From eeb14ed0c9d725598e4feac4c826efcc6725046a Mon Sep 17 00:00:00 2001 From: Marc Hefter Date: Tue, 17 May 2022 12:59:14 +0200 Subject: [PATCH] LDAP/AD user profile synchronization * feature addition: [user_ldap] update user profile from LDAP * added Fediverse field explanation * clearification of user profile data handling * data handling on profile update in user_ldap * being more specific about the data corrected some misformatted parts * better handling of user profile changes * removed profile data from LDAP will get removed Signed-off-by: Marc Hefter --- .../configuration_user/user_auth_ldap.rst | 77 +++++++++++++++++- .../images/ldap-advanced-4-attributes.png | Bin 0 -> 37039 bytes 2 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 admin_manual/images/ldap-advanced-4-attributes.png diff --git a/admin_manual/configuration_user/user_auth_ldap.rst b/admin_manual/configuration_user/user_auth_ldap.rst index b20dfa65d..045e5bf20 100644 --- a/admin_manual/configuration_user/user_auth_ldap.rst +++ b/admin_manual/configuration_user/user_auth_ldap.rst @@ -235,11 +235,12 @@ working connection. This provides controls to disable the current configuration, configure replica hosts, and various performance-enhancing options. -The Advanced Settings are structured into three parts: +The Advanced Settings are structured into four parts: * Connection Settings * Directory Settings * Special Attributes +* User Profile Attributes Connection settings ^^^^^^^^^^^^^^^^^^^ @@ -466,6 +467,80 @@ In migrated Nextcloud installations the old behavior still applies, which is usi sudo -u www-data php occ config:app:set user_ldap enforce_home_folder_naming_rule --value=1 +.. _LDAP_User_Profile_Attributes: + +User Profile attributes +^^^^^^^^^^^^^^^^^^^^^^^ + +.. figure:: ../images/ldap-advanced-4-attributes.png + :alt: User Profile Attributes. + +After configuring those attributes, the User Profile data will be overwritten with the according data from LDAP. The checksum of data from LDAP will be stored in user settings ``user_ldap``, ``lastProfileChecksum`` and profile update is skipped as long as data from LDAP doesn't change. If ``memcache.distributed`` is enabled in ``config.php`` the checksum will be cached and the checking will be skipped, as long as the cached value exists (expires after ``ldapCacheTTL`` seconds). + +Please be aware: + - The user can change the data in profile, but it will get overwritten if changed in LDAP + - The user can change the visibility scope in profile + - The default visibility can be adjusted with setting the ``account_manager.default_property_scope`` array in ``config.php`` + - If multiple attribute values are present, only the first distributed value is used + - All user profile properties are limited to 2048 character + - Having misformatted data in LDAP will most probably leave you with empty user profile fields + - Setting the global ``profile.enabled => false`` on ``config.php`` skips the code + +By calling ``php occ ldap:check-user --update `` the users data from LDAP will be displayed and the profile gets updated. To get the correct ```` value for any user you can use ``php occ user:list``. + +.. note:: After unsetting an attribute name here, the data won't be deleted from user profile. Setting an nonexisting attribute will empty the corresponding profile field. + +Phone Field: + The LDAP Attribute holding the phone number, to copy to the Profile Phone field. + The phone number has to be formatted in international syntax without delimiters (E.164). + Be sure to format phone numbers like ``+4966612345678``. + + * Example: *telephoneNumber* + * Example: *mobile* + +.. note:: You should set your ``default_phone_region`` in ``config.php``. + +Website Field: + The LDAP attribute holding the website URI. + The URI must start with ``https://`` or ``http://`` others are currently not allowed in Nextcloud user profile. + If using ``labeledURI`` attributes the label (everything after first SPACE) gets removed. + + * Example: *wWWHomePage* + * Example: *labeledURI* + +Address Field: + The LDAP attribute holding the users address. Named Location on user profile page. + Nextcloud wants a single line value like ``city, country`` or ``somewhere under the loving sun``. + Multi line postalAddress format will get reformatted, DOLLAR sign delimiter gets replaced with COMMA+SPACE. + + * Example: *postalAddress* + * Example: *localityName* + +Twitter Field: + The LDAP attribute holding the Twitter account name. + +Fediverse Field: + The LDAP attribute holding the users Fediverse address. + +Organisation Field: + The LDAP attribute holding the Organisation name. + + * Example: *company* + * Example: *o* or *organizationName* + +Role Field: + The LDAP attribute holding the organizational role, within the organisation or job title. + + * Example: *title* + +Headline Field: + The LDAP attribute holding the users headline. + +Biography Field: + The LDAP attribute holding the users about i.e. short biography. + Multi line value with unix LF line ending. + Windows CRLF and Macintosh CR line endings will be replaced with unix LF line ending. + Expert settings --------------- diff --git a/admin_manual/images/ldap-advanced-4-attributes.png b/admin_manual/images/ldap-advanced-4-attributes.png new file mode 100644 index 0000000000000000000000000000000000000000..eb513c5d1996cb8ed062fba1caedad8a32862039 GIT binary patch literal 37039 zcmeFZXINCpwlIvNV@5F(Diw_{8JC)i=q?w&A0-Bp71{Y(shZs zY05Y4sK4j7>JamNQ>9ta4@1n!K6pDB>&#MxR9sk{kMak%blmNWG@B~{iaWQ{9|ts3 zUH&}*cBZJ`!TYPkkFX^+rEXN%Z$8zcuGJ<)P%e^ zj^!XTzblY@X5#ImbcU1r+IKeH4UdqK9eHgbDXAhaDfzcefvvptju4moc8{*!K(&O4 zoyq0AeUnPk%6q1;j3DU(mEqI5B5}I7-<7ULUZj!zQu5n-eG30LM0HfHou@mnJgzlA=!ND!rPN8ug{ZjfTfD(f z-NN!c_xC+$W}lAF6X~vJJmaaob)hlNR;!M-t~fEK!#zc)ttIk-*CR2D@4p8!RB%+` z8!BcBYI(oO2#71wv0PHnyX(r$M$5W+)?Vr{e+!KR2iw~+p`1PutBEKym)3U;9^EWq zzhg0fNS$Uf>3w{k`qKN)mg#YFJwBt~U`zX|Gm*{eN0=LbvsAe*?6U#eAIp9EHrXNS zrTsfheJQNrMJ>m7%fUTNp-tH%G7_&{hBLl|g$pC^k(MSM_WX;@kEzPEX3yH$b6i{L z3Vt(kJ_!#BPgbXN3C_Nl)Oq%-eKofxyypa?f*$(>*$MwzslcKE@$s>Vu@SV{Fo8fO z((UjE?rVTAAU+ohKxA4&BhK;9~qe#%+1cw*b45%XaqO2uoY)o zuR=31T9}A4Y4R&^DcMQF%`N0S9N?-RkJOAktc-f=UToLdLHFGjC9(HlE5@*s)%<>f#)m~nCo3k!2{@o@6+u!A1#j_$TjhHmV(j?55Zlac1{)uTSf?`p%KE_Nt}rZd}sXI`fTi!l>QFh*6~j)0DN$|8QO7jb8vCm*l_+j z!qG|E1pxVTL4P^IQ4QQx&L?n3gtLP&T-pV0>%{yk2ovMKkGFGnus+<5i7_YK8g2u+ zI)Yib|7l8Dc_o#E3tJO}tK&aDsae>-Rh{qtn~Q^& z@9+zBFd|?(0JVk?r2+tl?O-<|k`8b~Cxn9<0%0xA1TBgY8u|CnO5j477&;kB89KoM zP%a)`5iVX4ZXPvmJ`o-s5iVgiE^ZO7U-~0VEKJ@1yWY_CVHEp$=yDd0V1D<*rk{68 z6>k6Y?dPkt#o=XQWIVhUB8J94x8P{#0{?m90M^e>#^#2$W^lki{v_DHwOjlJF>nhQ z837Cmup0>q@v-y4xdqsTxcRxjD>t{WiHU%zfbqXTcSM*vxf(ja@0$TU0$c$CJ;W8` z?LUv|&LP(Rz8Y6^ICKsGW$awM?0-iYKrZK>o8^Q!#@}`;#`z!cA$Hi|7ZwA?{cHoQ z3vfctzq7(W@df7ozxng$IsD(8f|2omC;7MV`@iV=Uv&Lj82Gn3|1Wj@FS`CM4E$T2 z|ChS{$Ix~9AI22i7HB}Oz*M>+dea7&S;vhOWTnVR(0}i0vZ6rCDLc8Rj$~vPoS;8P z#!VUAK;sD~c_rx+^GDB;UpkeA9PTC~VsVw5M!;cM8R#su9b5u z+S7UOvVK1o(vWII8Il$MWa*NjK+7t>qQ;GABqOWkhtFqJyE!@Wq42YuvQkpO3K1jh^svzt9hw#Nkn%m^C*dc7EEA)>g}9WdKdw zb;EBq#@e8XxaDc@bx#AYCDoK5W$z_bbpstI5&_eglaIPuHs+#(uQ$L;524P`aMYcU z*mxm?BzhICW@jY_WoBlok7Rczi+dVPpu9H&mA#mVT`-(1f5|}#zB#3C0^dF%B_+iX z8=UXGYLz!bEw;}tAE#rhEqSJ*sQZ*0JT@LzaR^{3dVi#73fF8$iaa}f`sjCtig=yl&*g{ z!4Tr-=NAyLznDU_cmW9GJdU%hu&^*LK0XkQZ$*bpV3Q`~e_H`Vr&37UNP5odjR$=L z)RMcq0|qJ9t+NhRsEIGHP8ge-vOG$W&=a5|=96&wnqCA1aSp+`z6=(#z|k0Y=gL!RYd-(17F%f}! z+H){w_lHh%EM+k< z8Tt4~Bzvw^BrGGBbITeuQCrdb4T7i$>%^p_&_;UCwrFs7YWvR-GA2m|q-A6h-e;~Y zUdVILdWf5Zg^}iG=2H$TQi72i6vX=uQ9ni|hj=^+Ith=TW+1r%B<`dTRkyay zB(~$>2P6m|9QxIlDJlKWT?>-*KX>y0wVR8`ts*iIH~go~kb7oP6UuLe3YRtk(jy*b zK$jDoRMct;VZ|(JwVt1R4G@7`#*;$C1Zw{)4eE~&rrY#7AB&55pJb~I1^8;}yWa$J zb=HYvMx)-&LyM^1=~ifM;pgFrte%)49Ux&6#LaM7mMHm_ouN)2m--?iah>F|GE&Bw z-DyDRGpL`3k+9}AHcDYtm~qePRs*8LkX*p46BIILW@b-?gBq2Ul^b_&bkgdOJ;@wj}F$J01c8EJ2#!4-Wl=0?~Zh_adQNDA)i>JoC8X}Vd~X_a4d zX?1mVbALKKR>{WgV6|*I-Yhu~tn69+?oEBq)sp@FMi@OWFK=@x;5hqrwdJOp&(#$Q`QKE`L7!C`ep+;E2lI zHjRpsYxnovctj>~%lXP3giwT6nl-^UTFrCmo08zzMf9E(`jV=uDmO1L6~t@PDk_94 z?mVf!v$NBq+&DO>HDncR#qz1td;%h~8!N~KNroVZYu(k^o}8)=?wXh|aQ61yp6_go zMeSsyiwEg@@AefXssq}2fFyrNGjaepZ^G*t3grH`=Dlv;-H*O4Q{Q*GebU1d{)-UbojG-!0r%ZMlK(73pyhUx4~Clj4fcHvXw=a#4MJP2W3c6+v?2*lXm|p^0yFO zt7nCc+BaU?tmyRSun3=O516U|Vt%Q%r`VNz|Zh!KFN+t zNeK_Y5C7I@`{a$KrDf32&{L!mIJH#d&BkyBWuNgHPgk!WM;YWExY(ByETQ>&dV19T zod8w~tbOs(c!&>OSo$cQxjtl;qGWse(;ObVy}61&RxQcBh<xP(LVFZI*aTcm06U6V8KPSEoH&>QM6`(}VMwT%%G_N!DWG1hzUT16pn-D3EhH3& z_nB#mNRO@F8CnV#+mhoks2Z+b1y`Cl;@8S0C>Yz;n70>)3b>t!_TKpM1rERSNIXEx zyYhYpxa38XbA8E|?J~w3JH?wjF=MV1MU^q7NI>om*6>a@d%~+-A(s`c3;VqBiufNV zU;*nsn5s<*(j;v3O=S%b@5(+Bo_i}rvJx?29Dv2{Y61=KJWgt_&sCzjdO;1`fAmkJ+o`&|8mVZT91;?urk9Rj&q%uy6y9-=gU00)(ca4#-%iH7A?S--OHY85 zEJfQ(dev^+;ErZ?*iixcT|{)?|PE)rtk_`uQ&t z0Ck%goZfd%;nxB68CzT5U7Y3A<68$~azva+&>D0vT@ozvzyZmA1xQ5XB}z(mc6N11 zOc|Q6I&Ub{I4xfZ*`hZ%yd z#8xDh6G-6}+Yf5cm2AliRYu}^K#PX=&g3EM?Kz$7gIg>I01q|MLE~^~DWBA)Mh2u; zPs&F?{RKBANiwTL#kVB(zfd$V5V{!Z1<}~{^34X?DDR9^teMZ8*+&#AJNwR48}avE zCw+1sGW1{|oU4c5xt2%zLg7=ev_Yb^Ex*3EK9Pb)J?V7H)2Hfh&mv!1BqoEMHw(3IZG+77Ex|l{Lu|oZQ0F(nF6g2q080)6%kub^_HI(%}M; zIAzjeWovI&7p1|$@Ia*1B&2>pI0Rw}wPZFpJgmK~?$Q`}R2*kKn8q|E>12=Rr1>0tJxVrxSen<=&xwr^OU@AK64M@8N zvQj>|uYod3{yQW!i~HyRPky?K>OKG}HrQJ*v{Wc={Nwa+_Nl?M&~orVVg#YFiRi!p zJk>ek_{4!H(72~nQ*dw8Hvrqs`%N4&!wQu2vi=im34Hx&L!}x}f#<(A*nYM?KtpQI zUmI*cTVMM?Z1F!BY<5pqs^8F{fwl&zPv+8~%b*mb{fxTLC&hXtUke65wB&eTv)MvT z_G8Y+fdxZWYw89#(R4kW7;5I+U&`oFLqe=hN_O;qc??=b#1VNR7Z=+rwYDtGJ5S+1!k8d=`%j_=Yc zKdxyEghx6zrtGa)rRK}q(5C*fLHhZ-xmcIi)& zxW%fH2YTJS^ac)=1`G}Pit(ZbB2=hLnq|d4FKrA$_)M8%t@Ln236ZO3x~`H-+{%02 zKdw9DAvoe-jLn{E=mJJBfh^IJ(~}&JfcU zKi&L!FCC`JXmT44hVi1c$~=cW+*$8G}(t3Y`Cn%HbY>VWKvh8 zGQr-<1>62&vSaGvb2XE&`~ps1)Mw{%UUaUbkSUu!+Kcszn@P|-eZE`%W>DnCPM!Vy zViRkkTP9w-#h^<2+LAcUo4K;D80=R}RRXHa=7wk9Mp7kxZ}SGR->tmr4z6f1Zk;~F zT2r!*A|Fx2e%x^gPjir+Du*GjACF9~!HzbY)3!#sVW#WMe1JPApt z?9?P_x|$SicZtWfQrt?p8rl_FI>tKxaR52!%^Vuh3_r8mOtJfjf}I>2fAyiP3rh63 zqn?7zA4$RH282j zugbcrms+q7D6?x2=t>9CcgUV)v>99;M$V)zn4@@2wT~NlR5}EZtk1gA2ffG;CbPGG z_HO2GyM1}_&EuI_%wghJria27ZeP3q-CgLT@};=27n1RE?IvkyCd-A%l5p8;%guF? zzQzr_*$cuNH5`3=*Ouj_&vr_c8t01i=KJNPb%_trRCM{LmE;&&NSQZdDoaqXd>Gqa z!>x0d#|^&uM}>|)bFGszNbiZRi3da>Cxz*XJZ|kRRGG*!WnyvK($md?=(PO8JS8zi zRladGJMOJj_|aTiv5A=Pmp!9!H1m;&&v|_v>fxt%Y42X^A3LuntKd1bU9&!G^PM(+ zucULl*PAcfbNSm?7oQ-5nPz(mRab8*dP9P|5S@F6<&pl^B$RgEmp#Si&?2KT$Jp;t zx~=@G69cl?q@kb)5x9+Z>#k}VKOoF4K$u$BSsIOfFM7?ShTW)^l~SY-yCi=LyKgM7 zCBY*`1?(&P_vnlj#diNQX~(9V+S+8APri&<5F4eVZ13WYLD~?}lR}Z<=<8z{JRPbtMRc91hPEOS+J0h8L=d)5$NMKy>f zPXULlOYd`Xu3vhj)S&ArLaO(XoX^4NXk+zftv#5Ac`M{>O>ENh*phNMcuCE10S!%R zK5FEiY1}N+v%UfSZo+eE+~?Hj9A%AF>+o009>?e%-Nrf!s3|2xB$@}6e({UUv<}XU z&<&9otxScTF429Z6zZy$eUMSQ$U4w=sa)b}Wl_X(3z8)sg^eEh9J8F&&}q}xX~;%M z{EbYb39l?8Az21Y?3mY>7mIOW#+x&40wN+zre=?5qFlUEzu%k~b>s^>yHi(~(aVsO zk#_8f*%tFjZINla)I_99Iq$h>my&!&ywf_8QTJG9&g_Q zHS?*qBI(M0q4pPhO>>Xx9}Ez`ekb-9g!SZ&xLIWFL^qPD!9zbtamnG> z8Z);pw;m(%+ho_(C6$RabL*ghirFKiNc0(m_&}dc^Fta;RT_7~Y4K0XRqiU6r(o(L zpGg-wT%*5!C6;E!SN~8^0%M5G^<uOeD!TZptPwm}ums`eGyc0(nP7i#o3=ccs~wR<1x(>BV=<-#)q~TR<1v@^*^q4p*Y_CowNKiu zIMsE3Cq^dkF@NLk@2O6$tx*em;bv{IcK<9zC&y~A@uqq6SD)f<-hZ~?dd^*M>Kv|fp?Q?)+SB(AbQR}V zm@66dD^-gpxAiggOuFuMA+VF;jt(wInuAi`Aix<(4ck}e(U|6 zit+V;hRp7JZzmXXY9N7kO`jpRCf+=yNkh+lH!?p(d&I8fPwM|@Ld-}d)C+GkBX8l( zY;T|0UKOQhZ9{j4p9BuKKL15QhA@02Sr51PHMrzKtnH1R8O=@@UjeapY}5Dlqi?W& zRb5~7tp?UTB?`KS8VfK!yUdN@tIH}Wfyl)wT}e&4)vztPf__Y?LURx;K>``y*SJCS ztLYMo2z465ENoq;&aJ6vk}}knxvz?OX1G9NHT-eU)8y7%+JU*GwA|nzHcz9V{hW-U zmfe%#1^PCQb}Dol_ng9>pfiO`sq-smy;)sN^;!Pz-fORh^2}G;>z^63;JO!!aMA1? z5s2Ca1)AgIWoAYNo)Wk@!7OuC<&ZjERaZKj4;}+7K*AZ#%&6^@mR`E_+oDc_aj%Yz z&g!>65-NGS;uK^>XywNo;Le?OUX_C`s}WaL!m!;zns+)s4k+pYly)Vy*1t&I={9@I zCu`f6`m{t3X7zbeJ4LdF2>6O67wxy^AUE}w?mRH0MF4V73igt6_WO{ zitNz4jhgk^W)$9%;Ja=}uD58;(AxcdtFkek1b%5=>X`L(!P?e3MVE zj6-pszYN^`()wQ+8;2A9|J2}rS>%7Wgj#`;V)`@AP$XnN$<<2)th%>EugaxPxhmMW)I_W6MO&a3?GV2bqTKDROw|lsVLZ`Ie%Ri3u+)J)ZuUC^`a5 z3Ue~$yOg(|s9dk&;r?Ud&6Yu*2Utrlr#Qh%x-T{3opwKS4cAr4tWvEx82^=49#=_C z6GuJGch{90q|_`Lvr{iuf68*{fH-G=-EU1P~Gd<0?rgM6!#Ge zLF0MdiANWk9=%yXbV}LY8EQ}wp{1hiO1=`(pj$$Fs)SCJP{WGRd?alScC+I((QP#+ z^PW>YG9|fyq}FG+5v!ka6$nVgC%v+w)tj^VHToqn6;7ugs5+Sq8}aCLNi_GqNcUB` z4(+nLlwq9o;zZBpk`=;wrQU4*%$K}7!+ZH}7Ph{TT7Pqps*@^RvfB={#-7InuBa&H zPRGFw#h6%%7B44g4!H zAY{fJMDq{y#+KJ)R>NSG(Hx9A>ZW)@g)WD~t1;|zQNat!YRCKc6p3+)o`&DNs;gC| zxtp6_WdcTq*4+FfFiN#mhGoW~qG^_=>k=j4gqK%rS=U0o=;q;=UdN_MP+}+dnz*H#6F5d#ps3MbkXxtv@WR$ja> zJ{iecwl=`GViOWj5fB$Jy6~+_TX3vmHKKV}X0{jW+cnz1&!z3j94q=qTVYBfjJB)X zV{AzVBBTR_%p)_1CyKWIje@{+Hqyc0)q|d_$7?f$O)acdM4+}RX3wN?^Hr*pbDy7; zoKWy<5?mXrW{j)WRFuj~_jEUO;>&!9i6#G*64cd_w@`riV=8_ayRYq> zla0^mwbEM^6}*ylDM&qkukN|uLQ9PD{kTNfG88CQaV_;$Cf&>(2MU$*XHk|jXUddJ zdLD~RRcCu5CmU*|LfY6T3g5eNe@1Lp9c=8^j()?l3kTjkYpt$v+Z+sZ{2C(hszeI``{{cReS*sojxnG3dUq2r9 zDu`a`J(lw{pi9vpq)mOO@25f~ckWuK;)GnAw5k(@X$6l77(ZYr0$Ib`TmO21LD)Nj) zHO5Yiq{daBI)x7G5WlM7rYlEiV`WK=Yf=*iMfD1Jv+pZ74&UKA)Ir3 z@Wb1N0-36vm~mRI)G+vn!cw6TVJ}5H!{$U9cNyQ(yXtESS&V$ru9@sC#ne5=BD0Um zDBBH&aj@3{I+19Q00;pwAe;ABB z2r-RG;bkdO_iv7k&APr<#!v0?He|}$H#-W;oG`q{Nr4B(o2q<8PEDh>^XOe*m0KLA z8cKa|jdg%7E;wRE4tx7093qN)3pDtFoNVCesc3>%y$4Q32P#S|{j4q|XFk*LV$`IH zU=vj-t+PzAtx`HtpZDgB3aYYK-VWvY1^B9RKke>G0^bA&lPKmKnK$ctS!eH5z2K(2 z1+oV+r%X~qYz}BYj%@~57k>A}EGT3#>nZM7_1b56e9}VqeKy!pI% zkScVWD}p;ZXnsR_nmG8nv@Xs9-tn5qeg!Ys_qCPVU^;bmF=KL5!LfhdD4p}#qLX{L zTM;^2G>m1jn7>j({(VNid%4i(8bjno(G50PrZ+KJZp5P*g7iU-dm}w;Cw}yg2NhhS zq#9}p;rR5lvAx&loyufn*9mO6nM8%ViglD9!3N%Vx8|SaRzavP(7D7(YPOEN$P3n* z3*-i(c`_^mw9(3CI+xq^qW3Jk%S97dWQ=U5OwLjtC*6AC(MPidRGU&W4=bZ-WMqv$ zIw6M&@Y$DhS6(J3h8IWA-}P2%{)5y|!+(+M$`vk3Dy%J0i+fv{T-r36W3yzb{E4{b zFlyW-8Tg;h)U#y&ll0;Q%(;Nw`XHIuej4w{>>WX$JvvMuKkmF|TqZ#`rbNZfqv_tU z*W?tvp3;;V^*bh^@;FxH4Ov5m=&o&<_UwT0!qz4bk^=?*kMq?4cK;_LFwfcPaX{F6Louk{8jsF= zXBwRA>M%7hRbqYsVRUco1hH(~gUw}iSiKBB`V{f|FbG=%BSvD}ZJPY25V9G_(<}7E z*rpyE2IBak{MEkD~E*!Xm_IT zIL8I0Itj4ksnLQ(>VDhV$+u+n>uxEnq#ClM&l^8tQ9oiCO2 z2CVAcqs2u7{_T{Iz^~!(nr>A|Zl{~$=v20%ioDi{nCV`V)Npk69T3*Or` zElBWq|F{o)xuC-V?C&IDMB!J1X_TrAm^TuH*t6;kAq}J5AD*|QE<@h=M|TPO6-Yxq zD({<;r@<{|t|F<`f8V!MB^Ti0Lr$vA@FG3a!v$pW5FB%JEYrOYG#!$QwmL$k3_NZ? z-Nh#~ojpsJt>tx0n2Ltt%z6e(*dkFqQ=$F8W z4=CIZUYOeqGT10#x7Dsqp^s1vSu6HB>B1A?Mov^gU>eRdcz}inq>?LmNd8-JHV-g& z#Xget`0%jKwiC)_1pfI+nJ-c^GBiw=WS9j(Vw_TkG-#i?bL-Kg=#@^)+Wb%RNu%Z- z@P|@|H8Tw8yX8mmXA!gA-v9A=gyOS|l;lch7BP<2ovFh8`*33Lm$gizFGgIk!N6h; z8fm>)I$t!~^LxK-@i0Q{lU7*C@WG1L^^G!F77N)Lu)f+or}nl*Qthk7IMSERU35W- zphLxY00_{~RE6Ivim;#yvF1^)xl_r&5poRyZI_u_bK#+Wf-4A@c`shh7V`cn(VBro zt7Lk=H0%+taGCo2&E<=H($m-KnaZSlnsnRhrQW_>3hh_WeT){bkr^~dYv-ufUe%+k z;ijRAP*Q%K3IdnUzoW^4>a*7U==(5j#pnx@aoi|=Xjf*kX~rYX`DuWGY(=JDWUYa4 zIBKsgMe%k1)gXW-X~eRNTbTatUYL2PwJow)`!}ph+})>;8v3lNoW&1=aN|a2r#AKS zHCLNxc@)X%OHGganGcR=h4f%2iSmOCq1gc$1fUE^@kk+AWpb+5zqW4siY4AT3r7mi z4QQqcRrFtb85q?%a3U@-{9~Dr#;|@=^vI`S?wq_{gC_u^Rd#ATO7DeskOV<{FzwPr z>G~qNx9?zH2FD~`SbcOeM7XeZF;Ol%0ID^Ta|$z*m+1sipnCGQ@)s7MoJOQJ8RMb~e{t zr2MYKr>^mg9=;gwWH9qcYw6lz3OGjvPhA5b(hN$u(f4!_(lXZTYmYQ=;pX9rMFDz} zPVf_HRTfWM?w%Fz#E6)&j(@0btUB*d6&CY0>rUkfUiFr;NZ-p!8fUG83DH@~8k?MV z-DoJghO0j5=GYo!sgJCfH=}?+5*yYq7VfuPXPs@jOA>>`*sK3kjFri4D@BVX>e~S; zs{E2(9$nRyiUSb_=$NdP4^?z)RZ;#g8Rntmx*Q(-P-NR#P8kON`fIKJm)8Hz*Y$ts zbNVm9{4&{JKmHeE4{f%8T7p6Q)YN-rQ1<@3QgaOQj*A%enVJu1^@0JqPmIeoC6W)!`C0m-TV>oqWOl0mn2js#fFKbqHC5nM(y( zNNyi|cYZ^-0X8YXZQvHb<-Mdz4wrFa#i08gy(Cei?eSLWcI?yXeh+4j~vrraE z@6cppr@}A0TUPo)jPF_E1xOY7#UlOd$3N5Ikt1=TlN}&!AiF6pUT9I_)|x|0O!Qe*MN zi~45%Y1`lLDH^0YbkZ}hx#url7L}-Sc$Q!NrKo$4EmywwDhkhMyV8jb@>})-KL1zzf{G#$7$t*%rcK;jQ*uj@+fFmKKx3h8&5`X4_X;o-q}F5^j;uvpd9 z9`%SrpU4~KM7b8dRsQBu#gP0bsDxpY&}Cq({&=!FYD;ZdjoAn~m_yp(w~iCl{p!Qb zo|9z*!b7)J24&KZq_t|K)Hs*8&6!D zLf6}2&5)u^b9vXbl?^-HY}vY7@Y`o+J87O-G?7qh+ZicUbGYbFk_C~*${fhmop`tG z;X*c>eEDV-BK3&zVw}3>66YOR8=EHt$T@xhY)%nLPL z#8gWkdfMN{MEHv^iJ;EcTTCc8ZmQaw|7eTOk(0j?wyV~g=F~*GnOv2Li$1%`+2N{8 zRG91IB;VvD|1N$rXFC70_gEoXYp!MQ_LVgQvAOSBQmw3l;*k!Y`dD)GIKg2)AWf0VHIm(5jJ~3)l)|BkVgV6BunMYg*z8crSfDV1N{N>9ZI*yACMx z-?MQ3sjLYA`$ca2YwgtYR^u#|=T?o2Jz2&er_g8r8v|60!grEP_vjwTABJsG!6@6? z+d*}O1o>|dU{C`kZOv@#hmpsihSf)0#!9QDSGZB7MqHuNaNlDuH&@rDP$n`y0@rJVAJ=ua#R z_f`b{=P8i39v1Gs0@&u}*E5`TV0Zkd!MZedR*E}iq)`6o!otU|$jB%uy9Ng@pP-<> zdw>G;QhUh(x3ehZx~4k{syICMk35I3p$^u{K~2Oo*sI3@h*Op(3=IthoMhYnjf{=e zNBOo70{D=h1@BK%AVCoesO;*yOm`%G>F5)##&J~*O?Jrj=`e#6bT-Rkc}HKelM+yv zJa^*szUI zo|82jk_%CApHLDT@C%V;iT)_@(nzd0uj{H#{u*>uR1BK={6ureNt~u1I<_YF;P>-{ zq@Rh;54tht2UC_mFLcFK#Bk;siyO`X)#w3C*YMy;`^}0^f=1>* z4KOv@Z*n@jbFR@^{+$G00jHnY)`6MnBPr5iGF-geD%toG@1u*I+|``N&)GauUiat} zPnMVNTqI^phbIRnzp$XGgFB?7VUJ*yPVA6PLlN8MHm7n{ks;7uB&M`vhvMe;fhg)b z1AC9z>6(e@&B1$8q(JMt*T(6@B?(;)E6qjEYUYIfJeVrlzi;|3AcQX|=SAYOPMnM0 z8PC5sHQ>3n>9(b%P`^2JS;E16xDrxw8lBG4v0h735n(dQl|H2@Tq^Y1TS!&F((q}y zL~?c|qfy^>?AqOAq?eG0mA7|EWxB`I0_w$rp2fa&N$P&ah{kQ%`3-BsiHGo<4+ll1 zPjhT|!ND?Cgs1|q-+A2Rlj!3MUYxEL0i5f*oub!xiz&H@CUn8xh1RZ)tb5eq*^6}8 zA5|9%&edxtEdz;ln)!^WQRe$b__YvMwqN6?Yd zEqtGhonm8c8l@zEjn8bQlUFLt=trT#$&S`mZgIQYPiokrbBorZZB!M8!s~0}({c=u zhXg{=^4pG@)? zb&eGCW-%Lycsyy0nE*w9q2-P>jipf1mfy14O7No4_7k-U^oo>geG*%V@+TsWzjfeo z{6TmFN)2(Afj&6dxlFgj;nU-?+bLh43=7ag!Gx3I1Z%-|ar>Pnr~0pM0M(-ByGXvn zeq#AfVQnmT*Gk77X~H?5ns7Dnb~&z`F11i-W_o#(6uQf2FkGnlt+Hi+68o4qty8c9 z>B+@P&L(HJlN9FK!kv?~G=-L$I_fqejA!S|mp3vMd9~InM2mc}WA)Q1Uble)rW;Xe z{b)5fjy`z0IMLZURTEY*!A+IL=2@=k?Ou-sS-?Gg{dVPbl{fMiL5fIEc*6#@yPqLe zh2%9dt%-Cgt4#x(o>%4&vFFOdZ;L&BhLwAzHoLUDEL3W3STp`2PGU>NhM6m99{I_{ zzDhP+`V(fiq&MU9YWQ04ix+ZMvQdfa(S1OxX}kpPa1~b}+I#=})j@zL*c2 zVNwpnsa8Q8?&GXZp?ncG;!0!8@NLicFcFGtK~olCXDJ#Zl4UsyS9RW_w-xC=4hys| z?*rfSv*yFv;?Qb4P%SzHED_63L8!S<%H!_1aHlP_uo;E!N-a6qqvis1mm&)I;5Z7m7vR{}vr*@Ty> zF&UXUHTu>?v>;%M1=9FBWjqLCRpYl>uO21)@Nr)}b-(5akZ$bnD}>QvL`W3A zgf|-#5xKW^>vQ2QinMR$;Z2&6$z9+($+_~}i%VGUa?vTj7gt~L!KwokRZ6d~F5NY4 z>V18Zz2~m)yEu7MMzcQs%Fxpqm*xaTV0F48jBAt`=J00oe6%-V9wvMVk&tEyZRuCOcE#KYI5%#g~qwYYo zMM6SiqAK6jjC*8ciZ3*BGG4tpT9KDyT0BIKHxxYroVm5HPmr|kW@_hVf<}Td(91HF zZ(Qiw+Tsz%L!b4G5;7Hg-Yi#cc^mlq`=5UK{3{t5*UkH|OTl;O!>RU;Jb*p7I7tFR zl`Qip6_i@@HwEd>Xz+h{HruYisLkB#>D@^4zdn87?j^H{^?pi+Pk(K^w=8k8vtt}^ z?z0w{6$(2?K~Yjv^uQj1T6JMxQ&Tfqk>w63*HC4-8p;a(k5~MtpP!?h>oRiU81l!O zF%#@Zn1f!~!3l3~?<6SA}kW_hTjcQ;wJD{7uPTIA7?B;sBOTSR`-cJ-PvH~$p$uN?p_ zw=t=p;KOTO_nN?AWU2#ms?__`v6`rSP7W0Tr~~89^jTc`B;OwDwSN7 z)dmxCWN<{CIil;Eo0+(153jC7nj!P}LI0JNTvrFlvh`~c>oaGsXvkY$d?SEkU>EA# z>@*&7QujGlY?U!$mmUqUL=EL78zv&g_y7yEE&Ng0C@l3p(?eXx+BEKN~b+BqoWlr+q z+eU`(x6?g6)@6P7!M^e|NjT}DrxKdbG#vtxr|edrShcitm#V5g9AUl5^Re!x#r@#1 zd7OAfizV~T<{=Gv@;f#kxC(N{KP6uF+K1UTtq>1Vc>-VFO-ujeEtWlw+)a3wL(0^$ZJ-Dch89qlrIB2DQvaqYV~ z5l!Z)w|*OmP1uy+$XRLLvVnK|g%o03ho%j>P#Bl`dr}4S9(aU4z%+Iy#0lvR&oSH|p7=Yl5}{BLzA|sV0QOkzXE! zl&w=Pudh0=LEr%Omr3CbWddd7Grr`{DCFMBiF`QeNKAT%im*AWXglB9LEhG3P~;>w zgi3p>{)CD2VeHk~j7LmKybS)c=*dRjsT9mU4QpN8!MOosckyU*GwUX#rjywT_+h3q zpP&JLu8I&Jq8=>`0D6zcc`m3*E0>;q+F)O)G{aWpQK~p&!)|+(=PONdY4t`t&R4p^ zLQLUxPH`nED@zKeA_9%IMOwGF8&ZHX63F<;3tCI zpvEHuSUS4cQ#C#WZOr<_e9{q)$)RGi$aGMQstW3+?j;^6HywyJ&S!Gvt!98Q@LV+L z(Dwebcnc!ALw*TR1AT^G->TlY5OJeKn>`48@jE?o%CPDumky{micAOG`#-cdPDkDt zaJ~clx0hM1Z@peU4kh7GedSY1<>M0V=;g|PFy@p0!kDXGz^rcpj&U?@;|D`IYSmF;RR=aApCBK*2tmUIYJiq;QsmBCw~J4_1PLZ z7Vhrx8x-IWMyWXsP`yBi-mq|S(a5y0w6%TIW&UOg2)^I7b7Rh(J2z9Am(ZR`*Vr{V znW~|oar+#AYNz=dX=&+WWb+N_BV^B7q|zQsr#-$IB@a$OJ*Ut1;Q0@VQE$bW6Qhsw zmR(5i^7Helfb;q}5D@(X12^SGMMWL-V&6lj7xh6SN8S>%(b?Il3bK+ITW&;+Hb)DRT~DS{wHYLp_vHm*?;PtV67EfJ5F9+vuXazQv_aKh3TF-b2$;aHYsXQ z(+vm7&URjFBrl<19S>y(j*?R{f2+cNVqLNodVcr$dQ+v%M^gW!&WAFTJmnm5C@-zg&j!#rCS3 zrj`Sv6S`&Wge9F54|FI;h_8!cF59E-w*BA}&L}RIBP%Yb@9>DqO8tT;P~i+)$Ot|* zI}swuw@#HeR7&_DB!)1y3CYiRcMAr z2($=&go(w8+7lFbozBQ%!lv6-mHqf?N_IsS<6{JUJk7$nb<>Rv-g1@nPJUYUuE@Jo z?Wx*W8DDHZDgM3WllujJGBwAObZT1W#8Srei`?nbHS@=6Mvl>k;=9{%z-fj2dKcx@ z#OH0w2DDI0mB5_?V(U5Om5?_hdY!%$_sv`0zJN$Dnv z`{;}9M4}!(U}O@SZzhbZv$A}EcMuka_#~<~s4URGi1I*f@osIhdS!>0z9|y%qfT6b zAm;U8%6&#NpI|b=>vwC@{WhcL)X_l74&LWk*iw8DCL3>R}Q_AsNi&D?1KhG*{6ZyQRu4ecpVRrdU!%Q}_&LU0W7DIV1;`zd(Z_ErU z&DgP$j@FCwRXjd@bBSJqSo6tq$T7}^rPo)?`+MojdtP*P``4gK+)elff=A(QaVK2z zlz&j^Tj57;9tuj*yHunc)ORhe;Jl)$#NZq`BKGi2iJUdjjKf$)=;Zfx%zA2fsAIxd ze@IE>gLI|ox+!S~NQ>>GN?(jYN_IpBTP~#w46lTHyUsR^b-%2vByjoRO1q>^Rwx~J z$(uI>)<@ZZQf)xr9FO~mCwBfEQu9*y?m91No41+6Zsf)fuMVlDSr7H7RlpUkX1ZBi z=b|fNW;1D0(iVsPvYH1ZGzQAY^$u=PrK53h_rL|dEsFS++jtVHC_CLzhLblW2Pl+P zT>X^$ALXH>6_QzxJ0h8x4D@aB`7@Db3z!vD&nmqtF3#`>r>a&vn+97V4kCgc+-(3%Y+exu?D^ujifmNwLkv zeXOe6nvugy%-Q(?qDkkI5g+MKad>6wFns(4P7mVbj*9VHbT=^P8U!q!VCtzqb~H}X zL3ss5Dpcu(8G>q1p)#AAzBD!AqQn+>q5>I=$61dv44b%hSamC<>CPz1CL;?;;s<|* zQGpfj-1>%VS4y)UFP4mq`&iDoDESW6Z&^F-NMiZcb&-ZW6|Mb<*x%<_v<8(Q^+Tu; zJB!t1z^=XZD}j^4MX=TK%3}KWitYCUcTTRx+8$m&0()m9l-9w0D$b~?%GK|!C}!0w z2u;g>1m8SWXe-nyV*nXGKnAHA4PMWzDLNzTT&~Xd2-gp*y^cL@D;Kh-{4Q<`DeBY_ zXkhfERH!*tZx===zpG0LzL0wcHi#$IO_k}%`(0a>E!r%Ap0vhu)&DI+DZ27DWo~ju zHU~%d9gd}X&w0ZMm-JZx(St>eI>D|x#^I*Etc|#D?XG2udj$#ZM*fSs2)FIPmeJ79 z|N83hKGV(9!WxS5@-P3s-M1FLUJo3)zbU}mFJ7OBc?z`ok9EbZ!01B%Sg!`3z&7pP z>|<=7&BW3&LC`SYaDhbnsgHrlWL$2#;3&y9X{3OKU~jJx3y5-8qJc?rz0MNf-=838 z4=UtX2Hx7W6pwD?ulSFp^#7ryBt8vX*_Njnsh+{;$%&!ZxgEMeL#rMhAu{CI=J^06 zS#LCSD{E))YTl=uGF+SBj&3dzGP9KSnningi&}f?#h2u4*kdeWF4w;*;YQGEq1{JA zy4j&RNDEh)=(xB&ZOAgmz4OZpNX5n1D3*6ZgZ zGE;k1$X5hlhe42GZCNMpN>w26sM)j@U|4FG03g5v?zQ@^v@kZihwMH-LU0zX@m_Ji z|A&ig$&HIM*4~3Y!#O(Z@tW~sy1n!ocMs$H$na3V)kg>|sGjgjoA!MeO!Qc7opYV< z5IehZADZ*AHR}gwPK$jJoqG(s!;CH2tUWNy_e)fT*3L5$=2ORjO_NRUO}C>%j@I+C z;glxXXqz24^tWp>v`SAPij;rZuq&vvEw ze>W>3R~TyA7+^m|1awtsI$X6^eH?tH4m)_ZOQr2iC|$y%R)QEOe#3D~jm1svt2F_a zp#g!4#pWUR%I@T@;OFL1#)e*j>uWliXc17cB&?>5fW`aMbdv#NDJPa`RAr_3Hi!(# zQ6&nzOYc_Z6J8;6-LCMG=YDUh265EH3gN@kF1wQh0o#Kt< zh7JZi@K9Yw$S1XnMi+tc3fq3WvcThHetBtiCtr<-T{Q`P#>M_5;c(JbTw+?O*BQz$ zEpW>!W?cHDj*d}iH1OvjqfyurOi&{b}jc-~5b7_|-jrXAIYD z?36IPA)F@*SH_yfeVuN7u#fbsH7I^ntB91ndswCdZ_qBX0cAsQ$oJNPGBsJ@P8&bI zio<=EMmuz8*5~lmK`a##r`t||lg0_c1L;XtVBbN`#&b1AM^W6^lytV^%dsfRj@SOL zP(8>2(uuixIkwNCT=Z|w=!rw&8nM7@`j_nj(OR+Q_?*8<>K(mjxkE1l2hk9NKLv9A zW^Q2c0NexHY+eX&{RINtKCi5l2JL~<_km2WsHhP96DqwGa)84J-_a2!Xm4ky{?);-Xs+YzH4v9QbtF>%7;rc*+;Fc;PniIb&Y}hxcG~>rNV^OU^z5t~B^za3~#mh4cse^^djv+sDION-0}z zJOaQj$1N&QBhUy3A2Cb|)w;KH+}gGE;>%+@$|@^!0eU+*Y1@Qgd!e-foBF_+jLio1 zv65fsf%0g;4-MM_pw+wOra&=1o2zy>pW<;;9l*J!CMKEk(5MzW>G}Ejn!<4hw*uFl zD^iU+QVjs7;0hQP8r3Xpd4O=ENXNk3)Uibb#>4vhdYw^l{$PJoBr;KOVSc{N%OdPo z;5%!-GA$I&8*WA*5V{w^Qy^#`7-$KGMlWn-0}~&-EWotE)IdC#qj6`ujXr=)0jfL# zE#a-6je1FqPoH*kaH#zg_93sV{9F)R9X;T0N*R39*+JODhFvf3`z`hZeg$0Le|Wk& zZXO|=00*5m4+yGHi}_Oekj(V-5U%=t-11?Z?DJwqF&h@;X#RBlS97BiNWFnDWM@49 ziY(nr=A<<6(A5}q$;^cy2Iv8lQXzJ&ar)uzy7l=J-)%$`!qdzJe)sb6XbC;O01gmS zJelFAjP!1~-sS#W)<1-xgpHZ@>BnZ^-+iZ!FVYGWflUDkayfyG-pL5DbP?R@#K7xa zv*UJzwAACBpJ9^3Z}EnABZiO;XT-7TQLDump2?6BzJ#%9`E)^S3c<9%ccu1~{vUuQ z9+yfR!jwuh|H_j0g8T+B$0BV=ikAQ0oS!wl^%Sd&zm1T`hyhSs1;Ju|P(o;10*|eo zuEKSPYXfQ~lGVdhNdp&~@&rZPvZ73MAM0D)sgrcLtye;tCvy62bLbAlRK4VN5oqig zfU%elcJG`|b&l_Q))TU8%bcB1J7uDyZ?N&s?(m)VJ~jYs>+hM`jZEN9WW6d-^H$AU zJt`Top@#cqd~dwQK^tBnTW8&meF`{qs$y!}lJz3((qHqoFsd*%aJaiM{PoJVH@W>K zCFhZCl>*)&akPKPdDxC5W{vLBBQ-(xegtge7%PkK9_KV zX9&;TKRH3=$%h;Vjv*yQMaAm25R7GA52%1yM1N%25Lif~kXE}m5|`!&WHoxmTcaU# z@8xF>^U}GFV&j;apK0B|4!*+X=|i#!8tdNxVO^&VgkFs`Ej;uQe69Ld4B^(L4_49| zK*Ig1|qrP{tr(I2gV z;0F?I7(oUo7WMLp{bwX4dz;xno)D17XRl$4#EBFyU*9*!c8CHIa^t|7b#cP~o zw&UP$!DKQSAe?2jwb~oofwo!`_v|@2P#fW_Cg5f#{aR?GwSD_` zfOmerb0cbe20)(T;^GIlgHfx*gM+-h4BKsDUjeCS`|8UZ@DG56K$U^>twdi~+P&=P7NAyR}wll_3OzIt2fxRV^) z<=F>xM{G7wEq{ljcRaWdyJ4yVW~~3GoKAAn>3Vj1jc((#S@~ng!$a7Kc+%1FaEAhq zQavP*b%X2zlun+UUdn`Q9=Er=no`{ENQGwoQ!&OLOAnHECfZvY13B>no^cz36D>8U z3B}kqnwuMn7$>6L)d_Jiv*o!Oc1-Fp7o5?%Z__iak;wI^S<1mqt7Jy{Pg6=}#j!@v zR*t$QNNxks0b(`=sIyo}C2P@X`3_!&Y7Z?0W9Ovsu(=apQ8CfKKcYFaTv2He{_5{C z4)=gaL`Vmv0M+51ntHrhOe69^PskT|!|motv{EnPXalLGbzoYlU&(E188e{0xGSxuxmbL7Mh~0GP~>xZ$*`q z+(?aLWGAk~@|bvYjHIB*if+wZw!mck-TCw$Yv+y`mFKQrl}b4GuBzRyfQmuRrnMfE zn6tMG?eRt~36KJE)Q%7Lq7Y&qe4>cPIQ0$@%|Y)FOi(%%Sva!)_ibF;AWa2AdP1+i ztRA~hYG2qh%D+22G)}MBr>)vh5#10gXgu<+Od#lu_A9}ByKQv$C{O<>qLF>udYQWN zS_Te_t3<`U?BP{#Q`WTFSmqPUM%hty9c@|}hu0gb8#9dFm+A6D?mJ|66K>ts3+-)s zOKLX+$k<7sAAZaSPb?^KP@fbaUyCb3K`#hotgD+cMyG;m&Z~FdFXOs%_jehx#3z)E zGh^b1;mKWh!-Dmoq+lRdtM-f~utDqS!%j>9MtQ3m1=OZ&L)AnE^KCa7fD?ZoMJ>js zq6YFsGeqrs$(SkmESConGkOgkcEgXbR~Z;nE4|%`3U<(NU>#Boz8F>9^LSbT?tplI zl-HB3q$eGM+k}ffJrot*){7jZR-~KXd8HuYV|A0Ye4XZbbh^xr)SPk*%{9GQl5sGb zeln+s_W7_Eedwviug&YY0`TYpkLj%H&etc%`7?%PNgAC}{+3;XE48IoF6Ktq6Sh5? ze2*8s<7@NR7Tu-LFC@j&&Ko=%ES)Bpa3#-gxu3#Tc(b#uR}KWxiaDYigD6L%=VyL@)W)vzabM%gOsj%Sz4Q{N zpAq>DCcBw`Cv&8&6-t={`oaB4c367t2`}i=eU0XMkkteJfK+3@0<#wdoC-mWLZfgi zutVlQg-fi8lLTi+NALfA``9uWf2z7jOB%pX*Z)Z#zP1-T5c+1o32+M_h^RZ)60@tr zIXgRR#Da}8liOc6atd)Q7X63m@qd%)@qdWjF{B77OHTSk>h1** zYnrjYz<2wy#K{Ts@7N9RsY`gMeCVxeU@U3Z7M#H(?K)ZN5t8%C3VJ59a%0-|BJQvw zZs(ypoE>qC(wNm#$yD2XoD@6tAV6K`rZUl}rR|N<(rB42^b`P^Zlu(nbuyObeP>>s zgIbC8t>Oph5nu+xRh|`>`#1*!6TI$}BpnWd5An7ipPYvD8Zd`kp1aOzTc z_x|~U-wIG<#(E>=I(wLG<)bGw)Ny{6;Y+8lD{xT(ka(R^c?recmK(x}H_Yv953QyxQS9L

+LxW*_c3t`ah*CNUC+{_yY!&ha>zXnrAuvAb8VK3ETa~0 zDyHLI&4iLmwol{3`D6?ernU0k+y03oy;n{1IFcp2QqxzD)-BR5+%xZeTl)BdCHhon ze67rEiA=oP)gZg~sW~23niIXY1etE_O)z%hAy&$2+Bq3^B#Z@ULZ@~K;ihnkd!c|+ zJog-?(vEe>=YS2;A7=cHRA+JR!-c?U?5@ayc@LcLE=SdYrp9Xk1Of95`_8Dc#x}qW z0%eZ|*0bq153{}~!Dm|DNzCXG%pbc`;8u*fVS<-X7?f5Y_RS8HsOv{+e$kc-v~j)Ate>PiTUNI5Ai!y*FQlC_&sJfsh4p! z58((ql@(|Tqk~elFdy9?z<(^;rRxMgZKlZ$H#{V($)~2P0%vT}091HJH9_wOp`|*k zm(P=!XLV&$+tfZwcK3yTBO#Jl9SWr>Ag2uxjfe+$A)6Xlv&M0x@R4Vv$mmWn6#BTL zOZ=osE=lB^6Y=9}hWd{%GTMU?hd-GUVor(A_DObt@Vrgl8rV3GHP z`(VlUlaMmvsMTHj3Ag-d%>TpGcUuR5zhK^1hkwBsP9KUBAO@_&dI z&^7t@?&p7q7vMIN`rjg6#IPM9PK&7tPFp9IS~S8}8=_r!cofZUEHEgnN4c_##kd=o z-XClOClf>!?4ODGuY}=I5$pg$kYp?5?cBc&9s%f%2bad29|Eu*Nw>ge(phJyxBH)fJCmBb&Kvl81bBWg@T~2c zgB{wyj6sQ6K;Q?5i<^iDm&$Ug8s$kg{qO@Cq`VJJg|A=TysSY;>*K2oQw%(-BH?&a z9BV1^ObNoTDkM9)qJpYJ>Aj2Y`q3+zXT5<$w96Qmio8@kUCk!hp}p_`H3a@YaN~<~ z`V)+`(;^BLR8xkL6^8n%ntWoME+eb1#4gccLP}bj&mmtATLfT!^x>>8V4FwZF)@N6D3uQmWY3#OF{m z&3#<|4{n zUZqi&|6X+VKQy-gnP2=L8r%OvG&bpvK$0)B+W zwTK$3mdD1G^HT#Sj;bU<54z4dK+knC0U=uM*E+U6_LH2t-?j2yiD2aGCNGw%2-iqx5&&8O!n?KZvyp~L4S%EhWka~+)lE&3qPvOis^;?w zrC;zMMwt9IFk=tE4tfVmi;i@x}B`N;zqxrZDIT8a%u7Pq)2M) z4%fVg`ixp5n@8WYbEQNi&7nNv<1JJKRu(}&tFK3Dw)7519zjbfu2(+UP_o;*fT+~- z;`L<6IzkM7fESskO42lLuRWtw`#*T+ zI@kVgd09xSRTn1TVIm~dWSt=ijp~{XFJldP26hF=lxc)el4ze*oBt{UVr9f}~$($X@zbbe_!=c>t@1&vq z;U5Jx0C4{=+oLNR+#5kC6x=oc%-)u|b_2x50mi@XpY{M8LS^0G0(=77Ufb*M14q2o zb6QeTD;8w!kSUa(C_P{sfix9zIS&L_X&>%ATV7Tsr~xvsUbO-@=Zz%>bZ63vEh{U# zEQyfXdPnpZH=n|Sf~&D0O~#@vES zuoEl-hp_SnU{-&1I0rT^!cYLPLjyl3Au)0GJ3Df5p!clpi`O8Lh(uFVRyNr8+re!h zJiL=yd{cYbH}xGmK%lw-Et?d761&zSB&wiQgq%M1>wo$2FGq~21>#_1Y3zq>$iEWa zFjC#kY8T0vSs?tZ0LjrG&wL=n4I0g% zH@-iiE;a96Uv7oXfnJr}U^ri&+_o=YVnDB|Tm)lQmkL@8!WfhwRwXECnR`|671XJ$ zZ#yjDLd+jSzE4C30&;pzv!!JQAd2Een1T7gf0!XEvg_?csq{%ay;j&rD$-HRLjgkr)_`Ly}S$$ASTL=TX zW=Ti5WMhaaa;|HjP25FT;6~<&m>t0|>&GlGzr6_hbHe+x9%T4Mdk$3PpP3#Clfz)MLX_hLQ7FkU(te| zH1=1&vcQt8fvdkH@!d3FrCp@jhcuG&kOf-(1zp#Mj{JzZ>Q7lr1JTf6nA`!nSz!Xy zF)VWdblM|{2}IA4SWMC>VQ9}wEWcX6RW%rTZGSV>eE}@_+81@0g|B`?5Q`F&D99i* zFbLSn<%NidRM~sUY+ivU$#G~Mn#?{bvF6y0HE_*W7f00sz#{K@FnWo=1kEGEL2Esx z4r?Qtb@e#3>yTn)kvId~;^5|gl?aogz}|m~03Ev6i?EtPJnBe*fi_=M(4*1jc!&wKQ7v zJ^m*()YU-N^yc>`upi*(DikWzGcF(86<$Ftydww+Vpp3~M3=5wZsgS7Cp3z4T=B=B z&u=EH{}I!S&`DBe|h~K_- z`l-tSsGtLF^$rKcFoqE}(2w@Jz&exh=Vu1uu5aq4*nx%pw zt~`P1EKCsdas7rLjhMk2Ls4g4h0rY6+D9CV>fqtH&Po?I4`PPH#6Ho8tS6Fva5@Rm zEBV&g{2gmeX?hLKXy!o}`@U&lj058T1a*%u$5RW{3$Q zFsFS2SNPV4T{p#MLJ)P&y}B5(;C2%?GPw&3@x42B(|hY~obkQA7o5dxo8ee#*I zIId2eUk&yOaqdMg@KEU=6ug*>EZiDu9hAA)MwTt{J{dwmR!HzHgXXQ~8;&#yK}R3| zFfkh{og2<@I6Zg&B zv_@ZU)yWz-iTH(O!XQ75AH40gq`XGR_?@50BxDFgAHB;G2w7UC)~V3+NGgH3NamUc zev^>FG-!Z(MG|Kd5w&f8BQ_RMU|3zC?JJiMUkc`r%WV%k#l%5=dgE^)OvkSak6BTH zD=Cs|A9;{7uzKRo2o`BIICEuT5*e_Jqb^qxqJO7Pi4g5E^t6l_Ib=X)5OcZxItvw4 zxr({+QT-0{Ez=dZ!~!Y3mylpbYLp;jF_G0!SF=4-++v)AIdgbizDerSLE*=8u-_zS zdw+X$e0N@fH|lsKkHn4xH}#9o+aH>E@by}$@V6tsIu<{wNxX0@lHnorA<5tr=kZ%D zdacQ3GxFocuiCYbu2Z&ze`-}A`Qi3$WKa}vp+s*H{QJ<)ID_qclH==yr}de$)%c1Q zW%xmqH;rD&U&;6B^H=^({NRg+pBd{PyYG3`gW`lPC(f&%<71%%H?WR(NSI{zzR23pKqezJ0GV>(l^zWqZ(Qbb3hF1*cz04+}XL?SBMg82h=W|1p z-1Y^VQ5^&EfoYMT!CpZ(`WM2W{12`EIZXn_V$re79fydtbIq?&n$h@eb@|?$>Jzl- zdvBrlqaUU|##Ca)CojU7pN7yRzdU1!#OR?5G8s71rcy*_b3<$X7MBjzcf7Gz8pRRw zm54*Kn1LD5RR@|I@Mv{Ntjd>~y5t~|wbhDmMs#&`wYUb1>O`#JS|;dsjx|V|psl5Z zLr#os`dY}*UpVmkF~pd|e5GdjgEbHDA~}a)p}A&zez7Bsd@CLsM#K`OqlQT&QD@h0 z?!>V7Ns$AE9go}5Ts|r;6y25p#t_KgKrs)`VozMyJz_=kAgS7#=H1cgM$BS z$Cuvka#D2~5l7gZAd4Of2R;0vhp=Fxqk?x`zXnfwVBZ*s>7725CiDXIw29Z8@KAs% zmhWJ+?x*j5{6Hq?NYP-e?kJF|kC@i6pt*9&=N3Rz9o1Fc!dhAJuqhn?eO`pYLHALk zwS?nB?vWzE>hH^B&}J4Fql$_o?4nMJ9}3qKJqU)| z1t>oEyNQ}I$=dh4y<2*E^q*_yfYys)QBl9!J(CoR*Cbq{Ntjo?%m%aGM>W#}jn+Zo zI>3cp2ENnG{Cotc+_#%`^e`DD##@6`=$S2h4X8}_yMqouC97>@mcKVYxoK$`rI~X8 zDzyWQ5s-@?4MHlm>e!eL)cG zp7a16gvNSvb&E?%4ggXU=pVkHkB?6;&meVJ79!>z0HJrlP7{ucX}5X449@=&%U=Ge z!vN$yT<>)ODf4>&Zg=v*$kbnC(Y0Cz^U2><{9 literal 0 HcmV?d00001