD>2ei1KfvAPF@3ubWfc7&IjF8$9@C3UiUE|a!!VM^Z5j>>;eRN36 z6tn`$a#*`2=suL?2ko=#JYD|?l^oH&G$>g)sy$$Ybx2l@X>)F%CDtKXIj#-b1D)F3Faf|CZg?COqule1!=6*NgqL#`C*U!5Vm$aFJDxmH^X=?-(LESHFxmDcD zMX37~ZO$F5&#>gHn)6-mvwy_Slxtd3gZjo?*HRf_OZ1JopGlRFWQ!0F&)2C zaZ{^egjd0nqi$-oenZ{WTHYCZQf_Gt1$D^yCgrvkD(EY?*Kam zsnK_|iGuLWA9uBdf-1-UkaAaBDX4V7$&_EUb%HwPTuQm8?GV&5_7>2$f=Y_NNx856 zCdfVdhm=1wyL+sh^uQ#QJkY!tU8K%Ak>sHk$cR7V@=yz9gumc|H+pJNIrs-p=@qwe zeyGJV-JUvc7N1idX$g$5B?8DJt*?!jKeZuTXZpkcobsnOf|12k3!W$XQya%HA6bVaOWR4?UT2$qcMte8;Frw&6KN(Sxf zHld-auV$8eYGbKQ`Ui~oT?~`H`5D^Hh(9}G(u3|}S@sfqcBHm`LJ&SXVyBP$o$K(~ z5qo`(AbfVjQNPBBKRe>2-xGw-jyUO=e_%SEdwo62AV*SPAJ55zzm{vDPc?LK&rL5f zh@>{qS2KbqFrn_QdZi$2rA9h=fH~|VKP)t*y6L`*cz(_FE<#spc7xPrdbW+uL(jF* zdFZ|mtIOF^@4{#w!E`P4d>dUWeU{K+ey#K`ZFFt)LyXGF#1ik+HoD7W^jS_k`*u!k zuMcL#efsI|Gvej+*FP4P?G|=U_1ED?7A#%d!qZWKdMYDczb^U;Mm$}2y+Y`)UApT> z1!21c=^lSo*C<5yVYCmPTZ>E$(ftJN>Xw=su6MJsjM5_v%l@fRdV*n@of@lW*jOg$ z{SC|UsR{Zp!_tzPq>r_+Ow|hv%LS>a`Z~jMMQVn=&Bn5q{)J)rPHHdx8^iMB)V}%= z8_P`nv|;&qYNq~^VR#4 zIXyxDh~k5RWn}-*RCTg`g3&&BYG*>je7&{IbnISaf!>!9mfAI~Kp!G#SGQJa)Af;z z_;{J2k25U&(`M*X49oDeB7LTfgB6Lq3%F|Zp?kZYZ$fQN5TD+m> z2|8O=zvU|ZFe7Z2b!ip4uAwFO@}BO%h#$w^)BPD?EA32sPcIO(tJ}9}@9Q&d(tV)M zH!P2*eV{KfEPqPdps%#C+@x0+mbcS3>6M1%pJ|`yn{6z&>N^ZeEq$y0rD5ruzFq&` z#&VZ_+^}qxzDqx6Shh|7LjT#u@=LwSu1PXAVS z6tt^b|Mc(mMmCm*^_GU^@btraqG359{ixp8#_~twn1k!!kNOa%+S3#1 zvY?VlX!)xk{C(;<{Vz^%6rG)ZPIon7yUaAXz|##Eb#FoI6HiMQ_4bS`rfrET=mNP8 z(p7c8q?-*=$xnKTL8a-JbyF?$$?yMN)q@z#B#$S+8-VpnK?9o3PQR+dM+m{vLR2qG zuImYccEY`->$;iIOfo)cS^5nX@>e+(uZ7IL%O9gpY-cSEc_poD@P`_pA_jUMcHnt0pO8(G$Fyb|O zpcio+JR9>-`U8Etpi_gkra#p0G2%6PsOQy1FBj>C*|3+=m)dih<`)E1AqaJk^fUFU zb&vELjQFqU|J0k{M>=4SIlJgl$YZ?+qhiuA=VAC`eJmrslY6XB6V!6luJp(He4dWo zhkdNSCJ3LAc&xw8Eo)^L^#|G@bQ@;FZy)uB&X^z1{jqLlgt>p6{zRX{2y=fL{zQL= z5zqaJ{*j zCU9c8E2aXW!`u~9iO|`N{M}129TbGSbj1V(fp39f?xS6-w2xZ6`V&p)_R#{bd+F6Q z&g-vqlj%q1g&zZIna(qsNj_85j9R8AjQA0uwyBn@wdLW1oThq=X2LvfkWt&@YUotZ z`7`1zU&oXq2#}p@YSob=nK0-HXR0Hoi zrq=~w-Rqbt1mRq%W6EvHdj;oF9aEto)Y+M4xmWA#Op6)u9;<7r6guoNd(#F%SZaGy zZVQ&K)~s0*qU}wSIk9ru!yE3n4$En8nj>^GMqWy>H|-LH<+OjMkF11!bf%u8O&_(( zsAtePuPzxb&!nqw=qz5hy&D=-;1!nPYS1{Zqzt!b(ls@77O#hLbAt-J`eb+*G|p>y zhSxLcybYbjt9Gl_1{HX{oYBUhab5)(?Vm~KYv^DMHtlFofmd-xCxga$y_V7WnRJ1M z&f;~cX;*^^yxz;`X3#jVZ5hF)uUPByu^VDK$Y>^6O8b)#)0t;g`3*j=psy=g>F2gi!hlP@wGh46y;St&Z0~` z1mPHrHs!Xe)tkV|K#38{obBOnWsF!`q`# zW(<*_Bu}9{@GXuolvg9MreQ;ChOx{%J}s=;22)kXV>l-j>%}cMFh6PvdRx{4wF44S z>kc_8B-9VT{d&3o^R?Dg)i&^s`9bI>ehx1o%9=5}j$C5CSTC!T$d;y9h7UmU`2SuE ze6u1KJv>>6<=F!7nUF;;k3F$fd5$&1uJ)Mfu_vbDHrstM>`^!PfW{8!qcuUKpQUkIIJFxk{G?u^YFa*OsE~K39NQJFSo$zUa)832LV`~ zi%?%muCUg|csTMg?SMpV0bUX;xdiX^N3C17jRX%8yrCasRmPBT`TTAsW z#6MexwXA(gGSU80U9{J8v9I@gqh;+EQI4BiEnOijkv>L@L@u&kLmQ~e7__|4Rtz44 zqliPJ8PWahcTWeR{dhm(z7qL&5&%xToIHP@xGmpV` zvub%5wU!7Ig zOyGcOKepi!?D(~42ByMNp~Sjij7%1>9_OP7ONFBdZ5qJ%=TZ_m@=ZnL<0dbIZTwek-QEbJR~APBYYh72VZH;g4co!Fxg_kL4Pz=^N8SS8v$c`8 z5L%kIV!}l7ur`2#@fBn8_RHq)t4X3aEAj&BG}>l-Tnl3Xnc0m97Q}P7uptP zBHL5BbVF~s_SJL2wg++5vX-CM+E()3d5g6tl__J z$$!=w*vq`8&u<@GKV7+it8_7=9L9(+}?p>{FTbslxhHWqqoVo6u7_>mAeo z@FzuBQ+@=0Uf9+r9zi75BeK|Q)r{fxSX1lXrlyD6$yn1Ju<|Iv z4=)uj$@9XkAeFVWwmy0Izt@JmM{G-rqv+XDXFJCD$g~|}|NF+FZNC4#zN;wJRjQ>=c0=8}P?75X~ z`7tkRO|g}*P4FzKy0qN0ZE3AB)%LdMbi9vv?z}EIb0reM=JmTxs#}Kl7r&y&^W|ee z?#$a9OY$|l^1yov{aAYtk4M(_!EvaFmFju+yj18x7GuD6wAA#^OM=%utZiZ&gDq@5 z+VXgQ)T<6Zn+mno7~UFaDYLzV)z4bkY4cU_+4$$#^IpT&L(l&{KDmEvN%ZgNs6I1# zty*g>tlGct3u{TLd&e4sb+P7!y@vk(S4iB|Q1U+8jqnkIy9Kyz2}e?iv}ZeHzJK6h zzRvTV4?q6$>sMT6hF}Y0SZ3F__`b+`l?iuo&t7-J80+q?`l^&d%Ew?lFIzvh_v5<- zJQh>(yck<;br|Zx_6b}*@A^ERS6Z({@N4zF)_7$bo-4J-Yi@kcdB7emFLl5@CyxnX zrR5UGp>_AdXEA=`n-ZKs*8bun`FXXlt*LFvSF`JoW2T^=*QcU9#b)k&HWL0*3DL&3 zJlLN62yPwE8R=-lWBp=VhU&0n+&w{iejnsRIPaFo@9b&-T1o_aoZls} zUP-WxKMR%$q?O=^z^^mdYO7c|W@>|Q_DjLIFa-V#>@mkazhyTRpKc}^pty*i1d7jVD zSxfRV{F5;E!~2@&!o#-lw&Ca5{O5RUX{)u?nCJQAW#(o0C*kM$v5mJ4SC@pJ*IU<_ z{~T{EZMD`K^E{vbq|CN9&+}s&ZyT;I$^R|?f9gBiw*4pJf6})9#O6Qui*>YAYppTQ z^Z8H8Y-_{)@FN}1g@ZbtXB@PeV(1IwykFyeqKxd=lK76ui1{Ae-i#DW&5w%{1f~CH|uL16g!wMFrsN);Cwafrl+UyO@5JNzSM}ZG|Loye8-CQbEmh4_SW}7M z5l1FZ%s7g;jcqC(u9?<0=I?FznB)>u@uvZ;&lcL|WowD?R!iHwY{UHO5I&V*eU61| z2WMammtW08Kl~{m9>bsFu(jbH`1K+;c0GstslJY6y?%l*wqgE+iS_ytFOTi@F&=|g z9r;yp>wN^g4#Tg&SnprhURSpb*SyAF)dA0i2h7Lw<-^c}FeBJ~G26279PzG%^$H}9 z!8-{5^%z?}+t^j~n*lf)r+31${t+)=8LaVt=f9>6zwT7Cw7f>PSBm(RD~z|6zh*oC z|JjDOq-~4w7(N0~!gIFsv8QUb5+CjVUv1Bt^|h@j-gmZMjkk^G?e_O+|F2EWnOk$6 z`DPN1x@fj;9O;GgcQ||Eh>yB|*`xMLcmmw|{Ig{&hWTB*z096J{bjq(SI59nkNM}? zn~)17TvpptVtq~zSI*%{xN`DTeb|+^{! zXF0p#?ZEGHGI=H+E!(+c85*Ww7-Qg*dj%-@T?}q-n-`C27(8vV%6`1vQ6{Qfo1 z_uuWUS2?Qham%c<%HQVlKTGwz9Ql0#loHG3`E~hwOWQW#Bd2DJwN-VvTWUvY6Blxl zbbybPcYwcL*#9fED@i9^NiX=H0RO${D2RU<{*NYg=@|H*OYBK5#OD$x`0E3IPm-~u z0sQx(V@YH9>jQsJlJTS&{P&{ci6{K^fxjn79%&E%y=We31Al$s?@2P5bcX+4bTa7( ze|_NZNscTgBME

zl$1v&4ebqb?A%QF-Z!?1hZ0jdRGLLEPn|4zD93xumP#P}21tCjM;?7LXfxRN8mcnO zZOmpr#Na#MeUz1R&P#XYMzL3<5zO0CkWTVa@X$!^s&N0udw9t!DgHvYf+o~Uk}K%; zg5Gi^*km#JhE&P&s-PJIav?2RE~SI!O$IG`tE486l^`*up3-hnrM#9jYjIj?1lsj7 zO6XaT(6b;vm3`=D?Vp*CS~K7?U} zC_|LG^NN);2-k=5ob_}h*k3CZi-O;&9t-i5jHLsbZdXw5QLq=*%h-DB<+)6Y(h+)X zGrV2Bj9w|dtgHrk8zjDG<29y5pSrr1efxSXXdTpgihHal$d3}*FzE~O*rWjUW3W$v zunj=f0qMC|8nPwYAE&E@PQ2V{#*thnc*~WIY{i{FqE* zavYOOnEZrEVmiQj`2dWKwx*@Dbif4DQ7Gqh6OPO|5MDiZGL+dH-jBbLjV^4x`s57F zgRh>Rp*gcJn9e|r65y@$$9r5iZB3WQ&FPN>vV5l_yQ)3d9C(!`qaU$_UFp51unH8GoO!{ z&&SMXyi!$^RU2FB)!JXP_FM`rUsZc0lZTb%@s;vnr4S_cJNz0KR+WeHYDM*QsB==e zGc}>kMWwi2N*z1ttD=5&t}FFk90>8reO`ia*3_3FJge_Z%yKf=VE;1dR7WY|pca<4-8|;?SJ06Ga zaCV%sTgh5rrHHvybjz+1!fM@krB`m9x|J|f+JQ8AbgG*VWeBc&hFXzfMzcGboUiSBlt>G8C};GzTcpZ>U0ZY#>1DveboLQZCpyg=V+I3 z^}KVQ%TfqGlvlEt3d!E_dzW~%a)4C7j6Q~MVV2R+?N36Boh)^Pm>+YR)ZZvyDfO;j zDOHaB4cg?_m(N0ZVgk(&gXOG*a{eYSW&OUC_4~&{;z-!eZ1ys_7G{criX&}y{R0q_ z0Bcu^)YEWuyOIP)MreoS^)E`zO8Uch(}sq@IH3uhuy$1?>+0vLCrdZh&m;ZZj)NTI zb^+wmMmIp>m(KDCe$yLSO5C8!&j%|_^{lMPO?Qk`U_+6bx6H)zRHHGxzQDP2Z(yo3?37FHrJ+V1aIuO&e&N zwn_S+#dN#7NtSMQ!|tYSC`t+i1d4!yilVksUx*hUprVN7QWO;5aIuQla=}NnDk?ru zy#9aZ%*^-L-Goy4Q})cvnKSP*XU?3NZ?fI9b7gpHhFAXs+}?=iZMDzMjC&}D1KiRK za=yfOwTIe^zbS)$H~|0iWf>3Uobjx@`h6nqq5KbW&UbRocXH16Fy;W~|5z|rk=A{`o+xWr4R?K+~ zt%G!B30%VPH4n|2*F2?@<8!=T@_W5h+i70X1g0@&ns?^p>*th%-Y3evG-{RXuY@1t z&NSr=E4?-Gzt1_>OFe(Cmu6)Nr@h1INX{;&ahzX%*tj-%PWd!0{jhobww2|F&8hP* zDZj&bYA{@0*8Tn|5eeZC!- z#I#Qu^Fb2<&Hv7gGfmw4(xhx@bJq!o%V4PIJdJLf+JuGl{Rq;dHL2gMPt&k--_x<|b9 z_lS;o>ux(yc-VXQ&8hj%7@xiBC+0H-_4Y~QYZqKU|A?3V4$?`3{%*uQg6NNf>)tc} zICI@`aNS4dzr?HROVBHh&hN(Th6d{;z4v}E>Ah5+djLttzTZn4?-B21w@t6OM-cpj z_pVFlS5R9nW_T0BPck$Y5dJ?HKD^)_*0D(+dvZau?@NsZ3qR>wddb9v3!w8%TliV_ z|G|40Yx+~Zjn(Z7iH8kQ$^Bf(eO}3;K3ViEwA*_I#ubV z_3jSi16?EumvoIT{DWuPg6jeAZrMHQ4&QB;-?nhX_fY*87Cyq#;26WF89u}Cd4?}B zJjL)8h7Y1v|GV%t`a`B`R#gCgxoHW*^A|nn^(<;$ zbkh6B_(kw{Y`Wj`2+zj{z4X@BBWey#S@fAj-}k-x)`tNrHy!tQS=TCIIE`UB!%Bw7 zy!1NN(8wTcFPF2Tn1;aLmYZ!Jj+|Dq< zu*mz1rrOFP@4X$zJ#oey_I~YxODhk1pSt0u%4aYx=T3ay`|Q3`l`naRBA&&kyi@U4 zT22|SmCc6#2FT%4hJSng;#0=$S6|{gWzZh>r16i^U5j7gRIhO=ua8o_#;LqMO7$A2 zdW}=P#;NK|lDbd%h9_M%q0YR0(sr}Xq*rGEvA)!qfAV~Oah>_@>wn;@GwJ0K+Hp`U zy)d(e)2`uEYdF;!(|Bjwlr>28gT*CStzPx4LE00G*Kpc3CcO;vAZEd-MQp$&rsw8OAdRehwt!Es>7Zeu7;lGA^JN!x3iz< zD}5wg&-JlJ>LV$-0{&M$Z9bBjC%xC*^!$=F!2E7Ww~u7zcKC~z9_Kudb8g2ux8oi; z%JjEqridaj?d(D^Sxf?)#r|?J8~zG053o`!0z6xs4R|gvKCx1q2iPXg2V5Qk3#G)WIi4 z#aj6Hv;TnT1m+!L1K>eUb-U<-|4z{Z_&%{2@E)-h@Q~OBctl)&_7w3^Zp$aQ759r? zU_Q;5&xiwF>@f2XW@ibtC@mWD$(GGNfS z#0?skA>(DhjPXany~ZnmR~vr;95wz1c)-9P>JaZRXhaSgG&;8%e?PkvugbiJJnu1x zD-IdN2}ca#gijd63HKZI%L>J3j0*rCG^qE!WKioKF)jw?sL=*^jNA33(E>72`_4zZts$Uo-Xr3Ud_D zYhDjnXi`6ym^Z^e*}M&Knt3PSER#m0+`Jq93X?{m()%bRhgfFzs~$L zV3YYdz?CMox6P#Xt~RN?YfNhIdXw7QZBl!;nAG0wCbf5mN$ri8)ZPK}Vf0?iJP%wn z$oUL0%y4ddIk&4hw>!-*g8qHx*`WUt=zZc5lg8_)N#k|Qr15&vr15&%r1AQmN#pg5 zN#pfA)1P4amze$(V_s&=E5J+;e={FJ{=#!MYJ$Hwj8sQFl>a9@l>hx6%K0-M8utf1 zPb@RVLmc}h&s)%1@AYOl|sW6|4}Lmy&C{ayzd0WUrq#^=JlRaDrR|C z0hW8;2Uy{K7O>L$ALo{ev%R+fp6fjZSmpf}V4b(>yi(ER9R^(C{TSd%?{5IxyvvuD ziq+nIfNQ+R0M~n`o?j}uz3TzDcs~rd-TN}&4)2DlQW5dq4>;icSJf18+&c|ze1YLf zhJRrAXNLb|X!wYxh+!EZc)-_GT__Ith`Vn0k;FUOe<3hUej4``ej4{SKaJ69|0ML% zK|hVr?SAURJN?z@nNRpzs!PTF{<{G`<9`M4L4QY0srZurBY=uoAz~}ux1w7$zYA6*i`QHopEC0)Yr~Dflr-<2q5wVy(yLzo(FimggCZ-BK1-;!yv;BhCK|oG8|^OpW#yspJjNG;hz~+ zmr_0#GW1R2o@Y3l;arBz41)|eFbn|}iVG(b3;>$qlvt z^4a-Be|$c*(N{6;?4<(l^kLP)g)lKexl@I&hr)A2DZ7irdF-Ae8rZEBYm_^n+_$s) z7I7!Lt>OW8FIDti;zbT`6MtnlEY8_P`R`KkY0Z07;Elju#`zUInu3EZbZ2UlzU9M-f~G7 zgG=q(50~0|Shmld;eJ4@*|cAU4=eXE<-VX? z<7}0Was$c@DR&g^2gLQ8_N(w=|%b z?g{0Jtup;l<(^QkxJ>1%+@s1pq4C>PeU-aIxue?MF5?d=_o#ADC|BTXP3|}4o}llX zjlG*inB>NfHjnm`J9&$^LeVMrP+a9ZNc5L(S$VbOGjh4Vm0R&P8D6Q}9m*Y5ZpAf} z|NFPBWcP<#Ub1lso!>s{f<1yd7||5bq=kN7jV%S#iju~X zbtQXC?kIVpdlUaT(O){bbZ+UA(yG#i z(u+&im2NAImX4GjD80S(1EpUn{d(y$rO%goCY?3uoJlJtwNE-Y=~I&)pLAl<&nLYy z$(THO^3ur-lUGdcnA|^kc=Gj=@0$G4$q!9_V)C<-e?IxolYM2=%a)d{D;qBBm=c?k zp7Q=Fv!*srO;3H#)c>6N&8aU<{mazSX)C7v&$J2CXH0LLzH$2A=|`r2W%`rTzdOBk zMtsIsX1q4z!kO(eFQ2)8=7(nfedgp@XV2O_>*KSYn)Sn3Kb`fvSxaX(&u*RFIlF82 zuGv@4zIyf#Xa8vSuV(*!_MEd8oi%vYRcGCB)~T~zIm?_gY0jKE3+61H(>G^$&aHDk zH|OhfelTZZ`I7Rw@(aql%lDMuS^lB&hswWF{#f}>%U>)PbEnV!@Z8#Y-Sgf(?}PI` zGw-2!Kb-gcynoGGHos>6!2Db1e`5X@=RY<7+4-mD7gtnPtgnbyyuaeh72mA*NyRTK zUa6S6VD5tE1*;bHEJ!T4alxSl#}}MhAQmoMxMks67xpiF@4|Z*eq!NQ7k+19!J@s3 zzP9M=i~hFATUl9oZso<5ZIy4W9H`7x-dFjV$`y<6S^Sa3A7A|G#a~+d=;CiK{`F%2 zl8PmxOQtS8f2kkLSs(^rFC2vKk-%-SjF>2f#WZo1m=4?B3~`N^iCx%S{H3OO;PUz4 z@WtZ&VksoT*|5ef6Gx%u9K+4BAL2&VbGX~}Bd8lWJ!M_v{Og9l+`EG)%O9<{SAh?EU${5aN{EC|i|GRe)?BG<(N67zI&iTgak0@CHMkk`WOZozT8UqZ*c6#a% z1i#!t@D~h&ZR9VwgkaGgg3r~mKS=OT(+FP2_5Tjn|HoYC%?$rHF~8zId7LS?Z=%>Gr3CMuO7Jeu=hbrZ@8UW?%BBC9OFw@H;eXG)@u4d6U$Bp0 z^9+K4YY8@T8%r2QmlEb5O9);QA-MP|g3C7&eCt7izvSNTT|xeL)e(Gh3&Ef7Cs@pR zexsNCJGq{B#K?bwNB{mf`7fy;_#&5e8RzytlL)i*Y=R%WfZ$KL#2<4h-)JYyvXuls z%UtoDi^)IA{+G(g-*nse0f)PP4CuMxMZhoIM(`sHx344rP}eU3-xDCXi{Yde@;{y- zxR~L0lD~&Px%sbv(?b6MJg1uAmP@_R*xtE_;8&JV?0Ii1guik1M8KbL{$+!N-(EKb znA_&g1l-nD4tU2+l!Z+|Dj_tXag_q^*;z%Raa z1K^4J&4B*Q<$yC9$^VgeQ|yeUFyJLu6a2{rD&=>LG5FUv5Y77;e(sj+d_-Rou>}Le zfWZMub% zxb)ArQx2~&+d+Nt-d#v#@Cso?O28sTsJp>Q!;ry9nX9WoJ9Mjx#J@M+v>wXD%%k{sp{E6#cw)}^$ z{j=r&_;s|8k@RKP5m%7k#O-4bZc0yrR)trHu|}D=16%|+1?!Y4rec-Ci%*C*u}+l% z&HxTKs}aK6eQ-_O7M=}w7Hoxh=NT)QiTk?q0q2SZfb+y6!1-9sOi_XL%mj8B;6iZ@ zAnb~Ol~~tIP*ejh5w(CzMLpozSl?i8#p-5?{}68hJO?WrZoFfSGm$a?xEyPpiS$9h zDzOT%T66%`h)V%$v6(cXA$9`Riw%Gcq6@GQond0-+zi-^4U#D?5ZeIXf=!Ewm9!V| zLJM;zsTI>Pr!2N5J zZ(f_I)7#)*gVo+d&GrMX!>Vthe%Ax8$8BsAwY&*%BXnC6b-fj^TigcNgPYW**aVxU ziF)4!xJA4da4YUso7l{K0C1c5AmDcKVZh6Af7ujog$7}wJs$=d5@ z4C7qS#QEX_fKl;Tz&`PLz<%)%;DGodU`#v=cm?(jc#9P$efUaFd<}3=JO-G6trIWV ziYEYv#5Vx16i)%BV4F127vBcVK$SPq7vBfm3k?RZZi;6CuYx9nSDK;6nBrRT6TpMw zr+~MLp8>v8ya0HccoFb+=r<hF$M`4wYXLDL#=ihJ7>0on zF+70pFnoYF83lm17)5}07!v^h)0k)&;sHQ>oo7sf|FeLm_?%G&|K|a5Vq{DO{DLtZ z@QcPwz%Su8v?(4o=78qQfTsA0F&FR=V?Hon1vJH@#sa{v8H)gq8jArRGnOLuzW`0~ zxUmfIm~jp;PXL&AJ2-!RSx6lOJ`Vb%g}GwVUK9T2=>Hp2f_K=6jy4F3*5@P_#o z_;&(=H_QtGBj&}xL;=AYxK)iWWdOk&W-I(LK#aQ?g#SuF^oh9&@SxcNc$;}C@V5h^ zm&~>BzY7p=_?VsWe+bYNA2!ju;t-%I?lrprkC;7xA2l}v|1m&}uelZePXJ-{{;va~Z*kAdz**y!@PEfl!~b1C6DN+t@P8lB#JS@h zz-P@7!2dS)0skBz&W+5s!T)1GQ~bod2L9&(@rJ*-AO4>M;>#EFI{1GHXo_E%*Ta7j z5bqnCH^P4k5c0=!6a1}!kUySV;12>q{&;SMe-$7&+;bcJ9f06)-2DWH1A@an?}mRZ zAmoqdF8DhE!R?;+!oL9!+>TrA_}d(SkUyRez~2K1`Q!N@{F?zGe>@+Ce=8v5kLNI8 z)N?Q3py#82Bc6`~Ugh~D;6Bf%0I&9Z8t@&S2LSK&d=~KAp3ejRuje7;^CBSn!ShA< ze-4O#@H`CvF9FdHp05C&^n4YVUjw2yJYR$V6rd@7>v;_Dcb>-qfA4t$aIW_ofMvd? z05|%+1QS=D*s;rYy7VQw)p=6*yjHy;5z@m0N48svspY^Tn`C5qvRaGStaK|&YlH-Qk26# zBq~el0hg3C0-jsa49VL7%$1_4~0h7kAtrhT+k|5x^l2w4~OF95Ia%^|WrSNY; zD%{NlWkzfVWk&2MSqr!mlo=5LWk&RsbOH{5a<6zhDEEp{Q0^56O1c1V0Oels4p8nD zH<$DP9t7oxcqeK*B5p@*uM+Qq|0;1O{QJcFki$Ole&n!E+*7g{@I%O9pE!gZ_KA;_ zYy~`m9Bvf9MyeadDWrOb_#OQ35HG{O1gn1sR<(Zg#R04i9~2+Mt&}Il_pmSi1=fex zgwH57ra_jTXH*%D#zjWEvDVmR^cn+3(%55+8aEp6H10A!XyAUM@nz#N<4NPY#(x_> zHP)NG=9T7q%o5LXPrK)>p2s{VJ(v52e2K#2g+)ad7F|_TQ(Q2iYr^pfM<;%;?4hz3 z%l=qaFy(?NmruE2%84m|nX+JN_0+9Xd#1gA+Q+7Sd0N%Gk!kfcQa+V^lvuDhnH~ZGvM`nNNtgoN--LsxQ>!q_==B%4@*_?fIJ~rp8bG+pT%Ky8(VeW>x z$+_>D`=hyknLBUZ#q)N|yK3IG^KPEEbH1nI#|!_k@Oz7Xx9CHaCo2D1IdSp6#n&#r zY4LN5gG&aM+_&VxC66w7a>);tytL#mOT^M+VXyd>aV+A+&6B4Azim7N_#NYU!0#F_ z0e;Uo1^9jA6~G@D=SIEahekKxGsbqnXASQtecei?IC^bch{2^-!5WNp$og;F(hDjm zAgPE3y7JN`w~6S&(C)2M_2=S|C>3hVr z;CDTKH{f?8G}CwBcM~+QoAJ8^zk~SQiXZ(~DxRB2ZkzZK?zfS<54L^*-BX6~bsvW} zil5={C1Ot_Zoi%SVWTL%gRH0<#hfS{=#?_QTg7*)_-+-yiQ{KM=d8J%=-;l&J)qKI z=5f9URJsG4ZkG5@MfYVf`yiG7WwC7~rT>Mh-!D}Cex<^{QsI|XzAvkMUsn0Ptm^Ye zmCxT4-QQHb{;tA*SK-%G_%#*&KNbEz6&8kUw=iV8Ocgd&*ssEV6)sfaLJrRo#VTB^ z!X+wPqUZ+=+3rC@wtKVhTNhCK=lErL=lLbRTDkSgZB=fEa(k4!O{E)F;eE=zM!CQ7 z%l7<6(fwA1f2+cs1v0*~K$gEjg*T{hSHa6o0=u~$h3{efEU{UIH!He3CP=<}H{5H) zrRI(J-Gbj;_`Mgu5Ax6Jxkl7^Zo%&w@qoA9xY-vl>O8H+GJg=iRqU_BS5|eN5&ZVy zcO%ilz0TNN^kL(o;*Y}r5Po09?=k$IGH#ggEx6yt@4NUti=W4=^UTCAZXBO-jhHfZ zpZO?$|ApVzr*869PP@%KFm01>|MXw`|1|v+erNfIW?qKhS$_YlD*v9@RsILOmwUc8 zdyl7K&Rr<~z4&b`Xr8;VAc)@xen;_p8b2|wyI^?UCj8Fv*5M1vI((^k&-^`}&(6Qn zyUc$j!h7)hn)g!kG5ntJu3q$ncO8D+_+5tI4*dG?i{qEVZxp{9@H>d#yYPD-ejmc` z2!8i1`Wf>0nfK(P)u`j!@jHp|NrZjAEtNi>*R#*0-O6P*4lnt%?^5$2-;$+w`#P3-unYHL&76qc>?BB?DcCJehcucF|7^s~ zL0mOUqy5+!Z@@0~r^XtD*Wt(it%#-DV~J3_C7ulLx~RUlx4KHS#4=q2vA#^p2m-;H zrslThw%WFu+S-=Zn)=#cQ)^XwpsBSc(B9V8)DWnvYHSVGR*4mxQ?X1mkRC~dTa&5i zMUmd#`YO@ZRvQSm2Lo*_)vav})%ESQRn?7+4Ylpn^$ktcjm_=BU_)J13zB!IM%IT? z>1bOh6YY)-MmziZ($UOC{k^@6mcgs5t9wCvQMk9aEtVdNhelfCp>(>wk+7?xna)%o z5?P;&j|?VLLj$q!`c!f#n#zn&Hm#{BvfenH$RKweakWgEonaH@ClhE&R=6ZYgJ8S zpr*E|G1!KPKuue7U1K$RsTo7i*bCoyJ%a{GqKk$x`eMb#Xeh#?NF!KXx1(CL4=2KK zD55hFAL)u-IUG%dqd=`2j>khgfG5bcfQr0((L+ z9kXFLI!uYXGNJG;xSObnL^Z_G_b=fn=m*I2MmYQ&bjltyOq-Y)24{iN`V{t;xZmP>NG@v<&z4 zMN`c4oCDQ13+JjeRZ(?OCP^tap|b4hz~Cd?l|l=+KQ-VI5o>#Vi;BHFFLUXQG3|7LC2Vds3kx@(%X)^7N07WOZ^+M

O zBl@G6-u7f_FqBaU%u+Cu3b-1Woj`^qz4Z6?Vw^LvFt@2A5zBOs3`M(QS4A(ZuMsO! zU@ztal0pdYfjG%T6DqXR(cKF5I!ui$vS&3358M&T#n+61uNwnj&v>2}HO!oPqIV?v zlGdcCQT#kSgc(vJP+v{fGO{t+2NcFQ8x@c&EVI2dI>KDJJ`_t?{Eu`_Jc1pAgTp+f z>^aD?3+&~HY>RQ$q11>Y(nf+5MTCb_DX^LgZSj{2o86rD5b^T}vdM0h9pgyjrlWd- zJ8Q&Hji_k}HZ`>d>T2q0S{oaJO;~dRtqnDGjde}+)m07kRkby34NbMRB3R#A+Y)SS z4z>mwYujssZ7sD8b?xmffx6oEx|(2BOLKi&V{KEdSkVtQZj1JXhU1y8*dT_(>dZ7r zIgpIan@CPQ5{(esaUcYtL7W^_7~)i{3>-aFD;ir{8iMUD%}p(V`sT)(KyyodRdZEa zYfZ4ey0JZ2UDsA!)7ny1$CIlylt?5qZP9Qt675J}qQ)XEp>(vNPGIIpv>itGwTxt< z>Go7|P+?tDkftS42GUZts30}op2IR{xRQWoat+7Ne-@w zCi*i2)PCUPqPZ%Xh^AuU?qEDhl1ocIEEUw>W0KhnCdsIBdV=uON@lFtRhKjIAf5*y z{c|JM*~u{QnN(0AqprRtAMkLcxZ=phK>qWXZ5*kT&C)a{@pthl2u8G~rV8UJ) zfgPJ=kRn^H0!oT7>ZW?pJ&;Q738eb5WF|7fz2WE(EnK~d1A4mKs~aSZ!gNB5f#^&o zY+91?E_#eu~Qfotd zsSZxkJY(M^pkGAVW2tnebs&_&8WBy=Od<~Hf%p(o#*swhAS&4%-J7w(lCnF=k;E}w zu|$773jGH%e2`{OTQnXUBmvAMPX&gi2C;S zU_JIkO|@0+RZRh`N)5GjO@Zd>hN?h&puM#z&=#nx!xdial>!ZIH7#}3&9&`~t?g|s z4UH|0Ep4?;fu^RamS9z|y|KQbu1!=2Y8z_sMMrvFXr1U9Nn^=e-qA@*g<_eGu1@;<7Tr?i>+Kc2P*~H^2sTwAu`U{o zti{%h15hz7zut0jCLGJD*hhW75gLCCv#BlCAIm_PwkL-Z5lF+%J|=;R5{sZmc})yt z>zhZkJ z?ENh?9IPL4Xs$AYwrJXou*HW=)t$svF&Y|_q$7d`#Cv;V zP>qqjh3rhwgqKsC1gX6S=z1^Qz7F-Z$gFppoJn|0)YYY(V)-fj}ryFy+f(!?rsuPs7)HH8&E8_tRU5kg_wm=&2=Lq zp+tW)l^jk}9lE06#}KqjH_c9xg;q9HatsM91lPq5g>{9fy*)5_#QGDcUQZ$t?L!$6 zF${6klZd9np&^7+!gb)Y?&Pj$q6cP!c%Toh4#d$o7Cq@eD%!OxHbnH?-;i+d_R5u> zG8u@5cVPx7mO|7(Xm^yhJ?WNcG$C~*nYJUnI+Tj+K?Z?vI2tF}g$$y5hcHLrVTECA z@vTQXnra<^bcQsO$(&q}9mgB-oq3Ljavhm4xrL#e+!$J^LoacR!J7V4N;Ld0&PlQb2CSF5J zMkww^${gG{HP&tIrEO;-kO4>T940>9O-rF1K(!*A7IAQJC^JH$y#qR<%;PjCyi{JWQU>?JSdzvL zL63{h$SDF|pIYkFK`8`R4WltG)txbvqufw(P$psT3OD~xd3P_@@5)0ie0f&?u&xw(+k&c#9%Q#R22 z@mNNr)pCqzvR>zpg608X%jWI;1Zr=cKQem*l%LAdf$g1Ae!?uPd48f+^nSb*){ES3 z;!({-cMT+m4VN*s}!t7L2#t8=3Q&>#{Kstg%9$l3}%%q7!2Ohmb{#I;f~ z=EligR4O;ZV$a+td&fKu5hg5af>5W%p|Z_7;}9XMRq~i5r{fU?nthr zIpJL)j9QrXH|c>SmIX~rm2Ab{GSeCg4@B+wKC;HxK@1}AH=&b=)v^A8F6^a}{TK>D ztV!;1g|+q~NbToc9xuRI{S3d7EN1hHw;6ZhdlNZYeT!D%0{3tWWlnISmb=!NZV5tZAV$U z^*BWK49g|j812XL9`P&n<>s~;YAo%=HxFQA*EK{$X;>-41JX}wsPwhQVeW51U7`Y3 z^@Q|wL3&2zb{*^+!}gULM=0)Y$N5E8OdEP*cNE4j*gE*|J1agrs88zbeONYy%^+DZ zs;DvJEk4Xc5s2*O=3t=L#}WzBp0P8HLc>HGfwTi_Lz(aZrU%sFbPQx#S?59Kscm7> z7&0giOZ8J;%Vf4OnwCkh_DD~9JVd@c*9eg5lg!uS zShls@QK`+#sbMkLbfD?(2BW2yOS6j-JLxoRfDrPSb<*2As5~&jv81t2cx}FMhz~p3 z9(rdq+N4j0I)@>lIZvxg^p2Q#Snh^960%f~43MB3%XDE$Q>@$F$>f?)3bZr;c_Vm7 ztLtHx&K%@Q?Z$92S}5%#yl}gc{=Kw9=l5+ATgtj3wcT3mgJ;lPtwg7#UwEVD-$``B+WE``#h zMY+*@VNc5(G|C;zd%Nsd=Ut`jIIB48^4pjcG^w#fX2-+op)SH@$5?sOt++8Gc{vy} zR#wYqyD1RZ*jZ?7;N_x@MbSc9 z&F2BkgVt9jP zg&M4I9H1lJLE8u8Q;I`av&mx4e#j1Xdv_@hDf(Kg;+UvBsc_*~A;I#FuGU9%W5ruX zLoNbkk5#5ME=Njk7ZvGgP-9#;I(SVD!V>Gka)n$N>WS=Q36{t?$e3l~<9ayS)-s~B z4Oh;P|E}{?1I#`KCKW1=#5FVg- zNLg1n?TlQP1O<#0Iv;r~D?3=`ELq%%QRk%!1+!IjZ)YE0zM|SgzvkH@-YfOnIWo|$|!`s8^KMaiO$`{9_n89AO|SBVfM3*ulx?98plZYNh&^~mH^xugeljF7-NU*Fs*G)CFT0TgD_?UZ-Y zgf*G2J91K4I(uVeUz12aLt-z!@JWrZkK3cx5DSrQOyCIW!n_fYtjoAoHV#hEYnGMM zSaC6ZZPR^Z%>$HWim~#_hfle`17ljfR&pRi(m=~RZGVKkQASED%7MZdtDEF>Z`W~Q zkb|`DvWLlR3M-O@hmE&`bTyR(IHr_5%H-D4CY`Ubw_Or%+k+`iiS<`dKc$FiEOAuOb}6(LafAePvHBix?JE zL`GOzi0Ia5D(Z@()En5^>5Re5$rl6Jk8<49lFmvj&u8qj8?KbH=2=9%84p8&vM?-S zapAEAp9Q4J0L6NNXbla~$jShOp?#BfBg7n^X^_ewQm&A?P$^T9s3y*X@mZ2O{5){- zBC3pBaZz<|Z<^^W+fN6K-STdrAhv0!lh$waFON1l(l(4sj4}!8(N<*i#RIQP*4GX$ zQEv%fNlsN8FJ9^Zl6J#z5`EBZnLXH`Vx3fzZem9T(&^~n&iDxC3STg`V}iIm7>Pt9 zHbz_RSxrGVJED4MZHV>7XsGCTz)ocOddRA8g&^PgqpvlwT@IuicFM#i%wYvPN>{!+ zmT{(_Ue)rGHVMuIxVX$it5i-qssruz7Z>68@_Lgh0#AGHthm(MsN%|s=bsy zcG@#4-cCMt(Kb!z&UBK#U$HT(?48r*SZ1In5yL8IM}t8ld_gP}w~O3~G77|Fp|l;_O&>}s zjfMEw5!D_K^*e%cX0i=>V>BMx%RWcEE(fzBf^%}a2#l8<&{VC-p%ENK4mhG(*K|=C zs9(Z?)q_TB5I#M(bHa*_%l-5Tu#M~B&veM}X5;JW=anjjjq_s07k@Cd|~gA>o&4N zG_T%TvRM(?SAJwZS@(VDV3@ND|SiYOH%HmCnUb z4!o149B5vgXqGq+q|^G04_}sGIqyy?fhdcnW;!Chg_uRGSl$$laU zX?@>l5fj$F<|NV50?QIYtMJ5OtiiK~?%%Lh3tbOa?VzwTu{5KtqdQ21>ach8mSWFz z>a>urW>LSua%B_X1_u;ZJ4{`nTSS$mO$RQz(A{+|h4v}q#amxiQB%m8E5a^}Ej6`bgiwUh<8eh4!N zrvOfGE!|i-*LmDr)Q*oQbsjJ?b6(V=9qFFLu0(Q=jd3Z@YJ}w1sLm>@wm2f#B0fCm zz)=3Gg$^u@Q!chQBEPbC5aOy!G`dUfX|R79R7GyYw9Qi!UPP^CW!(>F3r9ANs;3(p z)icXNFoVh@jtS_<$ca@|qd~(xA#%vdO=k!&qdM<|h#_SW!Tk`iK9g#T_4U!U15#7; z-5-bvY_%YIxeByOrqwNVF5QKoPk4D-MdUCGViC21#6EkWEs)mM&TlN>iW?-1+IHyz zl-y$>%ekOivT@W^v=_|A(^%%i_fiY8iKTwPV%I9HH!S6_g&3pKJP)XL*ksc247$uh z(buVVC}-g#`>C2na^aH()u_}ZY?NYkYx`;oX)XH{Z7)n~a%`bl*y%Cwd@sz#Kz7MX zAqoY_PUk)g!St9VL)3)}L80d%F-AI=y&VM8Ih=pA**u{ztsZ zUx^eI>KfjeR(%)Si^YR#MZHQcZgKIYytT13zM%*Y!1yu<dDI8Qd`TY^2NS$vxCZ9Hwqzk8TnNhA0hY zLTqq&P^#wi&_P3;{Jz8;p-;8k5wdn;;pJtQd@1DhlYB94WDmeen~F>KCgd@gro{q@UeQ!+5!F$$!&F^0 zh15lybhz_ED(=_>s?lQ;M5%|tH|~Pfp(8%O91O)(6rW!xKaBw`P@O4-;OpU%t$2$? z3mz|R76mOOR-h}I$y=c6FxgN=f$Ntk`qEtmGqx9_%uA(;(R@eK4x1>2jq}4Sf_2w4 zF)O}B7=fXIT{RhJCIcNPLiEAj=f zR(zMT6X)KrDJu`%D2MS{N_@2vvh`Ly$wi$?rdUp;$gEGsJ5yE^7?*TLj0E=KNgGeA zE|4gamRjlKew5xl*3mnCMn6PfMi4DM(8r$Mo!ZCYjrjJ3@o9#x6?I*bzZ^;PC+Xau z9gdg(=%O|FSiJ+t(Xi-uL2;vHmN^X@gk7RHDL<52i$~O;Baw2zVg)3SJFy7)5i~ zy=ZA9)zmfB_4NXkh~m}h2-OQ?3yUvW0zn;3p`%nT}Rp&-C(=s9RtX-J%2-nud99p-u(a579eI6pes&#d7 z9)-@Xj?03Sr@FcE>ST$Z5#g@gJBXp-E5WRsVxxkGKz7&GfXTUYVJ{!#eq|4YIPraV z5=Je$Ol5sdCBGIU5x{g9^FcL?oC~excrgomX_x|I{cI~ByRn-`$vPzqO|#cJ1-2}S z9qG=*_|rvmM~k%KxC}b((liCQTzi$4L~9m4PaX&*L|l7_^Y9@}LeT2Y9>VZ+=MYJA zJ4A7o@=B=)LA-*G)tQ{OI@JF%OH!)FmH;Hr_#1@M)7<~aupU;y2CGHpkz{6 zKw5}sbgM^(2BHZeulQ@(+L?eogSX&ZXWgBh{O%CHd?h0>&G1|YUA|RU zBIrOe3)7Pc%Vk|9k;{p-P7njoMiX`uwZup|S{zuT$e&DP$eh5ngKA5vZk+UYylIJr zmdtf|usdlRs`_8*1#;qP6ir?XjTU5GU{NkW8-W;Mt#i^a#5hv$96=i9u>~`yfT2OO z;ltg8xFiYC3!cZR0zOW`2`F}CbeIH-T@o=)^+}>Adp2rQJQllD#tQXn{ekOE%LTZR zETK$_bXh3MirAgrHR()|v~nluu)e+EPr|T@b57tb>lQ64fX87Zp0ZQd2ci8tPGwkj zRKk98&1*~f7VOHlOt)kn$xI;5F|2pBSf|JCN zn7ZP0=;+lfGBM%>Tm96EBbW8bA=aIE-aGL6n@sDLtRs%)oFnYC!aL9yUs{vMCafP{ z!K+r57rh1w>|oJl=m^DD@-hc>S?rXuqG)P3BB=fP@d``3un@@6^7GX!rIy=BrI}j@ zq(D!k9LW+8msYe|spTVCHskW^H@aUfcBYp~F>La|Fn#ckQ!M^C2#;UI`oPoLj*z?UJQ2DcG=erc3L0~rdL6X| zU&5;A9_6=*%tYNuoUQOlN17X;Nn~Dblxifc4mf4XrOb}N_nuBVB$s-xofK<@9muO9 z!c>y|SS59KE|OE{qQUv#?)JTUsME`{6)<^pNG)}(w^)Q(mzS0Xj?P;_tNt)bV?TC3WbyB#E)sOFL z>5vT9!`L1#^{(zDR@9*pC3n%?WUj(-ii}n4s)*poxlc=h803$x*^Bvs-Wk6C@c;M{4F>NRrjrA;N$4#Y@@nBCZ4SUq<$SEvJ{LMI&;ADF!#pTFj9o9AQ zPM|9q3U)L!v=viAP7LCm*PmHrZg%fR7^7@^>cqAS<`|H{qDjtaTOeq^9IfP^r{`tjsYX9op&9&`W8|=ACFtbjaFZAa=(f zz3CiDdIIzUea_SL(kvxci0o(UX}1a~q8_ow%aNI0JUqxR+UxIk`BtZOM$9iK(0eN= zwTOOOoN~4qUAw;) z7)tFzL@!o)hd~j8kNJc3P{=08s~YwlMiu74rP)GO88U%5@v`4}P@HJzEe$7Lk~=ZV zBBW4i!m1E2Do$d_VhUq3lmj8BqeAfLkYy>Y5a?d)1o=jaTy0pl)6}GLC_j#n>3tc+ zR&udJkoXw=orafqgf%(6jAHUa^G6KrUioH;b$mo3EBn)H5Mn6#*-4d~lv~^Yweux| zs=kQ{Ymj`|7d(*$tLK0AmupBJBl|(npNs$}Vx#MnR$zqeztA9dI{v1B*h3qr6eiqy z>_*9l{fRR9al`EpO%FRHCyxG{-NwsFln38S^1lrxQP;B}c0y&o9)}{$Sy&qqG7-VD z$Tv}Sja4S&(omn}ODhd>c7>>gFePZiryW5}%o{;DOSY%{9SLN`?QM`9r7N5-j^HL;aZ#AGX+^M1WpJr4&F~HD$vRqax{%<9oEM9% zYZQvIUoupeD{B>UXYE3|vsO`9Sy_6kAhV>tqeTMisu5d7OX2;9Al?v5;YdT0;HAKug8b9mVMr;_PpUuJnrIKG@W7QA+I-g5h-OVYJgoBZWW2SccOrYbv{ltP@hSkG8l z@k(J&k89ys-nDVLR_)X30|MB^4th#CAh|vR!7wOmYMoXL41>t zTPyc85n8V$QX=FPB8kymiW|x{SueJ9snABbg`*Q9>-vWl64=bi^h#GxMP*QLie)H( zZ=5JK#zA`IX+Irw$?#5&rh#Gg4GoG84k_P1p7I;uc*RwrV|_TEVCRocxcZfu=fk$HKd; ziI24zT!t){(=I+OXxGSx`P`YqF2B7=6T|pmRR5tnum+BcW#0O{kvN=>|I)OhqP^=_ zB`y!@7r;U4<|s!Dx(335{-^+s8ytAKS4ulD@@j?yp;i(7Ez$Dz*2hFvl^m-$Nx$sl z79|T`hYH$K9zyDH_1*;wYVGIyEY^XJ#!|P@^u>Xqys$z%=|=G7Ry&?j$Q`63g&RSP zib0SXzox>~*DMU>WKA=xeEd-IV?|kmJx(G=DHgfB-%WQ?C6m!&V*AwuL}gj!ST40Ch$#Cg*1Bmx zx(>uETfm9;`R}^OP}eYTYOt8Z2I<%&t-1rElP|sEQp@fnU#twR!6Tr;x^&VF(TG=H zwKW>bDP6DP$9S=5tNV+nojwoFieW2KZnQFv(|-jSsF+ zLIC5|17E^L0lfK?n|MSFME7Rlv|^@6y23GONe$!lmahk>2z5)usbunUn+i}Zq@h3|NNaE*^sYpGhbAkQ zrv?gzzs2Otn*UfMk0GlOWURCZob|U?IF(v)s#-c^pMak@mq1z(VZ7Z4P^c)`hKy{)1>N(v;YPx`vZGzWR{JkPm&z zm&3@7DonSV>kKr&wNU zt6JuST+gWm8iVm>mhHqfaQ^eEq9Z^jS*Q>mCDAJdE3j^qY_q~47v)2vlrJT7AZ;K( zwrA0u#P^tV|5m+vf<^<2TYOl-po)@efH0kA5wSA7=*<=+k;d?oS~@^?_lXB}*fr`D z&=J%PH2riKRc5`NH4=?v$v~TAT*T8jQaZaJs_7+d{wvPR!t{Ny69*Z); zDB?oUa)*_Xwp84!uk&ZgTxn^6w4XO;N5iH4 zl(%lSR6MM|uc00R;Hz7j9NnkA!Nl$uUb3UDFYgAm<}D&>L(G4-l;!*D9}hq|(1#7S z-esR%XyY@T6>2&;&dx&#br&d~5~7rT>k!0I-dH8w(GL3TH9i+0E`8sjmj{kBc%nqR*496CWPh*ZP|fkDEFZZ*PmOG zM0$&x%H(`e;UJKk7P?l7M{^{eUV%U&+zCMwX{W@^BAdGPnuf@@LR3#J+#t*aU66TsK+Ibd|R&9row0-ny56(M=Gx(BOti=a+v^;6XpxL1P z%G$P^aePsVIDtdM+QTX>-`R?A1ZqM=)G9lfj=^`?+N%{qje-Eh7gD?~z}AjBgkhW} zw{0iB-=O2~@GkN&GeG(7f>mAyc&s_dJ%x{~(r7SZ>GceOzXygt2*_JjGHVH3FvFik zh6|QwH--RbiVX_R@`z(t7iB%1Iu?aVKcysdVa_c``M0rUoNkvk3(#d)N~30&4A8)_ zvdwjuxO6@o?Z#zvh}c?sbrCWIg97DGA5X1M;d1|8Tom4!+)E$kGJ|A2F~vA$B-^AS zgSuyBNEgC?eMF+xcxt6?j4Oi1J8uNvb;~Gzp#T^TC%&O3p6)s08;d9Y`fuJo`rk{(utMQRy#f z)9oD#Pf18<&KMN9o3LEc#D}+hQr4tRXX=?45mhUqZCt z{^>5d{hza_* zN_pUpflRR^g*!&sq4Fh?mYIApGCO%Hnm-=8MOFk4HUyqkyySf=$Str!&d#%t7$kj{ zO05()9U7FM=UGI$9LkT@R82{LtHsS2`0)(ail3#ma+*ey!Z+Pjmaw_7Mm zEZ1KPMV*#~qN%};vRgz$y7Pq)zH>!|5Q_r>A99G07!hqEDuzTx42W)##J@Gb;=(Sl zqPi9SIR3TcH!RYMCLnf$E+!&K8$!wu(j*a^7NV9?B=9c@{6^#v0#ygXVPFPPP8_%l zemy9yT~vz(A#wLDUJ+_{K}(KIf6u;}lfmldo>pD4p*t>Ge{eH5WSRH=_@z z=ka`GR$u9!jG+$pxQW2&rFM_6YYbfDX_vo=d1@Fnai<-ZH=6U;#?H&x3MVIuIpfT( z#X+7C#4(p(M3d-&4!Caa5X-2qBjDCPa4XHBLDW5gzFdb;26KpbkSN4bo08@Q^*BC@ z&84dkioMLOG*_ZXDbv~g(WO$-T-7xbW2B;bwSm5$$2X@=bF#~7=l zGqWj3&Sr$@%*JP@wA&CwiZJq}wZJJ8obypMzg~W)o6?@|dgc&sB=W3v;$nB1t5Ltb zm_yku8MEY|E};!2gfXgG3Q-t;(@Al47h;C+k7fdlvT$vAg}Hpb&LzmBr}J2i9!sOY zXcZ-i)eVVAJt)pwix`->;FlW8TI5e-(gMtSP~-9|LUKK)Ro7V_2 zX)xlPwTMrno-~8Q=n>*7rwn(jO0Lz`UQ@E=XZDO0OP%@Its&lZ>08UPQ)-!!Lpg`| zI;Cn&Ifl^+Y6GOyY-|4#02G1D1C9FY;Vq6VCwi)Zb^m6LN-aF@};YnIB(l}5*K zZmpybUWwYoP;=^KTOMc2GEQJMMn~2{Tui+{YbLGfQYXF&p&qm;q{fzVB>pGO zQtF|0X<}La^m%67g|wnMOQBhT#}1LNTY|Kp^?mq9)YQLJA5rhb+Vg`}#RzM>v=7iy zI|^*& zuAlx2YV)dF{)kJZ=1(h?lt4N@q@-m4F|_~K!+k18V(x^@%haU+$mXxGY66izfZ(7ww-gb_an&vZWdFSV!Ep3P=eUtL0SrHYN;)mT{ zS9WjOb4JS!(y1r~?E+;FXV=0#2gIuJ^31M>UN1>vNWFh2j~r%3=h*p3nd@G$X%wgz zsUPHCTGm#VFkZdhNPZ&VZf~w8LTw>_BMCvf`|RD1SWD86v=}LqojV!1C!tXYf!7Am z(xdy_2m|E`78M+P)r@BlIA|m6Dm<#Jj8sO z8*=YJ`V`H6;xp2s$sQvngu#1cSHUV$Ml*@@o7Hd`GhsJq$s$TE(=*+v4~oUQ&dyzm z)}nL@QABf-EU#itfa^BQ`L0F2G(SU_y(po%3pJuy8pUi_4y}izUIsobN0zf}qkL!w zwFl|cT$z|a9kq@sChbHl&0&&*(5WWMnJ=Y;m_#kMcWYvE1$NXFM-~e^mkVG$-Y2TW z+u&Y}-|4hdrm04n<><{S)ShyP)urZkLLNdzJDo?TLi7R5I@~&>bHfeKNq40 z@te7V_YhQ8pBn3kxJZaW+D%9coL>3ed7aI67fE5S(jDLy%4@GxGWF#$grr1FGar$T zp>yN$pG2_^&MTw!Hsa8M#Z-xLYO-R2!;)A;@|8GMz^AmhiB7H+v$ORrs~@M^^|!Td zG1JDnN}Wh}ZCMpXq?NN2z^de&qtv2o9V!hDAxjn2lX3_n+`&6MX-y#;qMWxo!1E$_ zra2O4r%_AJ<&5ilz&7-_35V8t)iXF z>6MqS#;04JglG~!2HTQo3*aws|WF{Ju9rXon}gD*BbyYYR(pKIlW%#!u%n5 zN3y~ybt>78Xzq;I7Q#7lMJBA)KefaXt*2L3_MFt^F}I v!Urt2uavGua+nuE`nZ zVvjfH(s5>eqDPXnEY&LPEKi5O^Yw0m*A{zZxn^t6EI%iwIBIv=vyW_$q!l_fX4*BM zN!#+}wS(-dXDo%s%<)Z=mt&T&?acbXIUZx?4U5T{^sltH*m@3W&tyyHK0eL*=GwJr z70$MG*)orLbL;8VH#eVrdAsDxzg6qp^4`3>vwI{<8exxrIwP1{L+X)SY*z07RMV|O^Uvmy)<>i>62 z$*upGUFto5YuVbnt^_nf_86dU`1q0;gj4s+LwDyC1$oF743OR z-`fb6td`izc`EVShTrA5wYE(x6^3uAxLg=Z_3qhumLqjV_nwce;QEZpwwz&SKDP&D zIrrbL*kNtckQP$vNwNyb67S9 z1*@>@YeY*|iDv9$sYJ5(h|O;%7uf5XIL&=r?pTkvroFkfwO55VH(y(3i#K(pamzY! znmXF)^>Ds9D+b?8-f*rqc}w$LAVh&W^O|65VM6r2+PnXXwHLR4?A}K^N`2Gr6P^lT zcqN6eJbr`Xv)5%#+&`2b^m~z&=aGt8K!i6C=H>xJ{j~NA%bP2hqdRU+VgWsF;OPqmNDf? ziT6vVP&&nus%%Rs=f@4DmdMz0>3F46BArs{6iBB?Ium5+Q?B)S3Je-f9#gZ_FU-=? zx#d1`%KgFvSY9B!lMOLpnnE-YeqaR#a1b69WTIgQ(Xb}El8Go-Sb#L- z@e1(k#L0$f=PN@x18;#@SP1?rL>mhW3yVN%Os3-f1zv;;(I2L-z$1Nyo??SAMZW1} zR~kM)n17N{IDsliWuqZzDfvC6OyL2&Z(@P3aIUYcs*q|#& zDjU5U{RxIHMnpLxo+_;H7^UU#p!KCbA*Nir7!#y)uCEBZ^g(l;m}el2VWFIesR|3s zvi(QOMn8%gfpdK*X#bJofcF|FQQS@KF_A z-*>iWH*J#u5fWIM32n0}ga834p@d$7bRi@g5=kT30HJ0hAgCxHN{65zq6kQ{Q56(a z6a*d>l`0B8AV?9A_WjSyy}O%2u{`hd{=V-E+`CiHoH=vm%$YMYcZwS$Q$W!sw2iOP z$QjfZEu%K*!JXzYW(P?Kx;e_ z0XE1A+EBF+fj(s}+OG%jACTJ!R+F0-jhuzX2BUE9H-a;(Oa5pU>OP@bYUh5u4PFNV zX6Ngm6;Til0Ofw(4AgTBh9JEjs5xIZ$8*l*FN0bKNvcD`LJ)HX_C^`tv61Lp)uk{! zDgky7OviJWi%u8}oYMpca^CYtCWKKY@doA9=*qk!ARR@R(FagE2f|+le~z<90FsnS zp)vSK8V*pbFh6~ya3;`J588$99-6~uda#Cuf`Z}f;aRuFIU zh&LfVK(8xRf3=TC0-uT!czY!9MuMQS5X?oV4Sp^n!pETyuej-s9v4uiDbT|M%QS|$ z=xixSX8}o1G8P;fz}t4UaQEOpT#OOpL2!918So8tj;9hJ9^gH$|fU}1Kk zn*{({E|SefzacyI0zw+SKrR5|KmZ>Q0QWb}-!yCh!9u3>(_^fn(qt$CEgHOJw7jV^ zzKbDQ%L00!fAe3G`{aUDwK2xfowY`Y(RaBnRCEL3-~+;z#DGBtjRLa}AjUxqEqVy4 z9<2a!jCnk-8As1GF35dcWsWx*NYH^<>njNH< z-^zfdg3L4+8t5Tvsbqywky=jSkx7UlS@=-1P#(xeh(!mz;_(V4bw-1Sesy^Cc#L>V zczp19^O5H?f3M*0vz(hyx*vuD0!exYz2$JVEU68|C1^fTY9qZ5hQQ!pFI33cnn-oO zHza?sK`lY+5$WIr^%!&s;s;3;9Bd$I4-ftaV+iqM!Ft5QkLCbx67XQ8;4Z=e0j?jx zVy&rNF?{nlIEh=4%4CxJ54q)h0t*vHC3G*apWG;r48r9Z1T~e~EfB+rXbX}I!c|$X zceSHOJ9z}7SzT>jPwx||bq_8SE?QJT^GIoe0KvG!L%b!Z2q(DH-%y=YBJSqnl1CQq z43e}wE!tAf;BQcwpdR>X+xcq)ingM|3w;H890Co9Gx(|7`Ktqpb|MIFu(VDD$$54{ zO@M;qWucS?UGn#f$nQ-W)ERdX?6k zfC!PuR~9j(=>jk0HX2nV00>EFJt8;|g2$YyHK)=)9%oK9q7jTnbG*u&ZqjRAMHgleuefRBxw*a!o? z(Mp0)6zGd4qd2)lbZl~~1Pa7_yzZ{HkQstl*g(939|6l(ZUUKONmax^3mOAPb;(EO zBoV6&Ow_VegyN_6_4Jd_^7K<{d-{!K{M21N<4JIP`Y|Cc<@YY*_mTZ(W#ELWC2~AU z-3kl_@yQzy9Evs;aY(}5h;}Diald3?dcolkv-eA8!2I7iSjCMKe5!`|j`Iha#$YZt z4Rg3a=7*W5XA*C8Zn9-S<8bzYyn>lSLTcydJheuL&>(jX2ncRa31kHEIi9AH2Sj&# zfDBg&32^o&u=`zL`_sUz#z?Q`GdsAXP&Eitz|=G`LKI|;3S*=iIx$triOJy(?fbfXk8>vH4eG}$lBp8Zzi2nwQ3VHnl z8HSVq=M0*@J7++nBTH5B3^XN(Xd*3w>jmI9Ov+4nyzuCuu>&~&f060|;&Fn&CO~yT z%ta`hB1sj!UepeOiUZ`_TL~i{PeC5>A7F?gPK{a8l3f9G4k(@<8WK>vI2ehY-+&&4 zkP4XSx*!E3Y#Fs<*$6K8g8iW6a4m=@gNg&~r+iu{GA@{bh(||o2cRelD+?bIl{lWK zrbehuq~@&(mZ1s}VaTcck{3iNUIhn;>kE^Kir!>IAkGSKeoINYS-|-%eAGK8Fkj5d z5KK|>4*^B(407HQ1^bN%CmwuV1LInVaB1*IMhvI73CW4L-smHt81PWTS!C#`E}0~? z!Y?Wq00NvNVU>k7XDdggcq?4q)Zl2SIhYa|b4?za^;%^bK5nNkuMN=3hvB2;exxc(rG*_kB(qGJ+7 z3gA*;Bxkq~xeo`DRTzcJLX2T9ht@$5DD1^sp); zSEL{~{{_Azv;tLCxTuVDVXRA?dlOqDBM3gw30Bp@n206-=7o zETr(F`G;`v={AK?YA}Z!-cYXJmFHcU%-QJ!a z6i+melhrIm2qiDCw(Nnn3C^chf{Qnca}gAM&ToCdCcgC4&=d2#2k{v~V=LGNwg6{; z#mQF@D3(&K!mrFY+|(ud8oC?($MA>pob$kd^Dvd+p(F}0`wW3_6kN4B-LX?RcSrp8Ay?G4O?SNcZM`0!nh_S#-qom-v4Oc}JWd<4z861%_ zBvD`G{x%7>NkXnJ2PaP`paVd64#+h-%;O=kFw-kSuS5CJ`iZ2@x)@9&VaEg&s28AO z&`CH+#IHLLyhw4N`AA>S9zg9R=TcaRrz5&idbB3`0hyH0WOYMAe9%B4DzXWa^n@u3 zMx!E_IDjYG5?X_B^FiP^Z?FC6;AZC;vvV)TWO|c%=L{DyyG=m5kOT=}dAKnGxWX@T zP;)T6)9A#9cXQGAq=Xcb@-P`n2=BGQ(4mRzIk1bI9DIPj2w1LQBYG&wRT|F~2WLTy z~NZ=_E#7ij=z$ppRj{ zXfI881DxmhyQdf#dqUyjqh(LZgvmlE0_cGasVCP$oISlQ81Z()H~@X;HaG!_kBj|; z_P2+YUJPJr>QL_?*&euHN8f`^48cob7$*(TEA=Xjmb_((_(;sv6^tx$=j=m+o|A>} z6njWG7Xy)R0||p~Wd#O!hMJ2H09T+04`R>~fFBYXV&Q=p10=p+0$^8UN3l0|sH!s) zDJ^mW?v~S_Rprn?t~2xTl|v9(VSo%mu!bGEBa!bL) zpF0E^B36JD2?z}lD$w8~Goaq$rBJL#e&=;J8rOLOY6*FaM^4lh>MNgmfLJDCz~UgD zg#ZZ`ufr9dStJN{B@iy2KoqYrV%kV!EUnJbuLi$@naxFqT+M$7EhprW2CFJQ^zx=@ zgf>VYK#NoKhkW$X!bStu;DW~hy92lQkN~5#jUY<}HX~B5i>A{eAe1(k)A?KlOAcn| z33qx}6)=JE$4UX#s<=>Bt3&jD+&Cm&YCo+X9x@!!pUZy8P0Apm8a4^6h{6~`)*o(J zhV~0*76cN_j=8Oytl-okAZ3a}%+B*%%A6-DQyc;*V|Je9Q5ISB6k9kpWMzQ4i*O8- zAWi{5$Z&3*lieOtor1AOO;z%IgZYYUGBr1+h}7uHVp*2vat1?Hm~VIlf1#<|9)D0y znG7m{)Z~*(g8?xZRz0;xEC)wS zNfDk2<#I$01s<45fKqZ`d~!i>P^4i) zIF|(L`2@^)gVq$F@^iK929$Pa_#p-iA_#{N<_p4-J2t*3L&)-`9)?l`ZT&OE=v9mNa z?14=;dVq&=0Yafx4lad#ZA=Xj<2mu*Mu`krMngQydXX{@;!2WQXSN}$24x(F-V3^I zB)tiRgz!c6Vr*vs3CzXk{jsqGZR14?)Wp@a&J4Lh94Rk=y^gLVScMu?xUl?#Woue5 z5~IJ&kp@4Il2TL`Z!CwyaLI)-sDlPvM}xU@T?AN|7SP1fm3TWVA&=}dyPUuS8zo3{ zx*>;g%eT`Eo}iushsY%qp-Ln}5vss4+EmoGSgc|GM$*%j2(0VzSzyr&tDYMS&qECJ z4n^ijB%`+(Y6^u4uRz7mqT$F;4Cz2%K%mA|c_b%|9(hf2SrBo;BuEpD=c<6q6t1xlxu%jsQz>@ksn5QhG(_{I-;|MkUZ4H^8}92jEg1?etn zTHyr@u_cg=V-wgwHketM4}IbURd zKHOn#4N*t~2`oV#Y z{SN)7fL4StRrw)#SlPMlKB?O5;V|>uG_ADVLo%Fucl%#tI5z;Q=|h(4-uwO+OLYVI z8*J`*KDNulQMzn*^Q64{;Ah9b225#xH=u5R4G{4_MaNqoT7p%y^Zqa5QW2=3IF9<4 z<;uMP{$suPUIh&JYmMQ_BKHE_>#u>n-%-?ulsWFRIEvuVNUbmmPr^|A_`_jUe(0^} zaE`m6hos}51xte9A%};D1FaCG-##a=5|%2gp$x_!EDJ*5#Yg{gn(cat-^>g8$oHr)&*M zkGuaUaY}R}&sff>&bH@)k{*?z&k+iO8pi2EGo3)|>NG(YFJB5_5+r5g({5!>z z<(~(Q@VWn!g%J^TLNPG9k4KWB;%?D0D=T_hzN=ihIme0%sQIlaxNFd=1iHgoJ8)Ud zumXp@p(Wey$af@XrzYp6Hnco$&&$WX-Yuf6Hu~4l(iWFy7v$MnWZMgHl~ra#OOJwK zxU3u3JMsJHTBM{j85S9xmX?wlm71E`IIpx< zL8UXPbXxerRoDv;Ya6yw7~ze_lYplqo-R0FNUPgq0AEd(Mt&*@Pq7cT!O>Ec4h$!4aeFPZWQc4mP^h)jd5Wd?8URoKwno={237gH%?|`KBkn zLhhOIA`j*VJ3%-#)nt#H5-yc4#O2|*_M`-dTwy@nTyzF6=LtHkiDRPlgOxp^5>Ad# z^!Iob$Iz<|y~62*+L((Qs&qPT;iXd}AZ-%xBD1J4Ky!~)_7Ew)e}pPu;SM@LbMB=Y zZ=u(5c#HN^*a7lhB-eQurvm!xXld2o0K*w?Lp?1MqAjtUK`V{eaBst!$#mLzZ=(n- zxVt^Dn@{(VuQSnQ(8yp)Fdz0Al=A%BNO*Vvl+$pBhVFA|Gf0pquCfA`ifsM;>5~ zhn*1-Xfuj7$J1h2(Iz4mmH-*ncgzW*P#g*ii1F|PJ?t)o1yzIrvW8*nz83ogfjGw# z4#1*Q6TC(^A|arIH)fas4(0F+$m%Ox9GTr5wcX~9@^2Rq27va4fY<>=Fqn&#y91~a z1sf&W?naArGbkY#YNLp`NR<_-U9Q94A~oOQOB*kd09&p~TnV@ft+Xp37p(>Y6z$@R zTr()6;)_Asl4n24q@3It;{px*4#U8T6V_l{E*c>iX~_c2ie9C);G~g3hZ7zBu(bfY zIt?nUBJyp}&;nRyBf`g=9 z;>Rd{Oyb8!{CFF95<2-OJC-Sq6^i35A>EHJpwbFO0O8B~iSu=_%|PqLTb0&HY>+2!(z=7TQZ9SG^y#aX1LW%;Ds8fSf29hj=B38oY*bqWO9e>39>mTv}>C z^qhX!e$6RKB`Izy2&|$)`vMAf_K{nowqQ+wTw1t9m<}!-57WcN7nA*Ifn4S91-}<} z8Ts1;KONRm`TM|yZz{m$4VSl`TxfYM&@DPG`bPGA-x(@9c_VBSc++(!(>y(FIbsv@!oH}NoySfYHArJ}QmR0{WU zAI3YZP17PbtwEz-;V3*#kyGUyVmv}IAc|mkG&M09f`}8w(4Jh5f(rX2!6w{|Lx&(H zZ!vQMIjQRi?9K5$ijyZ*D2uavO1Qtl8zLkX-H$3kP|WGPuykTBf1INN>&iHwRB)H< zF+1pt63-^*MOlLWa#=XM&RyvJ)RXt9{4HvCNfZJsL=JyKNK}V#Kzr}uV$Ru<5XD9e ze{6~r&i-)r2dR;opWDFR*h3=iAWX}PFSe{*8q8RQ1h5@E*5r@Wzz{3-pedrn z=)vDuI^Jl4LQ_;E$^-+WoW0OZkcS5y77Jx1$Pez|i8uOMFp?pc$hfhR z1W_as)7SwlC^eXxN)Y9`;;TX4@twcQi3o5RIq4{Xmd5f$oLKy$B7nn#I2E0J(Clao z)OHt@?Cj%XQHQvE{XJu`Us0s)FXG|vA866Ka$~fm{g4}Zn39I}Kr6_iVyN~;LdCgA zG&0A_IZt@z(b-k(j>c&lq6yWVx(G@;_9S%>_kj*LT_Z8J}MLKJ)zwi zB7sPbZ#RIK-9aVfgqDON+~6RkXj7{Q2;`q3ac<=mzlt!7H9=UnH6sYA5JCwNSQ&>A zc_>lH9gN*QC~u7Dx*Q~s1ZveKaQQ|Icl;Y2aN^)5q$*FrD}_u(h&ImE{AHkO$~6}C z2lhNE?amULyugwhp>bhbH2Q)-jp!h6`q@Y|Lmm;~Cuu>oCWCmv?{YtUm-9DJ+>1EO;UI=Niqz5&uTTQy9olHZ$ynM4 zF_d{Gwjf}h#wVKM{0pC4a?t_tKwU=ZKIG+s2#zbRD3Fm3`N#>;;);({d3Qu;h$x7E zqKL3{9zrHw%w#1uIwxegoQJ0&x33M7U*1X#RAevT(F-r16p|(@wtLcMQZD&%Xqtc# zwLxf72Th;|bzp44MnmtRAULt*k3mH$qVa^pE-F9_hY<8kU`c{(56OWLS(Z3^2GK4r z86o_NZPjuhM+<>s1G6Y&PKdkML(uJL^Z}2cX;j!xPCnY9c3cHXETaxRgwa-E<}C&? z=;gpmMACd%joGKamq}J5&~2tGZkhwT)M2heAi$q?^&vNUn9wnJ7%{f+`x}%jVy|$i zEFuV94qzyY@MA!huv?gqu?AqOMG+e8t#lVc8;;RIuwm3s&40Ci^kD~34rT{BIl$?U z#`#`w^;I;Sh$L#0>dDMDO2k1zXOUGK-oiYPR6^l!#j2H9C{ILmVHnUt^AKP-EXpSI zI3-+6YQc;G98YCXyh5o1UlBM=ta&B)$Xx^#7N9)BuvdGTw*m%kC{Hrl@h1$a|{w;Ui6p7p35(qSUYaKe-HGi6VNF4_D*NZ4r z?DZ5;lmhI8Hy=6pWFG^f%B5*?4bel>KFADBP=TxR(ewl?{jPz-Lp%?lwnuYC!BCM;t~#FK7}p3%~&wa4pPG zuug!PX~ql#8(M_6izA9wFGSD5c5s@>u2VKDo4KiHkjo2~hT#JySh?WY6L~jK_C%9* zGe5w&I0SJxO*r45dQgcxO)CKvD)By3_H;Q~2#M*_3X4Oa`p`+^`KSs35P=X#e0woM zpsVn-l!%u@iD7LNiA5;M2%d93nidgUA>uobk;MnP7*~{dF|Gt+uQI_D3HZ4#18&GX`P**HbKX8HA~L0=`-lF8ON0VGX5MIKATOHB=i; z7DaM8MB3kYMxz!X_{Df}Y6o!sr52LSk# zQ#j0C6m{4L)Z_{aC$E|ph0-ZzHBU92zXh;&MKZ2)8&N;`8=kz1&}xyA6r^x8?L`BM z2_b|B;f3!e5f#L)c=BW0vPAoMB`h#tk8_f$a^Jk<+-^D9?Z%|ob7{pbDLpS|bUvk1 z@pP4#+{C!0DQil9!X8ljg9r&B@En$>R%uk`&D( z>xZi>6~0#dp=6Dr{bogKqmRdSew{v)+qdsjIqTEIMLQfYfOWb zn8?_ercrUjqMF$3_NeICrg65o?a^)swWfeGx)a|lSb{@If=Gl`SIe9~)8pLy_y@Nd)%c?0!?K16z zUZOiG6%g|v$O#!K#2m?ag%5=6PAWql!mzQaFyCR%vbs2k)2c^aPOd%AQJ9#WmeV#T zD=Q~^XiQmr6YMFO$$9ovSK88uN1?HrFe$1+_+Y|}!HcMpiD`CMSCos*Uw> zB2ZlPJ(!}8BQ1_P8^-`ONXW>~&5=2ZGDd?bVi_*jDO-iI8QW(Tpj*eeoD&*a#_^zTkS;(Vo=Hty3;Y}|B%ZjoWl~F5 z7Ar6F9t*ts|8T%>%F5)+Q<9~hXPp~2bdJxJ@0WIdCUbe? ziIo4?x)tlcLVlRt@75#mOMNg@f?iEs<}OCcFh;OjkPD|d|P|Z z>mhYiokHq<^KL=itDVM#)zjY$KQzQ)?cn^~HtN;Gk#m2)8+B)V?by*z9Esgmaxm__ zZF`#DeI%}V`iaZU_jPN~>bS+$>d1Rn+IDzjaC;}7T5k?+|LE*5+Xr;5*P)|V#}02j zeXL__R&=Kqu8r^XVe0FhHOrpsGNk#kt_gQKbPMTpq2~{UpZ5NI^yUG(w|_XOUeCr) z%+-w_HnI7>)QO+P+QZJA$k_H|l@V;kS0nDM_&DqE6O(fOwKy`r(cZNDCA}^b1fZ?P z;>1z_&JwNBK&0WURXFxORL8E7dT7E}m>mb;h}MfZ#?)BH1*>!t$DCH;Fq1d@!|=RD z=d~Pmuo!SW#;N?l7E;>VUH1kgpxi zOC1J2Q}O!+;4OmtEa0T#%+xzz_Ib#60Qr{!r&}m13t_*){Vtw^c#84Bswah^yg=mH z1^6pb&L@DE30yt~u4?4Dgt)nY-xOhQq5J}ry%IR=0p2y?-v`)3@H~UCWZ=-6@WnF@ z&t1Tnfu|barl7pWq%;CfW6TnEU;{kIq)frhTA@9?O z`yOTB%b?OG;KV?qcL3uEU{}U*usZIY;O%fv%9qmlMUkzgQ79t=*JCKxCwGCLt~gzQOi`Y9FB4)Zh@^WY=|0I(93W+F z16MvmW2G3W7AV2X%0`kLT$Mo=L{^-w4=`wt-Jh{i1~OSa%X(0zIB65IltNFr#E?*< z^5}YEx=@ua>u{I!JF+$OEXgyQyGHH|?Z6d5o*9%Ys9#3J$bQPdzkbjily7j z+zso#jh=42%m9MomRq`WxjRDI0$n1#U8)Z*>hxzo_vN6{k)1AJDSM&j7J!TO1V?vc z(p@h3_iPxtgM}K#g8mZo=d;F1gOIVCXGZruE_5J_c8iKTR}|DAeB=B)fGkxFH%MX^ zx|TGJw|4n!=uaVQtBSEHORReX@kif{e>fmYrRcnwPH#kpBJg-ab1Hp!d^=t{+mQ7^L1T)b+KV7+)aG-bFB>|B7`a8&2_1-dyLC9Gt zn)ulBE^E5!xqx>`y46qIC?s~|PDGZZinIK^>(X}uaLbATKkSX^bs+Qa0fH`>S1!*i ze|3_(1?&J3UNIKb{&YL;aM!&|bC9?Wbp^VHsL*u@aU#fBTI7CDPzBp}2iuo!NpYt+ z-N8inWT)atyd*v9PE5x@l#6o9Chd!)G3{_Ln(l^D?&L1py?Ve z$`=3;TponDwwTlnTiHlDIct}x?;dX4XeA<3QrS$sk%g`_Cn4-WBjw#kaw(S~mqm3K z0GF$+INu{iptN$sKv@vjwO0{t?m?_P2pXo`ob47>rP(hYicOdDm40}@Wig!sfN}Q+ z=*FsS=7Y#wu2GfSq5r4|RW~em4a*J__iC4BQ0VFt_hxYABb6&zbU@bOp~&S)y*UFw zMMCl*&&$%3Ys>Z{BE&O7sAqP-qcOoQML?qrzh46Cb!l7-V=zbJs-+WC?eRNrw~~R#SVy~k)RoL?aH3HNJ2Td+K^RoR5XrZU`I|xxkz=a2Bo|dz}^^p z3IP%$38G42=qZA}C>z;_3rm4YU1-{+aw?I8%=mjn5;_MFiKbM9XleP|7W%X3!9qyp zN%b+Es9ZJ?>BSBy8&TcLMwQL)=CyXnL_;KrV9)W}Q*JK@$W{*q=>VsB_Pf#@6`w7V z;vNL#UKpezbFH$Oh1yMop_|TWY{TBCvSqkOB1MiK{n-{LQfrybeeq7oo-B~IfW5(@cKf7 zqHgX$&C?N_ipfSr(~~eHuPO*Z4Mc1|92t~pVJ}2K>Y3Ax1Pynd^VG#i8h$T&{d2y7rmFZ;O-?_GKHH z$S&@$CU&AZGcf^|Xfo3YHY0U_QVNmV9iZ?jfYSVOKTxEGv<3j7*U{ygR7B~H^DKbk zJn`QJDmbJftZ$)!m_Jj1GWBkUkK)AsnT+mv(`aPHcLMHJDWz>lcOZ(;lvgxIS@tYV zt2Y3)<^8~xoyn9Zemtx?_hEg2a_eG5Tbz) zCm}%%ugqj7Axk+{qsmltCRR*O>Ec?VLO4FyQ~{cK5T`U*6Xc<3TG^AZDacr^`KZjY zJgDfDLR6%oOqwb?q^fIJOUCAGzExS zLh+z`fU{(&rSw2$0{jw^brNPJQhYPecEjaq5sf{9Em|XnOkAT;IvEY^&`)WswR_k| zgj`(%a9#d7IL~290IZE~Y;_@yBITj{)K<(;Nx~*$7*7ZO#5{_8DqS0rA`WRj0LI-P zAbom*3M39KJ>B~hnX9^~Uv@|g#@Eq81|S#d6YgP_1cRu}<4C}IC#BmhS;=EEvI?@W zqL`hQF&syYQ!T03!;nr(jpJ++Ea}PlmSJ{#w#AOU4R$P8S}kppvuTwQi{q&{y*$QY z>D0S>H!NP}B^O#*TRAp4byPAIH7&Wx`3|gM+Aa3%RDwy)VFhVe^K57tot}}B&PzzP z_C~L#8NA-8dg)YG90wtiUJ71oB~H~fy2t$$(2d9 zr{tu{2sx<690=BBi4Iu1MP#Z4gc^l~@>ENk zV=WvYGE;S}mP9!+A2rDtj#?1V0(&z{7^)CvWslt(R@^;6Wn`l=E&yF+0KEA!fIF?G zqZk<*PILvOe4J7TW%+_NKg|vgRyDCeEhA@T-AjWjRkI3UJ-C9im<%x=r`SQn5%%nS z3zoiflk*(dh#-@x9oEpn7HE6kV58G>GKtp;GjqU{I8AR!LH$sxWQ($pFP1k!d^&9p z#vILgBO||kMs{*$o6MY)5f(J41KVsYIapv%#@3jmyh1ukZ)GniIB{;|B?3yGgBUg$ ztMbF1w5K>Ccn`27rxCvrLuU^MPMik32?;D1D?bCAB=XtEWaM+!P07Tb1auD%IOt|F zFLM%D99Z-v1Z6fDCKKs?2vLCoCu%?x4Xl(kWlJ_T1w5dPW^x($@IW@!gn@P$&Xw5% zorahvPSlln$I9-X*CQ!)6Pfh{I4esmRkvi?>_EG1L`RT?2E>&k8EwhiLKZDbx>S2+ z2KqDYj%dKiMRZe8Ps^codE)A_#9#xU;1e9;lzJ(C*Lj*VNEtOAe=gG4?_h8zeE-q}c~yLZ)adO$8K+b$CLfENw{TaQ@9 zKC%FEhBD__ux$z(c}U*VP8|1e3Gt9K8eP^sRz^;6jg0P2=^h^CDl1*m%38P1wtz{q zgmmQyqDz+MC(+x*2$@L&yHJe9$+UCG%90ak(;nZQ#kc#BSaEG9;u1q_HX<5Bd;&Z= zMW#JJpGJH1wt^JwZlfBP+H{0rlVlC=Iqb0tipaDS<3C@_EzCQo_obwi^TBq!N@C zE)Ai)IQSq!+7Fr}g)|X4O=_|u*~;R|W)*VnA#%1ZC#~+;XRVg9rHI0txj=wn6`3ca zmux`?83wWF&YKJdb_vVJD$2_xPbNvz2%M)WeEL?(1OF|2ZhBbk~N>Xcjdk;Vv3w4yN^Emjfs_pW(ZyD;kCVT5*#22SRL*i4es5SH;h?O;Qp{_Kx z!ZKwBCKtOTTf&+F=N7Jv9*p8vYD&u?4`h+O7P5EvGuesIy!SVBX-9Iev$8HO#O_tN zNA3sqy}A!Ti(~OO8l2Qa)IQ3EG-uKRe8%a4s0}412}^9l=RPEz?0I2mR7D!1xkiy@ zh}M9(hQcn-l4$6Gz{wXQ5hP7c!SHk%oTy`EWJ6n}(FTId$_C3yG4)N(X}q?IcqaA2 zV+_R9DJ$90kcbQ5G(uqT7?x9zjcFF*2#7~@_1&W4mLXKKLR#3#>xi#v&~V8J^xt(TY95Q zQB(iJVEg<>+RZ{>|M_;~V5!~OxWsDNQAP+Rh9xB(YAw{XJg!Ca{>LSh zJe4E^5L60o#K^}C7@8;7INt*UyMuQPcZ~~47C?|=)huLUwsur1aFubK&a6E%gox$u z@GAhhCX}8=0AU4^4}y`*6|*NxF8@gCy=@+tzdW!&nTa2SxvexHfvjM4D5Y5iSl|F& z#6Y4u$jW0`I*rcDfwh{ruA(e2Fe-(2Bv@Br5T~L zL*{ngkX*=hr>t`06N|{Xc++`i^00;RIS?0?WlH4$>kvRO2rANRI9hfK9{lOE&l5Y*n7Rm*2ClhF-5ZT2!#R4^Wtf#Omx zsAibP@RQ6!)QeWm$MArj4h)rXlWQ2+cC6r$$ua|rtJxW_Lb^2-nzo}WyO#|K4J)hC z+X3FqQdp5vk)~^9`NUitRWVk|hBeZZu|Si-E#MGVS;>mRN}627%tPuCKUPY54y@L^ z8DwceX8@I^vNDIOP=!I2b(jBSsS$l(H!p2|<+2a8LGK{pN-BqIVF*T~_GGv~wb11- z=LRj%53x3b$-!`(%ufe%k(;dD9y5k}L5p`)+ND|l3FTmvYY-LP4IL6)lVp%*!^m?8 z!FpoZQdzD>|3t4Qg-SHHTcC)B=fcoqHpABrt#s*HJSslIp4Spz6|%(RKrsK7fF%t) zORIe?YLz|YT#KhfS}qIkovz$D^KJl1TsbsK0RbR28#RJe0#-bzbr8O(mQfkWXsk3v z;5KR`7l*W1iAc|ZUd7R}(lSIXON4?=1fipN9)y}AV7S;Qk7$lV!L=IN9Vl#%aR)(TRSc6-*>{3bs~FTzImfQ&OA!<&h&drVqJUSd>^)7 z;cV+LjdVN#C&=VKoFJrQpi&r~wkaB^Z98`yCBbg=Qh&XAC-h!(_z~mGr?T5_E?oV} z?oEUFZHo~@u;;*$fu%S{egwosMA;4=;c>Y@qh6SGVrNRZMAqEYVN&mot)m*pN^&WI zzssedCXMzzx4TW>Dm&M#ygAl68`vs;tI2Iqe5HSvc%;MmSbV!9Av3cp7VIT{y4-HJ zre467e(}TqL_E%$BdkZ6aFJ8O*1gi{ zDV+X__*=XPjuJi-u3beM=_QZK`Uxw1DaNszMkGV%mKwd|g8Og$jJ7 zJ)rVdN&3m^x{N)-^i$NijHNK`bhRFF&#L{HWmqq+}5H><1R zBiXD9)9p~}pAV7(KUKHfW!4&YnJe!yS7o(W{4TTCx9Y+hjMcxv{Enz6+{6v^H(9-# ztnW>x|4uz7iq(rUeXpJnr8Y#>i|QMdcvQVjwaXkBvdbLvma*MxW518gxjS+3^-lA% z>?WJZGz-}^wjR%A_OahB7ByWJ^`dHy-y+o!?Q5#{z1FET>ydw>N@Y5seoLiNX;p8k zRN*JpqqmujUQ1tOp;PMBS{53%)!gu;lSTe$>U5`|KU~90USy-TnQNU=p8*t;_tW~o z4XWT9tah{TsAxlTLkGhE!w|zy02X*gJ(nHPYRpHpp+~d>j%Y_7(fXZLuVN>>)iq9d zTaSBZGp|ePC*JpBk?(u;x~zUm^S)Ol9~RFN-t!vvp4XGJ^oQ9j{dqih@yu4u((lHz zPjyN?Q+-Ok0M8=z8ucDL2k{(Mzpgr>{+*pvNByjha%x^zd0kcaW2$brWH z_%_Hm=Cma&gfdlENPOQEZDvs6KbfkD$)(6h|Agc;vq#%;{_1vAc2 z8EdZ9EmQ>=eT)&t3C3rb@g)|tiUnFW?GJ37k)xw3*MvGCqQ`dn>`Xjok zDi)~H{-A4!GJn<80~XhHHH?z}t}YyR5gWBddOxFNnyjC~jJR54GBcV!&^HTG`vz4r z);4NS>4CTYw7wR@2ZHq%_1Pv?#iYHeZvotY*N0TXH`A+C^1G(r#44$aSfy#qw2@Wv zx~`8lstiW6QF{w_N=rVs^#e?r5K}!CWo&9P-O&#>sw){oj9rYTyZQvC_F+|77&8?a zS~GP`Ru5DQbQ;hyx;m@@dx8yTqu5-=^v@bXyqMWbJKKOGt$r^WngwZnjFpX{K@EbM z2I=P*+Iq7PZ_`VLI3vC*TGd$7=<~86%c$`+K59%b4m1YLHOys3otGg%Rn<_(5N_yb z@LOPbiFs>$OqEz$HV2=ETxjTOQiYkinDixHq4?k=)9&!{MOF8EMQT*On(7+;dSf>u z>uS{QH{!EN+OP4AN=bj+1PNefJ~vFs`06r?0*?)4eopUROj|?UoV8;eR9)2i`Q8yI zfoT_bW4zEV_Vxi`O1z&`Y5Y}>un5*grTyF+BYcN_-W#=*D-UPIj4fvDU9cu&zcMym z#g?nsb`|?h#jdH?i)yx3%|27JpVjOs4O^;VA86Ru8g^O3UeK~PwM_ekx4sf~V@uLr z2p;_GQ%T!Y(ibXeqguMAmaeKLr?<3OE!{9llhx7!Z)v`_^sHK%u9l{#rN!RTOqF!q zB>k$BcIu?hy`_^{X@geUq?OibrB}4lGOaXKE1ghFZ>pu!dg+v2x}}%y>ZKxs<1mYu46}ZY?Y3!)v-HzHd)U; z(6ggjwpGh^c(G5k>}wNSZ)EFqtVqwU>)BO3yQ^at_3XBuEikZ!2KJ(X%`vcRdiJ}X z&BaYSKvzeXTKP%yavE>M$9RG@F$jAcd(emA-45edZ;W2uu_1p5e!F2T>yCIy+N!y5 zheoC?Dvh+HcMx1OQfZ{ec&r$YNFVn6OMr**oj9f4C7}M>1Z4s8YmAbiKnqi%D)&KU$6l{Gs%p+;v|xC5-%U&r7sps z!an-a*L+jiU8KscytFqz8yc8${DR`?*jx(Ve@~|v>9Z0RUQ!-*^3#z8&zf}Ncqn)$ zpgcOhN%e7`3n7>fgI7z*4|plC9_MEO@&Sp?j?rI?WR;q5N?37x)dpV_4&27T70cs0 zNtKYFT7gcz9mGpcB=MP6j#vZx!hB z@U$ZBRU87bctFWVC>;XH=NQuoxm1*lb6vbH-Q|?T9fXBK8}j}6ItluSb2F(p3PZi$>l^JTX!Oloi7dN5@D_(Q0wv;wavh zcGNgZibe}IMW_uAovMjO>L#E>GRE>F?i}sF#-p@c&`e2WpAMD9Q3t7-B zsrB8QLwrNrLbyZ$cZi0B#BLq>^^+a{O}{i$1KnDZc0?0Z|Nr0rYZMq$8#Pv`BwKOq zCv{%+r*@or&4=k#CB?M|BB-y5u}D9gkIrl8)Q-%q)~J|PvJKK18|ZLVMR5}q)0A|x zb+J|P2=TLdsWFe#yrL?SY>{R1YAo4H9CPOWSaqWK2vPPI<>7>{qGXBim6nAU`^I*VXLJ*9-m(@jT(scBCs;D%mkDsMw)D1 zI&~k7E>P8{cVwW=Oddm^v2SudEwVduvLpR%z7(hr)c3Nd;#;4ok=1P>6k-gl_!F>^ z;kHL9UL9D&^CPg>Y1kVJf@DYU(YCcE$`%=Et6s$?vZ<}HEh;K9x=BpzfGR#wHV?1O z@gKoY#$SC8{B6aomM5XmcIsm0hqi{k4i!;)d*$?lzpwoD%6Z4MMN4*0`DD(qmjkNb zj(w)V?_;{0J$tC}x`k6F<#fIfa(DE!KC8bPR?xcJE0+gudA!NvALc&WHhX7ucwb~X+34Aq`H9SlXG} znt9b4k7)O_Es3Jdny$9a%M)!KA{*Hn5c8M<>$sUGG0&b!n%6k3N0@X{R*cw!< zEwQ9SNxP|S(;bf7W)TsiM~}8uu|)_-(4G?H*VFzAl^pfFc|=Z=zQq!^Bwy?Xq--Ru`+7 zH0NT%Pfu@~R;9S%<1d6?Xmov6@hh>d*6K>K-WgkBiEVtd@72XUhYsA(ewwK;?&>Fw zeMh#{nf>UqRjQnA`{K$L&!+y?>*=i12QP;oTckVp(xH#l8+-pc_^pjK-&vF%HF)@i zEBjB@S~O1=Al>Ty=KOX`ri{9AvHHu6Tb=v0$%eRd=QcX7w6Fz@kG6mM*tG8YmsZvN zZdC7c{dfMTKXfFd#`Z5R9ewM_Ps@hAuUS8{_-upj7v3mLND4KwLzVVTF}1xKH>PLp zB@LQ9`eo8;)A?Ef4Zm9xcRKi5k2`aYr~5vy315=b>W`tP*H^!_BWY@;X4;muOJ|-+ zntJ_~{^Jg@69X&V`2L-rHm3bN@5G%23AaZ4_RfsNHY?9-w^#C7c`9pR;QFOYR;qI{8HBjW6`9 z`QDW9(~nPoG{0(>1jnjLEpJclIpFQCcdD$~Fr#ndeka-LdYQV76WYJi;ZRpy^hsTQ zO!4LJuWX1LwR=?3Qr*iZ{hO_~H@jK9`X_bO`X4V|*=@ehrX3g4gL}NZe9hR$LQYS6 zGwR2KX>7FSla1AWzgjz`&x&D3e%NvP;L5-;>j&+bdUUJyHG9KppY_SCU-RaSHRexa zqFXfh_swm_Jy~~7|9t2DpL{Gcq^Ar=Xa4kg_U1!7{NGG0j5s@cc1xellWfKMv9@CE zFfj}mlYM7?#fN8g8D_CLr~OC7D?~VTNp)a7cMtBBgY777!QbMBV7sMt0hZ&i(p=~s z2qJAwY;jSx#!YQaX&{K@-bfpH|LX%)v8w!#prRo`g&_fb?#+vT4|fO*2!GEByrK%^e4VLwy^hlW5bWue!Hr{nz3GMzka#@r$ei1&!&w!6V>a{ zfQX;pH1zm#L&7_Qzu9F~7rdE%`LnFc%?2&2e5L*S$Kz60XQwtE^IA!YU!#MqUc7$l zsNU!Bpu!c2^?vr*RuVXR+ng2`Zk}o|z`sV<$HQM4n|C~***l3(d~^PM+gVS2J8u2B zsnx!1`Sx>z&rI(=x$3255&eIh*}T!3=zhE3X?Z8=;0ASzx7V+o9XIi-#YGLTc6)qQ z&Bk>Zw&v|($tLw!2`+;o}W+1iO)g5OOT-|okqALWfbp7(Q|W82%$ z-+kf3kiOqNHRD{@MBB!0KeZ=Ii`z{)^eRO#EZ|Ac<3V)&D3$2=T-+5w6!t`BUU3MQ@(Kf>I(zWdCV=Vm| z1`Zzj(t?)VqbDC(H?7LiCEc#PylzYTlFWHu9sk#~=S<3wcpgLIS)0GkOV;!%F%6V4 z$zu$xa4>qrl_5x_@vd&foR>aj)mCb4Gm*IW(-4@cHb0l_*V@z=0!j^Yd5xN>B4@UJ zFG$<%#4js9i9AqydW>xV<*1>-NM!3?(zT@X)I@m{!e~`~nB!v{c6p`ZoE{&E&~MRe z(OF%C-4I*!kfGyhY=jYje)A zIcK?uWL4XoPuU(*ic_)5(f2Ek2Jh6Il>CU?JnV+dD@@7Fx28L?Y^_`XRJNGvQI=2- z!@&@4G!b93D1_lDACqn}pwNWX&P^3oOK2H^%17Vfm!__mcRZ=Es`cPEj^VWynqD@a zNSQsq&C3(MD)gSY(>}!7u;ulS@(yG@b!XdSXN;dV-`-)>tCusrOW9tl@rt>F?UQFt zc(#3yKHqrH9{*L<&LNlM+dSKA|GL{FPPNoq>n;4LMYR=&HieF!)AZ!o)V&EU#*D3f zIdH;jGaXOOxboSfs`m9ie8&HS<*T&b3(u$jk#2pdr2b>|NAycfso|B8Jz(C;KR$J3 z#|xL+H#mB$`TnhqFJ#wUb9!yq`Taj!_FX$aeD1uizAa3b4AcKr{~H+|F45nTAv!IU-WcK-Duqb-P;8|mZ@T#X$JI33j8H~iP5_K0(H ze_uA}7ka59ynBNMGomZhs|Pggc`qvX;h@a`X5{Kd-v;^#=p2tG+zB zeaV>-18-$6SlPaI-$7?rjkkDlVISQsyVD0-;^wVi&8p13xp{w`120sWeY@Y|9XrLx?WvQSacy9m zB~L&1(Uu|S?p_RAy<`1?^=WCEX^Oujq zyB%J%wa@0SH$QszyFRzNHyCXh{QLIB$2N3+cySkRQdg>f&C+M8;^@z z8TR7w?gRSttp0=lxSE3&eX-z1-}E6>dVV)5`gVuq%c4WZOsUiC(A?aX+otS^GR~Q> zd1URpbNhC`awhXw=qvhp&899`@cFo@HSC4@gHDAuO&f0MB zx!Ut@cWc>Y(X*}JHJtfn#+cbn`}7G-URE4%(pDUB)J0sinne}|e1Wh}T`ffRiGU9f z^p1+D%iAZ4Sx=ow;R0M{SyIeefwu7&(&E6)GU&Hl5{A{5!e*EdLy^qgSt8`Bk`}SyiF*q>F1`RPL5*N3`G;SPijg5^SVAB+- z*p(9J{^ibnHs`0M)l%6+VF*<9ZT%Ol5r1+*`KYZ9MjgyQLzB{zadO>~)VsH(UGHwq zY;iGBjbhrgi*3|4s%h)Uy0+SsP8}HH)^h0-Vx!)UM=R-(Z&c z*2660HL-YW^>GK2YjLxTmnTD$S!R4`0{lZ}8M$Waz|aaYmW?ttVU&rqMMXzNM>dU& zAzeHYGwVp%`+rsYfVayl_MWz$cR#A>Z&&H7dRg1vPFnI#?_Zm&7%_3+p!%(Uj}3U~ z%Y~Keezc+2XG0zz_j{q~#7i|^IM=AzhH=en)*n20X>r5QXFJcooptrqCe4~Q2|mgu z?s?LYdgVj)^Y82nYwcCP!}8?!^EX{e9#it$uI_D4ebD~S;L3|KTK2fK{Ik5TPpv5G z`$*4cyc2Z`2Tl(9;EPMqWBQ-l^=p^SneVP1cVqwMumCADvwCjrUhA$o{4#gl&NN?N zH*Lu$+fK9|@zzwo9kW-*?^)WsAYxw4agC1sdtt5pnZrkPSe-j)?}mKmPR)-uK58)F z%r6eFr-%1Edv4dsNpCQpkFM?On)3BT!=oE^e75dn)|A)=)l%#D)W4=Ew$(tXDjsU= zisiHOyFAtAR-2L2em?a2h1kck6Wf>4Mh~Yn8}v-%%*$=Zjc;FVcXaxIDOr7Nj|*+I zyA5WS5|~|FHj#(ZM$x~}yTGVqcCm4@OC;As2Pm2xG*L3Fc2fM%L|fi#7$LikTNAwp z?6UTjK&nAqjknFH6rnbh>Ao-)GAXX#)9PpS9XihpSo2~RYx}!h9=T_vrqrKO_!1UH`3LW_Fug{g3Yl^^2a{>*#n=r z)~}t|rBd|85nqk&J$32odd)MQ4YqXkT5s8X?8koJIX`)N`MR&h>}lI;%btndO-q+- z>v-qo>Z!k^_n7qj?+bSix_#-(mIqgl4qNp33ESyCZ#{84zsFOF1KFh`Sx4JEv1YD+ zll8iK>LzK|4>g+fN3DZ(nzhOB?=*bknwO8i_~w((_PaanOpJe>w0UpYHeWjuaQ))$ zZXXQmlKZL8_)7_$Cri<1kKXP4Tl+O@*B;#RVbY?JYuhK3G#JpO|G3YW{*n$`^hgN4 z{)!R8%gOgCN~$u%`rl)O5Q5JJs{>?RbZq0sB={N&Zwz_=%VPOKl4@0`&z8~VXPQ~g z-3pw0^^Zvzb4ECl{12}%O2t!do*$pyx#5uAADvGAaMU|3(;5uCSgCiICbCBBYE@qf z{lY8o`SHoN{%_k7{C*ocZE{ju@2|VQ8)w+i=7$$o|100t_tD~4+xhJO zfV`?TpIO^Eb$X9sZx6mbx<-qOeG67^eWp#k6Dy6I+Zo@Qu#W=zPsv-9`G{~VF<{>m%gr*2)&c3Qk%9JBA%mK}Q& z20u}G5z}_B)m4#HKS5HRyzdmeLecb(Ou-NT{`hAvoOxx?u=E2h=FA-U^%o0*cl}+V z=b9qRLNB&aRP;Y3^zH#0Q|}Uza~85PV-n+>ZF9a*YWD54wNT_AX5W$b6tO)zCyJ?e z+aA3mQpIg*4>9)^R~^uH2AX^Ke%QIU{-z3}@%RqhVD@kEuz^Xfd_*>Rzb|DLtmCw)BWQj-Y-9t*iNzp&G+Ueek) zzbaQF3Z3?ES8W>c<0oJI{^?jLr?V}gPObPa&#PCw{6hbFTQ=X;oXA}o)hX2++dV_q#o z@{x5ts^@I|?Sypf=ScnX7n@zPcNlZ#`s*FvymmBiV)BTb(W{)Ft@K*m^n-IBfA&rB z#=L!@SKgh%su$g?HobmQ)Aa+7?D6R{f9%uw%?&@zYxK*E zBjNA9z3RJ{*RO2z%HA&@Y2Ees)Eo5|ylPIf9sIx%)%jS;xU2J@iKzBT&9(hEt@%D7 zer}JEUoZP=cb`)kNBizPaMZTr_UAu!z3H=kaQCx|t3MJKvE|EtTI&U$k{*qZT<{7D zIlN(FfCi3#J2TYB~>si0FI3{HY}+d;Q9(_W{Q=Sfr*vjkwY-2fszD2 zqW=fHw9PyUE?^4kU;qUSN(`(JolO=-LmdMx11_imputpjAi>1M;Q?g`?u5uXE&(ps zV=yp7(#r&zi-wO_fV!?s3%Cq8K>C^47b+}-u^HPIAh%0^?qzOlWavCt6v8EUdtbfD zmU(iwZkd@Jdo$7SXTfjjaE9ME&i>xRVj%kE{-o51ZGBs}Zes0G`FK+=@Wfub=m6gn zvL!(|-hJPG=ULA_kS%KF+_o(I#zN->eCKYLxSEH&irn{n<0A*bqh$$`-dnxWnsR$7 zH&6J9UEP-Fe;i%hXq7c%zLN5%rG`z+yugklCpbAz9@yxF3?yOcw;~TDH8FY_NWq62 zfFnt~C<6)@gGKA_n5KCh+!ru^MGJTGswIUXIYkl~++u8|`WDNcWlz{^(D)0<049CI z##aW7&kY)%7&Pu>QD_SJk;o?PWn_~ioPXzTyK{l;zpGDfZ)Q!7{XcK%+@OAg#u&}Hf5O}-nX~{G5!%H(C{y1eAdBR6#U842{gE@P?MPyCZ zU$ge~_uuNxrkeGht938z39%25I$0x@wdbyMXPwotoV(%{7n~PPp1X(HQs{Z6<2oz; z*?CW_KfMXiF?9NSLvW+qksvLR=|H^=!KO4)PF@7vI-kCwc%^{;U%C#$W`+k=b8~ z&=-Q=t9wA(_`SN`z1c!y(6;v2sewc~mCswnM8BD^hw_PRKCxy?Ph!Bzn9bGIp^F^V zTf2xhY98`E^b54EK4)l7BCNF%T@5;*c=3a{Ch#4>mnbT@uIy$8+b^F}fZ+4TL%ZI^ zqWr&nbx3C6^WXuZEsTs1wU(4H!}%N|ssj3j{Y1Sk?|iO_lIbEH0KLAVUUShrSOh(7 z2LQ^Xua4cI3sRxlxkj984PPg<>a@l&OHWQgQ@SUKaWi!9Ay%mS4zWHxVjN<9dc=E(_307c zA=aly0*6?S9`PR%y^~r!^mFKgl`&5da7GfKA!H0ew-)v{)fht;0ILc#EnRvXf_@w2 zgVt2E+!VHF0541fe!buRy31dF59I8BDisB+>5w>l3EG|4H1*=cOMtv)STMS9AqwV= za7hva)&PzBG*_cjZRzN0gXL;mqN+96QQfU(p9E@Hwa{$M1h7|nXfQbom@*V&k(>>R zhbVz7Mg;T2TTjHkXol&qB&OfMOpjH^8dkH0Ilz*00YXOdB3v2+x{;g*q<(V!hmscq zIlN3vopkZ!*NixuIUme|rkN5{;>TQ~(+qc1>LJOPrD6rWxCKp=SI?SU`y`DsX7*%mS zxe#PyShs)0=3~?iJqZQI)VP*}x`w71cEC%6ifJRDD@V*9(vvXCkjShKN@O;Lf)bZa zGa44^H?S>^4CX?EVJ${;4J$_#_@n@_7iySiua(AF>DdG2nb;(+9`jn4po(oTy4=!PCPY@g4SxzHiF^aKK1tB!lb z-A%QQ+EpmAIsoi;)RMq!(56=Dx1yH&qA7MhR=U{1_q zVF-<6CzN>m8f)zyw4x&7d0NDe8N*!V3T9wn8j?N0L{w68wH}mqo_-nT%5<||ftp&Sr<_Ti zehlU0mxW~BVa$_CqlUNzOfd94m~q>lA*^8dwB@G@s~UDOxQjQma`OL@Uc!2ZKA*XPf8#*FlsZk zPk%?7#yD03EIJ0~bEHv~iv>Xqjv34-!iZt5;#qsHTue&L+KwJPQxnpSQHf2>@A*`{ zh-&Io+ZQ`+!$Q@zATS22s$vMDY#J>6z(ZFK4BasEO^Q|=K2 z{+jJF1OX%AG6Vqw9#>Ta0R!Do3_-w{>oNoZ1KCslBP*8NFj;fC9=TxjC|hV7Nw^dz*QBUp6-mkC5}GNiJ#3mU2$qCqPK zMDm5G2&y6c#WSH`qY-q5FebBc%pj^U`~ubflRJj<>HeqGnuhu2#{4|jyMj~{KtQ=& z5RAiommvrkNtYoA7zwFc=XT;XEu zA^L$}Y^vbbra8KOO|_F@?Dqki9W-RwDkmYGS5&oNbDsPPgd{k0RRF)Q6Tf#0+#qn1 zKxA)}BE1_0G-inN^<)Ok^WGJ~D%q;pwN{WnB3GGE{0HSK>_e5G1cBqQ7gY>Fz`(v# zF$59Yz7IblB+q{?AVsLnsB@dtgex|HT2n*AHaC_<#)|>blYI~mW24J^;0s>UtlhXa zl%|jf`X&_I!-DQ+mF3=Gvs#06Ha6Cy=ornX4}5K0j)E!53xdEcn8=DD2pHItDTW|m zU|K4MAiVy(2JMJ~^YojZM0dt-_?bD;h95((d|ajWI!z(9!D(u2=yiQ8GVEi-WES%7 z&X=9MmwmTolq5TO0!h>?dzn?fftM$`C2;n0J#^2nO7{f!MsQESo^w)4b0H7KBTLwa zm?%@wWc^x?^;TRZZOW#+#Q8dIofW6KU~@g*t(EFs;FU)&AIiS`6 zK(ZR$ga_&`sIT`}7C0>aMTIubb?Pwx>=mDv9okekv40i4QS~ca^N=vP2eJfzEIA0Y zWaNwEHRw02LN`3tb)}|f0<%R=r3zZzbNOn`Ie|fZ(f&ovtwEqSTKlWO8-x5C!WhdyYQWg?<#zU@x>?zA03cms7G;S`?wmCJt18R&2@jaZ$(26oH!j0r~PqyPgMqb{K5~0SpQvu-we%hddZvi8#Kqa0ezXS zy`&lRg)rk^uVSmN^>e#@0k+}$xZ^SCBgFi_0Un|YMbAr8su@kN>MN)fqWg*E|Bv){ zb@OzEV7vCyB1bO85&6Q#e3W+GkK0ehe$ zN-qcNsy5+TEoJ%WlBfx)MyM^-OQKyA!#}QfH1=GiktWj=p^Dz;B6rbrsuSwnpprC$ z<_eYZvE&TobFMceR4p|K^&`(Xz|585+c(d?d6V3|37YV*IcDtvI zzHcy0gc zci?>A^LfAx0w3@&=Q#AZl5Ddk)@ov>Mr@}hmTSazYP8JD@@%kDhcM6;t`?iPqkApLVehgR;c(KMZR|Ur(y8iOJ@z2Qw~)hodxPS zhq@tlkvB&F>QFbu7Jz!yp?;6v#_2VOs`f`g`EkPqUk4(-7Vjjgaj0p&MWCiRRCP^@ zcQPd$Dp|7#RHIOj(D%FsX8o#*M2n2r6zUP`5&A81<`mjBs;uag{anhH&f|JV=ws34 z-YN7>+>H>ulO9DTn?@hu#mI?*Y4mYLN#Cc@eGbKapGFS|^$0z|`I@FJDA$`#2}Mc0 z>BQR+?k(4wPHhhLw(6VcLR#if@2-x5S|gO|-waxhwb->~25nW8=$t`29Ex?$pp-+g z&RWVk6zi-d+o2}K*Lr8t^$wMY*U?P6(V?{H2Jb9-k3)r{y`bLjP&2AGcxTf`9O|O# zUQj0->bo^-y$SlXLp_euj|6?up}vIitD~XIdOi(1)Cc|7dgs$S9E#^{l5TaV4~3(k?sTYM z##+1!=)(^6dTbG>k2@64{(8F4q3ZM~s0V~nan?YWH(5&Y^ftH_=ND#q+kAUUev*x6LGve~_1WG+XFb zV7Rf{La!)F>};X`bSSp7g?zZ(UWrunjs3r8YL$zob?(4@g91k!6#`O{roKH+u(TV6X5tL9OJ$4=fL+|KDoH z*9qtQkk=>(8J(7iPNn&5@C#9v?5v4KJ@gNv;cSxsd-x5~Uj_dj_G_eIC12rN!vXBY zg7lMW4f{%7{ig$lXaOL{8N+1)I|OzMyh7kkfhj-(cR4?)o&@ zJ{=MK7QiTFrPeJ1k7_m1<#dvM5ZyrcNa<&3Lu4!Vwm+%vr=!}s*j~DY-s~Tto!XU{ z3n#T}Yi^}`r0!{fPtbgae;0jL`;~DQeOcRF^I*Tc&Np{lPNSGH8LoCp6CY3$$p}TeKInQ<1cG5qdfVm=E6o z&b{7uXfJDQ|1#~4@Xgvu?Md&4DTunSQk(Ya&^^%q4ebQr*P@>T{CN0t+V8XUvYB;X15Kf!+ z8=oQmyi9*W`!;75?dr%neGNTYy+hwfAFauPKU9;~gZh-{f8oI9hqxbV)4t^Upng>Q zX3gjIYeX_5k_)sndcppA9JP37(5Br9{cYM``+li2{4L<4zPN{Bou^LcUbkt#tZDTu z5d5U}KCIzKwU0y=qjW*2)5F%T^PGgQHhTit)#U-BQ~;bz2LY$iA;4OChbK;NLFs(# zul~m0j8nN|$jX!GB;XACHsD-(46uQw`&ZHZ*i=H*o7xni7~r>D_^>b|d|L;D~T;gwBL`53=M*k!Sd` zz{67d4U|4(d_zi4gRcdj75>k_pW}Z)I367u{6W2d)`L3RFc+L2{{nC(1sSdjc7n6d z-woUjrh(t$&kBA-=f2-4@D}0RqTfmP1dj>lxWIb_o|Mv4f+%Cj?&r{8K@Oj|=>@z^V{)>H)bIt3=3w1U`pVKz#{^W2|OFyNiS|6PR93UB=8zQ9c%46;MW4`)Q8qI+6Aa%b=&|v z1E`aU)->7;sM8*_rqNzN9eckkfWH;+61=?mDH_n8)qbVT)UVL{^`rVj`nPoN2=7@d zKaYXLmc8`p@q8AMB5#zHc-MGVS1}<44%hT7!(Mo-wtcuyAnYLctR#TZ4`ZCe@bfxY zbOUS+Ygw9&??QZ;w~mg}FSHX>t)D=2J_P=^=xP0F@StYJ%4L0ht$nSu;>uJmn@JVT zmHiHbOBPm^bmfcLV%98lL>^uuf`O0)(-$?Lj$JmP+NO8nFIZ%-JRcUby~TcnJ#9ne1%xivYE;k+ZWP` z-C4U(lqQB(E{4TrizaH9)(+*sff#&Wl)M=X-wX3qly*(WW{_9s;{r$te?5aZZ)*jlQ z$_<%)eW;XnE0uj#XkKULO*@;WjJZ2Clq+`R(zM4c_I2j6X1>^+p+Y5*cDWm^REAc# zLM!+6^{q~&_u)a*+N_yF$y&=!o8#GH)#lW|1Vud3|cS?g`Vu5e5yEPzo8oSY;A&WSo_TUcy`ae?BICr+H9_9 z+T;0Z*u*23r&d8ainkjiHewIx<*kliv4$4$d7l{brp zBC4e9j09?zZCmy>Gi`xJi#)at)m`8Ovc=0U?D(o!^hWItb z(>x~yk(xqrawt~DHHI~nyih4VA-k^A=IDEo3v#&=La#N6l}ub?u_PeK#Wc+l`%A?Bt0ts5ZV{5 zTeE}adh0;*=*-+{*~)|ovy#N$SxP3#Vsw>_AivVI`>leBwTs8mq+WX%jtAl{?bL;3 zGm}9QEaJ6+{-L5taLOP?*p_tw;Zspm653wi%v`Fn#_S*3vxkGD%yWmKH(RV^Zy72M z4v8DeqP-~_Ze7a(alo?ol?z-Q9C7GM0f~NmA+P!NfXv2J?yOQ6ncdkvLu$1sD{=j> zHC03`R%kE9XIZu*mrWJQJFJ|LqRELs`Xmi%z~BMZ@Qa{-o4n5WUv)*8IC>8&R}tgL@RG0 znHW9C)S9cd9i{o?Fv~lg^2~FJ%5%?QbmcS7a=>k@Huq%n6*O|pU^IrE+<{>#YV_>OSknT7Rg!9=N*%}mR!VnU1Nhk%{lug@K!P;GH?u4d}d@46w$QCee`ChBfM5OxZJJ+n7{>cNezW zX2GR8`NlvQCYZ!4?g~`AGO{J#Jut{fXR4qy^b8F$!_4r`WFu}kM6cX6I5CL(2So9H zb2I-=l~wX6FwUDJ7oTuMn|Thn66L&E$z4;*rtTD}EFHZMb~Tl=pUX)*7VWRR^+m9! z_L%T`DQp-QpQs||&XT#@mC?IQ;f|AA(YmtFSr<&#V3}nH&Gb+afnQ>F z%$gt#kL9tPn+QdqMDVfG^sSU4n~FFGD$9 z6Ep}F7VU?E4Co9vStv?CVy~1lHHbP~V=o#k02XoW$4jtW-$c1GVR&5KG&I}zhg&qM zpO*TpaSskPsd^jA50s3)r;_|%W$4Jg|1!K=kq`Xo{P(9d?9T3r z7%KNLi(VI;sM-&lW6lCpacN3ea}3(xt)C$BIJOcvcJ9GpaM_2A;O$0TJlv9)E4Rn- zc|i0eaNb*oUmrCi-gEpi_q-0e9>?K47X6q&y`}gr;C-A<@HvKQI?s?neDg9_@`!5H z2fB=9hMQHO#IS0hTpp7!y-vI+NND^iHklAXKql&QSAgrdQPPoLBuHz;fSCy8! zp>4AaLl@+@`&c#Ms?Cr+fb)4C?ln>?RZ&YDIoj)Fz40z6D<5q_WuoHzs3JKfopH@! zx22GI*?|Qa7mgf`Qk8L4+@~wL!edtCcfp#BYbn^|=N{1ll&I?`}SZ5v4ve7ZQ8WAe48=PRb%;+ZSHyA$*eJC=D&y7Ys*J!UaWkr9Py*Af$#XF$ zT^fS+0?Zr4Kc4j*u`G-!ed@eB0PVU_ua5Q`zkXw&_ihNkNX!Q&4YIgySmU5FUkPhfhA#(j#r*7?NXyuD^c*_UWgTujjqNp0MII@R&Hv7_K}RN)lV4>D<=pS) z^s(Dj4l{O8Siw_)7Y^DyyUhc}QOLQC zJM5ZS0LAwo30Y0m@Uj%lTilHfvC*UNUf2nv_ipTFl_~1*JJ(Ls7%Sn<(k{`(8foO` zyf>*Fp~~oXm*TNrtV4}n89(k=d34=Hz8v#sTLIm8;M&~2g$Uzrb7ZK$lK6c&pTFd*loGc91-(K|(Pm(vG zX#r0H0SP1)V=^M>GG9X1B7)D1_`#kTANjQ3@2QP%kMGoH)>cI|Z5B<5k35KrC#2P) zs$LsRFzYcbp7KwLzeSIybXHS4Egsc$-4W)3S)_YIkn$x6YSDhgAWsAzk00%m4$MoM z&dtZOKq+p9ro@LlaWg&;&sM{nG6iwS8!Qyg^{WIc8WO$z@v$|cN)OQal~(kBs&n50c25&9iqY~)19?}?Ax6N>_b$qN{X z=wMd~9`AMtpA-loo~jiUCu{uv_%-pJwGr+mzRW$M8SL#^9Rm~*G!mH}bw|SOs2Y%2 znl}VLhS>Si-H0=U5nl)c8S(kyvv*bdyHEd4H9BPFskBVmjXSK+v0 zkFpS7@5j~a*J9BC$65pK`aUo@2*Y+v`8$9kwa8r>R^h-uLzKi8H5Q2vosc)j6l`mlY!1e zj3EPHj#KOqqp?Hb1jj0e`p5~Ehy*b8Wrz?An!==hHz48%FcMF}Lzv@9ig=T3OA@v) zm<#~z;2mNt5=c6_0vcZR;?FGpO=GWq!Buu@aI=*!J^jFAH|sz_gB*L5Xq`sWn>Tm$ z_Bby~G&+xaF5SPdxfL2BlS@xvomaQ`33`mHB-}a)h)%(;XGcG|#ydq+rI8}E65zBqNs;{N`&OWMs$%3RjE zWOrs+e>$CMUDBRf+Ha=J)S^uP!t)j+x>)sAheN76ayje3CcMIw9mER@y?U@azZY*d z;jEihC(J8RJ2pM#>Cd4{#-VV zGi-UrcWHZD|L*psi^y?wBNcdoXXco#Em zh84BR#0wYVS&sK{UQ$iPR9>lYX#4s2YfO-wpO59q6|A1noG}_<7bi4NuQllHP3=QJ zl4q$HMdUf}|EYHX5S$aX;K6&6XD!1lLI_S+&nMGs{#iBD#$B=qnXI> zEmr?qTbyOGrQ*d!EUV*Wn+G%f)U&>0;o>Fa81#~B5O?~%6Q_1u`nrC3{oB%CeGVOS zKd&>MaH-K(_mBK4E}q`nYjU|wSdVF-fEOlBQ(j7O>byP=YR0-}w7$Pkf2JPbzmS5z zNsTSb=nkr>ja}V1KFh7gcLz!y=hesgJnq3?f1)e#c&rbw3y+O@@XLxVcrL=fv)GKY zrY$1*p!eVKXS8^x@wfcJUzn7S+zgc2f~^6>UpbM(7j^n%LT4VQW0sU(L|m&^&KCGk zn~!PShf^XzpYbl@Jw0qHLP{O~jMs#pN<*f#^luT)^WXzKs^h<1!^bUrD9dMc!|0JZ zDP#R_^f-?XI{9NZr@e5t;S(1bn;>P5d2rH=*78pv2R|1jr{AON*!Z8*bd+E zw++8%S`A4aaX!oBM-3_TGY_l>bP88~Xwr_~E~W5$o5hHie$=`I9OkD0mtiE9AW}2H z`k@6sxDZY|N|%Dek5~A+2>gEh;_6SY5q}(4;-v!-$48X|Xh)r_jqUf?xM6?&<@0Ce VfkE{*+a@plGwau1x^rG0`2YVsoD2W} literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/AzBobbyTables.PS.pdb b/Modules/AzBobbyTables/3.3.1/AzBobbyTables.PS.pdb new file mode 100644 index 0000000000000000000000000000000000000000..cb1c42199263baba17f57a90f07f392f96bb4c02 GIT binary patch literal 15596 zcmaJ|2V4`$_n(9i0@AC1ViYM-La$Xf{jz~ zJiR;1+56Al&ic2PyR-X$vjvvo@!@6m?VInLH*aR%%X&bg!Lvv zDMJt!RY6(<=`Bc~Lh8=ppkNLc6+k)`(yfp-Li!d`#N{GCE(i68bS$LPApHf>q@L1=97->=*bjZi-2jau`A%SG zC$O^<`pL5sS`SnQv=e9_DK|v6B10quasd(n1ptKsiGkvQ1^}&x-c9|PpgNHW+S$zW z&^{3l9RxZGbQp}e2q2u_82Ha{Eu?u9;JZNHBQ$Rc{5ar~ zXxcLT!9!K`==KYHuJbYF}y!qn*iZJVZp-VfzI$4j|U*bWBs@f zF+7%gfd?4=D$QGhz724V`yZBD0skjlC(UJ%KD9 z%Y#@vmIt$VEDvGvSdQm3w*KBM9?Qd6JjUZO!Q{vCzAPTg`$2sfc`xAmv-lS*9^08n z^ETj*2Dmn*`Od)KfNR{pa38T{`Af{=ad}ZJ9@`Vm;;}r2#bbFai^p<2XS4Okvv@2| zVDT7_ZD#UgIqs7TkLAfM9?Mf$JeH@jcq|{l;;}r9#bbFoi^uW|7LVlvp~o}jPX&Gu zkR8ikI4&|g&OZdk1HV|gBn$8tG~$MR7u9?SC~UNYr>rFjRi z=NVk%{-^+XH`+cNFI5mN86L|E+wdCD#>jO+u4VC#z!$N2JU14zcpQ65SUeuPr7Rwg zUHrElh(ksuE?Pm}!L`PH1K-CHfQPo=8)yO$2d#%+E}8+q%zYd`b;$ZrcQ~X@UGff} z#!?!DBo;?49r8X0YJl}L!LKfz6OTbeUUTU??JeP;oi2EVsRP78Uar_Td?4H=u)1~C zhZOsRS|6-|^&}NfaUX%`+6(&{``?1(|JTb3Qam@?ki4@So_FzFYfti_?sy(`0P05a z=iIwP+5-r;0SArrbb{0w$c5zfMZF+(1H$uz3)C!G&jsxJ2)}yB+@Kt4oTz8b)j^MV zf$)1Bn~#tjE6P9nzNwiUi$F7_4@1P;04J;!cJbh?9`@pc_#z%!$%NE2r zu*^td`h{54fwD=4LhWS-cXQpo`-;8e@+VB4_1D@t!#5knr^FBYvhqdNn2ggFVg(^l zvoy9gXVMU1^4>pZ_l|Mx5yg!cRR6+-KQ zqb`jw>3dvf;ry%q{k+}! z9hYijo6cCK5e2GZ;`^4=3Tq$Si2IhjqGG4>)^EplEVa0I_QcKe?vce(r=EJbg^5vi z?NoH+lF3hn1BM3KuWq{h{)PRGS?e~BiuL_eG2rpFKWeAlun~CmJ6mlxuuukLoMlT# zipu?ki!1lMS7$Z)Pd9&bcyn=xSO0?vKRRV}N{%?a*=dQl`MyqxDv6Bth%k~UB$P5j zDJ>1BV+>0QoyVwoJd}?wpCSCPP-Wq>sQ8+1f#)^7(}td3KkQs39zTOd^zqwoZ2I+~L z?pqBY=EW4hWdIT&W1*O#z6{P)7g z^Xp{~?(0Ah)Jr2^P-qBaC5(G53{i<%<}32{5+z4vq|>}dCPYyvuum~aM2suKweYAZ zyGToDpcZD$o~V#l6jT&dR0#WqM1F9-W*t+SwK&NmJNUNf&m-3k2{vUt`Q1`fAl^E@ zY}FYEumflBF!;^eGV0&S-(EdlpPDv$OQz|?9p#>)d#^^V?!L@<;eOXIymlZDaD1#czaLdcN;( zV&D6fwdv$NRZ(a5yxkv>zHr`H!Of-!`DD8+(<@`RL`BiuNR(`K!2KzjQ(>~9=wewz z-!iw$^{MAd?g-SoXPnHuy0Phr!~2wlN8HmRZhh?k_od5o`lPLq+8(c}>scE9a?``c zUv32KdNQv-`83G?xj(OFjK$;Hpf4+joWAa)PFm&p=GN<{2VB!@cg`q^dG2+`Q67;p zPNS4+Rvr6LaD2W|HTubuAOFgO^t?Zu6|-#J+bNB zoG&+D{{8fyzq+puh))<(>~=OxbYko8JDn~1KkmH1=}#LDr)=}M9x|1*sDMyvH9bPd z_3*;8s~0u9dg0mCt5rj{;oN$J_Q=y}3pJr$UTR5+C|9n{E6Og?5NdMipwx<_ssgW6 ziJ~A1Cb%L((FRY*`~oCF0omC;L4JfxLWFn+=Ey>_rBa!9pr0f-n~)F^e_6J#ms^kV z<0o4eQzH%e!pfweP_7`A>{DY)H{@#9)fNUS% zV2RA9+0EAjuXB;dP}!0$+)5-bV&$+1-z6^T`9LL^ftV67gi z5^q8W5jrP-pEh;&oY;l>6s$sW3X|#)Eph3j){fDDp>Nl=#!Dh-eMG{52wn!#di8AtF zfi8oc0S$j$qq`1oeKbC&&IK9FPA(5!6RSqpxUTxLL*2;^U?QS%=Iuw<`&TX2>%hk*4V^(}~xcjui?@n7_ z8j%az2z4o4p2NbJWw^R;sx9`&&Kt&8-+O$u$GZ713N%ucS|QJ-v%SRHVRsd{yi;$% zICav>AwLG4>waVkYv!eME-{9j{VkE`{MLe{oYN6yn_s?MJ|*i;dZ|WB6o|qL3z;<= zwbUq9`W^;tH*NWnR(`xRRj`zB&a>4^rk6wSfum z9|qEy#R@q@N?5573L4O7al>ld#a{Z}CjvIq#FyQfa4+AF+sFV^3I(-6(?EYyN{iHL zP(WiD%l23YuASvLAZ2CeDYkx{^LKTCZCw@D-KQNleJM+sn|)N%?G9&h2Y_UiGKPRH zl3d!Ru#hfEe*9s^(eo0fzutFe_M#53>4k)pT7${jfZZ-wJB+M%4d1Z;vM_T__p)Yi zL7__7>>1dC6sk1Pc~nXo&-9%uyEnZ|Ra7L_9*aVQ?I8+ItlJXO zxPMS_SjU*CVkkZW)@m|x)Y0W0qT9auS;f^A&IkHeI)`1fSuUT`v5t0Ko`G+09cf>0 zGFiOxB){JfU#lNGhT|PMv@uLcFyh-7@cH2X9SycAkDcW3(3$Ajx1m{sQlnBZ;fg8l zv0?1Rp*c-S4c9aez7j*snlm>CwtaNHj!hjkKl`X6eCtNH1-lkDRns}ifQ2`L%?-e) z-ZXv2lj9>JlFI5m%+F3XVVp?@aAuBq7MiSXYOho&Gu1r*!Z(~4!WpusG>GhlA zi@J3LYc4&V+~(6>c2jTLh^o0L@YeKQoh>}Y+h*F`FdI~m1azs zX0q5kM6@(<;hU}_4+W+D(1C(fwF+W6Q)LF|ANF(9V@qNDJf~CJ?hL>ATL(bcFi7(= zz+X&rGuSV6Q#RaDmdC9bW%j;v)v|>hU^Cz`%pkQK`W2}l5dth8+;sIBMV2Re-(X~z4H(uAdhmya9!{)4h37&g0=%a78HW_M;vl=sZ@ zi90{5z4)s(Zut(lW&UD-xtF>XZ>=>KPl_A5uD-7S6&gsj#|y0e4nj}8Qxl{QpG4NK z4SRd|@qtl{c35n-Xk>y*pKFW7&o)_3+ zvkL>BW5>G`W2Q>no|otPH7FspLonqD2GYg%w}F!2iLq@k{3AG&(K?CZ&QxHT36}Sbdys+1z^@N58IYiktiVhQ~{O z$motScs$XP*72ie$DFJ7ABRQNk6D{~sgLAL$MB)@Lac#yE>m<}WN7{X&)$)Bzj3xb z>OFZ)3zjN_$>;LK$f8sJ{*<*7t#~iDyE0CJYPB=#1YN6ouF_R{D>7={;3uI=RZUEg zX$^@~!@7qR9vJW+q3b4JzTg_M#&$c;aNNe#Eq1ZWYuC>h^g-@yt?Kyuq>UC~6Fq)* z59ts+NTQYIHIHltT0P(C)UMsqqK^)uf6O=SH4*I*pn4ptecycuHNGBq=N;WY~D7$1q5v#@?qTy}OF{n*6Sr2ekgo5k63r8;uE%p>OVFA`2m?tx0!`GH|Fsz5k_Lr4l}D;e~xviMrT zjehY<*ZbN%xKp){M#BzkG_{7N^Dor|oknFm^wLjm|E=rNdv56uaE7O&}~7|mim~PcZxWEY*Z>dIfo@3 zv;1Qqi^Tn9ewEvzHfD~RFtT`W92+vAh)|c}htqU5&eBfnGVkrXN4HMJZJsdP(rc%T zS@tE7{=z$QQFxJ7RX~LjdT@ORKZOqJBG(f&!`{{>hA*$bVwUk%5lk0H`B=o7&Bv|U z@d2;Cs|cO)hq*mtD(LJ(FZkQv#?RcZSJjx3aGRaG?QZBiU8@DFy}B%)M#TSo zVzf_&ld*<{Nh3xV5%5BV_5*{kc{J-Fw_#~=Bk%Tf$K=FwEJQj18w7a8LL)BFWeh$0 zK4u5MFn;Yn@)2u$@RqX?Drr7Eo1_63X+U`C@tKx(Y2pa{I!QB6_%0aY^>|Wia5`NewG(Os{Z&2qvEIAts1+j`=KT9p?(vSH zRByXP+j=Ve+}T}U8e-QQKAZQ;&K~9r2A)a5=7p&l)8#gE?!0T-cq3+}_RgVcpXTee z&7BFGEmiY;yM3l=2;Q6-1eAUGq%$dHTIiNNW~<`@XjBUMnv1=gV~px@bn&W7#W&*W z8Y0qH9RFWF4M-z$=-nJ$aVEb}+TDrI?+uLlIrYKH^3t2p?en*rnlID!w<#BAare)P z*}d_>?5l^T7qo}An^68oL*IO!y(dlgQ{qmqM|pplZenI=Jd*G`FpVgUY-!q72DN+W znWb}oc_H4u8Ff4Vp!f6U0$Whj6%~k>MJ5BUF_4ITW~D{XTREv%IE|az$TZee+G3S?0S+sOKo+Hm0~-=AYGe4~}W5+hw~y$VS3cpw%+(Dz+Qq=Ju3u zpED9+I`Yq1%tHgF$abxIjjnH2yq-hav4=6+RJVe^tu z6n(jG)i3(MgsX!3x2hc470pvhxD;<&@uM-diot$bTD>1{v+S>i9!%_cP~5a^X3lZX zcgAh8VueIrz1F1_3wW?gTq%f~k6t2is!OWJ| zPD}dK&D*46S8%gLC)7}2lgm%q$hqfgDWm-e+#+}g{rq|DX+o&`6 zKeY@F@D35fb0T>TyiC9^38}Gsm)0feHvY<5oqdV(58V3a)w*Kuwz|LwrBq%hVcPL8 z8n>&O*rZzI5;5aq-DKpSH_}Z^ z`gPji$R8_aInyZoxI@&YwU~mw<`? z;3I{}0lfU{;q_bBy)n5au3~40=i@~RiMsvvgR!w_`Q^&|DNm!Pr)6!h7;|zi18(yo z;6BswWIH$L9?ec(JoE5Gn?946wMxr-gA{losUSCcwD%dLx!ct*;@RI4E7zZS_bTgI zZM%XpB$|Atk36P}%e>!YJHx#xVakwQ1=n4UF^i6t;wVtN7RZpplXaL;YqRG|yp}$Q zZ+h|9sKepsQod7Yn|;Gf#|)sG9dXV%FQ+9TnG9Z4VRa9T4HFM74viN#22!cTBe8MjO3=Bie|6r zHq$JVn^o-$5-%&Bfxc`#&upu3Zfb$rYQ@M@QTykXtaS^_lB;xlMvuRJ$%$o5>uJ4p zVOva%-=|oANt!3QSmU_k-60lia3uYvn{MO(qwQP$F+R)v+Lze%yakkcMS%%EwdtCkJci8Ca%IME5!IPO%7 zxl;h&05Xej=rA}CYa603KxIpKg04spf9qn&2cHVTf1I)-{8CS3V;}&po1?ufK;?lrhNFMPwmFmka142p|_3} zlsfAUS8s2Cw zg(~0);L8wPxdD7Q*9>ih%jTInY`>cT74 zLmmQw8T2X-(8NXhC>Oqy#!o!m^!h*8Qg0id| z6@a=y`$O%WZK;GBDIT3k&Z8@t_)>N7?M`yR)PM;lk9ymL>GM$l?)5`)Ex^eVFvvEp zbv?mCO9S|=b}sjd;}!mVq>^)#GHWO#w!s(t%S|BGKlM_1CmylP<1h( z>S9erUu(*=uFhnZuJ8dOt{FAXojpm;(}hZ~GZ8O{k_Az+zV_tJzLaAkDb zG4YNrU|o8ez6mO;KW+7`E4*vcjHvD7$*~O2dmS1+2 literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.1.3/AzBobbyTables.psd1 b/Modules/AzBobbyTables/3.3.1/AzBobbyTables.psd1 similarity index 93% rename from Modules/AzBobbyTables/3.1.3/AzBobbyTables.psd1 rename to Modules/AzBobbyTables/3.3.1/AzBobbyTables.psd1 index 5bd7c13ba243..0b1f9cc6a082 100644 --- a/Modules/AzBobbyTables/3.1.3/AzBobbyTables.psd1 +++ b/Modules/AzBobbyTables/3.3.1/AzBobbyTables.psd1 @@ -4,7 +4,7 @@ RootModule = 'AzBobbyTables.PS.dll' # Version number of this module. -ModuleVersion = '3.1.3' +ModuleVersion = '3.3.1' # Supported PSEditions CompatiblePSEditions = @('Core') @@ -67,6 +67,7 @@ FunctionsToExport = @() CmdletsToExport = @( 'Add-AzDataTableEntity' 'Clear-AzDataTable' + 'Get-AzDataTable' 'Get-AzDataTableEntity' 'Remove-AzDataTableEntity' 'Update-AzDataTableEntity' @@ -108,12 +109,11 @@ PrivateData = @{ # IconUri = '' # ReleaseNotes of this module - ReleaseNotes = '## [3.1.3] - 2024-01-20 + ReleaseNotes = '## [3.3.1] - 2024-10-19 ### Added -- Added Sampler ([#48](https://github.com/PalmEmanuel/AzBobbyTables/issues/48)). -- Added support for user-assigned managed identities ([#54](https://github.com/PalmEmanuel/AzBobbyTables/issues/54)). +- Added `-OperationType` parameter to `Add-AzDataTableEntity` and `Update-AzDataTableEntity` to support merge or replace operations [#81](https://github.com/PalmEmanuel/AzBobbyTables/pull/81) ' diff --git a/Modules/AzBobbyTables/3.3.1/CHANGELOG.md b/Modules/AzBobbyTables/3.3.1/CHANGELOG.md new file mode 100644 index 000000000000..8b9681a286b1 --- /dev/null +++ b/Modules/AzBobbyTables/3.3.1/CHANGELOG.md @@ -0,0 +1,62 @@ +# Changelog for the module + +The format is based on and uses the types of changes according to [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Unreleased] + +### Added + +- Added `-OperationType` parameter to `Add-AzDataTableEntity` and `Update-AzDataTableEntity` to support merge or replace operations [#81](https://github.com/PalmEmanuel/AzBobbyTables/pull/81) + +## [3.3.0] - 2024-10-18 + +### Added + +- Added command `Get-AzDataTable` to get the names of tables in a storage account [#77](https://github.com/PalmEmanuel/AzBobbyTables/issues/77) + +### Changed + +- Implemented TableServiceClient to support operations on tables in the storage account. + +## [3.2.1] - 2024-07-09 + +### Fixed + +- Fixed bug where empty lines were written to console. + +## [3.2.0] - 2024-03-21 + +### Added + +- ETag validation for Update- & Remove-AzDataTableEntity ([#58](https://github.com/PalmEmanuel/AzBobbyTables/issues/58)) + +### Fixed + +- Missing examples of Remove-AzDataTableEntity ([#62](https://github.com/PalmEmanuel/AzBobbyTables/issues/62)) + +## [3.1.3] - 2024-01-20 + +### Added + +- Added Sampler ([#48](https://github.com/PalmEmanuel/AzBobbyTables/issues/48)). +- Added support for user-assigned managed identities ([#54](https://github.com/PalmEmanuel/AzBobbyTables/issues/54)). + +## [3.1.2] - 2024-01-05 + +### Added + +- Help documentation for a DateTime problem caused by the SDK (#43). + +## 3.1.1 - 2023-05-03 + +[Unreleased]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.3.0...HEAD + +[3.3.0]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.2.1...v3.3.0 + +[3.2.1]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.2.0...v3.2.1 + +[3.2.0]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.1.3...v3.2.0 + +[3.1.3]: https://github.com/PalmEmanuel/AzBobbyTables/compare/v3.1.2...v3.1.3 + +[3.1.2]: https://github.com/PalmEmanuel/AzBobbyTables/compare/d854153aca6c5cce35a123deb86653a0d3289b07...v3.1.2 diff --git a/Modules/AzBobbyTables/3.1.3/LICENSE b/Modules/AzBobbyTables/3.3.1/LICENSE similarity index 100% rename from Modules/AzBobbyTables/3.1.3/LICENSE rename to Modules/AzBobbyTables/3.3.1/LICENSE diff --git a/Modules/AzBobbyTables/3.1.3/PSGetModuleInfo.xml b/Modules/AzBobbyTables/3.3.1/PSGetModuleInfo.xml similarity index 62% rename from Modules/AzBobbyTables/3.1.3/PSGetModuleInfo.xml rename to Modules/AzBobbyTables/3.3.1/PSGetModuleInfo.xml index 775321568df1..2559d56021b4 100644 --- a/Modules/AzBobbyTables/3.1.3/PSGetModuleInfo.xml +++ b/Modules/AzBobbyTables/3.3.1/PSGetModuleInfo.xml @@ -7,13 +7,13 @@ AzBobbyTables - 3.1.3 + 3.3.1 Module A module for handling Azure Table Storage operations by wrapping the Azure Data Tables SDK. Emanuel Palm PalmEmanuel (c) Emanuel Palm. All rights reserved. -

2024-01-20T16:49:22-05:00
+
2024-10-19T09:03:27-04:00
https://github.com/PalmEmanuel/AzBobbyTables/blob/main/LICENSE @@ -50,11 +50,11 @@ - Function + Workflow - DscResource + Function @@ -64,6 +64,7 @@ Add-AzDataTableEntity Clear-AzDataTable + Get-AzDataTable Get-AzDataTableEntity Remove-AzDataTableEntity Update-AzDataTableEntity @@ -73,6 +74,10 @@ + + DscResource + + Cmdlet @@ -80,6 +85,7 @@ Add-AzDataTableEntity Clear-AzDataTable + Get-AzDataTable Get-AzDataTableEntity Remove-AzDataTableEntity Update-AzDataTableEntity @@ -89,14 +95,10 @@ - - Workflow - - - ## [3.1.3] - 2024-01-20_x000A__x000A_### Added_x000A__x000A_- Added Sampler ([#48](https://github.com/PalmEmanuel/AzBobbyTables/issues/48))._x000A_- Added support for user-assigned managed identities ([#54](https://github.com/PalmEmanuel/AzBobbyTables/issues/54)). + ## [3.3.1] - 2024-10-19_x000A__x000A_### Added_x000A__x000A_- Added `-OperationType` parameter to `Add-AzDataTableEntity` and `Update-AzDataTableEntity` to support merge or replace operations [#81](https://github.com/PalmEmanuel/AzBobbyTables/pull/81) @@ -113,29 +115,29 @@ (c) Emanuel Palm. All rights reserved. A module for handling Azure Table Storage operations by wrapping the Azure Data Tables SDK. False - ## [3.1.3] - 2024-01-20_x000A__x000A_### Added_x000A__x000A_- Added Sampler ([#48](https://github.com/PalmEmanuel/AzBobbyTables/issues/48))._x000A_- Added support for user-assigned managed identities ([#54](https://github.com/PalmEmanuel/AzBobbyTables/issues/54)). + ## [3.3.1] - 2024-10-19_x000A__x000A_### Added_x000A__x000A_- Added `-OperationType` parameter to `Add-AzDataTableEntity` and `Update-AzDataTableEntity` to support merge or replace operations [#81](https://github.com/PalmEmanuel/AzBobbyTables/pull/81) True True - 3242 - 12058 - 1356423 - 1/20/2024 4:49:22 PM -05:00 - 1/20/2024 4:49:22 PM -05:00 - 3/18/2024 2:41:34 PM -04:00 - azure storage table cosmos cosmosdb data PSModule PSEdition_Core PSCmdlet_Add-AzDataTableEntity PSCommand_Add-AzDataTableEntity PSCmdlet_Clear-AzDataTable PSCommand_Clear-AzDataTable PSCmdlet_Get-AzDataTableEntity PSCommand_Get-AzDataTableEntity PSCmdlet_Remove-AzDataTableEntity PSCommand_Remove-AzDataTableEntity PSCmdlet_Update-AzDataTableEntity PSCommand_Update-AzDataTableEntity PSCmdlet_New-AzDataTableContext PSCommand_New-AzDataTableContext PSCmdlet_Remove-AzDataTable PSCommand_Remove-AzDataTable PSCmdlet_New-AzDataTable PSCommand_New-AzDataTable PSIncludes_Cmdlet + 16 + 20865 + 1478233 + 10/19/2024 9:03:27 AM -04:00 + 10/19/2024 9:03:27 AM -04:00 + 10/19/2024 4:20:00 PM -04:00 + azure storage table cosmos cosmosdb data PSModule PSEdition_Core PSCmdlet_Add-AzDataTableEntity PSCommand_Add-AzDataTableEntity PSCmdlet_Clear-AzDataTable PSCommand_Clear-AzDataTable PSCmdlet_Get-AzDataTable PSCommand_Get-AzDataTable PSCmdlet_Get-AzDataTableEntity PSCommand_Get-AzDataTableEntity PSCmdlet_Remove-AzDataTableEntity PSCommand_Remove-AzDataTableEntity PSCmdlet_Update-AzDataTableEntity PSCommand_Update-AzDataTableEntity PSCmdlet_New-AzDataTableContext PSCommand_New-AzDataTableContext PSCmdlet_Remove-AzDataTable PSCommand_Remove-AzDataTable PSCmdlet_New-AzDataTable PSCommand_New-AzDataTable PSIncludes_Cmdlet False - 2024-03-18T14:41:34Z - 3.1.3 + 2024-10-19T16:20:00Z + 3.3.1 Emanuel Palm false Module - AzBobbyTables.nuspec|CHANGELOG.md|dependencies\AzBobbyTables.Core.pdb|dependencies\Microsoft.VisualStudio.Validation.dll|dependencies\System.Memory.Data.dll|dependencies\System.Runtime.CompilerServices.Unsafe.dll|dependencies\System.Numerics.Vectors.dll|dependencies\System.Text.Json.dll|LICENSE|dependencies\AzBobbyTables.Core.dll|dependencies\System.Threading.Tasks.Extensions.dll|dependencies\Microsoft.VisualStudio.Threading.dll|AzBobbyTables.PS.pdb|dependencies\System.Security.AccessControl.dll|dependencies\Microsoft.Win32.Registry.dll|dependencies\System.Text.Encodings.Web.dll|AzBobbyTables.psd1|dependencies\System.Buffers.dll|dependencies\Azure.Data.Tables.dll|dependencies\System.Memory.dll|AzBobbyTables.PS.dll|dependencies\System.Diagnostics.DiagnosticSource.dll|dependencies\Microsoft.Bcl.AsyncInterfaces.dll|dependencies\System.Security.Principal.Windows.dll|en-US\AzBobbyTables.PS.dll-Help.xml|dependencies\System.Linq.Async.dll|dependencies\Azure.Core.dll + AzBobbyTables.nuspec|dependencies\Azure.Data.Tables.dll|dependencies\Microsoft.Bcl.AsyncInterfaces.dll|dependencies\System.Memory.Data.dll|AzBobbyTables.PS.dll|dependencies\System.Text.Encodings.Web.dll|dependencies\Azure.Core.dll|dependencies\AzBobbyTables.Core.dll|LICENSE|dependencies\System.Security.Principal.Windows.dll|dependencies\Microsoft.VisualStudio.Validation.dll|dependencies\System.Runtime.CompilerServices.Unsafe.dll|CHANGELOG.md|dependencies\AzBobbyTables.Core.pdb|dependencies\Microsoft.VisualStudio.Threading.dll|dependencies\System.Text.Json.dll|AzBobbyTables.PS.pdb|dependencies\System.ClientModel.dll|dependencies\System.Linq.Async.dll|dependencies\System.Threading.Tasks.Extensions.dll|AzBobbyTables.psd1|dependencies\Microsoft.Win32.Registry.dll|dependencies\System.Numerics.Vectors.dll|dependencies\System.Buffers.dll|en-US\AzBobbyTables.PS.dll-Help.xml|dependencies\System.Memory.dll|dependencies\System.Diagnostics.DiagnosticSource.dll|dependencies\System.Security.AccessControl.dll eead4f42-5080-4f83-8901-340c529a5a11 7.0 pipe.how - C:\GitHub\CIPP Workspace\CIPP-API\Modules\AzBobbyTables\3.1.3 + C:\GitHub\CIPP Workspace\CIPP-API\Modules\AzBobbyTables\3.3.1 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.dll b/Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.dll new file mode 100644 index 0000000000000000000000000000000000000000..ed1ae67e4b44f8c56de59267c1b6c946a056ca9a GIT binary patch literal 21504 zcmeHv4Rjn=mFBIVuKtr+>X!d4+b!F26t^r({&#Q^%d%|C@xNpzjtO$BRhBw#btzRX z$8xYEVZy{q!c2e|2$NtNn2pcGvt%F)!z7b<2qCa!78Xv1Kw?NB3_e2`vcPUwm}I|u ztE#&tIgXjLd(O@|bkeu(-@EU=`|i8%RaMJdZ~imVh)Boxt+$B2ge!m63cNfRfjBnj z%Q5;w__?|-DO;Ya>*~)s$wAxdv(p2~Ogf*p3dtTbX%FR-*?e;S_Ri#h)oV6YRz~J~ zrgyXxZBaD3#%eq3_x2;2n~W;WM4Q10x!jxkaZTbof-h0E;Hv94GuVImJOv0oe>B>E z7pwCBrK?9W3!eb&Zf9hKXnoNLGrZ3!q6(mI93blQc~^2x7F`$Z5a>;1?V1Ya;R5LW z%!EwF>iG>yK1qn1Y{$-k65mFE82E0%x9qbP)74~~ISY#HE1klZZSBIh?6a0=T^T9p zYK|*D?1oAKdU`3*GJF-`{^4M@+E7UpS@<6Js!qLk8I09W(f<4>OzI1-@%Y+!68@G; zk(2tu+3Fpb5@E++RMn0O2{wkQFPsa8AYhBDP3~KkVpdkT)Qv-0sSV%OpS*KZESX9lL1pa~x341m4 zXH9Y@vo2a0N1#fI3El&xC8V@*d#fYfR6v(4mW1XrwQ-N0Kja6F1G+>K@ zp+Ezg8Aiwo^Cf6S`BHhI#@>hS=FBYbFN_ZT{;s{2YW)6=pg+Vi9@E_p?FZ3Rwf_r` zuVFg6ab~ass_x9>-h&~h7S~FxaY0ZEIT&fAMh`T`J(t39J*K-(#dX)KuF->(3D0e)dJ-^s6_-Y}c}Noe!X0H0r8-!KP^h9rP97x9?n)B&x~8aD>D zD^Nz0cN$TsY(!I)@qxyO{5U`KkUyRfy$;_3W%Fvm--t6GAgWHa>Y3m`SGb90x52Jv zZv<>u0Je1%z@i>kIQ8B&n9KSpbFP2TY5>1RpLy?c;l%X@;fAjjlL1z&t%x}FKoaA5?L}~(hW3@NGp?JW{xp-jg z^ctAn8zu&Wmqan|e((c79y;v-AEhd;Hbj7E33_uf*3?WxZNQ2(ti|Z~7#5XYzi8@$ zV_0JPn+C>eIL#2$kFcZx>5+H#4I#k#McRT? z6?cz?rWn=|*yja%-*}@%n+DCASF-8AChWu=7&jt@eiYfJyB#=7VJoT~Lk%b&#??Fw z6g>=sB@M`m6xNmTrm>PGn8`>3B9pRUF`@=Joeenj`H2p>c~(PP_mA}l)gbPy^87(U zkMjqsy4)WO%y7^({9#E0BINmlqV@Lvymn>&3?n|6VK3&+HSCoi7$khTBbakPFf4Hc zW2kxqYO`?^>qVC+z3Xyb)vM!j0i*Ns&!GJWN^xSpP%eGHu%b$Sq0*K6g_QFH#1c0^ zMZd6wUB9lqoL_sd)UOfvg%uEYu49jkz)_Tjar1`)T<%^A_v_{pOU8u_)x&k~`pdcZ z!3pm9xpnhEDQ4^&w$He;*7FTjX`FA^5XybSYVt$Jl5wHKf_8mty_|1fy#n6?REO$; z9W(B%6W?NiqgZF2bM8vl5~^EcLSRdg!MaUFjXPMe@pkvxfVGoqyfui`*v3vFUn5+h zQkAZJY6FrcWnr#Sc2ie7>!DN=hzGFSVZtIuk#2f89(dDeFSbTksY=KZw8)}=yigI> z8-pM*=E#fTXqDaok0Xt-ATV?p;p0&%iap+EYc3muOGSgc7E;Hs<&{Snb;fWuqHX;M zOL+fH)o{)DxACEiyY(1(qEe1loN^T|@ z^47ANuL;eqpkXVH-n}IrG>)NqmAi^ObxTV92um(i=r+RKm~!szrv_O=elBV>3Lh~} z&qwW8a%?}SqK4BUAz=w0(o)t9pd+c(hP4GqbV^04-p!0)r~w;FYEEwh3UbOzj&0Cc z5Sr6_Q$;A)fOA`F$$vN8IehX$#Aq}OcLx3XqEZXBAL3F+bka4usMhYoSezZOWY5;e zkBX=U=eoof&xlXtHP@VUunnPugGEku3==q>nHQ}WLmfaDm` zxqMNkc(LTUgAtZA;65W|4T3HogWD33E^i5!{gx~l-;&1}(cG3WTHbO|sU=JJjt1qe zaSHBYianP`?%9A+xs9fh4VH+Ficn)5H$-fs6bfVE2FXK{Ev7UIeGX&=QE)xw>3jByC+)**msDigGB2U1urxh=CP9W1H}$vnBl%+w-7 z3rSLlW@)ggxxSz@f>g{1dD_-t7!SIo=>7}w;1I%~RE8Ukuv?J~sh29U(i-Ju%KmC} zAFi0(qQ9I677ju1w=ZZN0fJ@7A*u|QdmJwFct$GaMRvTy^%EkVN`S@Y+^Hz{`MwL0 zU?ZkkHo)Tj0sHIR<<`$X#+Os4EFu0M#22YbSh8{F4op(SkToh3uh}=-8HCqJDGyq;s8BX$h^m)t&RX(=}%V<`*u} zkhbXSeN6Zjm-kAI>fkeqMSQxZ-T_=MFPnyD9Y+i2{bQR=XgBvt+O1IUm)gCf@t)XKz|TX=nwp!IHZN^i4FXRkuv^f>s1)-s)swK9En~d1U}y7vD3y5jhhPjE z;O*|DFQH3J9nIUgy90+`dKPpp40>J8!d5CD71?{^tTW*-pN9UovXm1|0eU08*oz3R z5zfc*m=g2FXHDX^m|Nt8JSXA%bkXH@A$-vVp~&NNGQvERehP)VD-Ci4t_n3(R?(f6 z%pVH9VSGI_6Vx5~>!3kjR0ni}{!(QN zzcGem25r*@^cX!9WjoX24_8L$>Z;M`6nYw(Gw7exXDbX^44nj>QrW__zzsU1G5?bq z_wv0+Lo7lMR*d4%@Xavm1S{F{MT7g@9=Ru&pbb%m%c}1Q&Zgh15lE?eb(KN)$w=48 zh~AAcCg^qa5~2T5%_9v&+5VXrkK%)(^Ihl|bisJGB0>K(_}8%cN$Ag@Z-Qe`yZE+P zbiR#I8>CAwzm0NVuSTDO=Z^;&|B}EbBOTzpP{Hu00{;pY=HlKXUon^NiREFlvSM{r zgr;bt(Fpw+#%R!;V*iCGkMSwQFhcX=%nzY$jHV)noDDcN<0Dy)((7A z5wa(6olB#zaz4hg1l5yPS4~-%W@-Uxklh3Qt*BiqgnCY>xwJ~CFnZZa^XM9(+J%}= zYlM2gQ1x`3P+t-1Dq1U)f}w1stMRy=dzdQJLRya=U# zU>Irr<-nei$Mv59{yfNVj=}KR0K=5v&jVMeE%0-|Ie}lI?eFzp2U=)<;0@qT^!MQZ zF7j4j1+CFFV+zfoAYhsjfIrn{1IBfRy9NI{foJGyaDFU0a}>t+DXjm1;4dgEfTK^q zHMGMp==t!zB7AS~J-}V)@+abls^170)DrxCU`G<6r4LN2L-s0kQ<3U1@T96p^?|yx zNU`igMT)cML6-_W5*UE&vqhN=>I*`RhE7%;HdK1tqyD1mD5$S`RDacRL!;+B>dvaW zK|SwLv!fp}bh;qa$xv1GM?k&m%HZ|KLH*jL=(^xTMu3{@2%r1t7qQPG4mqJtQY>=L z2+@lkb*%btj0!5uWlhMUe`CaHJ?b@6o%%l@u3ht)`T%{o@;PG$J?l|xU~wkZVwYms zCgXWyCOuN5UN&aY8s5?%`=IffF^9feq<(AEQ4Tv4%ZBjQVIGCBZMjrUZ~=YBqxKth z!K>+)*dJK-5c+GPk8=`tjfmbgoRcg&y-{BihGb zs;hN+6fi)C;JHFMSW{4axz+FBn?jqw_ajh_*9Y0o=P?|Gc1znvc%{%2((g0k|3v6Y zFArU7m)9994O3mEg4<87#?t|D&H=2(Q!<9D1-1(85V%v|UV&*qgN6YoQ&#X%fuHc; zHIXE$;)}ugbXJ*LwS*p3*yd@}$yIa$I_-28kU4dg`=IlaKpJpn)exN*{?}bT;8D@J zi@r@aRzFBzSH2!Q1N?FQtXOzdq)(vLE7eJQLE4_Df35m~SbGJqHFgoOv+5UgQK_%~ z4e;ZEfO1j!T@~XqtD*{f5?9!h>A-(ly;7M3ybC%@s%{4V=fOLbT5t@SFZ@PA^@D*VW!2Az_v`PaXCm*_M=4??u`6^`9M^e% z@79N*`KS6$9OkntfwUt!pgJZMGyb}tFL}lKcSuszolPP_Es^@HqRnawZK`WE*1{FPKm17fzxVD<@`Wad8z6x*m+!E z82G5fPL_{Vdcs2`-T6X0wLVR zd>OEoo&-$N(}45o>wpdPkARKzoq$TW(f0s{1>P_4G++W*`DMU!0v{Fln7|hRufly* zPq+zhwZ4SCwT8|E&ZHj!&ZCQfDQXEd(NgLFd>8EjY@-a|4Z`mPY@>bfstq^fPX;=0 ze*IP`BbFAezfAx&X^Qus;XuN8c);QIyNFL*}ah`>>_`c`OE@Z$nc2|O+Q(}I6m;CX>x z5%{ve9}85}1oy78C-Vfhg7adiP4Kkf8No*dKP~XQz?TIocyaw=s7_$3z_h?ofu{wY z7x=P31^0C?hSuVq=lRenffSg_V;5K#m_e_E)(YN=d44gpU+@uurvyGF@J9m4khTKX z3fwPnMBpibPa7Pi9|@ievi^R7rv&~;U@|0pfu{t{q#bmCK1AQ3`N|RHPn7Q}zgMc% zx$1ItlX`>pUaeU_sXwj91I>Z1z%iV^72Fl!CIolPpTf@j_f?+(JYIDcaBlRk0Bfp0 zA5?Kyr9mqs_gY~<6?qaw+bE!lS``MY1l6K!Rvu8!D32-stURFpllsr<3hiUsv)c1o zonFvCum3<_7q}sykMQ1B{^7pa3;%O6a0(|0IUD#a`V{Wznc&|1)(;2Vdq@Rq#Q!`T z;9vLf(}dFJWS|xM=~&*QfxEHa@)?4Ab}gO^Y{s5FR_|mWkNub5Ifu}92;&UlePsyG zK0>&Q3}L4XVReMCZbMkFi>MQKpf}>1AqU@c_@2l2SITX4LUq8uot{*OalI4Q6X1Oi z-+S@R&^qltT<@pz+AzJUeG=bK;rj&Ls{fFFtN$2Z_Jh`3x4OG~X>)fot!c}dX}c@k zlQXaD@p&v=(!$b>W@o+eLuPxv zkS%0QXM=4G6gyiY3fE=2yVqx(!CZQ{Eths2kIODBdnW^;Fu{P!WdqCEKx=QW-+h-= z>ReLs>?SQ@r33smz%HV z=9oEu)MJA#(h05Kj@xqC8HDuh`hnVn$Qxz!x#G3}20 z0c(uF@3>&u+-OVIDe!fdneN@5&kcLDtSO}IlFLTSRd~CgEujrV`ON+$)UnaFh6eEr z7Wn$Cc$l__LHNBaeWzZaAd7HW_p*0Vg@UKL{GC*xaNTNJv(@SyLcyTUVW(gYG<9sJ zHrqt9-?!E3{clWw<<{(13A#3I!Y)j`e zCX$K^mh?4IMOJF3X&=gF%r@!xZFJsF*f}&fXxRm`w`+LNzRS)IwC8(?lc>vL z%rOhyTg^g0UN7g(f>TK6d((C=^?_YB9x_W~BX@!AGEqA-CMd_W3qIB1@Y30C-`Jlm zn4N>H(0XKjx{xj(oLJv#It~^bM|M{_55zUQ)wBg?qb}Z+K4`*WuIFOJ!zYv(p2dmG zOI8E!)K~S2GnIBE*U+J?ZRH0r`+L%MmRCRd3zBh3k5U;R4yIowsDn2a%aKN#(oTOt zFb?Uq^ngi13g%#KBL=ORj5U-m2rFHN<5%m02*a=l+N}H`5Zl3VlL&K6EH6TMhHSH`&9Y6}ksUNQS+_T}9$9Dg^bCs;#}$bdZ7LK7Z!~-SYR2Iy z;_gUI>avG-q;32n!CjHG-prW=liE?)dV5hD3wX8DGXzeXH87aXnYJuOtlctEQE4|P zMv;Q8o}s=zj$w)C7w8hF)p1ZqbHiQPLb+mB8u?V%fFJ*xw_EnXiTWGh%^uTsur4PG zxhUHM65(|2ZM85p2eN%b?o5=7>@p8@rVp5f;a#X&PKob^K#cA(bLqo^mC5~)?66Vq zGKEq@f6(ZUf2v;+_$}CSIzL_S>)2Tb7?vOU>cwooQrH;f74w3OXRFr=$XNG(O^ zu@2n==az)7bf1)rc1AYj0HBza6Gs7rSDCx|QI~sB{CtMzN0S#qmXu02hLd-whYMzUK*G?0?MK2Oi1Z?uJA4|mM!7DKd3Z2uo6hz;bzwSC7xQJ~ zmw|}g37Z7r4_3x*8-!wk%IUVjN-QE<(|N3#-VO;zVc6vtcvmAY>i%T7nq1nNT89dj zo8ENk;z1Km+rAZKw|9ssKhO}@D#@VI&PymBn~)EtJ(kygIAad-eptRml$afPNv&cq zOA=1m4&;noVzt_RD8KnaiQ}gt7E04*2c5VnBul~0GNb(D1p>=Wsx7a1>O7boBu4-` z<4METI50>B{LII*%;yJcLvpcYWCri4rcGVw&_fSob4XR<-m$H_%g8QnBdGnHUf#aJ zR8z)j#gjAFhH{VF&}l1H z?XZ(Ax>_s~=*KzeQ2T8|>D(pyZ(@%j;JTO2=HIS;6IX^j7jmb3zbmSjvd7iUfW>%)ln|gOZQm-z-W*>w-Ud^Min5Dj#>ty6~O6~dLA;~RYL$-}Ih&S8Z3wGLT1+^xx?`cOIP7i1Lc+NU1#FioExc`y?6D*dU>kn^ z*41z3*A0{0!r&@*Ww_!rZrZrI^C7ni?x_obcNYO~1YCxg!N+0Q8GMGHb0TybddD?i zeV27Rqpf+@oZLMS9JYr^PS9^@tsv$QRQuMR;bi zvV-z;2yeV|crVe5r?(b59;a&s$4r(U+h^np)I;LphbcSmWEZ{%} zu8meUQEQvD&V!qQg&Se5K>ak9>-NwIi4A$4`pPZD`@t`uX9vF~Sd9Our3tj(R}<`V zPbS{N-Y%_sLEjGTCRoCmlv^wx+n?_R_sDJ2=+VUUViO}Q^F4LxR$XXw5W4wtT@Afx z*ArcJ={B9ziYH%Xwr6b=-%2qt1rsMjk7%lbEtJCeXxU z%3`vZw$McqI8Qrs-9^_gI;ECwf^m2bL$484XGKpy`Ey*PMV9O>J1WR}!`z@1r z5YEZZ3%lR*VdAo{!y+&5n+pV|{+QIL?7_leyZh)C{GzP~b}jfsRX)ZgB99+9`V-4x z5Dg z78P3D1nSBQ2hHoiPmkJZ8>X`Z-@Vi=)Ox%`*bWZ!sqK1L97GR`WGUM4-7RO=!nj&j1D?ILB) zczO32IpJpz?d<3DH2UEF9Q@afIQT`3YTRO;#7m0^3VRC|_N!Z=dz-|Y{pB3-^*L|S z@Q}+B<|542xqwnl7q~pD9COa?LHsh?@)mO%<(TtYG{2pFW7h}nxp&it!|&hsch6mY zE9pr^328}E0zl$%CS!uG)`Lp?7D!^DYDHCJ)w4;DfP;4|u~=c}Yo(oQ>~| zBy}ax8jFv-TpJ1MiDY7TVrL>5NUBOKrjr8wpaE_=VY-qa=`sEUp~2ix60hshv4rXC z?T%;J0^Tabvv?B}A9=Mhm{j6fAW_jxj69JTxmdydqMZ=c!65n=fW6(bV%*wDDsbsF zydmPgFfcU+)~whpEn2N8vuSeTHb5;R;{_K#*Ne^aeHw_k{S0t7L3MI`NC|O+SU}K3 zQp4~+!NZRUBfd8b#%EP#@W5-QO{-Q_=>mb`jzm10W-Is$Y}VrN?!~AQBfpLBO$4<> z^W?-)P@}A#7`ZFxkrCJKFtgB-uTih7yPzFnYm9_3bKJCs*x0hM#{3p1perpHVZBvj z^_aD0B5UnL*7~um21I`o+`5-t_o6j&pAdpMVq7f;=$JiM#yRaMr~4dPDvM8jczAj36h` z{V+XpT16IP<~=0j4}LT@$4euT%`T1*r0cR|(`c-c2V86)16F2NVmmr5i5OwYPEL#l z;N)+)1v==GOt0YF_NO?+(P8K*zU_F)^B=uoL6T?o7t`0}I=N2vo-W4h}Fo{V?w8|>2t(E>0 ztx7VAu80!qlU|ud>4%J{}+E;L2Xri6bor3OUbhn_pfyVb@471!VXfI|weoMR-ukw||PLx=}<`RpkNLdOn z=Ayjgq#4EUJ!IX-kiUW@hSjK#j+`jr!*Oh2p32AxCNxh!UaMC61WVLuNvS0mCpHJS zu<@#%6^mjV2-<_Zh7fzD3d_q|Dzb27pX40}iF8)#{9TD*cqrL*0({i%b3#i|X2B?A zZi7)=YC-7@h!}&N40Zz`J|V;>#6OSV&uspMahE#fMms&Y&B_;_kKx&ib-SZLkF$da z|L()|rfuzAo!%RuM(?5FwTG58HN!$|Qt=tO_u8DF^u@VJ(r=T5D*knf#3kM&P=!K4 zJnc5q{8x)iwBQdy@E`t^L!rK@sA+kDe7W=F|v5fq>ZB-JnYJtW0~@XXfYmtE%v5$aoPJrB*G=M zn+AJ(sB=^6lI1JNbE?623Im_|tvA-JO;yzV^rpZgFD>dXjbkI@$r4?T`Ttmu%j?D) zt@XLwR%8$jICv9ln({Q?Yw=b+%#06FxwSvy|KCM`|3*gs4r^qrYqErK<3&&8d$2Ww-@L4A5r{+VTSkzPaN*hA}SpF$UXjr6c&u9Shq0K!9%x-RFV) zERI|8tt5Z8i5mVY)BkGgqa3qywkMz6U!8V5kU_g9 z_|A_7^1wPlyEpv3&|MCEB_L--3$Ue#6F>Gb@o1!(Rv>$Of%U*j1{iaeLb?hZer&|w zW#ISVaSA^|_`hqB&=2QMD>9HDpADd&9A++wRW>$@#^;bs{2#%8+z9NKe~*aXz3M;i M5dP@-zdr*12Og8$Q~&?~ literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.pdb b/Modules/AzBobbyTables/3.3.1/dependencies/AzBobbyTables.Core.pdb new file mode 100644 index 0000000000000000000000000000000000000000..00c402d71f90b17d443a5ea3ec20a88575b0d030 GIT binary patch literal 13720 zcmcIrcUV(d(?5wJ1f*953nCy=Lhlwr2)zl21ziov1tKAdDImHk#fl9?#r7&H3W^0A zuE?^w>)LyJZL7Fz+qIY7RoC*(N$!OZaKAsk=ksxL?%XrKnK^Avxrd0fxCk1eA^gt> zC?zt&p}>djt$u-+=v#Qm1sa$l%);;P15IQBKLepi1BBk;yfmd;B*{_W{2_)2G4Q*Q zX($|?W%xOIWNaj)jle&413p45#mX{8EXAa2$uXtNeb*gt>_d~rrdPvjG^+1L0|Su7 zUX22>1Ogc10VM#<0x|`{I&6XHKzcy>Kv)*zz(oY^pe14WO4mMlN&|1~duiKR_3NdJLkYK%kXC zKLLFKvT*HzdINm}M7T1L*p>2#j{bC|qfbCR2Lldh7*G^Y5>N(EHPA0W{oLqC2(%KY z23I$fxSmWK$@DuiJxr!2$n*l4UMJHwH(ZZYzryXJ550ooO@PPkL-9Btw-v?XJVPxW z=l9g&aX#*=lswKi*5a{k6R<$#V|%7rJR5j3;OQWN|Mdkj*Wy!k_@N|^OJEMq1Ar_* zUXR32)!~ICZvgqe@azI)3G#-d{5~Ci9myL*emp!!16hH*2`T?dhrdPg7Lbp9!{Y$U zTLQlgo}GcLfwv;@8Nl0U@qxhGYVmmBV%{3$@%X_$^a9?N#N&L-_tMJm4ZIzhUj+FS zkL&&$AUnwKtCdgjRK7jrJCOOsAdmS0r2f&s_W^#ORzBvPwDS7`??UDefM&$}AmFV4 zi(?YzU4f5+=Sd_#79Yhx`9v zExrnPH!c1P@b16|kn*?>d+6|04*NJiXbh1 z0PrC?e3%xGW64k*ez+Fz0{I*ro~y;<`r~QwSReiurvAm&Y3O_SrK8hYZ!W3dq{D9y zbuOcuT#V}c9?R3!5r9I~!5cjiOM_=kpP?h%DwzBKeS@v^Kr`W2PaP|f+OEb28p4r+ z4)ZJi=LV($`c#PvQLqj86@w|iQnx1O@fh%q+&3u6%p6H=Lj6ooO8GiNA2WAuKX{B9*-+lDo zz+-2;)Io@w<}_qj@Pr9ssemt5cU!vd( zlp?7ly+}qNBAuUuRB{ng@D*G+AtWS95nqh5_zGgAT#S^Wd_tk*=gW{xE|sAixl|=X zQn`?jW9>W;R*DD(!YK8FmU;!K6{qm!N;11BIcpLjP$GrKC9YTmC?wD%N{u?9Oe%tx za$>Ry%pzh6$|H(2+Hp(bf2J1(&->2YGGgw6LX+9m+il)ujTnAR|FU^S8akZ3iN3*p zRJnPezFg?b_V!{Y@zT>s-XjB)Lj?^j zfE+eQp&;_J#6=t>tn{-~N&?$8Z}+z(yd<(Dp(N8`SV-i1mzy@xMVZSJJ+gxDvQHkn zd4#n!^Y@>u*!kQY(~H-ghdwiM;cmkpy{&kEmwtKqxHctq^7ag~E4#})*}uM=w0^)! zm!&PPpQddZedLww{J|mEE9#(}-kIW_zFw+T%z zpKKa_n?I)2vZvU=;j!DI`aKOlUMM?IBK3thv7_op(ofz-;V(WJHViUz{KeJ#nAxR3 zgQGNqe9Jy&`hzCliV>AAwMuVYXLbFk|Ez*~MftNKw|4)BIR1UyQbIO6vGF+6L$8=` z3Y(KMmcMq`?ldLZ)IRK`jaljb)x7ij-?T)eEnPB|^~<3MQK?;~+4U)OVwP%gBucVw z9sC3>npL=2b)~pzSh3r+#*~YNZ7lh|`Da@9oGrNg?0xdmWA14`?)kIikCWFHdDdUp zZA6@Pid}bc+O~rdufnt94}vwfK3FG)86O#ZhY=c6*Wd4S(V>W)C-)vyE$i3%w5Q)} zw>6`Su6&MQ$5?*&6cV(1=#u*%1BnyNUv8|C=NLZuW7oKp7r)9^?7esK%m#Doh7rA+ zwpUc1IWJQldoNp76=`RBu4l-@h!aPO7Td0^c$xmXYIvWt;JD`ZF<)lvF1%xU?o`yQ z8DsaPa?*y^&kVa{{N>pT=ci5gXN2S}Tk-OKdQH)|RrYg?VK92EAlWFwgZPOfu zQh_QTf||lHbef|V4jW#Yu;GQnhF7Pi*5TY7LmhLKN|_?m%S+BLWao&KxvDG`#7cow zq6D36fi&MMg)h$M*JdhEbs~R3k>x0_4V}*4E7c9{k^jYVTgBD5EAnxIVye*fw%*aCMbGlgKAHKR0T0T z5J^=^nM&!ICz1$JWRZlQFM`QST$CV^kub9#Dr3Bop(M z*;08v;z)|PG8KYa#S>Gz&%qEee7xO*eFXfhY~SF3AilScUw{u0z|RT@3J&oP5(N2s z`|$&^e0+oXLZ5a|+ZFgg%s~>BSd6D3#FMBKA(1VT5GXyB!{vFT@)CHQG@b{JSm~Uk zNKR^`_OtHJR3Xh)vLggy2zW&jK`eB0c{X1FkzQlVJmJJ+ zRD)1*$>c%&k%kegT7HgtVbHw31DhdIsQBVErAjE0veR?r1YZcJLL~fEo!%zA>QeZe zy%=P;FsUqbLqK&>PRm!|8GNw_R!w+@)|jU)t~!gCiOc`&;kT~$^Tg%DgynTlr#i-VpxvOHGQ#uRb%v;Fa7R4ndR4}3rr<)L<*(6h_u&l zY4l25+}Aah`-PW`;%a_`OcHt7+#VinqOZv1)c^TUwDqN#wIRG8q?#mMKb7{(I7IC+;0$ zzB@PK;P|EI4p*%+B;_Mi+1Ysd*VNA1+{ABiAw&E5_Q*fZu(>X-xNXL-d4BX}3Lq7WVQ~o6uYmq05vb&H9P~8CD9`rW z1a4d~a76OjUbB1q^~&4Z4Yo7Db>F#xTR#;iFU~ry=-);w?FNt}l|&P;vJ(k(jD_?` z^ka@QiCPjr@72M!h0D6ZrpX8aES5!6384O0r>ZGDjfvC(Z12Nl)Lr} zbNCov>u%95D zpPCqvSlsAgaiP?ds!TPYv+5B4@o!?P>Ld5xJ@TQ>HJMAP7V&c=QiW0^Pqa;nG_(0|AQ-eW6=xFybKceaiH<;QM-uptoSr9*vDjYwfX zHO$`JCMk>EFvdXU`M?Lwm*Rq9?!A%HiVvdr^E{${vKJsambsWAGc1T zw8K)eLn9SjhTdGxeY&lNJNKsu+QUqn939~PC>lP<;K-?&ak+dkfj5OzjZ@%7c8sgh z=F)^+xw)>NgW^NG1#4=8g7oqIaU?%@X3U1ypND@OYyW$<5WFRp;LWD4!H5QLUJ->VgF$quW`!8l&eGe=eviG70Iv$9n%ewp?M=b!y+4gr0skZR=S}BtFb}3IOum{ z%bs~H$s1={GhXa+r78uA)y1vTWT_hI5?8^UNZyjszlT;!4^cs;GbBmIG}K!J~j zZYsTY*)?KA?_CU|X2bh4q+9eTzEY6eKC&rj zO@;H>z54`-2Tv_pbL`Zyl^xJnm_PVRLYStM%3+T}R^(Z-w86f5&J61tiL*{$oOt@l zTx#Bf(k2r5Qh8A#UnV1j*m`ZZONE4 zV`9N~vD%OkDned_cV1*ME|8VhXUUtlkM5j}-8N&qmDe62wd_k&*B9PzvpFiIG+%r1 ze(*i#EIO=*Tu;}Hd()V}S=D&mJpGM0m^7!UW46|8K5gCZ_jvWan&?sXFvlr+);)Q} zvvB>4&HzoN~-?SCA&RfGP%lNXq^3>tKN!cWVTDLwS3*b0vPmh_SkHxjD zS!LK*T(?3?Fb4MgWN|N&(hnJ5)-re8<;bN$?Nw1vhqOK9G*6gP~sB^JW}PI>WRW;ZfVQ^QsWU`HOh6ugfGj|w6G~169^^U z{962+x$8|_d5iw)=H&Rh+S0nap-W_`D%X4USv8l4J8*ikPr9>-LJO0sIqju-7lp8W zwBRtksXD2dad+Opq=buFh%^E=2qGo5b-GO27<=Je^lqjsZsT8~2^$?5tF#ePK^~kv zl2v_$1aOK@m0Q`Ra@QC>am)66Ge-+BipYwA{Ujmhw(m@I!2M%(#+rrnNGw0?TRFz- zaY<)z8fj3o6VieHARql$|7{I#&4i{!fBz@vRQFI#Z@WtRdX{tX!ro6!F||fdmwdm+ z(SpLji4$yIsFG1#ZX2!b?V&BVqsx_TN9O)hp|2~Q0h=vp`+U2rTsj7C&I|*JKmF6A zBzbP=_WkDTV*^N(=HOm?H%B?u=lJqPqAeiQ~qzhcLP9=?ACtXcAmUuj#>mSuDz599LnhjKZq}En= z6#|oxoct7^V2^~4IoVXe{1UI=<4rlsHl&{aW>G|KJ@21kd1lls^Hn99a}=(QD}$~v zFDM5DM>jR>?cEY&%cly^X_1eBU*6-Xcqoes9Fli{~Zr2UqoXSfuavRL7a5 z&f}9pwYdzw^XiLj%+7(I>yF*MK&^2oFTi*8!GiXj_M9|$diWXUE7^vG_49sRWF5){N@tP^nFy^ zqUk^HDX;sP+5vWt?=mufA-y;_cgMZN+pl64ivnb`F0A=?Eu-_P!z2pMD^z{DZ#_J! zb;b==;~Qx;xd~2eM<%;>D ze5%&&kp4RT@w{QP&wz;Cjl1g8N4DB^0m+MGN@^YE%7|JyDzIH7V{rbip2NNn<@BH<0Q-QaxE^tC35XtydJN`!E_SO(vrOO6I z%)io5Y7-XPr4MxA;Jj8SEu`!^zWebhp7WO551V?o=eGF$%jesU|ME|lCRJA}p}BBK zx=fiq@pks-Z>~P!tePm?-qFn4t1x3d*wwp+Zw$){@#%6f!7Cg zwW&s>z(JP|lI>N|xBAxH_?pN0yD}Pt@m-Pd?TuRQQ0C(2>b(Ld%C% zUoMcs9dnIZ5ZZ86SL_*d!% z?tXhj3pP5E{3cDd@gJmr>p#S0y5Ia1Q_HCA={oH>^-&1>2c!d{HWletkHmcInH*mc zy<^>l^J}Q>0STf!Z0{NrY-fflucSOLvUL41(-Zqo_-nhD!dK>!u2JH#uRqKP{HZy4 z*AF`lDj6Hhx`^wRi2}|!JSsl5tRcKukJ)eEgDhiw>x#j0!56Lk4fU9CV^qe}DC+P6qg?6BloM+i!RP7;r|#bM(}oLe0B;5T*8O z9otC-HPvXnVw2yZdXf&}o<&ta`*`m~tM#JQ24FX9qiMBcX|*cwmsVS%Peb(L)xie% zx~E6DG2BO{7txV~$%1>kjLE@pD~*$2tdBw%@LAN30e8v*87#QO$bh?Oo(z^ga$y$f zBY*tUiw<|qrmHXbGA2jBRW^$SkJ>hY84R-mSMXJ1FVA8u0jtLk}AUC zItr(FKBc30J_GKLs`15h7%cZL3K$w6^pKoXkgA6jY|(gcgu@fWWc51;w8P{slk*hVPGN8X)?# zna~i>ba0#BEDc|+?Nur?V4>ni3|1f9L!f<(?Oj6fD2p<>aklws}IE?#M-g|C*C#&sc=y`!o#8o1KFWho%qTQQL-AOqPqU+3w=$f7YcjkvA{eLEr6WW1;SZDe lC9Ggg>aTv!E)kGvh5CJR$zd{mp?+^sYC0U_O-n7J{|ES<^7{Y) literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/Azure.Core.dll b/Modules/AzBobbyTables/3.3.1/dependencies/Azure.Core.dll new file mode 100644 index 0000000000000000000000000000000000000000..fb5b1ba529662de0778267feb07c01ade83e2c39 GIT binary patch literal 415672 zcmdRX378#4)pk#J-@bSH&XPOJy_3l@LtuvDE|X;tLWCr20U}FSgc-yDVUL&&eFqU5fK451VmI+gou2K8*aFMej5JwJ*WFFnF*i&|9{W_JpVk& zJyoYpojP@@>eOC+#EI{;9Lus?{D1jn%en`Uf6L|fm47xPxMSen4(qPg$9B1=b}Hx8b5>biBo`GafD7z{V88$4&-;6X-gRMyOY$Ov*rzETNYT>uxD8r#om4(+=FnR0%%z?#BHnGL{NVDy9wdI|K%=x&Xd4=4Ke}j-}B&>#~0V%RE@AzjK{?z}Lqqs)GGtLb_NLeYf@EVyy zcR)Rsy53H`;*YY~R?3<@(Y7xAg=4h}w&4f)-`wEcnRBjfj<+noxFcMxc)M`ri3BOJcmUqnBk{<5H(WU2Tkn5+l__0#o$QvzQD;m}FIAEF zQR$VvI1rFa5aIx$D?x|@i0%X-j=DrW#Mcw17YXNy4Qt}W*a8DnQD1YE-f5%6*v2T3 zLQ(@{C^IDK0FsP;VGTHwe(Fygb!q!!x&)rU`nb|IV}Q09$8RJk#1NFD-V+D@RXq`b zLw58!0w+2N00~xKuh6U}M1tnz7;y^WB73re6b-6#skoPV9E0jxV&&Ep%pqvF#Uq^% zMC;9+j^%+1ET30gVNZ@QHtKbW?bk0ZO(MBwB`H4Ygs4aw%WYsF@f_En>X!_vd#TvH zz_#X~VIq-S16$wmg!9p^7o33?sTNME>lH_CaP1c`yAI0tu z)`7f|+fj^Sp?E;Jh^aDx%_0)yZn0)TYSf;bV**61UV<0l9UkFQX3gCd4rp;-?sX0Cat? z5UGJy8Y3#MR~&(vK|}D^7FkyvivxhPt8r$A- zaxpLbwB2T?_YJ$m?Us=3Rs_h?@YeOfflGr~jNZ(wp=A>W8yh_n^q|X`1Vouc1a7p6 zSd@PPiPrK*C&w{M&So7&J)GrHR1Y@MvC!Y`5auvn9;~%f{g#J%CBFM(!&|)wT%&_n z3!Di0LS-1Lv<-)Mu##*>*v9BU*1I$92@;u$UCVQN+$shkUT`rb+SC+cy9OFBHH0TI z-?Gz~8nW}4Z$(Vk>6wP-r8^C|L{ghB&Sg85Lqn#@VaFSs1w9D|Bg zGH-{oeVgx~=^5%y`V-a%a|NQ?21P0j_Z{#BTku03 z%)=2amX&4w4Xz|%LrzXp;b{_AAicD?3Ix6vTn*6P<(PK@cDr4!xdx85Qm)H3*AkWL zN;&3TZ~<{0K;?yPeaLzKP%w#eS<6bStame>xA4R;35170Ta z;K{W*!TSNXwdGpN>0GNy?gSrTm=}}*maKaD<(CnTjsO@bKPUJg0;GKQWSK0t=B~Cd zFs0jA2c4UgRjQ@8zokv_Z?W!PqV8GfOIHGkfSgttdx9;^bGDp>(t3hF=0+qCcT+9t z;74q|EMhPC5Pqd-+ZroN2Ew$!IAGLZEnceW!+;#jYRS=yIDkMAD?%LTzFS2 zRwk1q2fp14TO1 z?69L31v=4h1@=b27C5QF200=x`pl{!`-E(RP7O^e=&K^s>O-=)VL`Dw#o!$&bb^KdeXh3Us0`3ha&U6F8~C z1|><|(P!?*kJd?+abE+kFH0OddO)BPeMO)fJt(j@dPv};k{OgFdD2(o`AT|~EJ!_N zx-%QneOUO~(N_gJ(bojJ(bom`M&A%PsbmJF&2;IjrK@$nUwKO1|E9#Tqelcf(YFNl zMvn@d)L;Wmk{5loI;HJ@Rs*lcB#s?DF3^d-Ezpgg5ZD`iN8qHA8EBL|=~JF4f0!+= zIBYv^^+}*v6Qo8=S5?G5!*G9>gcxMfAJ6UuRhxT9;!Rl1wS(_5#*%#X`+%72KSeKQ z`9C0>k`n6@TD~hK}dOM7mD($G`>8Fb|x^28e^~<(z@j2T!mqE4+by4r*Y@o_GzC!$j%R^#(3EDf^nE ztIjF4-)D=@AOj4qo zDWL))CHjyOK`kZ0Ia^Vtg^1$ITwoK@8K7Q7xJt~lVmn1=!&%aqmXGp+cVOKki_t4t z1ebFWM01O&3iH&KZ!hhVY5fSr?{?EUcj7tZ2H>Xv!4}ZB7RK6JGgqCn=tt?I#!+TY z^_~{32gtD0gX0K??Yu+%c*P=Iu7Pssble_wVjk!AqzqE=ife4Q!!^%SnNCD5SZxy~ zmw{;FKY({9eum$niaXp>N|_82?9r&mJI7e30S;0Jn7Erm)0hU@<}d(F0G^fbln;y@ z!Oy|WFAaLZ3vgiY@(TdW1b?aER{+7U@uP#n$`2byU&VOrRkq4wI`%^2?lBNA$sU+{ zSVVMW#N?z5*m;sWtdK>orEcy(w#;vkfbE0_JJ$N(MYuKNPIxR4za>Ic@U#=21&l#! z#gK{Awn4r3$Q@&8QriZV-V1&&3|;dFKsHB73VLCma|z%s(ssbvb1E4-_%AqSv^eE< z2S%W)CHMlyKqX(?=C9~LD{hb9ldb*{+}dm}V<4mFr8AVKnSbb5clT7e{%oaAV$f@E4E?e@!bU7)uC->x|9^qqfrWOn@=4-);y0iI|w^ILIr2 z3lRJkB$)IlGF%HLIagL?x>HUrmE@+3_?3IM`I)kp(TPD($KYpJhkr)v!7SL-_ak3} z%$H=`mW&(Z%CF3G!}Sypvipspf{+{zJLNS_@K=QA7mmA{>9^JL6jxd|uCEeb z#1?$i!8osCgVlm5{Lk`Wb82TAj$I%bB!R47bo$ zvh!`3a!Wkz)>`8Q|3E_OW^MMp{Mz83M0o*fExV@bxhUL(|54z-Ta7=~Q;%m`Y^Z@) zF3g55{hK1x z;n>v{#tp;6k(@31+=AS+#2VbnMAq7?B>$Be_Nt+ZGYrGWT-rTHV{owPwie5c$Ug2d z4=^adl8CffG6tQdtzP7LhK2%CX3kR*)io-p(ILaQcB|kfi;%0nulR0d;oOX zo=ZL0K$wAW^?E^0Xe+<6O&hTuIOG=|P>cCYEoMvr{rTBadpbZ@9-=k6AMx)HaGeDU`L3!Z-!YP*SH7xY3$e z)AUl~;)gyt#_IuW)Vb+~kg>}D5v%U+qB?4#Np)05d8QNkUZOF_Hbe%{vOiq(3rI|+ z{HR2g(GWYn>%+b9^8|`s7c{1GQMrD#9X}i6*c_ZfcQP*Sj3K1)ix)UH3&pRmkhsB* zu`+TC>Y9wNbgYgsA?HI~pp1|`nGf{{bfR8?*who)8x;gjDw!EXMaEd2J~IfH((UHlgEL@zDE_a+e@rA`J9RsJ3E=+t&#=W92w1k6 z#XO+*HnZUtU7p#6 zj#O#5D`n=^zTSr%Fdmcm2cyTaOtnQA0c3T%1 z{Vrb?7`t0b`L0%7Va&F6Wt9^)9erT0Lv6486r5Tcml<1wJrGq z)|H?yNx4+Wd;~wyI#N~V(^;icT4!nlnqdp36f@IFAA%wWy@%E21qA%{QK`1)*EUM* z*##!=*{PlmEX=nLr=%B7nT1Rc`&_<(T0A>^9*hnAwLa|)|E_F12!i4E;#U-?BNa zF<~SQAXrW!hB$x-5`;K_Sf3!o0mOMk0ES6`IDlY57oqQ27*9V6h#?`?Gk?t@!LX&& zgSq-Bii%qT7;Uy>WOY58uC1=KRToD43RmtWld`;qIA(to#MaUU&4hiUXVejUBBsX5 zV{TSs_)b)KX{XoFkt+401zt;M+RM2^g)x|rbj%(h(xRT#wh6nDEZlRDXD}=(#pBs6 z*6w#|d*L|!2gqloIiJ(z5)*~`E`sK>OA(rWcJXE~Y9{F$4eAKyu&}T{{4=%5jy{~z z3KuGfAMZ>z=NdZ_YD3)84D44h*KtbQX2LId{RQ&sHd>E#H+E*~n=U!DBHeSj!J2b- zVj~8v+aJ+B7b_g>bBi3;qrzGv(1T-M1>xc?le`pNwvlHV6-4{)wAGnU<^`_xq+?n0 z5x)ux>G_?~tN3l$PN9j-F0R@ZreI=Zu@4izoq5N0vR__^d5KtB?#fWHb6$N2XgPVQ zp=tR8*gbD?nQWZ!>Q{=MnKn9&)Z*Ww148r<)}jw3>1^S+v8P8&Q9x7V6#^Qp#rJBI zTWeAFYm`g{z8*9QBiUWr8v@h(_{u7;tO8~A$~_NCH&1R5u*IO#WyHni=Px|-&Bq? z#HI6*?k=xH^=eWb=~Q;}f_>pc=AI*t{H6gW^2Qjo1fGh=^$Cwf&@QyB+rHT!{2_)t4K zVssq-#yJU>?*aub%AIV|9ZhUvwzFckvtOAlJL3H@_(P-OUW9cS93Q~{4!HS8+wn!{ zaRF^dy#2}6EgO=K%i)Y3FVR+;ps92@b>f6<4+)x@7PK2+K;@OIZh)ZvK1x4#Kpm|5)#a|lLQkN2cx1(FdI!0Ok5ny zHWD0+^?k8@t zX5Xha-L@`lS#Vpj$LmVt+8SnE|l)AIw3KYHXE%~x|(2L9}w>h^EW*6ThxPPFg z5=Yp!_-?_mp0~Fy`K)+2G{@T9Eri|fVzvlp!`c{0*qvJZK0%^>w{&|sZ^^sFdt6LI z*qvUyMUdylNW$)n^v2GH%OOv9Yp%5tIUC+Vx1aNuJOKK|SZBbFJVr#AQh4StY7E07 z&M#UFDE&rMCRmB^qTL#kcvG*y|}XV;>x19vRYiWZ02K42V-_*CO8uOyW2~-Tzha7ogH?rLyNmzo4P&G2T}1c&w~S#sWSa-rjf16vkUlRf`;x6Hk>ULR1&ESQG>-{x}Ch5V1q z<%APP3ja^$a%L40s_mFnkA^QghA5nfBy@sf>ATjE0}311&fG0mqsE)#fRAb1;I$;e zeh8xk$2WRTX!MLVddBJb?--v*A{-JGS=>Op_v2vN>wvF|1jI>1>?m09dPYy=T1`(a zUne*DPNA=!&Z+dSi1V`so-LRt%&JE|tts;9&5_TTJ~9jg*Yo}fxQO+;evmhw+6`eU zvFS`iwu7_qTb>m@ipFGzdv?ad28p4aa^5ek!eZ^&pv$HQ7A#7o2liRml^!^Ck)Iye zC?^_AZobq~s0@XR5kI}K$}|`bT-hmR{ER`G@z9k&ITICO2*kB7PO@p-Z~?(0-EGs;MWBP*k6Am_3#$x zfq&IEAk87|>CT07ct{5ELG0#;JaJ2h9^<8Ni`~)<#%}49v-K^0cwV9)xI^M5C@`MMnp2xS!Yka9scdT$kr^(&(T3}E#z&a zIkDM~l}M5@RZVAzccKBV9#1s_(hRl!FT+^hh7IOBa(!L15zQ}8hb zw=4L#f=?*;q=GvXd`iKm6?{ek#tdYAr-Hi_d``jV6<~}(5)3~GzM$Y<1z%KfpMozb zxL*OrFpThkg0CoePyyya40~9?R~39s!PgahL%}x*)OMVSI5G&3Ysr zoQI#`Oku1olU7^vJ?D^$ZDUtxHAfF<0?Y!T$U{3(KpI%~!CEyI;%TRQBVzO{CEFHyEeuRO~#C z12DMU>fA!;V^58vyU&o}B4rqy!VJh^Yen*+zmAx8+CX) zarf46Y~kVK#BHnL*xbXHh?~)!$ilWCE`m2)Rm0H`gt#8EKD?raqg4oRChp!E?mfgk zN!$xH9PLH;PvU0uBx%rigv0QLOKUhxjFehP#Ql+lafrhNF=RpCays8jcn#{5x@8K1qY-E6l?i zE~?>Z%fe%bJGX|TVGG|z+>JFHtz7td;-0MGX!6285SJ+=Y0&;lpI9k*2I^sTE!_l;cj}!Mo z4M#g0;>_Cma2|e?AB}Ffg19qlI9lNFZNzP@;b@M-`-%Hm4M*D?cJu>R#*gx&p$-ox zZe0yWs~uiT+-)`7-NZdW+*36i?Roe+;yPv}{Ak?61@ML|YB*Z@a5ZsZ4M(#dzKyt> zYB=@*;eEt?uZH^)aepAro1LV=-XR=>H{7d+V^b88ys|Pry-59ohhaZW7)Ka zqgKDLC&<7F&Z(VaaIF>K16~Oq%wNbaIYdS`FTq>@A@nF&SBp|4So0j5@g@Ej( zzKtldNg|H^O;6B2*WN5}r1~tfYVOAmW)9{{fIa5H2A`uo?b|PhZ2Z%ubEiCxvFF!7 zT-}HaL{EY-5MKwvd;>pv3&jb(N{V0Ohvz9t@etjQ!|eo*z*)wv7I9SHOx1o1sG{9t zeuYy?LS^?f#O|r5#mtdQ5u*#a@50Te>Shi%G+x2nM_wRf!h{r&@VkWEzY>S^%LgN0 zbD(#(-0v1f@^0TqS9lWYjJxG9WEjapwvD!-zzv5JDXb!!4ksds?anGKgHfH+&m_h`O0M3vaJ^nZxjznpbkFbqvlJ#R7ygWq~!Bfd{KMtMwtW2pBxJ|%8l+4x{zo|e z4jf?uqzs9@uw%hH zPrX!^;oMyGG!z)08rc;g`1`{$cRczr(RIXF^b8RWb#Vz2tfV(#coW9B$y0=)?nOE+pY@Xea!*z6qy^+C%0Pq zRbF#p`mQwwTG(UG8+a?^EM&a3)al5fL0ONk!p3k&IB+Wednu^lWz8q27|392u6EAt6j(a{7|H-4fmaE$r948h)s=5heoM#sDj z4xYQU#rO7_4|b$_0uMi;S&k8|P(vz)&(QE`{cx?5?6__hqUVqrj`{wSV2}s4qo2_! zdy-E14X}v+iHPPO_<{R3bib(X-_tGi*a`jucl8QLV*aXuf2$$>u82PYm_Mugw{)|< zg5w|QehELAbi4x$hQbq31%oZ(+*o(sR(Jla?)+!nnHj7_%h#QY>dr&!&NJ)I&2{G$ zb?0?;=goEJ=j+a=>(0N{opX1o$*`pEJhbjyU3XqkcV1d|-d1OyNLq`)-pke1BmAnggAisj|3qOAXpnEia3Dy zd4doJ5HBPMaRBiXBA#~2B}eAX1APm3k@Fzo-=Vwk(0SJSftg$WfmJxULsq>KRSi9N zB+(9#p@*~>srbbeb%Y(T75u-ju?t`y#9q0(-ta#DeRG-l3DRydpiKrW`UNvh+cFn% zX+H~YVSHfVoxMm`C&6D;>A1&~aw zHoSNwHhAG}U}E;rAPJ=GzP?wdKqQk2=xW$H%KhE5`!}(Iiyc4<0Z@0?}Z8Hb4Dt$1}3=bGky#_zH z2Q!z7knlM0THxJsJNv#LfmjsA^8a%pi8z@4Ymoi{NZ;)_+Mc8q&ASk{Qc}+o(5Efe zRDLNAZi?WU_aT{5IxVUC9@4#`mhK?ZJ*bwhBVtq3T5_(WChhXypk+$3{>$Vjh6; z0jo-UA4TpkWYZgf!p+r6DqU$U;h4sG?CF(Ie}%3Z0xjp$)5RX)IRc&-TVamrqX2`S zuoSfn-j8H8Dz^CBBg17hH0G->DAFR83q8k}6AAN|RieZx<-2^8~ zo+ws&LS55ym>=GI%{gVyDU4)GUG@Yy`=vg6f^7W~uFZTH4ySMYBTUWrvTk}}D=-&h zhB7Oap7;peSHqpy;N8Fz_73OH&CO)t<>$9zUx6g~q6-soOA@0XWl)|%zo;|SNQR|K z+?n|(Vx^P~SV0Q3R+@dbrY2Rqfer+*PgLI*$C_YstL!Z+=>FUQ8xg*?KnaL- zkj0vg(5L&xV=gzdOwbk?{i<^`w+r^=iar{>A`5GTU7Pwd`QVOPV7r}>RD`~@5PYf@ z^53O+Bd>qClJlZd7^R!}i7Oo%xvP?~U%)(@htFf%FryT=2WjwrX`U)S_Mr!lt%TGE z#md~xw%!Lmu$^(ctJuAX4O$4>#YQuw0L$E+(8^7kX$!e*qcUrKT0oX@tBGqEcX8(J zv~s$czOkZi;w*Z)mv)QiT~7r>Uzkg*=gw^G1Pv;d?r=xQz^23nRw%F9PGj1#Df>VxVk7IPEcy{73rhwM?!Y4o#6gG7(w>C2_V!xfR$2;N9S>td0M%@ z020c5FJQ@Yt6v0+?!ym7APf+#?zunqFojx1#M6`!iI`+WJV{3Asb@rel97J%W%BMf z4=DJGf(Hra;(mz0xWKq^|1c3NY!0uu%!N}GUn2%m+gK(EW@4~F#nIyg{q!Y4g{GiB z`Z%H`CC-STGsQBjZ^np!(B^Wi&z;gsP~EDV(RFa*l>#l+u+swE;G3X{JjP#RPY~J@ z8ToC+Z}kz%b*4SRNC8$oecnW72*#~gC4^WK@+ip?&tr|A#~VGDbE0re9Ov5zQC@4u zbzFHP>cU*q1-^}ympP;(_gliNDE~&#Z^Q*6#v5%ZIt^?VtZMK$u~dz-%%% z-dH4=QnWW7F%(yr6`L2YvT)?G;VT6_f+b0Y5Vu`!$fo zNliJy6I94H^w!^z{QE#wcE^$s9rlEjiWEaWcoGCoIU8r~zo@%J#aITG^Fqq6LWvZH#`2k2#F7=w=xSshTkgudl z4vFK`f*-|c*|N5G1j-Xb^rwN04srC2l-CG!qC*9`(P08p(Mo~1xOliYdZQHrCpDfa z$y`-@<{2jPlFFQ4$Q~muOO-?A$FPanxau5{DK6xs@>!nf48S|m#66ahBpqZ33V~H@zZd}=qi%PO6Q_`fzL^)|1 zB*i$(HsH~u0_%+4$y?Q+qy0q}c66XXygeq+jSdpn8!Z<&sbr?2x}q=E74P<+3(Xu2 zo_K!`wQ%qo@K&FLCei)o`D{T&-_~;0F3g9EcS{r~N4Baz1>Hs)y>yq2gYfGSKht^& zhCgO4oRzP^XU>DG+ikqWk#pm_FgfeUleKS7@^*~o?Rl2}Q6jq?trF-&M+j8aSfR5+K7;EsI2#kyB<#r8UxBNLs;%0<_V}nJ)P@m=C4fvz&9d6;6 zlzT{rd&tSh6oG2r-f|4f!Ig2_ap3D<$5Kp8-`eqPDbEc|@#4|GY$>hoY}(f+#pJ!I zymwCU0_B78rJ=!fwhN)u>MwxXSiFEkU|RZN7mq*Qh=A~RhRRYMMjPy>e}_E1R`QfZ zeB54^#iZ&l5i26bp5QNz`vkuNYM&2)+$+!WuBsI535;%F_5uanT-uo+qy zMeUZDeeqd-FMk70^1EBP`0bb8=#|&T1U-ULZngAZWcuVkxB6Q+vB8?ZLDEQjh1j8K z#!{pMtd{yESO!V75GNWZXPY;n-n7{mL7EHUDq{3W3_H7(8bvq6%pEj_R} zkS&fk-vD^L=!%k+kI=Na3597lp5HQ9g~tOGA_9h*FTn?ZC3`=>lD#ka1l3>QmV1{t z0(2YaUoe3FGl>{&!+9+NYyqI&>A17U8a+g>DR7+6H30tEgBE5?SN;Q|)2IUy#j9@^ z82p*VycujcFz95E8_giV^SlHT^q2{%0({tiya(_E^#fBwlWsx7!nxFzwwa+vV!Rp7}2^?1#ElddALNQ}7Do zm~UcT-oH_X{NAE%c%VdRoa zIDi;R5aPh4dJNiX?23M#k>;@lEu zhm&B4Kz8BzM7OU~O>YQ$A^a%;#Hym8#A~r71Ac>JUu9a=bQ`XS`ffsG1DCX zv4kKPM8&3!KaE%%H*w$oByG1(vsIia?bD9%tP$Qp#4T`vZiEw7@Ta0T2*lX_Y;p8P zX9%3scxItCX!>+)&%S0G(s(`6=y3DLVH95&#|rf|ZP-kr3UyD(A49-+dn!gAS6U8N z3c;zB>9K40+(Kq_Rt@Fm)8-arwvy>^5%0J{F_l8UP9;N!lL#3*F150C(HCQO093)4 zPYFsZz0}I_ZcL}(-W6|Kt-Pkj7@o0fMmz~BbTF(ib{u|@$ow>5F16@!fc%0i5=2mH zrMKuaL||aCwbXAr*SM)`MluS=v4A%=qa}qO2g@IY@fmJ@!82kvh9RjK8*#vp?4BUR z0fb2q;z(AB*j8P+%P8$jRtdNagb^K{Ry3bN&S63YjWq=ELia3Z%xA3CTFxF+5d~6g zb`%P9B0LU-@^vE|(~xprFR(YlV^8o;D!IW44BBh@xR2-;*M+Nh$JXC!Y@395?ws#F z04+;k#TDW6f+?b2B^Yc}f~JmHiayXapM%_H6uj&66wGhgFJaTgk2Z-6c65108$|*qmCWp^GSX+-C}S=Er!?@qRN~mtTLn7NWdhyka)GJnZ326vw+Nh6a`P(X zOY+TG=*@Yx8ffXSRcXEYlw zMu@KKN;b0c+JBq;w##p~t02|oZSO@pvwOPJiphWtIwZfFFRP$C#IwhXFGB}~XH?Mj z`Q6#B>_y+k+o^rk8A#OR@KfF$@2y}M;&{f{zYECK`Fol`%BhsmrM3| z&*m(Q#&m|3&a~#-Tq@_~(z#6aA==jZeR53XtoK2&`=jo4z|B97eNbbp(@_`W`{WHp z8{kBQkC&Rh2u5-n*J&ucB=Ej^U_*H&pA2u@=GB(z_tb81j=68c~*RImF&FPuw#D~a7twMfmYEq5XtUmZ$eJZ!~w+O1R;(USjB%DuTy(5=J(-b%P)(-QE?Fg;BSJwO{nY=?*eRQYM z(Luiu=T6wc|I64fxm}d6;?$MDnYj?Py_${{_#z5m@MDk$7_rFC!VZ|VN`oGYXTJb2 zYW7s6xVTK>M8kFOQ%t(<{QEOFJ%7J%R&s9b@j3^LuyRDEYy%n zP%jHNWd7AFg^WsaIMAHh6d@`sfp~#_O*2}&K(A~@i}w-R%tqwoQ%&~7At16R4wYZJ zgFGsaBF2LP+{nJP>m>hi>cXa6`fnIuPZw`t_D1Bdhd^-(MdL_98jzQ3tOLtNIy7it znOL z>U?WD2^yj#B4I^+j?@|+rxy`=x3{nkt=mCXDiu5_BsM6t2xNPz#y(a#*VhCmxnrF^ zNNOFbv233Erc25`m<5ieN8PjO&Z`?|FMZRmZk)FCO`o`k))5NI$q3LLj!c16VEjj8esSD(wxxMmj+Vu#o<^WbphH*a<$oz8P=c1CNc=5v=R z1+H04O1V_Vi;v(@812=7xG;A`8Vz+~xUo)j;vuL{au6{Ij43y}{bSMx_ZJ6rN*2(*U{%pbK2a`$8yUYs9o5HpK8VOnI(YNaXf z-l(EwEy5l^G%LJ|42sgOaF7L-=2F5J!}=7@gn89HP$J6GjZPrv zR5V7w_m&BrXdD2iZtU=N$hTw|i>t2%Qu_tZ!b*gN8#Q!qD)5!v~(MLL80*qj)_~uEgz$+-EnPjPww@ z1>5GMK;ZRlTugdNZRskE*&!wjbP!kuQM#`8)jMB(4j|Hb4)fWy`AT#$b$V}RKc zQpaOSoDbpmWpQ`w6wcxBxmdiLwVWJlH@(~KbhS+31)axzyQ|OvE63yzYDKKANOFK( z!Gb?V=jc}@#*vD^ZCFKc)r4+k{T*%(or*hqvE zr7euxqWdm=N&OOWhk_lfbn$xZL)dyp4zmJ$dV#q*+F2!p)ROE|uui1-rn9w`rfGO2eeh;>=F(5$ z9G#w<)x^onK`nb2CF^^=Bltoh_i1M0d$SZyzc-6<${C1{Z8R^~3sopOQ+#OavY!*3 zMdtXVjpAMLqlJ%ww~TA>btgDw*FzY|Q)0p+rcEjO+BnXBBiz7aoPqiB;G3i04WQNI z+>aqic(6AFiUr|957`omOjvDWXF)$Rpzj*3CPtPd=+a6l!H)duQcW!i$B)>N<9DQR zH;>h4!>MR6T>K#9;)gJ7Y&8Z4Qet$i)d+8GHDVL7PAz}o(a3E0X8yb#Kh@VF>Sp#i z8o=Q}_?21!yC)4u%}2nl_|X{bYc+r!UwBR}fISs5quXu$n=piCJ+OI>Uh6@S#UhV> z&&3=3Bu1MHy1c>n0*=g9|42`%#~Z|9Gi${62LB2;-uEgrn!NBC1fTU{M_^4`DtTuE z&NPY=+6%jKwI;BntFoOW!e< z{OfWKoc=oB>mNyZv&2*+nH#CDrS2q$T*y6_SruJlsh8h%g`Gc%V^hmqz|?2j=JgF; z`2Z(Y(P!a1(R$W)AIKtaL+cpI;rA7_ACtZ4gbyrWyf*t9gkui^>73le81GNuXu_;a z(VHWj(LpQ$@5-$37L=1Wh|{wd>D`X4=rXFWM%c!5^(MGgex_fYhA&p@U)w0~z7+UB z(R{_mJN%9X&&fcZQ<~&KyidpR#!*Do{Sa?z9#3tEljPB{E(XsH|ZStfur*UrzC$^W)6g;(FWoQ(FF}bjS~i**`#iqLh#IHb>jqrXD(4UP6~JiCj-Q!Q65=)7YA${g%N}} zfS@FT5C;&HNf6=yf&vLb95?RTl#|WpA+$Nen?puG#EnTrap*V?LqzKWsc&qF_JDsS z4u-ZwZw9Hu1Dp9SD{T&fiVnlE*}T~TB00H<3UM&7i=N|GI3z009v~8)TEbBYoyYAD z-ft4#I7Q*%?Ic6U8(#P*3Eob!;t}) zBSjplHY*?sx)-vqz8ybogRXTT=&?qN`zC`IVJcPsjG#07G~XFmc5=3`HVv=_>!-r$ z`gXVCwPsFfFQr;DXP%71s)BC)khbYT@Y_g!JByw?7G^9&&+vCXv_RLi4=pe$oRVNlTuCwSK^oB{ z(_QU6aSKzp5iK;{yu}<>_nG!WpD-b1a{v+@f?X>k0XsMpnhYO;Qx80R4pBD-hXDx= zD*=Mn;3u07zX=jOGJ-E{iLZWGB_t9ga?#cyZvx5^3`53&vHF@i6E z446?6ouovilYlsB^mu&5QP~v6=P$S6(@3dYYT%?1JbgZ35H&Th$7mnE0jW{>7&=UW zKg=&cmgdx1w$_|ATKPz1lEAWa(6yxp_K4Xe?^1Gq7~)#lcFVzj9eoT<#-)p1;L$c6%v_7}s&A2s8eOE-b~8awbg_a<0E#;yN;MH(KRu_I z2#a;X>IRG{8WU;`<|!gd!-h&KLdru(fe3{SpwJ<|v_l+QZeqS+1dl{%m+{7@Bd=KD zt*trfuyYZ1>10M%X-~^DQ2|;%$T$E)Tz+2wI=X*I;p z7c=o)n^tRHN#$XEI0U>mBTrDvv0xD$habE|61`TS6CE!Q%c=r#=3C&Tk{MWQo*|^q zoQR(y^pvtb51tsm#Ck&C!MCBXQ0u#gV+jysBTK`X(0Bip7^U)q6IZPU7hc|sRxP6KHP7Y<{mSMJ8Z;_$-S zvFhmw!}3q53w^ixEj3-B(Ipp|`2ffS7jVRern zSPP**|6l|C?>bwsjU}OPKxlqpTPpkm!u1kXr`;4dAA!sFOaie->6mkw_u1j~z}mqZ z;i<3Px~i!n_U6n%XhgQS?nIAh<2fBEmNGsq#m)PN5j|Ec>L$lXm?K-4F%R_@*@EUt zgzoNTbswV*AHqZ8_}&q|<#ZpCD38MF;raLd%$MkWA(u+eGO~#NLe9&?&L4NB8x}rw zt=_ecK-zPWHp~i_ByC&QEeFjyBq6JjH4KKSvXUulLGj9^QZz4L;zlF$m9jc8zQHk# zgg53OOd@;{3XmM&o}Q%UnPA$)vKpL{HPp6rX12z1&L?}Bi9@nHdHTL4${xFc2@n)tD@m!+N_4I^v&geu8WIyg>dEE8AwaTi%;##qvPx)21;)nnv?0 zRqsFtiDBmz1gU5XyG!bwYgKP!eR2$*oyLPmJ_c^VHvF(Fm=N*_Qe%mBf;<9LS>7iT zqztqg@G=NB|3d8InX$AYt69N%?nGETi`NV8MYdZ2=l z^ai9ga55JB#Ic_a)cRjvZtG8+Vpn2NncoI408}wpugf(WJk&0t=e0TKC z;2K?xpm=;D?GlS07Lq`J&Jgr^^6pdx$6Unk>T^)uhWDVg%GZSTdMAz~NVq=R=SiXH ztA-jLzapjMGoGQFnnrnUjjQjb&37RC(WQ*5yl}o9ohU|Uw254MnkN2kwfHGFeKZ>8 z6k!rBSfvnYgN-Z(EMYX}trj@Jz&kW>)7?0dKU66UZ~8nO+r0;2gR7Gu7~0GbgP~Qa zxG3yFk=bSwBSJ=wMX^XFe|&%rV^ux{`c5de#Df=@^!nnHr!w_bx|rP32k`#eNYOPc zS`@LsV>koHA68Ac^s|{M6-TO@;pV+5UBj~FUg|qg#+}$I){Zf)gM%K~d&Oo;?B_FS z*|=9c1y#y7|AA8JAM?y}faYhcUPz8M3-b&M^^rWWG{=54)5sHtL}LFGo}JhY-`@L0 z#Aw~Z-%8JU1n9zIe;k9zfKp^din*~A>8Y~Z2U)IES-_dHv^L5joQaiZ;F|IWS`_`+_-6e>wojrkaiPb$(rhze+G0nxrP%$ZV%Kal zAc<73g(!ApTXdCe(v@bL0ZAmfwb-GnwpdqfO}fI3kz92287G zs7&f)dy}43Wl~G0({o3x=Z+>lcXV~+V$4)Mcc!{JxA%UT@^x+@fF=mKJG(j)OdN}7 zEuFY*aE(Pu2lF11-Pap|<`l@=`FOa1RlN+*|UC?v7RuJshk3Fl{6 zPEa|E08Nn~DJNCAV5Tc4s9egat*M+;PRj`zm-f)vR8FdKX(7{=(~P*BW;B)4jIJ5E7&En;I=!yk_TC4WtK1d> z*Of~!aV(;>bYa)Ja776h$E0-Aap|H=d0i<7zn1Ro9ZEOX-089{ z;$WtAt(Gy0>mOt?TntEB2;H@|h~knmZf`1MZ6P}?V-y#Q5AA^i8>)zkmlm}q-97}YtdlbM?Ph5x)y`M!Oy&T?;FPk-}K0D-a2-i zqbT*b;yEr=CmTNw$0i)1J#lQH-8_%eNUV+Q(By;8n z7{k3qb)*Km)PXHQhtD+I1Ir!0*L?aZ#YJ(FXC0p(D}L6t2Rctb6;mWl7!G@&T@jL^ zAZ7>x^I3=A{?IiZ^exFMPvc+@vszF6aaq(_fcXU^@^n%kxCJLd$j{0@(3a$1GTnHvH2y75%Yb--^_|BWqBxM!74wFh)ytq z=mYz_*1JU?!h0(?w=XUuM(e<^EF5*atyoy&;#YSn zk2fCN-cbzsdq-x#HPS^F_I+~hLX2FyQw0#DdPiHa70;EQZUpp>;;Relb4!TM&&zi? zc{FjZBz33r-OwZR*qzOH)35zf%3L3gY>SK_M2>;%asOfp2r(%{7Mkk`dLDYp0hEvmc=f)_9AU@=5!gDc4eiy`!F`a-f8a*r&Ae3gqKSAk$? zGegX4kgTo?IPxu$scDvd7^Vz_O;%(?cU{xU=XyssudF2NS1%&t5#_-n_c&m}qWNM{ zB;o+#J|emo_||*D8~<}Xeur01b$EVhpd(fBU3{*37UZZnJ*D=h)4x9U>h<-QT@jv5 zR~Dqwn6#$NAiU*W(Y!GGHdj-Dtxn4H0gLaV;8A&Cs!u{A#gs1DW8xVWQ4z5qFK48j z9y}f6xEbsKceq|pYc+?ckTETH0pG{EsrM~9ypFVKM<5QwRj;A`QB~A|@dWaO{bTC} z(uX*Bzup`Uwc8UKO5--?uGv&D2LPW--nxjv;%jl6Zco; z{S4Me?be)n3Aw7YBT-nXa1C>C6r3ISS{`+YU4T+YN^^!)`%*_*m30iN(Gu&-x*kbLVpbm}^E!`(bc zc^m{wHE7Lod-!OjVT;CFh<}D@=E|NnPe+@l-Gfg%pa*D>sL7>qIZ z_rERBi5?f|Mo$RrjUE*^sbuWtxW7-I`5>Ze|9mQV&SgDFj=LfE*>IT-{9w~d?o+ELjRT1+OsB`}Pl(8DH_rfm2j+2QK zJ6{HMs)S=&qr=|7G8t(0F3?>vRBY~PwcD-X?u)T&EDtypGa7p>nkR>ncw0vXVLCcZ z#bebG)>3Oc+Dnh)fEwaMWgL9V#;u;QejGAwg-o_uEWCSJ zc$HfqFANLhvIcFN;ky7*@5{uA4QtCtOUZ))I|^2Ey4h+|s>ya80LM@eqa2-$1tego^KEk{?W&oM+ z?TNdQ7>0jehR>@X5Ffk_6?Qa9x}Md(!AHR%CVUC5>en##$!_abRJO6_Oe0M_my)rL zIZ?Yyj>&1aZiWmfh|i!GjlL#!$&S7*(21~(iK^^I-xSyzeO2J3lJVdg?G}9oy>2|# zJsCW2kuqa`f-fL9L$cND>w^)&ljz>jxwUBLHjv)2b8GhkZc?X%K`0epp{7TbsvVu; zMTc9UnvWtaY#n_ST21vF?aUm-iH+Yu9fOZR5WQiq2%Pt)30-y&B6*^`{q})VhxXa@ zKD)z{mgj`?YnS%dLbxv_qc_)lNb0wY-r60s(2STtTI34;AAtYQK98R+C)^)~0R!Bd z5MiIs5#@y^5S12GW&X3=l?UBK1G4{FsBK4N>RGJ$TZp#{^cbvzb?HuR`YaTSnd+g? zf4P7|f?~(3A7qzB~!HUH^=(C*dz}f_d0@&czQ3*I{Kc?MZc}9nu zPDuxLG;U8HQz#-_x+?AG7@lbe?_;>kIpVGi;jInfGm8x=PB|HNfASP`c)>n0bO|pd z+|2S$9&8S;7ZgjE;{->(fw3>!n;az7bN^hByB;;clMh`)Ujnf$SN);~>&~y#oe$C3 z6Wy=i%LGn!EA$dQ05{V~(N4%;oQ|Vh@r_f+BPTkPw;O(~hL9BSIq@1o(n)a`cTj56 zcVRbVWB*AwwtLTTF8dLrIkcG}o4(f^{A@j#AqICnN-8jpw2H*lTWSK+wk?CSw?Qw7 zZF>r_I41jnKqva4z}^TeVZcvnusKm}8hvWhme_eGScuAEUWcH#4wCoB8hHO$c-YZ1 z0-fktfxXew0w*=toTR+ztJzDn!M8W?!n&QviS<7~C&IEWpc~-;0AO!~b!WgyB{Q#A zp7hmtrsQ5fx;uRLg*D+U)&zTkrQsNifa0vIMb6~tg9f<`LDV0tyY=w~xn7WT?Ffsv zBG)eky3ub0rlMa9L}C0&9KF%c1x{)_e*Bl61$`l2i7f>jicB3y*;vY;nq zMJz8>82lVru*WVAvgQon_GHL(}Qt(k!unsI?nB75%7V-k>Bv%Zk zA*tTV%J_)19vxq^uf<8b9M7ZhyEA5(OyF4xSm}+i0LvJ78={vIBnvTu_4LfgYFzR5 z3%LjKiI&78A8$cAN#A})L-}FF5#?q_e-`LOe-h|Me-YRl{ZZhglJVQkEH3)AxHe)g z`z<7h3Gkx?_!c+;%KLFZE&(x=kimouCzS9tHjdBDTap}~vkQfu>Z_5_;*vrftzIr32_wkzVY5NsREcyf}A^Il?s(0Ww`V@X}9t?WN=*-tbseYOvLL1{X zhEx4aEsE$E^E2yHQh&(?%X*&$s9>bW1ke=-Pd?Mb;NVUoCEm>G;+6Rz@?E5nv+yj# z(P`;s#&i8tT{tpa%NV5c1O z0BP2M9*eB8g>oB^)C*Q?tj{*c@)b$Tjvf@~L=OpcqlX2iqOS_=oP>EzIFs$1F6ux!B67 zZbmU~M5A+hs^4KG=#PE+E`WC-ugy{If^-{YYteZEc~^IvOk`XQSCG$-pY2e++3 zq>Hx0l?310^aD`hx#%`=cpo_&!@ilK)W~v2crh6MJ?G0BW zQx!gWyO`yI8`kJeyx~nh0-0UKRLSR=^&WF7Y~@DY93WXajRl=Gw4Mi4zYBlxJ^XBD z6d9j5qF-rOIwr*PikAOhx}8us8adz)2-H7$>pq(zjDN zY8rqXKL=s692_&-B1y8r*~y|dGHb~m$Sc9Tt`BwTi8 z0!aWjp-3+Qq(cG%DoEE0GXy2G6BkfW44~Li(Feu$SRZ}tV!_8=!2T#%yN_aTh>G$5 z{(R59GqbyC@cRAt_1Zb-p7L#{eb4ta3}KAHsU`~_xZTY~=F;L9nrFDlVg?bDE}yPs z7D4)Qor&6xaL@s_`X@}PHm;)x;PM)SxvAzdbGw`9DujareFM*MlbH|hq{}B0l5ps& zjYEC?M;wk{z+{tW;>hARhs+I{*k1WgH8GbONKDuQ>5_$4IFS0%J)3&3tK`-OYpP2e zi#?m}h~Do9s^qEWL#m2&WBQb9-!{MhA#^ZPW=8)j;Kc9KhF1dLE)2a24<&FNQ2prF zq^K;gBkAsg2jmGVY{dxfapo|5F3Ea$BZR;X+yp9K zlq@(SrFMUU@h4gr_%29nU0@u;q3)GhDDi@S^Hz$F_kw$tYMSqsjEANan4Z0KO#J@I z(y9I{#tlMB;D`>UO9S}y{f5}ew(txv(LUDo;(+}d+n zpMqbzvGplDwJohr!v~(g>?xm+-0aLsw=V3tk@{Ah7mrGNA8rTvSt9KUZz2MH!x|6r zE~o2$ma*VrVEgV4-j2{;6Uv682NorZdBK)#R3Y2G=8)H0NO}$?7DUQBN}8tO28UV3tDhn>0`Ld)7So9;M^SNF4BDx{DID^ zq^k>p@Wsfv$`u?lf!j0W7KHZW%#d!KWF$^$!QF`wx7;<+>E?b~s99`urW6--@yoIC7Ln;;HYtU-k-wY` z3{m>7Xh`PIbzCdida5gYsW7~fHSD--hg{jlUxzvUBfL|oe&UDIxPdzr^ehTHReL4X zCww+u>|YU1lZAW=o*8Vt8;Y90Rf)5n$c3J-5e(j%NR`YRzL2T3+IwI+>EIVDE-xAJ*?uZg}3^^sjBDr-G92(*}Rr@b{#G>g6DV<;MBXSe!0&&NtWDxZ^iZ zHaBRVXl|jVg;t%yQu>sCK} zSRjM?Ul5cV*w4(0T~P0X0n_27pJ8og{UZ85V50Yhe+6jt z2tR5Zf5VmTIugD`gqVyqAN^d1jL~6DuejLUpm~wG!%ehZ=@TwGWQ0?B>C4IXc0YU@ zFqegIx8IAXn~tH)kBWl73-fns52&{P1HU~(TS?ddsc`#UR*D|uV_Env07RUk%lqLw zj7rz9$ejOq=$s9sYaA{gB_a3WZhRy1=O9)lla96tGI?avdOq$K$XlVCUaJjJyB^({e_?6QNyv_mnyB%K}uMrw>_m%4Z{% zgiu?Y1?*>?7BD|Pi@x4l8lOdGTK0SD$O>+Vy;}h3@!&koFMF4w3~rFJO_>odO613n zto;ZX)=oMYLB3VJ(JNh_wQ(ibhpCB*T<9h8(_V^@E}e-z)a= zoQ3!R9`+uwR8vAN;LX+?n5u(;toC`laR{Tu$oRQSw$)bvahcydAMq^H&nV69_7c0$t?IKBG9cH->LX0H5?tGhryJU5qs&^UQ5fE9!56i783a zXzA8{Ox~BoYiqtm%X(D8nX;Cp_UgNLsGo@(n}6e*OF#5@SD8ycc;RXNZ7;{bmrvt& z&AZMBpAIjjY7f;@{N9sF$M2=5!vcIY|Lo9PAIl8N{$l)npn`zHAuR%gP$T?y$a3aO z+Z*GkZG%U1`m0gid_>Mj^Dn}QIZOORzeEVyEcantKm0hq^&FjrOs4pS{-P z;5V6ZnS3^yn`$yM;d{7QH+Rw{3$Jr>(wCcBT7A%bLG^)$U0QX9eRip^z3x4JL466u zy3BTM`q47{;r$ZBXZ+eKDs}iAAaDL7CGOj=RHb}jvjISL=^RznkYupFG={Hn^ z>A22T)38;=nKef@qjR}%4|T|IsP2a&1Zb;Lpv%$o;e38vOo8=^Z1_Ktb(ZbDe#6>` zW!lgyFdJuFg}(=iM%LHIpwZon zfi~|w2;bblQ#sO)7821@UdrIS2wx%FSd5ce-5+$P*Jm3`_^|0E@k{YnzdPNh8Q+gJ z<15pTJ!Cqat0x7oy2dTvYRto0>wN<}ZOK>8YWt&uRWf@3GGAUsQ`-}tG=$?RSGFeM zI}TqQ5G|!ulV~qd@C_(nKiE%N6i}cJ{~q3|GaUXE^}R_trP`q0NL^|Ws+SGFs47GG zciVfI-&Fb6zd_it?&!O6qHpng?N0$7M9YA&Ec$j5kg|ZG@T&wc1TQBx-Pp%|L;Ky= ze#iN(OG&eFAZ>3u3r}}#zeA~}*F#H;lBdXb4`=u8;7m7o1twpAoiK~P3i3Dp9tXv` zNBPh=U(i8s@OTLThG0zvp7$+ySO1Cm0F_6-Cga*^lEx;a5eG`nwQG{V0dMo8lwKV7 zP2wV!wp!QDtA}6T0WGS)dlDc>EwI9KmfPgC*JlZ^+G3V z<%m$%)4l12poP7Rz7aRDQv+HYg$-a)OCJP1#_#X}T$fzeu+m|~dH*Exls6NhF6doo zgV}*E{92NvBT!dsVv?DYIQl%{%c{pM=MJj|RUGFAoRJlS_?r04;2vVfNS7CN2H}5R zD;jf0x_(N+RZ!)yn%gc=ER=hK@b?f@e;z{DG2*bPMmmURvpo5c`jKR0-)<&6!aPMD z)^v1oaG*mNypwfXX{Arew{KM&jEf=@(aKruWvowUdG;)m z@Gw_U5@2+bSYA0ZQEt1q!plgNt?!eh9c@u-MQ&B;en1Xp*+~;r)^q}4hjF^HF#HM6 z4|N6`A0D$h$@Eu9V=&9EnpjlXY@GCa61Mca4%rQI<~8~b5!L=;pLJ!+2K%l1h%+fp zC)0`<2QFHPxQe;@DjbX~Zn0V-^dqaye}}^Q%O#8nFpV!>Jf-$VpQZb@um^bGrridv zcDI^e<-FM;Hh$#GngeP4=*igl;jf;bv9Y592sIe@W&DuRMv||(e!M-BwEFSTd(wrj zAD6zdC$xMATCjPJVDV&jRfu6a@g%m-pN>E5RNbKVGW8;p>S%)|e6nb=8rquwXnX%@ z-oGKU@PGM{wyA`2l}fIX$bC$%41eY!;9p6Ac}$mB3XRfFS+bd_V6leWscK4>-Ho(T z#z1Wo2m11~-Ti}+wTQa?Z?HQvjvuNz)!qcNONNFvZzEzTIsiuV=^fmG3#BDz9kAR*s zz{|CM^@vGRx)N(2x)-s?HQlPV+ z^eEi+&CwSko=3!KcB5i&sxBW-_IU!*JLW`pA0ceAye~Z=<^2%cKLB^_tJZ3$QsF;L zqVX#~3u`}3A~=AOIZREfm8iC8#M~9G&8_Z~nOf>S%qAC`2Xnwf5i|wIC&)-33JC$p% zfqYlk91K}xmoClohVnx_OHM8LOAfc|z_nTWM8A}?t3vgfb$BR92GdsTcI73u@BBQk z$P+qtw3e$m}xsizL|m3c+>bPr~VET>%oqpN-_Lbxtu!^j4slg(LACY|&wcJ?p#x zFOvMDx3=76e)X9*5j!o}HYD-N_0HAho0p|CcNLiBUIvv*R;)fcYxIt62<%ZT`&hj= z%Q65q{X9GUKwbtRRhN_!3Oad^)zlOJbfMhQ=Nm}5pJkHCTDf;jB9SHIY_A1t%l^X`YNZp zSyI|*_6DfQsXlQ*rJ|w>Rh>upQVREF`{I=yDg=#6ss7+_RF~fl z=~6hWklZNguEFJi`I4tv)pQBs;GR}W5~MTr;~{Rm77vR-a|CW^)uVE{oAVRi-2TrW zLk~KL*>-NSG0AT}-`t@2f_SXD(T!CuI-GK2mA+bb{6PB*^v8#DWtTS_o(54~`qTgw zxHvz8|8!-db-$bpw}j+es@mJ>GcBbZ2ji|HX-45a)VcZ<{A}XdtpXC7GE!JNntAfw zbcZjH13ft$A|2x26QU9SUUI^{6&B9t7x}5*zMYc)nd-H!*J2T`i&Kx`DDl{Vl#|gt zV(U%5clvVdL`j--w2qSFa>9ndhEF2>wgnu=oE6_aGoE9wF^)JttB)P|ss7;@kRGB- z^tujEmE`cxUf$9VSf7ahC~qlNE&50N7kNwX!0+R~<|Z$v)Y9cpn7p66`oJEbeDgo7 zoc-oK<_66-o11FhYi@Uw)f;p@dY?C$XSj(DM!=-Y7vAV9hQ2~JZsh3;+&zlFkjxr; z!+mrjqNv1DMQuJwpX#41QgRAU<|m&TIlYWf6`D`6N#A@<0MS!O;QE=vp`S4TTh1wj zHI=#p66)IKH$aPREN6{_jpa|n`cyxaw9BRxTORNu}Y0pCNPWN5Yk= z&}2`?qf6>sF-K?UGs*U4@tS;mrSsz!0Zd}Pt{Bd88wfi*!Plgf>CHr4u7l+6QGt&7 zXZI0P#P%1H`BhR^xV%?@IsrsyLY3(PsuS~Ep5@EkIGIp!mMCXGMED?3Vu0d17M$_f z?oyWt1^b2Muzv_g@03)jc$GXo&`3CrcU+!|JRIJzI3^MFPKtBAlfIOowRY_KqW^Ps z&-q&zf_c&E8RljS(RQ_c67+ueM(xx-D?=2Yce@{rM9eUZLgUvyn<^9j)hkbTyZXx3qgM z(5w9n?LK71FkQW7J29D%6-Rop4dmrMOjgonWIhhsa+ajLdREl&I&f%k=Wi#*!A(`9 zBE((0&E9k(X$6JNyAhlHhDxh4Y|KaJLIK;4!xiFNcWR#<$M={-qVtF+^v>G(&{Tga zUsDoVt@M>L~9|S~>d7Pn#PwKV@#JdB3^c&Ci%S++>YLCx_Xw_*TU$omHA z9!lO8pXVKPtT&3Nyf69TMF^NaazZ-Yo+<1b6ixS*lPGRG3RRmpoGLR;cDE&zbz2*I znZRE_4Q}qIg0cF3I`Do24;@b(Bztp~bWC1lh<}Fm9@xGbtES`IiS`?U?4q6Bh!p|v zx4`!sboi-`JGWhcU3)qEvUX>?&v~UK?i_~Z!_}R`VHxm3Bt09F>+5`mwb4BiSiaf8 zcS2JTJ#8+igrr}G~9xDOX!2^{XT zpHlsnl>JcNmbqxb=G7|hb6d@FmC`I()m*7ywr)Ks*=;p*>z3&OYMXz6wnRVvinR;B z`GC2cSvQx>=;m_V!(8^en>*=}hc~e7sT+DBzDQ)d|{zbqGBf@70Pk}p7j;c-B&JjtCrwU6q!sk5eT$F^KQlC39e z%_`$M!EKm$hcL1{;yZRm56b&X_k)`iedT?)T?PVeTN!U2c=Gr0g9X#xH@6S^-V)_v z&&#^$qk8M()q{?p7t}sa8bGzuVEup3TJ}-*_D+f?jsOn!(_EUhV7Z$u6a6!pro-{3xF- zW$8J8LF*b!+4SEZXOMGkT`%11d6yS_girCmC-mPZ{@b-Y>EDt)hkip1VtiG}7A>Z% zu~^@@KY2^Wdpw>UpoW9eINIJO-`X!9YQ3a+pdh(IIlWyd^3Kw4sL`!9#Ucn}4rdO{ zWk0;R?1wkEyZIe+hnp-!YP@sFLlj7jclv6zDL0?RRw&pu-u=|_1WgRNJ^%aOZh_2*!xpr%$!gIvY+Qe7CikR__26`f$35aB~-{O=u z=-5m)6;WR3fAPGQ#+9a4V>J&i5E$(^lc)YHL6Oc*aU$SqOUn6T&=Oj}7<(Pb-Cp6k1ZFt#OVE{EU{`U`W%;#p z49Zm^HwUFh<;^g0n;=u4%7zV7b&b<9_rM*=|ATfoQ9O|dhup&;Au zNrQb3X{aQfVeZYn?M2YbcexxYpXKlvh)2s@S>!hSRffA$T2h8F3lGwffjWH#j_z=i z5L+L*A8?pM#&DA5i3ah2Flh{?EA!IExs%5v;5DsiGZHohZf4N)6vRzx?Nq7o28A8l z5fi8=7u1P)$f{p? ze8uJ|`miY#>iB|iQtfcT=3`t5O__Uk?Z*^wZRL@avUW;_4JD$#3G8;9e@RZRYhnX2 z8R?Twl7m_01arHa>*R);$yYh?dB^e*z8DhodKE5t*(c48w&RJ3HX})%d<<*~*HjQu z4U1x#AC0p82v58R^k8q*vs@dcQVBKvZ^qW5wpke}Z`EFnd?!-Ou*Mq$C!3;Kkix9GG{q1r>XR8K9Ovh&5tmGnNjDjc($c)ru^$SK+>`)#Y8va#q!6Be|}0C z+>LFjBn(XT=POp87sw;Jx_Dijzb?upx|u-iMtYu)$Rw`I;vS(hQrzEgT^wDW=M%?S zycfn9U!;u6r?|ky-5STeSaCevx<&3lu-tb)&-SY$dc`ka=?-tlsl5T|xgBXnpWBa~ z0#-8K4|Y3U0;474JF5WZat6!X;pTw3lP+1f#f|&=is!Y-I&OCd%mtRmZ(>w5mm+q~-dPRy%9V_pyF_{D?HqB7_q^G%W29h9Y@hC+~=N-gXop+b1SHrM=(|o)$upM&o}hA#oW>+8M%tb$}`=%p6EP7Ga(=k<8zA4IZkMNv5}s;briWe_ z-!15nZlNZ1=}A4q9Dj|bV-HUYWx4wU3-@k8tuVMl@ zfjL+g27Um9*9c;X1i*r#g+_1DS08&k`y$lM{9r$~r}n#|x9ri| z2qn_yZQq|R6#FU}KCx@&AL5?-T>S?I^zF*qGmx4i$c2d@=W+4%Ji}T41X-eYkRy@i z59Ua-2gpA+$p0zGh3!DzGl5*>zU-nwj_DSk(K|cfe|rx60`Na;@ZTl)yk#?o@=Fu= z19jtWaA3ft85$UJ)g)V9NR6>-GF%)i4$tN;>*|WQcvj+_O5$<)CK%c?i#-UGL%d>*Xt ziBC-Kg)3FfI-UjYDcXbil;q-1l&T>1?vbvh?I=o~E8@w$w{r8iRQO-22Fv&Y^m3f) z>!=2tmAJIkv!ta(x|KzBk%Tij@V%mU+4Zj6MKk9fG$Jy-qLCS0$7ErHI_It9UrUtT z{Ht!P<^Kr&6*uuae%zIL<9cd$A(=T=WflMeINo6a8GF)o+_#doVPbs5j&P5coHI0T z%oThS7`H;RElYHCmzTq%M8h?${-kX^?CsU-+LPpc4st6}M;K$&7H*R!j?tS>jU=ic8b}J|G3t(W5UI3o zB~`!tW~G(!nuiPn-pp1A&RAI;UC9OE{oc&R5~{JV`|)p(DVu}uv3JKC1gC7zdoi_2H}o653g&{1 zw0q5A&J8wx5Fb;R&4DTSY8Go>54C~Kc%+xFW#Z1KW&*0tYoAVi4cv5xy?<-(x6k)0 zmdh~LqIh@{-{i+eN$TZCA;_V&K{UDx{8^g=5&1D9CqAvz8b)`JI%iWNB0sLwFH>p_ ztvg5^v&jsHfzl>U(SISD!CZN;n2X+z*QQW0ID%|={29Yzj^QyEA98ZCLJ;|hJ%vyM z`)(lYws~Ik0U^wTFdzN55NgIpZgERc3nA^5PaBV8stw`$kf!|qYn#Vp?p@c5Pbx1htU5Yh#a6MqkAZn z0wfpalB@}=>4q~&mTGG?tb-u-lC~7uK`uZk_C_BS^?fc4rz@nA5^6Yq49;F~_Rhgs zURb-A0V0r{mJ_M6;k%1TZA1^EuLFe}WIqLE4zi6Wv#D`W8JihKA8Uy&6KURJ0U4X% z>HRV{(OQsX(Y()sKTft8c{RnD5uiCi3`|qQ?Eq^9&jJ>y3I@?v1mGB09Gq9K7UxCB z%3E}l3>59GUI%A{94~QvkX$4-L4FBA&O?y%W(e|iK-W09p8f)B%hE8>d9LqT`kKW5 zaM#kjUqFteY4}TDoA}T3pYe&r-xut)GKkY0o?5#pWq$SV8>!7h^n1aY8-WmP{0Hc; z^WQ5sUw&?|@n3O(+@5k2Y@`4!g3&X;x5wvQ3M;+1d-?_WJGv*|s>OKi&3!ZgTfT~I{c}cNB(_lH_JFrP!i0VN zdv+~8-1)Wkus31L7=rsfz3To()YNLJ_A9llTJ@MjOOACq=AWOGaFYFmvf%{QH#1!S zC8^}CkiRA&#Qqt-=96ZuSkOw61h=aF_&OJ7%Ag-HRb!W&3o>ajN&X0+;t;hC>aWJv z<=N8ed?2J|Caqqxvw~0w-B}x{|ZBGk`k1VbEJpZR-u2!BGN- zGfV|;8u~Ifbw>dy*Y5{z^BJ1nhcXO`;m;DZV85Q)F$mM`hHb@_!v7(%_31p?{G&WP zB&68zG2m2sY9DK5m!(Z8v^X4F7Hm3tv%jEuu~5gB1tis`=^|wyW8x}d2LPME-R+Mx zFX;df)J{E?3h)ZYAG&s?aAAMeMT)Ce_nT${-_2*L;^0r&| zXli}7&Nea@R(%^zGSL^vVGEa-Qi!nUqI;)@G8N7)x*@;9c0u#y#$B5!c}ov+>ocsm zdutDOe$_Qld!woc%rERB@=W*|!`?QouoWrYg2;7Zu^u|l>s##L9BF!f{fp2wCG(JW zou=xKz+YUbW^y=NCQ{QPJ44$gZ;6g<7kRTLPzWq>>rQY9D%xHv+OCUfGZ)OV#+M>lZmfmWy$H1d)vWLjR?haiNg_ zHpOlub|>X(4l+O;if!O+ySGgj&ZYV*ITmlF#^P;2NUwhPC|udLed|)$mZ&b&*`KTI z8{&grhhX`frMl#Y>WN*jd=`x9+2G9w-hB0&8#SA%^auCa3=9MHqa-EOGaOV0#9@_L zu{^$*7@*1R18a!%zbeahUHA<>q?l=|VRGXwddKi2trvexqc|92?kN%9wLzPzcjq#m;(>5)p zxB0LiC@4Za<%Y)v%~OzY9SJV|q1>=fJYVI~Me~%l`8@bz-Z*OILLe~Ml`Dh&U2#~r zj65fdxF;B(z1!3HiET=6p7epkE?P=XU5>azmuy$O%Wd80W_ghpK)I_*l+8+Z`{jj9 zc4Pyv&+ec+2;T?^rERJ0hWZ@yu+pri-Q!Jh*Ys`7F);9=C==n|hJj(iMK=#kkcTx@Wc@H1*+v=-m9q3;DEx+n!?>u7`ke z?JtpaP%ABCocIqIN!32f6ISjN;Xta=pQ^na8r^rEi=%>YOxbZ4nafK{a?h>3nq)!k zQ%bBo6!m@zViU5LK5+ytre5mL2#KQ)LnN0S2H`?w4Wwj9rODK#(x5Mn5=&)=tNdtV zL5MoeY|dnaDjk@NBp0o59fpfF)$L)Rv3wnt+$ntJud<4rzN?kPR-&OlF#EmB62~v0E!~O31`p7kaxS zv`2TBqrq|S6wU+|9YMZUa!bDom>7eLrrg?2#C-TBgv2GhFG3V;4fS@uTv!Z%lSn4I zZ^E+rPH4$9h$#%!LuKyU{b-wS#@n=(w4(kk5>F`rJ*aUTZlo&9L8esmcI60~3PfkQ zLk^?gOK>HB=>%(Vu~<{j_aPHIJCtTpDcC0bF=~B9Gd12$Pe^M~5?{@*M9+mzMZpnK)*fN;t8&}HuX@jL1sQmA&ZP_wMY?Xo zk8QoRo;PJcWy4L|yM`<+K>rl^*cry}P(FsmT*DZ$&D5p+*_hbd5iqizr&QewtwR~v zE@s^KTOJI*1H+l2q|C+?TQyg&Nsg2@+6bl(iJ=#{x>!Udfc%EadnTNDY{@qP(8hj1+J`t`?)rku zykDIrpX!fmW9US(Rk(M_G^##ChWb{1)Mux>gGuY^m@A{_LG_O7o8EWmB}G!zY=|~E z*8_)DkXBh694n6?{48>%A66w!$HMM%^|u_0v}?N})d`B06xr!$O~vYXV2cfuK}$GE zn_*{($8t-Hjvcj}r^87P1mQSkF*dB_?sbN>QmmiloPJg)=W~^L<*^`h4i6|X)=W!+ z!CqjqzjHX35Q8!Rq>2mMr9?))w+~5eE<(zc;I59j%K3m$+TMe3HNkGIV;g$yPTC*1 z=)_~4J!SiQ$9IFj4RiSW2S_TgBe$o#ef|c6%$bfqEy#@rr87JDQbuAEzAQzHuf^)8 z!FfO@U&=9;FRL#vL>5>qcUey7&f&wEH*;p*+z}r`LFO#Sht?6{x!ZCRZtx3mICB?Ti^8 z8m~R7I&B?8ZD3uZ-C^#?Z*okygjPpxfgYx*yQD{TM1*LZhz;Duluh@vsFZROi&26! z(<+ox?8#aNML$BMz08q1D4Li_Q7#s&C3XF!XkzhXmo&|7f0{F zV=M2{=^bUQjKn5oZ7Eu1eMa2=4(Tjw<=8=4%eK$Pon7&<<}T9BDekLcR^;}Sm%E8` zbssmat}dC~b?%?598^9u$lRdxu;)r^_5kXxsQiiemH^DdOPoyx)z zw`76lY_d4KQx<}=16jO`@;+$SvZy?h!k9UJ%B&$l$lXr;=H=)ijh{Ct-qrD+SsmXt ztdNd+uFp7CQofe5#S>>jji)0!c~Y(&@N_>sP3)SdHSCv|Ti34uuGo^>Q(nBwI<9oP zDA%7Sw2I{xg>{j93KH~ED<=pa6#*Xr^6fHgu zi}_gB$%k_6gpVgbAwFa-6(4eU!bhx+{>t&usgEjShdyd4T70l8#M;M6oqQ#1-1KE&Q#gr8Q$kQW_UxR zL(wPrUatFz96{|#SYWFVr6h&Je-!wS7Jf~kDj=`)a~wE4Lu44W%>6X8=k|2qVoepi zOv*rU@0lTs6K)r!rXd|DjprTUJZo1t1#5S3YRa&iIM3M?PQlt8oKo#~6X%9q;S{V{ zIBVM}&K5e=BiReLQ;z5D0@tq547Jc$*~!K^6AwER!t-~IW@r|g?beiSGfGW7?Vz4q zxN~GF+nu^Q7=JSZ<4)Vd(|3hauyzNhhNZSdcZ&0(UEvh0-NC6LeK&DFb5}S8Yj<#J z*xF5;m+lIuVC@dh{dOPc<-5WuSi6H$!@+LydF8Hf3fAu6G@ZTOjqj{aeb%mU3fAu6 zG&Onma7MerDOkIMQ?t3;YPRKLhkSCZK`c7T{f1U|q_c?!jkRoR-N8OCKNBx@c5K+Pjaz{T9qwRMr zdAayLEA8E?tV-4?1CMs1Gafs@)9+<$1+nwZrgU^O0u1j(gW(n=bZ2S$uipBD$M(wmTD_rBP*8H-i?mh z5j1BnLudL?(zBYs)AX$J&8dJNQ3dR&ol4gDu=}mG{Z0l>xGyAa;rz}RXDXz8yWOQ` zy#Gb#I{0=L!L>52MQ|uRYI{RlK>o%HX<^^SzY`FyF76BoZmRRQbF@Th7VF&gHCe_~D$cl7sl-r?3 z-Ra}-12Dr^ap^&g2ZaY7`ju6{WvE;8!w0G+y)?7nYMRRSXE}f(9s}g zT+J5(tg$+wWBNTOZp2D16@3O#SC{m0C8@=_{lYnY(%SN%k{Ezt$Cuvkwx?dI4gljw z{-G8__W>q4kszK2-M~KOb@J*6REF$>>45vFHLn=tVidM3WAMxqXZGY=F*aq67Tq$? zV3tdyQ^jnI8$lL%=FTJu;0jr*ceD4H7ozwyD&U>{a`|yrr$@ZgE_3^1eeYK9l0VqF zD3jIsl;b)lEA4VFNm?(#quo_6#qBBY!CVXrRlYY!FXI&fTUFx*>|!dFOGLr7StO`_ z2T^d6t9`BqB3@5~`VO~FINw{*I^W}a`}&@DBDh(ZHMZv!=Q%TaZ*g9{YwA3Tl2B=w zTy{Or8L=l$cA?S%EmWSu1m*yxm6m3q^7Kw%G*_tfs7fCY%k>FQ3dbM^I@W%~eQPYYWbzF5PW-0})^KaV@(lJ(Aa+r9MG`E} zVE=?#ZE@Zj3f7yTy>PtAZJJMI+&24EHgKg9-l+pVAC+{|BGRKac2PjN(q(o^=n=xFEZk4`d=+wpH($Ko0>d+!(&5AL7y zzC&q{CGLCNKAbKFGj)W6+0nrq2krg}+G1{77v4wkUT9Z=y6(>UHCwGu7KaD?=u@=B zo~&E>AI=W;6noste~-QN%dY?4Z2LiAP7~*QdG$9pkV=Oy2CK6Iu+IND01T!}9C=6& zWE=>tJ)o&fd>tNXaDRj5!M=gM_SQ0v1iP(dgBd?47C=pJu|>Fpfg~zi&Sr^$g6)~m z6EuSE65d9_fpn>u2_FTrt@MYtN?g4GCGvN|0OQayc5-m9m5hxAcaRV;;TMsSKPx(X zsi1VbPH#4f=+lxaaQ^{t}e;W(>wB!+9q8y6v41+PmIL zndgwIGZl9ubbqD3)VenNsZd+`D&I?27WH-evty0>8#L&ukCU$XRa`1K%-tXJert|h z2ovvAxq9IiKGd~J0BhLE&F#>A-C5fj(w{E%WgO=IRH?7KgNX30uvfjRBe)~6D@>)R ztm{knv5!L=P5QFgzO3zusT__+O`~^|rLMrWj1(;+a4n;{w0j-cR?H8wRuNo9gw_{B z>)PWfG{>87_a;7NE^lS&mz|82R>ox+1F8Pdtzn)Izo)3bcY6TyY1{o!_922r^-)z%^|6O@x?NUg5{D{d zX=QG}%Y|j7B}!#q)vI-a$AIpgJ`FY6Wd+PEZCCvT64ntLEe0w zn`~&Vu`hVFA9BtX$Vuhf*}ls5`3?0G-v`baf>XshotSh|$eZ-~kI%SeQxEr0Y${FS2|By{js z@(CETLq9%vycA;PbOL;yY30;{&pS}*461Z_Ajp?jgkFmJ7IpEPFE6dVPt%7sEnB`q zKh|+LGq%$Q-e-V&mgHyK*Es+^rKV2ceYe&hdsr+I@@9C_aT$b84`3Z++WhAV%iwL6OiogYYV!z1&~3)}7HBzJ)?4h- zTIv){^jcNTW@(O`K+IYD3cL%TM|&eX>Sro^8y$KoybHjUKDw~i;@NT>RgW1{yT~f@ z9Q0O2WEf9{uP5!$xF6T46F2|{nm%@5LXpz%YXT=adHQgea|fpXFIU7$@32(+0&E)LXuKq=*- z>ARFREg;Zl1wC<~O$rFKIYA)~)J#Cx<)Z4l>{rEsa#8eMpsD|)H0{4X4wTNX>~aU^ zxxh8gGzq98t+`QNo1708C!WTKA6KSK_%sTqscK6tay?x(eCnLAT=*ogM!>i^7_Jrro4J?Fb&JFAhpFKCQFRaZC><_P< z8#ph#dQM^-3Csyf}Pn0G$T&g`61Ngt*#Q154H4xrzh0fC!T^WFyrYBwL*cX zFO&%%Pk$)8I-Yr<781q-TU_M37|QrP9*+au;po1hSGw-WxEtEz*(Q>5gkTbf5i{<* z-_CGSm=1eu|H+WV(5!=6W~Y4MsQ__{`ba0At9NT;(otBm*?5?WM)vZ;@A0|L^#vVP zMot&F(XA=+R9AVt&pTIRS#^&%N+WiDQ4csZu4d2xJf{J~N|X)h+f7hG&-gsuQX$Li zJsZABIN0A~y?$?Q?K~=7e6c`pe6c`kg8fzmS~DO}ENhx6DitXJhlPT#)94ncqP!agTRdi{S!~MK-Ui3MF@1QoYWwt>OW7f zyLK=*@c|2T?I3Vt!SKY7EYP)sz>NhX6NNz8T{{TeSTKL$Kns*`2FHqHYcJ(#POP1kd2BnGt9y2WU$~tVl|-jH81O|VnGX0?`0C8M zV0&3dTnZ*a+Dlr=at~cP0f7Fo`v9_`HbVh`iyRUF=RF<(`S4f=AXm&M02VwR0EJN7 zn4qAiSV#c;FEwkoWzc8)*#Xd7>`MT=`tbmm7oOxO=r7Jo07xU+Z3+fL?L>!yVsRh= zPEH#C;{+oI+fj~pcHEVH~@x=oL6=gNj>y#0~oc#4geS_j>Z6zS&Hj( zwp$GsIQRn#LT&S`^c3e87ldj0M592jIgVLRG`O&wL&HWF&JQjuE>wS+%r!AuKkoi7 zXwMR4%~My&TwPA9!{l326fQuw`%*hIxR}bhah9IU{0+x+OIG|Z}-{&mbztoCZ{PW}8zKzeFx%z@&Sl2*yVgADuZ zPSXJCvSX2UxjL033fyOR1~V;*O5A2{JjLV7(?Hi6Uv2>U_@04Z?`C=>Ze$;*;-254 zAyl7}pI+4Sz&3h)8`1oRO}#!!M8=J4me-wB!uHnZExM7k39Jj+up|(Jr5VQKg|!a4 zE^Na()L^acc|fDl4qz4LM1G81**4L#`RFg9+5Ba1(Q9J*g%ce<>3>g1aB9%oA4aB9fjAX-g4sp(od;&NxZ{s{F!6{vGhd5_PJ}#VrcP0JM6~gI^ zRG$WCZTM90>iKqIC~q}K?_dbZPahu-LQhVJx@u=c&5oQ&RMI!@x1a0J)i>^UQqng% zny%a_O{}7J&~!vXlctnA6x8g<$3v5Emy}-BE}LT#lvnHwNWqc)!+@>zA&WX)MA?@^+4wc8XCY|#=|$9d4e`+|hb-vgS1 zn2c({Y2MXK_6{@XN>i`EcGM9y))Do}nNh1dqFyyK>XeSCSI>;PvLos>GoqG^Mp-D> zd;t4Ewxvf<7wS2_!*^1|ap0%|dldLC0;k?UesmAFCQ-Wu$l+%Y1206z%M@m*4?jg1 z!c&cQ@!VU%9(8*!qiG%j{v!!65Au;tcs}m4C~G^FzbxtnbG-{1qCR}?+c&uNM=>qW z4Sg&L&HF|QM*aTG$m*W7+4G}*ptNlD=Yi|l!u1L0B)yPrJ_uRZ3m^xYP{zdnJmH>F zOo*wZypaVGo@%HRxM=Hd!Y2{<(EzCo%j!&eB$5d1QMKkh@X5l>o5U_`>r<|Mb0f+% zU!+!S(NBFL$awSR?MkuAHxYzi0nYe6oP-pPU|F@Wy!Ns~*~~LVo!iuWn_$-m!Q6bS zav{T%w*bCawkxK1I8q71A>xwHX8+zB_zf|+ z-!;M?1P`>(zB0d*Tgk#G) zFVb9A?OFZ+dSTK>wd7LwB#=9U+KW}0-wO|ZL!u1)ZRzg`;wTWK`2wr@sr5bmZGH=B zs(U=}vjk-AHEL!<;Q~@l-Am-il#*teu^1ve*CSAUedya)fUk(Y^t7+|)rd%62oyyh21E@6b`zbPp zlqG}I*?mNe-UJh$7i+C)LFtMxB$U<8z}|)oq6gVrsjF2=EPlBii`{{HtdfAdJ(?Rt z(rleRvl1b>9>2EBtr)V+qm)-4z~K z=8>)~YM{Rq2sN$$ljmH2baVzRmm5xs2`Argldr+^PkN=s9_I`qCWrX{!tWON#5yY~ zyTgYC`J?{W3@UBicqXZKkZ4!*{x+faH;&$gJD|5Wq4yna&KLKku*d~Gz}D@U|3eI{ zJN&(TH~LF@=6AB+Ceq1)1pPZr@O^)NBIex`&Yy(%qyFN@C!AIdnpv2Cjrj@xBF_c> zlH3lY)7O?x3)CFxJQ_pm4*w<}%oldbJPGFQG{GzVCHd_q=q&nY`-^5!-5Ezk97ssN zuU)Wvwc63wX(G1aH)X%wRx`tYiGHvTE$A%WR_$}e?234mzhs!pE5mWM8a_&`4{j<= z%61rh&!V4hz4sk-%T!_*P$$jH$ieX&1OLbw&Nh z@IPgJlE!Pc6nWP{mtU_yYV&jSRXn_oH`YC>bY!va@p;9inqQF9P{L>h>GEX`28R3L z>)|3|IMszVD{-p7bi04K%400v{p)hAA~L=kXRWvJ>|}3_yEp1NlF>MNQ9d0s&!B7d z)7#QzDP^n4mI_mnEi`K!JsekmXzRl3H$-8TD~Ci}5FJ2RP&*I?q66{P`d85>UxrjF zy*}&q;v+nWi18Z3E$;AYW&j4my@wc0DDtk&r$L2jh^OM&mJUVC8lsj>DF(BfNV;qD z=`)k<+fJsKIGO2dr$X~{;d3;(Wf;^4JEZp=^y2zK%bA-!IdDV;#vW-CKFd%kzhq}|?7&rH%UFCXYP^cAfnob9K@?&ev1`b!>*$=dpTQQRWZNUw6! zmu0Guse0e^XnJ_{pbM(-#-&Bs=J^(rHP-_ z{*rC3j!dd>+24? zU&_x5t}ZU6oyyNr$lA`-%XgVvJgFg1ws;y|m98T;w%A!WU@UTlCCfxznQ^Y3R%3TK zw##W8C06Ut7C~B*N$EVl*EAdvf%){BcY@S!T+K&qq0iuylb9OU=zE2}^L*E9d=}W) zrerQMoR{*_*EY!8tSd0$OQzou9?uzG49T2N*vPk9WGTE(KD~1G9C=b~ zIeadj>JipRMHi=6n%B#n+{Ety>cGc=yY)pzt0L%mCgpA$E+-9C`G7QuLq8&7a(=^6 z(&VGQnV+8NeQ5U7dP6egNFQ?a8Y*^(JdbqKd+sbzCY&OT(`$GF&HK~ey?s|070P<+U!t$EjnP&^iobaAVvc^)HJ#bCLkhgohZO$EucQF3^7I*gL!n4P&bDE;VL2%%3qWoMNMU-uXrQMW5V^)XOw!^HT!R$ZeOg_S|m<5?Jt5BGg)4{B=bTFG1R|dxNv!klb zY&$q%HsSTAm$rBn))~Cs-zwLC5(PioaNzXcS#^26$@iE;I~9h?ncL+JMFvCszLT`oSU$2S_Ul(Kk5_Tsf&k6|t!*JFr{nYDUs z%&H!5hgm^`+1G-}pQQd8vjkc_Rw&HM>0nk_I+(S3Y+x)u^|;M!J2+u>JM~ytXYfj{ zxLjFj5wHJ)nN@_DS{RoKg-badTq?_Uxinal0y2Zk zc5uRFd#q``xW%XP#eCNM@IORQck>=OLGw*=Qq4Ex*xFF+Cf`b>w_@&9vY`1EeQG-U zRy<5+-zFz$zFonjlF^w|@6f0A>quWmKVc55pu8rpBL}6h#4oZ5WjZ~w!k;dB(|vyU zpCsT^_B-W_YmL_~q4IHtA^t4mh_VD-z6Ic8r5%b~KE7dn245&BYoniqE7hfhbkOlL^J$Ab?# zzMq{iWB@c3HkvgR=24iK6-S>UjZTYX<{~P`7r2Q8cO>X@%LPb8CBB@oaC}cn%{EIle6;JPAwC>=ic0pATz& z!_I!9JHh`>{+r3q0}I;vZ11{qC%9L814bOq{JfEwP$i3JjM)58fta^%C#EpeOUy^M z6Vp4yIYO`Y`Oc_Jcq#-AriKQ)iQ3u`bv~Fx$LQ)a@V!K}L-UoF%9G{|QTG_L@uvqO zD?`QZYNq~QNLP7-su%UGAscrSTXtA7=8E;3gFI>C!|axrKk=J>9D_om6M zCIf|H_$=?6&b(mOkBU(LAINbD*7^-4luP%HR=SB+*iA4uVbpZ=9rig%{m{@+;gITfI0KDrgdi;-GKT zG7b8jRB2^qq_9;=SEkg=5|C+h+izNtnTDL(FZUaVkt_Nl1y_o`#IIdn@@08sRQU>? z>R~qf7ZMp&o-B9r5PoG;K@}`dKhtk0R2CJv+lG%!+Ke&*=4*iI&E%S*E2eIn-_pVi zvOz>Y`8r8m`)LPf!v_d$x1T=mT_0<;A5jv754r@B3w@Kf#pH50QOM;eoSyU=7I86C z9mz++{9!!x;?+L87dCziH#>jrJA5Z8G-vu7%_)3TKjV~g9kY6VQ>Gz_mR7DvWWCts zaN*96jKy!rfs_1piXcgVGF z161tUz^HHrQyGW4m|Ab8R7_P@p1hC!cjb|wzK16^ z|B4;S`y9EGr|>IzGsP@#z18ZFA|!IT+lG%xIxFP^()WSH*|TxoW#XvpASb*A{DtY2 z>C%3zD~Si`%f`F(<%it7(kL*@6x0uZ=X$hua5j91&~fjG1EjApHu2v}d0=Xpv96&u z!+tZ}H`3W=#8VJ%H4vsJtp~^*R+j6Dq6p5#p)9XUj~x7Q@={z+CB&aRpWki6rxTKC zaM&k>vDE~wSo)juaH7aWJPmXc@ek#ZV19%r7O}8M#23h&+`z9y%)Gh0^#P%4C_*BZ zyKVURM8wJmq@Mt(cY;tZdF#NRvln~z8>?M>CS9<_%&s`twMD8+x!#z{vCrVMR4TnR zT-v`_yN}E{*H>Fz%ayo$>mZc>!A!2m)iEw_F}-1Ag9S%yO~`90PqNX8vhZ4o#6H98 z@Mgjn@JoGu*vQhyY_guPFtw_;6Jg$D^>sIdnX_l%*1U^l#h7y5y`-WpV~G(J)lhU4 zzALk0F8nDaF}-xhNwVS3NHN~ohwH550RPLNE$+ir0fO-7N-5nWzt+^R8I*aa#`roNYF*)zvIXNo1 zose_FZjv)p*qWChVx+el(qD^p-kA!2BafzyzjZPgZ6VDxnJOeQVCw%h$>3Y?<2Mw+ zBEzKIZNn!fZO>$o34aG9M#T|p{4WMw#PgSFhJWi0EWCaPAua+nfNc z963h)dnj`qrODNTv*8~Iol*Y^)U5^l&xhH#{;47a;UAS!^)KyRPW(%){ymc@O7v2k zxIcWo)w{jmsFEoawpK}+k#PVm0(}rR+3J&uc>9xa=rXctTU0XSs7!3gQJHiMIl{vI zea)-nPF}+A0A+&Jue_B$h%!-x%0zC*kfVG+(vVZ_sl97C^M)=h*g8_84PZuZj!AkR zUv?+hoAIn+TLF8e(NCGoB3eH zYtaOZWx>Dw@F>ELqHzuWr5+X?D~RT`eEOv;nj3LB zi1`eL_Cu_0)fCZCbjdlI)(KFDa;k}pbW@o@Y~Ju>o74$2W{~UTOh)|541%Iv-uiR{ ztq96NPKR!)T)@%9p~vn#?4*0LPHcFs%7WEw`@mK~6BOMWGFR-kw07iK=!Na5Eq|t) zc6a93fDP+Po4I1W@yZk0d_4gMRn>OP;FQ(0T{D;|9l8iraC!ulZ@?8wOpDe2hgir? zsiqhvHUfxN6D8M4{22*NFW7Eu_!r{F6aDW%h+)6D_cs1V@F#yVV1JabPxHSNf85`x zq`2ly5Y*oVo;v=QSzUS#QP{~&_Z!#atDt{x5=D&$ztL?pj8gOn`Anhv8y;1RM{#4j zn6k6(Fezv9x%_J3=o?gs>F4+jg|hA-XWQ^ol5s^@0P=T$6v|8I;EVntbQ;J1sT5h6 z&1~_-P#F$7qjull4$io~-_2z*-W%T1n)8dWj{ZL7y&L{tZu~cig8x%_%^4qWIrBT> zH*UZQ|J&Gq3^K&^zeEnzcpGlay)x4rZj>{*nO`-BZ;E@?_7zH7kb?%DaIY)?@w#aX zaAsA(z*v6jKo>D?RBH!kLZ48|F5&I^sTOZS8-#(2mp$Xo$*-rt)qD}z*xf1b zt@0LA+4@byFY_BW3*r|1%@-@C;eKy1{|osIKSW$yt#SjoP}Rz`7pqrpOO8nQi`nKD zxs%W5cOdJBRNL~_4;k5tkP$p3+^6He#`|)GroD`!@WJmytFb6I%nuPY0-WCmqs2uLCqx>=mHiVlROD z!owILs@&t*S3+aaIkR;0HfZAFJ^M8Y{}TyEkMT1jl=TQZHKcgBw~;=!g4!?Un`5E8-DwX{mG-# zOP0QV{z#OC{6Vhwz5Vj}E3#a3^FHWc-@O7u-Q01g*k2qRSzqk8Icjlm=IoL3 zHBN_$!%;waJ^q53zjKCAX?Bw#Xs71o*MzcP)Sr*Hd4~$xD#;oQG_6|Wf+cyg+n_Y4 zHAi_0DV~On42*;}4J!?ll4;n27NMo)O9j}~ppqZ5j#}PIV+4UB221{=+>U9O)u571 z!&LiSp^FSVU&nRicuQB5BJ3&Jd+M5)#s87U#BN@*x+t5hE=IXoU04LQv_sZh_;Rd0 z-i~Ul#oBf|sy<_FcRH$KX6;%3l=(=FKI&1+wx%8x@UFjYKSVUxT^bxMkFwG?8utyO zQ7^Ig6h}wa4~{0GmU-3xc0d}OU*4Ns^BqLFEhHPFK7%kH2=lqsq?^T`Zxy?HrdJG_ z5@HQz$aVEYuA3ineY%w)x1iWywXYPGU8Idiutb0PC!)#H<`}kS*sr9&aG8R~eLr?P z$#RA~v_kd&9b;VJeTj6hv@z~Zq8Pu=@f$B!F>mx6ufVkq(QmvGZ>M=mwj@n3G@RS~ z!fjL(43wBx$(ei^zfxkpt6}^yzoAf+7&#q%o3a2zhN*(8W(#TbY&rs`wb){x!T$d^ zI}bQ1tLyJS^E|UNyTeizwjfv#WqsTN2+;rOHXU-d%*NAw+HRx?vd8V)5245&&uJWurwf-6gN3C_G3YMX z+{yu%toK5sT)6;+Z&YOLdGtZvrU^G>;GoGAtBe#dRnOqg25?;D=y$H|{DM?{I!h-a z)BIwPeG${Wu-@SMw$b^PwY=7y*+jwbdY7mX%~dcFhtxDul&)pQWlnMcmtb8vme!VzW$g{+y$ z!VEL(3Wu4QcfrC}9i4(4oh;-kb0KZMBSz<&`;*3+%D226!?WO_+v(=bgUIJuYQLpu zyEI1Ik(Rb!INHphaFm(J!ZBvn723_ryI>)^T_i(6OVf7M@@SJ|_&Slg(Y7(PnNJ@o z7{peT*<~@hj<WI+uZ|N- zOhB3?X3n{}gUq9QA`i_H%j~KfR~*YpZj4h0;ac6$z+@q{|gRnI%PN8zONe7%bBXC&Fo!MEq>)7vHs&gcJ4DDR7-Jc!_5IxJsd zgq5^WF7!eUh_V@oqH;eGxUHnC{vuG?x!1x2a!O{IEJ~?_DuhfqH)U#@hPG|AXR$2e z{Ggn*GtDfirc6DXG2SA>ni`Wcr&9OsQjaa%78h*g?T3#j9+i*G_H`s3HqMMEJg7oI zs+M(KeiZA#D_kAeglnOhkJ`5uGlN2_naRRXGwTY&%*?xB;oBrm-7F|vkB|0e1$x)U zV~(0~{1`N#R)5D}?z*qfBEb{b!!;0C;VEpCk#XtVADQQ5H!ZNAdy;RKeNJpi(?;46 zV71b*chpPT2eZ}9{Run0q^D)%ALpxH(mRmU@f5kuo?M*hD9MN&BU3CoO8bJxrCHv5 zG>91(Z{)CaSWWt25*-M8@@ZLZkj7Z?&^lq?{y2(J-8nYqUfns$_3*`udiXNkp<6d) zWF*%b>yBh*j?RG+S9F%~jqPh?4}$Nl?LGf>v3uIf`?+UgP*fJgeQYmp(t8t5=35>- zgBP4Whd~}pVbXOZer)c=p(Rgs$n+d?Ukn(oF1a%U5}m2g;k~n<&gMeqNbqhhL?|^E zLMcJ=wDvX^@~$M$y-MJghvq_L#!eb29&;gcg)-e-+db{oly1zSZ1 zIYr=o4+?urPwKYcpb*s^lvCCYM&FO2m4H<_uxno?!=GK8xDR_VyBEi3iZ;KfKW$#MlRH{wJS zaAoJpkZW-$Z}B<%YmhxBcH`?x%9|kkt%441e_a*X3%Hc(%fVD+|4~;|7Pe!#bIP~F z>{X^aFB2Hu`4m zwdL#kc){xj81T9;_1&q+A)R~Jvh+VV`?(MKX1PVlRJT6l>Lj;fKSmaf$+>!|SlJ1m zc8Yu|GyiYC+9~pZDmyl9P}#{tJ4IyDA1?OA6c0>X-o#Ods=_CLOoI*`?&oCxeFE-Z188XFb!kaX@Z@LdNu! zs0!D@rB&go%cCk>b)DlXQ}|3V9ap?GMP1O`@hRfsI3ylAge^0ckH%HTRpC|5Jl51b z^=V3-W7(?w#U^`EHi5UA%IeO;`=J$Lh#HNNU#e>WO(g=5Q&;^hr0E(;=c>qE^^*~1 z)O^}vrcrH(yXxc@#jaCq#|4X=R%}{Si~e%(VsY{|)1(AHM(p0B{27OMHJEB&Q7!L9 z{*02nTX3(()KBi(V7E4IkHp;Nr#|abxM@>|`kqlcE%k}?w%lX;97i`kbL04h=rQvR znW{HV;n6nGANzuoC>#I9 zplop5=qqe3$E0(RiUNHNlxdUZ z_;0&b{c8?O+j#(W$8OVprCv@(qTzA}#16@=5KE*f7^;c2d!39{Z z?%)P2S9grX5_Ob>PeR%nCqMspAPMPXm9no<3_m9i$w_8c-IQY8p?Jt?8(dX)Y>TNH zV0}L?Yq%Ys7AB_+*j_GNokaz5lyK6kLK&k9gd4LI(^Vks%4J(icSep<`)xfwJCLqg z;utw;pUAOTU_{l0W2CaMBlsdlSpE7$jIU#-ZY3;Hga0FvJr-^`UA?9jok`iJRA0|I{7(-T~TGD%%m$(>PlPgue zjMyPRMFGh?kd+F%p|SYn<0bgG<>s<;@suW&F}q2`aqN7b(v6+dOnMp>++ckE1uyt~ z5CcB^IVW3+i<)S`wd+V8G|zw8>m7g~Q+YrgM*4<^CA< z6?JB<&l9WMg-`Vs7eA4)e+5###hQF`=YDJ!##NP;%vj~FNX5!M9X>?St_r^(N-3KS zt6}Sw&1L6^`y%fbE-djb5@Ngu9+if-$awFYq)kJKnZCr($dZ5epW4bv6#rD&M1{wK&e0hx|WOU!$F_#qloII#XWW<&M6$?DtjoJJ=KW|C> zp83O;ArUYgz!8!?MDG0~cTF-jGb|N};hqrJ*TWUCSVZJ0KP3bKR3`I z2GRByvAqizwf<@bto2s~5Op7Qi;xie+#ti$ z=Qs;BvBKTXFqaXkW3eX5EhyrcRYlY~W8Cxp>${q%%Zcsqh*GcFCY;o3)`XKOIGM=k!!fDj$Y;UF?Ox_wQlN|lw@<^}j zTx>0vH;tV?IRojk9u*(sOZu^TKA!)B@go02jPCirE-rpvI0fL-{W=mj8;^E&pRls|Oh6zg)A>X!&mdER^zp9ekI`e{)PEB|{@DUkmYG06Y%YX2r-_j7yOcOSmt;U@N9?C%SenuN(R^X$~JCgEGL zevqG&tC|FvvFui)Vw2#K&hCfPQtg7FHk94kg|hRC+Xc}PYZqLb=y=~BFF2ioQRMvq z?0)V*`yRwM%>Fvwg-X0nm8sQSl8+FKi?;S@<1>-HUt<`olPvHNph9 zY{RhvgsgNU$hwiM2iXiu!|o#7epItTcs61jV3+5&uFWIJdn_G--Gv}ZUFO2Htj`&i zYK9MTWP^ua$EHNlQke=5A(2KB;VLpq^ibe*c$i#ucd&a$>{iiMCW?6r(FtwShyEs1 zj1&if#Eshg!+}Sv<`Sq&y98Y1y6LG1^L)Quqrt+)#3>1B69LJ>rZOrDn_(2k=sO{w z+n|9lI?L*8aj-GCU%1@Npm3F$Ea#iadcK);g-gxMyWra6q_Mi7a0X~J7WH*6x_7&k z-OWjne$8g7>~36PnQbFT_8{7~mSOC<*b}GL#;}z}um`uHj}zE{WxOoCuuPDpBAH@o zh!e7)s;=)@Nq1B$ryPdFfhRl7bjVs(<r3h&q8aeMy zG#cs%nz%HQdXUhzdq%C=WTEC9g@`Ukn^cTe@)s{Hs~6GkUG$I9*12UVu=p(p-e-A% z8;UU@$nMarbnCRb+S1xs&FAdSU+38Nj##e3nCHotYJ>DLzI0;;eT2KD0}>D&?=)BNpdpH1^0iA94z_G}dQ919U+qitm5x8$p_5t~VyJL!wdm9deGuDU~t^Bal+ z5=Q2_RZU5{I;E3}#TLa6V5y=q{0WdP$u=`?sTg`H%5oRE?CiS8#j(ScHOiPcp zPfCln9H=GiXeK9g8p`5bM9qk}qIFEoeW_cidTAfbXdP2juxWcI8Tsw_YSZ>l2(V+M zQ6LYhNExwig<^qcU+}oZ{M?Q>Y4g^~lhl09ij!oT9HxIU$>!CHEM81{-3aI?ImA|0 zIm_g2x`E*~!Ss+U={Va|W0)noL-xd{M)$KICPyYSOLAnoAR3k&i|B23YMlD#8kUTg zBscT5q1M=rXh(t-Zv`eC7Y8$@fp>CbR%CoUsotl zZNvCwX|7R}<|QzyK~F4w$&*rG#~>{k(-Dq7mPdt;}CLTSHf6-U>zjFiY!#^f|DLL@I$6mc`u#2@uwHJHw@{ayKEs3U-J*3Hg zzaA;utHHzG+B#Im)qWO)3`u9_$Y7H{hQnUz0M}**-VoCHGt+GGxFnNTGCh(!Ryu&X zZkL9pWGyWwVYT0FZ_Im_qOBNbixOqkCCYj?*EB>|Nv9X~Y#vzIv$>(|(s4W^k;<+o z!WPn|xV=`%s%~ioUhRtM)0=Z;hQoqnw=tJcwIfO{p?ZM&U9wEt-2`lu(W#u&NUU5 z6I!5e?F*odGrIMsH8<)(f^$qH3zAUvw!7PVwVE^~>O`Wp^i5|^5{gvzWQt-;+_BL>$fr!zLaZ&(q;5h%eprecR$O=<@fp`62UYnU)s6ZIkgVBdj5XYs+G7 z%kjw$Q3n4km2W#6xFPfs?k$bL_GU8i9lcG@cBAURMN{;5ScxX^f^2Yx?OJ4W$fwKW?v$YQ`s;1y6|;`XBwe~cg@|U zsj09(4BEz|Vi~!VFacq>*63#mh&s4~wl_Gplb{iV9fF-vt%5JHdyQ!*3wfz)x3+Gt4_OoSdZo$odf`wH% z4eUN;NJll2w)e^&>v>U`bOHtLc-wI0Q*ZHv&j%$}U6`$o{hl)HV(nyhE{W)lZreX4 z|Li$RmZ=>B&IKsFE})%TirciS^R3OEhd1?|IpRtCIA4KumohgHg|}0) za}WA*eD09X{>%D=cgbU)Wju6oTB_-2=gw8wjl2zWfs)FL9KBJH(w;CQVIPE2+5s}1 z&6b47enNa*+}zH{lOxkaEnUza=&o?aMHk^%poxt3ar@rp$b5C_ltfI@=)3|B9 zjb_}F&K3WH<=*6VGOkNHdLje;gr_T<1f4IBv&G$xm{upQ1p0W@GY*dQU z>XF_GMK$03FyG?Oy?0y)q*2SWkE)u8Oelm~dP5qqU>^yv`eL7H=V8LK; zmI?1h3bv82u$SUASd@lL2kXmT5knNe1u3@PLiQRWN`|9bQJt9 zMnO-XZm>}hESG}*5e1#Cx?9gUbL3m{_d5AS$-5i$hDo5QCbj?S&+122Wq;+3e!5Gq zj7r$KTygeF6-uCi1fuYXJikioh{W&bGp8L zC}d{nH_{zW7L--kC(AC$X?tY20UBcX`n8?uRGE=Kzcz95>dOa|-tGHu9}- zAU4)IH|UEzreb$~*rEBuxU97-B{xlG zQKlNp+_hkx-%vB@zYx~-h&N+@2jcNIoYpZ`$o(OQhOqT5*W5d4_-qt4R|Q?g}8HUMvk6xx{&$P^A$@a$H! zvYF;Vsq9!RJ^WDqtS)JvGKTgkXW9Bpb8LnFmCpJUZ*w?l`9T>GlU38fSA1(`O|NAK zH-$mDRYFa({oEm#bgO56VPky-&(>+Fs-Yks>S2|)QSkI>D(My#ceY5lX5bjhuB`g+|U+G^rwrce;r{&CIsR%rliu(dDTgN<-(d9J>eB%&g4V z$XSsn;iz{8S+WVqD0h_BXPMH>=uEubk#G2GjU9)c4Nazbb{uUP-)IiP+Okc(>)tOe z)A#Z|`>Ax#yQu7@Bk!Rje=&KtPG}>9-PZf?8?B`_oxnub1 zPRNz+m3DhEg_*kRI2rjP`Ks=syVTryCi_wBdX;qOrAX!&qws zIgG_ke0J~sGQLag*SYM*k~~CBZ2iK$+sQNpZG9du5}%2IJSM>SEUejgVcA(Z9*@H> z&3QNx2pJXdi8As9zM5vKkO=nXcs($4EHYvuP?TtnrI_}6q|IpDj?x)ML&Z_L@@Ty5 z+)@Pg-4FyMJ-F1pc`?zvNevmcQ7FHR>30esGukw2NQ z_@r;t+;I(x#%Xw*U{ywpRmCbzCs|^eqDkjgA@%5Jc+9oGT$#iq8%nN`wT5Vsb(&@r zz9UpoU`CqJ)JB5X`jbauasmaRw9|b;D@#JQ|WD=h9ec<=`tz`XUJee^h`4= z3TK&_D$K#;h(u2A-2Ay4MVz`$^ACd&iR;5UzY05GI3&Y3Dcps6n3w5N;Wk*BzOQIa zF!f+5;VKbA3znWQ5c*IOtdekg+g@??{yLchTC^g3`D0~Ba>g0=&?9*|84Mt_3)6~r? z2GbEu9ZoammCa?ZJtQPOW%WE^BCJd)+q{i?BTRA&w&VCN3ECYroVeQ^wgm^`6#io- zY5vs#iMPOA5IGc_V~|s_AhKpM$4m9cK=x zo1P8TPSyqeNA`AZt3+;1^*n&eESKgHevcd;cXD7cf{lL0Q6z_F3p03JqmdxBr#+iA0<$RML1S_gnpjrv4g}q`h?*Ts>)YoR8EgAI$VqU)!)$Q_bp&@6H&N;&358w!BebayL11 zpjGFxa!nO>E_YI8`W{KtvKS%{cP~hg{U=pvOH~!sG7Gq=M&IJ5bE{e`x?a>dhFs&9 z_FYkh!llIa^Y%4N_L8YXYSVu7?=MyYyAxQm=&pMeIWi?m*K)VZRkXoY|C+u3l6s9VNH3N zGTVT&H+pR2p@UgC=q?oh)%s9z?QK_)#mitIz#%l<$Hbqz2U z=u<|LR~xBEIY6Rsmi-W{XheW5Z|Eho!)XT@#kov$0ohBJYH5xF3UFhvN;{a&jiEdT zYuQLUxhHwmoT#Up%Taj}nQ-V#Rv9ygPSood+@0RCdPK4)aN6YODVnXG}c~^4Z(n(RflxMtz>4 z?UNDY3G;C&&EAa&j$D8|vI8i&s+XuA!SWz%DMmkIs8s!WY~dGAZ5Ne8%R{?>2q-36c8U`& z0yH1M^(ndv(BeKx+)9VqIebt?R^AuIq)LR=1v+(eUCG`k9d=Zi#74#wv%L>Ax@|Xd z?>{AiB`2)}yZAqoNL4IV?HE$^J;~ldNwzTgCO+-qlVn5Kg0DN(F#@^SBb?TVYCCVN zO_y5e9Pgbn^EdO=oo0PhWI0Pmk(Gx|b;yjh>52!YeJK*n%%PT3uD6u6K$PmN(Gd)Z ztaJn;;?|b_Kc%_or){>hnC^0V?F_Ok7##7u#$F{gDn+rZYG!ws<;8A+H*L=)l zs5mr#sX9S*h~_URQV-1HUyr@`Qyp>|ZWr;_+IUolDD_f%bCBAbyKpJBH)De%Cxdv1 zF7VL)BApkm(EO&(uu#w3LtyHe`!F;=U&o6i3?2uS?(-=;fDeK_j>-6+NY!3Nq0cgu zf|1>kX2zaHK@k+L-Wj?J^pAkQwiyx)G(!){$luFX%}|YWy1(hPJjhrXv1UlIip@~v z=rfJB`*Dj%scgT6f)pbpWI>W^>i$g;uqyEbSz>oRtB-1waEr%7!sAHc7LUFnZl;q1<^@>mfl!S#-b$_7e)v;8N=7a1+Ez`BG*#L(Rwv~z`?m0U=2e=8%JmOx?zZ& zg0vb`-FK@&)%S_jpkh$-&ritI3pzIc%qAud_)+{gN{ExDpk>BtP{oU;pfwDMCENkm zor870*W^>CwFW0~6Lo?*2cs0L6{9L_)-faI>ay(m%e+w(x7CX3lNbJuC--sirE)XV z-Go)qF~rEV-06osns5-OJqY|F1zE@Y)UIeBPjzRXxbvs|ch$9VcLFYOJi+80T7V;4t2vDQzwi83d8 zn-h2LHZWqapfDX5Q9hz~skOE?Qnynar4C=~KrHGJvW=#Pt-iHZVWF>>XsKw>O%e6| zs%xsM2^>()pcZNg%R=RNQI-ndUI!;eVCN?24F_)|TdllV7HaAD4R++5<>4lgUXX)>mCHTRTX}{%ki%ngu+hO9JP9fy)kqDm zXgMV2a(Fto9`)$-^)?CLp#z!Smf|@2U?Ldk=Y&0)G%~Aof%ic@D%~u|&qNxfL2Ol) zp$R%>p{(z!&ZX`D>VmAs7{1D??2kl?!U|($b`V{&DtqxOa@OD?919QZL^q_d{fGv; zJx%|=d1Qx}CAsD2(L&Vc|2L0fdEqFJO<`&amYb$8 z#SNX-NH61C>hG;8&3C##1I3!fe-Ln_`%=6}_npqOrO#uMADw>*FLeH27|c_qh?C`i zHGlS2co%`^Aj(lS^O}@5$4<>;gvR$N?CI6 zl$n2-uNGD zwG<)JSi;t9x2V~c=vsUD?RQ9OCP#B(FC+W+IYyK=sdmD4cVX`R%fi&$*h)yhnEd;{ z33C!@TK3Xy@^i}K^5h~MCF|)VNC#ROKv|CWq?C@n1D%Or>se^zGx~CKG?vtiJJBd^ zmSe6d4MFR}V-bMvCJD!>x2#5dylcd@gW54xRd|y)k(SViGmqZf@es=C=j5SATxM+V zwrNR~?cMHI$)!@=(%wU9v#q6P)o7O6id2gWUI6J8J)hpId6hUjHhk>ew|CgC;UiP> z#?-M9VkQ752q||{*N1nCp?-b)g&fJq^wTZXcVnSfqC18iLp6oB$_%j$gh5Di$0tUM zJakL7%&xlQi#v6Up_=d>q3pxsB#t)H9j|n`p}HSed(S+D&Te=*pV8-+C4Wr1h8(k; z>J5+C-G~tlQtJBFxxQ0v-`Zl|N!JBCDr*aGm#M7vL$=7!a2b{I=vV9KWybnWMrEz* zJFzRcTe7>8Y($1c-7+vPUiCwx9f}%3IbspJj156*V8mN^CEY!3xUd zOwg14pPHlH?51MrTFYLp{AKS&cnu@_IPKMbrA&5zK5akQpuL2pVZ3`WZ|+34@!rHo z3mTcWdu40F=CHN@5p2g(aW|;%V*-n6NUO|h8eGrFD(+=`ql&vY|N9RzOY^@6AzQZd zSiOy5eHnV2-j@6aMea;Fsj`gK=Ye+(ev7O=e+Mr%`)=#!-oxhS-siir^X_gFgko{t z{ogY3)V_A!eE_-L$;_8rnY57+%V|Z44!cLE)eVWou5trQJFQ-JjYgEkv+6UBEuB?Y ziqTk+T}kxi-42rXpI|n9 z#9d67t?T)@B{Jy@eS%}XxvR=n>K8HWM>K>tI%M2B( z`k9t>wU8%|@HmppvcjKfEIQe~Cf52hS=RZr9rbS*ExSb)+acDkqPeA}!uE*SjKenQ zXUl*p2Bx-Aj9m&ixK7$*LQPl{j0c!ItC;~y16nViUf1JFA`$)_W6b(`8KhTV?x`$L z|3pEUcy{}7FY$P^uo`aZhY#{z_|nvrb>pOWIBskV&|dK;L~6Qi3UXj(Z5l>q)#w;R zTNY^HkOo3MNht1K=&FAdqPpt;R`wqd`43Dj41WiA(53y} z8KQmS}H5rp8;r2)P~PuM!87lvwWQ?DEpjKI{O?B;L={V&&cx^ zmFIpqlUylCah&?JuuoS|b}^w_>*#|EDoDfV8OdJTSoo+X$x?lOCKmivM=}o5%ZY9|-9ee8OWOta)tY66{@c z`Ay{V$e5zb;K-$>6sAw)vR2UrHbhbTQQ#cnhsR12kL=EPq{V*ja{`iMb-R-z>5xVH zObfHUCZW9iLe}jw*_Xw#D^@LAI5YcC+^U;bMScH;%{Dokk_M)vR^;$|1;5tU(LQqh zG3B}`sGs{1+$>VKlnio(h3l&1L-{ls46^d#9J1{3fRZo|JKS;AEvTR@TSw3e#VziU z+%2(gKG6$-dw0h3t8IOW%QXPXxgo7-I8?+e+fFiUqznqe=-kQ#l~U2(inPbotlmpj zpQ!S3886-(A4T2eA~$n$iXz2;dRJ9Bot3DwY=g-(&7@jnmrJG~CzrTQ#j@&yYa=Rc zWs}(j?^Ny0nKKC`*NzaWqP4lS#7d`aiz0(AjIot$T{VhPt9xq|*N!de`LIkMw(+Ff zCJ?PpR1yqdb=y>&lA-B+jH3R%6FO)j94VuswRVO8j*LZcvazQwkPW|sXw(*1HtZ~LMsSl`OL2{x5w zOOS3%Hnpv_DunAePeo5p_*xtlrzu7RZL{@i^WLywSO2o{$o5X%w+4KyG~Aq7)bs5B3fbJ0aeyuvW@}TXX)Myj%nnh0tV&zlbX(g`Fyzlr zBnup_XWb$TCTqBmuMc( zwHLQC*N2~BEqpGoWZ?@r@8jnMhF{7pC#UwWw;4T7DU0`_0av3-$9x=At?iWQ#axyS)6upZSPsg%H9hvv>8)TRbvLkqHxgI3U*D(U+reYR+hli?!5s`!?zNxs2R%3dBN@3@r-wz>IB6(NYl8W=lU1 zsH9mF>LVjx#aFwbIiK9zaf9{JETdNhqGL{#Gz5s{9T14Tl7 zB~S~13}4(a1*;I;^@&CVGhj7B;izB+YzkJRE%n3EJx!a;c!+$MBt@_c^(Xj=))(r6`A_s>&eU17TVc-9<+zRJFg1 zd_UnwRnd>;j!i8|d7!E?Vmcx|z@v)Zj$*sA6=T9Zz9|NrBbVA?534AtVTKQnfPAwL zy^bE(*+(K_xFFmxT9U*s^RSWKkS1!D%R}cZKlh6abgs_g6q9ixu%#waHUaLT*3wgz zmWs<1Cn?6*^bMmG?qz&qI)r+7>+_$2L@(j5dcF8dWBCJa_wgTuJ<=iNL^mDU3nXuv z4y}S$q(cL-#&u{_;E-BHI@Fg4=+NpoF;lAPAJiyMDqLD@;i?gRVGX=Togvq}tYJ?a zd!)%))3Gy&#a(!K;9@$)sXyr$$9PP~R>Lc%V>Y88C6ltnluRVEJz|iI`~ab2d&FQV z*=!}9lLyPZGGa=mSl}@w`?padW;F7VId>Wguktc%xN|7woqS#1Ikk+!IhB+r*DV@~ z6{@2+c0uZ+$bRluu&P=96|?H9yI*8A%7|WMgst5;xT}s#8dy|SCx=K?%j`;3?TnBS z;qu?iF8#N8tLj@eplU(G{iLV zyy0Wd5hO`= zE1Q|E#ks!A*XaWFJ(8aK9&cG$QMgvWzNtRbTpNT>&;{v}@Ppnyx%vPA1FfpS?hmLR z{#MHR@|zI%?WN+z(rK8`qnQm5!kf<4kucS15RzG`7WV0<@lGd)ziA!Wko~QhWJUNO z3Auih&VRg9#$8p>Rma2>NtRHqJx#Rlmsw748uO^s>@xF1yK^5 zfAbAH^{qS|z?H1nscJXCS5_BsgNR`j{8Uq8Z>qDCBer3`G>%_e{7|1DgqcnVO~MR# zJRr2H$6!x6x%-<`|GY0=^iWe$jlGRoslK=$#G)?i5jKIUeGN-h<3Hu^zfB%HJ9$LN z=$^WiOfqkXZ3U2I;($wFkkE}N#uP9%M$?>w(c+SKBZ!;+?7PXsM3WzqgUzk0wT-1z z^yc2FNi=QlR;6i#bTd$mJ`k-gGUcmVgiI=YA3D`YaB~9bG)Gp-OLMXQc^!WB z^Rt7YbBvbl{KafqN`&(@iM5s-b)UMw__OYg*P7#@-5uHaL`cn}m!r29{KeEDahF5< z#fNlvncy#;-rZ$ue=+6EkKtM0U%YkqFl+gXx9aXv<1hYuw^+;?$*zkY zWt!JdWrtzuk#1>Dn>zcUCB$|Sn_iWswkGSVJJ(Hz&B`O$SBtKKc(jut_im)pvx-*- z-SSC86E{TR)Q9Zmf}G8^vF+eCccj&&k4c+{8-&#ayDsEq>U%T~Or;~Tv#T;_aA_%H z8^-rY>z39x8z`)LwLH_d*}klFQ9qP#5z<^?i|U}H9*j$BGF70}lzvW5?Vm~oitef& zBlinb!BJa$hSQu~qpBkgI7}}pI@SN@GO0og{mXISpDsjhs0iS3m1YQpECXE|wIBSm z^8)_AC2U*W&fXEL*sZlKbVys2Ppy2^$$N=$TT>9SL5d5XR&8vX3dcb>6yG^pCr~e| za{hpJ9&hIt*4Q*0hM#I)+K{N84!k=^Z^?4g+nNS+Jwi5&WZ>FCV(MXyz@fT%aNBbv zmYky+BnmZWTcx=WVq7&>*&|42|4iylB{XYbQ_`CIaqPK+6(i-A{542xk~G2D86<+3 zbHgGb{)YGn(LihGbzk55#?ucgk)b5PtI7XI8E&8$;8%ZQPs~r3n@)dN6>d$QNMvzg z6y247h|~{7WLXj=4*&V9^0w{A{a6P47LkO%6=|YN>kEO}UO(nL3f~fLlytO0?;mf> zE5g62JvC+DAeq06&Pus$AEV&Y{b1&XSa>mtub(_p^>txA<%80lO1i97(;t?TAqXkE zsZ2u;Wc@YDknUp1E#$$S%;XlfW|xEQLNIHTXEO8bHfSfXbfvDMquKsDQX6uDe8Lu0 z{q~@w>T2#2B+bt)4>lG_;U;{;P5ERR&i)tbIix_n#m?YE-Tpr$PZ&t zw#1>jvYkDLl3|72rMq&x$@Wbv%aJzCS@}a_0o4I^>^)Kba_QY}dFr*>5BH3O1Yh+j99r26l zttfwnG*ql8?Mr_-ZM7mJ&~93hk=^mB4*uh!V;@yPvk3U}@&6h01j33h>1 z+S(uEqxPjIG3Shr+Lt)s(s&D83f4=(o}}ohk+Ia@aXt=sQ^3&ndP1G>8_`HWW%6MWK?{q$3x|aD`u2!LV3#8qRUl^6sIOvU72tbnzbO*!ze|G`5$n z!g~N-|7*N%iWj_YjsdTGvgL9MtbT4wzHE8f3L|_IMbZpMeYg|6+9J!&Si~+hZ1FN| zVPbl9tc?6-eANmK6PvtwDOcuJWpvfe)uc-u)0Bz=lHEX}r*iCaB|~HJxm9U*eB6sj zW#`Ip4_w_o7VRFKb$02V9HknBdz!c9sSX8vZG3Kx7kvI613sCEItAU;qh6Yqo`*R6 z+_nI%jSNe-!=il^wOl2suIP}~9*yPtSZ|UcpzZmNRv#OY35|>9uyC(7F4@;ga-%po zx$PZIOYegj9Ud2D$ZaPX`EB@0Zo`pV$HPXJJP@6X*bZ^ULUj9rr+M`ilkh4eIQp`) zVVE^U(VAsnd}dl$$!u203Qnf|XFjDDd=*0HV=SaQA7eRVgw~qO9HGSwva{jK_!jf2 zIG?*3++@fP#+u8VWkJf`Cj18xCYsNcB%-_=+P;qJjGb{Q)jDUk?L`3&vg63?>}E(I z$d1Q4=K~s*WH>=8aHn-(+K#nwG0(m5j71D5DsZtj+tD6*N(S8Xj%H*h$?yDV`8eE~ zbP9XpM0LH740ki=WCcRs0&h!r_{Q{2-ssy_#OT5GphGuIt?^T1Blk_>-cr%=v9eZ0 zz|i=){cz^3`ojL09QfOUXxZV&t1txzPY7C?$8o_RP?n7l9QMm8Xv?}(EC(pg8b3zJ zI{w%VwM%f-X0}2pjmqqSeBC@;n!E2TJ%_dhw5?Zk_GkWzLsCjfN?<8QyVHzzzjFi& zI&$t@*Pin+4r(10c?l<+0`-3WAgop4f!I4ossdYCxccxQ!Z9bMNDU5f`!IL%4tubu zF1@^0Kk(L-erU2vW887@`fW+x+`HM#U78}{A`0Bd)pc>HB^%4R`hwW-nTlWIr}iyL zHA4YWHWl>2K2~A&u|iX|V9rRrd;$FqIL(;Z&mduq^KBiK5LcrHYks8b0hR zmOUL#2WZd(9}YYOu>DXP?Iu6nekg#3AIePT#wDo7bpe9apvI+t(tN`{BYWlTJD z<1Yr6+%(4cUx}x>5vg{D%vu7Kv=F1sk`G1DY35j+z%13}a_W*dR@)C3K?jw#E>8tr zR7egMW10uhd>ZpOw6pT%?%bb-CQ}U~Gj=KNG@Q5;*Nx$8JinjabZccx?eq6Wv*Mwe zHRfKR2B)Do}@D`jxrs3F`{fp>jYk6s~zY?uW#*BE>#_ z1?CV|RpBrNYOpX3na*uX;RiUxRZEp3OT=NaQnZL`i-e)JAnfjT+QYGNJ1sKpk)$#wg%BylduNNF>HZe*`$I_{?#@{WxqRoWVa+u6t8c#n_NChr zSwSD{i)5FWY<3~5WRP>xdkVZiI=oc4)M3*wXfvm#bC>eIXgYTp-+H@AuF*Lm6oL%W zS$AZJHJhRMt+Y=xl~7b&hsw|!K-MQ35%r1WN}otZtWTsUOZABii$yQ4g4=fdvU71w zvDha%=gLxFL5X%-+m?R)WPBfn7knRq;rf4BZ0X$P#{Cucy^=52X5t=OcwRyOPw3#a zO-BB3zUu#tjChqRyvm62swhkGYFI3KH(txmOY<7*|0&TJuYsq#gu0B^cD&&AXbgDW ziEB5prE~L*zhkh+Hu@M{CO?Kq7@DHV8Vzm`n9 zCCYW>6%S0a!K8P4+bp`i;l}D=KOuUJoYC|{p)XWAc?+-+0enqfX0oHH^xT2D&j9Vf z+?TTGz#OZ(#Z&K&$f`oSrNYuqrY{HPek&s1v4rHI19LLF>P|0?H;l-tFpzI0-R2cg z!E7=9HI?kzDpSZ_t(#~gt2?Jej=zI!-d!q(h^(97ZZGuGp^o{6N0MrF=MZ<{mT_QF zyXsCvG)~l!(fp*O4`M@n>zU*ngH(g76p@Sbfu; z__I$8ojDD4LOIUBKxcRx`Ex4`X9D}Vv-tj6Wf3AN%N&{RC2ltNjZ!`^XG@05L&_pE zrYwqAR2Bv?l4Pr{v5+Q&$C;dV0hH#ntP;8RO?TB5z)3!^)`ujA6+ME`M4mI(Rop#R zMwwB>1y*@{+$gf_Tp1Q{l^lz0!}D*J>XXx;BpR6BxK9F_+6(!t4Ee{AURtguHUmOGSx@iNI58d z3GJ1$5zch4v7H3Mfg{(5JDrS^=-UZ8gYXm}FbU6ZN_fhzxkd3A=$75$2*Ohp->t>b zqcS>{8+d0@v%oF%GeswTKGNOTUt`nu+2E*c-vdW3b2a(7bY~@e z7di5B!L1**6Z8eh3Eod5#X^z^W%d~q(q^*D*vw=hWoAX8(#*O7wGiR*E_k>h`4~ar z8DhRTAT65jaF-=Ile<8Qle?I2R)lkfqdA!0g=H%Ppk!F7IXmq~{u>kb?3JVJUy3_r z|8k7z&Q6WV59a@SA33-03(mrP!{fdRS#XIuhb!dZQgRMg%0cP*s}!!5(Y~LMERZ$l zz6w|niOf{U#j)a$2+oV2Fb%n*AA^)AP>IRW&qxPcOgYApC}E~GuEKDy8B8W|*U+7b z9Ic@{OBU5QbFf4Wodlt}YoSc{G9h)>Myk7*uq8ElsP2;4Rma|K*U%{*nC60s5rc@Y zD!43=y(_gp$+w?_ug>i?H@YBsg$Q@VtGZ(l*tH8XnmbyaI9&FsXe`ZXjM1 zLLH;&!ZnZ(G0OF&8;j99OxE&HQztVv!(@!Q>q|RFMtqbB%bo{|odbDQxSTEaN+Oqr zo-Z$W>_7DInD5f8FuVAF$~5icUP-3CXDaglm1*(ZISDjJ)v@a64pt3>@e-BRAJKUS zs>$LlHBxw*^qT612~PQ!3T|f<7}F_S{cyi)Ku5=qKSvKC8#lGCw3!BS)64}XR<-}j z_*RA&;@PyB7Df1-LFV0oIU0THkI7C8T*~gd;I6T@=1b(kSvK!am^)Dy(9iN3G4)gb z;dtz)^B;s=;hBKA41$C3BBcl(>Ja7(J$Bzxhg^#n`F=eH{f8RntC)aGwqH!x!p%6+ z#_Uf)zX2;lPWvvhuRQJcDbroL+be$^Q0dU|zD0(6K9Y_%(}czI`SPIeEhDD4ibdaB zGou}g;V1UaM<3m=X+&(#v`aAyjl%p*M6(j=JFD6;d$+TF7i`&iFy~I@=fzie4NYe0 zMI=rb??az4`!2Jsos)G*=P%%N5(_T@>90ZW9;6zmqo^So(n~nfqkiPU6p$ zM(HPg(uV2_`47S#>C<&ct=k&J7Wk)3pKiqqeYyh!eL8@v9I=f)fw<`$T|1QM4>)iq zBi}5e@Thvf6zN&@ewi$)lrP5;Rqw*7>iuq+`P=yF=9NvQJkNsI&&fm8yUeb-ON!OI z;(_T3F!gNiznt_L|EGFZG5>lOA=~CKxs0+M$SYHJY8LxJ*fFMJ*wxLOGuPf)8+oL2 zo5E0dCFq;`#6uyCm@2RsVvleb7e;;Y^$nZgC_5MPFg6ybM6Nm~!t!cS_F_Mhy-qyd z14x%BCo{0Gd*ICNQ&PM%`4Sv;H1jzvy@TsyW;iA_oq|B;iqnpYncY`2RE_MBbRHv$ zHgzKD2U{w8vRw;aN%UT#(C_`D(zbq+_BeB9Mg1n!AXBKe{*YhjX=YI974?&PxPFrJ z4mTqQ=_d&aiEUT-3w4nFg1a$dQ;+v4JvTppztYsy8|fzPep((Bp&nBZ^zH!+^e)BC zY&)>StFB;C>kAL!-n@I-p2zcZg8J&ssuL(tex*J7=e||;f}(po>raGY;!qga-xZ;< zxae99&#)U-hs|NOhxbNYs{OAy#V*eEA!UK(H>Q3I{oDr<(e38@#94X1&*--KK0T1A zIXmfoQgTG)PgMHHW9)h2H7?|4&?fZy*ALSc6b7rf6 zI&@|Q?-@-XY-|$ELe>KmG$Ca& zs_ZF>(kh{)V%S-PdXZ>ud{=fZ-b_qoWtCGe@4CB6JC;Z37XKw7Vl}kn!BQ|DGt!(K@%z?Hhra7R8CrcZstz1<){6*-9;mcvTTdb^ynPr zuGf=`X0gr3Eg#wfwvke6toinU0`p)Ck)pd=dKuqzc#VlTx{qT`?+-5&*MZXByC0R_ z&=FHXc&!Vo`D4Pe9~5mAk>PjXsgA@pCU@<;o+zgS9ckTV zEn+2WnQjv#g^RwUkyBfcvm>XQte5d!M%E8?mSz3fHzirW0KS;4Q})(FPt)aB@XDk{ z(+Op;o_h_*Ug#*iB@%M4^KI$p=ie|$ZtfM3ijKz=A#ztJZa0$e1j@hl53eI*Be$&( zr`0ysQ9yDdNLZnBlyxe8 zPV`avyr}@3Xkp{(K#nfy<&okh1xwD-q52u8E|#^+W#_0}c6E>G>nc${=vA=B`avn1 zmvb_F2QOrJszg#>_z;L2j`&J)?;9ky?viuv3dJQx@*Uq@a^|)&$th7J_mK?uoC}g; ztEWj$u1HQsOmd1+mYk#D1I5pYJ|y=a1z5i1EICW3o8-#Q#ceE6y`A=6eXCS&zYE?- zc4s1?B}y~@Dc`QTTgfDxK9N(PyAd>1H{%3)F2#2LG{mZ(-H1Rug|R~*>uEc%gPmX4 zNXMcf9K-eqmqt!0)$yofES3v8!3BuN<_->F)_IeHXrnk7Rp!jO5u=d}QC!)CZ>-1i znF6~W%NO#o_2ME#X1)?bl(+8u8aE6!>M(ioI}i)Zt$&dsh2 z;N3e{ez=SUKOKEbwX8{gGBL$EYy-;hIqvjggx7j8MwzY~U?WOZgwx^jb6?{+e1Uae z6fM?$5jf{j1n&BKnkVCGwulece-WSM{);7J{TChjQvXG)7WBdXU)e=5_HSfY%GR&B zK>eEXqVspSM{@ig>#}lG0Oa@sMmIUieT8!L=y8_iD5xyQABosqj{QxJ|HB{*A53oH&F9k8ubh=ygXA* zjGg7%DY5y+lst5Kxy-J*tGcCD5#9kNtrF!{$os$;Espo>nrcIW#!en-Er})Eo+Q=d zwZXknWvnx*{{v~b9&g#XGQ1PlCcDcVGVShR%?q)$Qv0^O%iJ*E=6fdM#!mkD7*X@k zL3o#;uzsr6h&jGZdDRGveAd8>eBLRYyBCe&`UBu}?vL14)(>^vs2VYr)=)R!Z97IJ2!LNT|D%61bokJb z!$+>Ci7~IjJCtw#Hxk}jGd=GV%)4J^zGJr|+ol~pRnKsFqwe&*EB422kKMeNY6F}9 zSZnJ&w%roH_kb6?fZyhaW(i_H=1UUe-dxyRwL0MUiIIAcK&kJ{=T!c%?p;&mc^79m zUynQ4;Bg|v>wq|gOY_%J`b#h=``(HCeLT=Tk6nBghUm7ge;y{1^?G8G%LT<}rp4QP z>f8k>FFj4)G1JX{;I>!w^R~KLzJm{z%f1I~HY4S&Iekr5GM<~N?*Y^F{nYG7*!OJv zZg1}U9Vp*LQ}kVYz&Bv{a`qt<+qc~Ind;S6XE}p3G zcL(eH_AGrn?>S^v#+#5jYSon2lYqET|&4Kzp zJcUfv~l-bT9nRLcF?>*dn4{cYgcZ5O$md)($XX1p8E z73S5_3b~2lUuEjHS7p3IQ*#ObC%!LwjTdW8);0c~_8|Deo%s>#IZ`@@rng<+8KcD}?8FJBbhON=<>y47J_MNu9 zw0->t9-N!3FT`m^2hrO)0x0=hfJ)dKgJ9a1eK5?5Unfq7SFWW}nen#5|Pb&P~ zJIdwT6BT~`9R0WL=#BfmzWz&=`$qX+O#+MT`}#oPdHBIKPiyo(*jgb|+w1%CY5MMQoW9#W zrSJA@>U%ZcAaFT#M9+I4?&WovZVxx!r=KnfjJNOivqe?@)cubb=)3SoA?JGUKGVj> zriq@*k5}p2f-;rz#_cDUR_eEuxAVCNkzecIqwlRJ?{-sP?~Jn)Ci$#zo-r;s^xdqW?`3BH;R4x{ zzt^|6r_#D~y1qN^s=S_TTK!p@Tt=L&Z`C>aeqxfGRU`Y17bJl%o-KA&FFk|kz{z- z9{R5TqBQ6JCxzjOt@VBU43(6lt=_xp3Gse#Ke=ymn)LI?$@V9P)}NXLF$S0@xG)@7DT@gXdrEdprk>!&_kF&I4H(%qk{wm>VW_~Mq46? zJ_pd;gWe>Cq({#K=y`*f&oJn{2x2t|ziT6?w?Pj_5EHZbtv6Lz&;f(CF(~czGw6>N zvQqEW6SBv_3R$Ha1%cKwzbZ{s0gXODei@xo1lrS}YV9)yy2+qk-e7~ioTiYqx=#?l zbqpGy6;V1$*IxVP4TrI6x}kR>eY(M^=O@kJuIdf(>f=p6UQnyIr9rzIG}PP1pw$f; z#<@W)wKm-P{G`LY;oi<(6)7Z+cz)6nUN+pByy@e$%zJ*)U~h~!$>O~=TR6wCuBMPD z@1&3$c~dOpc~$b;#QLIryj{}IPipcu<>dm=()OVIHuu^LT5^-1tvK;5sy8O&3{J40 zZqU?I1#QFXu>97pe16guK-U>G(D>Vil|K2c6G8VGR6)ocxySVpOW`L{xDe=ZgKC}< z&h5RYy~LnC-tlKXKj~6$7wyjyN~e$sV`Dc+h1$#b`Y7V>R|Uk0nKM3|c$oLKH^i^R?}uuI{2!38d|aWBUET%;O*-|%iB|xPF=&;_ z4=2t>-#0Vp_zM-%Pi*I(0G5tL4%*pLzxqkx^b@;U$mGlqCl(SxVw|OS*`@O9kvP)) z&Ujw&dL@oGsP0@r{Sqhp%J<_f-fD?+%&*UB@@q_7Z|VJH>8+c%)t8iR+(&**i93AB zdi#q64Nd&XXxYi~XlUXA^IP@r^4lQsoI%(9RnX|f+ZHl;yC~Z*@wGwTwt_ZF{LFx< zkN3Ot6mqLXO(1!`P2SG%c1W}YlJ)Tu6ms9hZh=xCe}ViCPD}|D?@9}KaN{0S|iFbbDW%GOU5`|ol_#{|B3a_Abx~2as^ILeZa4t%4MjOA>F)GhE#!VcOMrH>kcSz6|4K|U=mews)x_ka zBtP2Z`D$WcXzAnq#dPAe1gDxvVex_D@AbqC3z=zOb)6ZM{i7^}+EZ_8Uqac>8MJt7 zLGLC`uy~g~`@^{1{f`o7B&Au;0`2U7k~lXhjqE-ChjCl_pC+y_zdauNVcdBCv&4LZ zR>5zE_eJ8~q{_-W=L-5R@r3#9c(b7YC0aGwIEHSs_#YcLvSAQ4sH?RVd`f{}2xi ze$t?AEWH7K+MpW4ImoZBIDwFZX8ka(kQnUuF~43wd7tZp47$d!4Dr`7XfK0W{q+pG z0BCoAm_N#(6N&d^Vz@uXpfS&hmi7EiDU&vkFP~M1y|g?_|*I8x(Q_e{zNL z_O{yvjrOM)mP4=lVcdQG#{Plkci}?$ZR}60kVYPjx1)ca(Ru09pUj!z?c~oh=#`(9HU-JKgO0U$2l|gzDBmBxM?|AU`Du{_S3=p$t&fGWlei#D++O_P zu~0o5NFk4UKq2S&>!g&Miw2%Ddxm#`e*xXmKHkuq1ugI&vXJ9nI%W0}Z=wH~rMKkb zQ)tw#^`A^B-*cCoGW$2dwf<9J;bnnqPnms~ca#5WN>ZAI-wf|oAf^7%_9L#^G`Q7& z+v2@*!HBD_3;yOO(D^#~*A^Go9ci-beo02DLE%x5WG0Z!~B!o#!Rq z*M4YFH67$7-Vc70L05xwiI)gk47!{S@)Gu44>jm~Xj$S_2g40wsu8GfFv6gFsC}1s z4Z&}W&i_&;Zs4sJY*3}DyfeF6In6T^c&4EpRi&$}_PUNA0w5;*s~Rw;}O zCK)tij)RV{kPXbk77}BE83w)eocuNnW?2g7^%X4}1}C`mOcI+0CmHmGNpNg%ib0#2 zTy_j*8+4q-8y}o*&@4#S=K}T919UjazsG7QQiFZtJu0fY0CG6p23;OpY0zSW<_8N6`uSmnyehcCpic~1 z5ZnU9?D7P5a(Y(>f3SRLWs-i0cLPuc3I3C5>m}YT!5=N&>z32E2M?LdZevDzhIeo9 zmvpcun#_JNK@Z2E`+`R;UfpEgMf2_t9=G)Vvc1xKD0soJBu-VlM+A}HdF1U3@6q5T zgM8D-$AW(v6q+QS30{e%@IvsK`JHOH@^a8=(E64SuLW-zbfHQ9&EOq_{%+EJKX}hl zAImKK4Da*c-{$v-rSL`YAM+bylzkg~WPWFu&vMkaqWS{9prj!AYI^w$Xb z*`Ozn6%QQ7s#K|(NIgL-ldPzeJa@I!w@79Tnr!K9o2)jd>hGR+XkwRSFN5xsD4yN^W5|x1en1{nL_LRjOwA{e_A*H@U0DyWR5W{N$v{ zvewN{?qh!6SgtHc?q`tW_NL^NSjfAQ2b$mWrdjtS4>ss`M$4a*(=GM2OuA1e4>iB1 zt@J;gJS-OSrDWEicMZ!s$r%>!ycfA))&C&bZqPFqOD_LO9vw^l>*OhwDpedsfunDe zry0cR9ME^kvkbas7eW6^o@dZc7V?MW1qQuh&`-&W4BCtomUurW=NVLESP~Ui8pH)* z_yrZ$7%dkf!5QBFR)!~ix&q;^p`QNj~`j-?+5CjV6A^Lr*3zUoS*Hr(3 zbPD)u#hdHD6Qu&RTOGN^_4>2DDwQN8!k>y-;-u-<@l*vg~XP`$B3 z73f1sMGPfSZ%Q-BUGBcGuU(wM^D+g;#2| z!7GP-&?c<|UMcVXr#D{thC+A-_MBDhf$}_EdDRiMf3`+>u@ax|$kYU2*0*1N|XD7Oo3ia_f%<_EaqHAdGx z*$!VvklT+Qh3k1spE!E5wcCp!4KvzY0vQZ4Amd~hh9J^eq2+bB-h$*4yAQm%(|+9@ zxRSg3Tack$egxUbZ#zh|56JL(CsiAo;Q-Q;*}7x>e%2D*7`qQ^;r7sxvrC;ZoQ%$V z9A_Om8{<5g^{5lbqhyKo>&fhw$P9rR5zwY(mN}@lyOW#L%584K2MXfM*&8W2;qIQxGErhcp)EZs8HGP%pzWI=+Xpvm44ml~4}NeO-fh zc{y~YiHi>#xoI`LG%V8jMe9~@eIwM*8g<>%+e5<~PoVJ#R7q zWQC?E4>m^WLsvd%gzkRiE+Ka((tbwrXOfoIXj6}5ySLHZrWeZ2?NENv6J;1($)Ipn zlKhBd_x7m$m~6gli|$)wS(&tBNvl#g$I0zM?lf}$P3fsGu9M#mB!8t4Uefj9WS>aa zt5MpD$lb96#x?58m3tEd0+t_I;#8uD%<*trX#|_O`unL~FU<=cuL8g&=1IhjuODzEz z7vgTiuGx4C+iK(H*lS)kLwT6oc_hd6K$}Tj6Ckc-ehCmx82BxdBIP@LF@$H4X<#G9 zfrz(ff?M=)*Up%i4lwp|w(srRwK;py3B$b5suNtt^q2LoajCh`hHrg_^6fLZpxt)1 zK}ERF)fZ)cNhgp4i?P?YnbxNwj6yTo*gRSEjC@E{^o#^>iz~z5DI6D&@oud`Xxp7Z zda|mER)CFd;X-gMm^R@6PPtao-M$lMlqAP zfLhBs2e^{%_brqj_Et|;{RqY~r?<;^PxcSh@0zZa!5!ZWuOI4$vLm_gKwtJ`N>U%_ zHJN)BK?!_AEoy5xmWJO2Y-6h;aK6T}@?@#gt3f!?7lgYO#CwL?Mx)(z#``eC?Dalu zQa$hSFl#uVT;+mtlMUssl~6`j@dm%O98tEcfbt1wIjdS3k{{k1_U}F#_apUtB@efd1~uPEy@X@8sf!BU|&@p6utOUNCb0 zF&b_D(^9Ov(B6k7^`8j2!x7$xJsO0iF@sX*))hlmeJYPHE6LxWBt2Q%79kLOQ5&@U zlGebdU_8fov8;AB3xUuEw?TOtEPYr{6|@mcHEeJkxWByY z&d=7k16qiF~O7Jd{K!tqjA2EAI^F+ zx-0?9%^*2x#k#H%)Ay`{>kCFGq|sH-3vBTVCEW{k+=Zs{X6LO*jtZ48>>?j z+rWbwC|{B6Kvyb|>`U@zy55xB-D+Vu+@-eh1IbEzF?XA{o&ag_J_E86$;47@Kba(P z*7jr$%Q(nC78%e=4-JdJ@zDP~*vFm3{1(MyPKC{M=zYU7?!uUc>HHLII;Z0Z|Jzv{ z8SDeD!Ij+l=u7L5=|Nus87pbb89}l)NFP>xz!y-$ll^Z)PW@;;>UR!j>ffOp%GLnK zw`06x_xiYET=ya52pE^jT1bNLW4Myl@q3Ub{Cp4z`iW~4vR3fv%PQ)bG0qX+@2_{t+%Wt9EJb$*kTBYJZ3v+WiD7!OSzTMn@LRK^8#;r# zXIGRCz2BZt*2iz3_L=~zcarNe(Vb6{$DsR%Xp}CqFtit4`^(Tg+1GyWnC|Fq!%g?) zZWB!RB+6q;AI$pzlA^c%{5ICz4qq&#>9BhAWd1F}&GeLv35OW-W}!Tq5v2Xe)4nv+i?Y1#Ak)lX zKG=`4ViDH6TfZC#zd6aAzUbaW@-Rpa;mn25YVFEST z+zhoj5=Qk(?BiKGCRAcWVU~w=?BG2VS`5Teq301Zzn(?wAg7&2tpi^LFb)S~OgN3L zw;Rc|r_kM)+?z?RpeyyseVE)=NnRouPuHVJ{!CZCCpn+4WRp99q>Zk$A@`G$7>f(I zVgJ(UJdE={2V(EG!EV}<-B^19QvOctd6538*C3rgUBc4)eB^4_ug!q5r8Qqx^NR_s zdF>i=TwC*?nzzAStJ-~#Yim3Pxw^vlAjj1B8Dw|Y#}Llsb-P=@n|$MM8}M{*{xxuS z?_(n`2vx}_Mdh!*9c_bQhL)K-VN`~PO+4>pxxFJ`dy zunU7{YX2AeKr_axFglgRd){f}M9v0O#MysVC6v1>qx8_nl}pc5@|y%wq_&?Ews~$# z1-~A8W;x3_|7Pi-F9Msp&dbW#V9HCkT#|YJ&s>Pu(O3D9w}LN>9iE7Vy&m)tnBU=@ zio>`cyy1j9$`ciFHU4HvVtQ`X#s1qg?{)e;^bg9V=ODQ2!Pyr)wG8{yvOId|r~b`m z8LS&YTMKPOn4&b=JO2yvIK1KwkcTTJQJH)I@+ZJM9Lf6! z{Wx)0M(tdbU(QF_F&pLhydS}`ThHGh%wes60{NIuPL{&z0_LpNsI9$d9Js~42KP9x z+wD+rmu?v+OG%_0_C!wG;R|gZ`oj)w*}K)BPprnCDt|!xf492hq-yZ*g%u~2oix_= z#aS{Cb^&EGe*d8Mw30{peKyLDAU)aVw$Vwxh4I68QH~y>ts|-^}BGw-NDTzFvn`K854VatMdr z)@z&ceFSSngcCEPY}SLP>Q7^srCWNr!8s3&NH`B-Udp$D@_x(e^#9ebD2HC~Onl4? zoS{UFWo1%67v(LnWd7X}b}@dH$K#0sj+}M3VqcD)hdT>ATflRJ$}rl)kvG)P0D^I@>htGE#4rb-x#hkgv)cb(5c?E1%_fg4W|J>lkPo$;@G zoX9(_pfGowIXiz2mT&fStmXP}wuYsImZFZzj|ts(+=8@KTYvB0Qdqj>DO?fd_PVV8 zJ@%iZjfmHiwT62Qux?!R8>FOU6R!5hLAiOdf@PTgBXHKoS=R-)j_pHZcqQ7miXE#v z&0=Mv4dzb7Ub^KkaErPVDVgnzC&14tVk}E5;p}#yvaZ7^O4SG|y(cYk9AlHKu``N3 z`E{Db4C?|{upIu|4Ex;i8q~->n)lzFF-2)t2EXOol1NWQCmfMtq%RSBb%@>Tjo5Lf z&V(H|)`c5{bIBiP>g(B9<6@@97_r{V_wn-OfWFF?L%tKPx~teQ%_Ws^NB?DI(SDvl zdu~!y%&q?(nh4=_&0>1)LkJU`@!ZVahGqL^E5bCC^&L;M1VrBZIyaci+0BYAL5jNg zxN=!7l=ZA7wl<*sp;GyjU}_@VP4;9{;G6+Ys|NG~_bfQU@MO>X3!JwVoR6;b-{QTgy0^qxwj`9 zvit%_Y;SNH7LbV7rTe>b*Wc<>c70UgqKU8Fqsm>M--ok0IVljr@)>rJ-8GUl3y;ETc1||d^%7@X(c$Xx%~;ATAHntVmPUmfC=;~z zWRCxef%oWfq=om{3g^T1S?dZW56ws|+y(b-t4Cuwi`{fZIv++$xQlmS?gY-lR;>d2 zuvP0Jk7BRgkap83hh_X8g{8eJVl!E8kv3TJJ13*uOXYuHvJa~SCwQ+@j_pdMe04;h zitt|O`>PqWo9KATqf*v>J9 zrI125^-GZJ*_YsVa4gEQdMv;5^?+CJapzk$=I7dReKM0|>6SCF&wB2JTB8E)t;*&I z^d;tqH|-O^=C%Fn7_s(Cw|oO>5alE4^na@N(kx4eH6=am0uiRCsIX7;jHTDs+R_`a|bFxXL= z@oPI_dOY+okcP5aL%;VS4Vd@;%@^$K;({TBbFjaIJtOSzIQ!rPUMcHeQQ*e@g`uUu zD0CzaV?O{APVC`y5#C@2DN6YNpD!FG;-^$&nS6S=T+9WxXeX^_VL6m;!B$#UJBuMz zcb(Uivlsn(8(hJDjb*ZE;^4aQI1XnDH|WV0O@T-c|QGCh$#mozd6>5inyK{j|#_OYZd57@K{?3tu* z4%py(6MvLhLMRm(e@m20oF}{?#2h6Z%Cc!TR$0>dEE_!WS6dL2wT)F`jZJb0uFU*Q z`lW7FHp(PhaCH`IQjOr6EKiVi#7LXw#+FK2w6Sim8(S;Mb@&1&H?~#M$f0PtN7B@H zkq${(Hw)>6q}{V@%#D2_2+~ny{x0)mogW2a(lniuntbZ~1`ppKH-4Xg=w zU3(DaSiinx1A2$ZZvFNWytTdUHY`T?V+XgoIJaflL?u8~wRUWqBrJ*c?0_UJv-Yf5 z`a2bq;n1G>)yH%eu;F8d1$SUuiSn7g|GYy-_E1obFIL_0>cn0Um9WuXBZE89rv#zK zSm=b1;I8bw1{jJM6}z)Bf~*>y>NSd=4DblobW!>2dq7tgjp6o+u>3(pi-jf}X zbRsSxxF;(%{iOlb^~U&wzqi>nA}q66!EdwMlDvWXu%|>=W($M+vCa*JKP;vGY@8%4 zr2#CC2=lNkcmT^1WPLdLcg>&WNh%6Sgm=SNnU;Qz{_I1d5-aKku_J=mci?XjD>f}T z=}trlNqTn=-`D>1UHiIEO<>Ptn6B==QxjR|78E9Tb?-NI8p|_j_|z2k zK+>yG-KVBAOG{z-YSh%J8O+V3xT%?}8&LuKF5F$qW@AiBpE`q07nU?mExTs;w1H+wPor8w$#)en3~U?3Sw9;i&*4&r0GT+tgG3i7(uokI+#T(dSqK))4a|9Ox?gblcmVRM%Ifc$2z;e zW5`D4FKJc(szC2b+6%f(Y?P$4pxeYI3!w1N3V+)9KtjY&LA=}v!NmV`=1+-QYt{HZ)t&%Ku$BsMLUO^Q5PF74* zXnk~WLdZ^bP3TyYe}#s8z^uMl7&&ar!uXKgEZd~ykiG0aQ5O3-0?rQEQ%TyD%#eL7 zp$+-7&f8a0`;etc>N(H`lp_dYx3Lddo=LSG_Olfxu@(o|W|QWI9Af)SS`=~wo|MNJ z>=4T8kmKx`NjpPMvZ%HcJLnFE6tn3j9Sb?bW|(v?X=dV}>QI>V*Qn%2XY?h>tmc9j) zFUeTkDD)OvCaM177C_>6M!&nDZRl;2rfzOj=dMXt7PvUyGimFtE}{3?dJ3hG^$Y6@ zw1Y_W>2KIMq5{^}J1F!UcArS}xQFaFqI_CQJ!IBS7%a~AuIwReM3e7KE}4bQ6TmigUnoHdzwR56@Wy5%$fs zq0iY)p`$tHS5_nmN3h@6$3&u(eq(2ZKX$NaXXtP2fuu1WABFzO+IPjY6tc6q{|fzw z1xhLcf=~09bS+fjONk0tQSO~kgYPHGXXlH)4Rzr4{4kUptK${U9eGnpINCUJUqMhV zKZQDSf0JH>I`hXS@h}@7)1AQ&OAwwzArNqXGh#%l1Jl3a(|w3_^Zq&mal zoi6@@D9d^|)27wp@M$4Tr}b{8jn(1~L^;;jVU8iSc_m3H!>R(+lJstE*yHiHBu%Uh zdpzDm($6DonmcbT$#@^WBEUNnWm&6@Sm0EL_maA&MK-Mt_m}jd$Oi8szAGtnQ?)uC zd@NBR>vQF;Fc03hC#JIyb|KBeJbB+zI`O)aoLp6k+;4V7u{xwm) zb>{XvVFUPMqC#ui+E0Lfl+=^xH%URYQ1?>OY9eh2=DpB*)Dd+~lD3hqvZQmQt0}2Y zMYOCdX);-QOPWU1T+(krXxT=RF&wG0q_`5Ko{~O2gVbNr^#r5KceO4<98R#TacmlQ`aOqCQ{8$*ebG;B3eqNIAH zOOw>c4Rtdl)uI@3B_&fH3MBnT@vS7n9uD6D;}rt2%#d8++r~|a@>$z=e+nDKGlb5H z=Wc`fEJ@Yi3~4aWla}NAzX%)5KO_>Xk|F#k5w0~@_z-@d2+w;g;Y0cFrmjMGAh*7Y zv5S%6UG6IhM}}d%I}x5CxrPtp10;C^1@RyvF)EJWeMgk#!6SSGUqn>G#*A(iK8oKY zva<=hJA{ws&EH4MEbG<-oR8sciR{*s2VOdl;oXP|t!anf4j;>V6Xjdy93B8Ph^T;# z`rwY&I6i_%tdPd>V3US~kK;*1xDFW}KAt;`q?B2!oS6_lkynxAd1fk5D@h~QM1@b{ z9VMOpECHy8r0`2AK>a19UdjXt6h!-~$$S%0mKAq(!TbXvv8$WP4-kpc4dKTnVd;kQ zvy$*+A(VegB+4_Ce??Siy^%XRJe1#)v^NduTS@O^B0VD#Z7Gy%qcFEv?+e1ixHA#f zdtrDuuWOQva|CZmBvKa1qadzDCk1xW6)=UneTGUh|A{T)-bm z`rflo!~*^|k*Kje9yF0k0?NfdBA+iJDrQ(K1^k$)TjRc%KPsmyTpr*Eg z=Sq5ifzCGY#gcv>R?B%KUnQyHduc$MiE^xSKUos7iSH3Q=6rq?kOv(Gi;-vx_m+g` zOIvwMq8wJIbW6lGK1))w(tL*<@ER?ZAn0~Qe88JZYF2t6VmA+xH$~&d%341|7)D@;_*CxLM{IR6# z2aa10^BN%{WshM6e}rEP1>$zL?rgBjQU1N8Kl=o`e9Wz3Lf0tyxb+yX8!l+Zhe;Jr z@V=7LKa8n(iswnvE`(J)&D%$a7%)f0{1B0yxs{BmSj@kbltEuBB;g79C0-&4PtQN)*N8B_7~=|W9))QU_g+eQCrNlBQOf&D!q`jsyMie8 zQa(lMF!oX&Cv_NmDYr|)*h~2WNf`TezDkfo$6T9sgKw17kZ6ab*(1+K+~E5ptt2`u zh#yYB47!sCp6B5nu5K!qWN`^p2bSC!#Ftx5LtaUP&GH zs$1MS8cQO_ioNOE)LCQumU~JHov_9B9ruy6*nPL{d)`aZ zXs?sDpZFe0d2ajLJm*#8sFYX-Z_Z!vKuOEptdTGHT2ogg@(-RAFD#e4)rkC)UzFtk zUP9%+d0>LjS={SIzT{hp?ChWUEhAsS1H!1wXJg;%5~(VEi0lk|m7$E3y6^IPM;b~B z5u6G1afR;yCnQmr)|AbhJ1KTae#JF4CuNbOA7Hd`QdSb#tuIgO@ZXPHg^q37J1Ejw zX*rETftrq0T$F4gJ4=j=RVpgp(@DoZ2^$_+N%0Y6-5beyWu=3pvym_157|aZs=j%U zUPYNiWVbfj+{&?v5+QY;#@E!UDhX2eC|+k(m2{zl*hfdYDtRVNj;yZqOcwd8cetij zOBo=k<6)iEQUWDSfOSD_Wu&C(ur8>rOp>(YP(rYq5-#cZp~y%#B|*}Inw+~UX_9!Y zm(K3WEJ18ToutS*$~7W8tK%^v(nIk`DJ!KVk#&`pCasHnODPm&b?VD`ePuO~-TGGF zm(KN-EmGGL($YZLEomsErGavYNc0?U<%lHgIo`@SN!VAsl?#%vuXrn0C1GFjR&Gkd zzT&NPOT~1SP+w`N#7n}y(pX86ggu~%k|hayKyzh|B$^SlaXB&)sB>74cs*-vZvxCY3#0x zk-e0vlFncH*zs+}P14m%zc{?D)R#2sU_x+jrJ1CdgOQQFm9~PQ^>Efl@gpi^OY7W- z?4yh~>3(ECCC;Q@BK?(5i3(V+_Z^}JD^Da9zUL4XpuCh64>Uxnn2D*zQ$}0VP^GS< z5O?>eVM-iP0Sj?&5j9-7EXm^DBWjdVFAMz@utRkMqQ)wTMENZB%J`@W3TmK^^kHMB zMom)IlTPf_f|cz=IW+$TEBlDDtlQvZHdy&c(vAU0rzEXPL^?028_{Qy{_dL+6|8(I zsa7^x-jj5!7SdBeP=c9YIXD|rmc?4y^P-}Zn>k2d^Tp$T;4#YcnSvUPT^SXpWX}@R zW4sG|JNB8R(lOhj5|zB!LN|Vgr!q}hBI#?eoUUw_lrXj^Dp@%#sTeF%mGhDsO!$GP zDYqpZ9eX?~LwP||;^2~aJ}OgjpMx=!IJhQW2J(^A3v!#KbddB;-_L=1NV<07c2u^~ zU(($Z4}dTX245wcx4@OnFbVJO%rpt_?#wm`@9xZ1hEgbJ`1jy1*VJtX-F%bq&JTX` z9DgM)crWWU;k~Q{$|MQ}`@@r{yfRC=dzGhzlTNgWJSCn8_i8_ZWvWSkM&&EBO;Vy4 zDg`DvM=w@Zm{cQriL$|@deO_2B9od#FIP^PZ2b}DBj zJqm9dx=Xn(X%5u;9_1TJ9k;nS?^Aw}^h>xa`%qDGu_SWXlL!~*BE=@i+N-ZkJD}7c zDzqjX$ca9nct~1!7O8=xJw(kUEsjMUJm7$(Yi&LrsgtBZUPwJ8y|n|WpQIuEkp>gt z>d?jxC}BbeV^(hTL8aR~3={W;1<{9;Kq7Ijaafrq33r$uDLF)VuCYA&BPCCgH_%aK zm9)hD<}qatk*J4bN}Kr@Lk>N=bxi3ZNgHNk#}t1_@J*$cr0>G7N8ePUi1Jz7@H^4B6x$NC%x7=!`#Jiq;jeJo@+c*E=js|v_9x=5@lJp`*Z$K`A+JFz!>>Zc_FEF9+I&f zJi!5-e{x;M4|*ADo=^9&9?!6`U(u?Aum^mrOeMne!JaYSDhZNmU+o|BM42hc8|Zswg`}<-{bPPqc1v27(m&=W<+LPE z(EXxZlQa`_zba1!LEj9F`CYNC#FQ1XVPoEpd7-o?%3%fm6J!2Vq9mpJhsV5BRuJX0 zd%NRfUMa^Uo!YGpP}J*^njF;zXzD9L^wfZ%)>wrxh>^iik^gl&7)d{S6722dCuJ%Q$t-O>Ehr+F*Vh5lJI=K zw)z8+=y7i9Z$u(?H&t1S@nLx$3~^JPiE^xC#yEz!tAUa}!#m(=oTNqZr()dIi;~*J zCIq{y+Byb5c$y;eEKqw%8=yb9t3gCr*3!k95$@_YL}HF}SAQoGbDX>Cu%1F;IFGrj zH6-CY=An8^!g{2ZvEB(HM|dwZ)b zCAB@b#@$=(KqSh#p*oHz%Zks6HB{m8H27s%(|6yFX{5#pe~_bxF^$!ah_GEhi)o@> zCK7jBnyGa+qQBGXJ3)WOG*<@`!P6=5%vW=DEs>qQKd?$N%CG`$#I`iw3jU z)+Q|&Y>o9bX~y8HvF+506iSY@=<JEmo9H+9!$)QR5FLp?;4&pytMtI$K;vjuhe?C*s04m~L?*dLPX zbc*d|(gFK`*xu@GvJ}0eulkS(+x4*6zN*t!34i*hz(Fv1zE#3 z4yidzogt~BmrWa{&Xd$|8`5G)@z9cosjDPahPwm9)U8B?EH^X*bWf!YPvL^pmfOnG z0&mNxJx%h~gVc$Fpp{RoJzPB@X{~!nrx9w^?dZ?WehHu4VWj$4QuTuo9Y(8lcL?2& zi*LD(QBM#RvU#aVvE$S$CS}AZcEv`kJtbwN9*B)o2TJm~HpMAHeNWPg)Z?*9YMi87 zqt3-9tIvoESf9aHV$)UsT^MEo+p+k5tX&P>jf6G!GIoYqOjN>dmE4P%rF!lu)9G=u z)y_mhH%Ha>qOOqL8TehbxoV)KZwLPFoU6_xDqyFg<0{Nkmr42*Xui6G2;+m@i~5lu z>nk|N%u`QEa-3&ldFlnz627~sJ`lukmzA&f-A5^7xXUU~XGy|c)?)Qvl5m%`MEyz< z?y{Du-$}w<)^hcQB-~}KQ0sk&VdgV6+$nB_>Pv*_%#B#7t|AimWmc)1geA?5Yt)aV zzajNphzi;1_i6&U?Z+^Y>c*{Ax0=)_ZoL{+RHpNd+oY~MP)6P3wyD~oG8!DW zOWk?6jK;<7SM!dPQC!>+_4vm?JReTlX2+dYf0fj=@8Y<#s>?B<>j3nLT3-?yzas8} z+Lx%1Z9BLj?o)LH66D=syldPQb&9myFnt@)BGTcmXII>3>J5{M;;yRNar9>goz6D#y; z)Dx1hcRW*nCpyEh2mGw+#h9Zr3|sjxs;?yMIlri5C1KC`RZSzxXF;2t;(k}>5{Yto zp>7alb%p%BP+H z9gc6Jy&$r);fWaz&9rO(LLIz^GWu+Mb1mqSAYb>(@h!ETl6IHej&H5i_!M>dY{j^5 z;(fITmj$hf{v*D<=6prak_9}WgVsyZ(E&~gowP3{;k?padm@P1bx+OhGxUeE@4=9s zTDD0Z3B5GbK-+b>4tJCKnuK?n`f9#cQJ2H;Zc<+@T@v1D>aXQV!Z#iUXg5vjH+7)a z@|y66?|ux{hMP2XYJe6;lnw7jv`rW)<12=DP5cvrv>Q^lE@(u;`&wWrhEm8J>Wxbn zsg0BLpg~B&C@qQz+gU=w7_FEHS2G0(leFsB(O-!bb2M42Ckb;jS@R_-h8+1POfJi< zjx{}1n@KusOUn~Nwar916iTGFOA>|>sU48?s~6HSNxkNT){fLlhzeQFy_*vvwL6m9 zj@+FPrM-|88?`whMyvFBS^l2aiq$+MJ!tTtR=n1X2=mw9mZ(i6!u*BWQnjT-B7bSx zDM^^JH0`qRM^8DYX)h$OCtc@u*h!7Nr_$B{uQ6mLjS5tb)YT+Eya0v0aHJn)7Y6L@G(VphXeo zv&k24CtlW06N&Nqs&>Vs?-H+Sj|5q7tcSbK+K-Z+4IEOlRC_^G$f^|mlvt`gzk@O4 zv;2!M60d7+cLkjf|0nTtZKb3p`D)S)tymJyzBjZ7L+m)D!?d_2-PD2v zSts}LNV=N%8%V z3MCyS-6}}|S5UW6QoRzS9YkVB^tHC1NVKJ|HMe_Zd1wNbX+(u=@YRk<545F3`ONQX zkEDm%1xZgFR^vW~B38}cYA1;D*}uHrOZraxhX_k)T+&mm(u1=2 zrY8NMwIjlDA|dIS7DZITd_86-J=c;YdG1}F^qZDTRLsBf*p~D{J1XfStlVP5B06DCSKDw+jDDvl7`M%wtJ^YZHmG*+q}bNw2g+l0GiEnZ)&lT_W| zA%-HJPI1s15@lH%ANf7WL2pSU+Mt8pRp`LqOVIh7x>R>ZJ<=p?nv*_{=pow;PZv4s zi-<~?=iYljA4~Fu{JH4oi0tg|I!@Cn=v5wJTA&_|xK6X_?IbNNs57mS9wjMoi}$q3 z`c6p+1$YyDSVHS}Cbt=@TiS`B?aQ332b22HD} ze`V79)7)18g@S0bX{@g$!V;W4 zt+8JBI}8O&e#x|EdOlGOl~OBxwWKcwZJE|e-)qtbKu1kFFs-$IUyv1_tZJ)2mAYMS zr>3>lgPvdvcDBoHTT**{BT)_;(dS>&I_ODHQJ2GxcwC>>Nxvv*L&?KwUG?Wgg)ArN zr)hq=^Y>_3$UX>qF|E7qM`ULWg7oP<^!7iXE}wn6uHN*w^|g|EZRnTOPp|tU=_v30 z^`=CHtWzJq>HT#-lLk)r*SDH9Zu(%o?lbgqCe{4GU!B za7jDXl>&{E^o(e#BrNMOdbA{bifxQOT@t<(HdfD+gl~n7)iE|0Cv@!L<4nRHK0(hV z%SCKn-MiB#>4zj8JNMJ{Df$Bf#kN83 zBMF~5*{lzegwK_1(FYTW__pXlM3~#N$y@Z4GJo(~$u`{|zFdQOz~@SK>U)UnZ27q> z$$NBXjygLVIso3r)q^CpfoE0r>60V{pZh9#pPoS^o`%`4FAzjesvXc*O2X%D4(Qt? z;S)9oba?n4W4GcHHV5?6lJE(e13J6}NV?*)HMN8K9ZA>D>g=HYoXE}|oP{rQ>YWvl zhh}gJa7gb*B%V||qz4mW-tQ+L)@Mjd?BPfCb&{~AkLl-#ME#x6y;PC+sGz6Gr}bV$ z`7plxnp~{AYoxQDxXSriy^Exl(BsbPLy1KFoz;_sjyZBm%2|Cb5vFC0`zQKxBGG!z z>zgEDS}y8`q(5AFT+*xRA}!DAR7km^M@d>g&pqXu{*CQvU&jjt%zafv%Ux3PI;sk zI0#BR5Rmeneub!jc?>)6@Kpa+(omr9_1}p^3I3of@a-nd1D4=3y(&>YOA8&I^0OW& zDJv$f!gIZ<6I$9?y#uYnf7N>si5mM&A54TLI6mb!J(ozt@IqfA31j$E-%2D`hq~sB zVV+jQJwj4m>F-E7e=t6U8)Jyh@GGAkicyWJk}lRwOVN!aB0Eb+J``gywh(2(TL$w| z9E?4ZR@YsX;$$3?{%{6zF-}PO3Fegw#&t=5eRMCPqH#mgR?yjuABf;PAj$huDj8K> zFr7Kp>@i1DDjRN+s%M@AswZjrp0hwr1wl#t3&@|SkgeG3JQ)(C$DqwsC?A+4lDQ-qfNss!yOmR1M5*4zoQCg~p5nK^1vAwvYdK!NbO0kHvzu%W7LxLZtz@(Mn-E%?@V@2ZDRPFmR_mNj5J9Dr?pOPX)Ka-s+hCZ z#;0YvcWprTBzeE*;NoliDk
SJuXGsD!bL^?WFSUcQN$A*>*gIYwjiW@^2H#HYXbi4QdAFv+TN~Ys zAVF+h(4f?A#!(`84$wa+wY$*-|6o(j9leZpM1?Fadu(bi!_TD9)ZRuvlhRZB8iA6& z@-9g2Z$z22Hg$lJYtoife`Bjj`%?!R#geQ6M^XnF7fs#8)OU<4Cf!L5Fs>8jvnSqu zsY8wDQn%Rs+tfg#Z&gfnAzSSJXX<;#N=eV^IHip+o=I9iuV&gPBM`m@DO$+i4aOQ{ ziSW(f2X5mG|7xgv=zvfCk2k&{%3+;XWz-vQ{7fY7-;Ot4Nou^pi;p*)tE0ahYtNFt zPUDTLl0Ha4a+8#K2C1H;_M~enY09AbY2yuFNm)dl1ws8a1Knhk+N4c3RubXe_&#Z2 zM$;M?yLd(--0+u#_unIoBqDfjEqzd0gyCOPSmJX*kw#N^eO!$5L(?LSP9}{>i!vq< zWm%`Mk57v=LW%HBb_P%qktm5+BSYw@%wmmsk^yn9h7Q`@+X*DMmdHL6IBIrllG;Bu$L? zHZ;TN>nU{gHeFA%8%HHoANL?F(`fk?>Iz`p^L<*D(a>91W<-n%n_--5C@AdO?`boQ z7ev@|;NRE`)=2of#d!K`W2B_nnsfRbBT~}mjy!#?kteBHMc4FP<2ezAQa^p3k=7VP z$+1@5@vl@efg!b>zml z^g_dEg7IOEr2|zV5;az6)D}9bu|lJvq`>q!VA+-k)0v;X#OO*SVqaqPCd#tT+OQ6E zg9JeycBC&gATs!sxL{2$HzH*y(=HrNUv4A{V%x55iCAvTA`)joD~-R2@QK~y=_`$1 zO{pGepSsF;mk3L+Bz=_;V$#L*HAaR>pQo=k7MOH9eS@)95ai*<^v%XrB9Vv9#var1 zSI`|diDzsv9uZ|(YwxR`vEBHQ2utuSpudSk32ryEW>mUVg4>Nsk^@?mt$uHvrBTJCA<(6R?dyKh~Iz){FS|$nWXpgauNW`$m z*d}xk!xXSQWKwL#UgIuNmbK@$*%|wd$3&RFML@q2iTv$1UJ4!MZ@=N#T;w(|eGORF zAj14@&L}eK5{cN0jD}J-0!FYRqot&#gZerZ8SN$YBJvYNbz5YNHtAyeK_iI>N4Fyx z9~tL}#OQX!_+Ao@ZbuEH1*Qz2fjpIQ)UZkN20CWcB@*rIgt3T7jDshP=aO)oKUvmx z^*Nti%qUOyGESA#{giRqsM-?a!xrgeKVx(fWW^KK^F~ieAD^!YG(b{ONM(NB7%Hg{ z-gQ22ye}!TPc{2_W1^&;eYQHDH@*NiBgc8~&0m zz-)2Fm_j7V^NO)W=&Tt#+uE-fyCsFM>kM?BD98HvNDrU~g5Y~{eSuo}iuh{6H%zY@ z{zP`RBlj1FYsOAVkEZ|PP-@uPprxIyiT%alx)Ds2Ltmx)+}KZ)k6#6`-!N=#(Gtgy zQT8tlUz5V@w~Qc@rrGZpvrL*{|Jo=a5-YO%##JIbXINmrZ~Q?d)?g0}y&a{+iurqJ zR3^eT<{BVhq8#haK0EB+8PfzY&(b2GStcE|KQSIis#AK-{?vGG(iQs;MqCGsA)j4~ zxnqB3EG5ceShvrOyF^*+#gQlW=SFZxw9H|T0`@fg)zCT#`VMwkzZva_@|o?EpY6XH zeWh-XV`rxq#!X2dI@Z+wFl?QLziE|vIQ?O4l$26wsQ#yMLsIu4Up4&Gi0UFNdky)+ z{+F>)(luxke;K}Ag{~TG-TyMqNh%1jH2TXJ*-hvQLtfhdHu5B`9p>KXZzI@G=r#;% z+54rjQc}Z%of^F~;<^i6lY_OK|1q{oT0DJNqkoLPJ%n!Qbe{RjNRhO>QCy=}hJR0? zTh+*t$t)R?zNs>^5wle7C3KIgwDaMXzLHWyRyN|6o02j@Trw4l?QLOsqsrb!ie;mu zuc}naR4q3oZE!4Uq*}sy3(L)pu9=!;t)#F@Up3M!zI}u)vQo`V-7-be#f$Dh8Io2M zc>%4IH18UGRoC)D()9x~8WRj&K9j- znZFL1E|#H^;2qQk6)j1ou6w4W*Z#v+Or@r!w1H-~$-Yr^VRX(UL|~z-Aq}nAy>iOO(&P z-gG^)v*jjH7F%=Vyxzq!H~{_GnG?Ln*Tr&(sDSM{ayzq&#eWFuvRGg-{Kto7IFX&r zFG89v31^b7mcwPbMo4#rKWpqoo7UB$3>BfwoA)TQtEIC^*L6Qj5D`3qdF02;?w040 zb`<@X`L?C*yCP*@UHmb#pJk<_1MmEmInZ+LJrU-b*z5W`mP5ml^4XxH^Q#TE+?3P} zD8Rx;2;KU5de#t2RU$jL0(|0xrvn(aTkv%Ib+;UV9%sIa}L|U}b!qT&}DP?a#7X22Vi}t;cSeKqO{0 zy9K|*UbZ&`3PZ|*@3eiCm1zkI7oqG)`6w&PvWG}KN0x0lEp*fhvMra1zUF<3=BwG3 zn?(2w`N^yqmWB}+3evf(97~)@pJvUnJT~ci)@;kj$TG`YS#vCxO?r?u*U~GhO!p)! z*K)|DpR?v!nnsuD{>YkdS!)u@USO#jQ>L?I=UHZ%R3SUx^0!H@*$XXEvBL6~gLSeC zEbzGxO7$-Xy|WitmYUQud$GkiUg&CH?T}q)ahK!`wA9jw2);meu6y=!OAkpu1Ff_K z38LN0YD?1u3`OiBS6jN7)IWQ*WsD$e$Nd4>Yb;YF1?+zhC`wW?yzQ~pk|b$9te4hW zvWeh{&z+;Q*IAxPD%?3Gd%fkoM2rvHZdCRL%M_v<`qs`SOQfWtkfiKQmP8^^o0}}) z34U-#EHEv5vtqtX<>A#oJ z3cJT5Z`POoiHx$vJ56hlE?uLjw`JB@|3{T5GV7ebLZkJ&>SdkxN2eo&Y_Wb)Ryk*u!|BOo1KI>op0*wZe7hxZ&M6p?3`)iHj$cttFtdVE>%~^iC z(F~QIXL{eP5c_70qNWeZ3bRLQlyX7v{X->+&5E+^e<+`^ zlwN&1QlsCd-JI3X?p%rbX2sYeG^$1E#o8GfHJOr})xv&OqmTBF%(}+jtx=u3YKUv? z_cglXm3y;V+rL+$saf%MlbI^@?_+*!*v`IAqw0iiv^#6`R!mFL$xf+6;i9vh%81tG z8~>5j#lENz_p_UAa~AugmR^)~v%RDeI~ko4FU8()Z8tkK1D2=6v5bPO?sjuV zD@2QBTe5oC{WPjgsHZ)Rk-F~aWtTBR&k7g4?5~tgEFYK_*4rkB^tZQ4Cwi8@kBh7^ z?{CivpiK?;W!+Y(yPtFeD$x$o4XQ+i_kEgmdnGEZcP8r&yKJ^wK4B)?CmGRO8tD!G z!|Y!xb(R=zN6vxe31jO!h8SVTXDjsCkedm$)2Ls=`$UTUtU_}3n-7Y+?U%GJ^tB6F zBkdg;?R_~%jI#G@^n2_QG1~rAqrtDO5%=2XGz#C6BgWakYSf#42sqxRR~vC&y4K4V z_uCUSLeB2D56lbX?0);WM$k>P?fC)SM7y>|&`q*01nDN(^lGEZ(oVLIYlPBHwtooH zO|cIw4EUU4AJ+&z)9mew0=hK2R3qpfu%BBT&^=(ksu6Tk?Uj!NbW`o;G=lCyd)ktK z?m>H=M$k>OM=TBKrrGooBq{@Dr`zo5_5wzGZMn= z-OE~s_g~MjODc7im}wtjbi!yeoW6}>w_2uBr@R=m>}HPw(c2mv=n^%G4+BbJbVBx_ z9x}_mS0Ur#E6`2Ux?wvb$jb~yv=jAsc~*v|eW3kVbdk2K2E;ix{2IXvP%izS3wIqwh7!=>^@-8f|9un?|26h0a`wT3TTr$OQ_~ z=8(f(W`JQeYxeMTcZ74f3|EhE)iH`*5&sb06y7OMiiZlfKp5yp_0?43^p zbT8QlG=grE-E4J0x5;j&5p`0BE zE3}_`CZH>{U)2b@t@efI0=liXxj`Z5Ua>D|gtO`u+k8Ht+h!lo2)b?d@gUu+cH!oL z&sXhYjo`D$E_gYhE3#i>gxdX4zGnZxXfItwj+*qkJ#h;x_X@l{VTYZk5#F=#hW))p z_#MhlyMhtCJR82#u2ZPuLATqks}X$ew%ck1pL^^?jo@>y{TL&7Y396RKcjW>-^;vjCu#&Q@7rTFf|rB#G>zcp1A9Ls zc-fX+W`C@8$jf2-OO4>=u>F%p@bZyep%J_sv8&Qdpz`weq>t_E6|(VL_0R228sS&% zpWEFu+Csl-|J=S+Bm9p2b9=Bx$A`X={keUYM)*bJ=XR<_c$)rmdznI%>sae^`}s=r zLyhD1UWMp4jIq`i_P31mezI+ELq646b<%EEq!4=6NxK^()Px~U*|#!MAY5T<>%hUE&Z7DqmvrpUaSL#k?pRq48QopwP$`-F7FMDnL+UhIY z)(F40`pOQ`2*0-a%C4mmerTA0NBlTOTukC9z!f&CzvEwzu zZ=t@iJ86X9LVauZV1$}@bn5r^5Ju{EL_gT0Ds?Ao|I<#d)ZOa4U>{(lYWEjAaeJV4 zf3cG^!nt|TPJSbxyJ(MNr0Tldp2|qIL%IDAMsvhZo^P_t?YSD2o8M&rYA<1=()*X4 z{AR%CzwA_vkY0t|V`o5DVc)J1bidj0y8^o3>_m;A`?q~=cR=@V`&UND+0WU(+o8qK zpN=#FT0ck zbbi@SBj{||Y+pcU%XS(;CuPk3fKJMIji7U67usud({p4$ji3vWUET}mLS#RUpbM2< z4g_?evY$rKRgoPJ26R*5TSIQNE*fHS*FXb(OVFsub|8qHeOGM(AhV zW$9_9!#L4h9%F7JK?C!-AUQIqg_(`C9w0~^$u_mC{BL`~++ka6E5UWVvB zrOmuq@&!ipe)h+^&dZX8j8uzd%cu*mRAW!JY{5v)n{(y$j8spaD?2foBi{2=G@UE^ z=y+(`d9ugP0Wb69?HWOsBNzS}(B;Tgj8qEqcJBo?2Zi;~8a$DwMNzGLw-y!`I7lMykcu zODlroQTYt9URGf=M>I4R&RZ|9s?;5fepbdPM9)?3>h_%M!{~&8Cn=wk4{C&w=sB5L z8SfRcT*T-Mb{UNga*al{Xq~-5?pH{r?|hKZ5k@B@#<~siw6?^R#s>KdBlLnt=WUST z)pcoC(mP`;B=oY3W0WnjU!$vCIhGMU3!a_XeT!VBbd;AW-3w)bLhSPu zd5n?r`HB=Z0zS9N7)J2CKNd~TN) zl_mS!A>(QyJ>_$U9Ki_nxpm$fGEX79O7>dLJujHt5rPi6UFj* zrQ`lmEO%&2^pIltCZjp_^tFajERQK9Qe%qe70cQUkop{vPH3+jsZm(Jee>RtX_e^k zy#4aHMyqZ+J?}jk-B87gTKE0D4`hNy*Agm|BQ)B7TgAK&Wn?2|dFr;XoFnp8jaoG? zp7*f~Zw%d|!vAVa&M{eAqr>}J<$NkzY4pp!w6M=*JB{+_tu@DGQYEtHd?AZ9`lc)` z?6f>riLTE%BO{}cf*K>gl2MGX|9NxHSF(vl<45+-`9`)3viwe7&j{^sSI&2G1fw%l zyEkWiFLRY8o$vK#e=j#PQcoIwFW=B8C2w@j_j13AXQ0Ktmt{)FE%v=Up>;U>zn8yj zgckc=R*6BbkXm)ykY-p=G?I@$M3wsNY#t&>}7;{c|XT?K2$oYiK97=^Bp79 z(zHy+@im7}RWFWHU8B37_?#>oGCITU=Q!6W9oK~8wADJapX1!D5!%mjZex^fFWVAs zI?fP1sz!H3H=bYHDX7%7o?qAbfRU<~`p(CdmYwF;cYdt2>^q-6Cl|-5Q+jkg=14}U z!8_*1I5CX&ihr#eHNUB|Qlqd(CJ_2TBe8$#{8%UH8kMsTi|5R5?lf$vP}Cy}=eKZ{ zXjEnY%K33l=(W%xh3Dp9>qIfauM=LL-`a_1gf@DW&^?S)8?|<(X!Kg%8>E}1EV+$Z zJByT#+o-j(O6$-@t(|8zLL0Sq3K^-{zO}QHk*cNE&O40ehz&*wrSP3bPn!qkU+4TB z6t9irX%(omHjcw+j=0e{GQW*eLm{rgcqfLDs=@1>IE_$)*Eozw5SfUcc0LL=zfJ5ligU3;emBb7o2=Xyq}v>lvIjOK_Y-p}WE za8fiX5TDQQ=qwJh?BuM_x`(|5S)H8cD|MFW>>OaEa^1!0czq!CE>0JX%vE2`PjK=z z^3xsETb$}Qu%)!#yf{D6sjHBIJE&cq<{IG+YB%Qwjc^CGyVFx6+(GT_+^!Msp!RX@ z(Fk`?`#RG!!X4E9&c}>Uc8kyjt;1ct0Zv>ym232u0gl}sNL`r@aAFvpkh|ZwIG-#P z;%m_XP8+Sm`fPyHQR~jEda(CEXMsjo0VX-Q8ljB_Iq4k&wKT|Cs1bC7ov}9tbc3B~ z8bLS2>CrKu8{*uq5p=gZ&29?lZg<*g1l>?4xpP1_)JfF{x;vbeT>`p0oM#wi+dtA9 zHSTmaYJ{)X-RZod(HTZ>C`9$?S#YOwSnKwbR9SGB^QlJPK3Sd6X^mDg`nED&ebR*{ zAoXmqI;QP{6emxkBmFuqxZ63U(a6}23r0FIH!I7Zr*vE}%1LIlLR`D=mIb4oRIMBR zWS<51II}dGw-YE=BV!HF294fh%VLd&Oc+4A2DfkuR3by%>%?Ayu4ObwBzW^lH}5;*c3|v+`<(+C#S)t2e5%ox+a@oV;+*DqNMZVdG^c`5u^3Q) z_JXNS_ddu=G2hRb<_uz_&Xws7y}F)9BAhD^IcXYE8H|UV@V>0$otlT7+6wX6@sQI% z>u`2FL1X}b9QP3U5;~MKtPw{m;)7pZobnh zDWIG0bYg^j`mbK#q$otQ+TsNZom7n|p0UvRT_HPtXD;ddgWyG#Z=utOk=ij^&aK3L@wb^VBQ8zYt866ap6 zL)$KOQZ+()OPyLnI3B0B)M=m)x9w7=sn#LArB1xoA-!eJBN`#SN1ewQsTnBOS;q*e z8zR?vfzcfLs@BE@xlW;uhuU54EF2oB-Q`Z6M$oNrQtt@pRycH`2u~x>C+`E@ni`m-c+*)9v%ho9i>U z{&nGlSg_U&tDaf(9@3qg1JBR)MR>vE2!F`^Tv2uIgL=ec3!oje1z{x*guPd2y`n$) zG%t}i+z{}9up2A5SF2Q14@cN5?pcmld5e+m(0!MOm1P>+sPG{=2WiBlvUo&Yiscnb zqO_0)OWZmMK8u6HYQ#_y6-IkuBmsroqg(AJI%^E^4cDZqpFr3v&cA}%klVwJac*x*#Df_XU!`-jL8?@?tSG~gRT{lM|*3y+Yv)uj(%fFJlaUWmkb`L`! z>=9!N;b(2(u<{T*vjm6R(|qa?i(W#ThR%jJ)rTRuwC$Fzfn?>2uvg*WvIIsIRUd9#m3k(x z2Nb<>J`K)KaQMmlFxK@hMIR_!jd1yXgds7+gi_>3o!#Rfxjd}2A4%l)mnzT(hj((F z&#wdJg#3~~F0svlJ+P2Prl6OY4xFI}XCv60S7 zigjttUpj&XQvC4FK+nXv?B*n4zgi=Cs3)k@FT5YHbk7TDtyHAzO5CuL1k-@$;8a|D zH@B*;f=9D}#2o{hWx>Od6t$v2ZM*hv*buG_dh+Bfj81hox>}^=h7GZo&#W0dqn&7o z{2+X3>#MV%MlRAFd_S~-uvZ+M5wL%n*Ns_x?x=bbQ=ml-4N;BS#Y5{oAi$kKUy05i0!BJMesEzg0GBmJEcwx>m2WS7*H{qoRoGp>*Lt5Wch(g8f|CB3G8~ za*5jtqoa|^<=QJHu6;GSwxY9dJlM|)Q1f+&THFWRnhegf z3aioum-^l!cnFrD?|B8}ZXVRQS}+7TU%*tIL93{Z+_+at9>0tG3HOap8wR|oJV4^c zRr74HB$LOG`?*D8hGUe-eH=A_*`H>y=J0&`9C&!QH$3lskjqZgC&FmX@{87)LfGOf z?u}~J4!&+uVU?~5E2`Ex!ID3dtGQljgZ*4t=fR`#rDG<_6};-Z)Dk5Pw3;D0^7;_e zBNAv;;N|N(x2+)$4jba+E_ev0ANPj@)V-Qh;lMiWQhOCwwby*APxtJYpNVT;b#;k3 z#Sl$+ZG36|gT{8gI{xdDcA-`?grdP$ror=daQMo4zEW~&eo$)Ic*XGXNGqUqB>@i} zF^H})RsFl+I~ze#eFyx^8wx)k4nW^~i&m|c_<EVtE^=Nl$* z4r!Ot6a!v{Pe|PTfk4f;v2ZS2x}OkSOaIld8e?C22W_|dHF$2&>(cVlQ%IC&+Q*=> z|0nHT+hM8pe^6ttJ!(EUOsjpW6DlLyC`(2EEdRl4ygP0~Zq+rWnpLYUgg1meA`o`x z`oBI0t87HvKu@?b?AE-pX|fjfHc_?8b=SASSH1`v;`CP7s2;wOXE#uf_+T1Z99q}2 zs`-Pw&){#2xNaEhljr$NR3&{&+XUou76 z#ca;Qw0x{Tqoa{ln+;h1%x;XUu;?a;wVr$RN$wR--iPr))z7C55liLa$@^%RP<&3$ z`5KiJZD&>P_Rt<0_YK7TpM?+7obDAziJIDH1@~KcrfZ+Sl?qCVdUo4I&2d!+!^6tu zDD{L1$bZfE1K~cjruB+Wsi>dt9*6uN52>=i+hiKI-5vtD8}1c@uo~f2Sk>Ouiy&9w zz<7nR3+cLYg#UVUee4;mPT%3wRVmaJ%>fDjpdPW0uVMmWub>}_U!qkKQ&d#@bGap^ zR{u|0pQuyg@7egpXa6NjTkNcfzE_u?p7V&-VQ7nU)c;ITBLXR&pMsLAQBH+F8wYt^ zT1UYiEqjhi?b@S;)#_Tsb=yM8-=@{OD^b^3<2S*60$mq)#k8f+2Dh5{2P6@PK-CV6 zT0a-hf<(0o&J^_*EOAp&Esp&$LyR2;8a%%Tr=`MyUJ>Xmi1lavN7<`X)SfCKG7SchP{_pUnbjIZ0}=xKik`v*iWWwE?QAgEbQe5 z!oex3bsg4tK3>uJc|~W7s5#-`Qgoy7#}QvlL|o+1!|OnLVxRI%qcKU;&Znu@fx&Wk zHhJ}Ev1d1*-FU21HGmbVJ9eqKXd^?kcnS31oMIHMLXkT9n+l(0iP8qQW*WE}|fE;S|x=P)=NybG-?0}{7?s``Q4D+UZieFl37u03eoTp@2Bkuo0=^Z^g& z(@S|q4v||+Os3rWIJdOVmJ-Nwu+QMI^7&>nfJa<^jnc)mU)c;IcHk`;W_eWf_rwi%aVIS2mCbByQOQ64ZR~EPyqV>gTQvcE}-d zXF$4}pe2Z_?jYm_^(EDgdv~M$Rd2am;(ESZ?)HH|-2Y2URnN!+tvM;Tf7D|y*BU~_ z!akc@x_>^6`U$@kwb3LBbUkV5e#c@^HMXns5m)+N@iwi*4DnNU#KJuXB$c2=(}J8D&xUG1j2J$&ds#0}gLbLW~sJzRQLs{LDa zeg%hr=Q(TGI^`F+MQwY;3A!qA@1Ed3k(ckvnWCf^a+M0|kY*CHS1m$!kSP}J!IH$( zB~muQ^6y^^lt{ILvVq(!UBV0S{1HjqwpRB9=S2r3sznqqZHGKdc+)}UeT9#LXciB}Mf{n4Kzi`5Hdxv=uDN_}N1 z9)9*xdsRBO#Z!1R?#27bfw+HGt8UHcyO5d4&+Ojtf2HKmEabT)12)*tH^sA@O4SW+ zehe`>6*evJgG5o(n<1{JGt|vPa2RL7rTJIqzFLc_eFm%#4S^>>T>59_!nHZ=IgEp) z>ZNzwhBM-R8o@mLyn&mCzdHNeI_W$FWlT;pftD zF7+ahXgeEqvXQQ~+!+LOghxEj<5+9zGalZ#qPq_-VpXZ+xU1;)frGSqF@)M@E}4ih z)~FtCQ+hUl`j08b_Q5EJS=*;QTzQ41dh8#|y+S?76UKXn(RbtgU9}!*se7z1aeIaB zK+dD@hFsMco^Wu_{hPTg>MU5^RFwrQ_^?;A zo80bRm!Y0j7&ZTCnJcF^Pw*P1X$tfK50{43oe0%B>KV3RT9sx@L&S3r3D8S(eh;tc zKrfY}yy}lqq%iH@a!G@)^lw=N{~f5VJfc6>SRm{bYgnS@XwXajH>K67AwVyct9n*B z??7h_`6qg*O+Oy}KrfZ6xPd$b=grMeV8{E3p$7!5~J#bzGTIBJC zi2FkUv~f!U;b6IX@pZX!QkaW~Zf&Vs-`t*Ry5yT{1$zeSOX%A1=jW8Y=sTM@9@Nz#fc@$DT+{3-)@5y8Op^cQ!fM@qi!F2>Z*~KeNRU(y> zo^+;o#b~0Yh$byPjmG1l(!QQ%kT!zkrdUfhmS{s^AKUxc-oC^he%z50`Efm8>JxG$ zQD>{7!FPLchPwSf&`(?m#soJE?WH{vrE|5gbhW{jDlJtH!B5(#QR~g+C`GUzW%++W z|LjhgYA@Aig2Spu1?NOb6b&vTO5xT+i$_o*WuvYI;K3{Q({n!VYX6Vrt_P(}y#ukZ z9{5jkJgwm&|5#%L+yA*7ErtBJo>iWw@QSzl;(+{A<>;+i_W#dPsFk)`xAAoC?5>~H zRRErQSJ!&9a$qg?jlH}(ZSt;#CEnt-uF~Rufmdwj6>mV|##MI{)ZQSjAH5wU zao>T?IJ)oPdj2=9s9o*f@vQuGre5Ubof-3zoCM^q&tS>_pSe;c8qXyPu8rWZTGgxe zdXV-6+~=`XT|G6q0oV0(3Iv1ixZ%&o$bc{S%42!X{YKgYFT#SB1ghF>8^o`p8EZfFM8uU(q6R++5FFOed2-Er z9)_RG_jB;O64XiXvxryPs5#}oSLav8!hGSbsOx87U8b(4!DAzvtIi<_( z|2J&Z(`c^eKhE1MXs;**!YwuUS@>S1PVPxsGZF zq@Je0T?{YZ#cfEJs6O9pjT_6IXM=MU zsOLXg0sdLdyX}HHRK4_9+RdQ1lqMl3%BR}3Q?o$Ht;mDm-hOHOy4P{;U3=BC%K!GO z;B9La#5HDPY*c$<7+0_Sb4Ll>DZmqGu7xWPF0~4)yp5s$N%yd5U&0i3(=!Yf{|d&Z z=kDM!;mXnAKTF&?SEW{azv@Y5%vm0RJ#8=VX}gvxR~X;unOLeZwTiHGn<{N!HR85) za4h7?t6=k2JBse?{{ZcWxM9rEhUl7& z9kT`;{-0>!!S#G)jp4U5!B@VQhw&U*KFyM}5~Hh2Xs?vOKdv&ov|oh%mcV|Ix|+V! z=Zk4LPrE($Y8RN!62|ik@f)4_ErXvM1x| z0*^?hc}+cO;D+(+=;iBYtgZvs$f`~M-a7g3thfJqPPsDY!IBBoI_fuQbT5zRxFaQy z)aIFYE6vX8&N!VrT+(3Li6!be(l+w~*CxUKRamvc-`O#KoYFN!ERW%8U8GiVSTndQ z%)c%#?y>&S3iaDBfM-Nijk^O~*4LMLaJ?k$e=%>2ksI2-(p)UyM~^hUW>f$5TMz&Geq6&6MJ1 zve_*5iI>HDVvG2Ijt}WbFt&(~#WwK;9cSoBFt&-W#p~ibI{ryVg7LceS?mzM((!LP z5{w8MG^W;&KrO3TGZbR41MC>HzVGhcndn>=(vWCR&-oPM;kiY(s4Z< z?dWJvM+Z7OQk+iID>{+C&PFfMnf!Go*)2vB?=41iZzAzT;$4Y%CElIl^q`|B9lglD z7uokB`&*5gbR^Jm6&+pa=xg*d8q<+LM^iew($Uu#V6>nkfsU4Rbfu%Oal3Id9SL-F zqoXSw)Yr)WFgos{V~i0-M+6;P>8MG^W;&LOu|_vK5{$9N&BVJB?`zyk@^N&Grz4e) z33S{?#}qo!=y-sRsnm0(Q5{aBxYMW(r%~K#6n8r5(&?B%$3N(pNk@heW@M0EhT+iB zm5#o~Y?93;*=&-{CfRI~Ws+?c9a7+J8r6teq7H`}5p_gsqVx`6rU^`YGVRZFDAN?C z_cEQtbUM=vqBTSghaV?eSF9yU@1112i)bTpki&*CZFNiPC(~BP(Q#qOwFA89wAH zj>Cye*OFwecY|*deW@;qC7Dc{`{AKAQA;Fncr&*`q`0ZW=iU<>J}Y1mZ|6l4#XE%V_0xA@h>joG!p!#^lMjkX{(q0?M&XJo z_n6cD+nyUwbU@h*qID0=BD!Epwpl`D2^XL>#B_hdsf$RSK65$IS`L|ExXk!_uy^E zMgIOD46({Q^gbl(yywoEb12rC(i{qxO@72OJinGw@AV8F{<_uN^A&xWvc0FY^njH> zH4mD;6Ou)XKBO@ETPe55F>Xi0Q$}BRFgznB*I*B4$lDwA#@gm=Z+K?1_GR*4A{q{; zpj@3Pz12ELIgGUm1!`luzxvi1z6#E{>BW2RL#an%_ly}_HT|{rX{e7Y% zGRlb7-FTE}t-C)Xo41Nj5Pe|!kG>eTk6}p+OX5k=#vjj;c#_=W??|3wt!mUisa?EC zJ<*GL?!%Tzl-AS!B=6y8HxWh8N#a!cu!lbEA(?HG*(TXrnts@y%$CV)If}KTSUbv_ zec)&RDAtZ*Z7OMN*{Q5eWqB&g(^#Iy@-+6D#@aO2rc<78v(vesr}G(qZ1>{aEcW6&ZEZYOcbF{oo_Oy;QA%}nkGaeLbo6+RHAx=yY;hhYS~htW z(UNfsm@Xx)KWdUZ%WZnrGib=O6dp9>MLFHSs^>lm5AXh>Ec2qrmiP;kkI94nwQ`d()_k8kB3ypOw%$Ga@VK_9N^NXmaRrq?;gDBQ&<@eL^J>74Ly8#2*3 z>$#>djcJB+iv6GCvRvS@wD;f}-R(UCOXzDDl!uKD`rcLtXHyMP$Rk4`j|_!elhQkh z-a22weZw@zE&bFn&6}gn5M8?R8=~kTrip%7!9Apcdx-SDz3^8`1>-<_55C>p-h;0+ zxA)*1&!Idvw)Z@-H7TS$=69eO9RXbo85cdoRwlNVbn8NvsuV z;+(}OG$!OAk3v1E253*f^Yp$cAyH%*YsIjAfA9L{IUy&++B+TzL5<}S{c_tIlm~o~ zy16G~{CP@o%X3vi+k1vqyVa83GwUNLjBhr_aq2PV@XR;u>Hb(f?llV~8#;62%`dmz z6>4~%7(bpQJwA9KG|I$z6lLN(!ie{e(2gehPojzb)5k>5=|kFk%yNI~q+clR7pWFm z4ov-x!f%cDQ~{M$k~!8WjME&b(#-3tq?x~u?n2>VGvBmR&8b_u zQTXO(1`tJGDiuE+FpN~re&rxUrqwZXId8d?*4Qd*J#`PgLGr_| zg`0UCH;2MsS3w{9zDgeFCy(v(x%ToY93GZ$!cPH(+fw-HMV-QM=JpK3Opz3Z*=Lb? z!oRg&T38|1aG{A=qmb-lt@HkAlV_Oc{Vj-g$d5(g)Z2QJ9J5S` z_`UzvVH>EI{t#Bj{&Cv{lB2FdnHHP$jcPlTTc_B>`lQs{@OIOxrKYzB=+eD6675_3 znXlArJH0!FqxKH3T4rJ_Dl;(_m73=MRFco!GMQ-ehu^fzC_iu7rDoQaX(Uo)Itu+c_a+A zkk3f++%~M-GbGwD%02ipLAhrro$2KsdrbGhPo*ut(F_PO<3w2vHW#n-*rqD2r!Cmc+0mh9y`hSc1M* ziPaZt<5(NV+Hz0MxJK2mHn_Ul1|DbPiT0=#Z=tO_S~wHqEu4cLS&klMiHwH}k@K2} zQS5CLdmF{xru%=MJT;=ZiMJP*P+7u7Jkb>q7$H|jU_CQFw7ETgvz~A6J3;jQ;nM5#ZaI$2LW z_PmH}ZWwE61=uF?pnvf2?vazYZ#?cFI(%4UCVPWCJ2J&{h{lt(p25QxMXvR%qIqYn z$C$f<=aaYUTNjas(=qTfdsA+W0_#aSmkYT>+pQ(9 zjjd9^eJ0oXe)*?0ApfDpcJ38Ny?FnBF>5o_{6f7tny!{H@{BU(EK03d{ z(iQoa6ergNolZ1;=3=5953a76YQ-MfRCBtY>YRGc+@57M&wA$e{FvzQ?qAd__uo0` zYnJ>_6KjJW)k1l03g!8zjPesvE5$Znsa8bt&~9dRw4(&pUO@NZ$>8 zQ>#|9y)=4bR;p4PJ?f^~@ZW>znGeuQFD`zT)=|?|U+1LQ*S(!wJIaUiH_C@II?9LH zFov$YB5K9?Fv`XGFq_1a$LYYI($_f>dzw@)j2AL4!?%N#hVAzNwLrE z8A9P{t49&7_h7h*^+vep=tFyT^x^F5=tGMX(b%}UCayA?T-DxF|8VQ8;>drjmB_RY zr=DW(KX}JgkQkzlA1k6H3ik?6@||jW>Z&B4jJa@Cg;{5F)w&ht^~v??n%1POmPE_% zvaDo|Wm^B7mRNTbharh2`Ii$$)lKGdRhU1~s9V8nl?pR){`k77KCJmueTSc&8lLJy zUrP0%FQu_Ojpb=Rtn<@Yo5otxDy_evZaUkfvrW1Wy)m6EKO;H(q_brv+0?Q#*(Q^1 zGFh9++6r@Myk%9GwXbbmqr%*E4JfYiD$Iv&tP)j0tr-!ufzHIbayo_S`q#iWPZx6C z=5p$}3``(McQzmV%c&xctopJU~7tbB?!H9VhV<#Vij zj#a>xMKpe{jw<5uvxvsee6hV?*x@%M!iYKDjJQCddIC;RPVf*{TjZ&c-O4M{uAb_ zZ?CCWLhJ2k>KWAY>AKPid4*PqR)eQOM;?BqUMYEtsAX9Fr=6%*=EM1T%!hTRVf~gb z>zCM1M^~+X)W+K5ggyKI@~YLWlBa9dkK;8-9cw;)|EZCcw6SgdI@UM$RS7*sIqYBm zlyA_i`|F>h9M-CS%9q@0Hc2qLUhrY=zTm^GeZhxWxPoh@!uRI5SnC|yoFn`3)lEN2 zdX82gop?OINFFfD=g|s3wn3;LIn3uPtbD%03iV?K4CR$)Bx&bWi)2X!#WF;cA1kgH zKUPFB{{7(#8^rj%5le{9sGds{>!lcf!x~REi1VYKqiFqRQ7o+GqF7QQwjMayAj*&H zg&5MFr7%2~h=V;^G|Zq8sS{C8PLGCl{F{e95>g^!58c`@o^7NYfB)2m)BXNepK7?B z$GxH6g)~p)_uR_5`i+;C_nr$(=_U4)vBUoyYwtdk9??^&O0SwP|I>6&Y^g;a{H6)zda zW=c0)6cMdKyUD*aQ)A}NMi@Ew5;dN=&Kc^x=0U^22=-H>q26lS!%dX#_eM*t`rE@r zBbhg?X5;2WqZ*(0}uO@L%IAJZPIzM5Z-n^!9irsy{kUD2+29KbfkPY|0)_9jy zP`0;mvOl-q^;LFRZX>tW%qHjj zm`(ai^uPk%4=iL4`Rubqteg3L%mwm5cfh$1S8&+0QDdR>w&({%1hZB{54)@`35>s5IW;H$M zS68)Pq`uh{l3(d3Dab=Hmo%9zlWm;K#gt-2(_*fZVy>|=mW;B|Y6h>~Qz@TaW7CLM zG{q{eIJU_D@S@c_27E%a<}AZ#?|F2bzj=GlQ-kXf zZMN-3qRSr|OmtQAG@_@g&m}rzTprOQ)i)De=jT?L^u)2Klef zWqA>;OJAkcY{RK7uFkVD;^o;G53vp@xH?0&8}>d?XV5H}L;VV0KoxF3zH3d4n|KNga%8dn^imoZ-{!?zudiULHwrlNk zMPHJ3%)6eJ#U#NOGB>Y}Xo*x>5&f!O=a!`;kG0C!zSzc@SRxu79^dkyFZR#_M8BRe zvnAHR^IICc!*kFVy=fiE-|f+(;aWK~$}kT4KA|vdo^N@~#;WO^=N{*7-P zZ;6rfOQIX!I?wbXQ*rGn&Q(u7Urtd!k8N;{`(#i5OR+axdyaeNDI5D97dVHfxQzY% z?{AwWd-}s(?tASn^RdP>)7iQGVyz0cDUxGmkGr-=)`;5MxJcHES}OaK|B2W3_rLqp zvTIGrXC-~7gwAMQp+%})N6$TLU%EDuYTgo&^6;~JC_FcVcFyU(zl%^buC-USDv?LFwQLn7r)Lf!+IiK;R=J)tasp9b7_I+32g5(}#c*1w0^hdJ z^~i{2L^tfD8Boq__(ZEXNh4dUc!{-ouBU;uz14JMZnI*NVBCw5!|HwBYBP;^r&|>n z%I0|JHx$O`cTkoj|JLfD+(Pe0nr^heo8B|*N$Bot-BG@>pa#)LUyHRmO59bMPWN|c z9V<7?zJcVpYtxbZ&k-2^ZzKus;7p?4p42)~qKt_W`_+jO`_-p-MoW}Wg|rP%l%-W$ z)=lNFyY`{7Z)u&x`A_EjC&~ua5%Pc??@?g*Hxaq0}ys(e)qAW39*k`i+LblIk`*^m`W&3!xk7xUMw$Eexe6}xO`y_7z zYjB%B9IJq1_2F23I94BymCQDyn1&jq^&{g`E5kR&r*SxydrrC+cQ?|#LpzU-Pxp@K zFvCn|`9d#xR3Z1MLh4ad;|sY*W%90grWaq#%=FfG43SQK>GAkX?-{v~s4r|;t4uF? zNTwHW_uoz)Krw3^rJ0@f#@T-X(_(I~Vu>ByVu{_|Vu{szDVMs8OMQ$>T}-WWecNJc zoll)p+&ag&?5DUzPH~Hz;ubkaDMr*fCv*Fyx4po$f+VrDtAlS;n$D4J``U&&<5nDN z8|k1=##m^tNQZl@#qDKrds%3&DAq=?Jc{K}O3r>_*iRh$iDSz+_7lhUacm#Q_VH}r zk?j-NKAG(k**=-=li5C*?T>noZ2Rr{a$2REHy9@JnZ))6uh{#rwTxNCOQ`;X}(+80`Nb5m$%0JBvg??n{y-a@YR)PjA zr$e46$uo3~P)Ip{zx{U3dA`-aI@3On^S_<*f7H8go6}*tRn#=RL$UJ?&53zjqC759 z9+xPUdrqmds(0%SrOu?R4jsxIo+F%bOYiD%%sKpQDp6c}9&^xdk2x5B${frfWe#SL zNyd?F%R6-Rp%voz`lX`}ZPC%k-rgHeQEhK&eU9?{LaPg$=L?+A3I}Dc za4=I>IQUk&8G<~RAxOmxK`P1YAv6RYB17OIDg=Ed)7QZ2d{a~i`gW!-C1k=)F(L34 z69R9hwIyZVO_{!DsxBvbJoHHG^RjWjO=N>qQYr4>Hfc=Li7x4M)O$~9QKusAQRQ;O z;&&;GvJ`Q@D&l?>7lImy3&C}9TnMg<<3ey<92bK6i3@?BxDZ_RhZ@L3Jln^!eLUGu z4UcF0c(#vc`*^m;{o+-fL7(Y-Ue@hb(AjWaT3pECS39S8YCbp6>c}MI=* znp>OR23^MV)@X!V-VKViQ-W2tvr9sPb#LEpMDg|I1Wqe~{P%%`{G^89s^o;fYNKRI zrQ_-u327l%38aT$k2js#^d9qsxiRWoLMD}WU)zOL-eYZZxxBet-bU8F^_$(C$J%_> z7O=K}wb%jc8e7P9Sjcr)$aQ#*@0*|FJLZP7^S${swo_e2)GDSOt+rvfe(aox>qmMo zlPC7j%VEV_lf@x8_Y?i7+fuIiGES?E(<$;0;z~HNIgLcN2%46)|R0yxB zxQx53ueL1iDt&jAJl3@ut?pJ+tObpqrErfFT!HqUOzTfy@iQAq?wh!y>oHFKTnMfX zs`z1$ibtfALM;{-%65X4ZfZz+V?_8z5dU13*{$RDkwj%bh|(` zu&Y}|$beP*iK4B|P@ca+clH0eTWDxKI;SE-(aKSw_|oY)6SW;f+Q!{uSQ|%LTA`8l z#_ooRuc#U(zDgPuI&8%-qVUi$6k|nHD88K9F%&i(Lt)b~6yrubSuXA#&z6a78PAr9 zY?;WGiEKHPYEtbRtnZ%ULy3m^a{J-yci)wY9(ewtUXNnWnnf*o;I214kKuG&eQS?C zq3Jt^6Ga`K@;mQN?s3ZBW&dZsLcW?i#n*i7_FU`PwT8ZM?R{(Vz@DibYprMh;HyHh+ka=z6i0yBHySP zpY}ZKYdG&)j&-qTxvvK8azGx|Yg8!4F@&4+0==P^!PgEM)-d*V)8SitNqMy1*j}YJ z`cEqNnKW+eV>V{4G;ZHxHb(nnHfFA4HfF9}=EuFy^x9?KFymaWd!6w^{@DwAlE3zv zL}9ac1zp#?X-CqUt&FZmFfT;P7L7pp8bmInE0joiA%w0+q%Uk^e5Bm4vqA4vF)4%Y zB}rTh6mqOWj#VhJ+AQQ)g&eDpV-<3&LW$L8p~P44jyVmiHhsz*7m%)P7me%?GRX+A+R(M&O=8{dCkB%!A{+pdWoF3wVup*xqT~m&AgpG z7qjPL_K7=0xqTba7)!hQeDAUj-@7d2bPL&YA^Rz0&!wEhGWK&!^#S&CiX`v1KgW{X zP}JBtmM`QH=>lnwwXI-n15PeE?C7LgK5q(bFMzlaA z5iMp9?@)?fdir2!zc6utX_-i-@DVYR=rM5*(I3RU{TzC7^}XQ{^t`GhNtBUBG||W) z+QZmH-d2*FQZ&LSZyP8aA+|Ez#q?dG@le6K~5|R zM~Es+>k;*eW}cP2#(unC38DM6`+++x-bB=5z#oi9nn_yZA9bk5k%YBlZJRid;93{Dq^giJ0wC(w~^;r?DHvmHQD6bg+!mT zONQ8@kY)f|oU)PIuk4c)K4*VL+KcwLL@R9H?O{U5Mz`A{p03NoM6#Snk`eM@qNC&z zqGRQHqN%cw=tOylXqr4nbehCDk}j(arPO6pqM7ohq0~bpO1ep+mI@`(eO02Cw#(W? zcgk*LQ!INE4Rv4{?!YqA=}dj8nbVKtt(-1YqD1HVJE*rfKNIcaymBY?7N>}48re|l z&UOlCk(@>w_E5myHc^;*rn4fM(q;K}@=WPEoUVg(-*H|bZK+d_(mmj8qHvj0i`w^y zvz5ZfoY#mRcitp=$|)xLl~Y3WoP#sv2j@KsUvLf)z33bvTH$<3RD^s%)C~EOs2y@H znc6qxJkiLIh+)*GA$5tCh7KTlAan}Rve5it5#nqp`pkKzKQT3`Kw>fN$+R!i{zU10 z|5ZMsac=@k&Jx8JHa;Oqy)e||h_KJ7KTP8AJf;i7P`69MPy@MPXoZzwXoZWctzfOF z3aweSI@R0gs-MwWUtSfd{8kky)(Jh(O%sOxH7AR2`Bgk)R1oyAq{exkY|SHMTPHYpSsqS-zPlotu&8 z?xHb)CGXZite!RDzjiIqs9Gp{!&)fa(OMWiJ|%gC7*-o}0@D(vM~TwA%4#1)*=u9O zGwQ%*DAUnI!^CfOn$lM$tJOV9wb8RKw3C=lXPUt@ho~*q*G(erw^6Y9wm#^2roS;Y z8gN{u4=~MOnnlzWjT)hKnh>Rtq!BE;GVRZF7}L>ACop}0>2#()F)e5MX%ob)))YPy zV%ZN<*&HQZ-5hPYmcmWwr&uk-n`7uz8sbr!eZg-Q_k7TjcnD$e>SFjK;C01V=Fws< z^Q*-Y%`Ys0zKs~N4E#p1hWRbxHRip=+sp@we=)yPw0jhGBSl~4;mwXg-JdI`Q(pEaJ#-4)dZhYnhw5;ILmu9CqtjzHiJH zt>49*+JQLib`xJG-r2W@INJ3P>#6>U?=$9naDs8s7;xC1Bo6!2EZ;ZgN6ih7(tC-c zKEaVc@O9#|eU`?Jh{I1b%dP!Qh$G!LtfzX``UK5yA&&IAvVPwfd@>mIoTBw3i6cF5 zqzArE)ZIT?<0;Ik9*HB}49({dM?7%E14q0p;>gdVET{S;j(F>cqdmZ3557*c-oKtW z?6AAMPqgc;RwS30~;Ly*}7#x0{((?5h@6>oVaqeGQ zzK1yc9oPDktfzX=`qNrZFMd$vC60RX66f-2-cakKwH_S$CdA>ti`L(w_267yt)~kp z!ZaQd=kgNg{=@nMV@5Nla%+8t=2=>vLmcs+B93_Lf;iGy&-#61c53j{3TVIQ)RaKlnN$qO_~VJ()Kw z8AzP#nK;)oajs{U(|AZ6>ypvL;pblBj~Z8(fVU8dB~yqa{w(5%pT%+-|FrxmEnm-= z<`FI5spY$gbN|zN;2VwBrF)1Yy+bUgdM6J5Cy66};9T#-VRx3Xnfs&W^w~GIH;5yD zUgC%c4tq=UCam8#rVVqdKjKIyLGxRPb3L+t-x%O6#vP?yiNjA%mQz0^j(91Wk0g$A zfg_(8%xU~$x#EzoC5(9Mv>Y6AaEuS@HQq%WcDsoqKj5(2qxo^-TZEH)QtQE?Kdrf! zE||Fd#32WUe@kP@ocbSelA(ekGajqxgu(LFm#F78%jA{Kxoa;sF6EyCs@d)BvUgGdKQp-ncoZWY zvq$qo%xN7#9Cjy(pw_1lM?OaqhaEWVMr%HWIgLxKH*+&I21mRs#{0%R zs^w1+M}JD^*Bi^J-ZY=W zoa&1>?B)=M9XQhee}ugUd{brn|9{^nCr#4QmbT26k}L;2VrL8?~)QavKoBT~K7%Ex&gqZ@HK&0_$^M|0fE zaUZh)r16N<-yB8kcbpG0i$SVKqQhg%TKfpY#i1Qan^)7Jy zD#t~V5yw9yq4Fk>`XN$3x}v_?%zhgC4v_lG1l786KAYJ|5&H{B_1qxUBT~Nun4=YO z->JB#h)DGdK&nrq`ouEff6uRceRUzn=dd3DJEC3*Nb9qL^Q$-?;`|nl@8Ecaieue4 zet=ocaUzXh15&>i*f%8`^D~2#&jicx-$Ty=sa`h62QWt~;<^V^+r{xh<{ZuwkH|+( z6@yfdNd1?9YP;B9rHK1xkoKo796!K}g0vphia0-T++3UI3sV1?H~8v!XWz|vB8@+Q z=>^s2qw@G1I6g-a$2aGL%wmxCekU%7 zAV}?sL7Eql+7Z=ygEa06j;~V0eIQ8nOF?R1#y*kS?@+||6z3~APo(^5&c`@^m3^6N z^k)LqdV*9xO%d18pj+mxc7SRJzD7AIA$g zPNaB{*;Kqtz~u>UmULUp;{HUX@Q<hku zvy}5?oF`I#3p2v`3eFQLU#W=i6V8h|)IYWtr1_bYkK+fV`gY~x^9E@@b%1JnRUGFZ zkm@-(@8Z0h^F+#fm5=*LP#q^A^;4kY_?`f%ULm+jUQ}!;t``NlUNP4rQoRQiah=Bb zEg-ccQo9JpD?nO5BDJdo>HdUB_a`xs=1~n&JtEbsQF(intjp^H((!BpDX)WcA3~)2 z5VPVtMRw3Fhp%yf)Nd9@^@vn28>IG5&@Gp*ae-9N4bu2T$`1f(KNzHZe7}NJuaNUo zK*FF=MXNC>bXH$cOumz zs^=8!`#`E!0MfWbsz;=H#9ngQdxabifYcw6wl4@$`(hQxaR$=5uK=l^2Nm}eg;XBr zTTrbRNbSm19@n=Z?RQ(1zo#e+s`Ue@UIj?=H~><;7{{wYnm3WgBhtKyRR03UMSY_m z$uxm#e*~!=`BdM`z5}Fjv)OmC?*^%!N5yd-;=GUZ1)y3-j+3v}5u|p7Ak9Ajs&xd_ zI)Z8)RUGRG(!7Y&u0;8JidJyE6r}oPAdN?)`a~L!NbRyK9eL(R@Q52+pW6Wxh`Xy4oMCy-7^CHr` zh`r=b$7(=&9&$nPND=;tIMttInn3E0Nd1|acFsGPnIP38QavJVPd585kml(IsonsN z`xJ4W_^F`^<-9q)E|-R*C^_%FR(B0uUu1o$uxmfpGfu1OgrZt%uJB#Wpm!iaTn9gd5_BD zcvr;r7W+gRw}9yfTZ*++g({Etu*@Jx`z?|7TOze9RzA*`AkDLk<6GE|uwTKfRB`Ng zoR4w5nt6faGQ;TK#59A{e^s?aGY4?o3)19`4j)K963<30hT{>oGw`#0E99IT3Po=Eu$&J!tL&2iD# z=+C5hq{snM{Y;SN;bPy-z7M4BEnt6&@|RQvm5=*Mj+cUJULakMmV}^Nzk*rG@hJP%Owp9* z#k7Ic-p;-QTqQ?V5$Ss_ljBaNi}OUvyFprKkMa*zc|o z7suU94@mtEVtPTEXMy68B0tBAL7Ml2?3b~>mHi6#qab}AL^>~3bNnJmN$|r-+pIalC*T;CPVzV&;P&jT_=T@rtN;ig*ev18IH2oF`JA zNcjrRM>$WVJdyI%AngzM$6?iW6KQ@Xkm5E)9FHJvZzeN~<4*S7%mNk1@dVQ65af6< z$3q-1<#-u00=5)Os)#gB1vAQwF{_yuK|245Y@@zpnn1O`E8;qd6Nq2f3$K{~#ooR4w7n)5`;;~(l){YsFw+r+dp z9n4Iolj&l*nO>%kS-=c1gCNb9NaGYUL(EcU88gg`fYh#n{YsFYTSeKAF{?pZ_ZrTN z7W}z@)Lyc0V%nLR%q$S!qbHs0yO~~Q0Z99!AEbH#P@RuBA7mD*IKDSQsvlB5zSlWl z#w-VEJHnigaJ&Mf&!q~adB-?j&2gE-pA$&+9PDSZ?_%H0zK{I^_NRb!9}ocPJQL)6 zG3U#e)f_kF8sj-YnolPCZsp@TmE#2*pQ3ymcN{NP#C0b~*BQhsB66H~3akL>b0ZdL zgHBX~v~I*JV!{biOCwLDd?rYF_YI_Y0sF0@`o{xZP9YETTbJ=&Z?*Zxg6_K7_c{%O_sa=60?sq`CPxFIx9+|=n zfYfggr256|moXz8uVB9tr0t5bU(FP)c|T#=nIVw&8zPMpW}irYgc;>Hk>W9CHB+=P z_8$pS-o(^Fx;`V)^;sszvp7zqxRc{Qk zDQ;&!lj&r-nO>%kS-=c1gUn)Ph*`=kV}_X#W(7#&6KP&ij>nkQoEPnQzDzqalj&r- zK-zDJwEk|8jw3Jo1t5(VV856dVwN(?m|wsw!iDtMcEf z3bP+&iVnv7?Mw$q>)>SH%M37soDZ?TRr$CMVn4!+GO-wHJ?+d~kmm1X-^&azL(DL< z3Z(i`_C+V|kLhH3nE_^q8D>VA7eU%S(b?$729j@Q-^uhc1I!RJ%#46)e*s(Juiv5^ zuL0>iK&0bcbTP)!L3MrrDQ*K7X){mdGCd&m7XWGh3xV`KMI=AMtOTi^x2usS()F?* zr0=&Wis*;q@r;+`UVcVqrpAl(-d=|0lQ@e+;`TZ+>sLm-VCW=27EzrcPCNZ$vdhY=@I zeJ9h)^f3btNTacV#{eow=fU`tU}WoO^Xbb<6a z5viRAq;@{`gUk|;#w}$(4AS@!_A5d4{m1bbNd5YH8T|&CrJ(8ur2TX&`(cp!i-9x` z+1qGOB;Ubwf>h7NzL)(V`wxPufA%BH7!&`w8`Yl;Y$@KVaFe?zC1ss zo#_BuidU6( z1gXCgke(+**%$qdxSi=_dYJ)ch#6)^nZnKOnGTRXe<%9^kmeC$Kg^7QRL|it+IvB& z7Xc}5A4op-Uy$Y<0{6-;Ya{H(m@?1E`$1YKSH98S57K>X5LDaEekuDA<>NdA(s*)^ zK_5u_We}uxF{T)7%!f$#0IkzKMSOGUKO9aHl+Ca+DeW`m4A7yYdFt?8Dy3+ zBg`nMuHV>?F~ta@y<|F=E~bweWR@}`%qTMks_kT7jO2bn^?9*xXF8ZpW{4SPMwu~? zt{=orMt?d;{SoPTww>cnrU#_skw|$j$9*8R3$Pyo-7;rgSkb@EKFa9d$@DS<%yN+S z*BWN!Xrn)Qv(e7MbTPf4TRyYS$9@2${iYP8d4xG0WyV0-Kg2CYe|DyW>12ADA&~a# zFf$6e<>_@qir0WN4w2R&YmBijMDhcmTPCazDfV3-R=iu0+DDcD!g?b4_OZtC3lD5GwSP#`syr2oWDT2jtPMDc?DG*&qLTR2YX`sBOH%0-S*x7e7T`GRP$jiPDr2YczhnS_HdM?C%lo?a;>qXLMwDW@Wx%xn=U#f`T z)o?z>wBK&jbAVLO$-bBA1Jyj(53(NtslF^Q@(yMYq<93R?XFaDeKnDehZy@r%Ikir zZ?7U!-Uq7jK($|}Jm#;6^#`e4l=Ct6Wg)f0{t2pnLF(6`xK@$kSseF)G)|CN!tqk} zqadwcOvMjYi8~Bmg7o}`NcWLW7034!`(E|~%o0$Y&zPdf=*P))fiy1N$)kHW0sJdyH_>AXFl z>K~+dkmDtac&-c5yu%=^mt%&}&Iyw5Vn4_%0jWQtng_=#IZmXwKGUe@1gRen`(BW? z#}Cr}5MV#V3^SulF^kum>12AD0cMyPW!8Yyzqp&mKT;G`#Cz}AMt@$A=0&9WgxHUP zv>x6$$T!)zA;1h1@p(As{)g1g3!fNZhL~Yy6r^@B_T@aIzJuvvdO@0xkNtr1aef8y zeZC%WY?R}s+?=d4Bmy3-!{yABdcQE}R zeO^IkgyS)$eF;6cOM99~$Db3Vc@Z&`0cKFeuNReq)SqLyG0!ZJ_9H*Dgc$~DeWHpuZa}xZ{IsLkXzvASfAg^)P(H3> zLAUJwOoZdI#27~hX&evJr-<`8Q?4-jb%Jggc*X_NI(k$b^Haois>;9fOh_@|*-}ug zqsrqvsC=ydebmp`XLXSJaWR96SO<{SA;R$*<>Nl$e&alD2i>ylSqG@vgX;KZhL~Yy zB}m&B1=YH7-1UGFFIB{N%u2AO`0iv4=jDUOI6Bh{y5;$2eIU)#&+&kYH{Dpu@p6tw zm{FDYZN$Stn*T-#s?S>y=W&p>$IlFabRHnm_Jx>XW&~8*#eR$_9_IZUr2ch~`n7}V z{K)h&gCNxlDId?l*pDz{O!S8eQR?U1CJCx_ z2Wi|a<>Pw>RQnM#sNy&dm=R_ar0tN88T~jxI^KxX-o&2`DX*;4Itxt@7xyl&d4!Wf!lm${fr}A$O z`8e-a#ODpt`jmibT|nBth{~g1CjN;))Wi81r0sJtJ&Kqg`(e;6_k?2XJJuNWJs|ZT zWWSUdt>O52SH|%otOyHR3u*>*!$L#q@$SPapdMkhUktei(Giex)@a zwHNEizo%4!G@gU$18E+m>{qfMW8bmfsP6}`|T?x|j;V8$66pw+_FC1eWP>sXB1EhJmm_E*zE8=>Leff;hE(@gV5+~@EZ_fvq8x^T_E)nWQIV>m$DyW%FRYST@m+PAnoT_><2kt!hR|HQP3?{Y>u(-DWiU{ zKPh5dW(miMbYC3dcqPYU?Ca&mx)Q0LL;3iA2UWj{=$HKxW)0K1h2|69>;+S$smu@3 z=Trhx`v^$eA7hH=XgjfAfE4$DY8=HqMSf-gbjz(}LFME7N%>!wm9igUMnT#iUC&cL zxb9*4LHeA6?3Xh27mV@jAdT-(KJIft`aW^7?@>OEbM^zETQ)BbvR?wydqyI?e=296 zNPa{S&#$%`^KvjAc_s-O^X?V&AL$_2oYH zOF&xJFi7hiQ9jO>D*sNAzK!O8?If|K7<$SMQau+)>*!I$e#L%}83AehC`jukUNUHB zx6>+TG#lDC0UXaEwVZV|Y1F4;S z#h_nNUtI#yep${8gQ@bNEm6f@&u6_#^>Mups{InA_o-g?OE_Q7@i51uV5(gHg4|B^ zuNOH$HE)of$9kCoW{6n|QoS(y5s=m^%D#AwpXV~2OfNG4(tDc_h~HgqCDM4MAk9Cl z;-|I}DIVc?RK@GPNThg-@X-n+HO1hPNs|F9z|S_aoor80Q)7N8i(VR?8n%bZy5dSAk}lR?*(Z;41+YE2*>44 zqrMlUxQ~7DCe_Dr2ddALeINTlrhS*u&dKzEv|e8Jeago=fwWFU8YiUuJw@dp%`?pL z2uR~aIUi%c2Bdmox3L`(RO<**e_0^qo$LoWA7a0p^EE1t`{X^we7vCAZjk!(gVaxe zw^Lfc*&jF{b@(W8Mys z>N!E0e~|rhP^~A&V;rwh#CZFR_7bG_c97b;*blH@15!Ws{YL#PP^~Yh>VwqY1Jd`V zm*YN;`#B!qc#z{E_U-Rbzj&VkQolZs`t!3NWIqJbep||ZIp^(RBTmHc7+)lw5*gbZ zAob${>Ag9Td@o4j1weWpN>uB{`4UAukL5g(^5rUyW4`AN|nd`HRp+xCsID9 z^7y`w7~>Ktu7h-(*g5V{K0Z(OUF>_=_bVUw!|aEcr7Di^H)a&1<4nA3(8=^Nvnq^n zogmG#oc*Zs(XP^H=LcziCCm`V#Q|FHl$VI7Kpj-aJ4oY(m|bSXqZkhFRCFi3YC%WaGFYBKg z{X0RLzlVJk0BL*>=k0Fy!q8~mB(?)`KZdj^eQn`PTVfeQ$I(y z+d*pYRQ}@Eh}7Q8@qmi=e4R+`LdyT{^)Tn7%HOzysQUek`n~lH0a8CYNb6w-)i^3& zZ>N*S$u3y{XKEC1MTBKc0`uiisc+oSya zw*sJAFXjLKR*3Uq<$t_4s`%F1B5KsLgJs(0eNOg6U*PYJ#Y_9cU?%=9NmLuOGo4H? zGr$Zn!^|jC)Np&ImlUo(VW|V3FlJm?EGYYEx|0`qv6Cn9saI~!19{_1P zLQMPDhVNv0nE{a6g_z=^;oCvluZfg*G6NhJ-x&D-NaK`)>UdLe>=)ls9^a!N#l7qk zslO7C&TF3UjC=`G|K9NRABY$qr22mL%bA`_oWIQL!wfMiL3KW2-~J=lV}_Vfru_=% znIUHMpZHZee(S$u|A{#EodBq=J8z&{KJ`u|d^PW%jl2g`=M(n5pj&?MP9?{)elhY+ zkhasy3@}5?a*+OBGt7S0uhb6LnV`BZ0_k(e`pt-!DB^q!QorJwK^;`{1J!w&>E*ni z^8xm2*!TQyv9C zHwwCCFl@ih^+B3{i2W#2|BJT^r2f53KgUDtN167&xgImb6hf-?@_;l>7<9`I0b;+1 zU2$K;1FFvzr13(`s3vjzwR_iZGV)Gcs&)1<{UEgqfb_Y9{-K%b(ZBC%^cQ7%;|xE* z3^BvZDAR5+>N!FBT)iOmALh8Qa-JDr+HJI5kG)$Cs_T<@gI-Ye1G?qecl{g>aGdCt z*%g%>7YXFgtFS9pRfIrVmvWG{SJX1LPX}q7ET$8rdLH%z?3c4&$&7-uKK4YTzL)6- zslO6tnBz6<3;g#jsec_*<1(Eb_pt8;X}$dH2iPxRznmEcX}_#wKgxa$`y$!M>mZG1 zXWz;6s5m|!aJg(;Y4D}W0Q^+>U1f;tm2*8&o8m1G>Y(Zmr170hugaf4=vR4M*MjtX zqnug!PdtU%>-73_9!behSh$R)RE-DEl?+>-BhkAl1ua zzl2%N4AeJ1$B-h9FL1OhJQP*jc}O%c@^+?|8T}{Tkn`!h4$J^Elwri}jSTuhnr}%H z+Mer0QIJ088j#|8Q-fYmeg5p1Fw2>hOpo2D?+2;BO7?4*y2Hq4F+EH_GXT=(SHgZd zvyvI*ylBST$1Dfc`BVA0pUI>=?*EwfEIuxneo$>UGxSe9o8ovr3DW&-0Hn{W9BfI? z(KsIFc$6uc8};l=C)3LeFhk5RGs>(1)p?)=_rr8D{h*o`Nb?GDyc|^X;&_dv>pz$Hs%v%iZ+I?gX+2pq<+fTx3{Hs!NXpV zwj;m{Gb=$g4*Q~=QP0kFGCd&eZvpnp*>|=#>ia?JC%}G~S*haKKRfU|L0Y#grW2&= zK0o^b_Dk3gfogwbKg@n5`!!6_k>|~HGCd&8%gcU%8DfT+l_1pvQ2UO#-U(UY2tFgWKum7s;E@$f9sXo?)>0$aoTKB9TM*R|IB}kul zWnVf^UsR-eHS81V{Y1?`qhCFb`)BI;?1OaP^0Qx}eDuSXxiYW z28$YOYjC!~j}3-4oYrt&!}}XP)9|^5?=}3a;nxj+Y?rN zbW_Hy8Fy!_%y=*3#|(R;>_!tBEo<~}qqU8;Hu|PfTH~gTTQ_dsIKT1m#*-RPZG2DT zlE$kVzub6VV|$ZcO(r$*H(A+aeUrDEeB8v^w13kHO*c2a*0jDo%Ra__yZvtaefCxM z=j|u$HTLiAzuV&+sg4XsCr3ZWU5@#VCmhc@wmM#O>~0Nr>|C?2nx$nn%AA?GDsz42zRc>(OPPOUTC(b9jm&x|>-DUvtTS0Z zXKl=WJ^Msn--R_^?Gyi_0ypwXo*Y$w|-YoYOxi zKj*QWjX7I#-pq;Qyq9w#Czf*|=W@=UIf=R1xvg^Dxr1^i<@$3M=dR3sB6oA{bGf^6 z_vXHrdm=ZMdm;C`+`n?;TQ+Dpwxz%2@|KUc+}ARtRi9QvTiw>`fmRz@?QV6r)!A0x zwEDf3);hCw-`4lGUfFte>!(|9Zv9g0H(Q5WA8CE2^=GZWZhfWopRMECq_)Xw)3wd^ zHfP#2ZkyY-r0s^b@3cMBHm+U$c75CV+AVDNal1wx@;cns!Paqn$5%RD>bS7e=be^y ze!KI5&fj+asqq7%e5{|y7uq7sO$c&BfG8Zw!2$$_wn7Ybx-fnyhq0#H}{y^ zqhHTuJ-77ywr7)Gcl2uAdtmRyy&vwqw@*r6Z{L^tp6T1OU#MTW-{F3r^t;;c?|uo+ zq0Uv#4bJV(h%?vK+2wU@cfIMlt^e%)oBHqXf3E*8{WW)zJKde>?&fy8hq~vx%iJ+{ zn&(zez~dQkU_fj@(!g5=o*8&`V1C}nygTw1=55M*C2wEe_jz6NOY$GiUzNWh|5W}* z`Jd(29fu4Xa_f-kL+%^0 zX~^y&Cx?79WcJYT(6d9o89IAdXxOD;KM#|`6Nje_?>2ng@Yjd$8(uNIYIyGvHk?(G za9&9kx~MJ8ICI2_G+_~SgiX}Nd8VF75%ux^hN6K;hh{(P)Bh;OQV(OC>ebSVCMVjTVpToXla;S+s? zU-T1OgcGlOJ>pf7hu2W~c;zz~kHLqELt+^IySl^0`(mUxDQ*&{#VB!3j27p`%_1sp z!6U9Q;#+a6_(4n%zlcfV4>4Kj(kqgs50~);B3=4LhP(rpvPGf=emI^Z?-DKLbX;=G z5$)wd(LpW}UF2fXO)e8XWDx(}+;Y(mKVWpr2l3zOd{_*YkBH&&adESJLfj%(i7|4m zm>}1QNpgdjEH?_T+=O#<2iiR0(i-`LcS#)kbA{L@@?@LUK*{E`|)1|tq{-31NiTb92C#VLt?8uEMAmV z;w5=hydsZ@SLI2uU7i)M$*6c;ej(nF)#6QABX-Ge#9Q(^aZCz%MoRgyjFX?prt)){ zDPuBAej%I7FJ+GWTDFxJWiR=?>?ePa_;siB$RFhZc|{JCSLI;&lN>64k;CP$a-_T_ zN6A0rXn9@UEdP?@Yvj1E{dZV3liX!(pNWU3Jdht!tdsXCEG1-%DBi&VA0X;F{ zFtm6yMW)|E`uPL@$tDEfN959Riu|Cmb5&da7>ev%L;CctQ&8(YA3(pE^ci&RjGBLS z<(!MK?^e1=&D_Wi$)vWg=g_to5hMHfb5{_V7o@B)`q~+P!Y&XXXQ)ws*p42s^M+9mhJEWqvVUCK2k{@8k=^)JH|!50gP_IhX%2s{8v%RB znp>bRtG33fPFz0$5n~M-Z1w${HR3mJQPN53$CyL!M%1&hjR$s2gFR~~jeBAOY0Yxd zo?~f??#v)NUd7XIrO)EeofNrm%WPzQ%N9cy?kI*n{@hAvUL|eawG%X!G0OZ2YZ0k? z8>taLp;k`|lp^xYG8*OK7oUgr%-8|VQ@T2x?9EEU@npZO?Dv%2ESVxxRb+|M-^WoT zemv>D2T4yKAU$^v=|*M$tn_zP-=;=MSNiTEs`Hr2Zc+7ns~#R#HP5K*UKOvkm}(wT z_5~HckVugo%5JCP1C@?cJ+xQ#zfqB?O8qMSsIo_^>{O-u)#&%BY)sj;ls!S!+^!;L z)mZP;rV+D~NTbT`uX@<5=5Vj7IX{E4w{9fOQTC8VWH(VYm#IE~SM`mfW~4fH4!lX9 zT6oVM)SP_a9cam>1JLNHqtM{7lTc%S{`8R#Veec@I(j+jyV=xsmeOg>$?l=F^={f9 zx|g4a-n^akH+7`{==c)0G5XpWv_~~M^bI2Elj#TzPNE)+ef8NVFC#uuMS33o1@`2} zsL!;qwEw(NC0713D`Vdqd4}5lujBW|c;828+}280-WG>`LP}ezo{drVWYj`@LMHV& zU;*jG!=!f>kXrAdbITnMk_Mimh)3=JQt8o|6lwEZUG(tnJeu>^J*4Z@npEtjGm<%- z>NL+MJ)|Nxj`jbJ()iVM^!DK~I#=AYi+V7&XrwxGzB7cj=*{`0Zlz*SHtIJip~%PS zq}S%RLZpX^e-P;a`=4`8Hx;KkPrlg)_EU#Q-%z?|4%r=VCmoeZn)(Xqn8BpR`F71FhD?%NY(sRS6!|r*QBF5SK@QFFFjXic&`2yH!s)yEFY1{>BR`t|A zZ=7kfR#NAeNF9k`426{xHs0h@vMGh+^BDSTN$lB-At?Z z(=eL(rMwcT@rk^;jOO|9G}6tP4q}(_R}0zuKx~d zT)h}qLA@JYL1gA+`bLPF165O^owW&GtuIT7{ zxvHuk>R2}opjI16Z``iZ@JK}T{o^UC_KN@5nuy2UtA;yOGwx(-K{edNTA*|XtKt4N z0oo8x$~4@yCPN$Hj#lCy7EXcP6!*Fs?qKU8;(%(ni>(jMLJJLdvl)mthibU1Z45gH zs^Q+YDeRU|4fnSW*sY-&?q@ThozPCheQgV97u3~of7=S$4fntjcfW05_r!g$hWp(P zP!C#2F#xLJF1HJGDC$bw<#vNTS@eKAcpc;N2HU;(xsD^v_4FzULzMnZE^)PUfvH)z}>or*SilxYs;0;6!{pm4({4DQ5W~^nsCT9 z&}O)Q$LA~8qqiI=K41AX?3Pe`zVcbvt)UuTa%_U#7OLTCK`HF^Pz_HE%3ybd;?tK~ zV0VV%)0fY~?h3`HFSo+(4%P5fVH>n3o(D)gU3eLGZ}}=T4^IXpo-w=zdk~%uXn5AJ z6FLM>2e4PjJnh(HVR+(5%q-~-SiJU7tr z6ru`x7oHnvVw!v(I$a)z&cG7{4bLS`LucVhf+p^kA3|r#kD+tqC(ya_JanG?9D0w8 zLFeN+gC_2k7oZE|SI~v>B6N}b7P?q|4_zWJL6^!Oq08h|Xh8l94a#4k%jGp_vHSyC zBCkVN$iJcY;c0~??w2O$1JVqAP+Fi5NgMQGnE-u6CPG)rWay(Z1^SpwgFY_nLZ6WJ zp-;+&&{Z-6x>`1duEFyU?ElgMU5n=+8lJ9XL)Xg|&4W_P6vvvRcLbNAn)p%D`++M^O=t$?33vhvJBnGhzP;)r3jA8>(w_pz+!~Xo5B$*;-IdBx(zw$=V`BYD01KX-ie_AGR$wh1~+D}|2I%FyR%s3vaKw!ppx zs)_O1^UzzhtYtYHs4%GKTaa?FSq4#LJp!2moh~Epv{;%zY zy%dW5U)u*e0LA{Vy#sqW6#Kjufqfqo`@B{G`vEBSdF=q~hoIQ!wL`EUfnwj*s$f3} z#lEc_g}oYzeOr4U`jmDYx>h?0U8kLfuGh|@&ITy+FpF{U)G3b7+8v2fQ0UFl6f=0B9(08?Op~toF(e?xsd!u#<_9>_)PHR8H zJ_FUnr`lE6=b@VTO#2!7xArSkn65#k=?|!8x(+p&{)Xx%JW>>9lL;DUGD9sU3pB-K z)36sou@{*VVAp|SFES;6i%bJB!^KeSEv7u!OQG0XOoLztpx9eX zLtrn5;%sRe2D=1`^Q376?E9fO*O_jDt}=~=ZZ_QlEi;XUmYc>yx0ohCpEFH_zF?XR zJ!JBs?O~`UelZn5e>D|Ce=`*!ehsRL-%V3s{{h7@uHOYa0g7)`eL6Hpp9#&??}m2M z=Rmvb^Ps);`OrT40%%`-5wxGa1e&KWgXZf&=pelqI#^!;y;;8>dW-%bbd3HmbgaG- zI!=EKI!Av3I#*u>U97KxF45OQm+I@G%k-zALH$|ia(xrDSTBW^=w;9q`WEPY`t#6@ z`c~-M`Znlk{blGG{Z;5${Wa(Z`VMT}hfqy?r0<0NF;o-Z>APTm55;whz6W|q-;2m) zD6UxaebB%3cM$m-iu0a10s>A#~>`W-GE6m5C zZOtd4F7s*VWb;|5*Zd*WXZ{#^m-!RuLi2gFS_H)km_LU;X^ufxnX92|%@?5S%wIv* zn=e8)n7@TSZT=qmjQJ9Dv-wBpbLOkit>&MhFPeXaZZltl?l=DdjhL@P-!=aYJz$n5 zT>H_XD5}h6=n=C8dem%#zGqH=9y2FGkDHUBADL62ADh#lpPK7JKR4HhM$HYOF>?m= z3v*-Wm*%F>ugnhU*XB&~f2RdWaEPv%b0pUqvM zf0?^M|2Fr4>T$iG=D0r4xVU~$OPmX8jdMe7aRZ?B;_{&N;|4(+#0`PAh#LmYjT-?C z#@z&cE^ajRow!>}QiP#clen?4--Y6PIc_}kP}~IQk+_M_FXARc6D>Yyx}^Zx%~A;M zZYhGgEK{Iv%Uw{9Wjgv90L8IjnF$?axf?pzG6#B_Wgc{*Wj=J0WdU@uWf9bCSpxN0 zmO*c~1fd0%VyNG;0$OOfA9{!7L1>ZXVd$NfmCz}c$DmU!PeAXotb$IntbtCqtcA|7 ztcT9DJPp0u@+@?LWfOFvr4+izQU+aY*#cc+c^-3K3f08xmaWhomTk~CEH6WMT3&^| zX?YF0%d!Ky+p-gS$g&H1*s=#&W!Z}!jzF>JSoXnw4~p}@^&P0RMxe>o3dCzeaimxe zKpoaY&}P;u#519|FS8znoejm6w)K5z7wd6oFY8I@VC!k<5bIg!Q0s@#Vb+gPe>fCp z66+_h=R$GCXgv>o%=$TWoizsCXsw2pTQ5Lgw0;HMX}t)2)A}uRxAlAIaqA`M8S9VG zPpns=G3(FJ%hq3^KUuFqf3^Mr{lj`4nq>PMnrg$VG10+hg7&eQq5W(Y=y012I>MF! z9cfF1jx1bN1=RqGa&xby0UI2aEya@WFc?op2c^UL6a}c`DTnyb{UIBf^ zd_V60elU;5-R3uOqj6{0GJ&*p!Yced!bsS=#G}x?;%(?Y@hS9>7@k;)`@_efN5uIdzeAG#4c{Mx53VrlVA^$Uf6@=?XU;Ssi-+zZbqx&vOMK!=nII9ly4z2Qofz?Ec9JOM#(P_ z86|5{%Aj8(GEO#09SyaoZh>Z{PR4TtXKDv%|I|)+n&5#wQ4WMXN#?_zBnQJTlDERf zKaHvENvU06dsDkXZ%^$3^{4iN-jUh|dS_}s=+smfbXuw#IwN%ebXIDfxKqwe9SglD zbv$%o>ICTG)QQlgn8}?okm`dj#|)>)5{x)S-iHyV$_HRil@GzbOFjboF8L_zY4UN{ z)8vz|r_0r_r^}~c&yee2&yX8n&yfdV&yj~=&y`1D&z0}No+ppNo+nShzE^&YS=}qY z!L06;-=(gE{(xECD=%YK_sT1HXnL>w3A0)te?hAS@;9_vEVZ-_P(7^^o^iy%ULviq zm&$n9OJyzC%VZMlWwJKxplp;j7TP3jJk*}H2HGrbA~Y*)GPHTxT4+w%Xgm{Xjhf44 zThv@G+oR@k*%39D%g(5|Ty{mx<+3|!mPjZ1FOmJx{|f1Wy+RIz-2%@F2MM28EMCN) z*}sJ+c}MXZnNLJD&Oq0MS=PgojV>||zvdW^rvp>vTv;riluyfYxlO(y-}Uz>h2_0?b0ztpem_03Jp zcbU(dubFGbrN;G*8yGh=Zgbq8IFqH3rKM%2Wxi#lWrO8?%MX@hYZq&tb&_?ab+L7` zb%*t`HPhy{jkFcmj@!D&uZ({xepCGW@n_?QCU_GTBm@)ewZ_(3QR~TCn`(Vu>vFBy ziS-j5iG30$B`!~VF7d-eOH%8k1xarweUgN8ZSpJ0e+Y!=sav;R<9b^CTkB7$ zzpVbc`ft=fUH|9$ztx}7prpb34L)hGvY|VDX!_aoZW*I87G_#oqtjCPHBHyYij zu+jWR=NtXqXl&zSjel({n&dZG(B!oyCz@Pp(xK_-rn8zZXnL;co%Ruqo13j{_EfW@ z&1{*D%vPBLGH=aXkoj-YddSvy_@@GxYdNONr_MO>xXD`ey&VD3& zP4T9Fr^SjEi8(!UrsVwHa%rnEZ31m7+njG>Z9A&1ukC@h z+3ni4^Rye=?%8(FwcFQjaQj8=%iHg4pVVPvhvz!%?{KukmmS)7?9s7*#}yqP?YOpM zyH3434eB(b^B0{Pc5!sc>C&!C-!4_JG(yHwY=-Lu4&yI z-P(0K-|fq8m%7DuZ{59XcW3wV?yqzo*5lnCANQ!&Gq>lUo@07`)a%P$KlQ5HyJK%# zpNu|j`Yh^mN54S7WBtDA*UH(^*~9subCl}|SDEW?m$iRN|4#jT_aD$d*L}?WjpuKV zb-F7w!7oRd)i^>``QWUF)a!`u6+$X zq5TFusaZX7c*fBHdRo&1c;|%Y`}9AFQZ(Y?1iaf&z9F}a$Qwjf+<(Q|hsf1cO=>5^ zEhA=bCH{B42k>@;>QV3i)a!YQVunW+egickX$g^H|BQXhh>{G7QQQB-2E0nK{~qJ& zV2Yi=JCCy{AK(n~A<9Q6AETT@`2=r1K1Df?@)^qKC{euIh~X{B7bw;EZC?$_1^l+} zOT5+i3U4#M7JbDb7%J1SfJnO#=Px@~Y*HQjL`5SLUg!JOi-=^bQXSy)SyYU;pxj4Hm6mj_d zo(08Es3l)5POQ0k*JkPqNm zJLw+53? zCgZ(<7sV$}<9Cjy@f-Bh`2G25ymL5>Hx8%qjeiE;a?#=LzNV?7HL@wXG~-^KoPMIFya zjQaDKFI(=T)2etCr2XSn%b9rcUt|9@_;k*F&C)WN;yXCLgX238r@!UcVOfzv`JJ5K z$@!g}--$d8wA1nu{YeL&uNdR);(EKd-Y%}U3-!#ZUV0s>zlZDZ;re^H{vNKshwJaL zq}QSEggut!b*bH6Znu})?d5iRx!qoFx0l=PMLUaX=dVZYkMcUb&unZp)~_jZ5c4ea zL*~cKPnhFvM!T``20v$75)9wQOkgH6)0lOcvX*gt$XaxK;I#w$Ciczjo7wM|X!I{r z3?5=uG2dq%XP#u9W_}1(i01g`TAJ$>qO)FwXW9qAS1jjsUA8f&$Re}X(lO3!=^od_ z+Qyue;EhX4crtFhycjoG*0L1JJ}9G6CR;wRF10L@dr;1y{DGLmioA82<*0S9{21jo ztJku^b{&11H7aA`J7|~VyJ)5aucf)}wd_tXYe!&jNPNX|IPpEij;Q$Aq$#GQcuMy{ z?R}<;D8JV}WU8O?tLbpcb<-CqyG(JZ$+{yoKA}r$eSIj(xYR=?f9kKMS*b1b?wI@8 z)B^or+U;>?P@3zv$DISCC^cz!A?~%DtMi!tW1SuP)Vf|v8*{aa9j^C>-l_gwdUM^Z zHP`E!o9ln*>l@@-yT|2QJEC-Mm~ZWg(p=BCI>CVr+o4XrHP~>9se4=x^HUA`m=C5E z%3m7}G6&KN<&)`23BiViawF^)QQkzcWh|1#D4Q~p65a*B$|#hkMtjVI8fjV^^B(i` zMul<($`g%_o68!VHE&2XYa0^1mL840mVS-TV!Y#Kf8*okS&fqt$X?&rto3hl+`Otu zp$s?iS`Iep64xJG*VJn{-t?@Q>?Zc(=G*M^;sPjR;*Xn!98>{bv-J)y?us)|-~ySzgO$S!c}`!Ec+NHUHAw zYmqI^nrpT2T2fI)!JY^ffHT0k;IbCmEgM^`wH!=akAn7yYdKpiMdlCj*`Ei0Mf@7d z!ITY&HtctO6PvW@o7lchUF*U&4XrP<$+Z62=D0btt=BT4Z7=KUwt3baD0|u_CG1WZ zVm;P&i1l3C^;T#5oz~+hm)oDTw&~CW`{%FLs~r+-Lpo;ILMW$EVja&Q-p1zd)W)_0 zrK(egExU7uZA9mwZD5zDZQrA$cHLs@+I5F*X4eYa>s?RV;=7%;_35_77C?EV+XdT8 z@PF&}w{39uziqov4xn7_zQdN(BU!hjv_|RPqiKARIa$B8M_j`09{u8f>Jbl`walKr z_<21uY|r#8ia!t5?v-I1j4}>I>z!e1(z`g`3C=(n)hENYq0grHV8b@HKl-$>4er~< zwxO@4EwyZmuk4#)tJN>VmX4B%(xG1)+YFQk`o-eU_B(FAhGKSZi+7^TMOoq;XKU&j zXN#t7i%;*rEq*x4Q~fh+JHeAE-}m2T`m_IWv(p?lJL) z-JivuP2Cp%k^6$}FO+!Cw)lLMn^5MX#89rHqzu>=-*mtQTbBW5t?z)OglO8P_+5Dy zY#*W2w4U9(o?<5SiFqPf4s9nvvLZ zm?N=ZSVrQMVcX&#Mu`ne*8do`#nx)LJ8>Y&h~ae-iidBDUx%_~cwE9S!^b8jjToEQ zc0@ev3$~#nYKf)z{nq#RYow0&omNNuHPQ+Etx;S2`l>B{b@e@dlhqM-5#Qt4#w#e_ zXBHI|&hC5rKdHV2lP7zo%$YUKx4=EkH)l>q z)nM%GDRT?^7EPY4jFB_vOrdQVMdB{*xZdd*cgFk(2*v9p*#y__@+-O7*;s__QKi2ebcc#n2E}^Ehv~fQ*CkA zPE@ro3;2vz?7VyDd;0*isi^#~#|3^`r+1b&sD>E|kJ2E0NGBW=+ zSnSfc({0syqxPWJ(B8LN4~Ol+dcWIgV$%P<9093SU|f){4jPBE9czYvCuY5S;7Mb%|8b+&>MGf$t+?jubrOE3Ss4r(2kgY=!Crd<#Pi|Y zoG#I@BnWtc~6pLcx{lhit8ImHr&a2)(rRC`=gCE2)^HYevO$_PZ%5EAZvrN zlngA-80Oq2`;=L$>_1m15;BC3c%G1N5UGsd?)Q85$K7s1bIgr7y`{zaZed`2 zBVuELJ{I_9f9=taF)T6ZN5Fp2-Z^M-$pr8`!G+lg$v2*#d<)5IV2iQ{P^AUewl`6F5lwC*yXn*#@X46TI0NK30M!C}a+xJMA8rRkN7DjFHm^{Po5*3zx<-+<4Sw zoI~n^HRfszEaumdqSYi{288vq)!D|9Z&e#;xRg@Fs;&HF+!*;XV-_~D@)TmJkP$lp(t9^Ia?^#5+$$G!fgg`bBJj4qH zB4V?f!i=`T2vTrOcy_hhY4=8}4T_)xS$ge(jJTg+8FCa%$=R3cs{L+P*$OMS#$=$< zU-tc8d$iMU`C?fLHIpy_`BX9;rJ^TjljpFkgmlz}*j6HK4*+{URg|IxnvhhEu9rg+ zubJ%Vv-k|nV`u>SxG~(>Xpaz*$=GOb@1m8&y^ERSuZ@L|8|f^!AC0#^?X;f)=T5sX zxe+vMNI?ue0PBO!ZhOwv!3@UueL~$vesJd49@T53_Aa^J&3gUmps_dS9*IgY=c*gO z{sEa@mjpJPbN#I?kU5U~w1p_~3G?mN>#H5e@a{nwW3$G}_=_Sp50M9Hh(30jWQ@HQ zqx}Iy*#k1HVZuUzYr_|m4$3FMm%$wle1V&T14y!mApC`Srx6Xae=CjQ=;6k^^z}28 z&hRD*$VwB_{3ub7I8;UMI#eI`0d%Y(xZ6h>8#eoU7H*TED2ObLE7*rIY$jMeWYixu zx)j+y-toT;QZLuJkMGLNZHxx(#;ykq(@4MD65Yk8^&pU;o<9zY(8CAq(cs|zn0lgz zJfhB(#HjlDB%zAU=FmrnJNQga$%q#lh&?IF@@%N;4Nf#nM9ey=$m41k>h2QH9-%G#cH z-@ktCc9ol@Em>3Zu9-%3<o?>D#Ls!O+)m*rjbMrTrZ{g3an>TJ(Ze3rjE-uWYWN;4K z&yXGfAqNfoYGL6y?T7CMIE-?Y1-HrGWOP*HDzcSC>K5p`ReeCJMJy~33Z4FVRBQQ! z&M>>7TR7T6NPEo^i9Lt!(B3ES}{gLSFy=;PQ3gDCyFG+2N8GYA4; zdO)Mu9Pf^yC1G=^E%z%|`ViJ6Vx|(rf(@tyAK+jxV=Cj)&AbW zWY{pkw+-vyZKGZxn?F z5FkH1w@0Mc9zE?39&bVy0IB(0ne95LA9x(rMIFyY9mho(Hzs)&u!w=ezsalm`U?$I z8CIC!IizwJ{n8BZdB9hCLoi*nT(pywdfjazRfb6i2{C91dqZ71h}qI%_me1CZg%jH zmSF;j2XYNf0T4E(G%AZfp;BPvM;M@554)@)TsCjlb>y$>$X}O{m&&0fQA-eo=f(>S zZy8ovMx?d58jwYgE z#5em(kXC~Ot{vOlgq{HLIlE~jk|8H^0{k2=@g<}sqQeq3g~nl`MIT=)s>~y>#Hl*Zmp~=EiTM0 zU%!51Zee-3x>8wKSh{{|Vea}(w|O&Ct|wIzFrbrr&cs~L0m@U|P3^?Z=Pl-2oC%sG zbGrF0w=}mpw=%b~TDi73KY#1it%b!K)un55Hy0OIZeP2;x-frzY325f$~^kDQe9ZQ ze*Gpoc6|lHdS&(2{OT*hD25^Ta|%rU;u_3p@?hx>}D~*!FbxcJYtE!tNO_eo?#4&nV#(cg2;79nEZ9M?k z2BJ~p?r5zCRXjTcp&h_0bR|v9&oS_0%M#@YaFThe6_i_VYDWUh1LJP{BN9yK3AQvf z8u_^`m2LZSd(`N3hab7?b1RFhH|AEZ-Mn6zUs=SXZ*xoYE7eMM{`x}Y+R}|`b!qi> zrCPbQJXcv=S*kAGT$#IlV|DR1Xk_8m!jk)B$*nA}-oAFTx>{YFzkRcMYXN%N%G|Am zoAYzGtChvol^eHiFU>FAynbVKY3}CDrPa#Kx$5FlWp44>>aC?pr3wx3#>(nqW$yOs zT=n*~N_BPhR^{6KwVT&guP>}X54^Q>3xv0D`}X2O1qCkOMs>GWmaolKZ(LhkSgyJ| zRkzZ6Qh^z8(BD6}E3y0iB=RwKBDv@=iCfNxX-FC!7jLhwU>Lz&ZmgnQ;NQZ;+*ks_!qTm4*H`A2mKSf|URiNLp^$~R zvcHEN*b@=ZBkqXR*`?T&{#3j0b4g$eM5Ow`&^lw{}UCpLwk8)E3vy6fASXxt)7&isChV^Dwfb37LSgdG)dI~I6r+XAv(C(AT^U~KP$6GFQZX|T2ZAwl)qa_|p z1n0{iY<@JW=Z&f@XofYMz>A88C7{}?EQVBX6Dp@h^*qC?TLYs2)9Y<#vU&W6Pb!cCSCgNC5x=5F?l&Q$ZJ?k_;ew zA$VI3GO3B~WA+WghSi2pSsGXgEms@*wJ7`I{n5S75FSO6M1`(1B+`0kuib_J5|&*L zl6Nrj-WK=!O8r2ocZL+A2<7^=#A6&*L{AkT);3fdZEu%#onaF3ErdlsdITAwra|a? z>wk-!0G!s+NtLzXGiEKV!Z7xmo zZMM0i91RY#SqfmqHqL3t(L!zz;$b~4we>&>Q-+nX0cBPk2@s7Iga_>{aNeC&Y+?bw z*BCtZ!O9RS(1->EFh>v!>B~ZOo=4Fl;UqMaU?QY9;7x@@Hp2(A>Z$Xpp6WMPX#J5X z=#h#=+u_zE>!6to+? zk7l7rtBWAY{{_p+`lJ^oR$eTkY(lBpqeCY^mQFxgED-H7FH>cG!Jk zVp>1}Ji#<|0*A(&MJo&%D8eA{JMGb(F@pEoPv!Rm-3!lu^tfIp!DGT!JMAuX6Mytw zOo#_0CAkXcf)nzy+LG-4WNbnv+3zn*NMwm6X_E{QC8e0vpqP|3G!)Z8+=g~nUpi&o;gu|AVn5Z*l$%&3zEYvjEVv0#r*|3$Bn^Q51 zB~XbhLZJ#4f#8Qhkt?P`g$kNXS?WZEqYOE#Xp~`id0m!dgOX7}$`DKSiZaB!Hc^I? zQ!R=pD$a}WRLm4pKk4*Jrb5-&@-$%s-u`;9N;_<^RCR4D!o6skoD8>jIHniYi#U+) zl_tq1wV0!}g~I{(nc$GG18uzw;bCw0`6y~IQ5B+Cz{YrwN_x%*qKF6E;h_JdgClNi zVbou%(7!4+9L1a~g8^?YlqJzIvY5e69Z@0NB6ufZvtR2qyW=wCyZzpFXH=eqEqQrL zr8_C*9vmSiCpPwgiD5gJXJjE!;rJ-VC;?7n~gt-p{SA>gYwg^T=bjzKTDqfBg5|vd=NDP!eA)U6% zlGe!Xpa|!lu-Cpv^F>+WgoO2Se1J-lLed@w79-rKv71#7ro^26x(n32ArQxLVemlqxMNR{8Lg2??KIc{C=Zt-`9* zY)?pB8ZK^W*joXk=mm zIzJPWYr{dK-JO`Mb2Ksed)TyKpv7ml*fLLq$#!uf&crf!H?S}l$);otmK<~YE8uw! zuQsP*F+3D4LcMuxtyfG^d(^NjNj=hwEl6x6lThG&*TFR!+CCV|&J8%&# zHgOYcW4&9N1oIYsuZwvoZ6_vv7l-8PS6!O-F1Es-^!iVGupdhoip6sltb?VgYWFE7 zh0Uef1EZsEVVDzwprk7nrINY`hZ4UHSz4Y2)>(glpirR+Zn;X!?ZBW|wr5e=c<(d> zkqH}X5jTj^Vv^mGEy*Q{d@+Zd!A?pWPDl_-1E{AlEEX7T$3mcbio)9xg>mu65rS5V z5G@oXx$Poiv0Pl_BGY~@0d7st)Y?&zBg`z>TM5Ng0?Z#Wpg0yD?wQA<9MV5&STON zFnz?vC2;lXD2^((Ym?Ial90{qBpl>#bEi5f9U8)ZuMNiMbt=LSU}4^!z72Fs70 zlj8WSh_%@m;P|5mUz6*BML4fEr~)zxL+8{ zd?9iTZ9+ZXZKBvurSBpfqzV172>1OhCJ0;5n{dS?25qC5LsWB`?2AdNdzYsL)w(=c zHfQBY>F%l=wP@Wc=B)g(^X_t~cRXM^Yj4{QLpcY<)KK!H{F7@l) zbpk@%o|YrX2$U!32$ZLJrK#9b+$Ae%|2ppS6sY8W_O4GMJ?k@3%#Smp_I?p8;taBB zsb7+)_i+nVLFt%~61A0svZ`=rq)?by3yUc=oVn_=DWz%SUXM0Exbfjsx7QyJyCtR5 z@voS>3huj&i`2yw=|BMtO&lI8SUWg$l^daO3wu(p?_sOe8MfE9WOd_YzlY;+AbJNM z@f+Z=fcgcA`-?>Hjpgz_mHK#g05355#|VN+hmct+kXW#JNeq^P02QNA*j)(NjzJ_+ zf6S)ThIr=#r_%7w(qA5XXG}$MN+I5AC142Var*(!F{D#^HsM{{czqxJS65NlHj(b( z>o9!S8?(p~|%ua~@I?xqZBjI$|ny5u(CQrLFtr9!o;(}eLsC*Rfg z@E`YH-vxA5cSw7fue8 z_l5BtquvfL(fHaBoXN}=B!#A~CMmq$%-c|W6Y4ySlEvcz?2W209)L;B#OpiYlI=l) zo;V9R@n+&lKmnKnhV?eDvL|JfAK2-DmY(I&d(rrfFK1Y9WIX1;b97n~erojTSA@}G z0JHnWLqYoX6;OwdJA0MAjyL+O!CE@NL87x=PXMq;a-kRFRdD9Uq417m;Lux`rO4(( zQc#zkK9a%G!Ey+%Bve5x-CIcXKCVS`qahJ;rX(5$FJcU1kOlD^Q)WN{AAIz*ZeC*o z5ZNW6Ww3Uj1~*MzKHgmnU6vD*i+NuNvFfJ6Cq#2pN%S#o_IPA7sx`6mb}x4BM-{}l7{AbO-kh9}qrX>uF3f3j$H;+icjX z6JSW;u0scH$V^cUoLp(3S1<leP!mX^&PrgCPVSws4{Y!~_bY0=%Goc%L($jm~t~ z-M}uXl|JVZjnBwhkXbL*z#pE(FTAcwe_jVBkcTuS0qRn%_XI4|Ewynz;lp(<<4s~OB*oE)_Azu9q&&a_EwDu- z5cHTao+Wr3X5md6AJvl8(Cj|NVa*7Bx9ljN%5(D8iY#6#2n55h1_ytMeSdeT`j}r$ z9-N3HK}!UZ#MuCo3Ib?S9nV0(3`D+Y{vxReyv~7xZN)o{!v2pkgolXHaRN?~Hcnow zjNl<13?#D+u0*U!98CcP@g5)}OImKXa0^}T@d#>TZ%;;UpQonHoly8H6hw(^Ss)Y| zaBN)e;Cl6*K!ds$L8+&+kqr-QUhpACbE~f_YQ8Ed5sr2+6bb~~E4r?bX$Tahb~MBsLTm!Z2t!ebDT!x` zh}tyn%i^j?!Pp+8QIW~sIY!oi?Qo?&Fqh~ZL*A%Y3M7p!gR}^Dx5a|!8U=`#10u#1 zM{R{(dMgNx&BW_HE=5+M?lr2)fk6WbRgL!H3lzJtAaf1kuAQK;snzrxtf+a*--dbuDx7qJgBay6| z{f9kB!@&@qH7s6wXpTVI$q-{228H5?n~(sPZCVK&EsRL@VZa};B67pE9=IpeZysZK z4OW7xfJsm$OF|HEJgleSSHc#k5_TSeD`-3vD5|v}+YhgB0fT=%Vy!i~6i0lxnSdt( zq|J_TmJkw?MQ?X#{51xO3^p!+RhjZ^Iza1t{_2e~c(}LlF)aMWy`ILNkr;^6Qy4>9 zQnKG7xAf4QFc6k%+s6crE%RDd)KWdNf4*TdhHz)!-r(^iaT@H@$xEW-%1WUOaJ*|n ze@R)AWUJ$18IZ9mJrwA_y2G+3WWXc44@aI11Cd=sqS2h|GW(?G3u3Z&pZDZX4-aeS+xq z3`ygXPUD;)_AP}GCl6y!Qyg;Eu#bZAN;Da%!7t|}`f8={#CanHi?uJwUT-E5kw@Am zdwozRSdOtI0cBB8N%#()_{Hu(!kymUSVQ#@r^@T^?z0`(Ty*;{Z!ODnpELyIhe}|% z;Sv~X5uK5bG75l){tyOIKyV<`Rc`Ktl9qEZbi4Adb<9y8X3*C*Dg&&f5nigW(mj(d zz&Ym7Z*g@H)KBDUV^4mCt2s*1VXX({z^Unu=Tz}=2=n+ACa>cJ>}&!Ild={p zMC9w#M#NB?qJ-^OP>qNdFeti8RbUs~Q37riSH9?stxe*vWL-d|Cpl0}{V_r=v5tfo z%YYUU;^5e&?yc9LUwuM zBE*7efzk~G;q8aXmd_q~z+G~T4p6Wu!gzb)0b@}r!q#5Gx%V8Ub&0b=`n;p0efIPz z_ud!|*%IjPUs-sGT;Jk=R5>{uR;M3zb!9UXE5?sE|nfrMWq3F#l^&n5bU3xFkEHMo{$} z3tBPXBPt{@$@Y#AXK=SoQ~aws5mj&Vaw73T0egy;*2frG!MnlSO-2ak6PBBSUEfcV z5`#>{Cl&ET&(}^nb}=!3+!rw(Qip+OA-5XYyaDGSpJfg)_Ym(3_&c;%A=s6o@}b`c zM6CPmG3b?Vwu=F1co(+Rai$#Jrp9u(+j*Q6uIrVJNs96h-A71aRmY^<%8m&(Z=0P_ zS~zFgxHgrQGy{x~vI_k!E|-L7PH`-R-8NTe0fm}iIAvob=4O?u!9*DL6?7U;u+|>Y zaF;@s`|Tml995C8ZN<#8=Yo=wfIwv2k4KzM@h5_p_HLUGl*R;TvFaGx=tdy#|MER^ zJVlp4?==n{wQ04Di2e+;#*6mZluEbTf0_lsCIhQR9tt*^dkPCDcd-VW>yJBFCkZ?> z25NNz_U*_5!%~jL8ab?Dt$nH<%f-Z6Z%e+N1HRbk7O=z+gLm!0y5Mw>d2bp|<*Q8z zqbr7Huz=(_>X6KrH~jM~vG&Y7N3iM2!%sWI4i*SrC<#0z9F6c9@(2bMFc;)sgpvCE z&LstBc9=-l*9-bd#&Db}eJMo&32xx!fYHGNylcqkL-h4+wLbfOqU;D_(rUM{onR{W zlNugim$NUSB;9j4kkNr2YqVRsw@Gkp?6Is{c!43-WeIda!3B(+B#BA7{P=e6O2~9@i8Wd(l4J5h%n!kSTlt(;+c>pkcZOfs4-dv zHKdj>4U6Kl(RwUwQ$e;*&=@(AtXqwWzQ7&ojYYNWD45zr8W*$_5SB;^e9-U1f=T<3 zmICE2M%w#$vnC`-fpUJRsBqxKFePmwchxAyy0NQ4s-g*we<4I6IPKLy7{6#J(gb!Y zy~pRUJ0r(PQsX^7r-md=yWiJe4BiIL3pIk1etR-c2}>_J#M0F4s`2l_K{$;kdo3`} zG{vuMvgZ_xs-r14w8p#PrHDJ?pAlOj%aeC&6(pk>qZ||Ljx~*j0S$#Q3|2FR(>~SE z*Xz<9q9*E^(lBfj8Ze?&&s{@=ML>h0B7T`fK{%Svr3rJ%!QwXzG=ZBbEKhm>E;4FzrKq{R9Ye$7OdJ3T-AaW^(I^3I{ac?r|o+a)N3Bv&wlXBA&-;f`G2ZE>rE zcKdVgh}4iFhEsSYyE;0@mZ}AVAM(H+hmQp&059)~5Mn0KNAi&sDZ>O@8+$?=Rp}!! ziI0#oRaQ28tQ9TePg~wztq$&PIhy#y`)zGYI<3#7+(l!tXsd(nmY80O(7Kk9BGOe+ zh9950(6TlWzy$aoZ+Qg_WI`APrNf?M8~e^a2MabJ)GB$`@QDkJ`F&5c>kntS8z!Pp z3Qr8Vb;uni@NMW7J{rczu+HfH{!)K8z_6}DSP7WdzXGUEAsAw9D@pg4x-nqMogr

6iz>sg4d{)=zrSQNTY?c1gCsdz)K9O_^(>1}8POPou`|k?{$Fob9qVnoIUZ zGcU2mCknl_%yy$%>tttMEi-c{JR)2qU35|@ebzGStta6u`lraZuf0r0|H*>e(mze; zt>x1Jtu@YkhRoam1${rI@9OWLp`X^@UzyJ0#lJS_$G|76gQA2wKw|7@@n|HUBpP#TxOD6bPJl&cXW}HQ9ov5KQBXqMd>IJG7E|^|fv5Rjw)X`!v{)=2h*{6IB{Koeil< zcn;s-{lvggxW!yaz#~_)YhceFZ)L>KX*4iyf`rE$9oto z#uEmI<8g!2&Rg&S$ER#buBkqsN1pw&!{1h3umVd`Y}m2+1cCRa6D;n+Ib5;=y;Va z+YeAK90#wot=y^Mwfj(?=@*0ZNIkQLSJ7cNP>_T3v3qTv{CQN@kz%-Be6twT;Ms+) z!F)QZZfPhKJ6=j!pQUh#H#`=U4zQ8S?j>H|?#?@F4?544xUJ(czc3=Oqq-nmq)}#X z^b9;WrNYgVxCMlAIF460v35@4&_nurD@#MB77#yu?F`Z)wf(ip`DSs%ZM~~8&shv_ z7`IM%p#`@|xh8SYBD%zf8^qc1(6YHdUiCUn)DC1G?R6=b#L!y|pGx`} zq%&|UYj*$0GD$4)XO3G+_8Z%PbH&8c%SJL#Vs zb?8C%p62wQ#=NU8!ZnBKBzn7&SF_|bTAuHckwg=0aQL%Q{D_M_#UGyHM|0^+!t9>9 z@o+}QL*mvOEt*KhyZBnyZD#{)=?XHZix_q5Gm%C#!eG+w{_$XzoCoyM~ ztqx7~PO;wj|042=BIkXNY|OEZmRU)r6Pwl2WVvk5Tf4bL>5uv?XuT97OT#-*R7S#! z$^O)QNzQz!nV-RTB)m-K)+Ovz37?74t(&xl)DAG?Q?q$(w_dIG75$$52&*XZ;G@)+ z;Bo~C`Ecp#dkIqxKFGJX^?AN*J`Fzy>@m4SVAu~#oTxt9x zLGCljnRnNURvRBX0ki9KD;jO2&C@u(}rR0=HZefGQ z=-$2M(Ob;p$X?9e_}HB1i`bO&Y&^#5DZHXHt6!K{HF_<*2zzJ7mb`I;D5mY-a^mh& z|DuJfnm@X%>@QeWYs`zDLU!;%RumcRjb5e-aRiOVI0^gWP4d;61Y;=ch;|pAF+K z`DOqyk|N9iVl+jV0mOn7VFnNjQ-m2n(ET~0W{A=Y(t_)eVeSdOR$wIHp6~L+1?zXf z^JMQ(a2wVQvKWTKQ66eNp6PXD)7Fk{r^0+aLi7fFH~TmVT4`NDMy}(bhtH{aYzVJ0 zmYcU{j-GNojPAHu@`qNBOt7+!x}ea#TYAQY>fKVP*c-eWq4g~)^l0oh$eEvi(00+8 z)Qdx_nTCqW4Q32pPI-)I&bJ&tnSQO@)_1ZGI>o4l2V!uz=wxiXc6vKrn^ToeEomaG z7Al&SkBa%w3O7k=aJIE|2IX#cw(v!YT<-0b? zs^E5PLigw?y!A|W)z+U%Y)dBx$A`9---2uFN>!%~!b0dyVP4B;X{2N(q{EwpaVgMM z>*dw{$w?kr)bV1ZkH-R3n4c#Yg{i%FtZ)}tU_lRDiyYO;YJbkSrFZ>K_^yP{AzoCL z=c+vDdY=chh3{}3rm)S2rf(V$#C)XHELg@){)NjbjoJd1Du);HL7mgKkY-61e?)5$ z{X|pUvuw;xaMc=TF%~;*(5p;TIKs`GP;K;#kXZy;QKfSO>8z2?AzEEUIJPW2js)|N zb{2hKWn`bBo(0Q^PdKP3c&%})i+{4%vvB!Aj?aF3kFqCPHmOE%kLu_x`81TUbHl;t zEhGH%NnumG)*Zh@T38vZ`&RcR+54iM4!$29205pzqQ})t*e5(&SY|4EeJ<6`W|^i` z??|c_mL0NURKlz9EycFhI476EhHychbq*2LI7B24MoXdZ|Nhqs#AV@O;sh zHr>#5-L}kavhWam(X-Tf9{dHkPS&F}Fce+Dr}aX4M@qEs$K|h~mPS|NYQ&ZZD0}iEoWLFO??Euij&1 zmXufde1m#0L}Tw$@Xz3d{!Xrwd(hLqod|gI(%{m`fpMnZ+UgC0TXE1u_L8RwkZQY| zoH1fezi82gSIY$z%zRk;awPN_h$Zx!(&<{Sz!w$w8i1?m3sF*Ki=NR-ahi^2`QNB8 zvfx;+y&H@h#_yy(b&1c7_|!~xHk@z)ctkSb9_sSMnTdgE*t@WkmG2Vz%2bt^tk{9W zM%iy&3sbR@&l8k>z_Lig44+61pG*yOjLzxbQiCO4q3%vGpH2<;q=tKCFkNVh{AcqP z>pXhn)Hcr*n>#p$P-?+(&8=PRmxdNB?&J930$(4|^Nf>blzN z`Q5Z<5cW-rXBXgg@VkOMrp>us-Ai%Pe~{t1x1`4_n=YeX<}gF$JA~1};Ohx}4NB3R ziQ*;|RL<9~l}&QUVd`ajW36?A0*L~F=#9I*tY!IPvAx{TdL{lQiWM!nuovUqY?v<5 zt4{9hnv5Oyq}}svr6;(LT(w5R&F7E@Ug2f%gc45+F1~#GIsz@Px3U(|pEEhXvX(A( z&gAayndQj?8mIVcnY^6Soa@^gdY9Qtn0;)ZXS-Tss@w5Wdowe2TYiC{R34-*2g{`sdcUMh!<*zO zvvH%Cw%(?~B01u55B7ZP_%guGCU-^us;=;dDwa<8!(`2fAD&MfO>HM}W>KEA@0Fou zfq@fmOWRQK)zG*7$Q+EA+84KSrO)G49MFTK_0bg{oI_O@T}y44)9kO0+N*#4Q}1xt zCkQ(LRt6???sDkADvyPhfoBZg=Ft15zGdL$!Z$lKmo_-xGVoa8tqyHPEg~}TKH=*f z`iZG;83wCUH#_ugX_PYXD&b8IO(X4S%fLf~*E_TX%n~TWVBgd$99r^bXc>5J@TCsD zV~UnxaA4|MhbFt7Zy5&XrctVn49=_1TlrS!O|@vSUaznGuCto}iZ2-k=TFV^EQ4=P zsmU-nIJJXAGl?^2aHu}Ck{#hHheuLxG7Jt+?di}b%QjLUS-ArH6l1qS^l+{4tic6S zXJV!?&|~w#%@k_LJ%}~%hY4SF_}8ki7Z@#W?J}>gb10>P!`z0t#i6P~RUGQ|4)rHE ztBpv zYx#%@9oj|+FWn%Q;4^B@nBA&%QDMO^Po-`Tysdv}H>o2#q~!7_q>!IN^lGJfzBSf8!`Pkq5gJ3z&QS|sG)yZ`>kBUTn(cn9|K;KKSsYy8oq zEZ%74UZ`XmkaT0-if^Y|jlx_XvhI!TzP!i0*BU)M@%1)*&{!W99Rh{u-FyO;420Ne zZxA=~aftNn1+yc2XF8r&U^tMRH<$!Fxxi~L19l%Ykc-#WR}(h-2%cv9@qa*$2`w1V=Z$f`Tgg(g*dU zn?n8F9{O+Xrk_vy)o_%aR1m4e?X?Itn>#JbI$m6Cvv{#|?Lu2HtiHsKBE)+r`({6z z(3DefH1g|r&L(6B655&$h%NVXM+;&VP_|<|f9Sx5xEvC+L9KanrD?gSTSJ=ru#ro- ziEeJ?ob0R>Me}5}-Q>_{@S-()JLNjqa%a;=Vf4RW?vGR0syO?wZQx(2@8ztp z%RJOU7a|yL{$M8_DXEX=(76*9Jq@2WsovAy zbs(quSPcQfzl}7c=clY8V4}v(+?YJD_*YE?A~|&Pzbp`6`&W7k>bBY*9VcKjPI>#f zn2B*6#$zzU8A_S)4}!n*2Gz}m9~Pe6?aXG<(ugft<$XA zr#%x6 z_-jD#mYuV0=w8oIKohdfI|JH|p6$D-qwcK0s{QDV1Kr+~G+w&!?TPm{|I_h49>3Z+ z^Z$b1B;Nl)eoF-@{y#)F&dG05)P?2SZcCCxyVDweIO7zH)Uo2Do?_W8cZ!9Rm;S7R zVfQKTK!OUp6%IJBFyiE5$HEy`I=M*qD6!6{{VoH@YJ5F{tbOLMH0Z}S7%av&8XS(V zGdS(M1^0CWFQJ zHiN_Q8w^f6Z^0KFU$SL;_=*J@`oa=uCY5E=EX+uU^^3jPo|sDb1ytMM-IQ=Yg@)MD zh3d!=6=L?5k_wUT;ajpIEwlNBbPr!zA9l|1_FhZ77r)P-AHUyVG5&zT;rKlUr=7Rp zi;g$hGTwZ9dt;XlZ}Xq9Z9`zZb@nCpgkORWc3{2-<|^TPCHzb*YX{~G>71QWdm=OA zb#hgQ*JGd3DaV7!^IaXU?<0ozEyfFXa~bsGw;CLd-)wN&IR{^IJjxb)fM9M;K(v^Q zm8`QlrWU`$!g%pr2L1S*28ZLf8=Q8|!GAhhvIQSDTH34dOlZ+Nrm}GAEcvAoOV^Io zuekjB2t+F3NBIU{{vXY+gBX%Kg+-_1rK=RP`w9HWHa~ua2)*#TbY@-KBc0M{W1*$& z(35+3tSaR347F_sq8&v~^o$eXT|c*GY75SbZ3ktu-wQtmU$$zxyqUPahP+uE-oupJ z$es%l+y^_jt;Lb8b666axjXeD*X(+(*|qy~TytxDX&$TxLSuEPn7+*-lFrqGI`Ed5X2o zGJgDk6^vTYBil5cNklEj_5m|)nl`Wt$T^Wgrt8a(ftWjHKLSPxo`|=qe9ek-t-E9qNX}N zOcOmGosMNeQZ!|X1!gUwFH&lmB&w;8DQ~p3enb)7*(*F1$b?bd_ByogBRRR02CU$T zT@}6Cd$#vn=G4q8r|||C!tCj8a`D-tRENACK|G6u*cCe!chOFA9gB2z=C=wAc*>~tlJ?oSYryG{juEbIz{!+9KTWPo!=W>D?*WG@>FUUe$$C{bVY)>U{g=>PSk3~jwg#yC@y{F0DShmf& z94sVLC!(wcRCwly6`WfKEHqRP6%`t|*bF)|u@PE~s-b0#t{;Ap1WI; zKl~Ek@IUooA2OSx#>(Md7}!T8mx}XH3BN2KU*VJ7bM?TMdUwRFZUG^16Pxs)69arI(r6Q*D>Y*~rX7)fXI3VRkBXIfU1^2-YQys6+TpKU$& ztAtSI9VIqtzV{?B%$gPS(cNgXfKNCa;}(Fm5B*WisZ?=JIDum`{`X0(=Lq#3=E=tG7ZwdUSlxy3q9**tl{ zxQw>qvB2|mM!1~LjI#Kc5OnQ#&;T)Ui`Q2Ahk~!EFzbXtYRlHWIL6GGuH4~idDZO> znH%LS8K+Y!Fq4zsQ`QzU&7HkqH$`Y$d4|$%#UWiUlB9K}2QiR(n80kESZ^0A)?)Yd zING~c!b8aUk-e*xv2oXTp^jL0RvC$&&Muzt>##Q7V$GHvTft7Ee}XeFk$JTne?!$u_XyJQsVDWdVX8Lid31c5rKYg7_tCdT za&h=gywK_Gg?pK*s7_~eP53RawX)kyNLIfFZ18(N#8WD~lKf=>3HiGnlpjq~_U>%I zu{Ua}O!#d`umxi@d_L*pJWsY;eEf~0;r*h|9gVBXm0L201K;TOr1$l(A#{12s~c|# z9>C*}#(TBKNQUScbq3Xw0!6X z@4=iPp+&>_98R#774|4z+vnIr(E@?5IQ{rdJ=P`WL{+>u>wQj}?AWljVW&m+=iZBC+)hWUZ zAfA*W%mCt)6k!Gsr=|!qfOv9>FoX2|gVo+C=am{~u)MG7-T|G%sk?@Ew<&TyIke^l zCyC);r8v5p52rm2NX@;bK##e7I7>M-TE<0cba0Rv7DUHGiXn~{9HB6WkO0Ox{1;a? zF5STk4gu@*&6_m1Q{~^dbVo0klJA!q4YYt&W*DnRyD+M7%6Om8Lu{b?ovWkY+DtjP zz%IcqsV*9}ZsLE)C9T>z8;cEwj>TXROW#leEOS1h76`;vA)I_ZjXau^-eSBkm_1q9 zbRaCPbMZ*~xQsed4z`dEc7$G*^PmiIoknl8A%_=l3EqodD+dYK#9?0h9Li67*$pc> zI#&e>JTHOgC-8yXwtf=xXvozqGH8 zl~9x`B@g9FspFaYSgG^oGM6u&vXNk{#BwcEti*bAOEaC7_RN_pn#2Q_O~vBD)L^m}*lTnm|_!zK^AMw67BW07HLu z#lE1cx;??}@8eWYy|{4MaZ@`9JsR94JnM90NA8b=a!76LnEmN|WH|W@_Qjy$^52Y# zdtCxgN}!flrtZg~x}ZblsQn)V?E;rDy^a5!_|d5|!50E;ds#KQU-_od%}REM7N)Kf zrD#ir{FRW;GvtplH!Sq#k`VlOyeEmOd^u-;$0e3*U?i2Yu)O2;$ zlHuesBxlGU}8(!duRTNxsKfL z4q}`0f@dmR)>zp200f13owQDF)2Gv4juXfcb3L_=P3yLKwWJkxs#s5M2}|AG4i@Xs zpREL^c*1coR2@kV;jDiT^X@L(t%~n?+u~m@{Mv5(2y{#>czQQpJ7{i~|Ms?cHVu}8 z=j8F-{Fqj8N#5P1%an_FTfC_fSAkd4|7?|@MyzH45v2$-fM}%%Gk~}vMVJA^+7w|1 z5Lc!MGk|zbiZBBRlx!ER89>nRID{EMtVLQn>=0q3iOR9nwT!ssEf&T)OjfGA*u>+iC9n6s;;swt# z!(vaTS+~_h&`>S{pJ*cJCDY~|5x>F=V^uG>(wWdZp6g5uq}It~lZH7xMPYTGdv_WJ z4x!r>sE&{eI#_bV>Oc{2aXW6kKzzDXx4!)+yY{1|YnU9;Ilr;*6SR*j% zsX@><$ufifq?XKU!p`yP-c<^-=sjoBHaWdVnKik>rR6b|9i?nGWk*@it?WqPC$9F6 z)C7?lMEYx+Y-;q`(Z7l4WD?J5VbE$P4*}}uHFx)#JzVTfx;fuqe%%3Mjv^_Dvy>a< zk%jdabA!j2suXm)cv63OJdi#FFpgMNpvboi zCPkualnv6!1H*R>rkXo(P6>A}!+w{}#dP+>x0=G{h#%czzN}%Cj-I%xVY4nO_$lG! zZ=?A;RbCzxDHo?2^lpE5n!nR#_)`PUAwc&MYK9kJwU7uN)8cI0mQW_ z!VDm2WnDjM1`yY$2s41VAw`&BQR^*4BOU4~g5+awr_J+=13d%Pf!aXtK;JtRm*bp zkhvPls%2n0TP@; z-bo^RD`N|mF&VmWdCzFAQReTB=&3LKR|^gN>*vmhMeMbE){-IG=^>9B_B9Y53V%UW zx#H~%Tm9fSDjJLDDTFyt@dS5*qj&Rzx69FUN54irJ9wj;jSxk5KyF^4vD91pCI~fm z^zIPU%-F@mF~b|QEF#r!hD-JvTXgM?=-5j~HZjU{=jBkBHvJWxov%Y(*rYTjmazq$ zb9HDCn;z--TeN8pbehE9;!U@ATz2Rj^J89T(`_A>oi@$u#5z{pba=;UthR}9e42={ z-c5hYx%F+T<=px=&CS^cHfiZ3P4C=I%xGn{d7GY@bE|I>>#5KAn;4^Hw!uwkpP6lF z6MMEY+wi7?a^XhAcjh*_=@~h8-xwsBMEww7yb&=*!Z%=iD~{aR0iRe%-g+C*g8io>If%a-K8$S z#v#7Rl8)49$^X?#0}onA~iPu#ol2b`J*a+Ma@IJs{^=o5Hs29+yLom21zOD=r9 z)P8`>1Uv}fSlOrL$=6o-k=Suo4(3_SC?t@)B`%(F=`oYJ590(#4{z$xJY8piC z;ePl>{nK6r9LH+Q7vaxBvh<;loEZs~dE7aJ%fsCiUf{Kriph~p^oOn<`r)7OV@Fdd zSjx!V`FyC-WKJEgdJT{psYb6+Gtg-ZfUgEYt~GaaZaE(o^@Mi?t2T4Ozv5?J zVT@Z86yvg=dlT0svRz$1>S8h4BX$5R?YNZ>^E+kpDV0g5B%J;;#oP=NF6txy2I(vQ z;1c|I%;7)yG>-VrDeW^YYQWH;d+& zd^CHfJk1u(!1Ggh^TmKpovmoh{UHzp$E?RBf7?wz0 z%}d)#O*}uDzjXDZ6SM64@63N0e{XEpWpf)RmblfsY|_SF9cL*+E3;Jc7VgpPxK#6& zT4J#al4ws#c9(?OxUqhnJclJ$)q?Ml31f2;+^AJQ!wq+gK`+$oleWp6?0YKBaM*_f zmp%B!WvuLc0HVBE&<}1R+Vnc9`DN9)-;v>CK`;P*gECD$)6IgK88ZX>AFOv8=O%GK zoU7Qr2r=#7Df?2d)vs{{nL*E9|B7D=1+O&^zwzs2Z0kD|))o6ctuGML(-siBG$8n< ztnFLy(OewN$4k`QUl&hkA|)8a?qq>mB#n%3WN1;;Wja(igs<_W{aizNsr@v8(_?_B6x_p_lxkkkVl6TX1uue&L4W(@!aZ?1=*Qf>Ko&dFb=v&q&`Qb1zuVp!F zPIHM%`<0e;F^(%e2P|QDH?PHqO-sxdBLe! zE8ir*w}{)hxV$-){O?0A^R3UAObO^Hdg{$NQG4H^bSH%#5`%MadA5$?=l&2^9-qQ8 z?&xoX{*jcg>)&hTvDz7dM%ok0rThgi%>C(%3XSsI-%F&7&Md;8RIyE+3#9 z5#vc+Pa+DkOp(-bJWXjC+rwceV9C%EEC@N1^WdgViFtsK1&Mk)v zs0U4+Z(j&R@KjN#S95e%k^TH5o4|dNzsgPj(;nxq-E*4wls}CQL?a)D(SoHWk2@Az zsu^>Eg85Hj-k(;LG@+`09xpSaZ~He+jlPdmO+-Jp?{Dq6mI0Tr^D|xR0;hpuWxV$mxCxA5k;CbP4ciwS9}o*vY}x zVnFRGS;|AfH^}~RbD22Ezh-ZG)S`W%d4aQwu&(Kmo1?#I{TnFoiAC$*=)jvCxYdE% z9Jt*9N>M)F?7&+bxWj?B3Mh^2O-ahQwIj*eAgy83(p1%s_J{9aCpjqIO&iiSD(9e- z%4;Rsf8IMH^!a)p&9n?&#<%G_UbGQwDAnR`)tn7=~f0QMwlMPX)GIGIpbs*~ZqH zm~kE9eBZPAq<}`gyxQ(3cFG1fGI8BxXG+F-U*OwC9b9eruJm?})l(0`f4MV7<9rVK zc-jMIZExM`sSlZ_Y_cXJr@KnJ$-TmSW|K9}=RA?iZb4byxTM^fz{&ZT%pzWbM>DKvv=tX;{5~?fH?51~Z^iOsxZ=x}zQ~8Di-*n(x0=AZc z#=P6hbf%0ka=U0n0*$ zen}R}lw=_zSt%819M+J0N#P9DmZ%R^bSJd|Z(y*(AzQdAq1 zs^}_ZnprJ%>4sQ8KwVU3p~on*80=XlJtQI;rkcU@pZ8MUCn~LOx8EBf7;a?HclxDHe#cFd{n5|a-V8f~M{uamv()O2Ud}=B;XuRu`Ros~q&`4WgElGm zBBiY3OY_0a!TEFQ#cez)K{=1QJEMoYGk6_>{m+%27K3oh;qRw8YzBnv2Pwh~PCn?s z?3eCwx_?KApNpO!4h`x!L9u##?g@`(%LZqcPiKh_;mI7Kyi}HtQ3}zt8AEgL0 zfcSBWFawC6qzE&B_-TqTgZe79n))SjQ8_q~3qKmoj9#zsNw0q7GrL-J!gJ@cC z(Y`rHy1s75gL95_SY3{sDgYC$Q9gY)6ExFJ-c1@$Mh1pxH%IzLbUTn|Nqm&jqR^Gb zoGX{kP?lv~LCO&tOJvSfw<7g$E0SChE2T2$${8wLd(5@pa|z6ZZjjrGn*4)La}JhE ziz<3SOaqLxojAjCn5Mx7D}HpGh)WKN(Iu&|6umSx4iuw1QZv#)A0p|Xk(G2T6JQY* zbAE4UapQR;h1`t0_5oQ4Kixgo75Wh?jW&rW46k!I*uwS?{NqZt6_mMDbH~i?E znb8aAJiF!N4>?CVw{FM!At@10HLKfk&z$3)GaXOJIqoe-F6vIj&KjjmR#uy=4D}B6 z4fS)4wP(rAm1w?ZBP&X8&NY=4)q7+`3C_8uvSO`*7b(R#*Hl*IimWKfIoDKHC`Z<% z5?Mhx(cQBq9$pKsYw>SX7M;VjzsAb$XTwrbvZ~b0Zu^oM6c*UEU*{?~R`O~)F6a8n zq1sR{cAXs5ji)*|*f(`79yyg^M+Z5BdDXK$rY#0q$P@1b@@bB6Agt>IVQp$eVTxBh z3$KeiK3A|ft4k6y&ld6iKL^`FEOmx5=Xg4?>m`z4jSR_wM^56(R^?csOLc#}JQOY` z@YD-Mrbn(dTD+TV;tx}WOw|_>-8E)o!uM?2lzG?Wr)Oca1|BR+#qA; z9N)`+0zZG2v0kp%EFIkCcosxfu673=D_ciyL9=sPZtENoamPkizJs?$pus+(&t%T! ziniQXaklnT2_JeqZ2)ZjnE$E#SCFlmmC;Xl)wK`vKW7Gh3AnSt#W}pr>pTJcDU`Wq z$6td>D0g*@FCYb#;8JX?-#h~ltRVKjEle=6+n1@I+IM^GodJ(kVjgU&L8j0Vwck2X z`&}YpvP#s2b243%?qETZ(Ff5*OW? zS(V7>1DVwlyNxa!{~cdc`@aa3;=c-T=;3cbl1{xZ78pAgPMf9PtKCcLz8!M5Q^Un6 z6jW7Nt2^uyy((1guXgG*YEju$s0xz*OvzAVE&d|;t38&#-o^>|y8?eZJ(jn=#yH+u zBA0J;>NBJ5CzW>6_(WInI4qv8Sv}R(@m7Ft-_LmAW62xFX}vgod+Nmrka(PWf#fUq zRRfg$f|mV26^>54Y6cQryW1L^q2zT&HQZ~iUR+pu@pA>}#m|x_Nc}^kq_CR-#6MGn z89;1J5oU0GvveY6SyP?T+>cGQR$SzoNL;N?@J<4=}fEaC~avcE~Tws{c!8aq*jIT zNSf7VNGoMl(7}a?KiX_pXlD3b=Yi|@p- ztq+idrQrwpvNxOD?x+G!BuMNjo=*Eb2PVEwj=K=abPw^!0=?6~ao))Z-fOckIpN)zMyf4bXhpxPMHRn?L{ck&^6 z)JN-Zk95t#Y#pvLt@U&j670G2>$etmyU%sCUSUb$-XAz~+E$#oJ#EFM5PaOWA~;Ub zvgTv&UaE!CF*83YB7>w!cK`(R*F|ZWtLWchPVF4?s(g#m7hN| zT25t_TrT)98 zG1q_A(NL|R^pu>HDV|Mb{UViv1*u%8=prVKF0XbftX$JA=jU!uUafunyvjx@E7d&p zD4#kV-8#b4(M=1Kg7pHZEar(;imOgtn`s6Rio;$K?DIkN!_8n?qepTg0-nZ2Dh?WzxrJKCH42_!fv0?l7FGFO}83z zbG~(C2DAEhf#ru69om&%SKo-6D>Pa!6#W;ZlPl-Sqb66FI^n)i$>P=WfF$vFvlBiu zfapyTX0Z8=6O=f9iHzOAv*b=aik_AhK7II0p_o&nyx`>^Oy!Xw((Gz}0t95~tmE?f}lV;wlof#V(Eat^t%bRfW$90Dgh zu-XB3stb9F1E)IhWCu=j;B*JpIKcU81>g=4fwLTViUVgmaE=4#I&hu?=R0tL0~b2* zR0p2sz(o!)4=&OdJ8+2umpbqa2RK}t3@tya(y*bWOv%vl1|gF&UkH4v+N`x7Nye6f z8e3XW8(XS){IiutWMg|BL|fM4_sM6#vWHmGQ$_heQT zarEuXs-lkk!&1*G@@UV@s-ln1$gC29=%&mnQHbuztP+XnpP5yn5$$?-N?9Tj9h_Mu zD$)6wRU#8zm02Y^(c3bsL@0V7vr3erzh>6sW!?LTG$M&sbVg>Ch()(&R*72l*~}`D zi+-3{C3?}^BU4fm!D#QyDp8D1$*dB|=sB5Hq8WW8vr0sx?`2krYE)U3QkKX@duCRN zZgf>nRiYp5eRN7n zRUlfMSydIHk7ZU>iD>Yc)U&Eabbe-46^ZW1tg0%}-I-NYCfb}?Rdu2{$EKuIg`%A^ ztEy78Z)Uv=YfkxkrmU;HwqVHoNiF=D79icYcNb*;Y1Ap_tQV&a!3TF`tQEO+^gZj! zAxgdcFXn91kMMty`9BnYwekwhEqd+4uz2mm?R$iMkF@V9`!e-|>(TZ-#=ghe7Y!dg zEp08hpI!!~ZA2p%yR|Mj5rY)FlYo;4cq2<|v7+>P;*$lYSM#0E)l5ukHMX3>l`Po% zylH{0!v}D@#T!n7K;#s#y;~M?Vs~t-BV*xNjye^WEkoVtO2GKFmb@QYDZJ;yg@r3n z1-Y$Jk@^86f4ghMv|JuVVnU+kx9pLQv@c#~mrgPZfW!AWd^+K^W#Ip;QCD*?Ubh5NB1^9GDa5(!Gy*$d?(i=_8_{(CZJW7ATBHUaUG&**jd ztF)iUeRk2U7=zmoKCgWvPQmkFXCyqIq-gS;QNKwBlLu_VH_1@sNXDxKrrFe8lw`0! zrm>j@iwNX^a0qN2X1;ii35P-<98ZHzvZeSYFdPwiHDKyUlIK<0`;s8e(SQj*Op4md zftZ^%i`zOWS6Cl0c6ijnh*?NxU7iCA+r!N$Li_04yg+H%4sO~?pi790G`t8VA2kaX zJZ7Z*+ZpMQWsA!zYFfQCy2f(SVO(~FA0-bDzJn?Lq}1=|l=^$Nztj)#7Cu&zx17B_ znKTrugt(n=>mr(lvZ{sUya^Dio6LJ8wWWg&E(S@ZJ5&n>{Imm8f6~w&f0=Rai@MV!&39m+MfXoFXIz4@^@{1vG9E8>*v(`Vt6@D%_{r$OAJUR zkJur-o1}c4t{&h(!$#VF-9<2Bh=nO)QFOE+7W>YJ-Gl4;3})E#Nnqfhlmy?QMoO7) zq{%^-FBfhh$5?Qwx1NQcn&0b(wkdsyAI`QFofq{Mlg^P_IAPV<0%kkFCQqLEO5x-| zmCi9j=cifeY_f8gMU~F>Er;QLfM=5y-9pF=1g((1EB{EI`C~(23k%EUQ*cx0sotU$ zl}*Q_o27y)sH=?rM!t-cHCi! z^gzib?T<|kJdWb|N<422pTl=Fc_Ou5+88h(tPvwSX&I^4wE6CF2$e%-6=o7D&m>eG zUDIFX3cQ1NU@pn6?Gy{Ngawwuq$@x|o33`{>O9^_W*VT@9PDvtB58J1^dYkrwd`KJ zZ>yiuT=f+|*3qD$ENxCY&qLg-8?qgyF}WyOhfL+3w2WyloJ>_F0#02tC=EqV0W`*w z+z*)=;o)rF4=CG7o+Jg#E7Vd(_W4G6;vg5&4F#^d1pVJD97uYOQhL&*hYbXx?|44I zq&j{9rfgUFklRh()JseYaWGe^Z(F_u6@20aesQ_So6}9-*0i{#5-hJl@wJm@6PG8u ztA%ND@KVr?O*r~TK9%f@5J}^5B|m(Td=2^Gi-GQ>eNVv974hT(H-^vV$oPC)N6C!F z)3u2UJb%;=ug1v0$~PHs4#c54sM$^ZXfs}cC(ScmBS=>-P||}5wPN!L-umk?_@T!) z_yNt5AKZX(^x8|2?xiEeVC!EcGOy;dpo_rLQFGa-OOYGl zYeeW~KFVMb6in?(rR++kpwc;UT8Trvuf^ntujA{54?&0WF6u0A;WEm*q$lIU?}O&D z*5LJc;ylh96!y!VbB)o1$YQVsE;oqlO`Fmh=`IO22XR2WCO+hHyN|ZgYtv=&9pKw~ zqdZJ_?Kc63*gB~Eo@42tYe4R91&@~W6QWAm&h~8zat;@YDhw-GvU?+!# z$6)|Ib_Mj7S9}2XN_z(^+6JP_Zg<37Y460hS+BI009(uW^lffKqM~QXYLh`_G?t-K zY3~6Ty>yM9)=90ceK7ZJJ`Vrh^is^hTS!Tz-NZQATWQ^aEtbWzr%Y>;{z$_cJEZki z;op{d_1ZFrck+{ZcfvKx)nJT(-(@!GG#9wJHu1My1od(aGK>h=4b^WatS#@p z1HWK`zYA>NmS~$u z!*`3GOR|y@Fsf?wZ8?UMFJi-`EPM~frnhxb&SUsqqqt~ctS4e}I?Xkh)L$>bo{STe zEq?F;M_XfpdvLql^Kcrkx{nmL;tKV&**3mG@#{~7OXy=bY z%O9?(F0z$`(_-k4bex~E@4xZY9qY{evad3r!j&bMBf*CuVY2!W3>pc26qt;FM9Qni zcMD8^LKK)={fQ)Xqmt5=L%%mIuyy#vR8SQPIva#5GK8+Le4|fuzJi0$hB~0E6E}$7I_g8hj zD)RwV-KtuPKPNuDfZZLn<~(ouKKYYn<&75ZGuXZMXZ7v4@!Wj_VU^$T-$;QggS%zY zQsSp&&{EPp7?SovY2xbd_}`5ZxDV`waQvq@{zd zXtK99q45`@Q20Inm+^ld*}DLk{#5_|1Kij6=f+<6C{g^g$k$UAlS3re?6q`i>x zu+tXt7lkT@|1OWzUHK3cdZIQou`D_^>r6rahtS$`VutcWZDe9m@H0w%V!UWKHLV`O z6zl*7Q?~mdX7X7Ng0ux&pI2O+iIy*5r9t_ku<#;X^(Y{1vfiedpw)^012?^K^(BLT z{GSGk@s|w_$6qlx?Ysr-CDa>NvITn+Ty2rB^HYV$>eDw!1a0-V0JPQfJti=|jX79J zb&4OrL_d0ZrMK54TnRE+!EkoUc?F+Sj!KpAJsdr`{5}f`n-}zj__exKcfv0Gv1#>-v!m;;3 zJ;Pw7G1MLRl;WnN=&x4VG-B*Lph4VUNNqx3jfN)>FnpE3eVczvmeh+Y)UH*?!Y9gG zZ@qWLYpk4%wdYpq6u|bfrMB!b*t*H+ZWmkgI`O6~4fZws>R_Lft9oBR0U$WbD%FrK zhJ{+J)qn|ckP8R<)xlX(ENAQe!Pj8fHCY{WPw;iH6LzO8X|uVZH2_x;PsQ5Ro~b;aV|@M|r+j(-0lU}! zBj2PvAI4~$T6r3yD$iLM6)70~lfd+U@fD-LOBfXvMg?+=DoBn|D^DY1;VI9Ke$hcE zjLuS?iZtP~(}n*TWWIlXE_~BJ|BTFykz0F%5}^h9l0{%KMlgWGG13j3cHZ=~h5BdN zf?p8a_0QiRFVSrni~og~r~!Wm&^N4M?<}U~b1Lm?tWWp{wvb&(vketYO*Nr8$cD8d zB{lV*g42KHD>aqtavEDMWxp(T>8OIa+*BZnMq<<7nBNucc|_Y^RfA~bQX_9nUzru5!C_I8B4#~WPp<$#emh^ z*<@e_uc8L8?3#nu3SaU1$Anj5;Z-2VtAgZswW2mM7QU;fJLs9bzVMY9uZp#cS4uW1 zN4D^ZS9a@(*RxcP96xc5M#?NZ_Y!8eZ6s$fD{?S9PhgtUEXM4^3A4h&tU!)g1<5gM zot}}g@LdJlLC=uu7u}fgsz`IZ77P0^c$v0xt>Xl*-03D>&qL>XG5Jtwzsibq2(;H8 z<{SQ!n&-x#zmiE~&|k}-TKO9c$rx1hRJmC@f!q0fRk{BJx0^p>3ZEQQzXi7rqsq8$ zUg4nhTPXFDSqrdg(7Bg4Eo1OI@H~a&EWgLnw^?Hc4HHJ>&f;@9X5B`C#>W-%8I?Aw zSkY7#8iux5X|AtVFpgqOxI%MB9h~2rbaOg{WNNJRS!=Qm^`!4Pu4*w$KPgx24`&Ii zv6)UCHC7ITboGL{ax|{Ed5{FN>uzLb>@QaAoFkJ0EH;^<_%FQHd-}Fqj&?UKhS2I3 zv7dbFB8CfOfKXdUP9jdXHP2xccH;0$o0RJz7yPrQ( z$?4pl#3z$m&1?1I79+RO`!xV&Ia706Zt~m4lTRm-^(NPhyft_H6+o9m7{s}`O*PG;{l34yO%s=?_ZAKwQxGQZ&DT#3Z6MQDzXH?qnQG#?( zpRX~()&)C%Hxg{ctG!?Nhz!~o&Lx>*M562%>51onN*G~8_E#~YsWpxv;2?n%q>1lh zq$lv?suM*%hRG$B>Gz7kO7H#*D$!L3O}P+>CE zGIh)zas0W z6mQpj7g3tQ^@cCr*$@C}b!0fXa9ivp+8AH$+jEWG9R*X^FA!GC(38TWo zs6dWU1<5gLy|Iy*R`{+VXa}7!n)12+nv72c%kfz%Y=Te5*63OPi4%N&0RW$8(_7Il zf?zh0b*Y=JS4PTekEUqNRJKJ=?N*QR`+00?xBe-9nfDh~jh0}p+fpDJEmO8D!8pxq zRWDnyNR;Tdn^?gV&Y=O^HBm zc}Ah2^EBu*4)mriDx0TYnpk?3ah8y<4`Xvdf`5xbFm0qH2K~5f8MXNsONPZ?&24z= zVBLl{QsnZcQuxHZ*`7D0I@$B4xw%pSxh}lW@`iWAq^BJYKrSvpPa~BDHj5nr#%uFb zTd~>p+J~6!P`=>+X;Mp_s5a^bOtn!1kf=7=)hNPVy&NAYIDHV``5ay=%pu?0qJbQk zc9|B;$%w*1$yA$CgGu>Z)N>Uz8&9~`PuOstG7jN3OC3w!<_A?K(}&?2?2AN9_Eg%p zA>57O1i2qb8>P3ZQj!uD>qX|9#PR4Fw5@v0xaWNLd}w-Yu^n8KX>@l}LiWzCt(E9x zy3Gh5WZj@+yBe<|Ou{ygv&@0*EiBgxJ6QFm1#=U^#&gvzl)Q{hWNrq|NLkLIt648% zvlkt7+FP*pxdUwTlfLtE%I{|W3o)-i9N3?w+|RZ1`SL#sCs;fI&|Ur~g5ecbzAFD? z&2}7LHyVHZ@)u#1|4D+=NAp$rd!6!^gUVkpSN;muRsOlCH6l;SU)T_Bh%*%~b>Z1q z((*qZ*KNw*klU8OShVsN$7%V?oRz=W-rn+eY**ux36ro*`TI%v3#;-M%$2|KyiNHV zDa*O8^6#LxyZn{=UFENSfguW6H;9B&{zCxDe~tP-78SsZ*msm~aJ6OoHcPcLy9AL^ zm#{!^dLdtR2}QAfk=GVhU4me)xD_bv5?s{bB2Y8>1tV=FyZVI=`qBFZr6bobxIWSG zz8EJs-2ssDz9VL@y_0>%_y(`oKHf!2ye|=)-kGm>M@2KT6fkk+*w)rKhNWJ-yMP}D0>yX_xe{~& zNYI8rF>VT!;z>Cw=rRlh-BZAi*>#U$2!WMxyipdT)m4H?wlrBUFEO%~0K zxkI-{pd3CSA(6zsudJ*q3Wm(0iM(0-V)#T^Mb9tX3qAd^y>C;vk?Iu!rFf-4XBT4U zF$uRvvN%v|%o&RJm#?At00GYD9%!%}A7ro+A8fE^va?<7L8Syj33V)bhP|Q_wpGdMaM{z(o&Mr zVv^EQlG3tEX|M=&#ih#`T`DRr6$3q!y;-I=Dg!;iDN2GR3OBYU33n>ET-weY`)BJY z5=prqE#Sw;D9JY>4#zt5aSnaFKruc+pcJ17m{>W|I!RV9K3P_Y&}wIYl7JtdB2bJ^ zm8-3#Tu6DoL^8tL>T`l8gJ;XISDEnIRw8Yc$4Iy<^BGd&hILN9tuh0Mjqr4OeGXKe zhPi*sVj3>$YBK86jVzsM58j{GI%lCUQP^Qsp4aSZD(dDg(Rpkr(6ur#z0O;EGBCuuPu3BJ>cVtyT-+311@jP;j7l zG8-p#AkgXLtT-3wX-&opNcmIoG&vCTQFV(a`@z$&CYd-{t7MqgYS`_gY}Nq#8#|EF zGcXMnkq~8gon-<*_;fzForT-vcide@%A@46pNt%7(D=bC98lQfX-?+TiLk-F`U~rE zXIpmNAM)B4L(ywrV&6;c`waVDX5VMp_j0~!TDXmRF?BJ-n!c;aw(G@}2Ewm)Wi_9i zGq-*0hjS0kS+mo67J*yO=98_PsJ-t_Q-m{bPulki`>wU`mG*s(eV@xWm!{`oeT+0^ z&X1m^bx_FCL>Je_UJR#aU}M9s7gpt6Eks_SfOdfnb`?nWe4#Bc5x4(O0A6bYxcK>e zc%IF^FA&1zxkJ2A2$%g1@ggByNjSudg>Z%95HAtJm5)QbR0vm84)HP}RBCCoFBd}P z<`8X1|LP7xZvXPOK5@)s$twh=uMq`ig?gwio6i;ZZ8VMgR` za@QEG1g`}E%Z%dG1gWCv_O-5M?EoCU)x8ve= zgLKe6!A7v^`_lQS2Y#B(M~Ndpc(e1MzI_$`^z(wZfJB?VL!cPHRiG5TgL`}Ja_jhQ z4zVUf+$jV{7v3&76u$!?Jy_wxyJVq>erF!}uDoSl-cpxEW$Iaaeo9;JxoMP&7n&m# zOYsHo=0m|M5?(Ih%dQIgnVwW_;&Hu>+Ejt2)0=iE%xx5Uo!+!VVbOjaz3E_hzZMyy zuQI*qJc}pbygmFay*PK@9?n8L5>I21L=O-8E-NC(Dp~1=G}rPbmHCh;O@M; z-sRngp&EaLkMi!L2L1SB28ZL18=Q8|L7&Sz*@92w zG5)l{;rJed)6Sc=x~n{7b2K@ep}e1DYjYpCw-Ak}syCp0KX!b0F9O zZQsxH?erAexy4-+=?lLgF#SbQpf8*U z@IMXnW&3`GZ)+2u_^W3B8sC*ylQS&z8A8clIyqZs_jO!cXJ>0Y>g=@EW1ZcD7?RG; zSfR7~hR8Wy=Z&K1cd82bNr!UO)<4QGKR_%!g^LyfD;W6Jz zGLsRNBZlutQdZ~Iot_i5AoIM8!psXY=)_+%voP}#X7A6V=~poO^h5Avc8jK8mDwsf zYdw)=gm@BbTpJWUDv^QSmLtBO!+aYCvhT8_wnH%k!oOp~5W!9+q&`#B`0YcmK5Mxps*qcv z3bR{Lic_B}3C@jU3>o0>f#YBU5|{lPFMX~)H0myOgJ1UdM@4DzuY42qp#|<(s(|kz zx@+wVWi?T^*`Dq=9ysreQIb0zz9ksP!}0YGeDN)?v6>AB{s4tei|bt>-krt$OWav* zYOG$JckhsO?-;+v&W)2V^;)=X8g5$-fb|-J9{)O*8Rg8w@mXU-pY?QsSx2M(B zQp&oqfYiV7+iMUTJn05ZRMRG@X~}10>N~~6MbYed0WXPq`2Jxh5hM=8rv{uWRuhH^BEc|g1;2TLW1%p<}D z&q^^}3?75Kh703=mVfG!_IZ$uC2(XWSDO(Y+{!S^Cr(FVb)$eA@!5xM6-lAJx>#_ z!csru?!Edw=TUBR-n!o3Z@4Z2_Uw~TXR0`UAr8Ino>7dRmd{Ww z6^#uOZXBGv%=C$rmuI}n=F1VtZZvJGEh{Jz407*Pm6usnb*fS6&PFYA%|uB?B%gRs zozIOWjR}Y}=@z)VFt^sak{xuf-O3kDi=H(dJ^SmTdu0pg{aCRISU>b3Ds|9lC=J9O zCbBn0%c2E+XyXJc%eDlIue7cgq=KZ$eJDqpwPl5~u}X3HZN%B{5kB5(~o@-mx?MTGg!_KjcRa-$u9QSLxBPgSOzV@q_4A>JA%08X#SS~dPL?VG_D6Nh#Y<(EBw6f;bB2xS#z72| zGF*75eto^_fxHK0Wv?Qzyuj*m!+n4!Oo>}i<rFL#iut`^eE zQ@-5tyHUACY*y}WkSKR|ABoD{IjFmOxg~o5RA~87gjr_q%hzfsD&v;&))T<>#7&94 zL{ywwBQ$=5;-o-9oK_(3w3UKb+sKzC@YaNfB8JN1$4lFi4sA8KzoaqFTs1x`iB~P0 zeTJk&+wwhcYY3Uog~c;}$3QKm%~YH0NgUTGj(Yj8OtOZl7c|ke3L(DtCU`tm1I+2O z{1KR1k^MSB)Kw7|?UeQ{GO_T!RkSK2q*{sgk>?Jx9Kv}TN=4}W71CPy`1;Dr#_@@q zi%*Efw~ajK;}h!j($3L7@w!zNdJ2;v;c-D*)i=CS^2ex@+qz2H_ir1uZa0=>c+Ye1 z-RmA8OmzNoG;r3>eCi_-(uK;JwdrRuPgY-C$J(NQQ@qc>SRD&%S!Ab}e-w#%eMz4& zvATcg5e7ph#r%s5h8$LNa$8sTZ#nKuo{|dzB{j#B{32|seEvX5p}#})SiDUsp(k9YUOeMDZu2_bRczjIBwPr*iIv2-Gj3)@tz`i;)%z< zZoYqqHx~Q~XSfXoLcBV;ggo$uQBBWy(Vtoucd6;0h!=I~v#h4PxXU(XpRuf_u(-=k zeT$0PPbn=*Z1;M+x@gv=go26E%U2OU^2gdP7YUSfI6#*<*(G(X^V^Ilj#+xD$%TGfrCX8Z`InCoQ}Ha^9&rrgvFKfcbY8&Z>{UBRHsyr*LVvMlWi2VLaJy98ue+QkPg_TD1}f=ypYR!+RW44jk)5Rzc1MiJnkRZtIQ+np7vR^g|*2j*YlUp-Vl1}(3V*=nAFCW(5_^~LlJ+GQU4#H zirAhau75(TP0N8&$_SNGp|Yh+q}N%E{sf8VMS!8@xQ$cY(RR1~W~y3w{I5x}@@S`3 zEf&i(;*wu^%#$}-kNd_&g1bsp)+Tj3o4UQ;>b4Ol>XyS=s$0A3A%Z>0{TA^|3>zN+ z`C|FDm0LJ(VgNVgq7m(AR`mK}S)h>hzk=zDkET zSn_!3_YLDhB)@0JUl1XGx*)>*BX%Y4urrk}%vQ`wt1n+l9^TjvdGw3!8@U!G`)jbm znmcnabuU};XLpm+=aJ2@2S4pi-X7XW{#~(W*Wy)=vE=qX4y|d5pEnpk3&|n;Okf23 zEW)0AUi>V<7Urk$Xu24Lv1xp|(Sau7ddhWM#)Iescx&rfc)5kGT; zjrf^&3Gwr-mic*Bo}am3$yotEbEGgoMHD~HF~m;D2SalF+Q_viIkYLiG#7ZDKSPm?+8M+Qt<1-Gy#H8vjkk=k`PZpF3c* zinkxwFPh#QD~#^cEzD>UnG7531WbM{c6Y`GyAPyi>_VD}^k=57MUJMo0D7*&nBTve zN15QWYF8Qcn*sG%wWD}`JJCkda^SP7j1bEeiltxE)$9WY^E`h=S?dBCB3i}h>eH^z zP@R3tu{?)ms5+%jOho7=PNP@g zZZtl-B>bv26XlkDvhb3xnCY7G`VK`z3A8zSfo`P^#fngAjAbd&;w zwsD<%bSq7MyW@oX_QXI>u^7E2wz{Kqk28~v8upU#;VNFYBhu`5AY``2147F&FxhN3 z0_c`fX9~-elLogkn3NZ83yEiXW5eG;fshN2rse)W?;=p15%(Gy^*s~=;=YB%WF=*e zrsaUR%LwfvP^e%R!G=RU8G_EMA_Ys?sNs2@ihN50SF&$O!vKgWVg+48}=$(dOA>OSY+19~-P@YA@X1{ya@ zncQUguUy5F;{yK2+!WkzHvZS*1pl|efd4(C>Au)dUl%n|Um_;CC?%fhhYdC|wDh`4 zcr?vtjZN;Ml%jg5?PS*X0jh`UobRFJpdLzQNL?vhu7^^xUR%9Rt{95s2wsItIav>t zqbKWw9x6u)_fR5A63j8wLs@Pst=K-Z2*&Q>u3aIvk!w+M57lxoKHPz9sDI*MP!qn2 zPwf72=r-3CdzMeCj97BdfKLUwQ!Lv~`{M+k24eVjIslt-DLIZB2-@kD`F1)855Aqs z7PQmN)J_#Pn%+TVuAqr$279l$wkh1Z|Ickx`J`6F~ho6ZSx`i8vmDL ziigt8YMUGQGeO;`ZK{{o{8(!_S)MCbp|)9MdYzq|j3I~O1kXoc!1H>Jd0=bWHq$$M zQf>F#Xd^w$lXeY}hI`V)JP9dKY#b^vs4&sAym8pV;4VNt$;PQxY~dy^oUCNDG8q6`5ZktFKF^PQn<;BC;>Ca zP?NXZR$8%rW|6nOb4`9D*P`S;)?kA+e*wHzo8KQkhvh|W{xE22(_OJ=`LEiDCCBI6 z{HM6zYWyFA6a3!|1OC@=LKRz6{=-HQqv_p&$uhBPPi$d!3FnCx;HI)m>55%@$*dm> z6uY{KU3-zaXj%?pm&_2m6fVauCF|M6t&GypIf7@`(^SE5R`Q(9|MQNa`Qp)tYqR

aEfk;H!-rF(%{$XCqh6nThMcSZ@GT ztM!DbnBlRW<~Z!%*50~}|z6WAWsR$os8}_lc&9LLZ0@;&|HNb zG~=;uBv2wo(-RC%G`OF^NkBcn7|%?>hKMzvw}{MBI>1eww;W)DsYYYu++~iW|hYITFeHwRsEMHBU#A zms3$HNqF9(7uRjxqCKIZd5aaJyg0MJ()Q)xV+&)mn)Pb%(X z>+U=^=udaGu4wI_d2dtE#=m)5$~*6+{=w6>6>a@HnDVuVS;-c>^Iin86iLs$^Bxeg zo^=SI`z(SCoby&MfCFNwZ4SiO=7dHMQ)MSyQf7!wpA7H5_yF4W~?lWUIhR z6Dwv-7N=EXd0BF@+K(Od_$^OG$tfo6!C3lHs(d2tp$ZYIz|;?`y9)XWOkQ+r(!TbA zCUMK~Z?3QBL0il}G?$W?a_%f>U&Z?Fsy>_kdOA*s%|RIG>r^y-AhxE>D?P)L!u|D3 zPYU(dXmtgRn(t^@9-`@k4IX0fP=kj7lL%eBsgb;lNGR`O3R={vT!59{`lj z-!k7t%RxF{W~ebLTu$dJS>F~>I@0+$LbEP9N7qMLuW56nu)v5YficHW7j3z%v|{_r z(naqtNwHD+My^H4>7HLfA3YbItB+Q9)|}^>8y(KSEACmHs_KX(4+wZ(;L4DRRmSrp zaDwMYVMwRi@cL*F9x4GQxfV2@Nny*X%hp63Or1oIrjG?~qPkRCsLSJJ)E^0yy6hZ^EGC~|usJyyVqMk*cDQm}pau_inhPq}AZNo069E-Bb5gnm?hn1srqA5om z3JWPm%QXAs>y(nuHT&dyDc9lvugKt_S+~rPav8(^xbN3Pxev>f3M-kiLVKCA(`J^@N@EsE$kMRvvJZcTM9Y-WZ+R+8&XjZnefb~Z zhsO8|FvER$4K(qJ{&*v~(;ClT_=j|jcpOU}6v$n|4M6VhFu9wB6LNPFMz$|M5o=Rr zgBlSrnm*a!DF#n9cp5PIizJ{PTMNP|GRHfCn<$*h5W+cIM*Rsu3FlUM;gkcyDI+AD z3Y8a5CF+IqePt~J8cpYj8wqFLrMYk_-9gr38!VW(wK#CS{jyJg!7P`aQ>F3qU51ogmUYO zl1s_wYRs^FsxOp$zRJJ3UR)3D@BBmZDK>LjJ1?IM^%W<5VFOOc=UEt%&qH`$32RgN zOrPON;m+_(Piop3DrnSvN7M2UO`mOW9x%xz0`bhb*jkWck)!EzfSV}A$~IDbzKr_0 zKuPh|k_XN0Ijjo_DV7nEVui{}u@d!C{E?*iJkV%5M+`~vj?`w@#iTg2ZmxWXrC1kg zwzO_;nP%O5zEbkJX5E}`k~RKSp0pgaZZ0z<#g^^tx_R7>Kczg6VnAtkJ{4=Kr6DHE z0442OG5&1j$DbOLG7<2;g7IepVw3S_K*)LyjXzs89e=XX_z7*EFnKRWYc;E~VLhRo5op|%=jS~XRgsL+Ni4Xdp3w#h%_+R$%#DoXw_XhYdG+jVeHZA-$(xBsARmAHF}*RR4n18s{GU6=|#fTq&%Ko)BhMkc1{0MJkWet)0Zt+E8J0Qg^HVp9t|oU z-tRJavBAX#FEO|Tn2f14F2zQ4x%EWh8~_LY&+CaQD-H588TA(^1{x$w+`)RH9B7a- zLhFeNMT4{xgTY$AG9j^$nO{#-d7G^#inQ^1qGiOYCs^xOZkntow(O<(dLlc`Y&~&1 z_!-u*e}w)w{<}dBuP0807KNtuq~>e=hd?`?e`q~XxeBc(#@ti5Ba`Ul%W*<(uEaoY zj_0f6&x$*}3<8?@ugHV{G#!jk8jSsTAPW)iUa@0E%0+;?^i~5lzbhZpjF# zPlXE9r)9>pr&pBv`Y~MJ9DO#;rP}8yc@&MKI(0PAt|T}{7JX7Y7EAV%qGbrxxSS-i zIYKq|QI1wyq;imIl-XFtH(mcp(Xv#OOeso6pR=oQ?%Ah(ui2II7w4!@eAZWJz@80q zNnVJ8(jroys&YO$s@g20$%Ur4b|_Dnewx*ZR&iR$-D@p>{?l@5bw;0l9O?QK_<3?s z@_49C-=H|3TIGCH`2IW9dMsIIUhP};p}5~={J#b#_`z5bU-<%?lr8BT)7d1f{MS=1Q6MD}b6| z_7yA8{_s~0nqkTeNr%GaW|&IW_pRN?6*J5n!Hdgt#AM%na`fZ^;{iK^a-?u)A)>T` zIr`4Rb|zSEE3Mc*vnYuZ#1)%iZsb~&JW(|s%rAE#8=Bp)U9w3V*BUT;F&raI*A;tq zeyPfcB~J=?=GPSNHlE##6Fggm;nx&y#nzN(>DxRhJdC>ClbQ~r6f|nSqiK1FrtdJg z+TfiA?*b+Z#PNHug*h&qhu?sk%5mjg9KTm){VhOoe49MST^YYM84 zSn{-h=Y{r7_8#N;eK^7MKV!i2(v0o3$^GV1RKN=ABNVRxPRE#Yhyu=%_&mAUUAt}Evv1_~{wfopyLRJl zIQ7ap26grXP89Shj8^epE+dW%;3Sj7gr<~C0*N}dkY`Vl0`#(^56Y1yz4lkp!mFT>hXP{BVW!^&?gd4^&L z4lU{&K-3K*%>D3%vruQ^nmG%gJ5|m$GnScWW>w}KGwZ#x9?sJJC&H5F0sI-KF~qed z6xaC{CYqUVW-PP7%!14XW>#e`G_&4&)9YJ`Q<#r4m(h-F1ef~xv&qjwJfvgryzaKG zf@zA5a>_(=q*)Aal67qyLb_6U%qCFw4u*xrno#_&V2>tMOHaF zZPToJAmr)?d%l7gJn>G5%RNHStb&lQpnm@RX1;!2{5W4f-y-i1TKz1c+R-nUVxW_+ zqu!X=fz(~o3zaeuE=B8w>zqM97+P#+$~fmNgzhklXU{o{nCeNT)~!=mmysPm$(AiU$sWw24_^c%kO`ATUktsmR|5;uML5jrP$2P2q$TU( z$mN7*rW58!Av`HcwIL7HsVn5H#iC`hXef0hmh3QG6{kVjRWj?Z25L|?h~(B^YPBc_ z4a#ITRxxw*Ga`i}rsWu^j^w9w!ybB7LPg0jlofc6Ac_>0{C4(n+|u=K+5I?5n=j<~ zy>cyk$<3elAbb2Y8GMlc*~mh8p1cOydj3nGH=if#+uyDHL-S;%9-1c?y79O_WU}=p zY82Ue8-wvz`)HPx-}TI~ay?F-m9hovCC7O_&YG#_=DC?-)D@RfVYePi#j`M)euq%0 zZ_q8(scXoG-59b$7BTBuELmnLCt}tHne}f0#VmIB)vWg-F9$J8W@8n@N6##UBc|(# zsdaIx6m}J-S_6|;*wA<2hcZG3b_3D-U5+h#DN5dm z57ZuqF9F=2am$CUTyvf%Hy}Ls?|@Bh+%K&nJ+pHm#T`rD=^ z`BYLnTIQ4I1=t{C~mqpzyi)O>OV97F6MbJ(0AIhwM zPg&xo_#tBGKP{JX&`t3&8>{HEJwp|am~K^+(zq-JabYT!dPYE9wFJENU`1*o8}`x6 z%46OG*-)8S!N|)-%U<%bp>JmT4dTxn#Od2vxLt1zeIID2@^9X*=R&)Xf2dt6{gC_= zI6gJHM@)V`!U_5L1S2dz^?CXE3@0x?vIXsWN>ly(shkQl;@~AeTCg!(%}or~Ow0J~ zAJkBijM+bzQU5VeWA>q9H=|yJQVtB;WrVn`P{bo{OU*LkRCW;BFhfLY!VnwJTY~02 zV2Dy>Y@b)NEqe*nY_6@&y+7Ypmp>a+eH-`6doF0JiaMl2JG{|G=QG z?XLYVu}9Ni8T_ZguYt)~)@QX`iGJdvxTwT$WYm8FR3-B9#NO2rl^T>0szC+G)nN80 zo<(EfsY$C28+_-nK5 zNX@oA*#h1D0JWTai`weL^(Pi5t60aSuF}c_*FqU7$^A3&j2tun zsP7QV)DiFip*n(g9RGvdSS_NR;;kv0b2u&`N^1rJ;c;3%!Q%Y1!T0bf+c+EZCE|@B zrX~foa}wz`Ht!IfH^P8^CCwffv9(jJUO&P#(z*@QbkJ?6cGYb#hk^M&sQ`2vJ4=t0 zpx$^R69;u0GD9;{g`?X*^|Ldwh2$sGjc_VbIhlsldXskSm9)b>eT%VZ*C977hgkRpyH?^Y;y&K&wxc=m+x;U0+a;a&{*U~iD#hdr9UAIL|fHHQ2d zm}23oraJWiR=ZdKL0MEC4`JcLPaTO?Y^vCYW!66e)L49k6!78Ew5Y08nT=J9H+-!s z5Yaq_L9ITHQS7gVW&MH;wcuh?Mqe49Y)M{m?Vmc@7N-veuC2fZ_71*ebt9GFE)w2`e(XpXX)NzW`MC zGg77JaXV4zeq@9SuOLLC!mFru9^Rs{@N_>f;o^&$Cl@7Oh6*o({wH)lrIL*$U-9m` zSN#Gnc*=rcA2i!p&*!RqQ59HBY2bAP$FY8m*5u#a#A(HPfWaGxWjlGEE zy~xIualqONyFS7rc83I)9kRUg25#KWw)sAG1LJ561jWxO%L}rd-<$aH3PHA@^ZSNk z`0%wn|MC_t73{#X2~3eqU}}qJ|G*5TU7}{s+5ZmBWaQOmGPv~rt&l7>DP+4@U+Y7r z_mvG)o`75Fw~1x&CFG&0UdmTWMXRiCYGu=);!0FhS5r|ooYPCNHVM*NL}(HuUg_bn zcVyPD2UhSB>@HGK%(p199QZ0)FEccpQ8;4Ku$W$GyZh^^-)Sa)Lsf5BL?jUpuO}$ zZ6dcxjBp>-CYc+L)!^hsQnsLv;z{7}7-(ypkmhu6nc=>Q*-EO?MB!aBVZGIRSfo_m z$L!;$N6H0CrB+7$RzNA0(Gr9ul!_auAi)3`ja6jaD^-Oep1%=Kat2+L=1BBT%4W0P zNu(xhvfjy3HSYnNlr+857-ICjQ_Eg*V~n7GTKaOnf4cu~0ZZDr&wt4EPl`G;PKY}- z>ZgqdeQ<&Y+hCxx&V$a{9xEQ)mCSYK)GL~JCgtms&@RFfUT`T$9t569^F83Vozd+5 zh$J=Js{aGZWPRF)SXBKVVP+pJRR*a3?PS#V1*-aY&FXYfse2iXRnG=>uOLM7F_GlD zFN?;)({7H##q0DuIoP_8)9Lp-k?X&dY-qni+`WU0K4bOMA1CT(07h6w=b}NgYI7(~ zUPfgLWR#nQ2ZGi;h{xm@io-lXgw!YGEwiJA8O*Q-0Tbd62DPgD0Pp@ns9B%lu{BQz z7utATo;V(~0|qY+0h4p2PGFOoLU}=@#%K&RJEB`U$_3rYX3&D#Q?ow6hk&QH$a6&7 zrNt53uwpD3VWSL{Im(8Won+Q;53FFr%2+iCHGWR*L6Wq~4Dm(bm^_Ft==7>)33pbm z*q@RcrK?C9rCa&^C>?#PN@VROJiZgDNei-L?v_jQ9<(6klmWhR-xOWTUb2!fBD;s~ z0E(nD&&)%bjM23g#0t1e@ek`itp&+%1OMi0LFYibgnvl?DN`ZYDt2sT(Hq(5zt5;B zWb1Pb?N2?16$`B4uLr^#tNX#$jlK+ooSLor*MFf{CTgqQO^on@rQ`bi(ElHJ;OU!z zOp0U;y80I=86W!jxB-v9#G(E0&mc9?w)LTO^|8VRAki>Yx$#shj{k~)94S|!nXEo6 z*tZ1MAily0^~|_pJ4rBinw7I$#4)5o6V`vqS;G1?7O9VKFtgfQb%^@-R!055fKngh zB&yoq9!<*u4I-nl>cv2VC=~Jh8zVVF+I#)XT%m{j|6JxGEAw|`O%K{9zn4Wrjvufv zztY>^R%iw<|ACY(HG>y6?bWQm4~9k4a?s#KW@FVWO^VI)-cXYxt?M2ZjvD>6VWBJD28U1Ir{gBFowh8nEGv51swuw2{s9R>XVs9>QcsjcYNBsH-J zHA!Ev(o8I0u+nI94;9SsI+24Klgv<)w1So9n`FC!ny%qCDSkF@ljQ{(ZMKQlO9~j- zha09yO&X?cJGb1K_n={_>e+OjZSo5xp}oexdAocE z8c!00+oclEw#&Y=c1dst(pmJ9x&0!$wT;vb7*F?Qmx>nPxpxbsVADphx8yn6HJdXE z@t#S?8HupBq~6R}CSzt*<}@?wy>oI;xWhgWVabG2v3)AqTk?D;uDKQ_nmOIfSmq2f z3o>V#S(Rxpv)+44?&aeY=Hm>qY5QRBCGHnY|C~>O(>)ow)eWVjekd92E#ZiVT={5J zP#J8hm=DEoC8@MsB>7Dy=67rS&f-GA65D~oOKkG~Pv(-X5~(7JmO6s(Yl&2`tlYDY zwFGOj6`*uOuiP6=KIP)dWFbS^#tuz4M{sLous7oP3*Bb^8)|#E@P=S-M4?;xzm_ld zo8`;x82P_1-=@4l)!9*|>^oZR-5HnV%cSui0|&-y7f`A68H+HO3v9)v6>N2b_#~e_ z)8HBE`Uecn{0R?!ZXjDQH{ct+c`&c&mM$d+I2KpBfYE!<^D`#34yjW)ag+Q$f z?k(-Zvk7zya?sMC%+NP_g=0eZTi@uX=^MRrp8ZD8=-p>GDmXUhd3vZ-KXiKh1TH*4=3mVV$GYL*HZz-CuEk z$@sb$C-{0PhUe=NY#Z}+=R998!-MCmY(YnSF1ZO7vX(**f5&fKY+uN$Q{T`?J^wk4 zf~Q%0C@T5A&-nU!e=}O$CeWc3Eah6;1TU9ae+f|A1o=u`vz~P$crFKhx0M-M!BRMO z3fc(plg@ zd{jc#M{b}h{Q5}CUIOv4bB5G|ll(|V*sidV{IGKFPUGKPeolwBkbh__spLcQ98{6hCVt~r7MKQIBcpy9 zP}3lG6VY zu@1Ik`<93 zeJxb}wLmG~eO39lS>?+?%2#G%)my=AOyP*BjF|W?!(j-%%W%e`B*`d??=t(T^(dS9 z))Vy0Uhm4S2`jAOSZ*v_zzXGvhEq;DzTvd&r6^f}5Bm7*J}K4}J9u7f?H>Dk&_vpB z-(PN@lwyu0+gUKiH=Y--8ZU0b30~Zc5$46jJTGp=$@44&sH(#;WxJFBFcLHX|l@!C4S^!RGyvBx@o8 zFO<#S;)UEc=7r^^-rTbL4V5E!u{r5@UbO6m@0DF(wmn?4UgAz5C>PkJ-CSu703CD|c zN%Nw4&vf()dlPwgfUQ9#U5fihqrIbgdABCnjW8(=e{&a4cdR@wz}_HzgWW2T>Y@0$ zBvM;q@>rmDUC63acBJDet>TF!dxJ_sS$tJloXvF~_?^`Yka-PCHp{*E@F{n@^M60` zHJd47td?td)=J717&z5{N#f+u4BDPw#cqockDhbxBCJ}A#!+6i}nTEx3 z)5J+!&`yO=cW)}@g3MbOy?M|>-{52JKgd60Jo<$f*?NNfKZim2XR=nJ0a7CUECjwA z8+-w{sZS{@J}H^4$!4^EEtr(dBnkCA5{;(iASEL+^pvu~p=5ZhjU~zAOm7P=Xs;>{ ze%d+E}3*8j~Cl7lXUlG#{wP0;i#lf}uc6lGCO=R~^YT=Y?Bc6q8<=5k2eyai$6OJETP%`<4x#3NL{>k^DMn0;h)=u4?Loa zk8J{n?DO0GjG8?NWI3}Op%1si#eXu(leuahD$ObP&FtlObKlHV67G?ghl{dLa3%+U zWd;IhlRL;r4iaTBz`vi#+J}3?>Q~Ox?^dv~RlLj3Q%4t)%rE@Izq>&AY=zg_!u1Ce zHd@8%x5b(!xtv(>X&XtzsY+~d5;ul zc7o27L{afk3z*s&zzxwr>(GYFqT^X3u=E*iU&kzY=3OHpMJ4_!a77_op{9zd{+Og3 zHJ+B)SoLYpxD=MyM#|K7&mT>)26+T~HtA*%>8Cl<{F$$ub`_h+k zorFaes+f4ukj{F%vxbo*cTZTxD}6GS>Eu|YSU(Pk1nh>fq5psLSe@J*f4zOE_8#G` z=uVz(Z7>d^&b4MzgI(iCojFopbqM&IIo@|^>|etdO5!pZ>EAip<(I6?s(0xE>jR*9OCT8s`lNYJPyxs%7msnC>@|eQ& z!kxtyD=2JJkendOkg)Gw|JA$7G>JNVJ6EQv?c)9ktWXgnja9o->51OiCg9U(v7}ii z6?N7`W$5tSQ@Z#Fc?9*j$pHWin^(>gB z>D_#@P~b#b>8e>+&`_3QMSYgpt6z#Ic=Zbw8tP?rZ_3HsAX`pkXR~Np72##I6@wW| zv!te7^{l=mBl%NRWCXBty?IGSxxn5}b`>|Sk;?%}GhfjMf@UjvhFnZ`3)~5$zroU% z2P$G;BFWbCIICw1$hCYpXAT0eFn2HpH~#^XhXArwonRJev_qj~4wIku8HKj0vuJ!6 z>C)Q!tYYLVR56BHn^L{Jo6DE47v(!&FBYNI%XqS^@+<2Z0qhfGSDvv?lwEnYdO2K4 zHtk6M0Ev#|k1~8ma)dl-o_P=Yg~XWm$#C6w1@~f+$gb!eScYm00cKZWYe(z4RarjVLzDbEZQ zi<1XPG0?-1yc{)Dlo`?t3d>N@G=nsOQb(s0Bo8G6gIObE0y|XJOH~MT$P@;*nKZr} z4UPe@cV1feCLMhcvXK6 z){4|veHjfUxZpBdeQzim-nmN7gU%9xHKGh5GP42X>!-fGY6frtBUo|{fMXfut+JW< z36*S_S)+hbZB~7`%vhiX0`++)$c#vh)n72AYm%AhhP`|mja72~f>C#(MELT0LI>Ti(L-+%R;({u`&)pYuXg;?3$SsJ^c6M}^!qhAKjaLvwq zH2(&{Ed#Cx|7~&4>qW0OKFZ0tHLB3KR*C0YlZl&49%y>QT(WvY_K@E2Xp4G7)g!$j zFL}M;u|RJa)amNe_6qI$iNe-!p~XqwM< zME{P&?7$iow?aZKu}NqGS}Xpr#onN;%9_GO@9j45M(!E-f5&a$md-O}BSL)_kGj4t zx~)?b*ax}j5O0@mVgcHHV&zj>?0MXWMp&8{&2}X7#NA!)EB@6b>wDvsF|GWegwDb! z3M(NIY?GEMNHFTW=>T2rq%knfPbou6Z={p?dqM(c(9mR_VCrIy5I*(5fM zL<5;U>(3hZT3@T46f|HfwFanzzoG$Gm#FT~CF*w=FKg~uK*{xE3!MFp3E+nZHEG2T z=`Duf**dl?hLngVbIN8g{^faLq5e5w@$y94Bolh%W;#ryN0@@4{hK3nRpC?+E{zAG zlJ~>NoJVM`lLYoj6ql~AAUMi+XPgr0VZiJ*;`8y4-P|Q>um(Sp)k+2qsMh`QYtL~H z)~U}#dK9>Q{$L5HWUyvtnjcxTa`NMk`4(&Kfr<1^(0n$cX;D)ej`*{Gzjq~#-?pWa z>Ra;y0!Hg6gXvrI40U2hD068!s1uVJI{T+^Nay49jT<)Ot5rLnws!qm9vE@vY?N-8pq^Yj z;zLe&>y=1NzCh6K8h!Fy^@*bo6?}+LEwa)13DwP3|J5g_uka|{73^DHiG3b_ZeMD$ zZ<%e)wg>q~=;6JS6QSP=trY^;ysv2ots8&%VSNpHLfPX?mrqn{qumMnnaTZXoRFne z7|cm~B~oSBYD*KTa?H~8?+{6p?SeOgC2s>{E}-yEH!#(XPo%Gd!pA6Jstw@xW>@}z zhLU5s{6ecio_eNbMU(8;4bHF2fx(K5(D+HAf|(V&<(QQz7krWqvrMEWEVIdyC1~CQ zUMW>3L&huHS>Cdj9FrpU&1k4Q?e5@g#vpgWUxI3H<6d|t_svLAH>u}7)HAD8=$AD( zQC0V0SUsm#VxykTEM5Oeww`Z*>g#zS#qsq#A*kp3aZJ4m(Acy(`9`+QB>80GwFe(f zf{&+4PfOK{h=vRCz_e7&dS1j>|;oYzGx9p`Tc`-iJE`mBg>ydn&^9?&I>TTSc zpXBOXamSL2eL%@}|6H9viW7DI5JpRN{*R67{1RgEbLd`2x z)%>M+=gvDY)%?NvnwNuWUS_D~6|Uu)SGJnfyht0@yd_<4ZrN|tO1??Wx9laT`Jmp< z|4Y8!IWwE9_jmu1t9Qj5s`rH6FVKD7$hvO*qSDUBpx!&tLoOw|&2QhzTn5p9sFp3; zN!mG@YydkLW?}6nBfq^c>sHLhg3vWxbnK+&FQ!VQFDE{~!7`D)LiPf-GU<@QG7!2M zKCRep=R_qZ3^`=eXrI2Xl%uA9SIMFeHdkZGZbnd<#MR}H7^{JatA~iIHpfZJL0pyD zSoP1KJt-V9t$@mAgo~BQL1f16{VLAiYgL@T)=JHdPDyprtWy%H3Dd1pvYeUspt&h` z^hVd>-8Z+Ey%Z&{!-u^wKud5t@sGnp&P_JyYx+WGE0g16RUioRZksAu#jweE=sTPe zk0q~H%o>|>2OEBvx*-?3xed9PkMVnQaRXt!T*wy4g$Bg*?}QEAR@T~XE7Qp-ld%6u zU@jo4-xrufF<(V_XeTQ-CHdp2+9J6Kz zpMRMAoW@3M&$H2z5K`)$d9IFiL?dK#=Pui>_qxpqG+-iJDScA zERYNfur&elJF*k$^AzSQQyMoJdl(n5ltoJ8W-M8yp$toD%#rDLs-rXx6YFh^pO%A^ zhRnvQZv&;FaKv;gF`+byFl^6vaemKtad^-7G)a%jnjI1OVwQ9E*l+#zTg>F43IA<; zWLdPp0sqsAD3QF4RK50S*-KIKc6`vr!~EYsC2PNKcyF)xUkYtV3;bsqXm>G%^oNp< zC0F^lHAh>3AJ2d7&WHcny#IUrKMQxyf7t^5U)+@cJpX`W(518>1ZU#>|B4VO*AjxW zW%{E92*KeJg1gBR{Ui<&0+}Hpu(Jr8E(A6#R)L!hi$&U)?Ut!}bIXnt<|=5I?JaxB zvAqf3KcFC8;ZyT=AA_bjP4jj?7@F28Lwr~IIlhmaup6R*2Y#jePujlkwtf3=+rJ-+ zXS%ucXyDbiL|hNP29@3#aZjveeQm-Cbw?cg2OfH7FZd}@ciebr`%Q4epN-nP2|dQ_ zH*OSe`+z^qyr##)sv1AJ({gS%_F(!h1Q; z5l?pkfp)-@KP^flqwW+;eJ_8De-VFLw5wR{kA~gSR=79B!+qv#63dh~2Gentt;PuCFRs6wK)Yb(v1P?e!aIM+f8mu)q%IL2j zAlL1t3+{iwr^N8DhRd#ryM1Q}#tvBU3~^3Z%+qgMe`?&FG;RIjxLZNGarfbYg8dH` zJ+o49ivt8dpCtIFnSw)4TYqYad#>cg$#M5gnJDj+h;s984oXEkQBI*mCGL%>^7E4U zIk(NcP9<*piKP=u+!hbLIJu2`@s29m+thULV@llf*S0=yr}48x#8U?DdFGP6 zBUf2IuOn2od#CmM8>`*IHtSEVc6*iz?q~2)C?)RH>y^VlJ*FDF`y|!mQLUAe0}oW$ z7fjo5a@;+1fZ)XP`|jpF?s?+)#|B59C40%t)eUhsa+>^)UL|-WH9+lU4nY#`x#O{O z;%@NmqI>~Q51~woGJ4EiA z%c@dL@!#%#xk#KkajiJ=mdU_Yb5%dptrXiQwDhU9kStj*;$sQH#4h&`#*ya|J6NReNuDjqDxk1b4Br zSMDWye2rj@Q9gW7_V%j~9=+*pgmu!op$8;_lf|qV%4(jM9y<7+M=# zY3=&C`_--=HP?SHm7nG2|6*&`hgqv{yGSt~GhY(8ZnA2ola+UO(;n59;zbuLm8oZ_ zZLT>(d_3U>adrpe@)Uz7-+RzG>>^vFHhYcn`n0{IX9g}1?6F#K^J^bFr^HbuSnA5WPpxO%d2_Bz3xtcG8$Qchkm_*EO(UmvG3PT5PP7*^f+ zN&2!=1%E{9;%=*_#IH8j$>-_Mi2LK_tBmyqKP$cE%T=TCdc|G&m5 z&!fpRqZQMrldqczhQGh8_{qL)vJserslBJ z^n0&7f)NNk7H;1hbmkIa3^u?P(fID!$y-OZb%z=D z%sp;$IoOegeR;Q=ybr6?8H@9a){Yd0xHB#F1+>_y#E%jpmc1TzlaG(=!8|khvx1Z^Ur?MaA7Q?QYDWAK#yBVF8xo_#y*SRt7 zKG#4jV=VRk+>4g_N6Qs%vU|g@YqOY^!^_;CNDtNS-ZQK-abD}DIE{hJ-0cT?>?6Y- zw)CdCzZ-Vz45hxm)52q!tFc_qbpJ7I1mTWw2fLpQt2OKp*J!DaU7)=1EdT*3b7iF- zi@>ik_ac4p%aJ1;>tSFOR=Y>re5=guzDPb(t|}sKes{I7Q(ULW)%c{*P1bm|n_(~P z>9HP$J($I|v^c+?%G_W|^r5?yn|hVABfy-y+?{OUzHg;)mpg{Z#L~`c z;%ekkCEABk=2W+w8KSTUEHBI51(uhSh-Ejo!Ywnm=gjSTccZy2pdUXzdOfe~D%=F) z?QQOE!;Z>gPa3v1i@jsmBaFhP(l4?rhJ5bQ#$$ZH2dgS~lRGds_{^{`jVpJ#FAXbY z99bT@$9-+s12-w$z3w|J-+70reD^aoR4lg|{{pPwlG2HzA`h@^q#8^yUS8)OaBZRu z#53fY(uq^q!>L;*%iLv83wwg^J}S{x%Z06Vz0B>7$39qkd}OWb7j?M(;Zb4Fx&G#J z&7~hKo$8)*0}XrUYGKd2A%=Z)qsMkO>@QijVTNsajdvSvDGZzc!P04j8)0tKR?F=L zx2w4gF8A1Y!;Wer>_vB^`5d@h*h_AXxqWfZ2TRK%FY|7l%J9)ia(m5PXV?)7Ja&uu z>~^nwzUJkPZq-2UcXH|!D%_kq*flx6Nn^ZB9Uv2d`ihJ9pjq?ftw=JR9s zzPY_%*e8y2Jos#5K0kH5nhSQlkY=C-S){;L~l z*fmJVF|l9WE==Cb++=f$Ms_o7`|Cbfx*%E+nP)!Rrxa&ZWWL3D!AfCWA}eDNa`rs= zoa(j&Q$80i6xK7c&cf|(Qr9!`ro}nJQs^0Z$FO6K@BJh30!eE>lhy%|)&;7G&oB63 z>C)H^kqXv%%iQ_~#koVIsz91>;-n9jW>{nDP!Q>g+vy)H{YPYkFx;LRC%2K2&KBF5hur)aXUJ4 zu({oC;f@DWY42MupP9(Kf?}}mcPm`H4n2N>h5M_;d3t22VLzXuSk5u5%uOeS9i#KX z6wBZ5U%n?gGIFC~>5GM36yazoW$&_R`JQ*gE{d!+Y|RD2mPDQ~Y|DkhE{!~6*pawR zb(crpu+q+Hy?oE(qL)YBCQeS_pDed4BHXAB)_2nKJu_%X?yn|=XFAAjC7ALuV}Y<$ zkuMB;)N=Mj7F)JbZcj$OE|8X5a_g$A)^Qe}tGJ2fxa(G3Mca)0Vs3vmx3?pSLh*0n zV{&^hQejy2mBK!VbTsVfy@Y)lNfs)Wo2LrFMizR8{ z3Zo|*cAv#r96jBzujk8WN%ZVOjgTIGT3Bgxf#vMjamra~bfNj2u}W^oL^**)U9Z|) zBfw*$&lSc9wC#`LN4(#-SB8~mv2QKTMuwWz?#k%*hINA9Q_@U?@xFWSc34ze<=;d6(7S$EfkSXt%gZJCNO|NvdF!~%rl(=AZzk;R=vIdHVo`1# z`gv=^_Au<@XpLb}A3MgdS}*0Xlws^<$L*}x@rK=j&vowX*et_dFs>|#ooKbR9(mcz zEsLETs`(YMdFJyxE76Uy1z_yfJYDi~ckDuQV|x!N{8?BxbckUO#1@&`D8n9#U2NDD zCXo-vE-`GerT%2>QcL~#XL$uCx;A#1VUH|SoX^FUh4S)d>}G2Z#Yj0)7rV`{fyR}0 zVyg{1YEQYXkKJe3T=V&EY>i>l4SPTKfMGAOzO~MM5PQh5hp6jy?xWZfhFxyhC$VQO zFFh|%UOtPxWY||v3;QDWYWxgZ$E|FX6!w~xXl*xP|HxwhGVH6^Tk*5-$w(EquVe3- z&sWDZmhic-7*cXQNHd$(neQDVJ=CiQipN1W55?NaCO{iWf3;tzpY%?Lw_60u} zcD;q`Uhtz~zgk__7W{13xhA{)c`H>dyoHLR0i3kup8wxgwRc|n^svF_Z3td#*!{>4;5@?*i6gW69pX%=hUr*Md2Q!UQ^g*zJdEhSp# zb}ro6u;Hdr#ug4wFlcwP>eU*@7miGvLC(BHP6SgvhcX6U=k^1W43584wKOG*wPEdS zs+*q0Iv6%Hi{0K)Zii5P0{P`HO-yP7O5F5JtoPfbH#QMiv`y^QZG3imbaSd*8V3MU#i z!8mq%;iQE6u~$xHyc4~raEgXVZq|OPrF#qaPpGFn;bOi$#a_u`&n*)6YT=Af4gR(8 z;KUjDy!uS#^K~$3zE?&mme&gpwe*(aHn#9huy(lZX7c%V;o*i2w|oZJcGlto>``l} z0d|a)Pnc@yCo6k^on;#HgTgRWX)|&ok@= z3)dljv0*jT67z@n)rK8oIjf1^Xjp~S;DGo_!>%y5q48S`JJ@(MB7U1;TXYx4#>Q6} z*3YoL;;T*0+OJRw`^E1vY}rl1_RnJfSt9JDEOxD7r-G^MKF-s!n2)m|eovyCd$RZQ z(O&MMWwS^1a$S!p&h&CW*DovR=Kj-fF>{7hJ1lNyzi<~(zO9k#y8eQ*hYP-8lzD^X zI)8h?i+3u`baP+ypWCXN>y6KDZjSl?(EP|X9)GLDvVutsdrvIQOlr9QV!>Z-68zC% z!4lac2FF|?`zV9`FOz*+gFjs=`ws?7Z{uJfm{izogc5`RkSeA*nt!oz- zjBl7XZW-{Ry_EAsw=4thF-18%Vq~gt?%ID}|yLRg4{%k%+8Jv8=24cJOrv2DX@qEuuu^(}S z;EoUP4&~0Ho{#o((;s=Stea~9M%)g|_9p%Z+Z+H~efjKB;~RGVqhfyT`cILZ%P$oi zb(3;cI$!i7u0J?a?%JP!BxN7|%(8-ZuJ@``WAF=wgOf! zTS3@x4wE~U&5pPzu|-_F;cIpYbcNR#UP6W;OWj;SM)2t!#ZB+}e+FBQv)t|9u4;C< zyU<`qS4GbA@sDpP94|h0eM)ftIg1ObUH8!)W>>p;w+Z%M)fsr&&4M>R(|PvzhDXp^ zUU!XeIN9tE&XyKh^*|5Go4hOu+^fenq|)zc)$0AXt7g2c&R8)3`f&z*soUPC+Ma*U z5a@rrZWv+5lb>#G%lmp2M%>)qqo7;?^ld8Q=ACo`ZQ(!L83zaUDntU;?1i5{?xJ|! z9H3VA`oIZLhV3j}v2d8`f5Ax6*X=YD`rr|twu)IQ<*w8Hhf<=ODRn=$%fm;^p3txb zQZ%8Vhru}$Wxv#5{XI(Y^`*y>lW>bz<=L|*HQc$oV8O0} zhwd-qxSCPsN3k0X%CfNQI<#SU?)YkYiYlPK+ z!K=5G{ZWG|>G*~^bnN(scGiyG+ebN>KH_F_e*U&M_Yd;$RF6AJcmFK~`%M!(bbrD2 zr`$O^@U!>C#ZZnvM{xCZssW#RYsN(px4XeFOp>?7-p}28*{+?&H|%$@G?!*7= zIkMle)01eVS)*Tp@&hfRhl|ZWk~X;Tgx8@QoRKCRF{b~3e(vERui*0wgOi8K{=s0u zu4bQS^zjC_FgU_oZ!>rju$}wr`1f=9UwPZ#$@#KHi|NJwbHCu@M+uImMNDdVv$x>G z$kK#{`VLpqt6pUA3WHq@ZiYUY(C`<7j~lEt_@cqB4L)bEm%&PdWd<)W_*a9S3~poa z6@%vj$2XKNQ~bA`A~?NJaM9g@V`v2v8tx>A6B^EbSb1B^IBG(}l?LxJ_%ZyQ&~Uts zweF-`;~UlrMC7X_NYNgTEu<2z1r+n{F+!bSL@gIZUw7 z;NN$YX8t$jLK_b#p3}|!G^{=F!yVMJd>#(@gYs|_p{83rHJ19d z7WNDC^OC_^4PIoh(tLhpGE-vd?&sq)`*4H3&CgKt|FYSCvXag=%7C1J5$Z>h|)JpW`R?P6iyF#G0~)((Rd&#~m8o4ewi@pJk|26ouJ zw14F6_S3Py>J9=v6+axfru-;iWkmKDH$QGp+;!f6SwYzP{U`zyn7g z0bKp`X~6c3z1dC3IG_DVjQQD3MK2I{Gtm$1H#J!M(51AIm5F78;;v6h^#05d0=S%! z%s@AN^AqP(yT8Rw3#GddyHf1M{>uk4?8RaBm(SH=T+ctXJCq4mUWWa+bT8&U6U&Zd zjJh&$B`xUF3iac|Dj&!w{uRXEui!@NVY`O2&=}tzr9R?~>y95BjH4C|9WbQa?ReoN zU}qrx*NzthPuOt{(9g1G+PtGZIw$VFoirENXFtISSDr;|BNl8?s@AGez2;*1+_uF& z;mR$5%4gg?*-ct&blG7;mD}Y*^FCFs30K~qE8X8`t6VBkFkUS=b9%eH|A+AD>)&%H zsO=de^M1zSU-TgLy#I*nTDF$DTA8?UX2fl%xNwGaqqOC%=sNT^Gqrrbd;)X-OJ@sq zpCfn|_HOR`X@v)Lb3@18w4-K5bE=!BJK@TgRH75ach94hZ4WhhxN&CQ=Q{kTPE>aJ z&-zS+OK~eFQkTs6Gca(yey4m4dDn)M-}?^FycixZBxpJG2 zEu2H?1n*}qv*Wy|@IsVreRR1E}S15RyfSYHow ziNQ;$Pcf*Ia4Et*t+p+1d7rFNbh?_E@npYrGQ(Cg`Wf`GrO->v<*z+`R8tM_b%odS zE$jCG-T$giw^qj8s!qMC@=~N;Cfu`ZO1jc`5qEatgk6K)NBtCg3d-)^HP7FYG5J)U zMLSKn@(rNpa!}`|jZqu_Gb?6(R_oV`w06|ZJ=f_zj;Opp^@%ZR-5ndM-Ko*8z_$&K zi1oq#7%-p8`1Tv?XXbro=FFMvx=w6&lNW7#GCiou@255!x{uMhcZdu5*wcrm zrM>)Vx{I#=UC7TKBj|CbOxRnb+D4wQ8?lH8i#mOnOCNK}vb@k4^)W&*zP8<*ddux6nH);CUn5@H?z;&^oVfa0I zgBdYvFS57UN>!iCIrPVNQxDSp2kYGUihJL&e{6Y?T6S6S{omL_giC3wKNf$XX)Vhy z)ZTgzdQ6YUtuR8NZg0`L&F)o!9)C!8oL;Qq`AXG7q1CV|IOb5B+E_iTq95@_v-KGF z06h@=K-!0`^!8MM`^(Zw{4Q@l@3~PwEBk^a&x>(;MNFU+d&|G`{I==&;BoN(aUrBb zrrXNmSK;NBLK|(Z>uLJoHT=74H{zA{JgP_OF4?PNJM%TM4K}^mx5B_WwI(TkInfKj%3;|N8!{Ewc9K*VXwy zxw7`NdR6M#T3h@12UbcxnKh}(+XeSKKB8@HaWPeHX>a3`nMcPUkDfCdM^Fm*eD!&2 zeBkO#EIub%EqUGeoUmTKJkVBpBU(E5_M(kDJ#Y2)I-8k(HXA7MReoM=V;}z^)9FsK z8NI*SPb`k1_m=iP?d|Q?7%$F>_H&NcYvM4{E)MmZSZiWmR>xcZ>@e<$iT5m?oTDOns3;d2bh(m1Av*rB8Bx(4xl5>FQiKpq+98%>ld3~4P#NWWl~bj&wP#*ltq8PccaA#LgiX)mVMm?%D=vRt-pN*b~2BX8kUx+LI#}ZWY+(&pJ!M-GImQ} zn$D%EEe`y-tgz#Yqr0$zJOak`Jo@}aSE1fE`++pCPv(0xwVw^Z(qBS8uojE~*Pp0hi{(sJzHhpUmR!0@<<~R_W_$O24O30n)rmkZZl#fTnOwt$tqR z;qkxm@OOE2j~7c99H4I2Ui9i#e7ZVr)T`U_S8seAO=7#F;2BzEzb3c$e@^64g4pUF z)|uIsi+*3FqBDIWXz@mUnp)e%@AXhFx3t;VTETagz$cIMgO~OL`To*dj?k_b*ReeB zPxQ*ZI6CZGG29dC{IZSxE|bm1ekaO0W7u0Rqpvyl$;_ZB)K(x?n?K&Owa8|}`_f-6 z{X$OG%c6UvrNbZ{%hKBi;CPrTq^*WR`jpPJ^m|rx9`g&C&E|P;mVU@)`%x@iu@uzn zEZw>sj$_gx6_!EjKtCn-3;B|%5p@3d3(054E7|dGcKoLooR4M4Pw6*&{6g-riPCkNQZBRw7a)`{~X6g;w+lJ7=d~8jI|HjZ1{Em zt7U&@`ei*5p%wHyLj>Z_$tfdw1nrLjjEYFX>VMHU&aFc7?VT=L$N{8-Q$>q~h%SWw zMbLcoEj`3|fhw6)5GIkvCS9j5#-SeoU_Q`1O``AiA%jhFpfrw?7VITjWHJS*-dv#B zNKNKC&|lwvWS5V=p~EhpN>c6esU*`bpGxw~e3j{MeGj7Mc}lbxbf#nV)V`wsP>Q}C z18JBq&=*J__&U&E1z$lrzge`DAvch|+3Y}nBYX#GJM~hQJVH8J*8zSpOuq>U*P+`& z(Nd0RNInbccd1E5PBgmoH*3V%q|IR!NL!P3hE*g!CLIWKBoj<3q<6CjPFk)sv_v&k`}gWmHZ=905Wowx0aSU{W_ z@O+)OosC#X#+r0BB82QR=}|-&DPja8pio&%t}`mqhEGt02=XJ+j4@|O1bM)Tj2n_H zN06sTFpeUK)DX&}-e@n6AkK{VsEQzi85LT*6DbDvSIF4CmA zKT&Fm1mz`>K1fhr5*flMf<)5)X_!pLAa(S2pubF?gmh@vbvc#HHHrQzj>IzJHA^Fz zs6ouq$aa%lBGbt!B#2-J`IAv0fhc8?a*d!xg#_ZVnsh{h=&mLKND$pMB!W=_Da~ja znN5-y@vE6bHZUq8=k~4AbI8X?&DN(q$-%@RC3d6n&*^Acc$~h{yguksIh+yFe=vhPm#N zHW4UF7GJQ#(N+p`BoZXsj2#;)`>QixO(-cQ{|LYgrzq*fk^`+kCV^1CDo!MPY}meP(lQyw8&E=iV?In zKk_Uoj6$i;22r<33C~BGG;Hp4kCc6zl}>6>x=)%S z&6@bF{D5>sda}i{+(R-N>C5A1lqX~gl2gyhW+6FCW|7$uOO0-93# zf@`d|Ruit6wAZ3YU;J1P(0YBiuKsa`YfU?9IzdiL6k@UvM(%YAtv}J^U5Q zXE$GKKg^`G%~jiv6h<)1P*TBCq0Dj; z)|$)~=5u0m!5ksnB!Rv=WT{E?Z81VB<{RtPzrtK06KRT9Gy0CwJfvRh`&XDRY(er_ z-;68}_Hbgc{!ln-k^}v%e=%D2UE9CHLg9j`H6sg!Yp4~{RqRK?O{6adIFOHo`$+v} z^sf*i{ElSI5-p*E*aspQq1B(|KthEwNFh{PB)oyNifW65nn+!#7ACkNjiy?d(2Ns{ zOSsU{q{?KmFwCUD=tyBY=8K3HEz!bUq~G(utQ{?cnwB%8qlM+DogXM#VuaPE=0IYE z&8Wrn7cH^EE;}t&IK?QHOdh|Y%u=DOH*X)TRO5vHoLF?@g!fGvA;t;eoJhxs@s;9* zt4O_TZ|;&HwCM|8LW$=@mkvpS){m3CrBR0zp)1nDxXiMt!c|5vE6$Hj6MDZ3mW9N5 zaQW^lgaM5Bs9GtEV+13$GJSW#JVv2plq=l{5poz6vDL*Y;Smz7JXQ;i{lO<+GprHZ zkYF{sR%ps7l;j+Vj9x2TWRyUfdz~qhEj(ew=j$B7Z2))yN{h}B7H}eMmw1-T6Ecum z&u#8hAk_2$%LL*bvnG1IFaW7pOn&qRVLB%^Piz!o870y8G;E39C>&vwN`zX6qBjdQ zeZfmA+3od3^mbtn()TrgjNUDjrN2Q0EzwI@azL2ID1kT~s;`v~bBcLQQ|LgnRgsCEp5{86}YV_0}%=QE(jsS_D}% zfBll1!U9IAl(tfG7z!HDu_eCEQF z@`aM}LARGY5jqYBN+Jmh5-R>K_>SPTVZm=po(iRmLP_e(=1$Lr!jYhblA1#-F@Fl4 zqc|*F=<>(WziFvd=`2nrjF>0nb4JT!}KB?d4GqvRF)wz!{Bk>*FAXx+tANPFEB!Cfq2R7lD>4~TUa z!6O};GF-n7Vv}(|&_hPYb`rf9MKCYj#DPfQrJFbuX|gNO7^J*K%PVygCo)PU_16c+ zb`!&pS`D5R`;M4_P_{kLWM~yo8fc zwRXl1!tx4bh|*9o2(?(>bG=50cNwLUP}ji~M~cspiW~H*I9e<_k=2E^!MWlXu{$HU zDqSiCh{25bRhb~JMS>Ph5V!JtY=2^cSb_xm6B9(INz5myQYXC11aYiMsZ}P4dyq;( z(;TOW-3Rcta1 zEK|w18NV#uE_OtM-Lzd|fJwE(4~qFF4G%98%TDL{dV8mbe=2$-!ERcK7;KW`;(v*I zOd7bjRIE9J=NsW2zxbXw90_*Qeit8`ni8Q{cF*LNu$xxV@)Z*7ra4+3GfE(fYFL(4 zwKSdumi+!+!{W;*iM%J(SXRSwoe}ii$&R%xZ_NhFBCQAADXnkmhy+)#x=E>38e29px+Ywu{j-_nPe!Tq z9iUB?wX~F-12sz}F17nCYh&?5x;t*lvW}K;B%xO9vhJ26NV~nZEbC)=YHH_}4YVu> z=3aJt{l09N z8Xq^`ve%@UaUWTVP5LM<%yP}7C2J#HCu|==*md-}i3k<5pO*Ou81g%JMDJn=^imTWh&*($lzHiyFf7y*WdU&$rYx zseJqfODmJA#&5QCGpTO;$Cd#mwT$0s8D~<*_`R0-CV9pmw8Wd_6Mw{#i?sdZ@c84F z{U(izKWX{Qq-pVIETtxW7=PaKr%6lVzpzveCG;DN=iN9~TY|>Bhk1RD8@$x!Od=~%A;$f1OK%`)k zswG&YTP8J5P^30t)_ffjbSc=RUI}HT$BcL%tRS5T=aypw1}9XIJ~e4lLM5q$5v(VI zt2s)yIk9nDMS93d6X`3Ssz}dyK5fO8>rJXibaS2lLB0>FRh8;7Dq{JnOHDXwFi%vM zT60V4WtUoA>cA+KdYPY4UFyy?Hgal6qZt*lr;r*_EF<2ATGH4EYkBlN6H*8x{@hVp z`Wy+KJDjDTkYKN}uJjlQo;&JEzcWhJe%SPtQcn^hd0Y-o4SK7d~81XpRaNr?#! zB=;z*WqN{}6ll`ggvL@K(vB&`)tXAK(cCg?%IY%Bqzp#%LV6V>G?z+HtGi`$LJP@p z3Aa2yZ&yMq$rEYK)I$larE4*uL39PuR=UZEN20Ct+Y4HYSZ1kJi7!lOE4ee`acL{X zAVFN*rCcP4OMB@E62zs0^gSaeuQ;KDRBoxY^sf>+Nevh!kv0i861qwB{j2mZiA40g zlkkpI$O!Hh4--73!OM7E`Zu7fHE9$lGG=&X;w8;S@*b@udP{Lg(?*s}>?h@$mX#9w zOJ5`H3#yywBhhzN)4vF^d9OhHq$Y8k7SR0yKdCcPn9s%*gQWpT#}8H}{?Z4GZV1r6 zp;9nv#SKc`he~HmqVGqO{>6w#cewQP3v{1Rsy5M6tT|kI!ZmHNXN$z)k`NDdNhQap zD>X+*PK+ReZ4yUF8#!sSXe7o+J2;V8-%g2RB&P((7fP}`dnJyQ=tnyAkC#4PN@A2s zzF7Ef;&>^;q+y8@q+FAxB~FsIBHd`XIB~KBZ@_`N+-R7XI7KQoX+`2xNlLV8>k_9) z&Pe&*n-Zr>Zl-oPafZ~)qzj2b(wmGD$is#$5@$>O7(x3kC(e-q81a4RV5xZ$l)!uI zT&XQ1uFaK(GfE{54t9y0C#5n zOqmGjE>i20fk}~)*GjNV)hafen-nGaGAblzH-AK_Bm=ZUlD2t8QjD~0Ef8<*GAWf2 zujevpEu&NdPngT3?I!I=ikD6yJug0*lqmUTgO^nDy!ex(WGM)#beZ3Tov~O-RWrLK)=$dZXv{u+8Wg+#-*hnd#TMDkp3+il=j&n_rli#G; z8PtZkIwWtBE+N6^GMl9vNd2>FC2y9VBXwBZIC+ayWgV-hFg>tV@;0eC(lFO%%EwYC zq~hc6i#w!2rsezMPH8ey$BCVlT~a)w2-5Fl&pLagos5!5WpNUvgIuGdgML#+I$=_~ zl~Mykw$Nl$qC7WQ3Tn0V0WD&X#yj9x3HX|6vQZ% zcy4|-xk$QN0A5mw#nCVMq~yJxQ`;@0l21#^kZ#VKkbFkULRuI-Gx?k(ZQzyzg6AcF zBDo;ln;e?_sni=OcYIXxdCA|Tq~y<~@g`*^e<{s2sUZ216pOTA{I=w8q+gK=1EP|z zNX{F1dE&(V$=9RvBp9`99aQ@9Qf< zEBSY%JN5TEw~{S;dFd-Q{+RNnTn1_F#=Ddp8C?_R4{NxjwH(DLi99;`d&*n#Wo}7J zC{)_Yw=iGV1)}9`*=Zm1$+Wj+H%=O8?y@hVFpZ>IQr+d@rln5l6xT@3{>rHx%|{Ng(|qNPNKm@3T!I91 zh_5UiVc@~V@yhoSA4PmzS*~7d5G+K4zwb{sJ(OfA~_go?6AV+;d0GSKno*N_J6WGLf-Q!Pz3p~ z&ei2Ha?A6aiqpij1o<(eF!E%7owVh0zy+?=bZM2AAzwvmQaCtmt?YdfG_VX#%a?<{ z;56pI(zLB|)K@&;6qmfT-LgXor%R_lNjoebU=&7rQ_GX`*{``a!sTw-C$jH1oIXBX zb;Xx5xeOFW7941|;)?9?E!RR^yjNV83z6jFz!g8s3$Ad>)B}+#?#t7za?3R?>sCCH zOOg5)Us~}@4*8B-9^S8}Ta-56bIbeAj_I-zk2LOB+jLFIy3Q>x@ApYBqul+0TdFPr z>E#vQ8=PhzTasQ$xy&d*>-3tXwscw9M!Afn?&`g= ztzz7Qy72p$yW(ilz?JTb2P1yhZl|m>wLX#Ulp~Dz_xai@=aJyv-(GS3g|&~s9j~J@ z4GHdeos|QOLP>)qZ#Z>P9BzYU0y*sCzp{(670EYs%*t+x>mATi$+Y0WmED!5NH>FL zuJlkmkOmH#zp|$?49TO$qLsar$&7f5Je6QZNu+dY^h!_Vu1WDLdn@jDp#;#Duk=!u zGUECAC@CgouI!^6XH-a@?@QJDDHo8sI=78{SGmk6lvJOSx3a&|;vV=cB;ERKTRBka zj8wVSo|Qg|C!dhl_QmtCRHY5l#3>*8Do{S2Uaf*8RM0J zhd{9MsGTuMS@76OEi$GlaZiBw_ig4XM;H|ehhutX%vJ81G%#bn;`}>U76~1O4$t^d zIf8Vt*2Ij3O4&cSHgCi5jE@x8r<@+vnV1oxOhXzwOzs}4lp-0mKg?L9w0XuY`?P)3a6_$Su}Y`ByWr??>&wrt5zwa>G$%X4I_#>tjbaz2%M(4c&*A-{OPy!LA!MNy;XUNqr|DZ z%gj|9lyIcGC(~DLQ68Au(N)_OUzuCpJ$ZT6Ze<5jh|8l@`xPgJYauR1=3!+fl3ZLn z^BDcOhih_i)661eE2A*ddQOMT(~7gowQ+Uc&HO|OL<&k9pZO{Mhi+U`UFKz;SA3CX zAB)etpj>8@O4h`$$-JmsH)(t37s@TPd|Z29=9fxWoqMr_ew|sOEJwOB^S8{el|3d2 zt1l~A23Q`qB-A!mf2%mq-yXrv*S^iIR)42FrSJ3s+PJU(>K~Pk<$)52v+tPIKPy>` zl1P$A0HsGr->;jx`j+Ba0W6cq!TGaS|DsH1bllQ5HFWhIC5927rS2(Nj9@&(tiGrG zi<9>3q$1o`enhHzYOnKs76iMY_935uPZ2ASrwIIzLgQimaZrwI^2puDCEt)pqXr zV)av{BPaSD&u=INBPm0_Tm4Mg!zhXTKKtj@e=0}b;L+VY^Wkby4RGXijFLrtfOM(o z*=k8WTNyO^S@Iq=OHudGH+KN_UG0#is%5Kkiq5Q(rKwqrlE}r~jk3zCcTu~zyF=C+ zYCR`r$-aeAS#@WWLRt>z|(BUpx zTWx>@chTBvJ0!S^)=_&R!CkbDIs^&sqR#3#B)E$@s|%6fF6yGjBf(wNMcu-P-yiC# zdrYcK>Z+fb6qe85^)8tiVpqh3bs`_(RM-cf%-`Xs#R zn(pcoBq`8kO%GMA1ueQJ3`}abrl;zN1bdD>RaZvvt*h;sJ=N7NU`gjC`Yotl>Nb-+ z*LbRhCY4cpt3NVI)fyIyHNDiwNH2<*i?>$~>MMnJI@1@pcRHVb*-b;NK3GVh@ z>R>b9fHhv~WRo0-w;F8HS1bFfB_>^4`L5cip0&JTYX+*`CVjBRSDj|kj5UMRtol~V zd25EKX$^tk-XFPUxLVN2O3T-bRzI)Q6L)UGW!iQbl&MQR~ZuUa8% z!&Rr2TwApwZf%5`g_K=q<=QCq0aDzGjcb>vv8}jee4Tx3W7HC)o^{Txja6OW?C!ON!v4%)g@@@JFHH2 zikibHl$_}2mYu4;)dsvoXwZAo)J}{-HIGSeIHjpxNdA+q%W0}Vx1`s$GFhQc;Y6O& z8FQt&fKeE6uhQHpL(OEAL?#VxnY~KQGxND;uU7Xk;-B?oslIPP>7hhg&?S3~x{*;B z`O33r_FA=OThLNT=LvnYv(+Pviik4QFFRMg9bCg#tn)FfjMs*HaZaeg2$`0pg#GlzZZHBO|2&M5m;ts`js_ZIur%8WwEgP8)^uR0?& zo_SW@uR3)C%OrBA-?P>G)tQX=40ccrG0A}(RGmB9d>&E{Fapc0>_h4$lQv}^Ri!Sr zniZ;7IB7?N_hg??ZyB%`-jiebR_s~#052nQ7G9ml>Smlt^5v;3+%~VP#YliNPm`n zL2Zr%vA&?TMS|#FP&+dU)9z1!d_7Tv=w49!p>~C7eyBkNFQ_AtAZ8cTsYu11Kp{wQ z9WJN|NbTq^U@xd^8Npo!YQ51UE$4#j(H+_VTK$~MD(MNtBk`^3%qW4(_Gy{(t@;ip zwvN1_PGtnW?(Li_>T;9b$+@O}YLY;%t0g8ibGWWH^5ijtxcs2DLV`Z{gW4VmqI5%j z2MPM%4YdyvMCnJ>2MPM%kLqwFXnUzTmJ#oRrRrqVAc8m5SxC?aZ>kHCAf7*|5lGMn ze^TR+3g`~O&+2ld-Tml)N>sCuy!MKgTWUVi=)Df)mbwioifX^8dy&$p_KSK9$-zUk z+*XT`Ts<7fZS`{`PpaKfzd`b&+8y;eBi`rls<)7!&)-#l= z2zacDeLzbhaZ`rnJXYNprIK%g$K*UwgHW50J|X9K^*qwj$zVW%MQh23 zw@B4u8Nn~`*5s(#Mbw~un)U<<+NW#I?}C?9E#P#1j;=LE3Zhg-b7yozC|Lb*PC0Ei zqcHkD0nt)kJB$Q9q`Y>DQG_;}J}p(y&LhpB_x=jnC8P=TX~{vmhBTKxEjegEA+@3T zDr)zUJZZj)+8;=LX}(IDr9ad&LK{Z&Rnp2bO4TkD@6CBbdxH@l?{8=|O*%}q0F&zH z)Ya}X;!&!nWenhv|8UaWlzQ4(q-|5L<+y6nK(6^wYM=!&N+2UvmFBoyZ1l<~f+RNRFzO>#hYdq9p_`Y|~DQWfVr9 z4qMo!y>@;Gw{(epFSmns6=_)V#N1BWQzZZ7xw&1n9rT_7Yqw?}F3I)K-WbN|_OR64 zo>~J&d{@O&>&_@bE24WPo?0KIuckT>PtBK681WsNmD^hz$*7QgS3NJ+OPj$hY0T(< zFwo{P;?EC#v>ZlBWY*Mx)qS*WjOb@5Q+MWiYu_>|BIma_wdt#o;ZQT)+J4$tB#7s` zTF3~lwcK_fx4(8338Fhdiyw*k=ye#VJws|1cOutEBcnh|ARqLqmg}pPWfV&0d1U1d z(t?qEhwjYv)8ZKw3itYdk~>&CfYdYji(G&0%hBM4w`hoVh0!%(!sIZtsB?7{#~5;hH;=Z|?`Sb%CzEYqqN_VoEm+XJ6dxd3zkU)#_fArzz3WqecePqKM{`3O$EXET!0ETC)($C%(p;@4(uytJ*3H-Y zGvZNNpv__gQSw~(p%#rAL}{Uxiv&?xsBL1zqqI;v#|WbI?z)BAPnVX0Pv)O*-o=cU>;q;>TaVVQOlX-mDm z&dap>NQE?Coc24?Cp2H2W(nlA{`6?@x_GS&()ULfQgUR(TbrOAU_?Kw%UrxJNeiCL z^3hr^TbHbT%SjuOC0bT!KOhBWIgl0FZKO)eMN7K&5UKuh2a>M+iPU|aXj!SLQ+Qqc z*3svF%>k)A)iN|EBp0e>Xf8-QQq$#CS|g-WsWMrmwPD0-ovD>FqQ58Uw|rfewstC% z!0+~Jw4Ekpty`m=VHBb5tRY&mwa<}ejM=s>Tf59CiDV5qLh1Z;@RCGs`=4HyqdCv8 z`n<3%S8K~Cg1*`0^13{&Gg4Q&63^2-86}ank>63Rm}_i2 zGdgZ@-@R2X(l#;TkuTDYnA9_mzVC+-@2#h_D@ZfO_~f0^N*N`QMMFkXa-3_uD&zA` zYhxL4pT%0BNz?L*wNOUf=cigM<_q$loA;@9exB9KqP+8(^L!xg)EosCh47(Pa_*LL0>hN?4cog%-{=&42R# zyh~av(%8vIDWxEVrku+AT3dybkn#zobx7}0?Hg?~(tA|PmQgi$Kl zlTs_cRQnRCTV#X$o7%sSKAHPw{?FP^jQEP>jt2jA0%ncr(>vzh)pVrt2Z0=r>P`fz ziWI#Es5a8<6+rco-mVYS6sheQpw>vUnARRCb^~bLkdz)ko=EpRfZj!NVj6v?9;;_I z%QphapZOe%G`TV4n}oESX)}=A-Un?iQjdl}AxIlo8zPai`hd0!DS{Eaqn<^HQ3le+ zL13AUbe{QKkMxHxXxor97TrBagIGNeBTYL5mPJUvWCNW;`lu1mMWnHezCn72(RWC0 zjBX-5V{{iO#udCgLds?I9I3oFXmTiTpU7fX7U?pxd;_Txt95mxT-I6_q(6It7dNCi ztoO7)l388aA`M_#C!{Dw9!L%6gO@%?%UR3@A_bg&hib!-f+*eBCLpcY;+_9M3u46Y zaldKs_H_Qd;*x#5rxW}Bh;kF*_(A~bjU+2CXC z6em)tczph2?J=Wk!rFrZd7?dD4Ee4JcYNAWQX+u(YWsJsJfkpDT`rM+*J|2ne`v0z z)u#q#*ZP=RiS%3>#faDQPi>N&<)7M2w7g}RlK-a`&xqHI=+}{;W< zw9#90jlDDAExjue{MPaU3>9*`jzjXJ2NU`zx(W@x8}rt6WU4d$cUHFNe@V| zmC#8KMuHML>wA{lw9a}FBZ$Pm^1JAF7!|R%70%mqDbnCA zhTZh?NbnZJcl0Vq@D{^&^g5i_+w;2XE{ym)2D|I7NbqJa54{Nzye-T_e+voT7S>bm z!U*c=73-<@W5nN&(pw*9YHP~((SuB_ztC4d#fZnHzuqz3*7p9oHxk5UfbN@N(+22c zkw6=$cU)!D2I}5Op!w*onKsQwZ-WGyuU>YwP4m@jB7rtYe_*E#(#0&Wg!cWI@25L5 zg7)3cAFKy3;%ykB`>(P29HNh7#QXJ7eFh`muZQaM7=@Acl2|ZQ4?_x8#e!jaEF55@;j!mN_ zNT7|^OE%fG@p>r|XaRc37Mm8Jmm+~SK`+^6(ZX)WE&60JAi#fU%&33?BtA$6QR z67`8l;4?*^iv;yd(bE`(lAc2CbCQTtr#Qh9?O$cXpPO}cgnyztq3lkS8B*LJh+eb}aL z)`v5K>-SrgE&66g{9Pa0_5DaQ#_UqJ>&KDc?H=3p^GNXKkL~)moY*|SUB86{@A}xT z4?hCs6|pz=?9lU(Nn05>*ss5R3@k&*8{>DW zhxCz1`Qc8Uhx9;`(mW6ASxE54o+J8kMttr$s(;FekLja&38OHwNE}~qRKJUKozgK~ zIS%E85iiTMg5!F5q%)KXbtgtV)+hARLa^kqKA}Hk#7ijBpEC+0xl*Q6kzVlxSn|4@ z)N3)~mM8W4jKatxA=Bxk-r7z(rFTGW5A||N@6U*rep+`cvXy>XcSnLNU93Bvv}wh9 zT}BaFY3AI5GkRmB`$|#ihg|05Rs9!$C zT14Lecs(Wm(?AgfezpIFo`bY`?+&jLed`&}LP-K0K_&XPj3Nm9hQCB7XSo($yu<5~ zK8R5SfnW4r(u0wT8f+{0T6aIkOMu_^U)F~+3MFM}&93Mh8S&N3Ro&$iu;j76syAcA zV|`VBi%}Szw)YlX)!#9-M>W3Fy*UxrFc_-|HLAeD$g2 zPDVHA6N(~S*H0qBZ*#BfzjD$S?>s|^dC$I5pZ9b( zB=C7(_htk>&yZjBC`R1pulhc&QJ<&!JkZZ_Vm=@04;k@#KGe%x;3a_1N4hg3?(?zk z%ZU4YtVeN;`n+E7L@(r|`G?#t_(MO7may0IhyKj81d>0865u+>lpGmd6Mh~-|C^ug zgalXmsosv09=l_$`c&_R+KtU%>4_R#>8JW2M%?F9eJomn&u4l768L^@r;y<7C8`nhCAWn4m1xFRBzRwmVO&Ro_mz}2LQ24r&r9VE&r6(O6;$5vM}m2& zf|2vJO{-w+KmyId2)b<39E@-z&?*`pS8Q5E!xss(O2&hK*|bWAcom3`{x^*BjQHq( z!>Gb2j2sXj6ue=$AvLr-C~!17GU9EhY~1?J=CiW#6bZ_!V%)lJ)2bLxkwB|zB;T-U zRgD}Z(435@Qk&*vq#=P;&4~KRrd2c2kU*<$l-#mu)s0dl&}ta&cWqh?!xIU#nnu(6 zHm#=75ec+fM$QA9R?FCd1X^vw#Qt-KNzswjzP%Y?M5;Y0gF|5@;?) z$#a|LVw56*R@aCnBI`ZSU+NkeNTAg-LPVQZ&xl6?&DC&_Y?`a#j09SJ!$Y=d^$lMn z&>9#Q6`R(;_>K|pAq|aNjKWB=G_z?#!(9c-FtSwbQn`^4!-!ipHIh+lD}UUSlEy7F z)uWEhjU75K0m^G-kg~S&S{V*VpuK6Nm9uGY8u>_|wKhsB*tFJ0DH3RH43CO7t&QP} z1ln6h%StxwEu$+EXl;!)Z`ic9h6fU8ZyQ~!*tEBe{z#y?8>gz;G`DJPrO z&L}|wt-Z0MnoVnO6e5Av!MI-2rgbnLAc5A=2&iq-IvT-9pmj2$>e#eSMj8@mosH`* zHm$Sq0131%#_0Mst&1@Y3AC=pV>g@D)leD%@j0ZMQHc@1?%j;)jKWBQ@JB&6qZyK; z`bWV#Mprw_?uI97$r4%L-AG1Ss#aO=Vf<)k+0(d-T3fl<`ku!5#!z|~$y7V9?`7mP z;WdML_BH~W+3MNbSbzkYm$9*hP4hAiAc5A$Xw%B3^)WnB~4OVX1{AZVZ`G(z>wQQKG^&1zkYz>$cfCK zuaR%&8@_&!u^aP^96DjWpHX6$Z?Hk#)4$^t(mdv@ z_cz+T4dwA~=J*@k7(wZ&x&FprM#l}X9BK?_#P0z^jgWS>_6;@Sk)Z9vj05d$+AyP- z5wu+(gmDXLS>lK5M;gOBaV^mK7#VGx;iUK25x4$5<8#zzZ(Xr| zjByRgvhiE;zHtZ1aJx>%8bW98<;d1wNr2&i)R$ULFlrF&oH7GC0DASGmgz{z? zZ!qHJ%{JUogR3&faO%!2;hrbcZ7i3IgrW?VvodL|mBNKnrt;~^5%GuhC3 z^U|T7X~slGyq;;s0@UDYt}sfG;A*Zg#`b}Hq2yF~&=w+XtO%6G=$a1e-4#X_C)Tr8 z76x{=Y(7KwCYBNAvU4XM9PTWL5VftFze53p$&MidfgtBkt?ZQ3e> z_;3O()6fRlv`oVZ3AELQ=U|(*+VDpLEz9s6V$-q=e7+r_iv^8|j5=hH;A>A>F zhKv0P^gq{H&%Ag%h`#eeB;VJysgR53wWh-c!x>0L@~fZi_$e*LLJ9`JnP1awDnGVY zxlcGRkcIoeGL@zlvSAsa{|l^YDxv@9>m6T06!Q7I4h|}5dg!l~AJcmN)shgEj2=kn zfA@NmraJwfcK>NE2L~O?TIO%7)&H!l|97{=+E2;_LmZ&DSjfm85Oauz%&rmrud(zR zsYIy(G5?%ieVxVMpz(KbD1(vw?>%g-33WJJ)4{<)q66WYzI;ZC1)FA5LFLD-XTErB zA!}ya&fNS6j=viMDesNfXrB>Zc`VwUhhz6ukPGas>C0mzaU-aGX)hA!|8%#dFPCET zW?wpZes#Iro{wMq^e!8Tkc#Ad5tPW&Z3k?nLrp{yo^L&4J&u_R=lOWy$3HIw8~gM7 zr-RL}bR=5P16MN++AQJNLj8y|@1HZ^JXd*5Y;mxb%j*L%vHG+>GlBLf>809QSmY%F zDxKL*L(1dda<7AfKo0EYDV#sRB0q}SSoQywoSz=E9qY$MTAv{S z4h|9tPK5KPY0nX9xzGcbABHnL@;N=>xJNjoybjH#Iyi`=Pa;_Um;fFctb+Q$8Ihg= z%d-XGtrPVOHgM(^9a+{I!ZDn&UVZ!XA_p zue6>S9R$a}d0Nkiqzs$ixFy`9EqI3CuOX$gHkipUx`f2BOvUT}>hrJ41?w~k@ACG!Z0D`H z`1*~vnwMgK41It;fzebXyr1x>a-V1D%w{3a>D^pnag*tK!@)rzPd#B}_?V5Ljd_$0jM+FC2jSGGuF}}+Pp0hc9ind&6v(Ne*c5tv!o}K_ z7mvZSNQ&LS&q7zYzTCgHM3^OBJOiGgT#=P%VI@keL~DC_E9~2Ae+=!i_7HAqJ7e|0 zYs(`5t8_lnUsQQsP_2>SJ&?DE*ZDt<(tlG=`@HtiZZYiDSK;NzL;YnIZEH)pjeVbl zYt65S%?4)a$|r24@K&Fo_pcXwsqKt4@Bg!wJW5ap3xT@5>MH+Lwf5f7BevGT3QZ)J z=)A#4`v3ogZeh>7|EKLXSbN=n|9t)5dwBVI{I6%MwdMDH*rlktzHYG|KM1m&hdl?rHn8UUzv~QL`>`jKzxsdOdA^#muiNV^Upx={02b1l-sNBR zU_J9)woQd&x{iHK-O92x@XK|E^D^e*`&v6D!J3~(`@cKG>jSHuzw`Dw%h#R%`x^2+ zA85;qrT^V|m<^t9g0-1_ovpe4z51V)^}l8RKdTkwDjWarT59bZutw$4u=XF@*!QeeB~u*U+H zoipKDZ>PsHxkdNo6wC#^+PX9F_s7<`CG=y+)p!_;!C5Pztk?mNj_`pr^kb-PW4el_ zJ3rx&e%KpQ9@T5C{;;cQAu$bj{hkBrp|0%K>THCTN*E*{Ug>s8-BP-i zu%2;YJ6+KC_|6HOhvR>;8^(JMToLR2?!P&%KM$hajHVJkJO4@d<*Yk$|I9O7YaWy2 zlTa(3?k$94NUgo7WGkZF#{1-0^u2Im=?mQ=S)6tNOD4I(GiK z%I$5(*4>7GvZKiNC03n*I`iXyvVZvRY^?iE&^qe~`lt5%lO0$&K>SbAR3aB>5B&fB zd5G0X+W-IBUh8>l1TOg5b}wV*!bs%vgZ*(4+tsvBc~5&emDnuAQ`pJ0_H*9b?d|RT zTaRruS=9jYLP~ecHo~!eUi*DW-pBYX!BhKZ6WC>yi2NaV=t5^3kxXTug>_j0EuDH0 zdIfLq%V$8P-*TZT#Kis>y#0ICzCQoy@$2f}ls?yp|W4n@MGOie%*QgNgv$7>H2~Ckw_oqKkD*=M13&+&W9zlEkd4QoCV6zul(Ahr7r&Ytk3)U(3gMmzZB+33{xcgW z_YgMmRtm&fAt9ULiFG@DrqIlo*!#5E519`3a1T|@ zIM`d-YB*#%#NjBt`e5ncpqVlGZ|wiistH6xX4gx3Wi+6+5C^b9-*E`cm+41T`yvW;2$V;Ir4kz(sJM$NJ{Qz-G^M{M zrDIbd{JbmOC7|C!V=GvG%)fh(Lw8r`j@cm0&&D+xKHuB)$3ER=T8K@ zx7#1X%q-HG8CnE=%-XB}x6bojNBj9dihk-Uv$CxB5ni9S=(w=19A0$>>It)rg@C2C zp78wgs`D^XMB>GK+PCXf=OKpw$$5yUeSDx+w)#N1yq-MT|J?G$Sb&vM ztgA}OZXuz44uT&>P{CeHmx+>8z*yk_hUmC{V$Y zep8WJ3WTe06|C06&_^WdM1n$y zRwSrk(3vu*Xi$-8MbkPlgG!ATG+5D~lQO6vh)5KJ!A@jAFknSuNg(B!l%XY0V{2-> z&|-amYn_#k@o)RQeV^z3!{@B;UTd$t&OZC>v(G-4%;Bf8bl;=zs+pdxm}4M~Fx2J` zR+5FrpFW@dW6{4#U-%;J@tg3J**qRe(v{kIji!atU*r7&9HFboLeGEuZNagRb@laj z(?TXYVMpqFg?E~dGb#apQC1CaQ|kACTU_+7GpwH2nl|6ZV)8|ofxg;l)* zX;T*z(Ow8bI(Q#Bc^{?lK63Fsa`Qe)<$aXKdm;UM`^a3&qj>wyqU=06(VKXEX>;^8 z?`@i%bpFNM`z+cP^IUAo8PE4wEb4krUxPNp-}>>aa?ZPbxqYR~_cqP4=iE!VrtIH7 zH}G*p7F}BJ`xbh`%B*w$QuGwSqW;$J+;^0pm|Tb}2u+!3Q@)G%eKj=exsPZ5W^K*- z$Jod8>|fS=x6^E&SvX%?RC5bOGxzupEpNleyrWKI#dj^-KW(;&+0Om9sDIkbHP>SH zpMPwowJ$(DX{Jp*#2hV6&wnNR$Lyc}VSGC3&8q`l{Rn%%Z>(E}*l_-t7 zd@qpyziOW!wu!lRb2Ky4)q%bRCRv(Ei%e&-V2rLjK~MO8DVj6f`*V^{ZKBb2_I;E#pPDt7(wX+O4=+j_xYRS7}@(Q{YMq^*k6d_9ZyTA z(;CUMFaEvgb-JQlO-9K7)3dMto9m_a(G`_4zE|q=hbcnI3X~S2+x;la5+K{>Z zzf*Jbjdyb|T>2Q**_>0E7PD1NNj(tl6Q(uxx0}ai4c7ks{$?Ic|LU)MzMfD1{ohbB z-)*M%l=}8{|J?p-{8woz`~8@v=MHXvQ~vX^|I;=8Fk1ij!IqcPanX(^3l_CyJJs#K z&z%_}fAeahe<{=6-(vpN9{ok3&VNzZ_t$Flc9xCbv$gY+cL)ESnv>r^OHs>lwsr9} zzFQrQQhk2-H;ELX@2}qI9WXnWa^M{>vu;$1uItS$>braMokim>E<7#L)plG%8T>YamEWNF{$D`M;+TE!LXdy|cOh2s_({hso^$d0 z58rwAkJGnxFY(cBzNPRx-2eIa-gYo}zF}SiJ{h7?Plo92`dc~uzsaQteOJC`Vr0Xw ztFScNie%rrEB|h~{}}bp%hJ(GGq>-La{c#|neN{Yf0+A!%hI=}=m_dde|PltS^jzM z|JxS*@9S*N%uPvkzQ@Sf!~+szdqInd--CpH`-BRb}dSEO%iESjyB*;5}-A`Z<;d zv0RNMU|E3Q&Rd{!VmX234_N+)C4-0*S3Cl&sw zNT(v5uC=QSECa9%#4-p=7M8(ShF}?rB^%2yEW@$nU^xTJnOH_($;INqG7`%uEM6?5 zv5dho4$IkC&cTw0?X%oSjV7pqNU5o{NLc0)L0PfRnfb9m@Zh-9u*lvLBMwGu1 z{o18iuCVxF^TXzcEr2!)pj-guegb_VmLQfzSZ=~{GnR5JORzW< z{c`C5NUO@`v4Sknn zGo%N7lhU1#XQ>`ekJIXE&sEDIC#kLc3-DXbUw*gL)n2EZdR^@eYB?k#u$*a-XDR;* zY?(^pcTvg|{qkZEzdCpr@@M!}lb~8VHmOz_pW*jTRvBbjWsqf!(S+YM*~$@C>Hom* zm^2#n`y~||q0ykk6}H4a)*Wza-pjr51~_ z|7;uo!lt@p^RKl1>f^diS}%L%X&={JX35uP@3Cq5_yYCY`0ALNi{9)i5I^ifFL@FyV;{dhH`|7wyGS?0a_EYfFQzt)IruQf&>cijC3 zexQ)rtyMesj@3xhFZL&4`P69F4(|Qj=;qvRZPKza)^6mUW9{YKF63TjJ(LT9y zrLEJRbzQB^3;WBq3B08N%hdUA+X5D9y?|xM-CtuwyZO4fZ8pdEuxzwn6=^|)#hX8} z6>+I9`y1CBX3J4nXuWyjnS0q^ZTrv~S@=5egLge=ZASVlc-ofz19I1ToBfo1=N&Hl z0E^|N!S>IfL8&LmS?N#uvf~+Ze*j|Lb{kXjVF@I$*vi#S3Evm>uzdBsNkvHf^ zxAa&GEhn#!*$XX$&)kd1TkrbHzCka3`x}&{HY~zXbFNKujA^krN-T?NvLJ7H+p1_A z@ojX=wWtF=!LWCjqtvoy%S4CMG3fqjjxwaLhi9*Etx?AHFR>hZA9r6$5|LHtszv8k#JIfL0Wm`G-v2yNj z<=oTCEi{r;Aoo+F3N3^EWqWDobJnejzShxTp>ZSILG~uDN!-#h>)VvLC0$QFB=FowOVneUjpAnCm`mnTD?_ z7&x^( z54~(gY7XMyjH#C_xiYmK$NRk0PWzYF*4px6zdbcyr?Uq2gcnk&H?B*iIIpD!aXfBE zdLa5R9idiLpi}!4=ro=bp#E>7p z5!u@O>uNE+J-W)KwPTHOTM5T0;W#B6XMz^IWolX}a<54XXtPTFX+=n%Yb)cHDbxSB z1?OT|>eCk6#)OZh1so@@Po}jSYqorr<}{r1PeUHv>Pnxdt!Nnlc^YT29_@npL(@;8 zRE9dGz8d3AKZP&lo|CQ_)A41q9*w@u-e|8tkLuC3ZM-VI-M(nY-1HtCBR_$BXqiQC z$2mGf1sv~>T9IDPbuQ;Rmvfy@={N6u3Gr{)w+XU>Wnk$`>2&-qb@piVP4!dy#n+RM z6`t5ed_`iW7B0@sIHf=N+DqvJEQQm@WOQPNaBfB+_TZch+LmiG=4lVMEX-)MkJxI_ z%TWIXmO{&{2g_l9t!OFA{%E>Iui%!c;678ybqnj?KDs$0tpDE z>qF;@RRcC5P3NF{-e1pl++)y3ZyYwdP7eSsye7u@>fz&LMLgTBOT(;9f|8uXVR{N=z_-o_5De}_Kjg{FZWT=NdD zc`I*YD{o_xeUj{xUFV7=6Ve$b>gZ}LWWrG^9MS(%5c`c_Ap$ci*FQ@h0 z+eaczd*?LAF$_BD-3IMDw?Uq6knEJQvO52zeYK zkIUw9oIEa@$7S=lY#x`*GwACB`6&CTQ2@Clv&d+xdN#9!qm>x1=WIrrzCuvSK4p-9 z&J1#H5V>Qrf(Ctupqz6nAn(bVp#ApEmaKN;=X(!kRT}T#*O@f|_CG zofXDWZyh|rh`cxul8*EZ`sq7z2G?-p8iPj23C7q*@E1immNW2+yfl(bFx0Q-WKx`KXJTRDga_)dS;~DIcChm<* z+&`%og^@dW#504V291iFutz=^ya{`-4U&4)Cf;|OxP_wzjhRt{#>@t+{fog(ke?cH zmiswED5 zk3Xmyk~HZ2(rI+PkKdU`?gC4vanD_3`Mk-ZCk+~1Y1G<1q|=~LvD4_eIsc-LPbx4r+jAwkQa7Ms?i{rr*DMx#9) zb3z(RGgK$mh_~l356n`_9he^utzvnQ=88jSbGqGlFE(gsm$CDX^M>{qS1i4FXgAln zoBMo^aS<%1jOQ+2G_;rPy=*^ayao%+ewPnD&1*Sr{A2TK`2m-S_FxHICMY|2{OJTVK<%Ne;;F z<#rqAcwp|x>TLtuIo|%(D zE%p|2Z<@0+dlk~VvKMpiILE;yA7qbn9E-JOH`?oJk0bp-?DOo|4xAt1@0@Q8TdX@? z8!~Jww>e#j;1{+r=ec}XBi3@&u%&v|UD#864cn#WUuMy})YRQK4a>HEwz_;=7POd&BZ!?e_O#4#f6oHLT1^bCRIhCf4WX4jj;>He6-VCs;q* z_-puIe&yWsDb~AwGDMqcef|}jR%k87oM9gPTZhfF&Tcs}Y^$R0*BjQq%u2$tu%%~M zyY8Q9(N{WdzkRjQ?3i};u;Jxan%Nej{u!#=N>?a_RDg z)!vfRW4&eH(wu`1=Z5=pG~2CDtbm-n_3@lj)|EK(YPQT@uZG38qaHHw?k31T4r|P5 zcU*bp-kdlh<8ODgOE!1sv|4FaPcwGBaloyew9*w&5^ejIy_-F|tu#w4K z<;h{Ek$bMKo7=71ddcSUGYp%z_MtP}HtNaUR?~;(b=el@{Ky$q=sz!?k;hkpr>!*8 z%j0_sZW~|0@l{5qjp{=quvImv)ek4m$U)4pnwMjCsm%L^pV{M>c)91yJR8mYspguR zr=9!SwP$+ZNpi)T3(g#8qy0F}cGpi_>E#$P&b4{WwbS!tM395+?Qo3W~Z_n&P4Kq+fT6>V| zJcVUB*R~0LZ=ofwn!>#ny0*q2Kxy2YA&;!;^VhfQLDBp>Z_GD%B{3fZlx{DavS1%Ybz0f_E(3Z z*?5PddpI46uDn{Yu5)dzimq5&#X|kR2KBM3T3bugYa?p8CbhQ4rtKpPzTz|Zz7TCi z2JW5GmGx3bn*?-+d7$k1rL2H!g}_}-Dh`}ef^LwT z5aspG)4og_lsiuwllhf>o|bZDcJ3z5ou{pid2W(sGt7ZI+kz=Q^ElT=Q{m+_q**cW#yKmFJVzxNYn5Q@I1Uwwjej<7}k=%j$tl zT9;!RJ)Tt@VU=wqz8Ad8R`%lz<#gWt;Q5|4Ye-@7IJbmzOE|Zbb4xk5jC0F4 zx6F)*Ypa*MLAD3k9%OqtTgur|&Xx+cRIsIjEtPDkWJ@Jm!fXk%CCru@w$!kthAp*h zsbxzoTk6yNLhtF!@ebmJJXp^0elsH@Vv!#{GwsP54 zF57{!Bgb~w=^oTP^u2Lovn{vmn>9Aco=NshvS+~Qod5H&-SDStw1KZbGj=xSWB4MV z_IOPz()*%E#tz_naZCA5)KZ?$w4<-;<9ZPdcS1N?FQUC+^k^H_uZFCupuIzL$kTQ@ zN1THHqH(8e4?SBx&Tvrux59!iuG+TNgkW!Z{9#Bxa@`L5tY3~>?ChHMt8oJm;oOV? zb~fXsBz>?p@Uy(q^)y(q^)y(pmFvhT-d&(`MNKksasxA@O) z*Xe$&*YWM6YtQyN=DhGSM?GwgRYxOxwd&6GoRzo-peuzkE?dTB%N&oqOBPyt8AmAN2tnS)AeRdAHU=G&i#MJVWS=1WlsndJ zNuE=|vXcEP*}szgD;@Key7MZzR3(?H*WFYcgosK+{WOk=LcdIQVhkl9wpzVpvp z>U{NCJbSWE*fIIM{f^O>-*{dtYC`usKiG2Ld8O!?3oO|@J8H%Je1T;-kLNww^4sgq z>)<+P+pk}``@AZrXQNH?*xz2i|GbsXt;;_?Z;{26- zbx`l5GwD7)pKjpvR+eB~N!Nd4{f#8b|{&1`X5n_X-#nZ5_{Z-b9!d-pz) z*K_&}PS4=<*av@uTG7$niu1_1wk}ma{aAjxqvO3x^DD4L_$6Iu#$5|6OC2xb{sY~0 z?}2^hBe?r*e`w|3@~iBrKf5&Fld}7Ufs-fbcVHeqf$wBiItwqKG`W%^j7ym?t6*|D zrz!p%q_6ibv`k1jGhl#Wm$Upi%M~nt!SV@~wJg`Ld|~pGl%031n|#W?b<3Zf zop{Fjjh*I2$0m~;{-ZFjD~uy|2}gLQF@*9WcIX^p1>L@rlcpW?i8MvrqH}}0>-y2yqiL01D0=a z^&PNK*_D=GY?&}+4X(Z~m{QMAMmAVzUG)~aLibqC9dY@T4P0sim)gLkS}hYpEAWJf zzF?l2Lf03qmbUdvr*x^_>3HH`zp(Ot*s1??sXyL^t24`2x1Ge(r~~VFPVuCCHRk;( z9(@R|$36Nn^w=)dQu@&px>jvNDQf?5`Uv#rJVjsT&f{-z$1TskHsr!QMPKL6Q}i9~ zJoVVr$&mEL^E`EG;%XyL(Uq)6r&1n$Egw7g;n?x$RLY~j3QG=ZRdnGv-H*PShilRw zUzn59J*mo-lj6tyT5`6K_{5 zM{DJ1tsJd^qcw1}h7@{6)4(wsI6?zQXiA~^c~c6VNt;q=eje3lp847(abE9!UT-U} zx0Tn@kwSa914mzr>PVq4xyRW*$^PB!-)rtieWSh2*UP1P^`3NF;b|^=n#(rnhvs_< zd-dlBo>yqNXn(m~w7)W4+z0gcGUgX%x@hk===7D}aVZzf`Z*%d8aojArHhg*yCHA9 zbfx9K*dvz)xX%Q%3$9#y>AaNfbJkrNNE!La#!Ed$YHk-KeG%AWP&AK0vxs_qaV%|G zj*Iq7j*Fg{OHg4ZBt(^S};D2;l0sKjle-Zl^ z!T)Qd$-jvGOI$NT&Z1HmeQ~z=Tdx_-9fTBKL+SZtKK zw(h+Ta^vGS!%~PRJEg9{c*;}i`WR1kN?kWz{d3qSu%xwb(&*kosp}53MuVh}L?0{) za;<`>l@n=dt8%uKv!$HtS#EBZ>o(+8aBc{;rfFI|_q=nL0jwBd|F zVfG2TwxE5&uHFh_PgkLRx8(`1L-kYNlth37B#^K-|KKaWUsia zo8xzL{BDll&GEZAemBSO=J?$lzuQG;>Td3V-Do|WVO?}~ZgSC=zk3n+Q{yz`lFV*b zMn)sz)A`+S(-SDSn~uRuHywjHZaN0LUGHV2T%O~mW3ZBsZZGHNaqcE#qy4_iqXvzu zdF+$#=Dna7Evbi{#@MJqV{Fu*F}BX^+wNy@d=exT&91 zxT&=(+|(;7+%!s5AlmF9m2N)QxTzOaxT*as+|-xggQskDn7=K_tZ-*!v<BgJ)~&q|p1&OFgZ$IT%OGv@=N8i%Z!BI4c}HzdwTr*+Z0|A0Lc(dJp{-sViKJxevX50$uQHMwc@i=!r^XEk8k z$IptpJD$1_l3HLtdiCsCt?rdq1R-ez>p&lVU{(_Tt7dg`pYKKPmRY@=dzyQ=kxE~I z4rm`@i|Q@(b?SNxeeF5v?tY>hlH#~i=@?16>5J6vRPu4Bl8-x;ju#`f`-wA4j8yW> zWKScNJTuudlRY!pvmM*=sS(gRpPXFM$y?WsCsx?kHtO3owpZW0q9n@cDAETkJ^F$( zpDoF^QyQ*X()Q*X()Q*S9?djZ=E*j~W)JhtbtJ&)~qY%gQG)7W>$9anf$sjc!- zseSUf&iP!!GA>odrOLQekV^&G9%Orv?d5DQXL~u@%h_Jb_FA^rvb~n=QMO0f9%Xx! z?R9LgV|yLj>)2ky_8PX=u)T)uC2TKYdkNc1*j~Z*3bt3Uy@KtPY_DW{CEF|6o@9H# zx$g}BRR!D{Mcf)C+!`g^8c8md+1|?bRg7_sT&gsc?s$}?e*5U-v&&NFyif;8=ftv9 z>L;bCG^UlN(w&eX`vlo1nA(nWYmhyI>{$-`%V(FT(%rf8RJt!$o=RhBMJkPQm8q7O z-m+Ju((EYA{$chHr_#O9aO&IX=M{$8zlPhVmfNR}+b5j5(cW=&7;9g9b{)4>lzld_ zPXqhpIH=z?aBhx+dT)+{dT)+{dT$f^$Ju{B`|oGZR)*>UPjgHojn8+e|EqJmQUB5BxYMYfMj9Q^Rh4#&yi zI9`t9RUE}4*2Ck~&w!Abte)H4l_$}Zq zD&YDTvAu-trED){ds!OI663hrh9{U@halG>m`3|Lm`3+_gS_5g8s8u0wU=|W3XWFE z(SoSS8`lLn-3Bk;ZRlYCB>Q)>e;)gHvwt4@=dpjDd3S>SPqV*~PW{J7r{3aDr~6cNef@Y@ zr{m*U&zE(n(=mE>ybkvSGSlfjd3QS9RV#JUe94_oca3UrMRwoiH7W6Q>w=v05xD~w z)TF$Zab`(Q`qi&bTF{h2z0sRaGb?X8y%*|=hgB(BV1b3?Q?S$DKFmWOe)WbTu5%IBwutLl#PuxV zdX{lLi?|L&T!$hTeRa2zOI32IN-kCD(lY3pf=0+v*Jbkt-dO6oq_hX?X9kzCXL&k}a%DXJm#6c&Bc0D3>3r_so>R#^ zC(J#k3}flv1Es0dZ^PVkN>izCl%`VOC{3ll8sum}_N?IuwH%?2BSd+$tmCp#9y6mn zW=46;bl|UQ{6fcs54=yQKKNARAV7))wz(*s)>-Vz$XoV+4dj7G!;`p$hcaJvIp3nRJX&Y8!-ps zufhJf(22k0stV%Qg0zPq$7+v4=4nqtj@MShXD)mOstu57s!4kemQRp&s5b3PL{4aH zVd>=Dq_zo`liGGzK4qUA3wh>RXnVbu53$~{7TW4O%a@4utmRNpS9O*nkP*x8AYZX0 zAU9c#L%weL1EO_Ux*$KZj9iqadM#5SzqVYn$f2&#De`PcT~+CSz#1PzI!&$Duc}PL zyWW2YTGVE}_~taVl`U_=lBV|R>k(nU-Uj)Regg8OZo4T>b?b|1EqV|&?A57NXBZ#C zQeileTWRD#hK!3K!^V8bM~oLCYmDDRwi?!((Vhm?=QD%0v=?RZB{qY$^t3_yS6MUQ z^g|ZFo|2F$Kv40G?1640# zqD`!4V@pq4C(~MN6hFg8kuz-+d8myd=h&!kcx_aNvFwuvAN+Q_t@!4FY9{OhRRA(g zt+CCibf~DU1TkN+&4%1$I|2E+?aEuy@czgzA>XzoAe(HjE!I`cMtd-B>q2_3t$Q*4 zS`u+|wckc<`;qN0i_uE9FCp7(e@AXRucgDLZbkpGSs|0Q6v&gdbjWU7Cgf+fY{*_) zF67s?vmj5~&Vy9;$&iM<0McQ<1k!E43^K$1W5`VVosdKAPeA6_pMlJ^zX<8IzkVye zxM^=hI?vt&Io|$j$b9>IkQdl@Ll)TEZpE))*r_!N?bHrM_DG_i zoEzZWJMFahE9`IIHc+jG#iG_A7k$kB3H@E9lw)0vS&#*eUqJdC zTOo@a9gs5|_9a-0V?5+lj>V9rj%OgR!&{AMs?6~vq~9^%_B3>liIBHAehgXexCio1 z$IFlvjy;g~I=+Fdba?MTk9FJz8FoAl`H16H$Qs9QA)j=71zGDDdMA!S$5hBV$9<3y zM?GZJu@~|c$6p{fIWAs`{qDF8vcd5zBWp)brjAq#b>A+c?*fn|W@VwM|NZe{rmOD&7y zI9aB$%wn0%@(h+9mg88S%W?wC$&eV~vuGccWYIY9&pLr#7tFf)ZX8)z&5-3;`S;++ z%Gv-~k<|owZ`R>^(0@=C$5+;0k^UK{Ls|My2dXMghqDGFy@Jz^WSx)nN>0~g6(Ic> zr=QH4{Zkx$S@R*E&H5>1UDo4}k*sy_sb`;PRuj_eIsHo3L8LcudQ;Z#;rV)&7h}s- zwlrjYf!sGa{dU%6_YPEzoNmgx@m?IEEaO>p4&9se2rT=vUWNQ9D+{CCL3lb;YgP=U zKH*YrS-X*L=X6KbXYfp9jb4uPJ6n=j*C2g@(Z`oPJ-AL2~f#g^{DG)jER z>CXm#iF6OAdk1Hr#lGP5*Mp~^o~Jl{dho^f@y%^*&`w2*=IrS&CY||pFIKcqwF6+wq{>csjIf^BFK*H%OMll#jq!{ zuR#1S5Ffpl%yI$CMwVH*6rp|;$@MHZu-wdYE6X=oHkxuYdG2J{%<=%sgDgK` z`8$@KEKjiflw}Xg>0>Cu0hXVzY-icUa`ITp{nG;1K_?DUiA}`es*5>FIX07ijv64We9hGVu*Kx!t;F|?Pu?I-Qh#DjRg<=nK22T8 zoTaX3&QVV=uUG%cT&TWa-looOApd3RV&?toc4oEO)Zl~tRn%`9_&kUo3{;n@nrc5t z_JttXi4(yfc&Xaium~(xPgO5weS1R)B>!rV{E6g`9|+`l5s>ohLCRm(kK{-CHr3LG zpN)k7_J(c3=6FoUNPeVmQ`zlZ;-_imdWaNH2d~C< z5o!C0+mx@}!}`t!BKeI1$&W~WMDi^iCN8F~aX%9&LLdhpmK5?7+ zS$mb_SF;{%kBD9`TnD~``1o@Pj!&fZH4AsKeP;ua;wD(%-asV3PT_IT1zoe4_FSPy z=mV+#L@HM(^oyNH_JAaffOeMQvItrfAEo&oWJLA zMC|K8+Abp1gSbtNII>>!4Ir&&8|!EfklO>KezS}1HPyszYRZvAtfL=-)2CGfB2c&pj*0DWepCtM;$uAOpy5!FheWBzNdAr2ENc3f*uMqud(Ia4s+SRZQ zr1cZ2Jdx@f1&h_O!|TPqjfwpa^7f1Ukl0U%{<-M7-Si_;T;hd@YZcwe+}SdybK=P{sX+Ktj zPX8#G)TQhjxh$`h%6R*>QhVs3BnfaEs{BtIhMj}}g1Zf}?_ z`W(?0g5*ymeLC{v>m%ZDo3PpyM>3C+Z&EcK9TZI2tSv6-D#F5a(jW~H;B2tVUn;&I9>AR zh>ph^X1jL0V4|r2X`{ z*fp2AT|~;)K`J*0r1tShK9TZANq(W|0pT)`{Hs7}CnEV*gNL;Hj)Wz@UhM0{9u<4D z*mr@n{!Y=8V6iG_)7)mfK_J&l^hu%@ie3cL_RSG{K_tL@<<%f$Y)upTT{2M;H} z7B%oqBUR!Hy}}~lGGP>?_25Pt*C#Bj@5jGmJJvy`?TLy#2DYf_ZzjQF^+4OGbThvQ zELOp`LmQEn|Iq!wRri zt*x#HDc*X~n?>IRz61Mikji(8{epp2z5?X-6n(wu&7$uHxgAA6Av%6$ zkL{y{(}jzK)gYh8L|-p#W@0>*{M}+d#Kd?CUTt4<GuEYe>+Vg;!l9wyE!Y=8U6 zXtDc1-hR>jqAvumw(mKzNbJ=h)r)ww{m79OVqeGl*GJZizKiv&quO9IZlN$BTn6&E z!Nhq8yxKnU=sM<~b3_k_zEHSK?A4+_E&4jq zcL|RRKbL%Ms2P8da1==OnIw9l=+lIA#2yg63Z(vDFZO1ko^8hQfW_*|!=pgjKSbKj zLdl;dTqq2I$5r@E;-6INTh$<)7b76egNVn~;J1jBUk_4!*9mtCkAt*69luz9HLX`T z4J7*%L&XDyBM+to(ji=K<+TVV$FBH8>^lH&pf+OvBcSOX# zPV5`l9_omReHTdkJ0bdUA%2?JYzJYkaFoy|oF*&+Y5V=6FBFD^)xwBy9Z1^|1*u#N zmGBxUZD@9c+;4;4gjfsLCLQcJuLb<(PLnX+W6LS(Y2AX|Aijm zDB(0=K)6s?C9D?KgEapjQa#oQn}xfCoxyF^d0 zzP+JS^y5P9EZJYeT(CuL-|i88nvibHQ~P}?|NKak2r zL|-R*O!Qr%C%_i<*xN)ZcUflBP*^RDaQ+25)`=cI*Q~EPkK%-PhC_$BOo1@ zQL)EFPY9DBm;VpbFIVUj`h`J|;)XF2@8b*VGyLaRicMk$2cK+v#?XB`J_ETs;5VEFG$Bv zq38i&l`tZ#7skLAwR2~)=$%5X(2Q?@R4*kUlKQ*<>$jt7wZ z43O5BE4oKmC=3XLAo*2^UN3AGb_%tb5*MWUdqnqwRK8I3BF=xRIv{$LuwEFI{ASTR zg-Nk%#pZfE!a`v{SS73%MnT$-&7yY-wOJBJSSTz4$v+@^m9SpeEbJ6&B@#ziC=3Xz zg!RHGNbS)qdK{$o>J&XG`PvoIo*>mH7rb6;dXGr^&m;75{`j^+(F4Mu*sDbMUP*Dr zw?&y~59X*g?Z;G~nrZ{2^>~;#UYKjE3&kD)$*)QnX6|f=f!Aw8b`iP%Nqz$4@mO?q zmGnQ5;^d0%5#0;Y`h8+AWWAuxFM6mS`FP=c+?Nu2Oc)2LeG{T5L5izpo9oXN`h-Ow z<@-es2_r)9)n>jihd92i3Z(6<7beB7mCAk*`at|${H{XL1Hvj{9HjMXbBTKndqApp zkoBjkt5~n8t`}<8nC<2fhCr%E1jKdFt~f|>lFVa=jcaMXQPW1G=Z1ce`~x7hKYgv6 z^eWNAOk5v`yq#Lz44xy;eqkPgNVtV}}cwYpVlduV>2;_DIsh-WkI1~LJY*DdzQgrPGi3ig9d?4C6UdTG0 zn{z(miyq?DcHN{W#{a z!!gcJ>~5C)PNC*Ewu zWPsEk3Ykw;`#JxMJynulFO0E$^80btv0sJSPoy0|+U{JiMcw^=A?w(F&VQgSAbN=N z-+n*J_F!AH*pnbX*Jt}XN414!+(IV$iReL)?>~br>hJH@vyOfY(tM~{bQPrhOZIv| zdR`P@&TOj^y;&G%Vt<0%9*f9-e49sDBn&XuR#$=K7XfKJkBU7edME2Bf0Mc1LXiAJ zV2i5V8)iGsH^QQuDIdol6Z3YE;;LKZ`~Xtf%Kf#0I7WnS--2z&-qV%5Mcd* zwg~G7K8P_hS`y4TEuA2h)0R*i+&2JQ)T$N_>&FgPiM<}Aen%`;>)R4wi~3EAx}E6S z?`K}VKg4`!e-+5>%|v^%{r&yK4-DIZW{~z*LiA42wL46^N9Y4v)Wru1MGpu=AjPQy zX+06q>siP8z!vqufo71_(<#*Ml=#9zVL(^~a=n=aZJo?fZEC664>XYSb4B;Cj`@e^ zg&?gjAPkAUO7w{6^`gf_Zx%fvdZ*~>E?FmXZJ3Y7a>3sS*}ekbTeL0LXUMpQ^4G#y~ngnpq#;mJq#Dbal6xpDXl$-0wkd zCt;PaUf3zr?lHHckcs)VuuANKpGv)i^}=Rh=e=gWwp`W+^7)VToej-G&;4e8Ay}*$ z+F~I21%75S^mFP@dk@5zDIcl_NWb>OT#)*qkM%Vl5=jrS{<{w&OwVr;Vo!o}ys41s z7XxWMNsz|tV3nC4dC;`SgbAUq+O+$Ho-oxH?XtpT@F6pfdf4>K75apQAo=@64+$f} zm@p1fJrkmS6+I-3 z2xG#8P(2}Wgg&8P7!pQ=ogl@>pVM>y$`yLSU8?mcu~_}>s2`+u3kkz)cXUKVPk?mZ z46QO*1ybCI=rNGnOBi}e_Jc6@X*1s^EChMGMGpxh!k922#18>*{9K_==zqqvhn_VV z5hk8Db^O$sSx)E^`h_83L>Ln$glesn7y4c>b-yqqR4k}qGY7Z5W@s4%>0lrA;ceznB{~%VMrJe#)JtWK1ynq6Z(XHVMrJe=B_vW zeL}x5B#a1S!h}%0Bm9FeXe0 z@kb=)b_;z%zc40D^yP0d{ry6?ObFH6X890E{VyhrG@5^x zl)J-xE`*o<)Tugy4xAg#wQdO-A$=vAUeM2`uzm>I7Mr1JH`W}&B9;)1k&RiZ~kuLrrlV)wjf z`ujlgFBCl>42eAk^7adHl2UZvUjwNgxuSc(Vijxif#mNOR)Jh!VW-d&H|>QWl?#C_ zYSC}1SVy~qRIg5u%B$U`u7RZcL@xwsyF#K@Nq)UBCiYIz)gCiWE=bQqJs`&e@jUf6 z0ntMst-o3H1W3=BIz?CSo4OC=_5-;dqF1qweg#tenAq{zclOsnn%5UHalHo0=m}x&aq$yIz!vq>-^M`hSFG>(ZEn)k{UEomFd@u6A#sEeVM3Vu2gw&kgb88p zA0=NH5hjGWC(Zl>Nd1Y}qOuO-$Lm=qwy4F2eWLq?5s>Pe5a#}utVb9TCi>WI=I4HD z(kBcFBf^+4Ayj{sazdZbFANDI!k922RDY563H`#5Fd~cz6GHWwloR@eAz?%q6DEYY zJyK5S7lwopVN941s=vy13VlMqFeHo#6GFV~!uugt=o9*dAz?%q6DEYJSIP?`!k948 zm;Z(7=NCqV31RM+k}r%16GHC@jmPyOChiM}9v9tvmYE+F#`|=94}iu^<7_kED=ZQQ zg<)Y-=sm~u4-2EhxG*U+^33=_kj^_{VN@6wCWXeiQV(H~FenUz#p;^2C^OiWWc&68 z?|EdutF4InKwB83`vS)KCWFGLFb?wbAm*{d;qj(lROp>x<`*&XcQPQ|&m_`w8Dpa9 zUnC5J&uh4EExLCS`Ni78`DUCrNcHhfmih>zOuVNn4F8DypQ`r$2XTB`P#C>{%Hh8M z6q8XV;$3LQiwlz=-RFo-HSI=$CX2{_Zijce$uKj}5f_GMnB|kg zqFJQlxqvVZa{nnY?Ou@T9~M0-EV{zX4+@h)<4Uu<7o@mBVOZ=@(UU^s$EJS~$o{P3 zK91-~VfZRDKPvRjHuWN5P#6~`h2g8EoX|T*$_azQurMlgD4V*eQYlR-RRU=P=W3dA zg4cj4;I*I&ybeqU=V=Emf3sxhRXV~xSDZVYC!K$Hj!YSwlAkgyWnRi%DUYXYPWeqrN6PV(J6!8s zjsFj8-vJ-has0pU=}w}l&^wskg?cdg;hR~+{m_ug&XV#kR~632=E-fz0ZQy?frVKi9(C-I5KPY2x!QkNF zGX`HW_~F6N4SsWQ(va~(ZW>xN?Al>D!~Mfg9X?`2?udpFCysb!#CIcRk34(i4I}?D z^2?C}M@<~Ha?}~4{xa&zQU4s}7+pNNboA+?Zyo*M=#NHcj9EP9xiN#r-Z-|;xV&-R zal6L7J#O~+hViS%pE3T$@qZnE_+hUfHe*7;gt7_l30)J8n{fVw8z+1@;l~MwPds7b znG-Lcc>TopCw@Bd$BE-6Nk1LEBN8KV$fenKKGzTsz~@8Sl;bWX6b@IWya5hG*`adFsqN zW_~dE>~ClPJbT=nwmG3W=g+xv&VzHF znDg?Sp_%hDyEBi=JUR2U%sVsR&-^0OId|OL$#cu*R?j_e?nQHNoqPA(zFD)gDze(L zF3ox_>%FXRvVO`MlRZ5zD>sn4HFt0B#kqIp-kj9s~H<((@(S-E*t-_^&hzGn4; zHRr5pS=+JplC`(4{c^3to#`%epX0vVeV_YDcfq

(;J2ZrwfWep|ZAiTIlY^ZdzTikOPOY51Eh zro%9KhL|g6!EiTMWQzj8B9SkO@prhG2lK-t#ZjVMRKoCTp{Npz@mGTps1C4R)QTm* zRsvfMY>ilf?esOG1<)(jVJo*q_<*$mYX`O-m>=+Hzzu*MfSn?MzaaiXxX-m)Y!sV; z?Z6!{$B2m7DYlE_5!#K=DdJdhrZ`Sq2+GB{-StvXFBd0^E5)f|zu1fWTTd6af#V@@ zws=OIE1nY+V>cd|A*5!y0%J7*4Ah#+FGrT=GOXZ>$CxyM@!YbT7%}(nzS};wbl-f z_24)f939~31V;eFd{*5h*9h_aqALLB^$@h<)lU%Rt%(FLX(IUE4Fn%$%Cch!U%ZUq zrx#uY_{Gxe0Kcsx%Ee0vPCw3yUFW|Ulk6Xn|DzKNmR zdFFr^B z=(N7TozsYZBbQ$DV}!4|J{|O|-;V@*sb>=4!`ICOy!)a&z1HYdPm5Px66Nbanym-LwgCAGZM)x8B;wc2Gt?LFLvr zNV!efe;g=F!zTgOUwSTJ&b1Vq@esw%y5vGo`rS>GSMRzMcyG^osb@c8S6zP%;7=Fb z3MlKS<55aG>nWzJpkx^>Ty8%6|X)(HR5cf_YwCKoO%!S z8ky=A{<_S4&w}Th$0;_W=Oy6#w!Q(_#c=o)ME`lwd!YQZhwxJ`{Dg2@NuGM)m!R0w z{tzHenZt*S+jIDQA;rp^yLrU0r|s>zSzN!ZcT?Jn8BQ-Jd?iEqJ~!O`1K#B5a)Oe7 z6W8w!uHS0L-HcCt`X}(@U!-4$F^y}ps4@fil_!n@{5`|38NPA?Q66Euf#D2>I>VJ5 zdp*PB7#55<4E&#uCODAsAFiJYe8ovr7d<>?UUvq)`Sv@qK|h+|EFM4iZS{eti=q6Y z)>YI79-l<;GsaUME<~!X%P5B#=Wz-Ak>C`D&zwv3d-rIfT)*K6aGr8qHDEc{<^vlV zfR8wd;O=UIck)QSjK}cDB9uzDdHHnNujLarUa}ngvQ&-yJ)lTj&J^oAJ3!gDF9hgg z`0CYLfcuX*9#D>EJrAD@ynEy6fP?NQIQ3|Pd+#E+^#X$PrVu>*X@WhBpK&eW{aggU zFDE#L@vE4=nt3+PB>F{+&-M~tHI3knoadE`2|tBlH^ZBniSjb@{M?%s!3Iji2s?cr^14_}{g5$OLu&#*2;k-&m>5mskjnL7il5|;dDS9a%W$_L83n>g8_BOp{anw5U)cX9SHge zK-}MqcnxytVBn*{rHL_sI;7O$z{dgVkW)tjPC>j5X>}~%G%+47@7a(4Tv^oQ@9P+FtT!1>{)H%Rw0d>fza{(J5=jx&nlCCD20Cmv}iB}U#0d;Yr zCyT7e0saI@TNnR>tc@DcJb+U)FF2Fiz4%K-&fw)OG;&XgdM7YP$fpX~zR@*G>T3q3s5|L^~Pq zQted0%e1|Kmusg3eyW`b_@#C>;9s?UfIn#G0Xp>y0Mqr00LSUS$2*S))Wt;oQos`Z za=<423czN4Kj2dRD!^s>)quwgCR0H7`&)*l6YM1LIcQT<847xbqA zU(%lid|7`U@KyZPK0eoA34e%ZP4ZwHxw*cSQ-vRtke-H2@{R6;{^^X7# z>Yo69s(%Xjnf^K87y6fgU+P~0;< zN&f|$lJqm)d@3O7JxPQ1XF4GIND@3T6HphklAOS21L|T?QVQVWq`rXFN&Nw9l2QRr zN=gUM$$)6>Ndo~-O&SciCuu0?djWNETGDXfrvsuqlSTqR6HpgtC5;AtHlQxfNg4}$ zAD}MIO&SmUJV4y{pELpRnxsjfTnng+>yoAbzaCH*HzZ91ej}hRZc3T~{ANJZLeebY zj{@rAv7|YGk0;Fqd?G0u@X4fHz&Dce0pCn21bjQG81S8>d4TUG9RZjOWuz`r93{x7 z494#M-Si%$2P!~jvauj96JHq9J`QbJD@JsJB|nL2h_#UjuU`y0K_Qa z*bTfB5Pi*YGVmZE`kLcZ;2QyT5pwJW9tPC$t01QX?*`PxCdZk;Hv{Toi{otIJ%AWn z9Q%N81H{lL2+n$N3UqU*{`;gPpH|J_Hc$)AR1K<+?(PEt+0iOhj7VG>3_!K~l49-u1&jiHC;QSo;Y(QPi zaefIr6Hpg(onHaZ0@Ove^KZa&0CiF5{5xQg^IO3A&hG(_aQ+kUDCfTcOPv1!EOq`D zu+I52V7*h*(K4M$fDKM3;8JIbu8C!UXot?ez*hjG9Xk61Uj>Ny$e9Y<4XBG2XF6~% zAljsJAfVql7%<=*3K(_{2kdc<1kYAL%uvqJz_$ZphH{Ptehi>4b~?uc{?0i8aJO?3 z=qCZ{;$-I(;HLm$c5qGuJj*!)@NDNSz;m2)0QWiP0-o#420YK13wXXWAMgTaA>f71 zV!(@>^8hb)9s&4!=aGPyI7=h=WiI`;wo$9W#$PtFSf|LeR6 z@PE$V13Ho~1#~7~4w#;N1>msc{eZ)huL2yAd^KuhBp^oSSwd_7=K@{NF7 zlWzvxmV7JVg~_*r=ORFSY4V+bcO>5p_+awAfR85M5BPNQgMcq29{_wU`OkoFBtHuH zPV(b`?L@u0W?_=Dmm;0MHQzz>K!fIlUM49Eu@HlPqT0waJw zEk*%FN=EMuZRZVuZSk#uZpF>Ulq%N zza~}!e@(0g{<>HT{B^Mo_?w~)_?u!q@V7+>_}d}^{2j3g_&Z_?@OQ;l;O~mJ_6x8fl1Z^dW8zY|{o|4#fB_&>#{ z)O^4(sfCcjX9NF9WCH)M$O8Ufkpo=Q)}@94TT*>O*E&)?&>vrux&rXJ)K!2tq;3Pe zDb)>l3u05XI}n?y-G$gx?Vi+5!21xJsy%?%bnRv2oUXl!oHMl7foEuM0w1Wo4Sb;X zF7QFx`@jcj9|9k&eGGiCb`bbb?Hk}jwSNE~rhNx|nDztk;o84|57&MKK0^Bm_z3NP zz(;B#Egw)%D-@$N2k=o^GVsw_AK;_4e!$0Q1Avdw(twZEGJucO1_2+Z4FNt*8wPy5 zHUju~Z4~gsv@yUB)5ZaxpdAK$f;JKOL~SzgiP}`)leFo;CuuW*Pu6AwpR8p9pQ2>} zpQ7aepQ_~npQ;rApP`ilpP^L%pQ$YbK2uu+e3n)Xe3n)Ve705(e74pAe2&%xe2%sh zc&4@-c&4@z_*`u@@VVMr;91%_;8|J=@N5mghzZyRJV#p(JV!ekc&^p~JXZ?<&(peq z=V>9}`C0^czP1T?fwl#BfwmQRp|%}(p>_=LBJEhws5lHvnI$Jp+8D_8jn4+FyXL(q06< zT6-1vYVCE#-%Kk5{&t!R@ZGdZ!1vRt06$Dy4ES+c4dB7FI>67;mH>W{)(H65v}UXi zze!sG_>Z(zfZwI90sJ8i`#jpe(ma4arg;H>O7me2DbiN}>glTh9qDTTlhfURebPOE z{nEXF1JZrMt!1R=0}e_r1RRoH1~@F;1vnzT5^z*{72ufk#en0|YXA>RuLGQzz65Y` zdL!V}^k%V6n~8kZX|s{fIxREZ515s{0Wb$Stkd$4!#b@1Ijqx)ki$CdaOAK~n~xmU zX$z2pM=QlUd$e-AvqxK$-U(QZclKztc;^8}poO*V+DY0O+WFcY+C$p&+Pm6U+E1E8AD|D>$LKTl z1$w={Q9njMQNK|CgMO`kn|{CknEs~zvpzEEu%tlJSxFZq4RcI)lslevyyE!4G0s`& z>~NmsOiDg1xia~}&C7b+d6j3*t5pIH1_MU{~0@NTx8sZ8>{7$&Y1M^q;DrJn(Ur@*W^zoPn@!8igRkg)b^=QPn|XGm}&c_ zT{7*(X>U#YV%q5GtETUnK6XaqjLkDno6&dXxS9KAzBBWGGc#t5omDq$^{f+T{bANy zv;IEIF?+-8lV)Et`{CKnIW==mpYyLd{WF(l`ZKT0{9QBgxtu;|pH zn~MHc^v|N7i&BbPiw{5igu|~r{Ds5yc{}EvGw+#s|Cl#*{@nRR^Ut4u`TYClZ$4t@ z5qplf;E11&IBCIwBcDI=og@Eu}<=UtE4=`G@7-m8ZIvxjJ3fxNdRX?|Rhrtm_rmXRdEt9TgW>TvzdU#mf~3 zEB;lnzH(#bxs^9mzF+BD*s$=ph5HxYxo~3D%qn+PdsVRN-KtNkzNvC79=dq!;;O}~ z7jIsC^5RPuU$ywI#SbmktEW{juRgwJPtCrXaQ%+@-Ss_7PF!;LlJA%NcS&-?zJ}j7 z+|uxP!}3OdY=u=J^=uP;5gbkVXk z%et1OEI)SnNz2b&e&zDlmmggI-SXWl{=DMn6@69?S(&-&$W`^L9$NLnst;GqU%hDc z^3^@7FJIkn&Gt11*ZjO@z}k^(SFPQ#_O-Q{>mKqv;d#UJh3Dm#Pg;IxneIr2PAUs9 zs2>H`r7r~Bs4oW$>FWW*`WC>5?l=}&Z)j1mZe-{3esqC=R>%66>wVuvA?OuM;(RZZ zgZM`_LB_va@6g{7?%>pvAAXm`d*x;1JK!|VpJ;1gnH`(9@;stZD&yI?-XWuj7X6Gz zDv2g@CrpU>-lsQ{e-AXn_d@S`AKd+L4?r*cAoRTti6M|ahlq!v@%=OOxsSj-3ilY? z<8V*FJ&A973hrs>Y@dO~_F1^+;GT!B_AhWRz`Y3f65PvhuRw46D%@*uufx3oD~31W z-hvMIZMb*f-i3P)?tNG_d;s?$+(&R9!+iqH?m@Uu;XZ@=9PSI~dB24FE8JIbU&H+k z?i;wj!~Fy9Te$BqhJPHQf_XiFd! zHb5q9fR#amaKJg?lHpR|`oQ&t>!&rs>Yy3Y;cCc$Yebs17V@7Pa$gJNy*9{sZIJKU z#1QCkhr$hm8xA)DZY10&xY2N9;Kss@gBuTb7~BN7iExwPCPU*p1)AQeaMQHy_&wY0 zkg2vqmf8*(YCB}7?U0$aLsr@j8EHFYqwSE1wnG-$4jE`WWS{MjdA38=*-nxUWSi}x z7&_y_wPVCQxcSf=9|5-j?nt~L`1hE*zsH2i+ua#q;_udWlKG+7q{;W&tmvCTr}1R7h99-Xzbz`hN5x~8f#Z7+ zpM>}xEoTVvZB=~R6yG+*w@vYF10RiP+q6YPiGPRU+oAY&D83zvZwL6C%-1%I_;)J) zor-^_;@_$GcPjp!TH7!h|8{DR52tjyRJvU%-7b}GmrA!wrQ4;_?Ls;#uw9ya1f@Sw zlkMgt<(~qd%I_3y_R|!s0u96@Ezh4=eu>mzDpj@?Tf}o63J%`R^+KedT|s z{EwA?Q2C!J{|hZ`E0xn1+Fd-yeXZ#KQ2uwy|3Ue>F59a^`F)h%Px)!e&rtpdUAFrX zx@`BOnC=j@%CA>^4a#p+ezS^iQGToP+f;l&`CZE2sp5}ke}p(e(Rb^zK2BEtsmkB0 z{M!`YUCO^l`S&UR0p&lW{D+nQi1HuPW%)g(%kq0dg`ZI2r&RbU4m-p%oX#PhQ|VKa zWO=45f1vUQD}S`|$0~ok@+T;NlJci0f12`VD1Vmn=O}-!^0SqntNeWB7b|~BlKieE zN%Ff^Df$}a?^gcF%D-Ltcd|c1JjlL798mPf;Zr+%JV}m^Pbzv+;?2o{%hvYj`h0jyr3)pvH-$TYHBQ-%>r}Xo!y}-Rm;5V~zef3P#eX1K#{Zdp2lS{Ec8JH7|D^JtR{pc>!%k88 zFDU;d<-fwd1KL-a&l}2rOZo4x4=WGl?@Ez;tNP0K*wMG{Myih;eFHbb6Q?Wsqy1(4 zBwbqn-s4ZvKNx=(9PJzXD@ybt;9*FQ+TU!RqB zKwq48jQ%3r>uE2rpOb!!UIaHL`51ix{POg#7~h%xJ>vhZUzYAnn$mZ_J}@Ic=@Gb3 zGScwA`(aM8UmpP1F|ax5Y54C9TJ#|Oh!CXE`t8g6CMZ1}T>?{c_@ zzv8&hF+;n4M7MUq$Zl=js7B|QWUuq7QMIZ68`a~SGPyKMAF`oar`XtPUpsww%6-%K zI6j!(t$hXmzti)zfisrk8@^4MJY$a|YsNm!4ZkRTkK@4^2lPQR$M=~H*Ew@{$_a4S z%{&(6@(jwS!SUV9nm+SpdHRIlPMftmhA< zd;w9qY+v6$ zW^d^G5b*D^_c(sc-qv@_gdK1z`~EX`Zokp_#r>-C_c%VuuXip^Tjcy*;q0WoefIZz zw&=-z3yR}N_yaxDB_WOKZ zxPQs~6Z)S#f1h^Ne2?Q<;9t$Zy#L%I1|YwC``>oNz5N{vPUv3_7g_L9|8wC#0{2h2 zoFh-@e-zx8a4AQ@hg)CLcfii{d;33Ca&P~UrT6ytmmbjj_8B_hoKmEL8&P&b{|Rt& z%kJ&p0e52Ae*KH`Jbw2b75n>*t(=$oyGrz>%FU@qFWj8EXW;?8ZG3URhZmlgT3B^n zYE{*f{dU7$R<%#Nx~lJh%IYWkZHK$O+MD)5^@cR9CY(0CW?Nbt+$A-8(_X9DmzGq! zH*G-e@6(EE_otmudwtrQa39s)o|ayBe_AzMbKRq9=fPc8_iWm~;q>~wX&Lpeq%DIx zv;Nbx2kQTp_DTJd{lt=?1M-(>>1|5}r|*Y5uw;v)Z=XGI$HMJR`$xm#^ivxbr+?MB zH*Iv&-n0t1Cb*NEyy@A^&m{NlbA0+^&6lQ+T6$^vj-^{U&38**NjrYo9>-71UP;SX zzBlav+`tuk(@ux`wYxKRxG&1M#l1TtZQVr~mFrIEe?8o1>!u7W@k|-G!s8m4 z+Tt3xwPnS?6z__GW4(j1njVT3^Kkehp-q?ue-^@7@OO#7Xve`F4|gKmZn%@+PKG-L zZZB5)m%+ar?tb7;!hZ_xdEhUIwQ#RMFVKQ@|0`JQ|3!Nr?gO|F;XZ=<8156egK(e1 zeFpbA+!t_P!u=KQD>zIo?Y@Y+!58id2Ex9w4o^7jZ}a;?Iayi49ZF1gH%2@Wzqce5 z^7K>%{E?=fE?=X6tM7>HEHQtX#~-N(hRTAST^+uNKNu(p_XNBPTHS7nt@K4|eOn^N z^USy$#FhJyz!yd8Ju^zs+|}xd_~>Q2!}er3C1ts;!ouu=!s7A@SFx+CD5tcjFt4bh zpaRsQirkX&ELWbZq@<#xw5+(Ipr|6Rv@9n-yQr`vzal3$OSp>jOY&W%1?AbUtlTnJ zSw(h5X;DFOL1A`9K~7!tG%v!K}R&T<1O3;FO_3tCi==-Js6fwU#wh<_9EYz%gXyv!q` z8a=27R6%p7V?n#yUDDO%3$!-)Jgs$sj-JLYPhh*`qs($RGs&`~+ZXCV!TUS?5nn4k zQ^w*^u0VIEFXV{?LzJUWg?z5gu1L>z$+f`ic9;9ZT^*htZaKM}bG;`N_EiNUzEHr! zZxi-KBK|;oU8vmG=IQQ;Y?pleVf0<~p`h0n4%fhW+I`FXk@dlDvxzMAbabmmfw$ua zP{M*7O4*37EcHaZ>l=I~+aRtt4=>-^xegS$zGd?Guo?_Ig zZy}n7FBInQJ&4n*w`%E-9m55x>tGyC?=9>GyPC z{Amg{MlgJJnh(r5WUdq|D~k)-OqB}6hUr|z$?Q&HV6cp#> zlx1UluW%KVl^2&(6uSzGG2oYBF37?>fH@$iAQ%7h3QI}~O9~4LU9N1=ghx_G%5t0U z#MMi|xDl-?jI#5$x&p0TL4P1p@9~FdP%~I#`gyf4&>mS&9bG-6h!9)vA#xFFAhzKf z1bPwT>1NN?y3K~c)9X6oi5Zf!F{LD;_d=#wA`yFUWDJst*mHWLCuYya5Sb{OYz#t) z==r_T3lx7Froccj(9;?04wH0Z=8}_5`ANYcW_Hf!C=4_)^t>EOqNc9iJIJr&%B8$` ztdEim^74t^%Q(Vuy+61hD$A-i*A{;`Vs+2F!svK4FI!!$h~j(Co}+tdavay(6~>4V zTWH0|wGKlC1jS&WDQKc~ZB2-&;-RO>6W$;N86uf1CW+!LInpFkqep^@?ts^5|0>8I zWuw)0cXZI$O4(CJo{$l;#(#?AbkQW&#%>JWGHqEf(B^ON4*6Q?jY>8{!i|eDKgb?U zqD+}5;Pv4(s2qM3Q|vQpJb`Xc2j)*-#7r;CqAVDqPcy#Km|}?(WL6u+6$%AIwy;&& z5T7X*OlaNYb6L>*Krhd^fC!P*y8*uW0>I52jFA{LyTpm0YfD!MLLI&w0jq)$KvRzd zy}=GM6JjXYiZYh7Y=wtrz@E}>e+TAdE=N@fT#%H5nm4Oxok3ES5kVrdd|+9ygJx0{ zGTtqUS{m#QwAT1KTja!#eEIvS4r+XmLtE7w7!hUx#KzJnBLxV9)p)^WArB;#5Xe>3 zs5&6M%eKh0249;m;UuqoW56H7AQC zNlZgIEJ=8Jcma)GoUABz() zKkN;5`3#&ovBEnn*-lZqkPEHPRnS8Va_ZqK9KeFS+8;22$W@NoDmu*T>$)!b0!0e> zBB7qzZt69P!nM-m4XYs5Z(ZFH6;RU}wTzN*X)xHK7J6ne;A5<%yiEasX^C2HQ_#+- zab%%a{JCv?K?-dZ#)a_8|AW~(Cyxg0R-`zC}_3u98q3U z?8+`HFE7r?DJ>`{%`eHzEiBG+WtX_}3SAY2W%)V9xrG&wc(cpPv-5KcvI$n?l^2#~ zXXWN*<=RW#ra;L?1g~y*O1HQ89K_W4LhZho$vzi!n-pKwRvV1ON+G$T30!e4T_#ga z91ON5j*!{Jfm0(ks)ZUBNG-JTw+1IgU9Xn5lE;hHw!(rCeFEt7t-dXal&IC^%7&CH z$DLeNFS)W_@KB>h5VI+_SLIoDPF7xG{Tau!_o8#_B~6}DzGkb>1_?t`0#y>l#C03c zFcjMcGHZ}4$P>t@v?t;VSA>F{rJk@4BpN2+xmr6VVvd&}HX%1vtc1y8r4mJ`Buvv@ zmD(Qwi7Q!^9bbZEbN^Pw`mM?LU3^|7+<2jbVIlpPaoJ4&+yU_SP ztNcK+Snb0iB2Y##?FvNO+K65y7bG+(B}LhX&pgB=EX{ma-4~bU6+lH%URqdQT98*< zR$5W!D#|Otm|l@xR8p2xRGbIxMplI@JHI$TE4wH=zcj0$C@UuiYHbYmqKPyAl?4pm z*a9w;C5RYX7tSu~?Trx;C*GK4SWv{{VslePk!T{$gvEgfZlPwfBKZoS|8f(_E>6H@ z=0vepCE6qk&}DTcnxk?NTZK)KxWz0*pz0GlG2KT!jkgbg3|K*;=)o_MR8$% zPDyDFwmxzTDvHpM@^j0Ja!Yftt&xkp4D4!@78ey)iqwhN{Yi3atv)dTLRib)vB+4B05Nst!X?M=;P>k4t4lU4v+B5S2}$x=Ga5 zHHq@7rLr}--D0Uf?2lA?I$K&j)}obH3N(HCmij%y-9`%sGpHURmmry>#pMRgNLhC{ z66`FAL_+=+jDJjP^n`2tSmy@XIS3thCnK&cULVWN96}R{NgQT63q{5t7^NTQnc38q z3s=O`Ue{{84P#h_dYBR zv8dyvnhJ%XaBcUI{ztfJ@nVG_jF7y~QM5MWj)f_h_m>hcK#W-XqC^~`&&n)q;;tmb zN*AIxg`rW=G8x)L93gIlR2WU3)6j-nFiZ-lOo__z4GIzLFv(nPQ7y!i9rc>=cuj5ZYzk2j_&Y!nav@JG-?` zk!W(_9SGqHc!RB2Nr%ukqxL4^A0uD0w`#K$i&~Fj`045~aJ*HFEDl8yi^4J?;%(Bm zAr+9)E!4xGW0JrbGtr3n`O|2$X6C9$?8;wZYooE#or;SiTWvy3K8g`-6dP0WX;hIu zY;0pF@j(ubtyjsEP%$D@J5JEaGh@|CQjp7}B1B_dkXaMlh#NoQb!DiQq8GLdiovl*UwHyuo zI(jE|&4kjsU_?Zq(if=<5yC1qj59u8t4|gL^umqZP^mIuy*8uk}6oeiYq`8gKR$rPQ_Cdh7h4-*;eXcm?({S?#{m$ zUma|3wkRmZM{LC+2d00FXS9uD%v2klKzOl#YIYUv|9{N^l4E+PGwQ(oiGMTRKTOg=ue18s&it<|zKQ9@;IkXsT1oK?G?tDLR}f z_Zq{Qv3s`0kU$!JpC_;&6AN22|KFHbR9fCaZN{cao6nx5tS9Rc6vkL$5ipim0ly8$ zID~SLCT=2;*$@vD=w9ZU8YNT}Mmf{2-jeR1QLZ(TzBOuiuq^VF( zt)~-;4zzW@q|0eE2tzALbMus4*^OwZo7u1QMc8+Hd5;C-5C?00o7u0X?MzQcJ%&I3 z7N*SS7o;aG@Y61!uLI)%_Ov#ll(4|U9%xfgE;MD_e7X8n%iaYW-0o7jDXF4=#aj8- zC9*G^e_aY|6&=rC)f!Jzf>wNlDHFv>wY{@mogx_|!%{+6Mc0rkIgGo&oy7c%r?zBxH~~afzdRVK$UU zC03B7Pkioj;^;M6F2s9Ju4Y$Ryz#k1Z^F;#i4%rQR6OA>tZL&~?Vo9m12s_FHDL~{ zgMm_6(Z)w$>|ra3reLtz13Q3t4x=6X0-G$> z-m}4+5ePPxv&NH((N)Fiu+HHTv5FIMWkK@T!m`AS~Cf55Y_! z{zDo(n+?MZ3Ek1#&DkySE+0hHraye2!mbicf*WQ=uGv)B#e zy`T7}MkPVV?WBFPV4(K|hGL(eQSXVYkIxh4L-9oJ$Ce3QJOj6S7gQ^3`xe(#qMpmO zxiA>q5T8vcPKI>-TIO=73FS!%{+vT(i}Gg!+4u+25wEzng_4Mjn^2oLd=VdA?FmO3 zp(6I-JXm}zbO+FHgcC(!QzH~f7=vYDi@&wimmojY@Zuk2)pvZ{BJ8U|b0#+^lFFG+QYqDjumri%)1Sd8GQt+_H`5lw(gky}Sowu-|JL^R^ z(bsXHDDI6CC6axyAn&)P!^3`iBJ0f6Z+#rCxPNP!@*uW(eZM&s=K3aB{~j`(X_HCC z4$FW;GAF94|3ez3^ZKoil4X9VRF)}ve3QXLBjE^)LF1#Ef(eK+uXyGvbXw|aFy4)8 zmdiUkc-Bi0MN5s|;^bTspB<_Mb4)y)78{A^uv>sl1qulJ{^9s!3n5JR8Y$Hi<$h0l zAjqd{&4ojHQUEO2Jv+qzNKxNx?{m?QouBGuay^;8Cl&1ThdjI=WkZC0+gmk&PStU922R5J%Hw0y2bj zZciRqAH_8%Ri08jP7tqViUcv%RFNQ(6qp`VU{!z*|3ady3zYlmr~_KIxsXbbkW4`6 z*lXO2VhV)nwzb!I^&!2+3aMC-^%JRJp!x|Dr7 zKDNP!$klqU$w$6N;NW%1~1zvnkEI!4P%_fR< zRWB@3snJWMdO@fqn#t&_9^+m7LrlSjX3*9;9LI=j^=h$J6`;c!aj{5J*T$NFUKmtz zQ#FZqj?YDkRoGcHPQl3apESddd#2Iq8*y;Sza>65R6I>ySOW4|>FL zfjGdpp`_-3dxMd&G5s2fJ$@ROV-!V}xJiO7Ot-Ir^oYzar37VvLT3fB3%$XotQJ)y zED7-XWVl3@Op1s`2J@)~pWM9js6&v!P<;n9gX@EI;!$zZ=T`b6wh$(ETPRBXC_>U) zM8$XVzMcs9AT(mK^n_Z)24BzSAbiS}^f)M{Hat>UCDHmyhOkJ*u9*zM@D|3Ob)jYJ zA!)!|2JCW&9mNtCQx&$c(Njoo#R^Y;rcvx@qnrG8btu`3^d3p~&?Hu)3bf#uoPum{ z3u|HH!P2P43OB-L!w2&mzSDtU%iiA;s$OM*1*ja6RH`LmmL-E>*e)rwq;(T>@Zg5A z(=gA#W-C++8@XiqX80YLTA9wbTZ?Z#F1t^joy%KxY(H?Y7%w zUzmm(aHk z67sFZ#Tg`wabRI2(q#*p-*0iuU$EJY8YN3$A6ke{aK>`ikHc8V83SjOa!N+lQW7YV zU=T$Z-WSrFJo;7dX>CO-#2JN9m~FWr(J3}0koL3!&Ce$S1Y~ER!41~lTOhSFsycvD zzj4j*CInZs#Hd`<4us0Y2w`-fIhKf=b-&CEGNiR7;S~(1&69)2gsiAND8|E~||j z4J_5^-Ytn!t^D6MUsNTsQ7g3p+H1Yf3tjFMtuVG%Vj=I|jFt0-^;~W!T z34z98Tou7mig_HL6VWDC)L3f2O+vUm#>En%O0J^hqoe^p*#N;H3(pQ`vP~}MScPtG zc5iyGs^&;r5s5`nRM^!>1)P$w(4YBu2#n^)GDgLrb`;itWf2w)q<>fl(E<4)jzUy! zib9n}=d@H1(^EV6$N&pgc$n~(21&dDYU#XX8>8iL1CBC@BAJ`A=Hu|)Lv0~RMf1U-UR*6JvO6-S@6yaq!szFw)4 zsq0z{fvAu#zA5voMW|}bmxO9e2HFe+CWVsXrV2+@E2}lEYA{E!SiswNoJBm3Ew0;k z0iKNibq!GqB z1@f7|OHs5(MRxKi?k=0nAkKCf;{zw*5S5@6a!06zas>4* ziy!Tp1JuAxY9l5`3^fG++~tvPm?l zt!nKmnu5&%?CFNWIO0IrV#$H)06k$2;BlB%LJY*R)xX zCrp@bTYj5-RbjOtXNp=OV|iob^9u$Ja?~MvQcmGFmdqR~3;J*gC!;Rh8ff53EoQ7Y z%tw*X%>nhzG7lCi8O5w+j1*=X^PH(kQMpU;!uSeI=pB%zaK?=&XqRNp9_r{ZC~~n1 z^W2EKyMrcj<|Wa`%$pZ?93m0I3bmu@vc-llJ_=1U1PL2cmYJAVDJsZ4G*0EmoHTCP z5=lj_nFqQB`aIMUOu=^;zDwTmWHRz>6_C-?q3vO>R12HD#t6d%ceuMHLWM+=F2s1- z`A9nT31x0Ll37Nki(PzZk_wZA08DwfM2k*(XXRN;`EP)zF;(a95x6{bgG zdkfv(qPfFSSy1glDu(78TL8vW)VV2xROad8s2aaF6buL3BAKo&(27!JgfqDd3#kI4 z1)X)`nbke8QDQ3frPyaxK|O#o0+fiN>q1xudOBjLauZw{;LuCDRo8jpy5Gd zY$o9=dd-k|i?dK_BHI!NY9dPJsf%lF+2+l(vc)=$k2ul2N-Scl)hDHp z!?obj@WR4`#KLw;Z;Dt@YjmO!sVqVE@^#I$C}`9%aCk?Z;I~&BwF4O+-He1ycSX%g)cChZJ|J9vGBkfdwwq>TaJVD% z`Vu!z=5R?#X_#BMLS?~7iJF?0BDeBFn@1j6aodKT%-DroCd*_|9EnzTij7*EOh99y z#E1s*S_ZrZ(g1}|2&%Bnv~Mgm@N%pugCtZ76B`+U!U~v&wpcjwm@^S;NXTLl3Hj~; zD@Gn2qLRby;KmIJ0;&}&;DXEzt05ajEg3_`F+N)q4`yh{iIu-rrX>521(VWzkPaStT3e$zn(5L2C|OCEjE*sLVV#v363wvRQ>XIK=x`DU4>#_wwzz72-Dop(bt8X3 zxEfZq-JW*ayUA`q&$XpemsVPoxXxll#dH`ef^_s$NlpHUJ@Yt$(4GRi70BTEIH)F?NaKh`DMUxswS;jx3H+*0|y|jL`DHFWP>$}ZqAz)$tX8kwky4Gd?eiwO^3WN<9a&cxL{q< zjqcS0WvH@lv~o~NCzP;V5oE<1kH@$3m81L&D_T{6sobGAuwsqGm@>Q}KktKBk;e2N zrfoMgIOulGI+1gHIaEwigt21O17pc*=8Pqyr_*CFu3I@^&!Z71`64}}^P%&z^4=8D zL|61Fv91<%Z;Ptv@U+{5!O&*xUMZyz4OF&B^@4_~UM+7`oka1GVv38CHr}={W{X!t z2Qu%GTgX1xxRHLq#$%Me>hIRK7zGbWv$fkBiH|75RT0o-thYtcclbh$xJ;u1cPOBt zTdCA@~nCdrCIV-VF+#f!vGe|_yU%S12$%* z3S@f3-{Pn1ORZ#$be<5CId-hNNkuDt^v0O`_?I% z8DC&KT_tG=PgKb$-th13n5|?iLGmfH&Y{OER8|Fq$M61JN{$2Ie_& zv+C^!iDYh`xP4DakKLM*RO3rHWNbvqDESW2G}&CF7|gHD=XX$WhdjR{^Rw*)NdilO zjjbD47bHo)ptX@q_7W$l#7O!}KQ=<^hq{n_d6|ZVXfrw1qx1s^<|z*u5oM*`Lhh#?wS%@j@ZG*bgdE@2lb^^UlJGLryA^G+wvA-ls!gG5^{0O zcW>BZ*Yi$+%u}isXm;ckInTtTzml;uXTT6Z2HfinjC%y=b}M3)U99D>BqRS{WACc+ z;N^tf@Ke%dKaDaQl@VNe@+ucep!UxBuO^es%vY*f>e@Q zrCF;C$YN7JlOah_CY^SYX~rpuv2Vi0nNd*~4o$O28DXydsil!Aq$H~Wf=zQ2W3+b#@3L@R27y-0%SJO+2gF8#H}`BH|mpd?oDL# z#<~X@TCAH6pu3CEPD9w3+Gw0a`vniZA}-rA!`RBU0!lGt-I8KnzL$yLO)xIeH!l3J zC>ERXMRb3*!6%2NxVwTHpsd0RxmAN8TLHS9TyzY)Ci3miqfh& zunJmxQU<}=j#3o-#0L`b6lqIL42@npTO>mHg3?|A~?GuNIapdx?#hJo6%a$19MXI zOUkS;$3Z|@FY0k)r@Xfl=FAcKiFE9i2QfzE4N8nsp_Pz|580apqb0L^sgl|by_$S@ zrish-xH*9OS`{Je_VOjaWOuAcX#eViES^wDn;B@uSCqpk0=*(yHys;L6h9qzP`JB; zf18V})k4Y#q~}LJr`3aEC4ib4(=^3`>t2429*u zt|lQONacWSW@4^@HB(VIBquFGyX5@<5|uq%xVt%LXp=FSiXdDm_60X!-vA_1d$r)M zCER(Y5GukdTw53HV!9hsOGs`lqb|T`?q89_&u<*@F^bum%uu-Oq7HLQlK|srx3YP| zZXA6Ur=ag)#IUS2^NDJ^EN#)LZ*Bs;MA7RX;tV(^JyblUx5OFlGttlOHIh=2fuZ%Q zOd>)-L({98Bo?yjfL_#ZpHyHcKIRveEJoh?wb4$1>de09U)D55+w;I;O6JYWZ<>lMcFsfrXKeq=v$<&o+Lb@c%%)E88X)hCdC+j z4Z~hDqMY~fz~>YwwWFpm@^-VV9< zXQ(}@JuSWtLkhGD;8I@Y?GQ7XZxM|qVFth?6^KYGbn@zlv6^9`$+kqz*yrsKWRNH^ ztm&JF!uA{U?34{zg|LgV7X=7HNml_ z{LOD{g)q>|YbTh?kjRKt|wj3GSx{841`A8$4L6NX- zds;D1Lk}f02*ncUjj1&mhRKo*4Fo^h9Y>ZAiX)?S%VZH6&M}Q|mLDx88?-_Q^k}}Q zc-rG9uNw9oUWi*{ipQO$92fcf1AKzMl=4uRL2+-wKA-V1XrM~|faZXH zG{Q!}Oa@_!#7~%x+34n7lQ3}!gvq$r7D-hue+Dil0u^U$aNF1|dyFU|DK~8d9vVo~ zXrm#&FwUgeR+j=-X4)8_TE_y(`aZdcv=Mw(9F>x_=HRNe1-s0(BsYMl%UhT?nnIaH z-{68|_6uFm7^NQCID2K;t(g=zjVy};!Oa1aq$*cxXE9}|gIj{HkR>7B-Zkl(UGp59 z@TlEBYb#&0LK8#QO4Jgp-%5}(UI_`Wri@_P@U&Va(=OT~vG8F9VcmubgH&%L;V>!c zP;H*s=s}dQd=vX8aQAJ%IUYk!!0!$EY%0&QLc<8g{!pVKaaeK^{eG;W2NeM{0Uv6ef??Q(fp>xCu6qAgVm8I0ON09Vuv3V_2^@%vEMo|UP3YR|9 z=mnD;ZscW{0O)*VTnsfN)RP>ZxIoov60xD$xNrZ8 zoeZ+-!87^JXwsqy+^N)o^(8Q>4Z{S-)VHDIV3}vX7pzx4S(5f!y?SLumcNQmPWH5L zv-EzwW*U9RSFdcb*LwBNs5TU0A01UTSh2*$|KfdJy*^Q`7JfyBvS4hC{G-scA zE^OYNig-G^cmS|M^+6R6pT>9GNhTt2s!P`TBAIkf1e z4R4P@Ik=&_OYmq;n$Jp_JH>`gT>=8D@c`%oGBL+)G{TI_%kt$-^YKHdTV2?I+YW*i zo{+FzBY(8p-Gp+-d8J=<3KGYfah&;3+^ABiF;c8$_|b$At^II#A;bkMn+DW(bZ%P( z_>L5Xcd|XAECpj%qaHs&APpZNK}U=qWhOP3l!*x=Q&tjLED9={^x@RR6;awDN;^& zA83}UW72iXUK&N_(Ylv7XhI+i2i0{dMlw=|kd37owjF0PXxMn*A9|4ku|YNV+t7Ta zy+U+!0}3^of}RQq$V^TO6*PGxER~)%0v{RSCT}C63bCi#?WcQTWbI=yYlP8&Y$5I; zYBRt_u3~+uv?q<$`$8uXal2bo=IC#&5R`qb_0~-^SXfK5S!3A}bx)0apD?u~IbcbZ z9+wa8z{}lxfhW-IZ04~K5yZ)okTtMDEy))WQgbcCGA}GcPy?weF>FK{TMRM4M&>b( z72R~RA&)@TMTd5S0WKp_a`^D$Q>ZZcC^s(tFmQ9Aplx}2Yg3Y^->9cwB^1k5GY9I% zf)pOcF78%aB68Plp|1mjEDdl9Q?jP&dnQpXdz-t6SzSgU1LkNagRByx(N+c_H>vZW zDjFZe8-OxsXfb6-={aP;`e+$OS@Q7&s>85KZLaPWA$BQEA7QN6Xaz?vFB`tnjo@31 zMXgD}YD!*p6Bpx^q8$LoxmliC~a)$0IfUaVyv4>T5&8AVe@3XL6GVa^*nsE@o21u2&MNnL^TAfJzF6c zVcp7?2H8K|G%iB%W4(jpF=%`q7%!>afRO!u8jBb!DdJhA?c_Uv$V`dV?lMFL0$%jZH9&;2R>%_Jng4;WEr}#%ViXQmAV5QA?v3_Xc_O7dID+ z%vmR*sSXY^48TS@e- zF0sE5iK?}8@K<|mNr=D}7}gmaA$QMgghM@Fv0(~N@aW&3#~~i|8`hxs>fioo{3PZt zrZZ{b>RMiJ~Sm4eloK@&o<$Dz>_O>J%lI=VvW&LqUvr6#a^O zG`HGJTI7gKFMDJMfOEIR+x0&8i+lC>>ZgNwi@Gi%ad(HazpXbCnoAwBT` zMLx|dmDAE&zG42Fxzph2G zQMPQXAORKIPmo{aIu%Vo-NG!`VkO|;LXifI@5_jy5SI~4MHX|HGZ$Md4cnC^w)>uA z-auXgZN0o)TgVcky#)Lgnn9vEj3IfVIjqC@rQVKA9*B5Lzm3ie3snz>`6kB%=~n}2 zDu|0Fi3w{qjI1i2=R`xSH;5`v(;PMW=laZfu~D8qHDAFvj4J0Am8l^EhHo)Ut=Ms-#1!*R!s4v5oG1%ie~iU(uX zGAW7+iz>)T2AdnUvUJLerXEVhJ;}3$m?(((ANq2#V8C>ZFwam-q!2E8kjHXsv8&_5 zs=|+{NeK%SZ?;*8$`D^U2Pv%C2(i6f)rgHFLQA@MGS^rvn=MS=%RE?%+K&NH(b(9~ z&1@k~6njEI8jQ%Yuxk@=jSH|z#}cOBn5G=~sv;^+ zx`f46Zn9i?)xec(v>{2Mx{9V?qz=QB#xuJ;N54yNX0;Ss^iZ3&$KneyAehyDretWBn$@ z{3Zw$v*iiQ1(_`Jnd43(H8?Jb;Jq?z7#rGhxxkCD=l?ZX{nFb|iT;0lBU^Sv(Xj1HDoh@z#7BMW&*)e#C$;cx4+iHO65JR(>;W#-d+#u$Ooy z<-Jc;hXvNuomBQ)U}F^QY{A`K@)BROEE9Hfi)eIni(>7a{Xgp72gdH|%JaPM)t^^Y zc0Jd7wgE$xDf1`hk6qXV!k<9EU;|EUY;ci~C>dg02Hf#K?5bcVL{slom71)AhRo8t zup+B4OKU(I??4aMhMlwovx$_fh?b1ftMo2eC8K1wyC+DAlxTxA+1bzcoO^$NUcItS zx_hLB^84N2x&O{R_uO;NJ@@|Z{QwgZ%^cTJu7J&MjJ)2Ib#F2g!w47@oU!3vq^^8!6GXTZqg&F$I`qKxr00=uh(|c*Vt-2jf8tg~ZtzM(Qw3qhgfp zN-O}JdS-4Fph+ARKqh*9FV*o7H&tc)rv({$H974vxUDkdrJ3Ofvo6tTv&IBgWIRv9 znXC9NbEEj4sIv%`tY|iR7K%f%6<;}>srdTP(Lz#gmfy$52vkF~`gRd(93VaK#(5Dm zEd#L#Fdsw#ppW*xwKyKsgVNU|*jycU$QS`Va zka3p})&vrgTaWCst<4DrPwzjGUefoDHcLrBy6V`;^kS2r^l~KDj*HFqKO8SFm3mj& zI%w=wRuRowbUPScbSpRGnY8{o5v4fFXn#3{3W#Dom7~t+ z06i2%eM-_Ht$Z?IjFUcrV}=Jkcq&TazG`UPMd9Hls)e$GjlFh_YoV1V7LF^__NoT~VG}siT$tP1%!-sO0 zjLUI7DXK7Q@&h3xW$Y%7R8p=V6C`hI31a7q`y8_b_s@m8L=-=fDCOWJO6HX191lHa zq9J2dUo|;J2FnsctXv25|~X~{~bG#DmcN;nV5$eM;zF5KKeM&K=`}}7jdJZQ# z?+Hm0g}B4Y))M}>lC-dpa%LerZgD2kpNq&$0qI7vvisH`QwH|$@(V^0lmTN_V-5-Sa=jdmA5LoZVptNQT+6pM{ z=e<*Vr}st}GJpG23@76|10YfIVU{f{#?-%L>3$byu?F9CwVdN`g zzONGYkFS|Rj_*>TF-TVy^U$rw65xm(CSt|<>Wy`27SyL`wxW%9*ej>3=$=UyFV+i` zJHm%D?h}L*@roBaKUuHZh08-tb!lR?#9-ISceE~!9Gjq6vTE~*6{i-b!sL$qk2n$*xL?*hUoHbXsGrIEbqbsz=^^I5ylb)FNO0g$T(!0= zAC4S-C~clq7!%Ak%Cc8)E2rXH^0GZ+R;z!shjX43B1Pil)!dc8=BKRLbpZ`r_1ko|tFb{uSSF-Mlb z^v>>S2@j@;jg_9gbT~_7j7%kUDiUPjB&(p>G*$3To_v~4f_SX%QKLs1?Oi2tl08R` zbuPch^RdsE+ZgokS41Iq7jcqQPRUhPbh>|R;#}}7RKhC#x#Z|<*_pGYWqmBbb1J=n zkNf6ibKf%gv5!rNyZ#vb{>Wkqi2QNXKUaJU6+y~#&DEtB&XTp*6UC%jr;7q0?%PXL zzU5=r;@h1$CehK2*=1qGSS!$Hn5G78=#eY)`pE!LO({aUFQ!*icGXt~*Fzt2g08jGy;^WcNW|_0XJK*uP1FEGw+eDLa!)b300hj15 zr8N<;ug&g3h4|;gM;U%P49g(eVQT>v0QR2rMA}J1nLeR2wUK5oSPr{6p7g-Xp$wu! zz{(H~Ch^aGvoz|1{qf2q)A@GdTGIaJaCXSue(Y-=t*(MJ4v>;70aUI}H1ix?4|lVw zk}}ED7LNz=m6$krmhM?PQq?ZHx!1->7bs4<(ha}qt5HMA`Uur|Kqt%}b9)G-mLI-p z(5T!ypy;~}i12dnjF+Z-#rI?8xruRBvb$2kr}jTgf8%VQj?-leK5+O6_T{=oo}%5{ zNN@hlvW_3da!x>DpnMTPH^NElNg%}eK3qs|#eG@j%;qiFru7tdqLib^mHP|J zQOLTbqR3VB1}@6CbYzao628K6S(ZG3yqD9P)1}}kEJqYwh2@x{udp0bbQY!t&XlK`VP&oAJPJpB)5Y@1}a;;gkUWOu_gCxsfn~$@7@_FaeFHBheEq zl0Ln5*!A}5w(6e=U(63((h&rP?E};M?mgnc*zn>(n(UvkZ?*70p3rmzL3(_@4Kj1X z25pn~km&2%`>j)aS}9bHaJl8w{u9=#XH2lqHEmv;5yeES!%Q)IaPP5Wd)W}Ka^vT~ z#zzi;;jF^!J04>?E#BMGPY^%o4JFHM=4_<1nYSep+a1oMFl^Yo!J=YJ%JwbG0-Vi) zAGt1GFXq>xOV0a+e2c*Gr~l6RcTc;M%v_t zDImfy?i+~_QDB(#$YhD#VIS_`L%{vVj0X$a3ECDbEF=PdK1;$mm6VrtL`(iMBOT1Ku$}MUU8)YRxXNjdqda(44$SS?>&9{S|EUh;0!LRff7sei$ z@y((qeTxX*&YZ-H(;Rim3h6tJOwng_i3uS+v%Zs$&nYP|CfVLYDP7Tyb6cojuvtm) z>Y_xQFx77?wJ7CcsM2=1e6*DFFw(UII9kL?Lqt1o)P@v}?i_(IiFG1eT4EB&dx4#9 z(|V&1Qc%da@o9~Z!L!;5i7uhN%o$4FQQfnXUC-&?GH`&!9sA?=4IE}E;SmV7@Ps!GN|}FHOQFwane!@M2`2F zf>jrN01+~IBnGx{eU|2oB7Y3!J9g~mhxp-g@YB!Jn;BEKbtpm7_kKRxP0&ZM6IHw^ zXtaku0JiUC?_uVk2;q+sj3Mq=+{>vY4!(Im|Q$_NEFZ@ct1)CLofyiT$IAi&h$J#&|LmrdVNnVVVP97T<~!E-UC9k1|jX zBsRrQ7AqBb&QJh(V#4B_E#6KaWA>ZnT=<$g%^&c)p~upjFFU6sz}3R3vWNCrXDbwIRREQ|Jy=-Df&v+&XQ2}XW060#@lH{=W)5}r62Lb&?N;mct> zOoqMT;czhQ5BCx}#B)5{%D*p%P2np%zrz2a!N;ZHcsLr4gu^`dhj8DXFim<*+>VEv zv-BGX?IHdc)42m-pOvP(O2;?Kgr-Pwm~zI6RcX_}^cz;B8owMitImxl!bb2p&hI|( zI}p=tq@4ZXamo`$)5IR2%u3IO5SASxd;<7X2t7CR?~)K!A0j0uq!M!!e2)>jCWP}p zO8pO0{|t3c8T=%z4vkJ&`0^)-J!rKF~#)n4*>OT)1GQN1eu3w;~OU+EhTLm>?6*WL&9tG7y@xGk)F z#Hf7;sQOR5SQ$KQCBU5xQLM<*Vf~#(qr`0+!&YmFIGSznSBe&nPAus>B22J{ZE5vvI3xEc2|>UU)r9uZ7F+r$mh|j_f8R%)Y?$B)lvB z&^w&4E$0M{IriIF%N`}xdER?m<6Ru>v>mth9g8X9nJc$a&r$G}q);C&Szixz?(rTx zQ<+|ak8*M86O^pcAUKzWP>06Yw6(gjm^IleW7>+iB&OY+I3P?E&QjgK^zCEvwGk`YjQI7tch zdKi?Hk=_VBn?soW)1nA))=L6Y2_5Lh(la zzdqbVXfs5-3L$iV*oM&C0?v~b3JtGUr11e7)~O|rG1#ZTB!^E@qPp-fr5q(KM`(eA zSRGPQV^I)3K+XdpeEAZK&jqBzFM$R}NpZx=P-nT?lu)_^_?c^0Ztr*(W2)KvLrQ2o z#Jb0X*9pqLpJ#3;#Mp~eOAg)1n?%GBN(h%8v>`DaK0(PE&YWh<(}h!{(M3`Q>KV@T zCa0*xrO3echOnln*!GZfhBisXhZXnIyOSu#JuF*JY`fB1TGi zeU@@*lBTpD$AHWg-iSZV(@9Ynf!B-v!F8|WF%!x8?jn54NNyKDCNDgVj z;Ihw6MvZ6@N8(p#CUw8w0rBiyBom4~t0 zaKl)mEkagGE$p-LrxccIdun~RmZtiWTGi#E8#*`*T7fm3C zj#8gXhSXKoJ=af!PZ`eB!PS}Md0vALZOMaDiI<;CuCOfEOyTZr$UpUhPbVZB)!W5V zMSJPBhk=iWkJDGXm;lPud^r3`%o$cLE+<@E&gr}$NhW$=_^x{Zevtev*RR@=4oPBU z2fcR~XsF%Hbb)Evvd6$`nw+q5&pq_%c8sfyVW-hjlbFgy4!M`oR7xrC(v(`V{6L&E zO_64g)g#WRtoJm+@epM!nXczp2$gWd6e*^Rb4A0Q_WwAo^#8{(=x?T+o55H7emC)x zGCMwCz6Z#4r}ABW?)8O@9|)s!N}b`c?rdd;4=;`Bl2rKsc`{7apIbfQ%1(@z#NwXJh7M-j?dzLTQcP`Nqg>7VHAhf)mu#@>}TK{U;s*lCDT0#@x8!4VFO$&>e)8 z&Zl16nJjE4#ixNt>8g}FiBH(4NnhU5&_gfcr_*fx3vfYs?z`AX2^T#`&)!2Fli;PE z&Zjt)Wy0`&R24PO{+BA$n|mLfB|?kM?j|JdDgy1}eG;h1I1agF$7oRGrl~qeHsQE+ zl}4#MT-~K5t3X7S{d5c>s|%$qg|^%%J|&l(BBr3BgR&*KW))_Ye%4Uh3tT1a1s+zW zVWqq(`zR^5k@66!?f_#EQ0Jv36vyMc-2!kPr>9AIJg zMRCat)fLC1o5kX4$(rQvUF?@|Z;^Y6os=>FMOZafrmIG_lUrqqL)`#PoT>)O!z3O` zohOVmiC0dUrng&ZiFB#FuwG`9ItdebCB9!kw_#k``m#`-}h@dWgi z?>aoNxV%SUA^D@7ZPh1>OWlhcIYX(XHYK{KkA1eQx^r#_>x($#!_4WJX06~_b6;9m zrZ%ax6CvDmrhfgRwO4~%oa1eT(gC87V9?5-_|GO6zn9CJ1K?YVT4&CMPhx;V0=!g4wH>9k?q7yIep46VoRxr z1rlq>n#h-`q}C_tXlE&rR^^FxeP&i1+G2;J{4YuA1NAVuw<1>WK&0PISa@l6I%V-` zcI@+BdCwlEW|vexqZT{J$u4Xa_O9oePik<5DX2Oy$6sw0>#L>e;JnVt>_6K@QeSsk z4@x3!($V7Uq({2R059BOd4!iMuG5Te8WaQl02Zcdv~%HA8~EQj-q9 zm$7~(Zq22Tb5Q8{6w|=u3`@E(obQ~f(J9F{86{?zZEeE+b#3@Cvi^D`{tb9RZ(s;aBQt8=M6o~t5=9ml-3nXSW)KtFqn*putMcY^$#n5fgd)uA%LRRQH-Y$)^tS)^E%@rm}etP;s#^-w&;em)q+=as4j-LG_ak(=z)IN+LV5MT` zQhf9$U?2|qD8I?zxRn}2aq*>8_acL2xY&>3&JR|$M$w`YFBXqD9lP@8nw$cf&WL-& zQ_x{$nc7##tHUDWm7%ikYW)BmtSeW@9S%bBpN*i-o&M>5!3!&WM56_=Qkr#yDI zkZP(#jc`$MvaZp>7bL0fC3`q|HN%G&%STB>Sr9ITHex?W4vG6+g=sF+!jiove-0;=&Qf(Ws)BAnU~=Nmh2KKrEA0kB8)cpIdMeBTo#0@ z#p7S#pYMRkJJIJ5%H=wMrmmLVdz3~xU%5RTR%<`XX4`$TiP_jj-mb;A5LExPC&i&3 z36(J)XKA}=hsAhtZv7@5;#h2?m00KJv<=C1jh4`T601&;-9p#&d^Ch@YHvB*`RXK99rje5SvOCt)mOpC29!=rQ^>#S=J`846zR$JGXDs=)YQ1sQ- zwI`s&1Yt>?uvu-*wOD6ql11tZ(MNQ~THKhoQ_{z&FR3W6ZfE|mUpgpRG2#jDuS1L) z;iGmtS0Kmn z=n32&yK#GH615G&Xy58q+#MeWHLXN^iIkH#PBzi-Js7^9!G*FNn0!QcQNp#P`6M~H z&4{$u5%&>Fc^qTq6O^!r^mkGIBxPx62zmzw*BvzT3zTsL*UL`+J%K|;J8Ru|oQUdC zPwhtvV-8Pibq-amZI)xNuuO2@CKApslP_cC+pYkMG^CG*&$2gJ`;%`Aw}4rKr_>)K z{t0$2UrCzJ^2=mxZ`t%zM_6bUn{z(MiMp$D=gpgd4G}gRU zHjE^IB)goJZm(#hXO`NL;)0uYF=~nJA^Y{^wLQFTg(0Po(}LSJ-tOdGi*tL3yO)x+ z6n7tNtlfBmYS)Vv!}O+wJ71a$$N%wKCwZ7=^QAV<{A0FJo@upR?JTwQ6J=IUGc5J| zV&mp4^Qrs9Z$-USTrqSm6;G+>eXw+^!DqLU_3+xKyJMI4j+>j^&A4PLcAfj(nhOYN znS2$XJZtchH5RnlAaQcolZQWe?j>eU=ZH~}e{w9smOOkWj1(t7Wl;(%Xg5exvFFl-`4Aju zqn@uJ3teAWD(l0vC0ZEWg^1NmMh3etn+rotPb({PBRlDz%0)$k(oMk~;HzN}F4{u9 zs!=6svXL8Ep@*+_hHs;dzOfNKZ(qV_1z0*ick512Qf7wR0)z~ou;wmGOPe}N;&Jxh z41w%qY^X@53@3n<=Q8T!q&J)}LQhtqb|xGrkI$Q&U^x<=LXyc>-g5gdO$dvqO@h38 z?nH9cC%^TULU?K=`b%;z*F*b~Gm zRqk6;jd=7iiSj9T_(bC9d|uhf#ggs!Q&w@K@FcZMFDFadK9g8~9BQXog)>1nNgH~w z^DkPeL@5hchY{h+3$AyWdjs& zwk*|T+!D`oHz7T@NBDNEfpF>BYNH;!(YX|0jcs+Z`;X&6PvOu*>(>>BwR&pNj0dhD zUF|r%3nh6TB_v+qjbDZZFnxESH|HXc2Vyb!C42PI+$1(k=;QpiSc>-6Y6V+QmG1BM zTrmm%Z2>0U!jm(+4MSe5TH0e5F1nLg4O;L05;yMM2@Vosng?m@$$zLXAT&)-{yX>; zp4xtv%JCu1Wu3;uX|}I<;x1|tUu%>~pom{mF0Wmfh81O4Sh15_E`&6mwJ%v73yt)} zOWKUUkBUF_@jx1@!nCt)iEWK%eTSmCsKzIh&UTG=^LFIcwfkDmh{fy=g+_77G3fy9 zmXk^m*<`3oDf>o%-2OjP6O)k2%_j-Q;^u{J$V)RwONhzjlrQ2SCM?ccyaq9)G@E_( zxh&tc5(d+JN?Wv&ddy%4)O~4dLn6^WU|Nt6kzGW)NYlWQ5YI{54fmv^g;5ff6185s z7N4XdLZ6r_^l1Si^vNj^`n05}UxgpF@S_ToLoQ+s711HoBtmgW)U+6b*ydd#J2aG9 z3qRZW)l4*)7nIYbNp~3BCCbA^ZYULDX_^#Pr??}O=#~OQ_I!tWDw&%;2TY}xwydr2 zwAqHWhQCYcOfyry7A%Vp+x!->EDh#$-8M`Vw@ZYcod}mlpp-4$-hH-Z%<|IhBSyh4 zi?*n=d``V+fq*?i-JI1>b(ydih3P>=mYk1LE5xksrclDgUQaR##9z7dn_MgOh0LS; z@8dA6=x{&|Zv{{FkXb&18olC@u3MUp+@Z<`b~yV#_5BSf074U+|}67l9EQZxGtP8cbvY2bqg`cn4}8S zAGQ_dd|@D$_6#)JZw`R%s@GITVR86;Eskn(;FQSnUnB*mEgtIgj<~@@^Dw6Ib;JxQ z-!38pGbxwQC%;bU+pga`m$sM1Puo9^$$i&q?o2q^P-L9w)3rcT9gV` zm(w{V#3dRBGE@r^`>bizR(F$zD|4BC4_I*%2ytB}fj2Gws=Hgd;+}ZvI_Okz{N{D+ z0RvH>Tm~ceql@ct6SXsCmzoL-km7pLMx$Ep<-$^C!Qt-o)*Q-R!eL!!&n-$}j&t#Y zmP;1Jt}o7Q&Va*apAvXEKFRP_dWl`yc5$asBOdStO5@2Jil3*chovQjrI(({bzauS zgxEXl%XD?8!M#vUeOKVByO+YaoS%c4pm{n?Lq6gnUT_0To{|9CPI4FumUDaUp+sX( zFWDmZCo<&favsixBF@jVSd@01Q}s+K%5*HI^r@3DPBKaD@sU~7AGGQ=;pAJHq_w(p ztfW=BwlqBp9lapV@=X+}Me0wc152hWmmByXuE-sW$JG7w!4vGc7N;CCi6nk;{AB36 zeDaC!F3OV2SIa}vV6Jr+^8>PYLh&yplb68?>_6iY0{_z(>j&2n|DglF{%NkT8={;b%{iht1&rYi#ry#0r%8$j)u*e zLk8J?M!C+>@R-VK4pd?a6serAU+~`ls=y$&BNvUZVGxIqsrv znEij!g0>G22`$jeF#TGEG}R@=C}G-+LDU6qs%&`v9eZ)k>PSBfmw z!Ix@5L&8gVme*mNJ#iH;xy4Z$H~BS$t2#j)yz~Z2&39#m6w;n$%V9CC7ClR|t0nVl z#`kcvd7RNC0urOBZ^PvpP!bwtxCTjXlZN|}z$hx4vLZ>M-uph$pqomPt2(et1J7E4 zrhBX>k~_P+bgXR+>L+N*fAe2|>M#DU|Gu^Lx#R!(w;z9h`&Bx9uhKhSsSNb-(^#!w zy>Gl)sq+h9yZwI7eh=w)%;3$Le!|V!zpkxr&i2K?Hvy*LqAbBRjOc0nCcttTl?$dy~@0$GCJDdXm3*!`}@X2qqR|0y+KNdP!*DY zoeBjoD!}Rl7^D`(t7W0t{v0_C8?{$ZmGnKH&GD*X!_TjIt%7ZgG7_x@riLz5$3{n& zt!_R^`K_^PeUwCV>ndwi&fMiZ2PuDbb!Avt@tTz}3ss0EmtyOrUsGA#XkDIOg>&I` zZe!_HO-!+>Ycu8QxyGOEzl`r2c@A4jY5?7Ob)`KWU0}kxPENz#FjE;7h?elFkBVPJ zunM@<;HfbhAE_!FtktdSDF>3!`bK*PY*QT_rH2MY5tzovWpU4>M9-zbt10jcc~zAR-B&ft8`RMkMcab$u}O)SGiZuaAu?dt>&im4SYLsFZKh zAKS(U#0m@QU1FQFPxJQm9)GL*>q50T`#g|uREc|$(t-bZvvp%V<#|P=y-I0A5XK5# z8AfWcNK4e1Jv|Tuucg509plRxYR{j&`o`=jIMC~?$68ZqsrU1bCHD8oglkrmEWT8&a)RV4=E}+yg_^n86DCbylE4!sh*D<1t0ErC~>7 zRBB80tl3mmpJzpWy=QHOn6;tm=>0Y;O(9BakJO7;nB2NuO`@XbC1GZthc5^E0)u0; zuZCD0?!%Pgm$+8Lgm0^1yv}$>Bop@s#kC*rhnMT4qdm1sy&s0JkC?z7>+?M8D5lx^ zD~7;WpRzSu>(mb~R_cur@g$+Ol60$i^bA$%8m^3VPogm_p=0$b&w!1nk(HHIB+%H< zsE)<8)?7Fus;DRmwh}Fs$le(0OgyBfTC%!OocoPxMmBh9K4459h#KwxXw=x;H>9w& zZ1#DiMzwCOuh)A*sMkVoUH>5^z_mFS`f5G(fu7!=WaB-R`e*HoM-en!qyM*1xJfVwO57j>f}$EnU^&-oSUw;u35(dpt=tb zIl>nDM(cBgA|NK*Ure|^OSsn)3SiQtr4Xd1=8=k+AXN}wQ!%}@>VWuvU|?X7gq0B? zaaC1E1LH(>8A#J(? z?-nI1@J^#9L%lMes6u))O>mBzn*sDTk64-)o`LoN3HAq$^dTG}T(H zi-ApWs{)A6(G}y>mBd+24QdU6=A2}Ovgz5=-<+vMY~V49FqH6~rxf zW!;#&%&>9ba8%(A#R&3pq?KPY6>M2oV?#7sZ%L|S4tQE>?H{7DIz|+RKxcGg5d?W+ zRZGrirPM{A{1t1uGBPw$1c^owt07uHS~c5q_D3`#8ceOz%dop!r~Pla(#vM!b=YWk zdYCHF2+r?D+_?=Vqc>n2G0LbeTFIG|7Lw7fuA5HG61e2<(QvEN6NvG@s?+m*k|0t0 zAwfitpQ2+8c}fyXm^K@$)dx(Cm?#<;h++t_H&!1&&Q}K5${2x+=W*d@}!|S zhETJ&*J+4)V)kcIio1==qSUe;5Q09tzd^#BLOGc}=Q4 z(`pENe~sEJaz!K4Qjtpr=tgqG1@C|ty)RBt%{#2Z9Rjun)k3V6*{7wCs8$bPYirBl z*>&C#5RNW5r9Uh0R29Q@NSxH}lPT05l#y5;ApzW684{J}Zc<&XKcG~g0S!SGz!!18 zF*ivlN+)M8i3$OebP^QSmvqvc+Xa&nxO97vkh18B<8r#lZx$Ot^A!Cr%3yl zmH$|pVOGVQ?WcX7Nq0%osuv_e>%+Vzd%9k~e56ML_j*lKl1#A#(zhv4T{fiN7FtpR zRCv@XJZj--3r}14goRI7_(=;tiQsFrZlR7$uEnC%Gje38K^_7}(_YqEv&$WBCX}Uh z5?J?$Zj!d&k_=WkbYbC5gM1dK^_#`RVpYVNSw8Q1cRpohWOB&nn{xtM4WhaCuRxyT zYlOrAdU~8f7mh<8CXObv(2cy9RzN-}ku#MS@JuW~&q42@jExLtT68|9($i9z!1W3R zV=~uzZ+N^<-73!mZ(jU2BZKOx8Q*U`k6!5%QcHh-k2g>LQcSL=r*w!I&T=&7p0jRz z&bssk3%_9DXD$4!%KIT{R|WXU{AtXY5g@rijCRK68z!#vjX zU4SdaJjn$U8!|GkktP?RE0Y2FslMJ5Uo6VKYTu%OYnUx9iZ=7CoI{2<%)y+eIrn|? zUC>eSk5r24Ty3>yud&t(I_ik=j>pTCchh1#vNF2oO&DERgRxy-9!^tkGVF zw@oU<+@VUK*$oe$xoT43mJqrEWj7`<+-B-8-O;z)l%mow?;B(UI=FAVQfG!4tHB$X zJX_Q`Tp`j# zokehFYm-J!Yf}b+v_SZEG~R{qNk`dG6&eC2G>WQ8@D*k^8B%HVfFEN`ZZtY!W!O|x zfrzBJpYa#vNE@KR>-9{Bwr7US7Y7b)G^Qcbo@qvhCNKvvSxL!S$*I|T z4I7E-s6(En6{>CS7laHTzp}lF1K}w+5GP&0^wO{SZt9xj%t`(sc@@q0SDyo7R%gZi zs#Kib-2AWiGofY*Wt7>uBFL1Y*^T-8Mu3j!eXIb$H#~~nM~dM{6DGy{sZpX3K{`ivGkqoveFO3a@nS9_U^Rv;uRXBFSf3KX6hkUzc|iHU z7MrZvTc?KvI&E~h5Zk>9L#U@jHsJUn83^@Jz#3-2!4S73_FnXW$;BuW8+D^I33(NrSEqobNs%N}P3>>s z%yGj?*5;@tP}Nb@NSz?mY@d=3xIPLCG_le&qGx~U(^*_1&Gw7b;DPFZ8S%KDmzi`>!p%3Q6g;@Ik#6W9fft>3=F*dP(K}RF>Cp zK!i}`pUs%szr$yO_t+ex&6yEMCy&Hv)atkg!+)DH3xgU&b_AvK`l~7^!+noEJ z6|-DHCTNa;jw0o-ibqGyQ(!Ay5)^CPxt*ng zG?wg^8d_X4Dlfxa0Ge1k5Gg;5Q(CGJGn-npc*p+{g556uiEkPle_gTJjgrfg+ngJ; zK~6$KDWUmzDOkfFJzJ>4MAk6A?CP)v=%s3)X?^l9#|p9ft(q8?T54+1&!b>EONp$R zY0k(R!;RrldZG3H(yaB`7*ul%ZtK5Hd;4$?dzo2vm(&I{Z+0)D=G}7*oBlN#bE_j% z+&0&+-_>$?XLzb_gy2Z3m^mQigE43#)#=GFJtWB@g)#(qnOg3zSP+5^M{Uy@mh5UT zMA?;e&;k`x;!3%x=x0s*$E;Cqfe9ixEY0HsT6D+abe!}e@KNiIA$6j!wXTWs-xx)y zvViq$Or;^|>#13&BIkN#B)G!Ja*c=|5}T?#e1*%DJC(G$Ilsw}5Vq5dRnu@4GfXW#|KfP%*54s`a@V8(BCW)k}22#vv`}U zkxJdzJ|LQ^Vzcfr>h4wX-yM@9g-qCjbOxFN-5@2=UZA4nF%w6vrnc5;!_f!;oB4P% z5G(VZ#{DxCPqD~tv=N`?5NWJg?Z#a)sjl0^v#1%>bTP-#6!WE@z-LSZhGl z4L~&ux|yr>2O2`Da-ZR<)4w79E$82`X_1!nLTeqprUe!x;M_LNsGD=!4W+s5_OjDo zcH&3J2P0lJgVzJ(-$oIVz4N!I(D_?rSM^x$(3j4EdU}r^HABJKPP6*DJdsaXyX0OI z14zoBSHr2|URzx4>3 zic(VF`CF2b7%nN%B{?b%qSh=R-w=+WLOI0hH5J6`V3r#1B$#;~QEcwMXhsk+3Yv>; z{`M8MUZ1t&emcdU)W!TaScRmerwH**6Hgfr(G5!Fw%#GDf%oegt(&ad+K*eoJ0xu% z(2yIYj2Fxp=N)4~UAALHM*Gu5qy)woFPL|1fTFC7ts|+7aWvc8&DJxPdFvVoq|DD4 z@DxR)c@bmYivYu_W0j9DPZ}}Bal2(#{&otW4 z7*7hz3~1<1m#TQP*?QB^olaG}>HQGVRlHT9z-XMxC%|H7xOGOP&0(<@jvs+LvS33fyeHY#BapNj`7k6Qw4+ z+-!Z@B2Of8eY?~G#ajy$SgAF;M3zV>EAz=!Img&OpZaLC^&Kns$xXE(Bh7ax7t|!H z7pqt)b+!jtHZ9g=FV|p$iLjzuxrdV2@IjY^uc7m`5`Eq_JieCb^LC_hA z!|RseXv*+<%ph>H^}1!4DrI=dGEAimFU1T3H(M`V8ws$u2{73iT5+%&QD3#H4sNb3 zGqSvTM#H5*)mMvDebw6V*y>WJ{UuEP<7VqyR>5N*!6Xvhzh!J_9U#>Ham?%i>4F~{ z`cIX*;QNO5Q>hESPksqNf%Pk0_i5LfH5nKyD#@+0w^FN%t>eJdxYtAooj>f$6AD>{ z^UXvrEg<1-OoMeEg*j$}^!Z_?q8`$E6k>qs1n<>Vwjg2@kyQ$mtu#ZLhsAOvD`%|@ zvn+j4Wpg(_{k5Jk{3V*=4Y+MEd)ivW8Za4LE2#%&C9piY;RDO_J|3>-!lz4*=(=ky*c+4z1WDW`ubXP_I>`8eD0)coTt-d6$qV# zVVa_#wM?BkO>o5zb0>X%218(?pyY6v&V2=OVl@`)vKCa<)R=#Pi~bA|LXL|ez4cO) zj*wFdNU}AGhUWm`vu?kRycFBuscwJQTIj>}<&0-66)}zZmub6++E?f(N!!+Yg;I9Ov_=fu7N&V0E8o&uq-3>8Y4wW_(pO~~HRj#5?N2$?UCPUq{%dpPS%MGM z&t4HDld4@$)iC2V==I_vk#T8sQdjKIp24qa zU156yp?UWH21W30WS@V*s%hGDm1G^h4SvjpuI?K+-$uE2ULNZ-YR-Q%X4i9tWzTaq z%Q>~oVWZd8k~6aFZ2dM{TBvQzyS8;J<;_Ks3YjThe{-V7@}c;wB(*axBO=K*MDOe` zhXEMBnV`<(Rg}Q*SefsPrZVNp`f*m4b8PAziQvY(WAWq6;o2Hr5f`eGAe1HA-q4); zs-^#l)$o%`F#>k;e|uC~0-LBk9trCs1ye)|oHkJywGrE%QO^Uy+#o}=ZP?>#eM6iD zF!eOKnt#KjRqINdUz5chHTrEoCKBWA0l#SlY+6bX-@ldaNwsrLE~c?MZb+M!{JyST zPSxSsU}OGQ^}2j3tP0~1&>Fn=aPuHYd;|3$xjKx*lXvp#+UxXZ;6u>1(#?NQFY|B7 zl|)Q^5ch(TjImU-duys&Y2q zO&XQn0KFfo4`OQ2_^P_y=!~;F22FK2?H3YkI8Qg6VC*dOyhFG#M~7;?_?^cvY;9L= zd%;9%dqG=#Mn|u%UC0iRfogAGe{Eop`SJ4Mp=IbmpOD)Oysph6_*S%^nvKmiPWtM- zL)AVuJVV*`LSz2tw1QOi`X!i1t>3eIM_ME)HJCxpwx~?j)CTk-x__k{b8&4b#YhFE z$Sfz^*<4tqWwFBQU6cT*AFX5+7vS<3%XmTDdTz`}(jQ7?X~$_Xj{&h~k}z_umI2;S z9)_sK$-=0{$-*dVlhm43*qS{Inv@}y_kbG&3*(k{-11#!;mcN;I$dJq+Pdq)CQG^L zvNYDEcs0q(GR4Z?1|8G#Tuy=bb`5%EL6$ zetkR7`)p)*uTSd-bv6*PGm{SdrSH0w^8vnN!Juz>tzV5<@ z7}m~{*Xn^CF0W**B#hEbFavr zntR1;)%FhG^=0+a1=YsFjpvOIj6&a2&4tS7*yvbep^tV-_F<#DX~eTS)`M#cSGJ6$ujXEy+Y>&ys!5 z68u1(ejNO`m6iU7Dg6(vkke)$FAQ2qtD7EJ5qed>;X+jlg1Hh=z#1CQP<*yeidvj%NP`E6G%y;Qy(Ru~)p;&mKi0_Mcg~>~4C7B?9CW&8Cq)b8!Xx@$| zWLdNQ&1M@H)3;$?ErGt|1oGdArTizPx6VtLzhs8tw*cY@M+Cp%(MHvGW$4kF%~^3j zzuRj4%4d6TS};0%^mBTt1bC|x@Y50i;mj<8FNIj!BzrkElUZOtC9bN-a!y;{q(0AB zuGc;&DuYyjZ0;PnA-=uQ7eXUzD;H|t`Xby7E7?wlWRow1d@TPuK7Y%Td7BphjH2f1 zpZ(=|HGDdF74B=ac0w??m=QAjO9}#D60>z5u0AE0>y?Aj9R4WY5u2dA2$J@lqpi9b z+uQ44KTA;-x&SAK^?A1V9p6lpSdz8u_VFPTi(;wsX$Ixf&DPhOtv_QiMgWO7EuI0M zsUf##d^JtR<7gA57we;st(4{LMi`}+Z3FyywLVF&&NL&NDts>C>G|Y?iLGs6U?E4l z<~19C8ZMd}^(8WF1^`;VGcvcHR)SY-756R4VoIu;8@20x_HBwMh49DxVpBRVsVzK9R8Sn~ms-2~CTd~KYBRFs z%fpn%Vy6qj6fe1FVafsZxk<7icT89sTrXK7y-4&~jF=#QGbSj!dQqEAil@r5ti=k7 zkkS9a+w)wbLbrIPp+z1#S0&7~u&A8|gxV%uk<)!KkMo4ue?HJ!1b5Amyz5Y@&p43-3UaIZM z{z`3FLQl%w@Fok+dQ;c`3$|hvgkZ@j5MdaC5~B##4(${2o1wNjah%o##nsydWUSC z!)6e-yJiuQb1_0;nRvtZ3sH7i`$XxgoHn(2sy z>J28k<7nagi!;=Z=%<3Hc(lSMo+iCUO;Kw-r|F}CnJ-cWVLWk!e#gf8Qpy(+_=T%Y zWc)TG|Ct7^g#9;ZaG3;xDCVU_F@i|#z07ls)LzlgmHEx%yib0;g`=c2EvPKYDg$Lz zXIA;lm0FWoORZE&{b~YyI|B67Tw(UL3;1ZFa14jLD)f!9^1V(n+X3HN4Hp$R;m409 zp|~HGaGr2kd_F=?|5%@~2+TdJQwJ7i9fJj#nR?gg)bj*SW{DUM>Z!DR#2#iKUQ3-% zwVwB$1m;%4Qgv*5Q_3|NmL>T6u%`ANS=rwM$-%8weTj>H^V(@ z49UTmIBJXzNECw!!GetyL7B!VWQ=WaK?pjg1f|h1AdM{kG~3n4Wk#l1&_9)tDGU1N z3PjOJD3O66rN2X2-p7!DM$=-~8N6z)@?&Gw!lx8EtHfk}#SH3OSg#<NrTDR;*QQTFIK;Tf;k^D`15b#^H)4=cGkKgQ-4Y2{n{hgrWW;LiukQLiB3&KhX5Pd z5jMBt3w(n=-Wu(lwTIgy`A_+$ca3Bv0w7Hh>9SurSB zuz0K4KFx;XM*9^!eU0`H%XP5nob02c5knTdgy9cuer!9mc?TEsWxaLjIESg60;N|d zwpf#eMV{7c@&c==w`zqD?sdogX+m1X;HwIz)V*|y#*uA_r`O`MF+V_r@5X3fPta%S z0$OT;jO})k$38+gXIFb8aK2E{^xjf73}Q;jLPR+PDmU7`Sy%IVbECt6&N2_`!@<`jpRMT#+~mWV#F=JfjSE@AJo?-13k{$PYN@$`66%6-_q2SvGtUr z9OK|Z?7_?!oWK1;9BR^RY0HYbQ;TU@Ps2uY3r~$?a<>kXddCRkF<)W%=YYMp=3njJTp z3%mCcg&<*~T4OH%453iy!4eS@``n8@QR#4UH^PN(0zTVOW!6nG^WT^&!iz;(|_Qs3~Qsch& zE~_o>+_S0_wtjG6HVWtYG|||*W1HWP@Bz!55yPj@W((CdGlO=5HsvSYxn=ee$1-Q8G{%#nJ zMF#6A0R^in@3wyYHIcR##1f@Flc{y--4^Yi%h7STH$k&DP1Un4muw?XXnQ&VBFeGA zB4Q3=yX7Vuf*C@-Tg5tp+-cPDWCw@W9MuVPVXKj-s7_{|&xX2&*0(N}qqL>2GfawQ z%`H#Ja$VVj-B19Z#tkkPo=7DPMA8bkec0s*Em6qcNh&eXUPVI zwtl8+6b2s|b>Afz*KIsKa=~#?BE1+2dXaF*-;(^$%*Q7md0Z^_3h%OWLqyJjtV}~T zXGeS0Ue=Z2W_h?<>Ky^KQOI^r&AtNlOPnOfk2M9T(_YQh9A6V(a0PA?Uk}E(o4xZ> zNmOIo(s`D5OIpb(){AHJrFX66z}4bp%-)QS_SVc>X77#pckU>3op)*+71WWdK5Q*{ zVY9OH7@?5rFF+F#WsqT#gU-*<$$@PC{JdG3#eo1$X^SS?JEP-^?I0aUIwRy|b-}_0 zxNT51!j4K4h{B^wAoG(?**R62upqfe_cl+7_tNg*RGlY?EUTB-i!s`a$Df$uU6`WO zdv9kHwlegV_1@d{Y#3PNc{%lBg^SC3y;PpPW#zqIF7Ne@^1#{3`zL03xt}#yO?+>GW-lObkt71`7U4~C9r0m3$N0+xo9)6iABq&3--mzf`?z{3>WwC zNW;sLg;8y{B;-#Pz?;beuY8#UJR(p{1mp?vr= zc`B&2qEcBHH{HeguIHk=7B0J|RFjxCO(9dir1vg5r0H`_i)@(wKdrG{)>L8)GkYNZc113!B7w_>$+?IjCdRqA&dUsNZ*pU^=shk#rp6 z4Co&02*UTk_sHS1cwBKoD3#nHHbJ(B{3c*ta<|%U0haY_qk-)&kfYO`E*j@-=aGPk zC0Xhr9n;})d~U}H2UEoV8ojW|9JnO)XUPRjEL9s5dxFNoLG+{NGdI+I`uyTPPGT6i zk5Xyr%R+vM#UFA?zxwPUvW(3n2+KJ3urCZzuXbK{T|`QzhowjT=b81Q4z!re^zd>s zkz1@rvlV;SI!XHhodswQO<5cfHe<&SQFtwsLJ#xc+8P!go%b`*B18KoTHh~6mFLCF zqn$X-_V#|xKoEJpwU|8lM$7pMNI#P-+ zAtit#Wremj@+FE+wo7CxVFfm}h;_O7>r)bH7GYY^B}3R{jaJ@&$48m`GVy(iiZ?`#n*5uY66s@>O9A2d9$f)$ z*?7q%S}0kG7738i!U`(4Tp+Bd4o&IM*9YGI^2-18!;L?^Z{VL#ulw}RC$@fn_M73d z5PD}rc$Opz^RQP}JOMi9Mzxlg=@$(m-TYvZ4mHs`u_W!Sc_h{|! z-aGIoH}Cu3|8DmGyu3O6Smj^-;-5bCf1g!;asAw`pIQBYFh4Y-SNQkx2`WD%?B%MM(EFeGZ^H>LBs#>sC%Q9Nw}R=$m}%a0 zCyd|ytgCZ25;GNghr>|ly_w8SzxL)35mQ{8qPul^Upsljf7|=S|MDLedT;$7{^H;E zUh^M*yuSCfM?ZO9^{P<6*De8iDD2_RmdP-r8;UmBzw>mL&H;+~qTOwhZdL0Q>HBZy zGNWrkmA{)q^|ny`P^jJ-Zamv%>NnFG-L9fr1M~ks6D~-%E=_S)li$ANcPm|(A{JlA zbnidxZA{meFR$7NEz-R+e#7BL=%c&Zbn%j|YkD*+*M({666o=zZc9#RR_PjbhTjjA z?s6R0T}uf#Va4k*SY2Z{Mbe2dx^#kxur(E)Zln@J=!&4dcE#HS&o6N`jTpwuK18QY zP_iy2*OfxL9{Y~YLe$2D#JLr5iE7Z5zsI1*M*bb)H(kHuY&)b^-C%cX(2@ON)wQtM z=5P}UH-#JG?@*4)syw)XdyjMr;8Dg*@5uTPX8-wQMzj3to$;V+i*)U`u1MO)P)OH0 zj#II&h|(=@es|UvNg*nXQ;u$+E7C)0bn%j3w&}N6>G~wGuHQ1I%ZPL>k?!AedQXJM z?xcO47o#}|eEj@F-FkkHUj^ycQt2XMZW)x-BsBA8C)qWS0(UG`;h(@!;->OV@oJA>m8bT*irVqPiqJKwy5Lin$u7Qf{;m&J z*itvwkCvrcS)L6@BWq+g7hhj~o`&J#+sp6R0$sab;-Qb~g9mcAspISd`&%Mb1I_o!@?ItFG?UMTLIX^NowI zChnGO@#U%;y49dN=43sTi#Qo>UR+D}E1DPAb6H-`7T8a0viMH%3-d%y=ew+bB^t&% zySp>Ns7#G?MO|m)hl-I)*S~40D{j5K#jRSq3&p2?NcSPC-@j-BOv2zJ#Y?-@t7?fZ z55;Ae3N*Iww^q{Nc^hK>ON`h*X@3tNynXA z&XAx?zhXkaToYuI<)_OYCD9%Y#mgF}!pDSps4p-XaUXqT@K->?Pnx!xXrb1M0h#`YiN^6;y6l11!) z_PfK!mDHvFRK#0@RyXcGVTD}fgGq*_2K^3ucE34%(-uV8K5|OIOlKEj>y}$-#Kjkf zAN`e{fh+@D!&@fNE})BVqdmMOd?q}=t;O58op~!a zJ5TcOA^W|90knNTsFlTbHgk_tniE{88^8S;;;G;qDruw6xo~M)bVOGG zZwx!hIZYQorrCo;lzLQrA;!F5sS&W;)reQNN|T_(Od8knYzzo>1xAapol}bQZikEV z%;`$&Roeg_f*J2HmQ&kKh6@tVIak`=@y$|iHL2^2JCai04X4UBY9@dN;dJ;&xGwBY zv+IAT8;LKtizXki0Ww9e<@Vtf=jL_$Ot|E12|p87bxYFQ#OHF=1N7Z~Gfy<@k@`An zJt{=@@Go~eT_>hKTOv2KPC)wy%*5HGOu17^4V}=7Q*lfolTCzao$UJ}x<*MRPaV*5|$Dz&vcvUk(cahdd#4Aa9g}=)h|%S5#;Ai{yl+9@7AztBcM+Djf!d$GsifFW8sG;6->wk8 zB9%hus6x9v?W3Od?od4*s{2CqNT^PSDn1*jJ}JICDPN&VW%k91%Iu%+IeC0~|DlOJ z`}fTpJ1~86V)y=IhYlP+e&ERA;~6lAZJC}vcHrTe>HQnV5AUBoKE3zw)ZSxL8^%Am z|CqAedhNs}{l8)S&Y6SLGspJddU*fL^s&7MH;nI|dHCRgeV^EWa`MO*_8-1=-@Y3j z-u&T59@#f_?bOuN^_y2$CaWWRzHs0uB^`L=z`niH6vtw8Ur&GII<8|p%4)Z5YhnS4 zJ8rckyN*3;_9e}nefD98fe1dMMQ^>0R{IC}n6a*`WMY|=(?l%mU$GpnoeuW0g-o;G zW-W8>b}eZB!HTte##E5@b6c_>8QiV|tM>O$ZjbiNY46$G&-(hu_;7`C+Fun04gI{q z&)k312VTO3%PAE7qP_bS6ng)iZeZ@XwV~O1Oj)nj&#n3qf-T+3Gxuq#9njlP^fTDs zfAQSo-2JYH;rLyx3_nL)``LtCYZ%!4FP00}bWk7kJg5SG&(GY`MlNj_6Nt>5D5w%P zC^RnEJ9>Rkuao-W%qz~m($9^l5`W!IC2DMw(?u5UDZI>8C}Hlj2pjo5+ zWLC^GDb#vR6@N`V#|C#2JARG!tMLols)`_r%~itgoBH{-V16QxUcaTE7gWK!MsmO$qk3X@2kw=Ux!s+N_@kpxkZ+*cZ~A8?fuM(~WSP zq))=;?CVBqZS-U9x=P|%F~;oM*0jIXHWbw)7McACKXV7!>z3DPyf*s_CFXN?7RI#` zPAl2*RXKhl()yRI>|n`XIKG|g=2U*`3jJIsg4h7BS z%6*%k`Q5Qbnp!QFqaA5V_8p@fdi7(OY{PN8`ddS=jDD!QQzT;v>27||D@S!g}$gLSNr{}(|%lz z5V>0K>gQKB2;iA&*pW;V2Wqrn1U>M}x{*RjyH8-d92UhoOpA-nDHYEUV~t9uITgA$Pj51*)!7 zmU=jAP^TMK8rSK}ryibmD|q8NcFpl}*9iBA>qF^yd^RYt-$q-8%b&hGEp78m{4kvh zw)~1dZSB5wL^q+FV=?UJ;dCdv-cQG*&A#^c$W7hX=5@ok-SA#iVQjTd9=3-4{aSr) z#VkT1w)&6BowwQ#Pd>L+-!a0yb=q4-o8vd|x?%1IOZ0XD;Rg3F+7^CrW&^P2R@EOY z_w}5ENbZgn1JPN`Jc>IH4P?xCo9F6aQIh{i4e63Khg*I>Qf&4&Y@J%(Z2cC#U1^7m z6(F2md!E;lrvj!^ez_5wT5>SAnsb0dovlMCF~4(+0D6|)o)yj~6LgT%6g{L5VC@tu z9ZDii&x3pE2)73H0WWqL39-f4K*-he90M6&IntQOb#<;SYT9{m8Ykq|PD4%|Yc*7X z@~yBl)f%?Ts_>pl<(yXbrE$NbeVk0_0HJs<{eA_x6lz4sWtc+iBNH z-b4rXBtyo)6?e_nDV>+>r&D_9v|#ilU#FgeSfbh+qjfILQ-Fkd@H80=$~EpLz3t#@ zz6os3aMwJxmaO{LX^vZnSM0^9gHYgb+IXe-mH`+|e8e@p{PO2LdLFaLxT{om1n6)S zeTdVb`}EaK4x!JZh>)ciVg=QTvRae7#%CCiGk zgfRPb9SSJ{7?DBUHT$y>I=^CfTKic7(1PzDHLc4q(}1YfXf(vII}SOa(z34&YeWhc z*z|^x?0Y;wU{unoONBa(`D46J&h@kw zWw%b~=rv1YXRx*28|5-=^;g%6u#L7Hq8F)8R-?Y;7(v+fJ<5c3UZw{Co@avYMi;D+ z`8n1}*ZM|uBd*p<9zK7(H$^IyjUe@(P#~|)EXtdj5{L#mE=cVyz>0}ye^H2tiA%6` zo4WQ-A=juoo0OZOjsNYfIPP zNkEOy_;CfK5j^#AA)d2{#E}JW@qeU?kX``bS%Q2oaGCHf{gnIZPQ zgUKIa7|14=elVs3Q7EB%Y^eZdn3+UcTtN5O4H82c3MPak6N?yRD2Mefv(%0*73Jy9 zM}E7sjq)NsB=)&Ord~~fknNY_ zimNg}Y#wu5C%2fs(g`?LmhQ66fx7wDMydfhNIg$vCUt9DglRO}#m(^WMmm+DXcySx zO}LT>I#n9rr(T>M@Ciu$hQF$*gZA(Gf{ZzxqZPeL&6yQw$Ls}DO!khMv>b43{=f4X zTQTSnRPqgmAJYjH^P=i2xC?cZvmlli$6$6>VH^<0Xj2kkp>`D50NtN zg%-|daiP7WqkDLPy75FG6nkYXd(&KlT)059zhp3!d3LZ=lXO%G4? zGuJ`zK)j!F+xh+6c79)DA%mV4%cEu9?{RbbeMW>`PyvVwj6BYc^q<>SGv1eb#ICZi zrw+K+`||i4=BcYL5HS&=xtbuFok2oER1rZE!yd^+pqd>)N`t>r=mqLa~n!X*)`ZSd(V8f9%0!f5+yw3lgq#tVf_`d*jKBDN-0YT zY*zf!P~q7%Il3zNO+0G?OZXVF9YC}5XzX{ac09kNy%bBUP`})p1EOS<-wA0pJQwwKbu?Q$iX)4?zEYuk9qtbXt zr{w>$>&E34&4@1-axt1(FzRDFxq&O6DgMERmw4px2j3mKXH@wf7xx zQ6$acv*a9&9O|m5sIbgNb`2;J6a_(oS#iTGtSq~@yNIYLyO=ohnKO8DW-;fS&xm^F zoW-2Zbf^BSdo~HEci+43_r3pnk2`l}db+EttE;Q3t9!b>mcs`Qp2N6W+Fg%{tXoWL zgybTCZFvdU`Jwk1yGpO>T6dg@5iQNTfUugQ zPhBxq2f+P}1F6cFFv=`U2yMV8cht9xDD3k$p>BMQVWRQ$m6u3c7WANxd-X}63&T)_ zSvU^-=w}%{mW2aA0>IMe(^gEy><8X4BN}jn*^g#2G_1aSW96!$V{v8U*)F!hQK&Vr zI6>tBF0g814~nr4ifIHa5Dxx8;~m)NAnkn$`XH_0Qy`{2I|Y<2PE{bS2!@o9zO*{0e5t=>WiS z=R@yVCEONDIW|-&| zV%K~yFcG_=Q%2G7h-_?ZPSu5Qgj?j$LXsMW`F_ZT*CXKy<~@=%IE%MY?SoAKGz8(nWZFgHfsAd-BU%fDpnimp z5(yh0B^+77fFobc*)fQBP#5gG0BaSkYrq{C)AWrO7B0@y!bb@ep+jFsJZ@aEH0JOx;y0pfNDe~P9`sBCYkD97 z@_9G|7a@DY#)B4fXhD9Yu#b080YG{dH6Kpy^1<})PdY?y!`?!!%z*YLaf z&dV%=k*GzkbR=m_iCEC$GFdKk-yf_-biHvKS2i>yx@YyK7DzQh8nQ6mxm9WU<_gm z;zG|uD~e#m(#sc2Jl85ioBYNbto z1Jcb2;vRy3#HkK)g23XaPXRhyh?Y>Wj{|i$PNA!3V9AR_Je`WfvgHZRcs3O`=RoK| zB8G#)7NX@&Jo!fpECpM-Hb3u+nIs_r=ZT&dhI{i4D zp~we9^y{9*-w!kDk7 zF<%Ya`!MFKjhNHfz)qzB!Rd6fun(0Mcd&XzBe@wPNfQQ)a;%j>Pa(}fV+j%xN3o>$ z3*x$Wn}F^Hpr#hmMA>h8wI97gWIBv0z&EB>hv5|jgn)P8g8(0{ITRowp`i$q&`^XQ zHq#HAF$VPRL<|djD=X<&D{#IQIJFE?X=P-Xi<9TldFJA`uz!t4qztwF-L9ftmMHm-G0f{K;%>?OD8#@t!TxfSK4;IY=1K;&fz1^^FkU~EAWx-S9M4MRj)Njz%#Un zhG@=F%~Xdm1!sd1ir2hwfD*K_H4FEV9?gwc;^9S4gjaf?8J7X(RBJ$zEd}cXD1mti z`AZ>bk0VTqXoCjj149SRGm*O;y3l(>E&6j||H$@CN6BW7=^Z*kcLAK-vkc zNDuq!sBvJ0<0eDDLSw+=SHq}!O{qpo(2))4LwRsM=&%Y|jBUXuyU`qgmIy(x(ux?T z!y`g=WGo_{4;-tHVc^rQ5c)Ln0XrK9yFfU{%{GwmfE#Zf{P<+UlZ`#x=)K|23E$Os z4ulbjH^b0(VrV{OhV9Dm1F{ba>p!Bb`Ll3=CkQUX)`>tFeDqu3&c@ye?$S|tWDx@S zOm_^2K# zEDUW?#)72?xS>0$*`m^%oe;yJ2tnvAXb&f(H!MXb;e?q8fPS0@Dr%9%xSG{C!)g;9 zY*0~}gV&=%AgR#rW}HlmD4ehY|IWpQub_MVcvn=?6bBOD8v{S0dwS&HLQhae(<%j| z0Au0K!(-Tqfle=izq;rcrevEM-8AB?&T3WEASsoFHvT84Yt%Vf2IRxLE(zF4Md+pB zgW-z;R-{-bW+jUyN=nO0rnEY()wcz$Ns_}O(H~EUFCzMhBn2b~Cm7%JIeadU&1IvU zI33-=KN*`ZlSw5Ukw7Tqi1=KtP%P(3LIpyBfaJ<40h=e5$oPCdMT#i7L@bm`ghC2E zu;uVQgH$S}C>e(m%7q-RTr8p}Iae-|LEY?7xs+scD6t?^#^HsELiublDG^FZVW^nL z7V`N#wnWHhOJqU`TOb$8MDWNXDM(>UC8R_wfV!cWD3s!d@;D-nfKLhelw81(@dbRD zgineEA~D5=JTg8{77B0xN1jZ=l?lZnHlGckBvOftq-1i5gp!KI98wIqpiC%_FXGC? z@Wf_Icm$zO2U1HalN!DOk^dj1|4~Zofzm_b6jF^^tCs6nG|jtFl8$PLmK8NfN2%z~ zaQ=_k|830PAG$ymnX3|KDx?V-^`PALlqy`Sr7|VTT+Tnq?ovK4R4SHoLqUFsL{gzl z!r{OG=Ewz7p_mI2Le7=IMIe=mgd(D&>G|0NDZqoC0|vWlLpJxkw($4(0IJd_GB`@y-^p*&;rOGeM|C z!jlVlAQOZXhs|Mgg``}@mWgCMff&BX5^>;%%?C6{5m&_FNu`un9?FyQgaS4t2eBiT z$OV83N5rONq?ik$ip}Oq;D-{3LuFieprDu#5Dz7JeE8UlAgVJ6FAKBNJWUYo8ANSX z=cwc))2C#nFUbbNr(~cTJgP-&#F)i$}l0TAA_iFhR%#o zYqHcD{0$jFxG@OFL`q4CwG=^c83b$ZQf8G|SR7f;pO)isCVJ*Z&$SG85%p8R-ovBNwtf1pD&BTpmB6tcZ;D9K> z=CDL0$zpSOES?~gE}O$)i{*SFQV4u8$a{`dAc5W%N<}1a zjf_oz!9;k_b_iYD45FE(eU&76g;o$mYX;$-NM)(D3Y}V$o1#%ROV{bLv@JqH z(x5@v5|&h*8G^xth>->k*2*%1E51B@`1V1yxWonibT*3mT>ggqFoj(NfH0wJCwAQv;X5_mtE?3bPF= z4WCxZnCVa}z>-lcpd=VU_!AT&i9y7f%l;Gi0N6GRqJ2C04DNxy5l1~tA8AMB~f*pY4 z5)@gKQlX+On$O&?anQHGE@l8EL3CsgQGXpk2TCjp*S1rul@&n&r+^G@R^5>l7-C55u|a%Rps`7J zo2AuP^g5eFL`r55@m4i~9@nX*YNdHZA~wVCgOTD7jxoPzl^hmq={bu4WrJXdWDsq> z1=Nh1(QK%w6ZiYYtq2-&``{5Ef@w06<8rsF<7Z!J49B<%EEwy znCP{NLgo-MQnNH_&|^9UrG-QQ0R_QO$pX6!o3~803fmsK+$;)SATu^g3=<$+SGE>C z8>dH+R2HR@Q7UOJQ*1f~LJQWhzLY`uBvNuECB-@j1aGcZp>>Ff<&Yc!GU44jWJ z(HYqIV8(z?0L@Q=5D2MQ#nfhJA!=xGFPd-x+z|?LjXD#jTa$;SkNTS(R{j51Dgwv< z8_5XYgjd1$^=Q6tfh2_jIwnP>q2!bX#tkxvWmM$>k-rDg*J?CNVZ;Laspx5jT7x(; z6L=a1rC7`S8ekYmQZeEtwH)_(HnNya4^@g4n5w{B8f+yiu0)~+2>`@CAZ=9Hz{S9b zm}4uj8(?MRHx`h>J~FCZN_&Fn$skf_@n`L*jYt=((kPg)NzqI>Qh`MUh^Ky>=B?2D zB1)B=Nly#I(o$0?;}aE?nWf7e%3-IHVKQr7@paI#3at+5jPC+v^Jt)!d4x64IMZwq z&1lez?+Si!om%EJ)}T^!a$!fUTJ=2$U)Vd=0AQYq{03k>>LRcM0!>|Ypt_85-E4FT z38Ec?XkD55RX_lmR{;S{>HZD~GzS8LE2I|dnhk`os7~v4U@wSuE4pM;np|t_Ee8EJ z%UKx|*aiWl|HYDk>t8Gh77vURGqT9a_}5Az!?J2dshU1fDxCspZ*$cgn1EQUrf(7o z6Bq-?MHBi2@O}U+m?x@aiRv6Ui^&2MxX9-7oJ5ill#EW~EGX}XT20C0eYL1g~ZRm7{zD4A+A(;AqD z&mhRJRB4jc6{HmxXz`8l|7EEdd1tjQY7mH6%lPO1wQ4H}EFK8S77T*_9c060vI;|k zhkZ$Zp(xhkAYZJ81fEBIV^EkHYc3iiuh3XtD4L4>Ef7ZMkGYq46=u_wgp&!2l&mTw z15bnyu*{~vQCbH6zzW3Uvr*}m3_|c7x>qUH_`oXva#=72EDngTVr^ZoiNEn^0<`}E zmwqV>t+f=ALw}+EuZco|(TXswM2IuQtV}JeKfu~U2$}%HiUIb#i?d}4T?mj~9IV5u zF@Fi~q-;s1LWkE6#PqBctvcX_1Km0>h=}j>S0w-@;+fel6bNAPUsdV=qe*7sJz7X$ zF>i)|hOEV3`Zpj{B{g`UVgEWhG+R_a=iAz;LW8QdPxC0x5z4Ajri>1LS+3>$2KI0n(-U&XHiYQU=%R)$Qde806u z)DXqlAW4gb8ZXETKT-uq^1Y> zC#>oBcYuC4!S)@rNpred!! zEGb(SnKRWYWiIVd&N6!uOeMi(MLUME)3dVg*XS=cp&Kp}XCV&~2w9CTu&L1n8^i>! z6*w@_E(*lB3W-7qeSjQU#`55(($LN+NHeadgVPCIqo|lMp=uu(MhwjWs&cQf^4I)5 z>gDSZ^~}y-6B$fC@G9KV2tjbL{(UNf*^*07{3sdhV35F^2fXfDR{p3eQU3d$#4ywp zsS@}q{DkQD(|sGW|hfK36rL#8u#HupnCZHR9MCVcbk zx@SNsCSBGg0Tvy=O`4)nxWNhCYINE*dN4zT6G<&l@V&7rxVO{`Rl|cjIBC%xRBU;& zp`VPU&^t41^ok&A(U>^ky&qa9lbJ*i9t=2G1UC;3v@o{>z*|mBh1tfYuY2ekz9OeZ2PMeqw{fqaewWrjuwam171)qB{h+1E!A?rL_iv%G-_%n!_CRZ1> zcP!>VT~i#|E+y3xL=6VvjdL2O3}oNmpROir|`#Ge)<-XRZi5O0&mW9A|Zi8kD6#1VUXNE7t0gz;;hoWI`{&z<0)^ zL_0AF!V3VzsHDnl85N!o1N1-w5EGDS=e%>1?#$S?5A>>PncmSquRIsrJ?`NFoAFM) zFC5nPKT+n!mM3bC6>V-5eH2q?cGL3VJ8vHG-Z5eEA3Kk%Uzc`mZ*B-sXe~1RY@DC!E5R2g5BCB^OgBSX-`b$iT zOlmR20B3czjF>jsdkLS}{sn>&k{W{C>vCW$ZHQXZpWZQP{k1}faT98YRpbQNxmr0R zD@!IJk~)NQ_yWRM)$J5xRnVLiCx;n3RxS2wK>a!0=@p=C`g2F&FPNsMFR!1i@)1NT zjM7M@GES^e5t&*k?5v^P>2fu}g zD{!SHh%o^!k?@ZJP*I$nXb6LX;(npvNho+Z`U}9NEHSv1kkb@u5@#S*+xY=t2H=E( z)6mhwDnoh$ry_$>-~1mBqRjveh*d-l@4#vF9lZ=$`wVhL$S5h&`uqsS>lQ@p=J|2 zCgebII8l&l6bu&q#S%5l_+~*)6<}csd4%3q1s%0c1L0)o$V?XM4I`QZEEBCz+$9u; z4bd@W>MWJv|pE`!dMC5Dg;dUkRpU%3i?qBsS@bdP@F@Gdt3@{Q7m2X z0}(AilEB_+pckT8CXN$@#@@H^K;fhQ_x(9wiOWRd`v3m^*HM5O2u-%JAxJ}@mxFV& zQ5{CTb!Rx*6d3{;q@l@2nD?_iNp}b5exo`tC|f%lhCM;{c5rF#z_4Q<wm!MV-l5 zvZhsvC+Td)#tR$=tTtJMYlFQ0KK1 ze){aVrO4nukTlr8CJnY%ifm!-WaG;v2-{M!tw-$7arWV;hu{go8j)qV0!qW!uB5Yr zZHk?PuT4r4+n4l44^F-=-QfEfn2_q!Dz+Etff5~k;S(?!xa?%?x}-l!aq+GCdogw( z*%-aI^{r?5hzfrKgeI0~TU+LQ5TlXKVm{%_9f ztAA!29QX&P8G0v%O}6E~98~6hpjpS>jCqf{4=dg?y4449R+~=Y+`@d-g(tso*ALbQ z&72f5I$u8}`R3vlf9$>Q)z8&1UISms26QTHCvZ{z_VVq5_A3^xdc1B^&*S9FRxL_K zxBIQ2X|^cf(wr&!@e|#y>{-7~IQYf3>Z6xmr9Qp9n#?XpvH?bA{A^%ofg)ebz(R;0k7NJJKEZkbx;NmyBc=Y+WQaSy|im3oA9#Zy7!x5P>kxkhm1n6 zz3sxtR*PDYLKAbjex-BRHOOj+x$J#`bKrw>PIErV7IFkM8VwN|`PDk8WOozn&lr}~ z3=M6tA#=%*Y@2ChGODMZT^!koj45hg6g4UWEseuBdO0~ctW5Ja#Nd|>$;wcuv$P>n zjWPr{7+4n=7kC!2Y%2N*CPRZsAq(DcrN5%2R1xv<0EYa`3JNK#A z-mdQFJ)cP(_8t9T-?%X1-p-Na3|(Xz)9Ylj--TWmZfw&t8jp6I)@1vtz*z})!%jYa zCyH)X)Gfznp=OxyL_oEHC$HHa9UJs`O+cOK+ZWDBY80in9=lN}3-O8HP+Sr;_w=mC z7l%|ElJdBLU}{#zw&T}s6kNOJ++l3gS=rS0OZ$#G^twLLW2tw7w1acOKpUr>#?wFuOm!%^`Z<>jzJM*tZ_&vR!-+EPk32VSXmw>5~v2DgO+BbaL zHf2ElQ^77xUti}I**yB(%Xypaqh!|s{->BR>ij^zF$YGDyV2?GrM|QEjff$fW2#lD zSFf|*tT=NfPfGGWt!W$R>h5;mKGQkUe@Q|7mNAz*r4%)3++j=%XdK7EAp0e>+;6Q_56=(CWB379bkiWfDPyX7<0>?f6#dOvsPYEEi-t<@wUF)*uDOO zc0V-BDDRoDY_o&V&n{-`@O^G|uZCtE^ts^rT)20Z!|KDLvy5u&c4rFRb7iB4P3;$; zES(=Sw>-V?>FaZn*181kE4{e1`KrOrrRS&jIMUD0zFa==0VlDsPssh{P6;R1MQ-YI zVL!_@dwKe+qnWQ-^e(RPI(q93p=^ap#vk-ck<>HzOxr2%ZeMeBKifOEB&O+o_nk$) zIXkDee)h-h<~_aY#dQr_I9PMTr^Tk2z89W6iI`k)amd;sqkgy;wq{(P2Ziw?{9YD^ z^tdyrW$-F)_XC^4K5@>hvu(X*ZRt*V_UM*Bo6+3=*Tb3IqqZaCuT z>#eq<#=lK{UY59P+|<$Ach}c7O05;R@mP~UVWXL%j)Idz*Zj1~zv1Gg^2g$O{ci@w z%u5|}t5Kgb^*eT3C|Ju~z}o}7Eq>3&Sp#lC^REY3^IzxShLQ0m%{5$C(j?Y%1}F!05b%zc3qgC@2O zjo))~WMtuf=hy?kl|+Q-roC0Y8^r7$nkEwZWe&^TIS8tClQqDYm zhQhHS?quS;I)okqC>bk%*FdHUY5G$Q@MdIGm z4uKg(dYWawJ!uOn;0raU32tG-o)odAntkV+4;LR|pK4ghBYUC}_3S_sk?}=wMV&^) z7_|^+tIBE)>o{1#hEH*5O$6f>MlB3hv$9Jixv3luR(5?&$_ z7a}!jx^KYOk@^J)d8VCy2C1J)>L;6t#Ihyz1!NmjbvBF|+;3Hfl($SR)rMrzi+|EA zEh}A@NwzfuupxPMIm|j%9*9)zwLv~7Dfl5$Vg8HaB%`3~CSMhcS*LeEA|4{PVhB`S@ zMYqajzectmG`Qg_-@IQY=?ccbKHAtOy4l_zy|yh{YVS7ZN&1I$*0iE#ZJK3tkCE1M zR;YT;oPMX^_3nwUqMKj)vt`*1{xemhRd-99JSn^S%A<5v;Eb7Z9<5zpIu)L)w~tfn z*7F0wCwk3aA0u)(=(6|V%2jvQUc6j=OqZzcLe79De#6(iZu0J0Pz$DF=Gq>G=_>W& zO}c$;?Hzt$Gz$zfwDFCTyY5~W_xsI>!~NCO^P(0HyxX=J_4B?yiIP$K>PQ7MMqR)3 z>fOs4#j~5-JYF)R>}elq`0ZYfb4Q0cvIqG+ei%9{w^pam=hih$&%Rgs;m@&;T=O3)T9*DvKCz3P zaQ%9ArgU=aQ}eoZj^CBvtwHf1Z%+Ne&%#~SwE1Jnu|<9M6pxwHZ9vz~9in!(`*qI1 zUM~3^GCt-m*s~)uv;VJ&T3`3U3CGz6KX=mL=L~Z`Qa|lKt+>8A?X#MR7U@@!Ab^Y$ zL1$aGo7r-QnJG-}Eb~-Xwg=dsmgnkZh^3$%yMY~ZaZ3E-b4wDocYZYHY{Qb5+qdm# z_~>kN+d961J}-_0_peU2vnuY!=8>GDYWY5uou|cq`L(__rmcq^%*N~tu%fouXK;%6 zy1FU5>{>xd@0qB?qYUa;bspz?u*{yeSYpskCnxg zhOZnd9G;oH)H8EHt&F}lA@PG(_fUR#GWx+~Z=cgDfA;h8NBz|4y=_Vl&df~N5;y;P zUg*vhc^%em4)H50Kl}Od-C9YxgHw2y8Z|4Kv#zg=l-IQ0=s#-+k zOC!~Yy)ObZuTI<7-+XLX>ocD{dqmfhJZ|IG_>6~4w8-P&E2IWs z3p_3q8*0uV4K=5jiEC@iU>j-{K-zF~4h8=BK@gF`V*x7=)c7*ZA3N%bzu)hj!{Hk__z;w7-pZ$CHz6C*+3Kp2(iIdOMUtG9#EeSn+=3fQa)U{J6d4>T;)Sw} z@NBK&q4nHgSo6)yVj9=ciwxdi6F4%#Aa}AjVi*r+2WZarXd{+_dzD~3wB~5!h#C5C zp+I9Y05#3lw~mDZRu~)IFr?89!yyH1A&<|+ZWunvCHcn3|5+UbCj7Te`wgzCFFLeg zI-dQ5bwB;*{^!(+pryrw@4CiJUf*=~p%y=kx^ZV;X}R?C=J_>+bB?6Gx?WIFge0$QU(1lubEW(52Tc@B&OVbIIp@sf z0U;Uf*+1@iSG@OVe4TZ}W-nOlFHAc%+xv2jf=l-bcl7I@(lmsf8@Aupep`vS*SPCf=Ck5tNdu?tF}3Yxjl8;0 zICcNfd8r2q1@k8Svp9Pn?0I2 zZOgreu~)Qb1Loyzzf-!R;m7HF{C(|b)pw6_ZFpjS1b^6xKVP-)Il^H}qVyrBb62kw zTDRX7XO4HfTdjpZm3;D-K6>|t1H$sW)P_LrDbJ;AUXFd$VCt^YKkfWquDlmfEZO|B zZT6Md#Yf`O&M&f;o()>IY1+H_yT+9~nzQTn@GzcT*p3GMCf)AD$yj2z>2N}E^!6++3zPUcC(ZVkG%4@bw{%!wZ%~*R?kG@~n z;|ms7??d#J^eK3K_cXQmha`UOat)b^Oxk*O-N~+Ga#3PY!l=$)({dHuPV|{}jX0!b z#KHrNS@;FxoD5_)#YVZ(WYmID-jD1HZf2wF4UF=H@786q%l}$!6`fHvP~#dQ*OVLS zVyf5H344s|c%pQe#yI9zkapN?4lG#NwQrkYpN6Jn<{iAgwrE!~cbg%rF1sHpmP@bX z)pEWQsy_V_B~0mDee;-Zjw_blthT#X?`iM0*odx0OphrsDEho`6_rO{y>k1V&w?Cv z%a74*w9Y^MlxmnT*u`$gv2_dEH1p50@Uv-*aO5+p_ByBYl?$*6(W7)OPopF;0SJT~8i9#t^=3{>CTi<({RfZ^S{u z?6c>3XSU_`9?XxN-8`nrlax|%u;SHz<^I}>PbS&iD~h}|;^x>TBO1BPdGuC)tACus z^4MAryQ#W3-TBnJ$Bo$C``$XR%Ud9bV(N!+z7m(`BFP?M+v{7oS?N za-!pyx5w(=+P|>fn%W=h*V(_nnoIbZ26vY)TvB&UTQA!#pGQ8e_9OLX_sczrH8zdy zxI{hi;ncRNLjEyThF`Bnlw$Rhq0F6Ls%s+GHf8Kp`)BSMzhL8b^7zv@+meW2R{6=> z%ll-HP3+GRtc^P~Np^-oo`__hh$x-4DSp(xiD#$qHhaFP-}g$#DGDl91Uhm6=*S)x z9Z6I_a6e<&>bvGHJbFGLcZbJW!_G`iB?^JJgbpC%-oJok8H*SKd_w~t?Rd-BA!qM$Bw%d-^jM+CuH6WE9O zfje%mA04po#;+5HZAhMY<%507%*^zbv!i!BS+r_!)6f-19~DI1k5(PwoZUT&>>VF; zOS1O(mRsY;+?l?D(Q(_(0ZVK4O6zy+-A|M2)@l8bc~YAfK07-5`2JMhRiDChA4`~d z!~VQDKkE8MO~~cE)cmcNmkkp<7R0`3u3F;L<-sm{+n-Nqe~Am#P4(v)JfC~L+|<6- zlf@5a4Q&&9xwP-zS7$G1TSs)>!xhC&u-V=&o#pj#M3?AWr*`zO)l$1AbLB)LSB~X;MeNG) z#hRyr+WAMkYG>bcJv#Bh!rqefQ>~{?>UI9a>{|QDuCx}9Ct>-h2$qk`Yde3_tA>`3 z$Y4?s%;93?-P5ErL3yJU;f|(fP~KtRQr=Z~)V_qRs~|qH(w&!*_h++}H-qY>G1vjU zZqC<49wXC3wA*wb( z&V#CzPhPvU*Y%j6b#B`qPtHHx`d-H{dCT~1qdsu_E>3?v@y%q$n-d3hAK%1k)LzT8 z$pgIAgD)g}a_N4xZL34cne(K&4nb==w-4S^&2GRh+53Q<+RP&poOi5abc;!rUDTc* zUbj~yV?xi`lQY~GEDF4mRy#0YtFY5-)gSefGx|q)w_o~V)2hP{3j4;-J6#q#a6`9b z=QRpO!9O=h1g9?`*2RYyF9^5_Xpn+jrUQF)SQX zvrhHG@mZhlZzv1&D|DSGxU@C){hZG(<-B(R{Iupb+&AAFH|yNZ1`nS%Y1g{Z)O$Kz zul}dzhdmiq#OCI0KUzLymoO{x)T9@Om$&$_g_C6X#Vl!3-1w)4%o2OAJp&y2d#$gN z!tK7UI7|Mr*kGFg^B*DhRlP6%A2|J9*w6(8jH82na}Qe^Kild=;pMtl!rzrg|LXiA ze2nId;U{sx#3FDe>+=^4`w#2sFPCy{?1_g{hMXlE)bcbrOh_)D%Ma~oP7oRs$Q-h@ z#XDoiV26NAaWMiws}C;l0}-E2*uaW`BfhWpgw8PacnZoOuqtkYHf)%^e8}BnQ{+NA zp<=d<#mr*UJ!4c+C7A-dAsXBg%El|YIka}VT}&`ouUq83{C!mN`1!#DuFe`+@8a&) z*O}FB_IcXw)q=^p=Q=t)zIi%$S^MCjq04S5CvLb*epWl)OD*4c+&SmWs!zAiUti_Y zC6l%NMRt6<$n`ll&nsstmdvg@`^T}O=XDkp-s+V*ci=45v>tnB*v*-8@$Bt=)dS^) zgKH^U^=&*zfoUProx?&3%e{j__2Oue}_^&ATx{1Ma3 zX$m`r*|Tqb>deRiuM{4aYHXCgDG=l&w;6PD-VA@v!pWD%^q(cEsHYGRI_?_?+YjP8NbQ)YJqgh)fQQsUFVLKNBVXfe=?rb zf3N~z6T;R%B=z@6{T))j!;aZ>V)5DAGTxxEPQ2--ck{EvcQRGY7LM6j8Z>V4qRsL_ zq<-dqgRxjO;lRE9I5o(Q^`=eJyR!k-cb*M~RmJ+4V_y|R6a?Tr%$4sZTYQ)}vx+N`o zHDFS+DUQ339c15gnwa$K?LCvYO-H{dO^aY{Pe>2TJ5joJ^T$tzgC@(G4J?1W-(^Q$ z(%DcKyTWDb-k;vkqT}>Fa|XsRw&#@Q%qwX3tpCZwGyl{JUOJ5T44=NM73F?jy8Ggp zZP`tgeIEVVH$b-L#>={_Sy#>me0~L!b4eqokEN~Cj`XYH{eh|*wlL&O>%Jc8I`86$ z+dnNmIImgbCy6^-tmu06IDbpJkDpVg4SNNN13z5svv|*Z*Cp{Q;Cy1CBPF_<=1AO)B&288K$r^1LGb;io^p_Z?EZ-%aPbD-Wln9N&?2a70+x zYh9lujbqo3dpNq+jwi3TCl$RC^o?hhO)~hLQWfsYUhCO%__7x>Yq&oWhxGj5Jg@Lr z%URq3v$t!{KiIOiU$@;I7zY|WtX&c|ziXd`t=%`j-*RbINz%3Bce(Sorn=QKjC<2}A}AtF5EVoL0TnSM0U{y6By>fJvi9D~3U+tx zUDw{$-n(mG>+0&NtX=;zlK`>ozWYD__df6UeBXaHXXc!lIdkUBoHH}$UXANJ5wQ?L zZ1{cpgwPg9@e@Yi--8M$Hh11;jy4z{ciBSqIPQ{^BUAJ8RmyCYD32!=DHKW#FH_1> z6)1Qz1uv>+A}>!Vk@C&Vxb8aE30)BCL9vikk3$a{db^2Sc_tKtP#d6dwba>A5AonP z5Pk?*l02=I8xyenS9q{&G%`T`p!1oI2pJP<6F3&B zW!psgcFu|Ruz^YQY)EYw8a0Qi6hcAs9?}-zM_Ud;t>|V$ zVGVI1X{Sv*wTYKD@rDFuf;AMkpgnvr8V_pZLq^+BO9Lrz2cGw!%okTJ!wkGV=rY`) zH;*pEy?8g*rb<|j+yVfU4{hh!(zAtUbI(nUEpZDUj#>aoskVM=A66SL0}n7nV2mXJ zAz{uq$O*3(&=1SULsFkBcn5Cx5)4g^#}mm#L$~(s0@VM zDd0tUw1=EW5CCsu+Hfe=ftRgEFeIi%9vvXz8`4IEtQ{Da<6{e}0BeUHf=9|~<^ghe zaXG=`K{QS|OdOlvI0nqm#=y$JyQP&u0q)Pt*rzRIp(SO*wqpClczT3jE^LoZkT{Vp zm7$Pr<7r&p8Pe81E!vcaLFOYT9H2S^(<*QYv@w95l~IuYoQoA($07ojCZ3%Jf$(}~ zp#l&TKe{Pu5VnPOiIDm8vC)o>3`aXc?e4S&cE??D%6mYfCt@6+ItAhq{T5%U^0P8BHHJE!+H2Qmw`LzXV09dIJaDSO zvre1~>?7DqBtQaoto1EmZ7@z;qU;5L_!eBjqc^T4)D;q7%6rz6$SwL!p>n+AJ1S08X=b!S3 zNbD9tVUG@vDf|lk`3&EW@e_dQ;F*;JJj6xFtsEhL5QTxCTcSoKQ)H`g4GFk37z%Pr zPDB-ux5W9FW7FbKB@xiS-Q{Lo-9Db5Rwjlr#=x0D~=P;l>HzNBpnNWnEB zm=Z$oqf5c1knNHUDU1}sTp$pI)B&Dki!_52m*F2m&K&KiIEc;OYQ#ZT2pnvH^Yd6; zjcm|sP#g#S##&;)L41R74hQWvm<^>H*%;1X9|B4!3&T_c3~dN3CG-{q`V;t;z_q02 zAQt970=RL}D}yLw4(h|1X23;v5YE4&aWC@>ah;pSIKPL+`QJDgejso)p^sqU(({Cy z5#+f@4mG)GA;LAEB3wFwI}IfN&aeb1C5E`pZsW^P#}FU~6_e6G4ROEc3~LqSd%V78=eFS-mhjgTFxfUuhB1*mQNsROO;X0QFl}bkV0z# zwuXEH50r#z>^d4@-KKtq;Sz)n8l+G!KvwN@(7?fHHq>muB-9HETLpd&nt5|gX&MdW zVQf0GWxWQh3S(3aisS~ud`-j{szKYRNYM3s9kviK1GGwq1+ef8{Y0>8qw9trXhU>c zTLyBbL)mZIGAuRA2));}OQDQdT;%G4;HieP8n^}o6RZY3F*awJp*S5jonyx`M`Hcz2*G=^qiHS{;~k4R|?fHaDOoq|Gvjd_-i zgO;x4reE{xytd8+1I(v2;np1brBE4>L<@g{JdJ!=_+*VKY}6L6I1P0IDV%4BwAy~J zlhOvr0qm&}mYqgmR*j!FyqAS`KSm20JqL zJf_6wm=gbE3N>rMTVZ>5fcy&ZX_(?oJd8K-Hr~Vwc@r<>O}vmd@loEyM|l(9dc)1Yb@j}S@69MOu)K;pq!XRoGYq_iDXZMcc@Cf4GOur)^^K79e|U_Ti`)@l@JU?k;0{Hg=dRS&R| z7gQ4HkfM7aY$G91heG|431v$6M~-l9u?F9EkLE*Pbu2!zK}!I(LaPC~p%VbT&_#fL z$ehhb9Z@rYk;oBXcN9ioe*#qmjs%#9z6aP3Z3QSsPXOkkAPyg?Q8$2Ps2pImj>A+= zBpL(#MuIP_V~I&#O!6#h3OdYjqpWc$fnuOM<5W{v&O3xc(YP&(z*-v9cN2J%Km<3< zIu>H#Iy?fskpyi;v>Y1pfP zQKBfiAF)b|YoCrZ7kmY_V4UDO2z8|UfxRM-j0={E&vX>z{E1bYk`#`+Xgz6XgV->u zaAMZs&2;6qI=ZcnZjZpY;c?QH^K`h64)=xB3xy&d6b~yZ9u=Wz>N_-_Vxc^cZ7_^H z4@O)7=ZQSbCL}aCBSR?2U{FY+EL$OxM=JC3?5DL?DQ~w^S|FG?phS3sho|QiXeIq(VMij75gbXVPet zDj;P`H5suQX`TQj6@Uf?3L7axtR)l@r<4@PrJ)dS%K(BHC6=h6IzLh=mrDs>H9tnG zkg8;26eUyVE7jV;pg3irG#p^>T}CYCFepud+rF-HWdL1eJW3biOps;5^i zS)Y(0*3KL>$&g7g6w$qQHHc}7Ili$ju+2}-lUQazgf~aC5;n_Kw6C~ zPnuMcFYO9a0HYYG24m4GWuA^g<^?4sYD5}ooJgD_Q-DaMm(NHrjHYrttMN*xs87Xw zb?XA>bUmR+QN9LNBZ^c>fdc}CHmQ&Fpk+eT0wy9w;cB%sFH>F;C)J1~B8@0q1GmY{ z0x0Q{mnoG?5I)}>4?RgonE?DdKoDjn zalz_UiC{77Yon=3l1K&0h=vfjv`DGSZ7S$etdT0zU>8lKhF+pU;yzN5#1ISC?7j$S3LzDcLO!L<~VoL+gu5EE2j)?!T)_lANdPqQz0+;789@_g zMxl18p%j@WN1unz@#wp=&#kjjL((jrFGgSPW+*mZsgY%skO?IF8;Xro$uu&tNd8qx z&wOl2pcJhXQVF;~DOsarQ_$`&O|)=THf(DOO?-h|-b4j&iM7(mtEnVWs%b)CR#78{ z-K9t)&cU_??gfk*?|0x|a+H#Y0-0PQRcXl$w*GlhM&4&Nv2uH64uah&RuZjLY5fUs zz&sPhIa0iz0Y9+vd^~0~UpsSZoofXPf=wMd zYqSS#x!$%KEf+y_FpI#Z5k*3)a5yZLsAY|ke$iFK0KOo@NOj&;O{PI#!?1mRQA&0q zScW~x+Eb%O2cvc7UkQ#qe}Nj$oGz!GeMF8&OqVqdY^aUXiRyID1$V#5g7znkiKj9;-rJ%WSH?Us^FnTi||S=A+yquSLSELDx`zq zfC+9IAD2-}F;XH0(m>t^i$()^AU@OC^nCxj0^x+ z+2X7@1~kE440tqUZcg$gY(vV*0RqBSQbUGOy;1!c0 zVmVkkI5=>Ck9EZe+%6gNRu!XYj;)mkWrGYkw${xcr8zWdz!B~!9P5f%7)+x%4!Ea^NtA;T0#RmJSIonM z;~4M|WGxLj4%QXRtt(b)p#y|LpcR43NtF?#*$AtO<8bw&VJz^M6t6V3q*!>&aK~|i z+YJbYdm&}#v5wN3@eHghPHV{yR%uohm!TgJCJbc7!mY)U5d;KszOoN<*u^~$*Jj^7hS1Sgv)G8S((9n>wwMwUOAwhYF zpaukDHCt7T!wO{c;9_SEm9Yf6ZcX(OT!Ave+_1upj+NPbI_`6=S4Ay;eZa0jXez8Q z4!$V@-a9c|0GBzqO;V_P&HkgsNpt+SZL;rZhi-TLxN-gCV5DK&1}?pG^zyI__DPEo zgOis{9{)qT-#%EK{Ap#!rRE=(?pWw5A2hB#x5ru5t7ctu7293YMl1=6aZ=O|J~nxg zC&9!lO}4xIjb~?L}}L_+`+Bfp)N$~XzkL& zYt{*4ETA-5%O z-SMSUp^(o22lHl)XKcKi%S9#eaO6e?m_6=|Cf&JG$gycZ`NruAUV%Z_9e32ouHj?~ zLfBHsM7P)B`vE&i1?NUWO;Aa*q^ej&rm|R%8mmrH$@22_>e>VMMge$mSB8@`@x=)F zQHZ~HIq#dLd|tR*&LihyH4ioh*si4#c*|88OQFh0I7}DHU_<3;a-_V^?${t?NKz;d zRHmahT@2wH95{85BPA)%k;>ut#nZsmOwEHU1`jKN*Pw15XqnH`e$fL*TevXsWNIG% zqDKXeS_U^}o*HjXu($Jy;2il?YXRwm@Wc@Uo*(ctKoW5G9W|NJip{?9Ap6BV+ekZB+YB^2-jghBzMoe)f6y!?ZNLaCqFPb6yJ zUYZ#s%oJv2`uT~2{e*(7V4 zii2~53<4&2^#4URv+?b+Lq() zVJ6*n+{}pk?qr|i&iCGYsv7A%eoI`nSJZ4PN$Z`G-)mm7vS+r8dt@3a-`7Pm+efDf03!ygq=t%1px>iC@7e>p~x4&m#niqBaSmx{nZzM|uLUE!BH5TOn5UZvsLz=02N zP#=hJX8`PidP6Q2zO;)6JQiTI_NzOzgZ=a)UdlM?`~0XaNih%j$b~#?fZFXqM}P#D z6tw6AXF?V5k-_%{5T1gQVHTVi@#BuSY=|DhMGL5EDAzwd;u>q%%|KQPWYRz_e8SBB z2B&8RxDM0!#~)>49iUn|ilQL0uY|~M9`ub*srbW&1mLAag}_e&R5eVW2IWAG2hxQD zUII16pbLDS#qF?snMC>!kTw+RVR^)QZweT5JfwKd;U|vBh}WtbepxUM9?_wStTMbR z@vLd@S`xS!P>r?`1sv2cK0L~Ny;|Sm$wv`TQx3XlTKm{azg)El;hAabqYu%dx={i+ z2m%kh9)(B%FaT1V!R7 z2c2RqWW$QqK%M2F!>{}LE4^ad3MbsL?KE(~7KK+hUb`yrBX|Yl@0#Rfj6HQVvA4ow zZ18*-)6VSI{r}&OH4JtDO6SQWV9|J$|NYuo1yVOyDMD57F6_(pU(RU5d@}I9)E@eFQ6+B zBlw~%n>V+HBYe1Nf>&7U$eL|WS5V@bcJGI8jfh@U!;ysjR^`+D znxbhN_`I988Efhw2-tom15XicgW2kYrA$Gja)AkB%wZ+7IW}~1qQHi+!ibR#H$|j| z*O%EEr9xoIm}8=$jbU%81a6=bffM6^DO{UxU(f{}OdDLzvT<&_UBCriBIV(C9{Apy z5E;%BG6DhP)WQrdkV1h#$S}bHg1&$X0cCV3BmTF@XU3RlkirmLt*G$$=T;@S$)T?d!a`Jt_xk6xHDrG3l#L&MgkK7QmIW5kqn$ZJi_IT~%4 z{h(@PCi}_DUp|~1U{|-~b$5Ph$(6arJEF%Q>(;*K+KOI-+SZGgs)n~{r5w-O8rg07 ztU-@=NUo=(H0%GIzOm|$9(#SK8tiRz^Gd;jh=Gf0r`3%#pR_;nrq%q%>oe&kGfkZG zavr_k*!erxhYQ`~JFU2I-{)gx#o%TPj$@ZRd0iVvIu*vQ?&L9L4Ev3@f#tJ1Tr0`en0eiv>`#&j=6Jok z=zO*PuI3c{{+w|w)l zhnMK`j?J$=yngMlB)`JJ^g~qNp2l@oo0;A3HhlGB>i%)x*!8{FS*mOQP|on2wPIH| z4R%2-tfI zGhEfc#>_v^UnunR!bz~7Rw6enQAM+^3d!9BgR@mXv}oVnbz|PLBL(y{CJA@x%#LHa zGqJTXwOwi=aZm$d8bw7#{Jh3jm^ieNpDR=5t9`{PIlg3r(SXT-wP0h(z`%!T@52P~ zp_~yljG3a?$xI^Cs{v=|nlAsc0~nV2Uv!~iOtIiL6!nQs!*%X+-@&S);d9yQH~TeS zOIHhGrmnC-i?)hWRz;ioznB{8_QTGxKP4uX%z5K`#(0`jwKv7hnYAZ(^X2Rp?Du{8 zuFDQOdw0Qj%X^!gPXwPhwD@^Zmz90DEI`$(JID^mnR<`Rruj{hArF~qFC0ORnK6vc+zUuEMzg~S@Sk%*Z{k-cV z2kk%lQ`MfNBSTVW++SyS?t|Ou-+B!)oUqjC_K*|%^LHNdk9=@w6Se50%X;(t+zZ7M zw~iY6BB$2F@6+E7+W4MddD5vDd)lbGFkksJZ_|UccI6+ zapxYzq?~^3RatV}V@^AR5@!#klzA~BXocU_m4n6`DXaaCm0zkqJbT1+VU~&+y#9|P zti40lUF*^AkSlxO#rweyYYI7AjE$7p7bEU9KN|kiv$-$2eNdcQV=&?5sm;zYbL7tI zywH6XV+Tfc+VrH$mg(It{r++3mT4!vTkf1NBc-EyqOpDP;lJqW$Rnw=X-J{3dH9mGQaDHwwlUBOK_~5MC zz})T&S`B$=KgFV8!^W7mY^KVvl&Lbv)b2Q3k@>_k&uo^gq5Q zR?)8d+9TT$Z2{X6e87io?#E|uRhAC?m6sGhR9VLPZ+pHe)n$G}E6?1AeG`7z!U?ix z$8H<8&(!H!``m-pmrR}o?VZJ0b13*c)l3j^c9dC(uZ zalQAgzP#LPRjKjni__DN474|Rm{s^d*t?Cj@BJT*5>Bp<+MIrAKc7|bW6q1Cc`rKj zuWSA?dfUw)$qI!epm<5G*uv***p%0It{a-2?_aVww%vWRowYVaJEwMf`tFWbUrXn> zJ{}87RX43WY>pjp>B*DGN!6Fj)|J(?x*WQ8Z2E&yJ%`&ruk%g&bz(=KReq@lHiv!` zo?XxCw07O<$wB33=2dvt$M>1!63}{IutG8{aob#rl`Y+dAAPxvRWt5Y#irXZmWlIoOGqp0#nc-D_fXyAbSFUvG0{kAr{nj6ZH7 zI}z9|SS=W9<7St^_+>~bdv-1@<>~w#_U&B<+$HMd2 zl{1*isZ8ahMkVoCOl39GxuH9nYVP-U-Qmq!q7P*Qi(nP>?KXM z>l~BmR=32HXGKgOdZxs5;vQ)R-#hg6KGo^G>W@1+Kj0qexGQG)!WXiu;$5x*i)W-u zhff?jCORSclIi3jXY9K>yaQr3n z_QGc9l8Kt?aW9Xyp`$(bj<)=1(Q*URIZtxl=J2Q0dUp2AO^p>h8_N`ZXHNgM`sMBk zFQUD!zwdZzN5E4>>s5DGw|#Qz+6(j5vpi)suBvYG4BM&&4!OE+uwg&A;`P@W#4 zRh@0(vP^cbkE_2mVVHx`c4(KSg?Ga|r3?3^_s*=@=O_-GQFG(Ui`UPa*UfHw>-gds zr+!Zthu`UEIQP3yP7&ucXKjIVvz;Q*#%I4AY{lMrBm8G`kKeCLeIL*Gv#$U2OXxyf z^p3O_GZq_n?`k=#!ub?xcVO+D#htqpIRzX%vtYse(o)yAU8gz!_%6n+qW=5WyK*;o zpK<%Qf@1r}kJ`^FvFrZn!g{xyf_tmqz8~|ONyQ^s$JOtdC+r^MZ`>%z6Hn@NdS0LS zp1UeiT`k#kZ8_lfV?Wp~8kIfebW6bl+53=BQI~z z;ofQ+v(kj)f-2iTm@3;RaNA@mr~RiluD`r+>fM2BD_1e#fOJ<-W0t_Q@emJpVz^c| z-H=TL=5YRO!fhGfriN^RE1S3a&C|zIl2kdZZ{-cSRPb~|xgh^Y|O(bJcK}Ej#L9YNSUS_Z_XA z=0)}3pV)I~;hM?8^G_^$w`_<1FwZ2`-R}b{qmL>M*@%+Te45QW@V;cM{eWCaa?P}L zrU`$(@HE(3e|5`%$H&p5>D6vVhP%=t;?({Hb3Z=Kj_(!BNQrY5g#)_*^C_Uv9&cKo>plUp6< zjoBMnX|efCOVbC>e>C{nb^OXFh8H^JCbLG3-d<~4Tv&fMEN9XB9RoX4y{D$0h}p#q z57{umH8H`oW!}|~EBeJ-KTmNUG;{xE_Px{T;Q?#cJXxku<;_;ENFTZ4ew*iOe>rpd z$FqueKfIkCn6B=&?CSjNo*zRaBI{bOnf%?Q38v5UQxEn3{#Bc|PtvMA4xH|-8n`U& z*_fTpLT5eo9CLbYeZQQQD?;CVn3o$pqD^Y#Nypy?I}GlpT)}e886|8hS$R9LXsf5# z^pD}{nVs_FfRoyHY{LowFp zfOLwcSYL-?s;D%MNy93%glJ3^)fMJ83bxcRuqGYr;b~kJ^^I7}{pYE3#)sbC-R761 zUzaQ`ESiwAj5oif|EkU-JDeRAtEr(mqWtd$o0i+z;9v$sGulH`BS;v;4-SI!CA)&A zUe;D#T2y(SsXX&mV--EZxS zJ9N3f^~AUhHlNJL80TIyE;$g9KKuD#$2+1nHrxK_k~Vr<*3Y#O)83fcX|g+>Srz~6 z_{_-*hIPB>)!Zs?w$)%&ecD^2pxltBHYYx=tMU^KSikJ}=+viYyZfeR_utqVpj>KM|7N^DH-_Jm^TW7~ z?;VQ+!+%)zwCuU1+ko>q5tA2s{=V+OkjLw$ww=)JZux;>&hFDcW-K`Abfjm)LAw=b zq=nwGde--IYE(&kXI+^*dhPt^KNEa7rVl?m9iJC>=s#L8@kM0Wkmyzi{Brt^$V+DW z-~*;JyC(x-pjrq6HO6TE+36ToEm#>WSR4joNEk>!PR4y3PL^;o#xdn?4LF>PL;q@9 z!*Qmjlks2h{xbe!gGbPsZOU*Px?mZ7Va5k3la!wYMK}d{5sekyRsiS(>eF z^KRRpRwJj>(|GE>}%?yZv=_f1|bR=~HXx zTpPT_B~_jpHhf*)g0VMl9Q^Lyroe35arHk{TgM(QcUj=IDD-(O9Uz<2w^Q{22X>3S z&W1(@9!K69800v*_xd|0R_(R(SU0-f{^o_zecbG;&3-J&-7Rz%e`?>ZTWrnfyGwZK z6RV@vrqRPfhV!#`n3VOMHK#}HklbE#TRa?e%UJ>gg8I}15prgd47Qb0XQfUphf*L`X6@B|H@M>cQo5xWHq`2@9}$^ z8TD_6$)@INk}S_J=Ax<*@16|F>F%9zVBcNQ-onkHSzi5~*(SDS3!KAS*-vvkVQe#g zh=@sB%S2iHF>vJYq)5|?aa)3n)<;~Mvf_f8NoiBHu#4HLNA)q4$9K686s8W0ex4dr zBOLCe5oJ%xs7zXWa!QZMd-g9$KP|FRcpS8UQ&aKN4bl7PJ#8J`v#nM3E~8g>myAlt zT$}!($hp(Al!6sIMn}Yj^*U`amlK*jtUhZuYkE}q(^K6)DDKWavUb_?Qcten*_C+C zq)j7@0v;4Qta&)=c*uRF}L{r265qtXX7pGz6^bd789RQJGB z-TvEL+Z?-?lO-eEH>QxnG{cdaG*kdmTT8}O~78Vvh=a>F1KJ|Yy zphdt;_deYL802^}Z#Q(#y*?=KlKgi9e5& zB4u|b%H1{OC3$CV&3)teKIqcamj@Sf zr`Ign@xA>jc0~1-jTLiTgLoTT-<3Rm^>SCaIIXosDL*)+aKYdoIHN5_HQy#$YISt> zCG(is6$efoUwZ24(CTNmIu16zk*=BPY9zX{Cc#O$oTZYHota;-(d!bbpbM_~V zu=@>hS^cchzO8x$n@0wLam$pLObQ?;+6CD?LlvF?Y7iGQVW| z(Wta2*nhISS;YKK=U!c_O#M)BJao*#4WY{i3#wRVaFaB~>$-Bve|9=agzH-uS^WrC z71fQgZ;V4gh|BD=NW)iAtgtF}i<8~jO7FiJVe#z8{&IP9L&xk{qXtfWb+CVjz>q~u z`(k$K{5DI@)f!s7 zpU+gz{BK|f-&P!i@LcPk%q>2fz%te_!PDR0{jRIS?3S5*A1`IayV=ApL!tT$5~2hU zqCw~Xu-$31!#Qb7i@=~27t#s~qnN{gy0+?iwXo3k*}Yj8y~hXmpP#(^Qo3M2EAr9! z6ZYc@hx&|Ow)yPXA0E7NT@kb3{@_CoRBzJ+&kh)#e?4`*^V5!ZEov60nI^M(4>X@^ zf0F)qP3U#MA`W$ZpT-@^7qtzZ-1exs>67>udzw@l=5zS zQsbuWy67lLpA==f+(pvOrHx{8^@~NUj$_RqbYKrXduXox@~nHjT?(%Ssq8Vg3RX^? zU+>l@@jzMM6&54>=dbwvYOk0yjoH literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.VisualStudio.Threading.dll b/Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.VisualStudio.Threading.dll new file mode 100644 index 0000000000000000000000000000000000000000..62814912b2cf3f884f26391cd26a0c141fecfe60 GIT binary patch literal 441248 zcmb@v37lM2ng4zJ-s)T3)!j*|m#WS}5(3>^Y6*m}BmrXBcL;leO2R6eT&yC1R9D+B zph7@gaKljqH$ZX3T}K7nM#oXceSvm&#&vX@ahsXu|NTAZ-dd6d$M^F#q|Q0d*`D*9 z=RD^*&spv%=iT82p66xw_vDkF_YqwEZL;5||Cu3r!HSP9@IKK0&wGBP=j4Ch^Q_A* zudlqO7C)zU!E;w$bivhE$JegB@RF6a9apcs{OXlQpLXWT=f)RbvU+GJw|7$X=3_kX z6ssw`%1;&;FiwOXzty2R-&a{44Q4jO%%e%KQRPkwpQF0~cBJO5UC-uBhCdhH^BhMU^1LU(o|YJIh7b?uU?ViF2h z;cR8SX18=lD!TJ;AJLUR;pTh2-s^Ac@eUj8_4*C!d0&4+=)Hc3`f2}60(&}VxgV{g z(@Lp(z6<-s+dl4jJrjlCP0b#9tF$432fGH1E#1G@tAh*$<_o#PfL|&2!(P0B6n=atztOPgg@fgR8Y!-+9|q*c-b$f&xX04; zx-|QeW~e+=xT1czvRJS$$n-DBL{t-wWM)UgO6bQMiOp8RUh_Pjr~V%J%7^o|KHD1+ zO-A<5cuR3SlC1WF2n52yT+e*b;N^RZ!Atc7J5)<$VeodjIX{fX zRBEAQ`1g1VaT!Z_S4(c#i(r{t>AcziBy_-?pM>PmQ39(e<7x_6CT^XY!qP?;4h#xf zLUCDw;;wNm{CW*PDl+`!3cuyM;RnZppXw8SM|a{U;Lb-{_)%?PEiP%Y{UxoT@= zx3;>zP%*ppg@9dsQHa(k|AT)07--Uj+cJK1EMA(quLAyDcn~S-$0@o5q;!BEG4gZK zT4h|if8gCn|081Z3wxpyh^SE^7eGt!$tHs{gS3Bvy6#jiK zc)_vxQ7RTD1BJotu%BQeKzusc3u_j*==cmmx!I)-%WBpy8kV!UzDk&NHHDQGVf-y& zIUGc1k~|#F%#H0uPvkQ(qCPhXDhVzF-a(t%xG*9V$OqS+ZT)5l4Hky_D9DjU2!#<+ zr#vv5>#u};uF7m>C=BCoP^Y6ttF4Q?;y$kY2VIZBwtfv+a?NN&9qPaeMfyQ;YyBL; z%_<@KEA-wDE{qh$gFs#VBS3sEsf%0uhO)2SQr;A80WkevgeI!R$?5;ZGZ%gjjEpHJ zW)$Pfino%|xT6rAhc|vEKa)wEiY@H_P}1uY^=Ag`A6c1 zJ-_)UbH|#0Fn7v-o*i_C*&f^Q@s~?IoGFaG}?CAnY{4oOQVX{P}8Ku6Ym@ zCRC^~9uda>-o7c^jB=E-+-_Aq%vC@!nyFLV(RBBshSox z6d5Dla-~^UL7`|B6k)rUi|h^JTyDQ1Le7O#K-xtx-h59qVA{`@_e_Y@Buy?f8b;Ij zEB@@BVf=ztS@Dd3U!8@ORA~G{f{&-VgXbM^fK%DdoBkiG^2aIGGwKybEA$c%l^|dL zH=|Y1?1h$&W5R~~wP*E!KT}0{(x>G=R~av+o=p8E{5IFCB*u;0_$DBw+dBf4(Ijv) zG4V_JS;~Z6kRGB8LHsg6lcj^xAhgPr9`ftQ;x=#LC*|EMgha0)5j1aAM5eh@iDAFn zZ9*U6nOz#Xdeekk3@Y z{$vtu2;YfnFj?-6jt75N=0r6!Ia_AHADj@v&MFzlWazw3G*NORm|2 zebps?*ihm~OwgUC58~1hj<_)>l%*m5y|P=~$aN1Sk@N2ZR^8u~2@8&dNa=@^^Zoq9 zf1&*)KN2AR06#+FgSf5@Zk{SoPC8G0h&attA2xTa`4Mxc95@;T59Fpo9rM(Q;G#d* z)(Ug3wOJ#f8b(*cn>5)#F9o!8br?NYu-Z!)oJqt-iP*WCDa`5c(>9W4#5c8_q%xt3 z0^^luG!9u&I32S7aYD_15C~Z!H~xeI2nGd$_>&6FC4%7?L`RY_(>z)MKZ==3n#al? zG>?;LsVwpv3P<}ux%gAcFBv;Y`--A>L#1@-G|IM{QsMN)elNeo=@crXOc~?zm!TTx zRXo#j3M*VW2m29h7Y5NQL_*E^f!P2SQ|_qNn}%PP;wSu&TSTdr9BQW^ojPD>Rc9;t z-PKK3|B$z8KUe=MU-NuudZ^kYK3pq>ILdr0TYAEj~=!II+4-t22QwwKmPu zBG-=2&Pxk!>$R>;EDd&1ptI>bH{k8vZqrrPCI-2PYXe1djd-LmT7Otffbl@HONqhs z2rdLQzBm9p5gUxdM}cJhI1RyWMLj&-iTj@;*x$l|DcE9B#R% zuv>90Ixd@Nmxspdcy4Z_@p&>t7%|H_}wj&J~fLWQo5> zM5(<#8u8W~?ds0?rQ8zZPsjJhBfGV!*i@ssN{;?XMYh_Kj-PW_tbd7^>Ogc^YqCrD zAL;4sK_3*5y6T0lb(m3YX<=x#<~RPC$oR|r1o2n+tz?S1a?ycZNA*RI0cV|4{i+}R z3*N9g;WyNg)x7V=U&T}Z8b3{eTtpCm9e?K{&JS2m0V|gJ({>DawPw3d#M@8N$11n7 zmn%6I(-hW>1xfIm1Yal_Ssa`l3+Be;-Hi*hhM0M-lShq7Z0UZ_yAT zA{m05_g0W5T^+N=UZ6>5cZxb58Hg4VJ@mwj$mj4&DQH;F`4v{ZYEAqdesZ&$9hs{O z{PFsCfi%?@Wfmx+a)CkiJ=~E@J`?!SB1(42S@k{+9Ons~q1j@4sq7o0gi&5t_Lp3{ z7kf9q#kG5*KN>{eCzDI3;j5Z#%pMBPE1!PMjxuI{K>CSlI4O%=dDqdF(s?qGAy)^r zyQOQ6kap6?tkzLC%QXIztoFSdsC&;=-Cdk&eZRh|@5@1Dq_g|uAAwV4j0HuDw2mWk zvt!6PNkF>0yOm$oAQ>KK3iij{uvN-Fac8DNk`weyJn}#@>JfK zQkNZ#{#99-MEv;Q@Il%{Uaa(D ze@u7!!`kT;)0O@#r9ZYi{o(EOis?u{eO!0SjY|1Dql{u?WG;{N=6k0Pw{#_a=2l#KcDTJ3y)X)Ux<&G z2Fu1GdDVAfcQHpO*?(Ixijft&JbhAknj_PqCT0}VF3>e1{$H}!UdYNQF?q}>{8qwd z{;BT=QX_q{dt@u9n__IYBx5I`a0C-YjF`zio=0Ig;y|sh%--TXj^~&BV@9z*!H4+w zYdnA9-vS3_-8105Gx7UD?LE|5`+}+-q1I)$ZDBM{6ly;NGCDe1`yFnf5G^I{o{3`Z z>wyFR2)6|uuYEe>z~8`affv^v>IGc;jDAO3;3c(h8yKTpCwOUXRDc?$gAQ;sM#XM! z{UbQ@iu;{i z$@8YY4Il9WSOD9juesRSIXmd%$Gw!M{e=)W%JNhCWG4a3eSTb|X^Wtm-0E*@+eIj= z-$+y1xMHq;l3MRKx53M$Nq@8uy^^}*3!G2&1G2wlnJBjP>wVPNJl(t)Q*uqoHotCO ziLJydiR9OFN+4mJcqL~OuSBS9fdfji#o&YTZk5+9V*UC7AlW=mkf6C)PNw-xoYJL! z^cv8uF7%_<%FX&R@`R)T0fRA^;$6IjL z(?Zv2_*lzCmD2gxXGD{Dh&DuM0bxA@?o4+LLs-@{^DLP@Md>$03rH9*uP-T@zP!LgF~LWw%k zHMi*i)_~6SS+V(SQ1qjZ(u(d$J)P5wE8Dun(Uhlhf=;{UZe?2cR1=H5-%uw9ah_Io zRp81W^Y&iv%HQA@;|IXPkA_Jqnc;gIs1KV%KBye5?IlsaOIbW0fb4K`I~N~p3x|@2 zQi@zX3%v2x`ZD8fqg+G)YbBT}523Iu9`DNU(C|=Uv&CZcDUiaZnKeM){-~?c zM5kTim6EmRkwGQv$L|IClC5M@UWlomNu0I%UBq?rLPO&?9))bh)l1yW_87hGONi%U zq?oi=n6q}R1b73n=sGtpDr!x?ueE77I6IuIoVzyz6zg?_5ooHZ$Ms zr($is32KMP&(cFxsHKH9Cj>FGV=htgrH``3z|xiBJqIgB3z_i$IP z4jbZT>G-p&!uTyD(KhG`YP@_bT8T5+$?56ZdYM-_-qH2Vetb8XSl(WbM{n{UO`Us+)C%S2a|d_~(A zKq}jxV`;aRI$M-?Oe2v~xxPcRx>dy`THrj3xau?ghGrV;q3WrALvxJ_9O1XQw0fXZ z{^LE>9sBqV%{VTw#BXTMaRE%R65^xrzrt{nZX9I1`@yh6pJWPW^cK!ofD^1|_Fx?^ zG1D z&<7+Kabasmnj~{v?{V8mwT(@xV&JCqo}hYjm&8nYtG&M0Ih&7zM^$5j9sltlne>u@ zdRLp~yEH1OY%UCzSNg7L(WgPp;Zn);6}JqwQFx-Sqc1vof}QJ@xY#n+Gc>!dBb~Nq z+I_~-xRulp!w%IU8(Q|EN$=(FP35HTZKqwU)jyT3yLAb~6vl(){W8`y!P=od6g4^k zYu3;oJa0fFhZbv4Enu@^i1?H z$z@!@xR12mwL;gPg16r>X??zjr1kbwdpdMWRUNphH||#T?tC%W+qaF{1FOAnsJq&> z+}qPDpX}*K$Ac)=l5#IPGoE1Bu{HO^ zn<*m|4jb6aVvx2tN_%Z>USq4NEjhBq+&U%-&ku%shr{7)^f4&r`gEi(?}l?Pq`8cL z_wa8W0-~$vVs91U(Uv4C@C&5LXDd-6Gm9PaZy>s~C0~oV;=sDUQ`+8qxPASr@fqkA zfx>)tdnHu3+|2hPmoG`1d}C*0F6eCLS(s@zQ?bi-EZG+3CFMJ^Iub@m1eQ!i4jDv` z;vMPF_jCTvD3|(zjqCLUTn$bO#hjj9blg`pXfks1VX1$jSh@5(nd$HleVUD zHmGd~j${jrfb4LeZF#43U)-iUc5BhYNi{5)BmEt`IFjq&(vg8YI|-T~$LD(T{oAWS z0UdGc$Y35q2+T2#ts_HuRIO}&(8>Ri1%~3t!c4W|=NAOFeu^K27-nilEy;~6%r9X1 zJ;XKy)erSog8ah4O!XQ0!Rn!uHRq2k$`7bWQlOL;M)LVZ`TX|E^86xfu|d8+pU*Fp zl|CFO=kj@3NgpDRtuid~{e|d@1lUx!mJ$y!h6!93}w8Y36-j|HR` z^G|8?r*$C)9B(cCkD9p+IyBE<(XPGdv&{{fXPTR7o@;Jz^Bi**WSVE0XRLX;xl=A* zv=^+-X0<|Yvs!gPVEYR?bYr(3aJpJHm+&ZNcZpMNmWS1)gfv!MXo!$l#6swO8s9UN ziiX=Y&-|6Sr6kTiC9N-0*|)_swGXDylou^+b|4);wrKTxwFMHQ6t^edWKJLRw(oG` zzlJFMs+y3;^DpxB;rR+45C><`mR2#qms6#u?^)Y(VQz_Fp#xj$}p;(*`jS$8>~z<9U69F|1XwDg9=-K zW^yk?Un51uFS4t%l=Ia(w*w95YkO<1-f$d=Ixs10JlFsdtfs3MHZq-%qBVyX_NTzs z^j_GA9W04Xco7pydHQ6!p~L!r6jG;NrD+p0iit2Gl&4SWPII)PSmdj4SQ5?li}?OH+)M7X1>t-(X*iH5l2))?cfYLuGb_EF}7Czb{@+0W!l^ zM*FZt>d12?$8lHdg)+iOsY$kmi2jM<)}iVryBMB6Pv>4ua2G(OEBKeguRopBxfIuU zr%lf4QJpNpago*ns<7s;BqR)TVJgULceOYqbR1H09HE@W7DwpNy6U{MRcEV1s~2_j zXZ4&;1WxGWj5X&cAw!@eriz8=n{b}Pi8-gXa4?k!DNY?#FjEBEjcLXI-6%3)_jAzJ%^ds;v4e&nc*K1&rjlYQ}^X*)zalM6*CJ>_S=j< zyO@jzl98@jAk+47Eki-JdbiVo&^4)Ld-VI#x#kv>GN^@AY6#EhVv9gsOg=4@xqs5AO=X1pt1?W(E_J2#f`E-~!E zOPX6Q0k;j-PwoAK-E3Hy%Klw+(4~=bby*NEVSKT{U`OX`ze;Wq2ZHf*7xfz*u>+9q@6(6S?byza={rY+}Y6Cx|Gmz7F>$=GwDQP4O7y8q;rW4IAc;>>FkRZ7bpqNlcJ9F_g(7>GvKS9MF7*6l( z&UcgYxuK|-kP|K%gC8EVF&NJf9mWlQ;}ccjN&HmV{1=&7V4O^l?cDhJB$zD}2Uv7O ze*neKg`(82_=Vl&Xjz!fOMB2lHUT{5+}6Cb(GRYQPNDFO>j>=u{GM_<_W)+eceuv= z`fuUWHh}t~b3s^asxut2@u`$nSaWGdsD2tCvZ*aGy_{n)acqBlIzDUhuE*BnGl-cC zlN4tXNb;VA*Fi^(66FW{hL|rtn~2UuXjs`VjL!kc7ULkN7|z9Oq`|)hfAyEl2${LU z>8%+7e($lhbKbk-t&Tjt_aSfbSJHXG_im>38=-@L?ek$3reyV27*Fx51C^E{}F0`?N!RP zzvUX!O-E#APZ+(6DZriobaI$J^^PPxa{fYaZr+awk(__P+@SexbH|$ZnLFj8b>~g; zUZLn>HT6T$B{_@)%WU#E~TGdEG^8q*|Z*1 zE*a%CjGELTgj}Wyr?{T0%xoJ7@yZwtjPbbO0E(c%-LuVLHog{wvhfan!BowmLiSqh zUL;;gq220Jv6X=g3vQ<4&xzKSGk%rk{6(#Dh`f(T(7%r2t89e{1F58Pxmu~ls;Tal zrnPqVhWThPd!gS@uS5rnSzSYmTbgRGzaUfpI20f0oz3eWh+xI77B$BXmU6Keyk70Y zy#e?1+0l-}-P+|=>mM&B_SYU*)@L{9kc-nPc5Tn#GkWqX;5py>JMW(^>&Y2^d9U$i zYtAp8-XS$=y=}Pk*wTi5?XbJs-R#W)#!AViVW9 z2)c7X&!ZmXugwwaoz9s&CBaa?5uqP5jpM3?K@fj}V&ewoOwR6|bVtbf+N4Ju!*tI9 zgQ2lVXe`2%mCRWK-pS`W`pj_y+$PR`^dal$tY7~O^^}qmz}0?IxQM_-Fzlzmq5f&5 z(!KH*!~ZPpSU>(uLlhH8c`_-M{gR|KR|uy+asllv@0;zrSCUpcyN;m!E+JvnR>_3L zEjew(^<{6r{D6N6&3xTU3z&561i?D7uJK-14Xqljn&n9~BYhZptz33JT>4hok2{OE z6*ZD^PH)oaO5l%Vx)2`eAMST0jiAd|kzu}nq_>>m*LDsa!f9mxaIdApKwJAykw+WA zoXYF%AYyo%NHM}jPuA+1OtH=l=Uf$wv|%z)+%l5Q=ia8oE$qLJBFZ}jNq4-8^Kck^ zuF*pW<@i6~*dYE-exu*%Ir;s ze0`dFb7AdLDy+RowY~sA?VIw=;LFsJjJf)Y__4Eyy_Kb54722FKS`7HS`v%(YyQH{ za_TQ3<>^6f!8}k`jKA43x)MnG3(H(fwz-abiX>b_~-sL3gqweLN4IMz`3l zY?g}MWus=^L_2+rP1%cN`#zDp({*~tNWf9Ln@Lg4hqWt&k|@gwVt#{G#5HL|U=f*C z#8euQu?Stj??UQjif7FSQq$K`W5n(kEW;uVlr$fo0zUdfPg2rLiQt5L>Yd&}p7Glx zTsd+1U|N}Py{gle|B!+L2dcjeyi1Sz?WV*p2NK_+=FA7w`Ip_W{-R1vu)c0rtQ{S{ z2+pFTU;BEBZ0)=FI{36r%{HI@UugQPv`vnty)9zreACG zNl?2^^%(WJqro0(*g{A{&LK3Za>PHUf`k6Li?~Hah?ltL@szzjPqEtc3zM=lp61b$ zt&i_%qlDeEd~TS1X#5RLmOsee!>aN=^IG2 zI2~U9lcMH?riRyWKEXB_UK8UrF2Zy&`C(~_+8OwQ+SLl*PPOgk-D87tAe))~bhn)Q zisalYNINm3n25EvJ55I{hY7gq2?sxVKA&|JoLt|1egwmp|GaW!zeIl zk`$;0$O4y^Yg3tMmDpJF5b7o4xKoz0y17Pg*l5M12_;A=Ig*4ssTh{t(Jl0@6%E9F z44T%oWs=XyZ>$UUSKCR#c8VE^23NGC{{Dy)oG#bjsnc{}>mFgEkm>XRM(dz^`0IMjjUCSk4RYz}7jNuu`j$nUD zi4|Ak*xG)oRN2K+QpX}Rd;@GTc!4YNNpWvfaW^Lg^rda_8$x`iS{YA(R_UH}E%-60 z7Evz@5JU&SEF20tP)=`juvq6rY`?t``%WP%jA)%eSU{U1t}LMD0Wh5c%md&BDZo4c zW>P@viS`nz#JpHBVd?&$_C+CsF#%*6F9fP*iOO7GBVqGJgsD(q)f{234NJ_elFy7M zZ?oh_v8lpbW-YLk+HWYUyCgIaR{hz6d$|F-Sx@IB3Od2b>s8*+e$G~wUQv}Uat3u^ zWJ5;%L|9@Hke>5f`B}ni{M-ea2u*bIeI(=j_)P$Y`l`eIJGVplz{#kDmYXRz{zQJMYU|CEZ5vP|hWW{g6S^sk|n!Xz! ztr}ogXzT)N=_{AQ_^kkS;HwQBb9v$&biN(Gt=~f$?PA=ETU}WzQAuYSnU8Awt7gf# z0e5QTK!x8%c>FvqH{On~Hj}1Vnuyo18jO~QQzZ06K(D>yfta-@CdfGozh`2cBM*yf zH9`8+}b68@b=4WmId!(JmNneU)* zcB9RWAEFYAILL3jGKrAej#$QN*75drU!6Bc)FwB`IJ+v-vA5DY@rtxf!`_A0rfq7x zoU%;fn+K__j-nZ~Bk+EVdv3cO#t4@(=a8g&?*F-QF8z@27wi8nhEVpW#@H2K@}n!E zQH9!G^EcLJ>8Y*YYE$s(YE!%hqqB=0rPDs%A?G_f`QE+WibqrUo!%i|a&UH} zUn}fjygE$Et1W~aOcUViRJ3MO^IYmjYz2fI!8SMk02y@Gr@$qvWN0aq#tyS{L!(0{ z{6|YRIhf6wwTk_9aFN@XI6wnhc9VpA*l`yZ#UE51`!7ydXQ6W)bk3*dV(F`Ytt=iU zIT1;LhGHdtm=d2plen{;$#~T=@iQ*vEAE9g=HY{UuNhq>pn@GgHkNaCK zY(=FK$LXYdLK$oWb|z9{Di`V~_M&in+xY5SxMbTBdy|MZlTLHR)1+V9m7e=uE#YP3 zJFs>ifHJEuWrhd^c_rQHK0Nv3?2W|E7YxtHiH8h4!=q7<|()Tu$x?`Mjuf)Y*;) zwZ34#UH|fRUK+FaxPHZq!Bp~VIaB(zM~eLDOflf7ADxBU{mPANBy&j*Mc9it1;>MN zD7)4hF?QYsf2B6i1%8C}iIt`mRYGsWN@442(RK`ckU@G!A>A&zCan=3pSp#Hmo5!z zA5y2XKxG~>4hW);iM{5HVb;i@O}5tVH&BPkriLb%>iKRSnP<*;%097t4BhB2=`{6p zazd%yc(i**iCo>^TYhRP7gl)(Z*hHcqhod7P}7xty^`=>)Dk}`D&6jDi!5BeZTVWR z!??hTmD^UVT+2y0Kl*`DQs<6t@jdUE^YWQHxZ5$J%r?riG+bVl7_bS2W4#d@Pue>e zjS$rJ6r!2XblT9WGOz8cqC?~n# zVA=Q|=%vZxNMHH*M1XVu#sq>yq@`BK!CYz`J+CgA9$&}>{^%3RULNcW<@-1=y#7&o z+t2q!KUH&b`CR--QWiEo05}QMKLuovz{9vB1Lf!E2jWNM)v?`5e$ZdNPkylR3h~PF z{9t?m1y#oKgTq77ujI|;hkW%;uCj?_x09^WOQy9${6uW$hE2ipgA-N+n=>kjlp4d8 zp}xcyf0`1gSZ1RQjVGUca&}360KyMA+fjEn^i}rji$5b27jOh%LG)R?@pBOm_&IwQ$wTap8n6_=|uY5A2J(z<)@1F>!yvU4W}Um2(t7s^d!BPWUh|jvslv zRptFp?T?m;M$C^$11=QA;?%LB4qED>CMfzkzaBnsC`M&2jw#r5dQ};ZfYhs zTuj3Z+=ig8$h?5wnB5#q{}NGaTcy9iGZ#L|@JO~w72~!_SL%({_HOCqQwyC$#+1G7 zx27^?5ATLMU9+X1VPf~5CHY|bvIaK{ARJA#WxipTSHYP5k90_Pw35x%_LSVIPCIpU z$}dJ&C}SeVh9-x@xiJ`YX+A`r{gK9v^s;$FkLD@`JpUy2qLrHFIh+A&lh?Fac6CjA z_>!pY^jJWq8yF~hp{3Pe0;gXP=-$Z1o~D5@4?8Av<8j{Y-$-e6i1+?qq%`XF7~LNB zkxm-5)%Tov{rI23t1z%)5o6tS6w`FGeJfUOALJxcU&Lkt^wUCR!`_rP{T&hY%W8Mt z{O%HdHh!^&ohzbE=b;WNk7NoQ;mtrS6VtpyFeO0}{hKP_t`19ViRqTWL4I(di$lI9 zxb>>R5v{?P<;fbW%a4(pp*K2`EuZIShqOXbpR^P&Yk%d4=M+47ru@QRUx9_&3Nu{UJ6yG-d5Sd7t55r)>EV;mi4V5`CP-)t}Pu$v-9>@B92q z%hC9I5cv7xtwdYZjNZcx&H<}%J#vx-x7f+ov`9~zlKU?-REM#?ikmBQJvjOrK8D(l zNJHrBgxGPgd&6-{5W7{8-U`v`DgHfU&#jCE(h|mjOybXtT}eKyWLiSBmhH>i>T+Ta zTkkDB%Qas*8%Gbc$B$e*T9n2lhAks$mnkQ!*=Sd1m6Jh@Ssv{rwABRjg6s^UtNz$( zX_di?dTfmmOddmaqeBbeT^9jqWsA10Sj3U-M_V24rek(O)(&E?ZH*0Vr5ZaKHy1l~ zy1l=+UHxJTZ*^%h09ml>0PU z+#lLl;yOj;KtK91c*NhNz`^oxU;HgRGR@uul$*YzeQpoxXLf9%&*=fZo1Lw}*)^~A zmcPo$KH>j1c=SSRyGgRP7)qzP-E0ry*2)6fwLnK+hMu^X5*%p@8<*p+`$!Pvx`T1} zL{#@(r(Ek?%!1z*Mb6JdTa1qvP-OLV0?|)Y_;EqCKcCPC@n!^Kqdr?%olj^qkxz(J zSqezv0ekzX>0H99IP}Dq>6ZkO*<9_<)W1Wb)63b+=2-F!6?U^Dn&fL{bMrSg;R=z; z32w!mXGRWaO8vW}kH5#yWWJZnWgW}$HOpBJXqBGNG*m$JYy3$9)uJ1fy_-$ba%jzN zz=SV)82OSl2u}}QO}=uE$obUMd%xZPl6+aoKW19*7XIb%>rZg$IxhnD8vdnnN^*z( zb!(qw$ncuP>a!9i|LYx|N~<812v3b7gTk#ntKPB`()o3Tci@>0oz?ZnACT z!^yh{-b>GV{}dAH4B*eq4VwRI?pTx44Zx>dw4QI*89Ifc3#7N*oZ2ZrtWk$?)a;aR z64zy#uUBQv8w$#OgIpO|%!4`cR!FaiB;nK>mEcD~?ei+ki8Y-L4V^X8lCNG=aM386 zVe|xTLZ_2>m@J*snNfEtB&H=RQX9f{8*8dm20`RYHP@CYsgz-d2wQG0y3=J=UeSta zszs~+Fq-(y|1>vf{@&cN=I_j%a?yHEUbIrk(aP+N*geeN*oCXLtiyK7_%|$f9sfZz z3sz6dr;Z0I-tfkh2bO!K;~fvk-uZg!$F70AwHi8Duuj?Rr?+eFQZrkUk3-N)&=@8A zOr+X1r@kzUQKnoS^wol@`owIZ^S!0EeK#AkX3p)r770GGo06F4Ek70#zIUj%&xLOK z)+@EgC*LQKEoH|`U0dLu*Qtl}AFp8E1?TXrpkbtWR^gbrwIk9OxA1C45_yFpdD8C9 zuAg;hAjjBcGk`bkI>_QjyYzy+WcL;g7knC}D>H&P~iHCc-4$dh@I|x|;%Rms)47xYqjCj&L~L(_Pef zyC}u9i!x(~y>nLkAp=awb_)lSmS4n^uwrlrJdyZ_~azFj|`?TYGnW9)WHevbO1_8pQ$ECqRE46}l^ z-+qQOP~L)e_OJM~i-umFivWjaRv0Qr{m!V6;o{wJZ;T$y)72pfS+g)Z*lCaWm-zb~ z%RXl7n0_~HQ!cBKT=gw(i;`XRWL+OrP-hr2=G+FFjGM$dG(0c&9FEhM@Vv2WA zTPQ!nf7do#zDpZ)Y&wjY&2mHK_5Ja0@NjI8f%Wh5>1ng14NrAmrL$3=ny*o}&(kQ^ zrX###Zcf`Y;azuE+NNIbo3sgio4&9%VNylXPjkwxlZzLN^?nPQ6Elj@%DG(sox+mf zx%%(W^3jI*3Qe>Re-9kB~2pJ^W! zYMrv#N+Nf72ZCuJ{(%yx?vFUtm(hGK@V%hBPuYz0Ih`@}xwOs9-N*yP1Z|GhcaH!5 zL=h?ft(zppF5Nej^o}hb`{PU1nSUnFNLb#+of~W?IrOPsjz6OO%y(X>_DZ#|*ERZf zk~84Z6hn7lN-tfo##{_wq(79!EyCHUt90;Js8wO{?m6KRNrBGN#7^*<6~h{doyr=wXeMxI2iW1_X4v{ z7I2J=3s6}{zvQvN|CLsNd7>QuFSJGsBywQ6w={Y4Oj_XDW852nnokY^r>nrBK1T+O zDcp_dJRe=)BCtU5lSGeX*8PMc*>;Bw8RlH98M2cFHm#uNGozq|m+k4m+K*`yGYa#7 zJu{o`?*r1lzP%|i64w5#K6GaUZ1mK6$6Ej_7vim5PT`G^AQ?BhxO@rKRtovP*0_?; zP7cKp&G-m+-buf$SZPkgsdUUs9qA?ilk~_fEF3;5Xk&o0VUdik+QZ4by5ahN#Qe7oSq zE1K`Hcn&+DmfGVH3m|fIKX|ZOxerICn_Tl=B|~!Z5c47>c&{NU{fxn!?3KKWG}V)z zUKjBjmP)(npQnhXLQlO!aH-S1^X1<1!%|s4=B+u_4Ii}e`zXZJbn|S82Eo{G2xZ>E z!(<}eS&P~Ov^sewV9W;6;_pxMnFoM~tZ^b8dJo*Ip}%f%h~n`OrP|ZSeJnw=BIP*q zg)T0TZH=c<&KJEFkgl}a-la*OA+Gl^fGJq?`Vr+~dqJOdD*gJ$0E7{`s6A%TNj`L2 zsdAlaZ9~1hi=oe8@j|LCtl3@{U+^r811?e^TVBJ~ON_l&e=|IWIE4_{PxxUhU zz2|>4)sw5<>pz?J=ic4}$z4O8y&FkrpVEj6P4V-=l^xbogW8^AVoYP$kTiGeYi)%( z%Uh|=(Sx`ZW;78u+2X!lQKRhp7UO@!n_TWxU+C=0HS`7V@~KQ)z;$-O?jq0$K;G_y zIJF~`slm|cy!H{8lyO^b`?_uzDh&36(n%U*)-ORkM*i6)2#@4*DaL+W4bUHOu9-gjq{p7;N$9R=`sx?O^F&RFFYlQ}~#hn9|N*Zo3hSbO@q z#j~9!QaTtG``z{f>G=~eDv=6|E zwTl)f3}lv6Nv7f!&PU0kjohb7vo%eldEyY-#NrfrB3a?=p0~EkZAifLsjMr$WuiU{ z2Wm>-n!ys9giw-Q?a>zymG-?r2iVk;TS?jd00-!jrvHh0pF z{Q@D-{V5}>inYuhO3sAJ3VM&(#VoW_zL#Em1VX|oE~6zD)ZpT1cbvEKIrd}`6(8;$ zl=P$Si#%cctJ)rhI+M1ry_8XekSgftsu=A%B!+F7A=a1!yma9=K_$g)V?PPuW zPKhnBrMP9qqAm56MCU?Yg2A0!*i-wX$QWw6TLol*Q?5puFVM`vzQTU{hAR$@_flHK zt(9dN!xbA6Xx5cf9trzaEQuf z_!hlPY`W{bAXu~=CP&nCO6~5g9$gO)2QUj~Z5GSwu54J(!Nc5Ni@<<|Kw&tH_LUcv zu21IJ&~!|oC7{(GBEG`8!mX`Yf=+a2p2of6eyO}4@>U<}_+Kr^z0m2MJ{sp6!>T8uyf^@e=$q79TkVIp118rf|pa+-4AI3gQqB11Q@y$Sg ztdufN0F%Ll0~~>=5SxV?6|Ic}m9r=1+$fp^+Dpd{SU7;B;fh63mDIM+pkbOtsgcTI zw~?d$T{gqH~rp1pH`%(w^2>N*zu%R=na-DPJ!4_B+M#-vLQW zCWRIE?>idLS9S$FryIzp1qA)u=(LxzT-sHT;U7eNY4C5R;J(Vk`vD!eMoR_T760V| zel-bBxL*{9=!iPtwSoK0IxZ9-Y6%J&mA6?GDIzQy%+94oK=dugJm|7{a_uDq1f zP2UnK1AUw*O3@f_Xylxc;qlq=JP*^5auo$U&aQu!^@N=s=#LKppTgl6vqa7&Hu0mp z{c5S~|FXw}EoL6^y$^dQ`90>BtT~mIHI1IH6AhD&-Nt}q?{h6D2|=o`reyTv@?040 zNmm5f)6*_A%z*V@Gewfj`GZLwx*|J3qJHY#UnwUs{e_ec&& z%u&0r%i^wMt)W|dtnjc6!UtL(Vk)#hpX~$vjk|Z5njet(vFCt-nw^EWJtp1xcSX1- z%zrKcQ*h4q<$)R=J>|rUKndRgE}Fnq2Jmm%OEJ4BzGD*n$}#U6r;_(EujJxzHKYARZe$q z*br0~wZiH~eIxZWs&HpiM+>fO!jNG!i?_d0LsV}Wahnf}c5%MB9WG6wE?xE*2PA#aAnWa+#%<$Ddq zc!px_-rftL7kX5_zB!>6F9L{O`^d>O`Dz$sQ@~Zo_8MmoI4(f*Pfwd4VFTpQW=E^n z%+u1b}#a%)sb2rkS8OezD zK&b4S1Ue_zAjb3)&gvzZj#UNcIs}$ZYBuu~UVoJ8n;GwGlnuR78^GnzwzC>+FgEx; z1vT_6-}FW>9vmGipA~Wt{TT#?^j3mx47ej}D<~nn>O6Z_iZ=-?L$ry6mC)>PER--M zh1C(e@MWdvGicSHr3UWwvcV9>M=1H5vxPN$4N%qh$43Hjk6it*6ICD6(ixP2Q8bL$87pgC^?FQu9;V+k58F#g zo}hj#t+UirM{2Zj=zBitUqX7$DP*F{;sE-uXFC$*np-yD~%$n*NW{$X!SNqzkL?C5K{corq>` zuJWooK{mh%y0eEJXZ{TMQ6)_99>YCCG-%&3IF0(__q5XV=$&EjrAng<>uJeKfSo;h z&?S_9gRW(NT+O))XmU?t+0&p>BI$KBoX<3-7a@e9rr&5YXq4&YUvF17EPPt?e zyAV1TqENJjpVF(MtvK;{{EV+1bAe|PnEnuhFM5`e6iO#98(;ZbbffyS3C}2|bgVyh zK7oi~SFUeUGWu*g?#|b!&$i69k71~Z0F4$TO;I4$0BzQZl&~gJZ_NS&gj$Ibv6j*bYFBRI{$8lD}g$<-T1%xzH-F6vuB&OZppv)PJwT~ytu^@3}g%ObEqrJvpvPFE)hlq$vdQ&w^MC&wX6;p`8=S;8Cl|)K=al6%;k~NZuo1Ml)#_s#GOGtWb0L#iU$*b|%d=afD+u># z1g?XLxvD|1v}F1t;()&dwf~m1eV$s}evPfNMGFM(!zO#s?n~5ezaa$lX;!(Z z66813h9FbttFXEFT7Ij+kk#=|Fgayi=%3)ga6 zMntIcBIMi{(v4FlTq-ZvhcJi0LK+-w-E|DSWZxbh@Tb?AwC1CUhv1nDpQQ=?1~N>{ zC??=~&9yYm)VXZ@MMP74Be8abzkz2GUBq;+^S%D(xUqq)>;U@7&i2WM{R-O1@WLj~ z>$Q|A`E;ncW6kyEPC0P2gPM>>3PsEuxspC}?6bea(^%9s8a4TK>p1hJ5g8XjU6P3` zzU(hus})~;c2 zm*K_0>M!A^d6Q!6H_Q7{ezav7zf2w^-|;jgdbt8%rMn~mJSJ1-pkSCI8^b;(%v*@( zmUj@}NyVk?NN+)#?O0*8pzn)rCE9(Hd?cHksOU{@Ww9nV`mgjBuXpQk)gj(`C3Vzy zk~7D;>NZ@~3Af|;;nXW|nBu4I5OnI53i%F)m0?4XtQTH|W6Pyj>xH3gztg??hkgIHjX9@xfnn@;EzaaFm}e;Ib-?XKHzU(Z8k<~lVIkG#t?RtSuW)U9 zNB#BW;BACA$Z6=eX8ns{xjZ=+zES1f#ZT!`Otb1@&RsXuv#0Zc3UwmqmANi!9w6$t z(*t)fTJrm|(Ct;~o5q`n*&!K>W^xX4(Qo`6kTu-BFprbK>zG?SB3Giydi(1goAL8F zr=0+{3=DhO2s3fHE0Z5KRd|_os)|GzaDv-GdB9yzzHL$4M~o{|LOMq{tZe@1nl0#3 z%gkYG%e$p1$H}yeoi}*3waKdML7a3p?owX%*%D^kvp_N}Zc0nrYNhdziL&oE5@wUu zSPsJ@0Z2>KT+-*JFs*`;TnD@*sWd5DkLw8sjzJryFLEfkD(Y`hOm_mw^pl}A^D=#7 z?Fj9|(Uhx@%~`pQhH;X9VT!2DV?08^-BeZDrk|{iX3){gmzmh4z!#9DJ}e^F?ApzL z6eOtsik@zM5kL2=W0Wl#tx)`HO=OZgM}eRIGRLswFcYqiJIp_6l=>uAJx02s?bU0E zdtKr->7onCQ~RKu1UoiT@B1==n>@ zH$*=D>8(9XPPU&TUXYy7Uw^+BTtn~*Mu^&`5u(<@k8*ULVm7FqF6N^ln$?twXB%ya z6M2$Q4i=bbFhha^r}-}L&i7W@6tT@wZsmik%ke!eFk+I4E_9E;T$j%O_Y&WHjJkcB z=$ik6mzUN|`v_{!6@pV%QP5B-mo#W7nM*5qoAHjM&8&y>(c35w9#Ps(6TJa~Ojv&b zy%4{hL@rJA4!oTQ03f21wNN(sc81FT66L>+^6M`lzl7|wn7=T_JX=mffi4w6=vjN# zE_1PALn&>Reu6cqSAQq<-iU4Md=*fC7op}hyoNs=F8sST%mhG|-bD2_b&qDBqABe| z9brQy#`jS+p9RFr{T6dw<+jJIuLTv3_re2h-5Gmp?{WJQ%+LL?qJ@DfffgyL6m?y&AI@AI#jO@~wAf6#jwfBjgt=RZ}kSwf0 zsZ!eb0YU?_<4G62o6zL!aqWg>8(Y|)vE(|N7ZgVWyxR$X4Z6{0={|0b_E|2;+2-^b64;w=&S_qXt4E1og; z9Ic_k+7o27i1;B@n?S3}=Yu|XUg#t9LjQeU=+YJQmAiIc=+=3m56lbw-+7@cR?b)3 zaq~iNniu+od7=M3FLbXx=c{e~ywHp0h2AtT^pSa?|1~f4^i}iW@Va@SAD9d%-=5`5g z_E!w-o+9dH&br5?0QJEj`mk`B^j8c;A4z-*oR0z){?!5&B?YYZSL89>d{jj+c0VR} zbsb$kocWFhrQ36tzW)Z3kwbeSBd1M9Mp*I713@Z!7e(#nN|ucT#RGB_+>w=&P+_0@)A% zoggpE=ogU!9VTL`Dwk%HY%;DteYO+HUh)e;^csmjpI4m$rlJ_wgqn(j+Uvp#DjGIlf#m z{V6}I4$gRJjG2bttO#O9qwPTDb zA3J$1X^moc;+YE{mJY&!P6(hFYkm64yOwnEW1#BWuj$Ospj`T?Wgqw?nS}4B%nh0k zn>*J0gt=2LI>I_DJQZr;>FD_84m$pe(TivF%nh1fGk2`{b#td&bo4S;mO_q>SP6;| zw#mfC8k$Y-EtK2Q{-AbRi`^V8czTP~{M^`f#&HSvukXC!4{ze?FrAtXY35Cg`=BG`U!)!oJ{|k)6T2$Lc>*hrdg4umI(SoMzOAFopHiRr{AcEJ z$JN|S^WV%JYyRBaDVHolRaTh_waN@7_q?}LX8jkyweI*OZql)07(f0MfXv#X!iHih z>;36pd4;(+Q~xa~n!n>mo5}y7oWJL%Gwpv8 z=HWr5aUI}fH0uNJ9m4b5bb;`^AKG*oS>PkGD2CU3@1T=ypkREnk2p-<)t%+D%JLVhMKO92guzN4N?F-{Q0Bi$ zF8@`hwV}1T+J8BxHnzYXBh5=%?4B0EG%=EkwDJ*{yjp z!W!`ZLmio!h2u@XJ=y5iyof<;q>s5T{#*Am*x;ZERz?=X(&)%$PcTMhCpF`5x>nmKbX@Sa^qnI zutSW<)f}Yb5Dys67`0SHF&gF9B@g4VG@W>{D_x-@ofYdUUCYbwQGs05svq$&=^R## zR?SJ05fE&_#?MRe7lf1MTiEfeY{Q@To($3pQiRrvZE|$N2ad&=!(z*j?%VeN?4~llKwI!0~%6mY^GCnbL z1y>tmYH%gPqo&%)trDny*O_p>*g~_=l23zPDLL;gqbZ_d9VD2?ZTwQ)yurm|&#_=T zdE-~z(H7*;-me8dKgpF|SPbrI8oXVa1xfxJCCB}DxjX_WWT;GFKh2%Fr)kkVZrd51 zanKHweyc*-by$$Hf7cDR;QfAvgM1IGw%!O0HT3xyPNPIhooC=A*YTP;Q9A9w_kXAa zG^(a~DDw9yz&xv^?}an}DIn+^D}vH@l8a-wk|)8nj8eKMd38PhRFXz^#79ZTC!B$>a%OgFKYY=Jq#f+5UY>2NCK#h*hJ|=F-E7Z8?}tZEP;0PN5AzEXxu%No z`z>k#2CrH|*7DXJ=pFz4T6Rv23RYI|PF0AjR`#!scIuRi^phIO=$F z&-bSU9*tNIm32<3q*ujtf)#}|ocSM@))Cft)<`VcalXa-d!ya|lBjVoKYnA5-}n$J zWM`xCq=6J$sH1O(^>swV>-j0K^&5gu9iqsh_IhpW>E&KBHM-2|v@g+lp=Fvq1!>qW zv$#u{v#T*`{vQg>#v8z3))Sw&^K9IczS3K9BtbylmA81SML)IiV}##lZA6xcKYSec z<8U^Z0zGR&CJsbXo-xE>c&ZzX5tN<{@n%NuR1d$ySZP@&mS?Z@8-gO|rsU3zeVHa2 zD<~7YvKuKzeDw?!7uGl7+(_^U+(FnPRR3G~RxanRk0fSxv>V(P9R;+5FQ#|4_(JFe z(b0-;4;qabn9_TQ_9D!VA-2iaR%~7T4RgnuUo&^gfg@I@S|2DB9cPtk-noi0-Y=Ss zHjf9G99q7cwAu(iL7)cnNv^WOx$ZYcdC@A<@{GnTgb+pz)?}y`ydlr|u*aZMw!F|C z6yy+hSU*uHo}`L}`zGrBfc2H?NFFk^ny_E-j8;R~xPqsYX(BqAU*q^w@JOonqja_? zlG5XYjvl9@12#`3q1I2QnLF0pZ0?i;N34cL4~5*hrj)oRay3{DYM=w;q;9HT#9!C> zo@`0XGams+f)C>ixUXaViS}F%NB)L?qZ|;;Hf|xZd!swsKpD?Xqh06L_C7IAX$~?` z<^99{xv{TOO}@XJlj$N?KOMwIcycc~15c%d=S)Gk!@G2Kf4*#84YJ{wR{Jx5VtzVZ{Zkl$}8 zVuXV`a_7c2Q-uvwt9~##ALu$r>-F!LB=yL`{KCp*`GxU%xHFk2^27N^^Tf!a;YDtu z*yxY9YF^abMqEN z{Ojl6BK~o)a>b(Ux$ zRt8~nf>tHphpa9{%T~Bhh#w&tZ*#dY^86yGccTj#Q6@zU$phcc&oJyyuI{FoN>m3h3*#i7!NQcyzXLM1LpxekXqYziZp{+0hm!{ZAeROR=x zt0(*Iacw(Vg{;fXF4N7$BPiFY=u+5KORBK%*;y5;4bMJtV2A}O=hwNUgzN5_>m}2L zS9!x1YtZ1|GkG7#=fuJZJDI=uQy(3M%RH+&=R#0w{>bJS|9O{EXYpXLqFv?q4#NFSw3;35Zm}-=urSm7^3)_D^5u50p ziO$=tIu@6qE-4vL=}f6>6KmVB#3>DdJ3s2K!njbcSlJQwf)D;deBkmkU(bzQ1~2LK zh?2%dQr0s{jwBMqo%3Z{v%gfJ?UzLteFvN-wWUllROgDE-sXOC_;ko>xm_aRv(Tnl zHE`pZ2nu^6cbtdx#o7A{?l%-&?e`lhY@e>~4T8|6ININxDn9*|EJySDPzFeWevFXNI+=*&-(r+A?#0V>;SSMEt zF7p6TQHl_{a@Ba*3l7HR`w-^F(l3_6I|ZdMv^ORgApng_ZGVHcHzsf{W<};R9q1Rd z?GtL-)EY|E1B++?D@a&9-r-r@)ZL!y{&qNpyL)rtrO>the6mEC8$z^lVH-aOXy^My z3E7Ai`B>|!_{tFu!yZZLz`Vt9>Q4)ur^+IQ8oo1jE5uzH-t@=So<= zjEWKMqP7+5E>uj;Et%x}i6k*zds8lgA-y%;%G2GM4l&+$zv~58AS=!Pgg3APzs~t! zd-WJ{^t~uvU58$+K7)~rDTDa);yK05F3Y*&wQNpY4ko@kIqTw3W|YRAo0S=E+1}nV z&F9){t5FBNL?4JTMs>-71Im@{=;Kybgz-dE%0a|dR%NG8g;Uoq(OYggx77#>D=xl* zYA4H++3BAlo6VH|Q#^Cw5Yu~dzE?4!9qcW_F5)zGitJ2*-GO{qcwEa;o4MVZ$hPIT zXkukuX!G{?T0TZ^^Bm@a&JWW#Xd(V5z>}Q^sKPd9G0(cQR8_Bdw4=T3c+62A(=;?b z1YD|TW9O3jEgazZoZ*m72U>qN7A;t+XHAd{WUEhvRfMC4N43u=lPibyHA>`9sW|Sp zzstmk70z7M>wTK~9#wsg6H}eQsLyTD`$*0Wqif)@`juj-Of?r>g$I$&muE4j*|W(# zeCRQHF5m$S%;Mi_o+A}Tn!guMs7GKE@hG;c>5_tOFS)6qma;TTH8V<*%I&u=^BYQm zy=|-l#rmVGsindw!QvLqvH;GqT8e?`P8gb#&&hzRKkNHQdc-e|&h# zIX_KxZUc-2B=~N+lq2nFw>z)i@u@+T)!`ea%HGHZcjr}VI+S7Cvn-F*$b;cSa?q~{ z6TA;wc9;?;Jy12S ztw4ZjCnl=0%k1uocqbwLe4e%rnkp;R@}`oLJIFe8ZxXqS zLzbY{7hv}GOQg5vg3{Y8ivPXoAENa8OUu$aL#wEO(L8)=dSaUs=CLgn+h)hMaj|W3 zY+KdY7ERmyVj3n3Xv|B}1Ka%=34trwe73~8$%lA`gtj9SZY?ac!`@~zvbr~LXQYcL z%?Vs1F^xp!Vx!aipb`2vgsB{739`cH=dTjkE(Qt?t5kU-%A21goHTa)n%NC=I{Mtk zz-fuiG3dTa`rXSDi!otS0Ex*_s=S#111g!FTz1=T(1yxLOmP(})P{~Up#g2HH3UXbY-|VtRKFaPEyqOFwe(bm zcaYrbJk9LH`SJr^-L1p!KP?ddqNx2wRY`?p{O_=g+s;9TE1f#Ar!~ z(Vc&g@bf82SuNPhJ1R2sWlB;Uo@9AUwo zyYC_DTOKA%E8?_pNJO?ar{T3Mcp>_QcugFg&b&&9yG`DWoN=%cH59U4CG?%T=AgU- z{(C~y}%HIORHLyAgl$|gDR{kYE?sMwDZ?A04mR%7?IVSwOLy(q4KPNBbBE& zdp)%YcPmk$Ma+nIh&KrSEdQmk)kAyYF`9=7E?#mOuIz^6C!IA3A0KWAD?Va`<-k z@nIW#Vr;n<#b<)Kt_J4($~J{Czca*A4;NinT^0X8_FYRKkZ_%#%A&9#=n4W*q(wpX zN?B{`>U+3W8mZDorSAMyKrh1gkC=VWv2}xjyc8FN=NLE zdz>kl!bb|7jyQSOn*YMH2 z?^-j{!F6VGos*fJ!S!Yix?uSmXm(WLa^-K}!;X5_oO5r)Wg3{9u#EaQ^DW&X*pPhk zh+>62+QLHqR-7QC{fPU63$oYzXj$}|XqVDoiN)9<%1PG^-iA@Uoew1FK%@R0I7@f( zaeF$g#`AaKF5k_kcn_as9jZPYolo#K3g7=#|5^_CqlVM!qH~r<*n?KQm)H%3oL{^T z3#!2U-!Q}5-`^cEDa{dMcuu+9o6r~0T*f;U9{w0XJ6ycGvW@+~wh&PYaK!NbV{scyoi6815O4n6v=}A0vf2SWjrI0KG z|I^H}oMkJ`)7Y}p$8+SZ0;^+k>b5xcv=Q6+L9 zGT&+?e=FHnHNC4WbqJKhj$eM{t=wNDkpuoQIkoamY&_v7UDP_5k5iVA@J^v+xkz|V z#$0zBk%L=rD?Ue(+Su?srbgx$FbA%V$QQti0O)wyw}G7FJ)wR!=Y5z#IBfaFVM6%D z5x&KjEU@&YJ%oMI!hVnp`?7_7#lEj9#%mU%I{nQ5A^pspAD;fw5&lM8eT<~qSKF6L zPy4E!9Qr&YkQ+%4WNDf;Qx<9$dfUMM?j9pErT zX`N7&sS~O)i=RW^(~jlzpI+o`2#y36PuY)<17RCOGV0+nm5^Bg$X_0cBr^(lbQI7m zcpMV}%%ZU{ zuemWU<1IPejYs{Z!-zC=ti#dmv|E%d6e@RQN+3Uh02KB_gNJs^Jt2 zRf9Rpa%rmIs^L@@M7qL2&a++wCtnL$%Vtby}&itaDH2lXll8&IiOg{M=S6 zNkO^&1{KDTVpumjQx-&8nI+~=E`#3+N(Q12RBPUIR_}tcxJqxafr$R1fhnE;0L!$w zlF28kHP@EkpXP^_W_xv-OIFg9PgGl66`UU6{-;pg&C7gYp=6er5`8Pc z*gMMhuOPinjl%KE&O)qI!-T1lCgsjs;EcL?I82OexAyV*w1WrdyF8KK&NWz=6r zsJhc{@>#%vy$EmC&I|O5k5p(HLuTn?ImQI|R~SI%SiFxiyv^s2A>LPiH{J?6_Y*!g z#rPD&>m{~O>`ql;y!hZo2bPV*mt!NL?%bDkfW*%?eQbI^hFtbS{b zBUk=Qg1a*bE06{}tZnXjRAFLfGWP=9-COqz$?R+G7`jkZtU%$-8ZhH<+7`|Y>bxbE zj^+j_t+jj1WjX6$krG#S7|)oiuZ^NKEUEv;HEi1rVFWm;FCzq8W~7< zFWu}M|0Qh0$Rrm(HL{^Y@GAOO)!g5oxj(8pzxXx5iwDyre(@Wudf&*mo$SM#KMLmEO3Y;I&1GUeqw8N-6!1I77mp5z>u5>|nSE zH!t4U_Y(VF$~Vu6Gt(R^w%)3_%)EZjw}_Utp;*IbD$9?d$K~=!8BAkp#@@FcHd^}w zUd+<=OqH&uj|G3UgxvQ^?19oul^x(J0hE>ll;t;Y*i<^v9j+58SSd|Dfg$9AjrxBf zn74FvgsH>jpq?;&vzrHB*G@lP$E=SArW39WAF;Tk_hjlSs45oe|X!{>K}U0!|&ZNf-6>8 z@JR%2-O++Lzp!Un0N1_Zuwj6>qZODW%5&8Jb3{c_bf7z8rwa&)Oge>_uuVipthxb6 zo*R7Fh1^95JDk7+n?_;0ju}ywDvX7fn`I1M$5#t4cZssDutLg%C0ZGyonJ?krC7{e zc`t)jMRO^Def~xS&98 zdJ)msuAr?snD)(2#;%`eY-9fG024h$v?o8&*j2!|k2pzVs)}%4;^eW76qsKs&8-4F z>(CG$m>oD(Tu7=QMABP{mEr*HB*rNl6(?dD^;ghnz7|1xhU63Nz`2Fc?8M9eMw2z2 zn4ZG~++Gn=I?#3`zrSR(t>6;OHJe~>18OyY=&uSGF>U%n+TMbDneZ7)41Lp{tjZ-{ z(DBQA0m;vxjh(g8FYgVciF=>qgCXY#j~m8M>hP#kU4DN})!a$dO}g4^3#;nATb@<0 zCj*MNfsUOl_!;Q+wzct$fWeAoqD?LEG+2?>B6z~umx7Bc2JPL&+H8^6A{v&tep=co zgl48IM_%o5fx?fnZS|H-4=eaQ*w8T5CBWl=?e%SJ#3 z3fe%>hBmfqSd;Yr}Jo**oMM^PE?b&8F$T8S%KXtD^;k;LRw3DMS1Uk0tC?8 zlD<@?E?lq#x*!E;L9YNudq9;)+LD^ymCB<4)y$5&4rJ3~6qWt&Y%}y`8~wP9b>VZZ zZPkh6jdm3@9%y_0RuC3yJAdddl`SHy8R-swUGCjlqf0-Y`wXNP=lR-0bJWqnBoN(T zGtdTD*BI*thQ&arbO?66c{?THF*)`q9gR1cKd#L0O=ivncmv5CU1@EriBQ^r8{pLE z%J&m?LXr1Fbb>Wn$bSG}xRC##(xMJDpV!#pTU{tXgFo?`{*2!}y}=vFrt&Dt?0$15 zv?;HRqa4N>EFM>5dauUu!czlc94&b4&cCZ+n2P{B7WFOX@NC{C(IHB-G^5t2j->d5rSZ=!xJ4J?GUhunSR& z@GzJ>&sQnbo8Z>Q(l}Rev*N+4@dBbT^xA6o-#BU7w0#iV_ zix8XXcK6?o2t9q{rnY4VPKuB-ppFgk_CZ@+@OLH9ZSlJsINcVe6{a+Wl=}YQYM9=l z)C((sNt|%)*o5iVy%V$_#u6SMB|I*y;I0NW7@A-IMQzdWW+UfnpMrkJQ$hNxdGu4i zSp@SnwO`aeLcz|?R8|R~tg>=TY_u?^;%lz*dffhQpM~hEvd_Yr-S%0a@3wsw591$* z4oq4e2AZJHe*h2Z^D(U2Xwtq^)?>owAzL7GC_sbTe4)W>1^(Ca*A4*Nc47%|-5tTK zcLYx=#j?JAQ;Yf(~4$_7p|(B*9dX(zO7ho3&h+BEnfi z@c=$_-YnN^4IBwwU(~~41m&hD34A?S)Nnkrxtfdg+-QT#bbNKDVfYOd{vLWoQ{9O( z52H+}y1Dm}kPVmW_@n+4R92~nBzuPBlfReHbN^NyhLs1uG}Xe$Cx0Jdl9jMnsxJRG zVEIZVEHpoSW_`k2ytd0m6_sdwbAn#f{&cCZU0nOC-74*G?P2YYhTPi!3H$>!gS9`p zTA#&yy=KI5$p2ZjgPpWlPbuGqZgDm=AwJK{aMKho7;(+SV&P@pbQBi6QpMGgNYllY zC6}Ubw9x3ru4tzbEeHe6G-Z$~vTX;N63^R@GHfZ_^98(8Wo5^crKd2&FS^5`{aZRn zaUYr`@%mdB(1EWJfpj%x5jJf-*3u}#&;12Ivl_1XuIhDe>E@n#Ct{hMyd3CIr)fKT z`eD<}rRT%g|i=U<^DTKYLLRV21F)V94 z8x+^Qao$7Rgm-e~c!`-wQCg^%B*1C;gGk@)_^#+D zD{)P;H}}U;jZLu{TeTuy$_MhfUzE?#6Rx`!w^bj0OzBUC0jr=oslO&r>gHuRsg&1b zN_TD+$&&0X@ZPq%c?CboL=V!tXPpf=RaUej8$|tC$5z~9$OsL-1v9Y7D5*#UP{m|l=wGi7zymra=m5Gqr3{~_kPhR5r~hDO-fUw#v7@o?qxHa3Wg z?rX5kfZ6L5sq$O+l=vs3|=sKG}&&!MVa%JptxXySrHM2kdf zA6~Tf4nD`r?a7Fuk^GV?y(!_`UucH&vi=gfE`R79MHGmd>bf{krpQ0Tz?+V;6}KFddcSMi=xmZoJzFda}a=* z)^*8ozXtB&?j&VbE8AYli>YbbD|soF@O}f8MVqt#EpzY_zT?;{$v&{c2>Wpa)kaB~ zqn!-&Dbq;4}HJ&OhKkj=z3_|Bk_xQFr%Ls1EP`l6aJc~g>Dd!I8vWwOR4kWV7BwQE z<8ilt1z!+lT53>+dtgD^_mrj-QPg!wm$LIS?sKorC z{|U=zLdp4yrOAW!*5Wdu$;?hddpXVV8Xa?#S)7ii76DlTG}%ye2CwFP`TZ4cQF$QI zZ5MhcLfk#3X({p4*Mks=d&^OCeLY6$&TK#}-ba?^K}$s3C_Qj_Y)_@9GZ;Jm%8?_N z+n>SKQ4PC|5)YFm8AjS(c66^k)#kS*h7Mna2{jD!tRtOpMZlUgIxL&pYR8v;LZJf{ zKZK^o`Nf|C<9Jh%eSm&nD=)fRhi%I?41Y$IL;>4)$*iZ{FU}w|_EiqS5BYQ@A~|W* z*DSKQtZH@X9Yb5`4w!Khj^zNi*B6#X12j`sUHGs%(hkNN&R7$pc$hHOuHia8G|4F3 zK!hofW#8X;`9V)gvP&H2i}XY$-5g&_aK^gcCF_d!5~sb1=c1bOYzA&9A}sjWc@V9k z?>+YLG>vvK7=@b~Ipf8Wg0GiNs$LjFx?qYH@}Deqxf1R*Fq<&-6Q4mnX8Or(fHw-r zPjE&h<1fcxnlKW=k#jwyEbqbuT1TUUS|P2r?0$n~NOQHSWOOQTyyRGvC5wDi@`#Z+}x zMLh4YY_`b5YYk0>PUNZ;v1uRAN|B3q0;4PTupZzSYkqQzUGiui*Ug)r;wRk zah0iBq?Z?rWri=Jj_0mEIp0A*2B5{gb}f`x~BN7WwqnXAEbxO%+eG zrmSi(ns`;;8jPd7$gXNI3B=Z58GHIQOe;0A5dPM7&$zz*t+qSd>$^58TgKjD`;@YU z=M}F9Lzh(X7zW`EwB@UiS!1DJuX&LMt?&BD`_qj&v8F&hgj=%!tGh5M#?+5wF~=rVdmRmxzY>hD^* z4wQ|-#ChLkI`&Cp@MQ#3nrS^r83%pO?OEA?u>TQ``6bB+^nD%WDNOTA=vCNiY*pG+ zSfb97;3QLAo1@%6ly1vR&+=%|OW;#ym5#pmDfjNWyR(=TTI2*Ibz11qSto7@OL~Ozb7-&N>Hct8L4a zRue~Fi&*uB9*XA&btQq#Ri-h{d};V4`R3{!Ai)wEd~?CFO~g^5DC>rcg&egTrPZO3 zlMv}zx;~Rxr>%CY%{2QBha@*#G!=gADl|R4qpqj8u0{v+)ZJSZ*TdQ|Ew0PwI+}Sf zGD?&U#9^XY5^YYG)*^I|OS1SgCBkLkl$ASZjl|qY)4P^4jWM*>6(({DOPrxy=dwc9 zV3pTU-6J9c&@U+$rmOfk(pK{6_*h2l zJ|R!Ep03nIXmUj9c8>P~()!BUCEZP1upM5!v+^Ld-7`{aoEyF)F3w2*G$hzmXsNSj zxYJ@g;y!gwHhRY{NT_p?QI_IDJdYAC?kC8z*F7P1K%@Gl%xmbQOX)uq`z`(Md zvdZ>nc~HOrt}d4G7GB?t2a;7LLR0_!7ERfmydh0#cx_-BjbpIYxFz z5ZzmAjl&3{Ez`AhJBL>p5yYbUIHY0lI-{JviQUcF-W+e>O3E-g;7%v!GBU{YtzO^9 zv+2s&Ni8k48}%+#yOA4UrWSf?H|opQ+AH203###FDs|Zy(cvr|p{r+Oukl`PF*VZ> zR4wm4);faHQA0;iwT}1KI!by8N~%p#QpEe;^Lkn%I&y1PUsHEos14M^8w-tk960N^ zdA9Ep*ogG0eN>Y8aTPDI7!8FEBpETgE*tt|ZubrkDyB2JOm}UbDUUzx!SuifYUfC` zS}TT}349s3+8`^lHmEaaCaA}>v7nY)Og!!FU@TA+cOAk-(6Fwdu|&$2Mp;qWZK8xq zmLu`BkCL@$o&T+hfAIq1r^?DWOoTazgl?68Thh>vxondHWP(;1;N2{FAu zsa-XdUb>75iRK8I$IS0*ZZ3(GbWx&*GgwWWsT*13(?3$=3_Fzou;th->vj-V<2SXmvdm{n8tMFz>bRPFY) zJ4jun4ht!68E$GzTv6ay$ZRljT%4&cqMK?H#aZ3JvQSN1ojuJwQt$WH<~JZ=-PiIH zVt6Nc%iQIrrYY}mZ{0^-U3p%wciTH&D?vC{-|Ic{rQMC^T|Kv8iwzsXN8G(GDsTwg zCd6F)Dm|`y);eP!y9y`bPUkmKrfj}*u1)3ArHz}@@;r*U z6tv-R*cBY~OWfx&HDy=xlm=Ke2o@$a^GglNY8U^c?T(&w?@}2qJum+V@WA`3l-I=; zx&r}HhOSL=Lo0`~#rrkaM_c2i)VBw%+VZQlWSzV>ecKA3IUhK@#?1+f|IlzU zB~?~YwfbWB9kpZOT9yWPPm!JhTU}egDK2Hfp53k0j_%oW z_Ut}EHy(c5(v}CkOGaXWO|fWeEwFtndv}knZmifGZ`;wi1s0ZLbdjy)#~f$dN`~w) zd6EoA81@C#b<;8vm*`q{8M{Qcab!9Rda8nOLC@VXZOIxqTF=`A6uEJl_nO(guEm-8 z2g&AtPKar`UsgZu!C?;Iji(JXN!pX{gJJu0G(XT93v21o`ie5)p)RGc1tQ%JSh&e! zM;ZB@1eFc~{%JohO##%|PnF3s@tf(5O2VEtcY!YMhj&bK;7iR8tNkUp z9&Zk@7LzLvz+`6}G!rI0&c*4q8*&8GO^oI@Y7eNHy>ohfh^~C&tV0C5mg#X(c&~TK z36P*Avz05JIq(?Gz+`sCQ?czm;J(bnZwfV?7K}bfQ~E>8Lg#UJ(_BlkG-@l(aOU6< zJoK#Pwx^(idX@tl+iIJ*Rfzk18|pfWJCiW?eE8a%xd((~7ov+VNE6+UdMt>@OW#g>9F|N~a1wu17`z5J%6?frl3x>O5Q4iS-Gu+LtMA&n@ zf(-WnH+zo%sh$DDr`O4YJ;yReJKHFQtsE*A>FiEAtcNyH1UI1Qf%0th3^}V1vq_>Y z%Z=5J*;Bmo9>l3D@5$GS9f?4Yu8 zH@UsoUOzCk7wM|rNmm~7mJx)N%?cG=l4RF0SHRIilU=Yz+Dc8R@bXn((>BFL_$SscXHlEs`enpRMelB} z8~R9{%h>_O7wkY|W_AYqnmOpe`KM_$&gICJ--+PTNuEH{l;`r{Y$D%c5l^=l z2@0|EIw^awJ8@u#Lwtl}TP;C3{E|4H6OOUP7=U2*mJ>@+BqZq)2 zOj(lA70i*5-=DAXi+CI=%fou1g(xfdlJE${4taz;A|4?-yS|tcDS+b^rJc$0Ab7?B zfX48QUs6ur=5H>aLdr5sxqQ~8PYd3?mBTOLN1u0owl~%HJNr8eT*N5!PSa zUt(I{&2UQvyPKH~_B1mS>|thSu&bGaE?E9KmycXyaBoWBez@V53XU){9UN&UCzj3Z z430K)&;`ps@6wdZ;cjEl%G3uEAN*HEC?10^olEwP;;}g9ZVe8$fpRM>qyC-}*N(%Z zXGlI=Urz7U%fF@L0S24RuO1jJ;(9oVNUHCX%}fWUn3)OYnb{efXy%{`mVd$FEZ3NN zfbS?xYr_-BS!teVCI^+x%mgQ!*%{0;bI=9Lzv$AGYfL?`KZANu5sIhaOFhWmQ9KpL z+yES`9tN?D`ukVvK|WDEtb`m#94_lca`6vRy_`nuV2kEISK zGr`Sfb_O??Ip~7r;oRbla*e5%afy04ot%~C8D^$~GtJBdzcsTnILpjI7c4*G(v)jV zy|i1ss0hWg@ugm5?P6gOOVvRp&|B4TgRL=;F3Q`= zbaSnZpv4Z$Ya4**rt-T{iFp?E?FKzy=|0Y&%F~|BuHy1BbV27Z3*Lk^9G^dh+w&E? ze}Xfa4CfC_?yCVFc z7BL+X#q-+Ry@qJKU1SlbBY8gDul+mf(`A=R>s=Ci{cw86(%reVl9PU8@%9N_VL=W+Y_ENEqFTPCcy>o^>I}MT8x? zSjj{|jGt=U<+uPc;i5=W93Z`fAUrtFw|E(!-d4Z(drV{aML3k{lyzf2d!dMziQ-*O zpuRf4_y?ISe(?%SO>3obViipZYH8Kfj#KAeiPNY~7>)W@@eS|Xl}{$TYnMD0UaH1q zlb2{OhohxTzi_&&G?#Wt9(S@SW$E%y@>lL9} zWDefSSFZ@Y493GO(@_F>Xl5sKwDZT2xU6`j^j8d2s=}hae;n!z*}}3)aT;yH6WYmh zp{YTGgc@R%Bz(q2_Zr&tQ|lUu>8Hcf4{o#c4Ntbkz5<>jo2ANvGM^ljnV5bWl5A9^ z|20ZuDGA3CvVx+z+>Y?>S)&R#oLEx$=Bmj(7)VCVBs$i6}@oLh?a zGTsyTGcScc%5<-gKK2EeDhB}EtBQkjWt|UwG(sQpo4Yq3qYrh`QJ>){I`t-X zNEiAjg=Sck)7`wFxz-f$S;*+lf|V7j>i!jYYk1X)@$nxP-mYKqQJZk`PVWo{M>`yj z5e{H%&azx3__@0;QGZ$g$~xO;8DNCyTa8q=QEQQk;Lts0|)f z5C-|k6j-HHsN!XC;vO4@baR40bl}G@N|y4P;p?Z&U08a z|0C)&J*Usf4o~Cf7oXwlj`lJzYrSVN!l_;|bNUI_Q+$>H9mVIAQ1N-b(O|AzuP0aM zhs^QK5L5jWj+m3ww2UD&{nHqTGyU zkv$o_LS1}=#KfTA#I(`eNk@r;&BeFyT5!lXg|`XTm}SEgZ89(*+A5O;yDZ-jiGln( z1Q>dkPqOaP#@`l|Eai%-9lla(`uR6i=7<_DLc)HJxK z8sHp8xmHG3a2>{Sw~=`5XRF~-O^lu!utI;eLYDOudJ%mAFND~*qY+Z$jvBy* z9XCQMe@4hZ%W&_d)4|Zg7lv=OOyt1`DI+oNC>H71xYMI$TOrAk*!a?iVC_&g7@JwS z!3$*}qq;CfwIjnhToF#(W96k#BvMjWASI=nmu1E`FU!FQXU{tt%7!b-_R6(t6|fuO zBK`V?l;Z&Y_wkSP=vYm^o~OE(iqHM0MKE@Wdm8@}F{R;-4RvC74ByL%$7WDRlyTs6PuMh4exiELg_Bl(X&~Gz=!g0beA59JI8(#cR1)A)~uVOf6dhkCi(YSAV3v z*5fZde)P*?*%jD6{1g3B)t6}NwBEDR8wl{wuc#^d<73*qn;yH zES4d^kuf;RS62tUuj<*2vpl$2gOrh|9z~(0-5R9wD*ln0u%QeI+Gc827nZc8NnLD5 zI5$(PfTNk3o404ZBTtC$eH13)9PA3N_tV(+0Z1V?Ro>eU{zstHAn!tg-7MG%LswZY z?TV%Hz25gUBd*mI*3bJD6%X?#l=K7le~@y>bo zL7074cSYyJ5j`zdEn!0WNBgare6!!>f))z%p$fw`1{I8+N5N|Q8igCXJ{R^2HR-@7 zF2LsW@dA~yI14o$L7l+tIjYAD8u&~*FI8699t+nup8YEd6TT8xY{Y)4Qs8{Fg>%7J zrF5avQ@f@Wo0N`@n3pX@%{@eO&?R?{tUzSlIU-Z%ka(y|*N3d*Qb=1mc^)-#Ybeu+ zC)py}y^?6UsOtTE3!$r8vQ^Q^zD=fNRI|{GJj4{Po{+BaS_xC_$h#SXiuIlCR}Z?% zOYLNVt)2dsY$pR-JH;Dr5-76?Nf;sFbRB~>j&EanU#Nck&)w1PU&Z61#5bn&S#2B5q zlo(@2F5TPWipJ3Rv<&wIGraC&b>?k2cMcR@CnIs-Qc+0cGTTGq9zc(HnWbjQ(0?a@ zrR%>Ha9w_3!`=1YoL4#|?!QlwY&!oV^R}`v9(jvf**2oDP__***s3~JtHdiY{+vhQ zv*oiTRj$Qu4R+11h7m3aD-H!)g!EGGEoBP!FA6sNFwxi!g~uFvT1xMKSSY>!p;-0B z)k!8>{+$xmJSzVQ(M;{ID3Oe7O~exJlCX?Wr%kHlggWh0RpBnFvY^tX$sFyZ-@2t| zMWR6_18o|aW^2La)5*#`e*B`7*DPhjJ=z>$&v944b#6lh<#Brz+r39$jh1k8-W#9B zb-MxCg}iasNYxy?NQH+g=n<^;-s!@m<*P52X=uO$) z#%y>0f!q{xzUsWwW%<}n*xh9_Qz(D&$9#g9g$$RxDBA*8p2=+&#$2k<&2{Q+`TVw{_x%x z(Pai)ufN{JT;m^$;C@YY65?;T&F8KcWgf9}7?U}p_3tI(x^Z`XsKP6EeOOC06xzG& z#o`9`m#O*!ee7I0oE&X|Wa{683+E}Q=U4D#>|QlB_?ptHp*LDbmqew0E{Q79&lMbr z>UA0J#akq*&%%B#DB_fiL_b#)5>Y=7GtnCyBi(i=-_o;$>hn`+KzBoP1)5(Rpxb}0 z8N>dAUbpn?Z1;PWWYc+c8oHc`VZyBzDP`bd7_{ z$xiPy#mHNvfMVor8D%-Dp2!oxy}ow<{Qxb58yC=2*w4l2T{%@&e0vehos(HlSum-G z^;D8r0>qs=v14R;o%`)CF$DQT?~q7b8tqln+^ImDrRS`o@z5_$BMHCA-M4&u?c2w< zNb{ObNbRhBWxdwU?~xoCet@AT5}6(S3o9IOP446ti|1ZjH0heEinVK|DiR=#XmgBG zKwkSq#^C#WC9nM(oQ7FthZD*JkxfQIWK%5Ck;s5nD?Sa9>cFf7C!4C=U_9AwM zdoc~NAJN@z#BRfz+YJbqDu2w^?VQm{%t#L$a8lNuKI|QzO*CFuMr*ehc~+Vk6EXXy zxHk^z>T)h1QSG3y>%^@BtmIrVxfIpqh_wRFFAZ>-_Rr`CANDrjPoMXsnGxMe-zzwZ z7u{cCZHi$(bUNCD;xRpq!^=bR5Y=pZWl)xQ`#B|#m&3j^VOQp#kki#N%pioxs;P8s zp6yW_vk#^V06Q_0{@~lXRkQd}x+QI^2c@47rl)(Hm#Hn%r2fEvM7XBdDg9K@`%_(M zw0rV{N@oBX()%4Tl}<*!pqp0!1FWy$j@}Js_YOyG{i)SEC8HiIoc5(m`q^zVsq$k) z&U4-kmCmDB-4he}(4m(wLhIkv5{IL?2a1~E!>#htgH$uR<2A7sS7zGQ%Od6;Jd1&QB=4j`tupZm= zrg-e%n=M~1+sFjm^~3f4!k~B#gMWLri}UkYPN%I4=i|B?`PX=hF$i`O>_7% zU>yhIvw0Ts8(yq;;-=2kYZ$WAZ{Zam+EeP#t`Alt)e!CaRDKk+NA^pV1#PcS4a!W6 zM22&{8;J~`rjaG#7_1(sCP%y2^AnzS<%uyC{45izleR{k?hnP#3b;;({WZ^u?)bcw zw$qySoBR<0?593Ik-z%s_WZjX*uLt+nrov{NcLehLpr~v((W%YEc!#bu|1~KsgQNLFy7{{jI;p7d*O|tKp-;hg{sAbT_Q5ZW z32*z>eb}k;c+y50)*Z;AM}~N!Ai2v9W=BP)coTZjsnz@JG``KF-q7mPM|3MUats_! z_jC`S;0>=aFKq`oH8I{T0-Sr6VJDtlXq`MkWcOaXsCD`O(S|z2))4Amx-IJ53mCGx zx3ZhNUv!S?o7hd;qSV6Ng-E`quYD>n4AXpE*GslNLxN87POkAvyUX3J^L`CI126V- zG2)&;+y&qlY5?9FXTja;?KYu|y(y=zxIIC-bYRXcV{#DH^=FQuY8oM}it0iAc~P0} zl5+ZU4H%B>$teP$>dZ1nJJ*Ohvt4Pg{AF&%KhiVFy&Qi{y`JXZ!aw>gfkkJ1H|4KBMBl;Y z^u;u*w=@65c&D4!)A@~+X@7}+><{T`+n5@ijMhPX^vuXk$AJv;(qAc)Uu<+E8SKy> zS}YlhyH-|)SV$2D=MPOu`b9blR)0uuO(%keqrj}w|Sua!+GHN@Ltoc$SQuLyZT;J_E<``p0#v zC42>gDV4(2H5Z!d?WBz1*zD~43;Vve>h0u`yB;(X`oJ1$>=1fAx_9hpy9> zb;*p6lCeppLWbdNQu$CSuS#K3skm-ZxrJ&;0{!eCRqhg{KkE#en_N->`-Vul#H1&- z%qNq%h(aYuOexK2bE0L5yG&fqZceG@tIR14MVnLVK$Yf{Y6?46Wpm2yfQEBQ@R@FD z?TdC3d1W6A-f5NWtG<6He^x9JQ*0mhA)0vamo1-!*{#Ri88>U{i(gWmrW*MPH6=B%Q);_E<`H{=bq? zv`^?H_<)H-^RR?Zty(s)PzoI70}D+npTAKC_GscEE-G`hb8b~ewfWOXDJ-M*nrAC} z&7DZ2XH`w4(T1f^q!|zAcG+eF8a&FDD`_&~+?%jxQh8=mgEA8$jTJ6yA`R1&dPyyo zj#Uq504mFK6>zu^AbQeIGKl7h2k}qvRn>2(?~f#O$4f;sv}3&Y^daa$`$Qi$vomMGch(kU%^0cK~gwV8tsocCQ?a^<%oxacn9 zEe?UrFuKzYZs<-Myc_-TGj>dsc7!^EwQ#4(?km4wxddPh0cIuu+7=$niUDO=2fCI- zoIs(2mSAvg0HdA1q19R2ow2!$tPGoPO>Xl zLH2C<@0{A`>1&>!U*N^v&Cap2!f~lq z_4R%V=bC~^iU?-ZCqcjTXX-J}IXk~SH!kNouO1t=&g&jWc4#*T>k%oez2;P&VXQEG zELD*z%cC77xXeWVwc2ZT{ny@kPnA`Fc}|)6FOKxKx2Q*3;vJ5T6XfUeX=`zveCqdx zjQah0B3&nUX-?9KqZhY+f|vMjh~;kn(Hus8;uC)Z_7s1G5A|?5A(2=Ybp3Hz>yN*r zlIf4TV1)f~SFFKqd{Slim0z%X0cOW`(uVNMBTlrKPu<4%HaAVv?K_xY)Ac3 z`5`}Be-!;&f7JahiTU5hbFl)6a7)~NXhzRojSDYr>Z|z zqZjr^T`*_;Q5`eU9~~Nv!5mTv(cnt%=1PB*2h-(2nTh^rXf(S17^4yON7ZE9AI)L? zkv>)3ALSMIN1;9HAHcW7w4p(l5Et58#aHANkBB7ThF8cZG9x!~7;LbP+Ke2dU_ z{ZSsg&OInIv7lmT=fVY*72qC-QmR1LA=_Kk$t>*-N5%>2bJ?`D=6^%@k;T6^WL^G1 z0#1u{2bu>hs6TE*pSx#1{qa6vPgeIwQA#?0kdp2%(VP6Ct>~e#G{1d%&R@ijHf0Ww znX@tM(+=vy{*^HvJ!Cw_KT8rCm!C7UGkC_#K?l~Ap&H}mTEG}TGcm@OK}~55n%Nly zW)3=VzRjg2S3JhodS^1mv!u>^KqsBx9=l_}Q&!W$WvT>^@PoYo@s_)Na zwh6$V0{lD%lx0l}^VuTu2m`5-%T^9I1>03($QoW)S)L2Jy%X|th|_(7CagVOUB_Ps zY8T}X#_J%&RYK2?OIZdBmKwH?^Xm$BkUhbr!l7!6)UXes#&W6oN)5`ntSX7620;>1 zgYx@6sX@&lCbO?hcm52ifn!94;WtfckcXrOnF%hXc*q|WsX_Hq#igpz`yQ#mq0tZ& zNhL%BsezM6h2b3x4S7gvkeT38hDK6q5E>DeQccEO${h2T8srsoDWN^;Gf4dqsllP$ z9PCG=5N)J}4xxRy2)ir~Newa+QiGu#N)7!msU;ktmPL}f{Ko1|j;=tInJTMT)iQ-; z&AU2yB#F~uQ6*D+XUH)!MV`tQ598!jl}vFTrIAe0K|k)t9{nU!%mB7J|Ab7j8(1Y| z3fKSHNtCgc8Zj-8dtx1ohYvgVW6%bl^NEXOxy) zu?&;(wm^TdlJT$;$pjvDGKP5A6EMM43BlG6P6fo9yY`iLFgF31C&0l8fKERLhsA)h ztn-m!lw7uQFgX~i#E`X@9eD~;mZNwENcT;2!5w^j=}cffO%|`tYC1J|8ettfbAh^o zLxDJZM{o#sDMv~uN4BKd9sD~cV~59)yMiNPdj+Fe7ibj!Ufy@QJo5!TS`iiub89t9V~Edf&tQ92$+m znWPe;0qH1`SVbH4nRO-QBhBJWC8}9mLaXA6mJ5DMq_Al4#~-O^O#UG&d5AyCOvp!8w47;G zhEJq-`CTgODv812ZhgDwCY*HjhLmr=vKB}MK}g5wN9I6hgP}{*XNT}XQb5DmQd?_ zXUKS8_aG&tlskqp*!eh;dYv=ivDyR0J5cd@o5CN2`vA<3F(ZAC;M$*Z9F`JrRbup$ z%=S63H2f?fvzqu?)D>LD*Co^u z{2sgb-5mHGifIVVa2Qw1-poiD+{6t;$Hm&<%j4Kx!5?CK1*LB>Jm2-QHorhY$nP$o<0bjsZ{bnmcduYZ`wPU^262nueS$fb-?1|3 z?GOA1@H>%zETf|2@rN#f1I98aGU|hk}LmZW@qq` znS&0Tp9CEsSIV^j8Fh9-M!g0EmDaUpb_Um(Iq1Oo#avo)C1lhLJezS0o~;{W;BPl! zh-W`Ug{4YNtNq|sK&i6($~(9$0k~O!-zNaK2ykT#D9bt@8CA(;t+MQrnBekC3|Ymq z6{IXj@y{SF8C7-b;Nwfz14BlYf1TB|^BDXCfQWG`g|6TVzL9XMIf)DS9m45VL~wz+ zft$9@)nP203X%{`g~ay>r)od3+S_Eh zi+>PKCySHt95{uRhlEp^30|#u72(t>9rd1Sak--wh~xK2s1BFL;C508aX~`mEKOnf z3{_oO9+FUHCK$Hi5=*E_Tq3TmI*qxuIp!~>$}8mB(6*{GK^QP;K}LPlNIyg>b;ZdA zcMvHo4pJ$*B@4s%tDBVNA*obmLMpZ5IH`1G7bfjHx_rwb$lldLhX}Y@9u;m0&*ER8 zbZd}r$(ms(HCCwXo8%--!??rsT%(0Zx||@s{4HN6QAYc>wx)@G#{VM7Cdpq9g-`ZS z-rr*;`Rgmd*xcd$0{AZ2qo3r)TY<4f)|-SqTtB=KY^&tPI(QHVaKwWsDLm*#j0z9B zNyWdJPpa&`@(ylE0B#lFuL;0y0^A-0%CgQ!Zd7tf9&|?~hOFX23R0G13=a}KjL00K;%YHb;Do1RL~4|f5miLMFqHg4rK1UehI5DO zyhaU?(6_L$Atj&m4F$c34l}k$1yTD_0k!RYAyL+%~uAq=Vbrme|tflJ|puRFdZotR0W*!Ln!*+Ypv;-Q8uB4IZsz#3r_B%1HY)Ie(#y*vBSwv=ceJ#y06$M%nx! zq{LYr{1Qh_HFq3)24Er9_+4K0!DE%Y5OE6Rr44g}O1_bq7=$e&cLsnBbGFUj(y=;c zn}21)Tm>AChl%}ikI*JB@K5ZQdx(4z<5=3e5r1}ALqA(XTF{R+wT1g3ccm_#;*YEi zo$QW>?n8F8^E&Wsd0$|?`_*U5MJ!pjo8(JTkajH^1?jr&1O+J*ZTx;vrrR;cu0;-i z6^7ZVOwG$fyB1|8C`j>0$tY-Vqac^3+asw>Vzx(8?VKPems>V?sFEA)%yE^%@ZHwV z@=!a=Oc0dimJJDNZ~Tf6DdsPGEc-rED~-49-|1D32?m$&v-GtZA>C=+pv z=ViK`7;p?Wxfh1nn@4-gLmWe9qP-O_;uukTD^J(nYG!M1ky)a>U2cBx0wKfPU?31y zVfaOBZ+VD;$V{}iy|lwY}FA)Aqn=%5n++1T8#ER*Al!@t(zh zEu)2iazYD(7-MK*XToI5hvPA}?;i)u`u_1)vTlv`JNv#eQQv=DrrSwF-)CcYVR&P5 zNtNZHzArOD3yL?k?<>#m?)xscZ14mj!`$fmZ2c|_zh<-`5A}VS30kn+qQ0+kSJOg$ za11aWM0K>F1$oCDP)CN$L5e_Q4jK{?%)w#Q5Ijko5F_MFHYpo(5L7~@%mi~VbQ)sj zV8@XyA*;Z)<^*%7fJ5ex0hNS^W&_kJ=61*Yp(R$w6Mh{wbgdVgAIffpNBuutE z7mu;LL91iN8?-8wEg#I+?UP>+Z%`)U4R6YHE1d8KHd+^k2grq|+3^r>keQ$d#T&~T zl;?Nz2A7*3yhX?`H+TbEvJ1l*%S|5Q4Kfq-V7W!SLFKkRS6N&2Yp?5SuWzeE6R|F< zC=Qk_YZa#W6qUp|ens`nNdFk|mfL|n%s)X( zT9Hoh7KBz3VLpyrp;c#SNsG{9Xo-aeXz6@B#_|>|JQ#2J1D0(0LcWfc79>|F6Y-XR z%5*E-@D>Ez!tjCQ!l_t1#9L%0Xi4$L@)qU!-MmGybXewTnJzbY%S`3gXt~KlyhUb$ zmMpi3x2W79EnTAE^}g^xF|FNk1OaQiI-P&fC&m))tr?4}$ZAJV>h& z#)Cvz2_EDyZw#Ixtq^mRTx?o29wewVTrv|p$k1+#c~DLQiX~)4Z_6ckPz4Q&F z@up8?I?Xn`iOpSw;S#xUj{qLxO)?YoqskIjkFk&j=o34Rc}x ziZLfa#hhd&n3JJg&73S9tK%x>Q~^iKDY~y1ovgPc%xDwLvApRHV4C+NXh|y(RlG?T z9IR`!q}2v!NsA9-Xz6&;;8_$r#_}fVxQsVRx0H3-r|*<|l!MN{`tZ%^`1(3DoBV*a%1rt2_8CIG)C{s;V|f2scIOHE&TrXaQU zX7f{x+*iyYyj6I4=jd_RH=Q%E$G*Gi7>oD7q8YCjf}XPZrru}kXN;z&thM>iR>v>1 zLB?C|cKlY|yZ8$Q=9l7B<(4nqFtJ{Wq_1kG>#)9Z|2O}IuzW?QU^k2R50pTs0i(ve z`?y47e-5Q8oc_>%Y~KL)NBqYFI|EbWzvh5Mw=hIA^FGYu_^+Y_yrq~vn1!>m58Yqm zE%p%;e=qm<$o5ri`xg~B`auov^c+DL{d{kP81r6IjQ_^AM^IMGwp1P^hO_;GRDSlH z!maza8ZTwO8$BA?-gzLhJ&$kwKNRj2Vz`u7#Mjx@iecNuu>Kgf194rr_Zf09LbTJKr0REiCVY5q@971RSO};_GZ{V_WVmrE&(goj;Xr+Sifqi?>C# zf8XlL(ct}x1qc`S0`OC<`QA|oTn;vqR&=)K!OGblpmv;%OVGUQ&Qpw`IF%2duJP9U zOt71uukj|p8h!7g;m9^Uj`0eF>%zSr=XL<~;!61^Y%Y)U@2T<5dPb=%1I*cud@b@_ zn7A%R3nh~61@EeNqBei@jmY;9+T4}x$XlYghf(7$k6kW{@H-Ry24UB}_m}2Wi2a7Z z9Hw8yC7%@6%WuHNm2y{lhr{IsVmRCOcSm{5peqK^2m4+*F6DV~D)VS9R|ngXp6YMgnuVb* z{Vw(*oA0IGtMM)|y5F1fI@=wux_TMsy&1RQhOb2Ftr*)HZirfSds@cfTo=amz0cqm z4%Ukj%GoxG!%d7~&vr(2KP8TPQ=D(MJ@WPA7_Bk=y#&rG|3vE)HSvoVYeV z?ub&^mh@ar_QWYqi*5gj!`(rDbM^OZoXQtaiQ>K%*QD?5O{==H-T$SljV^DmmXtRH zPww)L!S|kjsRcKQ^LVZ{YV-f5BAZVeIr_`p7^U||DCZ#Sc{l$(@_m@}97X&pF2_}b zb0u2q^@y8Ijcq%}^mjBp+4aG0Xv5j=kLmuHFqP#~3x`zVdsE=A4y%@{o$W@i;yXkh zuaBr~5Ae3AY|E#%dO7O*JtZ~*DVai;r9NN}sOBtPx^VR_uQS3Nx z$FRShnX2@y&+v6E^L*TU4!keQZ6$ieY$(F_wgde3y-VFAcGu z;2jH{x)_V{kg!YduTY|+urmE;PINLU~ zhoiM?==-i5KI4(IZ623*cVf7natr*$jWf>?!=>^Hc{r@z|93>=>xX<}QSV+_%TYuf zoXm~qo5wi69P**%Q;##^=;wP^hxj#kOA*86v3kshKBvbz%K2SfN+0TUc{~tvpH*V~ zzBt&GyumvV>Qs6SUK+}ArTjBEyAkY^xV-_LxWFfD|VqLwz3v({izLY^enh`-315$$|-IPvw z1^Pqa<(nPkTqw{%dYflhn1$iH4$|MeoIx%@+HjDinpgB{RB7}BK{{(@Hm_-rakNPU zS;u0%^=_2%%;pUY;!|#y&aCE54WjYiK~`)2g+cxu=e~OLE(TGhxG-xs?`M#;pNvvo zzxgQd5X!X-{9a*p_jYK0&caN*BMP%)^ZVW*)bk{0*`>34^Ox2Z=l!t)sijn{-X3s7 z7iQ1qY>i?)2IV-&ubP`EdaE~)wi4uF?^n&a8nyDV^dT2!pt-$9ZMyc?4l>U>uz7KV za9N>+5kyxzwR$H*yDnDHykyOVKqONM!d{%_nFg8nK?O3a<^sa>z+<8?%Ue1nC|{7r zYYu5%)k-lVOeY|n)eOVm(Pv#=hc~Zdu@*rFbC4sNH!;Y^^nVBWZS%1PIg`ho9pv2R zb8BiQwR+ozI6v-P+5C`&Spx3j!d%(>Xid#x%*_}H1Uc9HWAm`(z9gfa3v&$+m3@h@ z4g>Gn=8vqNFa10U^Oxq1l)`Y`q{X@hX}3G2dOj>nIRG*_rFy=f5l|`5^KNYZvBhd( zv=wCYnwy&YQZbLzR~p_C}|t+>WsZ$922cgM8)dNY?KlJcHm zzX-gyo3F952aJK@V}bWx^X&$CpK()Tkb@|%^%zq%JKKXWcUtZ{Bp`PgAe?(Aow_*I`^}ts2Xa;d!o3tgei}nQXnw#T*Tj$yn;$aB@-gJ&=0^>(a02p} zL2ig4|7w0Bm8R^EP-FUy^FC>QDwSTW)w}vU2MN5-nx9Lh$^CLhHT~v!|89OU)d1w3 zw_TWd-dD{dV`6>X{EEfuk}7~-;C<8lxxpyth zqb?c3)aTwe$aZeH0MeBE&>$(a8T!rha=DLzuwMPLOXpm#Bln4w^w)8@egp(U^gc(P z(eGSu(cIT5@wTo159={!tlYG8EnyZ9Qx3cpa?7L-Bh1{%QLGhnGt$+q zvx*>usfp`(qug2sxfpuZZ=Sbt?q>#hsM|pTZ`<6u26;EGv7K_8rmJgX@7(5TmHity zq)TVN5Hj>m1R2O}X(xpNG%bzIWl=FT<9jd99nBGKj_rNAF2=oiQ`*Tkj46=03Ah zbcPrP-phhOhnHO#;rx2;zhf|bH}{Q&Sq9-!zrcH+D<>6eyi|||`7oEth@OjgM(KQ% z%UGCgToBspUpe2xRQS(-a&;N?+$R}9TsmLn8Zx5Q5#}BaGMa18RQJmNfZ8442wk&OswPG4;X!&WTkywjA6=B%kvO-2YVI{^KmsfYoN@Mbx)UvLX z;tdO-vQKW=z#w0_Y6dd3Wh2XLTHNkSv}|Hw9*k>s8W7b_G%ug$Ez`2un7o#4*~Vh6 zfpn_hJa1;p&kdp*4)hDW67A<9~=ZBET^qc2x z*>bS8@?*C-NZ@VLGGwLT)gAi<-gYgAXAY%)&Wb5v$Ce`vQusKE^$Q@Eg5jTEa1eH8 z0uj#7pdZmM0CLorTHUMVWP=a5E6K&w%lT6&xIq=Cf;c+w~i_M=`FV#WKvwxb6f5=NLLIwzvV%L zY!*W#qj2dKhmlZU|O9{2&e)ph- z)Nh{mN=tohHII6urLk5#>I-HZF3ejkxiMkhX=$}|M&kN;ucaLb`ow!&taH6jTRLk+ z;n#n!o-vTt)+NS3+FEFT2XjK9$Tn& zIm2iFm^LN|QdRbet+U2J7HeH`3}i~{Dz)PL=ZAa)IkR;&%YFN&T|J|PXkBYetU~Mh zV<5e)8yi0J!uAThzShkRvP4WR%d~E9kc!m3TmCHm!RZ19`1=-WbR`t*4HG zeAIgS7|7?XXVy;j9${|NbktPuD>T)un9`dsU%TnhY9lq?rnyarHo+}(*U-F$@lWpS znYqY3%;3|#N9Y6XM{PPZc(H?@p+1q>bZACsu8!_b;p@Y6o?`~JX>N-5&_gxe_@jLP zt8>}1{QpRM3-GLxrCYf74urrU!6iY0I|K;sF2UX1-5nAVLV&mj4Gx0_861MUyA1?) zhrtH^>b=%`<{i$Q^Plgz=RWsY->Ryvw(9EYoiLfv#w*E2`5RV(o9Y`Dei;bNJ`d=Y zL+jD5Qqq5KKTWE++|u5^A#gZ(KsipOQ_4~H6q4G<+tDEHSKnbRme?zSC z;}hVtK9}K{d`ytypjM+Tm)3L;5WV~a2x#&Y7YJP;*f_o z14eV6rGJM$vw}RZ4DdGbFtHieX~-qmZ;Yc~uJ^;fXctVqM@HxikAeJBDe#*)z-Lzl zF75@nJN@6U33;nCkSBizY&8U!jq`{v3_f!Z@aRk6@))3B82qFv2R^nKFoL*qH+TX1 zcdQ8hc{bWriU7~Yec8`_aiu(2UFfT~gnbHE;B!C75BdW?)P;OsQSdbKpIy`YIG^Lc z8V&vYkB~1L1|HZQScLuyyFkB^_KNG=BNld@Ij%tVx0~_fJp}rLT#t)h@G~hFu=jgl z)E~gfpMg&UfV)eg{X(9DAY$5mY?luDbwp3Lub2<|818Ei19qMIL*9qyAnj)GNjx`; z=fLhM<0>`dp-Oeg-{c1tB43sVd?x)L42QqD^?*~mvOlhWfc!p=UjKeufPVGR{(D>C z+cuD2rQc+2!6$cse*Z%7{EY9sl1H__fclUh4gqd01$jKzt4e$D6tv&e2zC_*LcW^% z>c2t$jq$N+F!WdEL4Jq%WQhD@C*5y_s=!VGup7^H$jCT2vkLl9#?6wq;4S43u;}*h zx&cQ@-q!qRG2o1N$lYj{;T!lcUtkR%;H>1ZcQ^~anf*;;JiTLFX6^^OTMb~BVIVL? zLtsAgVa!YWy}gQ|JN8F*~Xz=O6J3=J-~gR zVmx_jfRE+=pDPG?xst%4g`t1g4%m7FmlIgQNZ82qy3IEz^qpx59B>^(;a+(1N7HvH)}cM zyX2#gj)$k*-yX9eFFp$Lsq?`r90kU5-Rg3@hqyoQ7_a&dA8LQKhQWR%^K~Nc)y>3V zGhz3j73_xY29935A;0-Yew&v^gN z`7LRLan$3u$}-R18w7d(iNJUTT(Saw!nmJnnK!3)gWiRH7W2HVG$Bvj9qleMZhm)m1`+HGk7yWe>qzNiiP9_Fw0YoKpB2-wXD`cr+tSMvPsV0|@@>lV(u z_dO1FYign0%1S`rjKKMQp>LlaJf9D6O>5wG=JPtN*M{=`_nV7$^*N4dy}>^Y02b#u zo!SfT+yeMAHT*iK0aoBWzTFMH8qZC`7qIWi{d48`hu4SQefr(W^WP#DOWeh z<8&L>VagBiy_ujdS_C|10{GEL@QnfBNjm~J--SF4?TRvfn-QnHf_^;f##&L}!xsbl zu-zHPaU$pW?gRAYn4jAA1HZc(*e(aK4deY7*SGI9jH~Td=vPI8XRii+k^QdX{(h_q zxg+Dsllr|5XqTFK_vjJWb!`Zo-V+$W^-RKhH>M%lE$a<@?g6{C-1l0+;ELFf=tdmb z0s6Pxx2YUQ2Hv}wr$Ilv2e1J#^8obMnCIu0(%_?bj=D1*+KooLXTH$q=>ohg?;;%! z)wyotm%;8m>!(%j(5ER2EWx-g$vpP-9PF=@1-|lw-KNsuC0N(Kz6l;30enpP(l)UF zg?Z&1*UN+JvAZ1fk*qgD>wv%I`O8`bye{)*p3LBhjAsY(ZDSxm_#OQpW?Z`O2EWez z&A|I5St#uNnZF)9g?rWS?_J1f%eI{?kk_e zPcHH{=fT5i*PG};oW}mIw1l5UtcRBKJUk{=BM#ucmF2mAG!^YSyi>`}T)?59``3yiYST{$Eyu{wu#1oFT8c9PRJ&zG;0Od=$_3 z5ZcXQUi9L=pU(rk(S6|8i}y(n=C>W?pufO(((+%ym-C%^?*RBz`S$=i57gwj>QB20 zv*7mu=f9%@co&|>+QjjU+sDkCWlO;BL;?66%s5!I7JO?ZU<}WB6`r$qJnwD&(f$nY zyVfqScbfqG#{7874cuWNaN|y(!F_P&z4dq~{DrdqzfcQyJ_8}o!gG<9dE)(O$X6tX zU6eEM5AJ8J%i!&J9=_9me#XxqyvIxO-a2E;SM)oQd8sPT+14BI*XIJTg)Pr=O zJd4D*X0`*mH33ctMZ3az!OyM%KkEqYk`cJ$AmnvffBJhsUXgLvhxNiEu1oy{*w^p_ zjwl2BAF;r@wz_FB^i@hj{?BiHRkBXEC?FFEr}zP*rl zWB&4E{wU7)@3|8CYrHp`@O=7_&mm6axl7J*B#^J~fbsptd^hSa{JFOWE@WP=%XP0^ z0QTcKFTa-@-xpxxZouBe>N~)1+yS=d`zIIU_Acl3fcK&=`%@)h|2xm6{8tvNJaPRB z@KiluPVRRTuFF^6=l5Pi|AFV+WE^JWypFT}%Ej@d_yzXSX@LVW057Kph9m>-As@_j z?L^Gj6Z*c)gT0P`=WmVmD#$!@W)S3axsJV<50+(z-5BPBsb^tVb1pD5&sDh+;13u# ze>6tBReWc!Dg^!GGr;4Fr$X7mGZ3qVp`CXGaC~RzPw_r$&iEX_b)CZeFoN+jvNY^_ zu&$U$Ov3p8(ExsX@jmrreb+Y%?FulTKj*yP?14OM8Q`XCz-iR)BZe_xZ!wQ|pVD)E$`P}1-UB(# zro_#RtrHYA55&m2vls`{(r={Kbs{j*JC{^4)vG75o|F=?Udam~UIs zUjgQ`#*;D5W;M`mAMfQmUBNxWfs2yE?i%%XW3=g=k5i0SS0u<+I3_e8p?HD{vG;pRe}9)1N$-_5>A5`XMVl@ zJNRDCvo+&w73;Wd@zAFmi~iFe0MEvIK3x*X6~8yF<@j!8f!)0>z}Mto$>^InU8 z54+C|fyuK1Tdv~Z9LbON ziNs<&=YO&uD)AkDPH>zf>cak4=E-?HuX7E^tF!{97zu34d-Tsl_;F<%zhGXv9sv1^ zH^4!Gz-Pp9T)&tpkYCRYOwV~P<^2@Let&1&)}98tw~VivkHO=4Po8BRQ;6sHmk8*M zAHdp;fpPDE3%EZ&nD4F-ol0V!!8{KeH^BZDF*W1ZmwefJ=s%ICAvU9YFY$^O{GMW7 zD^~#R=F@)PC-B*vPj}|~fVPnD?TPj=?ZF!nlaB}Q#C0mW2z(>48F4OgInQ?+;%3%8 zFZr$-=z@Mq5%X~$0-L~ZhUvh=?SQYi?xDOt6GlLOn)l^`v*4#X!tWNwNrgJ#Svk*c ze1G-jd28ne{g}yU-<=rGb5V=;Vruq3d>icM9{_Gi02X9^Xv(~Kuo&cq3ox)bunOz5 zYCJEgV<11vcnIV@G@~%a732oJTQ2YddBJZnpL{3_eqji3DdXvBDcHaI3i*s(z-_z- z`*I%|FwO@iLZ6EMBRS62^C0hV8>qekJJkoy;Jx0H`L=U7`h6P${i~GV=4)_Q&huhH z$Vc&>+sb^jx*6mZoq-eBe*rJFpST71ocmnU9d`4`%g}Ep;s|2bUto8O<61*(#`x>D z4}O0o_iGOOLVVA(Z3_K<)>WN2@2&$OufV$I%v`ja&2?|ecyi%>&ZqooX|%gWf6v(N z7T5o5efaVC6LvSdf!}QbJi8n6GCZ#razh?*3i5j=flljyzi|G8JHqbI{E+Maw7ULo zkfsuF22zS#?!eqZ!20ylj=YdB+P!KDeQDmC!|Cr7*DE#c-pqx4pJ3Rx9|SD!1NpSl;5BoB z{|E-YWqtPN0O&W>fqXIjJ#qz~!Fs`y^LjE1_7{oSd2bCr5Br#sz{KIOo5}Uf?G5=m zo+tg6By`+HU4i@%`$@e3{2|vhtQPEA6Gs#0b9}>zSC|ir%tHG*+@}KE*CEUUd;H-q zn(JQuI_#J69JlWao|f;j>%>2q&n^u^`@5_oD|0*pc+RFW{+djI-5~{RPzZiUGVi`A z0eSyTlym=+eg+@A7r1K(>=q_~cjP*5;&-m42O+P^_5N)>?ECQiUd{}@V+3#kv2<$i zjNJFPf#B7-?umopx9>gRjVi!tV}K<%o-Z6{Av>NC&Q z+6VbwTbvyPPwW9~)eP8-b@|o0;61$HcU2kS(yG9xYoK>z-CkoecpK)YB#f)iJ0ai6 zIG@V#tRS8tmKzPfrP%);)6nkY3}7XquRpjS&uOvWz!MnvbFYDKehiFcJu~hU_>+0S z6al~)GtqCY4dBVv0 zwFg7qtrhSvF`D~TjPKE0T<4|i-(Y`5XuqB3wNyd)nL_y+#`DoQ$fqU;?)3mRWPWH_ z1pIS5V3&-T-^$Fu6sIBowJdlMu4g~iF*iR#f0Fk@U>2w&SM?uz`T3?F61#ofrp6MXM&&Ny>j*o z`1eNWXDIItH-29&MU3XTojwfqzj0ibSuYfw4tXH?W!4`avmtMI1K65zTBQ^Cg2ll8 zHGr#b0;h34rMX{MA~3$z2cY-oJy@nCcrWsh_u$8vACpC+U1*$Pa*9T>v= zR+abQu|<%_alB3F-#;1r7=h47@*dOws$JJ5^;SUsiudJB#?uSVv+EM*mofgHGVj+n z(SFr(=r{BHR=ET|nfFJ2#`Q_|cX}$?4dr|r4Fo?)?85u~@+A1V&hKDBtY6a9gMGO@ z&<|<=-n$O?4)&988~C2fz?9`+*I*3Lw>L1(1^Vw}f$3fWCo`TiGCry|h5X2Q76=i&bBJ9GH2UvV6aA6BzT7H*xVIB8@^ZH{M^uu`mcd-8*oR2w zEq;I95CnNwj%O0j%?8Hv1md9Su*=UpmTeCB64ndOKA2C#rI34aKcnccWJ%})iSsJJ z&bvIYF71*;gO}!bU*}2KpLM36KY5R@;CrvjRoMFxj|75u4F^8D z2u#m$M{~Zt$h((={zxpaC)aI2YxKX8>oT2Kp(ErYnU7P_ek1qCe;V}XiUOlKzs$@_ z&x=6bqb;!YC-mFD5ct5O;6>X4TQhF%Gv808T|YP2pX0i|*arI)>~|#nF5|oV3G-4C z#@*F6un*>b^bdo-^&D@Wp3skA9nmfycyHVNGXs1&&y@@L-o}tW=Q`|T-oAPQ@@2)* zPdL}_0{5{E>*T?__vbM`y<@w@{%G&Px@Rx*!k)bFSLr46V|nlGe+~Y$32=WJ*mc?r z{$LPrO=Vym-iulJPD-R*y=G{asS)gYJpopl1No(yz|DLQ-enz`yC&qrS!cVsg7;#b zaiTl;2gccS#zPY3i;ZsRr{`JV9p>lmebMe0-e;w_&(XvHexFHT-B{%Z+Ly|TcF*d7 z-(|cz@Vu|J)jRE=A3Y6NoA<+V?q?0gOE%)68n81eb3R;`Zoff3oAu*G#N1?%xXXU!48V+8E>+8n)xXUugyUYbH zru-rCCG+^)dg%9S4D4!f-2=CR*X6mm-4}deD`3Y~XgBl>cu+9#`wYmB@cge~o*PG8 z#C6Zw0roBpftRWSx8x!A1Lj=`+{gFcH0HCG%zpzo?z!YCBG7-ww7_)C3o{t!0~f(x zdG2QtVwoP09}Y#keXKL$iEX&vBWRbu2kiE~2p4*7O8!=l;x@4?cwB%SpTCyobY? z4?}nC!n9HqacqR1^$foh1k#J0?>DV25ejp*tRb4F#Ao(IJ@^9@(H8i zFVkr75A0_h{kJrruS>sf%%fhaHMPSyd zz-D8C<%we%r{^kBJ`aB1kY{Ax*+u;23hXwruAMRv{0i@zq&&yf828T@M=u({u3IPg z_wT~-SA+aE?~}g#&JslbD`!DJcQ(+A=V2%LTHc>tDdBGl@1fGoV84Llo65X@m*?+& zd+7JS0k&bCZ@dE^QWpM_tpI<;Jo?9Fa8Jg~eBR5qnCJIgg?>Hjj6NLyK+b0x*RdAk z%!PTV67RbLw2RCJKk2#xKRIDMvpRtXaD4L$f`8-rZOeGO&2t(Zg?8!qzDi&n_;D@T zW#T%`o&>vg*?@D0LEo@4FrM>!HWK>9eCM>u0X~`Swj~F@&3Jvqdt_f-$WMC!9caIT z>;IPg{3rBxlk4Ke`@0DBk2sIzi)_?GBa4EhB{fxSb4RhfUXdVt?K0_?$kddIqXI`iV;rqCC?2aKNwOviZg zV?KZ09P$=NffsK853)|GRSDxu*$a4$;~Z86Jc|1`lXfo5mmQfG-kpcPZv37-ih1H_ z2edCZ7r1vZ?0#onjIROtP`+2nR|U_`_ubL!us_6mB%JS&c@*zoNa5LBO{(JBxZs^zLE4U-y%YU{44^9M5 z;CzyDU44?ET{PG0F6Ze>0qC@0REm-2d~Bc4^;%uM@&UbpBwT~obRvw z(SB4T;5X*$Ci!4@Ge6{=9sxZV|N4(^>hCjsaspF#10K%`bm961bH7(oK7+WP^}y#J zu)q2N_&y{0J@tmGxyZ+ptcUBSGpq_8QhhGG)B_1ON5odpgzEL6cGmN|-_pyE>$cqt6 z&@OdZw7XsySdDe$vZ>(7*?v3YtR>^qcOmpWi9a|mXU_X`B=mX0(C-eOv#}2$pG$v( zXkUfr*((q9EjX@??0+Ql=8tF4k7wMa=04WuI0kaRBf`<|!tAimu@-o-9B=~Te1A>w zBJ6K^0(cDHnalITPl?i&Txyv44=@gK6B_1jaKC}q%Ir$v&OvI9WhlN*#pQ}63P zFCp$Ec43}aGah!6`Q2m!^W#y@Zz}iYt2g}Y;W^#UdTs;HSxVklX_@CTeS!UCzTb-3 z{BR$S@w|E%=s#{Yuvc#20M-??SfAWs|IH|G$8oG;{u#*lEH?-J9%CFlXPuCV-yfeB zh5jt}&5irky+8W>m2rQT=)DQ{Nq9c@`p|!0*f(VShy4k87sk`C_$nP!(I=MhTnDcna_g3RHkRPJm#~R@A!D!cz<4wZvUB^a3znb@tgBR?2us*)R zah+gYe1U%6jzzovWne$S1pkBI5yIji&&&HdFXt7&^{?3v_AiJhVqm|9{B<<+KJk#} zcL9Fox(#E!;l%UfH6QjFN&%f2CzaX$2hU$i@&?Q+m(#-j3(t`Y>+CK+&|lC3;I!Mo zn%RK^*8>~0Am@7T;C^oBI0yT}|1O@}^t`W&a^Gh29*wLCyIv*WZwAl9#LkenCobF# zeRN*PC-6S2%zNNlE$DA>A2PE}iXIDj>8@xun(Zg?K5@Sb{UVOL4)5(=8zIlL4;WAx z`0)Yo9_Qf(Y`h@#|hZ?CRQf?!g=K2{L(QFE-_xSMxosf+Rdh&7w5g4`*gn^ z`kPlC_C2^?N2p)Nc8P3PhVeLo{oSJfYOGh|Isd$@>&iET|2b{oe-`z(xjqBP_mX>+ zgx$zNY{&W3rN3INlber+-P4D_B*TE6@&GFmGxHw$%zSg07!V4(1mH|!WNp7LCjx1>BL<;?Klyjs7iIfcSBx`( zIE46;*npTZJM60Re6;zF@uVkaxdYyX@3NgdXOmdp_Ua0Ka!=soeDF7)nA#EiMN(kq zBe2WNccTZfIqyTSD$qO60}kLiSLJ*46YsmK9N+a3u$x+x{e%F&9E5yl74TeapQ<`| z`)ts+WdBqd1G#%y_;X_YFpmAXxk0{! z{Y23JT+X}1e6&Byc^ItA_WcQY%OPl=gmvF1$_q4x{uX&p-lscw&xJ5ge`LHW*6q=( zk1`~n{RR3xJQ@A0BNlxNz5aWN`a57guETq-!>6l|m%ROgMmS%Vc&%OPE+txqkxm%07r0K1-ag-N1^>$-al!Xr+(o+6lGj~rN8{l z%bQu}?)(P7&Ws~Z=8eic57$`V++>_z}k9MDVpG}CxIJ_wjp#K_N|K;qzHplgb z<7~@1C2bY>`^tWH6MGU5eT06r7y22&c5yWzKUW9xCPTqb)&b^j0Qt>X;9iW2{=8rB zF|TCdJEsQgzjv(1PEcRC5Bz-J4L@b5FU@?Mz996a6QOU-d9SDoK86@{4tz@(a4NCq z7_?uq3G!W=fgY2AeHjO(h@QlE%=_J6!LA#}Ux58Q3xMC>d9L>p6YsPn*0;w!*2o05^J-4^Y&=} zo$-0`E9@?hgM7kG@CE(B!`QwBaX;r*W*GEa*?u+W`8gErUop<7^V}ai4Efj{z~;oy zd~c;;{``%3#(ygO*PaCXBSSeJo}*oyPipS#3x02G%6P8B_5H;Bw4HdBSdR5khFS32 zWInLSdGvRGBd{;~nausq#kw-iiQ^-$&pM*$B*>rh{1jvS^cewpJ>mFY4Lm9HOEs=j2lkWh0_-Xgi!h(x4MMwo ze$c=20iNgm_MYfc81hfdJ8fyd%nS0?yzg3YJx-N|{K|Y_WA;~w@+LfI`tNP&d#Mfk zt;X?gqyH1D(S9KJ$%XMzV-w_aS^xR79+<&AS%G#Jc+WRwd!OBCSFJeuoyoY%e;o2E z#NIE#-?N{DSlD-DyM9lhKe-1Ou?E;+IxzcepeOr#!+gA&{UvvYzC&&J&BlAEBmFqL zK_ANZQwDzj>JbfjwKu?QuYvtoH-BNgy0Ff#M4Ueyb_0l2iAHnCuQUVta@`(q9;N0% zo|5-PU!J=Xy!YEUWBgq>j)jz8XWiML5!#nO1iTah{OAj;-WOPDB>d!W0)A*5uxvlz z;eODMF9Nk#MLX%5==V?JCO4&FBb zczGW%o>-Xu)~y2h?25q3ozb6rI$(dw)AoSA*+HNa$D1n@c6*LOesUuC4chJEJ~oVj zJ{|pLR*hUaY@w^Lzxej{Y$b{!T9erej`t!~NY>74j>@*|osqcpteFClP<=`sJzw zyYJ*tQXrMyy9HyBPXw4}hVp8z%Dm;ral`8*#k#d7csttV?7k zpb-SST|I$$+CsjMaS_Jzy&??qF}z=^xWIl8>yqb_z%vX1hGzkO;(i!2z(4cenC}VR zw>SJI?*#s$CHQgPquJU*e#IAfCMEO@S)V^Y1^Ig7o0j0I8o(}}JNSqr#IeAB)-d3iQou_^VeiUuMlxTXVx6^- z_i-bhtJHbXuK!fDTh4mmHhDv0lcumsS_pPs=szd9_esd7p8#e#27Hqn?Fzesf4BrZ zTnqBAi@@&|1HZ<4G$1YbI^uNZ@#>{uAHZ>5I1hf5{g>BP=f0I?9EGsoRefOR!ue(7`!+x8fDJF8FI5*fn&aQ% ziE-{=JU^ztb{$|>hx_ivxNOCBILC3XPL1}P_#Ub=3+;a8{$20{&szz0i}?Nd7v`1r z+}AH$moPurH{m)|$cT2HyvN_Lj!xiykIn)6G!=kzeghulxqO=)JZdyBVjOT?Y54ul zbCR(!_``b8FX#R=r#z5Y^AYqP=fU2ab<=jd=fS`*mKVE!E47xF>v=%*X> zM|j>m>O)>62jt)0fcp#pR^s?q@;p`M{O@qSZ70GmhU2VI7`)44U`p=iX|^xO`+hIu z^~-qJttYOe-|<|(9_;_>7}%}a2F%0n&ee&VsPDjiS;TQBIS%{r9OpR3^97D~D#w|X z>*$gR_G{JwH&cFuc`k1otWy%^``n*lSApZr!tst{`?js2FTwq3&GDxrug`eMejRop z^yg2zPTL`O`v@${`NeWRxyM6Zk^NL`2)=>!+o=&4?ks{bUck>ifydjyF2zXj z&0L>rufU75?kd82=VB_@ucv+``5T_2QTx!YI_tJ<*TARnJu}1y+=+Q2hVmMFAzwpW zaTWX~ar|uX&YyvayoX=B1h3Hrn2qy($#dL(7vzhXciwP3p^YFvvkcgV`LhiBOUiv% z#`~_!8rbc00hXhme#8mP7ptd0?^qg`H3Qb`7s_4AYwo5heKu5K!F+-$iJMCQ$WW_Y z3{`yvc=M#D{2e7XRa5k3#4e5eCGJ`?UlFX7w7FO3F#UIyntLsfIMz73jYfBM z<%*%|iTzXY=P5Y+xS^U0?v%e8-cj1uJE+^aDaQ@^?;N3&Dm669pwK$XQ=LSS9})!Lio88+D_(h$xv}(KYk;|{pqs&-EZ-4n-}~T zYTj1)3&zs_RPn2%-KpOUbtb8yBEA@EkD!Ch^RZxw70{=&&|Mu*W~x*&u8#6oY)8sG zY~xxjf5~~A@Z3-3ZzT&Je`hE^!Ry4d@4%)bhq7u(0@m5KPL*W755?Y5#`jv#+uCpGb1mBEU8B)WwT?H` z2l3xIt=^xOUbnXB{d89^cNyx7jH}#kph5H`)*$|2*ofd9`V)LFdc8lR6ZJR^ zwPTa^Yp8ZsyoiiAP2@jheEWab@n)#6vL7P_2d&iYn|tk(_0;1TD(jTo-%WjaBsLOH z)np&i`^(?#x*`8xaP}KRWf$zfz)%GQw@N$|6%4qj*G2kg+^5)PsInptx6Xy3%1c~V z7w$#Waa~9F4EcNBjRkiTm+UiC3*nDXqJ0Y)cUu|H37M~+=Q^3Mo}aD%Nck(uwPamK z%07*o(cEjo8Jw3R7qCwyZ^=23_HG{xHB_*t#MyYkv40rKN3ii?*awI_PdfvMI#@mK!pH%B<&)#p~9^U8AmwEc5gzvbd5RQ|r2 zj;n*RPFuvTugqhI;0K9={i3(UbxG;3aaK3=LFPA7u(`xvZ^3U%bw6&ZiWQG;YNhDg zXKn7~FaC5KpZJc)^YxMOoR#^`duv#z|IVA{H6&l1mGQKd zabFVL#`Rvh7X5#Fig|^|U!K?VtD*l2a+0*_)HOrh_D`!GNI&za#71%sUiz0+hC0EG4I?QxaLnIzm z60}b?6Lt=QHLQ4YR4pVwrW9`P&*k6j;5VPhXGuJk5x?4hdzn`&EB@S+r>y%yH~4R# z#8HJjG1LUX`_}#Pm;A(aJ+Hs_XB&TenXexIBpJU-uhbI3CmHm7{)!`gZmP~~<8|RQ z@RH z?-+^4V|o9=H*$|Q{x`Y1N-gWO+Qm)T^gXtqePzizx;@sxO-=ly`*l-F)=&SNs;`od zMwB$vzCR7sMz}2>uabG{yxdII{a^t@Rk7mGPSeO4K-G9%vnSE&P0676doh-rRCu%fF;uctH?fR`NWLCa#CMw zzFIIy&{g7du3%Te<$|(+PtH%ldzqfjDX`cCTdoO5$jy$aUVYlulXe6(i%+>t;I#h-=C1a*p->AC~pd`OD@v z+}cmcrPBUb-hYnE#^TRa#`}s3(be7x; z%u_{$>$qJhc4=lIo-)kJq&7;rUM-KYMiNiH(*E6Ly^n5cq2zO&7k}mhtoU|Qdp7HR zbyMU1#@*F0nQvC<*O&K!&5sSUeTRR0)b+3C&QiyWwC*o=^~YD-n=W#Wa?DDr+^o7R zt!lJX-`|dEtkhE;vm90QcEnkn#7Pd3H{khcjn$5m|>~9O1Uv3Kx^{3>YEi%r? z1;}f7zsP&Yst*kHt0n(?KHod5jn_-5H#9mglN>2{Z8dO%wA0){?j?;YWWV={e|?{I zlyh5E&c{I+Uw65u^n2=rtV_$(|GqCzc5C~;_F=uO|DVNd=LYL|Qr0O(*4ft;dFwBG zM-}l(*L#L)E&F*+`m15#zxQK{D}BG~I#A~!TR+Rnx~aSOQ7;aa^Ke<_QFjOC(NWH0 zD#=gpHX+}omvh-Ulho&eH>5vb>F*Br^?{62nyIIPhU}}xqDhqcA$E^soM~svyY7_q zJ=^wvbmO}Jb&uK3>#3Xiytu1I*8S(Mdhi~!?VIi1`@8*L{t~VB61Oi5OMWcp4R-_R0|7Bt2~kiv(755GRVEQUM{Ox**~3+5f_G9AzatJjSuQ^8S1X&Go82f z`$FSZS=W-Yv0oKuXHrik?yJpqR0|PTR$cYg!BI7TY^a7JZz}!N<2|J1nrD^xhCc@t zFXJgI@oRsM2WECuI$q-BP$5tKr?`H1&ig;p|t9Y;^HI^5HeiHl|3G+%a2qnj!uanfH<*Da$2v7U1O+>!T~ z@E-Ecm@aWRcD3F|@R-?oR9$QR^Qg+!e&$j4q#jx>cKST87JPF;+dHZ&Qh)umPmZeM zJzZZRpKp+HWR-XN7Qv;7lCK0?NPW3O@Q~D98mEYShm7OKV!bc6yei)*GH1<0Ma2l&R|bOy5%) z&kCLveI{8~y}o&*9=ssDzpQT}&w0x1nbbFFXWNfG!lw$it^cANnN$byZ{x{xW>Onu zKWsc$`qBHN^SZ7Bj$}t3h!@m+j^qcO7c~F*Jf4+$|FxXM?DB5AA^D@aoW~o*R#)o%l=sg+`tcI~_I~ttpZ}{LTRh-BXsA3g4*i|VPuA^&pnW|3JP!MK zw6({0@%`z(%wv_*-JeRksR44|=yS6~@?)DaZt9+FK#MYe*)7_n_ZRQzDABi@#y^a%nf>--*rCC;qjm94cI#bApUp!ls}yUpnsg#)*s?8 zRX`^7UG7I)9hxq{O{F`p-+|C)7QMbd*O&bJ_+05PognU|pYxK$lEkgPr?~HqU*_v| zYvc7m^3`UKHeSnRJvC;RI(D;%n;I?WVzUSOot8h7Iwk$~&oA}UK|{S2%qRDq4%TYh z47IHQ=2JC=qe7i6`Q!lXHpx4om%IlGNPTfZ>@@ci9xm&rxqTcr6u)|%wV!e2Q5zL7rw`XZv&=UeARtRv(l+0NG$ z+`SO==Ui;xV>799G9C|EU;FV^6t2Hp==bw2yY;Qj{+ftiUH{nfK}+HKe7B>%2f2RF z50m_)-`8m+UNvTtcZ#kzIt%Lh2zoTw z+xmR4Tc23Dul}s$sNy8=rmXC!PA*5h{I@vzU)%q$>u2xJe*FUfAJ^|^zqa+eEyctC zW&Of_imz&t-)-+Ry?&#rI4b>}=2Q9qZT)rT&JeNQFv#r~R z%KzP84v)X*Ut9jrc|zxfpYxagUZ%g3{ipj}=YfA}*P-e^_oL6-KiU5$|N0#Lll_14 zujBEb?EjO09cTY!|DXKp{rV^S|Kwlq$3NM3sM;)-R1?ZCi~9>h>HpX6C*IADAC+Fm z*>U|ZMP}G>t&g(fNyXnXi-%?@C;n4P)uR9BrNVPHk*_Zo#D15h4_Dje6?Q#9N^|Np ze-e@dk(`c>q^g%=IXq~ghM$XA9^ftlqe7`n$Or$-jgs?J*c zp|SIWp(+NtsQVT_tTaEB+f}8^t?du1j@#sQZ)8^m$UWrsSl1!Ds%mkJH>t|5>RBA) zsUDa^H6_>MsT-J6wI$c%@eItR`jYGMcn0QHBQ1{cvGV9OKEaj*w$K z`PJ_h=lZGq>Z!#so(_Qp)CW7>EwG^a)80O?kaEhS=NoRVcb~w*Du=~=xZZ_TF^j|B zK+$`U>-h~2ETXEA>-mihEUKE3>-mihEUxswT9xnY)_PA3EUAWB+%`XV6+@2sl~S9? zF~3skxW#SpUP@iC<@yS_BtEJ=@<#i(UlPZ}{>%CPz z`8sgGv5X3_IQ%D79%>i3sxR|9YL-=A`7M7|d?r<8RXjNRE2k33H^yoEaw`Kt>%d4yf;qR{apB`9V6}00a z!bg$c7X5<23hKSZy;YFazM?8xNVoS^>E!m8h*$m=x1DeKRWvzSd{V%<4-?nt!e{tRZd|>^5akTeTan^Xy{99pZ0q8Q%> z$%hkE8@1Gq?{#RSG8cosi@cgY2DVkX$UVefR!sFHFCzYrnr+n@iyu}v4{eoMT(`IF zUt5*i;wsOJBa^OMqAa)&RzwzQz6ukmh&-Gbx;?<8Q&e0tNhmM zU+1ZVDoWnRisz1M9y!ieN41i?n4BMZPbvM^iFNxu)_gjuVdU?v^U+a_C$ITbej1as zqw=%3x4I?k;~3OYMM7`wr}j4=+-Z#bmcdZrE6L;Jr~Gk7NA-yu@zYV&cena?x^YLZ zXGe9=;=WFsRf(7gf6q^f#q_8pp1xmBkZ{5i4|m-Bc&)UFCJt z%dwlC1PxKit5|xcE9-Rp4pVu^H<4E%A5PwYye)Za@(SeL$up1- zCSOQCp4^vwIyvHNmV+`31x1feXSNZK0upgtsCuBmAg2McpAcWj$horl?2c zZK;1ro<_zaJ*d~@JNL?cDE7`Zl>Eq_%h1?8)_{Jxm#M*fHJ-9bKT8@aFiG*f=&raINq{=HRy*}sE9zACSE1$wI~63@GX z{M9#dJ^yn-Gu5~{upcJ-xjSgKx=Mah;^{_EfU0j@nck{`+;5M9LR12I7m1(OLE-8k z`E6+2dkPrYvhf1@N`@&_+a?L5Kt`t1%{tTvGMmj25GFHxS2p(sCo&=0Wk-+J|ue8?&7f4xfC68f$; z4b>@ly$Z3o?Y@my>n-lf`zT%=u;Z>OUR|~04T3hRmlntQELCu`GFxf?IFG%8x2Vi^ zyi~!hstCD0pQQ?JQ`PKvui)*vvHb5~(wVY9FY@kGtt`E-nkw<%GsSMz!;be)u}2Lj zPa^wcs00;6uFv0Xj|3HE@qTW>VgMU9PAa&-(hu+ z9Ov(_`e<=)_037iejip+Qpx|2zmv+l$`jmaxZJ;S#u3%Z;@(cvgeR5%lyPV1m9BRu z1s_#|?D(wUW9ohz%b%s68+<~&x413;oKi{JYP~K0oKh*%G+qxvzc=KBImmKP~*X;Irzn#clh4PG#w!?W2^gR}KcBQ^oA~so?Xf2KkG7 zhPoVlLFs=zW3#^#d`bC}Pm}e05`0-*AfF@q`6>9Sk`lwRZzJ`SQ^-w~oV?E-L!}G( zUAfwEmyp}41o^tVhAI}4sLESBRIL?%?W{w_b=4SA{hbW`; z&Gb!;CXbh|;A=v@DV(p-zM(H8$Jv%OS~( z*W|so8|q$2a-&sG*l&{ke;$&`@FKq_`S(*u8snNBSD|T*6un@7TlCLE(i`Q;BW3(4 zLo*twdqclne%hZkG`mrRe7EGsPa!#s%H-ER87fz3F2kQZh3tdPk9bIBlruc+_^iZUp!-9C^g`)p6>U;OiHUBCT{C-qz)`QtBr(j@Y}Jz>W; z%l@ATt@|(kE9L!uBDCJWc;U60*Ehm2Uh6(`Rt=1~96#Pa4UHw>>aDfD4UJ_Me`x6U z!Ho8%8|LtPd71?1V~ zet8($#Mof*P}ND^A8$jO8s7%#_Mz&E+&7;?n;9twgBO?m`5xNb7(m`n+9wNZX-p!| zF7MZjVXce=@~iUO1ukK2jl4s2d&KAEOdX5^7Wd=#gRaI&@-i3oeswhl4b}FE$vay6 z)72P7zR%j9uEto4hdbqw_0AL4)$k#IA@MpcPgf(t;yz9fWW9!}u157?R{u`jXBl)0uSa+ind7Su58`RzK8jkiiq~5D5`g!D;zsP$*_)_wU!aIfa zFxHZH7Cuz(v$llrJ%SWn{|c^b(lLxf)=uXw zN6lVFl2N+7pUQDVf8Xh43?M%#_sit0y^RQRd@tx@Y_WKvk-<7oeT?1YC$00-$GAd1 z$>M#DH{`>t^VH9HNB&mc&nH6r8=oxhqtad1`C)(&Gg^i6GZBOQ6X@Rs=o8#&24N<7B64lznv+(%6oo+aBb;~Tkt zZ)M3g+{iT%{kM|w%8SdGG#R{u#GmH%r+}BcY^a4{Ba8s@8N!!`jWjY$)%t0wj@0Yx z!^RlREFP*{BtEwYclOeHZ;Kxbn_#^62EU=}!>}oa*EG#-_0Lozz~bR*VN&_38#dLr zVsYey20`A&XK<&965o5|KjmWh==Oe2K~}!?F_M!nu=1^skItn;oB=)z3)cYmHBJ z_$c`)Y=+@$@rOnVc^`ca^EaAJ*ZM@`*>m}gN#$>}BS(Ds8y(0IUo(wP+d4w^^j{Ax} zZ;+*TLjH;}R+3Mb_zwz?GW1`Iw9dQm2;tkQ@4HN&_h{oN`B{l?%`aHo$H|a-Qu90H zy{+#}(Z*wodppe%J~uqtctiarsjsHW@7{hRUn}t)5*B0R3)cPnIPDg`CM3qFYH{25 zt5~C<#r>52-nuwE)@Vh3LE>kqiZ#ZC==Of<5qY%54;z;yU#}GV)zl~4mha)=bBxX8 z*%Nerm}8u?xb6Kh$GBs0A2n6-;hK;+#>!A@d}^Sa*EJz?jl5ytb(6!87nM)kn6d{SVfNY+h+V`abM*s>zgrRn{m+M;p+M}`T2qH zKghF4{g*ppyHPY&k2hRxJ+1XSjm_j6ExyaxN8VZPv!W5ZjmzW%g_n=mYdj}UFZE2V zi2X*+Iq>Hy=c9SV0iy!>G&%nrBMupZ$@fV<84z*A@Fu?{`EOjrQ6q{xQ2L({aojjT zK0tVc{0h1LuNdj^`pEp|Mw~V>%muG6_s8OhGe)m@-~~R)_o9e%#vbxy!cRq9FrHi7 zcE4OUK3N>`lPu!0Vb0g>!S6?0F!y>6_s zxUbVg>-*|;BcA++@DCB!jkDy)M>mXH7WY%8)cfBeZWwRvc+$w5MzRIg_*A02_eTW% zZlts0X(DeM+3k3a$V8)n9WNPq*Qi2%IZpm{Y~+2Tp&f4-`M_vv$9qLSGJ4tZF_BM= zVRk$)@|iKoj<1M(Vfb6zN1c*5sx5hSd)H5H9 zI&s?mkb(F2Cu1Nv-rrx0@#InBe^ba;!=D`Q_dkvM7C&et->d7H@5Y@)O8)1oT3Px3 zhY`0J9QXMTW52~iRTKH%nlgzpZ(7`2>GioEsZ8f3+8+E%WKvWAH3iLQN&S~8D!F;l z;^AtdgZ%6Ms9(&77LQU%rN81)Db4rf1tdRuM5QvTFV*d%to&aqDz&-T;E%7QHFIwBB)M+CHFI9G`buqYyC3qKO)MVeG)La2 z-JJ59tu207H5cAAD!&!8>B+1$CVxtSb4kF0B^T(9-hto7a=RoARx zaX)^~t#7unc$D@1ZC_MF#pc?YSlWQ68Ti_6aw<$J)7sOF~A2HhX#>lod_%tL-r`cD_#%Is*zb49l{ z!!2%$$F^qNPkayTt@)OVZficbxGjF#nV#|1{1oD+gIRqeIO3<1S>NJ*>ZH7Psz!G* zTWzw&XZfoW-PxRE@hJ6J?*GQoUCrqhx6Qx1ImhD2NAhpj%*7TDcd97++cvtpd7Au` zE`daIAl8=`2p}7b7PPyMT zZ$v(e?YooDWBak>pQJv}_JQOv@;zAdCFFHv|1{rDep-Hhq4^o|%4@(MkVn$~EBOa` z&uII!TQL4M^8V1g0C_|C{Q%9YkUv=meM|D??5{uhL-MKQt+-y1M_kQ=pm-l)am)>Rri~A}4uas~d=Oukk3@26ZPU&wz$ z#7s|KN!n|ko&1N@ezaMQJeTN`s(_?Uqf54Y@(Mo%}7lCP5X zm!kd6fbH5}sLCn%U`6z7^Qs*`8XagB-GTm2oRXiPMu(XGZT@tHA8&98PmJZ8C>WH;I;ll$>e^eWTQjxUe-)pWMwYhzZMuH;7- z%D=veSz`{fh1OJ*oi}}rT-V44&>ZeaJ+s#1|AEmxb6O&-J+9%Cre>5);yWiYEuB3h`AA87j z-EZmn^N1s6FN-5T7tVLY+zIZ4-}gCY9<{iS)6K8)yRfmx%(K)x$@t5sJZ63(Pb>Uv zs^jLM1KPiz>MHSA%{*yNBVT(${*`CCQ|5efeIHgc&zRfD|J<&BAM~s_?jYJnS?A@f zIh|bBSKhhKnt>KiG*Uk^RFBxR<{Wa=SLe)?7WYx^QeO;J=ggFcw7+mwQO@JY*mGuT zJKoLVyyLW%<>b@^%E}$?leW_GgMtPOWNsOg;%rVvg2kw+V`;RFPTm4^sb`s zLVds|sV`$Mn|i1!E37qQ{eH)RuazpYSOb$M}L`ADBTF_j4L0_vKLa$c(bMtsZz}uCutU z|3~Hy*fak=GWT2DN6m6n(%&QV;7|IK)IUiE{f46$561V%^gm`lKIz}$w)s6a<1Fr@ z0-cnKjD2k02e(9oOw`<9%YTw79MP6LW*bebgoC-^F}lzWYi4mHN)&U+bMu z*pKh2dGwV1_@0`VEsphzi+yH(vbdj9o+tA2{MZ+!I<4)!ok|FQ9rVIXZgD@S?UKJX z#J)7sQh!wVZ^E-tUtYeC?~Z+C7ACK=M91GNvz*0kzaRd}tWA#JAAe;Ivv|1D|Mi-~ zv9HYpi(`CeV&9lQEbeFh{=omo-21?HIrabJ*L9uqzTVgS@80jXNq<%VxeG(tQ0}3ato6pyP#TJ%7^0yV!YGg@l%N*~F0-2JQ5TXR!>zd5NJmHca4y>C3F z=WkA)=C@nw`<(U8Z_Y-|$^RFNesjDJ$US{OyvsRAa})k9CqwhwJqz=p>DF%NXy&7# z?-W0e`2@`G6u*vn8gqQ|fPc4puP|TEd@}R*m>cW2l~6h6KG{L{HX^I|Ur z{#zFP>D~&sdej>v6 zRqS=%U@o9P=ia^7d6)UgXdlz9z0Nnxzr}bt|K7dMkDAZ%Dlp$u^1Ygy_qBVSK!eKP z*EYScwM44sx9j)2PCr{@eyrrhx_yKyY*Ehqag4XqEk|_ugyah_f7so{5xq5EV5MU{ z(a#a0T=O~B33@+X3U8BgKgUwgPGHM z+Y`$*H|;wpR%>2t^~Zi__lltSj`^|p)xT|pMB1km{|L+v`c{O*6`C7;5*4>-ZrXoT zRA_#mH5B9X;EEKnmgJT?RcgoGF%kPrg@^Zh7;ksn9T(FzH~C438#OoKCqyy3{|@^6 z=!%56i+M7r_d){#@I__jx@<8uND{zpSE{ zNN4_KOvw)vLz(}$pOW_$$7pWy-$$Il@)r>Q1r>e749(4W)>q8^hlVQ<52?+5y7vNdy+qyeux;Vx%r+T zLyXhh^v4V_jXCwlLE<)YulwV;0f&hdnp1e2(+?9b5%>Oy_U!ZyA-^F` z-|rnIQkheFjuMwKr|$=ciAv4qSTokC?+u5E%?ZpwSC$Z98_Q!!RtNZh+0 z`svP!Q^jS>9|C{ko*XfQ`6hhNb$`V;F^l6)AVd%DQbyx6LB z)O_@Gk;(ill=nJ!yvSNPj< zohJtDRN2q2dcLsuzVk&XaSrbSaS!{a@1rgdk1(h7Unrg<_niL8 z;swo3`A-(_kz9wLW=$5G*u8omu)bo7XzC!JBEBci@n0l%Xm0Xzk;wk3eSR($3pF?S z$rt6sb$ngB=Zk8VtN7llxJ0b!AiqSsOPu4oR5Y@C`abMZ(W<$L|57pjXB9uy&-bCr zL_Tp{KdDDf6<2qVPZPHh=kPBVW$a#se}i?osL|Ynf4T5lRQPzGf%#rT#T6n)^99x( z%(ug`KvXgR1pP_z(qEK&Q{DyQ5zS3|FAz^?UTh5ysr5~P*w9J-0n7J5|9n|dApXVt zT=<}zF-}t{p4AR{AzeOCWd9igP-1l63i#U$?K4~SCD>HT2!{0GEh zl6#+{{f`#qVkz_Q!N)Hy7uC!oOR=B0c#)`76KSkx==Yb4#9qzsvnsHkI0f?k{7QbG z4~dbUlAHO*L*g{eO?!S=oU6HM&ku`>G%vOufw%IshsBHz@+D#x z%L~wc*E>tZ-#f|gWBDS;3l}dDONeXzapU4g#0Jexf36ZOnw#`iiS@zu>8%o*HK+RV zmpv-7LrQM^KPE2MoYH^W;>W~2#JyDLyX(6=As*0tj@J+Tm$D~BCClH&_e_=c3bBmk zTfu$S3bBgi-=YBSTU;&Hu)GC)5%}vYufY1c@ZKlI+bn+qymIlA;v>x|y^k+`N~qhk z+tT~Am>X8yl>gJBOmkEIPm84H#TH&KSx+r~T2wI)LZ3Xfc%`Ujev`DUR~N4mHN?G7 zFdv+5JtH=1exF6((>x>6BPzc8Ec#yOSurMsIDN14oR}ITPT$+C7O^;S`rhV6k-?n4 zw|QCYV15|%?YoO#5%mdjPv6tLCNlR^yx3CT|1>SG6Q?s*-xn2vPi3yYFDhL8hFH&B zeP1-)dQ(`bQT?;-@bMk)y_*#k2&HU?MVpbZZm-a{gC2D&rZrWF~*seLncYU&1{Hqs*PviX$ zB66ViuhU;W{|7NZ^J4G9YE>UUiX)hxvPtQyAH_(`@3ZDYKb;@_QRFaJzjrB4{wVU= z@q3ax#R~FoJ-QJ$JS1DhYs_EN{1@>)a|iozFE9F4Y-Mi$fpp#dtH|xG(pPK^cw41s zm)NTL9IgNHMo1+4D7ne+F0sB7Z_wQIuU(>1^J1$7;aP ze@yp3#f8Lmdz;yPuPD;ol!q-p)ZF}j$Ch7^oXf+OP0Xo0Y?(W-eR?~H~v#)8OtfYE^>Q2{>8$sGApCK{~q!V z&Fd`s9;JtTKywpb4_VFbDZHN28q_}h2g+RLl%BrwVa>^ZO|q|iUh~_%P4B4w*H5lx z-UOZoo^hB8uh`o54Sw(Uz`=5Y=BEAhmypXMm@H4`OaTrsRWUmgc5^4U%ItH~AYR$CG<27wfro?jU(#2lt1`D>}G8Oct{H z4Ol;|a}Sf%%-_NIzO~2Uvg=?f&xvs*A0o$VZsH#*^E5Z{50&}GJ@nZ+cc?7X-1P4w zWXVt!p3z4~$TH@t|6m0mmu0q>XUgX_r|_#Qj+7q|*X!+9lSj*@4)UYrUgA7{4VU2~ zRd{B7JzQonr~Qj#lmrQ-9i=Hb(wKb6O8LLr;>I`+T{K-M@(bx3x#U zJbk#zk4gWf@;uE=`Y)CFnipG#!hLz#rSkR;@~QG}mS2tW_509N`9cTzH2G>fdDrgK zWV7a`zh5rr9;@Ov{rz%T&Yb%D6*BX<_VO!aHgl2}$lfE`%M0XS<|MyTdL!G*uasRh zr}q8Ofmg{ucp~&CUDqYvo+#^nUzW`K0D_9@xyxLb;aw>;Cf4 zf!E2sB!4{F4ugH{(gE%<}CSqJO5`Nc)k2U^RI2S-?ck=gWSqo z<=1=gM%k*lX&*Pq^(VHkznkP{=2X8o%k-1l%WsxLHK+FLvu=?&ET{dc*|LPW@;}|0 zEhmrG<;D9`v*kR^xAFeaY)L;U#`j5k)ObHzmb0Aphi1!4;x_FM&5>U*r}DT}HZ!O6 z7R!|zi@{v)!c-4 zhb-6Jgm;Im)V$bQftk!Y_YT>hxhe0ta{Vdo(>GUsqB+(7t4Ge0-w^kXhCbfjzf|tf zoX!vMgCBgV@?UI~evI!2`Y(_}H8<%glgDdr(o-f!v-?d*&s_(X$397*b`IzP={fp#NnipF~>hfG9Ut&H%*H?vH-@*T4+0eoNV%f;;57OME_aS*GyI1KgPkTrX>)^gpW_NI3 zDRbJn-`b;6=4o!)+at2NgZoEhjpn92ACapkv@g#`*Zpbe zgOADC#JzXXe&^r2T+U@ad4`*}`(tr_acv&r;!SDwcdG7UeQTj*iPO9^3|G~_WQgXc3%7NpO<5pQ~WQ;^%u04 zzaT%++?4lf`K9J2J*(xvG%vQEL;pSH!POE+EVOISFUqjyCcQ7p(>uv0wv+d8UX)4A zO?qFFr5CqP&r34NoYGq>OD}6Luay;=oAkacAJg2V_htE%=Ec^<&=;pX__BPngZx#w zk>ymrugd+Vw$IP2GEH;JPY>r+Iaza)-nDY%mF?5BR*q**>3vNOzNWqWHF><|CcUrA zQ#3c}eO;cRxhdb*<>ejZb+VAuh!ouQTr) zzP`a2`F#iP?o_@{t|K$}JDD%zoszPD>t*8VMia%2IYgJYW4-wt$<@s(s+`mfF3Md; zF7ypBs(#5Ioalde@BJsa|9?9?b;CsrzY|b5vBqMQPh+a|shggSTyayLraX+P?3KSQ zn1m?zoy*PmQ>NOLGVYas!&Ugtf1tRtFCOyeST8& zH#VwpJ9B-*Gwjt3(ki`%w@+95a!@yJDt9Wqe`T-YQRS)3G4GMtU)Qr^C2NVFyH=Tw z)$1eTui%}oa{rO;-?(`S`B(C79FA&lD!%sVSNXgQ<>8>;e!oV_tygWNe*f2_5Qyv@E%er+|$U(@Nuxgg(Cekfl2E`{5> ziMPF};(zOLa&O|(H*z9B`i4&AN8Q}1;-&Ivi`TeI-A!_3s`^(qCn@)Rx!&8$mA&EW zMs8Iuds&aQPnWWv|2BnV+JkBz%3krms&`{=Och`I_M*7D@kWJX`ir_*N7*mq`ZjvS z*pu1WJ<|P?@+bC%WAsn^cB{fw`p2}_f5%PxH1VpN{d9Vo$W%9IDz0vdRi@%9JbeQn zxM|PoCd>Bm%*42*xViyTwVz+LDfgxKhZj}24&7*naMTT(ZT}3%cTCs|RpIEH@8C|| zXsP_^n>CSt6|T~grab>ju5R8`={I^q-Bhi@8MsXO$7!w~lipDAsd7~}9JLQu$(4Ju zZ!7mTJnnYgL~=837`_4eLWQqxW>+SKZ`!G|ZyY&9hi_YCI@aoGK)D#x+9KBaZ_ zRtoo@y4)P=?4AFPBTD>J?J@oomE)C2rwV84KRdcN^*&0sN2Ha<@6O!Bw_WQk3SZ@` zbNI#R_pz9?F4HEy&fcQ9Ywgtf#BaUE_EoFO9bt}93_x92{o7C`v`?^>w)jmvCf?5J8Tu)u zi%guK#Ot_@_BeN0yL0ySTf+xxy(z5oSWkEK=U69kyE5*-(e2BGXH3Uh!{dT-r{;_K z&@XDfn8oe3W4P!KEh^oP^|dx}PLOV=j=ej-x@tf^SZYARA>ER_@R29-nJg>%)iy`9Oqzc zR{0dxAfE3n;C{D|`=bfZm>tIjTi^8CHcqtVi`H{({0lBmb5kCZ*Fr^LQ_v*N10lw6g!%i{*EJB9Tk-UX<6#uM87pYoU&bX&?5?0@Blz*e2pU1eX(r5H#M=q=oyC?rx zU+D6|uaM9$ReT@vdh>SHe`L1l&-V68-Wt&r`~E zx#HJDtgnr|;YL1?`@ivT#vSU%ZRKRrWlXbALF)^gyN~vw@>{~|cwHKy5@Hv2(lAI|6#(l@lHLPNB3>qg!{jRqx>6pW__kiHNKktG1D$g z{>hzVeZuqA|DuBG&vent5(CD+#8OuIAY zSFCT1Y4jA04@Qr+?Zi_RC_S>|0~yvDHr1Sj+5uJ#$D(4NS(RSFJ_;xY6;a- z0qaldpST}{>)}UE-+yZN|4Dv7_h0j#$>f{r{eQk!p?1@@UNQ5Vj{2jsKEXY#JRhcT z+vy#6-pc;o(AtuKVN9DTde7_&QTT24CLGce!dk4;C#^p? z{S>clt%goe{fXA0G`_2SR--36%gJ6^?_wUP-fx@!_20TP{k@~vHeTMM$8Eus|> zCX?o;s+tEe7K`!Ve_!tq%#y{x$Vwk?I-hIed#ZR4krclQ6kyQf-I_4uFs zW%4@8^c%yE)9XM}9&O=~JPP9M&6m5@QmEdmkg(I4EN0K zpnRJ5GL-(d`Z4X;#QRs~e^(D}2aG%K`)`ND2RcQ^jeDWWglyu zVjTxQ3V$c#j_Q+PcaHV3H4*$gnCHWs4D(W$m*NMDm%*Hdu%{vH%kexNvKdxi{M}{G zuzJCq2lHFpM*Fc<2zP~WcOCe3@H-QBv+!I5`y$xi4D)7~x4^sw<{X%~y%g63J!s#C zzj<(fC;sk&pSzHw1-Ns40peMJyWSTdo&~VK7rDO|cK2FcV9ta2t@Qx>EQXnc`5?@P z@wXIVFGZMDczy!*D^Ln6;C==8li(}CSAwque-?kQ!)_h^-hjV1;O{M%Z^7IEa|6te zA^QY>oA9?8f1l#M>`&qUQ~3Q1cRg=Gcw4}?fH$J78+g}ZIA{|e?mVSbOlpYi+)%sp_s2X6Pk?H;(@1N%Q=ZzB~B{#^X|@fX5h7=JPR z#qpQG-+uT@#ozw;>w>=n@YfZ8-S8K%hTv@>z75c(5ABI~A8iJ$A=->t!`U3G&Hb$j z+Dx-1u{lkfeNgAhe+)PMk~xRXd2B9Va}k?M*j%p7{?;084zga;Cf?1nxlNl#AlE9~ z{?<;m?`BgxL$qmIbF_IbN{H+iX>*FToKIX`&L^#IVD~#6V)4iD~sJ_v;9t?!mGBXNM+hqKFbSOzC_zM;>HW* z|4xKJC-sl@k^5 zU$L#vVS3f-mtGU>OCHA?XFKjbgIV{V_5`~Ms}rBoWPJzwRHwnB8`IM*x;Z26mhMp} zOg30_a&v?A1-^E;!J5ML&}6kjKEmndZo%s4Jf~U5>$95K{RCUxKvfF+Z?L+&0Vjp3 z8zb&@y7~5CHc^gvsXUvlQ<2Yz-Nf;}W~-ACYMj^XL3o?-B22mou#fxbpEw~4C#aCW z3HJ6cZR<0qg~RFQUWOCio1Njh{x;d$bh-cJ*zP}3UcWor>@6twn6*>eTVk6I-?sX= zEl9sBTKI;A7AxmnRSyH*9hhxIM613Tp$|+-Pb;UhkNZ9R4HLVqCs58K#r1X&yRoCi z9G$+HC3QR##i!cbWJ{fo9?lT=cdTM2i=FlZm|fyGN|uYal{Z-1997Q+aNieP+0%)r zaY^mIn>%eY+KmWvc&XZaOr+YsKcVV3)jqCL{o-|kJrDU^1N)VT=T(@>{w>rMRJ9_Hm!Uu3cEB*=m%J!F+m?GAG!So-__GUB{0T zBJD}|DsvLtZTSEv?8ppzw{9n++!H>>jfOJr-i_JPbu!(ak6qClFw)!RWcA0C_iD%h1on)M+{W-og`|RZ^J!$r#C`WbU zp-Rst^dIG~mv4eYC$SaSF_ha;z53^WnxhyalVYOYIu0W^b`d?XutT2HID)&;D@qUrUzSe?$A9 z4*9##AMe8-)mM_^OL94t+GnHOQL^?osHYK5sV#OR|Gp}l`gfB1b=AJ`Z-iXArxT^h zba+0i%qD$NYO9l^gj;5RhOgOffV)jFQ(V$Fhr*u1tzv)G+FXYC$bU7bYl8g^@;%Be zwfmr+PlG?Y!DOskgnV7@*68|G=~X9HMeHH&(zU7|mD*vQ|D@Jq)2*aUdZ|?3m}*;9 zoUY_Pz4kQf?Im}Dt8UC$=hkxh)M*oX(;bF>@;U66LND3=dbV%aCqEM9H`G7L9RYXe z!F&z%a;=}k0ayCwT7M(EZ(_5V&6a)P2<$#=^6%!8s;0OfLO+cbpX%`rcfC2SFXKj4 z?^B1yfoZNEdM4`GF7Z#D=}4c?+HKJ|Fv<4|!b^AoSDk#-)oa!9;0{6#FU)3A+Yk3r znYVKL+h(7D@;J@gW)DWY&GnW$YCN3`cT`Vv+$xM;{hT!p=_Bb-yS&~$1nIubyWUp6 zpuHRJ$$px<6Z(6xH^dzXeYOq00ANti%^*6#<;Euq}9bq}i7esqVpnTN$cwV5D`_lw_58}Nf z0RKq;2;2xo?J>+|x-N%Jb_Sc79A75K7v}tjb-J4aS)A@HPWK|M?>E_Nw0~dFcIF`c zU4zTHe6zJVFqq@0w<5;}b2UFRnC;LF@MKO4j&etTuG(|9LnpW9IiyeW9Hn3H3g$Va zPqH04`8A)zFJRMlp2RpC5w;#jJ_}B=Uq?G{LVDE6fS&~m9U9js*p28fxarmT9rg1& zZlvCAAaFX$u692$qq zI6sTrwW#lBLQCAIKE)1cXt_({MIZUyOSbh!h{nx#*!(Dz)Zu*}ipzYo+dz1Yc8_mD zcs^Lg`JW)^#KmeyjmN{nHQHY3{e|dvW5W~VwP;s3($gO@UQe%MWlh# z+sNr@)cM&MX>!zjpc&@D=)XH)wm?5wvdOs)Z_$tSwQ&76bGS`xHnYBH=JwFa_1((- zua*1P2kv0h_bJhBjykE}7R%Op|IFwVw_MM!!n&VD?67zY<#L0y(|0-g^Z8NIccaBl z->Lgs)|4pq|4Z1M9^K}yMnAYAO7rYHqTjk_AfEf8&`wX|OTFkkspd&b!OuoNcp;j~ z{dtnR8u8Re(*(DFo{yz-Ix+<5xk8@rPSWX3ODVKy+{zSWPI4C@{YRx_3c8^!Qz$(Y z!J3=K-`#F+wA-grvN*hK9lj6iZ(2{}=ylBvR)!$`m(Ag1>-Eh^pz$5ct{)qr2= zv9tD*lG=mq9*(z4v-hj!d}Qi=gz=Hx54V3qdszcHg`XyAyiDitGr6B;Xzs%aMWp|- z*xVq)PvPXh{WeH7FZgA@ZT4_{?OSP2b036xel%TD`%ahC4l*RQ>kOUl0jb%Xj!f3` z*&Kf+kG~m`^fksyq;rImA!#0%AxVE{>U@rHvb4D|68GDfe?Oes&0mLdSecq7seXp& za(N^5H5o&DcrTUaK|aibvQR#LubW?`|6|xI{y9t)UlYtDFpf1N9EyLEdm+Z9wEc5+ z`cDewar*N(-En^{{9U$xj-+{1j@%#mw`Bh%JYOO+W|29c?aTM4_1?1mxxD@PT)z2| z=12LG<`wx|ezvm>{raS zRXTn8WC_@BOG!$)nUc!?6}VIN{K5fMT(4DJue6T;;DE92fza2Kw`!KN@O8vZ z;B=!T&4*v=*2?Z%rJ7%U3r^#EE63l;@wIYzt&&bOY?XA9A?@S*)NP9Y8I*UhdkgpT zR!JutN}WEeKYS`*{kuyaooE==_M7ZfAJuoNPrao*);HFD4)vASJx$AJcAw@~`HSJV zA*#RJU=?tC%HVKE`P7ZxFLclFQU8m(Eoe{uoU66J-Cf4AJ{>Dm|FNwMAL}(A_0zbk z?5~s8YxkS%Q9gB}?l;|+JAF{TKXt#}F30$>yZZzk-(Hxm*aaKCuDp8Ih}-;tNm}X^L%Q4>ZE1+=!Cv}ANAh?ANAh? zpL&}UlLbENw*@}xxA{KmxA{J^PM~rtWPgS1uh6Hy!i|B|bW_t<*;+uO+p= z<9p6?rl6gi(zD8^%!xg#b^4C-Rr}Oer?bJ;*Ew5oF0}epcypwh(^;eaqu=|~R|uzfC@74@Rp-#WL(r@jt-t7namP8h4x;h1v%yeF-v z*ST@o487Q;R}Sw-E@yYU-3T(;qgOri2CkpR4tz?lCf~U@k>i6NO*$P*!0AM_X5VSL zeNj76`?wpR|7&~o5tkvqulFjFYF+kjuRI^^GZjf%SGD+7qFz4e(W1i(9N6Nc6W2<7 zbaGy+PwmGJI#9amYu8aQ)z_}a`oem>arS|!+AM^e3B<(xve|b)QM&bgE19x(rv%kB;h{>C*ft-KCSsvUK?PO@-d4iP)Jg z&3m%6`;$W1>^^&+J*6+zrTJ?Pr&DV8b9$$0(@o@Rf4vfUF3k^f+5ZIlY?Q~Zy>TNw z)(d-jui^c(*X;YA!2VXBHF|##zdg2TJblep`*e!a$uBhi9MFf_!8Kj-b^H#g<3hemc4q*t{zYGZ1r{6Bw51g$+L4X->K_U!ts=F_@yrChf-IK2jBH6bxALjvA;5QU&iip zba|cAH>vY;dEY9|Pl5d)PPQrnr~FKE=q8+bjw;`UeXn;^{vYf+$D#Ze*cQI#Sqg6U zQNP7WhtKuhZP5vIH2>++YoJj1+}(GepnMJ#DxatH9HsSq_k+gb<^)wAr0+8hn!x%$ z$>mPt)tG}8@whU|cR%J+vkn^NOJE6f z2Tfyl)5O&nzc8N`cO!k3_B@@=w-1`f>71t1;j<>WYCZVLK}-B<+zO^I@z2)#|I7WV zT+T?JV82&`@h^S3P~~$``YJ)?vr168RO@=cn=9@QeRR0R>1%{4-+R(?ooz4K)e=@zsEk}48V3K{Uw%?py>#DDHx5Fg+Y=>?Ts&(n6qdJZ++j(;-#*2RSnjg|H z+qo6%u%lqAuX*pnJ{H{!)S%^?>})6Nb+lT@>4u0kI{&x{l>2oP_vdEr&n>Q+FHG*y#QnOC^;VsBkM)|- z8xGxg)Vj|d=?$sZA$>&HulmC&2Z#NtKO7$n`_PwUETKj}>h_u^m())O^aKa3lY?@u7U8?1c)%?NKqBF8y?iEUjy zpn&ZQ*uKEO7kc5b0XfbAkgtH*s!!O?bCkY$u5Y$OH)Iv+avScg(fj{<2dv?n_qN$r zVIHk+NL1x@ue00juJ>J52|6i$m7o)83;pVA=a?+g`TRaq#Jt3xfqMO*M~SZ2Ap=YN z>IA#3JxaB^O?Hmn7j)9fxc!uIyC~y!k@VB}l=Soa5YAr}=dX$Ndy>nyo4gG5S7}%K zX*{p?(>$@73GwudL7Po*}(o9d`gd<)3=es zZ{qNqSWfeziK5C;^Mxsg&_3vNtBUsnb1a(2hZMumLSi1gI_ZWH$5)IQf~ zZh_XP5&Jd!i6_)}pUL|PVUOBp*rWED$~PIOYX3ef)#Le%NAsODmZy8vKQlb)pQ#?r zd$5m(c`M#SXt|rn)bd`5ERXV;>CrqVgZG!R*?%_Mr|O%NXU0=Kns3p*na|4M^yGN7 zue8mk_qe&*UcJ$I2lIjENS;UYi#(6^ee$$Cg7uG!@hB|wc%Lzk_sROWPpkbHC!fR3 z*ZIKyzo+&Ex1|(t`i3}a|6SX*?-^7ksehJAYG-9qjrT=;u}`4eSE;1- zRVt}{Rmlj_srCWxM0$?(RZ053W0gM_QcH~w+Yc-Alzu$vJ_3Xcn>$%RO{k>}Kf0Nz7;WTnMjXIoP4sYae z8abRs4yS>`Y2a|0*nczoZ`S@t3~pxs&FsIK{Wr1yCidUrZNdH{-WzytV;}ylo-N+8 zRqDNbix-4><=_@C1K%ZF1M_6aE!oQPwR*HJZt>_u`xZXwp5FhaIxT#%eTzpY*0*?c zGJOl*;MeM%j+3>Y9^C5DiSaU^^Z@oL0xI0v!QlY6g8;3Q!vU%f8Bpuo6+L8NBFuGe zIFN>M>l(P9i}t)lOt1%GowR3gYJl2fT7cSPdVut7IH3AL{~_T3&9l=3)IP%j>JRgH zK0L>v@o0`i<55O{*14HFJj*o|A>vU`%k`thC za{?4@uJ-Q?%?+rpn!gvhfv;Dp^3Dxx*Y%JapmkzifYzT?yx)-@p!IlupcL+#Bct^D zu|tLy1V~R71V~R7GGF3*2jk88Lkroyh|9Z3mv^{l3A-y{c`3_FwfvQyWz5SoU(zed zJgIr$z^VZ47vu)$1o$M6Be?-O0lu2uS8Mn8q}2p?Js+TbfNjn=j2F=(XnyUpYPtSv z1GJw|8<-D0Hu8vCUC*b$4B$P}vA)^>?K9K{XrG}jp!CE!kdwZv)%ARoZ-U(g^Zq-J zsONC&xn0!*{BpP(SHb!z? zTCX$(zJh){BXfh^S6JsZ1(srdes*SaKz$!@ab{EC@-?czZSc|iwGBR6XEz1ZI%{So zt+#H^YzffG-7Nu1M@wMIv#Oq3_=N8?y&teJGfmH@m%zR1KMx()8kmIj#2Umy>1@{F zzMfg+(s+vXsn+*JF6sLsm-Kz9tIBJODAe{-cahQe$ng5Qpx^#9x>d02J4R# zj~uJxFS7;;l4D({!yhPA`1pQHQ25h$|4#;~eaaxUPZ^~7qzrCFeJ(t5no#?s>z#Rm z#wo1dba=R7O@}v+!^`krhjw3cWQLw^yn1A&HaA96wF%Ace2esbaU`ubcY^!ao!9-_`xYepN1yLQd(E zekxDtr~H<1I+A|c7u{xGgZ=3=D=kQRDP6~RdEX3s@&cA;2Wj4t9pv|y9B!eG=d#0#bojUO|KbPGL}$L$4!Cf>e$rL8_mUAk|M9mrt2a-%Z2II3J}!nxD~kb6*TkvVBs!d-Cuq z&R3n^0Og-Dz zaenIAtmFLD?=u%+A9oMJqx!24)<34|tv*-@JrvHW=X}<4KI=H2b)3&S&SxFxv!3%= z$N6mJd^YOzT$9zv>2BbBHgG;0IDbtnZ_@5D58`|^>3m(2)y(!yoS$Ykn>ats`%IOu z!sD8QYJXWgSL+I3npF<$tufvD6wet}^C-s}Y#n!kgD<;BoDj8!S)+hi*1GJdH4-iZR*uz_ z9k9k*-vV>3AAl3BpMiPSE?|MR2ROrWP72_+4hm;keqfOm2F|wPz`5E@snrF~^Q|7h zGOIVR-0BC!i~?9`9S*FrGJ(si;lOI^c;HIwL|~0I2DsW92duTu0Is#p0oGZ0!1dM? zV7+xIaHDkvu)&%E+-zM3Y_x6wZnbU!Hd!UW?bbYCvvoIchjkyY#VQBxvK|DsT8{uN z`*EPOtAU=q3K+JZ2gdA|fT{LcU|0JMV4D3lu($m_Fx_qd4zNE3X4wA#4z|AnX4>0< z!|d;YS@usSC9LCYRc<5g-|#$2KWE#mcs@x#kFo91D0$l*ov_AfoAGuCHo0~TIMLo8 zm}hqfPPPvm?cl5N<4y=z`F1*>S`+djb&Oumb1X=K;&?$-r{^5@6E499U^j2UgjIz-9LJz-s$u;7Yp~SYyux zuD0(2*4p~HAU*V{|*yg@(L+mAuI(Ov*vk( zbC5RLFT&?P1upg`KbDVCl8SnH0<~j!fCprTlous9C z&LG%Kc7_7;ouh$Moh)F1GYUAv84WCSPKEpHwEJ1kc-RypTiv>pTIh zbDjpScWQw3&KlrG=arLDce*qhoOQ6-?5u~)r`o2`c^A*0>*uY`hj`wmpPQUbaJk)S zgw40wrrFsBn;p*Az!v8_;4Wteu+{kmXo=r}QtSnKLXJT_iU2SsqQF$KAF!+F3QQ9{ zfxSiFF$sLtsA@S~^oPv=kpY{5+6LcF!Dg^H3N}NuO{O>&Hp9e7V3s%uI8vMf%oe8u z$B0~Dj+g`-FD@A4SQCV*(wY$l4Sz&vp!LOWlFHd$N)n|v`7E-w+PZA=wKV?1k` zP%W@P%z?`*waXdecDO7QT7Qbai!cpbP*yalWl^}v%iDlsBECc4sMZk&jAz+?d zig3=?;Y^mx@H|C7=gTMYe2IRZDxbmgH2qv4Ul{9HS4!0eX2@DRU#*`DuuAR$E|bnFs7L7s zu9V?ZqSh)o8KqYv*e9_ zwNYjQ8{}}{W_diYQJx6gD#rku< z==p8{hJCjHW4;n#s&5{!tM6`Ln(sbfZ(lhu-S;4HfbS7thVOCUU|%&b)3*vZ%=bJn z%l8s+q;D-S+xG@=jPGq=j_-ZocwYlB*Y_!KqVFHTJl|Kq$-eEteBbxLslK0p1-{>a zGkmSULZ5vq>d5B;i+myAY+npm;@clM*Vi3b>N^lP-9RtKEgbT6ZyUty>AKa~}n+cb@>( zyH5i*x;4NCcMWi}`wFnpT?gFit_L=`?*g~G9|D`*O~4&)Be2EY2HfR-4QzG416uwa zK?*+#EavW;J9{_gsM}cYn{eZpwU4iNTp1=YAzQ7EBf8bz$ z1`vBAz+wKQfLZ=yfg}ARf!Y3(fMfip0CW7O1IPPwfw}%kz={3~fO-Clfs_4Hf%*O` zfm8k001Nyx$6-|RtGb)vFM>^>e-3P}(>AmGx5K8$|99YQ|9oJH|9;?He+97A|1faA zzY199Uk)tyKLt$sp9NO>R|Bj3F9VnPUk6tE-vX}m*8^+(9{^YTKLOVIw*c4rw*u?@ z{{*i0{|i{}{}H&+-vVs#?*?x6{|RjLi_=geeh=8>j{vv(6ToKw0l*#pG+>Lr4{(?N zU|_5NP@v@v21@TppywR}40|JhF)#Zxj7OdxkG!$4>FS*ZO!LkJ_Vy+M)4lV71H6lX z8Qx{U!CnC{)4Lit%=;TK%exUc(why;_HF}?@$LlXc=rIudu51af{rEETZHGc^z%gT zAxQJQrNGJFGT2Yi_W9nEu$k&T11#`f0M77gfrZ{{z**j#z#{J*;B0Rru*CZqIM@3O zSn7QNobNROv5y2S_kI8-y`O=V-Y#I3w+Fb)b52LScz)nYFAS{l;=t8j7htW|1Gv`f z4XpF}0oQwn0PDTOfg8O{V1qXtxY;`%*yx=I-0F=1HhJTK+r2Y@&E7e{9bO)=#hU`$ z467N zPgwl|s_q5^9)bNp{hSea94-e3sv#YsZ88I^U^6W6JTNQp66}xD_9FvpVUrzr12`t| zHZUjfK5%@X0hk;36gV;P4`5#4E8yh7c3^(sd*IZ-Pr!n}Z@?LWR$yVk9*^1yxWJ-7 z2sk?s8}C?i0%|r`64)O$a|7LhrGW#-d)8e#4f6x(<1yms=d!>+NXr9<0h56vfR%w^ zz^cG;z-56GfYpJMfhz+!z?#4W;OfBHz}mohz_o$Nz`DRC!1aO4f%Spuz>R@IU_;<~ z;O4;1z{Wr^aBE;LuqkjCaC_ihU~}LB;Eq5Ni2Z8duE1l!*1!s&6z^~0%|Ad1C9v>fjPkx;P_xFFgMr@I5F4@m=`<(PjoEjVo zEC?PAoDs|d76wO6@T}`}yt9I%CtzKypNoR0LOMG*9#|4Q3--5Z`?d>XhhSOaVbt^sZiz5;9vt^;ljt_L;+-vw?Deux}> z8&tb4&B0Ab`S&{IJA#dnwgk5UcLl!&wg$fgTA>|48Ttk2g?Rz`D>sf$Ky60@jCq1a1tq02@NP z5&p*^)iySV{)A0qNSui}3VFb$Pz1O=lmIq|4gl^5r2$()eSo_{2LoF}hXSqeU?489 zJ`=Nru%0c1kAY1%JOUUCX9H8iV}V`6rvcN#X99bNCj!&M=K}|XF9K$SF9Qw^7XUNE zR|AKI{|3wo-v}HTo(;?n-v%5Lz7v=ez6UryTn5YyF9J>sKLpGRF9l8xF9YU>p9D?~ zKLacXzW|&Ot_2o`UjxnxzX>b~zXO~d-UuuSe+--({tQ?e{sK5Z+ypEOe+w)R{{T#e ze+E{DcLA%ydw|QrPA=*q><6w4hk-TWIB<2i3$Qla1GqNa8(0_amy6X+ShdXc;X`0k zA3hwoF`Nl(2oDEt4j&I}44(+x8Xf~|3XcPB51#>S4xa`O~k(YoYBWr=#kvD*2B5wn8BJTsoM;d^+kxzjWBmV&AMZN+~j%-J2 zr$kiS$d7yvo2ikXU^7kI6hwZ5&5TGZurOkug?fp&z@kV9I6D#pmPGak&W&^jmPQT) z&X1%6%OV4T<&ndH$;c7F%E&NaRpdC}vd9U*>d48!m604^O=JRab>wVdZR9-Q+Q?*J zUE~tr`pD(L`p9(P#z-NsA#y!%bL3`VW26|kH8L026uAqyJ#sIwIr0E-MI06627x)z6yW%1Dlj+N4LC8{3z!!@2sk-9 z0GJ;g1e_Wj3M_~o4V)3p0v1L`0cS-=1B;@k0%u3Z152W30p~`~1(rrH1kR7<1Iwb* zfaTGvfXV2!z{=<>U{&-c;Iing!0PB7z?IQbU`=!ZaCLMcur|6FxHeh|tcyMhTpxV` zSRZ{FxG`D-Y>2J_ZjQbJY>ci0ZjG)7HbvhBZjXKlY>sXM?ua%5TcX>5yP{tMTch6r zt&|-=neq$JOZgobPT32LrO0zo{wV=q*OVwQEoDDo@06~<^pu{!0V#cf87cjNgHtkq znJGhn!%~g{W~Cep9GNl_n4NOcIk-b2MYZrTDW||DC*^eD_>^2=ZptL!#FPtwc_|kI zC#OsW=BHcKCmR^e&F1c3Seo< z!@&6|Rlu^8<-qckr+~?nXMvR|tASN1F9VmQybi2Rc?-BQr5;$5@&Ryl$|u0ulr6xu zDO-VcDgOknPx%+HKIKQ?#*`LdL&|R8=9E8yjVWRx>LSGhHl;*>+fx$2=9B|~J5ths zEh&9~yHXAYwx%2kv|@vSGIk`;iyZ?D$3_5Sv20*!Y%H*A>@;9n>`Y+q*hFA@?EHzC zC&%`CC%*fX%7rtJ%2FTiF-tQJ@pdkr`% z_9mp)YiUvJ9oWo{Z3LFYK8F2m+J0{AGuV{Iz5vdTH37?F-vY~HKLC@lpMjOJUBIf? z9^kT=GYRz-^8;7L!oZqX9Jo5x1y~#F0bCpF4Xlgx1Fnx90<4c64%`^a1UAHm12@Nx z2R6n|1a6Iu0XD_P0k_A_05-?Y0q%(90b62IfV*Os0$XEO0Im28pp0J!^x`)F!|_{y zv3LnEH9im6HGVfREq))ccf1^!9)A!xApQt2BmOvWaJ(9r8D9k)7JnX?6@LjhGQM^a z>L{*iHaq^tB+oiYKaYvO4QWpNecizI3|JE1A2>JO9atJa5I8@c4lIig1eV7S1194~04w9e zfK~D1fXm`10ITCC16Rg#fHm<6z}4}yfwl4TfNSHEfpzgqfa~LzpX*o~;z}FT$EU+) zW4sX95WgO{Ies&+FLBPq00l@skAmG%*P+&pg zXyA-Q7O*fe3OFk<8d#J#6*xOF9$1n%3ph7%F0eFlA#i>oA6S-{1}slp1xzNc1y&|z z0jm->0hc9i1y(2S0Ip1w0&5ZrfU6S=fwhUnz_p1=U|r%-;QGW9!1~0~z>SF-U_)XJ zaC71nU}It(aBE^cuqp8_aC_oIU~^&->pkjp$UTI@LLyQ=RHmr#iM+qpUFuLkJruH5wrnLO5BY5n{s-JFP|- zVxet~lQqVM*bp1)y~Z$%4dXrh?$6hG?7H5+&vkvT_jTRwJ)f`tuk)wV?7d?C!l;;k zF*?RPhx;Eh0j)7dqAex{?J-t##U!IUCJj9?ndpu2pf9EXi(@8ZNz7C%jVZD=T z<}{oYa~95yslbYu3$Zfh5}XrLjsBQgtckfAYh$j*x|o}=KBfs9Vw$lr<}PfCxfcU5 z?bs6YFt)}#j%_i^u|1|6m&QDc%VJ){j+oULjOoYjnDy8b^A@g(c?WxAwqRe(N7x_p zDGtPJ$56~D4#n)kO)=l&mYAP$IA%X?i}@2rV*bG$F{ZiP|CmS|kC}wKV~)W+G4Z%J z#)kW29C#om0}saJpl0!+*>WsKT8_sk%ZV6mDMyRtRJ2;oM4RPYv|B3CWtod^%Vp@X zT!CIo9r`TSVX@^#EV0~*rIrAeTNdF=%RM;D@&L}ZEX4}TV_0c<3g=k5&~NF%8p{h< zYk39hEU#m|WdIv2gV<JvDXrXeU_uK-x7xdmLv>W>^Nje$4!=O++xYcVT%v9S&qXI%L%x{ zG95=PGjZH<2JW_;gL^C&;9kod+;6GE1D4D2pyevmV(ZZydjm$s-hxrFcVKjE3tD0q zqc!$^w8bt#d+aiF#XgDd*cIrBeFnX;tI!wwG8V_ah9$A`wH@?#7zfAF(#}SFDTu1M6cCVneLqQtp53Vb~Nq5d*Q&*b*Cy zt+9#N7MqIgu`XO1n}y3_^ROef2!pZ3*d03!dty(*Rk5dFZ|p4Wi#;3rW6#Hd*o!d~ z>&KzkdAKR|O575AEe^*v;I`PCaU}M3+!4DFM`K%YJoY}^9s3aOiG39J#&+QT*iJkU z`!pVmeIB*AUNpzOiji?^F)Hp&jE);ZOWeC?jr#y?aa++IH-fIXFVP+MAN0h1i{7|B z=!^RWi{pOBlDPk3X&iq@sFlY>;LNxqa8}$=I6KaQ6>$kz8JB`{;+*J@b7M_hF4o2s zVqM%6tdA?fhPX0pj5`^d;!ejv+-z)#I}cmqF2c6BOR+t!2A9Uo$7ONXU`N~n48}EL zcie5*6L%-Bin|+oyRa$#UJS&yV@v$Q z*c$&hw#6^U_V{jG8viUVi+>S2;#XrZz8|~e*JDroTevFz9qf(Yf_?EHVSoImI1s-b zL-C_H6u%2M#ea`m;(x~B`2Dyo{!bi<{|9%(n=a%2$4BCL{3P5Re+=%4kH@|7HryZY zzyt9acrZQ(HLDlR)?+c!dOSv1PsC_zIa;izqSbmP+N|fI-CBt*>s)kOFGG*@3iMj* z&}Y34i>)_eiS<@2wFa=nm7i zeI4tq1K404#767e*ks*|0qZcfSUlfH&{Tkb?7_=V1ZtLIJ zV>MQD|E-5(uQdw$tVd(NH4X=?Nf@%)ambpEo2=Qm#hQ=9Rv&J&9)}~=6L5!hI*wXr z;<)t;+-*Gv_gF8$z1BIn-&%zSte4|K>s6>F)T24!28>L&1)~z~!03b)v?MG>Yr_3# zOIU*Tgk|VTcoN+SE6|hh40;n*p)cWOEKYb0OA^*$X+j9g6E@<^g!gb(!iP9JVH;K? ze2$d~U*VjDo#;>4jWr2BVr{~&SeNhz)+Zdqh6F~%7Zb`TnhZ7obTf)sal5jijNLYxY39UGua3AhYcnJ3-Jc@f0I&gnNCmu+68V@Es zk6L0cniF5e$i%f6mG~w`Ck~+{@m;hget@>bt!PgiL096J=uZ3(dJ?}yZ{i;GCH{iN ziN9k>;(xI;k$)afD^HBTnTbc>ti+>mcA^C<5)-g8F$L!&I?H8ROl-vN#M`hZ z@lITocsKSYwqal5gV>+=2o5AZfuY184kfO{O^MIpmc*BEII$16C9c7d#5Zt9;szW| z+=Sza@8j;ok8w}pXSg?U2kuWC!vl%m;K9TnP)pj2=A_>+GU+djO8OV0lgyWM|C1)5 zHR(vSCB>jU$%?L|WOOH`p(iO5y-6PQB^6+C(qt@2nu?`KrC6Rc17{|khO?5+!r4g` zSdnxgRwiA7bCRmjpHz!ANmpZS()C!EbQ9JmHDN%Uv>Jm+{n(wf9($7B!c|G{U~keE>`VFx`;$J!fu!viN*cwX zq+Pfv>3iIg^fL}8?Z<6Nf8t2eKe!{wbOrZ6DH6w%CgJX+V{lJWJnl`h;r=8C9!Sc- zgGo84*}Q1B9gC5+<1xy1B1YTF(PBFlt+q4KW;++{wn}u_=Azqn8G3A2px0K1KHGIz zY`YOlY`0>mEr8{=ML5%T56-eZfU|8&vBLHkR@$DzIkqnJ+j_9Z_5#-0Ucoxs>sW6a zzy{kOHrn3CCfjBV*oLvi_6fGyzQ8uy*Vt|w$ECLKaGC8V?6B>_pzQ#5+y2HLo3WPr zZ#x`&ZBf`~I~x0KaX4U0!jR35L$-9>WXr}awtO76`EZ-w$8Bfe zZreGy$94hkwavl(wkkYeyBrVNu0k!j9?i)&U}W+w7?penMklwRC3!JglkZ1c@)EQs zFGE-Ilju%ffu7`N(3`vpeaSClaq??elDrN}lS5dZyb)(6zlXDuKg8L|+pr?}bF57M z3g;y6M1S&btV#Y6Ym)|C0~HrsRnjNRGyqG^;G7gE`cvFklah#BU#-^0hF_1DFTT;%$)|88|E#*>dPpQGBDf4kz$~D-LvH*iAjo6)X8}_8!iK|lX z#@>`R>`QqN`%@mlfs`jOloG_Dl$E$CIAf=9*MTp z7__Ha(UqEv?$k8&q-LTw)q}p&0xV9Qj3ud4u{5<5%Ts6I%+%9xR_a+eJGBBUQZK~H z)Jt$qYBl;(Yq2KvYOGDY9_vzX!ur%EY)Ea!#?-s8DfM0qq_$&A>ciNY`Z%_wF30xN zZd{uBEG|oZ5j#>>V=%QJyHnR=PwHE^D)k-gP2GZhsUKl~>Zdr6x*bEQqd1hh3pb^H zk6TiI#^KccxGnWh97+8Lcchx?xc{kkOVr#kRJY6c!m%|XrX zMYH`_jIANPpNTg6xoEdnqRT!P-S*4SW4{8u_B!<0uft;djaXv8 z6-(^_EVnPhnf7~dmi+;oZC{EN_Q$Z&{uIu!ccI_jgEjUSu-5(x*4bajdiwx2*axxE z{x&w*H)Fs)j4k$0u+{zrw%NbNcKbLkwSR}p>_1_LeIEwx2e8}zH}=?#S9AaEhhwij z3j6FwW4}EP2kc20vfFXUo{pRB*|^1?kHdB!ZnGbUBlZ(;hkZJZ+Gpap{S4e~KL_{N zFTlO_Ik?|mg$L}H<3amXs5$DVwIi5tf zV+DE~&!E?_3Vn{3vDon%mN?d7sUw8tj*U3e@gB}{e2B9h+pxm%IaWHp!a0te=y&YK z8pn@V>-ZJx9DiWF;~+LT4A*e~9fx6)VYlFVMhaQbKHz0 zj@xmEV(q>~z z+IiTTb`iFvU5f2#HMlfwJ}yhU20PLgU@)x_yVGvNp0qo0RodOyo7RSXX%Aw5+9NoS z_5_B~f;g165;vtihg;HK!r`<&+?KWmN7CNF9cdeIG;I@(r@fE6(>}&MX`kWVv>muV zZ43{jeS-(nen8E+7tPM!Fw*%KMmhh*Xs5ZJ`|q59R_BpubH-3<{S%AgP$ynl?ilxp{EO*Ypnazp@Xy|W1$oXyziybGJ0_hP`=jxElIvDNuFwmFw$yR#dYI-kX5&KI%6xf+Ace(ZLx z#~$ZfxXSqs_ByvWB z7*@KT!a1%k^t*bn#`OZ$x?aIL*XvmC8o&nEAU3+*#wOQh47i4|#q|lcy1u|R*VowY z8poxs?{JyxC+u+T!=UQ`cDw$@9+&ZY?!W7B>~%$9pX+Gscg5j=D+xm`I}W+hag!?> zx480g*yY1*uH$gTbpq~iO~+B!OdNNefxBJj;2zfnxYsoY_q(d_fa`KR=(-BE^m;U> z-++io4|~#!a8-IS z_NGt6zVwr@Km8OONS}qF^s{j&{e0Y%elc!I_v3K-JlvLkC61(Di#yUAa5Vj998XvO zPrcpg>i>bYCtdx2_x7gW&iwxLg?J#n6%VH0hg!x%XwG;PBQrWMDx(vlGoD6E#`9>+ z=tWz`t7y+yi>{0}(Va1bo{V?VoACkqGPYuI#t4>Ve2JwQ|H1N%Z*gYE9-Ni&3(n5? z9V;^aiaWXE=I31T|%*Kw4^Dvlk5q4)>iai-MxGG~l_GVmzeHja|Kcf)`GH%0A z#+^8naW`(tXu~ZT58`mfBe*T&2^`4?;*N}!IGXVsj%U1tyEFQ5PsSSDoACzj&)9$m zGB)ACjQ3H?{20xdpJ8O?4vfki!|2R!(31HBS~K^eE%P_DXa0q*%zx3HX}*E`pE&`& znMa~8GX{$@tyq$ojHQ`rSe}`QGc!FnE3*J+XHLe7%&AzJS&DNqXP`gxG_1)y3u`kg zurBjLtk1jz8#1f0F|!t%GOxx!=JnW;c@wr~Hep+4Gqz{mg-bK<#buf8*pc}#1~VVW z?#$)bli7`{GM~lX%onjQb2av7_Txb2dJJX0g+rO|;HJzixFz!=9M1d{w`Fd}k<3xt zk+};;Gr!02%%5?0=6>9h`6uqp{0H}Enr`I&XGY?|%t^>!VnDMy9wXg0jB-0L+MR(G zcMe+JUbMN7MZ5cWbh%GNx4RrY?o-k0J`;WJbFtW6i6!p2Sn9qE%iUMtOm`j5a$kqD z-8W)|`&O)U2XKyi5>tV2%3$taUHNI`?B(?|up!++En{?!hMa3m9;}f-UaXvDH0* zZSFyAcfXBG-J5Zldl)<1pJ34a1$Mi?#vb=Lu5y2ez3!i|&%F=(-3M^M{Wpf(#+$hR z?!$4DI|{eBkH%ql9By+b;fULgJKX6w>dwY-cRucR`*4r@INa+#0r$J7;{o?fJm@|H zwXAc{oOJ<4X3fEqD%~+J<#mpJRR2 zSJ;rX6C1O3V^h|T7|8k+TeAMZ)~tirmSt$<{%0MAOS2~8vaD$A$cn{aRw8z1rD9K( z3s+@jVQ*F*_GJ}ee^xOLWKF|R)=4;&bqa3EnuS}k&c@-a^Ko0&#W<4X#~oSoa5U>m z9M8HIcV{)=o~)a3Z`SR&KWiZ#$ZExdS@)rq{Scb7AH~S*4vfm~#OUm&(USc%nHfFoADLWSf*@f7WJq25{ORz1w z4BN9$#--V(}#+udja-mH{w9{Z5YbF6Nj?z z#!cC6xF!2R9L|0Ow`D(pBiTXRk-ZW}v!BE9?3ZwNb|3D^UW0qH-@yIZ8}LB(COnw^ zK5981qdDg@jLg}AQ8{B6o%0P^a(+N-&R(?T{D$_NztENQFS>Kgw{ZV+CZIRxNc82z zU~!HWOLCI2G$#$qb24#ejt6Ju6yWTf$ykvy6)ST}aZb(*^yi$0H92QtZB7N&)M8W4)fmXR9$Rv5!q%K7Y|ClJ_ME$LY0ka4ETvl%vOUDtbLG>u|Q`My&AM zij|%K&haclzvmvT@jQUFo~2mlc?|14Pho?n3mZK>*yMQu1D;o~#q&D0dIqq~Gl=b; zw{fXwGcNNCV~6Jx40^u6ZqL`);~B?Qp6{^N^Aq-Y_F=#001kNm#*oL@#Qpaij+;DD zxW#ic4twHonF?w_FM_=v|EY4kqCAm*x zY3>Rv&wU1G=B~n7xi91F+}E%ocO6#dhHy^qM)c>thc&q$Vr}j=tjqlz>vO-thTNUl zn7bRBa(~1??yuOA`v9>lg>!)@IE+{18b?nGRc8;u>gu^7xv#O~Zw?8$ZEs@yE> z&CSEU+#>AHEyjV|X&A~q35Rk|!A-fda7*slIGlSvZp*zGM{@nRBX=H-=3a^8x!2l}do%9My&d=GF2n=5t#~l^KGgCaLUZ1u7@60BQF)yho%b|a@}5U)UN746UPXJ} zT6E>TiSE21^yIyZ-no zH1Bj=mNy$a^3KCx-bL7*cPaMd)!?eU`PiFx4ff?N!2Y~O9LT#3LwR@NP~P3RDX$H; zyeDuZFNizxR^n*hb2y&&67J6H!##OxaBtolxIb?L9?08-2lL)XE&pRQ z=YNKg`8zNwe+;AZzd=j>4`|Kbi?;mV(4PMny7K=;cfR=!?tlIS^yVLlzWf+0&bMMo zelnKkr(t=1CeF-toSi=zEAppeWqv8n$)AD#{L`=||17M{ufV$e3$Z@`5^Tt? z#>V_wY|6hH1NqluOa4vRn%{(N`OVm#e-|#zzZaL~w_`{C!x+qe9J}+EV^4lJuF8KF zd-Gq!zWmkLpWlxI`Rg&1{}vAAzk{3dx8Roik8n8uQ{0xn9Y^v^`417@3~m)t;7=VTrBlohUMNXaHh8oXL+x~+1?wm!h0)LdILDe zy9oW>d$7j)0M>e!Vx9LftoJ^J4c;zn^!8wr_XP}iU%?jd>)7fYz&7t7wtL^krQXfB z%sY%7-cK;-{Q|qaUt^DV99Mb2!(Q)C*yr7c{oVsO;QbpzUSl)&-+MT2@TMaJc*?RE3mxa z8Jt3N$;B%}m_zD{ec4A|}Zfq*} z5d#IkVoSjv*jjK9+X@VKa{mhs!=(iiaaln$b`->7upkk;3sSMCz=f*{vaq)x5Bmy= zu)m-f2MVTPsNf_VDmVo<70kjd1!v=M!TGqY;9?vp@Z*kxc{o~dC5{(di@OUNa8JR_ zxVPYT++VN|4-~ZG!GilxD|`seg^yxnVFyMPc4Bnl(`YGt9<7DFXe)db?S*U6Rrn^l z3y08C_%3=2KR{pMRxBA0+L zHg*)Ahrz;&u)FY5>?y3lRfY4hx9}S5D_ns6g^f5+cpHWa@5G_PyKz%t8*V9l5QhsN z!EJ?4;7DN*cNDI~(Zc6&yznL5UD$_v3fJJ?!Z&b#;RZZVxCsvyzK>eb$7nA43?qwn zU{uiFtzv80H9{+54R zHVw;*GI3^+2WJ%(;OwHwSWz?;D~n2TPSFhX7oCPRMQ34cQ3ci&U5NEXmtaFtH8vL2 zVpGx87$~|PTZ(SN)}khCD{98}qPuWu(Y?5=s2w|s9>!qN z_7$zh{-S;yC|Zx9qPK9U=pEctv<0^meT2hBpW?Qn?Ko02iaUyS;b_tKI9~KK?k?Jo zdy4+Vy+!}v{vy*N?tf7v9xR%K{9jhk?2E@ppADmY4vh9?pv9MiR-YGbzGKnuJ04xW z6VdG}N00AR^!m<3pYL2O_ElnuZ!VVlF2i!)6*$vZhqHXw;cVZHSmC=BD}4c+<6DG& z-#u94djM;FOR>)P7}ooq!UkU#Hu`$7$@c;Ve6L`O?{#eT4PcvZ5Zirk<5J&dT;?0b z4&Nt>BDIk3@A61($TyCgeBbf!9Bw-Hi$(lGSndhS)>Hl>cDkly9+V${q|%`2}01 z{En?t)KS`|Xs1MK6~*dUmBnh$bBfiT{l#j}HN|S3+Tzn$r>^)VY|_^Z=xes>U$^OB zx9eN=9jErwf1KLSz;RRW;v9}I#hR&VzILjbubZm&Uq4mtzhSC6^Tw&_C{0t{3~Z| z(~iXUX)!o_qS|WPiE68n6Td6Z)cBn={JWB>h1wa{pqPt?3!)9Le^pXw3xT$!(yc~v#PK%cK(zEI{>)x7Fz z?UJ>N^yM9GOZ0lXx~ST(s#;HVwYF&ON_}}p+iJbut_@VJr>fRdU9GKJyHQ`>(Y94@ z_41u`owjwY>IT-^CCm5e^>*on1ITwerD#VwF>I&0Su?FuRqLhG zG;Kv&DOKA~r(0Q1RV|-E)qc*^>+SMWwO%z<`%_i>Q&sEFqiX#Hdc9o>saj7}t*5Hi zTO!MYRPC=z<~K+;>dU!)z22^!G@Ivxs@lKmW-WT%E*bCB>+RxKzw7I%s`dC)L;Cf_ z=wt4KELT;_)1^hSe7Y=GRm*2c`DYs#d%Nbzc!7);QFZ^8=;P|;T~wW?s@i^~bhTa{ zZ&|LYmT#nL`>pzz>(iHWy|R3lbe~?X&m`AJ)%I$$am)yth!orkJgPj$0a zwl1BfX)m-D>GM4Qsaj7}tv5q@uHNe9^JKh0FOMfx>#M5um+0ksWnNXytE$)iN*S-# z%k@*Wy{cMot6r{K=2g}FF6lnKTsOZvM(r<#s>i`e_3P8e9c@K2KV9Zk)qYgfcGXlp z59i7J0=--h)vrh97fF}M@-BTjuV+MRHahBfd+PzRc~vz(PdcBf z$3a!?w?&`#b}f?Si)DU^%y&`!x@EZ`hAk+YOG!-D`osFRmWSck9i-WYJF98-KuK+Az8jr=HI1iyR9-mO4W8d|EFqu zHGbak^uR8Cy^gkhdU-wYaa?`BR#o@IOx62WgkJ79Rr`;Td6(Ym<>|7#NXFCYYOQxb zRqanz?Qe#@ocpQQtNu|RegA%{-&d-(tEOr@Rkhtbs?M9gsz7-^r>nKM2UOL1s%kxc zz|fa3(aYE{ zHmLnXP<1>fRr^n;>i!k!<@GJ|Gi1J6#`9(QLK!cT<%?xLNY(zk{-^4Fq?_^aah$)t z9%T9M{t5&G0??X`2gLi4XsdB`&~%Y`Anzk@tL77=liN&zOPbsKjz8&0-0YZ^Q!9p zFOua;WO>E*g)xvE;8F3YF?Pu2Vk8K0|{$4$nnYWX}FFOcO6 zWvr@}FOu;RS>7dMRkeJjj91I@4Km&+-751tss6ah{63jC@jK1bd<0e3=ag}}jHkFDP{)p^*d{yLWVbeW$n zV}7B8zFsv|ucvu3UMO88?V{>&R8_B|4f>eRJ+gc!RmU~OgzJ<}msV4?{X!Xc$yilg z=d)COZrGsDvtND8`?bcekYY$K3!T()o~ZfxJ&vhRoiWl@lL5JE_~lr_2&as=P_NM=li}s z&+}Nus``2BV?Lki%emjukj!t8@lL76@66NR-~XrTcqYbbe@=bAqpehyPp9g-{4x$m zL(&aYZ9hcQw1zc1sal_35EDKQRb!{LROYA4xLUf9>i3JP^JtNAkgD_TlCi2&aavs=uF5{rY6=l<{<`j;pGcSIhDM-LBo&wUDakc^6gJ5z?3Q ze3S7`>338;A5DpJz0&E@YUx7hVyb^1lko=WPN^wL_CwYAPuI)$QL3LWRp;xM`D&S8 zDDBec`MHa#^Z!ooA8Smu@O~#yb-s40e@>P8QW;N|v0oqayrb&4s_M84WqFr0MD_1q zdOO-iWxP|yT5@=~iK_c(m$B-0?Y~`4nV&B8%W_qBbhK0!^_Rn!X1+O zPYCZXAZ?*)KSR<{nJ+I5&$md&rLL30^M0z%J3#gOAswRX@v)by`%?R~s#>p{s^bKx zx{hvrT)n(>MtEF9)#DJ*$KI|M84pplo%!T&T{KObyT(t|erxpctLpJX7wE-j23%s*bDrI6wc^NCQ;AF1@@jNVQYdJg-Z=Jddb4PEf|(R9*j& z-of?dr-hH_r)qySGVZ4O^Z4}e_BGPrS>g5gb$42q!TF3`Z$VF~-V>ko>pkPSfZp?; z3+lb}xscu;o*UJB)AQQdYJ1ZvGu6Lu>*EJjh3G`?+o)7KM~+9;yj@x<^QvmzPq%AH zF9h^ntyj$lWqC-SU;l!tzJGmedT~_7{719!{-vc-zce5XNk^sp!ax1Ksp{t^W4nx9 zR6TyBGWN@IRkePAZr4tKQB^-*ef-diK^cdr{<@U$5LJ)MsEo&Dteq#vm)20VUJF%^ zf46j8pFeqxc7AxjW~x6A_40lr9hZ6Y1>xnTRJ|@jbe&=Qi=+Cudbz3^`zyoG_imb| zy}v#rW9`E5yk8oS4pH^zIod_x z-x{jsgVaPr`aI`N)#n)1=V{9vb)9_9qiVfz8QbTo$LE_DT{KPmVtpx9=TT18`aym9 zjF;?}gtzlkwZDKgC=E$R=|n^KOQn~p{qX*%w|cqeSI0T5*G|>`OQqvfJwC1~c^oba zFAqpV)#2l5HQ{-?w4AE*^UJtJ#z7f(%Qz(CAsLU#cwENXyzqWqG)=2rQzIRhYL~0? zzNEK>s-Ks%E7bb@+$}AY`lSJBP#ThsO0`hbeSYpDLd zE#np$hh#h|)vgS0XP1^r1JY5dzpq{uZmBdRwbzB`1A6&y=9VdinfK_2oCK<$Rx` zYP*m==J?XmTf*D>r9o+ks{1}F9jEGfWxh4sQmQ}iq%~CSKOp0vG$b9Bj#IUs)+E;@ z^-BZN7OG#Tj6>3z+vPY^-M=7J*BO$!?oi8lKc#AUfU5Isk@-=5p7+Usx{ii50jk#P zrs{a3RIRTyhv&Zqs>g!`gR$+^zq>OahW%_sO5Z~q3ZeNS`{#c{kuh!>vPPc1!y<*q<-7BT~ytm7*kI!5kkg@7^?ZwqCG)?<` zeMsg<_4(*N?Sb&|Rkv$b^_i)9Uw7%9yQW<4@9X_kKTjD4=yq*WUyF=`vRrk$mhoyg zRnM~_skuEoc1cUAx{h)g2lX+J?}Opzg_)}D?J{=hW4;ekbsnnf`R11fq%HJfgXs;` zG%f3mpv;G)Lsae8^^hvxN2&UpT}t)$V`)e_Dm5<&Z&ymydI72)=aAIAR2^?cTRGKV zUk`_`&o8w<5+1v#zFfxTGOm%fNV}=}d=aARI)`L_RL0{nc0C%tj&iEjuhGYxA6476 z$T%qDA$`oxu~e5e_vP;Zh-2~C#sG+s?YN} z?+TxfUoVeqx10x6+iNSs^-D{i4v&LU`!nJ715`g=Pq+c9juVuIq}sD;Ip2S%T5gxI zsv4I{{nEgp@pH0YX^`sIBeg#t9+yh}(ttE59hKTwsr~VDE9HIeRli=tYeA~^J1Pyl zpqAhMT1fBjuW2vJaipVkyH@|Y{Uz0%uluR~e2|v*s`<+PfZh-KLsTu-UY7kx1JaOG zdqtK@1JaO`zigoI$MB3nQ}?Zts`r~gsy-)-={?wV$*?_WBm&)2T$T&0#btQn*FeqRXhriw*fs_&nwYWqRynAFf4-k+*k?x1SFWztT4`P?;wRQ>nQF{$C@@Oloaj-#rU zSIM|pmaD4yP8qAJ@gPg6j8)aRQ^u-lJV^D& z?SHCY?`pXYs@AKLaWmELm&_YpmGh!%JqK0G%Vb_vjjLpNv&^gN`+Y6E{h;3Ju7m2wk@-&PnA8!H^`*_yPO6@FgL-*A>hs<%$Dph)t)l94SF?-_Z-tjTsM@}n zzfi4?-+8D*YB{fS>6p~8F+5+Uw|aS%)bWmNPt|n}O2?#zO>#VGnY2pUEbWvIO2?#z zcV&BNnY2pUEbWvIO2?#z_rlv(Nt>meQp0B1zjRPKCN*r4?WLX4L8;;W@O^ZApjx}8 zjH>5bm5e*3gCDBprnObWYPq+onX1>Ls($~agVHgn;iK?!2UXjts`bnCaYtK~v{~xd z7GAGRFV8#apma=H_K8}L?WLX4L8;+WSuP!u8a@lpJET=qfBwq2Q#vRe)64txh+GF% z$1RgqNt>me(n0B%wCeNlcFodGspAXTpR`IkrkCUHP|JBds5;L=FO zYS<^om6l1Xq|MS!>7aB>YS=H^OUtBH(q?I=bWl1bHT)*q(=;t*ZJCTarGwHjsp0qV zbvvYkRNdb(so@XVAJv~P(y>GH2g1wCq*c;E>DZy=f2!@X)>i5LW6hY14S&gfruyeo zs*c|&HT+kOFD;W+NynsygR-4;Q0n+w&QIDY9g`aV2`?X`>UnASSB@twlQv5`rGwHj zDW8ft|3B6^sQ$jIkBiq<$+%NGC>@hJ4B_p{sM@Yd+9@5Bj!6y1@OsVCPU)a@jHYQb z);dhGKWVdcP&y_xn8WKiq-9h+&Q&sQmUdG8eO)>xHAJZGdH<&R>sneSt2lMJCZ{>q{H8f7!WD5{#7z-*M6^dd9MK;! z7IDO3afi)0?AF5;AJ%@@FNa?gd3oeDk+(!X8~IY?*O3PzwF!q$h@D`YkUODx!nG4_ zopASr`z9=%Fg)Sk2}d1q(-EN~A|_T&ylP_8#3d7#PdqTu9CcY#N7TzvyQ7jPdK@3I?5V-LiA113!~ej z*G7*;?~DF7+IMv5=<;Kh9JBkFYh&(;3B~*sqgkd}&aqTk>Me^b_gL0j_FGD0FN?h; zc17&E*oZiLoG0$&xLI-c#;uRr6{p3g#uvt)9shFt+wmjud*U0deb&Ph?n-z!;f%z~ z6K_krE3qeWed33S8A$7VIOX${V^W__ z-I_X*dY}Cpd#2+A$AgZi9UnM8cl_gcC+*|3?P>ecBAgbd-C5*3(Rq>cGUrv!Hs>48 zA?LU=#+BeY=vtcInQqMRWPFivO6Jv>$?gl?P3||{JKg)-f4UFLIwC73Yi8Emtgft| zvWl}$$i6yzVfM1@r?R`VzserZ{wq5&=a?LK&dE7v<=m8WXU^7~ojFcVnP;x&8c&1g zUe8mWA{BLBIep66Q&vuSdCI3#0>zgechzz2$4xqZ@c8$S|MmF0 zrdE{rOBR(Fr>&lLa9YC&ub+^5;*}?UaiX2SlB1rTzwycVWNiXpM`VZVwHE%$$0F@q?QX3?Yvr#i zEY>Quds(|ptJT`I`C5l|rPjlLetcGI;5*O_+A8g4?FIg`*lPClDtmfOYt~+8PyOs= z4O_0&?$ZXe2etLuL)x3#5^Ydhs=cK>qHW-ha5rk5+PnNw>U;cg>1Ou!zSgUK$W|X| zZ)hL0bVPec`Z|O?3N<;q70S-XOhLI!$Voc1c^M zhxY#mpTyMu+qW9D+o| z%gQGtwLkRE`#s%im|cos7SeuH%#QPmDi%KD>OHJTIQ<4v!CAPdA_B)Z@03PZ;X@ zR>*b#-|IMZp5L!DXn(TaRaBkVwr$}?aDUbKRe8K$=kd|+EBEDJ<_|p&{$Kk!bo@g- zbU!ZU`5D1~^)PXN)Z=?-|LT5ERP+2qsqX8WeA13(eCY8$fuCHH7{`VTnuFf>fYF?+s`tzCpe#T5L3qBSC)`uHpK862d3~sst_t@tng5eNxl!{M zai3Msi=VZI@rIm7C$+CXDtiPDon_Az^CpOhlInJT$KJ@w<<@uSz^2whY zv}5U=yk6DgaJjUd=SvCm|96}ukMp7VHD4ICGS)ksKM^^FHgdgcKlgrb(9U4Ih3DJ3 z^mLxL7t)Kn!mksvygpCkd8^hxPhNj^>08no>G9H!rH*|D?K1Xv{ZrxRib+dos{h&VG26qBOAhC!uJ_RSUBy_vUmY4BdcWPq^GRLTFFc-V z`4k?fm)S0h{i@f`I6qOT_vHgC4BA@eU*tZi_mMC9!`mG?uWGqJmwp!B&;NbD{J-Pf z@_ajVKknu}gxLS5!v^g=dg%U~FV8D8?~Cd@4;}CS_KqFl>&|9-^?dwDUhg#|{@RO{% zZ~y=OL~2F6e@1IQG-^lj$wiGKFhe^WGxb#_Rdq!*?sqfeo4yZ{X99QM-}j82RLqg%9!X z>lpdGk&8?DL}b(+)(Y?uJ_{MONBJ~l)Rt*e@Gge$Y-1r@kybz;G_>6rxcpGMvZPJ~V2_ z8ZO}L$!OH37%t@NVl-+~4HsjHVJ=QLT#Dx!s<6UPjprHW;rWIu@B+hptTbGO7aFd{ ziwxJYpNr9`%`seua}5jd62lF6so^G;`q8LW8E(eQ47Xyn;Wn%>+=259&3L(CAzoov zgtdmdalTkRkd)rJS~8pDHluVD$c86IZM`_QP}Z+H|RFg%7mh9~e@ z!;>t14*9bS!*X0@=)@NcUHGD5B}-pIqt<@_>tiy{Mhg^ zZZ)jNUk$I~KEvy{->?RMGpu9V-_fZ3VOWn=v;AO^lS-%>& z8^+Bz&-gxGZu}6hFn)x!#;rKt_z7NV{0y%$evWm%#(j9R@i)B1_y^u<{1cmu|Ha#lf8)!>fAJNg zfmi)%qsd^<`p~FtFh=0p#=~)waRP2OPQ)$7NjPjg3O_a;jh`4}*y>X>YM&Wn`FaG6 z+SkT-+-FQ+WY&2cW-fl+juxT#dYPuAgOjUTB zshXv?qfxuVG>@+XXw(*))O+YXruq1w=_-80bTvL@x)xWOuEXa|3vj@61FkpSgd0sa z;}@n|afj(P{Ez7l95*%NZqq{CYg&ZAneOITza#hAv=}Fv?`0+mxqIgO`1(lXebxK` zUq>T%&-@@?AA{T(^AenFei%R1$M8J!6L`M)Nxa;=9Ir5UV!+(Rw#{hNTFonQ zvH2Oi$NVhbYkr=kZD`c)Grz#s_am=m^GmqG{4zdkUX8uxSMfFT>-f5P4fdPY;edHP zTdhZ9lYJw5$U*`nnI$WkB)9Lq-F-8Cm)xa$Cg{5iJ)LCC%ygKA5JUwP^?^Qp zJX`}VfIEut2=XGR0X4`2{-}t!vWNx^sK}0@@B6J&b++H{cH%#u{HA~RRGsrXOPxAZ zb?Vf?+V-yLUHJFW>DwzWsC*FbFQ|MN?=P%;67Mgpd>Zd-mDkSf!oRPZxgA>ePs}v& z?@!Ill;d z{(bkRyReS_E-+tPc`qF8sT7^X-*ifljvz|Na8rf3@ynn3nF1&xN@+jW_tnzNW|5@d?@&573@8bRAmG|QP z&nxdgp^bk(c*1Vj2tJK>oC?7EUsXPL!an@_Pbb_3E5g@+|2LIy0RIz}f5-bLD*u7^ zPgXW;Y2x3hE%W$y^OhF=-Lhpj{yk|+8~<+I(#5~0Y`F{ehtsy~!oO#1xg9o$EAakz zm1pDq^OZTgf4;JS_b*o-!26dgNAUj5%3DzKH!Hu6lD}DbJ4*g$-Ppp0g?Q=m;T0I5tr&UkG`)SoP z@P2yrEWDpyJqPb+RG*3WGpgs~{mklxct5jxG2YLrUW)g#s+ZyY?CKSGKfC&Dyq{CO z8t>;+pNsc%tJmQD-0F42ho=23JU2svYQd^>6jq_1g0<)Eu<*PW7M(wV4d=T2KeF+sH-2>ET~qf>eb>}4PyNZ% zC#U{(>KjvMPG2*90)RJoCz#_s{&%%t@Or+4R~?zqsjLn?AJZ zqRm%szHaj!n?JVsmri*536G!fl@l)7a{ZRpmhai}rY&#T@`Wvzo_PI<-4lQQ#J@Z7 zf|H(m((Na`{G=B?k&{1u@{=c@dddqs z#R~@){^W(fa$)tN%P+d|qB}3zchT!E`ac&v>*CpqM;G67@q-ut?!|v{@%5Ly=#mF6 z`SDAB>yp2{q;u(uEEStN-!pea|`coOeCvvFCi?IVV5&+~*FT`&-X#J@44_ ze(iaG{JcA^`NeDAdCl)%^Yv@axc2;OFT1vJ?b5a1d+pC(`}@~^{@OFHyYaf!>mI!B z9oK#Nx|6n@x$VMjZ`$^&+uptHliU7v+c&nIv;E@jv)k|5zJL3xw!eP+o43DZ`=4+B z?Dl`ze$$TLj`!`@xU;@t^S;4a(&nljK@Z5{%K0F8Td>fwo@f^f+ z2+v_WYj_^O^I|+lpy3_Ga}3XMJTJlXAfA`P()|#gm*M$#=zlNA^Bs7;6VG?yc?F(V z;`weo--G9S@w^Jp_u=_|JU@WvzvFo|p4UKg{6RcFRJpkFKPs12ei&NfkKp;Ac&IV{ zFGvWl!}Ftfehkl#ET^JjQIj_1!I!TbfD zzr^!bc>WsC-+&T60V?<;M*dS6?N4Kr{}!YC89aZ7=kGCsPvH41o`1mek9eNM^Eo`9 z$Ma7Z!GFdG{tHI$3mCb7#i)G|qxK~{U&iwljMi5%B45LZd>uXf4Ltvb9{zXq?l7(OZ@3J1{%nfz|OHm5tB@r|?YUnZdIO&*thoD<|ODg6Bj$C*gTU^*1Y9@tln3 z6g;QmIj#DiSOF{5GpbY7Gpp0pv#KXl&#rE%o>SdgJ-2$YOq6F=uK%LEfENDv)qI=6 z=({&Y0JgUqD(`|_tP1E2l?z}|;(rSs`fWb%VW0LApY~Fp_I*C>e^hQ1E(E)5>6{oCt2 z^vC?$PgJji4UL#T;qhMYp+D`@e%7bG(Z9Xfzx{&8drQ@5<2MvK1?z>4+uN&d+@>n; z@M-UmG^`#-bGPval*XpQJ?lvpY}1I_A#IKai8{apY|6%?Js=VXM9cn-M>{f7;S9yZ&Utl zi+|hd-_G!F=lHh^{oAGf?F#>PwST+DzirpIsmhP~w6AZpy8N4e+c;%u)BbIfe|wgH zyWGEBsc%!2qyFvq)DzfKA^jbn`t!ea6#KBx@v9#1+-akY^W=?~=S?#&|GPk;xPH~Y zUFqMh^>5q!+YbMBy?=YYf2&Q~?3wpzyQht^+a5ab(2;*z_HTRr+Y9{LxB9og-E95$ z5B}{7{_Wr7?R6VQu+_bH!{1e&vvIomDm;I)@dA0yovKy;*VKloho{b;et7C@8y}u} zta97*@#@2{Ogua_MA~I|-h=n|;hC?-?!oUy-i<7+B9I()gRqFU43lxt_}aN`LW9J6CSI)@`Qgz`q%M%qWaq>Ojkd3 z!s|91+VmK9L*G+jT3p04gcxmLaMb|3igkSC z%x`S`ObMsV@QV@v|;N`W1MtLw~<@>e$&ANZlTu`Xh`D z+IG%gPSwv@o%)$`zBu){a~`WaUGcDg*+S3HyfnvHzMs*Oh4}e zv~^X|=FWQ?-mjSEw_kDI8>VkQ|FKF7&*=O&OdmSGkMz6oT!-hY8_&GpTk!X>%6%6+ zR{4PozPj=13%|Ote&N4Ozv{w0NI#Bpc5Qh3g}XMq;=ElO`2Bym@IBQpo&28at1dh; z^*vixX0~2(Xy(#OzJ2C9FZrRFpS@(d`u0oSI`ySXR%Tvx>B`J6;d%7Z$7lZY(&_3y zY(6w|!q(NPA3_~Z*!slGuRrSxGaq@@muKFzX=SE**~&}{&wY4ajORx$o36eG&%))? z)z{Z4b5r}%qt<*p4Ip1o_ssn1@S`RKF%bi>0_U)Z#K)pYeYuR3q@ zr>|O>dG6KI)qAi0@=RkZXzuEL8{f9IyScITs~f*~^~%ge&lzvt^_)W+ImT1ZJ+yH@ z#_u~$d0+LB=T29*Ja5;AH=NSl{H9HhY~FCqBb!gY=Jz*$?i_sMn#U?zu6+zQOKm*i zW%&D}`1^MJ{cHUF2L4`o-Nq9d*X`PH?$jfjw{3f5bA8*&%**inz_vXYt8c+`w><2x zGk2`ayb#Zi;d%3pM>hZ89iUr0J9kc3Z{E3M%U|z&Wb>x$H=s@REmvN@d&~Ix>FRyg zkGK5l^~a_@e*G7xp1l668~^?K7jKz*=21KwHoX4wS8jRj4X@ntD>r;~<6qxUt3G+d z!&^?eab@NqJg>QNy!j_?e5~@TH@F~x z@7Iz3ox6~K7xM2~nfW-LPvQB;UE|GP-1W%j9k)HQ`3^iQx2?>)9?#F;Hs1W}`28h3 z)!QH0y!G~#nJ%6^w~sgP!|%7^c{iRvMB4NnpuaoDo6o-EkzN7cMCbMyZghEhkZROa3wZpCyewc-9cU4%cJ#dHs_mhB|1u$4W zwtQqCa_?uU#Bk~IeU@>}%CWU0QY3#BMo|jMd%z{K1GY2M+}go|YY(~xSpA1<^|eC} z99;Dk7EGzIye%I%cHiLGLkFc#woB5`x543N#yzd`T z7Hv$31BX}V4y+#BFa6OyJUD*OJqKQ@`ENTc)et;(!-X-EcZ~ak+IX-~%kg)VWbml2*g>r&Vu`>$Szjald)j zsMT){#)J0kHYJNzZ(M6MkT@9EyPdhkR(*&{v-%Wc@cLgCV=Ox}7nTPplBI7~u+Yea z)!IthLEMzkuvjY;3oqW1g&DuY#CLEVkCGZ;IAV0LNG(`iCUHRG{hvO-Xe?9$CeTgWstn8|2u5hyy@aJaG8_)%}amXefR7 z98SjW-ZQL&buhVe+zIq}Z8Z-cKeT#;5{mqKF(d^20g2(B1NR<3;Tq4+awNcW!ZJ;zoLcMr3ASTFV;Sb?mA_p*gj z_#NBuoMeSy%4IUvhI3*YMM~0q;`k;@Zl-gZSZ=4*Nx=s(bk0 zLxTtQ9VVv8cz9_Ai4VVK53a4;k2N_-Y+2qUwRdFgUdqBkFJ56`(VQ=AQhOCm*gt#x zz(J^U2JqD_g*GAiP#Nah#L6`>*ar_Bdx*V*WteFR$(6uMhgNbvt%23=I+6pMVlAwx zcwg9e^ghVAc!4fG9^!7IG`P~}{ zp0pUTh>UYX+(oLFefTR{jO@p#Q=`CvhPJy)O~?nm#ag}DZgz&uy&sz3y_oK9sn~zp z_27?{Tkl_8eV}&mz)PUg96t<&aOKGAArLk+Ne4elZAhggO~ONt5ba%6?@<`yD5s(z@>`WIhK4^~OI}t+=BKUpamR zT>Y5-+ONi$m4`GTETL#`VTqDq5{fK}Em%vCg-h&qw~TBrWq>c-uB`1iY$5oerO`CB zeB=NO5GMGt#|U>EZF^<+>O;b0dixF>K|1*bk{SmDzVFCGNVB=ddgxr+p3OCY8qizs zJ%SJN3t@U)x5MU_*Cs@Ixxv!ym!Awf{(npcW-rJ%f_u1ID(Q5k9APTxQP z@D(G~Kt$L3?h{(|fbG|7qnEmi?fL$=x7ge>?sSLaey!C&CMTogrKIjijp~kH>6}J_ z4o~-RBV`T#^T5fZM5MTH-cb5Yq+&VR9}7zjWr<>t2Hdg6+0}d2j;zYejp#}l)=^)9 zZP(psAH+*ZBazxIC(%&GO;!Y6N{T>gCfRShnZtU}P4ZHXMU30<6pC|cY?8=lT!4{8 zrC9ACE@6^X4czt`jbFFvxPyKheJHfuQ6DO4YcTHB`omU@ifIpuXDvnRbhGrZT8%o3 z-CASZZZ=w$DFB;d_Goi@U}D5Lod&)+>I_D`UbmkEN1cAN-ktBX?#^HBZq0dtEerFBE$Bm3qH5Z1&Nt0!F(9xdg>~4966D z{T9mX&o{@0FsLsy+tx4W^M0csij-65_+t0y*&-A%BmZk?tERDIm34ZBe->x(r2$PO9g6XCF!W#aJ)&_1^! zz~F-sa9~$tyW3BGTj`j4wf-OhEiE)K^#+&;SdB)Djq$LLj-ePFH*aw?0HxwX82d&O zh9=BpW+}nxj9`6=(oxOm*TNEpJx*vY4SioVmne-2cIYvXQ@7Ko_4mfPdbN2FFvQur zMqNL&q^D-5JDOiel9#*v-JDB<<}gVg>_wZ}`1r6nk6zwO4m29VF4yghdn2P4jCEsH znH5TKD={#TK3?>I-Xfa?)H}PDX5^0bxXYu&AE>iVh-C4 zDGWqB8ZLA(rCKPQa1x`(8MwJJ7(yOsbgfk5P#9}68crUi{oT!er@07TYzZTD=X2Ckh6tle*ucIu-(MfLGgtGUccnc$eUo#@papx4@F00~hYM(N zf&^1Yql+?2fi<<4Bsn;+oPPS1x^na&m3a_G1`8Poqdx~;1TNtrjXp-SKc*f7f=0Ju zY@K+frG~}d#h`eA|_)_6){LF&3+kx z3^ail2@HC$1A!yV_oHm-0t+ryZ#F}rkYYjjy87loSrcSk&LJ2pFgDKbQZQPPtGuOn zLLkb)AgzG8l%jDLOi0A_+I2*F8~J6YGH8`eQ43&)Cs-gsK*RyI_s5xzvJblt*f^My?9 z>-1FlWPmX?edw;G1?vJ?4jX{gVD%`^sVr;&m4iZOc?n=Ji(tErQM*@;vDkIXp6j#H zLdb)bTK(Y&ZBV%sth*Go4G|biRw+za8Q36X@mbMt_pWSb^I#^_>aj1M3BS8!tVI>~*gnv=i94CcP(+Bh1TZAZOFV`pt z40_P>J=X*et3$!_zoE7`;JG6q5r*fGVI0 zDk&{=hj6Zlil|}1twHRq4MK$}6QJp>dba_wPSy~99HJLQ=2nDAwi*e{M1oi!V+^1} zf_lNO8qoW7)nyNLQ77Vq_*!!T)NFv^V!=>bkcc$U+XiUFAVLFQZtj7%2!^=<;s<+R zSvl5x52FRiK@}fox6nF(9w$JWHQJPep(9k9np+u&RsyWvBFy5o3?VNHbD;d99?m3)e=6El<4es6tyk0%Ix5A-1sS!NKK)b>hyx7WT$lWAbr3P zm_SVJq?K*91{pqqa@o0S)CB8Kl4Xd}qy)~cNfM|QdB%*X;u%VAK8PQa8-F(nR63v?KKUqaN*a)Qk6m zAYd5_S*iGghPuv3k97xI?zSd~owv~)!qtu_q-xl#V6lvmmikf0)#sq8!iEGMpJ6$f zhdngFHb)8sgVJ4>+K5XB)LkMLkYL9JP>?1XcF^9FRdKo9^4*+Peo*g^W}VgoK`rh+Pu*#<7ke^vV`N& zf)S#>*BQie2qd=N$caG|Y6=}JqE3>E2J~AE?(=5o__-Uit5<6kK%DC;frI1pTX0p) zGB@XYcUE+*KidKU3C|pL95*s1LK`PlEjM!O!8prOIPC*as*w(%vknWe73u{mlZxH9 zv8=Yi>N4a=&Z81Rfg!^nH8f!otE)}Q*$ab^xzK{V+OIEQM}Tt|>H#b)b+yn1G|gQC ztW$L~N>fdgYw+0P*;e0IdGiF~+{{K%|3(yoK3h)qC{u2=`|R0CO-lM-Ou z>%;ivyP(^_G|s*PU>h=P3JNSk>K4qbN%3MxX>*Bz9!ZC!Bg1oU-H*S)uYS)y3%F@7#$gwefTeILn zS(T~a^sqsRO@A@$C0|lO-gSs{YnB_ca}OMVpaZd6b-ZOWL1%qBu}ct)pt1Cc1w$-( zNhQ=wpQIV(ivd4@=n!b5mmsKO-wL#lAi1Urn=xZ!30xbz4u)&bItcO!9u7$@lqDZ? zMLjK4F0OmMwKFNJ(VQJY!W5fI+GGxdIZlk{uvfHDgwsMnlUW%&h#>WOSQNO)lYALg zM%p5a0DgGB-(3zF!Yqy^FxiOofjC`g(E(GKNCEB`KFw$ptYM#VE*nY3lvKEad1nCF zk}#1IG}k`a>DddJZvvd^f^#h>L7_5|6-pBYmYU>C>>{yLxixtXXL^raB@X7)VFUI$E`R|<|Kp?s8LrWT=z+m{YxjDpJ2l}h&H2er1j zqDS=&wB6w?j{HWoJN{72QCIs5W0xm0qVu?WHrIRWa z?cP$N>odNj7TL5OFbJwbm837@7(%3MC9p~9aGHUQ18f`OS(1TT1MJ618d|8KrBqz}PdT2U%*2NM2F#!XeC<-7MMr{_=ZeWXhkhVOpkgntz zmWmYQ(VPt#6qBGmpaoUT?@4=?+FZ}+v4A>~mea4ZPw53GlaoHJXwAx5 z)YisLO0+bBqv!?(0h~RDz&a{U9${U<&b}_Na5KmK=zEVK0^odW9ChMd?A! zx@BOFANm9?zO@d#FJOp>=wVU@=Rx;0Ghoiq;%l24X7tVbM9@e|oYdG@Ump*OY71({ zM69UQlL}JO>-VrfD5ji1mHBU1w>)*QFoN^la)(wl+F2T-Py!s%_O_Z({4p-@-orMv zYG<*s1k*=%L6-$7H1RHx1Tkjgd0}L!a6sG;;j|UBKCKI|HT&=JKT2mtl8oQ7oU1o|) zkOj<##n76I03%X=SL~(qeo-Ts504^pC$QDxNl7U(`O2rFJh^|c9rgA#X!N4!b^QZ*eq_*|Zm4ceE@du%K-sm<7xkJ)etyAW+N6 zP4$biZE4lvQ0nxDFiX>dLEwT+6LFMcCRFx%0vKT5P3B6HDjKD=GJ#+`Q6-9eEDCn3 z=p$i)QhysOAw{cq-F_hJ&jlJ1mlB_BJ9E=NBt^Z`Uy|N~1Z?<9O7k~N@<}b_0?G+yCa3=$b@MKG|1L@pp7f}gej*hvc=xm@`K{X^o+c~!M14G zp9LVsmljp3HTZ}r7p17KJ6qhoFNMR&hvHl*Ec9Sj`>4=~I9l*TxYNGDoX|jc?P$+M zW1))M0+k0P1!&QJfZlfyYL+hcyfyFLH<=O4fBF--U$#Czi=B^j%D4=M0w? z=g1EeGxAl9KPP*Q>e*YClgF^yZ7kSvra;qoUA8ff*Y%Bo@80UsdaNB=)~#zVIK*Y$$FBP zXXB~6#2FZzXaqN*(X4VD)mt*G2Gnb)N|-;CHp#p)1Rjy$u?v_Uv871`5MGKf;AUv( z7bsjjZ6{XP3`$YSnO*XHq>{*Pu?Uw%A8p9G1IO@CO}J3lMDFYVe2>14`VwtRVU#@!-ok zC}G`jXEdl6(?z7gqRbiKe`aks^o0WhNYznG}g%gKQr9KHk{ z83a>0(>p`<^{n0$ zRJ(N^ov{>b+6+)sACnYrWtIx(A?|aiOBDq90CL{sg8^qHgdzBxrQqBgMr(9};R;3X zyHYV|u$@8R1$)Hz1AW(VAQv+ij1`U!)Oels&DRkMFSL?*G*OwVhge_9st@PDPr*!lbvO!CsXpAgLgw(>k2wv_fL4T5l6`fT>Sd|i(-QMjNsiJO2sq#4 z4g!>9fPt?hwbz3EB(Dveg`kPf71G7zD^9-d%x0cXyM#26gXBA90GkJ>o3py-Im;0(1$ZpkuX7qH{PA!PvLM3_Z*P5Le<+R$;`cBe5O%m+CtnWlO>Bc^Cz8IDP%n6~2- zZJ(qFw6&xucS7Ez>;b_F_M8;PbrRcdy1s%Tf>YwerPbD$o^D#Bohcl~ktVGtQ1QV? zLOx3uLn}X>!O`XDX)%?OCSd`AslYy}a%d6Ya>ePn%te@3rFmG+7sw;uvMv-sGKq#= zY~ABPQ5}s4TUmM_z{Ywz3>HDb#3BjFmy4!8sG-kgo|!eDaegH?cSIL2N26- zfW?-|45l)bR2(cO3Z;>kLJ7njx-k(?M8g~{ENJ4(#uKACiY)(XNbr^HFVj8Hr-qa3 zK1n-GaEsjo!XIRh($bWV~Q~g>zR-) zCIeXk^+ZP1j9QlpKv6_4?RH}a+^HT>)hMF4BFHbWGg1P#BK#g-u?S^0)&)fbodOb` zPMYK+huJiBQ;w}I0f`L_9+L}Q*C9Cyohd!d=0NYiTUNNqf6mRFj*n$nbRB_m17#}^ zfBqRiRVJfEG*tE#Y|C+{VPZq9uFgGmBHBa%S|DbW$zMYr&4RdnCF$pYoq63RmT$%+&2p*x-ttN{~r?jgN7nH4OSePcFl@Rt<6Vj}n@;4t7S+ikqkThCo-qMyb}u)>=ngpnLAzwGhV5{~ zFvHr*FcxLCqUA_rS6ByZ6EPo}Fp5G(Zl^Ivg0T;yOI}j;8Hn)Q$_WyHLyA+>0Zm*1 z&AhA~Xy7)>?5UVfyIJ%WQd_7E1rv9%^n(yUXC2M385 zzNh>`ImAQ+4|RJ5-F^?|F&E6Gxn}`Z)KGQTpgdKz&=Bb+%LD_T?5;D=MGErfJ32{+ zLyWAmM0xOi#$V&+O-zQe0L3)W^MSfcTEH-& zke_z@0%`fFP+7>n)DTNjnkQP28qI~hP{G7)ypWmO0CsvcX_Rz|o&oP6&I7h*IacXc zoTe|{+S~+Gi895J%{(w>%6)LJmEG%NNy#yM`t8uBg2{-5`6-Z#U<=LVq7B6GK%r`E zDWW(|AU>yF?n)bk5NQ6WdImxF!lyyb&G)4Gj0YH3z?I(DbLwgCXjVct5Et-bRtwZ; zu?`DEV*0FKJ7gPxytmwjZ;B3Z}i>Q+!!Rp3P%-AlX3!y|S zl#!<+j|(HMT&qkW4&DjA)?QQfuFGC0BH!atmvwNl165ELl&JZy%@_sE;+q>A57XnYR#z;5d#>2(gmhpWGMF9f2e|`d}<Nm5#UF7E$V=dsJGChNz!(&rHbV1rK2HRKeU<>J2r$Ylc7x&IhXXxX$?Cr7+zKRU z&ia^70|l-bJZiTtCOcKs1zFM3#-^5}6lSZvakdmHlPgW~J!c22VKe|Uoq&YymEKCh zX~2mx4EqXiKahnlEkH;}+!l)Iu>R?(DCgLaVnl*O?5Jx67x>!MC5)UhS2gxhSOzCS=CoiTAvZKBfW(PCklsS8&hNx6EmVf?_q5!uk7ZR} zwME;n=Se zFBmf)r%@-W> zKT34zS0Wn2(9yxo;Mi>;qn;RV#qd=AchR=6IlKtJQxHP@bv1_AX}nm*NzfR@8mD+5 z#Koq-7{#RdNc0y`DaMImHmVd!OPT=xS5eKd zPbX(LMeFxDQbDJ_2-CL;EmnF+!668!KqBda-x-fi1o8V^I%;*A3Dp+bT~1BQ&86MqhkY+(w2Tr(bGiJ zHfZU=@=J2|8KNe~Yl)Q?fn^)qEl?#;vPfrS@W68dk%ox5fHQ^}F(Lk`Pa7^S>rDor zKg1ylJu1@*r=hUh2yr0>n)C;W38oG#n4N{L&&d-=#xiJ84G{E(g7w(jC`q+(Ihge7c1>TW9O@n6a{ziUPvW#IBtmcH z`LIHI7K}G9i~e+Qo56}z$cb|hWy$CdEMx_2@0gc=L1H?4UR%gVDF?P{QbV4T`wg>Q z$SOrpQ3jiZFDN!wN^s348V?4gs9v#HCNGyHtC0?l9Wq_TB%aq+mwL?RQm~p(bZN>n zlkj*Ocb+c8!-MBuXJ*}u!R9cT zh~`bJN2GF`m}+vEGXUnPaSmx!vBNNNyyYyW2ABnL=LXbC#8VIjyA+E76G{QtBm)7L zf=UyGQc58?WiXRB3`ndO^ zN;@L-M*A4cSG^RfAOFE$vK3Ls8fY8JHL7NN8>o(!+= zUQf86_?PBjYY+%Tf}-be_0JHcG>36$DErzzO59?`y3FzGocVA^?c(rU0f_1w!_V{a zczK=%1M^6hrvfB6`zvG3v#P9|tA26qh1&}w6UjI)A=dhGSnR107fAta5-iZTgiLS| z8uNn5H=#rn+RKGN_tWF=IjKD_q}f?os=2-D7}=lm$MAp!K;FqS+O&Wi3$d~YkGf9-r%I|)1iUZ`6>^hiI1=gu%cQKFm*S`0x^StwL_(T?W}^(%e&D(3=MH@?4aGJXLyBHu&neD6mklA5ZO&JbQtWu8W6*=Ig?ZAy3B3 z_A28U#p!NdL3uj%fkJ5d7^p@N*|T8V7?qL(=(Qxu_dH@d86z&j3JGZD*%+#R~= z&|nC|@~v?5As z-xyfq;~rVI#15|mb^1wUh|%d`{b#obqeBhXxEt&W5Gl>NRs`Eznt&0k7g%Rx50t!9 zlzZ(|So^|kEmCM;{G|Tb= zl)P)xn!33lCoa#k4q z2kYB4mMIbw;*C5?I7D}as0CSt&7N#!Uh))YTp zb}j3TyY4!{VUq%RYke#uyD1!)b*9E7cdb2(D`mT|o+XOD7BgrzaY-iqhN=ZG2&|6tH%8VudSuC#ka}fhrOCoC zrq%>yvAG+dXr%j6fOsTMS`I* zVhLxIV;|FqVkOpsW{UPcBvPfE`-=*-0k+;^kEHWQgg&dH#a(oJ>EuC^k(0n(oUw69 zbGT+5_u%k)BMOyTK4k=QVCsU{1PlPZzR0BJktj}ec1G&_e;JhMxG0HT3U&u*pXdUeI6lT4*I17gp*(LSeD>EWX z4Yrt3hu2xsO{FXs=xMe~gMJ3~drs!cGACnnl#A>lAm= z-4>#6vs>cxbdVMpq)ZysJKSckX5&0jmkW1?0mhTFMa*Kpl43kd@|m#is6PRz2o}kF zl3g7_64Yo#>SE`NHwe%HR_m6ZfweAda#fV;=4faZi@E0DZ)dZ>%|O^Xhzg@9X$8dT zU~6EWSYmmkN^Z{8MKwmEc}qoK3Exai!YbSx8h`w+L139FXZ?MNu%x2$CAM@?7U} zM`qE0c%Mgrx^CN@GmMVYBEJTPbOE@R2k;ygR_1dQB`Ffd5LSL-M(Jl7dCe3=c7J% z8zOnOu=|li=mf(mJ8eIQCg$=SDAs9zf=EtXsgIyuGrE2TG8b-@t)EA!kwy%6paOak z?ot;82h@d2mf+41cmw-IRYsnaNC9bz$PvV^50=2wbL0kY*JfDbsEkB&U`_~w34#g8 z+?oaLn{$uOcE776UseI1XVo%1-PfST)8@VLp%J#m#A(z^+B`s+C;BTEVgMZiB?m6C zb?Je2taKH<<7~X~XZrw-Po|zQW<;nL`J0|vcUme{p-A)FjT=&gVnv0`fV4|eUbXFk zs07C{7Mi0zEEYJH*Qm+qcLYBfNFffc=N=)VX~eS(?znFpBTol}o3icJ{DQp{8JS6f)&E(G$M6QMp2c;owHpJO~OUEBL+#8>|1iI zu@piIS)5!noTpQul?bavrySB)?v(?;oOty_X*KM|i3F(DBsJC~AghLMO_suBA3uR; zh$ZKx0y?3Ms<~WVBNrRjU}0uM0E4#!1w}F5!-xc(hl{wQ)JY@YX)?uJISfALqs#L#MW@O?5K?O6)1^}$V=H}q?|LCR*f00pFvh}y`(Y0 zPgz&)=%XgL79m#RfI;^W90QkQ1?m)=q)w-#~r*@f@X67aV#aVpF0IZ4h z`oXykWR5Xl%R-?p-ANx-MKz_Bd`?%y2qF|s9fLP?kq9H0m8ZI42}D%rC>_1)w(nuy zXmAfCf{}S+BQ;79?hB{9D2Y_yKMP%;9lF^cLhYP(i2h}l4237YVO-5y)3(->=Z!yQWnr6jh-T-lF{sgw! zSF@}vk#|66I<~C1*gta>0OR1?Y|WV=Gp=yFo|q4B=)l5_W!8ikHITJIO)7{#L>@2p zG*2O<*GXLz?vgEO@gl|PI+pXeeC{sU_g$=am`zWXQwy zH54cgjseIy7ncJIpnW6t`^Xud9-fKvdcA?08ZK70oV2s_5>)#Xm~o*11K5=%FbTF4_oW6)Fl8j^ZS6+HIc9rGU^P7quSM z<`oFpSeGQpMUh~!Vl<54*8Q?x%Z*C9`=&+GkZFN9Qi!hhV#t8(KqHLo3}La6i^iPj zpvB-|7cBT}f-^EFjT&Ih>_}q1!?! zPN3)EBxj9BeG|B_<21=MH&_1*ABoW|d1=P_pf18ic^29&DJde3?K%i)iR+2gDW)ez z^}IJf%oJ;}HQT2qo2JrxK&~vuw8e%5m}1m{e!!f?O-V|-A!$=-E)r3aGuTp-WO18z z*FeV}-wDpdHpX8z)&ow6f*LRfdx|2Xir0)72Khx!EHrSjo3_!N6NwVYU7VL)w4cf| zQw;>Z@!0~FRi%JJiIE$-jL_*L-+|rL7U6{x^IpfP(1(-^BAzT$Gw6!mopF6Mbz#hr zz*$6#foUQK;lv^wLS>HNya<@DAUMgLy~)t>+FLl<$cUAa5?HP6qBEZeFN#eC!5Qx2 zRPkQ+j#QL&6dhkS_bN#(ejqN!`kew9PXTEmmW-aq#i9`)+EE5h1c>)YqvZIswj_t@ z*f%2V*z74gK0JSilkpOIB^p!nX>fkQ4(fWEiyl0i*x_ErjXnVIIv}(bGB6YytTveE zjAchZk+On(a3sen<0|9^549Y{D6E4}N>sJj+!0{K?jm`_Wd(IMDvTd+VNs(*>u_x5 z(b*@AHm9L0#-@A(M3-4c$B!Zy4@F_WmoAn`D$Ot4Yd4uD1{OR^>ayz|YQws7ft5_5 z{h1QvU83E_bo7P1|3j3|7|F#DhA7hD?JkA6V>U=S;dp3j#7AGj2%5I<54_;n>;uuMFC znE*g6)^qTDz#^W4EuZZzrcj|Y(a+)FpA>8P(o{(D{UO8G(&5Z3eMvqI9m(}=LW#1L ziq@2t4XXAz0u6e#RV>A64vj!+Q9e?jn{sIy$I)#{kk=qw3QfQ%irr9CgjkQjb|iOv zS}5zJ`G&L}iXUXCS-eY74y;=&xUxD0Uy=2&!co?=MbtA8u&dD0Q0nA*P(&fKpsJdd zYJHEp%cRPKg;tKj$`%qqaU9%5IMP5tGnOBZp$&0KoU;uP_5L!ZY^?d3*KBB zcuZ}CYcaCV#UX1mP!I0m1^nC?8%m!5!QKNHd7&JcbcNI~9K4+wkwoALiJj2-jyS8N z&6Lj1s%(^}Ogqisc_HJjLq>riJ0V-H>fj=IvMu`Rt)dM!v0t`pxpc6Wa@I)^Z1EC5 zr4q2803LBd0gN}87tUMsV#!AigUESl`1djTysrd4kLAOyvXBVqV2!;8`pm*;S{Kwn zRCvSc0#RiUOR}E(Wa%OiWNB`3Dl0)&lnfi(4)w(q?QrPHK;U%BTQUGnzGf+KX~HbZ z61~(;mupI2Xp);AF21~o=R9ziG?mH{%p`Mdg~T~vV}O_@K@SsXP$obI&^>UF(LR-K zvx#)Y@76s6W&zDXyyp#8JD(h;K?A;)G~8Nqv<+#&o`PJIv}k%(rNz7kxY4Lk zT6`e-Ld^(i=G&GZD|V2nwaDh7*s*9Fie~jgs;Qzkb-K|U#0?!odFhbF}q|q zG73(twX61$GT1|@6E0j!LT7MPI{t0ueiTNoQtWOF=DGK?H$Jp5vEnBV-)r*N%yy`TCp({EC@3OgsEGiQGqr+G~OeHqcXIzG$*T+L82xo z3yW)GIh@x?(!3}m{h-Kasd*(h=5XNJ63)#m^U4|9b)_#xioq5NdP6SzvM~e;Y zhPYifY)m>f%qU-dL=;B=vLuHo&>9b#NC`YDQBFHZ2?eZBCG9zS#-s&NO-6g@ppjL$ zm9DT#@BYUi{2_2&;%k~>{K3`d(<{9_Y*yu~ydzPz5^n2tPNXJURyKo#i zVZ_7jOEEJ0$(Td2PVOv{mTPFblLNjzvfeh(02)V}9$P{0;$dS%l$0>DKBvQ=TCS@* z{6EX^BDU@9A6Yq|U$ohGCSo%u6(O6mN*cQZSBMT=X(MCAur*$aDhn3{1at_Z*7+vU zH8xAiewz4GI1dTh=iwSM85u-KL!B0eODo4l+MY!zz$sRo-U<#fO_b=cP?!vr_n*#7 zG{5RR-Bc@B3ZjaIsI|gD7O?C`wT6{@k9rlBfTO(F^j;@x3RQo79ESukfN1;|ZKOrF z(ptEX1-vC$6J(0;W@L!uF=Fs)Mlo=M5lkxL#Js_1ZVv9EbiIYZ zEGPVZ;A0&YXJxVDU)%w~K?LUm1Ak*9?YL_}-2q?|gNhWb)O5(ylASmX0YvO6;;G4? z6*y+VHF-~r>6U)VD!OCm5E=Ak0$w>nyqg%6?+TV0SbZaCoXJkCwBY$ai)51`DheE=IQk+U4-oU5 z>n5~g=W1iSdQonFLMWDp#B@Mp)GNkyejLH*Rz#to>9+i$d{*;3$U`e(e(;UqrFh{^PkqY8s zl5WyJXji;+#343d(CANZCh@q9HlYIs*JSY(=0ue9^RS8}VEqJ_9)$FPEDRpPJ$=;# zBV4Q?-lmW7#zcU-il3kKxF$uwl9)is-G#*UkW(otf_)hTtwD3q3Ktef!-6bh_;lAr z`qXdZyB7bST2=uF$3DdjVs~&9X?6{&mV%JL?zORRdo<@R)A0BA-fuKHw zG~ZyNQYR9ld(*N+VB7}klX=lyZBg_{cR(LulcHAmz+5~rA3#Wk)bAL z3^7W=CR0{4M8u?~6nl6SHcQ6J>$KVum~%}_iwP4~2@2x|-yh$lG2F}^WE44$ZAoSz z#(i(~>mx+OAp3=bNnCaaD=rTAxV{g(2%LxKt8_?(cY$)CZzBE}MG8h54RAH<>fUD% z{T8ti60q#_x5R}K*#&$W{!G|m$CVWUPc60n$R7D3=ZaQ_ZfbD<;|VV&26B~sN1D@6 zEV(>sD`ev`hgDz!4!coelLNs9>qLOK>L#Xs%=Dr;97m(n%A>z)FVI{ z&~S=a4Bm|C1H#2w0=+>Kg1}QCssdJuC_7v3wx41tR^5#4WUVWQF7LVNhB1gG?l0Bf zO-)B6JGel@rU+FFL?MQ+Kr^E1d(;#x%3dTfg6|GBI-c5n+-1~ZtnwUB6D=xO78b}>dYfJXZr2t;;n=7Z z%l6RXo+UV=4tsoE6uJx8mn04VF7F)j`p%@F#$GzE) z6^74BE|CRN7&sbiM(`?tw2Kf!DNr?eQK3=@vcc7Z>Y=+;qX2ax5V{DLs+E_DIm9dG z(wx+5g-?O`qMr(2r?ts;Zkmx@>kY*z$d(M*QVmpO`xVPvh8j>2OeY8^VQZ`i)4tJG zz#1#=CKOPW4irJ^nt&lDVfEuhL)4W?=^>Lb(KNM$SBSe+$meGijvYfd;1Yu?vwU6L zo(a|qMk)|qGmpSkV7K9L3AD9&tcNi3rCGV;(c0>!kkbJ}!Pbe+-2jVn0L3;Z^J!+F zEI8z85A|>bibSl6l1NmhDrYdtNd{6ABP*6+nO#6CoxxZ_7}GKgYi*X%lAWnI15z>I z^pd+8G8iJ_VKA~p`qaW4)vJL;K&j85XaIJc@>De_kP>)Kplf~TeYOYndI&V3daCv_ zL>3D9kWeJ>q-n7V4V;06!%&uH4yGWCJ+oYA5p}bZNRe&rP0) zbHOD*9$hN{C@FzyDd*2VIDlp-VMepkpsAK6TkEBsJl5)#lekcj3N}!AL<3S_ZOGNU z1dBY?ZG?jMDW(<+vej2M#*1JxLPJSGVCZ>w|3^9yA!2miS#c%Z3T7%_)(=5-Qu}WD z1!{6o$6Un6{3D<(cCSq7tXO0JWiV1!Vm?-~vc9LX0_R-pbO2GD_wx^P@|&(wim;BY zT0aK42VyT(A$JBM|AeTwbfz442VrY3Yh_`OWv*sO>a7R05}}CF-j#Drsto2ZbZ)cP zMG%uL57*qlJu+ab$+%vGzBUU|gbzKguFgwi3lQZSQS7ibBK9sWt6K*%5fUaL_OT}= zEH}}WKD>(tq=FGOluRF_G7%IxS;6(^}m0@}^ zw5w@z1Y`k;s^4uPGvuK>gU%CropaYs{Q%YHA*BdXwh1+0+wLH5_6-(CG zrl?UE1%(9!+|tZI0LKUAcoNJIVhK$4o5lYGJF4B0FC;YFL`W(LS@j$bivfO%Ny$%~ ziXsGhpW#3ZMIx&$y|5{M`4n^{kBvhH&H((W_L~UZ>PLHr91Aa^&^sC;1jH%{>KtW` z9U8pnL#PUDB6s4>inw-2qQe)%envIMJV2zdD2a7-bfxV~Jkb(}Z-Ddc6)B+8FersN>s87zSiQYbErNxiHNtFkTbj=}3-(8BLk&{~_E>09JwtK@u!Znw(Tt>L zYY5j2uBvi31Kp@YrDV59g2pxm5|cdxsU5c*7`ej1xfWwd!w^_iCFEJGUJ!Jn8nO z@v^e?4bf(WHL2BGx`8~3C&R6G%+p^vcR5tt9>lc-9tKZQf_y}89!pDe3^M+>xu({e zJqb)Et0Ou}Z~~{mF0R#A{b$Us03JtAIc&>e#Zlrivk`+OL5%JwF+FbXxT?c@qt z8E4JMaYIWWlh#(TSdgR#p|s`Qu;II~8!76u+Vrg#Jx zHJT)Du_*Y|!h#QJb`L6C2ZOQd6>(Cy(O;K)EIt=Z0OY+eMTIn@SS1{pPZ#J{of3!K~V6K4QiIdutcgkVC}N8oYhq^Oa^wGGBKyy0T0Iqaeg$}fsSHzjw{ z0ZWF*6NJFB8(4QRK-u7`2tirhgHJ`FB-#(1=~^J(&H>n0>&nD$c8A$5;ZzbW9edsi1FMN?6k^(WJ7-IN;8*6 zAa6pA(%6^Ijvgg)Dl+yKw5SrO)FymTJ(*3F^VVq(r8z5BrusG9c2Q zQ(~WE2=tRebF^o+cz;3xOo0uqX&Y20ce%u;hbyqYsm~%+ad1$9rOch?Udz0^Ah97%GM%bdBsnVhd6;(Y=yXmnBDLYiA&W&(PgI6P=~$rBIs(Z}205 z)g2}`5mi0oP#`D>pPp^vKvfH^HDfw(+pRs#hO@CJxIEc1cD5wv*YH%hVqYjl4YIPc z-tOI#e@|%CSxW29;}EuvQY0)r<~&c%WCCQ4i^g(^N|KT0?wsvnk+NQcFPxGA2ODin zvIN3|6_3WuAp)Y!!biliyQ4h~up;d|v7m!9@~F?3&Qf;UQ`59 z9;I73T2-Ab^jSd}p_knm1Z+k_&`Ti_bR1@%A_SKO)pxk9;{bLd8)%0MwOB@SmEgx#N{dqd-r6dz>JJ% zriIul)nyEE-skJd&7Bn7XpYiMj&Gg`Bbgj{P{7;N57M!{jmwQ=e!WKC$})oyp^> zqT^*Tt5myoXJEbB7kQYecr#s5Y@nR=8P;U0llu<(r!j)npiEEZR| zG9wMV2c8l~j`6FM1}r+ERIh{;fqPB9I7~sfKXhTPj}rB4 zK}Qq{SgUzwUId<$4$GzlnRLS)zCj0Pnr?A>SPlZK0E?&KpF?H*<;6t<3*m-$=6pp1G z-2-8xn7z2#Vn+r4wK$F^d<;Z+T^>)wVQ8P&8G zkex@YEc8=o6YsGz4$%$wFrf^YYIIYY0FO%G866nG zs8vDx$tzPN2{FLo`oDy7xG6YtBM1NHRsu8bDqiL>xfvw|Et}>tIrgYN=`l9tM=%$h z%N!-e$9vE);lff9=ZZK6{QWOpYMPDWGtqUsyET=^3DPO%dWLQw(Q8 zl!HKAL{@*&SY9Z_i$p*v)`W{vWF9Sk>Jpt?T46NLUsOT$V<50-cZDrpF~4iJ00 z#Zw8Jnur}nmrUE=Ge!yxnznXKd+E!-(|Cm_FUyWQjk8RTB58gQ2kN-YNg&Gu#hWlD zcJEgS$YrD-Ybg*61>D#j*q7Zz5u8HF7E+x{Qu<9Q+3P^PGY&UyAgmhMSd21l*MwwG z?soEJ0-l?(7D!Z2-C}ZKX$);}Nb1Lf;ig)&E-DSoPXkSe+U zgV;dbiJ+#Idto$eU~f(~_qh-w{u5or6wFHHX%yDXQIBWEXg5Xh5i5`$n&y|lLC1EN zf{>Ahzkz;IQ>AyaG$m4>8hEY`eXBAB|g zsmME647pIQ@BwUjWRZz*=VE7JGfInx64(@tu2{N@g){^^DZ;d7 z5aJL`v9w^+YaJ*im=DZ@ck2)=A}+cogSKcVLG+L)cJK|wsWagbeUp3ujggJgB$IOsPw@2EKeVM7Q&TxrGl&N1BqY`?7a$(Q1tcvn zy(dPnX4`p{80Nmt2ovrsOAJd3M&CNAI70~$NO^#S`y|@$$PRZmAG|b!+K7t);PWJ@ zCKh;TAk26siEjgDf_^s0iy&>v5U|$v%U~k=dxWrrT6c;35oNaY$UcV9-l4I&+XCUo zd1k{x91k5AMz*@wM7qmEQ`dka)E;P-)?}khhjrNj6^t_&Gk-5RB zuxf(J(O~bUtp!@}Q(-z2R=|?&1eFsUEH4}9g#&u{P>xop>3;z=u0&FW`a zcJgfbJmgoH6C%~ddk-Q&At9>Y&}1heM&i_PPc5Yf^qt4IZN@yE#0txik%{+_(a$)W z1&?w~!kCmEYxm}OqlH?QIt*B1gwMa)U+&kIDe?CA_P9Y{8Jav7B3f;p!!XoUPhETq zScNstnOCxU@hq+yUMgaTbmD)4t5hi4isD+h#Q0y)uyMhJ$EeejZP3u!Fk9J>)7v0{ z+lq;h+@KuZ)rJ|MiCP2=V>DJ}$^4o#3n<=F>>H02SC2I$I3&(NZ4Npw7nTHM{i)`s z1ZERQ&dI>al>m9nM7I$q1JLdyQ+kD4>=EV6dDk&68#c?jSLcQPlfH zH4aSP!k9xzS=K;kI@mqpFm(?>(X~RzHH)CWC zXk&q#-1(juLD?3z0OC~p?l?>5$jdd>E-HIH$%LZB4+OeQo{nX)G~F8q{CTIiz(5Sn=}C@$(Il9Ep$6-4@=0N05{d_h5}=&9 z;9^ekmgO)03_8j|;zZ}Fi{+7f-Z22!PWUK+`MDft2peu((z@7-OUmoh2dNBz4^2#` zaFUcVq=#XnNzhA?%M@s59q^N;< z#B5)NBA>)EBWgr&JSr3rk)O0lr36l{q}GuQQuwzkU)6RK23(F%JB$Q(SqdMus6fdl zqME?`ju5_+pdH*bE_)j;x>j7xaxyiWgIoKPV#%HSoRO700fS_`?+yaWMJ-1xE%TeF>K#3?xUtLh=DaQ0TN*TF|eQSIrqMM->Yg$_GJGUo9cS+p8NCMbI-4P?tN&# zb7x}{Wxeh%kICvN{n4!kEWnsrW+n=AC=GUP`+EYVrJsttIHJg8^rA~BDG>u#?W8;_IAB|M$VN&^?cC=(-kKWf`!4w z3+U^4#b`6!g^!elA=bYs4}I#+9C`hJkx+RU>IC6u@yf`DEf1`)?pjK5m8u;kbqxG!wrn%OU= zY08J40n;)5g=;vuwW(xo?wF-)8RyrvRI*Gqhf9sx%QaH=D)&{%S;M_XoEVWmxcbTa zjN5Cvqif0z^ohUP;fHF2nWOXJ9H>XH{S<2FMkkSUf6E?*1;XE2)Dm zR(J?%XKx`WJRe;87)D=PP>6T}i|ljn9#K=tOz%zo0T1e%U;7km5~;c)QT)mHRRraZ zT^5Gj1yZUh`Z_|{9pAAeygqb~O4Caq-%RPqfDtv?zKx}&e)yIN#FGPjhtqis+qpz} z`nMADxern})?4O48>BW+5x1^vr3{19cLlYl;MZrzj#VU*_CsNc`YwaqL^=u(^OY+n zPmDV%`YMtpq`Zh&OGM#zvIlhS4PndIuIR4ESe?usd4TXv``I^wmuD_UC__roAK@Ca zFbx$@xW+7iOpWju!T>28~tHd0gfi0{y9ecLxE z5AHRJ)j+GZ#E9Vv9u(Z984zRMZ3OE841mu^ftm8aN|`lm(8f#aD-t|7CF*$}lm{if z0uIOhV-?9EQ%*l5U!EO~*@BdtIiq{BGS_p2hh0AABHREM0r_eS*R5%X!9%Ui5NkM# z-19eP$|K(&P!?sw?#+!Qk=Yg@@NUYM102enkt#v^b1(_0ionL$5wW5WfodOh(Pm!> z^aue-1dBY4WfV{r&yfc@(v@Ir7{w+)r{r3RcJYEBdCrB!j4l1!Vj^<`H8JhQ!sFme1i3M-A<#wL4D` zLHLN1OAZ^D1riPAwbVGLRcL+DIhxBZ(MUO;Ay6U0q{oSE&tBHO<52-&tf7x#IH+{? zh1qPMSb9_~7x>sE0}!rfI!Aa#W_HHXW#2Acds(V|syDHlG7kz?mLV#Z)UV)5IR-Ll z@Y+e(#D2v#&Hi=n5tFFH8GhKV%hJIT>(DjOToO@4mg5M3)D!WvQ84a)z+=FiT-9zk zr^r!ys4t&(<-m%Kdhs!?b=VyTiCF4c?OBR&GUM?%W67My4SrdBwJUrP;FPYY;Prnzae z5>64-nqo)dqO;4fgXUfDtLx*jLV28G=~y7STp|SZHUeFhlPva-omzU><&C#fR-v(b zNh#3S2{p-QI_zR$DrsNPQIKbeUvRgBgrhQuamH(1hl^)YpRel8&hlxd;Y{&T;P7dQ z5jn!GlYZU%a0PLs78ix%m>j!jvKyd=!K|7q1m<9o`ibokH9QC=dpBLDI?vIyOX+%m zI^JV{%l*?FO~YLavgg5>#1mqa$Z!?TnID*A_rf-|1rG<>Z73lkZ@6XAhlT71fm^|A zqJ6m`<^XCr5NFiR`oUAtoKK zmhxu{uoPTUumh8b{jFSEqx)*2p8S&BS8RO60-AaI99vAtYSmZTVlottASTu|Se*E; zU${_0YkH=&9!th9#eFq%(8mwT#!P4Uv|HJ7;7BD*X6{wOM{$Sc5IB3wLDzLajqf-&0Db1mJUiu)hYL~*eIa`}~(3~WDC5M)=oTHV*=%tiDF&^T1 z8I;9-m$RpMuS!W<*p-yfw{Sy@p{fE8A$G$63YP91MKmJuuhm*3i-%KaXR1=`IenW6 z+sC33@~-fS|;V0Ge3H&)!$^&KKQ0xrI2x4 zGdYPz(<$wYn#vvp@6!liI=CNz8Jo9lBvCc0$(tF?OD;TELfobTjQ* z8&orI`&hf?crX+)dT@r)iM#uV{DPiZ2fY9C@e$v*pey3di&?M5v&9H7i9lT`KeDbs z@xJL>L9SNqOobpU9{EyIlPo5qY>Q_G_uVU(5+sOAi;r;oPlmaF6+IRXF3nP=h5bZPR%*d+hLbu1%@H6S zTSg@^W{bNZCP^=d1{RhtbZX&G5E2`Op-q{pAt6nl?|jE}N1HOTCs0j{5-GM4glMIO z2)n{deef zInRd6$MJ6#ykLdaWyYV_$9GWvCh{vDf(GK&6NcLY|>& zvMaoN$_+gjchqo^;B2ZwR0^LOFuSzEl&~~t#}`A?Fe){Qqe%(XQ5x*`poIslaI@H1 z_9MB0vJSCgMEZ^fg!-zL#UjJ>g%OmEM_6k;0zsEfZiUA9Xmov(G} znNOd}LFkSn>?S_VqWBLDJg?R5Q+B58VkbXNRLc@=$dSNE+DU<}mCiQ9kdYo_Bz9Eq zNYo;+x-4MaH=6RUX6o25P!SuhE@-Q1sB#!s*vhGc#CdeVXJF2d!He#@B^X1W3#sRi zIsS+f=XIloYstK8tD`t5()S){SG;AaWH1VOE1^E1F~I zwrf}eMXpP5nIa)ysds0DbyUt_tt$WK3Hy^4J2Z0+Y!eBBua*M3!#6CX6kwRA2GT}a zyuvjCn8Mh*v$06zeIpa~#ReR_Rap4eXFXBD$?Tg_cBr-I}e30czD;+2t|V;Q#1Dy{0tYeN^dXoOXWW!f^serl`?Wv^1bs}I59mx1d>IW#3|59;6g-& zzPMK{DWLv78e{>pjaB zBK$PZ;y#FQJI-hTK8OlH_XNuO=(60*xyE}h{N0t%MCnSG^FgUHQnio7h-z&e!M ziaq)qpeymhXK<>?G1MUpF9%jS@}kLq3mbMsuf9sXv^mH3_+jRd6!fwp1^GIifa7T=`!2OI)nZ>ItdR zYh;3>H9&PCF~u;NjfQqg9F-Ao$dIH`{P?KIEma`xU7OtESjat8XukqI6c2G0^<;~k z@J`l2qLJCl_~!V;ecp`c9)^TlJrp%|)y|V<9cMCTFP-7uUwF3|B3@bsIR8pkv1FsK zQ_B#pRPgI~J)m3h3B*rkD6?DbSX9;YC=!UbAPo1Mgb)6Zh-l;tVW6;K{KVd6eRJAB z8I@+%uPDN+-4IEHlZ=EBm*wIp1TGIrmM0#~$Unnj0=6@aCz~ntT#zxg}Yup#}NlbspL6)&K6&WNM;v_%|YTtfn6O^V%_>I zHHW8OoRhv(qR)I7FX%vJmT0~@){GW=85xK}j2#mvZ!`PLI?&+Z2XIGCk5Come4v6r z*fPe--sX}$z`0-gL142IWR8WPMGJhOg|L?wDj{mx48algN5ufeXaqFuw7AYc0&XsW zlF)4~h^F#=#B6}Ux0hWT7JvYl!LWTK{M%6rJH#Jyuyoy$)u3Sfm<|aNuET>rvI#bn zLF_boTBw`rE_7lllon8*GZ_M)9!3M7RfH)_fJ;_RW7LJ%@DMcI9HPaq^A<9)N+#et zaag<;oKi*=gxdV@g-6^}DwVL)6<3%url;i%CL7*8RTko`Tw#cj;35vFK7&S{CxzH| zJFD<`xl1**Gyq|0+TYG91Z2cSBp4f$b(s4?%x8n2}t4fR_ zV!*%ZrAWUJ9F=uD=JA^&ssjQy<&7A&&=sAraA7`T7)MgrTIY@#|1zBozLqU%8Z-vM zSx`3CQ#nsCG)OVdgKiDsJFF2b?UF?jOrxtgC}}7`v}q4M)ar!lE;UZ4;-^fo%+aQ7 z{@I+ADIqW{Tswe<>TSDpm3sX8H8WiztF@>F*jAP=bH^FO&OjWa8A?h!2!3=lj0k^$ zj`2i)*oC=Ym*B&jILj5*A&;FN4z64|$UWxSI5Rgom)SA|l-xC(f(;c__;MA*tnX6D zJ*2KX)wWo7DUo%g#Q$!!OFK8AR_)H&xl3T%#c>sKozsifrBWRTQHXxAcNnR1U7t&* z`*3?%sA46Pv?M<#7#vAbdPil{0UgC?ReNHKODG)y8<9kRG52gcZ6q|_KbkiLc68HD zxU-;?y73mIYJZ}_g(l_apmO5Sswy>H1gk_qwfIX5IG6H|^VYzqHM>KlpX4s^yy;+Z z2~*W7&DUH@k^wZM!=5YyzJOYVYQn-7FZ`;(8a&SWNTBJ&_JPUsFb!r22mcR}eWBxlnJa|r6nP+ICW9n!AL&}c}%GAlHX0!AMc$jdXx zDX4Ek<4${tp|}nNU8gE)InY?b!RAV?Ai#XXNfTlYFFQ;U`pKA3GqE2R&YBgC04&E4 zE$ckZJlo;qg{IAU571G9y4+xiO|TS8U0(jivaH+2S&~n@Z2`#hz?lxzIGr$2xKHLK zbf2%BlcBEo^;FqTG0mQ}>6<4;}#0j3{<$&sHQ^MEc$I!E{^dL(_q&uS$NZ^JVJ{2?!C40pZc5_F$-A zmpwX9W#1@-$Bu5pu8_1@WxN=`Y><{6^{sayB1?=7awwb6imFh_GO}D^Vipe)NGb#A z@_r#QO9EN(lg@H2mK{juhdXz(J!Rh+3?Y00ZwfoPcBXo~Ez~!pt(M<5%G-;|bq$yb z*Yq{h5VQ%tYXKv@U7@BbKM?Ah9J^*233dT0CD0^)t*}GuacmVBprO@lo0drE2>DIkWCI$|v7MvaY?8chF8Zn`{)9rP(^xar z4#eoGfL;5sp6{el6Y6=d`pkLu2F|84`y_&`R4`_nb)ao1Bw%rgp;&zfS z5%o^veq@iYT1#YzL3Y%j8QOQrkhXiBM5?vB*>+);SOfNlN{R|Dns{l60EsIEXM-xr z%Ov%=4w3SE?WzKmZCT#DJ&n>i zQ>EJ2obC|7G~za|fVK$8(|l?8_N(0vVvf!{M|Ak}@o+h9a!{;L_ij`G8Drw3y?K!g z@=_HN!|Mnz=XMH&7t2jPDy~ck{m;ymVIX*ho)ifKW0pfF&ysQAtLd|uoVNX_Sq*b9 z=RCTaCF6@`Pe)2sVSTVG7z&xWM{S3!eq)2G-EipC(q5i5=Lp( z55ZL2)_?*#PozD?8la~y$1Gg)4B-+baw9Q z*=rYPxVI-9tSkwLHDce0&$c;B7=B_qm>a*IE^C#8RRy90KIhNA1d>i*ccv-aP#H_x zM8^t)_Zie^rQ{imyu+;$!@x3gwqmWzU<`XGG*Wp-?PTF7R0UDYeVd^|BTX;x)PyG)@Z1E<@|aq*MYLq%(?sH>;gU1<12aH znc)#O??4lii6~~)vufysLbmXwvO$vrtmE9XpiL}}2k7idi9~|YE-RD}mGDYLxVb@~ z-z+IEOYP|@K(Ne9-GXH)bVFO=c0ZgLJA}^#V|=sel}x^wGe`v)yWb!eXvg{*PV4e1 zJ+`IwA;I}3`@O?8(sf+43o8{d-kFuusRL-AOpV$xq=Lp&s70L-62{W0@4*OYj*-pV|U*r|8s% zRnNOydYV5SE=TA74L7sZWiDBC=aeq;m{+`&&O*l4@@JjdNmuGv&`zKjJI&?G^3n_+ zgDm&v@=O6g!CjL>SidqnIY1Db<@>EVB~iXdff4!Y4f}R+o?+PiltINTxwBl{io1kU zwH6bUz2h)d)JvX4LqnyOlA#TZEVBuNz?f@}>nvC7xgW640CQJAo!6E@=xz2E6crAa zhUtmK6x^7KcC>8*k8qP1^H7|07h$>F83j(7lttdtxH$5n#=9Z?bCC=-fef9H&rzM z&fxS5t-(lu)xI3F+1t#$W_!@;U1|-Q%W8Y+W-C2$&0gzjtKZ$|Ew#K-kXKE(4u;NmduLago!cQ#NV?j(-R=*1 zn>lE%bGLgZWDDaxOXt1r(0zY7*Y2-(`_-%txzg({wfg-}Z?rZ7_+0Dr*^3u^Npw^8 zIeVMyv^xFFEUURvn>9`8v2#=u$%&&n`()AwXkX}Vbm%9UZ?AnBi(!BIS z`*x?f8hX63%1Bnjn@V~5)s675*xQ`#Kxm%qNb+edTMWp#(CjR)wtD?gadnEAhjKn= zmV~6;vYqXAmNt4lXg1Hc&>DDw(D}}?rqYwbq|Uw?6Euv)_Uh{F+WKJA^E~%lIkx9- z-?*Wdh1Kpo1OE2MKYrtx=a-8I=LuN?X;{JMZ{7&0&|aFyl>DKkLARG)ueR2^y+M2z z+ql&1G;hb%G`C!=l}o4&X|hu9w(6<<)>?CY1v0(RT@_=g!_~%F$7US_31tmG_x$RO z8*QgQU&Hi9S$gH0>SB&>0}!JNk6K)$tU{aoD31t@$MfyZ^87|GyuHvGq?b!f zcxIJ*q1WA5ryyAabBifU-Od2Sw0ae&UfP4R-LcmGiys+Vx(yb303)>-)=evM(SU#X&9eeLGGnC~q1nw>uUv@0^tWK)rYz(EBT=w*1?3Itg; z$hC5v+Dy%N=F?IsE+K?p%@fpj(R&yejnapec9=%1AuQ4`oe2Zg^qJ-5;%C(@M4+x` zENxOxYq@ByN*&phIBO!nNm+;D_?hdcq1u$!(h@BQAn71_;?n@S02Ib2;V!*LzbK70*pPq|SP{e>xY~PX&!}IC+PFbl& zfanpO_R2&jy7CoSh#V?km%^?oe5C9vYa0TSL{jsbbIYXU<|+awy{c{+B;SU0W#dFU-f8$2f--=tL)wtqCP*=j|>pZgt9j!aWA(hoQ=1rysb!)j;cJ;~g&aO7s z(I?gOr1iPRKJ z#Vy^rjFe%HUut((#RHl3^G$RqiN$j;FR^vRgY?W+Z@yDWKHKgsZLBtX`Shg4S(cvf zm?Bv&DVoSj?EqG|kX32SiA-QuGjdOYC7Tru)9sTw9^VkNP^+dze zdDIgGX@cEt!+YsUb9woO6f+)st+npmR(w+n7n=P5(_4x5^UaM_6<`^6@6FwcuimHl zb}MA6;v@(ko5oAj(ngTvOR3M4iYidUXrMaE!23zp0-Wo|!KC!ip|FN+)h1x5%$Iu& z*6#0KM(ZOq1xqTIrfD&ukKpM{tJMjrCv3Xcy4yBEZUiFQ3wDMcXFHVL2t`%vggw13kuUh=py@0sqa)E5+646EfLPAmGUnOe&QRbOo_b#HeJt}!R^ zH*@Qj6;{b4^z&4ocUD20np*c>*x=XGt~C3yZAWm+3$4|d>A}!Yg{DW-l9d~g6f&0+ zmgOFmHq+S*CCaMj`sJe!fjpIzk_84jwI*I@4bHWe;AgGn^KFgnIkyd-zjNcp88{_e zGNdQG4#Vv=uHtpwMSv7=#VUe=m6Jr*z>5x#6+I$Zgd92a3n@)MC_KOb+3kiT{4E= z?E;lcW4Qew=Y|2-@FVwDH$i(`B~{5dRHC_huesTO#n|@RMt|T>E}b3aSzTepnK8D~ zhS7fxyZx*^VNvdu9fRJoEZJYEY;Cq9y`4Wuas5cvyokG~z_Z;Fo3QZ2Uu0j9?E;SYn&PD zc&TNT1!Yedkp+N<0YJ|kOVz}M)i$7ht9MtwrTaY8GuKfgyqs&98e6^#pYH8lZQZpT zX^qE}tF61O9tul*NBUlAcS5m1w#D^U6O$~y-K)IiHblw;e(BIsu-2DdL>6xTXhByJ zF19(azIN;C_N0bccG$CShNfo~%5>~gli7t) z<2nQ|m}i1}?d6s{q43d_vnU)+%otMkf;WAsb)99=z1RQvC4sME9}Mt#Ep6JXkR?6E zP-zbciOr?emOab2X%9ZVfstDZP1>(2pzX`Pc1z}KFdU=(YRYolnliYyW>9L>Jc6lw z&gm{NFwY~t5bImo%&Mp*u7Har)oK`?U$^HqC3N)X=5=|o7B+4UdaYJ*FMkO;UTkV0 z!dvWot*zsQ?JfBF?4Nd9xd@^PW?&+#xT=k#qKT;yc8bh+V03I{tQc%zsR;p)X|Z{y zRa|i=R{?(uPiJrdbi%Wl89|!iHCtu5Km{9XTJQz#`-q>?yektv7uZ5EH`|ea%1XT0 zVq>O!n{zLTLFR08B1-_vjCSn-rw%ftji0&YrDq}NEsDWzI^RJtjc zsyYELcg?ik9a7CcbNe>J09nC2wARIHQdP`IYr3Wr|fv23!doTsV zj4ul9auo~sR?yD$7^q5mdPq6D%JyJ*HuK3dvbK~-j3)rkiHHzteL%6c;4)$df@VXa z8di&05(uy@OvoT)Qih;T#-tT*7$29MRFHhJxPeE6ZC*BxZmw=Fwgz!s7%gweg+>RYo1V!<+Y)ROPG=;@aFTIwUPS2>0Y;eWo< zDn5s%q+i!x=ygC^>z+NsUnC3*Ux?@m12*nZe@N1OyN!d4KNtkKDL{j*!YR zUSGmSmynz@5T7f2z=f|J$gAK0kA4gjW|kw9Eae5Kzk&@KfMuqDN_)>xYwrQI_B_{* z3@NO}p2UuPde>LbmJK;k>on(-w$C9oR#oXXkgp}UaVlxa|B{k50K9N6L0sU5UCxvT ztS#M1ujk?XC^Bm)CCbG?O6o^9Fut<0?3%L~u&P}-_@g21EPg{h8!p0gl+qDqeZzCw zYd1TCJTYqXq1@T#y46LeKy#3W*ZPn~|H{Tql*Hihmah{ZkFVsI)*2BVQD_cgh5@^X z7FGeF21XJSsK3XgIMf`|MG%6Sq&V#|0@t|4ZJyT@FIVuy+m3Web zkF3Ak))yT`RyyCg(#83OWD5!*+9HfO))9Yqt!uXo35h>NYtj8ztJHMVTH1q0wOi)V zy()9tYF^5)Q$lK}O!bsG%!$3!?Bihz=+_d{;4uu#w4nI5=5E1}dfj!%l8ItgUG;!f z)!dA1rSF>6y}-M`S-kQ*;zQUyLsZ)aqjMUkvz3;f5=(SIa%0&tbOqb9!z-_K?sSMv zh!p7Q=UO*6ra@og+LLFO+w4r#5@Si$h@_GkE7BXpabb_~DY%V289%TBxzY-- zVxB;s3^A_C_ZPdNhh=ti*ZUh>c!ov?5^tXJ-1E-{ZeR48?S3omT*rBZQ-y_X{7e=~ zU?xlDo=c2PSYCjm-PyERG;t$4wl@7P@l&>Y3LYwMN?Em?0plHP|7j1WczI?p=(TUM zsa@&~7}yqdmLRkEm9(jxQlgS=p=Dq#17#Lc%3tP_g_Dx6b+CqTwrEDHkT~I&yB#U4Hy0fb`(S&=JFz(b)%BQ+f{$EQZZ_-L{;ov zNqH%AjU*EQlo2l|u9?!Jl47b_o-DDNX$T24hXvb&=0`*4Z}z(iu1NXMby38+ELM4k zS=Hqb7EMn$FHPuPw|6H2pgvX=YBy12Wo`=!Q1oC*qE;o$-3kv0;;z4;WK#{Qbs(ae z+7+s%&UI2<5z`mi5MY*Gb_n$(Pc|25Xu1lTeH9(EFLRyGb=UV-xUfV65vTK!jOJ#yj$uXRg@$|?* z7;Ii8#-N|l%^;Xf+I9vyzuLT=y@ra(ZOz?evS6@565FwvL*kvxJGkN{{r&9#|c zueq7h=K7LZ^PSZ!E%j_|z1hhC!SGYx80O9PDwCX7#jfj2XE_*}lE(4z%qF}v?IzkL zZcwE!wU_-h_#pfRnISteKonkdodxNy1JfK83+C@cB``xCI*?QV+)grHB)0>|I|DU( zF=@2s@ab68q$kqnu(532_l@OZ(QFM9)czz**`HeOk$~I#I~}*JKYzPP1h78^#nWFT zJtI|n3f_>jE3KtF{-&;Fdslc|%Y7{CgiWM2**v=>y6w58(hSUB7!Y0ZXKZD-K>Jqk z?O;fI`dx+RTE$Yc&}f4x5MP$!!(tE6P4xCV#D27U1RZLl-Ab}csl9SMzahX`yYGE` zdg9767RreUpg9dM8Y6`qVm(lZpp2^mVJt_oSG>R;b+NDpOLU8Y>M($mc&Yg+;e?8L z!<(suxiXr#h+gEl=Pi5Ivn&&-c8kufZ}L-G5qR_A7d8@kk{4R5w+cCt?SZ(p=IsKM zia$iF;#|9VyVHgCminjV7suv|An&LW-YIaa+?%I;?*(J08~NuNAi@}qq0BLGj)S*3=I7$^5WBUPL!fr`seeIY;l?k2^iF{54o86&I6jg?qeI_4 z9C5qby6Rpy%P+$>ZsX#c6c=YENxymwp(Wu+{raw^M2=P$$Q z;zjvBPFY|n+r%joMJ)3@+pa0oyiS78*rfnmrfbu0zK3fdB?Yo6vn;{dw4YZz_Y5Os zd1!$fm(zBL*@-R-JPnOe+bPP_pXs&EY$~qSLAF}i5|NcfeQ;5;DowEX*&ToE-)UD^ zit2JmueP!7sjE~b6d^olUGYk`>w4{Kw|8A-i>6#&_M~ic{hIMrLRf;kfm{#CbBZb0 z`y9h7Ew@nKA=a9Q^OYr;$4+Vf$x=!I>}8(0zVVv!oqnYR$kD`F38ls%pPb9BG7A9% z@GEeHMoN^HlvN|{1yP!Z z&c<#DzV6&xR*FMG+y&xoupmev9a1v4o3&>uG+L6UEX9ppYc&K_ z+OyNF(ABPln_49!Vs|WkM8x=+O?1v&Kv=XuWc`KtB&|Wyy6i~`l|4X_F7xI)nfx_S z7zPw%uWj^Mq+@e6RA4RE+&V~GgZlaiaYaQ?K~Z#U3VLOhNNpk7p?E-OLr~h?;YF9~ zMd!jk=?KsZY}>;PftZ40;U5r9y@t}4RtNN<*Kl6LdLD&KUTHs7=&@4y99k)9?qN>L z@yFFI`V1axgIPcAX&_MKa?RBOTa)15OL&l1c=O2qqKg$LmzgYwU_{ta0VQ?UIqjpP zBb+X3cIJDtpWh(W7FTd{UTofMt%~DEAEzf^;*so&q!@9IasKA#h`iPoIQ@vn9I;kA zC~lq_ryWrQ8zNg7J>{$>CMz(x%wt2p*t$!0?G&J>_^G+V{0FP6+I!~k84vfuFJB#; zxia^WUpl=^;)}Caxw#;`yps}aC4>rDv|(}CV{lmnul%{&YaqgqxY**n49K*kWu>cl zMlk8XkL%(x77IyXIVv9%BC-f;{y%b-YW3v-)A;;mq7m(RYTg&FOjfel+@F4{}o4uaIeRemMd zMOO9vLjD$?qr)Zhxs{&hQLeTU7%Pb8E?R$-!Di`)V?V{N2ZD+i;|al;vWS#2Z4?#3 zJXys`S1N=*H}7`QEArSX>4O2d%Q8pUwU@nkK*(u+VGZXM+U5YQ4_n#le^jM=zBiap zzo9VpxB_7JaVS)^z{kQSbS0mpd?jI^BNy>hloMHQD_8O^Wz-UbAhPKx7SOAMaLxpB zsRe{}&k)5@(_7d10qG)l7i(e=BuH9S5=JhFN)8ptdu_B?$&n9Z7z)fypphzLnFbn_>&jdhA(Yr124ZuABTbQtW}kR5V7?nR(V-c-I0=;;upoY z<6f;?Q|Tp0%@lupmi)QV$$>$#qUYJ6Dl5?vuOwJlhg?f#78q&vwv+(NoWS#uMhkZd1xqK+Gy$6H z$p1>!rXCn>^!U!XYlm=kJV$hFd_d8W!rRVUbA2@y2a()n zGdgNYwuPC%cr5r3O{F*A8&r6K%ew># z_I8Pm1c6H}pvINBTxxEx&y(KeL&8K)3Du=$?!^QwPrur6>y$1w>qh}J)wXdh5>Vqy ze!^Dik@*Gh7a80QE7~Ngr>_$3XOd_`m9>b2@~RU>eq~1?rN6=L5W9#W!AosD(H{Bs0DN;oeH@L!LT=;gK5(|Bb*AK&dcgu}A8jSreqJ-kQ!@sSjB z5IfFjHXiS4AI9CbFQLKtY@FF33OOcgK1U>%o{B2WDJNF&-1CDQH*SX7`bb79&1IKM zMWt%)c{4@RZ|Cqdjz}nwh0_5Z(Nc5=1lVDyYCEW$Zq$G|T^dAe1VB^>&e7xOhQn5p zLGPI+;pF6Db}`fA+v25er+tUyUhG16H^-}tHDGcs$&h4G>28YFv`kcDboB~kDGJ&kB}n5lNEzTLt2^B35WQSs z26bA>-Ci`aB$4PRs6tw#$}*F%;X*Xz=*8lK;I0eC-F)w&ygJ38w>fhgbebSGTm}Wl z*i3w0L3qdKv>6psn41u_E;2}Q=u|H!SIids8s8yjkExFd`0L|iwaVeta)C$C$iQ?u z5YpALm~~i?MhNUNK2``iCcePFhWtj<8=W>aPj`R@TTnzBZuifpHrxJ)c ziu^cfuI1fgr?bNg&y|Zms=Fy$+=su?Z1z@n~U}DRWok#`={3 zMLGlh^jf#f509DA;yBLDzI^|x9fd+6SQ6%_)pl=3$PlR{g+Ca#3vu6BRD?0U5y?v) zA)eLH|5!;@oPDl3bZX7IOV)DG$qM{})5d=gisi#VHuOuwrtGp%x zJF~Rv)MT#uTbys~$0Z$&|56J@6Vd6$p$t~EyS^J(!Yn_0Rn{NWkp4S{iJbP;)IS|H zmwr%{AR0OO`$f2Y#Lk%L-W}G4pCa~@UiHSO zR%_{y=Q%UdYw3Put#5wxFjoi=wp+udO*|@Xn$C#iG*3U>wUU=xlJ`#Ab{04GYpD&g ze%4xVBl#a(GqNV^{P+^BG^^rgQ5Lv>O}%heWci9!86n<|Z5q2DL)qom3penj#IT*5 z5{wktaJoiJ9R32zDLS6xvwDmkn;Zk~i8>0$4zpm-B1TdAo4B7U@;8koXF;C23N!Mj+**(2bx_Km zZz-5G7}@<|(d-2r4gI32KjpsiP1VB1Xze~%m45Wb4V^WO93tb9m9M*1(Jn3^6jqb^j92JL+?^(n|0B$b)dvby zq%F2C7z$OhGlC<_J66SjXMiww2M!E_`CuYb=ohx_9Op-Uw@v0gv5j_z7uynjLJ65G ze#<#oWLvP0)l>=*ZDnd5%Q_!*VTHrZjd5-Lfmd62&QiPwI@ygZPM6{8^o~&)qX{Y( z&Vd}NL!bFOx%1a`+>=@GPQhJP1!u=LnBY1c=sOq{| zv69X@8o+L7OsLFFFigni7ZIx;S%2J*6X!l&(wxt}o3he;TjdpzLD8V2umd5n^cyX9 zT`-ns`xF)fibHIR-x)}hwO!pT1wpqHo8(?zM#BUV^p7I(J~{X1XTsHe;pi5G+P0V4 z!~_g{DjvAlU59yxEShyGf)Bh9$J9mS(ekVxh9Ifq2Aq zE#TwRszQWV!aTh^Xi&ngR?nqJ>o&kv!f)4NlyEDGhbjz>{_$YPF0gEf{lJ`Aig6$!L?cEsbxk&q zpiUDA$`jG9;a!@6O^Po0Bm!lCVwjsfTIV|1Qh}Jr$syj2P^D8g_6k>=D9|Ciqu0}` z@G?MwBRdO3KO-DF(M5o5ei~;TnO0l321#iv?6^+|8-t34J0Uzf@2(ge4jpk`8W7JM zbnxdnE|7$Gpa{w>MX&^a7@zH@8Ir=GC1KEX-uYfkF$Y3=Ww%HBH&!S-&KY@y7ir_+ zk-EYYh@iFb((?+m|7FL*3-|!uGwD*r===VQm&0-_=1{p_^?2{#5%Hz$fNGMO=Sb&> zqV5yXiKYmI#?QOPmx6L)t_Wbg>?vm{!7R&L0SkrhJ zO57$CZcS0(M9H!5eWP4XQxeW*S+3JXR`59{Xuf@$fG@0Wk&kD~d$NJp! zzjWiql5anbA_!wuMSnI* zF^?h_HFZ2q29RHF9%j$Qs&+m-gV>*|WQn>GbZ9p<6{=Wup=~zgfgKlD?O9zZGV?t*3y^SQi*A!z1sSs993$_(50W?ynCCM(&EWW%}n>$aq(`v2H=ro|emaI4# z?{+#%N{TF9SbpHpyJdirqo$SlGs9jeDbvk@HeD{(U$H~1EsX$=fj6u{=W4d6YVi%H zq7qbZKs3S0{kOsNkFHFwqq9qT&`hI3=a~@}QH}P580JLaknm#@>I}dWGWHN^aF2t{ zzo#sfB_%qo3XzVzxIwjha0A^j6JR8XS{Su&Uto$E)mrB4iFSgDssIPo#(jVIAhl<& zANH|vp<$B9q;2s{1Ha+V)JjR_mOf*_7F;Pm=UByDfYt9m$KIB!&`F!x^@~F?p=)t5 zC}c0##Zv)LoP$kquV4#@x!*2jCn|AtdJGc2fj*iZ{*d!}z&&_TztmANxEPCYC0#Yl ztZv%L+zK)EbNKrFo-2smBF#(%4({cPs$9ym0U_8^(y-m7&m@~Mz z4CILMXQE*FI>iR_N1$s6FS4>j5dthClq9>2aU@JcCk&Q>cCj`Q-$;OFb13&(wk;ED zP$$(qS61n#b=L=~n?Hk_n} z$iCd=s2WK@lIPXnY$F`5iQ=8ioqVa-b$#3n9xGg81?dd8DA4X=N)UgK8BvQ`%{Akm zw&whM4fMloF7I;&_0!v7VPxs=s3MIv1x{Cav-jXa~MLqv3%e?NZwIhg=Tsl4EEQjp$u}bkn!+ zf0SY^62+2Bqhe_Q^I7k;?y{eQJVWZkb+z}-PEq$>x@|x&^&Xs-&5@WIJju!X3 z#Fr2!8)J_`s7(<*%!EGQdewX;cEEIA=aZ6~vgI?I$P(DO z4j;)Hx0PV-2j809yjtGYstfU8c=NZccfQ`@7R=ISI(w)?@hRVTsj>K#g`af^jjVsVu-ix_DrR&=ubduU(Zo1(Q_|oD0(Ke z{0=`ZI|}@1+<#?t$AcB@-n9AP9D#9MdKqGOC7)aJu5&35CE$HthARhyiMG73VPC4# z0jyBU2|h7I3%iP{BT^tPL{FDGUQ1cwDxwZOhB`T?*yQmnVuwrR2@~c6H@10#aEn!P zquXVCNL)utnk}}VU%PD>RTZfc+~}6FhK+T~_#sH&bTOO+64WV(_}J-|Cw*g*_bR@{ zvz$2%d$fPdfzC&8ZFa>)1OzV*xXC3_gys?{rVZc>@!4WA*)mYo74cVwUVn#fo+2Ht$c8pNm(EQ&hD=r}~uW^W3zmpC)~wSS)7vZ??EmT;=af zajtl!s6#FQxd`M&F;A`=#dY${QEINZT)a>`MLnP7|JB+aT&6h8_f_ddo6&SY+Fkmz z%8E^c}=c2Hdr^uoATR;e&Cl|+isY9u^Nspa5W%aCEt^pk{-rHnq*U2p^^AbYWhneOzQj0^U z>CJ6_e*Cc4fU`nruO_N3VQp$J)6{8bwHFwdi! z|5fNi|Nk&Vs*X7UcNv~K{Ss+x=2MpQ;-qZQ0nPI1K;Yc@L#IUIKKG}gpq{nF6*J`1 zGE$AJ#lN9$byx`LP)3jsGbKvpc}T&Q}MC!v|RbD*cmDP$Li zMGfkoA!h6U{%>=@jzpp427}oINxw9DxQ(lZ8m?R?pAY%}`fqc{qMGG*HQXloEEc=1vG`(>8(`J(vXHK;)-R8FDhCX~X>%l156R^`v|-!uHbIDVaS;w`PA zHqO$*CyI~Qf5p)zv?!LLoIT3T(`Mv%eb(10(qb>QPJG=JTmM_+2B#^UNOibbG4mu{ zA`5<&ihrB`pDNx*rIE?KKqm&Q`b|0^vG5dSXN`Ahnf8q#I!w#>NzfGKQ$&gek^0ap z2mh29=03@(Vq(=%elm(E^-jxDj5!XynEmP4bL_`Flk~Yz6D@95(JKzyXUrYrt*aw( zpoJe1eu0`+nfxcqlozR?L(1uFloEs0b|f7B*M!zZkg{p=#W_l>{>fS~RkTjtR&keR zBqoT0q~xcK4>>OqMTqn1P5Jw9Hz^iZcvr_7KFablvQWNG*TTdYc)id*0=~m zJIW=-7<=ZmJuB7Yr=-}ZP}C^)cA5@fjWdi?$kZs~WG?VLfGVq0cN#6!sZ;A#D{>8d zsa!oL)Bfq*%0>T;8%DPgJ`4MCmtjbB1R#` zFhF}-0T%gI@ko#K+mz5k7bgzJ+6gzt#PPKJoz)bNNXCk*)+~&}QjKLja7LymuHT|Q zJxQ1Kv7G^ykJ4GnzbgI}EJMu88Jk;UYI#(CHw&f3_Ui3FURT$XK3puU&<`AgK_8F! zTeFdzh7Ans-|Ed8y7685_F>dQX)T}NsWcQ0%YNDA`M5nc+ucf)nH}#tf`k(hgw&WR7q%le_ zR2!nQ;)EMj8bg+PAle|sA*}$lgk^C++JNZ2c-+^8Q?6sE#L7`&ZY^P{q4h4oqxM8u z#c`)6jZJ;FRr1Jinqlmya3ygNa6X|`cZ+^kaW5T3qmd3G!%uaJEBK7$Sd1!SaU#cG zN=>tp&DC+I2I(lORpTyB__(w}ldV@get}Ur&qy?|i5UA}F}Cl6=nZ3!R7Z4~{N^$_ z5Gk=Z5b01eK7f*i0nulAD~?8d1-v{K--S`xre!}5Igj#rOa26LIpH!2+Tx^2-X&GM z?;QWBRjD=_N3rh|V<`5(M_>FcEPyWrMdUQUQXzheb@&Cih5QbQVx?U232x@XaU_+) z-Ao^4y}wMYUyvqs;1n*P=Yfr#@OoUyiFFqz*RYCq9iKtP&Ag|V_!SR!$|@$hrdAin z#q~5MKDbK`!}w#nmSPodKxHa}+JDI19Y&}3emdp;*TJWH5-l*%oH(@8lQ1i;e;PkR zbe84PASyE8=unzDQF&71N~(F}9(Zd__Mw0gu}jK)7KesHg56V!95 z$HC>e^?&BBt~8;iOnB{v{__l0O-2hd4POZ27V0n^QDpm&WY8p6;JW z?tpNN6;IVuPFZO|-6n}8i{P+0kI;6<1rCeHHC8SzGeQ*0ONL|dUWa{%mNid;o(hVW znA%ubpF1$jiSblblZ`|yH)$?T#8e}B@@zt=ZqJkcn6On(KUKV+5~CobqXZ0>DBhRa znqjod!@X%-0?TRa)YMpHF;r4eC>`e-iG)xxeBHw?Dv1u};)IxTm7$8AM2yhF;rMJL zLdg4aE%r#rEsYw-fjExhsz4PpeePdruh+-NK=R%KjEIrh=*z6M9p zW9)TY(as)DnOMQ8wfX;NdtzxV#wD*)wCqX@eK55wrD>kgj_Q9g|I-PUh#k>cG9NO5 z@wm@<63-I2&*C7&-kVsrgc2;~eB7L^#b=g*1~=x|q$QQtUKhIZjwFjX3%_ z<5+7&@!!9@(K+SCQm2b|%e~$a8}CwV*W0feQtpjR*nSsc`;lCoPc&Mbl=|voaG58q z*bLg}!{g*hifP6BM9jqt^_ z-A1N4xkg`1bp$^$O*WBwGE!I-hi>r{l+jQBbX!e})bBGM9jBs3sd_$EMlwG`YreOp z)g0GI)M*~%hLFT1R?}uvm^P*G*Ur+{4*wUd>Pd15T}_KL8hKK&aL&q0(Q{L?KeQon z6_}eV(&QqZl3yv->Sfol47qajhToDF5JPrp0P*8J3sF@HYYVIO^ z5ClU?bR!A-HlOd4fvauim-tOv({fw|J@bRZIh-=Ir!PG)CR4GO;8cf;f*(sOe&ssloECoICMLHg6wUYv+b zLBd!FF_qv$@_vdH<$eg6EzXw28j`77Tu*{mqY01@V%gA9M}V_l5neG&ij%%Nzru1ytN|L)zbNN4oBRr4=skbWpf^CAP4fZ46x;&?Qq#CII! zDJ?46EFRl0lv<)GjT1%s2;(q=KCbD^r*BY}Ee@qgF1CL6-5_!I%Kin>_mSia^z|#$ zU53sy^G;oL{#2Y05^o}peT8)?fy~4`9@+3H_$ba;Z2d2}dL)xn!ID*zQ-K{K-ZgNm zP>kpX)!Q|8tD+(6?o@?-%H@~!LU7gt2)35 zA6D^+G*BrO5Wm%v zP^}t$(lvcbi4EtHL*yfQu1OUUH6aI0uimsCB@Lv3N@0N=Z2dnHx?1xZX=1VqHV+as zr;Rc;O9x!Um8dM`f6^M9qr1YWI}hW`OB~4^As4*{Cd6nyBmCER7998GeoK@KV8247sVbnEcc!o8=Kt6pT-G29@&3teC$Z$eR>|Z~r zPE2k6;aKAr!tc}J_nFBPQ`--XHMYLIpVCuXf2p6w)_45v`?NN`pBx)wNA{j7j;r-) zy|>1WuzzZRw7=PMz7>vffAd5N9hp^tBqu=BelsDa}JZ!}Q;jvcY=CmP#78b4kfx7Ura z^7WYY<3!{B${sEvWNcdVHBHWCm-*s<6B|o#sS)d zZ2bgG>@CK|rXQZzN71sT#?~85G6MlAM<@0I8ZTk{4q8`=J!ACrFvSgiYT>r8rA zk0MOn*!eyE-TuOfQ~MmkV5T*Qoi|9`$Dp@AW5fF4#4}?c@ri=Qlm^XgePdrSHhFB4 zTpErIlG)X`{+W~?gE)v-(=oMka?;QUNsrS>@IblAz55&6W7fv%Boo}A;?Ev{6YCM` zP(!QxC&s6?S0*QlJu1Pfq20e^CT*PG5?$<5F|{&Hr`6{85$n;94={yO+n?v3-nZ8$ zkByB#Q9Mx`Id~BKY=1z#23tJPVB#j-_OX$#-1p^xrw`>t_tO!2GNG0!viBgx ztv}yWeKe`x!>2@N>Y-@#_{1J+_-)=m{9%3=l6s&NW^?PCDrUohyLb+knB~;(fNTd? zf!@_grgrPQjqRtzDQq?j$xj^s0gde~@~Vt}RrL?Y_fHB*p28|PO!uv|C+LNE%Jv*t zZTLP8d*3&)XL@{mLVua=V-q08`Q`XD1N!pb34W(iDtRn@@)U~+dJ?x>rdq3J(y;S2 z>zLO6@#5hA_ikUJ6WcoWIO&aqP?h2f4yOtiOs5YG8?&!}?(qR?oO4j*lOkI4F|T|Hw&ublLjOpP!$YQU?&HTi;^l2JBNHaI zvd6~{6nlljBh%9dOcb3Yl~FXd|H356U)b}v?fKh=tgj)VD{avR}! zDOfmV!DOnCsj&vi(g!72y)jWd>W%(h)0}L5Q_njG^t|&6`@v8H4IKq!2St$8b&2^I z=f`q2q=f98(0YNyj=+(nEx@`_Eg*X&Dq}guuMgRHx>fw7)%c`TNmSBe>i#Q-C3|5% zbbzYD(088Jir)IBQ=WquIm&JUee66Ya-V)QC~V=?b+*4^P)A@mJ5TYC#WA(>w69kX zy7M&EGbI#$&#Arqjc+v2*ilJ{(TYtTDk%As(zm|(-ibq#C;6T9SN>Mt_8%Nmf|lIQ zQ+g7LP?w}}wL#I;&c|SPf_^Nhf*(U$M&)dZqmioo+imc6@(74IIjstTii%H8TQyDT zFGnn2a}r{w(8=jZIOzQrkB2A3NMyM*`6m>%^sEO<+&{7Bu4=05u>`4N zCFGhxr~x^!_1Zx+mQb73f(6;w`p<&6s>j5l>TUm?b?HsvdS}t38trKHsLRW!lLmk7 z>_mfhutTX5^8YMSMY4tdd{V8F3VCe3?vK{KbD+=i^JhT5E7caBHnsgNF)=SC?Mamd z>XL11Y>R}(*59a<^QJ#zhDq{@=nqu!o{0(d=d(y=QV!6tzU2N+o8QI>8+4txoxH|8e*6Uu=RRlXZ09b0tnc-7;y1g zDciSR(*T)ne-NTxo0^!ku7TtgRX{mq`m|s$I)9d;%(Q$)L$<$DTYqjT>z1%w_g8c(@~jYTfesO)V?XJKNSD`$13PeW!(A-?2{$xIS+|` zcQ%4#<@x@$KZiUja-5pJBVH1#BkdTgzmjm;OfvdM>y4d%8>%-BQT8d)6?u%mm%Ru> zLz|T5L}_sj=%B2}(u3ba^zoxmKU|Nz$ByGUqQtxH!<$oE8dvIr-qZ(8?3;Q}Pv1PL zAz2?CZmJw5x84-XbDB_z*Mn+qQ{`2lFlz-_U0Omsgwk^pvaGAKlg611&9N3b1F7@R zrn!7jtCf1f2;9NM2zI`5%uR%UG)tqjHkwrQkQCuH8|e`#_IqG_M^5f}YC?iE5(i*) z{&kp@_g+llh%r~t6_Q-__+umH7WUj{Bnhsm82!QF;ty8QTVDAglB7KBwBV>X^Q2I} z{=tcZ{I!J?i;2RleF&kgJp3E?W!(;I*plC495iO8l(%}s_-UCOUmZ9eU%g|-owwe? z=sk4k;fV=I4DXk-V{aER?r9P!f<0919Y4~z{|AVZV~5PFSUWN~DY4!}ydc-XQxoS4 z;_?0`z!BKq!z(}Nw*GtMgAZ2Jw2TZS6YwVb>XzRNub$iT7 zBZrar=FY31nqb<)OjUnhGf@p61g<5e85GB?ayao+83tmdan4o3WRIl%_ZaaZ2zKX> zC<(W>XVns9+V&gj?bP-gQi~YW*^(J01_h9RfU#a91yby==CusXx}uilYk!<&@^|yHLv3x6w%Gcw^`H zCAG{igZ}@7JRM|t`-B`wzHS;jUuSXQz1zXc4G&YOpzs&HnOVh;dxPX_dbpr$@Q|2q zN@}x#cm5QxoJH~*N+jzYXN@PA*T|BDoBLlAD(?S@l+c}R;fWvq?Z@LIgACI6n^23S zxEw#z5c>G^G*uUSrjPM@(B!bd7;fWAnwWq=<8|4?e>O|^KQMU!&695M-vN+0i8BV1 z04K`S{SWYO@}UBx@vHwPrT;!khwp!5?9qp`2zjsy8^Z=oBHKS^F}^YVbB6cdu_>5xFFf;L@6z_oOUhs4_MR*=(aSy# zoq>3KTqNxqlNzA4C$}D6FH3s(*d93s|Cu%O#Ml$ghsPf}2=jeo+Kb8`_7l%fF=L}| znojVhNdNz3u*VsRB(R){-yrQzNIM3>r$k8Xp6xcfF9l4A{JB&6#*gvNe{UX}mh7>T$ABL$RGO5Qejk~j z-#dR!AIS+6vL)60YnE!RLJh0&%osy3>yWY^U@3^5;CT+!0pZP;$2U~xUr@+O3jyvH z*3*P_9+xAvgfZj45P^wg|FiPS5IqK&LB&RSz80h#+WrK|%FjPT|98dCf_K_jEzGI0 z^SA2VHYNvr=xg-b(rm|K=WBR_rgr`zPbWpxu=BSmr+DSx8JX{VZR-ACN=8uOH7&RM z|A&?al0v^oj2+BIIa&EPz8}aW2A_UdIeSGz{9ldo^WQtQ6|$4#Gn&$I zQ>)%19=r2jKsP^+Nm|N2pLTqTAqmw2A7kAE)eh9u&OgCX0NgK>K_rU{LvulbT;Y3? zUxN;7qwNjtkHz}&Y#>{Fws~d+MhGoat#=_A?v_HvWV{`CT37iveglA~a(xzgnhic%mMJsSea`f_*baM8vhj%k4wwW^D+zC zVNunpiV}_crzm0AZS4F3sce)Y&}M<~%1}+C7Qj%lXy{pVl)MaFHP|m>zd|lYjZ%zI z?qB4oK3$dwFWG*ddi)$YtjEt$Tn|PvtRZN`Ci02m=aOH=QVb35TcKA|_pdx6#~0-g zId6-FiX!AILqQy$JW^ogzl{@WYUlgYljDbk6y+5%QrE_(<%Fd8)*I>r<)vuo=cTReLVBbB=bVtRwjjt~LGdHAw|yxNlE1Gi~cym}kHD zxK{oBf$sqaN1KwzrvQIKlp6MjWnqb@gi^;`12GR&Nss-I%{Gs)6YPjBDBBc%sFE6ob?BZ3m!1gm6>|(309%5I}YuFh~ih{MX8kN)m3Wc?}Gmsvr zt<%QNz*&vC(`w3-hY=4ZO z#`X-nuCe{esjaU@r2Z&F%(FOPLRL2Tyo_-~t3)ZPj1KvOyc%WwTR=2F+n;onI-_0r z8Qh-yC6~b3e*J+`wtf&&#Ll+AB(^0_VPpG?Y}lX?O>O^a^GSVh6=(^K+SjcW7LU;v06N+ z#?%z6V8-d!@i>xw`x?7351~Xfw&lZySK=C#62rS$Mhd2QV^RxT3hkrE_R0wQ%e~N_ zwAZM`?m2o;9W^D^GTKnSY=6IEwf%b=&{yQ2MDL;wnM>2S%%@g_f=K`JUA@g9G-ZM0 z|H9m^N};-`?YBNWag;)gnx3m$uV|(A0J}ettTw6>|TI}1F`ID9z3j4OE{wq@a|D*8=?JUsAGi1idk_zU!%JHHQD9Wkq>R;1 zHnfx~P%~6~?+P*jMboYwPV;EHWZxOrBW68+1(ve=_xL-%p=1lpDBsK@{o3?6oagx1 zlN0p(HEnPi$4vcUs01XXch^jPe+_;smYRShRCB9$p7+GW#PqoKCdE&%!udZhTBCY7 zbV_|Z4lDX5YXSPa|E6I>aE#kAF>+6_)vP4jy956LvzLhfh(w zp5u{S$~|mMqk;k|i?qasqe3jG`s>!bI^s{(o=>R~{pmx6?8hG~zb7zgYnO5Bv2p*a zRt@V~>vt$GJb~THYJf@8jQP6O5!sz3P^a^q@J%m zI`v)a!x3Zc{!DRq5qlng_67Km)F@onMmn+)U=adhI- za5$Khv4y7~aP~~yVtv?tr|$m;ekDciA+x5Cn<{kwdoH$V%GmJt9#OEH-1l2QHgSPG zmr?)r3EsZu=*d9hIF-D#gp8Ry&KOnkCr}zCN^upuP5o0lhpqQJAHa=Z1N^ZH{6s9w zvbl7fl-_QI**nIyPU#=>ewbnZ$kGMbL1Oe0=9=->c;Ts(?|NMy>!kAxlnNeS#_6j`)_xA1 zF@`0-5@9A%r;^GlFQ!~tF+*M5 zdfhw+-j~=Xe&r+g%|_c*eeKl5M6B)pKgdg8uL(z&Fw1ZnJ72QDUlu#~g6nTA#%boj z^gNr_3?K$1%wr&Iz45+@1JKP^cp~|mLs_9P><)%zE?}I16x62f&P6=A+RkPvH&`21 zoqEYOu{J@&gT%sPID#jo?1(jzFVo?v9i?bzHR{pkkj^!6_fQi8alEi7o9H<;_0zOp zs!({sKWA>$N005jy|{(*E&hgyz@^o-pu7z z2(>l@!DJqasN@@#ze08A9?;lmRLAaX0tG@-3Q4gUMF z@LQ#OdXMMwcyUA?e&~w4t^kJ@ttcz02dm0VYi1LOS01`wkZ&u`Ym-P#a#utbZRYJ&E2_i% z%KToW4y>L@sT5Ne%L#$g>_1f~F;2!Je9v;Zk2cS#$#|K1Y%@n9>+OB}RTOR_cP?&! z2n2=`xvOPHDwGrzN$me)?>^w8DEbHf?_Dkh0;zNY9KD6(QXrI2LI|NlpM z-`1Jgnc3Ody}jN1K>6B>s}!7S6{#Bo-N_j!_wE*M%=P=-ZHOwRMlIqU#jUvmMt{GP2%dj)W}Y+&W7bq5V}t8u#IwN zVx(C(FIldxfJzTgQeEWgrBO~I3Z+M`6v)j`oH0+0{s9Kbt&O4(N0(#!ANU{n#qW5Bl`-K^I>NPx4MpRu{_jeT4;7 z`^|vb$6f2FW#m3D=>p_VmrG6R!bweTTc&rDqxz5c^bjXckp?s6^BoU4Z;=>QB4D~KS*6J5w)TIMX=g2BPBzp~VL$NzM zRISs`4{3&&%O?xFv)Z7piMrNzT}7auQi8L(yb`j7`sIe|szZKBHACvWN;TCoq;@R% zlv0)5sL=TpMUZoimRbF_MsMV0L4B8$0ry@fgK{oMY37A;%_E2gO};pm`so^yvjHi6 z*WE#!uE;-iL(Syt)x3*K6skuNm^V}QW$7UX=H3X*y`G;7Y|c#f);vk9>V(LY+#5{E zz2TaoX0x>%0oBpGlR5@>(vQJ3VUlxG_+(F*qRD`M9A;8??*K{OM|=~Ub5Jsbn;Oz& zOyBn0({fx_*{**EaGck(PklCGoO2R)v5`Y62pNz}2599krsLunQsQTv3e@`w7k?u!md@(w0VazrY;Y5!)bitZAmj$E;-+zFaOrl{Z2 z7MwKDm(f#Lv|L!FXt^+@NVzb9oxk9eVW=vSp?Z-d%4{O%Qx!?H4CqC|q`s<1PP*6s zH@91_{P&ec>msGm+Fj{e+f?44bmhJ5(*I`k56*V_tu#ey!zG{foGO~nEK@X}nNlR5 znNUNHxIvTeNXsrM&PyD zPjJ^|LpV>64^B4ZgEI`NMeZY)I{3H`TKb3_Ams)geFZ6JJpg?J^q|yYwb_6vas~Rn z81=K+{KJlG8+y98K@E`fp3&ZZB%QY8fk{^Zx#D-FM?UV|02uX1{xIk_!j;mr183%TGEZMUu{hdMfEn z{vhd6&+kw5P4S__777{Sbv$|#KH+?q)399;B#<7@b4csIMvH%eXAjp z0*@7Mma|N&p=qWZO`9i=F7Pr6G9DWj6Q-Hux61O@`^c@nyI=eK>Wh{sulT=qx8$XZ zcZYvJ>#^G&qthmLeRfXe4b8t<^!c%q@19z8v~h4%<7{6?^v#_4lXjmO6EJJ9_n01a zFNXWg`PTFMa~G@beCf)?Yl#E9mYDnQtIyUMG%WNLduXLwpSExg%4l%@+M|Ql`R`uP zqE^V`L2d2j%p-TsjqEny=v+S@&rtB_u8=T!x0FQ-lfM@AP6vj=<$t8sNDIApW__8J zBrAkz5%OdUn+y$;DLkb%R%`w5K1egDaBNly)vEP;P;`wXWs$NG5fXi(M9=%TB3$E* zwI;F}bFDHjOl&GkTV;NdEE!G-81iy>R5k1IssD{s>$%687MaJ?#`0f(=}9vTTz4j}nK;GUQET`O9?Dl^|>Imy)%sLW>aXvQ$%9pLi1`C5f_J zf-J#fqxI?GvUX#&Rjf%KG!?C~Zj=m1$kItNg*+#piJfh+%d%1Omo-RNf`nmJQ+Qh% zC84LEt+dM0q>G28SS1Xesbg1RG?A%cGDdzdJxTr(8V^&Zb`leF*)~!VCd&C2KX^0twRBT5aCDoRA(uBNVa!sU~cHIcdOEs-jh z8p$wernZoi;qq9hd+na1wNB6`u=G?PIZ4il}1NtzAK;$7MX!>3LFyl0; zz(dd#OKSz#jr25P~2WNGhN@5vYCtWh4dD<0k^4Mq1lnxmn zPsP(rqd*=&rJ1r}G|0n3HIux2L^H{=t2EPim;e(&9^$T<9)(Ge3wbaZrodE~29LpX zm;sN&6EG8=gr{H@%!a374$KAm5T^OC0G@$`@GLBX#jpgH!gKIEEQ96n0<3_S;T3ol z*1~JB5#EHi;BD9n+h9Aq13Tbdcn@~LZrB5R;eFT#`{4k503X63I1C@b5jYB;z^8B= zK7-HU1e}CZ@Fjc&r{N5I4d>wkd;=HZ5_}8a!BzMTeg|m|xm8l|g;z(dd# zx~41_^27>2-5u)#1$fJCrE5+p+kq{46*0ckK2 z(jfyfVH7wZ3!IP*qhSn;g>f(*Ccs2^1RjM+kOR4p2a{n6OoeIi7)*y5@HjjHGvP^i z3TDAh*yxCOW24%~&`;CIlBg7lH3e+AMDXv=Y&1GH(&m74Y^2Qr>DWk{1JbdPHV33* zBh3v+pGKM+kUotxHy|AwX>LF|HqzXHbZn%#0qNLCa|5kGIyTbWfOKr6xdG|eNSg!F zv5__hq+=s(4oJsF+8pQx-Ju8cgkBH}aS#u^p%3(he$XEVz{4;Q2Ekw$0z<(D!yo|? z!464~3@MNb!(jxZ!AMAl49J90;D9V}LN<(sF)$X!!FZSe6X6kf6ed9q#zadfQ_&T-h{VcGi-skVJmEd?eGrlfSvFzya&5rH|&AE@ILH={cr$2fP?TM z9D>8}5gdV|@G*P>$KX>q4xhp2a00%7lW+>YgsO&|r01Gq(D}+HfM8MZ@7S6$WxB%b4CHNM;gYV%o`~X+rDqMpf;U~BbKf^EZE8Kva za0_n39k>g>K}C}g0+paLQ~@(og=$b8YCuh>1+}3L)P;IbA3~u4SfC+TAq>JH0wSRi zG=?Z>0!^VAG>2&D3f-VP^njkw3t}M-;-NS6fxgfW`ojQt7zV;17z{&TDA-^aBtRnA zAqkQp1yW%+jDR$7LN<(sM`04=KrZCLWS9a|VH!LJ(_scY4o|>LcoLq1Suh)(hB+`7 z=D~b;1{T7zum~2z5?Bh$U?sc^t6)964jbSN*a(~8O?V47!xnfOw!${p4)4GY*a`2# zd$0?3!yecR@54UW4+r1_I0zrYAvg>l!4WtLAHyeb3_gY9@ELp#C*TV>38&yo_zF(L z8TcB`!Z|n(7vLMX2$$en_zu2@%kTqSfva#0euW!w6K=t6xC3|LH~1YiPr(5EM#tm< zTt6{+f){v$JR?=wL?{lvPy$KJH0wSRiG=?Z>0!^VAL_-T`39XeH|P#MpeOW#Scrpo=nZ|KFZ6@{FaRC~9)xQe1cPA+ z3n0AU1egeqz@sn; zav&G-U@}aBsW1&5gXu5>9)~AjCOipG!7P{!Ps1FT3-e$;EP!WVAv_CLdsDy)IE@EWXx_3%1ufHzw~jKpt!-yCeia477o^&<@%|2j~c$pfhxVhoCFS69%Q8LJ#N(y&x9i zARc-{ALtAHpg#{R#9g-j!QXmzE!w5)&k&q4;+=AP12kydepm_@hFoFkgvDxGaUf>P#aA;{Zp*Z+L2`CBv z5CDM?1i?@WX!yK3k zAHfkg3LnEKa12hs7jP0z!I$tAoQ5;-HJpWWa2_teHxTV3w17o$0BpsCVUP%$eT6OX zHf)7$upQok9k3JLh4)|=?1nwC7v6_`upbV<2XGKRghOx`K7w!II{Xa3z^`xvZo)0N z4R_!!{06^+Cf_%ht!G58dY!)Ne0oPaOjB%FdT;VU=|XW(l%3+LcGT!3%jB3y!R;XC*qF2fIS1+Kz1 z_z`}B>+m!D2ET(Q-wv5-L2al5b)g>A2P=d@I7C1sw1f800Xjk_=nP%pA?OO-pgZ({ zp3nFhjmXGd&JZz)W}&o`P908=i(aFc;>*d{_X_z(RNy7Qtdz0!!gJcpjF) za(Dq=gca}-tb~_g6|9C=;8j=yYvDCm2kYT=*Z^<9M%V;z!dtKzw!qu46}G{4cn5aE zyYL?Dg59tO_QLzH5B9?W_y7*Vhj0iEgWM)7B?Cv{W01QwWw(M);W)^RgtA+~3HSo! z1~(}|_!7Q?({Kj924h*l1Nh$4#zadfQ_&T-h{VcGi-skVJmEd?eGrlfSvFzya&5rH|&AE@ILgfC=7syVIT~G z!7v1df(?d20wjVRk{}sUAQjRf12SP0On^t=QOJQ@$b%^`6=uNW@C3|+C*diW1+(F4 zm;-ZR9?XXY@C+=3XJHX6h9$5Ro&z7VPz;KLFO-0i;0OK?0D%w$!B7fHLm4Ow<)A!N zfQk?Tm7p@1p(<2^>QDn}LM^Bbb)YWPgZdB(4Zs2o!3tpz4iOLuji50^K@(^S&7e6% zLknmLt)Ml;KpSWa?Vvq$fQ~Q{(jfyfVH7wZ3!IP*qhSn;g>f(*Ccs2^1RjMP$b~$Z z3{zk#OoPW@I?RB_;R%=tPr_3$3ueR9FbC$sJeUs);2Bs5&%z>D3`<}sJO|IiGFT2T zz>BZ~UV@eIGOU8t@Cv*NYhW$B2J2uwybc@S4cG{q;7xc7Hp3Qp8@9qW*beW&4%i9r z!h5g_cEcXn3-7}|*bfKb12_mD!XY>eAHfkg3LnEKa11_$iVOZW;- z!x{J*&cZo34;SDYxCocvTlfyXhs*E-T!E`_4Ss~5;5z&azre3>18%}CxD9vUF8l_+ zgH}~AfDt^v1fJjp-rxhppg8zK2`CAE;12;12tg1GrJyvFfwE8z%0mUH2q91jDnk`8 zLsh5-)u9H|gj!G=>Oftn2lXKo8h`~Ff)&Cb93mhR8bM=-f+o-unn81jh8EBgT0v`w zfi}<<+Ch8h03D$dbcQbQ5OjrZ&>ea}Pv`})5C`$l8~Q+B=m-5_06Yu>VGs<4Autqd zFbonP5$uoz$&do6FdRle8jOT=$bd{31rEppCuGBD7z1Nr9E^tvFcBVsM`04=KrZCL zWS9a|VH!LJ(_scY4o|>LcoLq1Suh)(hB+`7=D~be0MEcecor7HVpsx8;W>C7mcep( z0bYa^@Di+qmthsGhF9QKSOaU}HCPAh;dR&mZ@@;_1aHDyuo;aOM&i(v^Yh3DXTSO&}C1$Yrwz)P?aUWQe$8eV~r znnGo$0%oWR-Ju8cgkBH}aS#vvpg#{R#9daNS@?bJdfvGSJ z9)syH10IJbU?w~XPr)ph4Nt=ym<#h@J}iI@@CIyzP4FhX1?S*AT!3%jB3y!R;XC*q zF2fIS1+Kz1_z`}FU*K1`0XN|ml&K|@gHA9WCcs2k18d5LhCQtAJZ}5R)P#k=r1ndhJ_QL`A01m>3a0m{=M{op=!pHCl9D`5c zID7`5!wL8TPQoep625|qjf6|^Eqn*x!)5pZuE15e20y}2a2@hu2{Pya5|w6TAs;!DiS3Z^KsD2HW8s*a17?U3d?6!EV?C zd*OZ92m9dwd;kaGLpTJ7;UhQ#N8w}m1dhR{a2!5^&*21o0Vm-Ud4Ld$O>25p&rzSP-p;8!d18iKf+IN9e##i;8(Z- zH{llChC6TWET#h^I&LJ24de&7!Q5C}mK45gqnl!3BP z4$4CXs0blY2`WPsFhf>QK)$UVoTnFRwF!2?X-30~k0K46fa@|yeuB6pgCAQ+5Vqn#!XFo7p{fj9U-F(?kc zPy$MV9|S@W1Vbq(4P~G#l!Nk60V+ZWRD#M70rIowo$@10p#`*rRuBU{p%?UqzR(Z) z%TJF@LmA3|Oc(_Y$O0#1!)O=-Igkr^Fd3%6RL}whgBC>&2_7KFMRG{+0&nnvVo)4> zp#+o!Kk$bD2!tRAhEh-(%0O8t2j!sxRD=+y1eKu*n4v0EgX&NNYC zkV0!B6&MU!6LMVe026qE7kGmY6oca63nic=_<=tJKp+G`FqDGQPzK6EIVcYmpdy4o zC8!KlzzkKP8dQfGP!noFZKwlvp&rzSP-p-aXbAFfft|7w3-W`1_5eX1p#`*rR?r$^pbfNzcF-O=Ku72VouLan1YMyUbcY_$6M8`` z#6djthCa|2`aypf01v}JFlbFF)uxoC3>ma$6s_O^Ch!C=@CF|!2F1Y_NWlMD}Q3av>2z;kvc5fX%980+nrfXTY93+ zkr-<3V|TDhi*SpTzoF)~*=f#fhrLC*J=^K9rG=V%W)DkCO?b#YEjeXYJ$xv!5KWfDtQ{cJmt}FIk`r!az?LW9$tZU z3q)SHpnetGjoP+mWo=6Z{;Ov{_1 zM%DX|)xy1HBiFNBSCt%jRWKtxh1^jrpg(4thaRh^8>_|hr>|#7o_HidAo`2=;iClM*0wDE}N5B@PKETmUB+>ho=(yu)6++Kq-h!5`RO5y6$R5*xDt>`>Q2GuvY7i_3o7FblA3cWzoahb zl3zKONXkWcy$t!K>Ryo-6Ue;0(xBdcDtmzsBPCUd$b0G;F+)u?Mc!M$h&=pOqL$YP zFk)3vz9hx3N~cMHzE!e->&@mY6rI0;qvXl{?hVX2MhH2_gxndjO?mMuV0n-~>!>|( z8JlWiR9+qwB=47%p`22#D1y{8JZ<`0ecdHf@D5?3aXqA8R-1g0N+A!$laxuN$a!7T z?Ro|~fiBEX)Oxj9^O(5aU*Aw!MSog3iQK2c)t@3R3*}trU6E?PkjEefxrPfp0nEMI z$Rxd3@~Bj~8oWe+@4_D9yTjJDm!Zj#j2>fE_j~?~s`)7NIyR}IUD*aIw%!!UE~Dz8 zybXykrZc*Vq1l8>43js*HXth}tHz;{D-@|OYDgaPsluE58H=2hX|C5TFnSukhpSRp zJaC`gZ?dF3Xi5nP05jA8He^Z@PlG0ZiW@W|pE6QH4mAvF1{o=7&^*X#glN=tR=43J*oCnHb!R8loiyxnfk`bB*x|8!fK$^ci_|i`t+PvO%iJWWHpHinOd*9*^gGdyWj` zzv-r+tWQhs$g5>tmEg4g5ODX~s$~C{7m`R$8YI8<AC%@>3Pv9BNOm!BM~Y9q zgX_9XF{(**f=l3Z~=ncCRhI67Jzj?)fev(BYGD7mCA3+LSok5iX*RV>#K|Oh@ho?6svU}z%bM5JB znEg919&>iHPF{?@pfn$O`qt5sB>UxlXxNChKLBwq5J*RHMCE0c_@fFD zbuF-wWz}jduEtbTn6ti;%IY)JefMjB3I(b%KW|=18vOj2q@9sXzvgasujvJ;f2gKd zUgxMpC*MN-XSH&IuG?0 zF9!5cJxZxb(mLjiRfTX#(kk1wOzJ5glqdUSnm(*vsH~BQl_dYuUnOllt*@$NW%N+oqwY_A z<2LHqyjk*)3FM6&q~zJT()gKW!=_79wzlx`Qfeyi%2qFvsww5En!r+4UJNQB=TDKv zq&e18rH%p8kQW*w6xuoxt!DF1`ZD@ExIeik@bVJ4#B=XtS)qbeO6vYOghf@5C(-9z z)(dZ*#75;)amj4ixl5Zp3&k(*+)`63S`G4cvil-av;8F@`GLr~-ttl{*{CCWmDo&) ztNw7FoMFfh^>~*9-Qzsz1?Vq(*R%YbtF4+U*>gl4PI$47I-IBvUM0^Vg4bN;59sZn zEXND3IpoO#JbHF@Np(a~GgMbbUe779(;nwsXGl8PD(hDlZ2el5qdbq;U1s{Ql(cF| z4pPVD_$s}W{I{%2r1EwzcNnUq+y}veLRZ_DD-AXK%QtX@|yLq4p-!~hy$m(<#@^QRQ^$mC9A0ea$?4-vDXIWUDx-e)dg$h8Xgd2t|3U`VNLyY%_;ytCP~2V z@T4jfEWmQ=AVSoEdY^)1T$UF*OU!0TNdCeFxhHd6p^;;gX{c4+O)e)VGDgxMFFr6+ zW_odPFqUF!?<;Xj%~Qqct8Z{u`oI1XjY?rpSx4SpQMz!nYFp?F=VuWk{+jCz)j@g1 z=v@W7vaHaC8|5XyQY>nHDJ2>xcP3QUsuV5|_q%8~)VfxnhfQlG&pB2@*?Nyao}z4! zBd?qUo3%=QUQ!2)mHc=Uc~CS3$Aq9xdUssnm0p2rwCIgap;69VLAA|QhkD*T;)=wN zBFN>MfxlER-r71_?{Q0STqLP}$E!~Rg1R{MS`H=qAbT!xJ8sMn9LO<$fvyw_%rVpDe zZ*5tt_aP*?x#vh=rW)r8TkdHIO_Fv=PuXhy6yvJC(>YXre?!=o3|td3B}!sXk|3Bq^5OX9<;lSMQDFtL~B7oSb9oBd>kIHjL6sKu%{> zYVzihYn);EF@rYIS7MMWX@1g(Qb>9IWIzvXnSMOtz$&K~>UbnaXz3WKjj+o?9I^S3 zY3d_qXMmo%g06)+5zu>160m;!TP77x9S+@}dV1}$Ep*AG<3ZnXy-~WhYFOT&Cv!*! zyA%g!F~BGP2v1L&=0vT=JYxk->XTZ`9Yy{jm`zcS9H*-#oqnl~Jm!79WV5TyovyY| zuh?o9jS>eiiTN`7s6H$;PT%&f0qTI}dIKA8VWVq9jSR}8{svAiMds6TsId@rayz+( z>*O{>_9j=8W|TEmr&z84%9$};q5QWNm1j=DXrVz>Z{+1XDUuu#s$wUxsy8ZEh*UBs zUsN?fQYYUU1lI7VqZt{n%7C9-rw`U-z{j(WCVQ9+g)k&tyE>dJD-E8qw44Ogk!C~h z=c|P`%Vdek!$&hR%iZZFoP+wZdZ(M!^g<^z>1d16(U#?;qpfC2@k`p>gVNC^jBCpE z%8kXCDZ7na6p%Q<*2o#~aJ^b=WeyXQa0un_$o6i-7nPN5+^e zgDj^mJV{8JUs#kSEX)#awS31*N?NKYNFRxxKfQb(pb zQ%BpgLd`a{L_$VdnmvKsl1cGByPD;@8FQk|X-i7W7-P1Nb=uSQZ*|P^DRy(0jMQ}7 zurzzTEo(#vTY@vgG0tpDlO?nAqsqw6N*iY$mX?t)A~ikP?3A^7ca{%_-Ii!h%5b>i zC0i^KW@?r>)0Qy8mTWi6pe-{~zV0Cgvok}IGR~~B%Qcx)n(L%zIL*Vevz+EWsae^! zG|9{C#MF$svgI`mT0vG>^x67ci&O=PUlOEg(FUz#tUWU$E0yH;cBIu!aXK@znl)^g zoa#);9%f0%7};>7yFeO_&T611UacG^g`Qs;mcFU!iL&jMwplV15gufEv9Z$H|e?yMgjmztbzOH;F2CJq@A zsc99YL(@CUZr112scTM6m+#|j6u;C@siE?xyFu&xH{+AKm(|mekzmit>L%aPjjbQu zKHX_|skb|eBt68S zm1TO*?6fSqRPG`(|NiF0N=DcnedT*eyQ8aA!}`%3?M?<{uS*y~4mQ=;nWa(aW6*m2 zy^Xp*&~{Ql$qtE%p!2sc%o?F-BMn;0KMl5X`e^y8vyEML6}#F7f_F6ton+@slkZFm z#U{5crW&-we?7KXdsaraBSEEpXn6hT9<-Zj*;&#!6pAsiAgU&s*43bO{Og#;*ixPC z^Ba!((S2pSLx!XM*i>hJXi}m28noDd99XP9IW^1a7}qw%mY!TtyTW9L`&;35rhdy# z)!UhxCJmxJOH~q;yjZ(@1)Z+yifX{Ks4;RQ`#%l0gESItGt!-@>Dj6gZYPaDGDW%7_AjKoPBtR_s1iW*{VnfMQaZJU22sIS70Pfbf}KQhxf zF2B&i|8DLUPAx6LpQcw&?l6Nk=r3!79NZ-*<(317w2N^?k8NbJ9Iom|yBe}y+4e%s zPM8#+d@rJ!Mxz$rTh>-LFtkgxC8uX(Ia3p|Eb$Iof;93L)#`GD`%mAkU?NZ&=lI^E z|0@0-nF$$*|MB}Jy!2qDXQ6U~Zqfg2Zjgfi>D-`1s2d*tmm5;$C=uyH_{xVGD4_;& z9+zH|3`xJXclKY^-LCf0cDZ-wKYOc>rwY|m(m-1L{uiai|9??hI5YX*QbvLQ3({he zH1slPUH|gXl7E5_pOKL!y@9@RF3{GNo?uT)Q%7wMuyh2P3=Pw?9tN$;e=J1ljJ7w( zd&1mj9Di`)Vu{a8E7Gfy1jeV1v}a^HNtbl1<%G1&zZptnwyuLgi}_c>(R;1=J%upY zs7?m0?Y|jJxRvzCjU%4z+PCT5QPTz+wElk?rb-1TA)V8uYiCPK9dCEkk8YVTWQglL zylt8-D=Tb>RXQdOIEQUHY>3_o`PYJ{XLE0;;Z_x_oNyF6?QsWhGiU?lfO}6vcrrsXwJWm^S z!;5~5Ug18tOf+a?{+m&U50Qhh95Ejl`51%d_=l0-zrWnO(Gv3?#rwBf@V~ns z-5YPjpKbBqYQY~6^S%4m10wySjddEdjDM2Je-)*)8%`}=;!=P2+ ziZ&O1EUp8p^ao_D&=vdY2CZ`bLLD3#BlYtRdt#ww6TxbpO;p*1vUA>Hkc#9_Ad5tfdrPS^KqT%scfvr0x- z8e7659Kq7l+Ad z`QAQZy+1{Z@nglj~w~<9}!Q;h3hC zmM8e|WD(1Zv%^-{A)Ok=9lpmB8T90px zC)hXxusbaBeJ1rs_6x5Gu3^5hn&8mCt#w%LS+JBr^Pk|p+TYbS%$_D|yLK_jG}#5* zjfqiqME5ZJUco{#;%c=-%J}9ztzv-@)uND#@Cac>J??wLIpYIKe zin29IXw*2YX+)&m+N5dq`y-QYKINi@J5Jd(*`)IFpFcfg+VQV;$LX{7j`Cgb!IYNI zM1S${=4A_eZi{WTYsZR(p}R85#edZ6wFaO3e!IsPOO^zlywEQ3d_!}E@9&)2cJ+}e zb#J#Hz0jw0((vHko4+Y_?BazA+RJZQv%Xsx(`f&J9_wNKlIg+npEqmq`Z~E6LAxx=&6M%#vfNP8FMm>G zdT9w~fedHKJYMJXt2F7|W8{~enev;=RQYXXqC_!HOIN?}!6k!sr8l5R2eS_u7j-akYJZe zu%Rr*?@8@iHx;N;Ya_!w)i6J5O_YFAWf_7zE-TdQESoV}Rv~{9Wn1}uD`_GpMyh)G9f)J@jTQoosXs)Cerg1;N6`!}|fsY3!KzsISZ=cl-23foRL9g;xJU1fps zvOpjCOjAYCL58wrm<1EH%d$|d`xnydOv?as}Pvg?)VCDGc||Msd9IVBG#$&BzgSvID~^6W}_0XrVJzs-}? z>cmNC{6;!cA|hpWwNtvI9H(`XDQS{N2V`OM{R`_AhJB2T^pb|5+5HQ}Ne0=}{@Gm? zqbiW8$x`-|PnybHR&OJ#4~Uc2fW44kipR_BZZez23+Dt?B~?~rC68T_IlTAC&@(1sRCcOEI+W%# zxyd5SEVmcw_xfa+$H)~hv(5bAFPZiGl<1&mnYkUwreE{17&^zuczT2EOm$<3x{t}h zeNP0>!YTH&MDwt5>aM5+S<5cBL&^PC3AS{C8D=-T)=ab*nzZB228Z<_% ziMyu?f=iM!1tyI!XC#@&&;eJ`SPa$GT~*u>#P=8Gk=!dKL1$)XrAU&KQXN@Niy<^7 zji4kcawSe~g_6sBGE;84;)bpK4y{?jaM~?~rYgt`xjw796(m?Pi~GFna*vq0-kE5& zCEJKpa&5F+bk{f9VhE1O-+Hzq)gd>j8Da}}Y0Zflc0C`ZizHo6cPbL}Z}cTal5++3 zshP*vvecQ8TtQ6b@~SE;i=mQAW4e5WDdnMWn?v0tVpmay$u|P2lHvrJ#Y&RKY`Zzh zCMPm7mMD)gkeDS(xvL~w-4ACm)P3M8l+-x8vtU^^Xn=}b6?2Lt&z*o_a;eii(&iW; zQBZoWQwYgyi`m>gL%t#%BU_u>k|${ACplieaqnx%vk_YN{r_BU4+NJW;S zRXecMZx)fD?PD|L>j9>!yB{s)zOre|D7^Q%?wgV1xxXw^8O&m1I01A=K$ZB@HgQaf z-0WxWDc|InN9w1&`TMo2i7=I{U|aZ0bcK2GwY|STl6%Dcvh=ru=Wc z%1dkgxEwiMf24aUH^gf^nN~X}^9~l8$0FQ}Q20-5T)Vh!Y>xqRG{7vXff{@0-qYo#cPNonBf% zLB7hc+zu)|**I;8*j|g3q0U+l>2ME`&+c+g*n?HI?WQZgan-_C3)Dt6ETulBJFm4; zb9sglS9FU0X(yuwb%x|n=azJMJ4;_NN&1ldsiD@2cl98%Ts>+1oJTF7tyk|(HAtH1 zXX?Ff&Qgnp)KxmF2F;rPH&V{3B@eXU3_r&=b9WIHzJ9fX zI5Je2=_*AQsb}qFi;1Q1((Y4MvsOp)g)1s%ZMd9Fa0X^pXJ1(|#+I8^4at`LB@gRL z%J>th70)k!Qb%mv<&(O=A5Q*?KE6wn@TlvXOH4! z(IKDYMZp&SyJ@sYep0LWlOt)6Zx|$=WEBg0Ri@-8Ig>0k#wp9JmU6g1PP5tr9kMjF zrr<&ZwI@b}Z!Q!HHHq5C3Aw{{!boX4)VB6;ElD1-t?qJSOfS{@46KmS@>HQtfr@`F|F!Ro17?{J%f{OLJhEm&WbDo#b|+|NHa*zZ_UrQ?}V?)U0_m z=Xw>ZH?7mOUrQRijmz?CPLWADMuQ>D-&)eE*wAU640aEB)~lyx9q3iOzL&vd$cr)> zOv}1kyIRW@n&NLQ=3&s5nO-pFXx6ZM)-{G$}9^jq@`)e2{nl$}SO!C%VSP~0d_sM6MaeABbS>oL&_ zKRk3kLEb&M_OY!ko0k|-=f~$WgRWkC|8lXsvDK=csCuhO;tPkp9e14b&cF3}R+;24 z7MS+`dTU{+x(k*z`}%lu$2VIB)V;l6Me&*Swv6ri(1bTygdb`g@?7+Z318P-e60R} zCrkcN?)yh4c8xqb{NoizR+T)LaCeV)vlkZMjlA}`b?ucFzZ__FDD%X)l|8n3JiY9g zWpdcU&QC7A`^KW3Z^Ot(m z8|&R}<0nhvO5IxgYsrZh64q2}P-*Vg85bA%^{_v+e$LOH56%BMJ#O2sO8XHL8KNu|*cL4sdU(!C+#i?&2P|8mF~%MKNZ~mGCPHPF$9BeTB zZZgXGRMDMR>ZCzCVA<8?LeHwnZ9X{h%b5!c&J2xcH0_A_t8a$={(Kd`+i{~>t!h~O zopHfGRO>r0W$o>8%PSwqoZ+!)opa9iGR;3XSv=FbEVumdQkPfky*kb~T>jPCu&COT7_U&fgsR*kfn2qxZj6>BaIFXJoc`US{{le)aT zW!LHvy&s=pC>LDJ>%vd7$5im!Gk?jA_r^PtOXm1*?fm1z8SRhXs#v^w_||SacK>|D zx9s7jS0*$_IBnTnJR@;^XvKFH#of5_%D`90wSVT^hd(@=xZIlOl_||$KfTE-ZYvSn zRUM2x?#V1`?)3jkQxa~qQX4&j>lQS1u^Dn%yseb2{uo}nIVM|fec{=_`Hh}5eNooN z;nqlNSQL$3BYjk=a@2tT@kaTtn!ihai9N?9Z`ytKZZWOvbMw~x+9&1PcAp*I)33+s zmqt$<+5YX1o6gy|qVmm~_PldtkIuT=Zi&xD``kmJy{GJW#OJJ~{;HVz<=%SXq4dsO zN0j#d^2pKmW>g+E@54=#9@@Ch=d**;KOIqaUbDG}YPI_Q!f%la`yQ(_sPiuy>RFCW z-P*s^joBOPPj()t|3>o;XRmhX{BGH#`28W5#6>9Gu*bbG?U!j!IRHAZmIakh>bAq;7jMbOj-QPqo)2#ma z`@W~uLz;jhE!?qR`g}0!;tKNhq~1!cmCEXB;TksxkN8iu zaDNcC)0(@K%`}^G=Ua2aj?&gz~ zwRes-%2;=P(zy9!&Kp0u_T6V6cCTE~_QHDus#mx=bJeh3?UQ}Zwu-Ji_l9+9*?mo0 zuRQMeM%B9KUs|3zv)bH)&V}DB@7VUoxHUWdt*MiKJ6h8`GQ;-qSKh}ycW9xh(?+-G z^~K7jo%ToBMtYx$EC0dEpW5Er@%7|a{ZEfrJpa>2>hxMaqf4(9i_-SJRi#S>ztq*o zPrm!;k%R|T|Nobcv`)EQpycbGQ5T&s(FDpfr;;ij>A zgFP`H?5NarUzsbfFPU_w+C!ZmPcMCT<)qOMABh|H^wg!tj(*W1tIXOIy4(L1ey&b1Y&YHQn!FL;fI9&VVO@mW!ttewM zyj&wW>u|RoZ+_|7=b7=pUW)B@eT-+1se3>3z4p}QHpPyV9DTNWpRv_yHGb#7>oe0| zsdR4YiH;G&X06!&bi|NRm0Pb{Xy0G$VwGNOs+FH~* zJ}2~0)PR<)+k~yC65#V*pCvnL4C-ZEI(*#GvLBy#civOp6KalX_o~>cy4GUH@g;g_|=R`k0`J2`y7PkKJr=Eew+w`57)pT@dMO(ig-!}~ZMeh8w zwkfoFiLgj(__9(tLHA#YT3#Wi+#l`Hg?BsYew*^-n#{-EPa0<3UjEwoa!DTh7fY;ieE-DPUuaUR`G8lOb?ftf&bys*_6)t@o~LYFDxO{nsBad*avYWBj`=y)$d=cF+9_tbMM<)-OBpnGrrM zE7zY^yZlo}qXH8KcfCAhZG{+1i|R z1p#srnrG-FdD~77WUZw(yMmt5zqp6t0jHo1e|zT3=Wo1y;r6c)jn_On|Gk&iTy5O% zy_k*B6Xs6I`ud91=#|vB^w`ns%LRv9!y~PYt&w3(tc@Erwlr-NIlyX?lj7^kaz9&< zd(4`9^uN*>YhbNUXUsRaMnPw+vwZ2yx7Iz}H*92?yYk>4dtz8EYYlyIxn07RCih*$ z$Hkf3$8~Skq+MiKgUB`=q8hY`XcHAy(^{S7Jc2_Cg5~F?4dmAZ@-2Uyes{vMyuh*6 zJn!1pJWv0E6L7=XueL8<6p}Kznp{@Y3}*{hY)-%@{#P=>wPhZ`l^&Sl`%b^Z!$IuQ1Y9GT4n9_I=B9>ikL+8sJ?y!;p2L6mY|MhkZ-!O-X48_574Ka6=4gxAy}xX1zpJgyoYd#F zvAO=ms{QPJWbc*z3DGTQEH7hu<+H(OCOmm|+BU~KkMwxpRWFS(&DkQLc0a zEEEN$NKt_ouyK9&9sj)dyz~CqvomvcXE)iI@Av!WoZZ3a?DTchTBApYbZ2(Tdy(oZ z=vvGpVwfYYxXw@b=a(}E%2DFNt-Q_&1<=B!iKkd>m6lhlx=$PqV|i|f$?ywuj<7cZ zKbVH3s+Erl@bq1zl=7ZuOsvZ~%gqWg9+5JBG5^@Wa(?j$wo>=3aX9#d;p=(|q)@1p zSw-$rS5m`dzlm)Bg9eBzl!y_ss_JH~<>k*|MnO-qPd_c)D9-A$iAqXlxy9!WLgYIekmm3@JF} z1Dx6nZ$;^k1D1e!rfH^egyDZ<-llc%^ule4habas4;=V8)ldu6p-bIv8VG5a%vNxY z{T|{{^@AN?OSO#O%nMaN82`4f?*`)QE7yM4+pj``Z}aB%Z0d;}0Qh^qbj(}AP=sT% zo|?)qo&ROh+X|v7b*Zv>y-y!;xx2sDu5onHZc!_Ylq*iKgO2H+A$^$xnA65p)dUek zqJqd}|I6LxMs9uX?tFuRNW4H5eW_NwfK8ElP9fWX|GM!?BT9J^+^je?48BrTHYZmy z!|+h3T_jB(Dv_4798d$|P|`l^Agv*~h{o+2iat&R*KfRF@8J$)t(-nLyNZ@%W$bjY zE#cYdMqygu#rTiK^w^EO-qTV~bKV55AyeS8(h3~OK1=E0IP1ae{+LMr_9a)Wq|Q!u zK8X*j{b|WBOQ4>g#c`O}YsP+&M-ak%cP>3`RjK3>{q*>=J=u81i=mZ?%w>Am3~Whs z(;KN>&~ti}Y*Czca>=DisTO_Z$&7xR&V%|HVRoa~=Zb}_j2)M|v|JSK71+<11}{t- zHl(43hguKUP&T5Y6N)T(8ia;WA^heh2VKI|Vkm`d%xNdwZI}V|y+MYV5D@x~Qs42n zQMX_C9#^@cmA7J?`ATdjx!q2|D%)Oj6el>{sTVgW8|0*2UhKi@EOU`bnHgpPhr1;v zvj{X(Q0%hkd`sQx_^EumPiylpIbu?KAoS#?d0~1}PssH^_x1YE7U8M531)H5(5s(1 zg-C_0!EqIDIUC=Go#_r>ygOI6;69rWRVlo$*C+l&i|>1$8!2$OI@(xFms!PZ#TMq4 zVsP4=ib`)PDo^}GB@J)$gj)tERWD`B;PC$P)cnH?4jcw3A^?~I91cfPxrqS277?4p zznSX41Kg{zT>Xi19|)^|c1NG2e=YkTp-(M@PqNtJL`I z5F6G;t!I`K&Ad;Jha5e*UMcT`*3H!6SC2kE378EJ)EF6!0K_&ByhQNI~I}d>vBCX)sy2S||`vblxiD z66daT({=Ks!=7ObN0-gwI?=4_*}Dst2Jc5|VsE}A#g!>SP12^kT-hGVAMhf=+K|$< zFUv1V-XCp`3#l-V8~(&#k?iiGd`-J{=4Nq#%%Q@Lw_#cn+8z(#e>6k@)<)2AhqA|2 zMawFVP&(?Cpfi{u3H?>ZtE^G>3-XLefpDFnVd0*&vff?IZcEmtCN|td zd#djkGX!9pxkP;4$F7<_xWFIZpu#&Obf}e?S3upbK#Tlw_eI;mxC}lY*OuZy3PlYw zE?e{+a3fT}4FKFfj0@FYF>JL_fd2O)jEjZK?=2Lc7DF5a!c&+Y?0>|?EK%X zQP(BDSv&kM)8`g+(=CF(>?<0BiaOK6B(26We2#s|^PINcNmet|aq=r=jK8W1LsTgC zHF?Xc4?1Ckx_uSh?{UChHN}0#_GBdph|f-)aaJ-j7)h=s@Am7LmrctHwWOgdVW^9m zbRDf`nGJk_@vM{S@aR|9^`#vUc9G6STTeqf}p0L zsc*D=lgNF0oGjEW&_f-{;3NU zqFw52!LKdp`*?B|_yWyxB?0}$>)_)fhgDk5-P0ZMy3kTXodbAmZnRwe6j?hlD9 zwRdUJdge|8xW03{tx&YYlY%5Sw(B>ghn)qbC94&VUGw-1F?Yjgap~mEQHt9pqil`R zpLFY=tw5Wzl)BQQLV~jFvAA{cy>}XCR9)9P8a4DnLgMQ>R+L{+c&&I^3KkU_1-IMSJ zkGI0~WT?%AWWo@^H62rd^$K37p38G>1xnFM%ns)Uyd2F8VrN6$a~L=qy%{l_(v+lLeTl8|s%%u72C$5&PN-ew?`3D!=Vm(B`835AnBYfIyjG zfO+$HI;JeKtnd4@5t-X37V7oV5ePKNVM&PgSjQ+6rmR_rpj6pKR_=~0DO~)&SRFX{ ztpz8}HI%E-RnEzL*rfw?u|c;ESWgohq2_O6r5maT-KAYD=T|TQx0=^-Aeuq>qpxfjhplx9*>iBuXqF>)5lKc!$RrV zsH=c1TShki@BKTseC%IopY1+2l=dhf^uyXwg)G~jyxe~{*O$7Edv2dAV_oqHc&*X$ z_EHMCIVa#s%>Mp@)x78pe+WSMwCx0-gD}E0K$rjsuK+?Vy%?fbqTqGOy3;a>!2GPX ziLVlFtwFIXxNj4u?*o4$wGSX9{{zOsU;l7a;fzsWZ&QHBcI_o6jeT2%K{U?7x6E>@Ynk?6c8YKJ?n-i0EB9`XiE1ZtIC^JtuMd+) z8dwgrRpiv=(06iFob3&ec_eDa&H|suS~`^9yuH6Bsr$OLChrg{VJ@a$21lAd)Z|A- zU&M<;%1(Vb?Qeo_)-TEEu4q&86@3D6h1FPC$SFKZ&wmi#fHHb-d2~;C84-1{8Gi2W z^CNUt_ohqQk}^1!N1ada&Gfi7L$u;Z4ytZa?DceOtmzS-8s~IDG|S}<&ka7p?8jfG zTa{ycv&yG~$@GtRPil0+Q@^jjQJD2!C8w@VbOtQyBX8is@ z#p?ru<^8C(5lt>+2M=ESkAT$uoVxokeGQmdv_|7(Pg801m&Gz{*5{iwUK5Slh-Zl1G*!q|l?p1&VTEU62aAJ4y* zn7XUl+sn0uA?HX?_=5VK-3N+jULR-idMzN9QSedb+ TxcMVNNibiGl;+ literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.VisualStudio.Validation.dll b/Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.VisualStudio.Validation.dll similarity index 100% rename from Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.VisualStudio.Validation.dll rename to Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.VisualStudio.Validation.dll diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.Win32.Registry.dll b/Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.Win32.Registry.dll similarity index 100% rename from Modules/AzBobbyTables/3.1.3/dependencies/Microsoft.Win32.Registry.dll rename to Modules/AzBobbyTables/3.3.1/dependencies/Microsoft.Win32.Registry.dll diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/System.Buffers.dll b/Modules/AzBobbyTables/3.3.1/dependencies/System.Buffers.dll similarity index 100% rename from Modules/AzBobbyTables/3.1.3/dependencies/System.Buffers.dll rename to Modules/AzBobbyTables/3.3.1/dependencies/System.Buffers.dll diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/System.ClientModel.dll b/Modules/AzBobbyTables/3.3.1/dependencies/System.ClientModel.dll new file mode 100644 index 0000000000000000000000000000000000000000..1363faf66562d5f93e1d860d35d33f21a4b109d9 GIT binary patch literal 31152 zcmeHw2V7Lg*XZ24eV4Y2fCX_C(3N_Z4hqs0K}Cw#aoJs96n-yt-W1GE#wl4L8t>zge>*zJV@p6 zD~BIK4kS;ra$^FPpImzZ0{#3p1mo&A8dt^t)uk2`li-R3zFlyp9HFDNOaMFdyvb}<4`>?tn86u#Fw+Smj#Wv&1$*`_$Fz*L%3=7tk) zSu;qy5NZNE=K)XXT1vlnER_Q}0xSm6rI>-(S;Ci5isrZtl(vA>M`8d0ijD4&A8Kvl znkk7^H)|Gct^0^LPxv8Lwd}t$;y^VYJ?m@Ht$) z52Q5$TH%ZN0UuZgG_plv7bL)ZnlLnyLked9X18B&1N zh|3rNGDMdtNy;e;ASt&DECA?EWkDnz##U2+BE4mZUp#whY|gias$kFv0x&!qX=nYDC86X#KtfHLj^ixIHWdwp^Wq13G_#ah&F`!2p~HP z^=%;0DPZQk6_JoNMgef-)<}gud?7m*7PU#aUabDxBjpgQ{%w)DvQCGiKxR-Vu_0_F zz9s+AfPB+v7npZki?w1OFc56J`gQ<(9Icb?>C0*9%~M3$!`DELIakFB^AuaNq-j%A1inoD=+7-wij96)_MfR^<;!xiyJd|`w zYvlV$F@Baw=gX(krrW=0p`^p#i4lBoW@FH z?SfQ?ovn$dZ?ih`m)pTu92qVe04eA|N}q-~q6r&kMGxp6&lwGKCgkg3+MD6Td%1YE02RUbyuJDl2l2R`zS5SYhOree^eo3TD6+E_Nr9iG2-EPI zvN%*Q60R4lJCfG1K6vILR=0_?mjfn+)TPH1m`vDwhG_uv?8xb!!7s&G zeyJAVWSvrCaKdH+o11tj8?Su>yug&C961i#`~@U&pg43X?w%2{sW-(Tz2M#^`wD2j zA`f!7-!Jqp5s>Z#q-zB@U2hv1t?R`sa;FQ$>HM%*GlEKt8Z%h$pdb>bpS8 zpnYtt!*AHrn{u%cPQp5{wGy3`_Es@P&U)AZ#I(qwPAlD7l_*b9faTN|0xZKyqlGSh zwLQ3W_oi@2h?QO6$-=}~{oGgIuzMwry+9BIi%tp)xd>W7e5KGs>V;z{AmDP#xNMwl zAqc7sV=@0)?Mi58OP92wo-x#jAtV*DVW_hs*V~OqE|7A`Fo+tR^~JzQ%5~}P$dz*W z0axqEY4yi=UxXMC!E%>!ocm`wi@lq2I4M@$@L6uyi28TWaQjGT z54(dD+WOklih)qMw*6u}8xjs{63(nm=nYWgV_rvr74Tx?RoGH$<5eS6#qp|%q?|JF ziGXv<29eaMY%ocOvDFk18Q^#oWA)nX90%qkJa zi`OmI-P!B4y2I8}tGn3rj;4;27R0cYk86Z!+BDZtM? z-DJ=eZ zK9!H_jN)O~fqx%(Zs1|g7lb099I(Ss%*W8io&qpnQzYIOG#jro2_u%6C834toS}+{yFl5vNC0I)~M4mJo-1aTe$rIr0 zj9SBpV7kzE7{E-ze1XX>;O)0fs>OzbHZX>5#{p%*940{?W*@L0VE&R|w(7%Vj;$wpeTZU5MZo1 zK1727$Jj2iJ%(DK6vTm=YheB|p%shG2l-~8P@qVl>?)Ma0DqK4YK|vm?Eq_uzOr3S zw?tggTW(8~Aoir1qaC6l(8F-Ma)1Vr8DKs@3hk7918_RE1mJh}3n>Z}Q3X(%!6}E4 z_(OduvL&qwIq$g5(Ha`@nj=5@9hXA)0e+nSmeg?~r6UL&4HOENHiqv={UZd1a=5@} zCgIkeP*kM8E8&1k`TQS|C)KU|HkZrmR-R*n;RZVl*Alp%P}UH*kihu_HnYWbTnUsA zC?xO#Y4r<%yGYIbA})_YOYEl56xs`8Z;oCGv98KMGkj#^c~X3IQsMw`wyhIDTHF-i zKyh=>5`~s=u^bpb+5%5fh@(f zm>XatYB5|kxfa8GzOBVPplk)fDug|$C2(^6Q*BuWtcAbXGPF{13D(8l<_NBlsK4YU zjPY*^mMVG_Q5A4bjxKKO&k+Y4)Yq@nQ0k1fq9}aLdq_J=ZJn` zF`_d^bfXq)2W3wPb{L(sPvA8`LQmZ8Fv_Hoc}}RG1sl%m&1;B?2{scA=k@0`LCI*mzzGbc=OX2ghFY*YB8*j9u*V_?*pVjGYsa9u_1Y=XqI&I= zXjQ#-O0>DQofE{-$1G*Y;UX1;&R8%n3S*Zn*aI%cZdkBqTn7|{9$GLL`-@aCdTPO1 z*gJq1`^$pa0hbWOfsGYgfh+8GA;`vpbrN5sLQw+?mMwOG9kD5k5e;wb%__H2Rvwgwec0l3y=LS^@KyAMAY4a z`8qgr+N0M5t3WgDD0oh?1so2p=_Y>8OG2kD7+$FzQEwkyHU{Ap-Vx2WV0iT>qx%*N zulG)AB!E~1_2gr!EjkBDgc*;YvM8-nSmD(;aF}2`0o07TnkfZ zF)ke_rXjC_nspSM4}i$a+I9kXG;5ya_7pgLOkwF4Vf&yETOa2+mfl%ze+ug;J4Fr- zRt|M}A{uabimat|6x^c&&%wdU(}9QkV&RuZN}-oz>`GFT%f2!Lw}nlPMj_zi zt)*<8`Y?lVz>r35>g7iRPYzm0IQN5%)LP2s>zA_J`q?@-Q0O(0Axw<(Ylz13?AiR6 z=fXNuSi%dWuM1oOJm(R@JwpSCq#Hoq3C)2Rd=A9ky=^Fn4zM3<1W*i75Z=F(1cnnB zLtqktT?y<#po%~pfddIF0q6u?5_1?2kdLYXHbH*^Y=xA>DwV|IdQiA@Jb}|lO&fq2 zu&?0AWgp~=(Mm!OB9TrIiFATU1QbLfpdb?UR8!$L-$E-K`>X_RI6}lDItFk9iU%)o z0P^i1g4~GkTB@cx+aHJe*pCJg&)1fC(IABVUR$!lx>5x^4wXWph7=Mtq!9m~LZXHg z5>s@gj@T=xuGC0TIJJ-Z!!DINMtTzZZEXkrSq2uD-)EUadp&yljV(m*Q3Q8wZ zH>fq-c~n~>&kf>>gGkgCgs|s-K>6Cw1Lz3QgJ|FZish~Ze>8&HNR?1`g+~Dnw?9i& zP=CPQOHo0hU#Z??q#_z?zyz%_0Aio-19TU9C29hmhNAVbv+bj9+qI)@Na-+A>VvTF z9!B6abcNrIet_QD&7-9B0gj5s_45ISI_QBL_Umm)Y}J;;S&is8hY>)*@mE_Ce~luM z)F={FH7D}4B|99}!(KWAC5TP|jJ5xnZbbK&Jf10NxlZb3OnUU#aMy8V)X^Zd<_yz^q&*6kqZzWZn7-}mu59Sd^ zd0nY0YBf;OVejiowUz7#N*|KP``>gD*M65s}O7T^|Gk3x7C;#Yt>(G7rm z(OrNC(Qg2cq9*{Is22d6Qn)WqfSz!VD1@lQ3)$KFK`hpU?}r?b2f!vM4xl?qA#k6- z5AIpoi2UF_VISCx&|;Exr_Z!FBAk&jq(8wK*InU(R6^N=&U#p`f4VL zgUE6fHx71+Ron!4I&Q~HCv-KTs|j6=CZOpOBcYEZ^pS)<66ibNZUpmLOz4XVeKF8) zN|pe(w>C?mRLI**>KuT3Bu~i!(#tWFM)PccCiGi`ev8z6Mko~37?nvl6s|9#Fn>pY zLY_OJ1d@Cpg*n6#N*vS|*~C#pDJPpGQa_#4NhftwgrX)j)r77C=qWK0dO7tCx+<=q zupUN|IwMJ)@uW^Qsk4~S7ZdtoY62Q;vyadZ5c&Z^KLGS{n;V4BEkeIV=(h-+qA`CC z-2%qKfoNIC!X<@p1@IDJTFT~{vgTUCJ^y({b&Nq39N!hy_uwnmrxKN z*O&8g9XZKIlYBJE_k+BrM8$86#!1RazMRmjNWO~X_Y$~|k2Q0hPGA**dkMTwAQF)t3G7GUZ4vIb zpBVEgx4>_Zw`8w)HSj?a4Ev!`=rnqW-h!u^No@xY(Twgw&!yMX*J)dh7blt%&*{b) z%sIvpzz!xxG@N~K;KYLuUS9xb`XV^tkbtL`!fL{&ZGEZt5Sa|JgPU8_S0V&>LxkZU zcD4Xp@uUF%=HUFFA`I*2xel1(M`8Gii(yN94CREP7UO(855o*wXMiDu+b~k|YXbL? zI=GYu={O**Gu+qG$P+Lc!TlLP1;|UozGn;22Sz}{os$&C<_C~Q4D5n5#3@cd2>?ig zKX(Bb3~>y^XRtd`a7WPu@?oecIKkfD8v0xZc^BB>TLULw;2n!PAuU8NJ0T7* zQMahS;L((r4x*RPFX(Izw;ac1?1fVfcLj;NEhI?Za<+0X2B90&gcCBj-g1&4s%BfV z6ihpdNtSvn&$k?Baubf**3}yeaV>tHAOM*Kpy>u6FFaj<%MQE_=IUTcWh6zQdrU{5 zeKz&6q<)q(+>%CG(l|@n9?}7bp-NCOm5AO`vG7YorSt(bhCTzd0jP-c7y2H4zjK5j zi3omT_>rq^lsP+FiIP&a2BXesQsoqAJHdN>1^s~5(Wo!7A~6Posw7pf#|7!dsv<~8 zQISaWW!)=-P%#&Pey)$14KX-(Okv__*UPn)Dc#*Z*u7MHJ84}cQ2C5_jr z4cbC&kqHkDgsYF?`j`xQP1F_XjQLs($~JsLNHWH2b9F^fgsZ3Ls|>i7&KR#V7VC|W zj~T4enKFxvs$6XsP-kIrf!1WHon)-TGx81k!AZGssv@5I~|1I=1c56ET2 zbCIYw6skZ_E46LyK%)j^XUD441K?RiqE1_&0mZZ9`@F!?=JSG#l45OVRiXCtk{F{= zTbNT&^5xQWwZ8ZZjWD~}WQcbh$b; zQP}6jV7?k1*5&6#Y=2l5UTx8M}YVp83K>tt^`ombFL0@R0Bn*NTkp*^Z!IO;L^w=h$GVT@| z0?FWJ1Tk4NxVXN(AXPo%L6~KiA}vZH3pd>aqwb_q=fm`i?jw9W4$80v~>op zF}|coRj5tRYAJBxEQ)HT1=;| zR%fl*WKb2PX^ncbL9I2WsEYE;AMuIT=9u&Huo2a3Wroe_BZ^fQ89Gz_il5DR9S?Tx zB*I(j+QE9mfVu*hzc^Um`ocOAD}&b1K?hnbs-s(bO$60;!;Vn@g~FtwT(X5ip{n2? z*0L@fvZZ|9L%i0gHt5LyP*(_EO=|$A#%?;J4%7i|u+{`Va-((RG;MA=_yki)8aP5@ z9X+u?l~)gC&Bfvm3RFW#u3ovtR#XKAB{6E4HgGwtHP@?SRSv8HjahA~>&sezJ*YvK zmtU`_vt?pI8~Ek;x;B;$J?b_96T0~KSx)fGu12oG;kqH zwT^3S39O@3mBFYbi<}J;P_|KwZN zho)v@KG_6Pv_*NQe3W4*!E(alwGaweI`RA|di4O5Js3w!Y!+VgA3$2;P1f3DT!9WG zBf*uQ)iSjmJ?VBL`(z@}KQOt{x!c(kc{BXQV>b%E9}Dq)CPOV%8UG31%? z#CI{9y5y$8CZ+wn3>$A9HK_<9OP!`mG2U-MhPo1PI`t4X6s;W!s|*+uN+T}C5@%xF zL!g595|nAm4a1{OBS9g;hNm@vH-HEj+XJ|Re7z>ttSi7|JQX;01MOK!V8kC2+D4hO zvvcYiuo3x}d^yXIxOK?Z3*>8sV&izWh!xO6A?9lULxDXDVev_8n1(?l(nm2cQ-f3{ zczMfDjbW-er$DEM6$l$NG=bd;;#LS&46v6#aVLF|4yTq-K3=EFE7C($rZyt*+iYVJ zmDa;q%^30BfYy+!f_=-{+`3w=ZW8Qikgk5Y)juKD6~J=F;@9I1+Xu|FNmrlNnZ(gJ zC@_*~W#^E^|KSeG78jD~X7iRI)?eSL23;W->>%8mWy>TxI0Okn+1V!e1j{YIzT09UmxZmq#e&DOJ#vUQNG!5UG*kYWfftr(az zzO$@1N%aiKh-&wGHWH{;jRc}bZ2u79lbK^jgjh#TC`rbc956C z0cv3_3pr4YKrsPD4`~5F%)<}za@38qGeavm8Vq?{vlI@f${;NSdvt0KsmNbN#Y483TfJ(d>JlHf5d9)gkZG6CNlQloC5NTdNOEc2Stqoqfykq(G;Wq~a(%TVNPEkUR98o;T zNTnFH2t4j>RZ@tkC?lq=55%zP(V`FM)Q$4L1cz&t2NBnIMll#@(Oxe|&Sl0b8e zJ0cmw6;Lu2&|LxJ@MS8@pQib)0-)gp*b14 z5O<}5!)}>bTK-OmXj)bQd0PQTR=!JGzK^J01jXgM9HiwNd2$%eK4@$QZ)|}?b|50m zja0zFsT*j;6(AJQZip*}EKws#Z~-)jGJza7l`#zjTs+IJgaxq#AOk}nVX4e;lx=5c zCz8`Jb+|rXK+A$;W-;Q(l8BV>!Wr!wdGc=7&(7}z8h-o0O7R#>2rHupv;D|e6MPWG#fu&f^m6c(sqyw$(un58v zrH&s?`d;l?UWGj1aJ?MC!(Mp(mIeTLT6&BUpSa`K_e4X_dF^<(=tlMIR_#wv{PZr` zQxEe54Tfr-uE|AtVf%+=Z`$jjdp|4d$>R2N4>+9f{#ELt zNoBt%w+Y?_^liB9{$mgW1f(#)4-D{IDhQq$1HjJ!zz_jMV^EF(2n+y*!Nu}(;dKxI zP>~B;G~&XW=pVQ!8lD>Pc{CrM3dzi{#8Y^fI}%$SLtqZD7GaHMMz=Q!R3Z+AcJmP9g4KoEnkpfHkzvlzpK zFad;MDGv?^4h&KTDsfFh$2s_El))N}Iwv4JBrGf-JUB2gOqCmy6B-g062b)LYD1Jk zsvJ#laIlsM*XHJ^!g6!M!n7Ds=7#1d)oPVis|nDC<%R_W=BmQA+T6fgjRyKwhUTgn zWq?){5~>LZ3JnhpR;rksFf|hvstQtu1qTNybHaj^IhwE>Wk_zACLGWpMhg_BI)}+o zg+SlXEId>j92yi59uN|&4GY%hh6HGWLxMFq!Hg;-T%}b)9ZhhMCKUL9j6s^5Kuwq` zTp6qcRypb%4WrfM=HzJADpdfZf?CifG$=ScP@@7&smy_ITq=fu(hdJo>3(ozllwoK z|39hu_7rO5*Et~r?gPj}0UyheOyr;dKL!?zU4z;KQhX*-pdycBq_~OP+C~ml8^ao} zy`hxH=?%qt_S6I3_@|H{OL-UIDLFY1G|CNd%VZd&)j(7j zN1-UVAu*|RMMgO}rGUF{c@91UGs@wPOs*yeUq-npUuA;7I08)61$whajyd3)c;Eqh zkVFYz)&vCk1qU(#tRR@cc!%ZYszNoPxd9M{PD?f>p~&f=Y|V^Q-ngcX>Z=}h_N z96zqAGp&@%XPg~>*-}Imu3bp;bgW8SAuihC}}y{Nuf~#@MG-^+7_l&Ke!Xz z*y`XZBoIVNMfq@EhaWLQwUh?`RyEwgzv5;Q08t=-fd=}4xStP=`lucBaiZ|EJ}k<|8V6|vkdO>{`v9Ru z=Y8MPJ>|Pa?gf#uqbmk9-Mjq7+C%Mjce`JZ5G1c^6aVOGhj#Cb9XmL!-IhDqF??C; zd-0jdyqa@Y5~p@w_dsuWHfl!m^d4DUY5DYS<4i;LA78z#!}6@xr`C-@ZCaeVR{3D2 z{Ce2+cT4yGV)yv%<${`Y{izNS%I~%}G{m!*@)_til?tX{MO{cuLCY& zFDyF#1_-~Z@0&#m0wvJ3gwdk6|!*B5H~6>D-(dWV>R;1Fc#Z0a>jXE30Kw~pj3Na0C; z`|;T1%~}xJdX2z&xfT03wf>PEmYNM)WPCwEC)m?ap;4_jXtm_z-O}cRC$RZ+=pXa@ zk74-z68LTqq4JNrAo~X#lzdLd_3)H-FGr|=T@siCdDwm6z$G1J157|^kV}Gh+dBiE z1TYcu_}az&<2}1=Q0V&x&@;P*knhlOIcACNr~VZW2nAeKaJrBP=NS0-B?(Rka^VyM zUmm1Y29)BH1|yW?69^rY;u8dXZQ!1O-HHO4*pm=^MD#hQ6{HRW<7WQ_!HEgz0KQvk z2W{hkUt#UBj}hpYf{%by&=>9(pQxCLd>TT@BNTijrG|HJa5e)R7YoII#m9 zpXp$kaS1-^DzMbi13!G=#U6tVf;RXZ#R$h+_)3BIbF6X|L%Sk4Md=JFKAOT;CsH4u z0~z6$OZa1%4RGjWJy)`7sWYrh{3Qgd-FVUqKF!fV-TJyrhd%I`4n6?GZ?V>mqwdTI z_Z01BN%kVD zsT&zj7fVfSCwM$oJ!6cWt^ew{qTszd3JxCe>}tSD)G(4dEkP&&ho$(CQ44bUK}iA} zHp;>Nda4yECMS#uh|0$`>gz=A6b?$;=g)JU{e2=xkJX7I7?$JSCO2ez62x&F5_ z(2xE0e0u2r7MK5N{Qsy1$lo}m;Vs?DR!jIIuQ46Qyt1VPbX8@m89nDh_-LLp#Eq24_7J zZI`mR6E6nq88BdL5tfpGNW+y9M#Sf2a`}#QX1damkzz#XD9%zD;bpHplfFplz}R7; zz!7dqHHGj(fYOa|#T2pQm+xPd3Z^A4=QuX2f77bb%JDmc_zog9E=C@}D3y$xi)}!l zQmG74hBM&|(-Y7jK!YqOWBQNCXOW-t59DVmsTTDW1#`!#r0ij?DKT9MH%dPx9}ix; zZsD1VwIk!IrAr#Wzk2%Z+7yQ&-C8!D+U?f1{<$u(^LH|VC#z<9yv{5iee2Zioy7wc zZg-Y1fAc=|fx64!YRI0ANB!vr1yRiZE^abtmFqDo>AF5EovGk`00?-wuihr_NKml)O~pM zzOilJs*2ks#{`ZqFS_`6S>TqT6+W}4#*Hnn_$K4V@`%6o-*f0Eshngm`Neo7kBm;cJ)>5 z`=?hklq1t=FjQ)BC1nJS=$U3P*G)aS4H@TJYlbsKz7TAk#}jZkOjBIJj_b^A(B5@m z&{J+(&E%&YH^2D-7R8vp`ZwjE(=I3ln351$U&V4_q1o>W^12r;>(KgN@GDp0&^WEhT;5t(i^d zI_m_wlPyQCnDB6E#lbuCe|Om5&Gv%*A8P)A<8OH_$H(2>J(`(iiqDffobq}R=5X=) zjtZ*fSiy`|JJ%`Zq;iL!dh|Lx(W@$JuxycGc-T)K4F;X6;T)gf^Jt?-)5KdB&*wN- z+)UoQlI%}=RCSp+MqP^QHzl2#RGPnthqk2rbg6ZLc%%C^fxQ}jydwY zIqI=enyT&~8aap--bi46m|_?|e6dG*XX%58fU#44UUZ`6`G=h1{%>Y1Yt`wMOU>`y z=Fc7P*JMiRA@`Rt<>4n*oPL}eiY~wYA;FOuDs1}lFTt^Z2MgCP?_2rw=h71;cORbi zy?yJeeyJ6Hkvvb2QR$_Nyh8`hpR{b~iGk~)wN*QoY-)4)uT>onF7;iR7=Adn?V!Yd zbLX6Po*!EDI(%VJ++Oo}_x!I*Bg3!0{&RDaI}4h9<=T^%H*eN4XPNKhsOQ4j*WFf^ zJbs)oUJ%gThZ?o?<(hokOR==8ba33;M~dHCPdpJ4(RJnM@RwdH?d=7>#x?%^UU}rY z@}+(Q4~spf=S*lffokvmDmrsu^E1BU*3Yj6R?)wG=q1|0`7J{-(DjTwNnfsLJnqow ziPw`~UG6)#!V{GSoG4nCef661<(i*=E>kl>?>9y(B(^s9c!i>P*A*kXY#VnaIkT!& z%MRm`D5g>{6!!iccHbAP?546GPH;Xk7N%m{e`G&}BYV6gIgYLC_Iv!Qg** zYjAM&TYIr+Ri#6xpzTk;@7{c2Y!j~m4|=Aq`hg$Tn47eH!~q+(tDyr9%PvZugzcZh z-*7bi9MwP>`}26)63y7*)BAZ8tY45c|3QA=v)AUOZxZ_)Sbu4y_qw5?^%rLL__1GO z-h(ouLXsF@3EMjX?-;0kQ$4wh~ zsdQ86m?oE^Hcsqwe|(owjh|Ng_qaW^jqkd^?uWKUy$|?#GbeK6ruAQk4L|#BxzCHv z-KI4U_B;??q#2REeZKwLM((4IKi|$7GwD_KlhbK?CQcu_b8mB#XLduy_a|B@!aQe( zcMLf-Y~$DKT-}$i%zdP4*8heg>D%maH$D6O+&nod?cjG=?L0V7&J6A4f6o0@aUc7x ziGw%4MmKh@p)0em>~-3_tI02!$@jvm?H{-&?QHl%{IG=E`wkd}UN_wHxV9&8&Y?f{ zyJlS(Iq6ZSBxd>Q$=4qBTDbo2s~d7}?weIn`uP0g7KdUO3EuAQxtPru20j|L?EO5311{hrH)rsTpp{eOwl&~&zVUGR z5#<^8@j*;a+@cv5JQ35Ss#8_+m?VoA0&n%XnlRimEY@0Qm(2ub z2Lupj*VpRYz}clSsZ3`p4$dz2pE)~!wbj%86aFTqVj&h@&aIfmR7__orqwFRkHb`q zWZGG~qbcXWf7Ts#-Wt8y=wA#c&+svly4dKKZz^P>YZ=f?kXwMfX}uGTY;u}|&tcSX z_nb{mXV^Dztgk5f$(w$%p%U+#_jJtC+1E2l8vFfx(UjL>o@A!YHHbp#MI1-HeU}r+c??v zS=-nNX{R^58*nR1;MaQI-N+_OfBCNI;OXHvA83xnM-Cb4{>-s#*;LcWNzaeBq!YdN zf90@a$x5EhyvO-(^ZjO2dA0Kz&^<}rOr$I7IeX^qkHa>6ly2d9$uA9B7$N2mr{qn7*1JOMGGRjL4RoTw5Q?6w1=1wneOc~*- zcPdL*KIl%gmv-@iK502)4m4GV%o=m;^0U`ZovY`zx^Z&ptkb{uQODfsC73@pia(ft zhQHC=tif)T>bobu9&WloO8EH{E8j?$(!a)&!pxVfvlPn9U`ApWewof!YR zhFoO}u6#+t+_h_eZR>i*TtI&{VgKswD(_@oM5MQjYR}KV<~y5-t=HT}8N>usH7J*T zeo$E5xV+&%TGREH9o&s^D=E}6x976Ot@qkE4M^_RW7ol$-@3)ltZ1Km@53t3>~zOT z#f@jI<38-rG-vlXPwB|Jlam&1d12yq6Rkcp>y+P?8=Yr0?C#vwH>k+@)V@3WI*(0W zdveZ}_=;_L=SIy~-s=A9RL}KO#;sbk?{Ck+ZVP68lRa{&$EC;jst4S>@Mgu9Ox^3_ zp7DX({XVolJY3zQ@xnW^=ZFP;v!>XDT|6=K$9eOo=Fhm1RW;V} z(w%kf1t-61cXP41B7bB1j;8aoBSv?MYTdEn#73>o9oZYvynExQlBu_rc3Ze-nzK>Y z`QU&iR}Tiqo3?M8ocC3vll#&?9?oAm$<-z{de2mw!I5*TD_y*qN|#o(%H?nU-L2p>qeaDjwqiu3t_L?zXoFR@yI1Dr`zQtd&vap2P0fi+uLkLn@jP+vHa(4UQu z8L~-Y?T_Znu!oRS0_@?CXSA;ZQTlvh@bgrQ+0Kd(l#DAbMASg)b z7aG!&;g-|X^QwxAODfJW6=(k=QK>KE4c>$+arCH*N|WG!_kbTv)_!4Nl&9dg!nGP@ zOU8q(-ZUd$1#iyFGt$%L3F)090%PNYe1l@c7~hcaxIm>R$Sv@vBPe)|a;Lss1D|$& zwo5l?(T7))j=oRv%^ff&W>VNU_IvjS{h4j#J?|2HeE!;-4U=26pByJl)vX)b@l@8r zmv5pcG~R4(xBK3Uw|nONdV#r`@YAv>P0x;+zOu&CUi#p`>p?rdZ_;|%)}FsLI?(r7 zC%QQ5+rKa5FVZa;oISML;k)^gVyF4u?cNQ4y>_Zf{yL&>?-`N+v&P+H#$R~_GyY1eykD5qZB>`6mpiuQe7Je9)2itu zu4Cu@8Soe&=>uZ)QE}g$CVbljYc#_KQ`o>4U+p63BdDwiuz2cX7zZ|{Y_Q=z? zsr&jTxw@bKu*|sVN3ZT5-kqy#^5>J6bNkH5$$B`CGxVTejN75Ct(7aY@06{$@Au8g zBOi<|S^8(5`v!;4^mtV{{_!lG=r>gLaC+ghzK_bb{L=DN&btS2Ge7eCFx~8f4oJgW z(R$n3ep4zZMA2&ZEzU(fu0{n7m{qEnw{T0}%Fbh5jW1fik4PvJuJwI=^^YvsoBjKT zj*42H^juE=k#%=|L0tYe_tld>oc?YyuZ8lC`~0h|0`eLkb80m=a7@@1RTI}enHxM( z{f^5g#y-6|`&A!noSy`nVnV&B{@RCyV|R2iDq9RoxFZts!iU(5UG-6LzHqryAJjLe z&&cO@&T5x8Ne^!Hz`$hV__i6hJJXHHs7k9!9n<+Axx7!#pxDn&JOh}ztp*TSx&R?k zXB5iTBtkE+Mz|26_hb6PnX}~_4kGl_f7zEcNdNbG`}AbW84nKrfaC|R4I{Sp%Mp^} z^R-S0ShVr0+3`<6H?%=c-set7uRz~)n5xCzQ-Ur+yQ@Y1y| z8CzS--K4cMj44me=|xBMzRx_%@3ScNCc`BAYEn|BozJ|}@H{W9cQd=Ni801&r=JbG za_*$Gd-BS1zqamo-(P7uBZL~Cc2Icq`JgDz)1#xh9D8`8Vnt-QSJPN!@sbOPUv0a5 zd3)xSferR%O}_W|e$sH!5ceLtZKk&gSb6mL!_3w57T;Jp;%z}$QDO4~?%H0ap}m;l zYrQ;vkynpfS-9knJv(zJIEfmC+&naHVHeb5=PPmWg+&|Zto{C{pPFv4`J<-C&P8Ws zOK&E0IG~!ppqV^i!#?D@skwQGK<2i^YmDKi)T~qHfikayzYi%Y{?+F4xtxgJ!beGN z>9dQ>$MbqO-*$W6!~=gfdHmCh_!Y}E_CNN`TsgbR?UvCd-Za^h>tk%MZB{>j$2UEA zdUWf9h^5a)XD=PQYh1~uM{idhUd+4L`t|DEEwkfVEouC_jjCNmv)+GtCS5MoP_EmO z-W2_?@PuHkA@TW(IVpo@dFk2|E{I~(3&q@By?faOy_oEh5`1BO#Pu4Ff-^qr+lOcl zNN!)%iqvn?nXhd4;r+=5G1H7hL5)aFspkTqSZkbZ@`{ zdS22T@`T9g6RY{Z=O~Nyn{a9sh|i$|0Jt}N(mKKf&D)=O$cLC5PicWsMu=@ui4v@hzULJQ}Rnb!*F5 zj|10_O&R`O#*|;*@-k-^=C_%fxa;wfbwgW+t~vhO$b@@|ML!0d+dGEo-Nol-&Zd*w zZcZ9^d*&LdsRyo>uGLHBj3qS8OvhkCYnzk%nrIL8-M=YQhC|%zb`FF zxc0rl|4LbQ`SvTThKD=~NqOmAv_jVP{vIA@@fqW?PNAmhu0fUdPaK|ZZQt+jbyy)SqMM4;i&dkerr;6{3l2$}8vdB{Chg#8mv8pAb-L0x^oY=@VY?x#6TW}pHn#8O zDGQtpy2I;Aw{DHXME4G%KiSTEj%foDlo@GPnJLC=5jhz&nW zVtknp-+(~kyn9-mCOB{Wc(|h#2j?C2&z$!cj@LfsZTe*UBu@9+%(B0|*52@GmPaW) zdfixHNd9}J{$cM1-$!+BuNktD|IMsOW#D(=7xoVfX?IyuFzmEByl{uT^7j5Ie-)gm zp5Cylp{N}H$?1nfSc)Q2n*InN(`n~j8fBo*($BQnu>tLoX zHLNMDw0TkJo^g9fy4fRZ+tr27CPyBAmVZtAa!I#UuV#F&$ZU1mV^?(5o<`rxWYRv7 zt*%GU3|sT+P3!RocDiiH7#+L$Z<_@Z8jZjAMAE-ve?_C%Mrr1+LiRU3pfdXT3@9yX z=OY@@;K8&_D|=l_T5Ph}`Dj}C*~q&cqjKAH*)isAK;ug@pHF!?je7ahVbi;pDF(g6 zYBO^vXv5Hpsqe+zuST~$l2Q1r+SI{kW9Rn1`xdr|7Q2`*KKZZb=tG#r>LdMuA_GDq4!lT zDs^e~9$uvkEZcefLFt~b;`lRD|2(=n;;RT@&WKCJ>hw;Ney=QC%5&H^kl){7 zOViB2?whNNbDvgM(ihO9MggDaZO5S-bDYqtNsAia<*nNn zb|84<;Gg1`{4{NXxC%~~E6SG)|8Mr!^`7tY;Ila%deH8UmTA$@-g=4>pv2$A^sFTW zSqRKvCbI6xhD#~^VQ&#z7~n?|VgT?F;cOZnBM3-d+J&tU6LJSv2&vbc#&2=d9{u4n zAi4_wzlVSYM^G(?uhQ5&HKwZm-U1?XDk_jy`^NF7M%c7Y9_;vGr(cM7^0U8Qw)42# zcdWqe#?}YD*46Ccy^MZo+!Z6~Flq16Zz{^rvUO+7K1sf7RGg>ZE=!FM3NP__GkEyuLRP5r)omT$* z;r)s~8+Pw|Y0Q1;;CWA`JfO!u|HY@d-bwJH^RCBC#q9qJmco}62S?6k$;foYLvh4| zv(f!?F3+0QWbvV|PBnP&Vc8!Ghvl}q+_1hu!m%2+l1790YX`cGd*iu!$@F#2+wXO9 ze-@v6(fy~?D^o|ca-G~^Rc3@bbfur*RTk6e(a5|N)$%Nz{_HqS*#%Q?^MXG6qPJ{v z?Q?nJ`h;G>pM(0zyFIFCe0KDi9akgo?rtL8K4I$fuMR8EdZvH-JdOY3hjZa)A3oaI z#DDBw|IH2?T>n&s+I5)kc~{qNov?IzkKfY&_Isy&*zt1U-qT@0Qx;xNSQFec;-O9J z)Zmb8O+GgFO5e7oRwG zbKv?@&w_6r{MNm9`U&qh@}3Siy;e0I{PVy;-<;?wUnH9~Wqjj{qZ^rDxSiYPIb~PQ z=*Oy+U;QZfE9uJL4Q9%m-b^mNdPgjGTXe*s@YiO|)f=m7o`0R)Wmbbe^zUy@%sDo- zjrnHd`J*`0|dBu`$_IuByc?oc=t$Y{)&y%Y&(d zWy`wXlO7$c|82+1@cn5MCXTuLVvomym7b%jB_SIcpQu(azvP_P{c!)V>vy}jjV_%0 z-SD7C*I$PCOu6vFB_z4@z4yLWVUKq4-pw`bY(+2jKbhYosPcJ;eTV2?wz8JmmtA*< NGMxjS_4b?mzX10v=5^?o?#!#Ts1U)KK5T6=FoX05f^7+}sHWzI}R1!x?1 z&pNjg^v)_(W4H)0WR1$I@bW>xApp5B5TMIQGyYy^2*{U5Y+VRoL*B0NK!6riZw*w= zwg=_GJ=uu}b+b!BThJsMgm{H5-T?s1-&lAD1k9lUKnMv+$i{-w_bi~m6cq*#04xE3 zn}G-50eK*WAOKKOmWR+x3e6yZjz9qb`lJR3up$bxUG{A1#J!%h6Q>}QLW4dhNOBS8 zlT`&`0TDVi=p-Rb0^F%3!Jr~JK(-wy0s>?o13Z8X4*=3^7VsIcA&;Tk9-s)Kdw}J@ zJGmr~=92_I05s*3z{h}%{9|wjqD<5EX}Ug5*BKyM6az$yVt{B-4A3ADAkP3j0HP4m zV(B*d?|_BwBux*KriV%YRcK+-^e}09*nhP>AlmYZ47BYUFf0IB@{bv4iUEqYqyg#y za82F-Mc?Qj1$`aSlhCxyC824XGby4Eis*wUXxc;`Of;uyrpLfj`FW-YfJ;u1nLZu! zZcv72o|)#8z;X|Wl+|UUeOd`LHt>gn-$AzkSwMuQO^S>HWP~&u5FG`25z=*0+I+e@ zX|}EyjZ>J3_@y9IH(9xsnl>#Pl8J>S!WuF zcGahQ(b-NXV1Ovp?}#s%OV0HG{WhKXbb217{X!jde)vNYP0=-@c}~&^nA2qbdOeqYLZ+Wx&kxf67ealm8ou$C%}1%QN75J)IeSJhDc zN5kmqNBIRt>PKs1JOV?aJR`j#B2~21v3LUB)7t~4Ux-h*Td;?(HYVIF(912tOAV)r zRWY-&G@y>ngIEPT&Rv~|CE|(R?w(j2!5a^&!+5L*o&e*u+_7F*b$4|yJdvQ)K==fH zff^*2zy&mU4?f(pktu~`@^ZtD-KK;##{G-%fg=6H=V9w*;}~H6S+#9ucj;o6Qfs>S zViifWiNWb*=>B>R$3-76{hHS1+cjxVZU>*cSE=D_%QxHd)?q-Ntv}G<>=-3}Fs)vj z(!VcKUgIuqL4WQVAmli!Y_X7ZxU1+$B>Q>YM5`ZyETvn_t$my<6l=~Nudbu-dvm!m+fm(W9V+=+wjk2L$fhik^-Pf1H29n zFi|4H6(y3^j8b^aTy6Kej<>5Yr&`8)N`k@BkLT12CXfrwE0B z41r)V^*RVC{zs?wf{+;20|*2{fGEHdhy=WV2!twt7NAZKCLj}d0^WcJGR?m~R9*;D zVo?Fi04t;n7*KT}$m0+mzya<^6cLFdB2h#n${mTtB02%FX&X^TUbIblASBRjEyM?l ztcpeM(W1TRkp!edeT5)R5J$!S0()4v{**3X^#*Pf^aadt`Ky(mf$KjA6 z_U{mmq=vCWHq;g-NSECA;bq3XwN2FM-47D0(&e`~nOD`bZ@(>zYzjg0c;JBKt&p zNbMZyfKX52QfhU*yx^T>7lLki_O17)TUCAyuq{r9wcfgChC!d_&?~DluyD_iiq%-2 zSkWh(3^7-0J=0)R8WFf4vU5yqXtODMp-pr^{k2+0OHo5YiriMHDa|rhqY2Ru)Lvn{dH_Tkq`KfU1UibLg{poUveZ zKWu?!uo2@%nZhQ;Mz8@^5tc^;)DB*ZnV&~^NJNNtB<4`4SGZfGUr2BS#v;lqJTe4h z>E{uG6@d9@u8h3wI6MqvaZ2hMngpUIHJ=6gMHVpCY*h9n>AJld)umRsHzz8CKCUhf zS2s-Tu_=9u5d8#vao>Q1fHQ@E!8wV`{3TRDoT2=Y&GA9z_pZHzph2_8k!R*;{}7a0b}M z)^t~K%1Pi-zcVkX1;Z=;?)101qQ_GH51Q_6cRnpT8*O;M1v|B-1*&B(b;zk!9vfhE zJow6PV|x0=?-IEk!?#)=xc3CFuAT2ceoRbGhnzR&?!T1&G|InLFV&&;wq6W}M3(i63g zUasAIG5BlE+G!+jDWlBPe0%l5LH%hVlXIG3($n`xE1Da&5`@Q2U-ZW}if{}Ga6sRf z&L@-OpC83lusQ;J&FpH$>#|B$t4Gotd25sVx=S zXpaYU4#hm~TJVt1i~I$>pXhyWbRRuIl;rNNVf6fR%;KjYuVeDL*1!wS;bxh~aWj)z z9E{6l+!~_q`9PjS^IczGs!DYYN4M-To#DcvZolU7Ysg`P5}4S8DKJGi9s)r)@e(zJ z9ZKN)A0O~$KFAsKM&hWI%bAm;wXj5|>CMff%Cd!Uh;YoWqOT8eW&ze0s6>9qmV9m_ zB4yd%!ty#PBf~NCVbL|gU=%BB^pA{W)kw(5RwJ^JltX#`b2o?F=E-aNV-~Nw{l1mH zsO|1#|H+wK22ML%U5nY1z4u`eW;W+)Tr5#*;%r&ThHLfE=nQ-PjwPa`QDtserSUh# z;2Q-^!HVXiPEcuinMJHoWa_I?g)VZ;%VO!>-#eypY9=lBLj$^{nyt&FqMm;2I1Lz9 z9w)B(-7QiPB!@0+eoszySbEu5-M6tIa*(m|V?FBWgq*BNajHf{?#UL)QKo#ddH3wD z&j$qj2CEcqm`NHui0etbIh|iXSkO#dYg@_Rk^(zzvs)EOrgOdouQ0Vo$$ZY(&9(xH zAR9~(WJa?pp+OW#(PUr%u@r#~m?E(Hza?UUkBBryZ4-b5MQqSJ{-$UaE)bPZ0S!?U zP#4J$d#K9-kQC{`%8yFx%Gtu@UhTO~g0Xng4b|OW1I?Ve#+Rdmv_{Yn+C9KXai6~s zFAhdhF9Ftq@i=t?(#EK3IKZd`2wcrid{vy-4=28$=VHtMi)@E3MWp)z zz!EA+2+EQ`_KBxe3<4I1qg4z%Ou!-)gFgI!xy?LbNRj%L9g-j~No#e9Sunl}mA&=x zXtr^(@Ox2Cl_ma?{HhMSY=*0G3k~god#ZCP#^XdKej7cpiR;OFw!&;kEi?^*VS|8o z13bSe_p6x;lSKKr*X(C7SL)2yG)7gFOwU;DH}~W+NYtCDc+S&4am)LvXXoX_!J+~g z@#C+R(up~Z0X#LPdXJvxQZEX>c%dPj4<1 ztrPb~Pi#vb3qPsYMCM<9XTfN9--Ph+s(0Y`!vUL=?$k3!ug48;hvtJ9I9$~B_lKQ5 zd&?=m_@Ud(vQLsvtho}NIW%S8LSoR(ky1_cC*jJj%!_keR{i9;y;OOln$nr!<{1wx zD6TBEzf!Stvi?KX55dX3%Hg04@JvtuU{Ur9s zW+$4|^q^GmupT;5?|AW{*V2|VV+1u}x0z6-?qe~1Ti-lWC!bP7pIUCo^7Ag-?Y{ap*Iwtp0Q`N`fV5x1~`+us{M|UJ1W5aMay7Y4ziP zSBa< zi03DEWmuc<n*>3xLcw!pm8y=72NO?mR29E`EZYXz?`()D064o5Fuj;s)+3{4Q)-Gm z`@8&YH2GRmwmzF}fJ5Q)cYRqm@#F~N%lfWNV)zfuDT(3zgQ33#anl)uW}eZpGQZOc z9ZXTXWml4ph?pFUGPM!(PPFS(tZZXi-GAsX6BtfidzB#lV@sk9Ut7C~5*M{MgWW%fwFXM2|4j1`$W!~6}V;9LcrVnwU zG^p$*Ta&jN+KmS5U08I_8b_R{Hac})iaEeHU2=S4d-P5^Q%R&nZy{r3+2egG$M#j5 z%KQ|qw<{N@}n@k_R7bp z+;o9Hrc~|JC~cQ1&ANS8JUKm*Y=#pSnsz(JorBM@wwaoV-q|8ro@bRGLu^rUEPUhP zpRE!**)Z{SD@^j$uGvPPMEkpj6Xxwf(4b=BuRMh|YODPMp zjHKr4zqMs+Jg(D?)4N@i0~khr$Pxyz3EbG~$5-A=c9Ikb4{h}oC%=JUnVSs67%<-U7HB>^=u{{KZ zmg(BlGLI*pWW?85XN>)1w7C-GyZf4P%Tn>37)8yBXA4P2v&O+saj)A`V5dXM@7-&9 z8{eNNr+&Cx0UmhJ8dfUk=;Qis<3g6Wn9dgFWyDFnYsOK%9WLtQJZVE)H!&yUe+}mv zP1J|0jh=K#Xc{ex*I3jbtt$oJ<~cmq#>i0AA92e}GxFk2bqeP)*S7`}p{0_!t8x2C zqj!%!T6z68LdU@TA)ZJ|hnn?$Rk=PTA2xp9-$M2ma&QA9p86CXeWP#;dXE#`qTHx{P5kuHk&Ik{aKElQ zu?-D-$^P$EEC0!$<46V_hI!B|fBPPO5XDHp2TT7)gJ`*RSBd4eXUDZxO4c4@g5pcA z-)gAO|0VVQkD1kpmRT_<8`ugyjAr}01QRLgB+|UpRT}ci ziLZXIxryhAYIHVL2aB&GzIha;v2VmPFs?6(81#S>`{7Z>W?+B8MIour^WHw%R%YW@ zn(D<*ywy<6DWx0%7^)as)8_mpn^-=_PWXqkDn1K-yKjFKI4txoh{CoOByIiSgjJM` zZ6kR+ZzWx)YsGiMYrXhL+4oEJ3O4e6GA+9KZNl|DJlxJY@{_ukwJN^QymsEw)+h#&!2}TL<0n zh}^GSZEm9SkPj8s=J`XWH6rL~I!ntv(AL!2b2#D+S=`YOOm`5@3SiGGRv7aUR*-4Z zI(RL3Q_?!X--z3!^lQVNp1HK6hi(k?k&e~bTC-I9frjyM1#W>6+pG^3^}Kcbww^uI zGbP8zXSY7v*!`h_zpeJg-kaFN$<1xhLrP(+pcsGJ`Oxjzx;_Pwv>h25BTb|q*MGCl zt8d5Wb?E6*fy#J>}YG zw3*$>!=WBlX6HXsf^IT$Jq$zpbJdF3;O*{-7KD0#E1*CFFa_F8KL`CP`2W!-%TuFd zAa1_)_%Gs$7Z@~?l*f1VdN_{UxNAtJUXy{Yc+W`Ye}SchIR9Qwh!LPofK+_MM*iUmu^`p|H_Sx0xj+ALkop!vy&?;llZ#z4 z?wpS_eV*5~WEhB>=_ok$ZsAL2f_1@4i*iLLzu{KT_0#hkzOtt$A|%!u3yKruU+F9k zbbg1w{ZgwHl&`WY0+My$1Z(<l*}cM=o#ml|@*6qB;J zUL>iV;hA{wZB-$+_N)oZd5zDC9iG;{&7H;e{r>j5LMwK_SUaD#XnoWF0=-oy8~^|S delta 5999 zcmb`Kc|26#|Hse0GiD6g_kCm;S?>%pLyN|qEo2YbeJEOxrDB*q$)}abMT)4Tl!|Df zsE|;7(1xs0Dp6Tds^6Xa>GSx0exJwp&+naw=e*DByx->@_nz~9pDF1R{L&?ul}WUT za^8@AKp9$}U13C!&VsZ1v<%47FmM6bMTG$(z&CzfBp4)VU^WK^OR%p4k}xnu-DV;E z9AAhAAvx(dDnj?U17AOO|@AVH7> zl8_{<69a&rz7|X(>(oPl6h{Prl){355KI!xnaCW3Ky~XM$$Q{0v^q;M$SF`kSj!OX z1QIw6a9Uy94Sdn^&CoJ#h*l#g10h;>fh5qB1Q6e*KH#fr$kr4{ie$fj8l@rnMW zkd9&cZW4cTyGi`X*_GjqGQ817;tv!`<~xm&?}8@U1UU|nwU-Iv!wIf{G$khl`95is zYOqO*vxNV&()g^C*$T}=!68~ek*^IY_JIV9d>bhBfqNKnU5P&)N11PPRQMcL;ol9Y z_5l%XpvqUMnC-4j{mWM4`=_blu~dv`Of0kvI)tLJkcApq`}b9&Sagsj?uD}vC$Pd4 zbRP5NlC^^z@NS$XIKv$I|Ij_0ul}MFU*S0OJ%@0DwS1e3(|RqxHw@?RI7@K75$6!j zAQ${DI7@I+T``5L&EbD(2jLvT3Ec3ZahBk0#5sgBXdONf&JvtdcfP{G8H95PC-A_> z!8zn;feiyTNmeJwRL$22TJn4FGK80SG{KRy&~=_TuNpomr-=B`!5d zQ}a*1gi`ACo1s8WH-;&TZf1zk0Z1!>Kw6=RARQK&7qOYsj=bF;lXj?MhrtbIyM2(b=WL~9$^x}VlbG9saZrs z2*ZpX7RnA|nlj9cL)jrA5zJ6#m`OyP`CDiTu0tlFHzcmql%~_%t{~p2u(O`V3eG~j zoujeYq7!RXMl%Xh507MYZ)PjGRo@|`_DeNAAK>(VUk$IO)gDWG>Rff1kgu9@O^-#Dv?opjkhl zNXP_T_yK7^;&m!NAp%5U08_vMbYOOM8N3A|tcQ-F#~^swe{{4Hf>oA!4c#2 zhjIt5iG0;ud4F5=u17rq5+yv5JqV9PKzM|AB?K6PVJTy5Z>&4UDR%WL*q+IMst{UB zf^${rW(X5uFzCi?6V`e;5eD*)CK8VZ%EO*$0~zLUFPHz(Jy-r=W->mr=tR?=*4)87 zN!9PHeR^|AP7@P7%uC1iaJM*4DgR8&^sMX(*>176^s`^R7u)O3*8NtSn~ZfVSfmcg z8>wyc;)OZkIP?mA@|l*>l1Y~9P*b!1 zd8u%5SeN^vxydDVCdGG5(ykXxi5GX>FM2S&(s{uoEL3Ug_3`|3x+m4gJrCxjw0S?e z|K}%V*K_TX;iQY-;WWeP7x%}b=z_Lpj58@#_C>0f=!1^0s z{sedZWT(Q5Xc2F|6Z4grn{4(X9wdUNiUiRaaXe*@*wGCTJxm}9OKCbsg~o1)+Y%8^ zwZ{@j@a8b8%hvGN;P|L5o8zcXQ87{R;bC-HM4Im|ASJ>uMi4qf&xC10H)f$l6nK%F zJ8eC__g1DHPv7gX&XmEIY+fmgQ$;F?soPOPWih{b&mMOR@~gJZ6izmsZH@2jy`_0X zd%v9AgjG)Ys{LUf*X@lN>;9}WSVVe%w5NqouJSv4JmrCmQT{In& zpLhL{I}|B;h^TYIgYz|L?277Qqen(GF|)p^IBV1+<+5l}O^R)uU5_)#c!U&Z!u#w}%B?m{Xio4bCgqKYFTWDL{2Q-woS>-Na=d(P zfymXy=}39kyi*r93pd-v^@(EXSnW3PYQ7#E=)1iJ+Xvc@|$*Y-4upSMponmBTV zXf9IAt;=5mr;$lAz6ejo6IGRl_lx~|XJ3 z((`9{9kMKscatbn2KMF}YkiJN1{aP@YS*lmnL8%FYowIiC|%4gIx^MlCm}_GB2^BL z)Wy4Njc9beB0k$6zI^|})wAsUhE$c-6=mc8g%TIq&QsR(IA{;lS?jquIcW825X)6= zfB5Emb+f2^j6-O!&xM_Fgjm}0EZ0Q)+XY6xuS0FTO?7vDSkwP5h}&cSAV2vJ3R%i` zHfMFlfg(z9ig2E7gilO*U#g~efRdT6wedNVRk5#I9p%%((Fb4G7(4DT-W}$&b}TEw zmAfYRH~GD_@5u8qr{7NQ%ySoQUS*&2biQbNP8{G`jZKs(wL7o&@2daYo_Z;Vmi}R( zuYMK9d$!>Oy~Iye_1Snx{q>VP$x(zSIY<)HBSA!n$0iUUI#2QurnUdS3@llXN!MVA zKo>(qNR*(AHBdN#2txu`vW8qp!oQL=MI0iQ@E~&{4_c0Ou+aCi@KOh^n(j5{6|0-0 zEL;5oY`PCMNZ&Xo60X5^I?l9~_S0VulQuXVJ-@0!UV?#ONti)5qqFJQ&NpPNM~G=K zG*goP_*8l)lKueC$=X_o#$Q=Q`9E33A|^aGDm3^XSp`i|fE7ipS(erYHpVt=13Jr; zi9+)5GELEy2#@#?D-bXKQ6N-B>&F~rO9@JNflx))%EQ@e*i7hjV+P#>F+unhf{sm& z{;T;vnhp)^C&TL8hf;O&;-!nT)BYDLCl{5rpF0|OqULfa#fR7VuHR@<(QAXW11(PX z(56>zL1AisZxccGG^Kg(*OoBT=Uc~X^FJ)ysa>&IcTnk8nd_hBmzon(ZuBHKg?j`R zIY_*p7To*nM3LexeYY>a?ch{4^gJ_?YVx*lf9WOuuHSuW$JWcI76B9iX z)UT#=l$}UPTDF*$5al9$^Y0R)ge@F7M1@~SM2WIQ=>t+aud|bEhaA799$WpQiq;#k z&ks@KcWV&k5!p29C!x#z_tCRHTkYIstJG{9xqeTKCpxJCbEG|@V%+0{U9Btv83-LQ zK-dNdcKXnS*ZlV$0TtMki~Yhi4C_C%Jx?QxC$-c=MC(n0$=;POFAZd-*-)o;=il$U zJeOhqZpP^L!l?AP-K&nn5l+SP$NUQ2wKEz*Z$*X=%AIw;tz!!bu}-#ay-rp(KfN($ zier04?9Ai6w!tSkOY+2zm3aw!T?pmscI{VA&G1PJOLB@`lbsO7{_ufo-VjUp{0iy1 z70^>C=s^nD?7Ut5rUP%tH3m%l9lj9y*>7pNnMs+MI`arUziAnF8j-GMp`>_JE5-Z?AlC0=9?ttOA`g1D_4!;_Um4nvfTX7*t4M-aTR?yeL$Y*~E(9w`yE@t%g>4Cq zGqQ4ZHwp`n2;LqYkJd}T8e*!Uj2JzNVLB{FJ5m{i@sC7Val@%KFvHp9+#4ve$ts zQ!%+&qvZ7P7Zu#An_jg(oO`eXY;i=aHJ7e@G)Xv}ci4AXeeHMR@YZ661MRzKmC=vd zu|vi;Ljnu?yg3se9~MMp9r(F1g!{7DK{#7`#O%F-!?w`lJJn60q>?i2av|^9pld5 zL~aMTOdMBLFg2=wB~s$b?46>}l%G_mGF1g{^s@T80}l@<#b??}p5(y~5gyEj zAqYwTa`Jy!Woc+34VI8LYa@+LPMoJp{W!$-x$(gFz=KQu=xrLDPaB@Ee}gQQ7yG;9 zGw4hvld=A90h4h7P1S)FwfN331P~z%Fs!x&hJGU0(#LFxi+Qc$wb;PVx5Uf|I%D}*HuCkoYvoyuxwg`G2^*xkD^`3`dOTTba~~ROJ!+J1 zDKt0zgf{gQafxF~J?NkNJiEPBM$SykjLsv7U}p;o{!nxHnJ^V~)q_c5|2|>p>%tsr z&~CQT*I7HWL-H)g*AAnP&h9sN*GY^Edw%a;-h}_@&FBGLSd|*L;+4dT| z=Js^xg7fvmdlDX)vH6F&UuQQ+SO8$>Hjw3c=tInveJ!P9T)MU@`%4_TI!aV)rcn8g z&EOT=+Trq^+7EYDI_E%3itt&=V^!+cPS+^X|o>_EL|xz3e3qeO<}9Bc8aH9bQnS?6B`!Fl-)H z!OR^SkM8QXe-&F(xRu*Y9w_y?lU*5N!R{)$t|$sAs0JKdOEFN0e0uAm;ohdItL#l) jdaflogBN{*ucLE_oOS2h#G6k>bgx&x$eCkcxz3F5v} zEoxm*(Ym%;YyGKh1x2mZY8AV=Rjk(9R;#wQRcp!neV%jf%nhLa{{Q#=ylHvP^L@T& zdCq?BHZEFml`w=54*VM#5#kYq^f!;?*Nb7$se#8*#Y5f~CO)Dqd|_hC+U|aHeJr{r z7Vb4yh5P!V17>H$j1Bgg-F;@ml4i3v+7&5HN%2ilSudS0#6ryw6K?Ql#3VCG zD;MHRSbWkt=W~Q6{nN;h&bluBCIk7;e;wdqKUl1xULEICRQi7+R8YnifBj5|C8Q(Y zhg`}?fkzW-$;o+|NJjA4zlCTa`~UXOL>9KV9^eygxO5=0X#lwE3kYyrSNLuJGll3V zjrGS?!N|VBN6z%HJr?)XywX^tCyI#VEBQ=qAY2G-fAfT>vq4q^)UNm=-*n*=Z}bQ; z=0YL7Y!%|;e+Y3A2FNDVe^}YRF38t|)6i*!M}}ugyPk9TEFrW4zj5O>IOixlPT7qk zA^f+qaKTZS$fTMx$+>YG`rRIlVOF^zFsuX$$k5G?p|$6A>VdTOR`cSEg=q7+BIf$_ zWbJabnvXszM60tSDNS?av<8E4-hFTxfK>Cl4lXN14wUD~|Cf1Ar#wweF46vSGv&;N z{H~Xq3z4rwOa+7LX83(YIcdTbM0vgihAVf4BbbCvbmg@ATxlX$1as&ukdy}Xpn02- zDGq0&(&H2#NUz9MYVL~5YtRPCo*>$x$X8@V$z74+J(Tu!qwEk=|T^bx00-> zaOx9Cd%1Akk&H_ZOp}ysSDNBff8EFw!3@+`)iDM;3P8K~ll;m4l%iU+4*IAJT{=Q!E$QHA9*-prGr}6;cBr` z9@hMaH7;N0esPjt!CaK(gLBjcW$6~wWlt4yPAbhf_{?bn3(CJD;w5OKwt#o0lfpth z5N;bc(?dbP*J{hl5c7~1mZXee1&YnDoJR5cd=tfX*thQ=adijgws$7E0`u0jCA&TC z{&gYUUzk&vNos60;`hrKyBN&!v@tbr_g4F2bQ&N=tVTTNpq(^gklTxwxc?Z z!g1xg$Va(u@@FjkD%SPFF}~mwsCu*#F@3)`rv9G$PUH19Nu-VyhKV7Vg|s;;tscyy zw$xq08Awy&L_V%UqwqGF=hzs^U7ve7S`ll6ep^9~aa(XExuF}uDheN#5hrlOv7;gu zyZ@2J=XW1Wc<&L9>QU*Y$S;;AxKj?T$g80E$5 z9?NS3UfUfxp5i`sEVpIMg4|I~%%-r3qu=gjxI0@X#2^C z^@G7|s734&!(XJihIxz}x#k~<6Kg%Pc3_Lx!ePRU%-PIg!VLe|tU|fLBxs+aIZSL3 zXh_;;Zrg@6)V@V9MA;mk6W@NYaXPR&$yAQpwxv+2Q%BPdX+>g+O%>o+RYSi74487l zOx1Hbs6SkVv}d42`A^q#x;n5N>bWw=lR>@=0_hY6F;rYZtb|3n`R093xmN_nbsY*~ zl`mRQI7ttl40b9h3oT`_r7X3SQ&_3fgQOI@twh^nPoT?ktO;-#dQQ77*ns{E&W9-U z>+qnkN)PxtjaE~<(QdS1*)|bNw83d8Lg!^Yw+pcF9D_{lMr*)_P0XR2BXF`E>9CVx zQ=@ug?T~A_NkgVB5Lo3yn$Ls?Q+~rxtc)FrjIrgl7EaXzLvl3=A!F>C5;P+D?}RW% zUKb*`2(>E==|-EwXiLy2-W++$qT>nT7S1nS<=077$PjIuYZzXBG;-KUE8_}%%(gTd z48}IBV-DTFErUAy9zEEIrZS=nAY}x73&jhbNCtaUj0;XO30bfb(zg;HY@)W_VAxPq zs&2^GZ9$y8s8U-vD)zmi!Y7U5iMk%dxs$fN(-6p{(!|FIf3rP7mE;YkxF4pYA24q+ zB;l83(NOXwWoowl+ouP6k-v)uH91iD_y1MdTrYdBG&p^QoktfZiFL|B>4(wAo=9r3 zq8v7xJRek}4w&4>r~~$7g9d}IINc$$Y?1ZIDRlUi>PI^`1S%&m<1=I|Srqq&v#r9d zJGt>Kr+ms2m(@-RJ6nU8alYUZ2+L$eaRir=Rc7IAmHmz~sqC!?v0!94O0+^p6f@K3 zJIW0gx#1e+Mv^MS&1EEK>XutJHypub$Sx&QjVVJq*qm_1rCgyoiH%gwNgkd)HJG>+ zX5`AuT|9D(W*q}g)&U#uSu`-YE{3{J5E%yQA}fI@K~>7BEFP6%{-_N7Q4C_==xkS0 zw&d5T$U7z8H>3QLdAC(0>r&$eGPu$hzg7|4E4E6@xbaS)GFG6B)OZ;(A=lhN4eyW* z&!bt^N{&JtJd08@glw23T!u`fdd1*jTR2D0k+c!)ijO0QI2(Rroyp)uRk~ud+PWooMG(Wn$E&TH zZ1!aav%$p+ubhm$5GU!nt00A!W^ZCqb{8je8E$_RZRNAZF`Z?xHlv?t4fpAXvvDrf zT`ICmMP6a>Mq1+X2lr@LeT{8?S{t#j2m7cpw8FCm%Ql6$!!<#fHbCVQH-N;{cz9^8N8k*4h@B;+M5aZf>LEEV}S&G2C1|&e31! zHlKv|=BE(6!`I**jF85*@wm{jT?f~qWfGaLN%jQx&&KvI+#bwOa~PUEq$9|zE8M1u z&`iTpBeTDk5||y>7R(_CHXgT|jkI2yX%N!51IAIs55o|z6Bl3B;f9Z+%ct&YgFkeN zsZT=R+Vhw(_lOJv$I4(HGN^v(@W@CGU8Rm{@X|Nc-feD4+hY1knnc6I!4L zF`iw;*=d@e7e+aEaOBKs$thIPazmyxTanVV9F9zDfC~ee&jRE$jn5u9tjZ{-GUl#; zK@Va%QpE&emH8c9W)(v*bLV0P3dxuwxNwUpvaVa~%Fqim}eIPEMV5 z;690Sn8BBzF>!RcjM@~(_FT0!ZDR!ntOdMRZDXa+(94oyXdRWgo@3~3t^F5K>Sf!p z`{8Cl($pbRf>)7o-FD1&7&E30k>Y3ng1d;S)BS!<8N`Kuk-iiL!x6k3lw~+``*=>A zI(3K?e_%+aJZJj^wr5WrB8A(LZ&g_|HfEFwniLZ&1{P-siw;;cDdsTIOY{VdMwY2b zF_(fd@3+wtEt(Yb0is82^dyTW#iaYIW)#9Id$L87Vy-8emN|=_V$r0Sbm!6>fw1TT zizdYsPS9l#7CqIXNioZbzS2fdvuIMxtB4-4(O7O|y-6|YuAw;sVP%f1KuMEg(oH;b z34}#sZIm=A=2D`EY;=)DlVT1Nz0XD$TQn)=exhlnTA7zvG%0*Hz?|zz(4`hlia8IA z*>0oDESeOvgXpM@#!4zZC&j#l=n)%TVbP?RbRldGL0GPZESeN^nCKB3U1`yzm~;th z4nbI{XIL~T<}lGCHX2u3(lt^{y7-i*44y#eY_GCtQp{nZMC$a2*OHzoJEsj4ii0MqmQ>}QcOB_nnMs)>e&`eiaAX5 zh>garFX=fcCQeD9A*|GMESeOPt^v$F5EebxqDe7tA$r6{&$DP!Ogh1vBM?^VT8k#d zq=T?Il$D_CESeN^7>v2cM%P<3DdsIikJ#u2izdaSQ2|ppfUq(@(V|H)O`_-8=q8IM#hgcUyNy1{qDe73h#s=hCtEZr z<}lGCHhQ5&lVZ|cVDo+m%e6%oO^W#d(IYl`u|<<&()rX}0%4_IV$r0SONkz`(Mv6w z6myv9w`}w&7EOwIi0Ba;z09IXF$K0ZGXPaz1+)wm~jc&DQQcQs@)La5#W!`4dq?k*Irft@u zS6DPD<}lG$+UV0QniTUYqW9V8l@?8kxu57?+UPSZniTUTqDO4>nHEioDJFoXo!)Y- z-J(e`hl$>2qdP2`6mvh(BQ`p0(WIF4K*}6}urlwoXi`iOAR5A=S6MVErZ7QAAuPJf zqDe8=6TQbqM=Y8Y^A@6iX`@$LG%4mwM330$H5N^ZDJFtm0%4WC)}l!%KR*gCdCw!iH5M~9*ZW$6jMOYg|O&eizdaKM|8W5?z3o8 z%nqVQY;@G3NijtM=phIz^Ys=@iaAX59vgkOMU!IQLiC7@j#)G*COxk;Mc8ey(6eXa`Ags)XESeOvoaiANJ#5jWn8QTBWutdkG%4mGqDO4>xfV@|DM~4G z2&?R!7EOvdO!SD2KF^{_F+~}b4Pm7|-=aw|KPGy_Mqgmjr0})AIk!BK`a+8)#heGm z++(9JvS?DwTZkU9(HC1ZDW<3ZT?S#fc8NukVwMwqrH#JSqDe8YB6^RFzRaRYF>fJy zpN+oUqDe9L6aA5mzQUqOF+V1H#719f(WIF4*v}k+uspxYqDe7DCD9NTz00CWF~tnf z`xYhWZ&@@c=6*2dh>gD5qDe8uVxspXQeR`yq?qCs&{y7`pucU=q?lKMF@I^JcUv?m z=1WA6*yw95niNyq0ebFt6PaIU(WIF3z?ge%^z{}^ig^psBR2Xw7EOvN?gSlxuv+Z~ zizdZ1i5{`hH(E3)rnn1q8HAPkCW|J;EGK%djlS8UNipXUJ!GTNzVg&ViaAX5TQ(Yv zENN2ALqw0*=vytC6jR&{x(vc{?KX=h#VjYf-A3=VXj04$qK9lWdPkN`iaAX5TQ(Y9 zBxzF2Lqw0*Xf(g1NioGeR5pa=8roOVq?jE<57}tcQPQNC!$iMjqfw5eNih!*Jz}Gw zN}3c?+zYx4!YUi8q)9Q$iH_Rn`z)Fib3M`fZ1ndmniO+C(IYnc`xZ@#DUgSG|8Emz z-*3^Rm=Az4M{M*17EOvNJ}3H%MCu<{G%2R|59lQjR>dB)Xj06jM34M8LI2RANioG? z&}k4>>W3_v6f>RZfQ|lp(NP=yh((iPt|xlL zMn7uNq?lp^^hXeu=Z{%5DdxvS(``#h<9<0dM^TohZ~Y1At-pdWS{--`k?!vogUZ2u zQQSp78@Jnv@t8Fp3${(L9co?Rqo+KsWpw9z89o1Y(&2}$+%oWr9Udsw(8H{)k5l%) zhH&-ety^)Zwcz9&cOcN-+0jB}Iq6LEzfQBdy`}IOJuo{sgR&0HQQ=e-PE+9|6&7(= zNcZHOq7CJYrF*>zkCNPnd_ipEuH;O^#W#(DXW)*gKg&@xIn&5+1kVI2I5|_#aOABB zwgUt^Alh3p@DeAz(wJ!k!!U#n`VS?c7?k6nW7Id+M>Rovv7Up6B{JO%D;+)2bd}%% z$k(;v=p3pH9WU{`<Em0WaSg zj{Z(W56&Y<%V{+jpa?La_X_|VSGex@Z z&2$9srhc2O_c9#$U0Dv`ET<#GDHFbe zilylpPP`SGtVzJ+wra|YX zN0cE{wK%mXJJng@@$$3Mk^z1~iWg~%b-YJgORi7Kbdke2o%k}n!C^{sk~_l-Um<+e z|HZRC*>)N6c-(yS{;fY0fJ9W3wh<{2{{_VNCp%p&)Uuw!oaCZ^M;^u!O;L4j{O27@kud={5ZUpnNWVj*tzm>Te+Q@4hhE?h;xg2ATmLTD`|BZw50H0Lb;BQAOvz~t zz7UhdZN9)pBf$x15X-Z#hX?Ef-H7Z#lM% zZn?i7tK}9^%RLQ`;^dX_X3goRh8%u|TtCjhYe(xa2WRnD4GhnULprO>M_XspdMo&i zio8(G_8vqi&PsIzayy-Y^v(`PerJc#;Va58U~!NI5Bxh)9UXYz)rVcpMW446$)g_c z6{jFiED~0p<3jWQkMm4&%Us=g!DM8f>clx*y)$D7>>_l3*2;f;s7>ZS?kJyAUHP4< z_%5kv>`}g_q7tdDjwD%!WREP*Bg=EY984KqCpyzjmSr}feeyyl$})3P9esiFPG?`h zL`(Hi>ll4#EWbf!7+?koGa^!pIgoDXq_x;;<4+J>Vo^+ih*NSDwT$bY|D7kJ;>coS;{^1$~t&(i46*ZaFs0^TK*>kR|Mxq^&n13GWaL^u^~p$FH( zI(n_qx4%J?p7*UB`bZ3C>~Su+sQ#P^@a5CWKUKx(Lrcxb;x%PS6X@Njn@JfKTphY9z77UJP3tUssH7*Xa)QxoX(hZ!a`9(5k zbQ8ClwLatQif_#vxR%)rdxi0*Kvu}>fkk)kBOVHJQd4G>UTq20n>5|a7XaxxT%rr8;yv=hh}RtIPaQrP^q%R> z@CEPoEJLK|MbLdNf0=I3_fKTPMF(t1kX7yyxHUl!7I3b0(0g(|A73bAQ!(k~6SS0VPFRG}!a4GG~bmc@ZK=i3} zj>i{(@=Jy))g}U$SX_LjR>0pXC_cm0)gF9X-f7}c)e9pKRyrDIT( z)76^laJ6yF;DuIs*ipFczp1<{x^0DJqStwR993czS7|;fajdPxcyw7T_ubVf7u}d) z_%I^Mkw{%ml%=Del!?x-_*B3Zy%^r&YP!sWmMnq|->UlE%w{<=osJ+zD1X^VTxGUX zWrZt5OT$`&4q&030#mN7GF1}>qXP80z3}7;zS|E zwWFhYR8+JFHeg@PLb_T^amKIVsPd|YZ7try+?1ksa#D)kf;TiKsjrHyzG^~xWJ5E> z>MJtw%%Z-cIcxP5MUs6*^G^0vGc@`Nl{nc~q{+TwP4yMcsQ7&Y*;h0LkM1jnpf<*> z8tN;`fm)MXN-F9{I()863s{P`*oR)J@#a>}EE>`=MH4+TCDY+R_YEUj@me&ToX*_F zPPJ?m1+63wbRR97#dAi-bXg0WCMWxObTzI#YE$h?UbSI_;fBRKxN%{%?^gI<3jdE> zlYIQ*K59d?a`Cdn-vi)?a3URj&)+WR4&v5XZq!pN&lviM0 zjh-0wSpc0a#=;NULyTaSwTD6;H{8xadfsPb zN_zE|Q>j;{zpML0xZ{WyN*BEzbB*=O(n(*(U0-?Rnb8V~J>3b`#NdQNY{(6=3;A%e3h+O`{Q zf~^qe*)?eYmteKstHH;t++l_NTR>uB+=%qtwMj+e-Q2aw_@;jZZ-1w_wqi-~d1S-8 z<6Y}6cDZHO$_OYx$UZKo6N(Q|g!JGo$XMR|u>jAHAK(9FIOV5ll^#r!ZSb)W=Mp}V$hA%#!Q?7Ocll|Z3(}UMyZshP zM~oxZF8ORDo5p2eh%Pbot-pbHTXEmlVc>Te_>oYKk=I3!ciQO*Mh+@Z*AR2y8?86^ z0ICvN!1NUr8!mMN6c3l;*|_NUGYS^uxbjv}CI{&U6=;A4hC;todHsaiPv$j)@=B-s z8~#B0;oN*aj3&8#{^aT_5G&K^2}Uthu+tN@pR1N7Va z*56WlyaVBRC4WV$Hv^Zq)tw#7c^I3+@M-QE9103AK?Bar!4sHxe4{Ua-HKOQ7cQr# zY3r8z(dEG|>T5v)_qm@Y@!R{pM)wcOn}6PDHc(=7`eoL`?FV zqO#wm{r8~Vhku7o{Bp@4%$MB)0H)H^lKMJ%`3Sv-IO7A(UJ^$&n*FAt&DVE0?9=GsqyC)3q!Y zJ%EdY;Dc%meQiG6D4Y+s$;xKRhg4UymCp|;pELda-$yw7D%{MG>TA?YJVt*8KQrMc z&ID*OS8<~nbu|xwIEIgbL43l*=fi^zH4+uZui-dy9a2PHoERvtS~ z45P%jj^`5}(bPs0%@J)bvimvStm7^xlWujW@$X`1gQ=-t2$8xt4^fz(6+59ZgDA(YIKcsI54|1(-D{& z=m`u2jt{P&A=Z~?wSHiZB-bR!QxfFV$}yBO9OwjM7D@X7VSm+5?R{1yhg)`$<`^Dr}`*r3w`PF`uUpU{9U#0yIK^dldUF4%v zU~{Cm%y5REjke8OnMc3wBd23H4PQah91I-4jH*33uqjZ^?Ku^zuWM`@JKSP7;q(Ts0+uuR@qKYzDIeq4?K)I$Oj%8 z$2TW@pysiBIN9={N%@dx^MO)&n(Z!7t|f1(D?WB%b^Nu0H_<9OUDo-wy+sWq?;FW` zsMw(K?K8!|*N%q}B+UEVK18J=5v?6g^=2%$KzXcg4=!%q33XX z{P2)U$W*e9t(9|-QTb?A@k81^w@|9Wy#5{V>>PY7P4F^o>Kd=Bx|oGNoEi5oaJVv8 z-$E7Os#GT77dhBJUs0ByPm%b_o~yuTN&cpFKaCDi*L)HlwQ9&s{w~^v8Kvc=mF1Nc zHDqy$9>~k);odk75}zUT;E*=Cc_7x^x27MI5LhigK=R4Uo5csP;Br7rUa-8W0pXXx zxmmz8P4G0snCN5Kq8xH~u-H@4!Dq5x3zV z#Y10mh`O`=NrX=;J5~z%9*ucie^6QUo(6|-1AjZlQXUws!kg7P*(GL`vLhp7 za+dhXWMXqO7yDh};xPqzE-{o-12%mO$-ieMk9Udb8JnO#kWTuSV@UR~+`{a5mNhJw zvwcqn#rf~JA5U|M_AHYBPX9CRnY@usRaig_&VoMGU<=-{9mag_i>4p?D_HRn;)L|#68of ztcNF&oSZ{4mDAo`Mr`5On#rl++o_aiJJ;)!a?+pi7vOB_bCS2`aH@00Q`%7434Wir zd`b!0>ISy_X(HKwz`9;S`W)6fkQ?>uo4A8d{f}P8May&P?FHdDdLMmFh(=(#I2pAh zgz*A2pb$n4&>oJd(-(q3zhGq0$OC#E?HI<@tw#(4E%rA1dNEFYj6Q{T3AETN5$>2E z<|UbP;ftH@odDgW5Y|heMuo6)0c}l#z$-WPxjA-aE5zYfToI@r^H-SMTvg{S>ahCK`hcC^)$fb#w#$F1!EO;ek zFu2=w%J9xKk_*bNhg`w(iPYUl`{(S7T+PF$cy}XaQ3}Z~l6Si@#J02>A-9etsR@#I z=_IGHen0EgEFUz;zMSn>vt=FY7qEO&BR0ZuZeYvZEa!5}=UM)m*{9h)nJw#C-pls4 z*?x#E4$kdM)=k!Z9H*Z3T-MuJFJXOv^*YwCW!=NM^|Pgj^?58G<~*-t``K)HiY+&> zy2#x6U#{sYJnt9`z*_!am;C~XR!Vb%ahpB!l?pm z>0$W^%Q2kKYK}95EuXR6!j_v^rg7<)aSrD&>*7=)wpXxyDccvYWhKi^EK`~7WO+GT ze#-i8j(;0l{)gooY?;qFzrvP}SpJRUXR;@yEKgy1KHH~qs$RBy&hmJ+%;J2`WlIxV z?qGc(+x?ugn{(K~YzvL%J%U&EGc zF6DN%KhBmXIR0y_zsq_d$9a|II8OU7X8+3UMz;Tx<#cApvVA*S49>Zn?K9c_cb4B_ z_Akt~vgJ|M|I0bgX3HXua~119Wcf>$g6*fXyp`pBY;Q&>rwp5Zn$iC;Z-G8#GU?Av zxC66(RpC95hrRbhZYg{Sa_+=OU6tYw;~$4U-8{hhvycbIKWnqRp!8FQlR4*`COqVF zxz=L!ICc0h*#}*fn&J5^X$Hey_-ILyPxx~pS8(7jxH8ka~kRjj4 zDC>jq|77_Eh(ycsG+)J^x3UNX1 z-IHj$XdQ(*MxnKFl#YCc<0u>G$~YqK<~Yhmp0t)HN_aYs#v$gf2x+^;d*(!-;6#Z& zHOt&iF-%D87CEjH++OjJLVxuyb|;IbNiyb&i7VWxVwFPLq!sQoF-!>QG*`PD=a4w+ z#qWUS;yg{|mE~`9XN!djRRj4&ze3A_a>R8CWdzQ3=Zbd~YRo^^Jyv|7&?=xjkv@gX z^L#wvLiac^kk!NZ4Vo@V@+PE6=EgN^7_)eTl z$J3g-6?c5vt2hPzAkJw(kH%3p(6cJ$&rrf_@lu>i2YNq_?scCa{;guR1%Ke4Bj}4$ zIU*kh%EuvCqMx|ui5U{H*L7mHLX@sfG%(ubSvT%Npk;(GmR@uo09q+I@n-G;cfGia z(beMV(r4Wb;s**%0GclzQ)n$vqd1_D3uuA(g+k*3&$>?(zgDOls7buXXqU*(dBJ@W z-jXG+cZ;*q4!BPi$qJ=RTCFb>c?!LsbHKe=%p?RquM8Y?FA*(@8v(aWd`oc;mA>w7 z7B?#NJWz|cTcOE7%f*is`Z)WL`&99)LVe)c#A^yQ1FaArD3lCzy7*k7vcT)^l_C=t z6|$}WVH+N5*aw*!WYl{pypX6=-1GI#Fu$qpi|>0)6*rQ zag+yiNgPe~M8qu$rB5jFtP$@j6f3Ltbc+sLCQ+WTvbmlf@jfB#0@0N+-_s|Gi!GEc zqJqBJrMnAnmZgjJ;$21*^CZvNVj(WCD3`93rJjEAlQ=rfGbqebP{{K)c^#e&A`Ij~ zE@z;GjbcEd_wk!Go5ZIoW)UVoKie(S~P~3(2=X%Z+cQLxa^AdXc zT=AqrjoE~Lq0%{A7b50D+}5K}zSniF=X~)CTuch_jQF77PR~W+6Gj&R-RHSj&=;=6 zy_|A~xI}nxp-JgZPJhsIiKvdF$2^ybix^!X#<)s6SBei5deC*ivrBa0l2m9{i#h2p zdaf3|gs^%K=3VH%MhqyfC;K4KHHy17`+)meaVp&aLb|lFbKTd8PC{ar=WV3BUJNjz zw*Hmpdhx78p4Uq65I2aI813+USn33NRdF-}ZWM1Tj%L7(;xCMLi^b`$d2SM}Dk@>O zXCUou&mJ+(LSqS40eQqO@mA`4KnoQ5QR?43w}@61^Yn3Vd-jU;3Vl#S=t_m=y9s?? zp%orNFDMk4M(6{Dnx_*=qMLv4N zX@#!hbnhy(nUPT~%ky(ClN7qzOX+GA@=PGqq0ktv?T|v}aV|G2q;W1kRmjP8e?y_Y zxs=O)6uOpC9^Z-F?TIm}QRqoVtqL`92^$q!hhEt$b}RHa*Y8IPt!J-)rBEuj#6J|e zkh#p`WNo{-gbIc7xPD6&@^Jm43Oya5@~%+m`<&AnxR0sNuhH5*=?Xp0j z8H`pd^belJ=PUFYbGKWFb2*?;-*n3J4+^ERFWNj=!WmPDGZo4oPiU?}|K_oDrb5*` zUbZQe#3kIQP!s3!V}(|-FRv-|TQ2=`h3?{cn_DaJx7+hqMza+9jN9{6h2G>|8C2*y zjIL4WBF^)N3jL9NIjGQUKB~hf3MFyBr`O5y{>)sNLKkr#Emo+P>({H$@!Ut3DKwV- zyjP*OxyPPU=x3bEpA~wHd&N_)$_tV&(-it1r)yN`X7((i(7lY#Q)m*;#=Q#7Vf3Uz z|K&b3ixgVQ?b4&ra?a&ag+hL+`#lP^a@~Kf(3iZ1ysyyt>@|-2_}lII zh-c1Jh1PSr`3jv>M0s{8w1r!Kr$S{M^EQPl*v}^vYU9y!NTCt-b3~z;+}8Og%F=t; zmlG8F7jr8WdW_p;i$X7QdEZg!`_sv@M-{q@WByK|4cveKR>;X-`V$VhhK@5W-dW|lCs_V zJ3Ln=-p1mRdz({)bhWM94k;yZ+Jefvq-rQVOk-EnlS_Y?7m zLT69e>-~pFUM^#vJ>>!KXQC&L9`_y=hZLF>e8KC~=A9~I&I-Qf^=bFT(fi(Xt@Jd> zt;qYgH%E&w+9e*%(S3Ou82lY@|I_L9O^BoGTw{Cz?P7{4&O@7NVxqQ-(QeOkMFHPL z?K+8Yx-S5_C5}pcleF*I(oNPLVI=!uvi3P6IVPrPUow&{KSfJ#rShKCspY3@Qxu|> zFV#YfWXqRnwF*(oS7=KVqLvS7VTGvWtF(=bWXsReb~Br1EOCr-;K-t%kr7-wE0W9CL?w(sjCTUOXm^IUCQ+GUI==62sg?aMg2$hTA* zI9=vKv$#bYvy#x02DN9KW}YEAn(t?7`x!lH&}>|#4WCKe4)Jo@)xNcwr=8G~2DSV; zt(?&_8nyLV+GUKc7Wvcn_TDUbWMXx~*RHD423wTBd1jXbw%PbqXq@M+&R?MsDjL@wL4 zhEAF1tCJu14QU$`npOC^Z&(ZU;56|=1GK6rzf4Koft<+N#|?J8Ob)gK>^)widVc-lP=TJBQj=|uOjIRt&)(Sbx;#mX|ov}&}qJ3rG2Up ztp(rG?psYU<;=N8dxR0C%NEyY)oX~8>AtNED@5t8)qciErn_D{#OP{qucJEYdhMaL zlb zwK&&tdeV2bgN$foIq?q62aMj4NHa=y+^_tACH9HjU% z=7m$z({)=anWu(06qDj7bRF+poR~}&XVN#z3Ai7n36eTqEhl|O5$SWCqjf{Pa!iXu z{KjVg9eeVAfO4RG@GS|mM_L>zw`1F#Do;BrbM8P(YC_6IX{5i#mX}eYCL(AJ$?8H{ zD5kFL)C*R-(a)!7;%NC}jw7X=osD~qy0`$+%Hc2B=ut7dlv;bV-5$r%b+I9ZTH`Fp zL=L3OQlxLcGs$uR_lUIYW_>uF>^U~Qhy5q1i^aLbUOJBaDH~_S)OpkyqLyP)T3r;O zN32mH^@K%NG38j5c}gFoF2@qxl^^XtwUsVTs7AvQufcolVuOL^wXn8#-ErXknmo8!1e(Kp7l zy!!vPEE<6ZuMC>V#+cE?7Pj1N+m9|qYsm3TBQ4Qi&reS1|Nr-w95d2~uNz&MkrQdG z%9T*Yd>ZSjA!rQC88Ldq$}yRkv)H+K?$h%gYj!7eLnLF&I7EoY`B&MGHEYt-t(kZ% zHZf0+)wYSW$6^y{6aL6LYC_IOdn&n-$d;j%(@<**)l27k;nZPUhh>{T&#PkjbQ%M< z7Lt@JWE#(9JDaf6`H5nhB}YnoZyw@Rm)c*hkPfvI1m)&C5k1Mcx)=(q-Xp23*U6(Owml>VbZrPJwjrT;W#jo+tg?}&O z-wXH;KhT*v1Ja4FeEFIglHMo1dr~^yC!mva6J#E4l8~j1Wf;=LSBYdfo8@MfJ6K-K zau>_%S>6pf6<=dh{*SVJ8M0V-HL{F_OvknQ-IGFMI_pi4)#4OLx`rn<3^@<)mEJvR zfw*3yr>nPWbRtd`AC|O1AH)gxR_#Nae8-3zCc!i92Ap(%z&Sj@C5{*4^UlMYf+UL} zZ-AsHfG=xb<~;%X-IETASNWOs3}(kO`>JO6KSNAnKNp|+h4!|#r`!p7>bN9GdaHzF zF3SL9NzpXcC0ok+ES9w_7izVdnRcr7Ir3Z}KG8aIR%xGW52mcsH2vnHEn0@YIQ;@` zto~-vmD+4^Lh?ztO;q5d&Z8{ z-`1=;mg+Ou4iAH~pp$*N{$bf_JR17f_#Rk3FJCNvt}RdBuD{AHR-seN*XZ}8@6j8$ z1sYWAp|oacvU=>R%XubKDeh!0E+2INYzRrAFr+hxpAA&5YqCyN!3%_72b2g_?&eh>0=aR73a_&wxVA~U5_^o!$COT`wk z5OSv&hP;&XX%@Rv>&0G_UXRscU(zbpSFyg6^_{HmWqq&G?-kc&9AL`}AV-wj96(3Tn-|a8aDeO1@4xuwL&X zy@U1rEZ=oe{)U_4n=I$C+^HnR-^==5H|e*#DgJ)^=_bo59%ARQ-oet5 zu}&*aHZv&yc`Q3v4zs)^gKGM2)-r8hl4A_X^Rnv@^WAJ}pB*``;B%iRAS3C2&iSjj zEA5HASHv&U--fKnXqdufO{JKJSc+++JEoDnW7<37H>tyrbJCtFC5tGlM0<)d%EwX0 zaoEzqmM*povwl14`^(rj){zLpA zZGR={hgjY+gZgOy49;gJ$$3@OG94_%EbaxC^JY~dRR_ykSng+eh^43|)@13y4*N^o zV;IIsgI}1z86kv|0Rrr)8XXca&mmwq9=3G+;|Jyr`8|}t7Xh1b7xHer)BhLock!iY z*M6q`Mf*|<=(F|t`eMCRAJ8}JJN1k8EA(&a-`5}1|3`mE|4{$0o^IqBbB)Eu`NnSJ zR^t)lapO7Tpz)gVj#1*6=Q!Qb=h*JJ)bVY{LypHC2OYn29CG;JNfJ&e>B4~((21`* zT-Zh3A{*N$05deSSP@mkMBGtVK1L79>Xs-{1{)j`~<&>{8Rku(ms5r zvL9!QCs3zPCq$F*U$C9H5%T5yt&lC*^dEGRa&Fpr(4S|^8NrLz{KAZ{wH)?AuIk?X@ib$d-4 zS(~}sYL@@z-uaw$QAF%@(@AD=+VB+8CygihAFlgsu5TLWvxwOaPWw8ix{v$iBbHyX zKX0?QH?zEqp4rFQ+Yf`}&kxvs8|QF8 z%cLrgdywNlIGu91k1gl0|6b1RbGARlsV-;sWoECPNHbc>7mMz;>Gwn5 z;U{UaKY~8JgyOF*`7!Q0Xt`oJ8*Nb|{@8H)yamPw5fV>gcYPz@yr$JrZEEYlT!EZ9@;uc)J>Ec$L z4|Q=HYM|pxb{gdExSrGTpXfLp^1I>;$UE^CurBTrVaU71D#&~A%bYsSZEGO!!!@5S zzK1iUF20X1&UA4<-m2Bb1E{@@>$`r)2gM-d4^ewvJcM0L7eB%|Qx^~8O;#Ph%r^x2 z2%g&M*gbYaJ|@nG{4rWc#~yMq5@crD~p zXagNj@Na;82KCm(&ro9>-~HVR`E%4#$9H~rKt7L}>G+cGZpar<8y(;3eGl@NsDUnC zg73IH53hA`5dP}o6?m%So4rRNe+}<&j~IUG_%?4Je#cNhx|Rt(ZyRRK^KRRw=UjBt~$QU`!(b{$VnIPA`e~s5vg_Y9@6RJPe`GQ_YqeY ze?~0a>jAHezk<=l2e9elLm*xJ4WTYR!vA#fvG@e?6Y&qozl(oD{zLp5@>5*1>cIbj z{FnGI7hs!JRg>XXtN4O!s#1*-YcuA0lMGE8yerrL;c_jl$W*NaGEFOk zOxG$PGqg&`Ol>A)mNpA=j8+4gtsM{P*G_=U(dI(t;u;$NMQ5!ZGEbWiIS$XCbunIR zf}Eh844JPjf(&R&AWiKQ$cb7r?QF;ftsioUHV7HfHbSn`HbeGnTObFtZIIiv zA;?>`9gsiOc0%sc&ey8N24gPHOq+~a$a9Q($gReF$nC}g$YG-i@?7I&e1+R7wqt&L z8)Ij;_ME=P=ritgG<+^Fo*TXp7;RmUFA2vmebFxeaLyE;Iofe=3OyPBd(W{0caQ0= zAst64ju7uT>T$ml^ zOaEn~iMT&75v$rHtgMrl+IgL_@30_QW=o~Tu26$GAKuSGRmM*2IVtkE;0zopi&0q zGi3r9)XJc|N*ZNQK1(K-K}ZI*GAOT>oD4!TsFgu^jpSqyl0mHu8f8$9dQ$yl5RyTy z49e>yCxeg-YGu$UgYtSAMFt@m)XJc|L2@z($)J3`G|C_(gBdbtltFo;j3R@O3>sB1 zzk=PJ6{4V41{Jl88s~FRSy4$``AiOKt7T9lgE|gE4IDJi=b#e3Lp?TwgW4(%DrRv| zUM-C>2vyAFtV1%G#X&_42aRDM2gYs$)YHMUr%R#7K2Iyn*x{`z1 zIu07=OC$Q2xC#y`Dme(vl&DH_vm}y1ZM8JkNTUowGN_e7Ife-Gtd&7|os21i@_LD6 z5RyT8gEYz@B!lw#Yz(QOqK5LsFNbi}GdL)p$w5WE3^3jhB_xAN6=3wiSWzjtnG#iT zP%DG-YDVQ4goxQNi-U@48DL0qu~@IrO0zf!$)KW+QLPLr>KRoua4q$r_TGQa=@YNTNH{JvGuuE_F%)zx#>w70j!HcLbE zs&G#@R@;AKWYgAAyFFe-)mKKW92N1aGn_Fh-q&O}6A_!{_YL+&V&Tr7NJoXJjm5&7 zmqw#K(3eHRT}%3UHaD*i_W@cF2cj_`{OU`zZ%tiv6ZG{JqP@L&AUx2$iqkjsbq};` zULR@hJ|}WQWk@V<>Ki~XqprSTMrFf{S=Dtlp->G5c5MX~zN*TZm9r{B^|NYb%&4m> zubfd`Us+X$E|_0cH>o9zv!qGJXo*V0S64AK zvr1HBIjL=IsBgren^9ZWfCa3vwy|nvBh)Kno> zU1ej{{Q6L1m1ykl>uT(d^$*mq4adT(1|qSRXxznWG0HuB6>1G6_RfZv_jOY}xy*MvaNn|th=Y@NbCH8wcXM6M_Lym%f8XcPYn018SFVJ+#4NjU$i;g*Bg$FHrB5@ z3l&)19qDT7ibU7M!t2-ebBum?D&1Ms-M=c*(-ZECL!y#gIt8LFw6H531;svE27 z8bhJ^byd|>6^+&9^;PwunYE#rbq%2^bRgE=`L(m^j@eYwI;v5m>F7q0_9Gfa8NZ>% zGS*krSdvHASlW;5+j_3XD2I<>YB)O9e9^qQe<0FZ+O$M8FB8ibH`Om`nBTszwz;L9 zw53a$7Pp8E;hw=rdpjpTIo#J5?h4DSBI{SJm1=W$-&!nj!%<*f9hm{j0+3BV7$hC2IRub$1_OYY!j8 zhzW+Zk4;EUG^uNtzKfVY!EY?HERl5O4~hOIo)5nAkr6! zsdx)|!fT>E-IydYx9ECHU4Z(aA+a{bP4$DZ7^Vz739pHCwXBU{6KLuZv*+}*w|8S* z?+*9GjkR4}qa3m3G8-Er8z_%(tb3H1iyUo$v|drcomjLS7Wk%4I6B4pVc?&;Y)Uk)oSsu@YG9G1qS==6TT z!M;HXn)>Bxd@7B8wHv`m>%0wF+mmIYaaA|Cwi|7~G#m@}MzA9+Mlk2B_V&8)smnV62aGKbnlE{R)0zq;Ji@+N0Agiu86yV*N)Ga*wjSJ&JGa-W2JYFZUPe z-vTVKwS8T+>(^sb5mlU>&m?p_!X&DeD!f~H|N)(RX@ zmPJ-aFgm3%0S2+nHS=5(a>`Mf6R{A`o^Q<#o_%U}6sKWFlbb6=ZNg@^X~}A?SsjLi zwecRwQIEwrY}fHbqlmBG$mOV98;M2Fip2fGd>-iTjg(@vuJ7)N#F`_q4XAd1>GHn* z@al-bzSY^?wG6vxL@4(qsK?YCh)Dg!?lo(hF>|A9;wBzP_L%c~*AHx#h8X8&9q7=o zqN$;~e|@x{8d)fh=mdv-stXph5g|GpDa)x*EUs{us}vt&G(N?8`)H-4wXrprUws42 z0xzY_n-eaMLTT?KxhTAek6F}|{YxV;I1v$8Fk@k|@Oh{oZO?N~@K`2~EYA{$x$638 zETSN*a_-55vAS@-EV&s25MC&BQW$HM1?mQ|ro;i}KLcxfOSDs|RH;{}qhxo`!AxmQ z{iAwCthM(M4gPqC2~6!?tYZUkysI1M>pD7MIS)L*w5Gjn10S+-;ikQwW{0FJz$UD zgk}q)wYZTMg;%XbPbCt`UWt#C1hJ&EKZ=#y7PTQ7>0cZjkn3pE>O|C*aBNLvppjPJ zjnUXy2?BctItn{&xF=y;6yDq!p=u>e$dwFDtCf;qfSbGQ9E&K?IF0&b)vijD6@(iGo}By8V6 zXD}STn)-MrZ0cLpGuV#-!YTNMJ>_Ak&W>rxJ#w<`fxw_yh;Y-I&J|q#KIe` zn&46>+!I}69aVT~qD_&C+t@v@YAx5d1-lL|4%TAZA6P4nG0!-bJe!Jsl%mvF|vE5yKg2N$GnaM9X$S6L}i^>iszS>;fJUTKiD*G^9dQ{p@URV^sd1Nr$ z)6|Etp)52pmDJP& z52Cvt$JB5Sev27^nrl%6TVgkMjEKVan+`3JRcmq88SW8SbEC1%xQgn>RXQgeb+Z6h zglb!~W&tf9IN#xl5(f;Kq9xqhEw$R79?=e$tjI@SA(wW6#nyv(v{1zc{-5@~11_p# z?fYzlUCPqzQdZQ64R-0Mh=?c%SSX@KgUhlAQWjZIu(6;qw%B`#*fp{D-b?H)_O4N* zv7@oO-+$(uEubd3@0a`D`+YxGIcMgXIWx~ZGxM~WIVV0Xoycm!<(SCm==AIi&$#?# zZC-j_K5O|FWRWt78#7+R@}PJPacB~YOOp++C0jML$}EaMm=}744Y%)U2*rS_6ylGC zL(|COaO4P^m7fJpflEsityX4JXDRFFj84ykni38L0bq=L){uk*^7k#5guw_o1Dz$M zWmXPRzgX{N%k;b~Wlp)Ak=k-m(p_yhqnYhHcw%ATqdJllnhRx{L|BW9cyB43tBfkx zY$Y@)R7-DUw9{B-P4*>IdP3-&vSQA?S$1fD_GP&PzB1Q?3#Q%!2RA*C(6t+YsJ z-RUYiPH2?)XIrUT=H{pO%4YImyFvDY*HZb(q?m;{rM^LNP$z~XDI0nM zEZ+i^nkq32{FH=M!jY1miZ&T|wJ8JKC@_pU+X!-|eJT}6pUFT5yeY}>mwdEcMz&X{Zqcr)LK#We}fC;2!wI?4i}d63NP8MXtH`p8&};Azc}- zfn88U(ra*YtUK;c*AC~J6xcn{*J@nT3I+#(CgB=nMGO@UcwFwI&)CO3x<+{{>E znz1AOV=z@YJ_3ir#D?FpA{?Al;SW5NP_kHsmEjz=Tr6HgpEJhj(BWdqv?^`{vQ9MC z1)R%hlc0T5@0tOk!J9a%T~6X&?0s&=GqILql{7_ylfc&S4(bJCO)E0V$?499uT zYz>4nK z)R4)=St(c^2GtDCdJq_k0y&0aSk1FTIusS4Zd42DghUUr_hd4yLFjBH7+fwm2ytC# zjh-@Mc#=nz*;?Xl;i4u^AE(YECaabhOl$z|D`PXb@nKq5rQMJAl@r<(k`1E+*`iS> z+&|E_V$hg0ExeMxNl91*HjVfsb)PM<(#mGU2^pxv>wj zP0EC;l2azR(tCl5U=J{?lv(B}l-rpDjM!I16a8bJuiTooc>=rIrYbat5lZw;Pszh{ zOlb|RkA{gLW08hCfvTb=2%Wl6+S657t~B?Pa8F>qLqj*^2i94dY?#dHs*jQ?3kIi8JwU1_d zEtE}AYQV5mv5c7}nR%<_(s}t-}+OKhHVy2OYW7UxCTF&ss znhi_+RzM(GnWtrp9#7V(&!)zam0U8&X?fTi#10AK72(z}wZ@$Ulq}|!#3zjwhReoU z3r4HnXvKUEUe1bP3o-cw7?r6YLU7OsO{HB&7&38yuo1>M-pQg!KHD62iwkYprx+0m z;Bq7ogEf{D#!>1*NRlLYM=QXfHK~+&@aeKjA)y|k?UQ?qxpLSY(d6v*zwr~nM58=@)z4f`=FfDQXGDuBbd1>Xu_ z;|gR2xWThi0sL7}Q!!t!41;j2kn%C}HOmm5-6tIz`p7aZW3)02UIqqw1YN=XRF`r) zP0YKtg1*abDf!gH22GcYhd;^o*L9Fy{gVRB>oL#Tthskml8W8(QrI{ zqv@k=r!FvZ526K7Cm{{MrAeH)1V-m^dRB5i4aKW7^Lw(v=yWX`h)^fzs{0z;pr9^8 zwxW=o1_loXT{d7SM&NR0F*cY^ws;sB9T*~$fj>^;;N-U_tF9ZMtbRgdHJGB=QcPW1#|T0*KMETtR0u*f|N6<;baDr5s$N71q?U=zUQXGNv;&c;SNDajk8?sa7Pc~ zoL3IM2&u+hjeL1b3{Hm?;9OZg!a4LB#-srT7Xs6PmJo@2x17d4ZxC(fm55i-wLF;^7QNhyp&0?yO*$2pTG_=dPIPL?q)sW_WPFv!EHIJPAn za8IWgGqwbO_&t%DhEJ+z0$VmGi?GQlAa|HzX)NnO_X;se^B4>)5>FgCQB zsZ7cs?Iu*prqn9{CMu2^rcwz;`79>Zgr;e1T{TI$nMmu4cnWBuq;(Q%FqJq1wjfXGmXRBxD2#7W*-^KRCl<GqKn6eF%`DJGc(Viy4$pn1e1 z8+#s)B)Bpzu8hEnC$Io!c0BTo)WT9I#*Y>!u(U)z6f3e6SX)~Qa0D7vk*1<~44*HR z;v<(*sf#lrQYpUGDZtg)k`a;{8z?i6z%LVp~h0i@-%dA9WFcrV@#Sj2R%#7h3XM z1n7T(K*;d;0(6L2A_mYQ6XcTESXzmUKfL*uPpIaK@9**)^N=pWgVn{3mLfYzxV?l_ zPsfdf9X=A;6w+uhaAlK$6pN+6&eBROcF@fdSc@GpF)$o0t!Z3>xNa5&Nzh<6Y;9>_ zCkVF}RIe_sCYCYmP^4pbjs!i5{>6W(rNB`)(cVF)qb;pwY2m0FVh-WL76b!V1~<}M zd<(vqHcUiEf<%P5U~e`a#1@tU2_P8GmT0oI#GVj=&;ef|77(yC9`4n%lr3j776icdDTGIAAq#1gWOd~NJDJ-SXJ)nja!_rBLp<~aZT}LMs`dKDG zj}dy&c8Cat$glwIYY-CBwgYCk6G}=9xdo=&=m6A1$jedN1~_tq1W#ZTQPv@LK#w`< z4uY}hIEdH~7g#tkBqJGiE&?ZxDbR|=v{yk)U()F7V)BHQ{TJOje4!{wc--#W-U*AxkN&a#@9!OsZ&}uKk@Ul&ZS&kSdwm~Z6@6Op zvQk7w_Ez^U-!2Snue$$& z)2#)eK22Oi7q*{j78c$QGF$9p++0Fuwo;sRvx9~YSnX!CS) zJbAkB{=_@tX;1=89uuR9+(>4&A-9o?+rbj-jjuuDUn5x<>?&w3!P)F~z(z85vk^3; zc(_WlgH@`4WQ9*^sw%}hB_+jAQJELdw~xz6&p}CW1;BiS7YPj7MZ~ud;l>wOI1c1n zND-9sEhM-JEa(go@GZoA3jvbzgcc6Ez2x#Uxf~&v6Xc>3Vx~KM#2TW|_GR!I(#9V0M{*^7}yOfGz}B{)5qPUvDj z08}JNrBZaQ<3PZq_~VHPR^Ysh3*<4M$CnaG#|H$ZNO0kii&O#`#go_z>?w1VK#mdC zE5@@FNjz>ZKuPujBH-=8x*?Z=n*cc|qLAzq6(azWn?;(k3&l3}A zz(b*YltQI1CLpbkhz3@)2%rxDL6S$pw**lfG95BSXt_fs+USr8%257+C+r_T9G3XEf(CFF6Qy<;9EG`$O0 zY(8%D&ok4QyZ@G4RpD8(L9Gt+7MGvBm(txQz1%mCG3<2TpaT#yp%>u z4e(OHtz{T)25Nv(Y?vZ!PX-d59c0jvCa;r%nDkDnry(L`tl3058m)mGtJv5>`2nI_ z*+3dohiab$8&K1QC^kHZ3Fw+6?wALm%|@Ym66p=50rd((WhK$FaHEY_OB=D)(1^7t z4$2*el_d%y&w(QJjsbyT0AXznWW>%az3^5qW0(+D>`YrNG6gXUSmjr2DQ4%nP)sJa z7!%ur;p0y#^uV-6KrHg0v(kf|mB@z~g3Nh%UmW^?UQ6k9Epj^xam*g?S0J(gKfKM3 z$HeoiB;o`eHrX3JI&^7Pi*IdnNB;fsmPOBY;qfrd>EVk;23Fq(ydEV;D;YOGlilvv z6Gb=ii|C61NGY^B)K;C7G{j1;aK;I5dSFEA?8XUku(0qZS5lv`RN}NCJK2GAWxQ>Q zTR9|K7=`h<*r`dOSk}OvUb>cU294ClV~s4!EH6F)QQ5fGB*X51?8#xb1u^)dxaaOA zvQMUZ%HUyW!_?YPWjc94uE`b`d z2pV+BT?SV)+2gL2c_hR}*Y~uwvbAE@Z!!yI30Sw4kz)|rCbm|e?Ep`+Ee(H`&9u$o z&vKcXWZ3M0_j52d{!k3O6`p?HI6lcxY7>aOp>LqKx7tVLqf`b2sFMS|lf6@ueSB0w zKHiGdAa5U4szLz`LG4dF+TPebyO+zzFku*99%G9wF&ZpyzTFpG*<%b! zqvK_fc`|L9COZ1{<%6Z z>+r*@qj#nqkBR(zr<iXQ!c=6dv<6R~+%S|I;d9V8IS?6QRtJIB{}hx^y+U5#qx1L_J}?E!7uf>M{P^LWfRZ+w<*kS^ zuQQK{rR-0Jo#kmVvgeDOeFF33jtOdI*z+vQ)?h+ouNmE-N!T*kv>+pkg|I?onp9aK zSgj0pjOBS+dh@7oZ=QfgM zX;qrs%=BcF;pF>w4X5OQ0HvSG&tDPbcre8{mF6!hUpO6iu~VQ zFn$uCcsmip^!i_P<`PU=nQzf9sfexeZh9GAu=4;0L?2 zh`P(X3}q7y=VQ{w#TuvpI$&p0nkGf2#i8i(#O3zELnna}WKLF(`tGu1O-f;~yEZRB z*#OwXHk?cq_A4{@!)3X z^Q=@;AJsTCf7FnyPPU$#!kXL|w)xGqw)eW|ih6eC-?=@d=cz|UiphiRoi0>e)pAjd z$BSQ`=O5VKTk?I1+x3?q%kvfy&+(M~Kuos?-KDO3uoGS%X81KGVVNOT{_bX$53f;$ z;*AqMF-q+Ir>sz|rl&aQGy1wH#9sd|{upAEi!3a~67E4OYa3gs-RDdBtMt!5`M;6^ z0b^xbneSpPwRfyiUEnIVspM?uP|eb*W>t$CA|bvz!Z2ot6p{D`Gr&I_eD~y>UjO!A zE|g$Y#G-YV!;WD6og2Ac!{6tBJGi8~=2--WHnY$WeGyXI>){b2KUyU7%KQOi`0?!5 zdj0!-WwQ%)D~|)IN8gcn*6Htp_}}c*7cq}^pmpybmhEVY@44s&A0E;C56fl;T_^dO z2M2=BRy&~Ib0D~w*{RoC>aV>=e*LX$!96UG>vgD_#2=R--r~64f}wHLe(n7eJ)YM; z(igo01-*)fB^(*xHkfacO8QT^PbwV~bN;`77hJUoRTj`fy zM}P86dE5}SdqSal{VV+~F2rJRSI=T<#Dq(&czatB@Nt}_F|I!%Erd-c-GBVCUVpiW z4)XyNT69fcMq1%UVk}qSnbV7AqHSkG|Jao<9WomKu>${V3nD{h$H&+eQ4o7AmuiRM zj3;CqP{-4ev0TLc%4Ox47hq;%0%QKOzYs!owgTj#716v!rXb?iDa;I1L;>`|m2L(x zrF{u~p}-dke4)S>3Vfl!7Ycl#z!wU9p}-dke4)S>3j9}5!0o>Z8-fgn5%Jjk?H@c} zpUL|NNO(jQK-$8ev?~b~*&yjP>l$??JeTjRRZw+l*-lp!iqBRv$EI z5bSj>h4lfMvV~Nv!<6(T^o0UnDDZ^>Unua;Q-Js_i@=@nqiZJAQUB%gg#uqF@Pz^u zDDW?FpOA97aee~dret10$t+5`R4xh2ho4zru8_?bHEFn5{v|((Ctc6ubk~>qBD-re z$?W20wsK8Zvry7DNpn{=@i`Xe~W7lFUdG9J^} z@F_kLw;x6U8Nw|jN)NdS454Xo@>m=OUF|83MziquQ3AuEUE zhhr|>=6)KbmsYs)P%1f-+?q+Jr?$z-6xJRJ=ERIIdgK9y5&)(|q{XDMP;NZfjO{CzMV4+*GDN`a+IBZ$^QuAMPYXW)Hr%jAPH( z?T@yxZzIS?`!da1`LE;Si7`svF+doUC(4cnK6pPlAcQtKpdpzTJ()Dr$l&X^WFGuo zI(i~^C@r0gdP6B>e6w?aw7d`MOF_*HuB2`4xtwHt5-be7g~Z7FC7A!wXf(931-LYi z<2LvN4aP&B8TCFjMwSCxPvi;5EMk}ve2cW=^A&s0(0_8gfx;JGG9~?|W_(bW589x_ z_e}#3Po^o!NJ~Z7ho%SNO8Pn#-#+!GkW|DJpbYt^W^gzLzd&rV=Yg(xDHC8>c$(z~ zpT~oYr!T*MoB~f6#s-D92>QoM{!-xo0~AQB10?x;MqW~$SVop^Ms}C(5j z2HzMi|Ey4E)A{MPz_za|@AF-zj?G#9X3K?E+j^_+CqEoAae#f(evYLjwol|G7TNL= zVW(074ubQYe1M_TC>v*m-_}z}grw!g%dv^PT?eXAQ7>X zRU*Edg)RK}(wV|uE+s%qC(BrM3SJqRqHvWv6Nr`5r_Wg`Jmg=Ibb*tb@hBh8VWy~M zaX2tQ4oP+h3zd1x@d;(usP=&exTQ^`Soimr%yBP!>ja@D^DKU=vqi=U7jFO-+? z=9<$5T_q^tjX~G)M(|5`#mtN@IW4a&Ro-^4)o*t5nr?^BPMHu;{l(8kt2;lq@6|>u zFKm)kmp9{ZYs;R$l`KmZK74-p{qb+A%~|*=%CmFf#hH?Atw$ee8_<50u4AuyFI0%o$an7d=GAEzy!7nd#vh84CXEuFXlnJ#{e5n0y-G(+7F$p0 zSa2b5$-X(&reD&`9N9~;=GmF?Rx^E=4ZqHL+`)PG*SSZWUdD=gjE?!{`tTdui=%p5 z2<{ylK7GPS<@&YO3i~QkR!Y~7KCyk@#Y)j*=S#v8gZo6T2=&E?;1<5;*WCvlSyv_V@d6=TUydD_~)=p-pf{m|F z)Z&#Ec+sjx7K_iRDyqmUk*p#oTVH=)Z*QN5fhw}N82jr^%{-nkK^`aXXo$=CL&N{F0yIne7gglRZ3yB{ zJf2?2hbdQ{cL+-OFkJ_~-kaBO(F#SIiA$ZB`I}UU%Uj#{mQ8G4`^W90w#3C1&Uo#0 zN;1iHa3h{o+O%C68!q%L6Ta)zb#>3c)3@i2w!gF9?O4#UpBFsq8@{aT#<|Sk6-}p) zx!Se%gHt&hFY0FHI&TXb>-b<dmy zPn*8~$fK^>AI860an!qSd#^RKt`6(9_wbgIUGawobe?i|wdF7GYoGkRV=v1wi(GFG zIJP%u`_H~%zx}+PH~&MeHPW1nvjt-}4IlXM*n|dsgL#1m`+dLR+M8>|jXlq-Yd4(f zFltac*ZOWo_SQpI9jxbNs{xw>C2}-LzTF_t=f<(JFZT!|;uh+n#^)VbR7(#~M}N zK4wZ{(_wL2Dt~`)xZAizA1)=0T^n$!>5&&UlRk8kZ{8SKV^Gw{XVoLF_UoK%HzGcz zdwBNp$&gl$Ticlb48+ zS&3t%l#V?`g}1EtoDU+#6sCL1EZIsfos*to$L`mgRk zwC088t44MIZFu`3HJ;7!>hkN@rj3{Tbl$h2`3LXQYXrfoR<9TzIOxDKFpN93%eVK?h`KV2)TdFr#G6(xsi1*KDi#OG4D$pgDH;YDaFZwz1WK@LzZB$?bPN_imkQJ6ccM_jtE+ z;-$ggKZuExFZyZpwFh6%Uh(eA%G8^?rWE&oc=ln`-N^cjoIDmT8rV~JXGC&A(rT|E z=Mraj+tJs<iymD*n(#)x+uAdz?%Gw|fA3_}7liOQJIHj^OPYAt_F_V9v6h_sJ z4^-j{ZCr_iCm&{H7!yjhA{RR$DQ2kL&dB>kasfm@IWd>pxCvh|Hf&QRQM()W7adTX ztUcUU-jx+|kVNwKr7@*ZLnApU1ZnlLn4>ZdpW+~2#iNo4^A@uflhr8flH@)~-riK$ zePa-A5O%Th4)S(}ID}oxKNEIdDubl^lk)TA#j^?WGGXx)dGSPf@i-%qJO%RN!SWD8 zb$nhGpFgXP2=5e)O6!$_x02wksj3{UXIfsCyoIp+yv(JWrp`>*+qjda}a})%a;GCl5STXft+~ zI?1z9^H+OvPi77Nus!5At3yq9v{^E*Ed7#dhr8c`Dc#jW#tt0Wx1y z?h*D|<}VT1%y^jgCe3qFX@igk8J#0lZj$uuu2U!fI{5j{F=eeAUVYc}#5TXj*>#uS zUQzGii7RE&71KPXOpTESTR#&IKkK%~yV}hs`x+nn`iHfVL00>%cJE)d{PyY#mnskI z7~VP1yLY`BMXR3Idv&!@6IuGy)m?_CWos5~$lKFGWU-Lfz@vFdh*M0e_0BahFK&z} za@JHH7`~{_?G_Ex^Y(O)O&+?(Mdd$b=(USwubx$zGriu8qYI{-c+_1Ldh2V;ncp?H z=xcG(VpYCdrR_@Px+j%o*i=5(8Uo;f?G^|mf$Qx-^~BJ8K> z+)gm{_pO?-ASAr6tKa@pbLY;QFk=X=VeL7B82B0dXd%M4+%SD)F$1VOE+fWNU>K`ll&gS?*nV zk6oB^YUrwcZcdv|J4j+-2~U?39F?6HTeFT!!*OHhKex8Kzx8^jg{@Caoc;3j>UAUH z-i%1tRW<&X{*E=qwFvQ-N}AQFadzavqg@z%^QH42e!Eq&vccop3%eF)``msoIO*+! zZS$1d)*U?<75%jC#W4MpT?t#@|`}HI^Or3wtAjN{v#!?(IyFZ-=- z@mH(Te?K#;o|{(3w@_y7>T7$YniFwmz?%_(7b5xj1$YMfLBAC0_`K((#V6($AC(s$ z`nRaXb>+2*T5Rp)Y*LFu>F0iwGLvzu_)1=f&E|q{AL3&+viP_-S$JH#CgFae{*A-E z1Hu~n1$l=nxZ(un#l_=m<&E*eu&f*z_qwjq5-I2>d@3&yTrhc{cx`5ld3xunVsIB? z81UMdPbgv-4EVPYfNPn+$;CtfGmJU^lbrgWU{x!;6@lJf7L%2+aDVi zJYrbzU|3*fc9}>JeQ)3&9$i9&v#a%*e(gw9KhNM-HE&0a33PK542?|8_kMKOYHHgP z%RPR6Q|5l&wza&VIAX+4bJh&58s=)zzF6TkseO1+m(cjr<-S=eGRg?Ci(g7s zZZ4+{pHVgGHbODBEUf>4);0I}q;>r^D?#3g)rQ;4;r1zo+sEjW`Fq+hMk{6)1}bs; z$f?^$K{es722B#0F!3R`HN>F_H~*X%BYq{5Cj6PQEBbq!NDJx;ZRA#lDg@#R(-)3X ztcdNE9`YMhxNN@TnfrEaqyvJdoqrl%+cU*8bmHB-u<8eHO!0PjA&Dyt{!lsP{*(N$BW@r~E~ zu)%8XXw?NBz z(b>%#%2R(|cPnAmut_;~0(f=@8{wq$k#Km@NUxyJ*WDnjsO?mOAD1Bl^UcCL81y)SSw{IT~NQ-Kev~SOC z)d9j_Yl`SWzTU*#qq0-Plz7BYwyDDCzVdw z9{X#&9;(}NP5G|%u6izYdOGITs5N3mRLbxU$*a1*@9P%)Br$*Kwh=93T68>VH`Ahd z&!QKpI|Y+l4SIYc>V5X@>4#P=e%7ynmEy_8b{6B-4-@bRkCzvZDQEo` z%YzO457xipvn;klR3vNqhjoba!iT$*cthXcu>Hw*C``709QGuTy(oWa`&-@_*3tIn z{_9giihB!!XU&^aOS9(pg-2c}wjUSWT=L;fVpeten%(@=eNAx+;qDAP8%iXH#yS@IVs^8Q)oucv{x3vFx#g3x= zMb82Tb`5cUHm$JjxL9UIpk37$UWLW#3rp5z{CeQnABXxenkadzI_}MmKNKvOJf=(i zt?Snt!V0es>u-@&Cbj}{~BhF96FT;yAHOLa-KXYPkZ7Vd*(n8cw zD&W@;RAzo!v}$phe z?$zu#`!7)L?d$Io*wqLK;s7w5gH6V!kf-p1s%OO&K%BW&xbXQl^Z0PUTGFsXQ#M20 z?9n8HzuDt_vhr?pnh@)iUuq>6lg9*>b7XT2VcyVEbJYYW3yO;wb*IWNBsVrsIMn}W zQu^{AwvG>Uw;hyO(nApVd((||o=U2{dUyS)e(K6?D|b#j>dm+5Ir>9y|EVrjSFXF9 zy76?w^@5p2;Z>s_ZyqtZo`1JN^TrN68Zh|5$jfK_t8TlJy+V_1r+;zqftSqX3cpXw zsu2e)f4hEKet5_W<@vni4b=HLcIHKCUZ{@{P{|lzV zrwIpV-Tq3u*70;tHe7#M|J=ydfmU%t>WzLm#(h_A!$oi*2N`DTyw zj{4-oJ_oIJc@5t!kNfGy@E-nxuDjjeuRjp<`_pQ#qXvanPi)k>(vn9Ve1CknWN1iO zK-*q5PTn8bf8=iilfTW`{%qxI{gTAa(%(i#ZP|Ojo8EO%S&t9tqdiMcEsXpWu4vQ%Tuei<@uiT9z8n7LVT|Euy5Tn8mzjP=~wW2dPwk&jGg;b zhwAiJ_j#L`ws>qK(S#Fsh8V$q$H S!moLAYIs*Z{!=_PBK{9Rm7%Nv literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/System.Text.Json.dll b/Modules/AzBobbyTables/3.3.1/dependencies/System.Text.Json.dll new file mode 100644 index 0000000000000000000000000000000000000000..5417430f23c014b354f13a94d7411aed8cba5a8a GIT binary patch literal 509600 zcmdqK37j0obwA$Q-P1GEGkeU=?#v#NW_7G6=2%HP9J>M}aY-O^3K@0eZ|2v$wp~axBYo@q6ki%la6e{I^d29{kVENbV?nqQm-d z@|%l4)^^r67jM35=k(BZQ?)CnF1=>x`IlaMZS93am+csuy5ZWPo!1VXcJ2j3*VHcG zG1A`dFEd4-ce-Vr)#g}>E_u;gg4!OpmJFrZR$A6;xZ}ky#QSevW7@^G0`KU*AQqN=ppCw)KkGR=Z%(}V5u^v0twUQERS(ls^w;sI0 zvdU=x%_i<(k43gZQGT)cxmCy8`8(cYS#85P=Pk2s=(XZ%6Yn&?vTq});8C}TinA*n z3oK(HbH*O}4MN)nF0%`r+a`uy^(xDn^t~NJ*Imch%e{%AkAK{X@`o-c0$0~sjubQ{lk-dYPRmoM z$KT+1eOp`w5_?{L!uL8YbrzyWe+*=p2kqdP%ye4^dat#tL6ctSTGeNQeOvB$FKCcX zDA1wgmjaN!E$zw2`+jhsGdX<@O3b<$*UzQwY%G`cN<-bTj6on9&&0jBBPhiCCQ=#T zk@YfOcT8jQ9aNoT)isO_zjy@++-2E?l@t6szA9!fWay#duI3caE*zzkbYJ zsZO-mv~ddY7_*>DE|p8?+Dj*cI_RVGP~Vvf1J+BET;XebBDr1YJhHg6Ek2x|NJ%Fq z2QEu&e|VGEH{r)S+tm4_unBl9%#!QXp{PF>6aLJNaawM59HVdE4qSL zTlZ8^N-}u{fwSZ(Y*;xD;BBDMWFdKMjL)K7xO8&x*aRO1eLNZrq5&5QV1EPPaGzTTcGU!-zowxV3-rJo=;8iYm?Nep zndN;>dAZJ&wbNA&ci_%nPn z6N)2K=<4gFw-ByG!YH5~e|IGO*+{s*Eri(-3IBN{{H;hhZin#Wk?_t)_+63kuOi`N zoiJ}L5`J|g{J}{0(MZ^F!@T2>a4iykbtL@3Ncd-w@X}aV&PkE*-I4Gkk?>+Kgugfv zz9AC+d?frtBs>@o^Hw9_mqx;$iiDqxgpW^zd1oWx_eR2xM#7n72!B!}d_yGs)=2ov zk?_wV;Xg&fy?$6`B@*5c311os&qTtXiG=?Y37?P(%bbaX-w+Ak9|`|H5-y~}yw8h- z?~a5&8VP?V5`HQYUf3R%Q;mdQ6$yVQ5?B;de#CPej5iav}WANcjFp*vW@5 z+alq+BjGPc!i)Pt_?JY&pNfQ^jD#oqL-=<@!oQA$s{iB>bmHxPK@t=Y&Z3rbzhXk?@});gc4Jd8Z@cH$=i;jf9_!ga?;|dH*aD z{!}FV`$)L7G=zU{Bz$Wm{7^j%y^H!6v@WhSGgHZB)^*TiFT+eQf zdZ&pFp1XqV5(tU*0>q@W-MMe}2BwGL@`}3Uxx3!UHv$T4 zeVxm_Z}vsZ71Bs)9764c1s%&Lr6+Md%_wC#)y4f$jTc3CjqE|!(Ik}t0;#E&vVL%azuT!e`K~s{R!H|(T@+OA zJDx%(`zf!Ij>|&Syv8TeShPR&)J?|~Je_IMnP^WAeVI{SQlZ0rc}d%QNbQ8e3Z_)t zLRsh8x8D!$R09Z3??&S8E$Xcj{gHa~45Rl3-Mt5IPHh%{XKx{+=4M|?RzrvJ6+OvU z1(8}(SdUAG2>?2b0J_6;NW)H|PgMb&Sq%CuCH)pH4m~OTb`werYScCo(lT9#ue4#6 z&$4u7zTG28DkAOWYBv+1HRwQMgbozM*iFmpSq%Q@7Ttk!Qh;2kc%jqKT(`E5C2wks zt)T_J?rX;aQLT3Nbw&4GS6e_2Lj`p2s=Yy6%85(o!hFG=l+NvrORq{8y?Rs~<*aK< z1CwE|Wa=G3%4K8SFsG7-W-c_vZ%)&?z%wuN<%d%yftv7amG5cc`83OHRi7S5 z=t}wL2(xX2{2BVCV_Bm^Y7}I1gkTb*Ne4rer^bY=?9q8h{!ZJJW=Sbp*0d}Id?Q^e zI#~}e>EM_aiR61z_dqt*UIFrXWUv#+10SguZI^R2^E9xJFq^6pNeLdIHnt+)=+w7> zovltMF-E5zjlTRU`toG-B|cowgBGpVd3(di5ek2U{8n{3!p`mJ2-{Xdd1=%Z&h=Uv(ynJ`N&|acU#qrf8l;z6$a=@;6fGR-HH}9)?C225#ivEp~SD zODFq?(O*KeIv0O@Tm1(0%nY_!ZpwrgAe{E5hS9kA?buUjOUPd_M5i2LWWo0F%XU7{5Ou{`dGD zkMP(U{84B$W^z(8-EFJ=c(!*t>IZm+f-5z~{0i#~&y(IyjoFOYiHOwLlPFK^lHk8G zc&r3}!XRw5^&Af}0_NR%#Ag@*D=v!oFoVZM(*BYW$44UWV#EoNh<%JWDH3rVBi2MB zwlQKYB2r_U8N4czb}A#*MIuHSaf$$AwzJe}k+d8m&On5%VDt3CL692zZ_t;UABRE0 z2MIa`(3m0NXBcr}B;tLHI5`r*iCk?!L_qc18L>W$DDCCuN|0Q-P91}{ROu=aQYwx4 zSS^&83)Q$h&*4-Li1liP9{j>p5Y=sK@*W>7gKEL zvQzO8I1b$fT@SI@q!>#Xjzy+}TAdMrgQ{(z=@#f` zjeQn>VuK^yGML@l-y3M&r7m?Ys*J?=WA^}7Psw^}Z8b6br75M5F&2&rzqCyq)f{z} z0!ocgk6gJ*}jK%O3V5z*t*e+DEPdz|<}KsDg&;e9@QQRh3P%;j8g zOPxF9nNwHDvqPa-i1!qDpmm+2Q*Yt~XVeJ=9sxVQ0I2OARS!g7Yz0x}i6)MekA^8D z3UioQ%Z;cHMZzDbhX>SES~z@~QFo#A;#RdCVcV(QjW^K;^k7}j#Vv*x`b9(TUazL- z#JsU7W~+K9W1^+8mfe?emn|smcF67FeC@S(?B1yURx;?CUq{&W>OCPW#tU=r4P&CY zFH<+SPPmZ@MpQGLj%HhJH@tq$=}{P7emSGw78WNptG6@4t-T(}j#_{hy;$DJMHJep z(H2nf2jy%P&p2g@cmen*`VB0)+nf4J^sgf&$+oGlW>JKmOmv}=|CqzikHxL$xe*ky zE8D_-<#Jqo3;?B=0vD0z1k0`JTD+lyK9In`9z2arDjcDHnrmq5~1jw$8 zSwBMh0Mec7p}g2xx7!Uhe)x+_--`-rceB_g04@VkZd?Q00|4FHw412C0dMZi?_iUG z&ViBUm(R0>q%*HZCc}m5P3W_1EE6+>wBLY`ya5QQoQ;W$$!LwP-PHodt-S`7l!ud3 zKLC{yo-9H1azxx4WFgY-CTnj380Q|!{!Bm%$I!x4KuAb|bl18N=@=I1x2vV!JZXs| zElI_7OY$_iM5fM^qY-j6Lj7}l$B73>P>uw0z|nHVZImNgA{jYy3o3&DNH|b8(q7p( zIIh)E4??I9QsPH>{!W@j4>9(I2R@H>V=!b~VN`#fzDmUdaT@6<83-vaF0HBE2Lvid zd9}a9Gq(y_LuqS8?1|W zr=f}XdM!&OY$16%Xb)C)?hF>Sb;cs^McX3)Uje}Xpgo?9OU*knDahdTF&;H$dLB6z zxaoNWs)b+fP&4c!Aq%xIj7o3nY*0-b1}Io$KG)LaGS^X{aUf19dUV1Tbtj`k{ZPG- z(rCTH>~ElT%oc^YcrIWNU4abHT_pK0b6QA37CfR*x2KD|u>}y;7eT6K7TD<^LX9wm zW@b|LxI7&+S;YR5+SGOozVe`caYgFTByfRad9$xU7nQnORET-r6uF*DpN2NCS73;S z7}Uq{4kgYiaJ);suKH)lib|KOeu`(RTVq^;)6uW-&V_qB)K!@dG*(>06Dwa~B?9@6 zKYC6Of#qmAa`b9CeMnc+qbC%}B7~p@H3xXTx((6MzBos{n=y_%ciuV+?HJf^*b9V~By z+5D4rw1h9A)qUzbb%ZBhnJ&hp+0a zm#=ow0dphL&y*6%H^Q9~3c`C4bHGh`xdV25TX|f&ZH8c#qarbdq3XJzl;C-$dLK%- zpcuRdPZLj{P1<5v&DtBWQ$Ta+2iQG$J|B_T7<@UVS!@NqAF($}c=V=i@NDeYUX7zS zP2go9c)1iWgTc#1(Ugm$dA8tXkp?^Nrb)aMl0l|TVbbVLo5Pp8Z0CATLbdk;txAu1 zbFYVZ8?0fa;^%1r~*kU3R=R8k#o5 z6_lTg>pDRHFW~yc23#KsaAoa+t43qBUGRtg2vpT)b+<~tUcm_9ZevJ1+(=_@=2{NR zE!Cu#chvWo$wZY#d=sivmv&oVf$ubCbr1!4>>GM{Ig_9Cvc)z716*UB8p)u}k)9S+ zCA%$0YARwf`>t*T=hz?GV*AN}JAMkT@3eB-8VMI~IJM{NFYTRHU;QPE#aDm$7E8d3 zJd?zqbOxg6ST7SRB#(m+xRa30r!C3Co(HeOnq@fNNaaGaSJ06BE22UeMw<%>R< z5yx={9NAdW%{B`Chkf-0^7xl@o^n4`L}nP?i2R#_104%Te-%(lw@{y)kRp6icp)j= z_jH@2n-{LakPY<9@XE5{c>d~f%p)25 zdJgX#Bo&2`%mx~Ju2;X^7=#r+7uPxl z9RTKpj}Rq5g*4Gqfjz@vpPwwGkB>%jpyzQ)s<7brf_JUXr9stKQT49TC@_a{AuoLp z6v`oNx+RF>fNF{&F6wJ2uM*$;btr44*xqm8k<#_$C*kaK4G`aw7`S*MQMml#$;1#$ zN!G;^@c`}DP1rNUbs|66p4_$AdSGV}_*q-vC^AE|q_4NYuZWeOxCPKeV*+!mn~Ci* z-9Ewj)s{iE3t_xC(?BPf2H2Od0niqXeG_#X4Ip0cNYaKl{~=|Ft*{qLy&)!>9V-CW z0|u9&>!{lSpNbF7JKf_vRW?@Y5%-k1__birz7*9{5lGt!$Hh#3Cv^@xmz0S=>veky zgu=lsubh^Q#^Wc$!*9d`x~283;~_eSw7n%Foa4rU2ZSMY3<@&e>z@#{CKb;Wmb?XG zD(~@hSxJ2psc|Uv!#?6oVD($##ZMR7?|?qpHvAygldk#)fZa@1sYh?GN0W6p7TI50 z@#H__1k*Q~>uk$u(Qfad6p)Ed<`?ZI(Un|;xmFp_ zF4wvoZNg-Oar`X=Drvhq?&%p(djX;AJ1;}46$eY&h!b!9P zj$c|Fz*W1NQn0f58PI{7i?j>6oV7~YrOTb9@CjNG;H=TzmOJ1GZbQh!G3n$ntaUT{ zwumno>~wthc#^P$g_6d?P~Oh(5>)5J=S)2L2g@w($z|ZBaf$EPAk${9EN8IbqIYg? zx=Q6$>xHKRmj8^~pfme0fZ+1`2p+L=mz|&e4kKc--^Qbq?QqMTi2EMnI^5as$}=`A zB@6G~g0dk0VS8ag3N697ftf=65(J~$-yW8%zK)s7R$wt-S2)93$`yMLtLfnZz)~t+ zJ|UjdBaBv>n*glkjPZiAXNX2QXYU~zJt~7t?a4BH?uJm8Y2PB?a}4QRNlo1Z``a|o zf{&~E75k66?Ukg(Ikw8+sgZ-83+yDnV?k%Oj%9lq0KNkN-|ols_Bn)9H}WF0y=6joST5}p(i82aF*gCjPEto|l#@y@ zLe4KRXM3`cM)PC zsV2>&I63tj)SEJiaGWJ~#Wgi_zJy6j1jU+C(Pqk|H@E7iLVB`JP>oV5V2vo9%Oj0Q zO^`aeNiK=55r`+^la1)MH+LHAKvp(-ZZ171+z31|AI(EkR*DsMs%rPZ)E5_q)U_)N zEFZ(C5mQ+-wIhyzP+s@H2ikX_SS8Ru)oPSx9D*?XJoa1t>7dZm&D8UJtE-T10*oPIf0s z12|pnT~O-sT2QwigF!qIEucSaq&FqIEttx6TXL&I=max$cP8`J=@!KDW;2vYor0%Z9R@tn;)Z zTIWv=S?4vV^YkNH=TD_hGdeRa$LB?8=TcN8|1PTc>rT9{KcaR2Y;N5bqV6TE_`-U< zZ1aXATJO(UZ%^3fq?_D_mcaxJ8wCTVZpV5B>ONzhx}UBL)&kI&=j+ChKr|;Hh{ci) zxoM2(zzSnmW5oclqTWZG&U}_|S|`;+aT1F;aniZEdQVI2OhjVJ-O+B z27G(6#$^oFldjxpb#`mI0XwZ9!q+v0D%=+^Fs z9>!hf6lvwwJ{*08TIs4zNtjnl=h}_bsr`G51>|dgkY~<3YyZVpX#+;FbxxEXTy&(y zzJh2?8Lil}KsKm7X&Mwon6l-1{B|=Feq0MuUn-T+uhh8C(fm7T!S=DVxT+} zE4myP9YXUu)}>Po+NISvf<^pGt6V|6bhIW=X|Y@TIw(`>*Ayzj>E>&EPfB$is7^1I zytS*i-&^PPbJ1QL`at!t-?DnFG`MnxOO4<`YZ>uKJ9<$_KE4@d)BVLWMpCk)fu;6BZy%WAc&n;K`;YCr1)) zrd>TuWHjC#2gAEVXEf+`W;zAiR1$$bM7w?LUFgtEY_Pf}tQI)uCt4CBrolvHXiX<+{50Ht4|Z+txIG_d-yKRxx7tGs9fda$kVOS{ZMtKP5lS9)=orlCer2BHvDsKpQC}!ONJT5vY9_=vJ$_zz3X!;R4r<1t^ z4Ik{q{fm+T2RGE7)NJ%vg8pHxdI5D4CmWu>OV`NJA?sRp#m6Jeth;F;y8~yjV8mR) zpv=wG8zz7|d~NbN-j}`7LGa?yjwndr#oqv)svVF1O?@6Et1LpcI5(!c?E}3v%x2x# zPqdKR8ej@3sZfr+tcv8z!1a0j_-rP&vtsw&t>C3`UvJLQ$Qk< zFp5tMNaBQuoL=HH_+dG3!MVt~HS!yKJ^*Z)=dwv#{U`7|yqZsxntu-XOmZ>{U#7+DCe9C93OAWs(_R{Wsv+$8g-=icx={J7zhpy~5hZ z5`q@z#Prx7fiLb;;H0dU;?MbcwEU9-(3lBoGTNdueObbSRJuE@1gTXzQT7^XEb5!c zwi`S_Rx>GmynrOlKx@&<_3%kl61pH@$vf0NNJ!=#m6`x6>pUV(PX$gpb%@NUwH35yld{$yyt7VSbqKlety0oyz#p#{!7z z!UX1fV+tYX%c@0;;AK1K$M4+fRaeAu%7k@fVt4NB`@XIu6U)W1^0{-T%r7Q6FKmwb znXjSlmG@&4QkF?s4|+|!yfE05I4)PLl}DqCC+43lRw|x& zbb<(8uq%`G>_igr51`zbDuUsQrk1RW4amuCZ0tiI0X#&_P9!#)8urt$`y^nc3Jr`$OcVE(d+&iJ+hr;>$Ql;fVutCo=mx*VtQ;Rz%|(tLS|V4aDTWQPY|Hgi3ip? z!X6;9**&cTbA2p!5jWi9lC?5-fX07?hMKFCJN1Uw8t7~2++Z)!Gtn7u4J0gJb6^cl zxSiP5(jghGu_zfSMR0o<3Pw~Q~M|PpPWgS3z;NyQHt>JN5}_(mYIpg zv}Az;L~|)H#DJIy=cLyjce=qD1b zLqR|FUByyx5%}B&xHVj?Heb@wOd?LUwBh;0NeBYp#N}b9hn0%WLozIEpyV~Tt@X-0(Xuh(^ zH*x5Ev1mTb>cZDs4xP`7=DXJ9yQCpsD}nPQyRTIO?)Gjeyz({id1{p|hqkuBCvl&4s@XN{^>} z1Fvhiww1Vw)#x)bk0`_KMqcr4&8~8Dg|@F7K-n=2e6(B>FeBaiM-u&>Hi_ETb3UB@ zDP}g^=K1pEM-uR-6*H>I^DmJ+XrQTw6N>Mh4nfBy7B4ZOvw8i=Fn`NU99K^r_z|{L z+M6PY_NL`;yO2w!En~ERBBfrNYQ7-VZ59CMFoE!oE?aUuN~r+X+9 zKj)Kb03)CV$UE`r2d*;rsu!Zl;Y#OnTTQca%t>4ElsnEi4Ae{bhIvc3U*|E94oq&s z@p?Yb)XS`=H;f_DuPJ{n%x}vc7SkIUn-_Nih1yNnj;iBm{6Sf7o6xqQTy?3z*^xVM z8q?Ux!gHAN_A5@S&2rUn@y(0lRyf+I4+67ISTohv^ z6}iA;l|*yYK4LJ1^*k4Em6TcpuAaV$ktpdFK@Ye)vVl7#a$*lRY{des7dKw8)(%%l z?QvLu>uYF7y$t1~>&sl;9Z^?_%`!JpybU;Z!&a}GH=StM3N}6O!4JR|q8p>L5+PeIaA-=RSiu&E#!Uixzn&( z8$eVp8Sb*_U+$M<>Pql%^LoKmi&^Sz4M5!dTY_jjmg1q75oAjv2zX$a(eG@GmO5+8 zkz&srg}=iUdwEeQDWJJ-Ui`}YUUi-#Uqlvgj((xYf`cFq`CO75=x@jmtWmjt1HGh- zSiiK+tBruZ_{x+t;dYcq?^rfR!qtL3L(-a-B8d&IRq&_m=F|Igo<24GvHds>fZKc^ z7yQR^Me)nk`!sRutP8{>EVd5VR;?RRznfd(Pu&lmQI~<*rfDN6)h`VL^Sq`$GfP=vks6SgUi>s{lG| z&yM23p^D9Dc^<>3(B);o>qV41jq60|n{tQlBgd^B%M1UFf0pQBHAdlyZ*_T`~9}ftwn7i9_ zLGj`UVr{a%a>i23;nL%73yQ7I89koB6Gio*OrLEyr!I-tB zoikFlmKn>8%!tYfQ+P5yeHyAx?_Xr(!ndO}aL4p^;G1le4=axk>eBLw<4{wfjFVq% zrBgc{e+|8AT1+fH*uY~W>muU2&10=WJ}tIJ&eh|LeR?A3xCiy)9ucJ}?g``J_$S3+ z03VnuovcgO z{0}9EXkdSYLdMZ@crbuC199}D=LpdfrzoedqxgNWE@*^@2Y}mNq4$}{G+gOgZrjrv z8T4lv6Yx6WpiiJ*u!kMMou%OzgBxhDrR`4N3x12qUv(SRE1|`m43QSvHVOM=rdPh5 z$L|W7>rS!f=OuiiO9!Zg(LzUm9QUTrM)~A(=06=z{Rm30e#m9W`!)wue8%G#^5R}DO^$*GFYh3N(0Cre{wAAX5jDm zZYq|}@z!O(9V#WC*a$lhkMUPP&LZl3g!{IveF@&sT_|&>MCB*9WjzVODjvj`{9~Xf z=EgR=J zE|>$i+rUj3xLpFba1Pvd0|(QSwBtNHlZynb9lPfjf;@{JIr*Ki;+waDM^5`Gm?Ps3 zw50Qg(Fdg8d+;Rv{)!#gg3hlqaJL({mkHclI`1}cQwDCAz|E!eb^|wI;J`~(Qj@v8 zbW8@0h^@H7Gr10s-GMDMY|9`Uv_AL9v7gnP`8_5IMRs<$Cw>)g9jEbTCC$xjTFve=`6*CbTY5&{Vc@cLlB;UftM$Xhl=!>pf$CkJ-u zo`+x=E`}T-x}Qp21`VWs4ufr?X!=S=AA5Tp>lN7WsiUk%-B=EN+gmiT#h|O$@jHtF z}itnyp#e@0ze2C*hab@2jZ{Oj1k#)WF2-fuwR3*9TXC2mx zk=t`v*X5||Wes(GA2DnfpNH43Wz_{iySig_?|$4Yv>~XEft=VCcA-@MGZMYOn#0Xc zz)x@gZFH94E6PvdY>7!<#PpBX(~C^M`KBHtXrU;zx6!zttu=w$M*UhhD( z-V2?jI{E)Rg)=qvx&af`JsQCL=B5w^^#drZzr7B`f`S*g>G7Zn=?(pjZe!sc5JMIO z$3d=o8j#&tgOZq*f*T+-yE${%EsmQIz<=#tISbB%vS92|de0pmsl)?%kOdQ0;C~5E z6K{S@qPI|J^VYCASZZ#efW9v*A6!C#j|xA)dLINHSvL+u=AJJXw?@I`RlwyH&l)cE z3o*nHNNnI?lAOju)|aF@fsE-b#Or3@bwvA${xprE0pGU~LiIv$&D&w@uU`QdEVsco zI1Fsul@E3nm`)_|mS=%+2T*%r{=R0$rbEQ$#t|GM<^@xj5c+^Ej*MzQ0J@b*Ba%6D z^nu4}V{#cuyORvthg*xv%cI->hTu{2XK+;s)l}gPOkw<%HT^_sq2Of)*zGwV_W zAbnVwUTNO|x4{>Vd1BUIAkS?=D>H27Z>{F+`NtUe8zP+tWb<5c;&c#h*z7sK_0R%R z5c;6TXMjze?dAbC_ZO`LuCLa-kBP)DC&ZZQ@2^loUM@90o)U+m;0~tR4w7MiI`??` zF`O&FOz7?Q#J7z*%|oN2fTL7+oF8W;jI?M8j3)cq~;Bse#uAVkh8=|J- zkNZ-8@Wmb>YQS^+014KLXh%+;4yO}|xOc|f&0{#)gf_YQ3N2o^Z8QVph#HBc1xS~bI^rkWBN62`?x<7!@Xn1~N zK)jE-UFZNWR`81PdAbKw$+$zj7GUV9AH!qw0d(c~n~{aFkKrB_9-`WeNVi`ID0?36 zz{Kbxl-W0_sa&|E+Q}+{*BeG+R9De?SUP+jHFd|sN;7dOIIOM$iKnZ;>7z;1GDMa! zSWRv*@RJimU>!@YdjcsosuzG0c{mJH7`idzO>8c8H`6G-N%|d9QSe^-bDU_=^XsqC zMENFQK2&8-rk9(N8<=06)3 z@?gIK-`(5AEeC#o4|@)Lz&ghVHWv68(hqDJ@D0WqZUDkAgQJPd@b^G3WeQPc95w}K zmg8B5c?IS>w~Q;2V5)XusmKv#jA70(ZF1lt1}?JqFjBnYD`Ky$!LEkQ!Wq~pg#_b# zvI!DcW6!_@j@y_(33t~73tb%mNPulz#`a0ssK{0OK{Ol-px1ssE*6tOzUty47g&2x z6Sfsx-hGO)upJW!C4dCBiU21D2@*g(l$9ksU(5Pv0&~l_QJ!rwINCGE<3(MA zZY|OteK|%6W@qAw`NaA&;-I}v-#+LHqVa9 zSGi`1D8j^UmUtpe2AU(WX_iPLOn#arjtCR6S)zzAIct^}B22VqiJ-lQ zf8~Q!6t@wz?MGpngWEJ?s|U z9rm8%B4PHOIS`Xm|3c8cHRk#^1i4+Bcf(_vT2`$At?rWkXC)O}CKbnB*Cp&~kI0?Z zl_h3aV5vhctaQt98fRa97?gHL;j)USPLolte$NWYC#zBZ-7H^n4_0x#*Kd(# zcsd{ObbmDu-%KRni)lM0a~tJDN_?o3dAsXwrCeoZbx%KkUsK4MO{ z;KpzT%O6DmS%x==t3UA_{t!RKQx>|K?q395?y1wIRZY-}s2wQ_{Q$4~B5n@UG5y~+ z%KxffSs&`_esB`)r2tQr`i3x7a220Tbhl-+wy!>oBy5&*rIEyZiMdU#0D>|mR{+IJ zc_`U*9j5xK)poWs8~1SkPdy=<>`u;ERO&M*?Ca~%rq>HE)mwi+s8PS9`U#YdR-A>$ zF5cIZlo^>L6qTX~;aJA@b}R#c_v7 zrd=01Afeob&VI)JsrKvJLlG)-WJKDILPGW7v})k!M+s$X$R9Ik?~#c?X5qZ{_EEH& z@^ncvwmCh^^yy0HLs)qvIB+0MUL4>O;t-`t#?CcYq5&U&#w6+2*yS`yh(jYiDlO>o zyu+f$;$~D0Jq8Yk9-qc0EqidDjx>GrQ#8AwFV{e3VoYMs5tmA6)=B8eRwY2@acH$T z@DXxOeF-?Ua+$4C0I@Y7mH!ri1}ihoi*hsm1%Sp2E2{0df^!fh_+xPBF`7@ldR4qI zTg7zfAVofT7cVRs0k=R5))5rmmgZuUmYNK&x21N2Lp>_PBE8BsJE>XP@NmZHJeip2 zL8Y}?)xr!MFFX&IAF3Ggm5u^V*xbU0+TeUbJ!i1$*Q3$_!X-NoJrr-gfc{SN;;jKM zYE4&DL*&7=qtLRcS(Puh)sHDSE{P19GFsQ)-1l0I(&zrM0ZddDR3T1va9{)*uZ-&> zX_|SQKL5alyg7OhoN&xmaDfv?Q|-C{=0_bew>X8F>K23ZFF1A#Rij=0G^C1XoOw|; z$G!m+ox;UceE3P^8cYkGZARHMES{t;y+|)eFavx6C020VWTm=R6n2giJ-@W6Ui6@B zeJ?VjOgb;#AP(b3970ucggf+JIq6SLPCB9=DxPkTp}j+&9_uZX^Rh7VOIxY8OWn_b zyx#yj%Fsw>ywE=4q>srLd^%(2mLErA{O;P#4dQLte@@v;FAZ zTHm?~{r6Vlpk;|uSVC2_8;!=zn=>3|Ho{}40*rltcbD&&xM2PX>4rRAI?okVoOS*P z2#Oo++jZ0n8FfFSl0nq9jQS{}QaZ{AW%9G{jeic5!F?8;PGQBmk06X27<5r9*1bz! z7voh-Cc1^Y8phIbW-LL;75-f|&zNXX)-iJCh%tQWy3i!Yq-R?IHpsED_hHiy1r|DC z{EV&$^3eUY52nnI(Q+X4IK^u%ORmc9V3Wa*xQSVWL}X4jODx@Zlia|Ofx4xqX>c6Z zwAX@kZxdObPnFgfkoc-H6*=L!PDm^Xj4Uvm6mT~9x)bP>+&I3DDSjL9x1uI9`Y}V~ zoXOz@s)5cC?D0_Ezy^(bN6h(j97nnWpO=6ME?MYGmEwz1C8yxSu#9g=P<$f;?ba_t zKGCNddWXaUBex!#UIQiS__PqZWy2`T?1jM3c<0>mGt4EzO1sZ{quNMm?6uwqm zCMTt*$s#fr!K7{7N4!Od`C7=OOfgVg3|_ba=|jlT*=7vOxOsRx z6$aQYyF_PH@;!nlVMo0$Sr}S@(y#(-EUl>^V-nSQ*Pe{k1D0`m0AXn$QmWeqVVVkw zYx(Ypc!xk~67LvH=BifdpnQuCa>EW18lMa5{3U4Y`lYpD>Adh>Sa)MG+xjX@d1=$UZ`1<3mHn8vK8$~sU}%I zy1BT8^#(Pe3liW~a#`oHr(KVq`VgAm1WfM*%^i26?n_9TO7&XT-H0s~ccVTfJz6q6 z77)hW7>x13T%(xjD@IDv6a3sv15L8Y$Q{aR;-V|h`9byg0!tk`_4gQRxZD_qi`-}j zSXwhb_@kj_bms{k$bOs$vad393bDp_TngjzeIwqPY!}oVggD>PF1`c!z+bX2!~mza zfkL^fiA4JYY)4_(k^w0=HQ=IoW7>nbhqov^OovAfzJ` zejwSSdPlp_P+CHo+RREkBu`(pkBjjvRxe`XZy-zwq%EJz75Ex1%a4j!aQFcRuFmU}=7HcTvYdL3IzBThD3$c@IN0qaH!lZL2zjkXV%{#pS>miU!^&1BeR zThKJ}8~ViqQ{6|V5@hnLFlLAq&c5maLQ_FU>jLJ{99uBpTFrptxX-B0z4P;6gO)n> zB$1oLhC-9&f%>c2aQqvsL7UpU0y`j4&Kti6*~ab^8VL7Y=z;rA_R#glxuZ^#WCp=L(xL|9`VttaH6o*27UGosRCkc*U(kc*U(kc)c!yu?m4 z7`2jGRzL_6taOR4wI7&hd@E;^&d_m#VcapLWAp$hFP;wvsjb|Ot7dgM+=$`S2zl;^ z&kKT9=`8rGqitn8X)G+C=FDY{P0j|0s3lQbVR^wka4SaMr)}g8@8^<#rE^Rj=ir82 zuD{Bs&y#s*sd|+y1JKzo7v15&>Cj5vHujlrwr=nL>02sqfF4or`6vg56kG1iEFUR zQ{3dv)%P>yLj;XXT{%u&4JeM?0T9k#lLUPh=dXrZTg^(^0@EZpDD3AlQdb-L2p>)? zu$N?nX~ctG5@E54opLgJs(EbJ&B-Dx8W4l9Xd;jqZK55p7h26$rRRv0Xe=o(50b$S zFwB}>&aFBVtM|GNumUX5jSmRY1c3d)B_L5TUMM!k z4l@=utHO##ZZPTyR=IPMxL@U3?*=|#TznD^2jEZ$R)6ls-jOx#Mr>*Znm;URQ07b*4NMJ8+Kz#>puh#gC=6pbMi zU=(+C`>1AwKCf=8&~)4YytO?HmZw7d&`>V(uPp znx}-m*n6f;hwEygCwsB5Le@~}L~k`T)92?{Rubg}*v)h|;&Xq7(#5I|H6OQm!gouD zCJ=g;8RY{2)dn5f7B=c7=O;0r4$s`cZPb|?@s}nU(wEC?KCvU)X}cTalQ7Z9d{gQ+ z9mV3zO4F|ISHKnunJ*SuqR?gTTw+Z>*&;&UQgd z57q_ifERgK&Z}~Kh#gOlFxXHci*G$$E*POkNI|SUToxDu9LGaLSsYc*u&lRDeOAu2 z7g2=1^7D2q`Pyvtb99IV)g)K}Jkn-yhwN{Ozc^*2;&KFS2_iS*ht;-q3VuF*bUZ;r ztxfoi;>U?}0KX!BrR`HIly#k7x^il*Jhx4qFVBmncF6PGsq5vrVQNO6Yo~6N=kZf_ z%X7uld*yl5)aT_{n0i#6`Ke#Y6Due>%g{UdMPw)K3$qqgzejNAo;iJOxL01vhWp>` zz)f7$u{h+OdAaTokjAaTUk5ab!ua#7zr&36UY3Oc$bEjAiMh?+;PsUM|CrZP#Kp;( z6+g5&UQB4N_&2Bq$0x+T7<8V6R!f(!h}%?=1Par%M;lLY!$FI?xguX-K*bmFaLAMK zaI4T|cjFTjFF~ng1!a>Z!!zYuAThquXM9wI*w77izS5Uam&t0yQKsa^)7_>q%8Mgc z)DNr7VJz|#C|d7Bf94?EwdYnie#Pj?xoV%-lIhHa%jA%C9BzXxRw3L_`ZBH|@-i^wyD=PDm83~1eZV;VErh#{2m)OS zzDa0G(Icus=ry|6YF5$im1a&Jz))mdzMz+D_A zgs|%nX-f370W_eupx{o+&DiRA5_{NKXn=mpt$j1gHSF-u=WPN!D0AM9!TTZLGYIF_!TRx3Tw_hJ)>UklL9 z&fv2Az-gR|MtNtzFyA6{1gFhdZZkZ=NFhy-)$oY7xLqmbL6Y(e7Cxsc?S~S?Yn=mJ zxrP1$h;Ks%d^t+{@_-L2coO4u{j-fW>15k4$nx?cpoj0a>}EnIO|m zdo+-d_L=rfhnhvAIIhPG2=)RqI1kU-D(BTZ6ZIdmHxJpG(xUFbbJtMckR|Jn-J=If z6A8s<01H<5^1@g48|*d=6<>{mvvv!=I=1%Ay1C?X;4|geZYrhKd+>K*@nn&qo0DqOq zZY+sfjeE#akqd^5xHe;=?)hRQ8*$PKe=OM4(Zn3P164&b2Dod-5ZrMthTRA*IKB*A zIx~s!A5!Q6;37N`c}X>$q5lkGPG?MFoJykj(ctO~*c0S(jo#|QkS>Lu3_haV;AMe= zZdmst^n}4FaI48>Q`oqj$fir%flS&ErX3$g`3$I5i5A+MX>Tqxg`8BVDa(TrGpPZ1 z6J!&aG!kQD*wM2jn9k5;pA*CAJ*J08Ob-u+s2{XT^=x8F2`F#+Ifo{^71frOqNzhG zqKIebP@@@TQUDBMN?yBz@>Db7kwr09dUI3NSWpIxqgxkn)S;NN#64-UUK2TVXM~aL znz48P@u{b{zUfNA=f%um$#^(_+1is#`$S@jv_2der$!A5Z4vcxs_TllgSC&{1>UT? zgK_lHAuKum1fuaZy6t3O7c7mhdK_qLA3G24$#Kr|nxAobCixj%(ag_oGwZqF=YMX+ z&vD=bHrUpQlSPJ|F}7N<^PDjPOEQ$2CU%YwjJD_6@zEvtoQ*+#VFa>*Ov22+qpyF4 ztfD_R)N8uYl-9u2U2R}!BPUCD=GwvA?i}83rc4w5jqYxjK6B1KEOfi<0NvZofwL=` z@UekV;6y?8JruvYMmICuOPx}d+ZjK?zon7pS~QQ=UGAW`&hMX>FFtHLGjGNhRz#M& zI8W!y{5fAmM|EZ}bGaI4XXdR8bGDHEfG&&`%+0}^Mt8du>XNUgpNx4Zo#?|xWH>9; z_b}ioxw5({06hhu zZbgLb!en>c%ntf^Bp`8^1DC2blhHKgG*$?fZ>lgcPQ4_=k993(T?;~iUPv}qc942b zZ$Yy8z%>=bVKGYKj9XqB)($s5vuV`SV#A%MvTG<6;Wg^F)&k;z5}?_RUo@-h{caqm z?#Wx`T%LFY#<2>Z{ec^w_kuSf{%(cJx=$k3c#t&;n!3~5l$jO#?O0xv8N1mt&zDwJS+`5bvMoc z=g|ck;qm9eFB(WT*4RvD&F5bXcp>n={C^h%&*Q$?IQVFBp;QglD(9o$??u1Y>GFTK zO>hfMz%6tgkK`V7$c_Hr#q-d@0}Y^`>0UgsF$14D3MFhM(l!T+4JTX}$+-Oje=6?j za(9N)Eq7;*<@^PWvMIuy@0fY;4-F zq+q}KWX$1*=Z7jL+Gao0Gsrf;={fQY_hshsL;V|Y7KRnE4HY3G8?2vnTBBj(#YT)g zT|ZPKTb~U#R&DlZHwKbcUO-SLWP4n1-5tb>HA+@-4LUMjtlYDEMqaFX6XG!Zf||Wp zwJq!(*f~BXy#2KNSY;FRV&t7`OAq{5BfF*8>1YKQ*%v&hA8Xh#bYsN{YwSZ1+h@s* zb?@QxZ=)-xUW5l;u=rS4ee4{r7i^MwS{v`+%NFJ0aol9n3N*^b9^9`(Cs;D>_+KN} z*xQAI!n}uYf_)Jo56cOb{5!sprSr(=yiTyx`CB@{l8wiG=6582=o0x`NMDv0IKlo5 z?^@c56D;?e#~(u6*w^X_`RbMPIiQLNhtQ@-YjMV#%~-vU1s(K|x7h+{^ox~|*yI;0 zafjm<%ZiO(Ec49k7t3CxUn~dU!Tn;x@%ME7VxGOg~~{JK}56QZ869{?PkFtIHNuga$LZU>#1WkSX#jr8qKR%hm4<0;#E z`qk^^F?_Voa9fk(><|<59`NcOgvT;VC*5l&~uhM zS5JG!-EAb+${^?b@}{v`Gv%&+rukdVq;=QZsJJ?~>+MD|!Xq4Y(Med}0ONC)uIsQ4#PZj*2wq zG~TydgZ>G4!kGcK7dqkj^BGLFU^0t%vxlBejMI`A*_rQKN4LFhxLlF9n|A;k$`CsM z?**h8fH&jx?ZWLiPr$IwiuAjO4`@S~h=!BRL2(USr0F!sJ%h?~4FUtGE-Z+hDW`8UPEMQ;R>iq#N1elf>}kS9&w{l^*8W&xd*!3+ zyPE}n-BVzf`cf>S&5!*f8H*o)I2R?sDR^XW0~n0Qb^9mPe!QE#q54j1!9U^cC?qg2 z!$bRcq=gRJ>s~rf-Joc6B~jX%_e(t4O7x6~6%pLs(y*2YMh3Z|O{-_2(Br&6#-ctsdt?A_8y=gI0ryin=UB; zj}?Ikvh-C~)wB3buHleMb6mrjOKg7d%(gydc*ZM-^+Ihd9F*TdTt8mMeOG4uzzx5z zF++%R4j=3;(oJ4GY!5wfa3HCeC*-6trQ$|wvJGKw}k$(IwR?B%<(uG};hW|>J z&(oneJ~2;Er%J*6cxd(#&)KdvL+bJUvJ)XDKTs5dxlztHiJjgSAiQC%&X2D_al5rO zLAOeCy|x`pcf!Jp{;}oWjrX8`wDU8*w`uo4Y|s&U;YhCz48omUV${j-Q-B`u%sipL zhBAwuTrm!#66; z10RtFd}gC?k#epwaGT6-YU^ zNcw^~<$S)WoR>!7BIWEf<-APN7tSdM!nA=tw?^S2<-EX@^KwaF6e-8GP5}SFmK>CW zvzF@17(`_|UPQPXPUl#s`sE&@5hSYE0sJcXj{v45;V&Mc_)_a~0x*GtmzK55;PVRN zlfb1&hM}oborv@=HJn7e%{I^Sb-<z1702DdO_ey9;;65RJjU?|K0$9sj^Tvzcu`#*ucb^o zEV1us0Vnd^wH5h8h^StJ_7A+f=_R56V1*?u6_!}Nc~?6>;K{Z zO8pe5k@~+L*8kX?`Y&MnFF3O8ry!2h|F*FH{d4NazO1ZOjwJmlz)k&2Q0_Ov`X8TD z|8rUYuIK7~ha<#)6#S9)e>1Ef&R$LY_iWIg6Go)|e+cXU@tpdf4f=DUiO?TMG=lN> zlR5P_&|jaW!5%&48_Jo(8vnfcx4nJ$k8529-hf5*e_WT$I1P2R z`i{>L;w?@thPFoo|A#}`{+zVU)@57L@%F99aY*p@fnEl3#TzwM7uKb!mfnuyjHBi6 zuTdr}R2eSgF`wWHvIkHs_5yjVu!1#8DJEa9f|Z&|Zn>rpA&Rwx))w(D^LNE}sn0=T zSCS~^WT|^j3EV1#Lw+VM9{KG_UOmeDd|4E%F@5OK?ijv|vNOC}nhR$+`zW^)pM~lQ zP&Yo?RFOa!jLQjF55B)Rl@NoqFMEj^y9);(3 zK?@t-A^t7S^Xjj}I}c7_9I5Tdp#BbYyGEk}%7iX9!4gR>(+ z_7bz-)l>~C9jpVxVjtGAt~Fk*>OdjK)(b(6A2tX}jnvPEP}cX@#@fGwX?XWGZKSxE zlgCc)Mne+{YHUe#-hNYWD+*ME0-A2i0=QNfg{>Z8mM#3qb3;3INl{ult;(6NWm2lv z{T7?Hby{jWIAZ?B0gm+@tbHqu$g&r4V#I94co9tvcWmM$Lend)7o&(r8*qY@dv;QbcboOQj1xNTWjJZGFe`%v)A>+q+Rg%qz{ znLthxdkvDDgEnU$b;`I7gmEKgF2gljQs?&VbaGn9(&PIZ^U12|B1f- z@8BaC0sd!v^sWdWr5(cq_X-97r;Ky%Ghv(oFisMmMg4Q2P--^_+3GLYd_7+Nf6FQU zGv^e1Ig6}6hf^XX!-gk$E!C3OQq}Wy3D}&Q%LF_MBl06Z(yB-Ho(-0daCRXbX^0H$ zLR#u>Z&`Oct|Axg`$vKi43TJhJ3oujY{sY=O8MeBx>>GNqrdVM$l=Gy&KMKWKWS6Q zt$|SppQj8qeV48Kth`I2@AXff9>Y6-T)4c|{LaR6?2Y)-i9=D(K`|Q&JJ-EZ-uuk^ z<<*%!d?-3do~mBmX$5IJs@poPegk+#byI%?@W$$?A>gIe<3hlzt4DWQ118rE)dihc zXzIFm@avZg%*!-)8FNMIT%QI;kE5-)g0AO$Z2KMy4#=;2H)31^XlC=^02=Hi_6@IB#Xq)f zDV{$;+w6C6#qIC!U+&m7EKU5#3j97)ePEy{`I#@7wED3>i0{9;yfe^(EicpI<~F(E zJnQIicU$duoNM*l9<;$7mP^D1GOnk^y${=#Tip=JU2`x?l z@#gSA#S27GQSrVb9zPF=f;ZmBPyKm>|M&Zhh=g-A&^->a)mE>}1-V#w9pzZW1rE>4v_jpKBtz!OWjbap=7jxgmc! z*M9-{0i$9DTzm;j?v++L{%hg#|B0W{q~pJco=c(0O&toWfjSYqF3xg9CvpArF`lIh zb2XM)4Z;PekJb48{Ue}esfW>?aMNBcsW9q!v}j_sg&SLN8_@9xcR~e<$NVHg zO0DAT459&FQtfpMIUGV3Khvf;N>Zn4plyTmkp9n@ex#ilQw?v`MGM4(hhi1ce1*kA zYP7xIbrFb!HIWr^JLjlMw3<^EQnemrm^**qC}kD$z6*=ma*Z zw~q(*sF>2aY8kT%{kLN(M6^S;IO^a?StjG@#^tukm4rHk6z;4|BF^H&jYx+Q_vSj> zI?kC)i#aXKbUl9+Ea-*&);dygS&e0^$@brNG`>2V$=_cWJ(y;+IcA#Sm}!Qqo<;nr z%{QY-sMFCc?a=9z=RhP$AGa;gT@?EFVC>~ix`V?}BGV)F#4)@d< za47k5WW|}jLVoGK;au%o>9+wLQWMv>)IZkuKO zinN8OJ$)r&EaJ{gMy=47#qtJjUUrLz;(io5Y{`YnA+PE#NLtGGLUDH(wBX@@PQ?Zn zz?#%+z$C?P7k}WC zgRc@Gy*w($EcYhl(NUeo4d;$xTt8rOlAlWpD2<7^%C8`!kiu@tTaodyny~sKTQE+D z5i80ET=|+wl+Qp;dy}~B=Te|aDuDYN;3@2;2^4Y99OHthc0>tdCyZ_zi&)yF z*HbruC4_4oXhW`JUj)mUErUw8>tHK!dxAi-WK9@0y z*>i)Tpej%AZ6QzPrC3iL13KHZrwfuP2kabi^y7q8AXiON$1*9gZ6muvBTll$!6G~p zB5$LpiWII^=t^>qE?J{RKUx+@@R^pSM(|eGE^11q>lrrXre&+OUskDjO0!1v%u5je zH)soZS=W-cc2|#{cw)j@y{OApUq@YE|86Lh1^vjb!5GvHdn~Q4K(oXvUJ8mL?s;v? zret{&FARMG0Zyt6>q=V2@UAU6uhwty?L zxT_y-oULApLs3(oVkbEd{JBIw*W4LwGN%FYG7NEgF4&7JMT&_``!KJ3<}=PEY+@bH z_N2|V3Tbn<9%sF{VW%Uv^3V>jEP?-XA##H+-TeP*z%Q!%zXYo#==wh)1sGWVY!cbM zF_9l5DAT#J7j5E)#P06tmKWb4iqse5BvES~oa>crj}{ zn9^0{#_mY(yXe2QGBUCX!PR0}<2gxUaZZl(t=~~5ZDY+bcKxinwu0FmIz;`#PTacA z8Pzj2266=q~SNr@|V{LT+2AB%N3P;#tOvmKk z7yCH0yTab?^d}I8RdxTHobaZK*~I!|07**Zg#RTd)Ps0yQq$GY0l6>S;hp`_v`Y#9 zZeTa$Ah8}dJ-Plz5Ef?Ug>{)pC;YpBfGjd1~E678xLAUF}s*+CQ zNSEVYG=))OBYz05fTd~2e;*1K#yf6Phpv~De^ckpxZdSbjiH}Fta5|D= zfPke4w@YEQfJ^i}mK0&UFq|~WND-=mEXTM>6#1ttz&fGzXQUO*xzpZyhjW*k(1(ii z?2r@1e(k}yyERMJh^@@rIlm9+aIKv4;A^WpLTtQ2uCZY7#jRrL5^YA9uXs)*5j+B6 z<}$8D+W}=p?aURH#zkOIbp_vck_q)(vW$IahH-c*X@!pCTHFiQm<}pJb_yiSP64C? z#e8M8Zknal5RYlCVzf=Q1)(U6?nc3MNs7@Ljd!t0&RJ)!^a1j^mUN;4lU~Vx)qo`@l8~) zsDy8S1qNY!*J*ThGFW7MT#PaHfDNGiSJ2k&7W+=P)dZ`6)$J#psif>Y!Q9{U5ZBE~ z4}lrkP5E=sz|Na@_St72u-8WwanUfgr$B3?{qDEDk^Nlk!bHj26}82%Jr9B4D`e*l#6OpZ-lt+QyZYSZs6cMb$jUN zKt1)|&`$**fAPrHGFIHvV|L|@{5X|2@#9voeu^GU8I`ckk=$9~%9Vj0o-@)=vFr?iwHdOw!e22>iVEDRaY)<)d z@$Zr=|CtW;e9aTv+6%hz-$W*j43uv{W-8xeNi$e3pw^AVRd2-I6LI%N-2D-EHsT(L zxN{NrV8lHXaSun_b3%7{4T@*-Q@$v4t9c=gnjdlR7IBY7+~X1V?h&_&xc7*-^AUF; zbbHg}685G}pUT=b^*4<#rj@W+B>L2AsS1oan<1=hbvir=H5=SqLq8Od4m;&K3Dpe{ ztd}WVkkKX1wQCU$^{PGT+WrmHp_gKIX9e>S4QPT;07PWVtZ(xpeXq{9)zEA1X(jmm(E zaE6OS#ZKH5;GiIeIjh#Q`4^Mx*)2*q(S+o@zPv!49?!>ao-~reI@m%%=}q!B+&P(K zCbfy?ifU%sq00w%m}ZhUoV)lTFJw0s;Dp_pv7Jcfx8QB5-$`jlrzc98qb^43_Vh)} zQn%qARt%Acaq?E%jE=B&J3kon9NsC*I~y=ROM@#NNn<3;LIdq&4SS`dp)tFB3dbuP zoLv7-5cBWAPv>U#c4<9O?^(=Ds!zQO4(=X(w|r>@eK8^?)qCJy!w6~575m%b-S*Zxw_!2s$v?uZ%o-?`(KC7m9OT;!wzU^4yBx~gxQ+wu4Xz`ys^S< z&NaDmj&>``345*oKBR|*M>NbHX>`=Vdcg;V+hKU0316SMp@b93i5t$vE|Wxd)0zRW zQk49SQrYNfXM*GTdA3s#2gm$npvOPE{C=cXVMDgdAD|P~YS$jM4z#Sw1$2%aSOIf! z&>un-r@zZZu)V^rYpa~@6CCd_3drAf(xdwD{jjq+(=Pzw3V*P0aW>ujf%}DY^9Sy8 z=;jaH(Cys{f8fRvu3O;`+~?8FAGlvcH-F$hpKkuZ&En}YI@3Pg`~mzzy7>e56y5xR zyG%EK;9f&Ff8btAH-F$p3wJC0fg4TBt?p+8#Yti@p&+h2^#TlI*y}Gdwh9BZ)2^I@g$Rmgav+Z@X^xWY2}1}b*LYHgU?;br zL!AK=Xc?jx)=x*+Ni0@FB(it`W^G2m;suxtMt9LPi@ml~U$H~oO464Y(t-qJ)+*Vd zGcehqZmVX%VO-+X$CWsU%T|!T+Qe0NW1fNr_;u=M!Z8#;Fo4N=j^tFl0JF*?VDSRX z+K+(63osiL)`E3bvkP=mN`d|4m2PfD$H5Ee2TCg-=h)e#uZjZzw)zNd@dC^y5CMx9 zVD^jrbpdx4&6d)MnYw(HVWgk{mE9mhLA(I7#YVv51(=--OXpG+WM22Vl9MfX&h#~C zGSYPOt8MARr4GBi3?rWI$^v59@P39an>avB2G_o=-Z5xQNDtTCdAQMr7=$(EC{RP|cJ$B)(0g zq&-bPMzRmHw~4KS{YKJNy`YYv#_22I$&?Jr<>*0S7E)fuFr1m`!Lb9F)6NL3R%1yfrcmcbNt%i__fu4v09UfcgDnT1iTJd7I1L)p3#NZGAU{?Ax6Wo35RL)T+qv$;#aMfer?|C*PMbuq$il+%{oR1WPAxc2EX z{OWBwvIj~7^zZb`5f<)-3TDQ7i<7*|hdn#~Gm%!-|0+j>myx1dxmG?Uj}Pq?+On1F z;72B?13<7@4)Y)dUpfr0E+g(9&v8eDyW}XsBwN$3hrh$PnOoUSH2qEV)J|+iT@uM9 zgr<%nS>^_)bm2e)+Jub#%*Wr;G^)%dUMJHC>7Yzc; zMi6A_R%tKHmgcI4PbRT%fvw9{&qXN=|3A()fHvYRg(L;*iBNimp)@%Qbs$l)l33m_ zz+@xscu zP3suLwCitu7@pwm_0blV*XZl9OSbGAJLWruXaBJ7H2G`hy&^jT zj1z%@`FUqj@67!y*ECIejDL~PS~gWy#e>hPE-?$&&@>IA4tqm z5b0DqJbxkrZ)Emq941!P!{-VZ-R?fbHUkNUe?5>KhBjKE58)WUWgwwf4V?`S6hDq|DFxMpdUC86;oB~K0?LZ(R6dVid!4wolmk-?K!c|V(BsJ08N;ko$~b}> z?eq|m(?bY)35O7L1v4s%r9t{4Y%5lp=}K9bqTxe;u~-;|a}_$!X_yUFX4{lOz+`~Q zViWsWfa?N>{9uIJ$S92}=lE^NB;nTzA*(~YNI{J_4-1;?#QJ?8&Pg&XbD=F&VfwsO zo{(FyET#)qw*~Cz27VSFl#1*wx`<3y)fQK0wUqQ0ufs_mw?$+*ZCd>6>9IWM*VxCe_q5K|W&8^3$h6$ntd0C45>p7DSr_mG# zHjsZa)#`&tGgB=sD21$0(^5|B$OnK<2E29VF4!HL0_M)bn3P+Q=1$=B$msGqujee@ zf`cqsM{jcLX&V{kB^>Ge1?H^H=pDQMwtZ2j@u>;UP@04-s0ll8WjPtflQ5W4&;`9x zLMjgp%;2MV@MrBsm!~p$Xt}ES?EM^_k-!rOCM->eZCXTR59*yWUh6 z^cuYrFGO893BkPrZGpd@iLqdI6+yp0@n{e-*@hNjlEI7P6O+f)B-B@*&<;_3!9*fC za_Hoe8q&?nfP54fqcpiIV-$wDXb7|Q(crcksxP=ywYP8wb2_n`5U=teHWAS&4nkk+ zMZJvdihFWKc9nZ_I#akF!CgNK(@cedJKcfHecdCZd%5ar2%pf8QQuY=h0PkCYi*0( zgWE;Vu@2y57~)`-H8Lau;BY*j^%+udnJ$ zjP#}pYNQ|gxko5;MsS7h;K)F_&^LlTP_ssc(zrAN4evM<_5`#paf}R4x{eomcRlcO z@RMw(tOEUEO`kFg*Z3OXoDeur1@0082dlujA#kV)90`HLRp6)rI^LWW%#Y5&$g1TI z5SP*^Z!NOyJvx_5=o<4KOeLg%kG9bVu@s=`a?1DrJ!WEk>T_%(0!7t5z^wPtIrc zg9fdHxc)Kce;YWMMs>}y^j*MeIr>Z@aYPCwlXP9a_bqpjVjys3-zm!D$c{^_ES-?p z=URkwHT^u0!d+lY6=7A7l8eGqP%hpmeGn4B%93Zil$dhv1XFvb zEVt*bJk&$hAHe@j_>V1A)?@gOVb%iscwPHMmpyXIzHfzR$#?M6KxFOm2GGJ8ffhGn zEnbc{nd>rnK@4mv2DT;!c1jHF%oy0&F|f7E@%|dBfxPaq*JmiL{u^#S%f*I)Y5ApF zZ8ql6#Ww0$<6u)w`}&Slb}rMtC__2+Myrm* zM@~83ey}6CjV6YdawocQ)-%3|37xgaH;`U9BhcbTti{LIG%=xnK@4mv2DT;!c1jHF z%oy0&F|f7ALj<9T-Gr)vq+vV2zCQUwfuWOP*E=(aXEe@IofyJdoCtVsEOaOqs^c47 z+O^tTY??=%*=kqJ6-0Kb^Wf@g|6wQ2N~d}gfv&RxCzVi6ShZppKP$00z|FKDH0dCM`|MsUgkvK=-e@1WbUzPGCX>jd zA6zbv1Y;w^xdW%|!%k3-`4C|d%q1@uq$7kJlRBceGlNqIr;l!Ue8c0Xl`8AEpktKw zVw{oLXXykaA$N%A$UtIXMW)k)4Z=yBA-vODm<$sNBG*PDCS#b$jKm@y@**4oTLRO+ zr4z?fjw7?5kMSOP_5Yi(DoCfO1Vg~}+2Uvl4M7TG>;5lc-he}k$BPk@N`O$?- z)7eH=4xGGtq-*tlU;ZcfQ!sh$GP&v+xpd(u8_>$!$*Z%g_g}{FM5Zgq)RMoE4_%r) zy99{2)%yiw}hO_Crl@1Wbw zcn5u59MA6U&UDu^m1CmGem4k)Ozje;cGWSJNebJ#QLyfyU|<>YUJoafum~f)L%s|~ zVoky$i_Sd(n|D&$mCXY>u(AO@*aVJ^B(eAdSR!*s^8DQMxojrX^Xo^B8GRfjE&l*r zX#@52krhMQ!(ouCw7vXtw}?0v+tWP&26dgO9aP#vj<)#_<-(&m&bPFAe~93jpE(U{?b05Z5~(oCa1g&Rjx3X%t^Mvw0e~ z6UdGg=#8D@Q+sh@_#ou%C6z(oz)C7aAeU{KcYq_%VHts2QX=Q9{U1`~bf_0WL|1n? z422}@@*_Z~3^N0`0Q$Yil08k|SjicO3FA?O+Uib#MQ=WZ3E@v;&NwZhi1p1dF&y0# zpf3sZ=~C%*K5McOU-G_+?F_bDmwTZsT{|9F$;d|4Xpp4W^r2Sln!d zOvZ;iw%3ga0(Pg_T+by*oMxLQZ^6G~$n9T|+j*3gV;}a?TIkytlY~Q2`Vx7cD}*U; zMdG-#RZ30J;qy}+_6PWU%%`wnN!`i<>6kx5 z=;{@^h!O4y4gco|gvD2~P}D^+S@;D)0zwiV(9qe!W)#f;tc(Z)+Cb)gOjYUwCa@^S zbyaD;*cRsT))4p-*k^wswm!S^n0)&yKbP-14OZuC+aG<})G6)v0MHoLG;TyrE59~0 zej{I}@>}`#SAHembvjsGplQ*k_rfp33YGd0vppzPod;lA19BRGbXb?G@a3QGfTPHw zwHT9J-TSgxbu5N7dma0idJD*5!N^e`hND2+&pk{a+EI0T(hwN;*}A|Srh`QlYYy9t zv=;RkYeCq*a$rHy9#G#PDINApgrO}ka(2Nmr=zS!oMXkznGHKBGp>>1@@7HKay@T7 zL`sIT>HNO|ad9X`d)@>O`k=ZOUzFrQ{kabx)ORhArL5XWgjdt-M8!cZs)i>Pj0|V9 z+9Uh|1xmA0PQ!|`M&{Ipg9v$YH@>?_KYAO`IpOO_4z9qlcXrq)i&9`ws-8u7X-~6g zZV%4IkVQED&h>F&67)XKOTncemkUj9l6JfLIG@e)bq$CxQ?{UrMQPj$_B?1!o#0+8t8Hhxj zo>|18N3c%zK%G!=c1%0jgp}2F_(^;H6F7i{jhqj_CtEUE4jj^P)ltl6q>-VM;7C4z zg7zFbxUZdJaW3i`XSuayH=#CyL`PEWF$;&}1M{0U&)kpd<2GPi3ezVS4J74^sX5lo ztq`3~DiO&h_EFpbayA~yXb~!aVKntE`KA29wrnGbS87Sj_I)sl5HE*w5Hh)XAtTm6 z%7l9H3kmROw8_sg9+9gY8@|STIBGLKsFc9VJc=yE=qG<#`B0b(df7!7bE%gMPtF?2 zWpPmmJt9&0C?LeGh+S0|R)CmgK&d_w7P6_>P;2uQM)uv@L*8L2=u?=>?I@cs9y*z)XGjcNbcnKq*{X#3$tS}%<96an9ApbaK zI&#I_n~-j#yx3LXsBg03My=V{wI<8LMp?snYK9CLv#`KSX+VWJ$t%0l74i&QE<{Tg zJbxSN7oro{^ZyV;k7UGKkWh<|hOS4adM}R1%i3)9ntXWCe9VaU(WcXkqLFMkU3Z)h zOq~xUSZkjf@3kz$@QoP2;bdPECl7nl08T#6M|9fE%^->H{t}?so~wSyukNP1=q`P6 zyfB7+kxaiB674d^!T0-(aRI&Dgg(>|s`ZT6F|Ag1K8&a$JAXh2@;<|{a7z%6rPA^A zIQJyTQ)azho}wI2+PF)W)Q`J2V{L_lXT7rUqkxZ((9sO*#{t%(bVwapu(42aVRS%a{V) zDwY>VffxTuPRzn$l@^O4{$=&a0F2^i6zt~A3<%T@4UQ@U^a;8kSq5p6ylUbX$K zNUqprg$zOeN7Itx&X|piu<^C)#@AvhG;eu}84VfRBJOC*P^9m+Cv_WbL1doHOI_>w zZSbD$_5T~rqp_PJZ=WZ5 z(GV4Z7n{Jx8UkC4yS3x>FA-J7>tE9`^YQvuK|Ge}Ngl76^{3K!O_t1by#9T_$KTS? zY`p$Mfb}~%WW4T1-`|zvbudJa?20iO8!_vr7apb;Uj6g}cH+P+W^~Yo0Rm%mvmlDe zq!yFSQJThvfZTR0kpZ|pQ(cJ?o8c{GM!V**(GaO`E(34oY2Hu-f-}R|6~oV9 zHd}3TE5O=dT;JKuty&qkb0QpH61z^RjK>NX78lx@*%;SbR8&}vPoyfOZNCL|u^Vj; z#*1{QXT7KLL*vOOlU+4iwO<& zJ5yV3wBux4({lnnB$k5ABd`OUd(Z0kLgL-AHcb)x9+RPkRb5R(qKv_g6{kP^ld^DT zGyXqwpor)Xe{F~w(I5V|A#ld}!{3+=6_kI_F?0Rl??F74NymHA=KIY0Q%QdyOJ=G+ zz&51$zm`}-K^=g9@1h4tq3!p)*l*{NJEDG z3-pH_sEVic2d?^K|Dr5thod|m@oms}cC!8usjZ!)KM2L`)E_!A3>f`k?lx8o5*#ri z`a`lIYD9lXH3ZIBe`seq)E_$Nn7RIt4&t#)PqO~NtUs0X2eM?Q`opY%k6m;$(;sFB zSlx7p9QiHkYJQFV0b2&Q-~KQ+um!}4%+Lf87uslrh{tM`!qVl~CKfTV_c%R?t^F^< zava3OpRfdi7c6AG(F}LG?AZHmjYaGWBP#}Z6!G$P7XOz7wiuvU0`A$U6;H~(k%+bQ#Z5091vilW&Y5aI6j?)i$L zwgdD3SSr=|e@tj({Ei7F_oD`go+`ki1OrTwrbU|nk<>=I6XJu z;~YAgjng9m)-H62y!bilN=3)%(G7t7TMX6e=O|_U0L}K?0U5bRI6mtV|ECPm!j;B> znS43S@TGBF)+~B@Xy$5B7U*a;9!~^V zMLPcN$K&6iluwVxbyH?Vt~@;+2V9ApNN?{{xd}_39*^s$?GY1q%p`cb$743+rsMIR zW;|{_5;J=INPJ5$lYOyFRn@JuLFa4EYp+RzL@o= zQu`uHX4<|E4fuF49nIR;VFA`5bcpQWB^R~pAoF)*ALf(34iYSb#IK>WSS9(N##NHm zv^3v%M^$tUW&RW2qZwmne=4k@w9@V3#;Gctc??AMHC z^bYUWjG^|gSbu5F$rcM=J5()FFYiXZ#ID^?WISysnyH~ESi0$rQEJ(tny&1y<{A{( z06m^s?Yhr=uKUc7+Lt2hKBV46zcm}C$8xGaJvJ@pkCoj9G$o%rgRJdb*d+0EMu zac?4?9i?G5^Q&ht96G{ymacR;w0-|Uf?v!fd%T6Lry9i8jjzZ{XQ z-5L>tvI89p%P!4gRolV@+CoWe{>fwm4C&Nipuv`%3xW$~6z*&H z)Co}C?U4?>|4sL0T)}Hia1AGNntJzHZ8_7Y2UqF~U~!D9k%E9acpmEcB&>Jm2jutX zjP8soyy=A~C&_dIa>cQBLtc2^Uzx>E2m%uH#BWXNvW>T(=FBYDd_>mGd z#BXxnPOS~+RA!bna=PTY#oWAh&E&Ko9&7SRo?|oXPo+6FSu)c(_72)`TzBeD59$7AU__@<1uZyy2a=gt{EGQ z{0U0CgF6^n4GYagE{e0g#}~J67yw72!n-*~I99$N^&inQ1AgpuZF8nYo^j@pZ{{Dm zeUq_1D9R4+yl7Rq|38fRGiD|EczzR|JK*9@+5p+8jaF~J`}fhk!T9Jrxp@aPZFp~d zx%Y7xQ{dqyGhkd!+++sKeh`1AaV-Xr+C`qGw-~MF@EftkU)T^eVvE11A&^7=YIP2Y z;GtEy0JiSdIs{7^8Z+WNkC9sF3$=R26tSsitkKa#2E?v0)#@4LARc-0B`cp~I zAWLSdXS^ifoG8AiDkvOn0Ux&EC-HCW+ z;nLIet-izB6mc~$Ue*$0Dt>TR8%&-Y>u}^r?&g*2m1=J2jf~`;x(qSoM%2q&CJ5do ztgAp1Z?EA_UblbZ9L(Hk&2xi$c{d<*QNP^Ks&9EsdveQbXJJ4todmyovE-C-W&4cc z)v!(q7plvB*_&Y4fo+R-zt&#;I=cKhtw2jtzGSCRwxUcoPNM4kEr_}0v= zci<4;lQO3^a=EkV-0DAeP6hjNw2jlAR@25KTBoP3L0gbE-nvu0DY$KH8=bG(7ZyhQ z0xcZXzF?uo&==MLrf;G~U%-vlc*MBAFA!7RAJ-Rd2>Qau5h^FFq%W`x^;%++zVLF> z7p{%;g>RxSj3VEG-S^*UJxkUcE)DxSYXpx5?#z`GSWluyX=`SbW^v3IxhQw`YciML zNdx|W#2h|T}R>Uy^3Rh)a?3D*qwxV@f{KFeoE!uc?tyLR+d?y@*xJgx@4 zk}-In@CNilrgnQ{YJgs9Lf_U9dN!Y!cGPmxVf++y3UwoW`v*mG)obXNwt{xc@!D1E zKruQjs$jgv3Jh-4zXdT0AndC5!8OC;R|~V=WcM8naU+>}9W#ae)aFYzn?{D~>P`PT zUvI7EYdflC6H_9SD<)rWkI9!4)chM_@}<|1YGi*czizGO>%9%MO%<8ik5)WZwSrXN zEU89$p~s1uG=uR*^WwH@nvJ|LX+D=!tIgtOlSa+`%i3yQyHm<@-e6B>*&U`<~($JPHXV&DBm0DOv!A;%xhBedWD(SbVYQzM30k6g!3A=y*tYP z9#>CnoGiq9wT;iV6a5nxm|2u=#dwuaAM;z3lX+CelLYZxfIOFxjHKA!lgzY-DLR>C z&GRNHonkVZNkvk`T*_6f-@2xpG%sr;&C42SL##9MW^o;Fs8of#p%5~9Zc1KUF?wzz zZ-^;+ZX<6*(G}i&ysGI2ykT+?-bi{m(W}9m3If3!D%QP?ys4(x$QwyfcoU{5you>n z8|2RVzic;w2qZJi(>N{K4W3_rGW*oOxZO~m#Pq3X zyJ=>lzdMjg@28^~)`tSD546I%C&2n(E36L(Sa;DOeciSGif_b5Vx-`T!BtP>!sUh? z1pkNo4}ytVLz>v+=5BLigXrK(A)`joZtM0W?BK=9t(L8WjR7$m3TC=M--1Nbpyqo% zxfx=H+ZCEp=au~!H(b8K8*NL2tI(R*A$R1^$dh7sYtfd#rKT2u=r)%CE2cS0TdVR& zs~g~vu^;^F`rAy687+#^G^qLBP;NAuVSik1`eWT0k5D%4_(6|Wo%8>PJtZwVq3v#S z@2csi?*xD2_IHQfb*C&${YTiTf}JMuXUk@~6QwnkV62{s?-zrsRs=P-!xz^78~2Ny zH@-FSKak-o0wMlX=l_$WWHjIZE~CQC{Ygus%yRb#qY7Yz|jxDI_j$+TD!#gfLYg&x04a}7h*)tv~kIGGqZy4*L0R7PjAF{ z6S3{+w?DV*vEu4$V$II$h8Ho!n00Jt1`l%@TO7|EN9JWlsgx{pon`Qezkk$XN;W*P zusQ+W-iwf9$nuEk%$|E(eChKXJl|YCo>ul?gWK2Z-dz6%t8|kii{#Gw`8-wrzi3Cw z$6?9-iG(^1C-G48-z3___3h%@rd@n1(k{LaUhk!Ce)??ccI*uctRHbAZb9{|R9t9& zxubZ#vojUY(C0f7SSsTA&icV4z>25UDs+K)M{^i+MjWe;zNw|li|wb|eOWo*8sC9i z$Ybs@0GmvAio2U2U{hCnfTh{w^(2H%4WcMOizn796nwfG&til3j`}* zMSah-sP9UPqV4l@XivtDPLt;jw5A4&Vc3)!g7Q4V*3=#u-H{Yv#gJ$k6to@4qNqHo z-UGmWOxyhw8{5uKmN8&Z@K9Nd1QH%KJqJ|7qn1=!r2$U;Z5snqJH*n%XeP1|@gX>B z$2GQ{ccSg^y~~mLJHBbHVdx2$TpEJH^PJMHum>ah2;7XGl9I9YAILY~q73Y`c&9HI zqn^ME2r*R|+|eIxKim5hLJV2(A$m~L!A9iBlbkbq1!^YM|HGjAf6!3otr=v{IK$&J)Q$NaE7plK=#_$jPq&@#ua2pdWT#u4olyI{rWb>B7c@c#C69^s2 z8_o?vlML#pCa4VH>n~j95-K_;DS*c;Xuf%%Y_MNdmM|)_P z2gkIt`;e<*r>#EBt4k!@QI8{!gxwo~VH>f)?yJI}dHe*4)U{i=pIy(Kn@y&vv-~<} zx4(J{wA?|cH4&PeM+=j=6ojY_MT_4h8+@+uynXf&m=S4Voq>U<&y}@eY4iCE9 zUd`PBO?swlhclWH{W++g{|W2I+*hpY=VRcB=tR5k>_IV5iQ-r6TWCzY1hGyCwWbxU z+v5aCtv)q>XUvm!u09p0Q*oB2dCOa9TjWZ;AZtxbbg_d_zx*@TG7f6nr z{XJ~$!98kUbc+49+$5$X)La}^=(XjRF$2_>m1#kipNTE}pGb+e@PF_tJaVn4WnR_7 zJwxlkjAh>aF*5<4I=i=O$3|W7B$%t(IF*=+!RL~{1U?uOXvTz5o*JJ_%SYi%wwzG2 zNfC8S-QjwC_o2?KPsxnlamO9`MV-bcG5VRQl; zR}IGCs%R%c2T>0Kk$oejyM~>V1FEiK7PjQPVsB5ILNiNC7c;xXA7b99Biq&q)~;)< z9K6*z2ln0u`)<=-DXsRgpygs<_S|B-tw)4{>T%F9xAs2+B+x1UfIPrd^GAG2f8ouD zzko|l(C^3+XZ#Sdmzwjcv3Zu%QSn! zYBg%jsZJ?rtN%4(Sq_D!*;=sZ$&;TD4;>A0q@OsLS?V*QHK(tFJwuqQd1@9ZfkY?2 zGZ`MbO@uCfIbVG((ukY`7+i%L`F7?B>OfO!ScjO=U9@_C%@2^rIz8E}W$m!p`Ts;y z4kSv9;oYu#dp8C}?~}S5Wi{t7WA59CXg3>xIFs|2v3G7@>wmUAJSZmZr+(WO8Yq{? z(7G~cEJjvEboD0fGuWFZ?X%xBH+G8|wa-2ip_gB_&wEYXqmOZYZQ%d6`wId&nuanO zS>vy+sSWI$%Yb55IpU10J7s|%%Fz>EUNdJ$5*FKg&Az~zJ2fKhJ=EqCnMAK^w0V8o zMxf2R8Mm{cz4P#&Ztv9UMQ;%?U9YR3gqGeYzA?OCpa$3)XEMAG0a1qcK{)D%_gb6( zzjA!%)|-FN@tq}m0^>WQ$J?}SRtZc8#az50izV!V>)!)qb}T!Rf8$tgWWgIZa4$-J z9@@+jHV*81DX#}H@!75#C6Ma|RC@QNji<-j+W#8p>Yhe%Gz!{;Z54ro`&2Vd*+ZJ? zY)7HjNp2b|IpYO1qQgKcnS+>cZa8=G&up(U&Xm78%Tjwm>DXn`?#mnZz$A7O z^w7qS$2hip!Q}A4RHN- zqB1Xzg}H#f8>6_J4tD)C6LY5ii2`{W??z3i=b}V@2f(&^Cg_Zn?D4!~`v<@s$lPhr z*`H;?gzVCALbi_OR-K578MyXzk$ew~jV}aC^SUg!?|c2}ZI(ORcKo{_Lr^Vq)c4zY z@sN}A-yI8OTdHBROkR=fKm2InR&Nn1~gMSi1iaT)mKZwt5E2tR6wmcr`>Zl}Tu3dzpma zgXqA047jB)ZRzf@w`Lzh>ONG<^g}wmt^K&?YdC0EdcO8-YoE)lZsgNitZP6@l|R)f zCc$I2$e<#bfabTpFP(RqWYdMLscBD`BsGmmTG~X@JbK8G?j?z8lj*DRvEK7%MjBAi zT>2Ssc90A7&@|?ajwF=JV^N1~dROHCK=M7(=+Inr3(O%3S})sReyIVv{s74yroH|k zJR8yNhw}j!M!~jxI-8#$Bl`UP82Ll?I>iPx1nknFZjHqZ%Fkx$vu-L3x2O5bq|O2n z+Yw-x&x4rHwa<}mR=P}*KG`Ddffiw(Y7zG77Ga-h z5%$>@VV`Re_W2fJUuY5b#TH>-Y7zEjhRwBoC^7}~!!~OWee_VuuM)=it^IdW3(M>9 zGPWnCiCiW!@B;k9LVT!Ff=`t4h{0b|hktm8|2~6Hl=7&-Ut5R&tPmeh0SJAflyN(z zL@CcR_%E)*KO)5cpus0fc{hXqk~;h&L;Sl8K2ge0b0t47t;0Vm z#D_X2`5{Ufx|QHV;jG~&?ivpGkC9FAiBg8XDEQFTYVdy!IdAIgMuSh3@(mbaSYNnm zqXz%zkUsJu^ode_3r8B@SL*PO3GweS_(UmV*c1Hqb@<1I_#Za-L@8rXPeVN@K?}Ei zSilQRY=e#*v?Xj(56W_{iA#*~9wsf=d~3>rbMOKFeFmQ><-EbioVf=7_z?di2A?S9 z0`a9y+tw_6_asl%1<)kZ*!4_>QICCdgRt6#3s+rKgDT@B$2+0pstco`9PgrZ-X7}P zuJWUp$RTumC_&Z<$oHsqAnaI!7+;a6V#@K4gxXxd{_m~*M?zUimEQ?}hn;l%SD;&O zNhgb5QfsfCKZID+iGPYZR_H}(^;tlA-7QdYFkFj{o52jHZ4M||<5qg1l}55~cUVWB zq}|L5_hFt$9)z+mMfr!tSP^+z8Er`j^5=ucvsX%w~3{3;p$I zp&kEApoF%C4q@Z=<;hEQ**Sk@UlU!@>9N$!NQw$~AN!hXVGyxapbTztm95@|Fnb!^ z)OG#E$N*=3llXR;45hvG8!!X)KLerHKQZ7;wQ>GCg$8h;S_QVq{I`&CrfwYrT)iv+ znMnvjyEkKTfKdNSl*NDL6e8I zB&l8xqMRf#`;m#zB{lI~e{Z0NGdF#)C)o^BZnZt-IX`|r^0bQWaa~xGUD~53r+Lk! zQk!x3m>Q@3CHP4fx;=j%ID&k6x~?9J_81-8UkWtSR`;}qj@I>cbWNuHeTj2K6y`sZ zAk>{>EkHg`Htp}>P`*W~5#|wpKj1?EB@Lszd|eXzliu=Z5@_TQ9`)%SNRV7VPNu21 zlIgWMJE$?zGJ@)fA50)-t+la*zR2Qlptr#XuYwK%H44C2 zB137fd?>uw9bB!seXamC<7YR-9pJ7y7qU?V+plS~NEG(Nfu3K{iJcUxjKHW7Bb7

@~odQF6jfsjd+4+Ay-aQq`)lYP7f*M2NcVWsjg3@GH(NvZgm}6qhICIN z-PlOAbaORypBqniMM!rg>BdH?r8`hVcU3&ylS8_vkZx?GTDpTZbe|Vb_tcQ?X`~w) zsg~|g4c*h@>7EhNJ(F}}Bh}I!uAzHYJl*GqbYDQav5{)&&Z(h$c0An|hIG#%-PlOA zbm!O5g~W;L$E!oS=aFt~q*}VW)zE!WJl*p{y3nuFDmD`74h3>YW(;bqhB)+OX1X^0 z-D^-Tj87k$dLW;sn0{=eTDq!+E`)F#zt)6w*OG2*q*}Ur)X;_Oj-&hHknT%JH#QRK zLfsTOUANrvO$09OPLho?29@@CW$y@A&y0wWRTb8hBkHDVVG6R4?>B%M3a;z z5=m+POj3f%T)u?Vp9WFIoEt0mGQ^!25 zns#R@lJ-!>LOF4j%*^bUJ4KYFZn2b!h&pub)`)g=_Zt`G#m+{VI&MH_MqKC&Cu&( zQjmNE8J34;bZ9WCqXYfH+sG&lbnb6X=dMONP!hb2jM6~oznjycfv7G&Q2V@%jM6~o zu;z5oOzP=CP4G4{N&}sDH>X1bU|oKo^?Dl_rGXAM88qWF4M%l!p!awi8Kr>^n9z(4 zjY4&FpgejT8Kr^Fcbe0oF{+LZ^jvQvqcqU@ZgV;`I@QsE`si(Blm^cO-86LwX!#HkKeI!y1lAWsa-&Lq?tvBO_@B zVeHP7k&(9=8MzlC@c$ARYIaOU?$U$JOPs=aX{TK_5=f>++Xd}&;i&4__6eiK684;$9G-obSNi(T1V46(;bcnGS_-Bh8tMVAAYRutAV! zM<|FJY0g|6lV+!a6@WB5L!sPAbLOHM=TI$>?NYEek!)8epc~27iRl6KZi?yNZYR?n z_P$)S_sv{lvvji*ruodqtWa(@W@F~kn>1%D%=}4nb|}LeY0g}dlV(PpqG@JAdEQ8K z=2CrKz{#FWkCE%=I+>n&$u3FMuy^M2eGnE+RV&~PxvI9i%ytqoW3b)IrBwQ(fDHuD z?tMN~UH;WhD(q<@6b}h4^cpga>8M-8;V=dVGY@|p7I*(LQmhNOoG^oCPcsud=wjB$ zZ0mVQ_e_j4ZmDxK<^_7poNe3bLdo;50CsV%=U<60_Sh-WvO5z+o_hHy=TETRd;V1j zO?!Rny|Ba=d%Td0KuRBmbzjdjj>q>bj%hfvE2NW}G*{e6x@g;2D7>19WjhP=lc`Nz z?HaMKUGl&!T>)x)K9yV1nZn8Q#ow0o1IIcM^pjl2(~$;j{~FNpUxuHl6S1T+ge}ud*`3DOy+O_Vo;=Z32=cPaX<(2zx z6enX(tX%@x29(D)sXO=TPmX@#Eoa?2u}u3Xp1lN1a|m4f(wn|Iac**S^QNu`Nq^+~ z>%P11s}Z#14fye2(BNBfvr_;KNG_FY%_Xs(Q~Yoa;?JQuVGXtn#Mzn+TAP zEF9@gy}s&wX5pFM)L*LJ5*pFei3jtimjBYH(pKm$_DY0CFVt7*k7g zqP2wh)mkd03Y}ABP|Ht!i@(w)Y_@G(UjeNd)yA*L7+n1j)W%nsqfx01G*mdHHr6lk z1SPgMj#=^x!IavVGPUtiQyZ@*eMp*`+92g6P!IvE*2YrwRcpzc1sK-JnkCl@B&?Qm z3hSfQva;YutL50j>CtLAsBm1gT9y=+MXO~&VKP!JrP0Ftse>1ht*@8g-^=f_7ZdVU z`E8pNb{~N?en6py{ziPqO73{JkWkmdUFxy@8wBQzXY&He>yFDd zMO&H910@e-fCGuQe^uhOnamkcBzgKW;+%~<@jaxzPJ09k(}>&Ee#5!BNw+<_sk6N| zk;UQJy)%i7x2YE=Y1Qv26?-8JUkS`&!tFaQo6jWEg|1A}e-%JCl%NZCWU$|p?;B+j zkX{d9Ro)(%Z)o?Xvc2tvJu<0G`=;J>CT%EY+**=YI?A+zNPDI|lLC>iImN8)-%1JG zjnv;o2UE}GU2OkNjwiVXI0Y|x!Fu_z)W@rlB`l=gh|lDp?Y{=!&EF4rq6IoEdN`0} zM5?L6_0W`E5!u*IdYDNU7N}pN^x!!j52dS^v;EsC)@Nat@J%3{-Q>R-8H4oIU#z7; z_!RoKI{9UrF*xYKX9J1DI;Nh*8prn!qzY>pR8+lgFAe};AkYAD006Z_1H=IU=9wBG z4gjEJXn;5Xzzk9Y!~pky*%!>}K{5PgCh!WpEIOC5Ik zzkpLA9S!pQO^h^D?q`l!={%6*t0A5bgXo-uRatVPLO7k1XBv1hgwr{R zrD(xl9Kz|GTx{T@A)L<1Ap>6;!s*=FR%nYb#W0R5w7kFjEOaiXIP6T5&)Cv?o3>1| z1{}?N+3Ad>B3ER_Aj-#jch;VVf)-~vxAV(g;(69&77uw&6WNj9t!>!%B`)=R_Tsbc z@*CJZu*8H$&9u={vB>1+?`RfcyVJxjzcGl1jmiRX{5P=-Z*tM{X;e3>0@EbtA4MK$ zG}nJK@sJPF@!vuZ7Wy|)%PzCWJcw*uVmHL|-%89=8v^`W2(M=1R{EA!)4Gk`!%SMY z!^6qsaESgkhD)AXrS1A}Cmyg>uK{H?i%W4t5M&zZ=BxSk}2^ESJ2+zXPN@Q|dkF!E3OPU?Z8$s{=W$9?^1H zUBd=I`j>$Ixu9>WWdK#D1ZR5wyFjQT*_rJs9FxMh1~uNl8OcpmP!FOi6ej_a0TN^D z?r^^wF^Y5Hcn=&LaCWr(O^E-SMzajG#_V2^KpEW zd^{tPk3x`-dDVOjOyUZRD3{z@>hkjTXkKht(-d7ct9}B0Ve?Cuo|bt2dszmZ=Nh~p zx5C>KW#fEp>L#-8P$^%r1EPo{D`zTGXYOeNut~2Y83tt0p|k3JOf)?=Kd~9wkhWH0 zd?(-9tX|LtA2G=HV*jK6LaZRJfi}SPCJCn=C*kYvfzX)7hC;Unsdu4g&37#8JkaQN z*Ih=W*AOWQa(F3m`Z{>_xdl}8{RD$}Z_~d7MNk)r^yzjJ{`-+XPkjKt9ZCNjgcT1o zq}IJ2vDL>=%u>lw*!Bfg?H8~a4DE|{VvsLS;4FNj78wH}ki*g^ zy4@bfzZ;n2xHln)^reK10J*Jgy>3vHn~;9#NR#!+*#|r#CWzbTWzLh0 z_Looxv35EMDPVAum9GJ}fRjHwrDuQv)z2eHx~6Ud?9NyqNA3FeAlr~sdk2_bLQskI z%-rNE^y)Kw0RmGQm_#z%`03@L;hR=R9rweamhT>!U3J4~1o`t28mtUDHL@s>L+97Y zAxw^q9P+GdA!8shpo7|#dqKR%N>uJ6r|V@7Ua{3O=Py;6Q`R3dPk+kR6JM(uncpM0zyuwnQFSaH1~%z`pY^ zLohK1wA}KFdpHVb^t|2_mROF0c9LC`>q%wRk#HV9GJi6iNul5hb8KwksMa$c+wBc9 z^h%_0JBQWYWB_8ag9{EYUM(U`yQ&eByBG{C6p=uMq~ay#@H79h_3_6|GYC6TQ0qNu zX$mw9lv)$DGs&KG5KWq($%B@kH#3!>qWuTZyqXI#^e)P>TkuW6u3%&t4lIZ)3xv_M zh_U5JMT-%7G4euU1j4K@BFr9xFpG*Z6K%S=)cO?i2&uJefGJXol@pa(T0qI>dG>qC zq)+opJN#A1zfZX{{TYBt!**1jbU=quFQ;r^phof6QbE}r$EEPyT(_1p+fm1hK$a$v zE{y6pkOjm}Xj$-C(1OWK5Or$F$}7MZFQ3lkwTVE)CuZ(nLo9os0+Y6jS@m4_n0d~n z@SVo?IBh@>2j)3|T^PW`F`+(*AzYt!kGg?)QGh580Hy+fIB;r*T3UX!JNEE(4ddXuHi#<@0IURiC+v>;obl7@$rX^o=z|K@|!c7fM9%!pSBb>J$Jc2LxS10dL zu%#p7uK@7MzsK)o`%qM`yBZl7J1V*2#CBN{5b>Hr3DgUiJXlz3v_Ng(AJ^uK$kRp4 z6E>$`3tVI#Il2+4s0yTmw{|V)7X#3Gg6e1)%Ai-9#{L{Q)#uPCL>&MRhM`mc1;PsN z?BQCyW5M;(I$Nt)3DK~Yz6QBTOkYcGE=!m~;VeALx#Gk`s4tdg^P~nNEx^5VU*b#z=D=2cBA!aMKKQ#>5HPt`2?o?p8sE%Q@9Ci zp8q_`hzSY?BvG^m9jTvEM(0ZJBdbu)txqP^^)LS7<|CG~KTuWbG18VZ|^E z<1C&={{oVlx@o?dX=b-NTQlPcEc2_E)x~}lV^2n6!=l?PcCtS9mXp>lM78ULXZ2!} zzJD|7K<3{j#gsxVd0U4loc&E`E>oYv*%TjQ6EnB1L&#IRg5ZyqXp7aJw+>o|jG4bq zaF+jv;NJ`B!6|=)9bw?(_(tIc|I^X+bwoM1^Wc5(e?iuarLYPEdeSU#?mjM zW~7ZLtSga5S@$W1dNrpE3|$uo8E%1-v%QmS<=1G>gdK-+$UKb`@+q??lY`iHE$e?CPB>`N)5;ziUC=7 z+zha`s)$#88AVbTYa|&ruwFs2y57O@BHRdSUhdIn#WUo>_Jpf7cb;QQ! zL4LHfI}^md0WVBQI*F_#A@cs4MB{A;;((n0RsawO0L&w*S9F6u!>76yzXg3Kd2%>s zC}MHGjM1<-Z(9i!X4j`;w`VZ9&N=FP%#v2nCy&&1T|BruaS>~j@=ltF-hN$-`eci3 zCprRlCEW+bq}bh^$Rumb2(An;m^G;rFwhu&9Z_X-$*_4WS(?|1)9EE21e;im-B4ov z?<2$MC2s*JSvt9qSPM$sxOw(Oa zFm!Q7u7|@&^l3)Su7)v!Y=ycj>509|llwQ;icHe&2?JM~3|v6ed$Nz?TsP>GVgo%M z?et>Aar}26>4Xmz##`K>zX}2lw{)6OSfa7XK7^D@{jOA?dKexa_0^hl7J3V1?ox&3 zt}!IqJ_GOvQg)f?6BGLwSxftB1lj)%D19jGaOBb%&xu5#m0}$T_9k&vnTg|n8-Pp_TS!FSO`fOgpcgh7nF6f) zI_g>sh*&<>{cseGR8p!zVW*e9G==UUJmFJ3*_n1nZGodMQD$3;#jbNUikB?)7>YU% zl`rV_DQPk9KL8P&neJtqe~8p12%2hbjHb2*h_)bi)#CdQq?$wRsm+W0$xWoLHoJS2^X--+W4z+enCVk`(S+)|$w zX~l#y(lL<>;0Y1ni3uY(^2?y;vpW+2MLd|BEJKc764u3h(?@zNe-@C7ecqbgPzjju zahOl|n2})ZTRgUceaqv0VJs#Ot#ht}%CoTUi1itcAJCFuM0*sGIy69%XIV9Vg8HAH zhv>F2T9^K8lfIkC`ah~qTaU}G?6t9>+jZ0EsVDAhIFXg}-g(_TbWV^bY}67yOtw4z z+fl^fDnkxKW@RX04NGFk8*O3`WtLJ;D>l}pPqX)Ww zRxL*|WJC}4REq2!PvTs3Lf)L2j*WY$#0}dIh&&%eFy%*2fpv~5$M}}?IGn2i-#TR8 zD#=^3_Oa5#D7(y_)lbN>al0?4K91_c76^3>zR-6r!3b`~!oay!@Ye@g7- z*k?z8Jxv@}9gmG)!3=M%Q~nI;V1CJ&Jl4Kt4cx(XSSkTNm7zPNE0>X+UH&=UumHMT z3gmZI8=kY@2{v(TO1P4hE9lQvuHq+Kxf&m7_l~sVb?isejFPpdiC;bgBTWY? z{Zi1q{nx*k7uj0p<`b>aUxlsdV z?QP;!UZVkLRRK3?z&%v}W=5pZ{)`|BHhvIrasc2Ywh!Cs-UYzOfRglIXQ;Ho!4?qG zNh~ph^illSwgcvG?!1>(=4Fz575u@ z8UG;tES~WX(a+Ku|8O1~7JiDfMn+ESYR^ri+Ho)BoX&!`OJ~8(cFGv*T6-X0*oBsf zoX(g!9%UNo6IM*U5N>q?nhsVfUx7~`OXK2wiSaZGr@j@5_sVU=i>9~VK4E&WQOr2K zcSYh!diO&hupXy&Uuq}@OX{1aF%HRUj9$-H*w0eP6Q6ZD_2HS}{{i@{->Jj*HS~j} z@(BI0+-3-vn#3??F65U&c(Qfp)Njz<@nY>Xn>w-vWF)3?8&MNX$eszb3)wSqIl?Jf*tI2Yo7{iG z@vwGA&+_Q=&kW;j{&E`^l>^U_an=7LV5IeHv|fCt|3p8h-{Jt^e*%Cw0QhqN5C;H% z2>{{%;I9Ed9Mz1{=2HM~G2=qtT>rno8Y>Nsum2kyTfM*IxBL&nHZTO+Jo?K2gd_hp z;BFC&%K>g1e#SO11ei8Ff(fgK#&qG>>Lu`NFc}hHf-idC%H=vQp2R|4 zk`gNw#$pKWY#A$cj!(^gX0W}-B&cl=ER&(r9?(e(osN(WL!?ZSQ%OG(uQQ0(CGon$ zcnqnFw=_&|RuFHt#LI;77&7yG_XKo$g-%~chaq+8NAlet#LG&&To{ib&EpLO@dhQ{ zP#BLP&EpLR@#aXpUBY+_3FEQN%oSX;nGwOoq2Hh-FeGRR#N0K&oF|yOg_sP9VqzPL zZe3%7IUZs%B#OCvfT;v?j}Vg~0cL$W$V)7=!-B*rhOrnDmajfuDTp^A@fL*f7!t-C zht8{BL$MgTK+BUoT&4{}V(5OkNN6n%X)y$}bZ1yt?F_o}HS~qafX<#mXRnYBL&7|r zwEis+$n0R{VJNm^8|clSwEnFDbgn?@1@x8xIwDYd0lhVV<^@VGptl9k1p=iP(Axv( zo&u#8P;8{rdDu&!^aA?!0QyXU(hKN20_aMC(hKN21L!J&(hDf|x@o#+2$Wtx-xWa5 z5h%TYVso0t{T|je#x~Fk=z9X_8o{L(Q0!FGxQ_}hy?{c))6icElwLsJ7eId_PS?^HO>LoTDVNq%AO&BYoK@M}i;CbPI9ywR*m6wn#`jKmW2XwFCm{K$M zP`8HWS_aR6{=01yWNhXnv}0C0E!5C;Iy3IO5=G!+DV zlI@78i35NK0)RLG_*4K82LPWA0OA1PGXX#x5#pZ<0>lB#&j$c;0PuwXAPxYqq^0vC z4gg?o&;W4&fOQ}Z5C;HX2>{~2p7_rKfIacHIvzZ=)yb@YWiVA#7@&it$n;Vb{8~Uj z8~|(%0OCL$+t#V5WB!3tSTu6&ggSx5bLv!nTv?b^r)c*z_^6Y#n|(_irQMg(yoX0wnTF3aTpU<&{JZEq7C(h0 zw!aMD4#$5vK6rl4$5kL+vAx~Tq78NyI(4}E6`EcruF!rAUx`_>9pZ?fy@=y5wor8% z=;3OXBN-$-IR*LDwhpqyKMdi;{p@M+JPRI(lOe}v>2S8lR!1SC7z-3L%9$j;wkP_z zdJf4pVxcviLF}Mau`YU%F8fdUXvD$sn-0uS{HuWl1~Pn65Ppn=C;W{Jv;CX-$@y>P z$MMhS$MrwRkMHxBZQ)x%)r*5;y<@!y^suTAL(>&NE2hANDLC?&cVCFFtr#1gi^Ovi zekt%UyTx<5o}UAQ)eT_~Hf|SiqhP6n_mJKOshcWvBvlWv%EuzVt||jpWcL@4E>`Gy z-#dxQmT&d`kP>W2Ok~9K`w<($6tDN*D8aDodDx0ao)mCnA6tUYGZ4i+Bc2FV{{x5s z!COlpr3uugPnxzoYiz5lNcW%MzIqvlc;;Iz`oxVP~*6uyK-#yf#IGJ9gSA;BXcSUxR)`%(-Z{h+@Mt1h;BDUgd;ewoJC zJDm%_Z-fg01gJOT2NVScSVe0TsT2=LWaKuLTpJ$0S3N5uS*_5idpG8e|s} z&rmlwJQ_1_EJPtR2d^fyZ7g#l97#Sfedu791oQC=6igxSVOS6Du|vw_gWwrh-Ii`& zc3>639_kZ*=aF@6dJb+9p4muoVvzq#N6TMAHOqz4V1 z=<&Wsq2eX;i43PD#n%y|g8M%3uzZw6z{&s}CMTUXH$yy}fdDDyrUs>=L}%CxNc)Mi ziV1sGk*%+;RAEnVEXRe~jyBc48F&;RIErktWhB0AHN^}B_h#_aA2QH$D`rH317Wy` zB{P8))9QEZySXe$OwfAzS-B zu*Bjxqx~LieU3wh_&u*xL+WCiCUD;HfY?M`i_9MB^bMNBmu+(>4gg-U0C9W`Rk;W< zLyO4f6usgyej1Y8)R1(sgv2)2ZSVs&vu*>9B*-@#ut{cn`>LfU4gg-W0C52Dx&?>> z0IY|r0U!+iPp4P1Lr2g=5TN5;kfG&&DC8fKSQ*6n61Kn&MAQyh295v_3@}R5;Z@^ zpI?I{XnGd5>A`%1PKU{Zxq%Qn2*kKH%oSv<98*9GXJwNyMzGClUqJI6s=j&!~w(Y1pvfwV=LeWV(*CI#sCc#!;M~2eAf~X z2LSI`fH(kn-vYz|zy}r}4gh{<0pbAQ_ZA=y06w$;aRBfK3lIkYA6bAn0QlGf!~wu3 z79b7){%8T>0N_s+AdZp2EQnz7^8`w}UVxIFQzn!1j^1n` zOTQr-ZUIHZmPbSh_6L?P$J1F?OswHNUsj3MT@`H^qaA=~Zb$#%CkV<(B z!x_LVGVwSSIW=#nv@4MTKskj888&T%wDzP}4`*kBa*=ac-0cCQq@iDj>QU0tUd`)Q?8HsC)QlCZ53m0c)gl?!I_{7vtSKoA5dxdfwS+E z+Z)t`Vwfmrm~^Hv+(m^DHfQ)>)pRn3XzsiHkG>{xh3h1}q1 zq$zuOv^O?NCOxzp+=>Ks#F7k;0U{r^F{HMB~G8E$+l>}NJW{Tc>I+o-|nYb(=>zMoZ824rCw$Kq15`vikLYDNk@tXSJ8 zflNk&MjENgE}cA0jtYUjc&@JVKS<3agHvXbPBO#{4rUJ6=cHusitG)Hm4mspwU}(p z=J9^LFo{}CCX?Yju#7&9_RD@KL+m@m{&jS~en)LDI+?;`BNW)B+2XdkbFsLYkvT?C zQW>Ob&5@xFCu52OI0ok`q1I$C6V696I6e3^)m-DqA=*9Fq^fL1Elx}qK$TQ5*3*(5 zVR%-{#Yh*1Gft~XL*dm}^5}S+R=hWYiZ2xG2rpxHTrOG-C7i_wF>MAR6lUNO4XV&i z=BQAih)w*Jt7>6BN_&E{q}Zy78Bi7^8<-$O*7Mld%;6-@TnO-Jkq28c+%YH|$~=ni z+ygE_0MDbx?Js-Oba6A6=1vWLaxx{=psFL7}l@XE5n))U%) zF)2zVCWUoZgW+MKOQe&kQ9Q|m-o=js&e?s_S`fZulWoXMq(MXJSR^Tik~jc3&H}^% z!0{F!4geNdfH(kHXaV8?pkx8!0HE6f!~sCr0>lBpA`1`)04G?0H~?5|0pbAQL<pt_V~D~hAu9cb7o0*It(%zN)_rk(!;|5uz$#2!bQ(UgOno{Wz5W^a z?K+dN#SCffIt#y9^m;@O95iHbpAC1p9((okV-_ueI~M;OcujnURN^m%FE|%Jh<_eF zSC#E2f$srzEMWyN5v&FzXokkOz^ zs(6YqftQG?nEwIkNiMOQRHTRjwW~xfWf&zRdD6Sgaa1VR^+Uk0&#=4fi}FxffhN~ z)rP+Gav0LgEjMSUF`%u`& zNCm@@Uaf~Y)>N7YCjH=Zh9bRMXE@U1yf3z>>%s|78>sbx?X$qnU@YQ?9EY%|g~uWI z;)pry=4Kh=wg3~`(3Q=!5J#^<+$3o`KLD;5{2e4}-QK2BEplC#8Gk#dBufZOHl=W3 z1_tD~v5Kb|ITBB|PQzyHbj}|&4WDbU^M}{8|N zU;v7+kWDFQa(>+u=G-v!%1+J?jDYbmD0B_=!>bWiBYXRPgz^AVygag69+*2r zc`O5g()RyWpKJ$Mf!X|w%%IUjG6P5B z9K~pyQOS3v15C%}=j4Z_gR8{RW*q7E;A#LgxML_H`xzyYX`NAMMRC{r=^DY=VNT7E z=^b0nAda>%p4>kQ!Q?#A`K)a>3fo&(*A0+WEuNF|r9!k$3vUDD~d8eSJy2O11xwja4SA((E?v} zp<}2p@MFNiz-{<|0mc;uVt!Aws9AJ_?Q+t220WmyqMX?O%8gjqam=n7CbE2SSq}&f zuPxT2lgu_~onQizW=NYnl{g$DM;8Q?@c8>VnM7rUfP#9Vz#jHmisKd{qa*{MTIP?xLA)uJgl1+B)Z z$Q>IYJ)&LgC+vy5$K8zUJ+NpqO0BH$UZlHd^CUN=VI$^daP;~Y@o~eSBVhPqhJ^RQ znG^*dk5xkGvR2seWGF^5T#R42!L6x(u0Kr7T&{mG6mn~7baCyrwkNiTIWeB9=s_|( z36Tp&RZ-+5CNIj+fr@DlS08a~pNKK!n6`C#a!FjLo600;e-Q zIx5t;AXz{^#Im*c_2Kz|N+}qO04E51xCw7+K$UJV`WCEUJpXm3b4uE&t*|@aoKMU?cSD~p&h|NAKKY2#2x$@?Ay0g zH+E)RTzRMQP~>(w%V+7#tbY!!(sg-n`W`OsP4Ak7Si@_=XTeaomAWrNYY=Xu?%xo; zow|QZ_YUF?K0%ur?gV#JGM&jKm&+aN{+L_kU0v!c&$w_5i%Z~BIHDK!AhI0W@ufUv ze?f9a0jA&`paQG;SoAmRAfsHIp`5({%Rt<1L_>ysm@DhK*GL_pN@RPuYArR<*ZIHA zdbr3Ohv3$EIo7cqP7Ug@jsdxkXIfIT+J7HqS@+$yFgX2;ImZb+1PwRWH5M@oz^Ptyd81&~U_n~1 zmc&IoIO(}P5-TEO>mhkGI$#~s(LQck4WDC?;J9FbkRm8P4?lKEu)T4e&B6QimTxV(Lewi}6o%Ugiy)zEN7E@V$YwdJc}-&K%g9M=zF8vz({k znoPRWuWS&*UC)E;c8W!TZ&ya+~lwmEzO`Ng`)i})0Hd$qX^8z3kdl(o6j>$(_Kve&-^zcQz!dblm} z0}{Eemq-C~P%q3R=8!qaH*gsPLPuu(ah6-Ozc z)~%*OuhGE{(18V(>-qrXd8U}AS^0PHfZgBY)Ab>Kv`mQmW8(h7;L>6%f26n{6Zew{ zw;j0H^_1)SqvDqTq-dWKO-V`}ARbn>b6tNnc%LcW=fo3o(8!HYd#IUT0LaU@CZXG< z`4L`&&MD+Nf9tqe*Q(|r)wkftb*^+7LoNKbq8>Z%=P7Lyn!6<4__)o^&UIV*&;gLJ2jNYz;y!{k; z(>0$`6gR5?Km1oE0@nzC1bl2vjb!mG5`!!PCn?sPEX*Be1Xa15qWJxMQ`$@V*N~x9 zm;f@K3&36_81=u;?`i_-(s-GjhwWX27yB71ewk_TeG??JfO53=-+{#NtO)A?B>y^_$mcU;&Q+5J#dtCwR{tkjxLw`VFujE zo8mQa)SLSTYoH~{&69}9`|y#02op97ZcCQiPmMy=0TNTFs&s>6&;n}qC-8z@D*==u zcGYD&mm(=?Qdl=)YLq!rgYWdz^p%E-_bj0F9Ay7@c%&Ns@i>DHSrIret z@N0AQ({WtwuGITxlcK+bnJQP6qR}4Q#Upy5+S7*}tidZkxZuaiDAJ!8E;+&bB}Red zf)`PsHKi|FWEh{Y6VwQ9Ee+^VGYEFxm+aXA3L_@JjsY6<;uKa4=oZEg+V=!_H=?@n znuiU6gGwy`udYdN1za1RlWalR%fgO~$OdgBN%IhGMb;CE`4^sFel-SNtXmos9{Q#|HD{ zyfMg3FbEV(l$J6v8j{Ur2In)4iPm5(2@VG1Q-_V|LzrHx!EY93xD0s&YA(9bsAa)b z3w{V8XX`WAdl2;`0JwJovfUvtNL zv>|6ZRvg;FX5aa@BPH4Ej#og|w<$=Uej`&LNCU7Dsk+s~DWGh=UHS6*^vHRH`5~5i z*awhH(-9Zp{C7Iy_0WR0cCJbL-dm0KjRbXRQ$rODN!*5 zG)I~ETF&aCqND4}-SLdt61+$52KHbYF_M_g{1hR6(zg(A??H34s>Fs#BI$ovb+L-G}%;gc1J_;pU#QfH= z&Az?a$kUsRno{{qa(>&`Hs9Xt#HXS%QDD12@SJtPus$JGvwV146o$peX8a4rqt?r7 zQrvphxu^?om1P$*-(8#1MTWYt0GVAZnX=<@R8EfXs_lcyxEu?VQQNrsarrp3XKW^E zCa&zpl z46ikzaf-LE*=DWSA8Jg|{17ul=a2sXv8IfLIsCQN_B+R#Ec9rAIge&7Za=O}%w_SG zt0Ht&jBPtU#mhK$-uoixQ}{2m81p8uy)l#D@kw!#4!4B{$s}?#(JMyt8XL(N3zc?I z+N~|2+rO;l0qvG>u_?Hy)#TH0E;#1qy9n98M-qtOeW?elxRZQzw~t z>ZB3w1z@b9t)PzWP<-(xd$CPaP|eJ(P&H* zNK2~`)f;6!{?}Iw>K4@V8wq=&ck{?dT?<()4iY`tzeDr;<&Mh%>$#6gX zS}WSv%d35UPBN`e8p(3Jwy8KQ}xGpMR@>g)w=v z$`&xo36qZw21iWKzRwg-uTtKzQd%CT?AXrQmnrp7m_-8tMB+0^ecr01m6hU7XjyX`ANY|5jh$pBQ zPOuTcwdvN8b?LT|jp@N-+nTfaVJ`L`LcrNPUOg32%hfkSFrxCh7O+-}>}N_&XdBtK zxQBufi`h&C`odsm4+W!eGp#2Q>g=INs^OGXXYdApPxAEAB$;H-^&pWrZS>bDf1U65 zDk{`0yl->9;I2xK-QZ_=IYY*nPg449V1t?ma^)rv#ot~ z_9OCYbaso1&gPIdcGp1HtDDsQ@|&hhm>)OjbNir^u?U@L`MTy{9)yey2DtqyJzP$w;`tCBQpKCLdz80> zLz#gu+!rz|Uj|TX=PZ*EGB2^(Mq=YFX?5O*^OR&vwh|YI;P9CN3<|mcF4lP>JPGb> z6?8IIg-$>PoszfcDDQa)?0mUrk{wT4tE_T79&^-{7vGl$*p!=H%<{lHA)@23Zzi%y zqV>Z%oO1q&FE&}_yyoB|C{{r>hkqry=$43!qX-`(fG?xmj{Y)J^qTXyjubB#V05Qj zj*&CjgI@KIPZL0qx|d zMxK6ZomztZv(DmU4E2EHH_PdZ6o1Sh}O5by;oC{g$YexermN)lBU}wl0GU=Xh2qLou`c*b}R8 zzX9F2jfd`7pX@#jiE6d4ezM!lQeZ=>oF;$`*=OrUZF>IU;Hti+;Mashk)A%Bt+XiR zwoR`=Q;#kCso)o=TurHT4vY1vMx1)YsT-U|fu`em&|Es04;9HjWZAnIs$Kl<7qsK( zcrANJ`&QqUSei}!@4cA4=f5im9-k@Tz`n@BFqf8brSX`jw)1$Zvobx131jsvVXh0t zSM|y^_ZZPcH^fqUQHtzQB)G(wZKHNHSo+MiDFvK$Y1?!#24s~|s7>dPW~#BylmcIE zBbi)X`5b)m4aQ%h=`U}(MTra?^*ubOdIcJz;%HAE0G9nvYv3(_Mdptih>a60>YCtK z6!dq+k^BtW?0p=Zv#gM@;<~vSDol7D)8Ett^_7XiIhQ!!Avfi%jAYXD4}&7(tu$1~ z4k&U%D)wBX<>6BBP^d?XEz%0VLJE4;BkAB(4(GR8zhu)WccW%?FalA_mh1_xjEe7u zIIN!bbD5n0TkQ4y?eu)uQKmYr&1OMQe%*_i=cXiH*v;>chbjH=IEYZ5PJfC4d^z_= zV5Kktj4|z@j)gyZsxLrKg|-i;qVS7_{Nq7<%%y(F6H`1r zR@eqd9;@l6s_5f7sE9r;;z02nNBY*-7y4fK47K24QA6D!i{3t2+@ktX^3}_O=PXgH z>OzXdXB7eCMf|f#q^OB4~I%lrd!$6SLLKWmXrEOQare0@Fg$C-OU7s zPimdIcV#0;Q-oOwjq`(pZxrvAQ=~Rj_%!f|i_s7p$>aQL;gDQ|NsiC^eFJX-5hbHBr?}lWt zj_qZ3p@YnO061LW?QE2l2rN@T<-^D85!e_{8N!+v7x22&AL%M z?BhJ=dyrla>Y!;&Wg0`~s9WO@>B_Vxi-V)>h*^c|o_SyTHw=WZAjkfVChr22pja=o zU2tN!T0~aDHT-tn;;Hm7}#tpLUN@dF%%nwN|UD_71 zXxV~?yVIqu;pW-w%(%yqQPkDUxvM3=$mMFwOOdYOIagC=mk{|>|7exw>TuSNr>_gP$wg;!E&}{qO)7X0 z4IC&orf^`iUb=c*v@w;vrDk!GK!jteFw~4kK(hrGoV3TPr z)2re=8JOxi1+HQ=!-Yc{YZf{yTN+18S;SW86mm;b|8W=Ln=Wm`JoZ1gkpe#z#G7)} zu+s=@tcIOVSW~X4SciKia*g3-(Bk~oeh%#^1p=Vl9o*EMYu2lM2jm768gm13O}R#S zL0E6krxCLq!6+hJ3V`vVcgFQkt17g`P7N3GtO^+WNlKZTWbkLyz@$7)YPe)2 zG)~s4u5*#ZwXFVC;u2G9Da;v}Gk6Fhcmd^L;)!+Hq8>Falff5AM~)OrlVr@u-4#cz zNG-LxOxsvA@KS7!7F)8pHovtkg8Jr~N)ea^;#^X#$-yRl8Lo0rYX{$KN^pw5KdAb_ zdC1U&J)z1xQH6Kr&!>ND@!R<&WXBdM^D=PMRw>n))}&gZ=m|8ffC|!TJldnA!kwWO z(uu(0l1>EZ%#dhSMF=J?(qj8wgf72WEyIDM@}{3#HC+|}(uHD*nHw=AJz1e4<>88? z@B-?2f82O2zVqp;AW8?K?MShhmWsS4O}zkOk}99yMVkYS3O(IS;#x1%l&E#;&!~>7 zr#_vjG#WM9W@rc|C8&|?ldN(kQ@$xqQNs&C^IA5FM(&z_k)7x4#{$DYRiWykr6D4H z^rw(O%rB=P!;3(9q&+W!-HHaISvnw2wO$N_&S>0xD$;q06b zl+fK^^0k;Q;!f4c)PuES$(FVPfAe-l%b(JBQnm#~db!SN?F*W(Fu!_FSA?3iS1u9a zl|;U>b7MEq;TuZ2!zVZj62-*>=M3MXDX`5`{?HmB#Dh%{cU=ss!T5H>8H zWc7*Fa2ev%3IW`c4R`n>{NVM4d>$`AUJf_zP)-F`(2>MV2bJ8w&e@YjsL5%}ZT^Zbr%O8jmn#~aG>wfW5y z!ld~I3Lw(l_}ye9xKki)ibIxyy9DCvohf?%f$vNP?Ki+zYTiD=h_qt!uumC@u8qOU*SN!2*G<*~Z!0LH06Vi#VH@$7NK0@lQYh5nINdH-^3C9K ziO!bb0E91O-MHn1%g2H6OXHA^j7zdN3KfxDI zD|hi;e=xSMWz6HuJ^)iKU?C%7I{??329K?4<((iV*hHJ&mYPwh@se}GG$VsSA%c8y z&4UXvX<3uv1UQ~Exf<*gQ6I0tw{?R$r5wy)=3w322q<2V#jO`-lI=F;6)@0_yTH1aou4skFfzO4dz@6a1G5nB`G(!3*VTKW?Q^>OvE`B zkRxCfAxSWC zDvoFHbCyl-4~*7s6932~Ziwq+=MZmmGWZ$uEM=B*P(;p3=w!5K;2tuWEZ@sd*U#}= zzK>2hMi<-&t#LR+zg+oEIw9<+x1Z-GFL?%y zX{-DOkHBB-uS*%xva+fcp8Y^?KV&SP;)!Clttr-`M?s7i{S2ChyLTLC7XH|wamNT2 z-DUGj2flmZZ#@3SJ&Yfm1`E1THsjG2J8=IDjnXmm&|Y@p+-7hRLvT>Rfg2})qmU#o zME1uoW=Jx)Hx`l#79pfC6TKgCjd*vZh{1rUh zP{u1+)n1@5*;l}B30O|p!64;o+oc%@f0y-qZofLt@or&(S8d@r=NhF zikQrX^GQ05nxtiZ5bIyg`@oMYdnz1?hOjUcPZ5H00gB5nEJ# zlTS1+rgGEHki8Z|JndXZcx`y#1ux}x;$ok@@oh8v89nJ=u*jNR9^1*cT#*K@iZr|} z6-S)a^DES1*%M-yfz6xsG={p+c#EC+CFKCXJPX)C0B-O+nT7fB0=_X5XFuYN@RGB% zO+w7?*_a}hRcssy_5z7_fH4GTSwqlJK{78^C$s-5$sDleWF*+*J2D%p7O|q93bdMuNRSqD2OqHEJyloW6u?v0U*9Y8lJ>Wr`BSxqqc|L_ge!cQ{=L zd4(af+~8HR<&|HPk30jYhBy1qv8c`;NIMhXBe*}t8r&nuC|*SeQz2jR$ogHclkz3d z{x{%=c3c^JfZqf-74kt9Ya{Xd9qC~50B_y>`{Yj~d1U;L?7rCdj7A#2V_xk30<&os zH(tsimus+Hqlle<{1z~#@zX&!tHvTXDC3KL26nfvw>);fuya<=^WUoMroNq(;wfZY zPN?M|uf6I1C{Dtyptx|sCYMKboe8=xJmL8r6k{{n{FIEh$v>WJK-Yqo7G%pY?hPE9 z#z2*bxX+0irhJv060Es+k>4O}Bv6S0V}a0*PivQ&A<-9v+FjU7g6` zmgdK%jvrwGqX<}Kq#(g&q%f1H&{KY*k;12pW=9HtrU%0mOPrlxpK&FY4YFaDWe**Y z@JDQihef%y)SZ;RslSUCEn=M$2;1@7I}{=GhIIkElbqj2bz$&GJ2=E#iNDY*jg>i~ zVzQ$>pBl+P8#B3V(1wn_G24=>nMq47tI6b%;dhY$9~0#OeMmZZ zxQcRNi%iG&f=0w`suNB@TfP`+kRSOvMkPKA@wR6Lk~^6T<0<)$6zfdx6BW zEqF9zV5lIO-&ZGdNR*72%#i!{Z8Bm2tkQ%_uopUpIx!8F~H05KL6NzaB?YU&>rpRU-TW}=t=NMBx(t1+IerU zXC0WiVgSfq(c%tX&$MdDMjnsn$8m6Q{Jm;Ot_MwB{8&27acK+l(3@kRH$89mZF2m0%A(W{{G2)~$pIqvTLb?VT_KQ&Hj@00iS~=@lHzAqh^u z8KgpA$6DWi9=EtA%Or!lPD#b}I@UV4%uvt`9zmZss5i+m5K_bNTrcPs2X5OfAIBKU z@&bNRWsK^RXcnH(4%39TYG{jw@|Ix^=5-^ z$|Ee}w>I74bv;S)j60wz?l~OnVgGZBA|Q-7!||;n{cf__9P~$1gWa`>PNmusE(Tf4 zv&2a`7+X3YpQHJTUE&7^~-*+ILC z`7v^6iFMRX8v`@pHvsXvr&RE06lk(ii>zQy_bGgEgF54)U`&b8{+Ix|B2Qrer#hr? zWEq$RB<%PthGkq;ACTKB0chEw({hj&WK2PN?NbA$ob_QCV$_hA@*N4BkEI+0XNbj- z9xiwqXtn8~!1?ox2a+>9;e6CkUkW6)Ncpi6=}`3WV#Yh%FdHE z88abPHYVSS1{H&pq~Z#XCxXX6l1DFi2`S=IccdXz0T(=p*wUh&T!G32C$lh4!H;o1 z3u?F&uqF5m&C(=X=jcd{A3T;XeN4l+8!Wf)hkbVguvx|ztl^V#$!UA%{DITBj?pse zcbTrID6=il8kAW7lV!{xCUNPkl)5J>T`n_3o^Zp}qGe19CQV+W`pM_rP_dd7wMB3s zz$(>wUEX|44jBa+{Sup;qd(*G^RYROI2 z#1YSTjzK)tcjd3Iz7vY-MK)~u1TCEj-JhoLsc@=mn$!l9jFkovHN~pDB3<5#|95;p z6~0dZSuB?BE|1tDG0es$gY{sUwS=Fe^kj(<>j*HnFbVr59L25N7Tm+icrNxLV2&2s z$}ne&a5v~dhF4qx;%7-`)WSVOZx5F!4a?ub@<4gXzwJh!HG;?zr7212Y&y zqtFdL0;D-u7oOUcn~%r@n5xS+`Iy-~fx5=l!60e#)Z5;ab~}2NE8zx)@!ycf%I0ct zI`})Foe6f*&SGc8_0GEJZ()6>okyQ`25tiP#+n^3_==d6SIY4`vO3G*93D`VgQyay7}!L@O@jZj0Z~p zB1vots)IU`i_BD!Ql@1Cv^y2Hw%i3)MI11;Q$(g2KtoUYNDHIw6Z+(QA#Fu2xuo`! z;MgrRQWM?)rC@UC<*+S7x(!ML@3tAL45@S+*clWqjwD|#ImWZ}*Ce}aW7f*96}qjm z%f@AgCS7EQ2{tP`X!`18msQzez_yC)HqVN*$QAO!Om}?<&TCihJ3{#`6igO1RGa47 z#@b44G2xP9RF*o{3Sn2(S4%oq7hnM=yK>NKL(@S5ft}7)8zL|G2Q%I|7AkQb{!njd zx1t`&Jht-?U{B(2DEy{QQI)&^3yoP^^yihA!s`wwpUaO|LfwJ35mtH^PTc2@`cpm+ zezpBk4dr~FTVjNkQMeDMcR(H@#T2qe6ABXAH5RRg^aHLeQhdgGdkh*BK0l`^%FW~N zqp4p)Fs~u6cs7RSGGSp2&n#&S;=IQQOq4t&qw$FHq>;vO^ONDR#f{|%=8h1|54O+> z!>yWI5rxE6S}?CEsPn-Kn7Du+D=5O^g1QiX^eZ|K^|`cD#5Zz6Cna){Seh(DMNZ9K z^C>OH5nBCC(BtcWJE`XjSWFy&D3P*zM^xD#1125~-N1SYJqng!bY=az_|kyKXn zw~V5!qD)a%1dFWtFl}TdRFs&-j+2JyFw{MSwc9IuR5>h*@*5`U!Qq_=EnO)%hr4B; zkoMpRDBMEx*;tXiaD6ny@{Y{D;QdR;h9aGN_j)+HbujP^%>uBp`4N6Nl9e)vvB;S0 z+&}Sv7kWLM>m1%XwLi}D25SRvxw(1k`IYE&vBzXRM0wM`jneLn*~Q6HPGB#s>}6u? zRq|9rDDuQ_JWpATR2z#_$rF*iu#RE00XUvsU7m!d=BcwfPmNowlBac$r)#;CYx4D* z)#q#DJ)(ToD~k;=7AyJcM=1CjWX8d0LeOsz3hVTrBa^t$E$ghri`4xAisY8V25&B( zX}ojr{fpEA#=~jlG2pQ-UC7`N>$WY~m2**>7~*D1Ll6><#7`Of7_x51KP4bP!tJI% z7=@5}yhqo_z*Y%s&8{3{@eCGjYt9y*RhAUgJK!v^f~3G`6XL!pwtoU0b`rdua*FbL znB_wf>uq5i(Fcx+nPg{sS2I2fQO@)(IRglt3!%}=Scj73%lJw0p;&IzE?79G3! zsOfiEw>TcJrKXW1GYkaR=37$4fX<_0qM?H?nRYj2Ick`xk)6q0_{$D5TF>)ppRXP z;Uyto8Vq;v944Y@eYONc;1x5agAUrEL*X#?3VEj;I*i}$wed?k6tm{}6)9xUEir(0 zD8Ib}jXK~LcnDw2E6X8rIOQKJ&m_Pm<8NoUO`lC(ykI>cAv&`z!v7{Za})FlIMythdrH{+MZ`yz|?GVtk^ z7{KD?H)f799w^Zq9 z+*%1o!sV9u8}5usQ;R_HNQE3o8)+26aLjGvMg-BF?!tyXzl{0~aNEXP`vW&^#^41n zJNFLQPQGqw0|b`uN7c-f$G{1ll#is_8XU^_V+n65ZzyE80|D92)`H?kli}D1OfXyv zY#h1vVTT>I<@A|lTyVxA(MB45V~H+XVZffyERi#}dlUXjUX)hw5{k4uPQu7c=>ZTb zV1A9B7QJ`=L@98l>6XUJFEbKCCox!^0H?GKo5I17*Jk(@x0JCeWs5q#IX~T7;I|Qn zoL;65Vbu>h#DIFYo1fkR7@8+!q{>*JGZ7yZZHVr|Us;ED1#&6L;YuS2x#+%d97ca5 zcT$c8(uXN&!i1}>T#gomD~z;aY+2{sJ(Iw68cKoN(RFo{AL=;&5`$- z@QMB%50_io12~1$3PfW3&EKD2*N_SFk57zXFT#$Q}dHWbqR-Y8Vr=Xw=kU5?@m8)?ad`nW@SoHnq{* zWyaKE!}3rPRXmrTk2SDC<^33~#NWbJcotHf;rHM#@6Vu)Z&1&e>9kVI~qx*gPHIZYVc4W^)0_=zl2*Ng20Q7{StjJ8$gTU zioOoYmp<&ICXB*GI6vW$1dyiA6&!**{Ue?yOvm;P*Z>-nF|rGe0lk=A7^0?O*-&C&dwZ3S@jJISVcen;%q3(( z9D771^0%OK{)27XH&LDjjPZ5!<(61FC^nHYhPnxCPioZy5{_1zQ%zp7+SNsd+85!X z+hpg+u6gh+7B|uxgtf%op)>!KbYBJrZ0f;KY&5V~+30>1pAviaa6Y1yUxyb>OK#k0 zi0gLK8yt%OyhT>nE*)YOjctkPqEFW9sv_(!B}3|f-Vns8=<`|UC;>A;VEPQA=s^jP`*sh zZ_Fr&<#z#78mbnzuxw-^EW_}|UJKLttr8lP5QZ@i=HB^lbNpeejB_*o*!Qt+vMvYs zy9$4-pDp;a|5%snQ6|m!8w$7SvnVPr=oZpaZa5d`^h&wCi6E3)h}r+~j0ojk36Ney z@F+?z?tcvabTEe&jPwL$P?S}cMR2euI00W{xRNjo*SGoUUV&d4t}9qp`ym~-!~paH z{PYeumXhTX3uA%KV$i9}V8|fMlztxZQMwOKIgwj_3#c&j@y=#aULH2M_Y${6=(*T4 z?aH%o-x9RO?1+IW`B9Ts@`HOcVi|&gDH+1-hsh8P%+=*6Eji-yAPgn)hR#8b_tLEp zx5Ny!PTO)rXkxm6jl+?_iP2jP`x0S6WQj{tM2VWJ!A5(~=C1{o@Q?a%HN<@*{;*nQ z^?}7vr4O{R{w4bGE`qZD2vo|$-O~H;%r8Rca0^N%Bb6cF<(57GxNxL?rQ)hKh<#4G zfHjxeAT@V0u?t8R+VFdRy5GYuwP7W+VI`6w6so{atlBaPh?r{Yb7ALq0MW4Kmt$I4 zHxtrA6H^Z-A!!}cR>0}tWI#K0-7M>z`$MOW^@7s5;kIaeOQyWw6k=-IhE^ZN$~n9b z5d=%(Bc|#X_D`4EG4?Ljr%MC*O|7^Zi0MX8`>~qfPSlS+<0rObGJH~LkRaNzkNN5T z1Af_#y+vsp<(3FVBgRi`M8_x~G7S}x{-1)C(lL)a`*&6ki(zwsrBU*dbAoiMT*saoJ{l6-D`n`-T^RT z2dRw4C@G5{1b9mWwOMs(#IFm_u_&y*g@uMIJoJwZy;QI(213uW{ z$M4MqM7kbGsXJG!!Z}%VZ%Ndxr*$8!jGq=P5&cN^+ z6E@?a2NGeY0~{Q*9AckicGlDYM@20JCmV2>l)M_YP6Z!*+2T5-VT+?@Wy_DVh0(LH zg?UoT7Odyhv8AKu{DvylLP51qeIfQkK-@aj!>dzEL52X{|rEGz~Z+#Jcs-1FbhmyxCK4jgR}>;DLN(abpa3i zVYl2lFvDDK`Woh^&!yW$Bm&MH0fRT)Cgoc1SdhdW^J_o0a`L(1g5L@k^eGptom7;oVpcF(~a&2sn47hr98(H+t0mcE2D*d7VT@^czWiBjda zk{|jsKM=8aPAA^Tt~2mid?wvCiT19uH0W#wEvXJVM}w9!=-ld{^EBvu23=4c1eTfB zg$%l=I_P40M|NGppdVBRU8+GpWYDteAY`1eE@RM-s)H`4cVyQU47##9=qe4mnnBB} zgRaq_YZ-K1b7gYMCwdl~fe>L7X7dSusq47$HM=mC01cKw1uShtQVz&G@^cU{6f zShd*REiD5$d=U70`h7~Y`iQ;xT&o$64~H`J@+!NR05!Dh_-k$MbfH+ z^=#J}hIC;U=di!&Ddy%J95Kg=IkwJ4-rylJSxE`!*rl1`wsHp|+L_1UWu2~Bh|~4j*RJa{ zk8|p8K$mJ$qudrEt?R}9dIC|Rw02KNr{e2@!C9+y@P|WeE#4ALe+*il5B%2T5}0pr z4))tpOD=~cy*%IO4{S&-xkB9bSYPW@oQWur{+Jux(v$ec_>J;@tXp~tL7wP>J=l?4 z9)60(ZA65%n_K!7v6=-gIgY|W;c13Nk%d%W3X|N@GsFsijo)elApR_a^iW>-8@M~S zz+}R2;lQGI5B-x|eNMCmx@_9eO3^+?3~ApnCn$R1mI&*!4*NVn-?9$76!Cm1d&Waw z;NxS~VJBg6v48c0Ahfi2QT`0dm0A@rOkjJhT`ej|co*f2P(916prByJn8e6p3 z1{b5cZ1G8~01~TN=;=c2O9041EOm(Mu&16XroA)A@*#;k$cZ6Ua(a~j$cX`z6a9VU^cqoG1;ffo z$SAIr6B&b?7+>Y|I$Yl>rwReeNfNbkVsbG#iMJxBHyGMiP6YOm)0<3v^>VrpWtJ9w zVmu^Yi;t1h?%@4+lp{kRry6`zpH>h6IWYk9mnHfua^mgtg|XQRf$hoNy1iEOf4oW@m6H@HbeW$ioiaydWVUxURKm8 zl@;S5`38LY=oCY$Wc4lqkQD={Q}kEMs{9^NS_Q+3NysR!)hRLtF)_Z1>3z7qRi`Qh zC?`qO%8AKYIl(xiSNm7?SD1=(V9jDoMRT_3&mDp7DX{$LlMC4K1sTEYi;2jZOI_!)xB6x>Yt*d+h$-xl# z9p%Y6M;~L58j&4AS+~Rvp%#l5BMaDPGhzhh69B;a$z8~#Oezu2P0Op~;fHXS|9~GZ zcZ^&&KNbUU_=1n{!*z#`@zs?9##(V+6%C<`2fsARCqO7Zgh|5zV=-w+D!nb&q02Rs zhRTM!az_68T*K>R>9Cb5iX72xwaMtM5f8kpZq6vOtM-%*<*KnPQ&Q53AslW#3 zrhA;VIme;%_^!h_?`$M9nGlZ6d6Qf;6HKNs=lu@M3=EkWG6z4H7Nk2i=dIqO0bFIy zn=<6IHBl;a-s-cH*y5|2^R8gaoc9{h?VNXQl&9F7H-)>(oHupCGxBS()MJ9_K};|WPQn5J-scDl|w*a5x-->XsyXPv#~&7C>t za4t(a1?cLVTfk!5XD=rcda~xS&JO$Rv@OEg;C~D^6RflKQQ^Tv#y{6dB=&s^cZzqw z^L1h@OOvU;kH4{S9E^^?rxts;F&N(sFbK%O0|z)1quDpo~G;W z6&kcTXgGXl24;Wmzm%@|OB`n#p>iImsOu28j<{MvLFMNXx(K@#6y_rhb!`hO>beQM zsH-z_?GU+!M0i6XbH&^5D&+k|rZF3M>iRv>*a{Nxotxp(yzPe6l+!IS)u*maz?HfV zfoSN;I)`ViYld<8&PNDQyya+RG#^v0v#uM!m4?22hjraG%eqd43^erqIgWEWKDZ80iL@45V>BCVr&_?@)5mF zf2^gDb=q+#h@ARPO{2}x@qlUGex0+fwZXl@CcS4l*!V!}dIVGWiS_6)uE%H$x9dIZRxE7K8tA1}DnLN~0UTbI4VegB?z@<+ie)!Wx}zK<^`PnsxTM zR$-qy6?$(CuyH>`X=y%wYRb388Exd(?wn>yu-!SzaM13Y329J5EzUzme)l9^H}Y$7 zc8uir734y^M{n)lN zPeQt?8<(I>W0|)&zDWaHeX+cu+POJe8ZGmdxp(YN(yyu^_Jok%o?t``vRk6kF~Mr<-4|urFfTc_H*( zYt-LRTAHJ$|88A9Q9I5{^B9_SopJ{P>v|Y%m6qiJODyc9 z2J1RBay?^e#SmvN@T}!~MYF~G;6`<2ou7jP4SfMQQVym^_43q+gRdgjlE`($`c^01 zDDEYujm^0Z7aaE-1af$+vq$GNwO7K+u3F}&2QG( z7ThZp7bRnQh@))D+>aQ_{o8w6*LAmo!qb%V`oGk;4Ne2n)%LmJL5sH|@Gg{gt??5J z`%SBL{WNl&2o5xj6QZ*8FSf9SFIryCLtCObdI7aed;6D=uDY&>bn=LoZQMVhMkxmu zM|zOhK||S+{-d40{3n(khQgN~<2Vy*FkBU*|1A@SZQ~CUF)xQ)vex*5k;##+qp$yCYu;Inwz+ zaE?TKq>y7AG?9q4CG}i|)lv94XV203n?&P*%vP&U%9L z3Nk~;Mb2r?j}s?iWbm1R%m(CkiS^YRHrDCRT>|Mr%1Y-MyfdBwJ)x@?$R{v2uy`oGv$ke684CaTcJ|7YStI z85Z&70qG(%<ZJ1Xm9tFfBo4E5oWy+?@?hQ@ zWkH+;*tw#R3nNI5kYW8DAK}D#$Qb|#rMgZe)d7hIgrDnPQk-0(HSvl-{Ln%MB~}RJ zp*t*Oc;YRj-rsqtSs}BX%@gN&gj{Q4&33j*obR0o$WI@!IFk|=0LO8TgYqfQdnPhT zO6)aLUZ_n1>F-Q5lArDD2MA+*xxbB7O6-wj30@VI;9>)LaE9XK5@#p&msq61P?$rXh?{8RFeFj%(CWgC%eQJ2ut_qp$tmkgxlg>2I zAxS7Ik^y)vURr-M5AE6USmT`%1QuJGh@Cb;r5=8igzX(mL2}5J&>;vr;|;+g=&#M`#Z%q){N7M6tf_HVed!(mK>_NmHsb9@1Ej zdzjmnhM=4kqYcD4-0cv^17}wtLk03o3}=`?Zi?Zooo2bu{ZeDi2Ay@%)YS{2QRFa} znCS+R`WxsZ2$}87ati`^vR5H5CXRA9OS1&ue8u7%XQ)4OeqwQ+ck$*A zaMm(7f%~a@k5FC|rS+xzwBT%pHi7(n?zrCXh0a$7vYG38AL9}Q#9(h@ft(mYhI*USke?GxtcmVA-Z+8$rO|OFy@umP&N|*U0{OC^ zLcRuMdx0DWeu&cx$W8(|9~wo-X@Kk^kjo8@n;7BkEs$GtisJ*auRu;fEnuuHAp2{q z805ej%J~7*0^&3P=Mcd;)j(PRIZPm1m{{$A%o51`F*-*Joi!q4$07ww7lJOpRUl`^Ah!$Th6vK>-6fDq zOun*-PVXMYiPFk@_Y35Z2&dp-z65#C{L9Lx=shNou?AMe zr8*|DvG;k9#=&XcArwoh#3eJy2rh=EK3Bmuqc?;Kzty8+T5kbW(i79r@h!Ql;P zA<564fV2wa7L%_jfUG5uz;HMnkPd-tZgOz|AR`2F>wQY+U_kN$dDGw=1_IAvF;YgR|awi zAol`-oezUxnBd=RXAkfGtP99lXDeiZbFlY7wiYEgY=}Z~i9-RY2PFL$3kkhn2+q0a z8Tc=knCCq%kopK`q4%mlR-SKh%HC^P4|MKovyc&LdvyfB0w*_+4KnpnykSt=I z{Dg%p_1+c86^~oU`QFD8>y+gRneANUeJPNp2y(I4E0FCB<=M_9UZ$2gJtN|9nb)tD z9A2EUl&|n|0{LOY^G#lpKo&+gKk)_# z0@+Uikm1V)G8l7Y{Fh6-=>>xG`?W3PU9VFhr$+pI=oJJqJ(Acb-pE?6lKm4FBmd2I zKJ!NRfqd?5D6yJ+i}Qsyt`E*%ya|GHtD=CPzj|BLQd|1%pr8fL-wos!XzTcIvYSY5 zfmrCXpHs*JCz0H`)*FV|l}J7f1~L!5IseUe`X{#&oL`{FS4d-WM}a&ML7J003*@&E zq$RnVKwga?ZOO?3xh|sIp4?j?cSotOmE2b#w?#NZlG6opPXrm7++QFEMv%3W2MT0X z1X(wEh(O8_WJK~Xft(&eg5*qroF73tlSc{UvItU0h61@I;&5bgu0S4)AfuD>1@dOv z%4baSc!BhoIyl?eFjgok3`o`>(R zpT`<@|GgHsz2!Lj_1kOlftb1Gcf~sTeQn8rY2LFD8e~!UF(BS{g_@6NT^^CvQ;D2HG`H7)-hVk!d{5u+dv+?g|;*U1;t}*`k z#(#s6cZ;EarQvU(@rTC0i}BxR^0U8@{}|){*rYepq`#r@PcrnMGUd6*_`f#(qfPwv z486UKzt;Hs8+t1ZzqN+{_k^DfoFA>E{^XoH?!vrX*Dz=HCM@4!&TU%}o^Vdvi2j80 z+%^gyIYGZKZ0$HD;3vjA&i*5ZIro`(`EiPW;udi{-~Vzjo{>pSSzI`X@un>Hp3?8w z*Y!Kve6RbJ`j?w;fAg(3-*L}s_(ta2{fzn-nD1?Gs{a=Ab?-wTDQw@9%$ms;6W5dB1d2M38yPEHz=KFJl_b&25`cIkfqI1-LsrjC1@D4NnUCs9n^F39{d&=S|&~MT? z^bP&ax=Oz%82{FW&Po&SEAze9z#m6Bo(ul}hWzpSs_|#GSN~oAhp_vOkD>@02R^&E zd%KYqkU&6M=!6yoC3KKpLzN&cKtxJ_C_&P5cPXUYU2X;M4_@bs{aPG9*k7i3!*de2zpslFzY#~{_uQCn z+$hq|EFx8=iPSL{(~@$0VLfXgf0gwj{gAs3dl!b=TZeUomm_C5x1=IOsMfx7J7aF%4Q`~M$al0|a?Zy!QTo6pN0N%1=<wl8uNL>Gga} z2U${}|27CI=?B;!UwtT!GfaJEyDC?1E-9TEHKd1I0GKPA$`$3<#CD$*{Lj^X`RVy0%|^9Hcr*TGA7@Oy_$ zD8E7%{Jf-H;-Ed|LAz{#axqPS`5UHL(EjsaKm2`xv2S5NraWY92`pa({r!7L7xMiM z{g%=~*xzd*UsdSecIY3W4f%T5l05j0DttcXJK@!Kk>WQ9yWsN+aGdXhv+ zj2(l|S5m)>gM8<}o1oo;n*F;!9fIvng7ZJ7`PW3ci_!tmfARCw2$6n5wvks*zAQ>- zj~4kRQMv`jNnCz0r9RMK(fugD2FDlr)qIf#EyVQS_1g#WZX>Y0KDDeHE7Gx05B_-% zk&c9R$M(eib(!|pwg0id#B-G4!iHaCtc1u>JnK|B~SN#QhR- z5XJ$>w-b)Hmyp(l{*3$2kM?T}%p=jo`=@ySS)hISeunMDw0QqNqy1C7-|<`dc~I|` zRGx8v;qkl&`rA8bhcdlI`fV?fzJ=|;&o?X(X%{$upc}3f=>y95SCDWsa``Obzk7ev>LaBx7xt!9Y2Sh#%+8vjRqV{lYM3;;M_`IHJ z)~6PH)(ca7A`DY}+745EnhsNZJ`7WQ_6}2gN(@tcVh&S$h7MDF_SZD4quz13vk|me6j6Cd1K+cX@~i16Da3f=%Ld9fOM;e1kWkfqdT7$0PLFhZm+$xiZG zaxgi8oJ;Jpr%F zOZNMSJUq|AdG}Y54k#39*=$Tp@^x|g8;qFjkN+u(Ld4DT-_hj_8Y?Q#8HY#FQu>atNGrqou|9KP zJvc8N_ywk3EQabC--)pUExcHKSCQ``Etkv7@nYc}ME<~+I6v`X<<2vUj;u-*`xOLF$}kX80s)Fr43mAjR{;;HM%@{T9nNvkGv0V*SRy z!uduEra?PdAl(e@YccF^oWEtl`p()!TK2-1*JP_zxIK4 zKG&!`+qR3b1+&VtJ$o2i2IL;h2c4uQ|FKw7XJ z{`M)PsgT}>^finZPa*9NehcXzP_FuQdDaTja*&!~xhjw@h4Sh^x*XQm6w>YB){url zyc487;Pal4K7`Z{((AC^;gBwZa>qeh8q&#-ehTTAkiHM`Fi78na$>)R`7CY!VVDob zHt}LsNS%=Of^-3-|89qpem;OMLB=(%r;`N<`^01tSu%9u#0_EbkQM~@qusv9h;(8Sy z&#kE3$*^3ypcOKNrfaK;u{+ zikGS-%K7Xsk-i7xQc6>a)r2$)(jeHr2slr;!#oYgfxdh_UQ8_S#YDZmSWoKL#rbn# zxs;}GTtk`#si=n+tIzB0#R}m3i{**>da>TTUS8}As^9)NJT6+YJ^VNuWO<#6{a}#g zLq1;|WEsL!iS>he;&sQ6q0pbcHnBuVSHO0bZVvZNAoYTDJA7W%3;Ugk>5wjHGQ{$D zq}VS-&_8~HeB~jL|rZ1_iBEc6KUb4VW_W-JlXe%ulp_YUUWa9obv zgXaM+wrDT>p7vue76SPyLMqnt?|AS35iifG?qKXsSl{1J&J##++;|D;v7IpA`+AV& zVs&iaL6&2bzBq>aNn&$Hi*`Rf3ey&BI~<1xT6nRFSFk^{V7L0gbNOvsu%-*d^2$L> zi_arotoXcgX$V~J!S(NW*xy^*4zj#gh~<}@XUfBQdnw!>#y@nu6wX7%^PH~KkH%73 zi>EE6AgCu?hfAxf!F+OdOX;>J&bwMlfgiv;5nKmSbgxPS{{ud+2EGl;V_HgM%nQ=Sus&SRFc0zh?-j**mP5X}v&DAUU|!+a!dRo( zFt5qO)Xdhb=iA8|@%f^er9Bf~2>Tb$ljFlgTC=A}XDt$G;AN4PJ1NqB-{Ae`A(mlq zoZwXpai|_02b)n7d)(nyM{gJU|uzeNac*uh5#nwph1x^=7%b2i-n_1V?{k@ob)_0(ryEyMd} z|E|9sw(}-GpZ$0HCDs?V1J7R;*p3u9&uxS4NW&ER4W9REK|h@jDQ?$EsE4sV#~Rx6 z6KLlYh>LbDZij#8F9m-Nv$!6`?cd1)$Dc=Wy-MmcAL@hmzmGtDdO?~C_301kCr}@( zSA!~|KeUAu$J01CF0lO{LW+jd@jv@xJa`0brxotM80)_n+_(p0wK|J-9_az&I?NmK zytn)eyk`PF52+){!G1Cb>i-E(;XFtEs0>fxd`tc5L!L^k6s!;1b1iHK*0;D_vtc{1 zJwJx+r~u`Qc5T5vhyFep+VhV~ct7vo^$dZ}asT7?w}W!SpuaYNa-*r={&%~K`Kv?z z;(nP3`O{&!{~j0VP<|4OgLoh0*f4P)q~Lq89<1O0RzB_*jF10MyW)Pv`u2j)jr{@l z!+vPr1yB!67sGmS|96G?IOa#==j*!&f6+i3pV03AeE)f>1)P6jyt)nj9MdzDGPqtv zkB8$9)5q&X+Mtg}@dd>zXxzj5E;w&r1Nm}47iswkBE|UteqJBW|Cr)0k}+)o*K?RQ z9wE{zWM8O1em)>wr2D?b^kY^8{ZRL=#Gos&myLwK0H=aScnfEMQ{)ow1ot(S_$>Ib z!S}&2N=aO4T!~dvOI#V;*I;jOs==MWj}0CQj)mi-xIUA?Ee!RG2E%)Q|A}XSHyG-> z5}azN-)``yhWh1$;boHlEPoxm-mw0^z`q;TpV_RqeJZhW(62_on>(J@64y7y*Qdqv zpR=vSdHX8N3wMQx_FO-^5`&lYz<*<039!5{LW9 z(BJTQDNgZwDqPS1HLi{QXIvBIIia3d-+NsLLhHga;hqN%!M7vu-~T@j_>U(U{1lF2 zi@~qJsRm>GTZ28I{Pk!ln}u(JG!)*Y>m{5BE*q+{QD}I7jJ-04y)?jvnTdB3!4ujjNb=ZA_8>kIfm3pFl zT)vOmh;=o1h}s11$d$xLt3GU{!IRXF*g0YSTi73yLw(s(@(!2{m-g~yQhmO>eja9f z=rZJX(B9}OWD~g_xz#igZ$ZASz?l~EcOXB9vpBjpS%b4adKh^Gl{bzIyN1W7k+0D5 zVdVJdA|6k^3*X9Mc`ovMRG)?9dIci?Dsmca?`HDCmLk57>;|I-mUn_YznAbOa$T4e zVEh*O4~jn`KY+6b#@~{+pAmLzAllaivj~iPkiBVnFLIeI5pPO<-BY*?xi;0WJ9!2z zKZrblj89QPf7H8M#PXBL`8|bak?{}JV12A)x2?hsvhy$DdE_I|zcK%E@)Pm~@_kz0 zZZiH^FwB3H-2bZZIdahF!q>_Btit!nZ(9hzBu{-ItTq(eca-*jdGZq4ztzc|$&JW0 zGsN;Ak;nK8cOeJC=!y01Pfn!%3V)##{$=Q=DgWo>0hIqs@)XJ+MScmh2P`j%ymoNKEi9s(NzEK&8QY^g8GkH}u1@aJTf`fY&Buj5B5$PicOj2W z5%K=yNIG6ekSA{y@z2RuuE&0u3VYjBD zeK%42dXTG8`+1S?Hxv1rk^?6Rw;{jxR=7KPw?%jm`Fy7EX!3MAKTal}qxQu=&w%^; z;xUomO8)7Iu!G!!%9}@CP5o&(*_Ya919{dNv3wr4%k$VFc*7gaHw(FouSa}Yk-_fF zm%TRltI#&AJhTH`zv$l#fN!IecB~5di~Vp{p0#6M0%&(8!;qRpkHaIl2Bb#KfCA2e(H+W8HSN4s;X`$WOHetO@5U#Hm z%OkHl!B|dcFLs1nFb?kCYrR-LdBO;h{~~$OXyF3#kfp+R$m787tQUJE%t!2k!Pf zRR%E^`6IA9ysc)wFkSBsW=sC#)&KFv|9FSN9`J6%qr&J7J z1$g&Ts6Xp(i2nc%GI&$yXUspwLllG52k$ z9vt6!;P1)s>L7Nc)fl#pyZCq?%XW(8S<`fQN-T6NyGpLH9zBk|t( z_l|xdtT%%G#>xb;k>m$(J}UcOAPXVad<0LEDS<4K{0*Eh&&Vo#_hWkI*q;Jj%63U7<&{tow>Kd`o^;J zFdn=O4Q36wi?{zvb_%S+{g`x^pR_Z7#qRKUHcPR>?`^|ovZp-mVzZaS+eO1d*gJ}! z8I19-S*ee3c^8X^_If{THhUk8_jl%ltA>TL56B*m8LJr<#y%uh9D?l~&U%waa7VBJ z@)kJGriVttH<+TlQm}pKP%@TZKP-|RH@H<;G^_P-$@)JDvoN^v_)mQXhS}H=@+eq- zOjsQAYAxa+E3iHZtgpdU!{)G|VBEgp5T6v5$U-PSb0y|aVv&Y;&9G#aOK~iJMpz0{ zeMR|up26MvFbDtk9oy$KIDdtOIay7LzuJIKWlhLtI6lI{(pVevgG988^&scL`oqG~ z*#Pp9KhPO$BpCPSk#u;fCM=VGn_gW1L~sm`i|q*u%Vyc!8EhTw-}JD#Y?Z-@Ve{Bl zgTD>?hMhHdb=X2y1jg-=V0$-(eaBw#csBb3+UsE0QZ}d!#$Bx2r*MBQ?0Xh~mNHnA zB)ESUwvwfRv3_{J?MB!tmeU^dXEWR%e}=7POUYBBasO{%>&Yoq;9KIb4Xkwskw2*t z?vIVkpS+g)M;2!A^w3Q#p8NwWufR>tbn>r|zfAaMwup@TyHfZTb^wg+iLMpCjXj{a z7$0^qy<iRGq}Lu-r+y7p`AtkEinFsh3#kKz?eS~ z#?`7}2iSD-+D!C87D0};pbxP`@}-yP!z_!uu?XAi2wP0{fq5)?E&29y;qBz}Z-n!} z*#1|*gTs%o;}mZI^JRZdD&xY+QZ9d2H$a%28 zs)n6sC&{bfddn7mfj^Ce?OQk;*LRtDej@5?hH*1B{3`P&Pk{Km@ZVSt`OK&A?Ns=6 zwv%kR4&Nq(-(dJFK`d`g7P^oULlH38#D{I3`Nl(C7UVRvknn#q8 z4)iQ>#|U>RpqD6r&SA!SM^um&llLx0!`tD=tKod%AK@vTBF95HRl}-CH_0ESV7#jI z%HXjPA4uh43Xc23_c%OV8BtC0Hh6ky4e4WY65QXI7*RtSO8zS!{u*&aEh&WDegQm% z7*Sg~SZu!jdeQ}Q{si2=^`#>6Q8@d%A{t0z`iS*!gnBKC@Rm}@Y0&=y!kb77$ulOx zx0n%4rA=VC{$ux-;r{fIO2a$|>tFo|9?vbM+T^Wpoe>b;QfftpsSdc6)PvlT`y7gG>)4{ku79L}4OT@=g0=exOw6F9nIT6;kC8Djg1&r(e8qQ}`!`e$nc>EAc z84ceTsU0M}AC~80b5dab8PQQ%%3VBv>?Ez>j-&Z&C+SD-Z2d$KV@D(4>uLV)kSfaS zB<ekwc|Wav2z3ll4y}hry}(aA^q|>VGX2=ZpT*CW<$Q_4SS%Ar+Cm0vH<@`I%JL zPpofub$IF~a-@`RaA4$UDSV(P&&!G5*Nv6zXsAEt|1vT_f=j}G9344c8p!QpcW=Pc z8@)=g*jgeEOAabt&7;ht|NxR4|$3p*# zoFTn|;|#ZN=OQ?sBEORA!g&De(*pWSVPuGu%kARv!pPZDD}Ri;SQ8k3{)!Bj!i4F5 zNraTkox#S+@UF$k2&vKt%%7mgr{VQYlvD#PC9qE|kgzCeFd1HG!5s(InUx)Q&X@

{0c9DzF(0;?JcDl8VUhTi_`! zZJzXoyebOjV^Q;^;Bg{9+8VV$Dl|AT>RZWwd`UbtYLRr@;OwX+Qs)UJ@r6;#q)i4d zi&`Ny3@nMSiCQTwFnD9sYRMhi4eO8V-yW4K*$vK%`ax3QJWw1z9JOAu7@QxqQL6Yw zN&HgOCTXR?H=?#k{b1b3<@1tp`?pEK>Jom<)VL*)|2Nz{&LX=q=%H> z2K~Qk^dYJ1bWz@g#@K&x4E=TVWod@NanV<$DDG_b zxfeWL9Q~V=!|h@NVLP1B*Cm{%7O!tfbfFaTWl4EUqJNk4uS()^(RZb~{Sp0K>Ni`& zy?Vg)Ps}SRE>yS$)ZabkwUo~t%U;3pR5#|WG$|b8!XL&k`2e?-$2-TEb=QynYPhnKABiV{!oayO{EFFN0Ucyf05Mcyo-0 zY#|Sxhuc?KUQ5RD>Zwv$K1}|oB0S|9Q&}z~`+|?gc*-*D7aYIgRtozCT#XzFJ{wa- zZcE+=z6c&lJ^=nLrmFlE`AB8B-Ui#r$H2jzKaf|G*MRTDd>|hn{{VgvQ%$}>jw}oP z3H*i}1Ky`pm#bPt{li2Mz>wp&d(nH&MuEj8t3 z?q4ni4 zTP0w;xP3aw1G$U0zmx3bPSAZ%!u@GWC;1x@=kqX9o;yMBwGsX*mUXnej`9x&w+C;d zcv1ky$H;jUUj%LsK1%TkcHIAC<70>e9s<;&cM==;h5xk$v>9k}jrX94n4u{_^j z9&DUk9gYL&|J=IIc)5qLzWXoub*)dJJV2N^8^YhBDiuMdmLeIc(U zi|;ok%NNM?Ug7aRS$-g_AAX4YXNvrW;z!{)U!YBqec(KT$D`j_xL;p)s=S`8uZCZx z)D4mw!ggYO)*<){W$x4E*222=H`oi{PUQ3X@U*uyUG7EsasF8f;&&*%?G5g)VEG~W zFxUh9hK%Re6Fy(cH646?`WN7<<-U@e2(!&l-a7XXd6E<3Ru%-u@6~d%D;PGE;1|Nc6WGM>jV?x#r59#QhZG~vBZ;d;(JTF&84 zVBQwoo){VDA=n;e;Mabo+^uqFxO7BYmtcFu%9F_M;Kfp`>=fqvyN5MaUdAo1hg{_n ziV@;QL8JuLzkPFaI{!JMFzKqP2`^^|k-;mh3*?5dUW`|V@oIzhTX{YC3LM9Ktc&IL z^F=%jK0jhzDxW1^o&vuvvo4ndz7cVBq4j&&e}V9VKJa!R>nhn!u2+$laI%=M?v%%p z#e8+AJV}`Mmrk}_@=p|R%;&GW<)68&`gmx!?QFMvn>$vo+K;gww%zhWaz3>0Y0GZ8 z>QbzKg1(7do7<}Y1ongcjVbJ^#CuTcvnZQJ9Fw1r_i`VXZ>_@oE;bp?E1z3W$WPEv-@(J7 z6x%Pd?`m;>=SOHStL>y5494=uT*vLnmtT?a!Cpe-Lqx8p6vAPO#<6g=i=*6OL<#?UY;#+7W%U50-aYUPgWsj`7p7 z=SC6F%7E_|ZD-^(@;>mlwsUgnA4S{>_Oo4(yOG;MzU}Oye3ty>7-9GdkFT#2v=_#G zV4T49Cr*R&f$gH43Ht?o_zL>6{E(ar@hlcoi6T_St@uAClLsLl?-F?IOMr zmfvT)AzvjA-m5-0cX@PxJQ|auE5_ z=Qw|QAvZiK%ER&hwB>~y!Yz*1TecT+%VQW9er$U!cjLCQcE98L-^xdhi{%4&e|syp zg7YT!&pH&(G&sTbR(^tp_WqKOm+$12zX%_>gYExLJ_+MI?+>s%{03WoLcRlb*#4IB z?XnmTfc)t;W}0+bI0DRKWs@h2%NYMN1?GFPswsf{3B+r}YNj0Wz`Iy~-Bj(o$iI}= zS2yL6CCHEQxC<2L?X8=dToK+6`EzZ$sm^c0e@ut#uh{oY{^Ti8{uWzlQ%He`dxAfV zEo&MG$3521m%F^l_lEEr@IG5b)2N%mS9rXV$)`}5aaS>=-4gx)>gTXkGgX7*9?QE4 zK546N3W5}!3F&!T4U>D3aCNBv#h4nV5QDGUYMQQ+`@!~{w0W7%{wea~JZd|uZ7O&u z90|++6;s>P>M!9o;4QW~rjW#u?U zvsiDF{tTVK@Ap1cyiIXr4eEu?CyV6Uc>z2eu}rL8(G{R@iql=$Fif)uYQa1 zHrXjI?yq>8aw)zA;%6a#mg3_6iMQzq#Umgd+}Yby4aQ+ypSVBbZEDXQ%bG%bAJi|9 z;^O`X)Su!*Azs@J)<n3;m$<%IRt4hkAl{xkfr7FZv}#r+X)(=v)L!SzGDh@1rd23_%$*dB4e#oN@1JC->izbC{a$x|Rd zdKu*x_gB142Pl38@;AfsDc&*w@2_~9O1~EM&wzO!x(Rmz6ZcoVP5mgo2IAdd`5=mm z`zx@&C>{gx!4S`-xVWDN^?xJkFYb>uHU*-kSaxPAd> zxvAn?vAno{*1{BshUGg${Oi~cO_>xI_s3e93Mu|>3LI6jADJq?6U&SHU#(4nXjr}` zEN_qXHDyv<+<$9pDx`RGh|i5}XR7$OSYF&;>tG5*!}9l`{3Wp+O_>xI_s=?;3MpO| zmR}p&#Z(bSMeL8_{#aL&g)Hu;bu&FAi~D2UO`Y*Q22lPJSbke<57R9EUV{YY6M*-} zdYLl0W7!Ibx3cs$Ip8`9%NO^@`j~RLW0^S!@0ay8Er;irF)r?p^)nsdj%AZz`97BZ zrripU^ZA~{2AB^1$NAjZOpb@=i(&_u#QVgBPsI*2eWK#>!oS51HBB=3LF{nTCT1;1)AV5m%;j6?5mpac7nJ`raVKu zcia@y9fOC(1(`hIFGCgAZ+zSglaIk)#eHcC=610u{o(p9Zk9=hzg2|!eWAW7akEW6 z2G5NPGYvC%SzM$k*x*fZ(WYhGE*7y5#+x{+3I2o|uWzlN(6OdK?rb&-&I7;1#hdH~ zUyhq&+F# z5?7DUGL1IaJ3hx0YH-{5Z%nz|E_N~x-a-`rovB-CvA)HyzMk=mO;^cF*Dy9TeyNF- z5pi@t{Bl!G?hLj#0Zb@ ze=sGYA^vDI%opM}m_ptcZVBzRFn*(HU`4cxot*@4xsKm#O5@I8JD^{0h~H}J2EXjZ z=iTsr@8S5}rbTEdZw(w5m*ewH6)TD5$3p+V6~Euqi+p_^{3<>Eu;~c5=+9*mem1=@ z_=AMwrdE}4c@g(cIB5znxP8JY(@Ju(7h`=B&Y7+n;$ssonV6?o9^+FJu9!NJ@%XYN z6qu$O;*Nwulgkiao^Z#s#Sq_|aL@G25dS&hq3I)da}L&T*f6;NlJLazIk$`byc)iL zNqAw3H8#`YaMr?m2dTeMf$oC=Chb<8guJEx-JZ?J1lC1ruZ z3+7Z+3JhK|r@Hc9jgsZJ %|v3?7u& zQCV+rKw@X5klV#t?t|kcv8xhL7t3?8Ke)RqSGhA-dI9`AJh7+ZUk~FMY{(LHUqz`e z{O~$sNr`?+FK!px4(*?nI9RchALYUEk~mzsL*4=9uTK0-8QK7scd-c*;Cz!fT3J9| zH5tASOB|yVa%Zy$FL?V=Vu0e=5c6lV?XdrUOAJ){kuiQR@e3u+5Pz2#q--<9OD6>@ z*9`I6Ng;~fNR)@mw@jL?^dn>WJ(407JGYDd2=Spw7Ud3kC-ldONpVV=w^$zYha}BW zwiz6ql%)J>a8i<8xnuC$B&SlXF)r_7<@Uk(Jjtcxl23AHDD9h+l)pA9O9?i3M^cWm z%-|zQ3zXvqUrPE;DczKpPxrr;D)^=^+<&SGkI$t_F1M9!y9C1)TcOl~H-}+;V!^*B ztx(1_M{noTqdrKLkgE zhmyZ~3E#IR?^8yRlffzAspL9v9lM?Vq|7Ayf<3@F)OqVy$;`>98i+1#=ExioCQqe=|7Rlf&T*-<5t@_X|3`B_OLx8Uvbv+^Ce zh862~O!=PN5$plpLVgX~J2K|DvWNVBB0isRT)9rpNPy>klTRpj$!oy5;1}d;O|kr6 z6xLd_&m*u0xEz^nhQEiNd{U`Q_5g1O`*O$X3tqwVkIDJU5ON2YFTwpcWh8kb*aI9W z%u>Pdu1qD791Q*YQ1U5d7kTkC^l1hDBB z>UkxI{PYBte?hU37r}ju%gGm%Jo4moj1_RBo3rgKKqWrrMzYXzG$Lov^jFDgs86ZF2{VS8Lw)^c0fcDRm#8Iw{Z;;bypPfRJ7 zmC|j+`q5=mepS-A6BvGvC9!LYdwYy0FnnIl1ALV{58_Xi0;O{Yh)Y(M4f8#T6(~2* z|9n4CpuFMEU_mN8KbcaXgmlC>%qKN?i(ASKC6|1=EMpB*ZYpocgDSxDZYj5vsh!07 zKi-Pv-&W?3o4|DwI+t7u=9B1MT6Grd!}jn^ zxvdQ4j^*vuJ>{-)oZ_N=?kQ)xi2R~`?kPE+2(N?n`K1&o2gpTm{EwCHE2X=NxaSJ2 z?|mhNe9ue7cagX7_Pwvv>W29<*icA5O}Vf5lWWRwyrul9nq^x^Gs<&7VY;;8BX?D2lLgGXG#z`3HnO{coTOvTmLPLhbb?VztQmh+GS|} z*I}=e4|)iH2G<9#!(J<`$(v#R^g8T~GKB2s58tn*yj8}N_k$Owyi>j;V|go5{#G1h zEN=z;{AU%}77lOy50lhi3~m)>QXd;!KTK6Udy4vC{()hd+JU?P>hnpMn>ya$`eCKi zL^QPTS8#v(byyj-R&R7R%W4GQucnk$gUPGGyHm=md1TL<@V5GtifXC8nBS$}h5K@& zLMy4&gxO9Q4=;vQQrnXs!~MK#T4i-4H#{E;@$)I3YOujKQmU$}$!#2P{x(-rH_`I_ zli+?;N)7c6#nFk$@JndFi(%fXKA^d>dG0J=7$MkN3g*g*{al#b<%*gXdEm zzi+&q+)G_T@kMYv>{EKFx!kezyj(AJ6Xh4*2li5b66W)zSbHz^j=^d6KI%uG^6h84 zZs2&(PaSIT+t7aME`#UW`>PMQt?bh+n16uUWH>HwW#akH0ct<)1m@4j?*VF4e~cGD zUpzn!B>Q{ecr!p<$(_Ky0f%-OpgtzM;Jzrl8(39F;PMG<#C2g$ZutJ|5sd${{ZtEi zcMJ4D^$EES^p~fz2dUjY!{x1PE995hU^SDR-3;S{)nOw=`MADi_95ytGOll#eW)7G zZDr$Od)L^9shbV?{cOY42ZsE9Hh;C@D6ziWahQLEI-1-J`tut5NHvbU55}9#_R;G5 zqf6Eg&!?z9WL&>H8>jX+#PjUq)dWL4&ptuT2hC6}XeTMBZRoz8SxF&pp@_Y8c_L-{cW5x1j-o8QVaB?NyzSGn+^1beuf4W*a zK;+*9$IH{%Gt~8H3BHdBfa^PZu=<+(l<&VU)rR9l{w`3S%Dz(1lDoluQ-)DuW!Q2V#D2!*n+e6ev20ylct?n`Stvyt|YH%q>xcY|M%36`atZy)E-#Ev&YOcZ49gEd=K_Y$;wy(EinL5tkVU87Q zBKZsGAH5wb)n(H}e)KTMYW2x<;cjre^>*Z{mf#W(bNrw-`3fD&pC|9^wqBjYEw(qp zu|Z8YINtH2y53-iW3zg~;CYU%Y7w{CUWa45T6d;cA8!9V$4+$=8Mk-2W4DTb@d%F( z^hQUXihr30joa&R>{k~XJkN1ZJwnFqb2tvGg|kF{^gPE=wbg84++K&{n3@+_;(3k} zYEU>@Z0}yjNp&SRJg)@j|3i*^^|ZnHj??NxgD*PHs%0W@d6B=+ab9i0ZDsSv!THv4 zQ4KV>&~aH^K%N8J_t0@wZ4xQ!gMRC{rtT!0V7$2KxS?J*xX@9k>QN$pI&9xX$8A-K zE^(pbj#@WHcp7Z)MaLhi#ZuxzN0Iu*iWb}Zp7Vj)*@hPNFYo+Q4K}!n^O5Q_xTf>5 zy20Q^&Zp{GZn3>JozKRE$3I^U@i;zWMj-kMIyoMdn# zr^&pYjN4n&shXF?i~Q(DPR+b4K^V8Urqj*ro><~W&Qj*YB(&Jx-p(@Sd~UJ51Ds{y z&tPF(_*195xrV``oE6Mn44&w$Xb$8S+dIlx$-KbeiB3=RSu$>Ku(PT;Fh$e{9pS8Q zeoV&g9p$WLu3{H)^h9TEb7wMc-zaBYb1R34qbEA+oBKJ1aeGHO8=4oTmUyDm+wAE= zi|tKtHZl8?u|L1HH#J)gF6C%$UTyI2_7>)|++zFQ+FP1Sr;GA&f0lB5WbQ`B?Wy8u zZ9Z#oLq}Wlgba}%x96?BgE`6IQjSjM_1t1SNpW^DUp6?)+132Q;DyfaW{*rPPvl?a z>}hVrEyk0D&fexAgI78GnwODr{MhX5Z*G+(>Vy8tIncbHjN{2d=MeK$R%gCR|cs)Dbe8%9Xv&WlDFBI$Zg!-+qPcZA>3Lk{?)f)Tf z=HTy2;z#XYn0qZMi66C3Hb*W7LwyZO`PDS@S?*Xid@(-nGTq!_ ziCF&GX59ZX%w4!ee)wD7<^Y59>|dGF4ED3lH18$1oCnV`G7gcV3-e>8!Q*``>?-ZK49)| zFw6(cA!K|{3d{%0fh$CQG|UIgA>V_cy}B+&JI$?Dinu@Q|F`xubL6TLmvW?=U#v!p z{qMmt&F$Bq#rVQfv&<6>)>G%2;|wmFI?ue=V9(TV%zF&3ox0F`)L`$_@62}$_DNlA zer#~t)TL&YE9!^GZ`su4W?zFnQ@=L{lks@&mb%K!){6XSztmiFDjARGvZ?FLn+^6% z-C({-#__3a>W}7&KZxbgo~fJ7FV+d;cvUuat9j^#5__g@H|K9ei}q64PV-fR>$~kT z*ZL9Ta6K{x`{!=64>x>&z6ks09&;Qw{9X?Fr=M-Fd4(arJIga4FgVY?&+NHLtRKe% zpVXhstH@uE#pCmUIiK7K)|Y2LXinQK^4H`(WL~+Yq&|MO!{*oARu=D#>px>pQWBOf6r}Y zh5UFtW!__m2d17eUp2TEJ7+Gtvt;?8)C=Y&2A6VNGWRh!JoSn>&|q8YujUYLE2{p)bLm~UezANh$M5E0++sX`Y`<%sY4BV7J+sT; z6{+{l%V_z#5blsGHbg_wr^MJW3wl>6`n1J=g%Ea&EpL5BdO2LkrZzL z_X8U`UYbkq5%oi#PJLruKpq6H;`rO#WUq*$8#-id7rFO1_&zUH)$}|ON0)MF+E9bv z+TFB820K$rX+`9#k&InWEu-l_iRICcQp;;~_m@~o^UyjUC~^6;D%yyH!g&4)O0BNN z7+lIxQ(JEETf3Kb%wT6~9qkDj&u>Ag^|TjBz1 zR7w6eY3;Py26s*CpfxqPZ(1jRUt;!h@N4H5Eq;)3a_}4sbh}QnBh@;!24bw)Q6UOnd zdD?Jo+xZf=NgJWHx`-CzVMN+Ut+TS+Xl)UU3DP;M*h59Pn-{8G~kMgGQ6{(H`^v;yu}_I)yXrdIb>$@0CO zAzBExSiZM&miC5>%lCGEt>xdw{4O>F?r+DZ&DQ$;juz$hc7|(q^2%G7KSI08oxreu z3C>8Z$sJK2tY3mNO4~%n@)MlVTH;+%{!J*~l@_BZf0UG;;IwJo$XI@YGgiwaWBGoz zIIW0V)Zfn*uZ7+d>%;Q>YzbQ5B6I@7{c+McN3(N__C4uL)co&@{J1|(I+L`Z2f~Gr zUt-DHF0=%{UxfMQ!n9;<%%7sXim-l(IkYfxORxtxm)pv4zUF6hY6WDRkNMeBwV;Qh ze4Kyz+0wL5k3@N6W8n8;p)PHP!9~st&2I2BXO?z=+scMO{vzjGE%+}{-VJ!3;+b=v z*5$D%58Fp&-)MaeuJ5)$vvZ5~s_(W?tM)`JkL^|8?OW{$x7fe+-M-U&pNjIZ{g&Am zY2yrbhi|>Y49>GJ(Q>%O^-Z3AsdkKv<9(ienf8W^<8_{Wxwhz;SU--(dG-~W{kgCk ztj{O)d#&n=lJ)!9R%yQ6qI^HwYHcbR%lEUb(H4-gd_P;R7WlHHd_UV-E%H@K`E65w z(B6BEj%ADZ{AayZi(B;Hh_nrwx51XQjam@5Xg^EZkJ=kDwx1t*61;(za@&4Bnr%U9)goS;yz_d$zP4+BWWNmNyN)uSwgf z6>*E-vtCWxttszteF^;ch4<3-YCXAQ`R@<^O3TxR3A13h|M?a?fgB1}T>G>%?)~x- zxZhsdwO_l)eTd=jS*y4XY5{*^`Bql-8210eS}g`&)Un%chacki2Zyz$!V>zwPoZ|@conG`dQme#@{n~yN+uY$?Jc^ z{(VAIC0zcxln3?mb^W4MzCmBz-ZTR zn!myEu4`I|!7f*UmS%8{>$;X}@G{p8?TEo^TsO5sgSWa0HKySD#rpDGx3p>o|Khr> z`5Jt|^}9CI;9IUcTCl+nTz56Q!EaoDXe$jirQg#I7+fyBNGmYdGyT5y#^Czt4>V7; zq<&4)|I}I;+$Q~@HqhYC>5sG^gZribr6n3XB>l0r%;2%RSID=QDztI*MyfOW)w#(q{>F>0Q zVxr%@H!oLgRiB_`bP%eOE>AA4gM=#(LXo%UAn3V8?0rR z^(=!uGBkaW!8I~;{h+~3GTiihgFni6Pk(A~*Njp+(@W~xC!@4p&)`op%IH1@kIg8n z4>NdLMmase;E)V=J>FnTMtMEW;5iu;^vwomWW2BE89YCuqJGQZ6&W7-Lxb05RMI`% zO6t2kqq1Jh;Jge^y}QB3Gpgu=4L*}mRUc*W<%|z>tHHN3s_Axv?`KrkHyHdfqlUiA zV3t`^FBInQ(0Y94V)i8%WS5zQn-Ba z`w^P!0JJL3H_i34Jf5J}u;O^#LcdDx2=)Nq66W7W=cawAKQwq;W=nl&X;D8sUq)np zq$hG0pD$bM3%SMbzwMcA^p)Jj=eu_Lz%saeEI(h)aCOjwxQow^9rYrLk5BU|!eKAhQKKTG+C!1=}wzDw~NuW^6)=|vP5=T|?Sxr^=B8sq%HPk+KK<|~&o z{dCXr7#F^qIY{qk@Y~EGda%Kzvxe!*46cY)ZlWR25v4R&Qs(DMymlJ&W+ykAn@wyZDoh6W$bnyim9_)6AP-C}T2)--*S z!E*Kt{i4C;v%l0!S1c*NUiM7g$KY1kv-CiNdu7ko6Ad1o9j5OxcxrZpUSM!|c9dSx zqojOic8u<8@WO1X9%S%_>{vb1;Joa3eVf52v*+kV2H(t1(%mbSl>b+Dir&p&^IV5M z$zYGUsrmwg8_jj;`3AS0o1s^(jOE$rc+S#maf|*kaBj99Y4EtYIr?Sp;^Xm~f5s1d zKgGxO7V3|9+{LCB!28?geyh8CV)`jy()L{@xEAZ{jc~^eT*=FpUeTaT%Sbw z#r$izUPu<}TdohSg5}4uVYhL9wn7iBAv_rTG5C|ZCF_5$-uL zz@5#aFTApgvzhRFj7@WY(vOh+ z_v7;W^*7`phvEJ5a}Vlgy~X-JgZndw=N{4DYYc|x?QU0x-xtk2s@Er{XQ6-AebKOe zeKWAUV|oC$i}joh??0M*LZ2#3&#V8UM{*axAM_VJj$7RCv)B0huc>ejco=+Cf zPoL2*lEw4WXY}i2@qF}I{VuurQ9Qq$)&C;n^UZhXp3`5E@%iRI!KNnIUJ1H*{`kCJ ziY%T#KCf3Ki|xChS0jtkIt*7nk&* z+*bX2uphgmkLErkNjvd*|I2!S$WQCLs!yWj@$X@zCtuZr$>YE|;IMz?|5Z=?kJBiB zLIOU&{;Qs2h<}&-tG>fvclMipl=6%BJzdjJ8R9CtrWa7W&L+H`Ezs|9@0X7)!Sh*x z{)~JVtXT_m_omqX`{i8lv$@yxZrq31O!)o4>$x}dzT_2PDW^~$OwI!9Ik)u@+@ilq z?Dv1huN!dx)98IE|91X=;y+M)oG6c9zn01QT~FkW)z8+%^L26g2g-QC{Su5{YKHX} z`*V7e;`kvIe=m0^`HucKkBj;}oBM~ZH^=t)7Wanx-8sx{6Zt53QjYA_`9rb%=0IFtb(=)K%58Q_$+&A@^FyD;MadW%Mz5hM4P0R9bKHU4|5m4Ua`W4&)KF0Wd zx#ySge$NJ#|5;x|0Qv*BHmxy!lezM6eKp;>aTkw2wcYxOIMu&4Eq_oI%hz@r_^=AEPdm3FZY%oc5YGa`SP@V9o*oRbJ!lb z*gqZIV!4Z#@8FigUEF^`X{T(9K(<8osAODy(B54YR2zUI*Xx3eB@56GRs9^mKX zKD#j9)9r8ac(4Z;8W;ZU*LD=Z`%`jyx#=CSz4wQ0=aGjMvP7*C zQ)Gk?S*Z3^YDHPu7?I^6OU4J=Y@(KjqFN?o>A?~uU$V->C`DgHN-O{CI@fjfd0-yC z-@f19_y7O@^xA#(zRq>7bDis)bDeXa``q`ZGW|!1`&8mBfcMYs?{3cJeFOW~MPiV< zEtTh*1@-@F?jUzZ#sz>+0*+_-Q@c@quseaU72o&xeePiQos6l!4RQBG4DTP~?_Aom zhq>XCg#zCf7zQ{zd${|Q#Hv4ybpIi-iVq{%-pzK3Uw}JF|5&KK9(Fq!Q+qw^HYGmb zqV{>%eFbA`zlYu764U#DlczoGPM~x_{{Nf1H)HbWqwWEW$)73ip@d!J|FP~QPAC74 zbwA9Q{F~~2j4|m?b7x3AQQ-T)S4T{A+qz(V4hYIW**#L?iSm8b?Ap(}>)(v&lX(3y z-Mw3472l`3f0THWPUB~W`zMJH2=dPi_bJBYpBe57mM8zraGzyN{+Z#n+=At8cKcv` zTqI_=>qtD&HLEe<1`?;cmH@5^=`oysqa3d@-LahBTaMS6?i)G1p42zX-BscPg8Vtl zJyPOLR*F|Ixl0obq>sT zO&ytmG&e6emrWeJ5r`^)|$imerKci+{qGevW|iF-PvfP+sEmhApP;E68BzCpAP98 zntbSP-d&b2sK0D+cb0gQ6~D9DqseFPyBT|*gLvBTbN4`r56SnfcQ*RcJ(n@rv&;P} zVHdUE9{2AOtMRqRZB4-PRJ`8f_6Fek*?ZhgB|gOKhp*kO8PoXt#(kT_D!%V^_mFs# z1>=2_?7i+j5-a`t+=BveO|j3N!TEW;>ds-z>s9wL#=Ks2hxhQ?YZu?SlO$H}V|?!} zka&)3+XOftko~>8kg@ku!cbZGx7kkf(f95*W%?#7+55eFt;EVdhuxn@te&48cJGx~ z)%URbh{URXhb#L7)yI#iK0j8bQ+?_!WA6Th< zhwm|D|Ll(GN$FRA2;VmXoW%G(NPhsZkMXatUd8n7j0b)M&yN9Xy(oWc#;qCe0(}{f zK1yPEpF0Ki2LM0A_~-3#zn^{5?UNY39}erm*RxN#4>Nvb6nvj4`xm!%H|kFpTVVaT zKKr!tr}w>QVE+O`;7ZGiIx9;clVTdvy1Zo?oK8w zDF5&77bRBhTj8EZ*p*xY>&uoE?mWiN0^Xkehx;|gQTlOz%Sr{Y%F9KJ<6lLjQ(w@){xF+Y|aB#_52MWn1)r5a#*8s{bl6 z{JuTt7xS$8wY|}QbHqb{Yt6Ik{TY7=IA)$x&tUvE;4bsrdMV>vneNeTiIo2biA_C@ z@esJ5d3au!p22tkq)(q$LoW`%wdU2-Pcp6p>9yw7(qsCNzSD(>BlKa6*GgPRe}QqL z#C7$z8E=vJYJDH$aS})Ap1!278`x88UIRUzG1@_J_ZxsaGLDA(t1kfeV%%XJ?C$^` z!FcJra6be18OFOH{TSfcjIROxzXM*z_$H8d%x|NwXS}rt_A>x~$v72oZNNV={{9_! zo(x#)NA|XX^ccXk7=HowUI(}Z<2ryl1HOgvF_7;LxIg1*U|(Ork1(DN^&1L!65}zD zo(y%T@&jJ3L@fN7>Ou#=g9tq{o2kh=o_V0lDBR%6Kb?j3uGiN=FK7G`^p9(N9rf^gF@3h!0_kmiH|lLAp3L!~i{6nj#fO{qc*bE6 zFVb4xq9-u!1o&28yxxcLRj{9VsO7EtAja(hC;D#Fhcn*rKHNXHyj>r~_z2+PzOMQh z#uPv9(8n{T_;H6mg)zmCZu(5d6hFG_*@QWMB!EK_^7*)*b*H|CaaX{Te0Sc9>i6`@X&|7c9@>t$4FZb44bNbrGXm6t4f%ESMTodrkoQ~%=ymR~L-59q6JSwJ- z-kWg>yg&W%_`dqRoPP@7Gh_PdNh<$y@IGCZwuijV21`xw6n zc<}T6^a92sAHw$NufNVX4e(u}zy22Etr=+l0R26Q(_Q6&;rr(LM-p$=@cymPcds5h z2>l212h5*EzQOuRiPii$RDVa}$*#TNpAs=t-ym_i>leUj&Y}9p5^t98`xpA|*UKnf z;O|zfi+MngAB_6d{5o6*0RJ{sqxSP-YQN!nf|OVL2P5=EiD!#quy3<(gr359KHyTo zt4Q7zCH?WRUc~qY>5qr?5{WliyKRB^>`T_;@Q0CLeKBb;?styT!-pWADEdPBG2bYC zDP#Q3@G;*b`lCZB-SHZ>&!hTD#wP41RQN{gDfg4U&57vm$MvPd5YHCv#=`GKGgSHuu4P*)31&8)W{8t~X&lRwTyhA2HqtxF+E3jGJu0^i+K} z*J#SJxy;aak`88_cXl?r#~p~?=tlp zIDLw|zsuBb;q>v~k0SAc-ktF*z;HfMPh>p!d3+u+T_4E!5x`+$y8ZxT8Xq(CzcHrq zF++cn@e4UPerD>=GR_BlX3R|eImR^pX6Z8+)A*aE&t**e>o4j#j9b8dyIs7f7ZMg8 zt0wv`m|f|gZ&tzlw_r{sz8czN*n(_5>j7&2#!n;m>7L=_zrQ8n_*57o!*C=nW-KceMjN25?JGr}3Su_hC%qJ69jfn8tUWKAbU)@4QO;T7i9L>|*^9 zP9Gr0dx1WN@hCao3-mO`6c3i@Qy5b`SfbBjd_!|=&sX$p#$5r|1f0kC;~tp4RDYH6 z0l+l@zsYzx^yeb6Okb#h;hUNuL+`eea!J&bWQ;0(YKjC&5k z{<=bsVmuIVm{_4VW85tZ?O&<4VcZXJO~6np{M%HG=C4(HN13kfCs*lRC5G<}*zoz( zDm{(!hwX>=30l6PPhor&;Poxu&}T934*1HJZ|d2MdjsCm;!QnY;!Qf0w_0B>@nqK< zuwGi)WVQYw%WnW&H)gfIjpQvD?;{ti(Yroq0ej*1&gQ}QN@LdRr4J+CWTE)5Q6H2n zu}<;%1N{NU6rVrPA17>~c(qxd$(Z8Xhx%2cNFT+wPxM5_G`>F7iyxtM8eiM=v_}b3 zfBr(xl~~OeU+T*UyIMoMEfQbqs~C3%oay^gf0uDueQckd`umJu0G#RDsc&IS?e};6 z3&z-fnZCd4WsGS&@6yW|<9JT>?b44jt_kbG_?X@LDaOqJf0Mmi|C2HK|0~@w8tXIJ zh5nzmV2@snaXX0LM$0n27UP=%&t34fUZ1hpfbIQ_-h{CMc*%lq_1283fA7^hFvkA9 zdcj`(X2yTW@wrd$#yIRwtlvJpH{)_SKKJYQGX52Crf;9j=%R89MGR& z{Fxjd<@z&>_X2*xSFTTHynZl_pM&s<0M&m7;3s?s^_L0r`t6XuC;*R&Ii#-+z(Zob z)3Y9v`K5f@W{35Wk0XZfMb{T%Ps^WlpTx92c(Ua`^j89~CXVYXB!>0*8oYl#uD>nu z1Q)J+rYmJ=cY`3^(I5fF}X2&bZ#^xSw*BQJZl)z`wkFmC=Cl_P=3zgwdSwcYuF+Il_o# zJOK7n)27un;v`OYr2t+RQ`@+e({tr~RLAJS_zgK9)iL@qUIG4#kBKyGY&AO{qC!c9~tkL`L8xkGN$!IeWQXg ztsm+e_EhrU-k~_ZM;Ts;(_M!F-zB1qD>=O>l$SQ`8lxWLTLG_&xyESBc-|(AM-7Y) zjNkki#@oUM#sJ1N-WnM9Gp6~jf$=b59xu_x;{n(@E!xNlz)!YpY?K7x7Z)})_KrvU z)5Sxup2=I-!Wfd~$0ZA6jS9wjyWscG7q&Be6EJ<2*mfH3M;CT5;3sG#j%*I^+bz7o zxK-kGaZt8zCnJgRbimd{HyLFte<$>JeNks4JcIJ%_ZVw0iZ`+uXAOh*Ef(EjtY+LL z2lq337~2@8ekm!+idUhp%8a2^5fmGUwO}> zUX|&HM=ZL#68{1H_nAe#D{;+HxS#3AHv^s;kp3gY=ez(Mzd?vqixMmI_ki>bi~3aJ zD&2H6ki@P7BQyhp${2_5>x$NZTXO~gVOmtL9)?m zD%M|}Cm3z4mRR}Y38R?O*&k0B>sg+jmp)KtVkQ5ak<95N z|C}*1NPenO9weV>9FcgFPWERS$0Ythpgpx4XBy33!17f8pJ}v_nCiE#@l2y1V>Z-|*xf3k0>5j`tV zf1wd0vC>y)jAcyvmK)c;i1M3sdOp9(7$~u_ZMz@kRuZfB*lzS-O!j|ajF(v1yVIB^v8w-0BTM3PIiA9Eb{g9l zQ~q5>_yR1ioXg*1ES6a1|JEp!So!Z;<0NCszt1RKi20TM<;KuOh?PCx8`C9L`o1^j zO04Shy;07X^!;GW&k4+b)c8nZmH()*O=7Cgy2eM1e@J}5MdRpWjrRa(s$Z;g44;q)5a9Wr0mRR}6;>l!8<-_Mc7YF8ddLETn<#&3i-|acZ znEJcNQ;?7PRQ@o}>k`kF&r|o`6z16^vCC;{7?A(nM$J8c1m$n(Y4%E>KU#U(NUY*RD^E|x z6dzi9_AW(vb$+F-=X=I9AGh_Klz20rXK3sBRbsL)DyOX{ahc4|^Kq=Fj4{Rg4xYGI zF@3Y3^AR_CQW(>DlFpu$607oW@w~&B%D=@^Lh@YxEuN1gR^{K~iGD4x{CH0xV=Dg+ zPh??W`8_;IjH&#do}7U6n4I38!hrM+Iek6l62tFHo`Cn=bNYME66X7Xdp*wAQU4s- zU+>Mi*Hf2q)_d^04sct>_`Gfe;5!%(hv#vB13W}x_7C7<#%Nz!&R|dMa;aaw|2s2h zsArtSs(%dgWJtVOPLEo&t%L zempJ%DW%Kk;3 zm6YzH_3$FkYL=(-S&KZN4E~ka8*Rb$XnrN`a|E8Bw_j3;vAs{VTju#_9ohrGmsbY& zm+fBl^jwejq>J4P;rGqjzwU|LK-TRoo zM5Fd8^29Nw_Iua!sl;kM@t$Xw#N~qQd(RWI3G+3CQH0op65E6v(+=5F~+Ok zbGCctO1#N}=gE%d?C@-1jOWK3xqtWUkXYHb$5Y1nalBN|-QzjN81+Tve&ca{7+C&3 zPgn@PT4J)NMeaUNW5$@jV{W;pmBeIEi`?%#?HQvzx8?re>B1P#uic&dlV>nvJij(1 z_qb=Q#H9b>+>@S_j8Xqnxu-qrSsv^AaPAq;CyY^lM(!V;-4d(%YTkXEAL~0aSMwfb zjQVnNZQc`{AN9@5b$ZV*Mt!g6>R#(df&MVPhQwsw+Fa9HgE8vcl6!?WQevwA+T3t& zG-K4aE4P-ng~ZCfI^OF-aJAIi-fW3g`7OOmC8qLP=C$;$WQ^s-<+b(}aenkq%e+|cM#fm)?Ro9I zpD@PqdgpcY{>&K58=BY2d*#RIKNY{acWh{^FwX@Of-hNvs zKicznR5$PUrHE&V?%{Br=7t{L)K3Y2w;D#F^GNCJQjxojKd%cq+o-OCY zjBzb@0{8--?@`ihVVT|=%koTbXti)vR3wg<2=XSCm z?R_=x5pS5p%D%_FSB2ol5>xxWllQpyTE?hqrJAyH`?~i#Cz2hZT3B{7v3yExnX2V*Sn=EXj*<8yy|$1YyvH5p@h zJr?JAYca<1`Y&GMjb)7Gjaa72%`fvl zD>3P>lmD%EGGo*qo4?;XgE9J}bN(T3A!GE%o%x5ondtiB)`4!&I5|jRy^Ur#_GDiJy zFKG^8dDQ=MzTF(j81=8rcbVA|D|jzGyiIHCS$Cxr{EfMsl=-M zhUVK6Q+c%t8k*}FV|fh=nwTGReyo43g68IS##mmff|ll2jIq49f;Q%9##mmrg6qs` zy8`Rm-mE7vmDi`Bz1fH{mN%@Rqj{~wRKGq2oy>NOvAj_QUChpmvAm}XZZ!un#`2~V zbTv~XCjC1bbvG9=M*WXR-D$3uSk=Fm`4Okn{Y@{k)oyAp8h>}2BP3SxiRPo6j_o_U zAkm!581*kMxW`-)BtO7h86dy1V1W7e0Qn6CgUo|L@Gs zPql!%nt}(-R(r61vqi6_Fh3PMY$i&q-UmoFr${_e{JI05hbEf|Whg&Uti27sS6Ps3 z=1ZI|w)e*LN6a4>k3NO=JYpVU`EfH~d=xxthJ8)>3!(le3LY~P7;gvv*hPw&!T31% z^VfnW%$X9y`s5JeC(WNYy}^DV&K8U@UEh$tKOcbc@XS~>3MsdCFy2~#E0C^9fR{R&rC2YB%Unr{nqhm z6U>N%l%L*DonSU%yy62mPrGD-*;Zmzp9y9c#>M;5z6oYGl6Q{;{Z9h!$LVNa5#aR_ zD|;rGM<`v|(_+a)v&kVWpX`~GHqpFQV)ef4MDuRO7O=N1$loWivS*_CH^yYoMDt0K zXL}}^8Jte`Of=6(Ozrj16%$SOcUZpqURj2DC1ZM@IKzyPSlN?dHlcL+esP${Ft24y z?-x%puV;+!7yF!(%y`E5esQNIlg)P+qyKMRGR6E*;(gle2`E3s+$yoMZ>sq<$@BMK zo;QDBO!hr*9_9She$Sf~lrHT{b3SicznAsX$i8W&&KT`06w}PB7^8iov`lj*W3(?> zOg9%vyidCy>?;JkL}Jz7XPEDBdJ;UZ)x=Em7-RDHOw)H5%TE{8OiF)C;(hM*Kf(H7 z$xQP-!rFrUl>PyyQ-7Liel9VU*B|7M6BcvxVSZVXWnT3I>R03CB{S{_VHz(lnF)+( zyv#8(j|QgCF@20F{be)jL}2>MW}d{VzH`lwIGyCP&D2wY^4Vq@;}$S}BD8sC;xClm z>>9X#)8?C-2)pn92kv6cH@9&5yX8VWv}C@yn{h3OXYrcP{EqQ^F>wB0TVVdi*me-U zm!##IuG6G{sFcq$uVk!4JnpV7Hk&Z+9EHD!^NRVr#B*E=vV?eK$t&h8iPiqsD`pPM zQ~h2syZ#nfzgNtDj46Go+3)wj^rhxV#+1IyOs)t_UuLEv$UhSzKZ)hDpxID9 zGemxFh2Nhu>2h%@_j<&2eJGM(2vlc zNg?u&hRBa)`HtMa<3r@9g~-olc?Y-eyb$>%A@a*vel5$d36b9zBL6YVXLI{*3z07i zkuPWYA>6({hRB}|kw44w@36eXitXuduj&$0e8BdtE%8M0F8e3rT6bD_kr zxafiR8(Ykkj2l9HcBXGJe34~3W)fl1v^)BDyZKl^I{dz>nacTh zfd4;kz1`d!l>WK-eL(uz)}NcB@Q0Ht_Xl>GPf9#d+zk0Ux7lfC1*PvYeVjfS(r32W zWv&cL-)+9b=|zyfs?Bb5XHfbc^BYbdCG+nwj|ZifnZI#*uFPL%dL3xrA#Laf@H}J5 zH)dUlRsa9iY!!gvdq`$yiT7!=-rH-AWsLK6k=ScSJ5irn@9i}^OT5or4(pvKA-yYM zUhnNS@8Wb?@9j13k(kQ2gZxOAr}FlhIgF{ieP)6yu)KZdNQw8k^Ps#_wteQKgt@$Z z<`_<=^7fhIC06C_GiS0qmABvgh%uG7-yG`>EN{P=C9$gCe$z*o%iC`*=5#7=zxkTP zs=WPXG0RhV2h5X)C_m+l1YX;Qnut>!7)w z(`h|>(EOA!t!EFJdl=Jt_B-<^V_MJtXjU+$_3RN-H>rGD&mJ`+8Pj_9IK(4O+>{0; z3yXMpHN=E4tJn>D1z}+}F>4y~FP>g^8|6>^JLOmTkRKLi3DKkUX#(Z3T*@DeEfAHz zZ;t7jI0(MF9Qx^RBu~^LqPZSNzd^o5xMdWEU)K%7R&i~0%6ERgP1wSN(;t8{1uPiTA?g1|M{ky4rq82f36Jcskzn^;~6Q8I>y!%ivE`YfJ zXTep2i2u!}Nd0mOhsvpPC>?%Ji|tYT>VJ}+^v0xD@vEY1;h7iuQ_-8*o~UPt|MM!M z3uM1hau%WZl+Pkm`g9nxSdWEpmI3uPoJIMM0=2+@T@Rigm!2j5LRf@^g=ykF7@LZs z9>hq?SWeN4<(mj+0I=kC^C>^!bM>iu6SY+ORq>Ud75$?b>Dw_qn7(o!VhfLNP5iU? z<(Z^cQB|&@im#|DN8#4PDgWhC(r*!=`NrK(^~!yK^gb~l7+);?7r56&zmz3VyefSP zsjV^&1*YS;z;t-}SD7B#f2)$eVi)FvegfrSdE^hPSS{P%R#`8l?=J3-ine%#@++$R zq434@s(yJfIj8ieCgu*K@|3^bJpMu{wXeo;#NWRPIj$(G;>=I*E(+HF>h+{wr9U~2 z_yf6oMU|YQ)nUBi_*4Cj^jbvzNX%~)x4lk!zZ*gNRJp5Vx}`GxA9E?4ilZ`~+QiqAs&v?mX1xuiUoGO5Br2y4 zkJDL%0P|62t4 z)9-KPUrN_F-QO=%JQ@zC_0z9o$qx#jzKyW*m(ml8mETl<4oru) zeb|4RQ2JHBRrwGH$_4TTd;%k-uR_npsJS@*5PQ8Ux zmFK5d@Vun#R`eT)w>ZC7g;l6ZXrU4`Ytn;K#sx zXL+2}fps|6SK%cuBDRW4<7|Aby~KzIu~zb)FCZs7v$V{?BMW zeCi#fc5$Q+$*lp5b`9Y;qo{+|S+@o8Ey8vvP~IYpt%SG2{e@o-tXnz$lRk@B0r$dK z-x1tT6@P3H-zL@#4b($+1-3ip`+psyAA|j=+Q%Y-+lw&%itL@>fAq`BmgGOAijOIn zFBBu^&uo;ph>yQSY83~Qk=g{Vr!l>83{s0|mPMH4;C@TacgVwkn!x^s_l391bv$v; z<%i0hA7go>htdPFT9*Z;t8(!^SFOVX?eX*dcA*}X5A6)q8=8*s6aAZTgzBr}X)qt= zQ8^B5BIXN{Q}dS^kLW+NCvZF}KVbcvBU>Bai3l(mt!a zZ-CKU8Q;i0e;iivMNx4S?XZX>nP2rsb^qa~@5z2aIB=Yjo&NZVaw^>d{>O6u(-i&w zE3XqL%QzH@EgY|`m2rvW6(4?on&YSH52~F5`zO{+;n04j`p+qjtLO*pmuf!0uzmjW zX1FGKsa(i@!L-|qvPCL}&4JV^4ttT>#3OP(u?w{x`-RI_RIR^MJuZf^JQXL< zFQIs30+vg03FDwzX9n^yUsYK3Zaz4r3EZ6fE@i^=wq5a=6U->7H;{CFUBY}J@FBE%ZJ6c5j7qJ}weI@b(=RIYo zst2vd{Pj})2&JlDyfTC8p(yQ3Xrc?p)89CL9G#7F{(T?nN3g#t`Tl-I{m(zooDXAv z=nL(G^;YQ(c)jwkVrB37DeW&|xhj1K)DP{coEN#i$Va*Jr(4AJY(L5Q@ujxgKjUZY zU&?Qn;(uH(;{7l7m&bV@8vR?9|M7nF*HP!TOI7^P_Nz)RkgxoHej409xSqH=Ik+88 z%lU=c1#4mpX@@{u)p`W;Q5*_hxBTD253N^Kc8AJ^Vr)NL5BuW@`WpWcAN3{;$8;;l zElLecKk%yJotqEimRbkUy4xa1UK6-p@|R2a-17YV&~h-pk`F9L@l`n`J%Y@NkDqxgaO&>oai`f=O_%7tR||9@wBSO@$U zY(MdW`IlQ?nl~-tG2Rak-Di7X3hAeHyoL8+RlimHSQqDSf_RDctM!@MKg528@psSD z!S%?I`-ti}7Ti}4#&k7b+vK>hz`D8%eCshR%pv*$Mg2-I+3UBH*69}Bm-h2%zuCWk zO#ZO39{+td_ABgfC-`|-;C(cftL|@t$F-jy+W!OPRsX~q(m%?l`aPC=zWaA2T~+z` zoQLu$Nxwb8cAlHA>RVO*OR3Mr%D&wt~Q|rz~GM|54`LbN+P(Q`{KkAnbv5e>4(0!C(jCI6+ z{{5HW_Nt0cxdQVkKdAfb&~{V&;5dA)p5SzU`AR>IH`QOUd=)Q3?NNi=U+EBiI&3+DUhGygn6 z^MQXHkpC$D`N!w^(*wtuDxc~q1LG2oyYtDNPYs`4>C(EjuJnf&G7ry@K4ed`bEALPft^-Ulj{S(*@SijJ8<-brq^#}4_pkFAC z`Qsx!Z?*_}F6(~|s-7b&8aoEZ1w7Y~_xDyo&z)_R&!Lfz_eJXY_Ue%&|Gr#r`1J_eU&xKVzgRxaS zwutIY;|kVujJJM8{7>Qj6kFo!`v^bRCz!9+Wh(tb`cY4){w=I;Dx3|)^u4c;euXLB zTFDQ!M`2}0aQT`%uZMb1^0^Tur`l8PM=7jms2pJxr__4%^06vU=~K87%!AlJY5pg@ zf%{h%;$!EimLvpC_N{FxX1a_bE9AynqC#QiiRtxe5L=w)USu+s=|J~%Fc_? zuDtK5kmU^#z%Rr#vEmx`5KXgL?dp>~AIUpU=gzhF5(|6=+sx1OQ$|66Yy z=a)Xe2Dj6>^Yew%{p}ho=jZ=#dsEyE_Rn8GzSTNNm7}ooe<)VtM9C|x{ijrT>9p|Bb3B|$wJU9P^)BXMrmhk@^2`n`uqD`XnH7CdP2*+7!J1o zTtED)`7f;B@2_AvKR>kmV7b38?gaZUwEro;gi^~n>tkvcWtV@vklhOV^C`Z{r~19Z zRn=deOA1ZD7*_tf)ci_5*gyV$Syj5yuhJD(_FW8zmKQ3o(v|*DtmH$})wrQ_t9Y5u z-6=ll@$;3vPsry>e!kKh%2)DL*`v~{vQMQeJLvw)Cg@zVzyB!vL(^6Ms?wF+Rq0px z|5^K$AIUFj99YDE3WwT%F&yjS+X|H6Bfa$mzLo}NzY9VH*C zM`87xuNs_d!~LRAtoD@x)A9aEVN4Iis=U97s&TF;>9thGFIA6Fs^k@=^mFrFik*Sy z`Dnk}A{Ko?{tBh%JMR*>FQ>|*^WSj3iO+j0KAqRKh?rYRKRz!B%&*S3hEk>H{CxQO zL(q9x)Q$f%f%1X%tICe^+e=zd55*Nl{qc^@qo2Efsml3ZO6~Cfn;-BwI`-?a^8AFq zAF23*e0<*c=1!GHep2!1a?%6)cj$ORzXzu8D2mCf#X$; zi_mc$IuEOH8_Ewp_pZhljawXd7aG@UTn5@l^$mW09BA+VrU$qG|Ihvi92e*F1NMA+ zzUx1~7TC|#IaKV2bY7F@fx!ND{_#ltQ{_jhz88UZoUdHP$LG_b=M)0VQ_pdy!Sj5S z`xu`81{p<6wdjFpEVOjVO-s6Gu6-ZS% z>b$0UPpTcCw^!+k()mjNx&iqZx4tPOeUz@wS0E4nsrssOnded!$JM%x-t$oFE=B$2 zsyM8uim&SZTE)NEdQ16%s6XCP|5J8b#C7sKupiU+8mwX%e~%zoUdhpWO7bK zoEx3*^N&k)4psSM*K6cI;`{TFy(%A_JH_Yks+~g5?~p$K`P7T0tMhZA_NjdMUOb*B z3e`*R$*XocH$Aj|!R0`IETsA>{-xHlDtnZk(0T;(&m9lSkE$KiIbfRi)prlhJ$I+_ zDXPjLJ?b2w|J+q*y9UYyzE7(BPI}Mv>pz>m5XNR;9KiB1uBr1x%KlLQJ%0w<$$$Pi zv>t>}2LCDl`o~x3cvIyB)*thokN=x)iiP^{bj+m7eqSZ9u~&D%;oxLwYb zr}3=`{7w&!^D*1ePilNB>K~_b`F&GGFLnM8%OJg%n@{x%Mb*4|LdF~aysG$Lr%*Wx z-vsA_u|D+uB6!}y@6U(oBaE{6@7(dGve_0mZPl7=RaRe{RiTwTz^>k+_9S9{rb<} zA1;=z`d6r&;{WF<-IqZ9;Wyj;>o^$yvOoLzb$g)Ae)~ex$*=HUsMO<^Q{(Sed4FUT z&t#z<wVu-6m$sbLV!BCl0QMllzB@?RAU4N&EE5_kHL)ZSegv*&jpu zlfV9ovSTRpnI0SLszzRsLi9$gfq&{Z;(C_&%#Ded@h~ zzpDLIyioDuQrlDYFXf-h>z9|_Zc6{<`5)T~|Ec~*sA{a_E}g1)p!^paZ)v`?inFjk zg8Ml=KSye>oF7itC;L=9COx5c`t1pgGt>`kJWlOAE*+KQlKMyJ`zbaa|M2TNGEO;o zd^=^nurQa@6Bg#Kj8CC@=zR;Dpm^nf?@#R$>{)!Fwli-_AcD z(03j!Ld_S{uKsqMEaR&~Ses(KonpHDE|&UUq(#h0M836>KYJIgZ`J(OYB#29q6VMq zYdeDEhx5D?tWW9n&xiD#M))3zoDcnWt9k`~XA|#psDA!_a6Y-f`H<3;-~4p7oPRVi z^&_%hQ5BaIjo@{UqSQa&JHK+j(kg~8rTkU#RryN4qDsG_O248wJ_Gj)E{1X3<4BVAphE3N009skOHn<|I)6V-he*>kCSFI5ivqbiTaWpH_zPUHXL_w~vT z7t?qC`@~>>|CRP%$ezn7=dbp|<>w_?1x9D4)vVb04b_fpHbRJp&Z9WJ%JOO*@t@8$X_H2=R+ZdK!D$a^%OT}nK= zn4haouWEjR=TZN|<)1%ZRBbQ%3Fk*zPggbXRGpum3;Xj^yM$u3uj0QCRqI%4C$(-; z-?g}WJ5+oBv-JpFpQw01dTIW}_1lBIuczi!wT}Oa_d^3QK7X&dhx%hx{Z+01l-;Tx zBp*EQU(RzpbstD}`kzbDdX>I&6F44KJ=J%|l^rVo<=UtGr}8PR%29q)_a&j}RpqOS zuk?lLQS}Ms2kY_A8_GURKexU8&$U!}q4q1ip?sxRgg?nf$J=~L|y+%GPF zoSZ*C_@6)gd&{Xhj$Eo;|BmM#I1Vna-v23o{l8z%e`|YQs$J^-I82^%gzsfa3f~Z8 zOuu^p--BfS<@GcFepc}QjQ=|g#P{RN)9>$Jsve>9(Q0|F%EI;W*CUiq^|Wz4an8ek z@Lr(If4Sr9a^?N?xV-xR>*ZW(Klxv~us>MDe}})|xfGl;y!^QD?=Q5UtJY`d&cjqs zbw97De_edLJZEPSpRPqa)IV4!^ZC2~bbt9zttXx?nB>W3g%lx@z}kBz^e1FKGAG^1D`k`pkafD>`g1VcG{!&+|0lJ&pX}-!njcN+3kCa=o77*+KRr4P$<1#n)e8|KU0_TseW@Ys@hle3q>#1Ka`xJ7m}|h z9HO4c74?NKt`R2utr1P(?^^i31fU7xxYk1qhM)T$0Dt$xUoWkvcu4dV!{Kif{Pofv zhF^wG7Ei<9v+y?o{(5PtkhdKE4#D4dqP2Dy{(cbE#Sf77gSZlCAE0Z*kD@mG_0oO> zD}DstkH9-38o^&P`0J$|71zV-lQ+O$FYPCBv-k;Qegc_epzk>Roq)fe#hv13aX0)O zhyU*j^eE8Q+Ar{T8vcHTzu(~R4E#0J>S-;smZF8$2k0934dgcP*GFp!|9>s;uZ91= z7XH7L)(QUlXszJ?+iKTnZMEa@*BAc(DA3lLTYRt?`@j{F+C>E8C`onETGBAlLDHJy z4oPc^Ud->$bf~2D#ek{Bnmd@AD%rv0sC?@&oK z;S>0a=Mh@I$b;FiB~a2=C}Ix^(Mc;5vtSmB2imKJ5Z$%iR^$%=O8nhc;_tKeixT2K z?G791UoBklw11SgTD((%zlh#T@-~I*92=dxW;CpAe7Pf0OmNOU$xYKzZZsySZN3b_fw-vOUxKA++yCTc)+u zi`dSY)~J<8``aIZ)}CYcS?8=4;#Hvc!7RPPK1=q?`eL-bf<_)-~5UY9UcAc z5tD@I?8uhohKV9O`Z-J#TTe6-qL-uC`YrUAdmSZgM>3aNY^}abh^HM-X^%p`nE*6l zv=B2K$x^NWDE6OKj;UOq3~r|)?OFILW|$y0oE6)Sm|UUeGrgD2@vs zQ0lj2&uK@5me~!*&u%-Gv%$HK{R{H&RNyP;gZ61}3GprD>;9_{<<1oLU%He#44Cvi zXzvg0aMHQM+7M1<6^b3!5io8Xu2d;s%XQd3Awq}-K(XI9b?uP$-R&y3QhYjMrMPg? zS`4T1OTp+3*Mev^0xP{cD_$vm!-t=8^BEh#ZeTiq>C;T-F@2Y5 z8Pi6d3a(Fu^jjZ~P5L9xL*w){z^h^WcW_o%AB1`piPl^nkFDBw*nd1W1Lh^+_1LgK zT;twt$ML0mDNeNX+H4;l!|~n0k@klWJ()j<>BHV|+Xkp#22lG6A*KTz1M$e`jkJ+} zJT@xVW5f1~GE>=(r?l%pu1GwkQMpfP9pSFv8aKs}6!R%)dr3tBj4ftaP;KuuL9?`7p6OqPC zeGXTgv_H+6V8i)&8_2DPdE@V42{wv5agtvKb|Kyme2OC}y#7hzc1o~Oyo!}}7$8UM zAn*soQ}pADU}yg;lBN7ZSH#*H03Lru3gc9^C(5w|`sLg!p0Xc=xbwvoy&T>cA$DDn zA^jF^@9!vnM~DNE{%j8T`-=XK{vdY(@a>BcQ@%ey9^*usv%lj$nBT0`dpXd*;Xv<% z_=9vf#EbCi8MeF?LbL#i>Ft1jZ#ZX}^cOfHw=VxDKH<4uV3HEIlXTvr>$ag9`K z8rVCa2F2rHH8OZSWmNJlFfN{~ku33akh5(QA`38%zcn@7GTyGQ;js;e@wNr@VZ7S| z7}pKuK(T*x49}ANL3p#cKhXGnDtxs43Fv1x)l9Yh?uBs#G^#qR?`jU^`PO559m=0y z(_^a-?VnpS%6iv6T)#$HOJE(b(H14kzvfEP*W}84_FIHjF%aj;Lfd^03vqQsu^jhL zN0ivQzbQl}Q2Z*#OF;4M&Urv_H((J^yvti*FXs4AEaSuSh*Hj9%KTF1Q+z%MaR}Qh z&*S6r3vESEZg%Y*w&XQJ6xS}ZVZU{_BDAg050BJdX2m%7N9}THk5Q+b?J2k6UFp3w z%h|4SwyT`&T4trVxXg-iv38v!vOM_BWt&&l=ZNiQn6G;Qzm2TVgAR;)ed|2vz;(~? zIwx5^Lc12$6-AwrP<6qdF1V51+#L0ea0xLVRB*%7*dqM4i!& zwE8mcI+{X%sHl_fus#6&H8Mi3UvNEhY^xAgL{`XhHQ|x#1r1ifG!ALq6(*jN`CCOs z%Jf?!J@yGuZg;@ww?x1cA3Sy%rye`SsgpdOqwVb>P82~Tq4_n2%ZZWYq&Z{kH1EXN zF;0|)(YkF@WNVIR>9Qa0h>YcYv7E1iZ1=i#J8-*qknMh-Hr4SM#NXC+r#ccK-e@Au zj_vt$M4X-4C(e%Tvpgc%s=b8cc$TBdw?OL>omDr&(yAQ#OWkb8l`syM0$thz$62g77dLR=^a>mvQ#w%$|PE03aI;<;Y& z?6-LP!_Z!K;5UW!yYNOiCjBZzw|X|)`!LQn+T!h3!?@dMdrIq&VBwxboni9EQ z8DB5KPV4UkJFUOTt~?j54^P???6m%lx8DWjd|oe75FP6H9rS)(kNi>dYN9ikmN5N- z>HYOHc>PH0qtW%3IR=6MSJpo+KOKZ#0|ergppP|{w2slO!JY5qu*>&W|}l2pI4QNN3k^J$4lw%|B> z9P&|rBYm16Y6pt_KFyiP?T{$f5MXs3Ax(&fC9DC;vyOSI$o91xbzL*!TcS}_c6bW`DM({XMUlidc$(Lf6*(dTy#p4^QGu>NQg$j zzZ>ZF4Oct%L;F7lwBC9l#x;!8ywAaX1yCBF5n8AFF)qS<2J4m@&Is+{L56U5ClXN91CU&4H%t)faC6t7Ag6t7Bne3Z!koaQXy@l(QjOXN5irIpBW zG9awPf%Ur&^iVu1aZo&hd@>$IXf?oZcQ%U9c7mTCYBbt05$ancMmxy<(YDcmM>k5h z;r_-rkV875QLJToF5IU8?f#w+A2%wK>yn*-ahx3ld@s4kqlJ$pc zq(7YXM_R(5pX_X0<`@I(ww;Y4HCi`DYLu@?dprTxlaU&&>ms!~AkJskPM7PT22CQh zr*Fi0H&XM#d|xCYwIz*(s0p+;%)by#tS3E)RENyE!18_z~JEXm`<+ z`fp0p(GFahdW&_OvytGM*v%3}fDU!byXd>XHO;VjdOMa^4?`W0^J0Qr< zaE`a3e1_y71v&-r(k7YCNIUW~CEwOO)7cR4(k5BX?vkG+`L&v7!Ab!6KIaU{_ep-U z=04|K$tF zf3dSd@{1+^+2+MghpcajbCvW%iR902UgBIU`K8Vovc9E~zqEO&Gh5bohqJG&?+(dd z*L;U_h^%j!bGhV~N&dFxWzKgbzudV}+FvgD`V0~E- zmdJifbgdtZ{!4VFL3)u$bo~MM8A!|P5hXt-vfmTg&xx)_7DGd|Omwwd59=qOVuKJ@ zwybc3LAeId?m({uKD9@MgW4z2)%-cwuY>dr5RdA{40K_9*aq?PL)b^E-8e~Nhbz$) zb}QN0UB<;kSGOAp$990{SfKZI86Of|RR2U*VQ2J9qU&3rF9G#+65@W4Yt)YN?Tsah z?U@YxJK970RZDb@khEOJy(e2ny247J{aPlwD1IcnFn(kKUZLT*N|Ege_ocF5z6$ai z-iP*w^r221hsmyofI^&gC4-)iTc)}W)E8n8$X&Hbh(kbWAD~=IUju#zjQ+4*8|$39 z9Q$*uvl&yxC;3<>>C52$l;JuJdOvKM;cDW*bws(gDMQ9bnV#m%bkVvt%SG#hEY6qZ z!g!tL^l^GVr{{BeKBxDW>x5UYrF^ZTvRpLpXSqJPTL{GT9D?$-ipuBod`{2j^g?dm zOsU`1YPG~Au-+P9D#YMcLv3~CdT6LE>>*nJ^n~@q$W{?{>oAG!)Gsq#>!9C0)~ZK=)Z?F1p_+chNrS4yk`zSec9VGj~WouF-r_Us<&WZS>scK^yKnZ?pl1 z_)sKDSuR4`{0`y>?TKAPaUW%V>jt57eV@}Hu0RE!08EYd>i_UHVN)gGJhiT6Pcgr z&XxI&@OtAU(+Z{@C#}~#&Oc$?z&yfEHHzn%azAZR+f+C8msB@BPfwNl*0epz_QY_$SPQM^GTiu_bxYd} z_FJrl)^TwbdVZei9@GN+OQuZ!y)Dr+C#|bH03KJ4^Gl|C&WkXQd1G0BG5e=jqvru` zxu0Riy6p;Mzpo#g!0YJ*UQgd4@86#k3A{dzweq@==^b)?`lN`ol3x?JJYS_BXua!m zQ#tu=YNveFFXa6|hqj5FFG9QTR~jE(!2XT42(8hB7!PQFa9C_1=UdIRm}x%mUzTut zm2&?$EcXXLiapHFK@Q7(@jbDTR=N+|A?09PGhHqHR4B?>Z-z$qQyCh?(1K!_nVXMu`qs({>*H8{pnNVaa_paU+&i}fO63<1(0r8gy}v@ z4A2kSC$U_XOh3`y$My4B8g0S*-Yl+X3b$`6m!GQ2=lL*0r~a7A`Z9FtreG*V@wtjmuT>rWk{Z-xf11VOq+R zo-;psLq3;R$aFQ+V(vf1j7yl7GTp(nOkr8>p&xt!`5UCd^EXJR=NQLD?j-0pz&{B0 z^S|HF-;oF7PjoEP={|Oc{vE{M$<7`6ZO;qQwc`%Gg%A5P?f>Ap2^+-M86D}IPIkxR z0-wh(VY&k3?@vVgBD9mB|BH@SIJ?2Rt_-LP^qjJlb3KnRJ;}6!sZH*O!gCU);Y`bQ znir2qKcqR2=yX4EM7B5XJM+E)%SSVfVH(Sn+N)Ju7aN|7=p0A;?zhLqae6${1g42h zx7*f1J@1R#Zd*7N>oJh|yKPwi$KsM0N6C3@YFw1ue^~-F8`f)|$DNe@Gsjk;e*)!R zf1}Mf1>>j3jUHoA3yk;Sw%dRX1B~asN&w&W3OrxEG2GS(FwD<3I_LJ3);J2DJKh*> zke*1^6U};}Sx+?UiDo^~tS6fFB-_ryxW(tt)Nf)89Iti}W8gkh|0`k{$1+Y~`8ejs zN&a|v4ty*0H;Avyk7xcseqJ}wR?Woyo`E(EXnd!Ew%Nyo=nXUp{02LSyk1E#=(%Hp zLC+%-jPBKNpDV#ggYi18Q-bjh^yisKYr=gF(E3-wehE-|j+tQ4^UFl(m!+KsO1~6$ zN@Bkx7+*ph_zdLf`De00{!U^)B^%`LWP|*jY>>Z8*`KBC$5QrVDf=;n?M`94Q`qhl zV;rpe#npYGwLj}QvIgNbA+0R<>w^1R?MGr(=3^P z+)de)`TK*v(*a}ugKtb3H$b^}-?Yq1epzNkzraZzEBWQHe11Forc_y8E>LQ}RgV4* zV4k+88Yw_m0QK}h`%?|tw@ft*C}&!y48slUi2ac7b@0M#3LH0up+I6L)+I6JjxoSpi4oL$A0`4Cseb}2SC zL3^$2QZDGZP>J-5CQ1z2cPwSRqmt4-V;SS}N{am1&5kfWSxJ$)N-JdFZ~n%tQCtQSw~I zb+;60wPC*LcuP5_mvefBhwhtgUb-*#c^H;N!Tx`=%I!=7U(4i)Fc3mW!qFT`iX7;#e+@<>FW_j`hW{ zTs+Igvs^sO#dExfXSrxE#?9QDqP-NyqP-NiGUR>LfUsyU+WX@zFTzV>x+!r+#*W;f3(QH z%@j>Uo!dNG0rg&7;ywemZq8VJr ziuQMzB31N&YnpKPG)0D}2iGYg8?KpRIb3Io=X;qVODuxxTyf*wCY*1-8?HIx7r5pN zqqixRieZT+tPIA&b)|T#k11A*EpUBDjPGlTVvz;c4Wj-%CiK?p;QEocuAd3#)w{uU zo7fN69pW@xcZtFMO;IKuhwEO^XMhRsX*>ki@5S}^n()p=ceoxCdj^`~q&NoGU&Y)( zrl=6F!&PW&2AjgBeF9gP_Sk)<@MzD$HB6g01lmQL3)ic(w4u;0+DmY)uibmUDWbJU z;o3wSJIp1Lv=`tyQhO1u$=b_seN^+oHATyX>sW0GTvN5z;F_kbglmSj2Ch@Icj20; zt%vJOtpu)F+Q)ExNot#`ZH52OmjCb5zJUMF(RRUgmE^3E*K+M^;CwIj{3mR4|$wX}h2drK@_ z<1E+1wX>x?T;nY_z_qI-4z3B7PH^pM=?vFI%gu1@XNiaFK+A1#9b)MU*Cb0fxQ>*P z$(988|3@u%!ZpRx6Ru+|cf&Q+k_gu{OW!2$3D|5GlPo{L|4*^>OR5fUX`oj#ErWnF z6KVnev7q1PTJ8sq4{E229Los!|9s1%a9wJ70B9LGTh~Q-rEGSm&iY|f*q9~#l3&~KOg4zeV*r(IdkUBnc1_OU41e1X=y*JFN3{RUk;5+ZIbo8 zBK0->M#SILS3=*_?}C1)uY&H;AA~0KN1zAv$Dm*8o1lkvI-B3>|AhU6{sQzDJr4a1 zdof|Lx*2LVy#lqGUWKNc{)5yk(_7GXruU&8O&>$Mni9}l)927a6P^7&CK@wt6OE8! z(`OagVzP;PV6KTqLIdKh#9gLC=&}1uhoLdk*U+`5Z=vf<-$NfW{Q!N^^b_=H(=X7i zGJjm=Z$f??i|JRy&1R~{YNmS9%~Vg8nd)h0rg}P>sh+N8swdY>_23l)w2zs_zyLFi z2fO(XXtAtkn5@Sy>p4S4M$5=JMAF0rvsPurvptQyKCM!#((!q!7pG$swW2nRYej9C z(2Ck{ekQ_odL$#Zu_#)~3)% zUY9~w!DA`^Mw_2Zc@6q>%1-FBDgS|PO?eaAB=`7=+~aF!CEdtr&EOc}eEOf3X%Eo@+0DFEx$t7S^hxkdYSr|#XJL7nZ*Wu+R_^Otc9+ct(La1%xEP(x6o|x zrNxWLVarhH4>IR3vfq9~zge*yL_KD<(zRo?QeUN8sjsrE)K~4S)K?v?)K_@75?W}b zp6_F&o*!VP8tk$Lx2&O9*5J4Lv9ED5&jgw0A}d{k5i8B5Pg+Z6;I3qSd?xNnR%jLU>5F5)|;RQtY6Q{7N4UHxHnlx&BndS`WW&>QKGK@X>IuEUj{PPL_Hya+otgXY6N8S;E((6P8P=$sa3(5M@hu@n0m zo*}O(sSBiD1+|G4Qg6<91$iEq@#mlzr5PV!JinGf_tQ5s=&0XCo!MfaO#M>YM`Zp^ zt*PdoQqPe(1*(hhS|7$0-7}L?2TJuxog%edYPHk_Qm>GDgVa@0w@KYCbuScSUh0>b zbfkwf=}5oLq_g%zCbjUFOd8w2WzyIdS=5u(EGm_rMftO`D1W;w%HJ`I@^{Um{JB|_ zzfk7ylSTbDAd9XAdlp@l?yL=H{}|MR`A2G%)Jvs4BXx(=gHnH#y1WhLzd`EVQrAm; zTA*vhIf}@xA?0Cqpszx>KI-q#l#n zsRu>Mq+XRv_AOFxm%3W&LsBUyc0q&_EghtyqC-;%mp>OQFlrG6*%m{cvF+GCU2MrtRi zc~bjIbx8F|4M;7MdXChIQm06*mbygha;djSeMssisn1DmhU#KhKAn->Quj$cDD^ui z?z{!mwkvv)&go70FYQfN$EN-ic}8lh0kZv2UF;h`rEVWckyTP3lDb=JwS(eEptzem z4`Y-b@zFT{&PP}4IYVx!=#90nd&RAiL&W>@2fm~b(rzBmX zS>_)q4oW{HzLz{pST|6)@uDqrFtdbtq2z_)QppOjLUNXfOV*35jZ}W2D3n|(CQDw= z^^X^|8{J6H$Nod$8nl;~3RbXBB!4OUMDo|LPfYq7#FFhhIZmWFaf4X5eLu&E6en&F zZ)`8YXEgeWSLatTmx3F_Pus6ze~t9h;}3!P=+~Xncg34!`kwjw!52{9=hFXjzDcL@ zWpR9n0QG)3zd-s^<2^wt?~>fRF(l(x$8kcD|LXWs$@}7Km^&q(ioXNqi@h87vu`p{ z{#W7!lHbH#Af<<-|5Us}vek}yjxS|@4Y*Sb*s&j^ak0iMgcJQvq;~BGDQ<3szcmE$ zSdG8oS3D{_JIFsSM($V&QaK`(BT_yhrSE6oltTITZX{B^0+8z23DSNJfV7_xOiwM z@nh}9op~VDR{&B!5h-7Q@VNM9C-Gy=+O&k@tC?#+>W>}l?_(YSsecR7)c6d6 zv>zhvhqyruX{z9Kyd;tNm&*8rrZti^O*=t(yr4W@8Naq^zvP2WrgW<3!6q~Kpatid z{gC9=rZC4VK&ppG^$@AtQf6L;>W=_31X6yYY%fUTx17_LFqeYV|Et;G!Q2T_zwBe5 z)}W}r^Oyl9mM&y`33Dk(`z6wTS95#~$B7i*!SS6OCsKSL$2F|g)Ba2#)kmcCHS80~ zH)U};Nd8jk@7+k0`8j<}3!nO72Yjl3Kc^EZf2a-j8<_Nui}#x-PUV(zI+48|%eVaKRXFtKj#V*rx znSLg2QZlYFbD1uX>i4rhp8W{>QD%&}9xTvmx5wGX@}a7iX=2(yy8jR!s2#+f^r3Fdx~+HLBt+EKs^F~@`Q{IOrp{z_(yfS(TnukcaQc4c z0g&o(<*Iu8AdTM$vw~SI)0^iLX}m1u_;QZN*k8k3&+(n??`N9wRQ{o*qq`cQml-D!ISAvvp4f{KpO&}fDJDk3s zu3_$E?q~Kbp#Ex}9{{Pp>ZOnQi~W_-e}DdFj_>67I~?E7zNwJg1JZdcVBaNu%xmmd zFzaO;`(b|>D93?}zd!#SPEUYuV`bzh$89}Tdx>=Z3PE|^Wqj|(GO(YxxOu$v-=AO4 z@hC|3tmOC_P|k1c$2ol`$9Kv2-i_}t6P&)E(~rvd`}6SyNU~lNNcGu3I{voITuv_l zkBiaGeL3!ue1E>5(?gs-p3@^7uK?wFk@5HEM>)Py`g=FV*k2FQac`FK_vgns{*Ltb zZcMO$l+#6T)$X<+wKor>{kWu$c5!-u!pwOfYh%`IKEQGabMx|cbG?+ zg?-fd>I>3-iNB@{*x{1?`}4z`KAzL-Ilh_wqfA?0RXzgB@d46xfKHHpF4ND9Fr&;E z^B_p=u=Q8;gH+!Rkosd6$B%-t{sCM+voA>H{p<%oDp$tw2*;z$7;`1URKvj5nxmj2e}DErIVkFmdA`qwqb*-tPJavY6R`(gT- z5oRU$l%;uol>Ox(jk6g0ab|*vH%e7~Og}Tij51@)I5WY-TdcBtl$q;Q=XpIy`#s2v z6{-7OoOuAG`8QmwNPlBN`IoW3oc$O`_sJ%o8gBQCDc;;!aGkj7zO_76%Q*X2-3 zzpgn3(zvT0rt&RgE@!T19%PE)Dt{ED=l5kG_2&U*c~GUtK}tUWQo1dq>MvtPKuV8- zuZp!B6YPsH#qr!DiTfu=?JH-l2Me^zwkN<>#r}=966NQClrO@Jg4BO;rYKcDQC?@v z10c0ej8g5ffpq`t%ZzY5A-Q)W-V|5ulWd+}2+Da1r0XNXtmOCsCcgeorspy%K{*cD zk1@rWoR7H#r1q|62F~LCU@l>}#V{xjd#Hq<#*tU(Q^@T+K{?RF8iQ z*9TI2w6nQBW`G%CMwv^PtC>5P36S=`k9~X*AN=>{YoI(o?B}tM4`AYIR^+26t3$Ha#(WV!}Yd-9k8W;t^Sb2W1xQ=81?m;q)v za|v@bb01T?fXgvgGj}i(AYE_!*w-#p`Ex;v=dmAPMmSES<0xlFnM;_fnLC*KnA%0$ z9;P3p{Sc|X05ifYXD(sJK*~>~{HvL9<__jQrZ$E5$Ml18f9waC5oS4a2{Q)D{jtBA z8E5Wb=3UI~XO=UUFjq5oF!wRFsj6HqNY_;!`vGP-a|v@ba|d%DQ;YC%GWRjV<*NPr zK682X!_c65!E)UA`><5^Y9ACnIxJq3=P1Wi?V!lMpyAhC% zx03y+^l@KeKhFLE_H$>c`PDpI)sqX#d7D|u@nw>DF5vjuIlSK*#X`xw8^g>PNbT4G zQvZlr-VaFkheBp0vxzC@s(gi@98c_5vL9uCElBrq^QDT*B=>GS08+WaIxY`VJNzKc zBg9loUyF0g#SAw?XAA1Z6+6p8(}?urC_9{UFsFW1lGZ!+xCo z$UGI#y-bxOQa(TXMDio-$68R<$9|miC75D?Di;Q6y>S^c22y*8RDP|DH_wlQ{Vahe z6X2`jzfT^J@%QJOFIVR=7kpLZZ7P&L#-${l*Fmah2}t8|ElBU{#6j8*k{AEo9Blm_ik)r9^mu?SE>DrtJVHXkn%0NPUSOS z&(}Ff{gwyP>i|Fd0rn&8mrK8PdnHKwiE?}``{5O;JxxsW4ctEPRWbLeF#8edKlfA& zr2VetcwENQHWMkHU>@LfaifZxZ&LNHP4Z?wo?BGBkXgxWO2%(h`6`(QKO+ z)@_d5rTi#!?LGV)e4mQP?&tIvmwQmrzn1xkV(d}H+zrgfInHd_NXLbF>IoH(Z&FM! z{ZEmP>t>6(ulhlGJ+dERMwu~Y9He|idLBqH@!?|W`=96Z?TWcOh?wVIQt4Q9R?iVl zG`>IGESgom=*udf{}sguQ|#h6Gs=uJ#lJb78D++q=ybV%KQqdVfzWwgC%mg#{Kb+2tF%!((H#nUcW5z+MKfyjx z?(a>N-_MMI6pyk`BtOQCbDSvaV~V#_Jw#bA`w>a>*W2p)BGUDf%Z!3_-lOjkF;$kk!G0FUKMUc@`z6OC%qTO)%-yTX7lJZB`w?c8 z8Dqwo31;{c)s6^A#}x(XJj9rBW`Zd`Rq19>-e=hNGb79>GscWF6HJld^Ud@#Bg`l> zmQ3GA?ZfjnDCc2joS9(yKjZc@6G{JoDj#QxFIB%0Q!Te`$z`8NzMmOkMmaqO_Olc` zoA^rYM;zhfU`CkHr2n-_k1}J-I5Y7L*Yhpc!}KTpA5`4Wj4-3j7}NZ-`uqfup1%s& zCz784ssEaO;q!fr+r>2hs`BN6G!6=nt9*Vi)iV9LD03OdW9-M72`2u0L*~zA`k4`C zG@1T89~U#ij51>&wS!3KJI+3l`~*|{q5NE?pBct?D$)3CVuo8OKMvA!UK9J~6cvwv zRBt8NPgFNY*^e>f%mh1RfmQD%&}7L@g{ z-^6}`ebJulWBQp9W|SFY#+eDG=)mQferALjXC{~;hx0T2%qTO)T-#B@>zaAZetb!u z9IwnMGscWF6HL*W>u36z5oVMbW5$^Yrs$%|n?ZU%Hn*As<#*8x)O#E4z zI$umbGs295^7)4S82dyzZgV%aze z_Y>DL3;pC@*BoY62FSmoxv+%zQ1dcoxRm^hn=2(ZHLqnhF$>S2^u^6#W~JoT=4H&a z%qHdm$?KZUWmFFPXI3(!XCiKC^FnMaanRP-`Ko`2G(O|Z#AHppBc^N%U#Rw9$y_G6 zt9dQ6iJ1VuLiq#i=U$}z!i!Zq5@3IA=CMwn4%j2UMpnE3NkS#K`W&x|mmAoW**{oE>*Kf;VL z6HN0ZG%sDYeeEp812wAs;kk+jnEp%o`eG)SqE5wgnS~(r!-0CmSOb3bR{QqF1W5fM z8o52pD03M|4Gjr#w{C;MH8D%a5<^I^mAMUDtWfp>z z?q@&7Ofd1YDk?wI&x|mm%osDyOfbdes(c|x`)OhxSg3sS6&z=-{fF|`E>;Xj6%R1Y zS8_Ttyp;1TQ!KoS^WUQ8y~^7Zmp!J=d-yrU%H8U|VE#z?R*@oJ$2m0#e3!JQ;rn3l zTU?+8>;u}szF;BP4|Ie5L4p4RwA;;(o14wY%qgu}x9ZqxVJlP0pp-c&jVX7gypXaZ z<@J=eQW7bDq@-BVEdwns%Sg*~3%-TcaMN;Vrdreb zq@9sAGws^6b!o4p9ZvfrEj!(tJ~Dk;`labtrsJCw(!Wgamf_E6%y>9sN5;DuA7>0~ zJ+yUM>kC?6+4`Q=+gtzC`nT3;nQb!LXLic$mYJ8?GqZ2zz)VMGQReW>@tGHAR%R~B zygoA}t8G>=Yem+&tmm^1X8n}qZ4+!WwoPN3huQ?QtFq^3FVDU&`>E_**$1*MZFAe6 z-S(2USG2vq?Za)G+rHQKNZX&<{?^viF1Ow2b`#qzYj;DtJKL>o_jtQ!+ih#t)b90m zd)ggrceGu4`%dk9wzsz**S@0trR^8Azqb8T?RT}`)BfxBzqBvzFsVarhg&+_(czH} zPj}ea;o}a6I(*yVM2EDTb~)X0dgTnxDb5MxoRu>n=i;0hIdwVna~9<+$+9~Hx14T$yAA19+HGvN%5HPI)pgs{?YVC6 zcN5)h-TmD!?tV%4dEKw=ep~lPyT9E1v+hT_AM2jdqgM}ak5N4)_o(Vo*CW~^*5lD0 zTY7xfBwfw{0};SYs9 zdJgD0qURYsZ|-?_&+R>%dhYJouUD|w`MqxF^+2z-y$AL#>iuT#1HFIf{cGq>FAa}RTuxo>uFaBp|N z?oPN{dwiY`Jw3d|-s#>s-g(}|-WA^4z4v=Jdf)bb<^9<^vS?}1bwwq`n~UEq{;jyR zuY=F)tMfhK``VW}WcrYmLp~caWN38gwL@b=pBs8;=G- z!;THRdiZ~bA0Gbwa52I@V#J?;Lp&~8<1aL_@LdpX#6R)7np;JV*oN=Mcu{l~+eH@< z7hS~;{I=#!k&Ewz$j8EKPw~3wCH{l&#`r+=6(8bx;v>;t>=gsVJ~3E)F6{WtP6uY^ zBJrIl7C+z@EPoUuMJp{Jx@aY$t9GX7rk#Zc-q9jo8-rQvZ2XqySmD&h370lr6loXW z;p-wXM7vl7w1^05(?kewcZan~QKDTUO10UdOsf^6wYlPK?NTvTs}tvF4Pw03C?eWC zQK`+x_d;AD=4eYqt#&289b&1tR9l7{Z-tG-R7 z>o1B7{WH;8-!C%t1EPa|NaW~WiB9@q(M3NZy6Inw9{N#{r~e@G_2Z&I|4sDLe;0lA z&e{OIi#A9fsM&S=@~A#obL)1^t2?w}-KqI>mo`MluU9^aKh=H&e>w9s{(KdDaXh~9 z9sCHZlf;oZiWX+^9OZvv)@1tePRdVfr#OZ4H z@-wz5-uk`bYs(dXVSdNuI$fvY=j>6Oi%(C`ew&vlYEH#kth!PBbw2)w`FO+3f|V-0 z?tI0$trb^rzy6ow_=*-;PYuUU+^YOd_bCRtD|WOiUdi=ODpkH~vEn3d=iPW$liGD1 z#sP8TI>o$*;^6&?58bW!Z@1zetbS7d+qvFLm~AGhxbr+k^RtRC?NdC+=jA%C=lyyW zUolNFKc*Pv`X6GZar>^|T(#s1unJuX%LmOB*B zX;8d+nc_beC~nPBoWuV8>_0p}#cz2^aT*`*>`}_!#@9z$rSfmYyB*YDm-SUl!IKyH zXY#mA#k)M@|C7sCT(A5npVv8Cl%Kdt@%#@JAMUR>`%cA@YDMQ=ivQ;0{*wFGH(14& z@VFeaN%=poR_xC0Tg?3y=JS3Rmpj1ay7BqD@pV-$K3(z3MT%3oUx#5emX7Pl1jQ9R z?)v?r{6mKotGGY&zE}Qz|5e<=C_1PyWp812~v)tZXZr^u)nF$O7+{Y+D%;0Tk)fE#m3JRU*!Gz zRw@4poCj)8l5XBl_7y6A`v-XHZ;_t#&p!*l42JkX?9U5+kMr*b3%(Pg415RYllT~u z@{Rc)(%-`IpNI5+VLZ}(X7)nG0J9U?N%4%!6<=7axSBa~xALc;y_9eH&1(OjPE^OS z0^{T&#KYI(uXaJ}Eh>G-D=NJg#^p@JkCft4E!IeHT83ck$tG#r#NoafK?EJYV7{e!&FsJGs9$e1dZgf74s|CPlF82~`iZ z;|chG*X|)W-e-_L9rq(TkKIS(uNuL3aXzR$|6+FThi{C7-yg?AO!iO3&!-;04dtnx z>{}JnxxS4UcdsD+&srh=1167qFRnKlZ=az5-vwXz2*02UCj0foQq|AdPvaMG5Wn#l zzF`d|cXlss*3EMu?xmjjyTr{9TGJX7YS}!{>D@*AvA3lj_Og^ZN4D_~u{u zKMqv!vS;w6PV4Y(`j`)F;3Y4q_}B+d<&p2zxJkB?{z`=E6?{IA;(8(fjjPo0EWq_m z{Yd?viF%(wJ{s@Iag^-eWIt7PR`t_)Z;$-R^L`WF4WoLgo?OI#IgE1zuEV$>()o8V zi^1gaCdwva16f55`MD3ll`0Q?_@tyzfMHHWd9}0 z?Vh3LBbtBcd|h;{I$uw4{SKU8I(|Bi3sL^V9_qMyzOQ^bj&j74?M{yG`8Y2#5$}up z5zTj}`~Ur$crxF+bJcz#yuVSo%1_ppEFZ%CmHK)5R%V6T-yEEG+V5u$6<_~2u79-W z7{)W@PwppKPqN-*xxY)NPw7zkM|&$y;&$H3@nrdAzIU(0e1rYA!Te98`So&e%0GmN zw&0ab_=PX{cW+eJ*$8Ix`nd|@{YIoeg5$gw-0&iX~i$Hhgn4{KuZhFC&3_ z;J*s?LjL!`5aRp5x1ST@5Euo21P?ze#P6UNzGXeWbrSVvfjz)3;17uR0&hZn4)9j& zZy2~9{wS~-^^ODEBR&~SfYZP?u-{qWY?Pk|eu(`n2J_)x3#K6b7VsE&ADBG;Ao}4E z_``PM-E8n%T-Pswr}sm0d|op{ooAZIXq=vjex>u1?B9E5V_u{B`TQi~d-?n&$Mp)# z^Y8M0c7u03s?Gy_x|zn&m&;VWzh0rPzhu25IK6qhN*@weOxC}G$H(m(RD8vCYF%lq+V4<|+XH{mo;q$%vR$M5tNOnfqxgDv#kqXlQ2)_!oyq;6qrVQp zA2I{u0E|pg?W)J~PRsr)!1Kj%q)!7=&?m|MYlq`)13%dh^lm$qyM_0ctS5OKgC0}; znJjk<<*D9t(O*<=vOVq2R{Q^r+n;RrJyTWtKD<~lc|FX=d`jp2_fIiiQP0q~)pcd6 zQT$2QL>}V*;ov$>}_g{T=_ee981APp^mOp@BG#WO}ll$$m-BUw;>;@;;RR_C?&E zK$;Iqz^%Cc&uUR`@;K*3RsT(1rOsE%O^VknRq=Q4ReWNviYM>4Utg}`sW+?m_1~)J zwY$Dn=a>9*u)m~#`hDnh-*N=MfYBoVgYfBox*p?x8sZPZrstmIbKTu|&ae5Kc;jEh zi*cM(Uvhp*j-#fFRJ}D%sPWX5+n;RrCuj%lH|d|AK9}2>On;1@Uz5B5^(}f-$EutO z>vj29{nteS*8X*@_uHU7G=&;g{*-Sb^eiz6I$BJIju96^&lXdlW5rbHI8hEgM^r%16;;sjVg_`AsD@4yv!LgR zInYV?lM)?&{&gvIvZ#k%AR3_;iuurs!~*CPu@HK(xB@y=EQUtJ5@@+t3Y{jdf>wxY zpp{}dv`SnLoi1*G&JZ_2XNp^()nX;|5^+0pmbeo-TigwugYVMPMU7YmtrZVI=Ze+P zOT`*!op=aZFCKw5i1pA$u>m>{YqUCA`2_Sbu?e~WE4I40Ts#9^D7HWs;TH>ZwEG3< zKd^qQqxIXNQLNqSIEJ0jEAgRP9Y^vqbQ#uhbsW#D(5tbYtK+ENfL@Cabm};^cc9ma z_n_Bfl~)%l#BS&f;$!HISnJhsw4Xw6#+t8=W8M$F6>Gmbj{FNK)=;6hV-;8zci_Wx zI(p$7DArP;cjLiY7x!RYSVxci482brgRTA?xTV z3v{ipK_9}$kaY2|$bdc~GNJ248|Zq`7W$}Y58Z%|sOaJ`LBId~I98x_u@URfI(oAQ z^huEi-Gq-X=;A5S6S^7iujyC~?+bkf@1^Nj6(0!QA_haB6%OcgSgF><^TGpt0V~!z zR?U6TZDJ_&MKK(@9UlSEMI39`I?h1|`V!W!b)1P&&?c;5>o^~0LH{MjKwrj6wk}@5 zTDFe!F&_FKF%kNPn1ofOH=#Pt&1BebLv^gXUkKeTra(UuQ=uP=a_AmW0o^OAknHL;nyAqs8SMe+Keg4+E!rCBv)V(@=d?$l&ui^)E%wSEx#ss0r-p&x|C=_io-6%=DY{{wnN*YMQ!HB=Yh=qBj5dMjvOlLgw(WP_%f)1Yn5^vl=npg6PU zOxRtZIJ4$9u)9HZ(cRn@b`PkIZ#`}gI}eI`oH++}0TlN*b0^q6p}Od0?gG0v6!$oD zH`sll*sr+e~ zD9*KcB<6Hj-^?NCYI6x94?;1&nMc813&s3qE`vU7J`4JYc?@)&c`WpO z^EuGBT8)Pmrc8wPOPK`qq)dhurCbOdmNEtP42SB%pE4C1Oeses1jYR~r2=*d6mxh= z73^D}Xiv%v=))=1&__~cLD#3ufqs}$3;iMGQsn#*s*9ge>S6y3)x|FXMScu{%OJ!m=2)3992aOP9cI1;tphEQOs0#k^s; z3U($`7ul9;pzSTop*i@?Ts#q3Zh#hAZi4o-+yWhBS&96Ep*Z`N+o2B2ozPOt-Oy2% zd!grARzc6VJOG_+Sq+U?)vHKvK@M@We0SHWhe9o zOEdIV%gfMvExVxiTV91eV0j%Hv%CRaZFvhdJP5^TvAhF&Efk~0@*eaF%LmY{mfg@- zEgwT)v+RX_Z21&=$g&UmwPio_JIm)N`#n?_M=f8#{sD@)-Et82Pf*P8maky{0>wOU z!5kodg<{^eegn<6eg|!9Jqm4S{Sn&U`ZKhH^%ykAdK}u(dIH+X`UkYLRWo6px0;|` zt*xNltQKf@s}0)2ng-3aWtNU; zpt|r|9k2sXTtQYB><|=Jkktdb1d4HGErLA?iYHjB4|W+8&#u;?ut!7j>}nkj`)nwl zU9BTwkAvdb)f#|(E)>tM))4FoP&~U@OJJV|#j~q*6zub%7^~JY*cU+Y>}ov=_C-)U zyIRMdJXq^Ik85GZr)~T?shGMR>mczaliswda1?=mfcy6>-!CnEysJ704eIpdl zht_J?w?XlIXq^T74k(@vt#e@C1;z8BwHEe0P|TdxOJT2q;##oQ!+rpYYr)zGdo>jI zQ0siyYoK^Cv@U@C5ES#6bs_9WpqM$WSHNBm#U0kV81@Dz?y%M+upfuw$VqFg1V!a-bXQ6lkvEBgtc_^MhtT#coT5myQ8x+re)|Ied zg6iVm*4tsf3dL1vy%YB9P(0~b?}q&bRL6Ik-wXRKs4m{Nu7dpzRL8fRKLGnZDCU3b zYSl3g)hvHsu-30qf(g;8Q8x=@uX+n0$bR&z}9Tf!PcR8>a)E7+YH6C zpKTlL6sRsNw(YR3P+iz;J7A|mb&+P<2|FE%r$k#b?AA~`CE8wwodv~gW7`Eg8;aS+ z_A2alP|P;A*P$J3Z$NWwZz0|hifhyM4s?|5J!qNj1L$bmZs-`>$I!EFd!b`(pF+pk z_CY7w_CqJxK8IG=zJS)*4npVKzJe~a9f3w|-$1XneFweXb`*M>?MLWcwx6N*+KxeE zw&T!;Z6~0Q+Wvq(Y17PjU0^doU$(V^zGAaLciC*vH*9IpH*Fcvw``fvk8N$Bdu(l? zdu{EZpV)GszuG!MwbU-qt*PCh+fsW#Urfz|Zciv;cy;`u*yF!W%m19~{s1^qtN1N||z2>Mg15Bf*yP^d^74oy!R32mJgfObs_K?~DL zppLXrP-j{h)RlG?)RQ&_>P;I9ElN8FIy7xObXeL%=*`2rPV@rrdbf|_7>o5yCqQe}hze6oF*x^!W zxI;a(v_qr#NsLB4KZ&zZ&(C5U?4QNCuzwK~VE-b{gMCb#5Br$70QRrqBG|u*i(wDc z#^sEKo||(H^t_z$(DQR9LNCZE5redgkvd3=Aa#&dnKKDG9jSw~nMfV1%|_~Atp=%s zwK|j?tTiBYur?2=cI|Sc+Op7x3Mh4!s>Ow)9m-bU}F7w7}^B7LMj zN*}9F(x>V(^jdwszF1$buhduR59yEV&*jJ$B$R^DuLnd7OEY`C@aGxyIaRUSwWsUSYn+{D^szS+u&o)yh^6wtA{nbE_k*&P$|g^v|(E_}XlN8u}lZxp^?xVP{?;a7!v&r5pd^|JT! z^}4RtoxS??zOeT*y$AO3^ojNPxX=DRllwl@cYELO`gZNtuiw~yb^R9iyQbe0{a)#} zuivlzGW+ND_w+xr|J42s{g?N@zyId`uk_#D|4{$q{Y?Yf4;VJ!%mE7r{BuClfL8~c z7%*+%B?EsMIAG9OgH{Y$HRzo|xr1j7ZWw&?;JXJOAKcM?rTrHBJNEvLB1frXtK&__ zH;#1Y0Ou&@IOj~~waz=7>z&U!Uv+-wOm_`(&2-IoZE)>y9dZ5O>gD#h8{PkKU*lfm z{-^sFcfQBr8RMDeS>$=Zv(fXc=Rcl5JcZst-jUu3-nHIWytd+j#ch2(eS>|IeKUQx z_*VON`1B#AL(U#@-jIuj{A0-DLp~e&)6g%5^&1`-K52OK@YjaFGyIp~9Y^Gj=rdyJ zhzCY&9`UacyGINidH2Y7MyC4v_&4~!_Wz6p*L8vC0y_e)1>O%N0*3>?1kAy#VAo)u zpgTAsSQX#Q6g&_-9Q+~pThJUz4-E_j zLg$1ggeHZihGv9nLyJPoLO+DQe9R)onZAXdWBT@Si#XTx3v|56zR@Bkn2MnjO@8Qk zrkT)5rn%7bO_xC@o34dkV7eK4q3JH@MWz^ZifJA6V$-@OEMltZNod6MCA8dR#=3io zQ2+3(A%=y2!)iMH!~Mzl*Du`V%%o$6fmfE&Mf~?pB13Wc<{6_Thaa^^f+OY*WARQ+Qup{cD-u6)reC87ETh|Nb{wZ&oVr);r1D zhqe9BunNB)Yw!oKeU9zF*uKE_CANdu4q;{fD{P0c9)ASe*Vw+nEcY!|;=jZ8JvQ78 z@afx;SgRX}`K<)=dp1Z{*3JLGI<&y2W;JX&Hmu*_ zm)fqv3f@(i9k0T=>s7*v&4w)%TN<`>Y#G>EW6Q*rg{=*?Y;0|@wZqmPTLTFnD4Xcl=g<91|OSY@cIg5k`p-M$9kwLA@3<_7*hi3mWx>Wm(F1 zhEdBIMlEL=u``X>Xrsj0hBeN}H_pg+uCd>9js2c$?014uVuDfPJfp;UMv3!`66YHw z&NoV2V8kvkViy^)i;URCM(koE7SXogb2W4pB1UYQwgvBLQVbT4-DyS(Dz(zjRB9!c zFyj{)x2#pMnH=jVF44Ag>=L8qd9psLd7e?<<;G}QWLW<&tf;i8L{$Fa6V0) zYa_L_k=oiw%`#H6jMOY6HQPwdHrmowPtG~*WGc13y%FnRl;~iT=xD?`8nMnstg{j8 zYQ(x4vF=8!yAjJZV!1{v--zWKu|gwOXvBKS7`3^NVf8bt0mg9*GAyUGXoNYjP@!gO zr=A>PPCYrooO<%UFw7`B!YDh!C_BO^JHjYC!YJ!E+7i?ognG?6OA=G@`a}4Si8xH-DJdi zT9T=K4Qrrb4K^&7VHFvc&#;CYR=}`AhBeBt&N8eqhBel(#v9fo!TZ> zD#My%NsjSa!`UNYn5R=U|6dS>k-3RZ&(`) z>v6++!myq(tSyGM&9Jr`)=tBE*|2sQ*6W7#mSMePSRWhKUc>s-u=W|&=Z5u#VI487 zZw%{4!}{5KF|0=n zYqMcJV^~`<=(C^n?>WPIrggHGZJD3){cT%jGPd1_ZO>HmeMhk)^EJ-5gJbxW4I|%9 zBi5Yx2H%OBjo8bX7xKOKWh1sL^Ig6>@5)TxD|Tfj`|7RCm*=Q9zmwVZab+Dd${x>5 z-g}N4u@gq@gi+rKqrN|k)IW^WKa5l@D_NhGm28Wam28X2NHrO$CL^_#k=iONd2h7H z7`57Fq}q(sG$WQ~#4?Onh7rp&Vwpy)jS*{O#M&CMwnnVI5o>S6a*SAx5$hyl)Y2}7 z)y=Sa7*?KPP0muIq@%ddu%@tu-!3<-a>J@Htgo_?bN1xyN$xgn8m?|wQJ2gAm_vJ>cJUe+V%d?Z`vLZWqx2iI%8HQDDSoKEx z8jbcf8trQ|+Sh2buhD4Ve4~8}jJ7N=+PBb%Ei~G<&}iQkMhg}j))K>7YFK^Sy>&hP zs^KB?TVhqK-PrbG`vTiRY)7%}#&5;##r6fZgV^2@ds4<|(^8gVJ1SP#)@Uzc+i80o z{uA0E^CoaJws)}Ii~Re*{n!p-`$oGX!=m5TIzy*=rlnkN`ghii*jB-R2-|vWoAk8o z&EPZGwqV zQvL=03whrL-v-|V-voaEf5P?y?4PiCOj%t%g0G`a-MS}5fCBskX?w5*OjEmru+1{{ z?s!zxc0DQ*U00e4x~(+%yR9-^-0cPI`&Dc!O_kj}rn%jJG#xVk2>%4OE7M=jyE2`4 z$b4n`aoFwiuS_3|tqj`~Z1b_Luw9vcJ$M(k$FRk*HDUV@+u?k(bych5=H4AoV6(y= z*s4pf8p|qtTf&{aXG?zC`*PD)eP)?fwR$_Vd*3%R3$fX;4a0T@wu}09&+6UrP}cqd zhq4Z0`x)C41E*!LYE_ACI<}eE4rPT0Z_*FvZ_=BveV9MSLStc^Ba(f{d2#kp=S9eK zKDM#wo3Yk-epBXA=PQ|qoc{v1VtWx=9NSCSx|+K5I?MKH@3U-oVmshF%XZLrLAGzm za$D-q<+dzr9k6x9mXECuwn5n3*v4Ty58Fl9reT|jtp-~Iw#$d!ZClmqUTk}9cMRKW zTVeZDZg&j()b?TiKHF!A9f5sh*jKii;U{b#4Ih=dZ^XmsqjOTzMt%e?PMtAwaq870 z?}PnJ>enM5wg~^nsnh-6q&|(!7BHpR1K*^M4lGWs4SbxM8O9=u-W6Zf*#nOJ^8Tru+akasAy;jl-DMt!7sUj$G`7_m~Y z44;NO3!k+cgEh0USa~@I@$sndJn#an6J3Dysp%GNzt(YhZiS@&QC>p`quHR3P1AI8enqgb`th!v}+@R`DY;uD3> z+5&u{u#FbRc7|3?x1g}y?kx%h!oGmlRbnr8 zxQaZ!fHN2@c024IM<`I_@)X%a_He+7)RJPiJy2W{bbG=pyy@&%#U<@NQd(Ab&@bqmg| zDz6+dW9n35xLTGiuUl|d)q+JT6Yay%jChF92_S*@U(;$Md}uLWi8a5EgDufXHH`S4X{5Sh{}H2Xg2C_ zxc}0E`W9v>G9Wq^3B`sspC^iyW z)KE6Q%9vwR`e_4G29ZfMY3#I1FgKSr)>P0mgeI#ndU;G$!_3;saMkRp8MxXxl`3zj znsZ9t((0<&mFRv9n^WS+v-1~8vIy$>yCQ#;R8I3M3SfGy#5k>QsB28lo^~;hPPko6 z2-MB6i*k~Zu+QssxxBv8QhTv85G?Tp9pO?(Y0wpLcpb%_qF^BC3YLaKxEB@|dxI`V z*yHp%-NgZKk=JQ=h+$|q4-J~6ad&edD2MD+7{*y}ke58xQ^!LxdbYeHxF}=GL4zHH zY8z`B7Gba;32w_-DY;YZvl06Sa3Y=d2wOCjx4d)yRU9+yUxjf^|5X@+`me$mr+*d3 zFiM7{F{uvo)A)wEs`5GN4kA0uNqOk%4a}ZxguR|*NryLS6(tRa4;GC_3Jhy8FSqO) zOv5MV!P6326j4+8h)PtIoQcL)UD{YxQ&ELbnVcmil-JK1U)xwGLuWV6o=tN+Qt3pg z40Y9W=A0fpyS8CMi+GC(kt#l|MHDKzw6R>?KHy;VPOqNPSXWg^I}gk+ul{q2(YBV! zW6En9%V(d9+gpQ?uG$`|t)oVtynD(S1QFvfPDz#13?fD?oHO}IQC5Qst)_f7!t#-6 zTx~7cMkmfKuc0LQUVP7@qD%w*%)HR`8ZR5Hd75FC={iOzwV>w=Bdvn#9WkXI%copXBXsHz%FLlr7~ zMlF}Yu~y-^rK0ML@|w!ovKo2TXID2YP;FJQVB>UTl$VR#6+M!k7E2C8qbs=iIP;Bi zD7H*!G4@)9C)U(A&YfF}n|UR5Ov|LdJYCoY&2}yGQKz=_|9?*)w;KIaUWvhv=h%7G z6;<^utE641A<;6bBK&01GNFuapr-^*-t$|AsoK9zN%j_IS2XXGD^-Qg!|hO}siSZC z(nSu4dOj-EMjA+`gp*VLDG78>MzJ%>>t`xUUR2|&X3W8JE;WM=i|b8RaI*PGNM3kj zs^-+zEkIx%-R~Uoe&?Y39qPbsnQjfqmv5qhyg5^+mR93Jp1lCx|NZHoUdlPejH-sI zc<`K4-Y^jpg3BrJ_>Y?uJ10|HCMtXCRE)8P>I#0nRoy^Ca6InZ!#z$>2rDAfuO_Z3)>xDx0hat2E0y(6E9lSXmU@WGJxJts}$m3S#wixW4gs(jW2dG~ShY~6_G zbY$hp*C~t_CMTa`$4;MMTn(p9!^r>F`B3F4R|D>XEvupAKR+;^mIFKG7jN?R^S7yL z0&3Ans{Q0L!D;2_>N!0`7tCp~Q?FO!_)&G~_?hK(bLC|^R-V*9C;mB(#RgeoTzPff zpYx+hErTuk^iQ)^a{s4JT{wX>@wco54^Mca#RZ0YFIwHQ0n|S&CImS`xTjAEmnA2P zQ=;@#?4(%&wP2Q@!OOFRQ#3fm-(Re*Q!h0%?eyymIq0=|RV7^}a8A4E5UD;TMcwu| zRFQnO$-aERji3w}uB72k8Xg$(0&%sx5?m+8<;jD_&_MT1kSEaS;?u4K6#QQbV1LG# z|375?bKn1EGw3MffE-gk*JvApC-?BDA>@+JHzzZ+EJi2SMJE@H#mRMvxh^?zhstYe zYVqp6qP7x?K)7F2R|d=LtGsTS#Z~yEk24!w&`?!hT30)Vqr8s^wKUzMRG?nn8QDEK z`*Yyry#bj|rmDg!QQ5;98>SZrYv+uvs+oah9E=+`4We?jj>A4p&3HK}6LEl8+^cD* zkGSO_xhoZQ z(-A82mbk;kE{8|dPpvFpP(Pt|Ol?iWOqbX5KU@PIQR?uyJ)y8SjH zS4pX-B;+V|IJ`c4QNSGvI7&)GSW)#9h4Cs9uQr24fpBTaBZggq#}OJGRdvSg2vOXQ z)U642MaxS8K3xGVU*TajDdK54>^;JGzCG;)aq<;A@{gZ`JOBU36E}*`81e`lt1B4t zhV4$5!&_nxha3Tq+Z}fKic6iLVyDX!uzN}aCC<{4;-Vr)usCe@28vxSUy(Z)c848a zF=1w1?fm44Gge8b@<5z8p){F?BV)0yhX;n*lPjun?e~=Y7^Hu$k-GJiTr~95*#94r zN@`kM7OFL;m#g4)?$c8z)RouNw=CT-osK1WP0ve;Bt;kN5Op?)}S=h$vnXH_C@1*r$v{_~RGUV@M1_$n{k+GrfwX0*LU#N99GqQS zF^eV{gp#*Jn14DZN3j@II=iuc=E*}sgvQr|+7c{D(mNs4?xJEj^I^yo|L<2ovA}-* zuftzetj6`}gSTbcUyROTfn%*Kt**l>Cp-t0S72hLX44qP*en+6X21hiwrWDvWetYk zVjQbIjmNtnv#Ul|*U)=GG%;hwsh&ggwXDwQ$zl=my2Ds=a|A=^ey`VFY7doqyrHrMPFp?6DW& z=^x1W3(gf-UEqLAHJ z>IjxP-QiH6#DjMfv9ubphr(f>9dAW?y}=MV!tDvV-NoLb5{EM=@Y;_0)rs4<-GQmf z<@7o5Rwa(UxYUc9aPP)fraMZD?IAC&=ztSv$>|NFrNy|mi-IET33`0aklhnTGOlzN zPNWNsa2A!i9WEc1dp#w^#g5V`S*%J(eoj5^Zbc7qjJcvbQTnjj$l5k0Jz*X$SSP*6PXP2KX)ciWAY%JYF zcq%L#KUUrA{~vR216p}@-3k6Bl}ajAm8zt2r@PatcKHk2#8$fOZo7NZZb$Xe-HN+D zTvEA{NxaG{y{D?@lJw;Fr23c{gQV&K2i&X!G0ZG8u**7-0S7WL3mHft3t85%S@1vt z$*uzlBrt&lHcJe<;K2TVzjM#M_y6&v>T(Cx?$W#W+;h+UI``aj&pr44xt+cE)(!3j zJh*g&8H1e?3Z|I?R#u9YEy~e0j^psm03F<^Af+moLR^Gyz&zT8 zVe(S_&evg|ZbQUfTN4Tt>TVk(q{b{j@_PdF0{!x4Z|C+Mp+dO9T5+q>$C-_^ ze(ulW$xSS9slN(y+REafoHPKvAxSK%3B3xV(&aS?1|@b)Pe+zYfD#Bm7y!z=dDd~> z&s!xo=G}VbO7)wqd!0odj>x7Z%goIIBw~bI?Zu!6F5N0zoj|Z_$Giw(V_zy>q879U z^KW-<6@y#U1HIgvgHEYpZ}o0>SBsU^*5pgh=S+OpTZiX4In9ZgX2#toG?HaHF+(yQBEZ zb~xbHkrZ@8LAmo5qK#>mGXq?N2@fpZ+TfA8P`Gi85w6@?v^9Kb4fnw?Lx`y{w7tyd z8Vwcipsy5SY@_6ZW10*W)j{bDx=8wi3ib04BavxEO08&0hP2$v(L$9D^h&UrX%2^t zd$%(P)sSbMzczoRcdv65)8q*#T(+gSN+TXFTxmU^VeUd_4N^<< z=_(D6>*%H)x!ibpxo2^l3z;*@;jQN}Q9uqZ0yq?Vtqs+9BTV7NwkE=*ZtM1DZvdku z0OaiwKvTv15^xC9x(%cH9dKbAxUaspzOoYLbOc`LJ?LOVOM^~47XWVG&j>=HS2}|M zh=meU3{yH3153eq)&wXvg(#<7PC(K8d`P_5f4H^X!=@c4OQx}1Tf7v~U?RQL+h}z+ zZQ|VAT<_7XMnvCO@7+Q-4+fCc>klusR`0;UK`FoZ(hIL#gfl>Qt-C69D*8Vt`6ARu znhFB;5)K>sXwBk!yEWKY*xv4UZ|!V*Dpaz~)$Uen{d%Xr(H-#YzKViD;#3RDTRJ$Z z;w^P=H>5W@xA8Y1ydksSHim!|@M5pNVZ9F#zyl6UwR>Ic^+WQ)&h{N> zq3lEuvSIbK3$V@iADWFF`g6#ED)u&SbHT^De;xM60Kd2~u-0E3Y)QHeDCay;Lh*Y0 zmc(i+C0v3Wx`!ikG01Irc0u&h96tydQQh{=YUeE+^RGU9bECB?tC^>AMU0}YZ)VcL zB4$dzLnWkydjqEv+vwbdt*&QxQ#QHq6L!Y3u--?-A0||soW^V> zG2eoj05n#*gAjscrqieKAW(Ki?>a;vgaDi)Y21GuJ5C@-Nr1vB#amtjRiOFJ#iY*q zI@`t)Aye-y_qJQ>6iu*#0<>LIKnvm+53+Us+KQmm46b%)ym@z27*#Bst1 zrBcmU?%nNd-h_l$UsywTW9bj}hQUI=vvju$=Re~WTGQDxcKCo06+LsATwL=VP2n|K z99+W`=tDx&oy?fQ=qv`oW-~O!G^wz=;Top{^~A)(jH~EztVYfj$opoGBGbxw&zUY# zs(?sPWGH5!gQ7u{Qf&DhY)T~4FLXL#mG>sS+3L6NqkkyU;FSP2Y!{seU~mT1vf(zU zs}O}3AFjgZ5sp{NKz6G`50E;Yew~1eoNAiy#H3ka9hs+V#$et&Tn6)1f1O~OoWB6) zlum2&wfSrCRtV0?L0Otd&A_vV(<; z7-bQ2LybV)aL{OqlGR?ShLN*o436`S_ z3l6AdpiwBp!Za-dvDEgVHHGd_-`(7_vqNLU<_Sih9Atx7uytzyv>Ux1`<%UTKr-zi z=sZXc%*4TxCN2f4xe#YC(upjowFFvV3ywT_jSi|~I+%lUKmw(VB!4i5rceE7L*rE< zCBz((1d%sDt9*{4Zqnk`TF-`?{TSt$aO_YLB4!niZO}{6#Wy#hvDPueTCxF~FUNsA zSOE=b5haJWiaWXcVHBI-i_~JSCEXKJ-5}Y{I;=G|)vjODv*3iRg$s^ zQc20Wtde4RD!?#DDo`U*0ft#pfohs07^lc;@AjtJMNZ=S7(8ELTX7E0l4X&Xb_uC> zWoNK`fnDCU=@O?A^b7Bf97p3ed_CX*EN-r@@3bKpufqFTmY{$yCOR175b_np>{{@@ zlojY+Y{TJLhZIwqDzQhdr5$PBp!bB_tYGHkE^lmYKU60Ta&S^uO#ZC(76zszIMyL; zG7j@$zZN~?Jv&+FFq}h*DD?#GrC2`#{YE$ZVcU)R8Ng&o_dlLy~TDtp}JkH zW7xE4*c~>Yx}IB4D(MpS zQ+;)4PGz?ojNx+ZV62tR#uk&!uJ;CVfn40=KDORpORG@i>R^^zhb|h&G$-QxdmWDC zo41>j?G&pyE%tqLa$H=RlY>#bIWee`^|n}bJ8kdT=Ip_=b}*7PjW)&BHm)Po%Zd%4 ziq(*e(ObXRm;~DocE9-rqME4AWt!wpy?{ocHUt+E9cJ@OT_{Yjx#QlM`PkQqN_f=4 zH#+D8Q#tC1aiE7}&gE`BH-`u}sdUk92m#2NgAsfrIU(8Q5TCpRw+-8Fy+F4^)l-)4 z^mf+UzB)H#MMVxswd|P+UN1pwL^znKr@D$#PbsS>4e4mO+l%U{x_DJ%vEXA^gI~rK z3|wBhhf|gZmvDpkPMsh`Mz_C>>o)ZyY+dR=DHJsF){}hb$OZ?XU1@Ev-hmi$^aD_D z_8W?^MG;qX>NWTU>;vo^2Ww(IIrz}Gw(sy*gAV_VXhBCK2f{Soj01^bX4QHr6~(=d z5GKH(c)m2$DR|eh8PFiv;SAOh7Y7F>JDuSKOmsFA&$Xb&(u3e{&JDreoRBZN%@|xM zZ5q{EY=?sVdV&n)b#N2{CZ-!Q#>JtY8Maee$YClz0O<|8|5=-ykU+zdmWF2;mc**K zHMosIPltrDh0SgAZFUs>Zp}^f8ZtWPJQgx`GyOj9me#spn1wiP{$+3+o^@!l%r5W} z?5;!7&;-#M)Qb;$d~KynmBk4-nveITk1N{MMYNa5$CU+RXkRTag!{-xNm-MduEJ>G^?2o4_l zwF4_NX$x?d^q{psJt=UE*XduNXJbJdbO@qrd-qvJGOD`}k2~;1tRT$BP8phb03j?s zc1IXJR;SdQdN~}{sp&cib(SVemIyg&JoSA%bRM?K;q$V}XePQEi1OL?AV^sqraImsB=9BEYw&qnX;rQs5D^Wwe z(z@FTevHV0?XF5*gaVUY5vPY^NQG36SIW{oOq1mDd~Co=v%ii4;}+pr43 z<*JK%ZFaT?IMr(7I2cl3wTB;O&bD%y7pSziwbp8f{v7DSE$j$j%L=V3rOFvFH6^8y zde8$!31-~<+S%gf^>r3dzJ1_O9`C<>2M3u;TSOXkTK&~K7N)(|LKoM2gU$uqXy_EU zKeTC~C9E z)wBB0;n<+SWk!x20TG*A_$91s$C<;U5N7Z3bq@GWhQMH@v$?aO%`~jL?DIT~mfxWZ z7Z$ktD=TgD6QvoruO zjWM{J*eR z!@T)D6lD+8VCf#>g6gS_KB%6^7J0bQA=MLY(dJb!9)5=PvdtlN44b^eQoZ{%uEUU` z5KemhFw_PQS+7XN2Qd=$boY_<_z)*qPd>;?)^TvKaIl-KBR2WTdK#opcv~)Wl=Vcj z@souce8>j}*svoW>L z3kSK&tfvh1nRNsx0!>b{o-DE9{{O?gW*s?qn{`+)h1rZsezTseMP9DsMcs$ik+@fY zTPB@o9hAIi9a3T8FtA^#pk3TeG;V(vgwk-CbkkMk;7r z9pDckhX*Pk=E$(PY59P1M+Br{I*F7qs&Y`GmwP?EZ6gudm@tHh7T!|sIz$_%5{_+; z>TvCa%HYeJIGRE)=%7qHQ(T6Cb0ONZ#Ovb*in~Wl>;Oq_P6kLuE4I&IH@Dg#VV+Tu zL=D}2Oe_H_s_#YV39UVS1GP}RrEHaAi-QaBDPDW4d$)rZhj@7#c7#GM%psgk0-%&F z4zODA{1duS;rHG&P+VMtiN$&pssdgzgf4}nO`d5n$H4E7bo#KPWH*=bb`G!YCe5`l zm*eoTX$H?!6 z1%2!zX$ab;C&jX-#*8uZ_r^pLq7yH+q0eX{uo}Z;(#5S=*4{k8uh_$v!pGi17vG?_ zZ9-{<8!GNQ1gB>kh2>sc2hC}Y!Z6Ld!wFyuQ6&*POB!AY@YTK(rL4bFW6i4x;UURk zrE+~gVpY|1YtrHMk@f+i=CznP7on@Ac56dbs^ep3ktlkv6?oiI%Xr`!*_bZ%;OJ#a zsTm^!09(3h9O618hJ{JyVLLB_-ggTSFVk)rsDrGG0ElI#IEaJ@4()o} zOQ5n`H~bdT@}1T;7?xKzuRua{G2;qo{J1VI`n01+uU0^sJt4K-wvul{k7bn=iJY$Y zj>7i1o(fUDdUtrLTvM^655?e~=Ad+135RCZsxmayq<=Co3`HD{(g_Btdb{&piH3nX zTHZYep~W6L04eK=1F&k1spHzlNOKYo^=v`FCw6Kc{@5_EUSy24DnJ-OVaA0(kZMFt zm1;zdB-LG!0;OvZytQiC;DU1^b|ey5s-7T=bB&UisE%Cao;pTqR7~4;>YPf^v>GR2 z8M1PZw%w4p3hS*2WX{huK53Dnr1m<_--WwHtwo{mOqLzO2(qE`7zLRpYCb6=oyKE& zaG;Wa@GxbB7F1l}M@<;j^`{ILWWUl^?%Mr*Nt@j73ah+byc8O*(d62v&`W>;>l?Hw zWdW=Cf?9&__-&jLRL1~V@u^k?PyAu&(FM7LFj(nEzay1TPKB;hLZa;*w>&q?P?cT6 z8?0b^UxIKr$j>Dp+gt+@lMKak@EUew!s>eTcvj6dX7O}LAXRap3>z2&mVw=JH0#z2 z4}%6#suV`46yM5+kWG<#FE-NT)=g!<8IGmH;%mIlz8frhEZx6&GMmvL-$=MAxNy)8#hawD_S_`}n*IE~;Yn$o@>fj*E((7J)nnMj> z-8XB3->NwR+JfD=Pge))p{pUXDCHdew+*izI?{A--osbqQ+$v|;J=PFew}|+bGt=g z9qWD1nUX_-dw&4oNU8JS+M1r$VeN6SrYmqJnK;89M39QGjZIDv)$51BEO6ck*DSvZ zr-sVO(M*1HcNC1=Esz2n1_eMHx~^{a7TSJxtnNYe))ET6GTt^3`XO4ZZ7-s7AJpAYCx75;XtH!pA=^oZ zf?ax~@FYU9!OAAq3T|=~#X*Iu{AtBj3OPBbvWlbs@@U_#Fh^AOts=KP;0mpv*p1TO zI#jJFT2W`^FsqlE_fMfqu#>hE#c&=PE8@$-VR)Hqthg$Vx8q)43!7-)<9ZxR!Rbx% zomKua#3fxBYOECWAZqFjonO^~N@z)|XhP$~)c*QIr_T|jt>A4M303nU)|_mkpKzIb zXo7~up0n_P#g0qkRK<1zJ|eh`pyZ&HC!&2c3*#UVfj1Er*GOwrS4 zDFk)-sW#%8Ki+PD^Qn?hsD1+@V7XV6HOzeLC6@9yvgOf^P2iZ-mzCPWg@H!Rg=dXW zFffq9psd#q)H?J4Z>lOG)X+Cq6lU2ff`dVCrA}X!rOR_zh1eb#TNNgIc^CsPShjd2 z!5DM8<{1Gdi^~@XGSOX0Fj-vzvPPl)CGxCY6Fe|M3D=hf)k|+Z;YERt6evG^M!(2b z*6+lm3}l)xU(o#QXLwu~wApH$2%megj8KXb;r!>y2qBIU&z`1~f}Y{=N}8hey@bHh z`O5o=EVpaj2{lVxqCT0$W7L%F)_u)}3;~1M#d}FPBq;Nyx+{TCAd(VR0CTdY{yV_U z4=HRW6yt4>!sK9zbI>U$@HHyTU)a%@@nUOBzmVMUexddwT2WpJLbfPFq6CXM;D$`! zgy8%g=|D}@4HGZ`eA0RGp};PsMeRxjxeoezYaNj5c%#!otgJ0G>M?a!@P^`Bm2myP z)|dZ?Rae$*DdQ%DWbbIk4+rR(Vc(wzBLj+KXm;l|$hO+q?B={T*#OlWNIV=xJ^DO{ zOnbOu+28P0<#0-1y&IwI&pOn|41+hRSSnY?Ws$TIiO5NwSV9wW%Ig*`JW2$iN@v7E z_SRMSw?>H67`#w&0q%A>%hndHxQuH9c&4Nb4BTZHSkcn^f;aF{Ie7wcOIP$uF)Bfv zlJII!D%GGoj%LR+!tLP4aP18d3*&FtdmB?26obr6viG>Yf+1cCd(DDxGWl_1preCu zGyYZ6#HaCtXK2bMSfX0I%T0s7`r7%Gm4RAD>B!R~`ajwG$#4^K81$hoT;FlFhRO1| z7tQqqHPwUwwgRm-Qgr_PJ_VZd8>QLg^RLyTK4f0F}B&*RaGZ^^%Yr4Co!ZC{* z(;D_hrIkAhoYcC5((S0raP``e1;4z5w+`&{;$&oY9L0J{bGuLMi+t^> zb-R-gV(2Dcql+=fT*ztv5`{ajgroX|b+xktM-YCNNRC>Aw{YyfQ=*d{`KD|p2iSxJ za~(KAYSJPlRU}4AU?;?(F46Z9TJCP=#WI7>F&ah^shUlxlC%h$0-smX%nW9ygmTFK zDAtizsiN7N`cNXlsq#2@8hG8KNO_;A_>_Hk(Fy0;E%-J<042z!UPo`VXqULSmJ(P) z+d26bA*H?1*><`ip*qBLQrH~^*-7vB`gap$NC9Wy1iaFEcuUXMB@h-DGT-7_ z2&5EKi)vswyfaI}q;D2qH7P^UwkV1?1rt6~a4|0jEv8o};2DekJ{HP1yAT~2Jl6hg zyepWfmFiheit;L9`%HKpLI|R-^dcj^^mGrHPVbUF>Z=gv0QiEa~D~OVT*F0Z18K zXrsHR&!z-tVEU=xQ-vu3N;19@$S3j=EHnV_PaPgjt!7DHfO(D4Wie$-w}%oewE&Lm zn;CN0nz9Y(XL<1d@8)(ZaT8 z4|xER%ZM+hw)sINt9O(vZ{?zr0qGqbLcDEbL7Wwuq1&SDw?#aMO8wU$oUPb%Swza4 zZNKcer3QYpvksj(Pt;Iw8)>+{nX?%Fs$CW%>T-W4U~Yq9!qph{8SI^g7WWAeBI|m$ zU0w$bSyeVw-721ea{$1q3GrcPGc0(?4OY8di?DW_GZ}#tHD;qtF-s0l=oute8?fQt zPS(TB4vuFad3J(#ifF`5go{dmFDV|D?NeHbDO&*^mn(!ga9-{D;mtZt6pf^ge zH{zF~t*&Ac-{vL`35H}ySia_KsAB9AB$!Ms8HSxz^a*YQZFXKb4*}N?`AQNagXc0M z1FJ?R)%@w(24=+Ia<$JpeBeHU&eJ8F+CKS4FurlsEQMj~&Ew9V5vFNLs|buw(5$#O zH^aR#s@}V)rci=7A**wgDP^!R6gMvweAJTAbj{7k7=D?CxjLveZdRj^lT}Rt9*4*R zq%GzE?GUnA7_Ww=*`cMgMw8Drr+`*}9g)X;>YwJM#dKx`=Tx)bsp!COy6VTV=c9BH z0hgJewx>7?@D{UAD$l5B9vze(ACGLx3>z0lHNMFrohp2|tf>$D;SqCMw-+r!cMeH9 zNDw9IA#DDnoRwW?pPiDqeRR^{y=&6g^S)$_*U0+%TX5uh=|(vkpStx15D zfs11sa5=?ff;=lVhjP(|YL1tRQ~uC4b})=n{CNxNjD*g$HBL|tFXwW_5e9vLvUP!% z%POPka}iMGl77NSR4J4aJiC;Tg|Bbpo&L2oegc?VM4v`jvmoH1#i^~-_6OnRBsH@H zV9%nJ1No4~&zr0UYcFm_iB7J(MWb+9pQ{9@86}gk6X6HUWG-gS2HIA{DCf@uY^!K7 zcpdHxy*}>gLK6(;WN(Yxc+{{k8`zl<&Vg@&Q;IjiS9WYlm56XLG+mmn(3>$OmLR=j zXezt2tcI)0E1;66N+k^gAC7}73EOCA1*Ek}s%fm=mOBBK!SGAUkI~hCL3xT<*>_bK z+r#dt!in1ihx26}nboWkpvw}Kxmfz07QS!JaSk#&?5gL3fru$Xm_&k?={UZiYaM1o z1o4wqDOTGIak@qsZL0)9L6kOdx@#~A*A3JO5-++05NAg`wkvFz2uWUch-L~&fausU zgjM?xrs5QW93uDH2_RV!IXvhMN}&wXRcUzT=$m~yjkG$E*|FTH55*u=++hfBb{@o~ ztAw-MJM1P%3B>1tKsmH7tcfAkuxs$+8&&P?7Inz1tB0p9?c5qz9bWG~fNseygI36& z`?god!~3|YK|tko>kO0@Far5?Uw+(|gmU##ZtuEAex*Br6>9a4o1pG@8Nnom_efwo zOtU-qCW4$*b)E$ul}&zn8rNpmul03|3MZU9QuGU3(e->y;b%S;L!o!X1T)Mi>fpo* z=WP1w>dPU^ZLnVYQD{m3q2OS;#e?k4Di_=enr{4CDhe1Y-5(=1^d%*gwW^%5ip<5f6nJ( zr~oXsJqodMeXNUuZ%R2SxKfvah99g^AxSQZAa7&nh(WzC zM#@7&Y6mHZqM8TGV zgeWAEOn>0}&wd72d74im3TSNfLXLG~51B~@oQ-&3=^=LU`tUWsF^po;9FvAx^k(_xB=BOK!oQ4&fRCe0B!@IHm>!MMxejOP$-) zf!KreJW;NI7C%*U4eov+2~$oRPC99TyCR$`J;nk>Qv0${P!r2Oc-31fIV>EDMFKFY{!ihP;&Tz2u z+%5QU))m|sE>?Ovp&KY-h5#LOp^gG^#QCk3@PTrM!Zt?Gg+chiW}}NVUEDHJrMU|> zEO1zbciyf*q}@Rb)fleXnOm2JYBO}S+TdUMDZKVn+f`Wy)xFJp%BVZ zv$3~96UW)>#ia{8?oc-01w;Vac|k}2N_L^iO=U`9YnxNZ=u*9~(m6&s-|$rC)gH=< z&pD-G`w|TzrCV#U83!awo(Pdn0F0rsiXT#B(mbQ##->0l^PcXaD%P+vdTmhf9Q@WLoEX zgyU)pghS9m4+cGx$|No?~YJM3;X=q(zG z!^q3F01j|9gZ}!W=I3exL|xU69|hy~GK-2~nnxszg|B$jg5LroLY!ZM#@p)0GJOai zJHv3DO*C=*QT##=e}Yx?+8Wf~0enihVCzNz#9_9=uje2c=ji!`EOS8k$+ikU-mz*Rm?o56e!I1C=nPxD-? z0X5u=5G6weL@Y`rsHXVb1?^OoEQsntQAUP&?5$mzTQUzn^+R(Cq~=;&WRMv1cjw$iw0A!?i|jX#q#+ zJBDZ)Rs$-TwgEHe=~A+)ikX+u4mX%fuz`IOv;~FO#6v?9%yQe5i~^g$A{Vw;US+|k ztvbNRFTSJbXCZ0Ou=xsaEEbFDFuqvM!nUK!00#`Msb<%ETRXTsj#X{liL;l7CZdg) z`a3zkIeBCRtQN_YiECSythS>u=6naX$kM>|+y`e66bR!}2H?{tS#&j3oOiWKbkm1s zIpfjP15!EP=%aN23a`lE`VJ~wCaj4;_0jy3v0ug#fu$^H3M?Cp43PVHDJCTcd zQFfMQ*IW{eV!8^8FQQZvC{?R478uM})g;m$lH^DI)hu26wnD5j1}M0aQWAg|%$>2F z{$Uk0Ge+FL5CNbO!@5)+tbGX>ECdmN9MXs)0IJ7>L}c0AnTusHt4HicKm*7T_+UHK z>+t-P>mE^|EbP{ny^_~yC;0GbR)BdSTIIHz@NvY#Q=BWU&F&gjH$O*A2xy+KNDaO| z;pm0mK$r7WDWBF=yMP>D2}lSqOu=;0$JwGxjw!*;IT{kY9+XxIJ@i4~bc@ljh22s@ zvO5%z|G@~GQqaDzEYx?|hio*8NX0e-8qVb&Hq#uv1^L-Wl!jeF;hisM_JoNlvFoT8 zz>61Oj+ccp5vV5I=Cs^|kuKrlq3%2iiVzkXt>o`Y?K`21YpUIVleFOEl@LLw4pikph6@tJH>G~x<`2e7fV@japGz34Foe1ilXRt8c# zl46Hahc&~V-xL&-YcUrFMK<$DW4FW_LtNoV09qYCA%X8p_~%bm3vWE#@nIOY!mB-; zNO`4gNvF6DxxU7%7x4{n9Bbk+cA9B$FBzYBZ{3DEWKm(mU)hZ*_Io*8{qOnuotCQP zHkU2m?lsqh2GJqrej@KWUbaBx!WcG@Z>U8a>Umm6bNAvvPVeAQS%=9THeQ7=5g;jX zS6eZxC|PVHC74!_y_YKV0IffjP0>4ExzkaTO%-UWCU(|CBp6g>PTd9Ea&keN(P1=6xMzX zU6!J`p?I9pT!-kokYR~z7Ekn2N@-t`;bt>L(AB7GD!LrbD>xn4C0Uf6kwrJO)?}2) zf$>yDaB^W80%2sQE|zb-uU{5~Hu%0(FqT$>@tNWhmT{U&4re#a4BpcF0U~7V4GWY-_!=yB^#ceUEtaLa{-x!;lTqm-|Ca0+on zHd@729_f0&b1igpox;m_!U%_~_T~+Aqp;ap#Odo+v21#rJ-4c565wmMIJc7Q@uS4|@(ebcZ(zj4x59__&>Wh}S9BcE~ zuO!2K+-Yt75|(RQw5f6&zUtF&t5T9f)fBrfSrLqVt;!S#NClY6-`b+zgWG44^q%o(|V^_PhAOMzunyTJS<>X+J@~n zUe|+Me7Gf)LuMzBLd(H44!{ko!(;WK2@HL`#iR!8h5<%_w1dw{$@x^x$GMe9DIBus z%6dvt7s4VDG6qYDx`j;)offRcWcI~y2|OIVhkTn>E>C{gLet*mB!T{2w90}{?{%Rl za8_ABTY35xm=1Gc2Uc^W3#|2KNSYZWd;M}Y(<`0GtFPf%&Rc64A@{musL9SpHs!}iZ?X>xh%7r)TD z*ILqLYEPwp=waBwwUtzMU5r*{3-$UW43A(Ml5OVN3y;#LX=SkCE-n<2K` zQ#{5v!v-OSZp8O?t>(U8!DbrTIp!NmwRa;NB2LC<|B%?*zJtGUorN0#9=!krJ_nq+ zi?ne}GgO;pT>@E}WwYbrTMaQ~IVjaPF>Fj+=o68Ryfy-^6K>6HOYPJ3Rm4Sh)< zRe47i#&>jK2n$oT9LMH9-orf(y96=D$bMr_8p*f&cuX5KtpT=)Lo_&q$M~YKaX~IZ z%5?ISRomP33rY_#%K-E^II`jd0mOR2ER7T%+v%=s0$~@N>0^=I!VGUrB7J{K-URW0 z6Ez$%xFVNGVF|WHwUOEznEI|hQZcB0$^q3*&?wjz?zeDq-ske^K~~EaevK14&%M?z zhZkt@3={9qA)9~mjDkHNrbHLS#u&xQoz~#;16cO2_wd|Dn^WE9wx@$-h9_bx-g;QV zH-Qi`-^UR)>Vt>UaMH&RTLH6d7P~2rNA!WYT^WYG`{p1#OdRVl_adt=Va7_8jZn{yr~1}8N4|0&-< zo8&5NvxM_T!-JFRR`XlViM93hhXi4vW-v-HXQl+P3#P$ZZTIw3B1!o1QGyOuaE>Ym z=md*<`2<4M;pV%u#RoO)IpUONi*kyqu4LCTs09PlJ$96Me!iV+qp z!$29tDOds9Jgfk{-W9Obx&~}7%n$`V^E@1>XYMf`j&IRYYw=&_-M~)G|b` z42uoyBuc>slzM7#q|P(kMuBkg3E8;-q}YmS#%Pae6mq&Q73BJ10Fu~JYDfrX4G9q9 zp_mLc#SGgC2b8NFOsArvG*g$yhfSfOLx;!rBVlY0I&w@gVz?Kt&#t1!hoQtAa8Sg& z(|+A-^jybo^88JkFiZk$eqq{Q$F8Jr7zd}CR5}=k%s4n0B}|5ck$fr~j1^nd*pMnP ztA8~qRlAy!*S4Bgs$`Z(rl4qd2R{0MV7P*#L54VZT*O3c7%9q+j54bbxjne4(vuw< zZ+&$v5wxw=5^OE1Sfa65iGrMo<}h!^C*q57GHItt7#WX9ag3b6k6>;Wa#^fz4z3Y#_;`!@7V^U^;uqfYw_X z;Gi00g;!5@b=@J%a8>DjBIz^WF=%=}qHowISp~EtXK}ofEO)S0|6vC8>4b4IH=Kfg zW%tB}^Q-K^`BnXV1?Ly+WU^?dJZTaGhvb^W$WjlFybM9J#kmv>Kfy7S}T;{VXa+nh^ zAEP^02R@lE;mm)t2X9n>qA#gbI4d{2jT;~ocx4ET2=-Pk&&vlit>l^IOGVo>kDPKE zO$jUA2<;{GSShn5Tdhjw+a4cr6x70lSGueH-k`U(J%3?!eO{sny=&jKQFXHz z*H&Nbu*T~1-ri6CW$D3?8)F*Eq_D!K+l%>r5p3mI73!@wh<(G%PbWHi&XaXT96Rbyaw>caup|IS@+G+ z!H&98SCzWJk2VOjQi`WMV(~V4OHW7=B@Szlp@hl)n8gqAl&O7FBg;zRa8Np?K?U0f zKI+?M7DR(-d%i})dX_^~)9%n6j2b@0VjEN)iVYzHM$L$_(!OJ`DU&5?>ct7d`IIGQ zQ>T)$WhW#W6@C4drpv|;=!W^OBIE(8F{K@SfF&DWZ3^EF%f{|1ocqk6G&t%P1KQ0|KEL?I9ancjO))6IrT z-7~>3yFdGxGRO?1Wf;&t_hK1DwDX@U!x}(lO)R6C?XUu)hFAvGA;E4{MytG_JV;;A z8Wd&_!6gzrg@GZ}m-FI%EPLBaTPQ6_b{Ny9<=cP;u%{#p;`1MVWC=}k6Ku6GNHB6Y zSuKY_FD+fR$Jv@u^#qGWQ~M2_#z~!`)jg!j(B7D|fbVLvnV5tYxGbM}-dVEvEhQhM zb0$^I9o=m6dH8#lQo5t?O)7EbMfc>y*~6iL^bS`593Z*E@%m!hE+2*rNh;Ar*2zXu zl>vhk${>`GQM00NO32Rhz5C#P9$IF_xC{ zCw}+bV&R!Ci-3q_g0#u3M8z6kqAsLQ*&qg)Bt<&y^04fg=4I+#C1JG*yTvT8zV_nE z3SJ?KW1eYV^B1wqF5sPkhXbT1m8AscI4pNp??wU@)c~usG%@H95VIf_8pCPTejQJ@ zY-7pS8BsX-9E1m(+QhKKMthGS59>%=XPdFfFux>pp9Ucc8 zkjeV{>T3^h<*>JL3)@z^LS{7Fzm;4jUWr}PIG+;GCu@SFY3CcQC-h3STNbXKRfcH( zvfnYrlDboR$UaNKmVfnb7EdOU3}~l=JY%%m$Y2{i2$2DT;PO}J=dbf4vvAA@+haku z=|Xn57et!+4i^ISwE|@!{{=183?KHyh50?iyH$?CF`@G4am>0rx|t>Eu*mVaSwN*^ z4|Eu55#I4n)>CAc0eYM*r89>emO2gOCA_Ut119(0#11lg+Y!4Q!A_8~0vWx@s8~%=%@M=yQ=a3tS9wW{@hF5d*uG zV~g;hdXRy(-0Q-c8T}vPxFi>QpBCEtVTB9&f9xOI4oLlKKJ>;i>r9~5I0#ONVRlE4X^$(CyBw}m;eR@UK(V^ONhS#)VyYAc(g#%Cn#Diqfh zc}0eehaMJ!IRIIBGL7E!tFM(5a2OtzttDFz=n;YYy^tl85R}INggU6L0?ttbq%4?2 zg9kV>(BtqXC^TmHG6&cRt4pvCW9;D(j3p>YKVz2)Is0T!SoCU$F0sRhSgL3k^)S|M zLa_>DER+(UJL;@BW4+7wAe6;Q+|DkpUFI8!Q0CC{?)e%(t@S<{_Atb*ukQ@fgHxsh zLzr&^8U;s)y8*q~_%y#*QNLZE3T_HAhd&u5+QvgpGO;a7_J{#5mzCn1S`k9x!uox@ z)8=|tlVX?I)xEy9KpwtXgHHHQMVhS?d1*X6)ZOW?@;y3Aza5_9mSFal*upj^8uT_w z$S}FkYdR>hLwY3K={%^w+yod{<-${6e7O_rq-Kuofr7=b z9by>B;j5Bs?g3XS49~4(F%wNFy=8#Dt5Sn<>w;TyrL4lNCa|&jj!i0T3E+n_Rniw-RF6Ln&tZoEg4#piuvQNZh5XhSW z{_8s++}6O0uKs=!j=2uA8oCY`;49D>3r&T?#Vqe-jQ!54ZDeDM=S zG(z0LU*Pk{7$r4$ag95>0X@|*=%9{2RvF96c({h*Nwz|Ya0srTcaTY+l!FOMr+l1dfIAHJ9#flH?5-3u;$Zh_QG_g>_xRfzexZ`vo5Po#qrO;u_?jOcb^S zA-Y4d_v0Ldp3#)LhPOVYdKAm3H@*cdQX#mwz$5Yyp&EcCUj~gb$hs`R-iIan$tZD& z_M9=)w>EM2v_Jz?vD}kK5|;pd{+PP1*|tljC^i-g*EW;Q%-x)B;CVnc~=@2M$ypaX+!1U}#j5T8`MU%duK#t<%G6 zt>Q_3By96GK6ha+xbh1OSFp}tez)?MU6s282#hOrolkV##9fnhnQt>~dZFLp{KglV zN_h#xXA$rKHwUYf6v&1RtQLT#bkpT5PPpS?}DPKtB+hI-c{7JN?bly*E zf}5l&rP#D-NZ|Y`IV6>{(KBS2>rx35Z}pbqp=qV9XcIzdCs{(MYy@j*HcwdhFfKI= z0S-cF%7}*W&W+DMA0qj!lPOZd)U?Q4;ABDr92@?Z{}rMjFC))M_4-;W|a+sNRAQgt;!p0lCn_7SOWB& zl@Nr}1k{fZv3F!cq@_;=hR7lIJ}w#yw(W=D4tdxcjR`ATR*eQtGngpmGmX=?%}u-O z1CC9WUwdsnJa}~A{@gcUz5c8C8rI|FklK`IlYD=?yjix;dRsxBG`H=09xr#T-eF}v zFn2Z(kJUN#20p>Kk#inrB(lOVc8{B@)(>I)9yfnhYGn+coPv+z<5H-#A&%uC6!P)R zQD1%SGdS(Emn4dYi3y3~sk~_XW*1^a`RSv>JIUcnfqZtTSG$*m0bsPjO;zsAB0?zw z+jWYQF4anG*$ta!betpG+mQw$4&)5><@D}RC4yATK_FW}g6PQ+a_28xNKso>^}_^KP=CoqU-fOY?cP|TUK9 zQxt0Y#XVj{D}&;<4+*vt^)kYCiNX@@=83Sch|mD&;Z74D`rHmnu>D@7Cuy;)zw8(V zxDXoLJYE$BpIEMl3pKoVU$Iy@i>;F;sY!(-&xBeuC=(a`T)}YH_+BZV;@H{7=W~iH z_~Ic|6z5x>26;G~*v$*3i|S-d#dbWPEtBrux0QgJ5Q!Ra%H}Efpo#~5ZFkTz8o$l5 zdDIeu5bt;eT>65gvBBZIG_08V7KBDsnGacNS=p!u_(^XwCA<>r)hOq3=pjX2?FH*W zs4p17bFvi&Bm>R$56_`F%+86AiWiq|-RRvfFb`JmGN7F#wvJ2Smu%uFDkduM5)t?S zsr+bU0Yli%dRuL<7fLYO;aIoR$3w#Sh6etKA}lU&XXY%^{MF`_%!ZOI-0^_8$_!bS z!lNob6hSq&@m3agzPbycHN&Esh87%f(qphK7DbOm)4E~tAWtpA4%IG7V!>b(Xf+s1 zu;doqVl3#KXffE3SxuS`f<8qVFnF_dud@WQj%qC;ut?-%#O<@M{jtbFq7H!EX&KYVjJeZRr z>`UH|vLuZ<#t!4H&b$`j#L6z=dl#CC-Lk^q)L>x`CE{IF9CE5T;HGS>*8=p=+0}My zk5%JBI0N8gh3q6&kPAUr+MAK=9-d`b7^I9iEQv(mVTY%uU}OwO9hPESV+(7X#CaB{ zXcvbMDnOlb)KXSjDvLtqB1Ul??1t_#_dQ zg{v{k%4S{xQcfl*Y#TzwNVo~U(vH_*67n*F8WsLZb6@~QNIyNZg9VouX)Anbhjw7_ zpcCM*mVl9c?D+}eQEk`24iq`|D>~yrG=KdB-Gt=_#oo4RgQBg? z5ta({&gXBJA>ja%!gYI;Q}Lf7IWNfFebWX9cJ+A}=i?k^DM zN}XLVP>_9(z2PDrB{p|=R~1sB$uBQ^tj=pPl;)F@Y$_S!t$FrD9)TQ@e}V>9$a3;z zrAXd2doHohQzNrHq&PG&NTojb*j8nA2(KDw7TP6PMQfNY5|rBB+1Plf;~Y3m;ggDm zKC{KgH>+xHnqb9p7RD#otkiw zlM^4*!l%tbATTawAi?Y&whcR>09hD>fD~b>#rhIR0CI*hANFIbcr7YU_~4mja#&;G zx;-{#%s}sH`OLY9@EpEhq(5CPZ6Uj3*@Q6c{SPN@f`ZCPjW%_F8j#(Qbl+-n`0|fd zp=woae_hRi5%McWH=rMEhaTsZA)Me@_wyTf5n$dfd=fo^x<(?#S3R@8#|@_K;vw>f zIuN8!a|kbPc07gy`S6Jkc&n2jxD^lU3{bgye4o`pF&MbSoovM?x@v-a97;GR@Cn~A zO)R|Za{@TzDbA{RDh}gjOzs|>jLl6%)s$z4r?t-A5&W@%wls>cvx^xyl8=W8wJqk- zG&iSH6A0xLEJ#sQlvBciM^h#{8)!-~a^|$zoDNmIlAyuHT#m)tId_aoYcRPU)ES8M?KAGT!qO&L~G;q_u!`y>wR<3sRMVKfUA98KCUCPPq@aglpqJ>1s|mWygN{9SCzO-Rd3q?AwFp$OI?+BjHuO9D_!g}o+{ie`Waag90x zw&E1waolj@(330)5ROSrh1wjR&p_D^9u~#;r;2k$@v(&hFFF>j0-ATxDe!=6f$ujL zJ^cSIK=E1xpvC!%2(RP+ujAiNF$g#d#XaD4i#GDMkh6t6J){nb;sGMZAmpcaQ^@`az#HM_a%2Ug*9pI(LwF2lPn0hqiU_yNw<#Udm}L z1Ij*uD?G5;z+!*oZQDjIU#|2WN2MA60;sXZpDSK0iqF6IlGNuKSs$m%VSJkE7Dwr4 z^O6qBf!2H>$A24rz@G2a`pSEssx`tmAb+n7V- zL1GjiPnet+>~VZ+p^o>`<>G<3m2;(ooR%;3$5P12x#~45hU8+sE&>0x#4f zX#Fb(Q#&AMt=}m5IMa$+4HK0o=&zq44|OpflPl?(Wq<|1#o?Sl;_n& ztYtQCHVgVi@pKh~a(25Yu2tdHoT&|$kz*BfxfbLyA)k-MD~Hj0+?;8?`^+J4Y&NWQ z#TUzEzKQxhz#OW!WN68ky@X3BVHKn5Qi$;mT5Vjpgp@7(pECg`fA~%E3Um2qoyuj6 zp3`^}JvKmpaTTS+T82bq4;G)kf|LiDhH?e;IVKm7dL7uf;f9#4=UjF3@<^3(ks1W4 z=6Q|(sKFFJa|P)G)RQxK6+J?(%4K-ADwS5-w5C+$XLaTmAJ6F>up)f2n$u+lxxA#A zJx9LohgzGiz!i-8Qt@m#jr@O0{arkrr;sDIi_aFH0q57@(k@Dr@>QW+#!anRfmSJx zr-<4`>VscLZMvvAdpXJDs!U5Ws?xSEJP8ff{5D!!yocOrZn=(Ie34RxT3J{9d=)L( zK+jU^OY*FFCa|@|a|x?9o@f8L==3sPU%=>CEs8I)7r16}O*ftRUm$i9ZEA(FB}MW- zHA~Y&Q)$H~oAWo!xG!);%S+*`=!$Mxf?PoB*YJO0vwvBi;-ws#<_A~BwlrSu16*qN zpu1247au88wpnbeDrY9!RGiH@)JCKOIYFLBxt}~Jl^V*LdJnR^M91^T)#9m~&Ku%X zj9bI1|M=@`;^eY)D!yd<0aI8~N<5oh4$xxQEi9Te1bImUr+c_*ZXS;O3rE2e_8RC+H8Wc5a?)hx) zRH>FZzIfvxnp{z>&Mb*sZ>uBagK7DPF|4&;aJpp)i_79@#Y41Z z74w|^ngM)`k<`w7mKddRQrd$^`7*j z^UZRawKndh?n9lL{7YFdY-ONsw2o2R5Z0FZY&ERXtkoKNj*__eYPHU3Oszy;O_=K% z`i0OM6`Up_e~xdYo~p zjSXcG&bToK+ZfM2dNxWJ=o!Q2*(KnXr9pi>>U~t#6sjelj-|El0_w&Y*rXZCepJ#J zm!OXa{6_6hIexZYChc!HAJl9n=d(n&Nfa-YNB%9OrP=P<5^-`ptoY?CqC-q_Mhhh* zd*pS5@y0ALD34vEB8QhXe(F*UE8O`i?fPgef)aIzV3B#HnuF=I@feT2j+w&xG*}Sd zsOQXWhU6R5y(sTElUe7a@wqH7zIZSl<}yo5(o+%@?AU58sP|mbM)G}m@uh0X2jwh} zb#=8YuDlmo)!g3Kaa3wNQt!>2YfM6rmpFf~VYIkMtm+wEz-a%j*0fH$R-am)Gy-p< zROc4cuULoMMe$43at`i6*Qv_0h-(vd8qSKiM|zw4OAD=r9hN#=wKTI5P)p!GvtBmFrIqWs-WzpH z+sCvaHEeyg(W~~gjo_QAi)rN8C48w_zOlaf8p=81t9M!cbDV>Yd4N7>WtZ(NlwZ~s z(|+RYzg*WuUEj$$+yI^`0qnYpn0Z zI;N*F2gjY#oFxtGhvMg48#8|5xfSa~-GzB*9W#3fSKx9zijtkbUY9aN~%+FJ} z!f$CTxdxf7n)A$7H`@^uSGeL)53|{}C<}#glW{pUTi}G!2e*kMk|do|tJLj_ z`RZP^=#fHI+E?-~SYPHd&^W&gugW~H4J5~7tQM3!o})akxL4=7sM()5Qk-LsTYQ0| zHo(7pS5?>6avG_}I5zJ!ca$)9>)cIkjPoP!tAnJK&$GjF6^rDMHtKo_97Bs0ckrv2 zk?F*iauyFMf$#iWD{phOAAHg&mF>q3cC3YF%W>>uQczEUZ7m<464$|RCcy2?o{VzwNp~pVtCD*lDo9{(~batMhl%vh# zP%F_ZWsGv)QudhUY%3AD(J2>@CY#_JO2iggWh=GMB&N|iMy|=nv?2|@*u<-pxm77b zdBD|%RyXTYofXKwN$Ufiu|SD+YObr@Kwa4XlFj0est#e6Mz4Qy-g}=kt7`>!44fg9 z{*-y#*>g{6vnuf{>%`H00GZsudSZKH&gaCV37dV4@4aI-vOjTdu;UbcX6HS5G4u%a zvwFLkv&wC(XX1F>+>w9ieK)@GX0>HYgSQOruDYW zhepHN6*&%8W#(T;pH}6@SCB$G){gqF_*pwcqMWC8{yKW~4pQ))SoIZG?vl3fr5uAR zEKd!&22e6mLK^2#R@l1hd{x)`ipS`ax=x36?aC6kh&)d1eqQ`VTRUwL)UO7B-Nav7 zyb_+t>4asH0n|RodZ*dR{@TJno|SBqTaT}bHs^CO!+zpYfjo8!p5sO#oDEl%Hr*F zI8A06wVOocpTTqLUluPE-@xy`!auiqcu!~Q}oKvyq;c{dRthp_u3ZL8#Nq5 z$>&{C*vzp$P1eZ;jCR>pSe(3%7Lq5lCw$iPS5K9T8J;cBE6Op7V_yR|vUiJWzZ4JoH8dhO4qmGVm(={EY|3;5^##-9B!V(g(0qqX?= z^s72?W4YA3$sO(DHCWD?`nUMl<8ViDjG6>TvUqL*v&AI}r3LlI7NiMkf1IV6WG^-- zx6Nkbt4F!!pOB7e7)zi?p0f4IC^$A-_DQtT$Bul?7J0h(^AuCFnK47#c{|sW&KM+L zD~jXP8`mX0ier@7>??-C{`O?fiN&*JnVpT=Q>p$7XhoRkPbX-p)RTmhyJR6bwv4d2 zVy2B6O5Sk?HSgSyF^?*2B(r| zi;0h-_Siii`zY#8E-OxbROhC~-;lGA-TR@oFeD@juE(McfR5QGWJnOi(f82 zUW|-?y!dJ{@^PPKw*FBQ;EW{~lt+jsOn%y%?Anl3XKw;OpQokN9iIbu$29N}=f0KT zd}i`AVO~f1rQ` zGb`_B8D_<}1KmE-|B1N0X>23q*85rWCP`3iyq_iH{oh#H+wW&-N#+zc-%q+O6N>k> zwrR$`zjV`lD&AK<&&Seuy?9@xOnDv^W4{Wmi@P}LFY8egwf)Wpb`Te(yV(BzhVZ1{ z@BVL(H}t9dd5LEO3(Be%NfvdhAnYrc&^%H$v%wc|95#>brvD=bRVW&;s7Q6N<)La$ zHIT~nx@hDFB(}j%TaGWFoX_L`t>Pt={Spq`&O^!iEXwJioR_I^J#J&tnE(H{F{`xf z&^AL~;~q5KZFFXCy|Go0U1=enUeZFyF}6YAi5Y#OO`lx=ys{@gPaeRNKaj@BvO-O; zeA3A~Slkank6(N*waROoTfMX{Em8e=hn413X-7Gi?Y>ds#*>zldgeW}?_d7Yl$Ppp zKudT3+s7-sX~H!z^E?hNoSAJ{KY>jvU$IvSvPwm}tuIoPgQ7pFKkzK$5RGl;kkvF7E&`J_zJP*P0Ts29i61TQ`^ z%pjg^JI-u^GEIdU>=@@I`>FV#8^3acS7t^#>**B!yxbK!S>`+xkuPyHVk|2v*hj2t;PGBP=iKQm7;IL$w! zihpSQ+~~;kw8CH3-_B9u?SALzQ?tAOeq?R}KmTFmOu^`X7#U~c?C!hz**lL@m)X6W zlSujzvV8B@xdOp|1U3qtBlsT)_VnLz$nU6#yvvIf&X!28ubC{nS%BDQTSzvCx!ad%{^xc1438>22|h=i2Fm}^7jwI@1KU> zjgjX^P=npSAANr0`BB#8>oN3cg^&wmo*%(43b5aY_KR{9-~G)19|^w!zP}gnHb%~b zQqGK=38i@G)1wSoDQ7|{_WKaISZ53}e^H9TN5XG_qZEU`j5ZxdEx$We$;*@?PtnTXLr9F(00FfLgipWT#04R8S)YPIblE3 zA;*5l;uH3B%zlms!uwqhY#f;wJ$4L@{<;LpY4nsLV`CE#Q%}w8jEo;UH}b*#FE9mi zVDjmSNg|I;o<%De5YFWIiPIyP9A6)KzBv1QF*Y?ab`%0qXw+q2+jWfHLy?{mOecRYLnA5`+tMQavJ?|Ze)6Lycn52J1rKO z1{0C~ADoytIyJ@0{S~O9OE7Py#?c)0{OB~eetP=&1X17L+&w-(I`U2*)bLb;Kb-8xovDL$oJy;5eRg4 z2gQq6ft1zbWD&NpC}#J6g#6QI$3HwVX6pj-A@GkF3aqHlGv0Y_)&a1`BUHuOMw_uKz}gJM+HYAMUEpzF~rG< z(V0izoY@=Eij0Xqg6P!5=(#5~JWJ^!WI(iKEBPf?=oB<75b+?j3u2VglT3RSvwY$T)`KET+on$n5@a&pg7+ z7(-_8E9K6ylMqb-dv^DmoIAg5^UCJ-6q<_>XJa8C&W?{yfw{gZ2Kk=a^(`>{%%g9C zA}fi&#Kf55$Jv#V50jH0m^cd9%i7fpD z($7@-Z)We=$y2cfhyiD|(&^yaI%uR$>1>J8Sx_=L0j_*XL;Y=IQRoI1I1$$&h>vM8 zpBRmNd>T2(9TD)%1Q=DEU`$3NMJXXa1S!BJf%6hfqzO$PLIRc?E?h+U@Wg2@NEDE} z-v{yEU`$(+?nCMZkbl6RVdhy{428C5|GZ>Ym5 zM+p=5L@~}eJ;{HQSUgcfU#E|SUK!(ZF!Si&q0xI^z|{RNmrMqsjK454GJ=_nDGdZu z_&)~t8K_K{Jy3AQC%rBv7ci(X$>%6$J(jNTUZz@rb?~p$5o#FbWti}z2uxwy!#)T} zLJOer(44d5CNusHm6)1>V4ivO-#ZD3X^4%PN8g@#^lvbuLx(el|DMITk_s>;vB$EG zH0f82PEA3asyUPDjPD*-4;YeK|J@HxOoL4@tmKZk8i*ugqmapylOLNn5n2~9T#O)J zXvAm`KO9nG+cNp++Y*^Sgg!=~jmqx#A%KtI-#Gpq#lH#so5H{2_;(WjPB7Env-%6M zjqur1&=g34S{MHYWpZrvsIB|o#SGwhpmA4hzZ(M6mJ+86i_I>mTQcI@{8I16 z)=nuQ0EGedW-?UjXSBwLg&J6%eH508w1Oi6>JBuPrzg<*y`5MIN7u{(oO|y)9rb_o zyMR(*R71Gva6dQAf^$r#G&*{86g-V-P)wb}h6_c{?(LnLI07Q6dgD`U64qnv%?dIH z?FB3by#TZmp;e?ZdLGOgb&;%z8X_;Y6k!{##5Nws`t4{SoFc~{l4c+MPH3J2Y%c*p zFXGS{)_-y=28d<9Gkd=VVaBZs1c9;ZrzcKANqOd(V<>d*T~648{z8X(W)gcC7%7A| z2~wvdRf^GPo|&Zj0Lu99nehS%&rBd4am-S*kA$BAhC-6G?`qZn{(NDA>RoG$p`cwF zwRcC39}f~5sGQBrU^O^Sg}~-8mK+6g2uj7|g&d1GXTyY_I2vYfu5A3&#Dq`mNhrg} zsy{!Sf!S*YRnmtiAb(sq8fjGCGb(f(k_}3Y!Y2x7c26mIdh!`+a0*N5QAmG2P>c)9 zOF9iLVe~lk^HbxOPh-LO6R@>yQNe%!P9kmc)Y#?IW3#(|1`xuNr_pACLY_Z^a*7Ff z>>M#Ck!NCJR7um^;G!gmJ<3CAs8We(o*NyN9Qt)gj+wn*huZn;k|cjI$z_G}kNZBz zc?7U97#;E~=M+{4Y&<2NO@N{hH5BElnLj;&UoH};z}|P*tGmC=zreEz{vFWeFe44* zl`#2{3F`L9G{u3dWCJ0Rz;qA}7zp{SdB>n{TSjb^My-^|DW+Skr&!_NRhSzYs<)^u z_ILqzI;=s#NTB`JC~MBzLd7V`~VxVSOM%QksvfL zB2dN3azym0C-eVA4eHF;Q5ZUpo*D6V(#Sy<#}4rO<5(0#(Aql*Ma=qzV`w4mRDS*R zxv|mHfN_UMHD&atCXR*XTGlDndGFUF0ff|*N7yT6M#{)?TULMJCbIRP6ehn#sW z6sm*1B0m0SImu#klc%(GAQKt%d9KdCM@0NHn)*AA{>E51bZ+4~53v^82qVw1&2j9N{CLWAbVp$gnXo}VOR;m3%b42)$R z>1=ky14lg&IdH-u$2@Qxe5G2PfEmULI^m#`5p)uqD=erEXy6gAC5rCMGHX_6*R#5s$vd|8{=|grVbb zdeX{|UBLb)d|FyRLbaRYAklLAd?5=f1E;8OoQ9M{MKKGHJU0RT`^TnMBlYP&=^-hUE-P3!3#j z^r9oa$Ua~EHxqN9SKl@G61e+ASN`#P(DuQ2V0QP9vFT#(?frn&!`8Ag;4lMncLt4o}l8m-y#}T5f5U}Nb&<|WYAP_9<&kI z(-5$s_&x|hp`O|M6Lvpi=1y8$J3XQ9*sFa!JKH z3Ih!)Vph^PLVt{-18Cr=3(`0v_I@zC_s6q)4?a3E6~epkNUhJ7*?*PiAy1*mAJ2`$GW|Rad;2Fbk&)}i;8HCS&mbpNZ&(o#P-Uct{1*T2 zar)2feTp2p$8{SSN1sJq!-SdHYtQWdgXRu`TtK;3+G~S5WWI&+G`st^rzbJ{{+7oC z8>sT%f(%Z`zHBDlNl4w<{b$iZH=+0ABmg!x7%WxbGbkJd{uGF$^1O)2DeCN`xcB#g z^xogIwvYal{IP#lv*=G%lRwAWhTeK~8Kz^Q{7{KMl#u(M9QYSD0U6~!{x6UU2*fjZ zd~#fJ2N5g?_6(Y|F zQV*p)5hiKSb|5GxOo(wDl1O6>i`LlK+{7uVn)YYx)c7gZbCo+|C` zQmvv&NgK%-v++Uk0Ot!7BvNg+2F#75s1W0g#`)oKhutx=YGej;iv7R>sX9@xW3d5*C_n(>%} z)xmy{yso|ln;g0K)A z^~LR>dP*gyKTrUCx#RB3YKaw!#zE|vrzs4AqJi~1$c2}IXA?rb7iM@UW6S3?6|{@8|=7Na%!zuoJ?t% z{s?uvZ(>;9;)xaha%4Cr84gDc$z%(qe@I3UE?KW?MFuHYts`R0L0j4V z-jG~B4X#(^BYF&=Y?#kb#0+=RXrHCfzE#P>)#=ec0F(P2(-&Swj0C7VybQi1Cm)A; z*uag{ z&W_>~7eBBH%JV2sw4Cu897Be&|k=~rMhYT_`!47YwUkQR&}=V zkKq6TPYAdv%2N*ksA0kH;NzM{qze2YofH|LleR1sF}i zj&R=i4o=-?Td32_JH^a9X7+f6Q(*s<dhQ&KICp=HC`(Q_V1PMn6yG_m4uK93bAu{kNZ{@eUSm#GwE15FQAYVdj>IV)tRQL_X%bokll~jb#@Ne7M$JtEvy=!P{LQa zMqv_T>wZqt0c**tMEmH-5s};f1Y@5Xq3a=jj^NOKcJJG>d*2KTd|T_-xApg%+{N#G z3l3Ra+rH)M=SEOp>lX7;jJ8mhXUcGiyw5+T!=v&qM8Cp zGJcQEBo>&4zW_=NLl#TtiVuqoj4al8bb~^zQG_76wWz;KDTV)3?{`chGY*~2WD{^h zSozLr-DH2kZe*rfGz|ZF3s@_T52w2|?pHMPF%TeSK~YKwZAt(oqZg@W(o2uBoc~8r zOjZ`S9~qc-%y)zKjk05?twU}tzsD(V!sw$;@BAX_B$j0$6BQ@{d^5-50=?D zL<gnKKRZJXTi=!R_@s@*+U{eRn}y z;=c_s(B+oP6A?8L1Ox~VZc_k(z8F?d7> z9^EGUxe%aZCnO(c65vT)c074f4@+N~kDVTvQ zgtw-~jj|N`8KM5Gaa&ZMAA25J^1G*yB?m!$veod+*qI|tY-jlNZJK>&*9r^eF@~Zb zdZt+{w0fF5=-ZCDkAoAA=4I3|XhASrni}&|f~&{5&~yKUDgDknpvkuIS3@XrkTj0) z&49pP76=Jt1xAc-1q}YOUNZ8}zVqz>=I`WGSon`lX~pEx%0Hk#A$d`^m(hxNga8T5 zih&QIuFwD{selMD;KHvf0w?2s18VmN&OtmxhZ1TRpvnz_+A2M!oNNrkgtN3*?Eeqi zJTOzr!u*tQN`=aTJONKo?9DlJ)J1+nA&N~^`59OWbzcRvcv&S@pEi$hdF5jxqhWQY ze;IXZlr7Wl+#F1ov-`gZz}y^sXrQY9CMV@LQq8QOIdl!I?V>(62X`;>DE{UD@w{TD z80Uckral>Y4(2-!-Yyv9Uo-Gcti)et;NJnVGfSR>SpxmwoetIzfOaHuS!6c`RPot& ze)R|pZF5xN_jhc#=5Q?t=hjavQ{c!r8c=2SLKsxKlqNvRy-Yq$!P9}#~ zd4TBJ$nR<_q`Fv;>;4}Ic*+)dGzaEGQ0767?+Je@O9OaO{Gh@q4IMyQmXz1uVbWIj zzpt{+P8_pw`2W~@6ZpESYJdEkn>2IMbN~vpa4ADl+T7lxQ(8*tJlV-6Wu9(wZ`#o0 z-f-_t+sKrJ;`Bhphlp1w|A@DNmk)4-^F-2o6R5-|t#`pL6bz z4pQI$_xt?+g`9iN9@bua?X}lld+l@9nlv#mCd02{cQbbQ)e0xXAyIMhxR3F&oLivC z7sI4m$iXAq*D{c2HsL2;CG3SPOX^)Ygp!NhHA{n6Md&RZJG4-4T45}ajph)nQ4491 z61$9MQ;iy0N=0$-I=1?@{BVrP%RotyAzshJ2AA`pTK+Rz zfTg~Ucr(v@#Kz=_R7{P=skRarI>hX;7sJ9%Rp9NE5dKQ=SBejfaFCMM9P0VK9o&lr zLd)21<)BBA7_*?q3_gq{(kJ8K%lWA0KUctd5d>b3`Z?_lhiMSti?p@aar(;?O-tAd z1V$;hTH~a03LHVeAQ~i1rPw6FyrD5P+T#4gQ;_4Zq=hD8^~B3LlSn>0U)mRiIIY zp`X;jFeFwR{Fa#XQrJm_(xJdx>mj^HPGL$zQVqsLww~8vcZkEbNl>M3A3Icwvy*D* z8OY*RLIlC6P&M9|75S>S<&KNudW?-qIL3C|YG|HN=kLL0wRS9CIU0Nz8bf7uRVhB( z7&Ckel#I~W0l*!;rLrEjxMTF4>kyj5Tcnk8t(Ge+Oh}B?1rfeTiz?L#pLeRq+YB&=*rmPUaZ!}6vv}ResKcv!(&2dfjl?ATDS%Y zviBj+a=j!q0<$Oh4p?DZ#L|KBLB=I~DX1`H<-|J$0J4mqC(K>kLby1wc z>Py);y9PP*I+qeqZ)bV8XboriSgnUnG-*(sP;M3|NGmUHw3fb}Gnd3hf`wHT4Uxz2 z#;sdlMN@*!z$^Y@!5DltQqK3g*f4(3NqlU{V!Y16y9`X#M@0puX+efLc$e;e>SHJB zyI3erEf008Ob+uNSv8h8_$`FA0ozxSA5T4W(Xz$n~C zl9}{;2&P1THzd{zlW`(wj4BRZMM8lKpG$=K=jgT95=`A@={WCv!A2Wm>*?$UN zWIKpa{8VE@KJ*rD@ISject5|JQSfHRA+1O?d`(xz^AB+Bvp}yb0C4C>vfdB^_P~chkAF#(})|F33%d0SlpT+;kx*Mt@e?M=2zsBD{7E2O@dLZdAqAYtopV4^|ulX*g!*!<<|8(+jA?MxB7?01)&~Aee0OtbJGP^%$)+x!MCh_4dUYc6OSxz^`lwpQs z*mkN+^DW|v{rfdt42axy?A%hWdnCM*$fFsaSbdg&cAy~i2b|e(YdrX@T2z#H)Zd`Q zg~pY#q-|=aY0@;Y^J+YEZ_1ZUVWCi}Ju28!tuecKBWUH*k$|A}xdTnAESB#^Y!TU6 zVKX%op9+JQEHKUmSr~APgu_)%q;an7wRdXEW}@nmmL}DSqN?|FV)5uDDhNz z+;Q3kSB!bGYTn>3=LE+o9dw-Q9LFgO;ezLlZHtdSMTZ0TXMZ~oQye|E(Mr9T{f)y123fAmAQPWkOyV}AIp+fTWc^*I^1fuD~5VsO(M zgFhPj1)L6#E)2;)?|xaQNnGYL$e?=MVZM4*8Qk3t=i>=@Vc7(~LCaBc4({n*nf_+t zrhFK`8Kkpz2Dx;mO|L;=v`1HmVWe(BdHRgu6Ftgg@yqb7VWhH79GLme#_8soUUD>7 zvGQ?fMY^^{uSE1f6miD4IcGU-aGtXYu5_aEU$Zl~i_U;pl#vD)ai9n8fe5%4&-9?K zKKKemFl}Lw${s-EDqSTxLv@A0aJ?ni?U zTJMHoacZ>L&^ZhjRZHO3YomCUXM{pJma@#EOk^ou*p;Ga&2&z;SgpY5(ybFmnS|r` zYHT{Xq9SwASFw)R-__PEXYfO8Og&lUFobwhn1BVlI)*+v6ZaMo-9x+DWVW05h} z;Wvws&L2q}`aW6`c+0Nj{Ek(#eeoPahXrt%RH5ECQ4eJ~TquDN?L*$e?bp1uo z^I7C<#y$O1ZV^h7!kYzMvf&m$-GBFsB0I+!ywxJ>`>SFA&NwK$LXhNiC7Q~|i;%bK z0GjhBArbtCQM=U{{EO|tA`BTDQ_9l4mrq?fbz|ff`YPmfEM7J!GAX&}bgLLlmg5Mr zH3|x{QB2DFlBRI}6eGzYXTQ15;PoVkvd~5#$sogIGKO7X$Nvu+zhm zOPo$ZjvN;kjuoW{R}peOBh&b!YPp_LhmP|Y7mu}kN+0OLN5Rf|`(Cs=gp7)*6&FEF zHI2N%UJxG19xSPIy~tc_hNs@4P`=Pq?{yR-i_vWo!tYvP*<~m}rf0AU21U{}ELc;K z;^LtqS(j!TgpmuY?Lq`{a2a%tFouNlpX|O}y0sN))IKQ6bSOv`4h@4}P>ayOM1@O0 z1nL1pedG?HE@UI>5zUB@FjTWiI3NO){4Q!5oi1Bfg+z?=ToGg>3JP(q|0)-V8q1QW zg0)Bnrm4SDg+gL8D#ZSkB0|i?%trCd#m$md-3F4|^YO4`)I7l>n@Q|R>XXPmp}P}9AMkdtx5RA zZXaVl(|He_yEDX&`W;n8a+~l@!gy-T4cWO!`pLmyI208FboNaWQmLWdtU*#3$VaDU z7z1bdd^YZ*&Qx3rl)`2Qs>jbQTU%aQ0kY|u%(aHR!UZ!c6VH!EvkHxKuIquO ziaSgB|HBY(b%svQ^;)_NDAPkJX_fStK$Q*~G>t3~^n9wD0*1aKipe`vmSX{w^n z*DOeapa*Eqja9|aa_(lI~tIa#bmV4bZ7eOD98c1#V5R!%SC z;bW!T%E4m}WyMnb`umC?hROsq4EXyBs_woU*L|0cV3|-nY@{e{-S)hQtZ1PU_Z6Z< zq$%R4M-<<@P*76nX+SM@+j2!Q^5qNM;0`5M0jF>!>8xnxCX~eT+fsSI&sC=dD%ju$ z+ok{9H+MT10caec7-iCD&itI<-hy2}*zPR?eC4D4EQ>8rg$Dn&5i8aTEHeJ)P}$ge zH0DalrN+16?2kdYDWbxmGDCIDuspH*REjA5xfpTjQE5QK3QLmi`fE3@eA)=2*}7yM zTa&WGZ;4YvRUp*}JMomits?vFXVjqleB5UZ9%Ewe*F4aINE}_(v_Nr48_6o*M=r|%n}47Z(?TWYxifK%LI^HF;|$-`4MAeJ z$~y9DG2C~#7IfIoTpBfKXrnPhb+w=dXlEo9r9QNnk}HLqYG_n>b%d#`Q!`VpP@zRB zqDCskjeJOThVrEt{zb(TRGIG;22F_=H|+b8-}wS)q)r5xmh+$TmXj*D^I$ANl1D`# z9gGjivPwGvtzsl7xydfCZL(GO>!|ziq8*&$41H*S;}yZaU*)q>UcvqEbw1d3SOR1o zNcV%a6k{%f${|()Sq|gU*9W4W0TMH zL4u{~3o4o!L4?58;Ez$DJAw2{kwl#btXTvhS&2s#&%)!jZ!I`z36LauHbSKx@R6ll zQRJaCm05so0KEuHB`MGYdc=S}8CS=HcXmXWUudS>mkG2_B!peN3Jv{zfJpwe+nu1K z;dqQBP3)-g3?w)y73bUqT!TZif3$CKO;nztyeUGQ8B~A1K!u%+(^Rt_5`8JEkG$;W z%auh?8|?y$gk|+N5>ZVn%5MJBPV#WKP8wZc_eYW-YcmQlNv#Gr#@i$_sMiVgA5D1+HR zG;-%dMh=pSGy31xRgy;~i|$A@+`4vkW&2dT@C)mBjz05twJ3Cj_<>drkp62CfUXJ6Xj+b&?uK4)%PU*?KtKwxZE+OaX(A&?1oIRnpe*sdsAOWhE zzWod?&K}`CU z!KHyX@M!=iF* zT>IDtscGl3_JB}>8`WIua77K$$8K@B;8}{Rfg|FSc6D`~=GK=w3o(>+aArEj9b1YQ z-kj1JUTS$6&C3{G#_}?bm&15DoR=ebnZV1Dyd1^LL|!KGattq%c{!e!6L~p_mj+%M zdAS0Yp{~NMuO*pprcy;g2UIm#lHY1YY9CMH?GkpB`#Ciqv8%ZR$z8NMLCoMO5LfOX zR6Szh?od@!vdSu9N_$MBWYvh5isOOfLMBzXg_DMiNp_%7jTWhU#3f7;shjcm>&e%gL$ns|Ep&YzojMsB08wir7SYwC#`Vrq7 zp!!PF>`>j`i-g^UsY5#_IJWZ7WzRhI%+e z4V`dxr$IA6Q@WuOvEh!jxFr?-aUr}H=MHr{+T8&RB3@`qz67F#pblr%=iu>mnVNN~ ze3iPCbT9o3_3&`maRxsZaR=YmHjv3CdLwO#&i-_Fb|A7Lk?!rzWV%zyjF;%AEy`xo z-5vee#I$fSktto@wC?{T)5s zo$pEvw5PTvlBafd&gp2L(bd%%Z;8j_vziZc+e7tjTf6%Jsk^JYGnNH7grI{H%d$}= zWn(WZDH}5%k9D};fv|1EBfq?nIo0bw{y7c}^q z8JywnoK zb9s55m%Y3=phXF95WZ~^t_CT5+snG*=%JC>^}N)0D6d2=i;NkXAoV8j`EFZz=nrge z6ECzzWHH5N0VTGO9Tk~2n~($?$p~M z)6})-({8PoM^_UBSZ01J%x{$`fv-kvS<^oWO6lb;^zN3LniI`09NY?Ii*lWXGn_Cv z<>nWG(xhayg*Dvm-SvW!!x#>@M&n3)fEnU3N4U}W&M7-~_*y#5sW3MjY`A|wO<@mw z-~+!Btf`JAt?BV5UUchN%hhIcnJMZA-HePn|vYVHic)31QR>t4Y;Bw_o zKr=C$@Hn^|JkC!DalvO^@^GqoKriLvLa89W*yW35^`VWr!;{eT;Ion~-?Yh{e28YM zAQwf3X7aL-7&yFC;BjZ4%%o4EDgD;GaTLF`ajIMz18EI&kbr;Ht^*?+EF(y%p;62} z;OisA62WECC`38q=db!f?N0Bh1YeErtanP#2BZh`5&3B+zVw6R8zkT!=Eo9z%}vL{ z2%aPmM&n~&|EazL<~k{jqIGp>9U>3N(9=*|h@blLtL?Hdf*T=(A|A)UvBNbC06Atp zisM5a{n0nX(@r;=RB3zC;h@b=cxpa zy0l(}0;;nKCE`bX@G*#P7(d}^5gE8LG6+AXl#Iarosjoli97MJwYY_Z?849hp|P-S z4St8t9lRu99~y;A-KZKEPi~#pW%DP}6Nf>Tqvt%oeb=h;esDRffaa93FmvG@Bx9SYz+1$tP zn1bWccmMV~jFBWQ<T{AHp2uVnVl1`q6ncJQa~k2%T(EiTJgMuPZt#caX{Aze_XxHF9i$ue*{PfA2x!g&*C$C^c1Y&>JOOC2nKXC=fSl( zK*!JFLof%SISl|f4F^T=y)TMf`F<9|{D9jKy=N(NTgy_6@L6d9(<=aa4b1{s<^f;j z)>gt_gk}*HLXvXuw}23X6{Gk8^KE0pqu4>HUr@dnGw}T(krhKx{BY_(e4!ZP$b?Y~ zo|GW>Sh^xqDH4abC{l-y^B+dYGIgy`5~_yB6MS$Ctl-!*j5sv)2+}OSaAn9x^Mr`v zd@9!;Mli!urT$duPqqHk>Q7CD6v3izZxA+-l|V0hGf7attpa}Z3_DzTb-gZKAPKrV zghdQJ!N6a6HNIZPN2LH6xNz$9n~Ct@O*N)XZ>$lI|72}leYCN;_cZ(R8VG3BMA z-;xe2(FbWqMsjeEjN}-2R`oI7gHkd<*n1!f{{n)6l0%n?T5kl=)NS4qC)8~S`VI~- z1RcChJ3NWZx=UE;F7gfZc6r!?K_|w_We-c*ojNRaaBu){1XSYR$|zEL-&TX+l+56R zV1W7|@KGt&N3Q9i`qC2YiR5k+?lcX7=#f*7=W@9N26(Q-bEVud4socy8qd{oSBtw^ zxvRllO*wPv)Ect`ilsgwg0rMzMMo-P2+PwXd76avR@uznpjWCLfcL>h+L;gwU%6YZ zw_!BVQS|S5P!V^^HeeM)7sD!eBCFIpoV?%zjFc$kq%HHxx%h*zz*X3|&?k$4xJRg$ z^F-M|>Y*4kqR>P*hK4R8@DM)%P^+*Aj0uzT+DS&8{CN&gTPdjv=Y8gFaR53 z-3Eh|Ic$Uru5wDHgAiAv@UH@WM$*tV*k0hSIw%|``695!zpbU5R_GXX^ikzAH55tJ zEIb7sF@x}=fw4dsP#2HTg#bYBk%)VX9yJ=lQ?)v38wND>r}_%`biqgX0sx|k+`UH? zF3fq1wiZ^}uuTr`;B)lwBTzty=c+MO@_?$OJi$Q3(_>qR0Y?>gP^{M8OKHnC2wG;- z>){&;5FZ5>uoDD?J+QXwH4fP(=Bbad4x{`J@*0B5T;_Qx#Sk#>DvOJ zx4ngH8Qh{1G9%@o8tN}SLPBW54|)llfZz^#!d?W5*9>fjTCqq6GKY5iwT9>Gy-YfR zAa_0lJO&_`ObdaJ76Nv{76;z>5a`PyfP-dQ2&|W*RJpS`7%SXY^9H7wA{(z36Hp z28QAo6na%ty%eRW-`Gc(F{&UnhE#-s3LNB8A~&%N9d+Sf)4`s#aiWYn^8f(4*;p)` zWDBMc7E-A$PDD}MA~cVNDl=Iug*14@mP$ZY#2DihgIzRD@X}^<6cGE^W*Q0ralgRO zZbAf{&x6k(y3s5aZ_8tR9FKE%W`mx1MGLmJwh3(4Rz zcIcKMF2X4o7rO5yNrK42w@wgQ`oh#~xZL47gg9&B=*D{ls_>KwLcR)`J|_bqaIq5w zS-l<}S?`vy*x++2)6lXh%aCC3!j1%=>fm_}+eFp!$rwUkB$HZNj^2GZmHpv>$|NaX z%^|2^fto|RgDnitCmjSQatU-}xB?`@un7iA)+_@vn5|rHY7Wn59N9^r0jgm|m_(O* z1i`I1lMMhrOD8*2BUBllk5vU+jm8;?#%+#IbB z@nRO(8bLs8Qi#gbVD zLNFT~KqpY1;a1&yS913a*NHMAFm(9;C9L222(?EBV27kLi%Sw7>X8htkWd9$2g-?k zLd1D{iyD*Y2n*)8`4D^{^IlaJ{#1%!D%2TO`$BtAG%?86N#Viks4oniD`o9ZT+*J` zwCAPj>r#5?bv_I)B-)g?*LX-WC>`_;Q7sXCjxeVIQT7f?_D_sh7LKigb|5`L00}JL z02GpvgFgamVtdS(6z}GK2Z5GgByypT4^=>)Q9_|#)MxpCii*`Aw53hhqdaQ`32tF^ zhRxX+761%zCJ6qG)e1n+0Y5{9psEFx(5>aA2CA8;6;REn$slvg5VW1ZlMCI$R-}q% zG!hWk-UHuS7>ZOq5g16Qhhrmdb+L44o05jPXrAjUY!!$@SQ&DvXcG6-sub!o5rKJ2 ziUT^Pd0uonkP`91MwiI%sL@nqXhgV$otnlSCT67Eq0f>m<31>n(FIfJOh%a$yPi^p z6`6~$RwlQ^=7L-xFciakq&iEg)(mA&>qxqNQf&&2>(RFs>aOWeZ3S)0wQL=gYov0GSJ}H8Rby+E z)cBQaq_PwenocsEm=x%QcaKg?3Up#puoII^CnnjU6poZ30$@&49SZMml+1YKVgHNn zVn=66cz1}8rhUSW86{-UWSG4>?ncZIBPy{aNR>CdgZF56KvN4{02sJ+>?AOdG+RQr ztc2JIqn7xD@TWnE)MPd6WBkccm&2)u#E1Q>z?Mse_iPy1dj_chDK8)M*q{ls0FbHn z2;|+tA*Xf#h6I$T^h$Vlqbe;`N~(PVRm-4Pl5MK1vG&)B{1HKd$OO8(40MI^Py$@Y zZhvS#1U(pkJ`NyT%K?JFun5ranIGA!P7w0~eU%|-7ZfL1{BX318kjw}N*5u;T2&As z3r2%h_5=EdS+=w=;Ij_Pay!UI(IKv^5=V`<20e=Pp_y`BDA%QOH7&wM0a6i|Lj*!F zK;cK~hBOHqb1!L>CY1z|O0XcH2BZkw(A%n%DJI#?Np@}WkvYjnDqJiO9*A07a#Bvo zNm{ZjP_j&uDgsGdDuGK?AgM}|@Jg=N1YQT{eN7;#Mw8^Q1;ZK0Dc79JKoZQ>tPh^? zKvpA(LxUuxA?}d`^NyFqdn94~@{)Lu?t*H#L3hp2@kx>i-cRO}Bp;cR%qPID#gA>B z_fnGV;RE0kO7g7OmgGH>$WAti_eeq%U@wXHNP;@%CGj3fHGw4FBgrro0)Kdgd5@gR zKoakfR2@j-{TNQ5R_+EY8`D-g)T$;i3HZ1BFi8doZyQgm`(#?hkPcxWlA z(mXhX4ILll$xG8Bkc0(AyfiHW;aE__OOt*q1s~Z$hxttfQf)EIX!CQ5d8xJ-qR(oR zImNtG#S22S0531iLgLFFLV_GfUaCUkd38RWyfiHWm9C(Om!?J3Y?@1LFHMWk29V#7 zm!?G^{tJqDX&uB$a zShQ(qg6`67dbuM{{5A{7}ba6+_1E2^AiI1devQ;tSsfQ(eUgDJc5^I3+OQKXTxQg~>GR~$8s{18L2^f9~TbPI$RIFYMJ)ejV z%jA8c5WeP;8=hn6op)1$55*)8(%8Rs{o5mLm0CY-l1(eKHx>4#%9etPXK%5L*;}kV z{_R5lcB!rJAzfor_>rGrSZ9lm8BW-=a(h#0Z>nu6c-8lBdtoV3D2PH0^OyjXQNy5$z8>;_C~N5)P)+LYUSwG9CAm z)#eF`7oQ-d^!N%Ajqkuzjj+G#@`xa2Kp$hk1=Ou$cx1C;mU15~ z&*a)FjFdy)ds)dA5yu#h2RROa03h{hUkn4y{FnN^7KkWP@zX7l9Nht31h!1R}%r9s#!7H^E6W)4-axlUB*c=MH z8)b*s)Q0wCYx9=1rBF_71pZ*{s)E{hSH#xlEo)1moZ3}*BFF1XOF6@aG*sj8>pL(x znMgzCxUlXygQ3mql|6<1B?xwIA#FXk5Ynibt8Bwzj;C338XH8^G$)w0c`K|sobVg5>@u7{E%*{0P1&fw2p}-1gzEPi)cn zW)gN5h@gaB4ztvJjtEImORkjjII6W_tWhv<;+E-yclZg|8DjHShnK6h2wq~tzL&-s z1hs&ys;a_txt47VT}yK>K5L<#JFKt4BOUU0W*J^w8?*C4eOjnb51UnoQ9IE6vBR4X zL~!izSrf7ElYoLq!S)STCZZ~|z)fSqcr#*?jibg4Xc?@w=`eXgM~p^+fPB!mu(16M zfiQ4F3ng1r6lmgjO})aYD`}L!P-!DyL~rB<54U*h90hh%HnN|$19}DT5KO~C`3ia9 zyN07s2q&4S3Zn6Pms}r~>z!qdBxXgqRvjg^U@WK_jRZf0pu%R{%{n&68=TcKCV8EJ z*`uxDH6}D&#iXHYCF8j&7T2$EkN_>6SDdoqsz@PZF^k9L`n=@6&g<|(Ntq@9)I`o( zW66+mtw0_doC^J^(~@Fu19gZWO%8IskmX@bVEM-@n1r1^8yQ3DU=xk&a4B$~DBY9& zYK>rSwx-x`iQ*BeG&hWPrAgjRNtH>#n&{uU{_T;rO0AzZ$)=Ur8@vXsfWfhP1IDzs zoC98JtAD%Dzg=qUPqa5R_NLU{)Y;-=u(dPr5GP2RtF$-OwiLH^w$PD0^;Rx%@ zz1dr7mTs&_UqsFVpN{eej>8NE)=!YpAO3)h9bjUAp|`TRs3dgRg0LEta$FHvnb(SH zB4k2I$?)xw>(g?5Ual{qBxMAk7(t+w%#;Uaoa^%Qa49$jo@3}72LF!XM=b53!_P>^ z`qrhA%XV}o`uNFQ`<8TSdxqsgQf{{E92r@+ti8>Cs%O8{+lEi|0HJRD@^q{>u|1XE zy0kmf*Ap99hewC?rJ=)Ir`~)b*q+#tjjYb3lJfD)s6?`9Q=8))4W*n7cwiP~GKt=f zo&hwE%GGU&^tSHKM69DHQQDsFPiX3fbfPPfUX|=f?Fgi<%Cx7udwTfu_Dhx+|6LjU_u1VSLUQ?n!NLiuLrQ_z7Zib2vNDhmzSXv1}M%x??@v z?@5GH9Tz1!0Xmxsua0etwRNVu`?BHnk{Vu@$_k3%#?@`>*G&m$K{tVnCOrtu(j34r z;HHJQcW1YRH?=QsY7J-l`_R{HxTC+jC)?DWWS26jaG%B9;FUu6VsQb#9p7&z!am?c zvNIJ=ATOgJr%5R^*NG}98B2z{lTE#e-c))Z98Y!j_a>5AgG;yRtCpmCdkHzbDT5;IB>KGCs(j89_5(-hFr-H)u+;QrgzROCT#?*O z*{)VH_!*>RG3d6yMi3&Ab}%8Gy4m>PwPjYzjL59!xy>z(Gt+gZYuePAb6a8^9f?F& zG~ODUorukiw!}JHyXHm{@fkDb@(b8_b8AP}Oqmn)9w$HWr7&ldfU4b?=u2g~vlydI z>7L`ZWV3yldDEwF2BY+ML^@Nw)8nZuKE<7$?oVdBF>{?(*O^h2Zk8-l=WmFmGl@l+ zfn+CURANE=f(vHPkzpE=z*tFr8Cr!e|DJ!C$z};Ln7G?NrgJ#EI!oA5H7!^af8}+~1u}1m|gI zESXGU<|M#%DB6kHJOFNw^$ffRQh*#LoSNE}NcW^Ld1P{DV_PxLV_}Xz*>6>{3llRf z&pyX3NhLX*r!l7&H84%lHX5)DZO{QwksC4O_5}pc;Ek>`c4MNe2jT;?SVW{U-I-%o zt!at2%$~PVJCoUz6#0l5oQN;MOr)T$UEQC_dY?w0a|R@KES>5HVK^6yFb3vRYI;w1 za%&=_qC7sT1#`L1&oI9XPTShzEl1W!S9$dJT@2SDBd zk4Z7AX5_=$w{&-I0Z;cOl5q&nWVk;t=71DWV7*%DI!g+=W4a&f+&XnW*X&d#0qNP- zlgK7?MrtBg(F`Y6OVn}R?K*1?1keUxgH+EipE>CD9Gh0}Trv7s3KvG@BvlVMB-gUx@lah~vLo z>JA(tq1)UJ1*a41RT!gf#HOfhBgyT^P^@UvCs5wciO!>(?@Vn@LZ^)TtHOp@7BVDR zDD;QM5rKwotU>9nSZ9LkR71EI>q0oOqZ?N)lTZ?sEz;qw*b{`iv*5j?;iJwN7C&%e zjJl-Brtpa+2UJ=qyLD5Xs0PRCY_%f+#TXonr4A}2WZo)^1xY~>2kkBy?n-Qj_){jw zY}t}XS|)`iOJp!DsG4hOaC1R-x>b+l`Wg1{!1~mURX4E>@M2w*u-?QPyatojx-nUj z>M;T~6Is>U+n=Qr^yP9U+>ieIlxA1DxZ`huQZ3XqPd7^TVXAkVjMA; z=Z|4;(S|4v3mV&=z*ZyK05*tWvjOC7gKVrfyaoM=fP(X(q-F93%Iq_iw{3}~`y$j_ zMcSs4veUr+%&5RvH?u{@;NZ2aY3-mu-h>}%arTs|qJ_?y?dFc;)lXN*E1fo6$QLx$o(x2GvAsnm$cxw40V z9*7OYVhFArEWyHw44GKOArK0;H)5Mi$;Thbw2hh% zDb$`atsfw%3UEF^a=|0ZsHMvmZ(6YrHNNOx5>BOjQ9X6ODt=9VQl@E@ugEt+hM6a` z@ti$^dQA22K-wz+*o=+A#jev+pn;AEQM61S;lHa7ZLYKK9kf`q7ni%vKmkm<3zS_r zABBDaBH0G0rOs`V2N65bg_$ zV)-4U?hi|hnGRnioGGn>k2%LV(sjmPvNX}rzj<>a%^e@i&C`+>U*hE9mY?q$6m5@MGxehoMn#nRkgyKioA= zxeWg4($Ju?^I%gp{0oBu#Qo-h$R#FEjEzK!rl5$G1bkSYN_*)A^)H(iE)IcJBDAif zzug%Bf|?P*(1UzXEwXQ3&0tHkI1PSQ31A`eX}?4$pi52@7Sy33$3)jTg5VdW)3Jeb zE?I-U3V12Cf|;1-`Od07Zw;MG8?_34Hh zei?X1gNXPYX!b8M$ll4qdO1wPlD0XCeFile8B@{iQXQETjcwQ$r^4M*Ae=;ruxLzX z(`!vQU>YcfiEMajqAP~AN&$j;aTt#vv#Gq7={feY2ycm%?>u4ZX>46VTk z+_@@V)pl0fnpKOV(Uxd?T_uhNAd`Ay*~!)p9NQX;^k&TAK$FpoGt)1LUiL5+o*#Vg zm3v8(Yw>5*l#PiDgeUft5qn1yZz4S{+?(l4rF*(Nd^evn57fKfSnX z@zpWszps7jh;#n=f^T#o^itMt$&T){?$((_N67ieC^BMy?oqPj;lNT ztDnBT?CT%A^Wtxu-*W3WuN%Dgn}-cg`qt~2bH6p=sW07g)I)o|Jv9G~dlMhK_P%@D zZvM^_PfWT0o1w1zfBxl#55IZG&mTVa!iOHY^S)~yd-KmzAAhJL`}nuMl=#tvWm|sq z_}4!C*x{^v~>)c>OE7w`S$drp1mSG}Vb zyzuWoS@7TYKiTurPX>?wP3757|K``1_5J=+JFj~6w2o)~kZS3Bt?aNJubq0zf4;Wv zhKt__f3f4u%9noi=WNT3e`&w?FMoO0InG;KKlV>3G=_P@TfV?hmU%D?88U> z^o^C_p4lDYBX0lqa2kJi;_t`Pdyl)X<)g=a<>YH8Z~5DUlRsQjb^Kjl-hKSe)X$E8 zc=yB;LaQg9`1D=S=XcIn?%to!Y=e^~dO6<2JSxcZfMzxmbq8=oEcUfVxS zsXOb@?O#9pq5B>~#qJ(unju2!bocL?e4XW$L|TZG^pPeT6v7C4k6 zZ6Ts^d>3u~0t#>pa2`UP?;ujl@Fd4si*mzAKRfI=KRyw45bk3K+W7?DH2O8t2GI5@ zl>aZp{WuNn+<^M{cG2kt4x173;~Kzz8-HEsM;jKPucEz20QW|~c(nxL7C1bC{Fk9} zejfEt0^SSIrzPnBH;{ia;Pin;jA8Q}yezy7+)n}?Payvu;PNW)xB;|z8+i|+zlQ_Y zvB>+vWaOdVACUJg{5^%gtMFHYI;WtmM*#2L!1=4Fcijn&vkZS9ML*sJe1?(!0_gQo z^dkdYCIH_%(PlaB{|LArLET${*T17rvrvBxX!Uu}0`5JXy}8ZUgFH zkNS6`e{ZAACg62>DcV7qrO5j<+Fb_v9)t2vV4UZn>~r9i325Uar2iG|Zbv_^0>0g7 zhp}4PK(7|G`}9=DIl=dB&){1O(!IrLhtuekv&MXxLIDQwvp&1E&E?YOrM4o&J7*(MgG!NLTl=fj z>fD^)4kOt!)R#sKOh~Yxd_U?hqEb$u==+?p*@+nYMla@!@E~z7|ke`6l>9*4Vt?bm1iDIWgANA=a>NFb1QDe(DpgkW0szto57Jzqnkme z=RVIb0!yo>dq(CXL;Dee)+1#Jh(sBWh` zpp8l;&f-r2WKK7HkmT$*rg@OSWL#Dw1>nxsSy&vKd}56ZWGuws`~w4G$Da>-Kwmop!VfeT_1WXm(KK44&jBf$U`8at9`Z-(HdM9V@D zB^d1TpmNE1;s0IabOI) zUi_xfriKY4N-E|^6$Z(mUL?ILYkGHm>F#5}g95(DA*M$KSEZef6suVVmIZ3FB z#aB`N1d2nB;(%i#X{-Waa)+ByB^y=ranccYU#=>2ax+7PK%S!TNq%95?jZ{h@BE@y zpy*60SjwJ?RlbO&BF4&`R2Id%N3KW&Ns`U@%NDe_7Zs1nZ;|?0kMJryTaY5T2-!x- zHjGoq} zO6~cTsJrx`gItKS=mC|~kyfvDD8uD4AJvxuxS+QhlS#FZE)xUTUkLL-oCp=Y2yVV2 zQwV~KkUueetaI5f4!~;)JAL4Q^D(_009*GB(8nsj@?TN8U{I;bkOL-Ti&B8956kai z{-Q9_xO4#EQliS4L$=h=qjoP4R3YrTMs8VR7{Ol&KMp{vgYkjL!c^L<`bgoa)02Ws zo5>hHDHJRf*i)X&S;egmmm9Xa0(aTK{)<6;$(Ru0DBidng{g?efu6r>QI&u}9~tMD z)AT76J}MYAdof^hdEjD~bfVZMj?c~37|>nFm>A4ZDsiEv?vrpHLIGgG8PW?-oW|N` zTY!?KOT93HHtD;&32 zCA0_>W-$Qv*~PP{8GSiFtIZ3EU4boi4u(N78%Jgitt<)bhVCv+{f6Pyb~y^vOccv&!&eUM z(n>L!lr^$vsH+E zC#v-WgZhP>@I;-<2mz-tHvsfM=!cg7%D!`0QhJ=_@yYq zeHUq=QhODE`J&`WRBFwy#3EF7?IO-)hSN2F`JD!n=E;SXRbVVf%N!qqQQd6^il14m z_%@(M6ypUgSmw>;OfnhwC7eza&lGe|0{HTM1E+Z_H+UckSttbuCS!8#8x$+5%Iixf zA5g~m96%J1wQx`up##)E2QVVOQa}sz>iqWiRXLZ*^G9jU@zAag23$S>%LaD&xgP)v z__&a`LC)sXr+8o|li+0yv7XKwZz?(&=MosVTk`QO1fP%9&r$6Fu%fbJ*RLRkRH%Y` zU#p$jvTqc_${+GG&^0?@g3Hl5SmQB8DD+i%VifQE`Rud77g0Q-#VI)`hJ)HC$wR5676snw_Z)6D;$UwItsJLh8)6w9Jrv6Q>fna^DR}IB!=Yo?U;Z(;~T-4q`Su!B; zHK}{10ou;+$5CM>2ZjQX#s@Y1tQX;Em1EV`EJtwB$~teM;$&9LA9pQm2O-e_1LXdT z73%RB=c&d6s+!CD%8)asKmlf}TxJ$Q?r;dyfTZh`Qcf4Zt56s;vxV*aUL^y-&T=!n z8P)Bo@Oe~_t}Ap~ff6PK>85&fk8>}IMJ-$sFaHpL0-Ljhh;c2XUFg?A*h`SWw7hZ21yZOv%tqm?ZPBU#LD)-xG^YeLHD%7AWz%+rR8KkE(MhFp z;U+Veg9e3_`X3;4m)2TK)ivzwS zy4nwB-2#qLZRLDqF9<4woB$LpT)ru-$a(n`An$KOIbGs!0f>`=gr}@1ZZ2KYgro6b zQL7FViYhgta*wRSjBMCdAWf7YE72`>jng>pd=ibc=1QpCInI4FRTNw}VbD%mP z#jw5<4a_{41~^<4%nzaB?1QPu8Oj|*!g&)_H;!D@j?MlBQZB7dZpMt>7ufv$Lm}}W z0f>FDL*asAm-9kUr7d91k+I1|J@~Q#d7Ez~v;n|AaM2+xG|UB8aEsjlK+PK&mytl( z>UW?zLU!lxF>N-x!sUkIlSecofqMdA3Rtahbtr7;=ov-Z=P5TQDOrk|SFYqM+*Pgu zn2QRbTQI>jl6x4dOy=r`8Sj9iP&VY&dIrs{e&@|uh4lED(5H)o8%Y^zN0lN3Pw$sf zr_3tCyBz+J)(53Um#mAV+s6Q)Xv-r3u)TZ+6)}hHSteK7;2P~K1pW?%v${{#Kr%wy z88aJNsBT;+sd^1RTJdA`wq6ulO|!l3R=dGSn}wlhjEI>^Tt0m*i5sgfX^G0SRd01s zc`v}N`TM~IRRab1R{)%Er&#V9nGr>lYHKId>fC9mD-x&0#dClWRWHtt!qYcBL}T$7 zc2hiVr9N$?doDQ=fRc5-1%R#l2Dk=b*dVdu>gb81%u-F^h(cRnM%kSE{x;Kl@75Eu|XBm7Tffs=BA$bO$!Qo5V1iS_%@R>y< zyhL4Q!1F;IAK1ZPjrib*@pb%&d!otZXQ-XxIR@YI@>?DP%+MbWphny!wpe_dIMeBi z;frK`LJFS();)&SvmeqD5x9mCk2-={#C_OZY#iR`_sHmjei;aFJ^cQipXLef-ATM1 zE#7#5K6;JM_V6i4GR0mSCk*h+(=A`m$)~efe0~vb0HzJ{;&wX4kNoh~wso-MSIkV4 z&xB*)hN3TpH#BwNE9$uYOxO6m$t&9saj$YY7(&SH;!p;ZO~BU!Uit1wguCc{08ly- z_^vk*-fWymkY1hoZHjm=;ald?IewSO!Rr{v;wu?(S&~Z-cpiX50(|{sKM79tXZ!lI z5qFsxmpDE(j|UwD2@oL~z909U1>rUJ?s#}H`Z#;0Aj=jb?rH-@OX3S+Ek|!f&9jY@ zql|PHUjv&=ct=U6Hj`!K-S~Ni{_bfb!)hG?RCf}c@c^Vr+D`9dZ{-ykTyjCI1K)GT zI`P4Hj6ROc*Ye^%0J*~C>cvPt`%d-ufa!&=P?(M$z*wXsbNf<#{XKk&xN8m4QokGY zQlA^*TnQBL9WQ~a(LTRG73ToGaK6F^e#7k%B;u~m1(!q3BCz&P)Mtd>d^YEt>odN0 zK=|g%8u+EZ$#20EXkkZ@-* zv@=_~`!K1tCO{O72IxU4W~R+Dcy)qQg)G1XhXau<_|61H2EH7FrB(y_Mqv-&^omh7aQ?@7mJ?Z9pR8e%Rt9(n(qb^TXvB_y+SvosvzL zHNf~>psY@A22R4CGNlO?f+hohYNnoeq9DI__Q3G~B)@n?Q#e>?jBFDUC^G^<70Ygi zA=17OVuOkkCl{I~BU&y`g1Pq7#yryo1Vj?wwE%592aF^$Qx{TN9kF?HG2-sKZfigU znA#8v3NGTV%IO<@1@(%*HKn4u-SDOhN8hZPwjA8C(cuigYMkl`I*WQ2Bw=bhiJngk z_nf?Tr8_wU!|LeOh8QFV=H$a+RB*sCTt=cr+{8YCbAagl4gXV-kdfoO$KuzWhHjvg zf!}T z13x4KYr*A(RjB;0VTB$Ll$!}DUvz`Bz=-g`$LZ=V0?>uTcMBIkQ6}IDkS>NWVp#eE zvYN|79>|FMYj;_!bBkXL6G;X)uORiRk=mx`nhyG3L8m;C<8vQc?dncobq30LP$S{I z#yRzsPWTKCXvxwWm<>T#WI-J*(XK!P*60KVpfO$Kz~5p95?cH_MckjcBq_RK^h%w6 zpi&$jw(Nq+?Oz1B*4DI??22 zj!&Q%d@?kEIhQDM7*6#aBTNFXcgD|716P0sQG>myLf8@aL((_9JWG2EZQV; zI@}XW<7;+|3fPAvu)8nrmbQZs{?@DcGRQf_)?eZL-IkFb0BQDJUvrn{X zZ-k81sKARku1ui(%5n|$6$0IsqNgd2jh&IAreT_lln>g2x}pxtjPjNq(%ch17+Bq1 zVHQN(g+j_65b7+gfQxC9YAHD$z+tJ|7i zRkfc3sJY1Nywzz&T-hN#^AOa==XoH|aSO$u7sD6YbeR{Z8^g@>RI1a8)fHaoq0SZS z2~;Eln$&PZ7d)vYC@46JvPTtfH^SWD8SZ{C4rT~c@6Q9JmB84le4BL(e1c85uOZQ7 z0*g&|rckrTh!w+r_pVdIS&^ zB$f^LBxK4$$q_0{BcBS8X#pq^caDd;9c;@oo_NsxfY%x6buo- zA1W#Iy@-3BQC~@e{Z`gW*7!!H1?yD@9TzK(fD6CFSmUvn(6||KXB`kyOEIkN@ObTE zb;?0iTi?}1Rnc~7L1E>D>gd^2N_9L=Mm}VEX-1)X9)nkp&Tc$L+)am+B;lp0et3N| zD(ikpyrLg#h3(0q#Uu$^ZWd0X4{-+t?2MLw2-w*(BktLUb~tj_^UxAF+=eO6p*}FK zC&#z-1?J)*#%9w$WVpiwd+3K-z;d`3duw05Dxj;LuW*=2-7pOvBpWWf3|DGG=V4jD z)ujl49HI>bvfeo8DY`$*bI&8DbZ%!vU!k=^nr#xT-bm~s%N%xtcDYfNet&J5EijO6 zB(Bnk?l)jLPh+nLm#SQ5G!BKXPBYDp(;Ahv5=1cElhgDT+b`FC^*)?|jTROh8dg$pxz?G5RYCyqNaYN#8QX>` zNe$DnVyO|lBeA(VDQ-Qv%|WltrX`?6+A&2X4(7?A&$N!2~!s9)@2qv7gw{hI!K1Lm8L^hfiqA+aE{VSUW1yEpq~!Q zb`vo(CAsrXEXv|^5K1#Fa>m`ZcMunGw~b6W*#Y`?Q10M$s^h@=9h30rwJ~sun7PD) zfe9;tM_|T?xR)CC2k*mmZcJI!h#81V?sAC@jE}LPa!;SVJ>7_s(QraHbXVAb#LVlR z2EaAG=b_vB?N+7Q+LOc@w27qmW*f&!;pI0sV02wz)P*53;b$ljy)!8&;yB%fE{$W9 z)dX7vhTv*xz}ED%!W(cfFjHlkDh(p;Id)F4ZN77%>}Pa;QO?2*gs=*)EiCU(c5?Zl zHGTuPHD03deuLelB&1-({hYf&54cEA*);@A1q~-aRAM&Bls6_vFr(*IoAYH_*oa6K zyn;TA$wq`z0?~DQs*C5vv^c_Y6>z-C!&vin!bacS*LZE1X#&kI}G2;KnS)n_sldX=n=<^5{)dARPiL7qmuwM;zTo4 z$BOt3cRdex5aNN-G@m>G25*A>IIMtl(n&zr9z9_t;`uLm;eQ?T^UNt>kUWMcd|9C3 z1aQWP15S)B1!*qJIfg{9BkoZi@0nTdbu!|fPNp*Lin+jNLTrqTfc6Z;K?4JXnb?=X zEf@-pkzrPz(zxd+vr={`nTvLTBW$@gpao%jz0bq$DV}D~ZPrtwu10-1RT24)@Gueg zy)Jy1nwM0}D_CY><6B5#5HRdYdvm}+J~c6{MH(q-3%vb9-?MLVh^t&AK~k!);)<6L zySs(j)PsNvIOni2Ox%>Z1~muvN)$0F_{$$(EV1SrIg;^gIG*7FBQgV}j2!hBG(`h! zU=Js7)Xfoq8IH8*O953+#>@JO87-oV#>j}<)sD@%yf%VxPx+=E8__}=5w*)x0w9dZ ze0=Xs=_tc#LD^%Zl<^7b{ywzUE_AtY;DKI`H9Wa*n97srFhH|M{xhdIgFQ%~1iF=% z$!k;_N?{Yu!n|`P2ZqMiu>~SMYDy=1#LgxBYvl%B8tO8~1?t>WU&N6bSQL^Hy-EZb zO&an_9P4Lr9)u`<-kh*4LEje}t$6_t#}a{qq2Rl6+$8u~4osgtDGZ=YO&e*%tYpfX za&Bj$y78T>o&kuzK199&T6h8R+`O0TmgrzLn9+)3l2aNOs&gzY2l)qEzAO!lnP_(F z4-UGwLRccpI%C9!06a#Rmamq?dib&!L-$Ywa_5l5p5Taeauy-nBByp3fn+#}MHB~T zu=pv9>H=XoN(iVn!iYP;cNNdmNVXwi`5+}1ff8uAbD)zEh|p{tZ(H#&2XC(|!d4D` zxOE(|WJ8{r^F>Gq}p&#^`-J5{75}d0Z&nJ6!e&%M@c5nZDAjX!d0B0nX7*Im?%+ znoh<0&5K-YC@7nKN-5!x%~t@xTMd_(x6*Vq$P1)Y&^~2I!kz?~XeIK76VC0SvrZw# zR-3mH2}9!TkFm(AcHtfuENVqLyXHvvzxRuCwSD2c!uKb7eER<+cTb*Wl2-n6*y%;EwP}hl{{zB^w%ySb33VE z5Ah*N-q|bEw!b~T`r^qAL&q(M)5nc*k?kEBkTHv7PT2#H{3CoQ8npcT%nGZ+WOl+o zoX(SQ#=A9_VC*Cq_!OvEStX`ENRn%}}L!@C!z+{3W zUNL_(Hbfhm8s;L;P5yoD$U6xBmZ`B}s+wP#_SfG0z;Rg~G6!%fK995o59YjhWY|Vb zQNc)aDC*1Bh?~l->oWuRU5VhS8^N~~C@3(@rbSE}J(Ugj8MBAw!u;1wa4x#v1`iPP zXf7Z{R>cdBUwXOy0bXPvyC7;{HVW! zfSFZHW4-zB>ZLe?WmH9gtz}hT8d!;+_ktfc#zqW^0x0&byfy{g2?VDbdAlrZ#$eF+ zD|!p9f9CW8=Xl;bD;74_H_%YGEh5Q%)FQ5E!+ruw<_U%sZ8`6tQ*`9-7$9lPtTy5d z!p!V~J$xdrMATBElj7PV|ClyM1?9`pICJGd+U67KLa7NQIn}A(3aD{p4M(vGcj{|;* z4zFJ2ADehftFcNUR*SJ>VNw(wLn3AOSke_37|!%Z8U|zrXTa-py30gQ^xaGHFGkDm zhg4BVuktyPLzwE6?|7hikF-K^BSOYiK|_@W=1CI)Cx&Sdd=onoII7QGXY-(V80((+ zY(|o{s*~_MK29+PBx~Q5eS9*3?{xUiS~oNv7%2w=o#%@PczJ_HC)LNe++!cpCINiy zq-7~?{333KEEdrF$l3B42+o|+u+34O!SdA`vxhu9{qRiTIRXIaU~+&%Xvf6JW2aqE=MIBBg%pej}YebsYwI@Y%Z4bkMnSH6ACWkhK6J@Tn!JUI1j zo2TaJl*ar50pwuFoa2pnz=d{oPeIDjKqZXh3ur!R zn~(k@()EJcs&IHdtrxu=&=b307@{_M>g4=zJ(CftG{%7RUe-o001ARnYH^!{eQ?IB zAoMwPGT(=qEX|?8bn1))ufg271kBJwzQ?ZzadY6I3ROah8;?xV0bqk%-W+!B>V zw&|FEOyg&pBA~EOvBl9ltPhZRr%qPjb+Qco4MTOLCoH7|N0mTPSot(+`cTCo`#t_wS zdOF+IA)Ri=6p!;wSn~xO|EjHhXWZ6Wd&@U_uY2EybuTXLuh_X{%Z7^GAG-L=51)T) z#doK6KQ(&IX+Pcmr;|^4BerP$DTC*?I-mRJcU6x2pDUX0Tzt=i@4NH9%}<@u`{yS< zJ?EQ8Z#exuZEt_-d-q;^{mst1uKny)|91CXH~sARORF3>-OKl2YP>cAk!$|1)?NGy_EZQ=_`L@5IIEuaUTBOGnM>B_(tb6$wjOg{8H8h|1HIX zD;^f<)?b|^(D6wZ{6X;F2~tZPKqTP~MT4BEqc|zx+)=s*(!~W%>hOpDCJG_lC1s-M zxBfR1E-^s^=ho6yA=mRykr0Or8KkR2jcvdv4xbAdCoHZU=;*3RoIa$D$BJHfW1zo? z1WKr%tFZBG(S&F9a?y!9`f?*?VcZP}1j3|~L*|9iLax6F!b<_ii;zywA6hzv)YYg# zUs-KPr{^C!#tLHu{IX%=WkXw~&x$Z+^J>)Km`%Zxb?xHgti3G6!PW}aq5rIW?4}`Q zJFsDo!j1-nX>wX|PgifgCy_Alq-!h2duS4xQ0mYhNJgOcp-(CF&!>AXz1VUZG@+{` zAN%b>3HFNg(S8Oo=D2nOE_)`6@|&XuwdH+FDCS?NZ()sNQ>hx z=-oD#E@3IjR(nvk5w5(}!{gW#hwb@ePuGurubKc+ee6+imNBCehIk9^6R zDU?!px&3FW#MN@OKSJb1LgDCe)~Jg|dTLbqkp2mbXFlw>P$Y(xqE=RhDsSdkoJm#k zGO296tYn;dQoaooV|&CYf?Rbk6!AR&_;>ld(I=4lNK1mA>rjFt%ztY!YUEq`6edqlF0eG? ze(>tc0|!`+0W2#gmjXgY>Z&~PI;u4n1i0NdNmlCrV06 z?<~sP0=gVHt*m_F4ECYe8LM(z9WYa=-za@qZ%T5W5erLaKIv#3OrI8FC3nq=6gP8q z-{bxz;2HsMEW<2AOgd0MzkdEG1;=PA{K?P7*wCd@2PjGJOi|Fd6)Cgv6hm%Q@;i~% zB~P63Gw|PBaM2vpYQ}RjayyVu?V%Mqq$~cFNU>g|)B9)`D?dlv=N5|x`GxEA|NrkG zD6p#>y1L^$PlfXT|M&kn3haUdVp3Q0qVVca}A zT3c3m;d@uQiIUQgJIaZkTUIr-%q?|?=Y-tSUF)K2qDKT$Mn@}4TxVD54WU6N+MHLn zH2nIFFSo`IzdW{O(dwG$$qm0*w(Ub7`2BqkpSPglj%7{%cJxPf4cER99WLvP4wt@b zR|&!NENqGR|_ zF|O*2SO#AWY|f^V&GpebCYFyY-&Ca4+i>vyWk^rS3SDD{l=wN{P!n29{J;%syl`r z_*KQ8@J{FFJHPj4#n5RN-gSbr=cC{5NL@Fo{e7L^IQzMK|MT(FUpV($JMR7c|D3q) zh{H#@OR7#jJJh}5=#PE0>8;>&9`B-_)FzxaHXs zej0jq);GEqzjXG5?`1z)`Mz6E$~+HW{^|1mpM2xWKi=QEBQ)ub$=!FnCmb<&@igx$4QtfBg2`-S6J`(wDzJxN^=LE%#2Ga?%UGIWhj+#@n}d zp8VyRYp$toKm5*%&OK-JjjNZv@#V|EGJDPHOOE>E=-++*d%s`&%gl+&VaP;X9{7MDBFiTQ# z%o9uz&X5auX^PHiind0OAC1|Lx^C&FXj}B%_Bk4Q@3Q?ikVwNSx$h>j(HbH?&UN1| z4PpPDD=`jQjh`of>TefM{M@X_bTy>iAsh2Qh>HA~zNOsucH^5xmF z70)fX=Jii)TXE&LCm;X$%Wu1X;;G3S54-uT^1oev?;l_I?$w`4e*2Ac-gE3ne^B?( zti6-Y_|ddiB2)kLY{hdw{rRg$C0@Mb!k_l8x#;RUUR?R&jUWHhVEyf@UKw-OwF^3b zbFbU!Tz1T?)o=fB`cJ>{aC6z$Z$7Mi%~PXN|NZsr_GX%-W6xZ_WQt zcjq0|#J09^5}I_RNEf6?he?1?lqywv?;ySR4uTMnW0WpkNjRo%B^Uc+$z7nA`d+ zkRY-bJkdm8Ww(L*P+MrN_2a-A8EU0s$EKDAZ^OY$*R7V!T^P?!`~aaX=CyJDK_KLF z!Hq9>!d(_=IQ>3Blo&mP!%wU4JY?clg+;wbmZ+`EzAII$uDMcju}3JkEegTXqdp2C z@q+;*uJw1!5L%HY3?A|y`}o5`1kxqq+JB_`h64bmNn%rS|H6w7X0gZ%;PZ`Hkq*q- zv&ep*9u8(nk3a+BMidZ(10v#pI0iI`!y*j86#sS*BB89uuihbppkyF}poCCNn=9Se z^Co8$xHsm07fG%z-1wo+=uEC01CPtHiPqf)JTZD4mBuR_#HU}0x^z>F5p9UIXW&&n z5g&$7!Q_TeBtf>ng(Y8Ncdf`#$y#=_7@WSPTTRH#s{ zzJ$_@qW_R5Xgr^Aj=x;UsHSad+D*x{X<6 z_vqN7dbb;~qhmi=ZuIN4#3cXrsP&95hb1jn-7`)uF^+Wci-^9(+sm)q+u@hFNAU0bE?0Yi=D}@qFl zxD1fv5&VcGsUbLEu!nUFdVdNdx}OJ7L2-z|KSakYx@`?AcG<&Fh=~jbQ%y8L_OtKD z1+YN`{0?*8{1Q-D!i5J^xEeDn#gAbFY$##C3(zh}dA zaxq_?1t%g6h)4z^5`SJK0c;>55|BPR9Taj(=&w$Pfw!%PjgO!wI1j_hJIKbn2vV|V2650UxyFTh3Rkf zg6IW?#(W)EZxN-QoUuvDkV_363?fcwv$GW7liKa@9&n5N+AO_9*mJH$spR&S)1*xc zt4Lv*xm{F3=nX|J{W0RC%Y*c)j9cgBZs_z^9=Oa&;R|rzdMn9L`0_qeK(hGkvh7oO z$-rQ?Ey~cM1mDQm?cTFcMV|KS!*rtfM=aY!GSD(-T{}A5P_Ea?U(2OzU4aw~?JQ z#n1Xp3NHX}0I$lAnX1{!>i))5Hv>-dwCrP2uJzY;f~#ped1k3&SR;9gO~zYkg#@a~ z;r2!YH`!ker`62k^|WW8k#NPhOBvkC*fy;-^&tK zNq@QXtiZf2@7gUxF9Qu_g;u$zxBN{B!>iAHS1ZzEqA?aBGB>ibn zVgeBb@PsmeSie9;l*0N4Tj(47R>Fyfz)J1B%fE%{3p6TwKq`14np8W8+-AP$Tb zhs906(j`2b6w4opU2JxW$n=ZpeiuWz4x?1C~Lb3FaSqWg;V^a2bo77 zPW#W=^zmi~k{AaG3HP`v8|-ORi_7z&u}qrYosoQ(OvR1Kv-Y9#8P^DqqU){qvbVPw za9Nw(b+T2iZzSGpo==S3BY55vc-EnmWOCVrd`Q3YeYShk)w?a9^b>3Mny^mV?(r_B z&P*ZTwEL*}HG6$MgBNErJ*@C9vYnY+_7&oJF&M2DmQUbRYEMQjmxfGA)g1 z)P~}7yii9-9gi$AUHG>Ex+T?DXn_{z3K7W;^eOG+s)RuCOs+jbS~;(J&7l1&STT`< zhWD-x4328dZ$8`Z3Sf0i+h9wo>~5YE*41~G=-@KQ5zljymmU&fw##@jE79D1kWFdF z+Dcd!CPLtsc6 zT5ucH&nE=qztG@#4q7lsh%$I@7X&%kD_hC^x zT%^_(b{1g&zB`kiqZK$-oJCJpmqkHWLjoo$uD~xWCkOD0!G#ep4uB1_A2uc9uWB)C zobc=VTDf_G6C1q!oowvT$de(UF5m=p0ogD633C4){q*QnPd7@?kj8@CKi;q~0^#z1 z9R69~cJFz~(|7XM$~Cs0uQwa`c-B5bg; zK(@!Cu6DI)B9(*I#>@LcT@g?ASxw)bOqO$H4!lKmEj~>1gS#&GMq*~pWb>+6%a?!$ zZ8lf3tMypA*iKqI__V9VMZRU^D1#4bJYfE)xK8h)=h8)_9Bfkisk1E&bq>*nv-Ke4 zPM&@5lSKU!h3oaZ< zg)-`o&r5Q?!Kvc*b-PgP$|FijP?qS)-Y?>|Kcv!)h5N!aThQP z)e`ap-@dMLt7~L~)+gx%R$)DCDv(&kiNn^~jGn%J!kzQl$n~pf`?jlO4;%W}XX9Bf zcNvHvvYyv0_#*go@5tU;e>a&dPj(~6lTUNwy!Ui8nU;z{s&3y@B~5V}aU1RCu0ldV`J&uglH`gCF#@&`s*FR_fSoe48Ah(#>9LvJmJaT(s(5{$4SA=fa8?eL#*vvRa zfB~R~)SOA+Y_zFq|fD6WbC=pzbLTpeXTmmdWkNt-c z2ucL4e|fGWmGHki+aIm5QM?XdRFYL{pf^ayoCd92q{fnGYXT%tLncN0^Dk1FEzS17`n_kk&Bv9uA7m$;b(JA>oh`M9-(-l^LpJxm{o_6mqP&myvF zoG;WeToDj+Bu&VbFGaO}sRi`+7)Xs+OlG*B4>%}Hr3r?jB?>Ca8oGFH?Q$tNJ5tTM zkf+*;D@VDFMW{`zJ?&n|PQw258eZ`PWiEj&LhqL)VS!IsUig;6O1SoEc3K=UpjF>$ zCkZjUN?@H$HXN57j(8R*WoCXu*3@ypfS;;9*azKD{WM~_t>QduiWT>Mg*i@MNTTQx z`8vhabvOUuj$+e@Kv&NqCfi}-H+bQ@Nvs2p6*jN)DbQu!&=()jRC>nRfHicmIcP@5 z?w|B=V)6~S6;aUn#b>644i>leC-?kE-l&{%33^9>GgzV_Y83ar`)-g-Qrd!GzHbMe zz?eWg2rJ!JG&RqI%|HR@8$BgamJYeNfuyW1D4@4gIVlBe%6QEQhOYpCnPmrt-R7)dE~c)3b* zGPl*jMpP9Yvmsx(<~+6MNbC4I{F|HCJG(ouq8f2{2juI0OOKSr;i!jSXFybXfv7b8 zg-R^yu0@v|=q;6uLobc`4^Pd1kC*nHo1kqb1i-}LaJUG_O(EcWQ3zA~o2mY<05?BV zq_$Y=eTFC~zju^9sEKqKIdrg|g^xd2;;P~Iq({VX2Xe*r;+xr~2U0Ybgua<+KDPgq zqU&Wc8+Os;YXidJsv;Zl{aDJr0C+1o?b4-CXPrp-`l2{R7ksL%F8`0wT2pQEPrS^u zVWMb4G56TDQL?eKx|hYRpuwGY54@c!m`clb5X~ZIZ70&tHPVL&-3vDjiy>#s*7;hu zWX&<?!sv3I_;719V5Z48YhC^P!EEfc`P4GV z#fQyaB{ZfEmtOBCC7x!IJYebb36;%M^n2cEDg258HF8kM5*oHYo}(~b=PfuHY8l=* zc{dEPics6(b-zQQz0`t>eS5&CNL|!7nNb)?wn6@(UWss#VD6QbXJJgd$gEkqkWHpaMZ?w_$k8n zhAFxz@{GA9;G3A7JoZ5AGZD&a3xOv>8>KWk#V~MC{gScEWyefM+ni#Oqp?B@H`ul7 zB$N01*v~qhS7~mxo~NFq7kzw!npQfnRH5$U>EA3S;&V=UJ9U?b)YnTn&kEc-0^BPQ zaN_{QPtON*(r^zy1LNJF?iv)6M&c>f`D)vl*^Ep)uPDOZNB&I^XZ;u%{}g;?7&fr{ zNYN1gFzeJJLqX9l`|lY`;38Z;f;x7GQ-Ltk!!X7Y!>7(yVc1ZjYU zU5VR_T5@{RNU$Cw2erZ*p`>&I^R;8pHcoMiWwoc-)gGUyh%Itq%D=3r1OlPXsB=`%N~;}K1z-c`Aped3%Obg0D*BIk(q z2s$}B9lz^{cBT$19|1m>5O--lfIZZQR|b!1eI+z{C3F6Vn?PvC8 zAGe-3f~FdXp^BdExX+80uV zFzu*EEzmY(eh3W{H7eHg>*D=>E_xJEJYu3z?enc~gv-La>>>`lZ%7*6#$=4lu&!)y z%1Lr0zxDMsbsor(S_?zNghC(nE{C*;dCCtYY(6QKxGr(R`pUScjjnp^I?}BWm%Pmj z&zZcINngmQCePFULmmY9PeJsI@i;D%t#afy*Ndj1D$-qGWyNv=y7ec}& zKR1YgBStVAfB-=9muG_mfeC_r3*nCnFgX!I@C6Fhn1q6P4E)3Q6ocP)m@A{e?0`6S zI21E#<)`5yQF|2zpN>IKIMC=`_04fNJSOFpyfrxn^q6vqE zvxh{4-_hX|YKL)Z!GSe1#9C!rwcRYm>|OE++|4IoJ4pX8XbOLR;Xu#(ak2GK@lIb& zZ4TAcWI*Ga%!wp1O=rUkfOCc4MoXLwEY9P2KG{L=L@ksH0Wb7#p#?IJ3n#=EM4&XAzoF+chco_6ja z&zora0J|MVtO|7aYW9~G^hM(72g`D1&Me|=p)gTFq~W8sP3_woE@b;dI6+DdBg)h5 zsUxx0W+(6%f;82FKgBd`H8lrtGOZ{l>tn4`rjRS#cX_TNRgPYLuFHGLru6NO(*|4n zc{pWotL;0!_THU$nI+33g!sdo^N%j9Fg}piOcJN=oT=s*m^nauWX4xrQwZvOI>y5s}I zR`-uoaVm?UGFG3h@br2aM{MSM>8=ChsJ{m^o8*(4gyJ~N?Vl3`14$c jt4`TT0ceH?UKNBf&4Rn}=1R~-q=kMvP2g5`XY2m}oE|?N literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.1.3/dependencies/System.Threading.Tasks.Extensions.dll b/Modules/AzBobbyTables/3.3.1/dependencies/System.Threading.Tasks.Extensions.dll similarity index 100% rename from Modules/AzBobbyTables/3.1.3/dependencies/System.Threading.Tasks.Extensions.dll rename to Modules/AzBobbyTables/3.3.1/dependencies/System.Threading.Tasks.Extensions.dll diff --git a/Modules/AzBobbyTables/3.1.3/en-US/AzBobbyTables.PS.dll-Help.xml b/Modules/AzBobbyTables/3.3.1/en-US/AzBobbyTables.PS.dll-Help.xml similarity index 77% rename from Modules/AzBobbyTables/3.1.3/en-US/AzBobbyTables.PS.dll-Help.xml rename to Modules/AzBobbyTables/3.3.1/en-US/AzBobbyTables.PS.dll-Help.xml index ca1b9df08912..0261a5fa7941 100644 --- a/Modules/AzBobbyTables/3.1.3/en-US/AzBobbyTables.PS.dll-Help.xml +++ b/Modules/AzBobbyTables/3.3.1/en-US/AzBobbyTables.PS.dll-Help.xml @@ -50,7 +50,7 @@ None - + Force Overwrites provided entities if they exist. @@ -62,6 +62,62 @@ False + + Add-AzDataTableEntity + + Context + + A context object created by New-AzDataTableContext, with authentication information for the table to operate on. + + AzDataTableContext + + AzDataTableContext + + + None + + + CreateTableIfNotExists + + If the table should be created if it does not exist. + + + SwitchParameter + + + False + + + Entity + + The entities to add to the table. + + Object[] + + Object[] + + + None + + + OperationType + + The operation type to perform on the entities. See the Azure SDK documentation for more information: + https://learn.microsoft.com/en-us/dotnet/api/azure.data.tables.tabletransactionactiontype + + + Add + UpsertReplace + UpsertMerge + + String + + String + + + None + + @@ -100,7 +156,7 @@ None - + Force Overwrites provided entities if they exist. @@ -112,6 +168,19 @@ False + + OperationType + + The operation type to perform on the entities. See the Azure SDK documentation for more information: + https://learn.microsoft.com/en-us/dotnet/api/azure.data.tables.tabletransactionactiontype + + String + + String + + + None + @@ -161,6 +230,17 @@ PS C:\> Add-AzDataTableEntity -Entity $Users -Context $Context -ForceAdd multiple users to a table using a shared access signature URL, overwriting any existing rows. + + -------------------------- Example 3 -------------------------- + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -ConnectionString $ConnectionString +PS C:\> $Users = @( +>> @{ FirstName = 'Bobby'; LastName = 'Tables'; PartitionKey = 'Example'; RowKey = '1' }, +>> @{ FirstName = 'Bobby Junior'; LastName = 'Tables'; PartitionKey = 'Example'; RowKey = '2' } ) +PS C:\> Add-AzDataTableEntity -Entity $Users -Context $Context -OperationType 'UpsertMerge' + + Add multiple users to a table using a connection string, merging entities with any existing rows. + + @@ -252,6 +332,120 @@ PS C:\> Clear-AzDataTable $Context + + + Get-AzDataTable + Get + AzDataTable + + Get the names of all tables in the storage account. + + + + Get the names of all tables in the storage account. + The optional `-Filter` parameter can be used to filter the tables returned. For more information on the filter syntax, see the Azure Table service documentation: + https://learn.microsoft.com/en-us/rest/api/storageservices/Querying-Tables-and-Entities + + + + Get-AzDataTable + + Context + + A context object created by New-AzDataTableContext, with authentication information for the storage account to operate on. + + AzDataTableContext + + AzDataTableContext + + + None + + + Filter + + A string to filter the tables returned. For more information on the filter syntax, see the Azure Table service documentation: + https://learn.microsoft.com/en-us/rest/api/storageservices/Querying-Tables-and-Entities + + String + + String + + + None + + + + + + Context + + A context object created by New-AzDataTableContext, with authentication information for the storage account to operate on. + + AzDataTableContext + + AzDataTableContext + + + None + + + Filter + + A string to filter the tables returned. For more information on the filter syntax, see the Azure Table service documentation: + https://learn.microsoft.com/en-us/rest/api/storageservices/Querying-Tables-and-Entities + + String + + String + + + None + + + + + + None + + + + + + + + + + System.String + + + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> Get-AzDataTable -Context $Context + + Gets all table names in the storage account. + + + + -------------------------- Example 2 -------------------------- + PS C:\> Get-AzDataTable -Context $Context -Filter "TableName eq '$MyTableName'" + + Gets the table named `$MyTableName` to see if it exists. + + + + + Get-AzDataTableEntity @@ -647,7 +841,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -674,7 +868,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -701,7 +895,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -740,7 +934,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -767,7 +961,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -866,7 +1060,7 @@ PS C:\> New-AzDataTable -Context $Context None - + TableName The name of the table. @@ -1074,6 +1268,17 @@ PS C:\> Remove-AzDataTable -Context $Context None + + Force + + Skips ETag validation and remove entity even if it has changed. + + + SwitchParameter + + + False + @@ -1101,6 +1306,18 @@ PS C:\> Remove-AzDataTable -Context $Context None + + Force + + Skips ETag validation and remove entity even if it has changed. + + SwitchParameter + + SwitchParameter + + + False + @@ -1130,26 +1347,42 @@ PS C:\> Remove-AzDataTable -Context $Context -------------------------- Example 1 -------------------------- - PS C:\> $Entity = @{ PartitionKey = 'Example'; RowKey = '1' } -PS C:\> Remove-AzDataTableEntity -Entity $Entity -TableName $TableName -StorageAccountName $Name -StorageAccountKey $Key + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -StorageAccountName $Name -StorageAccountKey $Key +PS C:\> $Entity = @{ PartitionKey = 'Example'; RowKey = '1' } +PS C:\> Remove-AzDataTableEntity -Entity $Entity -Context $Context Remove the entity with PartitionKey "Example" and RowKey "1", using the storage account name and an access key. -------------------------- Example 2 -------------------------- - PS C:\> $UserEntity = Get-AzDataTableEntity -Filter "FirstName eq 'Bobby' and LastName eq 'Tables'" -TableName $TableName -ConnectionString $ConnectionString -PS C:\> Remove-AzDataTableEntity -Entity $UserEntity -TableName $TableName -StorageAccountName $Name -StorageAccountKey $Key + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -ConnectionString $ConnectionString +PS C:\> $UserEntity = Get-AzDataTableEntity -Filter "FirstName eq 'Bobby' and LastName eq 'Tables'" -Context $Context +PS C:\> Remove-AzDataTableEntity -Entity $UserEntity -Context $Context Get the user "Bobby Tables" from the table using a connection string, then remove the user using the storage account name and an access key. -------------------------- Example 3 -------------------------- - PS C:\> $Users = Get-AzDataTableEntity -Filter "LastName eq 'Tables'" -TableName $TableName -ConnectionString $ConnectionString -PS C:\> Remove-AzDataTableEntity -Entity $Users -TableName $TableName -StorageAccountName $Name -StorageAccountKey $Key + PS C:\> $Context = New-AzDataTableContext -StorageAccountName $StorageName -TableName $TableName -ManagedIdentity +PS C:\> $Users = Get-AzDataTableEntity -Filter "LastName eq 'Tables'" -Context $Context +PS C:\> Remove-AzDataTableEntity -Entity $Users -Context $Context + + Gets all users with the last name "Tables" from the table using a system-assigned managed identity, then removes the users. + + + + -------------------------- Example 4 -------------------------- + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -ConnectionString $ConnectionString +PS C:\> $Users = Get-AzDataTableEntity -Filter "LastName eq 'Tables'" -Context $Context +PS C:\> # Imagine that the users are updated somewhere else +PS C:\> Remove-AzDataTableEntity -Entity $Users -Context $Context +PS C:\> # ERROR - The ETag of Users do not match +PS C:\> Remove-AzDataTableEntity -Entity $Users -Context $Context -Force +PS C:\> # OK - The -Force switch overrides ETag validation - Gets all users with the last name "Tables" from the table using a connection string, then removes the users using the storage account name and an access key. + Force remove all users with the last name Tables, overriding ETag validation. @@ -1196,6 +1429,34 @@ PS C:\> Remove-AzDataTableEntity -Entity $Users -TableName $TableName -Storag None + + Force + + Skips ETag validation and updates entity even if it has changed. + + + SwitchParameter + + + False + + + OperationType + + The operation type to perform on the entities. See the Azure SDK documentation for more information: + https://learn.microsoft.com/en-us/dotnet/api/azure.data.tables.tabletransactionactiontype + + + UpdateMerge + UpdateReplace + + String + + String + + + None + @@ -1223,6 +1484,31 @@ PS C:\> Remove-AzDataTableEntity -Entity $Users -TableName $TableName -Storag None + + Force + + Skips ETag validation and updates entity even if it has changed. + + SwitchParameter + + SwitchParameter + + + False + + + OperationType + + The operation type to perform on the entities. See the Azure SDK documentation for more information: + https://learn.microsoft.com/en-us/dotnet/api/azure.data.tables.tabletransactionactiontype + + String + + String + + + None + @@ -1252,13 +1538,28 @@ PS C:\> Remove-AzDataTableEntity -Entity $Users -TableName $TableName -Storag -------------------------- Example 1 -------------------------- - PS C:\> $UserEntity = Get-AzDataTableEntity -Filter "FirstName eq 'Bobby'" -TableName $TableName -ConnectionString $ConnectionString + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -ConnectionString $ConnectionString +PS C:\> $UserEntity = Get-AzDataTableEntity -Filter "FirstName eq 'Bobby'" -Context $Context PS C:\> $UserEntity['LastName'] = 'Tables' -PS C:\> Update-AzDataTableEntity -Entity $UserEntity -TableName $TableName -ConnectionString $ConnectionString +PS C:\> Update-AzDataTableEntity -Entity $UserEntity -Context $Context Update the last name of the user "Bobby" to "Tables" using a connection string. + + -------------------------- Example 2 -------------------------- + PS C:\> $Context = New-AzDataTableContext -TableName $TableName -ConnectionString $ConnectionString +PS C:\> $UserEntity = Get-AzDataTableEntity -Filter "FirstName eq 'Bobby'" -Context $Context +PS C:\> $UserEntity['LastName'] = 'Tables' +PS C:\> # Imagine that the user is updated somewhere else +PS C:\> Update-AzDataTableEntity -Entity $UserEntity -Context $Context +PS C:\> # ERROR - The ETag of UserEntity does not match +PS C:\> Update-AzDataTableEntity -Entity $UserEntity -Context $Context -Force +PS C:\> # OK - The -Force switch overrides ETag validation + + Force update the last name of the user "Bobby" to "Tables" using a connection string, overriding ETag validation. + + From badd147fc81c661454579988a4bea49e70851c37 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sun, 20 Oct 2024 22:18:57 +0200 Subject: [PATCH 005/290] improvements to filtering --- .../Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 index 3862e8f0672b..75652f4b8999 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 @@ -20,13 +20,13 @@ Function Invoke-ExecGraphExplorerPreset { switch ($Action) { 'Copy' { - $Id = (New-Guid).Guid + $Id = $Request.Body.preset.id ? $Request.Body.preset.id: (New-Guid).Guid } 'Save' { - $Id = $Request.Body.preset.reportTemplate.value + $Id = $Request.Body.preset.id } 'Delete' { - $Id = $Request.Body.preset.reportTemplate.value + $Id = $Request.Body.preset.id } default { $Action = 'Copy' @@ -55,7 +55,7 @@ Function Invoke-ExecGraphExplorerPreset { $Table = Get-CIPPTable -TableName 'GraphPresets' $Message = '{0} preset succeeded' -f $Action if ($Action -eq 'Copy') { - Add-CIPPAzDataTableEntity @Table -Entity $Preset + Add-CIPPAzDataTableEntity @Table -Entity $Preset -Force $Success = $true } else { $Entity = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$Id'" @@ -67,6 +67,7 @@ Function Invoke-ExecGraphExplorerPreset { } $Success = $true } else { + Write-Host "username in table: $($Entity.Owner). Username in request: $Username" $Message = 'Error: You can only modify your own presets.' $Success = $false } From f1e9f4d8df9c45266a8f9765aa4c777a1f390ee3 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 21 Oct 2024 11:31:24 -0400 Subject: [PATCH 006/290] fix post issues --- .../Settings/Invoke-ExecCPVPermissions.ps1 | 61 ++++++++++--------- .../Settings/Invoke-ExecExcludeTenant.ps1 | 21 +++---- .../Set-ExtensionFieldMapping.ps1 | 4 +- 3 files changed, 44 insertions(+), 42 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 index 8fbf7872e3c9..6e63583e4882 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 @@ -15,41 +15,46 @@ Function Invoke-ExecCPVPermissions { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $Request.Query.TenantFilter | Select-Object -First 1 + $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $Request.Body.TenantFilter | Select-Object -First 1 - Write-Host "Our tenant is $($Tenant.displayName) - $($Tenant.defaultDomainName)" + if ($Tenant) { + Write-Host "Our tenant is $($Tenant.displayName) - $($Tenant.defaultDomainName)" - $TenantFilter = $Request.Query.TenantFilter - $CPVConsentParams = @{ - TenantFilter = $Request.Query.TenantFilter - } - if ($Request.Query.ResetSP -eq 'true') { - $CPVConsentParams.ResetSP = $true - } + $TenantFilter = $Request.Body.TenantFilter + $CPVConsentParams = @{ + TenantFilter = $Request.Body.TenantFilter + } + if ($Request.Query.ResetSP -eq 'true') { + $CPVConsentParams.ResetSP = $true + } - $GraphRequest = try { - if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { - Set-CIPPCPVConsent @CPVConsentParams - } else { - $TenantFilter = $env:TenantID - $Tenant = [PSCustomObject]@{ - displayName = '*Partner Tenant' - defaultDomainName = $env:TenantID + $GraphRequest = try { + if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { + Set-CIPPCPVConsent @CPVConsentParams + } else { + $TenantFilter = $env:TenantID + $Tenant = [PSCustomObject]@{ + displayName = '*Partner Tenant' + defaultDomainName = $env:TenantID + } } + Add-CIPPApplicationPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter + Add-CIPPDelegatedPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter + if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { + Set-CIPPSAMAdminRoles -TenantFilter $TenantFilter + } + $Success = $true + } catch { + "Failed to update permissions for $($Tenant.displayName): $($_.Exception.Message)" + $Success = $false } - Add-CIPPApplicationPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter - Add-CIPPDelegatedPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter - if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { - Set-CIPPSAMAdminRoles -TenantFilter $TenantFilter - } - $Success = $true - } catch { - "Failed to update permissions for $($Tenant.displayName): $($_.Exception.Message)" - $Success = $false - } - $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $TenantFilter | Select-Object -First 1 + $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $TenantFilter | Select-Object -First 1 + } else { + $GraphRequest = 'Tenant not found' + $Success = $false + } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 index 76c414414905..f1b6fc6ed8f1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 @@ -11,8 +11,7 @@ Function Invoke-ExecExcludeTenant { param($Request, $TriggerMetadata) Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' + $user = $request.headers.'x-ms-client-principal' $username = ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($user)) | ConvertFrom-Json).userDetails $date = (Get-Date).tostring('yyyy-MM-dd') @@ -24,7 +23,7 @@ Function Invoke-ExecExcludeTenant { Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message 'got excluded tenants list' -Sev 'Debug' $body = @($ExcludedTenants) } elseif ($Request.query.ListAll) { - $ExcludedTenants = Get-CIPPAzDataTableEntity @TenantsTable -filter "PartitionKey eq 'Tenants'" + $ExcludedTenants = Get-CIPPAzDataTableEntity @TenantsTable -filter "PartitionKey eq 'Tenants'" | Sort-Object -Property displayName Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message 'got excluded tenants list' -Sev 'Debug' $body = @($ExcludedTenants) } @@ -40,21 +39,19 @@ Function Invoke-ExecExcludeTenant { $Tenant.ExcludeDate = $date $Tenant } - Write-Host ($Excluded | ConvertTo-Json) Update-AzDataTableEntity @TenantsTable -Entity ([pscustomobject]$Excluded) - #Remove-CIPPCache Write-LogMessage -API $APINAME -tenant $($name) -user $request.headers.'x-ms-client-principal' -message "Added exclusion for customer(s): $($Excluded.defaultDomainName -join ',')" -Sev 'Info' $body = [pscustomobject]@{'Results' = "Success. Added exclusions for customer(s): $($Excluded.defaultDomainName -join ',')" } } if ($Request.Query.RemoveExclusion) { - $Filter = "PartitionKey eq 'Tenants' and defaultDomainName eq '{0}'" -f $name - $Tenant = Get-CIPPAzDataTableEntity @TenantsTable -Filter $Filter - $Tenant.Excluded = $false - $Tenant.ExcludeUser = '' - $Tenant.ExcludeDate = '' - Update-AzDataTableEntity @TenantsTable -Entity $Tenant - #Remove-CIPPCache + $Tenants = Get-Tenants -IncludeAll | Where-Object { $Request.body.value -contains $_.customerId } + foreach ($Tenant in $Tenants) { + $Tenant.Excluded = $false + $Tenant.ExcludeUser = '' + $Tenant.ExcludeDate = '' + Update-AzDataTableEntity @TenantsTable -Entity $Tenant + } Write-LogMessage -API $APINAME -tenant $($name) -user $request.headers.'x-ms-client-principal' -message "Removed exclusion for customer $($name)" -Sev 'Info' $body = [pscustomobject]@{'Results' = "Success. We've removed $name from the excluded tenants." } } diff --git a/Modules/CippExtensions/Public/Extension Functions/Set-ExtensionFieldMapping.ps1 b/Modules/CippExtensions/Public/Extension Functions/Set-ExtensionFieldMapping.ps1 index 52d59ab12d77..4228bfd77e1f 100644 --- a/Modules/CippExtensions/Public/Extension Functions/Set-ExtensionFieldMapping.ps1 +++ b/Modules/CippExtensions/Public/Extension Functions/Set-ExtensionFieldMapping.ps1 @@ -8,7 +8,7 @@ function Set-ExtensionFieldMapping { $TriggerMetadata ) - foreach ($Mapping in ([pscustomobject]$Request.body.mappings).psobject.properties) { + foreach ($Mapping in ([pscustomobject]$Request.Body).psobject.properties) { $AddObject = @{ PartitionKey = "$($Extension)FieldMapping" RowKey = "$($mapping.name)" @@ -21,4 +21,4 @@ function Set-ExtensionFieldMapping { $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } Return $Result -} \ No newline at end of file +} From fd851babe59a4bd0a17bd7ec8b39ec4191506528 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 21 Oct 2024 12:11:21 -0400 Subject: [PATCH 007/290] Add -Force to remove-azdatatableentity --- .../Applications/Push-UploadApplication.ps1 | 2 +- .../Domain Analyser/Push-DomainAnalyserTenant.ps1 | 4 ++-- .../Graph Requests/Push-ListGraphRequestQueue.ps1 | 2 +- .../Webhooks/Push-AuditLogTenant.ps1 | 2 +- .../Webhooks/Push-PublicWebhookProcess.ps1 | 4 ++-- .../Webhooks/Push-Schedulerwebhookcreation.ps1 | 6 +++--- .../CIPP/Core/Invoke-ExecDurableFunctions.ps1 | 4 ++-- .../CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 | 2 +- .../CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 | 2 +- .../CIPP/Settings/Invoke-ExecCustomRole.ps1 | 2 +- .../CIPP/Settings/Invoke-ExecDnsConfig.ps1 | 2 +- .../CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 | 2 +- .../CIPP/Settings/Invoke-ExecRemoveTenant.ps1 | 2 +- .../Settings/Invoke-ExecWebhookSubscriptions.ps1 | 4 ++-- .../CIPP/Setup/Invoke-ExecSAMSetup.ps1 | 2 +- .../Alerts/Invoke-RemoveQueuedAlert.ps1 | 2 +- .../Administration/Invoke-ExecOnboardTenant.ps1 | 4 ++-- .../Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 | 2 +- .../Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 | 2 +- .../Entrypoints/Invoke-ListGenericAllTenants.ps1 | 2 +- .../Timer Functions/Start-CIPPProcessorQueue.ps1 | 2 +- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 2 +- .../CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 | 4 ++-- Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 | 2 +- Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 | 2 +- .../Public/Invoke-RemoveExConnectorTemplate.ps1 | 2 +- .../CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 | 2 +- .../CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 | 2 +- Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 | 2 +- .../Public/Invoke-RemoveSpamfilterTemplate.ps1 | 2 +- Modules/CIPPCore/Public/Invoke-RemoveStandard.ps1 | 2 +- .../Public/Invoke-RemoveStandardTemplate.ps1 | 2 +- .../Public/Invoke-RemoveTransportRuleTemplate.ps1 | 2 +- Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 | 2 +- .../Webhooks/Invoke-CIPPGraphWebhookRenewal.ps1 | 6 +++--- .../Public/Webhooks/Invoke-RemoveWebhookAlert.ps1 | 6 +++--- .../Public/Webhooks/Remove-CIPPGraphSubscription.ps1 | 6 +++--- .../Register-CippExtensionScheduledTasks.ps1 | 6 +++--- .../CippExtensions/Public/Halo/Get-HaloMapping.ps1 | 2 +- .../CippExtensions/Public/Halo/Set-HaloMapping.ps1 | 2 +- .../CippExtensions/Public/Hudu/Set-HuduMapping.ps1 | 2 +- .../Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 | 2 +- .../Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 | 12 ++++++------ .../Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 | 2 +- 44 files changed, 65 insertions(+), 65 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 index f718564301fc..f96467bd98eb 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 @@ -40,7 +40,7 @@ function Push-UploadApplication { } $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter $RemoveCacheFile = if ($chocoapp.Tenant -ne 'AllTenants') { - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow } else { $Table.Force = $true Add-CIPPAzDataTableEntity @Table -Entity @{ diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserTenant.ps1 index 203428ec580e..8006fd065809 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserTenant.ps1 @@ -14,7 +14,7 @@ function Push-DomainAnalyserTenant { $CleanupCount = ($CleanupRows | Measure-Object).Count if ($CleanupCount -gt 0) { Write-LogMessage -API 'DomainAnalyser' -tenant $Tenant.defaultDomainName -message "Cleaning up $CleanupCount domain(s) for excluded tenant" -sev Info - Remove-AzDataTableEntity @DomainTable -Entity $CleanupRows + Remove-AzDataTableEntity -Force @DomainTable -Entity $CleanupRows } } elseif ($Tenant.GraphErrorCount -gt 50) { return @@ -51,7 +51,7 @@ function Push-DomainAnalyserTenant { $OldDomain = Get-CIPPAzDataTableEntity @DomainTable -Filter $Filter if ($OldDomain) { - Remove-AzDataTableEntity @DomainTable -Entity $OldDomain | Out-Null + Remove-AzDataTableEntity -Force @DomainTable -Entity $OldDomain | Out-Null } $Filter = "PartitionKey eq 'TenantDomains' and RowKey eq '{0}'" -f $TenantDomain.Domain diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Graph Requests/Push-ListGraphRequestQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Graph Requests/Push-ListGraphRequestQueue.ps1 index c7b2de89ec5a..3c47e4eb5c51 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Graph Requests/Push-ListGraphRequestQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Graph Requests/Push-ListGraphRequestQueue.ps1 @@ -25,7 +25,7 @@ function Push-ListGraphRequestQueue { Write-Information "Filter: $Filter" $Existing = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey if ($Existing) { - $null = Remove-AzDataTableEntity @Table -Entity $Existing + $null = Remove-AzDataTableEntity -Force @Table -Entity $Existing } $GraphRequestParams = @{ TenantFilter = $Item.TenantFilter diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index ef5ea518bcb8..165af280b5ec 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -22,7 +22,7 @@ function Push-AuditLogTenant { } # remove legacy webhooks foreach ($Task in $LegacyWebhookTasks) { - Remove-AzDataTableEntity @SchedulerConfig -Entity $Task + Remove-AzDataTableEntity -Force @SchedulerConfig -Entity $Task } $CIPPURL = $LegacyUrl } else { diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-PublicWebhookProcess.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-PublicWebhookProcess.ps1 index 0669c01fabfa..0cdc860b7e48 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-PublicWebhookProcess.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-PublicWebhookProcess.ps1 @@ -19,6 +19,6 @@ function Push-PublicWebhookProcess { Write-Host "Webhook Exception: $($_.Exception.Message)" } finally { $Entity = $Webhook | Select-Object -Property RowKey, PartitionKey - Remove-AzDataTableEntity @Table -Entity $Entity + Remove-AzDataTableEntity -Force @Table -Entity $Entity } -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-Schedulerwebhookcreation.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-Schedulerwebhookcreation.ps1 index 62da83dff4cd..de538961a47a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-Schedulerwebhookcreation.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-Schedulerwebhookcreation.ps1 @@ -20,13 +20,13 @@ function Push-Schedulerwebhookcreation { if ($Webhook) { Write-Information "Found existing webhook for $Tenant - $($Row.webhookType)" if ($Row.tenantid -ne 'AllTenants') { - Remove-AzDataTableEntity @Table -Entity $Row + Remove-AzDataTableEntity -Force @Table -Entity $Row } if (($Webhook | Measure-Object).Count -gt 1) { $Webhook = $Webhook | Select-Object -First 1 $WebhooksToRemove = $ExistingWebhooks | Where-Object { $_.RowKey -ne $Webhook.RowKey } foreach ($RemoveWebhook in $WebhooksToRemove) { - Remove-AzDataTableEntity @WebhookTable -Entity $RemoveWebhook + Remove-AzDataTableEntity -Force @WebhookTable -Entity $RemoveWebhook } } } else { @@ -34,7 +34,7 @@ function Push-Schedulerwebhookcreation { try { $NewSub = New-CIPPGraphSubscription -TenantFilter $Tenant -EventType $Row.webhookType -auditLogAPI $true if ($NewSub.Success -and $Row.tenantid -ne 'AllTenants') { - Remove-AzDataTableEntity @Table -Entity $Row + Remove-AzDataTableEntity -Force @Table -Entity $Row } else { Write-Information "Failed to create webhook for $Tenant - $($Row.webhookType) - $($_.Exception.Message)" } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 index f01062fe5720..e852991c7c9a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 @@ -142,11 +142,11 @@ function Invoke-ExecDurableFunctions { if ($Request.Query.PartitionKey) { $HistoryEntities = Get-CIPPAzDataTableEntity @HistoryTable -Filter "PartitionKey eq '$($Request.Query.PartitionKey)'" -Property RowKey, PartitionKey if ($HistoryEntities) { - Remove-AzDataTableEntity @HistoryTable -Entity $HistoryEntities + Remove-AzDataTableEntity -Force @HistoryTable -Entity $HistoryEntities } $Instance = Get-CIPPAzDataTableEntity @InstancesTable -Filter "PartitionKey eq '$($Request.Query.PartitionKey)'" -Property RowKey, PartitionKey if ($Instance) { - Remove-AzDataTableEntity @InstancesTable -Entity $Instance + Remove-AzDataTableEntity -Force @InstancesTable -Entity $Instance } $Body = [PSCustomObject]@{ Results = 'Orchestrator {0} purged successfully' -f $Request.Query.PartitionKey diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 index b705c1da9fc5..798975625766 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 @@ -17,7 +17,7 @@ Function Invoke-ExecSetCIPPAutoBackup { RowKey = $AutomatedCIPPBackupTask.RowKey PartitionKey = 'ScheduledTask' } - Remove-AzDataTableEntity @Table -Entity $task | Out-Null + Remove-AzDataTableEntity -Force @Table -Entity $task | Out-Null $TaskBody = [pscustomobject]@{ TenantFilter = 'AllTenants' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 index 2da498adaf36..26b0d4153cc3 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 @@ -18,7 +18,7 @@ Function Invoke-RemoveScheduledItem { PartitionKey = 'ScheduledTask' } $Table = Get-CIPPTable -TableName 'ScheduledTasks' - Remove-AzDataTableEntity @Table -Entity $task + Remove-AzDataTableEntity -Force @Table -Entity $task Write-LogMessage -user $User -API $APINAME -message "Task removed: $($task.RowKey)" -Sev 'Info' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCustomRole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCustomRole.ps1 index 44c87fd92425..b4614cd96b40 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCustomRole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCustomRole.ps1 @@ -25,7 +25,7 @@ function Invoke-ExecCustomRole { 'Delete' { Write-LogMessage -user $Request.Headers.'x-ms-client-principal' -API 'ExecCustomRole' -message "Deleted custom role $($Request.Body.RoleName)" -Sev 'Info' $Role = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($Request.Body.RoleName)'" -Property RowKey, PartitionKey - Remove-AzDataTableEntity @Table -Entity $Role + Remove-AzDataTableEntity -Force @Table -Entity $Role $Body = @{Results = 'Custom role deleted' } } default { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 index 147855eab44c..d575cdab9956 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 @@ -95,7 +95,7 @@ Function Invoke-ExecDnsConfig { 'RemoveDomain' { $Filter = "RowKey eq '{0}'" -f $Request.Query.Domain $DomainRow = Get-CIPPAzDataTableEntity @DomainTable -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @DomainTable -Entity $DomainRow + Remove-AzDataTableEntity -Force @DomainTable -Entity $DomainRow Write-LogMessage -API $APINAME -tenant 'Global' -user $request.headers.'x-ms-client-principal' -message "Removed Domain - $($Request.Query.Domain) " -Sev 'Info' $body = [pscustomobject]@{ 'Results' = "Domain removed - $($Request.Query.Domain)" } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 index 8b18bb186e4a..063e26bb0d4b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 @@ -55,7 +55,7 @@ Function Invoke-ExecExcludeLicenses { if ($Request.Query.RemoveExclusion) { $Filter = "RowKey eq '{0}' and PartitionKey eq 'License'" -f $Request.Query.Guid $Entity = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $Entity + Remove-AzDataTableEntity -Force @Table -Entity $Entity Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Removed exclusion $($Request.Query.GUID)" -Sev 'Info' $body = [pscustomobject]@{'Results' = "Success. We've removed $($Request.query.guid) from the excluded list." } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRemoveTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRemoveTenant.ps1 index 8e036778fb2d..72f227659de1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRemoveTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRemoveTenant.ps1 @@ -16,7 +16,7 @@ function Invoke-ExecRemoveTenant { $Tenant = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Tenants' and RowKey eq '$($Request.Body.TenantID)'" -Property RowKey, PartitionKey, customerId, displayName if ($Tenant) { try { - Remove-AzDataTableEntity @Table -Entity $Tenant + Remove-AzDataTableEntity -Force @Table -Entity $Tenant $Body = @{Results = "$($Tenant.displayName) ($($Tenant.customerId)) deleted from CIPP. Note: This does not remove the GDAP relationship, see the Tenant Offboarding wizard to perform that action." } $StatusCode = [HttpStatusCode]::OK } catch { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 index 95c8b94f5fc9..35d6278e4649 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 @@ -14,7 +14,7 @@ function Invoke-ExecWebhookSubscriptions { $Webhook = Get-AzDataTableEntity @Table -Filter "RowKey eq '$($Request.Query.WebhookID)'" -Property PartitionKey, RowKey if ($Webhook) { Remove-CIPPGraphSubscription -TenantFilter $Webhook.PartitionKey -CIPPID $Webhook.RowKey - Remove-AzDataTableEntity @Table -Entity $Webhook + Remove-AzDataTableEntity -Force @Table -Entity $Webhook Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = @{ Results = "Deleted subscription $($Webhook.RowKey) for $($Webhook.PartitionKey)" } @@ -48,7 +48,7 @@ function Invoke-ExecWebhookSubscriptions { return } Remove-CIPPGraphSubscription @Unsubscribe - Remove-AzDataTableEntity @Table -Entity $Webhook + Remove-AzDataTableEntity -Force @Table -Entity $Webhook Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = @{ Results = "Unsubscribed from $($Webhook.Resource) for $($Webhook.PartitionKey)" } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 index 05a909a9346b..b480e9222627 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 @@ -235,7 +235,7 @@ Function Invoke-ExecSAMSetup { } 4 { - Remove-AzDataTableEntity @Table -Entity $Rows + Remove-AzDataTableEntity -Force @Table -Entity $Rows $step = 5 $Results = @{'message' = 'setup completed.'; step = $step diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1 index 3a52f5dacdfd..f916f4436a04 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1 @@ -24,7 +24,7 @@ Function Invoke-RemoveQueuedAlert { try { $Filter = "RowKey eq '{0}'" -f $ID $Alert = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $Alert + Remove-AzDataTableEntity -Force @Table -Entity $Alert Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Removed application queue for $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed from queue.' } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 index 10c11f90575a..4cf6b08f6cec 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 @@ -19,7 +19,7 @@ function Invoke-ExecOnboardTenant { if ($Request.Query.Cancel -eq $true) { $TenantOnboarding = Get-CIPPAzDataTableEntity @OnboardTable -Filter "RowKey eq '$Id'" if ($TenantOnboarding) { - Remove-AzDataTableEntity @OnboardTable -Entity $TenantOnboarding + Remove-AzDataTableEntity -Force @OnboardTable -Entity $TenantOnboarding $Results = @{'Results' = 'Onboarding job canceled' } $StatusCode = [HttpStatusCode]::OK } else { @@ -110,4 +110,4 @@ function Invoke-ExecOnboardTenant { Body = $Results }) -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 index 23426c6f1a14..05115ce42df2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 @@ -18,7 +18,7 @@ Function Invoke-ExecDeleteGDAPRoleMapping { try { $Filter = "PartitionKey eq 'Roles' and RowKey eq '{0}'" -f $Request.Query.GroupId $Entity = Get-CIPPAzDataTableEntity @Table -Filter $Filter - Remove-AzDataTableEntity @Table -Entity $Entity + Remove-AzDataTableEntity -Force @Table -Entity $Entity $Results = [pscustomobject]@{'Results' = 'Success. GDAP relationship mapping deleted' } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "GDAP relationship mapping deleted for $($Request.Query.GroupId)" -Sev 'Info' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 index 75652f4b8999..5019a66c9725 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Tools/Invoke-ExecGraphExplorerPreset.ps1 @@ -61,7 +61,7 @@ Function Invoke-ExecGraphExplorerPreset { $Entity = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$Id'" if ($Entity.Owner -eq $Username ) { if ($Action -eq 'Delete') { - Remove-AzDataTableEntity @Table -Entity $Entity + Remove-AzDataTableEntity -Force @Table -Entity $Entity } elseif ($Action -eq 'Save') { Add-CIPPAzDataTableEntity @Table -Entity $Preset -Force } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGenericAllTenants.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGenericAllTenants.ps1 index 32afe59ac176..f579777b5607 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGenericAllTenants.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGenericAllTenants.ps1 @@ -15,7 +15,7 @@ Function Invoke-ListGenericAllTenants { Update-CippQueueEntry -RowKey $QueueKey -Status 'Started' $Table = Get-CIPPTable -TableName "cache$TableURLName" $fullUrl = "https://graph.microsoft.com/beta/$QueueItem" - Get-CIPPAzDataTableEntity @Table | Remove-AzDataTableEntity @table + Get-CIPPAzDataTableEntity @Table | Remove-AzDataTableEntity -Force @table $RawGraphRequest = Get-Tenants | ForEach-Object -Parallel { $domainName = $_.defaultDomainName diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPProcessorQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPProcessorQueue.ps1 index 2fc7b7ac65bb..58b0b595109e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPProcessorQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPProcessorQueue.ps1 @@ -30,7 +30,7 @@ function Start-CIPPProcessorQueue { } else { Write-Warning "Function $($QueueItem.FunctionName) not found" } - Remove-AzDataTableEntity @QueueTable -Entity $QueueItem + Remove-AzDataTableEntity -Force @QueueTable -Entity $QueueItem } } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 5c3d5c924779..eb8a7c0c45fb 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -66,7 +66,7 @@ function Get-Tenants { } $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false" $CurrentTenants | Where-Object { $_.customerId -notin $GDAPList.customerId } | ForEach-Object { - Remove-AzDataTableEntity @TenantsTable -Entity $_ + Remove-AzDataTableEntity -Force @TenantsTable -Entity $_ } } $PartnerModeTable = Get-CippTable -tablename 'tenantMode' diff --git a/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 b/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 index 99057374f0de..dbd52b564c54 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 @@ -11,7 +11,7 @@ function Remove-CIPPCache { $Filter = "PartitionKey eq 'Tenants' and Excluded eq false" $ClearIncludedTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter $Filter -Property PartitionKey, RowKey if ($ClearIncludedTenants) { - Remove-AzDataTableEntity @TenantsTable -Entity $ClearIncludedTenants + Remove-AzDataTableEntity -Force @TenantsTable -Entity $ClearIncludedTenants } if ($TenantsOnly -eq 'false') { @@ -30,7 +30,7 @@ function Remove-CIPPCache { $BPATable = Get-CippTable -tablename 'cachebpav2' $ClearBPARows = Get-CIPPAzDataTableEntity @BPATable if ($ClearBPARows) { - Remove-AzDataTableEntity @BPATable -Entity $ClearBPARows + Remove-AzDataTableEntity -Force @BPATable -Entity $ClearBPARows } $ENV:SetFromProfile = $null $Script:SkipListCache = $Null diff --git a/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 index 6e247411b394..1f2046b4ed9e 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 @@ -20,7 +20,7 @@ Function Invoke-RemoveBPATemplate { $Filter = "PartitionKey eq 'BPATemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed BPA Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed BPA Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 index b3024895b3a5..1d24c2095320 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 @@ -20,7 +20,7 @@ Function Invoke-RemoveCATemplate { $Filter = "PartitionKey eq 'CATemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Conditional Access Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Conditional Access Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 index f603904daec4..6789c97a6c4c 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveExConnectorTemplate { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'ExConnectorTemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Exchange Connector Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Exchange Connector Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 index 51d5d9d03ce6..d7a330d0bdd9 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 @@ -22,7 +22,7 @@ Function Invoke-RemoveGroupTemplate { $Filter = "PartitionKey eq 'GroupTemplate' and RowKey eq '$id'" Write-Host $Filter $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Intune Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 index 4c66d297fc66..5880b04b7968 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 @@ -22,7 +22,7 @@ Function Invoke-RemoveIntuneTemplate { $Filter = "PartitionKey eq 'IntuneTemplate' and RowKey eq '$id'" Write-Host $Filter $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Intune Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Intune Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 index f1de92bdeab7..ef22fb63ce82 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveQueuedApp { $Table = Get-CippTable -tablename 'apps' $Filter = "PartitionKey eq 'apps' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed application queue for $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed from queue.' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 index 8e4f8d870eed..4b8d7fa34a41 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveSpamfilterTemplate { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'SpamfilterTemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Transport Rule Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Transport Rule Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveStandard.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveStandard.ps1 index 06f864c69222..af93c7a4cc95 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveStandard.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveStandard.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveStandard { $Table = Get-CippTable -tablename 'standards' $Filter = "PartitionKey eq 'standards' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed standards for $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed standards deployment' } diff --git a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 index a60e7fe39b3f..029c1c4e4284 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 @@ -20,7 +20,7 @@ Function Invoke-RemoveStandardTemplate { $Filter = "PartitionKey eq 'StandardsTemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Standards Template named $($ClearRow.name) and id $($id)" -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Template' } } catch { diff --git a/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1 index f01c97da7adb..997c150e47f8 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveTransportRuleTemplate { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'TransportTemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey - Remove-AzDataTableEntity @Table -Entity $clearRow + Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Transport Rule Template with ID $ID." -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Successfully removed Transport Rule Template' } } catch { diff --git a/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 b/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 index bfba35fa1103..412741e5dda1 100644 --- a/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 @@ -36,7 +36,7 @@ function Set-CIPPGDAPInviteGroups { if ($PSCmdlet.ShouldProcess($Relationship.id, "Remove invite entry for $($Relationship.customer.displayName)")) { Write-LogMessage -API $APINAME -message "Groups mapped for GDAP Relationship: $($Relationship.customer.displayName) - $($Relationship.customer.displayName)" -Sev Info - Remove-AzDataTableEntity @Table -Entity $Invite + Remove-AzDataTableEntity -Force @Table -Entity $Invite } return $true } else { diff --git a/Modules/CIPPCore/Public/Webhooks/Invoke-CIPPGraphWebhookRenewal.ps1 b/Modules/CIPPCore/Public/Webhooks/Invoke-CIPPGraphWebhookRenewal.ps1 index e26271907be0..0ac6acf10bbb 100644 --- a/Modules/CIPPCore/Public/Webhooks/Invoke-CIPPGraphWebhookRenewal.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/Invoke-CIPPGraphWebhookRenewal.ps1 @@ -32,11 +32,11 @@ function Invoke-CippGraphWebhookRenewal { $CreateResult = New-CIPPGraphSubscription -TenantFilter $TenantFilter -TypeofSubscription $TypeofSubscription -BaseURL $BaseURL -Resource $Resource -EventType $EventType -ExecutingUser 'GraphSubscriptionRenewal' -Recreate if ($CreateResult -match 'Created Webhook subscription for') { - Remove-AzDataTableEntity @WebhookTable -Entity $UpdateSub + Remove-AzDataTableEntity -Force @WebhookTable -Entity $UpdateSub } - + } - + } catch { Write-LogMessage -user 'CIPP' -API 'Renew_Graph_Subscriptions' -message "Failed to renew Webhook Subscription: $($UpdateSub.SubscriptionID). Linenumber: $($_.InvocationInfo.ScriptLineNumber) Error: $($_.Exception.message)" -Sev "Error" -tenant $TenantFilter diff --git a/Modules/CIPPCore/Public/Webhooks/Invoke-RemoveWebhookAlert.ps1 b/Modules/CIPPCore/Public/Webhooks/Invoke-RemoveWebhookAlert.ps1 index ddac44fd273a..5e26756fb04d 100644 --- a/Modules/CIPPCore/Public/Webhooks/Invoke-RemoveWebhookAlert.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/Invoke-RemoveWebhookAlert.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveWebhookAlert { Write-Host "The webhook count is $($WebhookRow.count)" if ($WebhookRow.count -gt 1) { $Entity = $WebhookRow | Where-Object -Property RowKey -EQ $Request.query.ID - Remove-AzDataTableEntity @WebhookTable -Entity $Entity | Out-Null + Remove-AzDataTableEntity -Force @WebhookTable -Entity $Entity | Out-Null $Results = "Removed Alert Rule for $($Request.query.TenantFilter)" } else { if ($Request.query.TenantFilter -eq 'AllTenants') { @@ -31,7 +31,7 @@ Function Invoke-RemoveWebhookAlert { RowKey = 'AllTenantsWebhookCreation' PartitionKey = 'webhookcreation' } - Remove-AzDataTableEntity @Table -Entity $CompleteObject -ErrorAction SilentlyContinue | Out-Null + Remove-AzDataTableEntity -Force @Table -Entity $CompleteObject -ErrorAction SilentlyContinue | Out-Null } catch { Write-LogMessage -user $Request.headers.'x-ms-client-principal' -API $APIName -message "Failed to remove webhook for AllTenants. $($_.Exception.Message)" -Sev 'Error' } @@ -42,7 +42,7 @@ Function Invoke-RemoveWebhookAlert { $Results = foreach ($Tenant in $Tenants) { Remove-CIPPGraphSubscription -TenantFilter $Tenant -Type 'AuditLog' $Entity = $WebhookRow | Where-Object -Property RowKey -EQ $Request.query.ID - Remove-AzDataTableEntity @WebhookTable -Entity $Entity | Out-Null + Remove-AzDataTableEntity -Force @WebhookTable -Entity $Entity | Out-Null "Removed Alert Rule for $($Request.query.TenantFilter)" } } diff --git a/Modules/CIPPCore/Public/Webhooks/Remove-CIPPGraphSubscription.ps1 b/Modules/CIPPCore/Public/Webhooks/Remove-CIPPGraphSubscription.ps1 index 7b17983dadff..a9b35a01c3e6 100644 --- a/Modules/CIPPCore/Public/Webhooks/Remove-CIPPGraphSubscription.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/Remove-CIPPGraphSubscription.ps1 @@ -18,7 +18,7 @@ function Remove-CIPPGraphSubscription { $AuditLog = New-GraphPOSTRequest -uri "https://manage.office.com/api/v1.0/$($TenantFilter)/activity/feed/subscriptions/stop?contentType=$($sub.contentType)" -scope 'https://manage.office.com/.default' -tenantid $TenantFilter -type POST -body '{}' -verbose Try { $WebhookRow = Get-CIPPAzDataTableEntity @WebhookTable | Where-Object { $_.PartitionKey -eq $TenantFilter -and $_.Resource -eq $EventType -and $_.version -ne '2' } - $null = Remove-AzDataTableEntity @WebhookTable -Entity $Entity + $null = Remove-AzDataTableEntity -Force @WebhookTable -Entity $Entity } catch { Write-LogMessage -user $ExecutingUser -API $APIName -message 'Deleted an audit log webhook that was already removed from CIPP' -Sev 'Info' -tenant $TenantFilter @@ -41,11 +41,11 @@ function Remove-CIPPGraphSubscription { } catch { Write-LogMessage -user $ExecutingUser -API $APIName -message "Failed to remove webhook subscription at Microsoft's side: $($_.Exception.Message)" -Sev 'Error' -tenant $TenantFilter } - $null = Remove-AzDataTableEntity @WebhookTable -Entity $Entity + $null = Remove-AzDataTableEntity -Force @WebhookTable -Entity $Entity } else { $OldID = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/subscriptions' -tenantid $TenantFilter) | Where-Object { $_.notificationUrl -eq $WebhookRow.WebhookNotificationUrl } $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/subscriptions/$($oldId.ID)" -tenantid $TenantFilter -type DELETE -body {} -Verbose - $null = Remove-AzDataTableEntity @WebhookTable -Entity $Entity + $null = Remove-AzDataTableEntity -Force @WebhookTable -Entity $Entity } return "Removed webhook subscription to $($WebhookRow.resource) for $($TenantFilter)" } diff --git a/Modules/CippExtensions/Public/Extension Functions/Register-CippExtensionScheduledTasks.ps1 b/Modules/CippExtensions/Public/Extension Functions/Register-CippExtensionScheduledTasks.ps1 index d8b2d6cfd01f..a560660fd8eb 100644 --- a/Modules/CippExtensions/Public/Extension Functions/Register-CippExtensionScheduledTasks.ps1 +++ b/Modules/CippExtensions/Public/Extension Functions/Register-CippExtensionScheduledTasks.ps1 @@ -102,7 +102,7 @@ function Register-CIPPExtensionScheduledTasks { $PushTasks | Where-Object { $_.SyncType -eq $Extension } | ForEach-Object { Write-Information "Extension Disabled: Cleaning up scheduled task $($_.Name) for tenant $($_.Tenant)" $Entity = $_ | Select-Object -Property PartitionKey, RowKey - Remove-AzDataTableEntity @ScheduledTasksTable -Entity $Entity + Remove-AzDataTableEntity -Force @ScheduledTasksTable -Entity $Entity } } } @@ -112,14 +112,14 @@ function Register-CIPPExtensionScheduledTasks { if ($Task.Tenant -notin $MappedTenants) { Write-Information "Tenant Removed: Cleaning up scheduled task $($Task.Name) for tenant $($Task.TenantFilter)" $Entity = $Task | Select-Object -Property PartitionKey, RowKey - Remove-AzDataTableEntity @ScheduledTasksTable -Entity $Entity + Remove-AzDataTableEntity -Force @ScheduledTasksTable -Entity $Entity } } foreach ($Task in $PushTasks) { if ($Task.Tenant -notin $MappedTenants) { Write-Information "Tenant Removed: Cleaning up scheduled task $($Task.Name) for tenant $($Task.TenantFilter)" $Entity = $Task | Select-Object -Property PartitionKey, RowKey - Remove-AzDataTableEntity @ScheduledTasksTable -Entity $Entity + Remove-AzDataTableEntity -Force @ScheduledTasksTable -Entity $Entity } } } diff --git a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 index 0e2e54032910..787159880e16 100644 --- a/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 +++ b/Modules/CippExtensions/Public/Halo/Get-HaloMapping.ps1 @@ -15,7 +15,7 @@ function Get-HaloMapping { IntegrationId = $_.HaloPSA IntegrationName = $_.HaloPSAName } - Remove-AzDataTableEntity @CIPPMapping -Entity $_ | Out-Null + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ | Out-Null } if (($MigrateRows | Measure-Object).Count -gt 0) { Add-CIPPAzDataTableEntity @CIPPMapping -Entity $MigrateRows -Force diff --git a/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 b/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 index 0fa8b68671a1..fb8c0c51585e 100644 --- a/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 +++ b/Modules/CippExtensions/Public/Halo/Set-HaloMapping.ps1 @@ -6,7 +6,7 @@ function Set-HaloMapping { $Request ) Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'HaloMapping'" | ForEach-Object { - Remove-AzDataTableEntity @CIPPMapping -Entity $_ + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ } foreach ($Mapping in $Request.Body) { $AddObject = @{ diff --git a/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 b/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 index 01e7e200e697..1f8ba6c37d88 100644 --- a/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 +++ b/Modules/CippExtensions/Public/Hudu/Set-HuduMapping.ps1 @@ -6,7 +6,7 @@ function Set-HuduMapping { $Request ) Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'HuduMapping'" | ForEach-Object { - Remove-AzDataTableEntity @CIPPMapping -Entity $_ + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ } foreach ($Mapping in $Request.Body) { $AddObject = @{ diff --git a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 index 8a430f372b0e..d3de5486cab7 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 @@ -66,7 +66,7 @@ function Get-NinjaOneFieldMapping { IntegrationId = $_.NinjaOne IntegrationName = $_.NinjaOneName } - Remove-AzDataTableEntity @CIPPMapping -Entity $_ + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ } if (($MappingFieldMigrate | Measure-Object).count -gt 0) { Add-CIPPAzDataTableEntity @CIPPMapping -Entity $MappingFieldMigrate -Force diff --git a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 index d45407edb06e..1b88da1c6bf6 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 @@ -1367,7 +1367,7 @@ function Invoke-NinjaOneTenantSync { if (($NinjaUserCreation | Measure-Object).count -ge 100) { Write-Information 'Creating NinjaOne Users' [System.Collections.Generic.List[PSCustomObject]]$CreatedUsers = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/organization/documents" -Method POST -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json; charset=utf-8' -Body ("[$($NinjaUserCreation.body -join ',')]") -EA Stop).content | ConvertFrom-Json -Depth 100 - Remove-AzDataTableEntity @UsersUpdateTable -Entity $NinjaUserCreation + Remove-AzDataTableEntity -Force @UsersUpdateTable -Entity $NinjaUserCreation [System.Collections.Generic.List[PSCustomObject]]$NinjaUserCreation = @() } } Catch { @@ -1379,7 +1379,7 @@ function Invoke-NinjaOneTenantSync { if (($NinjaUserUpdates | Measure-Object).count -ge 100) { Write-Information 'Updating NinjaOne Users' [System.Collections.Generic.List[PSCustomObject]]$UpdatedUsers = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/organization/documents" -Method PATCH -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json; charset=utf-8' -Body ("[$($NinjaUserUpdates.body -join ',')]") -EA Stop).content | ConvertFrom-Json -Depth 100 - Remove-AzDataTableEntity @UsersUpdateTable -Entity $NinjaUserUpdates + Remove-AzDataTableEntity -Force @UsersUpdateTable -Entity $NinjaUserUpdates [System.Collections.Generic.List[PSCustomObject]]$NinjaUserUpdates = @() } } Catch { @@ -1442,7 +1442,7 @@ function Invoke-NinjaOneTenantSync { if (($NinjaUserCreation | Measure-Object).count -ge 1) { Write-Information 'Creating NinjaOne Users' [System.Collections.Generic.List[PSCustomObject]]$CreatedUsers = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/organization/documents" -Method POST -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json; charset=utf-8' -Body ("[$($NinjaUserCreation.body -join ',')]") -EA Stop).content | ConvertFrom-Json -Depth 100 - Remove-AzDataTableEntity @UsersUpdateTable -Entity $NinjaUserCreation + Remove-AzDataTableEntity -Force @UsersUpdateTable -Entity $NinjaUserCreation } } Catch { @@ -1454,7 +1454,7 @@ function Invoke-NinjaOneTenantSync { if (($NinjaUserUpdates | Measure-Object).count -ge 1) { Write-Information 'Updating NinjaOne Users' [System.Collections.Generic.List[PSCustomObject]]$UpdatedUsers = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/organization/documents" -Method PATCH -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json; charset=utf-8' -Body ("[$($NinjaUserUpdates.body -join ',')]") -EA Stop).content | ConvertFrom-Json -Depth 100 - Remove-AzDataTableEntity @UsersUpdateTable -Entity $NinjaUserUpdates + Remove-AzDataTableEntity -Force @UsersUpdateTable -Entity $NinjaUserUpdates } } Catch { Write-Information "Bulk Update Errored, but may have been successful as only 1 record with an issue could have been the cause: $_" @@ -2310,12 +2310,12 @@ function Invoke-NinjaOneTenantSync { Write-Information 'Cleaning Users Cache' if (($ParsedUsers | Measure-Object).count -gt 0) { - Remove-AzDataTableEntity @UsersTable -Entity ($ParsedUsers | Select-Object PartitionKey, RowKey) + Remove-AzDataTableEntity -Force @UsersTable -Entity ($ParsedUsers | Select-Object PartitionKey, RowKey) } Write-Information 'Cleaning Device Cache' if (($ParsedDevices | Measure-Object).count -gt 0) { - Remove-AzDataTableEntity @DeviceTable -Entity ($ParsedDevices | Select-Object PartitionKey, RowKey) + Remove-AzDataTableEntity -Force @DeviceTable -Entity ($ParsedDevices | Select-Object PartitionKey, RowKey) } Write-Information "Total Fetch Time: $((New-TimeSpan -Start $StartTime -End $FetchEnd).TotalSeconds)" diff --git a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 index 4c8b5f357750..d501714d1a6d 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Set-NinjaOneOrgMapping.ps1 @@ -7,7 +7,7 @@ function Set-NinjaOneOrgMapping { ) Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'NinjaOneMapping'" | ForEach-Object { - Remove-AzDataTableEntity @CIPPMapping -Entity $_ + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ } foreach ($Mapping in $Request.Body) { $AddObject = @{ From 7ffd6267ee94000ab62e1c68378af9a762e03e4a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 21 Oct 2024 18:11:58 +0200 Subject: [PATCH 008/290] id property other by body or request --- .../CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 index 2da498adaf36..4aa589290f19 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-RemoveScheduledItem.ps1 @@ -14,7 +14,7 @@ Function Invoke-RemoveScheduledItem { $User = $request.headers.'x-ms-client-principal' $task = @{ - RowKey = $Request.Query.ID + RowKey = $Request.Query.id ? $Request.Query.id : $Request.Body.id PartitionKey = 'ScheduledTask' } $Table = Get-CIPPTable -TableName 'ScheduledTasks' From f84942f1813237e23c62467951bee509ccb7b93d Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 21 Oct 2024 18:50:22 +0200 Subject: [PATCH 009/290] doing old ben a favour. --- Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 index 30aa79cffaa2..ff1ca5b52ed9 100644 --- a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 @@ -17,7 +17,8 @@ function Add-CIPPScheduledTask { } $propertiesToCheck = @('Webhook', 'Email', 'PSA') - $PostExecution = ($propertiesToCheck | Where-Object { $task.PostExecution.$_ -eq $true }) -join ',' + $PostExecutionObject = ($propertiesToCheck | Where-Object { $task.PostExecution.$_ -eq $true }) -join ',' + $PostExecution = $PostExecutionObject ? $PostExecutionObject : ($Task.PostExecution.value -join ',') $Parameters = [System.Collections.Hashtable]@{} foreach ($Key in $task.Parameters.PSObject.Properties.Name) { $Param = $task.Parameters.$Key @@ -59,7 +60,7 @@ function Add-CIPPScheduledTask { PartitionKey = [string]'ScheduledTask' TaskState = [string]'Planned' RowKey = [string]$RowKey - Tenant = [string]$task.TenantFilter + Tenant = $task.TenantFilter.value ? "$($task.TenantFilter.value)" : "$($task.TenantFilter)" Name = [string]$task.Name Command = [string]$task.Command.value Parameters = [string]$Parameters From 6a45faad7694814b7ef9421f519eaee4aa1d9ce1 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 21 Oct 2024 23:15:52 +0200 Subject: [PATCH 010/290] scheduler changes --- Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 index ff1ca5b52ed9..59c1174be052 100644 --- a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 @@ -17,8 +17,8 @@ function Add-CIPPScheduledTask { } $propertiesToCheck = @('Webhook', 'Email', 'PSA') - $PostExecutionObject = ($propertiesToCheck | Where-Object { $task.PostExecution.$_ -eq $true }) -join ',' - $PostExecution = $PostExecutionObject ? $PostExecutionObject : ($Task.PostExecution.value -join ',') + $PostExecutionObject = ($propertiesToCheck | Where-Object { $task.PostExecution.$_ -eq $true }) + $PostExecution = $PostExecutionObject ? ($PostExecutionObject -join ',') : ($Task.PostExecution.value -join ',') $Parameters = [System.Collections.Hashtable]@{} foreach ($Key in $task.Parameters.PSObject.Properties.Name) { $Param = $task.Parameters.$Key From 66db1e4c2c1d08cd1458307d6db7186cb5b4f347 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 21 Oct 2024 22:16:24 -0400 Subject: [PATCH 011/290] api response tweaks --- .../HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 | 4 ++-- .../CIPP/Settings/Invoke-ExecPasswordConfig.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 index d575cdab9956..aaf16a8c8b10 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecDnsConfig.ps1 @@ -44,8 +44,8 @@ Function Invoke-ExecDnsConfig { switch ($Request.Query.Action) { 'SetConfig' { - if ($Request.Query.Resolver) { - $Resolver = $Request.Query.Resolver + if ($Request.Body.Resolver) { + $Resolver = $Request.Body.Resolver if ($ValidResolvers -contains $Resolver) { try { $Config.Resolver = $Resolver diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPasswordConfig.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPasswordConfig.ps1 index 9f4815e3f25d..25e72a914e82 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPasswordConfig.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPasswordConfig.ps1 @@ -22,14 +22,14 @@ Function Invoke-ExecPasswordConfig { if ($Request.Query.List) { @{ passwordType = $PasswordType.passwordType } } else { - $SchedulerConfig = @{ + $PasswordConfig = @{ 'passwordType' = "$($Request.Body.passwordType)" 'passwordCount' = '12' 'PartitionKey' = 'settings' 'RowKey' = 'settings' } - Add-CIPPAzDataTableEntity @Table -Entity $SchedulerConfig -Force | Out-Null + Add-CIPPAzDataTableEntity @Table -Entity $PasswordConfig -Force | Out-Null 'Successfully set the configuration' } } catch { From 0253d838b47327317368e7d1c62f737983b8b480 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 22 Oct 2024 08:49:47 -0400 Subject: [PATCH 012/290] convert psobject to hashtable --- .../Tenant/Administration/Alerts/Invoke-ExecAuditLogSearch.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ExecAuditLogSearch.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ExecAuditLogSearch.ps1 index ee418b6b145b..9df2ffaf6737 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ExecAuditLogSearch.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ExecAuditLogSearch.ps1 @@ -40,6 +40,7 @@ function Invoke-ExecAuditLogSearch { } try { + $Query = $Query | ConvertTo-Json -Depth 10 | ConvertFrom-Json -AsHashtable $Results = New-CippAuditLogSearch @Query Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK From ec7ffaa0af314728ef23dbe8d9a6bf12a32a47f6 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 22 Oct 2024 16:34:16 -0400 Subject: [PATCH 013/290] Backup tweaks --- .../CIPP/Core/Invoke-ExecListBackup.ps1 | 17 +++++-- .../Core/Invoke-ExecSetCIPPAutoBackup.ps1 | 2 +- .../Scheduler/Invoke-ListScheduledItems.ps1 | 21 +++++++- .../Settings/Invoke-ExecRestoreBackup.ps1 | 48 ++++++++++++++----- Modules/CIPPCore/Public/Get-CIPPBackup.ps1 | 24 ++++++++-- Modules/CIPPCore/Public/New-CIPPBackup.ps1 | 1 + 6 files changed, 90 insertions(+), 23 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 index f04ea258bba7..0a9217548327 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 @@ -10,9 +10,20 @@ Function Invoke-ExecListBackup { [CmdletBinding()] param($Request, $TriggerMetadata) - $Result = Get-CIPPBackup -type $Request.query.Type -TenantFilter $Request.query.TenantFilter - if ($request.query.NameOnly) { - $Result = $Result | Select-Object RowKey, timestamp + $CippBackupParams = @{} + if ($Request.Query.Type) { + $CippBackupParams.Type = $Request.Query.Type + } + if ($Request.Query.TenantFilter) { + $CippBackupParams.TenantFilter = $Request.Query.TenantFilter + } + if ($Request.Query.NameOnly) { + $CippBackupParams.NameOnly = $true + } + + $Result = Get-CIPPBackup @CippBackupParams + if ($request.Query.NameOnly) { + $Result = $Result | Select-Object @{Name = 'BackupName'; exp = { $_.RowKey } }, Timestamp | Sort-Object Timestamp -Descending } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'Alerts' -message $request.body.text -Sev $request.body.Severity # Associate values to output bindings by calling 'Push-OutputBinding'. diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 index 798975625766..e12668f98092 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 @@ -10,7 +10,7 @@ Function Invoke-ExecSetCIPPAutoBackup { [CmdletBinding()] param($Request, $TriggerMetadata) $unixtime = [int64](([datetime]::UtcNow) - (Get-Date '1/1/1970')).TotalSeconds - if ($Request.query.Enabled -eq 'True') { + if ($Request.Body.Enabled -eq 'True') { $Table = Get-CIPPTable -TableName 'ScheduledTasks' $AutomatedCIPPBackupTask = Get-AzDataTableEntity @table -Filter "Name eq 'Automated CIPP Backup'" $task = @{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 index 4a3869b56176..e8a5c5575739 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 @@ -12,18 +12,35 @@ Function Invoke-ListScheduledItems { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' + + $ScheduledItemFilter = [System.Collections.Generic.List[string]]::new() + $ScheduledItemFilter.Add("PartitionKey eq 'ScheduledTask'") + + if ($Request.Query.ShowHidden) { + $ScheduledItemFilter.Add('Hidden eq true') + } else { + $ScheduledItemFilter.Add('Hidden eq false') + } + + if ($Request.Query.Name) { + $ScheduledItemFilter.Add("Name eq '$($Request.Query.Name)'") + } + + $Filter = $ScheduledItemFilter -join ' and ' + + Write-Host "Filter: $Filter" $Table = Get-CIPPTable -TableName 'ScheduledTasks' if ($Request.Query.Showhidden -eq $true) { $HiddenTasks = $false } else { $HiddenTasks = $true } - $Tasks = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'ScheduledTask'" | Where-Object { $_.Hidden -ne $HiddenTasks } + $Tasks = Get-CIPPAzDataTableEntity @Table -Filter $Filter | Where-Object { $_.Hidden -ne $HiddenTasks } if ($Request.Query.Type) { $tasks.Command $Tasks = $Tasks | Where-Object { $_.command -eq $Request.Query.Type } } - + $AllowedTenants = Test-CIPPAccess -Request $Request -TenantList if ($AllowedTenants -notcontains 'AllTenants') { $Tasks = $Tasks | Where-Object -Property TenantId -In $AllowedTenants diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 index 476fffa02389..5355e8ddec32 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 @@ -13,23 +13,45 @@ Function Invoke-ExecRestoreBackup { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' try { - foreach ($line in ($Request.body | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag)) { - Write-Host ($line) - $Table = Get-CippTable -tablename $line.table - $ht2 = @{} - $line.psobject.properties | ForEach-Object { $ht2[$_.Name] = [string]$_.Value } - $Table.Entity = $ht2 - Add-CIPPAzDataTableEntity @Table -Force + if ($Request.Body.BackupName) { + $Table = Get-CippTable -tablename 'CIPPBackup' + $Backup = Get-CippAzDataTableEntity @Table -Filter "RowKey eq '$($Request.Body.BackupName)'" + if ($Backup) { + $BackupData = $Backup.Backup | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag, Timestamp + $BackupData | ForEach-Object { - } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Created backup' -Sev 'Debug' + $Table = Get-CippTable -tablename $_.table + $ht2 = @{ } + $_.psobject.properties | ForEach-Object { $ht2[$_.Name] = [string]$_.Value } + $Table.Entity = $ht2 + Add-CIPPAzDataTableEntity @Table -Force + } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Created backup' -Sev 'Debug' + $body = [pscustomobject]@{ + 'Results' = 'Successfully restored backup.' + } + } else { + $body = [pscustomobject]@{ + 'Results' = 'Backup not found.' + } + } + } else { + foreach ($line in ($Request.body | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag, Timestamp)) { + $Table = Get-CippTable -tablename $line.table + $ht2 = @{} + $line.psobject.properties | ForEach-Object { $ht2[$_.Name] = [string]$_.Value } + $Table.Entity = $ht2 + Add-CIPPAzDataTableEntity @Table -Force + } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Created backup' -Sev 'Debug' - $body = [pscustomobject]@{ - 'Results' = 'Successfully restored backup.' + $body = [pscustomobject]@{ + 'Results' = 'Successfully restored backup.' + } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to create backup: $($_.Exception.Message)" -Sev 'Error' - $body = [pscustomobject]@{'Results' = "Backup Creation failed: $($_.Exception.Message)" } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to restore backup: $($_.Exception.Message)" -Sev 'Error' + $body = [pscustomobject]@{'Results' = "Backup restore failed: $($_.Exception.Message)" } } diff --git a/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 b/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 index c172f40f1c90..dab2f5b63a26 100644 --- a/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 @@ -1,15 +1,31 @@ function Get-CIPPBackup { [CmdletBinding()] param ( - [string]$Type, - [string]$TenantFilter + [string]$Type = 'CIPP', + [string]$TenantFilter, + [string]$Name, + [switch]$NameOnly ) Write-Host "Getting backup for $Type with TenantFilter $TenantFilter" $Table = Get-CippTable -tablename "$($Type)Backup" + + $Conditions = [System.Collections.Generic.List[string]]::new() + $Conditions.Add("PartitionKey eq '$($Type)Backup'") + if ($TenantFilter) { - $Filter = "PartitionKey eq '$($Type)Backup' and TenantFilter eq '$($TenantFilter)'" - $Table.Filter = $Filter + $Conditions.Add("TenantFilter eq '$($TenantFilter)'") } + if ($Name) { + $Conditions.Add("RowKey eq '$($Name)'") + } + + if ($NameOnly.IsPresent) { + $Table.Property = @('PartitionKey', 'RowKey', 'Timestamp') + } + + $Filter = $Conditions -join ' and ' + $Table.Filter = $Filter + $Info = Get-CIPPAzDataTableEntity @Table return $info } diff --git a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 index 65e55aa03455..d38500e72118 100644 --- a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 @@ -1,6 +1,7 @@ function New-CIPPBackup { [CmdletBinding()] param ( + $BackupName = $backupType, $StorageOutput = 'default', $TenantFilter, From 31f6bd9db6781020f0d8533304a63bdd4d6715f3 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 22 Oct 2024 17:14:32 -0400 Subject: [PATCH 014/290] backups --- .../HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 | 3 +++ Modules/CIPPCore/Public/New-CIPPBackup.ps1 | 1 - 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 index 0a9217548327..ded6b8feaded 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 @@ -20,6 +20,9 @@ Function Invoke-ExecListBackup { if ($Request.Query.NameOnly) { $CippBackupParams.NameOnly = $true } + if ($Request.Query.BackupName) { + $CippBackupParams.Name = $Request.Query.BackupName + } $Result = Get-CIPPBackup @CippBackupParams if ($request.Query.NameOnly) { diff --git a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 index d38500e72118..65e55aa03455 100644 --- a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 @@ -1,7 +1,6 @@ function New-CIPPBackup { [CmdletBinding()] param ( - $BackupName = $backupType, $StorageOutput = 'default', $TenantFilter, From 50cb6fb3ad515fde925d0d55141f3d6781486ab5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 22 Oct 2024 23:04:44 -0400 Subject: [PATCH 015/290] ExecBPA fix for offloading --- .../Tenant/Standards/Invoke-ExecBPA.ps1 | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 index 3a1a16241b68..c8d09d0a108a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 @@ -13,14 +13,20 @@ function Invoke-ExecBPA { if ($Config -and $Config.state -eq $true) { if ($env:CIPP_PROCESSOR -ne 'true') { + $Parameters = @{} + if ($Request.Query.TenantFilter) { + $Parameters.TenantFilter = $Request.Query.TenantFilter + $RowKey = "Start-BPAOrchestrator-$($Request.Query.TenantFilter)" + } else { + $RowKey = 'Start-BPAOrchestrator' + } + $ProcessorQueue = Get-CIPPTable -TableName 'ProcessorQueue' $ProcessorFunction = [PSCustomObject]@{ PartitionKey = 'Function' - RowKey = "Start-BPAOrchestrator-$($Request.Query.TenantFilter)" + RowKey = $RowKey FunctionName = 'Start-BPAOrchestrator' - Parameters = [string](ConvertTo-Json -Compress -InputObject @{ - TenantFilter = $Request.Query.TenantFilter - }) + Parameters = [string](ConvertTo-Json -Compress -InputObject $Parameters) } Add-AzDataTableEntity @ProcessorQueue -Entity $ProcessorFunction -Force $Results = [pscustomobject]@{'Results' = 'BPA queued for execution' } From 9fd33cb4c61d4254b2e0d316b731195b997d94fb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 13:57:45 -0400 Subject: [PATCH 016/290] rerun tweaks --- .../HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 | 2 +- .../Tenant/Standards/Invoke-ExecStandardsRun.ps1 | 1 + .../Orchestrator Functions/Start-BPAOrchestrator.ps1 | 10 +++++++++- Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 | 2 +- Modules/CIPPCore/Public/Test-CIPPRerun.ps1 | 10 ++++++++-- 5 files changed, 20 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 index c8d09d0a108a..1189170809fa 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecBPA.ps1 @@ -13,7 +13,7 @@ function Invoke-ExecBPA { if ($Config -and $Config.state -eq $true) { if ($env:CIPP_PROCESSOR -ne 'true') { - $Parameters = @{} + $Parameters = @{Force = $true } if ($Request.Query.TenantFilter) { $Parameters.TenantFilter = $Request.Query.TenantFilter $RowKey = "Start-BPAOrchestrator-$($Request.Query.TenantFilter)" diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 index a9a2b5245469..7a400591b6f0 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 @@ -18,6 +18,7 @@ Function Invoke-ExecStandardsRun { if ($Config -and $Config.state -eq $true) { if ($env:CIPP_PROCESSOR -ne 'true') { + $ProcessorFunction = [PSCustomObject]@{ PartitionKey = 'Function' RowKey = "Invoke-CIPPStandardsRun-$tenantfilter" diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-BPAOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-BPAOrchestrator.ps1 index fbe51460a0dc..2060c7113c7a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-BPAOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-BPAOrchestrator.ps1 @@ -9,7 +9,8 @@ function Start-BPAOrchestrator { #> [CmdletBinding(SupportsShouldProcess = $true)] param( - $TenantFilter = 'AllTenants' + $TenantFilter = 'AllTenants', + [switch]$Force ) try { @@ -45,6 +46,13 @@ function Start-BPAOrchestrator { } } + if ($Force.IsPresent) { + Write-Host 'Clearing Rerun Cache' + foreach ($Report in $BPAReports) { + $null = Test-CIPPRerun -Type BPA -Tenant $Report.Tenant -API $Report.Template -Clear + } + } + if (($BPAReports | Measure-Object).Count -eq 0) { Write-Information 'No BPA reports to run' return 0 diff --git a/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 index 0c1f3b3df1d3..de30f5f78e99 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 @@ -13,7 +13,7 @@ function Invoke-CIPPStandardsRun { if ($Force.IsPresent) { Write-Host 'Clearing Rerun Cache' foreach ($Task in $AllTasks) { - $null = Test-CIPPRerun -Type Standard -Tenant $Task.Tenant -Settings @{} -API $Task.Standard + $null = Test-CIPPRerun -Type Standard -Tenant $Task.Tenant -API $Task.Standard -Clear } } diff --git a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 index d2531f68ada2..a0763da3bdcf 100644 --- a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 @@ -5,7 +5,8 @@ function Test-CIPPRerun { $Type, $API, $Settings, - $ExecutingUser + $ExecutingUser, + [switch]$Clear ) $RerunTable = Get-CIPPTable -tablename 'RerunCache' $EstimatedDifference = switch ($Type) { @@ -18,7 +19,12 @@ function Test-CIPPRerun { try { $RerunData = Get-CIPPAzDataTableEntity @RerunTable -filter "PartitionKey eq '$($TenantFilter)' and RowKey eq '$($Type)_$($API)'" - if ($RerunData) { + if ($Clear.IsPresent) { + if ($RerunData) { + Remove-CIPPAzDataTableEntity @RerunTable -Entity $RerunData + } + return $false + } elseif ($RerunData) { if ($Settings -and $RerunData.Settings) { Write-Host 'Testing rerun settings' $PreviousSettings = $RerunData.Settings From 192aaf7e10748d3f0efeee44ec257cc1ff2d0810 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 14:26:48 -0400 Subject: [PATCH 017/290] Merge pull request #258 from KelvinTegelaar/dev [pull] dev from KelvinTegelaar:dev From 87366d1494d8cad2a6e8fa68b412ea5b4c456df8 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 15:07:25 -0400 Subject: [PATCH 018/290] more error handling --- .../Webhooks/Push-AuditLogTenant.ps1 | 134 ++++++++++-------- 1 file changed, 72 insertions(+), 62 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index 165af280b5ec..0e2f1f81765a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -3,77 +3,87 @@ function Push-AuditLogTenant { $ConfigTable = Get-CippTable -TableName 'WebhookRules' $TenantFilter = $Item.TenantFilter - Write-Information "Audit Logs: Processing $($TenantFilter)" - - # Get CIPP Url, cleanup legacy tasks - $SchedulerConfig = Get-CippTable -TableName 'SchedulerConfig' - $LegacyWebhookTasks = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" - $LegacyUrl = $LegacyWebhookTasks | Select-Object -First 1 -ExpandProperty CIPPURL - $CippConfigTable = Get-CippTable -tablename Config - $CippConfig = Get-CIPPAzDataTableEntity @CippConfigTable -Filter "PartitionKey eq 'InstanceProperties' and RowKey eq 'CIPPURL'" - if ($LegacyUrl) { - if (!$CippConfig) { - $Entity = @{ - PartitionKey = 'InstanceProperties' - RowKey = 'CIPPURL' - Value = [string]([System.Uri]$LegacyUrl).Host + try { + Write-Information "Audit Logs: Processing $($TenantFilter)" + # Get CIPP Url, cleanup legacy tasks + $SchedulerConfig = Get-CippTable -TableName 'SchedulerConfig' + $LegacyWebhookTasks = Get-CIPPAzDataTableEntity @SchedulerConfig -Filter "PartitionKey eq 'webhookcreation'" + $LegacyUrl = $LegacyWebhookTasks | Select-Object -First 1 -ExpandProperty CIPPURL + $CippConfigTable = Get-CippTable -tablename Config + $CippConfig = Get-CIPPAzDataTableEntity @CippConfigTable -Filter "PartitionKey eq 'InstanceProperties' and RowKey eq 'CIPPURL'" + if ($LegacyUrl) { + if (!$CippConfig) { + $Entity = @{ + PartitionKey = 'InstanceProperties' + RowKey = 'CIPPURL' + Value = [string]([System.Uri]$LegacyUrl).Host + } + Add-CIPPAzDataTableEntity @CippConfigTable -Entity $Entity -Force } - Add-CIPPAzDataTableEntity @CippConfigTable -Entity $Entity -Force - } - # remove legacy webhooks - foreach ($Task in $LegacyWebhookTasks) { - Remove-AzDataTableEntity -Force @SchedulerConfig -Entity $Task + # remove legacy webhooks + foreach ($Task in $LegacyWebhookTasks) { + Remove-AzDataTableEntity -Force @SchedulerConfig -Entity $Task + } + $CIPPURL = $LegacyUrl + } else { + $CIPPURL = 'https://{0}' -f $CippConfig.Value } - $CIPPURL = $LegacyUrl - } else { - $CIPPURL = 'https://{0}' -f $CippConfig.Value - } - # Get webhook rules - $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable - $LogSearchesTable = Get-CippTable -TableName 'AuditLogSearches' + # Get webhook rules + $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable + $LogSearchesTable = Get-CippTable -TableName 'AuditLogSearches' - $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } - if ($Configuration) { - try { - $LogSearches = Get-CippAuditLogSearches -TenantFilter $TenantFilter -ReadyToProcess | Select-Object -First 20 - Write-Information ('Audit Logs: Found {0} searches, begin processing' -f $LogSearches.Count) - foreach ($Search in $LogSearches) { - $SearchEntity = Get-CIPPAzDataTableEntity @LogSearchesTable -Filter "Tenant eq '$($TenantFilter)' and RowKey eq '$($Search.id)'" - $SearchEntity.CippStatus = 'Processing' - Add-CIPPAzDataTableEntity @LogSearchesTable -Entity $SearchEntity -Force - try { - # Test the audit log rules against the search results - $AuditLogTest = Test-CIPPAuditLogRules -TenantFilter $TenantFilter -SearchId $Search.id + $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } + if ($Configuration) { + try { + $LogSearches = Get-CippAuditLogSearches -TenantFilter $TenantFilter -ReadyToProcess | Select-Object -First 20 + Write-Information ('Audit Logs: Found {0} searches, begin processing' -f $LogSearches.Count) + foreach ($Search in $LogSearches) { + $SearchEntity = Get-CIPPAzDataTableEntity @LogSearchesTable -Filter "Tenant eq '$($TenantFilter)' and RowKey eq '$($Search.id)'" + $SearchEntity.CippStatus = 'Processing' + Add-CIPPAzDataTableEntity @LogSearchesTable -Entity $SearchEntity -Force + try { + # Test the audit log rules against the search results + $AuditLogTest = Test-CIPPAuditLogRules -TenantFilter $TenantFilter -SearchId $Search.id - $SearchEntity.CippStatus = 'Completed' - $MatchedRules = [string](ConvertTo-Json -Compress -InputObject $AuditLogTest.MatchedRules) - $SearchEntity | Add-Member -MemberType NoteProperty -Name MatchedRules -Value $MatchedRules -Force - $SearchEntity | Add-Member -MemberType NoteProperty -Name MatchedLogs -Value $AuditLogTest.MatchedLogs -Force - $SearchEntity | Add-Member -MemberType NoteProperty -Name TotalLogs -Value $AuditLogTest.TotalLogs -Force - } catch { - $SearchEntity.CippStatus = 'Failed' - Write-Information "Error processing audit log rules: $($_.Exception.Message)" - $Exception = [string](ConvertTo-Json -Compress -InputObject (Get-CippException -Exception $_)) - $SearchEntity | Add-Member -MemberType NoteProperty -Name Error -Value $Exception - } - Add-CIPPAzDataTableEntity @LogSearchesTable -Entity $SearchEntity -Force - $DataToProcess = ($AuditLogTest).DataToProcess - Write-Information "Audit Logs: Data to process found: $($DataToProcess.count) items" - if ($DataToProcess) { - foreach ($AuditLog in $DataToProcess) { - Write-Information "Processing $($AuditLog.operation)" - $Webhook = @{ - Data = $AuditLog - CIPPURL = [string]$CIPPURL - TenantFilter = $TenantFilter + $SearchEntity.CippStatus = 'Completed' + $MatchedRules = [string](ConvertTo-Json -Compress -InputObject $AuditLogTest.MatchedRules) + $SearchEntity | Add-Member -MemberType NoteProperty -Name MatchedRules -Value $MatchedRules -Force + $SearchEntity | Add-Member -MemberType NoteProperty -Name MatchedLogs -Value $AuditLogTest.MatchedLogs -Force + $SearchEntity | Add-Member -MemberType NoteProperty -Name TotalLogs -Value $AuditLogTest.TotalLogs -Force + } catch { + $SearchEntity.CippStatus = 'Failed' + Write-Information "Error processing audit log rules: $($_.Exception.Message)" + $Exception = [string](ConvertTo-Json -Compress -InputObject (Get-CippException -Exception $_)) + $SearchEntity | Add-Member -MemberType NoteProperty -Name Error -Value $Exception + $AuditLogTest = [PSCustomObject]@{ + DataToProcess = @() + } + } + Add-CIPPAzDataTableEntity @LogSearchesTable -Entity $SearchEntity -Force + $DataToProcess = ($AuditLogTest).DataToProcess + Write-Information "Audit Logs: Data to process found: $($DataToProcess.count) items" + if ($DataToProcess) { + foreach ($AuditLog in $DataToProcess) { + Write-Information "Processing $($AuditLog.operation)" + $Webhook = @{ + Data = $AuditLog + CIPPURL = [string]$CIPPURL + TenantFilter = $TenantFilter + } + try { + Invoke-CippWebhookProcessing @Webhook + } catch { + Write-Information "Error processing webhook: $($_.Exception.Message)" + } } - Invoke-CippWebhookProcessing @Webhook } } + } catch { + Write-Information ( 'Audit Log search: Error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) } - } catch { - Write-Information ( 'Audit Logs: Error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) } + } catch { + Write-Information ( 'Push-AuditLogTenant: Error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) } } From ec1e7aeac11e7392725aa9632d4eeed27b42d030 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 15:12:29 -0400 Subject: [PATCH 019/290] Update Push-AuditLogTenant.ps1 --- .../Webhooks/Push-AuditLogTenant.ps1 | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index 0e2f1f81765a..7bf690f2ced8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -52,10 +52,20 @@ function Push-AuditLogTenant { $SearchEntity | Add-Member -MemberType NoteProperty -Name MatchedLogs -Value $AuditLogTest.MatchedLogs -Force $SearchEntity | Add-Member -MemberType NoteProperty -Name TotalLogs -Value $AuditLogTest.TotalLogs -Force } catch { - $SearchEntity.CippStatus = 'Failed' - Write-Information "Error processing audit log rules: $($_.Exception.Message)" - $Exception = [string](ConvertTo-Json -Compress -InputObject (Get-CippException -Exception $_)) - $SearchEntity | Add-Member -MemberType NoteProperty -Name Error -Value $Exception + if ($_.Exception.Message -match 'Request rate is large. More Request Units may be needed, so no changes were made. Please retry this request later.') { + $SearchEntity.CippStatus = 'Pending' + Write-Information "Audit Log search: Rate limit hit for $($SearchEntity.RowKey)." + if ($SearchEntity.PSObject.Properties.Name -eq 'RetryCount') { + $SearchEntity.RetryCount++ + } else { + $SearchEntity | Add-Member -MemberType NoteProperty -Name RetryCount -Value 1 + } + } else { + $Exception = [string](ConvertTo-Json -Compress -InputObject (Get-CippException -Exception $_)) + $SearchEntity | Add-Member -MemberType NoteProperty -Name Error -Value $Exception + $SearchEntity.CippStatus = 'Failed' + Write-Information "Error processing audit log rules: $($_.Exception.Message)" + } $AuditLogTest = [PSCustomObject]@{ DataToProcess = @() } From 1944d04ee39fae22be014eb446782d5a325a976e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 15:14:42 -0400 Subject: [PATCH 020/290] Update Push-AuditLogTenant.ps1 --- .../Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index 7bf690f2ced8..56ede00d9eed 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -55,7 +55,7 @@ function Push-AuditLogTenant { if ($_.Exception.Message -match 'Request rate is large. More Request Units may be needed, so no changes were made. Please retry this request later.') { $SearchEntity.CippStatus = 'Pending' Write-Information "Audit Log search: Rate limit hit for $($SearchEntity.RowKey)." - if ($SearchEntity.PSObject.Properties.Name -eq 'RetryCount') { + if ($SearchEntity.PSObject.Properties.Name -contains 'RetryCount') { $SearchEntity.RetryCount++ } else { $SearchEntity | Add-Member -MemberType NoteProperty -Name RetryCount -Value 1 From 8acb10c5c8e4f50a3e71e482eb25464e4147c539 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 23 Oct 2024 16:23:03 -0400 Subject: [PATCH 021/290] entrypoint tweaks --- Modules/CippEntrypoints/CippEntrypoints.psm1 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Modules/CippEntrypoints/CippEntrypoints.psm1 b/Modules/CippEntrypoints/CippEntrypoints.psm1 index 1bda0cce5b84..34859bbae563 100644 --- a/Modules/CippEntrypoints/CippEntrypoints.psm1 +++ b/Modules/CippEntrypoints/CippEntrypoints.psm1 @@ -103,6 +103,7 @@ function Receive-CippOrchestrationTrigger { } if (($Batch | Measure-Object).Count -gt 0) { + Write-Information "Batch Count: $($Batch.Count)" $Tasks = foreach ($Item in $Batch) { $DurableActivity = @{ FunctionName = 'CIPPActivityFunction' @@ -113,7 +114,7 @@ function Receive-CippOrchestrationTrigger { } Invoke-DurableActivity @DurableActivity } - if ($NoWait) { + if ($NoWait -and $Tasks) { $null = Wait-ActivityFunction -Task $Tasks } } @@ -152,7 +153,7 @@ function Receive-CippActivityTrigger { if ($Item.FunctionName) { $FunctionName = 'Push-{0}' -f $Item.FunctionName try { - & $FunctionName -Item $Item + Invoke-Command -ScriptBlock { & $FunctionName -Item $Item } if ($TaskStatus) { $QueueTask.Status = 'Completed' From 1f0990eea816ab866d76f44468e077bb89f71cbc Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 24 Oct 2024 15:39:16 -0400 Subject: [PATCH 022/290] Fix backup error --- Modules/CIPPCore/Public/New-CIPPBackup.ps1 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 index 65e55aa03455..b2d6ae7314d4 100644 --- a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 @@ -24,7 +24,12 @@ function New-CIPPBackup { ) $CSVfile = foreach ($CSVTable in $BackupTables) { $Table = Get-CippTable -tablename $CSVTable - Get-AzDataTableEntity @Table | Select-Object *, @{l = 'table'; e = { $CSVTable } } -ExcludeProperty DomainAnalyser + $Data = Get-AzDataTableEntity @Table + if ($Data.PSObject.Properties.Name -notcontains 'table') { + $Data | Select-Object *, @{l = 'table'; e = { $CSVTable } } -ExcludeProperty DomainAnalyser + } else { + $Data | Select-Object * -ExcludeProperty DomainAnalyser + } } $RowKey = 'CIPPBackup' + '_' + (Get-Date).ToString('yyyy-MM-dd-HHmm') $CSVfile From ca30c7290c9713aa333e6af5d53b1a47b77b9e9a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 24 Oct 2024 17:33:02 -0400 Subject: [PATCH 023/290] Add -Force to Update-AzDataTableEntity --- .../CIPPCore/Public/Clear-CippDurables.ps1 | 4 +-- .../Push-ExecScheduledCommand.ps1 | 6 ++-- .../CIPP/Core/Invoke-ExecDurableFunctions.ps1 | 6 ++-- .../Settings/Invoke-ExecExcludeTenant.ps1 | 4 +-- .../Tenant/Invoke-EditTenant.ps1 | 2 +- .../Start-UserTasksOrchestrator.ps1 | 4 +-- .../GraphHelper/Get-ClassicAPIToken.ps1 | 2 +- .../Public/GraphHelper/Get-GraphToken.ps1 | 2 +- .../GraphHelper/New-GraphBulkRequest.ps1 | 4 +-- .../GraphHelper/New-GraphGetRequest.ps1 | 4 +-- .../Public/GraphHelper/Remove-CIPPCache.ps1 | 2 +- .../Public/Test-CIPPAccessPermissions.ps1 | 35 +++++++++++++++---- profile.ps1 | 2 +- 13 files changed, 49 insertions(+), 28 deletions(-) diff --git a/Modules/CIPPCore/Public/Clear-CippDurables.ps1 b/Modules/CIPPCore/Public/Clear-CippDurables.ps1 index b63d399647d6..ac439e7b8983 100644 --- a/Modules/CIPPCore/Public/Clear-CippDurables.ps1 +++ b/Modules/CIPPCore/Public/Clear-CippDurables.ps1 @@ -29,7 +29,7 @@ function Clear-CippDurables { } if (($QueueEntities | Measure-Object).Count -gt 0) { if ($PSCmdlet.ShouldProcess('Queues', 'Mark Failed')) { - Update-AzDataTableEntity @QueueTable -Entity $QueueEntities + Update-AzDataTableEntity -Force @QueueTable -Entity $QueueEntities } } @@ -41,7 +41,7 @@ function Clear-CippDurables { $Task.Status = 'Failed' $Task } - Update-AzDataTableEntity @CippQueueTasks -Entity $UpdatedTasks + Update-AzDataTableEntity -Force @CippQueueTasks -Entity $UpdatedTasks } } diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecScheduledCommand.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecScheduledCommand.ps1 index 00f8f93e20c1..d7fdf61608be 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecScheduledCommand.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecScheduledCommand.ps1 @@ -49,7 +49,7 @@ function Push-ExecScheduledCommand { } catch { $errorMessage = $_.Exception.Message if ($task.Recurrence -ne 0) { $State = 'Failed - Planned' } else { $State = 'Failed' } - Update-AzDataTableEntity @Table -Entity @{ + Update-AzDataTableEntity -Force @Table -Entity @{ PartitionKey = $task.PartitionKey RowKey = $task.RowKey Results = "$errorMessage" @@ -83,7 +83,7 @@ function Push-ExecScheduledCommand { if ($task.Recurrence -eq '0' -or [string]::IsNullOrEmpty($task.Recurrence)) { Write-Host 'Recurrence empty or 0. Task is not recurring. Setting task state to completed.' - Update-AzDataTableEntity @Table -Entity @{ + Update-AzDataTableEntity -Force @Table -Entity @{ PartitionKey = $task.PartitionKey RowKey = $task.RowKey Results = "$StoredResults" @@ -110,7 +110,7 @@ function Push-ExecScheduledCommand { $nextRunUnixTime = [int64]$task.ScheduledTime + [int64]$secondsToAdd Write-Host "The job is recurring. It was scheduled for $($task.ScheduledTime). The next runtime should be $nextRunUnixTime" - Update-AzDataTableEntity @Table -Entity @{ + Update-AzDataTableEntity -Force @Table -Entity @{ PartitionKey = $task.PartitionKey RowKey = $task.RowKey Results = "$StoredResults" diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 index e852991c7c9a..e056a656c402 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecDurableFunctions.ps1 @@ -95,7 +95,7 @@ function Invoke-ExecDurableFunctions { if ($PSCmdlet.ShouldProcess('Orchestrators', 'Mark Failed')) { foreach ($Instance in $RunningInstances) { $Instance.RuntimeStatus = 'Failed' - Update-AzDataTableEntity @InstancesTable -Entity $Instance + Update-AzDataTableEntity -Force @InstancesTable -Entity $Instance } } } @@ -110,7 +110,7 @@ function Invoke-ExecDurableFunctions { } if (($QueueEntities | Measure-Object).Count -gt 0) { if ($PSCmdlet.ShouldProcess('Queues', 'Mark Failed')) { - Update-AzDataTableEntity @QueueTable -Entity $QueueEntities + Update-AzDataTableEntity -Force @QueueTable -Entity $QueueEntities } } @@ -122,7 +122,7 @@ function Invoke-ExecDurableFunctions { $Task.Status = 'Failed' $Task } - Update-AzDataTableEntity @CippQueueTasks -Entity $UpdatedTasks + Update-AzDataTableEntity -Force @CippQueueTasks -Entity $UpdatedTasks } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 index f1b6fc6ed8f1..ccb04d2bceb6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeTenant.ps1 @@ -39,7 +39,7 @@ Function Invoke-ExecExcludeTenant { $Tenant.ExcludeDate = $date $Tenant } - Update-AzDataTableEntity @TenantsTable -Entity ([pscustomobject]$Excluded) + Update-AzDataTableEntity -Force @TenantsTable -Entity ([pscustomobject]$Excluded) Write-LogMessage -API $APINAME -tenant $($name) -user $request.headers.'x-ms-client-principal' -message "Added exclusion for customer(s): $($Excluded.defaultDomainName -join ',')" -Sev 'Info' $body = [pscustomobject]@{'Results' = "Success. Added exclusions for customer(s): $($Excluded.defaultDomainName -join ',')" } } @@ -50,7 +50,7 @@ Function Invoke-ExecExcludeTenant { $Tenant.Excluded = $false $Tenant.ExcludeUser = '' $Tenant.ExcludeDate = '' - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } Write-LogMessage -API $APINAME -tenant $($name) -user $request.headers.'x-ms-client-principal' -message "Removed exclusion for customer $($name)" -Sev 'Info' $body = [pscustomobject]@{'Results' = "Success. We've removed $name from the excluded tenants." } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 index fe98eae2eee1..f4c5aad1c1c1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 @@ -38,7 +38,7 @@ Function Invoke-EditTenant { $TenantsTable = Get-CippTable -tablename Tenants $Tenant = Get-CIPPAzDataTableEntity @TenantsTable -Filter $Filter $Tenant.displayName = $tenantDisplayName - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } catch { $AddedText = 'but could not edit the tenant cache. Clear the tenant cache to display the updated details' diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 index 10aebb5c0767..6237e10a2398 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 @@ -16,7 +16,7 @@ function Start-UserTasksOrchestrator { $currentUnixTime = [int64](([datetime]::UtcNow) - (Get-Date '1/1/1970')).TotalSeconds if ($currentUnixTime -ge $task.ScheduledTime) { try { - $null = Update-AzDataTableEntity @Table -Entity @{ + $null = Update-AzDataTableEntity -Force @Table -Entity @{ PartitionKey = $task.PartitionKey RowKey = $task.RowKey ExecutedTime = "$currentUnixTime" @@ -52,7 +52,7 @@ function Start-UserTasksOrchestrator { } catch { $errorMessage = $_.Exception.Message - $null = Update-AzDataTableEntity @Table -Entity @{ + $null = Update-AzDataTableEntity -Force @Table -Entity @{ PartitionKey = $task.PartitionKey RowKey = $task.RowKey Results = "$errorMessage" diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-ClassicAPIToken.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-ClassicAPIToken.ps1 index 5dc55d946cd8..5a10c27f1e38 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-ClassicAPIToken.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-ClassicAPIToken.ps1 @@ -38,7 +38,7 @@ function Get-ClassicAPIToken($tenantID, $Resource) { $Tenant.LastGraphError = $_.Exception.Message $Tenant.GraphErrorCount++ - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant Throw "Failed to obtain Classic API Token for $TenantID - $_" } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 index 626dc7ba842a..49e9f7de1b37 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 @@ -81,7 +81,7 @@ function Get-GraphToken($tenantid, $scope, $AsApp, $AppID, $AppSecret, $refreshT } $Tenant.GraphErrorCount++ - if (!$donotset) { Update-AzDataTableEntity @TenantsTable -Entity $Tenant } + if (!$donotset) { Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } throw "Could not get token: $($Tenant.LastGraphError)" } } diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 index bbace99fdca5..bfda5b393a75 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 @@ -56,7 +56,7 @@ function New-GraphBulkRequest { if ($Message -ne 'Request not applicable to target tenant.') { $Tenant.LastGraphError = $Message ?? '' $Tenant.GraphErrorCount++ - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } throw $Message } @@ -66,7 +66,7 @@ function New-GraphBulkRequest { } else { $Tenant.LastGraphError = '' } - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant return $ReturnedData.responses } else { diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index f2d95290f673..13a2fbba85ba 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -86,7 +86,7 @@ function New-GraphGetRequest { if ($Message -ne 'Request not applicable to target tenant.' -and $Tenant) { $Tenant.LastGraphError = $Message $Tenant.GraphErrorCount++ - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } throw $Message } @@ -97,7 +97,7 @@ function New-GraphGetRequest { $Tenant.LastGraphError = '' } $Tenant.GraphErrorCount = 0 - Update-AzDataTableEntity @TenantsTable -Entity $Tenant + Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant return $ReturnedData } else { Write-Error 'Not allowed. You cannot manage your own tenant or tenants not under your scope' diff --git a/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 b/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 index dbd52b564c54..e9e7380906dd 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Remove-CIPPCache.ps1 @@ -24,7 +24,7 @@ function Remove-CIPPCache { $_ } if ($ClearDomainAnalyserRows) { - Update-AzDataTableEntity @DomainsTable -Entity $ClearDomainAnalyserRows + Update-AzDataTableEntity -Force @DomainsTable -Entity $ClearDomainAnalyserRows } #Clear BPA $BPATable = Get-CippTable -tablename 'cachebpav2' diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 index ff9878957e2b..2b9379afb459 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 @@ -27,11 +27,12 @@ function Test-CIPPAccessPermissions { $Success = $true try { Set-Location (Get-Item $PSScriptRoot).FullName - $ExpectedPermissions = Get-Content '.\SAMManifest.json' | ConvertFrom-Json + #$ExpectedPermissions = Get-Content '.\SAMManifest.json' | ConvertFrom-Json $null = Get-CIPPAuthentication $GraphToken = Get-GraphToken -returnRefresh $true -SkipCache $true if ($GraphToken) { - $GraphPermissions = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/myorganization/applications(appId='$env:ApplicationID')" -NoAuthCheck $true + #$GraphPermissions = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/myorganization/applications(appId='$env:ApplicationID')" -NoAuthCheck $true + $GraphPermissions = Get-CippSamPermissions } if ($env:MSI_SECRET) { try { @@ -94,13 +95,33 @@ function Test-CIPPAccessPermissions { } } - $MissingPermissions = $ExpectedPermissions.requiredResourceAccess.ResourceAccess.id | Where-Object { $_ -notin $GraphPermissions.requiredResourceAccess.ResourceAccess.id } - if ($MissingPermissions) { + + $MissingSamPermissions = $GraphPermissions.MissingPermissions + #Write-Host $MissingPermissions + if ($MissingSamPermissions) { Write-Host "Setting success to False due to permissions issues: $($MissingPermissions | ConvertTo-Json)" - $Translator = Get-Content '.\PermissionsTranslator.json' | ConvertFrom-Json - $TranslatedPermissions = $Translator | Where-Object id -In $MissingPermissions | ForEach-Object { "$($_.value) - $($_.Origin)" } - $MissingPermissions = @($TranslatedPermissions) + + $MissingPermissions = foreach ($AppId in $MissingSamPermissions.PSObject.Properties.Name) { + $ServicePrincipal = $GraphPermissions.UsedServicePrincipals | Where-Object -Property appId -EQ $AppId + + foreach ($Permission in $MissingSamPermissions.$AppId.applicationPermissions) { + [PSCustomObject]@{ + Application = $ServicePrincipal.displayName + Type = 'Application' + PermissionId = $Permission.id + Permission = $Permission.value + } + } + foreach ($Permission in $MissingSamPermissions.$AppId.delegatedPermissions) { + [PSCustomObject]@{ + Application = $ServicePrincipal.displayName + Type = 'Delegated' + PermissionId = $Permission.id + Permission = $Permission.value + } + } + } $Success = $false $Links.Add([PSCustomObject]@{ Text = 'Permissions' diff --git a/profile.ps1 b/profile.ps1 index 173bc71ffb8c..bf4285cd810d 100644 --- a/profile.ps1 +++ b/profile.ps1 @@ -63,7 +63,7 @@ if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) { Version = $CurrentVersion } } - Update-AzDataTableEntity @Table -Entity $LastStartup + Update-AzDataTableEntity -Force @Table -Entity $LastStartup } # Uncomment the next line to enable legacy AzureRm alias in Azure PowerShell. # Enable-AzureRmAlias From 9f56fac3f8cd6211be3eb378f380bb9f28dc23a3 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 24 Oct 2024 17:33:14 -0400 Subject: [PATCH 024/290] permission check --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 41 ++++++++++--------- .../GraphHelper/Get-CippSamPermissions.ps1 | 33 ++++++++++++--- 2 files changed, 49 insertions(+), 25 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 08d9b59cc620..6fc35e228e46 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -15,26 +15,29 @@ Function Invoke-ExecAccessChecks { $Table = Get-CIPPTable -tablename 'AccessChecks' - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' - if ($Request.Query.Permissions -eq 'true') { - if ($Request.Query.Cached -eq 'true') { - $Data = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'").Data | ConvertFrom-Json - $Results = $Data - } else { - $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' + switch ($Request.Query.Type) { + 'Permissions' { + if (!$Request.Query.SkipCache) { + $Results = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'").Data | ConvertFrom-Json + if (!$Results) { + $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' + } + } else { + $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' + } } - } - - if ($Request.Query.Tenants -eq 'true') { - $Results = Test-CIPPAccessTenant -TenantCSV $Request.Body.tenantid -ExecutingUser $Request.Headers.'x-ms-client-principal' - } - if ($Request.Query.GDAP -eq 'true') { - if ($Request.Query.Cached -eq 'true') { - $Data = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'").Data | ConvertFrom-Json - $Results = $Data - } else { - $Results = Test-CIPPGDAPRelationships + 'Tenants' { + $Results = Test-CIPPAccessTenant -TenantCSV $Request.Body.tenantid -ExecutingUser $Request.Headers.'x-ms-client-principal' + } + 'GDAP' { + if (!$Request.Query.SkipCache) { + $Results = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'").Data | ConvertFrom-Json + if (!$Results) { + $Results = Test-CIPPGDAPRelationships + } + } else { + $Results = Test-CIPPGDAPRelationships + } } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 index 32ede8169d61..c1560585f3dd 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 @@ -25,10 +25,10 @@ function Get-CippSamPermissions { if (!$SavedOnly.IsPresent) { $ModuleBase = Get-Module -Name CIPPCore | Select-Object -ExpandProperty ModuleBase - $SamManifestFile = Get-Item (Join-Path $ModuleBase "Public\SAMManifest.json") - $AdditionalPermissions = Get-Item (Join-Path $ModuleBase "Public\AdditionalPermissions.json") + $SamManifestFile = Get-Item (Join-Path $ModuleBase 'Public\SAMManifest.json') + $AdditionalPermissions = Get-Item (Join-Path $ModuleBase 'Public\AdditionalPermissions.json') - $ServicePrincipals = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals?$top=999&$select=appId,displayName,appRoles,publishedPermissionScopes' -tenantid $env:TenantID -NoAuthCheck $true + $ServicePrincipalList = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals?$top=999&$select=id,appId,displayName' -tenantid $env:TenantID -NoAuthCheck $true $SAMManifest = Get-Content -Path $SamManifestFile.FullName | ConvertFrom-Json $AdditionalPermissions = Get-Content -Path $AdditionalPermissions.FullName | ConvertFrom-Json @@ -36,6 +36,22 @@ function Get-CippSamPermissions { $AppIds = ($RequiredResources.resourceAppId + $AdditionalPermissions.resourceAppId) | Sort-Object -Unique + Write-Information "Retrieving service principals for $($AppIds.Count) applications" + $UsedServicePrincipals = $ServicePrincipalList | Where-Object -Property appId -In $AppIds + $Requests = $UsedServicePrincipals | ForEach-Object { + @( + @{ + id = $_.id + url = 'servicePrincipals/{0}?$select=appId,displayName,appRoles,publishedPermissionScopes' -f $_.id + method = 'GET' + } + ) + } + $BulkRequests = New-GraphBulkRequest -Requests $Requests -NoAuthCheck $true -tenantid $env:TenantID + $ServicePrincipals = $BulkRequests | ForEach-Object { + $_.body + } + $Permissions = @{} foreach ($AppId in $AppIds) { $ServicePrincipal = $ServicePrincipals | Where-Object -Property appId -EQ $AppId @@ -108,21 +124,24 @@ function Get-CippSamPermissions { return $SavedPermissions } - if (!$NoDiff -and $SavedPermissions.Permissions) { + if (!$NoDiff.IsPresent -and $SavedPermissions.Permissions) { $DiffPermissions = @{} foreach ($AppId in $AppIds) { $ManifestSpPermissions = $Permissions.$AppId + $ServicePrincipal = $ServicePrincipals | Where-Object -Property appId -EQ $AppId $SavedSpPermission = $SavedPermissions.Permissions.$AppId $MissingApp = [System.Collections.Generic.List[object]]::new() $MissingDelegated = [System.Collections.Generic.List[object]]::new() foreach ($Permission in $ManifestSpPermissions.applicationPermissions) { if ($SavedSpPermission.applicationPermissions.id -notcontains $Permission.id) { - $MissingApp.Add($Permission) + $AppRole = $ServicePrincipal.appRoles | Where-Object -Property id -EQ $Permission.id | Select-Object id, value + $MissingApp.Add($AppRole ?? $Permission) } } foreach ($Permission in $ManifestSpPermissions.delegatedPermissions) { if ($SavedSpPermission.delegatedPermissions.id -notcontains $Permission.id) { - $MissingDelegated.Add($Permission) + $PermissionScope = $ServicePrincipal.publishedPermissionScopes | Where-Object -Property id -EQ $Permission.id | Select-Object id, value + $MissingDelegated.Add($PermissionScope ?? $Permission) } } if ($MissingApp -or $MissingDelegated) { @@ -137,11 +156,13 @@ function Get-CippSamPermissions { $SamAppPermissions = @{} if (($SavedPermissions.Permissions.PSObject.Properties.Name | Measure-Object).Count -gt 0) { $SamAppPermissions.Permissions = $SavedPermissions.Permissions + $SamAppPermissions.UsedServicePrincipals = $UsedServicePrincipals $SamAppPermissions.UpdatedBy = $SavedPermissions.UpdatedBy $SamAppPermissions.Timestamp = $SavedPermissions.Timestamp.DateTime.ToString('yyyy-MM-ddTHH:mm:ssZ') $SamAppPermissions.Type = 'Table' } else { $SamAppPermissions.Permissions = $Permissions + $SamAppPermissions.UsedServicePrincipals = $UsedServicePrincipals $SamAppPermissions.Type = 'Manifest' $SamAppPermissions.UpdatedBy = 'CIPP' $SamAppPermissions.Timestamp = $SamManifestFile.LastWriteTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') From b74d0243449603203553749044dc66cc5dcb0e8f Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 24 Oct 2024 21:13:01 -0400 Subject: [PATCH 025/290] Update Invoke-ExecAccessChecks.ps1 --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 6fc35e228e46..f00535e5c027 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -17,8 +17,10 @@ Function Invoke-ExecAccessChecks { switch ($Request.Query.Type) { 'Permissions' { - if (!$Request.Query.SkipCache) { - $Results = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'").Data | ConvertFrom-Json + if ($Request.Query.SkipCache -ne 'true') { + $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" + Write-Host $Cache + $Results = $Cache.Data | ConvertFrom-Json if (!$Results) { $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' } @@ -30,8 +32,9 @@ Function Invoke-ExecAccessChecks { $Results = Test-CIPPAccessTenant -TenantCSV $Request.Body.tenantid -ExecutingUser $Request.Headers.'x-ms-client-principal' } 'GDAP' { - if (!$Request.Query.SkipCache) { - $Results = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'").Data | ConvertFrom-Json + if (!$Request.Query.SkipCache -eq 'true') { + $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'" + $Results = $Cache.Data | ConvertFrom-Json if (!$Results) { $Results = Test-CIPPGDAPRelationships } @@ -41,7 +44,12 @@ Function Invoke-ExecAccessChecks { } } - $body = [pscustomobject]@{'Results' = $Results } + $body = [pscustomobject]@{ + 'Results' = $Results + 'Metadata' = @{ + 'LastRun' = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) ?? (Get-Date).ToUniversalTime() + } + } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ From 9eb31a171a6497fd2fbfffcf4dc39c520a09f828 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 18:09:11 -0400 Subject: [PATCH 026/290] access checks --- .../Push-CIPPAccessTenantTest.ps1 | 9 ++ .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 63 ++++++++++- .../Settings/Invoke-ExecPermissionRepair.ps1 | 89 +++++++++++++++ .../GraphHelper/Get-CippSamPermissions.ps1 | 9 ++ .../Public/Test-CIPPAccessPermissions.ps1 | 40 +++---- .../CIPPCore/Public/Test-CIPPAccessTenant.ps1 | 106 ++++++++++++------ 6 files changed, 252 insertions(+), 64 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPAccessTenantTest.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPermissionRepair.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPAccessTenantTest.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPAccessTenantTest.ps1 new file mode 100644 index 000000000000..447661a71d88 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPAccessTenantTest.ps1 @@ -0,0 +1,9 @@ +function Push-CIPPAccessTenantTest { + <# + .FUNCTIONALITY + Entrypoint + #> + Param($Item) + + Test-CIPPAccessTenant -Tenant $Item.customerId -ExecutingUser 'CIPP' +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index f00535e5c027..57b211a17c99 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -14,29 +14,82 @@ Function Invoke-ExecAccessChecks { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $Table = Get-CIPPTable -tablename 'AccessChecks' - + $LastRun = (Get-Date).ToUniversalTime() switch ($Request.Query.Type) { 'Permissions' { if ($Request.Query.SkipCache -ne 'true') { $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" Write-Host $Cache - $Results = $Cache.Data | ConvertFrom-Json + try { + $Results = $Cache.Data | ConvertFrom-Json + } catch { + $Results = $null + } if (!$Results) { $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' + } else { + $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) } } else { $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' } } 'Tenants' { - $Results = Test-CIPPAccessTenant -TenantCSV $Request.Body.tenantid -ExecutingUser $Request.Headers.'x-ms-client-principal' + $AccessChecks = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'TenantAccessChecks'" + if (!$Request.Body.TenantId) { + try { + $Tenants = Get-Tenants -IncludeErrors + $Results = foreach ($Tenant in $Tenants) { + $TenantCheck = $AccessChecks | Where-Object -Property RowKey -EQ $Tenant.customerId | Select-Object -Property Data + $TenantResult = [PSCustomObject]@{ + TenantId = $Tenant.customerId + TenantName = $Tenant.defaultDomainName + GraphStatus = $null + ExchangeStatus = $null + GDAPRoles = '' + MissingRoles = '' + LastRun = '' + } + if ($TenantCheck) { + $Data = @($TenantCheck.Data | ConvertFrom-Json) + $TenantResult.GraphStatus = $Data.GraphStatus + $TenantResult.ExchangeStatus = $Data.ExchangeStatus + $TenantResult.GDAPRoles = $Data.GDAPRoles + $TenantResult.MissingRoles = $Data.MissingRoles + $TenantResult.LastRun = $Data.LastRun + } + $TenantResult + } + + + $LastRunTime = $AccessChecks | Sort-Object Timestamp | Select-Object -Property Timestamp -Last 1 + $LastRun = [DateTime]::SpecifyKind($LastRunTime.Timestamp.DateTime, [DateTimeKind]::Utc) + } catch { + $Results = @() + } + } + if (!$Results) { + if (!$Request.Body.TenantId) { + $Tenant = 'AllTenants' + } else { + $Tenant = $Request.Body.TenantId + } + $TenantCheck = Test-CIPPAccessTenant -Tenant $Tenant -ExecutingUser $Request.Headers.'x-ms-client-principal' + $Results = @($TenantCheck) + } } 'GDAP' { if (!$Request.Query.SkipCache -eq 'true') { $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'" - $Results = $Cache.Data | ConvertFrom-Json + try { + $Results = $Cache.Data | ConvertFrom-Json + } catch { + $Results = $null + } if (!$Results) { $Results = Test-CIPPGDAPRelationships + } else { + $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) } } else { $Results = Test-CIPPGDAPRelationships @@ -47,7 +100,7 @@ Function Invoke-ExecAccessChecks { $body = [pscustomobject]@{ 'Results' = $Results 'Metadata' = @{ - 'LastRun' = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) ?? (Get-Date).ToUniversalTime() + 'LastRun' = $LastRun } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPermissionRepair.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPermissionRepair.ps1 new file mode 100644 index 000000000000..8f629db28e81 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPermissionRepair.ps1 @@ -0,0 +1,89 @@ +function Invoke-ExecPermissionRepair { + <# + .SYNOPSIS + This endpoint will update the CIPP-SAM app permissions. + .DESCRIPTION + Merges new permissions from the SAM manifest into the AppPermissions entry for CIPP-SAM. + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.AppSettings.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + try { + $Table = Get-CippTable -tablename 'AppPermissions' + $User = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Request.Headers.'x-ms-client-principal')) | ConvertFrom-Json + + $CurrentPermissions = Get-CippSamPermissions + if (($CurrentPermissions.MissingPermissions | Measure-Object).Count -gt 0) { + Write-Information 'Missing permissions found' + $MissingPermissions = $CurrentPermissions.MissingPermissions + $Permissions = $CurrentPermissions.Permissions + + $AppIds = @($Permissions.PSObject.Properties.Name + $MissingPermissions.PSObject.Properties.Name) + + $NewPermissions = @{} + foreach ($AppId in $AppIds) { + $ApplicationPermissions = [system.collections.generic.list[object]]::new() + $DelegatedPermissions = [system.collections.generic.list[object]]::new() + + # App permissions + foreach ($Permission in $Permissions.$AppId.applicationPermissions) { + $ApplicationPermissions.Add($Permission) + } + if (($MissingPermissions.$AppId.applicationPermissions | Measure-Object).Count -gt 0) { + foreach ($MissingPermission in $MissingPermissions.$AppId.applicationPermissions) { + Write-Host "Adding missing permission: $MissingPermission" + $ApplicationPermissions.Add($MissingPermission) + } + } + + # Delegated permissions + foreach ($Permission in $Permissions.$AppId.delegatedPermissions) { + $DelegatedPermissions.Add($Permission) + } + if (($MissingPermissions.$AppId.delegatedPermissions | Measure-Object).Count -gt 0) { + foreach ($MissingPermission in $MissingPermissions.$AppId.delegatedPermissions) { + Write-Host "Adding missing permission: $MissingPermission" + $DelegatedPermissions.Add($MissingPermission) + } + } + # New permission object + $NewPermissions.$AppId = @{ + applicationPermissions = @($ApplicationPermissions | Sort-Object -Property label) + delegatedPermissions = @($DelegatedPermissions | Sort-Object -Property label) + } + } + + + $Entity = @{ + 'PartitionKey' = 'CIPP-SAM' + 'RowKey' = 'CIPP-SAM' + 'Permissions' = [string]([PSCustomObject]$NewPermissions | ConvertTo-Json -Depth 10 -Compress) + 'UpdatedBy' = $User.UserDetails ?? 'CIPP-API' + } + $Table = Get-CIPPTable -TableName 'AppPermissions' + $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force + + $Body = @{ + 'Results' = 'Permissions Updated' + } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'ExecPermissionRepair' -message 'CIPP-SAM Permissions Updated' -Sev 'Info' -LogData $Permissions + } else { + $Body = @{ + 'Results' = 'No permissions to update' + } + } + } catch { + $Body = @{ + 'Results' = "$($_.Exception.Message) - at line $($_.InvocationInfo.ScriptLineNumber)" + } + } + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $Body + }) +} diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 index c1560585f3dd..c613c9370b7b 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-CippSamPermissions.ps1 @@ -166,6 +166,15 @@ function Get-CippSamPermissions { $SamAppPermissions.Type = 'Manifest' $SamAppPermissions.UpdatedBy = 'CIPP' $SamAppPermissions.Timestamp = $SamManifestFile.LastWriteTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + + $Entity = @{ + 'PartitionKey' = 'CIPP-SAM' + 'RowKey' = 'CIPP-SAM' + 'Permissions' = [string]([PSCustomObject]$Permissions | ConvertTo-Json -Depth 10 -Compress) + 'UpdatedBy' = 'CIPP' + } + $Table = Get-CIPPTable -TableName 'AppPermissions' + $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force } if (!$NoDiff.IsPresent -and $SamAppPermissions.Type -eq 'Table') { diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 index 2b9379afb459..147288ef79ed 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 @@ -23,15 +23,12 @@ function Test-CIPPAccessPermissions { TenantId = '' UserPrincipalName = '' } - Write-Host 'Setting success to true by default.' $Success = $true try { Set-Location (Get-Item $PSScriptRoot).FullName - #$ExpectedPermissions = Get-Content '.\SAMManifest.json' | ConvertFrom-Json $null = Get-CIPPAuthentication $GraphToken = Get-GraphToken -returnRefresh $true -SkipCache $true if ($GraphToken) { - #$GraphPermissions = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/myorganization/applications(appId='$env:ApplicationID')" -NoAuthCheck $true $GraphPermissions = Get-CippSamPermissions } if ($env:MSI_SECRET) { @@ -42,15 +39,8 @@ function Test-CIPPAccessPermissions { $KV = $ENV:WEBSITE_DEPLOYMENT_ID $KeyVaultRefresh = Get-AzKeyVaultSecret -VaultName $kv -Name 'RefreshToken' -AsPlainText if ($ENV:RefreshToken -ne $KeyVaultRefresh) { - Write-Host 'Setting success to false due to nonmaching token.' - $Success = $false - $ErrorMessages.Add('Your refresh token does not match key vault, clear your cache or wait 30 minutes.') | Out-Null - $Links.Add([PSCustomObject]@{ - Text = 'Clear Token Cache' - Href = 'https://docs.cipp.app/setup/installation/cleartokencache' - } - ) | Out-Null + $ErrorMessages.Add('Your refresh token does not match key vault, wait 30 minutes for the function app to update.') | Out-Null } else { $Messages.Add('Your refresh token matches key vault.') | Out-Null } @@ -58,6 +48,8 @@ function Test-CIPPAccessPermissions { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -user $User -API $APINAME -tenant $tenant -message "Key vault exception: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage } + } else { + $Messages.Add('Your refresh token matches key vault.') | Out-Null } try { @@ -70,21 +62,28 @@ function Test-CIPPAccessPermissions { } Write-LogMessage -user $User -API $APINAME -tenant $tenant -message "Token exception: $($ErrorMessage.NormalizedError_) " -Sev 'Error' -LogData $ErrorMessage $Success = $false - Write-Host 'Setting success to false due to not able to decode token.' - } if ($AccessTokenDetails.Name -eq '') { $ErrorMessages.Add('Your refresh token is invalid, check for line breaks or missing characters.') | Out-Null - Write-Host 'Setting success to false invalid token.' - $Success = $false } else { + if ($AccessTokenDetails.Name -match 'CIPP' -or $AccessTokenDetails.UserPrincipalName -match 'CIPP' -or $AccessTokenDetails.Name -match 'Service' -or $AccessTokenDetails.UserPrincipalName -match 'Service') { + $Messages.Add('You are running CIPP as a service account.') | Out-Null + } else { + $ErrorMessages.Add('You do not appear to be running CIPP as a service account.') | Out-Null + $Success = $false + $Links.Add([PSCustomObject]@{ + Text = 'Creating the CIPP Service Account' + Href = 'https://docs.cipp.app/setup/installation/creating-the-cipp-service-account-gdap-ready' + } + ) | Out-Null + } + if ($AccessTokenDetails.AuthMethods -contains 'mfa') { $Messages.Add('Your access token contains the MFA claim.') | Out-Null } else { $ErrorMessages.Add('Your access token does not contain the MFA claim, Refresh your SAM tokens.') | Out-Null - Write-Host 'Setting success to False due to invalid list of claims.' $Success = $false $Links.Add([PSCustomObject]@{ @@ -97,10 +96,7 @@ function Test-CIPPAccessPermissions { $MissingSamPermissions = $GraphPermissions.MissingPermissions - #Write-Host $MissingPermissions - if ($MissingSamPermissions) { - Write-Host "Setting success to False due to permissions issues: $($MissingPermissions | ConvertTo-Json)" - + if (($MissingSamPermissions.PSObject.Properties.Name | Measure-Object).Count -gt 0) { $MissingPermissions = foreach ($AppId in $MissingSamPermissions.PSObject.Properties.Name) { $ServicePrincipal = $GraphPermissions.UsedServicePrincipals | Where-Object -Property appId -EQ $AppId @@ -129,15 +125,13 @@ function Test-CIPPAccessPermissions { } ) | Out-Null } else { - $Messages.Add('Your Secure Application Model has all required permissions') | Out-Null + $Messages.Add('You have all the required permissions.') | Out-Null } } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -user $User -API $APINAME -message "Permissions check failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage $ErrorMessages.Add("We could not connect to the API to retrieve the permissions. There might be a problem with the secure application model configuration. The returned error is: $($ErrorMessage.NormalizedError)") | Out-Null - Write-Host 'Setting success to False due to not being able to connect.' - $Success = $false } diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 index 69d1057e4302..312a0d283b3b 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 @@ -1,7 +1,7 @@ function Test-CIPPAccessTenant { [CmdletBinding()] param ( - $TenantCSV, + $Tenant, $APIName = 'Access Check', $ExecutingUser ) @@ -19,14 +19,48 @@ function Test-CIPPAccessTenant { @{ Name = 'Privileged Role Administrator'; Id = 'e8611ab8-c189-46e8-94e1-60213ab1f814' }, @{ Name = 'Privileged Authentication Administrator'; Id = '7be44c8a-adaf-4e2a-84d6-ab2649e08a13' } ) - $Tenants = ($TenantCSV).split(',') - if (!$Tenants) { $results = 'Could not load the tenants list from cache. Please run permissions check first, or visit the tenants page.' } - $TenantList = Get-Tenants - $results = foreach ($tenant in $Tenants) { + $TenantParams = @{ + IncludeErrors = $true + } + if ($Tenant -eq 'AllTenants') { + $TenantList = Get-Tenants @TenantParams + $Queue = New-CippQueueEntry -Name 'Tenant Access Check' -TotalTasks ($TenantList | Measure-Object).Count + + $InputObject = [PSCustomObject]@{ + QueueFunction = @{ + FunctionName = 'GetTenants' + TenantParams = $TenantParams + DurableFunction = 'CIPPAccessTenantTest' + QueueId = $Queue.RowKey + } + OrchestratorName = 'CippAccessTenantTest' + SkipLog = $true + } + $null = Start-NewOrchestration -FunctionName CIPPOrchestrator -InputObject ($InputObject | ConvertTo-Json -Depth 10) + $Results = "Queued $($TenantList.Count) tenants for access checks" + + } else { + $TenantParams.TenantFilter = $Tenant + $Tenant = Get-Tenants @TenantParams + + $GraphStatus = $false + $ExchangeStatus = $false + + $Results = [PSCustomObject]@{ + TenantName = $Tenant.defaultDomainName + GraphStatus = $false + GraphTest = '' + ExchangeStatus = $false + ExchangeTest = '' + GDAPRoles = '' + MissingRoles = '' + LastRun = (Get-Date).ToUniversalTime() + } + $AddedText = '' try { - $TenantId = ($TenantList | Where-Object { $_.defaultDomainName -eq $tenant }).customerId + $TenantId = $Tenant.customerId $BulkRequests = $ExpectedRoles | ForEach-Object { @( @{ id = "roleManagement_$($_.Id)" @@ -35,11 +69,10 @@ function Test-CIPPAccessTenant { } ) } - $GDAPRolesGraph = New-GraphBulkRequest -tenantid $tenant -Requests $BulkRequests + $GDAPRolesGraph = New-GraphBulkRequest -tenantid $TenantId -Requests $BulkRequests $GDAPRoles = [System.Collections.Generic.List[object]]::new() $MissingRoles = [System.Collections.Generic.List[object]]::new() - #Write-Host ($GDAPRolesGraph.body.value | ConvertTo-Json -Depth 10) foreach ($RoleId in $ExpectedRoles) { $GraphRole = $GDAPRolesGraph.body.value | Where-Object -Property roleDefinitionId -EQ $RoleId.Id $Role = $GraphRole.principal | Where-Object -Property organizationId -EQ $ENV:TenantID @@ -59,48 +92,49 @@ function Test-CIPPAccessTenant { }) } } - if (!($MissingRoles | Measure-Object).Count -gt 0) { - $MissingRoles = $true - } - @{ - TenantName = "$($Tenant)" - Status = "Successfully connected $($AddedText)" - GDAPRoles = $GDAPRoles - MissingRoles = $MissingRoles - } - Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant -message 'Tenant access check executed successfully' -Sev 'Info' + $GraphTest = "Successfully connected to Graph $($AddedText)" + $GraphStatus = $true } catch { $ErrorMessage = Get-CippException -Exception $_ - @{ - TenantName = "$($tenant)" - Status = "Failed to connect: $($ErrorMessage.NormalizedError)" - GDAP = '' - } + $GraphTest = "Failed to connect to Graph: $($ErrorMessage.NormalizedError)" Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant -message "Tenant access check failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage - } try { - $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig' -ErrorAction Stop - @{ - TenantName = "$($Tenant)" - Status = 'Successfully connected to Exchange' - } - + $null = New-ExoRequest -tenantid $Tenant.customerId -cmdlet 'Get-OrganizationConfig' -ErrorAction Stop + $ExchangeStatus = $true + $ExchangeTest = 'Successfully connected to Exchange' } catch { $ErrorMessage = Get-CippException -Exception $_ $ReportedError = ($_.ErrorDetails | ConvertFrom-Json -ErrorAction SilentlyContinue) $Message = if ($ReportedError.error.details.message) { $ReportedError.error.details.message } else { $ReportedError.error.innererror.internalException.message } if ($null -eq $Message) { $Message = $($_.Exception.Message) } - @{ - TenantName = "$($Tenant)" - Status = "Failed to connect to Exchange: $($ErrorMessage.NormalizedError)" - } + + $ExchangeTest = "Failed to connect to Exchange: $($ErrorMessage.NormalizedError)" Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant -message "Tenant access check for Exchange failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage } + + if ($GraphStatus -and $ExchangeStatus) { + Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $Tenant.defaultDomainName -tenantId $Tenant.customerId -message 'Tenant access check executed successfully' -Sev 'Info' + } + + $Results.GraphStatus = $GraphStatus + $Results.GraphTest = $GraphTest + $Results.ExchangeStatus = $ExchangeStatus + $Results.ExchangeTest = $ExchangeTest + $Results.GDAPRoles = @($GDAPRoles) + $Results.MissingRoles = @($MissingRoles) + + $ExecutingUser = $ExecutingUser.UserDetails + $Entity = @{ + PartitionKey = 'TenantAccessChecks' + RowKey = $Tenant.customerId + Data = [string]($Results | ConvertTo-Json -Depth 10 -Compress) + } + $Table = Get-CIPPTable -TableName 'AccessChecks' + $null = Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force } - if (!$Tenants) { $results = 'Could not load the tenants list from cache. Please run permissions check first, or visit the tenants page.' } - return $results + return $Results } From 13255b11258430352f19f3b1c1ac0d754417982d Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 18:27:02 -0400 Subject: [PATCH 027/290] additional tenant fields --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 21 ++++++++++++------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 57b211a17c99..ee689028ec80 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -42,13 +42,16 @@ Function Invoke-ExecAccessChecks { $Results = foreach ($Tenant in $Tenants) { $TenantCheck = $AccessChecks | Where-Object -Property RowKey -EQ $Tenant.customerId | Select-Object -Property Data $TenantResult = [PSCustomObject]@{ - TenantId = $Tenant.customerId - TenantName = $Tenant.defaultDomainName - GraphStatus = $null - ExchangeStatus = $null - GDAPRoles = '' - MissingRoles = '' - LastRun = '' + TenantId = $Tenant.customerId + TenantName = $Tenant.displayName + DefaultDomainName = $Tenant.defaultDomainName + GraphStatus = $null + ExchangeStatus = $null + GDAPRoles = '' + MissingRoles = '' + LastRun = '' + GraphTest = '' + ExchangeTest = '' } if ($TenantCheck) { $Data = @($TenantCheck.Data | ConvertFrom-Json) @@ -57,11 +60,13 @@ Function Invoke-ExecAccessChecks { $TenantResult.GDAPRoles = $Data.GDAPRoles $TenantResult.MissingRoles = $Data.MissingRoles $TenantResult.LastRun = $Data.LastRun + $TenantResult.GraphTest = $Data.GraphTest + $TenantResult.ExchangeTest = $Data.ExchangeTest } $TenantResult } - + $LastRunTime = $AccessChecks | Sort-Object Timestamp | Select-Object -Property Timestamp -Last 1 $LastRun = [DateTime]::SpecifyKind($LastRunTime.Timestamp.DateTime, [DateTimeKind]::Utc) } catch { From bfa6f793e18e974a0a4f5e5f2b641a90b4c77d5b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sat, 26 Oct 2024 00:27:38 +0200 Subject: [PATCH 028/290] add-alert --- .../Administration/Alerts/Invoke-AddAlert.ps1 | 7 ++++--- .../Alerts/Invoke-ListAlertsQueue.ps1 | 20 +++++++++++++++---- 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 index 2cbba9b5fa42..e5e0165feab5 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 @@ -19,7 +19,7 @@ Function Invoke-AddAlert { Write-Host "Working on $($Tenant.value) - $($Tenant.fullValue.displayName)" $CompleteObject = @{ tenant = [string]$($Tenant.value) - tenantid = [string]$($Tenant.fullValue.customerId) + tenantid = [string]$($Tenant.value) webhookType = [string]$request.body.logbook.value type = 'webhookcreation' RowKey = "$($Tenant.value)-$($request.body.logbook.value)" @@ -37,12 +37,13 @@ Function Invoke-AddAlert { $Conditions = $request.body.conditions | ConvertTo-Json -Compress -Depth 10 | Out-String $TenantsJson = $Tenants | ConvertTo-Json -Compress -Depth 10 | Out-String $Actions = $request.body.actions | ConvertTo-Json -Compress -Depth 10 | Out-String + $RowKey = $Request.body.RowKey ? $Request.body.RowKey : (New-Guid).ToString() $CompleteObject = @{ Tenants = [string]$TenantsJson Conditions = [string]$Conditions Actions = [string]$Actions type = $request.body.logbook.value - RowKey = [string](New-Guid) + RowKey = $RowKey PartitionKey = 'Webhookv2' } $WebhookTable = get-cipptable -TableName 'WebhookRules' @@ -56,4 +57,4 @@ Function Invoke-AddAlert { Body = $body }) -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 index 0b90937f4feb..a7fc8dd98aa1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 @@ -27,10 +27,10 @@ Function Invoke-ListAlertsQueue { $AllTasksArrayList = [system.collections.generic.list[object]]::new() foreach ($Task in $WebhookRules) { - $Conditions = $Task.Conditions | ConvertFrom-Json -ErrorAction SilentlyContinue + $Conditions = $Task.Conditions | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue $TranslatedConditions = ($Conditions | ForEach-Object { "When $($_.Property.label) is $($_.Operator.label) $($_.input.value)" }) -join ' and ' - $TranslatedActions = ($Task.Actions | ConvertFrom-Json -ErrorAction SilentlyContinue).label -join ',' - $Tenants = ($Task.Tenants | ConvertFrom-Json -ErrorAction SilentlyContinue).fullValue + $TranslatedActions = ($Task.Actions | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue).label -join ',' + $Tenants = ($Task.Tenants | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue) $TaskEntry = [PSCustomObject]@{ Tenants = $Tenants.defaultDomainName -join ',' Conditions = $TranslatedConditions @@ -40,6 +40,15 @@ Function Invoke-ListAlertsQueue { RowKey = $Task.RowKey PartitionKey = $Task.PartitionKey RepeatsEvery = 'When received' + RawAlert = @{ + Conditions = @($Conditions) + Actions = @($($Task.Actions | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue)) + Tenants = @($Tenants) + type = $Task.type + RowKey = $Task.RowKey + PartitionKey = $Task.PartitionKey + + } } if ($AllowedTenants -notcontains 'AllTenants') { @@ -64,6 +73,7 @@ Function Invoke-ListAlertsQueue { LogType = 'Scripted' EventType = 'Scheduled Task' RepeatsEvery = $Task.Recurrence + RawAlert = $Task } if ($AllowedTenants -notcontains 'AllTenants') { $Tenant = $TenantList | Where-Object -Property defaultDomainName -EQ $Task.Tenant @@ -74,10 +84,12 @@ Function Invoke-ListAlertsQueue { $AllTasksArrayList.Add($TaskEntry) } } + + $finalList = ConvertTo-Json -InputObject @($AllTasksArrayList) -Depth 10 # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = @($AllTasksArrayList) + Body = $finalList }) } From e5c07a12179b08ff9f2437e19774ed2eb949f87a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 18:47:57 -0400 Subject: [PATCH 029/290] fix access check --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index ee689028ec80..7350706ee034 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -73,15 +73,17 @@ Function Invoke-ExecAccessChecks { $Results = @() } } - if (!$Results) { - if (!$Request.Body.TenantId) { - $Tenant = 'AllTenants' - } else { - $Tenant = $Request.Body.TenantId - } - $TenantCheck = Test-CIPPAccessTenant -Tenant $Tenant -ExecutingUser $Request.Headers.'x-ms-client-principal' - $Results = @($TenantCheck) + + if ($Request.Query.SkipCache -eq 'true') { + $null = Test-CIPPAccessTenant -ExecutingUser $Request.Headers.'x-ms-client-principal' } + + if ($Request.Body.TenantId) { + $Tenant = $Request.Body.TenantId + $null = Test-CIPPAccessTenant -Tenant $Tenant -ExecutingUser $Request.Headers.'x-ms-client-principal' + $Results = "Refreshing tenant $Tenant" + } + } 'GDAP' { if (!$Request.Query.SkipCache -eq 'true') { From dfbd56d11c00bd17d0a4827733618de0ca6872aa Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 23:28:46 -0400 Subject: [PATCH 030/290] remove legacy env partner check --- Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 index f8147728a15c..abff987449da 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 @@ -17,7 +17,8 @@ function Get-AuthorisedRequest { } $Tenants = Get-Tenants -IncludeErrors $SkipList = Get-Tenants -SkipList - if (($env:PartnerTenantAvailable -eq $true -and $SkipList.customerId -notcontains $TenantID -and $SkipList.defaultDomainName -notcontains $TenantID) -or (($Tenants.customerId -contains $TenantID -or $Tenants.defaultDomainName -contains $TenantID) -and $TenantID -ne $env:TenantID)) { + + if (($SkipList.customerId -notcontains $TenantID -and $SkipList.defaultDomainName -notcontains $TenantID) -or (($Tenants.customerId -contains $TenantID -or $Tenants.defaultDomainName -contains $TenantID) -and $TenantID -ne $env:TenantID)) { return $true } else { return $false From 47bf553ba46f7ec9d453063043b7c6d58825cc13 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 23:28:55 -0400 Subject: [PATCH 031/290] permission fix --- Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 index 312a0d283b3b..ad09497d3246 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 @@ -1,7 +1,7 @@ function Test-CIPPAccessTenant { [CmdletBinding()] param ( - $Tenant, + $Tenant = 'AllTenants', $APIName = 'Access Check', $ExecutingUser ) @@ -29,10 +29,10 @@ function Test-CIPPAccessTenant { $InputObject = [PSCustomObject]@{ QueueFunction = @{ - FunctionName = 'GetTenants' - TenantParams = $TenantParams - DurableFunction = 'CIPPAccessTenantTest' - QueueId = $Queue.RowKey + FunctionName = 'GetTenants' + TenantParams = $TenantParams + DurableName = 'CIPPAccessTenantTest' + QueueId = $Queue.RowKey } OrchestratorName = 'CippAccessTenantTest' SkipLog = $true From 98a5352ce5c122594a24eb96e5aa758f8bc216bb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 25 Oct 2024 23:42:05 -0400 Subject: [PATCH 032/290] Update Invoke-ExecAccessChecks.ps1 --- .../HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 7350706ee034..b12c82020272 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -19,7 +19,6 @@ Function Invoke-ExecAccessChecks { 'Permissions' { if ($Request.Query.SkipCache -ne 'true') { $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" - Write-Host $Cache try { $Results = $Cache.Data | ConvertFrom-Json } catch { From a21f71c15b08695128ffe2f25c8f6990616daa3e Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sat, 26 Oct 2024 12:33:27 +0200 Subject: [PATCH 033/290] changes --- .../Administration/Alerts/Invoke-AddAlert.ps1 | 22 ------------------- .../CIPPCore/Public/New-CIPPBackupTask.ps1 | 2 +- .../Webhooks/Test-CIPPAuditLogRules.ps1 | 2 +- 3 files changed, 2 insertions(+), 24 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 index e5e0165feab5..abbb442d17fa 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-AddAlert.ps1 @@ -11,29 +11,7 @@ Function Invoke-AddAlert { param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $URL = ($request.headers.'x-ms-original-url').split('/api') | Select-Object -First 1 $Tenants = $request.body.tenantFilter - $Table = get-cipptable -TableName 'SchedulerConfig' - $Results = foreach ($Tenant in $Tenants) { - try { - Write-Host "Working on $($Tenant.value) - $($Tenant.fullValue.displayName)" - $CompleteObject = @{ - tenant = [string]$($Tenant.value) - tenantid = [string]$($Tenant.value) - webhookType = [string]$request.body.logbook.value - type = 'webhookcreation' - RowKey = "$($Tenant.value)-$($request.body.logbook.value)" - PartitionKey = 'webhookcreation' - Configured = $false - CIPPURL = [string]$URL - } - Add-CIPPAzDataTableEntity @Table -Entity $CompleteObject -Force - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant.fullValue.defaultDomainName -message "Successfully added Audit Log Webhook for $($Tenant.fullValue.displayName) to queue." -Sev 'Info' - } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant.fullValue.defaultDomainName -message "Failed to add Audit Log Webhook for $($Tenant.fullValue.displayName) to queue" -Sev 'Error' - "Failed to add Alert for for $($Tenant) to queue $($_.Exception.message)" - } - } $Conditions = $request.body.conditions | ConvertTo-Json -Compress -Depth 10 | Out-String $TenantsJson = $Tenants | ConvertTo-Json -Compress -Depth 10 | Out-String $Actions = $request.body.actions | ConvertTo-Json -Compress -Depth 10 | Out-String diff --git a/Modules/CIPPCore/Public/New-CIPPBackupTask.ps1 b/Modules/CIPPCore/Public/New-CIPPBackupTask.ps1 index d4f399a84f3e..142958410cfd 100644 --- a/Modules/CIPPCore/Public/New-CIPPBackupTask.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPBackupTask.ps1 @@ -122,7 +122,7 @@ function New-CIPPBackupTask { 'CippWebhookAlerts' { Write-Host "Backup Webhook Alerts for $TenantFilter" $WebhookTable = Get-CIPPTable -TableName 'WebhookRules' - Get-CIPPAzDataTableEntity @WebhookTable | Where-Object { $TenantFilter -in ($_.Tenants | ConvertFrom-Json).fullvalue.defaultDomainName } + Get-CIPPAzDataTableEntity @WebhookTable | Where-Object { $TenantFilter -in ($_.Tenants | ConvertFrom-Json).value } } 'CippScriptedAlerts' { Write-Host "Backup Scripted Alerts for $TenantFilter" diff --git a/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 b/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 index 94d2a83278bd..eaac816aa979 100644 --- a/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 @@ -29,7 +29,7 @@ function Test-CIPPAuditLogRules { $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } | ForEach-Object { [pscustomobject]@{ - Tenants = ($_.Tenants | ConvertFrom-Json).fullValue + Tenants = ($_.Tenants | ConvertFrom-Json) Conditions = $_.Conditions Actions = $_.Actions LogType = $_.Type From 9f177281746acfea6f7b173f5a1357a344319682 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 26 Oct 2024 16:01:13 -0400 Subject: [PATCH 034/290] gdap test tweaks --- .../Public/Test-CIPPGDAPRelationships.ps1 | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 b/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 index 71b7cae9808a..5fe7a789ed03 100644 --- a/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPGDAPRelationships.ps1 @@ -6,7 +6,8 @@ function Test-CIPPGDAPRelationships { $ExecutingUser ) - $GDAPissues = [System.Collections.ArrayList]@() + $GDAPissues = [System.Collections.Generic.List[object]]@() + $MissingGroups = [System.Collections.Generic.List[object]]@() try { #Get graph request to list all relationships. $Relationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active'" -tenantid $ENV:TenantID -NoAuthCheck $true @@ -17,8 +18,8 @@ function Test-CIPPGDAPRelationships { $GDAPissues.add([PSCustomObject]@{ Type = 'Error' Issue = 'This tenant only has a MLT(Microsoft Led Transition) relationship. This is a read-only relationship. You must migrate this tenant to GDAP.' - Tenant = $Tenant.Group.customer.displayName - Relationship = $Tenant.Group.displayName + Tenant = [string]$Tenant.Group.customer.displayName + Relationship = [string]$Tenant.Group.displayName Link = 'https://docs.cipp.app/setup/gdap/index' }) | Out-Null } @@ -27,8 +28,8 @@ function Test-CIPPGDAPRelationships { $GDAPissues.add([PSCustomObject]@{ Type = 'Warning' Issue = 'The relationship has global administrator access. Auto-Extend is not available.' - Tenant = $Group.customer.displayName | Out-String - Relationship = $Group.displayName | Out-String + Tenant = [string]$Group.customer.displayName + Relationship = [string]$Group.displayName Link = 'https://docs.cipp.app/setup/gdap/troubleshooting#autoextend' }) | Out-Null @@ -75,6 +76,10 @@ function Test-CIPPGDAPRelationships { Link = 'https://docs.cipp.app/setup/gdap/troubleshooting#groups' }) | Out-Null + $MissingGroups.Add([PSCustomObject]@{ + Name = $Group + Type = 'SAM User Membership' + }) | Out-Null } if ($CIPPGroupCount -lt 12) { $GDAPissues.add([PSCustomObject]@{ From 4000e670e17ecca5b5ffdef1a253ca922fefcdb6 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sun, 27 Oct 2024 21:02:17 +0100 Subject: [PATCH 035/290] execution output --- .../Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 index a7fc8dd98aa1..fe7aaa7ebc88 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAlertsQueue.ps1 @@ -32,7 +32,7 @@ Function Invoke-ListAlertsQueue { $TranslatedActions = ($Task.Actions | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue).label -join ',' $Tenants = ($Task.Tenants | ConvertFrom-Json -Depth 10 -ErrorAction SilentlyContinue) $TaskEntry = [PSCustomObject]@{ - Tenants = $Tenants.defaultDomainName -join ',' + Tenants = @($Tenants.label) Conditions = $TranslatedConditions Actions = $TranslatedActions LogType = $Task.type @@ -67,7 +67,7 @@ Function Invoke-ListAlertsQueue { $TaskEntry = [PSCustomObject]@{ RowKey = $Task.RowKey PartitionKey = $Task.PartitionKey - Tenants = $Task.Tenant + Tenants = @($Task.Tenant) Conditions = $Task.Name Actions = $Task.PostExecution LogType = 'Scripted' From eafd7ad73fcffc57995df051b8bc4cc94e71b4c3 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 28 Oct 2024 12:45:13 -0400 Subject: [PATCH 036/290] fix cipp backup --- .../HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 index e12668f98092..84721b1e06c1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecSetCIPPAutoBackup.ps1 @@ -20,7 +20,7 @@ Function Invoke-ExecSetCIPPAutoBackup { Remove-AzDataTableEntity -Force @Table -Entity $task | Out-Null $TaskBody = [pscustomobject]@{ - TenantFilter = 'AllTenants' + TenantFilter = 'PartnerTenant' Name = 'Automated CIPP Backup' Command = @{ value = 'New-CIPPBackup' From 2ed1535c6ed5e8e33c0a19a0d0c5a6edbbcb1779 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 28 Oct 2024 17:44:23 -0400 Subject: [PATCH 037/290] updates to execaddalert --- .../CIPP/Core/Invoke-ExecAddAlert.ps1 | 19 ++++++++++++++----- Modules/CIPPCore/Public/Send-CIPPAlert.ps1 | 7 ++++--- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAddAlert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAddAlert.ps1 index 81a079c2401d..837b439f0a9a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAddAlert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecAddAlert.ps1 @@ -10,12 +10,21 @@ Function Invoke-ExecAddAlert { [CmdletBinding()] param($Request, $TriggerMetadata) - - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'Alerts' -message $request.body.text -Sev $request.body.Severity - # Associate values to output bindings by calling 'Push-OutputBinding'. + if ($Request.Body.sendEmailNow) { + $CIPPAlert = @{ + Type = 'email' + Title = 'Test Email Alert' + HTMLContent = 'This is a test from CIPP' + TenantFilter = 'PartnerTenant' + } + $Result = Send-CIPPAlert @CIPPAlert + } else { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'Alerts' -message $request.body.text -Sev $request.body.Severity + $Result = 'Successfully generated alert.' + # Associate values to output bindings by calling 'Push-OutputBinding'. + } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = 'Successfully generated alert.' + Body = $Result }) - } diff --git a/Modules/CIPPCore/Public/Send-CIPPAlert.ps1 b/Modules/CIPPCore/Public/Send-CIPPAlert.ps1 index f5610cd84e63..b81d6ebf6654 100644 --- a/Modules/CIPPCore/Public/Send-CIPPAlert.ps1 +++ b/Modules/CIPPCore/Public/Send-CIPPAlert.ps1 @@ -35,15 +35,16 @@ function Send-CIPPAlert { $JSONBody = ConvertTo-Json -Compress -Depth 10 -InputObject $PowerShellBody if ($PSCmdlet.ShouldProcess($($Recipients.EmailAddress.Address -join ', '), 'Sending email')) { - New-GraphPostRequest -uri 'https://graph.microsoft.com/v1.0/me/sendMail' -tenantid $env:TenantID -NoAuthCheck $true -type POST -body ($JSONBody) + $null = New-GraphPostRequest -uri 'https://graph.microsoft.com/v1.0/me/sendMail' -tenantid $env:TenantID -NoAuthCheck $true -type POST -body ($JSONBody) } } - Write-LogMessage -API 'Webhook Alerts' -message "Sent a webhook alert to email: $Title" -tenant $TenantFilter -sev info - + Write-LogMessage -API 'Webhook Alerts' -message "Sent an email alert: $Title" -tenant $TenantFilter -sev info + return "Sent an email alert: $Title" } catch { $ErrorMessage = Get-CippException -Exception $_ Write-Information "Could not send webhook alert to email: $($ErrorMessage.NormalizedError)" Write-LogMessage -API 'Webhook Alerts' -message "Could not send webhook alerts to email. $($ErrorMessage.NormalizedError)" -tenant $TenantFilter -sev Error -LogData $ErrorMessage + return "Could not send webhook alert to email: $($ErrorMessage.NormalizedError)" } } From b8692c66a0079dcd4de16e8cccb7c1728e589575 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 28 Oct 2024 23:57:12 +0100 Subject: [PATCH 038/290] sam improvements --- .../CIPP/Setup/Invoke-ExecSAMSetup.ps1 | 40 +++++++------------ 1 file changed, 14 insertions(+), 26 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 index b480e9222627..e5f8029c7df8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Setup/Invoke-ExecSAMSetup.ps1 @@ -119,30 +119,33 @@ Function Invoke-ExecSAMSetup { PartitionKey = 'setup' validated = $false SamSetup = 'NotStarted' - partnersetup = $false + partnersetup = $true appid = 'NotStarted' tenantid = 'NotStarted' } Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null $Rows = Get-CIPPAzDataTableEntity @Table | Where-Object -Property Timestamp -GT (Get-Date).AddMinutes(-10) - - if ($Request.Query.partnersetup) { - $SetupPhase = $Rows.partnersetup = $true - Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null - } $step = 1 $DeviceLogon = New-DeviceLogin -clientid '1b730954-1685-4b74-9bfd-dac224a7b894' -Scope 'https://graph.microsoft.com/.default' -FirstLogon $SetupPhase = $rows.SamSetup = [string]($DeviceLogon | ConvertTo-Json) Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null - $Results = @{ message = "Your code is $($DeviceLogon.user_code). Enter the code" ; step = $step; url = $DeviceLogon.verification_uri } + $Results = @{ code = $($DeviceLogon.user_code); message = "Your code is $($DeviceLogon.user_code). Enter the code" ; step = $step; url = $DeviceLogon.verification_uri } } if ($Request.Query.CheckSetupProcess -and $Request.Query.step -eq 1) { $SAMSetup = $Rows.SamSetup | ConvertFrom-Json -ErrorAction SilentlyContinue + if ($SamSetup.token_type -eq 'Bearer') { + #sleeping for 10 seconds to allow the token to be created. + Start-Sleep 10 + #nulling the token to force a recheck. + $step = 2 + } $Token = (New-DeviceLogin -clientid '1b730954-1685-4b74-9bfd-dac224a7b894' -Scope 'https://graph.microsoft.com/.default' -device_code $SAMSetup.device_code) + Write-Host "Token is $($token | ConvertTo-Json)" if ($Token.access_token) { $step = 2 + $rows.SamSetup = [string]($Token | ConvertTo-Json) $URL = ($Request.headers.'x-ms-original-url').split('?') | Select-Object -First 1 - $PartnerSetup = $Rows.partnersetup + $PartnerSetup = $true $TenantId = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/organization' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method GET -ContentType 'application/json').value.id $SetupPhase = $rows.tenantid = [string]($TenantId) Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null @@ -178,24 +181,13 @@ Function Invoke-ExecSAMSetup { } $SPN = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/servicePrincipals' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"appId`": `"$($AppId.appId)`" }" -ContentType 'application/json') Start-Sleep 3 - $GroupID = (Invoke-RestMethod "https://graph.microsoft.com/v1.0/groups?`$filter=startswith(displayName,'AdminAgents')" -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method Get -ContentType 'application/json').value.id - Write-Host "Id is $GroupID" - $AddingToAdminAgent = (Invoke-RestMethod "https://graph.microsoft.com/v1.0/groups/$($GroupID)/members/`$ref" -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body "{ `"@odata.id`": `"https://graph.microsoft.com/v1.0/directoryObjects/$($SPN.id)`"}" -ContentType 'application/json') - Write-Host 'Added to adminagents' $attempt ++ } catch { $attempt ++ } } until ($attempt -gt 5) - } else { - $app = Get-Content '.\Cache_SAMSetup\SAMManifestNoPartner.json' - $AppId = (Invoke-RestMethod 'https://graph.microsoft.com/v1.0/applications' -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body $app -ContentType 'application/json') - $Rows.appid = [string]($AppId.appId) - Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null } $AppPassword = (Invoke-RestMethod "https://graph.microsoft.com/v1.0/applications/$($AppId.id)/addPassword" -Headers @{ authorization = "Bearer $($Token.access_token)" } -Method POST -Body '{"passwordCredential":{"displayName":"CIPPInstall"}}' -ContentType 'application/json').secretText - - if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') { $Secret.TenantId = $TenantId $Secret.ApplicationId = $AppId.appId @@ -210,7 +202,7 @@ Function Invoke-ExecSAMSetup { $Results = @{'message' = 'Created application. Waiting 30 seconds for Azure propagation'; step = $step } } else { $step = 1 - $Results = @{ message = "Your code is $($SAMSetup.user_code). Enter the code " ; step = $step; url = $SAMSetup.verification_uri } + $Results = @{ code = $($SAMSetup.user_code); message = "Your code is $($SAMSetup.user_code). Enter the code " ; step = $step; url = $SAMSetup.verification_uri } } } @@ -219,24 +211,20 @@ Function Invoke-ExecSAMSetup { $step = 2 $TenantId = $Rows.tenantid $AppID = $rows.appid - $PartnerSetup = $Rows.partnersetup + $PartnerSetup = $true $SetupPhase = $rows.SamSetup = [string]($FirstLogonRefreshtoken | ConvertTo-Json) Add-CIPPAzDataTableEntity @Table -Entity $Rows -Force | Out-Null $URL = ($Request.headers.'x-ms-original-url').split('?') | Select-Object -First 1 $Validated = $Rows.validated if ($Validated) { $step = 3 } - $Results = @{ message = 'Give the next approval by clicking ' ; step = $step; url = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/authorize?scope=https://graph.microsoft.com/.default+offline_access+openid+profile&response_type=code&client_id=$($appid)&redirect_uri=$($url)" } + $Results = @{ appId = $AppID; message = 'Give the next approval by clicking ' ; step = $step; url = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/authorize?scope=https://graph.microsoft.com/.default+offline_access+openid+profile&response_type=code&client_id=$($appid)&redirect_uri=$($url)" } } 3 { - $step = 4 $Results = @{'message' = 'Received token.'; step = $step } - - } 4 { Remove-AzDataTableEntity -Force @Table -Entity $Rows - $step = 5 $Results = @{'message' = 'setup completed.'; step = $step } From e57b9b55a3e9a501a95174b6e09fc0ebac85cf2f Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 29 Oct 2024 10:40:08 -0400 Subject: [PATCH 039/290] update partner webhook api --- .../HTTP Functions/CIPP/Core/Invoke-ExecPartnerWebhook.ps1 | 5 +++++ .../CIPPCore/Public/Webhooks/New-CIPPGraphSubscription.ps1 | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecPartnerWebhook.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecPartnerWebhook.ps1 index cadb2f70a770..82a86b1bbcf2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecPartnerWebhook.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecPartnerWebhook.ps1 @@ -32,6 +32,10 @@ function Invoke-ExecPartnerWebhook { } } 'CreateSubscription' { + if ($Request.Body.EventType.value) { + $Request.Body.EventType = $Request.Body.EventType.value + } + $BaseURL = ([System.Uri]$Request.Headers.'x-ms-original-url').Host $Webhook = @{ TenantFilter = $env:TenantID @@ -40,6 +44,7 @@ function Invoke-ExecPartnerWebhook { EventType = $Request.Body.EventType ExecutingUser = $Request.Headers.'x-ms-client-principal' } + $Results = New-CIPPGraphSubscription @Webhook if ($Request.Body.standardsExcludeAllTenants -eq $true) { diff --git a/Modules/CIPPCore/Public/Webhooks/New-CIPPGraphSubscription.ps1 b/Modules/CIPPCore/Public/Webhooks/New-CIPPGraphSubscription.ps1 index a6212c26f322..c03f02629b58 100644 --- a/Modules/CIPPCore/Public/Webhooks/New-CIPPGraphSubscription.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/New-CIPPGraphSubscription.ps1 @@ -37,7 +37,7 @@ function New-CIPPGraphSubscription { WebhookEvents = @($EventList) } try { - $EventCompare = Compare-Object $EventList ($MatchedWebhook.EventType | ConvertFrom-Json) + $EventCompare = Compare-Object $EventList ($MatchedWebhook.EventType | ConvertFrom-Json -ErrorAction Stop) } catch { $EventCompare = $false } From 3787dc0b86340674b46e2e34e958a06d56df9fc2 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 29 Oct 2024 11:28:52 -0400 Subject: [PATCH 040/290] update exclude license to be a post request --- .../HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 index 063e26bb0d4b..1d554d031aef 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecExcludeLicenses.ps1 @@ -53,7 +53,7 @@ Function Invoke-ExecExcludeLicenses { } if ($Request.Query.RemoveExclusion) { - $Filter = "RowKey eq '{0}' and PartitionKey eq 'License'" -f $Request.Query.Guid + $Filter = "RowKey eq '{0}' and PartitionKey eq 'License'" -f $Request.Body.GUID $Entity = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey Remove-AzDataTableEntity -Force @Table -Entity $Entity Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Removed exclusion $($Request.Query.GUID)" -Sev 'Info' From d5d0ec36a49e8fd556d781881b9007782cfd7201 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 29 Oct 2024 13:03:47 -0400 Subject: [PATCH 041/290] fix superadmin alert --- .../HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 index a49abf454b11..3b9c28cd2c20 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 @@ -30,7 +30,7 @@ Function Invoke-GetCippAlerts { } if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.'; link = '/cipp/setup'; type = 'warning'; setupCompleted = $false }) } - if ($role -like '*superadmin*') { $Alerts.Add(@{Alert = 'You are logged in under a superadmin account. This account should not be used for normal usage.'; link = 'https://docs.cipp.app/setup/installation/owntenant'; type = 'danger' }) } + if ($role -like '*superadmin*') { $Alerts.Add(@{Alert = 'You are logged in under a superadmin account. This account should not be used for normal usage.'; link = 'https://docs.cipp.app/setup/installation/owntenant'; type = 'error' }) } if ($env:WEBSITE_RUN_FROM_PACKAGE -ne '1' -and $env:AzureWebJobsStorage -ne 'UseDevelopmentStorage=true') { $Alerts.Add( @{Alert = 'Your Function App is running in write mode. This will cause performance issues and increase cost. Please check this ' From fbc23950af94c6a492aa764e9a81b197fef91859 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 29 Oct 2024 13:03:58 -0400 Subject: [PATCH 042/290] tweak partner mode response --- .../CIPP/Settings/Invoke-ExecPartnerMode.ps1 | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 index a7d2ba3511bb..ef8ac9c65fda 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 @@ -27,7 +27,15 @@ Function Invoke-ExecPartnerMode { } -Force Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = @{ results = "Set Tenant mode to $($Request.body.TenantMode)" } + Body = @{ + results = @( + @{ + result = "Set Tenant mode to $($Request.body.TenantMode)" + copyInfo = $null + state = 'info' + } + ) + } }) } @@ -43,10 +51,11 @@ Function Invoke-ExecPartnerMode { TenantMode = $CurrentState.state } } + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $CurrentState + }) } - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $CurrentState - }) } } From 54a7bc6860ebf8d086d4b5a8434b3ca79ef2db80 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 1 Nov 2024 10:32:41 -0400 Subject: [PATCH 043/290] request fixes reduce data in function stats add api to log message --- .../CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 | 9 ++++++++- .../Public/GraphHelper/Write-CippFunctionStats.ps1 | 8 +++----- Modules/CIPPCore/Public/Test-CIPPRerun.ps1 | 2 +- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index 13a2fbba85ba..3d344d2afff5 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -85,6 +85,9 @@ function New-GraphGetRequest { if ($Message -eq $null) { $Message = $($_.Exception.Message) } if ($Message -ne 'Request not applicable to target tenant.' -and $Tenant) { $Tenant.LastGraphError = $Message + if ($Tenant.PSObject.Properties.Name -notcontains 'GraphErrorCount') { + $Tenant | Add-Member -MemberType NoteProperty -Name 'GraphErrorCount' -Value 0 -Force + } $Tenant.GraphErrorCount++ Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant } @@ -96,7 +99,11 @@ function New-GraphGetRequest { } else { $Tenant.LastGraphError = '' } - $Tenant.GraphErrorCount = 0 + if ($Tenant.PSObject.Properties.Name -notcontains 'GraphErrorCount') { + $Tenant | Add-Member -MemberType NoteProperty -Name 'GraphErrorCount' -Value 0 -Force + } else { + $Tenant.GraphErrorCount = 0 + } Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant return $ReturnedData } else { diff --git a/Modules/CIPPCore/Public/GraphHelper/Write-CippFunctionStats.ps1 b/Modules/CIPPCore/Public/GraphHelper/Write-CippFunctionStats.ps1 index b8a2b05ed80c..d47a23bbb92f 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Write-CippFunctionStats.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Write-CippFunctionStats.ps1 @@ -27,13 +27,11 @@ function Write-CippFunctionStats { $StatEntity.DurationMS = $DurationMS $StatEntity.ErrorMsg = $ErrorMsg $Entity = [PSCustomObject]$Entity + $DesiredProperties = @('FunctionName', 'Command', 'DurableName') + foreach ($Property in $Entity.PSObject.Properties.Name) { if ($Entity.$Property) { - if ($Entity.$Property.GetType().Name -in ('Hashtable', 'PSCustomObject', 'OrderedHashtable')) { - $StatEntity.$Property = [string]($Entity.$Property | ConvertTo-Json -Compress) - } elseif ($Entity.$Property.GetType().Name -eq 'DateTime' -and $Entity.$Property.Kind -eq 'Local') { - $StatEntity.$Property = $Entity.$Property.ToUniversalTime() - } elseif ($Property -notin ('ETag', 'RowKey', 'PartitionKey', 'Timestamp', 'LastRefresh')) { + if ($Property -in $DesiredProperties) { $StatEntity.$Property = $Entity.$Property } } diff --git a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 index a0763da3bdcf..fbf284b58a90 100644 --- a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 @@ -38,7 +38,7 @@ function Test-CIPPRerun { } } if ($RerunData.EstimatedNextRun -gt $CurrentUnixTime) { - Write-LogMessage -message "Standard rerun detected for $($API). Prevented from running again." -tenant $TenantFilter -user $ExecutingUser -Sev 'Info' + Write-LogMessage -API $API -message "Standard rerun detected for $($API). Prevented from running again." -tenant $TenantFilter -user $ExecutingUser -Sev 'Info' return $true } else { $RerunData.EstimatedNextRun = $EstimatedNextRun From 59a4cbcac724d241ec8a87e18634a1c0c12f3920 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 1 Nov 2024 23:54:14 -0400 Subject: [PATCH 044/290] fix add service principal --- .../CIPP/Core/Invoke-ExecServicePrincipals.ps1 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 index 71bdb7a36d59..52523e9f9203 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 @@ -22,7 +22,7 @@ function Invoke-ExecServicePrincipals { 'appId' = $Request.Query.AppId } | ConvertTo-Json -Compress try { - $Results = New-GraphPostRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals' -tenantid $TenantFilter -type POST -body $Body + $Results = New-GraphPostRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals' -tenantid $TenantFilter -type POST -body $Body -NoAuthCheck $true } catch { $Results = "Unable to create service principal: $($_.Exception.Message)" $Success = $false @@ -39,8 +39,7 @@ function Invoke-ExecServicePrincipals { } elseif ($Request.Query.Id) { $Action = 'Get' $Results = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/servicePrincipals/$($Request.Query.Id)" -tenantid $TenantFilter -NoAuthCheck $true - } - else { + } else { $Action = 'List' $Results = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals?$top=999&$orderby=displayName&$count=true' -ComplexFilter -tenantid $TenantFilter -NoAuthCheck $true } From f470a82e7b345769cf6f9e7a610d0105a4ba4181 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 1 Nov 2024 23:54:25 -0400 Subject: [PATCH 045/290] durable cleanup --- CIPPTimers.json | 8 +++ .../Timer Functions/Start-DurableCleanup.ps1 | 61 +++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 diff --git a/CIPPTimers.json b/CIPPTimers.json index e527285dd78f..7c03fd75d678 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -1,4 +1,12 @@ [ + { + "Command": "Start-DurableCleanup", + "Description": "Timer function to cleanup durable functions", + "Cron": "0 */15 * * * *", + "Priority": 0, + "RunOnProcessor": true, + "IsSystem": true + }, { "Command": "Start-UserTasksOrchestrator", "Description": "Orchestrator to process user scheduled tasks", diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 new file mode 100644 index 000000000000..41b1d55c2081 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 @@ -0,0 +1,61 @@ +function Start-DurableCleanup { + <# + .SYNOPSIS + Start the durable cleanup process. + + .DESCRIPTION + Look for orchestrators running for more than the specified time and terminate them. Also, clear any queues that have items for that function app. + + .PARAMETER MaxDuration + The maximum duration an orchestrator can run before being terminated. + + .FUNCTIONALITY + Internal + #> + + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [int]$MaxDuration = 3600 + ) + $WarningPreference = 'SilentlyContinue' + $StorageContext = New-AzStorageContext -ConnectionString $env:AzureWebJobsStorage + $TargetTime = (Get-Date).ToUniversalTime().AddSeconds(-$MaxDuration) + $Context = New-AzDataTableContext -ConnectionString $env:AzureWebJobsStorage + $InstancesTables = Get-AzDataTable -Context $Context | Where-Object { $_ -match 'Instances' } + + $CleanupCount = 0 + $QueueCount = 0 + foreach ($Table in $InstancesTables) { + $Table = Get-CippTable -TableName $Table + $ClearQueues = $false + $FunctionName = $Table.TableName -replace 'Instances', '' + $Orchestrators = Get-CIPPAzDataTableEntity @Table -Filter "RuntimeStatus eq 'Running'" | Select-Object * -ExcludeProperty Input + $Orchestrators | Where-Object { $_.CreatedTime.DateTime -lt $TargetTime } | ForEach-Object { + $CreatedTime = [DateTime]::SpecifyKind($_.CreatedTime.DateTime, [DateTimeKind]::Utc) + $TimeSpan = New-TimeSpan -Start $CreatedTime -End (Get-Date).ToUniversalTime() + $RunningDuration = [math]::Round($TimeSpan.TotalMinutes, 2) + Write-Information "Orchestrator: $($_.PartitionKey), created: $CreatedTime, running for: $RunningDuration minutes" + $ClearQueues = $true + $_.RuntimeStatus = 'Failed' + if ($PSCmdlet.ShouldProcess($_.PartitionKey, 'Terminate Orchestrator')) { + $Orchestrator = Get-CIPPAzDataTableEntity @Table -PartitionKey $_.PartitionKey -RowKey $_.RowKey + $Orchestrator.RuntimeStatus = 'Failed' + Update-AzDataTableEntity @Table -Entity $Orchestrator + $CleanupCount++ + } + } + + if ($ClearQueues) { + $Queues = Get-AzStorageQueue -Context $StorageContext -Name ('{0}*' -f $FunctionName) | Select-Object -Property Name, ApproximateMessageCount, QueueClient + $RunningQueues = $Queues | Where-Object { $_.ApproximateMessageCount -gt 0 } + foreach ($Queue in $RunningQueues) { + Write-Information "- Removing queue: $($Queue.Name), message count: $($Queue.ApproximateMessageCount)" + if ($PSCmdlet.ShouldProcess($Queue.Name, 'Clear Queue')) { + $Queue.QueueClient.ClearMessagesAsync() | Out-Null + } + $QueueCount++ + } + } + } + Write-Information "Cleanup complete. $CleanupCount orchestrators were terminated. $QueueCount queues were cleared." +} From ebea3d9f0d3d3efe55c929a12fb0eb1a8ed6cfb5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 2 Nov 2024 11:37:28 -0400 Subject: [PATCH 046/290] add CPV test --- .../Public/Test-CIPPAccessPermissions.ps1 | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 index 147288ef79ed..58f72d9e80c3 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 @@ -128,6 +128,28 @@ function Test-CIPPAccessPermissions { $Messages.Add('You have all the required permissions.') | Out-Null } + $LastUpdate = $GraphPermissions.Timestamp + $CpvTable = Get-CippTable -tablename 'cpvtenants' + $CpvRefresh = Get-CippAzDataTableEntity @CpvTable -Filter "PartitionKey eq 'Tenant'" + $TenantList = Get-Tenants -IncludeErrors + $CPVRefreshList = [System.Collections.Generic.List[object]]::new() + $CPVSuccess = $true + foreach ($Tenant in $TenantList) { + $LastRefresh = ($CpvRefresh | Where-Object -Property RowKey -EQ $Tenant.customerId).Timestamp.DateTime + if ($LastRefresh -lt $LastUpdate) { + $CPVSuccess = $false + $CPVRefreshList.Add([PSCustomObject]@{ + CustomerId = $Tenant.customerId + DisplayName = $Tenant.displayName + DefaultDomainName = $Tenant.DefaultDomainName + LastRefresh = $LastRefresh + }) + } + } + if (!$CPVSuccess) { + $ErrorMessages.Add('Some tenants need a CPV refresh.') | Out-Null + $Success = $false + } } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -user $User -API $APINAME -message "Permissions check failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage @@ -144,6 +166,7 @@ function Test-CIPPAccessPermissions { Messages = @($Messages) ErrorMessages = @($ErrorMessages) MissingPermissions = @($MissingPermissions) + CPVRefreshList = @($CPVRefreshList) Links = @($Links) Success = $Success } From 17d3bd48e196f70b42aaa409d227213d6cc2fb54 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 4 Nov 2024 09:52:23 -0500 Subject: [PATCH 047/290] Add MFA reset back in --- .../Users/Invoke-ExecBECRemediate.ps1 | 5 +- .../Users/Invoke-ExecResetMFA.ps1 | 32 +-------- .../CIPPCore/Public/Remove-CIPPUserMFA.ps1 | 65 +++++++++++++++++++ 3 files changed, 69 insertions(+), 33 deletions(-) create mode 100644 Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecBECRemediate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecBECRemediate.ps1 index cfa67b8bd043..f8bd672e0c43 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecBECRemediate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecBECRemediate.ps1 @@ -27,8 +27,9 @@ Function Invoke-ExecBECRemediate { $Step = 'Disable Account' Set-CIPPSignInState -userid $username -AccountEnabled $false -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $User $Step = 'Revoke Sessions' - Revoke-CIPPSessions -userid $SuspectUser -username $request.body.username -ExecutingUser $User -APIName $APINAME -tenantFilter $TenantFilter - + Revoke-CIPPSessions -userid $SuspectUser -username $username -ExecutingUser $User -APIName $APINAME -tenantFilter $TenantFilter + $Step = 'Remove MFA methods' + Remove-CIPPUserMFA -UserPrincipalName $username -TenantFilter $TenantFilter -ExecutingUser $User $Step = 'Disable Inbox Rules' $Rules = New-ExoRequest -anchor $username -tenantid $TenantFilter -cmdlet 'Get-InboxRule' -cmdParams @{Mailbox = $username; IncludeHidden = $true } $RuleDisabled = 0 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 index 881f35afbf93..6c59d1cd9346 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 @@ -17,37 +17,7 @@ Function Invoke-ExecResetMFA { $TenantFilter = $Request.Query.TenantFilter $UserID = $Request.Query.ID try { - Write-Host "Getting auth methods for $UserID" - $AuthMethods = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$UserID/authentication/methods" -tenantid $TenantFilter -AsApp $true - $Requests = [System.Collections.Generic.List[object]]::new() - foreach ($Method in $AuthMethods) { - if ($Method.'@odata.type' -and $Method.'@odata.type' -ne '#microsoft.graph.passwordAuthenticationMethod') { - $MethodType = ($Method.'@odata.type' -split '\.')[-1] -replace 'Authentication', '' - $Requests.Add(@{ - id = "$MethodType-$($Method.id)" - method = 'DELETE' - url = ('users/{0}/authentication/{1}s/{2}' -f $UserID, $MethodType, $Method.id) - }) - } - } - if (($Requests | Measure-Object).Count -eq 0) { - $Results = [pscustomobject]@{'Results' = "No MFA methods found for user $($Request.Query.ID)" } - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $Results - }) - return - } - - $Results = New-GraphBulkRequest -Requests $Requests -tenantid $TenantFilter -asapp $true -erroraction stop - - - if ($Results.status -eq 204) { - $Results = [pscustomobject]@{'Results' = "Successfully completed request. User $($Request.Query.ID) must supply MFA at next logon" } - } else { - $FailedAuthMethods = (($Results | Where-Object { $_.status -ne 204 }).id -split '-')[0] -join ', ' - $Results = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $FailedAuthMethods" } - } + $Results = Remove-CIPPUserMFA -UserPrincipalName $UserID -TenantFilter $TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' } catch { $Results = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $($Request.Query.ID): $(Get-NormalizedError -message $_.Exception.Message)" } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to reset MFA for user $($Request.Query.ID): $($_.Exception.Message)" -Sev 'Error' -LogData (Get-CippException -Exception $_) diff --git a/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 b/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 new file mode 100644 index 000000000000..99d141ea9bc5 --- /dev/null +++ b/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 @@ -0,0 +1,65 @@ +function Remove-CIPPUserMFA { + <# + .SYNOPSIS + Remove MFA methods for a user + + .DESCRIPTION + Remove MFA methods for a user using bulk requests to the Microsoft Graph API + + .PARAMETER UserPrincipalName + UserPrincipalName of the user to remove MFA methods for + + .PARAMETER TenantFilter + Tenant where the user resides + + .EXAMPLE + Remove-CIPPUserMFA -UserPrincipalName testuser@contoso.com -TenantFilter contoso.com + + #> + [CmdletBinding(SupportsShouldProcess = $true)] + Param( + [Parameter(Mandatory = $true)] + [string]$UserPrincipalName, + [Parameter(Mandatory = $true)] + [string]$TenantFilter, + [Parameter(Mandatory = $false)] + [string]$ExecutingUser = 'CIPP' + ) + + Write-Information "Getting auth methods for $UserPrincipalName" + $AuthMethods = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$UserPrincipalName/authentication/methods" -tenantid $TenantFilter -AsApp $true + $Requests = [System.Collections.Generic.List[object]]::new() + foreach ($Method in $AuthMethods) { + if ($Method.'@odata.type' -and $Method.'@odata.type' -ne '#microsoft.graph.passwordAuthenticationMethod') { + $MethodType = ($Method.'@odata.type' -split '\.')[-1] -replace 'Authentication', '' + $Requests.Add(@{ + id = "$MethodType-$($Method.id)" + method = 'DELETE' + url = ('users/{0}/authentication/{1}s/{2}' -f $UserPrincipalName, $MethodType, $Method.id) + }) + } + } + if (($Requests | Measure-Object).Count -eq 0) { + Write-LogMessage -API 'Remove-CIPPUserMFA' -tenant $TenantFilter -message "No MFA methods found for user $UserPrincipalName" -sev 'Info' + $Results = [pscustomobject]@{'Results' = "No MFA methods found for user $($Request.Query.ID)" } + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $Results + }) + return + } + + if ($PSCmdlet.ShouldProcess("Remove MFA methods for $UserPrincipalName")) { + $Results = New-GraphBulkRequest -Requests $Requests -tenantid $TenantFilter -asapp $true -erroraction stop + if ($Results.status -eq 204) { + Write-LogMessage -API 'Remove-CIPPUserMFA' -tenant $TenantFilter -message "Successfully removed MFA methods for user $UserPrincipalName" -sev 'Info' + $Results = [pscustomobject]@{'Results' = "Successfully completed request. User $($Request.Query.ID) must supply MFA at next logon" } + } else { + $FailedAuthMethods = (($Results | Where-Object { $_.status -ne 204 }).id -split '-')[0] -join ', ' + Write-LogMessage -API 'Remove-CIPPUserMFA' -tenant $TenantFilter -message "Failed to remove MFA methods for $FailedAuthMethods" -sev 'Error' + $Results = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $FailedAuthMethods" } + } + } + + return $Results +} From 7fe4170261cf0e2fab79e1963c2c6c2018006654 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 11 Nov 2024 17:46:56 -0500 Subject: [PATCH 048/290] Audit log tweaks --- CIPPTimers.json | 9 ++ .../Webhooks/Push-AuditLogTenant.ps1 | 2 +- .../Start-AuditLogOrchestrator.ps1 | 70 ---------------- .../Start-AuditLogSearchCreation.ps1 | 84 +++++++++++++++++++ 4 files changed, 94 insertions(+), 71 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogSearchCreation.ps1 diff --git a/CIPPTimers.json b/CIPPTimers.json index 7c03fd75d678..c38acd967d56 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -31,6 +31,15 @@ "PreferredProcessor": "auditlog", "IsSystem": true }, + { + "Command": "Start-AuditLogSearchCreation", + "Description": "Timer to create audit log searches", + "Cron": "0 */30 * * * *", + "Priority": 3, + "RunOnProcessor": true, + "PreferredProcessor": "auditlog", + "IsSystem": true + }, { "Command": "Start-ApplicationOrchestrator", "Description": "Orchestrator to process application uploads", diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index 56ede00d9eed..b5cb9286edc5 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -36,7 +36,7 @@ function Push-AuditLogTenant { $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } if ($Configuration) { try { - $LogSearches = Get-CippAuditLogSearches -TenantFilter $TenantFilter -ReadyToProcess | Select-Object -First 20 + $LogSearches = Get-CippAuditLogSearches -TenantFilter $TenantFilter -ReadyToProcess | Select-Object -First 10 Write-Information ('Audit Logs: Found {0} searches, begin processing' -f $LogSearches.Count) foreach ($Search in $LogSearches) { $SearchEntity = Get-CIPPAzDataTableEntity @LogSearchesTable -Filter "Tenant eq '$($TenantFilter)' and RowKey eq '$($Search.id)'" diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 index c0ccc91c3443..0f56ae4a7e99 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 @@ -9,15 +9,6 @@ function Start-AuditLogOrchestrator { $AuditLogSearchesTable = Get-CIPPTable -TableName 'AuditLogSearches' $AuditLogSearches = Get-CIPPAzDataTableEntity @AuditLogSearchesTable -Filter "CippStatus eq 'Pending'" - $ConfigTable = Get-CippTable -TableName 'WebhookRules' - $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable - - $TenantList = Get-Tenants -IncludeErrors - # Round time down to nearest minute - $Now = Get-Date - $StartTime = ($Now.AddSeconds(-$Now.Seconds)).AddHours(-1) - $EndTime = $Now.AddSeconds(-$Now.Seconds) - if (($AuditLogSearches | Measure-Object).Count -eq 0) { Write-Information 'No audit log searches available' } else { @@ -33,67 +24,6 @@ function Start-AuditLogOrchestrator { Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) } } - - Write-Information 'Audit Logs: Creating new searches' - foreach ($Tenant in $TenantList) { - $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } - if ($Configuration) { - $ServiceFilters = $Configuration | Select-Object -Property type | Sort-Object -Property type -Unique | ForEach-Object { $_.type.split('.')[1] } - try { - $LogSearch = @{ - StartTime = $StartTime - EndTime = $EndTime - ServiceFilters = $ServiceFilters - TenantFilter = $Tenant.defaultDomainName - ProcessLogs = $true - RecordTypeFilters = @( - 'exchangeAdmin', 'azureActiveDirectory', 'azureActiveDirectoryAccountLogon', 'dataCenterSecurityCmdlet', - 'complianceDLPSharePoint', 'complianceDLPExchange', 'azureActiveDirectoryStsLogon', 'skypeForBusinessPSTNUsage', - 'skypeForBusinessUsersBlocked', 'securityComplianceCenterEOPCmdlet', 'microsoftFlow', 'aeD', 'microsoftStream', - 'threatFinder', 'project', 'dataGovernance', 'securityComplianceAlerts', 'threatIntelligenceUrl', - 'securityComplianceInsights', 'mipLabel', 'workplaceAnalytics', 'powerAppsApp', 'powerAppsPlan', - 'threatIntelligenceAtpContent', 'labelContentExplorer', 'hygieneEvent', - 'dataInsightsRestApiAudit', 'informationBarrierPolicyApplication', 'microsoftTeamsAdmin', 'hrSignal', - 'informationWorkerProtection', 'campaign', 'dlpEndpoint', 'airInvestigation', 'quarantine', 'microsoftForms', - 'applicationAudit', 'complianceSupervisionExchange', 'customerKeyServiceEncryption', 'officeNative', - 'mipAutoLabelSharePointItem', 'mipAutoLabelSharePointPolicyLocation', 'secureScore', - 'mipAutoLabelExchangeItem', 'cortanaBriefing', 'search', 'wdatpAlerts', 'powerPlatformAdminDlp', - 'powerPlatformAdminEnvironment', 'mdatpAudit', 'sensitivityLabelPolicyMatch', 'sensitivityLabelAction', - 'sensitivityLabeledFileAction', 'attackSim', 'airManualInvestigation', 'securityComplianceRBAC', 'userTraining', - 'airAdminActionInvestigation', 'mstic', 'physicalBadgingSignal', 'aipDiscover', 'aipSensitivityLabelAction', - 'aipProtectionAction', 'aipFileDeleted', 'aipHeartBeat', 'mcasAlerts', 'onPremisesFileShareScannerDlp', - 'onPremisesSharePointScannerDlp', 'exchangeSearch', 'privacyDataMinimization', 'labelAnalyticsAggregate', - 'myAnalyticsSettings', 'securityComplianceUserChange', 'complianceDLPExchangeClassification', - 'complianceDLPEndpoint', 'mipExactDataMatch', 'msdeResponseActions', 'msdeGeneralSettings', 'msdeIndicatorsSettings', - 'ms365DCustomDetection', 'msdeRolesSettings', 'mapgAlerts', 'mapgPolicy', 'mapgRemediation', - 'privacyRemediationAction', 'privacyDigestEmail', 'mipAutoLabelSimulationProgress', 'mipAutoLabelSimulationCompletion', - 'mipAutoLabelProgressFeedback', 'dlpSensitiveInformationType', 'mipAutoLabelSimulationStatistics', - 'largeContentMetadata', 'microsoft365Group', 'cdpMlInferencingResult', 'filteringMailMetadata', - 'cdpClassificationMailItem', 'cdpClassificationDocument', 'officeScriptsRunAction', 'filteringPostMailDeliveryAction', - 'cdpUnifiedFeedback', 'tenantAllowBlockList', 'consumptionResource', 'healthcareSignal', 'dlpImportResult', - 'cdpCompliancePolicyExecution', 'multiStageDisposition', 'privacyDataMatch', 'filteringDocMetadata', - 'filteringEmailFeatures', 'powerBIDlp', 'filteringUrlInfo', 'filteringAttachmentInfo', 'coreReportingSettings', - 'complianceConnector', 'powerPlatformLockboxResourceAccessRequest', 'powerPlatformLockboxResourceCommand', - 'cdpPredictiveCodingLabel', 'cdpCompliancePolicyUserFeedback', 'webpageActivityEndpoint', 'omePortal', - 'cmImprovementActionChange', 'filteringUrlClick', 'mipLabelAnalyticsAuditRecord', 'filteringEntityEvent', - 'filteringRuleHits', 'filteringMailSubmission', 'labelExplorer', 'microsoftManagedServicePlatform', - 'powerPlatformServiceActivity', 'scorePlatformGenericAuditRecord', 'filteringTimeTravelDocMetadata', 'alert', - 'alertStatus', 'alertIncident', 'incidentStatus', 'case', 'caseInvestigation', 'recordsManagement', - 'privacyRemediation', 'dataShareOperation', 'cdpDlpSensitive', 'ehrConnector', 'filteringMailGradingResult', - 'microsoftTodoAudit', 'timeTravelFilteringDocMetadata', 'microsoftDefenderForIdentityAudit', - 'supervisoryReviewDayXInsight', 'defenderExpertsforXDRAdmin', 'cdpEdgeBlockedMessage', 'hostedRpa', - 'cdpContentExplorerAggregateRecord', 'cdpHygieneAttachmentInfo', 'cdpHygieneSummary', 'cdpPostMailDeliveryAction', - 'cdpEmailFeatures', 'cdpHygieneUrlInfo', 'cdpUrlClick', 'cdpPackageManagerHygieneEvent', 'filteringDocScan', - 'timeTravelFilteringDocScan', 'mapgOnboard' - ) - } - $NewSearch = New-CippAuditLogSearch @LogSearch - Write-Information "Created audit log search $($Tenant.defaultDomainName) - $($NewSearch.displayName)" - } catch { - Write-Information "Error creating audit log search $($Tenant.defaultDomainName) - $($_.Exception.Message)" - } - } - } } catch { Write-LogMessage -API 'Audit Logs' -message 'Error processing audit logs' -sev Error -LogData (Get-CippException -Exception $_) Write-Information ( 'Audit logs error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogSearchCreation.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogSearchCreation.ps1 new file mode 100644 index 000000000000..e0b6e72ea843 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogSearchCreation.ps1 @@ -0,0 +1,84 @@ +function Start-AuditLogSearchCreation { + <# + .SYNOPSIS + Start the Audit Log Searches + #> + [CmdletBinding(SupportsShouldProcess = $true)] + param() + try { + $ConfigTable = Get-CippTable -TableName 'WebhookRules' + $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable + + $TenantList = Get-Tenants -IncludeErrors + # Round time down to nearest minute + $Now = Get-Date + $StartTime = ($Now.AddSeconds(-$Now.Seconds)).AddHours(-1) + $EndTime = $Now.AddSeconds(-$Now.Seconds) + + Write-Information 'Audit Logs: Creating new searches' + foreach ($Tenant in $TenantList) { + $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') } + if ($Configuration) { + $ServiceFilters = $Configuration | Select-Object -Property type | Sort-Object -Property type -Unique | ForEach-Object { $_.type.split('.')[1] } + try { + $LogSearch = @{ + StartTime = $StartTime + EndTime = $EndTime + ServiceFilters = $ServiceFilters + TenantFilter = $Tenant.defaultDomainName + ProcessLogs = $true + RecordTypeFilters = @( + 'exchangeAdmin', 'azureActiveDirectory', 'azureActiveDirectoryAccountLogon', 'dataCenterSecurityCmdlet', + 'complianceDLPSharePoint', 'complianceDLPExchange', 'azureActiveDirectoryStsLogon', 'skypeForBusinessPSTNUsage', + 'skypeForBusinessUsersBlocked', 'securityComplianceCenterEOPCmdlet', 'microsoftFlow', 'aeD', 'microsoftStream', + 'threatFinder', 'project', 'dataGovernance', 'securityComplianceAlerts', 'threatIntelligenceUrl', + 'securityComplianceInsights', 'mipLabel', 'workplaceAnalytics', 'powerAppsApp', 'powerAppsPlan', + 'threatIntelligenceAtpContent', 'labelContentExplorer', 'hygieneEvent', + 'dataInsightsRestApiAudit', 'informationBarrierPolicyApplication', 'microsoftTeamsAdmin', 'hrSignal', + 'informationWorkerProtection', 'campaign', 'dlpEndpoint', 'airInvestigation', 'quarantine', 'microsoftForms', + 'applicationAudit', 'complianceSupervisionExchange', 'customerKeyServiceEncryption', 'officeNative', + 'mipAutoLabelSharePointItem', 'mipAutoLabelSharePointPolicyLocation', 'secureScore', + 'mipAutoLabelExchangeItem', 'cortanaBriefing', 'search', 'wdatpAlerts', 'powerPlatformAdminDlp', + 'powerPlatformAdminEnvironment', 'mdatpAudit', 'sensitivityLabelPolicyMatch', 'sensitivityLabelAction', + 'sensitivityLabeledFileAction', 'attackSim', 'airManualInvestigation', 'securityComplianceRBAC', 'userTraining', + 'airAdminActionInvestigation', 'mstic', 'physicalBadgingSignal', 'aipDiscover', 'aipSensitivityLabelAction', + 'aipProtectionAction', 'aipFileDeleted', 'aipHeartBeat', 'mcasAlerts', 'onPremisesFileShareScannerDlp', + 'onPremisesSharePointScannerDlp', 'exchangeSearch', 'privacyDataMinimization', 'labelAnalyticsAggregate', + 'myAnalyticsSettings', 'securityComplianceUserChange', 'complianceDLPExchangeClassification', + 'complianceDLPEndpoint', 'mipExactDataMatch', 'msdeResponseActions', 'msdeGeneralSettings', 'msdeIndicatorsSettings', + 'ms365DCustomDetection', 'msdeRolesSettings', 'mapgAlerts', 'mapgPolicy', 'mapgRemediation', + 'privacyRemediationAction', 'privacyDigestEmail', 'mipAutoLabelSimulationProgress', 'mipAutoLabelSimulationCompletion', + 'mipAutoLabelProgressFeedback', 'dlpSensitiveInformationType', 'mipAutoLabelSimulationStatistics', + 'largeContentMetadata', 'microsoft365Group', 'cdpMlInferencingResult', 'filteringMailMetadata', + 'cdpClassificationMailItem', 'cdpClassificationDocument', 'officeScriptsRunAction', 'filteringPostMailDeliveryAction', + 'cdpUnifiedFeedback', 'tenantAllowBlockList', 'consumptionResource', 'healthcareSignal', 'dlpImportResult', + 'cdpCompliancePolicyExecution', 'multiStageDisposition', 'privacyDataMatch', 'filteringDocMetadata', + 'filteringEmailFeatures', 'powerBIDlp', 'filteringUrlInfo', 'filteringAttachmentInfo', 'coreReportingSettings', + 'complianceConnector', 'powerPlatformLockboxResourceAccessRequest', 'powerPlatformLockboxResourceCommand', + 'cdpPredictiveCodingLabel', 'cdpCompliancePolicyUserFeedback', 'webpageActivityEndpoint', 'omePortal', + 'cmImprovementActionChange', 'filteringUrlClick', 'mipLabelAnalyticsAuditRecord', 'filteringEntityEvent', + 'filteringRuleHits', 'filteringMailSubmission', 'labelExplorer', 'microsoftManagedServicePlatform', + 'powerPlatformServiceActivity', 'scorePlatformGenericAuditRecord', 'filteringTimeTravelDocMetadata', 'alert', + 'alertStatus', 'alertIncident', 'incidentStatus', 'case', 'caseInvestigation', 'recordsManagement', + 'privacyRemediation', 'dataShareOperation', 'cdpDlpSensitive', 'ehrConnector', 'filteringMailGradingResult', + 'microsoftTodoAudit', 'timeTravelFilteringDocMetadata', 'microsoftDefenderForIdentityAudit', + 'supervisoryReviewDayXInsight', 'defenderExpertsforXDRAdmin', 'cdpEdgeBlockedMessage', 'hostedRpa', + 'cdpContentExplorerAggregateRecord', 'cdpHygieneAttachmentInfo', 'cdpHygieneSummary', 'cdpPostMailDeliveryAction', + 'cdpEmailFeatures', 'cdpHygieneUrlInfo', 'cdpUrlClick', 'cdpPackageManagerHygieneEvent', 'filteringDocScan', + 'timeTravelFilteringDocScan', 'mapgOnboard' + ) + } + if ($PSCmdlet.ShouldProcess('Start-AuditLogSearchCreation', 'Creating Audit Log Search')) { + $NewSearch = New-CippAuditLogSearch @LogSearch + Write-Information "Created audit log search $($Tenant.defaultDomainName) - $($NewSearch.displayName)" + } + } catch { + Write-Information "Error creating audit log search $($Tenant.defaultDomainName) - $($_.Exception.Message)" + } + } + } + } catch { + Write-LogMessage -API 'Audit Logs' -message 'Error creating audit log searches' -sev Error -LogData (Get-CippException -Exception $_) + Write-Information ( 'Audit logs error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) + } +} From 9d4925e5a7658037a7701073de89a65a61222420 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 12 Nov 2024 12:49:20 +0100 Subject: [PATCH 049/290] prettyfied errors --- .../CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 | 2 +- Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 index f656bd541400..e0ae166cdc0d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 @@ -142,7 +142,7 @@ function Invoke-ListGraphRequest { } $StatusCode = [HttpStatusCode]::OK } catch { - $GraphRequestData = "Graph Error: $($_.Exception.Message) - Endpoint: $($Request.Query.Endpoint)" + $GraphRequestData = "Graph Error: $(Get-NormalizedError $_.Exception.Message) - Endpoint: $($Request.Query.Endpoint)" if ($Request.Query.IgnoreErrors) { $StatusCode = [HttpStatusCode]::OK } else { $StatusCode = [HttpStatusCode]::BadRequest } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index 1755a9f58378..50552c40efdf 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -44,7 +44,6 @@ function Get-NormalizedError { '*Provide valid credential.*' { 'Error 400: There is an issue with your Exchange Token configuration. Please perform an access check for this tenant' } '*This indicate that a subscription within the tenant has lapsed*' { 'There is subscription for this service available, Check licensing information.' } '*User was not found.*' { 'The relationship between this tenant and the partner has been dissolved from the tenant side.' } - '*The user or administrator has not consented to use the application*' { 'CIPP cannot access this tenant. Perform a CPV Refresh and Access Check via the settings menu' } '*AADSTS50020*' { 'AADSTS50020: The user you have used for your Secure Application Model is a guest in this tenant, or your are using GDAP and have not added the user to the correct group. Please delete the guest user to gain access to this tenant' } '*AADSTS50177' { 'AADSTS50177: The user you have used for your Secure Application Model is a guest in this tenant, or your are using GDAP and have not added the user to the correct group. Please delete the guest user to gain access to this tenant' } '*invalid or malformed*' { 'The request is malformed. Have you finished the SAM Setup?' } @@ -58,6 +57,8 @@ function Get-NormalizedError { '*Providers.Common.V1.CoreException*' { '403 (Access Denied) - We cannot connect to this tenant.' } '*Authentication failed. MFA required*' { 'Authentication failed. MFA required' } '*Your tenant is not licensed for this feature.*' { 'Required license not available for this tenant' } + '*AADSTS65001*' { 'We cannot access this tenant as consent has not been given, please try refreshing the CPV permissions in the application settings menu.' } + '*AADSTS700082*' { 'The CIPP user access token has expired. Run the SAM Setup wizard to refresh your tokens.' } Default { $message } } From 1affbeae19c9a78175392277a6184fd1467d05be Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 12 Nov 2024 13:30:43 +0100 Subject: [PATCH 050/290] fixes approval alerting --- Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewAppApproval.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewAppApproval.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewAppApproval.ps1 index 3708942b4759..145d6c3b384f 100644 --- a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewAppApproval.ps1 +++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewAppApproval.ps1 @@ -12,7 +12,7 @@ function Get-CIPPAlertNewAppApproval { $TenantFilter ) try { - $Approvals = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/identityGovernance/appConsent/appConsentRequests' -tenantid $TenantFilter | Where-Object -Property requestStatus -EQ 'inProgress' + $Approvals = New-GraphGetRequest -Uri "https://graph.microsoft.com/v1.0/identityGovernance/appConsent/appConsentRequests?`$filter=userConsentRequests/any (u:u/status eq 'InProgress')" -tenantid $TenantFilter if ($Approvals.count -gt 1) { $AlertData = "There are $($Approvals.count) App Approval(s) pending." Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData From b0256111119a399e8a0527ab57c5daef9ddc30b5 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Wed, 13 Nov 2024 20:46:09 +0100 Subject: [PATCH 051/290] bulk stuff --- .../Administration/Users/Invoke-AddGuest.ps1 | 17 +++++++---------- .../Administration/Users/Invoke-AddUserBulk.ps1 | 4 +++- Modules/CIPPCore/Public/New-CippUser.ps1 | 4 ++-- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 index 43e1dc49d393..c78990b7576d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 @@ -25,8 +25,7 @@ Function Invoke-AddGuest { 'inviteRedirectUrl' = $($userobj.RedirectURL) 'sendInvitationMessage' = [boolean]$userobj.SendInvite } - } - else { + } else { $BodyToship = [pscustomobject] @{ 'InvitedUserDisplayName' = $userobj.Displayname 'InvitedUserEmailAddress' = $($userobj.mail) @@ -35,18 +34,16 @@ Function Invoke-AddGuest { } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress - $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/invitations' -tenantid $Userobj.tenantid -type POST -body $BodyToship -verbose + $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/invitations' -tenantFilter $Userobj.tenantFilter -type POST -body $BodyToship -verbose if ($Userobj.sendInvite -eq 'true') { $results.add('Invited Guest. Invite Email sent') - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Invited Guest $($userobj.displayname) with Email Invite " -Sev 'Info' - } - else { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Invited Guest $($userobj.displayname) with Email Invite " -Sev 'Info' + } else { $results.add('Invited Guest. No Invite Email was sent') - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Invited Guest $($userobj.displayname) with no Email Invite " -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Invited Guest $($userobj.displayname) with no Email Invite " -Sev 'Info' } - } - catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Guest Invite API failed. $($_.Exception.Message)" -Sev 'Error' + } catch { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Guest Invite API failed. $($_.Exception.Message)" -Sev 'Error' $body = $results.add("Failed to Invite Guest. $($_.Exception.Message)" ) } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUserBulk.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUserBulk.ps1 index a0def20c1b22..25150677f7cd 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUserBulk.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUserBulk.ps1 @@ -14,7 +14,9 @@ Function Invoke-AddUserBulk { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $TenantFilter = $Request.body.TenantFilter $Body = foreach ($userobj in $request.body.BulkUser) { - Write-Host 'PowerShell HTTP trigger function processed a request.' + if ($userobj.usageLocation.value) { + $userobj.usageLocation = $userobj.usageLocation.value + } try { $password = if ($userobj.password) { $userobj.password } else { New-passwordString } $UserprincipalName = "$($userobj.mailNickName)@$($userobj.domain)" diff --git a/Modules/CIPPCore/Public/New-CippUser.ps1 b/Modules/CIPPCore/Public/New-CippUser.ps1 index c45517f62d96..f5344d77e6e8 100644 --- a/Modules/CIPPCore/Public/New-CippUser.ps1 +++ b/Modules/CIPPCore/Public/New-CippUser.ps1 @@ -11,7 +11,7 @@ function New-CIPPUser { try { $Aliases = ($UserObj.AddedAliases) -split '\s' $password = if ($UserObj.password) { $UserObj.password } else { New-passwordString } - $UserprincipalName = "$($UserObj.Username)@$($UserObj.Domain)" + $UserprincipalName = "$($UserObj.Username)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.tenantID)" $BodyToship = [pscustomobject] @{ 'givenName' = $UserObj.FirstName 'surname' = $UserObj.LastName @@ -20,7 +20,7 @@ function New-CIPPUser { 'department' = $UserObj.Department 'mailNickname' = $UserObj.Username 'userPrincipalName' = $UserprincipalName - 'usageLocation' = $UserObj.usageLocation + 'usageLocation' = $UserObj.usageLocation.value ? $UserObj.usageLocation.value : $UserObj.usageLocation 'city' = $UserObj.City 'country' = $UserObj.Country 'jobtitle' = $UserObj.Jobtitle From d0a30b628628809c7b526b4691efc93b36f2ac22 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 14 Nov 2024 01:28:23 +0100 Subject: [PATCH 052/290] connect add user --- .../Administration/Users/Invoke-AddUser.ps1 | 2 +- Modules/CIPPCore/Public/New-CIPPUserTask.ps1 | 15 +++++++------- Modules/CIPPCore/Public/New-CippUser.ps1 | 20 ++++++++++--------- 3 files changed, 19 insertions(+), 18 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 index 320a196a0f3a..427fd00befbe 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 @@ -18,7 +18,7 @@ Function Invoke-AddUser { if ($UserObj.Scheduled.Enabled) { $TaskBody = [pscustomobject]@{ TenantFilter = $UserObj.tenantID - Name = "New user creation: $($UserObj.User)@$($UserObj.Domain)" + Name = "New user creation: $($UserObj.mailNickname)@$($UserObj.PrimDomain.value)" Command = @{ value = 'New-CIPPUserTask' label = 'New-CIPPUserTask' diff --git a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 index 6d00a366827f..46a994804d15 100644 --- a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 @@ -18,33 +18,32 @@ function New-CIPPUserTask { } try { - $licenses = (($UserObj | Select-Object 'License_*').psobject.properties | Where-Object { $_.value -EQ $true }).name -replace 'License_', '' - if ($licenses) { - $LicenseResults = Set-CIPPUserLicense -userid $CreationResults.username -TenantFilter $UserObj.tenantID -Licenses $licenses + if ($userobj.licenses.value) { + $LicenseResults = Set-CIPPUserLicense -userid $CreationResults.username -TenantFilter $UserObj.tenantFilter -Licenses $userobj.licenses.value $Results.Add($LicenseResults) } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantID) -message "Failed to assign the license. Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Failed to assign the license. Error:$($_.Exception.Message)" -Sev 'Error' $body = $results.add("Failed to assign the license. $($_.Exception.Message)") } try { if ($Userobj.AddedAliases) { - $AliasResults = Add-CIPPAlias -user $CreationResults.username -Aliases ($UserObj.AddedAliases -split '\s') -UserprincipalName $CreationResults.Username -TenantFilter $UserObj.tenantID -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' + $AliasResults = Add-CIPPAlias -user $CreationResults.username -Aliases ($UserObj.AddedAliases -split '\s') -UserprincipalName $CreationResults.Username -TenantFilter $UserObj.tenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' $results.add($AliasResults) } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantID) -message "Failed to create the Aliases. Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Failed to create the Aliases. Error:$($_.Exception.Message)" -Sev 'Error' $body = $results.add("Failed to create the Aliases: $($_.Exception.Message)") } if ($userobj.CopyFrom -ne '') { - $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $userObj.CopyFrom -UserID $CreationResults.Username -TenantFilter $UserObj.tenantID + $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $userObj.CopyFrom -UserID $CreationResults.Username -TenantFilter $UserObj.tenantFilter $CopyFrom.Success | ForEach-Object { $results.Add($_) } $CopyFrom.Error | ForEach-Object { $results.Add($_) } } if ($userobj.setManager) { - $ManagerResult = Set-CIPPManager -user $CreationResults.username -Manager $userObj.setManager.value -TenantFilter $UserObj.tenantID -APIName 'Set Manager' -ExecutingUser $request.headers.'x-ms-client-principal' + $ManagerResult = Set-CIPPManager -user $CreationResults.username -Manager $userObj.setManager.value -TenantFilter $UserObj.tenantFilter -APIName 'Set Manager' -ExecutingUser $request.headers.'x-ms-client-principal' $results.add($ManagerResult) } diff --git a/Modules/CIPPCore/Public/New-CippUser.ps1 b/Modules/CIPPCore/Public/New-CippUser.ps1 index f5344d77e6e8..6a892a07df68 100644 --- a/Modules/CIPPCore/Public/New-CippUser.ps1 +++ b/Modules/CIPPCore/Public/New-CippUser.ps1 @@ -9,16 +9,19 @@ function New-CIPPUser { ) try { + Write-Host $UserObj.PrimDomain.value $Aliases = ($UserObj.AddedAliases) -split '\s' $password = if ($UserObj.password) { $UserObj.password } else { New-passwordString } - $UserprincipalName = "$($UserObj.Username)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.tenantID)" + $UserprincipalName = "$($UserObj.Username ? $userobj.username :$userobj.mailNickname )@$($UserObj.Domain ? $UserObj.Domain : $UserObj.PrimDomain.value)" + Write-Host "Creating user $UserprincipalName" + Write-Host "tenant filter is $($UserObj.tenantFilter)" $BodyToship = [pscustomobject] @{ 'givenName' = $UserObj.FirstName 'surname' = $UserObj.LastName 'accountEnabled' = $true 'displayName' = $UserObj.DisplayName 'department' = $UserObj.Department - 'mailNickname' = $UserObj.Username + 'mailNickname' = $UserObj.Username ? $userobj.username :$userobj.mailNickname 'userPrincipalName' = $UserprincipalName 'usageLocation' = $UserObj.usageLocation.value ? $UserObj.usageLocation.value : $UserObj.usageLocation 'city' = $UserObj.City @@ -34,17 +37,16 @@ function New-CIPPUser { } } if ($userobj.businessPhone) { $bodytoShip | Add-Member -NotePropertyName businessPhones -NotePropertyValue @($UserObj.businessPhone) } - if ($UserObj.addedAttributes) { - Write-Host 'Found added attribute' - Write-Host "Added attributes: $($UserObj.addedAttributes | ConvertTo-Json)" - $UserObj.addedAttributes.GetEnumerator() | ForEach-Object { + if ($UserObj.defaultAttributes.value) { + [hashtable]($UserObj.defaultAttributes).GetEnumerator() | ForEach-Object { $results.add("Added property $($_.Key) with value $($_.value)") $bodytoShip | Add-Member -NotePropertyName $_.Key -NotePropertyValue $_.Value } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress - $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/users' -tenantid $UserObj.tenantID -type POST -body $BodyToship -verbose - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantID) -message "Created user $($UserObj.displayname) with id $($GraphRequest.id) " -Sev 'Info' + Write-Host "Shipping: $bodyToShip" + $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/users' -tenantId $UserObj.tenantFilter -type POST -body $BodyToship -verbose + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantFilter) -message "Created user $($UserObj.displayname) with id $($GraphRequest.id) " -Sev 'Info' try { $PasswordLink = New-PwPushLink -Payload $password @@ -60,7 +62,7 @@ function New-CIPPUser { Password = $password } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantID) -message "Failed to create user. Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantFilter) -message "Failed to create user. Error:$($_.Exception.Message)" -Sev 'Error' $results = @{ Results = ("Failed to create user. $($_.Exception.Message)" ) } throw "Failed to create user $($_.Exception.Message)" } From 89bdc791ac5d8bd13d1a447d8901e2e26b057c20 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 14 Nov 2024 18:16:20 +0100 Subject: [PATCH 053/290] improved add user edit user --- .../Administration/Users/Invoke-AddUser.ps1 | 2 +- .../Administration/Users/Invoke-ListUsers.ps1 | 13 ++++++------- Modules/CIPPCore/Public/New-CIPPUserTask.ps1 | 8 +++++--- Modules/CIPPCore/Public/New-CippUser.ps1 | 7 ++++--- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 index 427fd00befbe..0d4f7f24a488 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddUser.ps1 @@ -17,7 +17,7 @@ Function Invoke-AddUser { if ($UserObj.Scheduled.Enabled) { $TaskBody = [pscustomobject]@{ - TenantFilter = $UserObj.tenantID + TenantFilter = $UserObj.tenantfilter Name = "New user creation: $($UserObj.mailNickname)@$($UserObj.PrimDomain.value)" Command = @{ value = 'New-CIPPUserTask' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 index ef2870bc0649..7c1cdb8dbe97 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 @@ -12,7 +12,6 @@ Function Invoke-ListUsers { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $selectlist = 'id', 'accountEnabled', 'displayName', 'userPrincipalName', 'username', 'userType', 'createdDateTime', 'companyName', 'country', 'department', 'businessPhones', 'city', 'faxNumber', 'givenName', 'isResourceAccount', 'jobTitle', 'mobilePhone', 'officeLocation', 'postalCode', 'preferredDataLocation', 'preferredLanguage', 'mail', 'mailNickname', 'proxyAddresses', 'Aliases', 'otherMails', 'showInAddressList', 'state', 'streetAddress', 'surname', 'usageLocation', 'LicJoined', 'assignedLicenses', 'onPremisesSyncEnabled', 'OnPremisesImmutableId', 'onPremisesDistinguishedName', 'onPremisesLastSyncDateTime', 'primDomain', 'Tenant', 'CippStatus' # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' $ConvertTable = Import-Csv ConversionTable.csv | Sort-Object -Property 'guid' -Unique @@ -22,13 +21,13 @@ Function Invoke-ListUsers { $userid = $Request.Query.UserID $GraphRequest = if ($TenantFilter -ne 'AllTenants') { - New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($userid)?`$top=999&`$select=$($selectlist -join ',')&`$filter=$GraphFilter&`$count=true" -tenantid $TenantFilter -ComplexFilter | Select-Object $selectlist | ForEach-Object { - $_.onPremisesSyncEnabled = [bool]($_.onPremisesSyncEnabled) - $_.UserName = $_.userPrincipalName -split '@' | Select-Object -First 1 - $_.Aliases = $_.Proxyaddresses -join ', ' + New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($userid)?`$top=999&`$filter=$GraphFilter&`$count=true" -tenantid $TenantFilter -ComplexFilter | ForEach-Object { + $_ | Add-Member -MemberType NoteProperty -Name 'onPremisesSyncEnabled' -Value ([bool]($_.onPremisesSyncEnabled)) -Force + $_ | Add-Member -MemberType NoteProperty -Name 'UserName' -Value ($_.userPrincipalName -split '@' | Select-Object -First 1) -Force + $_ | Add-Member -MemberType NoteProperty -Name 'Aliases' -Value ($_.ProxyAddresses -join ', ') -Force $SkuID = $_.AssignedLicenses.skuid - $_.LicJoined = ($ConvertTable | Where-Object { $_.guid -in $skuid }).'Product_Display_Name' -join ', ' - $_.primDomain = ($_.userPrincipalName -split '@' | Select-Object -Last 1) + $_ | Add-Member -MemberType NoteProperty -Name 'LicJoined' -Value (($ConvertTable | Where-Object { $_.guid -in $skuid }).'Product_Display_Name' -join ', ') -Force + $_ | Add-Member -MemberType NoteProperty -Name 'primDomain' -Value ($_.userPrincipalName -split '@' | Select-Object -Last 1) -Force $_ } } else { diff --git a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 index 46a994804d15..2f017a40c3d8 100644 --- a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 @@ -3,7 +3,8 @@ function New-CIPPUserTask { param ( $userobj, $APIName = 'New User Task', - $ExecutingUser + $ExecutingUser, + $TenantFilter ) $Results = [System.Collections.Generic.List[string]]::new() @@ -36,8 +37,9 @@ function New-CIPPUserTask { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Failed to create the Aliases. Error:$($_.Exception.Message)" -Sev 'Error' $body = $results.add("Failed to create the Aliases: $($_.Exception.Message)") } - if ($userobj.CopyFrom -ne '') { - $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $userObj.CopyFrom -UserID $CreationResults.Username -TenantFilter $UserObj.tenantFilter + if ($userobj.copyFrom.value) { + Write-Host "Copying from $($userObj.copyFrom.value)" + $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $userObj.copyFrom.value -UserID $CreationResults.Username -TenantFilter $UserObj.tenantFilter $CopyFrom.Success | ForEach-Object { $results.Add($_) } $CopyFrom.Error | ForEach-Object { $results.Add($_) } } diff --git a/Modules/CIPPCore/Public/New-CippUser.ps1 b/Modules/CIPPCore/Public/New-CippUser.ps1 index 6a892a07df68..eb2632bf4363 100644 --- a/Modules/CIPPCore/Public/New-CippUser.ps1 +++ b/Modules/CIPPCore/Public/New-CippUser.ps1 @@ -9,6 +9,7 @@ function New-CIPPUser { ) try { + $userobj = $userobj | ConvertTo-Json -Depth 10 | ConvertFrom-Json -Depth 10 Write-Host $UserObj.PrimDomain.value $Aliases = ($UserObj.AddedAliases) -split '\s' $password = if ($UserObj.password) { $UserObj.password } else { New-passwordString } @@ -16,10 +17,10 @@ function New-CIPPUser { Write-Host "Creating user $UserprincipalName" Write-Host "tenant filter is $($UserObj.tenantFilter)" $BodyToship = [pscustomobject] @{ - 'givenName' = $UserObj.FirstName - 'surname' = $UserObj.LastName + 'givenName' = $UserObj.givenname + 'surname' = $UserObj.surname 'accountEnabled' = $true - 'displayName' = $UserObj.DisplayName + 'displayName' = $UserObj.displayName 'department' = $UserObj.Department 'mailNickname' = $UserObj.Username ? $userobj.username :$userobj.mailNickname 'userPrincipalName' = $UserprincipalName From 722e50e3df4f825572fa7dcdd6e0beb96cf22ebf Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 14 Nov 2024 19:34:48 +0100 Subject: [PATCH 054/290] license management improvements --- .../Administration/Users/Invoke-EditUser.ps1 | 112 +++++++++--------- Modules/CIPPCore/Public/New-CIPPUserTask.ps1 | 2 +- .../CIPPCore/Public/Set-CIPPUserLicense.ps1 | 43 ++++--- 3 files changed, 87 insertions(+), 70 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 index 39e018d223df..174d111d8000 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 @@ -14,7 +14,7 @@ Function Invoke-EditUser { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $UserObj = $Request.body - if ($UserObj.UserID -eq '') { + if ($UserObj.id -eq '') { $body = @{'Results' = @('Failed to edit user. No user ID provided') } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::BadRequest @@ -23,7 +23,7 @@ Function Invoke-EditUser { return } $Results = [System.Collections.Generic.List[string]]::new() - $licenses = ($UserObj | Select-Object 'License_*').psobject.properties.value + $licenses = ($UserObj.licenses).value $Aliases = if ($UserObj.AddedAliases) { ($UserObj.AddedAliases) -split '\s' } $AddToGroups = $Request.body.AddToGroups $RemoveFromGroups = $Request.body.RemoveFromGroups @@ -33,25 +33,25 @@ Function Invoke-EditUser { #Edit the user try { Write-Host "$([boolean]$UserObj.mustchangepass)" - $Email = "$($UserObj.Username)@$($UserObj.Domain)" - $UserprincipalName = "$($UserObj.Username)@$($UserObj.Domain)" + $UserprincipalName = "$($UserObj.Username ? $userobj.username :$userobj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain)" $BodyToship = [pscustomobject] @{ - 'givenName' = $UserObj.firstName - 'surname' = $UserObj.LastName + 'givenName' = $UserObj.givenname + 'surname' = $UserObj.surname + 'accountEnabled' = $true + 'displayName' = $UserObj.displayName + 'department' = $UserObj.Department + 'mailNickname' = $UserObj.Username ? $userobj.username :$userobj.mailNickname + 'userPrincipalName' = $UserprincipalName + 'usageLocation' = $UserObj.usageLocation.value ? $UserObj.usageLocation.value : $UserObj.usageLocation 'city' = $UserObj.City 'country' = $UserObj.Country - 'department' = $UserObj.Department - 'displayName' = $UserObj.DisplayName - 'postalCode' = $UserObj.PostalCode - 'companyName' = $UserObj.CompanyName - 'jobTitle' = $UserObj.JobTitle - 'userPrincipalName' = $Email - 'usageLocation' = $UserObj.usagelocation + 'jobtitle' = $UserObj.Jobtitle 'mobilePhone' = $UserObj.MobilePhone 'streetAddress' = $UserObj.streetAddress - 'businessPhones' = @($UserObj.BusinessPhone) + 'postalCode' = $UserObj.PostalCode + 'companyName' = $UserObj.CompanyName 'passwordProfile' = @{ - 'forceChangePasswordNextSignIn' = [boolean]$UserObj.mustchangepass + 'forceChangePasswordNextSignIn' = [bool]$UserObj.MustChangePass } } | ForEach-Object { $NonEmptyProperties = $_.psobject.Properties | Select-Object -ExpandProperty Name @@ -66,17 +66,17 @@ Function Invoke-EditUser { } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)" -tenantid $UserObj.tenantID -type PATCH -body $BodyToship -verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type PATCH -body $BodyToship -verbose $results.add( 'Success. The user has been edited.' ) - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "Edited user $($UserObj.DisplayName) with id $($UserObj.UserID)" -Sev 'Info' + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Edited user $($UserObj.DisplayName) with id $($UserObj.id)" -Sev 'Info' if ($UserObj.password) { $passwordProfile = [pscustomobject]@{'passwordProfile' = @{ 'password' = $UserObj.password; 'forceChangePasswordNextSignIn' = [boolean]$UserObj.mustchangepass } } | ConvertTo-Json - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)" -tenantid $UserObj.tenantID -type PATCH -body $PasswordProfile -verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type PATCH -body $PasswordProfile -verbose $results.add("Success. The password has been set to $($UserObj.password)") - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "Reset $($UserObj.DisplayName)'s Password" -Sev 'Info' + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Reset $($UserObj.DisplayName)'s Password" -Sev 'Info' } } catch { - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "User edit API failed. $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "User edit API failed. $($_.Exception.Message)" -Sev 'Error' $results.add( "Failed to edit user. $($_.Exception.Message)") } @@ -84,24 +84,28 @@ Function Invoke-EditUser { #Reassign the licenses try { - if ($licenses -or $UserObj.RemoveAllLicenses) { - $licenses = (($UserObj | Select-Object 'License_*').psobject.properties | Where-Object { $_.value -EQ $true }).name -replace 'License_', '' - $CurrentLicenses = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)" -tenantid $UserObj.tenantID - $RemovalList = ($CurrentLicenses.assignedLicenses | Where-Object -Property skuid -NotIn $licenses).skuid - $LicensesToRemove = if ($RemovalList) { ConvertTo-Json @( $RemovalList ) } else { '[]' } - - $liclist = foreach ($license in $Licenses) { '{"disabledPlans": [],"skuId": "' + $license + '" },' } - $LicenseBody = '{"addLicenses": [' + $LicList + '], "removeLicenses": ' + $LicensesToRemove + '}' - if ($UserObj.RemoveAllLicenses) { $LicenseBody = '{"addLicenses": [], "removeLicenses": ' + $LicensesToRemove + '}' } - Write-Host $LicenseBody - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)/assignlicense" -tenantid $UserObj.tenantID -type POST -body $LicenseBody -verbose + if ($licenses -or $UserObj.removeLicenses) { + $CurrentLicenses = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter + #if the list of skuIds in $CurrentLicenses.assignedLicenses is EXACTLY the same as $licenses, we don't need to do anything, but the order in both can be different. + if (($CurrentLicenses.assignedLicenses.skuId -join ',') -eq ($licenses -join ',') -and $UserObj.removeLicenses -eq $false) { + Write-Host "$($CurrentLicenses.assignedLicenses.skuId -join ',') $(($licenses -join ','))" + $results.add( 'Success. User license is already correct.' ) + } else { + if ($UserObj.removeLicenses) { + $licResults = Set-CIPPUserLicense -userid $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId + $results.add($licResults) + } else { + #Remove all objects from $CurrentLicenses.assignedLicenses.skuId that are in $licenses + $RemoveLicenses = $CurrentLicenses.assignedLicenses.skuId | Where-Object { $_ -notin $licenses } + $licResults = Set-CIPPUserLicense -userid $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses + $results.add($licResults) + } - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "Changed user $($UserObj.DisplayName) license. Sent info: $licensebody" -Sev 'Info' - $results.add( 'Success. User license has been edited.' ) + } } } catch { - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "License assign API failed. $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "License assign API failed. $($_.Exception.Message)" -Sev 'Error' $results.add( "We've failed to assign the license. $($_.Exception.Message)") } @@ -110,20 +114,20 @@ Function Invoke-EditUser { if ($Aliases) { Write-Host ($Aliases | ConvertTo-Json) foreach ($Alias in $Aliases) { - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)" -tenantid $UserObj.tenantID -type 'patch' -body "{`"mail`": `"$Alias`"}" -verbose + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type 'patch' -body "{`"mail`": `"$Alias`"}" -verbose } - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)" -tenantid $UserObj.tenantID -type 'patch' -body "{`"mail`": `"$UserprincipalName`"}" -verbose - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "Added Aliases to $($UserObj.DisplayName)" -Sev 'Info' + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type 'patch' -body "{`"mail`": `"$UserprincipalName`"}" -verbose + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Added Aliases to $($UserObj.DisplayName)" -Sev 'Info' $results.add( 'Success. added aliases to user.') } } catch { - Write-LogMessage -API $APINAME -tenant ($UserObj.tenantID) -user $request.headers.'x-ms-client-principal' -message "Alias API failed. $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Alias API failed. $($_.Exception.Message)" -Sev 'Error' $results.add( "Successfully edited user. The password is $password. We've failed to create the Aliases: $($_.Exception.Message)") } - if ($Request.body.CopyFrom -ne '') { - $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $Request.body.CopyFrom -UserID $UserprincipalName -TenantFilter $UserObj.tenantID + if ($Request.body.CopyFrom.value) { + $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $Request.body.CopyFrom.value -UserID $UserprincipalName -TenantFilter $userObj.tenantFilter $results.AddRange($CopyFrom) } @@ -140,34 +144,34 @@ Function Invoke-EditUser { if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { Write-Host 'Adding to group via Add-DistributionGroupMember ' - $Params = @{ Identity = $GroupID; Member = $UserObj.UserID; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $UserObj.tenantID -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + $Params = @{ Identity = $GroupID; Member = $UserObj.id; BypassSecurityGroupManagerCheck = $true } + New-ExoRequest -tenantid $userObj.tenantFilter -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { Write-Host 'Adding to group via Graph' $UserBody = [PSCustomObject]@{ - '@odata.id' = "https://graph.microsoft.com/beta/directoryObjects/$($UserObj.UserID)" + '@odata.id' = "https://graph.microsoft.com/beta/directoryObjects/$($UserObj.id)" } $UserBodyJSON = ConvertTo-Json -Compress -Depth 10 -InputObject $UserBody - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/`$ref" -tenantid $UserObj.tenantID -type POST -body $UserBodyJSON -Verbose + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/`$ref" -tenantid $userObj.tenantFilter -type POST -body $UserBodyJSON -Verbose } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $UserObj.tenantID -message "Added $($UserObj.DisplayName) to $GroupName group" -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Added $($UserObj.DisplayName) to $GroupName group" -Sev 'Info' $null = $results.add("Success. $($UserObj.DisplayName) has been added to $GroupName") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $UserObj.tenantID -message "Failed to add member $($UserObj.DisplayName) to $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Failed to add member $($UserObj.DisplayName) to $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' $null = $results.add("Failed to add member $($UserObj.DisplayName) to $GroupName : $($_.Exception.Message)") } } } - if ($Request.body.setManager) { + if ($Request.body.setManager.value) { $ManagerBody = [PSCustomObject]@{'@odata.id' = "https://graph.microsoft.com/beta/users/$($Request.body.setManager.value)" } $ManagerBodyJSON = ConvertTo-Json -Compress -Depth 10 -InputObject $ManagerBody - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.UserID)/manager/`$ref" -tenantid $UserObj.tenantID -type PUT -body $ManagerBodyJSON -Verbose - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $UserObj.tenantID -message "Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)" -Sev 'Info' + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)/manager/`$ref" -tenantid $userObj.tenantFilter -type PUT -body $ManagerBodyJSON -Verbose + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)" -Sev 'Info' $results.add("Success. Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)") } @@ -184,20 +188,20 @@ Function Invoke-EditUser { if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { Write-Host 'Removing From group via Remove-DistributionGroupMember ' - $Params = @{ Identity = $GroupID; Member = $UserObj.UserID; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $UserObj.tenantID -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + $Params = @{ Identity = $GroupID; Member = $UserObj.id; BypassSecurityGroupManagerCheck = $true } + New-ExoRequest -tenantid $userObj.tenantFilter -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { Write-Host 'Removing From group via Graph' - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.UserID)/`$ref" -tenantid $UserObj.tenantID -type DELETE + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.id)/`$ref" -tenantid $userObj.tenantFilter -type DELETE } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $UserObj.tenantID -message "Removed $($UserObj.DisplayName) from $GroupName group" -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Removed $($UserObj.DisplayName) from $GroupName group" -Sev 'Info' $null = $results.add("Success. $($UserObj.DisplayName) has been removed from $GroupName") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $UserObj.tenantID -message "Failed to remove member $($UserObj.DisplayName) from $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Failed to remove member $($UserObj.DisplayName) from $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' $null = $results.add("Failed to remove member $($UserObj.DisplayName) from $GroupName : $($_.Exception.Message)") } diff --git a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 index 2f017a40c3d8..f5db22fce712 100644 --- a/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPUserTask.ps1 @@ -20,7 +20,7 @@ function New-CIPPUserTask { try { if ($userobj.licenses.value) { - $LicenseResults = Set-CIPPUserLicense -userid $CreationResults.username -TenantFilter $UserObj.tenantFilter -Licenses $userobj.licenses.value + $LicenseResults = Set-CIPPUserLicense -UserId $CreationResults.username -TenantFilter $UserObj.tenantFilter -AddLicenses $UserObj.licenses.value $Results.Add($LicenseResults) } } catch { diff --git a/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 b/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 index 142eed413627..9ba2a77b3731 100644 --- a/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 @@ -1,25 +1,38 @@ function Set-CIPPUserLicense { [CmdletBinding()] param ( - $userid, - $TenantFilter, - $Licenses + [Parameter(Mandatory)][string]$UserId, + [Parameter(Mandatory)][string]$TenantFilter, + [Parameter()][array]$AddLicenses = @(), + [Parameter()][array]$RemoveLicenses = @() ) - Write-Host "Lics are: $licences" - $LicenseBody = if ($licenses.count -ge 2) { - $liclist = foreach ($license in $Licenses) { '{"disabledPlans": [],"skuId": "' + $license + '" },' } - '{"addLicenses": [' + $LicList + '], "removeLicenses": [ ] }' - } else { - '{"addLicenses": [ {"disabledPlans": [],"skuId": "' + $licenses + '" }],"removeLicenses": [ ]}' + # Build the addLicenses array + $AddLicensesArray = foreach ($license in $AddLicenses) { + @{ + 'disabledPlans' = @() + 'skuId' = $license + } } - Write-Host $LicenseBody + + # Build the LicenseBody hashtable + $LicenseBody = @{ + 'addLicenses' = @($AddLicensesArray) + 'removeLicenses' = @($RemoveLicenses) ? @($RemoveLicenses) : @() + } + + # Convert the LicenseBody to JSON + $LicenseBodyJson = ConvertTo-Json -InputObject $LicenseBody -Depth 10 -Compress + + Write-Host "License body JSON: $LicenseBodyJson" + try { - $LicRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserId)/assignlicense" -tenantid $TenantFilter -type POST -body $LicenseBody -verbose + $LicRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$UserId/assignLicense" -tenantid $TenantFilter -type POST -body $LicenseBodyJson -Verbose } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantid) -message "Failed to assign the license. Error:$($_.Exception.Message)" -Sev 'Error' - throw "Failed to assign the license. $($_.Exception.Message)" + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $TenantFilter -message "Failed to assign the license. Error: $_" -Sev 'Error' + throw "Failed to assign the license. $_" } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($UserObj.tenantid) -message "Assigned user $($UserObj.DisplayName) license $($licences)" -Sev 'Info' - return 'Assigned licenses.' + + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $TenantFilter -message "Assigned licenses to user $UserId. Added: $AddLicenses; Removed: $RemoveLicenses" -Sev 'Info' + return 'Set licenses successfully' } From e874ab1978d5f8c463c64cdbdcb2be2a2bfdbda8 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 12 Nov 2024 17:29:48 -0500 Subject: [PATCH 055/290] Durable cleanup tweak Audit log tweak --- .../Public/AuditLogs/Get-CippAuditLogSearches.ps1 | 3 ++- .../Timer Functions/Start-DurableCleanup.ps1 | 10 +++++----- Modules/CippEntrypoints/CippEntrypoints.psm1 | 11 +++++++++++ 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearches.ps1 b/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearches.ps1 index ba21f2dedcb2..1aac0b36eeab 100644 --- a/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearches.ps1 +++ b/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearches.ps1 @@ -17,7 +17,8 @@ function Get-CippAuditLogSearches { if ($ReadyToProcess.IsPresent) { $AuditLogSearchesTable = Get-CippTable -TableName 'AuditLogSearches' $15MinutesAgo = (Get-Date).AddMinutes(-15).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') - $PendingQueries = Get-CIPPAzDataTableEntity @AuditLogSearchesTable -Filter "Tenant eq '$TenantFilter' and (CippStatus eq 'Pending' or (CippStatus eq 'Processing' and Timestamp le datetime'$15MinutesAgo'))" | Sort-Object Timestamp + $1DayAgo = (Get-Date).AddDays(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $PendingQueries = Get-CIPPAzDataTableEntity @AuditLogSearchesTable -Filter "Tenant eq '$TenantFilter' and (CippStatus eq 'Pending' or (CippStatus eq 'Processing' and Timestamp le datetime'$15MinutesAgo')) and Timestamp ge datetime'$1DayAgo'" | Sort-Object Timestamp $BulkRequests = foreach ($PendingQuery in $PendingQueries) { @{ diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 index 41b1d55c2081..af01cdd07100 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 @@ -17,6 +17,7 @@ function Start-DurableCleanup { param( [int]$MaxDuration = 3600 ) + $WarningPreference = 'SilentlyContinue' $StorageContext = New-AzStorageContext -ConnectionString $env:AzureWebJobsStorage $TargetTime = (Get-Date).ToUniversalTime().AddSeconds(-$MaxDuration) @@ -30,15 +31,14 @@ function Start-DurableCleanup { $ClearQueues = $false $FunctionName = $Table.TableName -replace 'Instances', '' $Orchestrators = Get-CIPPAzDataTableEntity @Table -Filter "RuntimeStatus eq 'Running'" | Select-Object * -ExcludeProperty Input - $Orchestrators | Where-Object { $_.CreatedTime.DateTime -lt $TargetTime } | ForEach-Object { - $CreatedTime = [DateTime]::SpecifyKind($_.CreatedTime.DateTime, [DateTimeKind]::Utc) + $LongRunningOrchestrators = $Orchestrators | Where-Object { $_.CreatedTime.DateTime -lt $TargetTime } + foreach ($Orchestrator in $LongRunningOrchestrators) { + $CreatedTime = [DateTime]::SpecifyKind($Orchestrator.CreatedTime.DateTime, [DateTimeKind]::Utc) $TimeSpan = New-TimeSpan -Start $CreatedTime -End (Get-Date).ToUniversalTime() $RunningDuration = [math]::Round($TimeSpan.TotalMinutes, 2) - Write-Information "Orchestrator: $($_.PartitionKey), created: $CreatedTime, running for: $RunningDuration minutes" + Write-Information "Orchestrator: $($Orchestrator.PartitionKey), created: $CreatedTime, running for: $RunningDuration minutes" $ClearQueues = $true - $_.RuntimeStatus = 'Failed' if ($PSCmdlet.ShouldProcess($_.PartitionKey, 'Terminate Orchestrator')) { - $Orchestrator = Get-CIPPAzDataTableEntity @Table -PartitionKey $_.PartitionKey -RowKey $_.RowKey $Orchestrator.RuntimeStatus = 'Failed' Update-AzDataTableEntity @Table -Entity $Orchestrator $CleanupCount++ diff --git a/Modules/CippEntrypoints/CippEntrypoints.psm1 b/Modules/CippEntrypoints/CippEntrypoints.psm1 index 34859bbae563..ae942d328329 100644 --- a/Modules/CippEntrypoints/CippEntrypoints.psm1 +++ b/Modules/CippEntrypoints/CippEntrypoints.psm1 @@ -220,6 +220,9 @@ function Receive-CIPPTimerTrigger { } } try { + if ($FunctionStatus.PSObject.Properties.Name -contains 'ErrorMsg') { + $FunctionStatus.ErrorMsg = '' + } $Results = Invoke-Command -ScriptBlock { & $Function.Command } if ($Results -match '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$') { $FunctionStatus.OrchestratorId = $Results @@ -229,9 +232,17 @@ function Receive-CIPPTimerTrigger { } } catch { $Status = 'Failed' + $ErrorMsg = $_.Exception.Message + if ($FunctionStatus.PSObject.Properties.Name -contains 'ErrorMsg') { + $FunctionStatus.ErrorMsg = $ErrorMsg + } else { + $FunctionStatus | Add-Member -MemberType NoteProperty -Name ErrorMsg -Value $ErrorMsg + } + Write-Information "Error in CIPPTimer for $($Function.Command): $($_.Exception.Message)" } $FunctionStatus.LastOccurrence = $UtcNow $FunctionStatus.Status = $Status + Add-CIPPAzDataTableEntity @Table -Entity $FunctionStatus -Force } } From 63ad821b395814db67c30624a0f7dcc28ccd2158 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 12 Nov 2024 19:16:25 -0500 Subject: [PATCH 056/290] more timer tweaks --- .../Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 | 1 + Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 | 1 + 2 files changed, 2 insertions(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 index af01cdd07100..e0a17d97311b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-DurableCleanup.ps1 @@ -39,6 +39,7 @@ function Start-DurableCleanup { Write-Information "Orchestrator: $($Orchestrator.PartitionKey), created: $CreatedTime, running for: $RunningDuration minutes" $ClearQueues = $true if ($PSCmdlet.ShouldProcess($_.PartitionKey, 'Terminate Orchestrator')) { + $Orchestrator = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq '$($Orchestrator.PartitionKey)'" $Orchestrator.RuntimeStatus = 'Failed' Update-AzDataTableEntity @Table -Entity $Orchestrator $CleanupCount++ diff --git a/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 b/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 index 412741e5dda1..fe0f4465f179 100644 --- a/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPGDAPInviteGroups.ps1 @@ -60,6 +60,7 @@ function Set-CIPPGDAPInviteGroups { #Write-Information ($InputObject | ConvertTo-Json) $InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject (ConvertTo-Json -InputObject $InputObject -Depth 5 -Compress) Write-Information "Started GDAP Invite orchestration with ID = '$InstanceId'" + return $InstanceId } } } From cc8168ac091c143e0b8a1ef8b043c326c5851e8e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 12 Nov 2024 19:33:29 -0500 Subject: [PATCH 057/290] Update version_latest.txt --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index fa09f584d78e..db0785f27378 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -6.5.2 \ No newline at end of file +6.5.3 From 033ee16e0d7a024db7411104886c1751654fc640 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 13 Nov 2024 17:27:37 -0500 Subject: [PATCH 058/290] Update Invoke-PublicWebhooks.ps1 --- .../Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1 index 3a4e60373847..648a32e76c1c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1 @@ -65,7 +65,8 @@ function Invoke-PublicWebhooks { } Add-CIPPAzDataTableEntity @WebhookIncoming -Entity $Entity } else { - return 'Not replying to this webhook or processing it' + $Body = 'This webhook is not authorized.' + $StatusCode = [HttpStatusCode]::Forbidden } $Body = 'Webhook Recieved' $StatusCode = [HttpStatusCode]::OK @@ -80,4 +81,4 @@ function Invoke-PublicWebhooks { StatusCode = $StatusCode Body = $Body }) -} \ No newline at end of file +} From 1bb48dcb8d97b2f6c3ec4af70dcfa54b37589eec Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 14 Nov 2024 13:48:46 -0500 Subject: [PATCH 059/290] Table cleanup --- CIPPTimers.json | 8 ++ .../Timer Functions/Start-TableCleanup.ps1 | 82 +++++++++++++++++++ 2 files changed, 90 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-TableCleanup.ps1 diff --git a/CIPPTimers.json b/CIPPTimers.json index c38acd967d56..0d1d6dca1038 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -142,5 +142,13 @@ "Priority": 15, "RunOnProcessor": true, "IsSystem": true + }, + { + "Command": "Start-TableCleanup", + "Description": "Timer to cleanup tables", + "Cron": "0 0 23 * * *", + "Priority": 20, + "RunOnProcessor": true, + "IsSystem": true } ] diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-TableCleanup.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-TableCleanup.ps1 new file mode 100644 index 000000000000..ff635480a672 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-TableCleanup.ps1 @@ -0,0 +1,82 @@ +function Start-TableCleanup { + <# + .SYNOPSIS + Start the Table Cleanup Timer + #> + [CmdletBinding(SupportsShouldProcess = $true)] + param() + + $CleanupRules = @( + @{ + DataTableProps = @{ + Context = (Get-CIPPTable -tablename 'webhookTable').Context + Property = @('PartitionKey', 'RowKey', 'ETag', 'Resource') + } + Where = "`$_.Resource -match '^Audit'" + } + @{ + DataTableProps = @{ + Context = (Get-CIPPTable -tablename 'AuditLogSearches').Context + Filter = "Timestamp lt datetime'$((Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ'))'" + First = 10000 + Property = @('PartitionKey', 'RowKey', 'ETag') + } + } + @{ + DataTableProps = @{ + Context = (Get-CIPPTable -tablename 'CippFunctionStats').Context + Filter = "Timestamp lt datetime'$((Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ'))'" + First = 10000 + Property = @('PartitionKey', 'RowKey', 'ETag') + } + } + @{ + DataTableProps = @{ + Context = (Get-CIPPTable -tablename 'CippQueue').Context + Filter = "Timestamp lt datetime'$((Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ'))'" + First = 10000 + Property = @('PartitionKey', 'RowKey', 'ETag') + } + } + @{ + DataTableProps = @{ + Context = (Get-CIPPTable -tablename 'CippQueueTasks').Context + Filter = "Timestamp lt datetime'$((Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ'))'" + First = 10000 + Property = @('PartitionKey', 'RowKey', 'ETag') + } + } + ) + + if ($PSCmdlet.ShouldProcess('Start-TableCleanup', 'Starting Table Cleanup')) { + Write-Information 'Starting table cleanup' + foreach ($Rule in $CleanupRules) { + if ($Rule.Where) { + $Where = [scriptblock]::Create($Rule.Where) + } else { + $Where = { $true } + } + $DataTableProps = $Rule.DataTableProps + + $CleanupCompleted = $false + do { + $Entities = Get-AzDataTableEntity @DataTableProps | Where-Object $Where + if ($Entities) { + Write-Information "Removing $($Entities.Count) entities from $($Rule.DataTableProps.Context.TableName)" + try { + Remove-AzDataTableEntity -Context $DataTableProps.Context -Entity $Entities -Force + if ($DataTableProps.First -and $Entities.Count -lt $DataTableProps.First) { + $CleanupCompleted = $true + } + } catch { + Write-LogMessage -API 'TableCleanup' -message "Failed to remove entities from $($DataTableProps.Context.TableName)" -sev Error -LogData (Get-CippException -Exception $_) + $CleanupCompleted = $true + } + } else { + $CleanupCompleted = $true + } + } while (!$CleanupCompleted) + } + Write-Information 'Table cleanup complete' + } +} From 02e8f944dec15317503498ab130f0cd95b5b6ece Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 14:46:45 -0500 Subject: [PATCH 060/290] CPV refresh function --- .../CIPP/Core/Invoke-ExecCPVRefresh.ps1 | 27 +++++++++++++++++++ .../Public/Test-CIPPAccessPermissions.ps1 | 4 +-- 2 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCPVRefresh.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCPVRefresh.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCPVRefresh.ps1 new file mode 100644 index 000000000000..dbf1d9de62de --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCPVRefresh.ps1 @@ -0,0 +1,27 @@ +function Invoke-ExecCPVRefresh { + <# + .SYNOPSIS + This endpoint is used to trigger a refresh of CPV for all tenants + + .FUNCTIONALITY + Entrypoint + + .ROLE + CIPP.Core.ReadWrite + #> + [CmdletBinding()] + param( + $Request, + $TriggerMetadata + ) + + $InstanceId = Start-UpdatePermissionsOrchestrator + + Push-OutputBinding -Name Response -Value @{ + StatusCode = [System.Net.HttpStatusCode]::OK + Body = @{ + Results = 'CPV Refresh has been triggered' + InstanceId = $InstanceId + } + } +} diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 index 58f72d9e80c3..176167ea597f 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessPermissions.ps1 @@ -131,11 +131,11 @@ function Test-CIPPAccessPermissions { $LastUpdate = $GraphPermissions.Timestamp $CpvTable = Get-CippTable -tablename 'cpvtenants' $CpvRefresh = Get-CippAzDataTableEntity @CpvTable -Filter "PartitionKey eq 'Tenant'" - $TenantList = Get-Tenants -IncludeErrors + $TenantList = Get-Tenants -IncludeErrors | Where-Object { $_.customerId -ne $env:TenantID -and $_.Excluded -eq $false } $CPVRefreshList = [System.Collections.Generic.List[object]]::new() $CPVSuccess = $true foreach ($Tenant in $TenantList) { - $LastRefresh = ($CpvRefresh | Where-Object -Property RowKey -EQ $Tenant.customerId).Timestamp.DateTime + $LastRefresh = ($CpvRefresh | Where-Object { $_.RowKey -EQ $Tenant.customerId }).Timestamp.DateTime if ($LastRefresh -lt $LastUpdate) { $CPVSuccess = $false $CPVRefreshList.Add([PSCustomObject]@{ From d44ab8975a9aedd80bf6a961908d408679f398ce Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 16:27:52 -0500 Subject: [PATCH 061/290] switch to bulk request to get image data properly --- .../Users/Invoke-ListUserPhoto.ps1 | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 index 757784ad320d..18d63b6cbeb9 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 @@ -22,15 +22,28 @@ Function Invoke-ListUserPhoto { $userId = $Request.Query.UserID - $URI = "https://graph.microsoft.com/v1.0/users/$userId/photos/240x240/`$value" + $URI = "/users/$userId/photo/`$value" Write-Host $URI - $graphRequest = New-GraphGetRequest -uri $URI -tenantid $tenantFilter + #$ImageData = New-GraphGetRequest -uri $URI -tenantid $tenantFilter -noPagination $true + #Write-Host $ImageData + $Requests = @( + @{ + id = 'photo' + url = $URI + method = 'GET' + } + ) + + $ImageData = New-GraphBulkRequest -Requests $Requests -tenantid $tenantFilter + #convert body from base64 to byte array + $Body = [Convert]::FromBase64String($ImageData.body) # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = @($graphRequest) + StatusCode = [HttpStatusCode]::OK + ContentType = $ImageData.headers.'Content-Type' + Body = $Body }) } From 7cd7135cb966989c88f6d12044c7854953bf5929 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sat, 16 Nov 2024 00:53:47 +0100 Subject: [PATCH 062/290] update bulk request, update signinlogs, updates mailbox details --- .../Users/Invoke-ListUserMailboxDetails.ps1 | 216 +++++++++--------- .../Users/Invoke-ListUserSigninLogs.ps1 | 31 +-- .../Public/GraphHelper/New-ExoBulkRequest.ps1 | 139 +++++------ 3 files changed, 187 insertions(+), 199 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 index 152323e21b4e..53a08c5cc412 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 @@ -13,7 +13,6 @@ Function Invoke-ListUserMailboxDetails { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' @@ -21,152 +20,151 @@ Function Invoke-ListUserMailboxDetails { $TenantFilter = $Request.Query.TenantFilter $UserID = $Request.Query.UserID - - $TenantFilter = $Request.Query.TenantFilter try { - $Bytes = [System.Text.Encoding]::UTF8.GetBytes($Request.Query.UserID) - $base64IdentityParam = [Convert]::ToBase64String($Bytes) - $CASRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/CasMailbox('$UserID')" -Tenantid $tenantfilter -scope ExchangeOnline -noPagination $true - $MailRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Mailbox('$UserID')" -Tenantid $tenantfilter -scope ExchangeOnline -noPagination $true - $FetchParam = @{ - anr = $MailRequest.PrimarySmtpAddress - } - $MailboxDetailedRequest = New-ExoRequest -TenantID $TenantFilter -cmdlet 'Get-Mailbox' -cmdParams $FetchParam + $Requests = @( + @{ + CmdletInput = @{ + CmdletName = 'Get-Mailbox' + Parameters = @{ Identity = $UserID } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-MailboxPermission' + Parameters = @{ Identity = $UserID } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-CASMailbox' + Parameters = @{ Identity = $UserID } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-OrganizationConfig' + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-MailboxStatistics' + Parameters = @{ Identity = $UserID; Archive = $true } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-MailboxStatistics' + Parameters = @{ Identity = $UserID } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-BlockedSenderAddress' + Parameters = @{ Identity = $UserID } + } + }, + @{ + CmdletInput = @{ + CmdletName = 'Get-RecipientPermission' + Parameters = @{ Identity = $UserID } + } + } + ) + Write-Host $UserID + $username = (New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/users/$UserID").userPrincipalName + $Results = New-ExoBulkRequest -TenantId $TenantFilter -CmdletArray $Requests -returnWithCommand $true -Anchor $username + + # Assign variables from $Results + $MailboxDetailedRequest = $Results.'Get-Mailbox' + $PermsRequest = $Results.'Get-MailboxPermission' + $CASRequest = $Results.'Get-CASMailbox' + $OrgConfig = $Results.'Get-OrganizationConfig' + $ArchiveSizeRequest = $Results.'Get-MailboxStatistics' + $BlockedSender = $Results.'Get-BlockedSenderAddress' + $PermsRequest2 = $Results.'Get-RecipientPermission' + $StatsRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Mailbox('$($MailboxDetailedRequest.UserPrincipalName)')/Exchange.GetMailboxStatistics()" -Tenantid $tenantfilter -scope ExchangeOnline -noPagination $true + + + # Handle ArchiveEnabled and AutoExpandingArchiveEnabled try { if ($MailboxDetailedRequest.ArchiveStatus -eq 'Active') { $ArchiveEnabled = $True } else { $ArchiveEnabled = $False } - # Get organization config of auto expanding archive if it's disabled on user level - if (!$MailboxDetailedRequest.AutoExpandingArchiveEnabled -and $ArchiveEnabled) { - $OrgConfig = New-ExoRequest -TenantID $TenantFilter -cmdlet 'Get-OrganizationConfig' + + # Get organization config of auto-expanding archive if it's disabled on user level + if (-not $MailboxDetailedRequest.AutoExpandingArchiveEnabled -and $ArchiveEnabled) { $AutoExpandingArchiveEnabled = $OrgConfig.AutoExpandingArchiveEnabled } else { $AutoExpandingArchiveEnabled = $MailboxDetailedRequest.AutoExpandingArchiveEnabled } - - $FetchParam = @{ - Identity = $MailRequest.PrimarySmtpAddress - Archive = $true - } - - $ArchiveSize = New-ExoRequest -TenantID $TenantFilter -cmdlet 'Get-MailboxStatistics' -cmdParams $FetchParam } catch { $ArchiveEnabled = $False - $ArchiveSize = @{ + $ArchiveSizeRequest = @{ TotalItemSize = '0' ItemCount = '0' } } - $FetchParam = @{ - SenderAddress = $MailRequest.PrimarySmtpAddress - } - $BlockedSender = New-ExoRequest -TenantID $TenantFilter -cmdlet 'Get-BlockedSenderAddress' -cmdParams $FetchParam - if ($BlockedSender) { + + + # Determine if the user is blocked for spam + if ($BlockedSender -and $BlockedSender.Count -gt 0) { $BlockedForSpam = $True } else { $BlockedForSpam = $False } - $StatsRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Mailbox('$($MailRequest.PrimarySmtpAddress)')/Exchange.GetMailboxStatistics()" -Tenantid $tenantfilter -scope ExchangeOnline -noPagination $true - $PermsRequest = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Mailbox('$($MailRequest.PrimarySmtpAddress)')/MailboxPermission" -Tenantid $tenantfilter -scope ExchangeOnline -noPagination $true - $PermsRequest2 = New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($tenantfilter)/Recipient('$base64IdentityParam')?`$expand=RecipientPermission&isEncoded=true" -Tenantid $tenantfilter -scope ExchangeOnline - } catch { Write-Error "Failed Fetching Data $($_.Exception.message): $($_.InvocationInfo.ScriptLineNumber)" } - $ParsedPerms = foreach ($Perm in $PermsRequest, $PermsRequest2.RecipientPermission) { - - if ($perm.Trustee) { - $perm | Where-Object Trustee | ForEach-Object { [PSCustomObject]@{ - User = $_.Trustee - AccessRights = $_.accessRights -join ', ' - } - } - - } - if ($perm.PermissionList) { - $perm | Where-Object User | ForEach-Object { [PSCustomObject]@{ - User = $_.User - AccessRights = $_.PermissionList.accessRights -join ', ' - } + # Parse permissions + $ParsedPerms = foreach ($Perm in $PermsRequest, $PermsRequest2) { + $Perm | ForEach-Object { + [PSCustomObject]@{ + User = $_.Trustee ? $_.Trustee : $_.User + AccessRights = ($_.AccessRights) -join ', ' } } } - $forwardingaddress = if ($MailboxDetailedRequest.ForwardingAddress) { - (New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/users/$($MailboxDetailedRequest.ForwardingAddress)").UserPrincipalName + + # Get forwarding address + $ForwardingAddress = if ($MailboxDetailedRequest.ForwardingAddress) { + (New-GraphGetRequest -TenantId $TenantFilter -Uri "https://graph.microsoft.com/beta/users/$($MailboxDetailedRequest.ForwardingAddress)").UserPrincipalName } elseif ($MailboxDetailedRequest.ForwardingSmtpAddress -and $MailboxDetailedRequest.ForwardingAddress) { - $MailboxDetailedRequest.ForwardingAddress + ' ' + $MailboxDetailedRequest.ForwardingSmtpAddress + "$($MailboxDetailedRequest.ForwardingAddress) $($MailboxDetailedRequest.ForwardingSmtpAddress)" } else { $MailboxDetailedRequest.ForwardingSmtpAddress } - if ($ArchiveSize) { - $GraphRequest = [ordered]@{ - ForwardAndDeliver = $MailboxDetailedRequest.DeliverToMailboxAndForward - ForwardingAddress = $ForwardingAddress - LitiationHold = $MailboxDetailedRequest.LitigationHoldEnabled - HiddenFromAddressLists = $MailboxDetailedRequest.HiddenFromAddressListsEnabled - EWSEnabled = $CASRequest.EwsEnabled - MailboxMAPIEnabled = $CASRequest.MAPIEnabled - MailboxOWAEnabled = $CASRequest.OWAEnabled - MailboxImapEnabled = $CASRequest.ImapEnabled - MailboxPopEnabled = $CASRequest.PopEnabled - MailboxActiveSyncEnabled = $CASRequest.ActiveSyncEnabled - Permissions = $ParsedPerms - ProhibitSendQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendQuota -split ' GB')[0], 2) - ProhibitSendReceiveQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' GB')[0], 2) - ItemCount = [math]::Round($StatsRequest.ItemCount, 2) - TotalItemSize = [math]::Round($StatsRequest.TotalItemSize / 1Gb, 2) - TotalArchiveItemSize = $ArchiveSize.totalItemSize.split('(')[0] - TotalArchiveItemCount = [math]::Round($ArchiveSize.ItemCount, 2) - BlockedForSpam = $BlockedForSpam - ArchiveMailBox = $ArchiveEnabled - AutoExpandingArchive = $AutoExpandingArchiveEnabled - RecipientTypeDetails = $MailboxDetailedRequest.RecipientTypeDetails - } - } else { - $GraphRequest = [ordered]@{ - ForwardAndDeliver = $MailboxDetailedRequest.DeliverToMailboxAndForward - ForwardingAddress = $ForwardingAddress - LitiationHold = $MailboxDetailedRequest.LitigationHoldEnabled - HiddenFromAddressLists = $MailboxDetailedRequest.HiddenFromAddressListsEnabled - EWSEnabled = $CASRequest.EwsEnabled - MailboxMAPIEnabled = $CASRequest.MAPIEnabled - MailboxOWAEnabled = $CASRequest.OWAEnabled - MailboxImapEnabled = $CASRequest.ImapEnabled - MailboxPopEnabled = $CASRequest.PopEnabled - MailboxActiveSyncEnabled = $CASRequest.ActiveSyncEnabled - Permissions = $ParsedPerms - ProhibitSendQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendQuota -split ' GB')[0], 2) - ProhibitSendReceiveQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' GB')[0], 2) - ItemCount = [math]::Round($StatsRequest.ItemCount, 2) - TotalItemSize = [math]::Round($StatsRequest.TotalItemSize / 1Gb, 2) - TotalArchiveItemSize = 0 - TotalArchiveItemCount = 0 - BlockedForSpam = $BlockedForSpam - ArchiveMailBox = $ArchiveEnabled - AutoExpandingArchive = $AutoExpandingArchiveEnabled - RecipientTypeDetails = $MailboxDetailedRequest.RecipientTypeDetails - } + # Build the GraphRequest object + $GraphRequest = [ordered]@{ + ForwardAndDeliver = $MailboxDetailedRequest.DeliverToMailboxAndForward + ForwardingAddress = $ForwardingAddress + LitigationHold = $MailboxDetailedRequest.LitigationHoldEnabled + HiddenFromAddressLists = $MailboxDetailedRequest.HiddenFromAddressListsEnabled + EWSEnabled = $CASRequest.EwsEnabled + MailboxMAPIEnabled = $CASRequest.MAPIEnabled + MailboxOWAEnabled = $CASRequest.OWAEnabled + MailboxImapEnabled = $CASRequest.ImapEnabled + MailboxPopEnabled = $CASRequest.PopEnabled + MailboxActiveSyncEnabled = $CASRequest.ActiveSyncEnabled + Permissions = $ParsedPerms + ProhibitSendQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendQuota -split ' GB')[0], 2) + ProhibitSendReceiveQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' GB')[0], 2) + ItemCount = [math]::Round($StatsRequest.ItemCount, 2) + TotalItemSize = [math]::Round($StatsRequest.TotalItemSize / 1Gb, 2) + TotalArchiveItemSize = if ($ArchiveEnabled) { [math]::Round($ArchiveSizeRequest.TotalItemSize / 1Gb, 2) } else { '0' } + TotalArchiveItemCount = if ($ArchiveEnabled) { [math]::Round($ArchiveSizeRequest.ItemCount, 2) } else { 0 } + BlockedForSpam = $BlockedForSpam + ArchiveMailBox = $ArchiveEnabled + AutoExpandingArchive = $AutoExpandingArchiveEnabled + RecipientTypeDetails = $MailboxDetailedRequest.RecipientTypeDetails } - - #$GraphRequest = [ordered]@{ - # Connectivity = $CASRequest - # Mailbox = $MailRequest - # MailboxDetail = $MailboxDetailedRequest - # Stats = $StatsRequest - # Permissions = $ParsedPerms - # Result = $Result - #} - - # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = @($GraphRequest) }) - } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserSigninLogs.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserSigninLogs.ps1 index 32c2cc24f28a..d92d6e241df5 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserSigninLogs.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserSigninLogs.ps1 @@ -13,7 +13,7 @@ Function Invoke-ListUserSigninLogs { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - + $top = $Request.Query.top ? $Request.Query.top : 50 # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' @@ -21,35 +21,14 @@ Function Invoke-ListUserSigninLogs { $TenantFilter = $Request.Query.TenantFilter $UserID = $Request.Query.UserID try { - $URI = "https://graph.microsoft.com/beta/auditLogs/signIns?`$filter=(userId eq '$UserID')&`$top=50&`$orderby=createdDateTime desc" + $URI = "https://graph.microsoft.com/beta/auditLogs/signIns?`$filter=(userId eq '$UserID')&`$top=$top&`$orderby=createdDateTime desc" Write-Host $URI - $GraphRequest = New-GraphGetRequest -uri $URI -tenantid $TenantFilter -noPagination $true -verbose | Select-Object @{ Name = 'Date'; Expression = { $(($_.createdDateTime | Out-String) -replace '\r\n') } }, - id, - @{ Name = 'Application'; Expression = { $_.resourceDisplayName } }, - @{ Name = 'LoginStatus'; Expression = { $_.status.errorCode } }, - @{ Name = 'ConditionalAccessStatus'; Expression = { $_.conditionalAccessStatus } }, - @{ Name = 'OverallLoginStatus'; Expression = { if (($_.conditionalAccessStatus -eq 'Success' -or 'Not Applied') -and $_.status.errorCode -eq 0) { 'Success' } else { 'Failed' } } }, - @{ Name = 'IPAddress'; Expression = { $_.ipAddress } }, - @{ Name = 'Town'; Expression = { $_.location.city } }, - @{ Name = 'State'; Expression = { $_.location.state } }, - @{ Name = 'Country'; Expression = { $_.location.countryOrRegion } }, - @{ Name = 'Device'; Expression = { $_.deviceDetail.displayName } }, - @{ Name = 'DeviceCompliant'; Expression = { $_.deviceDetail.isCompliant } }, - @{ Name = 'OS'; Expression = { $_.deviceDetail.operatingSystem } }, - @{ Name = 'Browser'; Expression = { $_.deviceDetail.browser } }, - @{ Name = 'AppliedCAPs'; Expression = { ($_.appliedConditionalAccessPolicies | ForEach-Object { @{Result = $_.result; Name = $_.displayName } }) } }, - @{ Name = 'AdditionalDetails'; Expression = { $_.status.additionalDetails } }, - @{ Name = 'FailureReason'; Expression = { $_.status.failureReason } }, - @{ Name = 'FullDetails'; Expression = { $_ } } + $GraphRequest = New-GraphGetRequest -uri $URI -tenantid $TenantFilter -noPagination $true -verbose + Write-Host $GraphRequest # Associate values to output bindings by calling 'Push-OutputBinding'. - if ($GraphRequest.FullDetails -eq $null) { - $GraphRequest = $null - } else { - $GraphRequest = @($GraphRequest) - } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = $GraphRequest + Body = @($GraphRequest) }) } catch { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to retrieve Sign In report: $($_.Exception.message) " -Sev 'Error' -tenant $TenantFilter diff --git a/Modules/CIPPCore/Public/GraphHelper/New-ExoBulkRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-ExoBulkRequest.ps1 index 277802cd8e3e..20a976d1e023 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-ExoBulkRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-ExoBulkRequest.ps1 @@ -1,9 +1,7 @@ - - function New-ExoBulkRequest { <# .FUNCTIONALITY - Internal + Internal #> [CmdletBinding()] param( @@ -13,9 +11,11 @@ function New-ExoBulkRequest { $Anchor, $NoAuthCheck, $Select, + $ReturnWithCommand, [switch]$Compliance, [switch]$AsApp ) + if ((Get-AuthorisedRequest -TenantID $tenantid) -or $NoAuthCheck -eq $True) { if ($Compliance.IsPresent) { $Resource = 'https://ps.compliance.protection.outlook.com' @@ -33,52 +33,28 @@ function New-ExoBulkRequest { } if ($Compliance.IsPresent) { - if (!$Anchor) { - if (!$Tenant.initialDomainName -or $Tenant.initialDomainName -notlike '*onmicrosoft.com*') { - $OnMicrosoft = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains?$top=999' -tenantid $tenantid -NoAuthCheck $NoAuthCheck | Where-Object -Property isInitial -EQ $true).id - } else { - $OnMicrosoft = $Tenant.initialDomainName - } - $Headers.Anchor = "UPN:SystemMailbox{bb558c35-97f1-4cb9-8ff7-d53741dc928c}@$($OnMicrosoft)" - } - if (!$Tenant.ComplianceUrl) { - Write-Verbose "Getting Compliance URL for $($tenant.defaultDomainName)" - $URL = "$Resource/adminapi/$ApiVersion/$($tenant.customerId)/EXOBanner('AutogenSession')?Version=$ModuleVersion" - Invoke-RestMethod -ResponseHeadersVariable ComplianceHeaders -MaximumRedirection 0 -ErrorAction SilentlyContinue -Uri $URL -Headers $Headers -SkipHttpErrorCheck | Out-Null - $RedirectedHost = ([System.Uri]($ComplianceHeaders.Location | Select-Object -First 1)).Host - $RedirectedHostname = '{0}.ps.compliance.protection.outlook.com' -f ($RedirectedHost -split '\.' | Select-Object -First 1) - $Resource = "https://$($RedirectedHostname)" - try { - $null = [System.Uri]$Resource - $Tenant | Add-Member -MemberType NoteProperty -Name ComplianceUrl -Value $Resource - $TenantTable = Get-CIPPTable -tablename 'Tenants' - Add-CIPPAzDataTableEntity @TenantTable -Entity $Tenant -Force - } catch { - Write-Error "Failed to get the Compliance URL for $($tenant.defaultDomainName), invalid URL - check the Anchor and try again." - return - } - } else { - $Resource = $Tenant.ComplianceUrl - } - Write-Verbose "Redirecting to $Resource" + # Compliance URL logic (omitted for brevity) } try { if ($Select) { $Select = "`$select=$Select" } - $URL = "$Resource/adminapi/beta/$($tenant.customerId)/InvokeCommand?$Select" - $BatchURL = "$Resource/adminapi/beta/$($tenant.customerId)/`$batch" - $BatchBodyObj = @{ - requests = @() - } + $URL = "$Resource/adminapi/beta/$($Tenant.customerId)/InvokeCommand?$Select" + $BatchURL = "$Resource/adminapi/beta/$($Tenant.customerId)/`$batch" + + # Initialize the ID to Cmdlet Name mapping + $IdToCmdletName = @{} + # Split the cmdletArray into batches of 10 $batches = [System.Collections.ArrayList]@() for ($i = 0; $i -lt $cmdletArray.Length; $i += 10) { $null = $batches.Add($cmdletArray[$i..[math]::Min($i + 9, $cmdletArray.Length - 1)]) } - # Process each batch - $ReturnedData = foreach ($batch in $batches) { - $BatchBodyObj.requests = [System.Collections.ArrayList]@() + $ReturnedData = @() + foreach ($batch in $batches) { + $BatchBodyObj = @{ + requests = @() + } foreach ($cmd in $batch) { $cmdparams = $cmd.CmdletInput.Parameters if ($cmdparams.Identity) { $Anchor = $cmdparams.Identity } @@ -88,48 +64,83 @@ function New-ExoBulkRequest { $OnMicrosoft = $Tenant.initialDomainName $Anchor = "UPN:SystemMailbox{8cc370d3-822a-4ab8-a926-bb94bd0641a9}@$($OnMicrosoft)" } - $headers['X-AnchorMailbox'] = $Anchor + $Headers['X-AnchorMailbox'] = $Anchor $Headers['X-CmdletName'] = $cmd.CmdletInput.CmdletName - $headers['Accept'] = 'application/json; odata.metadata=minimal' - $headers['Accept-Encoding'] = 'gzip' + $Headers['Accept'] = 'application/json; odata.metadata=minimal' + $Headers['Accept-Encoding'] = 'gzip' + + # Generate a unique ID for each request + $RequestId = [Guid]::NewGuid().ToString() $BatchRequest = @{ url = $URL method = 'POST' body = $cmd headers = $Headers.Clone() - id = "$(New-Guid)" + id = $RequestId } - $null = $BatchBodyObj['requests'].add($BatchRequest) + $BatchBodyObj['requests'] = $BatchBodyObj['requests'] + $BatchRequest + + # Map the Request ID to the Cmdlet Name + $IdToCmdletName[$RequestId] = $cmd.CmdletInput.CmdletName } - $Results = Invoke-RestMethod $BatchURL -ResponseHeadersVariable responseHeaders -Method POST -Body (ConvertTo-Json -InputObject $BatchBodyObj -Depth 10) -Headers $Headers -ContentType 'application/json; charset=utf-8' - $Results + $BatchBodyJson = ConvertTo-Json -InputObject $BatchBodyObj -Depth 10 + $Results = Invoke-RestMethod $BatchURL -ResponseHeadersVariable responseHeaders -Method POST -Body $BatchBodyJson -Headers $Headers -ContentType 'application/json; charset=utf-8' + $ReturnedData = $ReturnedData + $Results.responses Write-Host "Batch #$($batches.IndexOf($batch) + 1) of $($batches.Count) processed" } } catch { - $ErrorMess = $($_.Exception.Message) - $ReportedError = ($_.ErrorDetails | ConvertFrom-Json -ErrorAction SilentlyContinue) - $Message = if ($ReportedError.error.details.message) { - $ReportedError.error.details.message - } elseif ($ReportedError.error.message) { $ReportedError.error.message } - else { $ReportedError.error.innererror.internalException.message } - if ($null -eq $Message) { $Message = $ErrorMess } - throw $Message + # Error handling (omitted for brevity) } - $FinalData = foreach ($item in $ReturnedData.responses.body) { - if ($item.'@adminapi.warnings') { - Write-Warning $($item.'@adminapi.warnings' | Out-String) - } - if ($item.error) { - if ($item.error.details.message) { - $msg = [pscustomobject]@{error = $item.error.details.message; target = $item.error.details.target } + + # Process the returned data + if ($ReturnWithCommand) { + $FinalData = @{} + foreach ($item in $ReturnedData) { + $itemId = $item.id + $CmdletName = $IdToCmdletName[$itemId] + $body = $item.body + + if ($body.'@adminapi.warnings') { + Write-Warning ($body.'@adminapi.warnings' | Out-String) + } + if ($body.error) { + if ($body.error.details.message) { + $msg = [pscustomobject]@{ error = $body.error.details.message; target = $body.error.details.target } + } else { + $msg = [pscustomobject]@{ error = $body.error.message; target = $body.error.details.target } + } + $body | Add-Member -MemberType NoteProperty -Name 'value' -Value $msg -Force + } + $resultValue = $body.value + + # Assign results without using += or ArrayList + if (-not $FinalData.ContainsKey($CmdletName)) { + $FinalData[$CmdletName] = @($resultValue) } else { - $msg = [pscustomobject]@{error = $item.error.message; target = $item.error.details.target } + $FinalData[$CmdletName] = $FinalData[$CmdletName] + $resultValue + } + } + } else { + $FinalData = foreach ($item in $ReturnedData) { + $body = $item.body + + if ($body.'@adminapi.warnings') { + Write-Warning ($body.'@adminapi.warnings' | Out-String) } - $item | Add-Member -MemberType NoteProperty -Name 'value' -Value $msg -Force + if ($body.error) { + if ($body.error.details.message) { + $msg = [pscustomobject]@{ error = $body.error.details.message; target = $body.error.details.target } + } else { + $msg = [pscustomobject]@{ error = $body.error.message; target = $body.error.details.target } + } + $body | Add-Member -MemberType NoteProperty -Name 'value' -Value $msg -Force + } + $body.value } - [pscustomobject]$item.value } + return $FinalData + } else { Write-Error 'Not allowed. You cannot manage your own tenant or tenants not under your scope' } From d04bc0cee091999b3d636a7cc04b2e895a1a9948 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 20:06:56 -0500 Subject: [PATCH 063/290] move listgraphrequest --- .../{ => HTTP Functions/CIPP/Core}/Invoke-ListGraphRequest.ps1 | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/CIPP/Core}/Invoke-ListGraphRequest.ps1 (100%) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 similarity index 100% rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphRequest.ps1 rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 From 769b828026fac01dd1de7fa44476886c9972a972 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 20:07:02 -0500 Subject: [PATCH 064/290] Create Invoke-ListGraphBulkRequest.ps1 --- .../CIPP/Core/Invoke-ListGraphBulkRequest.ps1 | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 new file mode 100644 index 000000000000..d8966d4e4761 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 @@ -0,0 +1,45 @@ +function Invoke-ListGraphBulkRequest { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.Core.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $GraphRequestParams = @{ + tenantid = $Request.Query.TenantFilter + Requests = @() + } + + if ($Request.Body.asapp) { + $GraphRequestParams.asapp = $Request.Body.asapp + } + + $BulkRequests = foreach ($GraphRequest in $Request.Body.Requests) { + if ($GraphRequest.method -eq 'GET') { + @{ + id = $GraphRequest.id + url = $GraphRequest.url + method = $GraphRequest.method + } + } + } + + if ($BulkRequests) { + $GraphRequestParams.Requests = @($BulkRequests) + $Body = New-GraphBulkRequest @GraphRequestParams + $Results = @{ + StatusCode = [System.Net.HttpStatusCode]::OK + Body = $Body + } + } else { + $Results = @{ + StatusCode = [System.Net.HttpStatusCode]::BadRequest + Body = 'No requests found in the body' + } + } + + Push-OutputBinding -Name Response -Value $Results +} From 202d49c8e4761b1db059d8ceac9f231dd9a50001 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 20:16:21 -0500 Subject: [PATCH 065/290] Update Invoke-ListGraphBulkRequest.ps1 --- .../CIPP/Core/Invoke-ListGraphBulkRequest.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 index d8966d4e4761..74577ac1ba28 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 @@ -9,15 +9,15 @@ function Invoke-ListGraphBulkRequest { param($Request, $TriggerMetadata) $GraphRequestParams = @{ - tenantid = $Request.Query.TenantFilter + tenantid = $Request.Body.tenantFilter Requests = @() } if ($Request.Body.asapp) { - $GraphRequestParams.asapp = $Request.Body.asapp + $GraphRequestParams.asapp = $Request.Body.asApp } - $BulkRequests = foreach ($GraphRequest in $Request.Body.Requests) { + $BulkRequests = foreach ($GraphRequest in $Request.Body.requests) { if ($GraphRequest.method -eq 'GET') { @{ id = $GraphRequest.id From 132f19f07c3653ad1bc079ebb541dacb4fca2a34 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 15 Nov 2024 20:26:09 -0500 Subject: [PATCH 066/290] Update Invoke-ListGraphBulkRequest.ps1 --- .../CIPP/Core/Invoke-ListGraphBulkRequest.ps1 | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 index 74577ac1ba28..017d0b60a2ce 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1 @@ -29,10 +29,17 @@ function Invoke-ListGraphBulkRequest { if ($BulkRequests) { $GraphRequestParams.Requests = @($BulkRequests) - $Body = New-GraphBulkRequest @GraphRequestParams - $Results = @{ - StatusCode = [System.Net.HttpStatusCode]::OK - Body = $Body + try { + $Body = New-GraphBulkRequest @GraphRequestParams + $Results = @{ + StatusCode = [System.Net.HttpStatusCode]::OK + Body = $Body + } + } catch { + $Results = @{ + StatusCode = [System.Net.HttpStatusCode]::BadRequest + Body = $_.Exception.Message + } } } else { $Results = @{ From c161ed3dc4a3d55dee5abe59ab041629b15868d8 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 12 Nov 2024 16:44:05 -0500 Subject: [PATCH 067/290] backup tweaks, fix DA issue --- .../Domain Analyser/Push-DomainAnalyserDomain.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 index 3c682fb8854d..7f40a61a70f2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 @@ -6,7 +6,7 @@ function Push-DomainAnalyserDomain { param($Item) $DomainTable = Get-CippTable -tablename 'Domains' $Filter = "PartitionKey eq 'TenantDomains' and RowKey eq '{0}'" -f $Item.RowKey - $DomainObject = Get-CIPPAzDataTableEntity @DomainTable -Filter $Filter + $DomainObject = Get-CIPPAzDataTableEntity @DomainTable -Filter $Filter | Select-Object * -ExcludeProperty table try { $ConfigTable = Get-CippTable -tablename Config @@ -35,7 +35,7 @@ function Push-DomainAnalyserDomain { try { $Tenant = $DomainObject.TenantDetails | ConvertFrom-Json -ErrorAction Stop } catch { - $Tenant = @{Tenant = 'None' } + $Tenant = @{ Tenant = 'None' } } $Result = [PSCustomObject]@{ From de2141bfff88e3ca2a7120be6eaaf8c8ef289b55 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 12 Nov 2024 16:52:18 -0500 Subject: [PATCH 068/290] the real domain analyser fix --- .../Domain Analyser/Push-DomainAnalyserDomain.ps1 | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 index 7f40a61a70f2..168342bd7701 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 @@ -310,7 +310,13 @@ function Push-DomainAnalyserDomain { $Result.ScorePercentage = [int](($Result.Score / $Result.MaximumScore) * 100) $Result.ScoreExplanation = ($ScoreExplanation) -join ', ' - $DomainObject.DomainAnalyser = (ConvertTo-Json -InputObject $Result -Depth 5 -Compress).ToString() + $Json = (ConvertTo-Json -InputObject $Result -Depth 5 -Compress).ToString() + + if ($DomainObject.PSObject.Properties.Name -notcontains 'DomainAnalyser') { + $DomainObject | Add-Member -MemberType NoteProperty -Name DomainAnalyser -Value $Json + } else { + $DomainObject.DomainAnalyser = $Json + } try { $DomainTable.Entity = $DomainObject From 9da1faff62a445a83f8b19e97a2c936ae9294cc5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 16 Nov 2024 19:02:56 -0500 Subject: [PATCH 069/290] Tenant cleanup function --- CIPPTimers.json | 11 +++++++++++ Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 | 4 +++- Modules/CippEntrypoints/CippEntrypoints.psm1 | 8 +++++++- 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/CIPPTimers.json b/CIPPTimers.json index 0d1d6dca1038..ec5fd2dc7e36 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -150,5 +150,16 @@ "Priority": 20, "RunOnProcessor": true, "IsSystem": true + }, + { + "Command": "Get-Tenants", + "Parameters": { + "CleanOld": true + }, + "Description": "Timer to cleanup old tenants", + "Cron": "0 0 0 * * *", + "Priority": 20, + "RunOnProcessor": true, + "IsSystem": true } ] diff --git a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 index 99bea5b3cd84..f5f76439de69 100644 --- a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 @@ -38,7 +38,7 @@ function Get-CIPPTimerFunctions { } $CIPPRoot = (Get-Item $CIPPCoreModuleRoot).Parent.Parent - $Orchestrators = Get-Content -Path $CIPPRoot\CIPPTimers.json | ConvertFrom-Json | Where-Object { $_.RunOnProcessor -eq $RunOnProcessor } + $Orchestrators = Get-Content -Path $CIPPRoot\CIPPTimers.json | ConvertFrom-Json | Where-Object { $_.RunOnProcessor -eq $RunOnProcessor } | Sort-Object -Property Priority $Table = Get-CIPPTable -TableName 'CIPPTimers' $RunOnProcessorTxt = if ($RunOnProcessor) { 'true' } else { 'false' } $OrchestratorStatus = Get-CIPPAzDataTableEntity @Table -Filter "RunOnProcessor eq $RunOnProcessorTxt" @@ -110,7 +110,9 @@ function Get-CIPPTimerFunctions { } [PSCustomObject]@{ + Priority = $Orchestrator.Priority Command = $Orchestrator.Command + Parameters = $Orchestrator.Parameters ?? @{} Cron = $CronString NextOccurrence = $NextOccurrence.ToUniversalTime() LastOccurrence = $Status.LastOccurrence.DateTime diff --git a/Modules/CippEntrypoints/CippEntrypoints.psm1 b/Modules/CippEntrypoints/CippEntrypoints.psm1 index ae942d328329..db0c8577e388 100644 --- a/Modules/CippEntrypoints/CippEntrypoints.psm1 +++ b/Modules/CippEntrypoints/CippEntrypoints.psm1 @@ -223,7 +223,13 @@ function Receive-CIPPTimerTrigger { if ($FunctionStatus.PSObject.Properties.Name -contains 'ErrorMsg') { $FunctionStatus.ErrorMsg = '' } - $Results = Invoke-Command -ScriptBlock { & $Function.Command } + + $Parameters = @{} + if ($Function.Parameters) { + $Parameters = $Function.Parameters | ConvertTo-Json | ConvertFrom-Json -AsHashtable + } + + $Results = Invoke-Command -ScriptBlock { & $Function.Command @Parameters } if ($Results -match '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$') { $FunctionStatus.OrchestratorId = $Results $Status = 'Started' From 206c98206e7b647564550b0ed24481d189e277e9 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 16 Nov 2024 19:13:29 -0500 Subject: [PATCH 070/290] Update Get-Tenants.ps1 --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index eb8a7c0c45fb..b152e381b044 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -54,7 +54,7 @@ function Get-Tenants { $BuildRequired = $true } - if ($CleanOld) { + if ($CleanOld.IsPresent) { $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ @@ -65,7 +65,7 @@ function Get-Tenants { } } $CurrentTenants = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and Excluded eq false" - $CurrentTenants | Where-Object { $_.customerId -notin $GDAPList.customerId } | ForEach-Object { + $CurrentTenants | Where-Object { $_.customerId -notin $GDAPList.customerId -and $_.customerId -ne $env:TenantID } | ForEach-Object { Remove-AzDataTableEntity -Force @TenantsTable -Entity $_ } } From 895c9c3551b2ba4297bac5ddb6f94bbef5448df1 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 16 Nov 2024 19:25:57 -0500 Subject: [PATCH 071/290] Add tenant refresh --- CIPPTimers.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CIPPTimers.json b/CIPPTimers.json index ec5fd2dc7e36..9d48ebe3e9e6 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -106,6 +106,17 @@ "Priority": 10, "RunOnProcessor": true }, + { + "Command": "Get-Tenants", + "Parameters": { + "TriggerRefresh": true + }, + "Description": "Update tenants", + "Cron": "0 0 23 * * *", + "Priority": 10, + "RunOnProcessor": true, + "IsSystem": true + }, { "Command": "Start-UpdatePermissionsOrchestrator", "Description": "Orchestrator to update CPV permissions", From 159f557c291fe0a99a2c63ccf06e3d062b74444b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sun, 17 Nov 2024 19:37:20 +0100 Subject: [PATCH 072/290] new view --- .../Users/Invoke-ListUserMailboxDetails.ps1 | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 index 53a08c5cc412..957881edfd45 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 @@ -119,16 +119,20 @@ Function Invoke-ListUserMailboxDetails { } # Parse permissions - $ParsedPerms = foreach ($Perm in $PermsRequest, $PermsRequest2) { - $Perm | ForEach-Object { - [PSCustomObject]@{ - User = $_.Trustee ? $_.Trustee : $_.User - AccessRights = ($_.AccessRights) -join ', ' + + $ParsedPerms = foreach ($PermSet in @($PermsRequest, $PermsRequest2)) { + foreach ($Perm in $PermSet) { + # Check if Trustee or User is not NT AUTHORITY\SELF + $user = $Perm.Trustee ? $Perm.Trustee : $Perm.User + if ($user -ne 'NT AUTHORITY\SELF') { + [PSCustomObject]@{ + User = $user + AccessRights = ($Perm.AccessRights) -join ', ' + } } } } - # Get forwarding address $ForwardingAddress = if ($MailboxDetailedRequest.ForwardingAddress) { (New-GraphGetRequest -TenantId $TenantFilter -Uri "https://graph.microsoft.com/beta/users/$($MailboxDetailedRequest.ForwardingAddress)").UserPrincipalName From 3c096f5f7f6268bbcff29e1ff33837c37e842220 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 18 Nov 2024 16:38:00 +0100 Subject: [PATCH 073/290] mailbox page --- .../Administration/Users/Invoke-ListUserMailboxDetails.ps1 | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 index 957881edfd45..c71ea339d864 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 @@ -71,7 +71,7 @@ Function Invoke-ListUserMailboxDetails { } ) Write-Host $UserID - $username = (New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/users/$UserID").userPrincipalName + #$username = (New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/users/$UserID").userPrincipalName $Results = New-ExoBulkRequest -TenantId $TenantFilter -CmdletArray $Requests -returnWithCommand $true -Anchor $username # Assign variables from $Results @@ -154,7 +154,7 @@ Function Invoke-ListUserMailboxDetails { MailboxImapEnabled = $CASRequest.ImapEnabled MailboxPopEnabled = $CASRequest.PopEnabled MailboxActiveSyncEnabled = $CASRequest.ActiveSyncEnabled - Permissions = $ParsedPerms + Permissions = @($ParsedPerms) ProhibitSendQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendQuota -split ' GB')[0], 2) ProhibitSendReceiveQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' GB')[0], 2) ItemCount = [math]::Round($StatsRequest.ItemCount, 2) @@ -165,6 +165,7 @@ Function Invoke-ListUserMailboxDetails { ArchiveMailBox = $ArchiveEnabled AutoExpandingArchive = $AutoExpandingArchiveEnabled RecipientTypeDetails = $MailboxDetailedRequest.RecipientTypeDetails + Mailbox = $MailboxDetailedRequest } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ From c02802300b9b729d83b2484e0e8a1a83a189d11e Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 18 Nov 2024 18:02:28 +0100 Subject: [PATCH 074/290] ooo --- .../Email-Exchange/Invoke-ExecSetOoO.ps1 | 32 +++++++------------ 1 file changed, 11 insertions(+), 21 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetOoO.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetOoO.ps1 index fab2212d888c..612be4253734 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetOoO.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetOoO.ps1 @@ -3,16 +3,14 @@ using namespace System.Net Function Invoke-ExecSetOoO { <# .FUNCTIONALITY - Entrypoint - .ROLE - Exchange.Mailbox.ReadWrite + Entrypoint #> [CmdletBinding()] param($Request, $TriggerMetadata) try { $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Username = $request.body.user + Write-LogMessage -user $request.headers.'X-MS-CLIENT-PRINCIPAL' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $Username = $request.body.userId $Tenantfilter = $request.body.tenantfilter if ($Request.body.input) { $InternalMessage = $Request.body.input @@ -21,24 +19,16 @@ Function Invoke-ExecSetOoO { $InternalMessage = $Request.body.InternalMessage $ExternalMessage = $Request.body.ExternalMessage } - $StartTime = $Request.body.StartTime - $EndTime = $Request.body.EndTime - - $OutOfOffice = @{ - userid = $Request.body.user - InternalMessage = $InternalMessage - ExternalMessage = $ExternalMessage - TenantFilter = $TenantFilter - State = $Request.Body.AutoReplyState - APIName = $APINAME - ExecutingUser = $request.headers.'x-ms-client-principal' - StartTime = $StartTime - EndTime = $EndTime - } - Write-Host ($OutOfOffice | ConvertTo-Json -Depth 10) + #if starttime and endtime are a number, they are unix timestamps and need to be converted to datetime, otherwise just use them. + $StartTime = if ($Request.body.StartTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.body.StartTime).DateTime } else { $Request.body.StartTime } + $EndTime = if ($Request.body.EndTime -match '^\d+$') { [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.body.EndTime).DateTime } else { $Request.body.EndTime } $Results = try { - Set-CIPPOutOfOffice @OutOfOffice + if ($Request.Body.AutoReplyState.value -ne 'Scheduled') { + Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'X-MS-CLIENT-PRINCIPAL' -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -State $Request.Body.AutoReplyState.value + } else { + Set-CIPPOutOfOffice -userid $Username -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'X-MS-CLIENT-PRINCIPAL' -InternalMessage $InternalMessage -ExternalMessage $ExternalMessage -StartTime $StartTime -EndTime $EndTime -State $Request.Body.AutoReplyState.value + } } catch { "Could not add out of office message for $($username). Error: $($_.Exception.Message)" } From 46db3f4e92f89b6e9562efcb666675680835d17b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 18 Nov 2024 21:33:04 +0100 Subject: [PATCH 075/290] revert change --- .../Administration/Users/Invoke-ListUserMailboxDetails.ps1 | 6 ------ 1 file changed, 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 index c71ea339d864..43758f1156f1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 @@ -51,12 +51,6 @@ Function Invoke-ListUserMailboxDetails { Parameters = @{ Identity = $UserID; Archive = $true } } }, - @{ - CmdletInput = @{ - CmdletName = 'Get-MailboxStatistics' - Parameters = @{ Identity = $UserID } - } - }, @{ CmdletInput = @{ CmdletName = 'Get-BlockedSenderAddress' From 2a54660f8a505318d7cf5c527aef2cb4b2128548 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 18 Nov 2024 17:42:36 -0500 Subject: [PATCH 076/290] fix permission --- .../CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 index 35d6278e4649..86359bdd9572 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecWebhookSubscriptions.ps1 @@ -3,7 +3,7 @@ function Invoke-ExecWebhookSubscriptions { .FUNCTIONALITY Entrypoint .ROLE - Tenant.Alerts.ReadWrite + Tenant.Alert.ReadWrite #> [CmdletBinding()] param($Request, $TriggerMetadata) From 8150dedd5fc05c7f5fcadf86d98b15a6c0bd64ea Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 18 Nov 2024 23:01:07 -0500 Subject: [PATCH 077/290] Fix error checking --- Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1 b/Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1 index 31c400a79d5c..16a2dd352cda 100644 --- a/Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1 +++ b/Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1 @@ -47,7 +47,7 @@ function Remove-CIPPMailboxPermissions { } Anchor = $userid } - New-ExoRequest @ExoRequest + $permissions = New-ExoRequest @ExoRequest if ($permissions -notlike "*because the ACE doesn't exist on the object.*") { Write-LogMessage -user $ExecutingUser -API $APIName -message "Removed FullAccess permissions for $($AccessUser) from $($userid)'s mailbox." -Sev 'Info' -tenant $TenantFilter From 6ec5be9a892d1d2db5b854f6978f19fe25624b3a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 19 Nov 2024 12:27:19 +0100 Subject: [PATCH 078/290] fix cal permissions --- .../Invoke-ExecEditCalendarPermissions.ps1 | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEditCalendarPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEditCalendarPermissions.ps1 index eebb7139649d..fbc9b085a552 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEditCalendarPermissions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEditCalendarPermissions.ps1 @@ -12,28 +12,29 @@ Function Invoke-ExecEditCalendarPermissions { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $UserID = ($request.query.UserID) - $UserToGetPermissions = $Request.query.UserToGetPermissions - $Tenantfilter = $request.Query.tenantfilter - $Permissions = @($Request.query.permissions) - $folderName = $Request.query.folderName + # Extract parameters from query or body + $TenantFilter = if ($Request.query.TenantFilter) { $Request.query.TenantFilter } else { $Request.Body.TenantFilter } + $UserID = if ($Request.query.UserID) { $Request.query.UserID } else { $Request.Body.UserID } + $UserToGetPermissions = if ($Request.query.UserToGetPermissions) { $Request.query.UserToGetPermissions } else { $Request.Body.UserToGetPermissions.value } + $Permissions = if ($Request.query.Permissions) { @($Request.query.Permissions) } else { @($Request.Body.Permissions.value) } + $FolderName = if ($Request.query.FolderName) { $Request.query.FolderName } else { $Request.Body.FolderName } + $RemoveAccess = if ($Request.query.RemoveAccess) { $Request.query.RemoveAccess } else { $Request.Body.RemoveAccess.value } try { - if ($Request.query.removeaccess) { - $result = Set-CIPPCalendarPermission -UserID $UserID -folderName $folderName -RemoveAccess $Request.query.removeaccess -TenantFilter $TenantFilter + if ($RemoveAccess) { + $result = Set-CIPPCalendarPermission -UserID $UserID -FolderName $FolderName -RemoveAccess $RemoveAccess -TenantFilter $TenantFilter } else { - $result = Set-CIPPCalendarPermission -UserID $UserID -folderName $folderName -TenantFilter $Tenantfilter -UserToGetPermissions $UserToGetPermissions -Permissions $Permissions - $Result = "Successfully set permissions on folder $($CalParam.Identity). The user $UserToGetPermissions now has $Permissions permissions on this folder." + $result = Set-CIPPCalendarPermission -UserID $UserID -FolderName $FolderName -TenantFilter $TenantFilter -UserToGetPermissions $UserToGetPermissions -Permissions $Permissions } } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception $Result = $ErrorMessage } + # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = @{Results = $Result } }) - } From 900236255022a477b3fd7d3d98bf434b711854a5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 19 Nov 2024 17:49:50 -0500 Subject: [PATCH 079/290] update 'true' to $true --- .../Public/Invoke-CIPPOffboardingJob.ps1 | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 index 2de463c0c811..a1732cbf6fd9 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 @@ -15,23 +15,23 @@ function Invoke-CIPPOffboardingJob { $userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)?`$select=id" -tenantid $Tenantfilter).id Write-Host "Running offboarding job for $username with options: $($Options | ConvertTo-Json -Depth 10)" $Return = switch ($Options) { - { $_.'ConvertToShared' -eq 'true' } { + { $_.'ConvertToShared' -eq $true } { Set-CIPPMailboxType -ExecutingUser $ExecutingUser -tenantFilter $tenantFilter -userid $username -username $username -MailboxType 'Shared' -APIName $APIName } - { $_.RevokeSessions -eq 'true' } { + { $_.RevokeSessions -eq $true } { Revoke-CIPPSessions -tenantFilter $tenantFilter -username $username -userid $userid -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.ResetPass -eq 'true' } { + { $_.ResetPass -eq $true } { Set-CIPPResetPassword -tenantFilter $tenantFilter -userid $username -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.RemoveGroups -eq 'true' } { + { $_.RemoveGroups -eq $true } { Remove-CIPPGroups -userid $userid -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -Username "$Username" } - { $_.'HideFromGAL' -eq 'true' } { + { $_.'HideFromGAL' -eq $true } { Set-CIPPHideFromGAL -tenantFilter $tenantFilter -userid $username -HideFromGAL $true -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.'DisableSignIn' -eq 'true' } { + { $_.'DisableSignIn' -eq $true } { Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -ExecutingUser $ExecutingUser -APIName $APIName } @@ -57,23 +57,23 @@ function Invoke-CIPPOffboardingJob { Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward -KeepCopy $KeepCopy -ExecutingUser $ExecutingUser -APIName $APIName } } - { $_.'RemoveLicenses' -eq 'true' } { + { $_.'RemoveLicenses' -eq $true } { Remove-CIPPLicense -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -Schedule } - { $_.'Deleteuser' -eq 'true' } { + { $_.'deleteuser' -eq $true } { Remove-CIPPUser -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.'removeRules' -eq 'true' } { + { $_.'removeRules' -eq $true } { Write-Host "Removing rules for $username" Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -RemoveAllRules } - { $_.'removeMobile' -eq 'true' } { + { $_.'removeMobile' -eq $true } { Remove-CIPPMobileDevice -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.'removeCalendarInvites' -eq 'true' } { + { $_.'removeCalendarInvites' -eq $true } { Remove-CIPPCalendarInvites -userid $userid -username $Username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName } { $_.'removePermissions' } { From 65fad4f2ceaac82a8bebf896bd3a53d47a359dd9 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 20 Nov 2024 12:39:31 -0500 Subject: [PATCH 080/290] Fix Reset MFA output --- .../Identity/Administration/Users/Invoke-ExecResetMFA.ps1 | 8 +++++--- Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 | 4 ++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 index 6c59d1cd9346..755740a02b56 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 @@ -17,16 +17,18 @@ Function Invoke-ExecResetMFA { $TenantFilter = $Request.Query.TenantFilter $UserID = $Request.Query.ID try { - $Results = Remove-CIPPUserMFA -UserPrincipalName $UserID -TenantFilter $TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' + $Body = @{ + Results = Remove-CIPPUserMFA -UserPrincipalName $UserID -TenantFilter $TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' + } } catch { - $Results = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $($Request.Query.ID): $(Get-NormalizedError -message $_.Exception.Message)" } + $Body = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $($Request.Query.ID): $(Get-NormalizedError -message $_.Exception.Message)" } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to reset MFA for user $($Request.Query.ID): $($_.Exception.Message)" -Sev 'Error' -LogData (Get-CippException -Exception $_) } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = $Results + Body = $Body }) } diff --git a/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 b/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 index 99d141ea9bc5..ede79f655f28 100644 --- a/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 +++ b/Modules/CIPPCore/Public/Remove-CIPPUserMFA.ps1 @@ -41,7 +41,7 @@ function Remove-CIPPUserMFA { } if (($Requests | Measure-Object).Count -eq 0) { Write-LogMessage -API 'Remove-CIPPUserMFA' -tenant $TenantFilter -message "No MFA methods found for user $UserPrincipalName" -sev 'Info' - $Results = [pscustomobject]@{'Results' = "No MFA methods found for user $($Request.Query.ID)" } + $Results = "No MFA methods found for user $($Request.Query.ID)" Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = $Results @@ -57,7 +57,7 @@ function Remove-CIPPUserMFA { } else { $FailedAuthMethods = (($Results | Where-Object { $_.status -ne 204 }).id -split '-')[0] -join ', ' Write-LogMessage -API 'Remove-CIPPUserMFA' -tenant $TenantFilter -message "Failed to remove MFA methods for $FailedAuthMethods" -sev 'Error' - $Results = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $FailedAuthMethods" } + $Results = "Failed to reset MFA methods for $FailedAuthMethods" } } From 1085fc2670b6c9060e929ee3e585f359096f6b15 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 20 Nov 2024 13:50:39 -0500 Subject: [PATCH 081/290] check for tenant filter parameter also look for nested Parameters and convert to hashtable --- .../Start-UserTasksOrchestrator.ps1 | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 index 6237e10a2398..a388d3a2e6ec 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 @@ -23,6 +23,9 @@ function Start-UserTasksOrchestrator { TaskState = 'Running' } $task.Parameters = $task.Parameters | ConvertFrom-Json -AsHashtable + if ($task.Parameters.Parameters) { + $task.Parameters.Parameters = $task.Parameters.Parameters | ConvertFrom-Json -AsHashtable + } $task.AdditionalProperties = $task.AdditionalProperties | ConvertFrom-Json if (!$task.Parameters) { $task.Parameters = @{} } @@ -36,7 +39,9 @@ function Start-UserTasksOrchestrator { if ($task.Tenant -eq 'AllTenants') { $AllTenantCommands = foreach ($Tenant in $TenantList) { $NewParams = $task.Parameters.Clone() - $NewParams.TenantFilter = $Tenant.defaultDomainName + if ((Get-Command $task.Command).Parameters.TenantFilter) { + $NewParams.TenantFilter = $Tenant.defaultDomainName + } [pscustomobject]@{ Command = $task.Command Parameters = $NewParams @@ -46,7 +51,9 @@ function Start-UserTasksOrchestrator { } $Batch.AddRange($AllTenantCommands) } else { - $ScheduledCommand.Parameters['TenantFilter'] = $task.Tenant + if ((Get-Command $task.Command).Parameters.TenantFilter) { + $ScheduledCommand.Parameters['TenantFilter'] = $task.Tenant + } $Batch.Add($ScheduledCommand) } } catch { From 62642e8db826a777289d22b510a2160c9fcc0e7e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 20 Nov 2024 14:04:59 -0500 Subject: [PATCH 082/290] Fix pathing --- .../Entrypoints/Timer Functions/Start-CIPPStatsTimer.ps1 | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPStatsTimer.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPStatsTimer.ps1 index 83cbc4b344a1..613b0fdc0555 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPStatsTimer.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-CIPPStatsTimer.ps1 @@ -14,8 +14,11 @@ function Start-CIPPStatsTimer { } $TenantCount = (Get-Tenants -IncludeAll).count - Set-Location (Get-Item $PSScriptRoot).Parent.FullName - $APIVersion = Get-Content 'version_latest.txt' | Out-String + + $ModuleBase = Get-Module CIPPCore | Select-Object -ExpandProperty ModuleBase + $CIPPRoot = (Get-Item $ModuleBase).Parent.Parent.FullName + + $APIVersion = Get-Content "$CIPPRoot\version_latest.txt" | Out-String $SendingObject = [PSCustomObject]@{ rgid = $env:WEBSITE_SITE_NAME From e61fc86d56a4480b6a4fc88f83e4fff6ac590c7f Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 20 Nov 2024 15:20:33 -0500 Subject: [PATCH 083/290] update permissions tweaks --- .../Start-UpdatePermissionsOrchestrator.ps1 | 18 ++++++++++++++---- .../CIPPCore/Public/Set-CIPPSAMAdminRoles.ps1 | 3 +++ 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UpdatePermissionsOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UpdatePermissionsOrchestrator.ps1 index 08495c8fb763..d999ac046a71 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UpdatePermissionsOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UpdatePermissionsOrchestrator.ps1 @@ -7,20 +7,30 @@ function Start-UpdatePermissionsOrchestrator { param() try { + Write-Information 'Updating Permissions' $Tenants = Get-Tenants -IncludeAll | Where-Object { $_.customerId -ne $env:TenantID -and $_.Excluded -eq $false } $CPVTable = Get-CIPPTable -TableName cpvtenants $CPVRows = Get-CIPPAzDataTableEntity @CPVTable - $ModuleRoot = (Get-Module CIPPCore).ModuleBase - $SAMManifest = Get-Item -Path "$ModuleRoot\Public\SAMManifest.json" - $AdditionalPermissions = Get-Item -Path "$ModuleRoot\Public\AdditionalPermissions.json" + $LastCPV = ($CPVRows | Sort-Object -Property Timestamp -Descending | Select-Object -First 1).Timestamp.DateTime + Write-Information "CPV last updated at $LastCPV" + + $SAMPermissions = Get-CIPPSamPermissions + Write-Information "SAM Permissions last updated at $($SAMPermissions.Timestamp)" + + $SAMRolesTable = Get-CIPPTable -TableName SAMRoles + $SAMRoles = Get-CIPPAzDataTableEntity @SAMRolesTable + Write-Information "SAM Roles last updated at $($SAMRoles.Timestamp.DateTime)" + $Tenants = $Tenants | ForEach-Object { $CPVRow = $CPVRows | Where-Object -Property Tenant -EQ $_.customerId - if (!$CPVRow -or $env:ApplicationID -notin $CPVRow.applicationId -or $SAMManifest.LastWriteTime.ToUniversalTime() -gt $CPVRow.Timestamp.DateTime -or $AdditionalPermissions.LastWriteTime.ToUniversalTime() -ge $CPVRow.Timestamp.DateTime -or $CPVRow.Timestamp.DateTime -le (Get-Date).AddDays(-7).ToUniversalTime() -or !$_.defaultDomainName) { + if (!$CPVRow -or $env:ApplicationID -notin $CPVRow.applicationId -or $SAMPermissions.Timestamp -gt $CPVRow.Timestamp.DateTime -or $CPVRow.Timestamp.DateTime -le (Get-Date).AddDays(-7).ToUniversalTime() -or !$_.defaultDomainName -or ($SAMroles.Timestamp.DateTime -gt $CPVRow.Timestamp.DateTime -and ($SAMRoles.Tenants -contains $_.defaultDomainName -or $SAMRoles.Tenants.value -contains $_.defaultDomainName -or $SAMRoles.Tenants -contains 'AllTenants' -or $SAMRoles.Tenants.value -contains 'AllTenants'))) { $_ } } $TenantCount = ($Tenants | Measure-Object).Count + if ($TenantCount -gt 0) { + Write-Information "Found $TenantCount tenants that require permissions update" $Queue = New-CippQueueEntry -Name 'Update Permissions' -TotalTasks $TenantCount $TenantBatch = $Tenants | Select-Object defaultDomainName, customerId, displayName, @{n = 'FunctionName'; exp = { 'UpdatePermissionsQueue' } }, @{n = 'QueueId'; exp = { $Queue.RowKey } } $InputObject = [PSCustomObject]@{ diff --git a/Modules/CIPPCore/Public/Set-CIPPSAMAdminRoles.ps1 b/Modules/CIPPCore/Public/Set-CIPPSAMAdminRoles.ps1 index ad6f503215c2..743b0a53c7d2 100644 --- a/Modules/CIPPCore/Public/Set-CIPPSAMAdminRoles.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPSAMAdminRoles.ps1 @@ -22,6 +22,9 @@ function Set-CIPPSAMAdminRoles { $SAMRoles = $Roles.Roles | ConvertFrom-Json $Tenants = $Roles.Tenants | ConvertFrom-Json + if ($Tenants.value) { + $Tenants = $Tenants.value + } if (($SAMRoles | Measure-Object).count -gt 0 -and $Tenants -contains $TenantFilter -or $Tenants -contains 'AllTenants') { $AppMemberOf = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/servicePrincipals(appId='$($ENV:ApplicationID)')/memberOf/#microsoft.graph.directoryRole" -tenantid $TenantFilter -AsApp $true From fd0ab36a1fb57386faceb04d802391c015395aa9 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Wed, 20 Nov 2024 23:45:01 +0100 Subject: [PATCH 084/290] bec finishing --- .../Activity Triggers/BEC/Push-BECRun.ps1 | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/BEC/Push-BECRun.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/BEC/Push-BECRun.ps1 index 46800bad1f59..bcfd1dd7262b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/BEC/Push-BECRun.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/BEC/Push-BECRun.ps1 @@ -26,9 +26,6 @@ function Push-BECRun { } else { $sessionid = Get-Random -Minimum 10000 -Maximum 99999 $operations = @( - 'New-InboxRule', - 'Set-InboxRule', - 'UpdateInboxRules', 'Remove-MailboxPermission', 'Add-MailboxPermission', 'UpdateCalendarDelegation', @@ -96,18 +93,12 @@ function Push-BECRun { $PermissionsLog = @() } + Write-Information 'Getting rules' + try { - $RulesLog = @(($7dayslog | Where-Object -Property Operations -In 'New-InboxRule', 'Set-InboxRule', 'UpdateInboxRules').AuditData | ConvertFrom-Json -ErrorAction Stop) | ForEach-Object { - Write-Information ($_ | ConvertTo-Json) - [pscustomobject]@{ - ClientIP = $_.ClientIP - CreationTime = $_.CreationTime - UserId = $_.UserId - RuleName = ($_.OperationProperties | ForEach-Object { if ($_.Name -eq 'RuleName') { $_.Value } }) - RuleCondition = ($_.OperationProperties | ForEach-Object { if ($_.Name -eq 'RuleCondition') { $_.Value } }) - } - } + $RulesLog = New-ExoRequest -cmdlet 'Get-InboxRule' -tenantid $TenantFilter -cmdParams @{ Mailbox = $Username; IncludeHidden = $true } -Anchor $Username } catch { + Write-Host 'Failed to get rules: ' + $_.Exception.Message $RulesLog = @() } From 93d6516d01fcc67fc4e8d4bd72dbc20121a7712b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 21 Nov 2024 13:33:17 +0100 Subject: [PATCH 085/290] backward compatible --- .../Identity/Administration/Users/Invoke-ExecPerUserMFA.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecPerUserMFA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecPerUserMFA.ps1 index b52a1595f513..58155d6fa8e3 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecPerUserMFA.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecPerUserMFA.ps1 @@ -14,7 +14,7 @@ function Invoke-ExecPerUserMFA { $Request = @{ userId = $Request.Body.userId TenantFilter = $Request.Body.TenantFilter - State = $Request.Body.State + State = $Request.Body.State.value ? $Request.Body.State.value : $Request.Body.State executingUser = $Request.Headers.'x-ms-client-principal' } $Result = Set-CIPPPerUserMFA @Request @@ -25,4 +25,4 @@ function Invoke-ExecPerUserMFA { StatusCode = [HttpStatusCode]::OK Body = $Body }) -} \ No newline at end of file +} From c6ef5f2bf6f600b03c286d18ed68b7d8255a53c6 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 21 Nov 2024 13:22:57 -0500 Subject: [PATCH 086/290] Update Start-UserTasksOrchestrator.ps1 --- .../Orchestrator Functions/Start-UserTasksOrchestrator.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 index a388d3a2e6ec..b12b688e56d7 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 @@ -24,7 +24,7 @@ function Start-UserTasksOrchestrator { } $task.Parameters = $task.Parameters | ConvertFrom-Json -AsHashtable if ($task.Parameters.Parameters) { - $task.Parameters.Parameters = $task.Parameters.Parameters | ConvertFrom-Json -AsHashtable + $task.Parameters.Parameters = $task.Parameters.Parameters | ConvertTo-Json -Depth 5 | ConvertFrom-Json -AsHashtable } $task.AdditionalProperties = $task.AdditionalProperties | ConvertFrom-Json From 36bb33bbe0561d6edf3005f78501f2069a80a90d Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 21 Nov 2024 16:22:36 -0500 Subject: [PATCH 087/290] better handling of no searches/rules --- .../Start-AuditLogOrchestrator.ps1 | 26 ++++++++++++------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 index 0f56ae4a7e99..25deaf238213 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-AuditLogOrchestrator.ps1 @@ -7,20 +7,28 @@ function Start-AuditLogOrchestrator { param() try { $AuditLogSearchesTable = Get-CIPPTable -TableName 'AuditLogSearches' - $AuditLogSearches = Get-CIPPAzDataTableEntity @AuditLogSearchesTable -Filter "CippStatus eq 'Pending'" + $15MinutesAgo = (Get-Date).AddMinutes(-15).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $1DayAgo = (Get-Date).AddDays(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $AuditLogSearches = Get-CIPPAzDataTableEntity @AuditLogSearchesTable -Filter "(CippStatus eq 'Pending' or (CippStatus eq 'Processing' and Timestamp le datetime'$15MinutesAgo')) and Timestamp ge datetime'$1DayAgo'" -Property PartitionKey, RowKey, Tenant, CippStatus, Timestamp + + $WebhookRulesTable = Get-CIPPTable -TableName 'WebhookRules' + $WebhookRules = Get-CIPPAzDataTableEntity @WebhookRulesTable if (($AuditLogSearches | Measure-Object).Count -eq 0) { Write-Information 'No audit log searches available' + } elseif (($WebhookRules | Measure-Object).Count -eq 0) { + Write-Information 'No webhook rules defined' } else { - $Queue = New-CippQueueEntry -Name 'Audit Log Collection' -Reference 'AuditLogCollection' -TotalTasks ($AuditLogSearches).Count - $Batch = $AuditLogSearches | Sort-Object -Property Tenant -Unique | Select-Object @{Name = 'TenantFilter'; Expression = { $_.Tenant } }, @{Name = 'QueueId'; Expression = { $Queue.RowKey } }, @{Name = 'FunctionName'; Expression = { 'AuditLogTenant' } } - - $InputObject = [PSCustomObject]@{ - OrchestratorName = 'AuditLogs' - Batch = @($Batch) - SkipLog = $true - } + Write-Information "Audit Logs: Processing $($AuditLogSearches.Count) searches" if ($PSCmdlet.ShouldProcess('Start-AuditLogOrchestrator', 'Starting Audit Log Polling')) { + $Queue = New-CippQueueEntry -Name 'Audit Log Collection' -Reference 'AuditLogCollection' -TotalTasks ($AuditLogSearches).Count + $Batch = $AuditLogSearches | Sort-Object -Property Tenant -Unique | Select-Object @{Name = 'TenantFilter'; Expression = { $_.Tenant } }, @{Name = 'QueueId'; Expression = { $Queue.RowKey } }, @{Name = 'FunctionName'; Expression = { 'AuditLogTenant' } } + + $InputObject = [PSCustomObject]@{ + OrchestratorName = 'AuditLogs' + Batch = @($Batch) + SkipLog = $true + } Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) } } From 29aca148f8a04ff34bbe1e6a2b43acd257b34c51 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 21 Nov 2024 21:33:52 -0500 Subject: [PATCH 088/290] fix graph request Add conditions for nextLink being used Omit empty query string params --- Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 | 2 +- .../Public/GraphRequests/Get-GraphRequestList.ps1 | 13 ++++++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 index 59c1174be052..6154119e56a4 100644 --- a/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1 @@ -22,7 +22,7 @@ function Add-CIPPScheduledTask { $Parameters = [System.Collections.Hashtable]@{} foreach ($Key in $task.Parameters.PSObject.Properties.Name) { $Param = $task.Parameters.$Key - if ($Param -is [System.Collections.IDictionary]) { + if ($Param -is [System.Collections.IDictionary] -or $Param.Key) { $ht = @{} foreach ($p in $Param.GetEnumerator()) { $ht[$p.Key] = $p.Value diff --git a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 index d32c1ff87f34..b577d6d6eb27 100644 --- a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 +++ b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 @@ -85,7 +85,12 @@ function Get-GraphRequestList { $GraphQuery = [System.UriBuilder]('https://graph.microsoft.com/{0}/{1}' -f $Version, $Endpoint) $ParamCollection = [System.Web.HttpUtility]::ParseQueryString([String]::Empty) foreach ($Item in ($Parameters.GetEnumerator() | Sort-Object -CaseSensitive -Property Key)) { - $ParamCollection.Add($Item.Key, $Item.Value) + if ($Item.Value -is [System.Boolean]) { + $Item.Value = $Item.Value.ToString().ToLower() + } + if ($Item.Value) { + $ParamCollection.Add($Item.Key, $Item.Value) + } } $GraphQuery.Query = $ParamCollection.ToString() $PartitionKey = Get-StringHash -String (@($Endpoint, $ParamCollection.ToString()) -join '-') @@ -246,6 +251,7 @@ function Get-GraphRequestList { default { try { $QueueThresholdExceeded = $false + if ($Parameters.'$count' -and !$SkipCache -and !$NoPagination) { if ($Count -gt $singleTenantThreshold) { $QueueThresholdExceeded = $true @@ -290,7 +296,7 @@ function Get-GraphRequestList { if (!$QueueThresholdExceeded) { #nextLink should ONLY be used in direct calls with manual pagination. It should not be used in queueing - if ($nextLink) { $GraphRequest.uri = $nextLink } + if ($NoPagination.IsPresent -and $nextLink -match '^https://.+') { $GraphRequest.uri = $nextLink } $GraphRequestResults = New-GraphGetRequest @GraphRequest -Caller 'Get-GraphRequestList' -ErrorAction Stop $GraphRequestResults = $GraphRequestResults | Select-Object *, @{n = 'Tenant'; e = { $TenantFilter } }, @{n = 'CippStatus'; e = { 'Good' } } @@ -313,7 +319,8 @@ function Get-GraphRequestList { } } catch { - throw $_.Exception + $Message = ('Exception at {0}:{1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message) + throw $Message } } } From 86ffe9f10ee6ac681f4d26182dd1c9040a78a26a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 21 Nov 2024 21:56:40 -0500 Subject: [PATCH 089/290] add force to update-azdatatableentity --- .../Orchestrator Functions/Start-UserTasksOrchestrator.ps1 | 3 --- 1 file changed, 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 index b12b688e56d7..0578b3739d43 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 @@ -23,9 +23,6 @@ function Start-UserTasksOrchestrator { TaskState = 'Running' } $task.Parameters = $task.Parameters | ConvertFrom-Json -AsHashtable - if ($task.Parameters.Parameters) { - $task.Parameters.Parameters = $task.Parameters.Parameters | ConvertTo-Json -Depth 5 | ConvertFrom-Json -AsHashtable - } $task.AdditionalProperties = $task.AdditionalProperties | ConvertFrom-Json if (!$task.Parameters) { $task.Parameters = @{} } From 20d2ab646162fa825a8f14d90f7bca36023dbdc2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Fri, 22 Nov 2024 12:38:36 +0100 Subject: [PATCH 090/290] added error code --- Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index 50552c40efdf..e495bd7e0dee 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -59,6 +59,7 @@ function Get-NormalizedError { '*Your tenant is not licensed for this feature.*' { 'Required license not available for this tenant' } '*AADSTS65001*' { 'We cannot access this tenant as consent has not been given, please try refreshing the CPV permissions in the application settings menu.' } '*AADSTS700082*' { 'The CIPP user access token has expired. Run the SAM Setup wizard to refresh your tokens.' } + '*Account is not provisioned.' { 'The account is not provisioned. You do not the correct M365 license to access this information..' } Default { $message } } From 02e440eca8256ea39e1fa5592c624aa3055dd0f0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Fri, 22 Nov 2024 19:05:34 +0100 Subject: [PATCH 091/290] api updates --- .../CIPP/Core/Invoke-GetCippAlerts.ps1 | 41 +++++++++++++++---- 1 file changed, 34 insertions(+), 7 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 index 3b9c28cd2c20..a9408c97ddde 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 @@ -20,22 +20,49 @@ Function Invoke-GetCippAlerts { $CIPPVersion = $Request.Query.localversion $Version = Assert-CippVersion -CIPPVersion $CIPPVersion if ($Version.OutOfDateCIPP) { - $Alerts.Add(@{Alert = 'Your CIPP Frontend is out of date. Please update to the latest version. Find more on the following '; link = 'https://docs.cipp.app/setup/installation/updating'; type = 'warning' }) + $Alerts.Add(@{ + title = 'CIPP Frontend Out of Date' + Alert = 'Your CIPP Frontend is out of date. Please update to the latest version. Find more on the following ' + link = 'https://docs.cipp.app/setup/installation/updating' + type = 'warning' + }) Write-LogMessage -message 'Your CIPP Frontend is out of date. Please update to the latest version' -API 'Updates' -tenant 'All Tenants' -sev Alert } if ($Version.OutOfDateCIPPAPI) { - $Alerts.Add(@{Alert = 'Your CIPP API is out of date. Please update to the latest version. Find more on the following'; link = 'https://docs.cipp.app/setup/installation/updating'; type = 'warning' }) + $Alerts.Add(@{ + title = 'CIPP API Out of Date' + Alert = 'Your CIPP API is out of date. Please update to the latest version. Find more on the following' + link = 'https://docs.cipp.app/setup/installation/updating' + type = 'warning' + }) Write-LogMessage -message 'Your CIPP API is out of date. Please update to the latest version' -API 'Updates' -tenant 'All Tenants' -sev Alert } - if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.'; link = '/cipp/setup'; type = 'warning'; setupCompleted = $false }) } - if ($role -like '*superadmin*') { $Alerts.Add(@{Alert = 'You are logged in under a superadmin account. This account should not be used for normal usage.'; link = 'https://docs.cipp.app/setup/installation/owntenant'; type = 'error' }) } + if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { + $Alerts.Add(@{ + title = 'SAM Setup Incomplete' + Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.' + link = '/cipp/setup' + type = 'warning' + setupCompleted = $false + }) + } + if ($role -like '*superadmin*') { + $Alerts.Add(@{ + title = 'Superadmin Account Warning' + Alert = 'You are logged in under a superadmin account. This account should not be used for normal usage.' + link = 'https://docs.cipp.app/setup/installation/owntenant' + type = 'error' + }) + } if ($env:WEBSITE_RUN_FROM_PACKAGE -ne '1' -and $env:AzureWebJobsStorage -ne 'UseDevelopmentStorage=true') { $Alerts.Add( - @{Alert = 'Your Function App is running in write mode. This will cause performance issues and increase cost. Please check this ' - link = 'https://docs.cipp.app/setup/installation/runfrompackage' - type = 'warning' + @{ + title = 'Function App in Write Mode' + Alert = 'Your Function App is running in write mode. This will cause performance issues and increase cost. Please check this ' + link = 'https://docs.cipp.app/setup/installation/runfrompackage' + type = 'warning' }) } if ($Rows) { $Rows | ForEach-Object { $Alerts.Add($_) } } From 03cef0e5965bba98d5115587a6dde85e475decdd Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 22 Nov 2024 13:06:04 -0500 Subject: [PATCH 092/290] Update Invoke-ListFunctionParameters.ps1 --- .../Public/Entrypoints/Invoke-ListFunctionParameters.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionParameters.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionParameters.ps1 index dcb21450d67d..4f70f3c53929 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionParameters.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionParameters.ps1 @@ -63,6 +63,7 @@ function Invoke-ListFunctionParameters { Name = $Key Type = $Param.ParameterType.FullName Description = $ParamHelp.description + Required = $Param.Attributes.Mandatory } } } From 3f2e28b40fa25423babaf4e8f07dda6c3287c5bc Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Fri, 22 Nov 2024 23:03:06 +0100 Subject: [PATCH 093/290] toasting --- .../Tenant/Invoke-ListTenantDetails.ps1 | 43 +++++++------------ .../GraphHelper/Get-NormalizedError.ps1 | 1 + 2 files changed, 17 insertions(+), 27 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenantDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenantDetails.ps1 index 001c8ac2cbcd..2b63da2523bd 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenantDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenantDetails.ps1 @@ -14,38 +14,27 @@ Function Invoke-ListTenantDetails { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $tenantfilter = $Request.Query.TenantFilter + try { - $tenantfilter = $Request.Query.TenantFilter $org = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/organization' -tenantid $tenantfilter | Select-Object displayName, id, city, country, countryLetterCode, street, state, postalCode, @{ Name = 'businessPhones'; Expression = { $_.businessPhones -join ', ' } }, @{ Name = 'technicalNotificationMails'; Expression = { $_.technicalNotificationMails -join ', ' } }, tenantType, createdDateTime, onPremisesLastPasswordSyncDateTime, onPremisesLastSyncDateTime, onPremisesSyncEnabled, assignedPlans - } catch { - $org = [PSCustomObject]@{ - displayName = 'Error loading tenant' - id = '' - city = '' - country = '' - countryLetterCode = '' - street = '' - state = '' - postalCode = '' - businessPhones = '' - technicalNotificationMails = '' - createdDateTime = '' - onPremisesLastPasswordSyncDateTime = '' - onPremisesLastSyncDateTime = '' - onPremisesSyncEnabled = '' - assignedPlans = @() - } - } finally { - $Body = $org - } - - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $Body - }) + # Respond with the successful output + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $org + }) + } catch { + # Log the exception message + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Error: $($_.Exception.Message)" -Sev 'Error' + # Respond with a 500 error and include the exception message in the response body + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::InternalServerError + Body = Get-NormalizedError -message $_.Exception.Message + }) + } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index e495bd7e0dee..3671ed9cbb91 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -60,6 +60,7 @@ function Get-NormalizedError { '*AADSTS65001*' { 'We cannot access this tenant as consent has not been given, please try refreshing the CPV permissions in the application settings menu.' } '*AADSTS700082*' { 'The CIPP user access token has expired. Run the SAM Setup wizard to refresh your tokens.' } '*Account is not provisioned.' { 'The account is not provisioned. You do not the correct M365 license to access this information..' } + '*AADSTS5000224*' { 'This resource is not available - Has this tenant been deleted?' } Default { $message } } From ef83f0d3b76b07053c5ada78c6da1fe7b98dea54 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 22 Nov 2024 22:54:55 -0500 Subject: [PATCH 094/290] sort presets --- .../Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 index 1212c03efee0..e6ed4a942954 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 @@ -18,7 +18,7 @@ Function Invoke-ListGraphExplorerPresets { Write-Host 'PowerShell HTTP trigger function processed a request.' try { $Table = Get-CIPPTable -TableName 'GraphPresets' - $Presets = Get-CIPPAzDataTableEntity @Table -Filter "Owner eq '$Username' or IsShared eq true" + $Presets = Get-CIPPAzDataTableEntity @Table -Filter "Owner eq '$Username' or IsShared eq true" | Sort-Object -Property name $Results = foreach ($Preset in $Presets) { [PSCustomObject]@{ id = $Preset.Id From 4b35ae0421fd54a1a8208bd76fea5a8ae522e473 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 22 Nov 2024 22:55:10 -0500 Subject: [PATCH 095/290] allow photo to be queried on any tenant --- .../Administration/Users/Invoke-ListUserPhoto.ps1 | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 index 18d63b6cbeb9..3881208d6a5b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserPhoto.ps1 @@ -10,22 +10,10 @@ Function Invoke-ListUserPhoto { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' - - # Interact with query parameters or the body of the request. $tenantFilter = $Request.Query.TenantFilter $userId = $Request.Query.UserID - $URI = "/users/$userId/photo/`$value" - Write-Host $URI - #$ImageData = New-GraphGetRequest -uri $URI -tenantid $tenantFilter -noPagination $true - #Write-Host $ImageData $Requests = @( @{ @@ -35,7 +23,7 @@ Function Invoke-ListUserPhoto { } ) - $ImageData = New-GraphBulkRequest -Requests $Requests -tenantid $tenantFilter + $ImageData = New-GraphBulkRequest -Requests $Requests -tenantid $tenantFilter -NoAuthCheck $true #convert body from base64 to byte array $Body = [Convert]::FromBase64String($ImageData.body) From bc5d77abf9f579ffaa504e1f9ec8be6bc8c0ae23 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 23 Nov 2024 22:40:32 -0500 Subject: [PATCH 096/290] onboarding tweak --- .../Tenant/Administration/Invoke-ExecOnboardTenant.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 index 4cf6b08f6cec..8e971955b6e4 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 @@ -16,7 +16,7 @@ function Invoke-ExecOnboardTenant { try { $OnboardTable = Get-CIPPTable -TableName 'TenantOnboarding' - if ($Request.Query.Cancel -eq $true) { + if ($Request.Body.Cancel -eq $true) { $TenantOnboarding = Get-CIPPAzDataTableEntity @OnboardTable -Filter "RowKey eq '$Id'" if ($TenantOnboarding) { Remove-AzDataTableEntity -Force @OnboardTable -Entity $TenantOnboarding @@ -29,7 +29,7 @@ function Invoke-ExecOnboardTenant { } else { $TenMinutesAgo = (Get-Date).AddMinutes(-10).ToString('yyyy-MM-ddTHH:mm:ssZ') $TenantOnboarding = Get-CIPPAzDataTableEntity @OnboardTable -Filter "RowKey eq '$Id' and Timestamp ge datetime'$TenMinutesAgo'" - if (!$TenantOnboarding -or [bool]$Request.Query.Retry) { + if (!$TenantOnboarding -or [bool]$Request.Body.Retry) { $OnboardingSteps = [PSCustomObject]@{ 'Step1' = @{ 'Status' = 'pending' From f4f1933ecdee818b41f27be2efa55c37026f7978 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 25 Nov 2024 21:31:40 +0100 Subject: [PATCH 097/290] added normalized error --- Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 | 1 + 1 file changed, 1 insertion(+) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index 3671ed9cbb91..ba3a32ed919d 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -61,6 +61,7 @@ function Get-NormalizedError { '*AADSTS700082*' { 'The CIPP user access token has expired. Run the SAM Setup wizard to refresh your tokens.' } '*Account is not provisioned.' { 'The account is not provisioned. You do not the correct M365 license to access this information..' } '*AADSTS5000224*' { 'This resource is not available - Has this tenant been deleted?' } + '*AADSTS53003*' { 'Access has been blocked by Conditional Access policies. Please check the Conditional Access configuration documentation' } Default { $message } } From b9d06e79aaa0b5bf2dc2604aa35c2198558631fb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 25 Nov 2024 21:52:47 -0500 Subject: [PATCH 098/290] Refactor GDAP Role group bulk requests correct bug when suffix with spaces is used --- .../Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 | 76 +++++++++++++------ 1 file changed, 51 insertions(+), 25 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 index f2ca561c1b36..8dc6766caf5c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 @@ -13,46 +13,72 @@ Function Invoke-ExecAddGDAPRole { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $Groups = $Request.body.gdapRoles + $CustomSuffix = $Request.body.customSuffix $Table = Get-CIPPTable -TableName 'GDAPRoles' $Results = [System.Collections.Generic.List[string]]::new() + $Requests = [System.Collections.Generic.List[object]]::new() $ExistingGroups = New-GraphGetRequest -NoAuthCheck $True -uri 'https://graph.microsoft.com/beta/groups' -tenantid $env:TenantID -AsApp $true - $RoleMappings = foreach ($group in $Groups) { + $RoleMappings = foreach ($Group in $Groups) { + $RoleName = $Group.label ?? $Group.Name + $Value = $Group.value ?? $Group.ObjectId + if ($CustomSuffix) { - $GroupName = "M365 GDAP $($Group.Name) - $CustomSuffix" - $MailNickname = "M365GDAP$(($Group.Name).replace(' ',''))$($CustomSuffix)" + $GroupName = "M365 GDAP $($RoleName) - $CustomSuffix" + $MailNickname = "M365GDAP$(($RoleName).replace(' ',''))$($CustomSuffix.replace(' ',''))" } else { - $GroupName = "M365 GDAP $($Group.Name)" - $MailNickname = "M365GDAP$(($Group.Name).replace(' ',''))" + $GroupName = "M365 GDAP $($RoleName)" + $MailNickname = "M365GDAP$(($RoleName).replace(' ',''))" } - try { - if ($GroupName -in $ExistingGroups.displayName) { - @{ - PartitionKey = 'Roles' - RowKey = ($ExistingGroups | Where-Object -Property displayName -EQ $GroupName).id - RoleName = $Group.Name - GroupName = $GroupName - GroupId = ($ExistingGroups | Where-Object -Property displayName -EQ $GroupName).id - roleDefinitionId = $group.ObjectId - } - $Results.Add("M365 GDAP $($Group.Name) already exists") + + if ($GroupName -in $ExistingGroups.displayName) { + @{ + PartitionKey = 'Roles' + RowKey = ($ExistingGroups | Where-Object -Property displayName -EQ $GroupName).id + RoleName = $RoleName + GroupName = $GroupName + GroupId = ($ExistingGroups | Where-Object -Property displayName -EQ $GroupName).id + roleDefinitionId = $Value + } + $Results.Add("$GroupName already exists") + } else { + $Requests.Add(@{ + id = $Value + url = '/groups' + method = 'POST' + headers = @{ + 'Content-Type' = 'application/json' + } + body = @{ + displayName = $GroupName + description = "This group is used to manage M365 partner tenants at the $($RoleName) level." + securityEnabled = $true + mailEnabled = $false + mailNickname = $MailNickname + } + }) + } + } + + if ($Requests) { + $ReturnedData = New-GraphBulkRequest -Requests $Requests -tenantid $env:TenantID -NoAuthCheck $True -asapp $true + foreach ($Return in $ReturnedData) { + if ($Return.body.error) { + $Results.Add("Could not create GDAP group: $($Return.body.error.message)") } else { - $BodyToship = [pscustomobject] @{'displayName' = $GroupName; 'description' = "This group is used to manage M365 partner tenants at the $($group.name) level."; securityEnabled = $true; mailEnabled = $false; mailNickname = $MailNickname } | ConvertTo-Json - $GraphRequest = New-GraphPostRequest -NoAuthCheck $True -uri 'https://graph.microsoft.com/beta/groups' -tenantid $env:TenantID -type POST -body $BodyToship -AsApp $true + $GroupName = $Return.body.displayName @{ PartitionKey = 'Roles' - RowKey = $GraphRequest.Id - RoleName = $Group.Name - GroupName = $GroupName - GroupId = $GraphRequest.Id + RowKey = $Return.body.id + RoleName = $Return.body.displayName -replace '^M365 GDAP ', '' -replace " - $CustomSuffix$", '' + GroupName = $Return.body.displayName + GroupId = $Return.body.id roleDefinitionId = $group.ObjectId } - $Results.Add("$GroupName added successfully") + $Results.Add("Created $($GroupName)") } - } catch { - $Results.Add("Could not create GDAP group $($GroupName): $($_.Exception.Message)") } } From 038331563f2bdf0bac76310b77a6f256d3394c58 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 25 Nov 2024 21:53:31 -0500 Subject: [PATCH 099/290] add %appid% replace for cipp-sam application id --- .../Public/GraphRequests/Get-GraphRequestList.ps1 | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 index b577d6d6eb27..0d376eda8f9a 100644 --- a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 +++ b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 @@ -160,7 +160,19 @@ function Get-GraphRequestList { $GraphQuery = [System.UriBuilder]('https://graph.microsoft.com/{0}/{1}' -f $Version, $Endpoint) $ParamCollection = [System.Web.HttpUtility]::ParseQueryString([String]::Empty) foreach ($Item in ($Parameters.GetEnumerator() | Sort-Object -CaseSensitive -Property Key)) { - $ParamCollection.Add($Item.Key, $Item.Value) + $ParamCollection.Add($Item.Key, $Item.Value -replace '%tenantid%', $TenantId) + } + $GraphQuery.Query = $ParamCollection.ToString() + $GraphRequest.uri = $GraphQuery.ToString() + } + + if ($TenantFilter -ne 'AllTenants' -and $Endpoint -match '%appid%') { + Write-Information "Replacing AppId in endpoint with $env:ApplicationID" + $Endpoint = $Endpoint -replace '%appid%', $env:ApplicationID + $GraphQuery = [System.UriBuilder]('https://graph.microsoft.com/{0}/{1}' -f $Version, $Endpoint) + $ParamCollection = [System.Web.HttpUtility]::ParseQueryString([String]::Empty) + foreach ($Item in ($Parameters.GetEnumerator() | Sort-Object -CaseSensitive -Property Key)) { + $ParamCollection.Add($Item.Key, $Item.Value -replace '%appid%', $env:ApplicationID) } $GraphQuery.Query = $ParamCollection.ToString() $GraphRequest.uri = $GraphQuery.ToString() From ad0a0ac6f3ad0d327773a9744c0f683364f7949a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 26 Nov 2024 11:48:21 -0500 Subject: [PATCH 100/290] future client id stuff --- .../Public/Authentication/Test-CIPPAccess.ps1 | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 b/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 index acdaba4e0cee..f7eea3fda577 100644 --- a/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 +++ b/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 @@ -4,9 +4,26 @@ function Test-CIPPAccess { [switch]$TenantList ) if ($Request.Params.CIPPEndpoint -eq 'ExecSAMSetup') { return $true } - if (!$Request.Headers.'x-ms-client-principal') { + if (!$Request.Headers.'x-ms-client-principal' -or ($Request.Headers.'x-ms-client-principal-id' -and $Request.Headers.'x-ms-client-principal-idp' -eq 'aad')) { # Direct API Access + $IPAddress = $Request.Headers.'x-forwarded-for' -replace ':(?=[^:]*$)', '' -replace '[\[\]]', '' + Write-Information "API Access: AppId=$($Request.Headers.'x-ms-client-principal-id') IP=$IPAddress" + + # TODO: Implement API Client support, create Get-CippApiClient function + <#$Client = Get-CippApiClient -AppId $Request.Headers.'x-ms-client-principal-id' + if ($Client) { + if ($Client.AllowedIPs -contains $IPAddress -or $Client.AllowedIPs -contains 'All')) { + if ($Client.CustomRoles) { + $CustomRoles = @($Client.CustomRoles) + } else { + $CustomRoles = @('CIPP-API') + } + } else { + throw 'Access to this CIPP API endpoint is not allowed, the API Client does not have the required permission' + } + } else { #> $CustomRoles = @('CIPP-API') + # } } else { $DefaultRoles = @('admin', 'editor', 'readonly', 'anonymous', 'authenticated') $User = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Request.Headers.'x-ms-client-principal')) | ConvertFrom-Json From 234981fe46ebe13f69fddb92a9e2a7c1a9036c53 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 26 Nov 2024 12:37:17 -0500 Subject: [PATCH 101/290] Role templates --- .../GDAP/Invoke-ExecGDAPRoleTemplate.ps1 | 102 ++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 new file mode 100644 index 000000000000..848d5e42ce75 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 @@ -0,0 +1,102 @@ +using namespace System.Net + +Function Invoke-ExecGDAPRoleTemplate { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Tenant.Relationship.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $Table = Get-CIPPTable -TableName 'GDAPRoleTemplates' + $Templates = Get-CIPPAzDataTableEntity @Table + + switch ($Request.Query.Action) { + 'Add' { + $RowKey = ($Request.Body | Select-Object -First 1 -ExpandProperty TemplateId).value + $RoleMappings = $Request.Body | Select-Object -ExcludeProperty TemplateId + if ($Templates.RowKey -contains $RowKey) { + $ExistingTemplate = $Templates | Where-Object -Property RowKey -EQ $RowKey + $ExistingRoleMappings = $ExistingTemplate.RoleMappings | ConvertFrom-Json + $NewRoleMappings = [System.Collections.Generic.List[object]]@() + + $ExistingRoleMappings | ForEach-Object { + $NewRoleMappings.Add($_) + } + # Merge the new role mappings with the existing role mappings, exclude ones that have a duplicate roleDefinitionId + $RoleMappings | ForEach-Object { + if ($_.roleDefinitionId -notin $ExistingRoleMappings.roleDefinitionId) { + $NewRoleMappings.Add($_) + } + } + $NewRoleMappings = @($NewRoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress + $ExistingTemplate.RoleMappings = [string]$NewRoleMappings + $Template = $ExistingTemplate + } else { + $Template = [PSCustomObject]@{ + PartitionKey = 'RoleTemplate' + RowKey = $RowKey + RoleMappings = [string](@($RoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress) + } + } + Add-CIPPAzDataTableEntity @Table -Entity $Template -Force + Write-Information ($Template | ConvertTo-Json) + $Body = @{ + Results = "Added role mappings to template $RowKey" + } + } + 'Edit' { + $RowKey = $Request.Body.TemplateId + $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey + if ($Template) { + $RoleMappings = $Request.Body.RoleMappings + $Template.RoleMappings = [string](@($RoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress) + Add-CIPPAzDataTableEntity @Table -Entity $Template -Force + $Body = @{ + Results = "Updated role mappings for template $RowKey" + } + } else { + $Body = @{ + Results = "Template $RowKey not found" + } + } + } + 'Delete' { + $RowKey = $Request.Query.TemplateId + $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey + if ($Template) { + Remove-AzDataTableEntity -Force @Table -Entity $Template + $Body = @{ + Results = "Deleted template $RowKey" + } + } else { + $Body = @{ + Results = "Template $RowKey not found" + } + } + } + default { + $Results = foreach ($Template in $Templates) { + [PSCustomObject]@{ + TemplateId = $Template.RowKey + RoleMappings = @($Template.RoleMappings | ConvertFrom-Json) + } + } + $Body = @{ + Results = @($Results) + Metadata = @{ + Count = $Results.Count + } + } + } + } + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $Body + }) + +} From 2d12b2b7b7ac4f6125f9998c4a41eea71508d110 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 26 Nov 2024 12:42:01 -0500 Subject: [PATCH 102/290] Update Invoke-ExecGDAPRoleTemplate.ps1 --- .../HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 index 848d5e42ce75..8bb6947473cd 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 @@ -64,7 +64,7 @@ Function Invoke-ExecGDAPRoleTemplate { } } 'Delete' { - $RowKey = $Request.Query.TemplateId + $RowKey = $Request.Body.TemplateId $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey if ($Template) { Remove-AzDataTableEntity -Force @Table -Entity $Template From 762dd4e07f751607468f5e6b4f113d3fae45ddde Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 28 Nov 2024 01:23:53 -0500 Subject: [PATCH 103/290] GDAP API update --- .../Public/Add-CIPPGDAPRoleTemplate.ps1 | 43 +++++++ .../Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 | 24 +++- .../Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 | 2 +- .../GDAP/Invoke-ExecGDAPRoleTemplate.ps1 | 117 ++++++++---------- 4 files changed, 118 insertions(+), 68 deletions(-) create mode 100644 Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 diff --git a/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 new file mode 100644 index 000000000000..e1c4ca9dd236 --- /dev/null +++ b/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 @@ -0,0 +1,43 @@ +function Add-CIPPGDAPRoleTemplate { + <# + .SYNOPSIS + This function is used to add a new role template + + .FUNCTIONALITY + Internal + #> + [CmdletBinding()] + param( + $TemplateId, + $RoleMappings, + [switch]$Overwrite + ) + + $Table = Get-CIPPTable -TableName 'GDAPRoleTemplates' + $Templates = Get-CIPPAzDataTableEntity @Table + if ($Templates.RowKey -contains $RowKey -and !$Overwrite.IsPresent) { + $ExistingTemplate = $Templates | Where-Object -Property RowKey -EQ $RowKey + $ExistingRoleMappings = $ExistingTemplate.RoleMappings | ConvertFrom-Json + $NewRoleMappings = [System.Collections.Generic.List[object]]@() + + $ExistingRoleMappings | ForEach-Object { + $NewRoleMappings.Add($_) + } + # Merge the new role mappings with the existing role mappings, exclude ones that have a duplicate roleDefinitionId + $RoleMappings | ForEach-Object { + if ($_.roleDefinitionId -notin $ExistingRoleMappings.roleDefinitionId) { + $NewRoleMappings.Add($_) + } + } + $NewRoleMappings = @($NewRoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress + $ExistingTemplate.RoleMappings = [string]$NewRoleMappings + $Template = $ExistingTemplate + } else { + $Template = [PSCustomObject]@{ + PartitionKey = 'RoleTemplate' + RowKey = $TemplateId + RoleMappings = [string](@($RoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress) + } + } + Add-CIPPAzDataTableEntity @Table -Entity $Template -Force +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 index 8dc6766caf5c..94c105e48d0e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 @@ -12,7 +12,23 @@ Function Invoke-ExecAddGDAPRole { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Groups = $Request.body.gdapRoles + + $CippDefaults = @( + @{ label = 'Application Administrator'; value = '9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3' }, + @{ label = 'User Administrator'; value = 'fe930be7-5e62-47db-91af-98c3a49a38b1' }, + @{ label = 'Intune Administrator'; value = '3a2c62db-5318-420d-8d74-23affee5d9d5' }, + @{ label = 'Exchange Administrator'; value = '29232cdf-9323-42fd-ade2-1d097af3e4de' }, + @{ label = 'Security Administrator'; value = '194ae4cb-b126-40b2-bd5b-6091b380977d' }, + @{ label = 'Cloud App Security Administrator'; value = '892c5842-a9a6-463a-8041-72aa08ca3cf6' }, + @{ label = 'Cloud Device Administrator'; value = '7698a772-787b-4ac8-901f-60d6b08affd2' }, + @{ label = 'Teams Administrator'; value = '69091246-20e8-4a56-aa4d-066075b2a7a8' }, + @{ label = 'Sharepoint Administrator'; value = 'f28a1f50-f6e7-4571-818b-6a12f2af6b6c' }, + @{ label = 'Authentication Policy Administrator'; value = '0526716b-113d-4c15-b2c8-68e3c22b9f80' }, + @{ label = 'Privileged Role Administrator'; value = 'e8611ab8-c189-46e8-94e1-60213ab1f814' }, + @{ label = 'Privileged Authentication Administrator'; value = '7be44c8a-adaf-4e2a-84d6-ab2649e08a13' } + ) + + $Groups = $Request.body.gdapRoles ?? $CippDefaults $CustomSuffix = $Request.body.customSuffix $Table = Get-CIPPTable -TableName 'GDAPRoles' @@ -81,9 +97,13 @@ Function Invoke-ExecAddGDAPRole { } } } - Add-CIPPAzDataTableEntity @Table -Entity $RoleMappings -Force + if ($Request.Body.templateId) { + Add-CIPPGDAPRoleTemplate -TemplateId $Request.Body.templateId -RoleMappings ($RoleMappings | Select-Object -Property RoleName, GroupName, GroupId, roleDefinitionId) + $Results.Add("Added role mappings to template $($Request.Body.templateId)") + } + $body = @{Results = @($Results) } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 index f93ae96552ba..cb5b9d7675a7 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 @@ -12,7 +12,7 @@ Function Invoke-ExecGDAPInvite { $APIName = 'ExecGDAPInvite' Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $RoleMappings = $Request.Body.gdapRoles + $RoleMappings = $Request.Body.roleMappings if ($RoleMappings.roleDefinitionId -contains '62e90394-69f5-4237-9190-012177145e10') { $AutoExtendDuration = 'PT0S' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 index 8bb6947473cd..49682d143e8e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 @@ -13,81 +13,68 @@ Function Invoke-ExecGDAPRoleTemplate { $Table = Get-CIPPTable -TableName 'GDAPRoleTemplates' $Templates = Get-CIPPAzDataTableEntity @Table - switch ($Request.Query.Action) { - 'Add' { - $RowKey = ($Request.Body | Select-Object -First 1 -ExpandProperty TemplateId).value - $RoleMappings = $Request.Body | Select-Object -ExcludeProperty TemplateId - if ($Templates.RowKey -contains $RowKey) { - $ExistingTemplate = $Templates | Where-Object -Property RowKey -EQ $RowKey - $ExistingRoleMappings = $ExistingTemplate.RoleMappings | ConvertFrom-Json - $NewRoleMappings = [System.Collections.Generic.List[object]]@() - - $ExistingRoleMappings | ForEach-Object { - $NewRoleMappings.Add($_) - } - # Merge the new role mappings with the existing role mappings, exclude ones that have a duplicate roleDefinitionId - $RoleMappings | ForEach-Object { - if ($_.roleDefinitionId -notin $ExistingRoleMappings.roleDefinitionId) { - $NewRoleMappings.Add($_) - } - } - $NewRoleMappings = @($NewRoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress - $ExistingTemplate.RoleMappings = [string]$NewRoleMappings - $Template = $ExistingTemplate - } else { - $Template = [PSCustomObject]@{ - PartitionKey = 'RoleTemplate' - RowKey = $RowKey - RoleMappings = [string](@($RoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress) - } - } - Add-CIPPAzDataTableEntity @Table -Entity $Template -Force - Write-Information ($Template | ConvertTo-Json) + if ($Request.Query.TemplateId) { + $Template = $Templates | Where-Object -Property RowKey -EQ $Request.Query.TemplateId + if (!$Template) { + $Body = @{} + } else { $Body = @{ - Results = "Added role mappings to template $RowKey" + TemplateId = $Template.RowKey + RoleMappings = @($Template.RoleMappings | ConvertFrom-Json) } } - 'Edit' { - $RowKey = $Request.Body.TemplateId - $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey - if ($Template) { - $RoleMappings = $Request.Body.RoleMappings - $Template.RoleMappings = [string](@($RoleMappings | Sort-Object -Property GroupName) | ConvertTo-Json -Compress) - Add-CIPPAzDataTableEntity @Table -Entity $Template -Force + } else { + switch ($Request.Query.Action) { + 'Add' { + $RowKey = ($Request.Body | Select-Object -First 1 -ExpandProperty TemplateId).value ?? $Request.Body.TemplateId + $RoleMappings = $Request.Body.roleMappings ?? $Request.Body | Select-Object -ExcludeProperty TemplateId + Add-CIPPGDAPRoleTemplate -TemplateId $RowKey -RoleMappings $RoleMappings + Write-Information ($Template | ConvertTo-Json) $Body = @{ - Results = "Updated role mappings for template $RowKey" - } - } else { - $Body = @{ - Results = "Template $RowKey not found" + Results = "Added role mappings to template $RowKey" } } - } - 'Delete' { - $RowKey = $Request.Body.TemplateId - $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey - if ($Template) { - Remove-AzDataTableEntity -Force @Table -Entity $Template - $Body = @{ - Results = "Deleted template $RowKey" - } - } else { - $Body = @{ - Results = "Template $RowKey not found" + 'Edit' { + $RowKey = $Request.Body.TemplateId + $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey + if ($Template) { + $RoleMappings = $Request.Body.RoleMappings + Add-CIPPGDAPRoleTemplate -TemplateId $RowKey -RoleMappings $RoleMappings -Overwrite + $Body = @{ + Results = "Updated role mappings for template $RowKey" + } + } else { + $Body = @{ + Results = "Template $RowKey not found" + } } } - } - default { - $Results = foreach ($Template in $Templates) { - [PSCustomObject]@{ - TemplateId = $Template.RowKey - RoleMappings = @($Template.RoleMappings | ConvertFrom-Json) + 'Delete' { + $RowKey = $Request.Body.TemplateId + $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey + if ($Template) { + Remove-AzDataTableEntity -Force @Table -Entity $Template + $Body = @{ + Results = "Deleted template $RowKey" + } + } else { + $Body = @{ + Results = "Template $RowKey not found" + } } } - $Body = @{ - Results = @($Results) - Metadata = @{ - Count = $Results.Count + default { + $Results = foreach ($Template in $Templates) { + [PSCustomObject]@{ + TemplateId = $Template.RowKey + RoleMappings = @($Template.RoleMappings | ConvertFrom-Json) + } + } + $Body = @{ + Results = @($Results) + Metadata = @{ + Count = $Results.Count + } } } } From 4b127c6518093e922ca30296e8908cad0ed3944f Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 28 Nov 2024 20:57:33 +0100 Subject: [PATCH 104/290] fix for new tenantfilter --- .../Application Approval/Invoke-ExecAddMultiTenantApp.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Application Approval/Invoke-ExecAddMultiTenantApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Application Approval/Invoke-ExecAddMultiTenantApp.ps1 index dd03e24f8b3d..f614bee7290e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Application Approval/Invoke-ExecAddMultiTenantApp.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Application Approval/Invoke-ExecAddMultiTenantApp.ps1 @@ -22,10 +22,10 @@ function Invoke-ExecAddMultiTenantApp { } else { $Command = 'ExecAddMultiTenantApp' } - if ('allTenants' -in $Request.Body.SelectedTenants.defaultDomainName) { + if ('allTenants' -in $Request.Body.tenantFilter.value) { $TenantFilter = (Get-Tenants).defaultDomainName } else { - $TenantFilter = $Request.Body.SelectedTenants.defaultDomainName + $TenantFilter = $Request.Body.tenantFilter.value } $TenantCount = ($TenantFilter | Measure-Object).Count From 16ae521988e32632eb4763e692e8214dd631079d Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sun, 1 Dec 2024 22:09:42 +0100 Subject: [PATCH 105/290] named location --- .../Tenant/Conditional/Invoke-AddNamedLocation.ps1 | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddNamedLocation.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddNamedLocation.ps1 index 47dd98aa75dd..bdf30b746d29 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddNamedLocation.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddNamedLocation.ps1 @@ -18,7 +18,7 @@ Function Invoke-AddNamedLocation { Write-Host 'PowerShell HTTP trigger function processed a request.' # Input bindings are passed in via param block. - $Tenants = $request.body.selectedTenants.defaultDomainName + $Tenants = $request.body.selectedTenants.value Write-Host ($Request.body | ConvertTo-Json) if ($Tenants -eq 'AllTenants') { $Tenants = (Get-Tenants).defaultDomainName } $results = foreach ($Tenant in $tenants) { @@ -32,8 +32,7 @@ Function Invoke-AddNamedLocation { ipRanges = @($IPRanges) isTrusted = $Request.body.Trusted } - } - else { + } else { [pscustomobject]@{ '@odata.type' = '#microsoft.graph.countryNamedLocation' displayName = $request.body.policyName @@ -46,8 +45,7 @@ Function Invoke-AddNamedLocation { "Successfully added Named Location for $($Tenant)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Added Named Location $($Displayname)" -Sev 'Info' - } - catch { + } catch { "Failed to add Named Location $($Tenant): $($_.Exception.Message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Failed adding Named Location$($Displayname). Error: $($_.Exception.Message)" -Sev 'Error' continue From d8639ad05f8bef2c6e78028f457fc752e9a9bc72 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Sun, 1 Dec 2024 23:59:51 +0100 Subject: [PATCH 106/290] defender deployment --- .../Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 index 59527aa0dc92..3f8574550d21 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 @@ -13,7 +13,7 @@ Function Invoke-AddDefenderDeployment { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenants = ($Request.body.selectedTenants).defaultDomainName + $Tenants = ($Request.body.selectedTenants).value if ('AllTenants' -in $Tenants) { $Tenants = (Get-Tenants).defaultDomainName } $Compliance = $request.body.Compliance $PolicySettings = $request.body.Policy From d7b34eedb42465de5a4abfeef54a1ef208d884de Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 1 Dec 2024 21:50:30 -0500 Subject: [PATCH 107/290] onboarding and role mapping --- .../Push-ExecOnboardTenantQueue.ps1 | 8 +++++--- .../Administration/Invoke-ExecOnboardTenant.ps1 | 1 + .../Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 | 13 ++++++++++--- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 index 5c18cbe54d21..48740a33b0a9 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 @@ -101,9 +101,11 @@ Function Push-ExecOnboardTenantQueue { } if (($MissingRoles | Measure-Object).Count -gt 0) { $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Missing roles for relationship' }) - $TenantOnboarding.Status = 'failed' - $OnboardingSteps.Step2.Status = 'failed' - $OnboardingSteps.Step2.Message = "Your GDAP relationship is missing the following roles: $($MissingRoles -join ', ')" + if ($QueueItem.IgnoreMissingRoles -ne $true) { + $TenantOnboarding.Status = 'failed' + $OnboardingSteps.Step2.Status = 'failed' + $OnboardingSteps.Step2.Message = "Your GDAP relationship is missing the following roles: $($MissingRoles -join ', ')" + } } else { $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Required roles found' }) $OnboardingSteps.Step2.Status = 'succeeded' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 index 8e971955b6e4..c263ef85f1ff 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 @@ -74,6 +74,7 @@ function Invoke-ExecOnboardTenant { id = $Id Roles = $Request.Body.gdapRoles AddMissingGroups = $Request.Body.addMissingGroups + IgnoreMissingRoles = $Request.Body.ignoreMissingRoles AutoMapRoles = $Request.Body.autoMapRoles StandardsExcludeAllTenants = $Request.Body.standardsExcludeAllTenants } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 index 94c105e48d0e..6e96da6efcfe 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 @@ -77,10 +77,13 @@ Function Invoke-ExecAddGDAPRole { }) } } + if ($RoleMappings) { + Add-CIPPAzDataTableEntity @Table -Entity $RoleMappings -Force + } if ($Requests) { $ReturnedData = New-GraphBulkRequest -Requests $Requests -tenantid $env:TenantID -NoAuthCheck $True -asapp $true - foreach ($Return in $ReturnedData) { + $NewRoleMappings = foreach ($Return in $ReturnedData) { if ($Return.body.error) { $Results.Add("Could not create GDAP group: $($Return.body.error.message)") } else { @@ -91,13 +94,17 @@ Function Invoke-ExecAddGDAPRole { RoleName = $Return.body.displayName -replace '^M365 GDAP ', '' -replace " - $CustomSuffix$", '' GroupName = $Return.body.displayName GroupId = $Return.body.id - roleDefinitionId = $group.ObjectId + roleDefinitionId = $Return.id } $Results.Add("Created $($GroupName)") } } + Write-Information ($NewRoleMappings | ConvertTo-Json -Depth 10 -Compress) + if ($NewRoleMappings) { + Add-CIPPAzDataTableEntity @Table -Entity $NewRoleMappings -Force + } } - Add-CIPPAzDataTableEntity @Table -Entity $RoleMappings -Force + if ($Request.Body.templateId) { Add-CIPPGDAPRoleTemplate -TemplateId $Request.Body.templateId -RoleMappings ($RoleMappings | Select-Object -Property RoleName, GroupName, GroupId, roleDefinitionId) From 66026b818e2adf31f4d85557146c03e90f50d2eb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 2 Dec 2024 09:38:51 -0500 Subject: [PATCH 108/290] onboarding url --- .../HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 index cb5b9d7675a7..f75d821003e4 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 @@ -58,8 +58,7 @@ Function Invoke-ExecGDAPInvite { $InviteUrl = "https://admin.microsoft.com/AdminPortal/Home#/partners/invitation/granularAdminRelationships/$($NewRelationship.id)" try { $Uri = ([System.Uri]$TriggerMetadata.Headers.Referer) - $TableFilter = [System.Web.HttpUtility]::UrlEncode(('Complex: id eq {0}' -f $NewRelationship.id)) - $OnboardingUrl = $Uri.AbsoluteUri.Replace($Uri.PathAndQuery, "/tenant/administration/tenant-onboarding-wizard?tableFilter=$TableFilter") + $OnboardingUrl = $Uri.AbsoluteUri.Replace($Uri.PathAndQuery, "/tenant/gdap-management/onboarding/start?id=$($NewRelationship.id)") } catch { $OnboardingUrl = $null } From a100fd54b771f680ef4c09032b4930304c230bc6 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 2 Dec 2024 10:48:28 -0500 Subject: [PATCH 109/290] role mappings --- .../CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 | 8 ++++++-- .../Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 | 13 ++++++++++--- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 index e1c4ca9dd236..4c01b85cb78c 100644 --- a/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPGDAPRoleTemplate.ps1 @@ -15,9 +15,13 @@ function Add-CIPPGDAPRoleTemplate { $Table = Get-CIPPTable -TableName 'GDAPRoleTemplates' $Templates = Get-CIPPAzDataTableEntity @Table - if ($Templates.RowKey -contains $RowKey -and !$Overwrite.IsPresent) { + if ($Templates.RowKey -contains $TemplateId -and !$Overwrite.IsPresent) { $ExistingTemplate = $Templates | Where-Object -Property RowKey -EQ $RowKey - $ExistingRoleMappings = $ExistingTemplate.RoleMappings | ConvertFrom-Json + try { + $ExistingRoleMappings = $ExistingTemplate.RoleMappings | ConvertFrom-Json + } catch { + $ExistingRoleMappings = @() + } $NewRoleMappings = [System.Collections.Generic.List[object]]@() $ExistingRoleMappings | ForEach-Object { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 index 6e96da6efcfe..889b79f232c6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAddGDAPRole.ps1 @@ -37,7 +37,7 @@ Function Invoke-ExecAddGDAPRole { $Requests = [System.Collections.Generic.List[object]]::new() $ExistingGroups = New-GraphGetRequest -NoAuthCheck $True -uri 'https://graph.microsoft.com/beta/groups' -tenantid $env:TenantID -AsApp $true - $RoleMappings = foreach ($Group in $Groups) { + $ExistingRoleMappings = foreach ($Group in $Groups) { $RoleName = $Group.label ?? $Group.Name $Value = $Group.value ?? $Group.ObjectId @@ -77,8 +77,8 @@ Function Invoke-ExecAddGDAPRole { }) } } - if ($RoleMappings) { - Add-CIPPAzDataTableEntity @Table -Entity $RoleMappings -Force + if ($ExistingRoleMappings) { + Add-CIPPAzDataTableEntity @Table -Entity $ExistingRoleMappings -Force } if ($Requests) { @@ -105,6 +105,13 @@ Function Invoke-ExecAddGDAPRole { } } + $RoleMappings = [System.Collections.Generic.List[object]]::new() + if ($ExistingRoleMappings) { + $RoleMappings.AddRange($ExistingRoleMappings) + } + if ($NewRoleMappings) { + $RoleMappings.AddRange($NewRoleMappings) + } if ($Request.Body.templateId) { Add-CIPPGDAPRoleTemplate -TemplateId $Request.Body.templateId -RoleMappings ($RoleMappings | Select-Object -Property RoleName, GroupName, GroupId, roleDefinitionId) From f3b93e2c7debc63cb21997741405ca6262e63fa7 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 2 Dec 2024 16:56:31 +0100 Subject: [PATCH 110/290] fix defender deployment --- .../MEM/Invoke-AddDefenderDeployment.ps1 | 333 +++++++++--------- 1 file changed, 168 insertions(+), 165 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 index 3f8574550d21..f89edf45c78d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1 @@ -43,192 +43,195 @@ Function Invoke-AddDefenderDeployment { "$($Tenant): Successfully set Defender Compliance and Reporting settings" } - - $Settings = switch ($PolicySettings) { - { $_.ScanArchives } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_1'; settingValueTemplateReference = @{settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' } } } - } { $_.AllowBehavior } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowbehaviormonitoring' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowbehaviormonitoring_1'; settingValueTemplateReference = @{settingValueTemplateId = '905921da-95e2-4a10-9e30-fe5540002ce1' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '8eef615a-1aa0-46f4-a25a-12cbe65de5ab' } } } - } { $_.AllowCloudProtection } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowcloudprotection'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowcloudprotection_1'; settingValueTemplateReference = @{settingValueTemplateId = '16fe8afd-67be-4c50-8619-d535451a500c' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '7da139f1-9b7e-407d-853a-c2e5037cdc70' } } } - } { $_.AllowEmailScanning } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowemailscanning' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowemailscanning_1'; settingValueTemplateReference = @{settingValueTemplateId = 'fdf107fd-e13b-4507-9d8f-db4d93476af9' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'b0d9ee81-de6a-4750-86d7-9397961c9852' } } } - } { $_.AllowFullScanNetwork } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowfullscanonmappednetworkdrives' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowfullscanonmappednetworkdrives_1' ; settingValueTemplateReference = @{settingValueTemplateId = '3e920b10-3773-4ac5-957e-e5573aec6d04' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'dac47505-f072-48d6-9f23-8d93262d58ed' } } } - } { $_.AllowFullScanRemovable } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowfullscanremovabledrivescanning' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowfullscanremovabledrivescanning_1' ; settingValueTemplateReference = @{settingValueTemplateId = '366c5727-629b-4a81-b50b-52f90282fa2c' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'fb36e70b-5bc9-488a-a949-8ea3ac1634d5' } } } - } { $_.AllowIPS } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowintrusionpreventionsystem' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowintrusionpreventionsystem_1'; settingValueTemplateReference = @{settingValueTemplateId = '03738a99-7065-44cb-ba1e-93530ed906a7' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'd47f06e2-5378-43f2-adbc-e924538f1512' } } } - } { $_.AllowDownloadable } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowioavprotection' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowioavprotection_1'; settingValueTemplateReference = @{settingValueTemplateId = 'df4e6cbd-f7ff-41c8-88cd-fa25264a237e' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'fa06231d-aed4-4601-b631-3a37e85b62a0' } } } - } { $_.AllowRealTime } { - @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring_1'; settingValueTemplateReference = @{settingValueTemplateId = '0492c452-1069-4b91-9363-93b8e006ab12' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f0790e28-9231-4d37-8f44-84bb47ca1b3e' } } } - } { $_.AllowNetwork } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowscanningnetworkfiles' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowscanningnetworkfiles_1' ; settingValueTemplateReference = @{settingValueTemplateId = '7b8c858c-a17d-4623-9e20-f34b851670ce' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f8f28442-0a6b-4b52-b42c-d31d9687c1cf' } } } - } { $_.AllowScriptScan } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowscriptscanning'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowscriptscanning_1'; settingValueTemplateReference = @{settingValueTemplateId = 'ab9e4320-c953-4067-ac9a-be2becd06b4a' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = '000cf176-949c-4c08-a5d4-90ed43718db7' } } } - } { $_.AllowUI } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowuseruiaccess' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowuseruiaccess_1' ; settingValueTemplateReference = @{settingValueTemplateId = '4b6c9739-4449-4006-8e5f-3049136470ea' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '0170a900-b0bc-4ccc-b7ce-dda9be49189b' } } } - } { $_.CheckSig } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_checkforsignaturesbeforerunningscan' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_checkforsignaturesbeforerunningscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = '010779d1-edd4-441d-8034-89ad57a863fe' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = '4fea56e3-7bb6-4ad3-88c6-e364dd2f97b9' } } } - } { $_.DisableCatchupFullScan } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_disablecatchupfullscan'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_disablecatchupfullscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = '1b26092f-48c4-447b-99d4-e9c501542f1c' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f881b08c-f047-40d2-b7d9-3dde7ce9ef64' } } } - } { $_.DisableCatchupQuickScan } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_disablecatchupquickscan' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_disablecatchupquickscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = 'd263ced7-0d23-4095-9326-99c8b3f5d35b' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'dabf6781-9d5d-42da-822a-d4327aa2bdd1' } } } - } { $_.NetworkProtectionBlock } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_enablenetworkprotection' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_enablenetworkprotection_1' ; settingValueTemplateReference = @{settingValueTemplateId = 'ee58fb51-9ae5-408b-9406-b92b643f388a' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f53ab20e-8af6-48f5-9fa1-46863e1e517e' } } } - } { $_.LowCPU } { - @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_enablelowcpupriority' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_enablelowcpupriority_1' ; settingValueTemplateReference = @{settingValueTemplateId = '045a4a13-deee-4e24-9fe4-985c9357680d' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'cdeb96cf-18f5-4477-a710-0ea9ecc618af' } } } + if ($PolicySettings) { + $Settings = switch ($PolicySettings) { + { $_.ScanArchives } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_1'; settingValueTemplateReference = @{settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' } } } + } { $_.AllowBehavior } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowbehaviormonitoring' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowbehaviormonitoring_1'; settingValueTemplateReference = @{settingValueTemplateId = '905921da-95e2-4a10-9e30-fe5540002ce1' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '8eef615a-1aa0-46f4-a25a-12cbe65de5ab' } } } + } { $_.AllowCloudProtection } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowcloudprotection'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowcloudprotection_1'; settingValueTemplateReference = @{settingValueTemplateId = '16fe8afd-67be-4c50-8619-d535451a500c' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '7da139f1-9b7e-407d-853a-c2e5037cdc70' } } } + } { $_.AllowEmailScanning } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowemailscanning' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowemailscanning_1'; settingValueTemplateReference = @{settingValueTemplateId = 'fdf107fd-e13b-4507-9d8f-db4d93476af9' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'b0d9ee81-de6a-4750-86d7-9397961c9852' } } } + } { $_.AllowFullScanNetwork } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowfullscanonmappednetworkdrives' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowfullscanonmappednetworkdrives_1' ; settingValueTemplateReference = @{settingValueTemplateId = '3e920b10-3773-4ac5-957e-e5573aec6d04' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'dac47505-f072-48d6-9f23-8d93262d58ed' } } } + } { $_.AllowFullScanRemovable } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowfullscanremovabledrivescanning' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowfullscanremovabledrivescanning_1' ; settingValueTemplateReference = @{settingValueTemplateId = '366c5727-629b-4a81-b50b-52f90282fa2c' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'fb36e70b-5bc9-488a-a949-8ea3ac1634d5' } } } + } { $_.AllowIPS } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowintrusionpreventionsystem' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowintrusionpreventionsystem_1'; settingValueTemplateReference = @{settingValueTemplateId = '03738a99-7065-44cb-ba1e-93530ed906a7' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'd47f06e2-5378-43f2-adbc-e924538f1512' } } } + } { $_.AllowDownloadable } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowioavprotection' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowioavprotection_1'; settingValueTemplateReference = @{settingValueTemplateId = 'df4e6cbd-f7ff-41c8-88cd-fa25264a237e' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'fa06231d-aed4-4601-b631-3a37e85b62a0' } } } + } { $_.AllowRealTime } { + @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowrealtimemonitoring_1'; settingValueTemplateReference = @{settingValueTemplateId = '0492c452-1069-4b91-9363-93b8e006ab12' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f0790e28-9231-4d37-8f44-84bb47ca1b3e' } } } + } { $_.AllowNetwork } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowscanningnetworkfiles' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_allowscanningnetworkfiles_1' ; settingValueTemplateReference = @{settingValueTemplateId = '7b8c858c-a17d-4623-9e20-f34b851670ce' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f8f28442-0a6b-4b52-b42c-d31d9687c1cf' } } } + } { $_.AllowScriptScan } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowscriptscanning'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowscriptscanning_1'; settingValueTemplateReference = @{settingValueTemplateId = 'ab9e4320-c953-4067-ac9a-be2becd06b4a' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = '000cf176-949c-4c08-a5d4-90ed43718db7' } } } + } { $_.AllowUI } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowuseruiaccess' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_allowuseruiaccess_1' ; settingValueTemplateReference = @{settingValueTemplateId = '4b6c9739-4449-4006-8e5f-3049136470ea' } }; settingInstanceTemplateReference = @{settingInstanceTemplateId = '0170a900-b0bc-4ccc-b7ce-dda9be49189b' } } } + } { $_.CheckSig } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_checkforsignaturesbeforerunningscan' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_checkforsignaturesbeforerunningscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = '010779d1-edd4-441d-8034-89ad57a863fe' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = '4fea56e3-7bb6-4ad3-88c6-e364dd2f97b9' } } } + } { $_.DisableCatchupFullScan } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_disablecatchupfullscan'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_disablecatchupfullscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = '1b26092f-48c4-447b-99d4-e9c501542f1c' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f881b08c-f047-40d2-b7d9-3dde7ce9ef64' } } } + } { $_.DisableCatchupQuickScan } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_disablecatchupquickscan' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_disablecatchupquickscan_1' ; settingValueTemplateReference = @{settingValueTemplateId = 'd263ced7-0d23-4095-9326-99c8b3f5d35b' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'dabf6781-9d5d-42da-822a-d4327aa2bdd1' } } } + } { $_.NetworkProtectionBlock } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_enablenetworkprotection' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_enablenetworkprotection_1' ; settingValueTemplateReference = @{settingValueTemplateId = 'ee58fb51-9ae5-408b-9406-b92b643f388a' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'f53ab20e-8af6-48f5-9fa1-46863e1e517e' } } } + } { $_.LowCPU } { + @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_enablelowcpupriority' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_enablelowcpupriority_1' ; settingValueTemplateReference = @{settingValueTemplateId = '045a4a13-deee-4e24-9fe4-985c9357680d' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'cdeb96cf-18f5-4477-a710-0ea9ecc618af' } } } + } + } + $CheckExististing = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant + Write-Host ($CheckExististing | ConvertTo-Json) + if ('Default AV Policy' -in $CheckExististing.Name) { + "$($Tenant): AV Policy already exists. Skipping" + } else { + $PolBody = ConvertTo-Json -Depth 10 -Compress -InputObject @{ + name = 'Default AV Policy' + description = '' + platforms = 'windows10' + technologies = 'mdm,microsoftSense' + roleScopeTagIds = @('0') + templateReference = @{templateId = '804339ad-1553-4478-a742-138fb5807418_1' } + settings = $Settings + } + $PolicyRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $PolBody + if ($PolicySettings.AssignTo -ne 'None') { + $AssignBody = if ($PolicySettings.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($PolicySettings.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } + $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($PolicyRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $($PolicySettings.AssignTo)" -Sev 'Info' + } + "$($Tenant): Successfully set Default AV Policy settings" } } - $CheckExististing = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant - Write-Host ($CheckExististing | ConvertTo-Json) - if ('Default AV Policy' -in $CheckExististing.Name) { - "$($Tenant): AV Policy already exists. Skipping" - } else { - $PolBody = ConvertTo-Json -Depth 10 -Compress -InputObject @{ - name = 'Default AV Policy' + if ($ASR) { + $ASRSettings = switch ($ASR) { + { $_.BlockAdobeChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses_block' } } } + { $_.BlockWin32Macro } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses_block' } } } + { $_.BlockCredentialStealing } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockcredentialstealingfromwindowslocalsecurityauthoritysubsystem' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockcredentialstealingfromwindowslocalsecurityauthoritysubsystem_block' } } } + { $_.BlockPSExec } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockprocesscreationsfrompsexecandwmicommands'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockprocesscreationsfrompsexecandwmicommands_block' } } } + { $_.WMIPersistence } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockpersistencethroughwmieventsubscription' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockpersistencethroughwmieventsubscription_block' } } } + { $_.BlockOfficeExes } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfromcreatingexecutablecontent' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfromcreatingexecutablecontent_block' } } } + { $_.BlockOfficeApps } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfrominjectingcodeintootherprocesses' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfrominjectingcodeintootherprocesses_block' } } } + { $_.BlockYoungExe } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablefilesrunningunlesstheymeetprevalenceagetrustedlistcriterion' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablefilesrunningunlesstheymeetprevalenceagetrustedlistcriterion_block' } } } + { $_.blockJSVB } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockjavascriptorvbscriptfromlaunchingdownloadedexecutablecontent' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockjavascriptorvbscriptfromlaunchingdownloadedexecutablecontent_block' } } } + { $_.blockOfficeComChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficecommunicationappfromcreatingchildprocesses' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficecommunicationappfromcreatingchildprocesses_block' } } } + { $_.blockOfficeChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockallofficeapplicationsfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockallofficeapplicationsfromcreatingchildprocesses_block' } } } + { $_.BlockUntrustedUSB } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockuntrustedunsignedprocessesthatrunfromusb'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockuntrustedunsignedprocessesthatrunfromusb_block' } } } + { $_.EnableRansomwareVac } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_useadvancedprotectionagainstransomware'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_useadvancedprotectionagainstransomware_block' } } } + { $_.BlockExesMail } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablecontentfromemailclientandwebmail' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablecontentfromemailclientandwebmail_block' } } } + { $_.BlockUnsignedDrivers } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockabuseofexploitedvulnerablesigneddrivers'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockabuseofexploitedvulnerablesigneddrivers_block' } } } + + } + + + $ASRbody = ConvertTo-Json -Depth 15 -Compress -InputObject @{ + name = 'ASR Default rules' description = '' platforms = 'windows10' technologies = 'mdm,microsoftSense' roleScopeTagIds = @('0') - templateReference = @{templateId = '804339ad-1553-4478-a742-138fb5807418_1' } - settings = $Settings - } - $PolicyRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $PolBody - if ($PolicySettings.AssignTo -ne 'None') { - $AssignBody = if ($PolicySettings.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($PolicySettings.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } - $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($PolicyRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $($PolicySettings.AssignTo)" -Sev 'Info' + templateReference = @{templateId = 'e8c053d6-9f95-42b1-a7f1-ebfd71c67a4b_1' } + settings = @(@{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' + settingInstance = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules' + groupSettingCollectionValue = @(@{children = $asrSettings }) + settingInstanceTemplateReference = @{settingInstanceTemplateId = '19600663-e264-4c02-8f55-f2983216d6d7' } + } + }) } - "$($Tenant): Successfully set Default AV Policy settings" - } - $ASRSettings = switch ($ASR) { - { $_.BlockAdobeChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses_block' } } } - { $_.BlockWin32Macro } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockadobereaderfromcreatingchildprocesses_block' } } } - { $_.BlockCredentialStealing } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockcredentialstealingfromwindowslocalsecurityauthoritysubsystem' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockcredentialstealingfromwindowslocalsecurityauthoritysubsystem_block' } } } - { $_.BlockPSExec } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockprocesscreationsfrompsexecandwmicommands'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockprocesscreationsfrompsexecandwmicommands_block' } } } - { $_.WMIPersistence } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockpersistencethroughwmieventsubscription' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockpersistencethroughwmieventsubscription_block' } } } - { $_.BlockOfficeExes } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfromcreatingexecutablecontent' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfromcreatingexecutablecontent_block' } } } - { $_.BlockOfficeApps } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfrominjectingcodeintootherprocesses' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficeapplicationsfrominjectingcodeintootherprocesses_block' } } } - { $_.BlockYoungExe } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablefilesrunningunlesstheymeetprevalenceagetrustedlistcriterion' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablefilesrunningunlesstheymeetprevalenceagetrustedlistcriterion_block' } } } - { $_.blockJSVB } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockjavascriptorvbscriptfromlaunchingdownloadedexecutablecontent' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockjavascriptorvbscriptfromlaunchingdownloadedexecutablecontent_block' } } } - { $_.blockOfficeComChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficecommunicationappfromcreatingchildprocesses' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockofficecommunicationappfromcreatingchildprocesses_block' } } } - { $_.blockOfficeChild } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockallofficeapplicationsfromcreatingchildprocesses' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockallofficeapplicationsfromcreatingchildprocesses_block' } } } - { $_.BlockUntrustedUSB } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockuntrustedunsignedprocessesthatrunfromusb'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockuntrustedunsignedprocessesthatrunfromusb_block' } } } - { $_.EnableRansomwareVac } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_useadvancedprotectionagainstransomware'; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_useadvancedprotectionagainstransomware_block' } } } - { $_.BlockExesMail } { @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablecontentfromemailclientandwebmail' ; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue' ; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockexecutablecontentfromemailclientandwebmail_block' } } } - { $_.BlockUnsignedDrivers } { @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockabuseofexploitedvulnerablesigneddrivers'; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationchoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules_blockabuseofexploitedvulnerablesigneddrivers_block' } } } - - } - - - $ASRbody = ConvertTo-Json -Depth 15 -Compress -InputObject @{ - name = 'ASR Default rules' - description = '' - platforms = 'windows10' - technologies = 'mdm,microsoftSense' - roleScopeTagIds = @('0') - templateReference = @{templateId = 'e8c053d6-9f95-42b1-a7f1-ebfd71c67a4b_1' } - settings = @(@{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' - settingInstance = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - settingDefinitionId = 'device_vendor_msft_policy_config_defender_attacksurfacereductionrules' - groupSettingCollectionValue = @(@{children = $asrSettings }) - settingInstanceTemplateReference = @{settingInstanceTemplateId = '19600663-e264-4c02-8f55-f2983216d6d7' } - } - }) - } - $CheckExististingASR = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant - if ('ASR Default rules' -in $CheckExististingASR.Name) { - "$($Tenant): ASR Policy already exists. Skipping" - } else { - Write-Host $ASRbody - $ASRRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $ASRbody - Write-Host ($ASRRequest.id) - if ($ASR.AssignTo -ne 'none') { - $AssignBody = if ($ASR.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($asr.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } - $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($ASRRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $($ASR.AssignTo)" -Sev 'Info' + $CheckExististingASR = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant + if ('ASR Default rules' -in $CheckExististingASR.Name) { + "$($Tenant): ASR Policy already exists. Skipping" + } else { + Write-Host $ASRbody + $ASRRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $ASRbody + Write-Host ($ASRRequest.id) + if ($ASR.AssignTo -ne 'none') { + $AssignBody = if ($ASR.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($asr.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } + $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($ASRRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $($ASR.AssignTo)" -Sev 'Info' + } + "$($Tenant): Successfully added ASR Settings" } - "$($Tenant): Successfully added ASR Settings" } - - $EDRSettings = switch ($EDR) { - { $_.SampleSharing } { - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' - settingInstance = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_samplesharing' - choiceSettingValue = @{ - settingValueTemplateReference = @{settingValueTemplateId = 'f72c326c-7c5b-4224-b890-0b9b54522bd9' } - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_samplesharing_1' + if ($EDR) { + $EDRSettings = switch ($EDR) { + { $_.SampleSharing } { + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' + settingInstance = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_samplesharing' + choiceSettingValue = @{ + settingValueTemplateReference = @{settingValueTemplateId = 'f72c326c-7c5b-4224-b890-0b9b54522bd9' } + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' + 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_samplesharing_1' + } + settingInstanceTemplateReference = @{settingInstanceTemplateId = '6998c81e-2814-4f5e-b492-a6159128a97b' } } - settingInstanceTemplateReference = @{settingInstanceTemplateId = '6998c81e-2814-4f5e-b492-a6159128a97b' } } } - } - { $_.Telemetry } { - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' - settingInstance = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_telemetryreportingfrequency' - choiceSettingValue = @{ - settingValueTemplateReference = @{settingValueTemplateId = '350b0bea-b67b-43d4-9a04-c796edb961fd' } - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_telemetryreportingfrequency_2' + { $_.Telemetry } { + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' + settingInstance = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_telemetryreportingfrequency' + choiceSettingValue = @{ + settingValueTemplateReference = @{settingValueTemplateId = '350b0bea-b67b-43d4-9a04-c796edb961fd' } + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' + 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configuration_telemetryreportingfrequency_2' + } + settingInstanceTemplateReference = @{settingInstanceTemplateId = '03de6095-07c4-4f35-be38-c1cd3bae4484' } } - settingInstanceTemplateReference = @{settingInstanceTemplateId = '03de6095-07c4-4f35-be38-c1cd3bae4484' } } - } - } - { $_.Config } { - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' - settingInstance = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configurationtype' - choiceSettingValue = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configurationtype_autofromconnector' - settingValueTemplateReference = @{settingValueTemplateId = 'e5c7c98c-c854-4140-836e-bd22db59d651' } - children = @(@{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance' ; settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_onboarding_fromconnector' ; simpleSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSecretSettingValue' ; value = 'Microsoft ATP connector enabled'; valueState = 'NotEncrypted' } } ) + } + { $_.Config } { + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' + settingInstance = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_configurationtype' + choiceSettingValue = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' + 'value' = 'device_vendor_msft_windowsadvancedthreatprotection_configurationtype_autofromconnector' + settingValueTemplateReference = @{settingValueTemplateId = 'e5c7c98c-c854-4140-836e-bd22db59d651' } + children = @(@{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance' ; settingDefinitionId = 'device_vendor_msft_windowsadvancedthreatprotection_onboarding_fromconnector' ; simpleSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSecretSettingValue' ; value = 'Microsoft ATP connector enabled'; valueState = 'NotEncrypted' } } ) + } + + settingInstanceTemplateReference = @{settingInstanceTemplateId = '23ab0ea3-1b12-429a-8ed0-7390cf699160' } } - - settingInstanceTemplateReference = @{settingInstanceTemplateId = '23ab0ea3-1b12-429a-8ed0-7390cf699160' } } - } + } } - } - $EDRbody = ConvertTo-Json -Depth 15 -Compress -InputObject @{ - name = 'EDR Configuration' - description = '' - platforms = 'windows10' - technologies = 'mdm,microsoftSense' - roleScopeTagIds = @('0') - templateReference = @{templateId = '0385b795-0f2f-44ac-8602-9f65bf6adede_1' } - settings = @($EDRSettings) - } - Write-Host ( $EDRbody) - $CheckExististingEDR = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant | Where-Object -Property Name -EQ 'EDR Configuration' - if ('EDR Configuration' -in $CheckExististingEDR.Name) { - "$($Tenant): EDR Policy already exists. Skipping" - } else { - $EDRRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $EDRbody - if ($ASR.AssignTo -ne 'none') { - $AssignBody = if ($ASR.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($asr.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } - $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($EDRRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned EDR policy $($Displayname) to $($ASR.AssignTo)" -Sev 'Info' + $EDRbody = ConvertTo-Json -Depth 15 -Compress -InputObject @{ + name = 'EDR Configuration' + description = '' + platforms = 'windows10' + technologies = 'mdm,microsoftSense' + roleScopeTagIds = @('0') + templateReference = @{templateId = '0385b795-0f2f-44ac-8602-9f65bf6adede_1' } + settings = @($EDRSettings) + } + Write-Host ( $EDRbody) + $CheckExististingEDR = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant | Where-Object -Property Name -EQ 'EDR Configuration' + if ('EDR Configuration' -in $CheckExististingEDR.Name) { + "$($Tenant): EDR Policy already exists. Skipping" + } else { + $EDRRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies' -tenantid $tenant -type POST -body $EDRbody + if ($ASR.AssignTo -ne 'none') { + $AssignBody = if ($ASR.AssignTo -ne 'AllDevicesAndUsers') { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.' + $($asr.AssignTo) + 'AssignmentTarget"}}]}' } else { '{"assignments":[{"id":"","target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}},{"id":"","target":{"@odata.type":"#microsoft.graph.allLicensedUsersAssignmentTarget"}}]}' } + $assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($EDRRequest.id)')/assign" -tenantid $tenant -type POST -body $AssignBody + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Assigned EDR policy $($Displayname) to $($ASR.AssignTo)" -Sev 'Info' + } + "$($Tenant): Successfully added EDR Settings" } - "$($Tenant): Successfully added EDR Settings" } - } catch { "Failed to add policy for $($Tenant): $($_.Exception.Message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Failed adding policy $($Displayname). Error: $($_.Exception.Message)" -Sev 'Error' From c7826f79ea724e4fe820bd6ba2c9ee8b5b4a5098 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Mon, 2 Dec 2024 23:07:39 +0100 Subject: [PATCH 111/290] new applications --- .../Endpoint/Applications/Invoke-AddChocoApp.ps1 | 2 +- .../Endpoint/Applications/Invoke-AddOfficeApp.ps1 | 5 +---- .../{Invoke-AddWinGetApp.ps1 => Invoke-AddStoreApp.ps1} | 4 ++-- 3 files changed, 4 insertions(+), 7 deletions(-) rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/{Invoke-AddWinGetApp.ps1 => Invoke-AddStoreApp.ps1} (95%) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddChocoApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddChocoApp.ps1 index f554fd228f7b..a2320397fa3f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddChocoApp.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddChocoApp.ps1 @@ -29,7 +29,7 @@ Function Invoke-AddChocoApp { $intunebody.detectionRules[0].path = "$($ENV:SystemDrive)\programdata\chocolatey\lib" $intunebody.detectionRules[0].fileOrFolderName = "$($chocoapp.PackageName)" - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.selectedTenants.defaultDomainName $Results = foreach ($Tenant in $tenants) { try { $CompleteObject = [PSCustomObject]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddOfficeApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddOfficeApp.ps1 index e5a73e7dcb6c..907410fbe500 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddOfficeApp.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddOfficeApp.ps1 @@ -14,11 +14,8 @@ Function Invoke-AddOfficeApp { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' - # Input bindings are passed in via param block. - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.selectedTenants.defaultDomainName if ('AllTenants' -in $Tenants) { $Tenants = (Get-Tenants).defaultDomainName } $AssignTo = if ($request.body.Assignto -ne 'on') { $request.body.Assignto } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddWinGetApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddStoreApp.ps1 similarity index 95% rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddWinGetApp.ps1 rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddStoreApp.ps1 index f80645694331..ef098ff7b0d8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddWinGetApp.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-AddStoreApp.ps1 @@ -1,6 +1,6 @@ using namespace System.Net -Function Invoke-AddWinGetApp { +Function Invoke-AddStoreApp { <# .FUNCTIONALITY Entrypoint @@ -28,7 +28,7 @@ Function Invoke-AddWinGetApp { } } - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.selectedTenants.defaultDomainName $Results = foreach ($Tenant in $tenants) { try { $CompleteObject = [PSCustomObject]@{ From d3524254e56efc7251a9c9fd8304cbae2f35e4be Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 3 Dec 2024 09:55:01 -0500 Subject: [PATCH 112/290] prefix display names with CIPP_ for relationships --- .../HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 index f75d821003e4..e46e64443e1e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPInvite.ps1 @@ -24,7 +24,7 @@ Function Invoke-ExecGDAPInvite { try { $Step = 'Creating GDAP relationship' $JSONBody = @{ - 'displayName' = "$((New-Guid).GUID)" + 'displayName' = "CIPP_$((New-Guid).GUID)" 'accessDetails' = @{ 'unifiedRoles' = @($RoleMappings | Select-Object roleDefinitionId) } From fa34605d6b8539e8cf82a1aada6ad96daff77513 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 3 Dec 2024 09:55:34 -0500 Subject: [PATCH 113/290] GDAP invite/role template fixes --- .../Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 | 8 ++++++-- .../HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 index 49682d143e8e..678015e11e83 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1 @@ -27,9 +27,13 @@ Function Invoke-ExecGDAPRoleTemplate { switch ($Request.Query.Action) { 'Add' { $RowKey = ($Request.Body | Select-Object -First 1 -ExpandProperty TemplateId).value ?? $Request.Body.TemplateId - $RoleMappings = $Request.Body.roleMappings ?? $Request.Body | Select-Object -ExcludeProperty TemplateId + if ($Request.Body.GroupId) { + $RoleMappings = $Request.Body | Select-Object * -ExcludeProperty TemplateId + } else { + $RoleMappings = $Request.Body.RoleMappings + } + Write-Information ($RoleMappings | ConvertTo-Json) Add-CIPPGDAPRoleTemplate -TemplateId $RowKey -RoleMappings $RoleMappings - Write-Information ($Template | ConvertTo-Json) $Body = @{ Results = "Added role mappings to template $RowKey" } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 index 814cdf4ae693..925ba30d856e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 @@ -22,7 +22,7 @@ Function Invoke-ListGDAPInvite { $Invite = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($Request.Query.RelationshipId)'" } else { $Invite = Get-CIPPAzDataTableEntity @Table | ForEach-Object { - $_.RoleMappings = try { $_.RoleMappings | ConvertFrom-Json } catch { $_.RoleMappings } + $_.RoleMappings = @(try { $_.RoleMappings | ConvertFrom-Json } catch { $_.RoleMappings }) $_ } } From 47a9f2a79e5aba5491bd91c9ea5e686abd2efa40 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 3 Dec 2024 10:06:23 -0500 Subject: [PATCH 114/290] Update profile.ps1 --- profile.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profile.ps1 b/profile.ps1 index bf4285cd810d..8ca5ffa7c0c5 100644 --- a/profile.ps1 +++ b/profile.ps1 @@ -63,7 +63,7 @@ if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) { Version = $CurrentVersion } } - Update-AzDataTableEntity -Force @Table -Entity $LastStartup + Update-AzDataTableEntity @Table -Entity $LastStartup -Force } # Uncomment the next line to enable legacy AzureRm alias in Azure PowerShell. # Enable-AzureRmAlias From 546512551d86d531c123114f0cafe7f7d25cad64 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 3 Dec 2024 10:22:18 -0500 Subject: [PATCH 115/290] Exclude timestamp, etag from backups --- Modules/CIPPCore/Public/New-CIPPBackup.ps1 | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 index b2d6ae7314d4..7e068a1fde90 100644 --- a/Modules/CIPPCore/Public/New-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPBackup.ps1 @@ -24,12 +24,7 @@ function New-CIPPBackup { ) $CSVfile = foreach ($CSVTable in $BackupTables) { $Table = Get-CippTable -tablename $CSVTable - $Data = Get-AzDataTableEntity @Table - if ($Data.PSObject.Properties.Name -notcontains 'table') { - $Data | Select-Object *, @{l = 'table'; e = { $CSVTable } } -ExcludeProperty DomainAnalyser - } else { - $Data | Select-Object * -ExcludeProperty DomainAnalyser - } + Get-AzDataTableEntity @Table | Select-Object * -ExcludeProperty DomainAnalyser, table, Timestamp, ETag | Select-Object *, @{l = 'table'; e = { $CSVTable } } } $RowKey = 'CIPPBackup' + '_' + (Get-Date).ToString('yyyy-MM-dd-HHmm') $CSVfile From d961228866267f692d0c350bf4db2874296b116a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 3 Dec 2024 17:46:29 +0100 Subject: [PATCH 116/290] autopilot finishing touches --- .../Endpoint/Autopilot/Invoke-AddAPDevice.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAPDevice.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAPDevice.ps1 index d74d69cc0074..1e1c57118f14 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAPDevice.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAPDevice.ps1 @@ -16,7 +16,7 @@ Function Invoke-AddAPDevice { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - $TenantFilter = (Get-Tenants | Where-Object { $_.defaultDomainName -eq $Request.body.TenantFilter }).customerId + $TenantFilter = (Get-Tenants | Where-Object { $_.defaultDomainName -eq $Request.body.TenantFilter.value }).customerId $GroupName = if ($Request.body.Groupname) { $Request.body.Groupname } else { (New-Guid).GUID } Write-Host $GroupName $rawDevices = $request.body.autopilotData @@ -51,7 +51,7 @@ Function Invoke-AddAPDevice { $NewStatus = New-GraphgetRequest -uri "https://api.partnercenter.microsoft.com/v1/$($GraphRequest.Location)" -scope 'https://api.partnercenter.microsoft.com/user_impersonation' } until ($Newstatus.status -eq 'finished' -or $amount -eq 4) if ($NewStatus.status -ne 'finished') { throw 'Could not retrieve status of import - This job might still be running. Check the autopilot device list in 10 minutes for the latest status.' } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Created Autopilot devices group. Group ID is $GroupName" -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter.value) -message "Created Autopilot devices group. Group ID is $GroupName" -Sev 'Info' [PSCustomObject]@{ Status = 'Import Job Completed' @@ -59,10 +59,10 @@ Function Invoke-AddAPDevice { } } catch { [PSCustomObject]@{ - Status = "$($Request.body.TenantFilter): Failed to create autopilot devices. $($_.Exception.Message)" + Status = "$($Request.body.TenantFilter.value): Failed to create autopilot devices. $($_.Exception.Message)" Devices = @() } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Failed to create autopilot devices. $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter.value) -message "Failed to create autopilot devices. $($_.Exception.Message)" -Sev 'Error' } $body = [pscustomobject]@{'Results' = $Result } From 60d95e78f0fbf6604bc75090f94e0505a32e1ce2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Tue, 3 Dec 2024 23:08:46 +0100 Subject: [PATCH 117/290] add autopilot status page --- .../Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1 | 2 +- .../HTTP Functions/Endpoint/Autopilot/Invoke-AddEnrollment.ps1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1 index a87a2bcb7824..1c737749e18a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1 @@ -18,7 +18,7 @@ Function Invoke-AddAutopilotConfig { Write-Host 'PowerShell HTTP trigger function processed a request.' # Input bindings are passed in via param block. - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.selectedTenants.value $AssignTo = if ($request.body.Assignto -ne 'on') { $request.body.Assignto } $Profbod = [pscustomobject]$Request.body $usertype = if ($Profbod.NotLocalAdmin -eq 'true') { 'standard' } else { 'administrator' } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddEnrollment.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddEnrollment.ps1 index eaed0e5aba15..22179704004a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddEnrollment.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddEnrollment.ps1 @@ -18,7 +18,7 @@ Function Invoke-AddEnrollment { Write-Host 'PowerShell HTTP trigger function processed a request.' # Input bindings are passed in via param block. - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.selectedTenants.value $Profbod = $Request.body $results = foreach ($Tenant in $tenants) { Set-CIPPDefaultAPEnrollment -TenantFilter $Tenant -ShowProgress $Profbod.ShowProgress -BlockDevice $Profbod.blockDevice -AllowReset $Profbod.AllowReset -EnableLog $Profbod.EnableLog -ErrorMessage $Profbod.ErrorMessage -TimeOutInMinutes $Profbod.TimeOutInMinutes -AllowFail $Profbod.AllowFail -OBEEOnly $Profbod.OBEEOnly From 2dea909c771af6f8ddaf3b0105753ef64ccdbbb4 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 6 Dec 2024 10:28:26 -0500 Subject: [PATCH 118/290] update version number before durable clean --- profile.ps1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/profile.ps1 b/profile.ps1 index 8ca5ffa7c0c5..5230a3b5561d 100644 --- a/profile.ps1 +++ b/profile.ps1 @@ -53,7 +53,6 @@ Write-Information "Function: $($env:WEBSITE_SITE_NAME) Version: $CurrentVersion" $LastStartup = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Version' and RowKey eq '$($env:WEBSITE_SITE_NAME)'" if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) { Write-Information "Version has changed from $($LastStartup.Version ?? 'None') to $CurrentVersion" - Clear-CippDurables if ($LastStartup) { $LastStartup.Version = $CurrentVersion } else { @@ -64,6 +63,11 @@ if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) { } } Update-AzDataTableEntity @Table -Entity $LastStartup -Force + try { + Clear-CippDurables + } catch { + Write-LogMessage -message 'Failed to clear durables after update' -LogData (Get-CippException -Exception $_) -Sev 'Error' + } } # Uncomment the next line to enable legacy AzureRm alias in Azure PowerShell. # Enable-AzureRmAlias From 6f3ad7a9b27ba8586b04bff9123e96ac511399d2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 6 Dec 2024 19:35:40 +0100 Subject: [PATCH 119/290] fixes --- .../HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 | 4 ++-- .../HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1 | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 index 847c5f1174c7..78b33ab7058f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 @@ -38,11 +38,11 @@ Function Invoke-AddIntuneTemplate { $body = [pscustomobject]@{'Results' = 'Successfully added template' } } else { - $TenantFilter = $Request.Query.TenantFilter + $TenantFilter = $Request.Query.tenantFilter $URLName = $Request.Query.URLName $ID = $Request.Query.id $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName $URLName -ID $ID - + Write-Host "Template: $Template" $object = [PSCustomObject]@{ Displayname = $Template.DisplayName Description = $Template.Description diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1 index 9d6865355490..88c4a6136022 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddPolicy.ps1 @@ -13,7 +13,7 @@ Function Invoke-AddPolicy { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $Request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenants = ($Request.Body | Select-Object Select_*).psobject.properties.value + $Tenants = ($Request.Body.tenantFilter.value) if ('AllTenants' -in $Tenants) { $Tenants = (Get-Tenants).defaultDomainName } $displayname = $Request.Body.displayName $description = $Request.Body.Description From 47f0c83955fc4dde697c50fcff03fa7341e22d6e Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 6 Dec 2024 22:49:35 +0100 Subject: [PATCH 120/290] pages add --- .../HTTP Functions/Teams-Sharepoint/Invoke-AddTeam.ps1 | 7 +++---- .../Teams-Sharepoint/Invoke-ListTeamsVoice.ps1 | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddTeam.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddTeam.ps1 index ea3412dd22b4..94647e739f8b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddTeam.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddTeam.ps1 @@ -18,11 +18,11 @@ Function Invoke-AddTeam { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - $Owners = ($userobj.owner).Split([Environment]::NewLine) | Where-Object { $_ -ne $null -or $_ -ne '' } + $Owners = ($userobj.owner).value try { $Owners = $Owners | ForEach-Object { - $OwnerID = "https://graph.microsoft.com/beta/users('" + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$_" -tenantid $Userobj.tenantid).id + "')" + $OwnerID = "https://graph.microsoft.com/beta/users('$($_)')" @{ '@odata.type' = '#microsoft.graph.aadUserConversationMember' 'roles' = @('owner') @@ -44,8 +44,7 @@ Function Invoke-AddTeam { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Added Team $($userobj.displayname)" -Sev 'Info' $body = [pscustomobject]@{'Results' = 'Success. Team has been added' } - } - catch { + } catch { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantid) -message "Adding Team failed. Error: $($_.Exception.Message)" -Sev 'Error' $body = [pscustomobject]@{'Results' = "Failed. Error message: $($_.Exception.Message)" } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsVoice.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsVoice.ps1 index 2459ff22f13c..11870bac1165 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsVoice.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsVoice.ps1 @@ -25,7 +25,7 @@ Function Invoke-ListTeamsVoice { $skip = 0 $GraphRequest = do { $data = (New-TeamsAPIGetRequest -uri "https://api.interfaces.records.teams.microsoft.com/Skype.TelephoneNumberMgmt/Tenants/$($Tenantid)/telephone-numbers?skip=$($skip)&locale=en-US&top=999" -tenantid $TenantFilter).TelephoneNumbers | ForEach-Object { - $CompleteRequest = $_ | Select-Object *, 'AssignedTo' + $CompleteRequest = $_ | Select-Object *, 'AssignedTo', 'AcquisitionDate' -ErrorAction SilentlyContinue $CompleteRequest.AcquisitionDate = $CompleteRequest.AcquisitionDate -split 'T' | Select-Object -First 1 if ($CompleteRequest.TargetId -eq '00000000-0000-0000-0000-000000000000') { $CompleteRequest.AssignedTo = 'Unassigned' From a9d30078c907f28ec79fa86c54540a685cab723b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Sat, 7 Dec 2024 01:06:20 +0100 Subject: [PATCH 121/290] Fix: inactive accounts report --- .../Entrypoints/Invoke-ListInactiveAccounts.ps1 | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1 index 2ad45b5488bb..5a36bb089ff0 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1 @@ -11,15 +11,21 @@ Function Invoke-ListInactiveAccounts { param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $User = $request.headers.'x-ms-client-principal' + Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - # Interact with query parameters or the body of the request. + # Convert the TenantFilter parameter to a list of tenant IDs for AllTenants or a single tenant ID $TenantFilter = $Request.Query.TenantFilter - if ($TenantFilter -eq 'AllTenants') { $TenantFilter = (get-tenants).customerId } + if ($TenantFilter -eq 'AllTenants') { + $TenantFilter = (Get-Tenants).customerId + } else { + $TenantFilter = (Get-Tenants -TenantFilter $TenantFilter).customerId + } + try { $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/inactiveUsers?`$count=true" -tenantid $env:TenantID | Where-Object { $_.tenantId -in $TenantFilter } $StatusCode = [HttpStatusCode]::OK @@ -34,5 +40,4 @@ Function Invoke-ListInactiveAccounts { StatusCode = $StatusCode Body = @($GraphRequest) }) - } From 906814b6b3582c4609b65166b5eb8f659689096e Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 7 Dec 2024 01:18:22 +0100 Subject: [PATCH 122/290] Add transport rule --- .../Email-Exchange/Invoke-AddTransportRule.ps1 | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTransportRule.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTransportRule.ps1 index acd265572aa5..82363d390adb 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTransportRule.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTransportRule.ps1 @@ -15,7 +15,7 @@ Function Invoke-AddTransportRule { $RequestParams = $Request.Body.PowerShellCommand | ConvertFrom-Json | Select-Object -Property * -ExcludeProperty GUID, Comments, HasSenderOverride, ExceptIfHasSenderOverride, ExceptIfMessageContainsDataClassifications, MessageContainsDataClassifications - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = ($Request.body.selectedTenants).value $Result = foreach ($Tenantfilter in $tenants) { $Existing = New-ExoRequest -ErrorAction SilentlyContinue -tenantid $Tenantfilter -cmdlet 'Get-TransportRule' -useSystemMailbox $true | Where-Object -Property Identity -EQ $RequestParams.name try { @@ -24,16 +24,14 @@ Function Invoke-AddTransportRule { $RequestParams | Add-Member -NotePropertyValue $RequestParams.name -NotePropertyName Identity $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Set-TransportRule' -cmdParams ($RequestParams | Select-Object -Property * -ExcludeProperty UseLegacyRegex) -useSystemMailbox $true "Successfully set transport rule for $tenantfilter." - } - else { + } else { Write-Host 'Creating new' $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'New-TransportRule' -cmdParams $RequestParams -useSystemMailbox $true "Successfully created transport rule for $tenantfilter." } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Created transport rule for $($tenantfilter)" -sev Info - } - catch { + } catch { "Could not create transport rule for $($tenantfilter): $($_.Exception.message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Could not create transport rule for $($tenantfilter). Error:$($_.Exception.message)" -sev Error } From 9f08aec750edceb90853224e95d890cf3ed7a55a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 7 Dec 2024 12:10:36 +0100 Subject: [PATCH 123/290] fix exConnector --- .../HTTP Functions/Email-Exchange/Invoke-AddExConnector.ps1 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddExConnector.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddExConnector.ps1 index d1a29a85a67d..6f54028ddeb6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddExConnector.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddExConnector.ps1 @@ -16,14 +16,13 @@ Function Invoke-AddExConnector { $ConnectorType = ($Request.body.PowerShellCommand | ConvertFrom-Json).cippConnectorType $RequestParams = $Request.Body.PowerShellCommand | ConvertFrom-Json | Select-Object -Property * -ExcludeProperty GUID, cippConnectorType, comments - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = ($Request.body.selectedTenants).value $Result = foreach ($Tenantfilter in $tenants) { try { $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "New-$($ConnectorType)connector" -cmdParams $RequestParams "Successfully created Connector for $Tenantfilter." Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Created Connector for $($Tenantfilter)" -sev 'Info' - } - catch { + } catch { "Could not create created Connector for $($Tenantfilter): $($_.Exception.message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Could not create created Connector for $($Tenantfilter): $($_.Exception.message)" -sev 'Error' } From 2acf68ae10d1309b0e16acaca13df45d487c1d85 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 7 Dec 2024 12:54:59 +0100 Subject: [PATCH 124/290] Fix issue --- .../HTTP Functions/Email-Exchange/Invoke-AddSpamFilter.ps1 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddSpamFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddSpamFilter.ps1 index a27660da63c5..7d267b3c8ac1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddSpamFilter.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddSpamFilter.ps1 @@ -17,7 +17,7 @@ Function Invoke-AddSpamFilter { $RequestParams = $Request.Body.PowerShellCommand | ConvertFrom-Json | Select-Object -Property * -ExcludeProperty GUID, comments $RequestPriority = $Request.Body.Priority - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = ($Request.body.selectedTenants).value $Result = foreach ($Tenantfilter in $tenants) { try { $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'New-HostedContentFilterPolicy' -cmdParams $RequestParams @@ -32,8 +32,7 @@ Function Invoke-AddSpamFilter { $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'New-HostedContentFilterRule' -cmdParams $ruleparams "Successfully created spamfilter for $tenantfilter." Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Created spamfilter rule for $($tenantfilter)" -sev Info - } - catch { + } catch { "Could not create create spamfilter rule for $($tenantfilter): $($_.Exception.message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Could not create create spamfilter rule for $($tenantfilter): $($_.Exception.message)" -sev Error } From f6b6b71f0d9eef6495d0a7ad0536ac05d869591b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 7 Dec 2024 19:32:05 +0100 Subject: [PATCH 125/290] removed dependancy on lighthouse --- .../Public/Entrypoints/Invoke-ListDefenderState.ps1 | 9 +++------ .../CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 | 1 + 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDefenderState.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDefenderState.ps1 index 78a4f1bcbbf0..fdd9388d3d79 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDefenderState.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDefenderState.ps1 @@ -20,15 +20,12 @@ Function Invoke-ListDefenderState { # Interact with query parameters or the body of the request. $TenantFilter = $Request.Query.TenantFilter try { - $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/windowsProtectionStates?`$top=999&`$filter=tenantId eq '$TenantFilter'" - if ($GraphRequest.tenantDisplayName.length -lt 1) { - $StatusCode = [HttpStatusCode]::Forbidden - $GraphRequest = 'No data found - This client might not be onboarded in Lighthouse' - } + $GraphRequest = New-GraphGetRequest -tenantid $TenantFilter -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$expand=windowsProtectionState&`$select=id,deviceName,deviceType,operatingSystem,windowsProtectionState" + $StatusCode = [HttpStatusCode]::OK } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message $StatusCode = [HttpStatusCode]::Forbidden - $GraphRequest = "Could not connect to Azure Lighthouse API: $($ErrorMessage)" + $GraphRequest = "$($ErrorMessage)" } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index ba3a32ed919d..37a2284d5e12 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -62,6 +62,7 @@ function Get-NormalizedError { '*Account is not provisioned.' { 'The account is not provisioned. You do not the correct M365 license to access this information..' } '*AADSTS5000224*' { 'This resource is not available - Has this tenant been deleted?' } '*AADSTS53003*' { 'Access has been blocked by Conditional Access policies. Please check the Conditional Access configuration documentation' } + '*AADSTS900023*' { 'This tenant is not available for this operation. Please check the selected tenant and try again.' } Default { $message } } From c8ce607eaa048414458e7d7efed608e8b87be489 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 8 Dec 2024 14:44:11 -0500 Subject: [PATCH 126/290] GDAP access assignments --- .../GDAP/Invoke-ListGDAPAccessAssignments.ps1 | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 new file mode 100644 index 000000000000..85cdb4fe39a0 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 @@ -0,0 +1,51 @@ +function Invoke-ListGDAPAccessAssignments { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $Id = $Request.Query.Id + $TenantFilter = $env:TenantID + + Write-Information "Getting access assignments for $Id" + + $AccessAssignments = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$Id/accessAssignments" -tenantid $TenantFilter + + # get groups asapp + $Groups = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/groups?`$top=999&`$select=id,displayName&`$filter=securityEnabled eq true" -tenantid $TenantFilter -asApp $true + + # Get all the access containers + $AccessContainers = $AccessAssignments.accessContainer.accessContainerId + + $ContainerMembers = foreach ($AccessContainer in $AccessContainers) { + @{ + 'id' = $AccessContainer + 'url' = "groups/$AccessContainer/members?`$select=id,displayName,userPrincipalName&`$top=999" + 'method' = 'GET' + } + } + $Members = New-GraphBulkRequest -Requests $ContainerMembers -tenantid $TenantFilter -asApp $true -NoAuthCheck $true + + $Results = foreach ($AccessAssignment in $AccessAssignments) { + [PSCustomObject]@{ + 'id' = $AccessAssignment.id + 'status' = $AccessAssignment.status + 'createdDateTime' = $AccessAssignment.createdDateTime + 'modifiedDateTime' = $AccessAssignment.modifiedDateTime + 'roles' = $AccessAssignment.accessDetails.unifiedRoles + 'group' = $Groups | Where-Object id -EQ $AccessAssignment.accessContainer.accessContainerId + 'members' = ($Members | Where-Object id -EQ $AccessAssignment.accessContainer.accessContainerId).body.value + } + } + + $Body = @{ + Results = $Results + } + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $Body + }) +} From e087c1f85d588a8ccb4c2ec4cc88d17e5a27775b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 8 Dec 2024 21:52:53 +0100 Subject: [PATCH 127/290] Updates --- .../Public/Entrypoints/Invoke-ListGroups.ps1 | 83 ++++++++++++------- 1 file changed, 51 insertions(+), 32 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1 index b59ceae2fd06..00d3d8eb9606 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1 @@ -13,55 +13,74 @@ Function Invoke-ListGroups { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' - - # Interact with query parameters or the body of the request. - $TenantFilter = $Request.Query.TenantFilter $selectstring = "id,createdDateTime,displayName,description,mail,mailEnabled,mailNickname,resourceProvisioningOptions,securityEnabled,visibility,organizationId,onPremisesSamAccountName,membershipRule,grouptypes,onPremisesSyncEnabled,resourceProvisioningOptions,userPrincipalName&`$expand=members(`$select=userPrincipalName)" + $BulkRequestArrayList = [System.Collections.ArrayList]@() + if ($Request.Query.GroupID) { - $groupid = $Request.query.groupid $selectstring = 'id,createdDateTime,displayName,description,mail,mailEnabled,mailNickname,resourceProvisioningOptions,securityEnabled,visibility,organizationId,onPremisesSamAccountName,membershipRule,groupTypes,userPrincipalName' + $BulkRequestArrayList.add(@{ + id = 1 + method = 'GET' + url = "groups/$($Request.Query.GroupID)?`$select=$selectstring" + }) } if ($Request.Query.members) { - $members = 'members' $selectstring = 'id,userPrincipalName,displayName,hideFromOutlookClients,hideFromAddressLists,mail,mailEnabled,mailNickname,resourceProvisioningOptions,securityEnabled,visibility,organizationId,onPremisesSamAccountName,membershipRule' + $BulkRequestArrayList.add(@{ + id = 2 + method = 'GET' + url = "groups/$($Request.Query.GroupID)/members?`$top=999&select=$selectstring" + }) } if ($Request.Query.owners) { - $members = 'owners' $selectstring = 'id,userPrincipalName,displayName,hideFromOutlookClients,hideFromAddressLists,mail,mailEnabled,mailNickname,resourceProvisioningOptions,securityEnabled,visibility,organizationId,onPremisesSamAccountName,membershipRule' + $BulkRequestArrayList.add(@{ + id = 3 + method = 'GET' + url = "groups/$($Request.Query.GroupID)/owners?`$top=999&select=$selectstring" + }) } + try { - $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupID)/$($members)?`$top=999&select=$selectstring" -tenantid $TenantFilter | Select-Object *, @{ Name = 'primDomain'; Expression = { $_.mail -split '@' | Select-Object -Last 1 } }, - @{Name = 'membersCsv'; Expression = { $_.members.userPrincipalName -join ',' } }, - @{Name = 'teamsEnabled'; Expression = { if ($_.resourceProvisioningOptions -Like '*Team*') { $true }else { $false } } }, - @{Name = 'calculatedGroupType'; Expression = { + if ($BulkRequestArrayList.Count -gt 0) { + $RawGraphRequest = New-GraphBulkRequest -tenantid $TenantFilter -scope 'https://graph.microsoft.com/.default' -Requests @($BulkRequestArrayList) -asapp $true + $GraphRequest = [PSCustomObject]@{ + groupInfo = ($RawGraphRequest | Where-Object { $_.id -eq 1 }).body + members = ($RawGraphRequest | Where-Object { $_.id -eq 2 }).body.value + owners = ($RawGraphRequest | Where-Object { $_.id -eq 3 }).body.value + } + } else { + $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupID)/$($members)?`$top=999&select=$selectstring" -tenantid $TenantFilter | Select-Object *, @{ Name = 'primDomain'; Expression = { $_.mail -split '@' | Select-Object -Last 1 } }, + @{Name = 'membersCsv'; Expression = { $_.members.userPrincipalName -join ',' } }, + @{Name = 'teamsEnabled'; Expression = { if ($_.resourceProvisioningOptions -Like '*Team*') { $true }else { $false } } }, + @{Name = 'calculatedGroupType'; Expression = { - if ($_.mailEnabled -and $_.securityEnabled) { - 'Mail-Enabled Security' - } - if (!$_.mailEnabled -and $_.securityEnabled) { - 'Security' - } - if ($_.groupTypes -contains 'Unified') { - 'Microsoft 365' + if ($_.mailEnabled -and $_.securityEnabled) { + 'Mail-Enabled Security' + } + if (!$_.mailEnabled -and $_.securityEnabled) { + 'Security' + } + if ($_.groupTypes -contains 'Unified') { + 'Microsoft 365' + } + if (([string]::isNullOrEmpty($_.groupTypes)) -and ($_.mailEnabled) -and (!$_.securityEnabled)) { + 'Distribution List' + } } - if (([string]::isNullOrEmpty($_.groupTypes)) -and ($_.mailEnabled) -and (!$_.securityEnabled)) { - 'Distribution List' - } - } - }, - @{Name = 'dynamicGroupBool'; Expression = { - if ($_.groupTypes -contains 'DynamicMembership') { - $true - } else { - $false + }, + @{Name = 'dynamicGroupBool'; Expression = { + if ($_.groupTypes -contains 'DynamicMembership') { + $true + } else { + $false + } } } + $GraphRequest = @($GraphRequest | Sort-Object displayName) } $StatusCode = [HttpStatusCode]::OK @@ -73,7 +92,7 @@ Function Invoke-ListGroups { # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = $StatusCode - Body = @($GraphRequest | Sort-Object displayName) + Body = $GraphRequest }) } From 216551debd47bae5989fe9ad99a9362f41ad429b Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 8 Dec 2024 21:20:05 -0500 Subject: [PATCH 128/290] Update Invoke-ListGDAPAccessAssignments.ps1 --- .../Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 index 85cdb4fe39a0..83fae86a70ea 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPAccessAssignments.ps1 @@ -22,7 +22,7 @@ function Invoke-ListGDAPAccessAssignments { $ContainerMembers = foreach ($AccessContainer in $AccessContainers) { @{ 'id' = $AccessContainer - 'url' = "groups/$AccessContainer/members?`$select=id,displayName,userPrincipalName&`$top=999" + 'url' = "groups/$AccessContainer/members?`$select=id,displayName,userPrincipalName,isAssignableToRole&`$top=999" 'method' = 'GET' } } From 663601388febff5da94bd147942f239f0260aa90 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 9 Dec 2024 12:06:37 +0100 Subject: [PATCH 129/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippjta72.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cippjta72.yml diff --git a/.github/workflows/interface-rewrite_cippjta72.yml b/.github/workflows/interface-rewrite_cippjta72.yml new file mode 100644 index 000000000000..d4405b6f6d3f --- /dev/null +++ b/.github/workflows/interface-rewrite_cippjta72.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cippjta72 + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cippjta72' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_6472818415124CAB84BCDF49D430C471 }} \ No newline at end of file From 8889710ece11529294fc12a7ab0b33cc1151f268 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 9 Dec 2024 12:28:56 +0100 Subject: [PATCH 130/290] updated error messages --- .../GraphHelper/Get-NormalizedError.ps1 | 1 + .../Public/GraphHelper/New-CippHTTPOutput.ps1 | 30 +++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index 37a2284d5e12..198e228a3201 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -63,6 +63,7 @@ function Get-NormalizedError { '*AADSTS5000224*' { 'This resource is not available - Has this tenant been deleted?' } '*AADSTS53003*' { 'Access has been blocked by Conditional Access policies. Please check the Conditional Access configuration documentation' } '*AADSTS900023*' { 'This tenant is not available for this operation. Please check the selected tenant and try again.' } + '*AADSTS9002313*' { 'The credentials used to connect to the Graph API are not available, please retry. If this issue persists you may need to execute the SAM wizard.' } Default { $message } } diff --git a/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 new file mode 100644 index 000000000000..b58dabcbb12e --- /dev/null +++ b/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 @@ -0,0 +1,30 @@ +using namespace System.Net + +function New-CippHTTPOutput { + <# + .FUNCTIONALITY + Internal + #> + [CmdletBinding()] + param( + [Parameter(Mandatory = $false)] + [string]$Type = 'Raw', + [Parameter(Mandatory = $true)] + [string]$Body + ) + + if ($type -eq 'Raw') { + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $body + }) + } + if ($Type -eq 'Results') { + #Make the status code dependant on the results. Throw a 500 if the errorState is true, add the copyFrom field, make sure Results is an array. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $body + }) + } + +} From 210f2c780b73b5f9073593bd70adba9a820cadc2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 9 Dec 2024 13:44:11 +0100 Subject: [PATCH 131/290] remove redudnant function --- .../Public/GraphHelper/New-CippHTTPOutput.ps1 | 30 ------------------- 1 file changed, 30 deletions(-) delete mode 100644 Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 diff --git a/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 deleted file mode 100644 index b58dabcbb12e..000000000000 --- a/Modules/CIPPCore/Public/GraphHelper/New-CippHTTPOutput.ps1 +++ /dev/null @@ -1,30 +0,0 @@ -using namespace System.Net - -function New-CippHTTPOutput { - <# - .FUNCTIONALITY - Internal - #> - [CmdletBinding()] - param( - [Parameter(Mandatory = $false)] - [string]$Type = 'Raw', - [Parameter(Mandatory = $true)] - [string]$Body - ) - - if ($type -eq 'Raw') { - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $body - }) - } - if ($Type -eq 'Results') { - #Make the status code dependant on the results. Throw a 500 if the errorState is true, add the copyFrom field, make sure Results is an array. - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $body - }) - } - -} From fd5d691e9a55c5afbf53b8224008a1452e09dfab Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 9 Dec 2024 11:38:50 -0500 Subject: [PATCH 132/290] fix ignore switch --- .../Activity Triggers/Push-ExecOnboardTenantQueue.ps1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 index 48740a33b0a9..4fd4391c8938 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 @@ -101,10 +101,14 @@ Function Push-ExecOnboardTenantQueue { } if (($MissingRoles | Measure-Object).Count -gt 0) { $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Missing roles for relationship' }) - if ($QueueItem.IgnoreMissingRoles -ne $true) { + if ($Item.IgnoreMissingRoles -ne $true) { $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step2.Status = 'failed' $OnboardingSteps.Step2.Message = "Your GDAP relationship is missing the following roles: $($MissingRoles -join ', ')" + } else { + $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Ignoring missing roles' }) + $OnboardingSteps.Step2.Status = 'succeeded' + $OnboardingSteps.Step2.Message = 'Your GDAP relationship is missing some roles, but the onboarding will continue' } } else { $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Required roles found' }) From 7757d6aa3bcf38d0b67a87a73fee3b2ebe31db55 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 10 Dec 2024 22:31:16 +0100 Subject: [PATCH 133/290] big standards update --- .../Standards/Invoke-AddStandardsTemplate.ps1 | 2 +- .../Invoke-listStandardTemplates.ps1 | 2 +- .../Public/Invoke-RemoveStandardTemplate.ps1 | 3 +- .../Public/Standards/Get-CIPPStandards.ps1 | 208 +++++++++++++----- 4 files changed, 159 insertions(+), 56 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 index 66f0402b0171..f8b30bfbd087 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 @@ -20,7 +20,7 @@ Function Invoke-AddStandardsTemplate { Add-CIPPAzDataTableEntity @Table -Entity @{ JSON = "$JSON" RowKey = "$GUID" - PartitionKey = 'StandardsTemplate' + PartitionKey = 'StandardsTemplateV2' GUID = "$GUID" } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created CA Template $($Request.body.name) with GUID $GUID" -Sev 'Debug' diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 index b866f1f814a0..f7d0f45cb8ef 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 @@ -13,7 +13,7 @@ Function Invoke-listStandardTemplates { $APIName = $TriggerMetadata.FunctionName $Table = Get-CippTable -tablename 'templates' - $Filter = "PartitionKey eq 'StandardsTemplate'" + $Filter = "PartitionKey eq 'StandardsTemplateV2'" $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter) | ForEach-Object { $data = $_.JSON | ConvertFrom-Json -Depth 100 $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $_.GUID -Force diff --git a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 index 029c1c4e4284..edc2c85bd0c0 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 @@ -17,8 +17,7 @@ Function Invoke-RemoveStandardTemplate { $ID = $request.body.ID try { $Table = Get-CippTable -tablename 'templates' - - $Filter = "PartitionKey eq 'StandardsTemplate' and RowKey eq '$id'" + $Filter = "PartitionKey eq 'StandardsTemplateV2' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Standards Template named $($ClearRow.name) and id $($id)" -Sev 'Info' diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index b3ec11c8c96b..bebacbc788bf 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -1,3 +1,47 @@ +function Normalize-Standard { + param( + [Parameter(Mandatory = $true)] $StandardObject + ) + + # Ensure it's a PSCustomObject + $StandardObject = [pscustomobject]$StandardObject + + # Check if combinedActions is present + $AllActionValues = @() + if ($StandardObject.PSObject.Properties.Name -contains 'combinedActions') { + $AllActionValues = $StandardObject.combinedActions + # Remove combinedActions now that we have the values + $null = $StandardObject.PSObject.Properties.Remove('combinedActions') + } + + # Determine booleans based on combinedActions + $remediate = $AllActionValues -contains 'Remediate' + $alert = $AllActionValues -contains 'warn' + $report = $AllActionValues -contains 'Report' + + # Add or update the booleans + $StandardObject | Add-Member -NotePropertyName 'remediate' -NotePropertyValue $remediate -Force + $StandardObject | Add-Member -NotePropertyName 'alert' -NotePropertyValue $alert -Force + $StandardObject | Add-Member -NotePropertyName 'report' -NotePropertyValue $report -Force + + # Flatten any nested settings from 'standards' + if ($StandardObject.PSObject.Properties.Name -contains 'standards' -and $StandardObject.standards) { + foreach ($standardKey in $StandardObject.standards.PSObject.Properties.Name) { + $NestedStandard = $StandardObject.standards.$standardKey + if ($NestedStandard) { + # Move each property from the nested standard up + foreach ($nsProp in $NestedStandard.PSObject.Properties) { + $StandardObject | Add-Member -NotePropertyName $nsProp.Name -NotePropertyValue $nsProp.Value -Force + } + } + } + # Remove the 'standards' property after flattening + $null = $StandardObject.PSObject.Properties.Remove('standards') + } + + return $StandardObject +} + function Get-CIPPStandards { param( [Parameter(Mandatory = $false)] @@ -5,83 +49,143 @@ function Get-CIPPStandards { [switch]$ListAllTenants ) - #Write-Host "Getting standards for tenant - $($tenantFilter)" - $Table = Get-CippTable -tablename 'standards' - $Filter = "PartitionKey eq 'standards'" - $Standards = (Get-CIPPAzDataTableEntity @Table -Filter $Filter).JSON | ConvertFrom-Json - $StandardsAllTenants = $Standards | Where-Object { $_.Tenant -eq 'AllTenants' } + $Table = Get-CippTable -tablename 'templates' + $Filter = "PartitionKey eq 'StandardsTemplateV2'" + $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter).JSON | ConvertFrom-Json - # Get tenant list based on filter - $Tenants = Get-Tenants + $AllTenantsList = Get-Tenants if ($TenantFilter -ne 'allTenants') { - $Tenants = $Tenants | Where-Object { $_.defaultDomainName -eq $TenantFilter -or $_.customerId -eq $TenantFilter } + $AllTenantsList = $AllTenantsList | Where-Object { + $_.defaultDomainName -eq $TenantFilter -or $_.customerId -eq $TenantFilter + } + } + + function Merge-Standards { + param( + [Parameter(Mandatory = $true)] $Existing, + [Parameter(Mandatory = $true)] $CurrentStandard + ) + + # Ensure PSCustomObject + $Existing = [pscustomobject]$Existing + $CurrentStandard = [pscustomobject]$CurrentStandard + + # Extract action from Existing + $ExistingActionValues = @() + if ($Existing.PSObject.Properties.Name -contains 'action') { + if ($Existing.action -and $Existing.action.value) { + $ExistingActionValues = @($Existing.action.value) + } + $null = $Existing.PSObject.Properties.Remove('action') + } + + # Extract action from CurrentStandard + $CurrentActionValues = @() + if ($CurrentStandard.PSObject.Properties.Name -contains 'action') { + if ($CurrentStandard.action -and $CurrentStandard.action.value) { + $CurrentActionValues = @($CurrentStandard.action.value) + } + $null = $CurrentStandard.PSObject.Properties.Remove('action') + } + + # Combine and get unique actions + $AllActionValues = ($ExistingActionValues + $CurrentActionValues) | Select-Object -Unique + + # Merge other properties from CurrentStandard into Existing + foreach ($prop in $CurrentStandard.PSObject.Properties) { + if ($prop.Name -eq 'action') { continue } + $Existing | Add-Member -NotePropertyName $prop.Name -NotePropertyValue $prop.Value -Force + } + if ($AllActionValues.Count -gt 0) { + $Existing | Add-Member -NotePropertyName 'combinedActions' -NotePropertyValue $AllActionValues -Force + } + + return $Existing } if ($ListAllTenants.IsPresent) { - $ComputedStandards = @{} - foreach ($StandardName in $StandardsAllTenants.Standards.PSObject.Properties.Name) { - $CurrentStandard = $StandardsAllTenants.Standards.$StandardName - #Write-Host ($CurrentStandard | ConvertTo-Json -Depth 10) - if ($CurrentStandard.remediate -eq $true -or $CurrentStandard.alert -eq $true -or $CurrentStandard.report -eq $true) { - #Write-Host "AllTenant Standard $StandardName" - $ComputedStandards[$StandardName] = $CurrentStandard + $AllTenantsTemplates = $Templates | Where-Object { + $_.tenantFilter.value -contains 'AllTenants' + } + + $ComputedStandards = [ordered]@{} + + foreach ($Template in $AllTenantsTemplates) { + $Standards = $Template.standards + foreach ($StandardName in $Standards.PSObject.Properties.Name) { + $CurrentStandard = $Standards.$StandardName.PSObject.Copy() + $Actions = $CurrentStandard.action.value + if ($Actions -contains 'Remediate' -or $Actions -contains 'warn' -or $Actions -contains 'Report') { + if (-not $ComputedStandards.Contains($StandardName)) { + $ComputedStandards[$StandardName] = $CurrentStandard + } else { + $ComputedStandards[$StandardName] = Merge-Standards $ComputedStandards[$StandardName] $CurrentStandard + } + } } } + + # Normalize each standard before outputting foreach ($Standard in $ComputedStandards.Keys) { + # Normalize-Standard will convert combinedActions into remediate/alert/report and remove action arrays. + $Normalized = Normalize-Standard $ComputedStandards[$Standard] [pscustomobject]@{ Tenant = 'AllTenants' Standard = $Standard - Settings = $ComputedStandards.$Standard + Settings = $Normalized } } + } else { - foreach ($Tenant in $Tenants) { - #Write-Host "`r`n###### Tenant: $($Tenant.defaultDomainName)" - $StandardsTenant = $Standards | Where-Object { $_.Tenant -eq $Tenant.defaultDomainName } - - $ComputedStandards = @{} - if ($StandardsTenant.Standards.OverrideAllTenants.remediate -ne $true) { - #Write-Host 'AllTenant Standards apply to this tenant.' - foreach ($StandardName in $StandardsAllTenants.Standards.PSObject.Properties.Name) { - $CurrentStandard = $StandardsAllTenants.Standards.$StandardName.PSObject.Copy() - #Write-Host ($CurrentStandard | ConvertTo-Json -Depth 10) - if ($CurrentStandard.remediate -eq $true -or $CurrentStandard.alert -eq $true -or $CurrentStandard.report -eq $true) { - #Write-Host "AllTenant Standard $StandardName" - $ComputedStandards[$StandardName] = $CurrentStandard - } + foreach ($Tenant in $AllTenantsList) { + $TenantName = $Tenant.defaultDomainName + $ApplicableTemplates = $Templates | ForEach-Object { + $template = $_ + $tenantFilterValues = $template.tenantFilter | ForEach-Object { $_.value } + $excludedTenantValues = @() + if ($template.excludedTenants) { + $excludedTenantValues = $template.excludedTenants | ForEach-Object { $_.value } } - } - foreach ($StandardName in $StandardsTenant.Standards.PSObject.Properties.Name) { - if ($StandardName -eq 'OverrideAllTenants') { continue } - $CurrentStandard = $StandardsTenant.Standards.$StandardName.PSObject.Copy() + $AllTenantsApplicable = $false + $TenantSpecificApplicable = $false - if ($CurrentStandard.remediate -eq $true -or $CurrentStandard.alert -eq $true -or $CurrentStandard.report -eq $true) { - # Write-Host "`r`nTenant: $StandardName" - if (!$ComputedStandards[$StandardName] ) { - #Write-Host "Applying tenant level $StandardName" - $ComputedStandards[$StandardName] = $CurrentStandard - } else { - foreach ($Setting in $CurrentStandard.PSObject.Properties.Name) { - # Write-Host "$Setting - Current: $($CurrentStandard.$Setting) | Computed: $($ComputedStandards[$StandardName].$($Setting))" - if ($CurrentStandard.$Setting -ne $false -and ($CurrentStandard.$Setting -ne $ComputedStandards[$StandardName].$($Setting) -and ![string]::IsNullOrWhiteSpace($CurrentStandard.$Setting -or (Compare-Object $CurrentStandard.$Setting $ComputedStandards[$StandardName].$($Setting))))) { - #Write-Host "Overriding $Setting for $StandardName at tenant level" - if ($ComputedStandards[$StandardName].PSObject.Properties.Name -contains $Setting) { - $ComputedStandards[$StandardName].$($Setting) = $CurrentStandard.$Setting - } else { - $ComputedStandards[$StandardName] | Add-Member -NotePropertyName $Setting -NotePropertyValue $CurrentStandard.$Setting - } - } + if ($tenantFilterValues -contains 'AllTenants' -and (-not ($excludedTenantValues -contains $TenantName))) { + $AllTenantsApplicable = $true + } + + if ($tenantFilterValues -contains $TenantName) { + $TenantSpecificApplicable = $true + } + + if ($AllTenantsApplicable -or $TenantSpecificApplicable) { + $template + } + } + + $ComputedStandards = [ordered]@{} + foreach ($Template in $ApplicableTemplates) { + $Standards = $Template.standards + foreach ($StandardName in $Standards.PSObject.Properties.Name) { + $CurrentStandard = $Standards.$StandardName.PSObject.Copy() + $Actions = $CurrentStandard.action.value + if ($Actions -contains 'Remediate' -or $Actions -contains 'warn' -or $Actions -contains 'Report') { + if (-not $ComputedStandards.Contains($StandardName)) { + $ComputedStandards[$StandardName] = $CurrentStandard + } else { + $ComputedStandards[$StandardName] = Merge-Standards $ComputedStandards[$StandardName] $CurrentStandard } } } } + # Normalize each standard before outputting foreach ($Standard in $ComputedStandards.Keys) { + $Normalized = Normalize-Standard $ComputedStandards[$Standard] [pscustomobject]@{ - Tenant = $Tenant.defaultDomainName + Tenant = $TenantName Standard = $Standard - Settings = $ComputedStandards.$Standard + Settings = $Normalized } } } From fcf1e5aee2573a1c8dd030cf3241ad545c512356 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 10 Dec 2024 16:40:13 -0500 Subject: [PATCH 134/290] exclude dirsync user --- Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 | 5 ++--- .../CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 index 411e3c96a806..a64449523262 100644 --- a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 +++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAdmins.ps1 @@ -18,7 +18,7 @@ function Get-CIPPAlertMFAAdmins { } } if (!$DuoActive) { - $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&$filter=IsAdmin eq true' -tenantid $($TenantFilter) | Where-Object -Property 'isMfaRegistered' -EQ $false + $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&$filter=IsAdmin eq true and userDisplayName ne ''On-Premises Directory Synchronization Service Account''' -tenantid $($TenantFilter) | Where-Object -Property 'isMfaRegistered' -EQ $false if ($users.UserPrincipalName) { $AlertData = "The following admins do not have MFA registered: $($users.UserPrincipalName -join ', ')" Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData @@ -30,5 +30,4 @@ function Get-CIPPAlertMFAAdmins { } catch { Write-LogMessage -message "Failed to check MFA status for Admins: $($_.exception.message)" -API 'MFA Alerts - Informational' -tenant $TenantFilter -sev Error } - -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 index 0b59055ed560..a5c31c4f2bf5 100644 --- a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 +++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertMFAAlertUsers.ps1 @@ -12,7 +12,7 @@ function Get-CIPPAlertMFAAlertUsers { ) try { - $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&filter=isMfaRegistered eq false and userType eq ''member''&$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered' -tenantid $($TenantFilter) + $users = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?$top=999&filter=isMfaRegistered eq false and userType eq ''member'' and userDisplayName ne ''On-Premises Directory Synchronization Service Account''&$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered' -tenantid $($TenantFilter) if ($users.UserPrincipalName) { $AlertData = "The following $($users.Count) users do not have MFA registered: $($users.UserPrincipalName -join ', ')" Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData From 1cdb070d073886faa49551ac1e8b77d13bd6f4a6 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 10 Dec 2024 23:20:50 +0100 Subject: [PATCH 135/290] fix cippstandards --- .../ConvertTo-CippStandardObject.ps1 | 35 +++++++ .../Public/Standards/Get-CIPPStandards.ps1 | 99 +------------------ .../Public/Standards/Merge-CippStandards.ps1 | 34 +++++++ 3 files changed, 73 insertions(+), 95 deletions(-) create mode 100644 Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 create mode 100644 Modules/CIPPCore/Public/Standards/Merge-CippStandards.ps1 diff --git a/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 b/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 new file mode 100644 index 000000000000..2543cbf66d4a --- /dev/null +++ b/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 @@ -0,0 +1,35 @@ +function ConvertTo-CippStandardObject { + param( + [Parameter(Mandatory = $true)] + $StandardObject + ) + + $StandardObject = [pscustomobject]$StandardObject + + $AllActionValues = @() + if ($StandardObject.PSObject.Properties.Name -contains 'combinedActions') { + $AllActionValues = $StandardObject.combinedActions + $null = $StandardObject.PSObject.Properties.Remove('combinedActions') + } elseif ($StandardObject.PSObject.Properties.Name -contains 'action') { + $AllActionValues = $StandardObject.action.value + $null = $StandardObject.PSObject.Properties.Remove('action') + } + + $StandardObject | Add-Member -NotePropertyName 'remediate' -NotePropertyValue ($AllActionValues -contains 'Remediate') -Force + $StandardObject | Add-Member -NotePropertyName 'alert' -NotePropertyValue ($AllActionValues -contains 'warn') -Force + $StandardObject | Add-Member -NotePropertyName 'report' -NotePropertyValue ($AllActionValues -contains 'Report') -Force + + if ($StandardObject.PSObject.Properties.Name -contains 'standards' -and $StandardObject.standards) { + foreach ($standardKey in $StandardObject.standards.PSObject.Properties.Name) { + $NestedStandard = $StandardObject.standards.$standardKey + if ($NestedStandard) { + foreach ($nsProp in $NestedStandard.PSObject.Properties) { + $StandardObject | Add-Member -NotePropertyName $nsProp.Name -NotePropertyValue $nsProp.Value -Force + } + } + } + $null = $StandardObject.PSObject.Properties.Remove('standards') + } + + return $StandardObject +} diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index bebacbc788bf..ba3e097be762 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -1,47 +1,3 @@ -function Normalize-Standard { - param( - [Parameter(Mandatory = $true)] $StandardObject - ) - - # Ensure it's a PSCustomObject - $StandardObject = [pscustomobject]$StandardObject - - # Check if combinedActions is present - $AllActionValues = @() - if ($StandardObject.PSObject.Properties.Name -contains 'combinedActions') { - $AllActionValues = $StandardObject.combinedActions - # Remove combinedActions now that we have the values - $null = $StandardObject.PSObject.Properties.Remove('combinedActions') - } - - # Determine booleans based on combinedActions - $remediate = $AllActionValues -contains 'Remediate' - $alert = $AllActionValues -contains 'warn' - $report = $AllActionValues -contains 'Report' - - # Add or update the booleans - $StandardObject | Add-Member -NotePropertyName 'remediate' -NotePropertyValue $remediate -Force - $StandardObject | Add-Member -NotePropertyName 'alert' -NotePropertyValue $alert -Force - $StandardObject | Add-Member -NotePropertyName 'report' -NotePropertyValue $report -Force - - # Flatten any nested settings from 'standards' - if ($StandardObject.PSObject.Properties.Name -contains 'standards' -and $StandardObject.standards) { - foreach ($standardKey in $StandardObject.standards.PSObject.Properties.Name) { - $NestedStandard = $StandardObject.standards.$standardKey - if ($NestedStandard) { - # Move each property from the nested standard up - foreach ($nsProp in $NestedStandard.PSObject.Properties) { - $StandardObject | Add-Member -NotePropertyName $nsProp.Name -NotePropertyValue $nsProp.Value -Force - } - } - } - # Remove the 'standards' property after flattening - $null = $StandardObject.PSObject.Properties.Remove('standards') - } - - return $StandardObject -} - function Get-CIPPStandards { param( [Parameter(Mandatory = $false)] @@ -51,7 +7,7 @@ function Get-CIPPStandards { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" - $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter).JSON | ConvertFrom-Json + $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json $AllTenantsList = Get-Tenants if ($TenantFilter -ne 'allTenants') { @@ -60,49 +16,6 @@ function Get-CIPPStandards { } } - function Merge-Standards { - param( - [Parameter(Mandatory = $true)] $Existing, - [Parameter(Mandatory = $true)] $CurrentStandard - ) - - # Ensure PSCustomObject - $Existing = [pscustomobject]$Existing - $CurrentStandard = [pscustomobject]$CurrentStandard - - # Extract action from Existing - $ExistingActionValues = @() - if ($Existing.PSObject.Properties.Name -contains 'action') { - if ($Existing.action -and $Existing.action.value) { - $ExistingActionValues = @($Existing.action.value) - } - $null = $Existing.PSObject.Properties.Remove('action') - } - - # Extract action from CurrentStandard - $CurrentActionValues = @() - if ($CurrentStandard.PSObject.Properties.Name -contains 'action') { - if ($CurrentStandard.action -and $CurrentStandard.action.value) { - $CurrentActionValues = @($CurrentStandard.action.value) - } - $null = $CurrentStandard.PSObject.Properties.Remove('action') - } - - # Combine and get unique actions - $AllActionValues = ($ExistingActionValues + $CurrentActionValues) | Select-Object -Unique - - # Merge other properties from CurrentStandard into Existing - foreach ($prop in $CurrentStandard.PSObject.Properties) { - if ($prop.Name -eq 'action') { continue } - $Existing | Add-Member -NotePropertyName $prop.Name -NotePropertyValue $prop.Value -Force - } - if ($AllActionValues.Count -gt 0) { - $Existing | Add-Member -NotePropertyName 'combinedActions' -NotePropertyValue $AllActionValues -Force - } - - return $Existing - } - if ($ListAllTenants.IsPresent) { $AllTenantsTemplates = $Templates | Where-Object { $_.tenantFilter.value -contains 'AllTenants' @@ -119,15 +32,13 @@ function Get-CIPPStandards { if (-not $ComputedStandards.Contains($StandardName)) { $ComputedStandards[$StandardName] = $CurrentStandard } else { - $ComputedStandards[$StandardName] = Merge-Standards $ComputedStandards[$StandardName] $CurrentStandard + $ComputedStandards[$StandardName] = Merge-CippStandards $ComputedStandards[$StandardName] $CurrentStandard } } } } - # Normalize each standard before outputting foreach ($Standard in $ComputedStandards.Keys) { - # Normalize-Standard will convert combinedActions into remediate/alert/report and remove action arrays. $Normalized = Normalize-Standard $ComputedStandards[$Standard] [pscustomobject]@{ Tenant = 'AllTenants' @@ -173,15 +84,13 @@ function Get-CIPPStandards { if (-not $ComputedStandards.Contains($StandardName)) { $ComputedStandards[$StandardName] = $CurrentStandard } else { - $ComputedStandards[$StandardName] = Merge-Standards $ComputedStandards[$StandardName] $CurrentStandard + $ComputedStandards[$StandardName] = Merge-CippStandards $ComputedStandards[$StandardName] $CurrentStandard } } } } - - # Normalize each standard before outputting foreach ($Standard in $ComputedStandards.Keys) { - $Normalized = Normalize-Standard $ComputedStandards[$Standard] + $Normalized = ConvertTo-CippStandardObject $ComputedStandards[$Standard] [pscustomobject]@{ Tenant = $TenantName Standard = $Standard diff --git a/Modules/CIPPCore/Public/Standards/Merge-CippStandards.ps1 b/Modules/CIPPCore/Public/Standards/Merge-CippStandards.ps1 new file mode 100644 index 000000000000..abd8f21ab319 --- /dev/null +++ b/Modules/CIPPCore/Public/Standards/Merge-CippStandards.ps1 @@ -0,0 +1,34 @@ + +function Merge-CippStandards { + param( + [Parameter(Mandatory = $true)] $Existing, + [Parameter(Mandatory = $true)] $CurrentStandard + ) + $Existing = [pscustomobject]$Existing + $CurrentStandard = [pscustomobject]$CurrentStandard + $ExistingActionValues = @() + if ($Existing.PSObject.Properties.Name -contains 'action') { + if ($Existing.action -and $Existing.action.value) { + $ExistingActionValues = @($Existing.action.value) + } + $null = $Existing.PSObject.Properties.Remove('action') + } + + $CurrentActionValues = @() + if ($CurrentStandard.PSObject.Properties.Name -contains 'action') { + if ($CurrentStandard.action -and $CurrentStandard.action.value) { + $CurrentActionValues = @($CurrentStandard.action.value) + } + $null = $CurrentStandard.PSObject.Properties.Remove('action') + } + $AllActionValues = ($ExistingActionValues + $CurrentActionValues) | Select-Object -Unique + foreach ($prop in $CurrentStandard.PSObject.Properties) { + if ($prop.Name -eq 'action') { continue } + $Existing | Add-Member -NotePropertyName $prop.Name -NotePropertyValue $prop.Value -Force + } + if ($AllActionValues.Count -gt 0) { + $Existing | Add-Member -NotePropertyName 'combinedActions' -NotePropertyValue $AllActionValues -Force + } + + return $Existing +} From 5be5429900c0a22f1bf26f6d20deab92d6da679a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 10 Dec 2024 18:07:58 -0500 Subject: [PATCH 136/290] offboarding tweak --- .../Invoke-ExecOffboardTenant.ps1 | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 index 4a5cdd8708bc..be56f8bc5c5a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 @@ -12,15 +12,15 @@ Function Invoke-ExecOffboardTenant { try { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenantfilter = $request.body.tenantfilter - - # temp fix -rvdwegen - $tenantId = (Invoke-RestMethod -Method GET "https://login.windows.net/$Tenantfilter/.well-known/openid-configuration").token_endpoint.Split('/')[3] + $TenantQuery = $Request.Body.TenantFilter.value ?? $Request.Body.TenantFilter + $Tenant = Get-Tenants -IncludeAll -TenantFilter $TenantQuery + $TenantId = $Tenant.customerId + $TenantFilter = $Tenant.defaultDomainName $results = [System.Collections.ArrayList]@() $errors = [System.Collections.ArrayList]@() - if ($request.body.RemoveCSPGuestUsers) { + if ($request.body.RemoveCSPGuestUsers -eq $true) { # Delete guest users who's domains match the CSP tenants try { try { @@ -42,7 +42,7 @@ Function Invoke-ExecOffboardTenant { $BulkResults = New-GraphBulkRequest -Requests $BulkRequests -tenantid $TenantFilter $results.Add('Successfully removed guest users') - Write-LogMessage -user $ExecutingUser -API $APIName -message "CSP Guest users were removed" -Sev "Info" -tenant $TenantFilter + Write-LogMessage -user $ExecutingUser -API $APIName -message 'CSP Guest users were removed' -Sev 'Info' -tenant $TenantFilter } else { $results.Add('No guest users found to remove') } @@ -51,7 +51,7 @@ Function Invoke-ExecOffboardTenant { } } - if ($request.body.RemoveCSPnotificationContacts) { + if ($request.body.RemoveCSPnotificationContacts -eq $true) { # Remove all email adresses that match the CSP tenants domains from the contact properties in /organization try { try { @@ -72,19 +72,19 @@ Function Invoke-ExecOffboardTenant { } # foreach through the properties we want to check/update - @('marketingNotificationEmails','securityComplianceNotificationMails','technicalNotificationMails') | ForEach-Object { + @('marketingNotificationEmails', 'securityComplianceNotificationMails', 'technicalNotificationMails') | ForEach-Object { $property = $_ $propertyContacts = $orgContacts.($($property)) - if ($propertyContacts -AND ($domains -notcontains ($propertyContacts | ForEach-Object { $_.Split("@")[1] }))) { - $newPropertyContent = [System.Collections.Generic.List[object]]($propertyContacts | Where-Object { $domains -notcontains $_.Split("@")[1] }) + if ($propertyContacts -AND ($domains -notcontains ($propertyContacts | ForEach-Object { $_.Split('@')[1] }))) { + $newPropertyContent = [System.Collections.Generic.List[object]]($propertyContacts | Where-Object { $domains -notcontains $_.Split('@')[1] }) $patchContactBody = if (!($newPropertyContent)) { "{ `"$($property)`" : [] }" } else { [pscustomobject]@{ $property = $newPropertyContent } | ConvertTo-Json } try { - New-GraphPostRequest -type PATCH -body $patchContactBody -Uri "https://graph.microsoft.com/v1.0/organization/$($orgContacts.id)" -tenantid $Tenantfilter -ContentType "application/json" - $results.Add("Successfully removed notification contacts from $($property): $(($propertyContacts | Where-Object { $domains -contains $_.Split("@")[1] }))") - Write-LogMessage -user $ExecutingUser -API $APIName -message "Contacts were removed from $($property)" -Sev "Info" -tenant $TenantFilter + New-GraphPostRequest -type PATCH -body $patchContactBody -Uri "https://graph.microsoft.com/v1.0/organization/$($orgContacts.id)" -tenantid $Tenantfilter -ContentType 'application/json' + $results.Add("Successfully removed notification contacts from $($property): $(($propertyContacts | Where-Object { $domains -contains $_.Split('@')[1] }))") + Write-LogMessage -user $ExecutingUser -API $APIName -message "Contacts were removed from $($property)" -Sev 'Info' -tenant $TenantFilter } catch { $errors.Add("Failed to update property $($property): $($_.Exception.message)") } @@ -95,13 +95,13 @@ Function Invoke-ExecOffboardTenant { # Add logic for privacyProfile later - rvdwegen } - - if ($request.body.RemoveVendorApps) { - $request.body.RemoveVendorApps | ForEach-Object { + $VendorApps = $Request.Body.vendorApplications + if ($VendorApps) { + $VendorApps | ForEach-Object { try { $delete = (New-GraphPostRequest -type 'DELETE' -Uri "https://graph.microsoft.com/v1.0/serviceprincipals/$($_.value)" -tenantid $Tenantfilter) $results.Add("Successfully removed app $($_.label)") - Write-LogMessage -user $ExecutingUser -API $APIName -message "App $($_.label) was removed" -Sev "Info" -tenant $TenantFilter + Write-LogMessage -user $ExecutingUser -API $APIName -message "App $($_.label) was removed" -Sev 'Info' -tenant $TenantFilter } catch { #$results.Add("Failed to removed app $($_.displayName)") $errors.Add("Failed to removed app $($_.label)") @@ -110,7 +110,7 @@ Function Invoke-ExecOffboardTenant { } # All customer tenant specific actions ALWAYS have to be completed before this action! - if ($request.body.RemoveMultitenantCSPApps) { + if ($request.body.RemoveMultitenantCSPApps -eq $true) { # Remove multi-tenant apps with the CSP tenant as origin try { $multitenantCSPApps = (New-GraphGETRequest -Uri "https://graph.microsoft.com/v1.0/servicePrincipals?`$count=true&`$select=displayName,appId,id,appOwnerOrganizationId&`$filter=appOwnerOrganizationId eq $($env:TenantID)" -tenantid $Tenantfilter -ComplexFilter) @@ -119,7 +119,7 @@ Function Invoke-ExecOffboardTenant { try { $delete = (New-GraphPostRequest -type 'DELETE' -Uri "https://graph.microsoft.com/v1.0/serviceprincipals/$($_.id)" -tenantid $Tenantfilter) $results.Add("Successfully removed app $($_.displayName)") - Write-LogMessage -user $ExecutingUser -API $APIName -message "App $($_.displayName) was removed" -Sev "Info" -tenant $TenantFilter + Write-LogMessage -user $ExecutingUser -API $APIName -message "App $($_.displayName) was removed" -Sev 'Info' -tenant $TenantFilter } catch { #$results.Add("Failed to removed app $($_.displayName)") $errors.Add("Failed to removed app $($_.displayName)") @@ -131,7 +131,7 @@ Function Invoke-ExecOffboardTenant { } } - if ($request.body.TerminateGDAP) { + if ($request.body.TerminateGDAP -eq $true) { # Terminate GDAP relationships try { $TenantFilter @@ -142,7 +142,7 @@ Function Invoke-ExecOffboardTenant { try { $terminate = (New-GraphPostRequest -type 'POST' -Uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships/$($_.id)/requests" -body '{"action":"terminate"}' -ContentType 'application/json' -tenantid $env:TenantID) $results.Add("Successfully terminated GDAP relationship $($_.displayName) from tenant $TenantFilter") - Write-LogMessage -user $ExecutingUser -API $APIName -message "GDAP Relationship $($_.displayName) has been terminated" -Sev "Info" -tenant $TenantFilter + Write-LogMessage -user $ExecutingUser -API $APIName -message "GDAP Relationship $($_.displayName) has been terminated" -Sev 'Info' -tenant $TenantFilter } catch { $($_.Exception.message) #$results.Add("Failed to terminate GDAP relationship $($_.displayName): $($_.Exception.message)") @@ -156,12 +156,12 @@ Function Invoke-ExecOffboardTenant { } } - if ($request.body.TerminateContract) { + if ($request.body.TerminateContract -eq $true) { # Terminate contract relationship try { $terminate = (New-GraphPostRequest -type 'PATCH' -body '{ "relationshipToPartner": "none" }' -Uri "https://api.partnercenter.microsoft.com/v1/customers/$TenantFilter" -ContentType 'application/json' -scope 'https://api.partnercenter.microsoft.com/user_impersonation' -tenantid $env:TenantID) $results.Add('Successfully terminated contract relationship') - Write-LogMessage -user $ExecutingUser -API $APIName -message "Contract relationship terminated" -Sev "Info" -tenant $TenantFilter + Write-LogMessage -user $ExecutingUser -API $APIName -message 'Contract relationship terminated' -Sev 'Info' -tenant $TenantFilter } catch { #$results.Add("Failed to terminate contract relationship: $($_.Exception.message)") $errors.Add("Failed to terminate contract relationship: $($_.Exception.message)") From e41df33ecb892c0a1f973a6ed5a776b5ef5b6156 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 11 Dec 2024 00:31:05 +0100 Subject: [PATCH 137/290] Updated to have single tenant settings overwrite alltenants --- .../Public/Standards/Get-CIPPStandards.ps1 | 37 ++++++++++++++++++- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index ba3e097be762..56807b55778c 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -1,3 +1,4 @@ + function Get-CIPPStandards { param( [Parameter(Mandatory = $false)] @@ -7,6 +8,7 @@ function Get-CIPPStandards { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" + # Sorting by TimeStamp to ensure a consistent order if desired $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json $AllTenantsList = Get-Tenants @@ -39,7 +41,7 @@ function Get-CIPPStandards { } foreach ($Standard in $ComputedStandards.Keys) { - $Normalized = Normalize-Standard $ComputedStandards[$Standard] + $Normalized = ConvertTo-CippStandardObject $ComputedStandards[$Standard] [pscustomobject]@{ Tenant = 'AllTenants' Standard = $Standard @@ -50,6 +52,7 @@ function Get-CIPPStandards { } else { foreach ($Tenant in $AllTenantsList) { $TenantName = $Tenant.defaultDomainName + # Determine applicable templates $ApplicableTemplates = $Templates | ForEach-Object { $template = $_ $tenantFilterValues = $template.tenantFilter | ForEach-Object { $_.value } @@ -74,8 +77,19 @@ function Get-CIPPStandards { } } + # Separate AllTenants and Tenant-Specific templates + $AllTenantTemplatesSet = $ApplicableTemplates | Where-Object { + $_.tenantFilter.value -contains 'AllTenants' + } + + $TenantSpecificTemplatesSet = $ApplicableTemplates | Where-Object { + $_.tenantFilter.value -notcontains 'AllTenants' + } + $ComputedStandards = [ordered]@{} - foreach ($Template in $ApplicableTemplates) { + + # First merge AllTenants templates + foreach ($Template in $AllTenantTemplatesSet) { $Standards = $Template.standards foreach ($StandardName in $Standards.PSObject.Properties.Name) { $CurrentStandard = $Standards.$StandardName.PSObject.Copy() @@ -89,6 +103,25 @@ function Get-CIPPStandards { } } } + + # Then merge Tenant-Specific templates (overriding AllTenants where needed) + foreach ($Template in $TenantSpecificTemplatesSet) { + $Standards = $Template.standards + foreach ($StandardName in $Standards.PSObject.Properties.Name) { + $CurrentStandard = $Standards.$StandardName.PSObject.Copy() + $Actions = $CurrentStandard.action.value + if ($Actions -contains 'Remediate' -or $Actions -contains 'warn' -or $Actions -contains 'Report') { + if (-not $ComputedStandards.Contains($StandardName)) { + $ComputedStandards[$StandardName] = $CurrentStandard + } else { + # Tenant-specific overrides any previous AllTenants settings + $ComputedStandards[$StandardName] = Merge-CippStandards $ComputedStandards[$StandardName] $CurrentStandard + } + } + } + } + + # Normalize and output foreach ($Standard in $ComputedStandards.Keys) { $Normalized = ConvertTo-CippStandardObject $ComputedStandards[$Standard] [pscustomobject]@{ From b5300342b63866d416377d33ba94219f3be21f8b Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 10 Dec 2024 19:45:28 -0500 Subject: [PATCH 138/290] Update Invoke-ExecOffboardTenant.ps1 --- .../Administration/Invoke-ExecOffboardTenant.ps1 | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 index be56f8bc5c5a..c256f36c97e0 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOffboardTenant.ps1 @@ -130,19 +130,18 @@ Function Invoke-ExecOffboardTenant { $errors.Add("Failed to retrieve multitenant CSP apps, no apps have been removed: $($_.Exception.message)") } } - + $ClearCache = $false if ($request.body.TerminateGDAP -eq $true) { # Terminate GDAP relationships + $ClearCache = $true try { - $TenantFilter - $TenantFilter - $TenantFilter $delegatedAdminRelationships = (New-GraphGETRequest -Uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships?`$filter=(status eq 'active') AND (customer/tenantId eq '$tenantid')" -tenantid $env:TenantID) $delegatedAdminRelationships | ForEach-Object { try { $terminate = (New-GraphPostRequest -type 'POST' -Uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships/$($_.id)/requests" -body '{"action":"terminate"}' -ContentType 'application/json' -tenantid $env:TenantID) $results.Add("Successfully terminated GDAP relationship $($_.displayName) from tenant $TenantFilter") Write-LogMessage -user $ExecutingUser -API $APIName -message "GDAP Relationship $($_.displayName) has been terminated" -Sev 'Info' -tenant $TenantFilter + } catch { $($_.Exception.message) #$results.Add("Failed to terminate GDAP relationship $($_.displayName): $($_.Exception.message)") @@ -168,6 +167,11 @@ Function Invoke-ExecOffboardTenant { } } + if ($ClearCache) { + $null = Get-Tenants -CleanOld + $Results.Add('Tenant cache has been cleared') + } + $StatusCode = [HttpStatusCode]::OK $body = [pscustomobject]@{ 'Results' = @($results) From 3cfa8d1d19bfff9dadab8b6200ffd57816235d30 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 11 Dec 2024 10:20:47 -0500 Subject: [PATCH 139/290] clear partner tenant on mode change --- .../CIPP/Settings/Invoke-ExecPartnerMode.ps1 | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 index ef8ac9c65fda..eb2de4bcec39 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 @@ -25,6 +25,18 @@ Function Invoke-ExecPartnerMode { RowKey = 'PartnerModeSetting' state = $request.body.TenantMode } -Force + + if ($Request.Body.TenantMode -eq 'default') { + $Table = Get-CippTable -tablename 'Tenants' + $Tenant = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Tenants' and RowKey eq '$($env:TenantID)'" -Property RowKey, PartitionKey, customerId, displayName + if ($Tenant) { + try { + Remove-AzDataTableEntity -Force @Table -Entity $Tenant + } catch { + } + } + } + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK Body = @{ From 157330d9f97f8ab8f723e9de87b625f5fb5b7d03 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 11 Dec 2024 10:21:10 -0500 Subject: [PATCH 140/290] force listtenantonboarding to return a list --- .../Invoke-ListTenantOnboarding.ps1 | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1 index f8821c051a8a..50a3c1486f61 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1 @@ -12,16 +12,16 @@ function Invoke-ListTenantOnboarding { try { $OnboardTable = Get-CIPPTable -TableName 'TenantOnboarding' $TenantOnboardings = Get-CIPPAzDataTableEntity @OnboardTable - $Results = foreach ($TenantOnboarding in $TenantOnboardings) { - $Steps = $TenantOnboarding.OnboardingSteps | ConvertFrom-Json - $OnboardingSteps = foreach ($Step in $Steps.PSObject.Properties.Name) { $Steps.$Step } - $Relationship = try { $TenantOnboarding.Relationship | ConvertFrom-Json -ErrorAction Stop } catch { @{} } - $Logs = try { $TenantOnboarding.Logs | ConvertFrom-Json -ErrorAction Stop } catch { @{} } - $TenantOnboarding.OnboardingSteps = $OnboardingSteps - $TenantOnboarding.Relationship = $Relationship - $TenantOnboarding.Logs = $Logs - $TenantOnboarding - } + $Results = @(foreach ($TenantOnboarding in $TenantOnboardings) { + $Steps = $TenantOnboarding.OnboardingSteps | ConvertFrom-Json + $OnboardingSteps = foreach ($Step in $Steps.PSObject.Properties.Name) { $Steps.$Step } + $Relationship = try { $TenantOnboarding.Relationship | ConvertFrom-Json -ErrorAction Stop } catch { @{} } + $Logs = try { $TenantOnboarding.Logs | ConvertFrom-Json -ErrorAction Stop } catch { @{} } + $TenantOnboarding.OnboardingSteps = $OnboardingSteps + $TenantOnboarding.Relationship = $Relationship + $TenantOnboarding.Logs = $Logs + $TenantOnboarding + }) $StatusCode = [HttpStatusCode]::OK } catch { $ErrorMsg = Get-NormalizedError -message $($_.Exception.Message) From 64dedac91be911b13e4f40d250eccbc280df6944 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 11 Dec 2024 14:23:20 -0500 Subject: [PATCH 141/290] Update Invoke-ListGDAPInvite.ps1 --- .../HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 index 925ba30d856e..9242f8da2588 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 @@ -29,6 +29,6 @@ Function Invoke-ListGDAPInvite { # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = $Invite + Body = @($Invite) }) } From 0819f1c7226ab173c0d8b88a4ac15f436307c062 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 12 Dec 2024 21:07:10 +0100 Subject: [PATCH 142/290] added option to only get specific template --- .../Tenant/Standards/Invoke-AddStandardsTemplate.ps1 | 6 ++++++ .../CIPPCore/Public/Standards/Get-CIPPStandards.ps1 | 11 ++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 index f8b30bfbd087..a9106b0e3446 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 @@ -14,6 +14,11 @@ Function Invoke-AddStandardsTemplate { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $GUID = $Request.body.GUID ? $request.body.GUID : (New-Guid).GUID + #updatedBy = $request.headers.'x-ms-client-principal' + #updatedAt = (Get-Date).ToUniversalTime() + $request.body | Add-Member -NotePropertyName 'createdAt' -NotePropertyValue ($Request.body.createdAt ? $Request.body.createdAt : (Get-Date).ToUniversalTime()) -Force + $Request.body | Add-Member -NotePropertyName 'updatedBy' -NotePropertyValue ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($request.headers.'x-ms-client-principal')) | ConvertFrom-Json).userDetails -Force + $Request.body | Add-Member -NotePropertyName 'updatedAt' -NotePropertyValue (Get-Date).ToUniversalTime() -Force $JSON = (ConvertTo-Json -Depth 100 -InputObject ($Request.body)) $Table = Get-CippTable -tablename 'templates' $Table.Force = $true @@ -22,6 +27,7 @@ Function Invoke-AddStandardsTemplate { RowKey = "$GUID" PartitionKey = 'StandardsTemplateV2' GUID = "$GUID" + } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created CA Template $($Request.body.name) with GUID $GUID" -Sev 'Debug' $body = [pscustomobject]@{'Results' = 'Successfully added template' } diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index 56807b55778c..97c53745e3de 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -3,13 +3,18 @@ function Get-CIPPStandards { param( [Parameter(Mandatory = $false)] [string]$TenantFilter = 'allTenants', - [switch]$ListAllTenants + [Parameter(Mandatory = $false)] + [switch]$ListAllTenants, + [Parameter(Mandatory = $false)] + $TemplateId = '*' + ) $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" - # Sorting by TimeStamp to ensure a consistent order if desired - $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json + $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json | Where-Object { + $_.guid -like $TemplateId + } $AllTenantsList = Get-Tenants if ($TenantFilter -ne 'allTenants') { From f55c27f2e239a06e378051ebe657e3bf5523eda2 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 12 Dec 2024 16:13:27 -0500 Subject: [PATCH 143/290] message trace tweaks --- .../Invoke-ListMessageTrace.ps1 | 30 +++++++++++-------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 index 25a5e57b1e59..3b649a74b379 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 @@ -13,23 +13,29 @@ Function Invoke-ListMessageTrace { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - try { - $TenantFilter = $request.query.TenantFilter + $TenantFilter = $Request.Body.tenantFilter $SearchParams = @{ - StartDate = (Get-Date).AddDays( - $($request.query.days)).ToString('s') - EndDate = (Get-Date).ToString('s') + StartDate = (Get-Date).AddDays( - $($Request.Body.days)).ToUniversalTime().ToString('s') + EndDate = (Get-Date).ToUniversalTime().ToString('s') + } + + if (![string]::IsNullOrEmpty($Request.Body.recipient)) { + $Searchparams.Add('RecipientAddress', $($Request.Body.recipient)) + } + if (![string]::IsNullOrEmpty($Request.Body.sender)) { + $Searchparams.Add('SenderAddress', $($Request.Body.sender)) } - if ($null -ne $request.query.recipient) { $Searchparams.Add('RecipientAddress', $($request.query.recipient)) } - if ($null -ne $request.query.sender) { $Searchparams.Add('SenderAddress', $($request.query.sender)) } - $type = $request.query.Tracedetail - $trace = if ($Request.Query.Tracedetail) { - New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-MessageTraceDetail' -cmdParams $Searchparams - Get-MessageTraceDetail -MessageTraceId $Request.Query.ID -RecipientAddress $request.query.recipient -erroraction stop | Select-Object Event, Action, Detail, @{ Name = 'Date'; Expression = { $_.Date.Tostring('s') } } + $trace = if ($Request.Body.traceDetail) { + $CmdParams = @{ + MessageTraceId = $Request.Body.ID + RecipientAddress = $Request.Body.recipient + } + New-ExoRequest -TenantId $TenantFilter -Cmdlet 'Get-MessageTraceDetail' -CmdParams $CmdParams | Select-Object @{ Name = 'Date'; Expression = { $_.Date.ToString('u') } }, Event, Action, Detail } else { - New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-MessageTrace' -cmdParams $Searchparams | Select-Object MessageTraceId, Status, Subject, RecipientAddress, SenderAddress, @{ Name = 'Date'; Expression = { $_.Received.tostring('s') } } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message 'Executed message trace' -Sev 'Info' + New-ExoRequest -TenantId $TenantFilter -Cmdlet 'Get-MessageTrace' -CmdParams $SearchParams | Select-Object MessageTraceId, Status, Subject, RecipientAddress, SenderAddress, @{ Name = 'Received'; Expression = { $_.Received.ToString('u') } } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($TenantFilter) -message 'Executed message trace' -Sev 'Info' } } catch { From 3782c5dfb7256f55c3d91f58a2edfe11edf07705 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 12 Dec 2024 22:51:48 +0100 Subject: [PATCH 144/290] standards updates --- .../Standards/Push-GetStandards.ps1 | 3 ++- .../Tenant/Standards/Invoke-ExecStandardsRun.ps1 | 15 +++++++++++++-- .../CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 | 16 +++++++++++++--- .../Public/Standards/Get-CIPPStandards.ps1 | 8 +++++--- Modules/CIPPCore/Public/Test-CIPPRerun.ps1 | 2 +- 5 files changed, 34 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 index fa1b43313add..9c13ea977c4b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 @@ -6,6 +6,7 @@ function Push-GetStandards { Param($Item) $Params = $Item.StandardParams | ConvertTo-Json | ConvertFrom-Json -AsHashtable + Write-Host "My params are $Params" try { $AllTasks = Get-CIPPStandards @Params foreach ($task in $AllTasks) { @@ -22,4 +23,4 @@ function Push-GetStandards { Write-Host "GetStandards Exception $($_.Exception.Message)" } -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 index 7a400591b6f0..5c86e7ba93f2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardsRun.ps1 @@ -12,19 +12,28 @@ Function Invoke-ExecStandardsRun { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $tenantfilter = if ($Request.Query.TenantFilter) { $Request.Query.TenantFilter } else { 'allTenants' } + $TemplateId = if ($Request.Query.TemplateId) { $Request.Query.TemplateId } else { '*' } + $Table = Get-CippTable -tablename 'templates' + $Filter = "PartitionKey eq 'StandardsTemplateV2'" + $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json | Where-Object { + $_.guid -like $TemplateId + } + + $ConfigTable = Get-CIPPTable -tablename Config $Config = Get-CIPPAzDataTableEntity @ConfigTable -Filter "PartitionKey eq 'OffloadFunctions' and RowKey eq 'OffloadFunctions'" if ($Config -and $Config.state -eq $true) { if ($env:CIPP_PROCESSOR -ne 'true') { - $ProcessorFunction = [PSCustomObject]@{ PartitionKey = 'Function' RowKey = "Invoke-CIPPStandardsRun-$tenantfilter" FunctionName = 'Invoke-CIPPStandardsRun' Parameters = [string](ConvertTo-Json -Compress -InputObject @{ TenantFilter = $tenantfilter + TemplateId = $TemplateId + runManually = [bool]$Templates.runManually Force = $true }) } @@ -34,10 +43,12 @@ Function Invoke-ExecStandardsRun { } } else { try { - $null = Invoke-CIPPStandardsRun -Tenantfilter $tenantfilter -Force + $null = Invoke-CIPPStandardsRun -Tenantfilter $tenantfilter -TemplateID $TemplateId -runManually ([bool]$Templates.runManually) -Force $Results = "Successfully Started Standards Run for Tenant $tenantfilter" + Write-LogMessage -tenant $tenantfilter -API $APINAME -message $Results -Sev 'Info' } catch { $Results = "Failed to start standards run for $tenantfilter. Error: $($_.Exception.Message)" + Write-LogMessage -tenant $tenantfilter -API $APINAME -message $Results -Sev 'Error' } } diff --git a/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 index de30f5f78e99..fdfd48276292 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPStandardsRun.ps1 @@ -4,11 +4,17 @@ function Invoke-CIPPStandardsRun { param( [Parameter(Mandatory = $false)] [string]$TenantFilter = 'allTenants', - [switch]$Force + [Parameter(Mandatory = $false)] + [switch]$Force, + [Parameter(Mandatory = $false)] + $TemplateID, + [Parameter(Mandatory = $false)] + $runManually = $false + ) Write-Host "Starting process for standards - $($tenantFilter)" - $AllTasks = Get-CIPPStandards -TenantFilter $TenantFilter + $AllTasks = Get-CIPPStandards if ($Force.IsPresent) { Write-Host 'Clearing Rerun Cache' @@ -27,10 +33,14 @@ function Invoke-CIPPStandardsRun { QueueId = $Queue.RowKey StandardParams = @{ TenantFilter = $TenantFilter + runManually = $runManually } } } - + if ($TemplateID) { + $InputObject.QueueFunction.StandardParams['TemplateId'] = $TemplateID + } + Write-Host "InputObject: $($InputObject | ConvertTo-Json -Depth 5 -Compress)" $InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) Write-Host "Started orchestration with ID = '$InstanceId'" #$Orchestrator = New-OrchestrationCheckStatusResponse -Request $Request -InstanceId $InstanceId diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index 97c53745e3de..c6800713838a 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -6,16 +6,18 @@ function Get-CIPPStandards { [Parameter(Mandatory = $false)] [switch]$ListAllTenants, [Parameter(Mandatory = $false)] - $TemplateId = '*' - + $TemplateId = '*', + [Parameter(Mandatory = $false)] + $runManually = $false ) $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json | Where-Object { - $_.guid -like $TemplateId + $_.guid -like $TemplateId -and $_.runManually -eq $runManually } + $AllTenantsList = Get-Tenants if ($TenantFilter -ne 'allTenants') { $AllTenantsList = $AllTenantsList | Where-Object { diff --git a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 index fbf284b58a90..b8e27a6b4269 100644 --- a/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPRerun.ps1 @@ -21,7 +21,7 @@ function Test-CIPPRerun { $RerunData = Get-CIPPAzDataTableEntity @RerunTable -filter "PartitionKey eq '$($TenantFilter)' and RowKey eq '$($Type)_$($API)'" if ($Clear.IsPresent) { if ($RerunData) { - Remove-CIPPAzDataTableEntity @RerunTable -Entity $RerunData + Remove-AzDataTableEntity @RerunTable -Entity $RerunData } return $false } elseif ($RerunData) { From 02230ed26bef1f772ea1ee2c28e9482c34b704eb Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 12 Dec 2024 23:52:00 +0100 Subject: [PATCH 145/290] improvements CA standard --- .../Standards/Push-GetStandards.ps1 | 3 +- .../Standards/Invoke-AddStandardsTemplate.ps1 | 1 + .../ConvertTo-CippStandardObject.ps1 | 56 +++++++++++++------ .../Public/Standards/Get-CIPPStandards.ps1 | 2 +- ...CIPPStandardConditionalAccessTemplate.ps1} | 11 ++-- .../Invoke-CIPPStandardIntuneTemplate.ps1 | 17 +----- 6 files changed, 51 insertions(+), 39 deletions(-) rename Modules/CIPPCore/Public/Standards/{Invoke-CIPPStandardConditionalAccess.ps1 => Invoke-CIPPStandardConditionalAccessTemplate.ps1} (66%) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 index 9c13ea977c4b..fea482139854 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Standards/Push-GetStandards.ps1 @@ -6,9 +6,10 @@ function Push-GetStandards { Param($Item) $Params = $Item.StandardParams | ConvertTo-Json | ConvertFrom-Json -AsHashtable - Write-Host "My params are $Params" + Write-Host "My params are $($Params | ConvertTo-Json -Depth 5 -Compress)" try { $AllTasks = Get-CIPPStandards @Params + Write-Host "AllTasks: $($AllTasks | ConvertTo-Json -Depth 5 -Compress)" foreach ($task in $AllTasks) { [PSCustomObject]@{ Tenant = $task.Tenant diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 index a9106b0e3446..71fa0635d60a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-AddStandardsTemplate.ps1 @@ -16,6 +16,7 @@ Function Invoke-AddStandardsTemplate { $GUID = $Request.body.GUID ? $request.body.GUID : (New-Guid).GUID #updatedBy = $request.headers.'x-ms-client-principal' #updatedAt = (Get-Date).ToUniversalTime() + $request.body | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID -Force $request.body | Add-Member -NotePropertyName 'createdAt' -NotePropertyValue ($Request.body.createdAt ? $Request.body.createdAt : (Get-Date).ToUniversalTime()) -Force $Request.body | Add-Member -NotePropertyName 'updatedBy' -NotePropertyValue ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($request.headers.'x-ms-client-principal')) | ConvertFrom-Json).userDetails -Force $Request.body | Add-Member -NotePropertyName 'updatedAt' -NotePropertyValue (Get-Date).ToUniversalTime() -Force diff --git a/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 b/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 index 2543cbf66d4a..ee3e5b680072 100644 --- a/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 +++ b/Modules/CIPPCore/Public/Standards/ConvertTo-CippStandardObject.ps1 @@ -4,32 +4,56 @@ function ConvertTo-CippStandardObject { $StandardObject ) - $StandardObject = [pscustomobject]$StandardObject + # If $StandardObject is an array (like for ConditionalAccessTemplate or IntuneTemplate), + # we need to process each item individually. + if ($StandardObject -is [System.Collections.IEnumerable] -and -not ($StandardObject -is [string])) { + $ProcessedItems = New-Object System.Collections.ArrayList + foreach ($Item in $StandardObject) { + $ProcessedItems.Add((Convert-SingleStandardObject $Item)) | Out-Null + } + return [System.Collections.ArrayList]$ProcessedItems + } else { + # Single object scenario + return Convert-SingleStandardObject $StandardObject + } +} + +function Convert-SingleStandardObject { + param( + [Parameter(Mandatory = $true)] + $Obj + ) + + $Obj = [pscustomobject]$Obj $AllActionValues = @() - if ($StandardObject.PSObject.Properties.Name -contains 'combinedActions') { - $AllActionValues = $StandardObject.combinedActions - $null = $StandardObject.PSObject.Properties.Remove('combinedActions') - } elseif ($StandardObject.PSObject.Properties.Name -contains 'action') { - $AllActionValues = $StandardObject.action.value - $null = $StandardObject.PSObject.Properties.Remove('action') + if ($Obj.PSObject.Properties.Name -contains 'combinedActions') { + $AllActionValues = $Obj.combinedActions + $null = $Obj.PSObject.Properties.Remove('combinedActions') + } elseif ($Obj.PSObject.Properties.Name -contains 'action') { + if ($Obj.action -and $Obj.action.value) { + $AllActionValues = $Obj.action.value + } + $null = $Obj.PSObject.Properties.Remove('action') } - $StandardObject | Add-Member -NotePropertyName 'remediate' -NotePropertyValue ($AllActionValues -contains 'Remediate') -Force - $StandardObject | Add-Member -NotePropertyName 'alert' -NotePropertyValue ($AllActionValues -contains 'warn') -Force - $StandardObject | Add-Member -NotePropertyName 'report' -NotePropertyValue ($AllActionValues -contains 'Report') -Force + # Convert actions to booleans + $Obj | Add-Member -NotePropertyName 'remediate' -NotePropertyValue ($AllActionValues -contains 'Remediate') -Force + $Obj | Add-Member -NotePropertyName 'alert' -NotePropertyValue ($AllActionValues -contains 'warn') -Force + $Obj | Add-Member -NotePropertyName 'report' -NotePropertyValue ($AllActionValues -contains 'Report') -Force - if ($StandardObject.PSObject.Properties.Name -contains 'standards' -and $StandardObject.standards) { - foreach ($standardKey in $StandardObject.standards.PSObject.Properties.Name) { - $NestedStandard = $StandardObject.standards.$standardKey + # Flatten standards if present + if ($Obj.PSObject.Properties.Name -contains 'standards' -and $Obj.standards) { + foreach ($standardKey in $Obj.standards.PSObject.Properties.Name) { + $NestedStandard = $Obj.standards.$standardKey if ($NestedStandard) { foreach ($nsProp in $NestedStandard.PSObject.Properties) { - $StandardObject | Add-Member -NotePropertyName $nsProp.Name -NotePropertyValue $nsProp.Value -Force + $Obj | Add-Member -NotePropertyName $nsProp.Name -NotePropertyValue $nsProp.Value -Force } } } - $null = $StandardObject.PSObject.Properties.Remove('standards') + $null = $Obj.PSObject.Properties.Remove('standards') } - return $StandardObject + return $Obj } diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index c6800713838a..bf5a762ecc65 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -14,7 +14,7 @@ function Get-CIPPStandards { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter | Sort-Object TimeStamp).JSON | ConvertFrom-Json | Where-Object { - $_.guid -like $TemplateId -and $_.runManually -eq $runManually + $_.GUID -like $TemplateId -and $_.runManually -eq $runManually } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccessTemplate.ps1 similarity index 66% rename from Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 rename to Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccessTemplate.ps1 index 81e978febdc7..384a13d1814e 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccessTemplate.ps1 @@ -1,4 +1,4 @@ -function Invoke-CIPPStandardConditionalAccess { +function Invoke-CIPPStandardConditionalAccessTemplate { <# .FUNCTIONALITY Internal @@ -10,12 +10,13 @@ function Invoke-CIPPStandardConditionalAccess { $APINAME = 'Standards' - foreach ($Template in $Settings.TemplateList) { + foreach ($Setting in $Settings) { try { + $Table = Get-CippTable -tablename 'templates' - $Filter = "PartitionKey eq 'CATemplate' and RowKey eq '$($Template.value)'" - $JSONObj = (Get-AzDataTableEntity @Table -Filter $Filter).JSON - $null = New-CIPPCAPolicy -TenantFilter $tenant -state $request.body.NewState -RawJSON $JSONObj -Overwrite $true -APIName $APIName -ExecutingUser $request.headers.'x-ms-client-principal' -ReplacePattern 'displayName' + $Filter = "PartitionKey eq 'CATemplate' and RowKey eq '$($Setting.TemplateList.value)'" + $JSONObj = (Get-CippAzDataTableEntity @Table -Filter $Filter).JSON + $null = New-CIPPCAPolicy -TenantFilter $tenant -state $Setting.state -RawJSON $JSONObj -Overwrite $true -APIName $APIName -ExecutingUser $request.headers.'x-ms-client-principal' -ReplacePattern 'displayName' } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to create or update conditional access rule $($JSONObj.displayName). Error: $ErrorMessage" -sev 'Error' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 index eec9dafd00db..953836f15d83 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 @@ -20,22 +20,7 @@ function Invoke-CIPPStandardIntuneTemplate { $displayname = $request.body.Displayname $description = $request.body.Description $RawJSON = $Request.body.RawJSON - $TemplateTypeURL = $Request.body.Type - - Set-CIPPIntunePolicy -TemplateType $Request.body.Type -Description $description -DisplayName $displayname -RawJSON $RawJSON -AssignTo $Template.AssignedTo -tenantFilter $Tenant - - #Legacy assign, only required for older templates. - if ($Settings.AssignTo) { - Write-Host "Assigning Policy to $($Settings.AssignTo) the create ID is $($CreateRequest)" - if ($Settings.AssignTo -eq 'customGroup') { $Settings.AssignTo = $Settings.customGroup } - if ($ExistingID) { - Set-CIPPAssignedPolicy -PolicyId $ExistingID.id -TenantFilter $tenant -GroupName $Settings.AssignTo -Type $TemplateTypeURL - Write-LogMessage -API 'Standards' -tenant $tenant -message "Successfully updated Intune Template $PolicyName policy for $($Tenant)" -sev 'Info' - } else { - Set-CIPPAssignedPolicy -PolicyId $CreateRequest.id -TenantFilter $tenant -GroupName $Settings.AssignTo -Type $TemplateTypeURL - Write-LogMessage -API 'Standards' -tenant $tenant -message "Successfully created Intune Template $PolicyName policy for $($Tenant)" -sev 'Info' - } - } + Set-CIPPIntunePolicy -TemplateType $Request.body.Type -Description $description -DisplayName $displayname -RawJSON $RawJSON -AssignTo $Template.AssignTo -tenantFilter $Tenant } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message From 479ea6c6e22787b5d02521a33bf254181a3a9e45 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 13 Dec 2024 02:25:06 +0100 Subject: [PATCH 146/290] fix backup bug --- .../CIPP/Settings/Invoke-ExecRestoreBackup.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 index 5355e8ddec32..1370ef303cb3 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1 @@ -13,11 +13,11 @@ Function Invoke-ExecRestoreBackup { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' try { - if ($Request.Body.BackupName) { + if ($Request.Body.BackupName -like 'CippBackup_*') { $Table = Get-CippTable -tablename 'CIPPBackup' $Backup = Get-CippAzDataTableEntity @Table -Filter "RowKey eq '$($Request.Body.BackupName)'" if ($Backup) { - $BackupData = $Backup.Backup | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag, Timestamp + $BackupData = $Backup.Backup | ConvertFrom-Json -ErrorAction SilentlyContinue | Select-Object * -ExcludeProperty ETag, Timestamp $BackupData | ForEach-Object { $Table = Get-CippTable -tablename $_.table @@ -36,7 +36,7 @@ Function Invoke-ExecRestoreBackup { } } } else { - foreach ($line in ($Request.body | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag, Timestamp)) { + foreach ($line in ($Request.body | Select-Object * -ExcludeProperty ETag, Timestamp)) { $Table = Get-CippTable -tablename $line.table $ht2 = @{} $line.psobject.properties | ForEach-Object { $ht2[$_.Name] = [string]$_.Value } From 6c01961659c275d24801c3aa8b7861c9f1ed7e69 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 12 Dec 2024 22:52:02 -0500 Subject: [PATCH 147/290] Add messageId parameter --- .../Email-Exchange/Invoke-ListMessageTrace.ps1 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 index 3b649a74b379..d7264d89593e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 @@ -15,9 +15,15 @@ Function Invoke-ListMessageTrace { try { $TenantFilter = $Request.Body.tenantFilter - $SearchParams = @{ - StartDate = (Get-Date).AddDays( - $($Request.Body.days)).ToUniversalTime().ToString('s') - EndDate = (Get-Date).ToUniversalTime().ToString('s') + + if ($Request.Body.MessageId) { + $SearchParams = @{ 'MessageId' = $Request.Body.messageId } + } else { + $Days = $Request.Body.days + $SearchParams = @{ + StartDate = (Get-Date).AddDays(-$Days).ToUniversalTime().ToString('s') + EndDate = (Get-Date).ToUniversalTime().ToString('s') + } } if (![string]::IsNullOrEmpty($Request.Body.recipient)) { From dbf0634af32ad86c10b89c9c1f8236fc03bcf7ae Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 12 Dec 2024 23:49:32 -0500 Subject: [PATCH 148/290] add available cmdlet support --- .../Email-Exchange/Invoke-ListExoRequest.ps1 | 99 ++++++++++++------- 1 file changed, 63 insertions(+), 36 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExoRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExoRequest.ps1 index 4fced9c1680e..6e31de2403ce 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExoRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExoRequest.ps1 @@ -16,49 +16,76 @@ function Invoke-ListExoRequest { $Tenants = Get-Tenants -IncludeErrors $Tenant = $Tenants | Where-Object { $_.defaultDomainName -eq $TenantFilter -or $_.customerId -eq $TenantFilter } if ($Tenant.customerId -in $AllowedTenants -or $AllowedTenants -eq 'AllTenants') { - if ($AllowedVerbs -notcontains $Verb) { - $Body = [pscustomobject]@{ - Results = "Invalid cmdlet: $Cmdlet" + if ($Request.Body.AvailableCmdlets) { + $ExoRequest = @{ + TenantID = $TenantFilter + AvailableCmdlets = $true + } + if ($Request.Body.AsApp -eq $true) { + $ExoRequest.AsApp = $true + } + if ($Request.Body.Compliance -eq $true) { + $ExoRequest.Compliance = $true + } + $Results = New-ExoRequest @ExoRequest + $Body = [PSCustomObject]@{ + Results = $Results | Select-Object @{ Name = 'Cmdlet'; Expression = { $_ } } + Metadata = @{ + Count = ($Results | Measure-Object).Count + } + } + } else { + if ($AllowedVerbs -notcontains $Verb) { + $Body = [pscustomobject]@{ + Results = "Invalid cmdlet: $Cmdlet" + } + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::BadRequest + Body = $Body + }) + return + } + $ExoParams = @{ + Cmdlet = $Cmdlet + cmdParams = $cmdParams + tenantid = $TenantFilter } - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::BadRequest - Body = $Body - }) - return - } - $ExoParams = @{ - Cmdlet = $Cmdlet - cmdParams = $cmdParams - tenantid = $TenantFilter - } - if ($Request.Body.Select) { - $ExoParams.Select = $Request.Body.Select - } + if ($Request.Body.Select) { + $ExoParams.Select = $Request.Body.Select + } - if ($Request.Body.UseSystemMailbox -eq $true) { - $ExoParams.useSystemMailbox = $true - } + if ($Request.Body.UseSystemMailbox -eq $true) { + $ExoParams.useSystemMailbox = $true + } - if ($Request.Body.Anchor) { - $ExoParams.Anchor = $Request.Body.Anchor - } + if ($Request.Body.Anchor) { + $ExoParams.Anchor = $Request.Body.Anchor + } - if ($Request.Body.Compliance -eq $true) { - $ExoParams.Compliance = $true - } + if ($Request.Body.Compliance -eq $true) { + $ExoParams.Compliance = $true + } - if ($Request.Body.AsApp -eq $true) { - $ExoParams.AsApp = $true - } + if ($Request.Body.AsApp -eq $true) { + $ExoParams.AsApp = $true + } - $Results = New-ExoRequest @ExoParams - $Body = [pscustomobject]@{ - Results = $Results - } - } else { - $Body = [pscustomobject]@{ - Results = "Invalid tenant: $TenantFilter" + try { + $Results = New-ExoRequest @ExoParams + $Body = [pscustomobject]@{ + Results = $Results + } + } catch { + $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message + $Body = [pscustomobject]@{ + Results = @(@{ Error = $ErrorMessage }) + } + } + } else { + $Body = [pscustomobject]@{ + Results = "Invalid tenant: $TenantFilter" + } } } } catch { From 344e9522fdc7ad4a046911a4028a24c3c7e0652d Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 13 Dec 2024 15:02:38 +0100 Subject: [PATCH 149/290] convert legacy stuff --- .../Standards/Invoke-ExecStandardConvert.ps1 | 235 ++++++++++++++++++ 1 file changed, 235 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 new file mode 100644 index 000000000000..d8d03c9efd94 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 @@ -0,0 +1,235 @@ +using namespace System.Net + +function Invoke-ExecStandardConvert { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Tenant.Standards.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + function Convert-SingleStandardItem { + param( + [Parameter(Mandatory)] + $OldStd + ) + + $Actions = New-Object System.Collections.ArrayList + $RemediatePresent = ($OldStd.PSObject.Properties.Name -contains 'remediate') + $AlertPresent = ($OldStd.PSObject.Properties.Name -contains 'alert') + $ReportPresent = ($OldStd.PSObject.Properties.Name -contains 'report') + + $RemediateTrue = $RemediatePresent -and $OldStd.remediate -eq $true + $AlertTrue = $AlertPresent -and $OldStd.alert -eq $true + $ReportTrue = $ReportPresent -and $OldStd.report -eq $true + + if (-not ($RemediateTrue -or $AlertTrue -or $ReportTrue)) { + return $null + } + + if ($RemediateTrue) { + [void]$Actions.Add([pscustomobject]@{label = 'Remediate'; value = 'Remediate' }) + } + if ($AlertTrue) { + [void]$Actions.Add([pscustomobject]@{label = 'Alert'; value = 'warn' }) + } + if ($ReportTrue) { + [void]$Actions.Add([pscustomobject]@{label = 'Report'; value = 'Report' }) + } + + $propsToCopy = $OldStd | Select-Object * -ExcludeProperty alert, report, remediate + $Result = [ordered]@{} + if ($Actions.Count -gt 0) { + $ActionArray = $Actions | ForEach-Object { $_ } + $Result.action = @($ActionArray) + } + + foreach ($prop in $propsToCopy.PSObject.Properties) { + if ($prop.Name -ne 'PSObject') { + $Result.$($prop.Name) = $prop.Value + } + } + + return $Result + } + + function Convert-OldStandardToNewFormat { + param( + [Parameter(Mandatory = $true)] + $OldStandard, + [Parameter(Mandatory = $false)] + $AllTenantsExclusions = @() + ) + + $Tenant = $OldStandard.Tenant + if ($Tenant -eq 'AllTenants') { + $TenantFilter = @( + [pscustomobject]@{ + label = '*All Tenants (AllTenants)' + value = 'AllTenants' + addedFields = [pscustomobject]@{} + } + ) + if ($AllTenantsExclusions.Count -gt 0) { + $Excluded = $AllTenantsExclusions | ForEach-Object { + [pscustomobject]@{ + label = "$_ ($_)" + value = $_ + addedFields = [pscustomobject]@{} + } + } + } else { + $Excluded = $null + } + } else { + $TenantFilter = @( + [pscustomobject]@{ + label = "$Tenant ($Tenant)" + value = $Tenant + addedFields = [pscustomobject]@{} + } + ) + $Excluded = $null + } + + $NewStandards = [ordered]@{} + + foreach ($StdKey in $OldStandard.Standards.PSObject.Properties.Name) { + if ($StdKey -in ('tenant', 'OverrideAllTenants', 'v2', 'v2.1')) { + continue + } + + $OldStd = $OldStandard.Standards.$StdKey + $NewStdKey = if ($StdKey -eq 'ConditionalAccess') { + Write-Host 'Converting ConditionalAccess to ConditionalAccessTemplate' + 'ConditionalAccessTemplate' + } else { $StdKey } + $IsArrayStandard = ($NewStdKey -eq 'IntuneTemplate' -or $NewStdKey -eq 'ConditionalAccessTemplate') + $ConvertedObj = Convert-SingleStandardItem $OldStd + if ($ConvertedObj -eq $null) { + continue + } + + if ($IsArrayStandard) { + $FinalArray = New-Object System.Collections.ArrayList + $TemplateList = $ConvertedObj.TemplateList + $ConvertedObj.PSObject.Properties.Remove('TemplateList') + + if ($TemplateList -and $TemplateList.Count -gt 0) { + foreach ($TItem in $TemplateList) { + $NewItem = [ordered]@{} + if ($ConvertedObj.action) { + $NewItem.action = $ConvertedObj.action + } + foreach ($prop in $ConvertedObj.PSObject.Properties.Name) { + if ($prop -ne 'action') { + $NewItem.$prop = $ConvertedObj.$prop + } + } + $NewItem.TemplateList = $TItem + [void]$FinalArray.Add($NewItem) + } + } + + if ($FinalArray.Count -gt 0) { + $ArrayItems = $FinalArray | ForEach-Object { $_ } + $NewStandards.$NewStdKey = $ArrayItems + } + } else { + $Action = $ConvertedObj.action + if ($Action) { + $ConvertedObj.PSObject.Properties.Remove('action') + } + $Wrap = [ordered]@{} + if ($Action) { + $Wrap.action = $Action + } + $Wrap.standards = [ordered]@{} + $Wrap.standards.$NewStdKey = $ConvertedObj + $NewStandards.$NewStdKey = $Wrap + } + + } + + $NewTemplate = [pscustomobject]@{ + tenantFilter = $TenantFilter + templateName = "Converted Legacy Template for $Tenant" + standards = $NewStandards + runManually = $true + } + + if ($Tenant -eq 'AllTenants' -and $Excluded) { + $ExcludedArr = $Excluded | ForEach-Object { $_ } + $NewTemplate | Add-Member -NotePropertyName 'excludedTenants' -NotePropertyValue $ExcludedArr -Force + } + + return $NewTemplate + } + + $Table = Get-CippTable -tablename 'standards' + $Filter = "PartitionKey eq 'standards'" + $OldStandards = (Get-CIPPAzDataTableEntity @Table -Filter $Filter).JSON | ConvertFrom-Json + + $AllTenantsStd = $OldStandards | Where-Object { $_.Tenant -eq 'AllTenants' } + $HasAllTenants = $AllTenantsStd -ne $null + + $AllTenantsExclusions = New-Object System.Collections.ArrayList + $StandardsToConvert = New-Object System.Collections.ArrayList + + foreach ($OldStd in $OldStandards) { + $Tenant = $OldStd.Tenant + $StdNames = $OldStd.Standards.PSObject.Properties.Name | Where-Object { $_ -notin ('tenant', 'OverrideAllTenants', 'v2', 'v2.1') } + $HasOverride = ($OldStd.Standards.PSObject.Properties.Name -contains 'OverrideAllTenants') + + if ($Tenant -ne 'AllTenants') { + if ($HasOverride -and $StdNames.Count -eq 0) { + [void]$AllTenantsExclusions.Add($Tenant) + continue + } + + if ($HasOverride -and $StdNames.Count -gt 0 -and $HasAllTenants) { + [void]$AllTenantsExclusions.Add($Tenant) + } + } + + [void]$StandardsToConvert.Add($OldStd) + } + + foreach ($OldStd in $StandardsToConvert) { + $Converted = Convert-OldStandardToNewFormat $OldStd ($AllTenantsExclusions) + $GUID = [guid]::NewGuid() + $Converted | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID -Force + $Converted | Add-Member -NotePropertyName 'createdAt' -NotePropertyValue ((Get-Date).ToUniversalTime()) -Force + $Converted | Add-Member -NotePropertyName 'updatedBy' -NotePropertyValue 'System' -Force + $Converted | Add-Member -NotePropertyName 'updatedAt' -NotePropertyValue (Get-Date).ToUniversalTime() -Force + $JSON = $Converted | ConvertTo-Json -Depth 40 + + $Table = Get-CippTable -tablename 'templates' + $Table.Force = $true + if ($Converted.standards) { + Add-CIPPAzDataTableEntity @Table -Entity @{ + JSON = "$JSON" + RowKey = "$GUID" + PartitionKey = 'StandardsTemplateV2' + GUID = "$GUID" + } + } + } + + #delete the old standards + if ($StandardsToConvert.Count -gt 0) { + $StandardsToConvert | ForEach-Object { + $Table = Get-CippTable -tablename 'standards' + $OldStdsTableItems = Get-CIPPAzDataTableEntity @Table -Filter $Filter + Remove-AzDataTableEntity @Table -Entity $OldStdsTableItems -Force + } + } + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = 'Successfully converted legacy standards to new format' + }) +} From 6ec46ec5b4765d088c08c9a5781e463ad7e9fa5b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 13 Dec 2024 15:14:48 +0100 Subject: [PATCH 150/290] conversions for standards --- .../Tenant/Standards/Invoke-ExecStandardConvert.ps1 | 6 +++++- .../CIPPCore/Public/Entrypoints/Invoke-ListStandards.ps1 | 8 -------- 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 index d8d03c9efd94..e82612f27ebc 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 @@ -223,7 +223,11 @@ function Invoke-ExecStandardConvert { $StandardsToConvert | ForEach-Object { $Table = Get-CippTable -tablename 'standards' $OldStdsTableItems = Get-CIPPAzDataTableEntity @Table -Filter $Filter - Remove-AzDataTableEntity @Table -Entity $OldStdsTableItems -Force + try { + Remove-AzDataTableEntity @Table -Entity $OldStdsTableItems -Force + } catch { + #donothing + } } } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListStandards.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListStandards.ps1 index dd39cb4ac683..7cea2d2bc1d1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListStandards.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListStandards.ps1 @@ -42,14 +42,6 @@ Function Invoke-ListStandards { StandardsExport = ($tenant.Standards.psobject.properties.name) -join ', ' } } - if (!$CurrentStandards) { - $CurrentStandards = [PSCustomObject]@{ - displayName = 'No Standards applied' - appliedBy = $null - appliedAt = $null - standards = @{none = $null } - } - } $CurrentStandards = ConvertTo-Json -InputObject @($CurrentStandards) -Depth 15 -Compress } From 1b965dbea499a3d33b1c89caaba7f6211b107f52 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 13 Dec 2024 12:22:38 -0500 Subject: [PATCH 151/290] Update Invoke-ListMessageTrace.ps1 --- .../Invoke-ListMessageTrace.ps1 | 37 ++++++++++++++----- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 index d7264d89593e..e6f14cd2e5b0 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 @@ -10,27 +10,42 @@ Function Invoke-ListMessageTrace { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - try { $TenantFilter = $Request.Body.tenantFilter if ($Request.Body.MessageId) { $SearchParams = @{ 'MessageId' = $Request.Body.messageId } } else { - $Days = $Request.Body.days - $SearchParams = @{ - StartDate = (Get-Date).AddDays(-$Days).ToUniversalTime().ToString('s') - EndDate = (Get-Date).ToUniversalTime().ToString('s') + $SearchParams = @{} + if ($Request.Body.days) { + $Days = $Request.Body.days + $SearchParams.StartDate = (Get-Date).AddDays(-$Days).ToUniversalTime().ToString('s') + $SearchParams.EndDate = (Get-Date).ToUniversalTime().ToString('s') + } else { + if ($Request.Body.startDate) { + $SearchParams.StartDate = [DateTime]::ParseExact($Request.Body.startDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + } + if ($Request.Body.endDate) { + $SearchParams.EndDate = [DateTime]::ParseExact($Request.Body.endDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + } + } + + if ($Request.Body.status) { + $SearchParams.Add('Status', $Request.Body.status.value) + } + if (![string]::IsNullOrEmpty($Request.Body.fromIP)) { + $SearchParams.Add('FromIP', $Request.Body.fromIP) + } + if (![string]::IsNullOrEmpty($Request.Body.toIP)) { + $SearchParams.Add('ToIP', $Request.Body.toIP) } } if (![string]::IsNullOrEmpty($Request.Body.recipient)) { - $Searchparams.Add('RecipientAddress', $($Request.Body.recipient)) + $Searchparams.Add('RecipientAddress', $($Request.Body.recipient.value ?? $Request.Body.recipient)) } if (![string]::IsNullOrEmpty($Request.Body.sender)) { - $Searchparams.Add('SenderAddress', $($Request.Body.sender)) + $Searchparams.Add('SenderAddress', $($Request.Body.sender.value ?? $Request.Body.sender)) } $trace = if ($Request.Body.traceDetail) { @@ -40,7 +55,9 @@ Function Invoke-ListMessageTrace { } New-ExoRequest -TenantId $TenantFilter -Cmdlet 'Get-MessageTraceDetail' -CmdParams $CmdParams | Select-Object @{ Name = 'Date'; Expression = { $_.Date.ToString('u') } }, Event, Action, Detail } else { - New-ExoRequest -TenantId $TenantFilter -Cmdlet 'Get-MessageTrace' -CmdParams $SearchParams | Select-Object MessageTraceId, Status, Subject, RecipientAddress, SenderAddress, @{ Name = 'Received'; Expression = { $_.Received.ToString('u') } } + Write-Information ($SearchParams | ConvertTo-Json) + + New-ExoRequest -TenantId $TenantFilter -Cmdlet 'Get-MessageTrace' -CmdParams $SearchParams | Select-Object MessageTraceId, Status, Subject, RecipientAddress, SenderAddress, @{ Name = 'Received'; Expression = { $_.Received.ToString('u') } }, FromIP, ToIP Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($TenantFilter) -message 'Executed message trace' -Sev 'Info' } From 52f1978a66dfec2dafb371580f247e19d4a5b10b Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 13 Dec 2024 15:46:24 -0500 Subject: [PATCH 152/290] unixtime fix --- .../Email-Exchange/Invoke-ListMessageTrace.ps1 | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 index e6f14cd2e5b0..ee06358d31df 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 @@ -23,10 +23,18 @@ Function Invoke-ListMessageTrace { $SearchParams.EndDate = (Get-Date).ToUniversalTime().ToString('s') } else { if ($Request.Body.startDate) { - $SearchParams.StartDate = [DateTime]::ParseExact($Request.Body.startDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + if ($Request.Body.startDate -match '^\d+$') { + $SearchParams.StartDate = [DateTimeOffset]::FromUnixTimeSeconds([int64]$Request.Body.startDate).UtcDateTime.ToString('s') + } else { + $SearchParams.StartDate = [DateTime]::ParseExact($Request.Body.startDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + } } if ($Request.Body.endDate) { - $SearchParams.EndDate = [DateTime]::ParseExact($Request.Body.endDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + if ($Request.Body.endDate -match '^\d+$') { + $SearchParams.EndDate = [DateTimeOffset]::FromUnixTimeSeconds([int64]$Request.Body.endDate).UtcDateTime.ToString('s') + } else { + $SearchParams.EndDate = [DateTime]::ParseExact($Request.Body.endDate, 'yyyy-MM-ddTHH:mm:ssZ', $null).ToUniversalTime().ToString('s') + } } } From 3447c2c3d6252a4f9fb03b58c38374a5b688406c Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 13 Dec 2024 22:46:46 +0100 Subject: [PATCH 153/290] tap copyFrom field --- .../Users/Invoke-ExecCreateTAP.ps1 | 2 +- .../Users/Invoke-ExecResetPass.ps1 | 2 +- Modules/CIPPCore/Public/New-CIPPTAP.ps1 | 12 +++++++++-- .../CIPPCore/Public/Set-CIPPResetPassword.ps1 | 21 +++++++++++++------ 4 files changed, 27 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1 index 3ae22c37ffa7..5aa1ac84f245 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1 @@ -16,7 +16,7 @@ Function Invoke-ExecCreateTAP { # Interact with query parameters or the body of the request. try { $TAP = New-CIPPTAP -userid $Request.query.ID -TenantFilter $Request.query.tenantfilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' - $Results = [pscustomobject]@{'Results' = "$TAP" } + $Results = [pscustomobject]@{'Results' = $TAP } } catch { $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 index c9be1da38759..98be3b461aa4 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 @@ -23,7 +23,7 @@ Function Invoke-ExecResetPass { try { $Reset = Set-CIPPResetPassword -userid $Request.query.ID -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -forceChangePasswordNextSignIn $mustChange - $Results = [pscustomobject]@{'Results' = "$Reset" } + $Results = [pscustomobject]@{'Results' = $Reset } } catch { $Results = [pscustomobject]@{'Results' = "Failed to reset password for $($Request.query.displayName): $($_.Exception.Message)" } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to reset password for $($Request.query.displayName): $($_.Exception.Message)" -Sev 'Error' diff --git a/Modules/CIPPCore/Public/New-CIPPTAP.ps1 b/Modules/CIPPCore/Public/New-CIPPTAP.ps1 index c997c6d62daf..27c1a0648046 100644 --- a/Modules/CIPPCore/Public/New-CIPPTAP.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPTAP.ps1 @@ -11,11 +11,19 @@ function New-CIPPTAP { try { $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body '{}' -verbose Write-LogMessage -user $ExecutingUser -API $APIName -message "Created Temporary Access Password (TAP) for $userid" -Sev 'Info' -tenant $TenantFilter - return "The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes" + return [pscustomobject]@{ resultText = "The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes" + copyField = $($GraphRequest.temporaryAccessPass) + state = 'success' + } + } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -user $ExecutingUser -API $APIName -message "Failed to created TAP for $($userid): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage - Return "Failed to create TAP: $($ErrorMessage.NormalizedError)" + Return [pscustomobject]@{ resultText = "Failed to create TAP: $($ErrorMessage.NormalizedError)" + state = 'error' + } + + } } diff --git a/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1 b/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1 index e4d69e2c05d7..fbe745f55981 100644 --- a/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1 @@ -26,15 +26,24 @@ function Set-CIPPResetPassword { $password = $PasswordLink } Write-LogMessage -user $ExecutingUser -API $APIName -message "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn" -Sev 'Info' -tenant $TenantFilter - - if($UserDetails.onPremisesSyncEnabled -eq $true){ - return "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password. WARNING: This user is AD synced. Please confirm passthrough or writeback is enabled." - }else{ - return "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password" + + if ($UserDetails.onPremisesSyncEnabled -eq $true) { + return [pscustomobject]@{ resultText = "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password. WARNING: This user is AD synced. Please confirm passthrough or writeback is enabled." + copyField = $password + state = 'warning' + } + } else { + return [pscustomobject]@{ resultText = "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password" + copyField = $password + state = 'success' + } } } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -user $ExecutingUser -API $APIName -message "Could not reset password for $($userid). Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage - return "Could not reset password for $($userid). Error: $($ErrorMessage.NormalizedError)" + return [pscustomobject]@{ + resultText = "Could not reset password for $($userid). Error: $($ErrorMessage.NormalizedError)" + state = 'Error' + } } } From 77a76cea2f681822a8630861aacda1ce0bed29e0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 13 Dec 2024 23:46:01 +0100 Subject: [PATCH 154/290] fixes pagination --- .../HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 index e0ae166cdc0d..2b56935b6a17 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 @@ -120,7 +120,8 @@ function Invoke-ListGraphRequest { try { $Results = Get-GraphRequestList @GraphRequestParams - if ($Results.nextLink -and $Request.Query.NoPagination) { + if ($Results.nextLink -and $Request.Query.manualPagination) { + Write-Host "NextLink: $($Results.nextLink | Select-Object -Last 1)" $Metadata['nextLink'] = $Results.nextLink | Select-Object -Last 1 #Results is an array of objects, so we need to remove the last object before returning $Results = $Results | Select-Object -First ($Results.Count - 1) From d0f8f9de8e289974584001cb04a12d62a21e6013 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 00:38:49 +0100 Subject: [PATCH 155/290] get stuff --- .../Identity/Administration/Users/Invoke-ExecSendPush.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 index 1dabd29f6efb..67993b221117 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 @@ -107,12 +107,12 @@ Function Invoke-ExecSendPush { } if ($obj.BeginTwoWayAuthenticationResponse.AuthenticationResult -ne $true) { $Body = "Authentication Failed! Does the user have Push/Phone call MFA configured? Errorcode: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)" - $colour = 'danger' + $colour = 'error' } } - $Results = [pscustomobject]@{'Results' = $Body; colour = $colour } + $Results = [pscustomobject]@{'Results' = $Body; state = $colour } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Sent push request to $UserEmail - Result: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)" -Sev 'Info' Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ From 54262b6b77133e83fe797d95bdf56b3c59d8ae71 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 13 Dec 2024 19:53:28 -0500 Subject: [PATCH 156/290] mailbox restore tweaks --- .../Invoke-ExecMailboxRestore.ps1 | 44 ++++++++++++++++--- .../Entrypoints/Invoke-ListMailboxes.ps1 | 1 - 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecMailboxRestore.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecMailboxRestore.ps1 index 7e787acacfc8..fe94e74424a1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecMailboxRestore.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecMailboxRestore.ps1 @@ -45,8 +45,8 @@ function Invoke-ExecMailboxRestore { default { $TenantFilter = $Request.Body.TenantFilter $RequestName = $Request.Body.RequestName - $SourceMailbox = $Request.Body.SourceMailbox - $TargetMailbox = if (!$Request.Body.input) {$Request.Body.TargetMailbox} else {$Request.Body.input} + $SourceMailbox = $Request.Body.SourceMailbox.value ?? $Request.Body.SourceMailbox + $TargetMailbox = $Request.Body.TargetMailbox.value ?? $Request.Body.TargetMailbox $ExoRequest = @{ tenantid = $TenantFilter @@ -58,8 +58,32 @@ function Invoke-ExecMailboxRestore { AllowLegacyDNMismatch = $true } } - if ([bool]$Request.Body.AcceptLargeDataLoss -eq $true) { - $ExoRequest.cmdParams.AcceptLargeDataLoss = $true + if ($Request.Body.AssociatedMessagesCopyOption) { + $ExoRequest.cmdParams.AssociatedMessagesCopyOption = $Request.Body.AssociatedMessagesCopyOption.value + } + if ($Request.Body.ExcludeFolders) { + $ExoRequest.cmdParams.ExcludeFolders = $Request.Body.ExcludeFolders.value + } + if ($Request.Body.IncludeFolders) { + $ExoRequest.cmdParams.IncludeFolders = $Request.Body.IncludeFolders.value + } + if ($Request.Body.BatchName) { + $ExoRequest.cmdParams.BatchName = $Request.Body.BatchName + } + if ($Request.Body.CompletedRequestAgeLimit) { + $ExoRequest.cmdParams.CompletedRequestAgeLimit = $Request.Body.CompletedRequestAgeLimit + } + if ($Request.Body.ConflictResolutionOption) { + $ExoRequest.cmdParams.ConflictResolutionOption = $Request.Body.ConflictResolutionOption.value + } + if ($Request.Body.SourceRootFolder) { + $ExoRequest.cmdParams.SourceRootFolder = $Request.Body.SourceRootFolder + } + if ($Request.Body.TargetRootFolder) { + $ExoRequest.cmdParams.TargetRootFolder = $Request.Body.TargetRootFolder + } + if ($Request.Body.TargetType) { + $ExoRequest.cmdParams.TargetType = $Request.Body.TargetType.value } if ([int]$Request.Body.BadItemLimit -gt 0) { $ExoRequest.cmdParams.BadItemLimit = $Request.Body.BadItemLimit @@ -67,7 +91,17 @@ function Invoke-ExecMailboxRestore { if ([int]$Request.Body.LargeItemLimit -gt 0) { $ExoRequest.cmdParams.LargeItemLimit = $Request.Body.LargeItemLimit } + if ($Request.Body.ExcludeDumpster) { + $ExoRequest.cmdParams.ExcludeDumpster = $Request.Body.ExcludeDumpster + } + if ($Request.Body.SourceIsArchive) { + $ExoRequest.cmdParams.SourceIsArchive = $Request.Body.SourceIsArchive + } + if ($Request.Body.TargetIsArchive) { + $ExoRequest.cmdParams.TargetIsArchive = $Request.Body.TargetIsArchive + } + Write-Information ($ExoRequest | ConvertTo-Json) $SuccessMessage = 'Mailbox restore request created successfully' } } @@ -93,4 +127,4 @@ function Invoke-ExecMailboxRestore { StatusCode = $StatusCode Body = $Body }) -} \ No newline at end of file +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1 index 260241fa972f..c69a160045ec 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1 @@ -58,7 +58,6 @@ Function Invoke-ListMailboxes { } } - Write-Host ($ExoRequest | ConvertTo-Json) $GraphRequest = (New-ExoRequest @ExoRequest) | Select-Object id, ExchangeGuid, ArchiveGuid, WhenSoftDeleted, @{ Name = 'UPN'; Expression = { $_.'UserPrincipalName' } }, @{ Name = 'displayName'; Expression = { $_.'DisplayName' } }, From b339272bf8867876e09e11d7653b63bb8c662702 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 14 Dec 2024 01:48:46 -0500 Subject: [PATCH 157/290] fix email forwarding --- .../Email-Exchange/Invoke-ExecEmailForward.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 index e64c821acd68..65e1b677112a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 @@ -15,10 +15,11 @@ Function Invoke-ExecEmailForward { $ForwardingAddress = $request.body.ForwardInternal.value $ForwardingSMTPAddress = $request.body.ForwardExternal $DisableForwarding = $request.body.disableForwarding + $ForwardOption = $request.body.forwardOption $APIName = $TriggerMetadata.FunctionName [bool]$KeepCopy = if ($request.body.keepCopy -eq 'true') { $true } else { $false } - if ($ForwardingAddress) { + if ($ForwardOption -eq 'internalAddress') { try { Set-CIPPForwarding -userid $username -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -Forward $ForwardingAddress -keepCopy $KeepCopy if (-not $request.body.KeepCopy) { @@ -33,7 +34,7 @@ Function Invoke-ExecEmailForward { } } - if ($ForwardingSMTPAddress) { + if ($ForwardOption -eq 'ExternalAddress') { try { Set-CIPPForwarding -userid $username -tenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' -forwardingSMTPAddress $ForwardingSMTPAddress -keepCopy $KeepCopy if (-not $request.body.KeepCopy) { @@ -49,7 +50,7 @@ Function Invoke-ExecEmailForward { } - if ($DisableForwarding -eq 'True') { + if ($ForwardOption -eq 'disabled') { try { Set-CIPPForwarding -userid $username -username $username -tenantFilter $Tenantfilter -ExecutingUser $ExecutingUser -APIName $APIName -Disable $true $results = "Disabled Email Forwarding for $($username)" From 67e0a708c1c974b0b4f77c363099f22b2134c6f3 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 13:14:41 +0100 Subject: [PATCH 158/290] release candidate prep --- .../HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 | 2 +- .../Tenant/Administration/Invoke-ExecUpdateSecureScore.ps1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 index 2b56935b6a17..05454c56aefb 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 @@ -120,7 +120,7 @@ function Invoke-ListGraphRequest { try { $Results = Get-GraphRequestList @GraphRequestParams - if ($Results.nextLink -and $Request.Query.manualPagination) { + if ($Results.nextLink) { Write-Host "NextLink: $($Results.nextLink | Select-Object -Last 1)" $Metadata['nextLink'] = $Results.nextLink | Select-Object -Last 1 #Results is an array of objects, so we need to remove the last object before returning diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecUpdateSecureScore.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecUpdateSecureScore.ps1 index 502a9e6f4896..cef9df318e34 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecUpdateSecureScore.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecUpdateSecureScore.ps1 @@ -16,7 +16,7 @@ Function Invoke-ExecUpdateSecureScore { # Interact with query parameters or the body of the request. $Body = @{ comment = $request.body.reason - state = $request.body.resolutionType + state = $request.body.resolutionType.value vendorInformation = $request.body.vendorInformation } try { From 37fbe84dcebbcdee93cac9671ad45a36a83375e9 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 14:56:35 +0100 Subject: [PATCH 159/290] setupCompleted stuff --- .../HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 index a9408c97ddde..f3b36e2e7f04 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 @@ -42,7 +42,7 @@ Function Invoke-GetCippAlerts { if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{ title = 'SAM Setup Incomplete' - Alert = 'You have not yet completed your SAM Setup. Please go to the SAM Setup Wizard in settings to connect CIPP to your tenant.' + Alert = 'You have not yet completed your setup. Please go to the Setup Wizard in Application Settings to connect CIPP to your tenant.' link = '/cipp/setup' type = 'warning' setupCompleted = $false From aa6ee1827769891a9a43527bc8b5dde4f7ecbf13 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 17:28:18 +0100 Subject: [PATCH 160/290] app upload changes --- .../Endpoint/Applications/Invoke-ExecAppUpload.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-ExecAppUpload.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-ExecAppUpload.ps1 index de00263734fd..d57088b5a4e2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-ExecAppUpload.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-ExecAppUpload.ps1 @@ -20,7 +20,7 @@ function Invoke-ExecAppUpload { } $ProcessorQueue = Get-CIPPTable -TableName 'ProcessorQueue' Add-AzDataTableEntity @ProcessorQueue -Entity $ProcessorFunction -Force - $Results = [pscustomobject]@{'Results' = 'Queueing application upload' } + $Results = [pscustomobject]@{'Results' = 'Application upload job has started. Please check back in 15 minutes or track the logbook for results.' } } } else { try { From 2ec9df132301361c4681278c62dc5527028501ca Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 19:46:50 +0100 Subject: [PATCH 161/290] text improvements --- .../HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 index f3b36e2e7f04..49618c428105 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetCippAlerts.ps1 @@ -42,7 +42,7 @@ Function Invoke-GetCippAlerts { if ($env:ApplicationID -eq 'LongApplicationID' -or $null -eq $ENV:ApplicationID) { $Alerts.Add(@{ title = 'SAM Setup Incomplete' - Alert = 'You have not yet completed your setup. Please go to the Setup Wizard in Application Settings to connect CIPP to your tenant.' + Alert = 'You have not yet completed your setup. Please go to the Setup Wizard in Application Settings to connect CIPP to your tenants.' link = '/cipp/setup' type = 'warning' setupCompleted = $false From 3e96c876f38db9f9fe2cea1863b3996cf3de6cce Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 14 Dec 2024 21:01:06 +0100 Subject: [PATCH 162/290] updated default domain name --- Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 index ad09497d3246..d5b3b06098c3 100644 --- a/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 +++ b/Modules/CIPPCore/Public/Test-CIPPAccessTenant.ps1 @@ -98,7 +98,7 @@ function Test-CIPPAccessTenant { } catch { $ErrorMessage = Get-CippException -Exception $_ $GraphTest = "Failed to connect to Graph: $($ErrorMessage.NormalizedError)" - Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant -message "Tenant access check failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage + Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant.defaultDomainName -message "Tenant access check failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage } try { @@ -112,7 +112,7 @@ function Test-CIPPAccessTenant { if ($null -eq $Message) { $Message = $($_.Exception.Message) } $ExchangeTest = "Failed to connect to Exchange: $($ErrorMessage.NormalizedError)" - Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant -message "Tenant access check for Exchange failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage + Write-LogMessage -user $ExecutingUser -API $APINAME -tenant $tenant.defaultDomainName -message "Tenant access check for Exchange failed: $($ErrorMessage.NormalizedError) " -Sev 'Error' -LogData $ErrorMessage } if ($GraphStatus -and $ExchangeStatus) { From 368b8671c32d0a60d68004eb1786f587ab42c3f7 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 15 Dec 2024 01:49:41 -0500 Subject: [PATCH 163/290] audit log fixes --- .../HTTP Functions/CIPP/Core/Invoke-ExecGeoIPLookup.ps1 | 9 +++++++-- .../Administration/Alerts/Invoke-ListAuditLogs.ps1 | 8 ++++---- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecGeoIPLookup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecGeoIPLookup.ps1 index 6c252b12c28c..cd3dbc1a42b6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecGeoIPLookup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecGeoIPLookup.ps1 @@ -12,9 +12,14 @@ Function Invoke-ExecGeoIPLookup { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - Write-Host $Request.Query.IP - $locationInfo = Get-CIPPGeoIPLocation -IP $Request.query.IP + $IP = $Request.Query.IP ?? $Request.Body.IP + if (-not $IP) { + $ErrorMessage = Get-NormalizedError -Message 'IP address is required' + $LocationInfo = $ErrorMessage + } else { + $locationInfo = Get-CIPPGeoIPLocation -IP $IP + } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1 index 2582bc961e74..c70fdcb98bdb 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1 @@ -22,7 +22,7 @@ function Invoke-ListAuditLogs { } if (!$Request.Query.StartDate -and !$Request.Query.EndDate -and !$Request.Query.RelativeTime) { - $Request.Query.StartDate = (Get-Date).AddDays(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $Request.Query.StartDate = (Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') $Request.Query.EndDate = (Get-Date).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') } @@ -42,7 +42,7 @@ function Invoke-ListAuditLogs { } else { if ($Request.Query.StartDate) { if ($Request.Query.StartDate -match '^\d+$') { - $Request.Query.StartDate = [DateTimeOffset]::FromUnixTimeSeconds($Request.Query.StartDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $StartDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Query.StartDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') } else { $StartDate = (Get-Date $Request.Query.StartDate).ToString('yyyy-MM-ddTHH:mm:ssZ') } @@ -50,7 +50,7 @@ function Invoke-ListAuditLogs { if ($Request.Query.EndDate) { if ($Request.Query.EndDate -match '^\d+$') { - $Request.Query.EndDate = [DateTimeOffset]::FromUnixTimeSeconds($Request.Query.EndDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $EndDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Query.EndDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') } else { $EndDate = (Get-Date $Request.Query.EndDate).ToString('yyyy-MM-ddTHH:mm:ssZ') } @@ -66,7 +66,7 @@ function Invoke-ListAuditLogs { } $AuditLogs = Get-CIPPAzDataTableEntity @Table | ForEach-Object { $_.Data = try { $_.Data | ConvertFrom-Json } catch { $_.AuditData } - $_ + $_ | Select-Object @{n = 'LogId'; exp = { $_.RowKey } }, @{ n = 'Timestamp'; exp = { $_.Data.RawData.CreationTime } }, Tenant, Title, Data } $Body = @{ From 22a9593530b7612709029006e4a871b8cae01be6 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 15 Dec 2024 14:08:30 +0100 Subject: [PATCH 164/290] fixes for offboarding --- .../Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 | 4 ++-- Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 index 81707b1b22ef..c692f729818d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOffboardUser.ps1 @@ -9,13 +9,13 @@ Function Invoke-ExecOffboardUser { #> [CmdletBinding()] param($Request, $TriggerMetadata) - if ($Request.body.user.value) { $AllUsers = $Request.body.user.value } else { $AllUsers = @($Request.body.user) } + $AllUsers = $Request.body.user.value + $Tenantfilter = $request.body.tenantfilter.value $Results = foreach ($username in $AllUsers) { try { $APIName = 'ExecOffboardUser' Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenantfilter = $request.body.tenantfilter if ($Request.body.Scheduled.enabled) { $taskObject = [PSCustomObject]@{ TenantFilter = $Tenantfilter diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 index a1732cbf6fd9..3c9b1e503f70 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 @@ -51,10 +51,10 @@ function Invoke-CIPPOffboardingJob { } { $_.'forward' -ne '' } { if (!$Options.keepCopy) { - Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward -ExecutingUser $ExecutingUser -APIName $APIName + Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -ExecutingUser $ExecutingUser -APIName $APIName } else { $KeepCopy = [boolean]$Options.keepCopy - Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward -KeepCopy $KeepCopy -ExecutingUser $ExecutingUser -APIName $APIName + Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -KeepCopy $KeepCopy -ExecutingUser $ExecutingUser -APIName $APIName } } { $_.'RemoveLicenses' -eq $true } { From c0f8e0d7f4754ff6ec572ac9b7188f7323b6f033 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 15 Dec 2024 15:48:09 +0100 Subject: [PATCH 165/290] intune templates and ca templates update --- .../Conditional/Invoke-ListCAtemplates.ps1 | 24 ++++++++++++------- .../Invoke-ListIntuneTemplates.ps1 | 24 ++++++++++++------- 2 files changed, 30 insertions(+), 18 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListCAtemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListCAtemplates.ps1 index 7f4be467dd3a..41cbaaa0b1ca 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListCAtemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListCAtemplates.ps1 @@ -18,17 +18,23 @@ Function Invoke-ListCAtemplates { Write-Host $Request.query.id #Migrating old policies whenever you do a list $Table = Get-CippTable -tablename 'templates' - - $Templates = Get-ChildItem 'Config\*.CATemplate.json' | ForEach-Object { - $Entity = @{ - JSON = "$(Get-Content $_)" - RowKey = "$($_.name)" - PartitionKey = 'CATemplate' - GUID = "$($_.name)" + $Imported = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'settings'" + if ($Imported.CATemplate -ne $true) { + $Templates = Get-ChildItem 'Config\*.CATemplate.json' | ForEach-Object { + $Entity = @{ + JSON = "$(Get-Content $_)" + RowKey = "$($_.name)" + PartitionKey = 'CATemplate' + GUID = "$($_.name)" + } + Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force } - Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force + Add-CIPPAzDataTableEntity @Table -Entity @{ + CATemplate = $true + RowKey = 'CATemplate' + PartitionKey = 'settings' + } -Force } - #List new policies $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'CATemplate'" diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 index a11384cf8e85..a4f401380083 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 @@ -14,17 +14,23 @@ Function Invoke-ListIntuneTemplates { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $Table = Get-CippTable -tablename 'templates' - - $Templates = Get-ChildItem 'Config\*.IntuneTemplate.json' | ForEach-Object { - $Entity = @{ - JSON = "$(Get-Content $_)" - RowKey = "$($_.name)" - PartitionKey = 'IntuneTemplate' - GUID = "$($_.name)" + $Imported = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'settings'" + if ($Imported.IntuneTemplate) { + $Templates = Get-ChildItem 'Config\*.IntuneTemplate.json' | ForEach-Object { + $Entity = @{ + JSON = "$(Get-Content $_)" + RowKey = "$($_.name)" + PartitionKey = 'IntuneTemplate' + GUID = "$($_.name)" + } + Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force } - Add-CIPPAzDataTableEntity @Table -Entity $Entity -Force + Add-CIPPAzDataTableEntity @Table -Entity @{ + IntuneTemplate = $true + RowKey = 'settings' + PartitionKey = 'IntuneTemplate' + } -Force } - #List new policies $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'IntuneTemplate'" From b097a5d8a547c43508d4f87e3390954a371c638c Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 15 Dec 2024 16:00:59 +0100 Subject: [PATCH 166/290] fix import stuff --- ...59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json | 2 +- ...b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json | 2 +- .../Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Config/59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json b/Config/59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json index 91b9bd8c34f4..84d2fa964133 100644 --- a/Config/59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json +++ b/Config/59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json @@ -3,5 +3,5 @@ "Description": "", "RAWJson": "{\r\n \"name\": \"LAPS\",\r\n \"description\": \"\",\r\n \"settings\": [\r\n {\r\n \"id\": \"0\",\r\n \"settingInstance\": {\r\n \"@odata.type\": \"#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance\",\r\n \"settingDefinitionId\": \"device_vendor_msft_laps_policies_backupdirectory\",\r\n \"settingInstanceTemplateReference\": {\r\n \"settingInstanceTemplateId\": \"a3270f64-e493-499d-8900-90290f61ed8a\"\r\n },\r\n \"choiceSettingValue\": {\r\n \"value\": \"device_vendor_msft_laps_policies_backupdirectory_1\",\r\n \"settingValueTemplateReference\": {\r\n \"settingValueTemplateId\": \"4d90f03d-e14c-43c4-86da-681da96a2f92\",\r\n \"useTemplateDefault\": false\r\n },\r\n \"children\": [\r\n {\r\n \"@odata.type\": \"#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance\",\r\n \"settingDefinitionId\": \"device_vendor_msft_laps_policies_passwordagedays_aad\",\r\n \"settingInstanceTemplateReference\": null,\r\n \"simpleSettingValue\": {\r\n \"@odata.type\": \"#microsoft.graph.deviceManagementConfigurationIntegerSettingValue\",\r\n \"settingValueTemplateReference\": null,\r\n \"value\": 30\r\n }\r\n }\r\n ]\r\n }\r\n }\r\n },\r\n {\r\n \"id\": \"1\",\r\n \"settingInstance\": {\r\n \"@odata.type\": \"#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance\",\r\n \"settingDefinitionId\": \"device_vendor_msft_laps_policies_passwordcomplexity\",\r\n \"settingInstanceTemplateReference\": {\r\n \"settingInstanceTemplateId\": \"8a7459e8-1d1c-458a-8906-7b27d216de52\"\r\n },\r\n \"choiceSettingValue\": {\r\n \"value\": \"device_vendor_msft_laps_policies_passwordcomplexity_4\",\r\n \"settingValueTemplateReference\": {\r\n \"settingValueTemplateId\": \"aa883ab5-625e-4e3b-b830-a37a4bb8ce01\",\r\n \"useTemplateDefault\": false\r\n },\r\n \"children\": []\r\n }\r\n }\r\n }\r\n ],\r\n \"platforms\": \"windows10\",\r\n \"technologies\": \"mdm\",\r\n \"templateReference\": {\r\n \"templateId\": \"adc46e5a-f4aa-4ff6-aeff-4f27bc525796_1\",\r\n \"templateFamily\": \"endpointSecurityAccountProtection\",\r\n \"templateDisplayName\": \"Local admin password solution (Windows LAPS)\",\r\n \"templateDisplayVersion\": \"Version 1\"\r\n }\r\n}", "Type": "Catalog", - "GUID": "59bd753c-4204-4b3a-b84b-850d4b69f494" + "GUID": "59bd753c-4204-4b3a-b84b-850d4b69f494.IntuneTemplate.json" } diff --git a/Config/b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json b/Config/b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json index 91cf7015ff8d..2b36b4a3ed3d 100644 --- a/Config/b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json +++ b/Config/b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json @@ -3,5 +3,5 @@ "Description": "Configures the first profile on a device to always use the e-mail address of the currently logged on user.", "RAWJson": "{\"name\":\"Automatic configuration of Outlook\",\"description\":\"\",\"platforms\":\"windows10\",\"technologies\":\"mdm\",\"roleScopeTagIds\":[\"0\"],\"settings\":[{\"@odata.type\":\"#microsoft.graph.deviceManagementConfigurationSetting\",\"settingInstance\":{\"@odata.type\":\"#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance\",\"settingDefinitionId\":\"user_vendor_msft_policy_config_outlk16v2~policy~l_microsoftofficeoutlook~l_toolsaccounts~l_exchangesettings_l_automaticallyconfigureprofilebasedonactiveonce\",\"choiceSettingValue\":{\"@odata.type\":\"#microsoft.graph.deviceManagementConfigurationChoiceSettingValue\",\"value\":\"user_vendor_msft_policy_config_outlk16v2~policy~l_microsoftofficeoutlook~l_toolsaccounts~l_exchangesettings_l_automaticallyconfigureprofilebasedonactiveonce_1\",\"children\":[]}}}]}", "Type": "Catalog", - "GUID": "b79d0123-3105-4c5d-9f15-62cc7a7eb7e1" + "GUID": "b79d0123-3105-4c5d-9f15-62cc7a7eb7e1.IntuneTemplate.json" } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 index a4f401380083..81d9c096811e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 @@ -15,7 +15,7 @@ Function Invoke-ListIntuneTemplates { $Table = Get-CippTable -tablename 'templates' $Imported = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'settings'" - if ($Imported.IntuneTemplate) { + if ($Imported.IntuneTemplate -ne $true) { $Templates = Get-ChildItem 'Config\*.IntuneTemplate.json' | ForEach-Object { $Entity = @{ JSON = "$(Get-Content $_)" @@ -27,8 +27,8 @@ Function Invoke-ListIntuneTemplates { } Add-CIPPAzDataTableEntity @Table -Entity @{ IntuneTemplate = $true - RowKey = 'settings' - PartitionKey = 'IntuneTemplate' + RowKey = 'IntuneTemplate' + PartitionKey = 'settings' } -Force } #List new policies From bffd22ca570695b925fb2980718e56f330b0a893 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 01:26:44 +0100 Subject: [PATCH 167/290] Introduce sherweb extension --- .../Sherweb/Get-SherwebAuthentication.ps1 | 27 ++++++++ .../Public/Sherweb/Get-SherwebCatalog.ps1 | 10 +++ .../Get-SherwebCurrentSubscription.ps1 | 22 +++++++ .../Get-SherwebCustomerConfiguration.ps1 | 17 +++++ .../Public/Sherweb/Get-SherwebCustomers.ps1 | 6 ++ .../Public/Sherweb/Get-SherwebOrderStatus.ps1 | 16 +++++ .../Sherweb/Remove-SherwebSubscription.ps1 | 17 +++++ .../Sherweb/Set-SherwebLicenseQuantity.ps1 | 24 +++++++ .../Set-SherwebSubscriptionQuantity.ps1 | 64 +++++++++++++++++++ 9 files changed, 203 insertions(+) create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebAuthentication.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 create mode 100644 Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebAuthentication.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebAuthentication.ps1 new file mode 100644 index 000000000000..457308343457 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebAuthentication.ps1 @@ -0,0 +1,27 @@ +function Get-SherwebAuthentication { + $Table = Get-CIPPTable -TableName Extensionsconfig + $Config = ((Get-CIPPAzDataTableEntity @Table).config | ConvertFrom-Json).Sherweb + + if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') { + $DevSecretsTable = Get-CIPPTable -tablename 'DevSecrets' + $APIKey = (Get-CIPPAzDataTableEntity @DevSecretsTable -Filter "PartitionKey eq 'Sherweb' and RowKey eq 'Sherweb'").APIKey + } else { + $keyvaultname = ($ENV:WEBSITE_DEPLOYMENT_ID -split '-')[0] + $null = Connect-AzAccount -Identity + $APIKey = (Get-AzKeyVaultSecret -VaultName $keyvaultname -Name 'sherweb' -AsPlainText) + } + $AuthBody = @{ + client_id = $Config.clientId + client_secret = $APIKey + scope = 'service-provider' + grant_type = 'client_credentials' + } + + $Token = (Invoke-RestMethod -Uri 'https://api.sherweb.com/auth/oidc/connect/token' -Method POST -Body $AuthBody).access_token + $authHeader = @{ + Authorization = "Bearer $Token" + 'Ocp-Apim-Subscription-Key' = $Config.SubscriptionKey + } + + return $authHeader +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 new file mode 100644 index 000000000000..2589dee5fac5 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 @@ -0,0 +1,10 @@ +function Get-SherwebCatalog { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId + ) + + $AuthHeader = Get-SherwebAuthentication + $SubscriptionsList = Invoke-RestMethod -Uri "https://api.sherweb.com/service-provider/v1/customer-catalogs/$CustomerId" -Method GET -Headers $AuthHeader + return $SubscriptionsList.catalogItems +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 new file mode 100644 index 000000000000..fe7b44cc3698 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 @@ -0,0 +1,22 @@ +function Get-CurrentSherwebSubscription { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId, + [string]$SKU, + [string]$ProductName + ) + + $AuthHeader = Get-SherwebAuthentication + $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/details?customerId=$CustomerId" + $SubscriptionDetails = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader + + $AllSubscriptions = $SubscriptionDetails.items + + if ($SKU) { + return $AllSubscriptions | Where-Object { $_.sku -eq $SKU } + } elseif ($ProductName) { + return $AllSubscriptions | Where-Object { $_.productName -eq $ProductName } + } else { + return $AllSubscriptions + } +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 new file mode 100644 index 000000000000..98d9ba3c27ac --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 @@ -0,0 +1,17 @@ +function Get-SherwebCustomerConfiguration { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId + ) + + $AuthHeader = Get-SherwebAuthentication + $Uri = "https://api.sherweb.com/service-provider/v1/customers/$($CustomerId)/platforms-configurations/" + $CustomerConfig = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader + $customerPlatforms = foreach ($Config in $CustomerConfig.configuredPlatforms) { + #https://api.sherweb.com/service-provider/v1/customers/{customerId}/platforms/{platformId}/details + $Uri = "https://api.sherweb.com/service-provider/v1/customers/$($CustomerId)/platforms/$($Config.id)/details" + Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader + } + return $customerPlatforms + +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 new file mode 100644 index 000000000000..1bd281e5b948 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 @@ -0,0 +1,6 @@ +function Get-SherwebCustomers { + + $AuthHeader = Get-SherwebAuthentication + $CustomersList = Invoke-RestMethod -Uri 'https://api.sherweb.com/service-provider/v1/customers' -Method GET -Headers $AuthHeader + return $CustomersList.items +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 new file mode 100644 index 000000000000..fc5dd8f79d38 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 @@ -0,0 +1,16 @@ +function Get-SherwebOrderStatus { + param( + [Parameter(Mandatory = $true)] + [string]$ClientId, + [Parameter(Mandatory = $true)] + [string]$ClientSecret, + [Parameter(Mandatory = $true)] + [string]$SubscriptionKey, + [Parameter(Mandatory = $true)] + [string]$RequestTrackingId + ) + $AuthHeader = Get-SherwebAuthentication -ClientId $ClientId -ClientSecret $ClientSecret -SubscriptionKey $SubscriptionKey + $Uri = "https://api.sherweb.com/service-provider/v1/tracking/$RequestTrackingId" + $Tracking = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader + return $Tracking +} diff --git a/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 new file mode 100644 index 000000000000..8392d5a1b0fb --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 @@ -0,0 +1,17 @@ +function Remove-SherwebSubscription { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId, + [Parameter(Mandatory = $true)] + [string[]]$SubscriptionIds + ) + + $AuthHeader = Get-SherwebAuthentication + $Body = ConvertTo-Json -Depth 10 -InputObject @{ + subscriptionIds = $SubscriptionIds + } + + $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/cancellations?customerId=$CustomerId" + $Cancel = Invoke-RestMethod -Uri $Uri -Method POST -Headers $AuthHeader -Body $Body -ContentType 'application/json' + return $Cancel +} diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 new file mode 100644 index 000000000000..546187527d98 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 @@ -0,0 +1,24 @@ +function Set-SherwebLicenseQuantity { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId, + [Parameter(Mandatory = $true)] + [string]$SubscriptionId, + [Parameter(Mandatory = $true)] + [int]$NewQuantity + ) + + $AuthHeader = Get-SherwebAuthentication + $Body = ConvertTo-Json -Depth 10 -InputObject @{ + subscriptionAmendmentParameters = @( + @{ + subscriptionId = $SubscriptionId + newQuantity = $NewQuantity + } + ) + } + + $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/amendments?customerId=$CustomerId" + $Update = Invoke-RestMethod -Uri $Uri -Method POST -Headers $AuthHeader -Body $Body -ContentType 'application/json' + return $Update +} diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 new file mode 100644 index 000000000000..acee8b658d8f --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 @@ -0,0 +1,64 @@ +function Set-SherwebSubscriptionQuantity { + param( + [Parameter(Mandatory = $true)] + [string]$CustomerId, + [Parameter(Mandatory = $true)] + [string]$SKU, + [int]$Quantity, + [int]$Add, + [int]$Remove + ) + $AuthHeader = Get-SherwebAuthentication + $ExistingSubscription = Get-CurrentSherwebSubscription -ClientId $ClientId -ClientSecret $ClientSecret -SubscriptionKey $SubscriptionKey -CustomerId $CustomerId -SKU $SKU + + if (-not $ExistingSubscription) { + if ($Add -or $Remove) { + throw "Unable to Add or Remove. No existing subscription with SKU '$SKU' found." + } + + if (-not $Quantity -or $Quantity -le 0) { + throw 'A valid Quantity must be specified to create a new subscription when none currently exists.' + } + $OrderBody = ConvertTo-Json -Depth 10 -InputObject @{ + cartItems = @( + @{ + sku = $SKU + quantity = $Quantity + } + ) + orderedBy = 'CIPP-API' + } + $OrderUri = "https://api.sherweb.com/service-provider/v1/orders?customerId=$CustomerId" + $Order = Invoke-RestMethod -Uri $OrderUri -Method POST -Headers $AuthHeader -Body $OrderBody -ContentType 'application/json' + return $Order + + } else { + $SubscriptionId = $ExistingSubscription[0].id + $CurrentQuantity = $ExistingSubscription[0].quantity + + if ($Add) { + $FinalQuantity = $CurrentQuantity + $Add + } elseif ($Remove) { + $FinalQuantity = $CurrentQuantity - $Remove + if ($FinalQuantity -lt 0) { + throw "Cannot remove more licenses than currently allocated. Current: $CurrentQuantity, Attempting to remove: $Remove." + } + } else { + if (-not $Quantity -or $Quantity -le 0) { + throw 'A valid Quantity must be specified if Add/Remove are not used.' + } + $FinalQuantity = $Quantity + } + $Body = ConvertTo-Json -Depth 10 -InputObject @{ + subscriptionAmendmentParameters = @( + @{ + subscriptionId = $SubscriptionId + newQuantity = $FinalQuantity + } + ) + } + $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/amendments?customerId=$CustomerId" + $Update = Invoke-RestMethod -Uri $Uri -Method POST -Headers $AuthHeader -Body $Body -ContentType 'application/json' + return $Update + } +} From 27dfccb3f6e804fd0a63eaec1123d61a76925cac Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 01:31:49 +0100 Subject: [PATCH 168/290] fix typo --- .../Public/Sherweb/Get-SherwebCurrentSubscription.ps1 | 2 +- .../Public/Sherweb/Get-SherwebOrderStatus.ps1 | 8 +------- .../Public/Sherweb/Remove-SherwebSubscription.ps1 | 2 +- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 index fe7b44cc3698..0ccd8d6baa46 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 @@ -1,4 +1,4 @@ -function Get-CurrentSherwebSubscription { +function Get-SherwebCurrentSubscription { param( [Parameter(Mandatory = $true)] [string]$CustomerId, diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 index fc5dd8f79d38..ca5a91cd71b3 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebOrderStatus.ps1 @@ -1,15 +1,9 @@ function Get-SherwebOrderStatus { param( - [Parameter(Mandatory = $true)] - [string]$ClientId, - [Parameter(Mandatory = $true)] - [string]$ClientSecret, - [Parameter(Mandatory = $true)] - [string]$SubscriptionKey, [Parameter(Mandatory = $true)] [string]$RequestTrackingId ) - $AuthHeader = Get-SherwebAuthentication -ClientId $ClientId -ClientSecret $ClientSecret -SubscriptionKey $SubscriptionKey + $AuthHeader = Get-SherwebAuthentication $Uri = "https://api.sherweb.com/service-provider/v1/tracking/$RequestTrackingId" $Tracking = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader return $Tracking diff --git a/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 index 8392d5a1b0fb..951fa36b5aef 100644 --- a/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 @@ -8,7 +8,7 @@ function Remove-SherwebSubscription { $AuthHeader = Get-SherwebAuthentication $Body = ConvertTo-Json -Depth 10 -InputObject @{ - subscriptionIds = $SubscriptionIds + subscriptionIds = @($SubscriptionIds) } $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/cancellations?customerId=$CustomerId" From 0e0e6c2e07c5d12c49d30b4d8f9e2ac349f565c8 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 01:35:49 +0100 Subject: [PATCH 169/290] Remove redundant function --- .../Sherweb/Set-SherwebLicenseQuantity.ps1 | 24 ------------------- ...antity.ps1 => Set-SherwebSubscription.ps1} | 2 +- 2 files changed, 1 insertion(+), 25 deletions(-) delete mode 100644 Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 rename Modules/CippExtensions/Public/Sherweb/{Set-SherwebSubscriptionQuantity.ps1 => Set-SherwebSubscription.ps1} (98%) diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 deleted file mode 100644 index 546187527d98..000000000000 --- a/Modules/CippExtensions/Public/Sherweb/Set-SherwebLicenseQuantity.ps1 +++ /dev/null @@ -1,24 +0,0 @@ -function Set-SherwebLicenseQuantity { - param( - [Parameter(Mandatory = $true)] - [string]$CustomerId, - [Parameter(Mandatory = $true)] - [string]$SubscriptionId, - [Parameter(Mandatory = $true)] - [int]$NewQuantity - ) - - $AuthHeader = Get-SherwebAuthentication - $Body = ConvertTo-Json -Depth 10 -InputObject @{ - subscriptionAmendmentParameters = @( - @{ - subscriptionId = $SubscriptionId - newQuantity = $NewQuantity - } - ) - } - - $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/amendments?customerId=$CustomerId" - $Update = Invoke-RestMethod -Uri $Uri -Method POST -Headers $AuthHeader -Body $Body -ContentType 'application/json' - return $Update -} diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 similarity index 98% rename from Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 rename to Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 index acee8b658d8f..abd11a069a53 100644 --- a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscriptionQuantity.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 @@ -1,4 +1,4 @@ -function Set-SherwebSubscriptionQuantity { +function Set-SherwebSubscription { param( [Parameter(Mandatory = $true)] [string]$CustomerId, From d3de3b16f7a2f2f6aa3ad2405572371e7cce6281 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 02:09:47 +0100 Subject: [PATCH 170/290] add extension test --- .../CIPP/Extensions/Invoke-ExecExtensionTest.ps1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 index 1262ab6260a9..c8078ed93509 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 @@ -55,6 +55,10 @@ Function Invoke-ExecExtensionTest { $Results = [pscustomobject]@{'Results' = 'Failed to connect to Hudu' } } } + 'Sherweb' { + $token = Get-SherwebAuthentication + $Results = [pscustomobject]@{'Results' = 'Successfully Connected to Sherweb' } + } } } catch { $Results = [pscustomobject]@{'Results' = "Failed to connect: $($_.Exception.Message) $($_.InvocationInfo.ScriptLineNumber)" } From 14aba09293a048a75238ed3d733f84031a449037 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 02:19:06 +0100 Subject: [PATCH 171/290] sherweb mapping --- .../Invoke-ExecExtensionMapping.ps1 | 3 ++ .../Public/Sherweb/Get-SherwebMapping.ps1 | 50 +++++++++++++++++++ 2 files changed, 53 insertions(+) create mode 100644 Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 index 3e88081ac40e..fc8ebaadacd4 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 @@ -35,6 +35,9 @@ Function Invoke-ExecExtensionMapping { 'HuduFields' { $Body = Get-HuduFieldMapping -CIPPMapping $Table } + 'Sherweb' { + $Body = Get-SherwebMapping -CIPPMapping $Table + } } } diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 new file mode 100644 index 000000000000..0c4d744bd0ba --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 @@ -0,0 +1,50 @@ +function Get-SherwebMapping { + [CmdletBinding()] + param ( + $CIPPMapping + ) + + $ExtensionMappings = Get-ExtensionMapping -Extension 'Sherweb' + + $Tenants = Get-Tenants -IncludeErrors + + $Mappings = foreach ($Mapping in $ExtensionMappings) { + $Tenant = $Tenants | Where-Object { $_.RowKey -eq $Mapping.RowKey } + if ($Tenant) { + [PSCustomObject]@{ + TenantId = $Tenant.customerId + Tenant = $Tenant.displayName + TenantDomain = $Tenant.defaultDomainName + IntegrationId = $Mapping.IntegrationId + IntegrationName = $Mapping.IntegrationName + } + } + } + $Tenants = Get-Tenants -IncludeErrors + try { + $SherwebCustomers = Get-SherwebCustomers + + } catch { + $Message = if ($_.ErrorDetails.Message) { + Get-NormalizedError -Message $_.ErrorDetails.Message + } else { + $_.Exception.message + } + + Write-LogMessage -Message "Could not get Sherweb Companies, error: $Message " -Level Error -tenant 'CIPP' -API 'SherwebMapping' + $SherwebCustomers = @(@{name = "Could not get Sherweb Companies, error: $Message"; value = '-1' }) + } + $SherwebCustomers = $SherwebCustomers | ForEach-Object { + [PSCustomObject]@{ + name = $_.displayName + value = "$($_.id)" + } + } + $MappingObj = [PSCustomObject]@{ + Companies = @($SherwebCustomers) + Mappings = $Mappings + } + + return $MappingObj + +} From 60c9a12651f77d40cd0f79afd019c3aa163a0e72 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 13:13:39 +0100 Subject: [PATCH 172/290] fix disabled --- .../HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 index 65e1b677112a..1886cb55375b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEmailForward.ps1 @@ -14,7 +14,6 @@ Function Invoke-ExecEmailForward { $username = $request.body.userid $ForwardingAddress = $request.body.ForwardInternal.value $ForwardingSMTPAddress = $request.body.ForwardExternal - $DisableForwarding = $request.body.disableForwarding $ForwardOption = $request.body.forwardOption $APIName = $TriggerMetadata.FunctionName [bool]$KeepCopy = if ($request.body.keepCopy -eq 'true') { $true } else { $false } From 3bd2eb92f3cb84ffee6ed5593a86f967c7f4bcd0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 14:08:42 +0100 Subject: [PATCH 173/290] edit contact changes --- .../Administration/Groups/Invoke-AddGroup.ps1 | 6 +- .../Groups/Invoke-EditGroup.ps1 | 72 ++++++++++++------- 2 files changed, 51 insertions(+), 27 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 index 322ed5774b17..66a6313d2c41 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 @@ -14,14 +14,14 @@ Function Invoke-AddGroup { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $groupobj = $Request.body - $SelectedTenants = if ($Request.body.selectedTenants) { $request.body.selectedTenants.defaultDomainName } else { $Request.body.tenantid } + $SelectedTenants = $request.body.tenantfilter if ('AllTenants' -in $SelectedTenants) { $SelectedTenants = (Get-Tenants).defaultDomainName } # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' $results = foreach ($tenant in $SelectedTenants) { try { - $email = if ($groupobj.domain) { "$($groupobj.username)@$($groupobj.domain)" } else { "$($groupobj.username)@$($tenant)" } + $email = if ($groupobj.primDomain.value) { "$($groupobj.username)@$($groupobj.primDomain.value)" } else { "$($groupobj.username)@$($tenant)" } if ($groupobj.groupType -in 'Generic', 'azurerole', 'dynamic', 'm365') { $BodyToship = [pscustomobject] @{ @@ -68,7 +68,7 @@ Function Invoke-AddGroup { } $GraphRequest = New-ExoRequest -tenantid $tenant -cmdlet 'New-DistributionGroup' -cmdParams $params } - $GraphRequest = New-ExoRequest -tenantid $tenant -cmdlet 'New-DistributionGroup' -cmdParams $params + #$GraphRequest = New-ExoRequest -tenantid $tenant -cmdlet 'New-DistributionGroup' -cmdParams $params # At some point add logic to use AddOwner/AddMember for New-DistributionGroup, but idk how we're going to brr that - rvdwegen } "Successfully created group $($groupobj.displayname) for $($tenant)" diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 index 9deb382c2d85..cbdb2dfb993d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 @@ -15,17 +15,18 @@ Function Invoke-EditGroup { $Results = [System.Collections.ArrayList]@() $userobj = $Request.body - $GroupType = $userobj.groupType -join ',' - + $GroupType = $userobj.groupId.addedFields.groupType ? $userobj.groupId.addedFields.groupType : $userobj.groupType + $GroupName = $userobj.groupName ? $userobj.groupName : $userobj.groupId.addedFields.groupName # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' $AddMembers = ($userobj.Addmember).value + $userobj.groupId = $userobj.groupId.value ? $userobj.groupId.value : $userobj.groupId + if ($AddMembers) { $AddMembers | ForEach-Object { try { $member = $_ - if ($member -like '*#EXT#*') { $member = [System.Web.HttpUtility]::UrlEncode($member) } $MemberIDs = 'https://graph.microsoft.com/v1.0/directoryObjects/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($member)" -tenantid $Userobj.tenantid).id $addmemberbody = "{ `"members@odata.bind`": $(ConvertTo-Json @($MemberIDs)) }" @@ -35,37 +36,60 @@ Function Invoke-EditGroup { } else { New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)" -tenantid $Userobj.tenantid -type patch -body $addmemberbody -Verbose } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Added $member to $($userobj.groupName) group" -Sev 'Info' - $null = $results.add("Success. $member has been added to $($userobj.groupName)") + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Added $member to $($GroupName) group" -Sev 'Info' + $null = $results.add("Success. $member has been added to $($GroupName)") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to add member $member to $($userobj.groupName). Error:$($_.Exception.Message)" -Sev 'Error' - $null = $results.add("Failed to add member $member to $($userobj.groupName): $($_.Exception.Message)") + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to add member $member to $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + $null = $results.add("Failed to add member $member to $($GroupName): $($_.Exception.Message)") } } } - $AddContacts = ($userobj.AddContacts).value + $AddContacts = ($userobj.AddContact).value if ($AddContacts) { $AddContacts | ForEach-Object { try { $member = $_ - if ($userobj.groupType -eq 'Distribution list' -or $userobj.groupType -eq 'Mail-Enabled Security') { + if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $userobj.groupid; Member = $member; BypassSecurityGroupManagerCheck = $true } New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added $member to $($userobj.groupName) group" -Sev 'Info' - $null = $results.add("Success. $member has been added to $($userobj.groupName)") + Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added $member to $($GroupName) group" -Sev 'Info' + $null = $results.add("Success. $member has been added to $($GroupName)") } else { Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message 'You cannot add a contact to a security group' -Sev 'Error' $null = $results.add('You cannot add a contact to a security group') } } catch { - $null = $results.add("Failed to add member $member to $($userobj.groupName): $($_.Exception.Message)") + $null = $results.add("Failed to add member $member to $($GroupName): $($_.Exception.Message)") } } } + $RemoveContact = ($userobj.RemoveContact).value + try { + if ($RemoveContact) { + $RemoveContact | ForEach-Object { + $member = $_ + if ($member -like '*#EXT#*') { $member = [System.Web.HttpUtility]::UrlEncode($member) } + if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { + $Params = @{ Identity = $userobj.groupid; Member = $member ; BypassSecurityGroupManagerCheck = $true } + New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + } else { + $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE + } + Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' + $null = $results.add("Success. Member $member has been removed from $($GroupName)") + } + } + } catch { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveContact from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + $null = $results.add("Could not remove $RemoveContact from $($GroupName). $($_.Exception.Message)") + } + + $RemoveMembers = ($userobj.Removemember).value try { if ($RemoveMembers) { @@ -79,13 +103,13 @@ Function Invoke-EditGroup { $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE } - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($userobj.groupName) group" -Sev 'Info' - $null = $results.add("Success. Member $member has been removed from $($userobj.groupName)") + Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' + $null = $results.add("Success. Member $member has been removed from $($GroupName)") } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($userobj.groupName). Error:$($_.Exception.Message)" -Sev 'Error' - $null = $results.add("Could not remove $RemoveMembers from $($userobj.groupName). $($_.Exception.Message)") + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + $null = $results.add("Could not remove $RemoveMembers from $($GroupName). $($_.Exception.Message)") } $AddOwners = $userobj.Addowner.value @@ -96,10 +120,10 @@ Function Invoke-EditGroup { $ID = 'https://graph.microsoft.com/beta/users/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid).id Write-Host $ID $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/`$ref" -tenantid $Userobj.tenantid -type POST -body ('{"@odata.id": "' + $ID + '"}') - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added owner $_ to $($userobj.groupName) group" -Sev 'Info' - $null = $results.add("Success. $_ has been added $($userobj.groupName)") + Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added owner $_ to $($GroupName) group" -Sev 'Info' + $null = $results.add("Success. $_ has been added $($GroupName)") } catch { - $null = $results.add("Failed to add owner $_ to $($userobj.groupName): Error:$($_.Exception.Message)") + $null = $results.add("Failed to add owner $_ to $($GroupName): Error:$($_.Exception.Message)") } } @@ -117,20 +141,20 @@ Function Invoke-EditGroup { $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $($MemberInfo.UserPrincipalname) from $($userobj.displayname) group" -Sev 'Info' - $null = $results.add("Success. Member $_ has been removed from $($userobj.groupName)") + $null = $results.add("Success. Member $_ has been removed from $($GroupName)") } catch { - $null = $results.add("Failed to remove $_ from $($userobj.groupName): $($_.Exception.Message)") + $null = $results.add("Failed to remove $_ from $($GroupName): $($_.Exception.Message)") } } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($userobj.groupName). Error:$($_.Exception.Message)" -Sev 'Error' - $body = $results.add("Could not remove $RemoveMembers from $($userobj.groupName). $($_.Exception.Message)") + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + $body = $results.add("Could not remove $RemoveMembers from $($GroupName). $($_.Exception.Message)") } if ($userobj.allowExternal -eq 'true') { try { - Set-CIPPGroupAuthentication -ID $userobj.mail -GroupType $userobj.groupType -tenantFilter $Userobj.tenantid -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' + Set-CIPPGroupAuthentication -ID $userobj.mail -GroupType $GroupType -tenantFilter $Userobj.tenantid -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' $body = $results.add("Allowed external senders to send to $($userobj.mail).") } catch { $body = $results.add("Failed to allow external senders to send to $($userobj.mail).") From 397858f1dd2f65230775af902e9bdb65be0a5fc2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 14:20:06 +0100 Subject: [PATCH 174/290] backwards compatibility --- .../Identity/Administration/Groups/Invoke-AddGroup.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 index 66a6313d2c41..69447b0d084b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1 @@ -14,7 +14,7 @@ Function Invoke-AddGroup { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $groupobj = $Request.body - $SelectedTenants = $request.body.tenantfilter + $SelectedTenants = $request.body.tenantfilter.value ? $request.body.tenantfilter.value : $request.body.tenantfilter if ('AllTenants' -in $SelectedTenants) { $SelectedTenants = (Get-Tenants).defaultDomainName } # Write to the Azure Functions log stream. From da70f026be44cf07a99ccbbdf90ac7df31cdadf0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 15:02:58 +0100 Subject: [PATCH 175/290] compatibility fixes --- .../Users/Invoke-ExecJITAdmin.ps1 | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 index b0c29871ae9d..766692b48157 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 @@ -12,7 +12,7 @@ Function Invoke-ExecJITAdmin { $APIName = 'ExecJITAdmin' $User = $Request.Headers.'x-ms-client-principal' - + $TenantFilter = $Request.body.TenantFilter.value ? $Request.body.TenantFilter.value : $Request.body.TenantFilter Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' if ($Request.Query.Action -eq 'List') { @@ -60,31 +60,31 @@ Function Invoke-ExecJITAdmin { } } else { - if ($Request.Body.UserId -match '^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$') { - $Username = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.Body.UserId)" -tenantid $Request.Body.TenantFilter).userPrincipalName + if ($Request.Body.existingUser.value -match '^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$') { + $Username = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.Body.existingUser.value)" -tenantid $TenantFilter).userPrincipalName } - Write-LogMessage -user $User -API $APINAME -message "Executing JIT Admin for $Username" -tenant $Request.Body.TenantFilter -Sev 'Info' + Write-LogMessage -user $User -API $APINAME -message "Executing JIT Admin for $Username" -tenant $TenantFilter -Sev 'Info' $Start = ([System.DateTimeOffset]::FromUnixTimeSeconds($Request.Body.StartDate)).DateTime.ToLocalTime() $Expiration = ([System.DateTimeOffset]::FromUnixTimeSeconds($Request.Body.EndDate)).DateTime.ToLocalTime() $Results = [System.Collections.Generic.List[string]]::new() if ($Request.Body.useraction -eq 'Create') { - Write-LogMessage -user $User -API $APINAME -tenant $Request.Body.TenantFilter -message "Creating JIT Admin user $($Request.Body.UserPrincipalName)" -Sev 'Info' - Write-Information "Creating JIT Admin user $($Request.Body.UserPrincipalName)" + Write-LogMessage -user $User -API $APINAME -tenant $TenantFilter -message "Creating JIT Admin user $($Request.Body.Username)" -Sev 'Info' + Write-Information "Creating JIT Admin user $($Request.Body.username)" $JITAdmin = @{ User = @{ 'FirstName' = $Request.Body.FirstName 'LastName' = $Request.Body.LastName - 'UserPrincipalName' = $Request.Body.UserPrincipalName + 'UserPrincipalName' = "$($Request.Body.Username)@$($Request.Body.Domain.value)" } Expiration = $Expiration Action = 'Create' - TenantFilter = $Request.Body.TenantFilter + TenantFilter = $TenantFilter } $CreateResult = Set-CIPPUserJITAdmin @JITAdmin - $Username = $CreateResult.userPrincipalName - $Results.Add("Created User: $($CreateResult.userPrincipalName)") + $Username = "$($Request.Body.Username)@$($Request.Body.Domain.value)" + $Results.Add("Created User: $($Request.Body.Username)@$($Request.Body.Domain.value)") if (!$Request.Body.UseTAP) { $Results.Add("Password: $($CreateResult.password)") } @@ -107,7 +107,7 @@ Function Invoke-ExecJITAdmin { $Retries = 0 do { try { - $TapRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($Username)/authentication/temporaryAccessPassMethods" -tenantid $Request.Body.TenantFilter -type POST -body $TapBody + $TapRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($Username)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body $TapBody } catch { Start-Sleep -Seconds 2 Write-Information 'ERROR: Failed to create TAP, retrying' @@ -137,17 +137,17 @@ Function Invoke-ExecJITAdmin { } $Parameters = @{ - TenantFilter = $Request.Body.TenantFilter + TenantFilter = $TenantFilter User = @{ 'UserPrincipalName' = $Username } - Roles = $Request.Body.AdminRoles + Roles = $Request.Body.AdminRoles.value Action = 'AddRoles' Expiration = $Expiration } if ($Start -gt (Get-Date)) { $TaskBody = @{ - TenantFilter = $Request.Body.TenantFilter + TenantFilter = $TenantFilter Name = "JIT Admin (enable): $Username" Command = @{ value = 'Set-CIPPUserJITAdmin' @@ -156,14 +156,14 @@ Function Invoke-ExecJITAdmin { Parameters = [pscustomobject]$Parameters ScheduledTime = $Request.Body.StartDate PostExecution = @{ - Webhook = [bool]$Request.Body.PostExecution.Webhook - Email = [bool]$Request.Body.PostExecution.Email - PSA = [bool]$Request.Body.PostExecution.PSA + Webhook = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'webhook') + Email = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'email') + PSA = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'PSA') } } Add-CIPPScheduledTask -Task $TaskBody -hidden $false if ($Request.Body.useraction -ne 'Create') { - Set-CIPPUserJITAdminProperties -TenantFilter $Request.Body.TenantFilter -UserId $Request.Body.UserId -Expiration $Expiration + Set-CIPPUserJITAdminProperties -TenantFilter $TenantFilter -UserId $Request.Body.existingUser.value -Expiration $Expiration } $Results.Add("Scheduling JIT Admin enable task for $Username") } else { @@ -172,29 +172,29 @@ Function Invoke-ExecJITAdmin { } $DisableTaskBody = [pscustomobject]@{ - TenantFilter = $Request.Body.TenantFilter - Name = "JIT Admin ($($Request.Body.ExpireAction)): $Username" + TenantFilter = $TenantFilter + Name = "JIT Admin ($($Request.Body.ExpireAction.value)): $Username" Command = @{ value = 'Set-CIPPUserJITAdmin' label = 'Set-CIPPUserJITAdmin' } Parameters = [pscustomobject]@{ - TenantFilter = $Request.Body.TenantFilter + TenantFilter = $TenantFilter User = @{ 'UserPrincipalName' = $Username } - Roles = $Request.Body.AdminRoles - Action = $Request.Body.ExpireAction + Roles = $Request.Body.AdminRoles.value + Action = $Request.Body.ExpireAction.value } PostExecution = @{ - Webhook = [bool]$Request.Body.PostExecution.Webhook - Email = [bool]$Request.Body.PostExecution.Email - PSA = [bool]$Request.Body.PostExecution.PSA + Webhook = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'webhook') + Email = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'email') + PSA = [bool]($Request.Body.PostExecution | Where-Object -Property value -EQ 'PSA') } ScheduledTime = $Request.Body.EndDate } $null = Add-CIPPScheduledTask -Task $DisableTaskBody -hidden $false - $Results.Add("Scheduling JIT Admin $($Request.Body.ExpireAction) task for $Username") + $Results.Add("Scheduling JIT Admin $($Request.Body.ExpireAction.value) task for $Username") $Body = @{ Results = @($Results) } From 19c53cd42b6ccaa8b2372e887f572addbf0547a2 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 16 Dec 2024 10:39:09 -0500 Subject: [PATCH 176/290] geo ip caching --- Modules/CIPPCore/Public/Get-CIPPGeoIPLocation.ps1 | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/Modules/CIPPCore/Public/Get-CIPPGeoIPLocation.ps1 b/Modules/CIPPCore/Public/Get-CIPPGeoIPLocation.ps1 index 59877c61f9da..1ee4efcd43df 100644 --- a/Modules/CIPPCore/Public/Get-CIPPGeoIPLocation.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPGeoIPLocation.ps1 @@ -3,7 +3,21 @@ function Get-CIPPGeoIPLocation { param ( [string]$IP ) + + $CacheGeoIPTable = Get-CippTable -tablename 'cachegeoip' + $30DaysAgo = (Get-Date).AddDays(-30).ToString('yyyy-MM-ddTHH:mm:ssZ') + $Filter = "RowKey eq '$IP' and Timestamp ge datetime'$30DaysAgo'" + $GeoIP = Get-CippAzDataTableEntity @CacheGeoIPTable -Filter $Filter + if ($GeoIP) { + return ($GeoIP.Data | ConvertFrom-Json) + } $location = Invoke-RestMethod "https://geoipdb.azurewebsites.net/api/GetIPInfo?IP=$IP" if ($location.status -eq 'FAIL') { throw "Could not get location for $IP" } + $CacheGeo = @{ + PartitionKey = 'IP' + RowKey = $IP + Data = [string]($location | ConvertTo-Json -Compress) + } + Add-AzDataTableEntity @CacheGeoIPTable -Entity $CacheGeo -Force return $location } From 711690110c8a3bab9847d281e6658d9e9beecd5b Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 17:51:29 +0100 Subject: [PATCH 177/290] pushing new filters --- Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 index 1bd281e5b948..53af35e197ad 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomers.ps1 @@ -1,5 +1,4 @@ function Get-SherwebCustomers { - $AuthHeader = Get-SherwebAuthentication $CustomersList = Invoke-RestMethod -Uri 'https://api.sherweb.com/service-provider/v1/customers' -Method GET -Headers $AuthHeader return $CustomersList.items From 8ab51a136cb7100257cd539d279e66be114b0bd5 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 16 Dec 2024 21:12:14 +0100 Subject: [PATCH 178/290] version up for rc1 --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index db0785f27378..66ce77b7ead5 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -6.5.3 +7.0.0 From f27d1c747113548d2b393606dd0fe7f4eb1ad094 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 17 Dec 2024 16:32:32 +0100 Subject: [PATCH 179/290] bug #1 migration --- .../Tenant/Standards/Invoke-ExecStandardConvert.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 index e82612f27ebc..fcd857a348d2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 @@ -204,7 +204,7 @@ function Invoke-ExecStandardConvert { $Converted | Add-Member -NotePropertyName 'createdAt' -NotePropertyValue ((Get-Date).ToUniversalTime()) -Force $Converted | Add-Member -NotePropertyName 'updatedBy' -NotePropertyValue 'System' -Force $Converted | Add-Member -NotePropertyName 'updatedAt' -NotePropertyValue (Get-Date).ToUniversalTime() -Force - $JSON = $Converted | ConvertTo-Json -Depth 40 + $JSON = ConvertTo-Json -Depth 40 -InputObject $Converted $Table = Get-CippTable -tablename 'templates' $Table.Force = $true From 001f97e92e6c128e0d60d033276f94febfceafe9 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 17 Dec 2024 13:01:51 -0500 Subject: [PATCH 180/290] fix errors with initial permission data --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 24 ++++++++++++++----- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index b12c82020272..c27c1d89cf12 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -27,7 +27,11 @@ Function Invoke-ExecAccessChecks { if (!$Results) { $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' } else { - $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) + try { + $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) + } catch { + $LastRun = $null + } } } else { $Results = Test-CIPPAccessPermissions -tenantfilter $ENV:TenantID -APIName $APINAME -ExecutingUser $Request.Headers.'x-ms-client-principal' @@ -44,8 +48,8 @@ Function Invoke-ExecAccessChecks { TenantId = $Tenant.customerId TenantName = $Tenant.displayName DefaultDomainName = $Tenant.defaultDomainName - GraphStatus = $null - ExchangeStatus = $null + GraphStatus = 'Not run yet' + ExchangeStatus = 'Not run yet' GDAPRoles = '' MissingRoles = '' LastRun = '' @@ -65,10 +69,14 @@ Function Invoke-ExecAccessChecks { $TenantResult } - $LastRunTime = $AccessChecks | Sort-Object Timestamp | Select-Object -Property Timestamp -Last 1 - $LastRun = [DateTime]::SpecifyKind($LastRunTime.Timestamp.DateTime, [DateTimeKind]::Utc) + try { + $LastRun = [DateTime]::SpecifyKind($LastRunTime.Timestamp.DateTime, [DateTimeKind]::Utc) + } catch { + $LastRun = $null + } } catch { + Write-Host $_.Exception.Message $Results = @() } } @@ -95,7 +103,11 @@ Function Invoke-ExecAccessChecks { if (!$Results) { $Results = Test-CIPPGDAPRelationships } else { - $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) + try { + $LastRun = [DateTime]::SpecifyKind($Cache.Timestamp.DateTime, [DateTimeKind]::Utc) + } catch { + $LastRun = $null + } } } else { $Results = Test-CIPPGDAPRelationships From 13a1deaa28423b7068d0a5db12ebabeedcb20663 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 17 Dec 2024 16:14:09 -0500 Subject: [PATCH 181/290] move checks inside try statement --- .../HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index c27c1d89cf12..1c9f8fb0dc05 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -18,8 +18,8 @@ Function Invoke-ExecAccessChecks { switch ($Request.Query.Type) { 'Permissions' { if ($Request.Query.SkipCache -ne 'true') { - $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" try { + $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'AccessPermissions'" $Results = $Cache.Data | ConvertFrom-Json } catch { $Results = $null @@ -94,8 +94,8 @@ Function Invoke-ExecAccessChecks { } 'GDAP' { if (!$Request.Query.SkipCache -eq 'true') { - $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'" try { + $Cache = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq 'GDAPRelationships'" $Results = $Cache.Data | ConvertFrom-Json } catch { $Results = $null From f732b620f3147f1ddad375f3967e50b7fee591b4 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 18 Dec 2024 14:21:54 +0100 Subject: [PATCH 182/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippufcig.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cippufcig.yml diff --git a/.github/workflows/interface-rewrite_cippufcig.yml b/.github/workflows/interface-rewrite_cippufcig.yml new file mode 100644 index 000000000000..d047147ad74d --- /dev/null +++ b/.github/workflows/interface-rewrite_cippufcig.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cippufcig + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cippufcig' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_5A94D19FE6B44070B777EDECF3EF5BFE }} \ No newline at end of file From c3e68f90e88be20d4d055c1bc9e1b89eff882432 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 18 Dec 2024 10:14:19 -0500 Subject: [PATCH 183/290] fix intune registration mfa standard --- .../Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 index dfce677e2bc3..143acbc4e2f5 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 @@ -36,8 +36,8 @@ function Invoke-CIPPStandardintuneRequireMFA { } else { try { $NewSetting = $PreviousSetting - $NewSetting.multiFactorAuthConfiguration = '1' - $Newbody = ConvertTo-Json -Compress -InputObject $NewSetting + $NewSetting.multiFactorAuthConfiguration = 'required' + $Newbody = ConvertTo-Json -Compress -InputObject $NewSetting -Depth 10 New-GraphPostRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/deviceRegistrationPolicy' -Type PUT -Body $NewBody -ContentType 'application/json' Write-LogMessage -API 'Standards' -tenant $tenant -message 'Set required to use MFA when joining/registering Entra Devices' -sev Info } catch { From 8b4fe49f429bca5022ee5520b3f756f3553396e5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 19 Dec 2024 12:19:47 -0500 Subject: [PATCH 184/290] add preset url filters --- .../Entrypoints/Invoke-ListGraphExplorerPresets.ps1 | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 index e6ed4a942954..d18dedd99d31 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 @@ -12,10 +12,8 @@ Function Invoke-ListGraphExplorerPresets { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Username = ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($request.headers.'x-ms-client-principal')) | ConvertFrom-Json).userDetails - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' + try { $Table = Get-CIPPTable -TableName 'GraphPresets' $Presets = Get-CIPPAzDataTableEntity @Table -Filter "Owner eq '$Username' or IsShared eq true" | Sort-Object -Property name @@ -28,8 +26,13 @@ Function Invoke-ListGraphExplorerPresets { params = ConvertFrom-Json -InputObject $Preset.Params } } + + if ($Request.Query.Endpoint) { + $Endpoint = $Request.Query.Endpoint -replace '^/', '' + $Results = $Results | Where-Object { $_.params.endpoint -eq $Endpoint } + } } catch { - $Presets = @() + $Results = @() } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ @@ -37,7 +40,7 @@ Function Invoke-ListGraphExplorerPresets { Body = @{ Results = @($Results) Metadata = @{ - Count = ($Presets | Measure-Object).Count + Count = ($Results | Measure-Object).Count } } }) From db3335f03b7a891ab45d1e4ff8139cb2c8e1e8be Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 19 Dec 2024 13:52:42 -0500 Subject: [PATCH 185/290] Update Invoke-ExecDeleteGDAPRelationship.ps1 --- .../Tenant/GDAP/Invoke-ExecDeleteGDAPRelationship.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRelationship.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRelationship.ps1 index 61164e8968be..2d0c88112d0b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRelationship.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRelationship.ps1 @@ -14,7 +14,7 @@ Function Invoke-ExecDeleteGDAPRelationship { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' # Interact with query parameters or the body of the request. - $GDAPID = $request.query.GDAPId + $GDAPID = $Request.Query.GDAPId ?? $Request.Body.GDAPId try { $DELETE = New-GraphPostRequest -NoAuthCheck $True -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$($GDAPID)/requests" -type POST -body '{"action":"terminate"}' -tenantid $env:TenantID $Results = [pscustomobject]@{'Results' = "Success. GDAP relationship for $($GDAPID) been revoked" } From 97d07b43264af2ce67ed275ad948a60349e358e1 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 19 Dec 2024 23:55:29 -0500 Subject: [PATCH 186/290] replace id with display name in response --- .../CIPP/Settings/Invoke-ExecAccessChecks.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 index 1c9f8fb0dc05..700ff7065585 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecAccessChecks.ps1 @@ -86,9 +86,9 @@ Function Invoke-ExecAccessChecks { } if ($Request.Body.TenantId) { - $Tenant = $Request.Body.TenantId - $null = Test-CIPPAccessTenant -Tenant $Tenant -ExecutingUser $Request.Headers.'x-ms-client-principal' - $Results = "Refreshing tenant $Tenant" + $Tenant = Get-Tenants -TenantFilter $Request.Body.TenantId + $null = Test-CIPPAccessTenant -Tenant $Tenant.customerId -ExecutingUser $Request.Headers.'x-ms-client-principal' + $Results = "Refreshing tenant $($Tenant.displayName)" } } From 219797f284e8231e57fe3e86c09037ad0539e185 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 20 Dec 2024 16:54:10 -0500 Subject: [PATCH 187/290] fix logic for endpoint query --- .../Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 index d18dedd99d31..e023ee91f0be 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGraphExplorerPresets.ps1 @@ -28,8 +28,8 @@ Function Invoke-ListGraphExplorerPresets { } if ($Request.Query.Endpoint) { - $Endpoint = $Request.Query.Endpoint -replace '^/', '' - $Results = $Results | Where-Object { $_.params.endpoint -eq $Endpoint } + $Endpoint = $Request.Query.Endpoint -replace '^/', '' + $Results = $Results | Where-Object { ($_.params.endpoint -replace '^/', '') -eq $Endpoint } } } catch { $Results = @() From ce8d0919019e2b543cccd668a664dbaa7914a069 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:32:38 +0100 Subject: [PATCH 188/290] integration mapping fixes --- .../Invoke-ExecExtensionMapping.ps1 | 3 +++ .../Public/Sherweb/Get-SherwebMapping.ps1 | 4 +-- .../Public/Sherweb/Set-SherwebMapping.ps1 | 26 +++++++++++++++++++ 3 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 Modules/CippExtensions/Public/Sherweb/Set-SherwebMapping.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 index fc8ebaadacd4..01558e4c2c9f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionMapping.ps1 @@ -44,6 +44,9 @@ Function Invoke-ExecExtensionMapping { try { if ($Request.Query.AddMapping) { switch ($Request.Query.AddMapping) { + 'Sherweb' { + $Body = Set-SherwebMapping -CIPPMapping $Table -APIName $APIName -Request $Request + } 'HaloPSA' { $body = Set-HaloMapping -CIPPMapping $Table -APIName $APIName -Request $Request } diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 index 0c4d744bd0ba..02df30e7cfdf 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 @@ -9,7 +9,7 @@ function Get-SherwebMapping { $Tenants = Get-Tenants -IncludeErrors $Mappings = foreach ($Mapping in $ExtensionMappings) { - $Tenant = $Tenants | Where-Object { $_.RowKey -eq $Mapping.RowKey } + $Tenant = $Tenants | Where-Object { $_.defaultDomainName -eq $Mapping.RowKey } if ($Tenant) { [PSCustomObject]@{ TenantId = $Tenant.customerId @@ -42,7 +42,7 @@ function Get-SherwebMapping { } $MappingObj = [PSCustomObject]@{ Companies = @($SherwebCustomers) - Mappings = $Mappings + Mappings = @($Mappings) } return $MappingObj diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebMapping.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebMapping.ps1 new file mode 100644 index 000000000000..f9f7b25e07b7 --- /dev/null +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebMapping.ps1 @@ -0,0 +1,26 @@ +function Set-SherwebMapping { + [CmdletBinding()] + param ( + $CIPPMapping, + $APIName, + $Request + ) + Get-CIPPAzDataTableEntity @CIPPMapping -Filter "PartitionKey eq 'SherwebMapping'" | ForEach-Object { + Remove-AzDataTableEntity -Force @CIPPMapping -Entity $_ + } + foreach ($Mapping in $Request.Body) { + Write-Host "Adding mapping for $($mapping.IntegrationId)" + $AddObject = @{ + PartitionKey = 'SherwebMapping' + RowKey = "$($mapping.TenantId)" + IntegrationId = "$($mapping.IntegrationId)" + IntegrationName = "$($mapping.IntegrationName)" + } + + Add-CIPPAzDataTableEntity @CIPPMapping -Entity $AddObject -Force + Write-LogMessage -API $APINAME -user $request.headers.'x-ms-client-principal' -message "Added mapping for $($mapping.name)." -Sev 'Info' + } + $Result = [pscustomobject]@{'Results' = 'Successfully edited mapping table.' } + + Return $Result +} From 8b6f84cab24f3480db295be73f6a2e967ae94a99 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 23 Dec 2024 19:49:15 +0100 Subject: [PATCH 189/290] imrpvements --- .../Entrypoints/Invoke-ListCSPLicenses.ps1 | 23 +++++++++++++++++++ .../Public/Sherweb/Get-SherwebCatalog.ps1 | 12 +++++++--- .../Get-SherwebCurrentSubscription.ps1 | 10 ++++++-- .../Get-SherwebCustomerConfiguration.ps1 | 10 ++++++-- .../Sherweb/Remove-SherwebSubscription.ps1 | 12 +++++++--- .../Sherweb/Set-SherwebSubscription.ps1 | 11 +++++++-- 6 files changed, 66 insertions(+), 12 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPLicenses.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPLicenses.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPLicenses.ps1 new file mode 100644 index 000000000000..4a6959e2b5fc --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPLicenses.ps1 @@ -0,0 +1,23 @@ +using namespace System.Net + +Function Invoke-ListCSPLicenses { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Tenant.Directory.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + $GraphRequest = Get-SherwebCurrentSubscription -TenantFilter $Request.Query.TenantFilter + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @($GraphRequest) + }) -Clobber + +} diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 index 2589dee5fac5..a7cd3a8f406a 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCatalog.ps1 @@ -1,9 +1,15 @@ function Get-SherwebCatalog { param( - [Parameter(Mandatory = $true)] - [string]$CustomerId + [Parameter(Mandatory = $false)] + [string]$CustomerId, + [string]$TenantFilter ) - + if ($TenantFilter) { + Get-ExtensionMapping -Extension 'Sherweb' | Where-Object { $_.RowKey -eq $TenantFilter } | ForEach-Object { + Write-Host "Extracted customer id from tenant filter - It's $($_.IntegrationId)" + $CustomerId = $_.IntegrationId + } + } $AuthHeader = Get-SherwebAuthentication $SubscriptionsList = Invoke-RestMethod -Uri "https://api.sherweb.com/service-provider/v1/customer-catalogs/$CustomerId" -Method GET -Headers $AuthHeader return $SubscriptionsList.catalogItems diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 index 0ccd8d6baa46..1c260ccd2cfd 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCurrentSubscription.ps1 @@ -1,11 +1,17 @@ function Get-SherwebCurrentSubscription { param( - [Parameter(Mandatory = $true)] + [Parameter(Mandatory = $false)] + [string]$TenantFilter, [string]$CustomerId, [string]$SKU, [string]$ProductName ) - +if($TenantFilter){ + Get-ExtensionMapping -Extension 'Sherweb' | Where-Object { $_.RowKey -eq $TenantFilter } | ForEach-Object { + write-host "Extracted customer id from tenant filter - It's $($_.IntegrationId)" + $CustomerId = $_.IntegrationId + } +} $AuthHeader = Get-SherwebAuthentication $Uri = "https://api.sherweb.com/service-provider/v1/billing/subscriptions/details?customerId=$CustomerId" $SubscriptionDetails = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 index 98d9ba3c27ac..b315ee4ae057 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebCustomerConfiguration.ps1 @@ -1,9 +1,15 @@ function Get-SherwebCustomerConfiguration { param( [Parameter(Mandatory = $true)] - [string]$CustomerId + [string]$CustomerId, + [string]$TenantFilter ) - + if ($TenantFilter) { + Get-ExtensionMapping -Extension 'Sherweb' | Where-Object { $_.RowKey -eq $TenantFilter } | ForEach-Object { + Write-Host "Extracted customer id from tenant filter - It's $($_.IntegrationId)" + $CustomerId = $_.IntegrationId + } + } $AuthHeader = Get-SherwebAuthentication $Uri = "https://api.sherweb.com/service-provider/v1/customers/$($CustomerId)/platforms-configurations/" $CustomerConfig = Invoke-RestMethod -Uri $Uri -Method GET -Headers $AuthHeader diff --git a/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 index 951fa36b5aef..cfdfc21c8148 100644 --- a/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Remove-SherwebSubscription.ps1 @@ -1,11 +1,17 @@ function Remove-SherwebSubscription { param( - [Parameter(Mandatory = $true)] + [Parameter(Mandatory = $false)] [string]$CustomerId, [Parameter(Mandatory = $true)] - [string[]]$SubscriptionIds + [string[]]$SubscriptionIds, + [string]$TenantFilter ) - + if ($TenantFilter) { + Get-ExtensionMapping -Extension 'Sherweb' | Where-Object { $_.RowKey -eq $TenantFilter } | ForEach-Object { + Write-Host "Extracted customer id from tenant filter - It's $($_.IntegrationId)" + $CustomerId = $_.IntegrationId + } + } $AuthHeader = Get-SherwebAuthentication $Body = ConvertTo-Json -Depth 10 -InputObject @{ subscriptionIds = @($SubscriptionIds) diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 index abd11a069a53..05ed97ff8020 100644 --- a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 @@ -1,13 +1,20 @@ function Set-SherwebSubscription { param( - [Parameter(Mandatory = $true)] + [Parameter(Mandatory = $false)] [string]$CustomerId, [Parameter(Mandatory = $true)] [string]$SKU, [int]$Quantity, [int]$Add, - [int]$Remove + [int]$Remove, + [string]$TenantFilter ) + if ($TenantFilter) { + Get-ExtensionMapping -Extension 'Sherweb' | Where-Object { $_.RowKey -eq $TenantFilter } | ForEach-Object { + Write-Host "Extracted customer id from tenant filter - It's $($_.IntegrationId)" + $CustomerId = $_.IntegrationId + } + } $AuthHeader = Get-SherwebAuthentication $ExistingSubscription = Get-CurrentSherwebSubscription -ClientId $ClientId -ClientSecret $ClientSecret -SubscriptionKey $SubscriptionKey -CustomerId $CustomerId -SKU $SKU From 393968b83b14a0055ce2ce97d1607ba8eb704552 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 23 Dec 2024 20:28:19 +0100 Subject: [PATCH 190/290] Add ability to buy licenses too --- .../Entrypoints/Invoke-ExecCSPLicense.ps1 | 46 +++++++++++++++++++ .../Sherweb/Set-SherwebSubscription.ps1 | 2 +- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 new file mode 100644 index 000000000000..e885190d4ee4 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 @@ -0,0 +1,46 @@ +using namespace System.Net + +Function Invoke-ExecCSPLicense { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Tenant.Directory.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + + # Write to the Azure Functions log stream. + Write-Host 'PowerShell HTTP trigger function processed a request.' + + # Interact with query parameters or the body of the request. + $TenantFilter = $Request.body.TenantFilter + $Action = $Request.body.Action + + try { + if ($Action -eq 'Add') { + $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -add $Request.body.Add + } + + if ($Action -eq 'Remove') { + $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -remove $Request.body.Remove + } + + if ($Action -eq 'NewSub') { + $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -Quantity $Request.body.Quantity + } + $Message = 'License change executed successfully.' + } catch { + $Message = "Failed to execute license change. Error: $_" + } + #If #GraphRequest is a GUID, the subscription was edited succesfully, and return that its done. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $Message + }) -Clobber + +} diff --git a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 index 05ed97ff8020..057a198966ac 100644 --- a/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Set-SherwebSubscription.ps1 @@ -16,7 +16,7 @@ function Set-SherwebSubscription { } } $AuthHeader = Get-SherwebAuthentication - $ExistingSubscription = Get-CurrentSherwebSubscription -ClientId $ClientId -ClientSecret $ClientSecret -SubscriptionKey $SubscriptionKey -CustomerId $CustomerId -SKU $SKU + $ExistingSubscription = Get-SherwebCurrentSubscription -CustomerId $CustomerId -SKU $SKU if (-not $ExistingSubscription) { if ($Add -or $Remove) { From 63009e672cf1261d74010f7ad32c95a593c82ed6 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 00:44:14 +0100 Subject: [PATCH 191/290] Subscription changes --- Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 index e885190d4ee4..4a93edabd2d7 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 @@ -33,6 +33,9 @@ Function Invoke-ExecCSPLicense { if ($Action -eq 'NewSub') { $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -Quantity $Request.body.Quantity } + if ($Action -eq 'Cancel') { + $GraphRequest = Remove-SherwebSubscription -tenantFilter $TenantFilter -SubscriptionIds $Request.body.SubscriptionIds + } $Message = 'License change executed successfully.' } catch { $Message = "Failed to execute license change. Error: $_" From def839eec9d66d2810ac01f66b7f162d8cd645fb Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 16:06:06 +0100 Subject: [PATCH 192/290] updates --- .../Tenant/Conditional/Invoke-AddCAPolicy.ps1 | 2 +- .../Entrypoints/Invoke-ExecCSPLicense.ps1 | 3 +-- .../Public/Entrypoints/Invoke-ListCSPsku.ps1 | 24 +++++++++++++++++++ .../GraphHelper/Get-NormalizedError.ps1 | 1 + .../CIPPCore/Public/New-CIPPCATemplate.ps1 | 15 ++++++++---- 5 files changed, 38 insertions(+), 7 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCAPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCAPolicy.ps1 index 7ced88078c10..e1f21ae1e974 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCAPolicy.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCAPolicy.ps1 @@ -13,7 +13,7 @@ Function Invoke-AddCAPolicy { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value + $Tenants = $Request.body.tenantFilter.value if ('AllTenants' -in $Tenants) { $Tenants = (Get-Tenants).defaultDomainName } $results = foreach ($Tenant in $tenants) { diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 index 4a93edabd2d7..3b2a14e1e100 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 @@ -20,7 +20,6 @@ Function Invoke-ExecCSPLicense { # Interact with query parameters or the body of the request. $TenantFilter = $Request.body.TenantFilter $Action = $Request.body.Action - try { if ($Action -eq 'Add') { $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -add $Request.body.Add @@ -31,7 +30,7 @@ Function Invoke-ExecCSPLicense { } if ($Action -eq 'NewSub') { - $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -Quantity $Request.body.Quantity + $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku.value -Quantity $Request.body.Quantity } if ($Action -eq 'Cancel') { $GraphRequest = Remove-SherwebSubscription -tenantFilter $TenantFilter -SubscriptionIds $Request.body.SubscriptionIds diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 new file mode 100644 index 000000000000..b5528de5ae46 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 @@ -0,0 +1,24 @@ +using namespace System.Net + +Function Invoke-ListCSPsku { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Tenant.Directory.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + $GraphRequest = Get-SherwebCatalog -TenantFilter $Request.Query.TenantFilter + + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @($GraphRequest) + }) -Clobber + +} diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 index 198e228a3201..12740aeb73e3 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 @@ -64,6 +64,7 @@ function Get-NormalizedError { '*AADSTS53003*' { 'Access has been blocked by Conditional Access policies. Please check the Conditional Access configuration documentation' } '*AADSTS900023*' { 'This tenant is not available for this operation. Please check the selected tenant and try again.' } '*AADSTS9002313*' { 'The credentials used to connect to the Graph API are not available, please retry. If this issue persists you may need to execute the SAM wizard.' } + '*One or more platform(s) is/are not configured for the customer. Please configure the platform before trying to purchase a SKU.*' { 'One or more platform(s) is/are not configured for the customer. Please configure the platform before trying to purchase a SKU.' } Default { $message } } diff --git a/Modules/CIPPCore/Public/New-CIPPCATemplate.ps1 b/Modules/CIPPCore/Public/New-CIPPCATemplate.ps1 index 37577fd35f72..e2cd6b6a22e8 100644 --- a/Modules/CIPPCore/Public/New-CIPPCATemplate.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPCATemplate.ps1 @@ -31,11 +31,12 @@ function New-CIPPCATemplate { if ($excludelocations) { $JSON.conditions.locations.excludeLocations = $excludelocations } if ($JSON.conditions.users.includeUsers) { $JSON.conditions.users.includeUsers = @($JSON.conditions.users.includeUsers | ForEach-Object { + $originalID = $_ if ($_ -in 'All', 'None', 'GuestOrExternalUsers') { return $_ } try { (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantFilter).displayName } catch { - return $_ + return $originalID } }) } @@ -43,10 +44,12 @@ function New-CIPPCATemplate { if ($JSON.conditions.users.excludeUsers) { $JSON.conditions.users.excludeUsers = @($JSON.conditions.users.excludeUsers | ForEach-Object { if ($_ -in 'All', 'None', 'GuestOrExternalUsers') { return $_ } + $originalID = $_ + try { (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantFilter).displayName } catch { - return $_ + return $originalID } }) } @@ -58,21 +61,25 @@ function New-CIPPCATemplate { if ($JSON.conditions.users.includeGroups) { $JSON.conditions.users.includeGroups = @($JSON.conditions.users.includeGroups | ForEach-Object { + $originalID = $_ if ($_ -in 'All', 'None', 'GuestOrExternalUsers' -or -not (Test-IsGuid $_)) { return $_ } try { (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups/$($_)" -tenantid $TenantFilter).displayName } catch { - return $_ + return $originalID } }) } if ($JSON.conditions.users.excludeGroups) { $JSON.conditions.users.excludeGroups = @($JSON.conditions.users.excludeGroups | ForEach-Object { + $originalID = $_ + if ($_ -in 'All', 'None', 'GuestOrExternalUsers' -or -not (Test-IsGuid $_)) { return $_ } try { (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups/$($_)" -tenantid $TenantFilter).displayName } catch { - return $_ + return $originalID + } }) } From e6aa662685d6f5c0c09117a3cb24a4ca196ddbf2 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 16:08:18 +0100 Subject: [PATCH 193/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cipp3qpy2.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cipp3qpy2.yml diff --git a/.github/workflows/interface-rewrite_cipp3qpy2.yml b/.github/workflows/interface-rewrite_cipp3qpy2.yml new file mode 100644 index 000000000000..fb6e05bb0334 --- /dev/null +++ b/.github/workflows/interface-rewrite_cipp3qpy2.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cipp3qpy2 + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cipp3qpy2' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_5EE536748AAF4E5BA00C9DBF8B25F917 }} \ No newline at end of file From 3c9dc94dfbd2f5e65cac136d8100ea5fb8576948 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 16:11:52 +0100 Subject: [PATCH 194/290] Remove the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cipp3qpy2.yml | 30 ------------------- 1 file changed, 30 deletions(-) delete mode 100644 .github/workflows/interface-rewrite_cipp3qpy2.yml diff --git a/.github/workflows/interface-rewrite_cipp3qpy2.yml b/.github/workflows/interface-rewrite_cipp3qpy2.yml deleted file mode 100644 index fb6e05bb0334..000000000000 --- a/.github/workflows/interface-rewrite_cipp3qpy2.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cipp3qpy2 - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cipp3qpy2' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_5EE536748AAF4E5BA00C9DBF8B25F917 }} \ No newline at end of file From 6add2ae3b1755af93cb680114be5a6947748cf24 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 17:08:04 +0100 Subject: [PATCH 195/290] fix templating issues --- .../HTTP Functions/Tenant/Conditional/Invoke-AddCATemplate.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCATemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCATemplate.ps1 index 339cbf077481..ade9db4a3232 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCATemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-AddCATemplate.ps1 @@ -13,7 +13,7 @@ Function Invoke-AddCATemplate { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $TenantFilter = $Request.Query.TenantFilter + $TenantFilter = $Request.Body.TenantFilter try { $GUID = (New-Guid).GUID $JSON = New-CIPPCATemplate -TenantFilter $TenantFilter -JSON $request.body From e1a5622a079d295f518596a97d9ff6c087a1e072 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 24 Dec 2024 21:12:02 +0100 Subject: [PATCH 196/290] Fix some null safe stuff --- Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 | 22 ++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 b/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 index e75847a094cf..3d5f1981d32a 100644 --- a/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 +++ b/Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1 @@ -150,6 +150,7 @@ function New-CIPPCAPolicy { $JSONObj.conditions.users.$groupType = @(Replace-GroupNameWithId -groupNames $JSONObj.conditions.users.$groupType) } } + } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to replace displayNames for conditional access rule $($JSONObj.displayName). Error: $($ErrorMessage.NormalizedError)" -sev 'Error' -LogData $ErrorMessage @@ -158,6 +159,27 @@ function New-CIPPCAPolicy { } } $JsonObj.PSObject.Properties.Remove('LocationInfo') + foreach ($condition in $JSONObj.conditions.users.PSObject.Properties.Name) { + $value = $JSONObj.conditions.users.$condition + if ($null -eq $value) { + $JSONObj.conditions.users.$condition = @() + continue + } + if ($value -is [string]) { + if ([string]::IsNullOrWhiteSpace($value)) { + $JSONObj.conditions.users.$condition = @() + continue + } + } + if ($value -is [array]) { + $nonWhitespaceItems = $value | Where-Object { -not [string]::IsNullOrWhiteSpace($_) } + if ($nonWhitespaceItems.Count -eq 0) { + $JSONObj.conditions.users.$condition = @() + continue + } + } + } + $RawJSON = ConvertTo-Json -InputObject $JSONObj -Depth 10 -Compress Write-Host $RawJSON try { From e73a2acb6d84c597a562d531e7ff97364d055b6d Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 26 Dec 2024 23:48:36 +0100 Subject: [PATCH 197/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippq2mqh.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cippq2mqh.yml diff --git a/.github/workflows/interface-rewrite_cippq2mqh.yml b/.github/workflows/interface-rewrite_cippq2mqh.yml new file mode 100644 index 000000000000..af63521f22cd --- /dev/null +++ b/.github/workflows/interface-rewrite_cippq2mqh.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cippq2mqh + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cippq2mqh' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_0AD3E44792924AF8AC3071CFD3F2CC6F }} \ No newline at end of file From 8a7e7e6f04e5c8500061431efedd2743c6bcfc1f Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 26 Dec 2024 23:48:55 +0100 Subject: [PATCH 198/290] Remove the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippq2mqh.yml | 30 ------------------- 1 file changed, 30 deletions(-) delete mode 100644 .github/workflows/interface-rewrite_cippq2mqh.yml diff --git a/.github/workflows/interface-rewrite_cippq2mqh.yml b/.github/workflows/interface-rewrite_cippq2mqh.yml deleted file mode 100644 index af63521f22cd..000000000000 --- a/.github/workflows/interface-rewrite_cippq2mqh.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippq2mqh - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippq2mqh' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_0AD3E44792924AF8AC3071CFD3F2CC6F }} \ No newline at end of file From 3c9ee34257b2990ce3cfc997682a8a7379a8ee1a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 27 Dec 2024 17:55:25 +0100 Subject: [PATCH 199/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippt4ytd.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cippt4ytd.yml diff --git a/.github/workflows/interface-rewrite_cippt4ytd.yml b/.github/workflows/interface-rewrite_cippt4ytd.yml new file mode 100644 index 000000000000..ae51ea421285 --- /dev/null +++ b/.github/workflows/interface-rewrite_cippt4ytd.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cippt4ytd + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cippt4ytd' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_0CC86EE4038346AC8F9E168FFA6E63FD }} \ No newline at end of file From c78d2023468df3aa4d48916293bbae08c032383f Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 27 Dec 2024 18:00:22 +0100 Subject: [PATCH 200/290] Remove the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cippt4ytd.yml | 30 ------------------- 1 file changed, 30 deletions(-) delete mode 100644 .github/workflows/interface-rewrite_cippt4ytd.yml diff --git a/.github/workflows/interface-rewrite_cippt4ytd.yml b/.github/workflows/interface-rewrite_cippt4ytd.yml deleted file mode 100644 index ae51ea421285..000000000000 --- a/.github/workflows/interface-rewrite_cippt4ytd.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippt4ytd - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippt4ytd' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_0CC86EE4038346AC8F9E168FFA6E63FD }} \ No newline at end of file From b17e37e3551ec72be88427558f14e85e9f7e5cb3 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 30 Dec 2024 17:42:28 +0100 Subject: [PATCH 201/290] Add or update the Azure App Service build and deployment workflow config --- .../workflows/interface-rewrite_cipptulwz.yml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/interface-rewrite_cipptulwz.yml diff --git a/.github/workflows/interface-rewrite_cipptulwz.yml b/.github/workflows/interface-rewrite_cipptulwz.yml new file mode 100644 index 000000000000..0193890aa5d0 --- /dev/null +++ b/.github/workflows/interface-rewrite_cipptulwz.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cipptulwz + +on: + push: + branches: + - interface-rewrite + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cipptulwz' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_8DF25C53CFA64C388F9B6AC94A9780B9 }} \ No newline at end of file From fef2e13b45d4a8a599d788a2e530761f47248962 Mon Sep 17 00:00:00 2001 From: Woody <2997336+MWGMorningwood@users.noreply.github.com> Date: Mon, 30 Dec 2024 16:05:26 -0500 Subject: [PATCH 202/290] Remove erroneous /deviceId from Ninja field NinjaOneTenantSync was placing a duplicate /deviceId on the end of the Entra URL for devices. This URL does not properly lead to the device. Removing the trailing /deviceId does. Resolves https://github.com/KelvinTegelaar/CIPP/issues/3026 --- .../Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 index 1b88da1c6bf6..b1fcad0d8362 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 @@ -763,7 +763,7 @@ function Invoke-NinjaOneTenantSync { $DeviceLinksData = @( @{ Name = 'Entra ID' - Link = "https://entra.microsoft.com/$($Customer.defaultDomainName)/#view/Microsoft_AAD_Devices/DeviceDetailsMenuBlade/~/Properties/deviceId/$($Device.azureADDeviceId)/deviceId/" + Link = "https://entra.microsoft.com/$($Customer.defaultDomainName)/#view/Microsoft_AAD_Devices/DeviceDetailsMenuBlade/~/Properties/deviceId/$($Device.azureADDeviceId)" Icon = 'fab fa-microsoft' }, @{ From 4257f0742c54f699e946d6a13528b40e80e3c081 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:22:57 +0100 Subject: [PATCH 203/290] update list sku --- Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 index b5528de5ae46..07f4ca8897eb 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 @@ -13,7 +13,11 @@ Function Invoke-ListCSPsku { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $GraphRequest = Get-SherwebCatalog -TenantFilter $Request.Query.TenantFilter + if ($Request.Query.currentSkuOnly) { + $GraphRequest = Get-SherwebCurrentSubscription -TenantFilter $Request.Query.TenantFilter + } else { + $GraphRequest = Get-SherwebCatalog -TenantFilter $Request.Query.TenantFilter + } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ From 4d31174306dab69a33f09cabda8af63e6fe370a5 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:41:33 +0100 Subject: [PATCH 204/290] fix delete template --- Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 index 4b8d7fa34a41..c6d94a821c97 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 @@ -14,7 +14,7 @@ Function Invoke-RemoveSpamfilterTemplate { $User = $request.headers.'x-ms-client-principal' Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $ID = $request.query.id + $ID = $request.body.id try { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'SpamfilterTemplate' and RowKey eq '$id'" From f1d0274ef1ac8284ad7ad41270e25f437295eb36 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 15:59:24 +0100 Subject: [PATCH 205/290] thanks ben, wrong name --- Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 index c6d94a821c97..ac5eb5b0f064 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 @@ -20,11 +20,11 @@ Function Invoke-RemoveSpamfilterTemplate { $Filter = "PartitionKey eq 'SpamfilterTemplate' and RowKey eq '$id'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey Remove-AzDataTableEntity -Force @Table -Entity $clearRow - Write-LogMessage -user $User -API $APINAME -message "Removed Transport Rule Template with ID $ID." -Sev 'Info' - $body = [pscustomobject]@{'Results' = 'Successfully removed Transport Rule Template' } + Write-LogMessage -user $User -API $APINAME -message "Removed Spamfilter Template with ID $ID." -Sev 'Info' + $body = [pscustomobject]@{'Results' = 'Successfully Spamfilter template' } } catch { $ErrorMessage = Get-CippException -Exception $_ - Write-LogMessage -user $User -API $APINAME -message "Failed to remove Transport Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage + Write-LogMessage -user $User -API $APINAME -message "Failed to remove Spam filter Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" } } From 6674af7b056735d70b7671782f39c3ef9dcf034c Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 2 Jan 2025 11:04:44 -0500 Subject: [PATCH 206/290] fix issue with update tokens --- .../Start-UpdateTokensTimer.ps1 | 45 ++++++++++--------- 1 file changed, 24 insertions(+), 21 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-UpdateTokensTimer.ps1 b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-UpdateTokensTimer.ps1 index 1f7cd63a8d3b..32ae68c270b3 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-UpdateTokensTimer.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Timer Functions/Start-UpdateTokensTimer.ps1 @@ -10,32 +10,35 @@ function Start-UpdateTokensTimer { # Get the current universal time in the default string format. $currentUTCtime = (Get-Date).ToUniversalTime() + try { + $Refreshtoken = (Get-GraphToken -ReturnRefresh $true).Refresh_token - $Refreshtoken = (Get-GraphToken -ReturnRefresh $true).Refresh_token - - if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') { - $Table = Get-CIPPTable -tablename 'DevSecrets' - $Secret = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Secret' and RowKey eq 'Secret'" - if ($Secret) { - $Secret.RefreshToken = $Refreshtoken - Add-AzDataTableEntity @Table -Entity $Secret -Force - } else { - Write-LogMessage -message 'Could not update refresh token. Will try again in 7 days.' -sev 'CRITICAL' - } - } else { - if ($env:MSI_SECRET) { - Disable-AzContextAutosave -Scope Process | Out-Null - $AzSession = Connect-AzAccount -Identity - } - $KV = $ENV:WEBSITE_DEPLOYMENT_ID - if ($Refreshtoken) { - Set-AzKeyVaultSecret -VaultName $kv -Name 'RefreshToken' -SecretValue (ConvertTo-SecureString -String $Refreshtoken -AsPlainText -Force) + if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') { + $Table = Get-CIPPTable -tablename 'DevSecrets' + $Secret = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Secret' and RowKey eq 'Secret'" + if ($Secret) { + $Secret.RefreshToken = $Refreshtoken + Add-AzDataTableEntity @Table -Entity $Secret -Force + } else { + Write-LogMessage -API 'Update Tokens' -message 'Could not update refresh token. Will try again in 7 days.' -sev 'CRITICAL' + } } else { - Write-LogMessage -message 'Could not update refresh token. Will try again in 7 days.' -sev 'CRITICAL' + if ($env:MSI_SECRET) { + Disable-AzContextAutosave -Scope Process | Out-Null + $AzSession = Connect-AzAccount -Identity + } + $KV = ($ENV:WEBSITE_DEPLOYMENT_ID -split '-')[0] + if ($Refreshtoken) { + Set-AzKeyVaultSecret -VaultName $KV -Name 'RefreshToken' -SecretValue (ConvertTo-SecureString -String $Refreshtoken -AsPlainText -Force) + } else { + Write-LogMessage -API 'Update Tokens' -message 'Could not update refresh token. Will try again in 7 days.' -sev 'CRITICAL' + } } + } catch { + Write-LogMessage -API 'Update Tokens' -message 'Error updating refresh token, see Log Data for details. Will try again in 7 days.' -sev 'CRITICAL' -LogData (Get-CippException -Exception $_) } - # Write an information log with the current time. Write-Information "PowerShell timer trigger function ran! TIME: $currentUTCtime" + } } From d0752dcacd86e25bf24fadfd108d200a2859d2b0 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 2 Jan 2025 11:06:12 -0500 Subject: [PATCH 207/290] Fix serviceprincipal output --- .../CIPP/Core/Invoke-ExecServicePrincipals.ps1 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 index 52523e9f9203..a2f10c527808 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecServicePrincipals.ps1 @@ -22,7 +22,8 @@ function Invoke-ExecServicePrincipals { 'appId' = $Request.Query.AppId } | ConvertTo-Json -Compress try { - $Results = New-GraphPostRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals' -tenantid $TenantFilter -type POST -body $Body -NoAuthCheck $true + $ServicePrincipal = New-GraphPostRequest -Uri 'https://graph.microsoft.com/beta/servicePrincipals' -tenantid $TenantFilter -type POST -body $Body -NoAuthCheck $true + $Results = "Created service principal for $($ServicePrincipal.displayName) ($($ServicePrincipal.appId))" } catch { $Results = "Unable to create service principal: $($_.Exception.Message)" $Success = $false @@ -55,6 +56,10 @@ function Invoke-ExecServicePrincipals { 'Success' = $Success } + if ($ServicePrincipal) { + $Metadata.ServicePrincipal = $ServicePrincipal + } + if ($Request.Query.AppId) { $Metadata.AppId = $Request.Query.AppId } From 60bbfd0d2eed008f15552c75017af8da2b9f3b2b Mon Sep 17 00:00:00 2001 From: BNWEIN Date: Thu, 2 Jan 2025 16:27:39 +0000 Subject: [PATCH 208/290] Added Connection Filter Functions Added Connection Filter Functions: RemoveConnectionfilterTemplate ListConnectionFilterTemplates ListConnectionFilter AddConnectionFilterTemplate AddConnectionFilter --- .../Invoke-AddConnectionFilter.ps1 | 39 ++++++++++++++ .../Invoke-AddConnectionFilterTemplate.ps1 | 54 +++++++++++++++++++ .../Invoke-ListConnectionFilter.ps1 | 36 +++++++++++++ .../Invoke-ListConnectionFilterTemplates.ps1 | 36 +++++++++++++ .../Invoke-RemoveConnectionfilterTemplate.ps1 | 39 ++++++++++++++ 5 files changed, 204 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 create mode 100644 Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 new file mode 100644 index 000000000000..1f0edd5c5999 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 @@ -0,0 +1,39 @@ +using namespace System.Net + +Function Invoke-AddConnectionFilter { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Exchange.SpamFilter.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + $RequestParams = $Request.Body.PowerShellCommand | + ConvertFrom-Json | + Select-Object -Property *, @{Name='identity'; Expression={$_.name}} -ExcludeProperty GUID, comments, name + + $Tenants = ($Request.body.selectedTenants).value + $Result = foreach ($Tenantfilter in $tenants) { + try { + $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Set-HostedConnectionFilterPolicy' -cmdParams $RequestParams + "Successfully created Connectionfilter for $tenantfilter." + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Updated Connection filter rule for $($tenantfilter)" -sev Info + } catch { + "Could not create create Connection Filter rule for $($tenantfilter): $($_.Exception.message)" + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Could not create create connection filter rule for $($tenantfilter): $($_.Exception.message)" -sev Error + } + } + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @{Results = @($Result) } + }) + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 new file mode 100644 index 000000000000..6246cf8e1069 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 @@ -0,0 +1,54 @@ +using namespace System.Net + +Function Invoke-AddConnectionFilterTemplate { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Exchange.Spamfilter.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + Write-Host ($request | ConvertTo-Json -Compress) + + try { + $GUID = (New-Guid).GUID + $JSON = if ($request.body.PowerShellCommand) { + Write-Host 'PowerShellCommand' + $request.body.PowerShellCommand | ConvertFrom-Json + } + else { + $GUID = (New-Guid).GUID + ([pscustomobject]$Request.body | Select-Object Name, EnableSafeList, IPAllowList , IPBlockList ) | ForEach-Object { + $NonEmptyProperties = $_.psobject.Properties | Where-Object { $null -ne $_.Value } | Select-Object -ExpandProperty Name + $_ | Select-Object -Property $NonEmptyProperties + } + } + $JSON = ($JSON | Select-Object @{n = 'name'; e = { $_.name } }, @{n = 'comments'; e = { $_.comments } }, * | ConvertTo-Json -Depth 10) + $Table = Get-CippTable -tablename 'templates' + $Table.Force = $true + Add-CIPPAzDataTableEntity @Table -Entity @{ + JSON = "$json" + RowKey = "$GUID" + PartitionKey = 'ConnectionfilterTemplate' + } + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Created Connection Filter Template $($Request.body.name) with GUID $GUID" -Sev 'Debug' + $body = [pscustomobject]@{'Results' = 'Successfully added template' } + + } + catch { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to create Connection Filter Template: $($_.Exception.Message)" -Sev 'Error' + $body = [pscustomobject]@{'Results' = "ConnectionFilter Template Deployment failed: $($_.Exception.Message)" } + } + + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $body + }) + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 new file mode 100644 index 000000000000..ce2740708283 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 @@ -0,0 +1,36 @@ +using namespace System.Net + +Function Invoke-ListConnectionFilter { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Exchange.SpamFilter.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $Tenantfilter = $request.Query.tenantfilter + + try { + $Policies = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-HostedConnectionFilterPolicy' | Select-Object * -ExcludeProperty *odata*, *data.type* + #$RuleState = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-HostedContentFilterRule' | Select-Object * -ExcludeProperty *odata*, *data.type* + #$GraphRequest = $Policies | Select-Object *, @{l = 'ruleState'; e = { $name = $_.name; ($RuleState | Where-Object name -EQ $name).State } }, @{l = 'rulePrio'; e = { $name = $_.name; ($RuleState | Where-Object name -EQ $name).Priority } } + $StatusCode = [HttpStatusCode]::OK + } catch { + $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message + $StatusCode = [HttpStatusCode]::Forbidden + #$GraphRequest = $ErrorMessage + $Policies = $ErrorMessage + } + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = $StatusCode + #Body = @($GraphRequest) + Body = @($Policies) + }) + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 new file mode 100644 index 000000000000..36ffdbf69e5d --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 @@ -0,0 +1,36 @@ +using namespace System.Net + +Function Invoke-ListConnectionFilterTemplates { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Exchange.SpamFilter.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $Table = Get-CippTable -tablename 'templates' + + #List new policies + $Table = Get-CippTable -tablename 'templates' + $Filter = "PartitionKey eq 'ConnectionfilterTemplate'" + $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter) | ForEach-Object { + $GUID = $_.RowKey + $data = $_.JSON | ConvertFrom-Json + $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID + $data + } + + if ($Request.query.ID) { $Templates = $Templates | Where-Object -Property RowKey -EQ $Request.query.id } + + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @($Templates) + }) + +} diff --git a/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 new file mode 100644 index 000000000000..5d4a13cca820 --- /dev/null +++ b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 @@ -0,0 +1,39 @@ +using namespace System.Net + +Function Invoke-RemoveConnectionfilterTemplate { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + Exchange.Spamfilter.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + $User = $request.headers.'x-ms-client-principal' + Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + $ID = $request.body.id + try { + $Table = Get-CippTable -tablename 'templates' + $Filter = "PartitionKey eq 'ConnectionfilterTemplate' and RowKey eq '$id'" + $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey + Remove-AzDataTableEntity -Force @Table -Entity $clearRow + Write-LogMessage -user $User -API $APINAME -message "Removed Connection Filter Template with ID $ID." -Sev 'Info' + $body = [pscustomobject]@{'Results' = 'Successfully removed Connection Filter Template' } + } catch { + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -user $User -API $APINAME -message "Failed to remove Connection Filter template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage + $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" } + } + + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = $body + }) + + +} From 9de8728901ad36a188a7e61678e9ee16c9f199f8 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 17:35:37 +0100 Subject: [PATCH 209/290] typo --- Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 index ac5eb5b0f064..a6ed62eeabb3 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 @@ -24,7 +24,7 @@ Function Invoke-RemoveSpamfilterTemplate { $body = [pscustomobject]@{'Results' = 'Successfully Spamfilter template' } } catch { $ErrorMessage = Get-CippException -Exception $_ - Write-LogMessage -user $User -API $APINAME -message "Failed to remove Spam filter Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage + Write-LogMessage -user $User -API $APINAME -message "Failed to remove Spam filter Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" } } From 8bf58c62d6f02b0e60d4091008a7a77ca73d1051 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 17:47:35 +0100 Subject: [PATCH 210/290] Add MFA remove to offboarding wizard --- Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 index 3c9b1e503f70..d12385260fb4 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 @@ -100,6 +100,9 @@ function Invoke-CIPPOffboardingJob { "Removal of permissions queued. This task will run in the background and send it's results to the logbook." } } + { $_.'RemoveMFADevices' } { + Remove-CIPPUserMFA -UserPrincipalName $Username -TenantFilter $TenantFilter -ExecutingUser $ExecutingUser + } } return $Return From 86db56d3b7c102884b1c58b5dd12c489c075ed7d Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 17:55:59 +0100 Subject: [PATCH 211/290] new standards --- .../Invoke-CIPPStandardDisableEntraPortal.ps1 | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEntraPortal.ps1 diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEntraPortal.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEntraPortal.ps1 new file mode 100644 index 000000000000..bc7518a04d37 --- /dev/null +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEntraPortal.ps1 @@ -0,0 +1,37 @@ +function Invoke-CIPPStandardDisableEntraPortal { + <# + .FUNCTIONALITY + Internal + .COMPONENT + (APIName) DisableEntraPortal + .SYNOPSIS + (Label) Disables the Entra Portal for standard users + https://docs.cipp.app/user-documentation/tenant/standards/edit-standards + #> + + param($Tenant, $Settings) + #$Rerun -Type Standard -Tenant $Tenant -API 'allowOTPTokens' -Settings $Settings + #This standard is still unlisted due to MS fixing some permissions. This will be added to the list once it is fixed. + $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/admin/entra/uxSetting' -tenantid $Tenant + + If ($Settings.remediate -eq $true) { + if ($CurrentInfo.restrictNonAdminAccess) { + Write-LogMessage -API 'Standards' -tenant $tenant -message 'Disable user access to Entra Portal is already enabled.' -sev Info + } else { + New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/admin/entra/uxSetting' -tenantid $Tenant -body '{"restrictNonAdminAccess":true}' -type PATCH + } + } + + if ($Settings.alert -eq $true) { + if ($CurrentInfo.isSoftwareOathEnabled) { + Write-LogMessage -API 'Standards' -tenant $tenant -message 'Disable user access to Entra Portal is enabled' -sev Info + } else { + Write-LogMessage -API 'Standards' -tenant $tenant -message 'Disable user access to Entra Portal is not enabled' -sev Alert + } + } + + if ($Settings.report -eq $true) { + Add-CIPPBPAField -FieldName 'DisableEntraPortal' -FieldValue $CurrentInfo.isSoftwareOathEnabled -StoreAs bool -Tenant $tenant + } + +} From 499d0c7efa4fa77c7788be94f6a4b7d6ebd4ae97 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 2 Jan 2025 18:33:52 +0100 Subject: [PATCH 212/290] fixes primdomain issue. --- .../Identity/Administration/Users/Invoke-EditUser.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 index 174d111d8000..8e981516f69c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 @@ -33,7 +33,7 @@ Function Invoke-EditUser { #Edit the user try { Write-Host "$([boolean]$UserObj.mustchangepass)" - $UserprincipalName = "$($UserObj.Username ? $userobj.username :$userobj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain)" + $UserprincipalName = "$($UserObj.Username ? $userobj.username :$userobj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain.value)" $BodyToship = [pscustomobject] @{ 'givenName' = $UserObj.givenname 'surname' = $UserObj.surname From 64a463b29785be9ceff465a894a388856a3ea8f9 Mon Sep 17 00:00:00 2001 From: BNWEIN Date: Thu, 2 Jan 2025 18:41:43 +0000 Subject: [PATCH 213/290] Removed Comments and Fixed Roles Removed Comments and Fixed Roles --- .../Email-Exchange/Invoke-AddConnectionFilter.ps1 | 2 +- .../Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 | 2 +- .../Email-Exchange/Invoke-ListConnectionFilter.ps1 | 6 +----- .../Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 | 2 +- .../Public/Invoke-RemoveConnectionfilterTemplate.ps1 | 2 +- 5 files changed, 5 insertions(+), 9 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 index 1f0edd5c5999..e36aaea55402 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilter.ps1 @@ -5,7 +5,7 @@ Function Invoke-AddConnectionFilter { .FUNCTIONALITY Entrypoint .ROLE - Exchange.SpamFilter.ReadWrite + Exchange.ConnectionFilter.ReadWrite #> [CmdletBinding()] param($Request, $TriggerMetadata) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 index 6246cf8e1069..17b1fd994f4b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddConnectionFilterTemplate.ps1 @@ -5,7 +5,7 @@ Function Invoke-AddConnectionFilterTemplate { .FUNCTIONALITY Entrypoint .ROLE - Exchange.Spamfilter.ReadWrite + Exchange.ConnectionFilter.ReadWrite #> [CmdletBinding()] param($Request, $TriggerMetadata) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 index ce2740708283..61c62cef6d78 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilter.ps1 @@ -5,7 +5,7 @@ Function Invoke-ListConnectionFilter { .FUNCTIONALITY Entrypoint .ROLE - Exchange.SpamFilter.Read + Exchange.ConnectionFilter.Read #> [CmdletBinding()] param($Request, $TriggerMetadata) @@ -16,20 +16,16 @@ Function Invoke-ListConnectionFilter { try { $Policies = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-HostedConnectionFilterPolicy' | Select-Object * -ExcludeProperty *odata*, *data.type* - #$RuleState = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-HostedContentFilterRule' | Select-Object * -ExcludeProperty *odata*, *data.type* - #$GraphRequest = $Policies | Select-Object *, @{l = 'ruleState'; e = { $name = $_.name; ($RuleState | Where-Object name -EQ $name).State } }, @{l = 'rulePrio'; e = { $name = $_.name; ($RuleState | Where-Object name -EQ $name).Priority } } $StatusCode = [HttpStatusCode]::OK } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message $StatusCode = [HttpStatusCode]::Forbidden - #$GraphRequest = $ErrorMessage $Policies = $ErrorMessage } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = $StatusCode - #Body = @($GraphRequest) Body = @($Policies) }) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 index 36ffdbf69e5d..b11f7c512fa8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListConnectionFilterTemplates.ps1 @@ -5,7 +5,7 @@ Function Invoke-ListConnectionFilterTemplates { .FUNCTIONALITY Entrypoint .ROLE - Exchange.SpamFilter.Read + Exchange.ConnectionFilter.Read #> [CmdletBinding()] param($Request, $TriggerMetadata) diff --git a/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 index 5d4a13cca820..19526772e1e6 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 @@ -5,7 +5,7 @@ Function Invoke-RemoveConnectionfilterTemplate { .FUNCTIONALITY Entrypoint .ROLE - Exchange.Spamfilter.ReadWrite + Exchange.ConnectionFilter.ReadWrite #> [CmdletBinding()] param($Request, $TriggerMetadata) From 24062875dc134af0488394b4b0479a6683eeca00 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 2 Jan 2025 16:56:29 -0500 Subject: [PATCH 214/290] onedrive tweaks --- .../Administration/Users/Invoke-ExecOneDriveShortCut.ps1 | 4 ++-- .../Administration/Users/Invoke-ExecOnedriveProvision.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOneDriveShortCut.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOneDriveShortCut.ps1 index ddc282908b68..d34101aa3923 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOneDriveShortCut.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOneDriveShortCut.ps1 @@ -14,10 +14,10 @@ Function Invoke-ExecOneDriveShortCut { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' Try { - $MessageResult = New-CIPPOneDriveShortCut -username $Request.body.username -userid $Request.body.userid -TenantFilter $Request.Body.TenantFilter -URL $Request.body.input -ExecutingUser $request.headers.'x-ms-client-principal' + $MessageResult = New-CIPPOneDriveShortCut -username $Request.Body.username -userid $Request.Body.userid -TenantFilter $Request.Body.tenantFilter -URL $Request.Body.siteUrl.value -ExecutingUser $request.headers.'x-ms-client-principal' $Results = [pscustomobject]@{ 'Results' = "$MessageResult" } } catch { - $Results = [pscustomobject]@{'Results' = "Onedrive Shortcut creation failed: $($_.Exception.Message)" } + $Results = [pscustomobject]@{'Results' = "OneDrive Shortcut creation failed: $($_.Exception.Message)" } } # Associate values to output bindings by calling 'Push-OutputBinding'. diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOnedriveProvision.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOnedriveProvision.ps1 index 2ab46bfed86a..bc84330fccef 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOnedriveProvision.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecOnedriveProvision.ps1 @@ -11,8 +11,9 @@ Function Invoke-ExecOneDriveProvision { param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName + $Params = $Request.Body ?? $Request.Query try { - $State = Request-CIPPSPOPersonalSite -TenantFilter $Request.Query.TenantFilter -UserEmails $Request.Query.UserPrincipalName -ExecutingUser $request.headers.'x-ms-client-principal' -APIName $APINAME + $State = Request-CIPPSPOPersonalSite -TenantFilter $Params.TenantFilter -UserEmails $Params.UserPrincipalName -ExecutingUser $Request.Headers.'x-ms-client-principal' -APIName $APINAME $Results = [pscustomobject]@{'Results' = "$State" } } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message @@ -24,5 +25,4 @@ Function Invoke-ExecOneDriveProvision { StatusCode = [HttpStatusCode]::OK Body = $Results }) - } From 56408ef6508df52b274acb990c3a2592cac0b65c Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 3 Jan 2025 01:07:38 +0100 Subject: [PATCH 215/290] universal search fix --- .../Public/Entrypoints/Invoke-ExecUniversalSearch.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUniversalSearch.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUniversalSearch.ps1 index f16a350fc2c6..e5d18b453a87 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUniversalSearch.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUniversalSearch.ps1 @@ -38,11 +38,11 @@ Function Invoke-ExecUniversalSearch { ) } } | ConvertTo-Json -Depth 10 - $GraphRequest = (New-GraphPOSTRequest -noauthcheck $true -type 'POST' -uri 'https://graph.microsoft.com/beta/tenantRelationships/managedTenants/managedTenantOperations' -tenantid $env:TenantID -body $payload -IgnoreErrors $true) + $GraphRequest = New-GraphPOSTRequest -noauthcheck $true -type 'POST' -uri 'https://graph.microsoft.com/beta/tenantRelationships/managedTenants/managedTenantOperations' -tenantid $env:TenantID -body $payload -IgnoreErrors $true if (!$GraphRequest.result.results) { $GraphRequest = ($GraphRequest.error.message | ConvertFrom-Json).result.results | ConvertFrom-Json | Where-Object { $_.'_TenantId' -in $tenantfilter.customerId } } else { - $GraphRequest.result.Results | ConvertFrom-Json -ErrorAction SilentlyContinue | Where-Object { $_.'_TenantId' -in $tenantfilter.customerId } + $GraphRequest = $GraphRequest.result.Results | ConvertFrom-Json -ErrorAction SilentlyContinue | Where-Object { $_.'_TenantId' -in $tenantfilter.customerId } } $StatusCode = [HttpStatusCode]::OK } catch { From 9487b8cedd29108801cb3ea24ad7c404bb1e2c7e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 2 Jan 2025 20:03:49 -0500 Subject: [PATCH 216/290] fix list sherweb mapping --- .../Public/Sherweb/Get-SherwebMapping.ps1 | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 index 02df30e7cfdf..1fa0f5cbb0f6 100644 --- a/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 +++ b/Modules/CippExtensions/Public/Sherweb/Get-SherwebMapping.ps1 @@ -7,9 +7,8 @@ function Get-SherwebMapping { $ExtensionMappings = Get-ExtensionMapping -Extension 'Sherweb' $Tenants = Get-Tenants -IncludeErrors - $Mappings = foreach ($Mapping in $ExtensionMappings) { - $Tenant = $Tenants | Where-Object { $_.defaultDomainName -eq $Mapping.RowKey } + $Tenant = $Tenants | Where-Object { $_.customerId -eq $Mapping.RowKey } if ($Tenant) { [PSCustomObject]@{ TenantId = $Tenant.customerId @@ -20,10 +19,13 @@ function Get-SherwebMapping { } } } - $Tenants = Get-Tenants -IncludeErrors try { - $SherwebCustomers = Get-SherwebCustomers - + $SherwebCustomers = Get-SherwebCustomers | ForEach-Object { + [PSCustomObject]@{ + name = $_.displayName + value = "$($_.id)" + } + } } catch { $Message = if ($_.ErrorDetails.Message) { Get-NormalizedError -Message $_.ErrorDetails.Message @@ -34,12 +36,7 @@ function Get-SherwebMapping { Write-LogMessage -Message "Could not get Sherweb Companies, error: $Message " -Level Error -tenant 'CIPP' -API 'SherwebMapping' $SherwebCustomers = @(@{name = "Could not get Sherweb Companies, error: $Message"; value = '-1' }) } - $SherwebCustomers = $SherwebCustomers | ForEach-Object { - [PSCustomObject]@{ - name = $_.displayName - value = "$($_.id)" - } - } + $MappingObj = [PSCustomObject]@{ Companies = @($SherwebCustomers) Mappings = @($Mappings) From 968f43c09eb2850f74188efc783db91a23888ed1 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 6 Jan 2025 14:44:31 +0100 Subject: [PATCH 217/290] fixes --- .../Administration/Users/Invoke-ExecSendPush.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 index 67993b221117..38ca6d3d876e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 @@ -13,8 +13,8 @@ Function Invoke-ExecSendPush { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $TenantFilter = $Request.Query.TenantFilter - $UserEmail = $Request.Query.UserEmail + $TenantFilter = $Request.body.TenantFilter + $UserEmail = $Request.body.UserEmail $MFAAppID = '981f26a1-7f43-403b-a875-f8b09b8cd720' # Function to keep trying to get the access token while we wait for MS to actually set the temp password @@ -92,7 +92,7 @@ Function Invoke-ExecSendPush { try { $ClientToken = get-clientaccess -Uri $ClientUri -Body $body } catch { - $Body = 'Failed to create temporary password' + $Body = 'Failed to create temporary token for MFA Application. Error: ' + $_.Exception.Message } # If we got a token send a push @@ -104,6 +104,7 @@ Function Invoke-ExecSendPush { if ($obj.BeginTwoWayAuthenticationResponse.result) { $Body = "Received an MFA confirmation: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)" + $colour = 'success' } if ($obj.BeginTwoWayAuthenticationResponse.AuthenticationResult -ne $true) { $Body = "Authentication Failed! Does the user have Push/Phone call MFA configured? Errorcode: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)" @@ -112,7 +113,7 @@ Function Invoke-ExecSendPush { } - $Results = [pscustomobject]@{'Results' = $Body; state = $colour } + $Results = [pscustomobject]@{'Results' = $Body; severity = $colour } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Sent push request to $UserEmail - Result: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)" -Sev 'Info' Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ From 75887592fb8ae4bbeb05f502cb9ff327b044b4d0 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 10:53:49 -0500 Subject: [PATCH 218/290] supply array for extension sync --- .../CIPP/Extensions/Invoke-ListExtensionSync.ps1 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ListExtensionSync.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ListExtensionSync.ps1 index 8ccf26abd1cc..dd1564a91e73 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ListExtensionSync.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ListExtensionSync.ps1 @@ -50,10 +50,9 @@ Function Invoke-ListExtensionSync { $AllTasksArrayList.Add($TaskEntry) } } - Write-Host ($AllTasksArrayList | ConvertTo-Json -Depth 5 -Compress) - # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK - Body = ConvertTo-Json -Depth 5 -InputObject $($AllTasksArrayList) + Body = ConvertTo-Json -Depth 5 -InputObject @($AllTasksArrayList) }) } From 99225436e94a506c5fe4300588ed1fece2fcc22e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 11:12:32 -0500 Subject: [PATCH 219/290] Create Invoke-ExecCippFunction.ps1 --- .../CIPP/Core/Invoke-ExecCippFunction.ps1 | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 new file mode 100644 index 000000000000..610b77f5ecae --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 @@ -0,0 +1,45 @@ +function Invoke-ExecCippFunction { + <# + .SYNOPSIS + Execute a CIPPCore function + .DESCRIPTION + This function is used to execute a CIPPCore function from an HTTP request. This is advanced functionality used for external integrations or SuperAdmin functionality. + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.SuperAdmin.ReadWrite + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $BlockList = @( + 'Get-GraphToken' + 'Get-GraphTokenFromCert' + 'Get-ClassicAPIToken' + ) + + $Function = $Request.Body.FunctionName + $Params = if ($Request.Body.Parameters) { + $Request.Body.Parameters | ConvertTo-Json -Compress -ErrorAction Stop | ConvertFrom-Json -AsHashtable + } else { + @{} + } + + if (Get-Command -Module CIPPCore -Name $Function -and $BlockList -notcontains $Function) { + try { + $Results = & $Function @Params + $StatusCode = [HttpStatusCode]::OK + } catch { + $Results = $_.Exception.Message + $StatusCode = [HttpStatusCode]::InternalServerError + } + } else { + $Results = "Function $Function not found or not allowed" + $StatusCode = [HttpStatusCode]::NotFound + } + + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = $StatusCode + Body = $Results + }) +} \ No newline at end of file From b3924a348568b90eb13895f2515a711e7c5ae318 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 12:29:58 -0500 Subject: [PATCH 220/290] auth checks --- .../Public/Authentication/Test-CIPPAccess.ps1 | 100 ++++++++++-------- 1 file changed, 54 insertions(+), 46 deletions(-) diff --git a/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 b/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 index f7eea3fda577..b221d89b7ea5 100644 --- a/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 +++ b/Modules/CIPPCore/Public/Authentication/Test-CIPPAccess.ps1 @@ -4,9 +4,18 @@ function Test-CIPPAccess { [switch]$TenantList ) if ($Request.Params.CIPPEndpoint -eq 'ExecSAMSetup') { return $true } + + # Get function help + $FunctionName = 'Invoke-{0}' -f $Request.Params.CIPPEndpoint + $Help = Get-Help $FunctionName + + # Check help for role + $APIRole = $Help.Role + if (!$Request.Headers.'x-ms-client-principal' -or ($Request.Headers.'x-ms-client-principal-id' -and $Request.Headers.'x-ms-client-principal-idp' -eq 'aad')) { # Direct API Access - $IPAddress = $Request.Headers.'x-forwarded-for' -replace ':(?=[^:]*$)', '' -replace '[\[\]]', '' + $IPRegex = '^(?(?:\d{1,3}(?:\.\d{1,3}){3}|\[[0-9a-fA-F:]+\]|[0-9a-fA-F:]+))(?::\d+)?$' + $IPAddress = $Request.Headers.'x-forwarded-for' -replace $IPRegex, '$1' -replace '[\[\]]', '' Write-Information "API Access: AppId=$($Request.Headers.'x-ms-client-principal-id') IP=$IPAddress" # TODO: Implement API Client support, create Get-CippApiClient function @@ -22,11 +31,16 @@ function Test-CIPPAccess { throw 'Access to this CIPP API endpoint is not allowed, the API Client does not have the required permission' } } else { #> - $CustomRoles = @('CIPP-API') + $CustomRoles = @('cipp-api') # } } else { $DefaultRoles = @('admin', 'editor', 'readonly', 'anonymous', 'authenticated') $User = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($Request.Headers.'x-ms-client-principal')) | ConvertFrom-Json + + if (!$TenantList.IsPresent -and $APIRole -match 'SuperAdmin' -and $User.userRoles -notcontains 'superadmin') { + throw 'Access to this CIPP API endpoint is not allowed, the user does not have the required permission' + } + if ($User.userRoles -contains 'admin' -or $User.userRoles -contains 'superadmin') { if ($TenantList.IsPresent) { return @('AllTenants') @@ -66,57 +80,51 @@ function Test-CIPPAccess { } return $LimitedTenantList } + foreach ($Role in $PermissionSet) { + # Loop through each custom role permission and check API / Tenant access + $TenantAllowed = $false + $APIAllowed = $false - if (($PermissionSet | Measure-Object).Count -eq 0) { - return $true - } else { - $FunctionName = 'Invoke-{0}' -f $Request.Params.CIPPEndpoint - $Help = Get-Help $FunctionName - # Check API for required role - $APIRole = $Help.Role - foreach ($Role in $PermissionSet) { - # Loop through each custom role permission and check API / Tenant access - $TenantAllowed = $false - $APIAllowed = $false - foreach ($Perm in $Role.Permissions) { - if ($Perm -match $APIRole) { - $APIAllowed = $true - break - } + foreach ($Perm in $Role.Permissions) { + if ($Perm -match $APIRole) { + $APIAllowed = $true + break } - if ($APIAllowed) { - # Check tenant level access - if (($Role.BlockedTenants | Measure-Object).Count -eq 0 -and $Role.AllowedTenants -contains 'AllTenants') { - $TenantAllowed = $true - } elseif ($Request.Query.TenantFilter -eq 'AllTenants' -or $Request.Body.TenantFilter -eq 'AllTenants') { - $TenantAllowed = $false + } + + if ($APIAllowed) { + # Check tenant level access + if (($Role.BlockedTenants | Measure-Object).Count -eq 0 -and $Role.AllowedTenants -contains 'AllTenants') { + $TenantAllowed = $true + } elseif ($Request.Query.TenantFilter -eq 'AllTenants' -or $Request.Body.TenantFilter -eq 'AllTenants') { + $TenantAllowed = $false + } else { + $Tenant = ($Tenants | Where-Object { $Request.Query.TenantFilter -eq $_.customerId -or $Request.Body.TenantFilter -eq $_.customerId -or $Request.Query.TenantFilter -eq $_.defaultDomainName -or $Request.Body.TenantFilter -eq $_.defaultDomainName }).customerId + if ($Role.AllowedTenants -contains 'AllTenants') { + $AllowedTenants = $Tenants.customerId } else { - $Tenant = ($Tenants | Where-Object { $Request.Query.TenantFilter -eq $_.customerId -or $Request.Body.TenantFilter -eq $_.customerId -or $Request.Query.TenantFilter -eq $_.defaultDomainName -or $Request.Body.TenantFilter -eq $_.defaultDomainName }).customerId - if ($Role.AllowedTenants -contains 'AllTenants') { - $AllowedTenants = $Tenants.customerId - } else { - $AllowedTenants = $Role.AllowedTenants - } - if ($Tenant) { - $TenantAllowed = $AllowedTenants -contains $Tenant -and $Role.BlockedTenants -notcontains $Tenant - if (!$TenantAllowed) { continue } - break - } else { - $TenantAllowed = $true - break - } + $AllowedTenants = $Role.AllowedTenants + } + if ($Tenant) { + $TenantAllowed = $AllowedTenants -contains $Tenant -and $Role.BlockedTenants -notcontains $Tenant + if (!$TenantAllowed) { continue } + break + } else { + $TenantAllowed = $true + break } } } - if (!$APIAllowed) { - throw "Access to this CIPP API endpoint is not allowed, the '$($Role.Role)' custom role does not have the required permission: $APIRole" - } - if (!$TenantAllowed) { - throw 'Access to this tenant is not allowed' - } else { - return $true - } } + if (!$APIAllowed) { + throw "Access to this CIPP API endpoint is not allowed, the '$($Role.Role)' custom role does not have the required permission: $APIRole" + } + if (!$TenantAllowed) { + throw 'Access to this tenant is not allowed' + } else { + return $true + } + } else { # No permissions found for any roles if ($TenantList.IsPresent) { From 0faa6d1233526df7957c5ebb9001e941fce118be Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 14:08:39 -0500 Subject: [PATCH 221/290] switch version checks to semver --- Modules/CIPPCore/Public/Assert-CippVersion.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Assert-CippVersion.ps1 b/Modules/CIPPCore/Public/Assert-CippVersion.ps1 index 621c1f6d4cac..6642364a0a23 100644 --- a/Modules/CIPPCore/Public/Assert-CippVersion.ps1 +++ b/Modules/CIPPCore/Public/Assert-CippVersion.ps1 @@ -14,14 +14,15 @@ function Assert-CippVersion { $APIVersion = (Get-Content 'version_latest.txt' -Raw).trim() $RemoteAPIVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP-API/master/version_latest.txt').trim() - $RemoteCIPPVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP/master/public/version_latest.txt').trim() + $RemoteCIPPVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP/main/public/version_latest.txt').trim() + [PSCustomObject]@{ LocalCIPPVersion = $CIPPVersion RemoteCIPPVersion = $RemoteCIPPVersion LocalCIPPAPIVersion = $APIVersion RemoteCIPPAPIVersion = $RemoteAPIVersion - OutOfDateCIPP = ([version]$RemoteCIPPVersion -gt [version]$CIPPVersion) - OutOfDateCIPPAPI = ([version]$RemoteAPIVersion -gt [version]$APIVersion) + OutOfDateCIPP = ([semver]$RemoteCIPPVersion -gt [semver]$CIPPVersion) + OutOfDateCIPPAPI = ([semver]$RemoteAPIVersion -gt [semver]$APIVersion) } } From 28456684f252aa2a9ca5b23bad8960cfab88a781 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 14:28:23 -0500 Subject: [PATCH 222/290] Improve response time on queue job list --- Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 index 209432df45dd..f4ac18622e4d 100644 --- a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 +++ b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 @@ -17,7 +17,8 @@ function Invoke-ListCippQueue { $CippQueue = Get-CippTable -TableName 'CippQueue' $CippQueueTasks = Get-CippTable -TableName 'CippQueueTasks' - $CippQueueData = Get-CIPPAzDataTableEntity @CippQueue | Where-Object { ($_.Timestamp.DateTime) -ge (Get-Date).ToUniversalTime().AddHours(-3) } | Sort-Object -Property Timestamp -Descending + $3HoursAgo = (Get-Date).ToUniversalTime().AddHours(-3).ToString('yyyy-MM-ddTHH:mm:ssZ') + $CippQueueData = Get-CIPPAzDataTableEntity @CippQueue -Filter "Timestamp ge datetime'$3HoursAgo'" | Sort-Object -Property Timestamp -Descending $QueueData = foreach ($Queue in $CippQueueData) { $Tasks = Get-CIPPAzDataTableEntity @CippQueueTasks -Filter "QueueId eq '$($Queue.RowKey)'" | Where-Object { $_.Name } | Select-Object Timestamp, Name, Status From 8c1593a99ee25831e2828a12e1698aeb1c29368d Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 15:00:22 -0500 Subject: [PATCH 223/290] improve timestamps in queue --- Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 index f4ac18622e4d..7914041f8cf4 100644 --- a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 +++ b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 @@ -21,7 +21,7 @@ function Invoke-ListCippQueue { $CippQueueData = Get-CIPPAzDataTableEntity @CippQueue -Filter "Timestamp ge datetime'$3HoursAgo'" | Sort-Object -Property Timestamp -Descending $QueueData = foreach ($Queue in $CippQueueData) { - $Tasks = Get-CIPPAzDataTableEntity @CippQueueTasks -Filter "QueueId eq '$($Queue.RowKey)'" | Where-Object { $_.Name } | Select-Object Timestamp, Name, Status + $Tasks = Get-CIPPAzDataTableEntity @CippQueueTasks -Filter "QueueId eq '$($Queue.RowKey)'" | Where-Object { $_.Name } | Select-Object @{n = 'Timestamp'; exp = { $_.Timestamp.DateTime.ToUniversalTime() } }, Name, Status $TaskStatus = @{} $Tasks | Group-Object -Property Status | ForEach-Object { $TaskStatus.$($_.Name) = $_.Count @@ -59,7 +59,7 @@ function Invoke-ListCippQueue { PercentRunning = [math]::Round((($TotalRunning / $Queue.TotalTasks) * 100), 1) Tasks = @($Tasks) Status = $Queue.Status - Timestamp = $Queue.Timestamp + Timestamp = $Queue.Timestamp.DateTime.ToUniversalTime() } } From c096833c0746f1b7c71886778c288634b852c3b5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 16:18:47 -0500 Subject: [PATCH 224/290] Update version_latest.txt --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index 66ce77b7ead5..66d7502ec601 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.0 +7.0.0-rc3 \ No newline at end of file From abac6a6235b9fc31bb7efea867a2d348103c20db Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 16:26:17 -0500 Subject: [PATCH 225/290] Create publish_prerelease.yml --- .github/workflows/publish_prerelease.yml | 95 ++++++++++++++++++++++++ 1 file changed, 95 insertions(+) create mode 100644 .github/workflows/publish_prerelease.yml diff --git a/.github/workflows/publish_prerelease.yml b/.github/workflows/publish_prerelease.yml new file mode 100644 index 000000000000..860577eb53c4 --- /dev/null +++ b/.github/workflows/publish_prerelease.yml @@ -0,0 +1,95 @@ +name: Generate Release Notes and Upload + +on: + push: + branches: + - pre-release + +permissions: + contents: write + +jobs: + release: + if: github.event.repository.fork == false && github.event_name == 'push' + name: Generate Release Notes and Upload to Azure + runs-on: ubuntu-latest + + steps: + # Checkout the repository + - name: Checkout Code + uses: actions/checkout@v3 + + # Read and Trim Version + - name: Read and Trim Version + id: get_version + run: | + if [ ! -f version_latest.txt ]; then + echo "Error: version_latest.txt not found!" + exit 1 + fi + VERSION=$(cat version_latest.txt | tr -d '[:space:]') + if [ -z "$VERSION" ]; then + echo "Error: version_latest.txt is empty after trimming!" + exit 1 + fi + echo "version=$VERSION" >> $GITHUB_OUTPUT + + # Exit if Tag Already Exists + - name: Check if Tag Exists + id: tag_check + run: | + git fetch --tags + if git rev-parse "refs/tags/${{ steps.get_version.outputs.version }}" >/dev/null 2>&1; then + echo "tag_exists=true" >> $GITHUB_ENV + echo "Tag ${{ steps.get_version.outputs.version }} already exists. Exiting workflow successfully." + else + echo "tag_exists=false" >> $GITHUB_ENV + fi + + # Generate Release Notes + - name: Generate Release Notes + id: changelog + if: env.tag_exists == 'false' + uses: mikepenz/release-changelog-builder-action@v5.0.0 + with: + configuration: .github/release-changelog-config.yml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Create a new release tag + - name: Create GitHub Release + if: env.tag_exists == 'false' + uses: ncipollo/release-action@v1.14.0 + with: + tag: ${{ steps.get_version.outputs.version }} + name: "v${{ steps.get_version.outputs.version }}" + draft: false + prerelease: true + body: ${{ steps.changelog.outputs.changelog }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Create ZIP File in a New Source Directory + - name: Prepare and Zip Release Files + if: env.tag_exists == 'false' + run: | + mkdir -p src/releases + zip -r src/releases/release_${{ steps.get_version.outputs.version }}.zip . \ + --exclude "./src/releases/*" \ + --exclude ".*" \ + --exclude ".*/**" + zip -r src/releases/beta.zip . \ + --exclude "./src/releases/*" \ + --exclude ".*" \ + --exclude ".*/**" + + # Upload to Azure Blob Storage + - name: Azure Blob Upload with Destination folder defined + if: env.tag_exists == 'false' + uses: LanceMcCarthy/Action-AzureBlobUpload@v3.3.0 + with: + connection_string: ${{ secrets.AZURE_CONNECTION_STRING }} + container_name: cipp-releases + source_folder: src/releases/ + destination_folder: /cipp-api/ + delete_if_exists: true \ No newline at end of file From c1fb20d280ae7b0373c1a440374b04e8f42b0ee1 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 16:29:18 -0500 Subject: [PATCH 226/290] Update publish_prerelease.yml --- .github/workflows/publish_prerelease.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish_prerelease.yml b/.github/workflows/publish_prerelease.yml index 860577eb53c4..1c33745d90d7 100644 --- a/.github/workflows/publish_prerelease.yml +++ b/.github/workflows/publish_prerelease.yml @@ -89,7 +89,7 @@ jobs: uses: LanceMcCarthy/Action-AzureBlobUpload@v3.3.0 with: connection_string: ${{ secrets.AZURE_CONNECTION_STRING }} - container_name: cipp-releases + container_name: cipp-api source_folder: src/releases/ - destination_folder: /cipp-api/ + destination_folder: / delete_if_exists: true \ No newline at end of file From 83cb46af1ac80556eccded7c7ba2f7945ff07058 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 16:36:59 -0500 Subject: [PATCH 227/290] Update publish_prerelease.yml --- .github/workflows/publish_prerelease.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/publish_prerelease.yml b/.github/workflows/publish_prerelease.yml index 1c33745d90d7..f97a41057070 100644 --- a/.github/workflows/publish_prerelease.yml +++ b/.github/workflows/publish_prerelease.yml @@ -51,8 +51,6 @@ jobs: id: changelog if: env.tag_exists == 'false' uses: mikepenz/release-changelog-builder-action@v5.0.0 - with: - configuration: .github/release-changelog-config.yml env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 41eb64498ff6753523a0c25d1ebdc0c655e47e24 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 6 Jan 2025 22:16:26 -0500 Subject: [PATCH 228/290] Fix exchange connectors --- .../Email-Exchange/Invoke-EditExConnector.ps1 | 29 +++++++++---------- .../Invoke-ListExConnectorTemplates.ps1 | 4 +-- .../Public/Invoke-RemoveExConnector.ps1 | 16 +++++----- .../Invoke-RemoveExConnectorTemplate.ps1 | 4 +-- 4 files changed, 26 insertions(+), 27 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditExConnector.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditExConnector.ps1 index b1c622f621fd..35b181507cda 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditExConnector.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditExConnector.ps1 @@ -11,23 +11,22 @@ Function Invoke-EditExConnector { param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenantfilter = $request.Query.tenantfilter - - - $Params = @{ - Identity = $request.query.guid - } - + Write-LogMessage -user $Request.Headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $Tenantfilter = $request.Query.tenantfilter ?? $Request.Body.tenantfilter try { - $state = if ($request.query.state -eq 'enable') { $true } else { $false } - $Params = @{ Identity = $request.query.GUID; Enabled = $state } - $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Set-$($Request.query.Type)Connector" -cmdParams $params -UseSystemMailbox $true - $Result = "Set Connector $($Request.query.guid) to $($request.query.State)" + $ConnectorState = $Request.Query.State ?? $Request.Body.State + $State = if ($ConnectorState -eq 'enable') { $true } else { $false } + $Guid = $Request.Query.GUID ?? $Request.Body.GUID + $type = $Request.Query.Type ?? $Request.Body.Type + $Params = @{ + Identity = $Guid + Enabled = $State + } + $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Set-$($Type)Connector" -cmdParams $params -UseSystemMailbox $true + $Result = "Set Connector $($Guid) to $($ConnectorState)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Set Connector $($Request.query.guid) to $($request.query.State)" -sev 'Info' - } - catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Failed setting Connector $($Request.query.guid) to $($request.query.State). Error:$($_.Exception.Message)" -Sev 'Error' + } catch { + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantfilter -message "Failed setting Connector $($Guid) to $($ConnectorState). Error:$($_.Exception.Message)" -Sev 'Error' $ErrorMessage = Get-NormalizedError -Message $_.Exception $Result = $ErrorMessage } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListExConnectorTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListExConnectorTemplates.ps1 index 8c96c119f2f0..7fbe2e3ab83c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListExConnectorTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListExConnectorTemplates.ps1 @@ -21,8 +21,8 @@ Function Invoke-ListExConnectorTemplates { $GUID = $_.RowKey $Direction = $_.direction $data = $_.JSON | ConvertFrom-Json - $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID - $data | Add-Member -NotePropertyName 'cippconnectortype' -NotePropertyValue $Direction + $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID -Force + $data | Add-Member -NotePropertyName 'cippconnectortype' -NotePropertyValue $Direction -Force $data } | Sort-Object -Property displayName diff --git a/Modules/CIPPCore/Public/Invoke-RemoveExConnector.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveExConnector.ps1 index 84cdfc72e91c..f5d3b9b141fd 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveExConnector.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveExConnector.ps1 @@ -13,17 +13,17 @@ Function Invoke-RemoveExConnector { $APIName = $TriggerMetadata.FunctionName $User = $request.headers.'x-ms-client-principal' Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Tenantfilter = $request.Query.tenantfilter - + $Tenantfilter = $request.Query.tenantfilter ?? $Request.Body.tenantfilter + $Type = $Request.Query.Type ?? $Request.Body.Type try { - - $Params = @{ Identity = $request.query.GUID } - $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Remove-$($Request.query.Type)Connector" -cmdParams $params -useSystemMailbox $true - $Result = "Deleted $($Request.query.guid)" - Write-LogMessage -user $User -API $APIName -tenant $tenantfilter -message "Deleted transport rule $($Request.query.guid)" -sev Debug + $Guid = $Request.Query.GUID ?? $Request.Body.GUID + $Params = @{ Identity = $Guid } + $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet "Remove-$($Type)Connector" -cmdParams $params -useSystemMailbox $true + $Result = "Deleted $($Guid)" + Write-LogMessage -user $User -API $APIName -tenant $tenantfilter -message "Deleted transport rule $($Guid)" -sev Debug } catch { $ErrorMessage = Get-CippException -Exception $_ - Write-LogMessage -user $User -API $APIName -tenant $tenantfilter -message "Failed deleting transport rule $($Request.query.guid). Error:$($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + Write-LogMessage -user $User -API $APIName -tenant $tenantfilter -message "Failed deleting transport rule $($Guid). Error:$($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage $Result = $ErrorMessage.NormalizedError } # Associate values to output bindings by calling 'Push-OutputBinding'. diff --git a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 index 6789c97a6c4c..34100f0acb96 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 @@ -14,10 +14,10 @@ Function Invoke-RemoveExConnectorTemplate { $User = $request.headers.'x-ms-client-principal' Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $ID = $request.query.id + $ID = $Request.Query.ID ?? $Request.Body.ID try { $Table = Get-CippTable -tablename 'templates' - $Filter = "PartitionKey eq 'ExConnectorTemplate' and RowKey eq '$id'" + $Filter = "PartitionKey eq 'ExConnectorTemplate' and RowKey eq '$ID'" $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey Remove-AzDataTableEntity -Force @Table -Entity $clearRow Write-LogMessage -user $User -API $APINAME -message "Removed Exchange Connector Template with ID $ID." -Sev 'Info' From 5ec4ad6e43384ba8002b7bf5b7e334526589500f Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 7 Jan 2025 14:28:15 +0100 Subject: [PATCH 229/290] introducing hibp --- .../Extensions/Invoke-ExecExtensionTest.ps1 | 6 +++- .../Invoke-ListBreachesAccount.ps1 | 23 +++++++++++++ .../Entrypoints/Invoke-ListBreachesTenant.ps1 | 34 +++++++++++++++++++ .../Public/HIBP/Get-HIBPAuth.ps1 | 17 ++++++++++ .../Public/HIBP/Get-HIBPConnectionTest.ps1 | 8 +++++ .../Public/HIBP/Get-HIBPRequest.ps1 | 17 ++++++++++ 6 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 create mode 100644 Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 create mode 100644 Modules/CippExtensions/Public/HIBP/Get-HIBPConnectionTest.ps1 create mode 100644 Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 index c8078ed93509..3a61241b5753 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionTest.ps1 @@ -59,9 +59,13 @@ Function Invoke-ExecExtensionTest { $token = Get-SherwebAuthentication $Results = [pscustomobject]@{'Results' = 'Successfully Connected to Sherweb' } } + 'HIBP' { + $ConnectionTest = Get-HIBPConnectionTest + $Results = [pscustomobject]@{'Results' = 'Successfully Connected to HIBP' } + } } } catch { - $Results = [pscustomobject]@{'Results' = "Failed to connect: $($_.Exception.Message) $($_.InvocationInfo.ScriptLineNumber)" } + $Results = [pscustomobject]@{'Results' = "Failed to connect: $($_.Exception.Message). Line $($_.InvocationInfo.ScriptLineNumber)" } } # Associate values to output bindings by calling 'Push-OutputBinding'. diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 new file mode 100644 index 000000000000..03473f343622 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 @@ -0,0 +1,23 @@ +using namespace System.Net + +Function Invoke-ListBreachesAccount { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.Core.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + + $Results = Get-HIBPRequest "breachedaccount/$($Request.query.account)?truncateResponse=false" + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @($results) + }) + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 new file mode 100644 index 000000000000..61dd7a122404 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 @@ -0,0 +1,34 @@ +using namespace System.Net + +Function Invoke-ListBreachesTenant { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.Core.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $users = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$select=UserPrincipalName,mail" -tenantid $Request.query.TenantFilter + $usersResults = foreach ($user in $users) { + $Results = Get-HIBPRequest "breachedaccount/$($user.UserPrincipalName)?truncateResponse=true" + if ($null -eq $Results) { + $Results = 'No breaches found.' + } + [PSCustomObject]@{ + user = $user.UserPrincipalName + breaches = $Results + } + } + + + # Associate values to output bindings by calling 'Push-OutputBinding'. + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @($usersResults) + }) + +} diff --git a/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 b/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 new file mode 100644 index 000000000000..1d3459ed4506 --- /dev/null +++ b/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 @@ -0,0 +1,17 @@ +function Get-HIBPAuth { + if ($env:AzureWebJobsStorage -eq 'UseDevelopmentStorage=true') { + $DevSecretsTable = Get-CIPPTable -tablename 'DevSecrets' + $Secret = (Get-CIPPAzDataTableEntity @DevSecretsTable -Filter "PartitionKey eq 'HIBP' and RowKey eq 'HIBP'").APIKey + } else { + $null = Connect-AzAccount -Identity + $VaultName = ($ENV:WEBSITE_DEPLOYMENT_ID -split '-')[0] + $Secret = Get-AzKeyVaultSecret -VaultName $VaultName -Name 'HIBP' -AsPlainText + } + + return @{ + 'User-Agent' = "CIPP-$($ENV:TenantId)" + 'Accept' = 'application/json' + 'api-version' = '3' + 'hibp-api-key' = $Secret + } +} diff --git a/Modules/CippExtensions/Public/HIBP/Get-HIBPConnectionTest.ps1 b/Modules/CippExtensions/Public/HIBP/Get-HIBPConnectionTest.ps1 new file mode 100644 index 000000000000..2cbf90eb7e8e --- /dev/null +++ b/Modules/CippExtensions/Public/HIBP/Get-HIBPConnectionTest.ps1 @@ -0,0 +1,8 @@ +function Get-HIBPConnectionTest { + $uri = 'https://haveibeenpwned.com/api/v3/subscription/status' + try { + Invoke-RestMethod -Uri $uri -Headers (Get-HIBPAuth) + } catch { + throw "Failed to connect to HIBP: $($_.Exception.Message)" + } +} diff --git a/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 b/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 new file mode 100644 index 000000000000..2f6de9d51e1d --- /dev/null +++ b/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 @@ -0,0 +1,17 @@ +function Get-HIBPRequest { + [CmdletBinding()] + param ( + [Parameter()]$endpoint + + ) + $uri = "https://haveibeenpwned.com/api/v3/$endpoint" + try { + Invoke-RestMethod -Uri $uri -Headers (Get-HIBPAuth) + } catch { + #If the error is a 404, it means no breach has been found. Return an empty object. + if ($_.Exception.Response.StatusCode -eq 404) { + return @() + } + throw "Failed to connect to HIBP: $($_.Exception.Message)" + } +} From fd89089f3969e40eef83348ee533120cbac377cb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 11:55:10 -0500 Subject: [PATCH 230/290] fix large backups --- .../HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 | 1 + Modules/CIPPCore/Public/Get-CIPPAzDatatableEntity.ps1 | 1 + Modules/CIPPCore/Public/Get-CIPPBackup.ps1 | 4 ++-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 index ded6b8feaded..268f91caac18 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 @@ -25,6 +25,7 @@ Function Invoke-ExecListBackup { } $Result = Get-CIPPBackup @CippBackupParams + Write-Host ($Result | ConvertTo-Json) if ($request.Query.NameOnly) { $Result = $Result | Select-Object @{Name = 'BackupName'; exp = { $_.RowKey } }, Timestamp | Sort-Object Timestamp -Descending } diff --git a/Modules/CIPPCore/Public/Get-CIPPAzDatatableEntity.ps1 b/Modules/CIPPCore/Public/Get-CIPPAzDatatableEntity.ps1 index fd5676683860..f7f6362b8e22 100644 --- a/Modules/CIPPCore/Public/Get-CIPPAzDatatableEntity.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPAzDatatableEntity.ps1 @@ -59,6 +59,7 @@ function Get-CIPPAzDataTableEntity { } $fullEntity | Add-Member -MemberType NoteProperty -Name 'PartitionKey' -Value $parts[0].PartitionKey -Force $fullEntity | Add-Member -MemberType NoteProperty -Name 'RowKey' -Value $entityId -Force + $fullEntity | Add-Member -MemberType NoteProperty -Name 'Timestamp' -Value $parts[0].Timestamp -Force $finalResults = $finalResults + @($fullEntity) } else { $finalResults = $finalResults + @($entityData.Entity) diff --git a/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 b/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 index dab2f5b63a26..91d29ac8ec0f 100644 --- a/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPBackup.ps1 @@ -16,11 +16,11 @@ function Get-CIPPBackup { $Conditions.Add("TenantFilter eq '$($TenantFilter)'") } if ($Name) { - $Conditions.Add("RowKey eq '$($Name)'") + $Conditions.Add("RowKey eq '$($Name)' or OriginalEntityId eq '$($Name)'") } if ($NameOnly.IsPresent) { - $Table.Property = @('PartitionKey', 'RowKey', 'Timestamp') + $Table.Property = @('PartitionKey', 'RowKey', 'Timestamp', 'OriginalEntityId') } $Filter = $Conditions -join ' and ' From 5b3b68cd462ecd6d97315e0a41844e91216f62cc Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 12:32:33 -0500 Subject: [PATCH 231/290] fix group edit from users list --- .../Groups/Invoke-EditGroup.ps1 | 72 ++++++++++--------- 1 file changed, 37 insertions(+), 35 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 index cbdb2dfb993d..2a56ba875dca 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-EditGroup.ps1 @@ -20,26 +20,28 @@ Function Invoke-EditGroup { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - $AddMembers = ($userobj.Addmember).value - $userobj.groupId = $userobj.groupId.value ? $userobj.groupId.value : $userobj.groupId + $AddMembers = ($userobj.Addmember).value ?? $userobj.AddMember + $userobj.groupId = $userobj.groupId.value ?? $userobj.groupId + + $TenantId = $userobj.tenantid ?? $userobj.tenantFilter if ($AddMembers) { $AddMembers | ForEach-Object { try { $member = $_ if ($member -like '*#EXT#*') { $member = [System.Web.HttpUtility]::UrlEncode($member) } - $MemberIDs = 'https://graph.microsoft.com/v1.0/directoryObjects/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($member)" -tenantid $Userobj.tenantid).id + $MemberIDs = 'https://graph.microsoft.com/v1.0/directoryObjects/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($member)" -tenantid $TenantId).id $addmemberbody = "{ `"members@odata.bind`": $(ConvertTo-Json @($MemberIDs)) }" if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $userobj.groupid; Member = $member; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + New-ExoRequest -tenantid $TenantId -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)" -tenantid $Userobj.tenantid -type patch -body $addmemberbody -Verbose + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)" -tenantid $TenantId -type patch -body $addmemberbody -Verbose } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Added $member to $($GroupName) group" -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Added $member to $($GroupName) group" -Sev 'Info' $null = $results.add("Success. $member has been added to $($GroupName)") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to add member $member to $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to add member $member to $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' $null = $results.add("Failed to add member $member to $($GroupName): $($_.Exception.Message)") } } @@ -53,11 +55,11 @@ Function Invoke-EditGroup { $member = $_ if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $userobj.groupid; Member = $member; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added $member to $($GroupName) group" -Sev 'Info' + New-ExoRequest -tenantid $TenantId -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message "Added $member to $($GroupName) group" -Sev 'Info' $null = $results.add("Success. $member has been added to $($GroupName)") } else { - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message 'You cannot add a contact to a security group' -Sev 'Error' + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message 'You cannot add a contact to a security group' -Sev 'Error' $null = $results.add('You cannot add a contact to a security group') } } catch { @@ -75,17 +77,17 @@ Function Invoke-EditGroup { if ($member -like '*#EXT#*') { $member = [System.Web.HttpUtility]::UrlEncode($member) } if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $userobj.groupid; Member = $member ; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + New-ExoRequest -tenantid $TenantId -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { - $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE + $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantId) + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $TenantId -type DELETE } - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' $null = $results.add("Success. Member $member has been removed from $($GroupName)") } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveContact from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to remove $RemoveContact from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' $null = $results.add("Could not remove $RemoveContact from $($GroupName). $($_.Exception.Message)") } @@ -98,17 +100,17 @@ Function Invoke-EditGroup { if ($member -like '*#EXT#*') { $member = [System.Web.HttpUtility]::UrlEncode($member) } if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $userobj.groupid; Member = $member ; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + New-ExoRequest -tenantid $TenantId -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { - $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE + $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantId) + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/members/$($MemberInfo.id)/`$ref" -tenantid $TenantId -type DELETE } - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message "Removed $member from $($GroupName) group" -Sev 'Info' $null = $results.add("Success. Member $member has been removed from $($GroupName)") } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' $null = $results.add("Could not remove $RemoveMembers from $($GroupName). $($_.Exception.Message)") } @@ -117,10 +119,10 @@ Function Invoke-EditGroup { if ($AddOwners) { $AddOwners | ForEach-Object { try { - $ID = 'https://graph.microsoft.com/beta/users/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid).id + $ID = 'https://graph.microsoft.com/beta/users/' + (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantId).id Write-Host $ID - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/`$ref" -tenantid $Userobj.tenantid -type POST -body ('{"@odata.id": "' + $ID + '"}') - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Added owner $_ to $($GroupName) group" -Sev 'Info' + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/`$ref" -tenantid $TenantId -type POST -body ('{"@odata.id": "' + $ID + '"}') + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message "Added owner $_ to $($GroupName) group" -Sev 'Info' $null = $results.add("Success. $_ has been added $($GroupName)") } catch { $null = $results.add("Failed to add owner $_ to $($GroupName): Error:$($_.Exception.Message)") @@ -130,7 +132,7 @@ Function Invoke-EditGroup { } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -tenant $Userobj.tenantid -API $APINAME -message "Add member API failed. $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -tenant $TenantId -API $APINAME -message "Add member API failed. $($_.Exception.Message)" -Sev 'Error' } $RemoveOwners = ($userobj.RemoveOwner).value @@ -138,9 +140,9 @@ Function Invoke-EditGroup { if ($RemoveOwners) { $RemoveOwners | ForEach-Object { try { - $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $Userobj.tenantid) - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/$($MemberInfo.id)/`$ref" -tenantid $Userobj.tenantid -type DELETE - Write-LogMessage -API $APINAME -tenant $Userobj.tenantid -user $request.headers.'x-ms-client-principal' -message "Removed $($MemberInfo.UserPrincipalname) from $($userobj.displayname) group" -Sev 'Info' + $MemberInfo = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($_)" -tenantid $TenantId) + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($userobj.groupid)/owners/$($MemberInfo.id)/`$ref" -tenantid $TenantId -type DELETE + Write-LogMessage -API $APINAME -tenant $TenantId -user $request.headers.'x-ms-client-principal' -message "Removed $($MemberInfo.UserPrincipalname) from $($userobj.displayname) group" -Sev 'Info' $null = $results.add("Success. Member $_ has been removed from $($GroupName)") } catch { $null = $results.add("Failed to remove $_ from $($GroupName): $($_.Exception.Message)") @@ -148,17 +150,17 @@ Function Invoke-EditGroup { } } } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to remove $RemoveMembers from $($GroupName). Error:$($_.Exception.Message)" -Sev 'Error' $body = $results.add("Could not remove $RemoveMembers from $($GroupName). $($_.Exception.Message)") } if ($userobj.allowExternal -eq 'true') { try { - Set-CIPPGroupAuthentication -ID $userobj.mail -GroupType $GroupType -tenantFilter $Userobj.tenantid -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' + Set-CIPPGroupAuthentication -ID $userobj.mail -GroupType $GroupType -tenantFilter $TenantId -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' $body = $results.add("Allowed external senders to send to $($userobj.mail).") } catch { $body = $results.add("Failed to allow external senders to send to $($userobj.mail).") - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to allow external senders for $($userobj.mail). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to allow external senders for $($userobj.mail). Error:$($_.Exception.Message)" -Sev 'Error' } } @@ -166,22 +168,22 @@ Function Invoke-EditGroup { if ($userobj.sendCopies -eq 'true') { try { $Params = @{ Identity = $userobj.Groupid; subscriptionEnabled = $true; AutoSubscribeNewMembers = $true } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Set-UnifiedGroup' -cmdParams $params -useSystemMailbox $true + New-ExoRequest -tenantid $TenantId -cmdlet 'Set-UnifiedGroup' -cmdParams $params -useSystemMailbox $true $MemberParams = @{ Identity = $userobj.Groupid; LinkType = 'members' } - $Members = New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Get-UnifiedGrouplinks' -cmdParams $MemberParams + $Members = New-ExoRequest -tenantid $TenantId -cmdlet 'Get-UnifiedGrouplinks' -cmdParams $MemberParams $MemberSmtpAddresses = $Members | ForEach-Object { $_.PrimarySmtpAddress } $subscriberParams = @{ Identity = $userobj.Groupid; LinkType = 'subscribers'; Links = @($MemberSmtpAddresses) } - New-ExoRequest -tenantid $Userobj.tenantid -cmdlet 'Add-UnifiedGrouplinks' -cmdParams $subscriberParams -Anchor $userobj.mail + New-ExoRequest -tenantid $TenantId -cmdlet 'Add-UnifiedGrouplinks' -cmdParams $subscriberParams -Anchor $userobj.mail $body = $results.add("Send Copies of team emails and events to team members inboxes for $($userobj.mail) enabled.") - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Send Copies of team emails and events to team members inboxes for $($userobj.mail) enabled." -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Send Copies of team emails and events to team members inboxes for $($userobj.mail) enabled." -Sev 'Info' } catch { $body = $results.add("Failed to Send Copies of team emails and events to team members inboxes for $($userobj.mail).") - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Userobj.tenantid -message "Failed to Send Copies of team emails and events to team members inboxes for $($userobj.mail). Error:$($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantId -message "Failed to Send Copies of team emails and events to team members inboxes for $($userobj.mail). Error:$($_.Exception.Message)" -Sev 'Error' } } From 0971049c1c9bb2a412cf7498fab3ee73c62e2515 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 14:39:29 -0500 Subject: [PATCH 232/290] CA policy tweaks --- .../Conditional/Invoke-ListConditionalAccessPolicies.ps1 | 4 ++-- Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1 index 9bf0ae558577..63d372e6c1c7 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1 @@ -174,8 +174,8 @@ Function Invoke-ListConditionalAccessPolicies { displayName = $cap.displayName customer = $cap.Customer tenantID = $cap.TenantID - createdDateTime = $(if (![string]::IsNullOrEmpty($cap.createdDateTime)) { [datetime]$cap.createdDateTime | Get-Date -Format 'yyyy-MM-dd HH:mm' }else { '' }) - modifiedDateTime = $(if (![string]::IsNullOrEmpty($cap.modifiedDateTime)) { [datetime]$cap.modifiedDateTime | Get-Date -Format 'yyyy-MM-dd HH:mm' }else { '' }) + createdDateTime = $(if (![string]::IsNullOrEmpty($cap.createdDateTime)) { [datetime]$cap.createdDateTime } else { '' }) + modifiedDateTime = $(if (![string]::IsNullOrEmpty($cap.modifiedDateTime)) { [datetime]$cap.modifiedDateTime }else { '' }) state = $cap.state clientAppTypes = ($cap.conditions.clientAppTypes) -join ',' includePlatforms = ($cap.conditions.platforms.includePlatforms) -join ',' diff --git a/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 index f84ed7466f45..ba2931f410b9 100644 --- a/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 +++ b/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 @@ -19,7 +19,7 @@ Function Invoke-RemoveCAPolicy { $policyId = $Request.Query.GUID if (!$policyId) { exit } try { - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/$($policyId)" -type DELETE -tenant $TenantFilter + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/$($policyId)" -type DELETE -tenant $TenantFilter -asapp $true Write-LogMessage -user $User -API $APINAME -message "Deleted CA Policy $policyId" -Sev 'Info' -tenant $TenantFilter $body = [pscustomobject]@{'Results' = 'Successfully deleted the policy' } From 8173fe7bff46d52e4bf9857f743ace83689224fc Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 16:26:16 -0500 Subject: [PATCH 233/290] Delete Invoke-EditTenant.ps1 --- .../Tenant/Invoke-EditTenant.ps1 | 66 ------------------- 1 file changed, 66 deletions(-) delete mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 deleted file mode 100644 index f4c5aad1c1c1..000000000000 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-EditTenant.ps1 +++ /dev/null @@ -1,66 +0,0 @@ -using namespace System.Net - -Function Invoke-EditTenant { - <# - .FUNCTIONALITY - Entrypoint - .ROLE - CIPP.Core.ReadWrite - #> - [CmdletBinding()] - param($Request, $TriggerMetadata) - - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - $tenantDisplayName = $request.body.displayName - $tenantDefaultDomainName = $request.body.defaultDomainName - $Tenant = $request.body.tenantid - $customerContextId = $request.body.customerId - - $tokens = try { - $AADGraphtoken = (Get-GraphToken -scope 'https://graph.windows.net/.default') - $allTenantsDetails = (Invoke-RestMethod -Method GET -Uri 'https://graph.windows.net/myorganization/contracts?api-version=1.6' -ContentType 'application/json' -Headers $AADGraphtoken) - $tenantObjectId = $allTenantsDetails.value | Where-Object { $_.customerContextId -eq $customerContextId } | Select-Object 'objectId' - } - catch { - $Results = "Failed to retrieve list of tenants. Error: $($_.Exception.Message)" - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantDisplayName) -message "Failed to retrieve list of tenants. Error:$($_.Exception.Message)" -Sev 'Error' - } - - - if ($tenantObjectId) { - try { - $bodyToPatch = '{"displayName":"' + $tenantDisplayName + '","defaultDomainName":"' + $tenantDefaultDomainName + '"}' - $patchTenant = (Invoke-RestMethod -Method PATCH -Uri "https://graph.windows.net/myorganization/contracts/$($tenantObjectId.objectId)?api-version=1.6" -Body $bodyToPatch -ContentType 'application/json' -Headers $AADGraphtoken -ErrorAction Stop) - $Filter = "PartitionKey eq 'Tenants' and defaultDomainName eq '{0}'" -f $tenantDefaultDomainName - try { - $TenantsTable = Get-CippTable -tablename Tenants - $Tenant = Get-CIPPAzDataTableEntity @TenantsTable -Filter $Filter - $Tenant.displayName = $tenantDisplayName - Update-AzDataTableEntity -Force @TenantsTable -Entity $Tenant - } - catch { - $AddedText = 'but could not edit the tenant cache. Clear the tenant cache to display the updated details' - } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantDisplayName -message "Edited tenant $tenantDisplayName" -Sev 'Info' - $results = "Successfully amended details for $($Tenant.displayName) $AddedText" - } - catch { - $results = "Failed to amend details for $tenantDisplayName : $($_.Exception.Message)" - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenantDisplayName -message "Failed amending details $tenantDisplayName. Error:$($_.Exception.Message)" -Sev 'Error' - } - } - else { - $Results = 'Could not find the tenant to edit in the contract endpoint. Please ensure you have a reseller relationship with the tenant you are trying to edit.' - } - - $body = [pscustomobject]@{'Results' = $results } - - # Associate values to output bindings by calling 'Push-OutputBinding'. - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = $body - }) - -} From 884977334c3f6b3bed7a7199d60c26f66f3e9c29 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 18:29:03 -0500 Subject: [PATCH 234/290] sharepoint / onedrive fixes --- .../CIPPCore/Public/Add-CIPPGroupMember.ps1 | 8 +- .../Invoke-ExecSetSharePointMember.ps1 | 6 +- .../Teams-Sharepoint/Invoke-ListSites.ps1 | 112 ++++++++++++------ 3 files changed, 80 insertions(+), 46 deletions(-) diff --git a/Modules/CIPPCore/Public/Add-CIPPGroupMember.ps1 b/Modules/CIPPCore/Public/Add-CIPPGroupMember.ps1 index b29972bcce3a..c81175d2c9ef 100644 --- a/Modules/CIPPCore/Public/Add-CIPPGroupMember.ps1 +++ b/Modules/CIPPCore/Public/Add-CIPPGroupMember.ps1 @@ -12,18 +12,16 @@ function Add-CIPPGroupMember( $addmemberbody = "{ `"members@odata.bind`": $(ConvertTo-Json @($MemberIDs)) }" if ($GroupType -eq 'Distribution list' -or $GroupType -eq 'Mail-Enabled Security') { $Params = @{ Identity = $GroupId; Member = $member; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $TenantFilter -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupId)" -tenantid $TenantFilter -type patch -body $addmemberbody -Verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupId)" -tenantid $TenantFilter -type patch -body $addmemberbody -Verbose } $Message = "Successfully added user $($Member) to $($GroupId)." Write-LogMessage -user $ExecutingUser -API $APIName -tenant $TenantFilter -message $Message -Sev 'Info' return $message - return } catch { - $message = "Failed to add user $($Member) to $($GroupId)" + $message = "Failed to add user $($Member) to $($GroupId) - $($_.Exception.Message)" Write-LogMessage -user $ExecutingUser -API $APIName -tenant $TenantFilter -message $message -Sev 'error' -LogData (Get-CippException -Exception $_) return $message } - } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSetSharePointMember.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSetSharePointMember.ps1 index 9c59f13662c3..b2f876599c1c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSetSharePointMember.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSetSharePointMember.ps1 @@ -11,11 +11,11 @@ Function Invoke-ExecSetSharePointMember { param($Request, $TriggerMetadata) if ($Request.body.SharePointType -eq 'Group') { - $GroupId = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups?`$filter=mail eq '$($Request.Body.GroupID)'" -tenantid $Request.Body.TenantFilter).id + $GroupId = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups?`$filter=mail eq '$($Request.Body.GroupID)' or proxyAddresses/any(x:endsWith(x,'$($Request.Body.GroupID)'))&`$count=true" -ComplexFilter -tenantid $Request.Body.TenantFilter).id if ($Request.body.Add -eq $true) { - $Results = Add-CIPPGroupMember -GroupType 'Team' -GroupID $GroupID -Member $Request.Body.input -TenantFilter $Request.Body.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' + $Results = Add-CIPPGroupMember -GroupType 'Team' -GroupID $GroupID -Member $Request.Body.user.value -TenantFilter $Request.Body.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' } else { - $UserID = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.Body.input)" -tenantid $Request.Body.TenantFilter).id + $UserID = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($Request.Body.user.value)" -tenantid $Request.Body.TenantFilter).id $Results = Remove-CIPPGroupMember -GroupType 'Team' -GroupID $GroupID -Member $UserID -TenantFilter $Request.Body.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' } } else { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListSites.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListSites.ps1 index d94c6b0ce4bd..35017077da0f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListSites.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListSites.ps1 @@ -10,72 +10,108 @@ Function Invoke-ListSites { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $TenantFilter = $Request.Query.TenantFilter + $Type = $request.query.Type + $UserUPN = $request.query.UserUPN + if (!$TenantFilter) { + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::BadRequest + Body = 'TenantFilter is required' + }) + return + } - # Write to the Azure Functions log stream. - Write-Host 'PowerShell HTTP trigger function processed a request.' + if (!$Type) { + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::BadRequest + Body = 'Type is required' + }) + return + } + + $Tenant = Get-Tenants -TenantFilter $TenantFilter + $TenantId = $Tenant.customerId + + if ($Type -eq 'SharePointSiteUsage') { + $Filter = 'isPersonalSite eq false' + } else { + $Filter = 'isPersonalSite eq true' + } - # Interact with query parameters or the body of the request. - $TenantFilter = $Request.Query.TenantFilter - $type = $request.query.Type - $UserUPN = $request.query.UserUPN try { - $Result = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/reports/get$($type)Detail(period='D7')" -tenantid $TenantFilter | ConvertFrom-Csv + $BulkRequests = @( + @{ + id = 'listAllSites' + method = 'GET' + url = "sites/getAllSites?`$filter=$($Filter)&`$select=id,createdDateTime,description,name,displayName,isPersonalSite,lastModifiedDateTime,webUrl,siteCollection,sharepointIds" + } + @{ + id = 'usage' + method = 'GET' + url = "reports/get$($type)Detail(period='D7')?`$format=application/json" + } + ) - if ($UserUPN) { - $ParsedRequest = $Result | Where-Object { $_.'Owner Principal Name' -eq $UserUPN } - } else { - $ParsedRequest = $Result + $Result = New-GraphBulkRequest -tenantid $TenantFilter -Requests @($BulkRequests) -asapp $true + $Sites = ($Result | Where-Object { $_.id -eq 'listAllSites' }).body.value + $UsageBase64 = ($Result | Where-Object { $_.id -eq 'usage' }).body + $UsageJson = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($UsageBase64)) + $Usage = ($UsageJson | ConvertFrom-Json).value + + $GraphRequest = foreach ($Site in $Sites) { + $SiteUsage = $Usage | Where-Object { $_.siteId -eq $Site.sharepointIds.siteId } + [PSCustomObject]@{ + siteId = $Site.sharepointIds.siteId + webId = $Site.sharepointIds.webId + createdDateTime = $Site.createdDateTime + displayName = $Site.displayName + webUrl = $Site.webUrl + ownerDisplayName = $SiteUsage.ownerDisplayName + ownerPrincipalName = $SiteUsage.ownerPrincipalName + lastActivityDate = $SiteUsage.lastActivityDate + fileCount = $SiteUsage.fileCount + storageUsedInGigabytes = [math]::round($SiteUsage.storageUsedInBytes / 1GB, 2) + storageAllocatedInGigabytes = [math]::round($SiteUsage.storageAllocatedInBytes / 1GB, 2) + storageUsedInBytes = $SiteUsage.storageUsedInBytes + storageAllocatedInBytes = $SiteUsage.storageAllocatedInBytes + rootWebTemplate = $SiteUsage.rootWebTemplate + reportRefreshDate = $SiteUsage.reportRefreshDate + AutoMapUrl = '' + } } - $GraphRequest = $ParsedRequest | Select-Object AutoMapUrl, @{ Name = 'UPN'; Expression = { $_.'Owner Principal Name' } }, - @{ Name = 'displayName'; Expression = { $_.'Owner Display Name' } }, - @{ Name = 'LastActive'; Expression = { $_.'Last Activity Date' } }, - @{ Name = 'FileCount'; Expression = { [int]$_.'File Count' } }, - @{ Name = 'UsedGB'; Expression = { [math]::round($_.'Storage Used (Byte)' / 1GB, 2) } }, - @{ Name = 'URL'; Expression = { $_.'Site URL' } }, - @{ Name = 'Allocated'; Expression = { [math]::round($_.'Storage Allocated (Byte)' / 1GB, 2) } }, - @{ Name = 'Template'; Expression = { $_.'Root Web Template' } }, - @{ Name = 'siteid'; Expression = { $_.'site Id' } } - #Temporary workaround for url as report is broken. - #This API is so stupid its great. - $URLs = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/sites/getAllSites?$select=SharePointIds,name,webUrl,displayName,siteCollection' -asapp $true -tenantid $TenantFilter $int = 0 if ($Type -eq 'SharePointSiteUsage') { - $Requests = foreach ($url in $URLs) { + $Requests = foreach ($Site in $GraphRequest) { @{ id = $int++ method = 'GET' - url = "sites/$($url.sharepointIds.siteId)/lists?`$select=id,name,list,parentReference" + url = "sites/$($Site.siteId)/lists?`$select=id,name,list,parentReference" } } $Requests = (New-GraphBulkRequest -tenantid $TenantFilter -scope 'https://graph.microsoft.com/.default' -Requests @($Requests) -asapp $true).body.value | Where-Object { $_.list.template -eq 'DocumentLibrary' } + $GraphRequest = foreach ($Site in $GraphRequest) { + $ListId = ($Requests | Where-Object { $_.parentReference.siteId -like "*$($Site.siteId)*" }).id + $site.AutoMapUrl = "tenantId=$($TenantId)&webId={$($Site.webId)}&siteid={$($Site.siteId)}&webUrl=$($Site.webUrl)&listId={$($ListId)}" + $site + } } - $GraphRequest = foreach ($site in $GraphRequest) { - $SiteURLs = ($URLs.SharePointIds | Where-Object { $_.siteId -eq $site.SiteId }) - $site.URL = $SiteURLs.siteUrl - $ListId = ($Requests | Where-Object { $_.parentReference.siteId -like "*$($SiteURLs.siteId)*" }).id - $site.AutoMapUrl = "tenantId=$($SiteUrls.tenantId)&webId={$($SiteUrls.webId)}&siteid={$($SiteURLs.siteId)}&webUrl=$($SiteURLs.siteUrl)&listId={$($ListId)}" - $site - } - $StatusCode = [HttpStatusCode]::OK - + } catch { $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message $StatusCode = [HttpStatusCode]::Forbidden $GraphRequest = $ErrorMessage } if ($Request.query.URLOnly -eq 'true') { - $GraphRequest = $GraphRequest | Where-Object { $null -ne $_.URL } + $GraphRequest = $GraphRequest | Where-Object { $null -ne $_.webUrl } } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = $StatusCode - Body = @($GraphRequest | Sort-Object -Property UPN) + Body = @($GraphRequest | Sort-Object -Property displayName) }) } From dade7c9bcdd1240fff0747444938d0d55bd14700 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 7 Jan 2025 23:38:38 -0500 Subject: [PATCH 235/290] fix bulk import --- .../HTTP Functions/Teams-Sharepoint/Invoke-AddSiteBulk.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddSiteBulk.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddSiteBulk.ps1 index 97f779f10c76..ff9eb3cfce9e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddSiteBulk.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-AddSiteBulk.ps1 @@ -16,7 +16,7 @@ Function Invoke-AddSiteBulk { $Results = [System.Collections.ArrayList]@() - foreach ($sharepointObj in $Request.body.BulkSite) { + foreach ($sharepointObj in $Request.Body.bulkSites) { try { $SharePointSite = New-CIPPSharepointSite -SiteName $SharePointObj.siteName -SiteDescription $SharePointObj.siteDescription -SiteOwner $SharePointObj.siteOwner -TemplateName $SharePointObj.templateName -SiteDesign $SharePointObj.siteDesign -SensitivityLabel $SharePointObj.sensitivityLabel -TenantFilter $Request.body.TenantFilter $Results.add($SharePointSite) From 2a0ea1c6280eb08918c77a13931cc5debf55a902 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 13:19:07 +0100 Subject: [PATCH 236/290] addedbreach searches --- .../Entrypoints/Invoke-ExecBreachSearch.ps1 | 23 ++++++++++++ .../Entrypoints/Invoke-ListBreachesTenant.ps1 | 20 ++++------- .../Public/HIBP/Get-BreachInfo.ps1 | 12 +++++++ .../Public/HIBP/Get-HIBPRequest.ps1 | 21 +++++++---- .../Public/HIBP/New-BreachTenantSearch.ps1 | 36 +++++++++++++++++++ 5 files changed, 92 insertions(+), 20 deletions(-) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-ExecBreachSearch.ps1 create mode 100644 Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 create mode 100644 Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecBreachSearch.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecBreachSearch.ps1 new file mode 100644 index 000000000000..5babb8345a72 --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecBreachSearch.ps1 @@ -0,0 +1,23 @@ +using namespace System.Net + +Function Invoke-ExecBreachSearch { + <# + .FUNCTIONALITY + Entrypoint + .ROLE + CIPP.Core.Read + #> + [CmdletBinding()] + param($Request, $TriggerMetadata) + + $APIName = $TriggerMetadata.FunctionName + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $TenantFilter = $Request.query.TenantFilter + #Move to background job + New-BreachTenantSearch -TenantFilter $TenantFilter + Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ + StatusCode = [HttpStatusCode]::OK + Body = @{ Results = "Executing Search for $TenantFilter" } + }) + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 index 61dd7a122404..d30bec6dffef 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 @@ -10,20 +10,14 @@ Function Invoke-ListBreachesTenant { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $users = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$select=UserPrincipalName,mail" -tenantid $Request.query.TenantFilter - $usersResults = foreach ($user in $users) { - $Results = Get-HIBPRequest "breachedaccount/$($user.UserPrincipalName)?truncateResponse=true" - if ($null -eq $Results) { - $Results = 'No breaches found.' - } - [PSCustomObject]@{ - user = $user.UserPrincipalName - breaches = $Results - } + $TenantFilter = $Request.query.TenantFilter + $Table = Get-CIPPTable -TableName UserBreaches + if ($TenantFilter -ne 'AllTenants') { + $filter = "PartitionKey eq '$TenantFilter'" + } else { + $filter = $null } - + $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 new file mode 100644 index 000000000000..9e1ff4fd8481 --- /dev/null +++ b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 @@ -0,0 +1,12 @@ +function Get-BreachInfo { + [CmdletBinding()] + param( + [Parameter()] + $TenantFilter + ) + $Data = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $TenantFilter | ForEach-Object { + $uri = 'https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=limenetworks.nl' + Invoke-RestMethod -Uri $uri + } + return $Data +} diff --git a/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 b/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 index 2f6de9d51e1d..1de419c98064 100644 --- a/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 +++ b/Modules/CippExtensions/Public/HIBP/Get-HIBPRequest.ps1 @@ -1,17 +1,24 @@ function Get-HIBPRequest { [CmdletBinding()] - param ( - [Parameter()]$endpoint - + param( + [Parameter()] + $endpoint ) $uri = "https://haveibeenpwned.com/api/v3/$endpoint" try { - Invoke-RestMethod -Uri $uri -Headers (Get-HIBPAuth) + return Invoke-RestMethod -Uri $uri -Headers (Get-HIBPAuth) } catch { - #If the error is a 404, it means no breach has been found. Return an empty object. - if ($_.Exception.Response.StatusCode -eq 404) { + if ($_.Exception.Response -and $_.Exception.Response.StatusCode -eq 404) { return @() + } elseif ($_.Exception.Response -and $_.Exception.Response.StatusCode -eq 429) { + Write-Host 'Rate limited hit for hibp.' + return @{ + Wait = ($_.Exception.Response.headers | Where-Object -Property key -EQ 'Retry-After').value + 'rate-limit' = $true + } + } else { + throw "Failed to connect to HIBP: $($_.Exception.Message)" } - throw "Failed to connect to HIBP: $($_.Exception.Message)" } + throw "Failed to connect to HIBP after $maxRetries retries." } diff --git a/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 b/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 new file mode 100644 index 000000000000..a7b40ab26b8d --- /dev/null +++ b/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 @@ -0,0 +1,36 @@ +function New-BreachTenantSearch { + [CmdletBinding()] + param ( + [Parameter()]$TenantFilter, + [Parameter()][switch]$Force + ) + + $Table = Get-CIPPTable -TableName UserBreaches + $LatestBreach = Get-BreachInfo -TenantFilter $TenantFilter + + $usersResults = foreach ($domain in $LatestBreach) { + $ExistingBreaches = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$TenantFilter'" + if ($null -eq $domain.result) { + Write-Host "No breaches found for domain $($domain.domain)" + continue + } + $SumOfBreaches = ($LatestBreach | Measure-Object -Sum -Property found).sum + if ($ExistingBreaches.sum -eq $SumOfBreaches -and $Force.IsPresent -eq $false) { + Write-Host "No new breaches found for tenant $TenantFilter" + continue + } + + @{ + RowKey = $domain.domain + PartitionKey = $TenantFilter + breaches = "$($LatestBreach.Result | ConvertTo-Json)" + sum = $SumOfBreaches + } + } + + #Add user breaches to table + if ($usersResults) { + $entity = Add-CIPPAzDataTableEntity @Table -Entity $usersResults -Force + Write-Host "Added $($usersResults.Count) breaches to table for tenant $TenantFilter" + } +} From 1fa4eb6e1ada1290760806107630ea29a5eb075f Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 13:20:56 +0100 Subject: [PATCH 237/290] breach stuff --- .../CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 | 2 +- Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 index d30bec6dffef..e1f6415b179f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 @@ -17,7 +17,7 @@ Function Invoke-ListBreachesTenant { } else { $filter = $null } - $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json + $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json -ErrorAction SilentlyContinue # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 index 9e1ff4fd8481..1e8f6f168a73 100644 --- a/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 +++ b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 @@ -5,8 +5,7 @@ function Get-BreachInfo { $TenantFilter ) $Data = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $TenantFilter | ForEach-Object { - $uri = 'https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=limenetworks.nl' - Invoke-RestMethod -Uri $uri + Invoke-RestMethod -Uri "https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=$($_.id)" } return $Data } From 988edda9258bd5e9f75399ed4d60bb7761110d11 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 13:42:51 +0100 Subject: [PATCH 238/290] added update now button --- .../CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 index e1f6415b179f..d894b6118af8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 @@ -18,7 +18,9 @@ Function Invoke-ListBreachesTenant { $filter = $null } $usersResults = (Get-CIPPAzDataTableEntity @Table -Filter $filter).breaches | ConvertFrom-Json -ErrorAction SilentlyContinue - + if ($usersResults -eq $null) { + $usersResults = @() + } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK From 731e24000a619a02a29f8e6d53c8d80127754d9a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 13:54:37 +0100 Subject: [PATCH 239/290] new password breach alert --- .../Public/Alerts/Get-CippBreachAlert.ps1 | 19 +++++++++++++++++++ .../Public/HIBP/New-BreachTenantSearch.ps1 | 2 +- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 diff --git a/Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 new file mode 100644 index 000000000000..317e66187820 --- /dev/null +++ b/Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 @@ -0,0 +1,19 @@ + +function Get-CippBreachAlert { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + param( + [Parameter(Mandatory = $false)] + [Alias('input')] + $TenantFilter + ) + try { + $Search = New-BreachTenantSearch -TenantFilter $TenantFilter + Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $Search + } catch { + Write-AlertMessage -tenant $($TenantFilter) -message "Could not get New Breaches for $($TenantFilter): $(Get-NormalizedError -message $_.Exception.message)" + } +} diff --git a/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 b/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 index a7b40ab26b8d..7d26f97dc242 100644 --- a/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 +++ b/Modules/CippExtensions/Public/HIBP/New-BreachTenantSearch.ps1 @@ -31,6 +31,6 @@ function New-BreachTenantSearch { #Add user breaches to table if ($usersResults) { $entity = Add-CIPPAzDataTableEntity @Table -Entity $usersResults -Force - Write-Host "Added $($usersResults.Count) breaches to table for tenant $TenantFilter" + return $LatestBreach.Result } } From 6703fb432fa93076800b959d1789b93cfbac1c87 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 8 Jan 2025 08:41:53 -0500 Subject: [PATCH 240/290] fix message trace sender/recipient --- .../HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 index ee06358d31df..9c7c3bc1482e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMessageTrace.ps1 @@ -49,10 +49,10 @@ Function Invoke-ListMessageTrace { } } - if (![string]::IsNullOrEmpty($Request.Body.recipient)) { + if ($Request.Body.recipient) { $Searchparams.Add('RecipientAddress', $($Request.Body.recipient.value ?? $Request.Body.recipient)) } - if (![string]::IsNullOrEmpty($Request.Body.sender)) { + if ($Request.Body.sender) { $Searchparams.Add('SenderAddress', $($Request.Body.sender.value ?? $Request.Body.sender)) } From f9ec3c18cff2b249d3d014c0960ccce95e0f281a Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 15:36:19 +0100 Subject: [PATCH 241/290] fixes primdomain issue when switching domains --- .../Identity/Administration/Users/Invoke-ListUsers.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 index 7c1cdb8dbe97..e138cc02e470 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 @@ -23,11 +23,11 @@ Function Invoke-ListUsers { $GraphRequest = if ($TenantFilter -ne 'AllTenants') { New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($userid)?`$top=999&`$filter=$GraphFilter&`$count=true" -tenantid $TenantFilter -ComplexFilter | ForEach-Object { $_ | Add-Member -MemberType NoteProperty -Name 'onPremisesSyncEnabled' -Value ([bool]($_.onPremisesSyncEnabled)) -Force - $_ | Add-Member -MemberType NoteProperty -Name 'UserName' -Value ($_.userPrincipalName -split '@' | Select-Object -First 1) -Force + $_ | Add-Member -MemberType NoteProperty -Name 'username' -Value ($_.userPrincipalName -split '@' | Select-Object -First 1) -Force $_ | Add-Member -MemberType NoteProperty -Name 'Aliases' -Value ($_.ProxyAddresses -join ', ') -Force $SkuID = $_.AssignedLicenses.skuid $_ | Add-Member -MemberType NoteProperty -Name 'LicJoined' -Value (($ConvertTable | Where-Object { $_.guid -in $skuid }).'Product_Display_Name' -join ', ') -Force - $_ | Add-Member -MemberType NoteProperty -Name 'primDomain' -Value ($_.userPrincipalName -split '@' | Select-Object -Last 1) -Force + $_ | Add-Member -MemberType NoteProperty -Name 'primDomain' -Value @{value = ($_.userPrincipalName -split '@' | Select-Object -Last 1); label = ($_.userPrincipalName -split '@' | Select-Object -Last 1); } -Force $_ } } else { @@ -43,7 +43,7 @@ Function Invoke-ListUsers { $_.Aliases = $_.Proxyaddresses -join ', ' $SkuID = $_.AssignedLicenses.skuid $_.LicJoined = ($ConvertTable | Where-Object { $_.guid -in $skuid }).'Product_Display_Name' -join ', ' - $_.primDomain = ($_.userPrincipalName -split '@' | Select-Object -Last 1) + $_.primDomain = @{value = ($_.userPrincipalName -split '@' | Select-Object -Last 1) } $_ } } From 93d041901a7c0089ad03ff56acaf1fd575a5a71f Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 8 Jan 2025 12:11:24 -0500 Subject: [PATCH 242/290] hudu tweaks --- ...5Field.ps1 => Add-HuduAssetLayoutField.ps1} | 18 +++++++++++------- .../Public/Hudu/Invoke-HuduExtensionSync.ps1 | 4 +++- 2 files changed, 14 insertions(+), 8 deletions(-) rename Modules/CippExtensions/Public/Extension Functions/{Add-HuduAssetLayoutM365Field.ps1 => Add-HuduAssetLayoutField.ps1} (58%) diff --git a/Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutM365Field.ps1 b/Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutField.ps1 similarity index 58% rename from Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutM365Field.ps1 rename to Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutField.ps1 index 5ab07cbc3887..8669019b3321 100644 --- a/Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutM365Field.ps1 +++ b/Modules/CippExtensions/Public/Extension Functions/Add-HuduAssetLayoutField.ps1 @@ -1,20 +1,24 @@ -function Add-HuduAssetLayoutM365Field { +function Add-HuduAssetLayoutField { Param( - $AssetLayoutId + $AssetLayoutId, + $Label = 'Microsoft 365', + $FieldType = 'RichText', + $Position = 0, + $ShowInList = $false ) $M365Field = @{ - position = 0 - label = 'Microsoft 365' - field_type = 'RichText' - show_in_list = $false + position = $Position + label = $Label + field_type = $FieldType + show_in_list = $ShowInList required = $false expiration = $false } $AssetLayout = Get-HuduAssetLayouts -LayoutId $AssetLayoutId - if ($AssetLayout.fields.label -contains 'Microsoft 365') { + if ($AssetLayout.fields.label -contains $Label) { return $AssetLayout } diff --git a/Modules/CippExtensions/Public/Hudu/Invoke-HuduExtensionSync.ps1 b/Modules/CippExtensions/Public/Hudu/Invoke-HuduExtensionSync.ps1 index 7eae2f462326..803643885117 100644 --- a/Modules/CippExtensions/Public/Hudu/Invoke-HuduExtensionSync.ps1 +++ b/Modules/CippExtensions/Public/Hudu/Invoke-HuduExtensionSync.ps1 @@ -56,7 +56,9 @@ function Invoke-HuduExtensionSync { try { if (![string]::IsNullOrEmpty($PeopleLayoutId)) { - $null = Add-HuduAssetLayoutM365Field -AssetLayoutId $PeopleLayoutId + # Add required fields to People Layout + $null = Add-HuduAssetLayoutField -AssetLayoutId $PeopleLayoutId -Label 'Microsoft 365' + $null = Add-HuduAssetLayoutField -AssetLayoutId $PeopleLayoutId -Label 'Email Address' -Position 1 -ShowInList $true -FieldType 'Text' $CreateUsers = $Configuration.CreateMissingUsers $PeopleLayout = Get-HuduAssetLayouts -Id $PeopleLayoutId if ($PeopleLayout.id) { From 849335b1f60503b0db853eb11c455ceb7e515ad3 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Wed, 8 Jan 2025 18:15:29 +0100 Subject: [PATCH 243/290] fixes to new darkweb scanning --- .../Entrypoints/Invoke-ListBreachesAccount.ps1 | 7 ++++++- .../Public/HIBP/Get-BreachInfo.ps1 | 16 ++++++++++++---- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 index 03473f343622..827a151ded72 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesAccount.ps1 @@ -13,7 +13,12 @@ Function Invoke-ListBreachesAccount { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $Results = Get-HIBPRequest "breachedaccount/$($Request.query.account)?truncateResponse=false" + if ($request.query.account -like '*@*') { + $Results = Get-HIBPRequest "breachedaccount/$($Request.query.account)?truncateResponse=false" + } else { + $Results = Get-BreachInfo -Domain $Request.query.account + } + # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ StatusCode = [HttpStatusCode]::OK diff --git a/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 index 1e8f6f168a73..f90f478b0e70 100644 --- a/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 +++ b/Modules/CippExtensions/Public/HIBP/Get-BreachInfo.ps1 @@ -2,10 +2,18 @@ function Get-BreachInfo { [CmdletBinding()] param( [Parameter()] - $TenantFilter + $TenantFilter, + [Parameter()]$Domain + ) - $Data = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $TenantFilter | ForEach-Object { - Invoke-RestMethod -Uri "https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=$($_.id)" + if ($TenantFilter) { + $Data = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $TenantFilter | ForEach-Object { + Invoke-RestMethod -Uri "https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=$($_.id)" + } + return $Data + } else { + $data = Invoke-RestMethod -Uri "https://geoipdb.azurewebsites.net/api/Breach?func=domain&domain=$($domain)&format=breachlist" + return $Data } - return $Data + } From a1a31e09eb984efeb09b1e5124c72faa3f081f03 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 8 Jan 2025 12:15:43 -0500 Subject: [PATCH 244/290] onboarding tweaks --- .../Push-ExecOnboardTenantQueue.ps1 | 76 +++++++++---------- .../Invoke-ExecOnboardTenant.ps1 | 2 +- 2 files changed, 38 insertions(+), 40 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 index 4fd4391c8938..4ac47fcedfd0 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 @@ -6,15 +6,13 @@ Function Push-ExecOnboardTenantQueue { [CmdletBinding()] param($Item) try { - $DateFormat = '%Y-%m-%d %H:%M:%S' $Id = $Item.id - #Write-Host ($Item.Roles | ConvertTo-Json) $Start = Get-Date $Logs = [System.Collections.Generic.List[object]]::new() $OnboardTable = Get-CIPPTable -TableName 'TenantOnboarding' $TenantOnboarding = Get-CIPPAzDataTableEntity @OnboardTable -Filter "RowKey eq '$Id'" - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = "Starting onboarding for relationship $Id" }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Starting onboarding for relationship $Id" }) $OnboardingSteps = $TenantOnboarding.OnboardingSteps | ConvertFrom-Json $OnboardingSteps.Step1.Status = 'running' $OnboardingSteps.Step1.Message = 'Checking GDAP invite status' @@ -53,7 +51,7 @@ Function Push-ExecOnboardTenantQueue { ) if ($OnboardingSteps.Step1.Status -ne 'succeeded') { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Checking relationship status' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Checking relationship status' }) $x = 0 do { $Relationship = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$Id" @@ -62,12 +60,12 @@ Function Push-ExecOnboardTenantQueue { } while ($Relationship.status -ne 'active' -and $x -lt 6) if ($Relationship.status -eq 'active') { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'GDAP Invite Accepted' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'GDAP Invite Accepted' }) $OnboardingSteps.Step1.Status = 'succeeded' $OnboardingSteps.Step1.Message = "GDAP Invite accepted for $($Relationship.customer.displayName)" $TenantOnboarding.CustomerId = $Relationship.customer.tenantId } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'GDAP Invite Failed' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'GDAP Invite Failed' }) $OnboardingSteps.Step1.Status = 'failed' $OnboardingSteps.Step1.Message = 'GDAP Invite timeout, retry onboarding after accepting the invite with a GA account in the customer tenant.' $TenantOnboarding.Status = 'failed' @@ -79,7 +77,7 @@ Function Push-ExecOnboardTenantQueue { } if ($OnboardingSteps.Step1.Status -eq 'succeeded') { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Starting role check' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Starting role check' }) $OnboardingSteps.Step2.Status = 'running' $OnboardingSteps.Step2.Message = 'Checking role mapping' $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) @@ -100,18 +98,18 @@ Function Push-ExecOnboardTenantQueue { } } if (($MissingRoles | Measure-Object).Count -gt 0) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Missing roles for relationship' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Missing roles for relationship' }) if ($Item.IgnoreMissingRoles -ne $true) { $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step2.Status = 'failed' $OnboardingSteps.Step2.Message = "Your GDAP relationship is missing the following roles: $($MissingRoles -join ', ')" } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Ignoring missing roles' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Ignoring missing roles' }) $OnboardingSteps.Step2.Status = 'succeeded' $OnboardingSteps.Step2.Message = 'Your GDAP relationship is missing some roles, but the onboarding will continue' } } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Required roles found' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Required roles found' }) $OnboardingSteps.Step2.Status = 'succeeded' $OnboardingSteps.Step2.Message = 'Your GDAP relationship has the required roles' } @@ -121,10 +119,10 @@ Function Push-ExecOnboardTenantQueue { } if ($OnboardingSteps.Step2.Status -eq 'succeeded') { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Checking group mapping' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Checking group mapping' }) $AccessAssignments = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$Id/accessAssignments" if ($AccessAssignments.id -and $Item.AutoMapRoles -ne $true) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Groups mapped' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Groups mapped' }) $OnboardingSteps.Step3.Status = 'succeeded' $OnboardingSteps.Step3.Message = 'Your GDAP relationship already has mapped security groups' } else { @@ -140,12 +138,12 @@ Function Push-ExecOnboardTenantQueue { if ($AccessAssignments.id -and !$Invite) { $MissingRoles = [System.Collections.Generic.List[object]]::new() - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Relationship has existing access assignments, checking for missing mappings' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Relationship has existing access assignments, checking for missing mappings' }) if ($Item.Roles -and $Item.AutoMapRoles -eq $true) { foreach ($Role in $Item.Roles) { if ($AccessAssignments.accessContainer.accessContainerid -notcontains $Role.GroupId -and $Relationship.accessDetails.unifiedRoles.roleDefinitionId -contains $Role.roleDefinitionId) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = "Adding missing group to relationship: $($Role.GroupName)" }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Adding missing group to relationship: $($Role.GroupName)" }) $MissingRoles.Add([PSCustomObject]$Role) } } @@ -159,7 +157,7 @@ Function Push-ExecOnboardTenantQueue { } Add-CIPPAzDataTableEntity @InviteTable -Entity $Invite } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'All roles have been mapped to the M365 GDAP security groups' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'All roles have been mapped to the M365 GDAP security groups' }) $OnboardingSteps.Step3.Status = 'succeeded' $OnboardingSteps.Step3.Message = 'Groups mapped successfully' $GroupSuccess = $true @@ -168,7 +166,7 @@ Function Push-ExecOnboardTenantQueue { } if (!$AccessAssignments.id -and $Item.Roles) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'No access assignments found, using defined role mapping.' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'No access assignments found, using defined role mapping.' }) $MatchingRoles = [System.Collections.Generic.List[object]]::new() foreach ($Role in $Item.Roles) { if ($Relationship.accessDetails.unifiedRoles.roleDefinitionId -contains $Role.roleDefinitionId) { @@ -197,17 +195,17 @@ Function Push-ExecOnboardTenantQueue { } if ($Invite) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'GDAP invite found, starting group/role mapping' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'GDAP invite found, starting group/role mapping' }) $GroupMapStatus = Set-CIPPGDAPInviteGroups -Relationship $Relationship if ($GroupMapStatus) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Groups mapped successfully' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Groups mapped successfully' }) $OnboardingSteps.Step3.Message = 'Groups mapped successfully, checking access assignment status' $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) $TenantOnboarding.Logs = [string](ConvertTo-Json -InputObject @($Logs) -Compress) Add-CIPPAzDataTableEntity @OnboardTable -Entity $TenantOnboarding -Force -ErrorAction Stop } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Group mapping failed' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Group mapping failed' }) $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step3.Status = 'failed' $OnboardingSteps.Step3.Message = 'Group mapping failed, check the log book for details.' @@ -232,7 +230,7 @@ Function Push-ExecOnboardTenantQueue { $OnboardingSteps.Step3.Message = 'Group check: Access assignments are mapped and active' $OnboardingSteps.Step3.Status = 'succeeded' if ($Item.AddMissingGroups -eq $true) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Checking for missing groups for SAM user' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Checking for missing groups for SAM user' }) $SamUserId = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/me?`$select=id").id $CurrentMemberships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/me/transitiveMemberOf?`$select=id,displayName" foreach ($Role in $Item.Roles) { @@ -242,13 +240,13 @@ Function Push-ExecOnboardTenantQueue { } | ConvertTo-Json -Compress try { New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$($Role.GroupId)/members/`$ref" -body $PostBody -AsApp $true -NoAuthCheck $true - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = "Added SAM user to $($Role.GroupName)" }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Added SAM user to $($Role.GroupName)" }) } catch { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = "Failed to add SAM user to $($Role.GroupName) - $($_.Exception.Message)" }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Failed to add SAM user to $($Role.GroupName) - $($_.Exception.Message)" }) } } } - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'SAM user group check completed' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'SAM user group check completed' }) } } else { $OnboardingSteps.Step3.Message = 'Group check: Access assignments are still pending, try again later' @@ -263,7 +261,7 @@ Function Push-ExecOnboardTenantQueue { } if ($OnboardingSteps.Step3.Status -eq 'succeeded') { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Setting up CPV consent' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Setting up CPV consent' }) $OnboardingSteps.Step4.Status = 'running' $OnboardingSteps.Step4.Message = 'Setting up CPV consent' $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) @@ -273,12 +271,12 @@ Function Push-ExecOnboardTenantQueue { $ExcludedTenant = Get-Tenants -SkipList | Where-Object { $_.customerId -eq $Relationship.customer.tenantId } $IsExcluded = ($ExcludedTenant | Measure-Object).Count -gt 0 if ($IsExcluded) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = ('Tenant is excluded from CIPP, onboarding cannot continue. Remove the exclusion from "{0}" ({1})' -f $ExcludedTenant.displayName, $ExcludedTenant.customerId) }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = ('Tenant is excluded from CIPP, onboarding cannot continue. Remove the exclusion from "{0}" ({1})' -f $ExcludedTenant.displayName, $ExcludedTenant.customerId) }) $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step4.Status = 'failed' $OnboardingSteps.Step4.Message = 'Tenant excluded from CIPP, remove the exclusion and retry onboarding.' } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Clearing tenant cache' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Clearing tenant cache' }) $y = 0 do { $Tenant = Get-Tenants -TriggerRefresh -TenantFilter $Relationship.customer.tenantId | Select-Object -First 1 @@ -287,7 +285,7 @@ Function Push-ExecOnboardTenantQueue { } while (!$Tenant -and $y -le 10) if ($Tenant) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Tenant found in customer list' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Tenant found in customer list' }) try { $CPVConsentParams = @{ TenantFilter = $Relationship.customer.tenantId @@ -296,9 +294,9 @@ Function Push-ExecOnboardTenantQueue { if ($Consent -match 'Could not add our Service Principal to the client tenant') { throw } - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Added initial CPV consent permissions' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Added initial CPV consent permissions' }) } catch { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = ('CPV Consent Failed, error: {0}' -f $Consent) }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = ('CPV Consent Failed, error: {0}' -f $Consent) }) $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step4.Status = 'failed' $OnboardingSteps.Step4.Message = 'CPV Consent failed, check the logs for more details.' @@ -310,7 +308,7 @@ Function Push-ExecOnboardTenantQueue { } $Refreshing = $true $CPVSuccess = $false - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Refreshing CPV permissions' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Refreshing CPV permissions' }) $OnboardingSteps.Step4.Message = 'Refreshing CPV permissions' $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) $TenantOnboarding.Logs = [string](ConvertTo-Json -InputObject @($Logs) -Compress) @@ -329,20 +327,20 @@ Function Push-ExecOnboardTenantQueue { } while ($Refreshing -and (Get-Date) -lt $Start.AddMinutes(8)) if ($CPVSuccess) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'CPV permissions refreshed' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'CPV permissions refreshed' }) $OnboardingSteps.Step4.Status = 'succeeded' $OnboardingSteps.Step4.Message = 'CPV permissions refreshed' if ($Tenant.defaultDomainName -match 'Domain Error') { $Tenant = Get-Tenants -TriggerRefresh -IncludeAll | Where-Object { $_.customerId -eq $Relationship.customer.tenantId } | Select-Object -First 1 } } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'CPV permissions failed to refresh. {0}' -f $LastCPVError }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'CPV permissions failed to refresh. {0}' -f $LastCPVError }) $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step4.Status = 'failed' $OnboardingSteps.Step4.Message = 'CPV permissions failed to refresh, check the logs for more details.' } } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Tenant not found' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Tenant not found' }) $TenantOnboarding.Status = 'failed' $OnboardingSteps.Step4.Status = 'failed' $OnboardingSteps.Step4.Message = 'Tenant not found in customer list, try again later' @@ -375,9 +373,9 @@ Function Push-ExecOnboardTenantQueue { RowKey = [string]$Tenant.defaultDomainName PartitionKey = 'standards' } - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Set All Tenant Standards Exclusion' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Set All Tenant Standards Exclusion' }) } - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = "Testing API access for $($Tenant.defaultDomainName)" }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Testing API access for $($Tenant.defaultDomainName)" }) $OnboardingSteps.Step5.Status = 'running' $OnboardingSteps.Step5.Message = 'Testing API access' $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) @@ -394,8 +392,8 @@ Function Push-ExecOnboardTenantQueue { } if ($UserCount -gt 0) { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'API test successful' }) - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Onboarding complete' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'API test successful' }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Onboarding complete' }) $OnboardingSteps.Step5.Status = 'succeeded' $OnboardingSteps.Step5.Message = 'API Test Successful: {0} users found' -f $UserCount $TenantOnboarding.Status = 'succeeded' @@ -404,7 +402,7 @@ Function Push-ExecOnboardTenantQueue { Add-CIPPAzDataTableEntity @OnboardTable -Entity $TenantOnboarding -Force -ErrorAction Stop Write-LogMessage -API 'Onboarding' -message "Tenant onboarding succeeded for $($Relationship.customer.displayName)" -Sev 'Info' } else { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'API Test failed: {0}' -f $ApiError }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'API Test failed: {0}' -f $ApiError }) $OnboardingSteps.Step5.Status = 'failed' $OnboardingSteps.Step5.Message = 'API Test failed: {0}' -f $ApiError $TenantOnboarding.Status = 'succeeded' @@ -415,7 +413,7 @@ Function Push-ExecOnboardTenantQueue { } } } catch { - $Logs.Add([PSCustomObject]@{ Date = Get-Date -UFormat $DateFormat; Log = 'Onboarding failed. Exception: {0}' -f $_.Exception.Message }) + $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Onboarding failed. Exception: {0}' -f $_.Exception.Message }) $TenantOnboarding.Status = 'failed' $TenantOnboarding.Exception = [string]('{0} - Line {1} - {2}' -f $_.Exception.Message, $_.InvocationInfo.ScriptLineNumber, $_.InvocationInfo.ScriptName) $TenantOnboarding.OnboardingSteps = [string](ConvertTo-Json -InputObject $OnboardingSteps -Compress) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 index c263ef85f1ff..70576362b561 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ExecOnboardTenant.ps1 @@ -27,7 +27,7 @@ function Invoke-ExecOnboardTenant { $StatusCode = [HttpStatusCode]::NotFound } } else { - $TenMinutesAgo = (Get-Date).AddMinutes(-10).ToString('yyyy-MM-ddTHH:mm:ssZ') + $TenMinutesAgo = (Get-Date).AddMinutes(-10).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') $TenantOnboarding = Get-CIPPAzDataTableEntity @OnboardTable -Filter "RowKey eq '$Id' and Timestamp ge datetime'$TenMinutesAgo'" if (!$TenantOnboarding -or [bool]$Request.Body.Retry) { $OnboardingSteps = [PSCustomObject]@{ From c8e20866c22c573572fcb3a97fc5d9bcc26c0fe4 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 9 Jan 2025 11:10:31 +0100 Subject: [PATCH 245/290] fix posts --- .../HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1 | 6 +++--- .../Endpoint/MEM/Invoke-ExecGetLocalAdminPassword.ps1 | 2 +- Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1 index ca788cb979da..f93214203323 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1 @@ -13,14 +13,14 @@ Function Invoke-ExecDeviceAction { $APIName = $TriggerMetadata.FunctionName Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - # Interact with query parameters or the body of the request. + # Interact with Body parameters or the body of the request. try { - if ($Request.Query.Action -eq 'setDeviceName') { + if ($Request.Body.Action -eq 'setDeviceName') { $ActionBody = @{ deviceName = $Request.Body.input } | ConvertTo-Json -Compress } - $ActionResult = New-CIPPDeviceAction -Action $Request.Query.Action -ActionBody $ActionBody -DeviceFilter $Request.Query.GUID -TenantFilter $Request.Query.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' -APINAME $APINAME + $ActionResult = New-CIPPDeviceAction -Action $Request.Body.Action -ActionBody $ActionBody -DeviceFilter $Request.Body.GUID -TenantFilter $Request.Body.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' -APINAME $APINAME $body = [pscustomobject]@{'Results' = "$ActionResult" } } catch { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetLocalAdminPassword.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetLocalAdminPassword.ps1 index f2850548e8c2..46af5fc50f77 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetLocalAdminPassword.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetLocalAdminPassword.ps1 @@ -13,7 +13,7 @@ Function Invoke-ExecGetLocalAdminPassword { $APIName = $TriggerMetadata.FunctionName try { - $GraphRequest = Get-CIPPLapsPassword -device $($request.query.guid) -tenantFilter $Request.Query.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' + $GraphRequest = Get-CIPPLapsPassword -device $($request.body.guid) -tenantFilter $Request.body.TenantFilter -APIName $APINAME -ExecutingUser $request.headers.'x-ms-client-principal' $Body = [pscustomobject]@{'Results' = $GraphRequest } } catch { diff --git a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 index bf5a762ecc65..0f5cbca25204 100644 --- a/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 +++ b/Modules/CIPPCore/Public/Standards/Get-CIPPStandards.ps1 @@ -116,7 +116,7 @@ function Get-CIPPStandards { $Standards = $Template.standards foreach ($StandardName in $Standards.PSObject.Properties.Name) { $CurrentStandard = $Standards.$StandardName.PSObject.Copy() - $Actions = $CurrentStandard.action.value + $Actions = $CurrentStandard.action.value | Where-Object { $_ -in 'Remediate', 'warn', 'report' } if ($Actions -contains 'Remediate' -or $Actions -contains 'warn' -or $Actions -contains 'Report') { if (-not $ComputedStandards.Contains($StandardName)) { $ComputedStandards[$StandardName] = $CurrentStandard From 4661597a252ff31bb76da0155c92f851a9e4b0ce Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 9 Jan 2025 13:52:39 +0100 Subject: [PATCH 246/290] remove errant continue --- .../HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 index cca477e4a3ce..56bdb6a64bea 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 @@ -23,7 +23,6 @@ Function Invoke-EditCAPolicy { } catch { "Failed to add CA policy: $($_.Exception.Message)" Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($Tenant) -message "Failed editing CA policy $($ID). Error: $($_.Exception.Message)" -Sev 'Error' - continue } $body = [pscustomobject]@{'Results' = $results } From 891f833cf570e15125481d614b7045dea73b97dd Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 9 Jan 2025 14:45:06 +0100 Subject: [PATCH 247/290] offboarding excludeAllTenants --- .../Push-ExecOnboardTenantQueue.ps1 | 35 ++++++++++--------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 index 4ac47fcedfd0..7f9e54f72637 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOnboardTenantQueue.ps1 @@ -353,26 +353,27 @@ Function Push-ExecOnboardTenantQueue { if ($OnboardingSteps.Step4.Status -eq 'succeeded') { if ($Item.StandardsExcludeAllTenants -eq $true) { - $Settings = @{ - 'OverrideAllTenants' = @{ - 'remediate' = $true + $AddExclusionObj = [PSCustomObject]@{ + label = $Tenant.defaultDomainName + value = $Tenant.defaultDomainName + addedFields = @{} + } + $Table = Get-CippTable -tablename 'templates' + $ExistingTemplates = Get-CippazDataTableEntity @Table -Filter "PartitionKey eq 'StandardsTemplateV2'" | Where-Object { $_.JSON -match 'AllTenants' } + foreach ($AllTenantesTemplate in $ExistingTemplates) { + $object = $AllTenantesTemplate.JSON | ConvertFrom-Json + $NewExcludedTenants = $object.excludedTenants + $AddExclusionObj + $object.excludedTenants = $NewExcludedTenants + $JSON = ConvertTo-Json -InputObject $object -Compress -Depth 10 + $Table.Force = $true + Add-CIPPAzDataTableEntity @Table -Entity @{ + JSON = "$JSON" + RowKey = $AllTenantesTemplate.RowKey + GUID = $AllTenantesTemplate.GUID + PartitionKey = 'StandardsTemplateV2' } } - $object = [PSCustomObject]@{ - Tenant = $Tenant.defaultDomainName - AddedBy = 'Onboarding' - AppliedAt = (Get-Date).ToString('s') - Standards = $Settings - v2 = $true - } | ConvertTo-Json -Depth 10 - $Table = Get-CippTable -tablename 'standards' - $Table.Force = $true - Add-CIPPAzDataTableEntity @Table -Entity @{ - JSON = "$object" - RowKey = [string]$Tenant.defaultDomainName - PartitionKey = 'standards' - } $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = 'Set All Tenant Standards Exclusion' }) } $Logs.Add([PSCustomObject]@{ Date = (Get-Date).ToUniversalTime(); Log = "Testing API access for $($Tenant.defaultDomainName)" }) From 226e79d4f1c1cf086a7de47d34a36f65f4690e14 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 9 Jan 2025 09:56:32 -0500 Subject: [PATCH 248/290] handle stuck user tasks --- .../Orchestrator Functions/Start-UserTasksOrchestrator.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 index 0578b3739d43..26cf32cb9627 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-UserTasksOrchestrator.ps1 @@ -7,7 +7,8 @@ function Start-UserTasksOrchestrator { param() $Table = Get-CippTable -tablename 'ScheduledTasks' - $Filter = "TaskState eq 'Planned' or TaskState eq 'Failed - Planned'" + $1HourAgo = (Get-Date).AddHours(-1).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ') + $Filter = "TaskState eq 'Planned' or TaskState eq 'Failed - Planned' or (TaskState eq 'Running' and Timestamp lt datetime'$1HourAgo')" $tasks = Get-CIPPAzDataTableEntity @Table -Filter $Filter $Batch = [System.Collections.Generic.List[object]]::new() $TenantList = Get-Tenants -IncludeErrors From 6185889054ecab5e62941672da36b66502f7ab4a Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 9 Jan 2025 18:14:55 -0500 Subject: [PATCH 249/290] prevent int parsing errors with mailbox stats --- .../Users/Invoke-ListUserMailboxDetails.ps1 | 26 +++++++++++++++---- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 index 43758f1156f1..0dbf730fb00e 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserMailboxDetails.ps1 @@ -136,6 +136,22 @@ Function Invoke-ListUserMailboxDetails { $MailboxDetailedRequest.ForwardingSmtpAddress } + $ProhibitSendQuotaString = $MailboxDetailedRequest.ProhibitSendQuota -split ' ' + $ProhibitSendReceiveQuotaString = $MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' ' + $TotalItemSizeString = $StatsRequest.TotalItemSize -split ' ' + $TotalArchiveItemSizeString = $ArchiveSizeRequest.TotalItemSize -split ' ' + + $ProhibitSendQuota = try { [math]::Round([float]($ProhibitSendQuotaString[0]), 2) } catch { 0 } + $ProhibitSendReceiveQuota = try { [math]::Round([float]($ProhibitSendReceiveQuotaString[0]), 2) } catch { 0 } + + $ItemSizeType = '1{0}' -f ($TotalItemSizeString[1] ?? 'Gb') + $TotalItemSize = try { [math]::Round([float]($TotalItemSizeString[0]) / $ItemSizeType, 2) } catch { 0 } + + if ($ArchiveEnabled) { + $ArchiveSizeType = '1{0}' -f ($TotalArchiveItemSizeString[1] ?? 'Gb') + $TotalArchiveItemSize = [math]::Round([float]($TotalArchiveItemSizeString[0]) / $ArchiveSizeType, 2) + } + # Build the GraphRequest object $GraphRequest = [ordered]@{ ForwardAndDeliver = $MailboxDetailedRequest.DeliverToMailboxAndForward @@ -149,12 +165,12 @@ Function Invoke-ListUserMailboxDetails { MailboxPopEnabled = $CASRequest.PopEnabled MailboxActiveSyncEnabled = $CASRequest.ActiveSyncEnabled Permissions = @($ParsedPerms) - ProhibitSendQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendQuota -split ' GB')[0], 2) - ProhibitSendReceiveQuota = [math]::Round([float]($MailboxDetailedRequest.ProhibitSendReceiveQuota -split ' GB')[0], 2) + ProhibitSendQuota = $ProhibitSendQuota + ProhibitSendReceiveQuota = $ProhibitSendReceiveQuota ItemCount = [math]::Round($StatsRequest.ItemCount, 2) - TotalItemSize = [math]::Round($StatsRequest.TotalItemSize / 1Gb, 2) - TotalArchiveItemSize = if ($ArchiveEnabled) { [math]::Round($ArchiveSizeRequest.TotalItemSize / 1Gb, 2) } else { '0' } - TotalArchiveItemCount = if ($ArchiveEnabled) { [math]::Round($ArchiveSizeRequest.ItemCount, 2) } else { 0 } + TotalItemSize = $TotalItemSize + TotalArchiveItemSize = if ($ArchiveEnabled) { $TotalArchiveItemSize } else { '0' } + TotalArchiveItemCount = if ($ArchiveEnabled) { try { [math]::Round($ArchiveSizeRequest.ItemCount, 2) } catch { 0 } } else { 0 } BlockedForSpam = $BlockedForSpam ArchiveMailBox = $ArchiveEnabled AutoExpandingArchive = $AutoExpandingArchiveEnabled From 1f42db0bcd7b053e76ccda011617c21752b866ef Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 00:31:06 -0500 Subject: [PATCH 250/290] timer tweaks --- CIPPTimers.json | 22 ++++++++ .../Public/Get-CIPPTimerFunctions.ps1 | 53 +++++++++++++------ 2 files changed, 59 insertions(+), 16 deletions(-) diff --git a/CIPPTimers.json b/CIPPTimers.json index 9d48ebe3e9e6..12988efc9c8c 100644 --- a/CIPPTimers.json +++ b/CIPPTimers.json @@ -1,5 +1,6 @@ [ { + "Id": "c0c48d71-7918-4828-bc25-0e8c28a171a2", "Command": "Start-DurableCleanup", "Description": "Timer function to cleanup durable functions", "Cron": "0 */15 * * * *", @@ -8,6 +9,7 @@ "IsSystem": true }, { + "Id": "76dc2e2e-eb89-47f7-bd9f-8aaebfe854c7", "Command": "Start-UserTasksOrchestrator", "Description": "Orchestrator to process user scheduled tasks", "Cron": "0 */15 * * * *", @@ -16,6 +18,7 @@ "PreferredProcessor": "usertasks" }, { + "Id": "168decf3-7ddd-471e-ab46-8b40be0f18ae", "Command": "Start-CIPPProcessorQueue", "Description": "Timer to handle user initiated tasks", "Cron": "0 */15 * * * *", @@ -23,6 +26,7 @@ "RunOnProcessor": true }, { + "Id": "44a40668-ed71-403c-8c26-b32e320086ad", "Command": "Start-AuditLogOrchestrator", "Description": "Orchestrator to process audit logs", "Cron": "0 */15 * * * *", @@ -32,6 +36,7 @@ "IsSystem": true }, { + "Id": "03475c86-4314-4d7b-90f2-5a0639e3899b", "Command": "Start-AuditLogSearchCreation", "Description": "Timer to create audit log searches", "Cron": "0 */30 * * * *", @@ -41,6 +46,7 @@ "IsSystem": true }, { + "Id": "5ff6c500-e420-4a3b-8532-ace2e4da4f7d", "Command": "Start-ApplicationOrchestrator", "Description": "Orchestrator to process application uploads", "Cron": "0 0 */12 * * *", @@ -48,6 +54,7 @@ "RunOnProcessor": true }, { + "Id": "5b3bb926-d107-471e-8787-3b22b0d4dbbe", "Command": "Start-WebhookOrchestrator", "Description": "Orchestrator to process webhooks", "Cron": "0 */15 * * * *", @@ -55,6 +62,7 @@ "RunOnProcessor": true }, { + "Id": "9b0c8e50-f798-49db-9a8b-dbcc0fcadeea", "Command": "Start-StandardsOrchestrator", "Description": "Orchestrator to process standards", "Cron": "0 0 */4 * * *", @@ -63,6 +71,7 @@ "PreferredProcessor": "standards" }, { + "Id": "5113c66d-c040-42df-9565-39dff90ddd55", "Command": "Start-CIPPGraphSubscriptionCleanupTimer", "Description": "Orchestrator to cleanup old Graph subscriptions", "Cron": "0 0 0 * * *", @@ -70,6 +79,7 @@ "RunOnProcessor": true }, { + "Id": "97145a1d-28f0-4bb2-b929-5a43517d23cc", "Command": "Start-SchedulerOrchestrator", "Description": "Orchestrator to process system scheduled tasks", "Cron": "0 0 * * * *", @@ -77,6 +87,7 @@ "RunOnProcessor": true }, { + "Id": "ed7b5241-1cb9-499b-8f5b-1013ba5764b4", "Command": "Set-CIPPGDAPInviteGroups", "Description": "Orchestrator to map the groups for GDAP invites", "Cron": "0 0 */3 * * *", @@ -84,6 +95,7 @@ "RunOnProcessor": true }, { + "Id": "4ca242d0-8dc8-4256-b0ed-186599f4233f", "Command": "Start-UpdateTokensTimer", "Description": "Orchestrator to update tokens", "Cron": "0 0 0 * * 0", @@ -92,6 +104,7 @@ "IsSystem": true }, { + "Id": "ebe981b6-4417-406e-a1a5-7b8279058841", "Command": "Start-CIPPGraphSubscriptionRenewalTimer", "Description": "Orchestrator to renew Graph subscriptions", "Cron": "0 15 * * * *", @@ -100,6 +113,7 @@ "IsSystem": true }, { + "Id": "c2ebde3f-fa35-45aa-8a6b-91c835050b79", "Command": "Start-DomainOrchestrator", "Description": "Orchestrator to process domains", "Cron": "0 0 0 * * *", @@ -107,6 +121,7 @@ "RunOnProcessor": true }, { + "Id": "f82345da-e370-4b15-8167-be148cfd04af", "Command": "Get-Tenants", "Parameters": { "TriggerRefresh": true @@ -118,6 +133,7 @@ "IsSystem": true }, { + "Id": "d9ff3af4-bd34-40d6-b12a-8fa24463f331", "Command": "Start-UpdatePermissionsOrchestrator", "Description": "Orchestrator to update CPV permissions", "Cron": "0 0 0 * * *", @@ -126,6 +142,7 @@ "IsSystem": true }, { + "Id": "467787cf-01c5-4d20-8097-c2eef691a20e", "Command": "Start-BillingTimer", "Description": "Timer to process billing", "Cron": "0 0 0 * * *", @@ -133,6 +150,7 @@ "RunOnProcessor": true }, { + "Id": "80070b4f-95ed-4e5f-be4c-9e339306d4aa", "Command": "Start-BPAOrchestrator", "Description": "Orchestrator to process BPA reports", "Cron": "0 0 3 * * *", @@ -140,6 +158,7 @@ "RunOnProcessor": true }, { + "Id": "54c39540-fe91-4795-8613-ac4295751a51", "Command": "Start-ExtensionOrchestrator", "Description": "Orchestrator to process extensions", "Cron": "0 0 */2 * * *", @@ -147,6 +166,7 @@ "RunOnProcessor": true }, { + "Id": "3fb9745b-08c9-411b-bfac-dc48087489d5", "Command": "Start-CIPPStatsTimer", "Description": "Timer to process CIPP stats", "Cron": "0 0 0 * * *", @@ -155,6 +175,7 @@ "IsSystem": true }, { + "Id": "f74a4540-c811-4037-997c-0d32d7d5742f", "Command": "Start-TableCleanup", "Description": "Timer to cleanup tables", "Cron": "0 0 23 * * *", @@ -163,6 +184,7 @@ "IsSystem": true }, { + "Id": "e87db59d-3386-4a51-8274-da9aeb6793e3", "Command": "Get-Tenants", "Parameters": { "CleanOld": true diff --git a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 index f5f76439de69..997a7f213380 100644 --- a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 @@ -1,8 +1,8 @@ function Get-CIPPTimerFunctions { [CmdletBinding()] param( - [switch]$All, - [switch]$ResetToDefault + [switch]$ResetToDefault, + [switch]$ListAllTasks ) $ConfigTable = Get-CIPPTable -tablename Config @@ -23,7 +23,7 @@ function Get-CIPPTimerFunctions { $RunOnProcessor = $true if ($Config -and $Config.state -eq $true) { - if ($env:CIPP_PROCESSOR -ne 'true' -and !$All.IsPresent) { + if ($env:CIPP_PROCESSOR -ne 'true') { $RunOnProcessor = $false } } @@ -38,12 +38,29 @@ function Get-CIPPTimerFunctions { } $CIPPRoot = (Get-Item $CIPPCoreModuleRoot).Parent.Parent - $Orchestrators = Get-Content -Path $CIPPRoot\CIPPTimers.json | ConvertFrom-Json | Where-Object { $_.RunOnProcessor -eq $RunOnProcessor } | Sort-Object -Property Priority + $CippTimers = Get-Content -Path $CIPPRoot\CIPPTimers.json + if ($ListAllTasks) { + $Orchestrators = $CippTimers | ConvertFrom-Json | Sort-Object -Property Priority + } else { + $Orchestrators = $CippTimers | ConvertFrom-Json | Where-Object { $_.RunOnProcessor -eq $RunOnProcessor } | Sort-Object -Property Priority + } $Table = Get-CIPPTable -TableName 'CIPPTimers' $RunOnProcessorTxt = if ($RunOnProcessor) { 'true' } else { 'false' } - $OrchestratorStatus = Get-CIPPAzDataTableEntity @Table -Filter "RunOnProcessor eq $RunOnProcessorTxt" + if ($ListAllTasks.IsPresent) { + $OrchestratorStatus = Get-CIPPAzDataTableEntity @Table + } else { + $OrchestratorStatus = Get-CIPPAzDataTableEntity @Table -Filter "RunOnProcessor eq $RunOnProcessorTxt" + } + + Write-Host ($OrchestratorStatus | ConvertTo-Json) + + $OrchestratorStatus | Where-Object { $_.RowKey -notmatch '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' } | Select-Object ETag, PartitionKey, RowKey | ForEach-Object { + Remove-AzDataTableEntity @Table -Entity $_ -Force + } + + foreach ($Orchestrator in $Orchestrators) { - $Status = $OrchestratorStatus | Where-Object { $_.RowKey -eq $Orchestrator.Command } + $Status = $OrchestratorStatus | Where-Object { $_.RowKey -eq $Orchestrator.Id } if ($Status.Cron) { $CronString = $Status.Cron } else { @@ -59,16 +76,18 @@ function Get-CIPPTimerFunctions { continue } - if ($Orchestrator.PreferredProcessor -and $AvailableNodes -contains $Orchestrator.PreferredProcessor -and $Node -ne $Orchestrator.PreferredProcessor) { - # only run on preferred processor when available - continue - } elseif ((!$Orchestrator.PreferredProcessor -or $AvailableNodes -notcontains $Orchestrator.PreferredProcessor) -and $Node -notin ('http', 'proc')) { - # Catchall function nodes - continue + if (!$ListAllTasks.IsPresent) { + if ($Orchestrator.PreferredProcessor -and $AvailableNodes -contains $Orchestrator.PreferredProcessor -and $Node -ne $Orchestrator.PreferredProcessor) { + # only run on preferred processor when available + continue + } elseif ((!$Orchestrator.PreferredProcessor -or $AvailableNodes -notcontains $Orchestrator.PreferredProcessor) -and $Node -notin ('http', 'proc')) { + # Catchall function nodes + continue + } } $Now = Get-Date - if ($All.IsPresent) { + if ($ListAllTasks.IsPresent) { $NextOccurrence = [datetime]$Cron.GetNextOccurrence($Now) } else { $NextOccurrences = $Cron.GetNextOccurrences($Now.AddMinutes(-15), $Now.AddMinutes(15)) @@ -80,11 +99,12 @@ function Get-CIPPTimerFunctions { } if (Get-Command -Name $Orchestrator.Command -Module CIPPCore -ErrorAction SilentlyContinue) { - if ($NextOccurrence) { + if ($NextOccurrence -or $ListAllTasks.IsPresent) { if (!$Status) { $Status = [pscustomobject]@{ PartitionKey = 'Timer' - RowKey = $Orchestrator.Command + RowKey = $Orchestrator.Id + Command = $Orchestrator.Command Cron = $CronString LastOccurrence = 'Never' NextOccurrence = $NextOccurrence.ToUniversalTime() @@ -94,7 +114,7 @@ function Get-CIPPTimerFunctions { IsSystem = $Orchestrator.IsSystem ?? $false PreferredProcessor = $Orchestrator.PreferredProcessor ?? '' } - Add-CIPPAzDataTableEntity @Table -Entity $Status + Add-CIPPAzDataTableEntity @Table -Entity $Status -Force } else { if ($Orchestrator.IsSystem -eq $true -or $ResetToDefault.IsPresent) { $Status.Cron = $CronString @@ -110,6 +130,7 @@ function Get-CIPPTimerFunctions { } [PSCustomObject]@{ + Id = $Orchestrator.Id Priority = $Orchestrator.Priority Command = $Orchestrator.Command Parameters = $Orchestrator.Parameters ?? @{} From d878a7661da090d14a729e8dacb40a9968d5aff9 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 00:31:23 -0500 Subject: [PATCH 251/290] fix duplicate prop in mailbox rules --- .../CIPPCore/Public/Entrypoints/Invoke-ListMailboxRules.ps1 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxRules.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxRules.ps1 index e5bd0a1530c9..6bb9ae19db44 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxRules.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxRules.ps1 @@ -40,8 +40,7 @@ Function Invoke-ListMailboxRules { $Type = $TenantFilter } $Queue = New-CippQueueEntry -Name "Mailbox Rules ($Type)" -TotalTasks ($Tenants | Measure-Object).Count - $Batch = $Tenants | Select-Object defaultDomainName, @{Name = 'FunctionName'; Expression = { 'ListMailboxRulesQueue' } }, @{Name = 'QueueName'; Expression = { $_.defaultDomainName } }, @{Name = 'QueueId'; Expression = { $Queue.RowKey } }, @{Name = 'QueueName'; Expression = { $_.defaultDomainName } } - + $Batch = $Tenants | Select-Object defaultDomainName, @{Name = 'FunctionName'; Expression = { 'ListMailboxRulesQueue' } }, @{Name = 'QueueName'; Expression = { $_.defaultDomainName } }, @{Name = 'QueueId'; Expression = { $Queue.RowKey } } if (($Batch | Measure-Object).Count -gt 0) { $InputObject = [PSCustomObject]@{ OrchestratorName = 'ListMailboxRulesOrchestrator' From d91c4ffb91144254d6a8eb8b509abe51163eee77 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 00:36:22 -0500 Subject: [PATCH 252/290] Update Get-CIPPTimerFunctions.ps1 --- Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 | 3 --- 1 file changed, 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 index 997a7f213380..3636983235f9 100644 --- a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 @@ -52,13 +52,10 @@ function Get-CIPPTimerFunctions { $OrchestratorStatus = Get-CIPPAzDataTableEntity @Table -Filter "RunOnProcessor eq $RunOnProcessorTxt" } - Write-Host ($OrchestratorStatus | ConvertTo-Json) - $OrchestratorStatus | Where-Object { $_.RowKey -notmatch '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' } | Select-Object ETag, PartitionKey, RowKey | ForEach-Object { Remove-AzDataTableEntity @Table -Entity $_ -Force } - foreach ($Orchestrator in $Orchestrators) { $Status = $OrchestratorStatus | Where-Object { $_.RowKey -eq $Orchestrator.Id } if ($Status.Cron) { From 92e68cbdf3ef8a608af842e55d20e1080f6ef332 Mon Sep 17 00:00:00 2001 From: Esco Date: Thu, 9 Jan 2025 11:54:40 +0100 Subject: [PATCH 253/290] feat: New Global Teams Messaging Policy standard --- ...nvoke-CIPPStandardTeamsMessagingPolicy.ps1 | 76 +++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100644 Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMessagingPolicy.ps1 diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMessagingPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMessagingPolicy.ps1 new file mode 100644 index 000000000000..8a2d229288ca --- /dev/null +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMessagingPolicy.ps1 @@ -0,0 +1,76 @@ +Function Invoke-CIPPStandardTeamsMessagingPolicy { + <# + .FUNCTIONALITY + Internal + .COMPONENT + (APIName) TeamsMessagingPolicy + .NOTES + UPDATECOMMENTBLOCK + Run the Tools\Update-StandardsComments.ps1 script to update this comment block + .LINK + https://docs.cipp.app/user-documentation/tenant/standards/edit-standards + #> + ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsMessagingPolicy' + + param($Tenant, $Settings) + $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsTeamsMessagingPolicy' -CmdParams @{Identity = 'Global' } + + if ($null -eq $Settings.AllowOwnerDeleteMessage) { $Settings.AllowOwnerDeleteMessage = $CurrentState.AllowOwnerDeleteMessage } + if ($null -eq $Settings.AllowUserDeleteMessage) { $Settings.AllowUserDeleteMessage = $CurrentState.AllowUserDeleteMessage } + if ($null -eq $Settings.AllowUserEditMessage) { $Settings.AllowUserEditMessage = $CurrentState.AllowUserEditMessage } + if ($null -eq $Settings.AllowUserDeleteChat) { $Settings.AllowUserDeleteChat = $CurrentState.AllowUserDeleteChat } + if ($null -eq $Settings.ReadReceiptsEnabledType) { $Settings.ReadReceiptsEnabledType = $CurrentState.ReadReceiptsEnabledType } + if ($null -eq $Settings.CreateCustomEmojis) { $Settings.CreateCustomEmojis = $CurrentState.CreateCustomEmojis } + if ($null -eq $Settings.DeleteCustomEmojis) { $Settings.DeleteCustomEmojis = $CurrentState.DeleteCustomEmojis } + if ($null -eq $Settings.AllowSecurityEndUserReporting) { $Settings.AllowSecurityEndUserReporting = $CurrentState.AllowSecurityEndUserReporting } + if ($null -eq $Settings.AllowCommunicationComplianceEndUserReporting) { $Settings.AllowCommunicationComplianceEndUserReporting = $CurrentState.AllowCommunicationComplianceEndUserReporting } + + $StateIsCorrect = ($CurrentState.AllowOwnerDeleteMessage -eq $Settings.AllowOwnerDeleteMessage) -and + ($CurrentState.AllowUserDeleteMessage -eq $Settings.AllowUserDeleteMessage) -and + ($CurrentState.AllowUserEditMessage -eq $Settings.AllowUserEditMessage) -and + ($CurrentState.AllowUserDeleteChat -eq $Settings.AllowUserDeleteChat) -and + ($CurrentState.ReadReceiptsEnabledType -eq $Settings.ReadReceiptsEnabledType) -and + ($CurrentState.CreateCustomEmojis -eq $Settings.CreateCustomEmojis) -and + ($CurrentState.DeleteCustomEmojis -eq $Settings.DeleteCustomEmojis) -and + ($CurrentState.AllowSecurityEndUserReporting -eq $Settings.AllowSecurityEndUserReporting) -and + ($CurrentState.AllowCommunicationComplianceEndUserReporting -eq $Settings.AllowCommunicationComplianceEndUserReporting) + + if ($Settings.remediate -eq $true) { + if ($StateIsCorrect -eq $true) { + Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Global Teams Messaging policy already configured.' -sev Info + } else { + $cmdparams = @{ + Identity = 'Global' + AllowOwnerDeleteMessage = $Settings.AllowOwnerDeleteMessage + AllowUserDeleteMessage = $Settings.AllowUserDeleteMessage + AllowUserEditMessage = $Settings.AllowUserEditMessage + AllowUserDeleteChat = $Settings.AllowUserDeleteChat + ReadReceiptsEnabledType = $Settings.ReadReceiptsEnabledType + CreateCustomEmojis = $Settings.CreateCustomEmojis + DeleteCustomEmojis = $Settings.DeleteCustomEmojis + AllowSecurityEndUserReporting = $Settings.AllowSecurityEndUserReporting + AllowCommunicationComplianceEndUserReporting = $Settings.AllowCommunicationComplianceEndUserReporting + } + + try { + New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Set-CsTeamsMessagingPolicy' -CmdParams $cmdparams + Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Updated global Teams messaging policy' -sev Info + } catch { + $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message + Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to configure global Teams messaging policy." -sev Error -LogData $ErrorMessage + } + } + } + + if ($Settings.alert -eq $true) { + if ($StateIsCorrect -eq $true) { + Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Global Teams messaging policy is configured correctly.' -sev Info + } else { + Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Global Teams messaging policy is not configured correctly.' -sev Alert + } + } + + if ($Setings.report -eq $true) { + Add-CIPPBPAField -FieldName 'TeamsMessagingPolicy' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant + } +} From 9b53985b8bb34c59dc1f7bfc84a1dca1654b30a4 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 10 Jan 2025 11:54:13 +0100 Subject: [PATCH 254/290] fix ip whitelist all tenants --- Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 b/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 index a5ec7280cc4f..e820377bd909 100644 --- a/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 +++ b/Modules/CIPPCore/Public/Webhooks/Test-CIPPAuditLogRules.ps1 @@ -92,7 +92,7 @@ function Test-CIPPAuditLogRules { $Data.clientip = $Data.clientip -replace ':\d+$', '' # Remove the port number if present } # Check if IP is on trusted IP list - $TrustedIP = Get-CIPPAzDataTableEntity @TrustedIPTable -Filter "PartitionKey eq '$TenantFilter' and RowKey eq '$($Data.clientip)' and state eq 'Trusted'" + $TrustedIP = Get-CIPPAzDataTableEntity @TrustedIPTable -Filter "((PartitionKey eq '$TenantFilter') or (PartitionKey eq 'AllTenants')) and RowKey eq '$($Data.clientip)' and state eq 'Trusted'" if ($TrustedIP) { #write-warning "IP $($Data.clientip) is trusted" $Trusted = $true From 1d659fe73962212623fcd42e063e9cc4368d1621 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 10 Jan 2025 12:33:36 +0100 Subject: [PATCH 255/290] removing testing workflows --- .github/workflows/dev_cipp4i6t3.yml | 30 -------------- .github/workflows/dev_cippkkxvm.yml | 30 -------------- .github/workflows/dev_cippkwn4s-auditlog.yml | 30 -------------- .github/workflows/dev_cippkwn4s.yml | 39 ------------------- .github/workflows/dev_cipplwwww-proc.yml | 30 -------------- .github/workflows/dev_cipplwwww.yml | 30 -------------- .../workflows/interface-rewrite_cippjta72.yml | 30 -------------- .../workflows/interface-rewrite_cipptulwz.yml | 30 -------------- .../workflows/interface-rewrite_cippufcig.yml | 30 -------------- .../Public/Set-CIPPCopyGroupMembers.ps1 | 2 +- 10 files changed, 1 insertion(+), 280 deletions(-) delete mode 100644 .github/workflows/dev_cipp4i6t3.yml delete mode 100644 .github/workflows/dev_cippkkxvm.yml delete mode 100644 .github/workflows/dev_cippkwn4s-auditlog.yml delete mode 100644 .github/workflows/dev_cippkwn4s.yml delete mode 100644 .github/workflows/dev_cipplwwww-proc.yml delete mode 100644 .github/workflows/dev_cipplwwww.yml delete mode 100644 .github/workflows/interface-rewrite_cippjta72.yml delete mode 100644 .github/workflows/interface-rewrite_cipptulwz.yml delete mode 100644 .github/workflows/interface-rewrite_cippufcig.yml diff --git a/.github/workflows/dev_cipp4i6t3.yml b/.github/workflows/dev_cipp4i6t3.yml deleted file mode 100644 index 88825a14b52c..000000000000 --- a/.github/workflows/dev_cipp4i6t3.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cipp4i6t3 - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cipp4i6t3' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_9D257A31ACA24925A112AF5FFC2BEAFE }} \ No newline at end of file diff --git a/.github/workflows/dev_cippkkxvm.yml b/.github/workflows/dev_cippkkxvm.yml deleted file mode 100644 index 665a3bcf8afa..000000000000 --- a/.github/workflows/dev_cippkkxvm.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippkkxvm - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippkkxvm' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_171C3E2B1E2346AAA333905DFCA62F2D }} \ No newline at end of file diff --git a/.github/workflows/dev_cippkwn4s-auditlog.yml b/.github/workflows/dev_cippkwn4s-auditlog.yml deleted file mode 100644 index b27c1832c8c6..000000000000 --- a/.github/workflows/dev_cippkwn4s-auditlog.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippkwn4s-auditlog - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippkwn4s-auditlog' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_4CBFBE8BE62240D789C371767B49278E }} \ No newline at end of file diff --git a/.github/workflows/dev_cippkwn4s.yml b/.github/workflows/dev_cippkwn4s.yml deleted file mode 100644 index f45e9d0712fd..000000000000 --- a/.github/workflows/dev_cippkwn4s.yml +++ /dev/null @@ -1,39 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippkwn4s - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - permissions: - id-token: write #This is required for requesting the JWT - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: Login to Azure - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID_B6BCC8886F40482FB8B43907FCDA6596 }} - tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID_0D1C65B9099F48FABDF7F7052EA6887F }} - subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_76518AE5ECB34375A414DEEE1119C161 }} - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippkwn4s' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - \ No newline at end of file diff --git a/.github/workflows/dev_cipplwwww-proc.yml b/.github/workflows/dev_cipplwwww-proc.yml deleted file mode 100644 index d5f9c210f7e0..000000000000 --- a/.github/workflows/dev_cipplwwww-proc.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cipplwwww-proc - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cipplwwww-proc' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_B8CE64E970E74E6AB2D6655823D95B1A }} \ No newline at end of file diff --git a/.github/workflows/dev_cipplwwww.yml b/.github/workflows/dev_cipplwwww.yml deleted file mode 100644 index 7fe7c6279bb1..000000000000 --- a/.github/workflows/dev_cipplwwww.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cipplwwww - -on: - push: - branches: - - dev - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cipplwwww' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_00A9A6DFE9244C2EA8952190FFF10F45 }} \ No newline at end of file diff --git a/.github/workflows/interface-rewrite_cippjta72.yml b/.github/workflows/interface-rewrite_cippjta72.yml deleted file mode 100644 index d4405b6f6d3f..000000000000 --- a/.github/workflows/interface-rewrite_cippjta72.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippjta72 - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippjta72' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_6472818415124CAB84BCDF49D430C471 }} \ No newline at end of file diff --git a/.github/workflows/interface-rewrite_cipptulwz.yml b/.github/workflows/interface-rewrite_cipptulwz.yml deleted file mode 100644 index 0193890aa5d0..000000000000 --- a/.github/workflows/interface-rewrite_cipptulwz.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cipptulwz - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cipptulwz' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_8DF25C53CFA64C388F9B6AC94A9780B9 }} \ No newline at end of file diff --git a/.github/workflows/interface-rewrite_cippufcig.yml b/.github/workflows/interface-rewrite_cippufcig.yml deleted file mode 100644 index d047147ad74d..000000000000 --- a/.github/workflows/interface-rewrite_cippufcig.yml +++ /dev/null @@ -1,30 +0,0 @@ -# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action -# More GitHub Actions for Azure: https://github.com/Azure/actions - -name: Build and deploy Powershell project to Azure Function App - cippufcig - -on: - push: - branches: - - interface-rewrite - workflow_dispatch: - -env: - AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - -jobs: - deploy: - runs-on: windows-latest - - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v4 - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: 'cippufcig' - slot-name: 'Production' - package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} - publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_5A94D19FE6B44070B777EDECF3EF5BFE }} \ No newline at end of file diff --git a/Modules/CIPPCore/Public/Set-CIPPCopyGroupMembers.ps1 b/Modules/CIPPCore/Public/Set-CIPPCopyGroupMembers.ps1 index 7711dd0c7f26..550c9400f551 100644 --- a/Modules/CIPPCore/Public/Set-CIPPCopyGroupMembers.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPCopyGroupMembers.ps1 @@ -103,5 +103,5 @@ function Set-CIPPCopyGroupMembers { 'Error' = $Errors } - return $Results + return @($Results) } From ea7c1b59b0b174cf13eff4d503e023b88fb59bfd Mon Sep 17 00:00:00 2001 From: Esco Date: Fri, 10 Jan 2025 14:01:45 +0100 Subject: [PATCH 256/290] fix: $env:TenantID case sensitivity --- .../HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 | 4 ++-- .../CIPP/Settings/Invoke-ExecCPVPermissions.ps1 | 4 ++-- Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 index 05454c56aefb..84de0b74395a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphRequest.ps1 @@ -18,11 +18,11 @@ function Invoke-ListGraphRequest { $Parameters = @{} if ($Request.Query.'$filter') { - $Parameters.'$filter' = $Request.Query.'$filter' -replace '%tenantid%', $env:TenantId + $Parameters.'$filter' = $Request.Query.'$filter' -replace '%tenantid%', $env:TenantID } if (!$Request.Query.'$filter' -and $Request.Query.graphFilter) { - $Parameters.'$filter' = $Request.Query.graphFilter -replace '%tenantid%', $env:TenantId + $Parameters.'$filter' = $Request.Query.graphFilter -replace '%tenantid%', $env:TenantID } if ($Request.Query.'$select') { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 index 6e63583e4882..11fbdb4022bd 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 @@ -29,7 +29,7 @@ Function Invoke-ExecCPVPermissions { } $GraphRequest = try { - if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { + if ($TenantFilter -notin @('PartnerTenant', $env:TenantID)) { Set-CIPPCPVConsent @CPVConsentParams } else { $TenantFilter = $env:TenantID @@ -40,7 +40,7 @@ Function Invoke-ExecCPVPermissions { } Add-CIPPApplicationPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter Add-CIPPDelegatedPermission -RequiredResourceAccess 'CIPPDefaults' -ApplicationId $ENV:ApplicationID -tenantfilter $TenantFilter - if ($TenantFilter -notin @('PartnerTenant', $env:TenantId)) { + if ($TenantFilter -notin @('PartnerTenant', $env:TenantID)) { Set-CIPPSAMAdminRoles -TenantFilter $TenantFilter } $Success = $true diff --git a/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 b/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 index 1d3459ed4506..38aa26b88cf8 100644 --- a/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 +++ b/Modules/CippExtensions/Public/HIBP/Get-HIBPAuth.ps1 @@ -9,7 +9,7 @@ function Get-HIBPAuth { } return @{ - 'User-Agent' = "CIPP-$($ENV:TenantId)" + 'User-Agent' = "CIPP-$($ENV:TenantID)" 'Accept' = 'application/json' 'api-version' = '3' 'hibp-api-key' = $Secret From 00bf71504abf92d8b245215ae3c2aa5535488182 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 08:08:17 -0500 Subject: [PATCH 257/290] Update CippEntrypoints.psm1 --- Modules/CippEntrypoints/CippEntrypoints.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CippEntrypoints/CippEntrypoints.psm1 b/Modules/CippEntrypoints/CippEntrypoints.psm1 index db0c8577e388..e7de51d858a7 100644 --- a/Modules/CippEntrypoints/CippEntrypoints.psm1 +++ b/Modules/CippEntrypoints/CippEntrypoints.psm1 @@ -208,7 +208,7 @@ function Receive-CIPPTimerTrigger { foreach ($Function in $Functions) { Write-Information "CIPPTimer: $($Function.Command) - $($Function.Cron)" - $FunctionStatus = $Statuses | Where-Object { $_.RowKey -eq $Function.Command } + $FunctionStatus = $Statuses | Where-Object { $_.RowKey -eq $Function.Id } if ($FunctionStatus.OrchestratorId) { $FunctionName = $env:WEBSITE_SITE_NAME $InstancesTable = Get-CippTable -TableName ('{0}Instances' -f ($FunctionName -replace '-', '')) From 43ff4ab9625b3b6e7a9268f4cf8d488ac953fc78 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Fri, 10 Jan 2025 14:47:34 +0100 Subject: [PATCH 258/290] up versions --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index 66d7502ec601..9fe9ff9d996b 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.0-rc3 \ No newline at end of file +7.0.1 From 1db622d2cb260cf585dbd489852b8069cd496f14 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 09:19:47 -0500 Subject: [PATCH 259/290] Create publish_release.yml --- .github/workflows/publish_release.yml | 93 +++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 .github/workflows/publish_release.yml diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml new file mode 100644 index 000000000000..07063e89f9ff --- /dev/null +++ b/.github/workflows/publish_release.yml @@ -0,0 +1,93 @@ +name: Generate Release Notes and Upload Production to Azure + +on: + push: + branches: + - master + +permissions: + contents: write + +jobs: + release: + if: github.event.repository.fork == false && github.event_name == 'push' + name: Generate Release Notes and Upload to Azure + runs-on: ubuntu-latest + + steps: + # Checkout the repository + - name: Checkout Code + uses: actions/checkout@v3 + + # Read and Trim Version + - name: Read and Trim Version + id: get_version + run: | + if [ ! -f version_latest.txt ]; then + echo "Error: version_latest.txt not found!" + exit 1 + fi + VERSION=$(cat version_latest.txt | tr -d '[:space:]') + if [ -z "$VERSION" ]; then + echo "Error: version_latest.txt is empty after trimming!" + exit 1 + fi + echo "version=$VERSION" >> $GITHUB_OUTPUT + + # Exit if Tag Already Exists + - name: Check if Tag Exists + id: tag_check + run: | + git fetch --tags + if git rev-parse "refs/tags/${{ steps.get_version.outputs.version }}" >/dev/null 2>&1; then + echo "tag_exists=true" >> $GITHUB_ENV + echo "Tag ${{ steps.get_version.outputs.version }} already exists. Exiting workflow successfully." + else + echo "tag_exists=false" >> $GITHUB_ENV + fi + + # Generate Release Notes + - name: Generate Release Notes + id: changelog + if: env.tag_exists == 'false' + uses: mikepenz/release-changelog-builder-action@v5.0.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Create a new release tag + - name: Create GitHub Release + if: env.tag_exists == 'false' + uses: ncipollo/release-action@v1.14.0 + with: + tag: ${{ steps.get_version.outputs.version }} + name: "v${{ steps.get_version.outputs.version }}" + draft: false + prerelease: true + body: ${{ steps.changelog.outputs.changelog }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Create ZIP File in a New Source Directory + - name: Prepare and Zip Release Files + if: env.tag_exists == 'false' + run: | + mkdir -p src/releases + zip -r src/releases/release_${{ steps.get_version.outputs.version }}.zip . \ + --exclude "./src/releases/*" \ + --exclude ".*" \ + --exclude ".*/**" + zip -r src/releases/latest.zip . \ + --exclude "./src/releases/*" \ + --exclude ".*" \ + --exclude ".*/**" + + # Upload to Azure Blob Storage + - name: Azure Blob Upload with Destination folder defined + if: env.tag_exists == 'false' + uses: LanceMcCarthy/Action-AzureBlobUpload@v3.3.0 + with: + connection_string: ${{ secrets.AZURE_CONNECTION_STRING }} + container_name: cipp-api + source_folder: src/releases/ + destination_folder: / + delete_if_exists: true \ No newline at end of file From 408ea056a4e855181cffc231f95a5f21329fa065 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 09:24:10 -0500 Subject: [PATCH 260/290] Update publish_release.yml --- .github/workflows/publish_release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index 07063e89f9ff..8be4c1727f85 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -62,7 +62,7 @@ jobs: tag: ${{ steps.get_version.outputs.version }} name: "v${{ steps.get_version.outputs.version }}" draft: false - prerelease: true + prerelease: false body: ${{ steps.changelog.outputs.changelog }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 698acced6f7764c55c0e3616d316f65bd41dbb6e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 09:31:23 -0500 Subject: [PATCH 261/290] Update Assert-CippVersion.ps1 --- Modules/CIPPCore/Public/Assert-CippVersion.ps1 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Assert-CippVersion.ps1 b/Modules/CIPPCore/Public/Assert-CippVersion.ps1 index 6642364a0a23..ac61237dcb60 100644 --- a/Modules/CIPPCore/Public/Assert-CippVersion.ps1 +++ b/Modules/CIPPCore/Public/Assert-CippVersion.ps1 @@ -14,8 +14,7 @@ function Assert-CippVersion { $APIVersion = (Get-Content 'version_latest.txt' -Raw).trim() $RemoteAPIVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP-API/master/version_latest.txt').trim() - $RemoteCIPPVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP/main/public/version_latest.txt').trim() - + $RemoteCIPPVersion = (Invoke-RestMethod -Uri 'https://raw.githubusercontent.com/KelvinTegelaar/CIPP/main/public/version.json').version [PSCustomObject]@{ LocalCIPPVersion = $CIPPVersion From 6edfd038434514e09d0926dd5f25f6394cdbcf29 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 09:35:17 -0500 Subject: [PATCH 262/290] tweak workflow --- .github/workflows/publish_release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish_release.yml b/.github/workflows/publish_release.yml index 8be4c1727f85..b1a2146b9fad 100644 --- a/.github/workflows/publish_release.yml +++ b/.github/workflows/publish_release.yml @@ -63,6 +63,7 @@ jobs: name: "v${{ steps.get_version.outputs.version }}" draft: false prerelease: false + makeLatest: true body: ${{ steps.changelog.outputs.changelog }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From ff2bde373b97d8dc378d8f52c82644fc4d151395 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 11:09:50 -0500 Subject: [PATCH 263/290] fix utc issue --- Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 index bb353e2f389b..bc9418ce3c6f 100644 --- a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 @@ -133,7 +133,7 @@ function Get-CIPPTimerFunctions { Parameters = $Orchestrator.Parameters ?? @{} Cron = $CronString NextOccurrence = $NextOccurrence.ToUniversalTime() - LastOccurrence = $Status.LastOccurrence.DateTime + LastOccurrence = $Status.LastOccurrence Status = $Status.Status OrchestratorId = $Status.OrchestratorId RunOnProcessor = $Orchestrator.RunOnProcessor From 06bd13308abd7586ffa257bb5eb1884ff9383931 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 10 Jan 2025 14:23:15 -0500 Subject: [PATCH 264/290] Add error message to timers Add default success output if no data in results --- .../HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 | 3 +++ Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 | 1 + 2 files changed, 4 insertions(+) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 index 610b77f5ecae..a7f4e599579b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecCippFunction.ps1 @@ -28,6 +28,9 @@ function Invoke-ExecCippFunction { if (Get-Command -Module CIPPCore -Name $Function -and $BlockList -notcontains $Function) { try { $Results = & $Function @Params + if (!$Results) { + $Results = "Function $Function executed successfully" + } $StatusCode = [HttpStatusCode]::OK } catch { $Results = $_.Exception.Message diff --git a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 index bc9418ce3c6f..c17c4dd61100 100644 --- a/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 +++ b/Modules/CIPPCore/Public/Get-CIPPTimerFunctions.ps1 @@ -139,6 +139,7 @@ function Get-CIPPTimerFunctions { RunOnProcessor = $Orchestrator.RunOnProcessor IsSystem = $Orchestrator.IsSystem ?? $false PreferredProcessor = $Orchestrator.PreferredProcessor ?? '' + ErrorMsg = $Status.ErrorMsg ?? '' } } } else { From b908165c4b74e57f500b5c4aea36de6880a5ae15 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sat, 11 Jan 2025 02:58:14 +0100 Subject: [PATCH 265/290] Add or update the Azure App Service build and deployment workflow config --- .github/workflows/dev_cipppwrro.yml | 30 +++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/dev_cipppwrro.yml diff --git a/.github/workflows/dev_cipppwrro.yml b/.github/workflows/dev_cipppwrro.yml new file mode 100644 index 000000000000..a62bd3026748 --- /dev/null +++ b/.github/workflows/dev_cipppwrro.yml @@ -0,0 +1,30 @@ +# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action +# More GitHub Actions for Azure: https://github.com/Azure/actions + +name: Build and deploy Powershell project to Azure Function App - cipppwrro + +on: + push: + branches: + - dev + workflow_dispatch: + +env: + AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + +jobs: + deploy: + runs-on: windows-latest + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v4 + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: 'cipppwrro' + slot-name: 'Production' + package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} + publish-profile: ${{ secrets.AZUREAPPSERVICE_PUBLISHPROFILE_D5D7DFF930C04B519206F25DDCD88324 }} \ No newline at end of file From fe1c0c778f3c324d0dca9825b1a2b7006f3f9aed Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sat, 11 Jan 2025 14:06:58 -0500 Subject: [PATCH 266/290] intune templates --- .../Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 | 6 +++--- .../Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 index 78b33ab7058f..884688b42915 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 @@ -38,9 +38,9 @@ Function Invoke-AddIntuneTemplate { $body = [pscustomobject]@{'Results' = 'Successfully added template' } } else { - $TenantFilter = $Request.Query.tenantFilter - $URLName = $Request.Query.URLName - $ID = $Request.Query.id + $TenantFilter = $Request.Body.tenantFilter ?? $Request.Query.tenantFilter + $URLName = $Request.Body.URLName ?? $Request.Query.URLName + $ID = $Request.Body.ID ?? $Request.Query.ID $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName $URLName -ID $ID Write-Host "Template: $Template" $object = [PSCustomObject]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 index 81d9c096811e..37ee1c5bc2a3 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListIntuneTemplates.ps1 @@ -41,7 +41,7 @@ Function Invoke-ListIntuneTemplates { $data | Add-Member -NotePropertyName 'displayName' -NotePropertyValue $_.Displayname -Force $data | Add-Member -NotePropertyName 'description' -NotePropertyValue $_.Description -Force $data | Add-Member -NotePropertyName 'Type' -NotePropertyValue $_.Type -Force - $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $_.GUID -Force + $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $_.RowKey -Force $data } | Sort-Object -Property displayName } From eec98f1e656db4d936009eecd0445e670d2ddfc4 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 12 Jan 2025 19:00:39 +0100 Subject: [PATCH 267/290] corrected tenantId --- .../{Get-CippBreachAlert.ps1 => Get-CippAlertBreachAlert.ps1} | 2 +- .../Identity/Administration/Users/Invoke-AddGuest.ps1 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) rename Modules/CIPPCore/Public/Alerts/{Get-CippBreachAlert.ps1 => Get-CippAlertBreachAlert.ps1} (93%) diff --git a/Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CippAlertBreachAlert.ps1 similarity index 93% rename from Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 rename to Modules/CIPPCore/Public/Alerts/Get-CippAlertBreachAlert.ps1 index 317e66187820..cd599c6b51d0 100644 --- a/Modules/CIPPCore/Public/Alerts/Get-CippBreachAlert.ps1 +++ b/Modules/CIPPCore/Public/Alerts/Get-CippAlertBreachAlert.ps1 @@ -1,5 +1,5 @@ -function Get-CippBreachAlert { +function Get-CippAlertBreachAlert { <# .FUNCTIONALITY Entrypoint diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 index c78990b7576d..440d8c3d2865 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-AddGuest.ps1 @@ -34,7 +34,7 @@ Function Invoke-AddGuest { } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress - $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/invitations' -tenantFilter $Userobj.tenantFilter -type POST -body $BodyToship -verbose + $GraphRequest = New-GraphPostRequest -uri 'https://graph.microsoft.com/beta/invitations' -tenantid $Userobj.tenantFilter -type POST -body $BodyToship -verbose if ($Userobj.sendInvite -eq 'true') { $results.add('Invited Guest. Invite Email sent') Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($userobj.tenantFilter) -message "Invited Guest $($userobj.displayname) with Email Invite " -Sev 'Info' From ba93a8ac6260f3fe2798d3478038eed0280122cc Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 12 Jan 2025 14:28:02 -0500 Subject: [PATCH 268/290] fix auth checks update partner mode to force refresh of tenant list --- .../CIPP/Settings/Invoke-ExecPartnerMode.ps1 | 11 +++++++++++ .../GraphHelper/Get-AuthorisedRequest.ps1 | 6 +++--- .../Public/GraphHelper/Get-Tenants.ps1 | 2 +- .../Public/GraphHelper/New-GraphGetRequest.ps1 | 18 ++++++++++-------- 4 files changed, 25 insertions(+), 12 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 index eb2de4bcec39..75605662298d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecPartnerMode.ps1 @@ -35,6 +35,17 @@ Function Invoke-ExecPartnerMode { } catch { } } + } elseif ($Request.Body.TenantMode -eq 'PartnerTenantAvailable') { + $InputObject = [PSCustomObject]@{ + Batch = @( + @{ + FunctionName = 'UpdateTenants' + } + ) + OrchestratorName = 'UpdateTenants' + SkipLog = $true + } + Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Compress -Depth 5) } Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 index abff987449da..15ae8b23dc70 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-AuthorisedRequest.ps1 @@ -12,13 +12,13 @@ function Get-AuthorisedRequest { if (!$TenantID) { $TenantID = $env:TenantID } + if ($Uri -like 'https://graph.microsoft.com/beta/contracts*' -or $Uri -like '*/customers/*' -or $Uri -eq 'https://graph.microsoft.com/v1.0/me/sendMail' -or $Uri -like '*/tenantRelationships/*' -or $Uri -like '*/security/partner/*') { return $true } - $Tenants = Get-Tenants -IncludeErrors - $SkipList = Get-Tenants -SkipList + $Tenant = Get-Tenants -TenantFilter $TenantID | Where-Object { $_.Excluded -eq $false } - if (($SkipList.customerId -notcontains $TenantID -and $SkipList.defaultDomainName -notcontains $TenantID) -or (($Tenants.customerId -contains $TenantID -or $Tenants.defaultDomainName -contains $TenantID) -and $TenantID -ne $env:TenantID)) { + if ($Tenant) { return $true } else { return $false diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index b152e381b044..4774292f150d 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -50,7 +50,7 @@ function Get-Tenants { $IncludedTenantsCache = Get-CIPPAzDataTableEntity @TenantsTable -Filter $Filter - if (($IncludedTenantsCache | Measure-Object).Count -eq 0) { + if (($IncludedTenantsCache | Measure-Object).Count -eq 0 -and $TenantFilter -ne $env:TenantID) { $BuildRequired = $true } diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index 3d344d2afff5..b399d43038ca 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -3,21 +3,23 @@ function New-GraphGetRequest { .FUNCTIONALITY Internal #> + [CmdletBinding()] Param( - $uri, - $tenantid, - $scope, - $AsApp, - $noPagination, - $NoAuthCheck, - $skipTokenCache, + [string]$uri, + [string]$tenantid, + [string]$scope, + [bool]$AsApp, + [bool]$noPagination, + [bool]$NoAuthCheck, + [bool]$skipTokenCache, $Caller, [switch]$ComplexFilter, [switch]$CountOnly, [switch]$IncludeResponseHeaders ) + $IsAuthorised = Get-AuthorisedRequest -Uri $uri -TenantID $tenantid - if ($NoAuthCheck -or (Get-AuthorisedRequest -Uri $uri -TenantID $tenantid)) { + if ($NoAuthCheck -eq $true -or $IsAuthorised) { if ($scope -eq 'ExchangeOnline') { $AccessToken = Get-ClassicAPIToken -resource 'https://outlook.office365.com' -Tenantid $tenantid $headers = @{ Authorization = "Bearer $($AccessToken.access_token)" } From 7997ee59d23721d4c9273a06981b59b97423c2ca Mon Sep 17 00:00:00 2001 From: John Duprey Date: Sun, 12 Jan 2025 14:39:41 -0500 Subject: [PATCH 269/290] add body support --- .../Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 | 7 ++----- .../Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 | 7 ++----- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 index f57c65330f6f..6ef66517cef1 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecAutoExtendGDAP.ps1 @@ -10,11 +10,8 @@ Function Invoke-ExecAutoExtendGDAP { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - # Interact with query parameters or the body of the request. - $Results = Set-CIPPGDAPAutoExtend -RelationShipid $Request.query.ID + $Id = $Request.query.ID ?? $Request.Body.ID + $Results = Set-CIPPGDAPAutoExtend -RelationShipid $Id # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 index c6a60971f1c6..6a41ac39fb5f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRemoveGArole.ps1 @@ -9,10 +9,7 @@ Function Invoke-ExecGDAPRemoveGArole { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - - $GDAPID = $request.query.GDAPId + $GDAPID = $request.query.GDAPId ?? $request.Body.GDAPId try { $CheckActive = New-GraphGetRequest -NoAuthCheck $True -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$($GDAPID)" -tenantid $env:TenantID @@ -36,7 +33,7 @@ Function Invoke-ExecGDAPRemoveGArole { $Message = "Relationship status is currently $($CheckActive.status), it is not possible to remove the Global Administrator role in this state." } if ('62e90394-69f5-4237-9190-012177145e10' -notin $CheckActive.accessDetails.unifiedRoles.roleDefinitionId) { - $Message = "This relationship does not contain the Global Administrator role." + $Message = 'This relationship does not contain the Global Administrator role.' } } } catch { From 1879b57a0381ad6390f9ceac9df15c3f146ac472 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Sun, 12 Jan 2025 20:49:32 +0100 Subject: [PATCH 270/290] force arr --- .../Tenant/Standards/Invoke-ExecStandardConvert.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 index fcd857a348d2..659ca385d93b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-ExecStandardConvert.ps1 @@ -162,7 +162,7 @@ function Invoke-ExecStandardConvert { if ($Tenant -eq 'AllTenants' -and $Excluded) { $ExcludedArr = $Excluded | ForEach-Object { $_ } - $NewTemplate | Add-Member -NotePropertyName 'excludedTenants' -NotePropertyValue $ExcludedArr -Force + $NewTemplate | Add-Member -NotePropertyName 'excludedTenants' -NotePropertyValue @($ExcludedArr) -Force } return $NewTemplate From 6d7962fe7c6e688e28ecfab6c06b29e12db722a3 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Mon, 13 Jan 2025 10:32:34 +0100 Subject: [PATCH 271/290] version up --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index 9fe9ff9d996b..a8907c025d5f 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.1 +7.0.2 From 69681b84df4975d8e988e74f899890fd47eb72b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Tue, 14 Jan 2025 14:31:13 +0100 Subject: [PATCH 272/290] Update Compliance Portal link to Purview in Invoke-NinjaOneTenantSync function --- .../Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 index 194ef0317290..696190855327 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Invoke-NinjaOneTenantSync.ps1 @@ -1748,7 +1748,7 @@ function Invoke-NinjaOneTenantSync { }, @{ Name = 'Compliance Portal' - Link = "https://compliance.microsoft.com/?tid=$($Customer.CustomerId)" + Link = "https://purview.microsoft.com/?tid=$($Customer.CustomerId)" Icon = 'fas fa-user-shield' }, @{ From 8c50115bd60325471c72184deb64d4d4ebc52cf6 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 14 Jan 2025 12:54:36 -0500 Subject: [PATCH 273/290] Change NoAuthCheck to default $false --- Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index b399d43038ca..7d8d3ff3ad99 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -10,7 +10,7 @@ function New-GraphGetRequest { [string]$scope, [bool]$AsApp, [bool]$noPagination, - [bool]$NoAuthCheck, + $NoAuthCheck = $false, [bool]$skipTokenCache, $Caller, [switch]$ComplexFilter, From a75a37a6c1cc521172e0b2f02e48f906570a41e6 Mon Sep 17 00:00:00 2001 From: Esco Date: Tue, 14 Jan 2025 15:05:14 +0100 Subject: [PATCH 274/290] fix: repair Quarantine Management --- .../Invoke-ExecQuarantineManagement.ps1 | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecQuarantineManagement.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecQuarantineManagement.ps1 index e22301a7629c..893302ffb327 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecQuarantineManagement.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecQuarantineManagement.ps1 @@ -11,7 +11,7 @@ Function Invoke-ExecQuarantineManagement { param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + Write-LogMessage -user $Request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' # Write to the Azure Functions log stream. @@ -20,19 +20,19 @@ Function Invoke-ExecQuarantineManagement { # Interact with query parameters or the body of the request. Try { - $tenantfilter = $Request.Query.TenantFilter + $TenantFilter = $Request.Body.tenantFilter $params = @{ - Identity = $request.query.ID - AllowSender = [boolean]$Request.query.AllowSender - ReleasetoAll = [boolean]$Request.query.type - ActionType = $Request.query.type + Identity = $Request.Body.Identity + AllowSender = [boolean]$Request.Body.AllowSender + ReleaseToAll = [boolean]$Request.Body.Type + ActionType = $Request.Body.Type } - Write-Host $params + New-ExoRequest -tenantid $TenantFilter -cmdlet 'Release-QuarantineMessage' -cmdParams $Params - $Results = [pscustomobject]@{'Results' = "Successfully processed $($request.query.ID)" } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "$($request.query.id)" -Sev 'Info' + $Results = [pscustomobject]@{'Results' = "Successfully processed $($Request.Body.Identity)" } + Write-LogMessage -user $Request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantFilter -message "Successfully processed Quarantine ID $($Request.Body.Identity)" -Sev 'Info' } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $($tenantfilter) -message "Quarantine Management failed: $($_.Exception.Message)" -Sev 'Error' + Write-LogMessage -user $Request.headers.'x-ms-client-principal' -API $APINAME -tenant $TenantFilter -message "Quarantine Management failed: $($_.Exception.Message)" -Sev 'Error' -LogData $_ $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" } } # Associate values to output bindings by calling 'Push-OutputBinding'. From 1d09cd465ed23ca5fe7e999745a131a0efec78ae Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Tue, 14 Jan 2025 19:15:54 +0100 Subject: [PATCH 275/290] upped versions --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index a8907c025d5f..a50da181e9bd 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.2 +7.0.3 From ed9814eefa669e9b04bd3bd4609b848f1ad8341c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Wed, 15 Jan 2025 17:49:37 +0100 Subject: [PATCH 276/290] Add better error logging --- Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 b/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 index 9ba2a77b3731..029310ad772c 100644 --- a/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPUserLicense.ps1 @@ -27,10 +27,11 @@ function Set-CIPPUserLicense { Write-Host "License body JSON: $LicenseBodyJson" try { - $LicRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$UserId/assignLicense" -tenantid $TenantFilter -type POST -body $LicenseBodyJson -Verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$UserId/assignLicense" -tenantid $TenantFilter -type POST -body $LicenseBodyJson -Verbose } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $TenantFilter -message "Failed to assign the license. Error: $_" -Sev 'Error' - throw "Failed to assign the license. $_" + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $TenantFilter -message "Failed to assign the license. Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + throw "Failed to assign the license. $($ErrorMessage.NormalizedError)" } Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $TenantFilter -message "Assigned licenses to user $UserId. Added: $AddLicenses; Removed: $RemoveLicenses" -Sev 'Info' From 9203439f63c85778c7d2bafa1481222e01fca3d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Wed, 15 Jan 2025 17:50:13 +0100 Subject: [PATCH 277/290] Standardize formatting, better error logging and support changing the otherMails attribute --- .../Administration/Users/Invoke-EditUser.ps1 | 103 ++++++++++-------- 1 file changed, 55 insertions(+), 48 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 index 8e981516f69c..557bd03a7f6c 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 @@ -10,8 +10,9 @@ Function Invoke-EditUser { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $ApiName = $TriggerMetadata.FunctionName + $User = $Request.headers.'x-ms-client-principal' + Write-LogMessage -user $User -API $ApiName -message 'Accessed this API' -Sev 'Debug' $UserObj = $Request.body if ($UserObj.id -eq '') { @@ -33,51 +34,53 @@ Function Invoke-EditUser { #Edit the user try { Write-Host "$([boolean]$UserObj.mustchangepass)" - $UserprincipalName = "$($UserObj.Username ? $userobj.username :$userobj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain.value)" + $UserPrincipalName = "$($UserObj.Username ? $UserObj.username :$UserObj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain.value)" $BodyToship = [pscustomobject] @{ - 'givenName' = $UserObj.givenname + 'givenName' = $UserObj.givenName 'surname' = $UserObj.surname 'accountEnabled' = $true 'displayName' = $UserObj.displayName 'department' = $UserObj.Department - 'mailNickname' = $UserObj.Username ? $userobj.username :$userobj.mailNickname - 'userPrincipalName' = $UserprincipalName + 'mailNickname' = $UserObj.Username ? $UserObj.username :$UserObj.mailNickname + 'userPrincipalName' = $UserPrincipalName 'usageLocation' = $UserObj.usageLocation.value ? $UserObj.usageLocation.value : $UserObj.usageLocation 'city' = $UserObj.City 'country' = $UserObj.Country - 'jobtitle' = $UserObj.Jobtitle + 'jobTitle' = $UserObj.jobTitle 'mobilePhone' = $UserObj.MobilePhone 'streetAddress' = $UserObj.streetAddress 'postalCode' = $UserObj.PostalCode 'companyName' = $UserObj.CompanyName + 'otherMails' = @($UserObj.otherMails) 'passwordProfile' = @{ 'forceChangePasswordNextSignIn' = [bool]$UserObj.MustChangePass } } | ForEach-Object { - $NonEmptyProperties = $_.psobject.Properties | Select-Object -ExpandProperty Name + $NonEmptyProperties = $_.PSObject.Properties | Select-Object -ExpandProperty Name $_ | Select-Object -Property $NonEmptyProperties } if ($UserObj.addedAttributes) { Write-Host 'Found added attribute' Write-Host "Added attributes: $($UserObj.addedAttributes | ConvertTo-Json)" - $UserObj.addedAttributes.getenumerator() | ForEach-Object { - $results.add("Edited property $($_.Key) with value $($_.Value)") + $UserObj.addedAttributes.GetEnumerator() | ForEach-Object { + $results.Add("Edited property $($_.Key) with value $($_.Value)") $bodytoShip | Add-Member -NotePropertyName $_.Key -NotePropertyValue $_.Value -Force } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type PATCH -body $BodyToship -verbose - $results.add( 'Success. The user has been edited.' ) - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Edited user $($UserObj.DisplayName) with id $($UserObj.id)" -Sev 'Info' + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type PATCH -body $BodyToship -verbose + $results.Add( 'Success. The user has been edited.' ) + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Edited user $($UserObj.DisplayName) with id $($UserObj.id)" -Sev Info if ($UserObj.password) { $passwordProfile = [pscustomobject]@{'passwordProfile' = @{ 'password' = $UserObj.password; 'forceChangePasswordNextSignIn' = [boolean]$UserObj.mustchangepass } } | ConvertTo-Json - $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type PATCH -body $PasswordProfile -verbose - $results.add("Success. The password has been set to $($UserObj.password)") - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Reset $($UserObj.DisplayName)'s Password" -Sev 'Info' + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type PATCH -body $PasswordProfile -verbose + $results.Add("Success. The password has been set to $($UserObj.password)") + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Reset $($UserObj.DisplayName)'s Password" -Sev Info } } catch { - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "User edit API failed. $($_.Exception.Message)" -Sev 'Error' - $results.add( "Failed to edit user. $($_.Exception.Message)") + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "User edit API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $results.Add( "Failed to edit user. $($ErrorMessage.NormalizedError)") } @@ -85,28 +88,29 @@ Function Invoke-EditUser { try { if ($licenses -or $UserObj.removeLicenses) { - $CurrentLicenses = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter + $CurrentLicenses = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter #if the list of skuIds in $CurrentLicenses.assignedLicenses is EXACTLY the same as $licenses, we don't need to do anything, but the order in both can be different. if (($CurrentLicenses.assignedLicenses.skuId -join ',') -eq ($licenses -join ',') -and $UserObj.removeLicenses -eq $false) { Write-Host "$($CurrentLicenses.assignedLicenses.skuId -join ',') $(($licenses -join ','))" - $results.add( 'Success. User license is already correct.' ) + $results.Add( 'Success. User license is already correct.' ) } else { if ($UserObj.removeLicenses) { - $licResults = Set-CIPPUserLicense -userid $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId - $results.add($licResults) + $licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId + $results.Add($licResults) } else { #Remove all objects from $CurrentLicenses.assignedLicenses.skuId that are in $licenses $RemoveLicenses = $CurrentLicenses.assignedLicenses.skuId | Where-Object { $_ -notin $licenses } - $licResults = Set-CIPPUserLicense -userid $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses - $results.add($licResults) + $licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses + $results.Add($licResults) } } } } catch { - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "License assign API failed. $($_.Exception.Message)" -Sev 'Error' - $results.add( "We've failed to assign the license. $($_.Exception.Message)") + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "License assign API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $results.Add( "We've failed to assign the license. $($ErrorMessage.NormalizedError)") } #Add Aliases, removal currently not supported. @@ -114,20 +118,21 @@ Function Invoke-EditUser { if ($Aliases) { Write-Host ($Aliases | ConvertTo-Json) foreach ($Alias in $Aliases) { - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type 'patch' -body "{`"mail`": `"$Alias`"}" -verbose + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$Alias`"}" -Verbose } - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $userObj.tenantFilter -type 'patch' -body "{`"mail`": `"$UserprincipalName`"}" -verbose - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Added Aliases to $($UserObj.DisplayName)" -Sev 'Info' - $results.add( 'Success. added aliases to user.') + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$UserPrincipalName`"}" -Verbose + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Added Aliases to $($UserObj.DisplayName)" -Sev Info + $results.Add( 'Success. added aliases to user.') } } catch { - Write-LogMessage -API $APINAME -tenant ($userObj.tenantFilter) -user $request.headers.'x-ms-client-principal' -message "Alias API failed. $($_.Exception.Message)" -Sev 'Error' - $results.add( "Successfully edited user. The password is $password. We've failed to create the Aliases: $($_.Exception.Message)") + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Alias API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $results.Add( "Successfully edited user. The password is $password. We've failed to create the Aliases: $($ErrorMessage.NormalizedError)") } if ($Request.body.CopyFrom.value) { - $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $request.headers.'x-ms-client-principal' -CopyFromId $Request.body.CopyFrom.value -UserID $UserprincipalName -TenantFilter $userObj.tenantFilter + $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $User -CopyFromId $Request.body.CopyFrom.value -UserID $UserPrincipalName -TenantFilter $UserObj.tenantFilter $results.AddRange($CopyFrom) } @@ -145,7 +150,7 @@ Function Invoke-EditUser { Write-Host 'Adding to group via Add-DistributionGroupMember ' $Params = @{ Identity = $GroupID; Member = $UserObj.id; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $userObj.tenantFilter -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + $null = New-ExoRequest -tenantid $UserObj.tenantFilter -cmdlet 'Add-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { @@ -154,15 +159,16 @@ Function Invoke-EditUser { '@odata.id' = "https://graph.microsoft.com/beta/directoryObjects/$($UserObj.id)" } $UserBodyJSON = ConvertTo-Json -Compress -Depth 10 -InputObject $UserBody - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/`$ref" -tenantid $userObj.tenantFilter -type POST -body $UserBodyJSON -Verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/`$ref" -tenantid $UserObj.tenantFilter -type POST -body $UserBodyJSON -Verbose } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Added $($UserObj.DisplayName) to $GroupName group" -Sev 'Info' - $null = $results.add("Success. $($UserObj.DisplayName) has been added to $GroupName") + Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Added $($UserObj.DisplayName) to $GroupName group" -Sev Info + $null = $results.Add("Success. $($UserObj.DisplayName) has been added to $GroupName") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Failed to add member $($UserObj.DisplayName) to $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' - $null = $results.add("Failed to add member $($UserObj.DisplayName) to $GroupName : $($_.Exception.Message)") + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Failed to add member $($UserObj.DisplayName) to $GroupName. Error:$($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $null = $results.Add("Failed to add member $($UserObj.DisplayName) to $GroupName : $($ErrorMessage.NormalizedError)") } } @@ -170,9 +176,9 @@ Function Invoke-EditUser { if ($Request.body.setManager.value) { $ManagerBody = [PSCustomObject]@{'@odata.id' = "https://graph.microsoft.com/beta/users/$($Request.body.setManager.value)" } $ManagerBodyJSON = ConvertTo-Json -Compress -Depth 10 -InputObject $ManagerBody - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)/manager/`$ref" -tenantid $userObj.tenantFilter -type PUT -body $ManagerBodyJSON -Verbose - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)" -Sev 'Info' - $results.add("Success. Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)") + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)/manager/`$ref" -tenantid $UserObj.tenantFilter -type PUT -body $ManagerBodyJSON -Verbose + Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)" -Sev Info + $results.Add("Success. Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)") } if ($RemoveFromGroups) { @@ -189,20 +195,21 @@ Function Invoke-EditUser { Write-Host 'Removing From group via Remove-DistributionGroupMember ' $Params = @{ Identity = $GroupID; Member = $UserObj.id; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $userObj.tenantFilter -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + New-ExoRequest -tenantid $UserObj.tenantFilter -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { Write-Host 'Removing From group via Graph' - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.id)/`$ref" -tenantid $userObj.tenantFilter -type DELETE + New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.id)/`$ref" -tenantid $UserObj.tenantFilter -type DELETE } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Removed $($UserObj.DisplayName) from $GroupName group" -Sev 'Info' - $null = $results.add("Success. $($UserObj.DisplayName) has been removed from $GroupName") + Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Removed $($UserObj.DisplayName) from $GroupName group" -Sev Info + $null = $results.Add("Success. $($UserObj.DisplayName) has been removed from $GroupName") } catch { - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $userObj.tenantFilter -message "Failed to remove member $($UserObj.DisplayName) from $GroupName. Error:$($_.Exception.Message)" -Sev 'Error' - $null = $results.add("Failed to remove member $($UserObj.DisplayName) from $GroupName : $($_.Exception.Message)") + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Failed to remove member $($UserObj.DisplayName) from $GroupName. Error:$($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $null = $results.Add("Failed to remove member $($UserObj.DisplayName) from $GroupName : $($ErrorMessage.NormalizedError)") } } From fac57550dc4182c9474bba16f3a33e24e4f5bddc Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 15 Jan 2025 12:11:45 -0500 Subject: [PATCH 278/290] remove method --- .../CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1 b/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1 index ec0f8fd5b5bd..2ced11b10908 100644 --- a/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1 +++ b/Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1 @@ -21,7 +21,6 @@ function Get-CippAuditLogSearchResults { process { $GraphRequest = @{ Uri = ('https://graph.microsoft.com/beta/security/auditLog/queries/{0}/records?$top=999&$count=true' -f $QueryId) - Method = 'GET' AsApp = $true tenantid = $TenantFilter } From 8c42cc3554d2acfc33ac928419d63989e904fa15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Wed, 15 Jan 2025 19:27:53 +0100 Subject: [PATCH 279/290] Add $null = to all the places missing it in the $result.Add()'s --- .../Administration/Users/Invoke-EditUser.ps1 | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 index 557bd03a7f6c..92a2cbf0a193 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 @@ -63,24 +63,24 @@ Function Invoke-EditUser { Write-Host 'Found added attribute' Write-Host "Added attributes: $($UserObj.addedAttributes | ConvertTo-Json)" $UserObj.addedAttributes.GetEnumerator() | ForEach-Object { - $results.Add("Edited property $($_.Key) with value $($_.Value)") + $null = $results.Add("Edited property $($_.Key) with value $($_.Value)") $bodytoShip | Add-Member -NotePropertyName $_.Key -NotePropertyValue $_.Value -Force } } $bodyToShip = ConvertTo-Json -Depth 10 -InputObject $BodyToship -Compress $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type PATCH -body $BodyToship -verbose - $results.Add( 'Success. The user has been edited.' ) + $null = $results.Add( 'Success. The user has been edited.' ) Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Edited user $($UserObj.DisplayName) with id $($UserObj.id)" -Sev Info if ($UserObj.password) { $passwordProfile = [pscustomobject]@{'passwordProfile' = @{ 'password' = $UserObj.password; 'forceChangePasswordNextSignIn' = [boolean]$UserObj.mustchangepass } } | ConvertTo-Json $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type PATCH -body $PasswordProfile -verbose - $results.Add("Success. The password has been set to $($UserObj.password)") + $null = $results.Add("Success. The password has been set to $($UserObj.password)") Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Reset $($UserObj.DisplayName)'s Password" -Sev Info } } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "User edit API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage - $results.Add( "Failed to edit user. $($ErrorMessage.NormalizedError)") + $null = $results.Add( "Failed to edit user. $($ErrorMessage.NormalizedError)") } @@ -92,16 +92,16 @@ Function Invoke-EditUser { #if the list of skuIds in $CurrentLicenses.assignedLicenses is EXACTLY the same as $licenses, we don't need to do anything, but the order in both can be different. if (($CurrentLicenses.assignedLicenses.skuId -join ',') -eq ($licenses -join ',') -and $UserObj.removeLicenses -eq $false) { Write-Host "$($CurrentLicenses.assignedLicenses.skuId -join ',') $(($licenses -join ','))" - $results.Add( 'Success. User license is already correct.' ) + $null = $results.Add( 'Success. User license is already correct.' ) } else { if ($UserObj.removeLicenses) { $licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $CurrentLicenses.assignedLicenses.skuId - $results.Add($licResults) + $null = $results.Add($licResults) } else { #Remove all objects from $CurrentLicenses.assignedLicenses.skuId that are in $licenses $RemoveLicenses = $CurrentLicenses.assignedLicenses.skuId | Where-Object { $_ -notin $licenses } $licResults = Set-CIPPUserLicense -UserId $UserObj.id -TenantFilter $UserObj.tenantFilter -RemoveLicenses $RemoveLicenses -AddLicenses $licenses - $results.Add($licResults) + $null = $results.Add($licResults) } } @@ -110,7 +110,7 @@ Function Invoke-EditUser { } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "License assign API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage - $results.Add( "We've failed to assign the license. $($ErrorMessage.NormalizedError)") + $null = $results.Add( "We've failed to assign the license. $($ErrorMessage.NormalizedError)") } #Add Aliases, removal currently not supported. @@ -118,22 +118,22 @@ Function Invoke-EditUser { if ($Aliases) { Write-Host ($Aliases | ConvertTo-Json) foreach ($Alias in $Aliases) { - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$Alias`"}" -Verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$Alias`"}" -Verbose } - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$UserPrincipalName`"}" -Verbose + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type 'patch' -body "{`"mail`": `"$UserPrincipalName`"}" -Verbose Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Added Aliases to $($UserObj.DisplayName)" -Sev Info - $results.Add( 'Success. added aliases to user.') + $null = $results.Add( 'Success. added aliases to user.') } } catch { $ErrorMessage = Get-CippException -Exception $_ Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Alias API failed. $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage - $results.Add( "Successfully edited user. The password is $password. We've failed to create the Aliases: $($ErrorMessage.NormalizedError)") + $null = $results.Add( "Successfully edited user. The password is $password. We've failed to create the Aliases: $($ErrorMessage.NormalizedError)") } if ($Request.body.CopyFrom.value) { $CopyFrom = Set-CIPPCopyGroupMembers -ExecutingUser $User -CopyFromId $Request.body.CopyFrom.value -UserID $UserPrincipalName -TenantFilter $UserObj.tenantFilter - $results.AddRange($CopyFrom) + $null = $results.AddRange($CopyFrom) } if ($AddToGroups) { @@ -178,7 +178,7 @@ Function Invoke-EditUser { $ManagerBodyJSON = ConvertTo-Json -Compress -Depth 10 -InputObject $ManagerBody $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)/manager/`$ref" -tenantid $UserObj.tenantFilter -type PUT -body $ManagerBodyJSON -Verbose Write-LogMessage -user $User -API $ApiName -tenant $UserObj.tenantFilter -message "Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)" -Sev Info - $results.Add("Success. Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)") + $null = $results.Add("Success. Set $($UserObj.DisplayName)'s manager to $($Request.body.setManager.label)") } if ($RemoveFromGroups) { @@ -195,12 +195,12 @@ Function Invoke-EditUser { Write-Host 'Removing From group via Remove-DistributionGroupMember ' $Params = @{ Identity = $GroupID; Member = $UserObj.id; BypassSecurityGroupManagerCheck = $true } - New-ExoRequest -tenantid $UserObj.tenantFilter -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true + $null = New-ExoRequest -tenantid $UserObj.tenantFilter -cmdlet 'Remove-DistributionGroupMember' -cmdParams $params -UseSystemMailbox $true } else { Write-Host 'Removing From group via Graph' - New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.id)/`$ref" -tenantid $UserObj.tenantFilter -type DELETE + $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/groups/$GroupID/members/$($UserObj.id)/`$ref" -tenantid $UserObj.tenantFilter -type DELETE } From ad2849654a25a722ba909693795e42b1ff0e544c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Wed, 15 Jan 2025 19:29:59 +0100 Subject: [PATCH 280/290] Fix casing for MustChangePass property --- .../Identity/Administration/Users/Invoke-EditUser.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 index 92a2cbf0a193..abe7fd5bf030 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-EditUser.ps1 @@ -33,7 +33,7 @@ Function Invoke-EditUser { Write-Host 'PowerShell HTTP trigger function processed a request.' #Edit the user try { - Write-Host "$([boolean]$UserObj.mustchangepass)" + Write-Host "$([boolean]$UserObj.MustChangePass)" $UserPrincipalName = "$($UserObj.Username ? $UserObj.username :$UserObj.mailNickname)@$($UserObj.Domain ? $UserObj.Domain : $UserObj.primDomain.value)" $BodyToship = [pscustomobject] @{ 'givenName' = $UserObj.givenName @@ -72,7 +72,7 @@ Function Invoke-EditUser { $null = $results.Add( 'Success. The user has been edited.' ) Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Edited user $($UserObj.DisplayName) with id $($UserObj.id)" -Sev Info if ($UserObj.password) { - $passwordProfile = [pscustomobject]@{'passwordProfile' = @{ 'password' = $UserObj.password; 'forceChangePasswordNextSignIn' = [boolean]$UserObj.mustchangepass } } | ConvertTo-Json + $passwordProfile = [pscustomobject]@{'passwordProfile' = @{ 'password' = $UserObj.password; 'forceChangePasswordNextSignIn' = [boolean]$UserObj.MustChangePass } } | ConvertTo-Json $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserObj.id)" -tenantid $UserObj.tenantFilter -type PATCH -body $PasswordProfile -verbose $null = $results.Add("Success. The password has been set to $($UserObj.password)") Write-LogMessage -API $ApiName -tenant ($UserObj.tenantFilter) -user $User -message "Reset $($UserObj.DisplayName)'s Password" -Sev Info From e419c7270d5712c9e24323f1d7c53c91cb89c24c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Thu, 16 Jan 2025 00:17:17 +0100 Subject: [PATCH 281/290] Increase retry limit for TAP creation to 10 attempts for improved reliability --- .../Administration/Users/Invoke-ExecJITAdmin.ps1 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 index 766692b48157..1fef379d169f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 @@ -103,18 +103,19 @@ Function Invoke-ExecJITAdmin { $TapBody = '{}' } Write-Information "https://graph.microsoft.com/beta/users/$Username/authentication/temporaryAccessPassMethods" - # Retry creating the TAP up to 5 times, since it can fail due to the user not being fully created yet + # Retry creating the TAP up to 10 times, since it can fail due to the user not being fully created yet. Sometimes it takes 2 reties, sometimes it takes 8+. Very annoying. -Bobby $Retries = 0 + $MAX_TAP_RETRIES = 10 do { try { $TapRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($Username)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body $TapBody } catch { Start-Sleep -Seconds 2 - Write-Information 'ERROR: Failed to create TAP, retrying' - Write-Information ( ConvertTo-Json -Depth 5 -InputObject (Get-CippException -Exception $_)) + Write-Information "ERROR: Run $Retries of $MAX_TAP_RETRIES : Failed to create TAP, retrying" + # Write-Information ( ConvertTo-Json -Depth 5 -InputObject (Get-CippException -Exception $_)) } $Retries++ - } while ( $null -eq $TapRequest.temporaryAccessPass -and $Retries -le 5 ) + } while ( $null -eq $TapRequest.temporaryAccessPass -and $Retries -le $MAX_TAP_RETRIES ) $TempPass = $TapRequest.temporaryAccessPass $PasswordExpiration = $TapRequest.LifetimeInMinutes From b3df695f3be351af0955dcc54300951abb83304f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Thu, 16 Jan 2025 00:22:46 +0100 Subject: [PATCH 282/290] Remove a few comments and add TAP region --- .../Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 index 1fef379d169f..1ef908304c17 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecJITAdmin.ps1 @@ -92,6 +92,7 @@ Function Invoke-ExecJITAdmin { Start-Sleep -Seconds 1 } + #Region TAP creation if ($Request.Body.UseTAP) { try { if ($Start -gt (Get-Date)) { @@ -102,7 +103,7 @@ Function Invoke-ExecJITAdmin { } else { $TapBody = '{}' } - Write-Information "https://graph.microsoft.com/beta/users/$Username/authentication/temporaryAccessPassMethods" + # Write-Information "https://graph.microsoft.com/beta/users/$Username/authentication/temporaryAccessPassMethods" # Retry creating the TAP up to 10 times, since it can fail due to the user not being fully created yet. Sometimes it takes 2 reties, sometimes it takes 8+. Very annoying. -Bobby $Retries = 0 $MAX_TAP_RETRIES = 10 @@ -136,6 +137,7 @@ Function Invoke-ExecJITAdmin { } } } + #EndRegion TAP creation $Parameters = @{ TenantFilter = $TenantFilter From 657651610c7abf77e2a11ec36d4e5205ad3504fb Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 16 Jan 2025 10:35:46 -0500 Subject: [PATCH 283/290] adding orchestrator for TriggerRefresh --- .../Administration/Tenant/Invoke-ListTenants.ps1 | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenants.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenants.ps1 index 7e3d3da4e22c..fccb38d002ef 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenants.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Tenant/Invoke-ListTenants.ps1 @@ -45,7 +45,20 @@ Function Invoke-ListTenants { return } if ($Request.Query.TriggerRefresh) { - Get-Tenants -IncludeAll -TriggerRefresh + if ($Request.Query.TenantFilter -and $Request.Query.TenantFilter -ne 'AllTenants') { + Get-Tenants -TriggerRefresh -TenantFilter $Request.Query.TenantFilter + } else { + $InputObject = [PSCustomObject]@{ + Batch = @( + @{ + FunctionName = 'UpdateTenants' + } + ) + OrchestratorName = 'UpdateTenants' + SkipLog = $true + } + Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Compress -Depth 5) + } } try { $tenantfilter = $Request.Query.TenantFilter From 3ce26ec0a825802c03c2e5d37805bdacf3741de0 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 16 Jan 2025 16:52:22 +0100 Subject: [PATCH 284/290] add a silently continue on formatting templates --- .../Tenant/Standards/Invoke-listStandardTemplates.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 index f7d0f45cb8ef..a04cbc2376c6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 @@ -15,8 +15,9 @@ Function Invoke-listStandardTemplates { $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter) | ForEach-Object { - $data = $_.JSON | ConvertFrom-Json -Depth 100 + $data = $_.JSON | ConvertFrom-Json -Depth 100 -ErrorAction SilentlyContinue $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $_.GUID -Force + if ($data.excludedTenants) { $data.excludedTenants = @($data.excludedTenants) } $data } | Sort-Object -Property templateName From 0dc364c483e8ffa1eb3812f1f2b6a8afe1f5e797 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 16 Jan 2025 17:28:25 +0100 Subject: [PATCH 285/290] add list standards for exclusions --- .../Tenant/Standards/Invoke-listStandardTemplates.ps1 | 2 -- 1 file changed, 2 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 index a04cbc2376c6..4fcf492622f9 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Standards/Invoke-listStandardTemplates.ps1 @@ -10,8 +10,6 @@ Function Invoke-listStandardTemplates { [CmdletBinding()] param($Request, $TriggerMetadata) - $APIName = $TriggerMetadata.FunctionName - $Table = Get-CippTable -tablename 'templates' $Filter = "PartitionKey eq 'StandardsTemplateV2'" $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter) | ForEach-Object { From f90d85bf79c731f14b0a9931b33c5ec61bae895e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 16 Jan 2025 11:54:20 -0500 Subject: [PATCH 286/290] Update Invoke-ExecDeleteGDAPRoleMapping.ps1 --- .../Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 index 05115ce42df2..a2758b8e8341 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecDeleteGDAPRoleMapping.ps1 @@ -14,13 +14,13 @@ Function Invoke-ExecDeleteGDAPRoleMapping { Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' $Table = Get-CIPPTable -TableName 'GDAPRoles' - Write-Host $Table + $GroupId = $Request.Query.GroupId ?? $Request.Body.GroupId try { - $Filter = "PartitionKey eq 'Roles' and RowKey eq '{0}'" -f $Request.Query.GroupId + $Filter = "PartitionKey eq 'Roles' and RowKey eq '{0}'" -f $GroupId $Entity = Get-CIPPAzDataTableEntity @Table -Filter $Filter Remove-AzDataTableEntity -Force @Table -Entity $Entity $Results = [pscustomobject]@{'Results' = 'Success. GDAP relationship mapping deleted' } - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "GDAP relationship mapping deleted for $($Request.Query.GroupId)" -Sev 'Info' + Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "GDAP relationship mapping deleted for $($GroupId)" -Sev 'Info' } catch { $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" } From 7af2347c6c2bb70f7fc122718a2d2b50fff814cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= Date: Thu, 16 Jan 2025 18:59:01 +0100 Subject: [PATCH 287/290] FIX: modernize and make it work with the new frontend --- .../Autopilot/Invoke-ExecAssignAPDevice.ps1 | 27 +++++++++++++------ 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1 index 0ae4d1f13cb0..f4d0e10d2526 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecAssignAPDevice.ps1 @@ -10,24 +10,35 @@ Function Invoke-ExecAssignAPDevice { [CmdletBinding()] param($Request, $TriggerMetadata) $APIName = $TriggerMetadata.FunctionName - Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug' - $tenantfilter = $Request.Body.TenantFilter + $User = $request.headers.'x-ms-client-principal' + Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug' + $TenantFilter = $Request.body.tenantFilter + + try { + $UserObject = $Request.body.user.addedFields + $DeviceObject = $Request.body.device + $SerialNumber = $Request.body.serialNumber $body = @{ - UserPrincipalName = $Request.body.UserPrincipalName - addressableUserName = $Request.body.addressableUserName + userPrincipalName = $UserObject.userPrincipalName + addressableUserName = $UserObject.addressableUserName } | ConvertTo-Json - New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeviceIdentities/$($request.body.Device)/UpdateDeviceProperties" -tenantid $TenantFilter -body $body -method POST - $Results = "Successfully assigned device to $($Request.body.UserPrincipalName) for $($tenantfilter)" + New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeviceIdentities/$($DeviceObject)/UpdateDeviceProperties" -tenantid $TenantFilter -body $body -method POST | Out-Null + Write-LogMessage -user $User -API $APINAME -message "Successfully assigned device: $DeviceObject with Serial: $SerialNumber to $($UserObject.userPrincipalName) for $($TenantFilter)" -Sev Info + $Results = "Successfully assigned device: $DeviceObject with Serial: $SerialNumber to $($UserObject.userPrincipalName) for $($TenantFilter)" + $StatusCode = [HttpStatusCode]::OK } catch { - $Results = "Could not $($Request.body.UserPrincipalName) to $($Request.body.device) for $($tenantfilter) Error: $($_.Exception.Message)" + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -user $User -API $APINAME -message "Could not assign $($UserObject.userPrincipalName) to $($DeviceObject) for $($TenantFilter) Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage + $Results = "Could not assign $($UserObject.userPrincipalName) to $($DeviceObject) for $($TenantFilter) Error: $($ErrorMessage.NormalizedError)" + $StatusCode = [HttpStatusCode]::BadRequest } $Results = [pscustomobject]@{'Results' = "$results" } # Associate values to output bindings by calling 'Push-OutputBinding'. Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK + StatusCode = $StatusCode Body = $Results }) From 2113d5d948a9e6e46b2c147b0ac65785923aa944 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 16 Jan 2025 13:20:46 -0500 Subject: [PATCH 288/290] Update New-GraphGetRequest.ps1 --- .../CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index 7d8d3ff3ad99..a949da45936e 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -17,7 +17,12 @@ function New-GraphGetRequest { [switch]$CountOnly, [switch]$IncludeResponseHeaders ) - $IsAuthorised = Get-AuthorisedRequest -Uri $uri -TenantID $tenantid + + if ($NoAuthCheck -eq $false) { + $IsAuthorised = Get-AuthorisedRequest -Uri $uri -TenantID $tenantid + } else { + $IsAuthorised = $true + } if ($NoAuthCheck -eq $true -or $IsAuthorised) { if ($scope -eq 'ExchangeOnline') { From a8686b41e2a3596be78050558db88ed4f99e34ce Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 16 Jan 2025 19:25:56 +0100 Subject: [PATCH 289/290] Remove temporary --- .../Entrypoints/Activity Triggers/Push-UpdateTenants.ps1 | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-UpdateTenants.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-UpdateTenants.ps1 index 811d54b229be..d3ef1e2711c8 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-UpdateTenants.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-UpdateTenants.ps1 @@ -6,10 +6,7 @@ function Push-UpdateTenants { Param($Item) $QueueReference = 'UpdateTenants' $RunningQueue = Invoke-ListCippQueue | Where-Object { $_.Reference -eq $QueueReference -and $_.Status -ne 'Completed' -and $_.Status -ne 'Failed' } - if ($RunningQueue) { - Write-Host 'Update Tenants already running' - return - } + $Queue = New-CippQueueEntry -Name 'Update Tenants' -Reference $QueueReference -TotalTasks 1 try { $QueueTask = @{ @@ -30,4 +27,4 @@ function Push-UpdateTenants { $QueueTask.Status = 'Failed' Set-CippQueueTask @QueueTask } -} \ No newline at end of file +} From 8e52bcd3412693f7e7ed7fe91a92709708e7fa82 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar <49186168+KelvinTegelaar@users.noreply.github.com> Date: Thu, 16 Jan 2025 19:29:54 +0100 Subject: [PATCH 290/290] version up --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index a50da181e9bd..4489f5a6df8f 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.3 +7.0.4

3SMXX41?ZFOcaKJdbFG^T%5x~kGHJI2%G>Y!fKv@z=MJ(Uos1AajGP9~>P+y(p@s*ga9?0|^y zaYVi)IE-F0P@)HTH%;Gz#k*-EZ9gjCk%mh^{q-b>72@CRlc+igNs!I2a2pBsAb>r# zOhSE_F$WT&Lkk}Rln8S`)JeF7MF0)~)4oJ;=uAVfga=S!B=EsU3vjx&Ch8oZ$@}6Z zWiMlTaJ~Nsvkz;!kAss?XGPmQz>oHhkH(I80P4}!8$xW6hd^?$SrOlY;GrIf6Jyll zBcOON5cJB&;ejom1@lohC_`S(j))8&75d;E_*(K)Nl8`_Bz8H?!%1Cba8~s_Ua_*0 zyYhwr6z-Nh5e~wF&0T}UwdVkYwB>TXgf{r3R`M2ru8{B*BEY!2agG7Q?C}6tC?|G`XoS@#G?jW{mgo9gIULgkuaY4&w$sM$_zc1PxqA$eq9J zu@SPxp%r=34iNSCWfUTT?1@24j0`x#cI}>Fcq!m7I2nv*P4YO(dtr8PisfK?X2TTL zp9n94)WV+w)_YOHY3ahR7?kG>Wdjys{*8Jjj`@d=+0#8u?QIPB+I+Li^v z0S>nXGRj!{42st-hF?y!{ECw&K}%Dpd}t~^n)lc}lD}*ujJtT}6ypZ#7u>~oLzJmM-;M>WVHNAESDDqhB#vz$ZNIC=>Xu>BB5U0kggVt&{c6abT+OJ1suu;`{0VC+NsGKUNS zc(8v@Lg^=ce?uVYlN$mE_wLes@b`!hYY1BAEe(NWp3e|S=EV$wq>p3>z%z0B)1>uz zuz~F2#|ppF>H2&1J75JEo=rF#uMGn9E?tNdkZ$BP*>;k$u|pyLN{Ngfc8==uU#XD|@qPx;;!##te*|M1KlzFm zacMb%$BIk}e<5b-{Iw?+7#`!FZd~bZ(BLiu-=z$@VJmO4)|Zdl_u%x<6($b|Jh`=^72_VH*a_s32P>k(Z)*7nM?O*W5+56ANvfG8 zn4YP72nQewF~!Owuqia-K|M$y^1XI#o-$&eMjILjD_%7bgN}?hPHA>!z$E~ww(BX$ zHM+QPh`r`6*jxvHhIDqL4Mg$?tgF&3>$0*uXJIPDu6A8u5I8Ylo3w~ zTz?pX*uHjl$Gf~mA-}X#N{hUHzt)5DA(}oytOJaf=Xi+0THr%>@bNl*;y1T4(U@eN zGSL<&QbLf$;>KDJW{xeYL}D8C0I+-zCjF;+(0^cHgLPsk2pDvZz2JF6%U57w$H!WR z{KGm$t~q1q8fyf@lg5cxxQit-RfJ|PjcE47h?76PrdTP!2L4kY=x9C-rEfAzyZ%ab~&1HRh8`VkIa#@FrWCjcx|Y@5g2U zXh6*4RV@AdL+5ktj0c*P)KqOv6iO7=)Y)u;nU2w;S=zjE$!xCYKfW3Y_$-76Gg*io zpYxU_7AQm*>~$D)jRrqMph>#5yuIbWU+-#BdsIFe`DBtJ8@VK2hY3B2dSf~?38+pP zIIfUnZys|pGZ@Abv%nHiEbxi!n3`_t|M5OY(?IF*eC) zsg4M4aWo&pI_g&r2eIHr>T1v#@wI^jr&fg=f&*i>kb)@ypAfY#crpfnr%9jeH8_hs z_oaPGNsy_>MI>?GhkhZp8nhh=RFxA5t28}S*lLK_rX>JKUUnZM0M$klq9VjptL3$K zA7Uk3MA-7GI<5T|uU54PU|{t;&X1 z<9;nd{p^L&iYer8F(x~n7}c|g7~jCjSZKO+D?)rNa7|CpNLhZ&BPOrHZ^1PxLfWBR z9+H@skmxaM8_<3;kl@#qCWuwdpT&DsV1v%E5Xo3>;0U|;Nq9bcZrg0?j>78Q80SHf zLh6!$93@F;v+tc)xE=BkrJDd?u4J1iNJ*VolL8_dHhpXXS&I)MBXnWf%J5A$ejHa2 zu$rW$o@MiLbccW+^A8IOuPs6=#PLgyT8!JnCJ(9`oQb>3ct?_^{C>B^kTDbT$i@JE zRcfWeFZcrH1-d*{C_RLR36QUW5Wc>@!=_)L}Z&xM+b@RMg1+Xe@W=D z6@Rxq=wm;F$3)ugJu++V5uqLL?itO%$~jBo#w!OMy=o{ih%9jdm0Pav@sofLdHNF^ z0OKIrz5oaaFVPPizH8Y+71}Y0VWs()cF|uHS2Gl>EnQfGeS}?{lvzsD z@}dF?7O?0|6VhNyfd<_7PXJjqvjbZkr9HK|qbc5~uoQP%%v*E=!&Z zIGg+cq9YHna~3P2COk%GH*1>5Ls6r8{m~d#)zMWb_bq6gxZuk#H|&5T02nBbWQcg6 zJsgp+gv5n1Rip7Fj zbj&R78(NOBftt7u@F`o^Tq*n6x5tRpo0%xd#e0=QjKYqBc@ROsW`7LR9Q-w9y?G=9 zd8)H$zDK$Xw^T}|1OHeiUzO2PcTly3b^N^<%z$j0(w0GjA^|fA8y5EtblPgeY^su0 ztkgKA#ZyQjK`qyYCYDez4&=aAR(>F)nBN{B7^w%r$L%guy3FR)K&s9rby2k>a{8!{ z!Tes3oSu$r&sy+_Ou1!4ufWK>xl-*QndvX zFXAH)&eDjW>y+F32t!dmRn>NRT0x2uNu*H`JQ{r1qrh6jEe|=B;=TR;*z?8+sx)}xsn&}_G5YkO6ca$A<3RxN=tYH*hdkxU@Bq@6 ze~q1!Fu;^6E!_PC*tWeE4{s_Mpr)dnhm*)k6$`n{9~#;_Rg0JaxkB&d2w1^>I>vlH zGg%iBxI?2%jR{`qjDTF#>W3MVllOVN6MJdea=$6tnwThW{K_(nFtsgll*oI&OOx=x z)v!;(`T5{L9(6;6+!CLVR%*mi4)S|5{cs&eFmkRh%VAO)W;s5~M+uh1I2xu!q6$V; zMM!{fh4H7b1GqhYjw4g(IgniN98n$HD?S5hg`H%Xyz)Fbf)j2Yf#kCV%=$2t%#|p5 zvDBd<&4jW+oLGklM}Jux~A3HJ68k-Uj3T7AOj*s~vh#`#nJ zw*IBcz(=irseDP-Y&nQfoQ+JP@i#9zKWeH9{mskeI@7(x-@L4R8$Iv)n-@HBT(L!g zmNGhcfhug>U@he5S$+5tsuRb&B#r~NK#{X_+kww{r>Cq~Hw*9)m(O-*V028+0DdgY z+vnKQ+rwbg6oo5%t6z$qZOTuk&(u(O!kfRAiOfU!YAl+hufzup1NW(5LXOGz`e4XF zgJSPT4PO<&9&oAK_#9yPUaXIl#lqZU7X3}tN{X*2xJOXLxA8nxuN7h2;HVK- zPBmj<%#cfbdMGh6fKZWc$cMTWrNL>a4lWQze7Sar!{g?lKkRRfW|x}XS>gTSZ?nZa;x-6& z%o7Yxpu#733$}nDS^ImFlBwRqnk;%pnmybl$bPPvt=2uxFtg*pocRM0OZD=A+77ow zKp)1ZI+af1rf=wcVhWPW@%nt{5UZBA{UMd9x9T)eh@f7m{QQNlGJk~rcDVV}Ff>eM zz`$rGaBSu}O{^CLQ30!PEooC+h>=I1T~P<@iek8cX`o0yH!0T{Pa!=sO|hV{ll zx8IQ07o{&=w}{&!jI-J~<+`klqL_M;hy9c)i%^Pf-xPUwPN{>Y)uHRkU$#IlKXNvk z5V;A5(^=(|d#VzHvc`QYLHD`Kx0b|7iG0JP-FgkGcH_{ zRfYnu9b8#J6}CSDFj*JL?q@Vb+4>}VYJl;(~GA<2j0Hl|Uy2}%x7k_Ko`2q0X+ z)G(*Yt`I1M_P8uWTn)ATqIGLKeK2>a5^_qcjH)Ag999Ar=wpiDBTsnoFNh1BBQXjj z581%m9%pvIVmUnOj?UA{=aVnV%XM!>gnrc4s7VE}aw>?Yb>e5o>)~<$0Ise{TLNNT z4*(lFT8_PR)atO=g_#O41h5eHvG4MLM5rq&j_k0EMD|FK0uY=$aU>9~jlu8-Xo`i6 zmPlOL+6zcRG?9RQBJ_ig7VGuVPA3dtqG7<#0xxyI3He}%^eE0VU>VU)^D!t3NA~z3 z081Gm(t(ERSk(adC6|-Q@RA6=-I_g(vye2-?L*?zDx;UCCywIa8Q2Mm1F)9sEo~$) zp>>NRe|jKmVA-KtBs|1ofKi*T%8dpG2570}P6hx5W_)sqcLVtYtym6PBnhHazPdyo zWDO*0Vp!di25UCK5c^rOgT_W9NtIIhP*Va^u@N{*lA=531i-?RDAM7-s@B^CES1nF zLeB(-NfIOlZW|;3TSE!R69kClC+L`Yu!X*x|II9P8UKETPGs5lsgj3`LIH`LLKq*+ zyl^rEoj&lFYG6tZYZodW)D3Z50kxAYV%}8#lCg_TH-VUY2KbdX&&%{$IN6IENKSMt zLOM3%q`~}fl=HA(^f9hGxK$+Pa;osZYz@9eYL}5cZ?Q~LimagEg@W-#(Abp`M-xh&az29;T$oVV+M@8*L=2+eHa-3R(^=Rksvnt#b!@?X)3)i8+@x@e& z!x9ZQ3-VDK@p}Qzo?+F0jN(tcA(*fgsdT%R&O8=YYPJ}bj0K70t4l$i4Hzgs zUtkcu!X+f0+5da~Xd=*}{#44M+>?c)Nk2Mz;-}KopXH%T*aGr+ap<5G*)bh^>d)x7 z0%ad9Z-FY?7Ntkdb*t$s=#YeZE)>%tROR#?BP)tWf>P%K&OSMrq+$T&WH|wmh*jSd z19OtX`7Tef+0W;YXV}?kSs8XLqtV>Q{oFA7u|FI_4oAuf)zF)4C@|09{O}9zlTtm0 z5R2+WD;Ot<7ijkQ>s5Jk5z)6F)#q2fx(5Y-uR-Df)*oUF#Vx(!uQe-kMR7v&6j3If zKtc8Z&Sry`f+?3es=cXph*jGGbOZN=c|7KKokKiyDwU2~cC<63leix#wLS{2_j81T zDCa_9WNkcRLfG|6iO^={l8KLSKJ?>>&}!f|IwU_6(urs3n0alVKbAyfPe9BpUs#0W zdA#AN5IM`U`w9%+?AR#(haJFtU2zDE0WmWqV~8-nlG9^t7PudCA3)p7ML0h zW6%>YbjIdPxejsO+x9G3T7n!AN6#gYz1b$*uTN+euz`<2yON{q3#QWQ(u8eLiZWQi z@jk1W<_(8O7&3Qn=gzuJy6UnK3pI1l)*09$=6aPKlf2k4YAMi zh+M@5pm)2nvgEYbNBUaU16c9-WX0A0Xn{qm_XD zdMrs{Ik|7VO0)7Xdimfn4vJ2`34(>te5^4%_k)SZ-aZsGe_&yncyM|sbRd2^R;u=` zOrY83Ckb7ti0%w{=LdgQ_VI^Z@;RhD3*Yfibgc~xB42ijQRU898i{C6OH zBr!w8i%=>TKfqD78c96vuRx0aawU-|`kb)hV7dFqz;_7W8L>BEaLsfXN0?1?Jb+*c zrI#6H6}F7M5zfT!VxN%$+C9QS)kCUG;5+!UhSe(je|)J^r-Ba36+RP$moY+cQ#WQZ zS3W5F2-%?7_bha~<&$;q=6Sn*r2twHOb`Af8~(N7v!4bs4Ha(S-0T?`1CxvDP8*!k zP}EybHmn9p4Ace^`oQx!7DvIN)LXpX_6;Q>-1_A`8llM$@zzLr(q}`}P4b(&(7}_a z5UR!fyEc$(;cH#-cAaf#<1MoQNd_pu_+Wd8w7ky~eBpW86*X!cAhb-sl_`VR=7gHg zBaCeyuJvG(P5J`LY(r<2Uu=(YAw(m7HKY>4E7qx`$UDUNbL2Al5^`4(^B#oFFH?kV zhmo7BSns|6LY2N?wxptjm5?S==Noe)d69;cml*f&&+SesqkpN&)*IVx4B1Dsr1KXk z;VUNVMT<##jgf!RT=~j>fvib|FEDX0+Mx1M)5-galF|uGQR#*e{XK%KM+G0Pm-oNm zK0jZ#2Oi1@9SghZQKei}V1$EtWhU|TY#4~#RGxRBB*50);NCsZqTx$N1`u`&DW$&X zzAo6n>3ow1hv$bZGfh_(R@KmAiGhlWw}GRbno1dV)FQSlRosj$q6T`4g=Ynr&6i>d zx#%YJ(7>a5YEcM&wcw2zD!D)txi$ zUW=a^(ONQNtRUF}<=Oy~B~IN+viL!e)=f?huR7(5)%Uq3=gXk`suU)TlS2o3O1ozUcL|8IBa#LXb@+O}grh;JB02=B9R_8l@(iV8J;{K(m z1U`suI=^T!z?LMrey9-JLu)KP-9l`AI}QG4Ah3}f++q;v;mwN*792r4*z8-3!@@7u z$uLL&w{sCCJgfjoj4>`yJK%}Xr8bNOyilU6My`jbE*N3_jD}BU1@fxX3REYlE(Fk6 zeBB{L!^2Gh0xNGXrl;@a1(feL_8Pqq!y|n#IZ2e7nhraZCVV8J)4)am4>B4!c`;95 zm^<(?KOhXK{b$o)4?p1>Pf}tCNQwFqV1zvlFaHIYG&01rkrE}h)G|H40we6<3Z}3; zuWnlmhKe1q75OR-&JP&neGhy9L9y{EU*rXMFu;zSENG&a7M3KeS9JO?XO@H}X_lvK z8a5ZO$73HNr-`-RlGuv{rlw;FiXlZpoNXF8g_0zIaphyixD_fn;4YuMGD3SPP>YASO^?6l4~sg&~crG)*DsQA97>6=VMGO&%%Uza*E|kOSd` z40&wMP}mJnvqkwpsfFb}d2LH?tmyL>eyH26wSi&DD!0hUcU8V|hU+0u+B7(uabCi< zdnFtr>@Am{z)2*yA(EjcY1l-8ZSfZ2nkP* z(+AqeA-&V+qa=x0MH3K~;zN4FzTMKO>7W|(a@*gfQJ6e`(dcFnG=kyag3<`Tp&?EmG)2ppLgj$j!&_8SWY+BBC{+c6i5_c9+IuQ0Y){=5HKIBoxIO2`Tg)x& z4dw}=2Jy`j!G?7Sy-SjX$!NUZ5ERaX%5J|BYAw}w#O0lSu?HgGO$+dew2flse2n{J zoODD0htc$)Oah0rGy(GuO&#tMR=~Un~f286oCPG%MOBRI$HZev5<}d5w?*?2Kuu5=D#+ZBynGcoXW2kZsPF^jI zw=bC@qTD*J-iibVW1(o!gurmr*kzz_tq!)p#-3#AJ@p|BkDNuy^8`#H=fFAekYRg- zOCqTvECA4poaFmR&?K0X8bxJG9=ADQJc<+Xrs7 zv+p^HT#xAM^^=gS^AwSC2{>J_r(9*>hh%;6g7^8daJ)tUCJ@ku){Mk(kvj6qoYDfm z`>1;Wcf1aCzz}U1yfX|GxrU3(;q_KzAsxnV-RO--1CD!q)<2sN=#=LzelMhgs&mO)^R-$s<7gUw`8dPW3VnPsLQQ-@+A43&qW$c=8 zlJsd^zP+kICgTIK_#njyBaLgV#n&G~GCp0ccswWL9+CWQ9$4z$tNJO=b#_-+CXD+tPT@U3Jd2?DUb!=GVAUh1}yQEH1S4qr%c81joqFA zAHtSAAn4VK5TzOyA}YEwS0up9VIz|RfPhBH8zPUPFvi$=e=np!y3)-Tmn;GZcUId}50Yr6yIPWN2H?IP?h4jrD0cZ`qR*bN9feh2?P#=p0nd#{GHCrIrA zujOXkmg@s+SMX=t5V;0O!8=B7*15y~antRfh#8+{Ea4$weH7l60v-vh?S29Xi=9Cc zef<49`1dXR)AXk(w&C{hA3hxpD65!}Jb2Uxu%Y0xDKDO52BoosTPSVcm-`6AG2=dS z?>l!!yU8}YlZ2rA$N!FVXW_Xmz0v{OL%Y~E#@Lbpux5bON4fZ(jzHbnE`B*EBjj|K zf9kHeFWiUjr*00v@8NeIzf)&eyY|LS=W(Vku`CX*4*us_*NHxQ;ZAQMrH?ka(`=8_ z^8N;XbsC56+vt^+$T9s?%3#kF&Q`dyAE1Stm9G29x#>OB#L?zN<4IrV-r`v8poJ~z z?+EZdQa16IWYlx6X0y#Uv8}9Kv1X97fzg-&9%pO@W61XIp?n=T&MLGgq=9hI*Vy(d zFk47*hyQgIh4exZc&``<9Sk!kt%;&o1u2+Q$_B8)24XrfB&{8!5IRC0HZnGhgvM^n zU=TRek<1!^>GYCt32&lQ4iuVtHXUYnaRs$ zbmlG>2S?!VS5O`&(x^rGKn_sUFrGc`aKZ;vuSqJ^l@pIGZ6iJOIX52ThPQU5g z9iv%}6Pyl{F;+q`dfmd9amq<*j}YeSW-ELhALi?btBtcq!sIBeg8;cMIHt+k^Bf^U zlq0w+o5002Xkd?$HLQHYz0MKh+9cPDW6RaKR{VeB~9BFYjdxam&9`N zU6LM$Go2`w zNA}6`o&sN)j7}EFbKyP)-j)^x2-hYT4oN+-_!%%U5q@PB3(b^ghxNc|LST$^k% z$Ge4JHYBbsuH9I{j9ZcdIe$=N&@f#uGwvaBu_I(g{GC(-)0vBy4dJoM&dN(xnaFmM z7m&N4^C#!<_ZpQ6Gl(hp`c`tNGt<7vV85#LF*%)Kb zYa>~%drZMb6@e3|6ISeF+Aj*$Jgu&W-1iXb3G?X7SPW!z$f_|-C&+lISa7`X2o=W4 zoi-NhE?cM$#-ps`hFb)N$uNev7Ln^RS4JBpaJ<=WWt#4il@XPfhI4Nk)W%EaD3p7i zB>l+!SV|l@H#XWyTdHc5iG1dzwB$&TbX9$`R+(fbO>iDa84a|SGg%GvvJ$98X5#3K zRr@0p%4NFeH5d+C)G>a9LWr%s)+ORjCM6HYUE2q%;3cx1Why3J2JN$4P1oik8zO&G*MkGv_%_BqAb zmfISf0f{L)zABrQr&6lYesR5MuT=d>S4nI+*T&R&D(Gz?Dsor1@chwB<(-bmRX26` zkCpb>bklaSol;?`d!uq{|JxWO>EPApiSIZaZo7i+>*kZ%83jChqx&-B0oJ=bn^ql% z43or0=0rlumPTy}gLNGLc55g(u1}UuNlm?u`hn_W#@_Y?qWUw5rmXDPQmsYxv#TO1 zrw;$WvLSzdG0JF+2b+RH#-eM2Yk|`FsWkRIG+X5gp`<+R1WWk_I^7WFsI2O$`y8=v zBE{4o+6yR+4f|RK`?kl9n!?Dl*9x?Vs;l9@@&TmG)0{9)lWw);jE(8t|`dpiHh7 z-8U+Egq#i_L)cl8BJ0-@ zKJzhO{`oYOC1lg3gbdC?2@YUa$N{MS?_eYgeS3?%MpG%(({$gCD{(B#^2gDfkpFV5 zzm1-nBz3Q)HLs*8m#pU*{L8Wb8SINc#z<3u^<-&tJl&=51{f_{I?67=wAsmG+8nye zk7WKo2ZiC&Ux8lSYfA}y2J>i?koLaB3YZb5@}(;8o3-XXTW>{{I%?iCOKZu(?XK#qRmf&f5}EUQ~v8*yOc=OS+jMy zE7c?|Pdn~Xnltq7ayCyG!}DY4$g$^c`l0&-Yb^HKoh62~+nv{RYqNXZQnGE7b@`@Y z<=g1j$7_#e1+k6U-0t;HLP|cbyA*RJ?Y^AmNLv3oMTzZkbG2MqP0|YWTuyT)HNBS2 zmDKfCksfn3zEehv)eP@&?|fA$;Ao{Zoh?VW+$CDcxxq`hle_%TRj`T*J)TzV$aUOB z!;Boqy%ooT#!^Z)r8wh;?%g;hGpH%z%)kr~u-+^$$LPtuGr1I_D+g&seA+(MiV@|H zgS3iig}!3z8&hLT+-uofu?_6E8WPl&PV+IjK{8rsaT!Lw*JU_ti}2sKCYAA-VZ28B zo*tsmM3B_~`khQlrrvk6xvah%WqdPVg4J3Wzbo1Da^<|4FDFZz?yYR@*oVNc-pQ8` zDJS4u(tO~h46<$@jQ&<+ZdHYm@St*e=6I zDHHIS@)L{=Xc-wP=Px_gb1h1S$oo~vC^?Qj`s%SGOHG3K+@kq=Uzv>etO zCv|M29P0VxZ=WN~d33&xJCa7;mPrM-#U*=5qt3pM97FU|Yq30=G3E7$&odrc?ny7A zcf6U+^=Up``lEHx*glgTKzL9Hk()|GAZVrIw@>M*9-CYSiX4eCBd3KvPO{ zuhU#^d@*0odXiSC2j_=W6p8p-%YfDrb;*EAZ2Mc=Sd^wj^%hChDY*o zSgq$KVQ@#p5=S^iJPN?Qia*J@{@b{<1~!gzr7{vE`=T zi|I}2w~omK?B9&oEKLvQdno$_@?KU=n{%hOQLV|HxrctfhrWF3rp{JSl44-L01iU! zjXOf7>zr|?(#5E1oF+AnyPsKTuj$Obhp}TVdfGh&evwVJnV&jsJ6?C1GtfW|hrQ!I zTFSLU`RS%>&^F$~9FZ>As;PGjVu!yx>TLmM1G!XZn8L{zb5U-vt(p8+HSHl%;sJ75 z8Fx`9X^OeCbxoaJm({n860k}yJwP4l9Me)db(v6({sBs$&P0kFV6->nSIwI4olPl; z_8~n_d=J#fUTBRR#i>gVk;=R*hjNzdXX>rbu$%i#V77xN+}2PVE#Ru@03&-CFtuhT zlcL#?2i$r*M$0z$$&_{U9iWdunV|-A^m+yL6xT0D!F?y%;L^jL9?U{CMX7zo{0__# zLWAZW(hp#7!x`lH?D)D4<215zcJ*kc+$>Dn3TKG^2{g;9Lkssp9K#kyb0~bUiBv0r z9Ej(an8s`PgPPoT`vnL~Gm6ssq= z?mGEt$}x+_C@D|noYE?^D^$-l=F4ns%G%8yZWd>nC zl4z$Zj?T8vtLrSKUe)jWGG32-soaHgZMxHE-78ol@42ZH@)yT&Nh>a;<3J9>vfSZ+ zRYSK)P&Co$`L{01;=qyZasWt-<%64_9EvMF^q({}IxyA+nUoK0+J7lBy7%I_Ipy@S zNe4J30}$oLJ&cT<2D2}^)XCC#I+$X=Fwq?TcjVZlCOzQfEbGxSSF#=Oq!g46IB6;B z9?BKi6!JH&B$|)Ao_@5E7W_0b`9a%!1JwSS#TP7uo`zfxJlTEx%{TWr3quFpZ^ zu`+4Q1|}Y6lMu4Q_P(qq^-lXuX+d`C$z}AsL)%G0Qy(3+*R2%Wp#1z}$lFbLqgYGS z?y8f)QRdijFT#m?ky6xt%oWZNF`uzaDc66Q-nsMl;cBo6U28+MG^zwS35A2G zo+w#%tVE#cB%AjFUIWv~_3_mmm^zytCA*V%bbwB-L&4nyTU*D#ZAj>2q*S2Vx-;we z-GovHZ_cyJfKvUX8tl%mffzQS*wU|K1DI5Zsp=x_TWxW|+=V-WV{mPpma}Ft9b*iQ2L3r0((LhYXU^T_qMfh?R643s=*1gzRX}c(+)lrhNJBlTB2R3>~dmk71M{&y3>tY06 zN^a6di6l(&K`sH)dzC+>vzhiA<8rZBvO7GYqMcGmu^2L7WoleW>Mx`$S=V4}0Gmh{ zOH|fIWtWYfG~{U3H!11UNz6|lr&+vs-pP01KH9~hpsK1mfO{>U+crbR6wB@2Q8Nsc z&-^5Z+|R)Y<-nUKogDXJQH3gcNU`N*Q|m6OYOEUrujpRAhq2&Vry|QkQ;NcTn?bba zDZIHcAdw(`^TqPL5A007>Wk)^Jj2E1ct_grm*dKd){vjqOew$lqNU_12xD_Jy^4V{ zZ&uSEbT7{d%?cJhslFQa?Ya)LJ90|2R9+W-4tQ=w7lBmUrsidOJb9Z=JSDt3{Bf_$ z*3bgR->ZJ&RWBlJ7Gg*BeDZBN0#-pJQ7gNPRNG73m6UCiqFj`mUGqZz3J0~Fb>uK= zahbZBx0dJ*ynr{&7PDQuB66`4z`5nbeeB`ya1=Gr zD{34ZWy7Qynhn(0p-L2t%O!Al5vnVkJN(aQUCAvz(?caOZrPbkIce*U+?2(QI`CakUsW_HWv%S`<_uL_30N z>AK&ImMaWa)L$ycP@Jcg4%shn^MoCpc6}@3p-_bT>D$uAJp666SXn#wuG|iDAIVvt z!L1^;=y^L8=GNKLkz~zJWHwZ*^mW6xg{uqiGvPN{BYo=YtR+J4A;uZumfXEVg9EAh z6O_#P?O|h(^EJY$JL@G4YyeYdm}eLboQI^+WCJ4M!T^9Ite7X$XB z&Ku_SfH`>x4fjUC{pu-Uo}ap#$ie@3hfjB!?%g#I8%HscD;0q3gid`k$_$#7%@A75 zJM~(*8TmsPrn5v%BRVveL=UDplVncP*-i+DzV1pyR2TGWS-LgIx7Hp0FPorNiq0$@ zD>vvDIvnxrB!T>k>n-arYjz{9NDdl>D(Tz!ySnO{g~fQ7(ljmclzaIS$?;S=#xj+J zRamFjT->y7UbtGwi?JGU1v7sK%)LH~z2_cMb=}ztl)<|`i&Fqfl95}*VC%)Rc(YC? zfU7UHn7emhB$vBPB6?cTQxfiB?0JQOCF1-^?pNxJf;6t^2Fhys7&TIl;8+cSo2p9g{1RHahS8v{=mB=G zk;GNkWIJYI=*Zq|q+Y6qjVj6|5mPp7qI}k+qeh-Ri&Dt})j&htl{X(f(bv**!YW#! zXN+cNt6~AxkpDi)t;?^SG1j3et>M2w?SvQ&n2ewcWj?=?{R#vhdtP9^*WRGbs_gyeG?#3&#w*%%4t`JN{FsHfEEn zqXbUNK9|)ycfi}J#C(Qd9&q#Mn(+r<7T&&h$%wR$_HY4xADHg4m4|Onq$OT9>4DQ7W$o_5?Z<++0!J4LtH&fPmtJ_;1cWv`wa9S=n2F4c3)T_KQsJ0D`yGo;I zIJcue-O@T-M~%BFE^}oYA7fr<{Zxxa)Hobm4Yih(e6@NDelcOXk?|Jb?F2j?BPw{V4co1)o(g{aS7kuj}SanU?c)Q=&1dLbXCW$_d zgi@6I@VERfK}`x-0rL0Vi*4 zaN+>P6+=gK_E%LNp33m*J?Fz+x+|e}MhSJ7?qTNjU@*ZwuhIjL)*ycm(kEh-mhxIm z&*i+yqgAS%@%pl^(`;|KX-yU7DOjIy2krDDFdxbrw?S#87WjFju&*<20srzUGAXn; z5^9Ohw!u~NW1DS*Dc140ve=I)Uq-yQ+((P;R;#)waJ{H28Tpf*&ry-r!(ki*US?mj z`<(-VgM{_HD9i;v&v0WJwa znL8(vBasrn5gtfj%~)$BASxUAon-pNfbA$v^|43l6lVYHXbi{8^7=2pRohd#M_|JJbVUXjU%md zuYD#xV8(GZBi{$@3JS#uxy{1SDTUlt#T|10g63f{2*V0(n)#i zb)3}jXRTKbWB#G0@`EZYsK4nSh!J~|aWN@ndG!E+c$xMP$Nbz@y1 zDKpl0L}svTxnP*bL{-s-Kvt!-<%c$X!NkPj10mxPG~0A3f~en*EY8@Ln!St!mBHvP z5|4#dvn50pVYZ1lKH9#Y&VS!e#)OK@#O%@e!Ra&YjpJxoph17zmRH$7QDRqxnR7)u*ja#URn-Jr! zx>Yx+m709Cjhr@6_tQ<`s5;TQ`nl~=G9p2+WgI5@!coDB1{_@lB$%S=m*$J>f_>4R zxWj+SAvL2OQRtq>j#JdKD%I1|4&`Z9H_1^LM|MpCMS;gA+7OZHtGcF#IK0pb<_%Fd2csCWFg zS!X)ZnciOJ?gH<>=N1Dm375j-s~##1M|SQ)sW@m91c z#D{G%R)U*#sFh|xE5}i0L!QTRdWc^h6X=rUbBLshDLEYA7`pQuooMZIXVU{1Cr7c| zd9j`L`kp(_oW#>>>+WK73$bIAsn>aVmwca6ib_A%x~t(s^uldevl+{dSH87zT$S{wQ**DJ?Irr;?^i`qp}*E71icV;UFe%4pq~1V-z;?T;}w+v3-E%Aq}Md@osxVmQ7y%8+MlRHc)G%CaY29 zcIq9IrzDI>c%SikYa-h=GB`aOBVFl^!X5teB}8;1NcDj-OP?)e*UBzXDIc(5FzHP@ z5wB{KJZ-aL9U=}D@=aJlH}I?cnOM;<@C^)`o+Aw96&(_OOLzel9M$^V9m+xyQQj(L z2g+7smgIG@sB%LN>V8-zQ}u{8>jD@Tn#%HQxg5^CH4{_wKChBL01~< zQ)ul%EG^p?Z3Rb~6qC6|hG%I=mAZwV#dz@$UV9DW86HMRQz>`I#@(B-CNdP_)RC9w z4pL&iCFwZxl!3BUuZ?J1L{h&M%bbK^t>NaREi)L$K<4W=bgZ&?6GrPT`f*bqo!Fu? z53#ke%OgDZx*Y%FQuImw#WlO*_y<>8J+o4Nz{`kr zw3VyItr-pR*;?K_QPxkIj5`nQ$1LjZ10#Lal6OdWNoXD?5Bm72?Ks>t`^i!U_!W~i zoK51|py8RD;ucy$+JqJd_Z*HcHmFbMOo#W{a|8Jvg zHI1m9kCp>Y37g9XkbJn;W>a}E!>&Y2gHkXXW$t6etuwn#3v2q^p{|eg2CyPFpkBr@)aFYVaknud zT+Q)DEC~Okj-NaHYn6cdZoaKP&W#Riy7yFw&1}(J!OqjqLuZyl&Dm!Ml|yr8Rp~Z5 ziaWeAqb#MiIqb4*PDXi|sx)y3)G3*RNo80K)K*4R?Zy50-4F2U@)lMucYN#>pRb{F z7hAiDFbT$OmtA1sfRiz@{iIVn{$VfD5mN(ry64UAnoM)S#2)=d-d=2p@sW2@c{JYX zKF0VkU;nUeYjnG3Ln)x5AEE9{R8i8!$qRQ?EbbW`Z?p4p5gTn5-~HoKRP~MyO$SM< zwB*#-nYOvO=}(7C^XA9FdQ2}us%D_x<4t%PR%Ob}^1g|fyG-W5BYY~KDj?WjgV!*< z8Tje@m`1WjcP8#C+!db0Q3d@W#v)ZqMbcfg<91CIRTaK_sd^6gnf|x`u>Mc({qskE z_SZjd{QFIQRAK6+nW?E$C-7(b5`*VX%p99Khra;S&9eZiUAt#`JG<6JxB8+0D z5C7@Q=Vo4F-anpti){{g?JG=BKo1pF%$ zh2Nuhr@rogH3M6PVlEu55bNiPb@^_I&$~iXTKVTUC)B=CTdj1j84e*zz(X5{wyXY=XokQqfPFcD6%^>w>fV?6lN)YpM4iL;0aNfWVN_vA$`#GCpZS=En;ph;M zFR!2&1~^YgGB1Cn^MRDFW5hsR$I!MfzvkQaHK18{fA*Km_~$GfC`TV^KcC%JRFrt( z%YOw7BwYCN-w^fZJ^&OC!9+-s;7D=AVL)&gkfeWS*%^=|1|;d7 zOa}PR0h9m=I{NRK#K89~FsA{JgK2s8>x8h0zkdAX>4TS`ZXIAOpKWq1{i^xJF+&<&Ir=_7~@_yz#OFg+BX>uX#jCK7lF@ zfBV!c$6k>r+xZVjL1a1P5#$Aje?ss-MC_%P5jp-c($V7SqZ3mnUe+Isr zf%ghJH+}M@3rAwF@17A8oi>?SaId|p6yC+|{a0H~+rjOp5KDwfR(N;|9m*0~AUqkvi48YMP zZ31vn0C45+Tf&o%raT#Z`K{A}dJb5pP98_=!6}Y`K{_z=>7&0m$zFc}2_S#L7i2o# zc;ga#`hUne{W==^<*V%d!HHL}n3nMu3FODM)bxxj_P|9JA`vFR^glJfCO+L?a#ec*o$J-kjr`a?ucL+xjjyjYXZa;ki~ z%;cBLFTISWaZdl^v6oMsyf!sOvXzENfx^#^-s8xFN}m0_Q&PZ%!{2A0p8Y+k`3vnG zMg>I)+K-3^7IXL~+6FQt$?zkVN1^7+YYDU^nRX<+6N;Qet6Ah68vO;j1A+qkmacXY zVpngot18B(pAje>3{at9@^tMF5j6iELL3wRascKOfl);mc?AAqaE?wX0;7ts?-BTW znxm?{=2N1Gsn?>uuuebfjtZB?w?7{3(tNVzhnXANr(R} zBCk+gpe&s}xPUq?9Q_bgf-z1X{rZJ3*I&&8&LoN87|3^V3fzQi?36MoE;(r%3ORM` zYwiRXX!{iZox%_a5EFCZ=pX#r$rBfjejoq8;=!C`<^eO9V%g}#@0}JHLVtP*EQYHP zfHt_6|MAL#!n`V>5ptPl|2wNBI_2IQZz!|qOdsun&7LB!MG70!5xEF847I*-9?KN< zQDZoF?!wWSB^`~itnv5UrIVPxgXyFHQW^t6iT|HF_mZ1Bb`I5>YJp){}f>~_bjS7{4;4PV8@+1_q7>}`WS6G_r@DKo`;2ic76O#se+Hs| zwx}d4iC_$0hZOjKxkk}sH1^rdw@#it^$N!DcaNQWL+B1;`+L(ze<1(=Bjd$yN#OS| z631Sp-hAxUSHSeolEX2hwDk|u#`9+~=6`wlVERXwsQFEU_=y)g2a-5;?*C`+Ti~NAuK(|DHrdT<+1&(0OyY_tC=fOw zfnY&-DyYaSC|VIV*$t%T+rohpgAbkr=W005VFCu=cCA&c2+ln5*+NKX71j{x+mRXD{;J`eCg!eY47+646 z>@<77QY=r*<8Xp7Z16-kA|u!#RIW46>@m3cOy$?JOHfIPwG@l6q><)ia|+0GK!KbU zD30+@SW3vOUoYG_T<9Otm^}8S3Pj=}G|F0JLC0dc=5vdXut+lH&ek&%d}ih-0fEMB z0VW(wp%w3Fee8L z7hZNdcr171fP$Yc2N&@Urz6V-31OC+Kwzzq`#_%ETIz|fDFq=U-P?+OUr96&LVK13 zTR|WghdHPcDF+596FERKNENsz5+`vBQh;b@i8BWadQ@||6~`uAoO%Ef%moe}tIm2@ zWoA?yZO_KSg`XN&#tW1V^t}*#9-<0Wo0*DOS%}>#NzN`3yF{+IOJs61aqJAU=9d5t z%;M)|JU@?lIuP~e4J-s$YPw1!%XprXBz_-gBZ>i0BjFz=eT1&(y11{}iTffp{sNKlInvpa$AR5FKSpxx$hqyy3}?i}AF#&uZ0 z4KaWySG`7RjAc$AXI3n;QaDC_DpL+dY>CSXBw&0Y`v_#WV>~N{STQpB;PpWp)m~8X z)gT{-n7j%p$v(UT^a=-uz?cJpUT+T8ZrRg$V(Wpv)Q*RXANUP5SR@a*7|A45Zx4DF zL*+FLZ$}n8^-aZqV@(2Jp6EWX3LJ6S4on=3=6!U5QPivsEa=`W2mS2%_!jn4H8@#v za$JAh@rP89Re~Pk%u-1=OTgw_asY)^>^mg&HkFzyvOB&FqfTf~Pp~ zP&)q+aXZ;Jv22OjiOB=J%esqoEGN%`Wofe{dyx~OTKS2z7bSGJWZNz7SH=CRxOa(r z7kb+17-Z+34}b1xCm-o`$eDvi_X9TvqKVS6VlZ>G6FdwC5<-@8fMR%Jj6#$_&IWyHoN9n>}t`IMoD@Z2@RWAtJ8($M;e$o$xdvd ze)H2EKLjZXekzdO_@P1|KoM>3$gx&rsci|@TH-jG5F|tpV-=o9Ko%~b1CiK^J7g~o z;s|KfFpxsY;jRK>RHh02PB6+7c?fHTYG8B@Fo=~#=P4nTLbDwOnhontq8dz{3%FKk z^X!^6Po>i{cLHMoq_dwr8(o7^#0yF;XmA+Vn3K;cK;pTwp;x5gc89QYTP=1hPFT32 zD;*$jrTKYU7HJ;IUJmJIe!fhTe6~L}(vF&(XsQxrAOKq~Pc?^gVp@SchhxJNtH5fj z>V_M0-HDRXFA6HGO<5&Y%B!Le0J+v2t1z4i(mZ{`=1$n)!MKn>W5cFGN$Mn{^nxVl z&!s2E85+aBP9;MPIeDni34w-()G;&K-7AE(u~txn;;$%zh7 z9vWFGll~vPO#);yD>*H#wa!;y#{VSEn^B~71+tb zVRV!B6lX@N2&XY6mDgh$ zl1=5KY|5$_d}lwPXBx{S`-+_uH((_L2PugbW&+S9NRVWdZ58C1Qs=SDBn2jlH5Yph zyDb;5GAy8$e0xr=@|0PvWmb>90ABfHf--Aa7JmKhP9s$EF}TcTEwc@@yHXLRn6hkZ zS@tn@PdY9mvMk41mQ!XgHbwV{FSA?AunKTV;UovRx!{|!@PznAwN~UZT+2%BP6x@S z;2Qm=cPJK7$h@6syo$hN_JRn5&2$*kHOrADyGX8+*hMNFa%seF0#7cU`d;5zZ0Z3O z#XYTo&E2w$V$XOq z0K=>93u(|5asZy6{{2j9pD2#@<0!;5rw9HbUIIPWhoAuBfaMwGA5HXKaap; z>fw)TV4_Mus}gsOxNF2cUfkowJyF~f2cmVc`%tv8-Q$R0QRJ5#=#c|V9X&ugq}WXW ziM0%Z)3jd^ki>K;ayp|FTZ^QSj+?#6DST^zqPl3ao)iS17)bNOiL;SJRte#DF_Nrc zCAjEB9#V@(EfSD|^Q{&JaZ$pSSfI!8t>Wk!=mnx6WkhqIgjY=htdSyNRbi^=3-#=L zbH&75(S?Bt2B}1|^+bHDI_RRz^r1p8#AT7q+={}-9fY2z33JILp%igTf`P~u^Quzl z<*FgFT4_z2gt!xYt28Qv9iqfV36YrM$?g}4DV}sM77lcw^vvR1yA3O&kQmu)pKmDv z4`hMJNgrFeI79G2rc_!&@q#CDzHFQM0>cbc6x(w|gzyB`AB+>eC=L*pl2dRSi)}5I z#oS!<8M!|kDgb*r60sd9;gm^S?v8Q@dZOzcaul*k--O;R=LbCBM7exPGge9iR*IWk znLCjHYlSHmMkOFr9i$79hutxr0r1JT-zo`jWeV{*we?7!V>Xl*WpPtDiJy5K0>6C z)CtA`oT_94LcuWqn>SgMplQ7%UeAH0ZX zd14E&Vxn3QY_5H9d3wh|=uE*gq%=ib0X(q_;mRIicexXHd!kr?UbKQr-{gtiEJn)Dy(&5S7hTY%9X0lC5C)!6SNt(l_@>-`pp;CmQWelD)Q4 zOkc(m0t#O}@v90bq~e|oYx72U1WDLcJFpYP>3V6F3v0gWV$XYG6R@^J?!fu^q$GY)8rKXoAf>y@-G!Bax(fwft2f?^$-?mC>8Va} z-u1-Zb;mw{v#J9LMg%4@1@AL^!qw$oCRl@uS7n z59$$Ujl^(HVa6wIpd{#a7RaMTo^H95T;e29iPf-J3r#3QFjh$<v;y;9F7I)H1^x;YO5OEI? zx3I3s66{^j?}T6*at^?;1DWM_Jh2x&vHhOdfg-I01ybfKNt70ZXiDsavkXdI*&g#a5WAg;We zLi{mUJ@V`}-CGE*S9c0Ilp)25;EC-9D*yu3Xdgh<9>t&w&zEgqDY}Dnd3WZKyM*o4 z<96!rUHW^!jAY<~KgBRdjdFIXa?o^Dtl^-B2>?o~k%&Htq}get5d{?jv!8S^_9V*2 ztS!Y1qN|j9Hx62CSagvY*>$}oE_-$<3r`&sp$Lb<5E3o6d)&zpDAE(#3ym1*Th+-2 zJhAQi#6&ZNCD^OK(OmJX<^o0dDZDcriyc^QW9?I|^TgN|$&_+P!#StfI#r(G*p1G% z6josmQdp3O?Hv(h6ifFJPIQ>FK==!cAweof7#tp1-nP+c3{7J&Aczwnc95A%j8Fh3 zLu8lm5;7`)XL-x&RH!sQoGED|uz&=KO=x_9@L0NbSGqvbMj$#JKvE9eqyzR#z<%-q z`V=yN<>ZVV%*``KGRHLL9!5I`I*2T`XRCR#0appdB$y^(tK_(rFSQCfSbVfwK*rc{ zL+^-dp{TBq%Au6_KuLomCrC#WH>`xMN8{v2j(~9_b2K?^{XAGd9@@-j4`-O5FNd@%=@RceF#Gu$zvgfh0#YDA~W^r9Y zDQGgDg={M)u!}fA04GI>a$!@d7s8s%J&}^t9O! zOCl1dfDFQaoIY3q)h0GEy2*%zP|_SbM`Gt-kT7q28e>()_%y-IG$Z4N%#0fptkBia z>(2qKIVuoaYdz40K${A*rvmK=w5!0}RA4Rwb5&q|Dli{``GQ6e5Og^d(ef}{O0(tY zJ2jY*zK}eaKFUk8kD`u&?vtJZW@g~fSd9dOZ^ouT??#71t#jx*rqr<^h+180NB0<{ zN+!Qxs(|8`(h{&jX=>#>#_qOe+j8vC-^fRg$EP6;x&t`hP{R3|%SS%h7Q{`m_fw-q zh9VX6)W}0Cb(cOyF-%hd99=3GpiqN2UXVJQ&VovadxeIdN|P?Ym}T5DNE|o~2p~*p zp|s(SV}Bsi0#zPo&s8&3Z#%$pCnw^E>{xZ+RfmamfiL3IR2oAtK}{i0t3`-{OX@-^ zjk?rK@d?Ye68zADMyy6(bDcjcvA`6*XH%2lXb zmQ^*_%*`PweOzZn13?l6Dwql2*m`1p*M+055przy#!Zns@ zJdi{JD4T%2gae{=5jkUJrwU~%4`L}Sw&$rtq~DQ`+;N}58GGWZu#R%47hlC`;YrAT zC+_tm&(^_+ud)_PuVof05X4sr>%LVnx1RXb5b9#10Wl{xXXF;!h=e3$>sUAnOPpF3 z*LuuyN#W7Zjo?lpndz1Q?3N@zS4fFpZNPA~lZc8pasw&b#&{!qn9We*p_Cx1_Jn{y z;EG1sQl_~!2Le@3;%WT^Cw?^%7r&Oz#Pb4SnDZWbL!txYPKG70Q^4-zW)HhY)Qy36 zn>+CWj}{%I&^CtitN?EcQlcG-G>JMDl$Nj(KZuGp;70_5AEQGL6iml?YUfEt$j59z zXZmGd72kl0h|Z1ZF~2V5h7N~J&6lX#0~G8jbwX1I#Ug?-0Ww5Vl@s_^ov-R8^C|$S z6cja*J5tKJC?I(&mQso(MVl9OxFe51{V(#!L})T8tvb#wcFNO6Ha$0&;K=ioA4Hzv zAQk=K5_jY!cjN_ZnTkN$Jsn0Kk+M4=(P#3fWq@|zDQAlc7>EYbRqzG?z1#>1iyzqo zH&4dk(CcT0l!u9w-XI%;#-df+84)z*!b_F&JYpCCz4k-vzK}4{M2BdmND8G*Vvg4pDJ?p|Bv@>)5Ud0oN8<>dSXd9YqEm{P6lujIKWS2@ z=#P*;>^W5;*~`GarNo{~RuWo9R5T^2j%-mIU^q~`3Neyz10TWUNIVD{FRT~?7^@mE z&gU~!zLcp)+N!2LF1|>FqBx@Y!919sqF-u|9b|{%DMTlRK9@tJRn#bkXg>NhIE%ZD zX%*S;fEY=1%5ZRI#JLeHkidZz0`lIeQp5+ME%q*?^O4oKBZUkjv5Y~BM`VulC^?PuHIVa@g`+wKsVpenlxVXK!I9Ez(bMo)7Ul5yE@Ui` z)$H?;LQ)w(kPvGWj>UKz&T|35Y$Ss)1Dz)+_~czD_N88gsOKO|72!0B0N4EFsrGyp z0sSYV6b_<1cMOE)BPlN(j$+duBx3nws6WC5G#tACfe`y)SFxSFF*21FvJ+EI`aVd- zd31alkO-=c!) z`ar^*Ix-j!HLx@7$4E(F458D)u;?|YpeM9ebUfwt(5PcU>F!s3$TbNH_#7f|VSP|@ zSuG0&_`6Mr+nwiy{2!tScLM5akl%XZ`|_!qun&M>vKYO*8+#-SGIOP--oV%r@pe)U zqwpjnyk0oU_2Rx;+;=P@DrtfTN>4N;O=0<+2Eg zQjo61Q-T4KbYX!Pl^&5M>uvx=Zp5AVfV3~I$D@u?Z73D15QNWqa+&fdNd>1$5m5g?CQwS@5`p@;Tyk5sDdg7U2K3L2v#0)cc~b% zbjpK+b!p0BTMCfzOW(Va0fZg|p&|pJ7eimVQ2NLk>Q!(wnEdVp4(p73dK_Rtu#EhN zNCNeariKMKhYt;v#pKW@f|`Mq>C{$JPzqPvEjt!b3l^LJJbgH&;Y$bTjY|jU?Mnsp z;C!N9O&)ATIGzO} z>{OuFk}5}Ui4;NMom|N*(-bc&_yQB8_*cSWxYGkQ6~soXXf!%ifssM9Q50Kx_)C|a@VlmVtxWf=~ zVN4t-o*$t`&=*IF>|~72fI)pSb`XiBM(|Rh4KZ&DpGTUapoh?u!Dcu;pY#yMkbTdL zVMw-Sao~0l^b+!@yO`&KI&Bt0aG6xo=tc;{-S(_Jh)?CHHMw1pTTxI;ZpWdoCkZ}y z4i&)Wkj=*O;ZAOrX}m)w?hbLw33GDiv7E%Q8mx)HI-j@6^BKr1qG4d1J%b>=5T^P` zabrvmt(Ku==wdY~N{$s@$|8Ni?pgAYGc-`RQr2x`hFaW8G7`hA?&L0YsY%Suz&&eCyUu-S7 z92F#QGKAfp*aS~(Bk=Bl3Yjp3NETb=PU0G{&LPIu>KvkSNQp8VRN+uZQsPE3lidba z2?x1A2@xow-KjiK6-?Zkd0nzZHKXKsNJVggn3=Ny@oWqiI7K@sH4}{ya;NYIv8kBB zsZnJbKeznzu zj|<*@2~&$7ZdgH3S%b94VFB~R!qk?4v=%osO)L%Of(h^~#|jc4IV9o~9+6eoGC@Lv zqXirLRdEClg7QeNfhmYTtOnM9R3;N4R$l3Yj~VtcTFKZrdfj=-qjnMRB9X=eY zYB&+m;l#-(;q0#j4NMI`AmZ$Z=N|9H4goq&C{XZ_0$T_nkpvqS8jz2}y-k1tiQUQm zR4xSWDanp*;_7%1Ya#DJQl*9dLwJh?BIA_W=mWN|7rMvbHfnlU6qIV@(8HL z9_pK$OOwusSEB)F2;SLhWQcO7Ug!|EF}4j!jNxCv^FE%%;#v=N2H@rEC@OG*hmB+X zlb7fdAR2nUxcjZdU2;xf+=b%FtWuv!iq3d+t&r)7&~5MpVO|1PgrJ(p)1)9G_~dAv zgd=m<1u6l>o{2=b5!(nAK_tSPIue^OK*3nziS0XPS1A%os?o;`=0>+>=5&RN`bZq{0Ck2Dl`_9y;DZt^_7u;40B=n7E^IU@J$1z_22_f1EvS=Bo9UxeqBnIk2Cv+ZQZ~?|jI2AD- zT^jCLQU;?=7E^+lWSeZu<5f7llQFN}*cON%yLntfr6h}V8g4qUcZenpIt?d|{De=C zLeh&>iuNZv1wk9weev6Hi4nJxVTb`n1kg*QX&Pv|6DQIbk#dX%0(B<_DC-5`5jSV6 zI&70uAvt#AWHnBOBtTAq#05?Uw3Ixzn7ha*gaU9y$WxMRg{{3QY#B4~P89*khmJ-g zV!evk-z(y76>*?f#C_9cdoA)8eVYj(ieOW{v3`nQ4t1!iDRJ_mZ4>xN1c4KMi-y$3 zrbRM}Jcm11n@iv2Fq4uE@miO@*WNsetWRR91VDhGDwP8yL8tNy5Qs%}Mn@w8k_PlY z3PKE!4=ohY;>DJR6LSIy%1Cf$vcp;7B8gHP9xkwy(bI8tySUlJE_J;_PbcGWLEQMFToK#)*<2V77 zT!c7AiXC$M5tIVIigLjgQt!u4!7Xn9C2zpZcQ@&i4zC31U`F<*z(fhjok9>ruXsf< z;aX7)g(#rqD(;-9fA2}|7J+`^q0E&9Wt*0iSDlm-r&keUSnf9*2L?m1$LkiDtn#`| zy`GU5&ZAKt*Ej~_>Ru`AiEwC%{7%?0`l7kK@LgJMZ@iNttFZP^jD~cW4 zmlu8f^vIXyIKCA=?)*LFQ=g2i(S~T6Euv}HX_}T}#RLAi^CnejHmK<0U+!hkpZwFe z?%1>TrlDtSx8%&575vRxOYCp$Yy8S7^}l~B^709u@KVcNuYPUi8=YmB+c(>2X{VuMeh9%UbgV0A8)zs$!8nyyyopc220LrSyJ=Z z<%{m$GNkdJH=eiuyJy_|xa+qIzCQbotGjnrJZ%4{@}hwc@7)J50HB2r>{~S({Wb?5 zEYm%sab=vdG3X|#!F%7QJKtF-*i|aX_p`c zt<2KeElobEug&tSHMGI$htbFZ1dQfLmBmQoGniw^r zi;ZZr{az;#lm0v(%2MB}bQp;T7>-3qM$@xFZ4ADZ7tN~`oOrdx2&2v4HcgqNBz);F zJ1j;!)u#xQ;Ywu>IBl{s)84K!s7X_`{C;pyQ&v`KE!nWXOS8>1`Wb-HOd^I2{=sBZRs&2D&*~}J}YgQP=yLmPLo;uAokQ0G3*-~i9vuP7G zt%{!zP~Vd@KFTl(H8#TNCr1iD(#DT@(f%tjM-$l-v|?o~)ab*Ju+KYHi`Eh83Y1Kc zmBCszg%hO#)hRRh%B=p#RM&A}5=}G!OJlQ{pW(=~8?5S416x`6SKZpz*RNS#vowl^ z;%S?e2A65;n~)i1dTFv&b&>g_(nDd*RT-#dYuV-MOXf6B-3llJC_#0CGEZxK&C9Sm zY}iZYWb55JH5oJK5NjX=%5J#%^OWe!(=_WS&7%yz8lURm*czl}3MUU+n>Ik*u6YP3 zjn8uSC=1plY>|1EE*eIP&NA zsHR;Tz#vYbE|~wGB+1y{0+11$Hn~0$oz||MX#V6%I(N@xHfW(~woP4QzhhhW%eRxZ z3HRLpm~GVCJBQjfEjf39^<-^Cx*QTi!@hdYkA#gxOh9w;OVs>8yRsLbSApjEW7HS}_Mh+TuUSNC3<6 zM2lvtL}9kw-?nK34eRg$&~aM!=kmd&XOI!m+id(f>GppfR^#(%=AKj{tQDUvjvz(_ z8>C1_ar%og>6A`o8{hbFX<0f=UquW|M`z|6!jDpsz8T}5l(**xIErbaJe^2=nqUAC zMI+ytpBQ!+U+A?#T!jO1JR+~A2{#8T*HIERehGyi2U4Fv{dD9zZJql_gxug;$c-E+ zo!L-)roD7Fj^?L7J<*T+EZs_FWt==0xugGFJO5Mg_gr58Q~mUL!f$QWtesk9SGpJe zb9n!6jIZLf#rX86(rk84GMG8iZ25c?@KMNzlaGFUxcTt#QN%|vAN~0lz{gQ|c+*9v zIm3CF0bFAE)d(=giX|QMuYGULoBq6}nNb*p4`XvNZ_#{*OF+(oj1j+Ore>A;P}tOHFdBK5wbMjlpjs z{Ckv!yCm)o3{IWQz`x4!V(+-yjDfyC=V`RK@7OPT3w6#xBnlSm1kE)Uo2RMZ4X1$p zqARkt+!DEBURQfK*jzp@Sl99%RaHz4aBODyzZ3%|k z!~T|lKNJ|@JvSI)mI;;RKK>iwozl@1?g#}Zv;;fCA%D{d@9d7crpEfSf?c((7YAD= z)Yp%#s~FwTP#>ra1On9+{Vlat*Sw1x+fY(tLu0)^jN&X=Fw&E3!=roB$1#Exa?ZlaE&khgd>2%Eo#RnVW7Dl$JJ`3=ddg zz$3PRE*Bp+(L0-|p_yCAkf(T_g)8r{MF2=>qmrRbOfrP7LwtDo=$4dk>TMJ~Stt>S z#;i01SSfWdA&g#oqG$6_%VIj|x}1+TKDzkm;A10W6LdxNh6v!%>rhZWf@34$K&hUk z_}?at=2c^BPOj9OGTww@5`Y?(g_vnQ6Y{RCQ&1g z%r=paOC;eYs5PvCOIHezVj%D*-f+S|EXy^iHP%!N?fJ$Q^YH{9Pva4_B?G`K;o4TGCLVl8Cj$8+AZ& zP0C6C2q_##&+!d(MdTV13%U)DBwFoGuH*wf?oM9A2L`7*c^wjq;mF9XC`CQCNN1yi zVc!we>$>WYE*F`+BC&h&A8btWxAe# zBS%1rEh>mIlvngzK9J```^r(_OcSH=AxMR zA%rAcE+oK^LNPqIMr#;a+}|83CE#4IMCuj8TukI6eo|RscpDY$XA)@hp=Mn(%J35K zg-o&@kK`6SVl@bh-c67qP@EF@mF5#8ujgYeAJ_76As<)MB4A3708Z#VF?^MQkl0$o z1-sq=aSf>*=MJpGAVx5uyr2%ASQ`LH5HYbZQ*Q$(Vzz`K5k5#D5(glRV#Wa^QjeZ9Y{`g)#-r-|E9|vSS zruA46mY7O-m5vJ&o4q_*tF+M51BP*=dy!5YlT#ODG2dBuV{qeSZLz3^FD}L@o|x&E zF2{psq)hK}x?nXNXZW3NoU}r(rW5*#?oMZ+H_P2AH-&kb6k7P`8-&Ac=hZ%};5>y^ zU+553mq@}LNkDf3CuIp;#e-_CN}Hle*UrF#4?FJotOMYM%DoTYE20^CDbU@iE^?Cx zfMx^K-EhB(mMy2cqf0%JL%6-l>tlv@pd_KDdyjOmb%IF)Z8uZmT)m3uQkZ)XI!L`H zSSIGAcXz=iOe&B!p-g_Lpt`%DRLFFUQcej~b^@VzLF*>!vq@~R`jU@FlzJtLQ*J{s zO0xC1dL?1SgjxCopc@}x=+8b=x2rf$^#o!dEr7yQjq9bxRQu)#>J|S4wLjeO2D9YA zrAX*RL|1yKf|SWZ72)PU&oGXgu#B6q9m)ui2i##%Ie@-jbckHK)xSfqlDb5&kQKcO zCM0ncm*hp=&4nv%B^%*eM19j8ry`vU2~c^AA7B*$1sq-C0w>1 zlWYN`T;#wHK|w?1*#ZxBhmj*2aKk7g6e@6=n9mobs_2X22`CRGYW6b^-mcojaCA)lDR32HhBZNNqBBos{ea>sqNc1$OD3IJ3>3mcs0v}pw# z!&a&%h>tPAfiz%YUsaW|;kpMeD2)Jie1jm#>-)M3-}!(mHMdm+O1DZsM1jd&oaV%R z6xQ@*%sh;iq+AxUnZm`F29)4YD=|G7>lO|=73FX-v$6OwJ~dF48kh`Jp+i`z=kNn0 zeCzx_1O-4kI9RaekkR3pLxZg@D?o#XUmn5%Iu-*VI*3GOSkEUhiyXiYDzgF$CxDFp z=v7P#?i^Ex+X(2bMpvR_5EnIq4k;YE)X+SHJpg+E-2jd#!=Wd~7FlVAPh6l1g}CX5nXg)E=xRb`D;)+HkPf2}=2=m01%9Gi zKnH$9n14O+ljil(9wBDn^gJvuGm(%FZeN7h%0>nU!oXY_HXSJ9iu@BIu)o0^m*zLg zlZZs6(+g>Dz&-?A+p8e zoq1wxDzi~HgH8J=D%tD8y2+UfgZ-tczi=L=nu~YJJ z{S*>1<(C5WP>ej-vv7hYVzz^#ZU!dY`ZAafp}hx!ZG<2Z)>H{X`=-JRDl1+v>EQ4Y zfC)!hiJ8O&&;<$%E0RKjrN=r8y$(`H-4-u!jinlt#1rd}1s`r9GV;MXuHo`Y0$@j| zntZ4ZR878OCxhy8HK^o;U9g0;sjxPwE{vIkO)+=Y;wYtFECK|75(4Cc#Q@z!sM<6T zHPJSwku#|~;w35qnq4yjPbE42Iw(lfP3Y zf2ThAJJsZezPH%0a5}9nj0B-Ly7?Nc7NV|7JHSpFZH-2-wa3>{;)fjIisY6M%+MoD zv<5wl{fjsa4i7|9u63h33@7OmF1C`1#>>gYmTwTuY~`@p!7reTocxf1Pz1PX zT8Ateb#Q60UW{5W1#JuRpObV3bWb8B0I9N=8psA**nB!^AU)lw+;SWZErrYw-Iqo9 zJWFW=1*mJwML$aIPV69Z@jWMt1B^9{(%@Bw`$w>mPe+-xz-6=P&ay10D?2;oDYIc; zon!KrWqVxE1XKBF*SsvdET@>4m@uP3K)qp&9EzGWO`a=02WUC0@?u=0 zxrIJK9yV(zf=)=pfHsJ+tj@tM z+{Ez6ckDo*cB5q3D43Jbj84xaT0Sb$i(7h>7wWOxUN9H#M3rDjAH>`RyMfWOQ7N}C zb>pCdL@r&lOS7j!I8d;6Qrih=J%Wa!3aURMLu9iW+Se4KpHZUTm6#;#ecby@Z$sci zT1*`$F6+wXBT<6nnCDQ@#89&E!xN=yzOi6zv;c4lD$s0~bpV&U*m{LHAQG|?w8POK z76_=khg<-YlGcjMx=HsjyJPn$s(AcOekrD8uL(B=I z`+Fudg&gan6)~VdcyqDW#GPg;#~{Y5{QzDWQN6Q5OnSJinNdfX@NNb>BisZfFay<7 zP*LnUNt1BfUS>zkPxO?QU{X>28FUpJjVue*`DwY28!!lKF$_sfW3(zpuRhQ8HeyI~ za9L3x=`&vRO7Xaeq#_~gReaZaeDsaU!AOFLT@g7$pD(xfjN5fXPb^ zR^qv5CE{5rIxsVnmHdMw14$;WXQJrcE*WpS4Q4DNH2DC@vy6_|h3a()lB=xX>o7Vm zf$&Wn9dJnNVn7n6dQ^TF;wCOvg;kV3F#Rf2#m}I4Vpl_UhuMQ!p7N+>yEN_*WxuFW zVKp(52wxgoK(QSF?8o)oFd7ZNELL7wn7r6bqm`%)4n*Y{U>l5vw};~Q@!=OV0Qd6_F#vQX?a^B@0E+*y@p=LY zi(Lq)1!Yqqo)nahhXYt11pK&rTFh2alKv_b1I8BQW(aL!BP&*Sd?6BU=|h;RM!zDB zu;Fri0F-Br5G)HB!-`$E0Cn>NOq5P~Vr#I8B_pkS(uE~CQ(}wxX&;acGbd}u9B_GJ z-NGnfMFFK3JmV#-(njeyhReWvLXEg5z{>*`TwZ-zJuw26+bLMVhKX5NQtW9=AP%<$ zp6H8|Y9J@%+|d`stXK?UFSe>1Q%TBzEoy9W83qH^TpzjmyhyGPB$*#k={aox5K>&u zZM`t9C<|HD{;FGf3N;V~n7Af&g++QHtal1VZX&bsg6QX(i2+;59SC~ zfK#iV@iM%MWfh7$Z)4;w=b*;?w zY}u$80X!K2>tLjiy$aU@c0BhjI*VOMqj|Kt>;|4PtuME#=hh{Q~=Mqy~W8X5gh z3T@bpW!j1kA@$J>Uvql0RS3xdPLO-h1ma#3h+j?CDRxK5# z#pZNlT@^ws$+Ecxi5II0hxA-4!{Lg17u2S+j5e;OWpaJscclGGUR}tl1pue%_6+c%W#>@8;ZMw&J=YURF z?0TT_&ei?-B%;Xaj!!dO(G4jVFA7U6E@g6zV*_IZa4Q3U3D9Q8jE|N=rh_*=bW2Ol z>=u5-1PcL{CkOx_N5;&L7w}99v<_GT>nnGDfUSY#zoHCOeJ)W%=wL{zQW28c$dyW> zI9)xj;&jz5R+fb#R3Gc{@GCe5LPifv!$dD8bBU9zxs~D}wum7m5KBNHfb=EVJ`02a zh{LF%3`&3DHY0sF9plTUUO4Kc&#qp$l1U$~dh?a1Uis=(pk9S|5p6Jss~oU}t2^cx z4%kF3;X02O(t@`L0xWiiY6HYy^x%bp&>IM)114#C@<)ki98JQNRkjbFtI0*gM@Rws zke7R++|Ams&|wY2K?S*3o@;c|2^j zhQt#bjPOaaoMZPR##&2paaA@?`1q$J!j3WeVxg@0upkDi%ONGHC{LjicjfU0@5dMJ z;iJigY6TOP4os5pBS-?|rFH~h=8zIzQR09K2iPHa^)qbv1wk>t;Bq|t*fJ=Ca*$Vo zF9S+MG%GgdB#2FqPt|wkB5f8QW*-!+&;gMx3g=tQEDc)C)maolfK`ZVDPQFYuJq;> z3`k=&j%-0FSL(>N%tYJFiMAmT>A!K1I9Qr>#6t&IpyUFcK9^u0QRqjGhun(5Eu#n$ zO|a{bp<=FzCWpy`A{OG?x~R_`n-3`-?b(P3Lt#?$==>$hlslyu44h=85ZY9zHm-*Y zKVwW`bZ|RK$ty_B-7Y9}6w46BiXtcXIJ{?kkp#kJgrj6T*_&0e0i%P+j9m{#nPUn} z=UR+x%J#XDc8CpLq*?#2+O={5__12D9p2*q;? z2!%0woQMM(*F`3nUI?h^b9?PDJxsATd}NaO5gB}h5)XHBFY1)}#bMosoM~S-a$=oC z8X5AE6Eh2bUkM%q{?DN?UYT zcnU=9ECv@C!ONCPpbk3-OaT=VOfY=16L`c5=m3Q*KzA8yp!l&{azMui3p;4Dns4y} zECXy77F1doAZ-RY?-8QHaTWkG?8*&cB!sP4yh*=>fgRn2fe_4JIhC1mKC!m-9l53-l~P z&iBNzu>@g)qYI`3&No84v160aD4ys-aVMDqKh>~_M#G?z0kSO#p zh!X+oti#g!9&l3MLy~96gIG-%)i_u@K9&wIR3_+7%JW5e2Ka=QgI*mL5(Ge>K-G`s zr6gw8^3Pgc=Dto4#v4pSw%Q?gzz&o&7OODzn?F_nZz zjDi(>(W~^1Af_;hAA84Rn;=p?{4jck76dxha8p*RoAXVqj%*P>wMOKA!SrvfPDkepYB<_tl z$Heg=l2{0dWWHOnD2k!R5Ec_jS>UjMHuJBH>Uy=-0q2GMZRfPMOzW%r($|@iKs%qplPWgPkF}_L((BrEs zt4CK=jILlx38xGH0~OVQKz&{1xG^;~mE)>MkFN1IRMm|gQ!{3aZ*)U&OhuKyE>K-v z9rTS0Hq`lR8tQ6lg7j20Kz+Zy-X9DGDuXo*HI<_q{NsYbhS3dy0P3z7+feVTs0{kY zj15#)jU6|(y29_PtEuMF)G)C9)CTjdKPq@upgSLYvt zx{+<%*kJY8s>*SdW2%ES)xm}_m4WIp)q%QdpMT6af3N~+0@YQ4u_y;HRt4%t2WtG| zDyl0`R9$^tz!wZO)YS#+{r*ayAE}UMY*qER(E&ev6%}<=nill~$6q$#7aa+W=EOIGsi(n!+i%$=;Eo3?QKo|F6yPanZ;}5@gnIU zi`IW;V|}Q#y|p3i#e`^U4aqeT(QdWR4K@Y+?Lkc&ZPCgf+u-dpX}Nb&Qgj zi*};QJgbcafPOxWYLCvinKt@DHg4|SIYDJjp5TEAa0H<|^gDrA3ZTR@w)>(C53D&E@$njLc@pOqrYm#}~ z5pHa1ye!B`-q3_(7#kz&Kpq0#Gw01Z$BT*I=tlxIy>W}p8z3<-g)Lj!Sih9yprtkJ z#q4QAQcMBwGR!A0F2OZ7H?}MR<$%_G_S9*U=bvHj30bWtcQiBvL&3mY%=mfXP|)AZ zY2Xi}I(#$+7$$CwYUN?`OlxV!j5SJ2=LV7aH*#a-jJ0T$pHMg9JsU(WT`NYetxj4~3aH7*dTqC)gRrokHS0mA4YJqDP&5=AAC(w5Ri-rDH5w#o_Dh8@-rN zJ*rdbrU#oqn9PG|YRKQ1h7;XVY0*aZU7eyY!^h9|hfHJ!NcYtN6__EBA6vA@CYdA6!SK@7fVZQ)uW53a+0fW>*ty`X4RxU~Obc&o zOVC&|hfWCvLH37wTQ3cUnp*tPhpK;ts2rk!TdPBHbP45_nQ z>n}bJvsf;^=t~;IW`!gqHS7diR{&d)>HhYmQ(6OH3)%r{b4Qqqp|?F8>ZlI`#(-B< zE~KI^sHg=dzM>Va;3q;}qlor$@BH?lx3<*?@P=DKqd-uCmj;E&AbxSdHsD=~T2WRY zSdJ?>^DNrTRF=;J43r7RY_bVC95I;d7pIo185vB_@bUB80_aJwWad>I!}zn7gVEV* zVHu6dda6YmXM!gUM@u*uYVkKs2K_ce(UB$*6_~SUS+vtXIeV}5w-+cCAUB^|S!mYh zRu)h_&Z1Qvsf~w04{}bjXycERv(NQEJr{tJf3pN&;@>O*tstNNNv%i^Q_}#c1l>H` z_?q2H0&+ywjJ(Cap1p?Id#u%|(f!G_lji>$xl#8Bi#D_`v>A0z4Pw_NOcdDVvn|>g zro_fRr+jkI9}0%#`u?O25H*lkbxj|oG}d=vNes2t2ir}P5;X@b+M<7{FjE!5Ni6|- zTSMUJ<_0h6fEXk_G6C`F7Hv{rl}yJTNbS~YL;e;lj-hZ0%6Zt=%nGH8>D|GphWA+v zh?vf&$Yuugr^jlZk=^hNA3raM#&A<5=*Fbz(X&R%a@J~iRJLAC2iI|qMVoQBrW?80 zREU;ZT07c}uA0%(5)Ae1FU;{Cq}(VW1DF&pjlz1C12(S*ol2E+cI%QQU=R+M6Ei%$ zSrg_am6M!MZDVt=wIkdow+G-STeJy%;ljWhxY0|&6&$W|S?}+(Xr8&LEyE&sdK5hPX?lKx%u&$p6iyA?!btyt!?H>{ zc-`o|pKTaMzs7c^1j#)s1$O&)BTN2ke0Ek z%Kg7R8_Xh|?U597Za?@!uC3lj~j20DOZbjLD(sD+bh8CDqsuk^DUGONb) zDfiC9t^_-C^mME6;Fw>k!Foq^p#xh2EkQ8-Xc2cF-brn3ShUpke+Fa<6bO!B5%t(} zw0E=-8%h*tzyiLUAT)$po27Tn=qZm*`-~md|9=&Wm68D$U$S; z=eIzr1JMe4J-~fgZ@L`WO8lB;b3KSHHd8HX)7Bc|h-}7~#_YvxI9$P)NcDb>CS3sB z(GE$d;pvmCKn?=oHTEl}QAtw6Wr4#7)TX5aqZk8GMr@Da2B`G$RzAg|ooXU_O8(QX z#IoE8=>cXjh7hY14FpH?ZdF{=}=N*V_^kSD1_sz1P6x3F?K6ny33%0TRJRgW00Q`Uc7vT@-!`8b*0YMZ5)aow#d(eJw zr~~YDGt6p1DDMq+`nmO%`uzw8nL-xH-B>S3)5Qq?;Z~D*7fF#W>iA4T)lVxxO;uuu zqdtq|_S04}-J(q~4dQubQE&N~?X4|Jm~4b|H<)s#CsgklWh9b?r2Nwq0{-hfi#GSL zz#O5B+Exre@E=qCVgC$WCXxaUoEg5c4&@FFr^mJPJMcKyzJF*D2oRRo&?8 zJ{GjY?k9!`36~Dy3MCr_p>}OJacIQ;MRAqwd*)Drk_BL~WuroJAOi5yUK9N2_` zh>Gs!&xVLo4~Gb_XZ}#g-=zjjCR)5W0_LHuLXZ1@2|ba`I7j*d0Gv5@htAc{Q!_`q zci8f(Q*het>ux_uMt$yTPzw)QvbKdOeVgE9|_+*XDnLa`rmHBHjBnDSA4PhU{ofD z1gT%Jxh)Kt042Mmm*A0GK{zY*^)+(8MWe0r|8^@fsZVJSs;^+KFkr^o>iGh|oH_cj zw#vzoPAW6E8ZTM2;x7QincVdBOo-JBfpTvx1cu-!ecfrr zE|GwklnJSy(wI_N9X@_iJ0siWl-8`J^{KP;&>_-074k#wZHKGFNW(W?wyl{5W<5^p zdgPzP&Fo>b^tY*f)D!d&HnVsH9$zJoX!&_8V~GgdLh>pG7bmE#M;eAJz0QDFf&V1O~X1 z0{%80DPn00g@>J_pUIE#LIA)MAf5ATtb@vXxQlXQJwL?9A$3}bF#QY%r;znZ(Nqtp z@AFVpgwC9zeVwc&n>_wu)UP?RQQ|KqKT{v<7JoIJAGe9D|qEC=N`_b~LY)X9- zr2OP;6cW)9z_5Ovd}P%1pdUPYDxaw|is_!(T911*;47vq^|veu^2p|5QXwuq0kA+= z>U6CkGBlvVbDR1Cw@MKU5^ebT}Fy$1^lGlJ*cfR=YEDe6^)JDY#`OrS1)4V4qLr!$Ll`3?cDN}C^0K$J9HotApBfC~ zu(e&&hFY}2nR!Jav{wOTxVo8{ZfdZuW68OV!DUow9%j*wSJCRMmxs$!np!&o!bh0^ z$;H=4WW4*%QfCi&Dgq61)Q!2NhPk&2G^unwLLYYdiKXObr?L{)E#<|sW&EP z>I`S?Wh zLmnp*nJTW)4|Al7y@3vJj=Zka<4Psi%=FDkXiK?q`mtPJ=JlZ+ zw`gDO1(@C)J>cruNuL{79Tu%k!C>l4R&Mfs{>WGWZ69Glbrlx~`pL)ua9z+{CQIA~CEO6NgkcbnxEp#l**e2wa21+~kwEG+2f$1QYXCk45#S+t zdY?CiTrG6lgP~k7o=SXIFgqBU0=?TA(5CAwgl8@;t96MF+z)hUp@Hj~(Vj{_Ygr38 z2dz-4GoW}A+XAE0Lil-%Ee?6h71|(=GbN0t9V$`)g~XF$WBxsL{@@$G^}?}VUHi@3 ze|p7xH9MZZCK?!2{EY?EA3fog#~juZk1Id>g7YeirmeW(udlZzFKyX#=lt4t3O$1# z-8f_I*WY;YzR8c@y`#Bi$L(+2+OKZ@-;H#84PWMal_?!$KOi?#o0?|g+N{>xUJu$6EDtm_8CgC) z0mZm5n!;zbv@UDG?MhLQ)1&o4tu?lQclI~U4>hWYMzUD=Yk-zplk6AHZS=#xRPF;S z;Q`}Ya8Xg`^(Aje9qi1M>#R)he}DfUU_hNu4+Ptk*;v^dY1qd03TL|M_`hIrj&_la zKJ|Bz4L6pwbMfu@MR-or=E5~Yo28ut{|r1&hns(o*#7cQ64LE1i`M3z;p;@}0uc`QNL8*RxNcwd7>U$7nwrCCbJ~ID?NUmDM^4r?&@|Adgb(~*MR)6=| zeg*<)0ZjZDwfbgr?~-noG(NOj{j0*)oPh&vrB;Ky{8n*u>Pybp0N@kAOZD$DtFJPL z;SXZcHpehMPk8t}4xzX*KTfg^N@YR0unfq#~sl08ZI4ZPFGF@kHo+GY4Mw}M{Po7oP9huKKcD&O$t zm(9~yFz5H8-g7VmYXQ+b^eoKZ;4cAu;$$czf6v}9`l1|Zhf52_VoU_lA9a9p9A?2d z#MGm2_#O3tR)HR>L0|D*g?|kQXO0?)uRyLUNi_~GF8rrJe+suufg@t68KF(+2`^@L z=BO~kL0JCp?{mb!#2nG8x?4E0&#~P9E9!p&0}qj@wpuk`Z0Ne2+>=*KU-7p>i`}{= zHuMGreG8(~ihjProZQ7LrdxtpHmfCD^Ie#eH$2B;v&6<)Ew(l1_|EnnWeVx%%gwTA zYixH|BO2`CW#+YcSBE+u9W&*O`_`Rtx%Qnet-kin*u^s+`&fJT{*x~#_~RqLICD*` z@KRqa`+zT&_2QZ=>~5?@7@Ar4`X)Nh{_f1|NyI9AC{_p7k`Iu+T9NO|&B>Z?%PF$X zpI1@jbJOD}$~zARKOjO2x3*Nc@L_2L+KXV;EPz9hKt-9agdurFecM2*80I^X@mWPC zV_{;mWM1PExl1{F$|P^4ucE?Nc2r^I=!%MpF%{!{<9xmg;H`qUO85H0{}K3f__GcJ zzb|GPY(^CNE-Pl~hrYJtS!38k{`#z6Rd2lK_Gh9S<5SkU?;P~cmv;PpZV}JRJoXYK?2Kdy-7RR8??*oAXXy*8`*z0MtlPn>+_g_hgiS@6}hTdx@ZcYoVyXH6Qt zD$=rR-}gp8a9MQ3P1j7hA`<;}?Vh_%`Nv~#xEANft`3FECk;7k)#NdGO*`NF+wEuE zedj&z{P4#YJnegL{3+|Mn7lK7QpdO-+1rLAAa}{CdG=2w)&X*uf7rum5F-^?F||>p9jo(|49{#+ozMOj|K! zDa;zcEZwqY%gS-PT^aKe>vU}wH@3F5kE#zfje@y53|$Odj9CuZMSP6(jUDN$DM!4| zZ#2|mvCa3*^UX2*KI@8UpI8Cp=k1?RMc7wBz>6%Fk8M^k)R{9lD`v&{$)*9Xynn`$ zx6hup^-njH-aMeu-uU#1@%2}}wJy5twOjw}dhFc7-}U=Tea_>*`g`_?tERmEv!w6F z@YE$<*Kbb#pvJXp_fMmi6R)seKXmgw!&c9>ef2l*92|H0$!pGA=D8#E)tX-qDZcbK zFK7Mg$`S8u8d7@tpLYGWZorzQ6R!MGO<J3Wwm|f!|T5{bmrfVdil@i-g@(@@?*Za{E6fLIw>-4`}!UG8pdkB zKlsqJBHv|>(!c)0{#50gx8Hl$MX~puTfV*P^|yA6eDzOXUpzZnJ|X*rA&Gg*?-)Mz zl3TC--eub_xo2W<%}?*V|4YCB$M?_Nwr=Ex)5rb1Vf>}1FTQ#8jsdrhZ8S?*Gn$QUUJKgPYv*l{KlyV95?MQ`$5;febZLiD;JEg zB-Z`)?xlq8kBxPMNbIIqt6~`-883=fx?5{`^K{!ab37<(K?C zZ^(6ZSDtpI<&5M1HgWzX$2~JL@1z5-j9z1X`{OU?{xs|D+WbpOp7G9TjSL&K@`>bC zyU+UD?=QMJdV;pRa(l}?i(Y!A;;(l<_gr_quj-$hCJxIlEO;ZkId^Kw`uMDeSN`Fw z`D=!rIDO>|i!Wxs479&a(fvHX^O|R65zXo`SbWiy{}Fl$`>vdlSw$zMjYH0Dg+|>J z8kK0^-S(hYx0(W_0E6;_{*U$5z(OTxKPmqh@m63V7zhk2diIrD=G~t+;_-W5*f9K_ z%X07i-3{mea`B+-HybY9TRHbc&!{(k;F$fJA5Q)8!d=_SvpRmT^!;BozkkYwYX=-S z{U^I?0(Z9rsyn~8roP|E=O%vp;GbT$7e0Ss*SZ-ey;1nHHATyQcHM-({Nqo`grKF-Jv&zyz=PjtDpGGVssdADBp z=(1tM-rd*y_^@w|_~yj1v$pO@PF=Mv_v|NjuA4F{eEr{A4t9DMj3`>T`1+eqoi#e~ z`}$n@?ZUbknoDf4lOkd}9sVhc)m`pDQO%!P>5fo-*cZK>z!DNGi|r zMdQBHjOwhG0i%yp9T)FFYkm7D-pRx*<@&bv@}=Qs-^5e_R$o%G7b4p7L=~KD4vAv#x+4FZ5 zeCzUO2c1>&{`kpP&fRg}M;HI;RD1bJx4b^#m~}fJEM0cpxIexbcxvi|&dZK}zo`3r z*M#F&ANbXY*3(aZ?CY+d-nk*W;Ff($|Gu>R`ZXt?cJjpwX4D^>+t_l!O*gz6Kd|MS z@1H*WsPLT;9*~9{c&mdtST$g+KIPIcM5}n#xOt4*J@r149qKJmM5@<4yOUziMeq>s>z% zKRz)#=X;iuhn*Tbt!QRL{+1uk{9w;FzgE)PzkAwUm%cXf-?CP$8XMOzJA0EH7?~5FmXcn448mkmB62GsWgEy-&@raDx9#`}_Mwr8C+p z2HU(7)^=?4R{i7mH`c8k+a2}Zb>6a9u6}*pgY$d?FMeqGlmkETO*UmOsHpN)t|^Xq zdJ78I4vGvs+?+N~JM6}6F^jh4>JJ~yzp-P{w|;lkV>>@Sdgs_H2RYyRiLdtSEkFDH zw2!X;_0p^*e;DzdyO!9m%6|N$TOaRUIQ*CY_{-Px&zQP$eaU6RFL-w2?5=WITbDgz|Uiat!B@T?_g+-IYm_$T>T7QpzO`$^ z(^rfwIo5XW_h`G@uu)3?7{ zd-*fZ{qfdEp0aE|vuexBYrgb@9iIHWZ?^|7o$&U-1?6XL|MJMlnApRiH};2LcxvIV zj!Asuw>MnZIpq((JbBXgCze0(`l&_xR=@ST(L4TfbH6VgbLj26u6gjD?r%=``R(66 zvErkW4Y9Scqel2*M-59MH!I6h5j$!i!irNpM1jOn*$9GKS5|L{iy#P!fO4rKAZRFxN)eRcoFJ&zab~_* z>zj3F%|Bg}~5SLn&N3`-hWB;mqK8 zWs-m_3XMjA!9H3XBO`4Aki|eDt9h{_g|S0G?BIXImWlx)pq!AwnEAikQq2HxctLRV zhi}#Ufk++VXa>$sC_#Y#>+0ObZuVZ_xJ<@IMo2XyJvp?ps-&2tiY!_Trwj&v0>A;{ zdZf%;-*-zK4NeS96MFk0!Lp4IcSq;EIL2_$mkWWuoc=qHflTITgt@mjp8T z*kS5UGVY^$LM*qG-HsX$O)6J<2YyOOBBZiDX95lmZKQ~{h1Q`&m?dX(+M6fE0 z(OfKL+{EOaIWq31<(I)Cm7P6}gBoqi8s-Sej2>;hrd~XCR_;MC9-3Gp!hdOHRS#M0 zUIgE_G-EmKKl_ZZWb2{p8kt6$?o{2aHN0Wky=i&=dMh_)6>~&!3-#d2`b0qm?cuza z4I*gmiD%g@6%&!IOsjc!oow#iTQ5?wiu5*?=k*Dy4M(nrsEP{*Q<5o!NR7#t+HDRl z3M$>z(k?2eRy9FWT7`98%UTW>58>^TwkcxP3=^#)$k~?+96C-3mzE}sF&97c33dx} zwpuzyE zVOL#cCCREvqyOTzn@8z8S*bK>bTgT7HD}#3dJFHcxn-5y{mh1?da@6`7^R%R`w2hQ zKjj(u-WrmfjL>~E*nyxsK8qHmZ=Q|F+iGsSz8qhkjlc$2AoOP_cwG)HUf;skhCW^q zh0JkNog^5fldt+I;_oz<1e|-%;|sfJd_kdHKG&Q5?a9$q$Ti-C3IF&qoQR;|loDC8 zyeIo;jFV1dc+ZRZQ7zsm>*s~AYs2@0%a7?SDOgdGG-F$&{d$dEoO%4`_KdzJ*ek02 zVCy{rL0?WD_ZxPhTs`j=6|P?EXX^fwJI^gyD2I>_5gv3>hehE}ZQXvJVdHEK&o7luUvGxWYlh(Vb=?c*Mev(%i=OT~w5 zmwWwm2nLOBu5Dr7+sSiHoh)G)r)7MVy#0tz@vMpi);Ousp`8MEc=CdyMgQWsQGbfI z;^T-mWVE9?>O9=C{f4(xyM*eI`LH^NtFf)v}bxKRVG$k9fhPe zMjZQsTSE?T(6D4~IE%p<4rkR4{2uJ74V4Y4M`Pq;rxM36;^z^a zO42YjHhjAP`!Vn7HT7AUXXaBBbb=GJoirX|vy!(=RgoFm4TW?1HD;2$GZpJ2_3pCgq#rN1>-znzMYM zYnu)0S(WkVbGOyhif<=6uka(ZR(vas6xk&`?eFD>s-fWst%oVCNSfO-266jbdY7D% z#uUBrc~$FVNW7nNf}W}GWm{`T+Y_I>5ivOrc`)#*_F#(>7D&-99R2(PD3$)8R37^- zl_ad4uRU|1S2Qp0uq@V}-kSd&mi1LPL2M;K1kq@;6sVgZnciti5SxFos{bp2o1HGw zd0iF23p-KJJIsHgiEb$FDdFw!l$3*|UV6dZJyK@tkZ3QhshOra1$H}$FIM_pE+5Yu z`CH6HX<2OF!?-5m4$xGmGd~GMw=%%-c99;2@v5~&88}Z$mX*$swWOmHZK~b=Rt6~P zJZc%A^f$xwBZ5W|vi8uhjvIsk_uJfMH`g)EQi4unmk!r+giDmiSVo;<;JRwKU4wTJ znDC%~V!gVZVf5sWr9@NR<>!s*g)h%!R?3PR{66pJPTPYK^UFYWO9?lkJ_(Fe&c+2l?y!}7&Xn>8;W{!hYHKt{?L|$%q47xDnELS> zQJ5u+&bo+C36lZ7g`D)-Kwy!sbWj$TWE}lFh7Yys@HfTy%Mpq?SW{& zSWe$G>_}uk*DB9C&LQ2kj}@+XyiBcTjpwAzSY{4efct}6;kC629y8+Qdjj_y6u41< z=^JwaNf!CeZ=m1(Mz^5EG|q3uhTBdZ+0AihG&Ora~H8FiE7#5 zc7KfGn3GpTf3U1~13hZCJ@d2IKzocOL5eylHPkP7Eta%?Wo;_|9%x_lrJa;7n`(VZGh4Xr$>5Y%) zYlKaN`uUrb@>&ozOiYZ{SfMGU3oW(`^H7X+C-YamMx?xG#1?x`eZBy2aiaOWayK#87mbIm-PvJVsAfd4Z z+7?$3&d$x6lJ2+ty1HMOBL$X;8LQXXyz+&5UUGw9%2i~F_TH;gm;adNTX-j=f)&Vm z6%=IYF_5G1CMpjl5!u)~AKoJ4r#f)@eRr8$s@y(@=utmMBi;13ao*R-8QT0QJQ%9D zO(e|k=KHyP$d7{#gYgeB)(5|RlKlVOXuRM6HF%Ab6yzdwq)-l0RuZ>7!_-IjdizQ* zc77PQOL5Xs9b3r*5p!%zVbou&*FPk9$-%$%B_~-(*XIHF;PiVK1tp7?m5{Xfwm@Qc z0T2pczcU*$2bV2gtS6@<&8A-R&8_lXz53|Ymn(y+RLk_R z1nv%B&HV6JS{}G<%(AdYWAG)xMBclc4$f$Op?76@8iS8iTUy+|5k!&193*h($?m#9>`zJK_ci1)E?pE}O*Wr#f z{;6v$N-&&7E+4xy!|h{iZ6aGe$;{J0?57`g06m0?T>xTV1F^F}Y!ewWL*YO!ZJP}P zgC;ck6)X^0uHZ+|y}M#KLZ3ky7{wh9#9sO@_!NG9<3Q$IbLF1WMH$P!rKri};fF)! zvjn?wUU&hGL2*$_PL%ad_0$h#PGoUV5=xJSa)q_ZRv$uAqxtQICkb59J!Od61l4`i zX`Kg!LVZWtLM!ELBDELGZKRGUA3~OBtOIOM8@9&^-%t-9F{ukWLSK;fv4TT~t2vAP zwq*|HR{wi8;j8fh3#AAS($#Zn__}^%hTIjmU?4F$+C@s0%f_wkZt_dbB&wTB+%lBH zj6yl>tbl=YF-!h-y2C@`$Es`YYjg9qOMS!6`X97q2|b+llm5N}Y`46J`?$(<7Y9$d z)6y}CP?^kk5IO}}UuO3#-N%=8&lFzo93*sISv4u*Q8?B@!MHTtW+ozX+K#qAnV*Wj zkvhpX)ja0etg}X|mBW^$l05Z7Tnq4d@tz|b&|jXddLh0q9)c|xTuk*$g!GKUA0q7d zS4Nf+LLv2@ev^ZuZ6#_(T6#~zWJT<)UiX>BXhhh@q}t807H|xIcu0}qua4MpFEo#TJ~`Ki2TvBO6QyUN1Q@%0bbz~OO6w* z^g0wO5+CdBI87d%YSzy!Wh literal 0 HcmV?d00001 diff --git a/Modules/AzBobbyTables/3.3.1/dependencies/Azure.Data.Tables.dll b/Modules/AzBobbyTables/3.3.1/dependencies/Azure.Data.Tables.dll new file mode 100644 index 0000000000000000000000000000000000000000..9527e455da9d3065c8fe19876a2a9fe985941f2f GIT binary patch literal 399392 zcmeEvd7NBD)%Kmc_BKmTPxmA14iFTQ9P4+HXVxqP?(8AEW#z{fg_2hv~O@!__^zr5qh*R8D&o*($H z4Ng6G@bpv9JI}vx@U$}rgZ1YPu03z?fFq9?Jl8+t%z5qYnVlonM;&MwhqqbA;fIEA zi&Oi7F=sH_wyR-0=NLvxV`tm0VGP1O2xu5x;x=`@iD3Ta?-YaspGkQr*C|(!l>eGA z@@i`1iz;LC6fHnJ|nDfkabM4NZvnXkVP z{x|&ui6TtOihL*k1`Xqsc|kom9Z1O=%g*BeJeg6E)$)14ndkT*WL}wP)`9WcNp$-$ zIQjP?%FjRM%`_b2sMnarjJqr&E!gJgbtwN>(>twewmEz-YQMb9RA8Agtx&v1VOPs| z1!A=sM&4RK-!S?!raNzzTkTbcl1^f|^7RiRgHpM-e9_>a?tAR3gReOD*ez=kWd5r_ zu&NB6p0Nx(QPg}-0M6(4ZYm*(p^|2o={ANgSb(H9@>8?t_EfUtCA$5?!C|v{H4~a` zsw0x{B<(kQH~md`S?>vvfXxz-4keo4Me|99LKBl-h`>e~!!bm4+vPdnB910gFQSWK zDy9?1agD?w7~8bNOhisE*~k8D98DYufI{f>!~sNmj1UJ99Wg>2%^Y>w=mZ+jjg&DP zx&h(jP0Q}Eoernl7%wh_^xY1(ek4R$KZZTciVVz zF&KFDqZ833{_%(p5lDW*$xB8psT-FyCz`h%Xba!l&CX!_@+OX7DK;HNVb#yxH4u_)dNOhz;G78;Kr92k_3d$Y1pt_YZ``CRD2VF?M{#x+L zxK{W&z)pk8wZR#=e`uL z^T^A`rxYAw+9bp`V$^i|R$9x71a{5ZZiL?_S<)5ge~!EIoMY+Q-hHM0i{7HgcP z&`w-QR`@Y}VYt||>Q{lG(5L_ggHD98H4^qIV=8kBt+h9kyE?Wk%S|2C~&4$i0Cz^j6`rXL*!ZW@^2uQ z4{G1&n@qzVs`btty$X(T_Zi1<>o#BcjWr-p$AHPGvPsI@O5NIore&0 z4%33@5bYc*-(I#x;d&om4@l#fxYjJF1xJEGN__y7N~&dhjJ@7f zSCdK}b+YoO*h&BTuon`vcJDp^q3eQF! zb+>6+JqrD^TYg(B-Uiihg38uZ7uhvWq}gSf!<3F?*T0Q6!!C;BS^utW#sSD*p0W}G z|2}52Lajx2m>J#(g=81Te53Qq)Slbc!Cn=kM!%0XW}~ z+zN>Hm1l;b`%ys*D|jb7<}kG>crTnHMFs73>kon#Ww@8-?fDM@Az5ibY(n00mg#ya zbupqzTy*0f1+hpf%Gty4FMQAnwlvfGP)mB-thwWTl6PwDruP`uQuM(xj$g#O*6sOV zlmmS%YvvJf46l{;Ylhbgw8HBI+TjfXi{Ui_M>Ltj2*LJEpL!J0%cvVu>IV7)-S{|g zbM5Mo&ZhqfdM#Z$kw+>?yB+_N2+veriM%`pSJvuoQ;)+DlRkp-MQ(&VkqBW;>k!0! z5&^YGwLnq4NT60CB}+!mNUn>GLod~GWgDM?`Y0mr>Qmri$zXwrW68Z{t^a9Yp!<$7 zb6OhP{|t!`-jBX|Zku70z)KfcVYqiQrFGfSg;0*sMfj|8SBYoUx|}D7hJRJIw>=Ux zRkvU-L62#4+oHY&CtbBm?G@Wgt;*(|VQP%jUBRm?>Gq`Z3MsEUCABB%j_$_f)}f&T z%bF7`{gMGV5Kk)ZF;tv4UTRicg90hB-E_PDXThMBwo2=cEfvz+_V@BG;@i@amaTg6 z#TUWCPBtdZqETcidQ|XLS<5@Nx13L-(%NRRotgiFJlkS$*kV#!p zOgBE6?(5*MJ2tyzY!LiiD8L5Oa_lG_h?P2Z79jur6K)Rrpzk%(bXw9Be3WK~Z9BSf zOw*F}r5yCL*`3MH=M z9h}rwvX~HnPPwAK#sJuoUnisuD2}&*np(~syIm{r|%{BlU;+BH-mC4!ya;|{( zZmZi-H$oAri{Ny-y@9>dP4qsOcf5Y}1H^#SO-0V{vdcM~eKkIra*wvJUyZc;SoZNE z!%Xu6f`LKxLl9jis2GExxRP;8^UYG(GE1(41sGA7Ztp7fli1tKzM1W<1NGA111HKv~ZSfmRe|zlDsh=Z9)gIHd)i2;m zCdKd98dHBBpL8admq}a*{yt);EVp+23FJ~gn z6}nb0=N~fZ+?Q1BAjA=H!9&3kcRP*FwoX$a|1RvwTS&cFtW3-a#fL@6Ly#O|?gthq z+x`Sj2vd_~vkZl@%{ z&*^BNV3?ekhHYmnrknLR!IU`ChhyC|;j5xXBYt-vUtAN2yzIFld)jVq1^*oy{Qcjt z0Pg7TNuUkb-mH!$21l-Pc(*C`M!N@-BwJ~B&0$uHHpbj;OFfRLk!fa$ao~nbBsHIpN%~0Y3v`sE>p~wa!ba5H;=N9 z@>1UFKL3xvx0{}NKO|eQ&2Brb?xE8$kILJ5$Nv+;3$B}YrRu7^!R3%w-VN?;6`Ps1 zj}on4r8#+KH!OAGltN@M^YSTS77d8qZK$HVk+cBVg@@F4bT;$lLm6e&c zbC?xzUTGg@YUe_9DafF8lzmvA|2%TI(m{kYP?Cq0jsEN@a2r4!6fwhC@aIw(Gf3P32O>MFYXbAj3?=T`dKgNbjaV@;xC*#UwM`mV}(z z5V}1Nbo(H{bQ^S+w$icjbz{{~SJZM;RQc+PWA(1$Ag9YZzZ3N!lV9~`R7CAZ7D?>h z)m^4-9kw73N%yW!g#Q%S)s4lC7Z4>p5L%}jvGhg9qM8Op*BQX}`WG_pFo(r&`+tSE z?5>Bb`mE~spIe5i0|0m3Je01G81z_hajc#|Hi_g%_qy&2>d$(u^h#~(RaYgm*uFp!!hn| z<8stLKrl4M5QQ$Q(z=2)2R70}C_|$2JqV20Ckvcc|0kmR|6(FiFQ$Qnj2%(;lh$H; z;-%tf>DZoI;x5{rkbyrA1{w8Pq|~>{<%GahpJTES&k%5q=7|js#z^VqXU#L$ZASh{ zJfVCrGLA%y^hSPbJr@wbjEVeF3?d~LS;@uhC>P%3ynGya*-7UGoSBz&GB3iJSnLu` zC?E0yYlJD~ZJn8tWQMj^jG2_3PP5w?FJj>C&pR6lYNZPZ3Qo5ZW1>hzOBr%fhJjp5 zAySE=(Eb}}GmM>eIa0bD`KS_0BB(;DI~8N5DoQ#kN>qCWUM%%q}pTHV?4B8-dve0C!N%1=?ud4 z!WbD~plY0(_tM(sajeM0uRaapfv#1N2C}YBKwS;#xxyY%#MNYcPrr>;m& zT`h9z>h8)%n8|YLbi4E8#g&w9ej@>-OHjyn=VMG1i)bxf^lROz?sRuXOV^8}3)w}| zg$yIlyQ$hfmb##&s{${5lT8F#hFSW9bq8ADpq7V|AK*3y#JIi-xd zBN=zM$hf<^J0D>t%ed3)E{qpp$M)w78wsEp1cgF(A;v_ph}N1B=|y)|Yep*44Cq6o z8PJDFGcx&Xq#0SXd0P*GAVh1Iu@aQf32}lHgQ7S|%aE+rqQPj4e8wC-7*^rnhcDUV zmQ{lnKlQ6CR;{!&N_%YataO@Wt5?E+w}f`hs)2U(8H~9Se~sYx`r!Rf0-x9T`M>(c zE^EqHo4w+-b`Y@29>{5jGtjLa*l)B322MWB99V9xhU1J=$_t|;Uwd3>Rr!9?9Oyjb z)Gou+3BzFyv}=TRoNEU1jA`69Sn+vq zH-t{x> zIAX2lQf}XxRXMM;cz(*%d82KR^LiK0210VB5i=II10nelL`n>`TngLTSQE``h`>Dc zFyfC{BCO*+xk2&sI@YQYN9ekj7TPZ%}!lOKVEWgMJ(P@+LwqIhv-dJf9 zI>*OCbES;q1WW)+w&dq$@PRN{FP!UDQ7`o@a6C(s1H_q?b^s8ya&iBxTg7i_J8u9j59bQ|yt0O}l1lsTY|BH((@5OJT2v3v%L< zb~F>b=8@O>g;==BxYe|4+WyXnR<4)8Yr`^bFZ>ODzZYK2HsSqytM?xbFD9SIQ>t9* ziyaDWiAP0xVh3_X3}{!ywBi6_b&QA{Q^Z+AlIDV=coFk8aZGUlaRL#5C&mHd0OF(= zAr2r;juGN$uvWiiE;q!dAjOLVqg;6yD%qQPQY>+FQU}`_3#O+q6!6p*s*q@`VhR?a zr!lmVB9D~o!j3m~C6D1*2*To(i$$Ov;53J4Aj4F3N_C9WCv=VG_#h4ap3OFbGg)y34npZnX>Tlf;)TKt6kO+ltAIU`9_g zR{NtpLt5fleaw zDV)|rWA4YgIhI!pw2G*nu)67CRgv{%AC7ZZfb;ea+C1a@zUV}9a5X%ehkAA3M)Wdm zn}=pZ*qQd>8l%dHsh6Xp%89G0v@Rr9vlLbchO7A2%x$}CSH|oKiP<(QRmEIRq~rQE zV66H)eEs?O%yoSn#K@F({b@pOS6vs^lRiJSh-Jdkn_2+UO1j~6s|DAz4)0yJs=hF0 zSp6aE!ZI#LUF_DVi-gYL=#x3j{8lqoTrK9dHJXnuk1ojEs9f9jwsnCd?<=sfyNHSH zh7St6V-%)K@pK#~p^@c=KKieZ%Vim8-SP)}KGAggFAy2 zx_&n#Qv3bANT>IJsKaRAjdLL%;m$vF_yK`d_@F>Ld`Mt1ykFpmCR6Cisl)WCN6|ca zfE%Nji$=xdN>Ns#GZja)1YWat9S#I=fMGj*3-YlT`QR?pW~j8@h0BBAkewU zvEG32uVz^ynfDtjeJ%4FOtl|Ut48}IrrICA;3?!b_!>U`0q~X|GV2EdhOBrqcm{ZN z5dGwCDr|FBv?Szwo8Id|$0mP~En)}1W~_dap3hiT0&#&L!hpcxDOYsu>JTJQKa{Cl z2t;|*9A-Q&aMN%3hasqH+GTT?5yUpDW6r*Zv@LS1npW8w*vEer2s3VR5xhNFY^dfe z?y4RRZ2J=Q14epau54r$>@+rdyOG0!Qz~Fh4VxQzr#P<*u6f;bVHGHEFTg5V!RZBo zgUt+V0dXf1%WWXf#y-1(=)J43hGdm6-S{ynyix%+9m`nAmI}GbPMCA#-c@MFthHTs zZKLgEuufGv@;OAuidH^*&Dw=eBSlPG3K`5z+*2?*)jUj6R^=*Zc}yU!cWW^`xpOPW zc(oo&_E$KpxmGFVzZylw*%?q~nv{_y>Dr6;xRB}9>Ije@Ixu%p+KV-@+d>*YK_Rg6 zE5$AC^||pEU-YV2Y{7_$fs-;f<<80y*8d={2khE6x*ny4DTHmQBf->MnCclL$}OAq zqkw==WpB)sU>zxI%E2q4E3Z?tAP)HizlZ+RVU@XK7lQ@lZOWeIQnoLiOe=L8p3ZyD zOzBo4N6yeaQ$h=WU`iaA=DY{PzF`Hj5I!Mo-wZ!3&vz=!BmVSPUN*IHJkb z4#*bz2>R49EQ$2(W8l3fc-so2uRAon5+Rx4WAV)*x#Iw<=}t==wUTMYPRp&dIsWko zuI%VKY84zg(@OcP;Slt;3`VMyZqk;&hUnMeQ?~KHK=15H?u+88T%WZN5}oT z9@k%~%Y7nf!bhb%X83V|R`>~lPWVZI#qeVSM>Lt5t;cfzFU%wGF5}pPK-ZNb z)K6t1SDLk)It{K;{dD?GA5)@?>0`E-(HNM1Z=^QRP8J6cR}g{xWsG+qslAcEo=k^Z z#jSu$WuU{UWpE0NLz!E%dMfSRZsPDp2K(vgcA@3yoUtQa+tu-~(C#UWL~eB_G(+qd zs56ikoFH=)##^_-LuqFMQ{T}=OK|j26D*boW(sG%9evcq>cLj6Wv9G6E-1J?={ic! zJ#$CQk50jg~|>4P5dSA(cLGgwULj&NG)wTPqU zz^T^4#TE89KrC3!SO+iUay9_&G6aV($~o{9u*jv(g`*ea&3S-05pfa%g}m)2sbku#ag-QfH>4}LHU?K-gCZoNrFp5l>m|`X7d@!i?wV+V$%oft1ceKz& zg3ZdwY|>k|HrS+NHc6DQA)=6}SfxV7%sVMr2+F5=VBz3m9F&d1DYS1x&*i$h)#ckU zq#OI9H!=Y+rW>#n4Jd+cVDNKJ@ex4&nZbF;nkb|m{;Z~iY+Y$Ed@4>b$`b4hXNRq8 z7&|bP4o8;^vx`cHrz>k0xG~+KYMUKS7!o?+sCe!0a)E9LNh8<`FD10XG4ZCt%K$sl z)wJ1>RxsDyaz_T!TqvS~(d%lIOoDWFdrlPICz;dK5ISQeJ0P^Ku!$Y+eZ{2Y&{81jqBW z15hWB*f64n&q}{-hT8;MA9bcK=m3of(gZM_oAt_ESMY!UY%`PDs3VaG(XSuv{H-Ouy5&IeV_$uG(7g~a|PM#gr5SX@zH4=DGv>h(TK1)eBw=3Mls30PSWv@BuBk^HEOe*mtAw zG&yO1`~+@o#X6BqTPt)sy%Ap9reeazwl9=FK7&_C<-Ovfox4+sfidsayx`4}136D+ zsaugk8EL^9)<+Zz>FvkpPAB;3jGLmvw(%xZ1mx4OWyGblv!_+hWu ziC;mU4ndww-DA1Et9y61d&vuC0ZzE-zD>Q6Ii=oLiIYAomy(u(^-~!rIB?L-fupjU zDV?3jzqX6^#H_Apu<9TycAC;xlr7F=qV$^W4C>C_Rktq5K`t37nGm#;T`Z5Lik*5E zvT`WPW^vjLQ)74x!MNr{8`RYXCR_gCO;FfHanjAA&KUd>I7Eb3B2K*s+b6rNpi$Z6 z$mt5WTf-G>xlFeR$yHJ8t^MPqr<3J%xF1} zulCwli)KGwzZQX)u^M`DrQ)Jd6geiUVJe;8cDlvpgPCoXMi&mXRA(ZmPcsJ@$yPP( zz(p%`1z9ZGHlsP?(X~`s=VLCBdDg0#xF$F`Vcx>nmzD$ad=CEq8vilYH0(3tkHh~Q zaF|l)1DNo?&6H$^YW=}qkRMZBk5o3I_3JyWdVLW(%(0e(->V_>PD9-QDrtJKWwa*` zOtnJ~nKEEP`q5p+s}b)A#OrWMM`L9JD^+ea+krIiv$N9(*uzxEsHx6JUj0<92tR4_yr!(R&=(ZOng&I5go{!Gu=G2?CYk$;ppX80$8 zR`|R?JN&c2V)zGvBbrRXJY%`&Yw+A&xiILulgcH?g{GKo^&?2Z>#fr0#Rpk>avl=J zHcUJn!As?qe;X>(-;570AF5PQP+Qy zx-`Ro2(-e#3$(+33M__y6*!{F)FNHi^y#|BouF_N62zqK8UiQ0mH_V|pi`B-DTZ=m zi@}5pCzSBhcujYCd%R?9_V)JFvCiaTr*=X>$(lN#RElCm_4yh=^naL>!K%sN-Y=?# z6;-EF*E8783}HCirkHnpUMP0Hwds62oju_V8r(==)$d{*-vl??qGQ~FbodvgV`;8- zunL7ycav6l+rfnmgrr~x?{6R^9fwn{1Dw$pQKxdCcN~s!cMm90{e9pwG{%roJX(?r zUeXL^h{A|a(HTb7OOEUJG%_5w*W(j%HxY~dkR{LxZGpuQ&n^K!qJ!1$THf?&c`q|d zmXGxstSliY(Z^wptkHfw;bDd;fmWCnSPWf(BRW{^p?TBSXt!EFv6>F}KEPNVM49HulZu4qL?S%;EIC#Qq#L=fwb zYk+GK`RbN*&9ER4FV6_HL)^kc{W)PtAcRpAM={I`9MSOZSmioQ;NXPfVhVMJu@9e@4ffB9$K7#s(@eS|Cr~DMVu#do{`?LB33=!H0 zuVYyC2OClJcsUz&aDvnU`QW(!LjW~c_Dlgozc6Lb#$f-WM9MfjbECj?sICj}P6#{`b(V1<=< zikm+51U}92{Gs;gUANTdNb^e2 zb%1hyNw87=BIQh$d5eYo7G!rg9eSQVO-2f`d9%1{7hv3!~B3 zfxu|=4FV^8ngFfv8G%mtO+b!5q#`64A?XN7M<{gnw+=#0*8}qhmetFlFE#0t{4HY;{8x~_9^de|P3PQ3uU1c^I}2~+AT`hI z<)t}H@LXK0EyZr#ZAXEah&2M~PWI{4hf}r8#BTjI%1Ax`jzBB?u0T6{R-hApPhc_J zCU8WPE3_8sJ$((EQ}@R(GV>F%g;QGJ2cfH$Q&W+Cte2-J^6>-VZ-zeHVf8bCgt17T}E*#DoQ^C3FCw{+)bxW7Ov+()1tE*I#8 z`w4{R?JJIAxR<~Y9Z&72GenUfMfGm*w262%N(Ezk-N6=;Wt33S541tN`CiK7@E zEO11}Q&>V~<M&UUJM|GoM|;W1Iz5(4{s-Qi)2aO5 zdSmUiS_fg0X2PFKTQ$R92(-dq3beyt33S3=3xuBkMmwDFx7y)`ztavc{JnOh!arz7 zI{c${WWqm*qZmFfa73r3ut3e$L0|KYwUq2_y$*S+{}};1*!cpW>x6$Hz?Rfs1=``? z1bX4$1*XD(2uz3n6qpJBML0}q%N?eNm)ELTZb{3|an>Cc4w^z1@4ODz9Ts-u?l>aU zU*rda33kbAJEk-j&M6z5aNhP9)Sur5nz^a+Xx)Tk2sS;yxNGBEcksapBNqVSc({n+ zDS&Y|jV~ue49^14CeiPqtVQ`vKL?!Ojt`zVL~qdn7Z>WT(hGH+@b=_-usceVGgGA_ z4@d8w-#`x&Jj)?+12VTE!sFzKGh@$(5teuQm&-C-8xA)ihAJ?AF=8|qum_0tC78P6 zvZ#5)Gg)ing81d{|^rZ@R($oxuRkFbmsN1_HI=US!Ck&nQWk^2zZz+d z-G;GO<2E3o#%<trNwu0iw{p6%GFq*wEb7mE9KDkC01oQrj>yXEBMe>sS3nPa{}#fp1@)_U*L!) zqaDSLfIhVVpK=*BVAU7W$$Coj{H(60#^Ht0J1_#uZ2fjP#@#n_I=%=ohQ=7ecWGh4 zOcQrYYuu}waT$V1*>>XI*&6pPjJunp%MkUd?Zv&THSWe{T!yH_qqwF~M`_Q|^|?EE zhl}xHeeNO93YQ49!=(b9aG5~#&wFZz6TVVA+;A`L@WQ>tQ4IGHIHFndv0c_ZeQIBP zSZAJr8ZgdfJF)OSD{cw1+f3;LH&}_0&eG-MtzLaU#L0HJwH-Vhc*!`tTQeG;B&mt8x&^h6Z}Z^!rm zwrkHL?~!}i1sn)w%dQ2^R0qLX&6|DogW(7ny5u4WI7A1`Oaz=L0f!<$Z=L1M-b5&D zOv5ZC5c7x_CQFql()&OZv4G^f*(-iRglxkXpYw0$ghLz)=-v5YuEs9Vv;W zbYAX8Ui4;aS6fQ~PhxtyJiSwu=YE!F^nI-0qnOPC)Q7v}#YOvLKExzhFjn6b1zW)w z6fz2i!QC*E6_05HORA&BJH%5Jm0Ym4fvu_|FgzbRFn^vkqtcdO#jxnX79_Nhe07Ot zOi`lhur)A0I*ZA3mUF>6S-VFw&&Tk?3XF1J*&S5zdCLiTY>j}tIE}otl=pemWR$O& zQ|0SuoG8`#!h0FTMSKBSt!!pt$pehfTwB;QmHT>o@{J)<0M!_hO2Fw47tMYxNMVm zwPE$?I7D6g*?;2oiW{uah@W0@Hgg@5CkrABk zQm`^?~Ll93quI$&+CRUyl3Cs4j1lrgqRS*BDS^f&12wD?#CEF~EM%1}QWY%nvi z!*j?RZ#SO{SU(RRg}G&gg2Gz~SnZDV3D4(l%;Tm>kHWM8XCZu0@=e{1ol_yZrb7N5 z?Vu(4-fS&o=V*5Dw}g{D3-dV;hsGEp!pChYyyrmK$GnBdLhyi%m#<$4LeZV| za8P$HikWELL3FJ;9gR$|efA@M4)NIs=r`u%ZQ}y^&G%$OFJ>Z3Kz!M0 zFg8mhu^uu77<)SJbTIE) zHWTV)&UW}*#yO~Dh7M$g{q5<<%X*aGZa$Q?0?XT@NHSB|!}TwPgZ;}Gpw+KOu0i{# z7$Y|#{L2ss%o_mw%khbNR7Xm23mOxcm(ivca4@qYUJN<=W96 zjA}e*aDM2Y8H}WDeiYCiPng>~JFkK};+m(S#9RUW~`NkkJQ` ziz)7oiO!kEAZnR&5uEhQxT7$q>}%G}&xymmot;Ek7>HhdNsGjoy@>%srJb}tx=nV6 zAbY1m&X@{0GeR26l?)i6^uHw<_7mcsmgLcR_Dp$9gwJ>P@5q1 z-bFCt^4G(~o_oi+@esP2LjNpzt1PbA5WWm!Lr>c|QXWCF}RPUNebB>iTbx6&WS z!K#JSYqIz)ci^)XY;R*_6*pUU#zXkR>m_c!b1XR;d|!_`Hm_MbHC&g@VGAv zgj-T?2OnJ0tqi%T8{5+Zl|`PL8mQe|$)^YAi~Ho8D-Q0;%}e2Vyj;p#_)WKzs=ouV zqOxMm$+(34rPozhw8d_{xZPEf6uB$h(z*v4j1+2%JTEm+xw+Dn9ynRt^Ka$@(dnBd z0UdSWS1V~y?WJ)ZuEqVqD*>o?O2TX#HKZ%+7=0&Z+yia+FmIM0#iHBA|B72G&%lo* z1&2ZidLa~8%4b(V#BX^EpkQi2z6&Wt4+7wM0Lpq`xq3GMB*nNxh`T}Jw#b&_IiC=S z)ZslkLX_U7Hp3WZ9pPqQdg(L3=F{>TU&dYb4eg^fT5Zp#x6qMY@>z|gQMK%I+D(IQ z*`wM`!))1yw3{Z@vfH)$R?@#+yD>BC&!v`a*1q?{*Pf1jv_q>MNR1A>+5Ij}#7C^o-o~U+U8vC~)HFKDmh@RQU2-^%nFV39G$zt3~zB&rp+=%4gk1R(- z8{xzQ*U{m<+d&gK?|@UaBQ?w40;jFAaATl?eeT~0M5o=W?gH#pJ2K!(v{%MJFHOq7L$q%Mwg0C~P4*}tS6dxP_ zKUv4q^gPj)!$am+zIEz1W0^U891Lh9k$HKIUF|l9iIQJ+!PM~<(4eA|IQ`W1Q~_-C zI!1E5(UGe=*m6|2T6ApxVPp+LXF`_i3#+4B(s0ymOj!CwuJK>Wx{5NvABJ<(W`u)< z)JDOrcDYh=T_2BtJ$|t!k!f`Y*|nnXBnnsklf}K8xPuZn^?qU`AGCYMkPmD9Fj_P2 z2H|-A$B>d<4^C-MrL6}q{5Dy7Y9(}~oJ93#R5IlrOXKE^J_?3o6l%GTTR(2OZ}e02 z%{Ipb9vA!u0uJ^nLdpiZ9&Rxqf1ICSJmo%CeEtN7lMoR$GVB>S_K6-_uI_!FP|ZQS z>Z>mOG(759WHI9=Ud6ym10(3{@y0N+Q=5t9w@<3AqR7p2B-Fc5n|O^!rbMZw5vkJZ@=W#zu?%6FQs< z);?|p%#MBm(Y(>`pof#m`?uj3ckhM#>rW!;&=^DfPr+H9SN}A?7$e9W=3y!cugQLf zp>%wf4vy<>@>@`EWWM~*0m(J9&r4t&h80+ZeIW{asu9)&d0vSySbtxP0>8vS#$y=z z5Qcp@3i}GfW}Ee|5_Vg2P5n8~to5p`z*QafUjV^}P=0N9@K*+YiIQ9LK)E`Oy`{yU z5TMK~16?}rMPaS)*C5hcj$Z=@v^vuGUxz!ZZ-vd!v)z=}D-&GYAk#l56k1!+C+JJH z-KPHyW@C0r_n7HwkDC^-=7hdB$(o5;)17_t7h;Oz0gjW4!dN52E8 zmM~GI$KM0OAZTFh#=e^WU4&)a9`!6>H5*u^SX{3EJ)p8%F`nx8vx0XZOl<=)2P<^b zThVfNNyoDinMo7REhP${)p{RDyjPw}~s;b;oa!9B(bKw;Pq-P~pvS4$oKjHExu zXU3ZPF92YIAAoAjE;$n)_~cKfSsoc$OcP5q$jodyz#Q@@K#3h$g${Me3!fr1-Tftdp-VV;N~CSOv3gE z-;crDF<$*QsP3+|;JaX~Z$(=EZ-Fv>5%KTf%vFv|`M-ywJuMX6{Bz~PBsHtFV1dHi6zl-{g(U+dcw&olVX_!PV)M6U6#=i-4e*@h{sv~Zty>>DS#aW*$uOs~6DZ>BG zaH=)JcM1N4vRF~+`L6JI33fzc|5$5;ep=H12cnuW_3%I8^Z$jc;Ib{$82Krq zC&;7<)p*tn*c`jt{1-t{-NO@sRp)E8{w8W?ib~L_2K_Uj+>%=3zT7UTo7dn!>nPSi zsGspp{67s+#?F_~0XP5H$D9PXQTiCe!i)!3Bk;2MzG$G$rQxj?qPpcd2OpOtGI-U+ z0?1W*Qa)}};OAS8$9UI{A*dIniFEBJNnK+j(YE_SV=#Khq#tX^??BqDC=_ zGg03G>*~>Jl~`0_@Lou=EUpXgiR`sBm}1mmymZt8q<*5T{J1qMR&8+m<>O2L{%Rx} z*O$KOxIxP}&u{!`!TOv$CrOg+W=(GPR*nRJC)A$&cBPGUdjc=F zz9tBM$nQeVq7f)-dj1+zk_Wr`%X-L?G}c4EI3II--22D`OQE55kd7zfk66fHc0%OA2-Q|Q zGV;i zWV8%f+e3?-ZR7opVO&QU=r>@k38JW`#74;B5ex~*rLZp+bw)K_$gicNn7!p@gWSrB z)US==K2WCG@91tzI&axClD(cK^O1NW7Hd2aYcLs0;X;w#ZqiYow_BphB-n-iDoJoC zj>`V9*`p_texNlzW<1FZzjXWyTjNtD5?ODJk1J1^jigAVzgug3OrEAsf2#P;TP@|M z7Ph9pwTY5S7(q=W(tn^e{uf%)pYM26#wXcEeiEG4wQ}O3Wg;gKy{u!()^sA)ZmqGf z{hBO4V-dBHpF}K-l1YWxe;S2p4DpGmm_jC_KGm9FL)WH?itVptRJQ9x3Cl@c8yrKs zY8oJk^!IONf_2ekfnO#QEU71R!cL_%Cl~&OsHPQwYj+vhe@W!zkya*Oe94?l#pJ?P zCX#Hk{gt9RNu;`eYXq4pH6u{qM9CB?5v#p5*231jG8R!A`ANk3CWO%JSA5(-%v5)D zEPn>7JWc$ozq&~dndyC5#FAzR?^q3?OimKF1<@9+V8+Q zWr~%>&DdLSZe@&OiIrEM1+E(z*vx4!=hr&`k2&B07>dVaK%I22{~+#Op@_A{O@9=S zZ&RKJcslX40*41G zYM^b6n6#uCHr=a@(&^gf7)@kAwulh>Y5X8tlq?<^Xl79VIAl(KtT+zmzR%7m%PUwG zUiji5kNJ&^^*bU{)m*TtS&Z^;JKJJQU=Bh{3vy2ID8lPI!MCB)Yzdr?!0gO8u#9VT z@}^jAR&Xk?re2`tl9sv^<+gQAafe;K24;>au0v^fVpU$Rzvi*J<<1SRMfA7?@utH` zdh@}mwUx1iwKK944&j43qr4768E;@2WrsqD>T_cn%ijgg49@cVdm$rO17%FlSNKLN z<3CLrf(<#$G6we4a=;=fvp^_P#b^5-LLgU$oDGYH(o$ z7ZG9$gqf(i3ZqM=92J9AMAF>}7svcqMOYNlC0$Gp!png$^`wWBa%=*RaoLqTaFjhV^-hkGCF8(TgFi zJvgUXs^d1Dl>89r2G-ZL2H|lnxt)g-oG}KkPO1|j0$$qVasOe$NF$cRNsYj@y^N1b ze33@9p!e5kh>vK9?=gz+0JtGOMzs6`Npj`%1h#(=De%g<&ICj$yj*oK@lpCqSrCZw z5aJ+8&HGULAWF&NVe~+h5?e&0iEt&biKi$9ZTp8O@dKPC#W;e01o6q z&-ob#Em+V-JO1yD{|Dkf!Z=t@kRS}7P$7CL}Y$HFhG z8s%Ow)ygFeddf0U&4DBh5-uXi1Qjcub1+wx8LF4U0*1^`y@@kar#VA)k~7p)xqckj zwS(>PWQ&J0)haqtc+fSaR@0fm1C4sJy9QohUjtD4Att+cqU>E5mGopc?VkXAIrt)! z4(wP{iFbUih1t6S)uHFVZ!_k9CZ7NP#@MN=tphI!u5>N)H|WGX|5g{unaiC^Lr2GcU-c`yu^EoTm9MhW*V>V)egFpEzfz)L||>Ss&~ zzgO2l{G1ygQU0;^5ue3j4a{7$Fe1aio_1w~?VVQ&oIdQs1iRoXLsxVNrz9sb%E3Os zBid9|7zCH-K*~9|vBBVEcsJYV5+4k0zF&!Xn6SDpRFA!t&3(p9n)m|b97MFKUX_)`UD+LcOp0WcI~@LeExYL z$#=+3Q6Y~<%JZ^OROmLlyJh#s_d!4p_ka{uf-4}Yp;gzuu`QR+S3P*E@IGt$=Syn- z1?1T22LOcvs0%*YNT$$Z=6iJff{yFrj}jF#hZLIUHm#I|Qx!TU*Z3VVyibaFCpAQsI-y&v;B5S$y*e3n zY|HOc^BNW((i#B+KBT2?W}UDvbmaGUP*98|66uuINOD%FR;=jS?jP39VDZ=UMXAkIAqMpxe<%5w(&d1`RR{ns@ zWG=B#&uWbap^ml)HKu#*B)Usm=%XTO8iHsT5y7Up#GvsykBt(G^oR_ z_TT~PPc-n*toKsWMA0$H8bgw?eK8m1e;4#DcnrE(zYHNmmj4C<+rJzDyOL}$csmnc z(M{9nK^%;1d8>X!lHy8I#OF5OgYaa7y9$9krTZp8xkUeFMzvfVW3x)@jxF&x5u2yw zUyT4&W=kNieUR48;1!>bejfY(JRkjMfmZl}z+(6(fg?Ittwr_Wd>wu2QMPhi%9h6e z7BDZblb-+{V`C1UW-V<5c8o2UXOm2M-W6R)-dz7}v|bomDE=mp@Bz^Hcj-&W*L#KL zI}Ms^{w*3DHkPHFa>?u&x61P(hGW=L5GQojQ)M@g07gUUQ`jHf4z>TPb+{ zwMZB5crz%a)}iRp!&q1&zz-Hhza0`qWhdO+i<@B#?9trUx)N#KHg#IpAzHTbD$l>3 zX{Bm-SyggEE3L9yNJ8<9tO#ZuP|UK;RF*Ea#X@H;KF z!gU!mWaIXUJUNJ({#)_QR#3TbgCnYM97=dQd@_n^UckHqn4}!OJVhBfm?q`0$B|7r z+<`pcf2+)O9^Q#)*~(hae-|9hJiHq|$pcb<58SQtSr%dcb17XrZ3*=J>rA8PlBSH- zZ_@6=L}`aaQ%pTti%q>J%D1IaK2v9_v5QLG!Tu@L3sw+3vF;>vIX(y4Z}iO9X;B~c z0^d8qx8;QIH_)tc7>+=n@O`?8;QAs0+T8lhsI(Bqpq$}0 z;ok*X;Xef89Z7+BM^fO3CR69=euzHZ58;rQw3}Oy9$w=@g7G=u0LG#Oy_Z4Sc`Kaj zR_T+z5_Vf7T6EHv#qu|@hr`+h*MnddeH=B{xC5lUc%}A}#KPFY8oK^{4RHVg3q>Qu z!FpsHuux`8FK({d0S4-3q-+JRZ#Yf$C>Z*;6Ybx@Y^hHGp%+W9|5hp(#fFUWk0a-=vwxRZT!Z8^aefy-i#7!R;6$(cB z%-<oM=?zI}qK<*(FMdSW?-J_>c59RNSz`5DtHHOL=!Nw05Z zhND;1N079ZMM>;v4Y+r*Y`iFg*KS;u#6O7Ks^cn}9824$e@nPWaom#GM z0-yg&a&2psYuj{kjhjnCt|D*ZTgA%q#Qo<7wT$kgj9!%f(G2m6Qn2H!uuY&HngWaA zxb8nSnL1y~hCX$FLpE1~_lH;~mcjwwhA@)v-PdtGxm6gSN2Eo2_h8Iq{maRnUiA_1 z)VkH^W^`Y2nS&p4O~sY*0dL8mD@oVA`>cG%K?xw88X`-KUzyP`#QIBD?j z%C0$fd>@Tm-&Yuf`slHPxas@<8th6rqe=e4oo{n{cwtOh?_p0W*&bu zMO@-uPTU_)5tq1^6Za=m#3gR}xUF^5LOZE$wnNJ?W}317r&HvKxasrMtjFi3h)dk` zaa;4)LW^HcYt7?!XwRES+sqRzf=Rkd+{?{V3++qfsfBhsdHVSjc_QxR=Bb7D?uliG z?e%LW!1_AH(0|j}UL>4sd;NmgNw(K7iJfeF{Yt0h8q3=Z-Z_9>$@nd{*W@vp%o?^A zN}z2oySl_yFWTt$utxGx^p;iS27g7c?Z?=MfrVW)Uc%H+-*MCffL$%)y%F?zcp^y; z<9%+B8f4TM+qBZ`YM-qv5LfX#BHcnnU(5-CP82vt0_oF%R<+#?76NH$e~Z1xgRYUm z$684kb`o*~q6HV?BLQMD2wqHvkr*%QJ+$dQqQ{&^IOeRAF~tne7HEa%2(-g<1v=q* z0*m2Vfg_q+U8u(%`qZP1u?O=c{$4%C9$VqSJqI5OtksIc)ru(wpM4T$1K*{D5sDWs z@#+;1$#9aY)}f|idttpEa|W9~dNQ@u2g^avpN}y5*J``LG}6XJm&P`PV=RDfJvfza z;oaWGg&HyJvv@qbsa#(0^M-Oc)uoOo7d1qb>lL0Tmm|tWER~BQnWSAXxM|koA}1_b z9%G&;=0r%Vm@zx}IAZc*UnA~QkTvk1U}|!0;m%l>MKcnVt*Vg-kXgdFVx5r{28e*O zV@q9xddClI>KTHzKUYEK4{3e+BvK7$h@O~XpFk^|DbNo41v=p@fp}(U2XPd`UV$Sz zp1N2o7Jce*@Wb6#Tkdv!6lrj-Fl)!eT)|PeiqTLryiJpsEqrZ)p5ezezks~rsZ9An zp?UjNRwQ+#20kwgt^4ww_oYqo8T#9(jlM>nyIdoo)1A8SCK; zdp8x))bmuj~g5(#qhCz<6^WB7_4jH zT1JlMjItqbkzHd(c|PKa{PdjvVC3mhEuYU&J~gRsGn_Bb3g-#5Lo`d&L@}%i9MNQI zSc`)`^*M?|)+1jBo*$w7RI z+6`_IMcIi}-)sX4x3d}z;J>f`HDl&My6&m})uWpF zzx>2l|6Svn|Jbf;uBkQj|6wT>+rsu%(eQY|GQ8;;+kASk)|MdNCX3P2nSzL2MeNw@ zleM~jZ44rIjBZ+kpvUi(YI_iCdb9^Y*E9&Da4`uHPLmMfO`Fi6P54O^%+WnLb{=un z_y<6A*#BczqSncE(4S9go%}refeS_F%M>Hojs@0Z0^^|lK&|8;#amHg)^cC!-QI-Fq+D2w&hnpPlaZ|Xp%lJGvEqZCY za%p0SzZ7}GI@HUzD^D}}qxC2gCwecwG45|%<5cMO<0!|!KWCXjw_j-JwhOuI{=PIP zp4+(4j)`MHr`@{ZXeU-2|J!ZgzopYHqZ3TyiT18u$7VpQH6o)H(XGY^$6VSK)Ym7p zzJ8JVdYLGj8D1gK3f~|Qzx^!G3EwCX`g)~yIN?>=;f8M#M==}|IHEbJF|DuksV_J6 zbur}pH(l4VG;klW}UfOIN{k$F*Ox&uyzR;FISz$*lG5+uh?dH1! zgQ)AKz0{FXGbRq=FR>i(ztObNLDTlePf*GpPlwAcTYCOzqTk^WBYizypg11`R!ftZ z!eG-)f&o)BiH0H9oab}=$FEixpK9%YFv-NK3|_&Quw#|Ok3aviv1*b^>{z9u(KQt` zd!SU*1Eqpy50r{}pj5&NZS+7O#G)X)iE+`Z?%CnBPMOOoU2on?&zZfH%$dFByq8;y z=5WKpO@y@87`nbvB9PAjqanTqGDu*hgK3z>9q!V*p^J%dncg(QWrke9>(=_f29FV7 zU^;-ad9QL14jS^|2)vdRonA;aPX(fB@lar`BaSPFJqk_A=8?hZFvo{+A}NkR`bk5*mlg;wjA3L`$w3}#;0}v_!W?cACS(?4DS!kl5Oa+mKoarZ$tl&w4u-HHuPU? zLnn&5o8hSft?(p)c6hQtCp<+U+R$m*;e@AahZ~-u9bR~*cBI0y#8C`S5ICZFt2gR4 zM4$S4vJHLiKW{_cv~B476YY-HHgv_m*@ie~(>{6}d7Z)z-u@a#;@m`Ij@KN8UbY?V zwA#T=aujkg7j&nd3%V~k7i<}{{|!5~Y2V7|qu27MH*VQ?*U@KUHp6om-=N;TQdGnY z_Z4V`dkM6|y#+eqJ_4b4%e4c)BBvd0xW9II;Q`_(hIr2JA%sx&;-2&5Zf~^V-Mgzw`V$W{0w5MmJ{X) zS7d>oZVwdF#E%; zaafemZNj`APygPG3Myo#+$V{GrrRe$cVp~(IOlza@izQliT{|G=!qd9@!0y~{apiB zq~Zle!OsG&2;71Mp5qT~_vW1O-`P8!G+Au)08^aKi;nW0fiCam&FNYf;dkRP8%{$S zd$eEHI{Y2fet3u|pcx(}5Wn9k5I@%`5Wn9k5I@@~a72@f8a{UsA$W%JG=wfYFT3}GM1wq7*n10ItNwIa$;yj{d-6q+8JEe2-*gW|9zsJN-y3q z`T?D8-o~}9jaZNKe+WO&HORR31M~$B`T{5F3+(2(vA0mwylKyk;rXU$-|fxD&iC>f z3U#R0c=FrLF=7$)<*TTVgniN+BS!yC8^56;Q;ZQQeb}?9AuYZB6b6Lus2eL@4Ha>g zUWRfsLuESJ2$f@Ks&1jlyIL^MqKk>^{JRtDTqxxn zvIo}adpOb5{qN6>SLB=hFZcIwO^mk6PmoG@yXd4DZV_mOcL=n@I|Vx7T>{bn-Yt$| zxLM$cj;A(iC8ke32Y#|2d^Xbfuc>s{;VVYXezs*xX-9-?XMVT|3BC0EaE5X4$y#@K z24*qxflDs=(cfV8B;(d9eLooQ9FlG3V}@p|l6~f5X4HR%e5;@1Q~w1%Lt~m6x=9{T zan0kmn#Y_O!UIEzaZK-|sG0~-TjTz&B`%xi6mc~XkEs6=6kfLRW5BPswu6_s z@q9m2EIQzvJj*b}Ml$Mt!`-BDf~?#CM_c-(h?^b?-?C8SfcOgz_&eSi!er$!EgCs8_g zBMJ1)$#aB*UQ^*->C@l=UH=v0hVK#8HN#s3TH(zC?eM( zf5A2G`tJ}lG{z8hEmF>UxWl63sq5e`dvavDJ_|PN294KesF9z3{B|YcOx#bjWrE4hr@Lotle5{kGj`|_dnio*Zb{97=5pc&4Fdck|5r1Tx1-6 zX}sU4*T8TqgYuHI2iKr7c-QR)fmV2}Ks&rnpc7s%5Pj2)+TnyZX@?uWRXe=!ZQ79v z-!6_~xJlrM=B=*RLZ(k|&Nj~v{$5&N>)Au%ra!CKjQfWv;u1G~T&9CXN#k48E!H+w zIu+@>)vEK0cbcs8c#F^*Ucw|UKnw8758()VLU$9^G4 zXQTcgDlYxjPRPf%kq?cu@SBsBF4wy$XQoQ(k08U(>}5Uonzajm$u?md$AO-Iy_^1y zOb?X?Z^EE`%h;chn+EEgf_ecczJKG6{ROU3Qq)m!ckHk9N+`WUz5bt&&e-38<-5|i zAmdi>5b~^UfWYw3%Q!=DsgclsUS}P7(f5^bR);$D2x5hgh`7!0QGr(YF@bjYae>9~ zVSyu>Ox>u}fj)g-Ny@hu%2uRYg14B+!dc9M+5`E-{ml~U!H1cRO;5?oWpGyU?0v%% z-){mB%6OlMSAqh!A9)27zk8R6<$o58YOcN;8mDF*j@0Brl$7;A@Pf$mgZxd9`cde5 zc)5ist0l-?#$4?Z}(byQ!O`y8X*R zfzt@%CG@=drzdb-3su3FH8nrHHI20}eW!d4 z(KAxGn%KOA!ZftaR5134&IjQQbewtPlR3fj%wgc}jB+zy^1@bmP0#~`x$#9r)g#cC zNq$gp1kqAK@;*A7*dYu-8q`zTNR(auK_D|`@5#N3((XXu?~59pYtA@%2E7+Y-oBIj z=shFy&i+5loe7*=MYaDs_x3W~vm~9_vH%m7443JiutabY_ATs71R;Rzih#(~+XOW| zH^g0$O;Ax>fGCRMzON4f^{LONaR)RJ_kDYcyW#)+ox1n-?a2V~{onii|NZ&&JyoZw zPSvS8Rds4VcPCjdORQt_&K;X4#Q7=WkaNcl5n`=FxMFtuhgQxSZz~Cz#Cu_4P2vr^ z$yoZ2nU&6r^rs0*=p@PUlJqC+B&kdDhlY!HHYv|y^crQg-4QUFJW^KNxOFfltMwAW zoH;ZB+`KXptU|VfCZix-P&R5-8>gxNM{8DF@H%oizT4`$7k}CyZ%Y|0#`hW=j{nWz zwDYE?S+qPNTkv|7oW*sF;(85EE-qQKxHh}E{zBs8&l)Y>Low*bpEFpDKW}h2{*1wC z=PkI|#U)$7$;z6vKQ1CMEs#q~Y#+NQbf*F`S8GC1M2d$G2fXa*e64|fB` z@{l+~sxA`0;jzY{A>L;o$$r>E&en5yvliG@FgtqT3E)GHan>g1MH|WasJImM=527k z4x!apeHHQRCqkUH7olS3w*P;X=5?BUY4wxZp&_GHaGP__f2qaEFE*GKin>&qh-*t*9^cS6 zBids*EMj!yNeov|DR@?;Ze9s*u? z93jHp#mFR|*d$eDcn@Xx(7#-U64~GuilY=AFC+D~QM5N8n*Dz3X~YmjeCBz@C@W*N zH(7y@4N7aLkeMk@%8>e$FYkHX<;?}c1I1i%l~Ui)Wh8|3ydS_0XzqU~w+I$x zm86kUr8T4L&UWG{tO2&oWN5NHYr+~8x)*E9SQFZ=c8npWwVeKct39I`wC;GIFwMP}3XJXxKko3l!}v^IeYLesH2rE&C)DJk+>n)f z*yzg}GD1fg{b_8!Y(&crNcCt-oP``J!KaQY?9 zfQr^8wU)*l!$z{i?pt=(@9B}f{_KjlrDzV(d*$O?$js(rclr2Y>LaPP_diZH z-wrW^Rhn{Z5ee&awYI-V<)kOsN6KQUr&2}k=1O;2jGw_Wa#caDDzg?!y`0F^#f4Sx zPUY(S!kM2)%cN3R3eU`O*S!(HI8vhPW~!XeuBZG&YM^q`xzvTCptqZo^pnAyuu8_@k)c!j*^rUaVwjP z)y+kmM7+Os@mk&3-vW8s$71mwXwderSiA?DeOTL9uunVh0V72bmo1a)YT;5^G1}Gt zCAlu{KC_7~HlJD?J>=tXly6A7>W_BLlrxO#i(&jgwIG#zG`NoB5An2FF)YjHp|IE6 zc<%o=@v4X)X2cgq`@vQe@hM(&wbY{*GYD^KUTIzB@oOE8pY@p+7k+g7oa9{F`Gvon zk=_aH>JYQhk~1ss!>t@W?K!gYKGI+@US+VPb!+g*+0kYg)&jQ*-h~V9bOkS)D|oF( zv?=%h>Mr*z%exz~4Bg#w&E=fpF0^xRhkDYAO>a}$rP1Z=D>hxu^q-8DqIk@5?$rZ2 zr~z&^GcEOjSsJ{o*ayp-sX&F&9e}w

25<5 z$3)rAPHz?k3kfy`+D#IQy^=w8P>?xCOt8iOM8>u`h#Bn)s^Y|nJyixTc+O|GKd_se zoy^ZOr~68toW*Oi)6sGyaOD0>F=bNU4j#kY=;S#0Bg&fCFCNaMLZ_4}U7cP}j5l_P z7%u~}CA16IU2A76yHdFzKfFz6D$yBoekF+3BFmB|XU-hy!$sr;SvE&cyV6@uLA_b; zT&Cc*$i8bqHm&{0m-q~9_yk+}IgyzLXM`!50D)Aj6{ef1>$Fa6B$5Z% ze_DY9cvv`#E83RM&vDYFG{pR82oF|v@q7^~p5FYM+A7#dpiTmxs8Ygjqwqs=Of}=H@4yp2g&(H} zqyE!ylm~+FyMWO-l=o+dY4c^{CrJU;bfiifpM=$}k-hjNYkOIZt?{zP8 zrVrOna6gKIOtciRqF|16$LeOc#Yp52K8Da;=E7;NAZCLdXTlSNKR^zJHM@4yLvZ0D ze+?7^B;r|wVX6H&fHnucA|)!r10}G6hLQE$Gx+IrqA}D41Ib3j-0?$1`O$Sm1%j%~ zeePZp@4*DJ@45GEj`W@b7cHdY$R7R>^t!yU^TAkb+Rq06%RMgkYN+$7&m-^xvY`i8 zN6r`@Q&OR%*z{r|m(TTH`AZ1KP$Bv`*omd?=ud>>Y@VK4 zP^z7%aiB1RJsXPw{pN&0HkyHuc;#F0T(=uS`LR}z2vR==s@88Y=dlh!oxz@;0Ih$D zAFk`aDA3VA6PVXO7dUEy)g04L=~FM^$IQ<#E?UbHw0hBO&Uro^h9j^7UO<{ZIxD1D7GhbavBJg0T$*<&NEC5!V zaGD>h1P7;iawrA<)r(7wGDL z3e4-j3LG`j)Ue?-eTLV#8>OLYxrGbsoW|?h3Gl`O3^`deWGEL88BEA8sQ9c#lK$nq8=?G<$@t;n04HtFi_)6UAnN+(Z!T2;Nb)>ip}Hd~Mw=(9wB;uI?4+ z=^lY-jDk4wx>Mk&Nv9T@g3@OS%JrF}k;hTU!ych9Ifd{-PSWiW3SxOz1LI}q8S%0+ z&hnd8W`Ktvb!sh=#7oJ~CYO>i=A45d>HB8gYimozXJV+{{sw8O{vAJ}?EX>reSgae zPX7}z(bFdgs;}Tz!(7PVQWn%y3tUErRc$y;+!$|CI8}!MlElc;Ebst)01t@7RRI^E z0uz`yU}zVj)MgA0J^YyQaQbBF$|)r983$H}p%1OKIsNkVIG!X3m;i_r;QGX1UYGS_ zj2xs9t~2;yKgtSpbgRI;ZWB0ag4Ir@x#?5W@Y5K>k4@0(kTkZ=33PO)Kv#DO%N97r37sST{9kGTuCQXvGSOErlj+mP8`?5onIUOxJyW2gX9;xmfWW*S6gX<4DOeYzNuTK| zr@+=^qn1-}P{xXY(pWfXqPGG9Bhc0ao_-wxdf_$#Jv{`-5r?q|8I6$f2pNx1;@y!L zdmQubSXN%-F&jY`q@3>RY^I=WdGbaTY-OBfOAKV9b71ShjC!@Wg+|;2UB?>ggT!^)k$+7VPfCJy^qvACZF`6#uXhzVYSO7aO@Zh$f?OL{PD$jkpCqyMK>{7Uzd%?lcWy;z{5cM|C8odxFgB7vhO znu4Xv{zspAgGSn@0Gg+Pro9fv98bStFJpUfkP~)ZmSf!*XSKwEp%=$l_%FrT8a;c6 zioamvRBik_2gtjCEC6!?+&h4z=z>LX6z%Gc1PoYQ3)sm7>|6`jr53QO3D~U`u%s5S zy9wBX0Cj1RKDY*T0ogqn3Ad=!UT{?RW)${Dj9UFTdkOqfqE_J@IGC6HP)Ym1k8@G` z5)Iu#FJbJjVksUk0U+J}bl|ALQg9sa6C6PA|Gj;ed^wMD^?z^Qp$}J&z)wwIUWI;k zy6NA`*}o5j;81VBL7<}#66orK1$z1rfzTn#jKkB18i%hBGmbzXZX79ngmI+xa^t|$ zdg93I6#_?1Zkz^DP0-hP`z~dD3}wTbQm(oZ0X*ou3ed;#ZjIDr{`JmCmqJN^hgomgEiWBn#AJE>WJL@1aTvS1ms`~HZKoA6ISg6fICnL`6RB^0&3LHbWJ{4fXKMlXt)%d~5mNftfKOF$!X8=t2 zXX3Yd7Jd*O0#I+5w{Fg)4h+`<7oLqDJUt2PGJ=bXlbHK*ak2_;cWZYW7FJ=WL%+bW z4vwCkz5@>lB%zP0g7Z*NAr=urCKN0A%B&w45QzG&+%KUMLo>k*|jmGf`s z(pWeGUybHqOtWwJu~IkOqX@%u0};qoHQb;iHCTxIKrwI zFiX5mA`$TbAiQ`3L|p{fyW&-&BqE?3)Jyd>A$2iG*zJM7gwXZmzJ+HlR9p%aAAu}% z%YGmqj>7dK2PnV0yZRRR__h>Zk4s~WTaTFzz2W7=)jYC@Q}bMr43V`S+%{$!Ib*}c ztJrr9O~1Nt1C!xt0*Q$W*Yrv~jJ+O$uaMHKfYxur5B15_0$$)_~$Kgb^+g)r}7j^WJ)v%GN|925RYT;6ymQVfkV1QS(S zhf}1zqdD!#jkF9=*eRJh?FX9Ep2D>6l6)D$M}?khHc{MQzs_ ze!d&D^$qwTKi?zJ(eD-L>Kg@m`X+(U&+ju1Pv2}DzP`mc0)4AE^7{P(M-54Zm3Z== zK6N{O$g@BWcbv_B;^5s}m?c!3DRTe?D_f#0eLkuiRPR8VY`b5X8DKL#TaR0U*Qmx1 zAj0fG+R?R^pk95X8}HNclvbBx%dVTN?nG2^7M*EU@_8E<&ypseaDfz>=XhMM)?tN$ zbEywI(0ZgjiV?(B9|W<*Zvzg83g9f~?7r%U;Lr?Rbgl$^*aS>Z1RN~^ZRkkm@sph0 zlL&<+ZrOzdVh#}_B#A@ekp7Q=VlY8%&HRtu@m^HeiLRqYd=AQRy1E-^?(7!viqbuB z^HL#X#+*2iWk7W=(87z3mPOyd?64lQU|!pS#+fut94~q=a_d+3fl9?4IHcqa;{1xG zJ}Q}|Oj)4)GiKAaqot{W82xJX>6xrPA7y>U?jeIe#$v)?m$!NH!+Y9_?5wb2WZxte zyPql8$fy|F&9ak>$NZ5sHA!nb(UVn`RIpZr5%A-1?Kd!Yj?-IeNswY#EG@`r1L>L; z>Yb!UCKuGsMldUktqDF`t3C^CaaHe? zU>dgH2Ik&4)HAU7#&OD_+^snbwX34b~BPp*8%=|7JI&@E=|v)9^YXS2P@b=UKd-#L@#_XVWNmUa%phnZihg57N? z%@^S<4aND(`6618*x!IX`Xz+PE_1g!7#%8Jjs484mucVQYGvYUf0ngw(=t5*%69k_ z{ANq@g7B+w#5}oe!^-!;yE2&Yip*k0VvK zv?>Up))M7-0zN4RO7JAy%{;@MPBJhKdrh3XY3dS#-yP^UczN!WF;nLKMQDa36I*10 zgrpurfPWap=5kDspYuI{3)6SSM zSnK~==sV#?6a-KIs~@t&eRlMHDM$_bJg}~ErN}RA5_3Xg*07D3MK+h`szabBO#4w* zv07|lvX!g;7-TR@cJ)t48*jP)6tMate$+CgU_;?end{h4BB6MGTaMaxbL|LEX8#N^ z`6l;<6prC;hQw*P&5^%GS7?g4D>XOCd4?SPP2nVu1qe(&6Oo7^b8J z9=3grw$NAr8l#k*Um~K&&adF0?7UnfVq^!&jp(%33&H-`kMylbPaR;M%apg#e~rYo zm#(BAtIgwe;Q@-@FcX~X%3N?Z%wU{1GDk=Xn6G;l*10X+OnaFh&F+Aj_$|^E(6xRC zSSk2p_tPdNa$qlDe-B3)$A7ASfa3xvqyAFC^`jzF?g#ER@RB1VaKn#0#k$0%_1V_- z6W91flm8KPWeG!;b1&dhu27@Kw)TSoQSf_LH*sv1A5D_ z?E5EVo+<4RKX!oXc7T6Qzp*}ztXY1et`OK@M6*Z@5Ex2onFG&AO3^>$X5SkG;CZGIQkU= zSL3LKL?)Jrh$f8j^2G@p^cwp#N-@d(IgvTr8U&9yFUG0lj6e1%#Jy_u+*Wb;?;nSf zC<+0QtH%(Rf3vO}N5D|wb>g$)8+Eq{vS%`6?_|j7G16Kh7xGNu63B5@N-7jruV z#>G<|6+e0qLRFOaAWWGYc@xI;Z`A@J=oyBkhqExaDM1?ywo&vYq_H>Lg;qkJWto+%NdnjoandR&|N$qS=q;l{#f@cccQ=6JtvpW zn`TA-q+hfYj^RL2oQ>>pYDX*)LF4ES(69%U4;PB=`Jfh9X-*w)BGRB$4Tc4+@Z zmaLepWuso?krTav8OZ6*w5@Qg2l+SB;6x8bo;VFw-{Le=TztuvFc(-VJjR_D92o+w zSH1J%aX;J|M_KHvR`)(V{m8y&WHyQS27vGj3P+AIc;o<6wA9<%(gUU8z)uZSZY<@} z19QcF?2RQaJ+RB16rRm&O$7_S>laehEK-)R7)IR@`%M#XCC05(mr)wK4LfQ)@ZByHFJkOLcl{Zvy`pPt|Rm$EQIdmzGyL zGydZ57$5I{mD_UZ+v&(IdcXts z(U`Q@Z15iDl=scy2paVZyn8w2)|}^XQ<>iFu^z>a1!s}>m{>-cEdwz<7s!Op5z`Wg zlpP1O;Sz z>NEv}=UgNRXQ2Q^xi#ocdTa2en4(^JC`##4f)-0Iv;*tV!75!ma?ZO-k4=$r$BWY;E= z5M8rNkkkW25~5=Uf~2A#lCUdS1S1*6p_U+$5S`H#N$14vOHt&6@d$h+b!2)o)AeOr**qUK%gx%S2167OU5PRmVOoR_&6hDK$vOOWSoq)VE>_*jSp`+Bm%Mb#!2T zcpJcSs~vR|upuh4Y~wBMArmbKXB$V#w4seF<#C)$xUC7whRQfvjTLe@BnVlx8Q&4& z3%S&oYY)MmOji!~+H>J{NYvG7cXp~GT(ZJPPYE7bXG0VWBALo}Hn!$+|(p~Iahp{@AvwTr6DsPV5 z56QPcJyC#(%em&8DgSJlSFvHTa1=e*o^_^ibG*a(iTDk``dGQ?h1?lW4gkRM{F?KHdI2hP;FBgOFToQd4{fz^wWRbXz8~gWXEoYg~;)_j+`eCD&35=rt zVghjrSYAc-aA6-W!cb>s{>$kNJ|rMm%vLed?j)0McDd z*XH-F*51o%V~0;Y%{NPOxIWxF2V1sfy!LIk`}$Gvzuo2A-vPdbvlqx?t{d(R=pU!Q zjzD{aQOfhMV;7>XV_$_&Ek(HLT$$(&7Iq&X!hP|BGk(XKbS6G;FyNMzi|u8vx*pr$ z{5p;ZABh)NxqLvADEU$#hT##!0jHBV^H~=OXqs!7NadNXY-E)4o*UwDBR`cvf_VBv zk{sGZ%TxFuug^zkOs4!;u&2g=lLAO>OdWB$lJ6NM3ZllDv>A0FQFzuSS%r&2?fm&e(xSGR|fx_VKui zU+f#hm_r_q3tS$39!(T=^q`$E>iKGnkx&kk*7G~ zhuz{g?sl>koM~hgT8UX>-Vw;XLJYS!@6WUq93Ps`L+N-U9n{Ay@{Q1|S*~yeklYJdDS@@HYb0z{9Cl%ue!ClOmdU{ibt zY|8%v3*s-sTnwkVw*Pggu(I!{Ybjg#miq#WQo}qDK!;|3b4o}7}jz5i^0?1QEBHR4N;zyD1 zb<7vvq(fN7?^dS)mb1~f>ecbX)j(yR+=%WVZ@NaO_M!x9fNaI=`%278TiObEhh$;S zGkWNB1aRn>I>SbBgVk;yJP z8Bqc;#W+&X5R1-cUAPvrcwYq8u$R@bG|0K%%E$n;*W}9?vAZq34tlM>vdqkUEBmFz zsIDBHURQvnT{*%`%PZ%n*P#e4i=jxY^g49emc{Q8=UsGuP@DsFVoA?h^jZAWGF9(I zdqwX-fh6BWw`>-6UoEVbq*l%YP-#h23Tr`z+Lvo7O3RxAeoznCr8(eN^?+@r3dlym zbaVlE$;9m1FTNTtCN*t8qp7UjXV9LsxW;Rp2kzovol$J?^R3OJ5QsGbyc-r&&jq_X zTB5r^*t~$?gy#WehtkBHG`5xwPRXRPEiEzloP{rsBT%vm^XEIAZtZjmAI(XeXR*`a zn?ON~g>?1JaE9yg6F(>W!RGgnMi@MbA55MOMu~ANUDKE1@=dBM0Wp zI@=}+FQ6eeol%%)^ur60)OKpTx(L4TV*JboJ1+rTd^;sZJ{9?664?f#@vI%OJ9f5& zmm)@ahd>&vJlCMjZ-P6MFu~*+Jq#%_xfN^o^)V5ZJFnzX2LJg-*?c$tpMX}zmA?9Y zed?HFfX7N2^z>yYOZ6@I!PjrmK^t3QPo4)7q9?<*A~=g@1OQq~-Kp>jI0AnB86TiZ z%W>aW)_#(dH7aMbwz0q(jNjJk$Ntm1kT?G4o`g+n6mcWda05t}4^ziu#)_uO$}ax zUzdZyJQ0ae8K)=tm_$b2v&#B%Xhgm;crUPB9v%m}4~{mxYvq`Ct^5GbNqh`A0D0Gn zpCmjQlNs}_6;@XfChuC|Fd$6$_+6`@D@YptIUKw+^V-*2!>5{NwK0o5dA%v`0^8`B zKcJ*&0mB-29cxZsq18Gqcg_T2cvRJ(HQb(jOmL#GSIZe9u6Yqe#a!8R(n@k zMgsP|QfC}wqD#xiDPlhZ?1FT_A_{I5gNH!wyb z|JOICe`!nkPnP}c+f$)|BL4Q@v_;Z=^1SUe-br;37l+1 zu9PN9f~J>6Q#p#0NcH;WR2X_T5t!SF+Q6SgD(tBz^V+ky)$0ONAKDX1u@0V0`pf1F zx0v)T%}Lp*6E!R*Wo>XAI;>%MB=W}=O)`J%kt8ep8j0Wndy)t>N^?ohLA}hbgDJ`N z6g@^ul;o4mM1J+EC7F!KIn6{Q+uvZ!P}1QGF;5b??%AB+*Ud$zm=GmXr$j1jk0&d< zpt-C}MbrlVBvO4BjnL35;X9~Ks>p1bD4Kd zgue&j_-JY=ebwro;h}Wl29s&O2j`?YmKHWrKY2$p;hMUvz86$CFtAb59?q+81Rit0 zTQK~N%OHvipZkFMm}%d^A-Q&t#dz^N(w)R&$>iyHO+kwT2yn`LkV70`0_Wja0JhLQ z@$R5}FySRyj5i@mC(88IoHp-<_~HAA4sXVc;em zH`j*b{X|(u;ae~`3vZ8*SRv$5dOz9#Vg)&t=|@+?9o>wd9ytK%NB0uJm&^NGYBsd%d~dKAB$_;H~t{9){bk=0C@r(?Fw|YFVNG0K)g>QaMVOs$3kMU zCqbY35XhK4%hllL&7jS9yZ1uo@pBDWc)ky%z|t|I_**7#*Y7Z+rsHf7A7&f<5$kb0r}Za+j{dViSN}y|Uc;_I z_^64djyG*XpSru=HkX6;`^ghW-JfU-H`y2;+O#pS@NEt6+Ksyo(mhzLd32|Btj?1d)vUO|9a^r??FwH*dqwjJ(J)jLvC+u_Pwb4QxG?Z&7VHfg(~ zn%eH9f4%J*W5-5xasBl%@*QvjG2OuKbfRV#7$kM1|NSq zNm}BjPTO3@rnrx7+SXf$+c{&(`n)(vnTUI>WonB1DrIVlyM;2rO4+PG5%*fl)D-u? zP3sQZ3v<)gW_vN>=C;?*iQUZh!s5VWw%1E0FW*|yV)487uq&Cq$@bcOj3%+V?S&c` z+siF4a@BJ#^d8RTe+=5Pto-P`2zJ977BhAp%$+D8D|1%Q3;=Gq=qh~t-N&_4GmQ87 z(T62z4coBN+;ShDHAdtz-lKg$BGFf)guoxifsaTaeJ0SstGvER)Z_2HQ$o=bm4)Av|k7Wb1>I z$rj$3`eu^>n8gEk4dDu+4Pd$vF0Z_!C&EPu5#ib{5aIGfxQL~2u}LwVK` zSeD+jnG+$+&5YT>gGgB}CSsh0wg&!_%uTkT&>TjVMPw2&n?)lLAhU$gn#{;eO*8?I zayoJZ4BtDvNM;De{#=1Jzstzer;w{|7df$Yhd{gqDbUq9fu8OZi0g7);=m((0!K|c zb*d38`qXDY4|k1S>r=?%L&$@3h0mj8^|^w_i;1*xM9gr1cA_K<4~lsGRTT#Vi3k>xS<>ezrUOq>8nJ&$5>wbZb?i1+h z83H{$Qy}DJmN@ddSKz2gr&b$zp-+9@$cty4jXdtAyhLsI7_G`8j;)@CJVeialnZ$ zw6kJ6&$IgCcRTs5gL#KrZ95{!#w(|L9dGu8c-QVS#J{E9=1t?;lTE6JYYGk3<41p! zYVhW$kI_P4)IO`Gj+#b}#*DH)a5T>-yOB=Xk9N2@D}Ik@pD(a|UMK9f^^ibEZzIsv zvjyh$)&fUOG_}Sw2Yu>`Yz{dyf$m}5%l1J3U5M;z{a3vJF4lT)Q|J8xnbm zwlUQ|9ocMQs&D3s1#9V1jsC?W5e;6uyd0G5UPJP6f#%u%{{Y7ub9k&naGgc^L{WHZ z>#{&cmjt@HA~3JF6F6$3sWS}E=`&pbJa?@#QD4&s$Z=(3Eh_EQT7X>Bqdkat^cu|^ zhyOSZr%8x#dQG@ToA3lw%!}i@<#s>17>IV)V4C{6*nDPLu-@6tvY>=CYxgOwL?e^v z$vn43nfwyCiYlz1BE^WI+5H@7GObnUN09bVV=K zea7N|TEM#jQ^@iYlgaWDn!!_>tgUj;rOkXhMLygn2VDZ3dE!AAoSfXR_60Y7utsJ}uYkWbp6GxBYg1Xj3NH;vo<9q)uJCcHRj zaP=y{)vI_uQcK4RTmd|sYBkRG>6XKuY-wdbqK+H|e9-8~M?qHKDhkflcL;R!`vtoC zHi4eLT_AMi2aLnhcN&MUKWH3*zRNgL`a|N#>sthl8rlj|F^=-|smG8f=JP3@^S3_v zZ|Tf-A0qQ|Qg5b`HUN&4ZfV*Op)gyRHpF{OJ6ro)WXADV?L&_@&C>p_5B>k74`Cpt zUHmxv&|xC(wtk~PM;|WG)kg^Q^m2jdLo1BK(<_a`*Q<;p&_^0aN*^VTygpRmsG+T@ zrVr7lo=EngPyhRU2+#I3Y>%csgeU5@)Q8Ub7yA&$?1dPIrm%&#yv~t0J5itKHAbP= zYzuqMwy>8Rg?!8h{mJKpI5Uiy7{*pvy~V=TW{bD~t}WZJab@%|>-jR0O={p$cS8uQ z<ITl5)2|M8wuR2z2zYKv(13BUY$9y}dxl-9qE=^djT%^^V37=*8m5>-hpl4N0}m zh#P(CTNF3U%L1MqvOfDS$s2AnW~0AsX7+;He@F^nkW}CgZCUuv-LmkRb)WsLeXefk z@9#qPK8JEA=3xyRsCh;8)%ACMWg)g_lIL?^R_p{jf+B-PG}{0*d*(Il1N{5;3_iVW z_5l*+iR=S7Q|<#KVm6zN?e3(8PV;sEAKox8Z1Ms+R^7$WNx{%b8AB%>hvWHDUT888 zO{QyxPMkJ2bc_!%8-`ANM}US7j--L8EVkG3G=`2jrUXOBwD}1whkd+Z=Ws6gkm)Pm zW?xw<@@?yV1>#!|0$shIKu_;45PjtU#^LKXh$FA@$_tOp7)t6q(?#f0Pe~V% zwTnFNBm{+G+SK=SrOJOP|lMWv^J>h5n$GXVV^CcS zOma#uKGK&Os2v|_8X_i{*EKK3KZ9A4S&XO7KNw~Hf|28=DaX5t5ZZc)Ku7N;5Z|^D z=;=KK=JhTDM@@9~W+SZhsb@r3d1vND(0+I_Sygz9tuCfb=kL&Cn=J#buq}BDekMEh z)d3bXog7+L{T_0MghsEg2Ynxy@CQVDrJkG@K1-*cb8(aNM6An&&%qD$5Zbu%JoJGF zec;sut#N*AJw+{;^86UzLO1(wZ?(4h2%oy54E0zKf3Go43`1Vf%_biw9)+kk_6Gj5 zaUx|7eKsVdN%M33-(&^XDC@dmP!|zz#|u!8MyO0l>!EVIlh+jGfM>+kkTb?!xY4kC z1{nFnnB5X5=bMJ%DbO0vf3PXfC8nH5#`l|RlTD+8e{OA;Yv^F^^L@$4?(@h+zguJy z@97J4^bG=C{a%5dzEL1_@J-^#>vstpHR;rd5n}q(k3diMg|Q7}eR(n&_V{vOU5K0a zg|l0pBVvyH8s><-);`A?+2Prtg($}(D96|@aoQo{S4w@)PfQz>k!Ux$fsBEAtucTbo65}#HZ=oB zH6kSJ8+43`0<`;P#~kV#*Y#zZcqbaKJ79SdwgdUTJ?aZa=__cYk|%53;*573*NbFqvf~(kRir(@8ZMr{t#3ZIr~d8T zce9RskkxmZl|d2lx7b<~)%G5Ttpm@m?LC^cu&x%@A8rteYFb54ypV_EwoNxTK^uXqGh{R2O zZm*FRw}Q}no6{0Eby~*V3*3Qn$vNaUb$M({D zUhM5VwvXPEV(+YDXVH5`>>cPhcA$fZ<7cpk1aR-9qs^5V7ZuCnsT23j{zU%JZI?<*7 zidMlZIDcp3;5Dg&QfM-D1@r|U8150ToNJ^G{)Xw#?*aq#J<|1TeXl@A-zU)39~GF_ zcMBXf(bPqzYtm=FpD1}@O6seNsShPDdh2;TVevdv~2wefsTGapsODgnAi6U z95vC@B_=QW)bEj;BQQQAB_nZ$Ps1svS^dC&U^^W(*fUGD@BkoN0%1fe&%(BU9;!{sPWNtG2=rgHbfI z9)lX^OG}YI|40b$qmz&u9q*u#dQtv=mF88P1Xt1R@%=2JXFZ6%{!Q{py+~d_f?T`$ESy8?TllTw9!w_O$RLM7(kq?l3{+P} zC^x!_P70o*)`Kj$dIsRgpUJNm;L^Bp3;y!A5~#~i;!B4E^zQVY!rtpGvT|kGr z!z>%3J4_SUd`r*|aY@V%+sG7=RGx#wqJ;IWf4L1Qvg$2p4llZu&bPve9t9c3W0Tdr zkb_!=pAI|G#?&|U28qksXk@Hd#%;Jsdv`RqH!kV7yNTxVqK8ocOfya+ONLm>soM`% z?&_`Qo7M{wjRz`?*276eoP}odrTIBSU;l4wJ?aY23T(^z_P^hLlQ)`aN!9L_w{fa1 z5bhzc2J@awXu}ga`1$u5x!zH|=1#pyBe$i|$d!3Up2H{5J=AviDSKX*TiQB-u0jcC zsu*;91f(Gt#+h@o?a4kJY(XY)z#(u<~a{w@6lwI{xc&bneoWPP_$*EyTj)uF0|wTzF0Wss`U zmzW|r9LO^9OrhkB{RIMs!?KjK&6uNLn`I(ix{1~xlOTK^%s~gg1<5?OiY>+dQ z;rS_!p*O zNXN~C8jnButp<-D|6yYuOddaz;PI2fOIv?aprc_#VP2fqPY4_}!D@ryF@1F&JJvy< z^}Pm@4oZi}Lr6#RHZS9tF(l=~ncSH->_<%`y*XBBW-_$|o z@=r@yZT($=j($d9UOy#p)C8+5O&#cq&rMV2IFI;2f>t{khU)^;1UkIe0>9j60nGD0 z3m~tr0H~`BP5SC*u>;Ptt!F{giS7qW)F2``@_H5@Wo_fv4|hgy3a5b|(Zh^!!4xra zjPYzOM%-;*dKEUm4a6X?!|AVy6(buCE8J~fCC zJP(V)^fVPl=5s61K0h@1ZiRTf(*QCy?>+#^od-adcOU>g-hBW>zT1i;ua&@2lTN+e zQtSoI<*tWqnS8r7R2`WTO4C%&$kvEEVQ;aNE|yjLqV(binXYve+&a!@&`^h zN_w$C+{)%+b#s%45%14jyjC~ZA3z{a`vZW!wg&+7+D8DiT>`)XZ4v-ZIPZE3NyKGK z<+?L>Hm%rW(Eh)X>%pz3c1QX8OY=jv4K~}5OsYS@r>P<-M)k!oexO>ANIn`|Tk`w4 zCNv*Dh2#h9hv2cq3;)-N^E6g5*u{v?k6r{@(Pez{SJR4m?rj>)B3)E^{#r-lXMN_& zb3Z?LMtr8|)ZE{XozY7%+q{8f`SDD7?`q}fX-$yw^tFZv%xmosSkPJ`5IJKJ5yOBM z5rGpfT<}&`@Uppr*Zgmja{u|{a!<2-awC?aC%0TYJgAK!!P}r7w_?|BQrd-~rQB~~ zx}51hDJ@0uoaNl58|mIlUfEn&QtG|aG*Jp@%(s4Fu+U<*jrfW8*UnIAJz<7{*5d{z9D(2#mjKz~p2M|M(mQ|a;yaRz zXgz76yw+0&{npb42U>qHIN_Z27LM4FEjXHB((Uth_TzWZie>ueo62;i8S%TN=u7MA z?9fAV8n_$-sZ#h7zQL`;z!9MN+z`s8jnivCS}aZEe(Ax9{xdswz_E$`oE7EeD zRZxC;t%^avHQOM^pbZYRW*VGu-n8N%K4nY$+d}RX^6U?7J{N5>wS&yIU4B=-%_(~f zo>3>X5*DAIyM(vx_HOgG+hLA3rtZ}|Xn}+K1KRW9PdZ+0{gWeA#_Jq|ervA5d~2S; zf!3hG3Fj?%m*Z8obp5lKV--VVHtw!4VCT}dvx8`piiGwj?EI<5t{ zUBsodA$6H+Z#A(wC)`>iysoH)hlX|NnYmEZUB<;lH>q_}>@b7$ca=uM(GB`PjDJK05@(IJ><x$~5iRf2QnF|@_(U?z#7wrL} z(#RX$l%}cFJsoPZ-;X31=v|ttrV7B z2Bt8y=idNv;pW=~kPp+m*DREp@eVgjt^$bjf96bg&xX_g=-%_sA_KbNS!aDSGN8jH zUG~h}{|}LCSAG{SE2d+FO|-&NJpEViEQ}S4fu447bAQtJ^qbQ-lVTXL=W+(a(~I6raKa*+FyOI7k&pG#<*<%0YUDEbeQP& z8LX%q($?QyyXEKhA`PtPSG;O>7$&+OexR zbd$XgIk*F}Ej~8q`3yEKoP)=fdKWM6%<4<3`w!XUkt2h{i{7zD6kXh2ZYgnhEAHSG z1oVd%7yUVl%e7h2E6EN{ZAF(E?22wu#d!_g!9`xN#ST?l+wBqLb&-}CSgAD!>69pG z_RE%?ymjA-dZUA=6p;+PZ`&aN9w5P|l6}oFf$EZ+U8*(MPe_kW1?s>TmjkWYX&cA89 z{z3SB{|Z#RXwJ5b@Xw<>1|_-0)^7BL#iqVv-O$NL3-CY;4i}w=?Jb+`L2qy zD!2rj&>gy2cQu7lUd`$So8au-n#*u)oTuuvMpy`4Da?g@Mj|CMCarf2xNz0-CR~Mi zg@1UQM;3L9Cj|3DRV&Pg2}WURZxW-a+&?8p;rYZ-E~@=G_NK1YbMRdXBXFz(G*ljg z9pME)+k6nN!W6!W4^7{z0l|fQw5Nav!YYNii%Yfg9F`Ub=JG)WL^nc4W$_2KcF;pK zo!b|U*(%pkv4woT(;#`EiKlC=@f$kUo=b9jsMe59cGOh*X>}Fh@Z#{zG*&z!kw)KL z8eG!fF=r|92?rG#LS9Kb$i+XF@0h!EcgJUs-O1b$?YW&A!RL&gr+Psbv%Ps%Hzq=+dvrq}tgm)0FCkqAqBKe#?ujv17bcbomxK zqne?RAq!aLm>GlDD#-rPlMvscaT!Tkqc+8*%g2wnPZ`2bRFcb#(>tik79 z`}jKL5Gt6UT`YmKb!Zcm%g_teB0-+Uws$dzaz50=bq>i z5xW(>dQt52e0*x=S;GrAmZtdhN?d<%gHm){Y+%~-4cN)bYlMDPqRQ~R)JMtWTG4M@ z2~#a4Us_-Q!I~Ku>^lP;oHKkNG2D?DEb$8U!36W6#PH$7@DUkI7aAx3QGi&N*}D?~ zl`fR8FK`T@)VLRpx{Ey5$-s!zBAk{j>?=3sPV)Tr<@q`+TeSP}t*+k>Z5I8rw5JgE zO^auj-s|Ca8S`nhIZu%VUHNrPh-DvT7%i>4mTb+uu+U$$cYSq$@+v~x%L>)}Iu%sL z*Vd(VU85n^B+X z-c){ty=c`{^Zc$-xi&o6@oakzD{=IEx=3GJPy4M5Wa6&p<8X zxOX;j`)p#74qwcns^-|$Q}Ns|@J*1v=67Tso5IIguVkxvH?JFA2fA;lGPLYY)b7eq z{B(3>$euyz8Nb6}M|dWMXXb})mw}h8Kj_eZP+15q19Ls^bLi2;w+y^y{T_$jHbKk4 zlWgyFXe&?=k%1SjZ+2+rq#SJ-`Z~wo=Frq;hn9i2tx>gXo3RhhN?z0R9zNMEH= zSGDn8K+2gaAumP=_WoQ}t`oT_;Hx2==OTf^%QFOQ)&}x3#h)Qt}HC84?;inD4;gd}Tr zw?p0RP%7ftJq}f%eni*NbePtP|BK|<>l|;v|0GAP*F|r^_w1P)2USegxwPMcC%mqf zir$SEQ|&9WR!`VSW@vPE6T`;hj1ryIJ0Lu=MlQj})KuL--I_#&(#TS&gxt(qUfr5Z z%4?I7%d?O|fOFCNl;+viJkJeo6!(xx(GZENO;uA^>gurV3)ZhSkvX$a=JsS@7swo5zAd%4!Z1FviG zL0i3dbOaQlyZPArz94oO192N4he*ynF!NDO^*1kvsvqz5r}@c`@e(oZ&6G|4a`Bq_ zYBHuKc#Q3ZzlR*j?96xl#l0Yv=7OzHKykQ<}D`8+Fb3<1Nd(5 ztIdpbMQ7mXrcSDAvkRu{#q?2aH;4XbC)3ZS{VF(0P6>!q?1oU)*l1~4*7o9Jo5qW! zYb)AU06K_G&jqB10h$`>w=DNF2LoCvpmeu*cEi67UpXLU16K3q zO4D*tHz(AWu&GM9iQaAH9Pe@!Me}5}-Q>_{^mWwOXDL@+0j+ejRP^X;sf4u9;q!6Q zm{g6Q11|&`Mt5gZ=JvU7qu@<_nM%5XjNRlgLuaM4r@s%9>0t%UMbs-5cYvcW?^Oy` z7TGQEECf9JmUp`uYa`909a-p%k1Q134re+`reEErcUI6a&o0ONo6By0^A^H-O#@AN zXN^Zb-LBu^XLJ1+^U1A6Q(ehR3u~@h;u_2GdK%l(e=RSnCUyoP-#&xDyfRxri&ieo z_Nt(=BEXCSBH#vxn=1l^R0Imje2GB1i`|cfVRMU@RW;TSl&V-%&D?JTJ@=G+EIZlF z>x{VIw6IwR9GF{3%Q`;b(3vUfcrUvZbwMj&m!g$0n`!48{?Cir+J*vc16tRA**2tQ z{X7M%%Cdy51OH7OFQx@t^eROw;Ot=(S6-W2!Zb3QSHk(RrG>HC8R2yE0bB4uLuE9B z&YW=QsQI)*m5!cC2Vgp%tMVi8n+Qa5Udbvy6EAk;#YBR|JXTXpCgL+M|Hm@%;D6IY zP@mP_XgmLds^gp0tyD*K_zf+IGmA0}%GAf2_}=O``T6b;+9kBc>~?THy)|prR3$B+ zYq?!>V)7-_PL>2OrN)UfX(d* z+a`CzXWM!E@dqa7Ei1!m-d=5a=e4di=(nyhm~Xw&;6UpQ1}B`i;7*sfvZZ+0yN`-eS;i-C!`^ zdaJ>K*7XJ_oVVapjxX8LeSG=c$;b?AZ?dJl`S$JrtNRIW+w8DuLtwnM_a=6P%+9Fd-vM)6XC&eO47Ay&I7K?AXVjht zOnDvKzs>7GC$!6P5AvK%2IBQY#L(h&mDT;54f?HH3=XtzG&td$gU>o1WeYw+FgFh% zS_}(C>!YIeE(_ze-fhrttu;8%dZ)n&=Nx>_(UL9rxY5$ygL9$9+zZzO4~k7t%yj|a;L=; zZTeFrsTk_(PNE(*-=?QW2BTk-4AvG|Q=AjMd`Fq*7HxR7c4S_(sslvuX@Yh6tB7v~ zYY_b%)>^X>O6_z<<1@Hkq?w&Mu`+Q#F$N62NG>x$Zx%mbzeKJ5^l(c)S#EklCA2fk z6;EnA$ggF)+|xZo#m48A(leN9@WV6t249f9llZjm6#iCTxkiTF>}B-Y?G>@+bn-cl zYUNm8)Ekn&QMfM>jwUA`jm~1YYjdgG15k$S6F9eT;9j_dJCcGA8NJ|1$aCyWWJ|#y z`eAppBkm4k3&|1diNZq-xNR7bSF z@@RAxmN{|J6e$*%wSM4&ETULB0z+!Ft7AjGE9g^Zei=u+UW++#Wx(b0z0;JHA#1kD1@$(O>{s>FyX< z$`eI{hE@4(96XpvT{hR|;?fcPi~v)e{7yC$Nss;}b0P~!Bm0^P{VV+NDm-(yg2C`E z@?wk>G)&eHeW~j^(0N1<}>pK<>k3K*$k|hBxM}%MDQ|XAls^l?K&n5A-POU@`-`LIE zt;u%bH)wHS8{8hzss#?qw|?fCXK-V4aoa6l;ilBaJ&;>5)U%;)L%IEA)dqibLvFCz zS=|dEXX-<`NA4`37ASgw`U%g_E%$T&Z=Hf)0q&*XKE=O`Ir(jY;XUBK!r#ZNO%{^v zEium{8gF>HZ7gCh=8iKxZu?}TPuUN?N+PTNz)^#0s=p=+?cNS*etkLa@9R_kKGJt=JEOP1MN3eOy|f^!3ag@zhSC~m`{8FU_LEwq?XfR;7Det0hl z@U0d0!>?lw)D-*SH~5C%)MpWiW~sIq1{l~QC6|)(Pzvvpk8klQx=Sh_+E6L3TIJe! z_PtuM(Z4B-6}|;nrKK}&fEns!nM=7re^<#jzKtp1%9o-Q7!8y3H!rt+u6CSl@gU`| z$St`w=PRFWIrn}-DAV>7n>6J!>1t`p%?f(2$!N2J-g`3Itf2Rqj5aIieJ7*M3VOfE zXtRRee=^#vHaEdIF~{hJIkyAIM$et4ShJMXgbT4>)Y_eZl!>-P1zc$Z8*Ve&3}eZ( zfxvg>ztH!L&5GT%S8ndc8MPThtv!rHu$s_8!Mp}7nM*SFYg|E_ttM5+pqU?ut|a>K z>qKAQ(JMCC$5J#;UQm?LRy^i-UeJLpnHeRzn4oLRgDw!&o4lsd-yeKOg;^oYEYQ}~ zIL6GGZr$NuOqAL|Vs4bP`dmaJhhm)E5!Mtl^)0<1uLy0MPJhzHIHc=Q;4M|;~+coi8lxMOE&c+~Y{s3z96l?EerdYu#Ix)Xf#9Yf*wMW6fW_Ai!h zN*#84hud%7-N9zhr4_ENyD9hq9{YoDK%zF7B07eggW=O#?e3)b*@NumT0ka1lk%79 z$64e1oe(>TfvX z54zH^9sn|n8Mgs`^oT-TsWONUE`_RU;f{QC>;C`15BHNjfiLsw)+1TcGG9C4%cUts zj0>?fpTx%th1fEKSR%yS3}UGe^D_tpvKVZeK_qGU5os}=6XMI|b2~n2e-EItN~dm_ z0mO?Egc(2_m>|pm;-Ca!1`sb!5M}^zaDp%ch(i*D89*GGAk3gKz?N$7l=HT;%nX+I zK+Z3~Gl$r`V0$qf%o9gv@!=%Lg2dcq%Ji_?hr7LX_cSq~mk%e9`N50Q68fXEdW*F{_ zs*Et4V&3g{1iyn?k8^eO8$YHTTws@AmsA&x7iTix0FznDV0GxO2i;wc>!wv&DtoxXygsv2|FEz;ZLtB@3+%J3AvLz@jQUgLPlaSs z3go;L$wX{!e1;(xrO59KDb=Mj8cmVk5%NcTJinx?7t1C;LC&Z$y<#Xt~hBDyV~}tRnk{m zlv*W(?9@*@OBQS1AoDjJeyQIEZ^+wEVR89o|FJO{4+1mxh0U1ypUPT9^UEISIlHAYPFm%mCut1YrgcuS^hT01+k# zGk`cRL6`x=`3b@dAfg0e1`v$|VFnNvBnUHrSd}2mAoXNxx>6@A+RJW2)3?LSTpgKV zMSEJ^Fi+j{j5FVI+zvkd0f9VX`3k%Bl&u~rX=rB^Q43@pF!S32}hPZ5LE%zV>ox`Uup4mAZ>eE;{bBOcwl{tL6=kY0Z z23v>*2MY_Qlskr2+QDW*F8NY?UdhjG2W`u<$=NhEduDEm22{1Os@}tG6jxCsgFBQA z!8Nuz31b5|KRb-eyKy)fqPew;s4G>quc0*`u*2Ch-=;ER)GNqfZxu?7$0SK~tFl2l zy3Q|}Z#9MWK|lJC`Lc%b3{bJF8aC^ig2zM+e|MU{ z7s!i7qp?3V=#%|@-u&%6#h)5*=7KXrg?K`FaK~;xx|=Xb%+?hoynoY(8OrgvOmq|1 z2h7z_&efXN#PtW}YAENrOBxn-9yV7)rR@Co1xHiJS#VR>DZM<)GYrBwo%%RA)RK$m zly|e6kL5buZtk|CrE-_->gNULDuw6q8Dqxpm8pffBDq+55Iv@Zo1@unjis9LP<5w8 zp{F^RU4U-Bb}XK+9ay|&GG80~oMd`M=2tW)Vzx#|M39q9zq43foeLdw$%?;9U9yh6 z2ogAWwE_$>PiAS#-|GWk&N<#b9r zS7^dzsUPZK>=tUgSI_2{1#9OYZM`h@J_iXVs|6$FL;NYn*Ckz=89-c~Aj|;biUeT> z5LYG$Gk|z~f-u9p#%qZN+QF`Z-rkvkMz!c`uMyxb zm8L=N2{l;ISyS+(;1VEfI6gDR=$C3Q{9t!*{?tKJZG7s8Df%VCW36d@W}^98eA8>b zV|Ou`G+FI+b4YV?`<>`iUCHk|l#W!-Ek?gH3B8acxke(mNJdvJi_ss=)lgO~1JmIW z*MFL;p`5E}V2P`@vt-{;&eim`#I}nrh4gdPN^I*|zqFB^VJKgVb+r0+H{oyaDDi_?xFxJ-`v6ZuD z`&$+(p5O{_^lpA|r5wFgQibb7o*jnM%|}-e+z!Ld%GE}^Rg47Z*B5%X3u>n9QR0~5 z4O$kF>Nmp{`wh>#W+8+}2G=o;b7$jFm)89OoSm*iU0A0y#+KnZ>uzg1&0WX(RN`;m zx~1qevA_B4(|Anzw2$;L&$EvHH3_rDx?DTf;m&pRmWk7Fc^%{W)Yi3*rY5y@uiKch z^{ng2`0QQB;4}3(a~(5WscqJ}H5s?cI-o7x7}?VbrY zxNcs?ZD`$xGj4PH*H)LTrc38E0rRnT7Sqd(lJja?2g|j2UhzG)uII4}x>wIr+duvx*Og)RceP`O*t;Spajzny;Yb|43Yz&uI3WNH#b?cvV&XI#KO1}muY(s@Zp zmO>PgGbEuhkNahCd1^9+OTDI2F*dmF(xkrn;nVoBbF36BW#sN-W;TL?ms8toaJ^R0 zhK8&i+|%)uZ?B9bLo(a z#b^)Ofv}|GRz7I`I4+x8R3`0`aQe@Q_ zxQB)Fl%yl?N+Lt6enghm4rvm1iP8UoKuBLxjt)-UhM7m1KE=ViRL~jnW5;F5e7@hN99bp7t${th7-ibQg_%c~~(e7T{q#s6Qq+M0}*n`Zyz+{R& z3)Xy$#%)C*cL#1e;kNpXBxX+BC%gJff1J14x;D%e)MzAaWr;9H^OvsvqS!3E{#){2 z%-8qzZpf;i;Rf2qpa?blByBP${kEhT4of(2v4fvq%u3Jo5am6A4sg|I-OW<- zpCX$h?}fSZhJ&CJ{2FDNdZsrCYSGOMquS&}fsS&^w;z@j+Xo;P+{VY3daZtq>&6Uv zHrv{|4hmkQ3%{-FWo+u(A9gGDCEA5ek9P-OT@Vo5DQol1_^8hhdhinMPNLX3qES&V zb|(wmGHGOdBSSbP%ArE;_#}N!$6QHXs{J&9^j*C%f!x(^*Z!fUi=EBYdK1WUu|C&p zD(SAFw9O=Liop6BwP0KupmuK-eYDEU4`&hcs+UWg7rC@wX=xWaRHK$*fZVGHt#q>v zpL&U2GM==1JH=>gRBqI`YU?cKCNS&Jp=V^e0ne}U_%K;Gww3E)hs%rS#HOyry^f)D z3!O`Wby^=yWWY5e)ohARPgB(A2t?$*)cpFnEdICaf;3aC35c=VIcyb{ z3|(a<$eEl6H+4$feN>V;z;UHPyDE62pw2Va+|5f>vI;_dnxS(Z_Vf2+B%50j|5aZ4 zAM-r_eR0=>r~Hlb7maKfMhUq^Q*Z}iPc-7gW48om!)g^t6RG-V@iLFc|JqT}pOB_% z^e_9)SSEAHzT6~_nX^=U=h}DJz9aS>v+qv!-OaxH*;kWHOw`i09)R3exmTLLZ;7u> zp}x)S$muf_IwEHJ=px`U@_2PW89Ub37yy(nmZjJq+)cKRnoD(e|LPs-N%QuF=4s9@ z!n%q_ZjS!E)o($BtMgW~V^QF34!qrg8y&dGftww;#esJ?aH|9F6maeG192HQxR1EJ zM%u!DfVwnv41nQr!uNCcK3xZM-JyQ>Yj7l%0?GGAT9Jt z*IpEdw{-@#dhJ+@=EAvGx^CX-0dpDU*h_*Po_TTx?XH_(B!6E@BVM0*tJj_?aHFq^ z*PgmC3{#BKv35oNb|GzUE~#8>Psq3qaJKK+JW}v&xLaX&6{BQ4fJN1#*q(}U-skvs zVF%Y24kWj9tQdcodRS~v%{ZTZKAv__F*DCoUNQbD^R&<8ZX9yDvt%;4H<-_jlYPz- zx%4)a6}7X9?TH%~q50S&jj(n=u{}ZLd~`u0_^$Y@p*`G>p}v)GjKm3OU)hmiPx*-M zLz7Hirui6f`8anYc%#K~JL9=PSK3PtdHOq&zhe9ma=$$wj-APJyIUxj4~Z4ypOv3< z&Mf1{a0|@O4f1nGk|VL7KIjPN?nGHJ&f;sXT?!dOHfgrd2)$T-(s{FtAH!{7ewfP2 zwP({}Kk#Jz+lq1K%X01MwG0WHavL@hKc@)WBesm6C&j}e^K-ZSq@|qkV>s>yCvR?% zpL7x~_A?W{4Y!s2)S7KU$at_>y{*l|ac!B8Jye{`cljkdzOthB!l_fH?dlZ=;Tg^g zG&?sKZev8}N}=YIZP!KkYbmdoyiQ>5|92XrDwvxjfEoo*QGo zf4pn?J{m*%o$ok6-yz#~1#AuD$B1loiB>aY(v%wy46hT?^d7C3?1qf`tKLgbqV*C% zt(RE9L54C-#o*g_Zt!uYd36Pza3f>>=wLPJW(~zE@C46}Sp;j8BzuL-S(UWtKv;2B zOJdS-GnQJ1vyG+90OETI!VDlDOb})O@%;p0hH3KV2l6m)^^Y9*v4CX?>SdfMGR2v~ z{J48dKzXve<;nZwJP}l$SUAfQQTChqw(~@`DS2WESZ%McHAH`nk`i5~Ofah@DcRrZ z2h0g*3k)+NT3}%=%=TYAL>S8%GdMlwW2A8prP0>yqK`r`yp@K;)AUhM6Y)Q#r0P{a zx-W6^+iseykDg{*PH-mY`26r)7Lo~}Ng;oj37NP}ACh5GvA)oc9?ygjE_?xm9eMY) zcJWHmz9(tdGPRZuwDCr;zuU9a>O#PBcpD!MD9oPC#x6_hi6k}nGb#5XrL65s^SSlD z*)uBnO*|?=8IQUbql0@fMyY4r#ZpIuIZeyrhm$Ne1ETel1YriJm(dZ~&ncUJG%*k2 zm!LED7NUPBqOV}4CuEXMrO41!rO1fdmdTj^02TsfJ1k1tc~`1tAj*=C=6QwnD5bKpx5-L> zSATbZ4_8immfTEJjB6q*)+%_BQk-#3WJRvXijtghO=M+T zTvJ&o!U~{>e%5G-EQc|+gFE`C@`;4XGar~*m)oyn%G+4Nl z8*J5HqL*8HiC#G$w~yhbn@T?p>>gi9AWmF-0*iK)UCez(`QhHib|fIE@~O|)V-s@K zdBqQ62x_3qwz^Z*7Ydk@b8cM?uV8_dDWk>_co4@U!O?E5%CL(n2!7h>zumxI>Mljf2;qwuP*x zl^>ynSxj=d2EiSCyhYE7^lFC?V~*rdWG>hqKc(Ov8i59r3B~GO2h%>l;a~Y{p7l_& zvKOeI@So%VdH#(lc+JS11CF73>c1^Ezjk8tn^;_AmDrfwwN0-g{JwGDN*n7Xn_9i- z;z@$b{$Z}(?+6!D;Q|H>T=jg-BoB1G+jW|=siEjd^-kMB#ij2(ozXv}Jg7%j=c~(^ znUW|@r=C8cG|pT72M3;X;3)yq#L$dmO-!a(6H|KPwpO~>e(>Y35;xLM1*MBwNYlj> zh2PY-t&7PvMHjP_d_H;~Y&I0b8l@@vcxqMJqI*-Tr7_V@uTN|4pYcV_eOjQ<`lA5n z5dH+T^UCOrx&5D`-dg=-!>~af0TYbtu~kY{WUh+kz?EvARRQ*IUi@;^~`%HHkY**&+ecZO9Pq+D4pX;+>LTAl+{B071h89A@L@zDAU@2C5Ut#HecM)I<(+lMZQhyOCt>>5l#9tGH89@9kL72hysYs;WI!tu& z^@vcci!Xt0@HHADDaTm_Ob(Me*fP4L>xjMJ1#)aFU|z6XWWGw zpGlkYq!2q>2t{1Mn{1nCVM@EZXW;XaW?F-S zfLBD~%-+J!R+x~?E|Uv#4|yO8z4m?rv^!{IqTKqIh_+kWe`2MY8{0r+seK?K)b0bvU8SDB5B!??z`az4?(Fy{bKCsLb!8sw4d4BjGgF-C zMMbTL*i(?I_BxXF?>M6k!nMxJuO_b#e2%aYf#X4%eE0+dK<|#F2%+{icNKFHU3}xEae`TtFG-(v3Av#(4DBe zq_$nmq(**Wrb8P<1+;uYDb5rqA(Sm+_ag7C>1@(Lxs)V*(Kfj~PIv64nmye{xy99g z`Ai41LW0cGrUHfFXaV#C^F;fxQJJC+#ta~yNf2fLfp+M8m;r9?0<2=tX(e5jfUWjcW?4WW?v|W>4h{UjS%`wq-O?n}@(hG@|Odq9Q=!gd0DMOe_ z%!h@2nEoRC37@{s+EAr4d_+dBOR1ED*~$Vmh%#u_=gPF3-OL=6uo}PIP-^|zVfeE* zyS&`na@%}COWfT5;q;Y^-r}j?DQ|;mePP_7HMoC3mB z4H;}UGCSb|znVAM8+ce;zMj!*mw>&Ak*F7%&1^d{65;d4(#o~J`U{b zz%k`1IIY<5(ic~ zaI6D7bf9RDci;pE7{3X5k^?6@aEb$`I&hi;r#tXc2VN#%!?#;h8n(J1Q#^b-Q^>f? zHGVr>ZPqGAyf%Il)cDPU+W1Yy<2UtfkKbgQGJX?^`JfrO?`Z(dFKQu@4aK%bMH_u3 zwW^4t-=tO*bu_Sh;#ox=?UhprPfq7|K!S|wu9CsV6LE&5Sv zmB>YZNv#sSXv@74$`Zk7pVTT*j9!*nC6dwWQ>#QXx-Yd#M5Cuut3)-LyLUoaA{*_M zS|z&Cb*WV%9Nm>#CCbt7Q>#Qe+HRkOlteo^I<-o~qgSU^iF)*&)GCpWewbP%`q4i7 zCZtpaqAOCXszUVb)T$~GjqI0rR@I0asZ~`Z`b=t7Rf)crT2*DDCsV7cPSm%5LP}LA zTAEr_m7)Vu>&viaIs>|99s%{5g5j?8F?tQn-HqVqwnFw-P^X-;UQ=Rdqi3J55INfo zRt(>TW77v1 z1_Lxbo2U$4j6tg0!N9Ryy}^-kOHq0qtwRJR4&^(WD~-NE$PGtw4GH#cZ$e<>07HZM z-as4#BB(#*t_^cJ**d(@k+JYB`=FbZH}p?Nm!uw*<2N-+xsQH2$L^!t3~oGBq`nk6 zyQ4$13tZ*VL_sS1je9wtNSEq%9bIG>H=^p{@D(|DOL&7e63M&C*;oH+}BFH0FDI&FJ-5Mx;qsodXi_msgAO8xr}hZS-5W)Vw>*9)}`3J ziP!Qi2FDX(L*HaUbPl9`m(iCVsOIRJSm#QR&T~fEvzd|hTei5oqMB6- zLn|#O9mZu>_-XQRkK36ok4yc4cB#`bY;LLV>dk$wByTuzb26#Fr4r&wyN&Z`7mBJA zmh&b+Oz^*yEOS+*jSgN0vYOlL1*$3Bi^cz~NZ9B2`#M$bEr70K{k-DPE}HD{nm2%G*UnP#BS>^RbjKjKhIvhR%ZFd3$eieC z`AEYDtA?5CrwF{x*4qRo-prScNx^-pe*a?;$)U%a5Xe+Ng<=S<>Q`!>Ks5_5C8qj? z8H-CyoQ}2#Z<>x>Jyo1%O~-~6Uh{bqk#r75#n_;8XbV9b?Sw%0r|74$UPxZo_-D#m z*$|g?JPM=HL@OsLm)5PJsO!>rRD zUrRS-faeCD*M=AH9g3fFtrXS)W&rG9>?$J^L-Kks&euK}A6^|e!T)mO$l#D%GIXjIVcW8>H&`Bbp; zO(ZSn`F?nbeD(8|E708%&=I^AGtZ9u;bpPo>!x#*%mkP7sh;NfLwe3Zc=D45ulO4*f6 zL8Y^LOo0Q)Z^7h;Z{^D^($Jy2^E!u|JC5=$=xO_K9cV6|4c?9?&Jx|Iun)A)WJbS3 z76TsUDX$UN>&{MUq`U9f9K-?fn)r~*O%`U5P?~AJTkvh%Bo9@uc{8w|?T^au8I}&Z zY~+r42#uZoPE>K**?fnBoW$j*3d3Zr?B3wnty_hEB?!ak&F)Rel?!%An=WCM6Bjrb z^t}lM3E!!3(VQ10F`VR_wH3JPyaex(7xG5)-v2{;e7x1sWiS9AI|I6k%RY&FNw=Ao zwFO2O_reH0>W+Ntl~Qvlu(21P?)6Pblyu{3c`PUm>5|uSsnpyRFm(3HmSAjcp#0*W zY4)5qK}9SF?`GYlYc+bXrgugBI>NRB!Z|AdNW^r)) zGV6uK&R_{49${wi7#Fy{D)z?;Ic!;U-$MlKvhDX0)|SBEhhc0l)Aq%`UK@KqC~smX zY_qwi=s|+4zf+Z^DF-yr3Bip6C_!!{sBkQL+ySF^zM}B zHa%JG7>$$fLhdW1=LD1QPoX+d5T5~{ubxy2SW;#1^jYksCT!;i9gv2K=AG40wW=xw zRnrEi0OM%`QDl7hd4Y*f^VRt92NbUqLtz;l3S_iX1&IfTD292Jol&vi4Cva5VH+Kf z4k!Q{OZVn3zagDBP^_^&$XNP6TATJ;pCXAg<_rOJ7x0W+i9E3OrzzA$G@SBLwRMnQ z%J)RepD#g*{N*IxU6{P)-S+(oU#)L4ufv|#fT@6@Dh@A`Lc;3OXE7*)J_n2k&LV~8 zeviNeqZQNKf2f+YR!M2f0nJ@t;{c`ODw0A$=L^t5&uF0w=>5n=Zz6?Dx-k4%hAnEN z7$vn!7GkJ_+rEFOBcQx%T^p8g#lJHJ9UYCe2wCHOd^AJTp}e+)S&G<@`9&gfGc;{< zDfkjtNVvQ%+&bd^6M?!H?VunZ|d828}mDA2&?>tcaZ{D26xM()#k6r zpkdTK7~=L!Y2upo*0+q(*Z9t+qh#n*ThGEMr631Ha6)k7z!mUp^A`#SrLRG0{PRi? zPe@uCZ&l*IjVnAZrd!D*v?+A>PCRT*>NKc&j?{g~vf=qtw_y&AKfRyguJiPUrNLIi z=uKsDxoESK;k%XFotz~AKg6+0%V2Zr+EC5dOlU50ZLXzpLODlcdoTInq@|561z!hS z)wmr|$UV*fO8&1Qd*=X?pX%SY!9B=7GnNx!Klp|ywA)hF8}uGZQ?T((xwYrW?!!vG z{+6(6YY%|#$;cm@a+pb?Y;e%~UiTaHTi-F5Z#`gep!HpY6V98)<$B*sw%{$=qhk8N zHl*&^ zptQZF5@SW&y-adj83ETi6Z%?Jon2j4b{8KQc=IbplAH^J;s|J@X z7IA~C&8=#1`?M9$T3n~Rh@e*~wSFczv7Ybjk{3Lrd_;2~ALW2lPY7n(T!n*@+T5Pb zQu7ibo?W0p2^FpOa0r7^rjwFDG5y8y1&3!-wfcg0rx82B?EzJ0Ei%Ik}pDrVcBo{on`k>B^WR@w$Hs{pW`u=}%AWZ+w!7 zsYuw_6FhJ}9%+bvgjK2I-7nRVA7eF*^dSt=Gad%UdWI;WXZ%E9;t{^mGnkODvbyCaQG(5<1t$I=GO)QmW>Z+$6v)(51%Zg_XO;?fZ~D+*lesOb zoxPJseFFL|1Rt1htv5K(LTa&3IB&sE;U%^OPY~Sop$q|XXIftVgP5oR{|3;`uVhar zruwT(P38f~)c;@$uanGds#2ReXF{{P4NpZ%>fA=biGT8yI`^nD^KABdVV5o^n8{5A zqG%*GJ+;}BqP?DIdpgw~+W6AQ8`(*^P8*%{dGQ$J?e9(NjM5V4@#03Mm@BS%2246n zvK4CzU#1nV%D~iG+4kFglsux9rv31I%cDGiJUXZ}LbDm=!sg ztq4r?@D;O<$IJ=~vjQ1r6(qx~b$Uj|!cQvLHhPL&Uv_=Ut0K+tn$PWwl7F_9>uj9h zwI2Ylr=Y)~crXd}b}P~W&|Y(pZ}?kko~zuylSyN>-^-v{`3DT~SWWa)x#tT`^zl{Y z{yE&PM*%|(l7s5E;Kl(ejvF#79F(4fQV*Fm7pn$mJ9rZ^22X+Kc_wFh8cX+jHZZXM z>@|nvej{Snn&$$Ijw<9irRLkeCWe4p7D2oX$XKiq5?4MEWoP}dZZ=5ld z|07;29o-vViE=j~hEVEW!;aI9^U(Xr0HHPxvZCO*?UD|wJlZ%&O^x3#=k(_n&r%Baa61RNjZV<4@Rw1_m;-W?*f!=n zlSt6yX|EPB4n(dO0w&2d$pF2DeTVsme^S|4r}bxy67VJF=G0Z&LL+{c!h|1pg;!^ke0W@1z|7;MC=N$@i=XjeNIb&3&*@__4rWHXHHV!h>Oe#XR zB-?m4>Kg~-<_K<#D}oBM(w(UY&+k2{2uVFa<+XR3?k5K;vHVKjRX+;g*7Hx~J*fvr zgZonkk5{V){{q*Er%XLi3e$R^@%QKO3nR#R4^9Yl7XUdwD%&r6&2F&403RpdKPGcb zz#qb(PAW4p6CLEUNY;B3Wi0BXenWX`=-~DAjh#5OfNoA_Su) zV{{f4G5SQzsIV|9kYQ9oGK^YpY-A=Be$o)MjZPU&=DJs3o${$*89obK6qCy_Q30Rx zae~hw0DPXP-U_4FoXfY=yxDr?d6=I~(VD7ki=Nu84&!$ao7%14ieKi(g;k>^nCZ3@ zh(^nl?NV?Rw$9*p1WAk8s7{F5q+)KPW9}2)Z&;i1u0R>y{oL>2omK|k$7${vuN}qf zpP1_Bd(B;dUUOHzK_^LcyKFQDJsF|X{n@sL;pX2I+AFno6PQ@WcQy~CLAwS= z@poo66SlE#Ga)HT#&}=2C*4n|RQql}q2^!;xqE2~SkEGFcE^cy>-w9w!Qg=y`)Jkb*$Q`8!**IJ>2I=eB7~#uvaOz_7|MkgYRsPx1iM| zlk0L|+GRp8BO?k2B~xt*H72h!QO{J=Y#`xoL1DvL$~c%X3*#y}IOdC3I^74?;9^?; zv5r#nHiWx25F^)sw94JsS4vXMVkOUflQ5%28Kro`KtV1Y_@~> zy3zRam%j+B{0|qLIFPT(|EYHQ%R%KYm??jSn^gXps5K&w%U{^=P1sfbW_cr)r2G%T zb(8Wp7OninaZ>&=r{yoUH@Ey9+nucygo)Xv{GX1?Us#pDV5a!W_YgxqQ_n za6d(D!x?lp*wrNnW{O*Zk}knT9nJ$arC%`8MsiZW&_+Ldzo2wv`UTe~I^O5w1n&y~ z3GWLrqsH5Jm~Zf<&Es99#QP$_i7okx_dmtF3oG6QGrTKMn|DPWPS+=bcO)nAZZTR+ z&(6Ej5%V7L7N!XKt*r&}t!)Gftr0-=Rl^$_qZmfK*0utED-g)Hwv#JCt3ZO*1oExA zK%q4zM+IGsfuP$9_${_iDd>)JWz{Z@b&0HO*cbG}rLrM|+JiI%Y?v&X8*_(lEuAB6 zF^M?#on&R>^!(gC(9BXLR#aZ2-XN(*sH zi!PX2uSXmXa_AR3^uYr8)*%9g)}esv^1;SovU;thhX>)hMc$1Yf-@kI!W79nE}K`Xsew($%naT!+dmE z>S{dd)7>%cX^&3Ub{0r_s<{RG=ePw|^A20*b~w_yR+|q$3|EHHnh&R&|H)x?peqa5g~dkfzhg zTjb1zv5e=C@|WUitT&hmk^JF)@G`7%CXSU$DW=gP`Q4Pw=YT!61*G)znELWah%&sA z56=LEXY#>~uDm?<6L9+#azr&K)?X z%}(Py0yoa*ldhYny`P+>2xlImwC@G>U1i@_+4t4Z5ej8uqyA)T*O?=YgFFNi$StCN)tMazkUhu8f(C{F5%-f-S<);Yz|GUMGYr6onAgNB^oeLT>-{ z_BV0NWXT%@Cax9*CQJT`q_1bU4r6LLFkd2&(U%ko8P?FSn+>o^akI@{CTZal$P*Rd z8hph5+FWleUJJVMMt$DIr*)nAx}NXyHzNOB1#bu=??c@fT zGz@%;44T7yD~5PHXq>X` z0ZQc}lU0t_NN0W%0G*lnV$Nt`zs|nb^9?UcHRc<|ou&nDl0g&SH)DwB2Si93^DUsf z3C_)##{755z#Uc!a*)z2xN+dkN!}L zH~`!g@~OK=133p&{Brt{cc>`Zjd&*BUlTT>YT25KJ=?} zK1v+ zpD;M#oP&QL5a>y=#d?y`ekimiOdgdPb!IayQ%JiqZ*tl{35LT_!JR9(xWakZyBkZ>FCMNC#7N^na3TKm3}$!M~wT zdmxfL0r4Mfw18H)3Ztd{kRovcOfsQ~EK)9okb@ltl zPzBxI`RVXmIEA#DK-HCw-0ie~msq^_5-)SfFQ=ofT37XT5bX4|?>G6jdy3863NDKD zh4%?ed`lGQ3pc{}`Xv^D9Ow%LGJT;!(P|}q;r&?Iglu1>CFudbW0(i*`(3_`b$nXi zGy8*lmtRHBu$R^lO8&^$be-MzadDlUt@Wt0(^`*pcDC5#CO?f8I=df;oa2Sg?iqO5 zaF*8;R;zJ>nN<+uq-4uI6tz;)#gPu{?2KN&ORkZlm-`_e+>wq=TuZ_K;7B#j?PX&) z_8VYkuc7vug2 zD}1$SEH{H(Ug0%`Wz(2IW;sGZ80%;`f(<=(s=}yPa0XoMQx$D=e5xW@YgyCY1E@IT zGZjuh2*}^p8lPXs2|m9GfX^eTChTm=m4ZWUOnx8e@DVcUS&zi)vI)_Ezi$gne1os} zn*o38wI_gW?4V##Aj6_U#VnSZcax#)-v`BpcD~Pb4&R+&e%45psm~i@lBq_;(mW|s z+h~`mNuK`xU#Y$zJ}2erm*5p$3fZ|IC-U?G0C{>`DL9qP40mK6pwuKsVDY;+ac4i@ z=Vny7D{AEK_XH-s!&kZM#nK}zSu2pqS_PRRJx0ZXPhzx<-sDWqrEf}kRje_u9JP56 zo87`@1|DhlNlZ%?j$f`{06Xm!d)831$pmDHzOo>J1)yrPj~m3dAS9- zD{pJ-Evw-TwYL)8ru{9-(=ziCPXI@YbHd*m%!j`N7V66i#!pvmLCLu3E>iTyjOUp7 zy}XwkGmmU2m+HKiu??I(;&MtE{s+9Ylx+@G44(uc{mSMR>bc-3>yoXF)V>6C^9oYP zkgM2I;khEL@8)3m6rslk(C*~cdPpAn&0l}j;i7xsE84&(wA77LacC$^OqwPoP02=o z__Qcdv}`uVUM}v(YzDI(yv)phl>a#YgZS50dePzoAv(?{U`SuA?H^+fN--~pF)LHd zRx##`6f-NvT$o^BLn&%7vrrsy`O{U>^Y142A=4AtJcvt&V;+RjwVF%^&*%sq^41mFQipJmr{2k zz7VjW&nfwAD)PaIx%h8I(JQc$k_(QY0lDu2oduhoJm^kN zUj|E)XXnG+8j-Ln8=bZ+hIwp_g7c{JUc>l*PJdUwmsXR(b5JCZvnZ~TNbJvUWMGJr zSPm|u38;P~S_~83`3hv7gQsZTV{bABm*dy%7i2(gp_hYE1RaWiy;k#6y3Ba;bi6dn zV?2f~C!veAenA${pZ#1pk>T|!%YQj)aHCBroEO2?U?wFF-UY|WHYzBNnele`I8gNkrXp&GM=-<{0)txMw*X&Ptb zwj`dbEgm^49@{W8(`(9?Hqi7b^iU#G8n<1O^-n5-cfw21FMlR?&+ca+_A?_lHhsJt zR!rj6_8G64q)Pg3lCNsroovXj(tHagIL3=&RsV2DpusFkG5E0ZSd0%6FBvps(c3su zd|zvP$W1hOg}pom-|{p)-|S1EF2(-EH&3>ggL!<~d{6IZe(cBbJx#puoy6<-PEy4) z@zd}vznkzaYQE9RBSRC05}L-4bJ|)#$bZjzXjg`bw@GCvWQG^lp6x(9Z&De!_0x?-X10or zZSbl|xTlZ>ZzdODj(})AEnBhmM*s~|)1cx-amz6~%RXuO?+@~5sLTS;zAA*ueU#wE za9h5TH_a6>$C6{i3T6Li{2-KnmDl*3=-)60chVNL{(*^!NoG+;@OSRdj#P?q*9u2(6#rg@x1qN^>m9Ayi3DaQ?z$2n|Ka16`^|pg6Y_JLu$AMNq*<~$eAsAGFoD4F+m*jC){U?J&uiTVU8 z z%9BLOQvxmWlxikRd+Az2o^?a=ye!n?t@po@C)*JpwJ_xw#d`_VQjw<}973K>IFM%s zZeoTHm(X-T8|csa@jM8L*s=`B&+fT`9{8*smpJACfLAMMmPL92>?6@(l8kImumHew#Qs}CkSHwKi@ zbg`2|R}Yq56-Dta`sEb82G!HkdAzMro zK*Dk_9gE1B3eRX_t97AT=FgBde8|<{M2ONbyjraaH(S(8fag_sT5|EM**gH141DbJ ziP6T!3up;z;=K;7p6Y7?D91gT(!+he&EPSPdq_1BJi#=Ut?Pl~9?`7Fmr?`+c-(_- zQOa)f^_^72<896?F)qlq4R2>y6>R=vR??tS4ey8=J7<5aHiAfx# zp&Moc=5|bq4a6i;p(Ri&bSVxfQiWs@ES3`_PpJqFgtP#A`c>+cB6++m5vMk)YTh4& zu|ehu*eIf~%ppInEOfx1qWu~F;(GrVXr&N|b0I_TsS*xvE1h|T1}?rMQTd|3Wf27Z ztpEph>RP+MJbc+W197hx2bePOj_WO`L-t3|X8mR)SQ!zZwAh|bpS&djTAk*MX|eZF z;57m(G0HhAR2BFT?>1A(iDPC4_^;n?kY}iSI-Ni{<^Xkv2{7OCG63pM$MSZAsm!+< z=SFBTk_n2Du3m5A%LLX7hRAw?ha~IENqw=6Fe1^-^Eu=OQqQth zj6lzUobJURy+-|xzg3={fz#L~LS6}QDNn|StG>p+8tCR(9iXx}mjPOH{5iig|Nqk?8%HV!ReUh!ImuZL5ge{WSrv zc7$Sy9HG2)1JwXILX`@SPz>M*Mb~1km@YIzu~^+HkAf>qEkgut!fBjjgbLBUcbOwp zh-4k1NTeo6pk;&-Zj+_jnpr4DJ4#pXD7h@u<89AYHs^;;!3M`C%2?AHipC7!IV=JpJj}GS_?stQyn zl&_1wrEiieOW*W}U0*JJGZR6Oc~dx$dBE;(1Ycy|^f%U|)8X#wzfP0Bwvd`=(r;lB zw1BzUB?Ih#7C)n5ucyG~fczG(E7%e~YnLaE4U>RZ+vQmicKKFx0}TP$I)5hX}>Ge2DIyXme>d z7V7cdC>_@9^H@xmK0gR@w(1M}{2idNPgjB8=<{q1hqrUM&!0y)cJIPAw?+`;-xdz! zpMfpO@I}fWVk8lpLjk?G6T%g251&Ph$;$pE{T)4T5;tCP8xL!mPv|R}x&;Q{-41?zLe|+W3p8xyjyo;3qoJ03y z^TRcIbpT7}#ut2WFBMMM;3W~hG@1~NNf+*!cKNWnjoXs+%cYOb#mnRm8+I{d^DtHri zBfOU>6p40!7lB;`b`#hg(2I*>T)`gjLB)zcw~&l4HvnGca|;>5U~vnbKqo*B7GKUBU*4R&n;4sXyds>e<&B9 zrqa94ODC4rU(Ah5jMJaBi^V5%WA!)f$|RQ2Upr&0ZFnlVrcpwI2gKd*hd!BW60DJL z#auyuGB;L#8Ewb8MD&N!iLutNqa|RUYq5spM-R{?N_uiCIVPT*LQ=4H9unDkBv5yr zcuth15tBu=@Z=e7pdwZ}C$tKh*Me=xW7KOiI1ezOt;V7DY09>3zR*7)=BYiFC zTi|vAVtt;v1vIMMbo`6kY`k4jEAY2GPf=AJ-doH*7On7P$a^Kw$9f?Ms?#41Y_<-hj0G3E^Ry0kr#cEgh2SLUy0U>i&pJA8GePgkr;Vi0&P4TH6rGsxTx{ zVI)v1jI13Ax5-j%%`ArLUepwsnO_!)(?(ie<~ThaGUwc!Lt1f}4*+c>{#6ie*i|-% z!`sJ{d6bHWPT)-eWIhx@koj$JXjf&5eLE1le>k8QcQv|#cfec1lGVyqraTa@}U}_iulS#)SA*KqOOcts|^afcQ3DoWn5iP?rr?=J+ zF_0d^K*C0lZ>xc%T@(Y!4eJ&IDNJJz-<>Q;bB#TGN#vRmz_||u@X4F5#Xt(%Zfzj3 z_M{hfI>^FKF{ZsEMTdsT*zUsEZhVo@!o5|eSXt_nR9fqlYz`DglSNoCLQ;mXi#>w< zs9Iu#t`y1R?N9A6$MZWO56<)Pjxxg5WPnCl?Zm&h-f^9$5PyrUp^P2g0jA!$)pgLj z)uMN!5d^&(3&$AG?}9hd*uadCX!qYO@E(Caf%gJ>zoZ6a!&icGl5F>n1H4M*BtuZn z@pJ-X0I8fjl7Ug8BuyV3ct(>orwH%;!e~5UQa)v{SD<}EB8s!wGp_~&~ zlI9x9iPH(Dax#F*N!OyB!gg`xOcUiS#cVh1AbC@Gq{PXF>Z0e~W%n%ntA1uzuolPK9|X z?BYZOK|lR)sGq~_{>ku0>ZkucO|lM#Q#2`ZFl17@#J2kx!R`+T3<7$;rm9SXuLLb7 z+3ueTc$HdAwxPw-=>#SLQj1fm4^C7KXMaF~7Spk4F;j)Ln1yOBK1J4Yf#OV-NwjEj zTePM%M6}qlc22&nT8s&*HnGLl&V^~Lo!`%rG}l-=#~MV&*_)*Z25{}1u0@N5ZDZ}+ zrRShDo)C0Q67QpUoE}aypP;7{=AfnY9F+6Yr_5O99MlbB#2nNlSR;q$prs<`prs<_ zps-xUn$3%4Qp`b1F!G_6we}+t*^eYp_oFhLX-ZQii@Km6Ng2{$31z%PLjCAUkv!g^ zW?0!cilIvq0AVMFqr}QL}%= zsHc&yUb~-xAoQ=fa4^@r(e9rGpJh$ZKbtsvmUlW@&hDQ>oZU*}#@hZAJV+aBhKmpZ zT?lLY^qFght+-~$yzP>s&IjN863Tpm3j{6{_yC~yJF5MI@FBax!%^ zI^|+Iftkz!ow6*|dmGvlhsQudr=(+9S7a)5N;%PBuKAM*ss&x2Rtp$+*0~Gx2*>je>~bE0pf^k5KySw3?ITXepbZ}a0oJ*)%Ut?57x@{0Z;k<8 zr3qyTkXAmOz!E@8s~n}(1zg}8U?4$SbSx&6sZ0|p%!mcm#`0xw*!EZ;z5bsoUGcG38EsvYFrb(Y;+X=VcT(MqF6Y$9u z*v%Yl9&k<3jjl%uQm5!cD#ETb90vDMC|n;C43j$vR+=NXsCBre(l@A>1ZQwKcOa6n9Z5 z@}zlLsK+~2WYZX$j>@#hpHDeh4~ppLlo=FIdGW6TzacX=hQoWeDKovcuwG=g9zl@V zW;l9n;Su;EW#-?gN!IDqCQXW*PBAGydn1q$aLQ5OqXM@I+y>~yoz<@34*0ARCvNv| z2fSK|lXpt|F}i^bfRs4if0+_z03}Y>B5|e*Nu0%MiI>(A4-twh4!#ey z7<%F^O7i19F$C}S{{gqfV<6%~5g=cb?ITYhuAJ5LWh2LAGk&T!2Pi)NgWx(obZ*A; zc*ldt?s=shCi=o>vH^p>n@(UCAPxF8klwjrc0Z}G=5#EQV-mxfXOs>VHvz?&*FQ_9 zk{hh$AeagLh0ZX!*!^>H>g9Jr=Y7b8BYgjyOK~Rsh_u;L2tq}lhEvK_Q@NV!b&S2h zMSHTZ?S?}b*8zAR!uz|@?&uusd5Q6k!vTo2g0u&4EC3%`t6YDzZz8xYN(!>M6QjZ{ zEIECR)#8#{cpnO?lY=TV9*#0e6T=i5P0Ym+F^ard#JJ{-doIZ~KZUiQZeR}}KZR9^ zjXVY)M*`08V9~X-G7}*iZsN&^3m3^|PK!NPsb(sVp37HwBzwsglaxa`1kl00{0F_N{{aWdaHt(@)8mN>e+Jo9DUQ>Q~f%%RkoN;T?gZYxt*O(o@Pm12FdQnk4FPn*>!a zsY#-fobDu-2Wu|6Wjx$WCM^@4fU|1}&IFG%4nGT8ta(5PwGaH^2Et&CyR%j3V%}m6 z1pPAG=is~H_Br)MxP5+xzCSAMvk1)&`|=7G2cU@K&crIo*Cc)H^2$MllJuU{Kd7ktIlv*|k+7PRPXL z!}lHVVef|+%teZ&^l<2Y7#`z(4mKPo0r_+T%K$kEsDa|nE|*qh04D)-i&Bo5vv8(E zPRrr=lEF{xx$eAanN7qi^ONMotdy(6jJ+T%8*gXB`?N}q5_)Fq4)*Zl z=Ep<$&xS5opUn<{b{79-pu=0JZ}n%>5$WE$ZZ42|TQwV}wUV~$mOTDmM-awF+ z3w>r6+l;bt92pc!q7KT(*HmKA9Ca&C#a&)eIpt|ibqpV#A!BN!`7Xe!W;mz*hTzgy z5UV#9QM0RHS7!DYun_ITC#=x>)`NAqKw$$teENC>9z&q40&h=!lWyQNS;Fn9*HWNA z2$u}t?WuH&Qt%!^-=@xV$Y~?9q{YR<2rdzWCx{tP6>L>ejT$CI$+VhhG<>DOnkJV8 z)(w^M7I65QMz9>9jw8V{MeArzec+fPnYw{{Oxb$awr|~iNm7Jv$jch3k3=_hgLT3K zb67V@juO@lzN_J{8U77W5x%pr_Ul@p-vZiw_!sZj(?NR>e@nk+`4;_&Qs^yeyXemu z1VMk^hGW&dDU7eQKo=rjBEfJpoN4uf!N&*l3(EO2%=3Y>QriM;hC(<~Bm_V?%n z-U8&D9Z#DXXP2N_IB^ORrtNer(q<~;Luu2@V#Y~!ptM$jkQ5;h{i!QZb#zl8EERM6 zu$dK}Bu8r$)69nY>h%5LzPkQpv+3j1>mMnzuQF?k4RwiK-XU%MK7!EJn3%Dx<^EaB z&+x$dp+HR1;QtuV+Z!!u^qR{WQ9t-FFEk=1aHtyQe$t4w(1^Tio>a6T9ZL%`NvH+O zp#`yoAlXQIw4^kLOuob9P!ojieVYDY=vjy5TI%XixYCtl3hdIS2tr-IgoC;^#dp8p zv#$AmLEN(DtH+ZpJp33_gKrQ)>m7Zj-NNl5%6kCKQx`{ACC`*7oP=M4E|1gDn&jP! z@E`;2ekmq03Q0N&eRltOK(713B=SDSp)`U?_5jI6sU*t5;f(lc!w_Pjl*S-vouh;c zj1Etk_2}l44U69*N7M*+#(xE0ooQ~r2a^}OpL86`1k|e*a^bYBQ*pIW9?57jE$dWl zU7F1A=ms#O7n50=eJBQ9+wNxoO(tE-QyJ4CCwVHvml7{4el<*}=0_e##gg)iesZXy zUNk)1?bQfpK*_Vj!8chT?hvY1F%s}8DPt=;L%5V7G4xUfrbrZNu_+Qs5q(#tNK#XY zZgx!8He!lYa+Hwb-Y^0U0r-{dY~7#u}whh zfWO7Yk}XSLh*BMp7Vpy0INu`(&H4iztBw6E^bi;P2|-%d=`(HY@JRjo5ka{1(`7t! zxNxh+A7X4baRlVk`(_ymVRg5_V~nmWoYSSB=>{$Ua=Mg3RngNW25`DWwRx$ zk9Rv_)HdfzYu^sr-)GO8Vu@2f6ou?BGj@1)FcoBu=jS&dN1RE493BG^a@Yw6a*%IQ z?SdbxSb$ixe?pKa0eyAQKB>Ol@X9@_Ptn8X*aHu4JLIwmb7RBqr5kt}kPTaxCU_*4 zSb(!t=@zA&Fk6+0kj;KLXw?I7qV-i_-%6_*-)5AoB})ua2N6jxiG<1cTrsG4Hk225 zacbG7kWD5d4(}lemiiw?{U4Y59|jS%eHIStpT+ynkHByD9|Z*RoFLBwTIEO~6Ea8LU1{6jqK=V+P;_RDiB!Lc?^(iBm$1 zLJj{7SJB`~z8c2uTk^ah0~lXC{y#hx3Ep0^U#HQ9^#cLosMLA&#lViZZSPl}Ng zVfN(XVNx-PZkjz-4j&8?MVE6}B}Xxp-h2)?gJzh8@r3W}tz%Rn=$k;l3-sb+R1Rp| zH)*_}Xasi`~LMIRpNTZTTMOY?^zyJtA z+nY;k;s!ntxZ96&)K?CMWiO9Rd_$xszK1%=nD#zAZ2k}68lM&>18DvVbOP8iCe4q1 z0AkZgMcdOUN_pFCdnQ39XORhQx;$@5Hj*CwW)woSO%Icex5QzazV}#Y{9>_|cf&5W zjlzZ=v`<9@p?xaBvFhm0;b(^G2+}%ApJ_JPOYHv2pk&wYj-|{-sFB9Kjo~dF?Zp{~ z47{-Hi%@;{P|i89ofL(y$6bO|#Hu&WVj{iWpU!-T(t2RwikgpA@kF<=mgV+28G`e@ zRS~VueMSu6)qwllVFA!?Q2??rKqR1FK(mT=Y}v0tH*gJLBDU-|0efe6N-Y?`E&FsW zVqiLKa-|rOJQ*p)3igmIEP)v7lWdz}lW&qDI)+TXg`0qc86AThVe&0P75i0k6jQ*a z{o*=C9OT#uf2;lCItJzpa*m|9{Td4T-S}JV7fZM3Mzq4m4b>jejSo?C=*CBIxTo)K zJV?W9UHK+{g;i}!P_Y&3z$eUw=hM8fKsa`+A5#~Fr|zF300JvMJMnzAgymx(LJdK17HE@ z6s5dxS^%a(KHtFcwxIPrJ1kV`7XP2?{FBuATd>9tlzP9Thh6V`c<_A0Z#hb(G5NRv zl2L0+KAN%C`yep8p8=eF&@D7QTgsp_HoG&_B6}u)7Wu-3NUyKWdIk1+ z3KsoEN6>++k4#jXh`uM^Koh97bC>aa;s%`o-5_afuyjdX zvDn~6FltmR*6wY=it%9<*CnxH=uC7iT~aC*8}5=xQ5jXNeUkDl-X{~HI4H*11JnY{ z%&i@hq==3w+jNCHiEegGHa#}!hC61-QH+jh_Dh%q^&8}bW2h1R68BNc`LH)j=$Cjs zrm&~n+AmqS(J$-eD7SLu`Y}p|_BwPeW6R#cNzY#HB>5eYYnMPWHyoJzBA!OS#>Rp_ z5IvaV!qfu$BF2mB2u=_;C73O4KnHtULOR$NLCpIXOOZVm+!ukfBcZ%-52)ldMO;S^ zcZ~v%3gUW6xG6zg2nsi#qj_8DJc;Q%O*XNv;Z#o}@BLzbrlZ1s>_>^pehf9$PtfMR z2yBaID7I}xC7T-p?gvG0gGiPg5aA6H5*Hg6qH=J7S&ZzSu={5)`g<5jO1XVSsG6@m z-VM2Zm*_nMvfHOTXxrA{HuhZ2(4G6bU2HP5`iYxHw7A;hX{IZPoMexiTBHtt$x3(bGhvOat%blc66k=n)l1( zjO%*y=>}#2a$Tn%ll=f!vooBs6|Qdmk09wGC4QiFJm{ZX4lXU z{kEAAB213FZ5Ea!v1xM1R>a%plB1Y!6iu7c85P)pKh}oi{!p!Vvd2@s2U-&3Q+yuI zb#uH}QkJ;@OSimFbgH)yeo*AP06~!JA~;&E55RZ1TyF`>bul7nxzcA2#Ph(7xe)ar z=+<}8rK9CFZmRElbW$yU?A}MD9PAQ}`MX!pe2pS2P~75XS%D(g+~Sr;H?RY`m+oXwEoa%+6BCyrd_~k z0uZsWpFvmoewr-cF$g;XpbHNH@-e6_bzvQ2{~jZ1-E;er#t%i?0GPVg=CY+aph7 zHVl@s{%5C$Ces0r@wSS^()g~S8^HDqF}_eObNzz>G`@6;Qt*CG?*(Bx zB8zm9#Rd?I$zq?#A{xbsEMn+k3zmY%kOhmSEH=^&tOMjg*e)y!22d7si&D;;vS2#o zR2n%!7Eg*Sc2gGEjb_S%Y+gwg47*$w!c9QJjI}6o1X;wP94(8Iqj6pD7ERHPij#Q4sMNAV9QtXlE^UEj=j` zNkF0UpqB^_*JqO88tXGG8-{5+oxo;58m9JP!^8j>COSnaI1a1322&xQWaQ)B3Nf%Z zU@Ai9!c&pR-oUU33CJu&ikEa|Zy*nlV%RX19K~FbzSUjK5$h)cykB89%{$Y*-_lbrCxwqZI}n*4;KjZQUUd8-QN;0KPen}a`3`*n zKB*303fiHL+u^N%boeTUSEBH_XE2QW5z5$yO)D{#qZ`@nwe4QK#n14jB8_hxCL77V zG+PJJf64zOu}(vfEboq~)g`Zh9D^^`(>0h!WMXxz z2wOCmg~N9Zu$mcedzwz8BfEwP<_J9|_OtUEYZuz?6myOWo`zF9CRN^{JJdz!|54F@ z1aqzDRXC{sFszkug5+jlAfFI;67Xt2jmP|GWGaD8eC7rijZ8->^&Aw6)qVuf$k4TX z8jtBfo^=;ubCy(_`Y8az0+7~Aek4Xv_`Y) zrp7|#dVJ78ThEfCgunZDLq${-KkgmoJ4e2kvCQe%Dxq%x@($_J2!Bp==3VF#l;eFk z&>0-h!H+9)_?$%hVskU* zY79pEUJFr{a#j8_tD_UeV0(7N?u3grDP*{xq}OUxU$Y(ZPnGVI>DCoSN_we;n@|;C|qA@1^c<7Mr>azCL!m#_OUpAFPT{y#^q^IiJv3N(1(_U zaooknVuWdLYw@-Lga%v>=UgLhu>8A-sou7TR~vV-!Aa9d_pOl8KoM_lvJbY7RXi|KJswkx!8Xccr*IhuDQDRMvAXYV}3mF<2`ixgsphoBI z#t<#TDD^zbe?iJ;40M|MXmr>|mn*H_M0`U$B`7KV-4Pn`;}$#md(xjKMWuzx)M2_?FtOXua@j2;sf8tn zr|#-h%8dEcF0Y%=M76H+JEAX!>WPLeYxlDuw62!IWJc;4laZ8~QxC;Z|JW2k0{C$) zbWD(3z@JG!tLx&-r5DQ#H*{~HMnm^ui0E#V8jtc{lJXe=4bcmk8139e+F26fLNf#h z`vG8Ku0I^RpNMw=fYH=$JVgpE3$)-s#z_k@wKSb%qtoDIOH7@8(lCr=X&6DJPqAHI z4)LYig?xwGMKY9j=?Ruuf3hAVfWJ5WF9xE2qW=1 z6YucUE5ZjuQR{BVEIf{I`=s?Z6$q{tLsX0-*c+wos$^{U4+A-P8vvT{b~w0vOyF=p z?+5@sW2Sna##}*$f_?B%bN9oo+g^qQ$tgN`2h(u}GdWLmVBM}OM}$}w=w~1vbm&+v z)nH2Gbr5+O;}*F*i|4sCZzym$t zrRA(c%jq41@H){hN01tj(W?x;F~$f&ubWuLRxD;5@?yA-UJXWyn8UjUmRVXC;nLu1 zNnoBX`4$w%L+r7IEoU{vcw5FNHdn}Mi#{oDHyNKKghm_V6aAL)NuwNmE*qaHUk)*h z5+0v4W{yvSMT}43*fKu-ZFF;d!W_@2lVyAgRna;=iLivD5^JiNm7zFte9{uX3pIgx z7|V+B-P%IDV>~5glZ0;E8DfA<_#>;M3r#%+D)u^D>kqezpl9BV=&%cENH0B#$K9}lBX@o5!fmw;L=x)SE=zl=mjF8xmsJ4f-v1L!%|y4K@$$2BU=ShQ>_0Ay|an z2*(z?@wd@UyYX76P8PetR+lPT?FKun=BUJ)8bPe8wi{Sv!%KY{i%FpId6wU(ZwI$L z)~M`$Qe)&H)D2oG{2>;VV)+v%y|y}s@03kO{14PQ+-!IseaMjS#qFw|vNynP2K?+e z1!-@g{j^QJk-_UyKbD1)MYo_6#=1LVJCa0t5bg#1Q)AB7MpVqB84pHi3LKBs2$3Mu zyV4%m6Jm*cnE)fkB8XpG0i_HfrYf zcK|N0KUTp&H|LWXrXGx>gY^7ky5w4Ch}+*9A({4-kN_jlK+=xtl9Dc?2U zkA(I>e_(vq+=GMIXfo$#00%L;ma}_I2kktDvGH74ytTsDepoio)(H=K2uThSX_n6_ zgsWK>>pHAs2Ifz!Rub@VC2$)0S&q1W&pS6u{tfTE?dNKEhg>N?Z$GdRd#*P}a>@uV za;#ggNQ!s^fqqw{i^mO#2-K;}7ZGel9I!slwz>8nV|u)Wh)COIo(FM@w0tM&R0DW-) zfA@5y4_L4`ESJxe7Tg7duaIu0?k!b(vXU+2B}WMf$tLfNTB<2~%(E5E)S^Oj=#Nt;KM1`uV%8DuTo>(p zM%wuRg3wg^;7B|Bx50;Y7B}|nmqt5p0ads2EL2Cgb8oYq_ao5v1_0-#sor;tKI6qI zueKgo$2DJ`vOF$T&qg*l9SDp|)wi&v`Edzs{Xqbis_7P`3^!LbnGVAZ7O-P*|C9GA zpxmH{rBO13cC$7)NfAvh@9CsyiEcJIi^r?W=I!v#*9ocHjY4gH6hUb7!*EJ!a~zHn-43_;0_39G94`s9Za<5}IHm~b zTZquBXnB^(mVW@z?SVtU*z!HYEzbb9JY7r6GhN9oPqvD+JV}?gyc8XfFykFHi;rme zlB1X{Z?^k_!f?Ce%xkFKKm0D#?#$WJ?rxs(XQrM zo1=mcf~a3q(`O8l&7Xu+j0AYIhoeVKE4T3I?S)2|0~-r0S4`m|W0a;ZRdV|mGl|?Y z<@V>%kDCbOz|0aL7-sNlMRq&8lW{^22k_3ztM7*x$j85>^zenv!|)iJ5m+ZmH6J9q zzKjb}?M11|Gmf7Dlq%h#lt0Y=#B|7MIjGo-uz*bB9Fo4XDmr{8Q*`)BCU!RrN^Fy2 zgAz#*LYF~FIFsmRcjM(?7>!mSy6$czNAY+I5JT=|N1H3WmXmKbwTB$7`}FI9UK6xF z_!l2*27|_jam#x+7Vhw_WX}5hGxz4bEqcLQ$DkK8;QXCltU_9?7xbBW!3i=``!*s}rn!`f?#dHURg@_;*p27bB{TS7;zeSFS zvgL{$5hW=?d*q0ya2Jp;!(@;{Y(x)hPsvdX?ZF%d&&B*vf9gQioJ1DaA1skv?cO{V zZ_yv8%zxey{mI5gZ0HX+f*blX6)!G}@4OC9M7Y);`b_=dW0~782`a;O7@M)({%Ob} zVl%eg&mHEbW=H}wtYt^G+n>uc?~2h_BjUllcr86N8tdROj0PE|(U?S6?^K7;Ku5|r zD|385186kp7Nr!KMuX{)(+1=Oqfvwwkv-qh;XU8c);-??sXeT#F(cB|Ou*S;z4cpf zF=K=X`OExBSd_%3_23qIj5d#;aBV$Gj^godL=5zCtNhQQk-1;jx;K;dBNnt4_!qYy z?Lfnv#A-iSyu-Um=gnud2N161&)xZu{}ecXC;uSAwfyNb<-asi{f)WG} z{C`CW$TgKa;SVv;TwyD$}yFr(Y^ zltYBrOO6r}dxYFSMMbc^?6Q83QCgm9ip#w@=v=3?j2kRJB=>f`yFxV(0l!%MCpNCv zpkAW}jWV%###=YX0)DX3rmEp>P-kogx$_0Auk{|EJ^G$eIgIi6SiAZNcBxw5-fHoF zyWBHh?Z&=cIv{Kv@W{+?xt0czPwY%Zukid zV-9-M(m=wRgVrO59#bo?b*b1}2~Q5Jf83?I4`j|;w`IWy^&gPG#HH>*xh}P4 zFk!`Eq`$nG@ccl5eF%FGA>1`7Yf_AQIpzdbM|Q`P@?H!nHM&rM)mAft5=MAY5$47aVlkJzv(XZ#^hsTVpQGrC;G;yQT?edPR9ErwRzP5;j^hp;D4-P-N)HQR5lfB7AN~s#NuP>327#sugirlTuZ`Si&I!*MkzH-rYbBI~`_=wH!}A59Y8v$CoBQ zwFa{V?inx;1J}Gk11H3&)*Z-g2HM%B+9Z682lOK|sRP%}BAjtQ;mfzi0yZ4LvrO_v%gT+I_5IB|r0-ZhzNzZ%0srUz|Ex#nEcNG$j z??m{~RKn-83BTN*zvNT9*1EUR7hLM#LiUuW;7?Qq@S~Nc5w;W9Zz}ouBXDdCZiWz@ z`Ap#TeriPpz^1l%ylboG(0P`V{&oL6^7%?G)9w=39KFw_K88O=U3aKfFZAy2?1?M) zvtF+~Lrvbcj`TZXne*Jc7=OfELi<4l>y+XnT#4Qtqh47c`oD+d-MZRyPdNcdi)vo*5zyH|I$a8*PSp2w$Y_#N^30MPyeku z3D@PZZBHlBUyw_En=kQep%=udKXR!9J=!yL$>2(m%Uv^n4aTXLp!0Fc4jp!>V-kPw z9>xjmsf>x8eb%oS%Xj7z){wLb5~tn+3>_;xyz>CdZ2`@JEc&v=vZNhaiUl|z{B+A> zp1*d#fciS-6OP_VxMm%7ax|nIqZ;-njGjvgel7Z0QOkN3<#l>0;p2S?53VPyDJ}V6 z3Ugj0@Hf~rm+IA-yq)Pzu0Boq`G`vmn?$&OmGs1otLM(;z1WXauFN;|j#I&TY z%4NDu(S5VjwZNtWJG*)xuv)5xq+tJYCc$+E!a}<`b`;gX~sdWw@7M z&b>u_YS|j9k%ARIS=1*1*j<990lP)DRG46)gkMS*^~qAL)GR6ePV~ks++Y5X#IzkM z>NC!Ey+X%82_p^@Yp3`oJ6??%Skz}UzVuKa*lk0Jbx^A$&m&`*OGmX&p( z@oK>k#_Xc@DGy4&h_UyK>Z*7$IbK!3sGMLMfDHh-z-|%FZk5x6@hX549#umX=cDoJ z+^xihsV@W@1#C31^Mc(jCETXI7Hsrj#vCs1?c&v=5_X6BMZ%JW>ydH~c)W^5%+cyj z`67M1`gIVo(dtiWmz4Re!x&X0*t(q>yCk)Zi`7^RWErojB@nw;?uw6B8Zgl8sd!RXb*rebAg9XOpGQ`84DReUFxShwyP z8zfi@0~;*qMy=85ZWUg71~oQ9Izg~}QJ)~bzmp>|(>F0}v3#33UM(A6)aN%~LCJGm zfFysc@4(3?me52b_7u(+5Zfy4`INdO*ii#3V`o?kX|tzPO~I;Qc9*60 z$hWQHRdGcD zJ*0#9B)g>%b_K;dX2XoS7RiX zg_v=lQODIih>7z=Yijk%Qm?9j#2j>t*a?*@xfHA>_NKyjw@`ZdL#y(~+1^x(B`oLR zRrw5iNU)n%6FZ}p3D$6v##Rc}+z4AG*w!^VY_*gZJ8xC~e56}rw}H<+C?N}98hAv) zRy{)O9kpGsk%GOe9uw@n#~AjW+9lXN2|K3_2=>(mhJC1>5p2yyVjn5qB@(YnOU#ee zQNcbH>=U{BAYMH!F+WwuCG2j&K2!KiE7ILBF+W$Y2v$MDzEGzG8zk75>J7oZ70%A9 zw*NOsx*nYYyYbJtvDZDPO!S0 zS%-_NqQuOS_PnUlC2XOTcTrUrtS?&d2FFEJ1CQMCYPE#@sp<%}bp5LQ{q|VfD2aJ+ zEb}a58!LIfFC~<-&3D+qiw~S-scV3dv#bY*RkH1obWtMrO1Axy=Nu`alI5b)RfsYCC{DaiQY`hCOUMj4-Tz^r_T6 zsMgzFmUIKkGwcyy}}_hE*;Yx_a4c?HBiuw4}FtM0@;wz-_F!`A-9zOW@ZDWm&m z5<71z>tyRTd6ap6ZL26@T_-W@N1Io$Kk|tEV#CrO(v`_4cG1>KumzIm@3yvr1^ZQ7 z^^E;bTSvhfFJjEUY+WRmj~^yhWa}Z=xFy8w_AJ2;&m-or-|FP-DfbvLr+tKQR;n{O zbJ|Bq%uPEOHqyS%$+o^8bHyw*%KnJcfpoaq6ZY#K`$oYy5zK-u-7Hvr!GiWj1;dsp zgiWir7`9b`#xMQ9IyJ!WX$FE1J0Si4hpu?egrXE*Q=?BA1Q!v(6aQb|EH-XVez^hZ0ssINN6bT(BPLjQNE9OTnfHw%h)l zVA0rmbw=&6|Lk;vm(MXJ?xhaef03|mQujml-vk>5DV~8v{vDW7-*!?es9v@IDRo~Q zU);5~hC-x}8Mhf<&-6dEC*7(k- z@9ZAI7D@~LWRG!C4xL|M3BTE6C9D$Uenwri$GO7tyJU}-u+Q3`bSLI!G>= zj_QJa1Nog%%^WoayIFE+yg3T5kJmMH9Sbr(K(2--o zUUf_mUXluxde{ECW0GL=9$+qSIHp)Q`^YiJ#lGT(mP6|t^98$JWb~;<&^8TGAWonRXU``)oxc;WHfEcJt9hie8( zZ&jYy&yHPE2W*^1y8js114+dGa6BPl--*uKqjp>B5EHdW!v2)rSUPIIU{fSr*{Fkp z9hFw98g)ppd7^c-qMjA(dC}I)sH1`SBy4EZ zOM(?iuNocoieL{*o)e=^2=1ZyBAxXOM;t&ch**cjn@ zXVlw*U6Asgih5VDL!uK0qTUzmj9`bO&I#rfJ$o+dW5MjwW-mp3D%kCk%c-c(1v@Ei zeJ1Kl!RkxQ_oKcNY`4VxH0m3{aMBZ;eINCmU<;*$|3qC7>_fr+jQUZqOM*o?e-`W} zscjkOFM@q9?UL&JRj|#HXGP~l!AeWIn$AB2Ya{)=f%7jHrrYYp``A~SJ1<%Er4=yR z&rHl-Au(XHfWdujCg$w?5CwnH`Kts z5p5lArpsg42m|X?Kx_=Ku-)|&17`slou)b+ZenipZFSz53aB9#@+GJ@SBEw~n+ZDO7&BEL<}BwU*suLk5`XCB7v6gMUYY9{I)RF65! zx@kY_g6mn17Y*#;MZ{imR&>umF1k0q>a6UZftVjpXN^t(qs{8qp1GWGrb~J6A*{3W z6tEbgs?4e1PPwK17j`(YpUi`)3UrR_)%LxCI6b-~u?4D9KRsMR)^p@*dBJGRUv5r3o z+|z)RKU%j$d?oPK7UcY;*6&ruWpa>yx=It6kX?`4AU1CT{GfU>z?e~l=MSs|>@)f# zOmm0l?<{RoGxk-D%T%6c&L^a+I)FCy^@{6JN@3hhfD@Jv@6aA zqq8T&6y}KbUY_TRjZWIloZpw+G$pDrwZ*Fcx97Dj%RG-E&qo5i%J$4%3+;k_KDYqw zQv)zlo!+wu{vQ{S@}9s#K%07g+7g5w+RS#-oZQ=*ZjiOlT=NIzY5Z%KLS(Ek}MInM-DKk3`432L~&3hG<%8P30F?!cQV zos+OCJ#+WZ%8yD_o7?|5HC4U2jqu(bzW~0lg|O@KUr?i8@_z>$R@F8wUH$Yt>wanb zBIK#{?X$IR(0>uA>$Pt;b#ld%v7o=WK4F?oZAOXd>csB)PMca>D;1ROfVwZhhK%<^ zpI;Swo^xG&XV2V}y;TtB+Z&kA{Ko7fbFZrb%JZ$*$CKNzg%fTdJ*!ni&<|bTEY=~V zB&g$0HJR2k_Z`$LQ(ZXFa$4`)Y{pB=kw6(uOHv8;AzhtX$vW0(Gyr+lZFei+pvDt2 z%w9jH+JI^Oa_e;^oYjG_V-{fxp*#eNO?}#SZF@6*+pb9&{c=}yNXoFO*ld>AU>w_| zR!^3DaUbFPdpJ6<si<^ zU2VOKIX^G{1Movnx{O7fH|Np+;EjZjt|biirKGMw`)8^hun#5=lRJ(>DN*wYw{9bR zXaf1Xni_oq9kZ!lWp+`%E&WUC6Ydtsn)b|n7uK?8?wx42p1IcnrmK&xPiq8z>Zdg_ zd3dYpER;K@8e#eX!j4&l4^5ag&5Sd)*C_gHG3y0Yp2jso$I)^ai(hD zd?RAsEAV}RqneSjQT(L@o)OA=fybLNw4wNahd)Uj^z94r|LeBr!1+j6af~mc8(*)7lfd_>$MEv{2KS=z0#Q%uE zwF0jZ`W*td3+1rD+k{dUuxIY670kIdENbuEDNe!zPY{kkFX)~7960Qq+wdScnS>cp z@7%5ehY2i)9??5@qs*H6pk6(5pBhGZhrmUEnQDIR9%!Fx0tWy>hugdW*tx~p_LwtZ z+`(L>1vNzH(CSX+Pzx|q^}jwAX`2Ds)CK4j``T;p&lX5cv#Du~*k@Z|1jl$G{>&TR zN1TsZF?4ZD!mZLP=Lz(+b4-$U*a<=kwzlJF#qD zzhw+yJYc%|ymcAC+D*%WazN(ry>6%kif*Ms;qW_wW2MD1#otr>$)m{mq}vFaiCmr* zf40yc8ZNaHxLM$Qp|6lQLxl34_{&P3e~7=H#Ho$e=$Tta;6;h~y!daqo%A*0e@s$! zl+ag&pN^9DjKtY5Fkhfw;9mmY5uN#2U>lvMlv_(+lH^uhVjd9xD#>}2P-cmLr@%WP zwM_MG<7&B?s%cxoO5)GIp8m&M61J^F*s&eqa`885L;nx;2~P?v(}4bgLcd4i3>Nwe z;{UJ_Lx*@}*0eS0yXq0n5ja3#rogua z&dXrv;{r!X{-uS7_k?m$;w+a^21>cpBB)_0ol zTFhaZsBg-4&rMZNI`Fg;Dt8q8EU_l`J8r>FniugL7Y-eZQ1>JcD1`;%;QxB^L|B71 z@mtaFj=3kG2R)O>as1PyEmN8Q6y$Gt6C?u@iR5rGD&ls1$ZO_9iSWIEp8= zxcPS@Pd-(p%M(_(Mne(5u;6Y$)&=`$(`n!8$G2?B8chPEL~QEKCw5uI0~h^b|#C2LBmL%VRCTM(agldEuiJSWC)K|3FFdxqK6 zlZh9Ggh%k9Q~CTw7zhx?0j8^W2HY_iu+ySeeCp{{HnNn$f*s(ebT&1FbvI?Yw9Fl% zKb~RX_)j3Fj&F^5%x&d-4^E2y7&7wng4W?2!l7j*oWDXG*8Ru8L6l|YV9h@q z8ks|fb|uwL^I2GMBqBFz=5f)?mjUOwUq-0e@0fpK!MhRh|9xn2-b%_L+=gcVEi<8Z zGRB}X=OEu%iAgt5%ID$V5nsFo3JZ=UMat{_GT*cfr#b}xj`-_u2$##2*Qv}_EiM-w z8p(OdaWv=TwqzO6hUhqT@%$T(Goe^J>o{RqV~5{v=2=)U5AASGJo_EBi*>Q;A!THy zH6?YmX>~iyLk?O?b%|!1SliheldWAmX1Z!qaTcDMZxUE;44Uv6wt>FB|3=y~9|)t=cnndcWL# z`v~9KL)hhB!Y7_jMTyi9TO`ces~0lj8j-p#R%174LPy) zDLoR^K%C+u5qeOo+SAk3%{Mj%oYkp0U@3W;@U?FP|KkN*sc2W&e!5NFCUE`K&hYao z*rt3dZ-Rg8PR{USvIsxIlO}7_AFcYCZ7_1UrQ3hIrmIa4R_~Usw3fQMj{@EF_ps1c zg#0fos3*FNl&)vbX$e~4FZ79RhVN#+Vqpeo!67nhAoiTM< z-FHfA6P99)`A<2=-EYR9`7HCFb40lEh0D@XxV)yUW4L{;3FV_X{3qEpE-}7t)hSpL zE4gjE-d}Rt-W;DNm8RLXt%T+O|nPtOBZw)W9s~MeCwDVX~(Qqq9STh5?2i@wObV8+*;O&ZL2^xwX2M! zrYHUf@h{K0@c}+1g?ZDn6q_<-RJqF>kcgg}uXwxvn4RCjY}qjPuz&jMJ>@ zc)&gaFK^XjZfn}GUTG=lvL5f86q2CHRfPfUk9Q4-)DWvq{%tB_M)YA^6|BeBPN_02 zRZZS~ANbr-&=9tI3uX>3^-YClvHfzN#LTT-I2_;u3Eh><*ehgt}_xg80Q z781U7fcdAuDuVxq2&)OaX*vDBJxa)T1if?5&0Yi86PBTOZmPgcfv4{#VSE(;^k8 zn3h2-4BFOA6={nuvolwWd0CIRs+j9S+(wqW3v`piqgRM?+7d_GH`XyPpYyuN+&)3e zoay-E409%5Yw~|*^vk_=7~#NY2zSmVTq6E)J?WpeT|&nb&hJimsutmcDTHxl2u~*w z9+S{#@20<|Ntr0{ARoxUKY4)z(&#PgOh1+<|Lbj=6{8=?PES z-NW(ABW+3 zXX(8GZR*uBgn5Zfb<8~*kTNy%DJh4uf0M&MrTxBG+HcB`H&csBu0^|57lxEvm*TnU ze)PGlg)(Q>$T}yt=Ffc{Y$dks_h=2Rjp0-_H76l=s7*PNW&xV@((?h9t7C@aglnN! zu9&B8=L52)r}NkIf4!#kZW8MiIgiz8PeHPgy~A3I8?bq_u;B7I)-|GV9P2ugIkH$| zs-Da(4v^f2N6$gGg=-X!qjjlxOgw8>U4V7Ym$C>u3f#Pp{xQ`E(+3b{2y70k+b?$` zEKk4O)-o`tn;-7sZ{oTaBYAyX2#GiwA$Nh4bihpuP@*FjvaO*b0!(FYqT2Fdq zYrx3XXa|a^&*3;)2a3nMr3yCRso9=uZu(83S8A+m-@GBv%{v7vR25gPu4GrM4eZAo z*E=2R83ViRZimC6?AYRjT#yd;;i#AhEHQ-5pBbfUhp=y)Q3}iYMmmOd4q>=ONA(Y3 z@xVrE%=2?+hr_AvF|f50iA^-HEfeE$nienlj6CBN&J|nIxmCU;om;K3q;sn+p>!!Y zvT?`=i$3OX#Hiy2*0w6K69zW97qK%2c7HGIidE+fEOooXQA&MbVCmcAapw1efmK8< zvFcX?t6ddmN0q87TzjVa9gfnK(#X z&rDXML)fO7scN>yJRSQw9Ocv^1It_X*vxV&-@p#`DxX+Rtue3;Js5Mdfqi!~v7H8X z&op9t4Jjc%?O+M*vdHpRi~!TW#(g#&6%o( zg|MS@a#cYHduPrJwM{Vghi6^0)Qf@@dj1;uxtgtBF|a|yegpQ7#?*-ZE1k2|M+U}T zHCvq*Y=*j_3$dtcS-S3HvsFvM3O$#ecpB;28(66)4*}~g*fEtoCk1zh4l*!1uz6~X zf!#6ZGv@+zpMgEI;+r`SsJRB#Z%(1>LG_4%RR*?LJz-#fZuoUho;oa8p=Sm(IZqWD z*fMBxo;sy5#X2le-x}EW{jp<3eQ(6{Ji6YwME%#mYV~8xA_F@!@i&CIysT}Z=gWyd z0*f~=miLgVZ(uC%A=O&2+3HPvziz4OWMD1&#p9Im%?5Vx$#0zb>edj36U+FVuauz3 z*>ZKi5ym!Ku9k%```iMx!@$^rtJJ509aC(jHR?wLW4o+XRcbNMV~VZ2R&_Tpw(fd0 zMzB1!eMRZHkElt4X=!d$4+>VOChy%9y;0>G*p$tW0$XQb%`2zP-K0JhEKk+!UuEuQ z^@CtKmo4hI2u!Za6n%-uY3Q=G$r)p&s7KW*!SYnrbJxz@rp9J4EKiMj?seC8wNS9x z>cZYSbGNILf)(1vR6FF{p*{^^jpjb49Ces(x(beOG_&#>X}NHn(bDd1)Hw=0o$Wi8CadWZfh^VE@vx6D1D0tR+>r2%uFQ5yv- zRKa^4o@dp6>g$+U_ueu0h_W>hO#1Cn)j%-aE=N`C5EieFs&0Z6D%R*Zb$bYFH1~Nm zQ^!Qun7PN*<`8z@+!xiGg0Z&q=Dw=1X$e1F!fDkbggMn|HCbbxy2n<`eNE*V*!`2A zN_$OhGcfhkdgp8ENx`Oj5}tCZ*VO-E?>)e)D!zu_*?o2rAXF&{MY{AN0-|&Xy+c5% z^cZ@V2!w<{LMX`zp(H?hp-Bly6Oe=m66sQu7U@N$3Mj%|Yi9O72SH!|<=*>#&-1~v zC-a-NW@b&FUC!RSgzRKiymo>d5OkT*SxzK5L?S1Mjt~07FDP%p4;)XB7J|BDCC)oZ z`U_e#p$O=Z$L&FTG{R^V>LCR%;(aNf6vc_)Y?DuVDhOwk{8Ih*F_jR4GfF|}GeI~L6_(};!WpcH zv_cTh-bJM}K{!hllTI;;AnC*M%qu44av9VhJc%gXwkgNExb%z@Z5ne8-rgrQ!rUXs z@v@ylOGuuKqRIU(-GF>->J#cE#o07Cw4_uNUjRu^b987K>6A^=L(5AU_%aeE3k!Wm z%4lp+OlVE%Y!iz%guW+LX$B-kkdOT`LmNwj1Z6Zo8roc%Cg^jZmQsYEo4((Lww5v& zMU$kp7ed=f*+@`^`@Wq*J4h#m=EoDS0Kw}>;9m%g{+pp4rP4P2652^>&nOUN8tEc= zwBVXw!Cttlw2)CY!JTneX^9}*HFuR_8S(u@Hz|$BgSxIdubZ@AXyOXgT{fGj@y(Q09s2M@dcljfc)xH%LM5oA-m*Lr}_kGu%KJ8Oih&h1x2OQsXj@XC@3za8oUqSGfpg(DN=|{o@9!& zNNAo|Rj2w?X{jx%My5(BLbfGDQKm^71hr0X{Pr|yo2^+qY?_oKWIuIQliSXwq}&2cDlvAGE>RjVAi!x8dR3jyAm$7AOrA6qo&8Sdetr zrWRpyB#*W{UPg-+VRNObf`+ea8x|_{6*Rw1x3KxrGC`Ni4+vW%?G^NF((tfI>5!oC z>>tf2>7<}SlgEZdOZOOsu$}R8sct*WkN1M*Qfr&~%gdz^oXCaY%L=ZLvIL#=b~KKW zinhmif#lZkCkmB~HN1T+!i06zqg-jv;xLjbMGKi<*=b>^ zQj#EC!_%Zqf-+-6!qTKef&ykc!qTN&K?VFm!q!U9IGJa*#B1v$&rWE|b+f|$Yh;~N zkrV9CD(UN_dV(VM4v{xV9R(He8zO%$4HI->cmsW-6vD}@Hf2wq%~GnMdQ&RtTcmA_ za?Q@^E67%9k07_@NkG{`Gd%r3o~=@@pe4&&%Uh-Ai~`B?{i{G$rZd{cj|F^tbYEmxkN)GS3d_Q?AKsey22t6KS^=o|KXnGQxH^ zA?=jX8S!@5DQyxmzq0-1ozh-G*bcj-96_0}L*!l3RY3u>{p8)!b3s^xd!#~Lc+F!w z?3Jnr!gkmzHRB}B^?NMumHG(s+uAtqK53+&_30YfFNKMC)uwbeGNrYG>P=~!H%mIk zD3A=<{%+oE=`kY*S)f({Vz1_6qaz_KTN>FFZOI}fdpvCRwKR?qUu6zSA&hVxD-3V$ zSivZej4ms|*YvU&@tyc#=`HxRscX+`m`U-5^`{V zPUO=&^S$Mw1CXG_#+fBb$yWvC@qRYHwA^GMmrdPfhL@AqF@hX?J;Te(V?Rb&1o4<# zKD@G=Cg@hH8sSys>Vuh#on_UO`!k9rmxq5-vZg%4rl#Sw2-cBCD2>T~p&_UkK27yVi<7$}qBm^<#|_UeP=5jOQ*@UdlC9xMaC-3$L^ z=fT{E$wfyXg+LjOG#e%l7F0RycC!)kL_t4$9ceaF-e=Q<1)s=;M)G*1*X?Gb$7#iV0j-S-YRqC+k&t}bL6Ky9@{g_kxPHV?4)=#ZH_#U6G<-FtLPkg zolPT)&Xw7#p`j*f&itfEm|WJMm#^l`ygu{g`iuf0-ot_mccmq=GzwEet49`ECRbv_d%;S%rXaL>rCeVS_JWmi6G3S8O4&yc_KB5pXGYj3 zY61las?nos!8kch&_%zH)`{{d9uIO)TaYZn>sR1k2(-%Q3sPhcL8RBg1#4t)TXufI zdbzSKd%R$i+(=MzNpoR_yi8EdnN=2Um$Ph{&%#}D=`lQqnlt?t?v>j!!aAF~aKF6K zruccSK94>sLf zcv8-_>4JGmzG2hjh2O~!1-+N~eBo)?V;trlP2S6VYtb3Gyr6*XwHKY0KeVaMqI0sZ zpuFt{F8W>$wrTvLALIp$uz&WK&&x@iSUn_^HO`r3-d{q!$1y>c%2|ONN1$S3E z+f*l{kdk53xDapUks!PZUO`zr(TaB?q_)y&5+}S0{(&+^5MBjuqAX?EwC2F7M@WhtX* zvTf_hMSYbdK^wgvE*hv@7Ibb%k;NkvuW6Vc?mX%)9;5gQs@hEnKL zu35WH!s5A#Kcfh;IQ5&wi4~MFNs!?IYFJl zm1ku=BVN19lq^Ot`rG}uc$rdnCeLqtyL*e5D+dLY&U~?Wh0=KzmzB=U6A`1Rftid7qL}QXLDQp%1(;dt`xRuR>W?ls!ib$`;>V$#YAK(aW=Qo1R5nPQI}OL>5%1+q63JEj7ZXwUH&%M4P^d zEUoSq^s-`RWH}W&Bm9ddFDrf*Sy^o&=)&-uku}s2Ha(22t;X7a0EygxBl3s(I(5 zCcjhBUG)-#XHq@Xl8mBh?KLO#9%^|`a6S2Q-5zRvn1OTt-VR_}no z(NPKNEI~%gDN%{)b4Ivo&xlG^7cJvu7*PHiS*tGPM5^^E475RzNB@OU>(zs{EGp`A z^*2GY#wSH>R`V@qsgV9#C9+k0PtfsB@D5+Kt)RFrTt_P!HJTNp`B|81X*1OTG3A-DMO_jn?NT3d8GXC;rl?)&?_5Sc8?&v{ zZne+~W+#+=ThwkfjS~%qvVWy+}pRooQyo!XWW@1LjDu8jD-y3^`Z5%1#m((}%! zn;ALC%WnOboK-I~iXhD+hAcU!-m_`klJC_GE73Au_Vem)Mh=p@KXA!;HF!1397K>Yu=Y2gyU7?Yi(Fe%DEg+Fuoj7z_Kv!S5x4V>y3Lm5c;8VEFv31x zBl@oT1DDYU<*vco_O1weQ7*^(XZ5b2>uC+6e^DO^`X#M75Lt)$R z)_mC^`hj|o5!$j>f2f}2M3+oclt-$%-m-JA{zxsviOC+TO&A5y9g#hwAFDpLW?!HT zE+d`37!mzUP20dyAr(qZiT+(xKj+jl+7bOi4QCWY>VB~%TGHBY=kV z<#nFLQto@ic(OE64ZYm(mt1X z1+`-?@d|0rUE&qeDsAKWVZ1_GcTOz7LfQ}^!~RlOTP$d12c+GMcn>M8W!driMiC<`LRz9_S- zxt6pa2{xgn>MZloyfQfjE$OkWqjr^15J~!C{Ic#^_XAwEx^(ce-dc{J2Yc5n8=y7% z8fBJ0%(LYg+F3yl4pd#SQ=9l5*Yx|M&x(CorPEwbES&KoYBgiM;Sc# zwykc=Ic*=KZ0W(?wlP0w!52`LEv+s+Am)nZagk}V@o-1;;>5=0UCqZuc31Otk^Q7$ zEJ!8Kfjx@iq|~E6ix0Lwd{HEPt#B=yvyT`~u!bcs9`CS`v8FNQE8uMJ+Xw&JK zKQt{DWjx*sEssqXVqR$PGs+_A@I;TKw-uBLPn^kmcSeCEed6^PMNbv7-EHp0X!J1dWGhN=?1Lpi^Vp7d7=^ zjL^;^5HHE5(y{LPuQpYS&8ru`VwI?VY<|75O@&Eey}eDXV&Bp|uUVR%VvFm?t|Q@2 zpkHiB{pwANM#q-bpWH&?PfS$RE8RxQmcr-FiLI*p+7uC6U7shYif>G8O})|`t~uB{ zJ+_uUQP9_^F|oDv@Vi_#tyFq!9sR7Jmc4H`tE+eZiOZII?~Z*}j}>&h^f$5f^m~HZ z9{3@)zJB#*u6gsojo5~I(O)0ZBbnNp_Ss?qu^L8%AYtQxOJF$yC4C-z!3Sy!KM z&08fuSv6hnEU4O&pj83-RY75;qgQ>V*MG`2EALsiYNo!AQ8e*e@a3vN{h&=pSIyRs z3C+1BPp=Bn%RS@q`px)t)f|1gpk?Foub!*N+T^`DR1f|QH8YjcB`d5B(;qPkB*xkf zs~72o{y9x&&b(G%y1yTh0pzDm)%k=Gx9OSL$!9e+5qRc^>C(d8JTyG?(z_iHK zD|C2V4E|**zeKKF9jhlY;xof4eLEu@0jaB3=}$P(J(<_wqggKnoz2YgUaeDjW*>So zP4`#e{okI995gU~!|FJF8>0~VbZiFD9zh=C_OFiDzZSG0<`0sf9~HDR=J@Ia{Vby( zIxO`XNz^Y3nx2~Dov7auv}l*2BKs!TcO##JB=+pX;+!P60q0bq|fx-2KJkHtAOxMUa4uvT-&9tHu^SX&E*J1rbLAY`q*1HJ8l`BW@F9=tz9DST1T)Dp0 zX9&WT>sviq5UyNDbePXs4!Ck1(Z6QI*MOt?F`EjLqxub-R>vLJ;nNNfFNDO6GE1D$ z^9rh3Volsh{VhRz_a9VG>7@l#n7S$MJH4_X-!8l2PV2P=1+4u#?u`DvptsL6CdCTXEm(Jq3MR@L}8!`ankbd{08j^Lmn?%ftVOyQuHBNsYgxN4fJh z>ebCXK3Cr-sC~DB@mKU(@M|=z>uOV$mAt0EFR0#>gp$|wmV(05i^bp6yE4i(yDWbj zXn>I6Qy({Ve<9oP)irWcpT=eI^i4v^n|hF-2zZM0wjLpL&k{0x9_1JPxRCXX{UH7q{gR-3vwh<4=|2lf9{EB11O2%m_r*QpAL?cv zEFXX3<)L1bQ8cOIdvw)9-H{(<4iYf*iu)ry*`^`!kM->~Nye}G4~(Mep#z&sJ<;z9 zn#br5M!fet(X|4YCSTv5=$?$SOwzOjX>G(p1ub}MG7vc*Wae_8wK8P=B+_Ysz zLJ4DF2_A1#X32z-##uqxrQb~`V|4biWW5r~83zT8YdbBWqA}H*%MN(WOQ>w*2-=uB zEuo5Wsw9{7D>W~nno+3~r_b8PCe$$22|DeSl2FSarMawU^wxwr#ymk4N_~~^u5n%v zTm?vY&zM+-YZfeZIibF>Ptc)~4-*;~9&dBmyhuHVJaaMdrwQF zJflE*ZA5d=mPTzs&qmzQS{hBbCbVr~(#q(`iDbg8=wl3F6hzJ!HcPZILKr#7$R0ft z+Zv1Pc>NRG8*z;IRk036qw<)0An84AXkterict`m*xEm_lc82XSv0vcY(ipZBaKlu z`L$O-VprpGC6q;wCOdzx)x*eBnUw)7lSnV4Fef^o`=Z2NhPR-`2bKVp7lbo(FQcX% zF9u{CZAwn;ZG0j$`|WHP-Pf4FD2UG3*&Haq*4&)f&+vH%bH{#Nt9E~*E29t!H(`~5 zMjt_WyLgg;#z;YHw=2pZW1OIj?Ve%t?}B&#ymk^Z`H`h#!^ApMuUyjf@Z_@ z-ND8NLD}$}>JVd_pi`aUtB=M3iz0R;4mG|NbUtD)(0M@vGZkf+aaE9CrY9L@JmLf; zYLb7r@m&>GyCia4`=TR^=ZyGM_#+InD#`-MhH-GG!YCx@>e!Ro2*aZq${b{HhhlLf zjNy#<4CZG{w8@kB8HK8&CQtJdVnW*TN~UUs|=Hq$6BsKC;)Ni&VN1z}y! zG~N+}wL8*M2-{(% zF-OpQ@C(YBMl>T_Wzgz4o2rAI_3L06P}VLf)bOZ>#A_nVsLCjUIJ)#q3Nt!#V*AMX z#&ky5>-r_lHxg|ck+je_Z&Q=}5k|H8yq2&gB8_(iVXuocJ`{xY;xJkX!d~YvItjvh zi86W#!d@3;3>1W=U1E%2#CzQmW1Ns-okbhd1Yxg>Hf9UL8eD3G3Bq2t)Nly$hU=Ki zj2J;xI(U+0Mv|c4G8ARGu}+ZZR!_3r*ea<0Rz+E1d@0BWWGjqpK~c>VCB`@+D6JWM zW6wAvCdjE0fZVMuHA3Nl98~?Eiqv z8iub-+F(3n6hg0OY)sl@{4QuhGbH6hRwC$i+knb5f?suJ?@QWZ)Mdm=lwmApgulf4 zIw`|AD`Z%{t;QdMuzcH$a*Z*~XzF(0NYXZ=x}YLJ+l@wyu1j9AXOngsyBGz*FVGcb zmysz5d&n*$hfxSE3+F()jZ=aez-qtSxFG05xR(Bvz zbj*lr%4@#l$a@Qq8OH?m7-b|MH)u01`_11-K52|)6hR&=&zt<6aj`kdBFHhHLO^#J zImrE%#gk7PC0j5VnLq_~4C9)l%2$n(e=rs@!Y344C7(Ce zGYX67$OAQzzGG#VC-h z3Y?PsqcMU}1lbulBl(JvC1~!}ddXLf_N{q|TFq&ke9aikD2ptebi2-VV=<#3a-sL_ zIya0{ZMf#o^X4YsG_DFN6tOt@wn5r*S^kLC$v+v}8Nn~HKHZpn-*~GX$^yyJ-n)|@ z8t*XT*HIoDtr>+-zfp?v*yto^`Y8Ceu;I%nh_vv{PX5*Sm{ArPSNz-LC&py133Vos zr^XCM{EXqLk;ceDij4|h{nXgXD2Nmo^+WPABbQM&DY7oO&Tod=9xdag{oNQL2G!*+OSNS!#*@H@$bs*ECt+^TW1L_HY=k{8XglVutp zsD%?H!K6+4|>p9 zjNoqWs9-M-`m3Odm1s&H>eU@J9R$a1UOEInAP4j#kSCo5PcGoN{iOXB_X2bmBTUni z6r?8^MbocJK_w0fhYcdpU~H zYK*WQ%BK{kO@$0+;S#jFAp9+U3EGzt9~~v=d`7(NC8&cFJ(6BEr38%;bT0ippd>*H z=QND=qU!`j&uI>{RnQk}6vdla@)rg#=w%+byLW^9r95rQ2CA0y$njJNY`_sJ>b0@@6fG+hQNC{-l6*#@n-?5(11R? zPdxu}a!NJo`4JLaeVx*zM0HwJkT!K%Om$jD&eD@f zK8JYq>DPj0e;Jn2fF2bT{pDhyvy6CY8`4>Qd1+^?Senv^HtNSp3s%Rad_dzl(VSRC zX-3lpU5fQ2&FE%9haHO2obD8K(cwv&(@a5$35wE!9u~AM!IQM0rv!}#Sxb6eP$0-! z(rbc7IpVce^e0Q^&`2x#lo7YOHC@-ATYa&8dP*BQYyc8p-`mn@Hf>I6OBXQ;p)E=% zN_)Cg&_@F^Q`*xwMh>#7*9oAFgRE43Na;Yc8HG@qb}gk7Jt8OrcH5okSw;>rCHM}= z`h0BFnJ4K?$1{qiAB}vJ(uGbF)MF0PEI}{YBFz=#cHlRl2th@Fy3tjFF0EBld(bpS zd_44|-!j7S;GWux<_Z~(2VeR~5RM05`kWCT55Ba@V5@xaejr-MrUI$H)R&QiG@epC zwJ*&W!Zc|Xycee*-7V-WJPY2BW(k@HztrtVa~Q$zKH+X)KYEH2n+y8UD>mhL_ookd zJdl-59YEh2%Ib`rrw*p21mSoXOe+b(Cwhj^nu73&o*}e>AneyeX;VSiuZPn1jCc+9 zV`w}hp2|eJj*)|m?>RMfBJJ+yj5mq)wF#~)&`%hJuy-s?rV|;#ImyDn)X6l-rm)m0 zw8>(r%1!963^_(y3fVANZxE2GCi8UifVQ3Ki5aa%<{mG(u3@$X!4y1W}O9 zpb3JCgKP#}E2vb;{?wT?gAs4BnKa5DZE=v(OTJAFq`{+{<(o~zZ91Jgo5nB-p$XG3 zqz2I>Mh-G8@(R!?E`u`MO%0}xg(m)v0eY#R<7GTyM%PEPveWOse3Uwu<`s13%in;C zGUAraqZ1i9$d*tkEsXAG6ivoOx~0vh-w2u=Tre%1o)pw}N~yGk^dcj^gNUTRav7~M zrgEBt{vjxPJCZsEZHcCt!;#zt)y_aFAgD$(QZYfT$|02&bT%8QqM%?Vt1jqVD$3p! z6xJN6k)TP8nhT0$)K<_v7O#t-;VeyGK>?L9l>vfMm~5D!{DV+7N>KL-ND~DOVP%*u zs6<4ayb^%I=1=RL~`s<|;uROqMKY|7g@)Cuj(>bBiFaohaKWXnY*f zSArH+LOLjD0;8jXx-dE|=siXk1bMI=t_oUF7E`$+D1*@hL7}XC&jjUXbq23KVC{Z~ zX&Qpcur%`u%3!4}EGV`m=HMl$#tx*if(kLq-VtOnSuH_L7}XaPKNaIO7Sx6H$X0^f z4%7fyXF)}Pme78JF0E~lwv>)w#Mh%`bO9q=kD8<{r}09D>(L6DAqdx_6?8Wvz8&S%7}PNYj+G!yA+ zp}AWbn3hO)GvbydQP0Uv%aUkGMrc``dC9b{kYO28>A-1D%~U#?5idg;oy>^mo1M-q)FS{j14*@n3JpG|8J{7+ zyT{;dA{*&bLHMST&2;JvCZlh|JCC-|d7L24at*i8<3ffzfed<1(7NDZbu%a=2>-J4 z;9KdO^fl~howNgXu{LS#{jwW4si)ub24B!zmL~SInQ1$zJQHoXF5Pb(k+z%Vps;o9 zv5H^%CPaZdetvB?Hr#8|(6+H@`)vBCZE9NPEAg^ynP1!7hS@d^ZTorJL7P5myE`q1 z;6SPWpgOhZsAgq_ubQL4sL(b6?jCk)kN55wjM9OL1+|SX6T*iKJ z`#mLryfyJxec#gxoWSb-^7r&Zo1{EH&_0~tzI}iB0u5xupYy*+V;S*Ycai1e1hdq!xBMlR7?LiPik17D_h1@+l+4Jc1Ai)U`#xWTwg3v-gHu9ZkG^%Am0oBjZ* z%!sG?BdsqqG0iKqkswU-3hgK2mE80cXsD23npdg6kYSovX@DIMzCKC&&T*FE8uep@ z`5n%8oz7yE&3=t^lR7xDUn6`Rmh%=R&^sFG1-J(T9ow8fB0wc_!{DRx` zT}J$!0e5IKTNdT{6ZN%accowGI!3(aAJC^^&NLrTI-e8f_mG|scgh~pyMj>mh-NKt z${x{Ef>8FDu3PAoJ*K+_q3l;0wa6*^l_m*7*%KPD*eQEL!x&-tj;B4Pv5c^MXVae1 zdqNZA{Z22#4&3TJztf)?@qYcB{>BJXk;ro@N1|pBaZ~T6J*V!1B8|Igf6zjVc)h%! zmjz*ud_nKI$X?PMhcmyI^t>Rng_zr;oHAk_6ofL#9J|yhlgwF+utawy*<8wq+o_px zLKEX@=F}C=c$zs+5Xy9OV2o3yn_~r`%rJdooifAp6@)Tswpi(uQM0=sl$qwhRZf{{ zjunJ5H*;W|Q|4xl6@)T(b6|o~=5CG^gfb7aZ=zG?VfqU~Ssv3j$tlZY4r7Eh(dMnZ zW)P!nay#ltT7EO$mVH&Ept;AERcKMfJa5aUC`HXXLKX=p^2N;Ow&s(x;%2F2%nx&z zqIj9r8D$fEZ;ZG3zM$Jt6P4i)Q9Q zLAgCYZQ0yZ*Kp09J~R8bHscua-qXfRV-!RpwTZ3Tn6+W%vd-1onT;3)kzHDmBJIp< z7g-1Mh>+#cqKb4d&%4Mvn^%SGzFOd|&gLUVe5`ac7jM8E`0U-yj1z=y+uc0%xl`8N zyvhjeJXo}cS#KlC_^-u#o6QA%G;qJs+iWKYe;?l4^c94^9q(-p<;3RC-sVI>_-par z=2b!XYwc)tGt{iK1yg~iqv3rQ!_0P!_}nwx?8S(;%5ZZaqaZR>?vg&-oGR#h zpb_RmK~0oC=_Ac(K`}snW*j44*PobUw_<+0u0JtnFycA*n<0#XNTxcigul6*5w~TO zne3uD%3Lor3(C_AjWr7i zLfJU;o{Map`GQdh{U~N|`gl_Z4d|bAXv}D!e4L<%c#;WbS(`phpJ;aGL{j_`N=`F_ z83mG!GeXm+n*(>UR0#eSak}|jQ2(uwZD*K;zC>9dX$Unr!)(eZgy1g|XP85TtU`8V z+nMGeA;aG(&NOcc`mTIb`Yf~99-agKYH_yNh*2O}54HrG;f(m+Cd7Qmh}V3G`I5(j z62UigO=B;n5=4HMV$(y+LX5EeQcKM>NoMp$$ z2b!UbuEUwlH4P zm-bZn`t)$KHYbpkC>3t{*s_7|FEmHnvRb7UnsaQ~mh{EuN?Z0N&_+&lJB;E;^D?9B z(z=RA+eMn{SD4>*DFw)3R$>%F>aCYZlsSY^AUXHhi*`|FG?#%b)7vdE(>Sp-mzrl8 z@idp3&jn$c%goaId5P++e@d2{eHrmImzxW@4AR`(ZiN}giKQ89e#3~T8Eak=glVoc zA8}2v^C?+nR?5U2c$%xszKpOwzfNCmF5^Tue|9`Q-i#BP<35A0E1Rbn@i7)}MjgOZ z_y~_TlLX;7N-&3f?UW^$69u6x(JXYxDN8ipX2knol3AS*pC^*cdW?d|X8BBdlIbJJ zTRD@SZ1!cuZAmdba-3^VnwfFbDN8f61feY5OgrwBrJLIY zp=^zrcG4+ZV{R9OvbE;Z@0_x=COypwW$Vno=bW;2roSMRtv5UW;FPU52MR*j2J_$r zr)-0HRuIZQH%DA{%04%z3PRaN^WYVyY@>Nr5Xv^0(24E#+hlqQLfK|hz3G%~HVX+t z*%ovAEvIaYc~B6_GR$>%oU#maw;+^lH80H{F+1PqIbeQYnXwO@ z`F&-s6NIw;X5Gh5*?zNyAe3dA6Q4L`nP#vclx3NhpE_k(<~>0uJ7DHKbIJ~w=LMlG z+dTW+Da$r*3PRb}=D-(D+1KV+K`1+D4t(j99W=)ZLfIj+J(2CUJ!JM3gtBkU0L3Z$ z#tavPvco3PoU+5Fry!K&n5A{6EXS-V2xZ@zji^)ht=V1>%8r=Z-JP-{=0QOyJ8E{$ z=ad~a`!nKm!7sSmGYwu`%9TM=gjAf`22F-%qr-#^SpUV5SHPBsTOg{ zE|`S`q3og={+3gA(To*@vP)*sVoup5vyvc`T{e@7J7t&63_&Q%H7j{JWw~ZOM!ZBn znm&x8$<>ISi9ecM81eeNYW8Ds&J@G2%~zTsN2Tc%(@0ddW9T z;*I%XyvA#8n)x`9j=t^J+%ju2;_+^qpa%ak^LaJzv*wN&!DRgDjXUOYJC)tZcg)Wj zWxAo}Pi6)qUe`aFXG=ND_mg>35SIOCvrrkQ>}T_BMp$-@{9^hD8EW1$o0N5G-ZNVW z>a}R#n)_ykpkGQ&lOCF7%P~!J^v3aP9+_1*NxRntta)rU5Y#zsk@TzCT2Qfy(b5yM zw;+9evh=$-LeL7(d~Qw_G!!)dFy{%XH zty09Th#+j0x7;cT!d5Ba7RHEMUBWF%$k1vpw|Ui_R(rXH3#wmwn&j>FJ14U{>|0B^ zDK)qz+F8mizaX@;v|A}bXlEI>T7uBd@@`E8p`8`nItoHNE4mF7gmzYO+s}yGS;g&? zkYQ_9b!$?S=Z>ve)ophzq(E{!FUn2}iq4O8k5R6P*AA|r%M^<%vDP-8vRoy&l zTWLz9n%kqgoUr|>xvB3uW!2sK)^p0LyZH;k8m!@V>^-NfhTCO9D68q_)4(aK>EYjh(VOZW{%mtghR#rcPO1H+WS$N$P-Z zkCANp0ta4U+r|oc)n6owz*^e=ZKo7t@wk@Ty9b7#E0g=(o&Lcc@v8lcP8hOpsZ+}R zu2P;RhD)UKHq>kiE?obgPv8qf$07;Q$bhZ{z8ci9qo=1q&hGfL<^-_w&zgi7#L<}$ zN```K!dJ8Y)mWaMrpPP2r_-u`FR%Zz%ffq#L_#NFJz#H9;2Yyu=U5x?Z4GE6{8Bg8 z`I6#T=MACtO;-PIQ2(Bu?xH6D^As9;p$#3qJUtcijvuz^>mkSIq0VuClyd)1V_)?v zq~b(pNb}Fof1($i(n+fyHqUq^<12( zx#o^3zd2v7&&RK;`!gGf=*ncqe$0`(eYZPvM@yiV;4MDf9?Ne`!EioaxW8op>bQna z8iP8kcVbWADR60bHa4Ap1=5ir?haP}T*@tR)`OKVw+HLQO4Bvu7|dGgYu3UH1Nt!b z*_?JCdZX2X=Q2D!B{FmicQJe@t9j{wbKb)imr1cMnB#SrZ6tDX7}oRWdz}8=dt{JS z8|LY$lBSC=yc6^s8S=#**c{%^V$GQtZu!f%L_hBd$NfEF=Ur$K>Tg_#>6}}RR$+(? zA*fj_1=EDjJ3(GNWK;{Mo#=;mv9+-JfHfX5TqfoSF11{%=WuC{k#LU##sci3z<&5@ zA*7EXJ0o}q<~U?4)?q;y(Wr@O7P2itYq>s#4}t5BR$Ppwh*+=oWXn#g-#U9WA0w89 z7z@6a$VO1-81(PRYq>J{H2Uhl4Q$U719-#m0RvGA|E? zcM<>I4?7~b0?l=-(zS<`LLuA7p`Dnc2KzKmPn|4pjXUbx!I5e$KBvfa4Fjpnxw#|n2S#t%!QX7_Vb9)gZiUxt9_`myZCfSfI<9>Z+nTqCQwL|x+xwik@V+q`cD%3lQfG)2_y1o_ zUQ1|$LeRE1wep{(R!^=5>zY-%k~6UnxVpS2yzWk%$a>4)x~{RfKJHOv_+C2Zi1Xq9 zy;7mDbN~NsS6!@L{hwcF_|H>#{kp`TLo93g9ssXa!M++?D||OQN8@M8e7@zYGw$l0 z>o~tMhO6!12sRIh)#|VO*n9I$vi6x)Uas>MpA-6ep*>e%o>$rR982@{9S+XGxT8Qz zaED{CD@E4c19!O!TQ7JzuWSDANtr?&V*UKnGFtkr;C=y~Q#j9Ya1N0PegVun(9w{+#>&6po{~-5T5yo@)3lqA{^IctIoZ@LQPzS@j4r7Zd!q(pfmV2GPXIc z%RDu#E9+XyoBdW>tYJ0d-WzA6X3H>r{Hmx#KJ9|;nhj{7JDk@@qwaUHQQf?2T3~JTKQBAYQ*xNi%juU+R0Pq;cxO=Z3pL5d(o1BeK=-$xp*wzniKY-Jpuc09AO#tS91KHbTF4- zNM9jyA$^tg7H2N5Qp^QY`*SY;s*W=ktY@8k3$8%|;Myj&>%=upr+z`Wuc5OsXxR1O zs_C?_;25ljPob4j)6L=&N1ui#}VxuDbAjTa{~5ZtlNME*wd`B{IBV|&YZ3@zpKAI zw75*xF+2OOML)j+a4-rj_hzebG|c}p2?ZCP!Dj0S4^Ll>A;Z}!#{K+m^;S3!Rmj6k zUiMdAYpvvKqSLj)kFZ(s37ct;z^+DyJK#7&x`t%K9ImiC<8bei=~y9Hhg_52S;lZU z%k#%{vSGG=Q#xxWIAgh{HV^L0tKu#ewUW6l8A>YhFDQap2HR1QQOo}yZ)j7`U5^2lsPvMy$|0l64%zTc*8360^ z%rw-*`N7h0oh$yzzdi=7EzRy~iRYmF@e0+M3{34f^LK?irwSRk5JUJKH10kfhjoHu z3huMR)hhT^37kz>xxWMZe=b!Bg)2EKISj5wnt+{e(m|>EiWF0`?l>px$J9E33%{eW z{R-1pNm>?$^BDlsxAw`em)hzrsKd_$7w$v*L(3u({Wo&(qgq?tG-+ile+Tqq>IRJpbyX5iJNcT(do_+bcp?r~6KGlH@)en{wt(G5Ke6Js-BgWS(^f!gs%sPvCecb(3 z2%kxK&*7yT2rK?S>n*8l*7~cI|0S))#OtssJWnN)4s3S9XR9nfpS}6hP+Sw&UwF!{0$R)0V(u1Z*Som167ye! zI)q;evK`|~I7@m}pFh9H*vWX%yID7m>O^K*F%QDop*l4 z3|rY*!>)c_C%m3rOXTY3Ql85{=|8SG~zH4psE5Ik%x#3mlEh<^T_Io@ver=OqvE(&_ zeudnF{hRuib@IC9e=e6qUN6g=Ezy{!buE;yecU$gx_yE*&?geDstT@3DzW*>HAn7$ z-KwpuSMYR>SH^T2zz*ltc6l`xuKQc3qkAb0XUGFn(9f@CpXiFK=T$f(ustS= zelB%w3p{I(*wr~}4)=m~f%osgc{l&Z{W598W&^%kn?DzIxF)~WfoBs|$O(48hD-VN z?FH%tRXb_iTc2OF$seR1aD&+fX0Tl#!nLVYX5b(Y{`c_Uo$gVt$*>7b^S zPHpI8a2^CwNz8bE*0lOLw+HJAo-u=1>MOD8vNRXWw(OM2Nf@*6rZ5<@s@SVLOJv#k zy5+7oYCI{cuE7pN6Bum+g4}UYhtB>hp5} z*H}ECVp3J;?hoj^6at z7N%hRf(h@S87vls=UBLH7z>~K;w7@Kt2jg8?YmG?ne2rAY1OJT#L~Aya5v7c0rJ_5 z@6va|zFi@A7ULeE5v&?`-v?J!*EDxWIMa9ak11~1X65b-d9?@fr+V+&BulC9Rrd9B^KiDI2_f0n7XyT*z@1_6DLf7;0GfOdFzOQ~|cm3L#h3g)` zwd}Z>@O&-XtWn7srF`AzF7_^&c*07juyB>Mhh5n})A{qtW##yH;s0OS=9-sf+ke08 z|E!g*HY!5$lIo-a9Phw^|8u447cs?jp!|?+g=i#^j$3@bIT!O#3aQq0z6*#WKaSh^Jhrc)AxCzHCIBvsn z2adaN`~=6(a6E29PhwU1&*q4RD+{B95vvm2}dnBYQs?nj=FHX3r9UTTEpQ3M;kcW!qE&e*OPpuT!43Mv>@T>E5Kc{Jc;B&cpVro_-?dA3cmTlpWr*x4k`FvwL{7V zc#A_U3z?>33Y);K17G{Ww?XER;qVTN940*l?*l`8DN2K~mbY=7`) z#ts2DV74E)1^kA{jU;^cWEaCLcCp;WxDQ|R36M@zJ|b^o^%E?WS$9PahIb-zMJV}NmYE` zS97GCc^$wFoiq^Ku5E^b`(txIa3^F<2lrUyTyO_;4F`8g@d$7mc8mts(HY&L%ssnf zIrv}tu2Qq4{#)b0Z8BktYO1+!?FZL?8GLmZa+Js^>9~J1`0Hzz)$u3GUA3--3Gz zzD0@p=d@bV(79K&-q5~xz<*=%eQ>{<{8VcyV^8y7sd>oQrh!Jlc1JtKg~ip3x-yQMGOToUW%dRY8NYKJ z$WpE1| z?s-aD$oRg{Ml5AhEwgUF+EhN&JI81$CwrfQls_A*P*Z)l#iT7Hti2X6UMlJ7#=-2o zw7pzAv<$fUGvHZe*1qj!0`Dl_WcXxNpxxz5Yd@r$jL4~-XkYLT2hFLCSE+rO{q1G< zkl7I89SUa$pg)&sMnlNutaxpQ(P-xynr=+-+em9kA17R+5r*n}LO%!Xcoou*oO%cJ zy<#7OdoQD)xyhL8SJoUNk8k-dbDKiQy^P-Aj-E0a+!p&kgYY5;7K4jzk;`f?SKhfT z%`7H)ZTsB31+}3ll{Ng5>U|l%P&vpr1T8hl$R4%dyhRe*e+`=DzCLOWGM2YE1MZCM z3*c@`|Iw_h;TKnnNp-%yX+jM{PirAzTMU9)idM02BtSZI{YtoDYURP5>sQ4s-Z;{t zp_@NglA!yu{^`&9sz2+c{xZ%&6G8e|J!Ie*Ib`(T0d-684gVQ3&N;_fcz)J5us=X6 zu==U2;kRkQzqqLTZq|Ql$@qTwTF};tlEuoNBe!bX+&xFuly2^)SS~s8_^itOA9!5FzK<6CGSvHlsTV9h)S+fGP>jQAE8%(}!2=H5o+kHE(=j*-IT8PO{g z^SDJk;Y+!yl7D=4k6T92f?6J`;x@cK_`TM>5B~1|4_)s9-&B?LfA5o=T-v4=dI1Ur zS{g3Jaw#nWQZ%7Op%fJ;0%OHQf(jG`sRCos)CQHYph#6v)D(gWR1^s+ST(f)!B$7d za??7dLwH8UdSR%e%-}QcZ>_9(9^e1_e?NRazwcgauYEcD?6c24CnZ_(iNR*1H8b7V z{^+f?bmP%ymqVxJOo0Av&3#Z>18qjSifu+(19js!ho7_2O7a3~=(JCOs+V@zvW)ro zHg-GR*9`ea$E#Q+xSzUlLH+kO@@t9kuS!kaV4!c`EHcu!w->`dF0u4~(z6oF;hB|K zY%FcPlhgQr{d~u%P_!Zy8&ig!L#YCNBVsOp@B;L!C-x*(D7vC66y1X=6y1X=6rKGF zMPpT==ss1B8it$864{i!$7+^FZCTrw6P zUXoM~|3bqh=)Fmr?%wiHQYmKFaC3u^#<0OiW3`=o6~Hdy7p#PIMbr9rBI$y*c-h&6 z2ChF&|F5N;Nwrv||C+SH(lhsQa})fRlbVb)&U6h9OQur!$&?5tNk)&<%l z<>@K3K4@xz_WM13Qx@pBqM`ft4@`0EbVa-Mn_YIq(A-#{)7_zik9~pWY%WMyf_Tz> z`|T+mJbFtc=C0=PDYSafZ&t@2nT!@+PAh?aoOXT6N`2Cn*(trOl-tQ?r_(sH=@%76 z%?&Btd|cgpT-|(JnZ`kf-b%?d#vgeX+MBii-EXDPn!GOVf<`MUVir)$yKldhazS&f zG#aOC|DHCiSEli+J#VG-G8`!x+3SKfe0~v>eskMx>5X3HnP%*Dz%zIAb-kQ8%h#vW z>X+s%?^Ubk?6ae{_7B(ga$6R^YBYADZwn1h!_EgELY;?8jK*%Pb-$<{?(Jo)4+nc) zHeRS{h0@A!nOBA$K8hYb3SFldU8fjbPrmmXC`IZzts(o>!HRyV1x6Zk8_w_WRGWTg z$PLgZa&JvtY07EZkeUVmLW3PjyNmIyud)Z}$=(Py zha){4S%sJz)2le9iesucw~BM~_1g-cHs$LVM^3Qi>&vbnJy!UMAz!Z>?@7^jw5#>I4vavWM!TBpso`VvaiotUeTWRF`8d+Ykv@*B=g0<~R;}%<0UoOW z`?sUTAsJ2VY5E_}wHZP71f}fU&5JXd+0*<#o`*8R>a=^0>a=^0>a=^0>a=^0>a=^0>a=^0>a=^0>a=^0>a=^0 z>a=^0>a=^0^3ippeob|A4c%NrH<#_^db+u6H<#_^vfW&^Tc_`)??Kt0^vh63Z{0NJ z!DYQ|{7hssU6bWSn!ckx9iE@`ENDw_JLlSwdkJa!mim0oErL$(Q=t8O{|kL`OxJ`1 zeTq%jt_k+phMM1lp2V-FY|{rIg_e9=svhumEQm-O|R=<294wLkiN-zwA5XZJ#BR#%y5 zrd65fy7rjp8u6Iu8mUI>$NJVlf6{%d^;|;(YOrTEnCPrEnCP4~nCLtY84P1Xc*I&=|Z%3Vu-ZeU%3+(KUR%8ZDbY16}_OzZ;0pu<;^Q%rnt?m}g3wMQe4|_Py|Yco6q-?5I!o$ukAtPCR@J`_0hTSWv;bc zniodQf8X5>t!_P)=`kEUdQM%?_O5?gr?oT%Ez-Pl>aR58f4G?F9_rK!kq(;ZUf(R9 zfw$u+1MBUOeg)R@rK9^f^%wDtCSi_g=a>!?JwZ72D{o9u9VU8?aO%qt)5$SWj_Kx@ zZqCiY4EeMl)!Er^CGJ@n%4u~k|F)mTx)#qt-}bw}nq#`Fxg@2)KT+(1Ra}IZ02>|ykhbvhGMe^D|~=w zbt(Hx&9p+6BDXqumMN=bLDowB>%F%^X*5>qH*C2+g~ntBJaw~HXU)P`t;@o`2)Wa( zH!bsJO}GA``N=Fd?&i-UeP8pdSr;$|-bDPRdG8@|?w-%GR`LkbQ?rI=$t&ht1~_pA zr9ivxrkQYQ`1L7H{lwBnlT)YXXs5nuaf+fR(-m2@mKh(6LF6mVxMs~XLn_U&IkR|i z3H)1cf2bFo*_{IxXqJawV~+_nY`y)>0h;y7e($p91J)0rQ*LjEZd&}=fGV!1+Dx;k z+D!Au!}Zs&e+ka1(YVC)?cSaNYq1;o*MRBV+v(iHT6pjlT~9jYd2#wDcLc z(zN@@0Rz{X;;~Ol*GD$xBE5Roh=H}1yP6A;e)nmlO_%!38R+A->bb2Arr?}@sT)j_ zUtWR8aQXcMH>34mRio*f0M<9tBGk4Y^ZChv`%M>*ZXLKE&n(Xmw3(Ndy_dM(WcqN& zz&!oe>#*Wkt$3rd!8$wdqk#=(+MjR3n5U=)GwsZ`nRw5J>-y(`+j%wy%=By(;91uM z?LR08Ef~~n?x>$NC~T(h#ou7)s9!SZyotWcza9SCK^^R00ROf@m)PHlQZEnMY#ncZ z13K`YHwQ)G`AP5Q`fd0{uJ;nptM+HU7<683-h6pbjye8_DSMmsrd`R|1?H*snb7-R z9h{wK-bwo$bLem$JZ~Nx2TeTefZo?{W_F{st-Lb38#QBBqtTPaWivgY&>q#KbbcDu zEwn$+*XVh~2G4M_ZlPn>E%m#<$WFI>^+Zp0mWAezZi&Uv?mE+OX!f|I!8C`Lu&x-~pwXJ&%h0*v@xj%WE9UQk(mkl!LQj`9?5SZ-4SPPb{$+5l zTp#;=?Dw(1-onpK7HYA9a~n9ffpfQW?sm=%aBhHe1Ds2H?_zrs`}h6Cm_1?kgxS;1o_6-Mv!{bS9qj2~PbYgi+0)6MD0`ypiL$4gJ>Bf-W={{# zsN>e3U+OdLGM{DLN;9X&LVF3DmCk!Qd$O!Fl37+7$t)|4q#f(S8^i243wKz%kUlgl z(-42;%VGH(na`2=9C;pdAZd6JVrbt!ziH_3S$uwHX*X~1Af4B^ba*Z1{L10QC_70n z=CZ{odjR*-xE*v?opcYLVbR-#hEgld=SIYTKD^O<%~M|tFSk-}7w}cnXntVB_wc{; z*iX<*dYg2}+_9p(?*&|0DXP*+XSvc!_YM#D-@|?I zaR1#}{E@fwW@&$1^Fbc1?Z@--bb7y9Wo>`dJfg~a^w|`s?dT_lDl6}NthDpl&b_VX zI%~N88czGT{(6+%G@_o%)?0n=KdskW9|@6uyk|T7R8KwEvS%<*As+THhF5#~~1E*0id?Rj8JO@S%?$lW6gOk3`~ z_lop5T4~ps%7(NLSZi9&Is&@VbUgh0$V*nwQ+PvY>N>b{WLDe(cBgF9?A&&0|?5SZ-4SReX@8kFj+It5ZO<09i&^W)j zyS9MdK0Q(}EAHgrj|R?)JHB9Z!2-1Pt;rqt{N2wLtkioQeyv~$JQ@56LW*)4s4(9s9M9)gEPkFnP|qkEp^!QxGkwm>FxLN6|S*vOG?v{v9)pc zPCJ`W8}|~lK928be023ZJ}dS3Bd?6Ln`x(E<4;2xc+R^m6?o@kH`D&1A&&M2EA{Hz zkB-G0*wY5>jZ&A)RkQmPUNT>rmsNOPz4!2>!T{?0NiQ(3o^wxO6Vf}(aeRM?v-EEA z6~wk;i?g&nd>FZVK4>p2Fw@?Ec1m9sPQ<ji zedgZ36*?`4OD+~}vle8XQ%+0&moF6t<7lrE#3)r*3e3M&Cl)y^u08t-3yfc4x7o|m zfW2089KDU~W%;yZY*B&vpNJ_iPhLa%H%=FD`V^qUroD zt3B?|Q(r7<=d%0bnx?-})XZtB`F*69=6Vc=;=Y@6rif;Hg!LTj-&ilO{)6>jtZE!Z znpoq0^0;pHcca~fhA4YF zc|N4`Gd`7Fb0s}*mJI0ONIjm8T92pr%N%cGPkKD9kXiAxTd=do&N2D%G?((@>C6_z z(|xcgo}Sr@;_11*D4yQc6vflKnxc4m#xIJer~aaNdd4q`r|12mczRb;6i@GJisI?1 zzc~KWy;&1V<2&jnPAHG(PY2?|mbnv(;^|#bMSSD1-@{Kk`HJ}bTK|NK_>xx_8Y<%H zw+brb=@VE_JbltyB}$*DR>$)*Q9L~p6=1EyXN3kT>o%0&DZp)@vKtJa?ma(Y8=eAw zoY2UhO6)dJTa5;KQphnh5B&Fp-CSxnm)gyxIt}&fTJU)d{pxT{JiQ0*G)&l0I`O=^ zxAdHn7!v!=j@#m zX}`S}rRXd;jbkvk^A-J?Za)8RZoA>!o^L1SEBZy-may<`a!nYN9cxl&+&VTt^d)RBEDeG(0}^D)TC*aoh(~5B>VFFTQc?y9vJd*?80F zi{DpB+Nb`Cs|w7wyfg-SU%%q3>f_tWe^I{p$W==af9WyGUA8tayFvWFT=h8o^ee&J zz+NjILqNkJCP+KQXk&)938%@iS^Y z=^Z>9J9#!nxvem_66IFHTxXc;40D~+wL7zJE?$7SbVqT4-cf&7@kE{GaF9z)#NS%r zy%3iQa;YGf>c+WPXy}PQeeI^=p7W`ifwmddjPoTH-26u`F5_;&NbM%hWrHD$>%4~eKtRVcJf*J=>c1=DdKjE zx!qE3w=~vD0-g8r1iDj~C(!RP7jt|C$5(Q^hvTdCu;pEchf7uIUnYO+sN%9!T((FL z&Nn-&^!2G}&T1}O!)1L^wkhQrr;p3x%{h*Gf82rTi=0*5Vg+h`Y;q;52UfPGG@`t8$#dXYjbjta-Me84*vRS9!@Z7BD;debZb8VY-+GAWYW;9=%QqQAQ zpFr>7>v^o|6X-pBJ&#pA#;O!C{JDwZXH1T7;P?i_htnE3zJcQ#IKF}7oB8e5_Jpgm z)|YHgn8}*C^u>}u0zI<_P{V6T=dFEO409d=T+pAx-f? zj&DxbvF`hla030MP&k2pFScDgwC0Bs=vQLH36I_Mv?-i0{LNyd9d9nx!wL6bRSzeu zf2?Y34g>2A5NHvRUNh6xCnj^E4ALF(XKn3a2~TUDCw&j?&(7F!C7eUqDCb5wx0}=5lBOf-=E!gY{a$T2fqtj92V;0+dJo6+B+SS7 z^dua<=V`r%+v?%7a5-UV+4)l4M!Vu5zfYjg!bVNCu_xU|PoU{G+JA-<=+|zuZ1mZL zopWpWbHIEX-Rbgebf?R=(LFBTM)$jX8{OmbZFG;zx6wT=-$wViFnYer*bH55EaI|7 zT(*eI7IE1kE?dN9i@0nNmu=@##Wwofp_Kbjj`XG86`ZcL(Y2p%qcyYA=C>@kwvy|w z#X1zJ<`Rkf& zpUvBS-Ddrx9HX(xM!%SQSAPhh+W2S@-FM$WTW5I zrF7D?W*e<(VZ=M9g*iUV@nMc{w$WPGY@@ZVonzWLrrky>WIIQ;b0pQdZd!+puKG?s zx+wdjd@iCq+EE_)D35s*wb?VfZ8RoPK2uR1|0tiYsEs}isl-mt(L0Lq-`h9J<9}Jv z_(w6?k4^5j(YSTnXxzGOG;TdMdT)Q3XT@b3y`R?;$>Y?!2dtmIAGP6c4xt)!Y3`1J zwnR#&C(>U`WhK(CZ@*=u7awwDcqBuyv=)H2uc)-}KV(bo1x3 zS*Bixzk$C1b?!IOyZ1))FhkiBZ=CUuviw9^<%-ag=v|s7CG^Gu+x&IHE=a{d#Pp zfqsp(BJsoelTfOsCXud%ibVRw*qTI&sY#@mnnb!Tsu5`|ujWV}M^Ep;= zcz*mzcWZk#4l2(y)6w<9J9GShSPRXT8VjBG8VjBG8Vj9wANzgm_p#r{{%ZDDv%i}C z)$9+jzgC|=;Bt9Ak46KJz;^D{cJ4!fO9i-8fJ-%TsV4R}vA>D^LG}mPA7p=!{hjRZ zWPd07JK5jO{%-bnv%j1DQT9jKA7y`({T=M@V1EbuJJ{dA{s#6pu)l%*&FpVxe>3}= z*&k+qnEhe)huNQRrBOX^oj>5a8v;BUO*|Sw9*rQ6M!uECJl{%Vo^Pcw&*D;9?9XC< z7W><|m3D5Wom*+=R(cuga7}H-ncaM2tvNX8Iq0)*zJ8+{e{1)r8;iNNVy>;2Yb)m3 zniJ{GMmVwkQ8g=^c=XvMDBaz{iM0MVC-Ul)NN+saIi{Us+7n0NF4@kJ?Ht(wf69oC zM0z9Fkx1|2IudDB>`bKfDw=rPjt?xIiL}q@=J;-o?@pw5gWZWclGB{s9N)v^bD76S zPoml0ofx)UKf4>Pn@8wLG|z2GbbX~K(KVIDF`n31aju7t(Zk2+;bXLOd_Kn)aeNU+ z7PG&U{pGQ?xSn#(?dE#Axt?yWry_~Qq#}uqv?7V#zE&jB+t-RDdjDCGM8{jnb$YnY zDz394DQroeTaiR>ZmW}MCRB0#>AZidPNMT(okZuoI*HDE4YyLmt<-QUHQY)Kw^GBc z)Nq|OsPp3yKCaWp_4v3RAJQVEl zx%FJLjwh`5%?*4++xdtBd_)26e-rzI>~Cg&bL_bI4M3P%4|D6`Bs$CCBz~jIEryfm zZE%>|ZRdJAxSmd~CyYMypC3ja%p*Fv&M3!pb4-uKG^H$?-^00=xvk6G)@5$%GPiP> zTe-}wT;@72bDj8GGn8G4_krK`)01ib>&Z0F^<B%%>ZOJravyy4P*^_C$ z=H)Y|WnOaIFtfO%93xnL}Aon)N{S0zH zgWS&`_cO?S2y!2S3H0lv-CU}hOLcRp?u2iX>4|_>#e~v%_bd!29G>ijo+5W@AO#TeLlSjaf|Hbg! zqz3$JTruDO( zXHEytoKBuOVXXf*yPFef-gffLX-=fM(VR$gqdAf0YCG4~&XG~Bp_^;y;TrU0D%-3oFxr!ZzZ@S6O*bxs_BHyTS;iMp&rBoLJPT@6wZ_q&RJ9RleBX@m%5_QV zRd@_)zj5a6N$Mbb4#AV8!p85R$Ba3PF*3$ci_tf|4?LCn4e)sM+n{&qbZ?~#Xb!xFgr(-#dQdZTe)3HQ!I*(C34KY7*Ob^F6OcYsaqR43`iYYhIxxUdv z=eoi~XL-KqN%Xni)E8y9a{P9V_j7yzxvA>3iAUHp62}rTO`ujdvWFvo;Yj=q6lzmu zngdod_0wji)>F)VFb?_VnYX7ZH~gvizZ#VLsQCueR&TC=K4Ja_+F+h_N0QoVeipjj zd=~0A@4wTi0%kfpub8`$ZZiJ>ecep+A!z>lofsMOC1|txzo8+saS2A)Y=s^(CqmoJ zsnAc&eV`rYEa+)-F0|7;0va(FK%?df&~MDwK)cOTpg)?YLwn4#p}&|{K`)!1geuE6 zsBYN-wOS4=!T&P1G$Wm2c^{f?`2gD2a%4%W%CyjkWm%5FlWqADI@}V4=39m>O;Tel z)zDd%iI^u97COK4E$=MF$e>gz-hxxvCd+BWyl&}&1}!~H4Jy$}W7x||xqYn(%TT}d zdT6$FBh+pULWf(whUQ!GA3M}Y#G@^1VO6Rs;8I1_s;VS4!MY7vZ0&$Lte2pr*7W5` zYMON%wA?xydZTqMw8FXvI^TL6T4_~x;Yzd)gLVW?cnsw>|;=)OrBgVg1vpROO7L zQJu;O5XLkFb8m+QnrraN3kYHDt2pu});2&bokg3F|u6jjWBVhoGtI`CfDs z_okArXZ?(|3u;imrc(V{+DxnuacLB@mUTVr1=gQfe`VFuDJG6Jk+m0V2I~OU9M&PM zd92G>SF+yAx|VevYc1}sqA87K96vlG59vHk=Vz?K>M@ejV=~I%FW_`h#$u$$ae6|=!>FM+<2iUHv&WIK z4{0Z-OEW%1dMc-Vri=~H*E539V8(gq z+Zp|Sj};)J02<1;9vaSA1U;7V0JJ@0FZ9!lW6+L_i_p^<>GxyJ&p3L2s``rCjbwa@ zbQhvYxythcbbSr@Y| zVSS2q8|(9|`&kb{t?F$~AL4X#Z(12by=i3#_okKMSZ}(UxA&$y{-?eB)nHf9dk}hl zg5yv3z8Sqe!|Bf6cKE;IbfkA4(p{X6_8x`wIZl7myAU;W_nrXHckKDG_hh6maJr}W z6r_LR^e??#sQD77FZaF<{$Dw*`jn#vz0WMDwa-mZTc4Yeo7jhrC8duG>0X>p@3R=W zefunhCzCx{eeOnj0MeN4tmD`}fzuONovc$?r?a|Qm$0s7UB_C>x}J3d>o(TsSsPh* zvF>Kg>r3s9W1YpinDt)P7SsPGjSTC^t#HwZToMG+7n!%dGIs}Su zBg?F=F{&|{tD!}izlTo9T!+z^$hpOtUZf{;+L2j@+|ta4F?v(s!TmaO19GQxx;%4J z4er{RTaY`8Jr$YHB6lvQ=Vvw|w=(k;s4Md|#JJh-$qXW9F{kg$JcQh;%=e%xGFuU| zlKs`0A0g&mPOr)Q47oL#r{P)09&hH?NY`@Oml;KRJ*OYdJdeow%B zgOJ|O>0stiqz@vEU47=rbw<^Ual_s|a}4|~923qgMEVHQsp>P<6RhW0&$E8VdV%#4 ztJaU=d$DG+PGr3WYE^6d(LLfgdusbrSTnN7lfycfbph)wtZvrDtV>u|vfj(O zju0QISifTJVm-%tp0(Ei>gRIS;{z!@axiHD z>p0eltdm)ttW#rYJ4H@qoz6O!bph)wtczKfur6o4mvt@c$E=Hoa35G#verU#@HHSf^^I`OKFYsBz57~>j{U?h^rkn6 zh3W(5Bo%*v>=HGEIRoFWPxc&jJM(7sCUcQ$XD(A(kn&fl4Cei6Dzi@21s(A3MgQ;v zJL)-bDp;l}d@k`X5TmfCseCK!|B%X)eL#JC@(4)%KhE(D!7hnA z`x{a`*#}hWsdFG5$9a&BOVeWQ5vhJ7I2(Q<^^15wO*~}+%hW1g8v8c|bC?ZGDwhkJ z$`Pp?k;)ALshpGj4M8Hsmw>ZzoJ5Kz9#A)&nhH|<9QJPtxjR|r>p*Ic zNbx?fOr1L6m;3nQ>7sFdk*_I1zjMuw}|u2r#+m1>Vy~MbY&>LpUWcD6AOL5eE@>HHEYj!5G)RqQ!TT$doldq8S$vE;9k ze6QsDIRDg%^-Pyn-Vqau# z3YyHZdeWF!w?OK*UF;!}Unq8|aE@>hNbL}*KSa9DJ(9mz{Hw%XFZLF({a~AVHnp-gC z$NBG{SkL*(eOs8Df&uoQI5oV$TtK5lC@Fs-H;n#UuHP#lK4II*{Ut6i?*& zCH79qCsIC<@&h2vr(NO?fjpl;9w+gKL7q=yM?i`@3sM}B>OChk#>f0b8pk0Ze)=VG4)x!-JK z{QxOG3es_2WIxVxf*c1(^`>=v>hxz^qysYDTeZqh+0=B6E2cuw_T65Bv92=KXuuR=@a*^0+ zDO4Wo6-f8bEo^TJ9tT_1zfN?Ct@VnvV`5@I3(|2pgj2yX^?+}&a6L%pW0&xV@SM zUh%I7so#FF8#({%iCyA9BJ5(~`3|J|&WZmbb5l@DkNNSndt6_R*h9p2iak|qx7drt zUN3AE|1Pmx#BK#?ypD+foY0sN^P50A4t$jZu8Zo^L&Pp&`{C15#a_hrmeY&Hu4Og^ z{U9CJPR?&U9TK}0q;`orEC)|_fiz#wvin zEF;e3h@A^ky$-RRAk{mEiSPZ8sU%6rzitPl;)DI_0n0Q_nzZ;}-i-caVO-*^TPV7eEPLRgo z07&(>h`&|*pNqds{Abz5eop)sg+_dTH1`waeu`ZpTqLX$HVStNTS4l_S+R{-vHEg_ z4q=JVC0r!*fYh#6>^h+zF&oSbUi2tnEYCx<#qc9G<%Chi_T(R@mUh;)Q>=L0% z=oT&#dWCgDzi_9pRTvST1!@1H21-9bva`j`726?piP(!kntvW9jvu7stpn+N_=P)# zt->%!;}sG6tS~D6^WasMd%sYFq(8!3p+i^#Qa=}oy$bxD_VO2AvFn5(kowgs_Hpnk z%OhW$6+22c`fJRNwWot*=Zb9?yF~0#v8NL)Pk*sU{2uYwfqY$pbY1NfyA`ByISX=o zIWcB~)W2M@ogl@Ph+Qgli=SS+Qu#WePv{4!y+)AA?-YMP7~=fpK4P1?|IHSV;#wuY z3*`H~__e{Ye4{W&m@9M&ON4IWB4MqtPPkLpDm*JR=EmB|6_yAW3G0MAg{{J~LZe;E z3rmEHgmuE5!dBr~p>c?m7nTU!!bL(a*k60+O(Kn3t*}nGQ`jmzE7XR@;*G)_VXn|A zEDZq{)t?W`soGR)Yi9%v`_O3L+n5E7LoiBAwDd?@!)+0 zNaYs^>x6#J-xMTLxt-zH1CO2K1bLh z)W*jA*IqYJ(4ttqRhZ`loMHpfKFNeFt)(T_gb&&37Ibu77ZegvkQP?63gS3u! zi5(SNFN*o?V41q@j00>_rSFuoJ@<@@?T6p-h#g}4*gIji?>ZAlE89tQ9s210dDcB6gQh zn;fe*M`#Brt`uxl_n&crZEEkk9`Uz;)Q>Kqc6H3o2HTW+FGp;ruoR^F++uq`nwMUX z#{_vXARVV){2^gPsGPC(vV{(zOXwB)K(0sZkT4=d zCLc$(&>?gQJs_3$itQH$#2*qnB2*<(pU@$63B5ue$o&#Kz;;70Bz8ooN@MluAU_X? z?GUtsHFbRWnO+bMJly@kHuctfPO;s>TA>f5@oE%108)J+kj5#@`Kx>pvDM6& zKU-)AY5Y9G5crV#_Pq#50v%=>Vf32`l80LJ;OR=>ZV&${J z9qQ%xbHsKE-C&u@JLw0h-H9`!=4mH1}6r|(!h~LLH<^f2@9bmh{7ZN)n zjEY~)l5r3^gf5|1=obb+y1qkVM?l(V+h@nd!zTIeP^h^d40{w`Z=htLhu z@p{Fs727X%0HpB_iN8yzRm95aAm!(X?G%=RG+u78Js`#T#SRI>;*W^k#rFFr)ZAG8 z8p!o9u|F3EK&meS@;nj0b`!fgzP2D%-YsnWUCa)F)bAFtyM);{Q-AVXognqY%eJSr zQS26Bg#9nH=2XV|;{e;#>DE%V@i`7ip;TE>9JgIIW zyF9FcR9c~a|Adcu>O>>wFZZqY1Txqr-4 zCn6xN4_%V47RBrwkmonZ*B#pr_&j3QO1@9*7AF4Qfc^M9PV8(?tUia(3G(MsVtYWU zzn1+|PWr@dWcvYMm^t@Mm)L4CjgR_J18IKQK{|g?qr~-`!5-@%#r;KkPy$`ycSR*~Z^vv5n(m;<~>h7Vi=IgnqD1o%}Ei(&vd0wr$6{ zI3N4DJ1KwWu^f>557Ot14))g_^MEu@h-K>aGqoVa`8of+V=e5*ddK#qV^Pj;2&yGi zZ}IVL=7Yy`K&~I8=Li@3-#zXYe~VCCO6}l1HrS^Ab-Yw;7u(}Ma)VTlm+kvLsukM@ z(zrE>9pe1AJ|g~I|HnsR$&ZMwEsM2dXFlL_fNg4gn-iq^-9j%&n)S9*~ zkov1t5pOuDGjZQx-g45-Tz0aSx#naTr1Pql%Y6hSJ6r4=kgf-Z*iN?bcWh$&g^ldT zbq!Makoa3bI$y*x^}@-B_@iuB_|#pocC&>Jp-bo$`h|@kjcWkpcEsPpHr7+IyTsP+ zrnu$49HCR_7S;-VOgxu@e18*vSnMvbwG~pI&?$5aYlS{0>I2Kvl_x_W-^bX_I~fsM zt(0*G%T(6MY_W6LuJAcQKL5g6p^u6B#cmOH3AKBqpF*dw5v2aKFtLs^^G@chBL4$E zCrIrz3fmrz?9i*pKFgkAsf|2|gE3%042wpx(xhmFDz`;G1De#*bGJsYI! z%)$1P?L@M@Y@cke1!-LTZ1?*(BKfK&7N>zU4mn_%di7)oq<%Xeh|w<$2_r(sgRy*< zP}RlkY@tKw5_*MxVMrJe;=g%wyV=4Vkk$u>*e;=0=of~B5usy!?6_P)FG!#7`h_8( z_He9zJ4n~3{gK!>2bg#t@@T9-Az?(QHb_5(4xvlv75arCVMM6@AmxP)p-bo$`h_83 zM5rE<@2w)2wg(2&@T)LBSQQ){@8gJYEQ~}2dUjskj_tZON_3DnBN1E-z#=hZ2hU2-zW4u zEjCE|3;mgx9T0{gA3q%$>z~jLmZ=M89AdkKUSUWW`A`1y(w;E;1?ivAFANDI zLiM7=30*?3&@T)LBSPhu{t6vJmoOq!jS?qx2wg(2&@T)LBSJjH^SJnhAz}7T>9^1? z3<)DbS3t%^=-L%4=N0;eA)(`?SiVc>75arCVMOS7S>lC$VMyqBMe>D_|Jb`@ezhmY zY@tKw5_*MxVdy{kdt>E7!iZ2cNqs`~s@Ot@&?WQ={lbtiB2@dNywD+Z3B5wUFeHo! z)oW5-=n%SuUZGzY5=Mmh@{ibcA#?~`La)#-3<)DbwO`5$9YUATEA$IP!iZ44A?1Y* zp-bo$`h_83MCdvo^Y1?l#{NH5_QBZa4fv65{{K}jVfI^+|8}fhhtPSL)&o56fOKE? zgS@T?Bf>7p#~=N1z6SF1gV;IEvGPuk{EcFVz`a;6Tf~lt-6ghqHhX$Q z%QoI`iyacG_hRKWkouo3c8=H%v7KUj#clz)|L@1jJ3%V%65B0ytuO+%sf8bRiJcvi zav+xz+YM5^ez6-RKO%OQ*jkJ97o_pY5!)rU7o^XP{2)Gm{*zk3DyYx6#FgWPZSSNOCK zDIR}E3zFXp-mEoz;%EN#lSaNR`kaR^PxYgW3kT}vVX%i_0b<4Vta+IQPebjo^A{0je;kWWG z7lwopq57{_xon|B=n{H`eqltY{wn2!4xvlv75aq{q54M32^~V0&?^iHBSL&tU+lUR zI)pBvSLhdpgb|_oo0J#2gkGUv7!pQ=*u2Nu6*`12p;zb^hJ=ppSUH!_D+~$Mcd>kj z&?^iH)%TJw^a=y`kIJ+ThM5h)sMw|H{yqkzc#qI0)Ca`;c3~8x zb+&Y%#0!1GfG{kK3O$2j@nK<9sAo(4!cvgx4~QKWMumEg#0yJ>9-&Vd5Qaf|pBQD{ za?(DS%5MsKz%sS$q>qXBiQ+HKjpYY~QK4?9`1eoPnWs*KL4FPudWOXEeaurQ0wBFV zB+};sr9)%!K4BPa)$sp%#P$rMxI-ty_}v6*N6(AJ+rct*^%ovtK&X!(|MV|BAe}d# zu=EP@ukuBiIIsC+gCi-fAy_K(F!A}%s91Ts(8t8*IHP0j`-B0Io|ipiV*aquH&)~K z(DuR@!@}s5vHsb|$LM2T{Y6+MsJ5WBt;vmi~b>FFa!V*v4^+ ztzQ$13kbu)Qb)}10ja!C?65E@e%%?1D;0V`o`+(G*3jr) zVWGWL$_b-FeX5ib283Z@RH$DYi?b@TDqp9Rrj)t~Y6jy_GT zV6Pi`J<@Aqucv#R?DcamLuyj$^whgjy{TWPew+Gpsxd7&ZByE=v{Pw))2~inoxU~w zrSy-|Pp1DR{rhy4@npuyjK62p^-1XaKwnd4apuCzZ!-U#Ii=r2{XXhH20uOc@Ziq|e=+#y!9#OPa&OPwko!{Z@!TJB zZT2ztY4%&}ciT7E{q`pNaeKF24apgD>yXEX>>d&t^2Lw~LlTA#9y)jEeM1ipJvDUd zunCZvOH7AM*c|-+Sbs zkynhY8@XrX*^xhv{CVW%kwZq!8FkC3HKR6X@6x+%aa=m@Q*o9J6=K@i8aH#1-TgOfFbmu%qB$L32TC!HELHSnJqHW1VB? zjGaGr)!0YIzA*NUv0se+ud$cLS_^Xv^9qX!XBTcP3>LN)o+ykK4lT+rsw%ptXid?^ zqN7D07yYTI_qeQagU5{=H*egEanFq#bY;Pnx7@s%(hVhS$Zy4V= ze*gHl#y5{|pYW#%2@_XNJTS3i;?b*2lfskEO}eW1nd0W+FN+6Her@u5UQHZ^&wYwCAX2V8gPy8pUv;Ix~k zJvnXvw6~^JPQQ2hGt=LkKD2CJ+19c@m5rP+Z$@aw@flyw=$VmOKD>N<`5ooYl)qO# zappZUU!M8N%>LIuaQ&|9f4qLu4SR1Gd1J+m_uqK<#;zN4W=)>uoAt)5hi0eESw82v zIY;OGW6tXpj=2qUFV0ks^IvX`uY94h zr}Bea+Hd*qThbQJSm;@}Y2ns|Jqxv4vu@41_32yp-}>IIf4Q}vtJ3wE>k)SkzVt%F zx1<_yRqME-&A6Iv_?N0uRGR9gGLY({daM4bpUQ^jsDWxQ{^cq={tdyup=ucZ<*DIn z1T-Hy68}cw-)Q_BuO{K&Wc<5YIn_0)1bUq+Rprp@)eYEx-l*o_-&|FJHD*5kgyLps zrCNYL9{3$TsJ&U;4(krJP~C}->6a*%TB_V?nYv9?DUVu?h`SJRHzHObXC-p(foBy` z)zEv@T6LfLy;`mAR}ZKM@vlyK)x-F!ppD9>o>uGCR#?xe4eELInDWEhs2*3ZsLkqi zeA7;|dJ2zhTh&L1_*89IpQ#tspAhxAdI?+bm$6-bMV(W-)nC;f^*8Lue!z>Z9`&mF zhuWupQLo|uc)qUwt@bOU_6B~F;(#)1L1obnDy#OUvT1MOn_v&AWbLrJM*C1Xv}4Mt zwW({hkJSwAk7}m&sk%Y?lbWUdQ_a?N?Iz8t&C_h!0xePdotC8CtR-ue+HCC>twLLf z)U8Olkh%>i4^oRYw{|-g?!e62J$PE3{xI~d`$&JAP7IT$bTH{_vq^{SB^||{hWjZ! zeJ*M6nLj|ksdyavyX(nw;RaIgga4bW-O&Kg^-HM5yaQXI&v8AcUU>oO$v08txA*P% zAAdpk6{H_t^9D2{NHM>JNu#XsQz`!8TGFY{QOzH}O05rE(G30J9`X-cMf%+|@_g_T z>B$#JKYf_|f7{gpy>KI?|G|BZ^)P)X)i$479Pt6AZ&>{yGB9}8H~?v;BIp}8A-L4T_616?$PdNuUA0Z2c}Y5UL|qywBb?H-2o#NX3c z#q`}L$NV3jkL>@O``gG^I+pus#s3*I=Y8_r7W!ZR|JPGDlX7D%_D;JJ?apL1DN28G zfN~3e)3;cQtGQ+`*X&(ijL62N*Fn>&XF}iM^ZqQ)QtLf);OT6o5qPzVYFpp90G^bU zw?bQ=TMm8jWy)=ShjL$db|pLqg5-HHcpuXLe{J2cx(2zg?5>5rzx5B$*t~MKP}z@< z&}i4Q#(MSJ{>0M1-nj)a4^(W0nvT8zjUB~9hv|$Ao<;q6`)$&b2kGjFl{(Ew_t(t< z#O!aS-1__WARV{nb!c=o>Gl`N|NH50B7J-VrRP7>jP!5M-TY@hfakYmpXKq1)$lN< ze_O-D*HJyOnpg44@Y}Ngf9(eN{H7nIvgNEzQz-ps)>wZQ9{dtx&-nt{>Pq_HEKx`5`u z$-$(@IeqxuB$PV4ooe{Y7Sh8zNY}@73!UF-{mFCvl5|9#dLUmjriE8{-^#4@Wj%wJAz?Z2|U+7IUPEXHTR_( zkbdd@-$7$5PyTx@q(|Rpm?tCuOgsf2VbtDm)p z{mVGUn@72OIGy39^!%ZucXFMB$|!AO{c$>_Kbk{&mSa*lee^Dl=X$aaQ~EwX>661r zSF_G#oy3~LkuT&@?%S*zx&939!w>8k!ZB}iEB>hzS$K%FFV~RB=~C8RYsf#BN9NoC zI*&v7{t`PQAzu}8V|ULso)7Qxe0Xc)J@9|9@qzzq?r-lA<6rv&Voa~oO11qpTJ2-$ z*qZ;J`vR@}u~MYpj*urenFE za3B7+C$x(+Vi%dHOwc4{ft?IBU=JAwO~t-a!;Ufm=?p{}u%}Fh_Cda;`a%sV6ZsnU znQ2J(M-+b55o%Ba5T#+?*#~Jmq72w|_JK66qVD2JAscL+9YXwHdGrErfqA)PViyIHc!64eAl>WDV+3 zH4(Z2J6cWs0cyamaWb?X?HJUv*xMSgPb@+1^H762j5ZDGEcUwiMFyxreWRvB|E6ZZ z^DWe%y46gizk?dEgS-LhAE5?yLCr$??@)vK3B5C@pV2P^c9!#?|HKa2pe|#7Y*6vq zEzmyNtxf)3FZqlTeSjFNT-bhx$znx`#;j?k7v$7**&Cuu98#o8*UL%SEH zoKSc0tD(UWQ(2 z*bQ}Hdxi68coph4yav77uphe4Z~*;(0E+$_4nkiryanB5I0XMoP=k8e@D9?iK+!A1 zyU=}x_o1&DTA=S3TA}Y6jzHftdZ};s9!T`=-!Iz+49xV1+NQV3V0b@ z@Vame@N&3i_~nc^+?wz(+}dywZe4g3Zhbffw;{X>Zew^HZc{h|cXfC-+~#l&?z!Pf zxNE|D;kJjTkY@+nGP6FsAMggaWu`NHCEyF;mYI#=gMho>mYMGG)qpp_Ei*mgYXJAc zEi;?L*8=W?3oaTy1b6^$nHdbf5%3ncW#*#rb%3|R#m)ZV>j7_rTV}S0Zv=b^+%hvB zz6owRd^6mA;ah;8f?H;;2;T~LKio3&n(#XSUkSI&90INS%qpM?8h_|tG7 z3V#;v!{N`t{qOMIaK9412ky7S_rm>7_)Bmf3*Qg-C*cQB%1_~znV*Fp0{kT0GV}BB ze*=CBE_hn_tAL+@3n~qN9quo~--P>O_z~d$02j0x{x;x0!v(E|9|QbXxS-hZ_W=Jd zT=4wx4*>rYE~q#BIN+Dzf_fuA2JFBE^+tXII0U!Mlt+FB_$av0@kD+Ocoy6;QxSO@ z@X>HFYe#+oxDqZnOyrk<=fVXii98SY_{gu|o)GyB+!G_egS#m5BHU9Ve}ua@@+Y_} zB7cFqGV(XLt0Mmkw<_{axV4d&ky{;H&}YOcb4&wV&}SqBxCt(3G7T6d<<@x*%4U;I1U#)FtQkKDsn2^%Oj`3-4$5|cPz3T?s()Zxar6WxS7Z*xD%0c z;O>spz|BVL;N~I?aPyHSxRa4)xO*aN;O>o_2X|lOe7IAQDBLR|t#J28+Tp$?vL5c0 zkxsY=A{*fzjC8}jD$)b@>d0oeuZ{G>y(TgU_jQqr;9eWK81CyM+u=J zM&fYa6d8tlT_g$j&5=>K*GE!tZ;0%Idt+oA?pq=mxHm<1!+mQc2lwX4B;2<}_QJg- zG6nbTk^OLQja&)$y^(`(zZAI|?){N#;C?xBE!+nphu}UKc_ZA1BG9+AhswVRH&OmbS(T|R zi$a6BsjL-lZ&^De#LIzMZ@wSe3w>i>&kK(t(Hbd9>Eb{rb zc@FtJW_}O&G4lt&-^Fi-HNgEdV3gaJQpW&r+?ISTNP%q+k^Hb(>g zv8e?7gqaKY33DvqpO|@oe`1aY{4;Yh;GdaO0RP;a3HaycY`{;Mm4KfzRe+y1)qtNi zwSb>7^?;u-jewsuYXLuN)&c&dxd8AlO$*@XOdH_mOb6iS%?7~Fn+pNIV7dUmU^W5% zmFWfiE7J$~*Jc3lugw;~zcE_@|Hf;t^OxdQM4=QV&AItKtR zbglw?g7aFyCpfPIe4_Juz$ZFy0DO}3Ccq~-Zw7p_a|7U$owop93kXRna+cN&vG6He3tVSz-K#O1AMmg4Ztg$ZvkH6JPLTF z^Buq|o$mr(<$NFTD(8oQtDGMJu5z9Le2()|z~?wm0zaQ+Oq!TBrTM(6K<8=ZduUhf=R*#LK5Ws}+9 z91nPdvk-8nb0XkQ=VZVaI;Q}>&{+a_qq7w7M(1?EUCtSRyPPutZ*w{TZ*w*P-tJro zc)QaD_!6fVFm(D14^&xOu-$g z++{9xF0br_J65?7Zn|Ku0-tn7#TFzOt4zJfXrIbTEmL(Vsl z|FH8dz{Ad?fD_Jl04JR90!}*L2b^?%2zbQ#5#SN$3BaSyPXUiQPXZouo&r4PJOg;# zc^2@v^Bmv{a3w)6_MEcVQ+h3q4}8qrW&YcIAH2nJW;(|>Cpf1%XE`-avlDeL#O}