From 3be9af0ea0f6390a1a7af705ce8d6ca0b071f2d7 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 18 Aug 2023 19:11:47 +0530
Subject: [PATCH 01/51] [feature] Added intergraion with openwisp-monitoring

- Added timeseries metrics for user-signups and RADIUS traffic
---
 docs/user/settings.rst                        |   4 +-
 openwisp_radius/api/urls.py                   |   5 +
 openwisp_radius/api/views.py                  |  27 +-
 openwisp_radius/integrations/__init__.py      |   0
 .../integrations/monitoring/__init__.py       |   0
 .../integrations/monitoring/admin.py          |  40 +++
 .../integrations/monitoring/apps.py           |  54 ++++
 .../integrations/monitoring/configuration.py  | 230 ++++++++++++++++++
 .../monitoring/migrations/0001_initial.py     |  20 ++
 .../monitoring/migrations/__init__.py         |  42 ++++
 .../integrations/monitoring/receivers.py      |  38 +++
 .../radius-monitoring/css/device-change.css   |  14 ++
 .../radius-monitoring/js/device-change.js     |  82 +++++++
 .../integrations/monitoring/tasks.py          | 148 +++++++++++
 .../radius-monitoring/device/change_form.html |  38 +++
 openwisp_radius/registration.py               |   4 +-
 openwisp_radius/tests/test_api/test_api.py    |  93 +++++++
 setup.cfg                                     |   2 +-
 tests/openwisp2/routing.py                    |  12 +
 tests/openwisp2/settings.py                   |  99 ++++++--
 tests/openwisp2/urls.py                       |   7 +
 tests/openwisp2/views.py                      |   6 +-
 22 files changed, 937 insertions(+), 28 deletions(-)
 create mode 100644 openwisp_radius/integrations/__init__.py
 create mode 100644 openwisp_radius/integrations/monitoring/__init__.py
 create mode 100644 openwisp_radius/integrations/monitoring/admin.py
 create mode 100644 openwisp_radius/integrations/monitoring/apps.py
 create mode 100644 openwisp_radius/integrations/monitoring/configuration.py
 create mode 100644 openwisp_radius/integrations/monitoring/migrations/0001_initial.py
 create mode 100644 openwisp_radius/integrations/monitoring/migrations/__init__.py
 create mode 100644 openwisp_radius/integrations/monitoring/receivers.py
 create mode 100644 openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
 create mode 100644 openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
 create mode 100644 openwisp_radius/integrations/monitoring/tasks.py
 create mode 100644 openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
 create mode 100644 tests/openwisp2/routing.py

diff --git a/docs/user/settings.rst b/docs/user/settings.rst
index 82f7db0e..ee03f87a 100644
--- a/docs/user/settings.rst
+++ b/docs/user/settings.rst
@@ -667,8 +667,8 @@ If this is enabled, each registered user should be verified using a
 verification method. The following choices are available by default:
 
 - ``''`` (empty string): unspecified
-- ``manual``: manually created
-- ``email``: Email (No Identity Verification)
+- ``manual``: Manually created
+- ``email``: Email
 - ``mobile_phone``: Mobile phone number :ref:`verification via SMS
   <openwisp_radius_sms_verification_enabled>`
 - ``social_login``: :doc:`social login feature <social_login>`
diff --git a/openwisp_radius/api/urls.py b/openwisp_radius/api/urls.py
index fed1d5ad..193224f0 100644
--- a/openwisp_radius/api/urls.py
+++ b/openwisp_radius/api/urls.py
@@ -83,6 +83,11 @@ def get_api_urls(api_views=None):
                 api_views.download_rad_batch_pdf,
                 name='download_rad_batch_pdf',
             ),
+            path(
+                'radius/sessions/',
+                api_views.radius_accounting,
+                name='radius_accounting_list',
+            ),
         ]
     else:
         return []
diff --git a/openwisp_radius/api/views.py b/openwisp_radius/api/views.py
index f59dac11..e779707d 100644
--- a/openwisp_radius/api/views.py
+++ b/openwisp_radius/api/views.py
@@ -18,7 +18,7 @@
 from django.utils.translation import gettext_lazy as _
 from django.utils.translation.trans_real import get_language_from_request
 from django.views.decorators.csrf import csrf_exempt
-from django_filters.rest_framework import DjangoFilterBackend
+from django_filters.rest_framework import CharFilter, DjangoFilterBackend
 from drf_yasg.utils import no_body, swagger_auto_schema
 from rest_framework import serializers, status
 from rest_framework.authentication import SessionAuthentication
@@ -41,6 +41,7 @@
 
 from openwisp_radius.api.serializers import RadiusUserSerializer
 from openwisp_users.api.authentication import BearerAuthentication, SesameAuthentication
+from openwisp_users.api.mixins import FilterByOrganizationManaged, ProtectedAPIMixin
 from openwisp_users.api.permissions import IsOrganizationManager
 from openwisp_users.api.views import ChangePasswordView as BasePasswordChangeView
 from openwisp_users.backends import UsersAuthenticationBackend
@@ -801,3 +802,27 @@ def create_phone_token(self, *args, **kwargs):
 
 
 change_phone_number = ChangePhoneNumberView.as_view()
+
+
+class RadiusAccountingFilter(AccountingFilter):
+    called_station_id = CharFilter(field_name='called_station_id', lookup_expr='iexact')
+
+
+@method_decorator(
+    name='get',
+    decorator=swagger_auto_schema(
+        operation_description="""
+        Returns all RADIUS sessions of user managed organizations.
+        """,
+    ),
+)
+class RadiusAccountingView(ProtectedAPIMixin, FilterByOrganizationManaged, ListAPIView):
+    throttle_scrope = 'radius_accounting_list'
+    serializer_class = RadiusAccountingSerializer
+    pagination_class = AccountingViewPagination
+    filter_backends = (DjangoFilterBackend,)
+    filterset_class = RadiusAccountingFilter
+    queryset = RadiusAccounting.objects.all().order_by('-start_time')
+
+
+radius_accounting = RadiusAccountingView.as_view()
diff --git a/openwisp_radius/integrations/__init__.py b/openwisp_radius/integrations/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/openwisp_radius/integrations/monitoring/__init__.py b/openwisp_radius/integrations/monitoring/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/openwisp_radius/integrations/monitoring/admin.py b/openwisp_radius/integrations/monitoring/admin.py
new file mode 100644
index 00000000..e859e26c
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/admin.py
@@ -0,0 +1,40 @@
+from django.contrib import admin
+from django.urls import reverse
+from swapper import load_model
+
+Device = load_model('config', 'Device')
+RadiusAccounting = load_model('openwisp_radius', 'RadiusAccounting')
+
+BaseDeviceAdmin = admin.site._registry[Device].__class__
+
+
+class DeviceAdmin(BaseDeviceAdmin):
+    change_form_template = 'admin/config/radius-monitoring/device/change_form.html'
+
+    class Media:
+        js = tuple(BaseDeviceAdmin.Media.js) + (
+            'radius-monitoring/js/device-change.js',
+        )
+        css = {
+            'all': ('radius-monitoring/css/device-change.css',)
+            + BaseDeviceAdmin.Media.css['all']
+        }
+
+    def get_extra_context(self, pk=None):
+        ctx = super().get_extra_context(pk)
+        ctx.update(
+            {
+                'radius_accounting_api_endpoint': reverse(
+                    'radius:radius_accounting_list'
+                ),
+                'radius_accounting': reverse(
+                    f'admin:{RadiusAccounting._meta.app_label}'
+                    f'_{RadiusAccounting._meta.model_name}_changelist'
+                ),
+            }
+        )
+        return ctx
+
+
+admin.site.unregister(Device)
+admin.site.register(Device, DeviceAdmin)
diff --git a/openwisp_radius/integrations/monitoring/apps.py b/openwisp_radius/integrations/monitoring/apps.py
new file mode 100644
index 00000000..9a2fe125
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/apps.py
@@ -0,0 +1,54 @@
+from django.apps import AppConfig
+from django.db.models.signals import post_save
+from django.utils.translation import gettext_lazy as _
+from openwisp_monitoring.monitoring.configuration import (
+    _register_chart_configuration_choice,
+    register_metric,
+)
+from swapper import load_model
+
+
+class OpenwispRadiusMonitoringConfig(AppConfig):
+    name = 'openwisp_radius.integrations.monitoring'
+    label = 'openwisp_radius_monitoring'
+    verbose_name = _('OpenWISP RADIUS Monitoring')
+
+    def ready(self):
+        super().ready()
+        self.register_radius_metrics()
+        self.connect_signal_receivers()
+
+    def register_radius_metrics(self):
+        from .configuration import RADIUS_METRICS
+
+        for metric_key, metric_config in RADIUS_METRICS.items():
+            register_metric(metric_key, metric_config)
+            for chart_key, chart_config in metric_config.get('charts', {}).items():
+                _register_chart_configuration_choice(chart_key, chart_config)
+
+    def connect_signal_receivers(self):
+        from .receivers import (
+            post_save_organizationuser,
+            post_save_radiusaccounting,
+            post_save_registereduser,
+        )
+
+        OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
+        RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
+        RadiusAccounting = load_model('openwisp_radius', 'RadiusAccounting')
+
+        post_save.connect(
+            post_save_organizationuser,
+            sender=OrganizationUser,
+            dispatch_uid='post_save_organizationuser_user_signup_metric',
+        )
+        post_save.connect(
+            post_save_registereduser,
+            sender=RegisteredUser,
+            dispatch_uid='post_save_registereduser_user_signup_metric',
+        )
+        post_save.connect(
+            post_save_radiusaccounting,
+            sender=RadiusAccounting,
+            dispatch_uid='post_save_radiusaccounting_radius_acc_metric',
+        )
diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
new file mode 100644
index 00000000..46da43f7
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -0,0 +1,230 @@
+from copy import deepcopy
+
+from django.utils.translation import gettext_lazy as _
+from openwisp_monitoring.monitoring.configuration import DEFAULT_COLORS
+
+from openwisp_radius.registration import REGISTRATION_METHOD_CHOICES
+
+user_signups_chart_traces = {'total': 'lines'}
+user_signups_chart_order = ['total']
+user_signups_chart_summary_labels = [_('Total new users')]
+
+for (method, label) in REGISTRATION_METHOD_CHOICES:
+    if method == '':
+        method = 'unspecified'
+    user_signups_chart_traces[method] = 'stackedbar'
+    user_signups_chart_summary_labels.append(
+        _('New %(label)s users' % {"label": label})
+    )
+    user_signups_chart_order.append(method)
+
+
+user_singups_chart_config = {
+    'type': 'stackedbar+lines',
+    'trace_type': user_signups_chart_traces,
+    'trace_order': user_signups_chart_order,
+    'title': _('User Registration'),
+    'label': _('User Registration'),
+    'description': _('Daily user registration grouped by registration method'),
+    'summary_labels': user_signups_chart_summary_labels,
+    'order': 240,
+    'unit': '',
+    'calculate_total': True,
+    'query': {
+        'influxdb': (
+            "SELECT COUNT(DISTINCT(user_id)) FROM "
+            " {key} WHERE time >= '{time}' {end_date} {organization_id}"
+            " GROUP BY time(1d), method"
+        )
+    },
+    'query_default_param': {
+        'organization_id': '',
+    },
+    'colors': [
+        DEFAULT_COLORS[7],
+        DEFAULT_COLORS[0],
+        DEFAULT_COLORS[1],
+        DEFAULT_COLORS[2],
+        DEFAULT_COLORS[3],
+        DEFAULT_COLORS[4],
+        DEFAULT_COLORS[5],
+    ],
+}
+
+cumulative_user_singups_chart_config = deepcopy(user_singups_chart_config)
+cumulative_user_singups_chart_config['query']['influxdb'] = (
+    "SELECT CUMULATIVE_SUM(COUNT(DISTINCT(user_id))) FROM "
+    " {key} WHERE time >= '{time}' {end_date} {organization_id}"
+    " GROUP BY time(1d), method"
+)
+cumulative_user_singups_chart_config['summary_query'] = {
+    'influxdb': user_singups_chart_config['query']['influxdb']
+}
+cumulative_user_singups_chart_config['title'] = _('Total Registered Users')
+cumulative_user_singups_chart_config['label'] = _('Total Registered Users')
+cumulative_user_singups_chart_config['order'] = 241
+
+
+RADIUS_METRICS = {
+    'user_signups': {
+        'label': _('User Registration'),
+        'name': 'User Registration',
+        'key': 'user_signups',
+        'field_name': 'user_id',
+        'charts': {
+            'user_signups': user_singups_chart_config,
+            'tot_user_signups': cumulative_user_singups_chart_config,
+        },
+    },
+    'radius_acc': {
+        'label': _('RADIUS Accounting'),
+        'name': '{name}',
+        'key': 'radius_acc',
+        'field_name': 'input_octets',
+        'related_fields': ['output_octets', 'username'],
+        'charts': {
+            'radius_traffic': {
+                'type': 'stackedbar+lines',
+                'calculate_total': True,
+                'trace_type': {
+                    'download': 'stackedbar',
+                    'upload': 'stackedbar',
+                    'total': 'lines',
+                },
+                'trace_order': ['total', 'download', 'upload'],
+                'title': _('RADIUS Sessions Traffic'),
+                'label': _('RADIUS Traffic'),
+                'description': _(
+                    'RADIUS Network traffic (total, download and upload).'
+                ),
+                'summary_labels': [
+                    _('Total traffic'),
+                    _('Total download traffic'),
+                    _('Total upload traffic'),
+                ],
+                'unit': 'adaptive_prefix+B',
+                'order': 241,
+                'query': {
+                    'influxdb': (
+                        "SELECT SUM(output_octets) / 1000000000 AS upload, "
+                        "SUM(input_octets) / 1000000000 AS download FROM {key} "
+                        "WHERE time >= '{time}' {end_date} "
+                        "AND content_type = '{content_type}' "
+                        "AND object_id = '{object_id}' "
+                        "GROUP BY time(1d)"
+                    )
+                },
+                'colors': [
+                    DEFAULT_COLORS[7],
+                    DEFAULT_COLORS[0],
+                    DEFAULT_COLORS[1],
+                ],
+            },
+            'rad_session': {
+                'type': 'stackedbar+lines',
+                'calculate_total': True,
+                'fill': 'none',
+                'trace_type': user_signups_chart_traces,
+                'trace_order': user_signups_chart_order,
+                'title': _('Unique RADIUS Session Count'),
+                'label': _('RADIUS Session Count'),
+                'description': _(
+                    'RADIUS Network traffic (total, download and upload).'
+                ),
+                'summary_labels': user_signups_chart_summary_labels,
+                'unit': '',
+                'order': 242,
+                'query': {
+                    'influxdb': (
+                        "SELECT COUNT(DISTINCT(username)) FROM {key} "
+                        "WHERE time >= '{time}' {end_date} "
+                        "AND content_type = '{content_type}' "
+                        "AND object_id = '{object_id}' "
+                        "GROUP by time(1d), method"
+                    )
+                },
+                'query_default_param': {
+                    'organization_id': '',
+                    'location_id': '',
+                },
+                'colors': user_singups_chart_config['colors'],
+            },
+        },
+    },
+    'gen_radius_acc': {
+        'label': _('General RADIUS Accounting'),
+        'name': 'General RADIUS Accounting',
+        'key': 'radius_acc',
+        'field_name': 'input_octets',
+        'related_fields': ['output_octets'],
+        'charts': {
+            'gen_rad_traffic': {
+                'type': 'stackedbar+lines',
+                'calculate_total': True,
+                'fill': 'none',
+                'trace_type': {
+                    'download': 'stackedbar',
+                    'upload': 'stackedbar',
+                    'total': 'lines',
+                },
+                'trace_order': ['total', 'download', 'upload'],
+                'title': _('Total RADIUS Sessions Traffic'),
+                'label': _('General RADIUS Traffic'),
+                'description': _(
+                    'RADIUS Network traffic (total, download and upload).'
+                ),
+                'summary_labels': [
+                    _('Total traffic'),
+                    _('Total download traffic'),
+                    _('Total upload traffic'),
+                ],
+                'unit': 'adaptive_prefix+B',
+                'order': 242,
+                'query': {
+                    'influxdb': (
+                        "SELECT SUM(output_octets) / 1000000000 AS upload, "
+                        "SUM(input_octets) / 1000000000 AS download FROM {key} "
+                        "WHERE time >= '{time}' {end_date} {organization_id} "
+                        "{location_id} GROUP BY time(1d)"
+                    )
+                },
+                'query_default_param': {
+                    'organization_id': '',
+                    'location_id': '',
+                },
+                'colors': [
+                    DEFAULT_COLORS[7],
+                    DEFAULT_COLORS[0],
+                    DEFAULT_COLORS[1],
+                ],
+            },
+            'gen_rad_session': {
+                'type': 'stackedbar+lines',
+                'calculate_total': True,
+                'fill': 'none',
+                'trace_type': user_signups_chart_traces,
+                'trace_order': user_signups_chart_order,
+                'title': _('Unique RADIUS Session Count'),
+                'label': _('General RADIUS Session Count'),
+                'description': _(
+                    'RADIUS Network traffic (total, download and upload).'
+                ),
+                'summary_labels': user_signups_chart_summary_labels,
+                'unit': '',
+                'order': 243,
+                'query': {
+                    'influxdb': (
+                        "SELECT COUNT(DISTINCT(username)) FROM {key} "
+                        "WHERE time >= '{time}' {end_date} {organization_id} "
+                        "{location_id} GROUP by time(1d), method"
+                    )
+                },
+                'query_default_param': {
+                    'organization_id': '',
+                    'location_id': '',
+                },
+                'colors': user_singups_chart_config['colors'],
+            },
+        },
+    },
+}
diff --git a/openwisp_radius/integrations/monitoring/migrations/0001_initial.py b/openwisp_radius/integrations/monitoring/migrations/0001_initial.py
new file mode 100644
index 00000000..f51954c0
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/migrations/0001_initial.py
@@ -0,0 +1,20 @@
+# Generated by Django 4.2.3 on 2023-08-09 13:56
+
+import swapper
+from django.db import migrations
+
+from . import create_general_metrics, delete_general_metrics
+
+
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = [
+        swapper.dependency('monitoring', 'Metric'),
+        swapper.dependency('monitoring', 'Chart'),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            create_general_metrics, reverse_code=delete_general_metrics
+        )
+    ]
diff --git a/openwisp_radius/integrations/monitoring/migrations/__init__.py b/openwisp_radius/integrations/monitoring/migrations/__init__.py
new file mode 100644
index 00000000..179f4ff0
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/migrations/__init__.py
@@ -0,0 +1,42 @@
+import swapper
+
+from ..configuration import RADIUS_METRICS
+
+
+def create_general_metrics(apps, schema_editor):
+    Chart = swapper.load_model('monitoring', 'Chart')
+    Metric = swapper.load_model('monitoring', 'Metric')
+
+    metric, created = Metric._get_or_create(
+        configuration='user_signups',
+        name='User SignUps',
+        key='user_signups',
+        object_id=None,
+        content_type=None,
+    )
+    if created:
+        for configuration in metric.config_dict['charts'].keys():
+            chart = Chart(metric=metric, configuration=configuration)
+            chart.full_clean()
+            chart.save()
+
+    metric, created = Metric._get_or_create(
+        configuration='gen_radius_acc',
+        name='RADIUS Accounting',
+        key='radius_acc',
+        object_id=None,
+        content_type=None,
+    )
+
+    if created:
+        for configuration in metric.config_dict['charts'].keys():
+            chart = Chart(metric=metric, configuration=configuration)
+            chart.full_clean()
+            chart.save()
+
+
+def delete_general_metrics(apps, schema_editor):
+    Metric = apps.get_model('monitoring', 'Metric')
+    Metric.objects.filter(
+        content_type__isnull=True, object_id__isnull=True, key__in=RADIUS_METRICS.keys()
+    ).delete()
diff --git a/openwisp_radius/integrations/monitoring/receivers.py b/openwisp_radius/integrations/monitoring/receivers.py
new file mode 100644
index 00000000..9548833d
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/receivers.py
@@ -0,0 +1,38 @@
+from django.db import transaction
+
+from . import tasks
+
+
+def post_save_registereduser(instance, created, *args, **kwargs):
+    if not created:
+        return
+    transaction.on_commit(
+        lambda: tasks.post_save_registereduser.delay(
+            user_id=str(instance.user_id), registration_method=instance.method
+        )
+    )
+
+
+def post_save_organizationuser(instance, created, *args, **kwargs):
+    if not created:
+        return
+    transaction.on_commit(
+        lambda: tasks.post_save_organizationuser.delay(
+            user_id=str(instance.user_id), organization_id=str(instance.organization_id)
+        )
+    )
+
+
+def post_save_radiusaccounting(instance, *args, **kwargs):
+    if instance.stop_time is None:
+        return
+    transaction.on_commit(
+        lambda: tasks.post_save_radiusaccounting.delay(
+            username=instance.username,
+            organization_id=str(instance.organization_id),
+            input_octets=instance.input_octets,
+            output_octets=instance.output_octets,
+            calling_station_id=instance.calling_station_id,
+            called_station_id=instance.called_station_id,
+        )
+    )
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
new file mode 100644
index 00000000..61fac89d
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
@@ -0,0 +1,14 @@
+#no-session-msg {
+  text-align: center;
+  margin-bottom: 20px;
+}
+#view-all-radius-session-wrapper {
+  text-align: center;
+  margin: 5px;
+}
+#radius-sessions th {
+  text-align: center;
+}
+#radius-session-tbody strong {
+  color: green;
+}
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
new file mode 100644
index 00000000..636385f9
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -0,0 +1,82 @@
+(function ($) {
+    'use strict';
+    const viewAllSessionMsg = gettext('View all RADIUS Sessions');
+    const onlineMsg = gettext('online');
+    const radiusSessionAdminPath = '/admin/openwisp_radius/radiusaccounting/'
+    $(document).ready(function () {
+        if (!$('#radius-sessions').length) {
+            return;
+        }
+        let deviceMac = encodeURIComponent($('#id_mac_address').val()),
+            apiEndpoint = `${radiusAccountingApiEndpoint}?called_station_id=${deviceMac}`;
+
+        function getFormattedDateTimeString(dateTimeString) {
+            // Strip the timezone from the dateTimeString.
+            // THis is done to show the time in server's timezone
+            // because RadiusAccounting also shows the time in server's timezone.
+            let strippedDateTime = new Date(dateTimeString.substring(0, dateTimeString.lastIndexOf('-'))),
+                formattedDate = strippedDateTime.strftime('%d %b %Y, %I:%M %p');
+
+            return formattedDate.replace(/AM/g, 'a.m.').replace(/PM/g, 'p.m.');
+        }
+
+        function fetchRadiusSessions() {
+            if ($('#radius-session-tbody').children().length) {
+                return;
+            }
+            $.ajax({
+                type: 'GET',
+                url: apiEndpoint,
+                xhrFields: {
+                    withCredentials: true
+                },
+                crossDomain: true,
+                beforeSend: function() {
+                    $('#loading-overlay').show();
+                },
+                complete: function () {
+                    $('#loading-overlay').fadeOut(250);
+                },
+                success: function (response) {
+                    if (response.length === 0) {
+                        return;
+                    }
+                    $('#no-session-msg').hide()
+                    $('#device-radius-sessions-table').show()
+                    $('#view-all-radius-session-wrapper').show()
+                    response.forEach(element => {
+                        element.start_time = getFormattedDateTimeString(element.start_time)
+                        if (!element.stop_time) {
+                            element.stop_time = `<strong>${onlineMsg}</strong>`;
+                        } else {
+                            element.stop_time = getFormattedDateTimeString(element.stop_time);
+                        }
+                        $('#radius-session-tbody').append(
+                            `<tr>
+                                <td><p>${element.session_id}</p></td>
+                                <td><p>${element.username}</p></td>
+                                <td><p>${element.input_octets}</p></td>
+                                <td><p>${element.output_octets}</p></td>
+                                <td><p>${element.called_station_id}</p></td>
+                                <td><p>${element.start_time}</p></td>
+                                <td><p>${element.stop_time}</p></td>
+                            </tr>`
+                        );
+                    });
+                }
+            })
+        }
+        $(document).on('tabshown', function (e) {
+            if (e.tabId === '#radius-sessions') {
+                fetchRadiusSessions()
+            }
+        });
+        if (window.location.hash == '#radius-sessions') {
+            $.event.trigger({
+                type: 'tabshown',
+                tabId: window.location.hash,
+            });
+        }
+        $('#view-all-radius-session-wrapper a').attr('href', `${radiusAccountingAdminPath}?called_station_id=${deviceMac}`)
+    });
+}(django.jQuery));
diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
new file mode 100644
index 00000000..34f54896
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -0,0 +1,148 @@
+import hashlib
+import logging
+
+from celery import shared_task
+from django.contrib.contenttypes.models import ContentType
+from swapper import load_model
+
+Metric = load_model('monitoring', 'Metric')
+Chart = load_model('monitoring', 'Chart')
+RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
+OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
+Device = load_model('config', 'Device')
+DeviceLocation = load_model('geo', 'Location')
+
+logger = logging.getLogger(__name__)
+
+
+def sha1_hash(input_string):
+    sha1 = hashlib.sha1()
+    sha1.update(input_string.encode('utf-8'))
+    return sha1.hexdigest()
+
+
+def clean_registration_method(method):
+    if method == '':
+        method = 'unspecified'
+    return method
+
+
+@shared_task
+def post_save_registereduser(user_id, registration_method):
+    metric_data = []
+    org_query = OrganizationUser.objects.filter(user_id=user_id).values_list(
+        'organization_id', flat=True
+    )
+    if not org_query:
+        logger.warning(
+            f'"{user_id}" is not a member of any organization.'
+            ' Skipping user_signup metric writing!'
+        )
+        return
+    registration_method = clean_registration_method(registration_method)
+    for org_id in org_query:
+        metric, _ = Metric._get_or_create(
+            configuration='user_signups',
+            name='User SignUps',
+            key='user_signups',
+            object_id=None,
+            content_type=None,
+            extra_tags={
+                'organization_id': str(org_id),
+                'method': registration_method,
+            },
+        )
+        metric_data.append((metric, {'value': sha1_hash(str(user_id))}))
+    Metric.batch_write(metric_data)
+
+
+@shared_task
+def post_save_organizationuser(user_id, organization_id):
+    try:
+        registration_method = (
+            RegisteredUser.objects.only('method').get(user_id=user_id).method
+        )
+    except RegisteredUser.DoesNotExist:
+        logger.warning(
+            f'RegisteredUser object not found for "{user_id}".'
+            ' Skipping user_signup metric writing!'
+        )
+        return
+    registration_method = clean_registration_method(registration_method)
+    metric, _ = Metric._get_or_create(
+        configuration='user_signups',
+        name='User SignUps',
+        key='user_signups',
+        object_id=None,
+        content_type=None,
+        extra_tags={'organization_id': organization_id, 'method': registration_method},
+    )
+    metric.write(sha1_hash(str(user_id)))
+
+
+@shared_task
+def post_save_radiusaccounting(
+    username,
+    organization_id,
+    input_octets,
+    output_octets,
+    calling_station_id,
+    called_station_id,
+):
+    try:
+        registration_method = (
+            RegisteredUser.objects.only('method').get(user__username=username).method
+        )
+    except RegisteredUser.DoesNotExist:
+        logger.warning(
+            f'RegisteredUser object not found for "{username}".'
+            ' Skipping radius_acc metric writing!'
+        )
+        return
+    else:
+        registration_method = clean_registration_method(registration_method)
+    try:
+        device = (
+            Device.objects.select_related('devicelocation')
+            .only('id', 'devicelocation__location_id')
+            .get(mac_address=called_station_id, organization_id=organization_id)
+        )
+    except Device.DoesNotExist:
+        logger.warning(
+            f'Device object not found with MAC "{called_station_id}"'
+            f' and organization "{organization_id}".'
+            ' Skipping radius_acc metric writing!'
+        )
+        return
+    device_id = str(device.id)
+    if hasattr(device, 'devicelocation'):
+        location_id = str(device.devicelocation.location_id)
+    else:
+        location_id = None
+
+    metric, created = Metric._get_or_create(
+        configuration='radius_acc',
+        name='RADIUS Accounting',
+        key='radius_acc',
+        object_id=device_id,
+        content_type=ContentType.objects.get_for_model(Device),
+        extra_tags={
+            'organization_id': organization_id,
+            'method': registration_method,
+            'calling_station_id': calling_station_id,
+            'called_station_id': called_station_id,
+            'location_id': location_id,
+        },
+    )
+    metric.write(
+        input_octets,
+        extra_values={
+            'output_octets': output_octets,
+            'username': sha1_hash(username),
+        },
+    )
+    if created:
+        for configuration in metric.config_dict['charts'].keys():
+            chart = Chart(metric=metric, configuration=configuration)
+            chart.full_clean()
+            chart.save()
diff --git a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
new file mode 100644
index 00000000..f8e646a3
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
@@ -0,0 +1,38 @@
+{% extends "admin/config/device/change_form.html" %}
+{% load i18n %}
+
+{% block inline_field_sets %}
+{{ block.super }}
+{% comment %}
+RadiusAccounting model does not have a ForeignKey to Device object.
+Therefore, RadiusAccounting inline is added using HTML and JS.
+{% endcomment %}
+{% if not add %}
+<div class="js-inline-admin-formset inline-group" id="radius-sessions">
+    <div id="no-session-msg"><h3>{% trans "There are no RADIUS sessions for this device." %}</h3></div>
+    <div class="tabular inline-related">
+        <fieldset class="module">.
+            <h2>{% trans 'RADIUS Sessions' %}</h2>
+            <table id="device-radius-sessions-table" class="hide">
+                <thead>
+                    <th>{% trans "session ID" %}</th>
+                    <th>{% trans "username" %}</th>
+                    <th>{% trans "input octets" %}</th>
+                    <th>{% trans "ouput octets" %}</th>
+                    <th>{% trans "called station ID" %}</th>
+                    <th>{% trans "start time" %}</th>
+                    <th>{% trans "stop time" %}</th>
+                </thead>
+                <tbody id="radius-session-tbody"></tbody>
+            </table>
+        </fieldset>
+    <div id="view-all-radius-session-wrapper" class="hide"><a class="button">{% trans "View all RADIUS Sessions" %}</a></div>
+    </div>
+</div>
+<script>
+    const radiusAccountingApiEndpoint = "{{ radius_accounting_api_endpoint }}";
+    const radiusAccountingAdminPath = "{{ radius_accounting }}";
+</script>
+{% endif %}
+{% endblock %}
+<script>alert('from the template')</script>
diff --git a/openwisp_radius/registration.py b/openwisp_radius/registration.py
index e797e4fe..66d26921 100644
--- a/openwisp_radius/registration.py
+++ b/openwisp_radius/registration.py
@@ -8,8 +8,8 @@
 REGISTRATION_METHOD_CHOICES = [
     ('', 'Unspecified'),
     ('manual', _('Manually created')),
-    ('email', _('Email (No Identity Verification)')),
-    ('mobile_phone', _('Mobile phone verification')),
+    ('email', _('Email')),
+    ('mobile_phone', _('Mobile phone')),
 ]
 
 AUTHORIZE_UNVERIFIED = []
diff --git a/openwisp_radius/tests/test_api/test_api.py b/openwisp_radius/tests/test_api/test_api.py
index 1e3bc997..6224fa30 100644
--- a/openwisp_radius/tests/test_api/test_api.py
+++ b/openwisp_radius/tests/test_api/test_api.py
@@ -39,6 +39,7 @@
 OrganizationRadiusSettings = load_model('OrganizationRadiusSettings')
 Organization = swapper.load_model('openwisp_users', 'Organization')
 OrganizationUser = swapper.load_model('openwisp_users', 'OrganizationUser')
+Group = swapper.load_model('openwisp_users', 'Group')
 
 START_DATE = '2019-04-20T22:14:09+01:00'
 
@@ -1173,6 +1174,98 @@ def test_user_radius_usage_view(self):
             response = self.client.get(usage_url, HTTP_AUTHORIZATION=authorization)
             self.assertEqual(response.status_code, 404)
 
+    def test_user_group_check_serializer_counter_does_not_exist(self):
+        group = self._create_radius_group(name='group name')
+        group_check = self._create_radius_groupcheck(
+            attribute='ChilliSpot-Max-Input-Octets',
+            op=':=',
+            value='2000000000',
+            group=group,
+            groupname=group.name,
+        )
+        serializer = UserGroupCheckSerializer(group_check)
+        self.assertDictEqual(
+            serializer.data,
+            {
+                'attribute': 'ChilliSpot-Max-Input-Octets',
+                'op': ':=',
+                'result': None,
+                'type': None,
+                'value': '2000000000',
+            },
+        )
+
+    def test_radius_accounting(self):
+        path = reverse('radius:radius_accounting_list')
+        org1 = self.default_org
+        org2 = self._create_org(name='org2', slug='org2')
+        data1 = self.acct_post_data
+        data1.update(
+            dict(
+                session_id='35000006',
+                unique_id='75058e50',
+                input_octets=9900909,
+                output_octets=1513075509,
+                username='tester',
+                organization=org1,
+            )
+        )
+        self._create_radius_accounting(**data1)
+        data2 = self.acct_post_data
+        data2.update(
+            dict(
+                session_id='40111116',
+                unique_id='12234f69',
+                input_octets=3000909,
+                output_octets=1613176609,
+                username='tester',
+                organization=org1,
+            )
+        )
+        self._create_radius_accounting(**data2)
+        data3 = self.acct_post_data
+        data3.update(
+            dict(
+                session_id='89897654',
+                unique_id='99144d60',
+                input_octets=4440909,
+                output_octets=1119074409,
+                username='admin',
+                organization=org2,
+            )
+        )
+        self._create_radius_accounting(**data3)
+
+        with self.subTest('Test unauthenicated user'):
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 401)
+
+        org1_user = self._create_org_user(organization=org1, is_admin=False)
+        administrator = Group.objects.get(name='Administrator')
+        org1_user.user.groups.add(administrator)
+        self.client.force_login(org1_user.user)
+        with self.subTest('Test organization user (not organization manager)'):
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 403)
+
+        org1_user.is_admin = True
+        org1_user.save()
+        with self.subTest('Test organization user (organization manager)'):
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 2)
+            self.assertEqual(response.data[0]['unique_id'], data2['unique_id'])
+            self.assertEqual(response.data[1]['unique_id'], data1['unique_id'])
+
+        with self.subTest('Test superuser can view all sessions'):
+            admin = self._create_admin()
+            self.client.force_login(admin)
+            response = self.client.get(path)
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 3)
+            self.assertEqual(response.data[0]['unique_id'], data3['unique_id'])
+            self.assertEqual(response.data[1]['unique_id'], data2['unique_id'])
+            self.assertEqual(response.data[2]['unique_id'], data1['unique_id'])
 
 del BaseTestCase
 del BaseTransactionTestCase
diff --git a/setup.cfg b/setup.cfg
index 17920818..d04257c7 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -11,5 +11,5 @@ exclude = *.egg-info,
           .git,
           ./tests/*settings*.py,
           docs/*
-        ./tests/openwisp2/saml/*
+          ./tests/openwisp2/saml/*
 max-line-length = 88
diff --git a/tests/openwisp2/routing.py b/tests/openwisp2/routing.py
new file mode 100644
index 00000000..8f1973a4
--- /dev/null
+++ b/tests/openwisp2/routing.py
@@ -0,0 +1,12 @@
+from channels.auth import AuthMiddlewareStack
+from channels.routing import ProtocolTypeRouter, URLRouter
+from channels.security.websocket import AllowedHostsOriginValidator
+from openwisp_controller.routing import get_routes
+
+application = ProtocolTypeRouter(
+    {
+        'websocket': AllowedHostsOriginValidator(
+            AuthMiddlewareStack(URLRouter(get_routes()))
+        )
+    }
+)
diff --git a/tests/openwisp2/settings.py b/tests/openwisp2/settings.py
index 1644021c..c4b653f0 100644
--- a/tests/openwisp2/settings.py
+++ b/tests/openwisp2/settings.py
@@ -9,7 +9,7 @@
 
 # Set DEBUG to False in production
 DEBUG = True
-
+INTERNAL_IPS = ['127.0.0.1']
 SECRET_KEY = '&a@f(0@lrl%606smticbu20=pvribdvubk5=gjti8&n1y%bi&4'
 
 ALLOWED_HOSTS = []
@@ -24,35 +24,53 @@
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'django.contrib.humanize',
-    # openwisp admin theme
-    'openwisp_utils.admin_theme',
-    'openwisp_users.accounts',
+    'django.contrib.gis',
     # all-auth
     'django.contrib.sites',
+    # overrides allauth templates
+    # must precede allauth
+    'openwisp_users.accounts',
     'allauth',
     'allauth.account',
     'allauth.socialaccount',
-    # rest framework
-    'rest_framework',
-    'django_filters',
-    # registration
-    'rest_framework.authtoken',
+    'django_extensions',
+    # openwisp2 modules
+    'openwisp_users',
+    'openwisp_controller.pki',
+    'openwisp_controller.config',
+    'openwisp_controller.geo',
+    'openwisp_controller.connection',
+    'openwisp_ipam',
+    'openwisp_monitoring.monitoring',
+    'openwisp_monitoring.device',
+    'openwisp_monitoring.check',
+    'nested_admin',
+    'openwisp_notifications',
+    'flat_json_widget',
     'dj_rest_auth',
     'dj_rest_auth.registration',
-    # social login
-    'allauth.socialaccount.providers.facebook',
-    'allauth.socialaccount.providers.google',
-    # openwisp radius
     'openwisp_radius',
-    'openwisp_users',
-    # admin
+    'openwisp_radius.integrations.monitoring',
+    # openwisp2 admin theme
+    # (must be loaded here)
+    'openwisp_utils.admin_theme',
     'admin_auto_filters',
+    # admin
     'django.contrib.admin',
+    'django.forms',
+    # other dependencies
+    'sortedm2m',
+    'reversion',
+    'leaflet',
+    'rest_framework',
+    'rest_framework_gis',
+    'rest_framework.authtoken',
+    'django_filters',
     'private_storage',
     'drf_yasg',
-    'django_extensions',
-    'openwisp2.integrations',
-    'djangosaml2',
+    'import_export',
+    'channels',
+    # 'debug_toolbar',
 ]
 
 LOGIN_REDIRECT_URL = 'admin:index'
@@ -83,6 +101,7 @@
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     'djangosaml2.middleware.SamlSessionMiddleware',
+    # 'debug_toolbar.middleware.DebugToolbarMiddleware',
 ]
 
 SESSION_COOKIE_SECURE = True
@@ -101,8 +120,8 @@
         'OPTIONS': {
             'loaders': [
                 'django.template.loaders.filesystem.Loader',
-                'openwisp_utils.loaders.DependencyLoader',
                 'django.template.loaders.app_directories.Loader',
+                'openwisp_utils.loaders.DependencyLoader',
             ],
             'context_processors': [
                 'django.template.context_processors.debug',
@@ -110,6 +129,7 @@
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
                 'openwisp_utils.admin_theme.context_processor.menu_groups',
+                'openwisp_notifications.context_processors.notification_api_settings',
             ],
         },
     }
@@ -220,7 +240,7 @@
     ),
 }
 
-if not TESTING:
+if TESTING:
     CELERY_BROKER_URL = os.getenv('REDIS_URL', f'redis://{redis_host}/1')
 else:
     OPENWISP_RADIUS_GROUPCHECK_ADMIN = True
@@ -305,12 +325,36 @@
 
 OPENWISP_USERS_AUTH_API = True
 
+TIMESERIES_DATABASE = {
+    'BACKEND': 'openwisp_monitoring.db.backends.influxdb',
+    'USER': 'openwisp',
+    'PASSWORD': 'openwisp',
+    'NAME': 'openwisp2',
+    'HOST': os.getenv('INFLUXDB_HOST', 'localhost'),
+    'PORT': '8086',
+    # UDP writes are disabled by default
+    'OPTIONS': {'udp_writes': False, 'udp_port': 8089},
+}
+EXTENDED_APPS = ['django_x509', 'django_loci']
+
+ASGI_APPLICATION = 'openwisp2.routing.application'
+if TESTING:
+    CHANNEL_LAYERS = {'default': {'BACKEND': 'channels.layers.InMemoryChannelLayer'}}
+else:
+    CHANNEL_LAYERS = {
+        'default': {
+            'BACKEND': 'channels_redis.core.RedisChannelLayer',
+            'CONFIG': {'hosts': [f'redis://{redis_host}/7']},
+        }
+    }
+
+
 if os.environ.get('SAMPLE_APP', False):
     INSTALLED_APPS.remove('openwisp_radius')
     INSTALLED_APPS.remove('openwisp_users')
     INSTALLED_APPS.append('openwisp2.sample_radius')
     INSTALLED_APPS.append('openwisp2.sample_users')
-    EXTENDED_APPS = ('openwisp_radius', 'openwisp_users')
+    # EXTENDED_APPS = ('openwisp_radius', 'openwisp_users')
     AUTH_USER_MODEL = 'sample_users.User'
     OPENWISP_USERS_GROUP_MODEL = 'sample_users.Group'
     OPENWISP_USERS_ORGANIZATION_MODEL = 'sample_users.Organization'
@@ -363,3 +407,16 @@
     from .local_settings import *
 except ImportError:
     pass
+
+FORM_RENDERER = 'django.forms.renderers.TemplatesSetting'
+
+if not TESTING:
+    CACHES = {
+        'default': {
+            'BACKEND': 'django_redis.cache.RedisCache',
+            'LOCATION': 'redis://127.0.0.1:6379/6',
+            'OPTIONS': {
+                'CLIENT_CLASS': 'django_redis.client.DefaultClient',
+            },
+        }
+    }
diff --git a/tests/openwisp2/urls.py b/tests/openwisp2/urls.py
index a9465644..d42d307e 100644
--- a/tests/openwisp2/urls.py
+++ b/tests/openwisp2/urls.py
@@ -29,6 +29,8 @@
 
 urlpatterns = [
     path('admin/', admin.site.urls),
+    path('', include('openwisp_controller.urls')),
+    path('', include('openwisp_monitoring.urls')),
     path('api/v1/', include('openwisp_utils.api.urls')),
     path('api/v1/', include('openwisp_users.api.urls')),
     path('accounts/', include('openwisp_users.accounts.urls')),
@@ -46,3 +48,8 @@
 ] + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
 urlpatterns += staticfiles_urlpatterns()
+
+if settings.DEBUG and 'debug_toolbar' in settings.INSTALLED_APPS:
+    import debug_toolbar
+
+    urlpatterns.append(path('__debug__/', include(debug_toolbar.urls)))
diff --git a/tests/openwisp2/views.py b/tests/openwisp2/views.py
index 8071cd7f..d916ebb6 100644
--- a/tests/openwisp2/views.py
+++ b/tests/openwisp2/views.py
@@ -1,4 +1,5 @@
 import logging
+import random
 import uuid
 from urllib.parse import urlparse
 
@@ -53,7 +54,8 @@ def captive_portal_login(request):
             session_id=id_,
             nas_ip_address='127.0.0.1',
             calling_station_id='00:00:00:00:00:00',
-            called_station_id='11:00:00:00:00:11',
+            # called_station_id='E8:48:B8:80:24:BC',
+            called_station_id='11:22:33:44:55:66',
             session_time=0,
             input_octets=0,
             output_octets=0,
@@ -81,6 +83,8 @@ def captive_portal_logout(request):
                 terminate_cause='User-Request',
                 nas_ip_address='127.0.0.1',
                 unique_id=session_id,
+                input_octets=random.randint(20, 50) * 100000,
+                output_octets=random.randint(20, 50) * 100000,
             )
             post_accounting_data(request, data)
             logger.info(

From a6c90c201a8f4632e27dec00b14702d1f621eca0 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 10:12:57 +0530
Subject: [PATCH 02/51] [req-changes] Fixed colours for RADIUS charts

---
 openwisp_radius/integrations/monitoring/configuration.py | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 46da43f7..92acad91 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -42,12 +42,13 @@
     },
     'colors': [
         DEFAULT_COLORS[7],
-        DEFAULT_COLORS[0],
-        DEFAULT_COLORS[1],
-        DEFAULT_COLORS[2],
-        DEFAULT_COLORS[3],
         DEFAULT_COLORS[4],
+        DEFAULT_COLORS[3],
         DEFAULT_COLORS[5],
+        DEFAULT_COLORS[0],
+        DEFAULT_COLORS[2],
+        DEFAULT_COLORS[1],
+        DEFAULT_COLORS[6],
     ],
 }
 

From 7afde86acbcd493be4e557981100f7f5c0f0b048 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 11:01:39 +0530
Subject: [PATCH 03/51] [chores] Refactored code

---
 .jshintrc                                     |  7 +++++
 .../radius-monitoring/css/device-change.css   |  3 --
 .../radius-monitoring/js/device-change.js     | 28 ++++++++++---------
 .../radius-monitoring/device/change_form.html |  3 +-
 .../openwisp-radius/js/mode-switcher.js       |  2 +-
 .../openwisp-radius/js/strategy-switcher.js   |  2 +-
 run-qa-checks                                 |  2 ++
 setup.cfg                                     |  1 -
 tests/openwisp2/views.py                      |  3 +-
 9 files changed, 28 insertions(+), 23 deletions(-)
 create mode 100644 .jshintrc

diff --git a/.jshintrc b/.jshintrc
new file mode 100644
index 00000000..99b4b79c
--- /dev/null
+++ b/.jshintrc
@@ -0,0 +1,7 @@
+{
+    "unused": true,
+    "esversion": 6,
+    "curly": true,
+    "strict": "global",
+    "browser": true
+}
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
index 61fac89d..36cad3fa 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
@@ -6,9 +6,6 @@
   text-align: center;
   margin: 5px;
 }
-#radius-sessions th {
-  text-align: center;
-}
 #radius-session-tbody strong {
   color: green;
 }
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
index 636385f9..3c87d094 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -1,27 +1,29 @@
 (function ($) {
     'use strict';
-    const viewAllSessionMsg = gettext('View all RADIUS Sessions');
+
     const onlineMsg = gettext('online');
-    const radiusSessionAdminPath = '/admin/openwisp_radius/radiusaccounting/'
+
     $(document).ready(function () {
         if (!$('#radius-sessions').length) {
+            // RADIUS sessions tab should not appear on Device add page.
             return;
         }
-        let deviceMac = encodeURIComponent($('#id_mac_address').val()),
+        const deviceMac = encodeURIComponent($('#id_mac_address').val()),
             apiEndpoint = `${radiusAccountingApiEndpoint}?called_station_id=${deviceMac}`;
 
         function getFormattedDateTimeString(dateTimeString) {
             // Strip the timezone from the dateTimeString.
-            // THis is done to show the time in server's timezone
-            // because RadiusAccounting also shows the time in server's timezone.
+            // This is done to show the time in server's timezone
+            // because RadiusAccounting admin also shows the time in server's timezone.
             let strippedDateTime = new Date(dateTimeString.substring(0, dateTimeString.lastIndexOf('-'))),
                 formattedDate = strippedDateTime.strftime('%d %b %Y, %I:%M %p');
-
             return formattedDate.replace(/AM/g, 'a.m.').replace(/PM/g, 'p.m.');
         }
 
         function fetchRadiusSessions() {
             if ($('#radius-session-tbody').children().length) {
+                // Don't fetch if RADIUS sessions are already present
+                // in the table
                 return;
             }
             $.ajax({
@@ -41,11 +43,11 @@
                     if (response.length === 0) {
                         return;
                     }
-                    $('#no-session-msg').hide()
-                    $('#device-radius-sessions-table').show()
-                    $('#view-all-radius-session-wrapper').show()
+                    $('#no-session-msg').hide();
+                    $('#device-radius-sessions-table').show();
+                    $('#view-all-radius-session-wrapper').show();
                     response.forEach(element => {
-                        element.start_time = getFormattedDateTimeString(element.start_time)
+                        element.start_time = getFormattedDateTimeString(element.start_time);
                         if (!element.stop_time) {
                             element.stop_time = `<strong>${onlineMsg}</strong>`;
                         } else {
@@ -64,11 +66,11 @@
                         );
                     });
                 }
-            })
+            });
         }
         $(document).on('tabshown', function (e) {
             if (e.tabId === '#radius-sessions') {
-                fetchRadiusSessions()
+                fetchRadiusSessions();
             }
         });
         if (window.location.hash == '#radius-sessions') {
@@ -77,6 +79,6 @@
                 tabId: window.location.hash,
             });
         }
-        $('#view-all-radius-session-wrapper a').attr('href', `${radiusAccountingAdminPath}?called_station_id=${deviceMac}`)
+        $('#view-all-radius-session-wrapper a').attr('href', `${radiusAccountingAdminPath}?called_station_id=${deviceMac}`);
     });
 }(django.jQuery));
diff --git a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
index f8e646a3..02c288ed 100644
--- a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
+++ b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
@@ -12,7 +12,7 @@
     <div id="no-session-msg"><h3>{% trans "There are no RADIUS sessions for this device." %}</h3></div>
     <div class="tabular inline-related">
         <fieldset class="module">.
-            <h2>{% trans 'RADIUS Sessions' %}</h2>
+            <h2>{% trans "RADIUS Sessions" %}</h2>
             <table id="device-radius-sessions-table" class="hide">
                 <thead>
                     <th>{% trans "session ID" %}</th>
@@ -35,4 +35,3 @@ <h2>{% trans 'RADIUS Sessions' %}</h2>
 </script>
 {% endif %}
 {% endblock %}
-<script>alert('from the template')</script>
diff --git a/openwisp_radius/static/openwisp-radius/js/mode-switcher.js b/openwisp_radius/static/openwisp-radius/js/mode-switcher.js
index 37f9f44b..780844fc 100644
--- a/openwisp_radius/static/openwisp-radius/js/mode-switcher.js
+++ b/openwisp_radius/static/openwisp-radius/js/mode-switcher.js
@@ -7,7 +7,7 @@
                         '.field-user, .field-username)'),
             guided = $('.field-group, .field-user'),
             custom = $('.field-groupname, .field-username');
-        mode.change(function (e) {
+        mode.change(function () {
             allExceptMode.hide();
             if (mode.val() === 'guided') {
                 guided.show();
diff --git a/openwisp_radius/static/openwisp-radius/js/strategy-switcher.js b/openwisp_radius/static/openwisp-radius/js/strategy-switcher.js
index d24a01ad..e070bf91 100644
--- a/openwisp_radius/static/openwisp-radius/js/strategy-switcher.js
+++ b/openwisp_radius/static/openwisp-radius/js/strategy-switcher.js
@@ -35,7 +35,7 @@
             }
         }
 
-        strategy.change(function (e) {
+        strategy.change(function () {
             if (strategy.val() === 'prefix') {
                 prefix_strategy();
             } else if (strategy.val() === 'csv') {
diff --git a/run-qa-checks b/run-qa-checks
index 5d442583..5dde1520 100755
--- a/run-qa-checks
+++ b/run-qa-checks
@@ -14,6 +14,8 @@ cd ..
 echo ''
 echo 'Running checks for openwisp-radius'
 openwisp-qa-check \
+        --csslinter \
+        --jslinter \
         --migration-path "./openwisp_radius/migrations"
 
 echo ''
diff --git a/setup.cfg b/setup.cfg
index d04257c7..73f56700 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -11,5 +11,4 @@ exclude = *.egg-info,
           .git,
           ./tests/*settings*.py,
           docs/*
-          ./tests/openwisp2/saml/*
 max-line-length = 88
diff --git a/tests/openwisp2/views.py b/tests/openwisp2/views.py
index d916ebb6..4e7e18dd 100644
--- a/tests/openwisp2/views.py
+++ b/tests/openwisp2/views.py
@@ -54,8 +54,7 @@ def captive_portal_login(request):
             session_id=id_,
             nas_ip_address='127.0.0.1',
             calling_station_id='00:00:00:00:00:00',
-            # called_station_id='E8:48:B8:80:24:BC',
-            called_station_id='11:22:33:44:55:66',
+            called_station_id='11:00:00:00:00:11',
             session_time=0,
             input_octets=0,
             output_octets=0,

From a2915a5f496d81be011413918466d9cc6b06dccc Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 14:45:15 +0530
Subject: [PATCH 04/51] [tests] Added tests for RADIUS monitoring

---
 .github/workflows/ci.yml                      |   1 +
 .../integrations/monitoring/tests/__init__.py |   0
 .../monitoring/tests/test_admin.py            |  28 +++
 .../monitoring/tests/test_metrics.py          | 213 ++++++++++++++++++
 runtests.py                                   |   2 +
 tests/openwisp2/sample_radius/api/views.py    |   6 +
 tests/openwisp2/settings.py                   | 129 ++++++-----
 tests/openwisp2/urls.py                       |   8 +-
 8 files changed, 332 insertions(+), 55 deletions(-)
 create mode 100644 openwisp_radius/integrations/monitoring/tests/__init__.py
 create mode 100644 openwisp_radius/integrations/monitoring/tests/test_admin.py
 create mode 100644 openwisp_radius/integrations/monitoring/tests/test_metrics.py

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b94ee487..8d09990d 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -58,6 +58,7 @@ jobs:
         if: ${{ !cancelled() && steps.deps.conclusion == 'success' }}
         run: |
           coverage run runtests.py --parallel || ./runtests.py
+          MONITORING_INTEGRATION=1 coverage run --append runtests.py
           # SAMPLE tests do not influence coverage, so we can speed up tests with --parallel
           SAMPLE_APP=1 coverage run ./runtests.py --parallel > /dev/null 2>&1 || SAMPLE_APP=1 ./runtests.py
           coverage combine
diff --git a/openwisp_radius/integrations/monitoring/tests/__init__.py b/openwisp_radius/integrations/monitoring/tests/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/openwisp_radius/integrations/monitoring/tests/test_admin.py b/openwisp_radius/integrations/monitoring/tests/test_admin.py
new file mode 100644
index 00000000..ed665076
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/tests/test_admin.py
@@ -0,0 +1,28 @@
+from django.test import TestCase
+from django.urls import reverse
+from openwisp_controller.config.tests.utils import CreateConfigMixin
+
+from openwisp_users.tests.utils import TestOrganizationMixin
+
+
+class TestDeviceAdmin(CreateConfigMixin, TestOrganizationMixin, TestCase):
+    app_label = 'config'
+
+    def setUp(self):
+        admin = self._create_admin()
+        self.client.force_login(admin)
+
+    def test_radius_session_tab(self):
+        device = self._create_device()
+        response = self.client.get(
+            reverse(f'admin:{self.app_label}_device_change', args=[device.id])
+        )
+        self.assertEqual(response.status_code, 200)
+        self.assertContains(
+            response,
+            '<div class="js-inline-admin-formset inline-group" id="radius-sessions">',
+        )
+        self.assertContains(
+            response,
+            '<tbody id="radius-session-tbody"></tbody>',
+        )
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
new file mode 100644
index 00000000..0a51f84d
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -0,0 +1,213 @@
+from unittest.mock import patch
+
+from django.contrib.contenttypes.models import ContentType
+from openwisp_controller.config.tests.utils import CreateConfigMixin
+from openwisp_monitoring.monitoring.tests import TestMonitoringMixin
+from swapper import load_model
+
+from openwisp_radius.tests import _RADACCT
+from openwisp_radius.tests.mixins import BaseTransactionTestCase
+
+from .. import tasks
+
+RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
+Metric = load_model('monitoring', 'Metric')
+Device = load_model('config', 'Device')
+
+
+class TestMetrics(TestMonitoringMixin, CreateConfigMixin, BaseTransactionTestCase):
+    def _create_registered_user(self, **kwargs):
+        options = {'is_verified': False, 'method': 'mobile_phone'}
+        options.update(**kwargs)
+        if 'user' not in options:
+            options['user'] = self._create_user()
+        reg_user = RegisteredUser(**options)
+        reg_user.full_clean()
+        reg_user.save()
+        return reg_user
+
+    @patch('logging.Logger.warning')
+    def test_post_save_registered_user(self, *args):
+        user = self._create_user()
+        org1 = self._create_org(name='org1')
+        org2 = self._create_org(name='org2')
+        self._create_org_user(user=user, organization=org1)
+        self._create_org_user(user=user, organization=org2)
+        self._create_registered_user(user=user)
+        self.assertEqual(
+            Metric.objects.filter(
+                configuration='user_signups',
+                name='User SignUps',
+                key='user_signups',
+                object_id=None,
+                content_type=None,
+            ).count(),
+            1,
+        )
+        metric = Metric.objects.filter(key='user_signups').first()
+        points = metric.read()
+        # The query performs DISTINCT on the username field,
+        # therefore the read() method returns only one point.
+        self.assertEqual(len(points), 1)
+        # Assert username field is hashed
+        self.assertNotEqual(points[0]['user_id'], str(user.id))
+        self.assertEqual(points[0]['user_id'], tasks.sha1_hash(str(user.id)))
+
+    @patch.object(Metric, 'write')
+    @patch('logging.Logger.warning')
+    @patch.object(Metric, 'batch_write')
+    def test_post_save_registered_user_edge_cases(
+        self, mocked_metric_batch_write, mocked_logger, *args
+    ):
+        user = self._create_user()
+
+        with self.subTest('Test organization user does not exist'):
+            reg_user = self._create_registered_user(user=user)
+            mocked_logger.assert_called_once_with(
+                f'"{user.id}" is not a member of any organization.'
+                ' Skipping user_signup metric writing!'
+            )
+            mocked_metric_batch_write.assert_not_called()
+
+        self._create_org_user(user=user)
+
+        with self.subTest('Test saving an existing RegisteredUser object'):
+            with patch.object(tasks.post_save_registereduser, 'delay') as mocked_task:
+                reg_user.is_verified = True
+                reg_user.full_clean()
+                reg_user.save()
+            mocked_task.assert_not_called()
+            mocked_metric_batch_write.assert_not_called()
+
+    @patch('logging.Logger.warning')
+    def test_post_save_organization_user(self, *args):
+        user = self._create_user()
+        self._create_registered_user(user=user)
+        self._create_org_user(user=user)
+        self.assertEqual(
+            Metric.objects.filter(
+                configuration='user_signups',
+                name='User SignUps',
+                key='user_signups',
+                object_id=None,
+                content_type=None,
+            ).count(),
+            1,
+        )
+        metric = Metric.objects.filter(key='user_signups').first()
+        points = metric.read()
+        self.assertEqual(len(points), 1)
+        # Assert username field is hashed
+        self.assertNotEqual(points[0]['user_id'], str(user.id))
+        self.assertEqual(points[0]['user_id'], tasks.sha1_hash(str(user.id)))
+
+    @patch.object(Metric, 'batch_write')
+    @patch('logging.Logger.warning')
+    @patch.object(Metric, 'write')
+    def test_post_save_organization_user_edge_cases(
+        self, mocked_metric_write, mocked_logger, *args
+    ):
+        user = self._create_user()
+
+        with self.subTest('Test registered user does not exist'):
+            org_user = self._create_org_user(user=user)
+            mocked_logger.assert_called_once_with(
+                f'RegisteredUser object not found for "{user.id}".'
+                ' Skipping user_signup metric writing!'
+            )
+            mocked_metric_write.assert_not_called()
+
+        self._create_registered_user(user=user)
+
+        with self.subTest('Test saving an existing RegisteredUser object'):
+            with patch.object(tasks.post_save_organizationuser, 'delay') as mocked_task:
+                org_user.is_admin = True
+                org_user.full_clean()
+                org_user.save()
+            mocked_task.assert_not_called()
+            mocked_metric_write.assert_not_called()
+
+    @patch('logging.Logger.warning')
+    def test_post_save_radiusaccounting(self, *args):
+        user = self._create_user()
+        reg_user = self._create_registered_user(user=user)
+        device = self._create_device()
+        options = _RADACCT.copy()
+        options.update(
+            {
+                'unique_id': '117',
+                'username': user.username,
+                'called_station_id': device.mac_address,
+                'calling_station_id': '00:00:00:00:00:00',
+                'input_octets': '8000000000',
+                'output_octets': '9000000000',
+            }
+        )
+        options['stop_time'] = options['start_time']
+
+        self._create_radius_accounting(**options)
+        self.assertEqual(
+            Metric.objects.filter(
+                configuration='radius_acc',
+                name='RADIUS Accounting',
+                key='radius_acc',
+                object_id=str(device.id),
+                content_type=ContentType.objects.get_for_model(Device),
+                extra_tags={
+                    'called_station_id': device.mac_address,
+                    'calling_station_id': '00:00:00:00:00:00',
+                    'location_id': None,
+                    'method': reg_user.method,
+                    'organization_id': str(self.default_org.id),
+                },
+            ).count(),
+            1,
+        )
+        metric = Metric.objects.filter(configuration='radius_acc').first()
+        chart = metric.chart_set.first()
+        points = chart.read()
+        self.assertEqual(points['traces'][0][0], 'download')
+        self.assertEqual(points['traces'][0][1][-1], 8)
+        self.assertEqual(points['traces'][1][0], 'upload')
+        self.assertEqual(points['traces'][1][1][-1], 9)
+        self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
+
+    @patch.object(Metric, 'write')
+    @patch('logging.Logger.warning')
+    def post_save_radiusaccounting_edge_cases(
+        self, mocked_logger, mocked_metric_write, *args
+    ):
+        options = _RADACCT.copy()
+        options['called_station_id'] = '00:00:00:00:00:00'
+        options['unique_id'] = '117'
+        with self.subTest('Test session is not closed'):
+            with patch.object(tasks.post_save_registereduser, 'delay') as mocked_task:
+                rad_acc = self._create_radius_accounting(**options)
+                self.assertEqual(rad_acc.stop_time, None)
+            mocked_task.assert_not_called()
+            mocked_metric_write.assert_not_called()
+
+        user = self._create_user()
+        options['username'] = user.username
+        options['unique_id'] = '118'
+        options['stop_time'] = options['start_time']
+
+        with self.subTest('Test RegisteredUser object does not exist'):
+            rad_acc = self._create_radius_accounting(**options)
+            self.assertNotEqual(rad_acc.stop_time, None)
+            mocked_logger.assert_called_once_with(
+                f'RegisteredUser object not found for "{user.username}".'
+                ' Skipping radius_acc metric writing!'
+            )
+
+        self._create_registered_user(user=user, method='')
+        options['unique_id'] = '119'
+        mocked_logger.reset_mock()
+
+        with self.subTest('Test Device with called_station_id does not exist'):
+            self._create_radius_accounting(**options)
+            mocked_logger.assert_called_once_with(
+                f'Device object not found with MAC "{options["called_station_id"]}"'
+                f' and organization "{self.default_org.id}".'
+                ' Skipping radius_acc metric writing!'
+            )
diff --git a/runtests.py b/runtests.py
index c3d61100..9155f6d4 100755
--- a/runtests.py
+++ b/runtests.py
@@ -17,4 +17,6 @@
         args.insert(3, 'openwisp_radius')
     else:
         args.insert(2, 'openwisp2')
+    if os.environ.get('MONITORING_INTEGRATION', False):
+        args.extend(['-k', 'openwisp_radius.integrations.monitoring.tests'])
     execute_from_command_line(args)
diff --git a/tests/openwisp2/sample_radius/api/views.py b/tests/openwisp2/sample_radius/api/views.py
index 84a56291..b8efb235 100644
--- a/tests/openwisp2/sample_radius/api/views.py
+++ b/tests/openwisp2/sample_radius/api/views.py
@@ -16,6 +16,7 @@
     PasswordResetConfirmView as BasePasswordResetConfirmView,
 )
 from openwisp_radius.api.views import PasswordResetView as BasePasswordResetView
+from openwisp_radius.api.views import RadiusAccountingView as BaseRadiusAccountingView
 from openwisp_radius.api.views import RegisterView as BaseRegisterView
 from openwisp_radius.api.views import UserAccountingView as BaseUserAccountingView
 from openwisp_radius.api.views import UserRadiusUsageView as BaseUserRadiusUsageView
@@ -93,6 +94,10 @@ class DownloadRadiusBatchPdfView(BaseDownloadRadiusBatchPdfView):
     pass
 
 
+class RadiusAccountingView(BaseRadiusAccountingView):
+    pass
+
+
 authorize = AuthorizeView.as_view()
 postauth = PostAuthView.as_view()
 accounting = AccountingView.as_view()
@@ -110,3 +115,4 @@ class DownloadRadiusBatchPdfView(BaseDownloadRadiusBatchPdfView):
 validate_phone_token = ValidatePhoneTokenView.as_view()
 change_phone_number = ChangePhoneNumberView.as_view()
 download_rad_batch_pdf = DownloadRadiusBatchPdfView.as_view()
+radius_accounting = RadiusAccountingView.as_view()
diff --git a/tests/openwisp2/settings.py b/tests/openwisp2/settings.py
index c4b653f0..6e2a6142 100644
--- a/tests/openwisp2/settings.py
+++ b/tests/openwisp2/settings.py
@@ -24,7 +24,6 @@
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'django.contrib.humanize',
-    'django.contrib.gis',
     # all-auth
     'django.contrib.sites',
     # overrides allauth templates
@@ -36,21 +35,13 @@
     'django_extensions',
     # openwisp2 modules
     'openwisp_users',
-    'openwisp_controller.pki',
-    'openwisp_controller.config',
-    'openwisp_controller.geo',
-    'openwisp_controller.connection',
-    'openwisp_ipam',
-    'openwisp_monitoring.monitoring',
-    'openwisp_monitoring.device',
-    'openwisp_monitoring.check',
-    'nested_admin',
-    'openwisp_notifications',
-    'flat_json_widget',
     'dj_rest_auth',
     'dj_rest_auth.registration',
+    # social login
+    'allauth.socialaccount.providers.facebook',
+    'allauth.socialaccount.providers.google',
+    # openwisp radius
     'openwisp_radius',
-    'openwisp_radius.integrations.monitoring',
     # openwisp2 admin theme
     # (must be loaded here)
     'openwisp_utils.admin_theme',
@@ -59,17 +50,13 @@
     'django.contrib.admin',
     'django.forms',
     # other dependencies
-    'sortedm2m',
-    'reversion',
-    'leaflet',
     'rest_framework',
-    'rest_framework_gis',
     'rest_framework.authtoken',
     'django_filters',
     'private_storage',
     'drf_yasg',
-    'import_export',
-    'channels',
+    'openwisp2.integrations',
+    'djangosaml2',
     # 'debug_toolbar',
 ]
 
@@ -129,7 +116,6 @@
                 'django.contrib.auth.context_processors.auth',
                 'django.contrib.messages.context_processors.messages',
                 'openwisp_utils.admin_theme.context_processor.menu_groups',
-                'openwisp_notifications.context_processors.notification_api_settings',
             ],
         },
     }
@@ -240,7 +226,7 @@
     ),
 }
 
-if TESTING:
+if not TESTING:
     CELERY_BROKER_URL = os.getenv('REDIS_URL', f'redis://{redis_host}/1')
 else:
     OPENWISP_RADIUS_GROUPCHECK_ADMIN = True
@@ -325,36 +311,84 @@
 
 OPENWISP_USERS_AUTH_API = True
 
-TIMESERIES_DATABASE = {
-    'BACKEND': 'openwisp_monitoring.db.backends.influxdb',
-    'USER': 'openwisp',
-    'PASSWORD': 'openwisp',
-    'NAME': 'openwisp2',
-    'HOST': os.getenv('INFLUXDB_HOST', 'localhost'),
-    'PORT': '8086',
-    # UDP writes are disabled by default
-    'OPTIONS': {'udp_writes': False, 'udp_port': 8089},
-}
-EXTENDED_APPS = ['django_x509', 'django_loci']
+if os.environ.get('MONITORING_INTEGRATION', False):
+    INSTALLED_APPS.insert(
+        INSTALLED_APPS.index('django.contrib.sites'),
+        'django.contrib.gis',
+    )
+    INSTALLED_APPS.insert(
+        INSTALLED_APPS.index('openwisp_radius') + 1,
+        'openwisp_radius.integrations.monitoring',
+    )
+    INSTALLED_APPS.insert(
+        INSTALLED_APPS.index('rest_framework.authtoken'), 'rest_framework_gis'
+    )
+    INSTALLED_APPS.append('channels')
+    dj_rest_auth_index = INSTALLED_APPS.index('dj_rest_auth')
+    INSTALLED_APPS = (
+        INSTALLED_APPS[:dj_rest_auth_index]
+        + [
+            'openwisp_controller.pki',
+            'openwisp_controller.config',
+            'openwisp_controller.geo',
+            'openwisp_controller.connection',
+            'openwisp_monitoring.monitoring',
+            'openwisp_monitoring.device',
+            'openwisp_monitoring.check',
+            'nested_admin',
+            'openwisp_notifications',
+            'flat_json_widget',
+            'openwisp_ipam',
+            'sortedm2m',
+            'reversion',
+            'leaflet',
+            'import_export',
+        ]
+        + INSTALLED_APPS[dj_rest_auth_index:]
+    )
+    TEMPLATES[0]['OPTIONS']['context_processors'].append(
+        'openwisp_notifications.context_processors.notification_api_settings'
+    )
 
-ASGI_APPLICATION = 'openwisp2.routing.application'
-if TESTING:
-    CHANNEL_LAYERS = {'default': {'BACKEND': 'channels.layers.InMemoryChannelLayer'}}
-else:
-    CHANNEL_LAYERS = {
-        'default': {
-            'BACKEND': 'channels_redis.core.RedisChannelLayer',
-            'CONFIG': {'hosts': [f'redis://{redis_host}/7']},
-        }
+    TIMESERIES_DATABASE = {
+        'BACKEND': 'openwisp_monitoring.db.backends.influxdb',
+        'USER': 'openwisp',
+        'PASSWORD': 'openwisp',
+        'NAME': 'openwisp2',
+        'HOST': os.getenv('INFLUXDB_HOST', 'localhost'),
+        'PORT': '8086',
     }
+    EXTENDED_APPS = ['django_x509', 'django_loci']
 
+    ASGI_APPLICATION = 'openwisp2.routing.application'
+    if TESTING:
+        CHANNEL_LAYERS = {
+            'default': {'BACKEND': 'channels.layers.InMemoryChannelLayer'}
+        }
+    else:
+        CHANNEL_LAYERS = {
+            'default': {
+                'BACKEND': 'channels_redis.core.RedisChannelLayer',
+                'CONFIG': {'hosts': [f'redis://{redis_host}/7']},
+            }
+        }
+        CACHES = {
+            'default': {
+                'BACKEND': 'django_redis.cache.RedisCache',
+                'LOCATION': 'redis://127.0.0.1:6379/6',
+                'OPTIONS': {
+                    'CLIENT_CLASS': 'django_redis.client.DefaultClient',
+                },
+            }
+        }
+print(INSTALLED_APPS)
 
 if os.environ.get('SAMPLE_APP', False):
     INSTALLED_APPS.remove('openwisp_radius')
     INSTALLED_APPS.remove('openwisp_users')
     INSTALLED_APPS.append('openwisp2.sample_radius')
     INSTALLED_APPS.append('openwisp2.sample_users')
-    # EXTENDED_APPS = ('openwisp_radius', 'openwisp_users')
+    EXTENDED_APPS = ('openwisp_radius', 'openwisp_users')
     AUTH_USER_MODEL = 'sample_users.User'
     OPENWISP_USERS_GROUP_MODEL = 'sample_users.Group'
     OPENWISP_USERS_ORGANIZATION_MODEL = 'sample_users.Organization'
@@ -409,14 +443,3 @@
     pass
 
 FORM_RENDERER = 'django.forms.renderers.TemplatesSetting'
-
-if not TESTING:
-    CACHES = {
-        'default': {
-            'BACKEND': 'django_redis.cache.RedisCache',
-            'LOCATION': 'redis://127.0.0.1:6379/6',
-            'OPTIONS': {
-                'CLIENT_CLASS': 'django_redis.client.DefaultClient',
-            },
-        }
-    }
diff --git a/tests/openwisp2/urls.py b/tests/openwisp2/urls.py
index d42d307e..17fcb728 100644
--- a/tests/openwisp2/urls.py
+++ b/tests/openwisp2/urls.py
@@ -29,8 +29,6 @@
 
 urlpatterns = [
     path('admin/', admin.site.urls),
-    path('', include('openwisp_controller.urls')),
-    path('', include('openwisp_monitoring.urls')),
     path('api/v1/', include('openwisp_utils.api.urls')),
     path('api/v1/', include('openwisp_users.api.urls')),
     path('accounts/', include('openwisp_users.accounts.urls')),
@@ -49,6 +47,12 @@
 
 urlpatterns += staticfiles_urlpatterns()
 
+if os.environ.get('MONITORING_INTEGRATION'):
+    urlpatterns = [
+        path('', include('openwisp_controller.urls')),
+        path('', include('openwisp_monitoring.urls')),
+    ] + urlpatterns
+
 if settings.DEBUG and 'debug_toolbar' in settings.INSTALLED_APPS:
     import debug_toolbar
 

From b550fd6b254bc388c8e0db88b0cbacc9973cac5d Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 15:25:23 +0530
Subject: [PATCH 05/51] [chores] Updated requirements-test.txt

---
 requirements-test.txt | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/requirements-test.txt b/requirements-test.txt
index 0bfcf4a7..5c6b7355 100644
--- a/requirements-test.txt
+++ b/requirements-test.txt
@@ -3,9 +3,13 @@ djangorestframework-simplejwt
 django-cors-headers>=2.5.2
 packaging
 openwisp-sphinx-theme~=1.0.2
-freezegun
+freezegun~=1.1.0
 django-extensions
 openwisp-utils[qa]~=1.1.0
 pylinkvalidator
 lxml~=5.3.0
 cssselect~=1.2.0
+openwisp-monitoring @ https://github.com/openwisp/openwisp-monitoring/tarball/master
+django-redis~=5.2.0
+mock-ssh-server~=0.9.0
+channels_redis~=4.1.0

From 4309d9a6257dcce02cb5db3b311c2afad1b64dc0 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 15:29:24 +0530
Subject: [PATCH 06/51] [ci] Added stylelint and jshint

---
 .github/workflows/ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8d09990d..9034634b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -44,6 +44,7 @@ jobs:
         run: |
           sudo apt update -qq
           sudo apt-get -qq -y install xmlsec1 gettext
+          sudo npm install -g jslint stylelint jshint
           pip install -U pip wheel setuptools
           pip install -U -r requirements-test.txt
           pip install -e .[saml,openvpn_status]

From 8c7fc9e21512a28816f55dca690a178fb8743012 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 16:57:22 +0530
Subject: [PATCH 07/51] [tests] Fixed test suite

---
 .../integrations/monitoring/tests/mixins.py   | 55 ++++++++++++++++++
 .../monitoring/tests/test_admin.py            |  8 ++-
 .../monitoring/tests/test_metrics.py          | 56 ++++++++++---------
 runtests.py                                   |  4 +-
 tests/openwisp2/settings.py                   |  1 -
 5 files changed, 94 insertions(+), 30 deletions(-)
 create mode 100644 openwisp_radius/integrations/monitoring/tests/mixins.py

diff --git a/openwisp_radius/integrations/monitoring/tests/mixins.py b/openwisp_radius/integrations/monitoring/tests/mixins.py
new file mode 100644
index 00000000..bde4352f
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/tests/mixins.py
@@ -0,0 +1,55 @@
+from uuid import uuid4
+
+from openwisp_monitoring.db import timeseries_db
+from openwisp_monitoring.db.backends import TIMESERIES_DB
+from openwisp_monitoring.device.utils import manage_short_retention_policy
+from swapper import load_model
+
+
+class CreateDeviceMonitoringMixin(object):
+    TEST_MAC_ADDRESS = '00:11:22:33:44:55'
+    ORIGINAL_DB = TIMESERIES_DB['NAME']
+    TEST_DB = f'{ORIGINAL_DB}_test'
+
+    @classmethod
+    def setUpClass(cls):
+        # By default timeseries_db.db shall connect to the database
+        # defined in settings when apps are loaded. We don't want that while testing
+        timeseries_db.db_name = cls.TEST_DB
+        del timeseries_db.db
+        del timeseries_db.dbs
+        timeseries_db.create_database()
+        manage_short_retention_policy()
+        super().setUpClass()
+
+    @classmethod
+    def tearDownClass(cls):
+        timeseries_db.drop_database()
+        super().tearDownClass()
+
+    def tearDown(self):
+        timeseries_db.delete_metric_data()
+        super().tearDown()
+
+    @property
+    def device_model(self):
+        return load_model('config', 'Device')
+
+    @property
+    def metric_model(self):
+        return load_model('monitoring', 'Metric')
+
+    def _create_device(self, **kwargs):
+        options = dict(
+            name='default.test.device',
+            organization=self._get_org(),
+            mac_address=self.TEST_MAC_ADDRESS,
+            hardware_id=str(uuid4().hex),
+            model='TP-Link TL-WDR4300 v1',
+            os='LEDE Reboot 17.01-SNAPSHOT r3313-c2999ef',
+        )
+        options.update(kwargs)
+        d = self.device_model(**options)
+        d.full_clean()
+        d.save()
+        return d
diff --git a/openwisp_radius/integrations/monitoring/tests/test_admin.py b/openwisp_radius/integrations/monitoring/tests/test_admin.py
index ed665076..7a87c429 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_admin.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_admin.py
@@ -1,11 +1,13 @@
-from django.test import TestCase
+from django.test import TestCase, tag
 from django.urls import reverse
-from openwisp_controller.config.tests.utils import CreateConfigMixin
 
 from openwisp_users.tests.utils import TestOrganizationMixin
 
+from .mixins import CreateDeviceMonitoringMixin
 
-class TestDeviceAdmin(CreateConfigMixin, TestOrganizationMixin, TestCase):
+
+@tag('radius_monitoring')
+class TestDeviceAdmin(TestOrganizationMixin, CreateDeviceMonitoringMixin, TestCase):
     app_label = 'config'
 
     def setUp(self):
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 0a51f84d..6f7c0f62 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -1,21 +1,21 @@
 from unittest.mock import patch
 
 from django.contrib.contenttypes.models import ContentType
-from openwisp_controller.config.tests.utils import CreateConfigMixin
-from openwisp_monitoring.monitoring.tests import TestMonitoringMixin
+from django.test import tag
 from swapper import load_model
 
 from openwisp_radius.tests import _RADACCT
 from openwisp_radius.tests.mixins import BaseTransactionTestCase
 
-from .. import tasks
+from .mixins import CreateDeviceMonitoringMixin
+
+TASK_PATH = 'openwisp_radius.integrations.monitoring.tasks'
 
 RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
-Metric = load_model('monitoring', 'Metric')
-Device = load_model('config', 'Device')
 
 
-class TestMetrics(TestMonitoringMixin, CreateConfigMixin, BaseTransactionTestCase):
+@tag('radius_monitoring')
+class TestMetrics(CreateDeviceMonitoringMixin, BaseTransactionTestCase):
     def _create_registered_user(self, **kwargs):
         options = {'is_verified': False, 'method': 'mobile_phone'}
         options.update(**kwargs)
@@ -35,7 +35,7 @@ def test_post_save_registered_user(self, *args):
         self._create_org_user(user=user, organization=org2)
         self._create_registered_user(user=user)
         self.assertEqual(
-            Metric.objects.filter(
+            self.metric_model.objects.filter(
                 configuration='user_signups',
                 name='User SignUps',
                 key='user_signups',
@@ -44,18 +44,17 @@ def test_post_save_registered_user(self, *args):
             ).count(),
             1,
         )
-        metric = Metric.objects.filter(key='user_signups').first()
+        metric = self.metric_model.objects.filter(key='user_signups').first()
         points = metric.read()
         # The query performs DISTINCT on the username field,
         # therefore the read() method returns only one point.
         self.assertEqual(len(points), 1)
         # Assert username field is hashed
         self.assertNotEqual(points[0]['user_id'], str(user.id))
-        self.assertEqual(points[0]['user_id'], tasks.sha1_hash(str(user.id)))
 
-    @patch.object(Metric, 'write')
+    @patch('openwisp_monitoring.monitoring.models.Metric.write')
     @patch('logging.Logger.warning')
-    @patch.object(Metric, 'batch_write')
+    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
     def test_post_save_registered_user_edge_cases(
         self, mocked_metric_batch_write, mocked_logger, *args
     ):
@@ -72,7 +71,7 @@ def test_post_save_registered_user_edge_cases(
         self._create_org_user(user=user)
 
         with self.subTest('Test saving an existing RegisteredUser object'):
-            with patch.object(tasks.post_save_registereduser, 'delay') as mocked_task:
+            with patch(f'{TASK_PATH}.post_save_registereduser.delay') as mocked_task:
                 reg_user.is_verified = True
                 reg_user.full_clean()
                 reg_user.save()
@@ -85,7 +84,7 @@ def test_post_save_organization_user(self, *args):
         self._create_registered_user(user=user)
         self._create_org_user(user=user)
         self.assertEqual(
-            Metric.objects.filter(
+            self.metric_model.objects.filter(
                 configuration='user_signups',
                 name='User SignUps',
                 key='user_signups',
@@ -94,16 +93,15 @@ def test_post_save_organization_user(self, *args):
             ).count(),
             1,
         )
-        metric = Metric.objects.filter(key='user_signups').first()
+        metric = self.metric_model.objects.filter(key='user_signups').first()
         points = metric.read()
         self.assertEqual(len(points), 1)
         # Assert username field is hashed
         self.assertNotEqual(points[0]['user_id'], str(user.id))
-        self.assertEqual(points[0]['user_id'], tasks.sha1_hash(str(user.id)))
 
-    @patch.object(Metric, 'batch_write')
+    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
     @patch('logging.Logger.warning')
-    @patch.object(Metric, 'write')
+    @patch('openwisp_monitoring.monitoring.models.Metric.write')
     def test_post_save_organization_user_edge_cases(
         self, mocked_metric_write, mocked_logger, *args
     ):
@@ -120,7 +118,7 @@ def test_post_save_organization_user_edge_cases(
         self._create_registered_user(user=user)
 
         with self.subTest('Test saving an existing RegisteredUser object'):
-            with patch.object(tasks.post_save_organizationuser, 'delay') as mocked_task:
+            with patch(f'{TASK_PATH}.post_save_organizationuser.delay') as mocked_task:
                 org_user.is_admin = True
                 org_user.full_clean()
                 org_user.save()
@@ -147,12 +145,12 @@ def test_post_save_radiusaccounting(self, *args):
 
         self._create_radius_accounting(**options)
         self.assertEqual(
-            Metric.objects.filter(
+            self.metric_model.objects.filter(
                 configuration='radius_acc',
                 name='RADIUS Accounting',
                 key='radius_acc',
                 object_id=str(device.id),
-                content_type=ContentType.objects.get_for_model(Device),
+                content_type=ContentType.objects.get_for_model(self.device_model),
                 extra_tags={
                     'called_station_id': device.mac_address,
                     'calling_station_id': '00:00:00:00:00:00',
@@ -163,16 +161,22 @@ def test_post_save_radiusaccounting(self, *args):
             ).count(),
             1,
         )
-        metric = Metric.objects.filter(configuration='radius_acc').first()
-        chart = metric.chart_set.first()
-        points = chart.read()
+        metric = self.metric_model.objects.filter(configuration='radius_acc').first()
+        traffic_chart = metric.chart_set.get(configuration='radius_traffic')
+        points = traffic_chart.read()
         self.assertEqual(points['traces'][0][0], 'download')
         self.assertEqual(points['traces'][0][1][-1], 8)
         self.assertEqual(points['traces'][1][0], 'upload')
         self.assertEqual(points['traces'][1][1][-1], 9)
         self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
 
-    @patch.object(Metric, 'write')
+        session_chart = metric.chart_set.get(configuration='rad_session')
+        points = session_chart.read()
+        self.assertEqual(points['traces'][0][0], 'mobile_phone')
+        self.assertEqual(points['traces'][0][1][-1], 1)
+        self.assertEqual(points['summary'], {'mobile_phone': 1})
+
+    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
     @patch('logging.Logger.warning')
     def post_save_radiusaccounting_edge_cases(
         self, mocked_logger, mocked_metric_write, *args
@@ -181,7 +185,9 @@ def post_save_radiusaccounting_edge_cases(
         options['called_station_id'] = '00:00:00:00:00:00'
         options['unique_id'] = '117'
         with self.subTest('Test session is not closed'):
-            with patch.object(tasks.post_save_registereduser, 'delay') as mocked_task:
+            with patch.object(
+                f'{TASK_PATH}.post_save_registereduser.delay'
+            ) as mocked_task:
                 rad_acc = self._create_radius_accounting(**options)
                 self.assertEqual(rad_acc.stop_time, None)
             mocked_task.assert_not_called()
diff --git a/runtests.py b/runtests.py
index 9155f6d4..4e689cb0 100755
--- a/runtests.py
+++ b/runtests.py
@@ -18,5 +18,7 @@
     else:
         args.insert(2, 'openwisp2')
     if os.environ.get('MONITORING_INTEGRATION', False):
-        args.extend(['-k', 'openwisp_radius.integrations.monitoring.tests'])
+        args.extend(['--tag', 'radius_monitoring'])
+    else:
+        args.extend(['--exclude-tag', 'radius_monitoring'])
     execute_from_command_line(args)
diff --git a/tests/openwisp2/settings.py b/tests/openwisp2/settings.py
index 6e2a6142..24614a7a 100644
--- a/tests/openwisp2/settings.py
+++ b/tests/openwisp2/settings.py
@@ -381,7 +381,6 @@
                 },
             }
         }
-print(INSTALLED_APPS)
 
 if os.environ.get('SAMPLE_APP', False):
     INSTALLED_APPS.remove('openwisp_radius')

From e35dc2e43784d7bdbb8dc72e98f74e132ae72df7 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 31 Aug 2023 17:08:48 +0530
Subject: [PATCH 08/51] [ci] Updated system dependencies

---
 .github/workflows/ci.yml                      | 14 ++++++++++--
 docker-compose.yml                            | 22 +++++++++++++++++++
 .../monitoring/tests/test_metrics.py          |  8 +++----
 tests/openwisp2/settings.py                   |  3 ++-
 4 files changed, 39 insertions(+), 8 deletions(-)
 create mode 100644 docker-compose.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9034634b..6b5c069a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -43,13 +43,23 @@ jobs:
         id: deps
         run: |
           sudo apt update -qq
-          sudo apt-get -qq -y install xmlsec1 gettext
+          sudo apt-get -qq -y install xmlsec1 gettext \
+              sqlite3 \
+              fping \
+              gdal-bin \
+              libproj-dev \
+              libgeos-dev \
+              libspatialite-dev \
+              spatialite-bin \
+              libsqlite3-mod-spatialite
           sudo npm install -g jslint stylelint jshint
           pip install -U pip wheel setuptools
           pip install -U -r requirements-test.txt
           pip install -e .[saml,openvpn_status]
           pip install ${{ matrix.django-version }}
-          sudo npm install -g jslint
+
+      - name: Start InfluxDB and Redis container
+        run: docker-compose up -d influxdb redis
 
       - name: QA checks
         run: |
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..a7592770
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,22 @@
+version: "3"
+
+services:
+  influxdb:
+    image: influxdb:1.8-alpine
+    volumes:
+      - influxdb-data:/var/lib/influxdb
+    ports:
+      - "8086:8086"
+    environment:
+      INFLUXDB_DB: openwisp2
+      INFLUXDB_USER: openwisp
+      INFLUXDB_USER_PASSWORD: openwisp
+
+  redis:
+    image: redis:alpine
+    ports:
+      - "6379:6379"
+    entrypoint: redis-server --appendonly yes
+
+volumes:
+  influxdb-data: {}
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 6f7c0f62..6d2f5eac 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -81,7 +81,7 @@ def test_post_save_registered_user_edge_cases(
     @patch('logging.Logger.warning')
     def test_post_save_organization_user(self, *args):
         user = self._create_user()
-        self._create_registered_user(user=user)
+        self._create_registered_user(user=user, method='')
         self._create_org_user(user=user)
         self.assertEqual(
             self.metric_model.objects.filter(
@@ -185,9 +185,7 @@ def post_save_radiusaccounting_edge_cases(
         options['called_station_id'] = '00:00:00:00:00:00'
         options['unique_id'] = '117'
         with self.subTest('Test session is not closed'):
-            with patch.object(
-                f'{TASK_PATH}.post_save_registereduser.delay'
-            ) as mocked_task:
+            with patch(f'{TASK_PATH}.post_save_registereduser.delay') as mocked_task:
                 rad_acc = self._create_radius_accounting(**options)
                 self.assertEqual(rad_acc.stop_time, None)
             mocked_task.assert_not_called()
@@ -206,7 +204,7 @@ def post_save_radiusaccounting_edge_cases(
                 ' Skipping radius_acc metric writing!'
             )
 
-        self._create_registered_user(user=user, method='')
+        self._create_registered_user(user=user)
         options['unique_id'] = '119'
         mocked_logger.reset_mock()
 
diff --git a/tests/openwisp2/settings.py b/tests/openwisp2/settings.py
index 24614a7a..ee94e087 100644
--- a/tests/openwisp2/settings.py
+++ b/tests/openwisp2/settings.py
@@ -107,8 +107,8 @@
         'OPTIONS': {
             'loaders': [
                 'django.template.loaders.filesystem.Loader',
-                'django.template.loaders.app_directories.Loader',
                 'openwisp_utils.loaders.DependencyLoader',
+                'django.template.loaders.app_directories.Loader',
             ],
             'context_processors': [
                 'django.template.context_processors.debug',
@@ -381,6 +381,7 @@
                 },
             }
         }
+    DATABASES['default']['ENGINE'] = 'openwisp_utils.db.backends.spatialite'
 
 if os.environ.get('SAMPLE_APP', False):
     INSTALLED_APPS.remove('openwisp_radius')

From b547564e5b6bdb1f1b10b491c3f5bbc9684396fd Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 8 Sep 2023 12:39:25 +0530
Subject: [PATCH 09/51] [tests] Fixed coverage

---
 .../integrations/monitoring/tests/mixins.py   | 29 +++++++++++++++++++
 .../monitoring/tests/test_metrics.py          |  8 +++--
 2 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tests/mixins.py b/openwisp_radius/integrations/monitoring/tests/mixins.py
index bde4352f..38b557a1 100644
--- a/openwisp_radius/integrations/monitoring/tests/mixins.py
+++ b/openwisp_radius/integrations/monitoring/tests/mixins.py
@@ -39,6 +39,14 @@ def device_model(self):
     def metric_model(self):
         return load_model('monitoring', 'Metric')
 
+    @property
+    def location_model(self):
+        return load_model('geo', 'Location')
+
+    @property
+    def object_location_model(self):
+        return load_model('geo', 'DeviceLocation')
+
     def _create_device(self, **kwargs):
         options = dict(
             name='default.test.device',
@@ -53,3 +61,24 @@ def _create_device(self, **kwargs):
         d.full_clean()
         d.save()
         return d
+
+    def _create_location(self, **kwargs):
+        options = dict(
+            name='test-location',
+            address='Via del Corso, Roma, Italia',
+            geometry='SRID=4326;POINT (12.512124 41.898903)',
+            type='outdoor',
+        )
+        options.update(kwargs)
+        location = self.location_model(**options)
+        location.full_clean()
+        location.save()
+        return location
+
+    def _create_device_location(self, **kwargs):
+        options = dict()
+        options.update(kwargs)
+        device_location = self.object_location_model(**options)
+        device_location.full_clean()
+        device_location.save()
+        return device_location
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 6d2f5eac..b377386f 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -130,6 +130,10 @@ def test_post_save_radiusaccounting(self, *args):
         user = self._create_user()
         reg_user = self._create_registered_user(user=user)
         device = self._create_device()
+        device_loc = self._create_device_location(
+            content_object=device,
+            location=self._create_location(organization=device.organization),
+        )
         options = _RADACCT.copy()
         options.update(
             {
@@ -154,7 +158,7 @@ def test_post_save_radiusaccounting(self, *args):
                 extra_tags={
                     'called_station_id': device.mac_address,
                     'calling_station_id': '00:00:00:00:00:00',
-                    'location_id': None,
+                    'location_id': str(device_loc.location.id),
                     'method': reg_user.method,
                     'organization_id': str(self.default_org.id),
                 },
@@ -178,7 +182,7 @@ def test_post_save_radiusaccounting(self, *args):
 
     @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
     @patch('logging.Logger.warning')
-    def post_save_radiusaccounting_edge_cases(
+    def test_post_save_radiusaccounting_edge_cases(
         self, mocked_logger, mocked_metric_write, *args
     ):
         options = _RADACCT.copy()

From ff35bddf1dd3fad3e6372d3cdbd39a82e1ed384c Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 8 Sep 2023 14:03:21 +0530
Subject: [PATCH 10/51] [docs] Added documentation

---
 docs/images/radius-traffic-chart.png          |  Bin 0 -> 37261 bytes
 docs/images/total-user-registration-chart.png |  Bin 0 -> 48856 bytes
 docs/images/unique-radius-session-chart.png   |  Bin 0 -> 50526 bytes
 docs/images/user-registration-chart.png       |  Bin 0 -> 50480 bytes
 docs/index.rst                                |    1 +
 docs/source/index.rst                         |   70 ++
 docs/source/user/settings.rst                 | 1046 +++++++++++++++++
 docs/user/radius_monitoring.rst               |   78 ++
 docs/user/settings.rst                        |    2 +
 9 files changed, 1197 insertions(+)
 create mode 100644 docs/images/radius-traffic-chart.png
 create mode 100644 docs/images/total-user-registration-chart.png
 create mode 100644 docs/images/unique-radius-session-chart.png
 create mode 100644 docs/images/user-registration-chart.png
 create mode 100644 docs/source/index.rst
 create mode 100644 docs/source/user/settings.rst
 create mode 100644 docs/user/radius_monitoring.rst

diff --git a/docs/images/radius-traffic-chart.png b/docs/images/radius-traffic-chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..854fc70dee1062c6956bb1edf49c05d10a548f27
GIT binary patch
literal 37261
zcmdSBcT`hd_bwVNfFNL@NLK-A0!r^yKza`n2q?WH9RdM-rAU`1(mRAMy%$BgbdpF1
zk(SVV=kDnH{mvcZo^j9l>y$MZgO#xN+H21>*PPEY=Ujwpsw<KZ(GY<^AQGjQFSJ3R
z8(AO_-WDM~@J&SNk5u5-4OdwuT|%Jw5}JPiK2y8NzjD)YvUKx&<6;4_a&&UA;Bqx{
zv9NG-wRUpby51%UT*QmJNY2ILjhl^=<3n8=2Mdsbi;ejk?}yKXAL>}Vb+d3VwQzaJ
z`;3?G;j`zW0?$PGgdb|ErO0g4gFp{KN-tz|y;9d_e2n5PF0Xcu0wO*z^*o}`s3&Sf
zsN|<CEQ|E_P5;>XL|;8nZg{c2z467M$)L0b>u6zkGSjE%cxlg9XMJXqmtAJb5cgIq
zXPlh>>viQ1cueyV9T#V2AZls)*TK}m=)Ij)nWIjlql=w%pV!L+?$Em4XSd~m`2#J0
z>gGw~-!ABeq%7Ott{43y^1r?2s5>~h0nJ#E@aErMIaA=ZKfM6-U0J+8y>=`iAW~eL
zcMsJ3+uIiXUp3sjfsu9(;L#KgzR*8&pg5sUzCs_>*gD17r*&bFK{^7*y1|sq3E6s0
z#OCgSJ);uFb<<awmbZ!aly50U(T()Rv0BtXSd=Kk<<rDG!O;v7%`V~~&^a|u5M1(K
zAri+a<QomEtC7zleGUaA`1rp!)vRlb&})?HeOq+G2E`mO+O5!%t?kt0aXTz;KVV^I
zvFn507pU}sU+h-@j+ubyek`G)nko1_44Er~ll~)T9vXpc&+2fSDm4=j&R>>PsliNy
z@NfP0YH4^KhJQn4@-)B9husi;xg#(@qiZ)O(!Y;Y1o!zK^`D;oeqc3~WK??kI!SUO
zy);!PPy6fv%k2l*v`!g_TP-~IAi`nQtnNvar32%2-tyX-pG|#OZGL|bO%@afFB2c_
zN3B~l9wl*w!CyxiKcF6&R`f*Lqn+PrUp8v?M<0&IcNbub1``X*fthy(DT|~bY@$_>
z6bl|p78d=MJH8-2P0dVtF^|>pLLK+kqZ!XRc2QA?zOi?nsi~>BpFJQriob$8z9X@1
zU!q)88|^sKzh%w_`vp&ao{N!l`(S#1`f5JC=2&T_sj@iT;1tn?B=r@4R9}!U{#;A{
zGmA*Bj(3vsg?V1O4~Kr0v5)S3Q6%jAazJ??=68=S=1`j@x=@Pl1C6A7bW~^zoks%Q
z0BXhV)7p;O)kwrj#(1?K1JQgRneE6Jk6mx?tH=~#109&+%L3Q<T95b31AV%ij4Rfb
zSEo^WMb$T551J10Xr67tBwP$jM1{lRYc5>#n)&s`_A<s(;(TEF3Z6lp$oAY9?rZC5
zBa$S=oqK5KmcjM0GW#Y|r$#7W_r7!OQt9}zoCnEgNj<(U-C!xXVEzr^gPtEhbS*9O
zRSY#XKZ<&+Bffo;RT?eSDX6v_pkZNQVP|LWT@(OxHyXErtl57&r+Jp!g}Bu(Swr$k
z^g9c?_Xoy6;)7e8h`<c8!sppGAIj8-##%H=kc!1F0&idg&$`Oeu%q!*>4@K-;mT7V
z^S?beqtF|26#M?f_V;j6Yj5(~#b;bzrxsi=5&7%0sYPEI2**p-IOAQ|UNBin6j~{O
z)8-!02nlM@Go%(QUH!~d;)&F^--x<tSZxk}XWBh9YR7lKSWzO9F0Q0LF?~Ek@>Tx9
zA_KC1J0HDTtKJLyz4qHud|sX(?QUPyzx?s3fT9RRMvR`eZ0?c5dwNOVpDY2GpA|WN
zhgBJciqQ;2L`2$3N}(QGv!$u2bV`Hm9OB|eEwF=Kh#ClVOpLP`*L2@>DYqPqSmx1l
zeB=_Abyi~HcQ}0!89@?5$~9KbXi`WQ!c4KMQFmEq%mB*(OQt-nTJJkG1@ygVxK89|
zC5Ni>MV!EfkPbh0*;-D-4=JVb_CvcG?yY)zjJKcdWRhy0Baim@_SybR&lJBF>nhYz
zBr;x<T|;8>Xe6R3uEueY5?&3j#5Z|;Lr?B!iIus|hioy_sZhuhOqW=fN;i{varq*(
z)$kkAtygxF(9f}~>Ztf0Z3A1kr_(K9C-`>5XeF^ZaU`-`>;6HHL~mFz#-4L{Id99Z
zm+CBD@2NqynZWU6FKi#hEPqp9GXJ5D3MH2grp#z5A%u;CTMIoaD$iGxe~A=>SL*tJ
zbFH;(^IHdaVkf(8w|hd9MFb3-^&ZWlgxqI1rL6mO(EYU@L11_stKrLtdkSi(xFZ%$
z?s_}{!Eb{%qt|vyos$KPC!0Moc1>BajO7vf_A>dOn(M$=Pb<!XpWG^L8YHcLVGJz-
zT3WG{p9WDajLRaPyR-I@enakU-g}$qRedx5rMyIes%<ssk#^LR^Aih+(Y9T@PJ){A
z7K>A62}AGB*gT)?vX+*vljaZbvqQZr|L!Py0n_h<@-I@!T14GeGw(7f^f=aGk9QW4
zaGbK2;(2yo2R#H)IGP{`uIgodp7z4rP)}R7+XccTD#1e%HJVsr=1yo1)ymKa-{Rxk
z`4<CT4rP~;d`gx|-gYKvv%NaR?*cTo*UD-QS@6VeJBk0oX7Egz^GMpcVArkQsPctE
zy>Din<6QQDl_|fiZnkL%*;xC$QC?ZUyHDLRUMS52Tl6~#5e7Exutw9*_#u=w$ZwsH
z*0!D{pIeLht1(S+6#6FJn^NeWP3^(3I)STjBLlk<xcQnCm~X2|sW;*JyOOo=gZWhQ
z4V%Q0Bn^ooE5~U4-o_x9y<c!@T<yBDp|Ji?-eqQM-E4vW%5(vBhwT1FNIACRh*Z?`
zR}V5<q};CeYros#^=J&TpukqvJWAWx+hC7RSx>6Tqm@rTnyW89SbdytNV3T4lGC^V
z#WVii-^h?!y$E*2zL&_(vp^$p@*SQmBCaY@7=Ex@a1(jfXdbDim0B1d@hmb$5;`=U
zmTNsFIpBZl&ecmaR=-AuK~gawbI_i;s8RHRy@lGX`;22!mtJxA{>iHkCBtkv{Xk01
zelBj4N-tqkdS5U!BDE}4$Szg5;<ZFjGryK7ASFlReFTRstgSV&Y!Yz!FIluS*C5hK
zSLj7tzFUwW(j|O29zT{{T3R~A6qi>!Ox0qxI=j*}^fl5%^OzK)_}BRHK*RT*-6H}8
zNG}Q_;yZ0bDWv56{b9aK)(J0Ij>yKg7+@w&@Xv)YWGw80+_I?cJM6+QDrU@z72Dii
z)+-G)4{KeIGqs4R+M1uYFFiBMZxwyWBJ}noxk}Jy>BFNY^(AvmPMyAWG|aZ^_&ZHB
z$8aOhVK2(2r0XD#T>J%kUt^?MEv06qtZ-1ilZS;_c7(DQ*7#Dea4j5ATqN<(Cyd6P
zzV+pO8wmN7;`@+Gqs6W#cII2*sw+gBh19ML@f$TqHRnhX$botZKB>~^hXp40jo~6!
z4y*bqukhVpPq2(bv$`kZEbKDf2UvN|YE0ClWXhCcXp%fHtJ(<D{g9rgHrtsm<gsdS
zZC@jAOwP}9)jaxyd-)n8)iHx^cH5Z`)`mC}T&tyNw1-Z0yzOeN-P28-(o3ldj-1nr
zWt3>9d&`<kAX)M$imO4G5%V`R=P47gH%3cs-m4a(F(Uf?d`G>a-hod^g>3En_Fk)x
zGr4Y#1@`o9?B0oNy3(3?kcbE@3R;b8#Ek1}*vi22iJTaU5!(+sJKc2&lvrY*33v1j
zWV{0>@l`&3e$@$mt!uInYyt7(m(?+b>GE-)sZ<zfc=mc(YhKGIGdz%Non_CCjnBx~
zs!U5tDm;%n;gB*cWAs1QigoLx&}V!4R8>n$%l*`)TO1^viNlZ&hv{Yt(oVF$eWw}A
zV`jGu>|)7d<8sZYq*J20?eVl_5$Sn^&-Hn))?=9*@!dAD^c!~ylPb$0KFYLzyt!!;
z-Atpl{PR)rPDo)gs>yP|MtR0ee|n&U0~<Ds&<ahKl2YsE%eR)6+l)m8u9?&r#5#_K
z6L)iP!oyKc1LMmF?33qfyq%;eB~%R5<$;G(s}J~I@U1+t>ASpLIu)NaVB#=*&V#a*
zF{)%ZnQ>EFWq7<~#lfYaTo3<XN<VlI&de_QT&n_7EMeeL=u=Ym;7(TjK>vP0p2v)r
zUN-&}vjUSpp9)iP6h#{1YlU_nYk18=^AZK)7zAELX!3K`ook&+K~0A?(M;emg#+hX
z*r#%e)~~#h1vmOWb?N3ueti>$)nalZj?&bvH|OMZ4-Wt8IR2CT(cQ4J20yTM1paxo
zE>;SHK=Zl8dp7EVQ=pY9VRcyhI8sY=T~n1sI73#<jzD?CgBjj43zn&l!H^FJ!mi7z
zX|?xRHD0<z`O=8G0e~cRVHSYDJQGyFZj=K+zI3L@UQS8W9hMg;V=DF+S}||5Ek{no
z;*dFSv9cG-3GgrmDTC<g7({)~9h)KEnKRpEc^FjsEu&hBYg6n%to;Opmq&i?@a1SA
zGdkvl0alPx<$1D;UWEP9U~a!SU{mDy5^5#oP+7fH7u!5al~il-dX<5S{BZL4{<cS|
zw>r8w-~99%sHU)4!5j%VIftdgI2E=AXk20%Wyz5|20EtzwuXBw<&_UN3xRECiQixj
zx^zj{F15fR@pW#sWrmQtx=siOyKFDn04iJpyqZJ84%_U|o|x>m-bP>r_BJa9@BEln
z<hv3#gkILj7G6OR@i#q^%ucO;fA598b}?<q@lYO2jUmrR^g!ka9k*_O4huI=;D!&f
zD7{H68;PT9fb6ataj`3pSDR?)yKMEFKc}*}=y$C_^orFL=l<X}_-0;6VVTTihRN_-
z%m4k`yvAwHSYBR!vc@hkia}yBR~Zjv9g6dVg!~Ki7Po5qA?vrF4^|a#yA_U0s?u}+
zY<QUhwnBV4GH(%aT|cqW?Upll{6UyAe;9UV!$?AykShuMU3;~P4%fHt-87frMY!aK
zI%H@IQN1K(Un&fV*Y;tgHmojtXi)ck{4$txDqR(B$dKK7o%<feXF2mvP%8%yr5XkO
z1hE1Vg^<9P9HWC4oYnG5$$}zlz8}q^hUZfX>=Z2XFRR7m=0t<p8c^Q7Q?06u8*2z>
zoo?`D6ASx`3OQCgR4%-6u|?HkFabYM^nDawon#S#pRrJ3g<FyD=09ff;@*w1tQv`f
z<kl;P0+9W|GuV3l{wyQs7Q=%H#k%Pugkyt7<r3rgvOxbn%BLL5-c5ILfohCf$nKcx
zFJaVs^|a9P&XRD>H`87^D%6*ULuoV;ODRJ&=b9fBBrh`a^`bu#$K;ice}AJHD?9%6
z-eY<m_p&8qyIm{%?DT#ecUqIKzmwu=6lO$gbN?pj;m0q}L_nZ-PXx8ziz&@HD(e^z
z9FEyQGHmp9wPWvbA1?qK$!<fi$)z$%Oe$Usvo`v1)Uh5~=f*Ky)VV^{R%>BD()iCE
zlF#Rvv%WU9{r=^%LNByx;gGh5`Cnp^RT|-xz^ds~I?{T?h%FvO>6^F~dN>ZmW2MH*
zN_hAZ3IJ-T@RBHQ<8AUM|1YvByS7`ox&<X3?A4dg${luON>AOAv`4YrrVcfql!@Y4
zbhVFOkVJfPaZ#q2Dv!q3y+Z3aS4dD$v9mk9_Y-ohz1){yYQ^bwJ$teszbZ;@LUjIP
zNeUGP&1a&oywpzPS|CZ|i8hB$^_Hb>xnNq}XRxqqIe+z@Z0>bm@U-iqbl@Q!Y3KYk
zLzXp-7|H2d=MHaCi4Ci&S*d6BV90(a6`pu9F6nUDx;#DhxHRJ^ck_4=AK5@>i(`K+
z8%tLG34po(@k2EsqtxI1iueF0<iEcC{<NabraG!oAE0H4>&eesqq9pIlrPY{c{f>Y
zP!38+JUKVjz#p}ArB}>q%eh`GN6~t_A762uqG=?AOp@ctv%dWpP(JyUX-`y`%7G3z
zNV4TS8mTUntG1n`;d&({%M(R5vV1^YS*tP1btUlP`Zqg?*13a55BXqilmi$w5SO4i
zVdTPVXw&2$Z$H>MC}k3tpJoNKopjX^5UxIyvHL)sMJ)s`>;A+w{yu7_aid6Bo*;q4
z?#ME)WJqWIGl2k$aja~-Z#Oy1mT}36#(>`8_n1ZwZdnc<O%zH%d4e_@Z>+q~6IzOR
zuETHE(GPj%U&e5?Ndp~|0*`#n>zk;OXXo5Ar{;y;Z&cCF&R3()R@<Y(RwNSfI~Xy_
z7rrzwL|ZGt6bF14wbVYSjZ-YJL$(KLF`6DN3j0KH2Y`~~Cica~=eB;0&GV1_6-H${
z(i}8e%EbR{x~zj5;51S%Zr$g;^Q1Eh`Gd9=>)CHSw#9D{hu_)b!7s<IGG-o`Q9^CT
zUAYZQgF_n?qG>+n{@&&<^*>YVq-5qCjLA9R6l5!v);{Blr1`3=GyXHhtv?K%u$w4k
zkuD0>e=(U*<sL-oP{nx?`iKf@-U2YVu&5}H2Dx<Rpjr|=?O4~yQoz-_pUNvLR<VhI
zGW8zfJUd99q)lV1+AzOP@@EP9s$RAB<AYA<b7P(#$%q&MNqNP{v=Vk3;)LA=Q~I8y
zvZK>(wuQ3p{eK)PDB%^ddx9ZshXr!{dxaU;;=B|KG3Y~q4P&dyh}06BjDeAV$P(F0
z{Zq9)rziw00~JuDnau3<(NCariv4pcI+)8)Sgy;LmkY~B2TcR9e*!I9bC2Q<emR&W
zOs{F<8GOK3%_tRW;vUN$=Yo8!)dnkm$ZqVm8{aobc6N;vh&NSS?L2|joL`lWoVv3^
z5=}S^-+ngrk43OoJ+YhYAx<T5)lfUxqw9n>%4XP~8WE!?g`@9I>AZLH*X6TS-3q7K
z%bc}uQze$11m3+_6_rWYdBLy5m!6{SEmZ$X&3jWRY0fZTL(&ML*XhA74!*9ahK%!M
z6+5~gS7LSflndq*sXgljCGKNUDM+UgxX>DCK9O~O(7}H!q=BjF*WO1JkxSJ5;C3~S
zz>i8Q6WV&<924Vm;GCnNL8O6-8=~kvKcvZf`Xm0E564N@*?xq3&?jG=A{`HbFP9M6
z`vQAI(Hyoryzt$_6o_eJ_ODpC{xLF}u3?oB*U-?=$wqg(_oPXmy%ywu<ADg7pL9IC
zZ9;_yMAmME6%~34xUWsi$6`td65``^C6sX({%>f|>y?bmJCF6BT2{8k39GBtQ17LL
zu+WC@VQ0Xdcm4ze+f}0IM6%;pHTob8zuG!YwN?hx46YM_hB^LQB=MiWK|J7b*BJk=
z3PS=j{y#EES{7MO3~Jt3pQxIwbx2W97iX`UC<zR_0fe7U8lU0<rXUD~EZdD{|I59M
zzTV!#*~{e=C-b@~0rQ?ajNm^}Uumo<@9mCl_q*+RB}NU}H*ek~*|e&ga$o;hA-b_K
zS)&6iB&}Zm_Cf~*BjX&R_0Oo);D|uk@Q;a!`c9w6Us+gKi25GC%{e8d;qNhX|8vDK
z<c@5Xe8XCP3i<u}i_@>fH)5lC5)BxW6~=A0a>OH_9X5Inuc<IAP1QQ+fWe=pYW_r?
z1NI2Bh9Bz=&_qT?>eV^UaM13}V8oQ?Y~yTRA9w^RyE}9`x{pL}(l_h#D2;B;G(l}~
z>I(vG5@+7Q1WI0J*uc)(Pbgi-Ns^m>JChI{LiM&=o_7f~P79Y@(;*1z$ud@GRek*O
z&(ktRZmJV5eJRR)YV6tCAU$?=-1y))g)M=tk8Q`D`p>x45Sdo)cGr^1Pf5tHzp$cz
zz65C+&PN2ss-gITCU?73;f-5?B^!$Z9$iic+dbT^+_(Q+m5BuA)R&E?Po_8hCFP)4
zM8aZbM`!@H#&as{*XoC?+04<%keoSZ$sVC24Ph?K&CNY+2)EBS)2AP@tWt_qR#9p2
z`!f>a5%2D3#^`m{K%&iZ6UmV_7$1jsqaV^KOmMvxqYuRnj<~M;Zuh@IAf}(VHJl|^
zCFQBt&6hF|oBQR<vogj%gV3<OMFnz*Wv#<m%}X7>^lpCSaJ~Nbb&fSbL7Gj~$7>Ui
zR4|(o$B*Mgu>YKiK6Frd>F*V-l)_^>*^a|b89hi7${)jlQd8zpYvtIC;}$>fq;lfF
z14+*ZYQ|=lwVLdewa%d}{@$ATsXZx*;BUW8{=ZTU#E3O7(76d<SV-xFGpnqII5;?z
z6HWXY%2j~1ktWtRHs%JjIrCwc0q8Q~4v}<~h|BK}lw6SCqlW`RbJm#gLdhaRU|6n+
z!8EZNo3SSp6coMYylcDtJm_4dIA17b0P#aWOJDOQ8MW4;XwGHcyvgF_<D*3$wZFUW
zK3Q2+bueL-!7eV|{PoOks<t$kgcgN>03!}p0tRrkYDltpR`9l5ljjy#RW%}*jB&H0
z4`f96h&%wF{pr*3u1H#m#vvf5AXsGb;>8V|L6asvnzSn~L?C+1&J5f9T2SRCz>e{p
zaZkK=@18iA7^DxRP-s|y7gbVH8jR$beOo+)r=w4=ubX!Gs7uCOGs%a5VejK$x<v8D
zR9%xH2Tp43WOrn5eknDq<6vTv0~hPvy?a+#T^%*#f9YzHh-3?XQ}63gDsUW!K(Ivu
z^rN9-!LRQ0J8gH3uyrb(fa8w|v~Yf?LgN_$g9HReQ(EC-LpQJWHM(Qt0d%*!>(crC
zyY=@EcQJEqZRP#fK$#Qbhd<52K79C?j$J`5_FJGhW#Zh_zjAK~J)myvLp0rf(PI3Q
zM+wsCR#;hCNu$dX5X=-vq)9+Z_m=t}2#`NW;M6a&LziJDYl_J@<?K+<f_=?S4*F;A
zNP{3YWiSc93$Qrzu3{eR!?g}mMRj|-yZhz-7b+U!JAspRPFsMOLE9!-m23K4iIb+7
z@@qlGrR%3jF^hhno0$`LWp5&YP}BHS>)VBI3R|v+>k~w`ZrQl`OUFL8Sc=5EHku_D
zvOnvy<!$dD{Kk5=**g+rSMh59`+W_s63X^OVBKpxw~P}K64-%-kP9JokBSF@l%xcr
zFa=#&CW(0MYJr+uktuRIBx6glp*D0NQ09`T*LLQt{}nv3cB}PFolNTdOEd?drfM>T
z6q${MUuF-fDX`;mH#awOUHtZ^8(b~wrX=(rIiFRZB$k)f;0x~<wKM8Lqg#BAP(V&)
z!`^L=j9^Obq8i0tuYR^jk-=e<w@I=6&Cj3|+_KxpxhcV5{e)E`eH?=<2J{tx;|H}|
zuf9kF_SkOwQdUmR{cNL7sE88KRkuJ*JdP3J?1jl<`urPddLO>If!m(7x=ICH1M#Q4
z>GGpslWkIyijk8E8>WurJ*;Px#`7y_ZZ--bV?11y)JPYfK=_qZEK>`nsD1tVm57wI
zb^rZ>0H7(Sn@wA~U~qm<&r7J^$x<u#Ef9C;9gcuVzE+g*q8;$4$-X+KBoK&7XyhgO
z1yfqa1mP=SKcGm2rsn~RKTs;!q}p;&<ELG4@x&~|RCj&$T>+1lw|9f&`L>*=O6N^;
zD=WL1Mt9_+*KK|mZv9+!Z2bJ=-3c|4CnqPcl{8QDs)?d0kB!MZpUsADPkFomTEZ*{
zp5zaZbpO{O`x`~W!<q*eWPih(-%Uu?E;dwX=F2qQZcOdhu16QsJswx>EwIAsc&(uH
zFD^^U7srdy$f>iVEi|C|{La5#FoKaT6jW4pfP;&~_^b{;N(3p#k}^t`EcGXH^72-G
zJtHP1MSZx-M59Lx;{UV3LFcjZOUVWmkhv7mVk1j;{*o}H4X_KdxeO{_5RftK|Gebo
z<&BSt89}t7P5fJ8<KiU1Dk?fgMkSH7LNK=s6aNeMoYNYIsZThI1_0^+Fo%?sNs6F@
zwy|-#tgP&KxrtOHy%-8@fhSEb^_->-pM3aUU`UAF_IzK8j_*#eA)GX+kxl=(`y`JL
zDW^90h*W&}kq8~B!$f80j5c0oFV2BJ2wvE&sX>8Q(}{<Uf%i_x@b^>x0mOnR=;%tc
zauiO!6nzTE-rF{5mK-V;B^b+B)5(y8r$#!?_U=Vy-r~@#SDDi5!kc+rFLJMFcd*|M
zRiXufB>TXxy+XR)Wnd^9$x#%e6`I}x&s{2%&E9HMuccvJfw7y^J(!x|dA)C)CgB4%
zthHaL!ONV$0Rcqgfj1J3f?QAa;vQ5{Q**x+I}Pj+?8ebjq6y|~tIbK5tL?axXS~j7
zPT?TvO4#SHWH42PDZKM>)x<j11#}#vL}6mn!miY<`rMW&<dj-bVAgs%S;0D4on!Pp
zMd9h-xS9nor?!<_!$|$y9B4Qdh`?mt?C<X%i(yg}uWbW7jNmC4BXu@0Bn~F<WfBn3
zTU%R0PU%D4kta<_c-9Av#nML)XqoW`j)Mr(Mu67`YypTw7Vubj^Ifz~x&`WKskDyM
zr_Hi5rv)~-gX}-^TFRr=sJc8i>D^B6DGiS35Rh&^`I(`xDnb{f?48&BpIQL?kkE#P
z25!7~X7~Y8A2XcwzR`1Q79m=+6^MWQS*k@69_hLub-vKB9YO=D<_4U^9gwM+88Sza
zY$Z6QPBJ6&YIQE3Q}@YAe6jFFW+;W&xQxXneKqgvV*t<5K)9PrN=j4#%T%U#SmSqb
zs&E9~?PaB)q+E^>O`ZbYf4_rF3Za%F2$++^Zyg;xGq(W8LWOh2rQ;M`kDzbpw6jDJ
zk#t1*g+sO#QyaWVs<vanCMs%o>FA6+_eU1?VT^``G2h%EpF}sbDjWSB_GvKU=1c`{
zr{VrrXLF~3(=D!h|Ia^eXsBnJ$#(!dNx3fnpw7$B2i{hW_qLp~vonp9UvqYLwl9=s
z{vXdX&~Tr8;diTUN#|dI+B!N3DJh)2B5-Veilerw>dch-;wWJ23UC|0W~ZU89(nY^
zw3=;oQgoxO=x2Tzhg*4o&ulDn%lU3U2iE}<!L9`OX;ie-<<EIPkER)xfY{uyFe2dj
zg0Pt?01~@nQKedNJkVQ3TiYVQW$3iD_+R-=Y<SGTk7guGh!EjGImA3)v3_|OKsr|l
zlLhQhe=tT#kvk^qni}tD_1L%~3y}^%0%k>__6#pRW1_{UPEpZ3P1IePR>;v_ckXaw
z>ON35!EFQBG#nuBKJ)~v%0Lodffk&Aga!a5PrOSgGl>AG(9Q%dd6h-M3Fh~fnwXe~
z^y`REO)bHex3%^PRD<6~YzeTnJMKtW4?hHe_(;P}CvBqdxj~S1Q=v)PVU+0NWdrrz
zM`m_TP8A>-=h_4Y>OBCi7DV~=+3o*0oO#(}>UWd)Bs6Y*X(c2_O~`_mZzk<93!{R4
z$6);jA=6^3t0S?gSXVkRj|jVOWH-KH`B+&MP5e&sfJ`nq4NcLz>jbtxzq}!t)p(d1
zF1<iD6eKksuve5GVprY*);EFIRP8i0`adWf(jH^8NNQ}Xc1N>c<o}x6q(2Y3h)rb*
zl{)!-zwDM53Gl+1N>9{N5ux{48wDFrf^9-=s!5Ygp_6{LbjXb^$|F+alVEl(E;Yc=
zIG2;Xy;VnTSR;2!v@i;{*H;7YMJ%>*6PJD-upA>`^v&Ge-Nn?Jbw>d(Oce(i$vCgi
z^K{WRnG4m7ym60Zb{}J((TrJGEDC7ES;POA7rqgd5^-f6iI4Tsu}U&W)H%xv(UACe
z{3b&ON{xet8b*6;cO~neoQJfDQ!&E#wQ?vocsMy-Z)Fyh7}lvbd2HAYx8itK@6pP&
zOK0e*9Eor_`;cNpn7c;jN~NCPcOk4%6&h6k{*N}rRANZYs=j}4(&gah2E$;DM8w3%
zGN>5KlP4UKlCyw~XK?=Ab2lO0YcnbrfOg<wq}kc^VK2ivM?JtDOjg_E%(nQP*~goj
zb+BeO+`-l4wCw=UrZ6)z6D9`W!GA5c?<<Oj^b#;#U<{znWv0o~X|y$8H7OhLol4;a
z4F|`jK{iQ+o2MG@Bi}2Jz5#NS@X&rs!12vs3Fc!ZPgj{XW}50?XMh5tlK8Cl!%fb=
zh3Mg3hT>|3ygG3*pPzqS$7liuFW-~aJNX@_K~7IUlWCSA?3^tVO~AdJadln*0C~+8
zdPc@_pbA0|<}U%;|JZ376X9ETM$WEk@;O%b(F%EzU)OUr{?Vnwz@(y^r+7x=rw3TT
z9SYVlZoL(D``r^Gx&dq^x08m2sIdYKq17E}l^29JGm(`O_Pi+rt=!iMUmditJ4M9C
z-iua$Ba2-E?mFIHz&|*-Jln$he*7^wh+4_;pPj!8BMr%si7vMZtkCa>xH#3?K!QEo
zH4So(Zq9!zLaEttqzs_uGlaHrLjg9xlY^5}2f*<{Z@2jX0}M$cp%rA4kbnZYPGHr>
zzP#z+2Xfvfi8pUVOgXhd0kW||JDuvHoB6hsA8Jr=;X;q1=#l{x*{)A3ksCUV4FP8X
zDC=LNY|&5YF!5_SO<W>3k}gckxr*VwH5b4j3X02HCu>F`=S(PgZ3=Cw>4;oxw(@lv
zQ9n0kzuH}FhDAiUl`~?5-7)dA-YfJ8329^)&&}z=wXuS;FC61I(dbRI`L_u=%^I~p
zA&{aWsVgH1pF>?Eqf}s5TvHrMmw@8tIj(Xdns2?qdr;<x&3z0ttT3eXRD?fUB0L}j
z$~MX;(OnB}b*GfYX++2@b)WbWqQn%>My$ZNMb)D*T|EA17+T47?+E?C!nVam^PtvX
z#Vs<X(0Eh5VaYQw9FU-eIsdt1Z>;OS?ErwHTwGkL?I(Bv5Gmm051`8Piph>^e1RO(
znJZS8dZ<Dbekaoo9{z`#@ROxP9JU4sFyQb6VEfj9G63L50HUQ8v-~4zF$T_M++05b
z$9b8$)x8IVw>#dROhW7kZwS$vtSK|8NF`5l>UtaqLN+JWjqYDE@$>5*O}j?hExP(U
z7jM}Z>?;i4NYo;ILfu$w8kapopWrrR=m-u&eP{GjIF=)M_qx79BeY9vDdjPF3DE(+
zpC)3xmAhE$d?A^Qoqgml$@}r+hr$6srvo(^C<7kF>#bdR7FNC=Fa=4zodvFd`h8}U
z^nC?@)?~qf78_pBuu)@?CNxqO01z($QiAl?FF`wwY3OD@GtkYK={njZ02D09I)QES
z^@Xek4i5z1rv5d3{EMXS)Yl19LI(vGNc8q-#ZUYCb%`^Fbd0R)lo^Hx5NFv_hu754
z<IljB3Vy}DYZLL@OjUiNlM}Mw4-kS=fD?`(TDzke%f~#n=ViDc)rha2<-0Z8+uMyy
znE;&w&)Msg%nC)8jY;O1roj-K&<4!GH$SD(aGq8KKn0IZfrwFwqiCLE7dsC9lq!di
z((?nWveFfNHiO}7?->!3L9dm_7EQqr(s7YIGg8~DBb8GdfttqmUOkF;D5t!dvyc4j
z-UjnKEG#d^D+0EU4S>=61_lzC4>o5Eg=XAz-mkDwQBnDvbJM0b`sk_Lb^5&q*+7x%
z{8K`tSFh}z;M{%z0_=`-EYcR);JPwiVWw!3crA0(f&+D(qPS*g9BRQ^oHMvewD_^S
zUzP-qLe|26yY`S2{%X%BX=xcw7+@KboQ%15NGIy{67VP^X`ZtahzpVj&!qK@4ZI21
zg|<X%zQ*THL*#S@L<__s)c`Dof{FovW5rlX%B`kCL!b7{7YbC7TE7EOXbu1?Ud{Pm
zwJ;X~1u%`9jo5k;@p;zAZVJ6!ekO_UhzV2gV0yY?Vl8c({w%YlApn-1?7!))=sH_c
zg`v~qQa)OYmMT)CoipMEY;N3dx?8#we*EYLgeaNSP<jG04y~O6HZ{3<?m7V}KTK-_
z;KjH?i&*ltWvCF~+4jpbiw|-p_3NNk>n>+y^aY&JE2Cg<M_*?sYB`*y$Wg}sbl)a}
zOV#*b63|<l!<9u-DaDkg;3AuB;1LHCL!QM*j^2~h>O*v}6lyrtef+Wofb^55bDmzZ
zN};YKq{g(D26C<_Ej>A;?%}7?Nx<{Vxr10l<O*?o-sfl&Kn0C2HS{mHC%;VC$EI!_
z!B32ITMB@<jW)2+i{TEycFM~eZ1S757tDa(@9Z2DIPyK2{4$kB+^?^zTiuhP(|V8E
zd(DdDwJhTPR2|!ySDB@T;i5fTRUeJG9H06RWVX*4+PhhdwV<Y0RPjliQY>!mg8~DM
zO2W~)r3T{wv$yo$EQ+!cOi4MYr@Bu=GdaIEtX8mZ-Dw4wHxcq&bq;NWz2nhQB0559
zTx-q_um|I;HM%!DT74akwe?8!7Tkb{BOI)cq>UGJm^{wK_lHR$z8c8s3DX03nace{
z85wfRn08zfki(X$Nvog-U~Y#b&wiMlRZVT2PR(7S5Us#qx<N}%;(80vFZH~r?%vh9
z2th6X(kLhKM?3;RN$g%#bUCKzbTOO9gjNr)wA_UD9UJi0+;s!!-KjyRt;;zZ$Z6b3
zvQWhvyG;-kugxg4S~7oc&B#FKm#a54#an7=(8*I;MYog+WXt=u`G$quneX3<K%k=%
zNR2W;ViRW^_0eTe0gv@p0JI$dpadv@5)dp~d&Z3U`Y;U%>L`DZC^kz{A>EOm7l^lj
z+M@v<uMcE-5}4h$W}z2nX!?l_H2@ZmMbV2D)sZoXBeJs}OY9HJ4L}Iy)!q}3p?LgH
zQ~(0vZ!~R9gNV$}XsCwfn@YT@=xcco+l~$g4UgWiClpxq|788KJRHO!U;M(8I)%9d
zod8&oe|TDtWm5zjW`#}15n42Sma6X$tIWDdOCd|k1ZG0y<mCJ?3Au-w5rVBqk(+jH
zg-z>3;1Xv@PJ|O2m~Ay79<A)7FS?~IItLWn1V)LM9gOM3{s_FwJPf3#udm2>6$zcH
zb1JVZ%|fGh7Q1Qpy+E7PR=%aqUFcTsoZjP^pvn3tslsHlxXK66yu5*dL0?~=?XI7_
zV2YsQ^iM=9uB`Qm>gW0Cx2}C7%3}$q(Y*&{9UFRO1{D1>Vr)85fDPgTumBMK|M>Bv
zCOk3A)}(m>JjbsimC%0>Rh?DIIq{b7C-q{ZqYkhZGg$o&fi5(M_UB5~!B#Dfk(#be
z{4E0Mc^6^2Q-G%dKKW^QXExq-eBC)}au7!DKX^SrYQAxw@p9V;*g)Gnw{G21e);mP
z!}QxWL-^EM2{<LVzB=+bFU~HuypLwsm|f(CyjKGxZO%8jn)(k#ewErRE9h!8eh!C9
zAoXvv0EB8VQ|pce&-iS$*rLnQx@}+V{kn*_zw*_GFl*i&fQg-*okS!gdb+y0Ifq|U
zjgFbhRIdI-`0dUK&e9T**Xa2~{GB}bh$xC>GsaC(B1!IptljwYP`$P)8orsM@1gf`
zj22*-wiA^W7*wg@`$GV=&SrLZ_;^Vze)ryHkY)2i0!9@|sSkuR%Qu_%)EU7yj-$`d
zeSwLx1D+ayh}-TWpmWs{A_}|XCtlZvPx(Ct8YabSNErg!0d!Nh^!qnLjrNEq>7Rf8
z5%oM0c{?8futj8>{}n#{*}6eK=;4==R~53<)YQl+fOd@m(X|0lz<Fd&0AwMuOahJ`
zsKKhUY0o8LqP)U{cE_Ow)0~;8Q}<@FYq%`b^dW#7eaxkRSb(yI#!*iz$p2$XN-?nB
zDpFrYfk5B<J!z%U3bSrpSuZXOMj|SRR~jevW9kUt>L6=`=%e@)JM;uaNu3(HSb72J
zu)u-jQb?ZcA6Ro|c-2Ol-g!ptMf-@Ho1L3mePs~&iul(TAG}fO8YEd5VvM1T7hu6H
z?~iCOl{SJY037Gf$x}&$nFB?F8>3~=Ch<xhK>wVGV&sm%=Y~o7#vEE=HTn(sG!1`1
z1dA-2(I^legwm#;g&STdBf;ea7uvOu#0fQp##5T^8L?vtr-mcpb^_SpI(y21N9)&t
zfLdLL1QQMEDH)3}M|0`^Z6ISaJU!W0#z}(mzcvq?74TB~Jcua^i&PdmK-$E~Z$wln
zYe${ok<YJSo>p#IN@F!YUJ6-fhmkLjO7_0gVO$LKAz;lsK<w|kSy)+Nf%s=wWF!)y
zmGi(G2s8{UKj#|3>7AbQsf=?M*}ZaTCgckTf9Wscjb|(fP0E@$wd?U%Ah;V1Bq)o4
zpt(s493akV!p^b)zu9}E2S|Wx=o6P=HIA~|3%ak3$^#K#T_7r7-v1BdBOoo!_(7|}
z@fk1og>-$VIj>SIK*bAyWTYTsYiH42(TYLbOEa93OZ)BHFH>jiJUpI-fJw;AD}*tQ
zeLms?9KsmD8H`)fGBV2Vv#PJYBVgEm1s}*`U%{ioWk3mm%DGN}!X5Us0$I*qF&Dsu
zs`&xl4g+`t?fA;~(8iq8y}i8}AR>*=<=Q@zaUEE3P-dr!s;VyF@u9R-O+sm##5%Dq
zZb>SJUpU+nE3{-bf3T#tez)KQJXGo8H4sfXro$0n4!%aW?tCr*7Xv?vhkA1e*J@+H
z1_e;^0M*nB3kzkD3ay6laz2l>oXiDo;!YF0b+A*%fDOC_)?mN_$}A+M7tIACn8mr@
zy@e(KIbZ?P1D<Pz!;Pr#JUHE7%lQ*i85xjTcM!VJJwp!U4KT}j(xi|-?#}bn#FF_;
zGe3ETOWHze03g`SA&I=(xthxUDv?^g5;2X7OSW?Y>5qku5ZZAo0NNn|BakNIssMye
z9JfP|z&^zXqSstcDZ_yuyPOpNpW%Yax-{cp#otCBnj`6GoYuAfiCLNbdeUKBEDcCE
zAeVt-UOgQ&95FgJmXMx4`}-nQ65jaL4h`CFCgm6d$Tdg2{0eyq0GMA<0C51nU>q$4
zNmqr2g#pxsiGj3<N?{4ZtJibjsP{z4*~KY07)Ihg5doAllrw_r<a_z-lpg(gCt$}4
z0wI6oa8}uykGL%ZmlA;HLGx$19j-^xT_o=0`4F_Na2+uaWa{zV?pWd!5BdA7@V8Yv
z36sS}A!=#NN#kS3GK&#2z*Io<PyU{T;pzfH;;8NGfD`UP1ImSK54ZnY?i*JRhHL+8
zPto8K#M{i+I!0{y-c{cIA~=cZ%x)dthU{Q!I{r69902Bds~|h!VYd*Tp{%oPcT%JW
z+1D%?H91QWBtL0<_IKVlfJEts(QRtr*2Tu2r|g)%g~o42i2I%Y$##O?-IuMw7G{~@
zvn$8aftSjlrO<`<{D|WJN)Aew-eOUjJfxc0?Ix*IxIMaWwWWPEf6C|qDCKf#zue=L
zomW(%ikF%I3Y8(b)amHNWCkynzo$7b2o6WekPMg*2pnsWP!+$YNp2&x-Oixl1``PI
z`_qrlO9|*A-_%X9C<VW%{<+>x^_Yq0LiMIGq5HvBjqiYy-scM4p)2p&A3Ou-a@aWh
zGY(<yg}A;T8P`ma8kZp%pLY^?d8tJpp!vQH`S3)Meq5U568!!*qr2vHfn!6G*ecSL
zfhS5pSkzBPKht{GO?+ynWwJ%gFvwzX<Ng#S_N3d=y6Y+_ug&*knXIBt^nCuemdWi-
zV*?f?OL>w8J@nBJR9OqklH;#5K~$r;F`7Xp;^j#^4(|ABi6rR7tGLV|<EbL<#bCR7
zCVfLGm~j<7arJ9k4YCBEyHRwdmvhlI1sCEH;{3|B9d^}^#FTfg9Cj`%{^q~mYN-)s
zxzs#ifqn|ztDbLL)T{sHEpgRXfbrhCcJanHo_P&*Ib=84RGa|sz6fh;pHyXVogg{g
zxZiM!P2uBT&=5@Gk`UOBl3FcmHJ0T5J5TPyok#IZ`Xa1N*2g6>VYaODYRv{aj8FAs
z+Yp$LSEnop73WXtFT;+cD-uVSFlPc=n6s3Hmw#`z{_v#qmWAu9@hscgl!+2j%c>vC
zG-QN={nJKvxJVYz+MNWv-?;p}d|o@b`dI@|etFSnzrm~GLe4P-lWkfaK$U&z+nQ2m
zLyz1JkNulxZZ8*j6o|>@?26V5!K`_Vgl(p3VxN!Dj4&BPY5ec}9q&d!SBU1<oztZ&
z@y)Nm(Lh|ggGd&nFK0ky%T918DkgDhRet8V^!od^8?8@*H3gT-{0%ci9RV$GdKp!E
zicK4`D;_w3y3UCST-B_Fv3~edH~_LnCcAlxW0%`(QJjYE-z>%E9!$%(r8d1_zxrH^
z?UzK&fm5w*Bma(Uy^wrIHf=b0$<QKwpWxz+>44aLl11odHlj?<9nE!-&|*{k;a~dz
zsRL#mWn@7gI=ZcOq32qgCUSg!rFeiX=kBhG$0EjP|BhMu@;)lCQi-(c$A&HcO)~UW
zBAHa1gCl2E#}mV}zeO4#YqjKO^yT5%--r`Zd=@_RCbuZEK5jy&ERy|wi2%^>@f{9f
zW2Rt8{N+&Rq+RLCS<o7!-n=e57@BiD4{Ig+^RNJL&aJVX+)Eusl)%+qv*ksGJ=FDr
zkmOW}%76}>)^n*`tRuuGw5y-&qu5+v``7wO6C-o)DBqPkIKCRx`E{mpV1Su|T)cO+
zO>b~*4vxBN@sn~dfz>vB$DOwX+MVrWN?9fC7ydKb^F}k<nYl$x^Up6x|Nc>cUm~z5
zbQ_no0D+>Pi2x;~&JmU(M8mmFi+?o<w26ZOxE6r+_7G*jbtr?@BtZeo-(Ir)`2)y{
zp6QR2+sXLR2>#F*8;~y$r<IP|3H~$iTXrDtdz<m_&w#kFV-OHa<;Ob~yL^kgKNW`r
zwuNO)0Yvla{4N2Z5sn(%csAPuC}q3JjsL-EO99}~(#7rnoB%_${wae9u<XQrs#aG8
zPRrn00Q&hoB5CRQat!X%{2XCc0A-YbI^eT}FTL<U(tE^+JAEE+Yc5YQO_Q*n9Iocg
zU4zFh3=CtPIQ}<WwDX1$IDN6xZQQ<hjWy84+-_~!(<1GeKKm5~kKySYKbFUTEcmM{
zaC!*ci6_0cKyn}VAb)b<NAXW-o-NfiS{gM!jpa8F#INx&6e(c2EBjUD_{$$92=D<$
zB-+f*S{%}7siL3Gn~}K%t1l+A`&a0>(nMLdq75?saOYxtaekBcKU%qQr*J_aeoCwg
zeiSZtMIbe{$5R5{hwtrsRWAJ#Ee1bz;{zjkp{sQAr+|GA1uQ*&uM}p!W`x()x@@I`
zaqy1`?#Q#-4#AEx+FGk$Y7(>waYNrr0fZ3n6TcdB@jdN6*ye)}!(_n4;#3|@&{*>a
z!6xETT=M3>^Zft00VZ_!tx3-~Yxrd~Ft-1W3P|r9sjJ(qkga^6L1YQ~Bi_>>zRuZx
zJkKGu&BXUFmf4LKMZBXqFU3tI6W?~bj)vKa9>|Wzn)4=|=a)&}m42jKCYgSuVX&Fx
z-;0Y>fwl$m6WbY`q1U$a+izt>*&|oZ)Y*LI$Q_PdEeyXHm}Nln=A!p)EdB@tRB8;=
z$w+LD|0Cde+K9Uy#HHyP2{PR$3qU=6`v*@L-D9i<7=8JlkU#(ZYYzdXOaAX4=pEY`
zemz}F@n>j$asYOE5#p8lzu5pzB7@r7p3(o^!yx1CzuQ2vb5##yP5<E5zaZuRxHG@N
zwEuS%+u>2lPQ*7|>J1z(-H>RTK-c^cDkxJ~I!LpDaR9ZKGHEAGW}^SE&L>~v2&}x_
zV6wL|U35&^T6W{_<pMQ3?s)0sNLFL*tn&W9-<AHnvf7%>$$2_-apnIcq}N86h3*^s
zKM@ZX$fY0K{zLOZhVx}mWvBLwI_);D${Q!(zPg%8?Mbzf(w7v5L~W0C$?NXPfBE<&
z;ngF`57%V)>Fx#I{(k#b(#LJ)xRZ;!_XvOYzB7MPaAe1YdOQRll0b`7$?@uM%K7=V
z{+rALV!-*N1ryeK@`zI)yKb)&GQ2Jj;`8G6_qTb=cL<)}k#h}~v1M?+bNxAg-Gkia
zyZ@iBc7>Idm6??oqF0iC0liTmJ;>44x)4n3w$*YZ2#FZb12W{c8)KH?n(hrE4p7&6
z#qZL$^=(Q2f5!Z;$8bdFWD~L^3|SXN1H28)4v_A;Ilp3{_#7xt;#ZE~GDzY27c_hZ
z5`{=0KTBg#!e=$e-zUsPFaOuV2ZUd{ejQn$kx@hyU4UAvxJjf{Rwl_ca5_P&-Iv;U
zbNkyu<AL2fh}K;W6|DbZE|~E-b6sw=GtH4t@h`uV^mJM?2h9AR6_Y03>0yf2ZP~`M
zxWiI)1Y3T2Ug@FFyenxR6@4nFpvcPRhj&`4Ibr_dW9bxf?nJ*|6IuTKWxgs1`*hRJ
z)z2{OSw3m0fwlbOuGg>rQw#8)sph-4bZ23gK8mZ+EA1_!$NzO>nFl$za22kV|KHOi
zw*KR?fJrCwh5Hl^rS~sZS?x+#{s-n^+5Wfpt|f~GD7bSN@LayB@nG;&PBY_opOsZ(
zw70_`{)ihi*$n2t-<K81Q>uH&HDn|A%d!;qSXRmZRVjZ?AwbY^O&ZHCyOe8tRPjI!
z*3Mm=yFH@AUn>_DdnDxk`p*R*YYBP8Sdxodl&<c}&Y+j_@-%&tOZI*LJ|h!V%{qQ^
zj~eAs2{!)HXIs<vtjHu<$Z=ZOL>^Udx^lc;sJf-)`r&Jc^BuXp(5x=u4_{aQr@P5=
zw+E(y)Pe1W*^ZYu1LOB!aDq>EUB!Z2e(+D(%u2!9eqw4VrYPIB3w!my&}ujyGUU?C
zfM(w<ku#8|prY#&wb9XaA_AZduBnwC07o?z$>)UBQf7xfKI%PL6Lnw@L;hUNC;eOH
z3M#b{NoP(|AK8^E(cQgUP%>jG;Qm!sZOy6l!ujtY+eIk7f5Dk_)i~_azmP3+BKyCi
z>VH&eT>leFN<e?>!TlPy&ZiR>wBE<({G}$9FR(7%*qXK<+Pa<YRz+YQ!?N%E1rZ-#
zc20{K?lDH{c`->z43FluU4Eu?s9Rg0;IUJ#>!P2kFl+c!sti6gkgJt+hI!5Us;yfk
z{MJ5|`eZ$EX5;c;p>j?{h1ma7W>44U6`u7%1XN}JC*v6TL6siFH?h>YTe4EV-`FT8
zev#WiY$9R%r|dujpLU^tYRQUcy}8kB!;xEQ<GIh%0Oc;BP}o6@XZ4xa$ywK=2xO5l
zrQ9HgcCA3YPOg{plg&Yto5+lyd{lDLiH3%j+u~&+sQm_CR=}s_m$4qTDMcYoxom5i
zOwk+4$nc>Oup?uWy`E%qWBhsFy*#&+9KFz#gV`|lN=K7?fx_U4m(o+_x$Nu%Wg%OM
z9#5<UHh&ff+V+OsmX~S*rwBO>yH=2v`iW?fDs`m`Rh!!dTDCMAq@a1g=Y<K7!*@B(
z8I0CDM#>YP@_sV1_B5Ckq(+JWXTq?Q<uROZDg^CkOY}4*5)S)ZSXNXj+PpMU>Kw;v
zOQ)(Gu$C={OikHN(FLHJy4`7I3E}9%*VCq@@GXg!qgnhGaVFVbf1_+Jk;pyrD6&u1
z-U`)}WfLU>w4ZEc7eu*y#B!YR2{bvwG^L5-TDkNV>LSs{Q#tXCTpOcKV6vy^h;Dt(
z4(I?{o_g{)r5pGU0k<V;UpL&ls+Eqr`V2dmzl=#fKGz<grf0`esA(-O+g<*66?CS8
zax|luL+7oJk!J<;Q~T7hm2SO?WMt&QvMMFcMsJdHCGqNqiXh<|+LKpx(tP=9V`fs&
zT;vuHI*w1DV+P(i|IR}V28&`~u#Yp>aWjhemNwy1pSQ2!*)QlA_N(zFQRwLRGqd;u
z1KUNv9(;)CiaJYL#K_OHZVo{q1NH(=8l%bGbvVo~L~8>*IP}SGGrGX0D@Ox!;%`45
z&bMNFQOHS9XER)Vl6(;W6;xVaTBNxDOLuvKvoTG1d^g^D05-f?s(-86UOvesHF9)&
zM2pIwvWCOu$I!uUSP+em^W%84ZkK^H5j8$Pqf1wZPM?XLLnF1b4cpT5folU76SoJB
zC&HCmF)bVh1gfLofWnx@_qiY0IwL>C?lHI3<M{?XCLfM{V56)YIsS9%n+2@|`0&Co
z9;|!TLC5$M-S|xj=Dh(aJ#BmM_Dlp?<d~%XGJaj6?5UJetlHt!uf8?|6&LzR1Xq&B
z3|&XF#r(ZQ?OF@#;k4(K?kbwNvs7@MkPvv4dcRbq4a$zT8j~;)cKq1DU{o*YwR@=6
zH;2PMY*aOW!}@#kBTsg0byg3er>_i^j%F7Z(~06FHjt)WKIb<W{8<rJJ1HPIn3wxo
z)OVF%yT($!XkDXxbh53bBqTCT`P8`5_(Wn{O1t9dI|t^M`(lq|-pNenf&};0Z|%NG
zwMsSbSI-|s?q>&}x&)1!<#?-4g?MZ)4*4xaNR+@qM}$27bI?=@-@S6Q?M8~-!L)+`
z<Z|@Wu1VvuN*Pa;TZfJcAaOm&16NH>bna@ONm4MGs-}J0?pD5nda@w=m+lX)kydz`
zG_As2B5N5AOM~woAI-y&Kk?QkcY}&+71<>uRB!@23R#QIRH`#tOg=s5g1F5ItNB@m
z+v_Y_n{L_B;#()|dUCA20{*iDge8d6QPmtd5%wf?ZOw%=Lf@#K*)G0oj@IXZV49OL
zuF+_SH5ePidfz-wrR!#|ZA*#0MNJ<>JA3ld6EsO05*r5%Q)A0`NAB*^yx&WSY_vZ7
zE<->5wzK;uvw?;G>*j2`DZ34~%1;-M<lp;U2AY=Wl{+ajmMM8wraXSlt$jb;M~&Et
zY`iWd(PlHEH~IYdap^g~N-#4zeWvfhv&&z8AGF7zw<;OcwIH2B&F^-?ND`TgvlYL;
zq$Wtv+u$*;tiH55T5DYkkEan(sq!|tCfU*TTRMC}8&j)mv7tOt9ZJR1K+>DQf&P3W
zX-LVXSI@e~wrQNHS*5-NT?thSxdmzV{wG3*9dh#RF;_)P{>tXB6v2l|gY>=1Vrga7
zy@s6S)Q|2e`-m%4Al05V_bhSv`-9yof<w^TexK;360JvIayou>n)e$4Wql(P`zHRX
zw*EYn*!%`QN|<ywpKdOjYtFoPXB<BH%6Whg{mIGF#^Z{HL4Q8>?)2KIPcLQGHqGo%
zSIi5Et8bL@;uX4k3i@yYONXh)itF~Byu?I^BmwOTvO%r&_p!GNcqI)BmUy^E`wolw
zdzWHk4ucs|TJtNL78vsuf~Xj6tDvy9+NwUV{pWMpC(2{`_Ne{yrz~x)FNuvSY>;CW
z`a`n#!>a%;;*!5qcM$o1s(Z_*th(>-7c2}El?DMx=}=lqO1eW@x<Qa`3lLO7O1e9w
zI|S*HZcw_r^UTff_kW(}#W^p|n={5?Fub|BF7~z8UTe)Y=XcHdS&y<7*cp{H8!>*0
zW@@|b5>Y<KWbL`|vyQ@*VC<^<*@{DtFT%Jqt>z$;Rya6<uUtkXF&0ZY7Qs0pL}4Dl
zDeb3`R_^*Vxl)htxXnwYE@9Tdr|H6`a2`FkY+hkIFIK4+m$7lu!DiHRq>-v2&}K{8
z<ZgZ&^;0Ez!KcwO<x*WSb{-|d{_HnQ_epSROC%eWqbd%5wg$}wGFsVN7#OzpxO1k>
zpyH-jO9t7`n~$FUNm;8S+UOd1Z@CmXaWQ?8YFqL#A@~mN1%X-Uz#FaO`zvjseXE3v
z84NBSHo>cR!psK$(n;3cOIf#}bs>=S@FJK?raOv|zLk$Vl{NTgWFtC9yj7!k$yf3p
zkwwAR$fV+0@v_X<vw;R>nxRv&%5v00b0P-f!3o(~;<mfd@xznB+`=^fYF_1NSIFY8
z504siUol|@--6-ePM?7xx^G@Zz(+Pw8=-=bq6SiXU%A5(dP8jSV9AWQweRf=;wmF(
z!Zi9r>)U(VTr{J{&b*~``y3(XlTR5upI4uv*{D_oD-iiDw~z37Q7j$eP;%*G^KWkZ
zvo|)0&@gZ*Gmc;p&nxXaViOW=WRE-X6vSzj2t5ytWNKaeGniu<?v7XU<*k2M^}qgP
zo$ktP6lF#iscg+Lc3R4pb7&8$!WmB@IKM04{AmJXeEd6eSR>P;+plWQXoPPnQ>h`<
zS4M?PMmw6!jZEZufX-^aYha>ZU(pFTU~)}p8cal-aw1{uj9N@%<lV}OUcm+ii({BU
z6$wl`^j-upV>$McVJ35oFXxz~V$j&l+ByFDeY+RVFmE(cE8aV(IG2+vM7THY7b1yf
z^GHIW*Hqk=X06a&VK=_5dbCY#ZnRLlU0as^;>XCEl9_F!ro6oB?$y5x9Urf#U-Jnr
zHKca2?ZB?>%%`Pd6qOu&Lbvj3E0UW^oDL!?cKZOOUEfzCN8z3yzEyaZP<fO~$;wQn
zZ`R~T-ZvgvKQ)V;@1v~P2xy%n@tWw>pBZW&HLlRsW|35kbr<{=9&XZ9DT9ChuOPr#
zaEHV<+vtA$TI+Ba*+L7K>e-C}_GKfHGedued8UEnr5^R&-tUoPyqZA`-gK#b>)Su%
zSuo7^7e&<1f1~HD8x0MQS*y&pX2mt^i4^q8q|og3*r;pU^bjO*nTMI_b<i_Jmr1pI
z@Tp0nN3A+`_SC!5yg&^$Sd~_h5X;8VDG$&M;A|Yjp<cQpw3Eh@-O|{-lFu9D_oYIu
z=R?k1V`?C0r;A-$?8O>-N)fdBFbdmz%zf{Bw3vJ^sn64U(u&&~Oxio8wEu9Uir;)m
zc1w%)mi`x0b)x<bCvS?L!9!HN+~Hm7*(8mS%1DI>-M_8INH)3PRFm_W5%q#M-jg<x
zqP|++Ju2k>(Z<~}B(w;h8F;cc%#x-_WHlH)rCI%((Pdsx+TE}mM@ok#d@OTwaVzp-
z_gdJ`t9*Lk{>P@?yW(YSSbda?!)0u~rpO{qblZzAg<<H+5P8wz-jZG}>7Ncf8W)dI
zs=GSHN|+ftS33P>CdwmSS9L9&ymQFB=D*B22@w80w)>oVW|z|IPl0VnP18u~T2!6U
zaOJT$*JpKR%XjRt%oODz739iID3uY$H(Alt)Gzu>T|8Wm^hg%c#3eScau)ANKY~&f
z2CViiFZMczv4+T)3gPbV2&y9uZ09jIhN|!4%>spg46BUzi)1A|<ZFuRMjfl>FLY!U
zQ6qh*rB9bA7@X(CrBD2m_j@8MUT3bZ5?w{9W7FkAWM25H`Zo7p5r320@4u1D|M?R;
z6`DFvn!-hi6dk|B_lBRew!a%9FFLS9#*ij$r5LIoh=ie=hv<3o=<IBiw$rw9{@*$L
zw$DSV^nR#ph=uoAD$b^7z|(Hry1aohQDky(4(%JNZ#yR&)t0D5aa3jBYFsH=CBY9)
z{^CjB!>ymFJ^52@qxz|GlQ*Thqj2#5gQxv}?=Xw&kRzWIKL?^fk)6CgoAD%lqeBqZ
z!<3Ib4qP(a24&BRcHRovC{j`P(q?G9Pi?}N5N{1M=!-YqVLL&sv<R+$*+fV6JENm8
z*uIW}A^PNJ;`5LITn;jcuJ7Nd+&?2%_X-Pu9=~I}5*PomEiYO^vOU<{S4+i^dgVmy
z?uJc<wL!NSSKp&x&uG1k&)HR0k4Dm1YYAD?e6Xyf<t!TaqQO=Foe|O6!{@?wdA&hD
z@HfrMLeA%R)U`O3{Wk(azS!YgWnIY$cX^egg6~Z#q%b$v*Q&nngLU`#sNFB4Dk5c%
z-&G;2HYjmDGOy9m`(!s1xfF^z3E1|W_lg;GI3}$LPP_;8SR!haYB>c*gtRP-dr)Ga
zl2u%QV)#hBKk?$^+k0Y-Oy?w~DQBL`wYTJJ-jZ(4;CodC`;q@BHvNPm)bWjPY1Z~c
z)R&^uQ<$WJcxR^#FQ~PKIukk+!(EJs-clD>D;?pcl`I}LiWe}w%5*MO?y!3rQf%(8
zAgg&=AQbX&-9NN<pQd3gDg08xhaGBI(4*=0?lO##<bA4*h!?wP*GR;|HCAl%X0XKz
zwjq<>SS_I8W0X+%ANy@O__y6y;D4;Hl1dOosbWT}sjY|zO=jEhW!w7$8fUhgBDrs(
z3^DE<d@o*9R1GyB^eEgN^;`0LT2M5XLaAOzCn+ixGHuM*-@WlUc<;9h@6n-|q2~Ex
z&#Z?Y`D%AwCY#UDweNM|s@az3+zuel8<Fi+(d3A$xvUcwpc8s<sYHYL+KliKkuRtJ
z(bfLH`AJJa5h)Y>gEcAZxQMHPF<9<tH{{^5(VVaSCH=08v)kEmw}-}UtBn{C)4Yb{
z5lO*vkfZ#Q{W{@9aSSfGY0~YtDbsJIi9kTxe1OOdUZV5;Va6MMWi~Up=WnO3ShjLF
zM+7Cz65&5J!=Kn%huBHcOdoAcD}%{wyUd1w!y_7s-uNas)>s%0`$SXboQ|9)GF)s%
zH7$82UR@=SI3I9VFRCt~XM5Hq%n(r~prNVERLQ5Ed=e`iQrLvXv2SjbaBv?!w@wNq
z$<cJkj6U0myXc1mHA->!<J}&}Ps*vQtGn^-QSL3z;p|(%vob^5KO~clhs?VEsuMf#
zh_68OurE`YefLW|SHXU4;?Vh14F}KG7ID>H{;-v!wAz7FRUBHzs*EHUa+`dJy(^N3
z0<!<;v0bgLz+wu5<p1eLW44gJtt|Bt51pe`OpT({uBg1v6AF9NcRsgq8~2SHcbom2
zrs;jzUSuH@sc9I@J(aE2-K8jq!Q?$JG|1Q!x!JF0+M}<2=HWd}T-<JNk`z{5C5|r=
zjFmh56346yFD;C}Li0hbt8|~MWYf0=wj){ZdFxl%*P>>fTyt?ajZ96u2h;;?3aQEt
zOye48UIuCP#p$Hqnqc%)`R+Q^O<PVRp`9<B<;X>eUvSss)lS?G>PqF_&kX7XPG5Wd
zEc}WBl<huuTZhYXPR3@H`{;-Kl~Hy1CM0urC|gAJJZgsc3d*1RSg@~VLK()Sqn&py
zvoPQvcn=a8S65eEzJfR$UE#==FE4o>mUD|KXW%z+@Xm~gi|rD3V-=s|POPtT@5_9b
zBMeM~cJcoAwOp(YjW?v1bg9=;nu`o9Gp9XzBH3?XsGdfcR9CP`%akTKo^O834yaBo
z)~`2=9!|e5%cMB{w~>IaE`wo-F{4y^=>$ARav~mj$}e^_yb}qFHa!LNVqMi!wA%wI
z>Z6TvqjUkLYI+q^JRT!`18+9S`86`;PLhi4IxR**69!~E2bPI$sk;S)oHh}*RTyRr
zb`?oBbC~^73|`AktuWS}Wh$@f=)G%AKd|~nXvx!Ap*v4pew>Nvgrk}F8cO^NL}mRW
zF*`rc?t~uD+($hVVY5DxmVJ&%YaISD0H5x}Pg<fqD3Nhv*f23HmxSq)Sg>-BP~z<9
zdf>`3sRpYCT2yxKmGW;JDrQ@qk?tBt6+Gq}*BTGB)7;ULk60XXq`CvwZ>b*Vi%H`>
zp(JVx){EwL>d1}wrDE!ne7@zkLME;vvWFhN@>8+GLRVk<z+*aMp-4BxpjaYU>%%I0
z$~-4!siNu2dhC;yM#^CKhgehA#rsFwR7bsaPL1A@a5v<7$=GP2b2UmIr;+Yu{!jNV
zvyqGUKHsP!_i2!yQ#UY3PL+unjnGy8XIpMiJYtYl_PUsc?DrpKpMDrq&TmsDM`i;5
zF}2PGR!prHmqq$LYo<w>c|3Caso^yrtqP_B8lL{Z_PJoo**Bl8WmLlozuz+pGzwr1
z*=>5kB^#~ma`;AiP44`rx$mArYwN}GLgv=wNt)@*N>=f+cIvnXcB7PISA%C2-nFNu
z2ezTn@Dy!reCRIAI~@(gqRyfa%5?D@RWqbx&&1*@_kkTybVT%5|Lp7Q>#|1zRd5e6
zG3mnRK0#II>EYHMaT=cmk;T({m9xQZ{4Ioxb2uXg7+Is;#qQ-{DI>+ZDGLS|L0{JV
zS)D6~>dnaRQ9d!IHk*C)$+07}_;A(mI!0RbLJri&D3qFr5Uzymf0C9tp%B?)Hs}^t
zQCH9XvZ&@4V#YO*6Ma<85po<(Ir{LaPF^)JT~u;EzjU9Oc(C%Cpe8MKCSD_@@eBRQ
zt0eiK+UGYyW?aRI7`3{%mja6wg$=j5-juib%LgmTQLDarGGe!MUb5tR6Gec0(;Sih
z1^O2I(gI>#mNRG}5q)W9U;#a#Ty5XFg!)M7Xz1ITc-tbcCW{uuk%l3!4t02&adf(V
zGMNxX`O}axav^T(^x{Wm)|`FCbF%(LUHExw7{cP!)+!d8R+R24+Uv~UD9jf!Od9VM
zN}M~~CHea&>^HiI=oqDE<qZ*!Ea|aF1gss}3k$5Z2XoJI>s>`#saiSnMZ{0EY_ai!
zYqhSf$)uzjv;-Qseb0_*COmU+ienSSY{DBo4&Re#XQ9BiT~*HrC6T-ZEak`-4%Fh}
zX_T!gMcw=2Js+^_N3sjp-7$dabq#zxl=!cAFfa}#zVF4R9|ahhj@0A3ybR_>A0qFT
zp_#(Syy*0^X9PL1u=vf05~YPkZnKe<lG6d6^w}1<-`N=f!?8vYj$`@}O(fmSZ&6<7
zDN*s@0UVl>^jqqOX-j^^;tEAZ43U|XOkD$Cl!H&nu@Cy)q|=AvsHqgx#<U0sEg3Gj
z)z!C+La0QB$Wi)St(6ZyC>AZrzGc(bC?i9Y>d$U&qCE?xbYVF*JUiV|lW^A!N_DqT
zo~;x2BQjF<uC%R@yQ8bP+KpqrKNV(v^nGQPI@qFGKV-9Cp_ABc$$t38*qqazIIlwo
zjjB%++X6>^fwuOsMIW-Lc^AT_f~+DMY*qa=-$;AT>a1lJbHdNetgvxb#un2xgnsG~
zqU4sle&%`f32S_kE`f70Cab)ec+lIpg#`s=vL0C!|4@lI7B6k~-I68}9b-R<N&N=n
z=kPu<MgCCjZCGSgV^+~6$|}BuU%UDKZ^vHde`QHruKe)oe|>=e-~M!+)gJCW-U_`T
zP#2GuhDP4hGy|X?a}JftDk@X~%}IH+=jw5u=g!3eckkSR;<S%s<m8Y!ouUnO?NI*6
z=W)GE!IH~;=kLL>XIxD7etwYdyNdim>4u8Zp~V&Mm9TV~id_Bl03Fm^B@LP9B*${P
z7cMEsXg>B~+&WAmlhh)OV%0v9M6QSX;4=Lc!3k)dF<pKPc>@D}{{D0qnq_ZZ6uY<c
zxgGvAeUQlwm9D`PRzqJoCexwFn2lAl|AqV83P#?cqMOPw=l@76PP}s?@g{_3R<#HS
z7?<N~xYoA!jCRPB?CVd&_Bl;ozwh5D@xFcsMF11o+7x)E0Cn+zO^)IB)V3<E)DFn8
zez0ttkdOczDx~hdKMCy_6M>?Tt@;#M|6IkV>t@UG>n^jYd;}xk)vUi}kaFcX!XN0y
zq%6872VqF?-q0Gu19MA?_(ZJv1qDyBv9Ma^Y=NvY8`*3s2JZ#m2uV%;`|ATCkBY{?
zD=tgqx1~Bm@)yQ-{AVU6-8TXTRM=Ex2$eooX!cVt&HJQ~ViNE{_{t{;9<mqJv_oYm
zqzOZst9tlmzlc6|0<9h7BO~?A>=v(*zK)EtImi%Z-Bi{!8DeI@d;7tIhbObA$zqM*
zdD>T%kC}h$y|51A6gqx45kmG2Qvy5)uK;HrVknfN;peZFZ?;?|Q~Cs;RWl&)RGc5L
z5W24p)@yKG{#wJOWay3~Mz7W?p<x^RZWnngORv`36pvE&a|jk#A0ll(lmn~^QY2d)
zAf*MlwCVst4;ouj0Xj4E>zr-5-TCQ}D8A?7pM*$e-S>bUATX>NtdHW7?quvg!8f-5
zwI=`WUs&OAj$-beHb#2OkS!AYK_R9|ex(?}?5|I?&Hr^qk3KrVwxLkNDJ8{UNV#(q
zyz)gUqK{LS*{;BDN{}X5XyywVEDy*QpBF|*NJz_)U1oavVr28?&W@shfEVo4(_L8Q
zznb0H08r#B`e3DUgO)Xi_L;5p<YZySa7ivME~wW~P*E9V>t4SJC78e$25wQHxd%~>
zh~oUNpm>H1E*2ecnp|sh%%}&C&dVJpO-1w|U6pFPsmEu{KPQJyxz+tsJ2EPN2ga?q
zUY|9frhi*X|D!Vb6mtki_!X{cy`br$JG=}0=o`p$b5eun7A>>Dw)RB7Se@?T+O=z}
z5<Dp>DYoUBZ5<u`P>dV;UGV}Rk6iT2pWmM?9Wf&3Bl@D>lbvnYq@AB`d>?g9JujR(
z@0PAE(%beG{hUT=_Kk~y?hP&V+fu>(8p;^)Jh_)02mg}`aPgQtP4auJd59DEu;_@Z
zvza(Pt_h>Ie}(1UyLSNNPyxF5>FH?|mRdQC=edQ26&Sk`($dPNrW4`LkbW(xm?op_
zbI;OzL{_rJ)ImGp+~%={<hi|I<9fwKI_^;AhrzR#*@@gGIh5fHq-pD?&u%~esfJp4
zK^8iwKd6xx)LX<aPUPamB!Ggl>`Mj|8|}X^#J_(}nx3BK=BJ{j79%AkEl`g#@{GNM
z%eaV?2t&b;0iI|KF(wX9D%ARB0>)_aZZ5vbXD)_{*CvV;LbBHUiEl+G_Boby@APY2
zut;pVKX>J-NF93kR^2w?)e9YK)i=E)lnu(IXd@L8{4V0lZ@)W!xQY^wbLsCHc<U~9
z{CH*`t87rL4h1Hub#($vFI6}I=W=m=2DvAhik?tOL!+2#@+ba<_P6Y%qTOg5Lhnhb
z=NaW=-}*B=y+mA2_(e^&|7!pD)iAuq+eh11)xLY^l%l=5l1y?|%4!nrcojbL#^q-U
zLyAB5+xag@jnLW(49cj^)cE+vB*H45z{DEO*Y~M`$;iDI$KzZ8q@ek^bhkXVIo7nl
zRXA1`Di>mTV|=ey($M>a8uE5*m1>3}ZPnESv-Vq=#C_O@)=>F1sTxn~Dqo<Yync^7
z<gdwmBo;!z`+#zA65)Y2P{48=cX1TQz30C93r%C7)j5YPZLG#-@txzn{)~+=e!rf6
zU3u+qEspBuGG{esQolCNtE^(uPD@$s-aB3e$AsXr8P~jZTmHT2KmIk?-7O1MH`WDb
z2D!?R287USVj!))$pf+)5rECALuCNjPV8W;;!BT&)S8{p{aD8A{J1!g<HINU6<MCi
z|9#c*9KZM^&bfE#1Dj*fp*X)b<;0sT>nm4L{*qnV*+4KX4h{}EuI-@c6q^spoS&cb
z`DNRLhJ~2{oB)76I$zJg#Oy961!PKwGs0_I#i7w*Ar-|YC%QSqZ!?=bv;?md?R@6E
zyEr=eGKj6FB)G4jS79VrCuILTY5p7Ozh2K=*a6#!szX5uoV|#eI-Tc`CW3S;h7qV%
zH{+FN<m7xs#BH~EEWbWEyReW3%M;Dx#{xfo{75~66%|-NDG2q1xuR)6#ddjPA<br=
zaT$-=^0~uc(bQ4z)3vr!ZQ1ehA)g+$+>&5L|F}4b;|Z!-fvD4Oo>r6jMPhBo3IuGO
zj=xY*MtLq<EnsDp+ZD&JqaPO-cpnI`w#I>)8LD~ONUeAf`TUa{7`C)eo}`JyMhxM+
zB^ayx?lN+vh>LuvsGBA{L7&T+Vf%MgNra+fUP8e~`|ndhvK`OMyTrJjaI#<khXU!#
zGEo?KZSCz@`LdFu!)1KP;ty1Yq?ZAa`>hb>gJp0zSYK;sAxLFdU`=&J+xvNaF^S-|
zyiP2QQt4}dQ4x_t<^pfib}oBI66)HYx!cdTGn~_&`K0{4nc=v?1qSbrTk&{#6D%7E
zAXIS0bP=3fLqjWV!zjT9+*NK_SsB3z#giv=979#<J<)-Rrh~rJyq>O|lIu99JA_1M
zHFYl^u%UB>GNNB3VCl4HIFDUO#*Smw+`5VKCl&G1{t|G;$PCz(_zaj?DoeU{jJvGl
zRBSa7N{>lONbL5!BspSEG=C}6&WkxDd+}gmps4z1k(8|GW(o#*g~M#o_|X{g_ZySu
zlL^UUVV(Z&xc5=wJCPMdfER3JI&ij%Cc3-xl)JObdOzO6#CrHpZ`1>T3Tq>U%{~tX
zNVsyA2S|kJ$XNdr@v<~z6zfE6+!}lo*q3>G<1Cbil&JH$!K&Oy?bLym0E!p;XJlUP
z{oQgho6t#xLSKe`rvvi`czEeP#4hPgd~l!xTbG!r#O$sa={r=3SeC>lzS@)7n_QMJ
z=->UKb#apZ>VE1_GidSlHsn_hM?6CDa%q9yvvCj+6Y~XTlRKXL&V2#`^_kDkU~7Vt
zYuwEzt<z}&`<6fX+{iGFI1-&JZ%nzZk};jjp;IxW)ROV}&$sQYrQcQ4JmM;9$CI;t
zKSA+Adj?}8oxF4`2kPkh96UWQ*o&(cBv@EjZew6@SYAx~GtD|w!iTN3n06B5<EOlP
zFy9y%?r0d)hcjQl*{UGS-{&B?JQbxS0|nk_h~K@Oo{CWt474RTEb$#SKqK{)>@0L6
zU?jdTsn8D&o^d=aMV&S^O6`0{qdq<T-=YU|O{PgY2)jL*YGqZA81Ya9qAvX-Zfd|N
zym)t%zY9f%FJ8Rh`;zXAfWV-@U2iltEG!jPF%nS&xPY`>={*;U)JoG6or744G=?u}
zQCbA-BSjMh*7}95G$`@*h;Jl71eK!wWxCd{UPWLenNC_&uCe!(R8{dH<N&@eO^>*8
zDlc$7t4+sBjs5pz)Kf8%SYFDkte;x)vsrhvhb*)+)ZDp&^2bOH3Eu8$GKQNX2X<V!
z+8I!2Z4SmMPq)GQM~NqJdH#E~^);d0S5g>#`^6_Rhs*?TXN!nO9Yei&O-5HQ=BP++
zTtzXVLxdJN|LJKx0L4X=_<a0$$Q&6)%FaGmv^Jct4|8@$msOQKZI5GPa7Aj2oupII
zA=VkS1-HfY4Et-W;iS_pX6S6pmKHM%yLZU2D+Y)<tK}VZ^pF9wJzZ7?AxNd{udY1e
z6O`s9^ot(UiIdSK7)bhHdg4u`9SjZZ?#oDPb3tdfEOjd%@#z7r@d{#>`lnBic2X??
zxxn`&*$|)CrN|WF|G43`4zw&4JMRxt_mwbAd2BR@<%-JWNiQ)3M3r1OV9o2JM@3;E
zLB@ia9F(b+j#-X&iEGRs@2{DU?t^BTQC2qW)1xUUlQ%(h#vN7SZaW?A*JA3gIC@~T
z)3i||XJZqz@g5bW$OW-n=`W-|J%oC5e*T)!$XhpW{@EK+^~{VMTN{L&&XpP8wxB+9
z+(&=&T#rSR#vFdF^^`P>@O?{v#AWH__1HN#Ag`v=vSqu|xaKPwlGRRxkK#qpzyA-1
zjqs^~uc-#$A~DFzKSr~6kh4VxAE>4F`2@kO5vE!UUrn`qr{?O8cMB!H_%g=0%cxoQ
zdbG)BY;<pRq_1dgcd3u>%j`qjQRXDqAJ#H8L-Kzc#287_?!HY}VD4k*e_4S+4$W{t
zn!&7#=M4dGv89KH$L*UpH*JI&0y>QpO-uk%0X!$bW~OZg_Ia<E-BB6(xqRn2S}hY<
z8bc6+VC>J$<uTi5Zn27xFeriu>zHiro6{dGC!q4WdUWN}r%$x>^t-0?vqd&v7AI>)
zS4KWjw$bgbi4MYVLPYLm)+8{$r2KSLa~FoL8DdH6gu!_?)p-3n9)sL;#AR>Ua8yO^
z@7SCM{K4-%cAek_&V?~DEH2AO=hZJGN}Rjgp^xDx4t%6fr9#5OB1>#WRVM7$MhA*I
z=WLId;Ss#@wlg;#4V&4veBc+&e$R0THPw<>HTUuX7`YkWfDe@>u~M5?bX*%#t+fMm
zv|ps`ulLb|T1q~zVG@$<{1BfMkRg0&dLp*dG@Ux~h8X3~@n#IrpD?XT$BH`j^81gS
zAdda=1szQCOGwNegxXNLF$A*q`?oOEib5r!RFde|-m`-#9WE<1wI6(EyNW=$lLYOy
z2bh572#0iZVWiSA524g>#mFEK3I5}r09x6UF(9r(*|BPhCs?Yz@weT|&%2=D5s)xg
zj~>xiPUHe^DD&+?R~s;4HUJ>fRs#kJF-AaeVEl@wTl3{*FgPYsV`kidSSE<<qXS1_
z>ANgn4}e9bcS0f~Gr^z91b%|c{)n-3GjbgW%!-V=i92EGM@j-_?YOf#hpatM#<F5p
zDmQ8r_4E?KJEj8f6ba!#-Xma+cMEF=n50HIMtE&)Ew}x0GWa5<^&fBTxt#q=n19lR
zjdkLHxzg0N6pFA3p={e7U>*c8)QMddNyX<}<t;~x!~wvd3_}2VJ_R^#D-|obSq{+%
z6$Po8jh0E{c3jVfYHw9o2UPdomTLk$=sO~XgU?P4B#Eu9Ex&+(aEctj2bh|ghUVoV
zC<|DM*#JFIY;Mdal*4YAFmQ1}CLXId)%EHcN|E;E9FSL0F&drU*wC5LfBW|B9;`0Q
z(1*d9R$XgvICqa%^60?#f@xg|?y)%>2qF!qNA*Xr=+ACB?GDwRD+8+l+@fl`m7G#q
z&a&elPk=yxWN%{uMegv>>1;*kqSp_bZZ}KkOacN8ZUDbgER~E|WzpYI#^PW+XvEc7
zgwCt1udlc3ljZ=prWo8m5{)H__|u-)FZYW#_+Y5o*yID%D+#Dw(AxUl52X}pIrG>3
zBaQN%goJEeQYvPbz%sf(rn(uCIn=9jdz?BITgs#<2D85TTSt3hu63k|j5$fB>g3*D
z1xPxlhREk+f2|K-SE<Ia&Z*n^;5a)@I;V|WmF{m$<uPcKAa4O3CTGXIRIPJE*(T$N
zci+3IV<{A2Ap_j2MK9l^C6JVW^UZ6+F%9eL6oiQY<)_Nv7l#H1CjwYw*|GLyLb)BK
z_GJC}+1ZAtD!gRhOyp<+Kmqk?mtp{(DjAlWfik4+JckW4rroME3&sKzs}BK(h(SE`
z6SX)2mu)h#l+82;m>;Z9K(u<iB<tz2#x$sYMiUlnKr?3tCv(iiBeD3cLj9?gM8L(t
zKq269`gwl3z^`h00>`;PB%TLDi;kULMaUcd@<~AYy?8G&<e~6-!g(R4Vj<QQLNaNN
zS2EJlq0KWrU{0YH-xG?mfoWw1!5OG4IrM_k(VX%S20-aSrbBc9-?3QmF6@F;6}-v^
z)Dt-BV!&qFKB}}^N`w!Tq-7GboUBrVmS^SPR8}O7PgSFz{1X_hy|m5qm4sg#B4O3J
zCCDtz>N8*MN%FC(J##qQxHz|-tNm~rTO^%DzX{GCio&4)cpzf~^KJvlxg63_6f{&+
zqW|FwtAvs%iQEI^W$wlK#>F7u3s;ms-rnVy>Ph&$Hb$nTKff!nGL#n%#F;AR9dINS
zxcbuJApz7>4z?T4cla+9q5F{$GNj{~gWzh($P(K);hw)Y&&Uf3zF#k!xd;CG5|H-b
zSTLhdvVJ(GAS5Ox2bd+xTg@cl6oAH*0UAwE!@u;WMs99ZK)!kcUL1@qQJ52!f6Vs|
zhkkyp94nQC#W)A|(r~+-?G2?`vRRfegyNdRriZ%a7_x&1mZoxh1xnS$D(w8mL6(5Z
z30uTSfk2RkSOGvFbt~&DuVyH1{VOBOg{?3#+PEM?z@XOOVM_n`Q!XedD3V3r8+d%Q
z&2M1500ja2!Gi=uSu8420{I28%22_NaNx$rx4(XFZ);Nmwk!BNh6V;Ou+xEH$TsO8
z872&}U}jS@dkIHhr|gkSMc8G(olWD`meI;WSUU=sJmk)~zBfuWKFkA@%4%kbpWt+q
zbxj6{f3OxV`S7160RAa!7m%<K6v~WS;6W+ENqwxq5X>@4LLQt|sRr;hLy~DPh?nbY
zy`$H8)Z)4J2y%2SeE3)`3+-a;J7+wg8XpPaD;(A``OlVQ5i$*Qo>6yf4j_V8YR^|{
zX-^2eNqrhfqdHaA3P#|;wd>`B3MN#6l(8Ic>H@<_%ih)ihRR(+s*KZWHQ=Adoz6Z{
z?abx&Jg<Vwq``zo9?{wHUgi7{t$0BMF3tzp_3yi44NV|;UD`}oH5mKUaKf4VO?_bs
zArbxZWOXG7Diq>Vo;uppOT8)nR@HkdmJ=1qBp!zeH|{-hQqGTuM>+~C9Z*9<0|Vm$
z<0V$1bcla>luJFU#V|9X5wftzBS<4y8&}#`AOdAt>U~-b_p}tMs-0osxtQPs3{4&J
zxlf@w=iA|-mihVlcaJw=L7CFt(a&qlQ<Q15i0$et#b7nfh*gVCOiDs9lhu2J8p}g@
zaiRglTILTjsQ^@qK#z|PHu69OLDnCb9jZWS&Fm;Ee;QDGJdj5_W>v97)fvsDsNhVx
zwM`iY*tsDh$8np^EiKcTA!9<z><Zt*Q{`4gca`pd@_m?q9{&FRdml(n1pu7@2;?3Z
z##tkU#;W@}PCV+RRxu!1B3*7~e7?8T_Y&bILoq`tP$k6Y8W-Ecmn2jd-V9_ax3#nc
zQh;M1UwgJ@O?OfQt5~Qf2C!PMV(`4_%qwPphfm^aX@MdzhJ++2m|%%gU2&XwVsBWx
zM1vH-e{s|e@RI>p>D9_ZKyhrDn$qDvYLzv}e}w>Vf&2z&#3WVhgz1?XkTFuVDjiJ0
z9)~_lgyYU0i&vcOk0AhF)qQ@u#X!WF0fnxOFCk&h^;enZTolH^Vvi7*h(TN(H+inH
zG(lMZ5a4Y2gcai2WMpJ41KaMaNO@$Kq!w3Y!&vq?4t8Z$Kw1q~^;22mfS1<Qdtt~D
z0x&2<2a9AiRhXlH3bq0+nhAQ}o*x&S%GlG>6RHyjpjBi9fzzRqaud-9z~N~H%^Thp
z$?IAID3}Zk{%meVn6gU1DP0|AK?WUy{YeVoQ(uUXFmEyS@@(L^numKKkWqAecb#yX
zFK5`?tRsRY)U_A^mU7$9iiK`Xx$Q_J1R+c+sXx*j6H05ZfSCd`=}H(vZ14{E^P>gi
ze_<?BS59b;Y_uIr10x31=1i<;S}8!%fXx9fB^uy6>B!1gz7SivkBKUM+c}tmpYJIO
z3W1Nc=Qap(*E5zHG=&ZlTHD$X*8rTkY`}o2&`8;>kE?+paCUYMZVNva8^E;y8J^X8
zl81Mv<C*%;*Y9BKk({5OA5N^u0^^;flG6)AOk<?Btn4t81-L(mlLP{*p^*{z-%@}$
zQUTyb?lR$jVV9eKe*viIOR}V-Z%2R8(IK1X>l#trck?HTp##s-ROd6Mli}+8Ym?O)
zNH0}wdE+o?(`UE|9k&}t3=ANcMCB|M<@wx-M-rLQIVvoKR&Yt^>~7^VdK^hZU1Yx(
zwC>{hO$pJvQ2}T}KXpP>uSLeyywcZA!NI;br!x`;9~A6M(YE_5c`p!p2SC_B3hW}k
zK~Lzk&TK70hKh=XMK(eYgkX9Nu-y{1eviOqRfU@ZuWlgz#fMCy9q<qp?d*zRM(2Q4
z2k1$j?b3Yl&j_q-3i0!KpF1chawMnfkVAqAUU4ePp`@gwInQ1W70gZbe7#R#T9D9q
zY3ky<G<kcv5mIQd0PTnjN!S4T<Ar+llGzP^i<~tDvKQhSwpo>`u9MHc;Vc3RhyW=e
zjO|7Kl9-rLJTz?_M6ouQYoN=4vC)~MPruE7_zMF;>r}&mas+&CWxxyp7ye1cGK~d7
zTmwWG1&sT=nq!IJOa?p6u2o`*rxR}`G`O#y(3O@QCk}s7C>6}HXNvC+NdsJtN(}@a
zTF&ov8~Jp>Lh1lkHp_Wue!v9-a4NmMy~q-_l3OVQVh%vVGi(*2C;-eXgE-fS=T5?(
z3-}adK?u&A|1+~i4b~P;HwYy(8Y;?nv)}gb<jAxlnVlh1l5@?V&KsqY%^>wJ_9j!l
zi}>Yy?#I-C6$W<&&RXa>+F76rXRHCkipce_d3Sntwzt(hCpm~%RjY{#Q*c8=H~N6v
z?hY%r3m6pSSO!Gb2+p1KHwUUEQf2w;1KM7%Boo3apK?FYI%=<)mU|Zxf<**K8wf&S
zZu$aZ$#KAYaZi`V;RlC$L$0$X3JT-POVg*TtJ?+&SxG1J7js5I822jcXWK^$ajM!F
z5SAl7LqwE=EO5sQ{1+Lr{AWst6`yVWJ^<jga!p3yW2@4vMg!gjcti?tAOkC`1#Q(S
z6sCjOY6$(t{%;*Bj961-D+xMFndR#vE(KInRKya1Lk<AvL}Ff-#V`%49@x<Xe~2OD
zG`R$X>2}bkkx+s6U|ezK{1vzXsg|UqLn@EURJ4S0+FG(anqDUSQ%Nsg7s-bsN04;}
zPMpg};zJQp(dA!gBua?GXd$DeprHK|pjjE3Dyl&Z6&>l7C+n54hq?#Nq<i*E5th;Z
z4;Xyl^kjZ|$Ea0-5aEyie!$p;Qv{H$Ch#r>k()3icY{zBBA8aa{1&4^Q=pcGrp*lu
zn1<_);yhR#t4|bcNU6#;i=r0|vimAR4J~^T>m&%Y(rh=`ahql$Fw?=wl4!V)f1{$d
z%?Sn{Kt(BSC%Z`F!GP@|H$+1tj<gzBz^t~jEwtVE_wUE2#kyo}e{9drrU%DC2K3!Q
znDd#tIn>&qESc1Kp&|>whp^J)$_|b-)s}&%oU15r80d+uW6fbN_0E2P=cy3l+Ll;0
zeZg0?r2VptxY#6an=gtj!5-v{Gmqh>Rv(p5@`Wf`j^(Oxn2KTWSqwEceYn@@b|Fw~
zc`({g?5v_$Y^j~^k-NJ$XcpDg?IyX*SLc{t^qO>uq&@i1V(;rvKoIefzcuVN6iKW?
z`M4JxIvi-#GD&AC-5AR~uryv?h(R87Y=4{0@??M2nMAa=V6B@aZo)zTW2aA$*mD0^
z5zVGWD#lgQk?|={{mJ3-yp1cMwV3@U&YWl($A;BvsX<J=1pL*A66oe*=7*-Qha6HZ
zFSzB;dL=d2>Xxp2#|hA@C_ONxH`F@*QF7#7+U*lmWD(Xk6<HE0a*x##77#u}pL?AM
zUUjM^{IjP^!JyITp`g0$#KShJZ;dzE=jJdrNM4R;WMfh8xyLsGQkq;>v3axjd1Zo6
zza<|s2ZnWa+x)4@_jW}`5pYMu!#ZJb0kWcL9m-*~Cy;d)LjKz(J)DOH5;2&bW7b&I
z32th#vg5aE-{!DaH1m(V$EY1wSDj;Mvd{TGT{|=tD7`mO;_R<8RHN`_&(&FNyY_op
zs^ZjR@!OmyG4!8gzBk2hBcDh9pGXa)U4n4`ADx@ODA_vkAnydx4=|E~uAH6ODLU@(
z`uED@Q{=H<@aWYv57l*%-rhaf3J5=cr{K8rgBx|k#|=-a-GF!hhqJzL?f<^6z}?)+
zb?&|rKk`vsMso6oq8!hQbI`<sS=`A$t4xmC(D`Jm@w6kH;rz9iwQ-4Zg;j{DVqF3Q
zA9}K(t???W^{S^&_cUZ3dLSK_{tIybkNIntYqi#=YIVT;Ha{qSglwh(ny}asf+mhh
zr=$RKS`H5Zj_VPp*NW!bE%0ail{{=RN`9=y7zVxko>+OpnP|ICI89l*Y&>w}xfjc`
z{*dHlzwIkOt!;iYcFZ=igRlDT1Q;L+|3}qB%<cYKr|bzg;KM-|R=Y>^RObdlw}-Xv
zh&fWy`(Qo0hUmT27=Jg<N`r}dSSbd#)EJrIRkkWeV-nG~pFKBTD7fx;%A%^7g2-)n
zOFU0E^_5ujwku32@=N8J0d~kt#~?;<#}jY21v}SQ61kpHszxy}RqJnh5_fSHv+>?k
zchKFi24ggtu%czU;Z<gV*x3fF<=yeZNuT^8dPB5_orEV(#H1sXK?y`sY`xUc@t+E#
zq7KBRhXn-zA(#i+c^bpx+-o=E0462Ms-m^|!P&*ygu9)Fu{+u(1ao;|maX6D!P;>-
zOsebAeS@=BO%+?h(A8yj1aFVM!?tA~Uc_@<S-hv8M(ERk+I9nN7;mBO-<K;NYLY(|
zu}SOorclT|`K6*A-BN)0yddRO0i|RKy<|o2`OP`Im|Xhjy~P%u{1@l3S#EQ&v4c}Q
z2hQhtFNyY;X{)|FX7hXf`&-oZ*>5V3ht!Vl(KzGnE9XT?FD3-6zngh5#kaaer7ZGY
zzxHzAZqc>HmoB8=XhRy``zoEF_1_g17H%h&1VJW|Yk18;NttFNnhT;RKhrSp^>wR8
zHE`qxuTBm8(aoz@(fB-lI#qcTIXC8hHq_u(C|XEN<S^&?vj6cYk(cyQG|Sl$Nk)Xx
zXQ!Eywr7$PYjHF{-6YQcNJd81_O2n}w0#&B+z0o3l%*8M-S|jA=$}3XQZ_6|1p!60
zaiqI@Rv4mBjFsSJmnz*VC*`C0x+m-Aa!gV<1^RK*QrrjV_vhDqtb31-A8S3&;0$+s
zq{4Fd!Gjzu`UFVav;7GOXFv)z9zno@d<MdW<$Q*RK3rhv?`ImaX07H=<-d(Or^ELw
zT`zKa|ETYWHP<z-+aGS6XbfgXi2fL^!et(!>#{elNrKm@YR==@Di&401NkOjT=<2O
zkkHXu93`|V_CIZUVQNaFuC9)?P+eWUc@$!OPlIOMiUYK#>8j#lY{*HVrBYB)Hmm!W
zQ|z~6t+QFb)aiDkSHiYquDSi}yrY42^K*&1Qm7H1zqqBKDP`}s4}Nc@yJa6A=VnHv
zbK;-KzOb!Lt%~0ZcpRdVi3=@MK@XFI4&yR2H~#?VcSS>@qGls&;}XyX{hn282YmZ>
zZ?As#Z^Ia2K3}_4x~zS{&%@?ik4CjmFY248%3n0HzQr6pK*gDhQL9j`jfXapqljHh
zXSLngHTpY=ks0O#pMmqA&j25IxWtn18tG2xoOT{A$hV4I%3F)e%k{s1f1IvLN+LJ^
zT#C2MK;@?A$}9XyV{r=a>t7A)aXB_cmZM!8+~ek?A3jU0=jSmF{Tfos-jV((H!@22
zuYK&eh@$((ov@@`?h|4z%XimCk9vpsZnEQ}8}w|;-Y^icKTu*lc+kURF;#;wU2G-?
z28zja+TT`AsNE@p<7^VS0#Db7D~);8E!#xeridMr9Iw}e9R#-rSXU*uk!!n`6O*_u
zh+<>T$&7oT{G3SP9Ev%8n2dd>9-DuG#X7++r!7}QaK-Tj^d#zKPe!68_4tC5QE$RZ
zn+s<c-PFsE@XNqa<$Tmcmsgd@8BTG_b$_+>_?d=OC?&U>(U8lluLO;30emaJXQeb7
zmHgW=zy0ghsYv7;^1D*AA6qG>mZ-=wz!UQ7@zjN}mpsUF>qoUW^d4XfF)-4&-ElgK
z3&r&%XmRDg8iF-sB|=7~uKh|7P7Uf*eEaqpyM-Jd+LMQ$;|mKF8-@K>V7n^f#}D~v
z4p!Fq@^ZCC;hoYc-R5`FDvjk&p8D51mCGXUN@CKkcVbQ8^t4vIzW;ocmMW4z!w}=A
zO~ACK@8N5wxwo`b>YAfT7bv<^$yM>DLu+yP|EvA#UeNf&%uETJb=&d+;@)b_N4zdr
z5USW{D=56Lb`5V*-tgS1qp~OtrS8%xTW&U%tx%FG;v{}<`@q<WHXJ)klJ#)f)vr>?
z4Nd?I5X>FT=ETh-^5GjJooN4fo+c}}dn)SuLL6Jc^+KjvKv=j)Ph6IFuV2xh=)JG6
zNe0UgDP}zMO(!1T=4Z93Y)_wFd2wG(M<>sg+uqK>VS0P6-S4e<@aAR%MpAyhe52AG
zV+OYPQR;skZ|?sqi?-=h>!z?1BsdreU)b9VsO|S5(cY!)x=VmM<(`cHJStOJs`$<O
zj4P%yw7wj!UWZCeY|~;)*Irz8USkjK%MdzfTZk{WlX8A1igDx~=hHu&s}1&0J^!*t
z8075j*^G>h|LwVuw*Qdy2fU-9ny|ftL;aGSkrqPB9e12^r=@HQs8rFoAJF)Rm!K&-
zx~puyU(Q4gM;^JGjlD0_T_Py5t3PM9PB=1fX)%5;QzaW2lYY^@Hrw$jpL4vL-k*Ac
zF789>!6$mUYw<J8zhg*L7%;)ISzKDSbpb6cqATxE;JbIJBc*Y3llkH2YXk%Y{dZL#
zgZI=~arJhY`@Meh0G=!2!AcUL{FZxJZyHE`Q+i@$bX<tpm{EUxMfTZ|BUgb#^Bs@F
ztll7z9Lmqqp7++oCO#_aE@@mh?KQl-&~ENtT|yqu8;;+?=-U-Uv}ttcXR>h}HE>Me
z;M%o)-s@s*KHG3(bC{QF#`DMG56#TX{_Y&zzfBXD^bC5gb_%0%;$DtQmR|koEuRJ_
zkQ`VzIV0?22Fw~kXN9A_lqAA*)Wtt04ZhE+d3^k#t@Kgsp44<E|9i)rtdH`QyKU@$
z_ZghfJjXx8VSF*x8d6YxZ_HOlq?~diG<fbuGO8KJ)tVQNS(D489xZ*EB@r%2xcX;V
z89jnuVHoYK(DRn*=HBX^EOyiYzPk}&L*Mww$Y`zp^B4nrOg?rRedt~gqDXX`J2^b$
zJU%{_Q&sgr@(?j6xk|^rf_i=r6BAQy=trj!u*q+N0ZK9Wq|37WGo=Duwdw`>r)RbG
z*HPTxQG3|7`o!$v^oKCyyq~8GCqeTVzdGc^x>7+^h<b7Mi`^oZJu4(z;LDtts<lA<
z7zRyZ)ruq@$;Ww#C$q<v0zbCrt~Ry|d*1FXjQhxGLw+LombW+HobH;&ciM8W^^?CJ
z!U12@7?AArx>)_+!AT*G{Fc)rnKVq7YU1MJVp=NAvfNz8XddT>aHQG_cj3qv2>j`z
zcJfrh32nj$KAz{dW{W6sGR{=;CcQGe-&50+s8|2#1Wa=*=X$*q*-n<JwYu@(44RL6
zPt9PaLP7n*woDXr@?ia;LR|SR8WUF?0d;FpGwH3VYt$%zV%!LNKQjr5(QZs$MTuB>
zOyWkM=f3611T)3sV^J?E4lGQp)<Qx;5LI0h6%`GXFub^4o0@t94t-%9eVSQYOOjW;
zKN?*bhf=4P{~GooevYltQYa4P<p%tFmZ$y8RQB4f6rn_qmDtgzJk`dSqkctSjz`$|
z`A+;jcDwUWZlSQhLO;wqux|WjFX^hPLACvLN`UX&`p?&BG=-7&0VT^jdT{YU3wfG}
zQ#`F&f#d$6$1>ElMu*RFp3h#@`PlzQ{qQy1CH~J#kEF1tN8ZlfUf0P9Z>wzkUL*&c
z&;*h^FXXJqkxn2E3iuCKOUGjRT%tO?AxOiv{1JvxO^$gOj;Z=)yNQBo=7+VQTULN&
z)~_@N*7$@(&aTFazjtTuq~*=bd3egKjAcq6cKuS}9HgJxdEcAleqYApD&8^n{kX`t
z?zSsQ5o?F~H?hr?#5g!|Hg5kOs=eEKrf!9i?Sa;N!iSNtpId)}96YD@$Z9B$dhNpt
zNE0PEJ3CX;>2}R3DPiY)bnjJ;|IRY(Zv2AS^{;KYtvb`qE0K|rn}38bu%+Lrh;dM*
zZVn6`Z`K#vjDP9SV!TrKq;%-tW(nJ{iB|Npx~_5be^J)xGmTmLTsh$=JO%j=b)2VE
zSe3$X*fm*hx&)rbZM=9BgHlixd!S-_;&Xq@<^KEPgr6f=i#)vdE8^bStr=Kh+<f@+
z-$b2|>=kVLPj_F!C_uaPAg%|CQM}n-RfF`RYggVy$7$4h@IJbSHkhlWu^F|imyZW?
z@6A##rBikJ*~5D%>Nz+>L`1_7UI$mNS(6$)e0n~!mvvav=O3G2u4C%j*Fc!fIj-)1
zLa36ET*tBWN$(bq>k*E}-`zx4yQd2aZT1h(Gn0sA*FBn%3%q#9(qim!lT+v8Y;D+%
ze#Rb#p2NzE<TXpL!B=%&Uia@bIHh1_Nb-N+bfGywv!_bla7M4M<hy4QKKSbh7AT%e
z$AFeOt?x6awZAqF^kK(HyPKVZLm##k(lau^`SWl{g<jFD^&q->^=cU;v{l7%M0E~V
zyK;b6xE*Xv!`=J*qjj~-Ra`4+a^~-6QVFFezDYMQEPp0ie#IY1Iik5Sjwv6FcQgL&
z>qpIKO$%qIF8;(iqlNe<MC}_=d77<VszHnA576~hy?*>TjkO#J_<f8Plvzzk-PtW8
z+WDK=Zm3(3nDegbX86tpO1pYX?ZLI=Fka_YAz|SVj7yuR#LUj_4I9j_U%y6qCxCM2
zs5@`OLR3iTs!E>rUH``SVEGpJT;SU`@uoZ$DoTdZ?a#tj@?W9%m|*>SeSc<V29J>N
z!_bNdYvjqj*wS9J;^8tIayYc+dX(i6kqWQQkd^fGkGCH<=ZSs#NE#m*hZz@j>D8^<
zhni?<d8ghcH*5dOOvp+-U>=VxB9@4PB9^KUA)b8SkMeJnpFT5QW2gXDxRuD8UxZD=
zc2;?4H8J9J|NhJ?J8f$@>M9mHzlh6^PHwsp#CM@s=YCtE?s{^e4r8GBsHTsS5Zdg(
zhCo3gF?A_v4%3HtCRE|OkIx;#)g-(FeP8&BJeEF5xa$)5$Wf?l0HendzkYWd_liL>
z11kHP$nvj%7e#E0tIxpF-u{TpupmE1?W&t;eYa|-0_03QDj9J6AK(0`p5yfQ9onDq
z4)ckrb+L{69>Z@jdG-6=_!#Y+{4+%n^x%J3=Dx33m~-u7_pdj0^@;fBRX1$$h3<Hg
z%G)2kai7arU3>7;>SNW4&AJEpwuz01RTndS_Uzf>($X&&?f21duyFl2Dd#nNcnuYH
zk4&tsU%I+J|I$<+>slBhEj;6tyTJWz|L6|~al>DO*tT?@aJeg9RQ|+qtFQbqia8Pr
zgu`nwbgU9dDO{fimAO1@`n*y%+u0}+^5Zeeyi3a%|Fw*@2l2lPhLPeXtjl4oPLUvY
zGn`4Msjd!%>d6xpF0Ri8wjK+2u-{YrF-LX2;e0e)VNXYobFL7T6_sH6sL~0O-|^(%
zy-CI-qu?FSloiKqB|%eRRB4>6=gGx5B*TMVF8)hh{B|ifor9{zKb4)>;|Vt0f5I#9
zv}8ELs&>>k<7L~Hhi?uBYFK2W46;%@xwH}f7G`F*8N=_uvaxw`<||AV5gRK?YmYY9
zcm;;!umyWjNr~P}(^u!`H{B_>WgFj|F5mQUCijv&r}l0r+>~l$+2C8gCz*b``o>tM
z<eRb_;@Vp0yP4Z|_m3q)Vk5oW*6e+Sa07QM<Ncl9WoQUUsBriuJW8)2Y|TL<wH&>b
zP^2)yALr}4c<*vepe2JF!6P83hod~1;h~tY`oZ_BZ06@o=r^v?<J^H%7N5>2js~lR
zBY~s+6;gf=_l5vs>zf>cg_|Oncu_KXJYfyFrPo8`u(=-)s^D*-Nh>>TOt3BfRAr#%
zppm@0N5<CwA*2*zY4fICAL`AXTaQ)Z-%jq%349_lsUXSd#1JfcetT!({(}eDc$Xd)
z+1!>BxL1D<P9C7&c;Mg2{QSAU6VEqcvUdhgZ>fcmwm<D%+KuK||D1R;N9E4<)@xY<
zeoalH{R0CDxw$ea)<p#=sHgKrDB)G4nuK?d3HMv-VS*ZdP}vu;>HWJ-EL@+;qP?SK
z$U_AOA4-s;%yHiupdu<6miSqjaeHiqu1DRP;kWbr?nN@`RMq>U?(4t!eSiFwHqrYY
zXhi<!cN!^0q5#>AmO`)SYrWg!a32H$##ba%P?ZTuIo45@)gKQ`eSIITAS*1KOm^Aj
zl3w)fH?Li}dE>)Pp9bjeb1j-sF^WKml>7dT@cr12j6(dqO4g@euf19g-Z$#KFf@eI
zSZTorA{Fn|^Gv~JB28odi=ofSdEMIS#(4(b`)9X=jlTO*8Bok(2|g45(rjQtfyyoJ
zCH^F#KK_M$2J!xFOaeOTR~qtushPGWls5Ub4_j}wywgp7BKocckC_*><0EN@40((%
zX{>~RugGiPPmg^cK3+zN+1jUbNXdGvG5A<Z9wVUuC)l3hu_^8eAp~l3*hugE=Zlu}
zJQQN7|9oLT`afT|Y%vUXVPT~=m*yCzps#QG-^<YA@(<*HUCzkMD<!_yza?_{ZusYV
oGh!+J^L6_hVxj)ue84#_r2X!e@crF`@+A~;5gFlJ!PoEqFTnVLJOBUy

literal 0
HcmV?d00001

diff --git a/docs/images/total-user-registration-chart.png b/docs/images/total-user-registration-chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..43e4528d47c72c73e4d96f2d965efe80dbfb2290
GIT binary patch
literal 48856
zcmd4&Wn7eB)IN$2VxoYG2%>-rh;(-;NOyNA-QB4ONK1D&Gj!(=3ew#z-8poeJ>d8G
z{Qu86Z_cap+rIE-=Dzp6_S$Q&b**cy@s*MgL`TCzgFqnY!a|>9AduUE5D3ch{kz~3
zrlh<A@ZW7~USYZWV7T1Z`2qfZVZ*OvBWtc_WB=Jo7ou-wZmLUVt!<^NYi4a=ZnKRF
z=LR>?BX8of(*0~>Xm0je&d^jBB4A~x^V#t=E$eGpT?-ps(=WPKujy&&8D7)Uu`@ET
z)3d&o5?9r3&WAu=LxewllyivRm~ylk9J;vL9U<2FLofXLfesxp%B}kbXrK5fzy0vQ
ze!Q-rLV=x|S2k2WZUm3Kq#Q38S{upGtT1y)`75LL<o2h>x)J>4uZ?dJqZEgD{cLOc
zzOa9${rd5}KcvmX3^AO9%MKD-2~|h+q(4X<9k(x(9yQb62GWBOPtq`P=jO8E=rJD3
z^<~4IlqWZzsr`TW5kHPO4pNHJh29iCa%$?xDYGczF%#zBEiJi<1sWRpk06jMUAjlj
zJ9a?Y2J7-#7dU~6iuD`|qK5y<%`G%^qBInbD%KI6NR^oGUhm?6dZ)U+xoC}F+=*E<
zsN@vZ7~;3hBc*L##V<Rc&8ex-eebl5P=VrdnE~-DTd1dJre#AkX()XpXmtzDos+YC
zimJBn*K$Q7IDdKYjeuY;aAc3WR~>$;G)%~q=04qjcV>cFN<}4CJdQaB2HS`)5EK+#
zZ>K1b6BBDa=7d0Oh&LE-K^l4v;JY|Zr@5!Hc}}LT``BF+5(BPqytIXZ#z3l%yLzOP
z=a}NLF&V~s^)R0SF3o~xxu1FB^S2R}<r~<JDsUSwy$i#NJ-4IuOAGmI{V0E-UR^^}
zY@CT$M^UEjir|&92C~yxnh}cj66`t7;^N})h=?H=&Fj}6rmAga9UZHPfplU?E_=TH
z{r%yQkxPN}D3Bf1?*b6W@e9?x54y~oA9AF}c!eYAswug|J$s5KT5*0Ii7M*JzK+N*
z8cEMxccn4vJA>LD$&bWgR(7t$<Y-=S4}>wKqAx5hF+U8bwq4Kcpn<E^IU!^|eDKK4
z%`G*ZU|w8Y6t=o6_T<SE5n<t7ncv`bguFx$2s>TtTvzPb5--(^N_O$-YyKmNf$tny
z25Ucsaz0liCS1av%d^hZ7%T;sz5kM)=;m5Yk4kbjjU9_<(O0R;l3GN3^b;Y-_ML&t
z+G{R;)#hzPWhxCWeP8pz3th$~nRv)x`LAPanMFxGbxsr$yYPsMeePD=PvVJHOIt4$
z#xwM~B6>kD#77YVMj2TKa>QR4=hXRmSanTsdfonk=M0rR+~+c%RN#(q=tfQC+HZIF
zOaxm-@xAZlC;eis=BLlZH?Y$8yd>8m-8Xp38aSt{<~h;pmtWLbh3#8Mnycn2&e#Rn
z-fmqlHZ~h9$kZhtBNsl2wY?JS3VfATQ?t0zj5t|iH}sxPoL0>37};at?wypckypY`
zUs?DXOS>r{F3z$3Cq7N8W4Sg(nZjC52`7D_LvXF8O`mY7#sTMaLtG`-wu=JqipLSp
z);YFaF@GeoSngsDp=oTQR976;Jz%^)vcBGgM@A`dL7zX+lcibE_yi~4_-JcNT+@Di
zSe!^ONKR)VW?S6Bp;92|RnF<D6ZW%bjDc^E_G*0}ILj3nn&L{)OkE1q6oc(ikGV8_
zR>V~O{HtD<iwr+JDaVIF#`Y*FY0$o8X|-|0igBY}(8gXRouQ%aObPSy5;a1dTiBk5
zQ;KXD&$aF^YS(GU!~QGIoEll0;&N}^MQkCzA96NeuZ)-1dsZ4TMTX4#sZN`Fapg_b
zvqvs>1JIacdnA8^$mJ}$y9)HUk)g*i^4nu#$jcu(b;X8}oOvCRV^a@pU$RPiMM?A*
zxU)!=S6`@{AM$dYU5N}K7B!7GqMZ@jjdxVe&;4U@9O@F?48lVtr;@a1SXJT2`$mR;
zh^LNf<h*dqhbKp_QtnZB9u)Wt^t{sUP|5qPs9ul*ua@3z+m+!<S-Mz#QCH3*faSg;
zI~Ao=knnKXaCn|ZsHeMkko#jOdD&V)&kB4*q}ePs^^6)_ek>8;v^;+insumAb}&}c
zp_3PiCsO8OnP^sT>sS9WDcP-2=482G1*k2YbME=Y+%ztkdC5{emn7zMp{w%_#B!bN
zI`DyATeKn~A~HHU>1%6irLJdo37n2HL;?XniGR1YvUmyT>guxFtUQj=Mup72L7rwC
z5roRs;XRd^pP4>a2eRTDTO0V1iRA0e3{1v{ysj*+ey1cY6uG00N0JUEp`lok=$N7d
zQ*grUg+^Cw!i^0)7sI;p{0koi)Axf@Ie8D6Bv_3WvLA-Z(FpP<M%G<;FX3azFI}X?
zH}bZj)tyS$r;>8QaJF8&hZ1LG<r=pUoo*lT^mVUq56(6x8BRw<h$J%dNzM$6oFqc&
znJ9HKx135YYmF!Dw}!h<9mMO_p9hLZq<?J}d(^L8QXFodts&wsZAC~%t|X(yf{+Zd
z_x^}}63gOTh8AYt2fvz0mp$Uo$Vo!88G(7J9C+G@b6s4l*{3C5Uc~sfZbJ2p%_12O
z?Soh5pb0ZGosA*n@NMO;xTFj+%#02vhq9&oJh?q_hJ%BH67FDI?=7ba`5BEP9_ORi
zV<T?8R(YZ6Qh{|>A1~Hm9NEL>T_IeQ>ayDeX`LU0`T7TG#GLFFr5Ev|LVHRkveVPk
zl{qLVL`i;=<Z?)7X}1Omhk9e+=l1qW@$>Un1&|=m5ySO43c#}}{VW&=GmOC-xqw|Z
zIEdFW3zz6^4o5!CnK>y=iY7*fPQV-sxS{gSXmSp<0zr4%=6?Rgr{b*Y;t!0xI&q`o
zsiC0M(B5|b1h2mw3`&Gi>T-Nxq+^h`8ccE;SNVBYlYqvwb6`YQ#_G^*k?GgUQb^XV
zNZHgH`!Jh>TId9|_|R-JrR#CeSn*VJPG_kc$x)StB&XwrR|j=l|0!?I%+Ub$j1-Mv
za}MGzhFoo=k-lA>4LM`6z$fx*L#?{{OQVX7&xUwRj6xW#IUguqEAyS*F_g9o+QaL|
zhU-`C*#z}q4T$#_Jsi=K=}4MV%ex>Zqm}EE?xMljPKqR-SdL>_FW}N449ol+^^VMK
z!-k9Ju*p_lQL*L#8yiR1YKyY{&mSp+Z0o$gfB!yjy#;|>Lz7;zq3m|*v1&o)hs4Bf
z!*y}6cG(llgsW$Ab7&VM<}*@eGwZfTb+R_fyxA~x<<s>G^Y;ZqW#7rIPiYttGSGCR
zysIOMSk=(nqLKJ2Xm)O@3P!|Q^NXXkW^)Y8fT$^Id3lb7`;X-19@;Nf3dN_x&q-vg
zuS!JruTEha(1$W|NsQv>bI+y{EWe(`1QCYSeI$3W_HKc%o)&kx)$hPGbX$$n*APw{
zXY1;kTN-KP!sSLjul(fHDiqujhYfa1;-CnZ)Rs%$g4;BMlU~q+znz#mirJw)0fU39
z6$U0&y>|o>HTCo|o0^*Bl$CSxR4dkY=9<mAP$3W%0fXC+4_Slab5BAq90Fg-l+6Co
zuoT1aYJYBb**8YPJrH^N)#=z?mT}icXy7q9G)_|AUxFaJ(KB8X^Rf*$?{rh9j`@mR
z_mWmPbdZTs3@u=!3w}}5a(KM7^7=Qa&~PoSvV5`?3v=w~X~3W>oG|B1u3!&US>+(f
zF&43`uXD8@b~=>2|NUiSO7R^LPxGrXH#e_!mX2Wt8JR`4yLZVriG}=xN18D;v%<~Y
zdTtRV2u?LM=?u}0K}pJ%%q)$6!g5C*2-c;W4{9t=W?<vnWWqCg%yNhK(PZ|9DpoKR
zXWlXmzBiw6>Pp~}yt=p|*LB^@!m~|uZ*6MozTj0eQ5!IhV>UAych%9Ogg^}HAlCq~
z_BE|=^F5#TkTMM@dH0(6`@!Of6Pcc`?X?YMpMs1=IKI7Nb8I)>`CyvEvbOakq&<#D
zk}$D){GE}7CPFsnFoNG`$D>~VQaDi2>Pu+qHxgC290^ozePod(E+2NlD_FHwwy4Qq
zJF?B)+kICU4VZzAcmlVGr+lvK*vx%bymYKAxWudMj?|3WTD;#$>H{9cB(0=mRW;p2
zLQ(38<i`AoelX!K9?35Oq0X&;-YxeP>0ldOl=thUK~>n@hDhZv@|ebp--#ZYy9{sG
zDwE3voT3LXo{V)3IY|JA$1(rpVxf$3*|MoYiX<zzuK>;=H9XHYuIz9b+*_jGV|_T1
zkS(jA5DB23oPBD(yfzBt!}^`>csA?I3V(p0O*1scG%1Ix=j)huTNn{0r!)LtMZ_Kq
zCrU;cHMUsY@xIq#X#<bEaxP!mxIb8SG?f-7D=}rE9+j2RVYg<%SLk$C`I(z=_+L~^
z<CEpMGDFP>7z)#P$rcgU+0jrt#~bA^dM1*z)|fKrnepEDuYTOESGh)iR0}GGBcR(W
z5AZ@Ps#%2EE@15{wY*UBr%b!Kx0P#1p!&a^>aONgHaVYA#$^bQjBy-v^JosZ)9~a-
z&!0h6Kc!aVt3XeZ@)Z^G<lor-9^X50K3%_ero+;N$XhQMDBKEdw_CedJi~S!3an;k
z6Pj!J*mb3qp|GejNX02tCU|JLS}R#vN-Hx{wJ(6~Z#67;FeH=Lp05zKLVM>fLdvB=
z2@%W+<0qsXT6TQy<-@q5H0PG*WM58j){4O&)FyZJ6Nz!W?7T6C!u#69IjVV`ezz4F
z#w<}^s6?nY>*N*49Y$h1ZMt8kIAVJ;S{j7kB6>QMr&Tts9G}sit@K;f*j8(v_ri9I
z8K3J#{%01oEc1l*6%~Wjr^d|2bD={jw&@zf-gps&;{`o9wHeEi3lyj0t4=z+-*}%H
ztd+#&GP#E><wFM>Eaz<&SJkCaQr4_=%9dPfg_VP7`BfxxiJili>MK;nzVb04f>J~{
zdlHZS{1L)uv-(t4R@QY|!*4erKT|JKR8-X7(-Boy?MV3?A3qO-y!}g4U>SLQz^iy@
za%dV5lhsxTpa(~|&gfAo6@J=R+*FVr{V;X7?~M4cq%4`fmYBRUUsGnc$WApwmLZOp
zyYRikMprDOc-XwZsfWc_pFh0i{P>;j@Us;mt#A1+LST<8_=to*`-;G(VMjbuc?}c-
zhDvgUPYXJGXJ>g$FHF3^GGsa`aD-f2*F!WVdK(^tv$Yp7BlCCHQw1@GMx|Dw%K!Dk
zc6|q8I;vVgK^l*y9P1_UwfLP{=94yb_Cnn}?sJ2jrGn|a)Sq(VC%?I3?Z#I96Hp@@
zeC5aDhK*O-De(hqL`E?0%L{Ek3S5&d*bp~H%rz~lR5A++^4(hry0_K8@awhkGDhGa
ziAb}6t0-6dk--UR$3gdB#JEkNgs=8iZ`uqY%<O9xx8!L>xKf$m!<j1~YaCO#;iC8I
zJa5&MYt|3)_Pqqq<a$yR$r!2y#^OedcZ-KqYVET2UUAtV@&*t-HT^cHk|TrqEVAoW
zyhL|$mn-snwTz3374my)y(mf@20q_8#Lr3MVdPIsrFMy=d;ebO<fO|!5G1>Z)d|5+
zo7o1GsNVNnT<TNRWs4+I0NGJLZ>D`@jsx=b*(bJ4R=0f;Z3SiP>@Kyv-HIqbx<~ID
z2QF5}VJsd<mzMng-69;?;VNKgXec5oYFsf6(EKAL7V$`WKjg!px0c`m(ipYaP@*;Y
z=rUe&mqOKHVa)ZUqenK5GOt`T4GnXcO~=!Lcd@P~0M<iMP%A@6msdsg3Id7#2n+~v
zE@&9JR9_|6!Ls~*yHaO8CcSfeGBs(2QHm<w`&%%F&B{+de}CNyj^OnFoxt-WpGOXy
z<;u{fH<t<c|0nPd|3{D@|8Iq`*|odja3IqPN=n&Os^!_m#WKus;>gVhS+||C#{W<z
zK-tOG98L$>M#je2FJ9#Q`SZt4y(TwTgr@Ew^c99+$z{^ThCbLh;}I2?2OPj)!0;Hs
z^-f`#cHlcZ+BRS7`17at`vWW$t`QJyCUYCjDr#;EgqGTGYakPQ<gia*wdD2k@-hpY
zs<PHEX%Gr!Hk-^Q;Bv|q3?|52W^>$2x3adL%AIqOfH{btZe%S@pa0Sb&fk29v`{b_
z_{k_JtevBJPAFAM|KwS!SKIU@*iWyTbS4@Zb-qFL>PIq0UA~vElJ|ta1~3~r2tJpo
zMEv|YYqDU*$dsuz$DaQ<>XIN=E?Od5m6arIwS!u{I=-r5{5>6u8VR|a{buoj(b~G{
zvvoA0*2z;hzux=T(>Qz*6AQ=`k6SX~JPgmFV~cdC`}|@GMx%srQE6GlyWrH*%O>tT
z<Px&H%cUKN7VutPnfIAqyi}?PjZ=3}(0{Xt=SpW!luB@f!|?p&r3K3916-F-i7-W^
zs(vvn#r?;y6;yZr8PIJfD%_<*nWnyeKLk?m^KTLe^*?n$X21R0iIrdE6co0=H4Kf6
zP`rC5;CgznYbU((1ey7PVIy-7lVEVY08ZV^YK@A(R#Zz74twWVM1G9+Z*SNOQ&Zn=
zj+M0L6>->anLNi8?pM@w%}7puZM!)>bigSuFK?EIIfDeAV0^fzpr!_+sXuN?vvxaK
zj3P+D#K-z~PTgKpQ%gi?IOUY=o^)ikY!nhh#pb9lngd<YLedr=<k!KK88|0xscqE$
z6HY5DI0_JXMh7c>-QCznv3L`F5l$oYsme1S<_pbend4N?51e*H|GQnrGtgx$fPGQv
zuUrB3T8c=<%d<N5=PtMZy+1*zSR~ve+@a>taq<l)L`po<EOBFmwaNMU5~7imeU}$!
zy13plGBS*A=MMY=0!}rIAD;f3Lt}Thm2e&C%gktdvP#z0);5;iHWvqatNWi-HHas<
zo#qVZsV*0t9B$7P#4zYPnQ+g3vB>(5EG-<kwi^$BMzcxQKwP?}F$WWm96EC)0gBeA
zGqCNa5$mLZqFq#{zov)7@0a5J+sK`7yDbVNxurSyS!k|VmL)h8w_>&bO{&o=8&REQ
z8Dpdy@y4ImwrPR{rR$%?%<{jna;UjI8_$}Eq_M%kLDGw0*ofHGsFRS8pgnpdCnFO|
z`P{!k^p*?S%|eq0#tJ`sMp7#G4`N_qjvUn=aUs@*I{f8P>b-7^t@jN!4i2=ud^oSD
zBZ|g+I6pVHKP$;CcRjx*Uw;1;kDFTPXvS^$ryILi`58&0nZL1N65M6K()*?>hM`q^
z9|ixP3s2_r4-AwS68cdRQd9K%h~@nUpJ(&^=0n0H*^`s0WG}j60Ufy1f`WhlpLBdL
zIqYDki1p>0GiR=nFI`TOqC7LyLLEqN7prPB4$UKbvhwraaY*QXrX8qYREUP1@qsC~
zz%Tss#=f1hha{4?LTZ9teK2`FfYLnbE3@7z{)n0Ji_LPGvj;o>dC48Fe>#H@v{EMp
z1^?4PKJa>o#VF0((o(s`#zs6wgP-2$FPAopAug!@1XZs?46EkCU?xV(3k%tzQPd!|
z?thVo)cgLM!)UwyEI$_tRprVDLs`paygx&<Ot&Lap-Wy(ZE_8P5-oV6LW8nqAIv0%
zb4x{A+cMQR&pgVJunY`~iOq_c{K7(7!$UdQZJvB7SFNh{3?A_+JiQH;ij{+^u2_KV
zfcgxuZ_c#G#8WIR;LFKgkYu)olk-9;J>$lO*>fKR#$i+XR6UT9QBfv=*#EPj@gZCy
z(HAY;_+jD-L(nWv`%ZL^<^R4*5VtMP>7LL%rV`z*v{P<1h?1YBx;c-%ZO^c=+srB`
z7#ZarJa{loea|EK?X|)^Bo=^g?#oxNi5<T<MGRoNAM?>D+-^{Oa$Q>Za4#$_Zhg42
zwzgL9YY4HfzP|Cv-lB-Oxap7@sbr!J^ezPd-i>~3USs(1Sub_&uEZM;!}?;Gj5*m!
zJ^tGu_U!P1;KZIOgS88JH0hWo_0yV;e4(LeHO4gM5>XttyxZs4?ls6rn2bvIXn8*u
zrT|4c@(q^_GFk0lGBKJvVltk$ViE3e%d#)FooXlp8ceF>9vJ_eHoGs#OAlIlN`LnY
zwqldV86l_^V=)7?(1L4x{zVxN31aCC5k`?Z^}8Mzuag%m;{EwfI+8}F!bsP4<-0V=
zG_UNrTt>QLSx@xDFACts+9#`u8{>$>M^jw7sqdya<>99@*yKj62$@DSuB(omYRA1#
zQ|I$9oYswN;t1~{_a6dDoK-Lgzv_O(RZlPG>Fhf1)sF47>SZe8YLWk(DjF(yW<FqD
z0Q;#Ps=d#1Fi6@Ld%5?P%4uCVkn*@DQB{dJM`*il#~xb)A=sr_C{*Hxm)Db+m}eT~
ze`#{_0*f%!ln|;5jSJhQO_7V1jI$srXj$Ho&V|Jf@lbJ3vjkZBCbX<bVZ6-9(`4Rk
zV2F#@i`Z~4kS`o=m)0I^Ht6liXER_gs~hnw!Z9x2Uo8!rgZi}OUm;1{Y|8N25R1G_
zm8g4P$lI}}e|0&gKKm=mScLfbZ5HEjJd1K$qNiOaY4aoRl$B1Adxn*j{&S$<7a3W1
zO5UAC8K-cLMdVx_lI<NG1Hi82R8^r{Q#Hu4N_dx^vEyrq!&gC?Cc8m)VkiPe0EH>|
z<i4^~mSiP-;J8Erg&`2dBSIL)m9VZBr9}%1Zgk{iSAW1{8)GGLh)v+?k7nHAQRKHg
z9_||$=%5#gEb9AkVX(bY;P)AQHY}g@Em?N=XPQV*^6N2P5-7OP(|%Q~(vwiGC@1Go
ztb<e|ZC-7y8ifMP!q`MtH$xPOm^GYMN$%Xc7nj&d+s$ckaj-2oHI@5^Yxyjp6UWG)
zhuvk)Ue<`U8E0+B3vaTo?(F1h*nyGJPt-5$V%;Ue_(v*n4!!1yttB3wb{JJ-X6pG{
zVc}3>LAQFpzdq#D(tgm<oO6`~_Ed%Rb0TJvDTl4z6<)&YI4~{)yhzY1w!eLB9qsLt
zc=|<3wR>kFH0Kfm=z}}r^-?}GgR_Q-Q-+Ki?7HWh;&nBq0bBTQO`Y|9_k1p-_;`ue
zvmcFVI!GGly9+5!SRG9J)P%Dyq44ty6FI|kf|r)x&)>@_E^v|+HDWkec`d1M{o2HV
z5`9VWXxhfHXs)5bXwyjU@yu!J3l`isY^e6q^F;27)ea9xMWXS-5oO)Hid)z{Tq^jT
zm7U4^fqRHynyrD23yhqP{pFT;NBYqG%L|{=`D`en!Mqr8{7{yuh}W;$rI^5V!D#vS
zC|~A!Ut7;=)tULQEJmD6D|fOWDJxBN;`uCUyYs1~xMPjl@aUr{?s*OLVvX!;=?vVn
zg1wdV6f)A&<JTzZn3!9#`{z6iBFIy7w&{r^0a96d$XfRfQi{sLn?^jf+x~XSGEvcV
zbpWve&q`XyMz2N$$J(y5Y53KtVAfic5g54AA$Pv_&8Qso>?Mw263Iu~;@mjtJYsx=
zoifBigMjNMELRp@3Vf{)g+OFkZ$AW2BoDB<omT>D295(_bN?p%%pQRn*}=5)HW>|#
zWazV}Pg8g2Ta8zGQ;=0o7o2OC=z)=vo7=wGI#8fmkxxb&nm#_RLZwnF6cQ4W=Y%%a
zm)6bk1B7~2TgV4N-s||0%=f3ed-&U(hn&naZDFK{)Aa&p6K=>3%Z(dne-_u386AzQ
zPh_8#L+7=YkA-Hn3jef-*54LMD%55$3{FT^jx9<u5z)1C?@c+_p3w{=m9%3faBd%r
zj)?3ys9N09bLEoHNn)gCs#qyiRF(abrSo5)ecD@f<M(%*M{qTvA5q4Qt3Dyn<Z7i;
zi~|Y)fb%Gi+<$4V*qd^5+sd;RTxC3M9mkqS$@{MhS9dyj-XWC?M#9~jumFMl?~=5K
zoir%9rU?c+)jWcD2&;WZp73Px#igaSv|w%-ets`vvbS$}f!GR0M!8WG`-GfZ1Rqpy
zKwWR@-kudckK1Hkkv|TN8Cn4G>hbQpO07fDJITb!Tt^Vor&I`6!X2z$aC%(F^$-5Y
z`~|T-;%rh6p8W@RAe=YI!NX8mTH5c&4+~~1mRP*70s^D(-x)moBumf5fj$F*f|yw_
zAQsX$;3YaTBqXJ?L(i7@zg~b&G5z_XEU~~C^R_`|(QQ3f0DGs*VE;7x7Sh0X^JHmG
zTmU*+2wzoXB0Vw5OF^dLQ6x5jQ2kp~CMCU1U6EI-8On!yH&DXnRz^k!5)XosU!6MI
z>=jti`3-!YZ7nyS$tMww%myeqH2mk!WL5LJh>mm=2-QtccTuynECM;=6kd(P?iY~H
zrRJzhNhS09KQ|oAmd=Y^1}Zbln|Yz+)LJ&762F7mn|LE8;n8YVlF`-W1wq_)!&g*x
zi&>A>B~-{U=`~nM_Wbex3k{Rxk}*0ExUur25y@88{+T+A#sZ%{MZdfUS=sqFojz_i
zpYVKZu;NU;YeGUWm#)zU{8mfNZNZopjX=8MPAcwA`2pKokn@Mv#xmP#W~>J7p^Abw
zJk6jslH*BhaM8LASsA>Uj%QeWsCrDP2fZEQp>Sj2kmKO^8Hbu%4d%BUYOd`L)TjyU
zuCdEXA#hvcy7&@DC@TTiGk7q|0Foa4C380L{z#O_YLR^R5$-H<Cunc5v;mRza<@Fl
zy=9#z%1x{1gE$7^?(Q@ScOV{Y*N3p-PVIg-M{Z7zA)>Onx?1mRpW(yjlu}}1V$daI
z&jYbCWu(Fg3dE!4=9Ldw0ha=N1t)V7Xor|GI~sNI=$XyY^_aOqykgPxx_-R8yy;`I
z;&pJfITfuoi&eN<l?cmWoT|;~q+ZwPsFL+O1hNCU-h|m(kD5;=VZVNT^78Q!74Xfm
zBqNvpntBjHQkGMYMb1=j8P_ClY_=O7J{<WF;?a784o!7Ji-Z;N#&Qe4lPMuY=w7g*
zKxS_eb`R!fP;Eb^AaI63(IW8r%y_8Ys4h)i0R`f6lQf=>`(lv}mKiIWN1>EbC92&`
zM!%lBfhJF_N@jheK+)7R@0+J5lgqJ%y7Ok)G&OiV2GPH6l|(y`_qtx5Ea&Fga%aGR
z;Zi8(%h}nLM^T_clIOLqvnLm1AWU>UR1WSwS&B1vvH=}C=P&*xT_BH65CB`eW0;bX
z;<OMV7$4YrHyST2iy#)Cb~xjTTHDL%<?p5EZeI$<o`Uv>n^bg%qm4cHWkA=s!D_)g
zntY{^O-6_|H|-k4VUi1yoOkWU8feg24h<`ddM0#}8D=eyAm`8i`K}$&f`#)Ee8srQ
zAmcL3e_8mf<!xqs!s|OY&3Y2K#><SOkc132cE((@4+S}S`-Cpoe}(I#?I8#-^E%Jf
ziDXH=>)GLI6#P5``246`knQB%P-!^7fB#k~*6~%<2GL*bl$@OWpaOm&{^re_%w<CZ
zgP+9TfKRRce!Vf&ppYC65P2V)zyHND5OsEae4G2t*3&)xYwKh!0M;^P(Tv{RvXPV7
zVp4L@$BeLBh4+nS8_36~I-E{s(x9TEb_IT1{x!dal6;ez&eno`iwF(<Yl2IX+42i7
zg8ab`xv$-7F0Ni7X*SyM6EDevRZpZzm{O%pDS*l-_RaFiKam~`v}CZS;|?jq*7W3{
zKI9-sfJzU^wXRBiHOO_Lk31xN&%V#n+^SXocS2n-ulMv^OkO?$a7ng%3&Mz%K0aSx
z-)ZUxAP4+#y%x6x;DVgy16c+~M@I))zWll$_>!d?q`eT2pdUzWG_*c@_RIjd7C==M
zX$vB$s^NTf3jg1!)aspAEA|_sbQQw@mS1}Q&)qBjH1#{z3Ciw@3z*^R+5nETzkk1t
z*q)ggJ3iNy)h<_dT90m0J1w9;%!RJ0CeDtZ#W4{P5sBwbXxu1);9QTl+q_mCW%e6s
z6iVW?$DY-G)cit`n3&k$e<+fdDR@+cI*jWtbzb!&TAo|`Cuv}U<vHCfPba!alX=Jp
z{?|t4tKSfvF76oe$o$XhGvU(7m*hKkFF<hg{O9e|N)Ky9h5mBCNp}6e`8x+8aQ?VY
z7O+4d6$u5D$w9)liy*L~X{tw;zCcXKI4*M6JbWmX3P04?Z<`sJ&(y1fq)j$cY!~Fg
z5XjcGOJeOv<@YZ&9C#PpRpESO))mh-puO)HmSL|}lc!rcAp#g|7tWV>L;1Y{6N&vT
z-VEx)oq~wDPP*due06i4jO8VB*$^U;oDqqUG&pWr<p<$A6bI)6C1vatYJM+LCkUP7
z?A7%44GfXiFk4Xh9q)tcj){RzMaL6I&%}hYpWe5b-P?*z2%Xl#45rTZ-m05+j5r7L
zz?Pq5^q0&;OgqnQlh>{Zcb(11jg9aW_#`FfeY`sI@K)kd!3XOz#Cj(tB_QBkvO5Zq
z)xM<Bg6$2ZDQkuXt+fVr{Kw@0AehN{c2H_mv(fmOeS{!I9m@QNd5c+nicdx;^xX{W
zrxRnA-18LyQ&!ebEUql_3c}Jc6|2>Mm{f|I(;`5IQ(CnfsEVDXExyT$KXBZVrvXEn
zq$>e;q5_HY6m{3-rrhGfxb7yCj6J6f+)T*wJ$y8!@_=D^HZO{pB9~T@-%CbXEIu@r
zfc$AzI;&6l^Kj8sX#y%>A<0xExnexVYHw@4kq9#nIaa*|nmTf1W<(Q~X^BukPjsnC
z6brGdqvK;pjLvhrsud2x3LSD9c4UCc51%@X858?3sp)GJwHuYS&soG<`}+Bz1xEt+
zZc&a!Dj^hVWMmZUwzV?d&NhkePkmr5VQg#>Rd5bld}teA;ce$KSSRUDnB7R>l7eBB
zd>7!ry+C%Cl)Lse+isUh^kDBZCX??Ga1OjW@SKP!+7UOUJWi>$AIf>XBFDLq9ZK|G
zs9dUTExSMF$DcPo&2ONHNu1A`E6rdLgF{1Pw6szmKYla|+#WB35|c49mQJ~E?RX_w
zgEzFXtR>$yqE+Q{*5IA0t2v@cIYjVa8m+i63DrwqXF&w$fv*<X+Sv%QK9XhKO1j(D
zrxh_|B<u1`od1MBG&Fv@t4C4#T<SN8h$S{hgeFv0aL_N@{a0rCOGhU>5arFcr|VS8
zO=18}BoRiv`>3~zWd=4ot3{&-vW{LlN4u=PdV9oiM}J+<xq$Z5SL2Awn(^lxY6IFC
zmC`SY;X8@LYF9t=%NJMbFzv}~J5l}oLIn=pWC^=^q+2j$bTtu~k%M|GeIE((fWD8b
zydL7Tn^mxs0Tc)A;XV@s`ak$0pQsHG_g)-l1K?-?Q7bsx*ZU{-#Dk#AQH17VPmgQ4
zkUV!Amy33ud3ieZ%>ZI$VfkS4f@Ph|M?6QHus01W9!Fi$Z3ktM>!LEVR-M||#M>;%
zvf!>VP31EXA(1qUw3%6c>(WH2VHhX{Efk#q<+Ee;Y%zw4^KH4vlx%Sx8GD*tr0GpL
z1x0-+7)GU0%e%*^3S<Uj<(Jt^`OE}~jR64$lGCT22JRpn86P;A8wR7JZoSJ9o9j9i
zz^!5G9@R7JBRwon<%QIzUQnkTUfvn}AjqdRuzT%U;TG2OPI-mtIoE)$H>2hA{?{k$
zL3S=6`a*81MmrCE$%ldiuqPM5%WvACz$=em1bH`N{qK;`z&}x8o&*@(tm0yNukYVi
z_Bv=r{)7<KsYkXV!E6V6JPZ|b)j&;n{16#|ETn;{Gn!9xGBGj=g(5SyG5sVmPEIvG
z??<~<wvh3slGNb-Yr>pZxQBB;0Nf99uk(|ACihF1;4Tn7JPvQdv^5ejKoYJ=S%akz
zK>}$5gX{y~Vzy~yD>cxf7y8}nisThvICuV|iy;k;mPwCiuVLeC>L;kkd|;l6VU-x^
zGh*TD$v;elxF{A6j~)QOjED5gl?F4+hbt2;1o(>C)wvq#^4puCKoJ%pNF3?W`st4~
z$XQ#EL0fxP33t~08eX#BqD}#ZyBUCta6E;;U5{<r0bsb^FG_>3V}p3uwNMj6OuvG!
zJuqNJMbcNNBXBt>soue;=;&<ct*TZKPcQQ>sFNdsABN0|BSVuzO!HhX=m?#}Q&mzL
zr38s9U^|f*Ciw4P6?+^hSFR{URIpc%kSeb2oU`~BRh<tv`VzS~_XvR4TgZsjAgGk5
z;CePOW5>+xJ~kNL?57Y!GMxbjk?nRwoa!+$u6lm^))@$9^U(aCCjtq$#>bQ_3v%dM
zu~Xs7W>TP605K+)g-oGj6RH3hc>u9^7$t?eqlgsOM(auLkR%?Dd?X3K-5m<GG7$!=
zu6qJFTB}pl93j-+eP$F@zO7TJ5Dy6?Z1BLyui2<>IUb+Tg=~WGJr_5+hzc<!{a<a>
z79p=Ne1OH&f}|g;Rr-}AXwrLIdv$p>UZm|qOh!!n38b*YpxdWT4I8;nyT}c(7yxK6
z?iP`7ZeHF{D2XVeRs+O#eYnd%0_DTmEcYA8jyVw7Lt+yNZ7vWaT<psLk*xHcuyZA<
zEioYXz@yvi{~z%RtxeTbY*nvQgH#g*V7j7%p<AK?pf}d2*Boz|;uD7TL!P3e_^HTg
z%cT})53pPiosx;JJ3+;p11@r9e%L96%9BD<ZPgTC)&SK&ES^+K-iP!KBSo&f4^sVg
zym@0lxl1HpY+?PSeghW#>l$n$7uI-Plu5>BeSR0RLWz6?e;8m{WQ`ly&uD3BS^d|K
zqE<cBeNOraJdl7i=VZRqHE6*BsL-&icL44#uVQ*F!w-B5xk6GMJF&o|C`d^`B}=u!
z%yxAG=(MT1S+`6@yhm1A`i*e05~bPD*Y2;P*`PH>A6dEBi3L5c|152NIIm`f4PY@&
zDPJ~$n!MY`_qMQZL6R?!8A&ZQ9i4PePEL2rGEE#_n69vNl?n9)QJ^}SoOTD6nzMU}
z9<q%#56SJ=JV#nk0brcD<3y>ekXveJmtQ$DI4UZa$wD;(u$$pVzio@%KkNo+U_<&f
z_H;LauLO+TGKm>k668``f!ZQ+F%=zquM*XUzn^^v6W1a!XYXhJTmeIY{E7|;J33Op
z(w4J%4U>v8x20w#8y)1UE8=getzf+(LPAnfQa?fE2RuLf5osq16IIq(+~+%dNJWS0
zl&RQuP*toT&$gAW$JLi8Oh_`*xUo+l&sKip3-Ca%a708z4j`TKia_bhP*#gr7~s2(
zNGe$i3k&E{PImTBWPX}if9N#H6<iIxo2ggB-OF!4R`zJn18F#vD-ZGy86d{#(RRTT
zB7st;L}0&$`%7H}P$+0ZM-u#_E<5#yH6AK|pBh0tvL25@t^qK9C&zYe+P81tGVL@p
z5{av@UkS_D*pz}@O$eL}%xqc6@p+^ii@1|5Elkc-VIU$<q9-R8US$bDlfLB~?X^Q|
zc=((~0~Q(@st^n<C@_DHn^5kAFajA=g;9Pn{qp=O{9@Cbf{SZv>||6nv&Bv4MSfl+
zch_lu;6<!~i>}$OVL@#E00r>W^<R<OaAP@nAY+2Iw~GLF7wUd>*|jxK2Q4g=^1;C0
zQxXSd!}hK&#Hb5ZRoiGXC?dT1Efg9mpBmDVZ>LHKfiSlI=Rj5FrtD{ix)V6!#{2sE
zVnJAqnODza{M>XKu`xCPNYt|5M}QNVE>=rxF@J@=o^>mb*6v>pzp`RrJzqZuPFY0@
zk{w^c1?R|y{p94t$i&11Q3={6L49R`^KY5Ui4{6Nd#SuNvJ4;kjF7NEqt1zq1KqlH
zs6Guu7J3*NtDmfwnZYFN{a6=OVrYM^${fBLuj^gGX2>zS-3jE{E3zk4Ogo8!#Sz4r
zpB-+F*SprVE*T4Z7fJF3ppwgeug?C+CAV5s<@(q1Xp;0c5b5|faOe0fplWt7q^OB3
z76B6O#fumE)E0JppeT9k)-5p}I+%h2HZ)Gu{kxG$QAgH^Y;(2Urjgksi;}I(F1fui
zCCIkEw?a`rOaS-O`{os^#RpKvH8dI-9yXe5@&ZM=0g@=S{@kiZ%~d^%K^$9B78Zr8
zq~5~)6ew6Wav@!(fC0)P#%E$_ypxExgjEBQG;kQ60ns)yL0<$-?anvB<@05piT!CD
zLzQ_nS6yLwFB7!B2k49#ahL(UpDmJpV%a}HF?awTZGeNrN=w4Qq3V3JC9kfYkeZf;
zq$j+*y`5@cb~u^riFkJ*I}dI%Lp;g>2uS7!_YF;$!>3>%HFB*!ns%Owr2%Td<U06y
zlTI8eJw*_92t{4i1Yob3J_A9_w{CgEtU&woQ=tC_!ku(VV0EC!#^$MD(5t>;-3|~%
zRaDmc6+v?c(t5i&zKXGf9tz^NFGZ!*-lBocr{#wRo*8hwXRo0WYvkI&Ck^*kv{->)
z5QsU5iR>Pp_b}IH8$FE-45ZZ5;;G^1dkQ_$psF%CsTMpeFDJLqccMZ+J(>%O(()8a
zpL2~z$~e#o9VT7RrbriRfHGKlfLTC#-GI#zR_Jy-2mNBn%9;Qmn$_+KR4mmjgo+{y
z;QHF2XsOMtd}^2#s&;Bl&zxN|CfFsJG;yFCMXi51(A-y8a{NIH1ZxN+3utz87WBA}
z!)NN!-l>+GSguagI+g$?E7psK3b5i)!~meZCn5PgW*8og_YyFVuV0H`7c(I;Ub5jC
zy`rtFmne8(19^pxoDWDQ3z{Qzi<F){c``SA%;$r#icHlF#6c~wYK2Xuq@y)ed`<Ob
zMt-2W+!HxyYo2^)XYkRgI`_s73SjDix;`v}$fDNJ=y?wT!Vc0|g+9Z<$pSn&#hW*c
zc_&VYwG0rq*k2~WO^iC3Ma}VLqeZWTw4-hfjqcqZnVx~Yz{b`!nlh&+Ui=<j!}J`)
zbcb4Yz-EA$-EfCey}A^T`0+SAG@A8lJg0rZld%QhXH9rqPNgM9O_TF$&e<~CDgq#6
zeBKzo4jG9WnA|-$)E<XkcsKibe3zH#xb9?s*%*+EHymp$oAnZZkM^ZOG#}SG3wc$3
z+%0r}zq}zQ&PrarVDFQIB3j?H&k&V`ha4s#Lqg(FV5v!q7ObUaQ|uAp;qO878M1P#
z8>J2?<=Rx@Y!#A^L(|mF=4CTmc)qQ*Nd2z7zaKbTGVQcZ1=s=RvI_GVYM<tm&&}Rd
zOf%vvQ|T#uKI|`p(P<Su7x6Yr7~$|0)s~M_CNNO5#&QNFf-~(X%=)ispIKi<5rFw@
z%)Sd$CWCSYaH$<%iYl2d=Yx3^0BZ_u1-&in0FhH)Aft|gf&z4jz3y@>sd1yPu+ZBR
z&z|ywux$uEG5({R-ms~C+y1|#g3T_F8kg?Zg-FLZD|$cBLPFE+BtxM<BQG`<@6PSp
z$UZudH<=(fL0i)DBlk&pRn-ZTBWYDAhK+&S!B%<9<UPBS$D^!Ih8u8-IzUu|OamR^
zfQAZ{Y8yk@8i0G_m`!EC;prb3n2NRTPZ##{^|fTylQiAEC@VHf)J+$4*TgnVFB+Ik
z9av^IX3oP*;?+Xc{B&*XkMT~*NRwP-5C{bDrofG<R9d8{YR}Kl+qRKJ358OUp}Z4_
zAB@&^#8Zx$9F)ag>D_iBP)Hf-bZ8S2X1nrFFp9zqW)^I1lFbFOL1sP}ETmx&a>Lfv
zi~v>#)|s-1;%2~Kfja&~0k(1~HKd9c{?bJZJyO6t>iV~SAF{wBo|hNf?(4u2h;M%M
zyu0c=bCx)<-xW>A2eRqn&ia<YvznwweKf&3)d%j6OGG)E{KUIHi)lJu;;0sNEU)Ca
za|Wt&@9@_bHn-pyA?28T=|aRvu9UJ22$Z3!MVZdWQ<uGI)${am70^Aug8I{3WdI;*
z>^A$?hM+@G#R7${#jU<lKkBm6*LqR;?9-ysq<nH%QU#{vZwJ0g3x3e@EU|P)M^0V2
z_q8|sze;xc(uH~M#(L67vt-Y3@|E)kKG<}AmnXqXtu@od$du4UnW#&U8*ltIHu#N^
zgr9Y3C_@o!da~=K&TX;hRru>hS}>=ZfsIWX^Q%{>afw0^@-lKurqyO!%_>FnDCm~k
zAJy?y6ce27r2=wwWb>+oW$0s($px`6$@awv|IjeGq!lHU<P|CsT|tiNw|xYDJCghP
z%F6s%4Pqtv%~o2LtR@n?r>9GxyNa*B=4u(lKBYQZ+w-J1d4_aDN`Cf%tTpa{hN-Dz
z0>;<tMM7|vE_$;wH9)btJN{G2KelCmbG{|exS*Xgmw0AlEI*CCe<0tLtS$EeMr2;5
zfaf9MpeHtV<_O-=a1~szqI{k%`G{s`c~HYvt<W0<vqBUd=k%zIVaOtdJv-%MJ^AiT
z&K$3;6yMp%NA!BxX0Nqm@52I5JeMr*heIFHH#P4u9ZR6&<Tm3N?bw1N$FXe;8chT2
zV84e(Xbjgnn7K|WRz*UI*-DorWe@s(RyiHEbUVIaMk)c~QE>-UO-P6-@>7LQ#77X%
z$gX~f3)kHbxc(MW`}-_KdT<DD%sGxbHi^h5eNW!pNZ8an|K-AF)6FgHG~0xdVd;OF
zoK{!i#=kGEl(iXb&YFYQ$}fi_TagDES=u`Wr}5_gq`w#Q*SsHKDQ@a1;B$-XmQ>^o
zINt@1uQsM!UE~%MuC5ffB%aa}>)g_*eECrz1oE`>Hswd-pJ=)di+OWiWAeNC!T9U_
zOuC9|glcf91mLm7Lh8TVo=|#m%T?o&zmxNo{}LfZ^8T*ZoY`v~@Ne$>8#vEXv#>VT
zcQFeWE}RYqOVvvY)=Lb_@tykl*6MHnjiGD<;{T(rzn9xV-s1a&*#`IMd$NV-cIeOD
zH(ct%SuUcc3M}KFSK1w?+`u8UUoK|n@)UP8>lAwF%M;W5%_p>wdA|VXfz3%lw_e}9
z=X#XxF=V@4HKrrwkNOpL!`%CS^|Qphkfhf7;*PrW^GX44b$elsK96-Po_|f7Y&7=l
z{Pok>PRW7j3m1aJR)wMiYSDc&XU%u3H1!|5-7p1Up5bFToizgjTl-<k#a*6`y35=H
z%C?J43ZJOyj?Dg6P%sy2yDwU5+lXsTZrtg_8xwQ4byC-%k<>?&yG&|4ET5BA-ud<H
zY3xz>>$fAlLPSs8$D)28cFV@}QTf2Qx@t`&scE>&VpHoeC>32t4}M;V;IZxQE0q~C
znA0SE+x^IHz7ShqPTWry<EXR97QHJwnz(5)ZAv&MG`@H1X`)8+QrEh2{K6MRN1O%9
z(lVULRP<GeTTM*YdL;enACdm64WsE9nx{LQ3nsRqHtuL!rW2Md%b9g|VCtuL6T>rL
zGqo}D!5n{_Njx{c2%RoYm`oQ(<f)by+ji(FoOga~!cUW@eVXITk`y62B13OSW<2c{
zS23f})4?$R$BjF%vuWuBJD(>jMEd84wU=>YwQeuwdtf9N!FRe!ET8NO^AkPcX`6}l
zw;g0{nfgp>Z#=zdP7QC@T55)p?F{c&8=|~Sis>p{Wr(Sx^%O6l(b?Ot8e$>%qWw2i
zxAUc8b7f{5w;jqu0-+|nTLR~}0!RB62hn~4Zx!j`e~1faa9aXj2JU_yUYzfX;~Nh@
zF(HSo>SH>>HUD%Pf?ZvCs{jvcoV=$Hx?QI?{~6;Q7hUiRPbv?u?+c$`TWOWGKd<^Q
zD7CYGPNM%PW!TN~W##EMoyPqA_G@=t0<76L;A9my)UUXW&911CZ)pHaskjTatAEt`
zq7&|p$3Pg{5n92#_ZM|v*?wU>P!*Ta6vcYWQVRuE5%i9(zw2w*hz&=vZ$SKQy{UDB
zoVsTZOfv3SB$P6kq}Q#POQTL~!e<v3a{_Yk3>L;C8_(}$((PZi!;NVOI`VnC^~Vbo
zOZH;CI^9j)F%UY3Y#6nY<D$L`VRyg#fbK(j!h-5XCFZ*S^N`5Q)Q}%M(ZD{&aT(hE
zbQf@6Y3hY4svHfdxp!-A#t4JfHgxEv?c<t~{gliJg}0lmP8zDzw+d%*Bh(x%?{GRZ
zhdMSi{`eF)k6qQt*FAje?o`YV5^k?Pb*n#1GH(0-^#Y8m24`)mi?%pF*UMAt$yHo>
ze5A}Qk*!dfq576A?Nt<k{o>-B<)fx2e;XY;f9X}IuNfUwW32a~R_0T2`r2r11s7YA
z2EJ*upnW&Sr(nm$O&nWQTf~XeiUn2LKkewGtq8Nd6<}PD@`gEdOQJ~wQCVe9>e$Fa
z3tNsz;9P(?;&g<+AQoUAknk;KiTq5ANv4Hhpef$+<cv4NqAffuRUojJPcsudU&b4*
zt@8ez7Oztqu6#lweBZ&2t!i#px3<;=JIA+1`9uI?#O=2sel)MlRXa3CIl8rmuv)m5
zsu6xh){l~7K>YU}jvyWJZ%8C@%cDP}`wWumJ#Tqte6{7Q7SG>J$wb?z5^X=A>DKA{
zUL@v5j@1$FD7G<B+4ZAT^!G&DDR)S?Dtd#+-ex&e5cPDnyQh`Qg0W4Zp^#yVRCtKz
zr^Z?Q<fBNF;=S3)XOs@KJzqboN$b%+3fQw+W9Rr`^NPB-go`*sE@-D{h7OOrGrc=b
z2y;u1r5QKD0OirEqX43m{HmrP-LOkF3{SV+`@Sth!SFbq0AYJ0<_}M1Oae4(zYTIU
z9ot#6@9RtG?KS%=orGXv?YPu?enXkhUD`)IQzv7sZ+o--_m26jK`0Dz_dx|QZ=+c}
zliSz7I#b$M(X_5lst%Pq`z*=&|1v%)7xLf#S;K_0oW&*<r-b-9a$Ax*aYA;7YpK<9
zIl%XG)nxN{mtSA>s=}9+5}SR8P9iqg`Ow>bN(v>HDC*+3kS)`(1^f<D^SwyX;Fu80
z1+I7@8FAF(TnEmG*5%*S-a{%KyN~iQ`;|(&b=uuC=(!0Rc;#55^%g6NBH)#`87N`H
zn?G#cpE0yeuKz+D-)7cu=`0PcvVU%E23vF_A?W-u+R++Hf?-V6T2f_>CF&L-JW15y
zV6`wLm~3tQE<c@(*f2aqX!Fra;iGP%RgDH4*_~Y#dJUCd?JM$Pdk(bwZmk=u=4xwZ
z-lH$<GS_mRcP!4Am3+<UJlMVCm$2Hw!caFVd<gYdI`;FDmn4=aT%>s0CBRP<5~)y|
z&}km3R7)4J;O}k$?D@F&Zt)bE*rTc?di(rZqwk(~L~loD5M-;YcW&B^u$|74Yv4E%
zKGUk=dLc-R%M}(AUK@FmgwvodEI!2$V%NZLSMG1wW3D$n>mTg+=Q6lT$93tAq1+Jd
z@k4p>OkZW&$9N%k^>W&NhX$|O&F>abr<~0*J~w@&-@TthY+G}j?M1*vRT)p69jh{8
z!)}Sd%^Vu|l)GTw)##vgCvLlj^P+TJa$mWUDT$3m0iPvGfG9dV33@ssao2mb>O5sY
z_WQ)hodcnFqLF%YN|gc1o&{86)qgG~#hVzXZV|~qn_P<F6+c7eY+-l`uk5=&%N#zR
zo?33i({7}9Auvu9&QX}PM9FNmUUd>_d%>yr+!ck^(k<2tI^qy|3Zb);c}HC2G$w&o
zD{LD~{47LZVAJp|Rp*5?^Bq(HO)kuDAwqkPNtGwm9%K0+(y{c(JbWgD?f>rH!ezZX
zN_K1`xOg$`#b$Dn{&is9J9+`0Akjj&PjO{&xDXbx-ZU*~4F3Ts<O!p+f0}kr<0RQD
zU5CSQtjeKKE6~dNp!c`0ZG~p+%J}fiSKS^vD}R&%e=60z{No*`JNEBZ;nobRJV~{w
zT5@D_hs2z!ETOVOi@%P{m**?F#spV|(>>|-|D5)|UM+_fD3?zNXr1UhtjhGNR6-q@
z%Y9RM&w8{To-3R5akOJ^w5avA7}{m+;@<5eMayE#F?LE!>iiU~+tGJioO@f)FBpS9
zrYmIG7cx@?MkG~JyEd*~8WF`f=MfVt6%hwD6tVbI36iUFIfLl37vJ%aXQS=yI<ALL
zZLmFWQ?jUapgcV|&Orx?Eb^CK8@6F_2|lf6@XVwij4XkSPYtE1iz}Z0q-EQUH5YyK
zGz?2vH7am_+ET2J%ReHxYjKKz`Kg(36M>B5$FeIM3@rN$2K!S1*hMIA(uS6xB|3a5
zjqx34lKRQlp@-n77|kmj2~kl!U)l$PXPwvrW8AH@y_GB{FYiCxDjF($5)zc9WsI?<
zx-5U@-B0gw`*4JQOrthH7(~m1ezm2e!Y?n`1AdL-M-T-+)u+{8cuP+Z)3)YtPkRgZ
z>!t-_X6}SCu9nDgftxWhz#kLOx6@hs1s0Zm2s>TEfu`8IuF}~`V}cwW={BL;4d-v;
z;{OmwYH(m`_UH(xJ`Y92w0$FED5O$v+UPMI-5?UeHIaMn^ENC7(Q6lZ?(~kWkNIg!
z;On;Hv{M?kXue?roIB2$Ar~e?+HdZX!6(JmHa`@-tT1fEn<zdbf4Xzp^JP`G(5j0!
zlWV=@SHsh!5ADsOF-(uO&>j+Si>R!LF*`H{*wC)_$-(4;7>gg-&7N+m>A7#WU@?4i
z?2&^nQqFyq%d8J=Y+9w*bwGzbm{;2Q<uKJx)!+0D(9Yy49QU8(5H81AD=#EA$F^dr
zay)xdrJ!+_K{HT$6*|zT#2v!i()qcq)c!@e(F-j3C~QMnHTT$_^KJdYOEU3<*Zt2|
z4;e$4JNKpW1_;!J-N>X=J}3k|6#SM}*8KE|N0T^ZeEHA7d*TgzTjgq<C>V@ElIc_y
z#an%blqbo1OE^b@$_uUUem)*(|LptY$8FrH#CQGP$^u<l5@vX!dJ>+GQ75wRq)+F3
ztbA+ATVdG=0<a+*_R7fo;AQJK_aQXux2B#6zQGc2HzTUVoY8+sXstEnureNj$%H&t
z4jI8uC$2}1Kt&e#?0N_>k>mY8U&r28O&_XkbLC2i*j}8YM>nbH)M}KK6)J>e+%a(?
zODIcXqeJHqKBCcTl*GsNsG<owz?pfi55Gq={IPvQZfVL8wZMO4aTPWl89ZU!$m~M?
zFfn^P@!xAv4bww}D0W?bN{o{-FTqATmk=}z^(IuS=GYLa9R)n&F5lW(HwJS!J+`$g
zp79aN^sQlPS5(P%nPKzk&fHe~g}Ts>c661O@d5%LZ{?Vq=<T2C2Jn<b9`HObUE>Bl
zm0$?X%Jd1PmyNd4Znr5D+oHbROb@V`W#4EzcwTsc6}CV&U-aUG3z}@0xRn(e<e_IK
zl~y+w2BimLxQ|$%n$6;A07{rp0*~kS==M#LnJ=xbqeHnh?{BiRucAPSrB6Eo$<ozM
z+r%{zv05MByL*RKauj!X-%3-J=H(VA&UfN4n~Kf;`K9`Vg*!71wTW6xGD6kI4xb6O
z-B#XNT76481Wk*`G5!)e@RQ2_Mch~aMY%=&swg2PAR#RvD4~FK8ngl;-3Zd%9fAUq
zk_rr<f*{@9-3%~vcf$Y!Gr$0IH|L!9-hbfU&z+y<dG@no?Oc1sccq402!1a<?^jE_
z8pSq~$eLj6ubu^-n{Q$5x1WmpaHbq@I8hykf0wU6{s}H*1Ewbi#S0Yyf82F0YuWy7
z*N7h&=@^YQR`;`4BghD|!=fxB!5eMOq{i><4E9ZvS%W|5u~Q|X1xhvz1@B3CKTwXU
zcgnIBg?+a-+vz0lH{!=P>{$yN_;;K_M^gYlU(oq_9-OaRY2BrUiY+ACCk~;hJIngC
zLQXZ=2ye<tKV&aM)W_0~mK0H6z{x(^5hKMqsQkP~T<gRnA~haQ{##Ytt)g@{+5c!I
zzozvo8_GS?UpRTxFsh5f$uvB5^&`IU&U42kBl_9)U}dfdrAjO%fv375Yb_o9)IMvt
z%vjKk9XWqjvcdPwJFJ4D#L;t6m$|m#|F(2g`5HPy+8XEK2+5j+Xp%I8XQ5aBrervI
zU$%*0>c__TPMUNP9_GCWKgI;ZS=%n5>ZlsxqO8SUwl7qf7f#P}s#ePm69@!+*4tP3
zi&-N~2FaY|qEI__|1J+X(O-a*|L>=kF$4RT7AdJrYCz3@zyELllZVEMUPwtLn_(oQ
z5Iv&aJ9CobW*=smzj9H<jJB6~;H_tiZtqj6ouzl<Ffbl%z;p!u-f%nK@u_S$S7<=X
z%5-s`X+o=vq-<fW{c|?cE4l8NkhsE?oR6~jGAxP}=uy8bVQZBJbjY2Mqp{Tm@a6k~
z-Y4(YbNn$+`hHG)OAMEl%EVLSBPFrK35!lIa9_|$`E!RkX4(VzeeT_xPEeI4o~X0`
z=<*g{W~6eDO9VFkQ11DR_xZa9G|~1*)!HqRg|J5ZJzPM<7dvG#lEWTFaHpdZb+b9~
zC!>hf-d(XYyE!#;mwRWj7Vt<($X9mGICG^EI<23(#+T~Xmu5HEo}&h=8EgsZc_|f*
zhH+RISvS5+y-gE}ERR+;IP|!@^D!zQaKik#+pOL=U47Qlq|CZ9Rp0Ie{sqm@d_upU
z#iKh0n5${CI5bn7wHPty!)$HjRv60mMw5o3-@;fayin3Wj6$&#lkuyoG$m3w!gRMf
z9K*`}VcI6KJ}CsJIi)KcW*w?~gKPum0jG}zH83JKJ6g5u_Y(=)4I&i%Zm^y+Q8T$w
zBZ!jD;$Jy*Jo6=Q4nt_6cJ<7ZlJt@?&>N+z1-U3UXWT{S*ib%Vz%IlDXc`y{qTx-@
zt6UXYV8glAC3(g3;ll^T+0ukVsI8e;fM9wA&dA~xe?N_07Yu1$g2WP)cNgJKruxJe
z|Ai-K=YcKNA{Qg-c~DMKzPXnncZi1g{7bC@yGsAfkLQ=jH_<gtl`ExM!&+s*&(Gg}
z=&*Kn_*~vTUgWW`Z~t`<t^B3|ZiC`9O_;dlnz-W2Bj>ekn>erTNp!FaWw~5P{AOp^
zwydIvo8KT>9aBC5i8wo9Pn@&3S(H*gL0Pg|6DgFa++~2GD0J-bZXm3_XuPY&D%=O_
z=36hZ(dQMw>c33Nyws(BfK<<ny1VL27E}2O$R+SRfIHk%L*J9JKk4}R_)oaFOnc*>
zaGmNZLj2FTwszc>v5Q%_PkQdWjexFo7}~aaPPblUE63Kl+^zqvbbc--Mj24Z{Nv;}
zF7w!?Wk@GZ@H?fs9pkov=pgj21B0u{Y)QZ$;z!0$xQt-<TQ;YiSd`7Y4y5>L$$=&q
z1+%72R?pCo3;101EOt*cmzh#5xkDV<ON2x6aWjEHF;UWBAX}%2;NJ_k6Tt`dx{IG4
zi$00Y<TcNHsWHvxwC|HZ!eCb1Fd13mAt3E+*nGHw?x`s|dYxgdi*0GYx`?Ev5|90H
zGAb6k@@eFjfJ91XurKTQ>4%8@iQXb}GOZBSS4tFjPy@N_F4f&VJn~dF4Px*6Q~P=s
z@>ymqZ(&EJKV>{=yv^yY`5Y}xyb?FNdph!^k5E3E({%nZ$6(cZ=@5U&iL%;Yxa%0S
zv2udFC;(G^#h3nNA;L&Zbn37H-yJ32kCw+v@*iyT><;psHm1Og5*biV^})0*b7;6r
z2+~>tvsst9#nj<5Roc@B%1gEi4fF0Dp80+cgLdH@3v895>)*~DNHuQE+W5OZv`iOr
zG%V)XKkVp#VA*jp$h0mBxT2iA4U^|6)7YzJk)yDd(DJyWgIi{gw09z4Bkp3V_J&=t
zQ2d{{7HaV+Ev+3j_aS^G7`}?5`Zd=WgpNp_v)+$@4xThm<+p4PJ6X_@Sutxrq-W>%
zXodD$VZNj};n|Da)C`&_&ZjpDCqJ;vX}R7H(USKudcwg<J$b{YQDW3Fs!)v5yHQ7W
zx-aQ|eDXbGHd8xxXBmMb*W5MVwJV{ZM;uNLG#a!fT|=IIZZ?+B;$of8eARU&W}XT@
z{r=TNfwVGLD6(-y`{0PX|3@$6%qJ36Xod`Dd*E!1C)(t)%<js4IZSfDK2E;n17+H0
zVNP%Mq#HgHVRFw^hvlTEArTP~*eC9Fb7S-~4c>ylh23_@ZG9j`6Elb-7>hht>1-+w
z{wm&b`CYnSzcR61)BJFiS^i_g_x3($WY_!ZuV0GlsLFiARlSl|8~9Sn`D<7(yg4sR
z?hs+spRJNZm)16DsrCV1+3;x(#majgUXd^HJVxC<s%zUd4xxiR)07mNLFT}c9!Fec
zG_^t@mfqMsyJr2scSme@hF1>LuCxtLjHTLQMNge&UOL|6*sqE~>xgLks%n?<-9+Yp
z-1q;;y%~8&-Ld`oVUp+lw}#=Dg3q2mnt#2Xo|hbD!(!`slR3?>?f43N(4C_6;Llsq
zG@9r$18nO)))M0ZDH}5h4hF+e;hzZxy;-G^X64TO+Gw+-Y7(Iz18&d1$~QP^>yABw
z4-h!j4w{TP%WFm17%!P{OgVM+y~Vppw7%?Pai@>Ibn(mr?>X4GUDfu!Xr<3sZ~5Aq
z%HUQvi3Ip|@Mh^A^>`RPd{7gveK^a>>G`1F=TTf>dVkB+p#pE?Tcar&XNPyq+g%%F
zUb=VR!0q<LEo599;cuM`6q&mcd&3ObjGqjcudTf4rYa8W5LncrFTBa2b@GE8Rr#o2
zza(+EZDZ`BWlXnudSkx%`I+fBraidEoga~|-9y;)=24AAf`Yy2K09VXett=t)7zJR
zoS7yGW3lFG-QM*8FgOvWMT%V{TMtoRYBDb+KB-5uy$F?`*DPMHF`aZQ-7h(_IW=a=
zX-icM&*OR^l$;6M;`Bt)s_s({ggzw7kI}F>Oc>a2I`#8CvJ#iY5}G=gA>=kC-+@;y
zPgQ<S;t=5WI)%vGXSeb+jO^ctT&oeH$TyxZz`g^-tQTb5JJTvbjYq<zT$+(KEOTb&
zdwJpAk0I?pGNnk*wTfNJ)GN?_kz}s|g6f`}b=*x9ClH1zG4Juy^cm=MirEvrp`U$$
zj9GQ_zoLk#wNzpzv2+d#3!^?R`u+R&v;ep?QP-yiJNP$}ZA7j-i=--@m%#3d5j(nD
zv^8nV)Hlv$qM&>u=<`E2F*f}H!HE~T_l=piqH=W+#=FO%F3v}MRKuw}L~GwJEpOTt
zC9KL)KIbUej&|(hj<qki;4`gxgx9ro>qz;>s&8zF?Jf%`*Nf1E_!7KoNodC!myvAR
zODBa}*hU19wlKkM)Te&L8PQ$r2oqyW?}BX;$DJ-g;Z@JKM@^i~61)#|aqlHH|Cq7)
z<Q@JYG<8*!bJc7EYw^NCblujZ*zoY>lfx4Ad@r#aCzf|UxA02rq73p|ItiH9jFr5m
zN+=jQ^t&Jw6?V^>lW+ui-CM^H%WwUzj`SXPHV*?)<U@hN9ka!1{*oit&0(ya2ZDCZ
z)xJDChDoZzPC%mC{h>vFQpw<F__o)ACt|9m@72g;?gSg}C!Q+pZcM#ZV@9`B=d6J?
zZ*df@Vrvhe`1Dj?)~QE4wL7zpU6PSTFv|SxgqRazhX__?Pevml@E|e%9eGvcs-t>F
z>hhkRxuf$@xxAm91Ty|UZOjdd*nQgIvo$4%dRL&yN2j&MFO$Wt&mHRqSUbkn+gaky
zXa2n1T4zF!N%uo|laiFpztupoMvu;aoCwR#B%SnnQ7ot@*}rLJ+|AbK+YbG^=j-Yq
zSoffFQwrZ`vD#eEv?UXpf4wZSY@sURI|Gf3=e*7ceR}_AOK0sPGrO^~+NcR3ffy1j
z!scePGGlovnO7|LEZZpde*M+QlrS-!{E3la8d>MFXeTcI(1xv7nD;%ta?0jysz`-!
zTWwg^N=vcU(*-vZt<Z43oJzTv3F*NUj;Vth{O7k1s(*HcQiSJK{LmyPBWSh$TTWGV
z6=+&EQR;R{Ixb;t+~kXmpic?KVr1VwvVLGZG<ERqy%nizXXawT*<0`I+yQIj&glb>
zIgdfDO%l%zBp3Ec61;uy&}jWKY6`YcP3s?;`oUa`%DmaQhPJ-L_?Kh4(KI%iE~Dha
zn&OODd-CvW%civ3q*u*cnLAk%+LvM>?bfTevutl;p_=@`U-+wy)}6g?>U!4YBZVUg
zxFh=N9^CEh5Y`PWn)Gz1r!mwYaLdMfxG22d;-uWyIY({fzu@WcU5Cm=`mou!WKme}
zWQ%V)Y;74pac<IX{mLBeddB{=RTc93JP7tw(kz(;f_zbt!ldYA_@jA}@&-W!m8iU=
zZa*_K;emz(h2NHs6OTFlta*PgqFFjMqd4B{Dfv}oH^-4T&pvhs`Hg(M2!EkZhs0PN
zN>1}Vj4R)_T>MN7xQdj02Zvb)Z8@}So-`ft?VKzgi%>uK$OX?MB{q}VUDKQ=4H@ea
z&gt~2^u$K0z&xEsU7Fi3)hX=jt3ONU8+BY(P8+U#;~3O^*tv$FNXR&N`|ReiNT}Q!
zm4D8`>gsCj69z#$T3`uL>ynZ@W@S2C?MOJU^jgc9^T&dkpF{DDAM{}gTtdGK_czWM
zgO0^;z!nt2OxjOO!E+WwfuFagU7)30>yV;0$Z<OW|9fA%m-QO0RO5q5IM5fSmNlz3
zcVcv;&PBiGSCb1luODr4z+TJe-0_ZoxnY6Tg~j1<mS%0Iaj<Ukwf0E&9T|#5P{wDD
zp*x?4g0pR-WIZX~+Uf!86v^U~hKpaFs<h4I%mJtOJ6#Or#tk`FX)?5D<NAuq1k)>^
zwm(0v-_@8ky<>lqgTdf^lVxzjckd)h!=fykqSxF#zFd+0-FNamDxCN<_VHm_bJHIx
zK2OiPYZc2FhzGW)?$+peR3r6_bczj~4H{TjiNak8oX5rFjZ+zHiqdfF{5Z8T2*o-y
z?|UnywvcIS2ON010n;nn6mNT?I}g9IoD@xCs6=~E%8yVD2|nKat%MSW4AyfSo6IS4
z{sTRm-wn(Z7&4p^8f4uCc}H~SHB$))5Kg~{l}T=L2mJL@&|mf4Zgn$fQeT-aCZdNP
z<LUlL)eP`tsd`{&LbCPO#XC9lc0I6EIyzm6HasZ;rf6K}q6J@>9d-v;&~j_gLgLcL
zo6jTK?bQ5q-7AlRqPtc;Jr%Ht3CIpmoVmN0|Dc*76DNx8k(VfkA+$sN?hm`8c?I*f
zuOB<3^Bas-E>>PqTuC$?5xa*IdS7(dpWcKjIY|^;#LZuBxgFK9ezV}0tLGxoL{i*U
zxcL?WH$7PPR>F1UW*UAyxUMG_P~*-Oo~9+ARz!lQS^U4Hv1N->WigcBHx@gaV~o1a
z9EqMjdk1;5&bHq?Kz>6b*1jqhJx;;d(=%CUg>cB~4=m6$eK~mI$XdfD9zRjirjbXE
z&>Gt#1d=Vx#q#5(PTQgt?n4hTE$^w48|y7^OB;{%)H7`)tvnaLuy7my4Vf)ae-r3^
z)N|4Pdbwk!y-<kKLt;kB&*s+GM%L=BB&qkKO1zSV><iV-+LsqrPAPkd)Ipy!Z$lW&
zRE=&`_naBAbrvvN8A=y*tQ;{s$LNnFUPbL*s<(KH-@kYimnuXxT9!D`^|woSTJ>|+
z=BI|dn;zXW^>o>m#^Wnu28y=uJc*#<?`tI{(Re@ZUwFO|)sdL*K&roy^M4M1|FB;y
zv9E4QX%~+uV%;ZFI<svA=(a5d^ED(34~NZ}@adgm(?sG3Z}7Bv9Be&F=p$Yb3S@D|
zc4iP#usT<JUunjT{uHU@&BA+fg(L5UB&29aYaXG(eDVJCGfPaky(Ql;yY*<SKfUrc
zF@+6YkJ#ysFiV$14XzqcUa2}>u%=GI#O@gzZAqrxA)Z>Ix|jaKW}bAt&}m7)Hp1Ij
zW-X*tbfaVu?J`227VLR*GocmYU!Z5ezO|(G-Y;%&_X&MJF3t*l5#$+jS)uQy@RvKp
z43D^6S!wExWJG=(Td-?1pTj)gUb08lzyysV89GmANR#)F<=fBg&q7?)?p98eJ@7@3
zJz{=EnsoY{=1p3Xj9osVcQ5Dq1z&pk+8e6VAMi)@oEcfXj&DQ|3<Is>11+KLw;u~w
zFU;$uK=<z4MJ&p!N6mPg1U(dBZ7dFca55eECDS|mU>_fmR5KQ4+bm@^K>zxR!?OOz
z0VkF&<NEk2!Z+mQNJh@?l_It?yhv}YSK?{Hs0#M(9WSCbjkcO*^)@(TdrL%icHGsn
zPu3+-^Q+eQJN*`&qRsj4>Zw8Wz4>}{oF7QT8RUMB>wdVr_q}OyU*5E&CUz{`Jl1dI
z^F4flF5IlEbCOu5o9RW$;)BDNY&@n1Oe5yd_K`8Aqsy`%C2WxiZv>8{xU8ksL@6R!
z-U~i`)G>h$`)DR!p8BXMO<t)y^0OneT<NYw%tRlYi7W|Wh|oII!FJBBIq+x+t&9^A
zNa&C(!)i1%LAMpq)rZ~=`x%yO_Kln*CZGhv&^2{bSMP;_yF0t@`>~YlM_rY=KPpQP
zQcFj4loLM+|Nagca&oe7uU-11J6$=i&IHF5NSNjgF8V+w9>z~SO<s+6n5|MM%=Xv6
zKzvX3n{0e;DL)c)Gk9<qGM9~fe!7RVJ?H=Kd!rBk8H$TaC4k3Si+4{yxIm|~J@LHI
za_zp*h3O?4I)&R1T>g%miAga7a1u;6pN^X?HDcb{?Qv%krJ9Mq$ksl={A8;L2kOsr
zjBiCnn+1ZN-j9x$xT&zB?VH(s3ffjdRO8h2huinqcIfrHt5h|LPoHuC6?k{FqLIv-
zC}ir<D||aWsrII8i58v%&zxw58}57Jhg@P%4O!S9*`jfxhm5n6{5RlVV|C`J=CUhZ
z<8r&PN{D<d*Ieh_<7X84l!KpLx!XNn-N;q#NJ4@c0lKvRe(xhSfPm}YUyRjt4gVMZ
z7nygn{*Nud|E)6rpO^DWSM&ynB{htXM==hdBMhcXLV<bep;v=mwZkXiHrRM|ZVjAD
z<EYbV$jPPk^k@ZA2<zsQfEV4?$e-|Z)QduOO(o)8G5IT;E^8k<sSWPhc6X*iO>-|j
z`$vt21gQlve)Cv08v4S7X9%;_=YG0~xH`8-r{{j3=UvE1zP`qzOO%s?rd`e5%*h&D
zIgZ=&IYFL-+8)5ZJQepQbJv&jBC7s+N@MrixoZEvqI{iEcvqJzZTu1w6y%+X`dkEi
zBm><$wN5GGi959}M+o}vitYZbUz}IIaJaQkAs16(%I`gb3K1$xns(bcY{%4&^$qcF
z)?*2<Lhq~Zf14WKBjPe@Urp?^xRFhg{ep6D{@%%v)Bit8sV0D>_yz-P|7G<<4g?o`
zR>~~Y;()6)EfJ33oD10{8f9-){hpX`Am=$e9{O8F@pql{5IRe!kijYgrRb<gsJZ>?
zmoVYw0?LOn(rN@H5}}e2N*fo*vmK%sp|PFO(zTT>ED<il|F!ZY6FT%k4-*t~Tq9hP
zv!o!-$Cqu52=}3gv~tSek7ZaGO8tr_{$OWweAM9&Jv9W@Hg%n`W_Top0YyF7-q;hd
zcNUZt%yBX_1aU)qmBB%C@_k!k2(VOtV*X~`;TTZ@HXNikdV6~TmquU?P3zb>5!kFD
z<f7KkQO#BYF3b+V&16WGnI>6X)oFU@_izFe=LbE>d{Hd>o!5fiE*X^%`K=X{X!Q7M
z-|NwSSlRD%f`5F4LufTCkSU`mqC}$w5~N%RCZgY(4W+sd?|I4oPZk}J;-f~TigU8q
z!f?DcZa_Ue14)jDVN*mF-e;ii8{OGoY`H19G+u~BT|t<m4eDP6_5ZGY)jH>}(=enu
zp&Ano7OZ8)Q$65WERRPY9ddMZBx9fbL^^{5IKKhs5h^hchq$US6@E>nl=pnKu?7AF
zLGa?0>OZpo^Hz<o_SL}w!##cz5t5ZIeotLG^)k9_#mCh8JpvB*Uhk(h6IMmq9aW0t
zuJ>B1hRJBwuGBug=<B|^*j+bJoY#;Yvk|s^HN2_d?!wU9L{J}+uAe@#YU`>tkN{&P
zk1YJiK*Vg;{OwS2AyF;>-*Y|5Jk4^CQEHX9Xrd2v@ncTT%<}She9EVMmfk>RLM!6(
zx5p7+xW%QXLjhJ29x-v38O-<cWNcQL%Pm3WbS{atYfacQ3hqX4zA%{aS^D!(#djI{
zF-_+UJ`Z@+XJFGUTo}eI%UyNxWu!nCZ~MOVq~bZUt}*#iNPKnmbfPYW_WOp^!v)`S
zo;#vf!6YQ|6FcYpo+)(F&Kt*lt?x^T6ZwP-u{um`W_{zUnna{F4&K@AlfYJO-R=*h
z!D8V(Pp8LLtBD}Oot;<=M@SUIuy8(^psuU8zc0VLQihUGxTAwC42whJ)|svmN`w1%
zbJk9diylyImXiQv1c-=h7{CE>-k+^8o3V2yk9;cPjpQ`+zvN%=LvsO0wD!(Uftkvg
zl*C@k>r{3`e3`%ILmW2-HjzTIVSRqjyk}equyuB7{r760Yfi8foSks@#=^fz_$J%W
z?7a=A%N_uO`ghlbXTcwdhek9q)_S`eFRNFh{`_&8)|1W%k4k;AvFAex_jiupG0v!-
zryjGJv9s6V{3qk)WKCTC-s~V6$GN7kEOJM5XWY+Fhdp~hgRge;Ey?cGU2kW`N=hwP
z@q{Q@VAvw?Gc)ruAV^h5XL@%A>D6!>2M6}&4W)?t{#y?ZAwaPr^*Me55AbouubNQ=
z&LnvF_|{pWGa(cMTW5Cx+(NMnAsa6%0W<II0E8K=F;!I8rc@C1I9thM)Acp&uMZCg
zNbKr{V};jdg>ec0EZ6Q--(w&i9#(tza%iedai(yGYGZz`y{0V$k3j<RGxT8nYgMYn
z@JjhC%VU=K!9(%Q`_>(yr7xuKY(NwEE$htZq<1eZXtJXiGEhGsex{arE<Gzz{!yuK
zQ1c!IZF^)1$??9;JsOg`YKu?or)yB}dW6SU>6Txp;JNE9B*>+D7mfTDZZIMR2X~}O
z!zSHu<Rmx#yH8y+<txYUEFW4U8=#+-GiHaGW4hmgk4IyL2_^iax)<LC8W&-O6Efw>
zsC*YZ^wL=l)Q7(s{;(-X+sc$opD!0M1OeJjfX6~xH8YnPZsy>?4d6XKfBB++jsduq
zuU@fZHVN+Dy;WU4{dr=iL5=UoL+m~U#WJwn5lIE^9fIt^fB!xPW{zFo9=@h-VAzw+
zTOSouw(JpBsvUI7|4F6!63=|rEW<c-m$s7_PS;E*IaHNdkOV_y^?V^?tA1A;9Y!aL
zd-W0LWh9;OWCe!`2FaJodXYJd9yTc7ceHY<JiVVyM7L^j^}YHC(~{KMIiNxT4ks1j
z3;$W6?I;<ztoLxTu(+mQn#m*6Rm!x7-c2dQNJ@mh<BE*Z<Zl9lWbV*(;xUWh@qwJ4
zlJ|mV*~H&`ckv}2&-S>R>qmyQP>}S!kw=_*Vt69wqmjS)owvCJ@sJS4^5THMSfaQh
z2T$%Z*y!C;nKSZXpB4KxjDAQecfA7w_l8H+bNeFSi3+}cp!$9VyqW~wh;2aAyH*Yz
zfOBT!=`#LZe0-YvNL{;{F95s+q<;F#wSL^c#T!KdF@`VbK}1Fl?3L`P$ATE<CLF^*
z+45ws*$HmA`^a?Y`ZIonreWJNA2+6xq5J*+C-d9GCsFJE9fI1rLY|9gY<rVM{goQT
zlD}o5$1N4ze#;N?PyFZL>rEKHAJ3u$eLlA}UHla6V_O*EJiPr|APH8+cD7R@c2#FY
zW(av|aUgKD7A()H>{qJ2j3))Er&O5z%rN<KmC`?8<&1Ely8!lKWZCSiY$g{F=Vy`w
z7(<o!BgLL10B|2@f*HlcAd8EO6k+)zz|sEk)2G*-ogku()78b9mt>VYd>)9j5`O%M
z;x930TrFQ+eSq{;=}xniJxnXY<TQCV4PKo7`k-YjI{t3=MfX<CN|!LE2~Kh$na6JL
zm{+80*OJ^A@hy$cdaeFNx23!a30mSTbPj_Sn8%)#nZ4}%G%N1^FtyIjx&?P84HPh}
zYVNU<myvn7$7ni#p6(roZZAe|$WPWuRT_P^Rek}QaNB+l%47@Ijo1H+aZH|d<+g@j
zDDNhoQbZK*;eCd9g-4T}jG4W1ugBh?aS-40<#_9T)0mG}clsGna$j`soV?f4lGE0{
zl=b->5<>Ri!Pj90ga$;^J*uebD%p0X@<Z}T-PjX$_AqeHi~v8MM8ZNs+<r*%E~d+|
zanj}6k@LKlI2*4>L<uqBpX|2j*5QiA7yUWf8Zu`%+6Nc*&8khn8L!rzdHoM19;T&$
zi&lRJza5gs!LfpFf-fRm^PUuK6wt=#8`q#Q7qMwrI28^q1<&p|>v#>W&iPO(`xHmR
z%q|BT#JN6PEN!$sm@Bfzmz_Aj^*r0O-kUpw&8=YZ`0PCL@y-L1E{1)*ev6qQim1Yq
zJH|?V&;*jJ6CA0J;>20me#)gTA?Xdbef@_@TY#CzHTCU$ict)b25=S8;1Bo6$;ZrC
ze+VeXJ!`s%&Ck#GIw8J$*BGcM38+W?B<pYcC_$5a(C(D!O*{FTn4d<~*5miiiLIM5
zRBwrAubG-c&<G6a@vig9wjl{=;MyAH7N469zU;UcNM5gT-krPBylO<ATo+4Zwu?D?
z6h$Iwv(&Al{BxtcpU?9-oEuTKpQni#Vmw`e+J87&oads|-od+oq^%6V=gqGQF@+%U
zr_q&17bz>MuHg%_wfLtrm{VCqx4wU8w^yZ~GVa|k>6eC7qkcu%BaW6Qd?b>OK{rp9
zn0Pd}`j=6WlD=|r;iCv&8_D#ueJLl0EAEY41-M9^V0|yQe-%jw?1Hk54X1!ET9>+3
zf0d8#^FES_mbumuc`O{J?;2tDHvn)9+0GLVwa74}@;ARx2`B0>p2s({lv;Gvq=u>%
z#-}C!{ti4sRlXaBi$u`aAFIY+!3><HFTHT07$OUjU(`i0*-PI+OZ5CID`3+v+S&O|
zb(td$s$%)9>(z18%}vv#(0iI&j3i;F3^*~QGY#Mmd?;Rf$|fgi#UM<$mRN}8k-2a?
zD%BM+wsl#7Y<h8L2W4*(@JI0V@;UnYD`H_nJiN76MK9xtQWdJRag|2>#J}Jdqs2q_
za4M1R;J{S`2QCG0CF=wbdo>Qf_8)lyFdlIIcvGf$G(id+j300t-8eiv+|B7?slVna
zfJ=INS5-P1HKVH(dBA;6v?XIxgp1rDADi;W6u$ahCwp(A?DBrpw64-?5ozPh*{|;1
zM(p!_`DK_hRMq>X&1lD<HsawkS?|6a5|Wn-3=xc#=|Pw2>!VW`^sI8|{#Zz%Zz1Bf
z%hm9_6E!(~XZt6CSew+-*M4&xo0m^8R6(^eyxrq|>jXCL!u(8077Wtw`)^!1IOwKc
zVpcCgU#1qBe5*)j_>G80Cc+jEl;RiS0|otXe|gX6q4B)uLxgbJ7lw{nzMg&swm)3m
zVA|7(YHWOYE+q5=!2gN3Zm(u{Cl6Xx@Om5=5z&dXCq1u#{yI9DFoe~)+vkrrrxRz3
zZ}4U5-k%_b_a4H-o^a*(8bdGZ?rzN&J?EMGeQ{sE&k`z3ScdwwoX+OF6#ndIF>?6R
z#=?TaP_b0&?x&_vcke+<N?qdfg|yZZd*nMEpVIM0v@=Eq1#V*DTnF|~Y@xz?4CWt@
zLmo~<kk!qkX=sCguRBk!JHbSk_CFO&2uE&p>^81+Ke>p_Fx}TdUu`YQMugF{pYSyN
z*Mfr3GF5@qbUevwvcb`k)`K+EFBI23%F_u|l6PRg@9=1t_aYqNCkO&`3pf+IzXoPL
z+<<6scX6oEt3X~NXY8*>Uq$7U?#E4BVZvzK3=DCtb74N@cTfc-R_YmBwVj+M6W5Yo
zSmBxLXGpM&G>M2M(}p<x={Cm#9S1wN<g}8O!rg}@C0F>xN!MS<y0yk!F!zs?K~4*i
zf0|M~(_yG_5-Ay+{qE+dZ>n!TxAdoYzkhFbG^MhT_g4LeE|T74S@F;%a-^n;tBfl3
z#}vFP9wORi&en7|Rdj38$pVKA9r4@x<6;!k4rpRj=<@8huT-Y=LOOjX@pn(%L}%k~
zseJMlC$Evap6N~(r-ve%G{CBgk(D*8<2$LXJiw|0NRH_sI1v%8&|=vFxS|90hk!w1
zHhP%9C@LN{FW5n16R<O5oPJrqMk#cjn)0&8O;To}UPM7DC@_de=JFeY0v`mBgZr79
z#;@%$SxrMPsPqxrkA(?|h_X-vZMadPtDF1&r@I^cP{)t(34%sz2t$Uo0o|kQhb=7;
zt}YpGsBA9hQIAW@Hl7`9eIgU%Wpc2$+<qs#Ck%Pok~-;ifuDXk=mkB@u@;ObfNXYc
zCTq&}SiW=MUb~bfp*4Hx(FEUlvhk*+20vICVd%ibC3Q{hJ2kcTsj>=X8{ld#?{dQ*
z;axD_;7vwO-qGmWs2K#jV+nxQ=gpemI<oziJ_}S#A|VbQ&?o7>3d-MCBs6HhapbzT
zLxShTJ|hkf50+#l(6`AcoREtze|OHWb#*7pf^79GGOZ>Bw1enb^Yjr_wkJ+>gx%z0
zBF0K_=j|giq`m967M%O(4uAL<dayHUs_lFe-V^vXzob9q;}QauknIgSy;@xg&{HX3
zULT!7n+5(}#+yg|f-9x1yz_X+kt^SP&6^|vUtEXncsTLYJI|%v*_yI+rXz-w0hw&2
z)YJVsxDWCPCnpQwS0sFIZAieQAh5!Q47{q(4yV=&X#b;4?N*Ub1@?>m+G8=!)B*>r
z^>cM9hr@0Qsf}mBPI(ETDIurNidnb2h4;o$UQD&^P8Q$cF$8R>XuKWT$N>_eymOaT
z2rDx5SN5ZLl+_d3JrTd)(@@6XnUxDFZJ5g@q*HkF0ezQu#r-HZa(`JL3xc*4oO7Pi
ztgUY06C{<KgPMCF>g<XscxB;*6zwq{WGAP);+oBr0Z{;HB@NJb9|IZL-gZi&HNa{M
z0=zjyX`%0xXsQx6A@%)xWQ^?DLlw$=x78hN7A(_!qbTmfFp2w8QV;wh@*U$<acP9^
z*=tde*QB5At_)m86yr%gWXaltmi&UenrNJOEr(kuUgwJxuHE1`Ul2&feKUhO$bz&M
z)AM}B(L9*IYLxtjIq?>hWEcsWRI>H=V_v%-+%fk;=+{Ms!*{5Jzj!4OMkziN_`TOe
z)N5(F^qBK80i>o;l&<@a@xkptk%~(o&{6z{9yTS&&-z(ZFB>Hr#u|Qpy!Bc|g@jFM
zv|a~x%|x=Z8v__uzo`7Bc$h-vPTe~_k6_ip5$YL^dU6P-*g(LNEk*-xt^EBYSDO%A
z4EGMdawe_Im6$0GG0BNC*#)h3+mq}B8!T+6?MW3SIuR`s^qr#baa~cojAyb}g!v?(
zSjlqTv%>B+%`g1V-oEqu6?n;}<h)Q^DOm+^(%A}`!$Hh#G5ffB`A6=pk#9`-Z{wnb
zr?0qLdoBMsp}9Vj(|sme7@u8g^$ZLnY8~=FvNvKHU~w>iNM>mQ;>|tgDmcU9S5wlN
zrVm*^=LNv|Ow7!_mB5N98Y+nr$C1_j2{G8Kd?I*{e$BfguI;R2_iDxub7vH{cWaF4
z%9-S)e(k9Z@ibCXsR2>Qz-%S7c5IblHjv}WGW;vme<RP9;gsihu&PoKa>ieQu`mwq
z49~hHXf1&dPdECf>?(Q0SA3NCxfyI&S*wf<7EQtraq_BoE_p`G&g5&T{A9B8OH<QI
zQ-D-*3^?Ehega#DL3B+<Mg{;UKU9?}c*e;Yf!?nx8kZ0j7FJVJJALvySVbuh|M{!4
z!`W#z9;i1az=`@rATtxLuZenrZ$Ehvd-hG1e%y_Hf8F=i>8bDw6=6cgm=C``LhJvG
zOJGixB-Z!>q=JLvE;EjG&=(Wmt>a-gNbgg;+=>vi+9Rv?l};JRk+TK5H@W9RuG?w_
z3zbqbGT7}G;sXUhCRS1S7cd~$FPi*p?Wc^^%FSX_WC}QPlgu0Ra7C2iG_~i#rL|A8
z`SG{FMWo_w1f5Ink5cX+CCTbBXv~<RaDn#64GSjY0@|aJ-^p8t??`B0!9TZvNoLn;
zIgp>)x<$U`ZM^%t6d~o1wz^Y?{<pL;87Wv^;@6V!-Z!BK!LhStdvm=-kn^D&{FaJ>
zzZ!0LxpB8qSWUr?M%1V+Sw^G`ioP!|8>jC9&_6mWkNpY&EnlMJTa<eOP_LFwye_F!
z=Hg+~gj7@EKlU5##Q{cQs1vmj)0HRhanrmx`i%d&Q=DORCZStf-ccoU{%3}3e9dAW
zd8wZq8zn=VE^<_b3Au^qxzj!kH*REjdBW4LGuTaj4Bdg3i9beRDrz8MqtaksXU*Mf
z#WO0=y0|Yt!|%8(m2L~<jHYO$PU4l_onFhi*le^xB^t6Jmfi$6;qBJ=4H@U!tugnl
zyp#TTc{F$8l1dS@wRY}m(<j~5v?KczUFUyf!sn{0w1dR3q8p_rU6Ep241RlE7TZ~n
z@jXnW+{x6sh<ogDebvRkc@va;2HjVt$Zq?qp>3C#Y$L%`Q*>Bry#v;WPbE$8OAn73
zL+q+QuJHNPhp&TAZJ>R9E3IGf{UW*r*UJ5tz1%uuR?z~X4e9i%N>~v~4)?^)=+pN$
z1h3>lFF5+{&N_I9L6P=Xwd&v*?~q6A$7Gv18sp=rb^ScvC^iYVOW(tk*_VM{W?!b`
zb}5A-f2PvRyj7Cketq3ZkDolraeY+>Bp8x1u*yhk{$BGLaBrIgh@uP`hhW+?{W9?-
z&OzNzT}gpj86amC;$i3b-XL6G<sz1nl6ht1m=AbE;{{bqw@ov7+IV%!EGe^+;-uq`
zk(fpmWG<v}n!KLB`M=*;WI-$Kp|l^`s;2xRIsutigHc|i?khQ1YP(i6K(=~*&3565
z(MLlo4-On!TYa9z%nVD(%074b3-6)D97g+}@=#y5B0TKtV(_#Kjj!8i^zbPd0z(Uw
z-R%W5RAL6&P}cMByYxrny@c)&hf|I2Xo3G4A^w{=DRmNNj!sUs%`hqg8KeISnHfrg
z37G8be`vzj_#~U~-W*-<{7#wh$B8;W0+~$9>x~=4GvWm(+`g5vGUsWJt24kb9!()H
zQ413_KGttkm1yjSQXAQ(#m`SHmC}zdak3;IXA@Ei?A%PZZDFv@-aU1clu=D}ns#{Y
z$J=8*6QghFP`mk=AtOgg*tVL@-y;=TIk1qry!j;68*3m=@Uq{0X5FNQR$PCx%OV#P
zU+A*Rxe&SFD|ePN-jEhH`W?)tNSF2g2kExJ8kj10smtQlYj7PC_c~1r|5YJN1L&Zn
zoA_Gjwvd<UgP3~wU-iElyhy|*QSW!t2H<Br$=mU;;P8EV<*FSzi5Xoq1^-(4(s`#0
zPrZ2r6nRqM6P^s3>?=A$MK9QFjy@0M{I3}Dl7{Lb80v)2V!}*PhIzyT$XfYErpmw?
zl9rM><%w<Pby}56w*}}w2osjEC)ttDg*s5Sq#;Pi@xRYx7Y8=!w)4?C?iH`s${n#W
zqbS>ukRu7yzsZPWVqYl7_cPm_D6jx%Hnvjs5mSktEECZ&YS|Eh!Lu29<P?R@P^AVj
z#o_gumjSoeww;r6n~7eMMgX`CHJ<^vBH$&$gzr13e*%G>2d!*{i}zaI;FURTOyE0(
zr>kn{Y<F2a1r-!cFfMRt(PPY_ou~u+Mw`I5#KdV?Y8&$bhz$BRpGse?V`7Cq7YKGT
z;!@_+PVD%BX+gYdOz`!TC9y)^v!TLnX%Q*+!6PJGJKwQ3I0Jf(BM^_{T==&_ujR^@
z;4ecvS;_dal!KZMj7_flQ<_RN&mN0Gz76;A3nsIgOJ1e;W99ya2pCxWcnMFjzIx%c
z<RgrB-#d1eN{EMbhT{@0?O!?aSEeE~iceC;wIf~#+t!EP3##)bC@R^T{o+(ff6)&m
zQGc(L!pH{++mW4^UFXM}Mwj@nkXYWPTVjfQH_@SLCHOHEZeO3Ol+D0g^H$iFy6eDB
zVnz?GvvEE4mVxj?aZjf+N<%P&eetj?$63E@sKA8anP0>zFG#1)Hzlu#Ca%7u>M`xL
zg#EM0*fKDnN1|i&vLFHjUw)xZZSb8d2T#;8A6~DU&j8W-%m&s`W(T4>A5FOdSX@aN
zrzEFozPWQ5v<-*IuJ=)YVkSgDv3n@Rw^Dr-erUo1#!C@4x8xl=_xp0;?BA9=n3_R-
zoHVRfxcIl~h~4DHvc2%Qg6Gt_!nVoI4Z-I&_-++SEe8Kq%n0KHh+}_CxWKg)TwNq(
z?|X1k;HQEhJtYNy|Kh^<E~%rPrd?7+LdZVg<(2Fmm+-Ff-T2bpLGrQStg>w}@D_M<
z4cmGp<uV{0yxfM90J||dNBR==H(9bAE}@bO!Tz})Q{oc6`QBt^KNhRklCiX1g=Ed-
zs*4F@s4Pvb0461N?p}K#zWF6!S~EJkpb%lzozg<CC5%0M5G$j0FbLxh=cKkQk3`<V
zlgDK#d3Gy^2b*SQ^6>pFkMNZCD1?aoj)?7ct?Tz)TUfi&0;>{rlf3`eokgyeP96j9
zNvagO+ljYhU!WTY<ftPvhj$U^*CZs|=HFh_CcoT3DANwo9dpZ~(!8PK8=fE2m7-Sj
zCj<QVsSb=7)C7k!c40lgw5d)btBflbcdK%!!@-Lf$ajVVDBY#TF4lJ8+ZbOFVU3Ts
z4YsCuRy##liW-(Iq+h*kmV`SXjVt=B?S+p1JR_Lp{@5u#T4cu^%lFc01mM?p@44a6
z9G^FHaAm#$QHJqmuz`Wsby4q+ZYfjWBsj^_?T|%ot-jL;<v8=;G$UsQiP|G~*YRht
z3%1vruRk3(4X^s^Iz5`o7kmBm=ox9HD^U-EkJhqG6L;o9AUrHaZlt|Oo>@MbF}jP{
zCT@(m^BF(C`lNu6&|hPgQf0O`#%ATkwiYku<e8_k<6i4B4t`qMS3$K%gPP?asmwNI
zs62F~E_l*{u%;CY=GFJA{_}9Jx|cJ+Q)_OS6qFJos4kXvj^nKsAr;H2l(q$EY{6Ep
zdFy_$45VOjAtA3fST&Jbr_yXxpKX=uP8HYGzJUhEN4R`Qv41hgbzO$6i*af3fbe}0
zGGwW8m%W=$X7PXs=XGaRs$3WkY{zd{3LUk7?NX(M#g!YxcE0(i8iOLu$*jk{@tBLK
zC?cgau^xaW<$2V@27sz>%4lrVA9m6J=5!H-?im;`1(<}H+0g{=0Yd4<r10AdfaA+}
zLtg5oT8Rneh5m%0zc@e<8#0v?B?sK@XWN!sm$zTG_F*LwSEnWt=bOwn0yOgS@;1}u
zU)A$8ZZgZa0{rTiii(6@4QYXaxAq%Q2F50`^Su55PBW_t)jGytc(F_g_4mt_rtat)
z)hBXg&};ppEbA#o?|0h9FfujOV-hXi2{0&6_uZSqJDj#+Pslkm4*opzl~0%?kMo!b
zw|_S`YqB(w-PYDte|5eCNcs8rE{KZ+A|7#Va1bb>J*hbi5|-6GTP5_)UDSRe?k|q!
zsMZ6<{1}OhO-&sDXD>s!!sf>}d|`Q-ghHc=#WYsFwf-2tb2M6BL17sPXUx}n6K-g6
zQW*GOx`NP3z>}-`qnJ3j)B{+dR^yUyiHV)&l4xz9;n{eQeD^E%VR*&OiT*}p*tyGY
zg=WTZ@yDK6#KinNDrMi!=AMC@7euaXw;oykUd@bQQTztoAgi>jn0|6OC3$riZE0ge
zFo|3afA(HoUE0x+M<yc%;D{ZD8(sv$eKtfNhrP15e}*0OiN?PE@WLDbk9VC+<=o4c
zvM#RDQT-r-cF6|_lf@=oL_pcE)#xJ(oCVeZ5<6E?Qc`AiHe%Kp3Zm3$*ST?N<RySR
z!4l%^^yqt21aza#sv<TmZSc3WfA1GY1tAG?7wp4t%dX)~D>?Uwd_|DIj)I6KewLLX
z0-^IRFhxq1FZQ;!YsXu#4X7^v<3RS18-59F?rndRf$-85i26En)$<NK#AwAl?iFbC
zHK68cm^N}e)WbB_?n;31%D9!94X~){4_fhASXrF_Lb}uG!3V!9L^@)?-tYNlUrf(^
zvWHiNwDg{P`qy+s(JpmR8nQ4m2OS@~Tz?0fn4okJtI*=S*w$=n{m5J5cj*P#DGz|p
ze}=4TQuL|!VDjbd*z9N$B`OkA2C-iH^u485ER~`>>h?3k??q>a$!aLay-I=b#b)A>
zCeW$3<!hHs7JtA3K?bvPa<&31Yn(TLrlOmxYW7w{zCuoZer8coG>BT@<?Su6sJK>G
zx8Dj!8Gfrja7s_T+hWHT*f5rS7dDk`l8~5a%uVI7Thb->_ALugWa!tq4Udcjwk;Vs
zIDF%`9(TZ8qE<lP*EON*5KTD1ASE5z1rU2{K(L0Pos--R>LIHRvIv8sTH>cmL)jU`
z8D?ckKy+@zM_n?rw;@>vV9)Tc3e&HSv%wY5381j%Q8baV^yC<>^~^bJ!utE)g0(IW
zZhzM+>{CpFG>{l9f>1AnkqEwSH_~*l*+@ZQK>NFbLVIrh3IPagKvEYB02jky*~-py
zt`j+=O$HoSbWYGkYkMiF_A`mdh=_V4v5G01e1is&MGr54c<&>@08sNjOqH5~$yEk|
z!%JKqtJ>9Wv8pdmShsKF%m_LIDAaT_Gc$nY?$lF(0zo@wz2Ob5hc0{56}cVo32b@l
zeRX&KN*2ZVf5ri*)boqEw46424i<xmZ#kSEEWMcqFqOAofO+rh>swx4{w+RU3K;SD
zHKku&`2`0Ddu-=qA9ytYwc26FGrt%hW&N3+%HE>ET~Sq~JOw4ptQlpudDCEP1r|rs
zX?RohB1TY95Q{ls9jp-#<diwI%GJeX(X9@u`D<tEf&6cei&Mwz-R#&)TyWL_3xK<-
z+n!bbCc!|`SnG;y*)10QWGAzHwn)a7amTYW417=2Nl8hyij8i9nL~Vv;^X6cr>fcp
zP`TfJ%=Gxvor%v23};;L(tB!Eyi1Ovy;u3?YD(ju%wXW7yIwmTr5|AfO{j{hYS5e=
zaSTFjHapSk@Kk`jQZtML+t(zl3szFNE=D)dB3N5sc`Wg>uFjkNbz^`)H+=9@<;}Er
zT%?opmCBRI$Wa`%@D-<(t!V#?6@)Eibauv!tSodTGm~Xec_p8^JnU3Vd`S0~ReGmd
z1DB2J`?0C%J1yw)rY44>37UgxQ86)}mfWV!P8k3qJz4Dtkkl-{NkrP9?|Vp9ykq%q
z&l(!eko{t>-)VQ5{B+?8Sp`r(KO3T_Cx*6MJjCb$v~>t<>m$IJ1G}-qYB!17-gL)?
z1gZuM3lTp*f9_R%FLCX?204yK+qB%02oRy=1~}jI_3My<IFtduem(R<q%0V5Q%%-;
zKIcAaE;SpV2H2t?s?a)!tz!%#yY#1t>sIJJX(><DsA7*>s!3<wRU>DM?7Tag-4)G{
zU0a*XmgW(do6Ejrj@q3HlF3ln<3f3CE-d72L-RZk?yc5vh3oHYtCa`L5RbYdl(0P;
z=D$fQ>nhXNUA&Cj)Ww;(R}gg88GM%8$!qm{!_v)70LVa%fenPsY;_Fq$h@_^;YBj#
zs4=IYyO4Wj=o5%Irs*3^;iKM(Q<g{?^4PAmNLjZq#O4q$%A%uN#yigW=CW$ONbHj}
zJ&`A9$v58NE8?|B=RF@;xa?9lNBNez0l+d_@Fl;|U{GZ9-9y9Z0$J`n%FC7?xqW9w
zgZ%Cr4+igD9(tdHmjD3t3{3Qv#YIMu)F_}XJsf&XT;j6z{yNb`WbRSi^G_0@>VdwR
zR`wG^x2H7t>3qFFkVHQWdO;OPs(n#&?k{JChVDVdQMBUX;y!16hOAs%gjAk&mmB_9
z8{mu(=hUs-y%?|uaHCd^IOxK7#)ZRp+}P(FYUeH%7NM!4?$;XJSFdgng<w%lSqTX|
z@bUH*1r{S9pG|LN_}x1_rZ2x0SgXDy`$#GZGP%saCp}~^y4kQVou1U0$_b1!kgQiy
zRC?ae+|%YgRw7qdR~?QwRjw`<FsT5O@y3|b!VQl=A5D>jq6U(emFkMJ>GTplKj=i=
zu7&O3(Dr|sVj<RWDn@^~U{piJmLkh7kM$Gw_q!}^0OL&VE5JpdZEUXo3}fh1qCV(!
z!5DoNz9D2{UwyhDOvuEe)~_K8U4W-2R)qtB)Abw%7Gn^9TuXcV4KRSe{`~n;T`lAW
zpC165^7V0PSB1VX@~VLX<3fIW@7Fn>^8{W6O^^vi$4>v#xdz^Q{J>D*tXH$qsl}bg
zD`;kHtOGDFZZ8+&<Ky1}#UHTm=;`Yd#TaF<7QOL#or%2sCdqzRI{xp}1{Qgod)RsT
z@85wfEiZwAUKfau*?{P3LQY##5d<SRl#yT-FTl+KC|_=e7`s-fbyFDeyBj(|H;Wb(
z{r^I;f#Pt}r4~Oo<K*}l91+*C5+V_!TuRls!#ScPR0R{u_f}Po&Mse8=_^*|2`gie
z_L#)PM2h>;AAqp|Sf<5BEw{#u-S5b|(d8UT8I=o=hA>Ko1Jb~u4EDD%1mFPv7#1J8
zxQI?$@YfI9T3RXbRtK`wMUDRTPWv5wE82+j0R2M6UX1+2(#J<krvMpiZLg*_dM7U;
z%UMiaYT;pk#@wM=EUSVNHJH*52(XtT8@pCiP83HU7ihdOG-Lpw7~8EXNNH&LfQpod
zir}NE=`YyU--3carKPchgGxHOx`$^z`C28*rPtd#ec~~Dkx^*q$Z{!88sAZMgA~<h
z&6b4Y^6jDqBsEwV5C|=DkEVw(1_J3{?g;nXui3D$w$AwZGXM~-qoZ>}tIP~&ZSmq0
z5{74I`+E~Ogk87qbH7*8;8M!=V0vf&4mI#sQh=g^T1Ybiy7nsXy?Ta`uMXe`K>V9E
z{3xzx&o;(&fz#e>O|zW#rn2N^{KbWjYhL|D%(HH**G)V+9deAVR6%d<MR)BnG0CYH
z_uS7{4i681^7QFC(2v)jE{A(G7yw>EyU9=dg#{$rzrTenRN}qfoH;v-l+~8w?M6Ex
zaf1jFnExIf)N>ke!(iXdDJsftXh@y0t5Y1q3-$}~m{Ef$tW5m9?aL`%_$k0vsR%zq
zrU7w{f84O^0h;U4;!z6#s5SDnTI%49eSmR%X=1_*PMggWuj?SH3cEKh3m<;ag(%G-
z?!Trbz@b;Zq^DH)?6s2f_qw^-HBM`fCgw|YhqAoI)M;O8z-9l6rYVd_{c~&j2~eTW
z(O4Vijx~BPUd!7Dn;FqZoiz6E)YZRC>;Tx}6i_MJ$7!&O!5;!5I0peBV89wxgV;#d
zyiO<JUb!oew>n1IRmIqOSp!?rn(a@-l%A1byRw#mr4X_J@7i-iT%rA^7bHM917If!
zMiJ{L*yBMMA;jLDJ9kz$HW1y+(FcILDY0LWc*_bqvy!lSQ2BKsLWXKA6;~~mbSawn
zCMANHI7p$%q~*N4y7~vWAEaW+hI_?5Jw3tFzftTCHvrrWFpDi?KQw4%Qo6`x`CD~~
z&B*&Ss%3vLz?MGbb%lIJ-^o^`?My%nIr|OkiNZDL)h_hLs}-?|Fy~n+V-vM-EXFaa
zmj(O>GpL8(DNWjs4ZXXZ)7;$Mox$EVGBV<^_z6d=$}W}NF?yT&zM*#<(^vyCi~8*-
z(VeGeJgfAbf77oJF1sFH`?JD;c=yJJ;^J=rBAFg+{nw``KyY>P)6GfNC90!sXsyf)
z&Ea@Y`i+Mqf8b`y{R!^Be3pDM)<wS`gR?Xd1V-4naD<7cS>bei#eC(>p$uiwzuCcX
zS6++dNksioF9+qUQN+oYXFi`IA_x+g?<#}P%e&JR97ehZ2K2;|`3CA)?*7`ZoIMw5
z%0-(Rf2?x4GDNkhzfMZRdUi)bkT-n!tgK0=K!<a^=?Z(72%_~KwcST`cg$Ok*nA&_
zTJ$<kza>~`sN7qWrpcA)euco{qpK@-VrkZ2I3s@Vbfgyk2*OV*+TR7muo&sCmy-J+
z8JhBRIEif}Tj9A+73ql_j^A)-L!K~XcACgavk^CWvKq~#I+J;ByxCSX7B5EWUKF0J
z1lY>jpFIeVL#TuD_AIV`ghXG+Hdl(midIsgVi^Y9&oKOuIlAJWtAo66Dt`?)KXB$A
z0Rz!AqFEtx5b1%#6$|kH-@X<<vJ8}2;KUx8$hJ#}bucRlU8s)WO3Dqc{&=X%n<9M)
zVP5K;{y<sTk)2xyF^Eg$vb$JOxM@k-nQu||gY}ta1^12Rk&!R9SgCaEGNkk8I#@+i
zH@Hm)-}8`mE8jDuv^sB}AlrJCJ+PcmCoR8SNZ%JdaKCblpfZO_-a~ZG@R<!qSbBjm
z%Zoq{u`yK7p-X)|#i55nsn6EKF9O1rEb?UWv9U}xH2V9T`UdXqRmEK5`WFsD<fOdq
z-aP}6pPZk|ec!gG6stacDD1smDT4jGkFse1>8q1#%(66~t4ebKy$rAmi(L(8=_i$}
zb{V^Eu=Kw=d&{V{o~Y5g3N2dPt+*Bmt}RZH;>8_;I|MIKEVvg5E=7Ywad&rjcZyTw
z9{$gI-}`*NS^1K+PG;tunKQHHxA&&eDXbO0k4jACknEDu_b$Atx2vN*<+9sTGOHKc
zh)Xvi*taoBw#D3m@>&&qV~aU;$%C`m`I9A3536$G>Op~#R(U_SFSl2SQFA*!MWXQk
zDYoBC^KO_my_#-@qMR}#B3c<=-+TLvo<JCKhH-6u!Thx9k>QECs;8@2Z=NFZ{R}d1
z5C&aOGoaBwx%I?z%a~_f1#pzkJJDsVxAIlOs2Vj0_W_GT^F~3LX98sF_?XXLh#7dA
zd{(|h_cG7zGAZENJ}fP{X?IDrFBAy16=HXhUGS%2R^lS1fSer!NIuD#MM+PPuar{-
zy!xN#nVc+RY`iKK@$m34q4b4!@#6a0s1|YAJ!9qoQ1Dba({e6&K8E=gd7xhL*rSCq
zPDoKAxD)dry!KJhZ2F>9UvJxh>gIMM=clbwVh!<Ec^fNnqq%T;jWB$fi;sf;cTz__
zU4St(_*bizHNwym&(S(F-+1s#M{YE&RUCo&cY=MDd8LM?<N@YqRN@GwedGGh`i{X^
z0$(W!?+%^N-#(^gIT0dFOb+#_|N2EKJGsa@88SpaGBIF|f0(m?QKzX9#}(5q=FI40
zu5?b$ei}-a+k)d$R;Z8pqP|%zj^eX}Bg|lvKOyG>4Q)7;xnGs0_2`ju77l1U{f$;M
z02KzS71_ACgsX`vCGed11G9mv&Idm#hKQ?qLNUVCmewT34uF{%g5_7pbb;GruSY5D
zH&Pp;Pri#2!Xk3C&t&kw8u>%Ve&$a*oT<gsg;|04oJ05bs|nRigW*lNM-HL$TZaWe
zDwEW7;sD((OSo>fQLc0&W?q$gqqrntdH%-FGHdTcs|&*TP(91bC<;;qXA%d2rqtj-
z@(pvP$6i+^X$skAnE|J_52Iy^7tjxZC6Yfs-|D9HLiMXcWW132Jy%V+icM@?YE9+(
z-&T##$t6-YnOckZvY}djJ8Jwrg+|2A1+=OOl?ooC=9{+Mwcm?0_Piw~>(-u?>cuK-
zF~S<@DO6S-B}%FP<O$DoOCX;04d0ej8?vYKnQ>~GrW^H|MA|1kNPs`Mj%a2ZQW<Rq
z_bBU3c`zVgrZrY0c80&@F2D_<(xHD|SL*u9jc#C&uR=PYN^e}ct47dy@(`mD625}J
z`-UBmmGv>6k}$fG{H?g1crpK2_{@efcLwV^@l~*+Fg>f8baMU62gS|sgHvR+l3SO@
zmn~X0{McvcXzPO5b&XAA0livWg~VgQizZ!kewMaJzLBTy0t}MaLa8qN*7@Snt2lqv
z<wrVpNdnAwft2ug{d{(PXDYu})(qg}*Fa8#A!K%y2yiFK+)O4G%I{C0=Ewm?c+<y+
zV~Q)6xHneH*t4mX@>{_Yke#J>$*mg&HJ-HIbNOGOMjx!3z`4<WwY#{g8__w86u^?&
zLjuG!3_RLlz`8M>We8f!EtF{t<7H=$DQ0qZv<Q<Kk^acX_GNZ?>H|;9k2m4DrUof(
zzbOSJ8)Nht2=G{1)2Ue~j#=VWC&dI#-fD!ze~7eSdv)nYKq=_M!bZO?-8*dYXIz<T
zR;IXj_WStxl$@WSg_{ez+Zlqvzi1l3d$H+?18c9L%1+yw>tm2OryZC;>f?aY7DqS@
zFj#zSvAmO-O~{EfbJNU(j@^fFc~EqQoQyaPISAl{6rxmMGWLW1F3Bhb$Hq#;I0bAE
z<E-eX^HDS22B-2mO3dOO^1~dEj6Z!)ut^o9a#RhOgkjrK^l3)DgF@TFa_K(TD!S=;
zi+Aa_hwhZr23RMD6G`g2DIkhd@b_{RR+9BvV}5iF62h%9fq&<;_9}dFjh*vu;i(}<
zwMoBy@axvPz4>`#++M>)mfcA4LBP?I&Uqg2G9@Mw3V*1vPOHW>A@qoUbp|OEzO8_k
z|HNBKss)xBQBrdXl{BI7e`^hVw%)b-Mq1R;(z0B0t3NKZy1M#3RsbWky+3{;R@rE>
zF`fYY_8*ld<G-@YH>EdRu}MVM-;)tv)zA|L1aQlb^p`7k^PjvBT~$SCen?-nu~p~I
z8r@-J?4eCwoC327*`?RN)X7=By98hQs=uxA)btx-I$zZ;Zm1!2^jg(+AQbOt*E;^j
zn}xj80!pE4tG+%WL>}_0SfB2SsL|x5kisri#3t2(71@a3{qY%=$O8F}Ow{s6j0ue9
zI*4VS{LY193GTeAF~<(*K{`<c+PTGDd0*c;<<D9DFH<2RACIFdKGPg8EFX%n(vLWa
zDiu>2^=vC*jEjvGm4V(I?E)rk)i4@?R33`bcbIs1c%ZgALiQahqy8|=nt>^a#6kh`
zX6Z2bU~<Rd3#&+c6YYBJ6;Jy#rV&PXA-){M?#ZR0Y$%-*c|*xQMvK!J7uO&e#%PsT
z6wac0)(qMD#YP=J*uK|C&28Z<k2IhZ-hTBYL{aOhclgI>sJ({w3_)!t_(Wl{jL(Q-
zVEz2RX+*@yevdu^^U#^)>iN~SPmVJ<nbD_#RIqLtu$H6U<Poybf>WDRA<?WXjr982
z-BH>;PL8hdtOS|H=FUqxySOOn=rCKgJi4DLxo{3Ou;|RXT<IhFPa6O&TMJtIgJ8Ic
z9=cBF7p3fkIA?Q1?OZEYiDym&@$}iA@n&b9bqcekJ{MmZBq-JDKBopZIE*x)T=heP
zvfT*}%o%uTtn?hN%~ZoA4x_i$54s#_HO)^FXO<OnNw}5;7@KVbokdIC+uoc>HACJm
zICAovlVL`Zambn5GTYWb2P%X)g+XdLkVGgPZ$9QoKXzk}&dUsE-jNJxp~;d|m5ork
zp6`Ed3n;`G9Eq1`A?&aj46N;%j-c1-hJMj+W<znAmDmW&{nm>!-j^$!#M(AW#-HG{
z>_r5RD}5s-jFl*_wQWyij_A4+Zc$@P9^Jm%`qUK;V6n^1(oOn)bl)o@cFEtD53DQ~
z7=kiOF3|aZT4QvBk)~x8IP*fSHP}-;V|gg9ID!s<#ZmRJ;M<BL^%8g=tu)xRy1<<^
zo3`Y_QeO_u7`9|a6ra@2V#=65lXWEAqXLgCPs5YH(+qim679){K>}+Yg!q(R$Hs26
z*$|h*`rpRK(An7u81^v@JTx>2V6gRl8V+%5Yv$@|-*fX9OnS|!0OX28iOJDT_^Vd)
zo>kMais);R_UCD(G10Fk@Uo`WK&P<sbwm-)Jxr`I>m>%O>nCr-<4WIisX?mc2eOTa
z8!Ur{ZAbL1ud*s^AK8pN1>O>Mnm~($=R<Q9@AU<hK|Y#az7{}=oYqRx+weELf|8XC
zKe{<-<dr=n=JU~=yi4scqj77PA8g?CgT{N`46Ms48NS+qDQZF4d?j~0C1xK7?p*0k
zFjj~Lv2ANf*Osob+pk(u8<Mb%{Gb>i^lTwFi8fd@2QofEdCF?#VTE&%HEP<PKeo^_
zJAZaV7^FA;=Rp85Uq<XnKaZa4(*V;{1^7;YO<rIBa(`<7Ee9Ghe1w8Vx^aH@CgpGV
zb)PFyfHj69VM6JM@~2<+!3z}xD^_O<t~2P5qFvxGu?H>Q3|8koJs8)2MrTRcEY^l<
zKg2RD%ey=Md-{zp2j;uwKihxn<%IIp7EgFoA?Q<aa>pWhQTU^Kttb9Nq8Dd-%}*(2
zJsp09E-=dpvbZZNx26EW%}l;`9<WIE^!mGsbg(YiJe@Nkp_fkI)Vy(J*UvzPBj_q&
zG#7L~p0b}X$@GJR4#-rPNu`rf{#(K^ea41eP#iixhb|Hl62P4En^<*sw$_%csc9XD
z9;hjS#<#~sVu%%vy%a@%sQmSuJRZ@^hF}+~VZS`7>sB0hIaS;$i>KhoY1GU(<KLqH
zdd2!yzJ250<oeG60LA?j0xzJ~Pazu>xTCv6Ipd1m`;eI0f4?9^DWq^<Q84?jv|lkG
zVgueN<&#gY*hGfAa;dQ%qdbMW&t4%ncE43<1@fD?fc$$gLT0PNnfL84x<^p~hU(eH
zzuSM+yv8Y6|6OS`aWmkSGWKqGVxwsX@_0BX2Yo<Ke~d|fdG^q`f+r~AQVh8~uVOV>
zWqc&2^ChF?JlfioA6(3ty+cnIpCEz=bfG_TM*7iLbt_BP6F(n5vHC!*t(-ilZS(cf
z0ykxC!PN9L0*o~@JRCLY%`Bdllc>$8j0LqV=lBF+-Q<0B@t=yILUNpmELjYuC05C<
z;O<Wb2e_WdfXB8;*d1X6WifAi?uqR<Q5TmiDouXfKeM_YJh>iTYmm&WJLR&z_0%;E
zI<G0<1eX3*n(NP_?i{LwCGUJdR9)$q88UGzgsgA$HC4wAwOU)8sHEJ^+1r!;Iple*
zr=gW$D7JBZ>c_7^%B?>8XgqfwcRAb$TvbJ~Wj3{bZ#frD?`dKWrYdatWjduMg%g>N
zLH79W2pAHsY9-my`!ghk^>M{b21<IA{|p~*fST*YTD1|s>CUJ+0A1alhnPWvvkCBk
zo;1<2c$G|9%vG5ykDgfZiAzY9c`Bn}NR*uZiqtLc<ULelE8OEWc6QjjUMKPhS6jPd
zz7>-Qt-X??4X01*g?r)nM8#W|+6siY>Tk;;+|}3Hd0qcof9=GF@^l{wmd%X5-ZqS8
zD=(gP5DxtHeU0s(_Z^D-zbL4p96WQG6z%EG&7eV|XzT8ikc4p*Fal~q%9|ZjN9l<1
z_mO{|uD34G8&tw9+^gq_@4NWp+g+L@)@aj{6tdVr@TQPJo=3McJgJCaEK<j(wv(|F
zVijPxQx@Fkc(jl3G95Vhwy&R73KZN@X>I~qYdW+1KuxMZsr!V$V>%2etaff|SivF7
z7+Y(40QM!#q62Dkf&V<6F<qf}9JXmZiLI@zFM!&;YHV41mw<bfLx5?y9Vl-$09ff%
z!@%oE(8@ktCV3TbZ9Q*=XsX`2rsHb7BTrCgtnr@s88&ukQQ=R&8@bxHJgtDE$6<Nx
zl_zx^%4FSApL?@=wW6}6mdEbs6Q-Xyx<0Sx7-!xs95o3NKgvZhaLxQuNPD7>_<ZKC
zxgBGO1aJA=6-;9@Fiu>9OM|?ig_wFj)u75C0cvW#*d}lXYPp=iZr@vJBxf6nVbz)}
zBh;8e8855RQf`Z4(tqQRUEGb2k&SO)<4x6ZcyVfN2S{{*Fpgs6zLA&yE<ka@yw#0L
z#GJu@(0U4HXChVTTVeeRlUBkX_uk=OxgB;wq>!G00*)C%BBJtz*E__!dwXq1F0nwJ
zHyeEhkAsrh-*7zIP%gsoXOEefWRTi%fQYR5Sk=sTI~4a<HP^1_8!m3WKrzF98s)9n
z#Nlxlzym}|ki9kiiMb0Oix6kRZ)|Iu)$=bEG?!Mtp{4m{dWWx#9GDuMZZ(|$^!}tx
zwB1EdhCR>B=O+urg-@+qQc{(w>gq1KXUFo&a^S+2;q(`KfX`^_X^}2xOap2ro<6ex
zH}6aGg>h;myHo0p4ipT-kcZ-pjBtR|9c68@`TAM){f0ejS7r9{G5yg62Wzl=w-%Pu
zY9#Wd-y69=l?LLEz_{pxN4E7P31GvmM$+*m1VKGr-4|O7l6j?o?dHcdf2Y><1nT?7
zs<jj<M2#*i2G71fH-z$8<yx<57zHoEi)f8*>md)8zH8_T*(JhsLao32PMXcWWr_L-
z#OH|ox7e}(yCi@Nn_F9VZ6P%}HJ6m2iYxXGqaEQ8s9XGx&HLR#wI;LciWj%z_D|F0
zlu!aA6frT&U5nkGql>o!-HV_X(DV!5Odo$&>WIVNxsNKfWjaO5b!UzN#&|!~lyoq3
zzPwt_5fjMGrStc#6}=hgKi#j|RWJU=%je9~@&t!0<L)%J>9?NRuF$$~$z1x?BX!q7
zJ{oT977B%Gm9>v)d!SWmjw5%u@wCsa;dx6htttFG(rik*)N}JYe4E+S?x^A*OJ%O8
ziN<|x;OO?6)G?<z{ax1xD({Tx-hR(Y!TQz&N&A%)tR2q%$yCQXm|6x`DuO*akK2A$
z+jj`-W@|n=P3GgMgQx}MK23gdgVwu!ARLg;D628<-7i-vSuB&FiaNa1d@p@eFq0FM
z?B0?pa9W$tLD5bQEgc2IAt(QKhZ~uNM9f+}Mp`mqSfm>TRBt~%n-XGjb92|6`1W>p
zTMtk@vlkW@J>}$ykCvNK01ItK58z1;B(iyTRDyx`wLh$9&1rms{l~}#Iz(0-c9fjT
z!&i}=ki4-@b&OQDny10kBA&Vl!WQ4&;W%_!7xqFBXKgzWR&)Sb<o)kKLX<s!WPNtK
zz`$%db-VOSe$zKsY0m@uzHfQv_6jb)S6o;}LmPqCa{9GU7*{wri;k(@k%RFVsbqX9
zkwbXt=fK*kSOaQ4_i44OPwXYozxzFmL6^=NtH$z2{`BVQO?bfmTh8~}v|H;AJiKEb
zxcQ$>-Rf7gU4Rh?dau(qe)}Y^obh?BAPW)Vx!1%X;d}`)zr9J7kGq;!MHNW1NLJ8}
z#gfE0@gmciBl;ZiP5&|*Jni+l`WKZsL+>+P^h!fR13*XscFfynm1t>ud)v~YXkN><
z3CAe_BW#mx9`JQ)mhk*>`Ykgems2|+<CFOMbK<zFSwmh;q1WH>xeUgz7vso=b2mE!
zqu{rk6{6oKvjR}6YqBOM{XU&Cus?;w04*k;@A)7#x4%0rY4D9Z@k9pP{$j+1<2%FI
z`IWH8Y23By+RDQ9<oUv@vrpcbK-VJO>n4kT<9o)y9dL!v%2+Vy+P>SWhqmtO*tSAf
zS!;@P*^O@(iSoz7&aa!>>G<91wZyb4p6cN4W|!ev!c&T0D4;~0=j(+2`ah4+MnR`*
zWJWkd7t4F6Ag1~qQ;B}TOP|#<l?l)1eob#WCfd~TUv8H8k9Z@tpUyK%8~t~lzS1m7
z0PN6w{QTtz((DV<(}8nVG_<scO}cQypRqlrm1lPcaKs^lH&K8;2XJBH;kt#r8Uy3R
zRIZm-X%QUSBSms>qmIt-O5HU=obFCjh+pGZ@y%VQ^k?vfy;$eSn!U(1!8Z~Wj#MOv
z$_Hise&^vOC=**3SKU&KV(UecJXJJ?-+sQbe{k4&d)e|nx#L}{-glApO5ral_-RF4
zAWahbKaOQpAdXRLT?(^OK}kI=WCCQ|?9g{ZP~}99S);X%r#pjDVu=^;=PKteF7w+z
z0$sV61m-5u47&i?&S*<T+<_Oka{Hyt@K-7ZS$I<k7vh30BP!69zBDxY2)*<pHOgQ7
zw^=j0-;+U!l?f6Sf%5@9Bzpy$Rz6tV`OLI3cxf}sY7I%&h|MIRAdJ?SI)R#%dpV_c
z@<>GyO%h|=&t`((Q+@`S&-afeADnHLB6vZr3Z|z+)~@x?(>mUf=YBZ$!OiM$1op}D
z|MtmffZJA5R^B^2G$xmNf0C9)3e*ek?eG7{#Rd9G9y&QaT>-#EfRoCf6pxH-1bFb0
z78a1rMvM@UMAR<=|35>}C5BSti4{RvQFHEsKlb<=9S3>8|6~PuwG?ztGnaZIet_Y(
zSx2%^(^HBKyo`+HVnI7<{DU$xnYH(!W$t>0dv)nSs2{ooR#H+4JKcA?@(DW+X=$68
z#lPV3altKrx@8KyKkenF!6YCNHN3JK9Fm*$ctvX#5WP8j*@G6X_U$JdMWfAriZC-U
z1OLb_T%lxjFSC><W-n%Z6qM8;wgFt?;$?Kq3H=d5$yUC#Ev-@xhbyo>W1X6iu-Vh(
zZ*KYXgVQrI1;;?ZkeQ0NCly@iyR4!nME+F-JAt7_T$E&Pu5X^f8FZRKi=)MIex!a=
z+!(*Zl6sE6L~_=BRZC?-)1Nfac5rnnrCCnV5Uk$XQ2d+c-u&FobuxnlAdO@c1nc{k
zAeHJOR*>*~Mb3X?kB{#`P2p|mVI$o>Pd-^W+eMg(RC1ipQnfN27gxgOrtzSu<7fzF
z;()lD8!te70Z0!HWupUtLT_}S3wLh3*H*Ps0bH#Bp3-Fcms`9?5;NU2r*;C@X}$O8
zRMD{!*()wEZf=dO+`&*?5D>ywoe_04g&6ogk914o#zqtAqR)T4i^GoNb+iM4-oSVa
z?LM3k@t<||WNS4_HNAlQ9n3v-UJgdKQRrsATpdUjAFLeF*Y>pD{1759)d^w@U9OqV
zz>+*(Gbj{({NUvTD!4rdX0V^cXG=Vy<^C1vXO>dMG5UhVyUvwpwpx+g-aIvTZEPS*
zO~KwVI-k9<quZ^sIlpu?q1rG~q$<%<S#5Iul^Ta<lBKO~qi^D|)^I;y(-Y^a9?y>b
zMJAk*yqo~^#}x_Fn`x1ZVM&PZ6K9ZsY(1_`=>1jMdor43)J;N(GLzlNy<9OinXisE
zlM9ja-Q<PT6Zt6+|3Mf_Z1P?C5NWHn8_AFK;cTrEEDS;D!txZL7D7I$F&i@udTjX$
zaFfs0W^9fmSt?rEiHV7h)zu8v5d;xY(boX5mILI>I4sNtiaNR+FG}m^ESW@dCdpbY
z)yJo%vif+qMAwN?o|#J&Z@&z*wlRpH{Bh-|Ha~o6C=>aSPYAT)S*vn!I`*VCriSCm
zPbebm@P>#?cd+>0awF43MNHzZw^Q*ea&jpP@Xr@dnH_bJ#GjM6(XE3^)6TuC$ac8X
zIz3j|2X<ci3|kqd-C~RlbYyFeK)R^&^^@bp^~?}EyaYePn~w4az=Fz9dd8sL4?511
z_j~WJ9xgOA2jq3GW`9*V**p}{COL;w-w(?Kn|eEdP;rS$UO#vFL-4Z6^P8Eey#-2=
zeWu&dlJoH3YySRO9mcd-V$KolzN>!;l{B9~a9(u=My~kVvr6-_nh8ED+-;s$vlFWA
zh$PfZ5hIin_{m12rPGuGcBdYP$2{J1MmypohX3w-4CEvrjX&`}h0_}uulJ7oxs-kV
zwee15!S0>)1BO7~IXMf+r#8D#_{+aL?$K$Iy8E^~;>Lxv&nX_(o9i(-iqG1(iavXi
zl!8JJ5ID@kLswjgz{<lT1-v2t{{B?d)Igq=T*Dkg7z}neR~ZD<=jLFdGZ$2|uwVd+
zl{T2F;p;H5j7ce}G1V-84n$mRFSK}Z<&9U}(@>7i6RZ&4u8$IaubMFZGNMUQat@K1
z=cr9R42a2su1`xQ=yEWIvEW8WN7Vd|TC?Ghsnz(diuwbnKg++;Ik6DRPKz$54KAiR
zS5;ZRzb0FK+=8E8U+X>I1Rw`{YzNH@B4vjH6BU&jE9s+v-Z3p?pvw8eL+=x3`eBF7
z0j-b`Zs0CpF~X??P1|q!JOxz<H%2&qYczCLF&rkg@mTM(Gz}Q*s=&<BNWhTHcaFMx
znOIgxD6;S)bS19Fh=4GUj+anb1-uF8n=;rqIDu^;A|C9K;6BMmFvy3R{(If^-v~^)
z@+z3@Szxbm=Sc*gZ{NB@@IKD~sI|o?Za?=6CG*VhNW~Ua@6#=T@Ndr$-Nd7c9=w$8
za<7gS?dSW?V>8L<qx(|s(xG1qbpL~WG@#j&wqKttEr*v*F_SHApPzB;<dGW`<Q>B9
zd3zRj5pZ+jB~i*6Qz{J=o-N{*j-gQnXb(g*;*7jJnq8Oba-g8HM!ge#U*Cjd<?Q^t
z43H3MYHDhOPgfE9@A>(kgVF{msXDI0;I|XD1nZm2gqkB41}81|L&73s^(aVc`35p6
zX+h)15=5$q^X7bBx3vo|ps$jUWs6&EDbD)Vl6pNqE|yqdG@rieM<mN~3XY|Z%)PxA
z-L0_}7nYm);FW7qSKIP)r^9RG-w(A=+YLD?p$E`iv4%3C7Txa2ahCB6QB@pq$1;&X
z-|6qSDaXdkfm+hNsc9$qMcc&j9?O{po3nKh>L9|31i0Y?Wh6#=GFR7_Tub-z=f{H$
zhGm`^(E*Xu68G%1@9|yPjHZfF0)kkmL0ZN4_YgoIM%9gXh{K)Lj_Qp((U7n)1j`!A
z=SpZHKB?Xj+E$U}n9K^4jtH>XB1dlf1p3|VxqWt?)ovRpa{X&+dHV5nb`>;mXm93x
zqgo+~D3PseEZ|48+I@QC52c5fZ{|w55?r@-?3oq<V^aC6%ioJtC1j<}MqFv1TDb1e
zYyPUmICdw*tjOcykxr)h@AcYtY2bC(d<O)~erMY703-h5cV&6zsR0B@S=W4M%?=<t
zx{^4|cHbpzY<&d4ZlI`YB|xK=l_0oM3)qmQ9~Who<{(@4m|WFIMpu*jx)n|I_9}?r
zu~kobr@C;5=i=_mI~$pkuKc9_v7BM>cqd!hQ27ofbT7lNN8i%%d1L^->UGWx+8GZ2
z=a`%_oxN0p>SfO+GdXD!a<*UvacPM(o8iA1P9=ES$;uuRxPKede1{X)JGxlIfg`{|
zo4@RlGXI*)z#2pS`p@^Pzwv_$cF0NM$YXN$mjXMZA5eSH6kT_X1~02O9#dJ^p#iRo
z9sAbTfE)+k{HJa-d$fgzIP!PlFPcn)KW!B0!LeJPK)paLkz*{YynQZbQOD2;V?Csx
z(I4w*<9o@eq&<e_qp35O!b%0JRZ*Kxh(TnmUR+C?Ez#9C3uN7R=i&wqwR7+zZ1Gpk
zn`|2kxTV?*d5i7x$k%W(yDYQ&4bfB<XbXK^Vt#1LhnlI?(%=Q(>(ha6k2IR+H!Yu5
z7E|n476OIy@h_Ac_I2%Ng9{hKPX<{)M;l}cA;H}~OC5CFJ~$T~W&-i1q|f5RL{4L4
zYD^5~py_#CjYoJj<jin;81@xFf!Ww%&#%e>ggGz}0f1+~VDPWg9iRg6pREL~?-j;<
zIh|M$g$gy_?8^e0YYenq&Tu<L{;KE30FxMZ$P;EC>&RhVi8A3`8d+26RRwGCY|aYp
zqT2ssbFPg9g%2?YZj7~<p?AO=1M@17x-4L$W}I4F*>hztm)hTgY0Yyp;D6qpL{mc0
zi90=ZPdkN$`BQrH)2O^B@}xs(iDCQ>Q5+sC9rKf{rAN9(LrrI<6^U>vYFieGiA^ev
z8fWKmm%O;?3I%h19lo`Zo}9e$yG%*CM(?HPal0gNp532G$UCDN5H#PbEtHdLB)93D
z$Iz$YD9lsEm%)#!&p*QgmYf9-ONdtbYs$BiQSQOY7+MLsTDLD~4b6tU(}e#a%FkJp
zhZ!}@e2?5*9@eRx{+6mDqB*%~m0wB%-tZre1&*_}<%pQ~KHjBl{$wRLgj(B6Ao{bP
zl(x5|i?q5F6%Ckyv|MTKiB@fb*EF6<$mFID-O4()92lsQr_&@NTEflohIp()-5v+Z
z;KaejGnHiC|K#xO<6|3n7@xR~4he23H8@Kx`sM}#;Qi9TQD@AKK|~Y^SQ7MEGseK9
zU<tLL8&9D{8*YHU1o9XHyD30%I=Q+|jE(s&2|d<U8SP!VBOxI@v+M;F$=KiJ1YukZ
zk)ScnxuB8>H*qh*SYvXd(vX~De8U(NF+gy{$Q896&75MOBYca$rwktmnpiWK-8RhV
z`Rp^p>UAXgT@%p`CBn90vC9bobuJX^yIYSy%(y6JZL5>R^vuLlQ0?i-6aLU23qMmK
zyuRcB(@R1S@=ms~S+<;<@9cMw1m&(1-Mnxq)v5a#Kk*F$LaSBV%sf(cHN?{53^*@O
zj+(N3{8#Ybrf^|AP4%!2COL}x^i=2Mmjpl`{(&E=em+j;G4d-YEA@S^`?<Nu+nJY#
z1&fjra{{@GQfb1_OfKdRF4vtK?9foztg6}dk2~k*zt~!GBn0vi*POwH2)^PG^c}{}
zR9YN(Q4J;k!D`4JcD}4^%1NuW^q}Kj@Tcj+?c)%4_^SJHV8W<RA^0N)3-m^cgbjhj
zJsjbP4BkYV9%)dEUeqDClM#9+#2=5#Z&r`MGi8wN0rp(jV!<t$anMu5R9F#6Z?C#x
zyyGvW-f>Tv^|s-*ttHF$%phICNzHc~+gpsO@!NWT-W%CRKJiP|Qw)Xej_!hxMAKwb
z;PR#s#RK+T$KQ$1y@2d6V|=<dsaZn)Qg!0!*DO`fZ?HAhwMog&o=JK>tNk{hocwj3
z*$}=({Jj)8twaKnt_c<vLe@LBXxu|SqcRrNX7Cneg0{UQBmqD2q}?^r*&srVUK~Xc
zc<C{wrD?{M5`thjbfW59X<6J~){bs$?vRpIc++G!{GXkxAMEZf%z;Q%wv?gov~|e_
z^+4o_g9H1)4BYIDGg<7~LM7cQ^G*zL8jasyQ2pu!#rk#RCPA_l^p*XdBKAr&f3`Ya
z$i>NAsL{-V-4${2_IBUHz(d&N1<cqx906(D0CN8+WW{M=^XUhx>v1ndA^LGX{7-b-
z@!1wU*#?@W-#={7HH}E$_!zi{M!R{)WVyaIjw{m;^t&42ldF({vQwIcZ&!gtv-3nF
zK~ueyvDr{hqjqhgk`_s|=+Okpa2*&2HPp!Qb~;9Kmfg0)DG1A<am(X0?xcOx3%58{
zAWa@e{B_@32)6)>I-WE~#D6!<CLkbdZce{549f<#$wzw?p=2~@)(1Si9smyoKuD8b
z6<1{O2nswi1<(X!e(=X!-?x)ZSyH*K97S2BH{u8E8dY40y}P5oS+Sv>)82P3C*45U
zKIjq^tf@u2^C|5xNKw2k5f*TD?jygxJp`6@nDPrYvingeiU?-ng_dN)C>&>;g0O#O
zeSpPuw=bNSj>!>)guM?hRLuN6b8IMS{@Pa6S!rq`quD2hCX(h>K=p@btS_zF$o4to
zxiqNX5-tUw=#JR;YMk;6E^NcyKiU|n{Y@k8d;eQDjc&1hXJ_Se*5}e`oC>Y8xT9{b
zE72@>qKp=kdP*c&MRFmclfsc~=4F)bzPV&3=`}Gx6;cW=*DL`L;cx2dl0H7d04fC$
zz#151#Q_nb0^Bi^PJJ8zQyL`ac#?9oiNImW<7%2k?tnptee$6DAn7LNP%)O%JO?aM
z(>|mH>%KoQ#YzD;-nBRd+POOE|2w7B4noT`w~?3_M;b1Iu)>Oi6k)hNS5{REHJGl~
zuw4#Q5$7~%!%8P*$9sI{t$h5$edFH6@EO5BMQ`9gC9)~_IAMM%wnmTjmz~rD)~y>;
zh9v7p6U>czmU%U{#(%*#45dx6&T0D~q}x2H$C1CXq~D{z*6hv0Wq36-5$YigkK`w{
zu#D+t`G;?a9nE{f3eM0#Pa~QqvtyV5>xo*05&QuuFt&T%H{Xz~blzV~GiB_e*3ax-
zTs$vK0x{3Z^XrLt<vj~4K-nb!dEU(feghmg5GiJEVbN~I#lgzj3efgKE2@j9x-b3P
zL;!7MAn{XvMuz@4rtOH>)k|7bGrry52VL{LVN3glv)gH>36DiE5Hxt)upgvUN8{fp
zPJnM@_6;XddVBB4WObDyl~&=i9IA{Yt&BPz)YUL#6n<v_V!>UxzZF|-2%mN4&iI;|
zx(VlqZfZ%t8;`9@FUe@B4#*@$1{A~_)#fV+{A}sozU<TOg<qA$_(qM|%r3cu{%BWe
z)*Iil12|0ihq!1<{8?xOe4OHU%>6$1KtYs|xMq%8V@ygk^k-MH#x>XFwR=24d<u@;
z(^BVl+$CrnX^g$mj+~emY{kLp1KExzn>DEiQfxH8@6O@Wk8Qe*J7`(vd;vY$a-AZG
zC@#LXej9sJ&@lh1w~z#DQLQ>OYKe&a7%ITJOpgNM<Q$uv6jN8n1J>K@k;|bAKU&XZ
zV@OC?Sf??2bYh|;kne<-m%XRm*b-hlsypMKJJtOy9l7TR;!c#Aw(3l&@wgOOE;UzQ
zYjM__zX>_fyk-uCky1W}pBOuIH3J(ekaC+yy2ky-7yJ!LdekNuA^4X)-D@L#5)F?M
zVcgcObxwOYUCbfX>HJ@{oN*EY-2>eRdG1Ph5bo?z(d7F^LRlrSQWA!XsTqGMdy*st
zh%5hfG_5d_GmYR(ravkh2Ro0OyG{shX7;c};54b*rO}9ie<fmfk=)WR{vr3D;-y!|
zuBCD*&h|5c;ly1{j)G6JCg#4@R;H6)cNUh0tNRHBx{X!VQ99zd4(kr=hXp)$z^<oE
z(442_NuqjVZ7qhP@$In5F5rFNr-2WM?|GwqD4VlVMmKu_&b~Va0GhB(0cajD?R8pl
z0nu_n9c!(7PU{YT>>8GUFr7x-Pr7itmKC45LJ`7ngeF}DAW>UiU*BL7M^JGw6A&Av
za)&o$=e=vS-?nJlG0!R0(iO3A+_iPOZhv=L=LuO7Y9tl*hLg37M2_Hjj!TXG5K;=I
zkdXZ14kCE_-gq-vYD79YhN^U2{NDR8KAxw@(r#*I!_r)Q?<C0gWn3mj*@7Z5nqB=j
z0n$@Q>kj%nw>JzeEBlO=I&*M9(&yn4KY^*cPQPu^SUizs^Lj!<FZ54A^zxOOl@6>f
z5W#-o2twRZM}pR9Ln~BEl-}dNveN*>TaJOpB*ifZ$Rg=2xhip)sf}!2?m2Gv3#s~&
z-Bfk8C!sO!)LTzp&+U<1={vg<*trqdMXE?SLcHo4y&E5+Ep5xrRq{o&e<oDzzQfHW
z{6j4qpgI@AG$NmnsEc!Rc5bfDY39DqV`iP_odMIGd7(D);Wa7$>okMFCKh5LJeC$j
z_=?9I6!80g1tj~bUNPLR9fz-XNNTw(`fi#pp@*tKD>Z=3Q!K$Y!?8HyH#`<O&HH1R
z^XGbv|H4aMT8QB4wQlpr6bVF(F@0ITxL1vi(<0NDRddKufcA|2>-nT&-M(}$|IT!A
zd1+8NhfhezCmgcr(g4Iq0GuI^&l#A{5;Y*Qg%$wu07sZC4HgjY3t;Ym?L5q->aZ4M
z?Ws%Vwe<QzD-eI*RiDgmy{f^USAa5BQkU%50G*`)UA!n`iedL7NK9;xty}y<EWWsB
zMfA-k7*ok;49q$4ppblaZ^J#jZK{1l0;wN@czB%7S=}H6weG#BCF<h(F}@P1R}}D0
zP>fJ<-Dr%8IvW-r!or^tJcxo)X_mcv`Ckj3r07ksqYGD8j>(zOrRhjVyB9O3tfYxp
z={=zXLO(sg@5Hk+cAa)nqw%w{L)fW5B*w^STkxF~6j0@vWsU9S{YwXJ{Am)}ALL5@
zhp<<MYDDTZ%6(|sy4QAmwSIM1hUT$r4;eGZ`B;TChM@_tKRI3az0$#^@`j*FEW=)f
z5YbQYritOB^KUaVGUp<AB%-*39cp)}uTkobW}D;}g}BvbJ_sJabRtB>fTn?UsNQ3g
z=ZGiuhDe*qFEW|-<VB}P1?W<aOqlODZ&ZUePOO7`ZSeO442YnP?^+go2X-XvQ9kUI
zWr3?QLVg7Qj%GGvlZMDup3)j;Q<-MTrJ-s964yB7*+mpX_5XkOF#mD}|KFd|F;4HF
zHM{?Hh0Yh?Wd2{jr4yro_x*oeGEV(`5dE)9{$HAS^tnl2IJEa{EqMWaq{ZdMO26p)
F{T~F7U~~Wg

literal 0
HcmV?d00001

diff --git a/docs/images/unique-radius-session-chart.png b/docs/images/unique-radius-session-chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..e7e59773ae8d0506f1ea0a616622f8e46863a050
GIT binary patch
literal 50526
zcmd43WmKHo(k|MB;1<C(!6mpmf#AV4XmEFTB0z9=cNz`B8;9WT?(W*S+?TAi_Sxgy
z?>lGTanHEp&L8m7J?*VIXVp_r)g(|}RvZl(9~lG!p-D=7Py~UVe+PkJ_7UNMPqJm4
z^MGH^9fT#75rN`~X!ry88_!Wx-BHQL*wIDL-Uwu3ZDVCb?_gkWWMu7NYU6kW+bjT7
zVtJ}0VsE79Xl7&mM%m2D2qb22W~k@(hKcKql98>Wk(IuY{Tmi07S=aR%slK&JnXD*
z<Yn4HUmHN6Hz3Im@0DFs_7^-{F`)~Ok5iO~uY}*MXOJTzNkwEwe$$u#fvkS)i$I%2
zS~7p$$yjx#tWg}Wh+Q|KVJUhvsR$K&CxJCb@E%?Gi~2L+ug?uYFQ1b?m+&P-M0z_z
zk+?+i_U&63XU@Ju@-t7Zc$`BM7h|2o_QTE8#LH>acBbdR3jn1L5!vytC(soR+}pn%
zgEQa!_4Q|FOh8mm<(>c67k?gnJLF$H`}6b@7g_kv0|;B>J>s9I7JX_&m_JYIsQ(8#
zV?g;cw`IlNo}Q6NGI3=M4O&TL6cnWZbfWP(hb<5lEa;7`rN18T7jzhq?+#Y3>F#$7
z6((cI0|!ItgF`GYbaF^%>huapgU#zl+kA@A;ph}JokaTeBa_T!*9~9!7A=P9AY-1z
zLo1I#tFxbIN8wP0UeeX^3nz=QZpUkyq?@aNS?`1AUVL6ZND26wrR44`Go6(u6HPu8
z-=GraAatRsJeqo>qT;z<XV%1WY}3#uCs9kz^4yxqXh&z@rSoO3FW*!!Xq`aBnms-m
z_y{UR*Q<qdW8|4Ve67-mb`q+iQb~R6Gz=wSRc<6>I6uR&=n4`|s-Tsga|q7Oknhk*
zEm&8`X7jc!CdASHB2aA-`EbU$hjn|llN3pKnD2)T)Xz<7CKb`d!0t0E(?M`~aINgb
z2)R&#U+Nheno`sC%KiHFt5|w?P|zqE=X}QY_U2^;3}{$6<?VBjkZ<L|w937Qba^P&
zr)S`?7c#e!Sy^8x@+&^pE#;b>Y&k%GyL7nUUb+;`af>F-k1Ja_NzKL;PKXDX?qh`x
zao8WL^E+u)D(@)vwDN1z+ehY=&SeEM@@Jnc9E8fPgZEY3FQ!nc_(>Hm1=-#=X6HtI
z<E_%)32-O%3OByfi;5zkM~<bjx}bA+mPvHSAOTa6gs9B*>U%Ytm0&+SU|I3sge(#h
zO-+A~m#q)mjh<FwCKA4{Y|$@q^MdF+jOJSRkg;F4s*7@;L7|Y?q{pSPsx_Q3=<JUc
zEZL^?+mHu`PvZB+txEXB_9s&&Mn*JrbVZBm^70Y0H8y2!ZNid@@85q>E!6`5{{4Z1
zl2RvV8U#wfe%idx$Sqq;2XJ3(V}_beDSU%R<MPNGT7D}P<|!(eTCW()DsDRK3o$t-
z91fa5SeN*yoWAf$BRZ<69E05(qBJ+1CPl2Sq%1kA?SekKzhz=R*zdP{f04a=)X8{_
zQ{l8DW#!~F5&d`{b68fQO}<kKvvM;8?qf6Ak)U|YiENX7a39c(E}MQi#%5tZG+Xf{
z%0^o8?kIhvkA!|SX+_S=wLZ_paSlt;{q&l=nZA?_D$<y!k@p~&T*`UKUyl}TLy%F6
zqdTm5hE3yiOiqzp;yd%>{`PW;4!+7}NoPvOqlCxhus9>*O>9gIH7l#q%*;$wVX*kY
zY?V?xgZ8r+ToC9n8&CwkWvO)y9|hf{+R+&&0+P|GYvxO*bwtkBqYYvm^W-DzO(Dc-
zCR5Rmx58E@Sxg3zizziaW-}d%A5x;k$mz_-0yGwPknSyJLEuwgW4W|ax%!WzzqX<W
zbvi4rwHNMpWfuet;?jz_M>6kxCp~K=&XineFLSgNPWYX+48qMlv$o<%Iw&crX<f_g
zG2$g*cRx1MsaV*H#IhYKP}C%s#w#gS8T6||(FGnG%&T?^0|g~VcX#%nJ$WO$KAK8H
z-|fKXhKZQtItp7lH7-uSI>Twk!c2Q;*c<Nl)+J-5>?<vN1|2e`@YyvC$a*n1i}C2j
z!mv=-P0akONt}9KV&!Wd5|s70bfz|HF$qeaZM_=}Dl4k-GW3*N5HK#LoNPSb*Dsr?
zlE-*-kA=v1iL*uxVXnv$51)o(o1Mga#CWw)bYUSuHU>wM_zEo!e$@<mYbe!_?{bC*
z&^fivc+t4^`)nujt_?cuXqKy%4Jw+Qzu<Sj<c4cpHeC=PRXAJfnG9=GJWaeWVlqg4
zIF&3Mz1Zl(BP_l8{T5$PFDA-h$dDf*CHGN-S|%m8Mm%-F#QE-s)qVBsYE~M=nB=lV
zdhfW)Vx%Ue*rY>zMv}yB8x?o2HtNQ>Hdp6ha`0FKYzPs5R0Y?o8C0ve>WPTABJ1{b
zj#tMkvt~~kz4&{52n@(J&{Frf6q~nfEIXQNhZBRM_vC=Kk<X)1YUs>;D^2tUTGUsm
z5}0&Vlz%>(W7uJ>StxhuR({;8MSpjc=<YUP2faQaA8>t8K(nb4chE`7y}s2V9x6Sz
zZIYrrKn^a@thA%Ca`LyIBR9W-jz~4t<+p|9nRRenZXIneD0vBM%{G$Ft$jqBnedU%
zYU^cXyA4&Db+5DzGo=XkP>vQ)$$vAt<4)lc^(($9yQYaNW3;zI&JT)T*b{vypw#VP
z*42>cezSn8f{I(R#P|4}5+i1^kynYaw7V=V<J5QaqmR<rrA{fY&qK^2Fv|t3$Pz!F
z1aJ*Y@4U}I9bhURY;;HVbP3hcM_#k7HB*}D3+8hSB!cs|4q__~El@_;&QcqLhy+xd
zuP3r0%?3@A4Ywu(GY)AgYKbNMw_5gEsTl&Hm}hNK>BCuYWv2Er%%)@Y?yJr5=Hlv6
zX-OP1tlk12%ejlrSId?rlJ3sltqC*4aC#@`cvwKZS^2b(55a*IIwKy@uZJ{I0iy_>
zVx?wakX>0>p=D%Lb9aX{-JSN$Zs{8gVK*ZqBgaHXuZg;XKuJ`CfX!Zhg;ehrWh^7Z
z=ddZ3)n@<ee19`_R)_n8B%1dQgVO9{?zV?VmN%={SO4@Khp}eeN-3&F@B}eK{du2g
zQaT0NBa}6XqZaZbdYo6wFIso1t>Y6uuT#r)GPxQ=S@E!NQ2SHfe%X}y#iMaS<(T|}
zi&tu2hpe$_N1nbP+DApjAM3ROl9E;|mDWyil$S)yIu2GIwOMUBqgkt+L-Qx{>Zi{K
zXsh=&+)&t^R!KXY<&;N5VcG7gVRnhUz6gl6+9h$_BXOH}704|mlx{o{6bZn-VmGw?
zWle(Xabd!pl-2x>JEMR%-)wSdP)md3&HIutf$aE4n_TA*SLMcVW154EajQ1<P`Oe8
zXpzs7>CS{vuRsDL+K=dYw*hYCX7!wF4`HXNv!U&tFDA$iUay^GhEd%0d%A8M*HKJv
zIpMm@R;9<-s+FMa>!n7sJZ_QI#v9T|p->omaE_LJB~s%RN5OoNpTn4P1e59!zo76*
zYt*=sWTP;2pHX03S71=_lyOk^r`fpZX=i6ZQDv$&ay4DGQt>LIt=q~-w)h_ZU~li}
z2${HwjzZ~LSGaW44RkMmcvxOkOpGHTjyD`QiC>>^SiFRCe3(-Zsk5l)cd1gASO|Hl
z=8MAqiLeDD`*YdCrSs`UG4$|T`ua+*KH1o6No9M%`jkOdliueYMY^2zaX!uBGqJGv
zYyqWJ7LndO#tI8Bf)03v%lNsgb<)$@(Dq`TS+r`F?DLpjMHQ^Tic}f5yO;1X3%R(B
z+H|E#_s_p7w9cm7u@Mocv1+F*S&GS=Kw&xG=~~$pbdNF)*>igkRyhaBcvC1CxEPs2
zA*i`|`P(Ios%FlfQE8seUk`T;)y!1mnq0*8N^_p~?C?0KhG{pJg~oE2Sa^IH=Pk^?
z>5@Xh8Je)Xm8ZDe122~Iv)j23RrJ|!u|sPs`3>?@4x-pBg%&C*_jmc(Bv1NOclL@|
zLW#ULxo<au$~-pI>TN~gr0a6GxNi&mdFNJ^Wv%#Wod^Jfg{xfg;BV@>Dx7O{Fn$>u
zxO>o9JotdCvuX9aCz^^NWP_+DTG>l%xaA8h7QRMfS{Na>{fHS1$Q1mf2|puKsc10x
ziGIIbzSv~IN}-OH&D-e+7{wPLQpk%!ks%gT2F|dALKLn2<SujuFK9nrYwor{qe-=F
zk;ddhl=VI(cVAJktQR~bt)+~=YH{C`cJ_QNS!|IyT&|)zukPKvQ)Qsa=#LR8d}fU?
zS;FDdx})uq@TKwK5mspD4-}~UFS=hIQJv0mqtlWM8`e67Q;!WF%Z3nD;spf@yR)M0
zX?4?^j%x+@T}GGHW8<VCSw)o1H(&K1%9ZIJPD-%{oqJv`sPtru?QLaysB-Q(*PbM~
zYthm;O<+sy2AY-?Bv~=o+%nBfaD1>&dslyzs6iE8R5@B|{c?+;ueAGzJWbJ6+pQXi
zf`S4plgvTOz%V(b>r?U#0Rx`r72sF>@daGC_U)fb4=RO1yX?U0<B3zQjlLYn7G$w$
z#~ry!&Q(@c@mUC_vz2<g_SP_Oxf&i4iO{mNN(CArsyGzxq86*0?;7uXf-8-$UYi{K
zicKxV@*r0M1Z{^FEXzBYL*p^N5Y#N8xE1!!im_%dX>rTPh^}6{@SReRq~unLld^)h
zVw85+3&{-+=uSYg^0Y?|C3>M!h&fJvJ!SYrP4d$C?!YHnBIcadPr`M{*gMfg2kdtv
znY-E^*fHAWu;Lc8UcAubhIhHd5uMd$WN=-(54!gO{<_}QiuL-uY1d0XN+CX@N)Vr@
zbv}q1m=0%$@oaItj4pq#k-7Y^Id8CGuDU`Rp-)*Jd^1<JU5iXET4g4zbhzwF;TRcr
zw2*y77md#b$GC6|xG9HvXpb9?GL}<1daVqxY1GlmHMN_HdJ2i-l*(3(a-)V;vuxf3
zl?mv~RYP7?*G01x{_~00Am6wjd7~guZMMu;NQYD%o@QnHr$_K;KdKc!jniK0ve#QG
zF4@L<zur1B5i_dYkb2qPPc`sZgoQtudOoQaf8}ZSyY8@`<Pfed8mdCF$26iFdYQkt
zP@i^Rrc}9F7UW#k98ON7)$YThxB%GNt+mvu&|sHhS*2=yr^iY&z$suHzqUyN>=Fd>
zxpI%RLZD8`Vbi$aIEb8|Yx}Mv<cjzNxu}2gW}pL_UeK>*?p`|1@V?Q2VkWmih9>FJ
zuCPhagaF*|5l*(}<)~|TiYnEG`E``2hU*~<d2F0&y4!1PQqhaULhIhC!>`9Td+cvj
zPf}Mg@knFynu^k8y_HagQao2{vx@w~2}<V5Y-w)mEx9)qEp{u4<eJlf7c#YK%v)ga
zYGx3bY1MWz&{sMf#V*zKr=s0AP1@w#M%FHNDq@MzTvS*njl-N%x-W~UE|XTWUWmua
zHIs>xjtmT(h$r*^UT9?tZE{mhL`LRoM(uyCre!CZy|#h1(c9arsHz&*OV`Vv^k+F(
z0cY7(y14U!T+%{EJ6BgwH?N%R^+ZXiG~CQ5jRr26+!Hc3yYB??5~=apJ%YrA)@FTd
z4xItCuC~6bv1RAE!IcdKhj=0*Qo962+>h$usV%?VCTnM`{l4MV4&IGohib9);Sv0L
z^SsTW1n_8pn7Kr}eC(#7SqBwOFVS7dV)F3B{i@0xq6~3bA-D+Jd?j^^{UPXGiNrvB
z_N_X9!o1Q}THh$Ieu99EcELoEi@E+~T2&tn_b+j?#4ZXGsJmu8i;SjRr`cU__~f39
zW9iTL*=$WyvIA-NL1_bc;1&M14eFt(DH=NH4nutuWw>ILNEF0;e<&*ECcwzuU8Cuc
zB(lJI#2HMj38qtwQN=1McVS=L=Q^z}PfB1>s#tOtRca>4(`(en!qUpyC)%sB{Z!fp
z|8ZD5mE0_cGE8DD_{?~BW>o=FW>ZN>WncAhmaCz|{PF01#k%8CO8G9(g?$U^lFKYI
zo}Vgx%c^PyRj7w7sA#h}0(uM{FIwE<u2+q13z}#jLI8f7y5BpXmCG%Cisf^u1bLiC
zTgmL6Bc527Dcgp+=#Gr<M?%hKO}Tr|stnpSydd<-lFhg!>k+Jb*Hn@k_W`0wHy-hn
zVcUh>qp%t$;i6I~vg4HqL&a;({1c3=rIjjYP}P9Q-Ko-#Gs#otEB-8HvR{IO(Bs<^
zOW1?Q0H07^v20t+WDEe=qN1V`^<xR-ewD}y`ub3-(J*4}+0T%I0&09ISkODaC$nyi
zOu!{+GxTFB#V2QX%w@9Zr<VPPF7V?plDqNz3#WP^g?4(i@X4dczD&-o(usXFr5tBF
zz)pPVL5K$*ihf!k_S6~++O!xPt#dD@RW3&ggdBCjRvxeMTw-DXeo<LdMuHm(w5RK6
zckH#Ix^nRiMrzJfr>i__6#2}=W2S<X2B#XzR^HC!97|;>wX)=Ee>Q4($teA3N1r88
zcegS3T$yd~I%~Thm}GZGS@MZ7`LLG+lMS8yCKBt|Aqp`@=rY@vW~APY7QJz7CmqmI
zq%^UG4)LE{kKhX)TfSwmA0}_SyiL=%GAmRROe^xE(o&SDT=k$bn~fQP(5>+G+5a}%
zFB-#YHUwjrX%@{CovLV<sTo?P+z6h>P=?9!jZIN0OGfJsTM*&wwr`+7SF>2aGL;ZC
zT<{cSNI}yF1|G>~H<ct-n_TRNYncIt__op?WAv}nM%O)t44t;vLk$TZM^S=`D`dzF
zUbC65vL^BMj#<qnm@Yu~c7n8j$&-}o6eiO3u2%-oJtU<iUFl}CI}4>k`COwOYM`X|
z8`;W@*Gs|cmEv?wONavr98x{yCR>~rV5HvLGt!c@vuXh}WVM>T0Mk3fcw?UxH%ND8
zHao|GHvOGzsk4dPaKjnqcXF`FP}=NIy>H@YM>A)hXpI28Nc@M#0u5%{mn|lp2gO~w
z3O^=sycst0HO}5V{Rz?M`7NRN?csf3U|^LA1^`B|o;VzkFE$l3vjP#X^Eg2EsCZmY
z*ZE}t`)a|q9W5x#x_2WD1Y(o>L*xyUii(Txh4CKB%gTlUz$R;SR8dk<T|I%vaa(BU
z4ahgwt_N`Yf#Ta?JLmT23H1LLHt_!_wfO&CXYp`6LekYfkKRT`M&QayWx!e6U21OD
zH!y%DLV1$#vcb;IPVeAgoF4A(I5^t6>3UO0{24>HF|Pm1?HBY4Iyz|&H&e}%1P)w;
zNi0S|v(;7v8OndwM)!8A`5`xyfOC>yZ>lW)u<>#cMDdIv?CUVaFY5&!uagcOw9f48
zY%FZ-%?UmdkNtAWyg%eEn{i(p{cMw0z1rC3`g*~yU%wU;28@+FJsZ@{q$MPVms`Iz
zCSlv+#D}=;b{twa7Pn2x{eqe@rKP8r-Q9VXVISDn8P?1Jb)M#7>kVkP*=C>Sp-mH9
z|EV*JrKZLqd(f81`|VeO%97b@?IG`+CYdjdS@fF7cfMf=94pX1wQKRy^0|lZj^)ci
zztycRBpHLPGLV&<*(DNsp}r@%9w_{0^-GJ59#!7=?ll$9WZnb))h$kE69tW7RHIiJ
zG=>nOF+0}^Ml)!WOFGwUGsO3GA>HrQA2p4Y8+5JPayddL)b>vM7%?2l`*^(XYMqZ3
zOM-%s0e7m<<!JFs*b~eBTuX*C_QwxIC+@TQgph1&8D6c#oBRV~mC3ruOQtmfCp(9m
zq^0{X5<wkC6k8gF7m)AX<~iFLFH54URn09@6veUNc@%}-=`^S(CMH5VJ3|TbtrsA0
z)R9g^JdP4a&5z!Vd&w2Qew`n;V<0eL0YeTqK-tiD)jIQe41=TI(o9k-CiDWEq4o{3
zaJ)LzhBSRfZE|E}W>i!s<G1>V)6-M<jyIATRpzniL_F&%am4)Y)RdH+MP`~`0Rj`)
zR&MMEhYR%tZ1r<h7V&Wm+Pf1AM?m%5_ut^%V&Q-RnO-Lks2=IcRmCYGiCGJ=g3>bH
zJg>1_fK2Q?lQlR!JA)qiJkAxF&DGf0Tz`$I**o-PVPR=VV&LOT`HS~w6T$qx90>yp
zpTZx#9xSMP4&AV)9&ncVc4C?;PqOCgfzo(@6IFQoVq;^YF10E*I3z?_AFy+<oYj8h
z2h~pFdZHY-M>hK^ys7p!tu^<;SXfxIm1fcP3V-4Slz`V@4K_2MZ1(ZdcH4-Z_(l_6
z&we0THOiss*;qao`q7DVo^Ne?Qj<c3Q@yXRFS~UXFETO`0_}&`xoB!xt?%4ttUx<o
zg=j4pSUUT()+`pTuIgLORt8$ZfPTh&{rZeZ&|9lSqe?MfHuV`1f^YbQXARoAix#V)
zuao?XHi}CFgY43gw?s;{gghlhp?rND)9964L}Ra2`l{xfb7>9La-_zmuHFup1LACq
zrBkD&r!Tp%>k1=+ZfA$nvazxGf<d5TVz{@px!{3;Qubf4X)qHEQ%Ks@DW;=*(*Qu+
zq^6?EZymszx4XMKaR-)^$Mfo^YKca!_x+7qY_3QEy7>a6N^R^}EnELF(G)7)XQDq^
z`!iCy=V_ptiwu9dP1Cj5lIK~d+StQ7mEg#Pn(jfxI}pe<=+7#>%XQcqL`FxCyQrTM
zIf^0V$+|%6Y*#Kdt#g~SivJRoLna=!Jx;@Evksg+iVuLunME8}Sq+8QtNm<Z<Kz3R
zYt$a?zxuMEiU7-ljD&<_8m5#lYe$1*i!|<O&40E0ZNf#y>%_%c?pAe}8jGfQaavnN
z7o3j{;r!P1Kq{HUX_IzwFxO>5t&wtiYR^rG4hIyTps9a*pEp8Hw}-qXpDM(zudkzW
z()c~h&$mZ@%^kqV8p}w>y;CqY&O>dNuXjFh?4z$SZSjTi9*BsF%Brkn<4%>WGM|u=
zl$3-VRL|Wd!3eDpm)z8hS}mx2wkUeh4%X?lYsP(E`B}5ZdII9Kr>v#*E_ontue4tF
za=}G6!vMxs<cxmlnGoycj7j<g_BV2~t-(}{3S$}2>rYd8GRf!ADcz|D_QT(SuQec!
z;Gp2(`?!_cqh>X8^THI_d~$GBmhj$W$yk%u?Ohy9%e5%@gA2YUThlH|D07pt&6-dK
z84Qe?qGHyNz-{rx*(ejLk+HFPyFVI?EPM;mld+azG8rV?SYN-g^aixPl$_k9`K&^=
z*!6t~HtS4{P5S0Q^46H!U=n*@{@IzBl6Rg-nw!6-J}ijAe6skHz&%-a61zpi1KCuq
z-P(AGCTF@4jIH+{6aXCa&&*Fx0!((RADj;7>uy?u7Z#E>2QoYywXAkS(U_YinA!(4
zafhZUB%fXnIO6kzv!mKh6Dl`5ay}aOEdy5N9dQ{()dahta6Q9ig#s!CwDX$Bi3cOT
z$#~vBoraezMF>J3#V7DPb`r$#j0aP|zkab?=D~oLL-NzTH2~XY?c*HVmnrysA%CpU
z#~_3^1a-l5-`OV9M4%q~oq7hK4i~c<KuJ&G#OK}jD#_=f@>%v+Z|i9%+PSv9nY+aS
zIjffGl<e<Y&RB9d?Tm_&iG`R>x*(o(LOY3x)CjC9oD}NzgA@b(ahD*vsHb0wLdfvJ
zCA0d{@_`yfC9-B2CyloqZ<b%pG`Lk%Tg~MGJD7%+RtgB<C_cqCh)}R=0NV(JIizLt
zmCDP@Asca;m_$SeQ>eOL(AcLIz&im3jfRFsQcc?_R+sg;#*Y;Dmgxd$wN9@ZZ&j4^
z6#mR1&Nt9=Odw8#7~x7ZW}spLo1}NL+HrF+XJbJ^!fpQnP=t`jhg;YLS|)#jCDYn;
z6#FeH7H66suAxLRA&})#lQx}dae-F~U{Zmw%-&9Zx~hbP1Sq<-S5Zj`+JU1xE-(lL
z@Bm(r-R;z{+2{)By2|tV)Ey5vV)=l$XYCv3+;I^m+LyyTgdCoZbNP%V^r6ZeUfDo1
zVGJ-tRaSEx;dwKFQvFsA@cM2G>c7;=bnv-sGt|a7ux=@aYo9d2*^nTx3n4DT#R>`v
znU_mGOGUcwBErJw!y*`Nu^l-5#{zo(sK!4%F0HNRYe$OA92^`7LWqEOJZij5+jsU*
z%C5`J$jE3-=-U`YAn{zDDA%i*W4E5?()}RvI$`CCO$1&Y0T7kxTY!|tzyG=mE-Wk*
zLlHgv5g2H8dJ1!;>gHBA)pdSN$nQR0v;)`$hZCIES5nf_UQN2hJdWMKS@5sv5-U<I
z@l1IRVknh_%jEY-E~Zk0j?$gw7ufvFX{T{ttE$szZk7)^EMitlA0zW>^Tfmg4JRa9
zLnMJ<m(_ji6U1<Sf*9k~i_=)Nlc}B9m)HUTBze*Tz)^Iu!3V*NWQrgx*mV(2V9a}l
zPv^NBO~1kqSu)81H_Ae4mXXd>baYC?1s|pt3VucaW`1Wg*{0NcdDFXYWKyYqqI^;P
zXW{vea@p2G$QA0Kr!#x+04gtLewihjO{jNxWT`|fgdIaBfib=>7Y+rxb`4Q+?4MkK
zOLx#Q^AU>h?ITz)H-@&j`p7ixfqRc=1KnK|<&o-ru9=PLtcAnG-aXCk-m#?W^9ViM
zf33E(vT{sTR@N>C{^7mfsjStA;#|vYeX3}ovWtq9Lc{zW%2s0MFE=;0iQo<XXG|p#
z5fK#w84I4_+gaJPDnLw1`xCEoQMrs)D9OC8Z9D^y+b@VK=Jwhc>d|ZC?$4CK?t!{C
zhp<UO!!wd&vv(;+(NiZ84T>Q6Zin>e!ZIWLd>qcRJOBf&Z>i>EknVvuxL#0D(BuYl
z`;GhWEf5e7m&xaKF;x}hvyRTanO?`YGHsmuIIMO#C=nr|XgCUs&*77#SS_Ql1S8Og
z0y@qt6-!HF5h&u9rk0|Bk$v7`Nz9?>)P|_yw~ss}$?eE99QoPqKshf^rN{|@0E$1e
zR7jKW9{bMJ4H~6FCV40V+EnsX?XUS^L2Q0%mskv1P%8RB+<eLVJuP%+a!t1p<{%4g
z))(2excT-NI2`;Gpyj9_MWl{5psfj6BZyW9=C{wZ2TqFddmn^?-m}l{#+1r41K$or
zZJ8iq<!z_>@UR_Te#6Qe8VrlCTX(FSm?>%}wC5tU=SdA6%quA9UK34z|D7aWr6SB+
z7KaajpbYizn7mr(=;$aU0S2|I?yic#JWj2GF*Y`qeeS*sM@qV=OxmSR%X<l15qd#Q
z17;vpR#Exnt|>9PGd9so2zNSd8q&;~!s8^R2wezxRwXx1NRTg=jy_#Jk|1PQP*`}F
z`GhZK`(A$5W<Q$w!pC90NQT;uxV<GdP_Ce*RSdvwg!QZ9>v?K=`l@pi(*dLJPJ*1p
z=hvU2vo~)`62n4))9Fh{z@X-&Kp)X12As{D-6Qrdvy6Scz2qv7hXxy$h^|zmZ58~J
z?YqKYj^;;<Sb^gpe=(^-k5jn<ZFG~s!8o53KnC_)_%^f$X7Y4}pTyZ~2mzhfxMZE{
zR=T|WS#n~^?bc&%;@!|n0RyMMzrTk2Be*U&X2BYx+x^FnAM*0@&>p|{@88EQVn>+=
zR|4<x3`{AqH#w0XP;EXz`?=1%iA~#i#t4R&<5>x%$N)3o&Ulnr`-H@80OmXDnTO@L
zr~jN~wJ$LpdzYB2Yc1e6c|@w+styckpVhs@#x@SR3>5;`t!cdx;OzgkNJdI(9(-ZU
z!_n5>eh=ACO0VC%Oc5d`0Mclp3Y({%n>Pa@bLJw<n^7CFcT;^)c&AFx#FJq&M!EZN
zN!|k<RWuvA5|(kVOV<x_-fp2ut+RY5hk))!V~y#8_l<jfbCZ^nQ;j28CY8r&bR%Au
zcv}Jl(vr8cE5A5eDgzef$x%_$($dNxd)s1fZ|``%tpJCBP$V7CV7}Dk1t1Gh63q~@
za4Rgk(~7-JiJR6{V&1*a4E|*e%`Sl!^^^)qrQr!NnkU!$TrkS{HTa8rY5Wi?Eb$xw
zvjLQ;Vza;Kair4heg7;55#)<9S78z^aChA9ZU9)u(H}3#fRDda8xP=HP5;bXoF)tB
z%d#k~qZA4Rfd&#W2u45brsd~T-&V!5U1SS$^Pr9=;1H`ZT5~Uvj%!t`p4q%%-3Lr+
zM@I*-OugM&C%l2hWbuis0Q*ytL8*4VJG+(iXa9ScO?`i_HdH)c2O<Ga^?H}13-eh(
zx3J?r%@W8{;e&h!Ht(7a{Zf3ty=T%}@qu4}>+}@Jyl@1L2wKqlsPpTs^u6Pib{!*0
z2?==s&NDm+Yq1zlQ`yDgRR`d)wD2UUz6fd%FPpk=R|#lMVzKy{$439!_WhFAWh#I@
z>nVq})_bCFE}I_@CMr1>9HVnlfJCNCLIKa|y`iMDYhWF`cm$t!axQtUMPFlLVYxMi
z`+fiZl=p;!(obImVst!OY}AXcXMEV7tlYC|R0e0b8@#or>6zYGY_qxb%h}z#xIA3g
zTVxXg&6Eb6^w~di$=1zq+nFw3o9T0(zuWJv)XrTqAN%YXQQp_6sg-`cU$}B4RzC2h
zd66!+;wT<qcy{OO9PX(Wrm3_bA9ZKl*>Ew`5^wNs=TYp8)2D&8Lnr3jUStEvpWv@A
z=Jj#K8hv0h#lwkrN7hmpg`d19D?f&@Jcp(aXe>=*^qtO^*xq|3QH4Ni&Ktw9f31T?
z5CC?taBzxLid2I_LQp0Aft^SvD5%@o+6vQ%)B<E(kxK%8?6LVx(mmi*hXEd!Nnm}t
zHlP)Qt)6%XE5c#G4tSuHeM&=0*Z^#O7=X7+S2B`sKLnOk{le6>c~@s%58pj-L}_vn
z2zUj^!jyXcUaw3N^*j>Zeq#jW3vOu80`OQ-W6_)bfUhs!>3u(`(pSk535t^OUv>Q0
zh<aHzhX5*)kd#y~H#a|6`~Lko|7kZ_RSo$?0KI0l=|*oXkJn8lISnPHm_cWV0$>Z5
zSoUWs#Gl*=Ny$KRFtEiSmx~^;5fRHZs9vF7$YV4IN+Ggz>T27yrJNU6R@Y4FBPs+~
zWn?`1!NW#{<0?E^)~BUDFF;zfBwpu{&Iddm6rD1h3pphB+u|@Ezn=jqay6CTH;n^3
zy(!FnG7Ksa>GgbkZ4&j;nMB|#xNVnxg@uLZy}bZP)u<n#td0Ar+A{Ig>(^dHWeO@P
zDo|h}$Hd3yW6`Oac1OJR?s=oaxm!X5FR2L3SK#r^ArzmzH~ShB8(ZqsyZIxNeQbtS
zSswfA3c_^bo)Jvg%J@Ae&4{?4a@FL<)5ONz@&Iz1*E$mLXu7|c1AI&H4Q+6Dw*)}<
zdGHAWKG4<GRdDkQou|Y;Ar$CI7s;)mz>}9WSz@h|=NP!ZP|vv>zmJWHxed@Wh^9bl
zBtw<-iCc~33`<!aKs>oWTyJ?L!I>xkhakgmXTGk2mX>x9eSc|x($UB~H`{#LmFwe1
z&?M3&_M*}9b-Dvtml@n%2EGpdq!dF(VK*ZlIgMs~pZtCE;H)9FPFF+k@=)Ib;4s4l
zv}cA9@u~{io}E?5TR91r5QONK>Q^a<k}0ue^$FqmX9BK(OLm(yKtROBjn1PswLbVd
z{4HnKtCfH~jD{=TnmmVHmH}jlTK;+gr*}YP=3*zzCHBL#?%-oeGWR0NO(c4%5+-D3
z8f<6~u*BkNPLN|`sl6LYfj<LTnjSw##Wsvv8+*s?i@zTYsHg(~@UmxRXG5nA!d0H8
z=1_AWb-xg&Wz%0e=3Z=GatoIUIK25|V1RO+z}(BE05YYn0s;JMlJ1qKUGKbezB2}#
z;0o*JduONJahl<gJL~%!=<F|}U@0jnOk(0v0-FY4Z%Td%gHulv$!9M$Pvw|_6b(<R
zzV%n~iaB_4g@}u96!$C}V=aPXwDTthxQgF))_4!trbp&+(5h9J+@PDBbTThk8{V+P
z4nC17qhn)EtG|(|ET&{R=WW0JVG_HZJ!7D!mjRqjAX2M3S8e5V51qQLT1xsv$mc3w
zq*kU1P{9oK`z%gJi`tj-4&eZv&&d8X$lm#OA>Yx6Mkn901XC|&SInRW@T#t`;NG^#
zJ#iMmiJA}?92}gCqL4oS{aWrhQ|#jbaO5neN=v-7l$CP;ie$H!u1p!g*02evzT{4d
zO`W*cFjg7_rO}YCX~JPt4!oPl6ZQcQnK!(=ngF&h^zyvBvMbSP)OhmBZgz`+c8J9(
zDTF0jb-ym`082Sps$Dcat=_!&as)N*-KQ*ru0qBgC!SQmv?o6iUI6pQ+tO1EE-RPw
zstO+(HunAcV%ZPiN6ptdLuJy200qY8b#tDFfE@9fO7`mAV+yxJL)ryE20*uEr9i$d
z)O2)bGh3YvZfBk>BrT|bFFF(!iXnJ6Om&770|53b;M7!Gj>OSxda^KP<Yv8jUJ0r$
z(!Z;IhkWmA!X*HZS)auK(gtJRaZCoXlb5`U(KNkKVkTIzP*75RlV2?k{-9Ji-vGB3
zqJ7vnhyh>?f(NX=0qC%LHn(Jwd{yUt{bkB0oaWnwqunJ*B+zFmfWtbuaacppM7ST|
zsBFE;?re_zybi%>`H-F|qzy1yr#I8xlN(6{Yz?hfWMYM-%;<H%mtCCzLx7JCsbhG+
zbgX%DdDH<|e#kt!pjjI@3A_9h5D=_exYEd9A9ksxGwRL@qb)v^(_@~(4R8#u-lNmx
zj0MNGDVLHP!~+Wtga)*X2uGNVXa<}^WobWHDQAA^w7v{}FNA_sW`J+)na!r@5=;9b
zvv3%#^Ad25H6j!`jqm#=<pQv1l2M^d=sV6R-a~OYWlc9yfZ2~5+ffFxc-dT!KLgv9
zVYvLW;?so8=<_@A_l$5AW4~e+7Yd0ZC(MOdK?bHN<G&iI8D*@2Kp(Atl#7Uj5P4dI
zws0*yi&{Ht;siM$xZ><R>bX*IG!iPm;CSSHbMo`|0Kc}(D<w7cDL27<G)EHVBOEJm
zOlzhstKA>lJUDtrJ2D_iHywWWqkR28>H8yKT5^pxbX~uotV|b7zG^a<@(iD;cPSIN
zT80hJ8|dq^U~;}X)&od(4}h++9_m7+$Gg(mBEkI5_rXCPgtJz5iL^)t8nW|z*3xmp
zE4LgQ7gtzWIZky3xUlZ=FWdP4(0KrV_yqt&yX9TPMS@%|4Vq)#W_#eHiSpK~cCkW@
z9;Xw$j|sX*ne8jK7Imgg)QGM0{(9rLI85L2_TvH5F$-}j3JMAuhd5b4w?{-qMn;;#
zO!16e!vVts1a9&WfdpxFb@luAYXzEP)$Fohu7c1o+6L!+XELRQ1uM42+~8yyM*gO$
z>nEQ)?)>5QXb<4~tHPVFR#EQvO$3!JEiFMxPrU46pkko6PL*%~7I+L<HAZS&Yy;3&
zub+fCJdR?lTp?&Z{qudi_U6OfCp|qNs2f49qN-}%5rnl1m~(MFfI#DS_mVd9zeHp;
z1o}g)45LML{7$*%k?JG=;_H-YKT^ds5C)UmjE;`Z22Of<|5He0fTZ~><4L1t%;596
z{*+A@@N!-b7OZF2j-1^lm{URPTyy-WMj$?~d1cjHaQPF^w}&zaKtm9v5Ws?Df^qsy
zkC$7a2#Ulm9<z#7lR9%V%~#(Gg)dce>7*zQ2bL!_7j)vV5`b_vDjv{m*wM4>3<F4K
ze`nTk;^#~)+chCpvZ3s<_Cn_JsatjUCrM4ralP37lj#29#rrSlPhSA#aTWC~n}y>&
z0;t8|;pQ&p3f1rSN(X^0%m6kX*#z;EuO9A`<^>3)jBHSgTPmNMB9&|kq9ZEMw&fL<
zNP(ZUjEu??t|_T2t3Tvf@Oiw4k%a@9q;lB_2V>KZKHT3@NCM0nKC}LJcjzwG^k<-@
z5K1SWFughu8&XtMG!F()@c`%2c2QXq@@HC50V4%PZZ$5sB!I>>%JoH;pFJ%mb_<^H
zKsQ}k!)o;PJKZL&zIevVo(51x>G`>1Zhk(en?P=EZjykP`xxv~byI-c$_O+)g-^f<
zbtoz)?)Mu)1GF1F=J%v8I6AJG4=qpZVySv&5|*RQw-e^h_+2YPTbmVD=ekQCP+VM0
zOb$?P04t<cQVpGmuTFz@0-&y|NEK3JyO<A*018)lVcrV3=m8;6sR}2x%r?wIWNnju
z7l6YBdE3@Uf~DZhYD%)7U>ZIgzPTle<2#TLS#MuomHmd)JrGWb%DK974aH>^29zX{
zEepsupBk~smOtd%t{x#OAmQ4K$WGNzwrY4Dc+fH_5E&_aijoQdS$2w|qJG5QS1TYO
z9_IS(4}1RkJ)K(VcyFw=PMQY{KtHdF0UHAq06fdD*-D<GD88G2S9}YwX5-zFWP2D8
zH!@!gOOdLj$;?G{Dy(f2l}CG<m3d&3d?ceDei9>y4MUKH1*<4)whO?T-pWuX&}$e_
zLkHfUyA$)H3V!Yl=DAW>q>{)=ZoW@niT=4v;VVx497gC&{5_&j@OuM`miarU5PQ$8
zx|L}Vepfk+mPQ)RciOX<(+d*z%U~N7b-cU;g3j%DIl&Aay(skj?a--B^ZN&38c12^
zM=#m%bEGpb^QY+m!GeLcyiqr4pM1fCo!l(}_0kO#-6<j}obB-R{m7VnpFwx=x^Lb^
ze(Cg6DUu2rx3gMCJdE%EN8_&%*|&}Ehdp+?SPWpN6!^<<rIk#+oxiD^#rQV?Io&x3
zZ0|h3DOO(#u>Cb?!<OB9>R(&(X#2Yn<lNy#<~<N$DABkyPgF_6Hf~2%shd&As(wl@
zzt(np?O#nyX&IBHNQRfv6N>BVb8A<c$LVTBrSKTIiL5pXyh26L14Lv^)}}&$P=#BK
zDGK)zPY~04cpuVlZY&a;-S7Q3BU^QkRE*UzqPXoNzMvZSy*cs9t26vL>QRk1+3sf#
zI3I$MnQn&1m)<+}b>x!%dI|aqY&b7prdiQ2q6pi$uODo<=Un+JKHPlGyO&GYoVSi|
z|CCj+L6Q&P0>ZG)WGN5)@u2>nVckOh4vB9O@VY-&qdpDR8j9-Sjdz9Wt?&Qm@61F)
zrq+|4Dc-mwFOP`KB%}*zA7&AFFpu~^AO%PA09%~~DF!2+!>-Wm)@+Kyrk-nx|0275
z@12H+{wkJIOg?PBxlVFEY(N|4RN_-6_ESj+41jwZAjSGnD)<1c*lm+D%H+s5EM#Ml
zwHx`yzFzo|{!@dvtfb#xTmb&$p5kx7JOIVFhOf!6cuFpPEaCAwI*<P}Op1;uXrEoN
z+4Bb7PZF}VL(}VhKoNRhARmSf%f9K?HPL4`^65|97}OHZck~u>QW}F#P!oggLhB#@
zn)^>681NdffJGyVxSQP{w2>B$z5>q>ff#K)pKW%WAc1}|VR-y~KPaOPQ15@H^IzUE
z8dk<%%zjBW%oT<v`C#Ge)4F+SiIQPQNC0B^eu<d!jewx)<Nt_y{B2hM>q|;WQm`_j
zWBg~IHGxn&mJ)C_qf8eyF_sQ|rGuUlww}uW=5~{knd`v;|IxLX<Ymeu4gNqP!rZeh
z{d6XbYQMUl{Ny8CIB1Eh^%Nj=M3cW???1i%WE;;6%!*`Q8wJoVfkVgGf&cN8<VHTC
z2syNPU=0`4TsCawQ!K3IZ)Aur^AoiA9TR_%{{A2LlmU0F8?78D1~!%D;sCYCJZZbW
z71XzXMDxE%{{R*Wpdi9FXF<!9tZY*p00fBx?95+H|2Ox-z?A_209e+)yA){kc<yT)
z(pi_+W`eW3>O$Ot-$0FsWqx++GtNuL61(L{o%hIff2xL2pqB7obN$5le~r0#b`@1V
z%I-6M#L=;RGSgS(xuOZl_Wbg2H9{=ucC%IN62rS)qj5E3Kahx-TU9ool6Uqh=kJp-
z^|ZM;KPu(P4!87CRE3QV=RDsa>Wx18uaz4g>tACgwXA)WpJo?fuQVAj`s~-+&zJGt
z;`KV$|6R9L{QRqhDTI<OmSLiXq$#J4s%tw|fmtz6T2@?>+dSQ+d&RbU$MP<zJS&Uz
z2*>KBvAVe7oA$c?h;OKdOq%dLgxuXi@D)Z8{gMCE2Zau`S`3m=dboK#6NDc=d~iK?
z2lSZV?A-;*&De_G%|QqP=2irz`G26rMz0;N&SdFdz6@Og8-3i=5i~};yI}Hw_c?gI
zHAiwcus;Wkjfly*4tz$}sGH=ad8Gu5c<?WEHspZ_R!;QsdVhqum_20z2qa1RH%}*B
z9<>~T>_h{@A7-?a)ddgsk3g7S4;`^oUu)mn&As5i+~dW3t+f@{-HLCok{9=Gkt{!_
zZ5;0AZd?d$Z=?Pn5%PpH;@vtAxNjWLPpo@vPKI$qWQX@_NJjYO<P<I}7|r&@{p=la
z3z!-CN_E0e`kw$7P`m+4WV(EoZVo-$a{JZ(StgNPT`39o>3S$o;$>eSviSSXob?G&
zMXWDT<{ED{`<H*QaYk_cY5;5e+eD4shl7{%jJemHE7$-QRNNK(l!W_KOb7p$Nkwe2
z@XN1_P5aIKQ9*;@VrvD#mzD{Uco)*FhAp2womC8)Efcv!{-b-8Y_Vb$V$qxcJefc7
zf(N}o{0~*(zwT?cYj=V&;8w%f0j*>FadS~fyamq^r3L>#9^cykZt9(CmfpK%ZhU4{
z1AgH3*@!q%T65d})3eVu{A{=Z$20{m4DF9=02=%o5&=N<e|?=4%$CHSRP|(zT5>y%
zwCP{}he|hZbRgmrzWe>sfz6E(_u~+w^hw&MYVnLjJ^qBZu%E>q+?(V2AJeShja|!F
zMBr08E`+rAF#wuU8~EB5Z0rBxX_bM@xc}?|Y>0~s9^K&hlFubCJvA<P=14|fYv5`H
zv+-nBt7J)+TJ&-v0X(!5DWE5S^5pbfA-iBa1F0thk)>GcNrL92qOS}{$S9?^AO4O4
z-jrZ_S8F*?ikcl*IK=Lpe^UK3AJCQW7F^~s?!wvVUQ!e$nfStqL2~Sai0*=i?pMMn
z(rDu0pT}rYGn+*Pf7L&R8$uB-S&JDS8L_>Ss6Ndyz?^~@zY()zmfav`uv8TKyW2Py
z{_pron^9vU)q|fz(1BzQ?$l6SR#j!?^$O7%<^MNoX$kAQ@PR#-v}5(%TFlr^O#6td
zl9}8$jgjlg5$4y1$N4Bm$5W6u?Hvvgt&iLcF|E3xiUUo={XgZNKwG(PRBJThm%-0*
z(9ix}t7SFKJMpNGL+g93>HQ75Nk9#U1paT$33~kF>jm89zl|#r^%p9Yo9YidyIeak
zH+EXUNniMgxG?i-2j`9cQVT5~J=I<W5f;By1EA?Dzr7UgN9~LuIkfSgIs%%1K_8H3
z%b9eiqECLkcRHy_ZjO}MYIk$r$i~Y?=*9DevvW+N=8LFKZ)IxnfG_xGZEL#|5|3to
z$?|y^ute)ym3-HAo#}f_>Pp6FlQES3e?zL=wfekK?3FVA1Yk>FJ`CxGI^6%lti;@p
z-_-Lzx_Ou-A-@RRY(u@J(4bs`0tD<+5vusd%w}|OIc`T(TQ59iJo)+g(E!Py04wQ~
zVUUOpxUElRm^1}&CP_Sxzi2V29jF5tHpD)6b{(Ca@Jxx<|7_<xy^0xfNrrgor+VUJ
zfCD#92R||0=)nn>>F}qL@6rf4)>c*>hi~WpQu7kk8CW8bz9e;hG1z4Pw1;IN?5|ug
z5EEMcLTMMVNAbh*{E4+pa<*wnmG;zUJ}D~Ch+?BB4*IEl%mqSQP=t`|Lz(<+o-9PG
znvRJuC-zgemgW9&hbN->snB=AcE;oD@5=+h1mRF*CuO}1vcy;ayjPavu$>cA7y^$!
z7-*2xjf(c-K6XW)`&lRy#H!!?9K^=y=?pXZ0(1LMX8_;K_%9{+KWmw*$C>)a<GfzJ
z$H$=u9xJm9HaL85xCm-Rp<r~;fGms1m;OW%SpF~971xWpdAh|TQ+IyVclYZ%{k&>L
z4-N_DB6%M0rB2znJY<?hN;@}9QH(lB^ey#sDcIaEaZ19?K9zTsI~YlMGH32uI8&ky
zhx2af4GywVE{6_Fq@=I(hv7Z|{MKLp7eM*NtCxQjBxVhxk6$%3)mNm=P1%E_XWRCE
z(f@u!>STe^l|MMce$Mx!(#mSZlZM@~$ugZySOPG^Plfz<!5ebYzsf89fA5bLF%XEa
zK9%pdGPLxhr1V+zAD@GfUWk79ki$LOwuJ|NIXQ&=v#St&nyiW;^xvlP?@h73{}~7P
zAsm7%{P#$tZ^fdeI3p>kv0lEc<48(SV#ps-9>v~qq9M)vK=$9XfP4G*yGFjq{u=Su
z)P6|(7|9uZFA=@)*JQuL)A!07T*t|N@%V}N#iL*{=jFeR`QP-Q@c#dqH2%9+`nT?1
z?@TSCZ<U|dO;`#p`!mpd^rrm={zmWZh4{~U(XVK4RXQUcgpr6N)=ginN`=igML?4|
zDt1Rc*r#jCWbQPJzxd~cH_vq67v%U7E#)w+=pev<ZnS!py?WMjJ8u*I<{y!IFE@W3
z9{E-anf}?OQ`_plU~IqsbIu0i?LQR;wwk%W4=U^76EQO^e*TOLpZDpK-5^^${9;Z7
zVblwD6JfvHlV9BGt-nxbChn{(DzqaL_Zdlmz9}#BI8J~*q9<Wc=D}}yUBaNZ$9B~I
z)vraofL|?Le^(yC);HY)^vi6{h28{EyxrCpW<EZa_;oN2wV?Y-K9uDjJNM$p-F<j1
z9sKw5RboBV8y1U`SW;<m(J{;~w_T^gdDvim`)AM0zIw#^UThY!uhu<hgJtmS5Mwe*
zDYCb~u$lks-(CE;`trzt2g{Wtci}+SGk4S}A!T%Whf2Bdnaxx1ZvnnU!hOX4*S5+T
zI9sAH_(v?SF#nrfpU^#tE<}FC_384r7DvL`r(d4%VTgh*x~kof{*RM!VR{{OtUq;Y
z7qnY;i!C{@Aj}3<Id`tuXT-7{yITP`NY0{+Lx!y$*m?B2ojK%>7YDO(GLwaTL9z+z
zH+jqlV7HJX8xV2OVmJ9-iLh24R+lzww<{k}a`O-d>HEPuuIR)e9DN^8tl*>StD2*G
zZbN#n&^uV-kmm?HtgHzR@u6S0sD7CyBb=RfHs=4@J-t+aS=T*Z6S!15-4X`N-W57R
zk;u%t#k|HL=(T$e>DEl^*tHU^ZN#>0r(`|qktDypjCn&EngN^;nJU5f10pKc5(|Mk
zkNf$WeBWHTvb@SN*gh;>a{l$k7)kF@LRG8T{^UL?y@vP>3%I<pv=743pCqg^znKYs
zIdGGGyzp`*OY94leAvL}u+bT6Q^qNZw`zk+NPh_Hrw{DEIxyxa)9mkVr|Y??=xYvV
ze09#ZZsQbnBgAuPHD`BQVPV5;fz#|y<;A?mX=6O`8XZ};m$D31(dUFRxyI6HFRsLL
z;a4J-pi_kBmISavc30{3H&&}+!gczSIG5H3IHxKs-AUbsOrn%l(*tbpxuf@24Ow*N
z`ZuA{xE}8GpM2h3$Ze61k^|a_O<`p6Sut5B)21vhoF)q6{c0_5@=kbh-n3@d5>|($
zr!ghq+?j0NS#mV;qz4Y+cs8FQ60G6S>kV3QgcNbihz}VoegmtMwMgK1bbAwr5vshG
zShwFa;l{im=ty8DV_qC;bmVhC>q%jYm!WXFKgc}3JWCWXLS`k=Y}u{(m3Y4_71W^S
zM7;62E!rW0WBQr8gsgPyuE5tm6j74>78dtcX4+rWdDncRzMi!|d-PtxLUKMlSoe-^
zD@YF^tzrwm%f{hw?Y`dN!nR`FyPLb$<8UBJXgd!usn`w;edlG%u!pX@Q0MnvX_I+R
z2LZdqeNRGBe}RzCPNkwfxqDE~xYH{vZdN*SS=H{v6cVq9O~sTqHv7+o6NfnZq0h<(
zptn=imYV`xemfZBo~4bp@9H18;%S<726|04Suam^KKgjlxGnLjw&F5<38@>C2t&|6
z$XU?ux=;1~@X`$JNyvV{_V^O2Kvt}7P2jh7Mu<#@-;}&JG*isa|Ha5+^5?EDd^uGa
z;w~hHd@?M%Ya;gz2qo;L8M{r2ugQ^^Jvt9=T2^@#X}oLql16_<z2Z;uT-IL>0(H0e
zb~RoWJ>FeyAy|8#prh|z3HG!jEz$LkviqIC3=6KQM@Bi}f?xS@yv%2=UopqP!R~(1
z>c0M_v?y4L^lktBd*Z`!1#$v(v0S(A0gK-_LKVJKaX8Da_E^AuyiPU;-ny>V+8chh
zHnClP@U(>u=jBlj)1ABjMQuZ5z#Y4dK_XjdjJn`KjD&{)p44oFzN%nFjMEX;s$;V6
zm#ToO&DtU&dfq$1$)B50_IHFU<hLCuNhCs~Efsw|P`P({Gp8zsIs1AW7S~$$XSq(F
zdBFD;i!uXI!i(NZGQ9^qUl!zE!T?&yED9wXLvam8nl>9AGx97jKhr}&dHpvtX^F8w
zWa-Yw+I#%6R)#*k*4mMeo;(PBIou&fURDb~Dy5C)dhRLx&Nb0mq-Ke#>BLX2ml<f=
z_-)C}R9k+sZgzo}9)Gz(y^w!>s_f|%sTeC?ZskMqxBG<D!^BirXu7@s<`s|D`i7f?
zOc`FHL9+vSL%PT}9B1O$c4B`PmX2q*T!%y=_96}rL<3}db)N9|cM6IjbT&Tqrqr(w
zNB2EQn`Ut9ZQ<}-#7-tQ-)+jKcmEd0{&@;ZMY(+Kh|mGsIX;+<a8W;I=b0$C;>X$W
zg-o*Q87}!!)Uyr`+sW&-AJI<X;Rf^LaG293OwwJs5=Fx~qokpmnV&6S2E)%1S(+{=
z%aGEZ@ww!zc@&2s44J)dw+H)G6=AJu<Z%X)^sNpUFk@_0oT{O8R~CO>S#XENg0Z#f
z%RV-J>G!%ut6?BSCg(U3Q*jU9RjqFg%q_sk##}t<9%f?O7~k{Ni8A_u^;@|l2zxcF
zmCeFiw8U-MzQ3Tr{q`ji4T635%+_z{Z!Qj<+JVZb3LE$e>w+!s4dVWU@6ugS6fZ6K
zyDI8@UI%-}imYZ!yY5!gg$r#>5^8}fBqp}sMBd<WC>|w??0Wg`<XyE_88+AY#-^$=
zx30CmyCY)FZ*nfL!_za_-kGiczi4~wsJNQ$YY>tENw5&y6P(~qBTW*51xrGL1&2Uz
zr?G|r!QC4VK^m9f?(PyC8gIODm+$ht&%5R~Yi7-wwdNcC<JRq}x^?TGI%n6Zy*1h6
z!zRNp<KB;Th0{A_b0Yf3d6`|fxb$x2NmRuXE^kI^=th6vPn3c`yQ}UAy{)0-ncC;v
zrX(fDOSr2wW8}29f4@#m=gmYuAz|myQ+593q{v-0JHMFY%jT?2)TkD+7RFCis&_1F
z_;yBf-9r-x0vCh~y_-QNb#dYB6l+QV`EbpxzeFKSqOSt|#|bJV$A%`Ycoq9+e1-!A
zxY-mqW9${GD8s`~uI6Zs|L7U=m!%H9sMz-X%He?0Z&`DAv&&zRJr<aM^`VfL=~Mo9
zb8x2*+m!oVR&KJkXJX%Vp;Uiu`e}8Ia8PsRmc_28C>dEca+LJFGOLxY^)G*W^>Sg-
zu4~4AGIvMNgj5UMDhj^whbYoDmMHQp)c1IN#_(^+a<w@L;bG<esR#aqGj^Q5z50>D
z<ynvrXY;W$XJgtY4~n5R3~e-pWLo6%7AS6f;dOn=v2AXF&Yx%lYqK_bG^zGthaQ+L
zeT_tShI4Z_8<Lv)lPu*j10)H1nXoj~X1M@u|HJ;0l9&$K!!9(@4q8-BO=B%X8V9X_
zZQk_b=-)zR-M5Ax2mB3`32HDncW%n1gC3&+^TZL(Yqz*2q$#UdrUFy@frULGEF{y|
zz%93X8XPS>dnsD7Gq3c9e9^J=oBYx@T?MX{!I#?*E2ir%m3U$wGX_Ltkjb|6p?prl
zyW0UeDoEx93tQk%va*P|Gu%(sO^4!rPFFVUw3g}3<q<Hw#mge6jh%G&O4=ODakpou
zy>Fd%1kj_GC9G@sHLi)1EwujN^+{rHvtXhd^XO9lv4u*6N<7P*%%v_E=r>yHDhig+
zsfAcGn54z78nMO2ED4{k{aLdaP#szbW!FyiG$rtDs9B}K*#B_8q$Eq@U~5%Oftjj2
z8F_M;ojBC5BZT4N>%4QCKNBeX;``4C*^KJ$Sxtq*_LzK+HEvls`Iq+EG=o>2+!tY5
zs$g(ZRo$#?BO|ffyMd&v8|E^yCbr;d6(NJ&_}(dgEYaRAXBa*&`I)=UK>SCpeyTFO
z4Akd1j<l9cU2u@O2GiKxYG(-W>Q_Fl&zt9G5JnEG)C<s_71}qR_5J=fWwTSfTGC+g
zgfN?_Y_Vgyf7hzR>FC3!=T74xWbYF?3uZ|oZZ;fLnL%WZNE-_T^o~a?ZS|vbb%eLS
zOf+;!n%);w%%Shzi^JP#5_xhIXp~4o1sQs|()9`}5Dk{L7D=1byPS_~*pBR!?Q^%2
z;7JfNrKs!(hF#?1CP9UJd_ogjl`SavXch*4>nbxhMTf5Pw8>TMoZtFT^)f?>gO?jr
zy4@;ID<AtD>sm0a;Qi_koh{c>{5}mOe&Tv#QgUvpUSkYaNd?ZM>&d-mx{2)QCwt5t
z=n_u#lFv|tvR<!K1h%h^scI(uSOZhk=Eg~ougP{LkajTHq|uXH{m_S8!GksFLPc%)
zfI>aGiyPHbTHCLgN&NGRnwnab(=)pC&WlS6l4_IE^}v`3JgIj@s<46MctVZq!_WMf
z%9)`&M;iQVmVQN=t<Hb7q-KaF)7E*<l1vLcHOI&U9${<qGCfC2#pg{poO&Ph>PL`)
z-I2C%6m=nWTmV{(g~4sig@u^W1DdCm#Cmu(zYZXDmR^8OSJWSI6Clm3mgvr6d6}?!
zu8JoQM3dCRfIE(^N6r(ffsw$T2*#kpv7ld%w2jB?3@U%3-Nn6qn__hP+xWb0#2V-5
zR*Eeppd8n!Q$o<IKi-&cjrf-eZ!}W5GrdL{h#L|W<3s+B$Q9`3zmER@V{|)eVf9pJ
zz+g?(w_4%hEXNq^?3f{n<Fyn|l1{(DF0+zCo6^?9BiI=s5Pa<oy)@r6U!~pGV-S{2
zOK3^1vsiSDtP%_UI~!!<#xdomXuJ?zar18<&b_1oS120Uz|Jf2hsV4F@Pc(ar+O=l
z8b0E@KA=n}5a=qixG`REH|1TwRG8Sqs_!V!zNSb$?kGUiCwx&BW^rdts^|T`^=GaA
zLW%x~a3W8oFkVKk{|Pr3RN<4|ecC=F*EHa@ElQeQ1>2=f$W){V9zcs4O-MG5O4G$r
zC*%J{Q?}=*hh9(>#=tl+&_bw(1AE;$XUfnuc^vN)Onn9^Qk|FjPw-@_dv6>0G^}Kq
zZ<ckfo?@p6`w4Tibh^xS4%5WX%(%|jkk$fm#JHOU>3=<?^<%XBNTn^`S^1|fS5P5V
z!sv(PLjQRW&z}P8)d3~GR56#q$z~7xZ6IzxokH=O7~5Q5eKJ^f;1jL-i|;fVLu-5+
z$UfN`=L}%l3>lw*OAzAW9T1I&waoviXtZ%Niie=dMy13ZoZu$&XJ0M4gz|^JULbca
zFINSxB4HahCy7u0O_KUP7iB<d%}=;ho%_UhQI&XW<Lypj1w(-&-B*i$to{u(6YodR
z_~^s=;RDs$uCi6NXq)zl1uA{Ga#XO7KUal=$4V=}5_r_LL`A|e*umrZL^-sY`$2d6
zg)JV2zu8?#RWz8B_$lPm4({;Ye?n8)I=FX)ET79$519!heb0G^x&=YJb!l{*@k>uA
z9w%YHWYW}rsc)pIQ*%!z<93Nyc?7u+7cIFF;3H9Ma9Ou%pgYeKtr9Pn&X($qRQ;#Y
z?h5SuqM{<J-52k?HCoCDHTJ!bL9-#ZeCnm{ubjr@27?poPfH2;CI-8)_|7lHokAqH
zVK?1oMd}LR))zOVNj=qB0ij&q%9aS3X^OoBTyV-#lch92y@mi^;{D$Y&;P_XILQhB
zjiI0L{J(*9{s#u~KS7%RO%MyypNfai2qG!4ZaqT65i^q;r%wd2&%_c(y$R&Bdr3Ke
zn{|arSA|12-WYfaW?|4jwUTLMF_`V+5~zh*z@3?Hw=PIRax4?m%KR1Gv_q}#WX)((
zmF&y)-i>OxDbXyZ*^%<sLO(k*)G^;SV$esSG(b;YiHBNCm_9kC8nrtJ2slr;2eB->
zdkjq|<^@}fO<QC$!3)-S_fSr64?RMl*3trgP7;!7IjiPcTOs*OVivMBD_sQ;QCjz5
z&^5+-jLi@P1eBBA8>W}dii2ETJg&zZs5?rbv}9gd2w!l|tZK;gYgCcMz_(s(j9a|g
zZ_tte+wkHxm%jrTL&`>{+iHjz3b9povM%p4g=WQDY`z3xkEaQ=snt8Do!Grp=pDs_
zM#r$}0#S#*ei@VrqE`HTx*T{Gudh^jkCtMI+#X()c&L=b1UjZ-kwl{6p|v}Xl<h-b
z%5)(oJ9XRPq+wFg^`6#Sr8~we(HZ38>#a?;AxXT^QpKdp==&sp9L%U~vGtbSxsopM
zmGzg~0~L~meG{7cnNT0b2D9RwDI7UZfzv+fy+jf;wDCG>Zwd+`9ES#tFEaxLK(2a%
z!3#N1%PYxeY0>X8*8o2upqv~?SE~my?x}=r(0%}iCJ!@cZvud0LB^*R-*)Vi$gvkW
z=&o86&etf`ajX`tu<SIhQd7q3sK^FFUMKdp=7gMt@Z;>0sO$%}tj169RdB(CCKqVv
z3RHz=5fI)J^sA0pt&3S(je_qX>SN>$%%#h*8p3p%zt8$~s<1SF-!+@&PNwWGbQBzF
z{%ZMD$Ay`z+|;vNXFiCY`VeGvvrYGB$6Q_bH@Q~@#9uJ#A}IP}lTJqzCHtbI%K6p<
z67ed6uEX3Z%Dtsm@eLERKje$^^}a<liA7Tx;>k~B>GL&<MM$nU8An;_N_7V4EeH{q
z_5nsPQgCIr3SkVK03f~NWMxeU2sP!RnJN}D5{2&$zy6unZO7G<Gd@%~B1`++JgRHi
z>eAafr<?l1@PNUYIk@1&*Lm=vwjbY0ymI7128N`$;=+SCCB*AFs8ezp(F%CEv)Y~}
zm{zIf)5rd7(mzxCSy+QU-xeROi;F+$@`~-(+G4T{@c(T+S3QSm8qQ^;nn!G-vTsJh
zhG6T&5h}q;=&fh&G7!qS_;M^XU9Y|4B`mrbZp^(c=rh;Px{5gAZ9@zhyCqN>E-Ab>
zY5K7;gdgFlHbD9ofDL$c`?_`oxNG6OE1RH9M)Z3`MKBuoO0hsrl6<;2Hf_kbWFh&%
zMGX-`BBL^3iB1B+;8Joj`j`uX&gNMbB?f;&ChWl*9&#03y7P6QKZ~X_yLS4Z20Nbe
z6RmcCGJ$Hcb-!_=ImvcfL4yBQP!sfI^3~Am#p+xB_zPV;6L!(*gHUWp)sy}UTM)>T
zv;CqF>ng^V{W_4kp7Suy<j<v{ke&g#Sg4C~c$dDjnQoQ!pXyCS$!v^t!(Q)GjhnZE
zE{O4ZB@4(P-Ad%=0<`Ms+e3F=3A<&mwP8OYc7kIP@#I%**miQ~CA>KKu755~a$?kx
zD9($(ocSiwrC+u}kPM!MQfESxhDoK7NLs$hDSwf4fsM@q);GA5lOAyC+orpVWmiSk
zaia$tvfHO7zqhNGTWC^#ImzSG4xI%#_xr+UAMuhXwd!lRX;}_JuxuG|7*G6WGK5>-
z_xc2D@GLZAE*@Q^d)Ye-)J&DRQ781-u@rH?Y*o74!7-k93LR1rFJ?RQpJvyL44*Ao
zCKC?|`&wz(rzP!rn>G0bdSOvFSFObqCYL*9w!(iI_HE%$I_y9IbaX+5x*u|8GDmZe
zs03s=&xZS?bcv`bR`LMCDb`b_e&|5)<~)x$672(kn`<gKIXOko)Xndq<||Ex03-}F
zn(49LpD=dbdH=0!5p*_I`yGfk-^63|>->p}i8t9F&&XYEjPCt|>@;AVZogL34$*8(
zl@nKZs+%mgp7>zYBXTBl%G)1(f$nLaap?{S%g>GQ$izzT3d$OCZNZVR9B%S=+pyGi
zezhrT;FPOtWdn_hbGe<KP5tmE#!#1hLW4U8y>*HY^sAr-?R3xiya9lGt%{4r_e<az
zbUYM%s?$SPWsPZ0!rZnH+kbmzf!QEfEEvYnDZ%HzoNHcsXG|U)CANB9<21GuYQ)K9
ze12pOn?W>ROt`N%!6Xmu4S5hf#+GZ3R13(%2iOhP2#<KM%12eEwJIY+9EzAAcQ{l+
zX#R&&R@uDiCg|qoNkomQiXQQx0#{Drz9q$ePj|+zds>~Dj~73n5BjT>tm<Q@;*;<|
zp)}Dl<GMyC)4K8~b2dJ@=7y^mr^NCwGgiR-T^NzF8+F+8l@J;8-DFV(d5U3Q`Lp%h
ziX|`>5467F$xnmzZCP%zH^M8<n!_pF=Mz?&lI0pXe2AOwZ9sc3GfAYl9x=9M^T=DR
zhpHu8wrqQr!LSAc4toEA+$;IqDp<u(gP+MV@5J4dUyZeZeVRtkNmJj8LY^<O){1*(
zx2VkhI&yXwN4$wP%7iQR0T=Ug|7jyAIEJxUp@U#MebIN?=oSq4tPGMr<(90}59Xfl
z0O<L-mY};}YKZ>eddJ^594fi3Ty_$1w>UXSxY7ADtO<3t%FM)py{2;ykEh$>G7p8P
z_h)grO^LTrrOVTm0h?@s+;&q1<}7c=k7{cR1MY!3SXB_Hih}6Q18g7O7LqS>b<vBo
zw5*{sqCasGHP_X7?bP!~Ix9P3Zq_?1ztE`;g%k!o5H9yWOe@ywp^v!RA>!37EnV$k
z>_1p9+epV<rB*UOLt5W&MM>UIX;V|v=vyF8@+=PD+S+0|8zb6NhAh|X?{q|hCq$)}
zgtcV#d%ob-g_-o!GAeAL>qUsQharFVc}|{INf7|(PC<hf=YrCix)8IH*GMjXXVt|j
zR4ZiGoN>3*w_i5*=9eV^8x{&6V%V!PmxaG5jMzrEhCeM0O?@4N5l|8Z79l@_V^r67
z?6C05$}4xGg?N>zA84*LTDXAc-yHnl2|?)|P5ld>rFUg+92x9XW$6c_8AOvi)^Rv<
zT?Lm!JHdUu>*>&vQPy4cP@>bm#z$FVjX__OGbch8fq)X!G7yP<^7lMFQ@2}AS#;tL
zeKjRa^7q26ce2ZO`m!!<5dJ_rl50TR0C;6)V$bw5l+_+~6|xEpNuKSgE7#dR?4-ul
zxEn1<B*60Xd4q?&7v*&LNPBpAd+=-fpf<@TnMtrjX-`P){M!+D#SwN#HuqLoqTP>^
z%1DMZmh6q{@GcRp*Dbk3Omo^tYm?Rb>>0I0pFWJ+z*27jw>Z6LczkuH+A=dVmpUuP
z2p--s5U9c=g&{RHHfGxnpydtbEbB;7+X))%u-Q?wQ;t@@!u-HlOF_0GL1u7h2!hl2
zlN#wgRtC5o3U}WGL096h#fQSDVfN)I<XnX&OY;I3l??c;9=#m`)C4CDMR>dV_>$xa
z2Ix3cXJNUle&gwb?v=KuSMen~2kD=Qix`gr0|7TE32=kPQ;R8`!w5f-frrs>ECku&
zR?``}9+V1Nq=>~-ZsW7jjZ#s(WT4~7mZNw4flDd4Xs2CM@Mpl-@Nl)~7H9h@O*mGY
zL5%}zi2h5SiB-4Y3uo=srp74Tv|4U@v~cWNeCyI`&0rU)^yU|}VXuO0w}&)%?K#XR
zxeRv8m`+8rd5{MO!f4COoZ|5WnAEuVYs5^paK#`5tS_d@tja~P{}ClkG3Agc_Pin2
zHo{;Sb|E!KgKxZqf`Lwe<61IP<gPP5wiN7f@-1K4Ns4x7<!1E&j5p4+Cu>6=TNKPo
zR@034mCN#MXSN;Xk=Cci?Dd%N%r?5*zJfC2ccK=~(X{Tc>R--WPrR28aaKmHq`htR
z!(#UPoEEgZJLA>L=1t!|at?DXnVbD%Tjh7D3!#}KCc)HJB`Z;9cW%tTS)c9+T5Gkp
zP~RZiPOoq6dKeqK%-YAioz5C>#itmh?6T-a`YMsAo;z%W3yqBI!0D4`ZG?<9U-MV{
zug4unJ-*2<Hfe(9gAYj^LfSqp)u@jP8F2NXe5;d))Si_v@tsB*b%GznfO<UHl6G{B
zMh+@KCt?zzAekiLszRf+?B9uF1(QBw+tr;fwq3Mi-M9^(bBZ6uy(<6@$~mr=4e*tO
z!+KTdvmY?+&DYddIuKy1w*+BXoJe#L#HUozg~%g0%%q1Bbi6lQo<+X?^v^m7(AY%J
zgp>360c@Ar^$z`J6}-m%uzTYX=Zw7`FQEIB9WC2`^eJ{&HQTJqLLXE9a7z>^>2d(Z
zQ3Hm8dvQmrnTsmh1R>`flfcnA+G6V(Z|Q<2A2Qq;^R&)5!gdm8pQ!9Wf;8ep^(mVb
zhEiH1znL~8gXDj60eX)=0K||qCc~xCUMnrc>~&{(*pKU_)R#H$PDb0IQ=yUL`|%v+
z^%#96paK`Bn>-O;IUOA5SDaA&gBT23fyXacQ$EhGM_-X*OLfYUoGy+Y?Qj_E+EcQm
zHF^_6zP5br@0B4Du<F%8WvQ<FBJ)8vzK^24)p&aXQ@VoU&80sQ*K_;+Eu>bJ&p|o*
zW0>#6(&LMLOO==M%^$+Z#<==|{2L6wsp>L3<^w93{O4IGy>eNUUEUSZUhthiZwGtE
zoDIx_u)#xkib467_NYF%FrDxCZN(L>HS?}l4^e$tRB@PQ^#bz9(DIxL>P)CnEKGi}
z%*%8lXr`LsW-%lntvR%v=i{ZX^J;mCmGLp=Ex(d)aBH~s)ZY7aCozhN7Q+M)D{MaO
zU><zZ^8*kGLCre=E0Rqbsj}8hbzTl+yFJ;Rt&*Z0OXQ{MYNR^Eo4nq2<%(Zkkd)he
zKTvF8V%9kBEJm|o(ME#p95h{CNHz#-xngu#R38<!G+E2XsD6burnp3@VIiE_IW@b*
z)hT=@oOaQ~m3Q&Ms#IUOcE3+-aa!)SOMrHAp4J+kBhSmK>Ju}oVzXwMUj3lC{X$7l
z9%1|Tr_T~A&7lzKB6>g6Tw{Or{ZnWtLv;w_H{md7jRi<68sk5RY&hjZnLpG>|BLGS
z*Ba;`+8Q4rH8gd(y0-T%lwV6Sv-Il>lKjVFNi4+8gDi{i?OBAE((}BiD>VyYGUi;M
z92Vm%IH@#J`>SVqTl>m^-mYoa1DL;E_syKW6#Ac=9Hb*@WdDAWIFUu6Hp#5YyFnS6
zPn=q{j?*>GM?FqK&!glH1kx44KYv<riaOG_H0=bo!jWn!i&cGEI8iFmwvA~rrB4=_
z?iy0as_=?ED{4r>*=+iMSM_LJiyq>QW1>zzT*p&6E$e*<cTJ_uAV7XsW~IpxJ>|q)
zOt(35O3n_P4mdhL8$YYv5`XOW?WO2x;t#olw5sw9#&K;6-HL#MNo+2Xn*I!o`V?e)
z>Q3`M(w?2pjvUBEi4^QI!(G%QYv|%b=`(APk4>XJlZf&60OcA#S)lZb-WoJM^^xiB
zPE@#@urLN!6PTY7F-hz{%N=U$^j3@3prWm|xnXK;3DGraKK$FC^5-!=iA9g8*zvYT
zW`})lvkKPLe6;N~Q*eR`ur}&#O2oO~&n~e<#3;O7qBAbGTN1Pkak0}JAT6p}=SC&5
z^U@}GyU=VT3>J9iYWT69MB<EkMtAhf(e#sH8K&kWq|w3Cp&LB^SA4hmG8&|?kkYf0
zOIgB%`)y~p=MA)n?1$q!kxI2AGMBE{wHI`s$nI1qgHsdUzVXI&yTmcR$qeXU3nn|S
zMr9ST(=+jT$dlO9_H|7BZP|}8V&U6HSyv92c($~Pl}An+3hKBR{tP|fD$v)=a4m^&
zMKCOQ=yQ%$X_n%W4TU6Ru(+~DXY~y6mS7lIDS~w&WSQW&mQ;ih-<4P5-(Ne1yxnB_
z&EQ{MA1oY`v9%n<FbVLoZ|q)a$Rl~zAZR2}%maprw8g!D7PQ^)T!rDr#D%L**xk7k
zT)C8SUu$_8)Cu|cuD@61N>-Y9LP*CxMb(yYy)7dbis25H2o;t&OKZ+-!R}53QOlEx
zn&S8C%`7OWa?W%|pA^*XHyDn{G8(QJj6xfVWDPspW;KqtH&-ElBE^h_bK|Hv4&5=d
zES{F#+T*e5_86ZMk<xIHrR-#e4C*Z@@BTm`r*37<vAF13*b8clG_<7NF)ZR;-;jOv
zP@CE~y|LQr6c5klpX2^;T4=OxAF*Wb5qFyIzC`!xuB35fmm`?u`BfP!t`N>g0AyMo
z@NN3;aJBa^D&agI`IY;3rK!gtjZQZLv2iNj$#mo}Q!%(g=T(ASMaOKq(94*`-<pe`
zC-g*k6JU_@rAetQ7;oe;hFIq!B2|^VQDAHLD-FtYWCY1m>38jS_xW0xp|T|!)pru3
znxZ(Sul>pKNA;ywn%d=V3|3YWE<JUvcDZNjW&BQ-BK4ubEe9Dn`;QyzQ7034^Z|eu
zKIPt+Snll$`D*JKA^-6$@0g}t%w8s`W{EvP<OG0I2FOwpAPObT{a=JW8)-e#^i3R`
zcdK-I{AS6I^Nn*#)cCfaQo~o#pDzqet_=yh-Ax5mbkIc@`CM*S<ESGOr>ZbSNeN7$
zwMGj6ff0esvhT4x|6+&#=ZvlYO<<t(|G!w{|Cj0`3#oqujB_gzj`0H=M#}(2L$W9Y
zuXwWW;s}{rRJ0z<)wq}u4$eDj1db~+FfkdFO_$8>9&h~(9!wF%a>idZ!(BUG93&)a
zfD`~bW)300?LT2XcXP_Ta#W4F>=+xNpj;G>$QOti3y`p861l2!MAXQWwia*8tcD6b
zkGA8BlvD}W7@;o_eSsKTw7nd0a%!q+1ZwJpWZQ@9Fr046grf^ZIoyOg?96a9yS-2|
zXMq=^K!Z)tbM2I~iVi7TLsD!Z2&&x@T5D4$?gdT}ee_Sa){kekZY>e0?fPO4CNE0S
z>6+=SMZwt@Rw$7GFv-^+XRnJUJ}A}g+|VxHo@Ldds3tLLwXiBFTT&l1_`fx2NDI;m
zE&+n7tqHuh3`D>wP@QYY>5c}42vO7Zp?n%fdMyJ3!=jCF^+6})CZfsHzAaYzyO~mo
zFEf<n=hkShIZlI>!fI`j<#8=fY0c7mdVT?T<lRvi%KL-%<!K8UkN4EaO)`3qss8U-
zJc;hf9?7V(7oX#mDrt@zU05b>76n}qF{5)fSp<oRV--?aVC=V!H7yi<;YFy<^HrJ<
zCkIQb>e0uFgPRbS|CEge)1FXuo;R9?>>c>5`>}-%k0(3b7?j<&SO9H_#C$lGeiyKg
z!S?(u0O~#Y)!X|XIEgxtz-O}W+Mrl#t%ChFetS6mVNXxboLwKs@o>PSCNm|aB+X~F
zS|N-<+kQ@li@Ob*W+(?msO)@V^cWNAPtJIl>^RJ=WKJlu`;AXgA%3n(S=bm8$xlww
zG1k;=D|y3VZOGV(NSDCLOGop6EBmBH6piJGOs73wn@FVy+*TgwH6;WZmk(0Xvr7|o
z`Q98}Q_=Usd`og`A~{*G=7mE|HD`o7{+uiA@$glyEc8B+Kp#1j2CuKD3h$Eq^5w6<
z*;umo@Y;@(Xl`yU4vkp#G}QN%=UO=kBfW3>vWxFrNi^(htx#R@hqdBl!Tc8v3H$mI
zFRW%h8+3-5I_akOT6dZ90c@3JxK!;CZk@I_yYxx(YB`5$N=YiuYUfg*B1c12CrG%^
ziN!y6gDj=rY}i4Z>JmI@oVg?#I2-<LP~*Nq|CW7IZX=7MtLLWvbg3@u2_~ANk0VdJ
zw@>U2SLFb{1OPH#yuLUZ*eWhBkFjpLshqY2$Y21Tk9L4QFd!_f(|FABICKq_99Q#-
z_2SZ@Y~?UnxNlN4ywnp(@Y{fHV^oFSkD?C&!bO}BM`B<MgymoE>-TebrW<Ulwu-b9
zIA(ZMSg|+J!Vw~%(~eZ*t~HQO>m;qG>_OOFM?hefe459=9^dD4QFvPX=Lkqn{j@DL
zd%n?1Dt&#;)mIT|89SA;bK^7eSJ$ayht}O}^M7}$@lwIPoj$0ebs^eep1g-b8jd|s
z!wXTkZC6vPaCydsS1h&PZ;lcZHZohiv8&wfwfp_EvaKyMrBtyVfT=*(?X&=Kd7}1a
z!<)}!a33Iq+Xwg_BO@YSzkTbCxU{m?d<DOK^;rAEX6|xx(Q~{#kTkp<&tdC#;0LH_
zZt^AY);^lDu1}ohbPqBAF;S*-Jv-G!>?#CP!#(bQ=8_j;4Za9?=$kf@`&DQ;`g6=#
zR+imXvG*{BjI!E+abz&0N$hRfPvN4n&Wl3SX?BO*7W}?&D0NX0>9ipJ`E^>DV9|C?
z-|j!{6~1t2+59wBM|`>_`Bu4P>*n*L`zOi=C|>}A4{6}QE#m6bwc)3~|2-eJh|`X&
zg9AU1PC7slhAqH@nyJ99npFgtjsk;%4prKBC4<+GwFH)y^wn$M5mM6n5>TQygUVc*
z@={p&rqyhIMt6xH*MlRwa~^yCoV6-9QUbY=(9!4ajrkwR$qnZc{{2kow61V;=}5h{
zGn*uQH4k}*PbsagQ0}>G$*g%ST*&(*I3UyT6GVhTooAW-gZ4m8S?s{pSx8+Bl-6Qp
zwKU_Hg8!#%+x~rD<k!m&wFEvc>CZ(xlPnIye8Lm?S|BxVJ;kkwL!vLS)f%L(IhZo(
z_)-<Qz*hcUX(;KPuZ)ePma=Py1LMoy2cK6C1X02_mA`)qTp`x<rU~|TQr}u+4mQM_
z_aytJiOO3zGw45oHXHcBW=4j-47f{hKw65b(vL+qgm8WvB+?ehJ{zNYOXu<7%NJjO
zdtidnz}Z<CAV7U5C8d4ssjf~&Kp;TN($?Avu;cYEp15+6{1l_X2N=eLQ<RdGm;sX5
zNg_!tEh>N>M<3vunXISXmC9cq7n6~?&`_!#v?;H~QL_cX=hp=~p3U+E(Jl!6*!KLT
zEA*8Qj#P*~>I%1Sbe8xl>h$b(1h2Kov0XQwv;Ah9Ym<Ag>z}%|Y2ZvIy-Ie6vyxP-
zmsDya2#~g&rM-7YC&akj=Z;n=r1~iFETiH3KyqrKNY}{W`=Iwq(U9f=H>}?C+MO9`
zv8iPo9V(%KwE2RMj|-DjqBDrCf|RHkP#Y%oYJZ}OhpLNMF~2H2;L09cGP#k_KJq9h
zElg0cj+LuM3P&<_v{TQ$nQ947-x;pJAebcXG;UU0DRPl`=bZxV>kWL?(Fp^F&E}%N
zmdwxgK-b79Q+F8z*`uNf_XpS^4gm&`kDoq`u7a&<)<`<TX;Jac-XFjAZ*Ho@Qn7-2
z8t)u!4{gRg59)2-L2j3BhdGWbI+9gu=96a+p8U1G_6lflOPZ5ey^)|_O1RsX7i-Dk
zSU+}{mJ1`=UGJOYNESX<jJ_gsK2zUwT}``ruFP!~4B}udUM$9%yPiZeu9O)n(kAQ=
zNo;f+23DOjrs|C|*}JYk@)XzX_9V7mE>r1H+*?U2PHR3ahhP8a=i<71OqYvz1`<~f
zso2b1nX8n1pJ3lS50@<g+^|e?fIN|v%X&ua5kNrH-roL<np)A>*%@0(bp<e_F|o0w
z0HzPHF$zQWv@%e$`D$ED%Bc$O?%x%o$Z<d%61IsqX|W}cS%P{bh38Y$L@~XDt20a7
z&tVE0Y8;Tb+YTA>7D?TD=k{gbn@Ol+ABTEb+_Mq-a#a|%UvgZ0+@HG){HY@e>t)N<
ztcH0jvTkvE<XEZvBuPlg?i0Uc8jwq(kQ438BTxK~o0iu#LWK}9bI-V-273!^>8aC4
zQc8W{N1a|;yk`w>)-F0};ilS{Wv4}V%~o<|EstkY^}2JbcF1h&ga~U^h=nJAo{i~L
zwZ@RX(4o&`EC&ug*x}ae03-;EpH&4tGNl1K12D>v74j>$PnVfoEC+K<0UX-d)75?9
z%gf6!F&AFw)v4w5;>?f5{@fm~Cfb!UMgJU;ZOd_}fv6PE<x<k-Qc0zaLm?NLy_u@&
zrxP7cu{+9reyi4lEi3InPg~XziRud940C7;Y^*Fc*8Ql8+P&6F;7e$IJzb^!gR|>2
z-C@JUUnF5gCm4oGY=epQ+N;YwXQ%eP7IQUK{)|Bq*A`^-SB|Dj8=AT{>*Y~Z_-jY2
zMa0P>lhu)W;s(zz+O)CBP3vm@Z6mKN_MPVe4NuLG&!*{I3j6#boa-%uw%o#o&N2X)
z?}|o=OaL>n`SEwkHtvAnU~|4`fu!snWSXavm6cV-jK8lhkLf4_CazhNu7WohZlc(D
znG~#ya1zXesteDF8$Q1AuS9%gY)Ku<>wQ0Xd*S)m?X*U^qBty|`HuxFwRE`EQn#jZ
z336P_Ee<++*Nd2FoXI)WUs?*em1t__x%TIv(%61-nyi}0R7~p8HCK2=`4`NKb9-L)
z6((G*hAlJU>Ma2`ak<%sB-Cv;Q2>SP$r1}S0f9Gr-~Ur}d2a!O(_|WtU7F<_bt~Nx
z{Eif}0&%7i*=HKd6UmfQP_Vi&lHuHddq)Qtzc&C69DqTRGIyI}18F2c2^PTYMhJY~
zfR2)oa~g1#_WASYCDSvA!|q)=cqD;CS=S2LLM$JA@YA}P9?@F?_l6@f>biGhStju2
zN93<}>EV%NK2iFI4E0%AKcOdI8g|?A@^f8Hu>am%>do0m{`ifPd>S=oH3_o0ZrhmY
z$)RLfR8=dx%WxN&aUIT5M*L_elihs@G(|8s%I78HKO?NE)3X<KDHE5BHGu-RqM74J
z)<W<UBGAXdb`(7v+L-&_n{27XSB%ecAD&c7C<|=kTNwVxB9(l8g~im3W`++64G36u
zAA0k7PAmaHRH%yYZioikQXwzWX{TlofD7^W-qXtj993Y!?Yua`<&vkQq?893m~I61
zb>sm@$rzwhW?*D2ts)?t@c`K2fe<AsX56DF-r5=j@Lg?)X0kmIHx&M$KBIT_u<rfF
zIEP<5%`Ti}e8G-l<RuCH4QIV1rpk?ylF#l?LtU(yjAzI;HF^Li_smzNP#D?et)B3c
z8!D=E;ii^T1d;nYcxuDuXq__JZ|soMxUuRDmQMWgNVDx`+8_!Y(>-M=8S-()xHpxj
zd@{OqeYpgE&R35=tzhl@OU_bQ+%Y4uaJHuW-%NP?+d^B0=m$qbk%i2c@AjbZCD9!y
z>2vA`2WTG_^Jvihqdyws2e}@9_puHF_)^-ty2jEa{n4Z*+*R{qTYRvNfL(dJONSf#
zICtRDfuIaKU*H^>W;z54MNxD)w$<9~Z1cYA-A-dT0{p4klWke|$!avINxK<)rHq}1
z+*^2H^4$&}ORnc<L=B|sxgftUi`zaIWIok?W_lv!7LsXy+}H3qCMBn8*US4ZYxYEF
zbeiNk-lY<me5zc|eYDPSh@ZOHy?Hs*;Q7jq=eL^JB%|g7BJDoYNuUco{f&m*To=jo
zv3stwx0}OQA+l8MjtAlo?{63a6)KghfL7B2z~zKWLM6{p3y}0ljtH`A6r8RRuy~_r
z#gnr+OMm?IpV87HjEfSif?zN*One%JZ{HX><MS6P0d`~JhnP4oI60lMAE!r*ZNOMA
z?|xC5u;sIefA&lt(r`!yOV&O!55)W6a7+3W6dDptZ`bNP=pt6)R)zBW`xgeB=6NNa
z67ch9GscF=eGOB1!lSq7Wy?5SO+}s;<|a$<;|53J(iCsVJ6)F5@#luzH`z2XYKiW4
z?Pq2Rf1Bf=GUT3y&$X8w_AL9@rLnTlt_apll#hA>xuBK#n3e8zJ_ijl!;FH?GM>I~
zmD&uKg+-0Tq_eQX#*aMS3%FNMTPgTgFG3}VbHf2Mhb!!~qwbS$*8!|=z(X(hnO0`*
z@7r9Sp_Gk`7_jhZj;8?{Y<s{3^24PhY2LVIi?N&8?tIsZYXkkVUY1g|B_`A8#K$r~
zb6@t^j)H_HjAz+DxlA1h;@zwA3o`%MklLzvQ2bj=L!(rj<oBG0urE^F^K5$1Jauiq
zk&Ddz42C9+)J=~X3)r`j7OfoxJ+1UuaXX$&ut#2;FWS;j)6~b4`+in(!^yCB#;T;b
z>Nlz5TPSninQ6;-*oDO{a`!Yg+0WNs<*(<XrH>@7_~#xHYg!n>kd_iwFKi`-AHdws
zl`%DCH5nY2kTbHdU{CQrC!Nhd0dR%tYT;AVS%X>c<`^7ctbWoP+x3<QE(cu++$3v(
zxG7&+sMzK`JsbJ+OUs3w$ezM+?AahAW6Kroxdox>r`7~X{{TuT1daYE{6oKK)C%Tr
z!UA`-^V}gpVrJzJTO!Y6*us4clvLc9hx?xQtQ#QgYpG9R?kaY?ENV2^J;_egvc(&m
z7T`Z^CP{6vS?>1Bb^mE-YuAxb-&XD?$`b*hAL3yFWyW@8Y6Cke?fyVOpp<%i12Fn5
z5Q#eNko^jH&}Ce9PrTfCdug6#2?TtAsmg|+7Hf(`V(e$K)R=#B5V)WDqHZK?S8+a4
zH%|yTuLnF`OP0p1C$O$6`s`UU56R$a%Iq~`T+e>#g<X*F76jM6(veX>K5Cp_b9>bK
z1d0Az#Hn@taq3@dpp12XWm7+JHN`dPZCzLj6Dw1Q{%Jd!^n}>Ul(BbM;=c)9;Hkfd
zi~bbL1%;TXk2c>Ir6;RcpLzZ4a-?@}LeXjnpE9;HyhSa#ND!Oi0GV}LfNS1SYIssi
z1h71g6?wd@(F8Jpo?v6QZ5}u9{~6mf8vga>4Nt-^yQkW&5bqMRusw;jvVq8D-b=)2
zC`_3CN2E688qse|ymm@rDaRIO@T@a7_@&ugcwm6_mAxhld^ii`_>92I97U668MZU8
zcsDEa+|cw&w?9UOY(_kFW8du7b@(iPx5;B=-9)lBdN_S|h&eO4b+~;ykSVGuZs%}%
zy;ufvP}aD~&|ZFnd;=<EeJbTE<yF=U$?(DWj87w@?q7N5@oH2Z$Os%?0(e+If4R_k
zx!U^9bypjpJZ0tJSUW$cRTB{LycGk;qUPL>2GGL_He<#pDz`;cRP7R@i-JU|)ZFqx
zAMJwB+h%UpuzO8IbH4i74Z1uI+D?rT-kAfv!iUPwNrYkB7%9S&CrWV1x_dHYgfDi}
zMXJ)yTtT+Sj~|ZSzAW+5ez*n*8Skn#a-NjbW$ww{<`1gbFP^jR(axMA?NpS^uS;h2
z8o`dRc{tv9O+(%#6_ygsx`)hclZ6_n@Z+~8-<(lNo9p~q%47){_05;n7qky4VY1jy
z7ZRG^Y0A2|fQX45JvICipS+%3vC+`&45OB}uqYVXy*fi7$CRN%E+Zr?aJ5?K=*hdT
z3mxLsy5GE~*C?-M3<unpF}9BDt_Q6mkkcA*i&<UJ#l$RnNDeR(Y@slo`~`y7h`npd
zx~c}!=72;cP{XM89Zy0#UgJ<hQqX+CMf=$`)Y8k&H4BkF$jCEumXn|;12z~~NJf($
zcj(=WRk}Mz<c6Kxc)ULl9K72tY{p<1Z3T=#je?`2qtB!=WNZ9B3mHvn{1PDjt_Eo4
zw=JX7(v*SHA9Q9EYsXi=Lu5Vp>u#U4U?aqHk})IqVPtf=U%yyW+IRHznm!BU{au69
zCH*^VjQr~PS;<G%;xmKGn00Q|fM;WqE(n*dG;(D1MpCuG^7iOR0QkX^;GlGa8S|6M
zCy2)11M8nNbAjaH?r#88p@Ax90KDrrJi1{`jvK@23$b0V*x1lFCX07DQu320I0OfC
zAZt8FA@N80$PGtmJete|_gc9XL5iq7kR6oWrWE&){M+ynRu!i3A3s*OWAN@&AnXwv
z;!@qE|JXSPFZ`F<;o`qPn!p=54mlF<aWGv283@bFIL<$y(rAkrtJN?R87Tv5lh5xB
zJdlo>$k^4^DNeo|PUl-XDHKz6dCvWK`^@KuALHnA0CUfbo7~PSDCkF?0;3o~!RuBL
z6GK#>ipW=n9`-OhH!J|}0qCR0L#u5$cOgXlLlUTsItZ7S=Z>G?QWt4|RU=>?GxoxM
zB_$&OwdAH$Ebe(hyT;!w=8&J_71-Eh#C0{5n~a&@Uqsv2tkj6~)T~4)_nJn4L>=fD
zPS0w@3l{GxYLbJrumQti_V+CNv0kbA10uOu0gr3vwAsOAP}}M53A^X~)0i>8EX9)s
zhZBt<5Ewey)gDy%4rHl5Za;K6N8(W*6P>SvtH+P4qD1M`WoQqz%4ZktK`h*=pk<iC
z>}E>tghtN3)fMp}yIt>s(WJ+Khtj{ZcJ>>xEGlE}e&tU8V}xG;sITK3>257%pS+L1
z)%5u*0~z2@yd5yp05lB1Rg`{j92{nKpH^l$Zcl{1l=M5F(@|IN1`zLuWRcdrrYj7m
z8v*ox&$6Cefx&snnB;9sFWi?Kz*T9p=gh#MFq~G}-%xLYt2{3z3xPq9Qwl<+$LxWt
z?#@gQtnfEX(=+k@m-8$3SDq+D0WfM?3|MnwBgoT|6v|lzC8?rVV5uK3DEWX`wE<9d
z^pI>zN`MM)$dXw()o8Lv8$F~`Xs!Ifie}dhRtG<3*Y)^xHah8*oh+y`Zdm4Sg)OnM
z`dMjK{X`mMS)YVT0TNG<Il)}u>lZ&p&VjoYnnI7EE=V=zSJNMyx&M0&H*wE?Rt=6{
zwv=CwCcTnmH{)y~Ew=8q(&O_PWkv~jU6b#DeTwFlgY!8OAh`Y<gZgG5sR)E2)fdJH
zLi*bqlqbF(e<LeAl$4aV?c^l%`Q@rCTE>AQ(2H&>?I%sBG<PeBtBLG?Yma-xHi-cB
zB2S^SRT$h9h?ud??FH7j1lHe;-w*zq3n1=prCU~JNwg9Rl+wg^_iuMz&NUj}={_I}
z1zrWA!xp9x0%>pGUR3pvEF|DA_XWet;y-_)^73A#%^Dg)m1`;U0Cfqd)fJ#yK%v!I
zp2Z4R6x!fKL{HFMEEB<%&Tse09`~A#News;BP;juD^*-})X_37z-#53e%H?4Lzey!
zXlL%|3VO);Rm@nn+m=7n-D>vwL@q3OyhdnB%yC5-YBlSAd}oasT*;{2^SSffOCcZl
zULJC){Wu+?l<UDmLF2Me!yVWU#U1vdc(Cngrc$DshiOWta-x`NlAzNeziDEol}9O|
z^+6ECkbCN<)DJZ5mkh5dXW~ahqNK})j{Mnyq_Y>VYZD^}uTHkM|E`J#H72$-n5@s)
zHzMfErwb^I?O8$DYF5r`KFfOZI&;uy(X{uY6%p8PN6Ury`58jUaWH`>k-wiw42Tk<
zQ#p&E+|zYGS7ACeQ}6iX_}b^+4aNwX!v?Z|OCYE*)0Vrf=wVA0VuU+MzK5s5u9P*G
zVW^k1llf{2Mm5GJ#0L&qBPY?n_LTz*GIbsI4ur@Vx-44&7ZT_H?aUx;S|FFCSlTP*
zg$Zs-ISO67H?oPRJ5F`n#=Hsq{S5U5S~Z`@@(T<9a!22{A#x-X5YEZ3c47wWx$g$`
z37aQJh|3*sjW+rkOef_cjhGh0f>ShGpD8}d(AANqK}V}=cYdp9{)DmXcuP$47(;(&
zeuAFD*zSHTy2`fLT49Y$<+VHSM`QmPiFF%cU?-!sdZ*+?Tv8HSh=7pLij6RT|2m<a
zLa~nY8*gsoLfRNZ3O_p4fN)5jO!yKR%>;LnayL(dYr;``3XSN{=N=wh$?e0apQR0o
zf_`faLOTWWx^yACyPPIdFN?=)R(iBw;t9qt!!mhdGtC)Ee`cC;Op(q3a$BFj=+M!*
zHl%8lJ%Gp_xHf!NQ!`H<c?|Sa*?KrqgUI<~H}YWY0|;cY3OucN$M<)Tm96GC@z_^h
zJ~K?mJpbGn@WNbwkt+!to@CDq9u>|Y06Ly3SG+P&-~NLKJ~>px7p*d-8@BnEZ<DTC
z0P4~V8$%kaspNK&hejB>;vP$1ms#OZ9o2pqq!|{Zm7`!j%!|*i=u-^&WP?o-koH+f
zP!Je>W?=M_uGe~6)!lYisVJijT`k9l0<j6|!f7YDqwj}9@WOlo+i=(9l|cXM{ooBe
zd{Y}r{e5HP-(vjLg;yce8^XEzOld&FmhQn|<`8lUW)tv#M`d8s;i;jWL4AFHzk+^2
zMuudY0{CUu@eIRI2ytia*LGhP<|wK$^Ng?MAIOf>R89ZwRgAlB%gmm=BZcwd6HxY~
z@wd3@lH-F@bX>lRpTO;9yrxCmPW2Ewr;mL=F9-XjT46I_Q1C&NL*c4-1ixjC7U#8x
zXEQ7>Z{x%@l<%noz$ObDSpQMFw`Zlr8J~RtJe<=y8GZJ5$!1t#+siI~oXzKiAD=&<
z#rSM)whHrmS;mN`VzG$v^EQqNl&#OgIP>oP=S8knc&*<W%r8Br+xe4%ExI8blLELo
zW8>ZRM{n2Q`I#Yj6hF;BJ;10l?US?JdAE!7_w)0v6ij(+r_d$yNp<n`C=4C{^o?aO
zQ!fuS?N)uWavrfc>7Ykac1<^ML9WIH{mxCsllBzd5)yNNMSkodYS@C(ZcK;))v)y4
z)Lp;%u5n;mGEIBItu2zvQfIL_g81x1Q)Q3rsPI1@z?xH?FOSd5eY_`|pENWyTBm+=
z>b_rvg@v!qH3O0Wk~cF>b&-Z5;FzrCFrie=e7^*s9j;to`=6yPU`zAC`&RSII=VV%
zEN3_$_uT&%y$;L+$wLubncAJKRu}>}CBPKL5B}#-UBqbg6`VB4>Hud$-@?Y`Lz@E7
zSp3fr7JZBFuV*n{g0fd6)mVx^D|-{C@_|%i2a(+LGGt|E=2tPAVVmdb5wCPYs?6#|
zRqp?JMq5qE_QO$qRvH%=F@GT`v9wF9I)VOoQJwzvmszH4Q|&BOgJIeh1=Wua_H8!Y
zf5aM!IDI^j*6%kZmC#SVA7}rlRHl#%%yRL{7hMkS?-&`L7!IZnYlOrDck;0_=@(e5
z17kOWQ+A%Nk*1;pU+N}gOI5a2P(pW>t0g(yiqGaKo@5JQ4dPvDYAP%Y1@r-Iccyq6
zk5W(o;0y(?+tu7}-2rIaJ?I3u4@aebewaD{nx?6#84wa;^f&LzoYSmj{Oa|b{Sbh_
zw*snN)qs8g(+&zKChGKdEQ39c7SAR<yt)}5AGZN27ZDLTpQvhd1Pk)>xA$>1DM(3S
z0CohRQ$L8}Dagsu8%h-~FE6(N6u-*cFYE^Fgc3Twc4^~THpM8!@^Anl3_#$V0f+l%
zW-<s`&a^Lg1Pk<O2NKds9pIXM-8O#}vKj7qZCG2&DNa%1u=$C`egBQ3olr*rBwAQN
zCnW8u;nvxe3o-@5!pf@e><j~5<~_;#`VcAY1-bPTW7~K*x_@PdnWU)#5dZZ7dPqM8
zjOlrJA^{rm)HFhWe}6#VPEFWxizw)K$@dYuN{i{k+%S!3P#P0i2mS!2*5QI1ApIdC
zDk|ZaGPCQX<GRTRaP4!G;S}gJh%6%K0P@-W<1yvvgoK{^R0EAYu>IoOB{UEJ%3$~Z
zepMIlV0{JnnBoTN_F~9$u*M$wpc9ZQb_TXq2f4E6oL54Th5$BtcZ<3+2A%;JyvUgu
z%?0S0_VUV#1|YI_G5Hr5Zor*?aziPNVXi{4V><p0*3Z-M0Rj<fI`7~rnU;3a(b96h
z%7v#c17!DFka@@Bv$LbUI+Ou7Sv8=kg$Afp-~)<+T?VBkMm^5~wK4ua>etpp%D6gJ
z=i;f4RrD2-l9F65H{qq~>;+$|!T<rhgVku|Lm%4f7aNg%2bqs+(I1=(=v1dXHLL}+
zmXwJHtgWop0qu_dWRObP^@;R>)$`)c6szo3*xo`z62R>nk(4Cw;Q<Da|LfbcCgc_3
zuF-hX)ZyoOgPn6WvY{$7^Jl!SM?ygXJ3t@b3ZR3|K=VD_-7om~qSbU<eB1o-?<Wng
zbp`~1GVn25U=}@$mPnJPY{ws<(s4;?&6?bdRtA$F^F0q?r?3P>yvmX#7~cZRI?ePq
zg{KmS-7tR3Kuv42mq3kxa$H(+vb_20oV;EDfdV!iW*JM1ia0SbF=3(*PC$P_yvaVN
zvGMlW9B7fNe*f)ois%aKlz)Jpat2eYQP`%hJD4_@lxuxk_wJIh^!C;R$Usok(V+pl
zMXP%?GYNbotAJ2F+VSx*Adp=gos`sf)_5kqSAV3$%f}}$pbICIU_ExNxcS6O+*#h(
zNYjKE0#q#8Qy>dHGZp3s7w&*?;rF<v=b3srx+}i3x!l<Rf&aI$Y(?bV(2|WFZvwc2
zTVllFO_=j}y`2J=Qw>jOcsR0h)@o(RpLTsv6txOClAYTp9%ddX-!W6p4Qt#I7u*1$
zAa06K_cb<M{iF4P0^KH{U1b#&LXW02z(ho*rVi@f{M9`G^u_MCvjJf18O2fV8)99!
zRa(6g(8#vKIG}MRa2EpVEyn)zV>W-6(@c&6-_9RcvQofMO|qm7xEDaf&V>emeDw^K
zHcM|wIJIOQ9Zwib0dWvOxWUxS?00&)7r^q5#trOw9u-eln3HO2Yg;VTCjc+{oA<4^
z@}pVfxtSS}rKY>Lq2Hjb>b)E@VoMmZN=kUuzpxf<LWsVFU7T0@>l8DC!Ksy%g21}~
zn7f;iM@uKJ7r^uiA3_?ocw>kGvWSU}=pR2Hz?_7p1bXyi_6n<fdDdF6`1@8gJNenz
zu%$i%x=g=+{rUlH<p0Vu8^(jKaLTrPI61d<Ui29FWXdwl9FjFx^M#DkdXhJrltizv
zxENkrn|QK4X~-K0*$ok5?1nj|5D!@sE+xFTHA%5HFR#NavQ!8T4)%)NgIQWy0)kLa
z8+7h+FC2ewdiTSxG%=mul_@MH#EG{~RjKTau!lEYBsE=(ds<moJdzekp0N-F=A4{d
z+W6Re1%=GoT8g@Pn&(HkN(8#_D_12`k?fH#)=v!I2MNk(FU_DD1Ox;CfgBhh`)~m4
zpP9v-xxDEdA3r46|6!afJL>$;dJ2U9FPFxmu)|G#qW~8VFa=<bt69Y1`AYc1i1_#}
zT%kF%*Cr;+qL97&X~QHS;K-|j@whriAo3Lg_4*jC;5_buqCJ6}f&v3CZxo<JqoS=H
z+P3touI}o(sbi#;AurDk(470EsoC2T%?#+;N!-ic_K%}~2jyCx(XDvilD5A2Yx9N$
z))#7OWyN{F1q3J#f`McaG>f_FgDA_x=#KpbPDM{d?xYUUf?K?4^$Vi@wa(+WK%d@y
z`7%-X6%PIVV4w@n{PN19x(Q?CHrBd0CBu}H&X9VH8PMUpo&!YnDkEx?bisv|GI_MA
zH}v2Z$IIQ08IH%=-+}Z6fN9TrySOP8urURy+l<BJP}#K;S4j^rv_`RB7)<b7-UIix
zSuGD5>V*BaMawy5VtkxiOiV#dZSrD!eEZ}ODRGxjUoWOwqy++DzkNeywve<##IPCE
zLvJ`*PP~(&l4FtI0I2n@0Lv6TkbLC6DX+WiM``t|vNA436!KsnsDM1Wr+qX_e)Fz+
zx1?<eHhhX|Szs%ih2^~o6Y=eZZJoFRw#ct*Wl62+l2}>dh98_34r~{E{vw`+1jH@W
z?^l3%BjBAUu959DeDbdEBBYZI&9fmN12&fc72N><R<A)dUUd%*A#ctQlTI!Cvb&G@
zT|a@}<Jyh0YIQn%HaBMjf?)$d6A?)K`kt5}(G7d`CX7b$X8@}WirVpNx9X_*AwIYH
z1iOyQ8u4JNc)mth>I+n?&WfA$yNC>>Xr62=JgUX4c%9!lIUCn|Q6t)5(sjPeyX}+9
z2$-_CHwGD6L!S0L4VpKV<I{@m@m;5*KHb|WKp2q%ur>flo|pH>9;pN@q|+t(59jCU
zITjjpxEdNLIANIND&AT`QAByGO`4`NquVE~zq>q|bdSQY4S8yDT>+sMAQ+1R=oIm&
zgkJ+d;iNWX{(=j3cUgSrdTRox@c#VG;(idUn;en+Ha9ev^KHlW6ZdSfm`;a_!!<zA
zXk=j_Y;t=|sOe$=$ovN0QFFIax<;9C3IbfXwwyT0cw3TjVnXd{#1NFTQ96W0LDGuD
zGzE)`k6$_aU#-1mP+U#aElfg?-~<_*5IjMHdvFNu?(RM~6Ck(+2`)i`J3$B6AcMP0
zf&?AhxrgW0z3;91{(e-dQd4uLPoM66x_7U=_Fi|*z}^XrD?LAd`r6}Vqq@4fvhoku
zXuWYr{(~st3SH2sb?-iwz7>^z<&+9ww!Oz!btXN?u(Pw4zCJmPHoy%~K_<r%U3r(Y
zMtRPVlpGYZx8&3jGh+)BdcS@NXaEAfe!$b+nwo}&q=`u`-A!{4ek`|5>u=Ccjt!h?
z@d+P!Y%<<Xbk^2RKt#zKkk}c6GyuU>;Ag<!Xh#DSN?NxdZ*FcbGg4IfHY8u6v|)}h
zROSSA`(+1q(s-H@pl+@pEj@6v?+(OY5P)@q2-tV<lmuM>9{%Cs{Xeaa&78-*9L_-{
z+_o?Teuo{k=hYoJ4>v?hZQWp_fX=)GMWI#-$-rqyUBd!^o`Dz+;4&io9v!8lqYLeL
z-0u*6THM~Y1SHLb0L|2ae=}wDO!O1JsMcU9h`K}pR*KL`(6@m@+HNBLjCa_S!t!Qj
z)Ig<pfG<;HGew607<s?IaVr3`E!o)FZ2>+7LVClX2Y+9bA98*JCD8*rJA;3qo%oGD
zi#rK{5+(XXs-=|`;>n~OYmISN(3koSx^&jxETSEJpX&q>-i=H&y}I#QW_cInJ~o+d
zEpPHiZd;ntU&7GPuoL+O9<#Qccd+a-lGVH340m^dmuozk6s+6f;~iJGe!|b>C?_XY
zKn<5nB!KJ-Ag>K`-S-SfpX|34g!GY`?t(F2Mf0_>jFfWE0SRo3fS>RZaCiZ=jLQS!
z5{IOuBncN6c0lUkd3_dn*i-UqGX&;IyUr35*j8;I-)2v1d>pFOqHEa5yo4`&^%-z;
zIdUlYTxr%le4Z6NpO*J7e7yga6an(1II}eAsGqB6PjMGV|L++M(5}c5(ez+X874?T
z7X$hr2uOn-%-00B`CgfROlx|)-M?Ah5e9ZjE8unCF|y+%35+MF$Ghn}>z*A3O_fe9
zFsQk|3SJ4!>G#ewd>2h35`zv1`r>E6`nyBWZvf2^Ie?o4)aHT5OH*tBEH?{aA(fDp
zb{iAAss=W9m@8>RM2@voYP~=9_ug05wrE6W*x2Hz%%~Cl=YZd1Wo-N<A>j?MFvawl
zKD!({QS-KWWqL%ao6L)UU!<Cv5g*uN6P@vrQPsbtAyFe@Tt7a$p{pPqbk4aB|H@9M
z+av$Bk4#j-XuW7#oaKK{jU%8bkux>`=&#<a2V={8{=6w?bo&Nqe2S?tRutaGGf@B_
zj;7K1mJH5j;Z#>_mciU}d(ZUHyN9L~N5C=@Z<*Y-M{=8*QlUpJ=wARK+85MUOMuzo
zp~l?&>Y1R9rj_coO-4c3ezj|dL8PkRgCmA61~M%2Ty{Z$!{G?PQj!IUx!cMr1gKs+
zo;Wt5JPa&(O6Hlobh1>R;bB9$DzcOFfX>YraNC#tz=qrYjgf}<UukKn*BOilvES9r
zt@$b7um#k1)~iA?j0m}2Jcl9CSlHb4@#xRwRM#Fabk0dh#fJzyfkP~twL2~x=5d>3
z@*l^>OfoBADzVNx0Z#Ol(jAn%O_rF0PiF!!SMNKJ$j^<FpX7uu9G@mS;xiM=bXYdZ
zA5TOtACFRAm=Q;%oHidnXxHf<c^7^Km9a3NpgZq&Sup+nW|Yvs`B&|5`AJu@bH4EY
z)oOtACiu?qAlpFXPv3Ui3$rlCTQ2m3Q_f-9%(msGlsmacW@CG`MUPhhC9_4^v*pJ1
z^Vly`cMp)z^M%E~Z~EVTSQGc&n&|A(v0D#(n&76AZIQ~Y3)4#A<i7nyg`*HP71BJx
zLJ_DxkEV%UBfD9o*T4dw;NF|MUF@y+%gngw=%OVe>`0(29t@873Vj>mGP9hP{__P+
zMmk+I=C4MZR9UZm2dw)7%C{`kYJicj8u}R(9}%o66(|YV5F9r#f1U=<X&K6gvS|v<
z=b6xL9GXM2*fh;2j^^1A;F~wo;~xOt(<vB<ku!&e(pqLingvyMYSy}@>ywn-nM}&u
z!UALT&z}(;*9u>+-Qf!k`^}y8I0bSS4QTC2*HnxGQd9cp-kU|^?QuiTAfa~|qUQ`8
z@s@9~0V!?_AHuj-jMd7a(4wxCc#W>FI?9B}5y;25dDq=l*ePB2Q%=J@e49}uYN}qy
zkdt0fAGB{g$B4=C+KHfT=OxO0HLoc2Rvn?;9PU@j4JiP+uds*XiF)zV<{2;j-%j24
zc&dO~4K4bBJZgVkJ-v1M+kg&{U0*?5Rm<==+FzOR(Dwe)GM$s360aXAlwNHK!oxnS
zJwA|FzFGAvdLL3_d<>V686<$bwq+El1ny8#)~-o}eo3M9l{RgYyivfm@1hJC%vDQt
zvXc*@Yg-Z3G_rnVp3--?&;1<mMS{xWL&mSX#LOf2O-kxrg~>nE3;hnV{&uCEAog7!
zC!w$cID*R;c1q&j-Q5L)#}cG~bEsJ(iZGTj8xf!xIKi3I`%C-XNFdZ06D;6@6(!Il
zLyg=*&WnuLp~N37W}4ohR1(wNe7*ImJ||u81bHu;Hs*w@asBwUzMdRA3H!D!v`>hU
zBPx8ibHE6>B8&HM(~M&>{DmDomfm_6PYWudY?@B`Hiy8BSRSKuPQtA)3U^qOb}eUK
z`<&vA^7<8{YSl*pjU^JVIy~2}l5zWCi#2?IJ$(2sf)CyKUwU3dPN$`2{c!LU<Dv!0
z2U7lHcz|68dyFL@j9+o*W4uNS*^i+<uAvDbZhlLnpvRxZvKvn~F$&tl>jJCN($M^v
zvRTU0pDCfSjM!&#=R(hJ|GZP5NqAgPOOv7Ev8YHI*@Yn5a_{xN>>2R(#wNo-vHBa^
zIzXa&;q%5S(zDt<t89)f<78T&MR*lABRi&at|6jaw5XQJ!0(vZ?)yMLi<MPH6UAC)
zfeZ%8nlEN)wuQ?kIg^FZf8&tl@Uwe9GnJS~JtjkFALAQKw$g=zt8iOp`0d*>8`IU_
zzD%+vQqN|us~CH|Hv$k9xJGCMXQp3O%Dq(9=H*+-nLO=NQW^U`n2(+^<*K{<j>oRO
zL7Gr%FNGD<?<ermQ$AjJV})KA?MFsI^4^|XuhHj!*#BMZC+7Fdv47G6z&|6nIPgMh
zK=1qNw+nEOXTx`j1T5{KOW^7BY02(+^cYIp6q!_?Mg_lLN3kQ{0aQGY46yntAFUpV
z?!-pR9A51v#X3P68^J*&DjVGo3=E$%5RH(57*p^5g>9zFwKFf-^c+e+LKOoVupg3G
zalW&1{1~}Ds;RdaF}F3voy)dKb{THR%*bYEQrhs^f5d&u_C9FEvi-1X%X2vY%e%)e
z(N>g~jb2yz#w|9%00f=d+(abld|a_`^};YtdMmm+Y|63dZ$a^o7O~aZ!JE9Bw1tvg
zq^s2;#a|l<XC=xVJv}U<6|_hq89RjlRvtcPZWLz7mMiRWB&2WXeN3?DiCt56Xx*8b
z*SVcJ1N5+4&zZV7a7WGH27K=-AA&#dwuOHJiwenULLq&dT6RnFze&;5B&?~~OlMF~
zP$03yGb}Cb)r(S~!_(1OoUJDMo}4J7F7}meRfY0eu;bOvP<eOiL^(aPbSt9qyR;ox
zUk<Hf{vk`^O235QG4g^afm4^DQzdv%|1C3X&aOH9rP-ZMv$z_~Jl1<Pc?=uxMZzSC
zdK!TU{U{Y8R-11j50Zw0Gc3`x>6lD|ijzQafk`$?p;D)nNMn)_8WYhve-g-+Y+YSV
z<Ixbh;3t+Mgl*cFGj<;1DohYjj!_%@{-ficw(kXOG|!<0RuQB7jhkzi1-Mi}UY;1R
z%493@BGv9hf>;zOzt!hT*v3V~d6>f#5F~rdSqd0L<G8(Zd<}cdyQ6ku8o#o8^n}Js
z&m@Yf{Kj(qwRe7Zx*H^O7}(aWeL49zk-HG>WTD&K<eo=5qh5|~L{N_<JB1rWqqJH9
z3K_GkeA5q6dq@vm_?luh*2Ws`FxpCC@kaW)7~Id6_cAlI`76k%k95;`1DWnvJb}i5
z^!Z)(MJHtX#LCdAqoyWql(VejT9ceiXfoj-siNIr?`o?Z{a!mcR?!)p+guCM^IRXb
zo=UsOjH&GJJlrPGFj<XBtlP3n@}9El1gOP<$2}eEjt(=t`QtkRDzQqxoXbj6j~5CZ
z#6XPt^~hONCywofaj~X#LoFPj{c^sjdKTwHZVi<*&nYX;(cLNG4u%YwuC}X+e=H=v
z7FMNE<hDoo>dNkV8u;zCriBf!4gQ?fapROAw=1sM3dnDL3hO5hX%{!pNCM})CQ>5^
zsTz4K?<e+8cj}@WM>(o3oApC&1D1i*n!m4X%Z!CJ)cuB!o_A;x>Hi{MfW)zkBB98P
zAow5^7`3oTRhOOU`T6-DeJ%Ch*gr%xMa!7zAH8W&|0@hf=`6lR{b;E$8XuyvEg5wJ
z!=3wiD)?lDS@#<Is3-@w|6V686%>KqZ%btc#&zMaMB8#r8ULx+M!yQTP*kKcyZkfl
zNLv4nKCO?@5}3iCr$m>1k7v&LY}~`9=9013XAy*&1!HD4v`R!z3K#ppdqDAcHu9l+
zp2>~>Ly-IJWKen?s%q~Q+7^5B{^c9#Y{G%fTB%hvK(q^Zn1nBqqU}Tg{D_gE(C~qB
zW_5KG;2DR&HOhLIhU?Xx4bs`bJ`mDi{~n;>#TGqe8(v07Z$ZezpCc?10(dj5JM}ni
z=fr)8oHpO@dlCF#l{%V~!biEszSpvf090SOe1jD%RLikm41{_($%L4qSzEW<NGz!@
zJKw+`HbvwzYz|YdR#hw<xD5rE+nxNcLemy$@p=)xH?ypsblS3Jso?kQD@hmAC%Sb_
zTsNLOU;7o`9KVA<h<Tn9R}bE}C*`)Gt)#7VH+lXQ2ile0QUaESH*AncKPEyK=qcb^
z14HeAf{lEn{ffG;0LUe(GT}B2>C+L7lFM19&QXthzeXD%MvhyOU(L%&_|?>LC7e|+
zGiv_|GR~GUzU{O5+J%ifIaQCxHbovM<bxI-K|z!IjouR12;HymZI88VgeI|h&VT>7
zGq=nqhj9Fk!ULrQ92jQ-meBxN05z%6e`=K-1HR!Lk+PRt)jbWuPYEbjJsKywU@gif
z=-<SgupiVb13L9DNUtk_Ia-?R{^_~#lDj88GS0r()|3SNejp4(^8yHQG3hrc6N$KN
zzB)YIWO+L!si1(##TB@(g}|g!`*nBM8k6G<#{dzdHq~REj(>4trDgM3*`7L&!grx=
zuMJF_RI^^AqhAF|GM_p;%Giz|dlt(@h;t69imjAKeb6h`?xx!i-wApe>(uzv1=C#T
ziYATY1#IwyhvNND?-uL(T?Pe<&8^`&r*=%YZ($_5pJTb<<C_>J_YqqTNsUOAX&hOt
z9<xINGeM)V0oOh*$b%Ds`>oc@3uOEYuND6f7hp`h&JnLar`R{+)DdnKyti4g{btoh
zh$b2$1mPIm_5vP4Ef4R6wMC9-E~PDekp(Iwr3neIl+yp5Lu(`vffaM3o=}+#cu)m#
zfC4lg2t*$ZWZ}s5*o#etQ3fzX6URttmTTu4d^BTo(!iRC*fbE6HcV71jcapLB#H`G
z*ZD=K1vT$~3m&%g<LFg_8Hhaa0A`|4`E>oAZM(7e&0WYiZ!Mec>TO22A}%Fd@O<PL
zm=aEMUzOJVP8<SQo?f5PEPapvuvI*zdCGVr_&00%Q&W*HQ54VK^}h=wAad?~Mc^NL
z&j1%&Ym9x;eeRk_a+GIDKWX00KS6lS&fpKGJF?!0ovH9Fkr}|!@(~`fAI0xq<|ApY
zl<5d3aH>4dxjz#NODrHak%y{#*-&5a0>oEh>d?r2FAs8yq+1is0l`X9&@`R6d{9~*
z>Bp~Ti!;13e;@aj(3;O-{PvnILUG>vb>Xr&pzth=&~x{5qb99oUFbbc?2gemcL~m>
z&pqgxgyd!a{g>NuaiYmSX%RYcdsQ?y$7Th;tl3#-+c^OeD+2yl!6*9LB_zqUhwAmq
zG2D!#JO|a3cydtRT#8jb8p{-Q1>*hDZ$1S#G}@=?eWsZ_$CLmO2vAaR!9`_}&VzV?
zy~MB0n4@%^Uue=TbS*2p9jWkXBcHyQ0tb?PeV6C^I~Mm?Hyht&?>e#r;q!V`u&o{6
z?c|=G@nZFz%XD_<8Dqdnl^^P+m>m#!E~5f{rP+H4$UxH5O5S(*0CBUa(_L-A4H)mM
zPEAey#z^O1bHg)&vFLKJOS-e`h_&qK|K6_rpzytnRn6}vRKkj^pC(dfpbii8_GY)Q
zF2`dOJsg;EvEIVVQFlNkWmXwE>W$U$MRHEtu28-3464-_&D&+lJ=@d(=>ZZE{?C6$
z8$(>&Oy5O0trP$ac|LjEFv;Sw+WJ{(VbT|FOw=@v>E2x6x~w!DXj5Yw85RF`(Xs+l
z1Ps*Q;kN0Sxtj(wwd%;%TQwHBpJkDe;O!-9jql%)+T!=2ARMrY6%lbBpi7c~;kT=|
zawN`k;x`M(q`!N%3WK)*$UIY~g-6V2_-Ve~UjR@P>?x;90ie|t&%VPP4}Nk|9!HGZ
zYy~<s^;dG-+c+k(uZ_;Sa^AaO0fAOqSIi4OMsL~sT!R_L^2LNO#?OAsjvq^02<46L
z-aoz-nABf;#99s9s~g|h-|f8E$_Y36F=uw)b)~!|mOnbuCqKc?v~ublJ;B~RcW^Uf
z#(M~?y<E+qJ}rFLVQa6qN)-o6J8sbm-yScRe`b?D39i4Pk^C1@b#pKG_Z%C_3G{$#
ziR>P>^u4=DRO9-ugPROn*mfIF7tt^_;j*-<MEMC<&e{`X*AvS&b>@$4gWgTX<kN>}
zQhf3b{Y%u>QgC1Hk`Wg#r+X5KNMNkA+A(AIICB2klb?*n^|2~ncsV`1NENr!YNat?
z2HX`{kWRJn3nZk?x;sQfL;(L0?}?_H({pO;JE^|bo)}5v0KN|lB{pd8-n6d;g-1Ou
z+$|@yGF9%d%^dhXVvJJ3Uux^dhjg2|T*WIJFL<Hbx9SjGH8yVD4vN^NPW*B8KSsH}
zyZ!3&lujzWT8G2!JA-M?s>c|;<O>Xm`8P*awGpF$s}E$so2(|p=uv5H|Bx{`T3q!A
z|5kf|6WCS-*Z(-Jl}xhb4_>U>5x6h)U9Bp3!|ipF@=c_)9Ob%n8!W>G7P+wXZkF;p
zrvJMv7gDsu=%`%7=zye$CYE298t%9u#enabt&Y6N-bVT-um|7FYs;6RXY(ehwVwJo
zjYa{t<yiz?B>jMfhH)Cmpm04}<~z9Tw7Q2vp)Sys=iua0FXv@Hsgtr6Jxi-ScSbW%
z12G~JtwI+iu=l6bgzid+**G5C>Kb44(qF24HctL8@<|<nzUj$R03C->cL0XX(oIHA
zlGPV9F*agyJ<pz0dGy5vVjv_OhWIcv{vIs6ni&^BdHjgj-Necl(KG-F6&5~!au~2M
zA6NB2lZLEgZ#`5nHyN;e+=+mSDI)no?&Q*y0%)Q$m|T`mVaLX?m@sl9(0lnvOGw*y
zaMwF`jTG{*rJhio2okHpio3>~KW&ShSMR?7WxuVCb);0o-3ieP#}i<W4S2r<5XWdW
z8l=c5K%|q&)|qJyN31uD$Mq3$Q$@sE-r&P0I>z5e8Oj@S=@C_rM5S#XjP>^_#XSU0
zwj)7@MK8DZ<MPUuSOWt2h}Rkhl=H+Oz+zMb0E-FupVZay=@KIVTvxxcb7?_OS63N7
z<lta@Ro0~*d@$ctqE__PB};LD+;h3BTqjq@YTI<%ni^N-J^95$Q&#(zsv2&LFProZ
zn!6A$C<!g=oU&)D8qwSyf#ZF*eJ#3p*{6zdVPOg<)0f$`ACtN|rSb3S71w9>*_aGU
zUBHXZkAHIDt+bWw!4u(dqX4n#T8l+m56qDo!gr>od%V6RjmB1a_1hS`?gcQyxi(ZQ
zlpLR+#b5|-zXvj+9Yw&`gXY{e4mWkxUlG$X<S3-RHO;LrjMOHVmA-E7gl3j3wBL|A
zX~CBVxlNV}w61%$k;+HWYw~(t%Er4CkZkf=3x&Y&uDf((J!x@wo2Y07AF~WgoRS_B
zc18~g`xRPHAFDTyb+YQUd&(=b-w?!!e8jCU!O#azc=dl@Mdl3%nAwgN;T}J}^6%5z
z1ntIniQKX7T80exy_YouxK}i?Z@IV#il$`s^hgbz*0F11Vq(->Rjh$bv80p~6o1&z
z_Ych*q2t1p&NaOl=vYOGM};r^C?K74?$e8ffAW+Ehq=@#aX}JVUz+zn>bNF08Cx@a
z{QH;vz<pChC-9wi>qQDhRzj56XwE%Hww4iI$0rpP3ZE}u@7l`^RJYzT`XU2uR<@A%
zWp_e9FP14P3`*t(D+zTiv~9AcF`%9CI9To-=FYU=x^5TrZMgC>IMi>PBe!1#%#ZWX
zf<oHiU;?G@^{89#PgcJ3`EB(tEYfmeZPSeQ{&iMebR#KZJ@L5Bz35HS$G?@@WA!do
z)aU;sxdD~DI*F0=v`d|-S5rGX;mcyEpzk8}64oG<D*_&>7b+qO*_?S>rEJ_MUR-uO
z#Y8VV8TsrLy{)aS-Tn73udEEcL*yiEzQ4bp(ZlZ`hG!MEg#%UUAF{)0D{+>helef=
zPni6VqWri=ER-OspZT-gKV#z_{w_?3dLq9lAn32&kc(3B2oj#4Vsd>H3{B5aDYfea
zd0nM+obM*_3vc_K-*o|3w$Jc<yU(Z0+wGI|7uV1Yc(HO=an8f@`nc^-qo{BiUeng`
zU@@L0im-=H=r+}}_Gu<$EtSxU-gR_QE@UQF$@%!9I@jqlIVBWwH~2#!7{M`%U;yG^
z5Go1^un>w;i{zbK`W#Y0K^YVxydUxWD31v_$ScIJob85OAMIeCY{eU%S?_hua?6NY
zO1mik_Yh6P*?~6}d5!qhHz<kl6*X#)ZxxL}?0*B~&QHF#xA&{DaSBvmY$qp&4kTIu
zaS06M;85aNN&wvl)TZD3vc&nMs`_TB!2vz0MKrLOKcs*O-JrrB11u0yRmY7nz9cN8
z8;I0Kbx+uifP9yE;9dLC8uk`J&WDDSQa_rH?tC8^DR1|JC@QjgZYGyAe2MQ)DYH{g
zE2_m5sgzytNz=$zVASc+U_4zE;c+2^M(~lt{q;uklGx0iY&Kt1WuX)@f3Lt&IhWP0
zgUvhtqnGEnxeIA~uE<d6`~&3^#d8P!E-|<R&Y&hLJPbI&iWVwTWJOE9B}W9F|Cnr!
zc7Az$xoCbZ5xUpbxUjum2^tET#dxWmYQLT4o03R|>=FEuz1WA4cH6CGpKM0FqI>SU
zyOwK9N8m+?T=;Ytz&lxR{9Eb&gb&=QvwL1YTj!}m7Av?#^u^x!H<ee19^-Rw{n8d)
zUuM-~jg1f(qmHr9EG)9OpTpL<f)Ns|dUhzoicd0?X!l(I^IN2V>?R=B2N-t_oPrn+
zfRO{#*)_MYz{SH$claU+Xo-8>{7nI7=JhRqR9`m`>Xngw9Y@0Pj?V4XYvKuQz1!-m
z2!Zx<Pb@W~S=pfx?UCe@+s-Mk(hMObP1AjR&v3->&*AIIVTAFi6nV@p12Q1esLHoF
z8~;eAx#4);z(%x6ew@o>5R{%-ZW1~-dbVMh8Fx?K?zR)uKAMvyIl@XYkP4!>Xp@jv
znV>Nr>s*}w(k9@X3j|&`4Lq+AN<t)4w|e#weYd2g7akx_F^^z)ip`heBz5k9{bSh?
zwBxNomw4O}rI_5>iWKCGrWHSplq}GPMV%~iX&-qn=HyoY*`Zm`5bqLsQ^RPnU{r+2
znx4FhtryElOe9A?n}~4AP^Aw^XrF*enSBg^B2fX%yhKN=Dsp2do|I~jHEcdRJFMFl
zK{tMg;gu3T?N@M7({N;TUykk<Xa&j27r^#g_Q$o3Iy2hvO}p)cW6B?KR^;M-TxOy_
zipg<5jy=7krBzC7rLp<=8wtQPf`RCHLPA2dZiOf)M4tr&Fz1P4q@FoXBPah37wW=R
zpq^XsS4Zt!LjWBLV8St~u`&*sb|=^t7OfDvtNcDZQSmQ86fgLE8hxV8$>?7fo9{He
z<$<z#B=r9MYG)`4;WuH9)^>>~qJ%^hOIWvx5v99IH~=YDISyFW{4ioOg1)K>+=m;j
z`yA}7;~WFZ78Vw79<I$&LGm%_<SOvjy%v@eQ<G%Cy@Uiu7TTcf5|Z%=T0cxewT^$E
zK{kK8DQ)0Rx04Wj&+LZ9-9rj?K(<K>y`Q6E%oSDfXR;oE2eW5kg)rFBP88HKaR`F-
z?t3ch{5<D$LRsC8Vf94b;H5XoFquh)x`^+D-+z-0W0d-)2eF_n2!bD#uUH~(iIQmv
zY*II7?!w}-*P#|quxhQ=e4@8=nL~AUk37SwMN$SFv~<J?mK%HJ*zF8|NP3+&HSVR*
z+egN8Jn`R}UTy8JLNNO9{Dk`wLar(YRO-Z^juQ&(o)0oM(LgFU5Twh4LNmI$L`@9P
zzueyX0QG2|`8*3NVnCq@`?dD0#l^+pc5dJ_SfSULkchXf)W-5A!?+)qhB5xmY8Z1l
z<EwF>!nkA(q28a8Z!BKJ=w}s*T5i_kG=8ZgiM&I`$-?gny#swq<Kb%m79A<0M5=>t
zYb$oRi!+P=@`RE%99r<|=MMyf@FSnIfD@`wCkV=M`>?$Y$~_-Pc))>`1oP{-N^UcP
zj3jw|OTxB82aGE)O50UKwxFn+B(aMQpG3&6V{U)k=Y_Mf0UKeL``W4)MTM>Hjt8tX
zwQ?`8rXRjrLSFH4?S$a^8{n4nI&(dD^_qkQ5{bB^=~t^fW7^F-fAJ2Aaana^--mO+
zM;d6$M=)W&qccO1vL>+>$QS+<oY;CHTp<WxFxlUShJ2>#KM5vSFuq;b_M4-HC&>H+
z_)l#WbNJAoG_I%LL+2-6oot%6`nSLHl(q0$y0A<Xs1OVuUbuVEdL^K}<>q{Hkj{QU
zSoyFfr3F1cWsM!~@|`o=wN#8*)JnjQe%>cO;DA8Vy1FF({{9$PSZL6=7r=k2hK8f-
z>u)0>A|#}wY*S0LeSHO<i9zdK!5HX^{6-A4v>`y))Nbeiqea_3D6O}g$X+NI1G_0?
zWdPyefyFk~-IUVVST>^98Y{*}#Q=s#7Eqszcg(Z#3uSE&2`7hm5Qfc^{!t*9g)lxl
zw9=ZpCrdL)v8?)z2!TAytFa@rs0hVElf~BF`rzeRR%!1|l}O)1@6-D6amW4s4vhA)
z29opNuYtKzRb+WsS;4rvc<%hXuW#|=FvUSb0MlL?QGOoRh<f?HJ~J)kUWnchg0%C)
zt7xzIYo^Zf>2J@%k<lMf7Jbq+yh6#B?V`FU`rSun2+W8q*-Umn?W|Mt3K%xuiRT+m
z!?{V<{H{1fR*a;_s;}4n6mL#5WH%Ri{rC8q@@P?br#6(kc{3Bt2g1nXAD3Z?7XrH^
zNBIog8N6oJf`S68YA~L-$MhUcVY#?r@WLEufZ$|g5t8}*2!;JW^9w<_=N{e0MZoia
z`8Xb!>nAW|%$nV+!w{d#o<p+uf&JhbG>xeA1H%a5PdZRMLMamkf(vZK;V8b-bh4_S
z+S=L<mKvYy=KhfW&7!WaKawXICG$Bw6FUe7gOLgOB-L4s#qM21<~>urfK+Qmzx(Ok
z1_F7=9L@k(V@iJ_s_p5N^58|JW|3OcyYEfYgE!p^-lI}8?V2QthL0tjU-AH{3f@`!
zj4)b8!Kfgk*Pd?ZLP|m*r;m<F+%6`Y=p{yv?{1+Drl|#$f$g<;O*!6#V@E<}cQ3NA
z)<QjK1aBEa%ST?rnDNg&!OrI}EgOCxB44GGptk&N$7PAG#f*rt)Xb}*{9BCg0&9gE
zyBq9nhAJAh$xK!-M5C^R1pclCg?2Zg;QN8q_l81K3R9m>w%qb5bh7)z<v1AS(=#Q%
z1}pgA&&5j_3Xr$@ZZVKoH?sxiK)~!Acw%OOuJ5wy>fw|YtS7en0qLO?X18h5XbmUI
zs}A_ObUPbUqWg@G`v+h{J1oO$NRpz;LS{o`j?oh;huIW8FBE5dDf)?3DL2!fGKh={
z`pt78#f7OIoz`Z%cbg7pLO)dX7Ndou3)-DkwEM#taru#<*Gj?OH347jKc9dWD4ruL
z`x@AH+&y9r(fK|BG}tIYX4C#?V!YM(kqu`cJr#&sAvtu}mg@H!vsIh+q0LqrkTw`h
zRfY~6ZsiNjOj8{Gs5<;;HO%^rizhpXprl}@FF!7IzLHlFn&D<)Fimk>Q08JE6_0?N
zKa|NutlwCI3V3acq(;mgJ)&1`V_W`*nA03q{r7JFTDW!r%7eHI`{zHs6l(A#doOTn
z*bb}_uAv_Nu#=akeB2S&TO}NAiU!N)#OvB}b-iC{ECwQB{tBBcyr5yj+UTHqo_G~b
z?1xvLX>M4UDv)c0dX!7kiZbG}u|0+O5g>_L$7OD3Li(!~)tw#t!R6`FLy>n&YfSCv
zdS5E5yR_&VZ05oB{<Mfx`X*|foF1555x-YMYs};<`@zR+ZTqjW9eVMwd>$D3Ql*WS
z+5Fa@#=ljk?hlGX_Fd2v!`;|(0>Pxl2vRkW>8#R$f5jNrZ@C!C(}U(K#zTs`dz`Yk
zKgVdt+Y>;ry}@o#!$shP!Vhc6NZgA2?(XlfQJ5Rt;My&+i>(Iwmmn<W_YnE@`&9`C
z@;krJ68Mk%N76b^8f@}800#RBz}hFdKCrUx07QB1idlB@u9op2B=lzzn2=D`?k?Qh
zc7AC|&fj0CzP^5XZq5ik29)=8Y}um&Sg*V+H(&GX2GV)!J0ez-P4vO=n$AzB$wkj|
z_~$@-q-N_(bYhlEem~7nSMh4nb^G)pkcBYIc)bO7gHNagGlQ5-bhy#?jCFj`)d`uL
z^OO`Rb6kjS0W;rvyG_JQVTl--;jJdTX}!DL5^_Enf&@r$7aj+o4EM)uB`ERotJUU2
z8XQl~DT@?RYlDV5T!a?nlH)To;`ki>&<L0K7i~%y@^5;je`PX3H*?|?Wi9$Zl*X5(
zGta+X49E*yBj+1{$5OR~vO?}J#ITt@?_37aL~<|}#Hx{ArBetT&w*?58!`-1Y^W$@
z0y5)s9GFap^GY-z$Di%19>1++1!QeCkhJtWzuFhW9%=o)#G$2{sV!ss=bFr=lGu9V
z;nM8D`h&%sh3;>Z1SiEEE4hyT<RFjd+n**M_Zr*^7LI-<YOlSShB~7k-FsYr+!i~(
z9x1xbmU{P3?qv2zT#KiH+%V@258^RwO|sGXcC={n94O{SV?*W+2D{#0yV%;<?fv_Q
zrhBg5Yg)tRwk<z7ISG_qp{Aol&YuXMu$Iu!Q1>v`3LD$$IRpbaR?js7FE1xoRulj>
zEI{6!KQx21_)rCReKIkj0tncccMYdoxzH6U3t2?i_qO@PEG@3Wi3q95vn`pCNIL!r
znWR2IUWp=DB~G#EM==`P$3nvt?4q8YYFOW=#^A?T6Cb^>U0aGycHRbRd(afAMlGnf
z?tlY{rZA*m=W*~)d0GC`1<whj33M@{6Qqd?8XS@^sCnbDN|tnB@6I@ggBNVe9c&nv
zcjtxjWiD!MqmzdXVV1=Y22)lGZfrqbEBSmcB&2o0a}A5HcA-wL3P9Q_KXLpZLeZj^
z&U>*zkq*GSK#ji{gQ7vkf-yar$q}92f&yHEoKF(!_{jOMvkc=t`W#>Qz*`J>!$OIU
z_RTsM6^-2RgkUl5Gjp5OG5&MEL(b{&IFc(&Z)P26EEU%zmsG6yZ@ssz$(?50)g0?l
zn0c8KNUb&tmtQ3p^nC+S%1YVO5GH0@=Tiii=G|Sd?!#}0z<0ZDO*Vk5JZD!_JFF-<
zfH1IR?~WC7h`Q95hr!=KKzq7-%Qu2`1`POyyb|JA=0cZVMHnMxagQg#oQ<P83C~X!
z3t7Jx-V=M~sfpDR5_k^by+8g<FjCKz4D49U?-z`5$w2eNTDrL3JM0wi3Jt(l>)iP(
z?O&LwCyn+tlyeETTn~?6T>&@foYM(=n%`GGqiU(F6Gc~yx@Ok7wyf;T;Ko++<L)h7
z=js1J1pDz%^a0@Md8;gA;SV6RP<;qpwG>?8Vj!O>J}goWt#lObGY(y7+|;{bvyIGD
z`nf0fyngWVd!Nz(tG{-I=53`jsM}lxKLp5dnJw4p31Za!cBz{wG~2r{$$h(cfB`mI
zNkPQzfD}}Yd8y%tD?}Asb8r-0RKAUW%z`?%-VkOA2QSX^wm)qJNZl^Ra&(l6nY`$C
z@*^Ma*Xw@*eQoBTMd5`$iTjX_vCs20_^2c*sNiqbx@osu7+O}fnAA?a=37$YJki&|
zv&a&kK1Xu8@$aMC<)3+ht~zq>Y|!;<m4K$U&4+bt<|uDOQx2xQZ(hVf$1iCiIwBv?
zbn>DBzdY-}T`acIk3Rd9haH?9+U}CAL?4+arb@M1zxE9pMDzL?klu0xl2>YLKLQEU
z;sAy6!E6_YlNeu;ikmyxVmP_Rexdf;UJzj<nK+AL3b*S~!S@$siMiQu9isGbq}<(J
z)JRP$wx`>))I70#JSB$Hi;F3!8A|1fuk!vsm5hvm9f((JhxL23_5&t&qsKR|GkEg*
z2Un2a#df_Y#X8tpo)Dj3)FrM3%Y#1$GNP#rmW)6zu(qp~zA*B0wtNW5qku-G4FB`a
zFU=}-MDcjo`o+dMI#=@YPam<jc^^i5D^uL7y4I`6b6$s5KQOivC&drj>InY3`F&Db
zS(Ue}AA_YWoi>KugvEnYj%o>NuQvE<5U=)DBrd1LAyej7_^EkcXh{K=JO9Hf#x|Uf
zg-Lcp@!1w$?d|VxO_!)m&(2P+ttmkuA{1laXCzWlOG`~_w6%X(;{rJ)bdH(-tmIJ;
zg}|l5={A-BOsba#mE%aOc7_^d<4CHIs3ghxvNfyUedn8ly`}5&JABHY`U<VUTsp#b
zCg=UKI3K<^jWKF>J;`Ti#CgGgzrZoRQvZEkfZIeS2id^BKcb>6@gH@V&3lniV`%~L
zS;f{P_{xeWm%0Y+d)k=pi$*r93lh`BKNHI}w*N>sD-so2wak7NdYYS9Uy~fQZFyw<
z(+Fwh#e1@oMZRLnk_9hMAFuKnrX%xvl{tzW*C(l(IsJ4jjxkyLV^riLNjsL=1=OMH
z6++@kB<Hvgc!<ep=N2rwTrXXSE2+Y*?;sX5a~fwiQ5Wj9*wS<7`IoRnr3g@5-Km}p
z2@goe`v&;0ljGxGW^640I%#e$m0!EvHJdL%v=lV}wme6MySuwxK9~xTFQ8;jYyFzg
zToO0BW4jav^>AMiQ08{bBISn5kh>6DT2{%^dj{}tr`k*(nrC|Z_z=xQ5O!*|lnnsq
zBX)8kaI>v8Z*%Tml7kz0Et5}T*&oDS=JY9tO*lloh}st-;$bmhE#x2hxJ?(@0wp>+
z?5_gorrl(ceu^x0b8Fq@eSN9St|@afwOIV~9xWk=J1xc4i#EUbYyj=XK0EO_udII3
z3nm4wGi4X<Mtq9|K}E^(BI>fX6a!3Y-tmA0v?V^0FaaB|He6p)A>9twDcrJzHYe<q
z$3<?`gC=8(>)}By0#c1~oc2(RIRMuld&54C98A6r?Y=qJO*5tPV9D<D%*|*cq16S3
z5I-C^<k4VqadM82kAISuMtOL6m_Gyq#YM3OdIf=!C-S|0eepnMmWm24A75=@mzQ0|
zeqMb;Mx`aGcpD2DB1NWnHoFHsG#!abydXAJf;vqS{)a`L)@=6LeeavFiHOTf--Xx9
z-!&L2Di{n_7=%_B{LOeDy$OssAJ}WI-D)Q)nsLus>Qh0?Ev2orHM1N=Hhg-LTK?qX
zE1F~v{=CSyE|^$~zmKEXq;V6|rMA0&j=XP=jb4z%JM}HB>%r8-%BfSGogHWvrauJp
zWQkL>kekg%_yQY%-`CHgrZhQ&a+Xue?wWsSj5Jmg<~JJD$Q(r^bv(It4#<BA`0l!2
zP93(_9+{gFIE5F!eV;gH&SW(ey{{85>?9U2=Duym8(5W#VWdY8pofktZoqI!(KNKV
znqm<ha!vLdifc5%KTXC5FfRW-V@c^Wz<CP5_RQ*a_YM#HHk{Yp`CXdz0ZK8Duwz&S
zssi@o;|}{PqDqW31cX<%vJ#@|WEvXmL>K_MJw7R^w_K<0_t4P04<F?6JFL^s#C^qi
zW(i6C$%D^57hIOwn#c?V6)7oFu&b8B=C%foFSf33;5R|6sEqH4<oTl~d^V@@WLTr=
z{VmCC_#*IBaWq=O*W%i0-|Q^d>U(%xr>Cpj-kBI9SXiSTfbqi+Gg<KCPy{JXZh~WD
zjH<$l8SWz@7?8Y)G%LEBoL_7=yU`bRH=WxAh#Y!wX_JmlOf5!N<de^hzjcI?$C(i|
z_5{uy_U?eU&b&_U{8HMk-j`yDo72!mg*25Dn~xev_ykbd)SdoKwe7_Ao1T`G)T6ZG
zcbL9d+#|jm-#P!de)@5pVvlC~<ks2y!RvwgYSnnI#4vCkmApg+KoHs8)C@lk*Wqa=
zWYIXak(_Mp<j2;jyU)26R>ijjYWnCSo_mK9oy-%TU~n9GY@9SZ-w1g<tPX=&rathS
zUc?uqze#mU8&t57)5-prLR%8T;Hu8GKCq-7(ec0(Ss%NxN_QR`;6D1|ypjsPk$f5J
zguiS5MaR`?*08#eghU`8ZUQ=dRQI(G`h>-pWPnUUK~3UwsOu$Apb*GM1KdEMMl=x#
z34h0@KVT@3kjG1gMTUg}q>D}M0Xd(k@^nCjmuFv+iYoB>+6%xK$734Wlj&l{_VXLv
zzC2b^h2E0Sqh#_PI_hJM{qFuY7v?)3JbWZR!MN*=c8mHwTn2G_9yJf|T@6iI4UHsj
z&YR#;HTpZH^viokp3#0O{R#&!{t7SO7WjhwHF8+z9zr8&ANQBZwK$`qU{u7^5r$-<
z>0TQ5G~(U5x`^L01H5L)z^P^dGWl!g%xl-i>1Rh>V(#iQ9FiG~*c2KDZ_2zDG}OPO
zS{4^)C=JS+Gh<6<laj<G1}WLQqSY|kXsfEq$P9m)+5fK>%Z8Nonxrvp!M_$lYq0ot
z$-x}!=f<ACF24Tfn7+GUuZey9ckXB^xcr+6KC1aKe|n|aKTt&y!zcdG4w!zsT9w_o
z^e#ShD0KM|+>pys-s6AHk3!_URO6e~<nMT^FYXRS883T}8yU#Z7I7U;q)NT@J3`S+
z)1HpQRCO?Ftoz5%zWb#23J@@aU;XO-M2~UNS&iAp_jT>C^RHVzFESh7t+G0KF)j`+
zpDP9vKdzHL-Q%@=(pL<3S&mQiK<Y}1?lT9BM)v>wvq_JS6Z)TzvI&LH#NGe<wQK?>
z?D;+aKbOlU6xck|WB=zfjRMF2r$xYK{+}kMo^iGR=X1K{GYIfMO-yo9Kgaw2=aT;)
bx^M$omZn>Y<yo*s0RChp6(uUgjD!9coDM=P

literal 0
HcmV?d00001

diff --git a/docs/images/user-registration-chart.png b/docs/images/user-registration-chart.png
new file mode 100644
index 0000000000000000000000000000000000000000..941e4bb09f23fdb89e399b65641eba239aed4180
GIT binary patch
literal 50480
zcmc$`bwHHc+BZBFpp=SqD&5^J(kUq|-QA5+N=kQkOE(Az2uOFU^iUE*$F~Oe+2_3P
zv(NWE|9#6p_AqnLy4Stpx_)uZ{-_`)j`|4i5d;E3m6Uj;2!Y)9gFx;qAt8WwI(=~F
z!GG>Myp&W%0?iZ2@B{c8*HQG1qmqrWql=!s5yZsW#>$A^!NA_g$lAfw#&Pdnn*g|o
z1%8o;y^)@ynT<7xvYC|;M9kjIP|uBoiHk(Z$kx%wO5ezygoTNPm4u0zhmD1Yg`Gq}
z7Tx=C4+KI2k$fer?3%K@;N=+&Yq{BX(MWnJNiB<Pg<JjL(M!?5EdEs_*L(PK4{Q*E
z3YV#txxD4L2k~pEd6V6{UoE_~c97$rmk|o$QGPaFSm28$Y)yCfuFC9-mUkQv@Jy2x
z%9e<8=`$ac<(S#mxbYK5@Ef=Go-{7XmXYlQ?S&06p@@Jd0PO?P>z`<UUiuDa;@rP|
z`B<0=;m+-=SC4~*|9twyU;pv#E1~=UaM>rhKfPGY)Y+u>_4TbdH<3%C1&L5oQ$xq{
z<rAXsKz!eR#tqc-=LNSg71>G~bs_Gba=CU%Ge+axY3*2Tgza(~-3;}>=EHiQN35wI
zB5Gf}O5@9~p5djWvik8htYu$J7IzUL@gRQdShq}NR-R~-G#lf+&!sAr+w#MOYZtTG
zJ!5EK^>BJybF&scr?s-EsA$LuB{}(Klr+O@d;5)YObFyLUnt652t*GnKg2q*=w?IB
zr(avW0Jc{$d3m!?*pWUo$teEy!HMI7yV<wlb}8BY_4-u}=bND;$0I{}AIp>!;SUui
zKZhJIl3R}Ya|I`+2VqwGE$3TVhq={d!d&mt4-O7u;^WuHurM)mcNd!aSM4REXlQ7T
zj^}JFHik3tcpObPMD9X-Gcw?l-N9h>#da0Vrk-8PfU#e3o6u*t&!=Rf`pNRMabXsI
z2d5LihIT&vVXnZX0`b7~3%hnz1%)3<NYKTWCWiVScVU}j;;&!7E-ES-oh;Q<dGm&<
zu+?_FRFl)l*f>yt4oo#Wd;z}%dGzp}cP=eXonP8FWdDj`rc%3McB(Af#2!1vk?*CT
z_r69gomYI}qMgDL7(QCP$w^aZa&?uQ-YR}l);}C$H=5+)Ttv1bcD3W;{mh96eKO!G
zC)OiaMUgUBRC<)zO1DPlaA`V+5zW;|UTVr{N`8b;Ex&(cxIFI_EjGhQRK$VGudvr*
z$5gVt+$DnF8OKo_Oe{16C7a?l^U~Y0@0<u^i;MN79GW<{Fl%xOTuk(0(2a#H$8TQV
zxNFI4yT}~wxl4p#l#N&Kp1C`DMe3KQ=3?g`$9qhf59l7W3Y=HIVz3EK!S!<*K=&>%
zBaO-}kKdZ~SW?zYC5zqSjP}myaquqTyrERX>?a<T9qQTGy-Ci+$1~O^q#y0Wj^C<@
zI8<@{O6xI1r|k?2Yc%k@=}z}J96Q-q914WSk6~0BZ)%h>^3jp!SsdjMZ<>Io^A6AV
zSRYIcyIE-Qa0$a>mwNb6R%zqc@-n;mIF(zA4kk7>=P~@S2wl8lMuI@tsNKW`Z(uC3
zD2=LuS7&dz&09x{u$P80Zj{QV1#grMFvw%er)<2hOD0_i%cun#Uf;_Kt~TGqKks6U
zFxw^eDF~61a~qB1qo0c@rdG<Q$u<d$y6k<emervzx$rdR8NH;AmCv=^LRGWYy|R|q
zZOu&TDw>PKV?zREPx*5i)F`ESN>0)|wd60Q8#iWqlbpR%ijGUBE=Aq!(@RmD%F@sJ
zHqYnIx-{5N&^565<s5biOG8%-B}HLZhm+<LAMBFsPh4}2awG$6plOKl#lPNLuv@LY
zHJXjs44LR>zo~E=-7~h(SYl2(T<My<p5?n*^V3N>ZXz~!Jn@f1=5P|#xZIja(v8Z)
z_hwQVJC`8GU!44P7GdGCI&?Jdb8G`utI&xMjLyX`OE1x-AR0Tai?f)i@=+cA(&HpP
zndo!rb#Z)F@+2lLt<2y5{>1qB#^I3Q)c$gh(`IhGRMhC`C|-y#CMM==oegn_)IG>B
z+H3e}51XHJF>m6ORkCh*ZBRvK_SxQ}XG87qP`Q4HmRu_Nrd7tG2ytt-!6l8Lg+;lc
zg|88|=u*9sz29g$-}{98xV`ZrlXxrXt3!I-q=QUa5{{&f8x1mSH$=L6JDF>BkzE5f
z%JFT@^?`e2R9RY~+YNhtD};qlx&qNVZ|QQ`%8K|zB=u(CLgTo+v#;JcZtZfa_eJjq
zE$#8u=L?PF_@_gBZ0fjIWF{t(BMa<IqysJk8F!Z1*V`?&9HbP_6l6VYKeG((l~+dx
zR2(9@)vPX?)U1s?mF<^O(hz$;zo4J9fs+f9QxY?&`37sZryq<MV@JQ1aam8%S~i_l
zKn+dG<<-4u(rGb|qev$R%iVC4^>EFjI4Nu6ZoFZ(YBgx!SdW!fH_`ch_T}9@fx5$k
z1ILVQUvqN{$Bp6VlA{6GItBIhT->RH#$MDQGYnrV+)gWjU!|kBOq!0Dbtb{GLo6?w
zH11XRX5`E=lvv>;R$#&Y&9U&ZlR9TPAL^VhtZ($wS5DYSe86aZG%|7z8C79&VinPt
zM_Y^ZUh3>PyR5<9X`(kzS?h<NgZ*Pf@|9)115td7(M=Iu8<)tVIj8~WSugvh4`Ux~
zMLBgATnl7dMm=qk=D|4~@<cnfe%P9w7B%MddVqrdq8~%!(5ONxoFF=1?!YyNZHQT^
zr(}HsJK4E!j9$$kFuifwDRi)nMGe=cHJje8hs|xf_d?&DYI*#Q0;RZ0Z2ge;V77P!
zhXpM?ZLG53Qz}YIaXUNMIu$J~uZb=M^49Aazz{;wi&M~wo~PBPdlpBt(efLcNjTgW
zs1xjUGLzLQhLYkccFG5q+FAH*Z8_>L7b6A&b6=A&^5+X(%=<{1a<VmU>hh~kh2pw(
zCabX&R90WRDVM34$W9gKyF|!E&(W(8!oFb;Qsx)ljS&>AN|#dI!aiYqEqr5_#NkyL
zcoZDn!XPidSo12toA6sPP2EXMp?$u@b{UzQirq>=4#{4vbMXAUmebCxN)S5nWE{Qb
z(E#UC^-Kd8`38IeGqS6CzA==W^Xo`5x1LOlM^s7%o0+>D;pg%a5#;i&#BOczm0n)3
z4BYH2+uu0X?g}u9?Q4@=Wb`JvC?O+{ILh*_>vz#h_TiKqR&Cu}T+Wq`CtWO!jFpGI
z-lgA+%9$?H&fQ>Ju)T?3tL@orF^HLzuEchZ)$X!?!1QLdM9{(cdjq;{Fn{sVl=0r%
zfy*;P?J<RfqLApTqxXZ{T~w`_p+^JED&vy4`N!paIgcbIwKa8-ptCirUfW7aiuikT
z^?C-&rq5Zu0KBLX4d4X;#nj-cl5N;qCV6VLcgG<}%|oD9>0=c8Tif?!<s3IlB8{;1
z{+brKDE*afPA#Rp@X0fpsa^h{+zk|ME-JY+udX8Kg6?|y)KS|VGc&wlUZia0%5IC<
z+=n!tR*5?N4Jl!Vm)Ce1_B&+~zq!}X)Xn-fQW;E4dYMV2acQQ`<%2!Z)LwgU&{4AP
zv!)lx74eIE4vnmBVYnS2%kL7cMc|+|*nZxQO+LD=Rf^c0NQ>YoWNK`?wldvH-%I27
zsGZhP(#&pd=38A|EzGO!E^h_ddlm;5BoXm=KB=)XFWnP5A61vhurZ%Y&A_OvaI>LF
zc8z15kE3PvO3_th)MED-zkgaEa5+lu*-mnXz0I8<9A8thsMa=1viH7<DIBQ_of17^
z9J9F=PqH^C3v@gzGVIZy_omks*-b4?<SwOG_-b}ky6iL(NUqUr7~SfyXUok}Hd<}B
z1uI@Bo?=9cn1Xdi83`(8)!4LT#?}}d&F__|i0#p`ua2I;idPREZ5CX$1*zmPJtntu
zr$TaAcPWf_P2!%$tb|4$2#i?}lWi>_piGFiXbSxDO=*|XtWiBA)_gHEO;_j|t>a-3
z{b-A9eI!rPQL^`8rN<-KqQ#aGaZ>L5_L|aYO18~-Or43vHAY0gcfShW1g{vm=F-UJ
zRDZ19j=WQ+I)@}{v3$CKl$6xL%xjq_o*w7P;Y`?;AR!g+aEY#>;?odukQe0Oc_E`S
zWaLcAWV2AGpWSCdgTLikwqXnGi`3lyyutD6Ed<Wp@Ku~^k%23>_i5KXcvnAt;`>Xv
za$$reW;d+rN_fTrFrs|!HtFHZ02_;$XbafUM=ov;lTF?+pFFcthWn}G4l#M!SFO9A
zUJY@wI7Mdac6}`dacf5!dE~V5n`-?LlG@SiZ%<W{Se@p3Q=5OWo$sb^#)p$9-3&gx
zf(~#Q8LmSG%XZ2sbp@Tf%{217jk`>b(5;oNL6E;Ve7V!GlgWzZx83Po!0jR#(N?b`
zFVLVGUftffMkzQs?XooNF#+(Wy_CI<TQ)_xk81yQt3nfUKJ*MLShzCZqOY@R#nU@c
z=lr6|9rj^GrhoK<ncx`V@&zIrc{#ZsBKl;b)7ItgJqTo$GFcBttR7Ap?u!mEyYcj-
zDw6G+UsP2&t~UWBEGjthCa#`4JCIs0UrJUoHph7D0V*L+wcR)%4W>SDI^m0!rBy!Y
zF2N|e3KeW+RmNRtrs>rzCGU6X^WKr+KhgE`<A}=3reS29>JGzCmc_OB6cdvp&Cu|w
zxA)F=C17iGesBu1!PR$I?Yhb9Zll!tC_*AUZL_ZhDt5Kf*lvH`lB~7@a{nI&GR4Tf
zYs(cA71e<UAh6?Oc*usg7f71@;E_Q4-?E$kB?<cf`LdkoL_{msZ3O<ycbaKR_!sjf
zXG5|o?)&BgsZ|OV$XbdAOtOt9cNX}*j&PX$p?AYH9Gy%kH;t|_Z9lB9dcD)rE;B{S
zzc*{9>#%87+4MzuTxktlI)ob2C1mOy*FHqKoi^VuXM(aNt^wE844O)9>Ewj-8S*D+
zV@^{hy$rpHysr(OPMX1Le;_`%y;^ANOdZAEV&T`+YJzJ>pi`u>YQgA=a;}S6y`aiw
zAyMqJruPIGx0gcN-<l6(h#3{b&cl(}H``KSbrEi>6+OjfVhP&LP1-~e`CYrQv9Wjl
z)phjOuU~!7&s0!o+)wCZ*JRY>Iwdmdac1~c^6BVyB72r27Zwlhj=l^0!)t|XPnl&)
zl<_$lV)*%*3JcW&6=|haloyT?vaZl_PxLsM{|tkcMHl5@#bT&c8Fj;>k3(-T5^ut#
zSjUH6mq@aVT^gq96y9x^zEAb%Y9!Lbv9D-ND+gRFM~R!O<NhAT1-65oNtapD$1w!5
zN$lD)mbB=%*S?hm^Brm%^yiC0rl$=xe1Bfgvi?o9zm}J-!k34HK;Y)mVP~dFT&G+O
z5NSMa`<!iOEZPUYLZ6Lqxw!OPy<N6ynbzjmWSx!fg8Npfp45HF4t^I2yi+Udlih{$
zm1z09P)!YuqNJoG<DI4R$+~A47|SR7?#J7O#pSI$8FY~0Crq;Nl@&^MXj-75qC$c)
zpX@CWE3`E>HfF3rNE);l0Mstfth2V~BKR5Z=Wt71AtZ(fC^#9?j4jpI-5u0<=Oq=W
zBU4gllipSPk=s1pyZ2<Y=_Gkvf4{BTG=^yG0T4M12r<4*1P=4d<?b+KgBK~te@6No
zgP6Gd`}gnX_}zDuytcblTX5JlRG_2N&H)v&_rmlYDEZx5<x)=%5ltnntV%&_zYA?L
z=s`<=`HAdmOZP@mQ86kiI{Hc=ZNOMbOiWBj{Vh>?Abbw!O5?Q}*S~Jje1?tNiPFw+
zy~v;c8UDZ#2ap7fYSY&W5oc@3HVETG)^%I$h{P!7SZv~Oss{007420J%%+=X?kLO2
zd8JuvITA@KzGBP8=D4Ado1Y)Vi^YS~v{0tg;y$rNHT||ILVBOazOSGKf#30swu;5>
z*F<g>6p?^{0ORbe*gta02P9N{>bfb^Saf26k_X6G-?m^JwO+?FCg;8K-dP~|2QuUG
z1h1?ZE;!Fw!8pBP1%(1lRxL;GcUaOnn!+uhA5Sn%YH=LrbXWFWkLH%HYZqDt=kWh*
zoEPs0j1SLlY=67AXf!&S33(M46?r}qM%D4$7bPbnyYKj2GMb{$Vyf&8>;ais#_JON
zY8|&eg&KO*kAa%p-PVTz8PO%buS3cHgh}M$;^MJ(KSWGI!croBcYj_qjb0`c%xBN;
z!xF#=EGj8MDcIXzrf@d6H~4d|TgOY&gB$@?jsNG{A+wc6A*!Vs6I^&XCPQgSY-UeI
zGto#WD8%aK?WM260+eK6)XMT+Z<{jIFLJx(P(SsiPUJDfk+obN^z*nM6*LGycnEGE
zObDNbmR8Bh$w|m-$$g7H-Aot}jbOM)rPy)CC_XiJDv>)?&S`6sKBE<>te}9(C~f{g
z2fm9~oP@gU&Et18!>q1C6}@_<&9A>w4$Tx|_&mBB87dFo92uxrhv_%tYPw#S)yq2z
zO==z|yQl?wDr(xf^Yil=M#38lh9x83q>?JN3{dm&f{4CO!iPe<w_F~A^e!gmnbW4d
z{e=;RCI_)vb?a-zD(9x~;&`n!xuir=N&5yZ9{ZIKn<bxXZ3^Gls6(nB-R|}bRCdeg
z%Y{8}wX2JhavQb=qr>+F6*N(M=R%~Rj7|X+1M|H$7a?SuJ9SHw=di5-*yfj#&o#}M
zED+VN9;DTO_7WER=GUI{Vdr<jR&q{?sR%e-cvhC^E_4tf-ai}obAhXhMRUbFYGI%?
z1wV3uKQL(iXn&3z#24x1?M4T2=KU?310Q}M`8!8`*j)HJpNs_^5iA>?l<H077iJ|&
zC`!36*;UN$GWfET-d3`=lWlVm(ed!HIKCKMO9cTW<9iqiPqRi_dYy`T+nbWu^1-Q4
z0ZrJshiH@(tgqQbndR4%My-DC+6|ZF-jI4hX<98R>g`v3za-EgGzfa@@-ozm)}c5{
zjL5CdpXC_)2x{}x3#acA=53V?MQKN|x@2{em5f2HtWxl9zX-X*48s4cCYee63;x3p
z0CEqXE$j~?&)U6FRL_)(R*GHB{TW#(B@ZjenVv9y_b2f^=2EgiXjrhu+@Tqzj{u`w
zQ7rYg%p=nIl-m{W4pL74;;BT_wsR9-THN|a6;)LPN_KF&VL1XpZ!N{Ey>ZkwbjrYu
zdDQjd!oo;0LSAP&%eH7@es|?4Wlc@|+V#w$A}Pfyi>GDlnLlmFJDFZy^GV1Kb$!I3
zB$EVe%=*&iRT-&xxWs{%jsJP$k$X#&=Mp|w-Pf;Qbf_JWCB)}ezc)ycDv?pEsL6dB
z>1dc!VWSXpmXA%65+ritBbwQvXCxssl>lQR84oAm&O*iKD9Flsnab-j`J>&B-S&r2
zTf|tQ(pC99S`g_<8#-r7xx@NkR8D<;{pTyW#TpAWNkvOb%jq=4x;gs7YxajzhYFgS
zw33xGmU_Lzwu1!)=aMfTK71%8A%Wx;9<C1pHVqwJj2;ejp{Y(R6z9pV#GS&jvbblh
zCt~{g`UaV7T6<v<21PhPo1u}9)Fdi2d!|sGqk}6|I$xG$o|;0VS_DtB5hk}uw%R5H
zn{g7v7knF=nMzU4B~J&T2hSmdLrr_F#Swzn_4~)iJ98>JI%PoI31Y^48(yfd0R8q_
zs%71%bedlV<D#khd;)d!!3i}#w|4e9!^BqkD(!k6UBeXJgysadJ4sWi0UYG5ACF2i
zZcbMic%Oik+NZwH{-#1d0G=#(RMpiJbIyHs#9Y~%5q^5omwdV-D{!&R>b2j6eFwGx
zGHO-rKr&}>R@RG*Wg{aavz2d=cVIh6t~UO04QBc+6wr4!YFXmMNhJZ+)Udheqc0JG
zy$og@{H)4c>w2=@Bjg@Z;S>W&WtJD*5l9eUasnPliJF=kxOS^=V9-fOX=!d@;RF;G
zr``F)&AV7X>>C^}PwmJlDLLg<h2DY*n5vhPVX9x)?Jg8E<=0#q|CG{$)T{p3JWy`~
zta5O8xGG3}LOlf~CCb9W!V0Vp+?zp)MWjcxWmpRqj#4a7$fPV!7`Y6OiA-X)$<e4s
zgh2Xv?0)&{xc+>wy1vd?t8LeX*|=TV-;qGWCvf`Xp4ZWccvu|>u?5LCt=yp>U#J-w
z<?48!838d<Itm<!vPLM4w&RGXp4{ZMY#N`scB5k?mK-z8HU3vkN8DJ+)m=>U`pBi1
z5m++X+YYSc<Xu{VkaZx5=c^Q}vNMFIMMY(SQ&1!xL3D?3?^g)p<frE%P@9Cy6xYtU
z>_=S})lMp56u89cnLTE5-eR7x2{nx-=hDp*A*KWdKqKC=gGNJ74+8aiy3ei>QWP}g
z#X^${x~ZXzqhs~?(I$pM+*>Ldnn$Lb2_ivgXV2b~nE@c=z8uEs*!}?fehfJ~dyQSi
ztc0?P3g+);??Cck$9kW0t{nst7F@DNWP4cv&We;Q>cBVT;;pg#2m-VqLjoq)sSM$;
zH+M~M+{E;xNDwR)LvuowB0ts07~#{i4+LO`gdt;JY>mHE=&S&stgxT4ZN7Y&K)~}&
z)QTfd?9A^p_A_o~vGgsYxm=cUwo<du$b6aTD|`V`JQheMJgW>_$Hv5L*!Wy%0$c(u
zE(f^er|rh|#U8pjme1wYo)5aIb`0xGwOKTW)$B8cr8(=S(oJkAQnketLkj>h!n}*%
zxWFzChY-g(Nl8VN^5sx9;v`rXrwgP*Jym82f@8(6LMv^>@AAZ)EPBX$9B)6I-GB7x
zQMKtvRtDjoR%Mu1<C3fFg_R@=SuSquT1b~r0-PyVdkAC`KjKJ$DwSE=7oTm!J|k4b
zcKe>n#VQUmGd%-|nW~*#1stxbsHjj22<UVMqAF=<Xng5`PhVDcwyYp}&$Hrt<^oUq
zGV#c_J~TudPs-;~)6>Jw)Mh2HiHVo00|R=evR{2HQjw`TwkdqcT*P~FN3IpC6qlV+
z^6czvw!tC4sJM6)%w%+Qw)H~e1J7omn3x#Tt;y1`y)ZCobI^%mH3?P;#Uh$mbLGIx
zW+5_3Ny)<WZtBGI<`Sit<HEC-yUaXgHoZo>If<=fLieshw~Fvk*^Uv%v5_bN+VFMm
zXM)Dxmz9<tE3I49SUN2hmxT>f8JRa&`O9mjn8S1_ug!KNtR)+F810)D&Os74;iyE9
z@6SCuTrVyw+w@H4w3$qGS;YPQB8qdtG5Xi9UowK|HNhjz1zXAv8h3ut7(@r+h_1=G
z&*_p$hG5Y@g1$)EQR#GYTXb9BoV6$~wP8DR_cX-MLbq%kJ9O{Oos+*Do9~rx#R5oD
zquw^NK_DN#GpY@HpQhI`wp}W^EI6qN^&o%E6bY(++kV%rWwE<<NZ>-oWzj7^MJ`{r
z$J~`4@0vJr;L(&HCd-=v5DMAfe(^oWrx0Ys77J6!^qfLG=QOD6#!FA;-RvEbru~sr
z&~x}$0}cgtR4r;r2+f}rh&g-dNvnlzOL2so`tRqSy&N{1x2{_f8H*s`{sqn;S@~2k
zIF5^ZKA9+v!EZ{M8#lj-YuMoDJko4#{FeP(Ec5K;<0P{IC%44cZ7uuOnv8A}k}W7|
z2AU+mExc@H(A3x~0JfdH;FaT8+k9OG$c?Aq<bo6<Cmlz(f6+4X`4C$ZQ>3zcazgdn
z@DtCQuaxIsZsCvUmVagFQ*E=A0A5w0dJ5=1pFb7=IYM9in4M{RrU|Q;A6O`d_OC|u
z8`&p#JT~0OU<vipTk<&j`Vj-D4Qlyvsh31oBavFho+CwfhYQWk&EGp~$HfNtw4^As
zaYEjxaT1O>b?58d?B1QFg@e-S_nkk7t?Cxm=1lFSXFYSxQt6x2FHDz_VbQ&U&GK`N
zJPZtjT7n@n&2CkT-WOJGe6THc7<589nnG3)WXpu;8hJqI?&!vAT3*2#SdwdWEiBpE
z!pF^~a@%lQRf8v|1KBKy&9)Wdr0(|pu;uy=y9Xh;d#l;TCherG_DoK6NsUg`#&p-7
z>+Q~6ayOjy1b%2k#!lz5ds(bnIts!7{#<ZKNR9ofR2Ts_O9l!!3c(Q(=mj?7!wnAW
zzUBRf*;3@MKMEj+=$d+#hJ<+@-Whb%K0jOhR>w}Cw>U(_+J^OQh6SWh_!Ik&`QR0+
zm>vzk)->S`#mn7#TTfauJ7?2I7_+>xzD_H+6mj<}by>q2p0<52xp40jGlHT?dASlW
zM&$`Av4yZ~sFAZv8p(O)er9kek^LM`aq;WyP_*BRK;EQ*L)yp2xQ}k!`P)AwCCxUE
ze8p<l5w&QGN~-DUD`rcaAH7(?Y6qMR7@aIrh$a(5NS+qwZzcCg_5ge=2?V-O#)3Yw
zqD2F=s5pr;Y5v9OOo1Iu++NnmjkTwl_w&_g&HLqA4T``PHk>ns&{uX`j6K4AORt3i
zb0vBi0@sz0nj|R&CdF%?)6{ZfW-sHJK0~w;rw7k}n)S!2eQm96Q&RUeCL=ibkt8fc
z;ht63WL<z+tksvhHq;4^i?)P+B{BJ(P`<cx3$Y~uo0tg3q*Yc|Z<Bkiub)LBlaSHs
zbrHyo3y`wyZCG8{lm+z&e`*0VIg$s~Z{7u3w6EG1W@LORZ>3c$v!uH(sR%MKJfB#U
zw@j8V*K0AP(?Lo)A1&dleuG&2{P$rM3aawHaxc|wYn|w!1}a*XXov<e;Idy{{*m80
zHyvqMS;y)|z8)V(DHjm2tXz~wa^Ut23p-E>Hne!%n<M~UnX2e*BC2>mEf=4hTnr3^
zC9&waxtq@8y;<Y_-)8vw&o(c*Dc9t@?L9molSTo1sI-Q@HMX+j%Wg>Yx0Efaj8#Ad
zd!lG~QYk7%k6_p(tW-}9h(V7%Z|MaY;45Vu92HZHzExm76`h=Fo<4p03?CnVmrHLM
z<_<?hGds?JwEFYPedTrB_|&XZ9u*b!46Oeymnq^O0_6L!KaPHEFqIeIM%Q`9sPR`Y
zZAStXA8^6*PnLYz?0Do=RpY#W`w<r?QC>Hru-DC%#_PCCf|`J+oP-3NFnmrqY+X;g
zgy?ptYu#PQEPXA>1ITIi&x?-b{es)+pR2Pup}sFUDo*T`1KdWyGsk-N-CG3IJ9Ypz
zdJR@(vqw!uWwYgE@zAV)XlM$&Td3C=c;>VVg_^e!Exl&fLIyAgcG0NS=Iv$hT%xG0
z6~2(5v#zgS69nYk+!}P(t&lHuuy3O+5F}&nA)<j?EGo=B3AWCA`xINZv(<P%`;=16
zI`b{nNp*{`%S%sy-0IG`0`*KcM{|WG{KG@R{w1MnJ^h93bp@N^@xH8AR8oTN-CXbe
z48IRSs=2&)>E1X!{RR{ToO57VGELOI+%Hm$H{RiQdSh3_j!nXvzb|-&TQh>?ezIE%
zG_^d0=pm7sZ5pK$;~j04Y$6{0-IaVk^r-P%>9Iretz`3EoKnNw)t>}t;$NnW3LA^X
zj*WL(R-&|fhP-^obV71+a=LHOCM=$-Z^1r1gRlDYlg<2eD9Ebj&8Ywj0w34xV5Qfa
zFo<5_4&-`cBs<8uX@_H}TbJLwXb(-3xWy2Ea||n+XTkZG*I`%2+_nC$-E$_hQL-iY
z&{DJ5IH5d*Dkka272WHN!>6<Jz4S+XZ-j5IuO`}je8841@9C*+cb{70<u4CH+v=fQ
zWOlJfZoz`jHGszWL=&iO8uTs(e%hVaOZxnFElM;xr40^P=2q{drHJw*PXscOgScjC
z7$IL?IPcCEg2cp@(MnEEPETZWeR&3;H-}eBQWBozcX~ufb&I7zdfA8xI3UB!T{OJ~
zie=7;jQ5=$kMLv?r@SeaxAb!wo|H{p9XS(=1c~rHRM8+G`Ye~xs%7;xWiDRqEq5>R
z{cNmYnn;7-7Ve%ik63+>Nh^=<t6HSC#-APaq^f2+LfyVRy*SYUi^iiJ1=T`85fw80
zj)2?#>z*jukkL}BmoPsO1k&#Ku|hl^$D@Ogbo;zOD>|&^`%cA&k?vz>O~}hrILltJ
zo*@ihV|{{dJ)G|mwAm<LX&ArqJ+**2#Kas{i;Ks>x1oLqf)$gRTAGp)eK>$E$2_sl
zKUW6}i%PD!89r4=Rd#`^d)p3G04JNcl7JxTJC?|R;C7%p`JMPm=PXtcDjLnUoc6Jg
zfmYefzGxJG>OxAzy+~X$SbNm=aE=xnxb(oY`ThNU*$^T;L>X9%qMQ4Ob7Hf3(o?wT
zr!IE5X+Y286)6h(uC^$_eWsBYEF5mLYC8T~SsQl6+*gZj)|Fj#^jmkV#<g0F$m5cl
zG;q6eZs)+2kDe&MvXX_X@D4;zO<S8@vZ%Dw>e5r5PcumAh_%l#V!tuilHXBl1Zqa0
zC{M`YwOi$to-ptj#iUO-aCn`>&xs|49ufCt`E!v@Jd2)iLS)S{U<OMaTrDDD7PoP}
z{CFaE@$GHEUYG)q!D6PiVwH7KDy7PfznG{A34#gc7MGuB$;P)fGV72fg&kmM#@sBx
zHEDC2D_5Z08P?S``#NSkzXO>Z`-}=mxTR3~o?X!d$#SyqpjGT12JH%$Qs5_RM2ny6
z?@)f~1rQki9vEgy<zQf7$j|}^Q}y-h$eeTfUdGl_{kDh^IG2CtV^bZ7se{~$$NfzR
zq1fmX)PW6!reel2u6H6bF`1&)CP=Eun6_ANZOTq^B&r3jeAg8hXi(+{#}=8kiEJ*<
z+)BV3NQ+)4+FqCYJz;fq)(b_z1A=-iUFhH_-GOLyDl-?Du4cQ}|KJ(8hP^T>l%Tz?
zki$Fn9gQAiFWOUVxz=d4w+5!cfMSbEYBpl!91jPCWPbV@1FSX>C^i5iIx3cz=H<7Z
zuLtqd$eS>~sHm^J=iUdpOKV*C3eVJCYt((eXfc-6p>nAf*=(rWn5sjM)*k&YqWXuo
z&r`E7D_QT9ngpB#VzT&0!*SlKIm}Kjg)8&@`}dQGcOm`(h5DZw4b3|I<SkxGpX7#)
zhq{rnlNMBfy#={1EhiU_fQq*=S8p3!*jheg?<Aq^H4EU&t7QxaN>C|KSMEnn4xZyX
zCWvEPsB=Ddg)V+N@&G2{g&%e=?_4L-%6%ekYtGnGDX;gs?>pNG7vxFU61~VRtbq8k
zp4V2WC3fH0spB^KmZuXa{m~w%$B+!n+qBGqQ3O*jxwiSB>Pqy&tCXNx?tM5-I~U$A
zj*#if687$Wq2!Q%Qtvw0Zp{iL$~^KrNX%jYLBZQUI$C-I01XFq9M3>zA54CzKxyTK
zyn69Z-!RjM_wo2=0t4bJtbe)yj*~zWx_{f{u)lfBoyl7n?rzUFlG~5|Q&#-rDr83b
z=+<LEgqpsLdsMUkfA$I)&aBwIJIu0(4|&`G_r2lmvG64W!s^WqnzqAXdUegNp$Krb
zuJ))K^*Y!ae~MQfbztw3i2u1(=<_M3Y{?JIE3+ES@b0IIg*u5Rp;BVsCo2Vwdt1EA
zj0e>VwjZ#veJ4690pN(P_BR5=;k5bw<9C-hxXMMCK3=-GoIdiKsIrKh8)Ge<jtemL
zN@@Ewx$y*lCyka;)F^<GK+Bkr!S>VIyOb=aT+AZYT`@JM`xEP$*w}Jt_$RWX^wn&Y
z{#;8!^<5Ujp>&e9eA=nsfOK^@IPcg%$8CGxJn4yX{DO6S&$8J*6VTO5A0b0NhXeQ^
zsc2<o^-XZ8^uS9W1OO7h2^NXTZ^8&HZ|MCD!~S{$#to1W8PMhXSIp6$Vqn~Znq=Xu
zOa?w+?B}<uEpwFOaT=D_3f)elVUP9Z1Cg<Ej&LA+H0curvIU@n_Zw3XeEz;k+|c8!
z8ZK8N8AGJ!v@0a{a7*HZE5*=QKDC?U=A09t`bk-GBpcZ~8Ll%ROzaFdhKbHrcqduA
z%0=<nH|1VZGhCf=V$;;vHw70t*%!Sj3_j+K5olfgYtKMBw&uGsHV77)EOU3Q>UT6U
z6K}K&G_N^CI<vG7j<t)Xbo<o?WkHHlFRCkYI1+MBHvUUh_Pw0bXvNK^m}eCUa3Gpo
z!Pc(KUojmm+3Yjcbc1}5u^dAF0zFNsjLAPpM;=L}@ZaDwWnat|k~q~xv6mahkd|vm
zWl>~Z3mXspVf1G~gz%YL{<hu(Z&52)(kD5w7T_TH8o${Ce^t9&3XEkkv%u}3|5GKG
z!2r@CA%5rlySV*Dh{lofwZn6sG5^P@h^FC@fGxq>Ki12>VFjI$JpC*H>^82C|8S{Z
z5)S;!uXysJ?mh|lhYS9p_V%A_XFUryct1$l@G1E@L*f5h3+c_Z*H1ZLwEx8js}qMy
z{o3(xn1X<90eNfq*QtNS%*j$vrd*tU-h$=*S)`07NRcry=VCXpz%nT3*F+MpN#-P0
zea?zr5-5>wbo-EPr3B^)G!haJ+H-CAiUe2D$F@b~spfQY)QDO&+kDIt)^5IK{uhK(
zRp;agf!I>W1iZtv)8^271fp<?j4Vb~x=Sii{RNg0r35spED}4nzot$3zqkbWf4Kzj
zfJ<PH)~d*TwH0*kie^2rMclw<`KtDBGuqX#XjF-xhT6I2wbt#RA=QDzO&>8g19<m_
zI~Ekrr!Uwp9_3f}(nj#>$g+0)jWseWD=TZ<0A70i7uG;MTW?Znl`r|^hhq3y1L5zK
zToU=`jY5GSfEma@F?6EVjxdk|gsv{B5OTNH@>QX0ouV37Q|d`);z4UZl>a37`@$SI
z6$R<oI5;>~()U!)1S(#lu~bK(WNHvoFpuDEb-uZRfwSAu_2{3FKmx_u>yh)iYQ3f2
z<cFJ$2T25GTUe|4##A+x%Aymf5%ek}-a(@mpObI5A;cFmkqTjEb@AxE_stY0Of;P*
zo}*-u#>KsHG+NwTd8yR>s>aietYPw2bjOQcn5_7dhaMv-jeV`O@e+!@KBXLJKErL;
z+O{{=&Ar$?OCyN-FDF^3{x;!(lgFExG^jCzr=(%$tc5|C+`#TfFq3rpV=QTU)Qg&w
z-C$8-0Lh&0uVs3m^sjo341+(;^lieJ)&O8Qp`E}3T=oW+6y$Drdx3OI&H-RWf@e^n
zVSj7)XG+-sHn)%KKq5c<zaF{U;|qCWFgjV@K?vf+XM=wojsK{LPoMx{>+zjw0sMUA
z1$Mi&t#@V~Kx9a=)xMkA{tsF5-{xBh?)V+x?O4rLO9r74Dr#w^AfOYKz<pr=7a)3i
z0WeDN1SS6Z3W#v2FE%cYWAXZTCpx>=xnpi#ULZ55ZwKx3-C$v?8sh=HR4%)YJ#WC8
z1p-JUff)^iA;mWDtGj(Ho~O25Jv~77y#2x(V8e&NMfPSLo8fRZW#yc#tSsMiGy<+q
zAb2a4e8!}mGtmseEPMC{aSEL1Ng?KMzr@1uayK?iH~j>Y-92*&&gbK1O8Au!W6TJc
zTt;bkqsZWo0n}iM=-Y_vd+e+KsVj_#UxS&Mc@(;tcR`?1a$sc^R)^sz!<q7?{5~PO
zi*G+;JlW1-izfIU3rc7Dx7*=;>7YVz5)xz+7-#U34jNa{UKt@-#-DNGo4*Bc5Z?z1
zDA0^S*5e@F_vG8t6(ScWd-0$UAYH)A5y+|me4SIeKBX-lCq+O^EG#U9m*9V6&45eg
zHExH-z}zd6j%UDQGyMc=B5)4~;9fs)rX~uNC}Dd`y12Nw&xar+)o*AKAwMF9OW(P!
z!O+ikq0>|dnVs$@3ofwz9^#AYFhX8cAX=iR2g)XMY=&_z{x+kfq8j#pNXLVZhK$WH
zetjhyFp4g4Dpa@R-Q*5~VpgJ*Hy;E8)*jM5XE9ka0^~?`!*8EH8Nr|W@r(?XpVsW>
zA1Cg{6RNT9+fpqXSPL#UuZ(!fFv}<BxshvXzmSuokL7p}4-beCSmEJi>Q&8nUJDYm
zULHt;y@4?9a&-<Hn1w4M%RM5TM%IUG1N60BU0vY8ZY(O~@>ze0V?8*>YXpiCD5Ss*
z%&c2<mj<RZx@vP((O+g+i+fF9fB!w6HBcBVqVXNRmc!SH=N98vi+iw*HbvN%G1}N=
zs!>|>rP8G~E}26cmyKArp#sCNmh=|}ar0a2=4&YdeL74co!eG~gpqHj%CtdofHc@=
zN=n)2f|pFDJ;>vr%<L{SJ~nn@H$)f^E+s83tuI$oVBnx=C1Vx-n-XA#VFMwzW7YnF
zr*?Nwj}mYtAdnx}4k8$%J*M3)+<lwRB{v&cIHi&6;`$thb8jn>A`JhkNWvN#hgz|+
zS-NU=i{;>gr3M1YmW}6c6D2Q!TGXhMYH2>Xnm*>^1l~<dm((+XXx!S_bLgi=4hv$V
zZG~#Ngh61=0TasvnxYEZZQ3&j2FHPWOK@1&#D^!Oj%U58TX&i5SH7K(s8HyJh(L=<
zYg-3q$D9<dLRlOrtybB8zNYlj#~&}@R~KjdN_9ZnS*G2jtf;78c3T*f(xJ@!jrq5f
z_Ka(PZmDKSjFWKOwh?178@I})Hr}rE-_+Rz|Enk!yCpU8VCgFUpcmXV=s;#HvC-mR
zP+pQN8uO^Nxd4@(E1UYHOY^-$ss&7mnLz#kj+1~@JRUE5_vw5&3UE_)8gY(R<8{wV
zmVjMd43<G5F)^|4`}d=*H>guzzeSQxG&q=yl?RX!s+1g0Cy9-4DQ9oVd(z|=eJ3PA
zn(|j0nKi}#G3Fdwp{^d-+cDUS0*>sT;(_~LheW04XDe3p==pdgt9tUKG+Pd)mnYar
zzcVx~Fhul>>F)u}f6_3F3f1Q~5%5G)d7KpWk%kt2^Gr-kNEY2>vuc%Vch)$9v)qkh
zoE{R{jb?<0sBG!bM<LP@W}n-8Ib>IxK4Tep81@3jhE@o4MyFuKU^MD6t{*N4z|WQh
zOQYvO55z?fC*NlfIRHiN&IvzI5`ph}<!&>t@0r6mp$TFMkYwDty`5h7r>oIF>}IzM
z+fPK;!Y5RI&$C&7j%Q@wx8o8xJF6kt3dlY%c&xuag`)hGbK$U<%;JCIWKgW7c(v4_
z+B-o+MuDJ8|2rFJWi&9~cvHU1;Al&nf@Xn%ngL|?32GlHxBrj>NMCnm4FDrkO-4pW
z0zMg{;^NXpy3u4><*5rgy5^xFA;?rBHnGKZPo_JX+s_j{Ha@uHh-<`V0^dIh6m?-J
zlto27-I=YC1}3vTPio^zl=P*5n6h%rlGm&vut2xO5zfp$?aO{yN10?F8KP1Vd{E2e
zE)ocoLCJS*obNM17z|U#V<A8pX#l*#K93-CK6s)JH|JX;1xR2i)Zztch{YyIxm89;
z6YKZ)!YH)jcSuFZwBrGH#j|Hax&Ijm4zAWbJkebwb+y+{acOq4!x#~s@`WRm$sR^j
z{}(q%TlfkorlO)U<+y7CPJJV6Qu7{<4v-xj_gYRSmrf_#^3FYtq$l*}Fb8IB1o!2=
zq%qgzF26BUJ-J00CVJMK6{thdlR2@?sY5xS)kZnwh{67WO5o>;N~i-&Ol$Z#O2|2N
zwx-zaiP7F-iw39#0I|pToC|d<>aH98Ieu=VR5C1)UfSB}H7B7`c*UIO^IQD?m<>Q!
z-bKyg(en95gN}}F4v(8c_w&MJ_Md6EG%1IlDcUxo_{qhijb+t1=K6|3>73moQKsqh
zJcOM$>rY!(v+Nj3XWm~r0{sT9&+dC4yEFCFTgThe@1G2c8wUN#p$mvZwkCZN0|}gp
ztnYD(_<5Z!wi&b=O}~D4g2(UfSZ|P->cEpaP^ZV)kb6#~$+)9-xNsGSuS=~nv3575
zGS|IR174*9@jdPxTKH<q!Rx&Jdq$wCu~DN~tz6aEIB#@ptTTa*Np)63AO*K1qf7r&
zZ|QeL+$B@Jah!=Fv*!mu$Lz+(|BlEt7YDuV$vHq@;W6<3>!yjeck1u><P<5g$~71A
z*Xk6hgr?YAWK;<Lm4@|RGJivf=B1diT#B<SNh5stvL;aJbGHb$ayD{Uxt}9jbxw;m
z2E_OGqlwyGUv;f$A;V0ZXRkJSru8q5F!rcq85|JxE-c}9g$xH~br5Ed;=X;h#oMjQ
zt&;o3Z9*xCeR0~f_3<B;KirLj`^*r8G^fG})_G>S?7TcNfGmJ6i#E%g81APu15HDk
zX{e|0J^omT4)B*RoT@$k2$Hre93$+t-L!(A<&jCw%*>o$pR^H=XZ>M0zlq1bK6a#(
zOBn_NJRY*JqLSSo0_cxT>SrrA#DAit5PsN8nZ6M%FYvJM4+If<ONEg5xQN}HY?ADq
zn^wGOn0Ax184#nRas<52O~3fw(USw?{(>hbRG@&;fqQk@BWS&NT6`!2OT~9e4W}B+
z-(gus*4DFRbvY1sPV^vvw0Zq*M?Bxij_{oA4#mxWoh=qX{RB*nuR<1%KZjlRJ|n1}
z6UvoR4u!H!Pn&>w`BDvTS_l`^1n6a_wCb!=p-|{0&mbtSA%)lVcmop=01KUGezPH$
z7agfz7=b7y%l?K5&(xyHWp5IcK4^NSfN1A+`ZK5$-S7?yBPbVv42A;`SS<pK31v^u
zW}9V1AC8F=j5!iFxr@`i7ZKM3OzO&wzZlY!0m9;#f^TSFa)4=loi~~f2glsjQ)>gK
z0Ny+A-l$)!K|M5Unx8gq#c@1aT_b{b|0N2@U_$;4<I{x#Vhy00O;XV&`(=v?(V8;&
z6!J1a|M6oa+LE7!?@%mld>$b;6J1M83FqP?`gza$c&?)h3mQvb>q-p5;eeyeKmM3C
zfnrjQFZM<YX^7)z=!w6%#_&wueSVm8-6zB0@!=GNQiIqN1jvv1m+Z01Jco{ow1$AP
z&i`9``eQi#pW+(3A0)%?b4QX6@CQkiEx6RZt|%re-vgfNY<c?&Q!tzlBx@nUL3Pjo
zU71PtI!5J@!W~dOchZ)>5%_RwBanDt6j`_4kLW4<IROFDvrbCz@LOAKQ)UKr`CN`r
z!d!QwMOGSIX3hTV1oD&fh9qv2%u4L<!%QB@D-Ud=$ZM5{+8F(DOXwZT5$EPQ35rp6
zj2|IEimUq8$sztx4Uxhlg-O4EV<bf;)1>1KwWFRp?lEb*c*Si;r8Ho$Q|P6t+E|1X
z{JFm=y+c<9!)70JqC+9Q@?|VVK23|Xh{#{8_yIl1pUd9oJ2ibIJnS=w5Hza(^slPy
zAT?FhTBu{>mq$ZSaKG8|{NMV~e@T>4hB$#n_BDtfKYqLev(RRyf+xm**SLja5fhny
z`;7dvk;=q9oWkmgW*hhArX}u6nAV#sHze}gyL>n1GJQv&`t7ll>d@n&sbx#tYrLYG
zXu98g5|eEdC7<4Hu~e7X@&olu54Oj!h@WW`V4+wvG{RKy)wt?GOmS_kYP!#L1H6b1
zU^4S>pPs{ga_4chY^Sb_|5?9g)9|k!Ny~uJm-Dup3qeA@X=OS1dCQYeF9Ve+0nCX`
zHDx#}1ck4?;-RpqgIEWpxOs~>XepF{{}W*j5H&!{=&YKtye*sn@N2ld73kq`o(8Xe
zt+krV19jDGZ=Ucz1B=2Q0Zr;r?N_2KluL4+K&~`dETK$KDtdVGUEya+5c`>E{5Car
z5}QS1<%}v3VG3sL6ZF+_VeqTd9w7M+1`Z)vd^}o$UC|??_L8PE3=6slnnEkO$0Od`
z4<2`DF`FLU)8IaT7q=&kTZnroW-j(v<TkzfetUv}kqxh6%HR1(A0h+W+1x2=?{R0d
z5PYhQ?{7$`w3YYq58c1tzS)&Qdwf0XxHKotpvove_I@NbwJ3I-3RSflEeHe<cr%?!
zlfIA<iO4IM+kZnCc5Lo3f5$Bg+CkV~NrliZcy<!Ndxwt9(SlOaL_@Hb=CH6d3LddO
zD7$I*cMxVSeE1(a`035|f{&~6YU<66iFYcQA&KE#!&7$O&=+^uOdo2zFB7JTvHFB5
z^`PO|8BHbD8C9iK+=A$AmnrjUdyFXb#j)R8>LbNX{elDq^0KGJ{*Q#2sZj3Tdk+3R
zq(nKpj{MCVO-z<($Wq?p<fhHCp60P=vgk0_+q~YoNBZLFD>m7ZJK<KRxi>nNk$ajS
zrROrKg<mLQFQloxf-aXI`VT&NYU*hD;WS7L;p2xt?fw%?zgK^?_aB0VU;NdCU*#XI
z`hd7|`~L;7KzM*uDmYSW%1~7;De9ofd-n-wk!#s)HkzUTt+Tw3lG${$?gR4WF>Co#
zk$DNqpUZ1ROj+5SKJN@yYrs1=ZueOdd_LXkXKwiEuK`Ise$6cL*MP`A6yT8kHK3=j
zs*OLfNol?z6|<=NwpuL^`e9sr3iZj8hir|`lG0<}NZ>;PEs`Wl|KFXBuvH)ovptKP
z-JE`W`|(3QJlucxsf_aU_Fd4;3!49!lu}%>ry12c5n5L2BNpE7xom<h;qU?8uabOl
zp~36#EKU0FX_FWeM<5(D>P0S|u3bXaj!HO^;ZZ`+OnT1tSKm*}tYzsC8m50AJPMz0
z_~2B|_1m-2-;J^4#Xf9?40iw{<HHBG(7=&ka0dyGtXyUdxv{*DnCn$nO=R6mdtV?W
zE;5G7mP8G@9P+mRTA|VABvlk1cZeD`{_zGf`t;{HnQ#JUPHv{ZZ|W_ZOyQjObZp~W
zF0LLzpx)ag<I(|80I-k~Z$XcalCWMkbpRu(3BZ9&*1p5Jgy~QPo-Zq)Tt|rXn9P05
zEaQ6ScLV;mq6}>Ob^A7Rbt(=tScLgh5Up$2S-*fby!Nq(W}Q)g+?KnJ1YlefPHoUK
zy1c8&jx4o&1H><6dsESFoM!AHK3SqUqJORGY*L;q#?}bp+(Yca17!4iTcXOhd!;Y`
zUNg<{YW+{_0g+daTu)M8$b7jP!K>_##*LlkYya1-l{hq?Wn=cub~9}G{C?icI@I5g
zVnEvDmuzEs^S}0y=J?Uy`{2X<P;gI-zh)-V_dj>Ye{MJbI%mj>ckR8i`D>pSWeoN!
zH@P~J8ZJifP8u72&ND>m*G&$;>R8_OR5dcLsQ40wYel-*!<u+u$}(x}?G`Ddb_zvV
z^LeWWt<05?F<orc)~x!bl_>r5A%^tQvpfOT`08tfADO>PQCOC!zZhxQ&9kN+Q7Toi
zpPUJkeMw9=W?JsLyDeX4IMNcgw&S78ktn@LV$+65Iw%Ycbu?ZwAie2&NH-5{Z*I2R
zqb_N_#G`$Io#?@NFt@rj)7o}k&)i7HV%)8jw=^Q-<K(Wr!q9IxG5K;{2f0=+I^p8z
z)zjpY7?KxZ8Ii&-P%9XNtOzNYYb=PkJ(3!1<OQVDv_&O#5#wlEU%7wtBKK?dpDCHI
z|5z6<`}LG0n)5(bm;d8^$|~QKyNF6YcjxR=2j)(Gq8ifCzSxg121THR$WhuQ8jVk|
z-+Ev3vT*dUUezT}S35r;MK32g94cG$@{06be{K^Jy%MBoXR{F4#NBj^Rbf1W@2ZGh
zVLe8nDzKXIBbLry`uQ2QO_kXpR;}e?N8CX2n`<S+k1i3)&n0p=7GJ8;X^6~hh?amd
zwnc9bLh1aj=nH*>nXZAur)7dBpHyNb&hf!*t(gtv%by=chz^W3e9*!MK@Km&R$5^4
zi2;s7UFs$MgLrSV`Pi=N9@W<?rK?M;qL!}K2+{d62Hnkc9IXNo4;j~V=iCy)ssln2
zy@F7ei)4>S91<^VStgm7o{BM7rU#LVtDrn>NI4VbcyJ}gZ2Vm!6y1S=Fk+F9g<??8
zz|QLCSmF1Dn@loaBCh;*lL=n+@9wS-0v3yTB5awiH)muBEkSb0BhzytZeI=Ph^RHd
z<&TUh6RJ+FPAB_$$<^l8wjF$*=Y+!^jhq=unJvN4OTM=efJ#*9!yO)=IiPW~bIldP
zjV^0En_czhbP^$sk1wbusC;+6Bcs<L(XH(s^4k_KGRYBZw3PaynV(^XtK=+Kcf_T4
zawXo<3i@vOr)IiLTU=wYe_nt&#4$*lC=YxgnVO_q<Ks&-Lsz-c_W1e6`N|G0+NUKL
zb7;U|FnTQEc;%^mIk##%4pZ6@w~}P&gRGsLdE*{03BimH)f8Zop$1r=qHPSuk!a(1
z#eSZ$B)>m6PhUHCz_O5wFxiAolw8IOZx7P@&*nwEnzK8qZ$!EOww?J!?s?Wj*JDeP
z3tzvVl6dm8_8)_q=|xc*DIZF|q#@;9kF2V@BR|&^SaL!qquUxDTmGHwx=Jg>R#rH!
zOfo0jR?Bl<MZvd+8A&_=as4$$@`7_k;YbzwBq^e;wzk64hx)q__I8vJFGg&cXu3q?
ztnam6CZ07{&=L2H(W+maE9NE5ed9*!o|qbD!tXsHHz;?TpRe<KKa7t%yL=!<bfDT6
zV)RQnDl6G6|J5vhzk*`mvkGVfdC64<B!BKcN(q0-M343W)y&VEilhmfGUIk6N_9pP
zwVTr?2x+Nu)}H3f(($Ea{AQfAi{F-^=?ta!lq7d`z1Z19kX=tiI3-;u&RqmWR~~^B
zG``$X;J5PTOVsy*I{}71YlVC2&#-vxLL~}y1amBCmiL+mxu<exz7umMJsdJNNaRYc
zUYwc=lW0<I3`^OIl4x0gl;q4CHQ67fq3?FQoWCa?rT+kh*T6f)a|e5%I6XSOt0PR6
zC^0tp0s5LcQ)qvmc;LI&>XKe2h><^jzTlh^u{Vc(Ah=i{{n=>=P5tg>%h`n6_l*qs
z?T>mNl#j5|E+@A5@7M=8M~6L<EM=aT3muuEZQ{i{A5V=9w%@PjED^SICbJ~6THVDU
zN*)T1NJ;QrKiqkSilbDeLo~f7+qLgR^Z=W|6%5Ss0h2^C{lj4A<q}xX6H1G8f}VQn
z!`?c1le}>0NY&g2Iik>&=RVQ`gYt(7DXNE`rtZrNq%|q-^NaQPtyh24YZ&jCod~w$
z?@#<1ZZwitkq~tFX21B%@J(FR4;^hjQOLZe12vb1M7#e0HZg1VGPNt+$CX)x`HA1I
zMG-^DvM9wh;mf#M#D+{hrM+KoWK1mY`UWIOFbzO;<%@OeQCMGO4SK(N-*;_UdBS7I
z&mNA7O~hJixR*NkJsIk%lZePlvpZU0__0T$XWw#n?pueh5ys7_ep<tFAL(!dIlkI~
zOcXnfM2>Y}*b1U?^d;nNBlWo}sygG4iD-Uo=!q*6vUg7?wT+ggb>IxHd*fOmR)6kt
zP4>Ioj-&m~52@7s9L%}nlDox+i6_AUvGSC<yfkXBE?;($L^j4)lU{5YVp&R1u67Vd
z84E}gY0H=K##VnWX3#aEwGbnF^ZC^~_1$+#9zG2VyYAw&TJ2j|{|{|%85PH~zKfDz
zA$SPx5(vSAdmw1ABuH?V5Zqk?!DVol1e*{Dgy8NjgF7?$;0}Y&ZT9}{v;KFTyFc8u
z&Y5r1U0q#OUG-MI_B_kM4D23-%i$RL@=w>)r@7&$40VF_#XijAcy)clZakaaDnm5B
zD?Ir1NQtN{h!_*-CwZ)Yi)Es<=`__hxvH-^_Rc?&%o>(FeHX!yJ12}&L7CU5-L46Z
zhMtqs2pST7RnkdzMH`Xqx(58Ir7oE-&+Yp=Jw1gpX_~5RD|gjg(rOFi(gmle1WD!b
z(=>8^U%~J&LbvPBEXLJ?7G}`T90jmRH<r_C)3$@lIlCMBkc%p-<|?v;#p+J<^)MX;
zl`>&1T((#r%hwVfyoU#;#xd2#<N}#fkU~TCI;TfPy)MVz@8+z<Qb}DNaXa~E1ed_I
z6MRrB+&}idsQhw_7unQ*4!R|ZC;4G*%HZZ0kfbyg82_n^*O)2(b(i9Z7HL<HnfOYV
z4&E|7a*f)v2?Znek$a@XlA(BRgAiyqm(N*ejytiVmbd@f%;cQ5D@WS-#9;Pj+wdg=
z${vKdH+!h>YpUdDdf{$WDSHVTc5Smos;m2spsEE<P6E5#!?wRxlvjm;Gu@lR=&63J
z&C#NnL$G>sBrQZ=>&dSa&rh#&I4JwrioDw|Yq6aclUMT#n4XyrJ$9DhQ)oFIuu0h;
zS<#l5Q*N=Qml$bt`)S#?*DhAGUv53=LvRuKxaN@OQDUB?LrWF+Epe8ub`!}UBlZ_o
zv`3bNFsdpiGszfHg5rtd{nGwE<8E+Sl%#%xhaH_yd2*KwTS~!-(8cDTE5~y!NDeN$
zPKw8ND3*_NpYYS=AIodhaY9?Gx`tCYV!7onPN!m~0(gCv*5M?}6$|BGSQzdLfJ22u
zec#eYnbmIvCH_m?3hxvd%<MQvFnhSS%c!)(grhtf7l8Fn?xTGkGJc<!Ua&u8KAnWC
zee;4>pu7EIT-R_jAE&1|P47;25}UWDw0lc51b{x^Jx&F!>1MQ7N!IgpmI@tsXVoJX
zzHG}dT|T$#@ASLbv+@5>g+m#8S8ZF9%xQU>B(vEn7A3s&d)A)%-N(g?op@<Q^>nXZ
z-@i1uJ-^T}^ABiZ_eZPCSFYGogF4aIB}FnyvGIY(Nq;jQYsCpgwLzv+I8h%rhtNT`
z$~8#y>9a@Nt$i=JMABtHmAlL^hQz0Mt@~QO_E^=hjUsuy=0YiO<M<4da!NLL>v@r6
zLrh3(j+`M2WrSI1qV1gjeiYRZqZKGBPdu^TuVu4>J9yH_mf?=``((^Qm2r&CoF6fk
z=N-6mOGmrHn<g>W!_3rJQGw~aLROjf33q%wh?<_!k7BpkSWc7-DI=owOCCc9L)7uk
zorJf=Wi5hwWDj1JeVu&iD3WN{ZwgH!_H4qK?&2Bp^DZsYimJ+s1KbY3rtzei$b?{7
z-M$EAEy?7``5)nZQ&0b<U3?LXGRzL@fkssESkhp#v<{9YM=7c|YZj<D-C5(gv}6u6
zSXF=fs_=b`k0+jF_3CACzgp?{KU6Qd7+4@7jALW-CJ|5G9LsI0<n)FHGcVHz*hp-m
zU{ZLnjFSlI+;o|f_`es&>c0Dc7vdDb)KlZE4d^fX;YAS<RRn|K#Y007<CUs@0!w2`
zp42lRJ~FKWl`WCbbo>LlHPWfK&=`NSv>UF5{0M~wW0w7hWAmohQT^qQvY(~%IXuJr
z%>h(4Zp){l{J#{&&lzd|Q2_qCA{kiK=jN1%^k!y*vb9-I%-UxTELyQ7e10?#HGApI
zY$M@fO5vVBn=!bUE5wcB^1q+MQOlziEz(Qpb;B2I+68Q%x#X5@tNptT1?1M|aeZz_
zzHy2@ECQCCu&yFEC33xr(4pE$l$YLY!TgpKN;7t=`=6Li$_9;xCEE15GGrZ=6%D!?
zR5G=%l7fRi{q5sGpULIzd-aa#E=I*xw>GT;JQH`-o2RuT|8E_}Iv3Df>uD}N4EbA%
z^c#HrEL!X#<Vfvo;vF@65urHHRWXZ0N1v?7%IxJO8yF&$2!DO*k4e(zeWQ?&w?rlM
zs3-8a0FwUB)YdJ4wRX;l*139z^FjRt6wsRjKr+s>JFCAcCPi)(eQ%2}3r7uR$m+Gj
z*>@`b{Tqzy@fEw{qe2VB{n*I`hWAw3!Q37H4@EJPk!Mp~pogSuA|L&jnh)c@HPv<*
zV7FpEet)?st(BeAm6to)#@=;CAw!m`OBVXoIwP&EI}Eg$a3xI>?B9}95QQ(IbF<E_
zwU2(&?4sienkx7CN8@dmn&^@#%gnsBIPII|O+atW2wy_MK~+jqEc7Z)w$306b*dmR
z2X^7x03EgU=x#BW-VHXHh4jC+KteRT)vJ;;#5;*pw||;7&i*ihoHS1jvmsACD53)R
z3FTdfJ5AiLnd*cbFFz{5JveRe_NI_RS;HN&!a|!Io9Tq4a`$OMlEchM<6%j&{eoDf
z&>-sPUUyZZ|8C+lzK1&Ta&BSqR~riB0X!snvm1JQ1qIrDdZ{skXs63^(*a*h%p<8C
z|C$`@vV+)-ua^hq(a1d|jFdJ@D4kMJ4F#|2(LMLv_dcCHOm5&e?n)16)|$VmzbSn0
z5Ac6{DtV%RoHiC9GMK8;ZZFdBFB~i=;btngKz`*YBH0Rwb#mmWq|xgp7L3N{Rk-VB
z9(Q0f?_|>{MGi&u+8C=)bq;~85)zhYmi}$}h^PDhzw~4U0$`c{M@#;H*-`$dmi#}B
zGXKqh^53jV-T&Wan*UaPhn^@3VZ3n-^04>vEV~)kp4O_;5w@ntK^8w*WZN$Ns@B25
z@n%b&hWXkmQI9*X&3(N@x~Ap&UGRduN2EnZxuI=)_<WJqT;p6_@6_@I=mlbB?zud+
z9Ft1*&AR_RtCc@c@>^)7O~;`gH$#0-WW@UwYtNgAs2}jSlqh+bf{=&ajt{8Ph)yim
zI0-0W%Q3he``5MtmaI>zG{Te1HDlSPdfW*$b`Jg9(|A%Db5M1dVBP-r5kEang5%%o
zjnlDjWD2^0i5_01ZvUXYjpfT5-N5R+%u}yDGjwDQrWuC3y*&VNn`kuPaPVDkS{|Dm
zv96o-NjwX=ie}mDb)Nsb{q4oA(-5)^ZE?MsFBr=@vH$Y2%K{{*|7P>aOK(4n{N5qc
z{q_<8s-?Cpr~LF|@Av@J`Nkk}P}%psU0AA}z?D+k`&}<%davQXYN>wqsF%%OPT*y+
zejazn9TlGwZVqF_Q<iK!z4`Kc^)DT$)|dgooQdv<(uB^Q{!wZ1F);7@OriOS>D(rd
ziI|lwd$=n5#AoYVwqN96WJmes_?)J4*OP-lO1UK{TDooXa4R0W)o*}-nJ+5DVam5A
z^DRnlqD;XCARWW2ehmz~g9ae|E)HS%Z-7LBt1*!OgZL!!sd;@7q7sdMM3Qjsh;i%8
zUx_($T6HH}dex?SB90f$EJqh(VWM#@B1eJY8P$gzG9G8!O&cd2(zBt#f2LKEX-6xP
zeiC=LYF5@{SI4f!Cs2AE4JFdKpI4?b;TXHI$X&SO7;8mVO~Oaqkqlbi9Pb^{mq>%x
ztzed8%~Nm`$i3}rq#J$u#S}Z)*tfR%#$d`m&*A=`M&;(mDkMh@te$=n*haH~W^>Q?
z&Jm8ugA%)TZG{lc@2~syQlx5lGP`Zm|BxFWK$zEzc>DgAGx^ET9cG53Jq8v;foAi~
zLF3+h_3mnGR8$m@6J@p96~S@&i+QB=Hf5+<)DcztS^C+K{`j*Kos*InAvK+}(?OyF
zu8b##776ubC=jpjgN{YW6Y`HfRmPux_h&*9tal^4+G0;D85ZRi$vhwyWBH2O54+e$
z=H1qdHm^T8R1jcmTb*qUB3D{0zyZW?Hf8Dp-9|t9kaEpq`x7IGc{iqP+7FCrdUe1;
zq`ikR)f#%w9OV%uMqtKre(Y)qHHk~)NpJEow73k@v1M~JV^5RnFHLp4y`n!kD87Ha
zHJ>5dL+Mr5j3I|GFOn3^OhWtK6pjnA`s1G)!Ef@C@uvFZW)5vyFOiNbEDsYr^PF3M
zeIuO-uf~vKZezr%+d(UCm+uj3ui9q9y)i>db4gl7SLdv`;6khGiu2o(wWu`lj>yyB
zIzukQ=1UV(yQ&7q4n}v?1ER~4Ws<`t(3wv1LA;s(c*l~RSY?2|+(j<7qyJ&Mgx4c%
ze^bndotnJ#dJ;EH8$-?Fpwe0hM{O8>VMoG$zu=ZR{vBdq{iwunfC16C1Buu_NH35~
zi6%x7TrkX*?_p70gxf`XeR;%t_-EDIO2Q>eT?et3yqleV^S59BZ%WWdZomK{A&|P=
zKkdC%bw)i{&^Z0~=#=3nD@O9V6_10Ige;5lo}^;AgoBsCdUHzuFELVPW2b0~iwSjw
zX#V~?ME|-_5mBoLC1z~>kt?Ozbx?#*^e(7mSlAWi)8hLChhM^xouy3TP2n5X7y>A{
zhxq4N`6ZC<90Qwv?F^L<^;jnEAFT>`Ph)p|b9XNF>m^4_S5CwhLy3F0KDaJ6;p+8#
z{CLXgSGF@?wXo5%@!CmQxkrl#Jm$gfl8V<I{d*)Gg77?iWyvnw{&Qh)_PCJfQ++V2
z8V-0X+cpxf{)lPB{J4@8Z5ga3bE^OdZ)*UhKquzQp?hPwmn{&(0i^pBe7GCR5pP_H
z!MCSdJ7<jc^WwJ_Z@Wvq8q#eFE%*dJ9a`&OZ%Q2+C+#t1h4wYg7)0yV#72lKKQ+ve
z>e=!A=pVoMbM|rABdGM#cUFJT&@n@O7*8!rtrk!fqi;=dOH{!XC&Lxm&GsjTgQg2J
z)<PmEVc5dQv(6-v7VW3o&n!9gI{Ox^%wQR^n=J0*0kz=;p9Sk75c)Mxu=agi%<atU
z{_V_>9odLKR_K-Y;!#o#L%$;!zgEF5)%h%NFJSBzra@tQk~6j<O<$ueWN`wV_|>l|
zg<$EuO{tZNz9#IOK02kvWRR07>)9b`Eirz4mp5$9$to6<{R;3`&KD}ZPDGB}sdkpH
z*L*fBi;5K6Gj-P8(uW5~6Dp{H9<zM<b9GRtjDw1|x#sIC97S8beD#@rVtV7XwagN_
zR_<N(Sxe1pMx4b)JY%DlG}aX9zce}WTKA7rTDhr}q(~+V`-`@Ec`E{%f=aoFbZ&c;
zsQ~*^v2f{p#z5YUt`C03hvr<-#HLTYeU*ikw=;kUz}7jQl>UoRYW@{hNH@@?%~?yr
zy1UtpzA~lUWc|-vbpZW2NyTP};E}TSKm+XpH=@jR#D%Ty*kikZui)|a?-7G@q$sNp
zUv_snq{rJ6)g|Yrgaa;8C~Al+?C)hYt5BZ!dMjU4G>ql%NwLfmUe;OkK_l&GYQTt-
z)p^Y|u0XqKtE+F<-xkl5J7B(YYL)JJs1S<pWE@jts`L}OcOP|#0Dm8G;R{SWZ#BRt
z`t<ief-UDac6yDkIAhpwQ|x0I>f931r(R|{60!Ac>3)q;V~21axR7$IcT#S-FLW%W
zL`opxu&Q!%>dKrLWToN!ETWl1yJ7xI&5b{Zs53CQk@e;Zm?9Wn5H;pCe#$5#!y#J-
z8f;n}wS$!;_keqn_@c24DTeV<0KbXi+z9Yq@cRK64EznbJ&pk_sBjfCuGpgrDF4&m
zmB&vb%fHO>$8_6}@>XC5O05!z<`9)_W)8wgLgo}&8Z9IBOS2Eg>{YWK=c~&{AD;Hz
zRXwSlc{f0WotC3<DqmyqlC}0zfYRT^l;|}L!jN8-rxL7f0^VYZBy>aXcD7^|bKz?z
zBo)nVbT9Y`QMoZj%&#bMZ}K*-d_`qZd*Y^BudDYFMXQ%0pvNG^l~mc;Lxpw{3>lW!
zJF0ris^{31iO#hlw~Nv!S+w?@O)k$b23t^Gh}S11tG)OHS_ITdo{`~r?CPo69|eYe
zifW?M<BWB?I=p!!_m8u@98oKK4C)VtzL9eM<~PNmQgmh~u*_Hcgxb5WICc0IaiFc%
z=!Dv1fUS)f7}|-)2o09P!#-GbKfy3~4}*{B^~GkBB*@P+NsdKCH%v&c!1;HvWLbE2
z%62{mp2x;B<-E*0ssqi4WU1X31O6<%yY87fYxewx=W#~b0ckmYlsd?Y{?YZWj5@o5
z=wkBhBx5kBdpJU!Ipiv2R$bjm231?3#p>l|s;J{M6?UxX$6pAJq0rwY5es$#tYrc$
z0wHHGPE*rQr1j+^R`Xq0$~P7yb2nmds1HGNaV}Na+vTNZ?afnHHB5LN{sY}^)P!z+
zWq1dcf^W&wfv6HH1gMzv+hpFfZ;jIhCTZna{|^n4Qu?)GtmsTJ;PA3JlU2U!1zJlW
zlNd$8u@zuT>H5JWhdL%;n=O`9wJWJ5Qy}~qIMwi#$i<94nl3j24Z3aoPP7xC1k&rj
zjQlBEKKA5hPf?mM!ofZsW1d;8>fL2H940PBE{2d}c<PV(c}8_l=?<|)qG7~WYrKzM
z2pCx<x6!V&r?<%wtbp++&#4uypoB-%pBaXdyYh)8C1-YJ39x$G;3dL}=QjCy)@(hS
z?8U$wuAr9EfGDZA(?m`_Vrl5DW<5!QoZYmRR$JEiJ=TA;Inf;|wCh?NnC*h^4&t@%
zUxanYbJ!xgjMsfdZR@L+Dm@rmZ~X9JS!f-~i@hozN2Y9}!#}&y4_O5~()-X@aKImo
z!yT>ENRHPN!v8^<Yr)Io5v8F)w*VN+WLbEp-8o>eXNh9xe$mS@RgcV7=R=!m#j>!*
z>F>%!;=vHa?4MDd`L{atAktSH?dlown~aHE;+7dqIVWxWi9{+VMijkUsVF$n+M@lE
z25oB|WXr$(*-uul)}=?p>eMo);9s#tdW=~S`s`bjW2qYm>BX2xHWY0l@*8aiGg{Pl
z+3U@TveR6zw=aA4M4-8$S@|kidY}H70(Ls<>D~5iH+`!(H{Y@Wv9u3PsZcK^F)dnn
zf$r(tCi$$q@=7|PItme@j0&p#H|~nv>gsJx18nWj;E0|{PvI%aRQ{$i*P}Cua0Q$9
zfPXqe)7RHGe;!268wzA@8)k7@R_l`US}Nz?SmP*_qMz>WaG{Z)OuSXBN0%Q;-WQ`a
zkJni?J|4t&lnK6S_ht4SH8rUgD<R&+BDGK4aq~fOTyaj<b|^Po>lH-35uZ?OwG#1+
zoIT1t?e}Gg*r-JXs~J&nSa`o=t2GAkY|Zw!9UnQTKm(=<9y!pbqzwjC^EuJFn=wry
zWd|v2+F#oWl;kQk|B^FFphV9(Q8LmJD}1Dn^;ki{LZjAe{kB{B2TuaJc-@(V54O%}
zhxb4cht*ZH))7g?YDEaHUe1h9akAIS-IsR(QteF0Y8)1)$%OyJ0{qQ~|Gk~s8B@RF
zQnA#u37dMhbG>NNPT{u^j;dA+|0uPx<MP$I-G9pKJa5*Mefq<Y{vD3uxxY!X^P}z1
z3gdnAW!C1>aF-LloUNUXAV}rg{M9cDi$13>pDHob2Mpi$&MSI-es*>EdpR?o#QyB+
zUVB$ko))UGX`?FF(v%d@9JA9nB3^ML!uWg5Wvac6n~V79D2V_C)t{nhQMMh-X^UX`
zz>9~wyIi46UYkyiE(^E?GLOYc2<uY-yOTo6&O$Ahn)vx7G4gzWp;p#tB7={r7i#N_
z{|UKpE`=xC9F{Pdykj&oq7m@p*i&qDE|i1f=y`>c4Ph1!DgyhYt)jqvz9(|#)F~OY
zC^M+`wN8LoNQK9wLAcYs6V0i=k@g*CeRrt%N(a|TpcST9t`@TR;NF!o#Ne6YUkawB
z^lxk)ys{f8%p-`u+9x?g9aK1KCvml`wD`sc2A#LyPw$s)(Aq876+4~whD}aacGv;m
zm~sDKu|+bWXZu2uBb^)Q?@s&gyQu5xAGf_5Fwi=I%}2j@fxbYzAeL43$9PxA;IoTg
zmdZUAe)9R=pQ$h1V!FJ;z^U9W*N80H!|x6qp9s_&Tn(niHl`V3hATmcyL&J4V<86G
z44n?=ajk`$(=$2Je<hFOTumCLE#QwKRtqnqm6-Zx9={e(P>h|Ey6EM%Aoq|cG1Qm!
zuT-()QBYRxx-#LEWe&`2!gn`blxR9=9H{oxzc(XkQR>Nq#W%JxdzOdgwVGF=Vg`Fp
z9^aGU3d#GtJ0e@E@ZdqgN6)NT;ZqsH$m%WsFa!UEpxYxxw}qKKW|j?rF2>p?9+)l+
zgqXMJI99Y-&<w+u^jR)sFy&lYdKnn1M}gQ6YobyuN$6>w2Zal*TSB@-%sEQMTd(z0
zq7sKnp9#l=CBXf9`D8miQDG^eJ336zct5ABAdH6o>Pj#T>CF&jdPizsiRHq5H?#f6
zme_@vt1B2?&-5wi)|;8NLjTplWQYGD6IE-!d5<~%H*)Q3ki|j1yU<f6re~l2#ObgZ
z)TvOK<>ctzS?uP_4c&1jM)xwC<zRXjy*@Si<xrb+t1VLe@URTNWl}JYnr69tya7z&
zEUj;`H#ROFXssc4K6P{e12voRUB4~!{($jx(z!NK=<AD-uD~2-3}fo}$o+GDIjEZj
zYxp0gasMx7D=vxsph^=pz!#PKJfXst9yRyOPl;_XT(Q7z#C(KEc(y@=EGOwnq2<!u
z@ZYOFuJ>t}g4{Mkp=`7`mGKwjUy1~NVq*8>E3Yr5ZgSg25ibPt6+y^kSJ=qe6@7EQ
zauB%KoLtp+(p^Qkx+9sRbnrD{=lv4Q*=K|pd+6Rc-CBe7ZJL8N1e?Y?T;RBRbHG!K
zX-x05s$V3qrp&(E%n$!AUs-aPk}Q;ij?eNDo}?k!wZT<$GofQ#W;_*SZJxtTKNK{~
zlcm_|pSAwE4Sq8b=;DezR;Cim9U`Cj<64n;GU{4%&~Mz`fh%UvD^5}-OcG;0F38R>
zH3N_Q-%agMhQm}CaPT;lw5nXKX17#vUpWpM>sKA$awWN)#Jltd?Srb_j~K>jzG+O=
zc$b8SUv}TO(wdzfKBZV}fpIL=9Ud24Q(g~3iHAHNjr*1Lj!PtQXe)HnPV?6_TdX|J
z3lONk50%>K`xMgDyiAH~5A%D&K;(aJiY+%OFgyqyR`R-`SoA-hmB~@5hq~!?(Yog@
zLY8Z3?HzBVvTy$W%gB_6Vzyb~c+!YtP@h(na*b=<EhBVh(YXLwL=g|Gde6<kz#;z-
zT%`K}Fgyk$<HzSs6vRc81Jdv&DDTl#cSxuy2a}LDUu?q0HpK->@j<w|6F?E($S1gK
zyO>bheeTEM0G`j#T4uzcj$=77LSFcJ&x_a9FXZ8>zQyRGq=eR@4^}&C*@`8RD)%Sj
zC?*_Dv6_Fj7n`kY!UzcLcb)~hBo?R&y6r5@)1#4zTB}8~tR?Fx`{QmU^%Zy}>bf(1
z@r9A>>B|)CkN!_{VPnL9;&c9cRN4Pe```a%^Wy)Z>aiU5QDlPB0TW-5qJ_l^fP-Ug
zvEIeA*>EIRQVl?LGx9qp&h<S}{0)hTh@h8{pvfE#U9ty%DmQdJSe%3S(0wZ50%N*o
zeLo5|tCkS_WrmhbBtihIWL$FilQ7Da5<C4_^6;zv@0P64J1?Smoz~xX{RRyL-fty4
z99q(U7U*HoX2@uRXzrID)yp;aZnG@Ro?kTR=2B8Gq>qSu6T-l>;uwp{9WjCv6*hwZ
zRMk>{BZRy-{-K*|6BV(%$w^|r4~-DLc3n~Rq4E>)I69^2o7x%PMhM?7Kw&f2`g$5v
zf*yZeN~YSWYor$E+z9;G1^%hZeeP7U>-LbXT2i<O+qM3YtzfV?mN$OLNJCB}pX@_m
zn5GRT{WEqTz@78n<6=)|NA$Mk{@NzD`}=%XclU~;P#u64w+(9zQ148}_-w11jn3jn
z68vSN*yee&eJngw&+e>2xTSdI9V(vycm;Wyb7=bB?)svgj3;R8Lopen|7_RiLV60n
zEdLC6C7DL1Y7Na<i`z@V+hsg&Si<C_W8ou;%nAOG7ZOoY)%E=p!yx-TIbBnHInf3I
zetqjeIr!Q8G6+zo{ok`ydGWCLX~B>&asSbO9xOAmJ2Ald6;sV6^wHS()fw$rm9cD4
z91tzZQJR+*1P}_jYz~nF*^2o&3$v!98zQb-Z%j=YYM0z8#rdB7(BXdpj^V&C;2e0?
zj{CNe=V%1#TJ6zLCQ;z7(r=v~C6yWlVlf@^)22y#bNO9rW+rU%mtwCq<HL=e=YzN&
z1>9RXKHJ{GYYo?N^Z%)go;gS{xZ$)9|JvC{EvC&*Rb}8`k0^yln|;h}^fGS))i)0Y
z?(V$(GLw`g&_L!|pT-&INxOKDayELdQ9ut&e(OhYNG=$_&IR?pwXoQ5Lrf$A&EInu
z?eFi$p%JU=_d_q)9I#f8luE5U2U#2~xl`4;IXD}&|EhPMFEAaokPf>GOe<Corw}cA
zC~GOIn)x25A<J%=E_6{amhzBlZoMT)(`BQIwfp<v(h`^#=_?=L@2v!3Mi7@~aDY`_
zVi+78*w>ywP!Hi?!2*H$a^op|VY`n!Th13I+`g}H$QRC9WacaW0Ku*Y^?)0*pcz0E
z&Jy!VSY0&*G697H?tK%l*;rXuZVp==ob?L}3!jsa{PjWDGcYn%%<(z2{Kyam7nVJZ
zY!zQxuM=Y#IoXdj+got@7XFjF;cQajN9dP>tk8qI(4*U1=3Y&=OYY6h*7q$I*!0w<
z;dMH#T7nvtv|yO1@Ws>tbMJ<*;ZSX^zw+1xvO7GoNGaD}<$zb4&qKA9os$J&tdqDV
z@?N(+bV=URX9nRKjRQ|PsQ6b2AJxGY##(bLpn&7`OG-T7z6F?{Om8^eqUjXh%|jb{
zsE`<I%NIqMTHa(&1v?KojJpC=X4K>70SCl54&cKT@;YGx(vsHp<|>D$9bAZmIfYy{
zaUNs~%=Z-6$;k;=O8k1TeHEpRs`^MNQVq{nbFGzWsEwd8))v(4hR<W_M!K)S!<sk^
zKMT-Y1~HT18-&nG7L#TlK_l3{auhXqSOcfw`>F;j%<ls02D|0EdaZpI^G~`%rGKiV
z5;y2y2;qbxub=p>n%1>bOxXI>3UZ`OSiZtAa6H??g1XzU-34ErZGT=1jm<Fq*MoCF
zTe3L6it8CW&~%-nm6U-QQq_4B3L=24J0bTyGJsiP7+O2C`+|=z3Bb>qs4$ZUz8#P_
z@@1Sr|7WZhAWrL+?5{8Ol>iR`uk4~k)n`?RCLskyP@xjjSOp>3m<dW2Z{~%~eEP@4
z<|}z2uf?|z$~7#|6PsAag_x8fRx60Kr;w)KwW9?6BN4Z}$XC)MS=PF(W%*ft9*kD_
z)C|tE+|qdrnJiHEJXz4hyTrIZjv~yi;I~=Cj6IJvHM2zZ#tQr)bxN~0V_JYG=v}$g
z+b4q2mXURSpZl}4vPu{j_`YSX=50-l(Q&?_`q`mASLJeuu&~lGI1<NvH&AyI$|<wE
z=o3ORyzP}3KFVz$xvg0Kv#d*2JMfhlw1^rEOC_!JhTTxT6z^DCN({%FsYf_-q)&{x
zSViFBvM`n5YugfN^6u3CjhLBuO}ghx`VLR3)r5d>>daVn{t*zZ?3@k2Qad#+sWgy<
zhK4?)p;48Q>FP$}V`0&=mtKSV<KhScqdbg&wL=;uMFR>0R!^2Hiz+w~;3(RSq-SOh
z<uU8w2GV_Zp`eRAO_wh@`AvK5Ec#YLx*CxsKcgq?Pa90b56If_Y027RBuC3Ley2~k
z6!l-N^$HtRfqv~TVBMLE($9#Fmn)H)-k+zsk|EaqRhJt`J(0JNMfmDYD)za5M9I-%
z7H3Nfe_NiJDDUbD5|k;o=(lt;W>{sZ3en10`>cZ=(hcrkI@}DtEA-X#_G6^B<-y<r
zQFcM>r?!Hphl~5ioCQO`cyT^w*b*<H?X_0=GsM9huVPaZtxhZN^UHiB=cA^FifhN2
zCS9_QRvAq3Y+2UZ!0)|}u7kq2pPEgqq&Uqq(=zOb00MmG2O#}w7Yq(LUfY<F^>iaU
zIy*C8<N!EQE61Kfj>{-UzQ^c5j&jVwTFrtzBL~NComDIuJ037tP1CVpi^&H$)7{@0
zgDgDVBwV@*!wjzNn;~)0-FA1ezp>J2KF931*t2$}UBSPPu7ls_|L0*PHRl3HQX{zS
zX4lt4ilyE*pI&E(8FG>R7%i_RZDRGW^L+zsIN)xdz=+D`HvC(_y%bl9O5ML-{u*qh
zdNh-de*0-mu0=?5a!ca=s^^$p$*bs}>fwWnGBmTQXQTmvW+5?$>ldut{!*1)jL&{P
z$ov8zD|29gqW0j8j0_q;)+Qq-_l$yKUOHY=G~iwg5TJX|=1c(94Ooja%kYbxsVD%c
zosg1JAKMf|T6Iu0%MwP~y*KBLc32;pThn;H+Xtedj(ovc7b=4(tqP$L?Wsq4fku&r
zI^t8MKkOTEZ8l9iywPT|*B{e^End9XyIE%h80;22DS5JM7gSK|9Y(}N+_&e02y4W@
z#!WD?sGUxiF`C~VO1)~rl|&Ss#aawQ5-L1m?c1L$<OKFv&pAQobKmwrYkvyCj@I}J
z2aTr}Pibd4usFy}7Kok*pQq3;TFx+c)V5;4DV)Uj-9(lBu}t|Bbb}IsFOIu@?#;@{
zS(KNz!pH{*nuyrgp3jAD^dmXqg8=k;H;|vsGaRZS92pT|GG3r~2ABvef^ASA^MaXg
zkp9tJ0yG6DrL|I!h=b?tTk;NtVV(0GW7REhhKhAQNNr#WAFVpHP5kNZE@^Okak242
z=6?BtB)04v-4vMK8b?d8n$xR!O$`CZce1W<p@SRA*6+P-QXEtUyVzY>DY^V!wWHk=
zw0mnwbAMbM@RiU4F6X%AE_TNs-qAK>jebZow6>i+DC|~d!r105(|sD|L&81oZi6j9
zbN!eHoNUDwe!GL3=WK{JG4Y2*r=eZVD6~cL^W3t`JRRVJq-f()iKP~uUj85uYC=Fn
zG+{|%DWH-FAh#xDWo2Ph0|LVYa7yA(O!~Jbq4}ypGJH=3Npo9wZQtL-y|44QCb-78
zYt2`DEDla4CeFG$MG~CcV&i@>A|?s7*nTDwO|#SyU!C&?QtWlX?o)f0-1^(AS!(~S
z^jq?~0ROLMm-u=@f2WDIgnx6ZK-q=5vN&!iCMCqs?k_7B(zxqBVarc@Kb8brd7UmG
z(ko9}A8s-wNkW_Bu<j1Ntn}%seTP?#m(qE|b9tO|9A=56J66C*QjBWYZn1)$s~}Ij
zw}ys><Js1SCg^nl77jLcK7cx`&7Kk!wNj04Vq$W(H5ROAUylyz?F0Z9cKuXMOz45V
zbJlkMkfd*)0lZ@3TG_iw22JJ#k9^$uWpyS+?Ay3TM%^egUTDRFMBA3%X9Ta11wS(x
zmuY(O;+yZOO7{NSU%!6(I`C@VT^ldDCg$dy<z6IA*b53d-ga(fgn)Nhp<0?1hlye$
z^WFdwfKhALmfAi&@G6tVY2Mi0uz4X}t@g6j2Kl5c%;|lR4iuZ`ZyP)=)Z+XnC7dZn
z><loDJX@Wp#MdlmitpTNB-My_FB~ia3rXLu-rTS#NPfW=#>K{l`$D9WU?LF;YFJd|
zH{MU-CI}yb8GN8)-mg}pfSK?1^XJcH0B<)-(g^w6DnCDe8_-fJIbvs?0n31#+ZYAF
zSKqU4TdjULQvgtSOiWd|SI7GtU^#O%zcAMqWmeB`u;1<2wFX%6WH-nX!t(E)f1B4+
z?G%wQD}V-j^cnwx4wlv4)gx-(Z)|~_@;mXzuH=0NiwTKkVYE0bWx2t3xtmi9_l>t|
zTa%T72HuF{x32eNP-hAva;f<@l>Ie$w?F>eiw@isAH582km2o{_Mcw2@et<EQ>+Bh
z3A>{N2-Q_XF9MwXyS~Tzk(uwq!?teon>YCQ{-P!ef>%|@q%U(2I{_Uz2zuxvEWsLI
zM+Un<pz9K8Mg2h7#cng*!|q5)sRRI;+&<Tt(D|(eV44g82%V7a3AgeOCsUt{#!5bM
zl}@)AITVS*`D$!%1aWpdDjbwpxk`MbhVDe8wx`P(D-6tTpBoHXLxf}gAc}T!nH}$=
zxW3mNjQPT$FzLQgCWgJQ0ZO|USra2Q2WPEp$@xZyKbp>Dvh5IXB-fICQ~F3vTkiZ^
zj?26xv?E%Ns87@}h!MOifw(Uo?G87rSR`;bR(It98vspU;k}NfFTYfZ)u`LGy#WW)
z@-X-l2zFhZJrod!SG|I&cE<%UoGjxB89=B#5KZ{a_Q98JtvQjC@<8mBu4gk812>)@
zCwO*tR)AN&fd_z7ArtfD29Q|l^vgsR{7;7kamcs>)6&{FXwcrOGUhXEA%pF+e*Y|3
zH(rvJuv&4t#@UvxdNHmx#@}k(XYHwsv$8fJ1V3&oGiagI(lqg}iV2_8=vZC7B{k;7
z4$YF2^Jt4d!B5+;61ulrs;zS;@l}N_gb^*VI?A7*zg6Y<fH7geEu|CEZzb;wb1Qy2
z+k|*&EyyzZLJkhC88US>)@`Nz;C{iEn|(QN)%eQz6tSSVD;~r-_EmI;jm(*Xg1B>z
z-kOY<M(AVjdD5#(OUlKpr#xSM#EGq+08;LY6OdEweb@r@P!@m`i-Ntbd=U~FIu1Z_
z0{gqL<8mOx9XM732(+(lXSpTiW}1Rn!GNa8GKn%HSSYdJ#RhR%*Aoo>xaS{T=7p}L
z3dk=Wx!X7w5^Ud-h(mW`VvXl}OqM5VcVq^qPgAmhNj1Kk^5dJFtcy7U=2vr?VI|yz
zV8eik_JGFt%Z>Z3wLibir#9H8dZgEKD!#KjRDbI0y(|R6$6qX#l}etV>D;24|H{$Z
zax`}kjbP7ha6i3l<NH^`UV!O;{Lr|dmHPZGWc0439Gu0530EZ(m<wo+sCo!1DFZO~
zJJNaGxSo(xQ>%bc?h7xzG<%;j0B1VC8($dp#@Y77b5c^wb?TlV9x#@lS;P)m&ku1H
zzZzCa&4`=N)^DID>|`z!PJ;v^FPPfGXs>LEKI#vp2V+K%`<2r&+R(J8O`!Fv$n@w4
zYaG=>1U6XI-mi*0i}N7E?#W_C#O9~I$WoDQnQ;`|<GCukG=He?rOUh<T{A=DpY1;P
zTsyo^Nk>Z&Zy$MuRTu*&vl)(WT}%WGhi_pqV!hulzaMZj?`Ht3G?kT&ZEal<W|Z^e
zItUO{@<2|6q(Ej29<|63z&>(q3jnbwo0~H=`(TcU?HG?(ry6F5SABEZVuRfTtoD&J
zhy?z2ST4mP9ukfr^W=rv8x&uE&ODSe3Q#GWdN;}O_Lfwe2;D`s@uK<b&k-lz)(J#k
zFww}JjO*UFVL~B~daTVXW;ak_*o!R0&dVqJV(uB=eiDSvt=*C7OrW``u2G+bN5h*%
zo=S@<wZ5PiOEJMh{nsrQ)#fG4XA~1Lqkb&`#w)Wk1jP8wsBrIB<75vh9RMG~`fNqR
z;ge^?#8YMd<n_8h<OCpW+qcjBZp^?F{okd6ADgbc*?8V?c7R5&NwwrLV3o-zTX@#`
zoALusC@o{7!~m-d4pq1yL(s2Vh;PmDW`JB*9W4>b!o|#=_o_dXV3c(1I5Rm*5(`vw
zl~MN|u}lNw7p+OGVD2g(_V^!~x95R}T=M~UBg2qTSC+E33r3O(!XZD71)nJj1#m#O
zD~F9h2kTaT>Jd?2ZVrQ;bqxq2pG2TowH(S}o)lAv#m3>;A%XsAKlDe)|5hkDx#bYe
z*<`HgqRitE3IN|b-g@qPaESm%NC1^~5#WCEk1ah;n)p&fDWb0Hn~_*{qFejPt3>F7
zZ{(xS`THdFjVj$PySKt{u_v<CTyLnH52%PSTUj<~d#{B5_Nc3t%wgcHua7Zi-QFAj
zUV!*CX9;<Kd&G)dhP9Oe?b{D?XM?49&T8u41l=dYOJ)OZpX1}%-PqK!f~Wjv?YLn%
zB12{BH#SR#I&QIdEcmD2^Y_)JG*wG9=N%aH*6FB_MHd)w2;oO(0{c68BnI;;=GVr@
zX$ri6A_Wj0UT_V(Z=SXCp<>t_1g0WzO1!A|147k&@9PiwIp-g5oW1i<ZHn(BgLxo@
zG_(f}kV}WHfk4Z=3x6Wh)D++&618ErcWf*$uNe>_e-3b+aKdU@_ym4K9bh&yjekq_
zVT~31>3Uz1`5CMoQSV_EpE;F#WmsO$@m{t3Y++rvOa7XMqw=_qr4*XD-y2S$Cfq!}
zO^X!O90R1lbGwaO81&fa4TC?B&4|_v7zn)KN*+6t5r6)0OUh1O1EHgy0A$0iZDMMw
zyryPyF2fh9jWb<BIU&gmO~fh;{gC#(DyqU~jpr*4rKOcI^|zWEe1S4#@r#IZ>|NW+
zwQR{(;73d%3|WiTwNrDOl9G$yER49VBL!z9edUM%@@nG?@W3}2nGX`@F(M1!?De3Q
zF0Y)MfpF{~Xn!Kh?yVb>h=>T?bg#8NwTSD_Q#><39;2M?&Rp1oO0uRoMS32tZIW}r
z-;Rv!_HY6d#(%(izeB`h)0Z0iU04=-Aw$RaPJDZWi}|^_stxH<1<?m5trmn+7|+Do
zk5_!rh7rMcR62J_6Z1NvGUL2Gh@kNo#PIM{Dpo<)(|<o?6|*A)5g|$9EM{jMpj3Sa
zsu3(S6h8m))=GM}p;NnCv5l?(hJQ<uqM$V1M~C&rusn5q{A2DyXGcfSm$bbp0O<RV
zt{==|rxGI3xqE)ilXuMucB6EZS2JzA%6Y7PIcBoK*Cul}fwmP84B3Zkm20V@4h?&N
z7;3@}`J3F48v#iZD5rh<?if8c_d(5P>R@LIW14y=c2v<T!$a$Bs3a@+(dOPL76A+f
zzlgg<&TKlr8h`!@L-BpdZqO6s3hmqHiVFaM)~3rsI<M7i&F@$}{o2PHRsO8%zObC@
zQaDv^>!BH8w^m-(G}mef+|M3c+_0lRx%`GF18D1c<8FkoM6G60&bq_leLrYyQcd_b
z44Jv?^Q&xkNcgqn?ZAJoQRW=DWbW=^y~c)~nDGHazWXWXBIq#2DwgQ_!_q{h?Bj??
zsb^IWR&9W*2C@%m5ae?g4v6`20JNqD;7#$h=X&{a`S$A6Ke|tFqsnB}$F(bd&qt&K
zss;ikQ;(z2lWfOUV3Y)I6@_uRkDK=wJwN?|>>DB7qJU9(Mr7*6RNM&JN8WYQ1Eb2M
zdvl`DdgE)4JoL*1Mo~R^IZ%(~a*^h*+1t$iVg>bLGA5~#($dnAkYxb3@Rm$vLBO=@
zN$!Gbj#xjSzTT0=I1E^KE{V(|M%~r=bz1IAFBbG}GM(og3Dt(q>N(B=6V>PJ)(!+7
zN_iuhau>wp4Sdg!<^7|3fcCH4+Z7zLX2Y_68vC_Bl9XF}coHe_IRjz`%aRznc5wdZ
z4cX+!-wtC~@ZVQg+UcvwX1wdB!_uVz^}=iV`V<%#d|^)oW?g}$spoLs{A3k|y!ZI0
zGM<VLi`p|=-yyM=JQT2`iBRmr>Euz&`+oRE<)Q7F8D9%47}qMI(s^wu-`5`2Xjej;
zf2<;GS9g$|mmWXa3BQ;UotL9Ge7M4MJXB{=3fV6~+;xM-E{n1Rq`~%%yQmU^Vf(%_
zp!V=8D&k<Kmzo+H?{##xU3^@t4$<9%HJzRR0^I>nmYZu??W_l^*Kiwp5s$0oTSU5x
ziCU13XP6sR#|%Z1doFrg@(VwOFa{Lv{}T(~J_H)mR}!{sqL-vObXi!*Hgf#6UPqf>
zpW;043Az0Pg4kuYi1)`QiXbpDtnBZLf&a0aF6$Z<|CHJAP)0N#FW?u8%{2hF&P^Z`
z9jy?sr{64+5E6bhA@h%B<_64~W6h0+)p)u-u5m!U*{h<X-3K>i^hN;}&HvQ1BJT4{
zWER2EE1n5GHRGH4s7hI`UW?WMT|TOBt_DZ4f@5X`IYUjvP5tbRW(L%|lO}q07sh)2
zTt1ShEoU1z{`WJ7NQc7_)YXQO#^Zp)=1Tk_9PT~3H>J7+(sVWz?hAj{3jZ=WI3;@a
zmoWX_tt#G~Hh5-b4J6rL3pg!ax?L;j%R`^(IJ0y8H6Ki<{*KP{=5bdGE;siL_s#W9
zFde=1NZ_cWRj6=oK*lwBSH5rqVkpaJ<P=TanXr!@0#=>~6SI8#!6ldz;{#UziX(y9
zvxslK%BzC_kxWDdU?!*Gt*4=$nA2$p@zs}_uw3Oy+#Tb|rgop1iQqw!j_u#e_qw{L
zK;<Rw!Pd6R|Gt|IpHA4V@mnNcS~7H1wu0A3auJ!);^(gX^Dr#KpeyY=TTR3E$4T4K
zZn{@10Hed@oxf?8`$syqSFad)_$YAoIY~it`cl2F7tZh0BX|tTV`8nTp8aN^-8SE)
zTy_@m8rpm+QdF7R_-%2_skHgw?z~1Rb5AUu?n(gyT35;1m_a7`<#XtSZ25%e8k?>x
z-j|UM;zFLnp9(*sq%=CP5F1)d&%Ro0TSzewJo)2jvZeaczm+ySJ6p_(?`!P#9@aN1
zXEtfBC+NOXXSH&0WienJ%(_e+cV|NIyu}=|g!&z%1EhflqDd2;q=ek(kso=D&A8^k
zqnSr}vc)3;JF~m3>CNl|2*T#`)w^<mDiwtY4~7iMUvJ`hI(<H3hmfm$H}fV!GesjU
z!>2y=X>-k57Nm`g<n}&S$FgcrjDK4GH{tf1x3O_xuW}hs)a9L45s}&a!4?&9KJah$
zre8L!89s8H)=%uJ?4a5oI^303)13TIVH*4i%{`gc`2YOnYDgp#<?;Ud&;Q4o2qLqN
zuUkXl=fte8JmK$z>}xa0@)K9joLyWZD#pe>03Sanc6(TnOM}2Hl-_x)zh0*IY|~M5
zFucOph7yzxe4evS^Q5?_35siP&!KhTg9uu=(bR{Z3GWO2bGuZFi@9ecJ+IOy1E|Ug
zu0?28Dj<S={LedI(tt4Ajk(REEp(osJ<j2clmu8>;`+_$%`k!=0Y>8)->o#Ln9g6a
z1SXTdG`C6FUOqf0Yir|=Z)uTcjSX9AJ@n}x(IXhnR=-+&jsqsafI<S@Tbk=Z&nT!O
zP}V|0J&yiENOW~HVuB||UeWr=0M<D%?kxo9wBkdjU#{5Cx=LpWe~j{KT%xJ*+t&YX
zMnS&QG|I7QuqGj7drP8F09@Eh7*+d8o=syPl{}-rl_nS3@Kb0#z(Z%qG5WMI@ms95
zd1)VBGp|e6LCBoyVe|24*>^g9NQqT}j=k>)sOR%O-De`kGwn9DN0~UXvIGV=dCwvN
z|3lBWj!{v@pSyrVg3xSDEP(z8@UCsyAEd!3ZT2g*CAicRea2dGq6?R2A~d|fP1baa
zsBoUlbQlG%t1_dRfyC9%wCRCEQv#r%HrVi8wDta(NQ}Jx{Zmu+&r_#qShBJt|9Tk&
z&e-!=FeH7juaB<BRsi^VqdYN5lT^Yymb7pWo^YTCjuz__yoRW)MhZX&<#vJ|n+}<*
zAh!8{s(%hKadqu_LX&|pef>&Z+QR@HB|8yTgab69Ggm4{Em!~*l>T1Be5?^A`F)2<
zq-*2e5bN{xpiWh*Jzvj4GZB}Q=R7={?s2*7Bj_SU@$KeTgl1oz{6VjPX5e`J${=%D
zFtei1iQOLJc>gY(r!o=hvo`ja{OW7^oC>gj*VW_T>UDYQd)avmU!mwfzpWx}B6vbg
zHg6H2=;-f1emug(#r51ww*nZG(Tq(6hoQ|rW8>pN#@yi@9nyemj;f<Wln4O;zMKGl
zw37Q$ew*p#F?rhT3oCe##;X@S9d5tVu*Ya7ieqWSBO#JVDy<S?YisM-1~)c<umsCE
zukHeXp&gx@!}{?)9N<<EJ8DB!P|fjtbqjEfb$)L0uI-s=xu_nLl$>FDed6u}ih^-5
z9ltJ0^p&9XKS|7eQ!-@=0Do%N*pfd`vb-s8_20b&@YRmGh}4b}MDrPFC9!5NfA14>
zneDiW90LHGd4+}OIGx{r{dx+}u(U2ZvFyxPzxE=H$b^SndXi5l{wPyN5%M^olDOVt
zB#V&)IEdDMgwZ@*;O8CxXt8duy2j~`J<&6tMkDNuMiPY%bf)ffMD&B69yZG8?ztxb
z+d4Kj_9$M#b;;NJcvW@})=KN$Oap*m)*<h2K4_6N#6t8Hh!bhkVtk(6K$R#aiV=n>
z78SO0e+Lmz?KCyizoWA4kLb2mJ-&kS7$P2akQW3`2+XK@hqn*!=OF%}EiEl^6#()q
zH2~!Pv$*)HGIJ-udv{b~boUfEkRaN*aiZlIyG(h20M>vjtEbr5R%ewi^!jY$j%q(P
zrTKbYe>F6S0KP{|FE6j3Wo13Z>fobB*d3m*uyEhNKnH*ig;qHiU2QYdVJq+u{s2gj
z%j=oe*f(@2!1dBnc6I~r!fBM^_XvH0@cxOfFeQHwTv{x8dy*?E*Z-QeN_SsVve9~?
zs3fx3hL1wO&T-|$Z4fhb^c){0NQ`T~XE3b=NS_h%yXJeC1G$i}wO&y0n$W|y=W)(X
z@QA<kI`~Y)WhTNp={7$x5j<n)gA2gxYPb4}1LwhrR3m?K*xi9gr^H!!0Tba>v-8zf
zb8SNd1pu4n3DDHUXJ^L%t!x4qU%Atj>EY_lh9D#4_00QXjoCjYs5`s6#{+ET%UAH+
zu#bv{bf5wz`YTxMpj!EaO|NT%50|wB$4ffe%org;F9{3Zs!THC)-6+l<o62u{8w?A
znNdKT=qdnYx^;Ni`U;>)3_3Y+UIch`QJCH1t7>XG%wN;<^ApSE69V|Yb%3**00*P|
z)wSRfWF*9qmaaoQBm;YlYND8el9HYzssbR`D<~?GewAzrfclY9QGFZS0Qh!0frG;F
z=v#bxf+x#|_XmfZNYOvKzkv^-UG<sppkbHuNr*HQa^gbewK94LM_?-gqraZ2oUIxL
z@M=giC$_IR>fg^j1hk%8-K~<g2FftBXYkv24(4L1Q}Okk=GlowTdS(#QBY9C0i#v!
zw{HV9|8cgs4+*~5(HmQRut}^N+AXmAor#D8zUiQLIvT&T4@t?%^sKB{0K}mLr+!@^
zV0{lsy$zwdg2f4bJ#1!(-#STq$COaAsa`S_36L^|WT{b7P!K#p`{Q@x&TiB~1!SDe
z0zPU$?EnE-#>WY*aW9O(&^N1w-~yiE{(dPxzdJVsl-Fux`70(3-3S;U72e=L(vcR;
z*5tyLCjPUxq;eWC^mGu*#(tBh@j^p!1o(b-O#u>VbQEC0rYSSy;NdX<JdRI89=974
z0Bh8}ks2VbW54y61maeXs>}Uwf!)v~z`g9-f)k&Zn3z?oVA5APUY-=E-o@B$jeuj)
z0H-OWBsVvTao(w}p&<=Gb=*Bz5g$(o7+?nt=5RtIR)eiZvf2S+Iy^vb={YnL1BjT*
zc9eph2?3xVFsbNa^n+mh2%gP|UavvM#WYp#oBi7OgoL2(DAF}x?$9H%pio0scXv|&
zIyp|EPgInFb4VK9=YZ<y(yXa)+{h!EZ1A#@x@m*ZUir5c8zAi_ci7y#03YvztPJZU
zWSn93Qa-0%zp~@pvwz_+dNo1?0jn<!xrykk*`Iiht-}K=Dk|!guU_e=1&H>B_8jv$
zq@y&3;Srg^`aRQX#fmc30xl|Z4Pp&Mb5&{9vYKKi#>Y|g)2*)Bc-D8%(ken`cvQaJ
z1d^G(z7#e^|3<4G)%~~?MtcI?brmU}FPs6QTSi7y0l5_dyW$&4dlx!_>X}um@$yx|
zzgCNCwur3nyVvJWw5r6Ax2Gt~k=K5^da$53bb%0fC!l67yEj$<WP?>zRo~0X@BnD-
z-qhCHjX#o<xWHkt>Aq!JO<v0TNYh20wY*+g1PCtxAe;ZV@6VUC#GwQ(+4nxMS%!C;
z+Ah@Kwsn!l0~C#Kf4rxYl%xef_k;n^y&!-H`$#K_DeDLJtvl<p*0a~)!2@fiqZ&VY
z&W6%?x3;$0Ce$QjYH9>lAv9v11nh$+7aHEo-*Tx|&k@y42%pvF+LYez@5N=*>e;Fu
zOE%1;Ubp@MLq_0?(20rGmq9HazE2AL*kE&Y;WPToOIvOkxw)VRfAi5w=j>k#Y+!Mr
z92qHvm_uIpi>mpRuLTg&>4RZ9BQT&5fH%4ucNm;w6RV^eYf(qC>pRaYZAg}jZSB^I
z7WAWBqZi|zB)F)-U76*uS-rfm-yqen9Pz9ByPCum8vCGOt=`LwZw9$CqUezs{PQZ&
zz=<nXu)9NR9)RjxiI=DOs?XV5?tjiUYbyYVjlIQsB9O%OOTe~t)W-;VLr0)ryY+0x
z3jVGR5qW4vWSh38GDbE*#G<;4A8?8KuuPVN@ePS97xq233sa4`$&Sv;1E_&r423yI
z4tbS}6b80Z31Cg%o`lT<3JvrG4`Ik-0$md(EMnFyjV=a05I{-y-q0`>V6z4k5fmc%
z`y!GLv@|qwN=n!%Tt*UBy#f&(laX)I7|mV2;#LY#vzdu_-MW8~NJQ$<5p?yqQCKRc
zbN9w<2ED{PXr3?t@6MFVOG!NfCRRuQ5)mN(=@Ti+k(M3?imwTj?GXfF_~GBZNMunn
zh2)3>KC-sA_~Ndb(R{gvKGbUWFvn^<#$kDF-$y8q292_5P~HILD}b|vnLu^R*g7&t
zmxTV;sdXBUY}#&Uo+<U+jM9sw{%nCCXu<72#c<DV?k)jd&M?42I%vch8Wsky`5GBJ
zIuZbK2B5WV16c8Z>G|NJ8BAPvm2CVxwkVbzQ>ay#6&?a3ZBQkInR%~vVFB2sqA$6)
zdIejKV@jY={rF{o|85r8Z8go*jf_A=Ma;mGLI>F7Qd|EV^&ip)jIP|csJ?%N{`Qq4
z)e{skl4hnDYhVb0!{+?L!f_|<{n5!T%nME(-o5(&wDy&4aRlAAgS!S9+%<S`2oAv^
z1P|`+u7kT1+#$FV9D-YLhu{_<xCMvXyyu>C&kwjf{e_vD?&^|VTh`udR6r7)R4^RS
z&X~V8ou^zCIY<@+3Hq@^gA|!UbI(nL)T_UIS3wF8aZqb!3+e%-%fpwc5)v(zrRtO>
z<DR#7)8RWgVEx5`3+$;K%B4IptDfz8Ug;Xx+$0Bw_5{EnOaZzdAi}Ov+UevIERZHq
ze4G@a@$+AhfOosxmFal?w~{*K^0%+U;p%X=u6E?qA!(@ZPDk)Om;syF@V--#A{kn!
zR|gXngzA6AU@8AimWDUB{dE2PH`$usxH#kY$rPPopzaHSToqO7X~2ff2X^>2f=BM;
z&{0yM4DnEp2}eGlm6|mW0Km34)D)oSTwY$1V<Jw?&xb55s9Q8@TW}J>LPJ#obj-hV
zv)^z1ghldPcO*}AI_DK*g}?9c3-5pONfYw^#{?8PCjmAG4i3)d`Bubl6stx;fGOu~
z!LxC41_RnCaF7@Q6AY^Ly0HS7=km(RkYHe7N~@{{0H#Zj{11h_s1*gh&3BRazKI0#
zitxthx+sjB7m%H@QKc4kW?+^VyIyW8^j20^qu(ek0e?D(_BUCsus<n)M0s-ic%LMa
zwiY0oo;4&7N?<}F6%!JwK`3C;t*2yIO<S0o%PTI1FHy=JJgVtJ@7lm9oDK)ru0a1e
zpMMXb(CpgrI8#XW_G}{iZa6$X#YYtQpJk7@md{%`{+(mEzP>i_@Bq87IwI7dAmHKO
z-z5f?+*_+evJt>fdJLznoCQSho$>nuM^j0*(&*@DO@@+2m39d3d-cu2IHBG*T^|tg
z4-Z~|wxOz_ag`_l((L^ar-66}Or$z!V(Q9rY9ESf+g^w!#!^864IrJaX}?wch>Uk~
zpNzC9q}PAuBl|f)0zarUm@;+Lur9dTfBV9tpdKi63Wzc4f2V6vfcOP`6mMGgy7yV9
z&fH~LNzU7o9Ra@TH|f6KK>!fZE=K#gvB=wAcryR|eW9309bxbx*bjN%`H=$qs)2WY
zeLdEI4Y6i1N=c~I$<GHU$_~&p_fAa#<ei0uFeD@-sc$sf^eilcJ8{CX01G%6U`h{_
z{ob~^7Rsvl{$8e7dhiUIEGY%~>9Fs)F;J1Nd$z02!C3ptm!Q4TRQ(tGBp``4GBQ39
zplITCIlzPt0CC%|kIDU9oK8Y1=3sat34#Jeh(WESahr_oJ6$w^IoHxo0ioO7ABzpr
zY<FXRIi7q$1sUz|b0t|1hbJX@jKY98OekH_#f6!hz5i$G__?`50hj~DhY#=GC=37y
z%aGi9l9cVPw|z$NhPQpFW(bS-0WGFm%{vam>zdiJD@$*00YDJ24gnMRSyM9{kpG5&
zDhZH3u(FVy?Oq*hl#WVAe~<W6-TFzoUbR~glcV1w3#1e!%Hwoq3Wf)CtN~xZYPolv
z&QancYBdllVtm2QFGVyCtW%~BDe$;l_-e0v(_>f;948gS6BB><3h(9?7D53&hp=cM
z4zN`>ba$k3Jza4Fwm^UGIXbo15X&AqOI`PvUn%OV;}O#*;=`4FTGp@HX2xIB_ebEx
zY$Gq+JmH~W**_a~7rgRw!pzx!VQ_KigD-l0z+HE`KNt3oewkf#SAm6i|9mBrW~JX|
zPW4#uexQ#1d3hCIm$moa;Z^tr(yT+et{b+|tgG)r1XBF?IqDbj1Dqx8zaJJCOWye6
zgQqMq17S+%&Ad0~`Da_V8HE(aC3cTAjPnB>d)SlzP>BbOU0<;{+}szK@6P2|&r`=T
z{n2#zF*$ZUj%~@?v$}M)(|+8%V>=VZ=WlU<Ilrs9R|qel491Hu#{RXN)U7N}>(}nq
z|DiMIDcHoyT3LvGZns2R{o^aw$L(*P!K*@g={;vnZrsAT#80zHzE<$X$0F@`UsZ>{
z5`yxE$0!E}8>s}%us7s0rj+iWM7|}B8q<n6BH#a<vZUNlDy`6+N^t+JUUbpEQo+j?
z20r?Mc9ACI({6A`G02#V;xPs*g6t`Tn{nX7|Hbd4r%*_S&{*C!{+nY$*2{~ZoxAlU
zEn|IY3Cy1IP4Z=i2VbRr#JthfH{Y5}dGQ0<yPxr}P_8elBz&ln%JO~>#Jn5B#<UmX
z8_T$tT?kN!e@a^fWn@|IQARAx4@fNMZlZ&BS?&J@h6tKLGyNjpz*j^M6^d2RJ=><Y
z%t1Et<nH<uiB~q<sHyn(tH&7iPhHNN5Ommpy)v4PKiJZAlO>gZ1mn{CdCYz!fl*BU
zmyF-tjnDPExsK1>Rn{OPKzgPY2BU`h0ygC!^yTN^e7Ck0>*8y|UVLoYCvQRgez{??
zO6Z}uD_|&4e*C~T-df*jjsGn10?j$+6AO4*Gk>P84hpRTP0O7}1Z*)}l8)3qYY6Zd
zp^+eR7;fyeDp%2x^?c0x*ay7rNmfK{R4~%p<0MY8jlxfguMXwwezQg88?GBiM!NpT
znFUyK@zP@WB0n^lK3n1v+cV*z5XVk^0tJgvaBy&VjMFj8K_xJ`G{4X6L2FK0EepwD
zvvcS%MR^u-6oa?adJ@XU!^fp4rJVDcLG2+cmc!$s$RiM&0=K2$QQ?W}^aE?e)s9p`
zCO@uY$;H?~VEB`1Dbh|GdrM`$`>F#a#ayfNq9{l5r990Hb^c@gb%t(j+i*xi8B!-L
z!r*cK23;9M(v!A}>+IJTlyJCM?-Om!wQK%t#Ttbuc8!BmT@}T^OI1Gs!#V;<2=z4#
z$zXvfn@%bdGKiebvU>?hvIlNE;x?^d8|Q85AP+ej#<3^3btr2DuZVuj$Uu(WX-4B4
zt&<+5T2z~|MpV)*8x3Via93uSH8tS#D?yf`hfRsk{c*3o;xR@mbgz^}j)0G+&@m)v
z1P5J&o9JGB@aW|Ud}En0@`)d3`Q8BTi8~zEiOH&A<aT|~&`Z^ZAEABZ<`%E)JLaX&
z8E!rFT=}qo24T!@A;(;B5S4jEo#Y4#xrwLU?if;l&7}_`IREO<MWWO2&+L!?)pJEr
zsQa?9?{cZY>JxHx4XGA~hAiTZelh(PpPTcKYi0*|mY_|-E-14(dBYev3HH4Pws8PV
zzCfX}#$8-O^Q-e`tMSav@TZWXTbz&8Y$OWr?s?Y&aT^8AoCZRBIgO69)tzklta^uZ
zckd6^o&4OF6@SNTNk(^ma0u>_*q$4r+TC%v{ZsviJ&6H%_^K@L#F+G5gwjj3@vgx#
z?fPY2X{*TFSqKo=Bd4G}E4}uHpqxKG3!38y1AcigZ*k!sb1*z0QUO<azJVh@xOc7c
z@fiH{6V!z?fYm(vsk*8kgpz7{nK_j!y-*__UpvZFdlrZ2b$B71m^Tjp8Zl+N8e~A;
zYKsE+!0C1LU_u?vPWb=vJqeLb5)5E8_XXsm6m1`(Mp_qM(Ogwu$|EA)t}kXtZRTGw
zBn<5JQHa^nz>C^^%^G)>dUyJ(3l6$B_(6Mv?)>hsGqr!aac4@}cNp9UT0vg8$eM=r
zKlFm2eav+lf5a>@mhEq`+4PbY2m;@|x7*<Y{Oz1=U<sP6jt)V3oLxftpr9Z@vv>Nx
ze-E!j&|o87Ufxw{u`^VVqg|?Eu?zhsdUz6oyXN{E&R!=Esf4~vdTpitS`Y3KbgHni
zr#fMj+J596n<&GfF_FW&N*%+|8laJurDJ8W5;&NUPjnC{p&l6-X8hCaab5J+hbuDK
z$f%<_7w>}Z-Zv@*ESH4zIlJZ$d*=J{52K%{saPfEW2UQ(sJqTyv%qri7(ZugO&D`)
zINZyD;O?)|4ImRG)H4fg0wqP|5w|G?+u*l-p(2BHA9U5~{G$PF1kiya>Kx7vvy356
z1G|z@a&#8V^oghNm!D%h2FgHv#vEVR<(GEkUwAgQ+0*Z~y<cIBqSxw8x3OF~*-$V0
zh|Sxs89r8v%=m88v!`?!na&L+LpkVc@w2~d+z`GbMtrd6Oxpi$`~7gb{U)%-x79lQ
z;`P)gZpdbPl*l(1+jzxkF)(7gv>;kA7nx{%mp%0kyX8)ZPqPVb`Y~SObAssGIs*v8
zk)ZOI%m71a%&aYGS6f_MydQc6@P0ON^K-qY{kC8hM3tp6^&`W8EBF+WGVJ23et;m>
zoNTTMFSqc?ykwDjdCeVad#W8B`qNK{yGPo7w2^*Z83EKx0rRNXzw@9cT9=r5E~0KE
z@w06rL4Ayh*oE}g1x*bEmyh|@jdiF|G|g)R&QcoQrHo`My`8r~iXY+Sf56N)Dq4>5
z%F)-3bD+9aG4Ar@TMPbhKq<00IJyo>m<5B$_V@~y++{aH8$$oZv!@u=Ry+yid}!0o
zyR;L*Y|CU>afM}@zQ5Mq&Zn*I3%*Y_#47bo+X$w&LVpW<QQ+d>kblg6;%vyz4*-U&
zZ@FO?od7w6(#FtEXqQP<{2LX`;NfZBQ6njp|6Ni^czgpJ{}2xCNO?J?rbM;)p7)V0
zX+s3Y`o;<EV4!Dfyjnt3-z7y!2Xr}HNI&lyiA!gS(y&0M$sxfoL!4q&lS~EjOr4;(
zRP^hume=)zHfuI1`5+$SfTo(ri%)Nu+Ok}&j+T7%tNT9Ln;h(zdtqU3Qcj6cGvxQW
z2w*OS<`}+3c7$28_0Im#MKz@A`R<HCa)9q`|5TQ<=|=*d1cSzzl-;Bs+ROkDBm9EP
zdid+FdsQzvJa)IkJ472Zy13<j?!I`mXZ&H?m{hyi)9O5#g2!ec7_esF%OmBUD3AO@
zFYv6PufOGdgwA6uw9<#F72<l-6KC*Y1|5=w>ihAaMpz-5wf)wQw1L9ABg3c5<FFFG
z56|l?dydy=z&myLw#wX|d6zYvjg*!4jMux&nJn~V_nvB+ld%0fCv?^CX<4$aE~sB$
z@~6JTO*_>4Y$ZCRM%&Hb!c>FL6}h|YM3ET+Z^x-7zy=heB4a0`r=c-q%w2b~J2I6W
z0g33H2EN#1C#tW{=%@`TVkItCDy8EhqZCfZli^FA?;kW$zRdoLHB7g^eV@B=o~B@P
z)$zc{SE@{YKT-8W^G<5{uWNi51NGWdj}S0@wlV&z;?WT%PRUiVitYv0w)#z=0Y)c^
zLwv=5Z$Ex)HqIAtf)<ICfSiotou{EK|J#nCNB<)I5Tf4p!Fi^uu|qWaJ7Q98rw0{K
zexmN1JM=FfBORB^*B$oEr9skH|J^(Z_6t3gIl=!(^>4|^!9W3ZtQ`dfg(<6%H6d(C
zVB@v5i7i%uAOP_yH4V*08df@!R`iS-FpAkFgL#WnB>F+j@Tg6M5f}Ae8_4Bo{p)s;
z$hmL>Nd&?#Hp%{Vdo#FXhe~V<JK?+(>SOL4r;-JbbA20%9yXDs`Nf^Ma^dFVhxj0L
ziT_7}-Qg!`P|PmX=w7owQau|6=Us9Rbx+c$bNGeEWK5nXwM$Hv#HDB$I+-grKQDYh
zSLKMPm&!pKi;rCDcYk6lfQ;t9I080DLi8yI^-u0G$Kfx{gCs5jiqXl?aw!L2>rIGe
zOc?~tBnGL!Q))IQf$=$CNGns^T$9~Mp%x`se#ia&)I&Wm2v~hQQE!opD!_ha{1yoo
z25cr^g%$%mc9_OSbzp!naGN!qK(oFWBxAX|CThN3s8mWM^p|Q-LIqEaDDqCu3?65t
znW7f*^kemE=XDbp@!k6xeN1D~@6eH~Lxb!gGIHD-p+%^dbrWCOU&DrMjK1`pjkKc$
zUs9{C$-EShqUr0lV$vA8Aw1teJ<wd~qq}1pGhm}{=zRTU%su;PHK0qMkc5B#^03MZ
z>`CrtxeuQ1R*`H-8#-b_e~HoLPo5!>g1M3CFKNKNF<{8=?)?+=$<?8)Nw=8EA~USt
zR<Z@-H{|!~l^}78Q2`E)K)_PYX^13wvn{8k*G22C=F4lNET`kM7{v#w`1;xBF_xyh
z1RYmMa@RIsDq?lIj7R<mQkNt~^+*M=2@nOc3X9q0uK7S!H?ME;l!3QBFNCoU&M*j2
zpbc_;uzPJT9pfyNOFz^e#Ih#T%$~CRAbtqnuQVD;Z`KQwl%qc<g=IWzB|~<F?~+lV
z(x(~HuO35?YmuKsjobP5!MEcNj@-+ZG6KJhE_0CR)AMiW-HP2OTCSL<UHK=|L+;w(
zqwDB8k{TV^Ril|#hZi-M*d$@4C*Og-VI|r#^;l#zZfGuj__Qf~sO2p)#0gqEcFQeu
z)<CY%93?E+z=~X0)jF<RmAUb}Hyps%Rwo(`j$yKL3^Jjt_@M!SwyKvUn1+sSNPg?U
znz^%)&Bna$;r7u0;K?i#%0>G@IE7anl%`4}Ha`d$7@W=w0!>u49$4(BuZJk-G@Fj>
z8wrKyKQCzS;k2}*eW{z=;1tSNoe)$}hTEqme%^OY-O{Z))&*SMSbV&rU}uq&>$?;<
z`@>$C?tPqst!f^R&zZwF7g7u>$nwuH482QGym~gJ26KnVdemdg;t%OpAD(htn*O^F
z3N?8nX&yrZLd5(b`fl+@nR{|G7csw<=+FI_-S*JQgMdXL^vKWx+=%u>5V}X}GFG0x
zzI#enbWTwG?bN0FCR=B>#xMPScOc03@n6rL(?yz^3xH4ed17xJ_%P%M1V62pZkaNu
zov_NA@kFS1!fWoIZq!?{^++2cS=yIl+JxhUYa57zxK^Sl5|ZMUB;Qr2h+S6MQ-aOt
zGWG=~yM=RjqkICUKYRF{Q(dCKLWjTJll7Dv6;_WmQp=2J);&{%CnZMI@I6K0Z@Mjc
zjxn|!OTj3<{J}NK+T*Rf|IH%Z+hIPP%=m6AmnTJp85dLkYKknw&=EizFt%~3<G*b8
zsT=7GbKKph;!&vKW!|o<)<M7O+^dyJB5zxh^1p~{u5!P1Hby+Gi}%q#!jYnHYrj#6
zN=@ExvOu;t(Eqs^!~mG4osT5l-*~SW%t_#c9-!{wDnTy-uLSV}3w9onZCbz<Dgddf
zs~7x8_EGou@gWA>sGIDC2M>VndDA5^4jUH_ub{p@aVXkOM@vEI^8E<h3$YpN-+%E(
zJYzgV>sDbaih57K%9RT$Lsw0y@#ve^p=>&{!5CJJ=T8Uvo@4ZFg0FXzh#BMk9u9pE
z5w}dC-)dTM?;9&39K)s|NnL2O^QJlX+u!uNO{x5$Mzz#~F1ea7)23rq^wc0Edsap|
zA5I7Ledh*^rKWHCz3~kl;?FwW@k<Q6)u7@C)>=-!6V*|Lt+p!e%x%^D^`H1pv$EXo
zO<JD976EJArqn?x1a@q@W%a!1Rl`JrMX^iAv@o=*=<{cP*d6N068d%Ci=5AMf_=WP
zj~lOkKa%oFHRDrKfDo?`FLD0lH4!R2kbDm0!Cq#9C)a^Gi`UojQB0#I|A~{wj~Z7r
ziPD$L^MwlBI4t{6?4+>Mb&!%d{W2<?9n!hqj*$bmnNSYW$PnB47a-RcEgg{K#pcxl
z%sub`JKwNJZ3#Y9DoWsdo!XM%%<AOxyQd)~%$)!iE>+eSoWSIz*XF8UBR$GrQFKzK
z$oiT4#LvA1hjqnHUwFxgpXVp@TOD%1sq|_sJ1dhS#o^=GdSAYkB{_6xATS$3wJDrI
zMvwYZLM#Q%2Wy7@>2}kt<)5j6;%VM(#)Mht$0nc~Z6z~YIr<bKX}ce^7LD_RQYV9$
zwdViR{;yxOlGO00gNA+v591y8eDsDRT6NgD5X5V4i0gs)Ab~iBW(~><<z?Wr5BbZE
z^QKp9l0LcIr_CPx?qOqpq3@+clK4UNf0cHf_^7dw0OXTk&eYeXu+Y$MK>xln_C^@6
zA>nlZF*7sw^A0(-+^&1qIT+e3d}~c%l0i+#8nCE=({m@^wRU;l0lkx0=v{i<<R)_U
zZkuwpiw5t*qAvKi65pHFsYRzq#3w@gYcu-9#2DD*$I-xMW^Cd+U{-7PIJ-SLydLOp
zJwkN8z#Fmmzy6~dwzj^P`%62FBO9KG3qEOqWi|X%P+dW?$!qd0=}4!)A*rS_@-zuJ
z>9dr>(Kb8?@1u;pKmDP0O@vKXL8n8Iul0JO(En0WC(;k=Xx;N<GyOCdX6td)i^$G`
z#dbH|BwP7Dwhp=v)~XCST?|+8ueQNWh@XYJxkU&fvE6uhoPP<=-?9ebp-kUgtQ~B{
z;El=$@5<4y6UOQdL&IM%lZyjLY+wcR_rJK6BB4@2{Cl3VlqAVs5d)*h;`PZf`}{Y$
z0=|ODt{5cO=mGWg^A{5{v)&UoV-pitKmP-aTEIPi<s^ClaJpL9*`YsX08zP}g|Ehs
z;k}JBPRS0fYiy{oRGTQFKI0b6u6itp^CyR5`vguG&hXva3azC-V|0i)@nj;Swp`k=
zIvlW24Y#;Gn*4x<t^U_F=O?~#Ptc)oSGzmX&wn-U<QSpn?ol?K+Vjs2#k%pmcp{pr
zOo6u9J|}7}#5Ddruzd!HYb&+eIZIZbKW0m6F?#5*WRW!Wo?!T%eVnn+NktJ;@?8pD
zBn%68#OrRTKsld#aC%9Mgh*P3oVTp<T6e&@lV7`fNi1@*;s@vOKRS0Th_m2#2lh1J
zV(gTaBY2Gc{Zp4dfY`ET5XuUAnYv;SaBu^95Fzw}1*_oQ*AWP%{t?M-O~Z3EqTo*I
zZAB6Ss0#on0$hmj;{Fg4FgQ))(;%?7pKApIArbtdD^0dALkUqFL*<pds^CxKwb5-N
zV3laMulw@}b*$?xIBuUXK_=g5j7M`>5k|4RM2FZ8XJ~4zISu&RAtDF5`aKOdSAU1o
z9$Wp9yQmOF4A!co0a!>k;xL?#v6{LJ1L|)>P0pZx@0z#KA|ViXsK^al!-54Ze;ajN
z;mLs>9oR@)*e%IdGVhhlhJgaiHt8-;prN<TMhMVH(B?!4V@F3Jo*2uEtowqAYThJg
zbku?#tcd3BEZ2Aim2uqsGw*RMIjH4>F^%5(Icl)YlWvLpx{62*)OEH9+qKUx^sH>)
zrThJTSe}4(^x6okufF8yXPr1)U)~Od>K;ep`i6%5c`HNoFIlb@7Kr@W=x}gwK&Va7
z49o{$h|YdK+AR@^g7VZWE`ZZwP%=ADSu-|(UkT~CmVi4b^NwHll~-Pys9yFPCgP6$
zGz!SZj0gR-iOVL29HeX}S9cS!7f&<f2mA~i0NRd3=JoRGzE1kejR0)lvqSiHD_l)S
zpBG&iZRXXDm&{tOKoGg6Ug#XYKQarKkh@lG7U(bpC7+DA`;Ol8Qzo#5i}OWISgV6Y
za572Kij6-UTrB%PQ@=e;dPE;mwc*Fj@)tIQa#vGzuhc=tTC5~uHK9S#xQAwqmmB}P
z7-7k+Ud((*_8Dhr6)+W}Gp0+=!?Hy~qCf|OD?w_OG%ZDE;w8RmcWwOQ?^(1S>i8N6
zRYZN(y}8gy+(^BJ-kzjcOy7Gtz9H#FJcooF@eag?3u!`NyM3oWh|U!-d(*Aaf{Z!1
zpXQ{_-0y$qb_Wb!ydJvXH6?l6<b861StOvbt0JnD;Q;Q=DXT^>#%%d-1Gc=XDl}lp
zN-M^Wt9McB>gp~vm}5js880m|e3KQt+YA~W4v)*=pvF!|EaQ`zLQCIbOA=_;9Lzef
zB^H;;hvqQ#@m(UYVBb8q|7u7=<sJwF@+?Pm7t{**aSXQg77))8gR1@kJ2AmhOSMaP
z(UYThhv5TlCdsvQ?LzvY!}BNAr!Bt+d(49)l*cv$Khnh4E6MPvox&Xa2#K8FxhJ?O
zwCg@YMBO=@G<wE0=LcAhQATpPh#HI|nEj)R<=1Bn%^$n0Ga&NG;r@lL7w@9If!hR=
zZ>quH(?={w*z-4J?HD$S-8XOX8#PmF#N3>Gn3H{$^7~@l38#VE%9*RwsRTBYm5EB4
z`LLWSs6-^yaehavdeFNT7!gojsf4-neZ{K$!YbLs^wZ7Hx3sJ;)_6laOzqu2*MWMQ
zj?P0*)uKVSPc4=*xQJ#cy#g~xc3FbC9HFF$+8EurUC`38HTSB&Jz-bLa^S6xQC`JN
zg#t02>C&Q&^eziZEefJUaU|ojvQQhf(Xtis-9(3XF7jGi2>>Gsz-tMb@p=R1#-Mqw
zFMKYmOKO#j?00Mciju~2ldvm`l$_21Zd|BE5!2HEWt&S;B-cypW0IlJn%~~$y*%sP
zb>=sFC?%F4*6m%$n&1yE;#*)Fdhw@)pltm;L2D<6%|v_Ye8f~{q$t(-r60)CbG7Z?
zd(}G$!uR|H2ZFtHO1R!eiC3G5BP6*@RxNe9G9aD_*2TQ!&pzONAP9Ei<A{{=9CP?L
z(Q(5+(Q!}c6RfR~w0lU<@_g7O?j}Q^ls;a?6oL~q=j0Nr)ysmY_0jLC*b!`rjn~+E
zQ8&6xhVHt#EKcH}=zPYk5_vHgG+(Nl_lKdO^&5>+ALSmj3n4-u@GD>Rr{aC%BBaF6
z71f*UeanwwS2f$qgRclBxgAMhP^3w^hjE|#=S)7~ziI3vhY&9cALGs~{9r+D#LRz`
z^y-xHM2}bKFe2B>QJX@(P|>VUKFFq|PXhX|nPiXttdWthZzr8$sVZaXycHM~9)MIB
zk)VJMPEI71lrRA1TVuCWWpi^nfJr>;^z_tHze1&~)_4dV2dDpjw%VFr#Z=i0C<7ML
zXL*BdjR@84&`uzJB2`*n6#w4%O6JBO3M%*2o+$KpFBu99gt`&&D`|y<-Nn-#2Zu~@
zHdh@vCoiI#OR}aoA}EkfvG=P6Lh%nAo#<1yD}O)O(=$Ps*E-9lIv7MeCXpEw;gAk~
zp|-`bWU*{?H9J!I-&ni~p|!W`TPO-sIyS+KHK0rI8V#qz3lsY5wxmVIgu>(RqA{k`
z7mZ1B_Z-|`6LJa03EHuGowyl}7<HkTAmU^8?O8h##t(_{h2i7gXD@Cfr0cW6FuJ>N
zqcYzak=%qeW9B96JSWquI(AW+R9Hl6Ji&w|v2Wc)k6qZA1=6?~qvENe#`!F|iqSF1
zUMbL{v(o=He!tW?UO#8m%qAhjz&DFjGgV?jJVfYOmWtpC20@NKLRFWb3%N4ng^&BM
z%*0Oi0H%b)+EB57T{-9_n-%gti>$Gl-ij8$8c8aMe^;S+{~iTE1pqmQOQxtG034B#
znF-L=1Ijc2ark9iY@%I-hk!xa52Q0~QU9>ZVWgsh5pX}v;t>d}{x1EEf|->-y%24}
zk+p6V4B}-Xb;%|OGG2u<4aG6ivY88;u^x2vvggSVA_-o>@(aTU746D8KJKVpnSGjS
zlvvi<Wc;;7JR3kTi`5<t1(F)t+_)w6k)lcqku<=qt9yJuHG_QH^$K3s@Q=wG;CMbt
zWeVL6$sNli5nWU%oy}*V4;(On%-T@85x{`LM#3jp(fbS=MbfiT>I5T(<VUW3*Gd5c
zL3EaEBV<Kt-H@N5(SYLA<00L%f$Biplfj8;QeDKl$<Sj}{FnnCB)&uX)Z_^EYJZ1o
z#iu&6REpth*B@!`?}H>Pv<_34^kna(qEJlSPF9`%_Ws{ev)-a~Q?W<v#~hfz3v|cN
zLN@-9Le?#%LMX`?9c=`81<a58n~(e>$eMpb6%O&A99gS=U+TQj|1%z&XI)orQ@f07
zFlG#~jeZ;cw2RM(nYRIT>6>z25v2%;uF8~GkhcQ-VZ681*d`A5znCzKo(JF`!~#hQ
zY&{NfEA)|VV<sG1KziQ6@iD5mjZJw*1|d+wSF|d2B1|MkDhP0`xVX5C9ozuU>y{Sq
z?W!||iprl)8dVNVUIK*Zu42y9uwkYT7&jp0Iu;_+3Xc3=(G#iTbwcld$D$R!_FgL$
zLO~26Sp$qV9u7#!fA5$;epDS96kvUCw6T)h00Ihpik!&jUxk>*t5Al?Z7}eJnVW0R
z@IJXDIm;Lh#L!>4DQ;T#$;U>sXIG5^Ol@#(9&e3mUpR>e&j&o|nAg2{WO>$Old}#w
zgbTAz-h2=bM@o}Ge@7{6ylA)uf1><~9^;!}d3cECep;O7KDOmCa1eY-Xq8c_8S6`W
z@ASDib^^M0MD&B6&<DsZOUT&_Zv;$j6%(#-yFDNB7h_{bCzcznPv`nEX9j2Ij;Q>u
zA0E<6<eGOzwpsJ#39=EC=v<jST8+to-N`y39AT_!GpZewTjfg_5_t?f7(R^?(eHvV
zEmkRjZD_Fga?ua2dQYII6lI^A2Rfk`YixOK^LL-Se|z*6WQMu><0KS=r*kH;<N*1b
z^yBG1x+wr)dgJ5cQ%C0iOo>52tz~63wGaSgH|Dv|o;n%=AUSk8Jg}&?tV(sn>2Zwa
z%hi@z9F14qK4qfi@<6V_1g3R`k*|h1%|}Xxzh(u_sHG3HC<cgdHm}*QqO(2_-W&+=
zz(047;ZZ_~(3{m+h@;!JwnIZ3J~guCROOAr^<~=kyskeQtgM(nIUg6JZMvNX*A~M^
zyV%7Q!&a%^q5D8@ykKCpcsTwMrb`X-J+6>`{KL~NZFF@vrgQGO%6of(Z~#QZ#)1Ic
z%;K+_YRSXFmH01puz`H1wEImf)7}rTZA!!;)g{)0!gTS{b-UG%wO0G$nBm(M7SH1j
zUe9;)7jk#HSBQi|z4&@Lf7eyGaw;c!9(p;4|Fm4CE$<DGX-i#5T_H}OPa3%Q<kCwJ
zznG~3JZH8t{~3jn$rydEvw<@&jDl&xpK^z)w`MiHNdxZ2zJEA|VV%A8KX}{R^>t%)
zOy4q05Sj@I)5EGfDJ;WyRR5^}yoR>w9V~ZBKan`Q5EOZ?Zr>}{Bc1LEU@?_K1v|IP
z<v40l*nWg`4?G)$nG5BLQGYs58S1uqp(U5k0<^p0H${RA1(?6mnwl`hlFaG4iZUQU
z_A>xrK0dagrjh((nLlD8W^d2h*4{q7vf|w*T%*e9xMJIExLj|FH9|+~%86RAcSkNS
zuINF$TL{U=sTmVl-^MB0e^35J;*WTN+F8FtJCb;+JlHDtC+SpUqDn}M=~tv*R)6+C
zccs@73nK1+J%iZV!WeUJOik9WGzYA;U<J}d^+;Nn>l+wgzO?b*#gT-)_Ky&~-oxF;
z3qGPIe{Ghc&h?nnb0@~f@I`g@KZ}mlRZy$<`*2xdouH=*ozBQH5K&dAjjC%CTzn`P
z%EGyRK1pY4Vl-bESLid|7QXu~?jP69oBxxS$0}@{?>S+yjI`$0;K%P)bGwWQ1o`SG
zx>5*2Cks0w%}`;*mhZ@9BV?m<?W(%}mEWt`pGh4b2?lDgJY(%w>P}5=F3qdP;jc${
zJ82ZsR-vZP3=><Q5|Z_n{Dvn6^F@iz{)oW%E|C(GTYZPulxi0#Ep#!w;e)x}U@ywC
zfXr)eBXq;Mf^I)T3+sdjBa@J>1UCp3?sc?zCInw?ZYI!PU7!tmJ(&#rn$iN8*idh_
zkeRKG4JuILK-}G(=i1A63A%(D(D6b-LIA9OpzL=sCnpX70|#81DR85T$A17o8&Dg{
zp;gC$ml%M*vw=~;L_~eV!-&MO>B4H+vh+9wK%pce9=qtrg^L7(DeY<PMGS=sB=st9
zb>oa=S}C^(WJ^yOY1wz;)yX2%xFYm;kR31^6O4h8{BsUym4z%z9b*uUMN=x94Q(ZV
zF}lw*bGfe38mXV@^8FWOZw-c-dZV3VKh9QfFN6D?M?_LS<fcv-!}p;{yL*AUjfBUE
zk_MMoJ*Gu4BO?Z;96(k<-}B)}*G634Xh`=RZ{93b-ZV&8_uSo$VrnKbZ<@EFOI(>2
zuE{RsGP9jr54=&eL)F8^8J<EFmd~e;5moH(wrJ@EU!Tep)aF2u_@SO$NhU;^B}|zK
ziVhQ!-f{czeD3|xVdcajV;sC_X}EyeTS@@=*-XT8H0B;9PZKX)o9Bk6e(Hf~*&5Mq
zAW-Hz7r1uw@h)!^VwO#1<7k;k`3<%i_j>{Vdx8N5m0kKGWm#BhYygj-<>23T`v48a
z+X<DXt7l<LdYwjWF)!fY=t8_NRS9mGJYM?UxGRQ^p<cArIv%A=x({?ce{Csl?F8Yx
z=iHJr?v|V_>gb1bPRI&}MjronoB^5T;e@h$92yE4`jB{Bh%s&T7yWLGk`1(mA^57%
zaMBe-?JD0Ei@$w*Ul0a$c$z%eWhP|K4c6fWo1fm($K5VmU}1ufL~FO=L>93e9%5?;
zzRLvu5`;z8=*ew_{h90|k`R!`OAxIIUkeR+p7kL-54vdUZW-(W%0Omto)ffnN4o{i
zH$mzq?Sw*<;gdHax{K{0<9Wbp1mKvFZ8G>QIwH=_A6)oJ#&}vD$={ftw5tX~(TJ4!
zl%girqhmuwU9w05Jo}+C4c+unr2~5+_=OS%*&vj1ks0mC@4R?0Blb2aTK@TibgU2r
z*f5uc1;ZoO8?o?AwDKx(wo6{He^t3lyx{k@{%d=8!0QKF93ZqbXr@la_#1c@V;AVX
zn_wW|rj-)NPHU(sBeUm5FK`@-WpTc1TIaEet^R^8Vj7CNv7(wW)gB=I&y{o_b1iJj
z;zTOdm-qMK7~)WEsXR;nZOX@3z<XPmtvGhULl#`)Dco<I3UUtKpKa}}g|wl*#3)U#
ziQsU-0g?YwL<jzC3mY2=0BI*r`;O_u0W1z0YM)5Ha$ZvtUSne;`|Jr5Uh6Tb4!;28
zCklV`(P}LbRRcXIP@ql5l2WyDv}dL<B!1Yqa7U2|IgOc(gcmev9@g{kI&j{C@(SV8
zgB)!id3-Ly>3jd!Iop-)@&gta>{MG~Te{f%nirf(s=nGIslsd(3se|SFWQt<Pu3K>
z-_SBDHZGqdC8fd;ya~N8{4()u;qkqgu(WX^&s~3k=+z@GuFK)>WNq11Ot07Fj9k9f
zmF%#slko;{uaJ8Yf2c7ZrVE9N{Lbgm<|FX4{(z+@^6*rfGK}D7G0eH%1FDKKs{ui@
zn^ZnKYTj6w|DHzoybX*=0w1OP=d1r36^_ht3rkB;KrR7zDB$w>NmLQQhOe0tqEaRS
z6iWp_-soz<e@&?a9SdQyV+bvNN7oVnL(_TwXy;>nT_nv6&wkvW@B>f;G+joasY`y@
zy<jL{t|wq=3O^F(yrb(zM}?5gflf2;dI`!{)1lFOp5TB(AF{pPPBEqkvE#xrnvcuB
z8nZ;@&JD6vMQOJ~^|Lo|zZr)gt&cZ1$+x*8(fnZtgJb1I>|P8%?&jlQh?(nhIAxll
ziQ}~1-^ru0SOzgwu1wr~Ro&m*!VMYL7=LAnN#NiWip21W-AT%CIB-HO91?;yCw~B%
z8h&OP?RjNrCBjHukA2#`-<W1K8lyUIBn~Y(;-&rrRf~tVnd$i<mah*Pq$UKdh5@Pi
ziJ&|UoW5c}ZY&NL0$`T#^Yc$_Y+wMHIu{p?ODAry&^#BSZg_zF29RXRy1Fs-_4VPn
zm5LIvjyzthu?9sehz$!!VaqTj^WJ@*{@A;*OH=RV{YuF9apjIoF%wV8646zl95d%M
zdb&euA)0{7&Nh(xVIcLX=gz(oa;M-wqDoCwYk?(!aV&A!_LV|9Mt*uuVz*XvYIX^-
zCC6NA0dL52u*FG$xqH9<K5-;LMLGC#+}&X7l5jZL#eLD{(1wM$jWhV2ub0joADe-z
zxbf9y=wgW7CBFg|N-gD=P&(^N$4`<hGgPXz{8)#?w8VdfgWml{X|XuzgE*rSrlSAU
zn#*e?VCbc;R8H9(No;rg)Wa;D`u+UjaX%?<9MS*LvG#d?bJkUaQwVxVDxe!}qJ&4T
z0K|dc*X%>ra_MT2cmM>Hw*X{EWQOtc^D~fmHFR)5{|3TCM*uFJ>Q+xD$^_{=l`>^j
z)!@iTWE`9+Lihyk)xsf%W+<;1T(=~IYDcnFw~gqw_;E9KY5KkRELtf$N#w{BQ%Z9~
zlQu_X4c?55O$(dA=0>!!b2e}%RP;1xP%wxpx8V+ecB_+X#$(v^c@1;h23M9_se67g
z={refo12FBwZ}MyC(*(CptFPLVbjES?@O6ZJd&<8tlI>QVr?g?=sA$}lq2ERrXM!z
z%g-5`Hf`=Eespd$b{f>f6-3g~(4zQ7f=PC^sHK9J#GQ3wusrZuYfm8|o7A$$(iVjf
zE&ISZTI`71Xv{XC$J<zU*o;v!Em*~q<@A?UL_2=vK>0C^^QAYoR$doUz>5^D)Njlm
z=%OZzL5|=6ExgN|6iuii9MHfKR_PLK6M$>_zaCbPqG^k~d8_={Lj#WVO{Z2M83!nn
zxOwBXb#?Cw&)f_G!3xSqh^lVhK5pGUVxhv9oFw+uGXa1{AfPg5#f8VB6AmD|cK7x!
zu6bk~L`7EYA$G&aSEXopoiKV~WTdHNLhc|TC6J#z$WI?r)E~1)1T#S7Zh$-#E*Kkq
zn;J@`es`EfPSh<QSqsk6S>-9YO^OZillA*mlI-*AYjU<yDC0WN&W^#cTlW@d#|g>~
z1DuO-eh(30J6?i?gBD@=#Kw#!Z^<5Py&%$2iCsSswO^dU>)L35`8$W@;Nj7Lc%hrW
zJY>i&XmJZNxfi^+7r1dG)qNz{y)Vv&nf7mew3awng@Ia@M%5D~zWoRCGL7l5wx-xn
zGJ+^*AK|8j*GTFy4fi80LbM{;n4R$8N55!qI{whsCn%36(Yv5`x9bjoOn}0nL{E3Z
zN--OD`0B{7{->mXUtht#QxK6d{Hl<o#o|D!-4pb2r;p8R(D2_f`>C_R>VEL-S-|_v
z0J?)9;e*^J@pQ;m9;S2xgUo=6DTUprcEC4+C;*WL9~#Su5qOT#L|J+QDm)69<wOh^
zg`W6`9x#MHcm(QT={|#h5+Xmy{V7iH9wgx;k^*0p+SBF072k}i^I|lGA%o+(^X49r
zjMz8})2j&^F$tWv3R$!3>fi+`Ct@MOzRkN+Yj-^pZ)}h<eXs;2kTetqsFYS#j6fwS
zz_s3^(9~R9K)Z?2&B=`(wT|9C05{Y^WEX}{nrd(Kd6*2cco;N<1?pqp<b{XELP=0X
zOcx6-Qe{ZCB1pF4Q{hPLakBaGDvQK=aMSyd4K#U<=wr-(7XuGlsSa!7)_nrqp~tr1
z$cBd!NQ@9343U7BN=M~ZKx5%S2z>GhcdDn*s|7_XgHO6tdQt9t*sQ_~35bH$OoIEY
z0#>-u<7Sa^hhiX;7;$~*HEZahrrn6Jn2|J?qkHk?DtXeA5K1b*=teCv+k@aD7CdXn
zdg%Fs*7)DU%X3F-W=}2au<><*-5)p4AGU4~4BQ?J9PTML!Qs5{PFP_$5ukJ#Bb=h)
zIySXfI0hMdMGX<@v(C@^Xm?Y#GX@4eI8<&QT@*japE^c+lQ`V1ox^vqc^|WR3{e<p
zg@Y+}p^;Q1MuwBimE)5`LLzmTq$eaCWl4jXIu#2i&O-EsA$g7f%njyPs@oE7r-|yo
zwddV=pks{qHb;;l9|RYQ^00rprik-Strf9&H%Mk2szeXu-~z-oGvDHxkp=&AVI%rp
zi+;wD{O{|V$lIL%_kWU~RiWR`p8xd$QZV4>|6d=_V7?jn|L=qU4>x%6ry_F48BsMP
Q1Ob0Cl8O@5Vg`Z#2ej(YBLDyZ

literal 0
HcmV?d00001

diff --git a/docs/index.rst b/docs/index.rst
index 73d02ecc..e0f04bbc 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -40,6 +40,7 @@ OpenWISP architecture.
     user/saml.rst
     user/enforcing_limits.rst
     user/change_of_authorization.rst
+    user/radius_monitoring
     user/management_commands.rst
     user/rest-api.rst
     user/settings.rst
diff --git a/docs/source/index.rst b/docs/source/index.rst
new file mode 100644
index 00000000..c1975fe8
--- /dev/null
+++ b/docs/source/index.rst
@@ -0,0 +1,70 @@
+===============
+openwisp-radius
+===============
+
+.. image:: https://travis-ci.org/openwisp/openwisp-radius.svg?branch=master
+   :target: https://travis-ci.org/openwisp/openwisp-radius
+   :alt: CI build status
+
+.. image:: https://coveralls.io/repos/github/openwisp/openwisp-radius/badge.svg?branch=master
+   :target: https://coveralls.io/github/openwisp/openwisp-radius?branch=master
+   :alt: Test Coverage
+
+.. image:: https://img.shields.io/librariesio/release/github/openwisp/openwisp-radius
+   :target: https://libraries.io/github/openwisp/openwisp-radius#repository_dependencies
+   :alt: Dependency monitoring
+
+.. image:: https://img.shields.io/gitter/room/nwjs/nw.js.svg
+   :target: https://gitter.im/openwisp/general
+   :alt: Chat
+
+.. image:: https://badge.fury.io/py/openwisp-radius.svg
+   :target: http://badge.fury.io/py/openwisp-radius
+   :alt: Pypi Version
+
+.. image:: https://pepy.tech/badge/openwisp-radius
+   :target: https://pepy.tech/project/openwisp-radius
+   :alt: Downloads
+
+.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
+   :target: https://pypi.org/project/black/
+   :alt: code style: black
+
+**OpenWISP-RADIUS** provides an admin interface to a
+`freeradius <https://freeradius.org/>`_ database and offers features
+that are common in WiFi and ISP deployments.
+
+**Need a quick overview?** `Try the OpenWISP Demo <https://openwisp.org/demo.html>`_.
+
+.. note::
+   If you're building a public wifi service, we suggest
+   to take a look at `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_,
+   which is built to work with openwisp-radius.
+
+.. image:: https://raw.githubusercontent.com/openwisp/openwisp2-docs/master/assets/design/openwisp-logo-black.svg
+   :target: http://openwisp.org
+
+.. toctree::
+   :maxdepth: 2
+
+   /developer/setup
+   /developer/freeradius
+   /developer/freeradius_wpa_enterprise
+   /user/settings
+   /user/management_commands
+   /user/importing_users
+   /user/generating_users
+   /user/enforcing_limits
+   /user/registration
+   /user/social_login
+   /user/saml
+   /user/change_of_authorization
+   /user/radius_monitoring
+   /user/api
+   /developer/signals
+   /developer/how_to_extend
+   /developer/captive_portal_mock.rst
+   /general/support
+   /developer/contributing
+   /general/goals
+   /general/changelog.rst
diff --git a/docs/source/user/settings.rst b/docs/source/user/settings.rst
new file mode 100644
index 00000000..186ed63e
--- /dev/null
+++ b/docs/source/user/settings.rst
@@ -0,0 +1,1046 @@
+Available settings
+------------------
+
+Admin related settings
+======================
+
+These settings control details of the administration interface of openwisp-radius.
+
+.. note::
+
+    The values of overridden settings fields do not change even when
+    the global defaults are changed.
+
+``OPENWISP_RADIUS_EDITABLE_ACCOUNTING``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Whether ``radacct`` entries are editable from the django admin or not.
+
+``OPENWISP_RADIUS_EDITABLE_POSTAUTH``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Whether ``postauth`` logs are editable from the django admin or not.
+
+``OPENWISP_RADIUS_GROUPCHECK_ADMIN``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Direct editing of group checks items is disabled by default because
+these can be edited through inline items in the Radius Group
+admin (Freeradius > Groups).
+
+*This is done with the aim of simplifying the admin interface and avoid
+overwhelming users with too many options*.
+
+If for some reason you need to enable direct editing of group checks
+you can do so by setting this to ``True``.
+
+``OPENWISP_RADIUS_GROUPREPLY_ADMIN``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Direct editing of group reply items is disabled by default because
+these can be edited through inline items in the Radius Group
+admin (Freeradius > Groups).
+
+*This is done with the aim of simplifying the admin interface and avoid
+overwhelming users with too many options*.
+
+If for some reason you need to enable direct editing of group replies
+you can do so by setting this to ``True``.
+
+``OPENWISP_RADIUS_USERGROUP_ADMIN``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Direct editing of user group items (``radusergroup``) is disabled by default
+because these can be edited through inline items in the User
+admin (Users and Organizations > Users).
+
+*This is done with the aim of simplifying the admin interface and avoid
+overwhelming users with too many options*.
+
+If for some reason you need to enable direct editing of user group items
+you can do so by setting this to ``True``.
+
+``OPENWISP_RADIUS_USER_ADMIN_RADIUSTOKEN_INLINE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+The functionality of editing a user's ``RadiusToken`` directly
+through an inline from the user admin page is disabled by default.
+
+*This is done with the aim of simplifying the admin interface and avoid
+overwhelming users with too many options*.
+
+If for some reason you need to enable editing user's ``RadiusToken``
+from the user admin page, you can do so by setting this to ``True``.
+
+Model related settings
+======================
+
+These settings control details of the openwisp-radius model classes.
+
+``OPENWISP_RADIUS_DEFAULT_SECRET_FORMAT``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``NT-Password``
+
+The default encryption format for storing radius check values.
+
+``OPENWISP_RADIUS_DISABLED_SECRET_FORMATS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``[]``
+
+A list of disabled encryption formats, by default all formats are
+enabled in order to keep backward compatibility with legacy systems.
+
+``OPENWISP_RADIUS_BATCH_DEFAULT_PASSWORD_LENGTH``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``8``
+
+The default password length of the auto generated passwords while
+batch addition of users from the csv.
+
+``OPENWISP_RADIUS_BATCH_DELETE_EXPIRED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``18``
+
+It is the number of months after which the expired users are deleted.
+
+``OPENWISP_RADIUS_BATCH_PDF_TEMPLATE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+It is the template used to generate the pdf when users are being generated using the batch add users feature using the prefix.
+
+The value should be the absolute path to the template of the pdf.
+
+``OPENWISP_RADIUS_EXTRA_NAS_TYPES``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``tuple()``
+
+This setting can be used to add custom NAS types that can be used from the
+admin interface when managing NAS instances.
+
+For example, you want a custom NAS type called ``cisco``, you would add
+the following to your project ``settings.py``:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_EXTRA_NAS_TYPES = (
+        ('cisco', 'Cisco Router'),
+    )
+
+.. _openwisp_radius_freeradius_allowed_hosts:
+
+``OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``[]``
+
+List of host IP addresses or subnets allowed to consume the freeradius
+API endpoints (Authorize, Accounting and Postauth), i.e the value
+of this option should be the IP address of your freeradius
+instance. Example: If your freeradius instance is running on
+the same host machine as OpenWISP, the value should be ``127.0.0.1``.
+Similarly, if your freeradius instance is on a different host in
+the private network, the value should be the private IP of freeradius
+host like ``192.0.2.50``. If your freeradius is on a public network,
+please use the public IP of your freeradius instance.
+
+You can use subnets when freeradius is hosted on a variable IP, eg:
+
+- ``198.168.0.0/24`` to allow the entire LAN.
+- ``0.0.0.0/0`` to allow any address (useful for development / testing).
+
+This value can be overridden per organization in the organization
+change page. You can skip setting this option if you intend to set
+it from organization change page for each organization.
+
+.. image:: /images/freeradius_allowed_hosts.png
+   :alt: Organization change page freeradius settings
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['127.0.0.1', '192.0.2.10', '192.168.0.0/24']
+
+If this option and organization change page option are both
+empty, then all freeradius API requests for the organization
+will return ``403``.
+
+.. _coa_enabled_setting:
+
+``OPENWISP_RADIUS_COA_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False```
+
+If set to ``True``, openwisp-radius will update the NAS with the
+user's current RADIUS attributes whenever the ``RadiusGroup`` of
+user is changed. This allow enforcing of rate limits on active
+RADIUS sessions without requiring users to re-authenticate. For
+more details, :ref:`read the dedicated section for configuring
+openwisp-radius and NAS for using CoA <change_of_authorization>`.
+
+This can be overridden for each organization separately
+via the organization radius settings section of the admin interface.
+
+.. image:: /images/organization_coa_enabled.png
+   :alt: CoA enabled
+
+```RADCLIENT_ATTRIBUTE_DICTIONARIES```
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
++--------------+----------+
+| **type**:    | ``list`` |
++--------------+----------+
+| **default**: | ``[]``   |
++--------------+----------+
+
+List of absolute file paths of additional RADIUS dictionaries used
+for RADIUS attribute mapping.
+
+.. note::
+
+    A `default dictionary <https://github.com/openwisp/openwisp-radius/blob/master/openwisp_radius/radclient/dictionary>`_
+    is shipped with openwisp-radius. Any dictionary added using this setting
+    will be used alongside the default dictionary.
+
+``OPENWISP_RADIUS_MAX_CSV_FILE_SIZE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
++--------------+----------------------------+
+| **type**:    | ``int``                    |
++--------------+----------------------------+
+| **default**: |  `5 * 1024 * 1024` (5 MB)  |
++--------------+----------------------------+
+
+This setting can be used to set the maximum size limit for firmware images, eg:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_MAX_CSV_FILE_SIZE = 10 * 1024 * 1024  # 10MB
+
+.. note::
+
+    The numeric value represents the size of files in bytes.
+    Setting this to ``None`` will mean there's no max size.
+
+``OPENWISP_RADIUS_PRIVATE_STORAGE_INSTANCE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
++--------------+-------------------------------------------------------------------------------------+
+| **type**:    | ``str``                                                                             |
++--------------+-------------------------------------------------------------------------------------+
+| **default**: |  ``openwisp_radius.private_storage.storage.private_file_system_storage``            |
++--------------+-------------------------------------------------------------------------------------+
+
+Dotted path to an instance of any one of the storage classes in
+`private_storage <https://github.com/edoburu/django-private-storage#django-private-storage>`_.
+This instance is used for storing csv files of batch imports of users.
+
+By default, an instance of ``private_storage.storage.files.PrivateFileSystemStorage``
+is used.
+
+.. _openwisp_radius_called_station_ids:
+
+``OPENWISP_RADIUS_CALLED_STATION_IDS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``{}``
+
+This setting allows to specify the parameters to connect to the different
+OpenVPN management interfaces available for an organization. This setting is used by the
+:ref:`convert_called_station_id <convert_called_station_id>` command.
+
+It should contain configuration in following format:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_CALLED_STATION_IDS = {
+        # UUID of the organization for which settings are being specified
+        # In this example 'default'
+        '<organization_uuid>': {
+            'openvpn_config': [
+                {
+                    # Host address of OpenVPN management
+                    'host': '<host>',
+                    # Port of OpenVPN management interface. Defaults to 7505 (integer)
+                    'port': 7506,
+                    # Password of OpenVPN management interface (optional)
+                    'password': '<management_interface_password>',
+                }
+            ],
+            # List of CALLED STATION IDs that has to be converted,
+            # These look like: 00:27:22:F3:FA:F1:gw1.openwisp.org
+            'unconverted_ids': ['<called_station_id>'],
+        }
+    }
+
+``OPENWISP_RADIUS_CONVERT_CALLED_STATION_ON_CREATE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+If set to ``True``, "Called Station ID" of a RADIUS session will be
+converted (as per configuration defined in :ref:`OPENWISP_RADIUS_CALLED_STATION_IDS <openwisp_radius_called_station_ids>`)
+just after the RADIUS session is created.
+
+.. _openwisp_radius_openvpn_datetime_format:
+
+``OPENWISP_RADIUS_OPENVPN_DATETIME_FORMAT``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``u'%a %b %d %H:%M:%S %Y'``
+
+Specifies the datetime format of OpenVPN management status parser used by the
+:ref:`convert_called_station_id <convert_called_station_id>`
+command.
+
+``OPENWISP_RADIUS_UNVERIFY_INACTIVE_USERS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``0`` (disabled)
+
+Number of days from user's ``last_login`` after which the
+user will be flagged as *unverified*.
+
+When set to ``0``, the feature would be disabled and the user will
+not be flagged as *unverified*.
+
+``OPENWISP_RADIUS_DELETE_INACTIVE_USERS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``0`` (disabled)
+
+Number of days from user's ``last_login`` after which the
+user will be deleted.
+
+When set to ``0``, the feature would be disabled and the user will
+not be deleted.
+
+
+API and user token related settings
+===================================
+
+These settings control details related to the API and the radius user token.
+
+``OPENWISP_RADIUS_API_URLCONF``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``None``
+
+Changes the urlconf option of django urls to point the RADIUS API
+urls to another installed module, example, ``myapp.urls``
+(useful when you have a seperate API instance.)
+
+``OPENWISP_RADIUS_API_BASEURL``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``/`` (points to same server)
+
+If you have a seperate instance of openwisp-radius API on a
+different domain, you can use this option to change the base of the image
+download URL, this will enable you to point to your API server's domain,
+example value: ``https://myradius.myapp.com``.
+
+.. _openwisp_radius_api:
+
+``OPENWISP_RADIUS_API``
+~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``True``
+
+Indicates whether the REST API of openwisp-radius is enabled or not.
+
+``OPENWISP_RADIUS_DISPOSABLE_RADIUS_USER_TOKEN``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``True``
+
+Radius user tokens are used for authorizing users.
+
+When this setting is ``True`` radius user tokens are deleted right after a successful
+authorization is performed. This reduces the possibility of attackers reusing
+the access tokens and posing as other users if they manage to intercept it somehow.
+
+.. _openwisp_radius_api_authorize_reject:
+
+``OPENWISP_RADIUS_API_AUTHORIZE_REJECT``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Indicates wether the :ref:`Authorize API view <authorize>` will return
+``{"control:Auth-Type": "Reject"}`` or not.
+
+Rejecting an authorization request explicitly will prevent freeradius from
+attempting to perform authorization with other mechanisms (eg: radius checks, LDAP, etc.).
+
+When set to ``False``, if an authorization request fails, the API will respond with
+``None``, which will allow freeradius to keep attempting to authorize the request
+with other freeradius modules.
+
+Set this to ``True`` if you are performing authorization exclusively through the REST API.
+
+``OPENWISP_RADIUS_API_ACCOUNTING_AUTO_GROUP``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``True``
+
+When this setting is enabled, every accounting instance saved from the API will have
+its ``groupname`` attribute automatically filled in.
+The value filled in will be the ``groupname`` of the ``RadiusUserGroup`` of the highest
+priority among the RadiusUserGroups related to the user with the ``username`` as in the
+accounting instance.
+In the event there is no user in the database corresponding to the ``username`` in the
+accounting instance, the failure will be logged with ``warning`` level but the accounting
+will be saved as usual.
+
+.. _openwisp_radius_allowed_mobile_prefixes:
+
+``OPENWISP_RADIUS_ALLOWED_MOBILE_PREFIXES``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``[]``
+
+This setting is used to specify a list of international mobile prefixes which should
+be allowed to register into the system via the :ref:`user registration API <user_registration>`.
+
+That is, only users with phone numbers using the specified international prefixes will
+be allowed to register.
+
+Leaving this unset or setting it to an empty list (``[]``) will effectively allow
+any international mobile prefix to register (which is the default setting).
+
+For example:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_ALLOWED_MOBILE_PREFIXES = ['+44', '+237']
+
+Using the setting above will only allow phone numbers from the UK (``+44``)
+or Cameroon (``+237``).
+
+.. note::
+
+    This setting is applicable only for organizations
+    which have :ref:`enabled the SMS verification option
+    <openwisp_radius_sms_verification_enabled>`.
+
+``OPENWISP_RADIUS_ALLOW_FIXED_LINE_OR_MOBILE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+OpenWISP RADIUS only allow using mobile phone numbers for user registration.
+This can cause issues in regions where fixed line and mobile phone numbers
+uses the same pattern (e.g. USA). Setting the value to ``True``
+would make phone number type checking less strict.
+
+.. _openwisp_radius_optional_registration_fields:
+
+``OPENWISP_RADIUS_OPTIONAL_REGISTRATION_FIELDS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**:
+
+.. code-block:: python
+
+    {
+        'first_name': 'disabled',
+        'last_name': 'disabled',
+        'birth_date': 'disabled',
+        'location': 'disabled',
+    }
+
+This global setting is used to specify if the optional user fields
+(``first_name``, ``last_name``, ``location`` and ``birth_date``)
+shall be disabled (hence ignored), allowed or required in the
+:ref:`User Registration API <user_registration>`.
+
+The allowed values are:
+
+- ``disabled``: (**default**) the field is disabled.
+- ``allowed``: the field is allowed but not mandatory.
+- ``mandatory``: the field is mandatory.
+
+For example:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_OPTIONAL_REGISTRATION_FIELDS = {
+        'first_name': 'disabled',
+        'last_name': 'disabled',
+        'birth_date': 'mandatory',
+        'location': 'allowed',
+    }
+
+Means:
+
+- ``first_name`` and ``last_name`` fields are not required and their values
+  if provided are ignored.
+- ``location`` field is not required but its value will
+  be saved to the database if provided.
+- ``birth_date`` field is required and a ``ValidationError``
+  exception is raised if its value is not provided.
+
+The setting for each field can also be overridden at organization level
+if needed, by going to
+``Home › Users and Organizations › Organizations > Edit organization`` and
+then scrolling down to ``ORGANIZATION RADIUS SETTINGS``.
+
+.. image:: /images/optional_fields.png
+    :alt: optional field setting
+
+By default the fields at organization level hold a ``NULL`` value,
+which means that the global setting specified in ``settings.py`` will
+be used.
+
+``OPENWISP_RADIUS_PASSWORD_RESET_URLS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. note::
+
+    This setting can be overridden for each organization in the
+    organization admin page, the setting implementation is left
+    for backward compatibility but may be deprecated in the future.
+
+**Default**:
+
+.. code-block:: python
+
+    {
+        '__all__': 'https://{site}/{organization}/password/reset/confirm/{uid}/{token}'
+    }
+
+A dictionary representing the frontend URLs through which end users can complete
+the password reset operation.
+
+The frontend could be `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_
+or another in-house captive page solution.
+
+Keys of the dictionary must be either UUID of organizations or ``__all__``, which is the fallback URL
+that will be used in case there's no customized URL for a specific organization.
+
+The password reset URL must contain the "{token}" and "{uid}" placeholders.
+
+The meaning of the variables in the string is the following:
+
+- ``{site}``: site domain as defined in the
+  `django site framework <https://docs.djangoproject.com/en/dev/ref/contrib/sites/>`_
+  (defaults to example.com and an be changed through the django admin)
+- ``{organization}``: organization slug
+- ``{uid}``: uid of the password reset request
+- ``{token}``: token of the password reset request
+
+If you're using `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_,
+the configuration is fairly simple, in case the nodejs app is installed in the same domain
+of openwisp-radius, you only have to ensure the domain field in the main Site object is correct,
+if instead the nodejs app is deployed on a different domain, say ``login.wifiservice.com``,
+the configuration should be simply changed to:
+
+.. code-block:: python
+
+    {
+        '__all__': 'https://login.wifiservice.com/{organization}/password/reset/confirm/{uid}/{token}'
+    }
+
+.. _openwisp_radius_registration_api_enabled:
+
+``OPENWISP_RADIUS_REGISTRATION_API_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``True``
+
+Indicates whether the API registration view is enabled or not.
+When this setting is disabled (i.e. ``False``), the registration API view is disabled.
+
+**This setting can be overridden in individual organizations
+via the admin interface**, by going to *Organizations*
+then edit a specific organization and scroll down to
+*"Organization RADIUS settings"*, as shown in the screenshot below.
+
+.. image:: /images/organization_registration_setting.png
+   :alt: Organization RADIUS settings
+
+.. note::
+
+    We recommend using the override via the admin interface only when there
+    are special organizations which need a different configuration, otherwise,
+    if all the organization use the same configuration, we recommend
+    changing the global setting.
+
+.. _openwisp_radius_sms_verification_enabled:
+
+``OPENWISP_RADIUS_SMS_VERIFICATION_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+.. note::
+
+    If you're looking for instructions on how to configure SMS sending,
+    see :ref:`SMS Token Related Settings <sms_token_related_settings>`.
+
+If :ref:`Identity verification is required <openwisp_radius_needs_identity_verification>`,
+this setting indicates whether users who sign up should be required to
+verify their mobile phone number via SMS.
+
+This can be overridden for each organization separately
+via the organization radius settings section of the admin interface.
+
+.. image:: /images/organization_sms_verification_setting.png
+   :alt: SMS verification enabled
+
+.. _openwisp_radius_needs_identity_verification:
+
+``OPENWISP_RADIUS_MAC_ADDR_ROAMING_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Indicates whether MAC address roaming is supported.
+When this setting is enabled (i.e. ``True``),
+MAC address roaming is enabled for all organizations.
+
+**This setting can be overridden in individual organizations
+via the admin interface**, by going to *Organizations*
+then edit a specific organization and scroll down to
+*"Organization RADIUS settings"*, as shown in the screenshot below.
+
+.. image:: /images/mac-address-roaming.png
+   :alt: Organization MAC Address Roaming settings
+
+.. note::
+
+    We recommend using the override via the admin interface only when there
+    are special organizations which need a different configuration, otherwise,
+    if all the organization use the same configuration, we recommend
+    changing the global setting.
+
+``OPENWISP_RADIUS_NEEDS_IDENTITY_VERIFICATION``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Indicates whether organizations require a user to be verified in order to login.
+This can be overridden globally or for each organization separately via the admin
+interface.
+
+If this is enabled, each registered user should be verified using a verification method.
+The following choices are available by default:
+
+- ``''`` (empty string): unspecified
+- ``manual``: Manually created
+- ``email``: Email
+- ``mobile_phone``: Mobile phone number
+  :ref:`verification via SMS <openwisp_radius_sms_verification_enabled>`
+- ``social_login``: :ref:`social login feature <social_login>`
+
+.. note::
+
+    Of the methods listed above, ``mobile_phone`` is generally
+    accepted as a legal and valid form of indirect identity verification
+    in those countries who require to provide
+    a valid ID document before buying a SIM card.
+
+    Organizations which are required by law to identify their users
+    before allowing them to access the network (eg: ISPs) can restrict
+    users to register only through this method and can configure the system
+    to only :ref:`allow international mobile prefixes <openwisp_radius_allowed_mobile_prefixes>`
+    of countries which require a valid ID document to buy a SIM card.
+
+    **Disclaimer:** these are just suggestions on possible configurations
+    of OpenWISP RADIUS and must not be considered as legal advice.
+
+.. _register_registration_method:
+
+Adding support for more registration/verification methods
+#########################################################
+
+For those who need to implement additional registration and identity
+verification methods, such as supporting a National ID card, new methods
+can be added or an existing method can be removed using
+the ``register_registration_method``
+and ``unregister_registration_method`` functions respectively.
+
+For example:
+
+.. code-block:: python
+
+    from openwisp_radius.registration import (
+        register_registration_method,
+        unregister_registration_method,
+    )
+
+    # Enable registering via national digital ID
+    register_registration_method('national_id', 'National Digital ID')
+
+    # Remove mobile verification method
+    unregister_registration_method('mobile_phone')
+
+.. note::
+
+    Both functions will fail if a specific registration method
+    is already registered or unregistered, unless the keyword argument
+    ``fail_loud`` is passed as ``False`` (this useful when working with
+    additional registration methods which are supported by multiple
+    custom modules).
+
+    Pass ``strong_identity`` as ``True`` to to indicate that users who
+    register using that method have indirectly verified their identity
+    (eg:  :ref:`SMS verification
+    <openwisp_radius_sms_verification_enabled>`,
+    credit card, national ID card, etc).
+
+.. warning::
+
+    If you need to implement a registration method that needs to grant limited
+    internet access to unverified users so they can complete their
+    verification process online on other websites which cannot be predicted
+    and hence cannot be added to the walled garden, you can pass
+    ``authorize_unverified=True`` to the ``register_registration_method``
+    function.
+
+    This is needed to implement payment flows in which users insert
+    a specific 3D secure code in the website of their bank.
+    Keep in mind that you should create a specific limited radius group
+    for these unverified users.
+
+    Payment flows and credit/debit card verification are fully implemented
+    in **OpenWISP Subscriptions**, a premium module available only to
+    customers of the
+    :ref:`commercial support offering of OpenWISP <support>`.
+
+Email related settings
+======================
+
+Emails can be sent to users whose usernames or passwords have been auto-generated.
+The content of these emails can be customized with the settings explained below.
+
+.. _openwisp_radius_batch_mail_subject:
+
+``OPENWISP_RADIUS_BATCH_MAIL_SUBJECT``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``Credentials``
+
+It is the subject of the mail to be sent to the users. Eg: ``Login Credentials``.
+
+.. _openwisp_radius_batch_mail_message:
+
+``OPENWISP_RADIUS_BATCH_MAIL_MESSAGE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``username: {}, password: {}``
+
+The message should be a string in the format ``Your username is {} and password is {}``.
+
+The text could be anything but should have the format string operator ``{}`` for
+``.format`` operations to work.
+
+.. _openwisp_radius_batch_mail_sender:
+
+``OPENWISP_RADIUS_BATCH_MAIL_SENDER``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``settings.DEFAULT_FROM_EMAIL``
+
+It is the sender email which is also to be configured in the SMTP settings.
+The default sender email is a common setting from the
+`Django core settings  <https://docs.djangoproject.com/en/dev/ref/settings/#default-from-email>`_
+under ``DEFAULT_FROM_EMAIL``.
+Currently, ``DEFAULT_FROM_EMAIL`` is set to to ``webmaster@localhost``.
+
+.. _counter_related_settings:
+
+Counter related settings
+========================
+
+.. _counters_setting:
+
+``OPENWISP_RADIUS_COUNTERS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: depends on the database backend in use,
+see :ref:`counters` to find out what are the default counters enabled.
+
+It's a list of strings, each representing the python path to a counter class.
+
+It may be set to an empty list or tuple to disable the counter feature, eg:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_COUNTERS = []
+
+If custom counters have been implemented, this setting should be changed
+to include the new classes, eg:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_COUNTERS = [
+        # default counters for PostgreSQL, may be removed if not needed
+        'openwisp_radius.counters.postgresql.daily_counter.DailyCounter',
+        'openwisp_radius.counters.postgresql.daily_traffic_counter.DailyTrafficCounter',
+        # custom counters
+        'myproject.counters.CustomCounter1',
+        'myproject.counters.CustomCounter2',
+    ]
+
+.. _traffic_counter_check_name:
+
+``OPENWISP_RADIUS_TRAFFIC_COUNTER_CHECK_NAME``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``Max-Daily-Session-Traffic``
+
+Used by :ref:`daily_traffic_counter`,
+it indicates the check attribute which is looked for
+in the database to find the maximum amount of daily traffic
+which users having the default ``users`` radius group assigned can consume.
+
+.. _traffic_counter_reply_name:
+
+``OPENWISP_RADIUS_TRAFFIC_COUNTER_REPLY_NAME``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``CoovaChilli-Max-Total-Octets``
+
+Used by :ref:`daily_traffic_counter`,
+it indicates the reply attribute which is returned to the NAS
+to indicate how much remaining traffic users
+which users having the default ``users`` radius group assigned
+can consume.
+
+It should be changed according to the NAS software in use, for example,
+if using PfSense, this setting should be set to ``pfSense-Max-Total-Octets``.
+
+``OPENWISP_RADIUS_RADIUS_ATTRIBUTES_TYPE_MAP``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``{}``
+
+Used by :ref:`User Radius Usage API <radius_usage_api_view>`,
+it stores mapping of RADIUS attributes to the unit of value
+enforced by the attribute, e.g. ``bytes`` for traffic counters and
+``seconds`` for session time counters.
+
+In the following example, the setting is configured to return ``bytes``
+type in the API response for ``ChilliSpot-Max-Input-Octets`` attribute:
+
+.. code-block:: python
+
+    OPENWISP_RADIUS_RADIUS_ATTRIBUTES_TYPE_MAP = {
+        'ChilliSpot-Max-Input-Octets': 'bytes'
+    }
+
+.. _social_login_settings:
+
+Social Login related settings
+=============================
+
+The following settings are related to the :ref:`social login feature <social_login>`.
+
+.. _openwisp_radius_social_registration_enabled:
+
+``OPENWISP_RADIUS_SOCIAL_REGISTRATION_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Indicates whether the registration using social applications
+is enabled or not. When this setting is enabled (i.e. ``True``),
+authentication using social applications is enabled for all organizations.
+
+**This setting can be overridden in individual organizations
+via the admin interface**, by going to *Organizations*
+then edit a specific organization and scroll down to
+*"Organization RADIUS settings"*, as shown in the screenshot below.
+
+.. image:: /images/organization_social_login_setting.png
+   :alt: Organization social login settings
+
+.. note::
+
+    We recommend using the override via the admin interface only when there
+    are special organizations which need a different configuration, otherwise,
+    if all the organization use the same configuration, we recommend
+    changing the global setting.
+
+.. _saml_settings:
+
+SAML related settings
+=====================
+
+The following settings are related to the :ref:`SAML feature <saml_>`.
+
+.. _openwisp_radius_saml_registration_enabled:
+
+``OPENWISP_RADIUS_SAML_REGISTRATION_ENABLED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Indicates whether registration using SAML is enabled or not.
+When this setting is enabled (i.e. ``True``),
+authentication using SAML is enabled for all organizations.
+
+**This setting can be overridden in individual organizations
+via the admin interface**, by going to *Organizations*
+then edit a specific organization and scroll down to
+*"Organization RADIUS settings"*, as shown in the screenshot below.
+
+.. image:: /images/organization_saml_setting.png
+   :alt: Organization SAML settings
+
+.. note::
+
+    We recommend using the override via the admin interface only when there
+    are special organizations which need a different configuration, otherwise,
+    if all the organization use the same configuration, we recommend
+    changing the global setting.
+
+``OPENWISP_RADIUS_SAML_REGISTRATION_METHOD_LABEL``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``'Single Sign-On (SAML)'``
+
+Sets the verbose name of SAML registration method.
+
+``OPENWISP_RADIUS_SAML_IS_VERIFIED``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Setting this to ``True`` will automatically flag user accounts
+created during SAML sign-in as verified users (``RegisteredUser.is_verified=True``).
+
+This is useful when SAML identity providers can be trusted
+to be legally valid identity verifiers.
+
+.. _openwisp_radius_saml_updates_pre_existing_username:
+
+``OPENWISP_RADIUS_SAML_UPDATES_PRE_EXISTING_USERNAME``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+Allows updating username of a registered user with the value
+received from SAML Identity Provider. Read the
+:ref:`FAQs in SAML integration documentation <preventing_change_in_username_of_registered_user>`
+for details.
+
+.. _sms_token_related_settings:
+
+SMS token related settings
+==========================
+
+These settings allow to control aspects and limitations of the SMS tokens
+which are sent to users for the purpose of
+:ref:`verifying their mobile phone number
+<openwisp_radius_needs_identity_verification>`.
+
+These settings are applicable only when
+:ref:`SMS verification is enabled <openwisp_radius_sms_verification_enabled>`.
+
+``SENDSMS_BACKEND``
+~~~~~~~~~~~~~~~~~~~
+
+This setting takes a python path which points to the `django-sendsms
+<https://github.com/stefanfoulis/django-sendsms>`__
+backend which will be used by the system to send SMS messages.
+
+The list of supported SMS services can be seen in the source code of
+`the django-sendsms backends
+<https://github.com/stefanfoulis/django-sendsms/tree/main/sendsms/backends>`__.
+Adding support for other SMS services can be done by subclassing
+the ``BaseSmsBackend`` and implement the logic needed to talk to the
+SMS service.
+
+The value of this setting can point to any class on the python path,
+so the backend doesn't have to be necessarily shipped in django-sendsms
+but can be deployed in any other location.
+
+``OPENWISP_RADIUS_SMS_TOKEN_DEFAULT_VALIDITY``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``30``
+
+For how many minutes the SMS token is valid for.
+
+``OPENWISP_RADIUS_SMS_TOKEN_LENGTH``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``6``
+
+The length of the SMS token.
+
+``OPENWISP_RADIUS_SMS_TOKEN_HASH_ALGORITHM``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``'sha256'``
+
+The hashing algorithm used to generate the numeric code.
+
+``OPENWISP_RADIUS_SMS_COOLDOWN``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``30``
+
+Seconds users needs to wait before being able to request a new SMS token.
+
+``OPENWISP_RADIUS_SMS_TOKEN_MAX_ATTEMPTS``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``5``
+
+The max number of mistakes tolerated during verification,
+after this amount of mistaken attempts, it won't be possible to
+verify the token anymore and it will be necessary to request a new one.
+
+``OPENWISP_RADIUS_SMS_TOKEN_MAX_USER_DAILY``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``5``
+
+The max number of SMS tokens a single user can request within a day.
+
+``OPENWISP_RADIUS_SMS_TOKEN_MAX_IP_DAILY``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``999``
+
+The max number of tokens which can be requested from the same IP address
+during the same day.
+
+``OPENWISP_RADIUS_SMS_MESSAGE_TEMPLATE``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``{organization} verification code: {code}``
+
+The template used for sending verification code to users via SMS.
+
+.. note::
+
+    The template should always contain ``{code}`` placeholder.
+    Otherwise, the sent SMS will not contain the verification code.
+
+This value can be overridden per organization in the organization
+change page. You can skip setting this option if you intend to set
+it from organization change page for each organization. Keep in mind that
+the default value is translated in other languages. If the value is
+customized the translations will not work, so if you need this message
+to be translated in different languages you should either not change the
+default value or prepare the additional translations.
diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
new file mode 100644
index 00000000..8438afd9
--- /dev/null
+++ b/docs/user/radius_monitoring.rst
@@ -0,0 +1,78 @@
+Integration with OpenWISP Monitoring
+------------------------------------
+
+OpenWISP RADIUS includes an optional Django sub-app that adds integration with
+`OpenWISP Monitoring <https://github.com/openwisp/openwisp-monitoring#openwisp-monitoring>`_
+to provide RADIUS metrics.
+
+RADIUS metrics
+==============
+
+1. User registrations
+~~~~~~~~~~~~~~~~~~~~~
+
+.. image:: /images/user-registration-chart.png
+   :alt: User registration chart
+
+This chart shows number of users signed up using different registration methods.
+
+2. Cumulative user registrations
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. image:: /images/total-user-registration-chart.png
+   :alt: Cumulative user registration chart
+
+This chart shows total users registered using different registration methods
+in the system on a given date.
+
+3. Unique RADIUS Sessions
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. image:: /images/unique-radius-session-chart.png
+   :alt: Unique RADIUS session chart
+
+This chart shows unique RADIUS sessions. It is helpful to know how many
+unique users has used the system in a given time.
+
+4. RADIUS traffic
+~~~~~~~~~~~~~~~~~
+
+.. image:: /images/radius-traffic-chart.png
+   :alt: RADIUS traffic chart
+
+This chart shows the RADIUS traffic generated by user sessions.
+
+Enabling RADIUS metrics in Django project
+=========================================
+
+You can enable the monitoring integration by including ``openwisp_radius.integrations.monitoring``
+in ``INSTALLED_APPS`` of your Django project's settings as following:
+
+
+.. code-block:: python
+
+    # In your_project/settings.py
+
+    INSTALLED_APPS = [
+        # ...
+        'openwisp_radius',
+        'openwisp_radius.integrations.monitoring' # <--- add the app after openwisp_radius
+        # ...
+    ]
+
+.. note::
+
+    Ensure your Django project is correctly configured to utilize OpenWISP Monitoring as
+    outlined in the `OpenWISP Monitoring's documentation <https://github.com/openwisp/openwisp-monitoring#setup-integrate-in-an-existing-django-project>`_.
+    For production environments, it is advisable to deploy OpenWISP using
+    `Ansible OpenWISP2 <https://github.com/openwisp/ansible-openwisp2>`_ or
+    `Docker OpenWISP <https://github.com/openwisp/docker-openwisp>`_, as they simplify
+    the deployment process considerably.
+
+.. important::
+
+    If you are registering a :ref:`"registration method" <openwisp_radius_register_registration_method>`
+    in any other Django application, then ``openwisp_radius.integrations.monitoring``
+    should come after that app in the ``INSTALLED_APPS``. Otherwise, the
+    registration method would not appear in the chart.
+
diff --git a/docs/user/settings.rst b/docs/user/settings.rst
index ee03f87a..0b58a441 100644
--- a/docs/user/settings.rst
+++ b/docs/user/settings.rst
@@ -690,6 +690,8 @@ verification method. The following choices are available by default:
     **Disclaimer:** these are just suggestions on possible configurations
     of OpenWISP RADIUS and must not be considered as legal advice.
 
+.. _openwisp_radius_register_registration_method:
+
 Adding support for more registration/verification methods
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 

From 48b42fb92fe653cbcfbc65dc27445a3c0360fdcb Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 13 Sep 2023 12:26:21 +0530
Subject: [PATCH 11/51] [feature] Added dashboard pie charts for radius
 monitoring

---
 .github/workflows/ci.yml                      |  1 +
 .../integrations/monitoring/apps.py           | 83 +++++++++++++++++++
 .../integrations/monitoring/utils.py          | 23 +++++
 3 files changed, 107 insertions(+)
 create mode 100644 openwisp_radius/integrations/monitoring/utils.py

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6b5c069a..0545a357 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -57,6 +57,7 @@ jobs:
           pip install -U -r requirements-test.txt
           pip install -e .[saml,openvpn_status]
           pip install ${{ matrix.django-version }}
+          pip install --force-reinstall --upgrade --no-cache-dir --no-deps https://github.com/openwisp/openwisp-utils/tarball/dashboard-chart-filter
 
       - name: Start InfluxDB and Redis container
         run: docker-compose up -d influxdb redis
diff --git a/openwisp_radius/integrations/monitoring/apps.py b/openwisp_radius/integrations/monitoring/apps.py
index 9a2fe125..2f4c49dd 100644
--- a/openwisp_radius/integrations/monitoring/apps.py
+++ b/openwisp_radius/integrations/monitoring/apps.py
@@ -1,5 +1,9 @@
 from django.apps import AppConfig
+from django.db import models
+from django.db.models import Count, Sum
+from django.db.models.functions import Cast, Round
 from django.db.models.signals import post_save
+from django.utils.timezone import localdate
 from django.utils.translation import gettext_lazy as _
 from openwisp_monitoring.monitoring.configuration import (
     _register_chart_configuration_choice,
@@ -7,6 +11,10 @@
 )
 from swapper import load_model
 
+from openwisp_utils.admin_theme import register_dashboard_chart
+
+from .utils import get_datetime_filter_start_date, get_datetime_filter_stop_date
+
 
 class OpenwispRadiusMonitoringConfig(AppConfig):
     name = 'openwisp_radius.integrations.monitoring'
@@ -15,9 +23,84 @@ class OpenwispRadiusMonitoringConfig(AppConfig):
 
     def ready(self):
         super().ready()
+        self.register_dashboard_charts()
         self.register_radius_metrics()
         self.connect_signal_receivers()
 
+    def register_dashboard_charts(self):
+        register_dashboard_chart(
+            position=30,
+            config={
+                'name': _("Today's RADIUS sessions"),
+                'query_params': {
+                    'app_label': 'openwisp_radius',
+                    'model': 'radiusaccounting',
+                    'filter': {
+                        'start_time__date': localdate,
+                    },
+                    'aggregate': {
+                        'open': Count(
+                            'session_id', filter=models.Q(stop_time__isnull=True)
+                        ),
+                        'closed': Count(
+                            'session_id', filter=models.Q(stop_time__isnull=False)
+                        ),
+                    },
+                },
+                'colors': {
+                    'open': '#267126',
+                    'closed': '#a72d1d',
+                },
+                'filters': {
+                    'key': 'stop_time__isnull',
+                    'open': 'True',
+                    'closed': 'False',
+                },
+                'main_filters': {
+                    'start_time__gte': get_datetime_filter_start_date,
+                    'start_time__lt': get_datetime_filter_stop_date,
+                },
+                'labels': {
+                    'open': 'Open',
+                    'closed': 'Closed',
+                },
+            },
+        )
+        register_dashboard_chart(
+            position=31,
+            config={
+                'name': _("Today's RADIUS traffic (GB)"),
+                'query_params': {
+                    'app_label': 'openwisp_radius',
+                    'model': 'radiusaccounting',
+                    'filter': {
+                        'start_time__date': localdate,
+                    },
+                    'aggregate': {
+                        'download_traffic': Round(
+                            Cast(Sum('input_octets'), models.FloatField()) / 10**9, 1
+                        ),
+                        'upload_traffic': Round(
+                            Cast(Sum('output_octets'), models.FloatField()) / 10**9, 1
+                        ),
+                    },
+                },
+                'colors': {
+                    'download_traffic': '#1f77b4',
+                    'upload_traffic': '#ff7f0e',
+                },
+                'labels': {
+                    'download_traffic': 'Download traffic (GB)',
+                    'upload_traffic': 'Upload traffic (GB)',
+                },
+                'main_filters': {
+                    'start_time__gte': get_datetime_filter_start_date,
+                    'start_time__lt': get_datetime_filter_stop_date,
+                },
+                'filtering': 'False',
+            },
+        )
+
     def register_radius_metrics(self):
         from .configuration import RADIUS_METRICS
 
diff --git a/openwisp_radius/integrations/monitoring/utils.py b/openwisp_radius/integrations/monitoring/utils.py
new file mode 100644
index 00000000..6a005a28
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/utils.py
@@ -0,0 +1,23 @@
+from datetime import datetime, timedelta
+
+from django.utils import timezone
+
+local_timezone = timezone.get_current_timezone()
+
+
+def _get_formatted_datetime_string(date_time):
+    return (
+        str(datetime.combine(date_time, datetime.min.time()).astimezone(local_timezone))
+        .replace(' ', '+')
+        .replace(':', '%3A')
+    )
+
+
+def get_datetime_filter_start_date():
+    start_date = timezone.localdate()
+    return _get_formatted_datetime_string(start_date)
+
+
+def get_datetime_filter_stop_date():
+    stop_date = timezone.localdate() + timedelta(days=1)
+    return _get_formatted_datetime_string(stop_date)

From f75c919bc81eb22e8429f53d87f6153e3186719f Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Sep 2023 04:09:15 +0530
Subject: [PATCH 12/51] [docs] Added dashboard pie chart screenshot

---
 docs/source/images/radius-dashboard-charts.png | Bin 0 -> 44475 bytes
 docs/source/index.rst                          |   2 +-
 docs/user/radius_monitoring.rst                |   3 +++
 3 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 docs/source/images/radius-dashboard-charts.png

diff --git a/docs/source/images/radius-dashboard-charts.png b/docs/source/images/radius-dashboard-charts.png
new file mode 100644
index 0000000000000000000000000000000000000000..3e707313a2497e6268c339319ecdccdd46cb7cde
GIT binary patch
literal 44475
zcmd?P^<Pw9^e>Epbc1wAqjbj*N;lF-H_|<HNOy;{3W!KccQZ87&Coe?=iKAx``r8d
z4fl1=4>NOS_N=qwy<)GuqCTp~Vxg0vBOoAP$;(NpBOoAlAt1cyL`4R^368Oi1>TU{
zB;++wfy)ooA`-YKb(hw4*Ko3O_cV32M6h;ra<F7`Gk3MLbaead<bHzKAqFhs{<lcd
z)zZ}6#>w%Grj3Iof{d$;g{k)&F1|M!md@^$4rZ3FZ@4+RdERjH3Ul%cbMwCWpiKT0
z*NlMh20>oxgQiywY{l14!z1|lEI|{Swo73Pp93j1NV1n}fW(<OmQYvEFsAHPKrpsu
zMoH{Tx*<W#f=EY8&yN)EiCGHzw476YzL(X;)-s2_4wj>MgNaKRY|<$G*Mvd$_9^LQ
z+lyD|#SVElhci0glv9f3eaF1V?($BW_Vy+UWbyvzibBL1!G1&g-{t!K7g9{*ze{fU
zBO1|v3z8bY<Fo$H&n}V-x>EmL8{rC7|E-Jc#Y!{z{|J%4>-wK{_yU^2(*Lcacl^JM
zAVKKhgQW5OD%Y1Ekqe)shA=otWTEYzoHp{)FlJhH;xw<X?y|=B@nZ}YV4@P)A4tS1
zR$FVJy=+&Mn>HBAn?E!e@^r|~vI@q>UZ2^!@TqyiFN;o|gpd?$1tna9nhH+V;vcNn
zc+4NzV5aAZ?U-K^Wq<t)<c|UoXH&kn{qj16^i&FOMlX-lv47VpY5CSKLfG?rgN!TG
zjwU(ZJO6BD?CI=B3=`*CN2}(iIDAaj(IY_vQ4&FV${VfzL2Bzh3uJLMDI{_mj@GVU
zDq7I-hh+pt*59WU^d!1v{II#zpi&+5CtsmzM$OxPfW2dKStI()sFMVyw=dpEJco8E
z89LByZtIXvUemAhTev~#nnGJtw|bb8hy35dhRs)lC0faYL%Z>QkdQ=a!{Wy-8%1+3
zkHIR>8grB~7%0c=$Vb^T5&1Gwj~r0QSI^Q<vLMUzYm9x}ai>BuT$;dcgrE1zvHqYK
z&EY0-v$Vq;b4-lcQi{f8by8tw(ucS8FXB5^qXw07MDq%N|4Bm{Xb+@s0+o8@?eN1?
z1VrzPk~jWn8CBZn4kP01;JU|cKf#syUVhxLbiGH4CM)LJj#F!VS3#^8wn{qaU-Pn2
zreib}G~7DOfcG+Hm&>V|7_Rf7JBfJ$2~m*;6i>cV_!Eb|$&k-zt16*2%rxhQep66B
zyoQLK{-KEWWq8W8Y1{sM7dq0QFBkc^HcLed&;GizS)W9<3cEp^gRU*FBoeete#^c(
zh0C9?0-ZzFJtHCbX1B(^F28e(Gl`jmh^2nE8k+s=$*6VTCbSPuGwoU&iocj8M8;O=
z%hbL1w!=?&7K=l9P8=;1$W<cW`9-`$X@;F<@<Lxn{rFF+K5Cf%E3f+CHhpw<{Y(ye
z!K%3=hWLs3mn6FEB@2)`cO}N{e)Md)J`^-ZgD598Y=ZPk`pu@dm^L~y7_Yl7z8AYk
zNTQBM7;%G|RI70XoG+C?&s0(|IQR>7r0_+*9iNLqe^8n%QyjzHZ?gM!724Bd!TvTF
zUGith3R_rVY2~-K&>E)*>XUOn*VeEy3jVmaH?vQ#lZ*5jKk-#fNlDqF9LALtroljG
zQOT&!Mbb#L{02|U+p{+PGh@PkFnK;N{*7Fj-BZ~=2aNp#MFPpsD0=mB{mh>6Fl<DD
z0X4{s<CUU<ry#{?Vuy&5dWQx~U9M`qodwPJ<;Ry38=T)OA8#{8`Wgf?yjOTKZ@tLk
zFPb++rJi}rzc!1+x}?PvitX1{^M~z;Ns#-q>T_odDvFi``j8bg=QN|rwttnq)<4}d
z92B%Qfk+9p1S1ug9Hn&4`x;b_r+LlSQ-02s*onN{>;oMoXvmeW7bjE<uiu5yz(TCJ
z3k{npaSbj-2!0adMF$tvVd#uk=(1r6QDFah#^CU-X(ilZI6KW}O4jSUR%kl<jUP!A
zfqL)fwVD|{NATvbh@fc6*^={jLIm20i0W~rRi0mQ`+&_aB#c^R#*6P;uKDN6H){)I
zeJ;DqGEK@u9`UjL$TGpNHYc<E4eT<$SYW$po~1E&;V^RUFi^W0vCuQH)SXX+8onBV
zi$t$06y3D@o$G9E3av2;RYyl4c1k=f@eIP$*QfeEL>py~#NwQ1KKgPRktt5fQ*Tm8
zM-O<f$QDX-6Btvds)td(yJ)9njLVDNEhi<s%$3nAy-1am+G3q=#xd2r`IC>9TvH$U
zzB+druRyM1|Bvej5|TKq&&##piVyO$LI?~r(Rq|TTSZM49CDUBqSp$ZQDp<xpGaU&
z>eZ}+5S@=wzl??J-%())A)%DeaVyHQ=HjkwTaLMn^LXB2_KPkhW{wx;J#vkyO@lHP
zhI@3IW6i9z$?DNR1#IRH4KQ5{`g&89a9HP@qdNVirdQaWD@w*+Q%abmipGD1sd#5R
z{~681Mz2TKp9Nj*)aS+be)-srmd9(=-UnI&BWBv^dHH*4NXkT8_ryao=jx}Fua6ZG
z#7sMX+oR{IhK_zGbKa?nb!s}jxX`v(J8*;T)~~fYy%}Rz81e0qTqKa69uzm_%2lY!
zY1(*`*Wmi~CMuzG6_sAMs@@|hHT{E3{<)-C!BWhCw>P%5T}Y@R>wL~2rnmE&Jaxlf
zImJ%k22+)Q5+R};3zOl=fXVHOO4)n&E6w8vNwLe}jX20V>JL{P?$qXDk;z$C$T$KO
zjTs^e&Mw$OC%&f+ICxS0;Y1)u70bP+{l+ox$Ludp*IycqZ`5jC5WAA66(rL_Uftam
zAXgam$S>98JqomKabTtR?UIUln}Y^%l)HvV`u!7Cue0AaQVXlfa)KS{2wxSL<1B0S
z*{6;Cf>L)sZKk<9x@JM5!_7KC((T+Q)rdOhAGwcRGN8Ap4}<=q5sz9gB-T-N?dL(w
z^5n@MY$1P2TMybRXIhNCx&)C`Z&EHHH<|N?^DJaERiCkiyr~}bC8gqbspR^<(c43g
zwKuH$tGKr62DakFg_(VXvhPY?h87^t&ax+;kV{*Qb7#By`fas~MLdq1i<|Ry1()Z>
z6uuy}xcp7sGc0|OV`#K9mM6Qu8z6!51Ck+HBFQaxs2ku0s-=y9Exht-i0G<X-<!=J
z!DA}1gHYYXOm=wo05r0vyD~BNiS!X(8Tke!IfXfkKl6X`f9JS}lKHTPxCL|PxsGG4
zu($7Iz)~d);`!8`7l%YXxIehXI?AwzgIl!0{Z45@f+GnD1#v3EWI-!3&_V1@e`@fv
zua&B0t!qkBnsk9|e`3wXYuEG}6Th1a4Ug`n20Ubgm6YFpajeHs&gZlEP>z=ME$PR3
zXBg`H$U($=?gcqBvsI}a3<#H(PvUf$O=E_tS^oyYWp?*cfw`<(PrHHDIEzJ`xZE$n
zXwz!blhoc$6mB_32L!xxIA>5vsbc<NZqlVc3Vvlr79zQ4uUG?3_QSoE<RQ(7UlY$=
z4<yNR5Z7w#ora)d!^#ff9qMshxkm2Fy^hm^wW8R?oJ{rgp>aTjuY8bq%{f|{u6zJ%
z%*gN60wk7W6sGfET-ki-*B>!wY|GKKn^!jwDicog<nEko(<I>8ZeLr?#H4+b<?Phr
zAOt1v8Fa^#<P(?0<7s>;1$~N=gbK0J_xQDmwvrx<>CR3v`)hp_Zgwb7Paii^-U^%a
z`0Fsr&+)IX=@_{(sr2jF9EwRj2gaKI7Km=MCL`SkXQlcnn%w!F8&N@a26(No-Ao$Q
z<=WrnFK>r=QM+e|&;9CET`#8joF?N+jA-r@NEN^-@vu|P5kahMHsWR!t5Sm5+Ceu;
zM!mDtsc=qg#WU8CV8da(Au>0sh97sd&PS$w#wUIujxJ#?P_j}k*nSwdSx({i>J`!n
zg?g?(<h8EzN_M>Ogl4NE#;N$8$iDZ--NL)qx&&_;Ct^<C;~&3^7u0VlO!iqsiC)VU
z3zv`i@lR~7d6|^t5G4OQ!d9^t#>_D~)NT-MH&dJxS=AqVvM7U|R*8-coq1P;+pjsV
zxTw2|i<3SHvz9lX94>Ug)gEj5xsG!Y(&I}o{r-lHMphk7-2uLUb`oAaG9nC4?e3IA
z=w``0)1*l^#<KKl#-f9nua4Ne!tL;tkBWL4egyoXrj|W60?B(~7j?9uVbRg}<pUOg
zkpxfZ3<}S1O5l}vx148k`n+2;1092S<T_^2ef<di5+Sh=Kfe^d6eS(|4|s+dqoKvF
zXpF-0<or40_&7BV9%3o^e>7M7#n(*F=~B!NdzMfp;fq$zZw7{fMO^dFYd8+IWIVW>
z3kx^=n8=|UwB7!bLkWzF$EFL~Rqm=qvb0huJfz#Tec|}|gXdQUslD+s$shZ=UF}}n
z*%kc#E->ieK+=|D@!&`J`gYLkulLTlrJ!6#rNBl00OTSmL+)nl!nJpNu{-(|s+SIa
zd)xV#UDX=QBa6=<IOR)1LLay9J8yl;LQ($IF(UFYB(p=LA25B95Ll%>J#;FBg`%2I
z#@&#A^EpxR?*Z-AF(!p}$X-0(7RP|)c{uJ!j@+Lai8)h(%=x$ZyT&(W?!y+E(Q(LV
zXcTXsQ7-a^`=BD3YB-mji@ot|GzLP(@`<hT=3mzlWyg8BE1VSEAppWGc^n-Q%QE^m
z#QI{$PrXpnb>-UXy2q~B!U!EugfFf4-g>I*$~OnH$`?1vTB-$i;hGfrw?rRGU>wsE
z_oGt}Ylq5%rV!C+e<2N%qH~NfS{ouQ8ESmJPCUHr=4?{6X2pr8J1M6)cN(YV!wbgP
z{a6d>bO|K-1c^`vir=rj{^Jr&4EtXYy6{0`VsDlFT1PlHmJFTYB<Dms>n)zF6-Z1a
z{*+to$25V`p@n~ZhXe>WR$kSAD5>V2ACf*WgtU{GZmUx#0SPk@42z0tyDv)G$QddO
zGkpo_TDUea%4P0)b#X=*vYkGb7XBcmGgADSSl6ehKia~KyA3o(Q$>^is4O`Eb0$*F
zoKG7&>TEIPdCpz4^=H3R?amtM6uUTO8?l}oaJW3qkVtOf8N;>~+?R>U@7^}u<Bcv8
zPhV(k;Rze7VdQd>O*EN~n~L1<^+%S53X^dAlaWHk%T*ZbGD6TgG8K;PybHmk!EK8t
zheECJCAZ8oM+9Mu#H;Q^f)l$Ai$(DVgp~9VMr&!OeovMQjJ7G&%OnAkz=!Jm$*zJV
zKCk?XKO^L3a{A=<pTey{^CzU^y$`CGh>C4BC=Pj<UH6nPXs0`6N+UHj2v1-OUOn2$
z`Ct2Q^B~Xn$?|P8{R0uM1O99Y&r?&?ct20eMS|z$0&USVDHY+*4@G~y?-65{KCUNq
zpyS(Y_xj%ySgiP)WmxN}Yskb8d^h<L5z9WPTcPl?fdvJ=C=m_*nPjx{IJm|%jGC$|
zf27lFu$QW|SRM7cw9QX6BBPjIDxe~Q6S;ytO_u5o;~XuOr172+0!9a`_K6NhSj)dy
zHC0)*b}_1SNx>*iN?@wWG?C{XyQnId+v88H1sm;Dd>ul>xsy}e|1ihSPEpQg%}E9c
zF3`uJpjHY)Vi9mx6mCxuvn3&sI=!nj@e9+)2>yaQi_M-KkRmNpY(AbY^T&bWM)`&_
z(B|t_OPMZ+G0FWi77s$tF>Q(OzHmWdX!ouwO||H8o_zIOTcImjJnJB%uLlxDlqVAm
zuWkZO%D4Mq;<V<djs?3fYhgMiplw2NU-rmD;<t^H<lemhg=8<#JZ2{Qj5dL28Vr&w
zYWg8XM>FfY!{cj;sy}{)>7o<B#5zV^#pH!nc16&}BTrYn6<Y#$N#xqaZ6xEoe0z^p
zz?Z3c>4QqxR@-*ZgLLY2p4x06UMLc%El?|9;`4r<0#0ef<DZm|jEqTl`C2eKrK*V?
zvd$YUs8nYf>UDdGAT&$OMzsk}!0{akh19=P*tkKHcVMSnEqR!ApuDZ0yIkkWIIM~z
zfg(%GYZ>)J2k}WW?gWv%$bEM7?k_23)>GUr1>1b{zJ3{3V`8DhRzm+hx`L2HR-z4U
zdu>DoS{Mi+Cjme9)y<xb#loLK?}o@nfv2qwG!h~hr9tDe=-vtwnstorPbk3~=OAv`
zRJKN0rS;pAU50>Y?a=QY=!V(Ss2PU&OzuBRr#f4Fu-Z>?VUX2Fpz^XldyZ&jK}!u{
zVJPa3$HF)kGpuGGgzR2P3d}`ukUFaSrbBrgs+X!a82&I}&YSIqFuWIR%yf?0?43aA
z=}NTznJbbQnM2JWCQ{n{mo{!XTDESHajHcU`wJG!S@@KE&FxuvoJ1+Tk2`Y<jK{f%
z-rQI)!(?H+IXrQjOnv<>Xa{VMjC37}ibzyOf8&-?vnXk*mU!u#P%a+gCGrAD(Fz$F
ztahpmexl{5*~GhvH5HH61xdIsDp8<g%<1fzvCVB8TZu&kW_;{5Fh!*wo&p$oeZvFB
zXXMLmV`dq7rhQqce#AecH?#SAoRiOtH5$#d`Q6e9xo(PRcO>i^or}jB9hHILfUzW`
zGG^(*q?6Us<1#1pb6IOWp25V%0TP_x%nYW#T$VZw*r3Z=`zEV!H^}19AU>2@Z`ycH
zIIf0owlt?ES3C8yTb~3Q!oO9<HpXWDxeJL(_v2X&a(!NAEOoBI73ZZk7>0}l?tKQ2
z%?WL)2bLfyUZsW3*VCb+ffseSTJlF7d)~->mPJ+gf#fOMRb^^tv>qQ$>C5uVOZn#>
z7{_h(Ys790!gs`pc?%p!DjRiqvV4<Jc1b?5dM!)brS|)%gzjycSnN#thVpl<VN{4y
z16SM04+AEx6;zE*E)#Vz<T^_{`dqTJ+dQ6zuZ`v06aB_@@1cfP!f<o&>yM}2_8}!O
z<k&iEr{$Vfuk<kps9Wo*h+d`S(nDBm>p(=lYNOp+<oH7Ys>5lu)sc^%@$Kn@=vMhf
z;!X4GInm8b!4Z#hx(qaSWNg<Bf3|$Ip1HMVhN!WMG2rp*%=+JYUer?}bi0xAcpb}A
zvGfY~zOeIv&ea6MCA;33^sP3ZE37v5$Fse71a;6zWaf)bMAvN~YwY_HzI~e;(Iy!f
zzO3Fmy{*yYr2E3rQ%Bg-WxajDdyHJ4)|IIHL%nnm`BEx27yEGdiq#hnn))Loy--x?
zFD#X1epLHf4pj^vE07RF+nPoKIP%lTB}3_6v!iQR`CIR6Hy1SiO6(LZ+I4q~!wRd1
z=IUKd{5@bdR%KBzIWu^v<<~bkt9&nsNa|HwI+?gWa6TWZn{HHM8J+i~MU{KD&)bXm
zHQsR=Sli?HwAy3&lb=%^gRs1>J(&$o7@A)-K6DYQ>{AOe{I}mD%X#KQR!FVvACj3T
z*l^y_!SDDqnNyAd)3FGn$0bS4$GWQ7-a6+5hZa(P*y{!e*^&!bXoYK;GwCE~R!5WS
z$pZ%0+P+k=><oQW$bi<a^2Ie!zY`Z(T@+0ju~>?t>za@Z4G~Lc8#5g_m6(L{Zr{HB
z$dtDfeZ{@jDb~%9^B{DB@2MHQjVWc0@ww;MALmc8lYKfasq+$;oLSl~#)t)KVX8-i
z){}G^XGBYKWS5+zxr-(aWaJXHus)ZO70u(!z1-wp7M5t{$6xNMcZ-%@*Cc``LW5M2
zof|_IJBk8{*`WOH*I`=~V@$+VwcwQNwE_!Gp+gPJYhUYg+l5b<G5#Z7&J^CzPmSyG
z@6b7MnFk=$ud+*d(hX@;45}wptczbI2=IT<R_|*&EPhQ(82wVaqO8#s6eU^Q(o>?{
zj7DUin=E&fDs>?GUOsf~x5yvkk*<dw3oAh*(Y`GP<apnooHd427dylopYmdy<k^Kt
z=9>$XgoHy1OEGV&FLP?ZHnANYhw=(_U&`HOmHuJSA5Pb&Cb+=5nL$#WcKtmhHM_px
zg9rb-eW4g%3O~j!*9jfYYM7805kmND>-_atAI>WgV<IW3p|^(DBr-ESCUO1M^3m9E
z1S!RnrK;$QK&*nv8(D27%Mp#c&@%SPlksndb+hxrHNCRen+vx?t4-C}sd@b8;>@&x
zlE?+ZAO32{1!=^&|K2&jsx2#g-d&1i1A#8nDP-dF6#q7UnFbUU`c`j?AvlaaBlmQS
zd(Ohq8<E|PO1j+-y}p=hOG%c667_ua#kab0tBMuBX7z>n=mPzB@s1^hh=dV9@nqU>
zC%yGFXF*Y^LUYB+WE%bSocg*?+zxYd70t|D!F<o$&}FfV1PvE!#C#G%+WJN+E!DAw
zL9<R&8;bz~uGe{PtJf<hdCyGvW3qal#jtQ08ztch-f5N2R%v^Ku3O=ev|O`s0)Dse
z>HU@06~8Gk0I0_x+9c{uz1p>qdQz#eM4<KY0x{-=pYO(=`KP3fd9%Iw;8i(<A5a|^
zC~6Y*P@t2EDf=oSaz(^XuCt0irOlkr(P5;Vj`9pm(s<taz1OL-={~3e;G~6%=~DRu
z2Yg8?MKe^jZhgP9$J)eJ&zP?uo0m%Y@-i(N0lqV2Ed#g8+<C=7kE%Md&^mdzvP|)D
zE07Sxh^xmNg+iqD#MvH9E76d@p^mS$uy47bz4nfHOyhYES()R70<F|_{-e=^v!M14
z>x>9}u1VLb11iBn{~A;Dsn6rzCr!i?O#5SZnWiaHEqt2B*%;43za6$A%gK`hrA$8b
zIff$gZ)iFj?k%NPKAJcFqS-gl$$9)G)Z6dpbMcja<a|OcZk_~Xf+r&u8@ZXdXzTE0
z#r1A)Le`w2Mmf4wuZ>3~Bsy9xX2WZ#f~0o>zs*5jY`m?ho6-V4f)b(Vh}tn7OzIW(
zVQ+mJ5^=G^ML<Q5N`n(`(%(gAUc_6#Fm^WX24t;dS;F#>xP<fU3#YhdbldYr<LkhZ
zq#nL_=3-xaE~x3bj*ih~u@jUdr3uF|aMnuBKfEL)LL%YbAS`ClqG`2dc*d_1cKWrk
z=l2OYz5hKuh3}E7D|G(Uu;Bi%v7g_-Ghuf^G@!rr5ON_MI;~Ix&Mz{<xgbJ{s#l;p
zTtGh=z0tD2&8ahAa@2B2(2|tc|B{eAWO;Gx-BhZx!QqldUG!Htb3}H?Ai(X=V73xf
zQ<&RNL0h2B>Cf7yKgntOohv0U;sV@PWSZ=|v@;W(Fa-4o`uWdpbuSn`@H<sLZkuq*
z5n_N_u<*+a7Vsm(QIE=<AsZ(4f}cpgQ_=uE-_~l0l$hI38Z+^dJ<_%uzV`Ja%0@t0
zRPC-P8e+Firn}T6-{vWzL8aJ_kF|DJyRlYxP~$#s(YPdGA<e&_ILxsDXvflB$s9&N
zkg0pNnNT3tj{YP2d=To&I8OF+Z^j!*0h8iwo2vJb1gEng>^%vTSnDJzjJaLaUkdml
z!Qq$GX$L3`ZIdyj<B%}H@$HHit5C>OH5w7D!eWv-v%44MP&M51CoX74C0okm!RJw{
zjI97gr4GIP_(AXK2I|=G!ZcW)B|nJ>%aKv{W&NzfSX-H%y`b+;u6Hak-;dt>F(VZ_
zS|w_7j%V`)+tcZmd<{oEj_hR*nI>x-A!-@w5`g0V_JSULInQT7t3JwRrmrt{3#0q4
z2KRZX^_1J7%upBd!AlFTT{+CFo?P%D&#zE}fl0qT?=|9Xl~S_4)LDm6NGtkbFp&35
zP6VRQw8}TB6njkHJIg<3vQ5#7?TlRED_14usNW?=Zqo}o8`!<CraoCr5s{Y<vMiNM
zG}#RYS|s_y`C?Hns@wR2eQF!JHtdw^+8WpW;nU>t<j&gjLU;xZ?K@*%#AfRCU2w-y
zytlk1wF2y7Uk_V$Haxt8Ex*uXO7SUp0m2yg<n<dO=sS_pw#Q)F4Sf-%TuPGr#?|Lt
zmn$-BW8ikTI)34vr170-FdoON{Ls#g9}s0^lfH#PY=#f$;%|-FC1Q3rOa7XdMG-Nh
z5iDw4tI>H`k9O(2#N9Rt+x|vZB!C@EI67kbX<i{gtXNl`>Xh^9xl4p|Mc;;FtNKKU
zKj#6aEAQ{jtU{+WF<iMO`b=+%PV8gW(~E4KxX2S#7){+aIY6@3%Z#S3xmLM4^%~`^
zk154C2bOuQvh{Rsael_cEE874tKgHdHxQjOtw?;}K!ArR;=7j9J$3%;ncyNX9x-FQ
zN~Ljzj|P2+vLRb-hQj8*4!1J8A}hv#!@-BIwT&CUSD16@ha$0rRGgESN74I?cKmUf
z;lAL`o(nn@P7{d$dpU0)wYho0%NwpcZGt+!ee0G{CsF;9fy%$UG7j5Ae!o`kvMk_5
z(exUON}0_W({C;0t}HdC5}Z<~UseU_dE9;twsIU|3M3#IqjFb9A_MLFwc)X3kPlTh
zh<H;C&3r+^(9sPV5Nm(?P=zP%W^{qe6}0#L{KCY9PN*-c+M2=5iU^O_EMpdwY0F_e
zp3V?8V(Q3>M=iv$lh6Da!qn@U6c9)@2*ByylJk@Z1NN3SQ0polQO47I@OhK|92{Ie
z&KwRFad_{uoEe(N8OG5TX{{Q@kr8^<%A47GWU|knxMhBkMXzgGObk7zuxj0}yl38K
z$8ke{nYi}tBCdF0<&#fu?M73ZmMuQH0`-bUz+~m#tbvsuAv<N-M}l%t{gG8F(%T`H
z4s1-0(Ve>ttHh3d!toT7g3+|jFOzON!_`ULX3X*ZczzrS=99s{6E0=yeFg$-#JcdS
zbboi0zg|fmejG0_ahYs#2;(?L$Bzx(w)GvwOv`92SpVxP!`j9@s0*|150;O8OC@JZ
zOpZmjbQ<tA#yaEG4P7RL$<uW?FW$FHv$Zn8d^zvgy^h=uKBIuHP2LC!wjPeU(4bsN
zsbU-G;c?>@TBoX|>Ah#T^I|6*__eglb+>{LcCuxzc&wlfnd~z>Bvg0G>A^Ja+jDLG
z-?IRGRwGL8>)`j#!1EVUBu>~JK3jEmQ69cE(3GN|P*$jP%h9j$AS*Z?v)<Cb8}VYx
z)RArB1iw~Wi|N*~xjX@%rxlm01};}Vm=jp67+<U7<MDHhFg{#N!qcUM8kq*}$NiD$
zOllR)A9+aAu4#2jq~9fo)qimr-{J9GHi;H)+V?9@3uma#Ece%^OWdP1@9x<iYpKTZ
zNsaX&7`V3LIdAtf5NL6pXC*;Xqy7Ho8KBp#R<;63_KrSWBpa&`<QQZ)3FC^@&sNfj
zh-0LnuXQ1P6(dPP$s_N8VzNfYAH6k`!tCQlu_=ML?{CgSMuoa|SB2m-FLSU*RZT}b
z<8MsBW(|KfPLtXBCeh!P*%JzpxI8)Rmian5yqmHcXL5MKENN)nj@Y+;9J@VA@rRnU
zXD2|kv1=A7y2Enmw;wt`={!nNPX3`-%z!*eV}xb$<(-Adc$}&FH*v?7upS!fJL)Y0
z-W&^&uj<WR4h(n4t0SMXRgX0`1--0sD5BKr%ZDHrA&5FZ8b-X^!OQa4JFUl-*IV}3
zH+HH$qS<GDx>EF(gov3^V~jxVto_~rBDJ>pP;(7S@SUX>AvZf*{Z|=2pI^Z~Jy>wp
zcFJByFO29ehD3?7Nu`e$b7Ibl0isX#b%YgyQmWa<dup6X*N-jPLv-=q1ZwjiCa@j;
zKtXddPVjU{l$-9HwPXEMQ0iF%H1^eEsR=E*L3c`I?fBOF%?GDnaI@#`P+?JKwTjk{
zbe5_>5*EH!YwZZ68qYQ-G1%%oay8><JLqocLSWIkLz87|lo3(5e>-kd?`-MDl6sp7
zcg0qVz>>|^RB5)GKlm9j+}YrRol-0bC(p)3^UCZHjP!L!?yuoFt;iZ*?n|70T4w)X
zv7aX2Pb<EF!NkRwBXL4rx%SZ+>y@IPRD}Y=W-4e>5y$rSrTsiEL!JKJRqli->Zic_
zJoyy2GbQS%8wV72YhU{)EFr%)z4bx)o!6)nNGuf}K8g4^ZRhr{&s+?|r{BGL7lpsN
z4!Q9Ta*ld^vp1qZ5Fx`~!K7=p)>?hO-7NJR7(*FT3eK&KnyP9~>1qApZNU*0WZDPz
z$0r@PNL(#fO8T5MbZd=sF;wQws-GHygTZgj-2<l!`RRtTxj-l?CLgvwWU;Z=GxD`1
zc6pylu67fa*_DbnIDf-$u~5vh@#z*_NG6+rfrMr7zh3oxvMRUvjtfyTRlZERXoPpZ
z*H;0S1i7d$NuPVX-H-_)ic{RvQw(!V)*7t|OQbgkj0Hn-+IjYmMj_OE&OfijJ;W68
zpL`ciSx=KYM1mh~g=E!UD!L7iPTS~~%`Y-0<%uMIX#kCXCP}P&(6wrZG2R^Av0mIU
zFXPf=nV2|izp?p<j(DO{?&ny&{^m*CxUbHO$~&g5?Cu8we3DrWll9*y#;V1oB2#(s
z(=_?JIKx;UQ*<5Rbgg^Fdy6%?m#QEQac*Uk)W_*O%B{UjJ~m%0?z(a}vBQ>XA%;#0
ziv?`$#7#}A(tOyPba2pCxqJRhE*PO~n&t5CWN)V}RTb&ql*VPisaiO6Tezj|?@>7C
zc9_*xYf^-#DYi7q4-?(0I*(*-9}!Yd+dg*Jt~xoZ4PFd4<80aWANH-l@73##HmI8?
z<O;4!1c7PkjyOEqXN(r(Y(GxR?a|4XoZSz{du4N3$&dPUb|@4eq6DPW-g!BF-Xo`9
ziqcZ3_CLjTOnsQn>;JQh&g{b$AyZGE17WQC)2PV7W%0KFY7>t5@5I5LVP2j(Q{{QD
z$;&9<)yb$NDqFN6KbK`^$pvY}b7AeMc|~Q=55tl|>g<7P`p}ydgI3EEySnv8hB&GQ
z9QsiQP{{VTS96gztv(u57eqkke2vCQnvhH%kS+=AX>Vnx--purE;EV)bjmuw0H3<L
z&DdFwlIr5D;%_iN5ei*LL{45@ztmdh^Aa3<);VPzw_KGG=t)sg3$9MOeu#qk(qsoq
zFDMyVbj^+_!_TJVJinYAOT0Ys`FcUd+p@o`z=;N)%+CwI8l~9rSMSZyN}50M7+2~~
zkb`(+X$(>{Fq#J1v9pL@5gcjXxyEaIGEQ0D{M-u>L2t7=tsH=m^Kr5g+3N`H`#a$e
z`ulDQ4{q5fVM%YLx7CA#0mSyXD3VD|MI_IbZ0PX^&u!A#3ht?m$}3C1YyNL8Y!sWu
z75u}?xG@1O#=&ANOUCDQh66qxUP+3=%dJ?FL4$BkH|>5Kpnws|m)H_JM_ABbiOm;H
z+Oi$*aLt1anJ+)_pe}Rg3FJ*8CA)&%RjQ^xO<=hVe4^-I^ndgAT_-KAdIFO80HagO
z7nZgT^s28TGK*D&_I*@4t-gN-`8ZOUSDV~U*G<-(Uz-T|l3}xXC?Ua<X&;Tti=98<
zy@<)Krc18HCB#c=t`rQiu1**w&q!*RSFP1xEKuQ^3mynFYvd-G86OVy%(n)HF1WWS
z#<|4x)r|Rhh@_pDQ>1<L-MHnRzR`85LqgBCtx}%iBjlDe`^7+KWgG?^0C%N?PFBxl
z_B-rYriYn>sl}7yPX<OwWTstDYf|C0Slmo@$Z71{E;ON{B5(sLJRQc(6OYfUm_kg#
zO#f#-F8=@JLAu6y7y_+p_e3&&z%u2=-($naMo@1;3)tneXC$>J#4$mtfI^6(+}XEr
z8UBKd1R0Brtf&Et<xw2G^s6XNQLjFFrQWuWfz5%}mb9gfnWk$?M?y+!WA=N<=@Zp$
zfakt!SRl0!CWClaQvSQ;yp4+tz3=iojkTn_)%}jc&n@yb^ZxNqEvDu*#;@>%64-@(
zF89=GBqMuM3dAWH&n<%n(h-t41PJc9-=EEO=}xS)Kww@7ytb>sz_Wjx@qt<AgsKeY
zs1!jc>4y{s?k<uwn^BQ+hTuz7m;ny-*7Rg{2-w>Hg@smgFK-BcHoA9#LA6^J2Biv-
zfq};yS?JT$_)Ru{@6d5N0!jy_GiT!rOn0|1s*O##!Yws@<C^#AZ_;qU4lgJ@GICl*
zTzWnGs%k25gTJ;5rfJRb-E`Z`4+h2J-~#1FYNjYu$ter@q(0gC!{89I?ow@Bqq^W8
zXrMLtH^vXsso|>CNvuP*mBz>2+@?nvVgvW2g=#6OEs1C<R%39-S<msPRdKU(#Q{?M
z@!ty2yi@#ZE4-34U`BInQWb@cLigd-!`z)<)pbncyS8GtGD4<RFM<qD*Cek^WrO8j
zGcYUQ{5GJuuAfC!`vkX(*5Itgg08;5#~IZ)52Mbb%2rJHN!<U)b>b{FR6F&#URRt}
z0dLrWo}Dl`4~d>({H7oJo>`uX8_|v{O|>56HFQyt0}HnSIQIIlzHC=-ke5)peVX=B
z*6;RM`F1s0t#0443X`IBQD)HH;>9j|*znq4X*h?E#A|REOk8C^6kW`ijwp%oN@nWI
z!^=z8N?)ID7h4sVQ0obr_57^tU<23cO0hGinIye~o%waQzoxn_HyHDTUuIJl8@0f!
zRVwxtb6J`hCTRC{tRQ%JNp#|0;B@n?yxIXBD~{kF_vKnBd(Qf>0%hWwsmR_}03r1U
zcy;&+HHXzra>A`x)gVmJrKF?)k<It2XxqX6pYBKF>1gqd+n-Tx;n?KQ*bnuYxr}0l
zPZ#qO>(~ulS^{5lWeQi-(b5~i&PzIw7$>i~Ihde&cwNkc7mefOj$X|sfCbeg|LVy@
zILLnDt$3ZnlD?Vc?fsHjPqB1i|1TuP<)~wL`ii1hbQ&~4d}9yq32oYnn6EK1y`gW&
zdDzIGi`~fzOb<jxr;Ew?L~A(oyI048&6Ycb=r?m}=ar&EyqIZ(G?OUuBo0K_*Zkr5
zR!^Z?otjUx(s5Z0YX`M0P0fMA>4&vC22xwGumyaUc0dr&Tz0O^n9PNpx%50A0=u0h
zm@G+HkwN#M&1ufBA0V;7C7wYSfs;)sYx_PV9P1wqo#GYcnz0T}P<*7^QN5d}-!&K}
zc@Uvk{<o<Xv*Ezx9|>82MEO6B%C5GAiVX>XqH|>H+e-{`!2)bfhvr})!Y@j1H$1oe
z`cQ`I*^aT;JgP#cZVjlR%?<YJM69yHl0>z_8S3-6R~0E|pm7(cDt<`7(nI->l`B;^
ztAUp8W4;?fUF9%le_eT%Nhz)5eiz5Sh)Fr7<+*J6k35FrwhqGLBQ4myQL%YJUdom&
z&7|bw+Dpu8DQ5uyjy)Kt=Je=SWU{~a*d)1UFQ`dLjd7$ImndW#cb0b`TZ`AEL{1C8
z>r%HqGCnk4T3&!XLUBgoY3t^-;6B6-;h4MU<c3zjsCCIFAZpA&H3PP%bDqpB8{-(0
z358?;1>{f%>o4$o^6T%8@PneKX&fT3i$@dJ4Q!q4{&DE$w)ciLknh^%R<>qJ&TyUT
z<w^i$%Sf_Z4j`WJ=D>Q7-`!lsJij&n1mXh#K##;EFCm9;?A_+Tz(`~)@+?YOsjZPa
zvB)&2VfKg$t;YmIRCPgj!!sFs(+G^0_NN*^#uR|`Joh1kvJV5_2EcGF`57*ouMM&?
zUI|^Wo!Pc$kE|6_(*3u)y1x!2jVD~7sK~dP!A06E&sHeL&sQC2?K}_|vpUWK3f6XW
zAe=3(vUL%dmZsGLHR6aAN#;x2W-*Q@3l`zC*3Djfy8(~tc>8P>v7lB+W#_j&13XS&
z4~N3`pS<T{z98+Oo+W_QtCi9HzrL8f4mM!?Bn$}#UE5qB0{RIZGJx485;>Zj^{x(v
zJ?N+=Stn`D+BwAI(x9E(H7Rl;HUWlZsL(_+;BOZyz~9n3M>?u3XB8=g{N`cI_z`5h
z_Hr$FIO`;Lpqhe6IT2y?m(-#t!^S+IsNNd=h`yn!iC!2z?QWbx)igTv$xSr-r?P3n
zt~s#yFYP|Ra4adrQoN-LkPx2(To%?Lj$&NS35r5B@Ta?crW8yDcy~1d(!hTGcy`ZE
z8x8jbx)QC}-r;>ttDLddL`fG;Gf*?xpuopf;3?ZH*SPcv{Gc$oI1MzSDT>9G2<0jG
z$lS>|4=8#--jK)S4W$e`Pi9pAE2Xs5LG}h>_4&gB$chP1sOb<m0ZVXPSpdlJ0a#M1
z_8pY9&$+gy)#uNql-{akJz8{o`U*X4?xt0DYk%bBfAroJ1`wOG+81Xg-S~hAP$|I!
zI&obNSz=*qHNc2)_yDP$zy^(QER{7F6R+e@BruNh#Vq63X}+<*FM<B}tYnl79@z?2
z2Aq8$&$V%%;1$If0Pn7|de=(*LhGbt#vXNmmlRekbns{g%msV~j8Nmbja5y%td~KU
z+6;sZ_Q=zNv|IQlT04$CHz1>s-N9bah3dG;(c}!EQ*|BtTV{Y$sP;cjTl%A%At|R9
zfqbB-flmNfFB~DkH>cL3U8*QJS(HFjG*~V~8$%m+zRHDL0SGEN(tgBY9pMHPI(o=M
z<YSeUEAihDfp;B)FLJh#-ztoRc2_wfg1X3Xhq=Z)QqJM(=54iGkn}+*d&oC9k5w_Q
z5FMZsBLFTWfwTGZ&&NxE2Me9(K}AV+L*d^(^n?TVNsIJ1T(^*yH5!pQfky#oJ+31v
zH0lmODA>eyd_WJJC4fCm12HTK<L6zuydaZ^WD5Trz_65U$lP&Qc`2~kbzOI<^W@nP
zjGkl*NJe&5?!<SP_b8fFSr6EHE4apBDPBbto@rIV{x5{oNL_aupL}ut3z(bOC<KY*
z!t*mY4v1PR@&L$3juVJ$t_Pt6Py9gC!kZ!)EnB|5%(wB@rv`945LWL-Ins=x@B=V8
zmrg&qbNLdCkd_H>Nj|gPh>JT2bs%Jd?%o5x=~tKZ<Ksey^9<$FXgn<~@sK!%>9Nx&
zAe`?nR7JMge_j0>|EE>x?FNpyW{|W3rKoEv$1`VmCG_E6fZUQe9aDQjRKmO~b~|JT
z$o6hut|}+R!OeOz|1oue3kb5ix5b}%EE<8&TYjJJxmg3c0AA`c;sNr7_^j4P!*fPf
zn;38#FlLh8$-V4zr^k)>=YMdtDc$XQ6wl0+D7@CdOV<N1Kc--^V?6%|4deoa%jHfy
zH+1xHoqJkAaFeor05%<qjjo!e1<LZV`MHy}@|Ucx;r#F$<J<eThS7K$T0YZZ*ViUV
zJVkDyMMM)xCPH++BKfBa1Ev6hl9~Xn3lBZ|ry&3^uJ!GDXhI$T+;pXgu3H@gNJ4c-
z`geg|aQ{d^jsuY!<6T$jIpZu!NvW~v`kB+;vmvy*O47PYKk->-&X0CWb-C=n{aYF5
zSUFy>Fxv1HSo!<#kYg?F0|2=aahXRfJx|~Py>D{~Sc^SOR*1_+NbCU>_*h!@n*cRX
zH^7HFC1|dPyn_qi<B9ta-jx6al(CTt9Mw&Fl0TJsUp7#Py7mHIbTu?VC#!q0=XB>-
z00r({-+hncbYdku5dcNWJzYo`*AU3%0JTVpaN`k6yO$p?;LZT(3XR^aHid9dQIB>x
z7y}to>h~WfyE256C0oFc?@PSITk}l8=uwgY%!`1GzX=3@f%G82>IZc|N&Q^LB<Olu
z_0Rvy=)}9=VpzVlRD?p6^^eq#PeL^saybCZ-`&+b_pYjn0xFKe@D;yW8^2Eh^io&`
z_ZJ3>n&1h+MQYY+8UVn#NHOTXTSyiSIXbcZK<`T95P0KIZ!yjZ3Xeo!^_3>yq9xW_
zO{p@iUU*Bd0vJRHMAQoTNt`bLK*3<~a^nJ~dzuH3-dI}1S*I&UkybjJm8@E^1_VF^
z9NfU`O5yR7Dqsitio2S;H?2NJ{}xZp8TW>Nh>7%GrN)6e3V_0<-QIP*?6oSnf<p)%
z-A}&(;%zJf(Psmmz{JbaG7v_zK+e+HOqd+mbRB?p0Y{pk{+GSJDpVm<7pOu}_%i`Z
z2b~~h^S+bZl6W|^nQs~c@c#028~qk4Z&jS=qr{*)&+Cugl0o!u>Ck*zZKU#4@ju4I
zSnqktj4i<EcyEVqUijTNFT5?x`#;<CorSh7I_(51Q!u7bRH#f`Rc%LJe|bf3<BwNy
zSpty8A3|{zpTA6$k)p+Muw6`i4eif(`BD85k)f}zsG&MxuL0`%8A|oz;o9}{i4pMj
zvGtIgHd{d5buV#Hyd*~{W54F}LTTkc)N-6q<f0g4Gm!kPeWk0H+T;+h0gdAbi6Kve
zf7acBPMF=EftbY*`k-A2MGe4fS6dYbp+%r4AU9Z@g@J@q1ZDBD8%D1_{tF3GE$Mr+
z_H;udRc{ZJJO~-}j*>rW2-2_TrfQ$Acs&fpi>~X5x0(V`9k(AkW!j;wNdr4^6sMJ&
z5l2hx18&15pBC#NPjgMcey#f-)W>JFP8Zt%CkhIW`)=v`c|V9Ke%?V5#US7+%=@{g
zuP96q!B@elp*&m?YW#IKBgJloG`tPDzX&L5e54oz<IDYBDU3VB$6+KcrJ1D|87<8e
z9S-i&ZZ&jiZl9q>*ALnk<xW>;`dkn`L}b^^DKauP^-U|B2o7;RkhEWOEvW&N<=SNi
zi?{-oS3-ICZ#ObCH1GYJL9K?Mued^TJ)Q}G^HrpRbIzie6ZT<Vo(VX%(e-W|<OYNc
zAZ#4}+tgS=gjgQ5pQ#_T*{z{NaC5l$>{m*r3U?pwm|4UKAg~lZ>t<oa6ldkqw$~mY
zP&y*Y;u|c@z<8~X|9+USN3Rb+)^Dp;v>gm{o2zlYSow!62?jxI|C{lvviqCwQaF3u
zxVsu5F&sa&@(F>eHvB5xk+=PTtcGsp*G8@}0kEkQ%}ZFQYYd_jf3g4<`i#o8=IB2Q
zM+^smL;m@AJ0(15?l`1JJS(^Gx#kH|_&V-2be6qlYPxKVZ2r;(Mt7+S+yrLmncmu&
z90Iw&1VuA=^RG2sL=EJkdV%YpeAwwAw%ilF+^5*Nq%Cg2g*}owcxhfs_x-P`peN%!
z)U&%upu`H`a;yJ`x^^L)?tTWV;$I!?@<`TD-MhAD{+cNR665lqxcpx9vsI2!6^%fl
z<h8j<Ak81VNLv#m_<BeDFT{_;tDW#R-kMdAa-!;Y1eVuG=GqOlr@>`EPr%Qw9!~c5
zPQCyB|LLNnMa-Y_JRh*<)AVu1-!o&gSM%yEJ57z>_yaKQRuMbcTRe;|M?%HS0ZV%1
zC^%Crbj(7AOc90t3wQ@{;psmOcua70;7f0^gewF<D&^<?CUl@x--t?RU_=kzXvHTD
zG6O#@L+g&7ZGjaaM<+E~&;6X|+%wC?)-=Z_>mJ>AzUb(h5f=a{AN@Jv(Y**L!=)BA
z183b^p7J)*^uY+#BTA4UN#n8!CUeONfPfslwiCg2$e24>FG3nG$yyd%Z0o4ovHyv8
zdiCJs_IaGDW^)>YEpR5Aox@h}>j0_mgJ+c(6h?R@NvBx$2$oMUT$EE`ujSGXool6T
zQK`;pu_|AG7I<@}02I=cMfem<yyWhqa-3unR(sBin4@dS+WY{?x8ld>)eb7yOFJV!
z>3s%Zf*yGn2`Qi5#yNq4YML^?4a>W^cSy+2OjIqP{EX{FI&PtZPCHcmi8^gP>+h9V
z<EAQrPGJQAorHlkA!$9xYLBDXH3ic)bC@Jjz-Frn=2N_&c2Il5f4>0iZHznM@&9gt
zD)@A`f!JAI@hBEgsN5OXsD-$F$r7C0JlsgwERM_48KrlelhS6~6%BuJVo;MZ?cZbF
z<I(UB9B%+{R6S>+Awe_E!Lh=nz^45(h&P0#*+T%N(DnytSJaOUn%+QSM&s434c&Bv
z1;j3L01(=C+)$xFQ2-FO1mq#h<Mgt7((_p_Sp&PMtoMg7A)n4lxGfmHBt$d#unE|j
zn_cbUSwViKu-kYr90gq9UVpgBqAW7PXun|8H}a06_VhOgrwW%0$97Df*NgotG}<0x
z)|?7PRn!Cw-85i(Cs<D-D(W3~#C=1j_2a-tffXS%$GgCP8k1pYqyo9#a<W8VS-|!3
z0iEQ`!uh{~JG{U4>oo9#6bzVGt8>{ZTL-RhR)O2xsoI`#IiH43pmwO6E0xq@AJg0%
zHkS=(5l6tnA5kF?2Vfulv*&x{g8V@`VEZo5?=C+U<O{LY&?+GA%4<BH3*$M!292{m
zuxSOx?DF>VCd@wbiWX>aIRRo6e5kQveay)IdR@E#)Tkx?txiDN*WyX=*i--0V4%`<
zLrmasN-&oGK<Wg4aVWigva_(9CGR^NaL()qnX{<-MVGBFa1~)JiaJ`!1CsY!Y+~0A
z74SC$OuC&xns|-^R1K6r@C{U-aF>UQC68%+-p@&tRq)?DW?kcmEA$N4GEFE&bbvZ{
zi1V$N^nuyPRK1gnK;?}q8B^?3ij9;A_|UkXp&gh$X>k*B0u)=-@{wZ;eOnbR$uMf{
z6u)g8-F7F1)i216l%N4ywd?yzVzt_JGDhmhq}Y0t>I|@{-4wMm86WPZ-{Fm*dk5e=
zFRNf_x}@wv_5hQc0vBs!hNXJHcg<=L2kxpJj$s#iLF6mfBm!{{e4`cZnAa6dm-hr^
z{+n(G8%1l`wN2^QI0@TBsUV=beh+lUT%ONtvR3>svW;_wx*YhbU+8!E<+}3(){qk(
z8R3Zci`_tnp{Dm8qK=N7NsC)k@RIK@F)1A0r~HKS^nw#(cOuqJ5dG{p=rsMfaM|1-
z$WjXIFE?@JXU)oFJ6&BU1!qkjNG~5mYp0MB>tqt3@3W12qfayPvvPkr-dZqX=Gp+@
zrE{lmq*??b8lYm~K-Irx;sWFOGNsAmcRpRhWLH#5F{Oz1cY&T&`}w;kHscXM(E0Hs
zY3?x!)jNO~((rfiYGr7=yOMmcyIUgyIUPUC7F9ABOb1yO7;nzj3uGoL6{asdyl&-g
z+^OvIxuormAj3!flu2m&UIF4nlBNsh`Ay>ncVQ5U2<Yzb3k`UwICVl2_!O{=Wyh}&
z*HjW%hM=F7ohzkcH5gN65x(&DApCN7ZCCggP4V2n4ar6QXs&-i{#vx+?b+0wAD<<r
zU9s5U;__AETBoaF!No%>U)koSDv-MawO>^9vD;W~_7}sIAdq}sP;?1CnSho2y~Cq#
zME-BqP6P(ogwqXfWmd+Qy%k-0Q?E$gET+nfkrPOu30ADi%9w?1qRMgvBQxmY2XwCp
zkNnb(SbG@u3V2}HjwhZYd!mYHftS5BSi15dQHOs9M>nr;W;z%40^u8FPtI8s$b?+^
zaTEdTd7NDzvNKQC-JL3VWP>?u7SN@-9%KIZEWmE4_2;xlpf{GpQ&qZma$A$P23ctt
ziFf^Qrx7p+HvlIFhK9^E!z1W^y0z3myj2*~V;mk>`ROk2oVUy#AIS0MooK8xzHBZ!
zeKmX7-?|a^LE{l~k~ivkYQ4WWsmjmSv_4M$$+;%}y@0(^ySU67XO-Fs9IfZzlrq~o
z?MFgD-8c?3b%yu<@$4`L!?>}CqcFIz#};p?!%J$&-z*jW7?kaCERm7nsu^_nO?wcY
z-}ZoA`CDO0@KKSYka+S94X)nao9}cl-$~=*nj(>#$+{D|i^)K^BZZ?aWk^7}$P`j9
zTo5q6O`^4h5uqYU_|UZNKG1#mAR#C5XHLwz?Z(5UWPJ<9l&O@w+iF+tPawL((c7Yr
zGoywHj4u*gFkP8j?XT+*n*@0ZJU8HJpqaj?=kNaRQ#4i<dt>H8Bz3>V)hvx|=-@D)
zy+6VrQ1jN)MB@jFv9%^;le(#-ypRdTPa)!A9+Km)9Ixi_J;-&uS>7-S%*ZP-K?k$v
zdh)*e_F;;tV7w{)h)qbqml9H4HqfNSBDZoG!$s_N@P2+-HHu<O>Ux7|{_bG>>(i3*
z-%+~#)9zBiM&DoYv<HI)hV%f-TYnX6<Q`4a4g}+VRC(jt-8XC(O#3IQ-`v2T2Z)|)
z-1t0=m>TZz$)fMRpQ}pNRMYVHh42lI<&2FoRaK!)Y~${!2kYk%C-gRc_=tWI)_G>Z
zK}6i*D#A>iFCs9Trj5I=5%iXS6{$Atp*``TMDNd9JSPj;D%Hzf0<B`T@!34@Q7UsI
zZ9!R8B1DGwXc*xB3r)E8?<q8b6#1&xT#o24)lRn)0-=GZ%fMB|%TlO@#ox3;mc5-M
z_gs)Mdev)Z=bLYb%XdgCBI+Kg$d=~jJ?Yhm-es~WLofZXR#$E<5sUD<yLtNwNjfWn
zP?oH?<`?3XcUyIHEERtRGIH>;1fw&v*Az8URK2xw&BhFGS^V?1D<)0owG?tO56b`&
z2SJ1(%9OUki+bdGFy|&Q>Pfk9lsZP1xP<4pKqeJ&_r!>z=SpDf1#i*zpG^&eOc+`{
zJ{n7hDZGXUvnkzS8cKS*zS3Ceuzq>4lB%66{;~E-QbpF9Jo!62JE4iG|Mggo)oX(F
z%@E%+%PH>qqTJ6_yN~XZ(5B+zoW!@he;&wnX(CXxN_X>3rWJo{MD|zh;R!Yyd7w)^
zH7pSByat=PxsGzM`*Z%pz`4fcVNR>!{X?;+K=1ePzi7J3u&TPI4M=whsHBq8-5?>|
z-6bjA4N4;=(%qecNO!k*q`SMjzjdDX`hI!g*?XNeGxyAzxo7r1b&iB+cF}Pp*ng6$
z>3sdYo!wSZAqgwy_0dI;VQ2Mz?5KR8xf$MOhpB<8XT<oa0>))G^p&)Y7vHC<#~-yX
z+*JaC4KN=RUE!Qx->{(js<@&~Xi>K#$y!*RUbeGsU~VNyoI-Y0ihHSB5cm~kQ3y0C
z<BaIPpAGA{$+sK2qC>16ce27gHpWXoA;0KpyT<H)evIBDs?*rm?!KeY_h3GUDTwl*
z4^6mk?=Hri=AJu8Gk#4|-&u5BtY9qEdK`i?UaCM5d2+aHG_6^x%JD5LppPX6wp>8h
zVEbC1BZoh(iNiWbt?Tb#CivRwvp17Ca+0Xk25(7k*(=EEBA;8`qxQxjfpDJOzV>+p
zM#brfXgLTNg+{JZ>uz)%e2uPL7mb>(-w^8>cjXsw9uT=R4mGRb(5sC!505L!FW$x(
zp(Qn1(99o^R`G?DNWo4erO<TIAi1okDOva_a9tUgq>&m*wVzam7^otPnWcZd&CAaJ
z;EH>`!+~q(FYAh$)79kPRrRcqv6gyp`ldr*8;5~sk)@eSbKzBQ#i6{TP%{h8ES}A(
zDXLEiLELcyT=~y1$tStNTLuNjJ2lt%<@|cvPORy=72&~q^4Xhxe}c!1cq8LQU=`Gp
z-nk`m1T71(%r7l2GmYY|Klu3fCNn&b);*4Y;hACZ<lc`jv8x31nwjF-bUG>a)p$NQ
z49Utl>?7bIlM1CWRXxkPq8r2AXL_bPTWh=@Ra)B`3NaSEZCHWdjyQ|obok|LG!A*D
zV#_Y5K^NsnJ!4B2ey#FJorX2^WQk>yeUdKdl@Aw!f{k)UuEtnHy>aF>NlVg-w1VTh
z4c;8TFSb71CRfUuI~&SxBa~%7MudiM?)9YNPlslctU=Pye^Gzn4lLBl4qjfP?|0*l
z!(9~}YdSqfyi7_s@w{+v;o3u)R1UKAKzh=AhSM`1AA09Uj4EZEsL0#6-Rg0f|HfOk
zqn|Np*S03C#(6EURsObVVC#qbrB!OzkHp|4A;WMqv`?+tDYlY7ZRzx1)Fk8Rd{Hc6
zCnLTlUqU1ntWAEY7Wodwt(<pF(nksvt5Neq<GYBMoA0DQx?IM+4*W0ds1dXtjw)kT
zv$(~!UQJ3@(vDIk-#%TR891r_SeN<I$4~QV@Clx-a}C#tB{BH@*id}IANBM!MC{w?
zS)PVrZf@nl&c(oi_OZT3t1mgzf-fgyZ{0CgX8*oBP!zV^sk1(tjXstd9#$a{3k#`l
ze?l@b%lD}LCzQ4;w5c=~#I4AKgX0*jE{K<MwANE!f@!4MBepnpqI!HYB;1PYIgl6h
z)b`QegG+ZR>%uHfl{!m2!`O41m{`^KhGRG+k^{>`fIS()716=ro?GTOJ}!T~=G|{Y
z-K@ztP|IkpqD8^#nA!7h8$DaHz2bUXREt8Fzv0|>lCCu2c%^echke)Tp3orjoSL`&
z6p2svibhH4Z$qdu>hN2t8PS4=2fU9~C70gYE8#ANZOJFdFjzihIs;!YBpW^NG4Dn*
z!_rhI*Y%q5p0?g2+6xbjzM1;_Sb3D>-|3Pp-JVfI)OMXKj1=v(NJMk;Mq-0zIPA{h
z)wJN$_4RdK1o=a^y7*N|lTyzMaYp|v^PJ0jhqqZ7QIgFAcdfP6I;4kh!+qR-Q%n!p
z;EZs`*{>+az-v&Ea%`l6mmtKA4F$HBMpKA)^R?nd+ZQk2Yw-N!n8@rDxov=L+^y{K
zFlC=@CAJv~Lsc|a__NubY?1F-(<hWhmzi`-iFP?&oc=KPB~O*~g`TZ6Lk&eqNA!mx
zm1??o17n%_xY;8q!Ql?p=Wq*5em|&Z7mf~waygotd<C!=5oqemgcWvrh2f5ptN41U
zwmALMGb?LvW%Xc+Y9cV2j|NA45{ac)4!pV^^5J!h;|-^#&IKP)GEa#V$}(w~2#D=c
z<%?qJ(i>{og(H1JF8(xIO+io`x~{{gQEGKXFEDJipJz}HBo!(D9AhcETQa3pS$C#Z
zs{2a_D}H_;`0<-ym2FEz;QAqIXV-bK{mBk)k$$<?>YrQyWNGtes#NpuC*il|>Z)%u
zQ^W9FAy3TXcq})CUVcnLb!bFBc!$qtK6!%vC9N3kk#7b@Dl2_{wA4>jLa^KTZzA@P
zMLEi?li}jFML7`AEmdx_PH!=9X82A-<gncjQMY3ANPFU+R(*#uw7kYLDMrs4TI>?>
zR^t>+C#h=}h~1~~@gc)`#5UOtYh6xzsMR2w=!~Om7vR|+hp;}iBpgUNPM(Y3;^W1w
z%GucpCptcV`99|Qh>ooPiwu=pu!0W(EmcrlG0UIrQO((eEt0;SP`Bne{l`A4^AB8`
zuV)JVv1h}I0FQ3h*h^;IG)X;hq&G1;vQK{-(<7Jzer54GjY~z_yoW1lgU5Qmws4;n
zmxe`kzm4O251uB}fW&!YvmC+_CyuY$)Zp0}KgFj<1?RHkn{xLv!k>^zqzx*hXI={u
zw)bT=Z-}w+FUe~)&-v4i_9<ldW?WD1L&z^C*2eBFx!gnpg^!;o1U=166b;6OKA6~f
z1q%C%>3W`MMi&e{;sz)1_#dUpIM`*rd&NW*q~Qu#VAEZzJ=~poAIscS<j`F4hPk)d
z;k0V6@zs%y(~$8mYYauby}sIcu~%=_Lv$Ue^YqDoNux+NM&l>(ITrs4`lI45G{9)|
zEskDx*x57Z(K9vQqo%UdrJ0kiv#2BXW{y~w@5FeAuP`$UAt&nTT62j@_Um)VLigp<
zv+3S0vRh#(T|1$Vzd-P45qrEj_7(-z3|zrOP2#t+JCeOat_#HUs|p%Uq-yJENiB*3
zAxOARTVSWKJ>}=AiiR23Hk^jWd?S7ribubh&K0u62`iJ()OI620V(l*#vZ0hf&BcI
z_@TV%gY@b;=G^jsFP1}#*3Y_eJxp1B2^b6S<4dWgc!lGds_34?-hIAw<Um0yy8KnN
zcgc%=XC-(@ml_nzJ>cByZaXaLu0Q@f+f&1M>k%kWgfmoPR3H}^To-nW^37@Q@#q!R
zZyvsQbrL0n8MT%51WA9Ij>7oPuLwNm{Q7F*hcn4*;z9m?oT@7kGuv!MngV4_rmJyl
z<7Fjo4YwH<E-5sMWL5#XQbN)edSRBCfx2H`*vWr$tfk8dj1xR1JUZLZ3Q;T}(R@^I
zT~s2vGxZfl5as3`gUMp)W~yhieB1qEX)F3B+D1x6*N>T6Hn$f+C4f<BX#6rAZaqj+
z+!+;<ESI=r2@h$y(4&sOJGR;TY<Png{~|>`^z><EHN3(atL0G0WIHU=#?O(E6k<U0
z@GVXU3yyjj)mrE+Cs}sb!n>ahE;|u{?pOkXW8e2r$!+<bM#48%gPNI)w_lvo60^o_
z!6w9v3;7@>g_YqSzONwjM%{*K+)gVd+5YlDN7&7lIW-;YVsoC~&PWI1l1Ni3eAy_}
z7U$d9r9=GKD3ZnWuONPnZC;kTUC)QyrG!20>|1!LIWr5)%c}!<N2=d@3nY@;K6aOM
zpN>5xtLcnA%J83NSrh0Qepc?Wl&>vkmgYJQy6D64bAEkOIJqepbkric($_~u`hd@p
z>L_CGv_HFl^Rz&AjbB`E>JRtoc8hLPl!UI6fZF<*l+Eqq^m%LA+Qy-{^we?xW>Nw{
z?B(LN>Gp@)#$(=ACWM$H!D`0$@R&|^69nIevMu*R(<34}>W5z{7+sMnNM)&wRXjXu
zy!^P_I;<VDD?Zws@MBzK<?aL{J?ol+$`~h}R7hO<iK!+ob$z1AiN?Wi%JZNl&A`>r
zVTQyVkHbbyP#8&6Q>0r0$E|<S)vq1Z2vYIF!|nq)S^iN$`GS*T(t?8%_q+m`5;(A}
z<2;BI>{<(pP8?~A8hVcE*Iw<YelRNJr+2o^?#jFjXIe41nRl{6B@TC|&AFu7R-eU*
zn+i(C?dS_hrX*Vu+*WH$s{a@6s(lsIWbo^ByUSQBCn3}rfiLNYt`XKt%pSr7oGrb}
z1`~d^gW;2s-4{e07y%m}q?9E|LPVaCUT>Cg-(zi#eV=aJU4Ti<su(}r>XRCzHy{0p
z4>By20p9>dxks#?Qi%!2vmYI!!!L^YtmdMJ=6_LT<&ZDq(J-&%`gUmEJud&YFl_nz
z8{7NzecZ!h&nS^3@e0S5Z>6kv(oV%}gE*`j$v5?Wq16edA5$@-#q<0q$_1C7*g@(R
zckqt2&dX;c`v?prj)dd~exDv#ML%2YG~6Ybl6FO>*sFpq?69lsy`kj8HiX6D`r^!0
zt21-DH-Sx%D3UG7RV#|-ugj#bXDS)uiz7s+7)np9<vxe^_AKmz!PrNfK$^z4k$xiD
zB#rH@Pi-=ehcT{(D^a39AEeCh-05P>SgMp;k+`OFf<1ze`2BKb+V+PK=gwn<hZr5K
zAV1ZrTW4|(*LBtJ4lrxKIR_wzr@O=6m3cQizc$srarUbuFVv;%5s9)6-+p`9QO6LB
zD3wFmjEq#Z^?~8L%uo!H)n(D{O_g`1OOY-L+28ns;AYx!=C{WC&cFOuG{yv<8L0$|
z@QD4w^7Us|rZddBIjO7%uQxOjwCbZtRyI<XpYCy&x-HLXcplXzjkSu#jh5fR>C*Tw
zh>m@KW2hab-zq>itgss6ZrGw#hD6%k*?s<62uaielQdIY;DV<)%cr5QpGy4qMn7o|
zgZu)LG-5FO0LW}uEH*xYl1kZMa@z3Tx#1<Y`f7LI1H;==g)q#E;f*Z6lu4n53Fatu
z{}%oLc?yX4gWp_vo;8!A>qx;JLeWd{AZqsQHSSpg_BMUCb!N|W#)*_@@jG+1_UoB3
zSVTdc^-yZ@C>tC4Yb1Xzgm0gH5pT_+z1&s>V@_NA`x0{1&K3O1YPYo5UfuTIH1HWb
zc6NOpbh1SI(X^}SWD=v_&5j@Idx6e$=)df)dva;WgS!}uIUM7(?r*WybZJkllZk2?
z_t3|lex59Sj3N1oqZz63{8>Ve7+WCygob+Ua=yuoM(;s@ZoJgaGh7v@&Y4&DvRQO6
zhRlh{h}u^uEz12uGCiuwCtdP>3!gY@Q)XEvEhbHBMgCpo>N+7DTnOenm$i(^C;jN6
zH_!JFj1gq!N`?-N9izV}ZNe?uP+)HViyoqzs;i+}n_6L;%5tuFtO$$ze%$vrz{l>o
zwTrDp1d{E^{fQlAA5!kTIk<M|P$*6R^!iS~_w0Bxt0<lBeQh}$`gdiex3akiTrXd~
zyyQ36B03sa;O+6fny3?$4o$hZw{SL*6c%yv>)!Z`ebl{E<HLs#6SXlDJN!JyOCGkA
z<r^$3<-A^tQWi(%|1BeCNp@*hwY}ALzSz&_FjZEr>2g`ZvM;+i*}E*gl8NCDR#o?w
z;_I!(_XpaZJux$1@H5X?JDJa3VloIF$a+bkLIleO@s`jEee8Ugj5CJ5t*#G#S85I<
zg`~rIG8>^D7a=+^O`l;UrY;n`dQSPH?~0!Dogwr$`R@E1BQNJ2b_Fs$iJ2bcAB24d
zkEe)^Z=T7Qkc79TI1z}lCj%k*FcFCBujc{?+=V-GX2+d=`4c`79`!Z#5YaZ=-RlIp
z_V0N&WMY5g+$j0ORS;=spZkc(MJ4yGoI>#(i6te6**5ZHVTUH?vN`?oSi-d^>FVPM
zi^=-8;&tAwLMqwZV6YYJZLFiROJgBU+06spb6S!|_bzL9*`+?hQ<&I1)i7Uc>AL%`
zX_&8Nc7pbjs!){;bMUCovzqNzq_=N|;L2lLx1(`M{FR^v-r8aQ?glsu&Zg+EQ!mtt
zu%`;w!-j-4PYlj?FHSw8QXIebm`}QxL~O=VO^C`=2TRTWE?LcF@Iz_tS9m+d5V$fE
z6GnRPFuAlcT$e1+J0l?a1}hSBEtIw&ZL3Kl64qq3;{8GwogZn(Ic5*POXso)&xTo_
z=uW#9X?OjanN;xQ&=bf0`*y-O+;VPk!oBrP%S4*xc*767y!5EnkFD`psmE3BkW<1H
zooZ_6ho!OfxAWIqYL>G9?(G_Bsx1YK1+%a9VHhwP(<tPh2V0ADYZ+&~hK~`fqp6(R
zsxS7i@HM1msu2c+ol`Fkb=CS=(lhe#jN^{gNyM}o`;ip7CdNcu(Yq^zNk_wfu|p#U
zzodT%F-8#=>DNEocA$Pw;GZ^z%L`aC7xkf;qS5KkT%H@Cr8SoI2?1dd2kiO7G@ZlD
zhWDu@eU)EC-z0AXr+=GY%^s0Vc>>i$mr9RSlT*(4V!}tQFbVvH7OLqws{+0dT$O-J
zDv&{P?D!d>t!^AECLbUWAbR?&kia+ImqZ)$&~<j1q(e@~>$5QvWOIU9I$kIn!#DGT
zj~W<@3gGu;WU2=fwzfWl?h=>V+cDU)y?PdjFbmbAec!S@q7YqohSY;DJ#fYqYumj}
z=g;R0K5dGw6u_57egT#_HyS4>{X}FZ>w}0uWd_7X$cInUn`&E(H_g%{=~lwDI|4=k
zn#oDI_loL-%*wl>i<uFa)?WVegRVI{>syLPR25F<LR!EV{3kLRveNa}i7Q=3lSGV`
zoN8vH=IU63q|*Up{vCDN#XwW+jJ|1(hRlzJo%8wdXtfYW)P-9D%e6A--IWj{x=t@p
zpg3vYU%c=9eRUNS8An&GwBBa$$>FB^5w{{kE+BY!w}GtToUs%SSw89zJD)FLm8(Y@
zWhyq_h`p?sT(uT=!R7#d;oTf4YB?rZX#?&#n(a@fAop}t#n4oQUiMEpyyOx*MFzlm
z>K^e<XR#YB(81^7UG!VtVhXxW>cpS?sekoaF)L77v<)5!KFja8<?SJd3^9#-f(!~m
z!O<GO{=H~6Ug8Q44ZK5Uj}wDQGEsbAN~Sv8>}V;6FCeF-$)&qq(-7!r3$Z>r*FD)l
zl?a&fmkU2WeZJ}@r518<pDXg;qc7!x+ZTL68d4}+oQpCJE8mSv-yy?xG>nO<NwWOw
zi}SK=#wHN2$6dHWoJ0xgfXsgVNfMym&+^ZXu5&IH*Ty8p+r1>(h)CDl8xH6*j%ePq
zS_8?{mbXBA0y}ZN+#IRC?o~eDS8SL_o3iOPqZIgkNttSCGcw-%NxzjZIo%Ez7^);<
z$S`joQrRodjV4*q<MfmJGlSj%F&#_(zLomBvtRR35&0;aFBlsJ-5wH;yi5($wWTD3
z`LSRVT=ha4g{vg})9c3-q=!39HQ?>C3;!x(fWqedj~YNFthX0wPLFSj${=U%kycpx
zjz|XR>Lb|2X6C<rLX|91WgxR-_}7Z2vS_2?ZfP2IN$fQhD;hN#7LBxhbsFq7-0u0E
z-;{i^uJFd>z&;7yZ#7)uyFGp#f3dbi13GRH4>F`(6rBTJk=#A#2wkp3Ey^I-Y7#5;
zw?>9&m@K$mhq}`XXiUYE=8~>cXwkbgnq0i@uKu8qFTmL32j_d@F1Gy794L1DQm$|m
zrLJNPSwMu@I9e(#8kGR~;@n?BEjOw_^1iBP@=2Va;;ECXM_?p5o4HpqLo$FQUUTP5
zSUFh&z*MeiGZq4ZO8oCDMH^qse}#Q00QUJ?0v`y<uyFiM5w{<E_<bjKn6S10h`Bo4
z5;sus<6e1!?FRxpP-I-a@OD20Xu{^)o6iNDLP#vAJvjbyc!^Lq<n6(W>M4hXvI~j|
z06dI@NBV$Gi2(Qgu0SK^Esa7zJ<Y9`hs!`Cj#m4}iq0hrkfC;BI=k!`iPF_V|6Mnn
zV}{ExqEIAV%@9gZn4^k<8J88<wcyfZSS=TD2@2aF)UiIWDWVjpr&{6qunCH|!c)B8
zb@HZ^)U>P|r@QE4b4B@Q!Tam~uUGw{F3A#Pea@2ZbII#vs8tB#Zm4t1rApF`jk2w(
zCW)Q<gDGysJOgUg(iVMU%cI>~z7PrpDU_*@c%!%yTKYU%Ms*NmJS2vMXpLWaam1*R
zbYc(k?#3r1l|)mxXewjwrV{@pm{J8+`dr|g9SZcqLpPjL2li`<s>;zw1-~-YQ~_}J
zPo_T`c@hWx9mFUnok`WGxJB>>HbHg-H5E^Das0m)6M!68pa{8GYS|pv1z;Yu3F$K2
z@_re7W0R%@GNKO2m<ocfGgr*NdGLV;Xj8#phZ9z~2c#5KT3U!eDaP3#w4y}5i!(B&
zn7eNVs!GmZcnj?C-?GLvq;W?4G&Fi*y2XHCs}R58?4Ml%slJ#L3c=9JtzrcubZ-lX
z>Fp`@u9~_FM|F};mJ&~u09Oz=O}}xZzz_Qw8C$t%<1$id(Q4*Pqg=((RaX<+MPI=;
z?4FubAD~PHLU*)zCB+0Q0#Kt&Gui?NAlbu9*D1=WpC|@e^hU<oI#z5L3gBQx0Iria
zOgS?#Z3wKmN7=Ec=?X7KX*$@cCCUn}hF)x}bIYL&6kbEDg9T7u*rFAqnU((V0JWR~
z+@dd7U0gYZbU836d>34E^#TnoPZ1?CE0FIyt_|BJmDdB=_=KiRbu~kiTtI}3EV!=;
zVupK=JI-hk<od@<(Ltw8F2L2OitkH9JXf5NHs)fs6IPY+>RN(0Su_n@J&|Pn2hn*6
z){U#d$m7y}_}ZVlDghC)mp7!8a&k$6ontBi*6*(JnmsnkUjP2)>Jvs~A5*lI<<d)O
z`;;0?KlSt468BZ_$`+oKcoM~e-?T?=0LdGkI#*PO={)#hN-d~V5^2)a_4Rwm8t*=J
zmkFE>dHopj^VdDSr8LRY#BH|53w=5xWnLivc%yUM=n0}LGBEX~i#8@BRfC3;bJgQ@
z?#;{bvz~`my@xXyyUzmN(@dtvzXj!<r{6>-GR|ohfbWs1CI!%nWC92v6jUIxaY2~y
z;cG92X%1q$85=~m+LXA9{^)ZfkKSnZ%I406j`aoE+rJ8~TEkO46CZ(D1~LI?fm^oI
zQFGUqHZ@&ZOoc*r@A|XMqU|^pzm8XJ2O_8=%rFK_V96PO_`v#8n89>){1kut$ZU1Z
zGUSm8H3ex}E(tf?P{r*M2_=FCU}{MABDqTn#g5#<MA`;dD!caG*KTuGYthM88*lg@
zjqdN!6k)7RDPM}^laf?USgHnq@Sp~|i#PJDyo7~LOhWK?H!G_Bgf0>8_NMkCo9&^|
zDZLjsIWR6!L1Oa;CaSO-eWY*0X+__#G;;n0{v-&(*sB!y2tF(JaBc#*riVkbUVMEI
z3J5zknWyJ{Dln~?VzrV2uqzu%Ww74aS=m!v_?u|_ILG&i`FfHI0b(c>y;$7+Uu(6N
zn)jCVnY<o)%M6GM7A8Z|^8O(j3vQInn!13t&~~n54vPlUX|svcdpR1n$7vs5)Q+f1
zJiAt(+vMU}Y6UN!(IHALS_^BW%>vLL6H0+M)YoR>B{aYrjM!SdZ=>E?2wsjOMu|)v
ziL{`en5+%iu6Euyn`Vg!zx_-%K}g-B%!WW9$_<4Nb!YC<&{fUJZPJX|CDjJRoTYx5
zJ$OR->t|<e6n*MW&<u3K98)UoEE2}e`u|w~Mw$0Ru%5v+=8YQ!8jseW8Ca7Z^jW1R
z&^)i~PnPE6kSi{W*piZ&4cBIwKhYr~la7kjf8@|Jr3m`?{T_sx0=DQ1iwQ|IZBMPZ
zf?!eP{gv!~G=+G4gGW|4$(RptFW^vYCbQ_Od^^vMHGi5ux!fVCJ^7xl7BI{y55tOT
z<L)o}1r#w8$8VDLsxk|U$LoG7AQVkbkPDFSo0^EN34ohqeXXx8BJ>-Rv%(P9)qFaO
zP~#E4x3T9~e-P=If%5L3m(Yzas}NaRhf$;KU(P}L-%rnma6Gg8#nI$0+biXKUs+`$
zVB9C^Mn)^?v09%IupUnjZ6(;(D-XrTqY9JtOk(=Pj?3hn(M)dd3M_7oG!bF!z~}qD
zyW+RpGENjhgM*YarZyxOJe^XZx%SCxdTc6j0}Us1t}gF5KI1|p)gMJ2gi>9bFSX2<
zlh3|g+@vPpGQ@-UQr`XJSYl)A@P3{#>Kj_+8G9v9VpW!ZQz;BTE}sj*vyU!nH8vlB
z^56{Lo=U)Z)f2g+y7aO@r~a|#(T{IFD`-!=tJjb1jg2ZkZ@>v<B<U^KhJ=C#mezYq
zbyFJcJ6e`yOG8IbSif(<V$pRBS-Sbu-&j4{PgA{TVW`bY7_D*pNV%hz`+SK@b}))S
z9Nu7yX)mzwQX5v^Jq5wZJgAx!K&Nj?B!(_BekBBlXfh%!#w3g}F!@<vxU6^m751uv
z!h%HG6I0unh+B?}C4KLf4%9!O0-ED8cn4GsRiQK@UE!+2q<e)Y4HdGqM7?S3pZd8o
zJTuha;9@3~HS{Qy_QaZ)<i~{Atkn0sk4O6XMehXJ*%p>`Ld@mv(3b(dE4!tOP_$d@
z3H~1+c#Fy<q#Mt=qW;?&6x9l;F&1|j^PX3=L{4aH+RwAP<?S1=(LvFkVH2Y-H*4R{
z#T)VezhW4MbE?KHc(4}hGm~$<2N@MiAOV_<`E7Hz*q0qH5=eTtbSCZx6zg67rsA~@
zZWo(aHTy#sz4k0RV`Ih2PL&|U-ZT%5i;zHrg#Hygp@n&Av=J3?c*{A)Qp8PaFFjYy
zqou&B#$KMLTWq3<gr|4Z?6)CG7dNG!^{g7TL4GAl-6_f|Zzm~{lfGd1Cg;=EiNT2s
z0kdxRRi3mdKK}X+ft2MvZHQv}$WFATb!81_aSo+58_JdS+jh>~51?||VMAe(Q3MC?
zHy+#>Z(PO8%zVBub=fg#P3Rd&qeWXZOv$rfz6Vdx728pKD)5r?sWj%`d0PG9Vp?{Y
zfY%m9Sl&9{GF5tPA`kwa+fju?gy@4pDAy}n>dsxO|BmFQc#w31<6{;toerc81Ry><
zv7t-_Ku>OS+;nR2e~J0&k!8XIsQ<-$06tJCbb)CRGu~hSogu1_4(O-&!%mjQ#x5!F
zp&o-#?7=2%C<I;cF1#dj%j$_@`%r0kxGPq}#OPJNrx$~y(bb8IUK^Yw@ZMbNBqBRw
z>>#iG1Tqf-i6m&k_rKi13^(2Tp%|Jh4Swy>0?882TPm&Mt(Q<|My<(~QV1hR6idPd
zw!VaBCFw6NlHrqHzKkXFmjT4VXDY5k^x)J5h^h=Uic7N$aA;}a+a7^uAH=LhpgRKE
zMjQxFu&S;`N8(I@1Nn+ETxP0V0IbTz?b2I@`OXcSZ^Q3FJuY6|OdWb|r2xIjs)mM$
z928V&XgR|wmS3<Hd5L6c&5x1gAJmFi`WnTc88&^I!oFiDJou2V^S|7KPd>oRu(}!_
zsum-IREF?GTn2_7b9tHSv^)}nF-&Ns0!7*ze*W}_i{zg47+$EB>T34oB0&m?>~P&X
zHl+ZBx|k*OQSie=9me+MQU&_sIRCRjU<+7}SG!JW`48+xbTW#dWD0vtwVm($RzIfO
z8d}<jCHZ#tdVY74aYd#09RFQ^;O8#^P)t$C=KPmP>!k(*a3`0yHbXNh3Ej0TkXIxp
zwoyPaBAvAPha6&L?9~K#RZyXc%T%K@)<r6Td@u!^C4-=vQ$&eIw=4nsO#lD@xhO$l
z5m3!{>1qXNCa*g@^}lMP>%b)yz8)(cmqAVx9IE70TFFb5K@89&IL^oyT2$0)Ko!LB
z-(|>9YDUK3wS0i0ZD<!UAUTRPM5JFe<BpYqLJAuTYz2sovipnpHM#FS!GA?h)B41J
z6`U9v#BvQSS{_(r?580}=W})D$IXAJ>Xq_^7|-1`mqe4JgVuMD%>jue?wly#R`Tta
z%YgusI{tE5xWuc|#7O+!AOpYAcaQ`*wDW}pC~%7t6;xNKG2MP$f_xPX<g1h7c~+np
z3D(}_KuM&lX31E=1cbx(&bX2epfa$NwB6sTgHq51?Ftm0M4$kd-u=bQ1NtMVW4n%I
z8pgZ|X6c{qcVB?IO#&pVkckp_!flZQY9MQaxQ!R7b#y^7ko8C<pbqRd--VCjHTkE0
zE+A?{5A#ocP|U=qqch4$76A(ZWsaqO8U*5(>Q*Q1A$NTM5q+pt-W#Ylp=p=!zniW@
zFXzgZs2ZZ6h3`;RutDf2Xf2ip!6!1sEq?<<+MHm*MRLc2R@yCB-e>EIWziJyFh8v<
zw0`@y0?Ovp$+5^<N*7wzrYk^JB0YE>;`Z=GVeS}%f7k!aan2TMcL%B|+=A4C95#fG
znUTtK@fyGzw&Uz^pN?*NI}tljN52TFYlxL0%ZEtdbeM)DQUFg%PPB=B05Qo5R7B)}
z5Mv29yPpO~EZ%?T1x|7COBediQ2&7Q@KROe(U*yd=eMM-m<$O8f9{}MgFyx`t5I>e
zulI(Vv}ogHf8K22M9CkRR$UhjfTTSrP_lUp3p+&{nXl4UEp;k^ID3R!d3*sZ$?-;b
z=X?Lu%X~Xwq=mtx6nsu&)z!`=T5(bYzj99MOAKRP7k*+iQ^RVdqjNzEP-rYf;m89j
z05J~N#+-|5jxk)Q`GFpg=1^kCm4!7CVO|s1u2`hP%gFju9$yHyX5l=?jT%SKF(~;h
zKYPl(O;fOdUQsDR3f}}MGYWKSKuHPkyMhWwX|te!lHndiv78dHkfkd*!H02{QPhxX
zfu=(=L{N0aYyZ-$YVCjt)V(W<CdUW$jgtXMGw|Yu+Tr%M&o(VkHj4%_USo7$58$Pc
zD2fKL7X07}w|@AHSrZ3kmu6$X_i~3`@FySkA%idlWwtUinpReFro&yS8hO+8nSj@q
zgRggJQ>qI5(4sE@IGl6qNzHcO&c+h##{yt?cEis+2v<(OlW@!F0D3HzdocdvL|GPQ
zH)Uz%5;Z%6S;sOJjXSvjV=Oi&zPehj-H4r7@`w$*s(xK|;JdnV7tvtjM~0=M>DI5X
zh{5;97WCUDJHS~GPWBf;E!h3CpwP){LKHxbdTFs5#701zp>zL|XNJ0bhMSl=4U0ji
zX9^-(w@>3S!=UF!An(y#q8|ueAHi$}3<*sqOc9~4%+&-DSR-LR%^}|3_Rl$?Je0ls
zwU@{D^))|%*pMTXMx|$9+&&isU`8auKPux3Py*2o!NHa^#J;KxEDPQ{8U~3F`j3}&
z=k}2{w)zP`^k#wYn}**gAX#$V(gm{*F-ld5s`8ZzJ98&m>*x{%!?ytkq8DSN*o3(2
zdK7&FCcn^f_Bn12&Z?xAe}g85alsVn{8)hH;}zTsbX&Xv;2f@yJFiKUe>104|Iwn=
zDv}T<PiF|qBx^j;Um47vzbVi~*4tLl6b6@!CZv`oU0!i?U~8i?GRO}DmZw-*88b}?
zKuxQJn>&L%FIyat(;-78e{=v~DFpc4I`j1N0sWf~h68S@o&Z3r*^X@uhK9tzyiJby
z^vZ81Yf59!hc1d=p?mnBiS;nNHH#G}%12`QRc|c&t-wAkS2y3s8I4M#{3dT}z0kwO
za9HcU#ivYH2CQ{>!v(y-?QWbzYe?-f_LhRKZ124Hj9`m?o<Uh<$bgEaaf!~ZyHKA!
zmml)2Ht=Wqvlxt@rSE9jIl8bK*?%kn!(kgnC5aPK(>Seldx8K$&uVc<lP;LG;6Z4~
z7i<6YfU4@7U42@qV(;|+SG86XQ#hiOpt5#QuqBMWO{CeQ^rIby$5*+pfEPhqTYmNe
zq-$|>&Pa-xtkj)j-5ya_mv5^*W0sBXQUjsmm+t){$m4z;CD&2HUil{@`jEP5clGdU
z2jgjVriiJ@Ek$xB9amK2)hik^_U)uk7*{@HZ6YHXUhFTOC2GAbFN+wjU%9;ie;D3b
zTw$~j|21O$JlZ{I0K)o#IubDFMaY}MaN7oZy~M2^$@7!LMJyyN-oFO_^d<bboc$h(
zPnqMZgHljd7Tg@x4a=e>+=&5sj6Gerh~0|yZSIC5XgCp3*}v++De^qH0OQ>BY1QZ4
z2<eU>;a|fU-I1w)^AJht({S`jm=g6ZVQk7W3+tYV6utk09!XStHOtEsc-`c}z>w1D
zY_+RcqUdpNRRFsj1FduWt4zrCN6IhCB%H0Ik=3Lmp=Ao$8V3@shVa<armK}6iNrk9
z4vLmoq1-lk_e0K{l|C|jZUNhV0xGu_l0pVcm_3KQeGelc5h}W3?;axCi&>yk0DWc7
z+&*4AkEkcR%)&IM_s5`5La^2D?Ps)9NLBiYmb2Q--7C};IxlC9w}2zpFw~_a+y)yu
z4F*LSMnG1Oc`H<CoW;Q!o$>}E#ZYy~&%<(5$Q4PR!rNZ>%Fhl|*d*`f5s7@%jU}MN
z8IU)2;EZitKVQma;RP&~F$D-atHGSl8YE)8DR5|I6OPGy@Ou@RFG}t*kLdTP+w&u7
zG|4C#+qG=Jf7fVPm<aD~j{dpRa+>t4x{ck{q6bwQRFdM|?3@`(ze?|=U7qN1FboRT
zHqd&sk1ptY<1SJ~OZ_p**h!pc>5Hb4f8o`u?v=v6k2mjhZA^u$q1p^oOa}gwA&gXJ
z`1Oo!QaT91!)a24D|1LGy(<x?wad~lb1+vQ{0>1T%g?xgxP~A);7}jrySl9SqzXGN
zlKgv1o*6)EAbEkmoykPxqCUg`(s)a>wR{Rkh85L?hJ4Hs6+_d~5vg$$vehuN6Fm*-
z6IPqO47OBqi>~1Yubtc)3a`fI^sqRW7FuxBaYe7jGIDxDBc))j-E^8nHq)i45KPb>
z3&~+rgNTSp8$9Rj5e<<%^)EZ3*hzG(q^U{bQ2$!%7#C<Xsa&0A6gbgr$$BVTovs+9
z1$woHIP%zd7`mcf<`RB2MBDML-=pjb^5e<uiYvq7T0#(bOvYdR7E#5&1Op2zcepFP
zP$J$HieYA8`8uYxF;EfpD~w_j=hysC+u>!Gq-!DUKb@;j311dcfsx%w;4_YAahkO-
zCR-0t2k$U^{sdNgc;iK%&2U$hMjNAkJ!*?geC+6&gZ~|PRr4Md%mojNXs==6)}VQM
z^tOTE<19sc-tW4(zW?}MQ|ROG^>tSLl!-1_3vZ<K3=)U76D>u}02>PS`adTHe?*QH
zYVdXRx(ai1b46W|m4zjj{i5Q~Hq;$pj_m|@Sp6w5k4Q`NknslI4;XKRLS~&x9sO@~
zzqO;cB~42R=72LE<GAC!)?NG_{?^I?ru#_fi9u-`a$Lje`sf30k<sE$l*dMU*(K6h
zWdNeL&~aLd`sn_t&ec7ve;>9o^@+W#5<y_1B-LZnMRj;7$&Yjt{TlS)u%q(U9Zu{)
z6N?vrtE1*Q5Dr1|2o;iYHcCp@L6|b5UD&av0=ytucNkgJjs(m&TTwn$e`{qg0%-+)
z+Q}|E!{T+^9#NsA;<&On;x9Geb$!O4&`37ElrN_XBcUCsWQfvU{cXzgX}XVuUMD*b
z<Hdaqd?y*?XJ~|McOdDM`}nPTDIdo0h!kpfnj&$-_qVh@Y}&4<IRmo$(PwLSd8MC{
zhvG?{EZ`jh$xATSJnss>MB5Id$8Z{|PV8Y<2!u0IC1@u{xWTg97YOoO)rTIMj+{|n
z_Nhx1jG2nuyWE+<F@sKxaN`u%<@;)yLJFu#R3)I|i(DYH`_+6^xbHCuIL1W`?w)*w
z7Jt^PX8y52UlurrWe<R9UmZ!i5@uVTQRp0g{<PRY5i}3i0I@jHb9?sXN3ge{aoo}~
z4^nq0TcH;oqc?e7_VfT-R_Nc+qR`gf9x?6EmU4?4$0VTtN59<LoJsX@@5*=pU&~TV
z=48|DfpDs=f-jgQ41Z;B5MN6#Jl=@@kINq=pS(Me#qmKW;_;0!S}q>%TW-3MFm58-
z<X*c9i!>XqkBS=>MyK_LmET_YRuV3qw`W)HGZ-8lggN(c2)#NO<Iali*kpc}>{Ua>
zyv!AQ<$qJ@wb|e3JfBU`Q;{+@P<0LQT|w@Gb+G6;X?9%V%j)G-SNw5<5Oa97Jv;FU
zxqMU7QA}J>!u9+7TNHVC_wR4@GBA!cmxQFXIO#ejo0)pznwvR6&oen5?3n_|R9*2~
zwX5|F9D2}0cnaecySp<njAQfi+LO99j~;w*c$s#_fkH!!@W!Fh)3p8h)}RZmqQzs5
zCGMhFX<-jx<KOiIG0Wow8NJV}rj*}zaYP#gc_alohK2S$?5w+}6rDZJw{2{NV*5XP
zb`*dE*exGk(|&&Y<j@&B_aNak{&x|>;7jY<X54cJ{yQE~qcpejyK@IrgQnmS3&ayg
z#p}}hr@6ls7Mi~WoY4@N7e&|B1ygX`Zb@X}?k@|Bt}Nd(-LikN@U`8Ys-n>?yfRt*
zS1H%z!K#*4dC*4lP@h$_y6A<=UiWhGVE@WdZWnY{9L)fP#0PffPxdIipG%z|mX957
z>Ieb)Fb+=5s<?e%5$D{G6#tY&l{3LeSv-!tEFXt+plmr@l)K^|yjw@Xr>^|;wDb-i
zuHn}wCpCYbSEGr4WwWXZ`(GyVuiFeCFNYt_v3~L(oU&Ii+I!6UX?EA#ve3529T*T*
z&bK)pHnytyNaPjlwvm|$ie_`u*FI*=i5g3ajrmHhxD#KfeH!D&uQP3DXk5{aj^s1T
z4V)t@;7_-bS!SAov%yU3<GlbP)_#wgA~|h<Vu)vrS+Al;`vsorCw)&()3RX=F)G`o
zfZ=5g6V*!^%Ux~EENOFX1sI4|SIfuw6yo)sk<845W256y=fK6=t$v=hA^K(fdJAED
zf>8E)MOWSE(&?#j`9#r(*WmPd``_q6=P&T+LcH&|fP%Eb?>*YJ*Jdv_9QwCwJ>1um
zqD~H?UC>Y|m~u*g8LYSx?k~-Z4c_<vXuMV5%DjC%eMkKe^G&nO)b0;vrfzLWIlaKK
zSq#1K;E|epQ~gPA*+;@I)fgpg&Zv1@VH4kBBuoFBD)gs2<iOD9aJ%0yy$8}#<O0R|
zlVvBGT)rzL(|6(6U2M`QZ8a~-j3(ZFpY14+re$3n&R`JqsO-$*Zjq#yFz;i(cHy1b
zs@<Dz9a(V9EI)HvGf|mQJrZwtqvVyT_*9>j6!TJ9%b;gZ%&Moc(Lf`Bd3C4XIZ!~m
zl`FBEsWK>O3r`bWJLMyfx28gJ^QHCp%1w7mipMEG!B0zPwpBr0mWD*g%Dq?6+M1E(
z@pxdhAHbB<$pGukHCa9gxf!~(KlCAm-+d`1T=A6^!8yft*1h}SK7JkLg5V#J$`hO7
zzN=zd(`GaPX+81Vmd9;w@6GiioT4PGy(`nLzHQfSu(fBg7dr9Ryn)qUT>qwh)xB+c
zmD+!oqu^8X%KU1`_y{W$#U3>jPlZlyQ8H4N=des8xp&iSeW52Nb*zzisf{eoJF?+Q
zF&H}$WDlJDjR*w7aE|lpG&q+od}Uwe2@Wme;m{Q#Ew`mdemYaa;%8c%UYTMhy|_}i
z*nKHl4_;4J1XnURvK)6ikJi4ZbGMR_?m7FpI3oDkrW^c(<%pm*=H_MsV-G=fUGN#(
z3C8xO!tF@Z^{0uz7c)+ZG}P*gOZ6;5v6JvDOc#5TR6X4(bb_YL)y1G(p??QiNi{o~
z?X9#@m4c=jw7Jn5#5XCrLaAeks`ru2#lAf2h><ypcwbCvaHm+F9k_ho@!?H5p+or8
z8ReN|j2^43XAYNwJ7JTAJ{rl#$ZB^!o*!r5H&;0|?Ds5Vc02tJ?5bJw`j{#7p|C^L
z88qV(ebC!HVBDCLGsOQ*VD+mKJ?&~F_ELgLw@c&WkKD_mm|66V8>3^3UMeSlM{Qnh
z4Ae~aYdwdODXx+<*Az>#GW(NhYG;=D+S!|5xR_i{l?Ld4?=}|L-M5pyH$O6^ddX&I
zNgJ#?jyo&-rF+@de1TOn^UaE8<6X&xfcM{wT~e3Zwsm2z7Dd^IG@i-FbwVA$RhT{8
zW4*meWCh2ij<F0|bC$<<)o1N&zHh|^?tc0`GYE>Y4nlRYRq-+!A~;L(rPQsPM;C|Z
z_~-TqirI`SOId@qk72Um>n(=<2Bh3kRwB_~-W^uG5xqWxH(`Uh9+M+s3A*~Nqy<?o
z<*E1ivh6d)>TC`7y?YfM8Os5w%AqS_3`g_wUdjUx3l;5e!`~`lfEpu@d%vj5L7XnO
z0gjtJnFyoJ^OHyG(zq}kFOWKh_%=m#mo!GX<LJ@^=*dWrFt%@u279}$oYixRGmU2-
zH_&E2+VcKjT=cp$U6fZCd3HiNkE?q4H^$gaq@3B6tExV(pW2tU?@Yw%2y_18M@rhO
zKDliVb5e)GR%^^=)nRGAG})YX8UvX4*c8oxB=6BT0e2kN=38IFy!_yT0F$VjQ!RZB
z7!DlF=k;S^kEd6taaA`>1xg18xA=vAw{I0Ildb=}jF`>%{=q|PvTgqCQJ~&bC{(v?
zU{&+CD$D*yM4EAnxx06!hdyZ~&5J2qw(k(CY)yyBB?%Zk(|QrUj4PQ(5{nrkefA^%
zV#{wHdC-;k>}$}t5ow}fuLbugY<k@)7JhGrqB{&ryi0&9swYaU$u}nfpr#g!tH-ZP
z(3KlXaXvChMjt;w_kJ_y<-Lc~rN}2H4@dSBOd}n|_95N#gd_(Z>S%j5fmaK;PD8Jk
z@{pD<-mf=~|7I5kV>uT0htl`IPXkp44;puj9g(nDHXaRk@6FhJ?=?t5)JMIW|4}?a
zUc9ZYE9vG(ww*k!b~Hw5;d3qM-SFnE+fkiVmOBQl!oWgn;8cv@$3HB*^3!rp&D%)O
zLJwN7cr6MdamRWr!$|N{7;EF;XBu>E)R*dVC3n;ulbX!BPd-fUf}fLW*Ac+Xen56!
zYTd?CYz>-!@{mu0jkJj!+N+Z+^-bM<ag?p8)lctlB)YTF#i5n>V6ZrmMRAB9=|P}_
zrIaC|x3L{(HF8H0a%fQ|?DVrUfiPCfD5gG*F+VA=;!Rv=Fr>l=Erw*IztNLj;)c+P
zrw-ny`}PLWV$1($Z0~N8P?WP2d*R*I$>7tuI`bSKgmEUN!FRjN7pLC0{puo0cwj}m
zgDbRQO{r_Kv#f-EEQL@*cy@KM=WF=}eU^itd%bz&p%SFzmFR;4b*ILAo4>6*US41T
z2M0V{^7DFkx2NSyfNB=-G7|=%{)V)BM)3<h3wNWjz*syDKd@({OdaplzhzUo7jlPe
zkKk@m={>m%Rb~nZohbH&;&zRAEx|(B<!ba@$CKX2>Z6RIg1@4T++2N5>j8{?FO9zZ
zWw^@chcGsLUbgijR@E%R;XUwTGi(U%8Kf|^ogH@mxe5Op&7``X+nKC+=c%0;!zhFq
zz7E~O?l=O|@t6DCfx4jlmYU(JU6Qc{%-fb0q1qbqq%4c4Eg!oyAHjX^&WDP@1pE5y
z{4{%tW;|IYf6NZRHYAEf@ck?)E(Wt?q8!mP*GsE6?aRs}-MJpWBJw9+#Nc?urB{}9
zP2W$kZTH8_cpoLtk^6nR*=k$0xn0W<UMLia&2H9m*CZrhP9CJON_xJG;1=#d>n7zA
zO2Rg;Uwxr<pSXvgSfFju@PuQ@ujPu%m@zV7F%`q=<C@K?;NRAC;^#Yy8!J^m{+VY(
z26j6!V@7Z+x_@bQ`0lepcBbGjlJUhqeK$s3CLqr+*`%VfY2S9M!8}kW>0RR><Brw9
z5(<$GBmQY01PG+9^2Z>>-;A2zvkTP2fslT}6-)O^Joex}e*^ee|6xwjF(_8?(+^jt
zW$jVUK?~faIpX1zb4`P@`JMC^H#ZY*ri_aNBkY`q=bS(ARB5n`R36+yY(^Rn?7iW=
zYj$&BdFF@VG?l&2CQW*6NQf;jI{>%H@E34IGj8MXYwdS2d$bzIt)sH9ZjRLGIxac(
z`$|;41Q!o}(56ymo_|)oh3jgwSEu>uHT((p)yXP#rk<~oEi59f+*Tuay`G8bn>(J;
zC?^q*`mqs*=ucZy!)PoWBd|CsUp{6GQfj>jH5ZnB(2P*)uhx=B!T?@OcXO4fJI;|`
z*Z=$cD1=$tb4PPhnPE!IxBvX<a2#;ULAMp22*3Rb`GPk;`+wRrZ7{Q+lrA3vgvrv9
z&ySDyW2Mn1Kack2BFF8ID*>qox&WL?-;+D8ys4GGYmJ8U<xZtWWqkN=6!c9A-?xuY
zI@F!pEH7K||7QVw1_LZpnDio)j>)+co`aO^c~Mlu%7%u&C{l~fNl!{M=uZDkFyj$d
z$ZaQR#;v(==(qZhSip}U*f{E`y1p)|%Od_lvj@6m)ME_#J)P~tJv%zHynHxZw+3C*
zik-aVO0L8aPFFst$97sH?OgxkQF#cCALp|+bK2HHR^H`wpbtCzlncbH{TXZ!2aIfw
zHfhE1Eq*zK)8B=L^w6x5pBH%;%sRbmCiDNYk>#&K(*2(2_8ww$APyw_VqL2==_q$-
zdZ$fbW7rvByZj?rb#$UHcg*gPC+wx_GN^5lhihFBiEpy@@TWRw^J<U{xnTv&KFY}F
zKXA4DjQz@xMht52Y9pY*AFf8s^T&-DXFv9ie^T#_b&h73f1<%=vx7Uru~qM9O$ZGC
znXu`8U!TrAqE6EPnP-l-+V~F6D|paJoMMk*(_^z{2d<IEC(zL?bSy6$!iYU3=K5MS
z_H3SKf%x#|^6Qfe7U&Uu)MBCQOpWzM;>H9clTbUYjMlHrmsRcY$UujGHNE{zI<H>F
z$7?#X3p>hhWOj(^<&9=_U{#eV7-!6(mooHZ*n?E3<j{gmyPDo$$o}1J|7ffLI}2!W
z8L#HUTU&0wy9U$!gp;i0iJD1v@R+Y8I=&k>goKnte+rxV#m=zYo(Y;RKMyZpCmqY7
zLxft7E1*>vRPB?sgho>jiu6{vISqo<fwW(<+%1oC)XQYD#-l$?e`k%V0KqYAH^&vP
zFQF7LEM4d8At9$Ql554nn--rqJ2@~i3y)3`Vz~VE<|3?%^H=bm6vlfl#!L(vxAXPb
z3WoW1gTl6`k^afJx){F?_1M~O%srg^wMar~sJ))0aa!#s27gM)e(j+_r(>;@bl2E#
zc0Ee*4PQKZ`3ob4+ynP0{}OK`KWH`4cW${1n{_03x-X3U{1m9xUy{Tb%3Zs4V$PMZ
z&<!0RUAO$G5J-^w^-vFvK1(x0lvyOUop4PfvC-A?FkH=#FLMYm-7{(N6@1Yermuck
zN&y(St=tyzHv5$95zU<)&Aq6q6!g0<imS@nlS+~rleUmu5c-`ycRep0{8}~F&a9J!
z8S1c?+L!J#ZBnkNf{ol2Ez1rLl9p2lIv4QXG?OJv&a_mawx=mJQR7DIB`(ng!+WqV
zsohYw+WnhAx7Qf-FRaUH854HyX=1(C8un=6puGqSQ^^IL`rcMoUBGF-{vE^z`rJr(
zpLo9$4R`ivxn+c}ir;CARWg2_qR6JQCVTwy0n52n>TQrZEn~oVQCA5GAf<HgheV0z
zNObg&{3<$%v^VE5zUylZg-5n5KOM*om<;dAjcww;cJg&JtME-bf%y6&pF61ofPz`_
zRN32G8aKhGFMC95s0Zok4%UkVNngl`eIFgq&bue3v1knaiCcZEogI6}dJ*_7ENn99
zpS4Y`#r&ix5PE|*lJI{R>Pgu-!df+^P;TePrN=3#C?J9%%Jfm0tq&#)!37^nh1DDp
z=nLCMD@c$4g%xxu!=t1fwE0_lYvUFA(kMOJPxtd7;mofIs-L`Rs@)$Rv)mG%Gd1lb
z{iNwUd(Acy;$sc<Bn+hK=o)+THwa>XXo}0&;egf<r8%MF+jlX)9!w_5N*V&p;=I|o
zRE|C}zD|rc>ip^7+8G|R1v;Lu2f}ieO5cScvRUu=wy-%hfo_^s`{HuPw|2l!zYde1
zeFOdUYyrbIS@2f|ptVqEOEJm+S)boPI7oQ3K%>6rqlCm&5*$O2a?>)R?~!tbD6(U0
ztnCZ%@P))XDlHi7+XI{bS`rjNFnox=O`bebWKfKY)1KiNH=puElSRHa<5evZmw*Ul
zq7r}r!_-M3F2w!jo?0FdvZB^@3Y8;d!VxU?v(J=4IW~vyBOLG=kxH;jTX|dFk-S&{
zF;qiNrursIF~&e#h+h}%=-1WpX)V!AX($k8hpt#~;UN-q@GK8UaY!2SWW#_EL!cR)
zg#3y#nk!}$P|nDVqohx??)vT#&^s#jiHL5hp?B==!d7^c8q$NXfS3;-G5pKRl5f;L
ztr!rMI*skuTA9t#cAC^dbm+dgO)<c=kSikX$OiVi`M{tl2Z-2e^k=h4r~44_W(kU4
zETECMwaf)*b&8(ezLBq7fuJ`jisn}t{otN!gMix?i_1`Iw!iXWqqf!&Es2Uwl%w#s
zyza^IsekXpl87rlMGx8HEiAmd8u+5J`p4L>4LmadGaO)4L{B-c+JW!s(G|cEXszr0
zE$698XO=;JoqzEjt!Nm1qXn!7Jg{ic<ej4ona*7Uw0jGz^KYQp8jJ7o(bdMr7J6gp
zj7fI@zd^pe2O)To0XC=OX^^)tg0459^Q-xoG3|z<aGpSm3Ipg*a}tn(eC=o8{TQNJ
z3Cu_7&^KZLNCg#Rv^z8$qk%4C^?T?oXk!081V9D8P3B}kclYA2HCV#<rBLdPK%5sk
z;Omf;33C=#qi;cb%=l$K4B8}6wvIK|k)rsR7hsSn80Omh1iK$w`=Mc`IOa;s_`(Ld
zyd_9cUV&K}S6r@LgE^sFf9SfgPpo?=g;)(@P({}@*okiX1_figf)^tsgASRp1>>=I
z@>I+d^pPrtA!yde9teH@1bG4*Q3$>JxfIMZ5PU?fX2GND%>D1h92o|8P$X#u#XMiY
zF{67!K`$=0=ZqEUuL{OY7y|H(jJcea+KcPW*QwY3aeU8+S;*u2hFw^<)#-_Dy{rhm
z{?m?+>?UJ;TZ5r1E`{7a8MoxwNCz?iRzr|nKriR%vA>`)88h^(R@J%QK>~tRyHy~m
zElFx2JEp|+yCuLe$bm_L2J^PoyTA9f1v4{4NpaXPzqx)t_<R3fdtVt9W%TunfP^%N
zG$@@?(g-SpGzchN(k0#DNJ$ApgQT>CbT`s1-7vra4xKaP@ILsz_r2?Wd%xW;_pDiq
zSr6yzXYYOLclPtl{vjFYKKMiZZ=zzkV)0^0`f)5^ee4#&;sFA&sXDkv2`Mc7!c&hl
z@OAN~-qx9BQqKz)a2425&wbI&<Hl6Ozy1TYQLzhx+*m8=2wk&R%KsF-F#9PQhM$v+
z#Tz9FR>lu&r&MTA*g6#tjsHH7A(2G|*-jhtYe%loUGDZba6;W4lQa^4Rr}%%5d#v+
zYF?i29mD*WH{9@J)$(T;_j6X~j+K9+gu;WcB<N(j)wL1LfmWzX^@*>AqCjHQ=Xu#1
zYgs5F1HbS|1rV+KW&X>{NxE6r>cdBcxnX{+i6%B83c2MLdl5n@Of`G5>ytlWYd5Tp
zVh_fwfeK+{k{mJG1PWIh#_N+QFsYm4=ob^AMh9+>W5<A`y!*w6@(gA}vwy&EQYY0x
z&wmbR7oLDtTyBEg5lXQQ!e02pdJk_yB{D#;z$@dG2REzUtI*T{|MY0alMo;^_wsq0
z3*`nUC)LTmK5)(D_06Qapw~%sqJhw>KB;gVryll;gGZD(U5w09!!+A#p04FxpLU$k
z;M7248H1^6w%o%zkuubpDWI#{Pw>di13QOHj^3V^89+|pjDe04lLNhrE6)s7#)<3*
zwkY#`=_|OmIuTGiUC@wCM|>*m^74%OMM^=w^x9z`M1oE(Z#gB|U=R#@EU>+Mckg_7
z>9>^_L;L~lF3meE@LdNS#JFGJIfltu)!w^QDFdiYDma3v6iOqx&p@SJ87;L^0^EG!
z`P*i>BN!bQka`%llsEeI@K+Q)FZTq&1r`D@L-WIz{2?H(E#7aT=ZVhbiTEwgy5Q`L
z+bl!Ly@ze>aWrqgxr#@Gxv|Lfbs=Xu=V%LoB-6>mCD<p;hxslW6)06XlFJEzay3wa
z_C<;_`7Wh%U&j44jYn)_8=jt}u))twH{oG^xZ(b5Tlq2G3<e2MH|p3F9vu8l&(-GW
zkGId=#Q_paxbx0bk)~>B%*81JQRv-x^Q`o?T$C<<vC+mwx{%3DVwRc63N8&3^goLN
z<i{SYPg_BYLZQD{0WKklmwJjB(SP=t5y~d;gz}TzT{&RP<rxA=#m%I=w)w8LB)g5l
zh8u1P4zer_{+n0@rzSH*&dBL1UJ@ItKBjRpOCeM*oOwAy(dl}SawQA9;G1cn9N1VM
znN7+aE%8osr0qmw&+Jf~E?@s0t^-4vQoI-6Zs_pc*XUKUSVF{bZpH0K(c{cXg{Fsz
zP((GXx5Ue2kiF0>tVSZy1pavCdWas8nC#MkB2txupS%woGv4~StDBmrHVBQqH^+-)
zg@)(1Z@p+n-jF7)6nM7j`lKU4{iaJh{=O5R0mDoax9rLjQC<Y?if7A+p0Fsw1be@I
zqjr!c3CStK1G=9P$U^yhTZQG~h8u8h0EhABi4wv6c%%eWa9dek?k}<96s@_nDa>_K
z;OsOWJsTI%5EX+=amfKQ7POvW88Q~Bc$9oPjbaTEG3r5Txa}LmQNXPy#Q_hXgzjFS
z>N^51P*TT@jw)OwUlQ@ojJ_q09hIy8Z49{1p48{;$5VgIhj1f<)Z0W+z;_vXK$DXl
zFbX@{_=5yp{?I#IDbLgP*e?J0?X_`tuxwuSM5)s-;E?6|^2WeGH{K$dv-%+5H|8dA
z(v=m|i|g6<M+XOQ0hIv?L}Tu0!PMUz-c1MPVQzG(<Wg3^wLQCow#RwCjU#vDfU%-L
z;`^p=L~5C^>AO;B)XsTR`o#7-T$DY~Wer@n&5u<Fy5#@D-DpW-=Yo;Ht0A3uY3ZsH
zMSwT!x+8gWo-QkO5*R6Om=<n?i2@0;o6_4ujJBf)cD-ADS|`=TSrVaY$yuMdJeQ9Q
zTW((heMcfDolWuMBgV~Ty($|#;eDX=vb6tl7m-G2tN{A}FqxtO>VfCG%ga$Ml^<VX
zgON0VF`S&83?jZuDzL)U;%cc#d1Uond#;67d0BxIYa$eKZ8WH@LrmF=2|-B_Uxq1G
zxOs=}-gVGS?}{1RVFT?SadxVI&n;t<zSR<tGdu*AhuG-z6NEL@=S?+0i^uN+bK4{=
z`S3JCPewi_1Kpc93FMM?*nq~juK`YR2A`CA@pcwvj>A@+xT^b>VfPa7cJsxpFL=Ff
z#R}s^Iaid9@K?#XmFWf_AEMn4BR$T}iTxJcYf(q3%5WxvF;Ti6l4HF<HlIF05x%I#
zjY2VC6m{!HwTF-5-<`_>G8m1Nj?UB_4k*Dax=jBDG8`ZVuRljH)E!ywZv<zRxrz@y
zBzI)FSTs)SUg~&JV0fwm+$zlNdGlww47$&o5LLFuAM3v`$J!8FuxOg!c_gWq<YL<Q
zn$Rtu-z`{%N=tfAz(whv(<@fQ{)q>);0Ki14ZX|&*hMB9Z_j%GpA-?U;7Mc@boI#K
z3X}T8NQ}xH=nxgjG~G4uPOQ8SWO2|b$MQZ6SGhNip~ZC$kXIm)Y~q<U^j+dJ^(vln
zSF+?1T$GW~a0q(_F3<uloU{>F_I%!1)}1+iA~D(}gmEnjEZO%fX@gn2Z$f>&^vEK3
z?)M_tD^-)hqx|k+lRj=+7`-_J#X9+RRUYxzaiSe*p(;m80>64QR{vyu#KgUv_iM8m
zF1_@HK-F8;c!|-V?J5v33f;UpJ4t7w+mH2X@EyUa{ig(~eKr)!`IxJGe%zC9!SQ?J
zA};4>kV$6{sHw2Mm4>IwcL!Q~;H(7)-nA@uM{X9x4wy$NZ(VU2s`in<wE*TBz1Hh(
z!%ra>w@|6V4L=*hMofqY<f-pjlrqh&N?EhZw|imhL&kTstusel;GGGpq=P}0ixLdw
zD!s_V?zLOMyAz*^FeCjUy3WC{{_1mDZwI!++x!8zC_mhmWlq|fIlhdL?{epTL39)F
zt_dR}x?vNsXDzAUNQaa%J^z;?CTxN8;s8LQa6HaVMq}ul67R|Ay&MlVxy)-vK&|Yu
zcY%Usj{qTP@nxzkP^x`k){<OG8kQ1!hLEO9P4&P?Fj6E<(N_OxSjFN2)D_HFV2L9v
zxy<Extq8R?&tbTH)*mV*r}pl)Pt~pQ<*F8-yJz=4kLAt9d%QlX6R5%zFu;VxH$cPF
zW=v-yPN%?Jc5jpdxSo5(|M=m`?I~W%^*SCc@Ezr#tJ=5on5Dt7d_}q8#7>#=N~ny6
z`gXoP8Ox6()?qVa77A5za#B0nPUGzyuq@Pck0ABaEzeXwIy2k*!Q4yO^sOfQIToU=
z8?M7Rp~#|>*P1Ra3k$)DZab152S<%bXhdYNcl!IDZ_&t<v-n@=0MIE$STZEi=d1xL
z1_E`z=3&dN?gIOhtSr&-^vDqz98sz!KufNXTRxCTTzU#KY?fGozXH!E_}C|G06W}%
zAW>DJNaXFq-D&L#1hyE;HfAGxR^m)Zq6yRYny52bGF^S3i*l2GbQa4{b`V<b@z*XQ
zOrGK#wOAN=93b5_PE6}tB4b>|q;zD_`rLBri_|yjIqcOA;ExIEg`)HoQdoRXNH*^l
zxSN4VA?h>f?)1|clt~S3J9XY=`7_lP|1hEzF~5~-M+j;9(zXj08-e-7W>9X(EFDj4
z8*J@Nx#6M(36O|6mu@nH-u${F1cB*aZlFTJ(&fupj<~8V7mQd)6&RO7E2U5cQ7+b5
zr^p|3Ko9(##oZPJ4`W6U!1l!EQk)+`<`{Yj-Iq!Ck{Aw`3B7>sJJmdGr`wWQ1U>~l
zs4qln3!jkEHPY72{*$oJ20$R6g#u}RYvZI4__|#1(Ab{uqUr&@B6U9$a!b<z%?n@#
zpvsxtGhkocSr$=C-axLPUxUtcHsVK2M6#T(zx9n>7($XXd{_*+StyJ_<&k81;J1gy
zF3#x5%m%^U3U6xuBKCWrd62u78;y~j2sck)p#LkRBF|mKzl8lO{UJG|-2b`k3=lPf
z{+0EwiWUF)cQ-+z3CX__PV;}715@~4J!S_0;{2;9zw{3G$-jEB4Zyzp{{@2n=RP#p
zb3?OX==^X;KZ#fgxm$Xz063Sn;&yGWF6*KzdH@&#8AcGzLe&fx@!<6KCVm;S1u0kL
zE?t}qFe^!<>8KVF(!PymE@5Hvg~03UCoCZAn-92=Tcc0yb{<!`oUrQ{DgB8+3Ex~W
zI$X-igcdfuD`#S4oM6>ZdhPMReWs70E>rK#OlvJj>adZAfV<g(B#p3EGihwj_-|#1
zxytw73DtKhBRS?)_}7jO=I4P_=9}Ev2OU)PT?7fRZj@AMZz4DM+^Y%}AL*rvfVk!@
zJ|??InpKv3+oPtOo?jR1h{}fShB6WpWoLN2xxH)nuc#P`%?1KVcchUR6eO2!dW1au
zRW^E>uZ{(cT=2Bi#Ro(DD`FSq2HDx`ICw`ooy2nh<7iKp>LS=2BUj46PFT}jgSze|
zYzR8KCE1|F&WWhY3*&O;!`ww&KAT@eai(+0%OH1IGB~pAcN*HvDCwi5P+V?y)BSU!
z;UvD!3>uxwNc7SbAT^ELU8<A69S6-JE}F^yD(D!Zq$BOa<OvyKmbRmL2$|Xd9w-SS
zJlPnX0pbT!vU%lA$7jCY&*qtOh^S=Hhp&?J8|w8bc^Fog7MjDWPS|jSF&c1|jO0-u
zkr&uSx3W}1y!uDaQgREbFEVLc!iiVf;^NNFL3;S#xX@uM@oIVke`w7ogIK2a>YZ5%
zW2E-b+dTn_Ggo5NG~<)jJ+|EZ@Pe+7jCnE5Fb9FSv86%Qv#G9xPjloM^Dq2|TYUNF
zneeS~tAFJL4_YyOi4yY>jyxRbwR>g0tr)?z6Mp8hrhwOt>N#zjhVe+KE<j(}f98!p
znXoTiO;WF`B-xeu0p@H(uBf~{{FHE0nslVj-fSkFJnsl{<gG|KFORpr`6#6QAt64V
zHX9X7s^v)ZkuBw-fXDLqSDRXbhMlj_BG#DsKF$~7+7AQ`+hr`^suFiRkv7L=75E%q
zgVe3zcP0UO28{t%Ii8O0m)@)#G$r$Xd{ODID?bx6l8)8T>Y17zF3VJaso^qXSF$<D
z-_mXx$VR<N^TT(tW=)1U3wOpjXQX0OD{{UqbeX)=SJ^zaA7m)WDK1W*$3RqUSkMqU
z<m55R@2Hjh^eK(V*_A0ZFp|T>x%<pA%~qgk^r5F1yYK{c@Dvf^y9=yL+pG^tDP#=X
zwK+D)?KsX3Kb~J*K_I%=!s=BAJgkZD)z7WTH|L*B=T8Tt`EJ{49U#<e+9Hb2m2iW#
zG#i)En*+|t3A`xE^KF+oPnKU({~GH*`aX{@+7Ov*lW)&G(&_IdSTY;({p`=%V&V6d
zUUSd2w1rIAEZ#Mka~{Bo9{;-Z)I!yqBbY+W2}N6*`;!E;+R_Inilgie5+jezaTBAg
z+JDN*_>-;R23U(p)d9(NTl0($#eHRlA2<vLt4Y!>53P*siNcuNmF;>|&*Ftyhoi5K
z3Z-9zV1m}HI;N)jPdqdj46^uN`48`ojXN<WUj7P7=VuN&dp5o2Ghk`EDn$wYWwltX
z9m_wXv=GQRfwo&eMnWr=n9r26itfv51@*7Vd}~L#N4VZt#;#XG=C7OzwM>hC2w;~{
z>-XXhD82+ZmNIZ6h;0>YuH9jmhQVc{%(?DZlkQ#2E#zu{yeO+2*-baR`0&wqXT4OY
z3FV+2^oW|gm_ta?D`dCA1-&;T!u~6y2J-0d7kfn!<&f@~QZq>%{ogtrY+O6@_NkdR
zzccD6ArB~RxQ#X(muIQ;-t6Hv9{K1G?H=dqq%<rPM0VLXd6G<b{+-3_z36#=E6Q^v
z_KAaaSM681CCx>fp}gK*ok*Z(UfMfNVw!rwKGIm%0#a^%eq}Nymtc83V}sz;`U>B3
zDKmwH@Ldg>p(;LBRLn$+ZL!D`&D$SQ+h6BltKXvlruwLMX2+SUI;(kHdW~p(%D&DQ
zYDCTjHYb->Pk|i|{*=dRwLTz|@{5XFi#^TV6=e#W{b+hkE%)xmA|-1w+XAf^A@hqW
zc&wsF@ZR6jlV^CRmJ7WfHok4ASW%3+jxS2STwEY6KvhmpNiy`RqLuO)#QH=_RC(Vu
z+*Vf3%iq-Gx-x-QT%9f2Ax7;CtR#$mUml=2RN-mIj-w++1x~0{$G$hSQq<CseIw6v
z@aB)C*BxGvxTX98clp?k{Cp-TjZ}LDT2EK3=<cT6?DKWQ&_`~q)A{#0O)hm82&r6b
zZKk8PE(FLny2k~vZgFDUsm4zt0<27*hmg5;KB|HTuq52}s@cSai%De_Uki>>58KzB
zqnBKsby(ABVmtv(Zo_ULSwT4MU45$f<UWGm#t%>GDu?PyCwum8H*{LB{P#q41qZr6
z&olbCahd4T+6W&b>TGm0-x#i&YP}>ilv+B9)c=XuFx4&UeRfv0v&Ez{vW@g8<>BJ6
zJJV=t!Et1q(@)|v8)}qV{GsNEv8%J#+#yBF827jH*4wIBvFU5VGoosD-;}+>hFo7o
zmo@agG2cu$i)#eL80A8d{X}}Dj(0;X(+<Egulg{RN)6)sGc4a-pPCB4Wazc6tR#F<
zu@+!zONf**vmxVSPJC6qJ=Y|tr?r2(IOqIF4yqUQr~DDSR}F_=jEYF6Ifh=xS>gI}
zec}jqu1rg<C)p6^PPhs5+#6@Vlx+!}*6zo__poRH5XIsR9mRVGjcf_gSWDVt2(MXb
zS6^}T_n%~;&^-^e>gdrctd|<`{AQtIW)BmGvLZZ<=@tp!9){N2vxqW3y!-Muf@9W%
zh}DGQr`fIp*A>fAOvzE*o~c~!!@1x(`&{@Q6`WEx>0xrCGaI^A%)<Wbi!}e}jgkOf
zDAQS=cxq~Z8G)qV7^!WbmGojriDxjAoOILSGv5Pd#=F{Ji*`rG3H&*dHxeT6TH0`t
z6=OOJ_8~ugn{Xwy>oS76BS3stO)v1c8TrSRE4uqTJmom@%g*0xap#=Ggv7!+MVzJb
z>n)&I3#w|dP$tg-WyK^O(^0*rohl24kppfI;;q*Ge|~Gx=a%Q=lQXaK%EXS7<Zj#G
zQGB%hZW7%iCmD|S$oWB;&E>FPQE*7LtrM{QiFE=9hLO=F;5+7l!QhQMmu_Q4s*_-f
z%#Hcdhrt^`E&1=ct-%aN@+)>ErFrj94v9>hdTaMX&8xkP!m56YO`$R8J6*SmdGR^<
zON6q0t_%}XYj%PRvx+#9s&FalY;m!9zJAn0G_sat^t@#?9rR<>b#7Zdc$v&9?)Xgc
zWXs{Vdq~#z`ejvU=Q+3Tw%Mlz3h7lLv8<j>QpK&|j^Ev$r>2i?tv*a(60LACO|@Hg
zhW)MIw1heg;)zsTRg#`?{sxvOxr>1mP1Q9R$MV`H8X7(jbAJ7PGTAjkvNo7Q9}OSB
zt6R`RT-MXV@5P}qA7$^xc`;_Bys}Taxcg4R<TKdKbQBf!B;tFs@nH-tuw_MG!29Rw
z?&gQ+;xTZf+rnhaN2L6@ONcLTNuLNSo9^FI?R%;iHwRdp7CR>=2-?Z}?!O1E2UrF+
zhnIXl8dH@c22v)EcKa2Q^=~_=q$?~GDB2p2naun_%v)U)QF~lkRw+Kz0h#8JE~$7?
z0J;EREA2w&zPiF$yl-K0V1!EEt>m^@pB$JYbVuhhFY=P8pmue*Dy*A;C-lFOf3?j2
z@Hj9^xUBNn@iTM5eq_P(zdx7(8!3#AXXeVT^<QxG?mhw(sL!sJ@g#fsIe~N%QJ8eN
z^S>%VSZet{fo*L(uvq|<G^#4t`48_-+j3^vKlSQIpN#UnadSEB?>ux7PXj<Bw(Ux9
zTskSW-WN=aF23W7iT)Oz<UMsd-=2k|jYyrd1$*HYvcC<ttu=9C$SG2XOBmuHZK$Ye
z(lgo@^6oAYeGp|%a^Xzg*r&*@GZ}XL>rQ1f0Q+awg<X=W@aRkXyv(@kog)ff7D1{#
zjK!Y@`dxJtGN9B>WdvzT>d=k;Z37y062F-OofbMJE*9l;$&JEzur{F-Q~y^M3))Ku
zj>`?V#E-FF0F@qpm9>HTtK$Q^i_e{$6LO9GD>kO5R{{}--jO-vmlr~rfH|H?P%~7M
zi%Z-CF6E6RMXi<ku=)rs{#6E<%H3~ow>4|U7|?c+50_2~@r6;6@hPE*q^AUTW_+$a
zZ!HOG=MnK(OQ*%`8C$>WgyS5#PsDVm%5_zkOA?07q3`H=kfnWX99a_#5097^f;}D0
z&Ld2dY7(k;gn7|=V`#O0eTRrV5S;;Ssy$-&T^d_xG_vHusc^DkQGviVcGvF)K+GOM
zv?whot!T+qpn2UvAhbp*X^-hTld-h<iN@uW@}MK3x<CoF>q26%kzY{%;**1-NRF22
zP~719@;r0@m$6SUHX_g(k+AqA+S|8HPg4{vhn{<cFa@Wz4s$+dc8!U51kR{1*A#~v
z5ef}+Ueod1T4m%m)B#tsz2Mv66`!z)kKn+aI$>;tnB<zV5?qCqw#;IDKhZ$<%<g~?
z?OH3ozLZGT6a4B}AaeLs@U}-NuH4h3+kBYu-EqFw%!*1vqV($ust#Ew;>`(L(}Ogq
z;}HAeT-f=uKhlXyzK5)4#Q!&3=k7%=OmtM~3Z1nK{8&R`HQGhuw6q1pornjH2s3;2
z>*(~~?AqHN8V^L9k$lUMG@^6oXg02?M37hfJt9hJx-0x7*okP<Q%w3W>Gt^BYa7@T
zm|S%x9BOInQOI{K=YU2n^69D9Cn>w_g4!fk3}l0SgcfEP<$>B*CX8wMumIu2>;vvr
zwj><Q^|`iB`m8iG2U?FB1x{3zX&xlBaf&AWy6y5uF-cp`=H`M43?@kP#z!q}Y{cx6
zw>vhtie948E`bzeW2UmS)X#OuWoJWm8e5`qOqgH6LbRP$)fM3pAGql!yT2|J;N7tT
z2Y*wTf>K{Am_lWQ*xQ!HqFIyOKvQ<wtfXIPm)*N2-0sHcjmo(5#7Z-^@6R+51lEJF
zJ%``)8-4L;wAN2w`0(csX;*TNjnqXg;$&T#@~FJOYr!(p68iwrsze011(I7#(PI%h
zTAnxY#nUgyPk-fnLbTYkQ;cQ*^yWJ8eO8L9_XqM4`t-r;=Ab$LRwWGUoPo@N;wV}3
zlxMc|WdZ3f!cujywe@NCMjvD}Bh&V-PZiWo1WvPSZ-!behTCU4z<r#9+ZoPps*;{2
zN|$Gk?c2>aR7T_nJmu1!A{E>H&~+|>b3GZRS`})&@M%p6&(Fm}d?1SJSTIM9dVax#
z49Bk~eUUk4E5E3XgsWie6{raVAZZS_(EU@$kcG%7;u^pliXddgbwIZ<!bj8QEb4l*
z=RM!+gAxm5DvW!{*o5d86vH?iI)Cx`1-fB|>H-=X#+V6(7Hlv39SD?1wzEh>A*@xc
zqA5d``3=7%9E~*~oMW!p)4AJ|-~dYhhKCrSX)i8y`{u6#s<5$*fS$@FAIBxUdAnO#
zyk$aEX68sDc1pQCo0Yo;;*8g`3XOV3l}ChIwaY?-Wv<zjosj+-4XcfxzBKnEw|%My
z_OU_oSBVGmXZ$vSX(`(1Yz;?+m-=`=Lzl>DI8tdxK3<h|o*G?{u^<HLtbZJX9#L(m
zbab3%XcR|Oja|`nu~Oo%A?i>n<EF=-s{=}qaG1*O6BngXd`s9cG|9Wf#{RZ+FDOmt
z1yf|{9(Tc#Mn~O{;CCs6o4atUkwNxfFcC>O?|lS-UxjStr6Q)(F@ZfS<)MP*?gnde
z{U;Ms1bXv4qv?MG@$G*=T+WduychmJEW2yvE3htJ`)sqvVv=d+$if=v=y;_k3Pmid
zLxkALvkV8g`rgnIG*P;jWUZ)4z5a7jwJSt~8pmqEINQ6t+&uHgYt}v#?EOeKo9}TJ
zx$`9Ls!vPv)Q?i)LB($;Sx%FWbl8)UtyYsS#E`u{SG89)traTP*S1=-!m^%|rX;q<
znb&2dOgb-pv-l5aQnFG8YQtNsHe71ktOFGoCbtri_SXIdhcg;l%l2IoX&fkphEE=g
zlnF9$xjxK#khM=s@H#`+1bKB1<h+@7);D`j8lB|+Asq{AZ_48qt~!moD{f1Imm3s3
z&vvqKH`3Pop5o}x+UOgbf7CT$PHiAn9zMQ&znpa({=g_G26%e$q4SeIE@Zef*?MAX
zwnN-<9N~W4+*e6@{gKs6;aGO=N;*o1XO?euGk*+9+?@G|IVIuuFmn#eMWlhHX}YLS
zufWRvAt0q7yf#0j>Md{nP~;J7V5<eLU|oltvAq6BA;l~GzEM}$OC6>8RATth&;XTb
zN45&LUd8rOmZMR$_j=UiVQvqj-=AKgZuj0*94p>A1eC!{qxut9Z20$a-3^dn6MoaC
zYn!;d(^@kJ#-Ul7ji1$%6__i8gK-&>B%@>>S3Pi>q%tz5_;ZmaoPPGPO^$;sztD*0
zz$ZgeS*4V((!#RXbwTHQqEMC|E0ZhD<AcS)t)TJOBR~|!g8ZDb0|;;l35DADwWO@C
zQk#!u1mj^CcgX#PEaEJnk?hp({iaNg5b5j?=~ekz7hN$MijA=<AK$w`H)nR^*UOP1
zWh2iSU^G_gZsm4XgLE|Od(9AF7xmZv$iiVM{0n)Whc7Y8(#-5XpdVs{`m2NCJ_a(C
zWWC^?A>rP5Bza5Fk#jsi7i>?{d}**6$^brmyHh8JmiEUnLboOdRchv@V&G3u+7FlW
zUmfjfKTLisT@?l8r>O|vTYPJwOYjWB*0gkO&-0|Sux{MkD7+q^ESG~2!*{QyWLiLZ
zzLWnjdHauqoIY*M%Tq~u)L-$=Srscdugeh&I?t;>Z1B2e1VsX|_@kA>$8j%lo`&{#
zw#X{1(c0>DsGbS<zkc@o1sM>kH3TV<m29hi6f&V?J&1)5-^})yLn1~&O|0A17qtS4
zThp>*g!^f#<4b>Wzbk_u^`0mi2<8lZHI(9=N&S>J9QBdPIS{hMBFLdz7ba#GfGJ|*
z$-_GNP&r+pcam!$tr>Tg{IlhXheQDOY_)j?q;_?{YD<ZQJN-itmsrR!Zrdr1pPVwA
z)fwsF$(9KM8RMb<yc(HQ(d0#znV;$E%kc1Catsw@j&cA#+>YEc3nXYUBFZ))PJ89{
z)$0{j$Phs>Sa&2&%mQT3hwY7P4y)dgu=!-nI)^P>$!DkO#*52ZM)JV&4tDM5M$W}W
z$$XMn^LL;h#9VeJ>b^6@Q7F@Y34|3AQtG5@{j{-Jvd>8$O?zq87|8$(@_9k$IvO<h
z7}V199jT2cws1uS-|&sQ=j7+)k9Bh%V0wMF(g~J0(0a^0-o9=ZT7~1>WA;XAGZ=*<
zv*Bcnz2)^2jobH_cQqcIrRB34WQt}e$cHbo>#>SXBI+;P113rCL%y0X6j&Or1r+r8
zvgnYB>J&PPTbE@5cDR+<rr2!~O2^<C_Ym1U{Ye+={~eMSm#F!F6sNxdWAy4nzNFSL
Qq5(xgRuxqC#w75+03%D`bN~PV

literal 0
HcmV?d00001

diff --git a/docs/source/index.rst b/docs/source/index.rst
index c1975fe8..3032fd94 100644
--- a/docs/source/index.rst
+++ b/docs/source/index.rst
@@ -58,8 +58,8 @@ that are common in WiFi and ISP deployments.
    /user/registration
    /user/social_login
    /user/saml
-   /user/change_of_authorization
    /user/radius_monitoring
+   /user/change_of_authorization
    /user/api
    /developer/signals
    /developer/how_to_extend
diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 8438afd9..1b6b7b8c 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -5,6 +5,9 @@ OpenWISP RADIUS includes an optional Django sub-app that adds integration with
 `OpenWISP Monitoring <https://github.com/openwisp/openwisp-monitoring#openwisp-monitoring>`_
 to provide RADIUS metrics.
 
+.. image:: /images/radius-dashboard-charts.png
+   :alt: RADIUS session dashboard charts
+
 RADIUS metrics
 ==============
 

From bc9fe31bd192ba899d777f384e87a082e372ff40 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Sat, 30 Sep 2023 14:20:15 +0530
Subject: [PATCH 13/51] [fix] Removed precision from Round() which is not
 support on Django 3.2

---
 openwisp_radius/integrations/monitoring/apps.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/apps.py b/openwisp_radius/integrations/monitoring/apps.py
index 2f4c49dd..0f1ab96f 100644
--- a/openwisp_radius/integrations/monitoring/apps.py
+++ b/openwisp_radius/integrations/monitoring/apps.py
@@ -78,10 +78,10 @@ def register_dashboard_charts(self):
                     },
                     'aggregate': {
                         'download_traffic': Round(
-                            Cast(Sum('input_octets'), models.FloatField()) / 10**9, 1
+                            Cast(Sum('input_octets'), models.FloatField()) / 10**9
                         ),
                         'upload_traffic': Round(
-                            Cast(Sum('output_octets'), models.FloatField()) / 10**9, 1
+                            Cast(Sum('output_octets'), models.FloatField()) / 10**9
                         ),
                     },
                 },

From fb2cc928c08503e02eafd8fa653e3c55d9240431 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Sat, 30 Sep 2023 14:46:56 +0530
Subject: [PATCH 14/51] [chores] Upgraded openwisp-utils dependency

---
 .github/workflows/ci.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0545a357..6b5c069a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -57,7 +57,6 @@ jobs:
           pip install -U -r requirements-test.txt
           pip install -e .[saml,openvpn_status]
           pip install ${{ matrix.django-version }}
-          pip install --force-reinstall --upgrade --no-cache-dir --no-deps https://github.com/openwisp/openwisp-utils/tarball/dashboard-chart-filter
 
       - name: Start InfluxDB and Redis container
         run: docker-compose up -d influxdb redis

From 1dbd84e7d5c970aa29257cae5ed69c9d27473925 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 16 Feb 2024 15:45:55 +0530
Subject: [PATCH 15/51] [fix] Handle called_station_id uses "-" instead of ":"

Also made device mac address lookup case insensitive
---
 openwisp_radius/integrations/monitoring/tasks.py             | 5 ++++-
 .../integrations/monitoring/tests/test_metrics.py            | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 34f54896..f44dd679 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -105,7 +105,10 @@ def post_save_radiusaccounting(
         device = (
             Device.objects.select_related('devicelocation')
             .only('id', 'devicelocation__location_id')
-            .get(mac_address=called_station_id, organization_id=organization_id)
+            .get(
+                mac_address__iexact=called_station_id.replace('-', ':'),
+                organization_id=organization_id,
+            )
         )
     except Device.DoesNotExist:
         logger.warning(
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index b377386f..6ff89726 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -139,7 +139,7 @@ def test_post_save_radiusaccounting(self, *args):
             {
                 'unique_id': '117',
                 'username': user.username,
-                'called_station_id': device.mac_address,
+                'called_station_id': device.mac_address.replace('-', ':').upper(),
                 'calling_station_id': '00:00:00:00:00:00',
                 'input_octets': '8000000000',
                 'output_octets': '9000000000',

From a5bc4d17daf700bbae90a3bb974cb1eb0d4a4c11 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 8 Mar 2024 22:12:57 +0530
Subject: [PATCH 16/51] [req-changes] Updated colors for the user registration
 page

---
 .../integrations/monitoring/configuration.py      | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 92acad91..59f6c084 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -41,14 +41,13 @@
         'organization_id': '',
     },
     'colors': [
-        DEFAULT_COLORS[7],
-        DEFAULT_COLORS[4],
-        DEFAULT_COLORS[3],
-        DEFAULT_COLORS[5],
-        DEFAULT_COLORS[0],
-        DEFAULT_COLORS[2],
-        DEFAULT_COLORS[1],
-        DEFAULT_COLORS[6],
+        '#3A3335',
+        '#FDF0D5',
+        '#C6D8D3',
+        '#F0544F',
+        '#D81E5B',
+        '#048A81',
+        '#343E8A',
     ],
 }
 

From 8e41e7047459b829e12445dff8781d8a58977604 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Sat, 9 Mar 2024 00:21:05 +0530
Subject: [PATCH 17/51] [req-changes] Don't discard accounting metrics if
 related device is not found

---
 .../integrations/monitoring/tasks.py          | 22 ++++++++++++-------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index f44dd679..43e3afc6 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -101,6 +101,7 @@ def post_save_radiusaccounting(
         return
     else:
         registration_method = clean_registration_method(registration_method)
+
     try:
         device = (
             Device.objects.select_related('devicelocation')
@@ -116,19 +117,23 @@ def post_save_radiusaccounting(
             f' and organization "{organization_id}".'
             ' Skipping radius_acc metric writing!'
         )
-        return
-    device_id = str(device.id)
-    if hasattr(device, 'devicelocation'):
-        location_id = str(device.devicelocation.location_id)
-    else:
+        object_id = None
+        content_type = None
         location_id = None
+    else:
+        object_id = str(device.id)
+        content_type = ContentType.objects.get_for_model(Device)
+        if hasattr(device, 'devicelocation'):
+            location_id = str(device.devicelocation.location_id)
+        else:
+            location_id = None
 
     metric, created = Metric._get_or_create(
         configuration='radius_acc',
         name='RADIUS Accounting',
         key='radius_acc',
-        object_id=device_id,
-        content_type=ContentType.objects.get_for_model(Device),
+        object_id=object_id,
+        content_type=content_type,
         extra_tags={
             'organization_id': organization_id,
             'method': registration_method,
@@ -137,6 +142,7 @@ def post_save_radiusaccounting(
             'location_id': location_id,
         },
     )
+    print('===========================================')
     metric.write(
         input_octets,
         extra_values={
@@ -144,7 +150,7 @@ def post_save_radiusaccounting(
             'username': sha1_hash(username),
         },
     )
-    if created:
+    if created and object_id:
         for configuration in metric.config_dict['charts'].keys():
             chart = Chart(metric=metric, configuration=configuration)
             chart.full_clean()

From 9da878ce3879c05c6632409118d5b0c11d5efe65 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 12 Mar 2024 22:38:46 +0530
Subject: [PATCH 18/51] [req-changes] Updated colours

---
 .../integrations/monitoring/configuration.py     | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 59f6c084..3d8ae4d5 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -41,13 +41,15 @@
         'organization_id': '',
     },
     'colors': [
-        '#3A3335',
-        '#FDF0D5',
-        '#C6D8D3',
-        '#F0544F',
-        '#D81E5B',
-        '#048A81',
-        '#343E8A',
+        DEFAULT_COLORS[7],
+        '#8C564B',
+        '#17BECF',
+        '#9467BD',
+        '#D62728',
+        '#E377C2',
+        '#1F77B4',
+        '#2CA02C',
+        '#BCBD22',
     ],
 }
 

From 76ca1db948d10a17b0b61eae1ea6a60ed2dd758f Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 12 Mar 2024 23:43:25 +0530
Subject: [PATCH 19/51] [tests] Added test for changes in
 post_save_radiusaccounting

---
 .../integrations/monitoring/tasks.py          |  9 +-
 .../integrations/monitoring/tests/mixins.py   |  4 +
 .../monitoring/tests/test_metrics.py          | 89 ++++++++++++++++---
 3 files changed, 87 insertions(+), 15 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 43e3afc6..79f8eb29 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -115,7 +115,7 @@ def post_save_radiusaccounting(
         logger.warning(
             f'Device object not found with MAC "{called_station_id}"'
             f' and organization "{organization_id}".'
-            ' Skipping radius_acc metric writing!'
+            ' The metric will be written without a related object!'
         )
         object_id = None
         content_type = None
@@ -142,7 +142,6 @@ def post_save_radiusaccounting(
             'location_id': location_id,
         },
     )
-    print('===========================================')
     metric.write(
         input_octets,
         extra_values={
@@ -150,7 +149,11 @@ def post_save_radiusaccounting(
             'username': sha1_hash(username),
         },
     )
-    if created and object_id:
+    if not object_id:
+        # Adding a chart requires all parameters of extra_tags to be present.
+        # A chart cannot be created without object_id and content_type.
+        return
+    if created:
         for configuration in metric.config_dict['charts'].keys():
             chart = Chart(metric=metric, configuration=configuration)
             chart.full_clean()
diff --git a/openwisp_radius/integrations/monitoring/tests/mixins.py b/openwisp_radius/integrations/monitoring/tests/mixins.py
index 38b557a1..c7e3dce3 100644
--- a/openwisp_radius/integrations/monitoring/tests/mixins.py
+++ b/openwisp_radius/integrations/monitoring/tests/mixins.py
@@ -39,6 +39,10 @@ def device_model(self):
     def metric_model(self):
         return load_model('monitoring', 'Metric')
 
+    @property
+    def chart_model(self):
+        return load_model('monitoring', 'Chart')
+
     @property
     def location_model(self):
         return load_model('geo', 'Location')
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 6ff89726..bf48260b 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -7,6 +7,7 @@
 from openwisp_radius.tests import _RADACCT
 from openwisp_radius.tests.mixins import BaseTransactionTestCase
 
+from ..migrations import create_general_metrics
 from .mixins import CreateDeviceMonitoringMixin
 
 TASK_PATH = 'openwisp_radius.integrations.monitoring.tasks'
@@ -180,6 +181,82 @@ def test_post_save_radiusaccounting(self, *args):
         self.assertEqual(points['traces'][0][1][-1], 1)
         self.assertEqual(points['summary'], {'mobile_phone': 1})
 
+    @patch('logging.Logger.warning')
+    def test_post_save_radius_accounting(self, mocked_logger):
+        """
+        This test checks that radius accounting metric is created
+        even if the device could not be found with the called_station_id.
+        This scenario can happen on an installations which uses the
+        convert_called_station_id feature, but it is not configured
+        properly leaving all called_station_id unconverted.
+        """
+        user = self._create_user()
+        reg_user = self._create_registered_user(user=user)
+        options = _RADACCT.copy()
+        options.update(
+            {
+                'unique_id': '117',
+                'username': user.username,
+                'called_station_id': '11:22:33:44:55:66',
+                'calling_station_id': '00:00:00:00:00:00',
+                'input_octets': '8000000000',
+                'output_octets': '9000000000',
+            }
+        )
+        options['stop_time'] = options['start_time']
+        # Remove calls for user registration from mocked logger
+        mocked_logger.reset_mock()
+
+        self._create_radius_accounting(**options)
+        self.assertEqual(
+            self.metric_model.objects.filter(
+                configuration='radius_acc',
+                name='RADIUS Accounting',
+                key='radius_acc',
+                object_id=None,
+                content_type=None,
+                extra_tags={
+                    'called_station_id': '11:22:33:44:55:66',
+                    'calling_station_id': '00:00:00:00:00:00',
+                    'location_id': None,
+                    'method': reg_user.method,
+                    'organization_id': str(self.default_org.id),
+                },
+            ).count(),
+            1,
+        )
+        # The TransactionTestCase truncates all the data after each test.
+        # The general metrics and charts which are created by migrations
+        # get deleted after each test. Therefore, we create them again here.
+        create_general_metrics(None, None)
+        metric = self.metric_model.objects.filter(configuration='radius_acc').first()
+        # A dedicated chart for this metric was not created since the
+        # related device was not identified by the called_station_id.
+        # The data however can be retrieved from the general charts.
+        self.assertEqual(metric.chart_set.count(), 0)
+        general_traffic_chart = self.chart_model.objects.get(
+            configuration='gen_rad_traffic'
+        )
+        points = general_traffic_chart.read()
+        self.assertEqual(points['traces'][0][0], 'download')
+        self.assertEqual(points['traces'][0][1][-1], 8)
+        self.assertEqual(points['traces'][1][0], 'upload')
+        self.assertEqual(points['traces'][1][1][-1], 9)
+        self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
+
+        general_session_chart = self.chart_model.objects.get(
+            configuration='gen_rad_session'
+        )
+        points = general_session_chart.read()
+        self.assertEqual(points['traces'][0][0], 'mobile_phone')
+        self.assertEqual(points['traces'][0][1][-1], 1)
+        self.assertEqual(points['summary'], {'mobile_phone': 1})
+        mocked_logger.assert_called_once_with(
+            f'Device object not found with MAC "{options["called_station_id"]}"'
+            f' and organization "{self.default_org.id}".'
+            ' The metric will be written without a related object!'
+        )
+
     @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
     @patch('logging.Logger.warning')
     def test_post_save_radiusaccounting_edge_cases(
@@ -207,15 +284,3 @@ def test_post_save_radiusaccounting_edge_cases(
                 f'RegisteredUser object not found for "{user.username}".'
                 ' Skipping radius_acc metric writing!'
             )
-
-        self._create_registered_user(user=user)
-        options['unique_id'] = '119'
-        mocked_logger.reset_mock()
-
-        with self.subTest('Test Device with called_station_id does not exist'):
-            self._create_radius_accounting(**options)
-            mocked_logger.assert_called_once_with(
-                f'Device object not found with MAC "{options["called_station_id"]}"'
-                f' and organization "{self.default_org.id}".'
-                ' Skipping radius_acc metric writing!'
-            )

From 2d06b9534f43546241ff265aaf3e8c5d445cc631 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 14 Mar 2024 23:07:52 +0530
Subject: [PATCH 20/51] [req-changes] Use a separate metric for storing total
 registered users

---
 docs/user/radius_monitoring.rst               |   4 +-
 .../integrations/monitoring/apps.py           |  18 +-
 .../integrations/monitoring/configuration.py  |  31 ++-
 .../integrations/monitoring/tasks.py          | 179 +++++++++++---
 .../monitoring/tests/test_metrics.py          | 233 ++++++++----------
 tests/openwisp2/settings.py                   |  11 +
 6 files changed, 280 insertions(+), 196 deletions(-)

diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 1b6b7b8c..082ef681 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -19,11 +19,11 @@ RADIUS metrics
 
 This chart shows number of users signed up using different registration methods.
 
-2. Cumulative user registrations
+2. Total user registrations
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. image:: /images/total-user-registration-chart.png
-   :alt: Cumulative user registration chart
+   :alt: Total user registration chart
 
 This chart shows total users registered using different registration methods
 in the system on a given date.
diff --git a/openwisp_radius/integrations/monitoring/apps.py b/openwisp_radius/integrations/monitoring/apps.py
index 0f1ab96f..c1ad0be1 100644
--- a/openwisp_radius/integrations/monitoring/apps.py
+++ b/openwisp_radius/integrations/monitoring/apps.py
@@ -110,26 +110,10 @@ def register_radius_metrics(self):
                 _register_chart_configuration_choice(chart_key, chart_config)
 
     def connect_signal_receivers(self):
-        from .receivers import (
-            post_save_organizationuser,
-            post_save_radiusaccounting,
-            post_save_registereduser,
-        )
+        from .receivers import post_save_radiusaccounting
 
-        OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
-        RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
         RadiusAccounting = load_model('openwisp_radius', 'RadiusAccounting')
 
-        post_save.connect(
-            post_save_organizationuser,
-            sender=OrganizationUser,
-            dispatch_uid='post_save_organizationuser_user_signup_metric',
-        )
-        post_save.connect(
-            post_save_registereduser,
-            sender=RegisteredUser,
-            dispatch_uid='post_save_registereduser_user_signup_metric',
-        )
         post_save.connect(
             post_save_radiusaccounting,
             sender=RadiusAccounting,
diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 3d8ae4d5..1e6ceec4 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -28,11 +28,12 @@
     'description': _('Daily user registration grouped by registration method'),
     'summary_labels': user_signups_chart_summary_labels,
     'order': 240,
+    'filter__all__': True,
     'unit': '',
     'calculate_total': True,
     'query': {
         'influxdb': (
-            "SELECT COUNT(DISTINCT(user_id)) FROM "
+            "SELECT SUM(count) FROM "
             " {key} WHERE time >= '{time}' {end_date} {organization_id}"
             " GROUP BY time(1d), method"
         )
@@ -53,18 +54,16 @@
     ],
 }
 
-cumulative_user_singups_chart_config = deepcopy(user_singups_chart_config)
-cumulative_user_singups_chart_config['query']['influxdb'] = (
-    "SELECT CUMULATIVE_SUM(COUNT(DISTINCT(user_id))) FROM "
+total_user_singups_chart_config = deepcopy(user_singups_chart_config)
+total_user_singups_chart_config['query']['influxdb'] = (
+    "SELECT LAST(count) FROM "
     " {key} WHERE time >= '{time}' {end_date} {organization_id}"
     " GROUP BY time(1d), method"
 )
-cumulative_user_singups_chart_config['summary_query'] = {
-    'influxdb': user_singups_chart_config['query']['influxdb']
-}
-cumulative_user_singups_chart_config['title'] = _('Total Registered Users')
-cumulative_user_singups_chart_config['label'] = _('Total Registered Users')
-cumulative_user_singups_chart_config['order'] = 241
+total_user_singups_chart_config['title'] = _('Total Registered Users')
+total_user_singups_chart_config['label'] = _('Total Registered Users')
+total_user_singups_chart_config['filter__all__'] = True
+total_user_singups_chart_config['order'] = 241
 
 
 RADIUS_METRICS = {
@@ -72,10 +71,18 @@
         'label': _('User Registration'),
         'name': 'User Registration',
         'key': 'user_signups',
-        'field_name': 'user_id',
+        'field_name': 'count',
         'charts': {
             'user_signups': user_singups_chart_config,
-            'tot_user_signups': cumulative_user_singups_chart_config,
+        },
+    },
+    'tot_user_signups': {
+        'label': _('Total User Registration'),
+        'name': 'Total User Registration',
+        'key': 'tot_user_signups',
+        'field_name': 'count',
+        'charts': {
+            'tot_user_signups': total_user_singups_chart_config,
         },
     },
     'radius_acc': {
diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 79f8eb29..6f570662 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -2,15 +2,20 @@
 import logging
 
 from celery import shared_task
+from django.contrib.auth import get_user_model
 from django.contrib.contenttypes.models import ContentType
+from django.db.models import Count
+from django.utils import timezone
 from swapper import load_model
 
 Metric = load_model('monitoring', 'Metric')
 Chart = load_model('monitoring', 'Chart')
 RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
+RadiusAccounting = load_model('openwisp_radius', 'RadiusAccounting')
 OrganizationUser = load_model('openwisp_users', 'OrganizationUser')
 Device = load_model('config', 'Device')
 DeviceLocation = load_model('geo', 'Location')
+User = get_user_model()
 
 logger = logging.getLogger(__name__)
 
@@ -27,57 +32,149 @@ def clean_registration_method(method):
     return method
 
 
-@shared_task
-def post_save_registereduser(user_id, registration_method):
+def _get_user_signup_metric(organization_id, registration_method):
+    metric, _ = Metric._get_or_create(
+        configuration='user_signups',
+        name='User SignUps',
+        key='user_signups',
+        object_id=None,
+        content_type=None,
+        extra_tags={
+            'organization_id': str(organization_id),
+            'method': registration_method,
+        },
+    )
+    return metric
+
+
+def _get_total_user_signup_metric(organization_id, registration_method):
+    metric, _ = Metric._get_or_create(
+        configuration='tot_user_signups',
+        name='Total User SignUps',
+        key='tot_user_signups',
+        object_id=None,
+        content_type=None,
+        extra_tags={
+            'organization_id': str(organization_id),
+            'method': registration_method,
+        },
+    )
+    return metric
+
+
+def _write_user_signup_metric_for_all(metric_key):
     metric_data = []
-    org_query = OrganizationUser.objects.filter(user_id=user_id).values_list(
-        'organization_id', flat=True
+    start_time = timezone.now() - timezone.timedelta(hours=1)
+    end_time = timezone.now()
+    if metric_key == 'user_signups':
+        get_metric_func = _get_user_signup_metric
+    else:
+        get_metric_func = _get_total_user_signup_metric
+    # Get the total number of registered users
+    registered_user_query = RegisteredUser.objects
+    if metric_key == 'user_signups':
+        registered_user_query = registered_user_query.filter(
+            user__date_joined__gt=start_time,
+            user__date_joined__lte=end_time,
+        )
+    total_registered_users = dict(
+        registered_user_query.values_list('method').annotate(
+            count=Count('user', distinct=True)
+        )
     )
-    if not org_query:
-        logger.warning(
-            f'"{user_id}" is not a member of any organization.'
-            ' Skipping user_signup metric writing!'
+    # Some manually created users, like superuser may not have a
+    # RegisteredUser object. We would could them with "unspecified" method
+    users_without_registereduser_query = User.objects.filter(
+        registered_user__isnull=True
+    )
+    if metric_key == 'user_signups':
+        users_without_registereduser_query = users_without_registereduser_query.filter(
+            date_joined__gt=start_time,
+            date_joined__lte=end_time,
         )
-        return
-    registration_method = clean_registration_method(registration_method)
-    for org_id in org_query:
-        metric, _ = Metric._get_or_create(
-            configuration='user_signups',
-            name='User SignUps',
-            key='user_signups',
-            object_id=None,
-            content_type=None,
-            extra_tags={
-                'organization_id': str(org_id),
-                'method': registration_method,
-            },
+    users_without_registereduser = users_without_registereduser_query.count()
+
+    # Add the number of users which do not have a related RegisteredUser
+    # to the number of users which registered using "unspecified" method.
+    try:
+        total_registered_users[''] = (
+            total_registered_users[''] + users_without_registereduser
         )
-        metric_data.append((metric, {'value': sha1_hash(str(user_id))}))
+    except KeyError:
+        total_registered_users[''] = users_without_registereduser
+
+    for method, count in total_registered_users.items():
+        method = clean_registration_method(method)
+        metric = get_metric_func(organization_id='__all__', registration_method=method)
+        metric_data.append((metric, {'value': count}))
     Metric.batch_write(metric_data)
 
 
-@shared_task
-def post_save_organizationuser(user_id, organization_id):
-    try:
-        registration_method = (
-            RegisteredUser.objects.only('method').get(user_id=user_id).method
+def _write_user_signup_metrics_for_orgs(metric_key):
+    metric_data = []
+    start_time = timezone.now() - timezone.timedelta(hours=1)
+    end_time = timezone.now()
+    if metric_key == 'user_signups':
+        get_metric_func = _get_user_signup_metric
+    else:
+        get_metric_func = _get_total_user_signup_metric
+
+    # Get the registration data for the past hour.
+    # The query returns a tuple of organization_id, registration_method and
+    # count of users who registered with that organization and method.
+    registered_users_query = RegisteredUser.objects
+    if metric_key == 'user_signups':
+        registered_users_query = registered_users_query.filter(
+            user__openwisp_users_organizationuser__created__gt=start_time,
+            user__openwisp_users_organizationuser__created__lte=end_time,
         )
-    except RegisteredUser.DoesNotExist:
-        logger.warning(
-            f'RegisteredUser object not found for "{user_id}".'
-            ' Skipping user_signup metric writing!'
+    registered_users = registered_users_query.values_list(
+        'user__openwisp_users_organizationuser__organization_id', 'method'
+    ).annotate(count=Count('user_id', distinct=True))
+
+    # There could be users which were manually created (e.g. superuser)
+    # which do not have related RegisteredUser object. Add the count
+    # of such users with the "unspecified" method.
+    users_without_registereduser_query = OrganizationUser.objects.filter(
+        user__registered_user__isnull=True
+    )
+    if metric_key == 'user_signups':
+        users_without_registereduser_query = users_without_registereduser_query.filter(
+            created__gt=start_time, created__lte=end_time
+        )
+    users_without_registereduser = dict(
+        users_without_registereduser_query.values_list('organization_id').annotate(
+            count=Count('user_id', distinct=True)
         )
-        return
-    registration_method = clean_registration_method(registration_method)
-    metric, _ = Metric._get_or_create(
-        configuration='user_signups',
-        name='User SignUps',
-        key='user_signups',
-        object_id=None,
-        content_type=None,
-        extra_tags={'organization_id': organization_id, 'method': registration_method},
     )
-    metric.write(sha1_hash(str(user_id)))
+
+    for org_id, registration_method, count in registered_users:
+        registration_method = clean_registration_method(registration_method)
+        if registration_method == 'unspecified':
+            count += users_without_registereduser.get(org_id, 0)
+        metric = get_metric_func(
+            organization_id=org_id, registration_method=registration_method
+        )
+        metric_data.append((metric, {'value': count}))
+    Metric.batch_write(metric_data)
+
+
+@shared_task
+def write_user_registration_metrics():
+    """
+    This task is expected to be executed hourly.
+
+    This task writes user registration metrics to the InfluxDB.
+    It writes to the following metrics:
+        - User Signups: This shows the number of new users who
+            have registered using different methods
+        - Total User Signups: This shows the total number of
+            users registered using different methods
+    """
+    _write_user_signup_metric_for_all(metric_key='user_signups')
+    _write_user_signup_metric_for_all(metric_key='tot_user_signups')
+    _write_user_signup_metrics_for_orgs(metric_key='user_signups')
+    _write_user_signup_metrics_for_orgs(metric_key='tot_user_signups')
 
 
 @shared_task
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index bf48260b..ea413b94 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -1,5 +1,6 @@
 from unittest.mock import patch
 
+from django.contrib.auth import get_user_model
 from django.contrib.contenttypes.models import ContentType
 from django.test import tag
 from swapper import load_model
@@ -8,11 +9,13 @@
 from openwisp_radius.tests.mixins import BaseTransactionTestCase
 
 from ..migrations import create_general_metrics
+from ..tasks import write_user_registration_metrics
 from .mixins import CreateDeviceMonitoringMixin
 
 TASK_PATH = 'openwisp_radius.integrations.monitoring.tasks'
 
 RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
+User = get_user_model()
 
 
 @tag('radius_monitoring')
@@ -27,105 +30,6 @@ def _create_registered_user(self, **kwargs):
         reg_user.save()
         return reg_user
 
-    @patch('logging.Logger.warning')
-    def test_post_save_registered_user(self, *args):
-        user = self._create_user()
-        org1 = self._create_org(name='org1')
-        org2 = self._create_org(name='org2')
-        self._create_org_user(user=user, organization=org1)
-        self._create_org_user(user=user, organization=org2)
-        self._create_registered_user(user=user)
-        self.assertEqual(
-            self.metric_model.objects.filter(
-                configuration='user_signups',
-                name='User SignUps',
-                key='user_signups',
-                object_id=None,
-                content_type=None,
-            ).count(),
-            1,
-        )
-        metric = self.metric_model.objects.filter(key='user_signups').first()
-        points = metric.read()
-        # The query performs DISTINCT on the username field,
-        # therefore the read() method returns only one point.
-        self.assertEqual(len(points), 1)
-        # Assert username field is hashed
-        self.assertNotEqual(points[0]['user_id'], str(user.id))
-
-    @patch('openwisp_monitoring.monitoring.models.Metric.write')
-    @patch('logging.Logger.warning')
-    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
-    def test_post_save_registered_user_edge_cases(
-        self, mocked_metric_batch_write, mocked_logger, *args
-    ):
-        user = self._create_user()
-
-        with self.subTest('Test organization user does not exist'):
-            reg_user = self._create_registered_user(user=user)
-            mocked_logger.assert_called_once_with(
-                f'"{user.id}" is not a member of any organization.'
-                ' Skipping user_signup metric writing!'
-            )
-            mocked_metric_batch_write.assert_not_called()
-
-        self._create_org_user(user=user)
-
-        with self.subTest('Test saving an existing RegisteredUser object'):
-            with patch(f'{TASK_PATH}.post_save_registereduser.delay') as mocked_task:
-                reg_user.is_verified = True
-                reg_user.full_clean()
-                reg_user.save()
-            mocked_task.assert_not_called()
-            mocked_metric_batch_write.assert_not_called()
-
-    @patch('logging.Logger.warning')
-    def test_post_save_organization_user(self, *args):
-        user = self._create_user()
-        self._create_registered_user(user=user, method='')
-        self._create_org_user(user=user)
-        self.assertEqual(
-            self.metric_model.objects.filter(
-                configuration='user_signups',
-                name='User SignUps',
-                key='user_signups',
-                object_id=None,
-                content_type=None,
-            ).count(),
-            1,
-        )
-        metric = self.metric_model.objects.filter(key='user_signups').first()
-        points = metric.read()
-        self.assertEqual(len(points), 1)
-        # Assert username field is hashed
-        self.assertNotEqual(points[0]['user_id'], str(user.id))
-
-    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
-    @patch('logging.Logger.warning')
-    @patch('openwisp_monitoring.monitoring.models.Metric.write')
-    def test_post_save_organization_user_edge_cases(
-        self, mocked_metric_write, mocked_logger, *args
-    ):
-        user = self._create_user()
-
-        with self.subTest('Test registered user does not exist'):
-            org_user = self._create_org_user(user=user)
-            mocked_logger.assert_called_once_with(
-                f'RegisteredUser object not found for "{user.id}".'
-                ' Skipping user_signup metric writing!'
-            )
-            mocked_metric_write.assert_not_called()
-
-        self._create_registered_user(user=user)
-
-        with self.subTest('Test saving an existing RegisteredUser object'):
-            with patch(f'{TASK_PATH}.post_save_organizationuser.delay') as mocked_task:
-                org_user.is_admin = True
-                org_user.full_clean()
-                org_user.save()
-            mocked_task.assert_not_called()
-            mocked_metric_write.assert_not_called()
-
     @patch('logging.Logger.warning')
     def test_post_save_radiusaccounting(self, *args):
         user = self._create_user()
@@ -182,7 +86,7 @@ def test_post_save_radiusaccounting(self, *args):
         self.assertEqual(points['summary'], {'mobile_phone': 1})
 
     @patch('logging.Logger.warning')
-    def test_post_save_radius_accounting(self, mocked_logger):
+    def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
         """
         This test checks that radius accounting metric is created
         even if the device could not be found with the called_station_id.
@@ -257,30 +161,111 @@ def test_post_save_radius_accounting(self, mocked_logger):
             ' The metric will be written without a related object!'
         )
 
-    @patch('openwisp_monitoring.monitoring.models.Metric.batch_write')
-    @patch('logging.Logger.warning')
-    def test_post_save_radiusaccounting_edge_cases(
-        self, mocked_logger, mocked_metric_write, *args
-    ):
-        options = _RADACCT.copy()
-        options['called_station_id'] = '00:00:00:00:00:00'
-        options['unique_id'] = '117'
-        with self.subTest('Test session is not closed'):
-            with patch(f'{TASK_PATH}.post_save_registereduser.delay') as mocked_task:
-                rad_acc = self._create_radius_accounting(**options)
-                self.assertEqual(rad_acc.stop_time, None)
-            mocked_task.assert_not_called()
-            mocked_metric_write.assert_not_called()
+    def test_write_user_registration_metrics(self):
+        def _read_chart(chart, **kwargs):
+            return chart.read(
+                additional_query_kwargs={'additional_params': kwargs},
+            )
 
-        user = self._create_user()
-        options['username'] = user.username
-        options['unique_id'] = '118'
-        options['stop_time'] = options['start_time']
+        create_general_metrics(None, None)
+        org = self._get_org()
+        user_signup_metric = self.metric_model.objects.get(key='user_signups')
+        total_user_signup_metric = self.metric_model.objects.get(key='tot_user_signups')
+        with self.subTest(
+            'User does not has OrganizationUser and RegisteredUser object'
+        ):
+            self._get_admin()
+            write_user_registration_metrics.delay()
+
+            user_signup_chart = user_signup_metric.chart_set.first()
+            all_points = _read_chart(user_signup_chart, organization_id=['__all__'])
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+            org_points = _read_chart(user_signup_chart, organization_id=[str(org.id)])
+            self.assertEqual(len(org_points['traces']), 0)
+
+            total_user_signup_chart = total_user_signup_metric.chart_set.first()
+            all_points = _read_chart(
+                total_user_signup_chart, organization_id=['__all__']
+            )
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+            org_points = _read_chart(
+                total_user_signup_chart, organization_id=[str(org.id)]
+            )
+            self.assertEqual(len(org_points['traces']), 0)
 
-        with self.subTest('Test RegisteredUser object does not exist'):
-            rad_acc = self._create_radius_accounting(**options)
-            self.assertNotEqual(rad_acc.stop_time, None)
-            mocked_logger.assert_called_once_with(
-                f'RegisteredUser object not found for "{user.username}".'
-                ' Skipping radius_acc metric writing!'
+        self.metric_model.post_delete_receiver(user_signup_metric)
+        self.metric_model.post_delete_receiver(total_user_signup_metric)
+        User.objects.all().delete()
+
+        with self.subTest('User has OrganizationUser but no RegisteredUser object'):
+            user = self._create_org_user(organization=org).user
+            write_user_registration_metrics.delay()
+
+            user_signup_chart = user_signup_metric.chart_set.first()
+            all_points = _read_chart(user_signup_chart, organization_id=['__all__'])
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+            org_points = _read_chart(user_signup_chart, organization_id=[str(org.id)])
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+
+            total_user_signup_chart = total_user_signup_metric.chart_set.first()
+            all_points = _read_chart(
+                total_user_signup_chart, organization_id=['__all__']
+            )
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+            org_points = _read_chart(
+                total_user_signup_chart, organization_id=[str(org.id)]
+            )
+            self.assertEqual(all_points['traces'][0][0], 'unspecified')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(all_points['summary'], {'unspecified': 1})
+
+        self.metric_model.post_delete_receiver(user_signup_metric)
+        self.metric_model.post_delete_receiver(total_user_signup_metric)
+
+        with self.subTest(
+            'Test user has both OrganizationUser and RegisteredUser object'
+        ):
+            self._create_registered_user(user=user)
+            write_user_registration_metrics.delay()
+
+            user_signup_chart = user_signup_metric.chart_set.first()
+            all_points = _read_chart(user_signup_chart, organization_id=['__all__'])
+            self.assertEqual(all_points['traces'][0][0], 'mobile_phone')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(
+                all_points['summary'], {'mobile_phone': 1, 'unspecified': 0}
+            )
+            org_points = _read_chart(user_signup_chart, organization_id=[str(org.id)])
+            self.assertEqual(all_points['traces'][0][0], 'mobile_phone')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(
+                all_points['summary'], {'mobile_phone': 1, 'unspecified': 0}
+            )
+
+            total_user_signup_chart = total_user_signup_metric.chart_set.first()
+            org_points = _read_chart(
+                total_user_signup_chart, organization_id=['__all__']
+            )
+            self.assertEqual(org_points['traces'][0][0], 'mobile_phone')
+            self.assertEqual(org_points['traces'][0][1][-1], 1)
+            self.assertEqual(
+                org_points['summary'], {'mobile_phone': 1, 'unspecified': 0}
+            )
+            org_points = _read_chart(
+                total_user_signup_chart, organization_id=[str(org.id)]
+            )
+            self.assertEqual(all_points['traces'][0][0], 'mobile_phone')
+            self.assertEqual(all_points['traces'][0][1][-1], 1)
+            self.assertEqual(
+                all_points['summary'], {'mobile_phone': 1, 'unspecified': 0}
             )
diff --git a/tests/openwisp2/settings.py b/tests/openwisp2/settings.py
index ee94e087..8f21f081 100644
--- a/tests/openwisp2/settings.py
+++ b/tests/openwisp2/settings.py
@@ -1,5 +1,6 @@
 import os
 import sys
+from datetime import timedelta
 
 from celery.schedules import crontab
 
@@ -382,6 +383,16 @@
             }
         }
     DATABASES['default']['ENGINE'] = 'openwisp_utils.db.backends.spatialite'
+    CELERY_BEAT_SCHEDULE.update(
+        {
+            'write_user_registration_metrics': {
+                'task': 'openwisp_radius.integrations.monitoring.tasks.write_user_registration_metrics',
+                'schedule': timedelta(hours=1),
+                'args': None,
+                'relative': True,
+            }
+        }
+    )
 
 if os.environ.get('SAMPLE_APP', False):
     INSTALLED_APPS.remove('openwisp_radius')

From 52bfbd20077ee968d25c24cc48ec5fe0a5e3d6a2 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 14:10:40 +0530
Subject: [PATCH 21/51] [req-changes] Moved "RADIUS Sessions" tab on the device
 page after "Credentials" tab

---
 .../monitoring/static/radius-monitoring/js/device-change.js    | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
index 3c87d094..8e9898d5 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -8,6 +8,9 @@
             // RADIUS sessions tab should not appear on Device add page.
             return;
         }
+        // Move the "RADIUS Sessions" tab after the "Credentials" tab.
+        $('ul.tabs li.credentials').after($('ul.tabs li.radius-sessions'));
+
         const deviceMac = encodeURIComponent($('#id_mac_address').val()),
             apiEndpoint = `${radiusAccountingApiEndpoint}?called_station_id=${deviceMac}`;
 

From 182a6908da2fb8e6c26ae2f3861d21bdba720785 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 14:11:31 +0530
Subject: [PATCH 22/51] [change] Create a separate metric and chart for total
 registered users

---
 .../integrations/monitoring/migrations/__init__.py  | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/openwisp_radius/integrations/monitoring/migrations/__init__.py b/openwisp_radius/integrations/monitoring/migrations/__init__.py
index 179f4ff0..8f65bd68 100644
--- a/openwisp_radius/integrations/monitoring/migrations/__init__.py
+++ b/openwisp_radius/integrations/monitoring/migrations/__init__.py
@@ -20,6 +20,19 @@ def create_general_metrics(apps, schema_editor):
             chart.full_clean()
             chart.save()
 
+    metric, created = Metric._get_or_create(
+        configuration='tot_user_signups',
+        name='Total User SignUps',
+        key='tot_user_signups',
+        object_id=None,
+        content_type=None,
+    )
+    if created:
+        for configuration in metric.config_dict['charts'].keys():
+            chart = Chart(metric=metric, configuration=configuration)
+            chart.full_clean()
+            chart.save()
+
     metric, created = Metric._get_or_create(
         configuration='gen_radius_acc',
         name='RADIUS Accounting',

From ea631b86285275f27f14c64cfdf7edd7a00a0663 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 14:25:46 +0530
Subject: [PATCH 23/51] [tests] Fixed test suite

---
 openwisp_radius/integrations/monitoring/configuration.py      | 2 +-
 openwisp_radius/integrations/monitoring/tests/test_metrics.py | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 1e6ceec4..880ff574 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -28,7 +28,7 @@
     'description': _('Daily user registration grouped by registration method'),
     'summary_labels': user_signups_chart_summary_labels,
     'order': 240,
-    'filter__all__': True,
+    '__all__': True,
     'unit': '',
     'calculate_total': True,
     'query': {
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index ea413b94..60fbf7c7 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -9,7 +9,6 @@
 from openwisp_radius.tests.mixins import BaseTransactionTestCase
 
 from ..migrations import create_general_metrics
-from ..tasks import write_user_registration_metrics
 from .mixins import CreateDeviceMonitoringMixin
 
 TASK_PATH = 'openwisp_radius.integrations.monitoring.tasks'
@@ -162,6 +161,8 @@ def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
         )
 
     def test_write_user_registration_metrics(self):
+        from ..tasks import write_user_registration_metrics
+
         def _read_chart(chart, **kwargs):
             return chart.read(
                 additional_query_kwargs={'additional_params': kwargs},

From 65f7fa916ef75c2a883516cc8c338f2243e79e5b Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 17:49:01 +0530
Subject: [PATCH 24/51] [change] Updated colours

---
 openwisp_radius/integrations/monitoring/configuration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 880ff574..11e79092 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -45,8 +45,8 @@
         DEFAULT_COLORS[7],
         '#8C564B',
         '#17BECF',
-        '#9467BD',
         '#D62728',
+        '#9467BD',
         '#E377C2',
         '#1F77B4',
         '#2CA02C',

From fd4c9612de00b0198db08d8a083c1bec2a756a45 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 17:49:34 +0530
Subject: [PATCH 25/51] [change] Exclude users in write_user_signup_metrics
 which registered after the current date

---
 openwisp_radius/integrations/monitoring/tasks.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 6f570662..4d9a47e4 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -71,7 +71,9 @@ def _write_user_signup_metric_for_all(metric_key):
     else:
         get_metric_func = _get_total_user_signup_metric
     # Get the total number of registered users
-    registered_user_query = RegisteredUser.objects
+    registered_user_query = RegisteredUser.objects.exclude(
+        user__date_joined__gt=end_time,
+    )
     if metric_key == 'user_signups':
         registered_user_query = registered_user_query.filter(
             user__date_joined__gt=start_time,
@@ -122,7 +124,10 @@ def _write_user_signup_metrics_for_orgs(metric_key):
     # Get the registration data for the past hour.
     # The query returns a tuple of organization_id, registration_method and
     # count of users who registered with that organization and method.
-    registered_users_query = RegisteredUser.objects
+    registered_users_query = RegisteredUser.objects.exclude(
+        user__openwisp_users_organizationuser__created__gt=end_time,
+    )
+
     if metric_key == 'user_signups':
         registered_users_query = registered_users_query.filter(
             user__openwisp_users_organizationuser__created__gt=start_time,

From 848ebdb9295d4b0f1a97f3bb39aadd4caeffa401 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 18:10:21 +0530
Subject: [PATCH 26/51] [revert] Revert "[change] Updated colours"

This reverts commit 4fa0814d867454486da42a90fd93d4286736ae56.
---
 openwisp_radius/integrations/monitoring/configuration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 11e79092..880ff574 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -45,8 +45,8 @@
         DEFAULT_COLORS[7],
         '#8C564B',
         '#17BECF',
-        '#D62728',
         '#9467BD',
+        '#D62728',
         '#E377C2',
         '#1F77B4',
         '#2CA02C',

From ff6233e1fd39a83aa4d3f4ad2e679115dd578129 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Fri, 15 Mar 2024 20:47:28 +0530
Subject: [PATCH 27/51] [change] Added fill operation in influxDB query

---
 openwisp_radius/integrations/monitoring/configuration.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 880ff574..469af5b6 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -35,7 +35,7 @@
         'influxdb': (
             "SELECT SUM(count) FROM "
             " {key} WHERE time >= '{time}' {end_date} {organization_id}"
-            " GROUP BY time(1d), method"
+            " GROUP BY time(1d), method FILL(linear)"
         )
     },
     'query_default_param': {
@@ -58,7 +58,7 @@
 total_user_singups_chart_config['query']['influxdb'] = (
     "SELECT LAST(count) FROM "
     " {key} WHERE time >= '{time}' {end_date} {organization_id}"
-    " GROUP BY time(1d), method"
+    " GROUP BY time(1d), method FILL(linear)"
 )
 total_user_singups_chart_config['title'] = _('Total Registered Users')
 total_user_singups_chart_config['label'] = _('Total Registered Users')

From ab74117f189faafe6fab115dafd168de03c3740d Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Mon, 18 Mar 2024 20:19:12 +0530
Subject: [PATCH 28/51] [change] Removed fill from user registration graph

---
 openwisp_radius/integrations/monitoring/configuration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 469af5b6..f442e527 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -35,7 +35,7 @@
         'influxdb': (
             "SELECT SUM(count) FROM "
             " {key} WHERE time >= '{time}' {end_date} {organization_id}"
-            " GROUP BY time(1d), method FILL(linear)"
+            " GROUP BY time(1d), method"
         )
     },
     'query_default_param': {

From 0aebaf9e1066ed669b84aabde3ef956c418d1c1b Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Mon, 18 Mar 2024 22:23:36 +0530
Subject: [PATCH 29/51] [tests] Fixed tests

---
 .../integrations/monitoring/tests/test_metrics.py          | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 60fbf7c7..6f95f3df 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -2,6 +2,7 @@
 
 from django.contrib.auth import get_user_model
 from django.contrib.contenttypes.models import ContentType
+from django.core.cache import cache
 from django.test import tag
 from swapper import load_model
 
@@ -168,6 +169,12 @@ def _read_chart(chart, **kwargs):
                 additional_query_kwargs={'additional_params': kwargs},
             )
 
+        # The TransactionTestCase truncates all the data after each test.
+        # The general metrics and charts which are created by migrations
+        # get deleted after each test. Therefore, we create them again here.
+        # The "Metric._get_metric" caches the metric, this interferes with
+        # create_general_metrics, hence we clear the cache here.
+        cache.clear()
         create_general_metrics(None, None)
         org = self._get_org()
         user_signup_metric = self.metric_model.objects.get(key='user_signups')

From 45798e6ba9950b3ff6b0f59afd622bfea758b2b3 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 19 Mar 2024 19:08:03 +0530
Subject: [PATCH 30/51] [fix] Fixed called_station_id and calling_station_id
 lookup for RadiusAccountingView

---
 openwisp_radius/api/views.py                  | 22 +++++++++-
 .../integrations/monitoring/configuration.py  |  2 +-
 openwisp_radius/tests/test_api/test_api.py    | 43 +++++++++++++++++++
 3 files changed, 65 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/api/views.py b/openwisp_radius/api/views.py
index e779707d..6bb21916 100644
--- a/openwisp_radius/api/views.py
+++ b/openwisp_radius/api/views.py
@@ -11,6 +11,7 @@
 from django.contrib.sites.shortcuts import get_current_site
 from django.core.cache import cache
 from django.core.exceptions import ValidationError
+from django.db.models import Q
 from django.db.utils import IntegrityError
 from django.http import Http404, HttpResponse
 from django.utils import timezone
@@ -805,7 +806,26 @@ def create_phone_token(self, *args, **kwargs):
 
 
 class RadiusAccountingFilter(AccountingFilter):
-    called_station_id = CharFilter(field_name='called_station_id', lookup_expr='iexact')
+    called_station_id = CharFilter(
+        field_name='called_station_id', method='filter_mac_address'
+    )
+    calling_station_id = CharFilter(
+        field_name='calling_station_id', method='filter_mac_address'
+    )
+
+    def filter_mac_address(self, queryset, name, value):
+        """
+        The input MAC address in any of these two formats:
+            - AA-BB-CC-DD-EE-FF (quadrants separated by hyphen)
+            - AA:BB:CC:DD:EE:FF (quadrants separated by colon)
+        The below lookup ensures that the filtering is
+        case-insensitive and works across different formats.
+        """
+        lookup = f'{name}__iexact'
+        return queryset.filter(
+            Q(**{lookup: value.replace(':', '-')})
+            | Q(**{lookup: value.replace('-', ':')})
+        )
 
 
 @method_decorator(
diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index f442e527..f2c7775e 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -9,7 +9,7 @@
 user_signups_chart_order = ['total']
 user_signups_chart_summary_labels = [_('Total new users')]
 
-for (method, label) in REGISTRATION_METHOD_CHOICES:
+for method, label in REGISTRATION_METHOD_CHOICES:
     if method == '':
         method = 'unspecified'
     user_signups_chart_traces[method] = 'stackedbar'
diff --git a/openwisp_radius/tests/test_api/test_api.py b/openwisp_radius/tests/test_api/test_api.py
index 6224fa30..b272d8e6 100644
--- a/openwisp_radius/tests/test_api/test_api.py
+++ b/openwisp_radius/tests/test_api/test_api.py
@@ -1208,6 +1208,8 @@ def test_radius_accounting(self):
                 output_octets=1513075509,
                 username='tester',
                 organization=org1,
+                calling_station_id='11:22:33:44:55:66',
+                called_station_id='AA:BB:CC:DD:EE:FF',
             )
         )
         self._create_radius_accounting(**data1)
@@ -1220,6 +1222,8 @@ def test_radius_accounting(self):
                 output_octets=1613176609,
                 username='tester',
                 organization=org1,
+                calling_station_id='11-22-33-44-55-66',
+                called_station_id='AA-BB-CC-DD-EE-FF',
             )
         )
         self._create_radius_accounting(**data2)
@@ -1267,5 +1271,44 @@ def test_radius_accounting(self):
             self.assertEqual(response.data[1]['unique_id'], data2['unique_id'])
             self.assertEqual(response.data[2]['unique_id'], data1['unique_id'])
 
+        with self.subTest('Test filtering with called_station_id'):
+            response = self.client.get(path, {'called_station_id': 'AA-BB-CC-DD-EE-FF'})
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 2)
+            self.assertEqual(response.data[0]['called_station_id'], 'AA-BB-CC-DD-EE-FF')
+            self.assertEqual(response.data[1]['called_station_id'], 'AA:BB:CC:DD:EE:FF')
+
+            response = self.client.get(path, {'called_station_id': 'AA:BB:CC:DD:EE:FF'})
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 2)
+            self.assertEqual(response.data[0]['called_station_id'], 'AA-BB-CC-DD-EE-FF')
+            self.assertEqual(response.data[1]['called_station_id'], 'AA:BB:CC:DD:EE:FF')
+
+        with self.subTest('Test filtering with calling_station_id'):
+            response = self.client.get(
+                path, {'calling_station_id': '11-22-33-44-55-66'}
+            )
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 2)
+            self.assertEqual(
+                response.data[0]['calling_station_id'], '11-22-33-44-55-66'
+            )
+            self.assertEqual(
+                response.data[1]['calling_station_id'], '11:22:33:44:55:66'
+            )
+
+            response = self.client.get(
+                path, {'calling_station_id': '11:22:33:44:55:66'}
+            )
+            self.assertEqual(response.status_code, 200)
+            self.assertEqual(len(response.data), 2)
+            self.assertEqual(
+                response.data[0]['calling_station_id'], '11-22-33-44-55-66'
+            )
+            self.assertEqual(
+                response.data[1]['calling_station_id'], '11:22:33:44:55:66'
+            )
+
+
 del BaseTestCase
 del BaseTransactionTestCase

From 8acf9f5d76b98930090a06dc46a3282ca85f923b Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 19 Mar 2024 21:22:11 +0530
Subject: [PATCH 31/51] [fix] Fixed view all radius sessions button in device
 change page

---
 .../radius-monitoring/css/device-change.css   | 13 +++++++++++
 .../radius-monitoring/js/device-change.js     | 22 +++++++++++++------
 .../radius-monitoring/device/change_form.html |  5 +++--
 3 files changed, 31 insertions(+), 9 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
index 36cad3fa..8ecce470 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
@@ -6,6 +6,19 @@
   text-align: center;
   margin: 5px;
 }
+#radius-sessions fieldset.module {
+  overflow-x: auto;
+}
+#radius-sessions .loader {
+  width: 4em;
+  height: 4em;
+}
+#device-radius-sessions-table thead th {
+  text-align: center;
+}
 #radius-session-tbody strong {
   color: green;
 }
+#radius-session-tbody tr td p {
+  white-space: nowrap;
+}
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
index 8e9898d5..81bd8878 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -37,18 +37,24 @@
                 },
                 crossDomain: true,
                 beforeSend: function() {
-                    $('#loading-overlay').show();
+                    $('#radius-sessions .loader').show();
                 },
                 complete: function () {
-                    $('#loading-overlay').fadeOut(250);
+                    $('#radius-sessions .loader').hide();
                 },
                 success: function (response) {
                     if (response.length === 0) {
+                        $('#no-session-msg').show();
                         return;
                     }
-                    $('#no-session-msg').hide();
-                    $('#device-radius-sessions-table').show();
-                    $('#view-all-radius-session-wrapper').show();
+                    // The called_station_id in the response is in the format accepted by
+                    // RadiusAccountingAdmin. This ensures that we use the same format for
+                    // filtering the RadiusAccountingAdmin table, avoiding any problem with
+                    // different formats of MAC address in the backend.
+                    let called_station_id = response[0].called_station_id,
+                        radiusAccountingAdminUrl = `${radiusAccountingAdminPath}?called_station_id=${encodeURIComponent(called_station_id)}`;
+                    $('#view-all-radius-session-wrapper a').attr('href', radiusAccountingAdminUrl);
+
                     response.forEach(element => {
                         element.start_time = getFormattedDateTimeString(element.start_time);
                         if (!element.stop_time) {
@@ -62,12 +68,15 @@
                                 <td><p>${element.username}</p></td>
                                 <td><p>${element.input_octets}</p></td>
                                 <td><p>${element.output_octets}</p></td>
-                                <td><p>${element.called_station_id}</p></td>
+                                <td><p>${element.calling_station_id}</p></td>
                                 <td><p>${element.start_time}</p></td>
                                 <td><p>${element.stop_time}</p></td>
                             </tr>`
                         );
                     });
+                    $('#no-session-msg').hide();
+                    $('#device-radius-sessions-table').show();
+                    $('#view-all-radius-session-wrapper').show();
                 }
             });
         }
@@ -82,6 +91,5 @@
                 tabId: window.location.hash,
             });
         }
-        $('#view-all-radius-session-wrapper a').attr('href', `${radiusAccountingAdminPath}?called_station_id=${deviceMac}`);
     });
 }(django.jQuery));
diff --git a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
index 02c288ed..bd7e98c8 100644
--- a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
+++ b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
@@ -9,7 +9,8 @@
 {% endcomment %}
 {% if not add %}
 <div class="js-inline-admin-formset inline-group" id="radius-sessions">
-    <div id="no-session-msg"><h3>{% trans "There are no RADIUS sessions for this device." %}</h3></div>
+    <div class="loader"></div>
+    <div id="no-session-msg" class="hide"><h3>{% trans "There are no RADIUS sessions for this device." %}</h3></div>
     <div class="tabular inline-related">
         <fieldset class="module">.
             <h2>{% trans "RADIUS Sessions" %}</h2>
@@ -19,7 +20,7 @@ <h2>{% trans "RADIUS Sessions" %}</h2>
                     <th>{% trans "username" %}</th>
                     <th>{% trans "input octets" %}</th>
                     <th>{% trans "ouput octets" %}</th>
-                    <th>{% trans "called station ID" %}</th>
+                    <th>{% trans "calling station ID" %}</th>
                     <th>{% trans "start time" %}</th>
                     <th>{% trans "stop time" %}</th>
                 </thead>

From d75737c444760c11497e515f29f586644c581243 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 19 Mar 2024 21:46:47 +0530
Subject: [PATCH 32/51] [fix] Fixed alignment of RADIUS Session text

---
 .../monitoring/static/radius-monitoring/css/device-change.css  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
index 8ecce470..9b86fa4e 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
@@ -13,7 +13,8 @@
   width: 4em;
   height: 4em;
 }
-#device-radius-sessions-table thead th {
+#device-radius-sessions-table thead th,
+#device-radius-sessions-table tbody td {
   text-align: center;
 }
 #radius-session-tbody strong {

From 6642ef1030dce4235c5e592ed643194d62dd5382 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 21 Mar 2024 19:56:22 +0530
Subject: [PATCH 33/51] [req-changes] Fixed inconsistencies in UI

- Removed obsolete code
---
 .../integrations/monitoring/configuration.py  |  2 +-
 .../integrations/monitoring/receivers.py      | 20 -----------
 .../radius-monitoring/css/device-change.css   | 10 +-----
 .../radius-monitoring/js/device-change.js     | 24 ++++++-------
 .../radius-monitoring/device/change_form.html | 22 +++++++-----
 .../monitoring/tests/test_admin.py            | 36 +++++++++++++++++--
 .../monitoring/tests/test_metrics.py          |  8 +++++
 7 files changed, 69 insertions(+), 53 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index f2c7775e..b69293f0 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -35,7 +35,7 @@
         'influxdb': (
             "SELECT SUM(count) FROM "
             " {key} WHERE time >= '{time}' {end_date} {organization_id}"
-            " GROUP BY time(1d), method"
+            " GROUP BY time(1d), method FILL(linear)"
         )
     },
     'query_default_param': {
diff --git a/openwisp_radius/integrations/monitoring/receivers.py b/openwisp_radius/integrations/monitoring/receivers.py
index 9548833d..674b659e 100644
--- a/openwisp_radius/integrations/monitoring/receivers.py
+++ b/openwisp_radius/integrations/monitoring/receivers.py
@@ -3,26 +3,6 @@
 from . import tasks
 
 
-def post_save_registereduser(instance, created, *args, **kwargs):
-    if not created:
-        return
-    transaction.on_commit(
-        lambda: tasks.post_save_registereduser.delay(
-            user_id=str(instance.user_id), registration_method=instance.method
-        )
-    )
-
-
-def post_save_organizationuser(instance, created, *args, **kwargs):
-    if not created:
-        return
-    transaction.on_commit(
-        lambda: tasks.post_save_organizationuser.delay(
-            user_id=str(instance.user_id), organization_id=str(instance.organization_id)
-        )
-    )
-
-
 def post_save_radiusaccounting(instance, *args, **kwargs):
     if instance.stop_time is None:
         return
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
index 9b86fa4e..806a59f6 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/css/device-change.css
@@ -2,21 +2,13 @@
   text-align: center;
   margin-bottom: 20px;
 }
-#view-all-radius-session-wrapper {
-  text-align: center;
-  margin: 5px;
-}
-#radius-sessions fieldset.module {
+#radius-sessions .tabular.inline-related {
   overflow-x: auto;
 }
 #radius-sessions .loader {
   width: 4em;
   height: 4em;
 }
-#device-radius-sessions-table thead th,
-#device-radius-sessions-table tbody td {
-  text-align: center;
-}
 #radius-session-tbody strong {
   color: green;
 }
diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
index 81bd8878..78adab56 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -18,9 +18,8 @@
             // Strip the timezone from the dateTimeString.
             // This is done to show the time in server's timezone
             // because RadiusAccounting admin also shows the time in server's timezone.
-            let strippedDateTime = new Date(dateTimeString.substring(0, dateTimeString.lastIndexOf('-'))),
-                formattedDate = strippedDateTime.strftime('%d %b %Y, %I:%M %p');
-            return formattedDate.replace(/AM/g, 'a.m.').replace(/PM/g, 'p.m.');
+            let strippedDateTime = new Date(dateTimeString.substring(0, dateTimeString.lastIndexOf('-')));
+            return strippedDateTime.toLocaleString();
         }
 
         function fetchRadiusSessions() {
@@ -55,7 +54,7 @@
                         radiusAccountingAdminUrl = `${radiusAccountingAdminPath}?called_station_id=${encodeURIComponent(called_station_id)}`;
                     $('#view-all-radius-session-wrapper a').attr('href', radiusAccountingAdminUrl);
 
-                    response.forEach(element => {
+                    response.forEach((element, index) => {
                         element.start_time = getFormattedDateTimeString(element.start_time);
                         if (!element.stop_time) {
                             element.stop_time = `<strong>${onlineMsg}</strong>`;
@@ -63,14 +62,15 @@
                             element.stop_time = getFormattedDateTimeString(element.stop_time);
                         }
                         $('#radius-session-tbody').append(
-                            `<tr>
-                                <td><p>${element.session_id}</p></td>
-                                <td><p>${element.username}</p></td>
-                                <td><p>${element.input_octets}</p></td>
-                                <td><p>${element.output_octets}</p></td>
-                                <td><p>${element.calling_station_id}</p></td>
-                                <td><p>${element.start_time}</p></td>
-                                <td><p>${element.stop_time}</p></td>
+                            `<tr class="form-row has_original dynamic-radiussession_set" id="radiussession_set-${index}">
+                                <td class="original"></td>
+                                <td class="field-session_id"><p>${element.session_id}</p></td>
+                                <td class="field-username"><p>${element.username}</p></td>
+                                <td class="field-input_octets"><p>${element.input_octets}</p></td>
+                                <td class="field-output_octets"><p>${element.output_octets}</p></td>
+                                <td class="field-calling_station_id"><p>${element.calling_station_id}</p></td>
+                                <td class="field-start_time"><p>${element.start_time}</p></td>
+                                <td class="field-stop_time"><p>${element.stop_time}</p></td>
                             </tr>`
                         );
                     });
diff --git a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
index bd7e98c8..e5d1fd80 100644
--- a/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
+++ b/openwisp_radius/integrations/monitoring/templates/admin/config/radius-monitoring/device/change_form.html
@@ -12,27 +12,31 @@
     <div class="loader"></div>
     <div id="no-session-msg" class="hide"><h3>{% trans "There are no RADIUS sessions for this device." %}</h3></div>
     <div class="tabular inline-related">
-        <fieldset class="module">.
+        <fieldset class="module">
             <h2>{% trans "RADIUS Sessions" %}</h2>
             <table id="device-radius-sessions-table" class="hide">
                 <thead>
-                    <th>{% trans "session ID" %}</th>
-                    <th>{% trans "username" %}</th>
-                    <th>{% trans "input octets" %}</th>
-                    <th>{% trans "ouput octets" %}</th>
-                    <th>{% trans "calling station ID" %}</th>
-                    <th>{% trans "start time" %}</th>
-                    <th>{% trans "stop time" %}</th>
+                    <th class="original"></th>
+                    <th class="column-session_id">{% trans "session ID" %}</th>
+                    <th class="column-username">{% trans "username" %}</th>
+                    <th class="column-input_octets">{% trans "input octets" %}</th>
+                    <th class="column-output_octets">{% trans "ouput octets" %}</th>
+                    <th class="column-calling_station_id">{% trans "calling station ID" %}</th>
+                    <th class="column-start_time">{% trans "start time" %}</th>
+                    <th class="column-stop_time">{% trans "stop time" %}</th>
                 </thead>
                 <tbody id="radius-session-tbody"></tbody>
             </table>
         </fieldset>
-    <div id="view-all-radius-session-wrapper" class="hide"><a class="button">{% trans "View all RADIUS Sessions" %}</a></div>
+        <div id="view-all-radius-session-wrapper" class="inline-quick-link-container hide">
+            <a class="button">{% trans "View all RADIUS Sessions" %}</a>
+        </div>
     </div>
 </div>
 <script>
     const radiusAccountingApiEndpoint = "{{ radius_accounting_api_endpoint }}";
     const radiusAccountingAdminPath = "{{ radius_accounting }}";
+    const djangoLocale = "{{ LANGUAGE_CODE }}";
 </script>
 {% endif %}
 {% endblock %}
diff --git a/openwisp_radius/integrations/monitoring/tests/test_admin.py b/openwisp_radius/integrations/monitoring/tests/test_admin.py
index 7a87c429..1e41dc6a 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_admin.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_admin.py
@@ -1,13 +1,15 @@
 from django.test import TestCase, tag
 from django.urls import reverse
+from django.utils import timezone
 
-from openwisp_users.tests.utils import TestOrganizationMixin
+from openwisp_radius.tests import _RADACCT, CreateRadiusObjectsMixin
 
+from ..utils import get_datetime_filter_start_date, get_datetime_filter_stop_date
 from .mixins import CreateDeviceMonitoringMixin
 
 
 @tag('radius_monitoring')
-class TestDeviceAdmin(TestOrganizationMixin, CreateDeviceMonitoringMixin, TestCase):
+class TestDeviceAdmin(CreateRadiusObjectsMixin, CreateDeviceMonitoringMixin, TestCase):
     app_label = 'config'
 
     def setUp(self):
@@ -28,3 +30,33 @@ def test_radius_session_tab(self):
             response,
             '<tbody id="radius-session-tbody"></tbody>',
         )
+
+    def test_radius_dashboard_chart_data(self):
+        options = _RADACCT.copy()
+        options['unique_id'] = '117'
+        options['start_time'] = timezone.now().strftime('%Y-%m-%d 00:00:00')
+        options['input_octets'] = '1234567890'
+        self._create_radius_accounting(**options)
+        response = self.client.get(reverse('admin:index'))
+        self.assertEqual(response.status_code, 200)
+        start_time = get_datetime_filter_start_date()
+        end_time = get_datetime_filter_stop_date()
+        self.assertContains(
+            response,
+            (
+                '{\'name\': "Today\'s RADIUS sessions", \'query_params\': '
+                '{\'values\': [1], \'labels\': [\'Open\']}, \'colors\': '
+                '[\'#267126\'], \'filters\': [\'True\'], \'labels\': '
+                '{\'open\': \'Open\', \'closed\': \'Closed\'}, \'target_link\': '
+                '\'/admin/openwisp_radius/radiusaccounting/?start_time__gte='
+                f'{start_time}&start_time__lt={end_time}'
+                '&stop_time__isnull=\'}, 31: {\'name\': "Today\'s RADIUS traffic (GB)",'
+                ' \'query_params\': {\'values\': [1.0], \'labels\': '
+                '[\'Download traffic (GB)\']}, \'colors\': [\'#1f77b4\'], \'labels\': '
+                '{\'download_traffic\': \'Download traffic (GB)\', \'upload_traffic\': '
+                '\'Upload traffic (GB)\'}, \'filtering\': \'False\', \'target_link\': '
+                '\'/admin/openwisp_radius/radiusaccounting/?start_time__gte='
+                f'{start_time}&start_time__lt={end_time}\''
+                '}'
+            ),
+        )
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 6f95f3df..2172581c 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -85,6 +85,14 @@ def test_post_save_radiusaccounting(self, *args):
         self.assertEqual(points['traces'][0][1][-1], 1)
         self.assertEqual(points['summary'], {'mobile_phone': 1})
 
+    @patch('openwisp_radius.integrations.monitoring.tasks.post_save_radiusaccounting')
+    def test_post_save_radiusaccouting_open_session(self, mocked_task):
+        radius_options = _RADACCT.copy()
+        radius_options['unique_id'] = '117'
+        session = self._create_radius_accounting(**radius_options)
+        self.assertEqual(session.stop_time, None)
+        mocked_task.assert_not_called()
+
     @patch('logging.Logger.warning')
     def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
         """

From 5c06646caef2d4a8663e9ac3b89b3f18619849eb Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Mon, 1 Apr 2024 20:43:24 +0530
Subject: [PATCH 34/51] [req-changes] Updated order of RADIUS charts in device
 page

---
 openwisp_radius/integrations/monitoring/configuration.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index b69293f0..d1679b07 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -112,7 +112,7 @@
                     _('Total upload traffic'),
                 ],
                 'unit': 'adaptive_prefix+B',
-                'order': 241,
+                'order': 221,
                 'query': {
                     'influxdb': (
                         "SELECT SUM(output_octets) / 1000000000 AS upload, "
@@ -142,7 +142,7 @@
                 ),
                 'summary_labels': user_signups_chart_summary_labels,
                 'unit': '',
-                'order': 242,
+                'order': 222,
                 'query': {
                     'influxdb': (
                         "SELECT COUNT(DISTINCT(username)) FROM {key} "

From fdfb63fa0d82b74a04e431b5cc37534355d1e2b9 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 4 Apr 2024 23:12:47 +0530
Subject: [PATCH 35/51] [req-change] Use verbose label for SAML in radius
 monitoring charts

---
 openwisp_radius/integrations/monitoring/configuration.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index d1679b07..978814dd 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -4,9 +4,14 @@
 from openwisp_monitoring.monitoring.configuration import DEFAULT_COLORS
 
 from openwisp_radius.registration import REGISTRATION_METHOD_CHOICES
+from openwisp_radius.settings import SAML_REGISTRATION_METHOD_LABEL
 
 user_signups_chart_traces = {'total': 'lines'}
 user_signups_chart_order = ['total']
+user_signups_chart_trace_labels = {
+    'total': _('Total'),
+    'saml': SAML_REGISTRATION_METHOD_LABEL,
+}
 user_signups_chart_summary_labels = [_('Total new users')]
 
 for method, label in REGISTRATION_METHOD_CHOICES:
@@ -27,6 +32,7 @@
     'label': _('User Registration'),
     'description': _('Daily user registration grouped by registration method'),
     'summary_labels': user_signups_chart_summary_labels,
+    'trace_labels': user_signups_chart_trace_labels,
     'order': 240,
     '__all__': True,
     'unit': '',
@@ -141,6 +147,7 @@
                     'RADIUS Network traffic (total, download and upload).'
                 ),
                 'summary_labels': user_signups_chart_summary_labels,
+                'trace_labels': user_signups_chart_trace_labels,
                 'unit': '',
                 'order': 222,
                 'query': {
@@ -219,6 +226,7 @@
                     'RADIUS Network traffic (total, download and upload).'
                 ),
                 'summary_labels': user_signups_chart_summary_labels,
+                'trace_labels': user_signups_chart_trace_labels,
                 'unit': '',
                 'order': 243,
                 'query': {

From 876000343f5d3aaac2db9b7b0e1903360885dbbc Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 4 Apr 2024 23:45:02 +0530
Subject: [PATCH 36/51] [req-change] Use verbose name for all registration
 methods

---
 openwisp_radius/integrations/monitoring/configuration.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 978814dd..530909ca 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -4,13 +4,11 @@
 from openwisp_monitoring.monitoring.configuration import DEFAULT_COLORS
 
 from openwisp_radius.registration import REGISTRATION_METHOD_CHOICES
-from openwisp_radius.settings import SAML_REGISTRATION_METHOD_LABEL
 
 user_signups_chart_traces = {'total': 'lines'}
 user_signups_chart_order = ['total']
 user_signups_chart_trace_labels = {
     'total': _('Total'),
-    'saml': SAML_REGISTRATION_METHOD_LABEL,
 }
 user_signups_chart_summary_labels = [_('Total new users')]
 
@@ -21,6 +19,7 @@
     user_signups_chart_summary_labels.append(
         _('New %(label)s users' % {"label": label})
     )
+    user_signups_chart_trace_labels[method] = label
     user_signups_chart_order.append(method)
 
 

From 7cea5730399c1de167165cb41253084ece262858 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 17 Apr 2024 08:32:37 +0700
Subject: [PATCH 37/51] [fix] Fixed date formatting for RADIUS sessions on
 device page

---
 .../monitoring/static/radius-monitoring/js/device-change.js     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
index 78adab56..47aac605 100644
--- a/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
+++ b/openwisp_radius/integrations/monitoring/static/radius-monitoring/js/device-change.js
@@ -18,7 +18,7 @@
             // Strip the timezone from the dateTimeString.
             // This is done to show the time in server's timezone
             // because RadiusAccounting admin also shows the time in server's timezone.
-            let strippedDateTime = new Date(dateTimeString.substring(0, dateTimeString.lastIndexOf('-')));
+            let strippedDateTime = new Date(dateTimeString.replace(/[-+]\d{2}:\d{2}$/, ''));
             return strippedDateTime.toLocaleString();
         }
 

From db093e46af42b54f7a829a94446747862adeec80 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 17 Apr 2024 23:18:27 +0700
Subject: [PATCH 38/51] [fix] Fixed metric not writing when RegisteredUser does
 not exist

---
 .../integrations/monitoring/tasks.py          |  4 +-
 .../monitoring/tests/test_metrics.py          | 74 +++++++++++++++++++
 2 files changed, 76 insertions(+), 2 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 4d9a47e4..09bb1ad6 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -198,9 +198,9 @@ def post_save_radiusaccounting(
     except RegisteredUser.DoesNotExist:
         logger.warning(
             f'RegisteredUser object not found for "{username}".'
-            ' Skipping radius_acc metric writing!'
+            ' The metric will be written with "unspecified" registration method!'
         )
-        return
+        registration_method = 'unspecified'
     else:
         registration_method = clean_registration_method(registration_method)
 
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 2172581c..30c9210f 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -169,6 +169,80 @@ def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
             ' The metric will be written without a related object!'
         )
 
+    @patch('logging.Logger.warning')
+    def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logger):
+        """
+        This test checks that radius accounting metric is created
+        even if the RegisteredUser object could not be found for the user.
+        This scenario can happen on an installations which do not require
+        users to signup to access the internet/
+        """
+        user = self._create_user()
+        device = self._create_device()
+        options = _RADACCT.copy()
+        options.update(
+            {
+                'unique_id': '117',
+                'username': user.username,
+                'called_station_id': device.mac_address.replace('-', ':').upper(),
+                'calling_station_id': '00:00:00:00:00:00',
+                'input_octets': '8000000000',
+                'output_octets': '9000000000',
+            }
+        )
+        options['stop_time'] = options['start_time']
+        # Remove calls for user registration from mocked logger
+        mocked_logger.reset_mock()
+
+        self._create_radius_accounting(**options)
+        self.assertEqual(
+            self.metric_model.objects.filter(
+                configuration='radius_acc',
+                name='RADIUS Accounting',
+                key='radius_acc',
+                object_id=str(device.id),
+                content_type=ContentType.objects.get_for_model(self.device_model),
+                extra_tags={
+                    'called_station_id': device.mac_address,
+                    'calling_station_id': '00:00:00:00:00:00',
+                    'location_id': None,
+                    'method': 'unspecified',
+                    'organization_id': str(self.default_org.id),
+                },
+            ).count(),
+            1,
+        )
+        # The TransactionTestCase truncates all the data after each test.
+        # The general metrics and charts which are created by migrations
+        # get deleted after each test. Therefore, we create them again here.
+        create_general_metrics(None, None)
+        metric = self.metric_model.objects.filter(configuration='radius_acc').first()
+        # A dedicated chart for this metric was not created since the
+        # related device was not identified by the called_station_id.
+        # The data however can be retrieved from the general charts.
+        self.assertEqual(metric.chart_set.count(), 2)
+        general_traffic_chart = self.chart_model.objects.get(
+            configuration='gen_rad_traffic'
+        )
+        points = general_traffic_chart.read()
+        self.assertEqual(points['traces'][0][0], 'download')
+        self.assertEqual(points['traces'][0][1][-1], 8)
+        self.assertEqual(points['traces'][1][0], 'upload')
+        self.assertEqual(points['traces'][1][1][-1], 9)
+        self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
+
+        general_session_chart = self.chart_model.objects.get(
+            configuration='gen_rad_session'
+        )
+        points = general_session_chart.read()
+        self.assertEqual(points['traces'][0][0], 'unspecified')
+        self.assertEqual(points['traces'][0][1][-1], 1)
+        self.assertEqual(points['summary'], {'unspecified': 1})
+        mocked_logger.assert_called_once_with(
+            f'RegisteredUser object not found for "{user.username}".'
+            ' The metric will be written with "unspecified" registration method!'
+        )
+
     def test_write_user_registration_metrics(self):
         from ..tasks import write_user_registration_metrics
 

From fe973a5c9fe8879a95f09e37eb2e66c6af98f7f3 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 18 Apr 2024 00:10:58 +0700
Subject: [PATCH 39/51] [fix] Fixed test

---
 .../integrations/monitoring/tasks.py          |  2 +-
 .../monitoring/tests/test_metrics.py          | 30 +++++++------------
 2 files changed, 11 insertions(+), 21 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 09bb1ad6..21936c1d 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -196,7 +196,7 @@ def post_save_radiusaccounting(
             RegisteredUser.objects.only('method').get(user__username=username).method
         )
     except RegisteredUser.DoesNotExist:
-        logger.warning(
+        logger.info(
             f'RegisteredUser object not found for "{username}".'
             ' The metric will be written with "unspecified" registration method!'
         )
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 30c9210f..65c2022e 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -169,7 +169,7 @@ def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
             ' The metric will be written without a related object!'
         )
 
-    @patch('logging.Logger.warning')
+    @patch('logging.Logger.info')
     def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logger):
         """
         This test checks that radius accounting metric is created
@@ -179,6 +179,10 @@ def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logge
         """
         user = self._create_user()
         device = self._create_device()
+        device_loc = self._create_device_location(
+            content_object=device,
+            location=self._create_location(organization=device.organization),
+        )
         options = _RADACCT.copy()
         options.update(
             {
@@ -191,8 +195,6 @@ def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logge
             }
         )
         options['stop_time'] = options['start_time']
-        # Remove calls for user registration from mocked logger
-        mocked_logger.reset_mock()
 
         self._create_radius_accounting(**options)
         self.assertEqual(
@@ -205,36 +207,24 @@ def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logge
                 extra_tags={
                     'called_station_id': device.mac_address,
                     'calling_station_id': '00:00:00:00:00:00',
-                    'location_id': None,
+                    'location_id': str(device_loc.location.id),
                     'method': 'unspecified',
                     'organization_id': str(self.default_org.id),
                 },
             ).count(),
             1,
         )
-        # The TransactionTestCase truncates all the data after each test.
-        # The general metrics and charts which are created by migrations
-        # get deleted after each test. Therefore, we create them again here.
-        create_general_metrics(None, None)
         metric = self.metric_model.objects.filter(configuration='radius_acc').first()
-        # A dedicated chart for this metric was not created since the
-        # related device was not identified by the called_station_id.
-        # The data however can be retrieved from the general charts.
-        self.assertEqual(metric.chart_set.count(), 2)
-        general_traffic_chart = self.chart_model.objects.get(
-            configuration='gen_rad_traffic'
-        )
-        points = general_traffic_chart.read()
+        traffic_chart = metric.chart_set.get(configuration='radius_traffic')
+        points = traffic_chart.read()
         self.assertEqual(points['traces'][0][0], 'download')
         self.assertEqual(points['traces'][0][1][-1], 8)
         self.assertEqual(points['traces'][1][0], 'upload')
         self.assertEqual(points['traces'][1][1][-1], 9)
         self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
 
-        general_session_chart = self.chart_model.objects.get(
-            configuration='gen_rad_session'
-        )
-        points = general_session_chart.read()
+        session_chart = metric.chart_set.get(configuration='rad_session')
+        points = session_chart.read()
         self.assertEqual(points['traces'][0][0], 'unspecified')
         self.assertEqual(points['traces'][0][1][-1], 1)
         self.assertEqual(points['summary'], {'unspecified': 1})

From f9e705425a7715f2c3df08c53ac1f3a353cbd0b8 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 18 Apr 2024 18:54:49 +0700
Subject: [PATCH 40/51] [req-changes] Removed fill from User Registration form

---
 openwisp_radius/integrations/monitoring/configuration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index 530909ca..b47d3bef 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -40,7 +40,7 @@
         'influxdb': (
             "SELECT SUM(count) FROM "
             " {key} WHERE time >= '{time}' {end_date} {organization_id}"
-            " GROUP BY time(1d), method FILL(linear)"
+            " GROUP BY time(1d), method"
         )
     },
     'query_default_param': {

From e19b7264552e220adfcb49ad34b6f0561d325d66 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Thu, 18 Apr 2024 19:03:12 +0700
Subject: [PATCH 41/51] [req-changes] Renamed labels of RADIUS monitoring
 charts

- Rename "User Registration" to "User Registrations"
- Rename "Unique RADIUS Session Count" to "Unique RADIUS Sessions"
- Rename "Total RADIUS Sessions Traffic" to "Traffic of RADIUS Sessions"
---
 .../integrations/monitoring/configuration.py  | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/configuration.py b/openwisp_radius/integrations/monitoring/configuration.py
index b47d3bef..35c1df6c 100644
--- a/openwisp_radius/integrations/monitoring/configuration.py
+++ b/openwisp_radius/integrations/monitoring/configuration.py
@@ -27,9 +27,9 @@
     'type': 'stackedbar+lines',
     'trace_type': user_signups_chart_traces,
     'trace_order': user_signups_chart_order,
-    'title': _('User Registration'),
-    'label': _('User Registration'),
-    'description': _('Daily user registration grouped by registration method'),
+    'title': _('User Registrations'),
+    'label': _('User Registrations'),
+    'description': _('Daily user registrations grouped by registration method'),
     'summary_labels': user_signups_chart_summary_labels,
     'trace_labels': user_signups_chart_trace_labels,
     'order': 240,
@@ -73,8 +73,8 @@
 
 RADIUS_METRICS = {
     'user_signups': {
-        'label': _('User Registration'),
-        'name': 'User Registration',
+        'label': _('User Registrations'),
+        'name': 'User Registrations',
         'key': 'user_signups',
         'field_name': 'count',
         'charts': {
@@ -82,8 +82,8 @@
         },
     },
     'tot_user_signups': {
-        'label': _('Total User Registration'),
-        'name': 'Total User Registration',
+        'label': _('Total User Registrations'),
+        'name': 'Total User Registrations',
         'key': 'tot_user_signups',
         'field_name': 'count',
         'charts': {
@@ -140,8 +140,8 @@
                 'fill': 'none',
                 'trace_type': user_signups_chart_traces,
                 'trace_order': user_signups_chart_order,
-                'title': _('Unique RADIUS Session Count'),
-                'label': _('RADIUS Session Count'),
+                'title': _('Unique RADIUS Sessions'),
+                'label': _('Unique RADIUS Sessions'),
                 'description': _(
                     'RADIUS Network traffic (total, download and upload).'
                 ),
@@ -183,7 +183,7 @@
                     'total': 'lines',
                 },
                 'trace_order': ['total', 'download', 'upload'],
-                'title': _('Total RADIUS Sessions Traffic'),
+                'title': _('Traffic of RADIUS Sessions'),
                 'label': _('General RADIUS Traffic'),
                 'description': _(
                     'RADIUS Network traffic (total, download and upload).'
@@ -219,8 +219,8 @@
                 'fill': 'none',
                 'trace_type': user_signups_chart_traces,
                 'trace_order': user_signups_chart_order,
-                'title': _('Unique RADIUS Session Count'),
-                'label': _('General RADIUS Session Count'),
+                'title': _('Unique RADIUS Sessions'),
+                'label': _('General RADIUS Sessions'),
                 'description': _(
                     'RADIUS Network traffic (total, download and upload).'
                 ),

From 257c5f4351e52333477cc6f4f4ce575fa2171ee1 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Mon, 6 May 2024 22:23:43 +0530
Subject: [PATCH 42/51] [change] Hash calling_station_id

---
 .../integrations/monitoring/tasks.py            | 17 +++--------------
 .../monitoring/tests/test_metrics.py            |  7 ++++---
 .../integrations/monitoring/utils.py            | 13 +++++++++++++
 3 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 21936c1d..04151bf6 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -1,4 +1,3 @@
-import hashlib
 import logging
 
 from celery import shared_task
@@ -8,6 +7,8 @@
 from django.utils import timezone
 from swapper import load_model
 
+from .utils import clean_registration_method, sha1_hash
+
 Metric = load_model('monitoring', 'Metric')
 Chart = load_model('monitoring', 'Chart')
 RegisteredUser = load_model('openwisp_radius', 'RegisteredUser')
@@ -20,18 +21,6 @@
 logger = logging.getLogger(__name__)
 
 
-def sha1_hash(input_string):
-    sha1 = hashlib.sha1()
-    sha1.update(input_string.encode('utf-8'))
-    return sha1.hexdigest()
-
-
-def clean_registration_method(method):
-    if method == '':
-        method = 'unspecified'
-    return method
-
-
 def _get_user_signup_metric(organization_id, registration_method):
     metric, _ = Metric._get_or_create(
         configuration='user_signups',
@@ -239,7 +228,7 @@ def post_save_radiusaccounting(
         extra_tags={
             'organization_id': organization_id,
             'method': registration_method,
-            'calling_station_id': calling_station_id,
+            'calling_station_id': sha1_hash(calling_station_id),
             'called_station_id': called_station_id,
             'location_id': location_id,
         },
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 65c2022e..81d65dc4 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -10,6 +10,7 @@
 from openwisp_radius.tests.mixins import BaseTransactionTestCase
 
 from ..migrations import create_general_metrics
+from ..utils import sha1_hash
 from .mixins import CreateDeviceMonitoringMixin
 
 TASK_PATH = 'openwisp_radius.integrations.monitoring.tasks'
@@ -62,7 +63,7 @@ def test_post_save_radiusaccounting(self, *args):
                 content_type=ContentType.objects.get_for_model(self.device_model),
                 extra_tags={
                     'called_station_id': device.mac_address,
-                    'calling_station_id': '00:00:00:00:00:00',
+                    'calling_station_id': sha1_hash('00:00:00:00:00:00'),
                     'location_id': str(device_loc.location.id),
                     'method': reg_user.method,
                     'organization_id': str(self.default_org.id),
@@ -129,7 +130,7 @@ def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
                 content_type=None,
                 extra_tags={
                     'called_station_id': '11:22:33:44:55:66',
-                    'calling_station_id': '00:00:00:00:00:00',
+                    'calling_station_id': sha1_hash('00:00:00:00:00:00'),
                     'location_id': None,
                     'method': reg_user.method,
                     'organization_id': str(self.default_org.id),
@@ -206,7 +207,7 @@ def test_post_save_radius_accounting_registereduser_not_found(self, mocked_logge
                 content_type=ContentType.objects.get_for_model(self.device_model),
                 extra_tags={
                     'called_station_id': device.mac_address,
-                    'calling_station_id': '00:00:00:00:00:00',
+                    'calling_station_id': sha1_hash('00:00:00:00:00:00'),
                     'location_id': str(device_loc.location.id),
                     'method': 'unspecified',
                     'organization_id': str(self.default_org.id),
diff --git a/openwisp_radius/integrations/monitoring/utils.py b/openwisp_radius/integrations/monitoring/utils.py
index 6a005a28..dbbb3375 100644
--- a/openwisp_radius/integrations/monitoring/utils.py
+++ b/openwisp_radius/integrations/monitoring/utils.py
@@ -1,3 +1,4 @@
+import hashlib
 from datetime import datetime, timedelta
 
 from django.utils import timezone
@@ -21,3 +22,15 @@ def get_datetime_filter_start_date():
 def get_datetime_filter_stop_date():
     stop_date = timezone.localdate() + timedelta(days=1)
     return _get_formatted_datetime_string(stop_date)
+
+
+def sha1_hash(input_string):
+    sha1 = hashlib.sha1()
+    sha1.update(input_string.encode('utf-8'))
+    return sha1.hexdigest()
+
+
+def clean_registration_method(method):
+    if method == '':
+        method = 'unspecified'
+    return method

From 9e611c44e23302971517bfc0a30653e529e6f69d Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 7 May 2024 19:57:52 +0530
Subject: [PATCH 43/51] [req-changes] Added setting for disable org lookup for
 device

---
 docs/source/user/settings.rst                 | 21 +++++
 docs/user/radius_monitoring.rst               |  4 +-
 .../integrations/monitoring/settings.py       | 11 +++
 .../integrations/monitoring/tasks.py          | 14 +--
 .../monitoring/tests/test_metrics.py          | 91 +++++++++++++++++++
 5 files changed, 134 insertions(+), 7 deletions(-)
 create mode 100644 openwisp_radius/integrations/monitoring/settings.py

diff --git a/docs/source/user/settings.rst b/docs/source/user/settings.rst
index 186ed63e..4dcafae4 100644
--- a/docs/source/user/settings.rst
+++ b/docs/source/user/settings.rst
@@ -1044,3 +1044,24 @@ the default value is translated in other languages. If the value is
 customized the translations will not work, so if you need this message
 to be translated in different languages you should either not change the
 default value or prepare the additional translations.
+
+OpenWISP Monitoring integration related settings
+================================================
+
+.. note::
+
+    This settings are only used if you have enabled the
+    :ref:`integration_with_openwisp_monitoring`.
+
+``OPENWISP_RADIUS_MONITORING_DEVICE_LOOKUP_IGNORE_ORGANIZATION``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+**Default**: ``False``
+
+The monitoring integration performs a database lookup for the related
+device using the ``called_station_id`` attribute from the RADIUS session.
+If this is set to ``True``, the integration will disable the filtering of
+devices by organization of the RADIUS session.
+
+This is useful when multiple organizations share the same captive portal
+and the device's organization and RADIUS session organization are different.
diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 082ef681..0d6ad1f9 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -1,3 +1,5 @@
+.. _integration_with_openwisp_monitoring:
+
 Integration with OpenWISP Monitoring
 ------------------------------------
 
@@ -20,7 +22,7 @@ RADIUS metrics
 This chart shows number of users signed up using different registration methods.
 
 2. Total user registrations
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 .. image:: /images/total-user-registration-chart.png
    :alt: Total user registration chart
diff --git a/openwisp_radius/integrations/monitoring/settings.py b/openwisp_radius/integrations/monitoring/settings.py
new file mode 100644
index 00000000..0800fb93
--- /dev/null
+++ b/openwisp_radius/integrations/monitoring/settings.py
@@ -0,0 +1,11 @@
+from django.conf import settings
+
+
+def get_settings_value(option, default):
+    return getattr(settings, f'OPENWISP_RADIUS_MONITORING_{option}', default)
+
+
+DEVICE_LOOKUP_IGNORE_ORGANIZATION = get_settings_value(
+    'DEVICE_LOOKUP_IGNORE_ORGANIZATION',
+    False,
+)
diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 04151bf6..ce11b402 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -3,10 +3,11 @@
 from celery import shared_task
 from django.contrib.auth import get_user_model
 from django.contrib.contenttypes.models import ContentType
-from django.db.models import Count
+from django.db.models import Count, Q
 from django.utils import timezone
 from swapper import load_model
 
+from . import settings as app_settings
 from .utils import clean_registration_method, sha1_hash
 
 Metric = load_model('monitoring', 'Metric')
@@ -192,15 +193,16 @@ def post_save_radiusaccounting(
         registration_method = 'unspecified'
     else:
         registration_method = clean_registration_method(registration_method)
-
+    device_lookup = Q(mac_address__iexact=called_station_id.replace('-', ':'))
+    if app_settings.DEVICE_LOOKUP_IGNORE_ORGANIZATION:
+        organization_id = None
+    else:
+        device_lookup &= Q(organization_id=organization_id)
     try:
         device = (
             Device.objects.select_related('devicelocation')
             .only('id', 'devicelocation__location_id')
-            .get(
-                mac_address__iexact=called_station_id.replace('-', ':'),
-                organization_id=organization_id,
-            )
+            .get(device_lookup)
         )
     except Device.DoesNotExist:
         logger.warning(
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 81d65dc4..64322e06 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -94,6 +94,97 @@ def test_post_save_radiusaccouting_open_session(self, mocked_task):
         self.assertEqual(session.stop_time, None)
         mocked_task.assert_not_called()
 
+    @patch('logging.Logger.warning')
+    def test_post_save_radius_accounting_device_lookup_ignore_organization(
+        self, mocked_logger
+    ):
+        """
+        This test ensures that the metric is written with the device's MAC address
+        when the OPENWISP_RADIUS_MONITORING_DEVICE_LOOKUP_IGNORE_ORGANIZATION is
+        set to True, even if the RadiusAccounting session and the related device
+        have different organizations.
+        """
+        from .. import settings as app_settings
+
+        user = self._create_user()
+        reg_user = self._create_registered_user(user=user)
+        org2 = self._get_org('org2')
+        device = self._create_device(organization=org2)
+        device_loc = self._create_device_location(
+            content_object=device,
+            location=self._create_location(organization=device.organization),
+        )
+        options = _RADACCT.copy()
+        options.update(
+            {
+                'unique_id': '117',
+                'username': user.username,
+                'called_station_id': device.mac_address.replace('-', ':').upper(),
+                'calling_station_id': '00:00:00:00:00:00',
+                'input_octets': '8000000000',
+                'output_octets': '9000000000',
+            }
+        )
+        options['stop_time'] = options['start_time']
+        device_metric_qs = self.metric_model.objects.filter(
+            configuration='radius_acc',
+            name='RADIUS Accounting',
+            key='radius_acc',
+            object_id=str(device.id),
+            content_type=ContentType.objects.get_for_model(self.device_model),
+            extra_tags={
+                'called_station_id': device.mac_address,
+                'calling_station_id': sha1_hash('00:00:00:00:00:00'),
+                'location_id': str(device_loc.location.id),
+                'method': reg_user.method,
+                'organization_id': None,
+            },
+        )
+
+        with self.subTest('Test DEVICE_LOOKUP_IGNORE_ORGANIZATION is set to False'):
+            with patch.object(app_settings, 'DEVICE_LOOKUP_IGNORE_ORGANIZATION', False):
+                self._create_radius_accounting(**options)
+            self.assertEqual(
+                device_metric_qs.count(),
+                0,
+            )
+            # The metric is created without the device_id
+            self.assertEqual(
+                self.metric_model.objects.filter(
+                    configuration='radius_acc',
+                    name='RADIUS Accounting',
+                    key='radius_acc',
+                    object_id=None,
+                    content_type=None,
+                    extra_tags={
+                        'called_station_id': device.mac_address,
+                        'calling_station_id': sha1_hash('00:00:00:00:00:00'),
+                        'location_id': None,
+                        'method': reg_user.method,
+                        'organization_id': str(self.default_org.id),
+                    },
+                ).count(),
+                1,
+            )
+
+        with self.subTest('Test DEVICE_LOOKUP_IGNORE_ORGANIZATION is set to True'):
+            with patch.object(app_settings, 'DEVICE_LOOKUP_IGNORE_ORGANIZATION', True):
+                options['unique_id'] = '118'
+                self._create_radius_accounting(**options)
+            self.assertEqual(
+                device_metric_qs.count(),
+                1,
+            )
+            metric = device_metric_qs.first()
+            self.assertEqual(metric.extra_tags['organization_id'], None)
+            traffic_chart = metric.chart_set.get(configuration='radius_traffic')
+            points = traffic_chart.read()
+            self.assertEqual(points['traces'][0][0], 'download')
+            self.assertEqual(points['traces'][0][1][-1], 8)
+            self.assertEqual(points['traces'][1][0], 'upload')
+            self.assertEqual(points['traces'][1][1][-1], 9)
+            self.assertEqual(points['summary'], {'upload': 9, 'download': 8})
+
     @patch('logging.Logger.warning')
     def test_post_save_radius_accounting_device_not_found(self, mocked_logger):
         """

From 6b6dbd993a512f1ece9ea750974c09014790dcb9 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Tue, 7 May 2024 22:23:22 +0530
Subject: [PATCH 44/51] [req-changes] Renamed setting

---
 docs/source/user/settings.rst                      |  4 ++--
 .../integrations/monitoring/settings.py            |  4 ++--
 openwisp_radius/integrations/monitoring/tasks.py   |  2 +-
 .../integrations/monitoring/tests/test_metrics.py  | 14 ++++++--------
 4 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/docs/source/user/settings.rst b/docs/source/user/settings.rst
index 4dcafae4..25f84143 100644
--- a/docs/source/user/settings.rst
+++ b/docs/source/user/settings.rst
@@ -1053,8 +1053,8 @@ OpenWISP Monitoring integration related settings
     This settings are only used if you have enabled the
     :ref:`integration_with_openwisp_monitoring`.
 
-``OPENWISP_RADIUS_MONITORING_DEVICE_LOOKUP_IGNORE_ORGANIZATION``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+``OPENWISP_RADIUS_MONITORING_SHARED_ACCOUNTING``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 **Default**: ``False``
 
diff --git a/openwisp_radius/integrations/monitoring/settings.py b/openwisp_radius/integrations/monitoring/settings.py
index 0800fb93..82f71181 100644
--- a/openwisp_radius/integrations/monitoring/settings.py
+++ b/openwisp_radius/integrations/monitoring/settings.py
@@ -5,7 +5,7 @@ def get_settings_value(option, default):
     return getattr(settings, f'OPENWISP_RADIUS_MONITORING_{option}', default)
 
 
-DEVICE_LOOKUP_IGNORE_ORGANIZATION = get_settings_value(
-    'DEVICE_LOOKUP_IGNORE_ORGANIZATION',
+SHARED_ACCOUNTING = get_settings_value(
+    'SHARED_ACCOUNTING',
     False,
 )
diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index ce11b402..0d6c1927 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -194,7 +194,7 @@ def post_save_radiusaccounting(
     else:
         registration_method = clean_registration_method(registration_method)
     device_lookup = Q(mac_address__iexact=called_station_id.replace('-', ':'))
-    if app_settings.DEVICE_LOOKUP_IGNORE_ORGANIZATION:
+    if app_settings.SHARED_ACCOUNTING:
         organization_id = None
     else:
         device_lookup &= Q(organization_id=organization_id)
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index 64322e06..b05b751d 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -95,12 +95,10 @@ def test_post_save_radiusaccouting_open_session(self, mocked_task):
         mocked_task.assert_not_called()
 
     @patch('logging.Logger.warning')
-    def test_post_save_radius_accounting_device_lookup_ignore_organization(
-        self, mocked_logger
-    ):
+    def test_post_save_radius_accounting_shared_accounting(self, mocked_logger):
         """
         This test ensures that the metric is written with the device's MAC address
-        when the OPENWISP_RADIUS_MONITORING_DEVICE_LOOKUP_IGNORE_ORGANIZATION is
+        when the OPENWISP_RADIUS_MONITORING_SHARED_ACCOUNTING is
         set to True, even if the RadiusAccounting session and the related device
         have different organizations.
         """
@@ -141,8 +139,8 @@ def test_post_save_radius_accounting_device_lookup_ignore_organization(
             },
         )
 
-        with self.subTest('Test DEVICE_LOOKUP_IGNORE_ORGANIZATION is set to False'):
-            with patch.object(app_settings, 'DEVICE_LOOKUP_IGNORE_ORGANIZATION', False):
+        with self.subTest('Test SHARED_ACCOUNTING is set to False'):
+            with patch.object(app_settings, 'SHARED_ACCOUNTING', False):
                 self._create_radius_accounting(**options)
             self.assertEqual(
                 device_metric_qs.count(),
@@ -167,8 +165,8 @@ def test_post_save_radius_accounting_device_lookup_ignore_organization(
                 1,
             )
 
-        with self.subTest('Test DEVICE_LOOKUP_IGNORE_ORGANIZATION is set to True'):
-            with patch.object(app_settings, 'DEVICE_LOOKUP_IGNORE_ORGANIZATION', True):
+        with self.subTest('Test SHARED_ACCOUNTING is set to True'):
+            with patch.object(app_settings, 'SHARED_ACCOUNTING', True):
                 options['unique_id'] = '118'
                 self._create_radius_accounting(**options)
             self.assertEqual(

From b00b0ee7693249d8940164a371311af0c4e79cce Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 8 May 2024 21:35:32 +0530
Subject: [PATCH 45/51] [change] Use device.organization_id for RADIUS metric
 if SHARED_ACCOUNTING is enabled

---
 openwisp_radius/integrations/monitoring/tasks.py | 16 ++++++++++++----
 .../monitoring/tests/test_metrics.py             |  6 ++++--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index 0d6c1927..b6f271e0 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -194,14 +194,13 @@ def post_save_radiusaccounting(
     else:
         registration_method = clean_registration_method(registration_method)
     device_lookup = Q(mac_address__iexact=called_station_id.replace('-', ':'))
-    if app_settings.SHARED_ACCOUNTING:
-        organization_id = None
-    else:
+    # Do not use organization_id for device lookup if shared accounting is enabled
+    if not app_settings.SHARED_ACCOUNTING:
         device_lookup &= Q(organization_id=organization_id)
     try:
         device = (
             Device.objects.select_related('devicelocation')
-            .only('id', 'devicelocation__location_id')
+            .only('id', 'organization_id', 'devicelocation__location_id')
             .get(device_lookup)
         )
     except Device.DoesNotExist:
@@ -213,6 +212,8 @@ def post_save_radiusaccounting(
         object_id = None
         content_type = None
         location_id = None
+        if app_settings.SHARED_ACCOUNTING:
+            organization_id = None
     else:
         object_id = str(device.id)
         content_type = ContentType.objects.get_for_model(Device)
@@ -220,6 +221,13 @@ def post_save_radiusaccounting(
             location_id = str(device.devicelocation.location_id)
         else:
             location_id = None
+        # Give preference to the organization_id of the device
+        # over RadiusAccounting object.
+        # This would also handle the case when SHARED_ACCOUNTING is enabled,
+        # and write the metric with the same organization_id as the device.
+        # If SHARED_ACCOUNTING is disabled, the organization_id of
+        # Device and RadiusAccounting would be same.
+        organization_id = str(device.organization_id)
 
     metric, created = Metric._get_or_create(
         configuration='radius_acc',
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index b05b751d..c2317af6 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -135,7 +135,7 @@ def test_post_save_radius_accounting_shared_accounting(self, mocked_logger):
                 'calling_station_id': sha1_hash('00:00:00:00:00:00'),
                 'location_id': str(device_loc.location.id),
                 'method': reg_user.method,
-                'organization_id': None,
+                'organization_id': str(device.organization_id),
             },
         )
 
@@ -174,7 +174,9 @@ def test_post_save_radius_accounting_shared_accounting(self, mocked_logger):
                 1,
             )
             metric = device_metric_qs.first()
-            self.assertEqual(metric.extra_tags['organization_id'], None)
+            self.assertEqual(
+                metric.extra_tags['organization_id'], str(device.organization_id)
+            )
             traffic_chart = metric.chart_set.get(configuration='radius_traffic')
             points = traffic_chart.read()
             self.assertEqual(points['traces'][0][0], 'download')

From b360628d642579fe435991abb8aa404d70e0db36 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 8 May 2024 22:49:36 +0530
Subject: [PATCH 46/51] [req-change] Don't overwrite the organization of
 RadiusAccounting

---
 .gitignore                                               | 2 ++
 openwisp_radius/integrations/monitoring/tasks.py         | 9 ++-------
 .../integrations/monitoring/tests/test_metrics.py        | 4 ++--
 setup.cfg                                                | 2 ++
 4 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/.gitignore b/.gitignore
index d2241941..0f91b06b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
+tests/openwisp2/saml/*
+
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
diff --git a/openwisp_radius/integrations/monitoring/tasks.py b/openwisp_radius/integrations/monitoring/tasks.py
index b6f271e0..f8aef603 100644
--- a/openwisp_radius/integrations/monitoring/tasks.py
+++ b/openwisp_radius/integrations/monitoring/tasks.py
@@ -180,6 +180,7 @@ def post_save_radiusaccounting(
     output_octets,
     calling_station_id,
     called_station_id,
+    time=None,
 ):
     try:
         registration_method = (
@@ -221,13 +222,6 @@ def post_save_radiusaccounting(
             location_id = str(device.devicelocation.location_id)
         else:
             location_id = None
-        # Give preference to the organization_id of the device
-        # over RadiusAccounting object.
-        # This would also handle the case when SHARED_ACCOUNTING is enabled,
-        # and write the metric with the same organization_id as the device.
-        # If SHARED_ACCOUNTING is disabled, the organization_id of
-        # Device and RadiusAccounting would be same.
-        organization_id = str(device.organization_id)
 
     metric, created = Metric._get_or_create(
         configuration='radius_acc',
@@ -249,6 +243,7 @@ def post_save_radiusaccounting(
             'output_octets': output_octets,
             'username': sha1_hash(username),
         },
+        time=time,
     )
     if not object_id:
         # Adding a chart requires all parameters of extra_tags to be present.
diff --git a/openwisp_radius/integrations/monitoring/tests/test_metrics.py b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
index c2317af6..336c5167 100644
--- a/openwisp_radius/integrations/monitoring/tests/test_metrics.py
+++ b/openwisp_radius/integrations/monitoring/tests/test_metrics.py
@@ -135,7 +135,7 @@ def test_post_save_radius_accounting_shared_accounting(self, mocked_logger):
                 'calling_station_id': sha1_hash('00:00:00:00:00:00'),
                 'location_id': str(device_loc.location.id),
                 'method': reg_user.method,
-                'organization_id': str(device.organization_id),
+                'organization_id': str(self.default_org.id),
             },
         )
 
@@ -175,7 +175,7 @@ def test_post_save_radius_accounting_shared_accounting(self, mocked_logger):
             )
             metric = device_metric_qs.first()
             self.assertEqual(
-                metric.extra_tags['organization_id'], str(device.organization_id)
+                metric.extra_tags['organization_id'], str(self.default_org.id)
             )
             traffic_chart = metric.chart_set.get(configuration='radius_traffic')
             points = traffic_chart.read()
diff --git a/setup.cfg b/setup.cfg
index 73f56700..b509a271 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -9,6 +9,8 @@ universal=1
 ignore = W605, W503, W504, E203
 exclude = *.egg-info,
           .git,
+          ./tests/openwisp2/saml/*
+          ./test-*
           ./tests/*settings*.py,
           docs/*
 max-line-length = 88

From b02c43bc928a14245db345f3a6c0d49b134609ce Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Mon, 13 May 2024 15:42:55 +0530
Subject: [PATCH 47/51] [chores] Removed changes to .gitignore and setup.cfg

---
 .gitignore | 2 --
 setup.cfg  | 2 --
 2 files changed, 4 deletions(-)

diff --git a/.gitignore b/.gitignore
index 0f91b06b..d2241941 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,3 @@
-tests/openwisp2/saml/*
-
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
diff --git a/setup.cfg b/setup.cfg
index b509a271..73f56700 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -9,8 +9,6 @@ universal=1
 ignore = W605, W503, W504, E203
 exclude = *.egg-info,
           .git,
-          ./tests/openwisp2/saml/*
-          ./test-*
           ./tests/*settings*.py,
           docs/*
 max-line-length = 88

From edeaa796d405b9e57740d8ebe3291ef95ce2598b Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 30 Oct 2024 21:10:04 +0530
Subject: [PATCH 48/51] [req-changes] Updated docs

---
 docs/user/radius_monitoring.rst | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 0d6ad1f9..9838456e 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -58,12 +58,7 @@ in ``INSTALLED_APPS`` of your Django project's settings as following:
 
     # In your_project/settings.py
 
-    INSTALLED_APPS = [
-        # ...
-        'openwisp_radius',
-        'openwisp_radius.integrations.monitoring' # <--- add the app after openwisp_radius
-        # ...
-    ]
+    INSTALLED_APPS.append('openwisp_radius.integrations.monitoring')
 
 .. note::
 

From 520efe273df087172a285244b91c5ab19cb1eb7c Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 30 Oct 2024 21:32:02 +0530
Subject: [PATCH 49/51] [deps] Updated requirements-test.txt

---
 .../images/radius-dashboard-charts.png        |  Bin
 docs/source/index.rst                         |   70 --
 docs/source/user/settings.rst                 | 1067 -----------------
 docs/user/radius_monitoring.rst               |   65 +-
 requirements-test.txt                         |    2 +-
 5 files changed, 34 insertions(+), 1170 deletions(-)
 rename docs/{source => }/images/radius-dashboard-charts.png (100%)
 delete mode 100644 docs/source/index.rst
 delete mode 100644 docs/source/user/settings.rst

diff --git a/docs/source/images/radius-dashboard-charts.png b/docs/images/radius-dashboard-charts.png
similarity index 100%
rename from docs/source/images/radius-dashboard-charts.png
rename to docs/images/radius-dashboard-charts.png
diff --git a/docs/source/index.rst b/docs/source/index.rst
deleted file mode 100644
index 3032fd94..00000000
--- a/docs/source/index.rst
+++ /dev/null
@@ -1,70 +0,0 @@
-===============
-openwisp-radius
-===============
-
-.. image:: https://travis-ci.org/openwisp/openwisp-radius.svg?branch=master
-   :target: https://travis-ci.org/openwisp/openwisp-radius
-   :alt: CI build status
-
-.. image:: https://coveralls.io/repos/github/openwisp/openwisp-radius/badge.svg?branch=master
-   :target: https://coveralls.io/github/openwisp/openwisp-radius?branch=master
-   :alt: Test Coverage
-
-.. image:: https://img.shields.io/librariesio/release/github/openwisp/openwisp-radius
-   :target: https://libraries.io/github/openwisp/openwisp-radius#repository_dependencies
-   :alt: Dependency monitoring
-
-.. image:: https://img.shields.io/gitter/room/nwjs/nw.js.svg
-   :target: https://gitter.im/openwisp/general
-   :alt: Chat
-
-.. image:: https://badge.fury.io/py/openwisp-radius.svg
-   :target: http://badge.fury.io/py/openwisp-radius
-   :alt: Pypi Version
-
-.. image:: https://pepy.tech/badge/openwisp-radius
-   :target: https://pepy.tech/project/openwisp-radius
-   :alt: Downloads
-
-.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
-   :target: https://pypi.org/project/black/
-   :alt: code style: black
-
-**OpenWISP-RADIUS** provides an admin interface to a
-`freeradius <https://freeradius.org/>`_ database and offers features
-that are common in WiFi and ISP deployments.
-
-**Need a quick overview?** `Try the OpenWISP Demo <https://openwisp.org/demo.html>`_.
-
-.. note::
-   If you're building a public wifi service, we suggest
-   to take a look at `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_,
-   which is built to work with openwisp-radius.
-
-.. image:: https://raw.githubusercontent.com/openwisp/openwisp2-docs/master/assets/design/openwisp-logo-black.svg
-   :target: http://openwisp.org
-
-.. toctree::
-   :maxdepth: 2
-
-   /developer/setup
-   /developer/freeradius
-   /developer/freeradius_wpa_enterprise
-   /user/settings
-   /user/management_commands
-   /user/importing_users
-   /user/generating_users
-   /user/enforcing_limits
-   /user/registration
-   /user/social_login
-   /user/saml
-   /user/radius_monitoring
-   /user/change_of_authorization
-   /user/api
-   /developer/signals
-   /developer/how_to_extend
-   /developer/captive_portal_mock.rst
-   /general/support
-   /developer/contributing
-   /general/goals
-   /general/changelog.rst
diff --git a/docs/source/user/settings.rst b/docs/source/user/settings.rst
deleted file mode 100644
index 25f84143..00000000
--- a/docs/source/user/settings.rst
+++ /dev/null
@@ -1,1067 +0,0 @@
-Available settings
-------------------
-
-Admin related settings
-======================
-
-These settings control details of the administration interface of openwisp-radius.
-
-.. note::
-
-    The values of overridden settings fields do not change even when
-    the global defaults are changed.
-
-``OPENWISP_RADIUS_EDITABLE_ACCOUNTING``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Whether ``radacct`` entries are editable from the django admin or not.
-
-``OPENWISP_RADIUS_EDITABLE_POSTAUTH``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Whether ``postauth`` logs are editable from the django admin or not.
-
-``OPENWISP_RADIUS_GROUPCHECK_ADMIN``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Direct editing of group checks items is disabled by default because
-these can be edited through inline items in the Radius Group
-admin (Freeradius > Groups).
-
-*This is done with the aim of simplifying the admin interface and avoid
-overwhelming users with too many options*.
-
-If for some reason you need to enable direct editing of group checks
-you can do so by setting this to ``True``.
-
-``OPENWISP_RADIUS_GROUPREPLY_ADMIN``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Direct editing of group reply items is disabled by default because
-these can be edited through inline items in the Radius Group
-admin (Freeradius > Groups).
-
-*This is done with the aim of simplifying the admin interface and avoid
-overwhelming users with too many options*.
-
-If for some reason you need to enable direct editing of group replies
-you can do so by setting this to ``True``.
-
-``OPENWISP_RADIUS_USERGROUP_ADMIN``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Direct editing of user group items (``radusergroup``) is disabled by default
-because these can be edited through inline items in the User
-admin (Users and Organizations > Users).
-
-*This is done with the aim of simplifying the admin interface and avoid
-overwhelming users with too many options*.
-
-If for some reason you need to enable direct editing of user group items
-you can do so by setting this to ``True``.
-
-``OPENWISP_RADIUS_USER_ADMIN_RADIUSTOKEN_INLINE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-The functionality of editing a user's ``RadiusToken`` directly
-through an inline from the user admin page is disabled by default.
-
-*This is done with the aim of simplifying the admin interface and avoid
-overwhelming users with too many options*.
-
-If for some reason you need to enable editing user's ``RadiusToken``
-from the user admin page, you can do so by setting this to ``True``.
-
-Model related settings
-======================
-
-These settings control details of the openwisp-radius model classes.
-
-``OPENWISP_RADIUS_DEFAULT_SECRET_FORMAT``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``NT-Password``
-
-The default encryption format for storing radius check values.
-
-``OPENWISP_RADIUS_DISABLED_SECRET_FORMATS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``[]``
-
-A list of disabled encryption formats, by default all formats are
-enabled in order to keep backward compatibility with legacy systems.
-
-``OPENWISP_RADIUS_BATCH_DEFAULT_PASSWORD_LENGTH``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``8``
-
-The default password length of the auto generated passwords while
-batch addition of users from the csv.
-
-``OPENWISP_RADIUS_BATCH_DELETE_EXPIRED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``18``
-
-It is the number of months after which the expired users are deleted.
-
-``OPENWISP_RADIUS_BATCH_PDF_TEMPLATE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-It is the template used to generate the pdf when users are being generated using the batch add users feature using the prefix.
-
-The value should be the absolute path to the template of the pdf.
-
-``OPENWISP_RADIUS_EXTRA_NAS_TYPES``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``tuple()``
-
-This setting can be used to add custom NAS types that can be used from the
-admin interface when managing NAS instances.
-
-For example, you want a custom NAS type called ``cisco``, you would add
-the following to your project ``settings.py``:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_EXTRA_NAS_TYPES = (
-        ('cisco', 'Cisco Router'),
-    )
-
-.. _openwisp_radius_freeradius_allowed_hosts:
-
-``OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``[]``
-
-List of host IP addresses or subnets allowed to consume the freeradius
-API endpoints (Authorize, Accounting and Postauth), i.e the value
-of this option should be the IP address of your freeradius
-instance. Example: If your freeradius instance is running on
-the same host machine as OpenWISP, the value should be ``127.0.0.1``.
-Similarly, if your freeradius instance is on a different host in
-the private network, the value should be the private IP of freeradius
-host like ``192.0.2.50``. If your freeradius is on a public network,
-please use the public IP of your freeradius instance.
-
-You can use subnets when freeradius is hosted on a variable IP, eg:
-
-- ``198.168.0.0/24`` to allow the entire LAN.
-- ``0.0.0.0/0`` to allow any address (useful for development / testing).
-
-This value can be overridden per organization in the organization
-change page. You can skip setting this option if you intend to set
-it from organization change page for each organization.
-
-.. image:: /images/freeradius_allowed_hosts.png
-   :alt: Organization change page freeradius settings
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS = ['127.0.0.1', '192.0.2.10', '192.168.0.0/24']
-
-If this option and organization change page option are both
-empty, then all freeradius API requests for the organization
-will return ``403``.
-
-.. _coa_enabled_setting:
-
-``OPENWISP_RADIUS_COA_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False```
-
-If set to ``True``, openwisp-radius will update the NAS with the
-user's current RADIUS attributes whenever the ``RadiusGroup`` of
-user is changed. This allow enforcing of rate limits on active
-RADIUS sessions without requiring users to re-authenticate. For
-more details, :ref:`read the dedicated section for configuring
-openwisp-radius and NAS for using CoA <change_of_authorization>`.
-
-This can be overridden for each organization separately
-via the organization radius settings section of the admin interface.
-
-.. image:: /images/organization_coa_enabled.png
-   :alt: CoA enabled
-
-```RADCLIENT_ATTRIBUTE_DICTIONARIES```
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-+--------------+----------+
-| **type**:    | ``list`` |
-+--------------+----------+
-| **default**: | ``[]``   |
-+--------------+----------+
-
-List of absolute file paths of additional RADIUS dictionaries used
-for RADIUS attribute mapping.
-
-.. note::
-
-    A `default dictionary <https://github.com/openwisp/openwisp-radius/blob/master/openwisp_radius/radclient/dictionary>`_
-    is shipped with openwisp-radius. Any dictionary added using this setting
-    will be used alongside the default dictionary.
-
-``OPENWISP_RADIUS_MAX_CSV_FILE_SIZE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-+--------------+----------------------------+
-| **type**:    | ``int``                    |
-+--------------+----------------------------+
-| **default**: |  `5 * 1024 * 1024` (5 MB)  |
-+--------------+----------------------------+
-
-This setting can be used to set the maximum size limit for firmware images, eg:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_MAX_CSV_FILE_SIZE = 10 * 1024 * 1024  # 10MB
-
-.. note::
-
-    The numeric value represents the size of files in bytes.
-    Setting this to ``None`` will mean there's no max size.
-
-``OPENWISP_RADIUS_PRIVATE_STORAGE_INSTANCE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-+--------------+-------------------------------------------------------------------------------------+
-| **type**:    | ``str``                                                                             |
-+--------------+-------------------------------------------------------------------------------------+
-| **default**: |  ``openwisp_radius.private_storage.storage.private_file_system_storage``            |
-+--------------+-------------------------------------------------------------------------------------+
-
-Dotted path to an instance of any one of the storage classes in
-`private_storage <https://github.com/edoburu/django-private-storage#django-private-storage>`_.
-This instance is used for storing csv files of batch imports of users.
-
-By default, an instance of ``private_storage.storage.files.PrivateFileSystemStorage``
-is used.
-
-.. _openwisp_radius_called_station_ids:
-
-``OPENWISP_RADIUS_CALLED_STATION_IDS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``{}``
-
-This setting allows to specify the parameters to connect to the different
-OpenVPN management interfaces available for an organization. This setting is used by the
-:ref:`convert_called_station_id <convert_called_station_id>` command.
-
-It should contain configuration in following format:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_CALLED_STATION_IDS = {
-        # UUID of the organization for which settings are being specified
-        # In this example 'default'
-        '<organization_uuid>': {
-            'openvpn_config': [
-                {
-                    # Host address of OpenVPN management
-                    'host': '<host>',
-                    # Port of OpenVPN management interface. Defaults to 7505 (integer)
-                    'port': 7506,
-                    # Password of OpenVPN management interface (optional)
-                    'password': '<management_interface_password>',
-                }
-            ],
-            # List of CALLED STATION IDs that has to be converted,
-            # These look like: 00:27:22:F3:FA:F1:gw1.openwisp.org
-            'unconverted_ids': ['<called_station_id>'],
-        }
-    }
-
-``OPENWISP_RADIUS_CONVERT_CALLED_STATION_ON_CREATE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-If set to ``True``, "Called Station ID" of a RADIUS session will be
-converted (as per configuration defined in :ref:`OPENWISP_RADIUS_CALLED_STATION_IDS <openwisp_radius_called_station_ids>`)
-just after the RADIUS session is created.
-
-.. _openwisp_radius_openvpn_datetime_format:
-
-``OPENWISP_RADIUS_OPENVPN_DATETIME_FORMAT``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``u'%a %b %d %H:%M:%S %Y'``
-
-Specifies the datetime format of OpenVPN management status parser used by the
-:ref:`convert_called_station_id <convert_called_station_id>`
-command.
-
-``OPENWISP_RADIUS_UNVERIFY_INACTIVE_USERS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``0`` (disabled)
-
-Number of days from user's ``last_login`` after which the
-user will be flagged as *unverified*.
-
-When set to ``0``, the feature would be disabled and the user will
-not be flagged as *unverified*.
-
-``OPENWISP_RADIUS_DELETE_INACTIVE_USERS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``0`` (disabled)
-
-Number of days from user's ``last_login`` after which the
-user will be deleted.
-
-When set to ``0``, the feature would be disabled and the user will
-not be deleted.
-
-
-API and user token related settings
-===================================
-
-These settings control details related to the API and the radius user token.
-
-``OPENWISP_RADIUS_API_URLCONF``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``None``
-
-Changes the urlconf option of django urls to point the RADIUS API
-urls to another installed module, example, ``myapp.urls``
-(useful when you have a seperate API instance.)
-
-``OPENWISP_RADIUS_API_BASEURL``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``/`` (points to same server)
-
-If you have a seperate instance of openwisp-radius API on a
-different domain, you can use this option to change the base of the image
-download URL, this will enable you to point to your API server's domain,
-example value: ``https://myradius.myapp.com``.
-
-.. _openwisp_radius_api:
-
-``OPENWISP_RADIUS_API``
-~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``True``
-
-Indicates whether the REST API of openwisp-radius is enabled or not.
-
-``OPENWISP_RADIUS_DISPOSABLE_RADIUS_USER_TOKEN``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``True``
-
-Radius user tokens are used for authorizing users.
-
-When this setting is ``True`` radius user tokens are deleted right after a successful
-authorization is performed. This reduces the possibility of attackers reusing
-the access tokens and posing as other users if they manage to intercept it somehow.
-
-.. _openwisp_radius_api_authorize_reject:
-
-``OPENWISP_RADIUS_API_AUTHORIZE_REJECT``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Indicates wether the :ref:`Authorize API view <authorize>` will return
-``{"control:Auth-Type": "Reject"}`` or not.
-
-Rejecting an authorization request explicitly will prevent freeradius from
-attempting to perform authorization with other mechanisms (eg: radius checks, LDAP, etc.).
-
-When set to ``False``, if an authorization request fails, the API will respond with
-``None``, which will allow freeradius to keep attempting to authorize the request
-with other freeradius modules.
-
-Set this to ``True`` if you are performing authorization exclusively through the REST API.
-
-``OPENWISP_RADIUS_API_ACCOUNTING_AUTO_GROUP``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``True``
-
-When this setting is enabled, every accounting instance saved from the API will have
-its ``groupname`` attribute automatically filled in.
-The value filled in will be the ``groupname`` of the ``RadiusUserGroup`` of the highest
-priority among the RadiusUserGroups related to the user with the ``username`` as in the
-accounting instance.
-In the event there is no user in the database corresponding to the ``username`` in the
-accounting instance, the failure will be logged with ``warning`` level but the accounting
-will be saved as usual.
-
-.. _openwisp_radius_allowed_mobile_prefixes:
-
-``OPENWISP_RADIUS_ALLOWED_MOBILE_PREFIXES``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``[]``
-
-This setting is used to specify a list of international mobile prefixes which should
-be allowed to register into the system via the :ref:`user registration API <user_registration>`.
-
-That is, only users with phone numbers using the specified international prefixes will
-be allowed to register.
-
-Leaving this unset or setting it to an empty list (``[]``) will effectively allow
-any international mobile prefix to register (which is the default setting).
-
-For example:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_ALLOWED_MOBILE_PREFIXES = ['+44', '+237']
-
-Using the setting above will only allow phone numbers from the UK (``+44``)
-or Cameroon (``+237``).
-
-.. note::
-
-    This setting is applicable only for organizations
-    which have :ref:`enabled the SMS verification option
-    <openwisp_radius_sms_verification_enabled>`.
-
-``OPENWISP_RADIUS_ALLOW_FIXED_LINE_OR_MOBILE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-OpenWISP RADIUS only allow using mobile phone numbers for user registration.
-This can cause issues in regions where fixed line and mobile phone numbers
-uses the same pattern (e.g. USA). Setting the value to ``True``
-would make phone number type checking less strict.
-
-.. _openwisp_radius_optional_registration_fields:
-
-``OPENWISP_RADIUS_OPTIONAL_REGISTRATION_FIELDS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**:
-
-.. code-block:: python
-
-    {
-        'first_name': 'disabled',
-        'last_name': 'disabled',
-        'birth_date': 'disabled',
-        'location': 'disabled',
-    }
-
-This global setting is used to specify if the optional user fields
-(``first_name``, ``last_name``, ``location`` and ``birth_date``)
-shall be disabled (hence ignored), allowed or required in the
-:ref:`User Registration API <user_registration>`.
-
-The allowed values are:
-
-- ``disabled``: (**default**) the field is disabled.
-- ``allowed``: the field is allowed but not mandatory.
-- ``mandatory``: the field is mandatory.
-
-For example:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_OPTIONAL_REGISTRATION_FIELDS = {
-        'first_name': 'disabled',
-        'last_name': 'disabled',
-        'birth_date': 'mandatory',
-        'location': 'allowed',
-    }
-
-Means:
-
-- ``first_name`` and ``last_name`` fields are not required and their values
-  if provided are ignored.
-- ``location`` field is not required but its value will
-  be saved to the database if provided.
-- ``birth_date`` field is required and a ``ValidationError``
-  exception is raised if its value is not provided.
-
-The setting for each field can also be overridden at organization level
-if needed, by going to
-``Home › Users and Organizations › Organizations > Edit organization`` and
-then scrolling down to ``ORGANIZATION RADIUS SETTINGS``.
-
-.. image:: /images/optional_fields.png
-    :alt: optional field setting
-
-By default the fields at organization level hold a ``NULL`` value,
-which means that the global setting specified in ``settings.py`` will
-be used.
-
-``OPENWISP_RADIUS_PASSWORD_RESET_URLS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-.. note::
-
-    This setting can be overridden for each organization in the
-    organization admin page, the setting implementation is left
-    for backward compatibility but may be deprecated in the future.
-
-**Default**:
-
-.. code-block:: python
-
-    {
-        '__all__': 'https://{site}/{organization}/password/reset/confirm/{uid}/{token}'
-    }
-
-A dictionary representing the frontend URLs through which end users can complete
-the password reset operation.
-
-The frontend could be `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_
-or another in-house captive page solution.
-
-Keys of the dictionary must be either UUID of organizations or ``__all__``, which is the fallback URL
-that will be used in case there's no customized URL for a specific organization.
-
-The password reset URL must contain the "{token}" and "{uid}" placeholders.
-
-The meaning of the variables in the string is the following:
-
-- ``{site}``: site domain as defined in the
-  `django site framework <https://docs.djangoproject.com/en/dev/ref/contrib/sites/>`_
-  (defaults to example.com and an be changed through the django admin)
-- ``{organization}``: organization slug
-- ``{uid}``: uid of the password reset request
-- ``{token}``: token of the password reset request
-
-If you're using `openwisp-wifi-login-pages <https://github.com/openwisp/openwisp-wifi-login-pages>`_,
-the configuration is fairly simple, in case the nodejs app is installed in the same domain
-of openwisp-radius, you only have to ensure the domain field in the main Site object is correct,
-if instead the nodejs app is deployed on a different domain, say ``login.wifiservice.com``,
-the configuration should be simply changed to:
-
-.. code-block:: python
-
-    {
-        '__all__': 'https://login.wifiservice.com/{organization}/password/reset/confirm/{uid}/{token}'
-    }
-
-.. _openwisp_radius_registration_api_enabled:
-
-``OPENWISP_RADIUS_REGISTRATION_API_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``True``
-
-Indicates whether the API registration view is enabled or not.
-When this setting is disabled (i.e. ``False``), the registration API view is disabled.
-
-**This setting can be overridden in individual organizations
-via the admin interface**, by going to *Organizations*
-then edit a specific organization and scroll down to
-*"Organization RADIUS settings"*, as shown in the screenshot below.
-
-.. image:: /images/organization_registration_setting.png
-   :alt: Organization RADIUS settings
-
-.. note::
-
-    We recommend using the override via the admin interface only when there
-    are special organizations which need a different configuration, otherwise,
-    if all the organization use the same configuration, we recommend
-    changing the global setting.
-
-.. _openwisp_radius_sms_verification_enabled:
-
-``OPENWISP_RADIUS_SMS_VERIFICATION_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-.. note::
-
-    If you're looking for instructions on how to configure SMS sending,
-    see :ref:`SMS Token Related Settings <sms_token_related_settings>`.
-
-If :ref:`Identity verification is required <openwisp_radius_needs_identity_verification>`,
-this setting indicates whether users who sign up should be required to
-verify their mobile phone number via SMS.
-
-This can be overridden for each organization separately
-via the organization radius settings section of the admin interface.
-
-.. image:: /images/organization_sms_verification_setting.png
-   :alt: SMS verification enabled
-
-.. _openwisp_radius_needs_identity_verification:
-
-``OPENWISP_RADIUS_MAC_ADDR_ROAMING_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Indicates whether MAC address roaming is supported.
-When this setting is enabled (i.e. ``True``),
-MAC address roaming is enabled for all organizations.
-
-**This setting can be overridden in individual organizations
-via the admin interface**, by going to *Organizations*
-then edit a specific organization and scroll down to
-*"Organization RADIUS settings"*, as shown in the screenshot below.
-
-.. image:: /images/mac-address-roaming.png
-   :alt: Organization MAC Address Roaming settings
-
-.. note::
-
-    We recommend using the override via the admin interface only when there
-    are special organizations which need a different configuration, otherwise,
-    if all the organization use the same configuration, we recommend
-    changing the global setting.
-
-``OPENWISP_RADIUS_NEEDS_IDENTITY_VERIFICATION``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Indicates whether organizations require a user to be verified in order to login.
-This can be overridden globally or for each organization separately via the admin
-interface.
-
-If this is enabled, each registered user should be verified using a verification method.
-The following choices are available by default:
-
-- ``''`` (empty string): unspecified
-- ``manual``: Manually created
-- ``email``: Email
-- ``mobile_phone``: Mobile phone number
-  :ref:`verification via SMS <openwisp_radius_sms_verification_enabled>`
-- ``social_login``: :ref:`social login feature <social_login>`
-
-.. note::
-
-    Of the methods listed above, ``mobile_phone`` is generally
-    accepted as a legal and valid form of indirect identity verification
-    in those countries who require to provide
-    a valid ID document before buying a SIM card.
-
-    Organizations which are required by law to identify their users
-    before allowing them to access the network (eg: ISPs) can restrict
-    users to register only through this method and can configure the system
-    to only :ref:`allow international mobile prefixes <openwisp_radius_allowed_mobile_prefixes>`
-    of countries which require a valid ID document to buy a SIM card.
-
-    **Disclaimer:** these are just suggestions on possible configurations
-    of OpenWISP RADIUS and must not be considered as legal advice.
-
-.. _register_registration_method:
-
-Adding support for more registration/verification methods
-#########################################################
-
-For those who need to implement additional registration and identity
-verification methods, such as supporting a National ID card, new methods
-can be added or an existing method can be removed using
-the ``register_registration_method``
-and ``unregister_registration_method`` functions respectively.
-
-For example:
-
-.. code-block:: python
-
-    from openwisp_radius.registration import (
-        register_registration_method,
-        unregister_registration_method,
-    )
-
-    # Enable registering via national digital ID
-    register_registration_method('national_id', 'National Digital ID')
-
-    # Remove mobile verification method
-    unregister_registration_method('mobile_phone')
-
-.. note::
-
-    Both functions will fail if a specific registration method
-    is already registered or unregistered, unless the keyword argument
-    ``fail_loud`` is passed as ``False`` (this useful when working with
-    additional registration methods which are supported by multiple
-    custom modules).
-
-    Pass ``strong_identity`` as ``True`` to to indicate that users who
-    register using that method have indirectly verified their identity
-    (eg:  :ref:`SMS verification
-    <openwisp_radius_sms_verification_enabled>`,
-    credit card, national ID card, etc).
-
-.. warning::
-
-    If you need to implement a registration method that needs to grant limited
-    internet access to unverified users so they can complete their
-    verification process online on other websites which cannot be predicted
-    and hence cannot be added to the walled garden, you can pass
-    ``authorize_unverified=True`` to the ``register_registration_method``
-    function.
-
-    This is needed to implement payment flows in which users insert
-    a specific 3D secure code in the website of their bank.
-    Keep in mind that you should create a specific limited radius group
-    for these unverified users.
-
-    Payment flows and credit/debit card verification are fully implemented
-    in **OpenWISP Subscriptions**, a premium module available only to
-    customers of the
-    :ref:`commercial support offering of OpenWISP <support>`.
-
-Email related settings
-======================
-
-Emails can be sent to users whose usernames or passwords have been auto-generated.
-The content of these emails can be customized with the settings explained below.
-
-.. _openwisp_radius_batch_mail_subject:
-
-``OPENWISP_RADIUS_BATCH_MAIL_SUBJECT``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``Credentials``
-
-It is the subject of the mail to be sent to the users. Eg: ``Login Credentials``.
-
-.. _openwisp_radius_batch_mail_message:
-
-``OPENWISP_RADIUS_BATCH_MAIL_MESSAGE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``username: {}, password: {}``
-
-The message should be a string in the format ``Your username is {} and password is {}``.
-
-The text could be anything but should have the format string operator ``{}`` for
-``.format`` operations to work.
-
-.. _openwisp_radius_batch_mail_sender:
-
-``OPENWISP_RADIUS_BATCH_MAIL_SENDER``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``settings.DEFAULT_FROM_EMAIL``
-
-It is the sender email which is also to be configured in the SMTP settings.
-The default sender email is a common setting from the
-`Django core settings  <https://docs.djangoproject.com/en/dev/ref/settings/#default-from-email>`_
-under ``DEFAULT_FROM_EMAIL``.
-Currently, ``DEFAULT_FROM_EMAIL`` is set to to ``webmaster@localhost``.
-
-.. _counter_related_settings:
-
-Counter related settings
-========================
-
-.. _counters_setting:
-
-``OPENWISP_RADIUS_COUNTERS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: depends on the database backend in use,
-see :ref:`counters` to find out what are the default counters enabled.
-
-It's a list of strings, each representing the python path to a counter class.
-
-It may be set to an empty list or tuple to disable the counter feature, eg:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_COUNTERS = []
-
-If custom counters have been implemented, this setting should be changed
-to include the new classes, eg:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_COUNTERS = [
-        # default counters for PostgreSQL, may be removed if not needed
-        'openwisp_radius.counters.postgresql.daily_counter.DailyCounter',
-        'openwisp_radius.counters.postgresql.daily_traffic_counter.DailyTrafficCounter',
-        # custom counters
-        'myproject.counters.CustomCounter1',
-        'myproject.counters.CustomCounter2',
-    ]
-
-.. _traffic_counter_check_name:
-
-``OPENWISP_RADIUS_TRAFFIC_COUNTER_CHECK_NAME``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``Max-Daily-Session-Traffic``
-
-Used by :ref:`daily_traffic_counter`,
-it indicates the check attribute which is looked for
-in the database to find the maximum amount of daily traffic
-which users having the default ``users`` radius group assigned can consume.
-
-.. _traffic_counter_reply_name:
-
-``OPENWISP_RADIUS_TRAFFIC_COUNTER_REPLY_NAME``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``CoovaChilli-Max-Total-Octets``
-
-Used by :ref:`daily_traffic_counter`,
-it indicates the reply attribute which is returned to the NAS
-to indicate how much remaining traffic users
-which users having the default ``users`` radius group assigned
-can consume.
-
-It should be changed according to the NAS software in use, for example,
-if using PfSense, this setting should be set to ``pfSense-Max-Total-Octets``.
-
-``OPENWISP_RADIUS_RADIUS_ATTRIBUTES_TYPE_MAP``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``{}``
-
-Used by :ref:`User Radius Usage API <radius_usage_api_view>`,
-it stores mapping of RADIUS attributes to the unit of value
-enforced by the attribute, e.g. ``bytes`` for traffic counters and
-``seconds`` for session time counters.
-
-In the following example, the setting is configured to return ``bytes``
-type in the API response for ``ChilliSpot-Max-Input-Octets`` attribute:
-
-.. code-block:: python
-
-    OPENWISP_RADIUS_RADIUS_ATTRIBUTES_TYPE_MAP = {
-        'ChilliSpot-Max-Input-Octets': 'bytes'
-    }
-
-.. _social_login_settings:
-
-Social Login related settings
-=============================
-
-The following settings are related to the :ref:`social login feature <social_login>`.
-
-.. _openwisp_radius_social_registration_enabled:
-
-``OPENWISP_RADIUS_SOCIAL_REGISTRATION_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Indicates whether the registration using social applications
-is enabled or not. When this setting is enabled (i.e. ``True``),
-authentication using social applications is enabled for all organizations.
-
-**This setting can be overridden in individual organizations
-via the admin interface**, by going to *Organizations*
-then edit a specific organization and scroll down to
-*"Organization RADIUS settings"*, as shown in the screenshot below.
-
-.. image:: /images/organization_social_login_setting.png
-   :alt: Organization social login settings
-
-.. note::
-
-    We recommend using the override via the admin interface only when there
-    are special organizations which need a different configuration, otherwise,
-    if all the organization use the same configuration, we recommend
-    changing the global setting.
-
-.. _saml_settings:
-
-SAML related settings
-=====================
-
-The following settings are related to the :ref:`SAML feature <saml_>`.
-
-.. _openwisp_radius_saml_registration_enabled:
-
-``OPENWISP_RADIUS_SAML_REGISTRATION_ENABLED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Indicates whether registration using SAML is enabled or not.
-When this setting is enabled (i.e. ``True``),
-authentication using SAML is enabled for all organizations.
-
-**This setting can be overridden in individual organizations
-via the admin interface**, by going to *Organizations*
-then edit a specific organization and scroll down to
-*"Organization RADIUS settings"*, as shown in the screenshot below.
-
-.. image:: /images/organization_saml_setting.png
-   :alt: Organization SAML settings
-
-.. note::
-
-    We recommend using the override via the admin interface only when there
-    are special organizations which need a different configuration, otherwise,
-    if all the organization use the same configuration, we recommend
-    changing the global setting.
-
-``OPENWISP_RADIUS_SAML_REGISTRATION_METHOD_LABEL``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``'Single Sign-On (SAML)'``
-
-Sets the verbose name of SAML registration method.
-
-``OPENWISP_RADIUS_SAML_IS_VERIFIED``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Setting this to ``True`` will automatically flag user accounts
-created during SAML sign-in as verified users (``RegisteredUser.is_verified=True``).
-
-This is useful when SAML identity providers can be trusted
-to be legally valid identity verifiers.
-
-.. _openwisp_radius_saml_updates_pre_existing_username:
-
-``OPENWISP_RADIUS_SAML_UPDATES_PRE_EXISTING_USERNAME``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-Allows updating username of a registered user with the value
-received from SAML Identity Provider. Read the
-:ref:`FAQs in SAML integration documentation <preventing_change_in_username_of_registered_user>`
-for details.
-
-.. _sms_token_related_settings:
-
-SMS token related settings
-==========================
-
-These settings allow to control aspects and limitations of the SMS tokens
-which are sent to users for the purpose of
-:ref:`verifying their mobile phone number
-<openwisp_radius_needs_identity_verification>`.
-
-These settings are applicable only when
-:ref:`SMS verification is enabled <openwisp_radius_sms_verification_enabled>`.
-
-``SENDSMS_BACKEND``
-~~~~~~~~~~~~~~~~~~~
-
-This setting takes a python path which points to the `django-sendsms
-<https://github.com/stefanfoulis/django-sendsms>`__
-backend which will be used by the system to send SMS messages.
-
-The list of supported SMS services can be seen in the source code of
-`the django-sendsms backends
-<https://github.com/stefanfoulis/django-sendsms/tree/main/sendsms/backends>`__.
-Adding support for other SMS services can be done by subclassing
-the ``BaseSmsBackend`` and implement the logic needed to talk to the
-SMS service.
-
-The value of this setting can point to any class on the python path,
-so the backend doesn't have to be necessarily shipped in django-sendsms
-but can be deployed in any other location.
-
-``OPENWISP_RADIUS_SMS_TOKEN_DEFAULT_VALIDITY``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``30``
-
-For how many minutes the SMS token is valid for.
-
-``OPENWISP_RADIUS_SMS_TOKEN_LENGTH``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``6``
-
-The length of the SMS token.
-
-``OPENWISP_RADIUS_SMS_TOKEN_HASH_ALGORITHM``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``'sha256'``
-
-The hashing algorithm used to generate the numeric code.
-
-``OPENWISP_RADIUS_SMS_COOLDOWN``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``30``
-
-Seconds users needs to wait before being able to request a new SMS token.
-
-``OPENWISP_RADIUS_SMS_TOKEN_MAX_ATTEMPTS``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``5``
-
-The max number of mistakes tolerated during verification,
-after this amount of mistaken attempts, it won't be possible to
-verify the token anymore and it will be necessary to request a new one.
-
-``OPENWISP_RADIUS_SMS_TOKEN_MAX_USER_DAILY``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``5``
-
-The max number of SMS tokens a single user can request within a day.
-
-``OPENWISP_RADIUS_SMS_TOKEN_MAX_IP_DAILY``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``999``
-
-The max number of tokens which can be requested from the same IP address
-during the same day.
-
-``OPENWISP_RADIUS_SMS_MESSAGE_TEMPLATE``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``{organization} verification code: {code}``
-
-The template used for sending verification code to users via SMS.
-
-.. note::
-
-    The template should always contain ``{code}`` placeholder.
-    Otherwise, the sent SMS will not contain the verification code.
-
-This value can be overridden per organization in the organization
-change page. You can skip setting this option if you intend to set
-it from organization change page for each organization. Keep in mind that
-the default value is translated in other languages. If the value is
-customized the translations will not work, so if you need this message
-to be translated in different languages you should either not change the
-default value or prepare the additional translations.
-
-OpenWISP Monitoring integration related settings
-================================================
-
-.. note::
-
-    This settings are only used if you have enabled the
-    :ref:`integration_with_openwisp_monitoring`.
-
-``OPENWISP_RADIUS_MONITORING_SHARED_ACCOUNTING``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Default**: ``False``
-
-The monitoring integration performs a database lookup for the related
-device using the ``called_station_id`` attribute from the RADIUS session.
-If this is set to ``True``, the integration will disable the filtering of
-devices by organization of the RADIUS session.
-
-This is useful when multiple organizations share the same captive portal
-and the device's organization and RADIUS session organization are different.
diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 9838456e..8404490c 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -1,40 +1,40 @@
 .. _integration_with_openwisp_monitoring:
 
 Integration with OpenWISP Monitoring
-------------------------------------
+====================================
 
-OpenWISP RADIUS includes an optional Django sub-app that adds integration with
-`OpenWISP Monitoring <https://github.com/openwisp/openwisp-monitoring#openwisp-monitoring>`_
-to provide RADIUS metrics.
+OpenWISP RADIUS includes an optional Django sub-app that adds integration
+with :doc:`OpenWISP Monitoring </monitoring/index>` to provide RADIUS metrics.
 
-.. image:: /images/radius-dashboard-charts.png
-   :alt: RADIUS session dashboard charts
+.. image:: ../images/radius-dashboard-charts.png
+    :alt: RADIUS session dashboard charts
 
 RADIUS metrics
-==============
+--------------
 
 1. User registrations
 ~~~~~~~~~~~~~~~~~~~~~
 
-.. image:: /images/user-registration-chart.png
-   :alt: User registration chart
+.. image:: ../images/user-registration-chart.png
+    :alt: User registration chart
 
-This chart shows number of users signed up using different registration methods.
+This chart shows number of users signed up using different registration
+methods.
 
 2. Total user registrations
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-.. image:: /images/total-user-registration-chart.png
-   :alt: Total user registration chart
+.. image:: ../images/total-user-registration-chart.png
+    :alt: Total user registration chart
 
-This chart shows total users registered using different registration methods
-in the system on a given date.
+This chart shows total users registered using different registration
+methods in the system on a given date.
 
 3. Unique RADIUS Sessions
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-.. image:: /images/unique-radius-session-chart.png
-   :alt: Unique RADIUS session chart
+.. image:: ../images/unique-radius-session-chart.png
+    :alt: Unique RADIUS session chart
 
 This chart shows unique RADIUS sessions. It is helpful to know how many
 unique users has used the system in a given time.
@@ -42,37 +42,38 @@ unique users has used the system in a given time.
 4. RADIUS traffic
 ~~~~~~~~~~~~~~~~~
 
-.. image:: /images/radius-traffic-chart.png
-   :alt: RADIUS traffic chart
+.. image:: ../images/radius-traffic-chart.png
+    :alt: RADIUS traffic chart
 
 This chart shows the RADIUS traffic generated by user sessions.
 
 Enabling RADIUS metrics in Django project
-=========================================
+-----------------------------------------
 
-You can enable the monitoring integration by including ``openwisp_radius.integrations.monitoring``
-in ``INSTALLED_APPS`` of your Django project's settings as following:
+.. include:: /partials/settings-note.rst
 
+You can enable the monitoring integration by including
+``openwisp_radius.integrations.monitoring`` in ``INSTALLED_APPS`` of your
+Django project's settings as following:
 
 .. code-block:: python
 
     # In your_project/settings.py
 
-    INSTALLED_APPS.append('openwisp_radius.integrations.monitoring')
+    INSTALLED_APPS.append("openwisp_radius.integrations.monitoring")
 
 .. note::
 
-    Ensure your Django project is correctly configured to utilize OpenWISP Monitoring as
-    outlined in the `OpenWISP Monitoring's documentation <https://github.com/openwisp/openwisp-monitoring#setup-integrate-in-an-existing-django-project>`_.
-    For production environments, it is advisable to deploy OpenWISP using
-    `Ansible OpenWISP2 <https://github.com/openwisp/ansible-openwisp2>`_ or
-    `Docker OpenWISP <https://github.com/openwisp/docker-openwisp>`_, as they simplify
-    the deployment process considerably.
+    Ensure your Django project is correctly configured to utilize OpenWISP
+    Monitoring. For production environments, it is advisable to deploy OpenWISP using
+    :doc:`Ansible OpenWISP </ansible/index>`
+    or :doc:`Docker OpenWISP </docker/index>`,
+    as they simplify the deployment process considerably.
 
 .. important::
 
-    If you are registering a :ref:`"registration method" <openwisp_radius_register_registration_method>`
-    in any other Django application, then ``openwisp_radius.integrations.monitoring``
-    should come after that app in the ``INSTALLED_APPS``. Otherwise, the
+    If you are registering a :ref:`"registration method"
+    <openwisp_radius_register_registration_method>` in any other Django
+    application, then ``openwisp_radius.integrations.monitoring`` should
+    come after that app in the ``INSTALLED_APPS``. Otherwise, the
     registration method would not appear in the chart.
-
diff --git a/requirements-test.txt b/requirements-test.txt
index 5c6b7355..9872eb49 100644
--- a/requirements-test.txt
+++ b/requirements-test.txt
@@ -5,7 +5,7 @@ packaging
 openwisp-sphinx-theme~=1.0.2
 freezegun~=1.1.0
 django-extensions
-openwisp-utils[qa]~=1.1.0
+openwisp-utils[qa] @ https://github.com/openwisp/openwisp-utils/tarball/master
 pylinkvalidator
 lxml~=5.3.0
 cssselect~=1.2.0

From dd9a682159d852e9ab866ea57e2a465d988b0a86 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 30 Oct 2024 21:58:14 +0530
Subject: [PATCH 50/51] [ci] Fixed docker command

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6b5c069a..f06c6a4a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -59,7 +59,7 @@ jobs:
           pip install ${{ matrix.django-version }}
 
       - name: Start InfluxDB and Redis container
-        run: docker-compose up -d influxdb redis
+        run: docker compose up -d influxdb redis
 
       - name: QA checks
         run: |

From 36e7b0199b7ecc8c0581dadd70176ad35dede3c2 Mon Sep 17 00:00:00 2001
From: Gagan Deep <pandafy.dev@gmail.com>
Date: Wed, 30 Oct 2024 22:03:04 +0530
Subject: [PATCH 51/51] [qa] Formatted docs

---
 .github/workflows/ci.yml        |  6 +++---
 docs/user/radius_monitoring.rst | 11 ++++++-----
 pyproject.toml                  |  1 -
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f06c6a4a..3098eea4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -68,11 +68,11 @@ jobs:
       - name: Tests
         if: ${{ !cancelled() && steps.deps.conclusion == 'success' }}
         run: |
-          coverage run runtests.py --parallel || ./runtests.py
-          MONITORING_INTEGRATION=1 coverage run --append runtests.py
+          coverage run --parallel-mode runtests.py --parallel || ./runtests.py
           # SAMPLE tests do not influence coverage, so we can speed up tests with --parallel
-          SAMPLE_APP=1 coverage run ./runtests.py --parallel > /dev/null 2>&1 || SAMPLE_APP=1 ./runtests.py
+          SAMPLE_APP=1 coverage run --parallel-mode ./runtests.py --parallel > /dev/null 2>&1 || SAMPLE_APP=1 ./runtests.py
           coverage combine
+          MONITORING_INTEGRATION=1 coverage run --append runtests.py
           coverage xml
 
       - name: Upload Coverage
diff --git a/docs/user/radius_monitoring.rst b/docs/user/radius_monitoring.rst
index 8404490c..7f80f0af 100644
--- a/docs/user/radius_monitoring.rst
+++ b/docs/user/radius_monitoring.rst
@@ -4,7 +4,8 @@ Integration with OpenWISP Monitoring
 ====================================
 
 OpenWISP RADIUS includes an optional Django sub-app that adds integration
-with :doc:`OpenWISP Monitoring </monitoring/index>` to provide RADIUS metrics.
+with :doc:`OpenWISP Monitoring </monitoring/index>` to provide RADIUS
+metrics.
 
 .. image:: ../images/radius-dashboard-charts.png
     :alt: RADIUS session dashboard charts
@@ -65,10 +66,10 @@ Django project's settings as following:
 .. note::
 
     Ensure your Django project is correctly configured to utilize OpenWISP
-    Monitoring. For production environments, it is advisable to deploy OpenWISP using
-    :doc:`Ansible OpenWISP </ansible/index>`
-    or :doc:`Docker OpenWISP </docker/index>`,
-    as they simplify the deployment process considerably.
+    Monitoring. For production environments, it is advisable to deploy
+    OpenWISP using :doc:`Ansible OpenWISP </ansible/index>` or
+    :doc:`Docker OpenWISP </docker/index>`, as they simplify the
+    deployment process considerably.
 
 .. important::
 
diff --git a/pyproject.toml b/pyproject.toml
index 27522675..b6130200 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,5 @@
 [tool.coverage.run]
 source = ["openwisp_radius"]
-parallel = true
 concurrency = ["multiprocessing"]
 omit = [
     "openwisp_radius/__init__.py",