From 84502312e413071740aa350fd2c7d05928886b8c Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Fri, 14 Aug 2015 03:58:00 +0200
Subject: [PATCH 01/35] Added custom error messages.

---
 public/404.html                               |  32 ++-----
 public/422.html                               |  32 ++-----
 public/500.html                               |  31 ++-----
 public/assets/error/error-1.svg               |   1 +
 public/assets/error/error-2.svg               |   1 +
 public/assets/error/error-3.svg               |   1 +
 public/assets/error/error-4.svg               |   1 +
 .../assets/error/firasans-regular-webfont.eot | Bin 0 -> 26030 bytes
 .../assets/error/firasans-regular-webfont.ttf | Bin 0 -> 72228 bytes
 .../error/firasans-regular-webfont.woff       | Bin 0 -> 28852 bytes
 public/assets/error/style.css                 |  80 ++++++++++++++++++
 11 files changed, 108 insertions(+), 71 deletions(-)
 create mode 100644 public/assets/error/error-1.svg
 create mode 100644 public/assets/error/error-2.svg
 create mode 100644 public/assets/error/error-3.svg
 create mode 100644 public/assets/error/error-4.svg
 create mode 100755 public/assets/error/firasans-regular-webfont.eot
 create mode 100755 public/assets/error/firasans-regular-webfont.ttf
 create mode 100755 public/assets/error/firasans-regular-webfont.woff
 create mode 100644 public/assets/error/style.css

diff --git a/public/404.html b/public/404.html
index 9a48320a5..653716afa 100644
--- a/public/404.html
+++ b/public/404.html
@@ -1,26 +1,10 @@
 <!DOCTYPE html>
-<html>
-<head>
-  <title>The page you were looking for doesn't exist (404)</title>
-  <style type="text/css">
-    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
-    div.dialog {
-      width: 25em;
-      padding: 0 4em;
-      margin: 4em auto 0 auto;
-      border: 1px solid #ccc;
-      border-right-color: #999;
-      border-bottom-color: #999;
-    }
-    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
-  </style>
-</head>
+<html class="dark">
+<meta charset="utf-8">
+<title>404: Not Found</title>
+<link rel="stylesheet" href="/assets/error/style.css">
 
-<body>
-  <!-- This file lives in public/404.html -->
-  <div class="dialog">
-    <h1>The page you were looking for doesn't exist.</h1>
-    <p>You may have mistyped the address or the page may have moved.</p>
-  </div>
-</body>
-</html>
+<h1>404: Requested Page was not found.</h1>
+<div class="error-image" style="background-image: url(/assets/error/error-2.svg)"></div>
+<p>Sorry, but the Phoenix is not able to find your page. Try checking the URL for errors.</p>
+</html>
\ No newline at end of file
diff --git a/public/422.html b/public/422.html
index 83660ab18..42db85126 100644
--- a/public/422.html
+++ b/public/422.html
@@ -1,26 +1,10 @@
 <!DOCTYPE html>
-<html>
-<head>
-  <title>The change you wanted was rejected (422)</title>
-  <style type="text/css">
-    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
-    div.dialog {
-      width: 25em;
-      padding: 0 4em;
-      margin: 4em auto 0 auto;
-      border: 1px solid #ccc;
-      border-right-color: #999;
-      border-bottom-color: #999;
-    }
-    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
-  </style>
-</head>
+<html class="dark">
+<meta charset="utf-8">
+<title>422: Not Found</title>
+<link rel="stylesheet" href="/assets/error/style.css">
 
-<body>
-  <!-- This file lives in public/422.html -->
-  <div class="dialog">
-    <h1>The change you wanted was rejected.</h1>
-    <p>Maybe you tried to change something you didn't have access to.</p>
-  </div>
-</body>
-</html>
+<h1>422: The change you wanted was rejected.</h1>
+<div class="error-image" style="background-image: url(/assets/error/error-1.svg)"></div>
+<p>Maybe you tried to change something you didn't have access to.</p>
+</html>
\ No newline at end of file
diff --git a/public/500.html b/public/500.html
index f3648a0db..a07e0040c 100644
--- a/public/500.html
+++ b/public/500.html
@@ -1,25 +1,10 @@
 <!DOCTYPE html>
-<html>
-<head>
-  <title>We're sorry, but something went wrong (500)</title>
-  <style type="text/css">
-    body { background-color: #fff; color: #666; text-align: center; font-family: arial, sans-serif; }
-    div.dialog {
-      width: 25em;
-      padding: 0 4em;
-      margin: 4em auto 0 auto;
-      border: 1px solid #ccc;
-      border-right-color: #999;
-      border-bottom-color: #999;
-    }
-    h1 { font-size: 100%; color: #f00; line-height: 1.5em; }
-  </style>
-</head>
+<html class="dark">
+<meta charset="utf-8">
+<title>500: Something went wrong</title>
+<link rel="stylesheet" href="/assets/error/style.css">
 
-<body>
-  <!-- This file lives in public/500.html -->
-  <div class="dialog">
-    <h1>We're sorry, but something went wrong.</h1>
-  </div>
-</body>
-</html>
+<h1>500: We're sorry, but something went wrong.</h1>
+<div class="error-image" style="background-image: url(/assets/error/error-2.svg)"></div>
+<p>We're sorry, but something went wrong.</p>
+</html>
\ No newline at end of file
diff --git a/public/assets/error/error-1.svg b/public/assets/error/error-1.svg
new file mode 100644
index 000000000..da0e1e7f7
--- /dev/null
+++ b/public/assets/error/error-1.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 750 650" enable-background="new 0 0 750 650"><path fill="#ceb249" d="m402.63 286.83l8.93 173.24-64-218.41z"/><path fill="#f8e192" d="m402.63 286.83l-54.69-.1 121.23 107.4z"/><path fill="#e09b16" d="m406.93 210.14l-40.31 17.79 11.17 89.38 24.31-37.54z"/><path fill="#f3d14f" d="m402.63 286.83l-32.25-53.9-19.02 55.94.23 207.07z"/><path opacity=".15" fill="#fff" d="m402.63 286.83l2.86 50.87-57.55-50.97"/><path fill="#e09b16" d="m406.25 122.5l-31.25-28.75-31.25 28.75-39.16 51.28 40.37 109.22h30.04 30.04l40.37-109.22z"/><path fill="#3f2e20" d="m442.5 227.5l-67.5 20-67.5-20 67.5-15z"/><g fill="#dfe0e1"><ellipse cx="409.5" cy="229.5" rx="22.5" ry="30"/><ellipse cx="345.5" cy="227.5" rx="22.5" ry="30"/></g><ellipse fill="#f8f9fa" cx="375" cy="220.5" rx="22.5" ry="30"/><path fill="#5d3d1b" d="m405.04 283l37.46-55.5-67.5 20-67.5-20 37.46 55.5z"/><path fill="#835c3a" d="m375 247.5l-67.5-20 37.46 55.5h30.04v-35.5"/><path fill="#704c2a" d="m442.5 227.5l-67.5 20v35.5h30.04z"/><g fill="#389cd8"><path d="m552.5 283h-130l-2.5 10h132.5 5v-5c0-2.75-2.25-5-5-5"/><path d="m347.5 283h60v10h-60z"/></g><path fill="#1e5a6e" d="m307.07 248.12l9.67-41.11 56.27 81.16z"/><path fill="#c8431c" d="m343.75 122.5l19.33 71.58 43.17-71.58z"/><path fill="#af2527" d="m375 190.4l-31.25-67.9h62.5"/><path fill="#cb4f83" d="m375 93.75l-31.25 28.75 31.25 36.25 31.25-36.25z"/><path fill="#c8431c" d="m375 93.75l.01 28.75 12.72-59.45z"/><path fill="#af2527" d="m375 93.75l.01 28.75 24.05-59.45z"/><path fill="#3aa3c2" d="m406.25 122.5l39.16 51.28"/><path opacity=".15" fill="#fff" d="m373.01 288.17l-65.94-40.05 3.33-18.51z"/><path fill="#7db3ca" d="m343.75 122.5l-36.68 125.62-2.48-74.34z"/><g fill="#c8431c"><path d="m407.5 303l5-20h-10z"/><path d="m397.5 303l5-20h-10z"/></g><path fill="#cb4f83" d="m412.5 283h-20l4-8h12z"/><path fill="#c8431c" d="m402.5 305l5-24h-10z"/><path opacity=".15" fill="#fff" d="m402.5 305l5-24h-10z"/><g fill="#c8431c"><path d="m342.5 303l-5-20h10z"/><path d="m352.5 303l-5-20h10z"/></g><path fill="#cb4f83" d="m337.5 283h20l-4-8h-12z"/><path fill="#c8431c" d="m347.5 305l-5-24h10z"/><path opacity=".15" fill="#fff" d="m347.5 305l-5-24h10z"/><path fill="#c7e4f1" d="m406.25 122.5l-91.1 197.92 130.26-146.64z"/><path fill="#3aa3c2" d="m315.15 320.42l84.18-132.07 6.92-65.85"/><path opacity=".15" fill="#fff" d="m406.25 122.5l39.16 51.28-46.08 14.57z"/><path fill="#389cd8" d="m197.5 283h125l-4.5 10h-120.5-5v-5c0-2.75 2.25-5 5-5"/><g fill="none" stroke="#a1a4a7" stroke-width="2" stroke-miterlimit="10"><path d="m472.5 247.5v-40"/><path d="m482.5 247.5v-40"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/error/error-2.svg b/public/assets/error/error-2.svg
new file mode 100644
index 000000000..15c6c5d56
--- /dev/null
+++ b/public/assets/error/error-2.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 750 650" enable-background="new 0 0 750 650"><defs><use id="1" opacity=".5" xlink:href="#2"/><path id="2" d="m340 259.82h70v60h-70z"/><clipPath id="0"><use xlink:href="#1"/></clipPath></defs><path fill="#3aa3c2" d="m503.63 133.93l-87.89 145.47-6.4-37.56z"/><path fill="#67878f" d="m483.86 149.06l89.12 56.91-116.42-35.39z"/><path fill="#1e5a6e" d="m483.86 149.06l25.52 102.55-52.82-81.03z"/><path opacity=".15" fill="#fff" d="m475.6 162.83l9.34-9.61 24.44 98.39z"/><path fill="#ceb249" d="m433.17 215.46l60.57-162.56-126.68 189.09z"/><path fill="#f8e192" d="m433.17 215.46l-52.2-16.34 147.9-66.01z"/><path fill="#7db3ca" d="m413.39 244.36l55.36-112.95-36.67 138.54z"/><path fill="#f3d14f" d="m433.17 215.46l-46.96 41.72-5.24-58.06 66.35-198.44z"/><path fill="#3aa3c2" d="m468.75 131.41l98.3-16.15-117.4 55.09z"/><path fill="#c7e4f1" d="m322.42 244.31l146.33-112.9-74.78 152.51z"/><g fill="#dc8c18"><path d="m493.75 271.32h-25v-30z"/><path d="m256 271.32h25v-30z"/></g><path fill="#a27c4c" d="m387.5 614.32l-25 35v-270h25z"/><path fill="#dc8c18" d="m452.5 374.32c0 2.75-2.25 5-5 5h-145c-2.75 0-5-2.25-5-5v-15c0-2.75 2.25-5 5-5h145c2.75 0 5 2.25 5 5v15"/><path fill="#e7b141" d="m379.77 198.83c-2.622-.828-6.913-.828-9.536 0l-85.46 26.988c-2.623.828-4.768 3.756-4.768 6.506v130c0 2.75 2.25 5 5 5h180c2.75 0 5-2.25 5-5v-130c0-2.75-2.146-5.678-4.768-6.506l-85.46-26.988"/><path opacity=".15" fill="#fff" d="m375 218.57l-71.25 22.5v110h142.5v-110z"/><g fill="#dc9118"><path opacity=".2" d="m446.25 241.07v110l18.75 16.25c2.75 0 5-2.25 5-5v-130c0-2.75-2.146-5.678-4.768-6.506l-18.982 15.256"/><path opacity=".2" d="m284.77 225.81c-2.621.828-4.768 3.756-4.768 6.506v130c0 2.75 2.25 5 5 5l18.75-16.25v-110l-18.982-15.256"/><path opacity=".9" d="m303.75 351.07l-18.75 16.25h90v-16.25z"/><path opacity=".65" d="m370.23 198.83l-85.46 26.988 18.982 15.256 71.25-22.5v-20.365c-1.729 0-3.457.207-4.767.621"/><path opacity=".6" d="m446.25 351.07l18.75 16.25h-90v-16.25z"/><path opacity=".9" d="m379.77 198.83l85.46 26.988-18.982 15.256-71.25-22.5v-20.365c1.728 0 3.456.207 4.767.621"/></g><g fill="#36af6a"><path d="m347.5 604.32h-150c-2.75 0-5 2.25-5 5v5h5 150 5v-10h-5"/><path d="m402.5 604.32h150c2.75 0 5 2.25 5 5v5h-5-150-5v-10h5"/></g><path fill="#67878f" d="m422.5 324.82c0 2.75-2.25 5-5 5h-85c-2.75 0-5-2.25-5-5v-70c0-2.75 2.25-5 5-5h85c2.75 0 5 2.25 5 5v70"/><ellipse fill="#444a4f" cx="374.94" cy="340.48" rx="5" ry="6"/><use fill="#7db3ca" xlink:href="#2"/><path opacity=".3" fill="#1e5a6e" d="m422.5 254.82c0-2.75-2.25-5-5-5h-85c-2.75 0-5 2.25-5 5l12.5 5h70l12.5-5m-95 70c0 2.75 2.25 5 5 5h85c2.75 0 5-2.25 5-5l-12.5-5h-70l-12.5 5"/><g opacity=".5"><g clip-path="url(#0)"><path fill="#c8431c" d="m413.81 318.97l6.71-81.51 41.11-41.34z"/><path fill="#e09b16" d="m376.48 236.01l44.04 1.45 28.69-85.39-38.18 23.3z"/><g fill="#c8431c"><path d="m333.56 322.45l15.12-12.04 36.77 9.6z"/><path d="m355.04 298.93l41.81-65.34-3.03 25.14"/></g><path opacity=".15" fill="#fff" d="m313.46 233.81l134.25 4.24-33.9 80.92z"/><path fill="#e09b16" d="m350.77 301.33l43.78 28.12 43.56-67.74-104-25.5z"/><path fill="#cb4f83" d="m410.4 304.77l-15.03 25.52-44.6-28.96-11.33-42.89 49.11 27.8z"/><path fill="#c7e4f1" d="m318.46 247.61l150.29-116.2-80.2 154.83z"/><path fill="#af2527" d="m396.71 322.99l-77.18-16.89 31.24-4.77z"/></g></g><use opacity=".8" fill="#1e5a6e" xlink:href="#2"/><g fill="none" stroke="#fff" stroke-width="2" stroke-miterlimit="10"><path d="m355 284.82h40"/><path d="m355 294.82h40"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/error/error-3.svg b/public/assets/error/error-3.svg
new file mode 100644
index 000000000..32a3639d1
--- /dev/null
+++ b/public/assets/error/error-3.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 750 650" enable-background="new 0 0 750 650"><path fill="#ceb249" d="m302.17 322.74l-72.2 5.28 139.26 80.8-7.16-29.23z"/><path fill="#67878f" d="m362.07 379.59l7.16 29.23 60.8 35.28z"/><path fill="#f8e192" d="m302.17 322.74l-40.36 38.21 164.49-5.76z"/><path fill="#c8431c" d="m141.97 121.64l13.84 13.94 4.96 30.97z"/><path fill="#af2527" d="m171.22 142.44l73.16 56.6-39.11-8.04z"/><path fill="#c8431c" d="m171.22 142.44l70.63 34.99-25.73-.28z"/><path fill="#cb4f83" d="m167.96 265.36l-4.99-67.76 5.35-59.2 133.85 184.34-61.5-17.13z"/><g fill="#3aa3c2"><path d="m316.67 150.63l-14.5 172.11-22.76-31.33z"/><path d="m316.67 150.63l99.9-16.42-119.31 55.99z"/></g><path fill="#67878f" d="m305.48 173.32l106.81 11.67-121.99 20.23z"/><path fill="#1e5a6e" d="m305.48 173.32l69.46 81.91-84.64-50.01z"/><path opacity=".15" fill="#fff" d="m304.16 189.58l4.17-12.96 66.61 78.61z"/><path fill="#7db3ca" d="m260.41 265.41l56.26-114.78-37.26 140.78z"/><path fill="#e09b16" d="m206.78 191.33l-40.49 51.8 1.67 22.23 59.31-45.78z"/><path fill="#c8431c" d="m167.96 265.36l72.71 40.25 21.14 55.34z"/><path fill="#c7e4f1" d="m167.96 265.36l148.71-114.73-76 154.98z"/><path opacity=".15" fill="#fff" d="m288.76 207.94l-59.05 120.31-61.75-62.89z"/><path fill="#e09b16" d="m260.41 265.41l-19.74 40.2 67.14 62.24-5.64-45.11z"/><path fill="#f3d14f" d="m302.17 322.74l-61.5-17.13 21.14 55.34 56.35 57.26 19.24-34.03z"/><path fill="#1e5a6e" d="m337.4 384.18l-19.24 34.03 92.81 94.29z"/><g fill="#fff"><path opacity=".15" d="m302.17 322.74l-40.36 38.21 78.08-2.75z"/><path opacity=".15" d="m337.4 384.18l-19.24 34.03 57.38 32.49z"/></g><path fill="#1e5a6e" d="m401.95 417.42l-32.72-8.6 60.8 35.28z"/><g fill="none" stroke="#a1a4a7" stroke-width="2" stroke-miterlimit="10"><path d="m428.73 510.06h40"/><path d="m418.73 500.06h40"/></g><g fill="#c8431c"><path d="m202.27 462.5c-2.75 0-4.774 2.695-4.774 5.445v4.555h4.774 155.23l-10-10h-145.23"/><path d="m547.27 462.5h-154.77l10 10h144.77 5.225v-4.555c0-2.75-2.475-5.445-5.225-5.445"/></g><path fill="#67878f" d="m154.97 140.33l-2.16-1.25 15-25.98-64.95-37.5-15 25.98-2.17-1.25-7.5 12.99 2.17 1.25-2.504 4.33 10.1 5.83-3.939 3.5 47.63 27.5 1.05-5.16 10.11 5.83 2.5-4.33 2.16 1.25z"/><g fill="#1e5a6e"><path opacity=".3" d="m160.06 111.52l-51.962-29.999c-2.382-1.375-5.455-.552-6.83 1.83l-17.5 30.31c-1.375 2.381-.552 5.455 1.83 6.829l4.33 2.5 5.916-5.244 38.971 22.499-1.585 7.745 4.33 2.501c2.381 1.375 5.455.551 6.83-1.83l17.5-30.31c1.375-2.381.551-5.455-1.83-6.831"/><path opacity=".3" d="m109.02 84.93l-6.83 1.83-17.5 30.31 2.88 1.67 8.18-6.83 44.16 25.5-1.82 10.49 2.89 1.67 17.5-30.31-1.83-6.83z"/><circle opacity=".8" cx="93.01" cy="127.65" r="1.833"/><circle opacity=".8" cx="100.21" cy="127.19" r="1.833"/><circle opacity=".8" cx="127.65" cy="147.65" r="1.833"/><circle opacity=".8" cx="124.46" cy="141.19" r="1.834"/></g><path fill="none" stroke="#fff" stroke-width="2" stroke-miterlimit="10" d="m107.25 91.99l44.17 25.501"/><path transform="matrix(.866.5-.5.866 74.27-46.06)" opacity=".5" fill="#1e5a6e" d="m97.58 108.07h51v15h-51z"/><g fill="#444a4f"><path d="m114.43 111.44c.023-.03.047-.059.069-.086.04-.054.077-.108.114-.164.028-.04.053-.082.081-.124.053-.083.111-.161.16-.246.051-.088.092-.18.138-.271.021-.039.042-.079.062-.117.028-.061.057-.119.083-.181.018-.039.031-.08.047-.119.008-.021.016-.041.025-.062l1.383-.001v-3.999l-1.379-.001c-.01-.024-.021-.048-.033-.073-.019-.046-.038-.093-.059-.14-.073-.165-.152-.326-.242-.482-.009-.02-.014-.039-.024-.056-.006-.012-.015-.021-.022-.03-.048-.084-.099-.164-.153-.244-.021-.033-.044-.066-.066-.098-.073-.105-.149-.21-.23-.311l.69-1.195-3.464-2-.69 1.195c-.128-.02-.255-.033-.383-.045-.039-.002-.08-.006-.119-.008-.1-.006-.199-.011-.299-.011-.009 0-.018-.003-.027-.003-.015.001-.028.004-.043.004-.187.001-.372.014-.559.033-.049.005-.098.012-.146.018-.027.005-.054.006-.081.011l-.689-1.195-3.465 1.999.691 1.198c-.012.018-.024.032-.038.048-.029.038-.059.071-.085.108-.039.052-.074.104-.109.156-.027.04-.052.08-.078.12-.053.083-.111.162-.162.25-.049.085-.087.17-.131.257-.025.048-.049.093-.073.14-.027.057-.055.115-.08.174-.017.036-.03.074-.044.111-.01.022-.018.046-.027.069l-1.383-.001.001 3.999 1.379.001c.01.025.022.053.032.078.019.044.038.086.057.128.075.172.159.34.251.504.007.013.011.026.018.04.004.008.011.014.016.022.051.085.104.169.16.253.021.034.043.065.066.098.074.105.148.209.23.31l-.69 1.196 3.464 2 .69-1.196c.129.02.257.034.386.045.037.002.075.005.112.007.097.007.194.011.291.013.014 0 .025.003.039.004.02 0 .039-.007.06-.007.182-.003.364-.013.543-.033.048-.005.094-.01.142-.017.027-.005.055-.006.084-.011l.689 1.194 3.464-2-.691-1.197c.015-.018.032-.038.047-.059"/><path d="m130.98 121c.014-.034.026-.069.041-.104.025-.061.054-.121.083-.181.021-.044.045-.088.067-.131.045-.088.085-.177.134-.263.051-.088.109-.169.165-.254.023-.037.047-.075.071-.111.039-.055.075-.11.114-.163.026-.035.055-.066.08-.1.014-.019.028-.035.042-.052l-.692-1.199 3.464-1.999.69 1.193c.026-.003.052-.006.079-.008.05-.007.1-.013.15-.02.18-.02.359-.03.54-.032.021 0 .04-.006.06-.006.014 0 .025.003.039.005.095-.001.191.003.288.01.04.003.078.006.117.009.128.011.257.024.384.044l.69-1.195 3.464 1.999-.691 1.196c.081.101.156.204.23.309.022.034.045.066.066.1.056.083.108.168.158.253.006.008.012.015.017.022.007.014.011.026.017.04.093.162.176.329.251.499.02.046.039.09.058.137.01.025.022.05.031.074h1.38v3.999l-1.384.001c-.007.019-.015.037-.023.057-.017.043-.031.087-.049.128-.026.059-.054.115-.082.173-.02.043-.043.085-.063.128-.045.087-.086.177-.137.265-.049.085-.104.161-.156.242-.029.044-.056.088-.086.133-.036.052-.072.104-.11.154-.023.034-.05.063-.074.094-.015.021-.031.039-.046.059l.692 1.197-3.464 2-.69-1.194c-.028.004-.056.006-.083.01-.048.007-.093.011-.141.017-.186.021-.373.032-.561.033-.015.002-.028.006-.043.006-.009-.001-.018-.003-.028-.004-.1 0-.198-.006-.299-.011-.04-.002-.079-.005-.118-.009-.128-.011-.255-.024-.383-.044l-.69 1.196-3.464-2 .69-1.194c-.081-.103-.157-.207-.231-.313-.021-.03-.042-.062-.062-.092-.054-.081-.107-.164-.156-.247-.007-.011-.016-.02-.022-.03-.011-.019-.015-.037-.025-.057-.089-.158-.17-.321-.243-.486-.02-.044-.039-.086-.057-.131-.01-.025-.021-.052-.033-.077h-1.378v-4h1.382c.011-.024.021-.049.03-.073"/></g><path opacity=".15" fill="#fff" d="m102.86 75.6l39.95 80.8 25-43.3z"/><path fill="#af2527" d="m162.98 197.27l-13.66-84.77 19 25.9z"/><g fill="none" stroke="#a1a4a7" stroke-width="2" stroke-miterlimit="10"><path d="m35 141h40"/><path d="m25 131h40"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/error/error-4.svg b/public/assets/error/error-4.svg
new file mode 100644
index 000000000..aec67fef2
--- /dev/null
+++ b/public/assets/error/error-4.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1000 650" enable-background="new 0 0 1000 650"><path fill="#3f2e20" d="m697.25 349.72h70v2.5h-70z"/><ellipse fill="#dfe0e1" cx="732.25" cy="329.72" rx="22.5" ry="30"/><path fill="#835c3a" d="m754.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m748.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m754.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.429 0-22.501-13.431-22.501-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="787.25" cy="329.72" rx="22.499" ry="30"/><path fill="#704c2a" d="m809.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#dfe0e1" d="m805.86 333.69c-.76 2.644-3.591 5.231-6.291 5.754l-22.406 4.329c-2.7.522-5.455-1.233-6.122-3.901l-2.574-10.299c-.667-2.668 1.037-4.847 3.787-4.842l31.17.053c2.75.004 4.378 2.171 3.618 4.813l-1.178 4.093"/><path fill="#704c2a" d="m809.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="677.25" cy="329.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m699.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m693.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m699.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m699.75 329.72h10v20h-10z"/><path d="m754.75 329.72h10v20h-10z"/></g><path fill="#835c3a" d="m698.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m709.75 329.72c0 16.569 10.07 30 22.501 30v-60c-12.429 0-22.501 13.431-22.501 30"/><path fill="#835c3a" d="m645.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m654.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m753.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m764.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m754.04 337.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m699.04 337.22c-.164.85-.359 1.682-.576 2.5h12.571c-.217-.818-.412-1.65-.576-2.5h-11.419"/><path opacity=".5" d="m655.45 337.22h-5.246l.463 2.5h5.359c-.216-.819-.412-1.651-.576-2.5"/><path d="m742.75 303.51l-5 1.71-5-1.71 5-1.29z"/></g><path fill="#835c3a" d="m724.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m750.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m687.75 303.51l-5 1.71-5-1.71 5-1.29z"/><path fill="#835c3a" d="m669.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m695.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m675.25 359.72h70v2.5h-70z"/><ellipse fill="#fff" cx="710.25" cy="339.72" rx="22.5" ry="30"/><path fill="#835c3a" d="m732.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m726.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m732.75 339.72h-.002c0 16.569-10.07 30-22.499 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="765.25" cy="339.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m787.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m781.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m787.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="655.25" cy="339.72" rx="22.5" ry="30"/><path fill="#835c3a" d="m677.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m671.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m677.75 339.72h-.002c0 16.569-10.07 30-22.499 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m677.75 339.72h10v20h-10z"/><path d="m732.75 339.72h10v20h-10z"/></g><path fill="#835c3a" d="m676.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m687.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m623.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m632.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m731.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m742.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m732.04 347.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m677.04 347.22c-.164.85-.359 1.682-.576 2.5h12.571c-.217-.818-.412-1.65-.576-2.5h-11.419"/><path opacity=".5" d="m633.45 347.22h-5.246l.463 2.5h5.359c-.216-.819-.413-1.651-.576-2.5"/><path opacity=".5" d="m806.75 337.22h-.338l-9.662 10h-9.705c0 0-.359 1.682-.576 2.5h10.307l9.527-10h7.525l.463-2.5h-7.541"/></g><path fill="#835c3a" d="m806.75 329.72l-10 10h-12v7.5h12l9.66-10h12.34v-7.5z"/><path opacity=".1" fill="#fff" d="m796.75 339.72l10-10-1.67 36.99-8.31.01z"/><path fill="#3f2e20" d="m477.25 349.72h70v2.5h-70z"/><ellipse fill="#dfe0e1" cx="512.25" cy="329.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m534.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m528.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m534.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="567.25" cy="329.72" rx="22.499" ry="30"/><path fill="#704c2a" d="m589.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#dfe0e1" d="m585.86 333.69c-.76 2.644-3.591 5.231-6.291 5.754l-22.406 4.329c-2.7.522-5.455-1.233-6.122-3.901l-2.574-10.299c-.667-2.668 1.037-4.847 3.787-4.842l31.17.053c2.75.004 4.378 2.171 3.618 4.813l-1.178 4.093"/><path fill="#704c2a" d="m589.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="457.25" cy="329.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m479.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m473.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m479.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m479.75 329.72h10v20h-10z"/><path d="m534.75 329.72h10v20h-10z"/></g><path fill="#835c3a" d="m478.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m489.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m425.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m434.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m533.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m544.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m534.04 337.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m479.04 337.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m435.45 337.22h-5.246l.463 2.5h5.359c-.216-.819-.412-1.651-.576-2.5"/><path d="m522.75 303.51l-5 1.71-5-1.71 5-1.29z"/></g><path fill="#835c3a" d="m504.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m530.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m467.75 303.51l-5 1.71-5-1.71 5-1.29z"/><path fill="#835c3a" d="m449.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m475.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m455.25 359.72h70v2.5h-70z"/><ellipse fill="#fff" cx="490.25" cy="339.72" rx="22.5" ry="30"/><path fill="#835c3a" d="m512.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m506.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m512.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="545.25" cy="339.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m567.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m561.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m567.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="435.25" cy="339.72" rx="22.5" ry="30"/><path fill="#835c3a" d="m457.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m451.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m457.75 339.72h-.002c0 16.569-10.07 30-22.499 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m457.75 339.72h10v20h-10z"/><path d="m512.75 339.72h10v20h-10z"/></g><path fill="#835c3a" d="m456.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m467.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m403.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m412.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m511.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m522.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m512.04 347.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m457.04 347.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m413.45 347.22h-5.246l.463 2.5h5.359c-.216-.819-.413-1.651-.576-2.5"/><path opacity=".5" d="m586.75 337.22h-.338l-9.662 10h-9.705c0 0-.359 1.682-.576 2.5h10.307l9.527-10h7.525l.463-2.5h-7.541"/></g><path fill="#835c3a" d="m586.75 329.72l-10 10h-12v7.5h12l9.66-10h12.34v-7.5z"/><path opacity=".1" fill="#fff" d="m576.75 339.72l10-10-1.67 36.99-8.31.01z"/><path fill="#3f2e20" d="m257.25 349.72h70v2.5h-70z"/><ellipse fill="#dfe0e1" cx="292.25" cy="329.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m314.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m308.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m314.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="347.25" cy="329.72" rx="22.499" ry="30"/><path fill="#704c2a" d="m369.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#dfe0e1" d="m365.86 333.69c-.76 2.644-3.591 5.231-6.292 5.754l-22.406 4.329c-2.7.522-5.455-1.233-6.122-3.901l-2.574-10.299c-.667-2.668 1.037-4.847 3.787-4.842l31.17.053c2.75.004 4.378 2.171 3.618 4.813l-1.177 4.093"/><path fill="#704c2a" d="m369.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#dfe0e1" cx="237.25" cy="329.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m259.75 361.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m253.46 339.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m259.75 329.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m259.75 329.72h10v20h-10z"/><path d="m314.75 329.72h10v20h-10z"/></g><path fill="#835c3a" d="m258.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m269.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m205.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m214.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m313.75 329.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m324.75 329.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m314.04 337.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m259.04 337.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m215.45 337.22h-5.246l.463 2.5h5.359c-.216-.819-.412-1.651-.576-2.5"/><path d="m302.75 303.51l-5 1.71-5-1.71 5-1.29z"/></g><path fill="#835c3a" d="m284.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m310.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m247.75 303.51l-5 1.71-5-1.71 5-1.29z"/><path fill="#835c3a" d="m229.75 341.72h13v-36.5l-5-1.71z"/><path fill="#704c2a" d="m255.75 341.72h-13v-36.5l5-1.71z"/><path fill="#3f2e20" d="m235.25 359.72h70v2.5h-70z"/><ellipse fill="#fff" cx="270.25" cy="339.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m292.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m286.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m292.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="325.25" cy="339.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m347.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m341.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><path fill="#704c2a" d="m347.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><ellipse fill="#fff" cx="215.25" cy="339.72" rx="22.499" ry="30"/><path fill="#835c3a" d="m237.75 371.72c0 2.75-2.25 5-5 5h-35c-2.75 0-5-2.25-5-5l-5-27c0-2.75 2.25-5 5-5h45c2.75 0 5 2.25 5 5l-5 27"/><path fill="#fff" d="m231.46 349.87c-.667 2.668-3.463 4.851-6.213 4.851h-20c-2.75 0-5.546-2.183-6.213-4.851l-2.574-10.299c-.667-2.668 1.037-4.851 3.787-4.851h30c2.75 0 4.454 2.183 3.787 4.851l-2.574 10.299"/><g fill="#704c2a"><path d="m237.75 339.72h-.002c0 16.569-10.07 30-22.498 30-12.428 0-22.5-13.431-22.5-30-2.75 0-5 2.25-5 5l5 27c0 2.75 2.25 5 5 5h35c2.75 0 5-2.25 5-5l5-27c0-2.75-2.25-5-5-5"/><path d="m237.75 339.72h10v20h-10z"/><path d="m292.75 339.72h10v20h-10z"/></g><path fill="#835c3a" d="m236.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m247.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m183.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m192.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><path fill="#835c3a" d="m291.75 339.72h12v7.5h-12z"/><path opacity=".15" fill="#fff" d="m302.75 339.72c0 16.569 10.07 30 22.5 30v-60c-12.428 0-22.5 13.431-22.5 30"/><g fill="#3f2e20"><path opacity=".5" d="m292.04 347.22c-.164.85-.359 1.682-.576 2.5h12.572c-.217-.818-.412-1.65-.576-2.5h-11.42"/><path opacity=".5" d="m237.04 347.22c-.164.85-.359 1.682-.576 2.5h12.57c-.217-.818-.412-1.65-.576-2.5h-11.418"/><path opacity=".5" d="m193.45 347.22h-5.246l.463 2.5h5.359c-.216-.819-.412-1.651-.576-2.5"/><path opacity=".5" d="m366.75 337.22h-.338l-9.662 10h-9.705c0 0-.359 1.682-.576 2.5h10.307l9.527-10h7.525l.463-2.5h-7.541"/></g><path fill="#835c3a" d="m366.75 329.72l-10 10h-12v7.5h12l9.66-10h12.34v-7.5z"/><path opacity=".1" fill="#fff" d="m356.75 339.72l10-10-1.67 36.99-8.31.01z"/><g fill="none" stroke="#a1a4a7" stroke-width="2" stroke-miterlimit="10"><path d="m834.73 410.06h-40"/><path d="m844.73 400.06h-40"/></g><g fill="#f3d14f"><path d="m831.25 329.72h150c2.75 0 5 2.25 5 5v5h-5-150-5v-10h5"/><path d="m168.75 339.72h-150c-2.75 0-5 2.25-5 5v5h5 150 5v-10h-5"/><path d="m395.93 339.72h-9.68v10h9.68.32v-10z"/><path d="m615.93 339.72h-9.68v10h9.68.32v-10z"/></g></svg>
\ No newline at end of file
diff --git a/public/assets/error/firasans-regular-webfont.eot b/public/assets/error/firasans-regular-webfont.eot
new file mode 100755
index 0000000000000000000000000000000000000000..e87652e08b609a6fc9184dd976becb8070b2dad5
GIT binary patch
literal 26030
zcmZs>WmFtYuq`?;gAC5#?(Xg|xV!t{?h+t`;O_437BoO`cXtR05Zr<X3whr;>;AZJ
zz1O|Ex_Z~H-PNoAR-+975NHhm!2dTvfd3f?|7!sNI6yKS;6F@7BMSb1PX7`9&nN-_
zDF4Ux`A|0ef1v+sg8<|J4ggPp#eXF2|Ew#(>%S-lKnq|4umku2od3f-|3mx$djBDw
z|3w`DZvU|;0XzV902hE0zz+}sX#AH;`Jd1E|3dBmV|oLu{+I9jU!3c|49@?Sz<*W*
z;PRic(|?-(!?FDjb^cG;62SeR$M?TW@INhXfY5(;Q~&?eNcsP%5CD+Ume=^dp7y^k
z5b*O2AUz9^UItja<IbMOPx=|zO*vTkYefaqTYYQcb>o%$Q}rQY1pd1*Xe$p10j(T)
zT%lHHtA2#clyDVkXU2&yir(rR=u>55lHU%hAeBBF4*?qMoenl-eUZ&l%{ReNU5M!S
z+)w`GCL$VpgEKAaKr)w<sbkK|aH-h8to=Pp-Q=#vwAnQ{QE@VMx-4P;%x#_s<9gcJ
z*PhhK*||IdxyF^fIq2K8HJn$q_S=0E5gXdc&xe$`UzP3A4CVUUtynas2En<=piDrz
z7}lE&3-zd}iO%7uZB^}{m8+#1z;0Vz!jo1Xaoa7d(_n{4Qtl=llPd4tMDD{=`~xtT
zFnUF{6p4YcD{NDfcklPpJF5j|@UJ0ad%UgvkU<mhpk|8djdcX#2S^eB=RX|WE@2-f
zE4=KU_<VqT+En0FbTH|YKei)R#RSQur6WrWJpreeb7+1Z-}?Yan8yR*?>B5VLG-x9
zK{;+&Pm2`|B|O@PYj<O+Kt(+|PMG>T;n}rXJT93o@=qsruFuBJc##r>T@Q;<UZbm+
z{ky-(N#X%dlO-yDuMsud&D7IHn1|2sV_mQ?aoQ%Ty6vm6j6*WgH?i_s-`tgYG585>
z;fnw*a5o)}ls*XF+0_gd{PF18IaB`F|Kv8F#9vNRJ>S*ce=8a%z5{4)73C1#f_L?%
zyeS6G0|JcWb2)@Wn;I<WnXM9IHm$Iz^p%s)_cxc-eN?nkzO14p!rLd%Xj2=F#|uBk
z<0wvqO<gg{{mUp{c~1x9uRKSJsnxl)xA-VyGv(h}^07)Tyll!b7x}qHYsT40U?NtS
zYb_1Hjk9oD_X#2~ejZgGQ>r~H$E{@G$#8Dd#^U8{%!Q?rSzI+YkeGZu)iW4|X2`Vw
zF8?@81#4o?cL$$Ch<h*K9SGags9ZifzN&~A9DmxE%@_O7fY+;*q1A{qMv=sKs=*@Q
zy`f~a262`XV*m2fb;zQ@caVXR{_Ek9c8SRQ<N@Kgo@sH;<kdqO#CM{|L>Z|>Cds{h
z3v66f)oZCP%D!aV0~sZg&Iu_3;A!07fqXPrQ@Z~N-tnkl5g?GGh_g^+@J_3;Cs6?~
z;8jfvi7$BNCwA^7#2dX9q;zcZUsBA$b-i+xke=KR;3_Clvcdk9L8{W`InDt2Hi)g$
z1G1QsjVe{gQl<%4<2=s`=jRMw-vd?AjYF}QGl%#kho^@3O_(w34OJXd(&o9|wX`3t
z?)9=QC8lr=R&J6Z-qu9jgd@BoVTu54NM4|HBx6A{MymJTAOfw48yb|ANKv>XJ2se&
zY50=|8k*ucwu)59^6=NrV9m4+6Nlh9=3i={%JY^X9nn&;FEeYfnBP=Glq`bO!B#_5
zxDCM!KKY$$L;8X`cXazd7*k?@lzh(qL$_cMx#z#S-K9Y~M3pu}vw+r%^U4wRaAo%X
zP0a1md+@_po6C>G`qahtJgKv`wRO2E&gtJ0p2##^3{rw9t7*Cpi;byqku^J8zdOdd
zu~p|Lox(#uT6s8iQMT7@-VND(F}SH)_fT+34qR$L?K%)prz1kh51u91%5xH>-T%Xd
zzI11A-SvZk>8v$#r{kFcU3D{3y9t1G|BgSobyj8YsXD<2SKM*)0O8#4Q}j3AyU3p3
z`45bY-(y=Whl2`5_n+HwER-iMxj5K~R6PTg(GwUvV_cyT^3U%6Jg!)GP$GVh%(lQ$
z!~sslC@@bSzbX<rGK%--=@;J$#NI@G|5B74U&76QaWEyH{b+O1BPyQsUQd9s6}9e_
zEFy_p3rfskF=aKS_TLgKZOQ?!mtq{$OwYM0{gf5}cmG-H9_tcw3MG;rfW#VJUS~ZK
zeNh(_00^TjAB>-Mg5q0+fxQWe%V&s)e*$Zt7#);L7_*J>KI*9CCe_#A{xC6B+0+VM
zx`cJFeNqiZ&KK18`=Q;ltahM1<iq$F6?PHv!QZUuk$;B9t3B;2*Kd1a-_A5`_-w%$
z{Hmpn{zYpS5zFhg+30&`Stnz1(Mwmq=qd(k0Lq|h?q#$6j0oXWpz5?4^17Ub8zc?C
zWnBUL^Whit;eDge#Cys_WY#RmGy6eWKjFu+^`uq}Y>b-Xu<1sU|49|_SCcjK^hviZ
zT&dWJp?77Tv~uR0QilzT#+-}HGB>3n;_9s=D6n#I#f>z>Z?r;Zh0>qq<1uV}+MXr2
zHY!<q>%2+Hxd(H8)N>%+wrI@3vQG(bcaEa8Xf<!hldxw|B~As|J|fSn!;7GC#C&xe
z!R$f09BEm|<`)sK?LKj_n6mESOErh><t#<+TMTkKM7l;srWWtDapVk+HD|=Ye>ydt
zzBpN@2Fm@ph8WI!W;GCCU)azr%4|pv+m*@N<Py>0LL6%yjiqJegsrV<?oL1mxv8fg
z$5GY1>S^*F$A5&=9P+of%lpz@a0>oP|HOn>{ozDO?P9{4GmBa)yoj1}aVm>0p_px_
z#<gX9Db}odvB(n98f{ojlDgNH7f4KdZq;JmudAhSlJq&312G<)UyjS}M?|*%Xu@c1
zRU!(C4>}?e>*O0yyL-92)>#PU#;^yNzLit{WfK-M%6~g;Qafs;v#tDs0$5nddG^8K
z;Ib)*B~HY*tMwTLv}mlFb<yKy_)-YWdz{oCvZ0z0ve?CO#KGL~NpqR$OHxD)`|Guq
z(%u!C>AFd^Rd)<0l_pf?3PT^EO7)xn2<v}JGnB<MsBii|)N_CBFa8Xa-%ouF2lI?X
z7<LU1({wl;uyue6OccJPu)=KL=z@-BF%%~G4_Nz8>T2K_My<POVgCO5Hq2k1g|uVH
z5l1_0(HeMeVKia2-2e%M*ji`-(}5eGB>F!JP83E)!mn^blqvs;aK<!{V7v|65WvT6
z3hoUv_+v+H^Wo7*_?TauA@M8Nvnhz^*Fqs6fc9}P=gaFCL6H5Zl*v?5Q;_vq+Mr^6
zirkGnOxGRI_t9MbiKhg>>XCZk6#lb}K2}|(m=TR6+AF}Y^tVQqklp-sTXrBmTkXga
zx|}hc0C-E}RAnlTw{ozUK2<o_;lNGWVmW%)7k*Mzj?gLMX{21xv7yi^N-A&5O!S*f
z`1E*o!W*g0GjS9ny@<=WCr{yN*Yf;5Mj4x=_Mn_*qW92zB&d)<IH&1KegWB>@QoGd
zc}At`bIoIZS~H7-mb-N@PLe3CP(9Rz6^)l|muqDUpYfHS_c&q^(97P$^qo<zHU&95
z!IM^!V_86fYJpebM%=_(kTDA+8ZLput}=GRd4rt1dT`#h`BZ(!=u$%ROl{EZ*)DJ3
zAqIu2SV>x_j<!h+22ZnFZP`^@@5saz$`GHx%X#W93eB32s^-u~8UKE&W&I@<a&T9s
zULC|mIz(Jzy74QPeRi@^77GDK3pjO~#^UTb1SrVJ3xP%;<X-?<SK(?`gnsPAGbHe_
zpO8b_MVT5cnX}lBim6`bX?_xnrU)FFQ9U=l)=*e}Xl52pa48=&VCop(#*tGRnZ86B
zsJhGi@ToT?u&aQ&-lgRCO#%dEy{)xMpgRP>Feiz12syD6iu=cFsXt*FHe;CTuWjd)
zAKhuRDIxP@POqCTBoWB@+nNf4ezPOH-Es9d8Sz-@K**)GM6)t2(Rw=dHhypu&*#o4
z=8+luo7<{LE_&X$eY(PS`MV2eoE_<Mo!JM`d3a&NC5eelfFfUN4w^<R3&BaT=kHm`
zTV4p0lz?CCdEx$eHKFcFhQocbDqPAm!z~si#VG~TIpY&HKp!RxVmOhK`%M)~aAOz}
zAsT;toy4PAVI3V!iX;oxVA~7$^cN#PySu3TPcF=<nwcSEUZ;jdb+nG*06L@zgc=Wg
z7dj&J;}K+BR@m}nhkOIduM09Oq|v<ZUW-;x`eoZfi~Ux%vMD{Bz$(*UeeBGHejz!b
zN|p|DpjZAX4U5F;N&E3@T89^noY`t+^@{C&O7>-eZm86jj`C>{Lg3DuiTlOX;VOnn
zMuBqvuE|Cuz$akp_0dY0?#)gIeue|!kze`;zaU$2;5s`;6qJ&5lokIX^IMQq1=y{@
zC3cK}v*wolPGN0kk-2{`n7)pGLt#4(<{j=-kPu7Xz9RI9uj6-m(In>m3`u~zmrsdB
zbURRO^O|9oDnr}iOoV94lq7d%Qc*A-EFkXgdW;;;FU{py2hK6=&uHk7Ga6}yqGK0y
zhM*)DVwGyr1cu``xHo3p6ueQbq#!)o6@WpUDik5OjrtAlK?^`h0t!ZvVl76qJ1UkI
znL@_e?SX*a{6WF}_z(Xc4uXk#1aF`c{Xc_gqbLegC~?m$0QH3WX`=9u34{TG$j_|3
zr(Pa;Efqh%n@<01bEC(H!WSqho++}D|9}QL(3Hakx3&Q0gEs*%xRv&|EkgigtL|aX
zi4xxUCFIh~%=BVjd8ghOx4N^7&WbnTlS<U8@>H<NMVJ8P7&>w2$;T0O$Z5xeJR13p
z9mnafNwz6N&eT<6;Z#J(`>zTDLZ!n5wBz_2jfnEC%5-$|?7V8ekvye;5Yk`lCxG}l
zN-l@kUO!f%UjZUn_!`FEZzV(vSMn2vr=%6xAwk&X`vrdnUvhQz>G=h7+I&LBC?ky4
zvD!=iasQP=->obhH``eR6p$e-B$4??_e{Gy>fo5<_Q8LIhz!o`S)20b;5d;@!5Pq$
zg76qSiHLto#k3$={>xMQp*UBCBk;L*_Gk_hgHo%xw(<zUKG06~-jNr(@{(SVx_qOA
z5ySO{62sLKT*6-+P2+@Ier==0F?dR9kJn22t!XgPR4}aMusxO)q2587>ngPUV6cxf
z@2V35W8r<m$eB3qGm?7)-xLv}%1Z9hW<3dWoC^jAm&NQN=$O?ridP4h;XEw~dLv%Y
zfC<Bdu0ps5=tUhBxUE9=xn)9w!0FJy5(`_gTkE>z##@7hh)2ts;%rXD{$omZda7|!
zH!2j8U}P!iNDNI(V^Uae!bLD8sVg=^BVlSq%VKIP>h4gkt-5LcwcqaeXsrmYSg{Zd
z=xt;|g9hzRFq>|RyI6)Iu2)LK#eGv!hDHO$=#FNTI+n;i25^;g=cfrw?2LoQ_EuB@
zApC5q>G5QUO6e&b4I@5lq&(2v;Ew2v_VH(=^s)X%D2@&eCH+Q>Z0l@KRRp%D%6=-A
z=7CtCJ+1<8eGnSu$C6naiIb(G>vtpl0}!C&M3QK;fTl<SacAD4`4SAZ_~I$DU0=8I
zbgUD&bIBtgd!~FUaU{vDpBZ$HbKNA4Klb3bK2c$9^5nvC;b>fvxCdu9V}D1ANW{T5
zwM2echX2%9>puPEitN4hXxGZyP8=WWQi`Ww4CNTdU5YffCIo{`7$zOt+w|;!g>^pQ
zhjmc?J}_H)Le+FuvYU>3Nx!V!?wgx2d}8VTLYU73oCzf@Sp*3&id=CA-o?lIkCmLa
zb~LE2lebrqI%JYs`$rKTRQ@7)3>Pp?8HmKbfkO*pfG1Q{MRs+hWkT#Qg6n=I3j<~-
zg~o>aVPPG9^G*ZokV-+Z;8fs{DQTY&ZnuX7XFz*0*h$G)ds}sm-B_p0#ka7YlG)jO
zo1>OcnP|h?1nNC>-_3nf9UdwCRtrY^7+!3YX*<}`OiF$3ya$yW7{6)^9S3S5P25_k
zh*MAiZvn{v<o4n*g*Kz{h=7$Di_K5$YWqb7o&*iKj|PB9d?cl|?LLK^KXP5AqRCKs
z^1XG&P<az$Rv2FEtamS6Z8)u9{4~ju{L3gd^uh;)aTv6S0=Y5G>yvRli}+^{5Q0pw
zV%gmx?=g#|BsF#46p@}*Jq~h>=Dd8J9z3{nXHMdu`eKO|A30p99`h-O5)kk@TM)`h
zbj9HNluq%D{wEhb`3}V8_Jo->)H{Q5oDg8yS+2M%61VV3n<tz*9HXW<wT(e;OuPjF
zkaA6AvL%qD&A#+TFG&DAeu%*^5P!cFqp8VVuGrG7Bf~)a>WpGpfB{c8{a(RzPzmW`
zvxp6PygxG>o?lY%hq;iS5okaO5krT{h2>%ogWVlIY=>S$#%T7KK6OnY9{R(P!x;b0
zg=3kXX!B}qX|=qI%$!Zrx=BlZ=^E1JCq5!N$bHjvy@0-v)P3Vb!&8lQZbi4zIr1Ml
zhn)v1q!50z5;WPdte!%4gIKf-stf?c!2O=P^2INKU&Dzx4BaTm)9i>KP>Mrtio=>j
z$}k0TKSb`XC?EOjIoE62RI!l2URXxxrIKHhKvWk$#w>6N)S*S8|C#Q5Y=X`28}Qi{
z(_8gb=()Z4!fAsNb?TI=MgfsSziYcJhXFQ1k4*{j`=tpx;lm3U#k@-gg|Y}b@31}H
zW$~z7tNmU|g5vvK(Tvu5Wq&L+!Fr>J1zMtIghZo1=n^dwua-crw4iS?wHR`w97D}n
zjW|}epX_zBE*X#w(ygICAxKCQ3%-RXd*zXrrb-Pmt|?9dsR6cZC;A6NWrNXK3WhDT
z$~rLi$uf4oM_>3_A+Jt8N6L%nZUOkXYN`pGv{I>(VGnb&3xG}o!dP<mQ8sKVF&)8i
z>vn``wlVjYTb8R5n>~`{B(wi#N{4vh)$A=9mt5`v>7<lmLN#Dqs8sfSAAv{YjQnH2
z2fW+E2*$5<EDnowW2N#u30|0$oA18i&ko2=5E}f?U;J1Ia2esm5jlh)lagUTY}}gX
z76T;lU8;RD;=<pqH6JohzmZYgQ_q6{gIP|?4!!!@Tu{^<h7>?ifuPEp<jjo}tUm^f
zbHm%JYdlIp8w1vXa*fUT=G}zYGKJ)^+<RARLSN}+b@}RnR;C7R+xD!;(^d%mnK{10
zDpI|NQ_@AYg!j)b^=ihF_N{{86+@PCJ}?4-wIY?J^@x`}og*aQ8aVWtr63YFyDpRO
zY?6AOrqZ^WtnU=gsCS`FLP-{nYU(%EKC7_pXdkh}OT1*mogfS8RF25ttPK%91mKc8
zIvH3H=&1uoo3HkO0U0ps-8XrSv_r0T>(PM=(ZVuyH&Vmj>r=?l1R40>_|@x+E)t>)
z77ctwi`-MrH;Px5m(*k|Yp)f6+zi@enXNV5<*)}tx9*jEvr84DF4H>WJ};gR`0x8M
zp6t`xZEnP!I1V21_0g)Y#PCKN6RE~l)J{9U0=mF<dRelkSrukuRHxrI)**Fs+LV0c
zh@5B=oF&8ZBPAp=L3<=<BeFF#7{6lO)-W>@Nq@C5Em^`niDqo}F1iaLJ;X}sRN=+T
zQSlf1k7!UW9Wfw)pQ&vYMFv>z_6>vCUd@E#;y~3-C6*1&sQa73v>_PQRopp#bA{>T
zu|axqFqC@G#GnC+tM_+kPx>#&I9EXnB)MBT{<FYo%CV+zCOC<Xt!}Zn&+28hzC~%@
zgnz_m(;25uMd}_41Y#qdIc7YFvWyVbM5`EdZUo)|bo>z~(W$heq^7RR>^cuQ8A6z&
zs$NE{u{?`N1gZXUg<-F`^3A_OG_S=+cj-MFH}O)if{>D;a~^j1s%fzcI4?sxEGg{@
z9HpbeFq;$1TJcVXe<Ie{4km?IWm1GkSEb!~!IK=naov3x{~1C7{78K9aETcPJ$jd5
z+-PQQQO=PzrrJY<E~YfwqfPH5^ZX4*{^&(hcOA^#Z95ooNv?QE9;&AwOHs3d(`>6w
z@1HtM8%O719!Mp~;maz>nL{eLhS-*fF%V9HBglwP{=JZn+UkJwW~@g+a6_DtGprxA
z<J!~^#7|8R#C1m~;NeSB!T!t7NF0uJbA50@PbSKu8eS&nebN{qi4|6hg84y88q!B<
z2{+w}8?L1DISd(lqu~!pLdk-PcSR)~a=omyK#MqfDVv)PzW9O*7^flwA++?QPEr|G
z-IRrG16@uz)0W$auFlCALyx9uvyJsxnzE%oso*z`NR2n^E<RCY0n}!6@>56ClR15T
zn;05PRxH_fPAH~3D5<0De5hPxRHUupL2uk_?pJX2ZEE1ZznxhY4zZ&SuYo`I(h3O^
zi)kw+3DER+W8&9#bCJYlt<T0_;^HrjnPGN_<G-Gm)T!F4bz%PM{U#T}zh3=-XVCnW
zH&iC9rAvQ=VpZv#3)dpz^g5krQPI&xC9)r{K7H4>Go94m+Cz$NSq*H%!AvD&H)Gq(
z_I+VUn<_?!uy3lt^MI0mXOq2p=*O;=e&&Ne3a&LK5s#EI0nSAATcR!8_@B$a`p>hj
zJo&1(kKBW}%MM3V7Coff!Ye_-T*hB&WD^Ev;+c)XSxR5tirftKu7eVBLru-q?A1QS
zklglCsvB?rT@oLevq7-xuzc&=g_bjZ#zS=iQnNEMNb<aH#6>Gxtn~?lL%a<})7~Oq
z(QFW=gct)sn>}sA8dwy|^y)UZH+yJf_|2i3;NXE!(R<Tcd_5N1fvv!hRG{4gI{M#s
z)bsf_VnZ*2sK`+}R~iuj{OB#VP1kaGTk~~tlV$-%Qm)ZNMe#LSsR@-2y4`8nhoq1n
z&nWuJDPy25StP{Rpwu!TisBUvq2!;6cW||g=We#LA8FN(miPJ!dYlfVyln&;uI^-K
z9<tPCd0ow;@8xV)6%mZ2S5m14wiQ@}&(4H0x%p+Q(w0y#{GcOECq`Uf)DTZdF`bi9
z4jhr~*tdT9(-Fm$$UP>yG?M_WC6;iHY&>CK)DMD0@hjs9IZHMsTA@0bhN6>}J-{LE
z^3rQAdI5mc5{N|>T7<p3hZ#I%+&BfJ23wAo2NJw3k#}B8AtXvsh$8=SG}_0DxjV72
zMK)8HitB6rTznE7hch$H`a=4GLIfo7W}dKVxWqGr9jN2)t%?&->P9yb9qP^C8F&+P
z6XPncuNtPAe<NfxZjhoZUjB=6NQpu+p@w>NE_d?5NPFZ1i;k<bcb*52oDvu$Gav4t
z!bm$1Nk*KTSsC`IjU7cKPbD{^DXWu|t5;EeU{pE*2lYZ@wN7~vq>nr)r5hCz4x{43
ziN_Gi8Ra5r=vgci>XBX=Ms_>mb<OP%1GtQhJA{6%bV=1#3EzhM%YxZH<fx@e)hca*
z$SL0rStpNrnj18y<mqq#|I?>t_Xb7DpE#y0F6l}6rX_{6pwOSEV&iUUlGsJt^WK*?
zA#kmvq2r|c3$A*0BlV({6Pr7)QDKEDcGDX)w%@U_FE|R$A8Ix0jMCyUEiN)^&X<$$
z1*^ohs@&sQ7<?0w01e^iRXTcAFnT_(L?D5S<mMX_MLWLR^bFW=-JbA47_bv#v`ECH
z9PO|1Yr|=A4w>Nyb!^pLcFn$T8zyiK$Li-6F3`Cl+Bys5WK*PKAb?G_a|hB`YgL$(
z4Aj32h9<4MXS$wts|Cu@wu!-sH=dmy_mtO`32qC?^)Wk~sR|R020t5ioH`sl#-b9Q
z_a!1hwa;)u6*_$u&g|XU^BWTlc+mnND0l_K+oi1Xi;?Mii0E>i1Bih4_L)IJ0-RkH
z@sxkO4PB4M_|brmtssi_p{V2nHlb}&65y`;s&a(#>~Qa%p?>#3f(pb@4AObRsTB9;
z%$w<?yK|a-?|k>7j^zjm@AhW3o&CIv?459uC~F5YuE`Wa7o(ZXMC2?65ZMU!4GA9p
zVwOB=A&o3!9;mv)eV&9;ACc=5l(v(HmW{1*ZX#rfRmkPXlpV*~FA=G_RJ-q4PEqnR
zwsyoBeYrdAbQFo?Lc~9qN};xo%4;lgIFxQM_U3Pb>y}6Jcjj$Un(}^$idJ4!j%N3p
z@oKKFIuloy7mp%rgm)Eg6iA3AJ_@EMJmv|M@cX*s@x8vFfE+8sD{oCf(u!K4b$I@W
zQ-(c~nFr(HF%R6OwC`0<np(e=%ybJY03a9uds|y(hf{8}I=X~Fx~?UT^=d;r878pO
z29#!P+#{j**w^YTo)s3~h<q)0>=B+!vkhdbMt31<&*ly0>!oRlN_?N=iz!&v&A4Fv
zbV}+do5C#BMfFGWS2Q1~3iIv8dDR7Vj`>4On0Z)w&K-Ik8tcrt6Xk>;KOh*~*sRQg
zG9(1H-f1L_J5s!&D980THCGrY58Dv|8vmvaRkWG1JsTm0G0%jp$i2e&XKn_JFfN<~
zQyc!ot``$q&bT|3bJfz%-e`RYdqju%)F1XY#x&EPWHD{}um$M{tSFJuxq(P?<p{vq
z!moe(04m(3xha|df*foje@R<}B=rULvm+#dUAR@zD;L%Q_chV42*8AS;N7I-5ZVvK
zUBkmnPY*1#v)uQy-00+CpJ_W3ftQ-)s|VmOQn+}SFfIYpAOi>0%I*hFlatbAPe|$b
zOR^7$HGIX0Pc`R+9aBL<pyH6s@;5RU3P{vIWPv<1Y!wUc9v98z{M#<|?sulK7gD$d
zif(B6xieL0b2-H}2Fj05WE;MQa8%sCMifkTtm?gmedKCR_8gErF)$XJ7X;O<4pC#B
z-NE<M7ag5$l{r^<>nU^!mC|15#TJ8TGH(cU_BZh2?Ku8e^hNzeU&mJDOzfhQ%=Ier
zoax=K(%x|?A`vsyLK_EZ#k9*(85|<qzdCK{N^yOPHwtvjrG0*N+?KruoNpMbs~AME
zX~R_86p&h0)lP7Ylo*^Tq0WXN((jR%a;`KG&fsHdTgI@}vM~s0^7}00w`UQ&S|O{f
zQd`<)a)+b8y|<%J-O=$WTTlwdRoir}HQIJ!fMzu7xk>KObut+^NIA+<-j$5IAMc(c
zMhgb^67w=mP@3Zm^5lH4!7?oMn4C*)0RkCLNh3V1%Dre6Uf<pon};S;d}S`u*KleD
z+-N-&V^K;Lxnz=KP-v&je#qu~W=+5IU1U>%i-*U>%3_#-<wi#EvIJPew)Q+ce{wp>
zfeG;`kweNXTSK_wz136RBfyvh*^EhX_Xe>0n4}+4n)G=1ROS*bL_qVr7OKpV*2H+D
zk)TP)TBcevOpABIYyv-_`@?AA=*L;?<P3=lH<uq->PTbVOA9Ne24Ues<7J=HLTa|J
zqBWOy*Tc<9?~B3Hk3JpjRLReyioOY2lCaSZai_tNvWwdR$)Ibw)B|hHuZ5<<vtnQz
zKLZPr7{#_!`#wuteUMB<2<6$IS_^@4W*PtTHU{Hx?lkdrr6!tBC$kzlW@5iBQtqmo
z9dJUiCH)h(vZ?(ng)giFWCv(HsfV^X(k@{2Ps(Ge+Ar7<#YQ0(#Q%ap8zYFrf5TJS
z<#yzk0$EGD(!qK_uD8;UY6zfU)+$cpJt|ge0a5A9PkRkW-NafJr?OLTs?r0i18qK4
z*&dWT#e1yO0G&(70+F$!9&_O(e(veE`C7N8W;;}oot+TM3JJv;T}7)g>qAa{L<$F6
z`iv!9*YYJud*vPiqj@Yg@;5#rkAt_xYG2UTqNH2=S755TT#FgPX{CNK1nG0lKSx(x
zzlfl;P)dPVb2i=H1dI2+Yu8{%+_&;w)S|+hl9b=9X*BUl88j<^aq1{f)tOa3V;N8d
z`G4^m1MDAYEiw<Lb9biJw4gW>b22l#eif<PMhKHquqE?mB1r`vnNf!e6g#F)N!R*|
zyW<F^GJ1$}VI5LZrKPCurqSTaPQ<Y8l@VrH{(=AwW9WUI!>7uHS>pyYREJBpJji{c
z4E~kq1ey{@&lga9*N89G`Kf@}eLuBAF-|#8P3yn+Rd+wg4O13F_uSemZse_u!ffWt
z?4MCM3@x7EQ|u6v<u@%1sqjk5J8V22d8m%QAq*}8n+&`U&nlrzgc)$h;M6|tA^eYx
zvbP21*^1a@I9;V3U}l6q=Z;7R!-yhk#&(vsW%*W0T*d&|otS~090bU^g@XKUJ>equ
zpXz1Vm5NkZYNnE-<$IiSX_!~#OXh}Gw1x2R`A&Lsp0x@KqvgE+nSo!z7usq*mOoYf
z1Q6saqpansuW@@ZN_80sNv<Hfv}@yFgq4;5x(+dDN&jOe0ZICRcY&T!&*-Cd(|97a
zfN#VaCo2-NItSMnFDbj2UHQQ~4JDCGhp5p)l9c^b!6Rp_Rt+?V&FzNSE}<2>u0CYV
zVuA^T`%x+_jE10rNNvl*jK(niBV-4%gluEYTES`%K+tr1RNC(lsPE*?7=?`JPUEu0
zHQI?s3l@5BsO6i%6hEh{nwOS>Z^6UUoTAri?xGDK^fP`76kC=eg_JQ%qQvmYt?gZc
z;oA>rpRfO_NTHHIeICB;_Qs$UZ;@#drilRWJKBc`xv_p}wSeyM{OV}_+AFQ6TV4}W
z?N$lO2pPmI+1M+x@^Fg=2=~cPvG6s2pm?DYNZGu(HPbZGlzsCgxQN9mpe!psdX4^2
z|FlOpO!PD^07|aAi*-?^RHTtOB^VVGbBk*6Hxc;OZOhut6a;^?<WhgQ=drQNuukE!
zafX)|WbN2F%+M&o(aYTzH0dZe)_&L%@}SYwj4^@F*$~x@Fn_STQ==+J_c<e!a0CA~
zUxd4?=^ayymqcF!74co<6vOyFWa3Pb4H5J{wxEA+74Mivk0m;XA{aXhXN4;NoXcBJ
z?D~qg=F#POiV}+bK~F!hk2*|NP7Fm@>Tz}qngN3MHo!_7<OWVe>8H+MIQR>|E?8fy
zJy=RHbcH#TWoi21zSJG&Ae0@zm!gp3J`<-;HBpwDZ3Yi!W%QUf;2rj4?c2AYmSYD+
z+_bXblxCxW<wyiuf@k88#4#oim~>0z`;=1>q#xRv2*r*ErI&;JKjhIbM68f_W8ztp
z{aB}lMkLa`&6jm@XV0pc;b;*G;TCy^t9%UmmPCY)Jzw+TR2}8EATskW!u*|(j;Kc!
zwq>t2#@7YEbM&S@wv*6nLX!#=jmhv?)Lj3AWtXZKU+E{$4%u*L$pFM4`}@aG&C?nK
zkPsUg@(RzXSKDiaNZBdQ{5OD6NUBj<F$PVWiZ7DxpGI;fHnvQ`$k9WuA_P#14R_A;
zmTC6+m|7ilAf&zYyV;}U<2ZkKJ*P<zA@n!N;a{knbJcetyjJ{ro4sDu9h{9~E<&51
z@;!%$z&0e)(eDvZoS05uK0lj5;Ry?f87n(@%<1?yzZ@qnOejp6(>EVLRLx1*FO@RE
zG+8&7Gt=~AGUTZp?bUY7tS$*)*Ts2V05mEtn`H)V$BUNzdO{UGVnV-*YpN-xllNED
zWih8ccLv%y^s>COFETNy|CygRyV<q==uM7owc8^ZByI3&0be5Hvi6P(I69N)3Nn;V
zeR2N*_)QiD1$G`BkO>ql?zFGKSGW@?{k|ENUaghvyxe7dgRm0HB$+zAR1+*MeUBM^
z(<Gc7ub%MrM$<EG=XMdJ9ILO3b>H0y(YXz8aTyE$Ac;n&Dn+~j^-1i3*!){2il(LH
zRVgAtPa)#)hZ1H8)QI(W)>M(_&)P*(hFdE+Bo-S3*w75YXyQ4Aw96VXMz|kSN`Hg@
zVT#m>uIX1ria8LOITg{!5I{RVh&La+<io(>@bxX(;By~pCc5}7B|9w>(r3TukU&+T
zgv!Bb8H_OWQmvD7<L?>k0DR&{yd1QHsPf=p1x4E!>OB6$9_9AX`cQLp`5n=$VVjvf
z-hp=&46-E%OEHR=$&NFyb(+YCqxwUnPY=Z7Q7+j6tyjyR7J;(&3Sp&Tw7&-ZkK*N0
zTqbo{V8o`^d*gYqPwFFZcC3H;Pj-Qny{`4Y#Bjoz!CeM7BTXlzEO5j?kwv82)tQId
zfRqv(-eoa@hJ|QLosj@4;V0cY{#1#hP&C}IavZ$RQ#>5kLN(a#3b)J(fMTjcc&a>>
z;-|oMO!UULDd*JY5~_lWk@Yr}M<U<|PGl3{=k9AH8|sNSE;t*mI0j&kzHv?4Y|G6<
zIj&7>45G`&mz_rO3ESd<H40*<JFqza%6Xe@{)vHV|CYqENk?s&9*&@oa8@hR_4~NC
zVSo%cbyDS@8!uM|_k5dgN_;{zmiNKS3`~Y+Svx9MW=g%O#AX6zTilIVtFsP?G_F>7
z7YN{ydnM}OMq>Ovbop%Hx`v>JZw2UIf<q^`7ev%ku{Wycp;sA*JW6%O2yYT8!lYkb
zM+W*}l%&W^mS@M>3lsK7MNX!4H^$6hmKPsDLWSQjViO2?yqf9wuv}6`7k<((MvK64
zlO^+7cyfR~OzlW(ak)h<T97GjYid<0AgGZAk)yiEKuXRbrB(ihyoO@!`xo3j@h~(U
z@cMxQjn+FD3q4Xl4xc8@j438&VG%mSM-TyEY=P2@UVIIuZ}Df^;tD2qz>UM9i&f+9
z3PLNaA5v{ZvD47P%097E@DBNEjACY3YYp$0dF1}Dnz43za<;j_(E6+|WBN~rLic!S
z<A(fa7ET<zBPN`$<(Qx28{=#=Pv}{nP3CyWFgEk;w%|``oqmw)&AF#@A$VlqS069a
zRik+3GwY4Zw@{GKdE|tkQ*?%-{;rCFl!=)<iMkqgolhu3uORb#T_{K-NTdib8equZ
zDpbM+#Pmom3~RMKspuEUHcqnW2jH!lM7ad?Hsch_8)WD|6b#@}IkzOS*M<Y`DK)W=
z4u5_N)U#Z%2`x3?{}fb|JO3MHmyRrv-c61>q=0XL8?gIQ*G0s-IuV95z6h2aHDSu;
zrptvYN@4c?xKqdKv(Wff`z(|I7Ns89IKgn&TFgd4ms5HyIB@h!L+kkMfVO;cmLjf&
zxm2>@lX^=rAbL^Re!<v?v8F#9MMdNuA4jXwOl}vw%kTiz$3)g4^Cos2SvalPk>RjI
zNUMQcP@&;4Pj6FSMvEygwzUCJKJA|iO%&@tBC)W7E1RmHfPib@BSjKBJf4|wI~L~}
z5NP0E7lAJ7zmO3kLoqgyW^}s?{z8S&C;+;(za3K`(N2MMTuYh*v1>7yz%bd&RZz)x
z286DHAS!t!Y0mmG^Tz@?4QY81C#EY+ef8dE27Ttm;YN|i&S-0RbEV&JKqwp?z>$dF
zp1H#&_oO9wB9IR56MoNP&wE&b$oHjR&^aR{Oe_t>-CW!Q_-jhWIP`$lrx-LP=WFi4
zE{8wD?&K)K<jUBb*<YJ~*YT`#Ozsi7(v!>;;)4gx8ZgA8Ktbf^P87GQpXFT09e&c{
zewc-pWhT<V6XzDT{)AUZj{N$fyp)jMV2wIT`%oXM0x<K-R`B7}n!@^yqH$UAWt#qs
zm~8QF!5&q1?KZe$X(Lqzga7oJ@#&$=RNRkmwk2_l_;3X2*P0Cu0?(iZ2Y`YjPEDj$
zAKP9Fa4GLPhwZoSw#-m_{Nqzt$Pg=AI^gGW4h3B5Fgq_tAs^WOQ&*4ZF)g4e5qh-y
zYNqf7Qp1}0OjMpTI6eyDGu03!DQ72WZ^k856soGWftz~88d$x*e8de~j7=W>MQLCd
z`HnBV)1gD%MI&z1S|9w*O)@ZnAlDfhjLyeEbNiwZ8lJKX!zGl>|0l(4=T_11;K@Ox
z8JIXBO!Vg4)R8-fb57%;*xO4gN6S2AeAN8O#KipUj)|W{V~Zh(`)cU+vSB<FkC3mE
z40UBr2%$6KyT*&y(noA?qmzQLHcbM}mW%jsZ}>N535(^Bt@T~i^18Gvck_9rv}al_
z<iCCmHQ~0pYN}r_qh4iVh$B+C9Zw|g+qfMB>G1hMp}qlEt~~-znph)E7~lzXDcR!V
z80M7RSYHjbAC!+2Wk`SGa;f!AH?va|I3P`aP$ra!Jvb)3FW+s(FslgWDu>nI<T;Xh
zjLAee&EFQJe)zG(nh_w0@UjBfEK|G!jD&2WW8vt-VH@z4XyuB8U6ww(=>r=8$OnL8
zt$b5(#7;{PK`VOuvdJ~o-#{JIF}iI>_ZY?Jmc;}$XZ+5eM)+k(B10d%&83fYQwtSZ
zI9t)4J<*yMtSc@8@8m3qVPbnNIdd;Pk*_4k>Zgg+)9Q(|*iyWCSupf<pxZ9RXpQ=K
zJ1Fr~f{7ZfvJRc};(c7+GaA$=)sN3OnVt7)qZVL~3a>#@JAjSHzn?tp?Qa5K=8n4{
z{H2h;uNQXrlK-!ja_L)bVEUD;dd|9_apAC@YRCY}Hcov)n_+6z#gR!SxzGnXHS+m}
zj<0D{BXe&;Yj?znTTY#VWy#GdDvR1LincUWRGCA3wwP%M!$IC;tZ9ic*O*l`zo1$)
zLufkCYa4YL^EqMvT*%RS2=&22t#O7mJo?kTA^!wGVTF*-7+NAfDTx@UIXNBaVW0JN
zw?mB=e!N!*6-XT#Op5m!A3y|UpZVCRyAe10BzDf!^o3fkv&EF%Bxg;g&(DjD^0+?M
zIHHsoMKGm;?vp8&6~~`BJ?9KLiY23If>s=4AW;aT12zM01lntsN}B@vJc%`W*@n%B
z`=gsnPs&WZiy5W(O-Bq2AdZTlBF!dJ@w$Q&HXe?I{YIQUz>B=3p#h*nb5*c_1JT61
zh#!(@F_O4g<>tUO{{*rfE9xuekyJJdK+%Z|YTO)=OO2V!Da!m8ppgvAC(vxW!EelE
z@bOG{)TIXr;i!W&4NP$H>jOO~&qEbhc||O7W?48b5s~0nZD*Vj@cwIr*{do3<{WI~
zW?hi(P8U1TPH;KLr1qR#Z)BTLdW5i<L*VY@0>%p`b<gW8I4)qY{YG9NL7?l>X8imU
z{;Z5M{mCA9shu9;2yKE5XIGNO>qfGe9<<TL;<IV}pi8O_FtJJqsSi~krwkKdw_(%6
z+~j6VBD(&p*<CI__RmsujPEsfr0~3SiIXoEVKejKClwLA4&hk#G1b)hvnqGV*RMZ&
z7rDF@Dzo}+xE<%Q>>q%^+w;8IM~(T@`&YD7!u=lQ62UVG=Jjqec@a0s(mj>~@9qTk
z3a@tX2?V&dZ*X8sDrao!xio^<Iw(abV-_}&9s$3BLJaTz@8<Lo(wlB~$@hV|?)KVN
zVcz`YEJY_G<cKYVIb_y63r15V%{W^5e~yF|Z+`0;T<V4rOX&zR)!tZ<VT7$jVF~s~
z9SrwP6$Dct-Iq^4LEoK&12h+Z7${;Q;`9RL>RpRiB{P+{y;OE$A4oO-6?>%b1UmhO
zeP!gu@fMQc-(6cGsXEEUT_Ldirl;1%j8%Man<^`>CsA782|AkoEZ#Qn89vF49>)yp
zw)r$mWPvQy;h?>$&K}i*A}~0lz;YnpcJjPp!^$))px={_29_W1{H-K*qsj7-kQ#@D
zp6M&}aPeZoD(y4~n~eHQvUMR-vC~a4l|EWV-&pb1Vf6vvJokMBi@(@HyO_to1gVfk
z2~}+|?RnREa$?!il~+^Kqw`KTM`X;8T$ZSRn3Z5*q_qq%qMfI~`hkhOAT!ujw+wD3
zbQ=#l5E?^fZij1#i#)E#<w<O=vrIfP&Nk@oB2EVHUHo~PD97X9_gL#Nc!y3aER5<$
z6HLmD+ZWv`fM2odHS5Gw8r^NQN|EmlZ#%aGi6yZwT@hLF*4PhVU1G47_pbOtfewrb
zqBVfCOl>BIXXut|*inlnrHxLEHE(&Z{IcfZ<qaJDiqbe9W9k1TCgMAM%p?Ub-fFr(
z7=J(BCH2u4Uv$rp3`21(ECweeB~A{zzPzTgdgTNEp+~silOF7=RD{vAC`7N^->^JB
zwcu701NnZaWoGAFf*zY@+=zqosa3`jp~})K-RPA(hXSuvD0o%8(O?X2T<5A-9sZk(
z36@W0fihm-R~b+fK-zKyH;9L``Rq3og=HN6C#Z|a8i<`66nFABP(h13HsQZ6UUXK=
z9|b4M2nB8&0)@HW*6*k$iGk5n2fk9FW@!#pfCtX6pZQLOareX_-n+oWLv7eZNe8q4
z7_p&8Q7DXBc2NBTw+DtJ2fMpTRK{RvsNNO|%`eGrbr0NNZpX72mu6=J%1W1!P-)h2
zLC>f=r(-u-Lw+hZJ6ERa0ZE*4?oiP~iqR`LAHcT);q>VIF}!SdL^vt`=ue;`&Rv)(
z8c1`;N{&JDHkz~Ftc_?z@^0Z~6SC+lT!og>sdM-z4$MUZ?Kdc!fx(DLTP9%B<<nC~
zMuMb;DO28p>a4hnWub&{-bh0?ppkyMa0GvJo8Fl&xSh~4;ZYBq+k-l?>>YzW7#k~?
zv;@t99$8ZE1uJ4&D??F&yWhCucEgaU7IARxV|SC|YX}g><Um`^pebRTUnR*o9Q*Wl
zXg@3?txf?Pk>gOhnhgd-s$y!i=yU55ORgD8juFBA_i<$hZpW0}Zo+_YpS{S9z30=b
z1~w{tD{x9RmB$~_LDeMGd@nHI2#+&4Bry^2#kYC{-YM8GyX&XrO4R~bIk^aHy?5EK
zeGe9r%o+GslZXw&*2Gg>G+Ys0+#Jai9`+rFSz|z)vS2JUC@5V{XL)0IIlCVUaP?(x
zfiJOuNo8^odR+ocL*K}o-77!o5;e-8DXO|dx1(Op8`Tu7C({SQXh!Qhf@2k=rZ`b2
zCJ8egul`C=KJ2lgib`xZ5HDoE(A)m<wIz63wXo^o!O|EDJ+&cioX;B3@3u+W<|U#c
z8R%C=K-^FBMl7t@{pX~3eLHYgG8wj$y(Zi)TcRg2J53Qv0~l(&kc`uqIqqqR$r(YU
zdbBrtE7qv#f-{A7iNzww0qDX>GhjLk>hUm)Xdq4R3P{b|)5|Y8A1OK+_wIBGAY9_W
za+v6L5LFvSOB3(P#ywuR{{+y($vSeD(P4=BQ_*9g*JYm`P#i6DvM`3!S$m+h*A_a9
zxIRTWN-<W5r$RT^?oP|L>Qf=}8?|aGLST5084V^rHYOM(5vsm_4#^F<CXmN984`B8
z{A0^G!if%zUWa}IUCC6K8E%cuCCPcp%h(yHGle5=F=l~7LuG|x&JgbTb(#YfHBu1x
z#sx)Pey}JP%Y?W`ba%t8RE>YSkTK@85%z$QqK4alLdjtWtCU$t{JC#$;s(QuRqk<Q
z>AF&?pyUtN=bs_PUiwa~LSfu~c}M)m!t0VpxCsc`y#u;%OVCs{F;Ek@`DI5K6pv=I
z{iWW?X}HH`L*{+R9i>`%*;Bb2dL2o4Z|9%VXy{mmIZ9T?0g|GV-R_9aE1EP(xU-Mr
z3^g(*D~iB^KNqAV*j4_mXS?VS)XS(p=aZF3IsGTOfE4_aR2R}aC0#6$08bD6CtKKB
z`<iR31mYqhs=N{Vt6p(&s-@hEt(vT6IdtxH-S*}1ev{o248OI2>(M4Kf+ibN?dhF!
z*cQ}=fz_0<MILiX+TSI`mDjM~6q44%1Ss2^ldt1(#FW1nQQhJDv2qizBFjFK#@&QG
zoSLQ$hQ#cA@a|^uu0v5`r=ZpXTp@c!((kyhXFMN;rSCt8XqldnhjL4d&R9osF3sSM
zL-5|uYcyVFeDa1ny_`H7z=$**oJT_6?bT!!bL2U-dhM`$J#ZFVJaBiyI>^o}hl<}c
zkROMvf|vgmIEn-YK!;LLon(`RrK%&(1_Azsi2Rs7r@Imq5CN@C{_W4|3y#zvxge<Q
z-_IncV{Hp_;_-X_`-Eg9t`*~DPUlE_AK$c8^L_FK{#emKIm_t@(btP4jHPK*>CryH
zt>LGZS=4-5UO{mu>(qcwqX^#VKd|9K6=IWmd7Wh2-v0Fzg{RPvzbuRl)rRgpGOg*j
znNU&_f0<lUO6@33B+oD1l+&KT&EL|IA<s!dPo`3Lq~KT8(23SN1W$$=&_98ONILI1
z2lA-})^H)}=16%<IToHGAl`thNW_;%LPH%ZBd5a9n&M{fF*Gdhqq>K0n;u4rP~W?7
zMxn>aU)h=;)=$euZ!?PK$Tzfai9^$Z$T^~G(PoZEQ!e{OkR0#?%p!*AOalL=G<0~j
z`Q~Br82n)$=X6e>Brp~R&QNYXUY|{2(fDEu(zK;2XgQD577HNG*a+7N#3mrN4_HLC
zD51X};#&=@;d9xFI->pMRp^ZfOE3YljV-6(f5@fcN|kyK|E`5Am4SU(Ui}q!t6iFx
zodu#IIR0&uRf)H8_^X)DQYuwrPw1v*QNn^B+m6SQ)Q`OK#2AqdeApkl0VZ$PD8c;w
z*{9P)uiw6K#G{`*_rJqOF%0WF@<^8!Da3ou&@%b$6a<qq(#$bt2@lBPJ)N#aepjKh
z=cbF1*}%6gwQDk8AAqCpC?R8zqm<T-5caFOasT!R-3-Q0YoG6E2EpxHV*ExF`gKff
z%qw+)4ND<TT*(?n*AM*4B7@Wq`rWL}xSRVfLT47?2fu4wc1GCfs05hRLc*#br^Zca
zx~MHzBsfO%!j9R2F&cgTTHWj%Gury)K0rQ{Gh~z;6Wg(xqI^ub#6KMom*$MQPe@$J
z7i()^;9c}gSYll`?)d<obTABydz%n%>~{gjIKn<|=+D2dmDl}#d6|F9zi%Xoh((Ph
zfR$b3@xL=G;U#uT%rg?GtB7|9K;7v=P4rN&7W=S={K>2BOQM2G>&-AY!(m@?VyS+D
z@8J{C=K@y~HhGf|5$w^Y$aQ_h+MKzBSOgpqSjZ+MRIbEjxVu=Ac)-`w`{R(cE^8yl
z%valadWMWm1z+dl;S8e|0%|P_)%y}7ene+fjVcEqbxs~WS7?~=#%pRwYIwT~3664s
zc-ztJf%k{eQE>!Bu$^n`hfxsd%vS_J29cysHT_q)EQA)hAsTwOLy!_*dEqd$++~f{
z){=b=HlpPpn!;^bj2<Dm`m-r)Slk5#u~{rp^1haGYamOf#WBO_tQAEs$2J{dMHt7R
ze_pj4R^Oy0tYN^i-F;E$7g7T2a^VCiOPL+L#SOEc)N^`tpL{fzT06DHot|U`SqL+(
z6rnAZSM5+UrhbTyJh5Sq1+lppGsDCzhqj}njwNu%t?JhnKGuqPqtFYr#fh8{4OC2O
z+?3;%XwMStSVvoOFparZ^k8iYXhwWxFXTcZ)xA$QNbfZbHMLl`xG~SS*coP$N{jvB
zT)uUILS1uEg)4)M4BXX=e2gHgF)ViBW-u!YV7ax$o~#<mntn#Di+qeT{rY=8UJ+-s
zIJ3@`?8(G))1slzkPB7FZ%PW4!iO(Sd_tvxcP+y4adE2;R!T+4kH9DDm>@%`sg~ai
zJ3_!`x_&QJA!8F!j!F*H20K=dxW9++{M>wf?#$!QUajYuFBN{Kk*Fl!ALf1PqBv!D
zbY|*$NTK@IdAuAQ)R7HkQaceH!LwuIU}4qE#KFNXn#M;a9QI$}%;Q>WJVr6WZ2^=u
z#s<`W5$WoWBV8f*V(PN!yCxeqo#lnrXIWp+VN@x0!Vp@}6d{cW7>Uz9_|aR1&dVlh
zMqv5eA*{t>3C9Iq$P2^0U=~<P^5}r)<PmHMlZyM;7J>-utTM|sQ9z~s82x>&TJMYw
zRbE$ZH*-JvN5~5te+aR!v?30yVN3p!#HToJi7}5?l+lHe;RQcI?6{djqO_HLCcY)N
z^p~f6m(`>0B>B9#{2?>R_(mkjfwDW+bJEQhQq3${b_ob?^OJtG1cU|)Xd69J)4TPp
zn`fp1#QGHTNI<IVM1#5Isug+q0mzq-K!_ap7Syb9IE4aA<aN8Rxh{Q0JdN+7Eb|l2
zl-sxv6qH!0Ow{tPkoAGKq@;i0p0w){F1>#240H(>Tttl($&h;JT1p9+WrS9N9^;a}
za56CbKLHCR^xEg3afGFVx}tPboxD;(Ny!8=B@)Q{HxfLE78T^AM%b>clEMzWKsjus
zZXW;`1p#UchtGf>hL#hQx8i=#1GU_Xz91aw6Eb9j5iwFN*l0#E*)swUh`H`W)`PiB
zI4UR+P_0XvB292CN~%N&{;ISf&j?kcpFjios-rxd7(zy2$CHl<62wgEW}sGU>QCgs
z{$3immwu^P5=sv3R|4UTlGntk_NNZpoDsS~5@pgi19%G6lvt$J+VnMXGTx83iOnth
z%n!uL(mOqdMAWkKBd<KY=ET<MTv2x-!ea(1(TZNy!j~IAN#el*#PWzeaN%G!T3#zy
zqg@&HC3ecZIO>;9rI{aOuuu18F^_|to;^j=&u%r=TdgpJ>j%Qs&0egEs?j6}ffNn$
zh(RnSh;ZPkbt<KU0o#LYn2D7wBB8%DjhYh+QVlwKAM_}J&gvtKG__o3+WYiz^UCE}
zCl)b|E55eMO>h8W)Cs-B80wm84~;ex0qY$pkjBAgUqXwm6w%EE27;xsqc*<#8Ep@n
z4doCTLky;XT^V7EkZ*aJ@WyJz24!?KZy;Nh9`gK$<FvuZN%>9%SKak2bn@ESY`PoX
z-^Veu<ptX0Ai&V9u%OsXEfa!iiX2~k+8nl02#BW}h?KnIU^5n_+C4FZOk|;`w=K=H
zXTYr@Zf3c90ynXxh{cBLLqgl=uNJUOEsmecB4k<g)+u&l66YfzW&tBGl@o!|q1@C`
z0Go{Zk*^mNa?(t+#Mu$hTk|#?Pr61}uo3w|2acTZ^l<{A^y9bH^RhvUt)utRz?}At
zOQebvV2#b>F0^9CGa{`aawU{RG&3bb=uo?6aq46pym&Hsg<hA4CW8pzT10q}fQle;
zAZ7s8ZI}?D13%CUNBQPthU@<$_VHlaoqu+TmY2S?7myY@6MA^n6M)rH)J^pOn3ZZN
zI3Vaq%%bg<Ec%U<!LBoe{_?=10R<!);3jtf7t?>U4|4ow@{&f8!~iyI%TpMGCJkip
z6X!Vs)1zcWcIEi{?NNp42aX%4#h9oa77fEOP&9Gf%H2?*9E;p-4u97G{CKkDDo;47
zsvOlAXEN5fT2k|jJ<btnM~0Qox}?^zZCh_CW}0R;Bx!0k3Rj{;5qu_4{A{heOLX!&
zd6<(IPShvggW+lTRUI%`4heP=!QTf$fP(7w&SXm_9-KvJ^XL4NTVO8Hvjt|b=C2G8
zK?vMQ3b|7uuN#Nn5dfJ`cJtjhq8k>mW4P*;C>G$>7$7T%9V$}~qQ<g2nV{jYs%UiL
zm}gI-+;oRwkE3#Qnuo^GRCKOUM$yhYewCU!ri2bFIv~<8=SV;%5GX5|2~w^!sY6N}
zTWbQ1gZ#)Vt<90}G7qC+qCN$|$97bRIK6TzN|BOYfNv5+MFr|g2$34{w5-F(&`Q-S
z(0LS58kNe2kyjC<ADGfDGBl4BjG5du6sv*PSR_fn>SzD}0RsVG03yY$Gwz!flmiR9
zo2=k*nFT_a&=FbsB04gNBUKRMKtqYx1S}gOa)xA~`+b4gR1Vo$rs67GChd&P+EoBw
zU2G^V4d^gpL_v6)Vq}0<H38J!d%0j6JDJ9B0VQZumn>}7ighQfMN>xTbMaRtz==CZ
zzC+4fE=LbgZF$+P51-z<+_Ym?s_uz{0hv{4I<fjSPFif$YEN};e(;Yhq$JC7Z~8Sa
zJdoXe;QgRhCl(b2xsVHuao40te5xh+$6+tT$1>+Ic>fUFR8W1y4sU#tO#vA@i`o2>
z{D?2Uwok9k9v~(7cs%yRTM)1!Tu;ZvXdKo7&j?8PdMCLg9rqB<k=-7>M%Q-rOS72X
zofr7=8_}4@OpqFZ-@}wH`N@~6#u$P;bf2$^!cC>(eL!eJM2M9P&_?x%c2*|H+=2pZ
z$_7_$rBO2%2x7!sjgb;xNC)Qz%ooV9ijkEGJXt)E5rk3xn3#o#KmjQR{up_*3<QzT
z)_98JTVn|rf6+qLdlZ!-ZJtn8-QL+2#f);BIVK;uG+hu%W^C6I1;S|37sgp?BE{Iv
zi!!N6;v|D>*aWilE{o&uHX2ibpCgk1GEPrq`4vJT-A39^@TppXP%2=Dir{?hM5+|w
z2`Bo(m8CrJQPMXu$nXD5u{`6TM;o^CZ_o1#n4@)-BMN%hQe{jrPuAN}8LVl(D*!A$
zo&aL$C(^wWXf@cc#Z&S+AX3GhX$-FvRm7e6_c>OS^<d@UnR<bW0b4kF-;|0r>vYHl
z+Y0BQN<XE{PB5t7$T~$*8r_!Cg2&!;OI2BZs;5J8%$yHSZXa)@7%-hOVF?3mt~U>K
zr?H(*ZWyDb_k6ywt>ETZ0tq|n4SLfoS_E=EdIHX$U=9q57gPe8mSrx`-r8bh+<04J
zyCf`RO#pi;x{VH9xF1`*CU9Zwz=~YxeyYMc46y$~j?lPY1qi|-0BwDY<;9n>V^lH0
zagO`LUj7oK@G3nyV?9u$@Xz5s012*;97UEOgNx)q^^ub{FUr!dEkHJWO+@K5YTO6Q
ziuVvfM7W6cNcrMlEOH~EGe8W1Wu$)rs7OC)1RESQmut3GmYsuT(L93~x1_}{4<gAf
zr<3Nr&La??yryr|G6qR&_<*H{q%;kA*t`3-DG`p%NoxrR?}YEf2K2xYx<F6N**kY`
zH0HM)GuoM6kA`c2e^o4NpXeZ|9xb|848mfwA~$?v;(o@CiHY@K$sxs^c4|#1Dw4Bf
zLr^eD4OBT&G#?g1$uS&C9D|^#?P&x8WvMw6k`5}MRSXDW2n#Ul<_7h`i&>I6Nd6qd
zg*77z<k`f9LE<-n1_xgq1nfi5W5Hhpc>u&&zuuxQ8G=MAd43qAVe6wX<MFBDjZsM9
zNk@=EC<%1}wC-Ev`pZZw0H&gwa1I-d?2zUW9K^sFDFtl^at=Jkww)5A1F?XhI&O$R
zT}|_Ac4Jh8#i3D6Y^7Oo!IQ|wPkt<KI>&Zvh+xS62oKm*RUVqlrxpUV0ppRT4{r!=
zKVT%34UEbUS;9QV2;E#6hkbDGJWv#il1JIw0vAX!+55&5%;Z<=ydx999}pby0SZge
zG(%!6omq<sIFvnwfTOy8P)5FW!_O>61y&f0$Tl#c?2jf=-A}5GL&MjU6}mRsq69Uk
zvW0s=>L+}Vx`-y*!jR;!Ppqu18i{5;S!0B#8`#(My4_zUe$1zX>ptXjzMdMn=_)LG
z&37(o4(tNW+IE>b^qOs}JkcQKMK+9!rT}_g2mv}tqT^4sZh7f(Z}iB695RhwWcu0p
z1VL4l&1r_C68LDHMD`BRM2PY;4SHcYGj4~@!Q~<#j%AV4j23w~R{sO~o-%Z8K9Pa{
zIVWCHH3|){C343}tNx7(nMK)gI35j*q+54oXTik(+Qjv3N(=x1hk}HtJrccv(ROHQ
z9n!XtqUl83ABB^zY57afA_&tRM^2q8JkCyw)u^?TCt^G@(CcKf=dWo~aR-M`04j_B
z8JQlMlc9appU;3(y46P*EdO_EcM&VIwEY31nR8-a&7rgiJ+k`Ar1N;4<g}$<xxXms
zgD!{!^F5dARYnrj@f61RFX5g|I3H_vzNq#Bv4Dapd8XpWYzlso(4k0!a&WgaMYUio
zMHDfR0KEmcn#g<^hqim2L>WJfs|tnSn~~T&hBp{_1lq~^g7!UoKOorGph{f9g8ide
zHO-P{GQ}Z^%=!Px+DB@mJh^o*)`=LC;^aUGVD%Au-pPayE&<dua{U1AenO#y86c3t
zz-BYgWe5Bviuv#1Z%O(o3m)tpgL&XCz1)`41O+%$$MM4@zr%*4!xu-esVLOLW(;S#
zdnmu#qA*Qk?lLNAHPuX21(86CE+2EXIe||txeg<>&V*Y@!d%04bdHHBxg<)s2lx9;
zBpb3hB@OMM(TzZDRsfSnhJqs^#Gd&t=P_6twzzBPfO`VY7uS@-AB|4pI}sjm`$$y#
zA_2B9aB(YSH_jZ8e|xDe{eGCx6WE2AbK{z1gJKLH?5_)f*N#{Nm@#UcsFt0F^z6k<
zB!^5pm!kNhreVfML^?cUmyj9NNW@V11^~A(x{wK{Iq(8X@_fOM;0`7T#VSJh5Qe+t
zmyRfZ8wkuiK{U5WzCz7+?>JofgCqG;V#aVh&+|^C|Gi9+PrPr*Iq@|lJ~=aneL<Pn
zbf3XMQVZ!h&KIgP!l#zw;@Xipu(f!-U;hnrLK99)zv8nJFV;b4fA~BZ0ZmQQ|7im+
zp?oc}9HZ(Gi(x|zwkN{pZCc`vL(6N-QM4i=O#fd5!O#=|R({6R?8EUC1W9jcfI9Ss
z<n@t<(V@!9i`LwTWLRL-#(I6g5C<3)vh^uRY}h^yN>Zy*!tfn2ymB4rA~2LZwbzFk
z0y8+0$7hl@#4@>&aB(c7qfCb#UiGwiTokvZ&kGXZ4e;s>TzOka^RK~tN=+9WFi)dL
zLX6!YfJ7k~HaK(A5#vP-?G6TXx4k`v#Q`137pq<U^QM(?ABr||6E|UqGO&oG#)BOl
zbWVCC_1x>rZPo~f?&ztXi1fY3rJLdS@jF8e;>@m``MCqsVpu*9wC{!9lo2E2I>IYG
zJ|Vqmgrk;eEp$;HfUrb2A9@62>746=!dIYpR2Ir!9vh%LI6)Mm5&&p!Z6*|Upd`bB
zWN`M<v4e%RIj2Dw8*x^Q9(Dv9;OtR$0j00y%J(>jtpo8KKuAPw!#U)>|12a`dU5Sw
zW(Ev6)P@Ky9J4~b1|ofUrnliaQy=xXL--ousDaU55sN)GIQhMGR2shM<R2LdTv?Hg
zK>k4C%#06&gDi*c5lVPpLyqmI83^aG2|?8JSz4Nt&ibp9Q3n1DUZ(m2B^V#|HFDHv
z$Ug`Q9XSqv-P*x{W{{RyHi7a?!Q-x?VCM%Yu<_X{o8{#=f`b2oqdFiIF}+KM#|tJp
z?0z50U_uK{MtG0Q!$i)61O1QLK{*8_ukiRW^_vm&P%8c{ghqdRu>1rR!O_?TM`Be)
zIj6=6aL5FKw<sEjfj^xost+z84<(R$#<*d!*Xb{E!3q~=1}C@7KjTV)-{w<;Iz$SH
zrzVUcfNJD3nOq~#>hmDLA2eX<frHQ=2dPQ}%tQFl0FmLhI>+=BBj6`IR4&dm8vz!U
zJy-Tf1}i$R1sQsog*?`rY|^DM8OdlXfUThw5C_8Gv|?BNiVbY#ml5h)b08d&L0w{O
zs^AGeUj$&&#?=ZK`09<tzfx$`SZLUKj=eG<A~KsS5Stp4-KU~R70n3K9%y;aMDU{V
zqi9E{!dP~l`W~)dPlN=(UxEygy)g^CIi%#ncnTQK5VrrVCkyuU$)8lMjGjnW1g<Js
zo;i+8q8cr(_NkV_v?WB^q_<ZnG&Tor7c5?+feBYpXG^3jy);oO`ynpfCSaS<0kt0T
zi%D?_>6Xv%M;oC>#iC+|6~|UmS>m&PS-6s;n*27DdC^;d@0La`gb%!PKU9^>ydaIM
za_c{+_Uujx%@AZX8)&-cF)<1k%%B;|RjPnSlO!^V(c}^ZdOYJWt#Y6<2BEP(Eg2y#
z7Po$YnE3WtE0E|$ITgX8a3(KpwIHV2<jL=Jk;g$0adwdnUG<oVnUrd7-Wba`id{`n
z8D+t^qGdAxMO}j^f5Q`&KOAg&@ye%_e1MEB^{GeETyv<CO}3z+Ub=olrdYZW^}oxi
ztvaDnW!quPo>x3t<z6B>KNA5<`6PcX+EM&X8SIRStkg{>wD1w9b;U-!z&y({@Y-If
z6-NX%H*;8(Shtk>UT?5THwpk4=3tDEs2VocT>uSEdU9&YppJG88L*uW$*OSs*UDhs
zrA%*wcaQph2E3`AmVqj2SDsYsivxeG@NLeh%+8;ufkl9@iVryElaXQbVZeYyjFQxC
z5Fb+!sDQ$C(*B$EYyJ@VWrz6V&qh8bxV9g5jJNr`Zi}q+B*)DE@)T<Fw|$Ne1cO%=
zf=a2$wX9ieNb~?h`3(vEP4pHk-6$>WadEpPacPXlO%w!k?cKB9OzDl9t+eO*)5kBQ
z@%R4{lcwG=tX#@<6)a#96!n>P;KHT~tynB)l6h+1W_k<Xn499J7R_)b!=Qa#d1!`6
zes{s$ECo#qG&BO-8JBF66R^m%XUNdIK<vB}CV-=BQVLM5J}^efqbsiirv<YKCZ0!^
z%Cao{!dk7<^%3-rN{2_;fAHCK)n?>xmteV=Y_=MS2-_u+24V&jM`Yswc-_+y;7~oe
zvjDI(CTkp~<hMl&9ZQRrCuozC{X_b<;88gh-KGp74-Mdn;@SU~c2@0zde7;N-wCiv
zL%giXgIBh>#BJU2YZrCF;`Waj<dYO;_m6))C=f`0Lvm*3-9FRw4;ZPnm)X5TMAvD^
z?oXOyGd<LrssO8DodP~53W|(`)?5H$tjG&5N*jB*p@kHfjLSQ22cK5tMDE)<FnEky
zI|^SM`f17>mb`lY-a@i$pK9kvF3efz3$6G&n`^-l2Fa4=3xkdb@?#+}{hIV6Q4V;J
z4bK5V|A%O=EfgL)Q)|Jy<a07P?NX8aw+aS?TtSuKTWFiejlV-{++Ci>z6b`|w;R{f
zp!5$%0F-N0&htJFQbT}-CnC?^fybl40OSl5J0FM1<{VxC=%<6>5aIIwAcTPziOEYm
zWHOh<Wx#+Y?DZ6P_~iFwvBqJ92u@_;QK;UPsM%Gn9c-26!kclpP&49l`X01f6e)?&
zP*(Bg%pidfgT*p+9lCrdM3IlBq^wCp1g$bc5-Iu)TS_?2*E24oLkY|2D$L_?RO^A`
zK{q{{+meN^GdR?JvPGBp@WDRP7#ufp0Ls#dZyC?{<BNF*!VX?o6kVcc;h>P<w_3*=
zs9y$7x`=|-0j@Wl*6l%&1_LKO%>t?NV8mcSt(Q08daHKE9U%=h5>Kh3>|LSfc6YAL
zYqP6UiXT`*kgXpk0GbN-j0l9u$W00{dYH}E5y8DUsCm0Z9x4OtGa0BcRVNq+4w_U`
zQ|-jWt!NIAOa1ca5)3Q6!+!w@HLrDXh;7OPbOcOE_iBVtRSK3N7I%t?10!Fr_gMg-
zu8`4x`X~|JY0KrCE9l(8tUmy%j;=7sRF<7LumRC{Q8dsw4I@uyrX$G+FYvJ_-|1^N
z&hv9;76qWEWy_4tzQaVS5x<1HL##nG7@j1|u(e4JEbW$*Pr$8M(kDacWI5r_(}J_P
zW&hWFMkdUT9y{9D)w^6HvA37pzznU02?`n#yr?m425d?dK$C}ZGU<<%T1M-!8t{(R
zzCuhy@5qLDkjiNhzWG>?XtI3&qxtY6Yd%R-X*N`g#a&?{_F@@;(uOGs9tf?%az^3R
zKr++`OZ4u0Bz(mBe12Y{dSSIxr-8_xq&74>RH}%CgFg-GGyg~f4bDqF?)}=A_wbKm
zxXefuHMh{_LQar5rsF<VyOw?4!<^TehQHhv&Ox@Vd>4*OENDk;@N^+hlo(`e5O4$H
z=xw^zz)2BXjPJR8Fq*g=0;ga(`FNE`(g~~Yk~AWqayioQGE!u*XlS{8$sA?T<`f4B
zsMMV{E2easB1DA%cYhwu`UvR@J^2eb@oW|NmPkIIEiIC1P%X~Drc?zGi<@I}b-)Bk
zZh&P@GR2q>5A;ITst0-aVnU=qOM#34kQ<_qNZdo?8U4=O#u4xs)9nZ@5;e}`tE>W}
z;7&6%@k=kbpvqszCwKeRa{@KYfUrt{!2I;YY*WcJxPU9wac<m%JVb{V`~Z+m{a_xb
zKnPH}bHcBTo0S1g3TJrS98~&Egsyw~l|jO)6!1Jv@(iks=yN||9`^*3<jzFyXape&
z03>;l=|ZYLN#+0+R<y~7{$Sz6!O{<$aU|A0eF}Po(O5TN1Hzp9$){lQ1eYjw<m3W_
z+j5Zmsc|twXme+Nt-0E(wRCBcCp-Q_BMH1i1E*le83@T_eJ71$8&~UK=NAU0z>B<M
z!H)CQ8em$yz)h3uMU3i?COKiUwn;I_g=ERu!_&&>%rf|h!PG^ju`M82?fKfo%4Va9
zN}&3|g$__&I35y_k-mrA<@%&reYZBL7%V_}QtcK#Ifu+diDP8y67TvuEa}0|qZoW~
z2G>y7A<QjcDt+*Xkh#Abj9<pV1hVrLX+80#x~H?aA8urTCYOODa*07z#22_?05%F?
zm^7cPXOr~r0zaA<01j3%!2}6m(oz(lLk~JQL(Yx?%#UFrNK|Zb22x2&9AcXrECF;w
zz<}}Fu+Y)iRe^&p@MyIJvcL(EUUYHM&yYAd7qTZO+UJnEJ`~Ct!x!QehADNX21)o0
zix?PU5?9sG1IlIjUxf&eFjYGj6$?SIu}T4;hq?{}YZfywOE6<oGfl33m@C-9uIFGL
z4hkLh$~Uw35v~*>FeS(fJOD4q1A@S@wxU<C=w^=*EEDVjqiajpKErH4ZX^S|L(%rq
zt=)=xR1*PZV&A0{e*{($pAdM2S*Of_dn2NzCIlP1gP;W-sLO%A1t+<Nxyz&;P06T-
zwRapQQ2Yh_|8E5yPX6kgTe7Ie%W~bP7=~^NuBKh=Th8f$ZGcc+E}ibJC8=>Au#=Fa
z+7FXu=_kP<#Z)8UU2Vn}B=WEVI)IZvs_>HKFIa?&33s3-9l`bi8D!g2tPX`zbpqAn
ztaut3dl)4UJ**4_Jj}AL)d~P9<klCKaKgw`g5wT~g(e#WSXL5l#vWS`guM2?MVtX)
zUrLBzU|_j>LAaCCD#$D8i14i-{7kddC603Tlpx%IL$28+X57N>rD#nYxNA)R2QX=z
zADrD|K-oG+R9!jV!r&WZCM-wo2W4q9pCGh9EwsOQMD6^G2pQZh7Zt(ubVL;J7?Ud%
zuBt?1(ovu#bOh5rtFfBZ?!3)C4ui6fh3M`%3c%nVJ(rms*a2!?`e((wF-p+KA-)(u
zyv`?DT>YDSKs6z40UoALAci?bL0DKG%s)UNA96%J{3H1KlxHtFko*WO2p9#FK>R;+
z+&4>c#t(c7OIew;L4^Q~I|yQ!HZ~wgj1%xS;8WfZ?c+JnqK9_xoaj~=O;7<4Y2Qd3
zxfWxl4dLtgUh0|1tigkpP$-M(lJGM2tr3B@hgg%UBlE9#yYUu$Uu-FPgvPu_@kvcw
zeQvxkAs2pQ?!#yLT3qISvZPLPt$PoAYu5xrGfAUYaY6s;SorK(5A{7k{-(oEQ2^D%
z23U4x2zyMv0S=&i6hy~8`;NfJmKrrr3eQk6Q3?W<&fCJR@>FL1iMh3E&PkfA_Hsu(
z!@PrL1#=Y~Qr!LEISEAG!woGEfXQaYA8g%iG-jh^;ILd)JomQlYGGW7I*Xsk_8bNQ
zb}O<?!5(Fz0f6Aji$RD7AV(4cY_?CMKEt8bY7k`|CyjiBcsgV95Lm^Ff<M(jD+41O
zT=>VI@X{PR<?;w`CxHdSmBeQoUL*JQp%))YCW6uj5Paa*P-tKD^5G$178KL)Lw&aQ
zoOrk?l**yi`RB7OjcEipgB=6qQhW<$e|B=R<$l^kglYpC?X;^?L>E99dXW`zF#|1a
zp>r#`=|})9+!c)k1|I!7d4Z)4kP-I?o`R+F5)coUfIu(&879P%_3GlnoY&fV`Q%bD
zfOqkXbaqadJT>5M2;88^CmpY$kJ{*lC>^F)PGD`v)QyD!n=ne~GG1{~MFBGaG4kdo
zElucMMdV`N$Y*KSK3d^qU6jXF;H3;fvDD-cgtCjIij1RSW1>_tG6FLuPVxRcizKQ&
z)srzq_`cuamPVRe#9b#}yXpo#dp4wpFgOv$>Rj8fsY8!oz4}nM7)G~ZZ>Z9COi9!`
z16Le}k*)gjnJ_NLIu6i8iP-7iL}Bdk8kVcTTEW;lE7i?-R#0{k?&p0u`#yn(Qck-I
z37=gc#WKArfj_`R5+(q!B`N{fI~!-D3A?}-C~&@23L?#`6GfnO0!<0kd{XXKgd^fr
z>L9`|2Fa80n(rm#^&*6%9YN(35>S)xHa(~bqp@PxhIrF9jyd9eAC7!{m(T$*R$%Hz
zHz6;Qz^$H`gHB6$m2A4gGK9wZLjsw%{7DCYQf?*03q!DN?ARhGv4pxpm5&t)A%dDl
zZ7D;jWAl|sNUgA{1087tEsKN!(pI-9>GU=nD+t4y5ZRV=u9uL2olIR&J4QgpwLtAt
zpjI@1#zdJaplTx#?K!g;^&efX+8bYUrcR;Q>XVNV6i9Po<oW>1H7uZ{>M{826&aa<
z+Hew81AJWz@>H@1mQD^?3>bc0DMXqn3s*W8;t`@l1uxN?6E;+kue7bW0i-}DN)`=<
zCu%l1R_G5@HfliGBBI_FY<@XrZzZ9%J{-7#F=g>H%ZV4h{uMw<SEBID7DSb6M|L8Q
z{@%pF6!5(aMCe09l46=WomNqOZK7kjfo3CMnr2ZI#gf3HM{zI|Ae_ag4~XAH<JQbS
z$u1=Ebmdh!ZlS_egesAGwoV;j!rat3PU*ylF(I4|TADGrPn-}I4&$6lD!LSEbD0xg
za}bFWl8y_P!O?4fF^RWS0LI<;(|TYj6Og}*IHZTPuPHu~AK)&DIUQCjF3y~eskv3U
z7}}0lX~%Z;SNRN+j9CX7FTkzFAZ>kY2v4S`*jyIiVa+<!yya*-(UuM!?O-E?BZl3I
z&}xU4#}2TM7T1i$wav4lAOY7d>|U%$SALXjZXKlwhueh+YC9nR3$%dD?NCi@pam#$
z`~}$Zo+=d%$zW24ApuI#iFO6vYbAvn$VLHHud%owA}12~Ax|wY<`oLiJA};w=&v+$
zCR&z@8%XALJOaex;U+LZVLVvStF9B&x_h?Ais@JdwFq4DpQxMsZZA+KEc?4cNCHD#
z(u5YA>QzO6J1QtVKsD8Cm(l`JOo);SM0E@2HI8iFQM)DDspI&DtAYB^OZ@@HV6LHB
zQiGyA+F*+w6ieWflhwg(ZAYQ!YK$s~Y(CM;kc}&B1r;G;Z20Cnt!pbGjx4jHwt}He
z{_49){{(9E+<JY99QdE}qdHtq(m#b3>P42I;gZ-P$-7`{*;ae6WfC#%l)l&mUck72
zd1JCcEPH1Duyc6*+|0&0t9L>shc#rl;Vbs)Et`czD2AeD<PQvT1lxR_>>Uw&7f@hZ
zI8W@%rSeq-4?TJt+-caOyJH@nN>dRKL4C-w)Wn4VD{}f{B_zMGeBA>U<xnP8A?qHJ
z6o-t^x~M|ULmn9AwtOH7W>^>@f!?^$r?9s(A<>-{vUowwfPyBlNWwr663YV%mO8Rb
z9G9rT!LSK|+O7-<DI<S?RN?=P3=;1cMvBmki2Epd6;{bJ*oLVCB*WPP+%zcH@`Zi4
zgK_2sl00Hm!WX4`4pCi32Ta7r9@lbde=?+_vjuz61U_xKB+1L;0Js!_%@PKdWwQ<m
zod$@hfH`Mjz;YThd5JKFKSQE`vT|<PV$8L1dnw4Pv;c|7kkvwco-=yxComW9hbB2m
z=$zehg0i?!00m_zprVCVOBT1q03CQx^g<{g-gOK36=ID63U!OC_#MB2!0RZ6tVMH?
z_z+AH!-i$BXCnqHLn0J(*ilm8QNq_n1a3H7=MZ^>HrgTPc7T=*trBVaP-b>6d`idw
z+sxL%)Fe`JG+@e})hfk4Fd4x)tALn?B*&87!JuE3fEXnY5}V4S<~LmK?88}~P}J}G
zb-jVC^icZ|R|p~p8`0fZ|F$#*lRfCusw!pO2Nh;Pt6tMBsnrM03mT`UjttXfh$Y)A
z2_3kf%lM{)R-d(gOz%XQJgQ$eSvoN!z2_W5@+L2$6jv#YsBvOEF>i%6`uN3&VOe)0
z5qvQDXbKm_kiX4P2U9|Yc4r3KGHkoe4LQTU;6vLW@ZTIjxf-0jzNWOKO939N<fa_T
zt~q8@etInD<Q$Jb=4?!2JKNm)s|ki7f*|m?t0EU-`L?)B0?R_TbAw=>RJwb(7Tu&a
z!wM$ak=P|*s!w4umaPh<qUuDr4vlUc)cz5B3L`$p(x=7)2JLP$(h+oqxuQDUajqjm
za??v&6==^0i%FQWMvGpg_A0%5p=Gd4KNIkwmjBH$0D)MZn+d0wlxT!FrCYQtqz`^v
zx4!R;=G&Noe_n~9p}e@B%a<<@jp^*n9+anzA)BbYLB>2GiT{?0ZO6ptmOwb;855Wz
zxN%}r=G;&y?<8n&Og$Ed3qd5xV%MV3O+h%;aZXqYq{GMEe=5B*^MrGXr3-PR#NCl!
zpJDD?o5%kxHZ*AAQ)=8I6awq?eI$Y_2^0jp$q`DS^OG!>StqiBV=s^wk8y*(sFAfH
zs;r#BxVf8UgBlgs^+QkSQghQ8v5QC;|F6Ff)Zq5vi7?t#ffXI~U{)~G!5CE7xQ+lj
zhqZAZ3<XPNOwPcfLfOtu%dI%R6{&Q2B5}%O_q5NA3(#bQESo_h2XJ))H(EgpC~_;S
zT`>@NMEsqxKiutYj)l_Ow9~v6mi#j4T(t@gzq*2U@F9wFY7ia>lpr8m?2g_B0N^i#
gJtMlQK+YEZOMyO+TZ<U{F3U{8Cr7+`y|5JMfa;TD&j0`b

literal 0
HcmV?d00001

diff --git a/public/assets/error/firasans-regular-webfont.ttf b/public/assets/error/firasans-regular-webfont.ttf
new file mode 100755
index 0000000000000000000000000000000000000000..50511b430a625e9e5f1edc9d5972a390d60b7839
GIT binary patch
literal 72228
zcmdpf31C#!)&ITk&5}&EnMo#-J(CPc2q6i{5Mlyh7uiGz5dm=l*<@ctL_|cO2#Sa(
zRRp9;6%pyYNwhAwqPALTYg@skwk~ZoEw!y*KRyNW^8cOt-kU9x5S8}p_n${*-g1|7
z&pr2?bI<Z%oH3S)FB9uCVnox$^M9F^#~2@gyEzvPzi@=~2d?6JGOp_{8h^>eKJUJF
z0N3|0cKzgwCSE%9f?s*QWNhV0#-!etOsuS)dvNVljNO=l@>gH8aQYIqYV&V#eFN&e
zf6evRdD1IWW-)eC6P}Noy=2b9i7l0n;(9;o&zduR`I7c_CNs7+5zpi1ELb%=N1FEu
zuG1L1{j0gNrq8r2y~D+L0zL0H7dKLVX<Cfy;kfQGcj0w699l40!u4Fn<oyd4Uo-tz
z+5eTucnZq%-z=Pd!xG8DcQ9`M2<1JCrZ1dz<4d~+Fz&#m>D48RmtQxwZ{lvoU9SS3
z_m?c2wPf5aukU0$V;}0@v~t#r*`Ms1_$uRBIjCU4A7PKZ)$q_S==T?o{;o#+{&`2H
zc#@2(UaT7567b8}Jp9eaA+rVSPdNXKeJ-BRbFD4Wo~UbMH?n(}Y50h-O)Tr0Rm&Ez
zo^zJXn$P+zn10<NHXQBY18iwEySgf5=3zscJgo5IOUB}R{Ma%0ZoK4Td^a`Hd00Er
zHA|K+VafAnEnCEZa{&o`bM#|j$>N%`4AHBZ4PcWUy~p0t^aAeNm>GX*cw%NnY#{2c
zXZN!#_5k|<t71oST)<w#QHQeW0(#C8QF=B?{z3G_*)>eE|B{}iWTh0cOm;CKI}toi
zwx4Q$8ds<AceMRv`?2<q@qJP}r|XZ!*)DwJE?WE#{RrsN+Bf3&@P8JF8s;?I{R?qu
z!>H+xeTP{}Yd?WCU}HX33JPjqBSCqh&3`9GyM(`hxdBTlApGC@l%nGXy>nX24D?3#
z(!|Qv&giyJqezz4<#?#%`TV4{AI2PZ`}6OC&FIDW?KXJdq98`U+Njn(%{bG3LzrnF
z8Tq8cRfCx0M%<?vjs7(Ln`bq;{}|Wp`7v&O=UeR`M>f%|8PrxqOj*&b`jK6pkE>EK
zi?nJ5Y~Q6xL%I-GH`*aOYd>mSg`Y=LV5m&D&b|Y*;qYjEb-Y9ON#^65BtA*|Q#gkn
z&^dIWH6&^WanN}UQSR6|p6fDO!!97{0)k*m=fF;Aeu6d5aYAE@8edFas+DO!LO9c!
z45x;UopgkRaE!mhXaSm7#~SDTPJU22o$scJKa#c?`WVtNbO&ecq(L6m)*tju!B>p6
z6j4yWh+I?cyQ0eo{B@K1qU%Oo(+C=%IY!SzNTNqop!L$>);Vs_JR96JyeFe29V5UC
z-2q+1=m9$VE^Up5cNVK8S~%578!_4qZ|(e?8|xxgYq8;tRr0*v3(0_368*e()sa5B
z9CImFMI$7XST|jkJSUXKii)7Hjgi$tbMu|0(>XYBWWT|y(lF@If*7&UlJOfX9Cczt
zU79~yo3jm^1<Ry~XQZEZ-45yGD2s2h4A7s%E@D<371;0CaGr#tH+JU9EP>f^)G!B*
z5zL9BhNa>dz+5=uu<K4o4L1%4_STu$GiBiz#j<gjSPqV{EEh)#%VYVhFZ1Gv$6me&
zy_MjoXJt6*(Q^eGgMEz;=QTL$v9rGbd--}C66=q{f<6ZTBGOGW*<c*SYzU50HVj7z
zyAVeaU>}9D<8YL*i8%VROL6pPm*Hq&Q*orS%W-70X*gtd1&%CsC63W-I*wj!296PI
z7LNXGA&w%p2*-tN362r4pWF!O*5K$5Tf}V`#bz8XwgpE$yBF4pdRQkO!1q2Jne1Wq
z7+N^U4x{{&>=}GNhoe7x2}c%t1xJ>!W7M-(ar76~j7)Z%oj_mj;&8I}an!I6*l%(E
zdmJ^|jMe{{Y#Oy!*Li@I>p@4;gfz8*lkaa|imQ#_mf-4;6dN(ubbS<hJ6Q;XEd%#I
zre`FTs1(ZVBE4Q%JV;uNMEz;_9*I&XaYkiNV&_0*s3qdXC(#rAZUj9wpbp89Qj}YY
z=SNXz7itq+)H^{EwIc~q?sqydRy1jE-|iE(BEMk+-;G~=!_H9ryZ86qTlnTscee)S
zfjHt)XojR4LhGTq1;oV9ge3ubg3jCUoDP!nM0endD5uLd8Y9gq=#s&rw+obqmPMQN
zWSY?iT1}+dID&eCI4i{(655(*X`6sTXyqtL_70L+-%*aDP0e0~c4-V6#5$(5u@bBy
zxIWe`lg1ql4>kcIl@u+YEgGv$!yDQSj#ZS4JyyaWKB5KKPjF~s4eIv<M+g!f#&7Tw
zURS_Dy@<VoxPr}6({K$qNRFd~K2oiQkXO{FG5>-x02fh;MkQ2-M&iTl5p4*(qAjuW
z6=j6pjkam`L3PAf#jk({XGWib62HL^|7}GL2)pXAJ7v16|DW*eUpI#KR;&;3jc+ze
z$TUG6?b|?IB->61d8n^jP~i!KUs1b)vJRsh?c5BC6}vc%#!&)tReVnqEkh0y)vG}Z
zgigIA!_kfgtG+&j^%q=CP&>&~@rS<X*Z4$^&*;^7+VyW_-B@KimM~z{N_W*?$GUnQ
ztmLS^bj*d{?NBECp?=<-GBK*1_gnudaKs)MNypHKsE<Bf&74*u^sRAi?K(97-EG0>
zG1Ok{vrxJ4{$iK?kGmU#g8$VpM&aLp!1(P(_fakAH9|8Ss|i8t5q-pNCA=>2IPDtz
zSm+?(PrG#<)7sXpn%}XI2Dt%s@Hd)+>Akc^Sb&9gqU$2x5sd#M)eZc76L1aM_$GBa
zFB@tt9G39&?$qs~jLtthFVXpvFxWspr02&fOE%KjPqfmYs-VsstNyv~b=7)!?GQ%}
zzuTSjsG0`9h_RRI3>Hn-3H7CMrD)z1DceM8tuMVt<9Vm^PxcE#>k_-OP><a_YoM`)
zjbguE@9CKJL;N9hM!xmvkAX3|A68NnJEm)zMj4|=@h}V$ajky^y~W}>yvAy_Excfi
zbMg;&{W-tfIaYs$?<InQ3{OMXz;*v=B<@IGH$GT#K`Jrsh0nT1U(r++smB;kjo(=9
zM6?;3JM1#(Ewo?IS|Yv>-X>t~;7<xYk38$7WCXS&YeZj#?@8#HM$^%hZD3KW9d;G9
zUZY$8*IgSUkA}ayJyMK?F^<T1i|DZ%Eq?Q!3>b|TzVq+7R{VGFAlN`SrwQKtk2;Cu
zjQ>%fbq!1;x9Xy7XcdRfjN%PiD;;d=Ra$`{M;T4mC~NRxqrPS<iOH!@#E?+I(%n7L
z#|94<&bA4wi_Y7ys(i%xLaR&Tdsu^r4btF+<tB_12Kx;9%S7u2E&!vZPm#7RS};76
z22T>Zm*5%~-UqY~KZ>x;Xx5&{J$6*w6)fFkwGrO9AT<A3CoyMA;Hhgkg$29oA~Bvu
z^hSF^4fh>OY7iK3L|#RfHp<XlIuE~&EGbF^=>t7?*r5R)5gi;|FPf@Ahe67Z(Te^|
zD?@dIrQwrBA3+#G{e-PUgZhjf!Xi}lb~L|&(TjjZ^g_N1@d@@9>LBQG5R@LekF!X4
zV$_W&-PHxv)$k$CzLQTOx}OL<64VBMq6^ZqZh8t0e8p(u9JjPt)L@`<95Lb1<|S5R
zL<uwsIzrDiZWDfoo<(1W-|6_wXf0}9BRG{&rdz+?LQ-}PRo6X=dIpE?wBJaab=~4O
zdunidy_Nw<2kF<L)gWghoh>+e+||w_=fb#av=S^IjK?+L2zz1_)_;u>bQ#@xRMC!?
zVLYYd!~cvsosYbG@R3C>)P{&p5Yh&;gIEY1XA~JhJWKzhmc_Zjq4oI}E0z2(`btF`
z*yR(a3+@#SN-@facqdUFkrZf_D1p|yXc@hVUFG@G@6k_?{sc_K?X^3h?+^_KVFg?<
zcktS%jD4m-U6I@}*h3hO2!Hqld!q5vAAKVCND=*p!H$BFSEBBJ(3gR`f8S0jZ15p`
zYG(#+!;0WE_TBI@os|f`AATNQm(II-7G5@-M}^<-#(8Ok?theYfAlLXZV_}C)cv(K
z4O+z&=m`A_-9MZs3(Fuq(^jIOPEk&4;AvxJ(ijc+HGLwiZBbT-s6pG4h&4m2snn>Y
zHK=`~E@Dc$i#Jh+Vo=WOC$jgjD}$y*Z(;X4?LBIQ5%oJ(3bjZW1h#@2Fg*$1(cwzx
z7U8X6#weE2_yp&UN@EW}v1;U1r??o34WXzIEjEO5<+ME=^{cl)9N(ZI0Z*9zrR%O*
z45ravw|<S*yH)sG75dlpa6VcVD@?4YZVWCay=XLr*+GV8s0~d*c1KROzoXUC<}}no
z*jdbe#q)Env`8Egtb*E5S+fIzrh<Ea?TJQX`gycHHmpD58z?32ge-*AU-&Ll>rZdf
zuuq4zLZeWRA?8G%gZ2mwFQ}!6!J@5h=NB4&6uqMH6H{w29!CDgZXpt%ku@T&^f7ja
z0wU^tiwnYCx8aIOOZsdRhYRs5<c54xV7h>$bIeCkL#KU4P)2yEaG1mIYv-Lj?a(W6
zU#el0r(fedyj5^+iqR7F1^?D+3E5y!aYXqj?xNwSyF2~xmb!V~5z}R{#(~xhTdDz}
z@MEEDhy5$nk2N*{Q5Z#aTBe(zcPQ3jmO7N^^hT7d*ULrHbSHS}w9WJLfH+HR=wh_r
zaW+v%8wKri!bi~UHiO*=S`3p~!3PYPFP(kD<~vpqP<E!E7tKy&@O82ul73^*T3A(M
z6=^FlLW&0Ij%sSHq9XagMLu<`)<O-3<0BGNM9l&o#P^0{km?#bmevmX4RXQQ(1-dv
z|7Ve~8109T%eW_gzr$*YXs4SO(U|LIwN8q~ZY}oRPMYZQ_BUw>WkF-K&S(ZmyAdlT
zOyfpZVc6Da6Qy*S5#ATkGooj)hXT!NHgC;_BC<|`^p&Xf5E_D*Wt(o%5UYmbdI=KL
zA!|SRap_vL7OF>Qk@rwmFN3p~D=<_$GGE=O7kYl~vrhD;;3|sMf*8Bl3&naG>mIOR
z_zVO$#dQokgxBnvS7^8le(QGl=sMxNNwf_b2;C#>hEqkT_i$-1+6<!|qf{soPs|c#
zw&SM*Jm(m5#}@uC+%aZS;IrERN31!rp<>OT1z}B%#G6<(VkH@khtH33kA9=?huYD4
z6D=7MPS8xKgs2}ii-1Shu*1uRL$38sPow+Ro*?ING_o7xkda5ZirL6DEJhY1Wh~~g
zo;do#UQ@~nkT2Ma^+2v<Ii6SI=*9ZrD9780s_<KlqgZ4$_C<}ptQOgOHTdm^qYhWK
zXunRpy@>K0WnA?~Rv+a#nqiq}K>q`A#Eaa<d}IWUU>;;RUWAOykvMXY>o^K|m!ol{
zB71TSR>fEx`6B-@kzIl#i;c&T!zMt}$VWb86Iz&rqex^#maxe<N=05|Z;=;SDe@w#
zL|&v%<VE%qS&;c6=g}i_9<xQxqgUiS=CRw^oxsC3b~i@414m!HVd@^7Q!Zp*kqg<E
z?Pd=mYmqV{<M8IDA0S`yVRiuUJch%8?8t){(c{RGbg&<>0Nw=Ef+Jt#OL|1Uq=!+y
zq>sIf!y~dLeIjeJKx9oiMAl>+-hA~L>VA$R2fbO@Cm2x{=5v^s)4{+I`A-JmuP?AV
zmCa#uMGjUY=CnU*(rjs;6#R_9pHsiqer0i$sNbi1S;#G2fYDC^7O!PfaA!KQR`HfG
z{Pn>f&A=s?S<)_t;N3#>q1n1b|D!ixSuwu}$ZK`zJk1LT>2rzr4t@0jMKS#u-EG1_
zt!X}?CX~M#=h}xT#W+mCQ5a9PU&`gx4jShI{kT><BpMDK+9>Fo@@?tJ6!07O30BG;
zro(~y4zza(@NupW(K%T~N(D7Dtg>jGSIho&0H1`>BCIYh)|wS7O<NaZ0n0dGLYsr0
znAIzh`Ad1beFVi;i8qE-i#LXi0@Veu8d{Ktd$pje*`TV|KnL{Bw1rHHtEZe=%LdCG
zn2-L%+w_Ap3X0T#UV%HL&1!E1(|OXl2711qcjRQ}qX(l^jO{43CwOOs1l32aSx|-U
zrsL;mv<2y#!-KZ<EI{<E>l|7uhMelyrkIa&Xj&a>McvUnaWvu(_0gFaImRdQoMB<6
zxu@9=W(ERZ4bV!E_YAG`1lBlxck4qf1q()C*noka<1hSK_<68$_fPaW)%C-u`3j9Z
zx<L&K5%UpUr0Z+otrM(tc3+IV>qgJ<RNuGj?}Q3jUe8fYJSNN#WZDcFw1*j^aZvvJ
zVe%=2&0l1r8oq*=$iatU@ilZ$qkveggzkmTf~^oo3a6dWgBWM1-}$`8E+6A=^sO+c
zkn@j`(8`IVO&tfcV(6KMEiv0+<-*#D?xMrBrnA#pq(|D$2dxS_cd(rfZAU-Bby%4W
zokZLS(Poeq^s$DXhzfL<sKwAX1&0u2bleB)N3`GR1;-QmGv3Hi4-Lfz8AosAD1lT;
zh89C_<Vb{+b>OWVB*7DLFBKXiy%nTfyq6<iypf|6I!y+&Q+gvuPe|8n)S$O;WQn(M
zSRqe~pm~r^TPNPaQ71IjI-#T1iT7_LLqZRLenPrvlF&s{#G5xPLJKGoZ{CO#+9?-r
z-mnQhvsk=&!zMJ8V)6bBo6tFnh0f`Mo-_q;(YrXbw{S>8+e{bQW^eHpjxzBU4!3v<
zhfPRxF5be?OT2}{&2GR^EZ)VDD5Shi=%oolBdrsfXPwYI>x9mkB;LZo#alRRLbogy
zx}{C%05*1ny$E<n!%P>tWxCKU>x6D;6S`%Rcq4~fyph8r-pG+C-pJt*Z{)zcU}?rY
z`$&7pJ(c$^unApI@C<qr2faswGziimHd3UCc($?KCf==q_i`Bb1$WUXi0)A>(mF`j
zpgdsWLG(5bYKiWA2d>;H{l$9F?Nt*|S*sOQ7ZI<NH~p`HoV4t3_t9#0%`Nw1b!l%=
z`gVN;YlV$oU<Vi>E!g0sQ5e&z368?Tymk$Ow`+cHJ#Ij2m+&iEBWv1HmJfO%8q^M0
zS@E25*NLtS?Y0y7to1C~ic!L_*HW)xBMMato`vfgU6(`^<E>*_bc2Bl?d?#FqDk%E
ze)NC7BOty#{RGE)UQW90eeKYjM#1NzW5RORWjZwczj4E$u>Xy|qx&RXLR*9Q4e9Pt
z#dIB8JU2=a*N!TtUt;}HtKzBAcI=Y>y1T+h)@_YagTv5?&jnS-azgUO;3cF-hJS#w
zSf#>?gr7&!GVuy}I~siq{t;gKyq+7g+*PBx)~fBP#W!XhdO++t;LPE)7R*A8UD~*N
zE;!EhJVf1Ei{~zH^!)9AjX4(M?Q~61`=E!Y=h4^UP-xG9$M9SrXj0UURxZ>tl?tyL
z``oBUPrE9Qb|Y!AQ~EO?5G|5ML@^<|+Vk6eB$dToO+FLUBw_Wt^yK`1Xnf&gjNOCI
zsUl{g^OdSWtdFI`{24u9+}bXV#;J`PdW#|1NmJ1vBW)!Lw|Z<f`U&H&qCC~n>lyus
zHjTN7H7oQ?+>fvpAabLt`3`G6R-0jujn*S?b$NB}7Ne_&YJ|?B%Y1`t;Jnj$3pEpt
zedBKAoEUfM7f*=RbeTu9bUr^C&7IE{zfD`(s07y++AN(JtLt1kjb2x*cJg?}#89_p
zH-e5)LqO2Inql0)fQRa9V*pj?@oU;0F`wG3M$Bet-RN!Lt&pM7QyXDe334~ldf0kC
z2mZS?o^!OJKh|I~=Bb-?B6wjJb)w;nzK*II28Fic)HqjUt%xh52H6Ip8q+V0`HTHD
z`mWJlBn5`%G`hT?4<Sj>k4^`nHjL876XRO@jeXbXS&MlEy>u7X5si0UtLvxKP&hV2
zr8|e1o@h_M8NMTc{y%on6;=En8_NH;;Krud5Jg80Jo0|zRb<KVtJr;nm-r^<L{;B(
z4V_;Ix(RIr9~O1~rF+lr&PHd@hvVp5?fyHFFIs;=-GF9K==8d-r~4iCQo6T9D}#HG
zZxL2PAwl$-LaI<bw0&3=?>rJ36<O7xH;_$S)!r09dX~^ls3z?g@F#W`dauEj^lM#C
zX;+<npHJ>)%pG8kf+f_uQ3fOE7JQ+a=ROm7`9`f8&=|iR`v`yXP1kG3*1p}Ha2UQ_
z3(>VgnyO}-GUiL%H};Xyl^UX=xiza6#Rp(-sm&(p6RqnudTKzk1c6cy3mg4NZ7e$V
zk`04sTxiSD-JR?D{L|05dOX+j$axaf7{*NmztF8>u~tY}ZSY);cWFIp_yL}RI%4Qd
zl+e5i#Hqu%weVj@SQYTD@N<o!%jca@MwgXhKMYbFJU6jRe7n0*nE4isgwxfxp-f|B
z=j>YZ_nfm>i~{<~i}56Mi{8Wc-TfdEeCS%-8~N#z;fqg1lp6WzO~Owv3qQR}_~~Wz
zmxf3-`ad&rg@-;<c<2-0-_L|kp8WJq;itDFf-wjGX9oSx85zQ7?-o9L8ykc}5<d6>
z;e9V+SK+V-f4K|)*X1>+HxEau@Ryr~zuYA}<ubb&M-sagN51f9yM#ZxguMrkwk-VF
zCG0~SGW#8lLgCw%;oFX5AH#DW`V7WtBE0*Fh&Anlw$ho0Jm07{9?-gk_disc;v}o|
zOYOH(Tovp0>E30CG8ln~1B#5)Je$>`j2qwa_@n<Lqzw2d$N3n<&eDe>BFgl?RB+xr
z;QS)sv5x-lQSoUK-(~uh@e_~O1&W@e&jj&JUrG2&6j$NpjR;BlEeMW66bpV)q_1|+
zIE|=FjRNBVedy3eLEjXsO9%BEx=Z8C(~mklt3!Kb(Y}#jzo8R~1f~BYHc>=w(0y$r
zbT)~;fVmXRV=qvu4bPH6nG~a$3TjLT9cBP)S)jWdP#eXEctK->L0wmYs;&VoEdmwY
z2->+-P|dr7Ug-ZL`4Cj{dlCC!W4l00;s38}Z}I=i4ix{d?07*P^#95dm2l9Bsato9
z|6{gKm;c9Xs7>m@EP9YcALiN1reDK63$C3rofYH%?OninFJ3lt5vyLlV##t5r%Um-
z1d-MTP6c%I&9SDEff*05))&-i!7~YzHyKap`4auk&Fnt?>;QX9Z-@RDUMiyk3aVuX
zmN~GiwL2c?9QdT~@i9yE2`kYD^%GI*Cbk0q%M0PoCFYFQCACVci+VGQZ#wJxNmf)H
z;$Ih{4-Q($)oXVw<HMQ`mEoWk;tKS?_a=(}ZFoE)XeIp5x-_QII3w=25Rp0bN7yYw
zWYL9aLpIs@U4YeO_L)eN-=+OZ$JlIX6RySd(J#=p2~$Jk5uagA!-s+<lg>z%kt(7k
z;%1wAdKjY0@iEn!*W<?{a7h@aKZ*dS&u;`i=-R}H<M%>26IMYI=((Lw<TpsKOTYEl
zJZYXRPoAgHQ|zhq)O)V-94aU*I(tR}MbR4duzkEyFUvf3PlhK)FIyKZ%iG%#8TbcC
z#HH;QtE}xWAN};BqaVHW(Tg7)`RJLCl#dR4wBe%*et-1+KbtlBAn3aF;h;TjF!&{U
zrSXM-@X%zoSmWYt35iL`DRzf5HO-ao&dAKl&dJTo_Y@R*dlVIy^epXF*1No-vQJgD
zuWwDi+6(IH`wwUsIB4*Yp~LW>a$huZ)aWr|FCKTv_z8^@n=YMn+2koxFQ0bBl~-Lo
zeFocf+m<`-x&Oia5C8DdM-Ci3^!O8p{XbFyEl)l9<7b|J{>Te2vgNa8&->k~hn6n*
z<I4GL^8@TU#^&B2fLyqSJ@(wKGZ)jvqMLtz&HC@%cl6ccCqDS?yYD^AUU`lE;p0y}
z`<&hQ{)cSi)(v;we%JQ9x9$8syLZpt-R$+BEJGzDO;*hFZVYx4at^k$oopX_1TkGt
zgT{{VIB|X$@!d}$p6eC%I(w7-9GM1tk)5y$xd!Xl3v4mli2MXU8*X+m{Pgy-)G_|C
z<0tz^Uq8jqyn{0Qma@qWQ^dVBQ#`-%^VEurazF3wdEcK{R_>R2k7=BIp?69_xnJ&m
zZHC7`c>Lr7|KKU*ep7F%THr0Xaq@@R$EIYX+~l_GzfQ^a7WmC&ll>#EpCTSinS%Dr
zy_2R*E%#e`D~0?v^zONB+O%vxLo?RiN)K^saPU@KZ>PgkS6S|l@9kMboxF<nJ$|`p
zl-J`o6_56_@sqdA+A`fkCl_QF6imt9BCZ;>E9%guL1)jl7od}b-kx8H;UxC<RQj!D
z(<Xa77kNiapXZtEnK?sig32XP&*<8-#dFb?5!1a}JX^e?JFlNLPWBH*NsN!W^$(s!
z7pRjgdTKbHQBaWWIlcvGK&4TD?NS{!z=vWfy}h2}dgorx<S`So3;cY_<SiJ`DDM`p
zXUnK9-suDh4Tru79y?8g6Vu?J0nmvvY5)M#JHk7C-qqnFp{l99F^Daj2yLThdbe2p
zp7E0hWWR(bX}z1-U_N;0P(J2qJA|G1roxv3a?h5=$=(@&-a9lKKioSMm>=9YIRJhz
z?3$qg?&0|Hd#>?k&dL#xqD5D4KkfoA_#$-$A8-cnM2Yf0q?zVRv3~JCttp&U4hUFH
zMSrbUEau-12*?snnIh9|Gu;kYEyZUC1UTLIISL#_1&)H@l1J^q?^EZRFFpPEaKS?*
zHn;sVz7aey0aAW43qWBiYmrSX#Z(qZlvo+}+bjL-xME3ZrN8DB3yUjLlI^YjWP5X7
za#C`cl9<`*PpnjuGFue~$FmfNQ;C=B>X?!!JDmRHx;|C4ef#;U(_Lv6Z((t&Pxj7j
z9MI6%*f5~c`*zwREBiM#_8-vHWFC1|C{_|%Ezgsl0!%d4!B~}m!*B8tSaGH@zonY{
z<0}2~@fInIO~MVyu2^|li$z>1@qoc90S0aY41KDoKaRiEKg-|B8{f>k)4aazGbyv}
zGs3O}jfI&kW{M`w=NGX+7RDcNrDytlK0m8$PIG5u_i+0ZZfR|n967l?+|_<lWwUJ0
z%ct9BYiqM5-j+nSt(AeeghbTieo$xDaV0aW)t@OqQ{u8(1J*cOS@U44DZb1fXIIhz
zr3-gm>2%kXin}hml7PF3S*=O|FZ1`ydUnwA|9P0X%51?Cf0n&j%Ce@GHOu1LLf`15
zIX*KEC+YTPTY3UcT=wQ9S0akp#kWIzr_nc+af>pjl_6@O&1|Ec9HX6FD$|^2l+365
z@?g6p({Sw$!V8Iqil~o&a2BDw#+T~FpHD8ppU>qLf8Nvr*_&EhkXn%c{rd0SSGup1
z_s7@f-F2Jyl<g~1U&B`m?_aOJ%ExWxPv6CB)i>zxE_LKqHNeNwAMQh(`P8HG7nb{w
z&2v8s^u&z$%Y2G#Z4LC437b880h{TS{)|c`C9c))tPZ4P(ESv9Jm|T+(w}%-$xd(e
zXWNxtKy*sAQVM!@RQpTqiUl)J<Ze|e@SB|o^5u2@UJk#l&R^<mj+Zkq?R9>O!|$o{
z7daJII+1xg$h?K|#Oxw^nBnldK=Olly05xlP2b{@3SQH<U#-LE$m4EnvA59TO2b*6
z3CqFi@H&cpi|_vVEsw4~{Hs^re0cvgdqyr??_aQ`@|K&%T)T95`Kv$Le`ePW+it#o
z=AwQ>0{3luIhB{Gzp{-TwsQ5XD+i3bu-M&eMC0nQ54@AB{+bsj5KWuewDy-RgUo&r
z`<;te=f3QFEKmeIDZP_g{k}@206+1SiXA`hN<~g;<^GyVKR>P{01*jx#fi~daB8tD
zc{nY>X^CCn#A|O=`r(!{!9n=Q!iuO<DoPyAC$l{TJ&JO0$rN92hci&<&8w@cQ{2!f
z0*qU5-lxiG5Ap#yEl=`Q*YvHBfRR-0j^};*dD86`PjPM7lWEUw-|^gYJGQ&*-r<#x
zq<Dw-nL4&gZdreJEdTp+y!h#-)%Tw}5PbHCypq?y@ciCA&-1BeqlOfJP&R64@l9tQ
zHs3$#^c=o!&+|vrSD$}=FWvoZ*~lTlh|C^o|IEDJyc>I$5@hf#WdW$#SW-TvFs?Na
z56+`hS%4m&;DY&}ntZ#zr{}msv7`Y%l}b<i<ZHM|Olwv80yh;sfsS}Nr?ALD1d-_Q
z_W)7~b3jcQb^a>HQ_Pa+&MGRyL#!3hhM*9^Ad@94?^o-#Sl!kVOF<!U0V=BH$vibJ
z-8~S5R9t9z<gTrAu73H6N8T>K^vc0}?u1_cQ49aL=_dj8i?`Ze+PkjhE_L>t8RNz^
zT{~~q;Te4P%`Z)zxogJl&B~@hi>Hk!RuBE~N#8#nKC$@amw(l=<dz-$wqe_(U8AnQ
zWbo>XCtZCF=!X;k<s$_DE!4QL&U!g`Ux@E2W?rWASK_V2R#CT6Jt2*-9EHxD%D6vQ
zpv{2=1v;X_eFw_51EpGbGRWU47DP$0T-;dhyK&e=SvE^62R2Tu%<VaO`nZ*M*WQ^M
zFCE)*`q2+(U2ig5<;H2ZH6QwD-9EML<3raq{$lzWo_(o+*XT1#^qF1hHy>A==rc$3
z=^iLKL1%JFZMr)>6;dc!wpy%><EBsUnOixraiG?bfFRy<;<`g0b9vvoj}A58HjVmF
z|9I);8VE^3l`fTjFHbeMVwb{FYt6DxE^?dQ)&yQsTUyJ#`OoBYZ=L#+ckcPYzI%Rc
zT616xAEG|L?%?phF661|U+4c#z`K^0$ZJg{khzUeC80+_z{stBb2SzUF)C(@FAH!+
zr(7nUm00Pw9rsJsO1z`hZ>kQ&+vr)m6~%1vbZTSqWlEBU;+g{RngUk=c*|N|dI<dD
zokP;(-Q1@h+pYeBlgR}0G)_Il*K-s0U?l`Yi^asOCUliVGpxiz+$V#S<H6b#o+t!q
zHZKMv6J%<Y$2HcI3@_S@W}3=JlL#L&LH&u=_G+n0dO>;{tE-UOR(O0X{So;n43b(-
zAwh1?PfdYqwKPns+P9D3nhkw~;7UN2W`s5prkMzYgp?9};NeQfY(v2?lnXKD6YXVk
zqh$r)8pixG7+$5IXa-Fpg+@;hLGJpCvp7_#iZ__T<cc@A!X-MFc*PrdDsc!o4qA3|
zH$TBY*r%2pwt9=c`hdnRv8C;wL7!NR9c~&dN&%#vLZp)v0-uco3S5HE#)FZ>+m#fc
z*qq)fw1Jd(a8$_}CkqzpgzNzcn02=4^f(=M$s^mHzG^!27D`M1#DDtPXX*uow{BR!
z0sn606Quy3r{1GJrar3PBfX}+tA5SncnL4!aq8EETkL(MozQhG%*z5WTa*b5SS$Ue
z<BFWzs>A^t*(8J>tyS&=37JRo1CKnfzHDmZmeY@zw!eaQ5MwTH!x#%`gmxNX63Dl(
z(w|?cNHPZLt@P&{SIq9#K#rNnGY66vyOT1eKzDHZ9d-UfhhomDtMlhO{fxMvMpwyZ
zYk{?(W?(!R9mImwci^jMKXDgbJbv@KS<>9}vnMW{xn_7%uPRr%<)&FpYloZm{o*$d
z*Up`O-JG2pX6@ZM<=XFEJafRfe!~V7&RaENyqNR+_Rr+4fVBu~EzpBtl>w`*Qc1A3
z(qv#>GH70kEB%(^N&)62g}8e*&{0AF+pq$#EDK1Mxq4tVq+|nZr^BBfF67I2ttRaW
z>JnYZS@XCn&E)muFI#=!mV58mI6HmB{H-_5nXqBRjKl98d2jow+n#7=zgFA#&D(tU
zjo(|ceeLqAm(~wi`q0nrUh{+8q=WbV_^-fqBlJ@f;7>+|Qvim>GGZ7upJD<{#Z_Y#
z3BM)_afy^lf6{Sq5e0(CZ><g_CDOAbum*o3G#irVm4QSH-An|BQS3B66BF}|DX0NG
zLtk@1U&FjN^4)vXJNZWY{y^X<-ndELIrQwae5tzaUiB~sP()8P!0jWTrz~Vt1u_lX
zLa|7NE*76k9mOZ2cRO|mR^S+%8LF2ftu^2fpgEH9(4i?^=^DRQ93Xs!CjiG5N3$HC
znn@xw-RVz(2qkWWxq#AD=TCKjjKb6`Z=u!e0P#39<TGz!&GH)`y>;iN<yX$UNBUEC
z+n?uL=YK~%{m#jqi`MVIcju-`DX>FbP}BOxF;&&pt^6hMoCQjm$pYy#nmpjxTd5@D
z2a5#b0@4MgfcJnv{E5}1Lqb_sQZ;f>3bL_?P08`;1a+!Iu|n@*iZ_qoP6ZpSQ%qRq
zev1(NPJk*jLdlA=Jjs=YbzLFV=5eAWJ4k8i>c8xJVC|@@uG{fM+%0cjylGy;nP+co
zneThSvToDLwI5EsPg?&GpYUAMn*QpazG$hv_Tan^)PGEW@{5t5{HA3WFPcSbwf&?#
zUaWbKzUGM`(;~H2(t>B$O9CR9AOa@_yYR`mDm%pgYI^zpt!MJ<OuI4HGIYw%Oo_lx
z26#s`^7Aze<p4E(DwX(<ij?W5U5~#9Eh01M&|InXzz;S;<-k)iPV?wdD!3l$O66Em
zPsPjW**OKIEHR}I)TAewIXShU7p?&m^drcffxro2$YO=!VDc9BfM(?B*SEM*=tg-`
zJ{Q^%a5inrhTq)y%z{hqUO95vO72llz5Oe-?X|l(yZ6?|`p%wFUNCavQ12BJRxO@?
z6Q8&CQ2qShEZ#q^_r%+pX73nq-PuFGeed9sH5=Z&u|Bo>Udh*Y>;=WHq?+q5o4#xb
z(Yypa{8~N+Jh;LAE@R*zN;VjYN2d)iKF~%6Xd^>t(f-_O#fqVV_bC~`Gj_*<d$c%A
zu51qxiPh=P!>~OdoPd=%1;2-ugyA}&shF%KJy>lr$G%xp1^W?SoVMz<8{Yl2Xu`6C
zM>mvlCoi&9?wh&)#EYxv{$R0b)vY&dkPqJe_O<G#U)}lpz{Z8+i?@#B2_KHS{O_-B
zyZhj$KiMb7A>^!liX~tqz6eQ+F}0)!3joI!3gZEt)7~E&DPac41kprp=^bI)`=I2F
zmcVj(|A`a(512Sn!=unY(0?K*s+?iF)?(ND%p?uOp9EzGeWq3`S-@RqdPo9x4MEF7
zP$yYz^c|_3n2rP?fS$ol%DYT+$^K59FP>XxOMf5UHbdGwTpIlnzw!a~L-oDyYp|~6
z+vRogvseXI@CTvMK!!k>G1EGV1N{q>i1mXtv{shRs<Onl@7>Gq*t3V)i0m((*K!x1
zE$wZaF<kn4n;i;I3HLsrKJ=3M5Yboz`08TpN%G;rS-=9N;6*K7%_bw!jwDxZZO$*1
z;=uEJSNa{t6?<}Pv)$o=F{T(ev)cvEtl+4$=IjnqEONc2AU7qe7)0nMg-*%$63J!R
ziJRs+f?}9fS+Y5od$H)uLJnK827^d$c%tpf`>yhp4!LCfkkV&+4!Zc_K|L2=y?@n|
z37Sb~g6Zv_^_#kE;Lv#&_V3q!Qom`lM=T!Izq;>5<xSIeoVDq;9u2SC)UnoG7-s|Y
zh@C88p|SM>X6q}JzW8xe(mt#R%WFure?+B{Zw9tUiWOFg6;^2{1z#BmmNL+;48v(5
zwBtfM$!#SO40#lOhYbWfvE=vaTQ3AjA<1oji8J8nSBr5o#nBhcuV0-qqR8R=aU#n}
zFR2_jjMino!(X6r>4Ch5ui7NgBKUKOSdKNMin$%MKXcewL7~Y4ygAcN*si%zz|%wG
zV(;cC_IkEW`r#+MX#XQT=dJA{s;}NNt6}<p9&shx7eD;ssh>Xjz=b2;Q-7d7b5Q;K
z`MK9T%d`Bi{G{*lpRH5BP^X@h_RYBJz6*zsQ~$|NKFA9`fBcF`JKy?Z-7W7wc6G^+
z3yY_$IQ15nxT~@4uWRS>V^C<XUimBacaI%Z|8Q*Ci0wUle!?H+rd<#E`RP0j=kV^C
zHe+u`-n=o`-H}Ei`(P*pjalLtPr}Zhs5(L588qa#+7%NpDZ{>(h+mVH$ce|r14|Gd
zaloGqi1KkC_sRt_j68|_wNw0+WAoZt=iSer`M|vX^cp@x-3u$`#{`2+|M#3}9bibo
zF0llLQvroyms<mZyi4TPmfRdB0hC-4xIG0ZcBp2#)kNH6JA<{+Um#=*sJs+63P`bx
z14KD=k|anvj;7jgCg>am9$|3FlU??L5?}Q|iA)b=yhf;Pbasr7<B2?X*W%&xX7p=&
z`{>c8>u33@r!E@y`8zl5>3#Wi6Ze_d`&(8&oRQdT>@Abj#k<pd*Nho?ZU5|huU|NL
zQXlMgh3?-d*6oEX0EZY%e74qrnaDaJzO^|%*Gx+m)<MV!JJ1Qufhn$Bz?)U)k9P!^
zJrhK!m|<JNP)PPUNf4w9B_SE~MJAJhTq7{H^oo7IUUl=2E}wtPT}`(wZs@;Y%cTQX
zT<DuI_?H{huhi$HqlbBB^Hsw}t+{r<EuTDa@9#GZF6mXgX82UTj(7~s0ohockmnb$
zfRmt2HD<s|6wpJ!2|?{o)fkEmAQutH-c$f6Cf!j`oo6O~;U%2Pz^R!qS<<-mo)z;h
zD(y9L&azFnTzJ>skt<hD@a0sD7&HB{n!C*FQ+f?uxb3H_Z+PRbr59B=cV&&a;b)s>
z?prdkPcB{{%Lz95J;0U#f1pMi@qmm-R55`z%o>>r=8K&%kV)Gq+7=6CI6fhs6i-Qf
zV~ebB4?zOZ4ryOp;5sIqb+>)UKTwOL(dPBL)xNvcTvBuNzMn<k@xt;9tc3cFgP#;M
z8Ar&m#ppNGBkZ^kk)a-sNq<dm`wKs&`lz@3``dPizG$zw74+g^%UA&G6Z8__s<FYO
z_|}%ptUL?)%LKQ#<ynYy3Pi6?(7w~IxIy(f>8$~G4k_C1ER3`ex7<#!^&|@!-~2fa
z#THL&&IS!sA?-r3Bw_C21#u0O1#MM8y8v+!KdW_kO9~v80uNg{blI-J)wdm;zI@Eq
zE5_fk;=-dZ?p|`*&ENiw`nCFB>RZy$+rN1H#{Of+uWaZyXx*nf)f4Jphw=k^+9s{x
z*XwvR?H6-6Nar$Ejm!AWu;kkWCS|e-Xfv3A8I-EY_6VI6b1AeY&7grD2^<)-7cFoc
zdqrwIdbI5@j7<S)-03ya&bE2MdE?vBpNv=wK{I0B^!>deLkFWj&16L_9($Gel2+HI
ze#X%x=q&>}GRRCo1v7{RRWu;T_=Z|(Fwog<oBB%ithJZl-f#PM(^F@LF4(u|BJzHR
z)|3qD!44buVCxT#+8`Q&!ypi!1H0^a?mhNOf|T)L+n=R|zY$o{m(upO)otW8r?v2F
zz-BharN{}|THx5u5%E)d@P7z`Ba#D-hP%z{&y*abc~}dBFwwIeQ3D!879AoJJQWbJ
z#ET$8!B^3UVu9R*^_RR44Nv{eM&1X%sUq1gzogi5zV;`)!~(J{0akzBEStnh1(`z>
z1ceA&xz*v9uyrG@tM4q5i2bG(#A9#il_lsoJS~B*UBNB9lxOky>yA`;Wc3$MsV`(#
z0%+AFVfbtKrl-&R!Ibx<`f%I!;QX2nVjRhMW0y9LczqmJj00O=jDvO;$=Y@@9=2HQ
zZxy^6&FN2|&7>mPup;7VtD`{%M3PM!#K4Osn%n~JbUBWx(lATfQ|j5aSF!=m_!^$D
zNCr%%!|JPlX<H@c8SB=ZiFIp(jc0_WJ1fapxiWDmClNIa3xFp93l$Via9F@QNp9J}
z+XHdr9s?B4WLlNjB7)UJhww0H5+0U{mFRKU3t-~m7x5%+=fl<K+CEXA`}r@Q;v3b~
z&m5Cp;Fs}D>aFU->H+m;eiOf3{XqRfs+an!tp**=1g;Vh<uO!W4MMV}$F;U3Bnioy
zKwQi%z)Zy2OR6Rt0h|kp8IWdxoRoCp6k)<M8A37>;s~PCUf?~(mvJ-qH12%mhUSA4
zS6yADK8hvu{`=QA&#!4aE$z!5dc$N6=NiGYw7uNi1bjIm?_q_p6Q@fDM;G|YB7A9f
z;#A-ZvIe~ie39!R1EMA%+c9;*?UDqnrIUb%Lng}+iMzC9ZpD5Y>?|e@Cv3U)%_rC1
z_`4(OKh+~KQ2E$byZWu&zYvicd}=s4^>t0WED89$JVbp#lqMz%l)}tspfm|6O|JGQ
zX|5C<rHT_6RTAPb6f?P$n34=*2PC~e-4TvxixrE+OQ<IQ5y{hKJf7RXzl*Q=Ts{23
zYxnQodl<NW<Mn%<sc73IO=>$Rom_MK`W3)6?e{-3*?{X}yqQk(`GCs?Qiw7kT$)ph
zQb>@L2un-`v^(rm$>&v=(W>+$d=o_Qd08A!%C;0&u5f7;Iu&Os5o{_9Fy!gVC?plx
z<?uT}x>24kLthEGxnKhGE#3924Uga4{O%iHAHCzvD;M2$c=5KX4YyppV8w_E^~*o2
zAM9Oo&#gDkSynsr>AesCe0<aDwR5KroG`K^qikf;+HptzM0CW3uQnO;V8vSz1K7Cf
zvYFXh{j%m1h6xY$)PPwSxy%sA0gEs|S~#R*aF+%>!0X7D|CXk%I%@jxkw?yWO&?PG
zPXl*5(7qk-)(pVFkHrA}jr0zGe2`g!-TGxArW6P*;VO#*THxm<n<?0cy#Vt@vH~_J
z_ViI+df$#$)zhsf+ZlgNe&OtR_34LyDErS2JpuEqS&WNx^4aLuf}M~yE)X55<z%EG
zM#8Z$xLuJkK_>Jm?6e%TWESQnW<mE7F%gIoXyJ)(^BMe_SJi=U69Y5(A?Ae5)-o4;
zB;rk(0d!afE|dUoweYTkms_lGXbbZ{^@r^h`Xj=yrV390350<gz8otAf((HmK_FPa
zHbWvj`|`GboD%orE0hFVoZt3RGIqvzW_sz_fuH;nQJrNr#bl0yJJD}`$&3w!Kkg-&
z1thbL1j&yj84nSEWcZRHP|!8Tl&JadAtHGy#sxX)d+}3l{{?sdC7^zCT0N_t{wE1K
z(|hy>9=-R>44OwMk*1LtYXVk5Pzuv(h3-M3UC4ArB72MpoCPufcoYB7hm9Xl*L=ux
zdH&n#I)3<f>T~K-(%+>WZC^;vwv}xbX=&Rwy^m?=BMwolFx&v2!8wbEM+dqCHYPS8
z5Kdm29rzNo6Jwe{g0>TUGN1f2wf;5eGb5yD&+cyfSRz#d?KeQ~WB#B?RA^&Rte{0w
zP88V&K0_94;?j6)CM{Sf#`q<>qOXP*kRh+Y+918$wpkucExUJ{hV9>b=H*93+Z)@R
zQn_Ul)=`bHW<ZlBYlg52BC-Ph5NisvQDjB6Voq%(e+^w(V3HAfh8rrh7k1)}{J^PG
zUszY{{rWX%&zyY|{|eXqEAXkn*P{7X;A;u@ucX#;>xq5*gNH2Ri@y4>1ntiT+{ps&
zfsD+T3~<Y^ypbpa+}7h@11%OESi8bgLB%lZ+l>LBtUdr}lW>z2%szDrvpu=d(tqz)
zw`+KBG}W4z<!Q}Ff<9>(w!j}HoMRCtQxc6tnxL6RzWxAT|AzW^^-EK&w61L}|4{X6
z?RnJ?O_uhx&`aIqb5a<5VfYiiFijhEV^89hKRuhf?jf3YbGB4!nTzrsDo<S}kzWp;
zSItiqAM%{lnyn2@{JuK#&-S#=1o^>6EC16(Z|v<s+8)KS_+36F-_q(&gF66&q0LK+
z?9EETzCyVDiv)kk&A{GTSh7j=c0dO#2Ic0`0<n=PzQ7TPOUfb{3?j<_Eqn7JmK`hu
zx6mXNgBi)6<bbLLr1b6ApIp^2$!o3<SV>4Omso@u6Wfd$uV>m<pFXl^`3;X(zH#Wq
zBjx2~O>;69zVqNSZ#?_(<y+Nvc=@5H$1l64Zu978pHNeW4sxuIAA9jb&3j%s@IM&m
zQSj-Z;Qz_6#!b`p8-zYU_kz#fOv4l|9k?67%TmD0K*toalwwz07*`x*9a)Z2pnj31
zzy(V+MhSh4))H=HI4~$pH>@Rpg6456v8HO4c`>r1N3MVFnfLy9^s(zx-Mwxeanqga
zS8bnfZgsc$_rdY@-|b9&^RAUVdFUlSd*`<=AJAxF1?Fcb<|hqr!waMmz}V&mWPM%?
z-(Uj3gQ^H$8Ev!SD~oe9BY?tAB3ITlGN&*;X~85UZV)lxEnLy|{)@L?F>m$yySZz~
zwGEfw{qzSsS&HNJD^@rC;^*p;UKQ(B5*!j+3;bDtKRcqHX0QO*Wtk@KQh`4cfs;w9
zOpd^x1GE7j4R)Kv0OEj6gfH2EO>m%GV9^cpqGC$M^xJ6qnUV>x6-H!Za)f(29B%9`
zVHzuxQteP}YGD~Gw5*-=%DNxkeB=>l&Au5gpZM8-Pg-5S`1YH&NbVnUzGI_Q<38=)
zIdK~A!%gapOD0J6t#1Q<!sC|$kJ*SY*K8Mwq)!s)S<rD^@lF{O?jpB@Hi~$tI<9K+
zxsn!6yBvZ&9nP45oJdx8Xgq<q6f%Y)ZVg*#znx4na69>3PQ}7B9i6<dt~6_bpaX$)
zDYZaQ`id`qe&SE2wo8(B-E_(Niy99d`}pin`RQA3{#>#nu6eNfr!y7R&5!o3UUC~u
zy_1vnJxcsC4LrUS^Wb98(s2QO1|#sN_#i7pKvF`bVxgHpFjJcF|HID&y^<z_f&Bx@
zc%c>xV^NJyxaYMPqg?QRa^t1F9N2g3E&Z>!`m#~n>iY7C{K)ouZa-MNrF6{ro!ie&
zl_3x$#8Ztmm74s}dWIs>HQ**R4mP(2@(G&0FmnSMNX>Gv+mcG9KZOeoBZ!m>pbIgw
z!f{w$FR=T|=sd-Vl~$>g;pYOoG7xC)fnq)E{wjJZ2&hu2!VC<@qYKgmjVlAo9L~WA
zK{mTHODg*IA56sF!{INa*)S75Re{r#l;bR=43pL0p*TwMJJ<>D5`Ntd#ZyRg<n|%B
z%21pO;W*NRYhb1oaVHk97KT^?^|U{ym_#^}Dk!{0R02i%4p!W{;<3Az%{jPv>&h#q
zoNUR;7}9Uljl&1l&VJ{G-@PzmSk2Z$`;V#ZUmrf!^ySJ0i?08C-in1oMwd>!bj&3y
zCNCLRy?yQvf5Xk@f~=f_1(!be@LR5uhAEHTy7#fscgRmJ`rf(~f8R)Re-v~7mH8}k
zDfAs0R7{O`!QIH=mL}c>PE1x2EI-mD;(;^Tq1mwF#Qs`rZpm}!a|k|_?!t^yh>+EB
z^vEqQ?s)Y1DUYnLH-F}8d*rZk|Jl>h$>mo}zr0QG020{yEe(v~K8NWVAxQ{wbIK+_
z5G(EzR&^o-uv8K1nS#xN7V0UOe$YoiTJY{s_5DYW?q5Hu<cRsm1*1k?P&;zu>D8v%
zGj9kU)c%D!jz5I{laN0G|C5EfMl70xy3P_2JfM_jyEz$7jWk4~WMklQL<tTzmS~?U
z8P-NpvSE-3cTYG646AoP-}8#)SFSJsP*3DkT)ga3lXNy=>7Heyds!Fh;0Qcm9!!~7
zgJiRThZOgO&4#2%&|rh%8U~wM-C%R{NFu-U*XlC<+$UiAr<pX4x2oPYEGNt@_7PGg
z+Dw8R4hX>{OzO#EPASj=aUV>vkeQb(akZE|;VU36Ui|d)`8|5(RgJlH&XRY`Y3|eS
z_3o9pzUW4sW-MOty*xHw*9nu;p}`Z=5TrwK0bqY{)NzDj5CP?(GYN61d78N}9rKs2
zg`Fhhi3d2%L#QlFB1$^RK5Ru(w4G@d$$lAIRbe1;LkOmeFF|2gB^0^XSNtCRf#Zf3
zueme-)|WQ!d;a?q77fDJk_J=lo~LGCakTmSM0LNMHlt0#&lS^Q(lTft<46tKa%}o2
zhzuxbll#*I{Nz_B_+b^m3@A2Sk_1oHfc7VlfMH4s!LF?X9}IOwhhiZZ@YOvw=iVPa
zKdEWbt@Wnb2Pe(=(F6KgxPssj@&sDnc&r5{;;co~5jp)edEy{wQUx@L5QVUkP}GhE
zLOKn<VhPB?#_Awzjv*-+X$`akgs>xHj%NkupL}|@oqha=wl}2;^)KpYQZ|xE`l)ZL
zXWJ3zN)m1+-^(8WJV(KghXS4y*du3YYg2KO1)L^Ypa_N>xFNY8zEWMqu~!R3LB%1k
z;sGA{O;dD4r6FEXIQ{VIUy7xm0G4Ems}Rc<tJk3+4lu*VRg#I|RX_~|?&uFv`agQb
zFJAueXHU+abRW0<^WMekSo2@DH%=xkM^%5i8o?6}t>?S>9#V3EOLeS#7O<0Uu~6Sd
zlUiXV*bUtROvVt*x_SZr=1<4|0t5;fZN-#B*Cr87%uZ7;U|OWfPNo0~TV0r%As!G1
z5&;#pK1YcoTFqDiHRJIO$qzl>Z_m{)AAj@Iq#NrOZ&{<O8F#Nb?Mj!*$4`d)%p6oR
zbUKy9JPgpa%+L%ZBnEjTu|p84#u7DzLpqBE1j5i35K*NjnZcWXklO2>YwD`J{d&&4
zsnAsW!K&4X&m`^G({>;Fg#AWdfj$dKvne1Q5n*G26j~Q)M2UznKn#r=>Wo|4pyy(r
zN#O-<V#YQuG?^#m_>{D)0urLR(9@j=Spw$d0$`5S`O_TDJkd#!yZ#hXFk_f-G*Dg8
z+bM>Lu<5(@mdCHX`Pw~)cKz<rpZ}n7)3#~zXRdE)zUj!a|6Z|j;bj*!HI<g%zhdoy
z)oW&q9Wr!uVfpS&3+_YG0<Cu^_~EDKq0o2W3lP>n($<8oW7c#XD>xQxrm0$xBZvUo
z5TOGnlCckz${bM4F~?AHYGLDsVv`O>EAh)3hx7R((4|fe*fQp#g&Vfq4;AO1ZuP&n
zx2>6Yapk(v58f-?4j90b<v*HgvBH~lX(s@IdZhtE1|DsdgFy!kJUE2`7a{p1_Gn=V
zQx8-_1oe_Fl9TC007kNilnnf8S}qv*xXF8#9{EAaz<tZ^e2`bkmbR3IS3WCCXWlq4
z^NJ?`6X|~+0H!dz59YZOyAP)M9Cn|yV?3K@{6xL`52o6)OXY14wVX24%{$OXN4pQY
z>ZaXi=|8@TY4@4`<^3J(K5@F;=ZXJH_^x)JZ0^H9xgddiOOG6V=hr`bwFUdC=U+LE
z;f<AB=<m!M^47D<iN>&rkxyWpkv1PfXBRdfG!LT^*?d;1fe%0V^c}T@uly9=)Blp{
zxT>z;x2p+lFYq_iT0zHY;B7Qt4vKq3pEOm%5JSOjn#RT<BEl?nq^?nXm9~wR9SFvt
zmB>i+hb(poNG?HKv^VVyUcj?oQSZwex8lG;*M!9v_sJZD!8Xc=&m6sc%ZibSJCe)C
zOuCT9>%(}50+ulQ5Z07nu)?j@4f~K!s%lfE_u7t0_3o{5!h_q+p4uzM=~G*!T8ke%
zXb!{vNklklQDdYX#?ffOhVqZoD$RhAC9yh?kxx#@j2r~?Au2In<XhyE(N#n~!CK%?
zrEw$5Npa_cM{x&kz#F5Olf>4lhHRz?GjSn30!p21MZ5(qC>Jg8zQw-rgAcqlcWQD*
zX_=?Cf6u9N-#RczTC;o9B>t0!@7z9ktm^JPtlaBLNG+K%QcWK_=<YlB^VcVhV4RO^
zujF5fm|r*I(S;R7ksa^`;!m@`n6YH}$b)ZNM|}0H#;>Mf{8t;}FNDno`=9JeB@6o>
zgo`4$QH&o!O4y3!WBlnDvB*5h&xXZW7O0R5feJ)S(fISpHW!ca<0bkKW;FgR2W{P)
z2na(oBepGK_y~-zfL06pLJg@fV)%p(i+9@G%Ts$-mG-PIOS^pTTaOJIKVjfwZ*3ej
zmjAhSOrPxJ<lL&UwY+ug;O%!ltkz8$wR^-QwSNDdL?<JW&b&`{!gEo@5ZtX;<64`Y
z)+8ixNi+_q+``!-ToVki;I>Y#;I>fvDC9u1FHoiiTr4AJHP_4>cu`JeL++ZZS}vH~
zFg(j!m*<kkzFtyM(zkl(vpp+&7WXV7U0|*{gKrcuW-0KKfp+xFvgpl4vPddRf=vMc
z!cfzkmy`&#KLwsBkx@o&6OmCyLY`DnEt3qZH+AmBh5-{0dNi@r^+>ur8);+%5Mp$u
zR=)4-TtUk#)Ys&l=2g%}uG3;v{pmgtYLaOuip|WR8Kb3a@xe6%oiBlI%Sh8QG?Zj4
zX?PW3eD`M{0uHhOiVCSF7BYM#z+}J>&4C$CtAj!sVDWI32uqC~!a*WI3*oRJ_Cz34
z<o!r1e)Y^l>z9UEY?iOv|I9BX=Sg0j#Vggf9ajboH`CJ86TCE&d&HO;vGz|Q1~DK1
z2bI{dP(+xYSCd0H!>3r0){|aMK2cCBB&`TJF&)RkRI(t@T-AXr6Adzp#%{`@Qxk%O
zwJ>4|N>Q>X2s{_#aw3^eWbpZF2J!~Pgc&x53aA7Y7#Umz6q8wCZJaxJ)26q6{PCS@
z`YalI%_4qKom4YYy34(@_}aC9Tm6T}esl1u`kLz&{%Q3;=3duxFKDAbYcUNn9mTv9
zAxSr2!xShz5H?KeZ6KK@1nFD(r12m!8?N{qtg{>~*cJiABE~BR_;2QBD>C%RMA;md
zn4U$axSN!c>cT04+%j;5Hx-BnJ)roQQ&Opn&8fseAqGKFbZKo#E$wdHwQehDOC;Yw
z3%0^4AY5>Tmj3%jkKDU-->loVEZDc?fw5yBSh8>7=35r;y>Hz=Z&~-{t-NU8qD>o?
z>|eV7!Xf*X?p?U`jwSam-92=~J}GYFjvX5}+<UK>H}XpiLM(1N>2~B_qD^*!PjOH>
zRyA#TtUkqs3v)F^d6WMK9@^yN#7D@Z2+o?6Ow*Nwuol0qI*^=1SIKF(vV#?4=90*!
zDZC9Xae@H~r;ra5MX@gkqNt(6XM3BE=i^>iSADMjk!P!ad`bP3=c=E!ny0qym!`GN
zU;E4&_3zxi<{1PKU@eF7Q7dx&g}oh-p%4IIq+}Q*eySPQiJ!_EPd#|>ZRyW#>85G)
zE!tt*+84_$=6T57>(B0DaQrHT;I4=^!_pU$Wq{byl*5&8CVLS=8~x>Wr3Pb5Csu3s
zXVL8<+%5u3hU(pbM|M~S0<s4tA>`#b2HWD2QgaJ?_Nl(0o+dlX8AwYYTQ#z<DB3EY
z7V48`dzPn~o-1)+FxXNE?n2~1q@ZW&X$mk=1$0eh5NW2Rk_s8&xNbcqtE9NZvhC7g
zv)|wU#?F!JcV0Gs`u&gJ^T49tDL>hM;i`R8uA9E+(j`qrKOVnq?ggcllQ#~yxJg<w
zdPBviTQ@zpXl2u=fg>jLt^eMN+vbkF>9&VwuWcMLXyjO5PR)qRCylzes4&ypR6O$H
zKCZ$E8vYv0{iPF@BFOzz^4`Gh;Y9AEi9Gn4-3C;|kCPW<IJs=ZzPZJo!W!T<z}6X-
z6Q^LIG@c&8vxecm>S4pGeSH3~D&O$ozAE$0GlvZ`{(;>fFa9g@3$RzEz)DifZbN(<
zTv08iBsLnE!o9@mO+o@DofOBDy4;c`o*}VN=>wAPi5=esG_@`EEM^C22sj~DQx1NL
z`33E^#EAz=9qwkp()Z)UG*fPm5?_s2$bF#a`+ar(o{p#D>=^~Dyc)M@#+*G6oe8U~
zL{Z@qk_WNVqF8WET)D*%gR=<*U2GbT9O6BHbeI=E{<!-7;UB5*9$NFgFYey{#rH1R
z{L;d^zxdwsFWotMQSI2_mo?3qHEC+&kZZTx_q4p~N4)2uL+ZOfI;_5T=nyYCeD^=M
zZTsili(bF0Y1^soKmK`X>CFD?H?3PgXvURq(Ok)RV*r!MpN!mM{2w}-wcJAD)qy1P
z<HcDJ<K@kPFUFthQ!>rurD>5%=thg2#HNzlr&O#44;H`2PQiDy;t;MwiK`0YMV!sH
z1j<S#s)vgvljz^>^b_avl1RdX609MZuXQ&K!p{YnhdF3GnTS*k`e#HCv)IYhcndea
z`P|A0Q)b;-{@^`)NP)Lx<mB|G!|Qe?%2HeNg@cz5oAI7pwEp(0@k7hj)~P4ehx?Q#
ztck0wU%jPm%-+3n<$xgz_mdv5l#Pddc_j8ZN!arQB;xM0-%5rlQIMn_fvx{6<+GQn
zf8nmBtBn)MwvInPPHj{h$MI)_r@%4dn|Oh|PWlw_QGJZaY^dhM7MYOY5Q&uC<bZB0
zR5X%wdbkvZ3Vw)a?Ss;YJ?cOXodvm%-#T~A#5VKKO!vX==KzQ71%2xv3uNo7q!bjN
zRN3N6V)ZyHt!ybvVz?J5EhA7%^T5H2tNm4#Ego^7`>VxTacXM?(S8VqY3Ze1l~wzD
ziHy^hLhS}(p2OCU52R7i3t`Vmu543JEr7$}FM(Uj=`RLhl$9cgBhHyo#E5RH$jDA4
zK^6+J+1HX#hy*D71Y#b>p=y%yZf}X#h4Y%eWqk8(U)*{3KW>|_<><nBFKwQ%^iNMT
zfA(4P6MuSd-|0~e_ibKN)v$PZo&4ptFSl;}$6X6vzN4}6j#uUf{`p_cEvNoRt(R&J
z^&js%`QCfnHwnrN;l05;Nm^+B6stzh8MGj0ko-5D<qS4Reaw@#ZWZ(;C(3rjyd;3S
z5P2({<Y^>RL0{yo&~omQz-jb=9N3qHA4q7u@${Ym*qBL~uviHx#3O|n(M|>ir$7bF
z>Pu&Q|FX@mzrOjh@AscOX6)=aJLSK<dH?8U^;bU{&98c8?wpsd1+7C|%Ii#%Fpd<w
z14+});8+*-uNE`>$XM+V`Q&nsNBWkCPC>#DmO69+h<b?9BuLbds7C^5n5d^@F0cTo
z#T4&Hetr-!Lf3?72PwBPBjt1NUTITA(kJ4Rr5)1C=C5E?9K;}UA@?W+PLT*lup~MW
zJY#PSI0Z~jMA4E7ktuPsSxqE2X)`lBGc>jf5lJ#pOV=}LbYfk)?9hh$?>oUaINIL3
zcH!L8j8Ow>F6m`nc>C@1Xa4lnwJT>YSUPN&ci@G+`e<`LPg*Cv0eE`Qn<o-Tbl4z6
za)~`4?F#;BQefQ#9o*Ci?eUNgm!y9d<_{ifn6$ir4JIucTu>e`IZ8`c(%`9vM@XdM
zry3$VEJH6cK@U?r?}~Br#!P7%KO(hqNaLu1S6$k;@_`NaUNvFr@*nL`q_dNn#tj=i
zc-ioVehp)%&R;$4;yJFkc~>pjsnc!u{q;x{Zs7MdspHIRTle@i9FVOy8~gYy$~tqA
zPM8GhfLmCY$KvQM6e4jBW?nK(Wmc1IiXt`17EWGlyd+NWd00VRq}K+Z%m`J-MGp{I
zj#x9SbM6$uTI8BZ)67(9;Q3NX4H@@J(sTLIBM&`1>qtMO=UL5F+b8d+_L8BuE$*q;
zq}I0jWBW6UE~@M;U3%S|d5^t^_4>3r()2Q9TN1LtC<R6&x5C3=Lo_z%H{RZY1%RLl
zQe<J#rBEU>R79QM_wC^;a?mcw>ZssP^W;BEj)Q+b`1z;u$FILHef9e+%l@yg&yr6k
z{$AjCHvfXJN6c^n@dnL5rRh3a?6CfB5<OBke1{lJMv~Tu#1oNx1YV;$`6*TaTi{fN
z5LiKJl*L27C)fbvkGI$aV>R-u<7f$LV@L+&ksZ(mD>S4EaSoZ>aiGCC&>*?N5n`H1
z995@0Z>`Tod=+%o(0A~ViVL2~SvBK|yB4idhtDhM*=y3td*Y^FIDG-}z>Qd+Rmd&3
zKw}W0UnIHEp|JbWmW+#ls3MAmwr=G4TlfCdJm}!rgVK`}`zJFP!jS8_9=0(0pZ=!n
zz9-=sCw(Io`bL~1fjr|-Jq#BM<yAlzqgOsqDl)lOD417C!1f4k0t9Ko3j`{1VsAmi
zO(lc8S#yZfD;vbfib-u?c8}e={5SmiU;g^pBX5(E(871VA)h$f`iGys^5;LE{rld%
zrc-UNNCOR>z#Y;F#1`BZt`pR1SyDyX&r+VIo?OD`sQ2?Lxl8@aQaats5A(z0)M4w?
z5#vIqw636gwO?(`g)FuJ8=3407RbQb60v+O2`L$f<0qXfffyiO4<h#bDGuy`Eg3ux
zCM>KuI3YFk(}II|r5%<VA_T7!aSQX7+lB3OhMVMf2ACz;;~jVodLmyX<xwl#3e06V
zS`giqltR+hE#d@~6rH6a=D;Mw04A2FnMg=D1XHycj;FLV<fh3!kPxzRUEUgP(z#O}
zy6Wsp(qL}c^!fYAw=Z0{+w>mMLCbY#DlIenfBgWTwMeS+smbrYd*f@b1@R&2`0zqX
zY5AL};J2Jqlq63&<u)WG;e|Ho1`2wFqkt?Pc8G^uVK>Q5hj@TK8aB>c$CDJrmqhz(
zBs3xl<VjP4UC#C5S~HZ#9$`#T5;@SR%bpN|Wxc)ay?OJm)dfq`nB`TsZ_(w<{AEK!
zaz<wJbXw>EExZ=*s|@rbT5!{va3;03l$Q5%gC44UN-5~UR~;xXrAaNXj7Qp?OwSZA
ziY3^@DbWnlPH8g}C6Y)*?*~Gus8(t~2z{ypHT|fe8XpLyUk#o1D+Qs{*p*5=udEbX
zoh))8^sH0*d7yw4mz0$gozyt|y@AAXsA~RRbzx$znS085Q;7sJ&|rP)($3j^X%~a6
zGyynqLP!8!zdI-ZxwQkeNjpg<jvBmNlZo>n6K88Ov29&U`a@2mI#ON?TOj2$!m12&
zDk8v15!MnLMJ6L;Tq+z}aP|_%OMtjbus7QiieU@%Ag>Wgwn%RjIgLbJ*z`l<Cm;c>
zIXzosH!`I(9ak(qgOdGVRYeA41NTvW5?opO-mgLm&lzoqN@RTa#&uePBOgHTr=mpC
zRY+y5?^`#qZ_|~-7mTQ{5~+;$%zCqC>M~QVZgA9i4#n|qwvI+zCH<f57i-!d%sAQ-
zv*5q_1SyG704-l3D!Y#I1Sq@iNo3dA67f<gPynZRY<h)OFux8#f7tSb<=8E~gzv6W
z7lmcoSq|;}VAh#aNVk*W_xU%#1jPoae_=3f=DQlz3k$+wTKvJ@hazAa4?NNTT;Bmt
zc-^RhC(Wr6g(q^V7<fuZp}08Ui42wG$_(PE$Y-_|nIqE?OL+Pk?i!E4Vbv1>+s7YY
zfiUndfH9IC8qR!xF9-CBTzA|hUynYIFn?+AL1{)1bZc|6Efe;17wlL$@MCKEeNixz
zsl$NTnVYA<tl6TJWHQx}u{a1jSR$D*V0S0&OxRkjks~R(^p46&BlGjBa+jAZ9nyE|
z$h^WTyqYAGZE0ECQdLz}S$El#s;cs;GtY{l;q8^$*h(-q2X;$&_`h$XM&}HU4jYnO
z$Vk|hGJ*jm`mkW>Ye^PHB{Ge}Q`?fQ8JzGw1QUiz$)XfpLeBaCw}=2cBssuBp6x{3
zH(AIrXB1|a7B=pXWeS50U4+q9IZRW-V4~`Yk<J{ho2vBuQp+vEUUlZE^f7->oPzZA
z@dhy76zF@|?1$0gwFk$WQrVKO?a#9-DNP1Db;Ab`HtaNQ&z)vhkO<$Bq+MZOX$+g>
zWITm>TgcO{a0-mgbhacUr`VjBb_B^P67)vDNzaiY2e-2hFC+u!icd_6LzxgI014IU
zX_i8)F3H%2hM{BohPT$Qf9ob7<Jx*(b$#7zBiGil=IJ%~cNQtPQpJLXh6M;Gm)bvr
zI+O|hkT9`B^Md=C53UtW37|k~s5dRi_Cyf4-{Dh|aU-c3372$3%XUu{esD?$c=?Zi
z-y+<<&I*5g1!W|f^1dcrKM_ABd$ZXTk5|aW(KjA8CpqbbbPoEKe@p@YiP)%wh5Tbb
z>qXEaUJvIIe;6{TAXBQA54qbmEthO+?kfIv+xEt`4>rEcUp+*bl+{S4+^y#pV{oKH
zFIAl;%E9deZ8%Ut>ox~Ab?m2%G+f$R_Jo=fUm>z_tAv3K*|?+xmtpQaP`In{TZV}l
z9G_rz<>Y#c$}7Z*r8j#8Jh{anUnL$}&+cdJTCBz<z%U|vYl}Ng;a&T-*dYw{VZTuK
zRQli5-*uAB`@Phw#O|S5Y$aOK`OTzTi~L#0A&Tuoz7=t=h)Isfpv5YO-0eDpmb`HB
zw4D?g8I)vbWYThoqws9nw#DQ5169GCS|N$h|GyU|h@%LYHVJ7I0*XXY2qrD=3sE6m
z<4Fq+=^9TW^oll56jDqEns7{M0x1HpqL4fagH8w|l0(`&mS7%TkV7|j4I#OY@_b4P
z*mY)53UvvtpV|FMFsHOQHQtS-i@@TR9C0O#^YK`sN(usOqsGF5j)Ra3A!1-<;M2pw
zpZUBXlh(7WbuO*>7C;x|D7J%E>D?N++8b)bQWYL1Y{2O4DVkpiuUoTnm@kTm!qhKb
z6}0vBDUrqt{SxhzcCQ_f2bn<{h$=>0`KpD;!Dy!)ukn)BTgQuiW2v6m6NjCGcq0PR
zdTfA)UV~r*i-#qfUeE>P$hx*c;BogFo+fmReP~-u=GR~7$;LAMzkJeaYYF@}NyrGf
zM325tKo8{0fp408ISx!9UcD0G$FU_~dzOwjuqN5!%39L2NrDJc(rA(#^d`zaRZ?(b
zXoR7weBHlu;8h7;9yoZa^?CUEC_$!Q05s4UGa(%bKFZ#dK}b>Qikl)!Xt&f8*&_&B
zGC?}vjhh?_Pbnb98#P@baLWx-LQiauU9{D4mtoiA65C@JSuL?W&Ih!3TP(du64GC+
z6U0KmR8oV5V!TM8z>x|E4or&lDgiQV<{!cP1n%5%z4ktV<#?Zfdidy`{<G(fA6%GI
zaS^>zU>n}D_o8(BUDDjhHw#F&t0}4F6K`l<s=r-8?R%HTi%bWtK4_m_y#HC#e?r;B
zlri9i%z$F&apgd<b5NiJ_QGJ3Q5nXx0j3~qC4pY+gPcjp=E%sQ4KJ)fP=YWg+BhlI
zSn<#sAXDlT2lPE90}qKoL?j=}u@t}XjATm(wXdL0tTg3F?T>hg$XUkvpq%9lya`T^
za;5weu@9z{BrTdWDr=d-NGWR>Mhw~I7Gm&RdCRm?JIh_(K)aQ$5}2i*VDkc2{O^Vt
zT%j|VcMJK^CD2=hND0C`Uf?;q6Fh4vDN%S9_7wxqWMxP61w|Bhksl5_5$$n01G_#X
zUAl%{6F3Hq_yp{wWRH%g)gPYO4$Ft)#=^*U7h_?N=bjiqFR?bF#zVSPkZ$O;xnbi`
zvJ0^k=ry@9^WH_=QS|<&vr%5qVM)+VsEZ7FX;=8pi1rBD+9(m@&V!8z@hBZfjuiD0
zpOOLYT!<lSep!9U`u+zlc6uKi_B|~{nnW!MCI6GdmUMgy`|>yf$xeC&0Nx>tjb9jI
zIzdQiFBFouo#A7!zD45mbWYzTE*>y^{1C`kbDZtqaq>d>Q|KIczbV3E5E6rT(OP$$
zKE2%d$5)>|ecjpr*V~oAM^&BsbC+4N&ytzRWSdDc*&)kJ76JrFSOvroF-4>l5JEse
zwt!$25Yf7T^l4ovQl!;d<VR<c5s^oIRH$183sq_BYiq5Pg5qm^>QfBE`+w)$*|LE3
z^%Z_M_ntd<?ws?T?|kQ+Z~1>ct9Y4@(@>Ajso#QCN)GctohX9I+>kBgV=DwqmbL^Z
z$O%2vXCm;>j&(Nz5=i+>HVwir0ZqxagB=FP;lv&R*qatJ#fj<-bZyY{IMIWRjpsXP
z|B;FqcE9s*AlLPU--GaC>@{>2y|w&cW7YX#cpwS!Gu=irkg|0E$-?Pi<KXi(`~y5{
zrANE)mmu2<^cZmsU3eHL_N>vG;mq}jJ&N?4&S;7$R|wpTd~_)cGbHG<+%#Gt=tU=b
z9ae{8x7Yye09T@7Ymr=Ua!9bJ%EGz6n0Mg#QInr&duTU;jQ>7<^!VMa|MtZ3r=>CV
zmCqlOT=iAb<~^eK$p1U^NlVE8DIq?jT_~6IQ>APE9=iK>wLCF&wr6jmJXE@C9p*M3
z!wxxbf}9`LUlhB5rsx&L4i4rH0$r(QzBfk`uzrY(WGA5>7tQ`Yt;6~WY1bVV0{s88
zE)dpnb?M;}y1&Y7($@NdE)<vGU|01=7Y=ntU@8&kZ>;oaeZ>uIJPb3KYO(SukhHJq
zwBG7VB_WdIDz`l<hx@HzWW6uySd2Pm!X~Quh{a+M&<u^GNjij3E`*R6L#T4MMFA{-
z&>^Hw6rG?uFUg4eVnvU2O)yU^8!5Us+W~e>#rn0sX7nd;;@Y&U_X5AamOT_FTx7^s
zrp^R!8ljb`>K!!?;9)Ilo`8oh6E#nW%hAaBd!)y(ijR$-S6jtgEbw>;2PG92AoMxy
z@3;z21oj}tHJFmd$Q%avT5j;66&`wBPV;(6uSK>n1H=*RIS6Yd4WmJ<*=#;S6N>>v
z;V>O9`T=U=iXx(PKLwPIkAMHiwfmRUhI*u(*`sg0;qiMRV<~=l32ZU7@DLKU;^3(S
zH|j+=J1sZs_>@`;6*#N~rKm>=oZp~jB0ZuF9d5AYVFIqiO_&h~qoE!jl-8n(S)^hL
zs@X-{L&{%i=}K~PFen&^%@9+$Sg+DUUUQeh1_)l>BED@vixgmt5uO*>gf;tR1wa4^
z*$a}(DIGa=^yybCn@3lcjcL7hOj*a1v)4|qAJWp+QQFjUO;c%Qb93dA*59iw$Nv1|
z+Z*RJ);4<bM|kVTOkF$SrYEnf+LX0ue*Fzi!x~1k`Rb<C)lTtFni~4^m#~C$d{N~S
z#JyAOdI{U`)uPwMEZjGGohIAZ==C6?*9(hiS&mIxMsW#R{m+PDCy{vhICc}l^M_t0
zm|b~}BKPCl?~ZSOLGS4O;%M}~Xn!6Yl=C9qVHCYj?axC$cO@p}@MQ)}kSUqD9B>q)
zJ_EZh7APhK*4K*Rw_*e;<V7%W9KWCYIpke7nqNH)FNmIOis=vce;fM002ZP<qy1mh
zyZvR+_5=MAL)L@#drSmh!(C(0euBO9p#AWU<K{<r4L(Z*aB<uk;sG}SI<r6-;4r@~
z4TOE+@?=;brQasmr-nkIFRhoS#an02d~@&Ko<gEVlpm@=4<F|7T~T_}^`^(rFg^U`
zm42U(yr{dYJmnA%E|Mg|pSA`xsxbwIL}^5Bvo$e1G6as5DVZ)$xv$qa8Co|WjRKx>
z2$LLI@mvn`AtsK1+cV%{rZ-%Hf#zR#f8qGS4bEIIEF3GEN+(qg$-u%s_3~8wbI|2+
zk=0{{tI!3r$A1fQVvWzSG2l0w4NRB{ARfXaAdHVu+MA+-BNW99Tki|FG2ePI-!^b|
zE6zZGLNU#^1;PS?)EL<8XuOBTroWbyYE|OHs>)!k@V*@if)f&SAd`T|s>olH`zzN9
zNDZ>}emz!<PS#e98>9NU0mRdi(Lz7x)X3S2y~60xKJNgcN`0Tt<X`rHoXR48P5UN6
zQ$Ls4gD{)@EK1XXF-HJd8>|v$mfFf-iDqUI^PMKiu{;S@2*XN6EGkKNnHjTQ&?i3f
zRca2AeD3pAz+>2$=_)QMA4H~8KeD!50jVTVTLlqOR9Z$pl2>5idX2JSgG|I4GXQ}#
z91|lq&=`bqW&q+6sEM+G+iRpW%~r$Zp?)^vKua+Ghq7l`R}oe(ezz}B4sOj9Xf9-;
z0icV&!5ge`6cMIN4L+<f`4w`K^OED-FwU~2*k+Y-6BWD?0wfENun6LSyz0{-FNfn?
z3Rxh+)Kr90q!dwl5`T@QE3Ke{rjS~5mpKzIb}(vLy6ic$qF@0BhJTO&TA0iu{u(my
z4eV#^r4Wl=@EJt{OqZw&m~RA_xC;fI#>|WFhv8w)PVYQ%@;&up3t?;A0c?%eH@-aL
zs^`}~@v}D$e&ahMT!4#_H*&0vD1qUpefmNeabv;kn`Q=gyf|ZS`x<>Khu**%tTSZc
zSS-cJjmWWB{DnSR2a2^JQ8g3sCq%*$PC}rvP$(!z*o1|MmSp+R){IIpDk;|V%xn)a
z5#miUArP|(`@PGN;~{dTXc#VCOb=6F1j2<-{=!iP;i#Z~Ohj^TRF{oA=g!==^cG<n
zdd~6O>#{{sV=-P9CeMs92|b_9LHHDbnS%9II`>9j%C3N#B8=F5QB!FBNvJ8$0yQN&
zN6UuP4d4`E(*7FADYS?h5IrS<)=vXLsK{o%c#3UX2K3jk`&meD#r@vMsTAw#pi>~i
zILYrV+BSGo!stO7PC|sCws9*L{3tVlf0t}Q9z<enJs=zVg@$oP1OEGihM{HBfbcMf
zXoYn3;DJD5)a6(lU7RG?73(98d82RR{g=<y^loDw+L$fcm`!aIK=jmq*}RRUU8FWr
zI3l$%V52k^aM|Lm<k3-jsCd&%+;yfm1Wxu9+Nrr(41|QULb72M)QVM5kAA@R&fyE7
zi_>_ERjs{+Xm2iTM3u;t+N)PRXt7JQm?j&j=PHDHjx>^0e9ThwUEXec0!`L%P#^^z
z`kNdRK#T4{dN=MDYm<0oaFCd%tMM_{)B$6%*xa3LQ9Q&1gR~qJ<d6dZ1s4z%gcBqU
z<X&P;j+v4L14L)!et3N?W?qWENfuIUk`{y058tcH_~d)B98{8yiiuc;H#d{ZIc8Xl
z4Go+hv7w>k<85do2{tTr;t)p;yMVZO#EQ$%j4)aLYVQGSlkUSIJpy;;m4~=PbND@%
zV7HVz!K>tZ8L^@9`XJ7WY-p%Y#D*rxeQjtyS~fd4!#s6JcQfaV3m<9VG0LT1<NZr`
z3>4YWfWXQTtjK|UAR8L>JYt~|(X}bqQ)45YmK1A5>ti~Lc3{}$WbdJ{=}e1_y6_9C
zkXFE&UEqkA^tI4}mQu7StuF%@n3zEVI-GzRO%X4&C>I*@Tqv7>%tB+*0g{l$oOb73
z@D-t%!eidAGbEcayYQ){1n><32Y4=!NRy1A!JldlBoO*h8ti{i+tCtc1j2P4GW3o0
zMU?M~0vdr{1{{(Ki6@XiNJlYt@}0gpyXPNV>HYab8y{W1rZli&+tQ8Ce?Ro)$@RZn
zclf?F8@{jJwEuJIPv6|T^}2f``Fr;@JzDK}pkU-9vo~)EtqZ*u0%FOkvrqaD{qD8$
zDL>$C=Xgf?YWN+Ok#xd6_)Pagb)ghNWj+cg?=H^D#|Fhtw7{+fo49_EUIu|41ky-u
zL&&9~l%c6f7Wk)T@ogM@{&V?8mKzheACZP)5)1#rO==>BIlA`%W=#wx%*yMwgtr<i
z;7k?XYV?7M(cKomyWsmY$Yr%2V}`I}?1T#-EC&=xOmh!MkI`Uuv4V&}kAX`uM~|T-
zHzHQ`@&Gb?p6ml6Q#Va|q+tLg8QB`0AOA&lgjnbcbd$n`!~m6)UZzk8KEI)kZJdry
zcAZ8?TbPa<&<`%z#3`U7TtrD_O(;C%Y;7ejL5PYS^I1x&$wIja2!xuF24#@7H7u%Q
zV0nb1R_TMzvqiFfTa!K3et~+_>0+iz(C~V~b+1O<^RQk=4nfWXn4km?6l3h?BCs87
zZ%NGs+dE-5%ZnJ10KH3DE6A2i?IGPwzSf>Xv?tZ(%nP^2j`kFLwDtrn6ye814NNiZ
z>SaO}d+k20yf4mb29|HgfF-%6{|2{f1~aj#?m4A39Q@DcY4lqm+HT`}Ym9x~dUTj*
zeHK~|*A%R-$u-4|W&?Z}-Dt-)I>k;iv*vyRI}oYcL4)oBJsc{7xk8<t3m;*jwuXi$
zkW29PN`gSN$wG8@KYbe&-dgv@%)ZeP^q{7~P7#fk)@ZIOy%<$pz^B=scSWnEm$dCK
zcy>LTplsAphV?Y8sw)J(0vf4dWxzYsN+BgM_age<<P9XkiCJI=kj|Zgw=}&gVnd2z
zlju+&*WbbkRl;X^#?GCga2$*Bek7m;{1^I6t=Em@Jy5_-hhxiu{Hb*UFi-;251Q=_
zz6_SPyG<4b$7*x~nclihh9s1@DiO%CxCwr|q75#_*f#v9A3W2qu`Tk!<&A9tqm@AA
z$;d_qHx4SFM?R5Cs*?g-VP6A^NH-w*$-M&PBc8|nMkY4G*@~FhtVp<G<?vO-B#ONC
z*KBWF+6myTLBm^cwdS??p@QPjnK$x_B*%@SuM@u*914vNUHU1ewWOZGk~&6`_k}+G
zhTNm?Ii?3FSJL%-j^h|Yko6?#VI7AnZMlFmibD|+(tbb`A(H#tqy+pEqq)nJ&eNGC
zbKp_nnc2|N%b^N!Gh7_9&~r2e^nn-B)eB76*gDVtXV*E9Vk0%cW$TM6Asz{7E1wSf
zR9O9hCW06`w}H-1^1dE`&SEwgkj^{^2XZuEbz<EB3{_LQjqm2dqz>2#N$?7l=R2GD
z`j3e&PWv|E9X>ZeA_%${q79^R+&VxjC?y^wqdiVCQj^k2h3Jg8=ka(5KeC^j`-sLE
zlqwREPD0fLN>wgFrumJQfV=QYO^wRTsEa{-yC?QB`SpghQqOVO81e1ncu5#9W=N)q
zSQF9$Jq9resHT_)dLbsk12GOU2_}0>Iv@W7fF_YSuwUS$?{Yrt2R=!QzSMB`V22}|
zy&FXjah$yvh&{gyUj^Y8#bMq|unhLX*rUkd%c1K9WQy>SNM-@(k>ZN`qU;?S`hyw0
zK=ureJ1zz%w?ts}jPmvf%pUkl(6$h?B?J}nVvD0Lg|B(w#0JK4Vaf%DiuLVa2Ir@4
zDZ`3I2*a|2CMuke13-h8@6J~h%)B{*@p3AI`C{fRMz2sR23QcGGziEX^k#q#iFzGI
zIjP?cdaE}>_19PNI21g;s{RG|cV}Xyb%*AkXolJj@FMWthLeeb+}RRwhdX=&iz1ku
zX4gSC%8_t{#ViZ@P<ZMTpj7}FBK)ef0`gf*Lm)Q(S`gbt%di5<=4eQ_>u5QdhFm&4
z-ZL5f-NmvButlRC7f;dTfJd~QJlACd{$M(<kO+zb`;Kt7*0x7ateeuJwA(K}zS}0v
z3+=Q9<wtrpUN!mFHy&#{K4ku;se6BMWZ#~b<rkij90%q(ckB+my(9F>GdrB$dRDUS
z``#b!93`boMM&mq51m2(W8a}a3;i(J%gWdeP4f=_QOx;RYw)!f!O0+vHGH&!o|H^7
zbbClQBsN@{uAP)2DbSO6ytFH(MJVmgY3t=icnZQ#Av_VXpaXmgyp_5PCO%yyn!A#%
z*m^>Ka*Zc;Xn4p<4|!m9V>#T^h-_;dBpp+=yC3B*;em(YF@af67G|2UC3)>F@0~iW
zDSSDY@}+NY_#%p%`I*omarn$rr(&R$-+ea<qZ!&qiX=tzIe@u_OJZcxi^b}v1yPnS
zkc?4c$0&ggNw^?%r|AtC28lv7l!$zY;tDE+bm$ErmkCaV@{<@6L8N5x1yUnoc=V6+
z-`|LcdN7>Uv_Dbom6&7z>W#4?6=S?nXOT~H-AXwlyeE~T({qS;o-2Z|?kSbAQ6e8(
zl03W%#BQfCs)*CHDwuESog?M5*t^>)mK!nL;35MyD^^1)<U|}ym=*p}h;<$SBrLkY
zZtQ<c-Dd|Ki?@M1j4_#@sa{bmj(_a4X1Q89BcDL;19P8bTulCH9q1w!-_6RCJn6K=
z@Vwr1<>z(BwdY%v52dvLQ0KX`!5xZ9`K-gqGYnepY|6|KP&5adntH2G(PE`r3+}nK
zwf362Ay=zQ22GR-LdQxQ>n2U2wGZ<B#=cwR<qp3aC|Fm_%iStoTyPIw<KwTb8$2=e
z2kqUVpG#}mJEGqIhj-&Oz1}TTy}_466DMK4LD%I#o-a-qh@-G~4QNC81d&rK0_q$g
z6C{XVCG%3iB%&v*u|zA3Ekr3OEhb{tftXX`h*>8HTQ*z}wom<lN|55Cq~{<ml8o~D
z3Hp+Tm?AOl8t8N+^{C%On4g51n~D`Bm?$nGy3Z<rqtM65R3Gkzzl)3fd*iz!Ouotq
z=o-{5^mF+%?-x$He|6pByECqC$hjfCh0(Md@)P@8Bj<HwprD?`Ndg)JMJedgsHB}p
z%L?jXLCGOP^4sq`x@pr<dB)K@H{UpS6ZtkE_pENcq(W!l!0d%Alw4zA%ky!LNrUuC
z%kok>KLn=Zhj1h8e-Ee!(&Liy*n&&MoY8hF7hQ#!3qKm01HLe3a~*pf0fmr4;XJX?
zt8l(}LJ=IM1^3dKk4@kh$rCtc0rJWaijkI|M{78;kMO`{9cgb=?pG%=%SHf=VsMOT
ztjE2N)P>snfcYM#CB!(u7Vtia-lt(AM8ObZ5D@S_%Kg*<TtE*+eR1sIEZ8x@P7VZX
zaHs<Uzy$7r4h6FpAYBC1kMKY4N+=^|jmPT^*s%FGXW#;6cmdgo48;(c^}bqQS=4#R
zY*_&ZF$HTL8x9evYQtpCihZsJ_PHLZmNH&^^_i=#-gNE7tK=kC$S9r23AJWE`B=;5
zi9gu!X6S!Pq~G3lVEtcuR&J~;4INy6;I{5329^A13cK{*ptB6j%DMXW@Y|zoyT=)K
z*$X5j!?lGWDS=|Od%+wU#uE~sBc%X2XJ99Vczj*v0NJ1XIuTV4=oo({{Do;3m5|AD
z$s|;XREzuyR`E;?9vzRF=otifwt*pmv_dhDjl<5*A)jM^GEyKV9o7Y`d0(XZ(+>mh
zIi1uONmvy{)E7?JNh#f|$=sD_<M4BQ;sJPZff)&n2)?pFDXK3}@ZWAwCdggR&mWiG
z$vbs$&+lE^ExH8xz`d`@M%Aoin>JBq;)`>Yyo)E~%AP+;{)eYsJSaEMxIfe)WIO(<
zKGlcORV%dbTGAS>iH{_(LH7fJO)L?@D+MtlRwKJ2z2Hk2Z-_TbF;G9m-pD~H-n6)e
zvw^^*(b7{`k*yKwDTsOCI&0?vKsIbqQ@vew9sp#gs2`hf?k1-+Qtlza9`;I<8^jFT
z1%O4aoW=sgBABkyz0V)o{@vz<>z1_2H~cI#moiyw-S*7HO}?vJw*dzDDW1#%^~M-@
z8ugCgXA83-S@t=i4x&K`&NbId_>w%i227=Sy!LL?KFdoe4&?Yr%V4t1*xXp|8};Nz
zhXoadEW`Sj!Se{~0V2r}z6q9^q>UpM$iJ2+H~~f`@9@&S`}f_lA&Tw4?ACcxBN;jF
z|4Fgq!dU_Ize-)6KXIy-oI^riC|UVOez>OdTWP~TWiBK24twL=gYXy?=S#;z7Q=P}
z^|KLUNBqP0jO}0k27gN~9lNyIupK=b|L?5)A+YZ8Pu_zgR~*uL)}d6hTU8HpsUw+B
z|9v)7pUIw*4r49$2y3N7*~Chfi@;s`fK5Rv#anT1S4-F_bv0YAtcFJPQ|80xF13lZ
zB515u9gX{2m=C$OXM#Ux()09PmEn7gt*5iHmo*wo*aPbKSTa(v9aGn_<+>uA$FpO~
zd3Fps*5$fo?3g?Y$1)_N+K>BRvSa#LY`tzZKEH=8SD(ar6V9jby_xvEeCE<kVh7X}
zEE(<asZ;U2b{vCQqx>M-Om)V&9rs&tT_Cq(Q9lE9Jj{+LCt0WZ3hLI*I^}%`c!L*?
z>SssfCbmOvy!4Tpf$Qn)fc_nJgzl?*@jSk#zQ8&aJHCI2`G84hQGd)1DF4OMb%#K+
zKe0r*R&K{<4}wMw(gd7mDrX??Kz~kq`duIDvyKf@ufp?q2K0MCNoS4vb?gvmwOM@(
zZ3Nwj_BuDaNB#-wU8&vkf!02@h_@xkj_Cf#4iLR%A8W+@&G_C*^=`J@u!?QgjzvU!
zPIsbxuS0(~Micsi`XTl}KNR9<lxJOf2gjduwV<`u57Za22Y&NGUPfO~e}oU-7w9w4
z><Fhj(Z1KAe-rc}nxG$I5A?%G91gkZ(lH#rRv*CU;eMdLh&_nMsEoddJ*Y2uU*l{5
zj~Zt2-$+#QL8~Ghzh#U@RroA#Lmz#JV}dx?XE@)B0kj0qpfAD)c%@lCl{HHzS!?)E
zMq=D(2gXpl?hM8NzAGO9CL0cVuL>SDq_PR<f2QsOIN+}sWH6#I!~a*az0zH>UEZtI
zDbtj#%2DMnYKhvWu2OfaZ|d@O<8(W8J^G1yzaiT&%5c<JV(c(JZG6G_uJN;kMTwro
z_QaD(B}uE3f=TC+rzdYq-j{qbxhEw%WkbqKsrJ-asV}6Zr`?g(mG%)}oE|p4V*1=%
zWNtOzVGf%A)BK6WV!6xmp0&t&m-SqFMfzWDCAJRRUfbJt+1_s7XaCGG&2iB2Nye;<
zT^Z+`+0Jdw7c-5Sb(uRd_h)5i&A|U1+4}5`?Duj;<;=@fb4TU=&Na(*zboiE>0ajE
z>V7jXKW|aq>v<pMPsqPL|Ec_s3oHd41&?~%o}GoW3r`kh7qu7dFZLAgD9JB*sMKCM
zyL3<Kg|fwE+scAv@0Zt<KQ+ibXx*SU2YUzatEj1%Qkh;kqjFc}$5nHywpab7dRg_~
zyvw|w`*zh#togk5={k4a)_PWd%aGI|-XU#6?izBkp{3#Vp}9ks4Lv?=^03#2rw)Iy
zF}rbf<8MaH7_n!hapaw&jH7lmsZAA4iwF3>uIW2X4>#>=da3D?=KSWC=3UJnjUGO_
zee{d?e{PHg|5uMSjU6)fp|L$&5}!q6ppK+3B({VD6D-n1jpuhLFV{<$$0ZdDV0iw5
zz4$fqD4-;+WyCaeY1ay?V~4eC74zO_+O>||B4udTdghk4Y1anUA(6$E-fv{n<nS{I
zY_hyqyPw1cfiJ}~$+&)ByG~)N6q9zH%4(E5wd+@yT?s$`DyveCV{Tc9_~C`{gII`M
zbo1Ff=EgAx<vF;zk=@Lev9-v1O;2^;uABV?hnH0WH`B`oYgaYkem62Ubl?qcAjRB_
zcP(U#@t@u@4&_d^RD172l$PS|9DawsH6PE-XYKs{Li{Fu=UVJznsAK6dsb+7=o>4s
zW}c6_bn<tvfY)UOYElK-4nuyVX=qO~uEO8CmjB91)HD8D;m_%J#9Q6Ho@m3btiZ2@
zYa9DJE%=rjzgZRc>m8{7Do(MbY&AZwM$M{l)Z_0kNS`^#1~i{P(~i4~@#eXpUIo^H
zbPU0}ysY7C)qEl9N%VB%_lZ{X@H_N-EAWeM{9-%)4%9cJ@%ak$G5w`p7wxS8E$RC!
za9_N=_jA<G<I#dvoQrUb<-bb(vkc#u&)d3!*J3H}?It|^Ro?kk-$lH*3cocJK4+Ei
zWTF2RoOhzNrt;0G!$0!uWYqpf)Sp@+MuXs7;s&Cx;P7kk%k+%k?WMTyX7S&o@vs`t
z#PSevL^bXct=*h|SMev}>$eiWPvdPF-ntUsARb(dGkt3T+IkImWHS2(zByMLGxY0%
z+ooY$P|r-{<Ad(jqEy9dK&NW%p-g|n<F_Wf4!yJhZ|d*gS;#wCQlJA+;6tE;r<eh<
zC;{5qBxsOQAl=d+1<jCnR(Jr~ARisD(KxXm%!0-{hvmZ0)6McA?Fz8lEd-|&!yZry
zO?WvZ#$dFn615{q;zJ#4F^cOk5*kq3VQe_CB1XVxZWQD|Gk9kVcx)WFXaZuyCPEuA
z8FFR{sL{f(GQ^0S25*!$&}BNi9(a*Au$k<eY!<LxXR|qyj{Oj^Dx2Z?{xJJ1y9;){
z``F`<WIvMh>|XXepesEn86+dyA|(Jb`w07kl*o3nJ?vBV3FP!{L?OJ&UPeaVx#*j1
z;PhXD%CE53*c<G1pnn`^XF<PTvtO|j?5F6Xzp?MKx7nNQEpW>R>^u;q7oiVt0w*p8
z&+I}^E=TVYXLO>ESA%oUv0ET9*CL|%Hui0HfIR`9h1=N%wvm0vK4J%<9SyL5XTM>;
zm69Z2{79)%8uE>sC5vQ*wZSIYB?sn^F4oQVv**}R7KA7IFWBAe8Oe!Ef&YO7?pf@9
zDI3{xbM*@ruU*zrElyrT=hB5$RaIlexv5G!YvpF`^Jbs8-(0Jm8|duC7qxS>cIMCH
zK7StP8tp#+9?ErExn4UD(az!bHHmVy_TK91#P)>?I#<k}H)mys_{cj>oNLFaV>?&e
z%nP;SM$>s*a}}=#&R&KE^`*^zX$za=H?~X<NYd8p1LO4N)ARhM>nHisTXC`B`W(N$
zeCBlIZ*`CLE9GPSs(UPwn9Hz!qM$=TP1g!~_t=9>2O4W-13uI**9t}y46Rxr0R>}?
zR!Br4p-?L%(K`~sVOlvEA138%g%lK$wVwv!wpO7u+)c&ZfHH11s$@bj%^oS5Q8Yas
zDOyl8UmGb}QM6P<is>j?2S<uF6w~t}MLUW%cckb*(e8>AGf;GFjTD_IX5>bSnJ7Ao
S!o}<T>E%qi_UL<$G4{Wwc^ZHK

literal 0
HcmV?d00001

diff --git a/public/assets/error/firasans-regular-webfont.woff b/public/assets/error/firasans-regular-webfont.woff
new file mode 100755
index 0000000000000000000000000000000000000000..f9285617c971eb9e8f4555cd464526e1beb9a5ce
GIT binary patch
literal 28852
zcmY(JV{~V~*SEj5J+*C3ZCg{@w(Y5H+qP}nwx_n+r@#OG>N)FtR<f_PcaoF5IoXM;
zoTw-O2=MdRH3Cq63Lq?!|Fi#N|NkQ@swDH{Q2Il0{*&eGFFY|}5z!wu_+vBth!gk_
z=u7O6oZ=6A005AC0RR^@hSjxFF-2uT0N_{S561@pfN9w03GU<+>3;(NsEa>w3O~{_
zEBDnkwAQx+0MICY{6c=T4sZ|KG<0zy007Wye|%*B6B<2&v5B3jH2{F|V*=Ivv}df?
zNMB;A@Awmo`O^mg@;`ll13*lz+)aL1CjcPxGwz5N9AJxmGh=-t0KoJ|0Hz<Yg4;);
zn*G2ZmilA=j1NG9FbisHX6@wm!&-mZ=LY~l3M;MDfURr|fBei}e)=8x(c(PzJ*>69
z+fToiy#N4!;6DL_10~q#TO0qd-Je)^004B*qc@$~&eqWh0I<IKi97q@>(b1ynRX7w
zKe4u(KXKDP+)LJPIN8<M;AhNsl|KypKkcV0{x`q>Tct^!{F$FRV5Vf7<$vYB1WdPe
z(l7yd03u+3Gm~d<uHnXpdmy$*DuIX~L+}v-IX~@61bm@;wPq9k4JUXN^uTTXNL$+q
zXT_P9<gp{)hXRf?E?#6joFax|M1f+BtW1VxHO^cr8b`G5AW`N5S|xp$QM!c!3x+bB
z1g2015y<*3R>qGE5<eX@6(9giAs*Y9b{NO6yKcWg1{45n9^rjl(6aM+JUyA!vz4}W
z6z_bZXX@&5a`KhwIqf>l^IQoVDlW1eOFz*}UaiwZdC<c9_(px#JEG(JigI^DP5-%8
zaTjPcz%g$%POuHGfwx7!f#2icsBq<bJnVdt)8zyAK7>7^=j$l%%{q<S`M93bP4>=v
zdv{(FK4cr{`9Z{GgdYQONHMcbmvSUTd{X_rG?la80Ub@<YJzxOa<ujG*>I<fnNl;x
zcJ#M3SL`SyS3T1+l@updKhqmK=Sz|AAQ=|##q@FG>-O_`B9%KJ-kp#o{d~&PO?PBs
zXwJeB?j77$am4aN=_CzqtsYy-l*Q7`wOMU!)xl@OS`S<0L8{&D@6rPUIMr`rR`yaV
znB7jvZ_oOn81f^?CsxT;^^7Q07Bl+fl|5Iqn2TM_v|A2j>-8CVLl)czecSc+6Q1>$
zlDsF^{u!yVoxgH0);5a9`1JqqWNae5ua<}&vsYs~s-1i3Rld?P7A;)ZEvl+D2g3^6
z$4q5b*hi)gdg}|?A{^Q;dv1G_A9I5h)_t;A95thB;NKeBG-{P`waHrEmnml~%WcBm
z++VF{Kf){;nAv_&Le(WfsLNz7g&;8?S(HT0hP0s6GgZL-`s>ta)p|0Kq#{nsTb%v~
z+x_T4B13`ghtu`T_o!K&yc0}A%2Bx#d*!b;10K^=U9`#}hP5tQW`=jnmzkGq1EUxW
zuHJLrR}`{ybDwF%s%nRAmN*yY&eGjmvE}7rnooVyyn6evia?ZVUlY)JH*RB^J)5Q!
zK?R(o%IM~>55ML?z+K@5Xcx+pELhI--|4>JJLH~+fYbO$zv^*;SyB$rcAA1*?b>#P
zgK*+pq}64^+O%N-xiQ9BRu1@fx@Z5V2`KTs2nXm!?B)-1?n_uR*<t}lw>z#Qtc!F^
zuWr!v0OM~8t5=TM+{pl!-Lw>Wq9B=(L&n)eEughK_S48tbSErhU+9x=1ZG-%z|;hU
z!2KO}DHT3AZag0VH-U6E_Jhz&ix=2KLkBo3i4RyiDdopQV%FRp^+CrS&PjP2pdBw4
zaD3Eo=f1dKBT#V1mdo)P?uGhZ<9~dJoy+)|?1k<663x#39dbu};R~Cd;tLuzF(YvB
zU^qEO&wu}55;@ir9%9-B#YxcvtR3&0^4)u~^Ox?GhxM6nyySK?q9MU7iBEM?+FHY(
zMAw||pcLF(y`Z=%uV$&Pf(JBvn9K4XTTxP|yOkNHlqYv$vqrBE)H@ha0crMz-;tjD
zwPxZF9JfT*O0S%9)r56sOXQBWmg2~gROdSV*u1FZMxhBsh!<<G#&wIUo>X$H5g$cZ
zE38pzt^U@vrX;nl1!bU~2p+x1wHK`UJvUc5@tl>6zO7we#nq%IE5$SMD?82$km04F
zAuNZ#lg+j<W$1X=zSTdP4$JB)P&3^n!r>qvZEO=;eXVMd?8ZN;O8rbcQ5DMC)IJ?$
zap+B|r_a*M%7%8^eRJ7z-yUqox))G0bvUwm#^#MDFOX~$A@c|F9G}#sHL$pt%d@u=
zn2RypB}udSiqH8+6OPNU4;TNQ>|`?Ny^2@5syf|~^{8WRr&1KBzK37b=skT;8~L#+
z|FpPw)3FT8Y|V<`U23LyS*NLJF^nha9QlN~R#T>t->IDX&u(g-(A!MjWkb<Q%4vo-
zq9t`tTlP3$ReNt3tv=Yyog8gxM;$)#Mt@6v^fZm=Z~h*y&syKk%Qja<?G&0zD?jaQ
z#5bC-&Bzr&zO+rEmx$h(v7R_r;Yd61)NSf1W`fn(+N{HsbgYT8(u~rrxS)CUZFHXR
z=t{~4|MxhaToF5M@1elD&d$L*)wE1{OZ)C~S}}c|-a7x=YgR;F@YqUGft9q&XRo31
z<+|<DR-}P}cbu9&&1^`xNp0@>`S*;@)Jx*hw8}9{pM7QY9*SnuN!IF|<V8w{wMFZy
z=~?Du=Y~4YqUBn8@BBpZhqy+xdOg_~pFK{(BH^oxV?{RTo2%gYy3BY`U?N3ifx|S-
z-n+O6A-j5J7DZjg;dA6|=Nwi=w)R*53O&a1t{~Ex`j-UH$bjqnawoMWUj3%~hNtWW
z+Cf|St@V6~4<TVi_Oe`OmU8%JyqflMl_bKM_KqfIbUCJnR%Yww07fR{(T!v=Sxq|c
zd@XHdFGN|_unxPBdD^m+*OP#IK4I9of27RnDvU%9au;jVRoB>OlP-*%nkkZj{kuI6
z-#^w+@+nS>Dk063iO{%-+F2!7A(b$Nw=KrcCwJ0tn$a68E_$M2j1ZN4outJqL;G4E
z^@j_;gbiPnMb@%)r(gGpE9ji_1#{<SyJ}p`l%{iO{d5;N^i*;V%cRN{^fT!&CT$AK
zvKueqE@q4cx?EyvuAB#f(MLU7S8dqnrrEVjmw~7X{Pp(9y{Q8en2u4I#9TVjXkF(n
zd){ZBi=N+ILgU1yk@4v|aQ*H=(`25B;W`dvtg*#)+mOfl{f_C+jXfqDVYLq&kz2Rk
z#eF#PBryGJa~?D6<Kb&HDlamPJy~Jk4F#AfO(yn+PZbHT(p*CUEe#L$z}U);jG;|M
zYx7qfq)B0InrADrCeIqL#O*i4?O833u<sqv@9#LNYCtS;=hsbcxOF|031tvfb|kD1
zpCCS+=#i7s7de6mRByd466_`zzG=#qqP2+wlP)!4f?QdOowkmRMjIz@Pw8_tR)!6H
zOokqo`c|Q--eNjxrj_gMzPj>tgf<x1^Rsn?j2GgxyQ!(a!;YL`O>~=<OnCFqU5_E}
zCC6uBvjwj!)6tTe>tRmEj(dzYpn_f&sW@D;n5KnB9B2lOW1j*%(vD&*&l#{N?+`8c
zY>D+H*yCJeQ{JkUjs?}qB{g!eM}k(+kJaEvKfcynDJC74!QBO6)KYP8YD+#v87*tQ
z)-)3f*EtYc2EMGh$)gP9qLzVMp2qkcY9KJ;?>h8Xmvp!+SrfO;v4`Q$lC!7J69S`J
zO3%H?QF`1jIm%Bgi#^)s>82JkP#}g*bz2U$BO4=7hRU3RHO3;=9OEO7NW>>YSc>Jl
z(S^9XQ8NyNm_ODm)xFRM5zQtRA6FDxj$2-=ynbKJjwtf#Og~q>&TSW;RMcedC)Ufp
zS^3*2;Y<#57ffcQHuS@tRHw{`a`^{wFSN_77Fb4RH;r1$8fCp!$O?X8$-agysiR)b
z-89md=3V-+;J2hT>+ptPoa<v>y0LfbbfIvuL$EDvjORW6o?$wMwUFQR>M(6QiFvs&
zkaVpn64QFfnx=`PML9UCt^f29rDq9W%!A<@QhCa4w-;9N@mdJ^7qhz5xXG$oT=-62
zv$KC`8|g~Fvl5?;07V+KBKaHafY1;-vBVhNEZY(_X6)A~Z?zgXA%Y*B1L~{<2aHEZ
zW&*_RyHIX}1KvZf79cCd)xWs4{FdkpsoJ`e0wKV}{sHoeZ{kA4BI^Kgg~R56bL3L%
zq*ZDgZhfjL3dI4HnNsdA{3!5gD>oRHfJ9ERkOQ32nDZ>?3LpFg+-xg13@6<+#C&Qj
z!l=yV9>=VCbtpG6KJc0rx_k6F5&nMrD2x_5$AEJjf+Ol7=nA*2!_)y|wLA9^OAPrT
z%pGatfcC5A;=?sR`q4x#Wpz;JXj3fu(fQqTX@Le(n^ZRxR+8-)-){B}c+{vXKg40j
z{_g$r;k$#94<LQlV@#qtCG*f@4D*$ImPA!%+HUDkqB<RCuY64V&U04&m44Qq+q&cf
z{t;75mv<V^8`iq;&ysN`UA{6O4SoV&aZ^L6#^izIlIB-4eociN?&8STdu)xsL!C#|
z1jG?);yy>?{>TxS*L^&9_$OWG^nr5#vzU{+NcQeyd5g_y%D7(>%4dhzQyyA(BWDmY
zbWN1)38tq#2X{Br-2uH7-c~I7z)m$*BW<OK7Z*nS+edhD%(-cr6LBGR`moxUpOU((
z1y<i2<dv(?PT5lNi<keA?(Tctuj5D6?`S&`XtyUC4e6++tX)N4EiEzi?U40%?;C)}
zBk^yUXdb!fuHH!fYlGq1l3wSX5wjPdmwzI6OV)Nv^nDOL5Hns1;I30;EKOXzEe8>&
zG48~2sRuPjbC}dPxO;Q1neBB?N@j5@QSMo8!oj+hs+O`7&r1$nyAIEI{d%Z+<E(b~
z_MV=F%Dsw;OEaM(Lh4xGc3Dg(*iJg^#J~m6N(x8o3NeflBC6fY`(OVWmr9&Vmbfa2
zc?(icYgn^qstq<AnH-K<R8|~2oKXy0rd&uRbW4#skn~AHJ}XrYs>rK0l{{G#Xe~%p
z?pYl^b!ds%#t#W6DMSzoB_kaJ;tY+O{Ga4BIc4bxWhC{dm-J{vljR5;k<arKS%XuN
z6oW=${rN$3N{2t+;&#MGR9FNL%kBxBc3F~@M58%O4lxWxqnRd0?L#p+g45y-ARnI@
zm>jH3RbnC1QVjoMa#-o57x0%*5s!dOjxzSs;2cc$*CmX)ATVCiG}uidmrWxVO#l8K
z=KXiNHJI-iCi2X5KMbGmw=mgR7jf$3m&Qgln5H<{DNiVvX7CjS&3N*Q@r1%|9)=>N
zKhp;-S|ERFKse(hHOMesojsZXMl5LE%TJws`Zvr7(ksmDFGqV=#R=6=sb|EvX=L~R
zy^dGLXwg6>d!>k)vPhaLp+Ho3D6g2~1&GJ`1``8=$qj?as0I^VKi?FH$w8JDXPEkb
z#p-q4m@UPF-OgJWoBS901EiV>S|lkEWC#bd#kxT`3-x4`{6V_6kK7sZA)d2)61H%{
zTN{si&_NCBm1ePAMMOnqq0^(~8hMOY8?~m?1ghxS6M^hXska{^nxJ+<g0i@0F_mbT
zvV;|_KK7iq^81~4Si6<rn1o%t9NgVJ@@oa2aUU%m+(LFS!Bu{fsP(0Jlzmi=^JI)o
zt#o9u_tBRtwVO{3F#)SJt+~NDcSnVGXpAw;NCx_o@zc(}MawW7UY6w`FlSr$k|;O4
z9?CyuYJ6JFMeOvr047_yvh=5&q+^eT>;|XEyd{Kg3bUxe<uWSooD~a39qMG5Mr#h}
z!H-9p@gACCx>~9Nd9ngMy|$rcU=D%k+?RxiCfm8S9VMew<-(@0P%WbNuw&`es4_eg
za)<s&QEbYsb;r;Io7ayx3sH+hsnpqU7+UIK_BDY{MLnLfW$}NNded}h_@|gPqJng*
zv>v2)FR9yq%hNzAq$0Ic(2`QLRcgFM^2Dm;6R8!vb;VB}(@WkHWm;pk7UVz2PWL_X
zEV~E{NE&#9JlKXuR8)MDiRODpVbKSzmjYgzMnj5Xx~wkor_1TF8S!k0j+Z06W=Jas
z@cy}06=546nTQ?HWOr<&Xt)e3t1P4Xpw$_0HmX4xq?a4(8~{F#4-Qpc2OUTH6#~OO
zqGrY=S}s^AYwovgHa3_z_pO)3bTGeWw4vtvnA-Qs=abJ&%)T3GcK&QMoVPL7NS*gI
z)zJ5X+xVTaELW7s=Mr*V7^&b6Y}-Y7a@kgayB4T!<z(o(P0alIgODv3G4`BJe=<?_
zx2<P$`&s+9keuh#M!^YJmI<)+-o1rWIAim4>ZnjaoGsPE#v<uXkA{q}qiPdenJV)6
z`Q@k>zWZN{&)Pw+^QhUkn)kKLPhY9Cq{$s6+C_2uf`r(YrVpfewF6bA)&-UmJtp>k
zXj7DZB-F9*0kzBdlTD!-k5PN6uBr5$0N6Vnt!-Nj9j%MjP-VlMmaPPx$sd?QqqLck
zUa~_zklT=1vNP=dMmW6?<B;tW>UH{UI_#a9hkpS3iTC9=OgX)Pf5`m_^i%cuk^J-;
z{$8fH$TkSpA<l=ybazg2%wHF~ZZ9Pp|LBPvKY06YFRqgbF%Csu5?`ow>Kq^$J6_Mk
z`!&<UokP_Z<tfvgINgBYL$=&^jusvg5Q^J$ZrjCIMtS*Iw%c~P6Z@Kh-(%m~IPs?P
z>+;iIVj1D|i|Pdr??Rh$XNHd+I&>4t?uqh2Uz5f7VP#*Jc5FHeg`al>yt)Y?uNmQ?
zsmnD&k$aoua{0KXOTIA<9b=zP`6Dh9NjELeAv;&7eDzE|UjhNL!A+sI=z<D40i_e=
zKFJabgxU)vG`{@**2tNs_RY|qGw2wo%l2vL>ON9l@D_!wXY70MnE~CKQ1DoyT)29X
z$AoqV`i-~pjqB{KSM04ax9gNQtA@K(F@H;J{8Mzm5W0Z2Ut!yhW$q&OlXU~6eBOI#
z7bDKy)}vx&BnS90f^))Tkm88)mBR%o7K2(LsfL0e^PTgc;H=SXgcga0n+uzBOHUBx
zcJ;aa$p6UcfBw!Ap$w-x{`|^zKQa8%3p>*p$HjdoD0yq0UOOi_Q?n|SpTP>mp^pLY
ztRyY*Ay*RVU5n4z>a*oY0kIusR&W&&97U6}+c3VIRAl*16lIWkSdUtl>}0T3o{-(N
zcJbK3;{uy@HVSf(SVko0Z;Z3NW}-?JSmjX8A+q9x=l**Qre^qLi$QmN!XP?diF%lA
z*2DBJ2hugt&X|*Wk;fa{qeDbLg@nr6blb`%gYDH&Aw5-1sWglVP3<#jEuUjJGSvL+
z(6~h|3<y8Jd;3ML{_n>i3&NXGk0w$G)|Bn|GxIILZQW4M1W7Nmw|Bg^-(u1s+23Cu
zEzpE>B6fHY{t%={&#x>i%-<hr*b&~|-oQ?8_j79S_;x11-=8>2MCiwvS3G(svk6n2
zl7RsPz~2LN0{CB>dU_^)dYIs%;E1ijhm3z;X<)hh8qorPV~2)%C;p7w<S?ez{XN52
zzy+fNLjt1&;{YQCV*&F9qYiQlVhNWl_w`}={6<(DfLUztV}vYE77*YU5EK9}Uq-G@
zzWx6G-udEt^?mW(^WE`<_0{ELzumnF06}=-TfNsi35Y^a;Wl&Ev;V%SQmvfHwIN1k
zsAueDVfZcZ8Itek?;n&Dl@*W>kr9#-qs#wCTuoR>T1!wtQbSZlR!2ZyLR~~zMq5Zx
zN>fZ#Zl`y4bailXa<hMae0_L%`X{9@wl=ghwKcFXu`#kT!$-hC!A`<V!%g&?ij$0$
zj+c-zEU&Ae!gPG{RSJz>yW480oTXx=dZX6opqO@}*=DEB@H*T39Wz{Uq5evlj%w0f
zBYSF=BO@=+pRfS<qJ2{%IH@B;;ZES9v;BQ+%9;rtzs=?IDGQs;l@W(?{N`}4;DjEd
z+-A$z?9%$|Je$E@;k)q+R`FyyW5Djh4e5^}3nB<Wdo}zg9Ss0w0}B9T{v?A#01<#V
zKr$c~Pz)#sv;w>Voj{QPt5*Z+0nLC;KtEs@F#eNQ&I4ovq5<iEQh-088(<3v0we%x
z0m5KN|E;UGe21*20OA%L0*L?MDgnp(uZFbPVb44;sKKQu10$}WBS>>LhqwrPAbfs*
zVYu}g%-p;}@eFW6ba5|1UP5Fh%g}sgF0Ka0=`<#(@wjr=Gs_vp6O!2eE$}JUPg(J%
z2EcRS`FT`iV*rGPmC3`n^ZOSJc*a~Jmj&R6$CeTSQ-;f5qp{>`?gKjb{R97=3!{;F
z;bD;z>WmQdIKy5l;2LwPeFEX_@6w(D14ChI@je}2vBFmi^NGboZByJ_X8;q@>lib?
zqNO!x`qv`i(!KpJso06)I@Z+G`Y#fczMwHDWyPk+m-RmF`i4`z0IDf}h}8iVcUU}l
z1hQZAEhOVKa7a%E6@!pS2{_OkN1J0`h5WDL$itlyl3WMDP2j_EE4{g_at+_y88X(k
zxcx8cIDM`?m{OcCqrvMKNCsR6lzvdcf}+Z=!B{h0G~kB{?=$>~en+=4zFClsSF6I@
zDNWAsj4F^GJ{y~N6X6{yZPO8guD0bCrSp_i?>f`nBOuv$FarXHeHk<FUy}ZB+%(n9
zX7Hdw9&8@p`Az>qD>~76>&X{->NNgK`v05-{G4q7yR8p(LFxTcZf4MGDSz(rxSn1=
zBgvX2k!hDO@T-lmA_@!*Zzbdc1{W3<?)8HV4W%Fg&L<)wQgL2~n**A&|6`BGL>&2+
ziRp|}Y`SQVlOsn+`Q><3bwvaE;Cb(Rtr%Z@^-n3w@v6;~uY^4td))rx*X2=W?^&B<
znq8fbL|5@)MQi24muXL7?*Jh=%u5{_pX@*9qN>k$P(Ha(!a5R?;NZI;NyfGO$yptr
zx3#=<LmaL64Ev{F>P6PalbKl^@lseEbm_><nc65a8g6uwBx2J0vZI`ySiTw;oYRO&
z*3pedj*W*KmCdDAP=%yY(#_!W_2Rpk+D_x5dDYPgw0}<%t(?2cEj(99_H|-3(dnq1
zNds>pgMA+1;2uA*`bV}p&>yYMPB&`m<heSV;tCjOkxXvsfu%#w`RSl?gh^$9`+l3{
z$J5D@2uUN$7QPU$0rBqQ)@KVVa=yv30>gUX=@DT0<*A}>$Mnv`yTU9d1iRi{FR->`
z?SojCtad@O%N8ui9y+uFJ3ytt0)I)wu*Hg#kkBpfKfOAJdqbt2&eL|LW~g37NTsVq
z?2gj+#x%V-MNFI3?~lBx&FeMy?jV&hkb%jK`s-;x|Cu!sV#r#=mYz%Y_lRPo!o;aZ
z=Y8xg!K3&2XWv(X7h)AGN88tkLnL2D=BC&C_uD7_URY)gg!0sEFTg{!Q6#s=`32i%
z-T)S3xA)wP(S3@pQz>G}(4U_D)Hd$R<-qnMI>ra$Yh3Odx;ibPP1fd^)BPnY`D2m|
z=EhM!Hvk<`J0#R;Y-)nO^x`gunIV*<Mz*#8CIM0KCgCRVOl}qRZ_auwwbG4UPDe}P
zH4VA<-b%W)vt_fGt7uZou4?$hWkILJa3wkYj+{kO!HZ+hZ?CR+62lt^-V?}_Khco7
z=goFJZDOrPn3bu&WJdq;X3?O;rW^D4rEjMm#*DcLX*digxbXSdxMKL{P#eS_1!f+|
zNO8coK_IT<rA+we47Dm<#X8pllXf?1LDg`e>FFwvKO&MUW+`1+F+%&OJ#k8qO9nYB
zgeg9`#Z7hf9#clEIY{0V>Lzmc-hqU&A=Q*!X=9a<EOl903<ajjdA-fs#Z4as7kI&0
zL3ClDNuk{1x%s{>NIiWYPq}7qIv+gkIi?q7EDtB|Fj|-_%!ae&>^Pg8TVr2!I*)Ir
z3yjfX!*_@)y+)Zo#EM82>ulIg4i$Cd4PYfl`aA@1AGH)NMsimjk!A5zV&^8YqoD8J
zwJKDzxw56u0CA4-RGCvEB?#RZM2^9`-3}S`rIRT*OB0bBF(LL}#Af+*!NWVlbKt`h
z+hN%MNe{#|Zv)rKGC?{+3dEHsR}~dLf#C?s+mF|Bn-~kr&Sz5pHC<Ctk>Cx_ejExP
z?WxRxtIk2tdjBfi+3re;@XH=4C+?w|@`2MSsHh2dTH3?;pjcIRt8wlC5+UlcIV9vM
zoxNRBoTVk2Y^PIFQrAcQ^>m46&9Ng$q;TfE=5qB5D-8pevGn2KG_<eCHPc<;eKc@k
zVJ!Tz23Kj@>#_;=<;+(!1OYf4a`UR8q;YE9T8kHbZ(j=~Wm3ckn&gm3h|?T&j9B%|
zj~j{#493qA8b?8W4@!Qy&7YUCZ88d9eqC+Typ63>B^ih#QqV>|EEHBBsmOppQl8E(
zp+~kHS@+NhO}CZ=nq0pIVEYF?FR<>`LqYL;;mrFjluik>5kOZ?%DV61>HWE9StQcF
z^<0zV^SO88f?w16vF>j)+=@3J%As57!&T<>xxFUDrBZmMS}c>pZ6bXzsjm1eN49Xq
z&1^ruJa(>exCC-6gQZe_;rTCUkS~Xu<N9WAr_e^HJ8YB52&Bh(uqp*k%i%2W+!pkU
zkivJ2fyy@`^+8#L9%yZa&efPUto#num^xhfWdr<(giqQvaN<Y{C+?17O?dUs>%~OZ
zJ51B(t40po>W&1PaG?@~b*cC!uTdv~*{jGW_VCEvcy*`#WIlw&^#s%1$a1#NTS8fj
zMWaWa{yY!u`&Xku$^6q<w<ea4_W)+RBS#RM;|xKUsjT#Tc5Ig2jFyL-uJ1O~CW){`
z7jF$r7|p5kTQDP=mU=Qe_Reh1R;ZxfVrHlDPKoep+rHep##LJ2^Ple44-4?W$|28G
zC*Ks(i^Uw+BW)H<f`Syc=H4DmVT;Kt@pgUGU?f^4ou7RHG1p!<E$Ky`$?*c?mef!1
zpBC`;l)6)25J9e(VUQEdNV9ElIA)j<2+*S9QtRwizkVrYj$z0k!y|<G{hmNhkR~VL
zrNbU-EDR%$BI7n)99WSS{h9mWQY&MUYIy%jD0e{u&E&W{ZvuMW)e+scD3V0OjYQo9
zs_1?O(KWI3u;2#34hSq|R`9|Bw5ENKF>$FUc5S^pzlcR%ICDs%$*K~4r1@z8XQvUI
zR&kvHN%@VyL1N2VQ_79<$N7i-IG>$$8pgs)zy+~mZW$PtgJQ66xllIg2V%FyiR{OQ
zxn2x`mI>YR8rGSeG}OFJVri%=^Y3C~*vLqGfjv%lRx0LGG+-?ub_sw#dI8Q9kk|&2
zXCUN5wGtMIo}@C~k&$dEx1>@30izsMOuu@zUp(=s>Y$ixe2gnq+~=F!7y>?%Xa3m*
zWi9!!J^1vLKaW0tnWX?NsKYXV<mL~DC8&Ub)2ItU-Ev0pvfmaYa?%PmD3xGVuBRVZ
zWBIBR8m9<^E(LpL7&~52#7l8ctZo)(k(QFv%J^~8%{ATcY`J*#@qlrr@rCh#56$uG
zB>XUcVR0x%3O=H*0ifO~z4OynhLpwJOd;q~!}#Msn$`Jwpk72~rL(>MSkT&77xuM=
zcb22t;<!`U>t!o1kVksRX*fSaB!g3a*s9)c5ymnCvU^|x%xH-=a-%BxtjQ%J&*Q(x
zNfG)<Mzy$^@oMC#VfCyn)v{D}k~oqA${*&Bgx;m?JxHLqrC{C$GYAm8_eoluE>q!U
zAF#IPV-qDbxa+G0;|EJyj7|1yf2O8&zpuvDG1)eMd*6?jak1*M++RtRJYXv_73$7a
z4h;;?v(U49N~$5$Cim({p%GUC_gaLHnRsKNgDelloGV}@IFTPBRz~0!dBVpM{{>`#
zmiGvjPH+#^Vqb6oniUf}ag)3f7wbU+IrH!Gcyrt~)9v*8K1e;2`JArH&A0U%R(2S@
zH^=o8o_*bJ2BIRa-LGh#HIFW))h+Q_Kd&;_=rrxT6>|h+<T~Gb=SS`<J@Gxxs1vRA
zax4Ho*sioGjr-~Ty$qyAa5ssB@D-sCOQ(M%R}JGILB)}jgyVU$8#Qh+QH2AH>>0fA
zq%@pf^1w(UFZe&0akOnWLwaZQYQpp?`r6rItv8b1N2x}tjqXI|Yc*E6TOR@D3as3P
z7vykOIjSJmt{{A1Z5ypd1VWk&G+KHQnA%FB>bqC)H}DVURB3$=$XjQH;sPkvb_zzK
zDJf%?>W#UBj4OFbOGFsjKuUQ!B}O4K`bL&OqN-Vk$o^5BmHe&Z_-Ov_!lGVuT1s8J
zPbJsuogRHnig<_L@e5BaXD#CR6eWBw4)>eK+6dM<xCaRti5cY!VlkA^8!i1U{3ir<
z<G<+6M6B-ohxbyg0?=1U{8B`Ze#P?i62y~6vyxz(*GJSv;EemrRMug3K{iPxK5{Z6
z4!lCPO#J08^tYxvE8TYmE?p!#e6&lP@!YJfp?+QW`b)v#mz19T;eAptA*$s%QG5bB
zvD4=CSoy{TVIwys+gYty=P_3=M`p8^@hv>uwcgrTbC*)1*u?Za{igPM0!Qz~^U<(V
z)EpmQ)~Y(=Lm64*+5Knho+8#h;h$ma9>)zS5K&&VgaINt6rtSSQ(O&m2)?>+ajtAb
zln|FW@+b?;><B_V@${4uWg<-B8EQh*C7D8Rh)#@BWQI75S83GPkj+0x<y=R|kXN_y
zBjaWTFsm~3sK0FFY$OVOD=?FV=<HQfsQ==cV)(Bg$Rh<gyTG57<QdgOgIKzx3>R6)
zPhcRMqWw$~ma9LuE^9WO)<7bHXLN<3ldfaFMa@0Wf%<uzR+zd<WU3+I@cG!irdo&Y
zO?CuKXg5|&pRSKDu@)RZc%l|qA3KVicYJ+XpO1^EeSJOgRX+%M=R6-oitsESt5i1`
zzD>w>$g@7H>|jrKLC##kAdrQpfdmvv??hAQdl5SKN>myX(NiA%s786$5S+lTQzc^(
zOK%T<5ha{vDe&fMLq;YnI?7UAYyZ+F9~Fw?RhV2_7iTwwUjFk7y~launvWin&G$Mk
zNq(P%w0L!zvP1UEU@UUv#2jtMc|%hFy8VDDX~wtpI%Z7SaX7geUuZHXvh^*4jg7nZ
z`M$+ffx9#twHt!x9K?NFz5`g6vZLJeGZf*5qg>stu(TO2v%q@jirH2bjz;MLm#^El
z=k@>-x9k(>xdkAmY`0rog!7LF#LQoOnH`HTo|+DVUN0n7B1F^FI^I3a)0I`08KMEv
zFRRa+(rRha&$}=0kO}#d`70yOI^h*p=rt~6v?+!vhXS8>Qcqiy6`DE_gc%R%a1kzW
zI1=qSjxd-JVkw^Rra^jF6V;y_+x3Fr*=A?j$av%(Q-bz3*8C&7c}(clb{$9WMp*ns
z{wPdn9L252BUa?Tmz;7pe^W-Q9%qGYvXTIgC!U*dOX1Hnwx1f0VZ585%j!HWeBCTs
zl9ay*JVa3%9tqVIM@VR}h)yexc9R|@;(SP8B253Ng8+o&0ykqtuzku}qdN&~hU^4r
zMFmLQd5&d=%Y<{-oj^(yu98o#Rc}!WJVl1<XZ4V3lp!;I3CEYs)ZptU#7ujut;`M-
zOF}VR23x*u=QAm4R03;L`uY@OuVcV(jULpSN(e3krj$iO8y>%UZvzKgHzdQ;kfh!x
ztY0a?Lx;e$e>~Z@^ch$686lK0J_QONTt|g=YauHSh#*i0(GW+8cb&z35y{*C;&r|M
z5m5;A&<tl!Fp#mvMHaY#>#r%6#Zw{T)UCH`+ZM0<M*J}GrwB?-ypjt?v4<mtNt!`w
z$E}$AbsyGBDFT5`HGjGbBU=OhREp63M{N?NU4LlaZZ8;0&RbN{<&v!J+8PI~$LD?V
z4f_ohn+W@a=QZNm_wk_s9pU|tyOz6g&E3k1$)=khXc61?RoCto>iEj|ApL7rLd}N5
z?JVQC>*2(R_-W0I4wL@9r*4hf*BsM|7`V2U$5Q|G4l(yFbE9{Y6*vd@@#bTMPr=7t
zTGx0^%oKieUF8MS9rK)(w=_}7J?0dxo?Io+j_gcYtNiX(o+u)+#9y84>0Tsix3AG9
z6G_uuLW%2G7Bh^WeJq#`i-!@p0fU0Q3@kq%3L=#NG6_u}sH%8vY)dz}El$Q#a`q#n
z`;npb{aKMweSN^miyTL}R5TDQH2|E;Eez>O6g=nxaXzw(SdcR*W#Sefi3h#(8#)|B
zx}lT(H=D-9GQS42JT8cqPINjtoD>LuVg!WB_&m6lg+#<`Se_u3-55G|^dAzW>ls5o
zLdo*7M?bNVQ49k@cg+*HES9$7%a=Ifs1{k7LGo$byA_11)$RL#n#0$NtWss9a&NRe
zqVzerlN-mfo9q@ZlieH$Tb!o5fjYbH3L8ECR~r#+MtJ*&j713=gJV|GEg1KWt;R5z
zoIqH|2S##uz1Workp}UOptHiW>6BDd_kGg^qJQCDU_gjJp$r+S&(gDcw7pL5RcCa3
zd=Gf;|GjTFKHYu6(925Wz2H+P;U}uT62D929<>t^Cr@9rd^CvRza5PG$Ke%8g~*an
z$0FFlF%16$_4YwZaUyE0o`epJ0|}?h%q=BFN1-4Cw1Eo1cl?f^3*LX#NJQ5!ECVDi
z5|I+ao#Sh<pU2<f4V292c75!>yTa-=nrRWWIINapSC@9{ZdhG2x=jb`(zacme#)dM
zakhYqZ9QH6qvW#1+o7HbtVh;E;Voo5i=(o|0QzktuMX0gXKW=IMDGYXmnGPeiZvkG
zfaH5Gx+J2qH2~TKKSvMm9(`NY-7GgcA_>K(u+b@V)+IBxF?`6p{SMgN5GS6&fScZ4
z$t`+j+4Yv$+HCoZKBjZ!9`-%5e&^ySCb_Wzi)pmZe-`vnNBB?}ojQqsP1KDvCj+k<
zcA`R@T<QA+Cb*P&<uuAd?5aR<+c}H%t|e*PcA8I#aD4{b>lV3*n}IUeDj(R*NTePo
zBM#?4QOo_UfnGliZE0#G8qDur5&!2{&|QT(n3zx=9rzfF+t>2$%`<wlR&Vjma(KJr
zW}moc)#ctCpW}<`NbE>=-18&OS(ne#b7#&FeQ5<&?e^8=sPJw{uin&iBe3XDB`G>x
z+X)V$R6%s6FtSjl5EP}TP;at27n5Ragz*WIm2x&wLnbX~02KT!pMR9?C74)j{mC+8
zBmN_GLF#qNx}pADlyyE;xpbht?5m5Wcj-nfqies8O`fi<hlR3a)Cal(-^%FC6b%b}
z&e*?q7yAPh{8ai`+KZUid2Q+3g4JfR)6L{YhU-Kpe#CiG5!g;nZD>7qh;xAX=Li!9
z!fj0ynfEC;?b&z!iLLt!9}?}Gwx`Zo0=wq!z;-Wv9ag7aPqw1<tbS#oMNtxg8SCEy
zYfjijQ5{+I0udiq>xOcu6O}NQpSV%|s7w_2q|zzBEvNcZ-q(<Cs@c4NqIp7~P(9_d
z*qB$S6f~Kmu`#JR67vJV@JrZ*flXmP0vVwiTT*+ep*BC$E+}$WGZ+l-0%xB!!5Ahi
zIx&HOaoeG`{Ldes&-^<NSy(?6X71dc#7dvn$sCr~9V)qI>&faG6Z&2KgW*y)3}x;I
zsDE$3c&FN{sa)nxC38JV){uWOvn0~k`l1=~D+UNa1efJ8lL?Br>1;yTdG;BD@beve
zN*kNI;y`X9tH_SqfO`wqYC2z^n}^acVpsw1%Y$ug`jaln*0qjcn{Beh5qAWN5N6D{
zd$V9_i6cPuJm$R*7~t+!t<=tohY;BLu^>|Uv5tMRG{123h`PhH1S<yxf~jhny^A~F
zzI;2yRVbx&IEH&<s|hNSIugl~c*e61;T@Xp>h4%}Lar+cnY`G+%#8OsH}#y^{<K}O
z6e^lfFIAc(8t_6FgFR)lL^A@T4;KIw_$1xwCBxyz7r-Td^Oyc}3hW;l^~xs=g3H)x
ztunrT8Cp@Llp8>MJ1x-EG*NBII(9vV?Y@*$hz$!<HpBMUk)3^pvltwuE`5L|>Qc*G
zMa^v=u9=5XMDY2;BGIQ`UH}B7N9H#n&=m9Q7uUkHHSrres_E9e-R64Qb!Y9x6CaLJ
zw<5fY(7373sz!s=N+!4icG_xOCKZo-vbuk^YKx<8av>TvY1vRLX&I`xMTC?}vZTBO
z6_<a0{TiUujIn5Nj1^|-Azt;us;HL?3PPN$F|d#od1OFyY`%x;ozLey&YJ59q$=j?
zu1}R}L**W2{pn7ZPJ5*@_9_AN^cTu(dtyfQu^0b1*(J9k9c?u-7gaoD)ZmNvqTJA@
z!lB%RvA8YENfC-JqO^+~o{Tvvhj9rE=5moq`-jL&omgV#iAnqKCrQtADHJ+sX6w(X
zanoz7*Uvfpn9cX;Cdca?K3k!s@uQUOMmx2lyUU%#7*`tao9c~{nHt=WyJ+$q{GTnz
zS|s*c3^v}aSO^;(w&M-GG`L>%vZ(b6?=G#8Gn1*L6tEQZxvU;HOIeWs9WBLSVKg{_
z^B{)x^ZWw_Ha+6ko(dZNoL9Z)b6V{&O6S)Ee}{~c%Cdt5_Png6K|NYB7cq^%rX;Yk
zVrk>)8<tu&Ha)z-AQG@eZuM@z$mWEY_-nF^Emg^aZuZfrX8(DWVNyztmt?F4M2?aV
ziAFg3`r*QEH|I?th7R))Es2>O+LeT!Az}zk?(3!UK_jS}gw%jkCcMqefha&3Sf%xd
zJx$uiOYzJX2P{<-m_^L6xgAr9?BXOItuv(0OqK-sL4{z#`OQH0Z}9i6532{C5o}k4
z3Gg4n2i@08vvNexKakuMpr0`svyc$*wl62o4~~XKR;-vL3xwDhrgpN9r~KbD-S-C^
z>IE#~oFRogg<v6qzj2UTNorW~h}^@_cMIbvQIzv~tANO1CUyeCN$7fE9*p+Ub5KTV
z!mh6+jv5vuD;(aql$_ELZXt{wqL~uPcp*ICOWrygwPEftX(OAUDR$fzfv`}PfJFPh
z`go*`V(K4I;>CWh#8Z!c@ln)J(ckUdWUO}|XIV$AJ9#N?fIs3T?Ban}qo*voYA_i}
z&j(xrqQjs_)3U4KX%e~@egnaz%f?fWC0$c_Zv%V&+zrfi*4!xZ!aI2Mn0+59!__GJ
z=go6NghgJjmk&<CLS)3F*r}IWZa*Z<0;NwtR9JI@&{BmYx}W5|!7Su*$?oXJ*7a20
zAloh2g7qZN5@lkh&Kyu{27WB`;4&SUgleyTE@{|3EDS@xNP7rUz)C~LT``({-Se%{
zV>c3GYyHkQRfCwUOPH#Qq~;@XnyG8Qg#0;{b$CGTWGLnHLL%rWB)cuTcQvE`5)aZE
zgt317%jOdb5ri@ex>AUYZr30dDjF78kWAqK#Ihbs`rdrU7oo!2IH3AE8h@Fwoz2XG
zCG*NSnb`liwU9EOY=kpNTHb)z5_pC=_L!&ewe&9PuBtd$cdj|oD?f1Uv45N#YirGz
z9|eD2_&C!1Bd?9YB<ihK2offz<+#cXctty7Am!Yo_ZjB)-OaLsY~4S4_-RtTN=0`^
zym`@lXDd5f&@iDS@S53BU;?e6DWr)eo}3W<bUvOdyAk;JX=h=e-E8<WTk)sVsn5)P
zfUOMinwdw09!N6q$?+aIqdo;M2^rin!9Tt90dRy`z+(OA>zua88F>bd-8|LbG7+I>
zZ*>M0nV?Xce<s3C%#lzwqRy>$^9VWD*&VyhriNnApZj_uB8~R#zS9sfT@DYu392=!
zyacH4I(S^)!|g1@2;3#D;0TBrQ3dqg`Nr?qo?qBE+`tYV45Jd*=!axwPf?gHp$mX|
z{JBEPES&I+t>A1hTJ?G^BZP2EJ}H(}YZ`@Jq`sr#CyWMF(jG{0#*JFEdnlR%w7HHu
z3Dz~c!`-Ty?z=s7vFx^`qjUR{TCOWgolg5^)=SF-7pflBuXCD`PRDN|18lFg4*ZXk
zJ)TH(wEj1%;75CqZ!&Eh$NTud?R06IxodJVBC^fxYSohj&33{k{7KXd&5rZCC=2za
zHWuFe>p|A|p9Whj4av-W{M-R1%etSv6Zk0Dwgld2bmkwA@8eTERH`%z2WhDVpl=+l
zI5xjim<c~i+Z};EnIUBXXDJi$&%M}0kF4?l48L@62pYDjyraAx%6yEbzPk*&R}PL{
z!3wlBQDT=#r%>J-I!2e_4jg{b$Vk+)WEpS6Aw^fb&CAMdj@O$p*Kf=Ic;5Tvt-9oA
z9+A;vWv`~|M%()ri9+-_iUfM>5w2x?h?ltN9R<!~yN1QpAdx?mn4kfZhECAEdwAMt
zFvO{x+3d$!UF9hOwVqLC+8UXY?b28m@D?eWy+O%181Zozy?C<fBaB=N5(Rf}h({oj
zPTQ#YAGJ3d&vIWP3odES=eQ{>y7RTyt0h%EL?tOZud3Su?7#oKPNa>yO)T&nu<ZyD
z9ZH^0m&D<35*$qE<8qr7b(HZ00FPt?v;|<|CmGd4sQ02IY|_77*Ji5+hj#ft6y@-y
z46ta*W&fN<)QRAY`br<PA&|RnH+5dKtmrcSJ>}WK`{iQmWw*7x-gHzjY_q+}DZd)^
z5&K8fa-0QOjVGXOrL7QQjQvlBEE)lGm!aBmuto#$pfw5Evq&2wC}BK3ux9801rE}}
zya+sH_=pSnMPn+C^S+paFM%VYSJf(^@}BxQKVuuTiXKH~`>2e&))hW#7Kn^V#4>uQ
z($f_eVp^A4Vz?bk<EWf6fjJRss&7=k!6T}19gYqJ=aB(h=bLa_E#%5*irtAR+)4iY
zzikV9xL||2D`9jK`wPg_5^pH*CYHT?Nt&8GU(iIUi>gk`Jtl<7oNm{tH<1;cM`Nl}
zd?lv+r@T+g67QQgd>wq&LXXdG?UBR=zAL`vm&^Q&<L$Q<b(j-aEOp+mJNXpa&bwpA
z+bE{&H{3Z3p}x(oya`?JJ07{huX59?_1no&&mi>U?Jk2owhFt;nBMj8T<fF3$dF(>
zuq16(Eqn3}PbHVVCn2eRNM<2~DU$HXo@V3UuH~7)64+>U!s7IJ9IYSd8QDIU<y%wU
zjV0XH9nTXnjoHUNT6R-#sx9)Ee$bvN)!ED5@ba{Ri-@VmznIUi&UtBB#~}$6%*#r)
z;wc{s1$(*%Q7U(Seuf@!IqGe5km3T?1JI)|?By?S_DWLBEM{<uexF{fjAPt^ZtjeO
zF?<&eXuccNhql1aL*s#vu{5%3D!G6la!|C!p$Ox5<;?1if*NsdudmsP<L_7+uh6u*
z=z{}}jBJjI?&()<s*Z~<@5P>GXO#Q$ocw;S1v}wHt^I1&jA%t(^NXtD(NnAdw~EGT
zjD7d1m?W?90T=vc9*H3|C*2&rpuQn~!O&WO_DH29!%}E5t}z+;tYE5$Yt?9_nnKOx
zr}Tbp`nzBMQ7)e%*YgTewc+|Ukj+CgMcPuqT>ulXIdNiA!J0P(gT@UF2hFey25LS;
z90z?mb+>2Y#Xx)1V3&u!JToyaYh_oAsB`Z=E>xdlSY4XsUMzq`z*q`|jQ{wr9w%4?
zer<&~CZgqYfA}5xinGz;#1bJUgA3rZrBze5^|jw<8QsVosr8JXK-O}5<1hth?Unot
zgrLfrY^YGj&)S<WL)4}&%pbHfWML?CgT~St0YsZ7-)C3f<&96`#cVLmDhS@)Zd%Ou
zuxN>bMZUQtrue=ZI5xvqeidYih*vJx`wtt&vu_M;YS0n3oEHfR3mqoWkE)U3?u=ie
zgGrM=mr(_&fCE#eFK@{YkAQ*;R`?ek$zj8c=8QwmSKB3Sx58_OL-@?zbUfBk>%4~w
zha}79ulfM)aBiqOH-=urlaEcMW;SDT(cT7<yM8K1#&l|B862@pWN2v|&<V(0{n71e
z<Z;?@&h&={g0hQ7zoB4fRHt`^o+M;=Jy9ug038p1l*#nLQ@5P%{rNyn=X-x6lxFBz
zN60Z{L6h&!svW5YNBCU@Df9^6oOE;CrRS-SMrkCP29Qf5?XlgZNf4g?%qkjzQF|&n
z!48QnjtI^_GjBv{y3%k~<0%*(O{<K!U|-Hu%r{vRQES1-Q0=M6AUzZAj`^oSOO}lq
zKCk_(Yx2!))9v-5^0eFD{RKRFUB)NL8`Va2CZQw6>}sJNX=#oQU=t}7(RIv(-*Kam
z@at)cm<3tXX(po4PLFOk!|mmEGHZ!k;ml3=^g0IaL+$3C8)#@fNND{$5wrDBb1!gz
zW};i1Dp0|bQR)#UG4UN|@4YHJdqXnKh@5F$3>!NF2$k~P^-8!LOVx=3g)5tZP0R?<
z$W^W+T})4?(xoBEQTlG*YJ;K5(o)+#*3w+3H@j`m@w0utZ-bYx$)>XBGcDQ<c0ax~
zTFs_WQ<zzkRk`c!*0M>Z$Yb!B-HhainwQwDF~=`-$VUfengaT^F>^(~X{gu&gk-I8
zy)!j>=u{5P1}dQ&{AuB_G~(Ffz~kpe%TVVU?LC#<)oD3(xgeVtQ$ClY+l{8jn_~RJ
z?z7}xYoe^BMs%?>8Sm;sUYw=LV06ta^h4On*Q0@fk5NHDLAa|U{iea)teE{Qp%j`<
zrUN~28cWd)<Ah5@Tjh`Hyle%V90X!x+8jI=`bI84U8j4l85KxR*DoBac?fPyqp#8&
zrX0&ZpBZ}>39p2vv7c{0jW$QTBM%Y3H^xDHmlvB^p|JUvkgGEf8Z&nBPKLclXQJPk
zKkq|q4tN`Sybm*5V+5k!xu5Cpd$6C!2w&tN(<E9ycH<Cy-mfw!Zz^;=514b=G{pC2
z(hB<DmccA0#n_?TT%uoNVMe?h>KSu}B<~Vtc)$52;zV+&`6#~k&qMQRNX~ybZk!*M
zDoDMq!qvmANDa1&IhQRe^hXYfeq<3jn^nhEV$+7!3l&nEUNt(f3gDm7F9vUkNrWDD
z=2?y5H`vYK%(S|vJVC<(jIaYgO{2BCT=wiH$TWvaq0k*I;EwhDiiEtx|75YHtGr|0
z=7H)i72n`D;~u=fEW;d+ur~Vi1PsL{G3!<&@Po^o@Jla1lQ*4$RSE@Uhvof6X_fk<
zs|=8OgJGEbH#2mV>{jphr1=X`<&p9oW_O!zkPD(h4%+XRa3BH+aczClzZ{Fmw7-Y9
zev3$Tf?PQxwLqOAaN8Zsj4r#`&nD81uM-79P2Lk^({8pi0H3pFB$Uw&x$PGFU9+JT
zM{$u=Ll=>1tZFwg1h?I8?ZXt5VEaH=K5XKh`P9Ui2@{YZ=1+b7U$j>0zrC*QKWp*f
z8QfW*ZhCkFeB~o0OEXh(ewks`NDb+-`&X+0?OuaLnx9ArL^G!UqM!^UA_!uVy`@Ji
zEgBi)Nc=?n&JC^3Sb##qan_`G+s##i4z+1b7m-nNIPFg`(YpMnuB?L=(_WK(yUheL
z9DV*h=~)3DN#<LDyF@)=GEsr0Ej3>NVbggnQDoB}YCS+k;q9^|X6fTDyGqH<L9aU0
zN0;&#>=dDB3uc(Tvfu<J^)$N(3Q^lTLe*h1?*F@*?#Xa9)aPX}`5)yc{aDn}32hgh
z^IYRwUZ0(IcL@IHgt&2`tJjTxy_&kYI@BetB3XiR<M8A(+<~8K{o_Vf77VsCU1c;g
zu$g0_=3NyU!~11g^l!^&8}JLAmB`!2&*7+ZRle@ch7D@z^Oe=r8e5@(G!1>Jb67M-
z`E6uYOY{I12bc=^q)sRe3uL?9-(VlD27$#Q#!Ty8ChZ<rG^NI9;Zt%A;k8AizFNy*
z_FZM>`2)QvYyQ~lNPeg;1p?`Zk#w-+kZZ{BN>JO=eOT+y1N0wL)N;&h&Y`O`YIWyH
z-@945@ouq$i3j^lYrRt>Ee`RC5aNUp^8MT23S2SNyC$Wcd<bd@gN%e1a-$y9e?vLs
zcU53K@PgF#;jk6q*BM~rVJ#5H2==R?=79~SOOufn9F_^t{7>|SC#zj<NXy?7Jdme{
zF>1{K0kGMK#}$Ha!I&VbH9prxa@U&cmRG0PC-Gh5f&cbCKD(!im{L9s$8vIBx3>RZ
z0P`;l(ChkC-!kVfOa3|Ima-kd8-2NyW`O1htV;>EgiD%Ga24y*)VNC8a6$Yrxj?PA
z6;8;xu+MT?v90K4#kRRX{}!Uv=b$AM5?c%wZx9dRQ>)$Oq4h}xet75R*ok5=e6)5K
z9-5r8!9sZ)t4nJmwLWS)`t(>;h|M=N-UmiT4ehz<yL0659Zfr@-m~_moi{%^di0|=
z@0_z{`Me!lR(!X7#kY5nlAUu`ue^Cz)2@pL?QGgHXZ^i5Khm^q@UWe{Vb!Kht5!br
z5SPhI4A4%5y*P_m#<&m630cH;tT?(n`h@JUVkZbzd7~ZRi%GT<C`T}(2$I!mqcz=n
z5H6;8(q_eXHaFH-$7zbuYRhCBJe^cb!h=hNc`p$D@PEQ|oQx%7eyJ?}tMUcOQNB2&
zd`|L|&(qq8ZM*nMZL^oXvQ+toIF`P$jQZ;x<fxv@<J3F>DgY3q7#Ku(YRt-0fyvap
zdyn&fYx8O*;cvC(@9aDwrJcp~1P-{Llk#G65lB~a47WbjEdA)FtH9D>j2Ah8V=EkT
zHF~coY8_G#KQ4ifOJc~+ay_QiwHU}NEXSQ!A`UbetggJGvR?6v`ru**ok_RZPi^2L
zthOq^jrxMt5iE@3dD&o9>zUMI<8usPy&5#C&6>$VEu2zYvLdAs-G<ADO#5ip(apn~
zH(xRPhDV-#@X@({kl)^T@#39V-EzbB%WrNhd1>tY85fnuu3Xjc(nfyi$d#2N?ppoW
z+(nHe`VSk|yU*PV@0l_Bj(eV*wya^;fZ?MPxz)q2o-pFllA=Jkv2^&Qy*x$Z82#$C
zefg8R643iD%-+B<I1?DK!Gc*Dw{c?-8M7cmSr!DWfRw||)oY^YI>Y)nsR%`UinB-c
zLlf~KL*fZCdq`Dc=+H!!_Rc9ohGhO>bmSoSgZ6c8D@gJ}u9mxpOXgw4pvKCL)I^g#
z=<c<qlVx~NYD9B6<)-JP>X_UMSh@^6zKduM!x7{h@VSF+=87O)U*O%8fu4}-&|;{-
za!j`-uQ-yZW_96U=Szt?sZ4y);P8jIinv-H?!@X$r^n4>RXATu!+*FeOkMdpC8V=K
zmV^69+4K8J>9fx&AMJl$`Tf47cYpoB#;@<bY|WuL4}5+1YlrR|Ik$H7&?_3JPn|Ha
zVbILATV56xKTpc`?NfgL{C?%befvmc{{!D`*zny0bANe%<A(1yzVv>1`INrRt5-A+
zn0)Pftj=*2{K9;44oK=UZVl@#L|L7*Vjj<+OQ!<iT&p!Ixe{_fi&>hK5Wx>pf|Z+y
zin5&UhC<l<g$^vf!yV@U`PT!8R0!5Yi^-fzJ-HH0(O~(Y<ZwzzurR75I1zz8#AVYo
z_PTQtG=%}uAwNTlm?@#E!$qs!d3DjatES#n@z{f8P$(Q3ex<i@|BB5Pfp2TMc;JE|
zlRp$nn%7m09UNU&r+leA*{j05)KJ@J$=bG2J9Y@MeuL)hqV*r#SWUTRIQThM@OhY3
zj{cS{Mk8UY_ryr_>Pr)u)};KMc$$`E4tUcF^4b`sL1`F64rCA2Ub>L5g8!V;a=kK@
z*_kdns>5}xyGaDwSjcEPwOk52<-+1Jf#1sy+phE{CI4RUnuc3LPHDD)A18u@>;d-H
zUM`uV?virgcxx=>v2uOjs63X6($A9RQ3R?yA0&8bT&jwt3hC!WiqpN~WP8O)`*2e|
z*t=+4>OnhBQ$_59qE7oKfi0*#MCS`uPmZRnL@j%c)JcA)R0@m{Ef<|BgVSHa;i)PN
zvS(TjsI$+SP~6$R8Xfqyan$m@a3t&zu{AeJ*4*>;eGmNeo^flB%$ap)&A6t&JlAsS
zRLgUJ`Ecjy5%pWvEUl`ax1dh=cEh*p*Z=eWn-1UG&~Wb?vy<Qbt0ndQe=B|X>V193
zI=}qzLz0-F_7c@=C-8H$pSROpm&Tv-)4iVWrJb;TJ>@UKA~>|$z|M4I<t<H;yIG5~
z-I~p-SwYgM1v&a4tHz>MuMy`2$Zk6t6FNOd#fp=X!|R|SWl9RL0-7d2e8rky{&LL~
z5BHrhYV@?}n}vV8^T@~+<u}idB-gz$WBQ?)m|KHAzd|zs@UU~&sn!|tB*wo|S`DX%
z-3}@rQ|`uiQbVg#G&Uo%i9ywaDz%CoRlU$j)nhXkrf69>nl&7>w|m0A<T5RvJ9hA^
zJ2ib0u8H5oAJ+cB`MCic=9UarY=M(`q)`AA$q8BONGF{XCZ`$pNf2EFgPFSIl1FUe
zv`#-0yO|a@+ODTj8{eAd?_2rEmXl<q*!JPfIWx-rBl=Ze)<ZjI-MZORe)Z<EMbmC-
z8Zso@|Kc9K*qYDcSMWyxo?@IlVMf(q0v(cv;vr1i($RqRscC8*h(U+iofiz!3^gYU
zVHVOdi83h!A%|`0vO7pKLbMIvReNrSUgriqSmIgNjF~m+s>ZRyT(Ln7Bl=%=dBdVd
zS3Y#zxQPp%-z4*`6B@@1898wN(E6JC(GzDcnRMxNk73qzH*Z$?_UGs8OMKdTvZYZO
zqg|HXE-@NltTzYz_#k$jdC(@b0(ThIsFWc=!@N1!z*HcPu_?V83&$+Bz%e<mM})zy
zO#)9-Q^&)x!g8&Mr-_pmYtc9r3sbp4=JSzij8#RvdF05!C!U;oum-Gay|!xOm7C&W
z4D_}cUVMvBxAi%;D^PMttS5i@Ez@T`^C8C5l;N7gv?eZ&RtRfuwPBw!ZBjNmQXH-M
zKttBZLP}aOossvwixVXxdO>=zlDtf8f8)iyf7|=l&xKEa`4RuaAA`DGKi(P?PFw!S
zdS}Sjq**Y*{x0Iw{1mfwx@!Y=b=Qo<FQttqwD}0uOmUL$xe({%CUTO<I1RgaG%V6@
zJdrX{QJU$qHsBUyIM{+L?r$<;c$Wrq1d;Ke0eH~HN=z*sI4@kA@Th!N-+SPo%8Opi
zT|D`k`{yoJhRzC=^_cMGgN7R}zTqZXmjnB=N}C2fnZsrKa)ame<(6PAw0;#SSij>}
z+5vl8_wp|+r1r)F__ZF^#KhUaI=n&6Jy|l9mM*Y245Aq`;|5(e#e#hm4z*6v%hD@Y
z%qyEMv{McK)PPon)(O4^tpUV<yp~h#h{8<D4@42?D0GAu{EpoEAHO|t@HiR?DYE&f
zaPmm{&%b)(Z(p>2vtx(m`?fdu{u!IV*KQLCEPd6%Ca7gyQYGxAiMW+7Zzj`~N659r
zqx`)I4|kCLWd9gt$O>iHnD#@}_BwmLJ`Z%Uj!waNj!XJ8^@1t0-A|a!Wwugx*iL<Z
zy9hq8&QA=m?P4?u$;giz4%91pSiT?~C*q^wEuRP6XTOiey+BxEJYEc9*AmTD;(EzM
zUx(EsDTC2uwWGH6(K<odu8LHh2v&&|$xAS!3oOJ+^Vtd;(Ha7iNJsz+B|KqIxSB0G
zaSDSMw;tjL65Z;*eq>uWXU;awhsX!1Th7FEQ~Lh+D49B!uSzJk-~ayhx8BOqgIDPh
z1}(+<H(gd%-<Yx%da)wkYE8H3ycrS{cO(HuJRG1N@@U*7&kO3Iq!XTb;tLqfwYsRi
zUg!b~L}PXcd0}+1XrR1%47*h&oe`Zl|2e8ynjLK)&YC?_RV-a_78b8ttLmBA^9Q%<
z8G)On@<K6K;kDdHT(Smv!AGmLt?5*GMU4;mp(-Jl<9L*KvZ5SOtcV$-sjz_O<S=~A
zY@&zAGo{R#>7tU*M6Urxsf^3j@UB-pSzUt{s!jl-)KuePO*t@1wL^}<`B;p)IzgmN
zS)E){2nI-LBwB%dQY}h7fru4gs!2WSI;go8QW))t-!Nl<2KJ|_?VLYf+jYZMOaYD`
z*RB9>-Ii5=M1Kyq@taX6ju^Or>BL!}6Q?nq*tViu{sX^N87|BdzNbBn(>V;Mdcgz&
zLpZF41becCua72s+mkOX4s)pud>uP&vMsf<o<`&@aQZ>xn+-rVZw~El<m7TMyyJ}i
z0JTzlz59d0O<;dgyYE-YckCIh@6yQl<n1e1gCpseX<}VGc-F;zde@Eb-FWTLn}+qN
zqOFV%PJO3(;(Se>8gOKMMtke@BRM^2DjRoc*X}w?dv~3^yY4!N+FkboPYfoDmG#$I
zG6A?ue_gFsPdfG3HC;xwRVi~jblU0m?f7`=neX{e|F>WQ!$#-?(;Bk1LAf~85vF+`
z?|7mUOk)8i8~94+z+`WS$=MxDt`0Dn?G6T$U1X`uc9;@ceTlYnJ7R=*mlDrdrBzW1
zJHhtpr`PP>edcT0pqPO#0r2Glzs~FmUtR`2Fq&nPKHXw71q@Nyqfbk@@l1bT7nnmG
zV0Px^GniQ{O162_e!nd27<XqSW@w$!SgXD>CMB2O8=Ek^AipYaL8NI=?}@|ni>iWr
zN1T?Ws;Z)~x+|`#s;a0ubAa_;YE;}JfSU+<H=k?nik&ly9XKR;pd&SD$)7DKQPDDj
zM`oizB@B&&E0xM&0jHdHl(D)5ll4iWqXl+e5hLU|&LppOQ3I7YY0$hK@Ak-)tK*vv
zXjcqPR1FzYl_&#Drwmm?RT+$z(_qz^BmAf2F*R<L!8Zx`+QHt-;hyS>uOo}EJ(lt^
z|2!v#Z8Ci{*&ILzwB5|-b~~^UK4oR^tnFx{o;2!dvJJ~F2o}Z$oGG)-ZgQgFwu&+@
zVsWI}BZUcWXPumblFMkZ8mQ#zKoO)t5ghUvH?#veHm-cHx%s_2fEY9TB;tMQre$fd
z^yQ`Sua)CJ<tuNhufM4tYpza#`VY{)TPL@PWrHOy(W$u-%$t<WVL|&yOvp9?<BBP*
z!IEvbbkRIGriBlG@y%MA{&iML#!8G)X!3tVTi*gN8b^y(V{}DZ4EP&Pwpg8X6dnE+
zUc$t$1ss*mbK}AUYycPdviQS#i35CG*yn3oy?{3<d5g*Mwv7#KAFn!0-rR?sl<{p!
z!8WzG_!RS}niMDP!R-asaIz9H%uUd?%1j$Bx|U^N<`^q!H*Qs?8yAh>D5@4Pxa05|
zg@qYtG;2M%dEt_ZO1filvRAS&uN2Fkjo3c_vpaTm`iv70$@&GQ=WXF#cAR<$gA?E{
z)V=8aM)|{ex_R$*T}Qo#ICUjbUUH|}uOxg3G9UA94L{XE>-ZTRw3vl6a+%D0$4*)T
z>ZoHkZQH!D<k6~ZPc79%-2XOAppH7hw3=$8cA!udwZp{fz8ZfDCfCn^$*sa9V@dHj
zP*H`{39yoOebfOus*Kb=d4Lb+gn2*@-FaaM(Vfdr$aW0|2{Kyfg5XM=L$ZSHnsPGP
zZKOqlsa*PwYAhqh$L#KNaN)X1A#_443UYZU$Y(MuE2J~%E$^6E;5kebJAf}(UWrbq
zp<9(^n85qMK44?E-GPV+u>?6x`T9-DTR(nJ+jx2Gm*LBQ-gSUIFbq<UTruq0Hz_-0
zu5<QdxK1<h1o}zkYG;puUdK$^dQ4t62Eha(KFJdt(1q2gs<naO5#Lhcrfa(MO?5GU
z{90``7S4hi=9j>l8o}@NahIvp_h#%J0zkbimm|jM=#@@+9FsYUNx&An)nouI#1;uu
zknF}q61@}-zFmU?DDCeG)cnq#H+lFC3ldk?;m0EgnffL(5A`k35niq*b`WA!y6h9w
z&Z9EmIKsI#RyuK$fWcE9rxP_jv~bG@+*Stev4^_HQSf>^)IIia%snn3bXqKiuGJP?
zO989?=rBkiB)ULkYS<_N<hO!@B+_u-rd!!Ofd#9VU##puvc2!L8Dj?)<yKyTBLy~)
zLCP=qb@%f#I!_kh*C}>a#rWG=n$+n6O7HvCe$KsM-`T(uUV2V9F{=D<0?oOWLQgIj
zcA`Ez4WUbiaf#YtESv4D?v6K!{#<l;v9v`9)OBn%mJ4%f?WHV&y(jwv-83Hy-5Guz
zJCb$hn0=vM-L)xqw*F9-(4J-3AK0_(=Z1INwH)ZKYdNTPEvF1d!Q*4Y>3*Vb8F%XW
zdY4zCw{oEdX8vuaGXA$=2B~m9n72{=aY3NhQk9a0c`SuF=R7dyb_a7_N0|LT6J{!P
z&Ifj%cI|Ru*qOq~z@DJ6mt#Eo9N4AOnCyd%k>e|cjZvfufF9l96YYpkL1%pAoFY+;
zSage5ciZ56SYFhvCv+ivw|3qe8Wryd#XFxX!+Ml+G0%%hk%a6A>0A`g<YiTqRsW}+
z`9I+Iq)M3BE@>wRCT!8h$Fi?NF==xOv{r%5tof;h?k;72K6(sPT_iF~mGl>+#iO0l
z{9r$CA_ifO@HyBVoD0ihYJFG^qu+G;^n%PkvgGvXTUuLhp>HV9E3MjqZar8jd0a6_
zQC9U`2-L$GTSmeh)da^bYF#YTc<2q#h6I|EBW!*N&=hk!nLbhQ5sm_ZMC=pQ>G4>v
zqkW<W>g&Inf&Pb0@;ju!AvwR`N2&Ob7JUt^Q|F2vsPFYvU-*Jq5*;lDQSXXsTO9au
zpuXa(-t+`~)rDV8!tcVhg=@n)SctkLd>LN27Yr_cAitP-DC8xr!O`KpI`^W;i_)D2
z#&ZhQf^@csai7a4c%2>`4i(WyT%~-i!$)x1A1khp&;`6?;ONIEJotq2s`AfEhFtPQ
z!vl}MzlRL1jlFV=6x8-2tM;<h!}@RKyRnM&U$}<$(@~-uM=txPvieR<)TE?a_nG)U
z<nG%+x6vMUkeLqP<-Xl@v3t7fV)v@0%}JZ+ViwIgo$M&oJ9V@F8SSucTH3XTGB*GJ
zJy<|kcY>vrO6cx@X;y801`GBj__z_>!Q$@@mOv)KM%yq`Hm8fK6O6vP&jT41$(?}P
z+AfE?g)nRHGZ-TPV~{J()QEM2615$eCT<Wy`SHvi0+3sr0tZH+k4c?&_*+6|gCS$l
zgW5@jnAwQky}3RdN2u+dz}*R)PB`uCYT$Q=*@K;g3(tDyfgcQ<<=n1$Yqo3NcHyph
zoVeWHIlqQH0#<y-{&`IU)5Yy`P;6WP*E~BFh&A>E4C$2B&S5&tDzL6IwD4fnd3!vL
zW*+9k^a0v?#>oMUFzT7j=1FuJh(gD7yde=CDQKUF(z1KMw)xvn{<!$XIn_!l*^xVB
z$<^D}V$K)Vd5(_bs<~AvRDsO6(RfVOpt)H?fvL8oF<XH1&8#k3y?|bs2NqWE34sER
zxo8>zYxQg4L^;+-<zR>@rO7R&6;e{nnKTFJFep7vOy%T!j(sUECiR}&I%b7t#*Ygg
zH#Ngadz_+DTiqKcdx7K%kRvDG+;cQGcu1_r(1!6td(3$1`o&k)UNm;XjPgNaFB?=I
z8$38Rr{NRL*khkReP{g*_0{#oMg8M7L&q&1KKrT5do}0Gnp%7HpuTneCnRbbYpTb@
zM~zcHKO?F0MTPHlGidL68MplBb+4D7r+d9em+tkH!5S<nWwoJ6f253tAOHOxb`*&h
z?qhc}k}Z8M(9ABpgq{1H@h|L*f4D3Dk*@fM0RK?7IxK^K2=Gsu%z3ON5-E^h$S5HD
z3lRTE_<xE&jrU);k6)s74xtNn^J~6HZ<ktgv8O+S{{+B4%tg7C?f92=#lJ^8{w!xy
z?8o+E9AA^cA5%odtU8XSAEh$!1tdU0QHBQ!LzD-4l>X0Yz&!p7lVLh>FD2e_ilUrx
zU6>XhoH}*QzJ0AFNR4)Wr~-N<KzHtJr$<d!di2TALyE?vL;|a*TY42oK|B<+*VFa}
z8ufO_7q!y}%Vv9b;E{{O7lA|t#nD8UebT4qyfl)FqqI=`r)bsQM?md)eB^`vCm3kz
z<@c6cQc)MkkAq!5e^B|T*hPLY>}?mO;^(P?;sUhoCl-_xR8*b$7b7Rw_>7(<K+jUH
zlDh~i0x}dW?@G~%EJZ=X)+Xda(6@2Ww{?`15r4WRKZ5!;%xwM$4IHa<1!GgH#-Lg+
zcCuG2Rn4kz`{3g<a1LJ(2a)x{dQDodT+K#mV6OLn#)=)%CMr$a<8$Ys?wlb^eFs!>
zHh`}%WJn@@KDz#yrB+%|WX;OvRv1ksDzkfnHhb;oNNw1(sa`D2QXNZ`scDv)j*=YA
zlT;;3tW<WC>n%M*(0Zu^JC%s31(8(uB`QVdONL-Uq%7JK)0FtsmY<kZB3JjqlzVxP
zlFX#(pBDL<giJOYb7A>!pa~j1OU_(K4@{@|8e&&-HFW>$uGfqOU6A1Va4&GlQlxBQ
zLXHAugN(A6q5<Mcb@5bhUn$bJw+^?tBw$5C93^C5O4o95v&w0TO6nD-vcMNdae!6z
zZjc52(0It|OO4oKu$JQENu=J+q&-|oxl~Mw!9qN8JCokLd@34zQJe>s7cQ@)U&aLA
z`Rk11*kaLTd`4+Roo$UDl-84QVF{b3F{$m(8M3CYTzLF9pK030;%tq(E@{~J-io*T
zk9cL-<FEbtz!mrOF90(0E9k6^b^`C)r+jfbGjU`3^|L3Xw!JZN^0Y;|20D6!_60fV
zES3njkj-L|N)l)XX2-FBJt!Agv*TyYe(LJe37bJSa<<5f86tyVb-9DN#U-rYBnSdA
z7iYgGeR;)5F01N1BsrZ!Z4A<8hKY3P3hE|B#CM(QvSP>NN%zmajirWO^1bvP?<AUz
zGhSv|CUr;&y^>3Z@Cj^Y3fLEJT8%#Ur>3S9o@Z)GNS&JUf?#px=BZCZYBAUyET#QF
zn4E$})On|;7}0(@-v||6q{dT6-28ysg08rMU7ZRr+yb3(3sBsG9dM%=B@g!JA%<R`
zpJM1d&uEyyg%PA>5$78Za}X`0ODoPdBu3K&#!=fS#;#c$C(!jP;udwqF$6f~G8}Vt
z*+KM(V=l!pPsOn~lcDnDu#zo`WsqT+0xW6iOjkT}e*#an)Z%=o&L<wQf*QaIYSo<=
z-y5g_)YeEb)~NWF(1=_K7vr{c#kd$SE?^j=vdN1{l`K4m5y@Uz^b6uGULz`NH9%*i
z0Xn2bOHW-Pd>&Dicr4YE>FKIWq|SuR6D<~}P>kg1sXl|k!UiZ5h!-MB$4UlDm3EEX
z4Sg05Vc8iAlVYRP9-Qu|bTd`HZBd{Sc{7tk8vxF3l-3}3$bFFxxi4GS9NGXJ8>SpT
zNGFG#{(_EW;W-~%hyQukQFCZM@-UeB3l7qP=FD}@g5S+A1YYfwLn9q>XtoYHG{T>o
zLrb99?4t~``=E9n<&4u`tHWc2v%iJw&!Ig~m_r+u$)S<+=g{ia92)JAqmH!Q+%buE
zPU@_E0W&2h`wnJOXKHWM>9-Id^$nMqBjV6i1MSMO+Z1gf+?b$2WUT=QX3^?aG|E}T
zJl{(vv(V`cHWo2Q?>uS7r$k`8;)`0nMFj0aw`5reo2Rjr#}uTY2+1bOMx1_Rcgh$l
zqg@<eX8ZVvK2lqX&%45gMyKfDFo>RM>4@MaP2BLr)B_9RhaX(ArD;*Qy!`&TD_(h2
zIrE!k@7{iB-J<1>YG%Lq1NrotefM3yhVT!q8?>d$w;?>>;p<neS8i86Q_d<!Z%IET
z9sKB>=$OYcb996sz+Z83Jy1GzJJkgr5!54r?c^<yoFZ^gyhw}a`6j*egja0X$Fd=p
zC<{I6F!0u*^X5=D&LqnD)RCph1owHyzX;v=9-U{xEVz7q#?_b~Y0A19=ZuQcF751H
zWaP4@7WNF*5O{GeKsVE4eBDit@vGBg@F6#>SM|aJWT>7zXNXKqBYC*)Jd<R2SG#`v
zUxE?D!nrV7sgO7ikmPM_g~-4-fx;NzE>~gnWMHHN{aA#~<)>WYRbj+pYZt2nk-VVK
ztTu<!$n+T%*nUs<5Ho2boHLzgJ@MS3${ts@gL*VqGEHSv=k;V@uL9UZV6Qi+uoq`w
zj{xWA$7CC@z0;NtY#-34rBF7BROF{mtte6P!PrfaicbmPWAg+;8GO7LwkcNek(~ii
zZ8hkKSC`xw^R>^xa$Tpa8L)hvKh!IyclQWSQxj&4?ORW(h;yo*2HZ<%jSBkKi&X6W
z8SHZmv^1rJm8KNN>F{Ap{eT;7^`d50%TK(tq7G@$64nLa^L+MseheLL6x2ANI3LH`
z3r054Cdc3H+O`XC74Z(*x19u=)DX6nAx##kk?gM6Pp1OD^-n6l{xT!)1#THPTv(yC
z&|a?`u9D4H&}3(21Y)vF!_vK)6WBgrvS(%oWS$mto`>jQBiA>X2dZRV`H4GrD49MM
z;m_HI7T`bSdrhr&09}DF_eG|+Jc0f5tg}L!pzEOK-ioo;tHt5uY*AbWOue-@^k#TR
zLy0jug0kdi<ls6a+xk8K_h-9Jwq;LTIN2r}TsTx7lWf`KS_o?*1zRAGik=+s<Xg;~
zKg_&!TyM~Cm}0|4&!*U1rQt#s%dp{M$7?U!I$`cYSn;0y#=_B}ccv=gh;r)JMWw`d
zBU@|Jj}?kCL^=CBEV#L~f@p>ke!ueV6@06%^_UJ;-F#IhpCx<&aulWLl=Dsz@?Cg}
zkUx`Ba#63);iiu>v(Uk#X6)g*@Khn1hU+w0=p|GE=ZqK9*0Pzf9bvxy|8JOOtEcX#
z;Kfv3CwT9p>fjuJHGfxo;xaH#pqgOjd0`G-80H)mX4w^}qcc<;Zdz86CAIAJ{WS0_
zo7V~cq3y=$xk!9Wbpy-g0S+Z}=6xx5-+8dW&OVTg-cFJcQF3DlG0-`mN70kQc&4jp
z?0`24$$*=AZ}~VGO)@y;!jhjtwcCteC%i|Vlkz(U`@eOr?W6OOfcHd@Oe4>onB?tl
zVv?`R#3Ya+PB-2E=NX!W>A-FWCvBvB*3I}Nwfj<?v!~<eoV^=6%-QQOVo%~bPT7-r
zM?Btj#vXPKUue3X%<D3bSQKl;?x*Y>?DN>fE<^V8+kI`R(POh?_6+>i?3g{^FGkxE
zpe;^NS=yDlxI2myvPXj+FrA^|I+5~IUTGnI7Z@R&pD8LoeFlI^{+1$*0Gc<CF;!kH
zRm3!JM12$khO+WRAj1WwSn=I(Qnw5AL05+AZmsU@l0$AfdrJ4Zb{iK2OY1JRK2d}<
z^JYp;^jK|T64Zk4Qe!%0v3s@FD4T@COs<>&efoEp&>=%Ozseq_Er2$xjkP<CQEG;T
z@oA2Fw^vI?<%zP1_Iq0FSoob2Rv*<z3%-3JeaMSd>%1O*VV4o%*>kKjPivj9<@oJm
z#tPHCZQGylkSWRzSBihQb;XF$OMd;xg!eC++B|OGTSxZqeVc#%S>k(nN?_X)%86~t
zub$l&xb6kw+5gZVRt_X?Qc6mQS2@LOPF<SL`VND~wM~t@d#TO`TZ5^6J$;O|R31+i
zTZ0%WDb{5jE;ZJU!4Ru2Efv$JRg`pay$bWNv?WNR<+9dKtCf;^2NnG$F==tRsSQRW
zo^JXj7k;VO*<#}I3e~X#T2)mSb`$)K=-NF8q6UvZV-tSyZJ(X|LJj!R5Xsp)mjBp3
zH}iWIL!zqt<jD^4kw5*Z-LFvgV<1UTYYrluflA_=I#(T_L6nn_EgH1T=u=2o2||lq
zr-yA|Vu1rwEM?Dz5ZvY{%4G}`;qyuKCahu=@xe;=^HwZ$w<Fps7`_<Nb@ocfVul+#
z@jv#PJNYkYY$eLk;TDN(%Q>AHh=USv)IOV2uglD-XNs)8JrJixRn#8#0el+#7ccg5
z+h_zu56+59Z|gcH%w?mEi02s+*6wiBckfc4<3V?vx50IqrosIi=LYjt!YO*rcg_rt
z_5l)ug{SDB(C_OUKmC2}`|9@_gfGcrosK;_+Z4+_9i0tP)T__V*3-gYwZNu#tt%m@
z)_p^G&60-d%W5vVR5PdNND@|#mDksd8l^sepyRdKbGZ%w2hZhhU>6Rrfy*T5Wos%%
zDt}O~tsEwcxsU(tYr|!_T$@L@fiDs60M2?d#Ux)sB@Bq8jI{=|!9FT0X&>sGB@-s)
zG?-qJ9nN!!R?<BM$xV1z1BYWe5wnIJ_vpt6dk%b{*{unc0FsNr$7p~NVl3M9s_<pW
zAvtj7Cu((D;9TM)T-{OXpX{J$ZRh349LI(O`FLCx{tLP;|4(4+yquk2!`TZTz;1d1
z<Yy($dB7z#YNF~3ebxy%k<!vJ7wQW}S=pE=>dqETTlr>l^PBv{H&?E@adI=-F4NAQ
z(k`RVc=v(!8kLFlgc1pLK%i{TiN`xX@x3@R>H&o?29KR~`V>5LP4eyR!GxWkN?UTC
z<LpofqMUn_d0K71F0ZV&j2p`jr!xym*%YIU%w>p6LYx}vTC@T+b?tMFn!1@|bk6mJ
z_UlP}JVVRu_2}q_+OES8I!r)NpZzpLJC7^I4l6o4I7gsHtS=!GI_dz&lDHDG)=D2Q
zV2R<Nextw!tnfhI;&@#4fL$y4;ebw9!I7O(KJ6_}REKL5HN~0ne?katos2^F0BN~M
zqF}@Rf`_Y!|Ba*1j<~dWeA@`#T%Z`p@jRs=_|zj~SB-pZ+wYYBE+Zc<eR<hmS{JN{
zl`999y}Y#L@t$S7#&Bo<Mfd7(ezI;Eea=&md!J*?PDV>2A#>VvQgC_Wz#Qs~C!APl
zuwijV4tx4j@H|g{lC;c=!an_=Lkgf5Wejrpm=cPm0_?~ahjVN^I(*H6-?0X{39t^i
z>ND~Besu%wd9+m8B=aGy><ay8liY_m+3d#fg&C}(Z1^I8ld8SAH<KohUoB;=X3u3H
zbiA!AER=!=1OI#V!f-wr_+dNwICS#B-cJg)I<-dr<+bnd292oYnw#;-#BGy>P}^}n
z*7`>xZEkEkzz?2yuQHa&b_~WPGzr*U)hzn1KD4Ieab_wFGZ8YD0@H9+Vo1aboH@p>
zSB^6#!8h{Z6mK-HB{9+I@f0rhcnV}5KbQ=(0mwriPm%P}1|TnX{dib$Hx?XWaL-AD
zvFO=}qHHvv{rFRlv7pa=42$LaUOBjR<KUUM&uQSVeodK-PqMi0{%1!vCoXNc|IATg
zH+`4|zzus~55S$BpUu*S*37`^Tn2r99Op~w)QQ?53Vk6!pA*L^4j$DE#>|YT5TDqm
z%WH30w&P3>Tv(k`HW=$V0^M<tf3?{0K^*1#Ufh4%^7h&OH!qnoF8f4|d!LE;PN&(R
z|64RoMI*<thjaXY-!@wAc-muNWME)mmR35vxV$u;-{vcWJO={^oPRZ05=Q?&`%j2{
z7W*b3mxF-`Bnkj?DGg)*c-muNWMJS(`+WmQYWzR@zm<I!15gA7yaWKCRR>N0c-n1~
zL1+^}7=>SE{@q9j9wexEFjBQN2N4;1D6)i9!H6I<Cy|ijQVK#>O%4f|LkXpVL<l0H
zR~4lc5s@5%6ms#hAXO+*M2d$TZ1toUk@#ktXe<qUyvaZF@65h8tF~|+{Hf>U=nk=M
z%<40!$qA$-3*$aS(LI7Eu~pR6eH1Ku0U7-p_1ITj)>EiaeVM?zR1oM2^7;o1=hKoy
zK@=wC9P4*rWEMp+DBAV5SHM1?ZdEVC+c$xx+(S}6A(SctXPkNgq25O5B>8_Hp(>Gi
zB;+;gzYw}5)SU|Fmk`Kf>H>A0eMRm!hO~1DZMlvl-^0iZ`+RZ=o@$|C&rJ1MFK~QZ
z`S9c_&$x=NUPD>l@@ziJY6U6I8+n1Q%Hfgn`rqU*$5+sHH_)|pS>}57$s3gQLH2iG
z)E69(r)cZ%NI4yPwuyut>sy>_(W9wYo?6sB<o|ka_cc6E6=&rl*K-a1Yw8p{w~7wE
zYRCh=BYm^pJIAo3p7GqL2Q@>l4d$YEd4;a?8ExygGVoY$aLo-_L=eA;#(+8NedPNd
zxQqRs&BEp|3UfF~JXPv%kWFWjUJr8E4fkwCV`ec*lm#=RXWhv6J#atJAM1(#Kg=OZ
z4yjx}B=4ok`Y?yx*gIyGS&U+{h_a@}c}L@==-CN9Mz6-nM<D(Z7^=F<jJ8OA2mGYo
zre5P3W-)|!W!jy=bZiZUAv*gHenY;~<2S%w)ka{k&lTR$_<rP>KV$_Nd56p&;!4z_
zc-muNV9<fXGKMvbZA@ZJYnaWLLzw%Rk1#)D(O?N<DPdW}a)nii)s1xy>mN2Rwhinu
z><;WlI5apiI971%<9NXFjWdf&g)5Eg61N6-8TS_MS3D6s6L{9~T;ln|E5qBsdyG$v
zFOF{?zX*R5|0e!-0ty1t1WpM25L6Qk5^NIOB6vsei;$2|o6sX+HQ_elS0Z{MFGMv&
zGep;jUK3*yOA}is_DwuQe3$qai8zS`60am>BqvB7lH!mulbR#7O<G1e3JB-Ou*qb|
zJd$;gO_5`fbCA0wA1B`<zeWC%LV-e`!WBg&#Vo}$if@!Wl<Jh0DSc8FQqEAGp`xHN
zPc=dHlA4TKn%XvX74<n9N*Yr%#WWK%S84vz%F&vjwMFZRwu$yK9R-~#oh!OVy6f~z
z^!)Ti^rQ3_=zlUuGMHuX%&@@lgHeIe590+UUM4?GSC}c7^_er6S6J{_7+Hi_v{_uT
z46r<7C1+J&b<Wzy`jicy%^_PE+cMi5c2Rb#>^baP95@{2II=kEIp*MiRgN8w(;U}1
z9&`NSq~sLfw7}_|vyF3_^C2L7<st-xWv&9Q7OqoV{{R3d^^t4<009610O<fo00jU5
z000020096302TlM0RRC<00000c-ozly>8S%6orr1fe-;vL=jP16jX^>hfRQ_$`6Z#
z76pYB)EnaLuCjmfIssDW0eA#jIz&ZDg`nXncm`^|xgG<%2q_@z+Goz(bLM*Hj-&;B
zQm9~NPSP8qz=5tYDsV;fdhc<lHGTAWMmO}`;|qEjT=)2*qTsd1v+4xzJier6rOcUA
zqtf&EvX&|zJiY?{=J8eK;eyBWs)c7Bf7W7H=6_K&{Hh&w)h2S{RH+UW5iQ0o&~ptn
z(ko?_)q#!lmRM0$3GZc(YFdJAl9BR#gz6MUkH@*x86RuleY=bXuq|VpDkU$~q48bT
zbeboMwMo=rGS4{0SbOBQ@pImpZj+Nx!<sg<jn|I0K&7hGEKjNabd9Dmo-)ed%W8jL
z=P{}XT%BM$WahSG1D!CRFjpn+@ZL}#*CRY#&LM0M=Y4iB)~dx_yjFDYzbfzA+i|(g
z9iZr2_7U8W_5OY~+l({LcxcM<bYgg?&lnZ%(|OM80e`T^_a<@QR(17^P^9*+nN=~c
z{o5q_Jf7$Ea=n-{zph(6FYJk}cYdu9+iCRwDYs!ASgc;$hN5#_1#W+fUEIYjwOZ=7
zU+!K^D&2iJnd+g$x+SvzjcosO%b2WhjElQ(BRE&r*iI`pRh#);)@<k*%6)%l@}J$-
zq*_<sL+cmEu3D$o@J{Hk;$7a~+7G~<zEl7Jc-n2yM@&><5Ww;Oz_JTV?;U$@@4e+w
z?7P6)d+(yKMG<guRqV!IqcQQOv0c>IYc%RXjlIPZ_2Aha59(DH-sjD^{4z6{$z+J4
zHU9YV@xS;45+%`MBN`hq*l`d`98Tg%Adw`JNg<Uq(#ar`EV9WVmpt+*ppYWk(3W<z
zrvn}7L}$9tm2PyW2R-RUZ~CC2W8k6~lM+fPqny6<qdx-}$RGye#zO^_RN-X^Lm9?!
zMlh05jAjgD8OL}gFp)`2W(rf8#&l*dlUdAW4s)rN7>=@$P26BVAKA=qc5r~>91}a+
zdCvy+i9=%9C2?%!HXp>vK~C_CpZw+sr+C0UPBV}B?4gE7)N-GPJmWD>cpCYWkC!~>
z1!wT{gT1`r6|V{Kg>P(Q0YMhBh&t*yL<5UyBt#Qomavp%d}cW-Xl5m=S;bWjvz9fi
zV?AH_&Na?*j_bVToy1FmBubJbONyjQnxspHWJ;D~OAhC`z-6v*hl^a|E?YP$x!mNI
z<Vij|r9cX$$nLLeZVc!ah9g`b)HJQq(yb{~?ooY@OKB?0TQnkrN?mCvUCLsmsVq^J
zD$A7r_PH%}wO7}jzMwxGs;#MR3Roq>YiW9IRpC%WYhrpUTJ(CXJ0co?0b`n+p#T5?
zc-lSAy$%6U5C!19mi_U&xYm+jNoa1UJc89|gl0GK5*oEe$s2fwS(SJ>4jI$UHzzqW
zPxZc#x>_6ZwrQ@^Ez8%ANyijq8`3)r=WIZZIiwcZaYD9PQ87*)c2F=slz^gUIC1i_
zN-DD0E<)$X@Bnwm@BwehC<FeKQTcY1mH+RkBCJdpHK59;71jBn2DWu<b9;RP1F#Va
zn_zGkw!r3I*alk*p$6M?VF%P>VF-3&VHXTX!U*i%ggr1C3j1Jh_Gd=gd;qTWXW#$;
L00C3P;+X&dNQ!N|

literal 0
HcmV?d00001

diff --git a/public/assets/error/style.css b/public/assets/error/style.css
new file mode 100644
index 000000000..1149427d4
--- /dev/null
+++ b/public/assets/error/style.css
@@ -0,0 +1,80 @@
+@font-face {
+  font-family: 'Fira Sans';
+  src: url('firasans-regular-webfont.eot');
+  src: url('firasans-regular-webfont.eot?#iefix') format('embedded-opentype'),
+       url('firasans-regular-webfont.woff') format('woff'),
+       url('firasans-regular-webfont.ttf') format('truetype');
+  font-weight: normal;
+  font-style: normal;
+}
+
+html {
+  font-family: "Fira Sans";
+  height: 100%;
+  color: #8c959c;
+  background: #f8f9fa;
+  text-align: center;
+}
+
+.dark {
+  background: #444a4f;
+  color: #919497;
+}
+
+body {
+  display: -webkit-flex;
+  display: -ms-flexbox;
+  display: flex;
+  -webkit-flex-direction: column;
+  -ms-flex-direction: column;
+  flex-direction: column;
+  -webkit-justify-content: center;
+  -ms-flex-pack: center;
+  justify-content: center;
+  -webkit-align-items: center;
+  -ms-flex-align: center;
+  align-items: center;
+  height: 100%;
+  min-height: 600px;
+  margin: 0;
+  padding: 40px 10px;
+  -webkit-box-sizing: border-box;
+  box-sizing: border-box;
+  overflow-x: hidden;
+}
+
+h1 {
+  margin: 0;
+  color: #444a4f;
+  max-width: 450px;
+}
+
+.dark h1 {
+  color: white;
+}
+
+a {
+  color: #f1d158;
+  text-decoration: none;
+}
+a:visited {
+  color: #ccb250;
+}
+
+ul {
+  text-align: left;
+}
+
+p {
+  max-width: 400px;
+  margin: 0 0 20px;
+}
+
+.error-image {
+  height: 650px;
+  width: 100%;
+  margin: 30px 0;
+  background-size: contain;
+  background-position: center;
+  background-repeat: no-repeat;
+}
\ No newline at end of file

From 9e38203af18e8a49093f236779fa51a990daff62 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sat, 15 Aug 2015 09:48:08 +0200
Subject: [PATCH 02/35] Reduce locales for test env.

---
 app/models/translation.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/models/translation.rb b/app/models/translation.rb
index 2f4d9cb58..0d1b94693 100644
--- a/app/models/translation.rb
+++ b/app/models/translation.rb
@@ -15,7 +15,11 @@ load translations from online
 =end
 
   def self.load
-    Locale.where(active: true).each {|locale|
+    locales = Locale.where(active: true)
+    if Rails.env.test?
+      locales = Locale.where(active: true, name: ['en-us', 'de-de'])
+    end
+    locales.each {|locale|
       url = "https://i18n.zammad.com/api/v1/translations/#{locale.locale}"
       if !UserInfo.current_user_id
         UserInfo.current_user_id = 1

From 4e8ee5159ef5214fda3a6aa763d81daca06f6906 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sat, 15 Aug 2015 09:49:15 +0200
Subject: [PATCH 03/35] Moved to separate controller tests.

---
 test/controllers/packages_controller_test.rb  |  92 +++++
 test/controllers/settings_controller_test.rb  |  92 +++++
 .../user_organization_controller_test.rb      | 325 ++++++++++++++++++
 test/unit/rest_test.rb                        | 244 -------------
 4 files changed, 509 insertions(+), 244 deletions(-)
 create mode 100644 test/controllers/packages_controller_test.rb
 create mode 100644 test/controllers/settings_controller_test.rb
 create mode 100644 test/controllers/user_organization_controller_test.rb
 delete mode 100644 test/unit/rest_test.rb

diff --git a/test/controllers/packages_controller_test.rb b/test/controllers/packages_controller_test.rb
new file mode 100644
index 000000000..12d938b53
--- /dev/null
+++ b/test/controllers/packages_controller_test.rb
@@ -0,0 +1,92 @@
+# encoding: utf-8
+require 'test_helper'
+
+class PackagesControllerTest < ActionDispatch::IntegrationTest
+  setup do
+
+    # set accept header
+    @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
+
+    # create agent
+    roles  = Role.where( name: %w(Admin Agent) )
+    groups = Group.all
+
+    UserInfo.current_user_id = 1
+    @admin = User.create_or_update(
+      login: 'packages-admin',
+      firstname: 'Packages',
+      lastname: 'Admin',
+      email: 'packages-admin@example.com',
+      password: 'adminpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create agent
+    roles = Role.where( name: 'Agent' )
+    @agent = User.create_or_update(
+      login: 'packages-agent@example.com',
+      firstname: 'Rest',
+      lastname: 'Agent',
+      email: 'packages-agent@example.com',
+      password: 'agentpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create customer without org
+    roles = Role.where( name: 'Customer' )
+    @customer_without_org = User.create_or_update(
+      login: 'packages-customer1@example.com',
+      firstname: 'Packages',
+      lastname: 'Customer1',
+      email: 'packages-customer1@example.com',
+      password: 'customer1pw',
+      active: true,
+      roles: roles,
+    )
+
+  end
+
+  test 'packages index with admin' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
+
+    # index
+    get '/api/v1/packages', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert(result['packages'])
+
+  end
+
+  test 'packages index with agent' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-agent@example.com', 'adminpw')
+
+    # index
+    get '/api/v1/packages', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['packages'])
+
+  end
+
+  test 'packages index with customer' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-customer1@example.com', 'customer1pw')
+
+    # index
+    get '/api/v1/packages', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['packages'])
+
+  end
+
+end
diff --git a/test/controllers/settings_controller_test.rb b/test/controllers/settings_controller_test.rb
new file mode 100644
index 000000000..984b18378
--- /dev/null
+++ b/test/controllers/settings_controller_test.rb
@@ -0,0 +1,92 @@
+# encoding: utf-8
+require 'test_helper'
+
+class SettingsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+
+    # set accept header
+    @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
+
+    # create agent
+    roles  = Role.where( name: %w(Admin Agent) )
+    groups = Group.all
+
+    UserInfo.current_user_id = 1
+    @admin = User.create_or_update(
+      login: 'packages-admin',
+      firstname: 'Packages',
+      lastname: 'Admin',
+      email: 'packages-admin@example.com',
+      password: 'adminpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create agent
+    roles = Role.where( name: 'Agent' )
+    @agent = User.create_or_update(
+      login: 'packages-agent@example.com',
+      firstname: 'Rest',
+      lastname: 'Agent',
+      email: 'packages-agent@example.com',
+      password: 'agentpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create customer without org
+    roles = Role.where( name: 'Customer' )
+    @customer_without_org = User.create_or_update(
+      login: 'packages-customer1@example.com',
+      firstname: 'Packages',
+      lastname: 'Customer1',
+      email: 'packages-customer1@example.com',
+      password: 'customer1pw',
+      active: true,
+      roles: roles,
+    )
+
+  end
+
+  test 'settings index with admin' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
+
+    # index
+    get '/api/v1/settings', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Array, result.class)
+    assert(result)
+
+  end
+
+  test 'settings index with agent' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-agent@example.com', 'adminpw')
+
+    # index
+    get '/api/v1/settings', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['settings'])
+
+  end
+
+  test 'settings index with customer' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-customer1@example.com', 'customer1pw')
+
+    # index
+    get '/api/v1/settings', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['settings'])
+
+  end
+
+end
diff --git a/test/controllers/user_organization_controller_test.rb b/test/controllers/user_organization_controller_test.rb
new file mode 100644
index 000000000..bce04cc70
--- /dev/null
+++ b/test/controllers/user_organization_controller_test.rb
@@ -0,0 +1,325 @@
+# encoding: utf-8
+require 'test_helper'
+
+class UserOrganizationControllerTest < ActionDispatch::IntegrationTest
+  setup do
+
+    # set accept header
+    @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
+
+    # create agent
+    roles  = Role.where( name: %w(Admin Agent) )
+    groups = Group.all
+
+    UserInfo.current_user_id = 1
+    @admin = User.create_or_update(
+      login: 'rest-admin',
+      firstname: 'Rest',
+      lastname: 'Agent',
+      email: 'rest-admin@example.com',
+      password: 'adminpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create agent
+    roles = Role.where( name: 'Agent' )
+    @agent = User.create_or_update(
+      login: 'rest-agent@example.com',
+      firstname: 'Rest',
+      lastname: 'Agent',
+      email: 'rest-agent@example.com',
+      password: 'agentpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create customer without org
+    roles = Role.where( name: 'Customer' )
+    @customer_without_org = User.create_or_update(
+      login: 'rest-customer1@example.com',
+      firstname: 'Rest',
+      lastname: 'Customer1',
+      email: 'rest-customer1@example.com',
+      password: 'customer1pw',
+      active: true,
+      roles: roles,
+    )
+
+    # create orgs
+    @organization = Organization.create_or_update(
+      name: 'Rest Org',
+    )
+    @organization2 = Organization.create_or_update(
+      name: 'Rest Org #2',
+    )
+    @organization3 = Organization.create_or_update(
+      name: 'Rest Org #3',
+    )
+
+    # create customer with org
+    @customer_with_org = User.create_or_update(
+      login: 'rest-customer2@example.com',
+      firstname: 'Rest',
+      lastname: 'Customer2',
+      email: 'rest-customer2@example.com',
+      password: 'customer2pw',
+      active: true,
+      roles: roles,
+      organization_id: @organization.id,
+    )
+
+  end
+
+  test 'user create tests - no user' do
+
+    # create user with disabled feature
+    Setting.set('user_create_account', false)
+    post '/api/v1/users', {}, @headers
+    assert_response(422)
+    result = JSON.parse(@response.body)
+    assert(result['error'])
+    assert_equal('Feature not enabled!', result['error'])
+
+    # already existing user with enabled feature
+    Setting.set('user_create_account', true)
+    params = { email: 'rest-customer1@example.com' }
+    post '/api/v1/users', params.to_json, @headers
+    assert_response(422)
+    result = JSON.parse(@response.body)
+    assert(result['error'])
+    assert_equal('User already exists!', result['error'])
+
+    # create user with enabled feature
+    params = { firstname: 'Me First', lastname: 'Me Last', email: 'new_here@example.com' }
+    post '/api/v1/users', params.to_json, @headers
+    assert_response(201)
+    result = JSON.parse(@response.body)
+    assert(result)
+
+    assert_equal('Me First', result['firstname'])
+    assert_equal('Me Last', result['lastname'])
+    assert_equal('new_here@example.com', result['login'])
+    assert_equal('new_here@example.com', result['email'])
+
+    # no user
+    get '/api/v1/users', {}, @headers
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal('authentication failed', result['error'])
+  end
+
+  test 'auth tests - not existing user' do
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('not_existing@example.com', 'adminpw')
+
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal('authentication failed', result['error'])
+  end
+
+  test 'auth tests - username auth, wrong pw' do
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'not_existing')
+
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal('authentication failed', result['error'])
+  end
+
+  test 'auth tests - email auth, wrong pw' do
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'not_existing')
+
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal('authentication failed', result['error'])
+  end
+
+  test 'auth tests - username auth' do
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin', 'adminpw')
+
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+  end
+
+  test 'auth tests - email auth' do
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
+
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+  end
+
+  test 'user index with admin' do
+
+    # email auth
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-admin@example.com', 'adminpw')
+
+    # index
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+
+    # index
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+    assert_equal(result.class, Array)
+    assert(result.length >= 3)
+
+    # show/:id
+    get "/api/v1/users/#{@agent.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+    assert_equal(result.class, Hash)
+    assert_equal(result['email'], 'rest-agent@example.com')
+
+    get "/api/v1/users/#{@customer_without_org.id}", {}, 'Authorization' => credentials
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert(result)
+    assert_equal(result.class, Hash)
+    assert_equal(result['email'], 'rest-customer1@example.com')
+
+  end
+
+  test 'user index with customer1' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
+
+    # index
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Array)
+    assert_equal(result.length, 1)
+
+    # show/:id
+    get "/api/v1/users/#{@customer_without_org.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_equal(result['email'], 'rest-customer1@example.com')
+
+    get "/api/v1/users/#{@customer_with_org.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert(result.empty?)
+
+  end
+
+  test 'user index with customer2' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
+
+    # index
+    get '/api/v1/users', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Array)
+    assert_equal(result.length, 1)
+
+    # show/:id
+    get "/api/v1/users/#{@customer_with_org.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_equal(result['email'], 'rest-customer2@example.com')
+
+    get "/api/v1/users/#{@customer_without_org.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    #puts @response.body
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert(result.empty?)
+
+  end
+
+  test 'organization index with agent' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-agent@example.com', 'agentpw')
+
+    # index
+    get '/api/v1/organizations', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Array)
+    assert(result.length >= 3)
+
+    # show/:id
+    get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], 'Rest Org')
+
+    get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], 'Rest Org #2')
+
+  end
+
+  test 'organization index with customer1' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer1@example.com', 'customer1pw')
+
+    # index
+    get '/api/v1/organizations', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Array)
+    assert_equal(result.length, 0)
+
+    # show/:id
+    get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], nil)
+
+    get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], nil)
+
+  end
+
+  test 'organization index with customer2' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('rest-customer2@example.com', 'customer2pw')
+
+    # index
+    get '/api/v1/organizations', {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Array)
+    assert_equal(result.length, 1)
+
+    # show/:id
+    get "/api/v1/organizations/#{@organization.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], 'Rest Org')
+
+    get "/api/v1/organizations/#{@organization2.id}", {}, @headers.merge('Authorization' => credentials)
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal( result.class, Hash)
+    assert_equal( result['name'], nil)
+
+  end
+end
diff --git a/test/unit/rest_test.rb b/test/unit/rest_test.rb
deleted file mode 100644
index 4bc121fdd..000000000
--- a/test/unit/rest_test.rb
+++ /dev/null
@@ -1,244 +0,0 @@
-# encoding: utf-8
-require 'test_helper'
-
-class RestTest < ActiveSupport::TestCase
-
-  test 'users and orgs' do
-
-    if !ENV['BROWSER_URL']
-      puts 'NOTICE: Do not execute rest tests, no BROWSER_URL=http://some_host:port is defined! e. g. export BROWSER_URL=http://localhost:3000'
-      return
-    end
-
-    # create agent
-    roles  = Role.where( name: %w(Admin Agent) )
-    groups = Group.all
-
-    UserInfo.current_user_id = 1
-    admin = User.create_or_update(
-      login: 'rest-admin',
-      firstname: 'Rest',
-      lastname: 'Agent',
-      email: 'rest-admin@example.com',
-      password: 'adminpw',
-      active: true,
-      roles: roles,
-      groups: groups,
-    )
-
-    # create agent
-    roles = Role.where( name: 'Agent' )
-    agent = User.create_or_update(
-      login: 'rest-agent@example.com',
-      firstname: 'Rest',
-      lastname: 'Agent',
-      email: 'rest-agent@example.com',
-      password: 'agentpw',
-      active: true,
-      roles: roles,
-      groups: groups,
-    )
-
-    # create customer without org
-    roles = Role.where( name: 'Customer' )
-    customer_without_org = User.create_or_update(
-      login: 'rest-customer1@example.com',
-      firstname: 'Rest',
-      lastname: 'Customer1',
-      email: 'rest-customer1@example.com',
-      password: 'customer1pw',
-      active: true,
-      roles: roles,
-    )
-
-    # create orgs
-    organization = Organization.create_or_update(
-      name: 'Rest Org',
-    )
-    organization2 = Organization.create_or_update(
-      name: 'Rest Org #2',
-    )
-    organization3 = Organization.create_or_update(
-      name: 'Rest Org #3',
-    )
-
-    # create customer with org
-    customer_with_org = User.create_or_update(
-      login: 'rest-customer2@example.com',
-      firstname: 'Rest',
-      lastname: 'Customer2',
-      email: 'rest-customer2@example.com',
-      password: 'customer2pw',
-      active: true,
-      roles: roles,
-      organization_id: organization.id,
-    )
-
-    # not existing user
-    request = get( 'not_existing@example.com', 'adminpw', '/api/v1/users')
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # username auth, wrong pw
-    request = get( 'rest-admin', 'not_existing', '/api/v1/users' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # email auth, wrong pw
-    request = get( 'rest-admin@example.com', 'not_existing', '/api/v1/users' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # username auth
-    request = get( 'rest-admin', 'adminpw', '/api/v1/users' )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-
-    # email auth
-    request = get( 'rest-admin@example.com', 'adminpw', '/api/v1/users' )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-
-    # /users
-
-    # index
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/users')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert( request[:data].length >= 3 )
-
-    # show/:id
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/users/' + agent.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['email'], 'rest-agent@example.com')
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/users/' + customer_without_org.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['email'], 'rest-customer1@example.com')
-
-    # index
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/users')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert_equal( request[:data].length, 1 )
-
-    # show/:id
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/users/' + customer_without_org.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['email'], 'rest-customer1@example.com')
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/users/' + customer_with_org.id.to_s )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # index
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/users')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert_equal( request[:data].length, 1 )
-
-    # show/:id
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/users/' + customer_with_org.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['email'], 'rest-customer2@example.com')
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/users/' + customer_without_org.id.to_s )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # /organizations
-
-    # index
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/organizations')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert( request[:data].length >= 3 )
-
-    # show/:id
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/organizations/' + organization.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['name'], 'Rest Org')
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/organizations/' + organization2.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['name'], 'Rest Org #2')
-
-    # index
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/organizations')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert_equal( request[:data].length, 0 )
-
-    # show/:id
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/organizations/' + organization.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['name'], nil)
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/organizations/' + organization2.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['name'], nil)
-
-    # index
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/organizations')
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert_equal( request[:data].length, 1 )
-
-    # show/:id
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/organizations/' + organization.id.to_s )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert_equal( request[:data]['name'], 'Rest Org')
-    request = get( 'rest-customer2@example.com', 'customer2pw', '/api/v1/organizations/' + organization2.id.to_s )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # packages
-    request = get( 'rest-admin@example.com', 'adminpw', '/api/v1/packages' )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Hash)
-    assert( request[:data]['packages'] )
-
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/packages' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/packages' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    # settings
-    request = get( 'rest-admin@example.com', 'adminpw', '/api/v1/settings' )
-    assert_equal( request[:response].code, '200' )
-    assert_equal( request[:data].class, Array)
-    assert( request[:data][0] )
-
-    request = get( 'rest-agent@example.com', 'agentpw', '/api/v1/settings' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-    request = get( 'rest-customer1@example.com', 'customer1pw', '/api/v1/settings' )
-    assert_equal( request[:response].code, '401' )
-    assert_equal( request[:data].class, NilClass)
-
-  end
-  def get(user, pw, url)
-
-    response = UserAgent.get(
-      "#{ENV['BROWSER_URL']}#{url}",
-      {},
-      {
-        json: true,
-        user: user,
-        password: pw,
-      }
-    )
-    #puts 'URL: ' + url
-    #puts response.code.to_s
-    #puts response.body.to_s
-    { data: response.data, response: response }
-  end
-end

From e21966aede657f29806f329eeb2535c39f0f5915 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sat, 15 Aug 2015 10:11:02 +0200
Subject: [PATCH 04/35] Fixed typo.

---
 app/models/translation.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/translation.rb b/app/models/translation.rb
index 0d1b94693..0f10fffff 100644
--- a/app/models/translation.rb
+++ b/app/models/translation.rb
@@ -17,7 +17,7 @@ load translations from online
   def self.load
     locales = Locale.where(active: true)
     if Rails.env.test?
-      locales = Locale.where(active: true, name: ['en-us', 'de-de'])
+      locales = Locale.where(active: true, locale: ['en-us', 'de-de'])
     end
     locales.each {|locale|
       url = "https://i18n.zammad.com/api/v1/translations/#{locale.locale}"

From 67c708daa5610286138582a23ac99284e6cabc42 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sat, 15 Aug 2015 11:21:53 +0200
Subject: [PATCH 05/35] Upgrade to new rails 4 behaviour.

---
 config/initializers/secret_token.rb | 7 -------
 config/secrets.yml                  | 8 ++++++++
 2 files changed, 8 insertions(+), 7 deletions(-)
 delete mode 100644 config/initializers/secret_token.rb
 create mode 100644 config/secrets.yml

diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
deleted file mode 100644
index 36b418e58..000000000
--- a/config/initializers/secret_token.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-Zammad::Application.config.secret_token = '7e2713d027d0cd980171f483a37bff6304f7e994f07f337b6130fec20c2e9c8f8093a9fc70128f13fe9d006f7f785064c8e612e92c6171cb35ba675b626f633d'
diff --git a/config/secrets.yml b/config/secrets.yml
new file mode 100644
index 000000000..39df6a8fa
--- /dev/null
+++ b/config/secrets.yml
@@ -0,0 +1,8 @@
+development:
+  secret_key_base: secret_key_base_is_not_used
+
+test:
+  secret_key_base: secret_key_base_is_not_used
+
+production:
+  secret_key_base: secret_key_base_is_not_used

From 4655039cd104c099ebaf05620dd1cbafd45dc657 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 01:27:11 +0200
Subject: [PATCH 06/35] Merged /api/v1/search and /api/v1/search/object
 controller methods. Added controller tests for permission handling.

---
 .../app/controllers/navigation.js.coffee      |  54 ++-
 .../app/views/navigation/result.jst.eco       |   7 +-
 app/controllers/search_controller.rb          |  97 +---
 config/routes/search.rb                       |   4 +-
 test/controllers/search_controller_test.rb    | 425 ++++++++++++++++++
 5 files changed, 467 insertions(+), 120 deletions(-)
 create mode 100644 test/controllers/search_controller_test.rb

diff --git a/app/assets/javascripts/app/controllers/navigation.js.coffee b/app/assets/javascripts/app/controllers/navigation.js.coffee
index 56fc6dac4..c0a99af81 100644
--- a/app/assets/javascripts/app/controllers/navigation.js.coffee
+++ b/app/assets/javascripts/app/controllers/navigation.js.coffee
@@ -142,15 +142,15 @@ class App.Navigation extends App.ControllerWidgetPermanent
     searchFunction = =>
 
       # use cache for search result
-      if @searchResultCache[@term]
-        @renderResult( @searchResultCache[@term] )
+      if @searchResultCache[@query]
+        @renderResult( @searchResultCache[@query] )
 
       App.Ajax.request(
         id:    'search'
         type:  'GET'
         url:   @apiPath + '/search'
         data:
-          term: @term
+          query: @query
         processData: true,
         success: (data, status, xhr) =>
 
@@ -158,25 +158,21 @@ class App.Navigation extends App.ControllerWidgetPermanent
           App.Collection.loadAssets( data.assets )
 
           # cache search result
-          @searchResultCache[@term] = data.result
+          @searchResultCache[@query] = data.result
 
-          result = data.result
-          for area in result
-            if area.name is 'Ticket'
-              area.result = []
-              for id in area.ids
-                ticket = App.Ticket.find( id )
-                area.result.push ticket.searchResultAttributes()
-            else if area.name is 'User'
-              area.result = []
-              for id in area.ids
-                user = App.User.find( id )
-                area.result.push user.searchResultAttributes()
-            else if area.name is 'Organization'
-              area.result = []
-              for id in area.ids
-                organization = App.Organization.find( id )
-                area.result.push organization.searchResultAttributes()
+          result = {}
+          for item in data.result
+            if App[item.type] && App[item.type].find
+              if !result[item.type]
+                result[item.type] = []
+              item_object = App[item.type].find(item.id)
+              if item_object.searchResultAttributes
+                item_object_search_attributes = item_object.searchResultAttributes()
+                result[item.type].push item_object_search_attributes
+              else
+                @log 'error', "No such model #{item.type.toLocaleLowerCase()}.searchResultAttributes()"
+            else
+              @log 'error', "No such model App.#{item.type}"
 
           @renderResult(result)
 
@@ -219,9 +215,9 @@ class App.Navigation extends App.ControllerWidgetPermanent
       removePopovers()
 
       # check if search is needed
-      term = @$('#global-search').val().trim()
-      return if !term
-      @term = term
+      query = @$('#global-search').val().trim()
+      return if !query
+      @query = query
       @delay( searchFunction, 220, 'search' )
     )
 
@@ -239,11 +235,11 @@ class App.Navigation extends App.ControllerWidgetPermanent
         return
 
       # on other keys, show result
-      term = @$('#global-search').val().trim()
-      return if !term
-      return if term is @term
-      @term = term
-      @$('.search').toggleClass('filled', !!@term)
+      query = @$('#global-search').val().trim()
+      return if !query
+      return if query is @query
+      @query = query
+      @$('.search').toggleClass('filled', !!@query)
       @delay( searchFunction, 200, 'search' )
     )
 
diff --git a/app/assets/javascripts/app/views/navigation/result.jst.eco b/app/assets/javascripts/app/views/navigation/result.jst.eco
index 3c79809d4..ed0d6404d 100644
--- a/app/assets/javascripts/app/views/navigation/result.jst.eco
+++ b/app/assets/javascripts/app/views/navigation/result.jst.eco
@@ -1,6 +1,7 @@
-<% for area, i in @result: %>
-  <% if i > 0: %> <li class="divider"></li> <% end %>
-  <% for item in area.result: %>
+<% for area, items of @result: %>
+  <% if done && items.length > 0: %> <li class="divider"></li> <% end %>
+  <% done = true %>
+  <% for item in items: %>
     <li>
       <a href="<%- item.url %>" class="nav-tab nav-tab--search <%= item.class %>" data-id="<%= item.id %>">
         <div class="nav-tab-icon">
diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index 2b8469e8d..66394c20c 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -3,12 +3,13 @@
 class SearchController < ApplicationController
   before_action :authentication_check
 
+  # GET|POST /api/v1/search
   # GET|POST /api/v1/search/:objects
 
   def search_generic
 
-    # enable search only for agents and admins
-    if !current_user.role?(Z_ROLENAME_AGENT) && !current_user.role?(Z_ROLENAME_ADMIN)
+    # enable search only for users with valid session
+    if !current_user
       response_access_deny
       return true
     end
@@ -19,9 +20,15 @@ class SearchController < ApplicationController
 
     # convert objects string into array of class names
     # e.g. user-ticket-another_object = %w( User Ticket AnotherObject )
-    objects = params[:objects].split('-').map(&:camelize)
+    if !params[:objects]
+      objects_all = %w( Ticket User Organization )
+    else
+      objects_all = params[:objects].split('-').map(&:camelize)
+    end
+    objects = objects_all.clone
+puts "OBJECTS: #{objects.inspect}"
     search_tickets = objects.delete('Ticket')
-
+puts "OBJECTS_a: #{objects_all.inspect}/#{search_tickets.inspect}"
     # try search index backend
     assets = {}
     result = []
@@ -53,7 +60,7 @@ class SearchController < ApplicationController
     else
 
       # do query
-      objects.each { |object|
+      objects_all.each { |object|
 
         found_objects = object.constantize.search(
           query:        query,
@@ -78,84 +85,4 @@ class SearchController < ApplicationController
     }
   end
 
-  # GET /api/v1/search
-  def search
-
-    # get params
-    query = params[:term]
-    limit = params[:limit] || 10
-
-    assets  = {}
-    result  = []
-    objects = %w( Ticket User Organization )
-    if SearchIndexBackend.enabled?
-
-      # to ticket search in serparate call
-      objects.delete('Ticket')
-
-      # to query search index backend (excluse tickets here, see below)
-      found_objects = {}
-      items = SearchIndexBackend.search( query, limit, objects )
-      items.each { |item|
-        require item[:type].to_filename
-        record = Kernel.const_get( item[:type] ).find( item[:id] )
-        assets = record.assets(assets)
-
-        found_objects[ item[:type] ] ||= []
-        found_objects[ item[:type] ].push item[:id]
-      }
-
-      # do ticket query by Ticket class to handle ticket permissions
-      tickets = Ticket.search(
-        query: query,
-        limit: limit,
-        current_user: current_user,
-      )
-      tickets.each do |ticket|
-        found_objects[ 'Ticket' ] ||= []
-        found_objects[ 'Ticket' ].push ticket.id
-      end
-
-      # generate whole result
-      found_objects.each { |object, object_ids|
-
-        data = {
-          name: object,
-          ids:  object_ids,
-        }
-        result.push data
-      }
-    else
-
-      objects.each { |object|
-
-        found_objects = object.constantize.search(
-          query:        query,
-          limit:        limit,
-          current_user: current_user,
-        )
-
-        object_ids = []
-        found_objects.each do |found_object|
-          object_ids.push found_object.id
-          assets = found_object.assets(assets)
-        end
-
-        next if object_ids.empty?
-
-        data = {
-          name: object,
-          ids:  object_ids,
-        }
-        result.push data
-      }
-    end
-
-    # return result
-    render json: {
-      assets: assets,
-      result: result,
-    }
-  end
-
 end
diff --git a/config/routes/search.rb b/config/routes/search.rb
index 44eed8c42..fd4b0fb94 100644
--- a/config/routes/search.rb
+++ b/config/routes/search.rb
@@ -2,8 +2,6 @@ Zammad::Application.routes.draw do
   api_path = Rails.configuration.api_path
 
   # search
-  match api_path + '/search',           to: 'search#search', via: [:get, :post]
-
-  # search_generic
+  match api_path + '/search',           to: 'search#search_generic', via: [:get, :post]
   match api_path + '/search/:objects',  to: 'search#search_generic', via: [:get, :post]
 end
diff --git a/test/controllers/search_controller_test.rb b/test/controllers/search_controller_test.rb
new file mode 100644
index 000000000..faefb8945
--- /dev/null
+++ b/test/controllers/search_controller_test.rb
@@ -0,0 +1,425 @@
+# encoding: utf-8
+require 'test_helper'
+
+class SearchControllerTest < ActionDispatch::IntegrationTest
+  setup do
+
+    # set accept header
+    @headers = { 'ACCEPT' => 'application/json', 'CONTENT_TYPE' => 'application/json' }
+
+    # create agent
+    roles  = Role.where( name: %w(Admin Agent) )
+    groups = Group.all
+
+    UserInfo.current_user_id = 1
+    @admin = User.create_or_update(
+      login: 'search-admin',
+      firstname: 'Search',
+      lastname: 'Admin',
+      email: 'search-admin@example.com',
+      password: 'adminpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create agent
+    roles = Role.where( name: 'Agent' )
+    @agent = User.create_or_update(
+      login: 'search-agent@example.com',
+      firstname: 'Search 1234',
+      lastname: 'Agent',
+      email: 'search-agent@example.com',
+      password: 'agentpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+
+    # create customer without org
+    roles = Role.where( name: 'Customer' )
+    @customer_without_org = User.create_or_update(
+      login: 'search-customer1@example.com',
+      firstname: 'Search',
+      lastname: 'Customer1',
+      email: 'search-customer1@example.com',
+      password: 'customer1pw',
+      active: true,
+      roles: roles,
+    )
+
+    # create orgs
+    @organization = Organization.create_or_update(
+      name: 'Rest Org',
+    )
+    @organization2 = Organization.create_or_update(
+      name: 'Rest Org #2',
+    )
+    @organization3 = Organization.create_or_update(
+      name: 'Rest Org #3',
+    )
+
+    # create customer with org
+    @customer_with_org2 = User.create_or_update(
+      login: 'search-customer2@example.com',
+      firstname: 'Search',
+      lastname: 'Customer2',
+      email: 'search-customer2@example.com',
+      password: 'customer2pw',
+      active: true,
+      roles: roles,
+      organization_id: @organization.id,
+    )
+
+    @customer_with_org3 = User.create_or_update(
+      login: 'search-customer3@example.com',
+      firstname: 'Search',
+      lastname: 'Customer3',
+      email: 'search-customer3@example.com',
+      password: 'customer3pw',
+      active: true,
+      roles: roles,
+      organization_id: @organization.id,
+    )
+
+    Ticket.all.destroy_all
+
+    @ticket1 = Ticket.create(
+      title: 'test 1234-1',
+      group: Group.lookup( name: 'Users'),
+      customer_id: @customer_without_org.id,
+      state: Ticket::State.lookup( name: 'new' ),
+      priority: Ticket::Priority.lookup( name: '2 normal' ),
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+    @article1 = Ticket::Article.create(
+      ticket_id: @ticket1.id,
+      from: 'some_sender1@example.com',
+      to: 'some_recipient1@example.com',
+      subject: 'some subject1',
+      message_id: 'some@id',
+      body: 'some message1',
+      internal: false,
+      sender: Ticket::Article::Sender.where(name: 'Customer').first,
+      type: Ticket::Article::Type.where(name: 'email').first,
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+    sleep 1
+    @ticket2 = Ticket.create(
+      title: 'test 1234-2',
+      group: Group.lookup( name: 'Users'),
+      customer_id: @customer_with_org2.id,
+      state: Ticket::State.lookup( name: 'new' ),
+      priority: Ticket::Priority.lookup( name: '2 normal' ),
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+    @article2 = Ticket::Article.create(
+      ticket_id: @ticket2.id,
+      from: 'some_sender2@example.com',
+      to: 'some_recipient2@example.com',
+      subject: 'some subject2',
+      message_id: 'some@id',
+      body: 'some message2',
+      internal: false,
+      sender: Ticket::Article::Sender.where(name: 'Customer').first,
+      type: Ticket::Article::Type.where(name: 'email').first,
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+    sleep 1
+    @ticket3 = Ticket.create(
+      title: 'test 1234-2',
+      group: Group.lookup( name: 'Users'),
+      customer_id: @customer_with_org3.id,
+      state: Ticket::State.lookup( name: 'new' ),
+      priority: Ticket::Priority.lookup( name: '2 normal' ),
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+    @article3 = Ticket::Article.create(
+      ticket_id: @ticket3.id,
+      from: 'some_sender3@example.com',
+      to: 'some_recipient3@example.com',
+      subject: 'some subject3',
+      message_id: 'some@id',
+      body: 'some message3',
+      internal: false,
+      sender: Ticket::Article::Sender.where(name: 'Customer').first,
+      type: Ticket::Article::Type.where(name: 'email').first,
+      updated_by_id: 1,
+      created_by_id: 1,
+    )
+  end
+
+  test 'settings index with nobody' do
+
+    params = {
+      query: 'test 1234',
+      limit: 2,
+    }
+
+    post '/api/v1/search/ticket', params.to_json, @headers
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result.empty?)
+
+    post '/api/v1/search/user', params.to_json, @headers
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result.empty?)
+
+    post '/api/v1/search', params.to_json, @headers
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result.empty?)
+
+  end
+
+  test 'settings index with admin' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-admin@example.com', 'adminpw')
+
+    params = {
+      query: '1234*',
+      limit: 1,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('User', result['result'][1]['type'])
+    assert_equal(@agent.id, result['result'][1]['id'])
+    assert_not(result['result'][2])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_equal('Ticket', result['result'][2]['type'])
+    assert_equal(@ticket1.id, result['result'][2]['id'])
+    assert_equal('User', result['result'][3]['type'])
+    assert_equal(@agent.id, result['result'][3]['id'])
+    assert_not(result['result'][4])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_equal('Ticket', result['result'][2]['type'])
+    assert_equal(@ticket1.id, result['result'][2]['id'])
+    assert_not(result['result'][3])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert_equal('User', result['result'][0]['type'])
+    assert_equal(@agent.id, result['result'][0]['id'])
+    assert_not(result['result'][1])
+
+  end
+
+  test 'settings index with agent' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-agent@example.com', 'agentpw')
+
+    params = {
+      query: '1234*',
+      limit: 1,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('User', result['result'][1]['type'])
+    assert_equal(@agent.id, result['result'][1]['id'])
+    assert_not(result['result'][2])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_equal('Ticket', result['result'][2]['type'])
+    assert_equal(@ticket1.id, result['result'][2]['id'])
+    assert_equal('User', result['result'][3]['type'])
+    assert_equal(@agent.id, result['result'][3]['id'])
+    assert_not(result['result'][4])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_equal('Ticket', result['result'][2]['type'])
+    assert_equal(@ticket1.id, result['result'][2]['id'])
+    assert_not(result['result'][3])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert_equal('User', result['result'][0]['type'])
+    assert_equal(@agent.id, result['result'][0]['id'])
+    assert_not(result['result'][1])
+
+  end
+
+  test 'settings index with customer 1' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer1@example.com', 'customer1pw')
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket1.id, result['result'][0]['id'])
+    assert_not(result['result'][1])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket1.id, result['result'][0]['id'])
+    assert_not(result['result'][1])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert_not(result['result'][0])
+
+  end
+
+  test 'settings index with customer 2' do
+
+    credentials = ActionController::HttpAuthentication::Basic.encode_credentials('search-customer2@example.com', 'customer2pw')
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_not(result['result'][2])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/ticket', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert(result)
+    assert_equal('Ticket', result['result'][0]['type'])
+    assert_equal(@ticket3.id, result['result'][0]['id'])
+    assert_equal('Ticket', result['result'][1]['type'])
+    assert_equal(@ticket2.id, result['result'][1]['id'])
+    assert_not(result['result'][2])
+
+    params = {
+      query: '1234*',
+      limit: 10,
+    }
+
+    post '/api/v1/search/user', params.to_json, @headers.merge('Authorization' => credentials)
+    assert_response(200)
+    result = JSON.parse(@response.body)
+    assert_equal(Hash, result.class)
+    assert_not(result['result'][0])
+
+  end
+
+
+end

From a6df782fef420ce583d550932863a57ddc1c86a6 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 01:27:45 +0200
Subject: [PATCH 07/35] Small improvement.

---
 test/controllers/packages_controller_test.rb | 11 +++++++++++
 test/controllers/settings_controller_test.rb | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/test/controllers/packages_controller_test.rb b/test/controllers/packages_controller_test.rb
index 12d938b53..4992801d5 100644
--- a/test/controllers/packages_controller_test.rb
+++ b/test/controllers/packages_controller_test.rb
@@ -50,6 +50,17 @@ class PackagesControllerTest < ActionDispatch::IntegrationTest
 
   end
 
+  test 'packages index with nobody' do
+
+    # index
+    get '/api/v1/packages'
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['packages'])
+
+  end
+
   test 'packages index with admin' do
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')
diff --git a/test/controllers/settings_controller_test.rb b/test/controllers/settings_controller_test.rb
index 984b18378..9ff63a560 100644
--- a/test/controllers/settings_controller_test.rb
+++ b/test/controllers/settings_controller_test.rb
@@ -50,6 +50,17 @@ class SettingsControllerTest < ActionDispatch::IntegrationTest
 
   end
 
+  test 'settings index with nobody' do
+
+    # index
+    get '/api/v1/settings'
+    assert_response(401)
+    result = JSON.parse(@response.body)
+    assert_equal(result.class, Hash)
+    assert_not(result['settings'])
+
+  end
+
   test 'settings index with admin' do
 
     credentials = ActionController::HttpAuthentication::Basic.encode_credentials('packages-admin@example.com', 'adminpw')

From b2aa52c22adde47185c68c25e797d70a170207f8 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 02:53:27 +0200
Subject: [PATCH 08/35] Fixed searchable models as customer user. Added
 model.search_preferences to get searchable models by config.

---
 app/controllers/search_controller.rb       | 119 ++++++++++++++-------
 app/models/organization/search.rb          |  29 ++++-
 app/models/ticket/search.rb                |  26 +++++
 app/models/user/search.rb                  |  29 ++++-
 lib/search_index_backend.rb                |   4 +-
 test/controllers/search_controller_test.rb |  31 ++++++
 6 files changed, 193 insertions(+), 45 deletions(-)

diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index 66394c20c..7e0025692 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -21,60 +21,78 @@ class SearchController < ApplicationController
     # convert objects string into array of class names
     # e.g. user-ticket-another_object = %w( User Ticket AnotherObject )
     if !params[:objects]
-      objects_all = %w( Ticket User Organization )
+      objects = %w( Ticket User Organization )
     else
-      objects_all = params[:objects].split('-').map(&:camelize)
+      objects = params[:objects].split('-').map(&:camelize)
     end
-    objects = objects_all.clone
-puts "OBJECTS: #{objects.inspect}"
-    search_tickets = objects.delete('Ticket')
-puts "OBJECTS_a: #{objects_all.inspect}/#{search_tickets.inspect}"
+
+    # get priorities of result
+    objects_in_order = []
+    objects_in_order_hash = {}
+    objects.each { |object|
+      preferences = object.constantize.search_preferences(current_user)
+      next if !preferences
+      objects_in_order_hash[preferences[:prio]] = object
+    }
+    objects_in_order_hash.keys.sort.reverse.each {|prio|
+      objects_in_order.push objects_in_order_hash[prio]
+    }
+
     # try search index backend
     assets = {}
     result = []
     if SearchIndexBackend.enabled?
-      items = SearchIndexBackend.search( query, limit, objects )
-      items.each { |item|
-        require item[:type].to_filename
-        record = Kernel.const_get( item[:type] ).find( item[:id] )
-        assets = record.assets(assets)
-        result.push item
+
+      # get direct search index based objects
+      objects_with_direct_search_index = []
+      objects_without_direct_search_index = []
+      objects.each { |object|
+        preferences = object.constantize.search_preferences(current_user)
+        next if !preferences
+        if preferences[:direct_search_index]
+          objects_with_direct_search_index.push object
+        else
+          objects_without_direct_search_index.push object
+        end
       }
 
-      # do ticket query by Ticket class to handle ticket permissions
-      if search_tickets
-        tickets = Ticket.search(
-          query: query,
-          limit: limit,
-          current_user: current_user,
-        )
-        tickets.each do |ticket|
-          assets = ticket.assets(assets)
-          item = {
-            id: ticket.id,
-            type: 'Ticket',
-          }
+      # do only one query to index search backend
+      if !objects_with_direct_search_index.empty?
+        items = SearchIndexBackend.search( query, limit, objects_with_direct_search_index )
+        items.each { |item|
+          require item[:type].to_filename
+          record = Kernel.const_get( item[:type] ).find( item[:id] )
+          assets = record.assets(assets)
           result.push item
-        end
+        }
       end
+
+      # e. g. do ticket query by Ticket class to handle ticket permissions
+      objects_without_direct_search_index.each { |object|
+        object_result = search_generic_backend(object, query, limit, current_user, assets)
+        if !object_result.empty?
+          result = result.concat(object_result)
+        end
+      }
+
+      # sort order by object priority
+      result_in_order = []
+      objects_in_order.each { |object|
+        result.each {|item|
+          next if item[:type] != object
+          item[:id] = item[:id].to_i
+          result_in_order.push item
+        }
+      }
+      result = result_in_order
+
     else
 
       # do query
-      objects_all.each { |object|
-
-        found_objects = object.constantize.search(
-          query:        query,
-          limit:        limit,
-          current_user: current_user,
-        )
-
-        found_objects.each do |found_object|
-          item = {
-            id:   found_object.id,
-            type: found_object.class.to_s
-          }
-          result.push item
-          assets = found_object.assets(assets)
+      objects_in_order.each { |object|
+        object_result = search_generic_backend(object, query, limit, current_user, assets)
+        if !object_result.empty?
+          result = result.concat(object_result)
         end
       }
     end
@@ -85,4 +103,23 @@ puts "OBJECTS_a: #{objects_all.inspect}/#{search_tickets.inspect}"
     }
   end
 
+  private
+
+  def search_generic_backend(object, query, limit, current_user, assets)
+    found_objects = object.constantize.search(
+      query:        query,
+      limit:        limit,
+      current_user: current_user,
+    )
+    result = []
+    found_objects.each do |found_object|
+      item = {
+        id:   found_object.id,
+        type: found_object.class.to_s
+      }
+      result.push item
+      assets = found_object.assets(assets)
+    end
+    result
+  end
 end
diff --git a/app/models/organization/search.rb b/app/models/organization/search.rb
index a9ab57261..1eb8448a1 100644
--- a/app/models/organization/search.rb
+++ b/app/models/organization/search.rb
@@ -5,6 +5,33 @@ class Organization
 
 =begin
 
+search organizations preferences
+
+  result = Organization.search_preferences(user_model)
+
+returns if user has permissions to search
+
+  result = {
+    prio: 1000,
+    direct_search_index: true
+  }
+
+returns if user has no permissions to search
+
+  result = false
+
+=end
+
+    def search_preferences(current_user)
+      return false if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
+      {
+        prio: 1000,
+        direct_search_index: true,
+      }
+    end
+
+=begin
+
 search organizations
 
   result = Organization.search(
@@ -27,7 +54,7 @@ returns
       current_user = params[:current_user]
 
       # enable search only for agents and admins
-      return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
+      return [] if !search_preferences(current_user)
 
       # try search index backend
       if SearchIndexBackend.enabled?
diff --git a/app/models/ticket/search.rb b/app/models/ticket/search.rb
index 0a00baa50..338f3cd4a 100644
--- a/app/models/ticket/search.rb
+++ b/app/models/ticket/search.rb
@@ -3,6 +3,32 @@ module Ticket::Search
 
 =begin
 
+search tickets preferences
+
+  result = Ticket.search_preferences(user_model)
+
+returns if user has permissions to search
+
+  result = {
+    prio: 3000,
+    direct_search_index: false
+  }
+
+returns if user has no permissions to search
+
+  result = false
+
+=end
+
+    def search_preferences(_current_user)
+      {
+        prio: 3000,
+        direct_search_index: false,
+      }
+    end
+
+=begin
+
 search tickets via search index
 
   result = Ticket.search(
diff --git a/app/models/user/search.rb b/app/models/user/search.rb
index 1c470b4b5..54db73abe 100644
--- a/app/models/user/search.rb
+++ b/app/models/user/search.rb
@@ -5,6 +5,33 @@ class User
 
 =begin
 
+search user preferences
+
+  result = User.search_preferences(user_model)
+
+returns if user has permissions to search
+
+  result = {
+    prio: 1000,
+    direct_search_index: true
+  }
+
+returns if user has no permissions to search
+
+  result = false
+
+=end
+
+    def search_preferences(current_user)
+      return false if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
+      {
+        prio: 2000,
+        direct_search_index: true,
+      }
+    end
+
+=begin
+
 search user
 
   result = User.search(
@@ -27,7 +54,7 @@ returns
       current_user = params[:current_user]
 
       # enable search only for agents and admins
-      return [] if !current_user.role?('Agent') && !current_user.role?(Z_ROLENAME_ADMIN)
+      return [] if !search_preferences(current_user)
 
       # try search index backend
       if SearchIndexBackend.enabled?
diff --git a/lib/search_index_backend.rb b/lib/search_index_backend.rb
index 30d2efa4b..b7c84bdd7 100644
--- a/lib/search_index_backend.rb
+++ b/lib/search_index_backend.rb
@@ -150,7 +150,7 @@ return search result
 
 =end
 
-  def self.search( query, _limit = 10, index = nil, query_extention = {} )
+  def self.search( query, limit = 10, index = nil, query_extention = {} )
     return [] if !query
 
     url = build_url()
@@ -166,7 +166,7 @@ return search result
     end
     data = {}
     data['from'] = 0
-    data['size'] = 10
+    data['size'] = limit
     data['sort'] =
     [
       {
diff --git a/test/controllers/search_controller_test.rb b/test/controllers/search_controller_test.rb
index faefb8945..760241ae4 100644
--- a/test/controllers/search_controller_test.rb
+++ b/test/controllers/search_controller_test.rb
@@ -152,6 +152,37 @@ class SearchControllerTest < ActionDispatch::IntegrationTest
       updated_by_id: 1,
       created_by_id: 1,
     )
+
+    # configure es
+    if ENV['ES_URL']
+      #fail "ERROR: Need ES_URL - hint ES_URL='http://172.0.0.1:9200'"
+      Setting.set('es_url', ENV['ES_URL'])
+
+      # Setting.set('es_url', 'http://172.0.0.1:9200')
+      # Setting.set('es_index', 'estest.local_zammad')
+      # Setting.set('es_user', 'elasticsearch')
+      # Setting.set('es_password', 'zammad')
+
+      # set max attachment size in mb
+      Setting.set('es_attachment_max_size_in_mb', 1 )
+
+      if ENV['ES_INDEX']
+        #fail "ERROR: Need ES_INDEX - hint ES_INDEX='estest.local_zammad'"
+        Setting.set('es_index', ENV['ES_INDEX'])
+      end
+
+      # drop/create indexes
+      #Rake::Task["searchindex:drop"].execute
+      #Rake::Task["searchindex:create"].execute
+      system('rake searchindex:rebuild')
+
+      # execute background jobs
+      # execute background jobs
+      #puts Delayed::Job.all.inspect
+      Delayed::Worker.new.work_off
+
+      sleep 6
+    end
   end
 
   test 'settings index with nobody' do

From dac3a506eccd7763ca6eb95e2081666e1edf7a20 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 11:14:24 +0200
Subject: [PATCH 09/35] Added support for themeless searchable models.

---
 app/controllers/search_controller.rb          |  2 +-
 app/models/ticket/search.rb                   | 14 +++++-----
 ..._constants.rb => core_zammad_constants.rb} |  0
 config/initializers/models_searchable.rb      |  8 ++++++
 .../20150816000001_update_model_searchable.rb | 15 +++++++++++
 db/seeds.rb                                   | 10 +++++++
 lib/models.rb                                 | 26 +++++++++++++++++--
 test/unit/model_test.rb                       |  9 +++++++
 8 files changed, 74 insertions(+), 10 deletions(-)
 rename config/initializers/{zammad_constants.rb => core_zammad_constants.rb} (100%)
 create mode 100644 config/initializers/models_searchable.rb
 create mode 100644 db/migrate/20150816000001_update_model_searchable.rb

diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb
index 7e0025692..0fa3af35c 100644
--- a/app/controllers/search_controller.rb
+++ b/app/controllers/search_controller.rb
@@ -21,7 +21,7 @@ class SearchController < ApplicationController
     # convert objects string into array of class names
     # e.g. user-ticket-another_object = %w( User Ticket AnotherObject )
     if !params[:objects]
-      objects = %w( Ticket User Organization )
+      objects = Setting.get('models_searchable')
     else
       objects = params[:objects].split('-').map(&:camelize)
     end
diff --git a/app/models/ticket/search.rb b/app/models/ticket/search.rb
index 338f3cd4a..4087738f3 100644
--- a/app/models/ticket/search.rb
+++ b/app/models/ticket/search.rb
@@ -20,12 +20,12 @@ returns if user has no permissions to search
 
 =end
 
-    def search_preferences(_current_user)
-      {
-        prio: 3000,
-        direct_search_index: false,
-      }
-    end
+  def search_preferences(_current_user)
+    {
+      prio: 3000,
+      direct_search_index: false,
+    }
+  end
 
 =begin
 
@@ -79,7 +79,7 @@ returns
 
 =end
 
-  def search (params)
+  def search(params)
 
     # get params
     query        = params[:query]
diff --git a/config/initializers/zammad_constants.rb b/config/initializers/core_zammad_constants.rb
similarity index 100%
rename from config/initializers/zammad_constants.rb
rename to config/initializers/core_zammad_constants.rb
diff --git a/config/initializers/models_searchable.rb b/config/initializers/models_searchable.rb
new file mode 100644
index 000000000..d57d805f7
--- /dev/null
+++ b/config/initializers/models_searchable.rb
@@ -0,0 +1,8 @@
+# update settings for searchable models
+if ActiveRecord::Base.connection.tables.include?('settings')
+  models_current = Models.searchable.map(&:to_s)
+  models_config = Setting.get('models_searchable')
+  if models_current != models_config
+    Setting.set('models_searchable', models_current)
+  end
+end
diff --git a/db/migrate/20150816000001_update_model_searchable.rb b/db/migrate/20150816000001_update_model_searchable.rb
new file mode 100644
index 000000000..72db5ad58
--- /dev/null
+++ b/db/migrate/20150816000001_update_model_searchable.rb
@@ -0,0 +1,15 @@
+class UpdateModelSearchable < ActiveRecord::Migration
+  def up
+
+    Setting.create_if_not_exists(
+      title: 'Define searchable models.',
+      name: 'models_searchable',
+      area: 'Models::Base',
+      description: 'Define the models which can be searched for.',
+      options: {},
+      state: [],
+      frontend: false,
+    )
+
+  end
+end
diff --git a/db/seeds.rb b/db/seeds.rb
index 5f96d478e..5c2b6d362 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -1187,6 +1187,16 @@ Setting.create_if_not_exists(
   frontend: true
 )
 
+Setting.create_if_not_exists(
+  title: 'Define searchable models.',
+  name: 'models_searchable',
+  area: 'Models::Base',
+  description: 'Define the models which can be searched for.',
+  options: {},
+  state: [],
+  frontend: false,
+)
+
 Setting.create_if_not_exists(
   title: 'Default Screen',
   name: 'default_controller',
diff --git a/lib/models.rb b/lib/models.rb
index 23adfdc1c..4158450e3 100644
--- a/lib/models.rb
+++ b/lib/models.rb
@@ -10,11 +10,11 @@ get list of models
 returns
 
   {
-    'Some::Classname1' => {
+    Some::Classname1 => {
       attributes: ['id', 'name', '...']
       reflections: ...model.reflections...
     },
-    'Some::Classname2' => {
+    Some::Classname2 => {
       attributes: ['id', 'name', '...']
       reflections: ...model.reflections...
     },
@@ -49,6 +49,28 @@ returns
 
 =begin
 
+get list of searchable models
+
+  result = Models.searchable
+
+returns
+
+  [Model1, Model2, Model3]
+
+=end
+
+  def self.searchable
+    models = []
+    all.each {|model_class, options|
+      next if !model_class
+      next if !model_class.respond_to? :search_preferences
+      models.push model_class
+    }
+    models
+  end
+
+=begin
+
 get reference list of a models
 
   result = Models.references('User', 2)
diff --git a/test/unit/model_test.rb b/test/unit/model_test.rb
index 5bb8e5bf9..89de3260e 100644
--- a/test/unit/model_test.rb
+++ b/test/unit/model_test.rb
@@ -235,4 +235,13 @@ class ModelTest < ActiveSupport::TestCase
 
   end
 
+  test 'searchable test' do
+    searchable = Models.searchable
+    assert(searchable.include?(Ticket))
+    assert(searchable.include?(User))
+    assert(searchable.include?(Organization))
+    assert_equal(3, searchable.count)
+
+  end
+
 end

From ecb0ace02d2fbcd27f89f13765400dddc5d4b3dc Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 11:24:15 +0200
Subject: [PATCH 10/35] Check if models_config exists to support migrations of
 existing systems.

---
 config/initializers/models_searchable.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/models_searchable.rb b/config/initializers/models_searchable.rb
index d57d805f7..2659b0943 100644
--- a/config/initializers/models_searchable.rb
+++ b/config/initializers/models_searchable.rb
@@ -2,7 +2,7 @@
 if ActiveRecord::Base.connection.tables.include?('settings')
   models_current = Models.searchable.map(&:to_s)
   models_config = Setting.get('models_searchable')
-  if models_current != models_config
+  if models_config && models_current != models_config
     Setting.set('models_searchable', models_current)
   end
 end

From eb84b39c32fcb2a9214180719f7774195c825ef9 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 11:30:31 +0200
Subject: [PATCH 11/35] Get objects to reindex from Models.searchable.

---
 lib/tasks/search_index_es.rake | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/lib/tasks/search_index_es.rake b/lib/tasks/search_index_es.rake
index 0d39075ea..6d4e58124 100644
--- a/lib/tasks/search_index_es.rake
+++ b/lib/tasks/search_index_es.rake
@@ -42,9 +42,10 @@ namespace :searchindex do
   task :reload, [:opts] => :environment do |_t, _args|
 
     puts 'reload data...'
-    User.search_index_reload
-    Organization.search_index_reload
-    Ticket.search_index_reload
+    Models.searchable.each {|model_class|
+      puts " reload #{model_class}"
+      model_class.search_index_reload
+    }
 
   end
 

From 7dfb3bd64213750f49ee7b39b04473353f30276f Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 11:33:16 +0200
Subject: [PATCH 12/35] Added more output info of reload.

---
 lib/tasks/search_index_es.rake | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/tasks/search_index_es.rake b/lib/tasks/search_index_es.rake
index 6d4e58124..6278cbba5 100644
--- a/lib/tasks/search_index_es.rake
+++ b/lib/tasks/search_index_es.rake
@@ -44,7 +44,11 @@ namespace :searchindex do
     puts 'reload data...'
     Models.searchable.each {|model_class|
       puts " reload #{model_class}"
+      started_at = Time.zone.now
+      puts "  - started at #{started_at}"
       model_class.search_index_reload
+      took = Time.zone.now - started_at
+      puts "  - took #{took.to_i} seconds"
     }
 
   end

From 592b0145089f48e22e47eb72770accb00bb621f5 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 13:00:14 +0200
Subject: [PATCH 13/35] Disabled ajax tracking.

---
 app/assets/javascripts/app/lib/app_init/track.js.coffee | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/assets/javascripts/app/lib/app_init/track.js.coffee b/app/assets/javascripts/app/lib/app_init/track.js.coffee
index b1f2dee0e..1448e9e32 100644
--- a/app/assets/javascripts/app/lib/app_init/track.js.coffee
+++ b/app/assets/javascripts/app/lib/app_init/track.js.coffee
@@ -58,6 +58,7 @@ class _trackSingleton
     )
 
     # log ajax calls
+    ### disabled, only needed for debugging
     $(document).bind( 'ajaxComplete', ( e, request, settings ) =>
 
       # do not log ui requests
@@ -92,6 +93,7 @@ class _trackSingleton
           }
         )
     )
+    ###
 
     $(window).bind(
       'beforeunload'

From df3addd91532353d326728d232bac760ad612f1a Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 13:57:27 +0200
Subject: [PATCH 14/35] Reduced dom changes, improved performance.

---
 .../controllers/_application_controller.js.coffee |  2 +-
 .../_application_controller_generic.js.coffee     |  3 ---
 .../_application_controller_table.js.coffee       |  5 -----
 .../_dashboard/activity_stream.js.coffee          |  3 ---
 .../javascripts/app/controllers/session.js.coffee |  3 ---
 .../app/controllers/ticket_overview.js.coffee     |  3 ---
 .../ticket_zoom/article_view.js.coffee            |  3 ---
 .../app/controllers/ticket_zoom/meta.js.coffee    |  3 ---
 .../widget/online_notification.js.coffee          |  3 ---
 .../app/controllers/widget/ticket_stats.js.coffee |  1 -
 app/assets/javascripts/app/index.js.coffee        | 15 ++++++++++++++-
 .../app/lib/app_post/interface_handle.js.coffee   |  3 +++
 .../app/views/dashboard/activity_stream.jst.eco   |  2 +-
 .../javascripts/app/views/generic/history.jst.eco |  2 +-
 .../javascripts/app/views/link/info.jst.eco       |  2 +-
 app/assets/javascripts/app/views/session.jst.eco  |  4 ++--
 .../app/views/ticket_zoom/article_view.jst.eco    |  2 +-
 .../app/views/ticket_zoom/meta.jst.eco            |  2 +-
 .../widget/online_notification_content.jst.eco    |  2 +-
 .../app/views/widget/ticket_stats_list.jst.eco    |  2 +-
 20 files changed, 27 insertions(+), 38 deletions(-)

diff --git a/app/assets/javascripts/app/controllers/_application_controller.js.coffee b/app/assets/javascripts/app/controllers/_application_controller.js.coffee
index 5bbb9ac4f..f531f504f 100644
--- a/app/assets/javascripts/app/controllers/_application_controller.js.coffee
+++ b/app/assets/javascripts/app/controllers/_application_controller.js.coffee
@@ -210,7 +210,7 @@ class App.Controller extends Spine.Controller
 #        console.log('rewrite frontendTimeUpdate', this, $(this).hasClass('escalation'))
         ui.frontendTimeUpdateItem(item)
       )
-    App.Interval.set( update, 30000, 'frontendTimeUpdate', 'ui' )
+    App.Interval.set( update, 61000, 'frontendTimeUpdate', 'ui' )
 
   frontendTimeUpdateItem: (item) =>
     timestamp = item.data('time')
diff --git a/app/assets/javascripts/app/controllers/_application_controller_generic.js.coffee b/app/assets/javascripts/app/controllers/_application_controller_generic.js.coffee
index d2b8fba67..0dfa0912b 100644
--- a/app/assets/javascripts/app/controllers/_application_controller_generic.js.coffee
+++ b/app/assets/javascripts/app/controllers/_application_controller_generic.js.coffee
@@ -401,9 +401,6 @@ class App.GenericHistory extends App.ControllerModal
     # enable user popups
     @userPopups()
 
-    # show frontend times
-    @delay( @frontendTimeUpdate, 800, 'ui-time-update' )
-
   sortorder: =>
     @items = @items.reverse()
 
diff --git a/app/assets/javascripts/app/controllers/_application_controller_table.js.coffee b/app/assets/javascripts/app/controllers/_application_controller_table.js.coffee
index dd68029d8..1acd639d6 100644
--- a/app/assets/javascripts/app/controllers/_application_controller_table.js.coffee
+++ b/app/assets/javascripts/app/controllers/_application_controller_table.js.coffee
@@ -274,9 +274,4 @@ class App.ControllerTable extends App.Controller
           )
       )
 
-    time = =>
-      @frontendTimeUpdate()
-    @delay(time, 80) # to show time immediately for normal tables
-    @delay(time, 280) # to show time immediately for tables in modal dialog
-
     table
diff --git a/app/assets/javascripts/app/controllers/_dashboard/activity_stream.js.coffee b/app/assets/javascripts/app/controllers/_dashboard/activity_stream.js.coffee
index 7e49d6792..9455f3b63 100644
--- a/app/assets/javascripts/app/controllers/_dashboard/activity_stream.js.coffee
+++ b/app/assets/javascripts/app/controllers/_dashboard/activity_stream.js.coffee
@@ -51,9 +51,6 @@ class App.DashboardActivityStream extends App.Controller
     @$('.activity-entries').remove()
     @el.append html
 
-    # update time
-    @frontendTimeUpdate()
-
   renderItem: (item) ->
     html = $(App.view('dashboard/activity_stream')(
       item: item
diff --git a/app/assets/javascripts/app/controllers/session.js.coffee b/app/assets/javascripts/app/controllers/session.js.coffee
index a52e9198f..b208ee116 100644
--- a/app/assets/javascripts/app/controllers/session.js.coffee
+++ b/app/assets/javascripts/app/controllers/session.js.coffee
@@ -42,9 +42,6 @@ class Index extends App.ControllerContent
       sessions: data.sessions
     )
 
-    # show frontend times
-    @frontendTimeUpdate()
-
   destroy: (e) ->
     e.preventDefault()
     sessionId = $( e.target ).closest('a').data('session-id')
diff --git a/app/assets/javascripts/app/controllers/ticket_overview.js.coffee b/app/assets/javascripts/app/controllers/ticket_overview.js.coffee
index b7e62c5de..b48221797 100644
--- a/app/assets/javascripts/app/controllers/ticket_overview.js.coffee
+++ b/app/assets/javascripts/app/controllers/ticket_overview.js.coffee
@@ -321,9 +321,6 @@ class Table extends App.Controller
     # start organization popups
     @organizationPopups()
 
-    # show frontend times
-    @frontendTimeUpdate()
-
     # start bulk action observ
     @el.find('.bulkAction').append( @bulk_form() )
     if @el.find('.table-overview').find('input[name="bulk"]:checked').length isnt 0
diff --git a/app/assets/javascripts/app/controllers/ticket_zoom/article_view.js.coffee b/app/assets/javascripts/app/controllers/ticket_zoom/article_view.js.coffee
index dc7172f67..845371ab1 100644
--- a/app/assets/javascripts/app/controllers/ticket_zoom/article_view.js.coffee
+++ b/app/assets/javascripts/app/controllers/ticket_zoom/article_view.js.coffee
@@ -112,9 +112,6 @@ class ArticleViewItem extends App.Controller
       article: @article
     )
 
-    # show frontend times
-    @frontendTimeUpdate()
-
     # set see more option
     @setSeeMore()
 
diff --git a/app/assets/javascripts/app/controllers/ticket_zoom/meta.js.coffee b/app/assets/javascripts/app/controllers/ticket_zoom/meta.js.coffee
index cbc3865ea..613171847 100644
--- a/app/assets/javascripts/app/controllers/ticket_zoom/meta.js.coffee
+++ b/app/assets/javascripts/app/controllers/ticket_zoom/meta.js.coffee
@@ -12,8 +12,5 @@ class App.TicketZoomMeta extends App.Controller
       isCustomer: @isRole('Customer')
     )
 
-    # show frontend times
-    @frontendTimeUpdate()
-
   release: =>
     App.Ticket.unsubscribe( @subscribeId )
\ No newline at end of file
diff --git a/app/assets/javascripts/app/controllers/widget/online_notification.js.coffee b/app/assets/javascripts/app/controllers/widget/online_notification.js.coffee
index 971131515..5613532d0 100644
--- a/app/assets/javascripts/app/controllers/widget/online_notification.js.coffee
+++ b/app/assets/javascripts/app/controllers/widget/online_notification.js.coffee
@@ -130,9 +130,6 @@ class App.OnlineNotificationWidget extends App.Controller
       $( App.view('widget/online_notification_content')(items: items) )
     )
 
-    # show frontend times
-    @frontendTimeUpdate()
-
   createContainer: =>
     @removeContainer()
 
diff --git a/app/assets/javascripts/app/controllers/widget/ticket_stats.js.coffee b/app/assets/javascripts/app/controllers/widget/ticket_stats.js.coffee
index 34f4fac04..c838c47cf 100644
--- a/app/assets/javascripts/app/controllers/widget/ticket_stats.js.coffee
+++ b/app/assets/javascripts/app/controllers/widget/ticket_stats.js.coffee
@@ -144,7 +144,6 @@ class TicketStatsList extends App.Controller
       limit:           @limit
     )
 
-    @frontendTimeUpdate()
     @ticketPopups()
 
   showAll: (e) =>
diff --git a/app/assets/javascripts/app/index.js.coffee b/app/assets/javascripts/app/index.js.coffee
index 36fcebebf..c4046e373 100644
--- a/app/assets/javascripts/app/index.js.coffee
+++ b/app/assets/javascripts/app/index.js.coffee
@@ -107,7 +107,12 @@ class App extends Spine.Controller
     # use pretty time for datetime
     else if attribute_config.tag is 'datetime'
       isHtmlEscape = true
-      result       = "<span class=\"humanTimeFromNow #{attribute_config.class}\" data-time=\"#{result}\">?</span>"
+      timestamp = App.i18n.translateTimestamp(result)
+      escalation = undefined
+      if attribute_config.class is 'escalation'
+        escalation
+      humanTime = App.PrettyDate.humanTime(result, escalation)
+      result       = "<span class=\"humanTimeFromNow #{attribute_config.class}\" data-time=\"#{result}\" data-tooltip=\"#{timestamp}\">#{humanTime}</span>"
       #result      = App.i18n.translateTimestamp(result)
 
     if !isHtmlEscape && typeof result is 'string'
@@ -216,6 +221,14 @@ class App extends Spine.Controller
       params.humanFileSize = ( size ) ->
         App.Utils.humanFileSize(size)
 
+      # define pretty/human time helper
+      params.humanTime = ( time, escalation ) ->
+        App.PrettyDate.humanTime(time, escalation)
+
+      # define pretty/human time helper
+      params.timestamp = ( time ) ->
+        App.i18n.translateTimestamp(time)
+
       # define template
       JST["app/views/#{name}"](params)
     template
diff --git a/app/assets/javascripts/app/lib/app_post/interface_handle.js.coffee b/app/assets/javascripts/app/lib/app_post/interface_handle.js.coffee
index 89cacaa2f..ef9c813a1 100644
--- a/app/assets/javascripts/app/lib/app_post/interface_handle.js.coffee
+++ b/app/assets/javascripts/app/lib/app_post/interface_handle.js.coffee
@@ -21,6 +21,9 @@ class App.Run extends App.Controller
     # create web socket connection
     App.WebSocket.connect()
 
+    # start frontend time update
+    @frontendTimeUpdate()
+
     # start navbars
     @setupWidget( 'Navigations', 'nav', @el )
 
diff --git a/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco b/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
index 123b0fbe5..af16e255f 100644
--- a/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
+++ b/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
@@ -5,7 +5,7 @@
       <span class="activity-text">
         <%= @item.created_by.displayName() %> <%- @T( @item.type ) %> <%- @T( @item.object_name ) %><% if @item.title: %> (<%= @item.title %>)<% end %>
       </span>
-      <span class="activity-time humanTimeFromNow" data-time="<%- @item.created_at %>">?</span>
+      <span class="activity-time humanTimeFromNow" data-time="<%- @item.created_at %>" data-tooltip="<%- @timestamp(@item.created_at) %>"><%- @humanTime(@item.created_at) %></span>
     </span>
     <span class="activity-icon">
       <span class="<%- @item.cssIcon %> icon"></span>
diff --git a/app/assets/javascripts/app/views/generic/history.jst.eco b/app/assets/javascripts/app/views/generic/history.jst.eco
index e1b3b8409..281923ec8 100644
--- a/app/assets/javascripts/app/views/generic/history.jst.eco
+++ b/app/assets/javascripts/app/views/generic/history.jst.eco
@@ -5,7 +5,7 @@
 
 <% for item in @items: %>
   <span class="user-popover" data-id="<%= item.created_by.id %>"><%= item.created_by.displayName() %></span> -
-  <span class="humanTimeFromNow" data-time="<%- item.created_at %>">?</span>
+  <span class="humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></span>
   <ul>
     <% for content in item.records: %>
     <li><%- content %></li>
diff --git a/app/assets/javascripts/app/views/link/info.jst.eco b/app/assets/javascripts/app/views/link/info.jst.eco
index b0ff476c4..dd63ebb43 100644
--- a/app/assets/javascripts/app/views/link/info.jst.eco
+++ b/app/assets/javascripts/app/views/link/info.jst.eco
@@ -10,7 +10,7 @@
       </div>
       <div class="task-text">
         <a class="name ticket-popover" data-id="<%- item.id %>" href="#ticket/zoom/<%= item.id %>"><%= item.title %></a>
-        <div class="time humanTimeFromNow" data-time="<%- item.created_at %>"></div>
+        <div class="time humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></div>
       </div>
       <div class="sidebar-list-item-delete js-delete" data-object="Ticket" data-object-id="<%= item.id %>" data-link-type="<%= type %>" data-type="remove">
         <svg class="icon icon-diagonal-cross"><use xlink:href="#icon-diagonal-cross" /></svg>
diff --git a/app/assets/javascripts/app/views/session.jst.eco b/app/assets/javascripts/app/views/session.jst.eco
index 52b064d04..3da90d8d0 100644
--- a/app/assets/javascripts/app/views/session.jst.eco
+++ b/app/assets/javascripts/app/views/session.jst.eco
@@ -18,8 +18,8 @@
       <td><% if session.data.user: %><%= session.data.user.displayName() %><% end %></td>
       <td title="<%= session.data.user_agent %>"><%= session.data.user_agent %></td>
       <td title="<%= session.data.remote_id %>"><% if session.data.geo && session.data.geo.country_name: %><%= session.data.geo.country_name %> <%= session.data.geo.city_name %><% else: %><%= session.data.remote_id %><% end %></td>
-      <td><span class="humanTimeFromNow" data-time="<%- session.created_at %>">?</span></td>
-      <td><span class="humanTimeFromNow" data-time="<%- session.updated_at %>">?</span></td>
+      <td><span class="humanTimeFromNow" data-time="<%- session.created_at %>" data-tooltip="<%- @timestamp(session.created_at) %>"><%- @humanTime(session.created_at) %></span></td>
+      <td><span class="humanTimeFromNow" data-time="<%- session.updated_at %>" data-tooltip="<%- @timestamp(session.updated_at) %>"><%- @humanTime(session.updated_at) %></span></td>
       <td><a href="#" data-session-id="<%- session.id %>" data-type="delete" title="<%- @Ti('Delete') %>"><svg class="icon-trash" data-type="destroy"><use xlink:href="#icon-trash"></use></svg></a></td>
     </tr>
     <% end %>
diff --git a/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco b/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
index ff7b2a567..5deef2a8b 100644
--- a/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
+++ b/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
@@ -82,4 +82,4 @@
 
 <div class="js-article-actions"></div>
 
-<small class="task-subline zIndex-1"><time class="humanTimeFromNow" data-time="<%- @article.created_at %>">?</time></small>
+<small class="task-subline zIndex-1"><time class="humanTimeFromNow" data-time="<%- @article.created_at %>" data-tooltip="<%- @timestamp(@article.created_at) %>x"><%- @humanTime(@article.created_at) %>x</time></small>
diff --git a/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco b/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
index 47ac28ba9..877622292 100644
--- a/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
+++ b/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
@@ -1,3 +1,3 @@
 <small class="task-subline">
-  <%- @C('ticket_hook') %> <span class="ticket-number"><%- @ticket.number %></span> - <%- @T('created') %> <span class="humanTimeFromNow" data-time="<%- @ticket.created_at %>">?</span> <% if !@isCustomer && @ticket.escalation_time: %> - <%- @T('escalation') %> <span class="humanTimeFromNow escalation" data-time="<%- @ticket.escalation_time %>">?</span><% end %>
+  <%- @C('ticket_hook') %> <span class="ticket-number"><%- @ticket.number %></span> - <%- @T('created') %> <span class="humanTimeFromNow" data-time="<%- @ticket.created_at %>" data-tooltip="<%- @timestamp(@ticket.created_at) %>"><%- @humanTime(@ticket.created_at) %></span> <% if !@isCustomer && @ticket.escalation_time: %> - <%- @T('escalation') %> <span class="humanTimeFromNow escalation" data-time="<%- @ticket.escalation_time %>" data-tooltip="<%- @timestamp(@ticket.escalation_time) %>"><%- @humanTime(@ticket.escalation_time, true) %></span><% end %>
 </small>
\ No newline at end of file
diff --git a/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco b/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
index 10a60c461..5dec0028a 100644
--- a/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
+++ b/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
@@ -9,7 +9,7 @@
         <span class="activity-text">
           <%= item.created_by.displayName() %> <%- @T( item.type ) %> <%- @T( item.object_name ) %><% if item.title: %> (<%= item.title %>)<% end %>
         </span>
-        <span class="activity-time humanTimeFromNow" data-time="<%- item.created_at %>">?</span>
+        <span class="activity-time humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></span>
       </span>
     </a>
   </div>
diff --git a/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco b/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
index 9fbdd6f85..129e2bde7 100644
--- a/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
+++ b/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
@@ -9,7 +9,7 @@
     </div>
     <div class="task-text">
       <a class="name ticket-popover" data-id="<%- ticket_id %>" href="<%- ticket.uiUrl() %>"><%= ticket.title %></a>
-      <div class="time humanTimeFromNow" data-time="<%- ticket.created_at %>"></div>
+      <div class="time humanTimeFromNow" data-time="<%- ticket.created_at %>" data-tooltip="<%- @timestamp(ticket.created_at) %>"><%- @humanTime(ticket.created_at) %></div>
     </div>
   </li>
   <% end %>

From 7adc2ea9193ca24dff1a1f255c956e255f25e0b1 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Sun, 16 Aug 2015 17:46:57 +0200
Subject: [PATCH 15/35] Improved humanTime helper method.

---
 app/assets/javascripts/app/index.js.coffee    | 21 +++++++++----------
 .../views/dashboard/activity_stream.jst.eco   |  2 +-
 .../app/views/generic/history.jst.eco         |  2 +-
 .../javascripts/app/views/link/info.jst.eco   |  2 +-
 .../javascripts/app/views/session.jst.eco     |  4 ++--
 .../views/ticket_zoom/article_view.jst.eco    |  2 +-
 .../app/views/ticket_zoom/meta.jst.eco        |  2 +-
 .../online_notification_content.jst.eco       |  2 +-
 .../views/widget/ticket_stats_list.jst.eco    |  2 +-
 public/assets/tests/model-ui.js               |  4 ++--
 public/assets/tests/table.js                  | 18 ++++++++--------
 11 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/app/assets/javascripts/app/index.js.coffee b/app/assets/javascripts/app/index.js.coffee
index c4046e373..c7ea196c3 100644
--- a/app/assets/javascripts/app/index.js.coffee
+++ b/app/assets/javascripts/app/index.js.coffee
@@ -108,12 +108,11 @@ class App extends Spine.Controller
     else if attribute_config.tag is 'datetime'
       isHtmlEscape = true
       timestamp = App.i18n.translateTimestamp(result)
-      escalation = undefined
-      if attribute_config.class is 'escalation'
-        escalation
+      escalation = false
+      if attribute_config.class && attribute_config.class.match 'escalation'
+        escalation = true
       humanTime = App.PrettyDate.humanTime(result, escalation)
-      result       = "<span class=\"humanTimeFromNow #{attribute_config.class}\" data-time=\"#{result}\" data-tooltip=\"#{timestamp}\">#{humanTime}</span>"
-      #result      = App.i18n.translateTimestamp(result)
+      result    = "<time class=\"humanTimeFromNow #{attribute_config.class}\" data-time=\"#{result}\" data-tooltip=\"#{timestamp}\">#{humanTime}</time>"
 
     if !isHtmlEscape && typeof result is 'string'
       result = App.Utils.htmlEscape(result)
@@ -222,12 +221,12 @@ class App extends Spine.Controller
         App.Utils.humanFileSize(size)
 
       # define pretty/human time helper
-      params.humanTime = ( time, escalation ) ->
-        App.PrettyDate.humanTime(time, escalation)
-
-      # define pretty/human time helper
-      params.timestamp = ( time ) ->
-        App.i18n.translateTimestamp(time)
+      params.humanTime = ( time, escalation = false, cssClass = '') ->
+        timestamp = App.i18n.translateTimestamp(time)
+        if escalation
+          cssClass += ' escalation'
+        humanTime = App.PrettyDate.humanTime(time, escalation)
+        "<time class=\"humanTimeFromNow #{cssClass}\" data-time=\"#{time}\" data-tooltip=\"#{timestamp}\">#{humanTime}</time>"
 
       # define template
       JST["app/views/#{name}"](params)
diff --git a/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco b/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
index af16e255f..825d6e473 100644
--- a/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
+++ b/app/assets/javascripts/app/views/dashboard/activity_stream.jst.eco
@@ -5,7 +5,7 @@
       <span class="activity-text">
         <%= @item.created_by.displayName() %> <%- @T( @item.type ) %> <%- @T( @item.object_name ) %><% if @item.title: %> (<%= @item.title %>)<% end %>
       </span>
-      <span class="activity-time humanTimeFromNow" data-time="<%- @item.created_at %>" data-tooltip="<%- @timestamp(@item.created_at) %>"><%- @humanTime(@item.created_at) %></span>
+      <%- @humanTime(@item.created_at, false, 'activity-time') %>
     </span>
     <span class="activity-icon">
       <span class="<%- @item.cssIcon %> icon"></span>
diff --git a/app/assets/javascripts/app/views/generic/history.jst.eco b/app/assets/javascripts/app/views/generic/history.jst.eco
index 281923ec8..d074af13d 100644
--- a/app/assets/javascripts/app/views/generic/history.jst.eco
+++ b/app/assets/javascripts/app/views/generic/history.jst.eco
@@ -5,7 +5,7 @@
 
 <% for item in @items: %>
   <span class="user-popover" data-id="<%= item.created_by.id %>"><%= item.created_by.displayName() %></span> -
-  <span class="humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></span>
+  <%- @humanTime(item.created_at) %>
   <ul>
     <% for content in item.records: %>
     <li><%- content %></li>
diff --git a/app/assets/javascripts/app/views/link/info.jst.eco b/app/assets/javascripts/app/views/link/info.jst.eco
index dd63ebb43..e91a4b8c3 100644
--- a/app/assets/javascripts/app/views/link/info.jst.eco
+++ b/app/assets/javascripts/app/views/link/info.jst.eco
@@ -10,7 +10,7 @@
       </div>
       <div class="task-text">
         <a class="name ticket-popover" data-id="<%- item.id %>" href="#ticket/zoom/<%= item.id %>"><%= item.title %></a>
-        <div class="time humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></div>
+        <%- @humanTime(item.created_at) %>
       </div>
       <div class="sidebar-list-item-delete js-delete" data-object="Ticket" data-object-id="<%= item.id %>" data-link-type="<%= type %>" data-type="remove">
         <svg class="icon icon-diagonal-cross"><use xlink:href="#icon-diagonal-cross" /></svg>
diff --git a/app/assets/javascripts/app/views/session.jst.eco b/app/assets/javascripts/app/views/session.jst.eco
index 3da90d8d0..4d156e5ac 100644
--- a/app/assets/javascripts/app/views/session.jst.eco
+++ b/app/assets/javascripts/app/views/session.jst.eco
@@ -18,8 +18,8 @@
       <td><% if session.data.user: %><%= session.data.user.displayName() %><% end %></td>
       <td title="<%= session.data.user_agent %>"><%= session.data.user_agent %></td>
       <td title="<%= session.data.remote_id %>"><% if session.data.geo && session.data.geo.country_name: %><%= session.data.geo.country_name %> <%= session.data.geo.city_name %><% else: %><%= session.data.remote_id %><% end %></td>
-      <td><span class="humanTimeFromNow" data-time="<%- session.created_at %>" data-tooltip="<%- @timestamp(session.created_at) %>"><%- @humanTime(session.created_at) %></span></td>
-      <td><span class="humanTimeFromNow" data-time="<%- session.updated_at %>" data-tooltip="<%- @timestamp(session.updated_at) %>"><%- @humanTime(session.updated_at) %></span></td>
+      <td><%- @humanTime(session.created_at) %></td>
+      <td><%- @humanTime(session.updated_at) %></td>
       <td><a href="#" data-session-id="<%- session.id %>" data-type="delete" title="<%- @Ti('Delete') %>"><svg class="icon-trash" data-type="destroy"><use xlink:href="#icon-trash"></use></svg></a></td>
     </tr>
     <% end %>
diff --git a/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco b/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
index 5deef2a8b..bda4c46f1 100644
--- a/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
+++ b/app/assets/javascripts/app/views/ticket_zoom/article_view.jst.eco
@@ -82,4 +82,4 @@
 
 <div class="js-article-actions"></div>
 
-<small class="task-subline zIndex-1"><time class="humanTimeFromNow" data-time="<%- @article.created_at %>" data-tooltip="<%- @timestamp(@article.created_at) %>x"><%- @humanTime(@article.created_at) %>x</time></small>
+<small class="task-subline zIndex-1"><%- @humanTime(@article.created_at) %></small>
diff --git a/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco b/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
index 877622292..2fe7bdac4 100644
--- a/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
+++ b/app/assets/javascripts/app/views/ticket_zoom/meta.jst.eco
@@ -1,3 +1,3 @@
 <small class="task-subline">
-  <%- @C('ticket_hook') %> <span class="ticket-number"><%- @ticket.number %></span> - <%- @T('created') %> <span class="humanTimeFromNow" data-time="<%- @ticket.created_at %>" data-tooltip="<%- @timestamp(@ticket.created_at) %>"><%- @humanTime(@ticket.created_at) %></span> <% if !@isCustomer && @ticket.escalation_time: %> - <%- @T('escalation') %> <span class="humanTimeFromNow escalation" data-time="<%- @ticket.escalation_time %>" data-tooltip="<%- @timestamp(@ticket.escalation_time) %>"><%- @humanTime(@ticket.escalation_time, true) %></span><% end %>
+  <%- @C('ticket_hook') %> <span class="ticket-number"><%- @ticket.number %></span> - <%- @T('created') %> <%- @humanTime(@ticket.created_at) %> <% if !@isCustomer && @ticket.escalation_time: %> - <%- @T('escalation') %> <%- @humanTime(@ticket.escalation_time, true) %><% end %>
 </small>
\ No newline at end of file
diff --git a/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco b/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
index 5dec0028a..b2a7c797f 100644
--- a/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
+++ b/app/assets/javascripts/app/views/widget/online_notification_content.jst.eco
@@ -9,7 +9,7 @@
         <span class="activity-text">
           <%= item.created_by.displayName() %> <%- @T( item.type ) %> <%- @T( item.object_name ) %><% if item.title: %> (<%= item.title %>)<% end %>
         </span>
-        <span class="activity-time humanTimeFromNow" data-time="<%- item.created_at %>" data-tooltip="<%- @timestamp(item.created_at) %>"><%- @humanTime(item.created_at) %></span>
+        <%- @humanTime(item.created_at, false, 'activity-time') %>
       </span>
     </a>
   </div>
diff --git a/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco b/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
index 129e2bde7..c1f4674ec 100644
--- a/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
+++ b/app/assets/javascripts/app/views/widget/ticket_stats_list.jst.eco
@@ -9,7 +9,7 @@
     </div>
     <div class="task-text">
       <a class="name ticket-popover" data-id="<%- ticket_id %>" href="<%- ticket.uiUrl() %>"><%= ticket.title %></a>
-      <div class="time humanTimeFromNow" data-time="<%- ticket.created_at %>" data-tooltip="<%- @timestamp(ticket.created_at) %>"><%- @humanTime(ticket.created_at) %></div>
+       <%- @humanTime(ticket.created_at, false, 'time') %>
     </div>
   </li>
   <% end %>
diff --git a/public/assets/tests/model-ui.js b/public/assets/tests/model-ui.js
index bf6dafc76..c20742700 100644
--- a/public/assets/tests/model-ui.js
+++ b/public/assets/tests/model-ui.js
@@ -44,7 +44,7 @@ test( "model ui basic tests", function() {
   equal( App.viewPrint( ticket, 'state' ), 'open')
   equal( App.viewPrint( ticket, 'state_id' ), 'open')
   equal( App.viewPrint( ticket, 'not_existing' ), '-')
-  equal( App.viewPrint( ticket, 'updated_at' ), "<span class=\"humanTimeFromNow undefined\" data-time=\"2014-11-07T23:43:08.000Z\">?</span>")
+  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="11/08/2014 00:43">11/08/2014</time>')
   equal( App.viewPrint( ticket, 'date' ), '02/07/2015')
   equal( App.viewPrint( ticket, 'textarea' ), '<div>some new</div><div>line</div>')
 
@@ -55,7 +55,7 @@ test( "model ui basic tests", function() {
   equal( App.viewPrint( ticket, 'state' ), 'offen')
   equal( App.viewPrint( ticket, 'state_id' ), 'offen')
   equal( App.viewPrint( ticket, 'not_existing' ), '-')
-  equal( App.viewPrint( ticket, 'updated_at' ), "<span class=\"humanTimeFromNow undefined\" data-time=\"2014-11-07T23:43:08.000Z\">?</span>")
+  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="08.11.2014 00:43">08.11.2014</time>')
   equal( App.viewPrint( ticket, 'date' ), '07.02.2015')
   equal( App.viewPrint( ticket, 'textarea' ), '<div>some new</div><div>line</div>')
 
diff --git a/public/assets/tests/table.js b/public/assets/tests/table.js
index 18a199462..3975f053a 100644
--- a/public/assets/tests/table.js
+++ b/public/assets/tests/table.js
@@ -91,11 +91,11 @@ test( "table test", function() {
   equal( el.find('table > thead > tr > th:nth-child(3)').text().trim(), 'Aktiv', 'check header')
   equal( el.find('tbody > tr:nth-child(1) > td').length, 3, 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:first').text().trim(), '1 niedrig', 'check row 1')
-  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(2)').text().trim(), '?', 'check row 1')
+  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(2)').text().trim(), '10.06.2014', 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(3)').text().trim(), 'true', 'check row 1')
   equal( el.find('tbody > tr:nth-child(2) > td').length, 3, 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:first').text().trim(), '2 normal', 'check row 2')
-  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(2)').text().trim(), '?', 'check row 2')
+  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(2)').text().trim(), '10.06.2014', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(3)').text().trim(), 'false', 'check row 2')
 
   $('#table').append('<hr><h1>table simple II</h1><div id="table2"></div>')
@@ -114,11 +114,11 @@ test( "table test", function() {
   equal( el.find('table > thead > tr > th:nth-child(3)').text().trim(), 'Aktiv', 'check header')
   equal( el.find('tbody > tr:nth-child(1) > td').length, 3, 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:first').text().trim(), '2 normal', 'check row 1')
-  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(2)').text().trim(), '?', 'check row 1')
+  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(2)').text().trim(), '10.06.2014', 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(3)').text().trim(), 'false', 'check row 1')
   equal( el.find('tbody > tr:nth-child(2) > td').length, 3, 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:first').text().trim(), '1 niedrig', 'check row 2')
-  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(2)').text().trim(), '?', 'check row 2')
+  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(2)').text().trim(), '10.06.2014', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(3)').text().trim(), 'true', 'check row 2')
 
   $('#table').append('<hr><h1>table simple III</h1><div id="table3"></div>')
@@ -257,7 +257,7 @@ test( "table test", function() {
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(6)').text().trim(), '2 normal', 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(7)').text().trim(), 'group 2', 'check row 1')
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(8)').text().trim(), 'neu', 'check row 1')
-  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(9)').text().trim(), '?', 'check row 1')
+  equal( el.find('tbody > tr:nth-child(1) > td:nth-child(9)').text().trim(), '11.07.2014', 'check row 1')
   equal( el.find('tbody > tr:nth-child(2) > td').length, 9, 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(1) input').val(), '2', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(1) input').prop('checked'), '', 'check row 2')
@@ -269,7 +269,7 @@ test( "table test", function() {
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(6)').text().trim(), '1 niedrig', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(7)').text().trim(), 'group 1', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(8)').text().trim(), 'offen', 'check row 2')
-  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(9)').text().trim(), '?', 'check row 2')
+  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(9)').text().trim(), '10.06.2014', 'check row 2')
   equal( el.find('tbody > tr:nth-child(3) > td').length, 9, 'check row 3')
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(1) input').val(), '1', 'check row 3')
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(1) input').prop('checked'), '', 'check row 3')
@@ -281,7 +281,7 @@ test( "table test", function() {
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(6)').text().trim(), '1 niedrig', 'check row 3')
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(7)').text().trim(), 'group 2', 'check row 3')
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(8)').text().trim(), 'neu', 'check row 3')
-  equal( el.find('tbody > tr:nth-child(3) > td:nth-child(9)').text().trim(), '?', 'check row 3')
+  equal( el.find('tbody > tr:nth-child(3) > td:nth-child(9)').text().trim(), '10.06.2014', 'check row 3')
 
   el.find('input[name="bulk_all"]').click()
   equal( el.find('tbody > tr:nth-child(1) > td:nth-child(1) input').prop('checked'), true, 'check row 1')
@@ -330,7 +330,7 @@ test( "table test", function() {
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(5)').text().trim(), '-', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(6)').text().trim(), '1 niedrig', 'check row 2')
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(7)').text().trim(), 'offen', 'check row 2')
-  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(8)').text().trim(), '?', 'check row 2')
+  equal( el.find('tbody > tr:nth-child(2) > td:nth-child(8)').text().trim(), '10.06.2014', 'check row 2')
   equal( el.find('tbody > tr:nth-child(3) > td').length, 1, 'check row 3')
   equal( el.find('tbody > tr:nth-child(3) > td:nth-child(1)').text().trim(), 'group 2', 'check row 4')
   equal( el.find('tbody > tr:nth-child(4) > td').length, 8, 'check row 4')
@@ -343,7 +343,7 @@ test( "table test", function() {
   equal( el.find('tbody > tr:nth-child(4) > td:nth-child(5)').text().trim(), '-', 'check row 2')
   equal( el.find('tbody > tr:nth-child(4) > td:nth-child(6)').text().trim(), '2 normal', 'check row 4')
   equal( el.find('tbody > tr:nth-child(4) > td:nth-child(7)').text().trim(), 'neu', 'check row 4')
-  equal( el.find('tbody > tr:nth-child(4) > td:nth-child(8)').text().trim(), '?', 'check row 4')
+  equal( el.find('tbody > tr:nth-child(4) > td:nth-child(8)').text().trim(), '11.07.2014', 'check row 4')
 
   el.find('input[name="bulk"]:eq(1)').click()
   equal( el.find('tbody > tr:nth-child(2) > td:nth-child(1) input').prop('checked'), '', 'check row 2')

From 6366629205bb841707e5a5ddd1984a94c3e4d45f Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 08:39:23 +0200
Subject: [PATCH 16/35] Improved humanTime helper method.

---
 app/assets/javascripts/app/index.js.coffee | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/assets/javascripts/app/index.js.coffee b/app/assets/javascripts/app/index.js.coffee
index c7ea196c3..602831265 100644
--- a/app/assets/javascripts/app/index.js.coffee
+++ b/app/assets/javascripts/app/index.js.coffee
@@ -109,10 +109,11 @@ class App extends Spine.Controller
       isHtmlEscape = true
       timestamp = App.i18n.translateTimestamp(result)
       escalation = false
-      if attribute_config.class && attribute_config.class.match 'escalation'
+      cssClass = attribute_config.class || ''
+      if cssClass.match 'escalation'
         escalation = true
       humanTime = App.PrettyDate.humanTime(result, escalation)
-      result    = "<time class=\"humanTimeFromNow #{attribute_config.class}\" data-time=\"#{result}\" data-tooltip=\"#{timestamp}\">#{humanTime}</time>"
+      result    = "<time class=\"humanTimeFromNow #{cssClass}\" data-time=\"#{result}\" data-tooltip=\"#{timestamp}\">#{humanTime}</time>"
 
     if !isHtmlEscape && typeof result is 'string'
       result = App.Utils.htmlEscape(result)

From 94c49062640065f581c28c9b128ef265db77fbc3 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 11:00:33 +0200
Subject: [PATCH 17/35] Fixed time zone issue.

---
 public/assets/tests/model-ui.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/public/assets/tests/model-ui.js b/public/assets/tests/model-ui.js
index c20742700..8f5a7d99d 100644
--- a/public/assets/tests/model-ui.js
+++ b/public/assets/tests/model-ui.js
@@ -44,7 +44,7 @@ test( "model ui basic tests", function() {
   equal( App.viewPrint( ticket, 'state' ), 'open')
   equal( App.viewPrint( ticket, 'state_id' ), 'open')
   equal( App.viewPrint( ticket, 'not_existing' ), '-')
-  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="11/08/2014 00:43">11/08/2014</time>')
+  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="11/07/2014 23:43">11/07/2014</time>')
   equal( App.viewPrint( ticket, 'date' ), '02/07/2015')
   equal( App.viewPrint( ticket, 'textarea' ), '<div>some new</div><div>line</div>')
 
@@ -55,7 +55,7 @@ test( "model ui basic tests", function() {
   equal( App.viewPrint( ticket, 'state' ), 'offen')
   equal( App.viewPrint( ticket, 'state_id' ), 'offen')
   equal( App.viewPrint( ticket, 'not_existing' ), '-')
-  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="08.11.2014 00:43">08.11.2014</time>')
+  equal( App.viewPrint( ticket, 'updated_at' ), '<time class="humanTimeFromNow " data-time="2014-11-07T23:43:08.000Z" data-tooltip="07.11.2014 23:43">07.11.2014</time>')
   equal( App.viewPrint( ticket, 'date' ), '07.02.2015')
   equal( App.viewPrint( ticket, 'textarea' ), '<div>some new</div><div>line</div>')
 

From 7d17849214cad355c2d5c77f72386ceabf37b8fc Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 15:25:41 +0200
Subject: [PATCH 18/35] Init version of device logging.

---
 Gemfile                                       |  1 +
 .../controllers/_profile/devices.js.coffee    | 51 ++++++++++++++
 .../app/views/profile/devices.jst.eco         | 30 ++++++++
 app/controllers/application_controller.rb     | 22 +++++-
 app/models/user_device.rb                     | 69 +++++++++++++++++++
 config/routes/user_devices.rb                 |  8 +++
 .../20150817000001_create_user_devices.rb     | 22 ++++++
 lib/models.rb                                 |  3 +
 8 files changed, 205 insertions(+), 1 deletion(-)
 create mode 100644 app/assets/javascripts/app/controllers/_profile/devices.js.coffee
 create mode 100644 app/assets/javascripts/app/views/profile/devices.jst.eco
 create mode 100644 app/models/user_device.rb
 create mode 100644 config/routes/user_devices.rb
 create mode 100644 db/migrate/20150817000001_create_user_devices.rb

diff --git a/Gemfile b/Gemfile
index 537856bf0..2474d3fcd 100644
--- a/Gemfile
+++ b/Gemfile
@@ -55,6 +55,7 @@ gem 'net-ldap'
 
 gem 'writeexcel'
 gem 'icalendar'
+gem 'browser'
 
 # event machine
 gem 'eventmachine'
diff --git a/app/assets/javascripts/app/controllers/_profile/devices.js.coffee b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
new file mode 100644
index 000000000..b5fcba939
--- /dev/null
+++ b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
@@ -0,0 +1,51 @@
+class Index extends App.Controller
+  events:
+    'click [data-type=delete]': 'delete'
+
+  constructor: ->
+    super
+    return if !@authenticate()
+    @title 'Devices', true
+
+    @load()
+    @interval(
+      =>
+        @load()
+      62000
+    )
+
+  # fetch data, render view
+  load: =>
+    @ajax(
+      id:    'user_devices'
+      type:  'GET'
+      url:   @apiPath + '/user_devices'
+      success: (data) =>
+        @render(data)
+    )
+
+  render: (data) =>
+    @html App.view('profile/devices')( devices: data )
+
+  delete: (e) =>
+    e.preventDefault()
+    id = $(e.target).closest('a').data('device-id')
+    console.log('ID', id)
+    # get data
+    @ajax(
+      id:          'user_devices_delete'
+      type:        'DELETE'
+      url:         "#{@apiPath}/user_devices/#{id}"
+      processData: true
+      success:     @load
+      error:       @error
+    )
+
+  error: (xhr, status, error) =>
+    data = JSON.parse( xhr.responseText )
+    @notify(
+      type: 'error'
+      msg:  App.i18n.translateContent( data.message )
+    )
+
+App.Config.set( 'Devices', { prio: 3100, name: 'Devices', parent: '#profile', target: '#profile/devices', controller: Index }, 'NavBarProfile' )
diff --git a/app/assets/javascripts/app/views/profile/devices.jst.eco b/app/assets/javascripts/app/views/profile/devices.jst.eco
new file mode 100644
index 000000000..c99ad563d
--- /dev/null
+++ b/app/assets/javascripts/app/views/profile/devices.jst.eco
@@ -0,0 +1,30 @@
+<div class="page-header">
+  <div class="page-header-title"><h1><%- @T( 'Devices' ) %></h1></div>
+</div>
+
+<form>
+
+  <p><%- @T('All computers and browsers that have access to your Zammad appear here.') %></p>
+
+  <table class="settings-list">
+    <thead>
+      <tr>
+        <th><%- @T('Name') %></th>
+        <th><%- @T('Location') %></th>
+        <th><%- @T('Most recent activity') %></th>
+        <th><%- @T('Remove') %></th>
+      </tr>
+    </thead>
+    <tbody>
+    <% for device in @devices: %>
+      <tr>
+        <td><%= device.name %></td>
+        <td><%= device.location %></td>
+        <td><%- @humanTime(device.updated_at) %></td>
+        <td><a href="#" data-device-id="<%- device.id %>" data-type="delete" title="<%- @Ti('Delete') %>"><svg class="icon-trash"><use xlink:href="#icon-trash"></use></svg></a></td>
+      </tr>
+    <% end %>
+    <tbody>
+  </table>
+
+</form>
\ No newline at end of file
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 691b1197f..26b5029df 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -14,7 +14,7 @@ class ApplicationController < ActionController::Base
                 :model_index_render
 
   skip_before_action :verify_authenticity_token
-  before_action :set_user, :session_update
+  before_action :set_user, :session_update, :check_user_device
   before_action :cors_preflight_check
 
   after_action  :set_access_control_headers
@@ -95,6 +95,26 @@ class ApplicationController < ActionController::Base
     session[:user_agent] = request.env['HTTP_USER_AGENT']
   end
 
+  # check user device
+  def check_user_device
+
+    # only if user_id exists
+    return if !session[:user_id]
+
+    # only if write action
+    return if request.method == 'GET' || request.method == 'OPTIONS'
+
+    # only update if needed
+    return if session[:check_user_device_at] && session[:check_user_device_at] < Time.zone.now - 10.minutes
+    session[:check_user_device_at] = Time.zone.now
+
+    UserDevice.add(
+      session[:user_agent],
+      session[:remote_id],
+      session[:user_id],
+    )
+  end
+
   def authentication_check_only(auth_param)
 
     logger.debug 'authentication_check'
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
new file mode 100644
index 000000000..6c3ea4d97
--- /dev/null
+++ b/app/models/user_device.rb
@@ -0,0 +1,69 @@
+# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
+
+class UserDevice < ApplicationModel
+  store     :device_details
+  store     :location_details
+  validates :name, presence: true
+
+=begin
+
+store device for user
+
+  UserDevice.add(
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+    '172.0.0.1',
+    user.id,
+  )
+
+=end
+
+  def self.add(user_agent, ip, user_id)
+
+    # get browser details
+    browser = Browser.new(:ua => user_agent, :accept_language => 'en-us')
+    browser = {
+      plattform: browser.platform.to_s.camelize,
+      name: browser.name,
+      version: browser.version,
+      full_version: browser.full_version,
+    }
+
+    # generate device name
+    name = browser[:plattform] || ''
+    if browser[:name]
+      if name
+        name += ', '
+      end
+      name += browser[:name]
+    end
+
+    # get location info
+    location = Service::GeoIp.location(ip)
+    country = location['country_name']
+
+    # check if exists
+    exists = self.find_by(
+      :user_id => user_id,
+      os: browser[:plattform],
+      browser: browser[:name],
+      country: country,
+    )
+
+    if exists
+      exists.touch
+      return exists
+    end
+
+    # create new device
+    self.create(
+      user_id: user_id,
+      name: name,
+      os: browser[:plattform],
+      browser: browser[:name],
+      country: country,
+      device_details: browser,
+      location_details: location,
+    )
+  end
+
+end
diff --git a/config/routes/user_devices.rb b/config/routes/user_devices.rb
new file mode 100644
index 000000000..ba44cdbba
--- /dev/null
+++ b/config/routes/user_devices.rb
@@ -0,0 +1,8 @@
+Zammad::Application.routes.draw do
+  api_path = Rails.configuration.api_path
+
+  # jobs
+  match api_path + '/user_devices',            to: 'user_devices#index',   via: :get
+  match api_path + '/user_devices/:id',        to: 'user_devices#destroy', via: :delete
+
+end
diff --git a/db/migrate/20150817000001_create_user_devices.rb b/db/migrate/20150817000001_create_user_devices.rb
new file mode 100644
index 000000000..013fb1d08
--- /dev/null
+++ b/db/migrate/20150817000001_create_user_devices.rb
@@ -0,0 +1,22 @@
+
+class CreateUserDevices < ActiveRecord::Migration
+  def up
+    create_table :user_devices do |t|
+      t.references :user,             null: false
+      t.string  :name,                 limit: 250, null: false
+      t.string  :os,                   limit: 150, null: true
+      t.string  :browser,              limit: 250, null: true
+      t.string  :country,              limit: 150, null: true
+      t.string  :device_details,       limit: 2500, null: true
+      t.string  :location_details,     limit: 2500, null: true
+      t.timestamps
+    end
+    add_index :user_devices, [:user_id]
+    add_index :user_devices, [:os, :browser, :country]
+    add_index :user_devices, [:updated_at]
+  end
+
+  def down
+    drop_table :user_devices
+  end
+end
diff --git a/lib/models.rb b/lib/models.rb
index 4158450e3..c798a9aaa 100644
--- a/lib/models.rb
+++ b/lib/models.rb
@@ -35,6 +35,9 @@ returns
       model_class = load_adapter(entry)
       next if !model_class
       next if !model_class.respond_to? :new
+      next if !model_class.respond_to? :table_name
+      table_name = model_class.table_name # handle models where not table exists, pending migrations
+      next if !ActiveRecord::Base.connection.tables.include?(table_name)
       model_object = model_class.new
       next if !model_object.respond_to? :attributes
       all[model_class] = {}

From 0917cec85521539d4a7e8557217dc4162f7df7ad Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 16:12:40 +0200
Subject: [PATCH 19/35] Init version of device logging.

---
 app/controllers/user_devices_controller.rb | 27 ++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 app/controllers/user_devices_controller.rb

diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
new file mode 100644
index 000000000..480e9cae4
--- /dev/null
+++ b/app/controllers/user_devices_controller.rb
@@ -0,0 +1,27 @@
+# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
+
+class UserDevicesController < ApplicationController
+  before_action :authentication_check
+
+  def index
+    devices = UserDevice.where(user_id: current_user.id).order('updated_at DESC')
+    devices_full = []
+    devices.each {|device|
+      attributes = device.attributes
+      if device.location_details['city']
+        attributes['country'] += ", #{device.location_details['city']}"
+      end
+      attributes.delete('created_at')
+      attributes.delete('device_details')
+      attributes.delete('location_details')
+      devices_full.push attributes
+    }
+    model_index_render_result(devices_full)
+  end
+
+  def destroy
+    UserDevice.where(user_id: current_user.id, id: params[:id]).destroy_all
+    render json: {}, status: :ok
+  end
+
+end

From 6d7124a1690a751f409d7bb50923e99bda6de2f0 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 17:16:17 +0200
Subject: [PATCH 20/35] Improved device logging.

---
 app/controllers/user_devices_controller.rb       | 2 +-
 app/models/user_device.rb                        | 4 ++--
 db/migrate/20150817000002_update_user_devices.rb | 9 +++++++++
 3 files changed, 12 insertions(+), 3 deletions(-)
 create mode 100644 db/migrate/20150817000002_update_user_devices.rb

diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index 480e9cae4..53870dbda 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -9,7 +9,7 @@ class UserDevicesController < ApplicationController
     devices.each {|device|
       attributes = device.attributes
       if device.location_details['city']
-        attributes['country'] += ", #{device.location_details['city']}"
+        attributes['location'] += ", #{device.location_details['city']}"
       end
       attributes.delete('created_at')
       attributes.delete('device_details')
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index 6c3ea4d97..0c6b2d16d 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -46,7 +46,7 @@ store device for user
       :user_id => user_id,
       os: browser[:plattform],
       browser: browser[:name],
-      country: country,
+      location: country,
     )
 
     if exists
@@ -60,7 +60,7 @@ store device for user
       name: name,
       os: browser[:plattform],
       browser: browser[:name],
-      country: country,
+      location: country,
       device_details: browser,
       location_details: location,
     )
diff --git a/db/migrate/20150817000002_update_user_devices.rb b/db/migrate/20150817000002_update_user_devices.rb
new file mode 100644
index 000000000..05eda7d22
--- /dev/null
+++ b/db/migrate/20150817000002_update_user_devices.rb
@@ -0,0 +1,9 @@
+class UpdateUserDevices < ActiveRecord::Migration
+  def up
+    add_column :user_devices, :location, :string, limit: 150, null: true
+    remove_column :user_devices, :country
+    add_index :user_devices, [:os, :browser, :location]
+    UserDevice.reset_column_information
+  end
+
+end

From 4b43ac7338aec3f01da0d442664d53bc4dc8ab4b Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 17:17:21 +0200
Subject: [PATCH 21/35] Improved device logging.

---
 app/controllers/application_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 26b5029df..474524bbd 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -105,7 +105,7 @@ class ApplicationController < ActionController::Base
     return if request.method == 'GET' || request.method == 'OPTIONS'
 
     # only update if needed
-    return if session[:check_user_device_at] && session[:check_user_device_at] < Time.zone.now - 10.minutes
+    return if session[:check_user_device_at] && session[:check_user_device_at] < Time.zone.now - 5.minutes
     session[:check_user_device_at] = Time.zone.now
 
     UserDevice.add(

From 06f02b22984bb18ff4d0d270d01b7c362033adc8 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 17:26:13 +0200
Subject: [PATCH 22/35] Fixed updateding device logging.

---
 app/controllers/application_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 474524bbd..d9ef7d6a6 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -105,7 +105,7 @@ class ApplicationController < ActionController::Base
     return if request.method == 'GET' || request.method == 'OPTIONS'
 
     # only update if needed
-    return if session[:check_user_device_at] && session[:check_user_device_at] < Time.zone.now - 5.minutes
+    return if session[:check_user_device_at] && session[:check_user_device_at] > Time.zone.now - 5.minutes
     session[:check_user_device_at] = Time.zone.now
 
     UserDevice.add(

From d5421e38ee7fe8577a611d0f240a1032266fb0ed Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 17:36:52 +0200
Subject: [PATCH 23/35] Improved error handling.

---
 .../javascripts/app/controllers/_profile/devices.js.coffee    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/assets/javascripts/app/controllers/_profile/devices.js.coffee b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
index b5fcba939..830397831 100644
--- a/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
+++ b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
@@ -29,7 +29,9 @@ class Index extends App.Controller
 
   delete: (e) =>
     e.preventDefault()
-    id = $(e.target).closest('a').data('device-id')
+    id = $(e.target).data('device-id')
+    if !id
+      id = $(e.target).closest('a').data('device-id')
     console.log('ID', id)
     # get data
     @ajax(

From b27e813ddc2b4474b21e97b8de04a048caaed330 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 17:51:42 +0200
Subject: [PATCH 24/35] Prevent clickable <use xlink:href="#icon-abc"></use>
 tags.

---
 .../javascripts/app/controllers/_profile/devices.js.coffee | 7 ++-----
 app/assets/stylesheets/zammad.css.scss                     | 7 ++++++-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/app/assets/javascripts/app/controllers/_profile/devices.js.coffee b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
index 830397831..4cd832e12 100644
--- a/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
+++ b/app/assets/javascripts/app/controllers/_profile/devices.js.coffee
@@ -29,11 +29,8 @@ class Index extends App.Controller
 
   delete: (e) =>
     e.preventDefault()
-    id = $(e.target).data('device-id')
-    if !id
-      id = $(e.target).closest('a').data('device-id')
-    console.log('ID', id)
-    # get data
+    id = $(e.target).closest('a').data('device-id')
+
     @ajax(
       id:          'user_devices_delete'
       type:        'DELETE'
diff --git a/app/assets/stylesheets/zammad.css.scss b/app/assets/stylesheets/zammad.css.scss
index 99662b88c..018af53e5 100644
--- a/app/assets/stylesheets/zammad.css.scss
+++ b/app/assets/stylesheets/zammad.css.scss
@@ -27,10 +27,15 @@ body {
   flex-direction: column;
 }
 
+/* prevent clickable <use xlink:href="#icon-abc"></use> */
+use {
+  pointer-events: none;
+}
+
 p {
   margin: 14px 0;
   color: hsl(60,1%,34%);
-  
+
   &.subtle {
     color: hsl(60,1%,74%);
   }

From 6fe9276ba70e1da83bdb2da6fcc534c2d7e8a6b0 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 18:13:27 +0200
Subject: [PATCH 25/35] Allow also disable of <a> tags.

---
 app/assets/stylesheets/zammad.css.scss | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/app/assets/stylesheets/zammad.css.scss b/app/assets/stylesheets/zammad.css.scss
index 018af53e5..cc1120782 100644
--- a/app/assets/stylesheets/zammad.css.scss
+++ b/app/assets/stylesheets/zammad.css.scss
@@ -52,6 +52,13 @@ p {
 a {
   outline: none !important;
   @extend .u-highlight;
+
+  &.is-disabled,
+  &[disabled] {
+    pointer-events: none;
+    cursor: not-allowed;
+    opacity: .33;
+  }
 }
 
 a.create {

From f2ef65d67d646a8656a0a442e93b9769181086a4 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Mon, 17 Aug 2015 18:14:44 +0200
Subject: [PATCH 26/35] Improved device logging, do not delete current used
 device. Delete also sessions of device.

---
 .../app/views/profile/devices.jst.eco          |  2 +-
 app/controllers/application_controller.rb      |  8 +++++++-
 app/controllers/user_devices_controller.rb     | 18 +++++++++++++++++-
 app/models/user_device.rb                      |  2 +-
 4 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/app/assets/javascripts/app/views/profile/devices.jst.eco b/app/assets/javascripts/app/views/profile/devices.jst.eco
index c99ad563d..347b3ffc5 100644
--- a/app/assets/javascripts/app/views/profile/devices.jst.eco
+++ b/app/assets/javascripts/app/views/profile/devices.jst.eco
@@ -21,7 +21,7 @@
         <td><%= device.name %></td>
         <td><%= device.location %></td>
         <td><%- @humanTime(device.updated_at) %></td>
-        <td><a href="#" data-device-id="<%- device.id %>" data-type="delete" title="<%- @Ti('Delete') %>"><svg class="icon-trash"><use xlink:href="#icon-trash"></use></svg></a></td>
+        <td><a href="#" data-device-id="<%- device.id %>" data-type="delete" title="<%- @Ti('Delete') %>"<% if device.current: %>disabled<% end %>><svg class="icon-trash"><use xlink:href="#icon-trash"></use></svg></a></td>
       </tr>
     <% end %>
     <tbody>
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d9ef7d6a6..7785c8063 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -98,6 +98,9 @@ class ApplicationController < ActionController::Base
   # check user device
   def check_user_device
 
+    # return if we are in switch to user mode
+    return if session[:switched_from_user_id]
+
     # only if user_id exists
     return if !session[:user_id]
 
@@ -108,11 +111,14 @@ class ApplicationController < ActionController::Base
     return if session[:check_user_device_at] && session[:check_user_device_at] > Time.zone.now - 5.minutes
     session[:check_user_device_at] = Time.zone.now
 
-    UserDevice.add(
+    user_device = UserDevice.add(
       session[:user_agent],
       session[:remote_id],
       session[:user_id],
     )
+    if user_device.id != session[:check_user_device_id]
+      session[:check_user_device_id] = user_device.id
+    end
   end
 
   def authentication_check_only(auth_param)
diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index 53870dbda..e80db5115 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -14,13 +14,29 @@ class UserDevicesController < ApplicationController
       attributes.delete('created_at')
       attributes.delete('device_details')
       attributes.delete('location_details')
+
+      if session[:check_user_device_id] == device.id
+        attributes['current'] = true
+      end
       devices_full.push attributes
     }
     model_index_render_result(devices_full)
   end
 
   def destroy
-    UserDevice.where(user_id: current_user.id, id: params[:id]).destroy_all
+    # find device
+    user_device = UserDevice.find_by(user_id: current_user.id, id: params[:id])
+
+    # delete device and session's
+    if user_device
+      SessionHelper.list.each {|session|
+        next if !session.data['user_id']
+        next if !session.data['check_user_device_id']
+        next if session.data['check_user_device_id'] != user_device.id
+        SessionHelper.destroy( session.id )
+      }
+      user_device.destroy
+    end
     render json: {}, status: :ok
   end
 
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index 0c6b2d16d..1e9b5649a 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -9,7 +9,7 @@ class UserDevice < ApplicationModel
 
 store device for user
 
-  UserDevice.add(
+  user_device = UserDevice.add(
     'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
     '172.0.0.1',
     user.id,

From 2760137eef56b7cee5d72bcac5879f14951d47e1 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Tue, 18 Aug 2015 10:50:12 +0200
Subject: [PATCH 27/35] Removed not used logon_session feature. Added web
 socket authentication. Prepared browser finger print.

---
 .../app/lib/app_post/browser.coffee           | 26 ++++++++++++++++++
 .../app/lib/app_post/websocket.js.coffee      |  4 +--
 app/controllers/application_controller.rb     | 23 +++-------------
 app/controllers/sessions_controller.rb        | 26 +++---------------
 lib/session_helper.rb                         |  4 +--
 script/websocket-server.rb                    | 27 ++++++++++++++++---
 6 files changed, 60 insertions(+), 50 deletions(-)

diff --git a/app/assets/javascripts/app/lib/app_post/browser.coffee b/app/assets/javascripts/app/lib/app_post/browser.coffee
index d82f5a9a5..8d3013879 100644
--- a/app/assets/javascripts/app/lib/app_post/browser.coffee
+++ b/app/assets/javascripts/app/lib/app_post/browser.coffee
@@ -47,6 +47,32 @@ class App.Browser
     # allow browser
     true
 
+  @fingerprint: ->
+    localStorage = window['localStorage']
+
+    # read from local storage
+    if localStorage
+      fingerprint = localStorage.getItem('fingerprint')
+    return fingerprint if fingerprint
+
+    # detect fingerprint
+    data = @detection()
+    resolution = "#{window.screen.availWidth}x#{window.screen.availHeight}/#{window.screen.pixelDepth}"
+    timezone = new Date().toString().match(/\s\(.+?\)$/)
+    hashCode = (s) ->
+      s.split('').reduce(
+        (a,b) ->
+          a=((a<<5)-a)+b.charCodeAt(0)
+          a&a
+        0
+      )
+    fingerprint = hashCode("#{data.browser.name}#{data.browser.major}#{data.os}#{resolution}#{timezone}")
+
+    # write to local storage
+    if localStorage
+      localStorage.setItem('fingerprint', fingerprint)
+    fingerprint
+
   @message: (data, version) ->
     new App.ControllerModal(
       head:     'Browser too old!'
diff --git a/app/assets/javascripts/app/lib/app_post/websocket.js.coffee b/app/assets/javascripts/app/lib/app_post/websocket.js.coffee
index 907907f73..7f40dafdb 100644
--- a/app/assets/javascripts/app/lib/app_post/websocket.js.coffee
+++ b/app/assets/javascripts/app/lib/app_post/websocket.js.coffee
@@ -115,8 +115,8 @@ class _webSocketSingleton extends App.Controller
     # logon websocket
     data =
       action: 'login'
-      session:
-        id: App.Session.get('id')
+      session_id: App.Config.get('session_id')
+      fingerprint: App.Browser.fingerprint()
     @send(data)
 
   spool: =>
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7785c8063..3a6b5e58a 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -140,25 +140,6 @@ class ApplicationController < ActionController::Base
 
     error_message = 'authentication failed'
 
-    # check logon session
-    if params['logon_session']
-      logon_session = ActiveRecord::SessionStore::Session.where( session_id: params['logon_session'] ).first
-
-      # set logon session user to current user
-      if logon_session
-        userdata = User.find( logon_session.data[:user_id] )
-        current_user_set(userdata)
-
-        session[:persistent] = true
-
-        return {
-          auth: true
-        }
-      end
-
-      error_message = 'no valid session, user_id'
-    end
-
     # check sso
     sso_userdata = User.sso(params)
     if sso_userdata
@@ -296,10 +277,14 @@ class ApplicationController < ActionController::Base
       config['timezones'][ t.name ] = diff
     }
 
+    # remember if we can to swich back to user
     if session[:switched_from_user_id]
       config['switch_back_to_possible'] = true
     end
 
+    # remember session_id for websocket logon
+    config['session_id'] = session.id
+
     config
   end
 
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 079ad10d8..4c4d49e2e 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -42,18 +42,6 @@ class SessionsController < ApplicationController
     # get models
     models = SessionHelper.models(user)
 
-    # check logon session
-    logon_session_key = nil
-    if params['logon_session']
-      logon_session_key = Digest::MD5.hexdigest( rand(999_999).to_s + Time.zone.now.to_s )
-      #      session = ActiveRecord::SessionStore::Session.create(
-      #        :session_id => logon_session_key,
-      #        :data => {
-      #          :user_id => user['id']
-      #        }
-      #      )
-    end
-
     # sessions created via this
     # controller are persistent
     session[:persistent] = true
@@ -62,10 +50,10 @@ class SessionsController < ApplicationController
     render  status: :created,
             json: {
               session: user,
+              config: config_frontend,
               models: models,
               collections: collections,
               assets: assets,
-              logon_session: logon_session_key,
             }
   end
 
@@ -78,14 +66,6 @@ class SessionsController < ApplicationController
       user_id = session[:user_id]
     end
 
-    # check logon session
-    if params['logon_session']
-      session = SessionHelper.get( params['logon_session'] )
-      if session
-        user_id = session.data[:user_id]
-      end
-    end
-
     if !user_id
       # get models
       models = SessionHelper.models()
@@ -96,7 +76,7 @@ class SessionsController < ApplicationController
         models: models,
         collections: {
           Locale.to_app_model => Locale.where( active: true )
-        }
+        },
       }
       return
     end
@@ -117,10 +97,10 @@ class SessionsController < ApplicationController
     # return current session
     render json: {
       session: user,
+      config: config_frontend,
       models: models,
       collections: collections,
       assets: assets,
-      config: config_frontend,
     }
   end
 
diff --git a/lib/session_helper.rb b/lib/session_helper.rb
index 1f1207a39..93de1d58a 100644
--- a/lib/session_helper.rb
+++ b/lib/session_helper.rb
@@ -37,7 +37,7 @@ module SessionHelper
   end
 
   def self.get(id)
-    ActiveRecord::SessionStore::Session.where( id: id ).first
+    ActiveRecord::SessionStore::Session.find_by( id: id )
   end
 
   def self.list(limit = 10_000)
@@ -45,7 +45,7 @@ module SessionHelper
   end
 
   def self.destroy(id)
-    session = ActiveRecord::SessionStore::Session.where( id: id ).first
+    session = ActiveRecord::SessionStore::Session.find_by( id: id )
     return if !session
     session.destroy
   end
diff --git a/script/websocket-server.rb b/script/websocket-server.rb
index 21e75b78a..eea1877a4 100755
--- a/script/websocket-server.rb
+++ b/script/websocket-server.rb
@@ -12,6 +12,12 @@ require 'sessions'
 require 'optparse'
 require 'daemons'
 
+# load rails env
+dir = File.expand_path(File.join(File.dirname(__FILE__), '..'))
+Dir.chdir dir
+RAILS_ENV = ENV['RAILS_ENV'] || 'development'
+require File.join(dir, 'config', 'environment')
+
 # Look for -o with argument, and -I and -D boolean arguments
 @options = {
   p: 6042,
@@ -176,10 +182,23 @@ EventMachine.run {
 
       # get session
       if data['action'] == 'login'
-        @clients[client_id][:session] = data['session']
-        Sessions.create( client_id, data['session'], { type: 'websocket' } )
 
-        # remember ping, send pong back
+        # get user_id
+        if data['session_id']
+          session = ActiveRecord::SessionStore::Session.find_by( session_id: data['session_id'] )
+        end
+
+        if session && session.data && session.data['user_id']
+          new_session_data = { 'id' => session.data['user_id'] }
+        else
+          new_session_data = {}
+        end
+
+        @clients[client_id][:session] = new_session_data
+
+        Sessions.create( client_id, new_session_data, { type: 'websocket' } )
+
+      # remember ping, send pong back
       elsif data['action'] == 'ping'
         Sessions.touch(client_id)
         @clients[client_id][:last_ping] = Time.now.utc.to_i
@@ -188,7 +207,7 @@ EventMachine.run {
         }
         websocket_send(client_id, message)
 
-        # broadcast
+      # broadcast
       elsif data['action'] == 'broadcast'
 
         # list all current clients

From 72bb0eb0672663177e45dde38cf32f172b053168 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 00:36:58 +0200
Subject: [PATCH 28/35] Improved device logging.

---
 .../app/lib/app_post/auth.js.coffee           |  6 +-
 app/controllers/application_controller.rb     | 59 +++++++++----
 app/controllers/sessions_controller.rb        |  6 ++
 app/controllers/user_devices_controller.rb    | 13 +--
 app/models/user_device.rb                     | 86 ++++++++++++++++---
 config/routes/auth.rb                         |  2 +-
 .../20150818000001_update_user_devices2.rb    | 11 +++
 7 files changed, 145 insertions(+), 38 deletions(-)
 create mode 100644 db/migrate/20150818000001_update_user_devices2.rb

diff --git a/app/assets/javascripts/app/lib/app_post/auth.js.coffee b/app/assets/javascripts/app/lib/app_post/auth.js.coffee
index 6d4225960..751288a58 100644
--- a/app/assets/javascripts/app/lib/app_post/auth.js.coffee
+++ b/app/assets/javascripts/app/lib/app_post/auth.js.coffee
@@ -2,6 +2,7 @@ class App.Auth
 
   @login: (params) ->
     App.Log.notice 'Auth', 'login', params
+    params.data['fingerprint'] = App.Browser.fingerprint()
     App.Ajax.request(
       id:     'login'
       type:   'POST'
@@ -21,12 +22,15 @@ class App.Auth
     )
 
   @loginCheck: ->
+    params =
+      fingerprint: App.Browser.fingerprint()
     App.Log.debug 'Auth', 'loginCheck'
     App.Ajax.request(
       id:    'login_check'
       async: false
-      type:  'GET'
+      type:  'POST'
       url:   App.Config.get('api_path') + '/signshow'
+      data:  JSON.stringify(params)
       success: (data, status, xhr) =>
 
         # set login (config, session, ...)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 3a6b5e58a..68c72fb88 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -14,10 +14,10 @@ class ApplicationController < ActionController::Base
                 :model_index_render
 
   skip_before_action :verify_authenticity_token
-  before_action :set_user, :session_update, :check_user_device
+  before_action :set_user, :session_update
   before_action :cors_preflight_check
 
-  after_action  :set_access_control_headers
+  after_action  :user_device_update, :set_access_control_headers
   after_action  :trigger_events
 
   # For all responses in this controller, return the CORS access control headers.
@@ -95,8 +95,8 @@ class ApplicationController < ActionController::Base
     session[:user_agent] = request.env['HTTP_USER_AGENT']
   end
 
-  # check user device
-  def check_user_device
+  # user device recent action update
+  def user_device_update
 
     # return if we are in switch to user mode
     return if session[:switched_from_user_id]
@@ -104,21 +104,46 @@ class ApplicationController < ActionController::Base
     # only if user_id exists
     return if !session[:user_id]
 
-    # only if write action
+    # only with user device
+    if !session[:user_device_id]
+      if params[:fingerprint]
+        return false if !user_device_log(current_user, 'session')
+      end
+      return
+    end
+
+    # check if entry exists / only if write action
     return if request.method == 'GET' || request.method == 'OPTIONS'
 
     # only update if needed
-    return if session[:check_user_device_at] && session[:check_user_device_at] > Time.zone.now - 5.minutes
-    session[:check_user_device_at] = Time.zone.now
+    return if session[:user_device_update_at] && session[:user_device_update_at] > Time.zone.now - 5.minutes
+    session[:user_device_update_at] = Time.zone.now
 
-    user_device = UserDevice.add(
+    UserDevice.action(
+      session[:user_device_id],
       session[:user_agent],
       session[:remote_id],
       session[:user_id],
     )
-    if user_device.id != session[:check_user_device_id]
-      session[:check_user_device_id] = user_device.id
+  end
+
+  def user_device_log(user, type)
+
+    # for sessions we need the fingperprint
+    if !params[:fingerprint] && type == 'session'
+      render json: { error: 'Need fingerprint param!' }, status: :unprocessable_entity
+      return false
     end
+
+    # add defice if needed
+    user_device = UserDevice.add(
+      request.env['HTTP_USER_AGENT'],
+      request.remote_ip,
+      user.id,
+      params[:fingerprint],
+      type,
+    )
+    session[:user_device_id] = user_device.id
   end
 
   def authentication_check_only(auth_param)
@@ -130,7 +155,8 @@ class ApplicationController < ActionController::Base
 
     # already logged in, early exit
     if session.id && session[:user_id]
-      userdata = User.find( session[:user_id] )
+
+      userdata = User.find(session[:user_id])
       current_user_set(userdata)
 
       return {
@@ -143,11 +169,10 @@ class ApplicationController < ActionController::Base
     # check sso
     sso_userdata = User.sso(params)
     if sso_userdata
+      session[:persistent] = true
 
       current_user_set(sso_userdata)
 
-      session[:persistent] = true
-
       return {
         auth: true
       }
@@ -161,8 +186,9 @@ class ApplicationController < ActionController::Base
 
       next if !userdata
 
-      # set basic auth user to current user
       current_user_set(userdata)
+      user_device_log(userdata, 'basic_auth')
+
       return {
         auth: true
       }
@@ -180,8 +206,8 @@ class ApplicationController < ActionController::Base
 
         next if !userdata
 
-        # set token user to current user
         current_user_set(userdata)
+        user_device_log(userdata, 'token_auth')
 
         return {
           auth: true
@@ -216,9 +242,6 @@ class ApplicationController < ActionController::Base
       return false
     end
 
-    # store current user id into the session
-    session[:user_id] = current_user.id
-
     # return auth ok
     true
   end
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 4c4d49e2e..f84a57c91 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -30,6 +30,9 @@ class SessionsController < ApplicationController
     # set session user
     current_user_set(user)
 
+    # log device
+    return if !user_device_log(user, 'session')
+
     # log new session
     user.activity_stream_log( 'session started', user.id, true )
 
@@ -85,6 +88,9 @@ class SessionsController < ApplicationController
     # subsequent requests
     user = User.find( user_id )
 
+    # log device
+    return if !user_device_log(user, 'session')
+
     # auto population of default collections
     collections, assets = SessionHelper.default_collections(user)
 
diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index e80db5115..c5b0a90bc 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -4,18 +4,18 @@ class UserDevicesController < ApplicationController
   before_action :authentication_check
 
   def index
-    devices = UserDevice.where(user_id: current_user.id).order('updated_at DESC')
+    devices = UserDevice.where(user_id: current_user.id).order('created_at DESC')
     devices_full = []
     devices.each {|device|
       attributes = device.attributes
-      if device.location_details['city']
-        attributes['location'] += ", #{device.location_details['city']}"
+      if device.location_details['city_name']
+        attributes['location'] += ", #{device.location_details['city_name']}"
       end
       attributes.delete('created_at')
       attributes.delete('device_details')
       attributes.delete('location_details')
 
-      if session[:check_user_device_id] == device.id
+      if session[:user_device_id] == device.id
         attributes['current'] = true
       end
       devices_full.push attributes
@@ -24,6 +24,7 @@ class UserDevicesController < ApplicationController
   end
 
   def destroy
+
     # find device
     user_device = UserDevice.find_by(user_id: current_user.id, id: params[:id])
 
@@ -31,8 +32,8 @@ class UserDevicesController < ApplicationController
     if user_device
       SessionHelper.list.each {|session|
         next if !session.data['user_id']
-        next if !session.data['check_user_device_id']
-        next if session.data['check_user_device_id'] != user_device.id
+        next if !session.data['user_device_id']
+        next if session.data['user_device_id'] != user_device.id
         SessionHelper.destroy( session.id )
       }
       user_device.destroy
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index 1e9b5649a..a247a84d7 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -13,11 +13,37 @@ store device for user
     'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
     '172.0.0.1',
     user.id,
+    'fingerprintABC123',
+    'session', # session|basic_auth|token_auth|sso
   )
 
 =end
 
-  def self.add(user_agent, ip, user_id)
+  def self.add(user_agent, ip, user_id, fingerprint, type)
+
+    # get location info
+    location_details = Service::GeoIp.location(ip)
+    location = location_details['country_name']
+
+    # find device by fingerprint
+    if fingerprint
+      user_device = UserDevice.find_by(
+        user_id: user_id,
+        fingerprint: fingerprint,
+        location: location,
+      )
+      return action(user_device.id, user_agent, ip, user_id) if user_device
+    end
+
+    # for basic_auth|token_auth search for user agent
+    if type == 'basic_auth' || type == 'token_auth'
+      user_device = UserDevice.find_by(
+        user_id: user_id,
+        user_agent: user_agent,
+        location: location,
+      )
+      return action(user_device.id, user_agent, ip, user_id) if user_device
+    end
 
     # get browser details
     browser = Browser.new(:ua => user_agent, :accept_language => 'en-us')
@@ -37,21 +63,22 @@ store device for user
       name += browser[:name]
     end
 
-    # get location info
-    location = Service::GeoIp.location(ip)
-    country = location['country_name']
+    # if not identified, use user agent
+    if name == 'Other, Other'
+      name = user_agent
+      browser[:name] = user_agent
+    end
 
     # check if exists
-    exists = self.find_by(
-      :user_id => user_id,
+    user_device = self.find_by(
+      user_id: user_id,
       os: browser[:plattform],
       browser: browser[:name],
-      location: country,
+      location: location,
     )
 
-    if exists
-      exists.touch
-      return exists
+    if user_device
+      return action(user_device.id, user_agent, ip, user_id) if user_device
     end
 
     # create new device
@@ -60,10 +87,45 @@ store device for user
       name: name,
       os: browser[:plattform],
       browser: browser[:name],
-      location: country,
+      location: location,
       device_details: browser,
-      location_details: location,
+      location_details: location_details,
+      user_agent: user_agent,
+      ip: ip,
+      fingerprint: fingerprint,
     )
+
+  end
+
+=begin
+
+log user device action
+
+  UserDevice.action(
+    user_device_id,
+    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+    '172.0.0.1',
+    user.id,
+  )
+
+=end
+
+  def self.action(user_device_id, user_agent, ip, user_id)
+    user_device = UserDevice.find(user_device_id)
+
+    # update location if needed
+    if user_device.ip != ip
+      user_device.ip = ip
+      location_details = Service::GeoIp.location(ip)
+      user_device.location_details = location_details
+
+      location = location_details['country_name']
+      user_device.location = location
+    end
+
+    # update attributes
+    user_device.save
+    user_device
   end
 
 end
diff --git a/config/routes/auth.rb b/config/routes/auth.rb
index 96e284d87..6807b69b3 100644
--- a/config/routes/auth.rb
+++ b/config/routes/auth.rb
@@ -9,7 +9,7 @@ Zammad::Application.routes.draw do
 
   # sessions
   match api_path + '/signin',               to: 'sessions#create',               via: :post
-  match api_path + '/signshow',             to: 'sessions#show',                 via: :get
+  match api_path + '/signshow',             to: 'sessions#show',                 via: [:get, :post]
   match api_path + '/signout',              to: 'sessions#destroy',              via: [:get, :delete]
 
   match api_path + '/sessions/switch/:id',  to: 'sessions#switch_to_user',       via: :get
diff --git a/db/migrate/20150818000001_update_user_devices2.rb b/db/migrate/20150818000001_update_user_devices2.rb
new file mode 100644
index 000000000..f8a016424
--- /dev/null
+++ b/db/migrate/20150818000001_update_user_devices2.rb
@@ -0,0 +1,11 @@
+class UpdateUserDevices2 < ActiveRecord::Migration
+  def up
+    add_column :user_devices, :user_agent, :string, limit: 250, null: true
+    add_column :user_devices, :ip, :string, limit: 160, null: true
+    add_column :user_devices, :fingerprint, :string, limit: 160, null: true
+    add_index :user_devices, [:fingerprint]
+    add_index :user_devices, [:created_at]
+    UserDevice.reset_column_information
+  end
+
+end

From e2b510313a4249880f3470db3280bb776ffcb185 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 01:00:07 +0200
Subject: [PATCH 29/35] Added sending user device notification.

---
 app/models/user_device.rb | 59 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 58 insertions(+), 1 deletion(-)

diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index a247a84d7..0fcbbd5e9 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -82,7 +82,7 @@ store device for user
     end
 
     # create new device
-    self.create(
+    user_device = self.create(
       user_id: user_id,
       name: name,
       os: browser[:plattform],
@@ -95,6 +95,13 @@ store device for user
       fingerprint: fingerprint,
     )
 
+    # send notification if needed
+    user_devices = UserDevice.where(user_id: user_id).count
+    if user_devices >= 2
+      user_device.send_notification
+    end
+
+    user_device
   end
 
 =begin
@@ -128,4 +135,54 @@ log user device action
     user_device
   end
 
+=begin
+
+send new user device info
+
+  user_device = UserDevice.find(id)
+
+  user_device.send_notification
+
+=end
+
+  def send_notification
+    user = User.find(user_id)
+
+    # send mail
+    data = {}
+    data[:subject] = '#{config.product_name} signin detected from a new device'
+    data[:body]    = 'Hi #{user.firstname},
+
+it looks like you signed into your #{config.product_name} account using a new device on "#{user_device.created_at}":
+
+Your Location: #{user_device.location}
+Your IP: #{user_device.ip}
+
+Your device has been added to your list of known devices, which you can view here:
+
+#{config.http_type}://#{config.fqdn}/#profile/devices
+
+If this wasn\'t you, remove the device, changing your account password, and contacting your administrator. Somebody might have gained unauthorized access to your account.
+
+Your #{config.product_name} Team'
+
+    # prepare subject & body
+    [:subject, :body].each { |key|
+      data[key.to_sym] = NotificationFactory.build(
+        locale: user.preferences[:locale],
+        string: data[key.to_sym],
+        objects: {
+          user_device: self,
+          user: user,
+        }
+      )
+    }
+
+    # send notification
+    NotificationFactory.send(
+      recipient: user,
+      subject: data[:subject],
+      body: data[:body]
+    )
+  end
 end

From ee5e084b6344abedb5226e4f7e38837095ca7fac Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 01:02:41 +0200
Subject: [PATCH 30/35] Improved error handling.

---
 script/websocket-server.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/script/websocket-server.rb b/script/websocket-server.rb
index eea1877a4..c2b3184b8 100755
--- a/script/websocket-server.rb
+++ b/script/websocket-server.rb
@@ -184,7 +184,7 @@ EventMachine.run {
       if data['action'] == 'login'
 
         # get user_id
-        if data['session_id']
+        if data && data['session_id']
           session = ActiveRecord::SessionStore::Session.find_by( session_id: data['session_id'] )
         end
 

From c3eea0b8af59c02af66ecb7ba2b4244d68f36f86 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 01:03:28 +0200
Subject: [PATCH 31/35] Merged migrations.

---
 db/migrate/20150817000001_create_user_devices.rb  |  9 +++++++--
 db/migrate/20150817000002_update_user_devices.rb  |  9 ---------
 db/migrate/20150818000001_update_user_devices2.rb | 11 -----------
 3 files changed, 7 insertions(+), 22 deletions(-)
 delete mode 100644 db/migrate/20150817000002_update_user_devices.rb
 delete mode 100644 db/migrate/20150818000001_update_user_devices2.rb

diff --git a/db/migrate/20150817000001_create_user_devices.rb b/db/migrate/20150817000001_create_user_devices.rb
index 013fb1d08..534a7c2c3 100644
--- a/db/migrate/20150817000001_create_user_devices.rb
+++ b/db/migrate/20150817000001_create_user_devices.rb
@@ -6,14 +6,19 @@ class CreateUserDevices < ActiveRecord::Migration
       t.string  :name,                 limit: 250, null: false
       t.string  :os,                   limit: 150, null: true
       t.string  :browser,              limit: 250, null: true
-      t.string  :country,              limit: 150, null: true
+      t.string  :location,             limit: 150, null: true
       t.string  :device_details,       limit: 2500, null: true
       t.string  :location_details,     limit: 2500, null: true
+      t.string  :fingerprint,          limit: 160, null: true
+      t.string  :user_agent,           limit: 250, null: true
+      t.string  :ip,                   limit: 160, null: true
       t.timestamps
     end
     add_index :user_devices, [:user_id]
-    add_index :user_devices, [:os, :browser, :country]
+    add_index :user_devices, [:os, :browser, :location]
+    add_index :user_devices, [:fingerprint]
     add_index :user_devices, [:updated_at]
+    add_index :user_devices, [:created_at]
   end
 
   def down
diff --git a/db/migrate/20150817000002_update_user_devices.rb b/db/migrate/20150817000002_update_user_devices.rb
deleted file mode 100644
index 05eda7d22..000000000
--- a/db/migrate/20150817000002_update_user_devices.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-class UpdateUserDevices < ActiveRecord::Migration
-  def up
-    add_column :user_devices, :location, :string, limit: 150, null: true
-    remove_column :user_devices, :country
-    add_index :user_devices, [:os, :browser, :location]
-    UserDevice.reset_column_information
-  end
-
-end
diff --git a/db/migrate/20150818000001_update_user_devices2.rb b/db/migrate/20150818000001_update_user_devices2.rb
deleted file mode 100644
index f8a016424..000000000
--- a/db/migrate/20150818000001_update_user_devices2.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-class UpdateUserDevices2 < ActiveRecord::Migration
-  def up
-    add_column :user_devices, :user_agent, :string, limit: 250, null: true
-    add_column :user_devices, :ip, :string, limit: 160, null: true
-    add_column :user_devices, :fingerprint, :string, limit: 160, null: true
-    add_index :user_devices, [:fingerprint]
-    add_index :user_devices, [:created_at]
-    UserDevice.reset_column_information
-  end
-
-end

From 9985390c93052291e5b69408064bb4ff9893fa24 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 01:05:59 +0200
Subject: [PATCH 32/35] Small improvement for displaying city.

---
 app/controllers/user_devices_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/user_devices_controller.rb b/app/controllers/user_devices_controller.rb
index c5b0a90bc..ddebe95fc 100644
--- a/app/controllers/user_devices_controller.rb
+++ b/app/controllers/user_devices_controller.rb
@@ -8,7 +8,7 @@ class UserDevicesController < ApplicationController
     devices_full = []
     devices.each {|device|
       attributes = device.attributes
-      if device.location_details['city_name']
+      if device.location_details['city_name'] && !device.location_details['city_name'].empty?
         attributes['location'] += ", #{device.location_details['city_name']}"
       end
       attributes.delete('created_at')

From f416e58ac0224b66e6cea8ee06c848e7fa288711 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 02:13:38 +0200
Subject: [PATCH 33/35] Do not device logging in user switch mode.

---
 app/controllers/application_controller.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 68c72fb88..a15c01162 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -129,6 +129,9 @@ class ApplicationController < ActionController::Base
 
   def user_device_log(user, type)
 
+    # return if we are in switch to user mode
+    return if session[:switched_from_user_id]
+
     # for sessions we need the fingperprint
     if !params[:fingerprint] && type == 'session'
       render json: { error: 'Need fingerprint param!' }, status: :unprocessable_entity

From 1112af9e5227dc4c13425e5349f24468e99fea09 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 02:16:57 +0200
Subject: [PATCH 34/35] Do not stop rendering page.

---
 app/controllers/application_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a15c01162..d898d77cd 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -130,7 +130,7 @@ class ApplicationController < ActionController::Base
   def user_device_log(user, type)
 
     # return if we are in switch to user mode
-    return if session[:switched_from_user_id]
+    return true if session[:switched_from_user_id]
 
     # for sessions we need the fingperprint
     if !params[:fingerprint] && type == 'session'

From c3be77edd4b66f9d3ec77eb84d1c5511faf8b0d8 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer <me@edenhofer.de>
Date: Wed, 19 Aug 2015 02:46:14 +0200
Subject: [PATCH 35/35] Improved device detection.

---
 app/controllers/application_controller.rb |   2 -
 app/models/user_device.rb                 |  11 +-
 test/unit/user_device_test.rb             | 190 ++++++++++++++++++++++
 3 files changed, 197 insertions(+), 6 deletions(-)
 create mode 100644 test/unit/user_device_test.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d898d77cd..925264107 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -174,8 +174,6 @@ class ApplicationController < ActionController::Base
     if sso_userdata
       session[:persistent] = true
 
-      current_user_set(sso_userdata)
-
       return {
         auth: true
       }
diff --git a/app/models/user_device.rb b/app/models/user_device.rb
index 0fcbbd5e9..858d7813e 100644
--- a/app/models/user_device.rb
+++ b/app/models/user_device.rb
@@ -55,16 +55,19 @@ store device for user
     }
 
     # generate device name
-    name = browser[:plattform] || ''
-    if browser[:name]
-      if name
+    name = ''
+    if browser[:plattform] && browser[:plattform] != 'Other'
+      name = browser[:plattform]
+    end
+    if browser[:name] && browser[:name] != 'Other'
+      if name && !name.empty?
         name += ', '
       end
       name += browser[:name]
     end
 
     # if not identified, use user agent
-    if name == 'Other, Other'
+    if !name || name == '' || name == 'Other, Other' || name == 'Other'
       name = user_agent
       browser[:name] = user_agent
     end
diff --git a/test/unit/user_device_test.rb b/test/unit/user_device_test.rb
new file mode 100644
index 000000000..8d61e9888
--- /dev/null
+++ b/test/unit/user_device_test.rb
@@ -0,0 +1,190 @@
+require 'test_helper'
+
+class UserDeviceTest < ActiveSupport::TestCase
+  setup do
+
+    # create agent
+    groups = Group.all
+    roles = Role.where( name: 'Agent' )
+
+    UserInfo.current_user_id = 1
+
+    @agent = User.create_or_update(
+      login: 'user-device-agent@example.com',
+      firstname: 'UserDevice',
+      lastname: 'Agent',
+      email: 'user-device-agent@example.com',
+      password: 'agentpw',
+      active: true,
+      roles: roles,
+      groups: groups,
+    )
+  end
+
+
+  test 'session test' do
+
+    # signin with fingerprint A from country A via session -> new device #1
+    user_device1 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '91.115.248.231',
+      @agent.id,
+      'fingerprint1234',
+      'session',
+    )
+
+    # signin with fingerprint A from country B via session -> new device #2
+    user_device2 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '176.198.137.254',
+      @agent.id,
+      'fingerprint1234',
+      'session',
+    )
+    assert_not_equal(user_device1.id, user_device2.id)
+
+    # signin with fingerprint B from country A via session -> new device #3
+    user_device3 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '91.115.248.231',
+      @agent.id,
+      'fingerprintABC',
+      'session',
+    )
+    assert_not_equal(user_device2.id, user_device3.id)
+
+    # signin with fingerprint A from country A via session -> new device #1
+    user_device4 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '91.115.248.231',
+      @agent.id,
+      'fingerprint1234',
+      'session',
+    )
+    assert_equal(user_device1.id, user_device4.id)
+
+    # signin with fingerprint A from country B via session -> new device #2
+    user_device5 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '176.198.137.254',
+      @agent.id,
+      'fingerprint1234',
+      'session',
+    )
+    assert_equal(user_device2.id, user_device5.id)
+
+    # signin with fingerprint B from country A via session -> new device #3
+    user_device6 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '91.115.248.231',
+      @agent.id,
+      'fingerprintABC',
+      'session',
+    )
+    assert_equal(user_device3.id, user_device6.id)
+
+  end
+
+  test 'session test - user agent (unknown)' do
+
+    # known user agent
+    user_device1 = UserDevice.add(
+      'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'session',
+    )
+    assert_equal('Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.107 Safari/537.36', user_device1.user_agent)
+    assert_equal('Mac, Chrome', user_device1.name)
+
+    # unknown user agent
+    user_device2 = UserDevice.add(
+      'ABC 123',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'session',
+    )
+    assert_equal('ABC 123', user_device2.user_agent)
+    assert_equal('ABC 123', user_device2.browser)
+    assert_equal('ABC 123', user_device2.name)
+
+    # partently known
+    user_device3 = UserDevice.add(
+      'Mozilla/5.0 (iPhone; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12H143 Safari/600.1.4',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'session',
+    )
+    assert_equal('Mozilla/5.0 (iPhone; CPU iPhone OS 8_4 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12H143 Safari/600.1.4', user_device3.user_agent)
+    assert_equal('iPhone', user_device3.browser)
+    assert_equal('iPhone', user_device3.name)
+  end
+
+  test 'api test' do
+
+    # signin with ua from country A via basic auth -> new device #1
+    user_device1 = UserDevice.add(
+      'curl/7.43.0',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'basic_auth',
+    )
+
+    # signin with ua from country B via basic auth -> new device #2
+    user_device2 = UserDevice.add(
+      'curl/7.43.0',
+      '176.198.137.254',
+      @agent.id,
+      nil,
+      'basic_auth',
+    )
+    assert_not_equal(user_device1.id, user_device2.id)
+
+    # signin with ua from country A via basic auth -> new device #1
+    user_device3 = UserDevice.add(
+      'curl/7.43.0',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'basic_auth',
+    )
+    assert_equal(user_device1.id, user_device3.id)
+
+    # signin with ua from country B via basic auth -> new device #2
+    user_device4 = UserDevice.add(
+      'curl/7.43.0',
+      '176.198.137.254',
+      @agent.id,
+      nil,
+      'basic_auth',
+    )
+    assert_equal(user_device2.id, user_device4.id)
+
+    # signin with ua from country A via token auth -> new device #1
+    user_device5 = UserDevice.add(
+      'curl/7.43.0',
+      '91.115.248.231',
+      @agent.id,
+      nil,
+      'token_auth',
+    )
+    assert_equal(user_device1.id, user_device5.id)
+
+    # signin with ua from country B via token auth -> new device #2
+    user_device6 = UserDevice.add(
+      'curl/7.43.0',
+      '176.198.137.254',
+      @agent.id,
+      nil,
+      'token_auth',
+    )
+    assert_equal(user_device2.id, user_device6.id)
+
+  end
+
+
+end