From cdd7ab2b70f4c72a02ae1682d5c4485e954fb3c2 Mon Sep 17 00:00:00 2001
From: Bikram Chatterjee <chatterjee@bluewin.ch>
Date: Thu, 9 Apr 2020 18:02:26 +0200
Subject: [PATCH 01/72] dperl first integration

---
 priv/dashboard_scripts/dperl_dashboard.js | 1033 +++++++++++++++++++++
 rebar.config                              |    2 +-
 src/dderl_sup.erl                         |   22 +-
 src/dperl.hrl                             |  316 +++++++
 src/dperl_cp.erl                          |  287 ++++++
 src/dperl_dal.erl                         |  727 +++++++++++++++
 src/dperl_metrics.erl                     |  396 ++++++++
 src/dperl_ora.erl                         |  703 ++++++++++++++
 src/dperl_ora.hrl                         |  215 +++++
 src/dperl_skvh_copy.erl                   |  255 +++++
 src/dperl_status.hrl                      |   57 ++
 src/dperl_status_agr.erl                  |  740 +++++++++++++++
 src/dperl_status_pre.erl                  |  100 ++
 src/dperl_status_pull.erl                 |  517 +++++++++++
 src/dperl_status_push.erl                 |  151 +++
 src/dperl_strategy_scr.erl                |  875 +++++++++++++++++
 src/dperl_sup.erl                         |   93 ++
 src/dperl_worker.erl                      |  308 ++++++
 src/dperl_worker_sup.erl                  |   31 +
 19 files changed, 6820 insertions(+), 8 deletions(-)
 create mode 100644 priv/dashboard_scripts/dperl_dashboard.js
 create mode 100644 src/dperl.hrl
 create mode 100644 src/dperl_cp.erl
 create mode 100644 src/dperl_dal.erl
 create mode 100644 src/dperl_metrics.erl
 create mode 100644 src/dperl_ora.erl
 create mode 100644 src/dperl_ora.hrl
 create mode 100644 src/dperl_skvh_copy.erl
 create mode 100644 src/dperl_status.hrl
 create mode 100644 src/dperl_status_agr.erl
 create mode 100644 src/dperl_status_pre.erl
 create mode 100644 src/dperl_status_pull.erl
 create mode 100644 src/dperl_status_push.erl
 create mode 100644 src/dperl_strategy_scr.erl
 create mode 100644 src/dperl_sup.erl
 create mode 100644 src/dperl_worker.erl
 create mode 100644 src/dperl_worker_sup.erl

diff --git a/priv/dashboard_scripts/dperl_dashboard.js b/priv/dashboard_scripts/dperl_dashboard.js
new file mode 100644
index 00000000..0d164dd3
--- /dev/null
+++ b/priv/dashboard_scripts/dperl_dashboard.js
@@ -0,0 +1,1033 @@
+function init(container, width, height) {
+    "use strict";
+    // This code is executed once and it should initialize the graph.
+
+// Dashboard main view, should be named: "cpro_dashboard":
+/*
+
+select
+    ckey
+    ,
+    cvalue
+    ,
+    chash
+  from
+    CPROS
+  where
+        safe_string
+          (
+            hd(ckey) 
+          )
+      <>
+        to_string('register') 
+    and
+        safe_string
+          (
+            nth(4,ckey) 
+          )
+      <>
+        to_string('focus') 
+*/
+
+
+// Focus sql view, should be named "cpro_dashboard_focus":
+/*
+
+select
+    ckey
+    ,
+    cvalue
+    ,
+    chash
+  from
+    CPROS
+  where
+          safe_string
+            (
+            hd(ckey) 
+            ) 
+        <>
+          to_string('register') 
+      and
+          safe_string
+            (
+            nth(4,ckey) 
+            ) 
+        <>
+          to_string('focus') 
+    or
+        safe_list
+          (
+            nth(6,ckey) 
+          )
+      =
+        list
+          (
+            to_string(:binstr_focus_name) 
+            ,
+            to_string(:binstr_focus_key) 
+          )
+*/
+
+// Error drill down view, should be named "cpro_dashboard_drill_error":
+/*
+
+select
+    ckey
+    ,
+    cvalue
+    ,
+    chash
+  from
+    cpro.cproJobError
+  where
+      safe_string
+        (
+            hd(ckey) 
+        )
+    =
+      to_string(:binstr_jobname)
+*/
+
+// Channel drill down view, should be named "cpro_dashboard_drill_channel":
+/*
+
+select
+    ckey
+    ,
+    cvalue
+    ,
+    chash
+  from
+  :binstr_channel
+
+*/
+
+    /** Size & positioning parameters */
+    
+    // virtual coordinates drawing arc radius
+    var vArcRadius = 1000;
+    // node radius in virtual coordinates
+    var nradius = 100;
+    var animDuration = 500;
+
+    // Focusname or topic for subscriptions
+    var topic = "shortid";
+    var viewName = "cpro_dashboard";
+    var focusSuffix = "_focus";
+
+    var initGraph = function() {
+        return {
+            links: {},
+            nodes: {},
+            status: {},
+            errors: {},
+            channelIdMap: {},
+            focusList: {},
+            jobIdChannelMap: {},
+            center: {
+                // Position relative to the bottom center after margin.
+                CPROS: { 
+                    position: { x: -1.9 * nradius, y: 0.3 * nradius },
+                    status: 'idle',
+                    system_information: {}
+                },
+                CPROP: {
+                    position: { x: 0, y: -nradius },
+                    status: 'idle',
+                    system_information: {}
+                }
+            }
+        };
+    }
+
+    /** Helper functions for data extraction */
+    var parseError = function(term) {
+        return new Error(term + " is not a valid json term");
+    }
+    var getKey = function(row) {
+        var k = [];
+        try {
+            k = JSON.parse(row.ckey_1);
+        } catch (e) {
+            throw parseError(row.ckey_1);
+        }
+        return k;
+    };
+
+    var getValue = function(row) {
+        var v = {};
+        try {
+            v = JSON.parse(row.cvalue_2);
+        } catch (e) {
+            throw parseError(row.cvalue_2);
+        }
+        return v;
+    };
+
+    function isNodeRunning(nodeId, links) {
+        var jobs;
+        for(var lid in links) {
+            if(links[lid].target === nodeId) {
+                jobs = links[lid].jobs;
+                for(var jId in jobs) {
+                    if(jobs[jId].running === true) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
+    var extractLinksNodes = function(rows, graph) {
+        var links = graph.links;
+        var nodes = graph.nodes;
+        var status = graph.status;
+        var center = graph.center;
+        var errors = graph.errors;
+        var channelIdMap  = graph.channelIdMap;
+        var focusList = graph.focusList;
+        var jobIdChannelMap = graph.jobIdChannelMap;
+
+        rows.forEach(function(row) {
+            var key = getKey(row);
+            var value = getValue(row);
+
+            // All keys we are interested should have 7 elements.
+            if(key.length !== 7) {
+                // Discard any other rows.
+                return;
+            }
+
+            if(key[5] === "job_status") {
+                var triangleId = key[2] + '_' + key[3] + '_' + key[4];
+                var jobId = key[2] + '_' + key[3];
+                if (row.op === "del") {
+                    delete status[triangleId];
+                } else { 
+                    status[triangleId] = {
+                        id: triangleId,
+                        job: jobId,
+                        status: value.status
+                    };
+                }
+            } else if(key[5] == "error" && key[3] == "system_info") {
+                if (row.op === "del") {
+                    delete center[key[2]][key[6] + "_error"];
+                    var still_errors = false;
+                    var centerOtherKeys = Object.keys(center[key[2]]);
+                    for(var kIdx = 0; kIdx < centerOtherKeys.length; ++kIdx) {
+                        if(centerOtherKeys[kIdx].includes("_error")) {
+                            still_errors = true;
+                            break;
+                        }
+                    }
+                    if (!still_errors) {
+                        center[key[2]].status = "idle";
+                    }
+                } else {
+                    console.log("Setting status error");
+                    center[key[2]].status = "error";
+                    center[key[2]][key[6] + "_error"] = value;
+                }
+            } else if(key[5] === "jobs") {
+                var nodeId = value.platform;
+                var desc = value.desc || "";
+                if(value.direction !== "pull") {
+                    channelIdMap[value.channel] = nodeId;
+                }
+                if(!center.hasOwnProperty(nodeId)) {
+                    if(!nodes.hasOwnProperty('nodeId')) {
+                        nodes[nodeId] = {
+                            id: nodeId,
+                            status: "stopped",
+                            desc: desc
+                        };
+                    } else {
+                        nodes[nodeId].desc = desc;
+                    }
+                }
+                var linkId = key[2] + '_' + nodeId;
+                var jobId = key[2] + '_' + key[3];
+                jobIdChannelMap[jobId] = value.channel;
+                var jobs = {};
+                if(links.hasOwnProperty(linkId)) {
+                    jobs = links[linkId].jobs;
+                }
+                jobs[jobId] = {
+                    id: jobId,
+                    legend: key[3],
+                    enabled: value.enabled,
+                    running: value.running,
+                    direction: value.direction
+                };
+                var runningLink = false;
+                for(var jId in jobs) {
+                    if(jobs[jId].running === true) {
+                        runningLink = true;
+                        break;
+                    }
+                }
+                links[linkId] = {
+                    id: linkId,
+                    source: key[2],
+                    target: nodeId,
+                    running: runningLink,
+                    jobs: jobs
+                };
+                if(isNodeRunning(nodeId, links) && nodes[nodeId].status === "stopped") {
+                    nodes[nodeId].status = "idle";
+                }
+            } else if(key[3] === "focus") {
+                var channel = key[6][0];
+                var focusValueKey = key[6][1];
+                if (typeof key[6][1].join === 'function') {
+                    focusValueKey = key[6][1].join("_");
+                }
+                if(!focusList.hasOwnProperty(channel)) {
+                    focusList[channel] = {};
+                }
+                focusList[channel][focusValueKey] = value;
+            } else if(key[5] === "error") {
+                var jobId = key[2] + '_' + key[3];
+                if (row.op === "del" && errors.hasOwnProperty(jobId)) {
+                    if(key[3] === key[6]) {
+                        errors[jobId].details = "";
+                    } else {
+                        var idx = errors[jobId].ids.indexOf(key[6].toString());
+                        if(idx > -1) {
+                            errors[jobId].ids.splice(idx, 1);
+                        }
+                    }
+                    if(errors[jobId].ids.length === 0 && !errors[jobId].details) {
+                        delete errors[jobId];
+                    }
+                } else {
+                    if(!errors.hasOwnProperty(jobId)) {
+                        errors[jobId] = {
+                            details: "",
+                            ids: []
+                        };
+                    }
+                    if(key[3] === key[6]) {
+                        errors[jobId].details = value;
+                    } else {
+                        if(errors[jobId].ids.indexOf(key[6].toString()) === -1) {
+                            errors[jobId].ids.push(key[6].toString());
+                        }
+                    }
+                }
+            } else if(key[5] === "system_info") {
+                var centerId = key[2];
+                var systemIp = key[4];
+                if(center[centerId]) {
+                    if(key[6] === "node_status" && center[centerId].system_information) {
+                        var systemInfo = {};
+                        for(var k in value) {
+                            systemInfo[k] = value[k];
+                        }
+                        center[centerId].system_information[systemIp] = systemInfo;
+                    } else if(key[6] === "heartbeat") {
+                        var collectorName = key[0];
+                        if(row.op !== "del" && (value.cpu_overload_count !== 0 || value.memory_overload_count !== 0 || value.eval_crash_count !== 0)) {
+                            center[centerId].status = "error";
+                            var ovErr = {};
+                            if(!center[centerId].overload_error) {
+                                ovErr[collectorName] = {};
+                                ovErr[collectorName][systemIp] = value;
+                                center[centerId].overload_error = ovErr;
+                            } else if (!center[centerId].overload_error[collectorName]) {
+                                ovErr[systemIp] = value;
+                                center[centerId].overload_error[collectorName] = ovErr;
+                            } else {
+                                center[centerId].overload_error[collectorName][systemIp] = value;
+                            }
+                        } else {
+                            // TODO: Is there a simple way of doing this ? 
+                            if(center[centerId].overload_error && center[centerId].overload_error[collectorName] && center[centerId].overload_error[collectorName][systemIp]) {
+                                delete center[centerId].overload_error[collectorName][systemIp];
+                                if(Object.keys(center[centerId].overload_error[collectorName]).length === 0) {
+                                    delete center[centerId].overload_error[collectorName];
+                                    if(Object.keys(center[centerId].overload_error).length === 0) {
+                                        delete center[centerId].overload_error;
+                                        var still_errors = false;
+                                        var centerOtherKeys = Object.keys(center[centerId]);
+                                        for(var kIdx = 0; kIdx < centerOtherKeys.length; ++kIdx) {
+                                            if(centerOtherKeys[kIdx].includes("_error")) {
+                                                still_errors = true;
+                                                break;
+                                            }
+                                        }
+                                        if (!still_errors) {
+                                            center[centerId].status = "idle";
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        });
+
+        // Reset the status as errors could have been deleted
+        for(var nid in nodes) {
+            if(nodes[nid].status === "error" || (isFocus && nodes[nid].running_status !== undefined)) {
+                nodes[nid].status = nodes[nid].running_status;
+            }
+        }
+
+        console.log("the errors", errors);
+        for(var lid in links) {
+            var linknode = links[lid].target;
+            if(nodes.hasOwnProperty(linknode)) {
+                for(var jId in links[lid].jobs) {
+                    if(errors.hasOwnProperty(jId)) {
+                        nodes[linknode][jId + "_error"] = errors[jId];
+                        if(nodes[linknode].status !== "error") {
+                            nodes[linknode].running_status = nodes[linknode].status;
+                            nodes[linknode].status = "error";
+                        }
+                    } else {
+                        delete nodes[linknode][jId + "_error"];
+                    }
+                }
+            } else {
+                console.log("link without node found", linknode);
+            }
+        }
+
+        // Grey out all the platforms before appending focus data
+        if(isFocus) {
+            for(nid in nodes) {
+                if(nodes[nid].status !== "error") {
+                    nodes[nid].running_status = nodes[nid].status;
+                    nodes[nid].status = "stopped";
+                }
+            }
+        }
+
+        // Appending focus to the correct platform
+        console.log("The focus list", focusList);
+        console.log("the channel id map", channelIdMap);
+        for(var channel in channelIdMap) {
+            if(focusList.hasOwnProperty(channel)) {
+                var nid = channelIdMap[channel];
+                if(!nodes[nid].status !== "error") {
+                    nodes[nid].status = nodes[nid].running_status;
+                }
+                for(var focusValueKey in focusList[channel]) {
+                    nodes[nid][focusValueKey] = focusList[channel][focusValueKey];
+                }
+            } 
+        }
+
+        for(var sid in status) {
+            status[sid].channel = jobIdChannelMap[status[sid].job];
+        }
+
+        return {links: links, nodes: nodes, status: status, center: center, errors: errors, channelIdMap: channelIdMap, focusList: focusList, jobIdChannelMap: jobIdChannelMap};
+    };
+    /** End data extraction functions */
+
+    // Add the focus input 
+    var focusDiv = container
+        .append('div')
+        .style('position', 'absolute')
+        .style("margin", "10px 0px 0px 10px");
+
+    var inputId = "shortid_" + Math.random().toString(36).substr(2, 14);
+
+    var label = focusDiv
+        .append('label')
+        .attr("for", inputId)
+        .text("Shortid: ");
+
+    var focusInput = focusDiv
+        .append('input')
+        .attr("id", inputId)
+        .style("border", "solid 1px black")
+        .style("border-radius", "3px")
+        .style("padding", "1px 0px 1px 4px");
+
+    var graph = initGraph();
+    var firstData = true;
+    var isFocus = false;
+
+    focusInput.on("keypress", function() {
+        if(d3.event.keyCode == 13) {
+            var inp = focusInput.node();
+            console.log("the value", inp.value);
+            // TODO: Do not call if it is the same registration again ? or maybe for refresh ?
+            var params = {
+                ':binstr_focus_name' : {typ: "binstr", val: topic},
+                ':binstr_focus_key'  : {typ: "binstr", val: inp.value}
+            }
+            helper.req(viewName, focusSuffix, topic, inp.value, params, function() {
+                svg.selectAll('svg > *').remove();
+                graph = initGraph();
+                firstData = true;
+                if (inp.value) {
+                    isFocus = true;
+                } else {
+                    isFocus = false;
+                }
+            });
+        }
+    })
+
+    var margin = { top: 10, right: 10, bottom: 10, left: 10 }; // physical margins in px
+
+    var colorStatus = {
+        idle: 'green',
+        error: 'red',
+        synced: 'yellow',
+        cleaning: 'lightsteelblue',
+        cleaned: 'blue',
+        refreshing: 'cornflowerblue',
+        refreshed: 'purple',
+        stopped: 'lightgrey'
+    };
+    // To see the complete circle when drawing negative coordinates
+    // and width and height for the virtual coordinates
+    var vBox = {
+        x: -1 * (vArcRadius + nradius),
+        y: -1 * (vArcRadius + nradius),
+        w: vArcRadius * 2 + nradius * 2,
+        h: vArcRadius + 3 * nradius
+    };
+
+    var svg = container
+        .append('svg')
+        .attr('viewBox', vBox.x + ' ' + vBox.y + ' ' + vBox.w + ' ' + vBox.h)
+        .attr('preserveAspectRatio', 'xMidYMax meet')
+        .style('margin-top', margin.top + 'px')
+        .style('margin-right', margin.right + 'px')
+        .style('margin-bottom', margin.bottom + 'px')
+        .style('margin-left', margin.left + 'px');
+
+    function resize(w, h) {
+        var cheight = h - (margin.top + margin.bottom);
+        var cwidth = w - (margin.left + margin.right);
+        svg.attr('width', cwidth)
+            .attr('height', cheight);
+    }
+
+    resize(width, height);
+
+    var tooltipDiv = d3.select("body").append('div')
+        .styles({
+            position: "absolute",
+            "text-align": "left",
+            padding: "2px",
+            font: "12px courier",
+            border: "0px",
+            "border-radius": "8px",
+            "pointer-events": "none",
+            opacity: 0,
+            "z-index": 99996,
+            "background-color": "lightgrey",
+            "max-width": "calc(100% - 10px)",
+            "max-height": "calc(100% - 40px)",
+            overflow: "hidden"
+        });
+
+    function tooltipStringifyFilter(name, val) {
+        if(name === "position"){
+            return undefined;
+        }
+        return val;
+    }
+
+    function showTooltip(d) {
+        var html = formatJSON(JSON.stringify(d, tooltipStringifyFilter, 2), true);
+        apply_transition(tooltipDiv.html(html), 200).style('opacity', 0.95);
+    }
+
+    function formatJSON(json, preformatted) {
+        json = json.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+        var result = json.replace(/("(\\u[a-zA-Z0-9]{4}|\\[^u]|[^\\"])*"(\s*:)?|\b(true|false|null)\b|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?)/g, function (match) {
+            var color = 'brown'; // number
+            if (/^"/.test(match)) {
+                if (/:$/.test(match)) {
+                    match = match.slice(1, -2) + ":";
+                    color = 'blue'; // key
+                } else {
+                    color = 'green'; // string
+                }
+            } else if (/true|false/.test(match)) {
+                color = 'magenta'; // boolean
+            } else if (/null/.test(match)) {
+                color = 'red'; //null
+            }
+            return '<span style="color:' + color + '">' + match + '</span>';
+        });
+        if(preformatted) {
+            result = "<pre>" + result + "</pre>";
+        }
+        return result;
+    }
+
+    function moveTooltip() {
+        // Position the tooltip without letting it go outside the window.
+        var availableHeight = document.documentElement.clientHeight;
+        var availableWidth = document.documentElement.clientWidth;
+
+        var d = tooltipDiv.node();
+        var tooltipHeight = d.scrollHeight;
+        var tooltipWidth = d.scrollWidth;
+
+        var left = d3.event.pageX + 15;
+        if(left + tooltipWidth + 5 > availableWidth) {
+            left = Math.max(availableWidth-tooltipWidth-5, 5);
+        }
+        var top = d3.event.pageY + 15;
+        if(top + tooltipHeight + 5 > availableHeight) {
+            top = Math.max(availableHeight-tooltipHeight-5, 30);
+        }
+
+        tooltipDiv
+            .style('left', left + "px")
+            .style('top', top + "px");
+    }
+
+    function hideTooltip() {
+        apply_transition(tooltipDiv, animDuration).style('opacity', 0);
+    }
+
+    function openErrorView(d) {
+        var found = false;
+        var drillKey = "";
+        var sp;
+        for(var k in d) {
+            sp = k.split("_");
+            if(sp[2] === "error") {
+                drillKey = sp[1];
+                found = true;
+                break;
+            }
+        }
+        if(found) {
+            helper.browse('cpro_dashboard_drill_error', {
+                ':binstr_jobname' : {typ: "binstr", val: drillKey}
+            });
+        }
+    }
+
+    function openChannelView(d) {
+        if(d.channel) {
+            helper.browse('cpro_dashboard_drill_channel', {
+                ':binstr_channel': {typ: "binstr", val: d.channel}
+            });
+        }
+    }
+
+    function entries(obj) {
+        var res = [];
+        for(var k in obj) {
+            obj[k].id = k;
+            res.push(obj[k]);
+        }
+        return res;
+    }
+
+    function splitText(text) {
+        var text = text.split(":").pop();
+        return text.split(/\s+/);
+        /* Disabled until we have grouping
+        if(text.length < 10) {
+            return [text];
+        } else {
+            
+            var words = text.split(/\s+/);
+            var lines = [words[0]];
+            var maxLengthLine = 8;
+            // TODO: try to do this dynamic, lines on the top are smaller than lines on the bottom, how can we divide the lines to represent that ?
+            for(var i = 1, j = 0; i < words.length; ++i) {
+                if(lines[j].length + words[i].length <= maxLengthLine) {
+                    lines[j] += ' ' + words[i];
+                } else {
+                    j += 1;
+                    lines[j] = words[i];
+                }
+            }
+            return lines;
+        }
+        */
+    }
+
+    function apply_transition(d3Obj, duration) {
+        if (!document.hidden) {
+            return d3Obj.transition().duration(duration);
+        }
+        return d3Obj;
+    }
+
+    function contextMenu(d) {
+        d3.event.preventDefault();
+        var menuSpec = [
+            {
+                label: "Show details",
+                icon: "external-link",
+                cb: function(evt) {
+                    var pos = {x: evt.pageX - 25, y: evt.pageY - 50}
+                    var html = formatJSON(JSON.stringify(d, tooltipStringifyFilter, 2), true);
+                    helper.openDialog(splitText(d.id).join(" "), html, pos);
+                }
+            }
+        ];
+        var pos = {x: d3.event.pageX - 15, y: d3.event.pageY - 20};
+        helper.contextMenu(menuSpec, pos);
+    }
+
+    return {
+        on_data: function(data) {
+            if(data.length === 0) {
+                return;
+            }
+
+            if(firstData) {
+                firstData = false;
+
+                // Add center nodes
+                var NewCenterNodesDom = svg.selectAll('.center-nodes')
+                    .data(entries(graph.center), function(d) {
+                        return d.id;
+                    })
+                    .enter()
+                    .append('g')
+                    .attr("class", "center-nodes")
+                    .on('mouseover', showTooltip)
+                    .on('mousemove', moveTooltip)
+                    .on('mouseout', hideTooltip)
+                    .on("contextmenu", contextMenu);
+
+                NewCenterNodesDom.append('circle')
+                    .attr('r', nradius)
+                    .attr('cx', function(d) { return d.position.x; })
+                    .attr('cy', function(d) { return d.position.y; })
+                    .attr('id', function(d) { return d.id; })
+                    .style('fill', function(d) {
+                        return colorStatus[d.status];
+                    });
+
+                NewCenterNodesDom.append('text')
+                    .text(function(d) {
+                        return d.id;
+                    })
+                    .attr('text-anchor', 'middle')
+                    .style('font-size', '28px');
+            }
+
+            graph = extractLinksNodes(data, graph);
+
+            // Note: entries adds the id to the values in the original object
+            var nodes = entries(graph.nodes);
+            var links = entries(graph.links);
+            var status = entries(graph.status);
+            var center = entries(graph.center);
+
+            var numberNodes = nodes.length;
+            vArcRadius = Math.max((numberNodes*nradius*1.8)/Math.PI, 1000);
+            // Calculate number of jobs to be able to fit all triangles into a link.
+            var maxJobsCount = 0;
+            links.forEach(function(link) {
+                var currentCount = Object.keys(link.jobs).length;
+                if(currentCount > maxJobsCount) {
+                    maxJobsCount = currentCount;
+                }
+            });
+            // 40 is the height of a status job arrow (+2 for borders).
+            vArcRadius = Math.max(maxJobsCount * 42 + 5 * nradius, vArcRadius);
+
+            vBox = {
+                x: -1 * (vArcRadius + nradius),
+                y: -1 * (vArcRadius + nradius),
+                w: vArcRadius * 2 + nradius * 2,
+                h: vArcRadius + 3 * nradius
+            }
+            svg.attr('viewBox', vBox.x + ' ' + vBox.y + ' ' + vBox.w + ' ' + vBox.h);
+
+            console.log("center", center);
+
+            svg.selectAll('.center-nodes')
+                .data(center, function(d) {
+                    return d.id;
+                })
+                .select('circle')
+                .style('fill', function(d) {
+                    return colorStatus[d.status];
+                });
+
+            var newNodes = svg.selectAll('.node')
+                .data(nodes, function(d) {
+                    return d.id;
+                })
+                .enter()
+                .append('g')
+                .attr("class", "node")
+                .on("contextmenu", contextMenu);
+
+            newNodes.append('circle')
+                .attr('r', nradius)
+                .attr('id', function(d) {
+                    return d.id;
+                })
+                .on('mouseover', showTooltip)
+                .on('mousemove', moveTooltip)
+                .on('mouseout', hideTooltip)
+                .on('click', openErrorView);
+
+            newNodes.append('text')
+                .style('font-size', '28px')
+                .attr('text-anchor', 'middle')
+                .on('mouseover', showTooltip)
+                .on('mousemove', moveTooltip)
+                .on('mouseout', hideTooltip)
+                .each(function(d) {
+                    var textNode = d3.select(this);
+                    var words = splitText(d.id);
+                    var dyStart = Math.ceil(words.length/2) - 1;
+                    for(var i = 0; i < words.length; ++i) {
+                        textNode
+                            .append('tspan')
+                            .attr('dy', i === 0? -dyStart + 'em':'1em')
+                            .text(words[i]);
+                    }
+                   
+                });
+
+            var allPoints = svg.selectAll('g')
+                .filter(function(d) {
+                    return !d.position;
+                })
+                .select('circle');
+
+            var nData = [];
+            svg.selectAll('.node').each(function (d) {
+                nData.push(d);
+            });
+
+            nData.sort(function(a, b) {
+                return a.id.localeCompare(b.id);
+            });
+
+            var angle = Math.PI / (nData.length + 1);
+
+            var positions = {};
+            for(var i = 0; i < nData.length; ++i) {
+                var r = vArcRadius - 2 * nradius * (i % 2);
+                var x = -r * Math.cos((i + 1) * angle);
+                var y = -r * Math.sin((i + 1) * angle);
+                positions[nData[i].id] = {x: x, y: y};
+            }
+            // Append center node positions.
+            for(var k in graph.center) {
+                positions[k] = graph.center[k].position;
+            }
+
+            apply_transition(allPoints, animDuration)
+                .attr('cx', function(d) {
+                    return positions[d.id].x;
+                })
+                .attr('cy', function(d) {
+                    return positions[d.id].y;
+                })
+                .style('fill', function(d) {
+                    return colorStatus[d.status];
+                })
+
+            apply_transition(svg.selectAll('text'), animDuration)
+                .attr('x', function(d) {
+                    return positions[d.id].x;
+                })
+                .attr('y', function(d) {
+                    return positions[d.id].y;
+                });
+
+            apply_transition(svg.selectAll('tspan'), animDuration)
+                .attr('x', function(d) {
+                    return positions[d.id].x;
+                });
+
+            svg.selectAll('line')
+                .data(links, function(d) {
+                    return d.id;
+                })
+                .enter()
+                .insert('line', '.center-nodes')
+                .attr('stroke-width', 6)
+                .attr('id', function(d) {
+                    return d.id;
+                })
+                .on('mouseover', showTooltip)
+                .on('mousemove', moveTooltip)
+                .on('mouseout', hideTooltip)
+                .on('contextmenu', contextMenu);
+
+
+            // Adding connecting links
+            var allLinks = svg.selectAll('line');
+
+            apply_transition(allLinks, animDuration)
+                .attr('x1', function(d) {
+                    if(!positions[d.source]) { return 0; }
+                    return positions[d.source].x;
+                })
+                .attr('y1', function(d) {
+                    if(!positions[d.source]) { return 0; }
+                    return positions[d.source].y;
+                })
+                .attr('x2', function(d) {
+                    if(!positions[d.target]) { return 0; }
+                    return positions[d.target].x;
+                })
+                .attr('y2', function(d) {
+                    if(!positions[d.target]) { return 0; }
+                    return positions[d.target].y;
+                })
+                .attr('stroke', function(d) {
+                    var jobsId = Object.keys(d.jobs);
+                    for(var i = 0; i < status.length; ++i) {
+                        if(d.jobs.hasOwnProperty(status[i].job)) {
+                            if(status[i].status == "error") {
+                                return 'red';
+                            }
+                        }
+                    }
+                    return (d.running === true) ? 'green' : 'lightgrey';
+                });
+
+            var linksMid = {};
+            allLinks.each(function(d) {
+                if(!positions[d.source] || !positions[d.target]) {
+                    return;
+                }
+                var dirX = positions[d.source].x - positions[d.target].x;
+                var dirY = positions[d.source].y - positions[d.target].y;
+                var dirM = Math.sqrt(dirX*dirX + dirY*dirY);
+                if(dirM > 0.01) {
+                    dirX /= dirM;
+                    dirY /= dirM;
+                } else {
+                    dirX = 0;
+                    dirY = -1;
+                }
+
+                // So we are in the center
+                var jobsId = Object.keys(d.jobs);
+
+                var pullJobs = [];
+                var pushJobs = [];
+                for(var i = 0; i < jobsId.length; ++i) {
+                    if(d.jobs[jobsId[i]].direction === "pull") {
+                        pullJobs.push(d.jobs[jobsId[i]]);
+                    } else {
+                        pushJobs.push(d.jobs[jobsId[i]]);
+                    }
+                }
+
+                // TODO: How to merge this two loops in one function... 
+                var dir = {x: dirX, y: dirY};
+                for(var i = 0; i < pushJobs.length; ++i) {
+                    var midX = 0.5 * positions[d.source].x + 0.5 * positions[d.target].x;
+                    var midY = 0.5 * positions[d.source].y + 0.5 * positions[d.target].y;
+                    linksMid[pushJobs[i].id] = {mid: {x: midX, y: midY}, direction: dir, link: d.id, pull: false};
+                }
+
+                dir = {x: -dirX, y: -dirY};
+                for(var i = 0; i < pullJobs.length; ++i) {
+                    var midX = 0.5 * positions[d.source].x + 0.5 * positions[d.target].x;
+                    var midY = 0.5 * positions[d.source].y + 0.5 * positions[d.target].y;
+                    linksMid[pullJobs[i].id] = {mid: {x: midX, y: midY}, direction: dir, link: d.id, pull: true};
+                }
+            });
+            console.log("The link mids", linksMid);
+
+            var groupStatus = {};
+            status.forEach(function(s) {
+                if(linksMid[s.job]) {
+                    var linkId = linksMid[s.job].link;
+                    if(!groupStatus.hasOwnProperty(linkId)) {
+                        // Array to sort properly pullers and pushers along the links
+                        groupStatus[linkId] = [];
+                    }
+                    if(linksMid[s.job].pull) {
+                        groupStatus[linkId].push(s.id);
+                    } else {
+                        groupStatus[linkId].unshift(s.id);
+                    }
+                }
+            });
+
+            var statusPos = {};
+            for(var linkId in groupStatus) {
+                for(var i = 0; i < groupStatus[linkId].length; ++i) {
+                    statusPos[groupStatus[linkId][i]] = i;
+                }
+            }
+
+            var polySelection = svg.selectAll('polygon')
+                .data(status, function(d) {
+                    return d.id;
+                });
+
+            polySelection.exit().remove();
+
+            polySelection.enter()
+                .append('polygon')
+                .attr('id', function(d) {
+                    return d.id;
+                })
+                .attr('points', '0,0 -15,40 15,40')
+                .on('mouseover', showTooltip)
+                .on('mousemove', moveTooltip)
+                .on('mouseout', hideTooltip)
+                .on('click', openChannelView)
+                .on('contextmenu', contextMenu);
+
+            apply_transition(svg.selectAll('polygon'), animDuration)
+                .attr('transform', function(d) {
+                    if(!linksMid[d.job]) {
+                        console.log("Moving outside the visible area as we don't have a position yet", JSON.stringify(d.job));
+                        return "translate(0, 250) rotate(180)"
+                    } else {
+                        var linkId = linksMid[d.job].link;
+                        // Trying to center the triangles along the link by shifting by half.
+                        var shifted = 0.5 * (groupStatus[linkId].length - 1);
+                        var dir = 1;
+
+                        if(!linksMid[d.job].pull) {
+                            // Depending in the direction we would like to move up or down.
+                            var dir = -1;
+                            // Due to rotation we need to move the triangle up a little.
+                            shifted -= 1;
+                        }
+
+                        var dx = linksMid[d.job].direction.x;
+                        var dy = linksMid[d.job].direction.y;
+                        var angle = -1 * Math.atan2(dx, dy) * 180 / Math.PI;
+
+                        var x = linksMid[d.job].mid.x + (statusPos[d.id] - shifted) * dx * 40 * dir;
+                        var y = linksMid[d.job].mid.y + (statusPos[d.id] - shifted) * dy * 40 * dir;
+                        return "translate(" + x + ", " + y + ") rotate(" + angle + ")";
+                    }
+                })
+                .style('stroke', 'black')
+                .style('stroke-width', 3)
+                .style('fill', function(d) {
+                    return colorStatus[d.status];
+                });
+        },
+        on_resize: resize,
+        on_reset: function() {
+            svg.selectAll('svg > *').remove();
+            graph = initGraph();
+            firstData = true;
+        },
+        on_close: function() {
+            tooltipDiv.remove();
+        }
+    };
+}
diff --git a/rebar.config b/rebar.config
index 6ce0af19..6893acfc 100644
--- a/rebar.config
+++ b/rebar.config
@@ -42,7 +42,7 @@
     {esaml, {git, "https://github.com/K2InformaticsGmbH/esaml", {tag, "2.3.0"}}},
     {imem, {git, "https://bitbucket.org/konnexions/imem", {tag, "3.9.0"}}},
     {oranif, {git, "https://github.com/c-bik/oranif", {branch, "master"}}},
-    {prometheus, "v4.5.0"}
+    {prometheus, "4.5.0"}
 ]}.
 
 {deps_error_on_conflict, false}.
diff --git a/src/dderl_sup.erl b/src/dderl_sup.erl
index d9dcd2a5..0d03249a 100644
--- a/src/dderl_sup.erl
+++ b/src/dderl_sup.erl
@@ -34,10 +34,18 @@ start_link() ->
 %% ===================================================================
 
 init([]) ->
-    {ok, {#{strategy => one_for_one, intensity => 5, period => 10},
-          [?CHILD(dderl_dal, worker, []),
-           ?CHILD(dderl_rest, worker, []),
-           ?CHILD(dderl_metrics, worker, []),
-           ?CHILD(dderl_session_sup, supervisor, []),
-           ?CHILD(dderl_data_sender_sup, supervisor, []),
-           ?CHILD(dderl_data_receiver_sup, supervisor, [])]}}.
+  {
+    ok,
+    {
+      #{strategy => one_for_one, intensity => 5, period => 10},
+      [
+        ?CHILD(dderl_dal, worker, []),
+        ?CHILD(dderl_rest, worker, []),
+        ?CHILD(dderl_metrics, worker, []),
+        ?CHILD(dderl_session_sup, supervisor, []),
+        ?CHILD(dderl_data_sender_sup, supervisor, []),
+        ?CHILD(dderl_data_receiver_sup, supervisor, []),
+        ?CHILD(dperl_sup, supervisor, [])
+      ]
+    }
+  }.
diff --git a/src/dperl.hrl b/src/dperl.hrl
new file mode 100644
index 00000000..03f08875
--- /dev/null
+++ b/src/dperl.hrl
@@ -0,0 +1,316 @@
+-ifndef(_dperl_HRL_).
+-define(_dperl_HRL_, true).
+
+-define(LOG_TAG, "_dperl_").
+-include_lib("dderl/src/dderl.hrl").
+
+-type plan() :: at_most_once|at_least_once|on_all_nodes.
+
+-define(TABLESPEC(__T,__O),
+        {__T, record_info(fields, __T), ?__T, #__T{}, __O}).
+-define(TABLESPEC(__TA,__T,__O),
+        {__TA, record_info(fields, __T), ?__T, #__T{}, __O}).
+
+-define(NOT_FOUND, '$notfound').
+
+-record(dperlJob, {
+          name      :: binary(),
+          module    :: atom(),
+          args      :: any(),
+          srcArgs   :: any(),
+          dstArgs   :: any(),
+          enabled   :: true|false,
+          running   :: true|false,
+          plan      :: plan(),
+          nodes     :: [atom()],
+          opts = [] :: list()
+         }).
+-define(dperlJob, [binstr,atom,term,term,term,boolean,atom,atom,list,list]).
+
+-define(JOBDYN_TABLE, 'dperlNodeJobDyn@').
+-record(dperlNodeJobDyn, {
+          name          :: binary(), % same as dperlJob.name
+          state         :: map(),
+          status        :: atom(),
+          statusTime    :: ddTimestamp()
+         }).
+-define(dperlNodeJobDyn, [binstr,map,atom,timestamp]).
+
+-record(dperlService, {
+          name      :: binary(),
+          module    :: atom(),
+          args      :: any(),
+          resource  :: any(),
+          interface :: any(),
+          enabled   :: true|false,
+          running   :: true|false,
+          plan      :: plan(),
+          nodes     :: [atom()],
+          opts = [] :: list()
+         }).
+-define(dperlService, [binstr,atom,term,term,term,boolean,atom,atom,list,list]).
+
+-define(SERVICEDYN_TABLE, 'dperlServiceDyn@').
+-record(dperlServiceDyn, {
+          name          :: binary(), % same as dperlService.name
+          state         :: map(),
+          status        :: atom(),
+          statusTime    :: ddTimestamp()
+         }).
+-define(dperlServiceDyn, [binstr,map,atom,timestamp]).
+
+-define(G(__JS,__F),
+        if is_record(__JS, dperlJob) -> (__JS)#dperlJob.__F;
+           is_record(__JS, dperlService) -> (__JS)#dperlService.__F;
+           true -> error({badarg, __JS})
+        end).
+-define(S(__JS,__F,__V),
+        if is_record(__JS, dperlJob) -> (__JS)#dperlJob{__F = __V};
+           is_record(__JS, dperlService) -> (__JS)#dperlService{__F = __V};
+           true -> error({badarg, __JS})
+        end).
+-define(RC(__JS),
+        if is_record(__JS, dperlJob) -> job;
+           is_record(__JS, dperlService) -> service;
+           true -> error({badarg, __JS})
+        end).
+-define(SUP(__JS),
+        if is_record(__JS, dperlJob) -> dperl_job_sup;
+           is_record(__JS, dperlService) -> dperl_service_sup;
+           true -> error({badarg, __JS})
+        end).
+
+-define(EPOCH, {0,0}).
+
+-define(TOAC_KEY_INDEX_ID, 1).
+
+-define(GET_RPC_TIMEOUT,
+          ?GET_CONFIG(rpcTimeout, [], 2000,
+                      "Max timeout in millisecond for a rpc call")
+        ).
+
+-define(GET_WORKER_CHECK_INTERVAL(__Type),
+          case __Type of
+              job ->
+                  ?GET_CONFIG(jobCheckInterval, [], 1000,
+                              "Interval in millisecond between job configuration"
+                              " checks");
+              service ->
+                  ?GET_CONFIG(serviceCheckInterval, [], 5000,
+                              "Interval in millisecond between service configuration"
+                              " checks")
+          end
+        ).
+
+-define(GET_CLUSTER_CHECK_INTERVAL(__Type),
+           ?GET_CONFIG(clusterCheckInterval, [__Type], 200,
+                      "Interval in milliseconds between cluster checks")
+        ).
+
+-define(GET_LINK_RETRY_INTERVAL(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(linkRetryInterval, [__MODULE, __JOB_NAME], 2000,
+                      "Retry interval in millisecond of a broken link")
+       ).
+
+-define(GET_FOCUS(__KEY),
+          ?GET_CONFIG({focus, __KEY}, [], #{},
+                      "Channel to key transformation function mapping")
+       ).
+
+-define(GET_IGNORED_JOBS_LIST,
+          ?GET_CONFIG(ignoredJobs, [], [],
+                      "List of job names that will be ignored by metrics" 
+                      " and not presented in dashboards")
+        ).
+
+-define(CONNECT_CHECK_IMEM_LINK(__State),
+        (fun(#state{active_link = _ActiveLink, links = _Links,
+                    cred = #{user := _User, password := _Password},
+                    imem_sess = _OldSession} = _State) ->
+                 #{schema := _Schema} = lists:nth(_ActiveLink, _Links),
+                 case catch _OldSession:run_cmd(schema, []) of
+                     _Schema -> {ok, _State};
+                     _ ->
+                         catch _OldSession:close(),
+                         case dperl_dal:connect_imem_link(
+                                _ActiveLink, _Links, _User, _Password) of
+                             {ok, _Session, _Pid} ->
+                                 {ok, _State#state{imem_sess = _Session,
+                                                   imem_connected = true}};
+                             {_Error, _NewActiveLink} ->
+                                 {error, _Error,
+                                  _State#state{active_link = _NewActiveLink,
+                                               imem_connected = false}}
+                         end
+                 end
+         end)(__State)).
+
+-define(CYCLE_ALWAYS_WAIT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cycleAlwaysWait,[__MODULE, __JOB_NAME], 1000,
+                      "Delay in millisecond before restarting the cycle,"
+                      " if current cycle is not idle and cycle is not failed")
+       ).
+
+-define(CYCLE_IDLE_WAIT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cycleIdleWait, [__MODULE, __JOB_NAME], 3000,
+                      "Delay in millisecond before restarting the cycle,"
+                      " if current cycle was idle")
+       ).
+
+-define(CYCLE_ERROR_WAIT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cycleErrorWait, [__MODULE, __JOB_NAME], 5000,
+                      "Delay in millisecond before restarting the cycle,"
+                      " if current cycle has failed")
+       ).
+
+-define(CLEANUP_INTERVAL(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cleanupInterval, [__MODULE, __JOB_NAME], 100000,
+                     "Delay in millisecond between any cleanup success"
+                     " end time and the next cleanup attempt start time")
+       ).
+
+-define(REFRESH_INTERVAL(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(refreshInterval, [__MODULE, __JOB_NAME], 10000000,
+                     "Delay in millisecond between any refresh success"
+                     " end time and the next cleanup attempt start time")
+       ).
+
+-define(CLEANUP_BATCH_INTERVAL(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cleanupBatchInterval, [__MODULE, __JOB_NAME], 2000,
+                     "Delay in millisecond between cleanups whith in a"
+                     " complete cleanup cycle")
+       ).
+
+-define(REFRESH_BATCH_INTERVAL(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(refreshBatchInterval, [__MODULE, __JOB_NAME], 10000,
+                     "Delay in millisecond between refreshes whith in a"
+                     " refresh cleanup cycle")
+       ).
+
+-define(REFRESH_HOURS(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(refreshHours, [__MODULE, __JOB_NAME], [],
+                     "List of hour(s) of the day when refresh should happen."
+                     " [] for every time possible")
+       ).
+
+-define(MAX_BULK_COUNT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(maxBulkCount, [__MODULE, __JOB_NAME], 100,
+                      "Max count for each bulk")
+       ).
+
+-define(MAX_CLEANUP_BULK_COUNT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(maxCleanupBulkCount, [__MODULE, __JOB_NAME], 100,
+                      "Max count for each cleanup bulk")
+       ).
+
+-define(MAX_REFRESH_BULK_COUNT(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(maxRefreshBulkCount, [__MODULE, __JOB_NAME], 100,
+                      "Max count for each refresh bulk")
+       ).
+
+-define(KPI_CLEANUP_TIME(__JOB_NAME),
+          ?GET_CONFIG(kpiCleanupTime, [__JOB_NAME], 30,
+                      "Number of minutes after which a kpi record can be "
+                      "cleaned out") * 60
+       ).
+
+-define(JOB_DOWN_MOD_EXCLUSIONS,
+          ?GET_CONFIG(jobDownModExclusions, [], [],
+                      "List of job modules to be exculded from job down count")
+       ).
+
+-define(JOB_DOWN_NAME_EXCLUSIONS,
+          ?GET_CONFIG(jobDownNameExclusions, [], [],
+                      "List of job names to be exculded from job down count")
+       ).
+
+-define(JOB_ERROR_MOD_EXCLUSIONS,
+          ?GET_CONFIG(jobErrorModExclusions, [], [],
+                      "List of job modules to be exculded from job error count")
+       ).
+
+-define(JOB_ERROR_NAME_EXCLUSIONS,
+          ?GET_CONFIG(jobErrorNameExclusions, [], [],
+                      "List of job names to be exculded from job error count")
+       ).
+
+-define(JOB_DYN_STATUS_TIMEOUT,
+          ?GET_CONFIG(jobDynStatusTimeout, [], 60000,
+                      "Time in milliseconds after which status is considered"
+                      " stale") * 1000
+       ).
+
+-define(JOB_DESCRIPTIONS, 
+          ?GET_CONFIG(jobDescriptions, [], #{},
+                      "Map for specifying the description of platforms for the"
+                      " dperl dashboard")
+       ).
+
+-define(JOB_ERROR, <<"dperlJobError">>).
+
+-define(SESSION_CLOSE_ERROR_CODES(__MODULE),
+          ?GET_CONFIG(oraSessionCloseErrorCodes, [__MODULE, get(name)], [28,3113,3114,6508],
+                      "List of oracle error codes on which session is recreated")
+       ).
+
+-define(STMT_CLOSE_ERROR_CODES(__MODULE),
+          ?GET_CONFIG(oraStmtmCloseErrorCodes, [__MODULE, get(name)], [4069,4068],
+                      "List of oracle error codes on which stmts are recreated")
+       ).
+
+-ifndef(TEST).
+
+-define(STATUS_INTERVAL,
+          ?GET_CONFIG(activityStatusInterval, [get(name)], 60000,
+                      "Delay in millisecond before writing activity status in "
+                      "status dir")
+       ).
+
+-define(STATUS_FILE,
+          ?GET_CONFIG(activityStatusFile, [get(name)], "ServiceActivityLog.sal",
+                      "File name of activity status log")
+       ).
+
+-else.
+
+-define(STATUS_INTERVAL, 1000).
+
+-define(STATUS_FILE, "ServiceActivityLog.sal").
+
+-endif.
+
+-define(ST, erlang:get_stacktrace()).
+
+% Job logger interfaces
+-define(JInfo(__F,__A),         ?Info ([{enum,get(jname)}],"[~p] "__F,[get(jstate)|__A])).
+-define(JWarn(__F,__A),         ?Warn ([{enum,get(jname)}],"[~p] "__F,[get(jstate)|__A])).
+-define(JDebug(__F,__A),        ?Debug([{enum,get(jname)}],"[~p] "__F,[get(jstate)|__A])).
+-define(JError(__F,__A),        ?Error([{enum,get(jname)}],"[~p] "__F,[get(jstate)|__A], [])).
+-define(JError(__F,__A,__S),    ?Error([{enum,get(jname)}],"[~p] "__F,[get(jstate)|__A],__S)).
+-define(JTrace(__F,__A),
+    case get(debug) of
+        true -> ?JInfo(__F,__A);
+        _ -> no_op
+    end).
+
+-define(JInfo(__F),     ?JInfo (__F,[])).
+-define(JWarn(__F),     ?JWarn (__F,[])).
+-define(JError(__F),    ?JError(__F,[])).
+-define(JDebug(__F),    ?JDebug(__F,[])).
+-define(JTrace(__F),    ?JTrace(__F,[])).
+
+-define(NODE, atom_to_list(node())).
+
+% Service logger interfaces
+-define(SInfo(__F,__A),         ?Info ([{enum,get(jname)}],__F,__A)).
+-define(SWarn(__F,__A),         ?Warn ([{enum,get(jname)}],__F,__A)).
+-define(SDebug(__F,__A),        ?Debug([{enum,get(jname)}],__F,__A)).
+-define(SError(__F,__A),        ?Error([{enum,get(jname)}],__F,__A, [])).
+-define(SError(__F,__A,__S),    ?Error([{enum,get(jname)}],__F,__A,__S)).
+
+-define(SInfo(__F),     ?SInfo (__F,[])).
+-define(SWarn(__F),     ?SWarn (__F,[])).
+-define(SError(__F),    ?SError(__F,[])).
+-define(SDebug(__F),    ?SDebug(__F,[])).
+
+-endif. %_dperl_HRL_
diff --git a/src/dperl_cp.erl b/src/dperl_cp.erl
new file mode 100644
index 00000000..9f8b4436
--- /dev/null
+++ b/src/dperl_cp.erl
@@ -0,0 +1,287 @@
+-module(dperl_cp).
+-behaviour(gen_server).
+
+-include("dperl.hrl").
+
+% gen_server exports
+-export([start_link/1, init/1, terminate/2, handle_call/3, handle_cast/2,
+         handle_info/2, code_change/3]).
+
+-record(state, {type, last_seen_nodes = []}).
+
+start_link(Type) when Type == service; Type == job ->
+    Name = list_to_atom(lists:concat(["dperl_", Type, "_cp"])),
+    case gen_server:start_link({local, Name}, ?MODULE, [Type], []) of
+        {ok, Pid} ->
+            ?Info("~p started!", [Name]),
+            {ok, Pid};
+        {error, Error} ->
+            ?Error("starting ~p: ~p", [Name, Error]),
+            {error, Error};
+        Other ->
+            ?Error("starting ~p: ~p", [Name, Other]),
+            Other
+    end.
+
+init([Type]) ->
+    process_flag(trap_exit, true),
+    case Type of
+        job ->
+            ok = dperl_dal:subscribe({table, dperlJob, detailed});
+        service ->
+            ok = dperl_dal:subscribe({table, dperlService, detailed})
+    end,
+    imem_dal_skvh:create_check_channel(?JOB_ERROR, [audit]),
+    erlang:send_after(?GET_WORKER_CHECK_INTERVAL(Type), self(), check_workers),
+    {ok, #state{type = Type}}.
+
+handle_call(Request, _From, State) ->
+    ?Error("unsupported call ~p", [Request]),
+    {reply,badarg,State}.
+
+handle_cast(Request, State) ->
+    ?Error("unsupported cast ~p", [Request]),
+    {noreply,State}.
+
+-define(MTE(__Rest), {mnesia_table_event,__Rest}).
+%% schema deletion event
+handle_info(?MTE({delete,schema,{schema,RecType},_,_}), State)
+  when RecType == dperlJob; RecType == dperlService ->
+    ?Info("stop all jobs/services"),
+    [catch dperl_worker:stop(Mod, Name) || {Mod, Name} <- dperl_worker:list(State#state.type)],
+    {noreply, State};
+%% handles deleteion of a record and if the job was supposed to be running on this node then
+%% job is stopped if not ignored
+handle_info(?MTE({delete,JSM,{JSM,_},[JobOrService],_}), State)
+  when (is_record(JobOrService, dperlJob) andalso JSM == dperlJob) orelse
+       (is_record(JobOrService, dperlService) andalso JSM == dperlService) ->
+    case check_plan(JobOrService) of
+        true ->
+            ?Debug("stop ~p_~s", [?G(JobOrService,module), ?G(JobOrService,name)]),
+            stop(JobOrService);
+        false ->
+            no_op
+    end,
+    {noreply, State};
+%% handles record update or new record insert. Checks if the record changes 
+%% require a restart, cold start or stopping the job/service
+handle_info(?MTE({write,JSM,JobOrService, OldJobOrServices, _}), State)
+  when (is_record(JobOrService, dperlJob) andalso JSM == dperlJob) orelse
+       (is_record(JobOrService, dperlService) andalso JSM == dperlService) ->
+    NewEnabled = ?G(JobOrService, enabled),
+    {OldEnabled, IsEqual} =
+    case OldJobOrServices of
+        [] -> {false, false};  %% new record insert
+        [OldJobOrService | _] -> 
+            %% comparing old and new job or service configuration excluding running column value
+            IsSame = JobOrService == ?S(OldJobOrService, running, ?G(JobOrService, running)),
+            {?G(OldJobOrService, enabled), IsSame}
+    end,
+    case {NewEnabled, OldEnabled, IsEqual} of
+        {true, true, false} -> stop(JobOrService);
+        {A, A, _} -> no_op;
+        {false, true, _} -> stop(JobOrService);
+        {true, false, _} ->
+            case check_plan(JobOrService) of
+                true ->
+                    stop(JobOrService),
+                    start(JobOrService);
+                false -> no_op
+            end
+    end,
+    {noreply, State};
+handle_info(check_workers, #state{type = Type, last_seen_nodes = LNodes} = State) ->
+    case dperl_dal:data_nodes() of
+        LNodes -> 
+            check_workers(Type, LNodes),
+            erlang:send_after(?GET_WORKER_CHECK_INTERVAL(Type), self(), check_workers),
+            {noreply, State};
+        SeenNodes ->
+            log_nodes_status(SeenNodes -- LNodes, Type, "Node added"),
+            log_nodes_status(LNodes -- SeenNodes, Type, "Node disappeared"),
+            erlang:send_after(?GET_CLUSTER_CHECK_INTERVAL(Type), self(), check_workers),
+            {noreply, State#state{last_seen_nodes = SeenNodes}}
+    end;
+handle_info(Info, State) ->
+    ?Error("unsupported info ~p", [Info]),
+    {noreply,State}.
+
+terminate(Reason, _State) when Reason == normal; Reason == shutdown ->
+    ?Info("shutdown"),
+    {ok, _} = dperl_dal:unsubscribe({table, dperlJob, detailed}),
+    {ok, _} = dperl_dal:unsubscribe({table, dperlService, detailed});
+terminate(Reason, State) -> ?Error("crash ~p : ~p", [Reason, State]).
+
+code_change(_OldVsn, State, _Extra) -> {ok, State}.
+
+check_workers(Type, DNodes) when is_atom(Type), is_list(DNodes) ->
+    JobsORServices = dperl_dal:get_enabled(Type),
+    RunningJobsOrServices = dperl_worker:list(Type),
+    EnabledJobsOrServices = 
+    lists:map(
+        fun(#dperlJob{module = Mod, name = Name}) -> {Mod, Name};
+           (#dperlService{module = Mod, name = Name}) -> {Mod, Name}
+        end, JobsORServices),
+    JobsOrServicesToBeStopped = RunningJobsOrServices -- EnabledJobsOrServices,
+    [catch dperl_worker:stop(Mod, Name) || {Mod, Name} <- JobsOrServicesToBeStopped],
+    check_workers(JobsORServices, DNodes);
+check_workers([], _DNodes) -> ok;
+check_workers([JobOrService | JobsOrServices], DNodes) ->
+    IsAlive =
+    case whereis(dperl_worker:child_id(?G(JobOrService,module),
+                                      ?G(JobOrService,name))) of
+        undefined -> false;
+        Pid when is_pid(Pid) -> is_process_alive(Pid)
+    end,
+    try imem_config:reference_resolve(JobOrService) of
+        JobOrServiceRefResolved ->
+            case {check_plan(JobOrServiceRefResolved, DNodes), IsAlive} of
+                {false, true}  -> stop(JobOrService);
+                {true,  false} -> start(JobOrService);
+                {_, _}         ->
+                    case check_config(JobOrService) of
+                        ok -> ok;
+                        _ -> stop(JobOrService)
+                    end
+            end
+    catch
+        _:Error ->
+            ?Error("invalid new config ~p. job/service skipped", [Error], ?ST),
+            dperl_dal:disable(JobOrService),
+            ok
+    end,
+    check_workers(JobsOrServices, DNodes).
+
+-spec check_plan(#dperlJob{} | #dperlService{}) -> true | false.
+check_plan(JobOrService) -> check_plan(JobOrService, dperl_dal:data_nodes()).
+
+-spec check_plan(#dperlJob{} | #dperlService{}, list()) -> true | false.
+check_plan(#dperlJob{plan = Plan, nodes = Nodes} = Job, DataNodes) ->
+    check_plan(Job, Plan, Nodes, DataNodes);
+check_plan(#dperlService{plan = Plan, nodes = Nodes} = Service, DataNodes) ->
+    check_plan(Service, Plan, Nodes, DataNodes).
+
+check_plan(JobOrService, Plan, Nodes, DataNodes) ->
+    case catch check_plan(Plan, Nodes, DataNodes) of
+        Result when is_boolean(Result) -> Result;
+        Error ->
+            ?Error("checking plan Plan : ~p Error : ~p", [Plan, Error]),
+            ?Error("Disabling the job/service due to errors"),
+            dperl_dal:disable(JobOrService),
+            false
+    end.
+
+check_config(JobOrService) ->
+    Module = ?G(JobOrService,module),
+    Name = ?G(JobOrService,name),
+    case ?G(JobOrService, running) of
+        true -> no_op;
+        _ -> 
+            %set running to true
+            dperl_dal:set_running(JobOrService, true)
+    end,
+    case dperl_worker:child_spec(?RC(JobOrService), {Module, Name}) of
+        {ok, #{id := {Module,Name}, modules := [Module],
+               start := {dperl_worker, start_link,
+                         [ActiveJobOrService | _]}}} ->
+            ActiveRunning = ?G(ActiveJobOrService,running),
+            case catch imem_config:reference_resolve(
+                   ?S(JobOrService,running,ActiveRunning)) of
+                {'ClientError', Error} ->
+                    ?Error("invalid new config ~p. job/service not restarted",
+                           [Error]),
+                    ok;
+                ActiveJobOrService -> ok;
+                _ -> stop
+            end;
+        Error -> Error
+    end.
+
+-spec check_plan(atom(), list(), list()) -> true|false.
+check_plan(_, [], _DataNodes) -> true;
+%% Running on all nodes
+check_plan(on_all_nodes, Nodes, _DataNodes) ->
+    lists:member(node(), Nodes);
+%% Running on atleast one node in the cluster
+check_plan(at_least_once, Nodes, DataNodes) ->
+    case nodes_in_db(Nodes, DataNodes) of
+        [] -> true;
+        DBNodes -> hd(DBNodes) == node()
+    end;
+%% Makes sure only one instance runs
+check_plan(at_most_once, Nodes, DataNodes) ->
+    NodesInCluster = nodes_in_db(Nodes, DataNodes),
+    NodesCountInCluster = length(NodesInCluster),
+    if
+         NodesCountInCluster > length(Nodes)/2 ->
+            hd(NodesInCluster) == node();
+        true ->
+            case get_max_db_island() of
+                '$none' -> 
+                    length(Nodes) == 2 andalso hd(NodesInCluster) == node();
+                MaxIslandSize ->
+                    case MaxIslandSize > NodesCountInCluster of
+                        true -> false;
+                        false -> hd(NodesInCluster) == node()
+                    end
+            end
+    end;
+check_plan(Plan, _, _DataNodes) -> 
+    ?Error("Invalid plan ~p", [Plan]),
+    error(badarg).
+
+get_max_db_island() -> get_max_db_island(imem_meta:nodes(), []).
+get_max_db_island([], []) -> '$none';
+get_max_db_island([], Acc) -> lists:max(Acc);
+get_max_db_island([Node|Nodes], Acc) ->
+    case rpc:call(Node, imem_meta, data_nodes, [], ?GET_RPC_TIMEOUT) of
+        {badrpc, _} ->
+            get_max_db_island(Nodes, Acc);
+        DBNodes ->
+            get_max_db_island(Nodes, [length(DBNodes) | Acc])
+    end.
+
+-spec nodes_in_db(list(), list()) -> list().
+nodes_in_db(Nodes, DataNodes) -> nodes_in_db(Nodes, DataNodes, []).
+nodes_in_db([], _, NodesInCluster) -> lists:reverse(NodesInCluster);
+nodes_in_db([Node | Nodes], DataNodes, NodesInCluster) ->
+    case lists:member(Node, DataNodes) of
+        false ->
+            nodes_in_db(Nodes, DataNodes, NodesInCluster);
+        _ ->
+            nodes_in_db(Nodes, DataNodes, [Node|NodesInCluster])
+    end.
+
+start(JobOrService) ->
+    start(JobOrService, ?G(JobOrService,module), ?G(JobOrService,name)).
+start(JobOrService, Mod, Name) ->
+    ?Debug("start ~p_~s", [Mod, Name]),
+    try dperl_worker:start(imem_config:reference_resolve(JobOrService))
+    catch
+        _:Error ->
+            ?Error([{enum, dperl_dal:to_atom(Name)}],
+                   "~p disabled, on start ~p", [Mod, Error], ?ST),
+            dperl_dal:disable(JobOrService)
+    end.
+
+stop(JobOrService) ->
+    stop(JobOrService, ?G(JobOrService,module), ?G(JobOrService,name)).
+stop(JobOrService, Mod, Name) ->
+    case dperl_worker:is_alive(?RC(JobOrService), Name) of
+        true ->
+            ?Debug("stop ~p_~s", [Mod, Name]),
+            try dperl_worker:stop(Mod, Name)
+            catch
+                _:Error ->
+                    ?Error([{enum, dperl_dal:to_atom(Name)}],
+                           "~p disabled, on stop ~p at ~p", [Mod, Error, ?ST]),
+                    dperl_dal:disable(JobOrService)
+            end;
+        false -> no_op
+    end.
+
+-spec log_nodes_status(list(), atom(), string()) -> ok.
+log_nodes_status([], _Type, _Msg) -> ok;
+log_nodes_status([Node | Nodes], Type, Msg) ->
+    ?Warn([{enum, Node}], "~p : ~s", [Type, Msg]),
+    log_nodes_status(Nodes,Type,  Msg).
diff --git a/src/dperl_dal.erl b/src/dperl_dal.erl
new file mode 100644
index 00000000..b87ff3ea
--- /dev/null
+++ b/src/dperl_dal.erl
@@ -0,0 +1,727 @@
+-module(dperl_dal).
+
+-include("dperl.hrl").
+
+-export([select/2, subscribe/1, unsubscribe/1, write/2, check_table/5,
+         sql_jp_bind/1, sql_bind_jp_values/2, read_channel/2,
+         io_to_oci_datetime/1, create_check_channel/1, write_channel/3,
+         read_check_write/4, read_audit_keys/3, read_audit/3, get_enabled/1,
+         update_job_dyn/2, update_job_dyn/3, job_error_close/1, to_binary/1,
+         count_sibling_jobs/2, create_check_channel/2, write_protected/6,
+         get_last_state/1, get_last_audit_time/1, connect_imem_link/4,
+         remove_from_channel/2, remove_deep/2, data_nodes/0, job_state/1,
+         job_error/3, job_error/4, job_error_close/0, update_service_dyn/4,
+         update_service_dyn/3, all_keys/1, read_gt/3, time_str/1, ts_str/1,
+         safe_json_map/1, read_gt_lt/4, normalize_map/1, read_keys_gt/3,
+         write_if_different/3, maps_diff/2, read_keys_gt_lt/4, oci_opts/2,
+         oci_fetch_rows/2, key_from_json/1, disable/1, set_running/2,
+         read_siblings/2, read_channel_raw/2, worker_error/4, sort_links/1,
+         get_pool_name/1, remote_dal/3, get_pool_name/2, run_oci_stmt/3,
+         activity_logger/3, create_check_index/2, to_atom/1, report_status/7,
+         key_to_json/1, key_to_json_enc/1]).
+
+check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
+    case catch imem_meta:create_check_table(
+                 Table, {ColumnNames, ColumnTypes, DefaultRecord},
+                 Opts, system) of
+        {'EXIT', {'ClientError', _} = Reason} ->
+            ?Error("create_check table ~p, ~p", [Table, Reason]);
+        Else ->
+            ?Info("create_check table ~p... ~p", [Table, Else])
+    end.
+
+-spec create_check_channel(binary() | list()) ->  ok | no_return().
+create_check_channel(Channel) when is_list(Channel) ->
+    create_check_channel(list_to_binary(Channel));
+create_check_channel(Channel) when is_binary(Channel) ->
+    imem_dal_skvh:create_check_channel(Channel).
+
+-spec create_check_channel(binary() | list(), list()) -> ok | no_return().
+create_check_channel(Channel, Opts) when is_list(Channel) ->
+    create_check_channel(list_to_binary(Channel), Opts);
+create_check_channel(Channel, Opts) when is_binary(Channel) ->
+    imem_dal_skvh:create_check_channel(Channel, Opts).
+
+-spec create_check_index(binary(), list()) ->
+    ok | {'ClientError', term()} | {'SystemException', term()}.
+create_check_index(Channel, IndexDefinition) ->
+    TableName = to_atom(imem_dal_skvh:table_name(Channel)),
+    case imem_meta:init_create_index(TableName, IndexDefinition) of
+        ok ->                                           ok;
+        {'ClientError',{"Index already exists", _}} ->  ok;
+        Other ->                                        Other
+    end.
+
+-spec write_channel(binary(), any(), any()) -> ok | {error, any()}.
+write_channel(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
+   case catch imem_dal_skvh:write(system, Channel, Key, Val) of
+       Res when is_map(Res) -> ok;
+       {'EXIT', Error} -> {error, Error};
+       {error, Error} -> {error, Error};
+       Other -> {error, Other}
+   end.
+
+write_if_different(Channel, Key, Val) ->
+    case imem_dal_skvh:read(system, Channel, [Key]) of
+        [#{cvalue := Val}] -> no_op;
+        _ -> write_channel(Channel, Key, Val)
+    end.
+
+read_channel(Channel, Key) when is_list(Channel) ->
+    read_channel(list_to_binary(Channel), Key);
+read_channel(Channel, Key) when is_binary(Channel) ->
+   case imem_dal_skvh:read(system, Channel, [Key]) of
+       [#{cvalue := Val}] when is_binary(Val) -> safe_json_map(Val);
+       [#{cvalue := Val}] -> Val;
+       _ -> ?NOT_FOUND
+   end.
+
+read_channel_raw(Channel, Key) when is_list(Channel) ->
+    read_channel_raw(list_to_binary(Channel), Key);
+read_channel_raw(Channel, Key) when is_binary(Channel) ->
+   imem_dal_skvh:read(system, Channel, Key).
+
+read_siblings(Channel, Key) when is_list(Channel) ->
+    read_siblings(list_to_binary(Channel), Key);
+read_siblings(Channel, Key) when is_binary(Channel) ->
+   imem_dal_skvh:read_siblings(system, Channel, Key).
+
+read_check_write(Channel, Key, Val, Type) ->
+    case read_channel(Channel, Key) of
+        ?NOT_FOUND -> 
+            if
+                (Type == map andalso is_map(Val)) orelse (Type == bin andalso is_binary(Val)) ->
+                    write_channel(Channel, Key, Val);
+                Type == bin andalso is_map(Val) ->
+                    write_channel(Channel, Key, imem_json:encode(Val));
+                Type == map andalso is_binary(Val) ->
+                    write_channel(Channel, Key, imem_json:decode(Val, [return_maps]))
+            end;
+        _ -> no_op
+    end.
+
+read_audit_keys(Channel, TimeStamp, Limit) when is_list(Channel) ->
+    read_audit_keys(list_to_binary(Channel), TimeStamp, Limit);
+read_audit_keys(Channel, TimeStamp, Limit) when is_binary(Channel) ->
+    case imem_dal_skvh:audit_readGT(system, Channel, TimeStamp, Limit) of
+        Audits when length(Audits) > 0 ->
+            [#{time := StartTime} | _] = Audits,
+            #{time := EndTime} = lists:last(Audits),
+            {StartTime, EndTime, 
+              [K || #{ckey := K} <- Audits, K /= undefined]};
+        _ -> {TimeStamp, TimeStamp, []}
+    end.
+
+read_audit(Channel, TimeStamp, Limit) when is_list(Channel) ->
+    read_audit(list_to_binary(Channel), TimeStamp, Limit);
+read_audit(Channel, TimeStamp, Limit) when is_binary(Channel) ->
+    case imem_dal_skvh:audit_readGT(system, Channel, TimeStamp, Limit) of
+        Audits when length(Audits) > 0 ->
+            [#{time := StartTime} | _] = Audits,
+            #{time := EndTime} = lists:last(Audits),
+            {StartTime, EndTime,
+             [#{key => K,
+                oval => if is_binary(Ov) -> safe_json_map(Ov);
+                           true -> Ov end,
+                nval => if is_binary(Nv) -> safe_json_map(Nv);
+                           true -> Nv end}
+              || #{ckey := K, ovalue := Ov, nvalue := Nv} <- Audits, K /= undefined]
+            };
+        _ -> {TimeStamp, TimeStamp, []}
+    end.
+
+remove_from_channel(Channel, Key) when is_list(Channel) ->
+    remove_from_channel(list_to_binary(Channel), Key);
+remove_from_channel(Channel, Key) ->
+    case imem_dal_skvh:read(system, Channel, [Key]) of
+        [] -> no_op;
+        Row -> imem_dal_skvh:remove(system, Channel, Row)
+    end.
+
+remove_deep(Channel, BaseKey) ->
+    Rows = imem_dal_skvh:read_deep(system, Channel, [BaseKey]),
+    imem_dal_skvh:remove(system, Channel, Rows).
+
+read_gt(Channel, StartKey, BulkSize) when is_binary(Channel) ->
+    lists:map(
+      fun(#{ckey := Key, cvalue := Val}) -> {Key, safe_json_map(Val)} end,
+      imem_dal_skvh:readGT(system, Channel, StartKey, BulkSize)).
+
+read_gt_lt(Channel, StartKey, EndKey, BulkSize) ->
+    KeyVals = case imem_dal_skvh:readGELTMap(system, Channel, 
+                          StartKey, EndKey, BulkSize + 1) of
+        [#{ckey := StartKey} | Rest] -> Rest;
+        List -> lists:sublist(List, BulkSize)
+    end,
+    lists:map(fun(#{ckey := Key, cvalue := Val}) -> {Key, safe_json_map(Val)} end,
+      KeyVals).
+
+read_keys_gt(Channel, StartKey, BulkSize) ->
+    read_keys_gt_lt(Channel, StartKey, <<255>>, BulkSize).
+
+read_keys_gt_lt(Channel, StartKey, EndKey, BulkSize) ->
+    case imem_dal_skvh:readGELTKeys(system, Channel, StartKey, EndKey, BulkSize + 1) of
+        [StartKey | T] -> T;
+        Keys -> lists:sublist(Keys, BulkSize)
+    end.
+
+subscribe(Event)            -> imem_meta:subscribe(Event).
+unsubscribe(Event)          -> imem_meta:unsubscribe(Event).
+write(Table, Record)        -> imem_meta:write(Table, Record).
+select(Table, MatchSpec)    -> imem_meta:select(Table, MatchSpec).
+sql_jp_bind(Sql)            -> imem_meta:sql_jp_bind(Sql).
+
+sql_bind_jp_values(BindParamsMeta, JpPathBinds) ->
+    imem_meta:sql_bind_jp_values(BindParamsMeta, JpPathBinds).
+
+io_to_oci_datetime(Dt) ->
+    oci_util:to_dts(imem_datatype:io_to_datetime(Dt)).
+
+get_enabled(job) ->
+    {Jobs, _} = imem_meta:select(dperlJob,
+                                 [{#dperlJob{enabled=true, _='_'},[],['$_']}]),
+    Jobs;
+get_enabled(service) ->
+    {Services, _} = imem_meta:select(dperlService,
+                                     [{#dperlService{enabled=true, _='_'},[],
+                                       ['$_']}]),
+    Services.
+
+disable(#dperlJob{name = Name}) ->
+    update_job_dyn(Name, error),
+    imem_meta:transaction(fun() ->
+        case imem_meta:read(dperlJob, Name) of
+            [Job] ->
+                ok = imem_meta:write(dperlJob, Job#dperlJob{enabled = false, running = false});
+            _ -> no_op
+        end
+    end);
+disable(#dperlService{name = Name}) ->
+    imem_meta:transaction(fun() ->
+        case imem_meta:read(dperlService, Name) of
+            [Service] ->
+                ok = imem_meta:write(dperlService,
+                                     Service#dperlService{enabled = false, running = false});
+            _ -> no_op
+        end
+    end).
+
+set_running(#dperlJob{name = Name}, Running) ->
+    imem_meta:transaction(fun() ->
+        case imem_meta:read(dperlJob, Name) of
+            [#dperlJob{running = _} = Job] ->
+                ok = imem_meta:write(dperlJob, Job#dperlJob{running = Running});
+            _ -> no_op
+        end
+    end);
+set_running(#dperlService{name = Name}, Running) ->
+    imem_meta:transaction(fun() ->
+        case imem_meta:read(dperlService, Name) of
+            [#dperlService{running = _} = Service] ->
+                ok = imem_meta:write(dperlService, Service#dperlService{running = Running});
+            _ -> no_op
+        end
+    end).
+
+
+update_service_dyn(ServiceName, State, ActiveThreshold, OverloadThreshold)
+  when is_binary(ServiceName), is_map(State), is_integer(ActiveThreshold),
+       is_integer(OverloadThreshold) ->
+    Status =
+    case maps:get(req, State, 0) of
+        Req when Req < ActiveThreshold -> idle;
+        Req when Req >= ActiveThreshold andalso
+                Req < OverloadThreshold -> active;
+        Req when Req >= OverloadThreshold -> overload
+    end,
+    imem_meta:transaction(fun() ->
+        case imem_meta:read(?SERVICEDYN_TABLE, ServiceName) of
+            [] ->
+                update_service_dyn(ServiceName, State, Status);
+            [#dperlServiceDyn{state = OldState}] ->
+                NewState = maps:merge(OldState, State),
+                if OldState /= NewState ->
+                    update_service_dyn(ServiceName, NewState, Status);
+                true -> ok
+                end
+        end
+    end).
+
+update_service_dyn(ServiceName, State, Status) when is_binary(ServiceName) andalso
+  is_map(State) andalso (Status == stopped orelse Status == idle orelse
+  Status == active orelse Status == overload) ->
+        imem_meta:write(
+            ?SERVICEDYN_TABLE,
+            #dperlServiceDyn{name = ServiceName, state = State,
+                            status = Status, statusTime = imem_meta:time_uid()}).
+
+update_job_dyn(JobName, State) when is_binary(JobName) andalso is_map(State) ->
+    imem_meta:transaction(fun() ->
+    case imem_meta:read(?JOBDYN_TABLE, JobName) of
+        [] ->
+            ok = imem_meta:write(
+                   ?JOBDYN_TABLE,
+                   #dperlNodeJobDyn{name = JobName, state = State,
+                                   status = synced,
+                                   statusTime = imem_meta:time_uid()});
+        [#dperlNodeJobDyn{state=OldState} = J] ->
+            NewState = maps:merge(OldState, State),
+            if OldState /= NewState ->
+                   ok = imem_meta:write(
+                          ?JOBDYN_TABLE,
+                          J#dperlNodeJobDyn{state = NewState,
+                                           statusTime = imem_meta:time_uid()});
+               true -> ok
+            end
+    end end);
+update_job_dyn(JobName, Status)
+  when is_binary(JobName) andalso 
+       (Status == synced orelse
+        Status == cleaning orelse Status == cleaned orelse
+        Status == refreshing orelse Status == refreshed orelse
+        Status == idle orelse Status == error orelse Status == stopped) ->
+    case imem_meta:read(?JOBDYN_TABLE, JobName) of
+        [] ->
+            ok = imem_meta:write(
+                   ?JOBDYN_TABLE,
+                   #dperlNodeJobDyn{name = JobName, state = #{},
+                                   status = Status,
+                                   statusTime = imem_meta:time_uid()});
+        [#dperlNodeJobDyn{status = OldStatus} = J] ->
+            if OldStatus /= Status orelse
+               (OldStatus == Status andalso Status == error) ->
+                   ok = imem_meta:write(
+                          ?JOBDYN_TABLE,
+                          J#dperlNodeJobDyn{status = Status,
+                                           statusTime = imem_meta:time_uid()});
+               true -> ok
+            end
+    end.
+
+update_job_dyn(JobName, State, Status)
+  when is_binary(JobName) andalso is_map(State) andalso
+       (Status == synced orelse Status == undefined orelse
+        Status == cleaning orelse Status == cleaned orelse
+        Status == refreshing orelse Status == refreshed orelse
+        Status == idle orelse Status == error orelse Status == stopped) ->
+    case imem_meta:read(?JOBDYN_TABLE, JobName) of
+        [] ->
+            ok = imem_meta:write(
+                   ?JOBDYN_TABLE,
+                   #dperlNodeJobDyn{name = JobName, state = State,
+                                   status = Status,
+                                   statusTime = imem_meta:time_uid()});
+        [#dperlNodeJobDyn{state=OldState, status=OldStatus, statusTime = OTime} = J] ->
+            NewState = maps:merge(OldState,State),
+            TimeDiff = imem_datatype:sec_diff(OTime),
+            if NewState /= OldState orelse (OldStatus == error andalso Status /= idle)
+               orelse (OldStatus /= error andalso Status /= OldStatus) 
+               orelse (OldStatus == Status andalso Status == idle)
+               orelse TimeDiff > 1  ->
+                   ok = imem_meta:write(
+                          ?JOBDYN_TABLE,
+                          J#dperlNodeJobDyn{state = NewState, status = Status,
+                                           statusTime = imem_meta:time_uid()});
+               true -> ok
+            end
+    end.
+
+get_last_state(JobName) when is_binary(JobName) ->
+    case imem_meta:read(?JOBDYN_TABLE, {JobName, node()}) of
+        [#dperlNodeJobDyn{state = State}] ->
+            State;
+        _ -> #{}
+    end.
+
+get_last_audit_time(JobName) ->
+    case get_last_state(JobName) of
+        #{lastAuditTime := LastAuditTime} ->
+            LastAuditTime;
+        _ -> {0,0,0}
+    end.
+
+count_sibling_jobs(Module, Channel) ->
+    {Args, true} = imem_meta:select(dperlJob, [{#dperlJob{module=Module, 
+        srcArgs='$1', dstArgs = '$2', _= '_'}, [], [{{'$1', '$2'}}]}]),
+    length(lists:filter(fun({#{channel := Chn}, _}) when Chn == Channel -> true;
+                           ({_, #{channel := Chn}}) when Chn == Channel -> true;
+                           (_) -> false
+                        end, Args)).
+
+connect_imem_link(ActiveLink, Links, User, Password) when is_list(Password) ->
+    connect_imem_link(ActiveLink, Links, User, list_to_binary(Password));
+connect_imem_link(ActiveLink, Links, User, Password) when is_binary(Password) ->
+    Link = lists:nth(ActiveLink, Links),
+    case connect_imem(User, erlang:md5(Password), Link) of
+        {ok, Session, Pid} ->
+            {ok, Session, Pid};
+        {error, Error} ->
+            NewActiveLink = if
+                length(Links) > ActiveLink ->
+                    ActiveLink + 1;
+                true  ->
+                    1
+            end,
+            {Error, NewActiveLink}
+    end.
+
+connect_imem(User, Password, #{ip := Ip, port := Port, secure := Secure,
+                               schema := Schema}) ->
+    case erlimem:open({tcp, Ip, Port, if Secure -> [ssl]; true -> [] end},
+                      Schema) of
+        {ok, {erlimem_session, Pid} = Session} ->
+            case catch Session:auth(?MODULE,<<"TODO">>,{pwdmd5,{User,Password}}) of
+                OK when OK == ok; element(1, OK) == ok ->
+                    case catch Session:run_cmd(login,[]) of
+                        {error, _} ->
+                            {error, eaccess};
+                        _ ->
+                            {ok, Session, Pid}
+                    end;
+                {'EXIT', _} ->
+                    {error, eaccess};
+                _ ->
+                    {error, eaccess}
+            end;
+        Error -> 
+            {error, Error}
+    end.
+
+data_nodes() -> data_nodes(imem_meta:data_nodes(), []).
+data_nodes([], Acc) -> Acc;
+data_nodes([{_,Node}|DataNodes], Acc) -> data_nodes(DataNodes, [Node|Acc]).
+
+job_state(Name) -> imem_meta:read(?JOBDYN_TABLE, Name).
+
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) when is_binary(Channel) ->
+    report_status(Module, StatusTable, {binary_to_list(Channel), ShortId}, JobName, Status);
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) when is_binary(ShortId) ->
+    report_status(Module, StatusTable, {Channel, binary_to_list(ShortId)}, JobName, Status);
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) when is_binary(JobName) ->
+    report_status(Module, StatusTable, {Channel, ShortId}, binary_to_list(JobName), Status);
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) when is_integer(ShortId) ->
+    report_status(Module, StatusTable, {Channel, integer_to_list(ShortId)}, JobName, Status);
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) when is_list(StatusTable) ->
+    report_status(Module, list_to_binary(StatusTable), {Channel, ShortId}, JobName, Status);
+report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) ->
+    try
+        write_channel(StatusTable,
+          [atom_to_list(Module), Channel, ShortId, JobName], Status)
+    catch
+        C:E ->
+            ?Error("~p,~p to ~p : ~p",
+                   [Channel, ShortId, StatusTable, {C,E}], ?ST)
+    end.
+
+%% pusher report_status
+report_status(StatusKey, AuditTimeOrKey, no_op, StatusTable, Channel, JobName, Module) ->
+    report_status(StatusKey, AuditTimeOrKey, #{}, StatusTable, Channel, JobName, Module);
+report_status(StatusKey, AuditTimeOrKey, {error, Error}, StatusTable, Channel, JobName, Module) ->
+    report_status(StatusKey, AuditTimeOrKey, error_obj(Error), StatusTable, Channel, JobName, Module);
+report_status(StatusKey, AuditTimeOrKey, Error, StatusTable, Channel, JobName, Module) when not is_map(Error) ->
+    report_status(StatusKey, AuditTimeOrKey, error_obj(Error), StatusTable, Channel, JobName, Module);
+report_status(StatusKey, AuditTimeOrKey, Status, StatusTable, Channel, JobName, Module) when is_map(Status) ->
+    AuditTime =
+    case AuditTimeOrKey of
+        {at, ATime} ->
+            ATime;
+        Key ->
+            get_key_audit_time(Channel, Key)
+    end,
+    report_status(Module, StatusTable, {Channel, StatusKey}, JobName, status_obj(AuditTime, Status)).
+
+worker_error(service, _Type, _Operation, _Msg) -> no_op;
+worker_error(job, Type, Operation, Msg) ->
+  job_error(Type, Operation, Msg).
+
+job_error(s, Operation, Msg) -> job_error(<<"sync">>, Operation, Msg);
+job_error(c, Operation, Msg) -> job_error(<<"cleanup">>, Operation, Msg);
+job_error(r, Operation, Msg) -> job_error(<<"refresh">>, Operation, Msg);
+job_error(i, Operation, Msg) -> job_error(<<"idle">>, Operation, Msg);
+job_error(f, Operation, Msg) -> job_error(<<"finish">>, Operation, Msg);
+job_error(undefined, Operation, Msg) -> job_error(<<"undefined">>, Operation, Msg);
+job_error(Type, Operation, Msg) ->
+    job_error(undefined, Type, Operation, Msg).
+
+job_error(Key, Type, Operation, Msg) when is_binary(Type), is_binary(Operation)->
+    JobName = binary_to_list(get(name)),
+    ErKey = if Key == undefined -> [JobName, ?NODE];
+               true -> [JobName, ?NODE, Key]
+    end,
+    case read_channel(?JOB_ERROR, ErKey) of
+        ?NOT_FOUND ->
+            Value = #{<<"TYPE">> => Type, 
+                      <<"OPERATION">> => Operation,
+                      <<"TIMESTAMP">> => imem_datatype:timestamp_to_io(imem_meta:time()),
+                      <<"MESSAGE">> => 
+                        if 
+                            is_binary(Msg) -> 
+                                case io_lib:printable_list(binary_to_list(Msg)) of
+                                    true -> Msg;
+                                    false -> list_to_binary(io_lib:format("~p", [Msg]))
+                                end;
+                            is_list(Msg) -> 
+                                case io_lib:printable_list(Msg) of
+                                    true -> list_to_binary(Msg);
+                                    false -> list_to_binary(lists:flatten(io_lib:format("~p", [Msg])))
+                                end;
+                            true ->
+                                list_to_binary(lists:flatten(io_lib:format("~p", [Msg])))
+                        end},
+            write_channel(?JOB_ERROR, ErKey, imem_json:encode(Value));
+        _ -> no_op
+    end.
+
+job_error_close() -> job_error_close(undefined).
+
+job_error_close(undefined) ->
+    remove_from_channel(?JOB_ERROR, [binary_to_list(get(name)), ?NODE]);
+job_error_close(Key) ->
+    remove_from_channel(?JOB_ERROR, [binary_to_list(get(name)), ?NODE, Key]).
+
+all_keys(Channel) when is_list(Channel) ->
+    all_keys(list_to_existing_atom(Channel));
+all_keys(Channel) when is_binary(Channel) ->
+    all_keys(binary_to_existing_atom(Channel, utf8));
+all_keys(Channel) when is_atom(Channel) ->
+    lists:map(
+      fun(K) -> sext:decode(K) end,
+      imem_meta:return_atomic(
+        imem_meta:transaction(fun mnesia:all_keys/1, [Channel]))
+     ).
+
+time_str(Time) ->
+    case Time div 1000 of
+        TimeMs when TimeMs > 1000 ->
+            integer_to_list(TimeMs div 1000)++"s";
+        TimeMs ->
+            integer_to_list(TimeMs)++"ms"
+    end.
+
+-spec ts_str(ddTimestamp() | ddTimeUID()) -> binary().
+ts_str(TimeStamp) -> imem_datatype:timestamp_to_io(TimeStamp).
+
+-spec safe_json_map(binary()) -> map().
+safe_json_map(Value) when is_binary(Value) ->
+    case catch imem_json:decode(Value, [return_maps]) of
+        {'EXIT', _} ->
+            imem_json:decode(
+              unicode:characters_to_binary(Value, latin1, utf8),
+              [return_maps]);
+        null -> null;
+        DecodedValue when is_map(DecodedValue) -> DecodedValue;
+        DecodedValue when is_list(DecodedValue) -> DecodedValue
+    end.
+
+-spec normalize_map(map()) -> map().
+normalize_map(Map) when is_map(Map)->
+    maps:map(
+        fun(_, V) when is_list(V) -> lists:sort(V);
+           (_, V) when is_map(V) -> normalize_map(V);
+           (_, V) -> V
+        end, Map);
+normalize_map(M) -> M.
+
+write_protected(Channel, Key, Prov, IsSamePlatform, Config, Type) ->
+    case re:run(Config, <<"(?i)dperl">>) of
+        nomatch ->
+            %% protectedConfig is target
+            case read_channel(Channel, Key) of
+                ?NOT_FOUND -> write_channel(Channel, Key, <<"null">>);
+                #{<<"AuditTime">> := _} -> write_channel(Channel, Key, <<"null">>);
+                _ -> no_op
+            end;
+        _ -> if IsSamePlatform == true -> read_check_write(Channel, Key, Prov, Type);
+                true -> no_op
+             end
+    end.
+
+maps_diff(Src, Dst) when is_map(Src), is_map(Dst) ->
+    DstKeys = maps:keys(Dst),
+    SrcKeys = maps:keys(Src),
+    if SrcKeys == DstKeys ->
+            lists:foldl(
+                fun(K, M) ->
+                    L = maps:get(K, Src, '$missing'),
+                    R = maps:get(K, Dst, '$missing'),
+                    if L /= R ->
+                           M#{K => #{local => L, remote => R}};
+                       true -> M
+                    end
+                end, #{}, DstKeys);
+       true -> 
+            #{localMissinKeys => SrcKeys -- DstKeys, remoteMissingKeys => DstKeys -- SrcKeys}
+    end.
+
+key_from_json([]) -> [];
+key_from_json([B | Key]) when is_binary(B) ->
+    [unicode:characters_to_list(B) | key_from_json(Key)];
+key_from_json([T | Key]) -> [T | key_from_json(Key)];
+key_from_json(KeyJson) when is_binary(KeyJson) ->
+    key_from_json(imem_json:decode(KeyJson)).
+
+-spec key_to_json(integer() | [list() | binary()]) -> [binary()] | binary().
+key_to_json(Key) when is_integer(Key) -> integer_to_binary(Key);
+key_to_json([]) -> [];
+key_to_json([L | Key]) when is_list(L) ->
+    [unicode:characters_to_binary(L) | key_to_json(Key)];
+key_to_json([K | Key]) ->
+    [K | key_to_json(Key)].
+
+-spec key_to_json_enc(integer() | [list() | binary()]) -> binary().
+key_to_json_enc(Key) when is_integer(Key) -> integer_to_binary(Key);
+key_to_json_enc(Key) when is_list(Key) ->
+    imem_json:encode(key_to_json(Key)).
+
+oci_opts(LogFun, Opts) ->
+    PState = {pstate, #{jname => get(jname)}},
+    [{logfun, LogFun} |
+     case proplists:get_value(ociOpts, Opts, '$none') of
+         '$none' ->
+             [{ociOpts, [{logging, true}, PState]} | Opts];
+         OciOpts ->
+             case proplists:get_value(logging, OciOpts, '$none') of
+                 '$none' ->
+                     [{ociOpts, [{logging, true}, PState | OciOpts]} | Opts];
+                 _ ->
+                     [{ociOpts, [PState | OciOpts]} | Opts]
+             end
+     end].
+
+oci_fetch_rows(Stmt, Limit) ->
+    case Stmt:fetch_rows(Limit) of
+        {{rows, []}, _} -> [];
+        {{rows, Rows}, true} -> Rows;
+        {{rows, Rows}, false} when length(Rows) >= Limit -> Rows;
+        {{rows, Rows}, false} when length(Rows) < Limit -> 
+            Rows ++ oci_fetch_rows(Stmt, Limit - length(Rows))
+    end.
+
+sort_links(Links) ->
+    lists:sort(fun(#{prio := A}, #{prio := B}) -> A < B end,
+               [L || #{use := true} = L <- Links]).
+
+-spec get_pool_name(tuple()) -> atom().
+get_pool_name(#dperlJob{name = Name, dstArgs = DstArgs}) ->
+    to_atom(maps:get(poolName, DstArgs, Name)).
+
+-spec get_pool_name(map(), term()) -> atom().
+get_pool_name(#{poolName := PoolName}, _Default) -> to_atom(PoolName);
+get_pool_name(_, Default) -> to_atom(Default).
+
+-spec to_atom(binary() | list() | atom()) -> atom().
+to_atom(Bin) when is_binary(Bin) -> binary_to_atom(Bin, utf8);
+to_atom(List) when is_list(List) -> list_to_atom(List);
+to_atom(Atom) when is_atom(Atom) -> Atom.
+
+-spec to_binary(binary() | list() | atom()) -> binary().
+to_binary(List) when is_list(List) ->
+    list_to_binary(List);
+to_binary(Atom) when is_atom(Atom) ->
+    atom_to_binary(Atom, utf8);
+to_binary(Bin) when is_binary(Bin) ->
+    Bin.
+
+-spec remote_dal(tuple(), atom(), list()) -> term(). 
+remote_dal(Session, Fun, Args) ->
+    case catch Session:run_cmd(dal_exec, [imem_dal_skvh, Fun, Args]) of
+        {ok, Result} -> {ok, Result};
+        {'EXIT', Error} ->
+            ?JError("imem_dal_skvh:~p(~p). Error : ~p", [Fun, Args, Error]),
+            throw(Error);
+        {error, {{_, Error}, _}} ->
+            ?JError("imem_dal_skvh:~p(~p). Error : ~p", [Fun, Args, Error]),
+            throw(element(1, Error));
+        Error when is_tuple(Error) -> 
+            ?JError("imem_dal_skvh:~p(~p). Error : ~p", [Fun, Args, Error]),
+            throw(Error);
+        Result -> Result
+    end.
+
+-spec run_oci_stmt(tuple(), tuple(), integer()) -> list() | tuple().
+run_oci_stmt(Stmt, Params, Limit) ->
+    case catch Stmt:exec_stmt([Params]) of
+        {cols, _} ->
+            dperl_dal:oci_fetch_rows(Stmt, Limit);
+        Error ->
+            ?JError("Error processing result: ~p", [Error]),
+            {error, Error}
+    end.
+
+-spec activity_logger(map(), list(), list()) -> ok.
+activity_logger(StatusCtx, Name, Extra) ->
+    case global:whereis_name(Name) of
+        undefined ->
+            SInterval = ?STATUS_INTERVAL,
+            SFile = ?STATUS_FILE,
+            {ok, HostName} = inet:gethostname(),
+            Pid = spawn_link(
+                fun() ->
+                    log_activity(StatusCtx, HostName, SFile, Extra, SInterval)
+                end),
+            global:register_name(Name, Pid),
+            ?JInfo("activity logger started for ~p ~p", [Name, Pid]);
+        Pid ->
+            ?JDebug("activity logger already running ~p", [Pid])
+    end.
+
+%%------------------------------------------------------------------------------
+%% private
+%%------------------------------------------------------------------------------
+
+-spec error_obj(term()) -> #{error => binary()}.
+error_obj(Error) when is_binary(Error) ->
+    #{error => Error};
+error_obj(Error) when is_list(Error) ->
+    error_obj(list_to_binary(Error));
+error_obj(Error) ->
+    error_obj(imem_datatype:term_to_io(Error)).
+
+-spec status_obj(list() | tuple() | undefined, map()) -> map().
+status_obj(AuditTime, Status) when is_tuple(AuditTime) ->
+    status_obj(tuple_to_list(AuditTime), Status);
+status_obj(AuditTime, Status) when is_map(Status) ->
+    Status#{auditTime => AuditTime}.
+
+-spec get_key_audit_time(binary(), term()) -> ddTimestamp() | undefined.
+get_key_audit_time(Channel, Key) ->
+    case catch read_channel(Channel, Key) of
+        #{<<"AuditTime">> := AuditTime} ->
+            AuditTime;
+        _ ->
+            undefined
+    end.
+
+log_activity(Ctx, HostName, SFile, Extra, SInterval) ->
+    erlang:send_after(SInterval, self(), write_status),
+    receive
+        write_status ->
+            <<D:2/binary,".", M:2/binary, ".", Y:4/binary, " ", H:2/binary,
+              ":", Mi:2/binary, ":",  S:2/binary, _/binary>> = 
+                imem_datatype:timestamp_to_io(imem_meta:time()),
+            % timestamp format 2019-01-10 17:43:01
+            Time = [Y, "-", M, "-", D, " ", H, ":", Mi, ":", S],
+            Data = [HostName, "\n", Time, "\n", Extra, "\n"],
+            imem_file:write_file(Ctx, SFile, Data, 3000),
+            log_activity(Ctx, HostName, SFile, Extra, SInterval)
+    end.
+
+%-------------------------------------------------------------------------------
+% TESTS
+%-------------------------------------------------------------------------------
+
+-ifdef(TEST).
+
+-include_lib("eunit/include/eunit.hrl").
+
+all_test_() ->
+    {inparallel,
+        [ {"key from json", ?_assertEqual(["test", 1234], key_from_json(<<"[\"test\", 1234]">>))}
+        , {"key to json", ?_assertEqual([<<"test">>, 1234], key_to_json(["test", 1234]))}
+        , {"key to json int", ?_assertEqual(<<"0">>, key_to_json(0))}
+        , {"key to json enc", ?_assertEqual(<<"[\"test\",1234]">>, key_to_json_enc(["test", 1234]))}
+        , {"key to json enc int", ?_assertEqual(<<"0">>, key_to_json_enc(0))}
+        ]
+    }.
+
+-endif.
diff --git a/src/dperl_metrics.erl b/src/dperl_metrics.erl
new file mode 100644
index 00000000..4fae5edc
--- /dev/null
+++ b/src/dperl_metrics.erl
@@ -0,0 +1,396 @@
+-module(dperl_metrics).
+
+-include("dperl.hrl").
+-include("dperl_status.hrl").
+
+-behaviour(imem_gen_metrics).
+
+-export([start_link/0,get_metric/1,get_metric/2,request_metric/3,get_metric_direct/1]).
+
+-export([init/0,handle_metric_req/3,request_metric/1, terminate/2]).
+
+-export([mbsKey/2,ramsKey/2,mproKey/2,intKey/2]).
+
+-safe([get_metric/1, get_metric_direct/1]).
+
+-spec start_link() -> {ok, pid()} | {error, term()}.
+start_link() ->
+    imem_gen_metrics:start_link(?MODULE).
+
+-spec get_metric(term()) -> term().
+get_metric(MetricKey) ->
+    imem_gen_metrics:get_metric(?MODULE, MetricKey).
+
+-spec get_metric(term(), integer()) -> term().
+get_metric(MetricKey, Timeout) ->
+    imem_gen_metrics:get_metric(?MODULE, MetricKey, Timeout).
+
+-spec request_metric(term(), term(), pid()) -> term().
+request_metric(MetricKey, ReqRef, ReplyTo) ->
+    imem_gen_metrics:request_metric(?MODULE, MetricKey, ReqRef, ReplyTo).
+
+-spec get_metric_direct(term()) -> term().
+get_metric_direct(job_down_count) ->
+    Exclusions = lists:usort(?JOB_DOWN_NAME_EXCLUSIONS ++ modules_to_jobs(?JOB_DOWN_MOD_EXCLUSIONS)),
+    job_down_count(Exclusions);
+get_metric_direct(job_error_count) ->
+    Exclusions = lists:usort(?JOB_ERROR_NAME_EXCLUSIONS ++ modules_to_jobs(?JOB_ERROR_MOD_EXCLUSIONS)),
+    job_error_count(Exclusions);
+get_metric_direct(UnknownMetric) ->
+    ?Error("Unknown metric requested direct ~p", [UnknownMetric]),
+    undefined.
+
+-spec request_metric(term()) -> noreply | {ok, term()}.
+request_metric({focus, "shortid", ShortIdStr}) ->
+    case catch list_to_integer(ShortIdStr) of
+        {'EXIT', _Error} -> {ok, {error, user_input}};
+        _ -> noreply
+    end;
+request_metric(_) -> noreply.
+
+%% imem_gen_metrics callback
+init() -> {ok, undefined}.
+
+handle_metric_req({jobs, ExcludedJobs}, ReplyFun, State) ->
+    ReplyFun(process_jobs(imem_meta:dirty_read(dperlJob), ExcludedJobs)),
+    State;
+handle_metric_req({job_status, ExcludedJobs}, ReplyFun, State) ->
+    ReplyFun(process_status(imem_meta:dirty_read(?JOBDYN_TABLE), ExcludedJobs)),
+    State;
+handle_metric_req({errors, ExcludedJobs}, ReplyFun, State) ->
+    ReplyFun(process_errors(dperl_dal:read_gt(?JOB_ERROR, {}, 1000), ExcludedJobs)),
+    State;
+handle_metric_req({job_down_count, ExcludedJobs}, ReplyFun, State) ->
+    JobDownCount = job_down_count([list_to_bin(J) || J <- get_ignored_jobs(ExcludedJobs)]),
+    ReplyFun(JobDownCount),
+    State;
+handle_metric_req({job_error_count, ExcludedJobs}, ReplyFun, State) ->
+    JobErrorCount = job_error_count([list_to_bin(J) || J <- get_ignored_jobs(ExcludedJobs)]),
+    ReplyFun(JobErrorCount),
+    State;
+handle_metric_req({focus, "shortid", ShortId}, ReplyFun, State) when is_list(ShortId) ->
+    Result = maps:fold(
+        fun(Chn, Fun, Acc) when is_list(Chn), is_atom(Fun) ->
+            case not erlang:function_exported(?MODULE, Fun, 2) orelse
+                 ?MODULE:Fun("shortid", ShortId) of
+                true -> Acc;
+                {API, Keys} ->
+                    case catch dperl_dal:API(Chn, Keys) of
+                        Values when is_list(Values) ->
+                            [#{ckey =>
+                              ["focus", "cluster", ["shortid", ShortId],
+                               [Chn,
+                                if is_list(CKey) ->
+                                       [if is_atom(CK) -> atom_to_list(CK);
+                                           true -> CK
+                                        end || CK <- CKey];
+                                   true -> CKey
+                                end]],
+                              cvalue => CVal}
+                            || #{ckey := CKey, cvalue := CVal} <- Values] ++ Acc;
+                        _ -> Acc
+                    end;
+                nomatch -> Acc;
+                _Error -> Acc
+            end;
+           (_, _, Acc) -> Acc
+        end, [], ?GET_FOCUS("shortid")),
+    ReplyFun(Result),
+    State;
+handle_metric_req({focus, "shortid", _ShortId}, ReplyFun, State) ->
+    ?Warn("ShortId has to be a list"),
+    ReplyFun([]),
+    State;
+%% aggregator metrics
+handle_metric_req({agr, AgrMetric, Channel}, ReplyFun, State) when Channel == [] ->
+    ?JError("Channel cannot be empty for aggregator metric : ~p", [AgrMetric]),
+    ReplyFun(undefined),
+    State;
+handle_metric_req({agr, AgrMetric, Channel}, ReplyFun, State) when is_list(Channel) ->
+    handle_metric_req({agr, AgrMetric, list_to_bin(Channel)}, ReplyFun, State);
+handle_metric_req({agr, AgrMetric, Channel}, ReplyFun, State) when is_binary(Channel) ->
+    ReplyFun(fetch_metric(AgrMetric, Channel)),
+    State;
+handle_metric_req(UnknownMetric, ReplyFun, State) ->
+    ?Error("Unknown metric requested ~p when state ~p", [UnknownMetric, State]),
+    ReplyFun({error, unknown_metric}),
+    State.
+
+terminate(_Reason, _State) -> ok.
+
+%% Helper functions
+mbsKey("shortid", [I|_] = ShortId) when I >= $0, I =< $9 ->
+    {read_siblings, [[ShortId,[]]]};
+mbsKey("shortid", SubKey) ->
+    case re:split(SubKey, "-", [{return, list}]) of
+        [_,_,[I|_] = ShortId|_] when I >= $0, I =< $9 ->
+            {read_channel_raw, [[ShortId,SubKey]]};
+        _ -> nomatch
+    end.
+
+ramsKey("shortid", [I|_] = ShortId) when I >= $0, I =< $9 ->
+    {read_siblings, [[ShortId,[]]]}.
+
+intKey("shortid", ShortIdStr) when is_list(ShortIdStr) ->
+    case catch list_to_integer(ShortIdStr) of
+        ShortId when is_integer(ShortId) ->
+            {read_channel_raw, [ShortId]};
+        _ -> nomatch
+    end.
+
+mproKey("shortid", ShortIdStr) when is_list(ShortIdStr) ->
+    case catch list_to_integer(ShortIdStr) of
+        ShortId when is_integer(ShortId) ->
+            {read_channel_raw, [[P,ShortId] || P <- [smpp, tpi]]};
+        _ -> nomatch
+    end.
+
+-spec process_jobs([#dperlJob{}], list()) -> [map()].
+process_jobs(Jobs, ExcludedJobs) ->
+    process_jobs(Jobs, get_ignored_jobs(ExcludedJobs), ?JOB_DESCRIPTIONS).
+
+-spec process_jobs([#dperlJob{}], list(), map()) -> [map()].
+process_jobs([], _, _) -> [];
+process_jobs([#dperlJob{name = Name, module = Module, args = Args,
+                       srcArgs = SrcArgs, dstArgs = DstArgs, running = Running,
+                       enabled = Enabled, plan = Plan, nodes = Nodes,
+                       opts = Opts} | Rest], IgnoredJobs, JobDescriptions) ->
+    {Channel, Direction} = case DstArgs of
+        #{channel := DstChannel} -> {DstChannel, pull};
+        _ -> case SrcArgs of
+            #{channel := SrcChannel} -> {SrcChannel, push};
+            _ -> {"none", push}
+        end
+    end,
+    case is_ignored_job(Name, IgnoredJobs) of
+        true -> process_jobs(Rest, IgnoredJobs, JobDescriptions);
+        false ->
+                JobName = bin_to_list(Name),
+                Label = case Args of
+                    #{label := L} when is_list(L) -> list_to_bin(L);
+                    #{label := L} when is_binary(L) -> L;
+                    _ -> <<>>
+                end,
+                Desc = maps:get(Label, JobDescriptions, <<>>),
+                Value = #{module => Module, args => to_json(Args), srcArgs => to_json(SrcArgs),
+                          dstArgs => to_json(DstArgs), enabled => Enabled, plan => Plan,
+                          nodes => Nodes, opts => Opts, channel => list_to_bin(Channel),
+                          direction => Direction, running => Running, platform => Label,
+                          desc => Desc},
+                [{JobName, Value} | process_jobs(Rest, IgnoredJobs, JobDescriptions)]
+    end.
+
+-spec process_status([#dperlNodeJobDyn{}], list()) -> [map()].
+process_status(Statuses, ExcludedJobs) ->
+    process_status(Statuses, get_ignored_jobs(ExcludedJobs), []).
+
+-spec process_status([#dperlNodeJobDyn{}], list(), list()) -> [map()].
+process_status([], _, Acc) -> Acc;
+process_status([#dperlNodeJobDyn{name = Name, state = State, statusTime = StatusTime,
+                                status = Status} | Rest], IgnoredJobs, Acc) ->
+    case is_ignored_job(Name, IgnoredJobs) of
+        false ->
+            case is_status_timed_out(StatusTime) of
+                false ->
+                    JobName = bin_to_list(Name),
+                    Value = #{status => Status,
+                              state => to_json(State)},
+                    process_status(Rest, IgnoredJobs, [{JobName, Value} | Acc]);
+                true -> process_status(Rest, IgnoredJobs, Acc)
+            end;
+        true -> process_status(Rest, IgnoredJobs, Acc)
+    end.
+
+-spec process_errors([{term(), map()}], list()) -> [map()].
+process_errors(Errors, ExcludedJobs) -> process_errors(Errors, get_ignored_jobs(ExcludedJobs), []).
+
+-spec process_errors([{term(), map()}], list(), list()) -> [map()].
+process_errors([], _, Acc) -> Acc;
+process_errors([{ErrorKey, Value} | Rest], IgnoredJobs, Acc) ->
+    %% TODO: What to do when ErrorKey doesn't match ?...
+    NewAcc =
+    case ErrorKey of
+        [Job, Node] ->
+            case is_ignored_job(Job, IgnoredJobs) of
+                false ->
+                    [{[Job, Node], Value} | Acc];
+                true -> Acc
+            end;
+        [Job, Node, ErrorId] ->
+            case is_ignored_job(Job, IgnoredJobs) of
+                false ->
+                    Key = [Job, Node, ensure_json(ErrorId)],
+                    [{Key, Value} | Acc];
+                true -> Acc
+            end;
+        InvalidErrorKey ->
+            ?Error("Invalid error key processing errors: ~p", [InvalidErrorKey]),
+            Acc
+    end,
+    process_errors(Rest, IgnoredJobs, NewAcc).
+
+-spec job_error_count(list()) -> integer().
+job_error_count(NameExclusions) ->
+    case imem_meta:select(?JOBDYN_TABLE, [{#dperlNodeJobDyn{status = error,
+                                    statusTime = '$1', name ='$2', _ = '_'}, [], [{{'$1', '$2'}}]}]) of
+        {[], true} -> 0;
+        {Infos, true} ->
+           lists:foldl(fun({StatusTime, Name}, Acc) ->
+                case is_status_timed_out(StatusTime) of
+                    true  -> Acc;
+                    false -> 
+                        case lists:member(Name, NameExclusions) of
+                            false -> Acc + 1;
+                            true -> Acc
+                        end
+                end
+            end, 0, Infos)
+    end.
+
+-spec job_down_count(list()) -> integer().
+job_down_count(NameExclusions) ->
+    case imem_meta:select(dperlJob, [{#dperlJob{name ='$1', plan = '$2', nodes = '$3', _ = '_'}, [], [{{'$1', '$2', '$3'}}]}]) of
+        {[], true} -> 0;
+        {JobPlans, true} ->
+            lists:foldl(
+                fun({JobName, Plan, Nodes}, Acc) ->
+                        case not lists:member(JobName, NameExclusions) of
+                            true -> case job_down_count_i(JobName, Plan, Nodes) of
+                                        true -> Acc + 1;
+                                        false -> Acc
+                                    end;
+                            false -> Acc
+                        end
+                end, 0, JobPlans)
+    end.
+
+-spec job_down_condition(binary()) -> boolean().
+job_down_condition(JobName) when is_binary(JobName) ->
+    case imem_meta:select(dperlJob, [{#dperlJob{enabled = '$1', name = JobName, _ = '_'}, [], ['$1']}]) of
+        {[], true} -> false;
+        {[IsEnabled], true} -> IsEnabled
+    end.
+
+job_down_count_i(JobName, _Plan, []) -> not job_down_condition(JobName);
+job_down_count_i(JobName, on_all_nodes, Nodes) ->
+    (not job_down_condition(JobName)) andalso lists:member(node(), Nodes);
+job_down_count_i(JobName, _Plan, Nodes) ->
+    (not job_down_condition(JobName)) andalso node() == hd(Nodes).
+
+to_json(Map) when is_map(Map) ->
+    maps:map(fun(password, _V) -> <<"*****">>;
+                (_K, V) when is_map(V) -> to_json(V);
+                (_K, V) when is_tuple(V) -> 
+                    case catch to_epoch(V) of
+                        {'EXIT', _} -> tuple_to_list(V);
+                        Epoch -> Epoch
+                    end;
+                (_K, V) when is_list(V) -> 
+                    case catch format_list(V) of
+                        {'EXIT', _} -> iolist_to_binary(io_lib:format("~p", [V]));
+                        L -> L
+                    end;
+                (_K, V) -> V
+             end, Map);
+to_json(Term) -> Term.
+
+format_list(List) ->
+    case io_lib:printable_list(List) of
+        true -> list_to_bin(List);
+        false ->
+            lists:map(fun(L) when is_map(L) -> to_json(L);
+                         (L) when is_tuple(L) -> format_list(tuple_to_list(L));
+                         (L) when is_list(L) -> format_list(L);
+                         (<<>>) -> null;
+                         (L) -> L
+                      end, List)
+    end.
+
+to_epoch({_, T}) -> to_epoch(T);
+to_epoch({Mega, Sec, _}) -> (Mega * 1000000) + Sec.
+
+ensure_json(Value) when is_binary(Value) -> bin_to_list(Value);
+ensure_json(Value) when is_atom(Value) -> atom_to_list(Value);
+ensure_json(Value) -> Value.
+
+is_ignored_job(JobName, IgnoredJobs) when is_binary(JobName) ->
+    is_ignored_job(bin_to_list(JobName), IgnoredJobs);
+is_ignored_job(JobName, IgnoredJobs) when is_list(JobName) ->
+    lists:member(JobName, IgnoredJobs).
+
+get_ignored_jobs(ExcludedJobs) ->
+    {NeverRunJobs, true} = imem_meta:select(dperlJob, [{#dperlJob{running = undefined,
+                                    name = '$1', _ = '_'}, [], ['$1']}]),
+    lists:usort(?GET_IGNORED_JOBS_LIST ++ [bin_to_list(J) || J <- NeverRunJobs] ++ ExcludedJobs).
+
+is_status_timed_out(StatusTime) ->
+    imem_datatype:musec_diff(StatusTime) > ?JOB_DYN_STATUS_TIMEOUT.
+
+modules_to_jobs([]) -> [];
+modules_to_jobs(Modules) ->
+    lists:foldl(
+        fun(Mod, Acc) ->
+            {Jobs, true} = imem_meta:select(dperlJob, [{#dperlJob{module = Mod, name = '$1', _ = '_'}, [], ['$1']}]),
+            Jobs ++ Acc
+        end, [], Modules).
+
+fetch_metric(node_memory, Channel) ->
+    FoldFun =
+        fun(#{ckey := [_, _, _, "system_info", Node, "system_info", "node_status"],
+              cvalue := #{free_memory := FreeMemory, total_memory := TotalMemory}}, Acc) ->
+                Acc#{list_to_atom(Node) => #{free_memory => FreeMemory, total_memory => TotalMemory}};
+           (_, Acc) -> Acc
+        end,
+    fold_table(Channel, FoldFun);
+fetch_metric(error_count, Channel) ->
+    FoldFun =
+        fun(#{ckey := [_, _, _, "system_info", Node, "system_info", "job_error_count"],
+              cvalue := #{job_error_count := Count}}, Acc) ->
+                Acc#{list_to_atom(Node) => Count};
+           (_, Acc) -> Acc
+        end,
+        fold_table(Channel, FoldFun);
+fetch_metric(heartbeat, Channel) ->
+    FoldFun =
+        fun(#{ckey := [_, _, _, "system_info", Node, "system_info", "heartbeat"],
+              cvalue := #{time := Time}}, Acc) ->
+                Acc#{list_to_atom(Node) => Time};
+           (_, Acc) -> Acc
+        end,
+        fold_table(Channel, FoldFun);
+fetch_metric(node_error, Channel) ->
+    FoldFun =
+        fun(#{ckey := [_, _, _, "system_info", Node, "error", _Type], cvalue := #{error := Error}}, Acc) ->
+                Acc#{list_to_atom(Node) => Error};
+           (_, Acc) -> Acc
+        end,
+    fold_table(Channel, FoldFun).
+
+fold_table(Channel, FoldFun) ->
+    TableName = imem_dal_skvh:atom_table_name(<<Channel/binary, ?AGGR/binary>>),
+    TransactionFun = 
+        fun() ->
+            FirstKey = imem_meta:first(TableName),
+            fold_table(TableName, FirstKey, FoldFun, #{})
+        end,
+    case imem_meta:transaction(TransactionFun) of
+        {atomic, Result} -> Result;
+        ErrorResult -> 
+            ?JError("Error fetching rows, result: ~p", [ErrorResult])
+    end.
+
+fold_table(_Table, '$end_of_table', _FoldFun, Acc) -> Acc;
+fold_table(Table, CurKey, FoldFun, Acc) ->
+    [RawRow] = imem_meta:read(Table, CurKey),
+    RowMap = imem_dal_skvh:skvh_rec_to_map(RawRow),
+    NewAcc = FoldFun(RowMap, Acc),
+    NextKey = imem_meta:next(Table, CurKey),
+    fold_table(Table, NextKey, FoldFun, NewAcc).
+
+-spec bin_to_list(binary() | list()) -> list().
+bin_to_list(L) when is_list(L) -> L;
+bin_to_list(B) -> binary_to_list(B).
+
+-spec list_to_bin(binary() | list()) -> binary().
+list_to_bin(B) when is_binary(B) -> B;
+list_to_bin(L) -> list_to_binary(L).
\ No newline at end of file
diff --git a/src/dperl_ora.erl b/src/dperl_ora.erl
new file mode 100644
index 00000000..0936d039
--- /dev/null
+++ b/src/dperl_ora.erl
@@ -0,0 +1,703 @@
+-module(dperl_ora).
+
+-include("dperl_ora.hrl").
+
+-behavior(dperl_worker).
+-behavior(cowboy_middleware).
+-behavior(cowboy_loop).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2, get_status/1, init_state/1]).
+
+-record(state, {name, resource, baseUrl, active_link = 1, stmt_profile_del,
+                stmt_ts_get, stmt_ts_post, stmt_ts_put, stmt_ts_reset,
+                stmt_ts_revert, stmt_bar_get, stmt_bar_put, stmt_bar_post,
+                pool, c_whitelist = #{}, listeners = [], tenants = #{}, port,
+                close_statement = [], close_session = [], dynstate = #{}}).
+
+% cowboy rest exports
+-export([init/2, info/3, execute/2]).
+
+-define(API_VERSION, "1.0.0").
+
+init_state(_) -> #state{}.
+
+get_status(#state{dynstate = DynState}) -> DynState.
+
+init({#dperlService{name = SName, args = Args, resource = Resource,
+                   interface = Interface},
+      State}) ->
+    case init_resources(
+           Resource,
+           State#state{name = SName, resource = Resource,
+                       dynstate = #{start => imem_meta:time(), req => 0,
+                                    error => #{}}}) of
+        {ok, State1} ->
+            Interface1 = maps:merge(Interface, Args),
+            case init_interface(Interface1, State1) of
+                {ok, State2} ->
+                    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
+                    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
+                    dperl_dal:update_service_dyn(
+                      State2#state.name, State2#state.dynstate,
+                      ?SERVICE_ACTIVE_THRESHOLD(SName), ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+                    {ok, State2};
+                Error ->
+                    erlocipool:del(State1#state.pool),
+                    {stop, Error}
+            end;
+        Error -> {stop, Error}
+    end;
+init({Args, _}) ->
+    ?SError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?SWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+% common
+handle_cast(#{operation := {profile, delete}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_profile_del = ProfileDelStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_profile_del, ProfileDelStmt},
+                    [Tenant, Msisdn, Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% topstopper
+handle_cast(#{operation := {topstopper, get}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant}, State) ->
+    Resp = db_call({stmt_ts_get, State#state.stmt_ts_get}, [Tenant, Msisdn]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, post}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_ts_post = TsPostStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_ts_post, TsPostStmt}, [Tenant, Msisdn, Requestor,
+                                                Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, put}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor,
+                        <<"type">> := Type,
+                        <<"limit">> := Limit}},
+            #state{stmt_ts_put = TsPutStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso 
+       (Limit >= -1 andalso Limit =< 100000) ->
+    Resp = db_call({stmt_ts_put, TsPutStmt},
+                   [Tenant, Msisdn, Type,
+                    dderloci_utils:oranumber_encode(
+                      list_to_binary(io_lib:format("~p", [Limit]))),
+                    Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, reset}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                       <<"requestor">> := Requestor,
+                       <<"type">> := Type}},
+            #state{stmt_ts_reset = TsResetStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
+    Resp = db_call({stmt_ts_reset, TsResetStmt}, [Tenant, Msisdn, Type,
+                                                  Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, revert}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor,
+                        <<"type">> := Type}},
+            #state{stmt_ts_revert = TsRevertStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
+    Resp = db_call({stmt_ts_revert, TsRevertStmt}, [Tenant, Msisdn, Type,
+                                                    Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% barring
+handle_cast(#{operation := {barring, get}, reply := RespPid, 
+              msisdn := Msisdn, tenant := Tenant}, State) ->
+    Resp = db_call({stmt_bar_get, State#state.stmt_bar_get}, [Tenant, Msisdn]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {barring, post}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_bar_post = BarPostStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_bar_post, BarPostStmt}, [Tenant, Msisdn, Comment, Requestor]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {barring, put}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"type">> := Type, <<"barring">> := Barring,
+                        <<"comment">> := Comment, <<"requestor">> := Requestor}},
+            #state{stmt_bar_put = BarPutStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso
+       (Barring == 0 orelse Barring == 6 orelse Barring == 9) ->
+    Resp = db_call({stmt_bar_put, BarPutStmt}, [Tenant, Msisdn, Type, Barring, Comment, Requestor]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% 
+handle_cast(#{reply := RespPid}, State) ->
+    RespPid ! {reply, bad_req},
+    {noreply, State};
+handle_cast(Request, State) ->
+    ?SWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+-define(STMT_REBUILD(__SQL, __BINDS, __POOL, __STMT, __STATE),
+        (__STATE#state.__STMT):close(),
+        __STATE#state{__STMT = create_stmt(__POOL, __SQL, __BINDS)}).
+
+handle_info(update_dyn, #state{dynstate = Ds, name = SName} = State) ->
+    dperl_dal:update_service_dyn(
+      State#state.name, Ds, ?SERVICE_ACTIVE_THRESHOLD(SName),
+      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
+    {noreply, State};
+handle_info(reset_dyn, #state{name = SName} = State) ->
+    NewDynState = (State#state.dynstate)#{req => 0, error => #{}},
+    dperl_dal:update_service_dyn(
+      State#state.name, NewDynState, ?SERVICE_ACTIVE_THRESHOLD(SName),
+      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
+    {noreply, State#state{dynstate = NewDynState}};
+handle_info({error, StmtType, Code, Message},
+            #state{close_session = CloseSessionsErrors, listeners = Listeners,
+                   close_statement = CloseStatementErrors, port = Port,
+                   name = SName, pool = Pool} = State) ->
+    case lists:member(Code, CloseStatementErrors) of
+        true ->
+            ?SError("statement rebuild : ORA-~p ~s", [Code, Message]),
+            {noreply,
+             case StmtType of
+                 stmt_profile_del ->
+                     ?STMT_REBUILD(?PROFILE_DELETE_SQL,
+                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+                                   Pool, stmt_profile_del, State);
+                 stmt_ts_get ->
+                     ?STMT_REBUILD(?TOPSTOPPER_GET_SQL,
+                                   ?TOPSTOPPER_BARRING_GET_BINDS,
+                                   Pool, stmt_ts_get, State);
+                 stmt_ts_post ->
+                     ?STMT_REBUILD(?TOPSTOPPER_POST_SQL,
+                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+                                   Pool, stmt_ts_post, State);
+                 stmt_ts_put -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_PUT_SQL,
+                                   ?TOPSTOPPER_PUT_BINDS,
+                                   Pool, stmt_ts_put, State);
+                 stmt_ts_reset -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_RESET_SQL,
+                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
+                                   Pool, stmt_ts_reset, State);
+                 stmt_ts_revert -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_REVERT_SQL,
+                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
+                                   Pool, stmt_ts_revert, State);
+                 stmt_bar_get ->
+                     ?STMT_REBUILD(?BARRING_GET_SQL,
+                                   ?TOPSTOPPER_BARRING_GET_BINDS,
+                                   Pool, stmt_bar_get, State);
+                 stmt_bar_post ->
+                     ?STMT_REBUILD(?BARRING_POST_SQL,
+                                   ?BARRING_POST_BINDS,
+                                   Pool, stmt_bar_post, State);
+                 stmt_bar_put ->
+                     ?STMT_REBUILD(?BARRING_PUT_SQL,
+                                   ?BARRING_PUT_BINDS,
+                                   Pool, stmt_bar_put, State)
+             end};
+        _ ->
+            case lists:member(Code, CloseSessionsErrors) of
+                true ->
+                    ?SError("pool restart ORA-~p ~s", [Code, Message]),
+                    lists:map(
+                      fun(Ip) ->
+                              case catch ranch:set_max_connections(
+                                     {Ip, Port}, 0) of
+                                  ok -> ok;
+                                  Error ->
+                                      ?SError("stop accept ~p on port ~p : ~p",
+                                              [Ip, Port, Error])
+                              end
+                      end, Listeners),
+                    erlocipool:del(Pool),
+                    case init_resources(State#state.resource, State) of
+                        {ok, State1} ->
+                            lists:map(
+                              fun(Ip) ->
+                                      case catch ranch:set_max_connections(
+                                             {Ip, Port}, ?SERVICE_MAXCONNS(SName)) of
+                                          ok -> ok;
+                                          Error ->
+                                              ?SError("start accept ~p on port ~p : ~p",
+                                                      [Ip, Port, Error])
+                                      end
+                              end, Listeners),
+                            {noreply, State1};
+                        Error -> {stop, {resource,  Error}, State}
+                    end;
+                _ ->
+                    ?SError("Unhandled ~p : ~s", [Code, Message]),
+                    {noreply, State}
+            end
+    end;
+handle_info(count_request, #state{dynstate = Ds} = State) ->
+    NewDs = Ds#{req => maps:get(req, Ds, 0) + 1},
+    {noreply, State#state{dynstate = NewDs}};
+handle_info({count_error, HttpRInt},
+            #state{dynstate = #{error := Error} = Ds} = State) ->
+    NewDs = Ds#{error => Error#{HttpRInt => maps:get(HttpRInt, Error, 0) + 1}},
+    {noreply, State#state{dynstate = NewDs}};
+handle_info(stop, State) ->
+    {stop, normal, State};
+handle_info(Request, State) ->
+    ?SWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, #state{listeners = Listeners, port = Port, pool = Pool}) ->
+    erlocipool:del(Pool),
+    stop_listeners(Reason, Listeners, Port),
+    ?SInfo("terminate ~p", [Reason]).
+
+code_change(OldVsn, State, Extra) ->
+    ?SInfo("code_change ~p: ~p", [OldVsn, Extra]),
+    {ok, State}.
+
+format_status(Opt, [PDict, State]) ->
+    ?SInfo("format_status ~p: ~p", [Opt, PDict]),
+    State.
+
+db_call({StmtType, Stmt}, Params) ->
+    self() ! count_request,
+    case Stmt:exec_stmt([list_to_tuple([?RESP_BUFFER|Params])]) of
+        {executed, _, [{_,<<"{\"errorCode\":",_:8,HttpR:3/binary,_/binary>>=Resp}]} ->
+            HttpRInt = binary_to_integer(HttpR),
+            if HttpRInt >= 400 andalso HttpRInt < 500 ->
+                   ?SInfo("~p: ~s", [HttpRInt, Resp]);
+               HttpRInt >= 500 ->
+                   ?SWarn("~p: ~s", [HttpRInt, Resp])
+            end,
+            self() ! {count_error, HttpRInt},
+            {HttpRInt, Resp};
+        {executed, _, [{_,Resp}]} -> {200, Resp};
+        {error, {Code, Message}} ->
+            self() ! {error, StmtType, Code, Message},
+            {500,
+              #{errorCode => 2500,
+                errorMessage => <<"Internal Server Error">>,
+                errorDetails => Message}};
+        {error, Reason} ->
+            ?SError("~p (~p) : ~p", [StmtType, Params, Reason]),
+            self() ! stop,
+            {500,
+              #{errorCode => 2500,
+                errorMessage => <<"Internal Server Error">>,
+                errorDetails => <<"See server error logs for details">>}}
+    end.
+
+init_interface(#{baseUrl := BaseUrl, commonWhitelist := CWhiteList,
+                 listenerAddresses := LAddresses, tenants := Tenants,
+                 port := Port, ssl := #{cert := Cert, key := Key}} = Intf,
+               #state{name = SName} = State) ->
+    MaxAcceptors = maps:get(max_acceptors, Intf, ?SERVICE_MAXACCEPTORS(SName)),
+    MaxConnections = maps:get(max_connections, Intf, ?SERVICE_MAXCONNS(SName)),
+    Opts = #{resource => self(), whitelist => maps:keys(CWhiteList),
+             tenants => Tenants, name => State#state.name},
+    FilteredListenerIps = local_ips(LAddresses),
+    Base =
+    case hd(BaseUrl) of
+        $/ -> BaseUrl;
+        _ -> "/" ++ BaseUrl
+    end,
+    try
+        lists:map(fun(Ip) ->
+            Dispatch =
+            cowboy_router:compile(
+                [{'_',
+                 [{Base++"/swagger/", ?MODULE, {swagger, Base, SName}},
+                  {Base++"/swagger/brand.json", cowboy_static, {priv_file, dperl, "brand.json"}},
+                  {Base++"/swagger/swisscom.png", cowboy_static, {priv_file, dperl, "swisscom.png"}},
+                  {Base++"/swagger/[...]", cowboy_static, {swagger_static, SName}},
+                  {Base++"/" ++ ?SERVICE_PROBE_URL(SName), ?MODULE, {'$probe', SName}},
+                  {Base, ?MODULE, {spec, SName}},
+                  {Base++"/:class/:msisdn", [{class, fun class_constraint/2}], ?MODULE, Opts},
+                  {Base++"/:msisdn", ?MODULE, Opts}
+                 ]}]
+            ),
+            TransOpts = [{ip, Ip}, {port, Port},
+                         {num_acceptors, MaxAcceptors},
+                         {max_connections, MaxConnections},
+                         {versions, ['tlsv1.2','tlsv1.1',tlsv1]}
+                         | imem_server:get_cert_key(Cert)
+                         ++ imem_server:get_cert_key(Key)],
+            ProtoOpts = #{env => #{dispatch => Dispatch},
+                          middlewares => [cowboy_router, ?MODULE, cowboy_handler],
+                          stream_handlers => [cowboy_compress_h, cowboy_stream_h]},
+            {ok, P} = cowboy:start_tls({Ip, Port}, TransOpts, ProtoOpts),
+            ?SInfo("[~p] Activated https://~s:~p~s",
+                    [P, inet:ntoa(Ip), Port, Base])
+        end, FilteredListenerIps),
+        {ok, State#state{listeners = FilteredListenerIps, port = Port}}
+    catch
+        error : {badmatch,{error,{already_started,_}}} = Error ->
+            ?SError("error:~p~n~p", [Error, erlang:get_stacktrace()]),
+            stop_listeners(Error, FilteredListenerIps, Port),
+            init_interface(Intf, State);
+        Class:Error ->
+            ?SError("~p:~p~n~p", [Class, Error, erlang:get_stacktrace()]),
+            {error, Error}
+    end.
+
+class_constraint(format_error, Value) -> io_lib:format("The class ~p is not an valid.", [Value]);
+class_constraint(_Type, <<"topstopper">>) -> {ok, topstopper};
+class_constraint(_Type, <<"barring">>) -> {ok, barring};
+class_constraint(_Type, _) -> {error, not_valid}.
+
+stop_listeners(Reason, Listerns, Port) ->
+    lists:map(
+      fun(Ip) ->
+              case catch cowboy:stop_listener({Ip, Port}) of
+                  ok -> ok;
+                  Error ->
+                      ?SError("[~p] stopping listener ~p on port ~p : ~p",
+                              [Reason, Ip, Port, Error])
+              end
+      end, Listerns).
+
+local_ips(ListenerAddresses) ->
+    IntfIps = dderl:local_ipv4s(),
+    maps:fold(
+        fun({_, _, _, _} = Ip, _, Acc) ->
+            case lists:member(Ip, IntfIps) of
+                true -> [Ip | Acc];
+                false -> Acc
+            end;
+           (_, _, Acc) -> Acc
+        end, [], ListenerAddresses
+    ).
+
+init_resources(#{credential := #{user := User, password := Password},
+                 links := Links} = Resources,
+               #state{active_link = ActiveLink} = State) ->
+    #{opt := Opts, tns := TNS} = lists:nth(ActiveLink, Links),
+    {error, unimplemented}.
+    %% TODO : reimplement without erlocipool
+    %Options = dperl_dal:oci_opts(?ERLOCIPOOL_LOG_CB, Opts),
+    %Pool = dperl_dal:get_pool_name(Resources, State#state.name),
+    %case proplists:get_value(sess_min, Options) of
+    %    0 -> {error, invalid_dbconn_pool_size};
+    %    _ ->
+    %        case erlocipool:new(Pool, TNS, User, Password, Options) of
+    %            {ok, _PoolPid} ->
+    %                try
+    %                    CloseStatementErrors = maps:get(close_statement,
+    %                                                    Resources, []),
+    %                    CloseSessionsErrors = maps:get(close_session,
+    %                                                   Resources, []),
+    %                    if is_list(CloseStatementErrors) andalso
+    %                       is_list(CloseSessionsErrors) ->
+    %                           {ok,
+    %                            State#state{
+    %                              stmt_profile_del
+    %                              = create_stmt(Pool, ?PROFILE_DELETE_SQL,
+    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
+    %                              stmt_ts_get
+    %                              = create_stmt(Pool, ?TOPSTOPPER_GET_SQL,
+    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
+    %                              stmt_ts_post
+    %                              = create_stmt(Pool, ?TOPSTOPPER_POST_SQL,
+    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
+    %                              stmt_ts_put
+    %                              = create_stmt(Pool, ?TOPSTOPPER_PUT_SQL,
+    %                                            ?TOPSTOPPER_PUT_BINDS),
+    %                              stmt_ts_reset
+    %                              = create_stmt(Pool, ?TOPSTOPPER_RESET_SQL,
+    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
+    %                              stmt_ts_revert
+    %                              = create_stmt(Pool, ?TOPSTOPPER_REVERT_SQL,
+    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
+    %                              stmt_bar_get
+    %                              = create_stmt(Pool, ?BARRING_GET_SQL,
+    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
+    %                              stmt_bar_post
+    %                              = create_stmt(Pool, ?BARRING_POST_SQL,
+    %                                            ?BARRING_POST_BINDS),
+    %                              stmt_bar_put
+    %                              = create_stmt(Pool, ?BARRING_PUT_SQL,
+    %                                            ?BARRING_PUT_BINDS),
+    %                              pool = Pool, close_statement = CloseStatementErrors,
+    %                              close_session = CloseSessionsErrors}};
+    %                       true ->
+    %                           {badarg, [close_statement, close_session]}
+    %                    end
+    %                catch
+    %                    Class:Error ->
+    %                        ?SError("create statements failed : ~p. Deleing pool.", [{Class, Error}]),
+    %                        erlocipool:del(Pool),
+    %                        {Class, Error}
+    %                end;
+    %            {error, {already_started,_} = Error} ->
+    %                ?SError("Pool ~p exists, restarting...", [Pool]),
+    %                erlocipool:del(Pool),
+    %                {error, Error};
+    %            {error, Error} ->
+    %                erlocipool:del(Pool),
+    %                init_resources(
+    %                  Resources,
+    %                  State#state{active_link =
+    %                              if length(Links) > ActiveLink ->
+    %                                     ?SWarn("Pool ~p start : ",
+    %                                            [Pool, Error]),
+    %                                     ActiveLink + 1;
+    %                                 true ->
+    %                                     ?SError("Pool ~p start : ",
+    %                                             [Pool, Error]),
+    %                                     1
+    %                              end})
+    %        end
+    %end.
+
+-spec create_stmt(atom(), binary(), list()) -> tuple().
+create_stmt(Pool, Sql, Binds) ->
+    {error, unimplemented}.
+    %% TODO
+    % ?OciStmt(Pool, Sql, Binds, Stmt),
+    % Stmt.
+
+%%
+%% Cowboy REST resource
+%%
+
+-define(SERVER,     "dperl AAA").
+-define(SPEC_FILE,  "aaa.json").
+-include_lib("dderl/src/dderl_rest.hrl").
+
+-define(E2400,
+        #{errorCode => 2400,
+          errorMessage => <<"Missing body">>,
+          errorDetails => <<"Missing request payload">>}).
+-define(E1404,
+        #{errorCode => 1404,
+          errorMessage => <<"Not Found">>,
+          errorDetails => <<"Ressource not found, no AAA-Profile exists."
+                            " Consider creating a default profile with"
+                            " POST">>}).
+-define(E1405,
+        #{errorCode => 1405,
+          errorMessage => <<"Method Not Allowed">>,
+          errorDetails => <<"HTTP method isn't allowed on this resource">>}).
+
+-define(E1403,
+        #{errorCode => 1403,
+          errorMessage => <<"Forbidden">>,
+          errorDetails => <<"No access to the requested service">>}).
+
+-define(JSON(__BODY), imem_json:encode(__BODY)).
+
+% applying Swagger whitelist through middleware
+execute(Req, Env) ->
+    case maps:get(handler_opts, Env, none) of
+        {swagger_static, SName} ->
+            apply_swagger_whitelist(
+                Req, SName, Env#{handler_opts => {priv_dir, dderl, "public/swagger"}});
+        {swagger, _, SName} -> apply_swagger_whitelist(Req, SName, Env);
+        {spec, SName} -> apply_swagger_whitelist(Req, SName, Env);
+        _ -> {ok, Req, Env}
+    end.
+
+apply_swagger_whitelist(Req, SName, Env) ->
+    {Ip, _Port} = cowboy_req:peer(Req),
+    case ?SWAGGER_WHITELIST(SName) of
+        #{Ip := _} -> {ok, Req, Env};
+        WL when map_size(WL) == 0 -> {ok, Req, Env};
+        _ ->
+            Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS,
+                                          ?JSON(?E1403), Req),
+            {stop, Req1}
+    end.
+
+init(Req, {'$probe', SName}) ->
+    {Code, Resp} = ?SERVICE_PROBE_RESP(SName),
+    Req1 = cowboy_req:reply(Code, ?REPLY_HEADERS, Resp, Req),
+    {ok, Req1, undefined};
+init(Req, {swagger, Base, _SName}) ->
+    Url = iolist_to_binary(cowboy_req:uri(Req)),
+    LastAt = byte_size(Url) - 1,
+    Req1 =
+    cowboy_req:reply(
+      302, #{<<"cache-control">> => <<"no-cache">>,
+             <<"pragma">> => <<"no-cache">>,
+             <<"location">> =>
+             list_to_binary(
+               [Url, case Url of
+                         <<_:LastAt/binary, "/">> -> "";
+                         _ -> "/"
+                     end,
+                "index.html?url="++ Base])},
+      <<"Redirecting...">>, Req),
+    {ok, Req1, #state{}};
+init(Req, {spec, _SName}) ->
+    Req1 =
+    case cowboy_req:method(Req) of
+        <<"GET">> ->
+            {ok, Content} = file:read_file(
+                              filename:join(dderl:priv_dir(dperl),
+                                            ?SPEC_FILE)),
+            cowboy_req:reply(200, ?REPLY_JSON_SPEC_HEADERS, Content, Req);
+        <<"OPTIONS">> ->
+            ACRHS = cowboy_req:header(<<"access-control-request-headers">>, Req),
+            cowboy_req:reply(200, 
+                             maps:merge(#{<<"allow">> => <<"GET,OPTIONS">>,
+                                          <<"access-control-allow-headers">> => ACRHS},
+                                        ?REPLY_OPT_HEADERS), <<>>, Req);
+        Method->
+            ?Error("~p not supported", [Method]),
+            cowboy_req:reply(405, ?REPLY_JSON_HEADERS, ?JSON(?E1405), Req)
+    end,
+    {ok, Req1, #state{}};
+init(Req0, #{whitelist := CWhiteList, tenants := Tenants,
+             name := ServiceName} = Opts)->
+    put(name, ServiceName),
+    Req = Req0#{req_time => os:timestamp()},
+    {Ip, _Port} = cowboy_req:peer(Req),
+    IpStr = inet:ntoa(Ip),
+    case cowboy_req:parse_header(<<"authorization">>, Req) of
+        {basic, Tenant, Password} ->
+            case Tenants of % user:password authorization check
+                #{Tenant := #{password := Password, permissions := Permissions,
+                              whitelist := TWhiteLists}} ->
+                    % whitelists check
+                    case {is_ip_allowed(Ip, maps:keys(TWhiteLists)),
+                          is_ip_allowed(Ip, CWhiteList)} of
+                        {false, false} ->
+                            ?SError("~s (~s) is not in tenants' whitelist",
+                                    [IpStr, Tenant]),
+                            unauthorized(Req);
+                        _ ->
+                            Class = cowboy_req:binding(class, Req, <<>>),
+                            Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
+                            Op = cowboy_req:method(Req),
+                            Operation = get_operation(Class, Op, Req),
+                            % operation permission check
+                            case Permissions of
+                                #{Operation := _} ->
+                                    push_request(Operation, Msisdn, Tenant, Req, Opts);
+                                _ ->
+                                    ?SError("~s (~s) operation ~p not authorized",
+                                            [IpStr, Tenant, Operation]),
+                                    unauthorized(Req)
+                            end
+                    end;
+                Tenants ->
+                    ?SError("~s (~s:~s) is not configured in tenants",
+                            [IpStr, Tenant, Password]),
+                    unauthorized(Req)
+            end;
+        Auth ->
+            ?SError("~s provided unsupported or bad authorization ~p", [IpStr, Auth]),
+            unauthorized(Req)
+    end.
+
+-spec is_ip_allowed(tuple(), list()) -> true | false.
+is_ip_allowed(_Ip, []) -> true;
+is_ip_allowed(Ip, WhiteList) -> lists:member(Ip, WhiteList).
+
+unauthorized(Req) ->
+    Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS, ?JSON(?E1403), Req),
+    {ok, Req1, undefined}.
+
+get_operation(<<>>,       <<"DELETE">>,  _Req) -> {profile,   delete};
+get_operation(barring,    <<"GET">>,     _Req) -> {barring,      get};
+get_operation(barring,    <<"POST">>,    _Req) -> {barring,      post};
+get_operation(barring,    <<"PUT">>,     _Req) -> {barring,      put};
+get_operation(topstopper, <<"GET">>,     _Req) -> {topstopper,   get};
+get_operation(topstopper, <<"PATCH">>,    Req) ->
+    case cowboy_req:match_qs([{action, [], none}], Req) of
+        #{action := <<"reset">>} -> {topstopper, reset};
+        #{action := <<"revert">>} -> {topstopper, revert};
+        #{action := Other} -> {topstopper, Other}
+    end;
+get_operation(topstopper, <<"POST">>,    _Req) -> {topstopper,   post};
+get_operation(topstopper, <<"PUT">>,     _Req) -> {topstopper,   put};
+get_operation(Class,      Op,               _) -> {Class,        Op}.
+
+push_request({_, Op} = Operation, Msisdn, Tenant, Req0, #{resource := Service} = Opts) ->
+    CastReq = #{reply => self(), operation => Operation,
+                msisdn => Msisdn, tenant => Tenant},
+    Req = Req0#{db_call => os:timestamp()},
+    case cowboy_req:has_body(Req) of
+        false when Op == put; Op == post; Op == patch; Op == delete ->
+            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
+            {ok, Req1, undefined};
+        false when Op == get ->
+            ok = gen_server:cast(Service, CastReq),
+            {cowboy_loop, Req, Opts, hibernate};
+        true ->
+            {ok, Body, Req1} = cowboy_req:read_body(Req),
+            case catch imem_json:decode(Body, [return_maps]) of
+                {'EXIT', Error} ->
+                    ?SError("~p malformed with ~s : ~p", [Operation, Body, Error]),
+                    Req2 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req1),
+                    {ok, Req2, undefined};
+                BodyMap ->
+                    ok = gen_server:cast(Service, CastReq#{data => BodyMap}),
+                    {cowboy_loop, Req1, Opts, hibernate}
+            end;
+        HasBody ->
+            ?SError("~p with body ~p is not supported", [Operation, HasBody]),
+            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
+            {ok, Req1, undefined}
+    end.
+
+info({reply, bad_req}, Req, State) -> info({reply, {400, <<>>}}, Req, State);
+info({reply, not_found}, Req, State) ->
+    info({reply, {404, ?JSON(?E1404)}}, Req, State);
+info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_map(Body) ->
+    info({reply, {Code, imem_json:encode(Body)}}, Req, State);
+info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_binary(Body) ->
+    Req1 = cowboy_req:reply(Code, ?REPLY_JSON_HEADERS, Body, Req),
+    ReqTime = maps:get(req_time, Req1),
+    DbCall = maps:get(db_call, Req1),
+    Now = os:timestamp(),
+    Total = timer:now_diff(Now, ReqTime),
+    if Total > 0 ->
+           Op = cowboy_req:method(Req),
+           Class = cowboy_req:binding(class, Req, <<>>),
+           Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
+           {Ip, Port} = cowboy_req:peer(Req),
+           IpStr = inet:ntoa(Ip),
+           if is_tuple(DbCall) ->
+                  ?SDebug("~s:~p ~s ~p ~s : TotalTime (micros) ~p = ~p (ReqTime) + ~p (DBTime)",
+                          [IpStr, Port, Op, Class, Msisdn, Total,
+                           timer:now_diff(DbCall, ReqTime),
+                           timer:now_diff(Now, DbCall)]);
+              true ->
+                  ?SDebug("~s:~p ~s ~p ~s : TotalTime ~p micros",
+                          [IpStr, Port, Op, Class, Msisdn, Total])
+           end;
+       true -> ok
+    end,
+    {stop, Req1, State}.
diff --git a/src/dperl_ora.hrl b/src/dperl_ora.hrl
new file mode 100644
index 00000000..435bb385
--- /dev/null
+++ b/src/dperl_ora.hrl
@@ -0,0 +1,215 @@
+-ifndef(_dperl_ora_).
+-define(_dperl_ora_, true).
+
+-include("dperl.hrl").
+
+-define(MAX_COMMENT_LENGTH, 200).
+-define(MAX_REQUESTOR_LENGTH, 20).
+
+-define(RESP_BUFFER, list_to_binary(lists:duplicate(1024, 0))).
+
+-define(SERVICE_MAXACCEPTORS(__SERVICE_NAME),
+          ?GET_CONFIG(maxNumberOfAcceptors, [__SERVICE_NAME], 100,
+                      "Maximum number of TCP acceptors")
+       ).
+
+-define(SERVICE_MAXCONNS(__SERVICE_NAME), 
+          ?GET_CONFIG(maxNumberOfSockets, [__SERVICE_NAME], 5000, 
+                      "Maximum number of simulteneous connections")
+       ).
+  
+-define(SERVICE_PROBE_URL(__SERVICE_NAME),
+          ?GET_CONFIG(probeUrl, [__SERVICE_NAME], "/probe.html",
+                      "Defines the url of the probe for the load balancer")
+       ).
+
+-define(SERVICE_PROBE_RESP(__SERVICE_NAME),
+          ?GET_CONFIG(probeResp, [__SERVICE_NAME],
+                      {200,
+                       <<"<html>"
+                         "<body>Service is alive</body>"
+                         "</html>">>},
+                      "Response given to the load balancer when the probeUrl"
+                      " is requested")
+       ).
+
+-define(SERVICE_UPDATE_PERIOD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceDynUpdatePeriod, [__SERVICE_NAME], 2000,
+                      "Delay in millisecond between a service updates its DYN"
+                      " info")
+       ).
+
+-define(SERVICE_STATUS_RESET_PERIOD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceDynResetPeriod, [__SERVICE_NAME], 3600 * 1000,
+                      "Delay in millisecond between a service resets its DYN"
+                      " info")
+       ).
+
+-define(SERVICE_ACTIVE_THRESHOLD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceStatusActiveThreshold, [__SERVICE_NAME], 1,
+                      "Request count threshhold beyond which service is marked"
+                      " as active in DYN")
+       ).
+
+-define(SERVICE_OVERLOAD_THRESHOLD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceStatusOverloadThreshold, [__SERVICE_NAME], 100,
+                      "Request count threshhold beyond which service is marked"
+                      " as overloaded in DYN")
+       ).
+
+-define(SWAGGER_WHITELIST(__SERVICE_NAME),
+          ?GET_CONFIG(swaggerWhitelist, [__SERVICE_NAME], #{},
+                      "Whitelist for SwaggerClient Access")).
+
+%% sqls
+
+%% common sqls and binds
+-define(PROFILE_DELETE_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_profile_msisdn_delete(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+%% topstopper sqls and binds
+-define(TOPSTOPPER_GET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_get(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN);
+END;
+">>).
+
+-define(TOPSTOPPER_POST_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_post(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'}]).
+
+-define(TOPSTOPPER_PUT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_put(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    TopStopLimit=>:SQLT_VNU_TOPSTOPLIMIT,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_PUT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,   out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,          in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,       in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>,  in,     'SQLT_CHR'},
+         {<<":SQLT_VNU_TOPSTOPLIMIT">>, in,     'SQLT_VNU'},
+         {<<":SQLT_CHR_REQUESTOR">>,    in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,       in,     'SQLT_CHR'}]).
+
+-define(TOPSTOPPER_RESET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_reset(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+
+-define(TOPSTOPPER_REVERT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_revert(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_RESET_REVERT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'}]).
+
+%% barring sqls and binds
+-define(BARRING_GET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_get(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_BARRING_GET_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'}]).
+
+-define(BARRING_POST_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_post(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(BARRING_POST_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'}]).
+
+-define(BARRING_PUT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_put(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    BarringLevel=>:SQLT_INT_LEVEL,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(BARRING_PUT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
+         {<<":SQLT_INT_LEVEL">>,       in,     'SQLT_INT'},
+         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'}]).
+
+-endif. %_dperl_ora_
diff --git a/src/dperl_skvh_copy.erl b/src/dperl_skvh_copy.erl
new file mode 100644
index 00000000..e8d1d839
--- /dev/null
+++ b/src/dperl_skvh_copy.erl
@@ -0,0 +1,255 @@
+-module(dperl_skvh_copy).
+
+-include("dperl.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+% dperl_job exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2, get_status/1, init_state/1]).
+
+-record(state, {name, srcImemSess, srcActLink = 1, srcCred, srcLinks, sbucket,
+                maxKey, minKey, dstImemSess, dstActLink = 1, dstCred, dstLinks, 
+                dbucket, dbucketOpts = [], isDLocal = false, isSLocal = false, 
+                first_sync = true, rows = [], audit_start_time = {0,0}}).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/5, do_refresh/2, load_src_after_key/3, load_dst_after_key/3,
+         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3, update_dst/3,
+         report_status/3]).
+
+connect_check_src(#state{isSLocal = true} = State) -> {ok, State};
+connect_check_src(#state{srcActLink = ActiveLink, srcLinks = Links,
+                         srcCred = #{user := User, password := Password},
+                         srcImemSess = OldSession} = State) ->
+    case connect_imem(ActiveLink, Links, User, Password, OldSession) of
+        {ok, OldSession} -> {ok, State};
+        {ok, Session} -> {ok, State#state{srcImemSess = Session}};
+        {error, Error, NewActiveLink} ->
+            {error, Error, State#state{srcActLink = NewActiveLink}}
+    end.
+
+connect_check_dst(#state{isDLocal = true, dbucketOpts = DBucketOpts,
+                         dbucket = DstBucket} = State) ->
+    check_channel(undefined, true, DstBucket, DBucketOpts),
+    {ok, State};
+connect_check_dst(#state{dstActLink = ActiveLink, dstLinks = Links,
+                         dstCred = #{user := User, password := Password},
+                         dstImemSess = OldSession, dbucketOpts = DBucketOpts,
+                         dbucket = DstBucket, isDLocal = IsDLocal} = State) ->
+    case connect_imem(ActiveLink, Links, User, Password, OldSession) of
+        {ok, OldSession} -> {ok, State};
+        {ok, Session} ->
+            check_channel(Session, IsDLocal, DstBucket, DBucketOpts),
+            {ok, State#state{dstImemSess = Session}};
+        {error, Error, NewActiveLink} ->
+            {error, Error, State#state{dstActLink = NewActiveLink}}
+    end.
+
+get_source_events(#state{srcImemSess = Session, sbucket = SrcBucket, isSLocal = IsSLocal,
+                          audit_start_time = LastStartTime} = State, BulkSize) ->
+    case length(State#state.rows) > 0 of
+        true -> {ok, State#state.rows, State#state{rows = []}};
+        _ ->
+            case catch run_cmd(audit_readGT, [SrcBucket, LastStartTime, BulkSize], 
+                               IsSLocal, Session) of
+                {error, _} = Error -> Error;
+                {'EXIT', Error} -> {error, Error};
+                [] ->
+                    if State#state.first_sync == true -> 
+                          ?JInfo("Audit rollup is complete"),
+                          {ok, sync_complete, State#state{first_sync = false}};
+                       true -> {ok, sync_complete, State}
+                    end;
+                Audits ->
+                    #{time := NextStartTime} = lists:last(Audits),
+                    {ok, filter_keys(Audits, State), State#state{
+                           audit_start_time = NextStartTime}}
+            end
+    end.
+
+load_src_after_key(CurKey, BlkCount,
+                   #state{srcImemSess = SSession, sbucket = SrcBucket,
+                          maxKey = MaxKey, minKey = MinKey, isSLocal = IsSLocal}) ->
+    load_after_key(SrcBucket, CurKey, MaxKey, MinKey, BlkCount, IsSLocal, SSession).
+
+load_dst_after_key(CurKey, BlkCount,
+                   #state{dstImemSess = DSession, dbucket = DstBucket,
+                          maxKey = MaxKey, minKey = MinKey, isDLocal = IsDLocal}) ->
+    load_after_key(DstBucket, CurKey, MaxKey, MinKey, BlkCount, IsDLocal, DSession).
+
+do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
+    NewState = State#state{rows = Inserts ++ Diffs ++ Deletes},
+    if IsFinished -> {ok, finish, NewState};
+       true -> {ok, NewState}
+    end.
+
+do_refresh(_State, _) -> error(not_implemented).
+
+fetch_src(Key, #state{srcImemSess = Session, sbucket = Bucket, isSLocal = IsLocal}) ->
+    dperl_dal:job_error_close(Key),
+    get_value(<<"fetch_src">>, Session, IsLocal, Bucket, Key).
+
+fetch_dst(Key, #state{dstImemSess = Session, dbucket = Bucket, isDLocal = IsLocal}) ->
+    get_value(<<"fetch_src">>, Session, IsLocal, Bucket, Key).
+
+delete_dst(Key, #state{dstImemSess = Session, dbucket = Bucket, isDLocal = IsLocal} = State) ->
+    case run_cmd(delete, [Bucket, imem_datatype:term_to_io(Key)], IsLocal, Session) of
+        {error, Error} ->
+            ?JError("imem_dal_skvh:delete(~p,[~p]) ~p",
+                    [Bucket, imem_datatype:term_to_io(Key), Error]),
+            dperl_dal:job_error(Key, <<"sync">>, <<"delete">>, Error),
+            {true, State};
+        _ -> {false, State}
+    end.
+
+insert_dst(Key, Val, State) -> update_dst(Key, Val, State).
+
+update_dst(Key, Val, #state{dstImemSess = Session, dbucket = Bucket, isDLocal = IsLocal} = State) ->
+    case catch run_cmd(write, [Bucket, Key, Val], IsLocal, Session) of
+        {error, Error} ->
+            ?JError("imem_dal_skvh:write(~p,~p,~p) ~p",
+                    [Bucket, Key, Val, Error]),
+            dperl_dal:job_error(Key, <<"sync">>, <<"update_dst">>, Error),
+            {true, State};
+        _ -> {false, State}
+    end.
+
+report_status(_Key, _Status, _State) -> no_op.
+
+get_status(#state{audit_start_time = LastAuditTime}) ->
+    #{lastAuditTime => LastAuditTime}.
+
+init_state([]) -> #state{};
+init_state([#dperlNodeJobDyn{state = #{lastAuditTime := LastAuditTime}} | _]) ->
+    #state{audit_start_time = LastAuditTime};
+init_state([_ | Others]) ->
+    init_state(Others).
+
+init({#dperlJob{name=Name, srcArgs = SrcArgs, dstArgs = DstArgs}, State}) ->
+    ?JInfo("Starting ~s...", [Name]),
+    DBucketOpts = maps:get(dbucketOpts, DstArgs, [audit,history]),
+    State1 = load_src_args(SrcArgs, State),
+    State2 = load_dst_args(DstArgs, State1),
+    MinKey = maps:get(minKey, SrcArgs, -1),
+    MaxKey = maps:get(maxKey, SrcArgs, [<<255>>]),
+    {ok, State2#state{
+            name = Name, maxKey = MaxKey, minKey = MinKey,
+            dbucketOpts = DBucketOpts}};
+init({Args, _}) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(Request, State) ->
+    ?JWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, #state{srcImemSess = SrcSession, dstImemSess = DstSession}) ->
+    try
+        [Session:close() || Session <- [SrcSession, DstSession], Session /= undefined],
+        ?JInfo("terminate ~p", [Reason])
+    catch
+        _:Error ->
+        dperl_dal:job_error(<<"terminate">>, <<"terminate">>, Error),
+        ?JError("terminate ~p:~p ~p",
+                [Reason, Error, erlang:get_stacktrace()])
+    end.
+
+code_change(OldVsn, State, Extra) ->
+    ?JInfo("code_change ~p: ~p", [OldVsn, Extra]),
+    {ok, State}.
+
+format_status(Opt, [PDict, State]) ->
+    ?JInfo("format_status ~p: ~p", [Opt, PDict]),
+    State.
+
+connect_imem(_ActiveLink, [], _User, _Password, _OldSession) -> {error, no_links, -1};
+connect_imem(ActiveLink, Links, User, Password, OldSession) ->
+    #{schema := Schema} = lists:nth(ActiveLink, Links),
+    case catch OldSession:run_cmd(schema, []) of
+        Schema -> {ok, OldSession};
+        _ ->
+            catch OldSession:close(),
+            case dperl_dal:connect_imem_link(
+                   ActiveLink, Links, User, Password) of
+                {ok, Session, _} ->
+                    {ok, Session};
+                {Error, NewActiveLink} ->
+                    {error, Error, NewActiveLink}
+            end
+    end.
+
+check_channel(Session, IsLocal, Bucket, BucketOpts) ->
+    case catch run_cmd(create_check_skvh, [Bucket, BucketOpts], IsLocal, Session) of
+        {'EXIT', Error} -> {error, Error};
+        {error, Error} ->
+            ?JError("imem_dal_skvh:create_check_skvh(~p,~p) ~p",
+                    [Bucket, BucketOpts, Error]),
+            {error, Error};
+        _ -> ok
+    end.
+
+get_value(Op, Session, IsLocal, Bucket, Key) ->
+    case run_cmd(read, [Bucket, [Key]], IsLocal, Session) of
+        [] -> ?NOT_FOUND;
+        [#{cvalue := Value}] -> Value;
+        {error, Error} ->
+            ?JError("imem_dal_skvh:read(~p,~p) ~p", [Bucket, [Key], Error]),
+            dperl_dal:job_error(Key, <<"sync">>, Op, Error),
+            error
+    end.
+
+load_src_args(#{channel := SChannel}, State) ->
+    State#state{sbucket = to_binary(SChannel), isSLocal = true};
+load_src_args(#{credential := SrcCred, links := SrcLinks, sbucket := SBucket}, State) ->
+    State#state{sbucket = to_binary(SBucket), srcCred = SrcCred, srcLinks = SrcLinks}.
+
+load_dst_args(#{channel := DChannel}, State) ->
+    State#state{dbucket = to_binary(DChannel), isDLocal = true};
+load_dst_args(#{credential := DstCred, links := DstLinks, dbucket := DBucket}, State) ->
+    State#state{dbucket = to_binary(DBucket), dstCred = DstCred, dstLinks = DstLinks}.
+
+to_binary(Channel) when is_list(Channel) -> list_to_binary(Channel);
+to_binary(Channel) when is_binary(Channel) -> Channel;
+to_binary(Channel) -> Channel.
+
+run_cmd(Cmd, Args, true, _) -> erlang:apply(imem_dal_skvh, Cmd, [system | Args]);
+run_cmd(Cmd, Args, _, Session) -> Session:run_cmd(dal_exec, [imem_dal_skvh, Cmd, Args]).
+
+load_after_key(Bucket, CurKey, MaxKey, MinKey, BlkCount, IsLocal, Session) when MinKey == CurKey ->
+    get_key_hashes(Bucket, CurKey, MaxKey, BlkCount, IsLocal, Session, MinKey == CurKey);
+load_after_key(Bucket, CurKey, MaxKey, MinKey, BlkCount, IsLocal, Session) when is_integer(CurKey) ->
+    load_after_key(Bucket, MinKey, MaxKey, MinKey, BlkCount, IsLocal, Session);
+load_after_key(Bucket, CurKey, MaxKey, MinKey, BlkCount, IsLocal, Session) ->
+    get_key_hashes(Bucket, CurKey, MaxKey, BlkCount, IsLocal, Session, MinKey == CurKey).
+
+get_key_hashes(Bucket, FromKey, MaxKey, Count, IsLocal, Session, IsFirstTime) ->
+    case catch run_cmd(readGELTHashes, [Bucket, FromKey, MaxKey, Count + 1], 
+                       IsLocal, Session) of
+        [{FromKey, _} | Keys] = KeyHashes -> 
+            if IsFirstTime -> lists:sublist(KeyHashes, Count);
+               true -> Keys
+            end;
+        KeyHashes when is_list(KeyHashes) -> lists:sublist(KeyHashes, Count);
+        Error -> error(Error)
+    end.
+
+filter_keys(Keys, #state{minKey = MinKey, maxKey = MaxKey}) ->
+    lists:foldr(
+        fun(#{ckey := Key}, Acc) when Key >= MinKey andalso Key =< MaxKey ->
+                case lists:member(Key, Acc) of
+                    true -> Acc;
+                    false -> [Key | Acc]
+                end;
+           (_, Acc) -> Acc
+        end, [], Keys).
\ No newline at end of file
diff --git a/src/dperl_status.hrl b/src/dperl_status.hrl
new file mode 100644
index 00000000..0546dced
--- /dev/null
+++ b/src/dperl_status.hrl
@@ -0,0 +1,57 @@
+-ifndef(_dperl_STATUS_HRL_).
+-define(_dperl_STATUS_HRL_, true).
+
+-include("dperl.hrl").
+
+-record(context, {
+            name                           :: list(),
+            channel                        :: binary(),
+            aggr_channel                   :: binary(),
+            metrics                        :: map(),
+            focus                          :: map(),
+            heart_interval = 10000         :: integer(),
+            aggregators = #{}              :: map(),
+            node_collector                 :: list(),
+            stale_time                     :: integer(),
+            cpu_overload_cnt = 0           :: integer(),
+            mem_overload_cnt = 0           :: integer(),
+            eval_suspend_cnt = 0           :: integer(),
+            errors = []                    :: list(),
+            received_cnt = 0               :: integer(),
+            requested_cnt = 0              :: integer(),
+            success_cnt = 0                :: integer(),
+            sync_cnt = 0                   :: integer(),
+            active_link = 1                :: integer(),
+            imem_sess = undefined          :: undefined | tuple(),
+            connection = #{}               :: map(),
+            target_node                    :: atom(),
+            requested_metrics = #{}        :: map(),    %% list of metrics that have been requested
+            debug = none                   :: atom(),   %% none or detail or simple
+            is_loaded = false              :: boolean(),
+            sync_only = false              :: boolean() %% set to true when refresh and cleanup are false
+        }).
+
+-define(STALE_TIME(__MODULE, __JOB_NAME),
+          ?GET_CONFIG(cleanupStaleTimeout, [__MODULE, __JOB_NAME], 60000, "Cleanup Threshold time to delete rows after checking heartbeat")
+       ).
+
+-define(MAX_MEMORY_THRESHOLD(__NODE),
+          ?GET_CONFIG(maxMemoryThreshold, [__NODE], 70, "Memory Threshold percentage above which should cause high memory error, configurable per node")
+       ).
+
+-define(METRIC_WAIT_THRESHOLD(__JOB_NAME),
+          ?GET_CONFIG(metricWaitTimeout, [__JOB_NAME], 300, "Max wait time for the agent to respond to a metric request is  in seconds")
+       ).
+
+-define(METRICS_TAB(__NAME), list_to_atom("metrics_tab_" ++ __NAME)).
+
+-define(AGGR, <<"_AGGR">>).  %% Aggregator skvh table ending. user with dashboard table ex: dperlS_AGGR
+
+-record(dperl_metrics, {key           :: tuple(),
+                       agg_round     :: list(),
+                       agg_precise   :: list(),
+                       state         :: term(),
+                       time          :: ddTimestamp()
+                      }).
+
+-endif.
diff --git a/src/dperl_status_agr.erl b/src/dperl_status_agr.erl
new file mode 100644
index 00000000..fe17251e
--- /dev/null
+++ b/src/dperl_status_agr.erl
@@ -0,0 +1,740 @@
+-module(dperl_status_agr).
+
+-include("dperl_status.hrl").
+
+-export([sync_puller_error/5, check_nodes/5, merge_node_errors/5,
+         check_memory_on_nodes/5, check_heartbeats/5, check_job_error/5,
+         check_job_down/5, write_to_all/5, write_to_aggr/5, write_to_channel/5,
+         format_system_memory/5, sessions_rate/5, restricted_sessions_rate/5,
+         upstream_requests_rate/5, downstream_requests_rate/5,
+         focus_requests_rate/5, check_memory_on_node/5]).
+
+-safe([sync_puller_error/5, check_nodes/5, merge_node_errors/5,
+       check_memory_on_nodes/5, check_heartbeats/5, check_job_down/5,
+       check_job_error/5, write_to_all/5, write_to_aggr/5, write_to_channel/5,
+       format_system_memory/5, sessions_rate/5, restricted_sessions_rate/5,
+       upstream_requests_rate/5, downstream_requests_rate/5,
+       focus_requests_rate/5, check_memory_on_node/5]).
+
+-define(PUSHER_MAP_CACHE_TIMEOUT, 300).  %% 5 minutes after which the job map in the state is rebuild
+
+%% Node level aggregator
+sync_puller_error({_, {job_status, _}}, {Infos, _T}, #context{name = Name, channel = Channel}, {_, _, State, _}, _Opts) ->
+    NewState =
+    case State of
+        #{time := Time} ->
+            case imem_datatype:sec_diff(Time, imem_meta:time()) < ?PUSHER_MAP_CACHE_TIMEOUT of
+                true -> State;
+                false -> #{pushers => build_job_map(Channel), time => imem_meta:time()}
+            end;
+        _ -> #{pushers => build_job_map(Channel), time => imem_meta:time()}
+    end,
+    Pushers = maps:get(pushers, NewState, #{}),
+    NewInfos =
+    lists:map(
+        fun(#{cvalue := #{status := stopped}} = Info) -> Info;
+           (#{ckey := [_, _, _, "job_status", Job], cvalue := Status} = Info) ->
+                case Pushers of
+                    #{Job := puller} -> Info;
+                    #{Job := Pullers} ->
+                        Info#{cvalue => update_push_status(Pullers, Name, Channel, Status)};
+                    _ -> Info
+                end;
+           (Info) -> Info
+        end, Infos),
+    {NewInfos, [], NewState}.
+
+%% Node level aggregator
+check_nodes({_, MKey}, {Infos, _T}, #context{channel = Channel}, {_, _, State, _}, Opts) 
+  when MKey == erlang_nodes; MKey == data_nodes->
+    AggrMetrics =
+    lists:foldl(
+        fun(#{ckey := [_Pla, "system_info", Node, "system_info", "erlang_nodes"] = Key, 
+              cvalue := #{nodes := Nodes, required_nodes := RNodes}}, Acc) ->
+                check_nodes_internal(Channel, Key, Node, Nodes, RNodes) ++ Acc;
+           (#{ckey := [_Pla, "system_info", Node, "system_info", "data_nodes"] = Key, 
+              cvalue := #{data_nodes := DNodes, required_nodes := RNodes}}, Acc) ->
+                Nodes = [N || #{node  := N} <- DNodes],
+                check_nodes_internal(Channel, Key, Node, Nodes, RNodes) ++ Acc;
+           (_, Acc) -> Acc
+        end, [], Infos),
+    case Opts of
+        #{write_to_channel := true} -> {AggrMetrics, AggrMetrics, State};
+        _ -> {[], AggrMetrics, State}
+    end.
+
+%% Master aggregator
+merge_node_errors({_, {agr, node_error, _}}, {[#{cvalue := NodeErrors}], _T}, #context{channel = Channel}, {_, _, State, _}, _Opts) ->
+    ErrorKey = [binary_to_list(Channel), "system_info", "aggregation", "error", "nodes"],
+    NErrors =
+    case lists:usort(maps:values(NodeErrors)) of
+        []      -> [];
+        [Error] -> [#{ckey => ErrorKey, cvalue => #{error => Error}}];
+        Errors  -> [#{ckey => ErrorKey, cvalue => #{error => Errors}}]
+    end,
+    {NErrors, [], State}.
+
+%% Master aggregator
+check_memory_on_nodes({_, {agr, node_memory, _}}, {[#{cvalue := NodeStatuses}], _T}, #context{channel = Channel}, {_, _, State, _}, _Opts) ->
+    NodeMemErrors =
+    maps:fold(
+        fun(Node, Value, Acc) ->
+            case check_memory(Node, Value) of
+                false -> Acc;
+                Mem -> Acc#{Node => Mem}
+            end
+        end, #{}, NodeStatuses),
+    if map_size(NodeMemErrors) == 0 -> {[], [], State};
+       true -> 
+            ErrorKey = [binary_to_list(Channel), "system_info", "aggregation", "error", "memory"],
+            {[#{ckey => ErrorKey, cvalue => #{error => <<"Memory too high">>, info => NodeMemErrors}}], [], State}
+    end.
+
+%% Node level aggregator
+check_memory_on_node({_, system_information}, {[#{ckey:= Key, cvalue := Value}], _T}, _Ctx, {_, _, State, _}, _Opts) ->
+    [Pla, "system_info", Node, "system_info", "node_status"] = Key,
+    case check_memory(Node, Value) of
+        false -> {[], [], State};
+        Mem -> 
+            {[#{ckey => [Pla, "system_info", Node, "error", "memory"],
+                cvalue => #{error => <<"Memory too high">>, info => Mem}}], [], State}
+    end.
+
+%% Master aggregator
+check_heartbeats({_, {agr, heartbeat, _}}, {[#{cvalue := Heatbeats}], _T}, #context{channel = Channel,
+        node_collector= NodeCollecotor, stale_time = StaleTime}, {_, _, State, _}, _Opts) ->
+    {[Nodes], true} = imem_meta:select(dperlJob, [{#dperlJob{name = list_to_binary(NodeCollecotor), nodes = '$1', _ = '_'}, [], ['$1']}]),
+    MissingNodes = maps:fold(
+        fun(Node, Time, Acc) ->
+            case erlang:system_time(milli_seconds) - Time of
+                T when T > StaleTime -> Acc;
+                _ -> lists:delete(Node, Acc)
+            end
+        end, Nodes, Heatbeats),
+    case MissingNodes of
+        [] -> {[], [], State};
+        MissingNodes ->
+            ErrorKey = [binary_to_list(Channel), "system_info", "aggregation", "error", "heartbeat"],
+            {[#{ckey => ErrorKey, cvalue => #{error => <<"Missing heartbeat">>, info => MissingNodes}}], [], State}
+    end.
+
+%% Master aggregator
+check_job_error({_, {agr, error_count, _}}, {[#{cvalue := NodeErrors}], _T}, #context{channel = Channel}, {_, _, State, _}, _Opts) ->
+    ErrorMap = maps:fold(
+        fun(Node, Count, Acc) when Count > 0 -> Acc#{Node => Count};
+           (_, _, Acc) -> Acc
+        end, #{}, NodeErrors),
+    if map_size(ErrorMap) > 0 ->
+            ErrorKey = [binary_to_list(Channel), "system_info", "aggregation", "error", "job_error_count"],
+            {[#{ckey => ErrorKey, cvalue => #{error => <<"Jobs with errors">>, info => ErrorMap}}], [], State};
+        true -> {[], [], State}
+    end.
+
+%% Master aggregator
+check_job_down({_, {job_down_count, _}}, {Infos, _T}, #context{channel = ChannelBin}, {_, _, State, _}, _Opts) ->
+    Channel = binary_to_list(ChannelBin),
+    DownMap = lists:foldl(
+        fun(#{ckey := [_Pla, "system_info", Node, "system_info", "job_down_count"],
+              cvalue := #{job_down_count := Count}}, _) when Count > 0 -> #{list_to_binary(Node) => Count};
+           (_, Acc) -> Acc
+        end, #{}, Infos),
+    if map_size(DownMap) > 0 ->
+            ErrorKey = [Channel, "system_info", "aggregation", "error", "job_down_count"],
+            {[#{ckey => ErrorKey, cvalue => #{error => <<"Down jobs">>, info => DownMap}}], [], State};
+        true -> {[], [], State}
+    end.
+
+format_system_memory({_, system_information}, {[#{cvalue := Value} = Info], _T}, _Ctx, {_, _, State, _}, _Opts) ->
+    #{free_memory := FreeMemory,
+      total_memory := TotalMemory,
+      erlang_memory := ErlMemory} = Value,
+    ValueRounded = Value#{free_memory => bytes_to_mb(FreeMemory),
+                          total_memory => bytes_to_mb(TotalMemory),
+                          erlang_memory => bytes_to_mb(ErlMemory)},
+    {[Info#{cvalue => ValueRounded}], [Info], State}.
+
+write_to_all({_, _}, {Infos, _T}, _Ctx, {_, _, State, _}, _Opts) -> {Infos, Infos, State}.  % system_information
+
+write_to_aggr({_, _}, {Infos, _T}, _Ctx, {_, _, State, _}, _Opts) -> {[], Infos, State}. % job_error_count
+
+write_to_channel({_, _}, {Infos, _T}, _Ctx, {_, _, State, _}, _Opts) -> {Infos, [], State}. % focus, jobs, errors
+
+%% mpro aggregators
+sessions_rate({mpro_metrics, {sessions, _}}, {[#{ckey := Key, cvalue := #{sessions := Sessions}}], Time}, 
+  _Ctx, {_, _, State, LastTime}, Opts) ->
+    calculate_rate(sessions_rate, Sessions, LastTime, Time, Key, check_opts(Opts), State).
+
+restricted_sessions_rate({mpro_metrics, {restricted_sessions, _}}, {[#{ckey := Key, cvalue := #{restricted_sessions := RSessions}}], Time}, 
+  _Ctx, {_, _, State, LastTime}, Opts) ->
+    calculate_rate(restricted_sessions_rate, RSessions, LastTime, Time, Key, check_opts(Opts), State).
+
+upstream_requests_rate({mpro_metrics, {upstream_requests, _}}, {[#{ckey := Key, cvalue := #{upstream_requests := Requests}}], Time}, 
+  _Ctx, {_, _, State, LastTime}, Opts) ->
+    calculate_rate(upstream_requests_rate, Requests, LastTime, Time, Key, check_opts(Opts), State).
+
+downstream_requests_rate({mpro_metrics, {downstream_requests, _}}, {[#{ckey := Key, cvalue := #{downstream_requests := Requests}}], Time}, 
+  _Ctx, {_, _, State, LastTime}, Opts) ->
+    calculate_rate(downstream_requests_rate, Requests, LastTime, Time, Key, check_opts(Opts), State).
+
+-spec focus_requests_rate({atom, {atom, list(), list()}}, {list(), term()}, #context{}, tuple(), map()) -> {list(), list(), term()}.
+focus_requests_rate({mpro_metrics, {focus, _Topic, _FocusKey}}, {[], _Time}, _Ctx, {_, _, State, _}, _Opts) ->
+    {[], [], State};
+focus_requests_rate({mpro_metrics, {focus, _Topic, _FocusKey}}, {Rows, Time}, _Ctx, {_, _, State, LastTime}, Opts) ->
+    {Rates, NewState} = lists:foldl(
+        fun(#{ckey := K, cvalue := V} = I, {AccRates, AccState}) ->
+            {RateValue, RateState} = calculate_focus_rate(lists:last(K), V, AccState, LastTime, Time, check_opts(Opts)),
+            {[I#{cvalue => RateValue} | AccRates], RateState}
+        end,
+        {[], State}, Rows),
+    {Rates, [], NewState}.
+
+%% Internal helper functions
+find_pullers(Channel) ->
+    case imem_meta:select(dperlJob, [{#dperlJob{name = '$1', dstArgs = '$2', _ = '_'}, 
+                            [{'==', '$2', #{channel => binary_to_list(Channel)}}], ['$1']}]) of
+        {[], true} -> puller;
+        {Pullers, true} -> Pullers
+    end.
+
+-spec update_push_status([binary()], list(), binary(), map()) -> map().
+update_push_status(Pullers, CollectorName, Channel, StatusValue) ->
+    Rows = imem_dal_skvh:read_deep(system, Channel, [[CollectorName]]),
+    update_push_status(get_error_jobs(Rows), Pullers, StatusValue).
+
+-spec update_push_status([binary()], [binary()], map()) -> map().
+update_push_status([], _Pullers, StatusValue) -> StatusValue;
+update_push_status([ErrorJob | Rest], Pullers, StatusValue) ->
+    case lists:member(ErrorJob, Pullers) of
+        true -> StatusValue#{status => error};
+        false -> update_push_status(Rest, Pullers, StatusValue)
+    end.
+
+-spec get_error_jobs([map()]) -> [binary()].
+get_error_jobs([]) -> [];
+get_error_jobs([#{ckey := [_, _, _, _, _, "job_status", Name], cvalue := ValueBin} | Rest]) ->
+    case imem_json:decode(ValueBin, [return_maps]) of
+        #{<<"status">> := <<"error">>} -> [list_to_binary(Name) | get_error_jobs(Rest)];
+        _ -> get_error_jobs(Rest)
+    end;
+get_error_jobs([_Row | Rest]) -> get_error_jobs(Rest).
+
+check_nodes_internal(_Channel, _Key, _Node, Nodes, Nodes) -> [];
+check_nodes_internal(Channel, Key, Node, Nodes, RequiredNodes) ->
+    case RequiredNodes -- Nodes of
+        [] -> [];
+        MissingNodes -> 
+            ErrorKey = [binary_to_list(Channel), "system_info", Node, "error", lists:last(Key)],
+            Error = #{error => list_to_binary(io_lib:format("Missing nodes ~p", [MissingNodes]))},
+            [#{ckey => ErrorKey, cvalue => Error}]
+    end.
+
+bytes_to_mb(Bytes) -> list_to_binary(lists:concat([Bytes div 1000000, "MB"])).
+
+calculate_rate(_RateName, V2, undefined, _T2, _Key, _Opts, State) ->
+    {[], [], State#{lastValue => V2, lastRate => undefined}};
+calculate_rate(_RateName, V2, T1, T2, _Key, _Opts, #{lastRate := undefined} = State) ->
+    V1 = maps:get(lastValue, State, 0),
+    Rate = calculate_rate(V1, V2, T1, T2),
+    {[], [], State#{lastValue => V2, lastRate => Rate}};
+calculate_rate(RateName, V2, T1, T2, Key, #{exp_factor := Factor}, #{lastRate := LRate} = State) when is_number(LRate) ->
+    V1 = maps:get(lastValue, State, 0),
+    RateKey =  lists:sublist(Key, 3) ++ [atom_to_list(RateName), []],
+    Rate = apply_factor(calculate_rate(V1, V2, T1, T2), LRate, Factor),
+    RoundVal = [#{ckey => RateKey, cvalue => #{RateName => round(Rate)}}],
+    NewState = State#{lastValue => V2, lastRate => Rate},
+    {RoundVal, [#{ckey => RateKey, cvalue => #{RateName => Rate}}], NewState};
+calculate_rate(_RateName, V2, _T1, _T2, _Key, _Opts, State) ->
+    {[], [], State#{lastValue => V2, lastRate => undefined}}.
+
+calculate_rate(Val, Val, _T1, _T2) -> 0;
+calculate_rate(V1, V2, T1, T2) ->
+    (V2 - V1) * (1000000 / imem_datatype:musec_diff(T1, T2)).
+
+-spec check_opts(map()) -> map().
+check_opts(#{exp_factor := 1} = Opts) -> Opts;
+check_opts(#{exp_factor := Factor} = Opts) when is_float(Factor),
+    Factor >= 0.5, Factor < 1 -> Opts;
+check_opts(Opts) -> Opts#{exp_factor => 1}.
+
+-spec apply_factor(number(), number(), number()) -> number().
+apply_factor(Rate, _OldRate, 1) -> Rate;
+apply_factor(Rate, OldRate, Factor) ->
+    Rate * Factor + OldRate * (1-Factor).
+
+-spec build_job_map(binary()) -> map().
+build_job_map(Channel) ->
+    TableName = imem_dal_skvh:atom_table_name(Channel),
+    JobMapFun = fun() ->
+        FirstKey = imem_meta:first(TableName),
+        build_job_map(TableName, FirstKey, #{})
+    end,
+    case imem_meta:transaction(JobMapFun) of
+        {atomic, NewAcc} -> NewAcc;
+        ErrorResult ->
+            ?JError("Error building job map: ~p", [ErrorResult]),
+            #{}
+    end.
+
+-spec build_job_map(atom(), term() | atom(), map()) -> map().
+build_job_map(_TableName, '$end_of_table', Acc) -> Acc;
+build_job_map(TableName, CurKey, Acc) ->
+    [RawRow] = imem_meta:read(TableName, CurKey),
+    NewAcc =
+    case imem_dal_skvh:skvh_rec_to_map(RawRow) of
+        #{ckey := [_, _, _, _, "cluster", "jobs", Job], cvalue := Val} ->
+            case imem_json:decode(Val, [return_maps]) of
+                #{<<"direction">> := <<"push">>, 
+                  <<"srcArgs">> := #{<<"channel">> := SChannel}} ->
+                        Pullers = find_pullers(SChannel),
+                        Acc#{Job => Pullers};
+                _ -> Acc#{Job => puller}
+            end;
+        _ -> Acc
+    end,
+    NextKey = imem_meta:next(TableName, CurKey),
+    build_job_map(TableName, NextKey, NewAcc).
+
+-spec path_to_values(map()) -> [[term()]].
+path_to_values(Map) ->
+    path_to_values(maps:keys(Map), Map, []).
+
+-spec path_to_values(list(), map(), list()) -> [[term()]].
+path_to_values([], _, _Acc) -> [];
+path_to_values([Key | Keys], Map, Acc) ->
+    NewAcc = [Key | Acc],
+    S = case Map of
+        #{Key := Value} when is_map(Value) ->
+            path_to_values(maps:keys(Value), Value, NewAcc);
+        _ -> [lists:reverse(NewAcc)]
+    end,
+    S ++ path_to_values(Keys, Map, Acc).
+
+-spec calculate_focus_rate(list(), map(), map(), term(), term(), map()) -> {map(), map()}.
+calculate_focus_rate(Protocol, Value, State, undefined, Time, Opts) when map_size(State) =:= 0 ->
+    calculate_focus_rate(Protocol, Value, #{lastValue => #{}, lastRate => #{}}, undefined, Time, Opts);
+calculate_focus_rate(Protocol, Value, #{lastValue := LValue} = State, undefined, _Time, _Opts) ->
+    {Value, State#{lastValue => LValue#{Protocol => Value}}};
+calculate_focus_rate(Protocol, Value, #{lastValue := LValue, lastRate := LRate} = State, LastTime, Time, Opts) ->
+    ProtLValue = maps:get(Protocol, LValue, #{}),
+    ProtLRate = maps:get(Protocol, LRate, #{}),
+    Paths = path_to_values(Value),
+    {RateValue, NewProtRate} = calculate_protocol_rate(Paths, Value, ProtLValue, ProtLRate, LastTime, Time, Opts),
+    NewState = State#{lastRate => LRate#{Protocol => NewProtRate}, lastValue => LValue#{Protocol => Value}},
+    {add_total_focus_rate(Paths, RateValue), NewState}.
+
+-spec calculate_protocol_rate(list(), map(), map(), map(), term(), term(), map()) -> {map(), map()}.
+calculate_protocol_rate(Paths, Value, ProtLValue, ProtLRate, T1, T2, _Opts) when map_size(ProtLRate) == 0 ->
+    NewRate = 
+        lists:foldl(fun(Path, AccRate) ->
+            V1 = map_get(Path, ProtLValue, 0),
+            V2 = map_get(Path, Value, 0),
+            Rate = calculate_rate(V1, V2, T1, T2),
+            map_put(Path, Rate, AccRate)
+        end, ProtLRate, Paths),
+    {Value, NewRate};
+calculate_protocol_rate(Paths, Value, ProtLValue, ProtLRate, T1, T2, #{exp_factor := Factor}) ->
+    lists:foldl(fun(Path, {V, AccRate}) ->
+        V1 = map_get(Path, ProtLValue, 0),
+        V2 = map_get(Path, V, 0),
+        LRate = map_get(Path, AccRate, 0),
+        Rate = apply_factor(calculate_rate(V1, V2, T1, T2), LRate, Factor),
+        RatePath = focus_rate_path(Path),
+        {map_put(RatePath, round(Rate), V), map_put(Path, Rate, AccRate)}
+    end, {Value, ProtLRate}, Paths).
+
+-spec focus_rate_path(list()) -> list().
+focus_rate_path(Path) ->
+    [R | PathRev] = lists:reverse(Path),
+    RateKey = <<(to_binary(R))/binary, <<"_rate">>/binary >>,
+    lists:reverse([RateKey | PathRev]).
+
+-spec map_get(list(), term(), term()) -> term().
+map_get([], Value, _Default) -> Value;
+map_get([K | Rest], M, Default) when is_map(M) -> map_get(Rest, maps:get(K, M, Default), Default);
+map_get(_, _, Default) -> Default.
+
+-spec map_put(list(), term(), map()) -> map().
+map_put([], Value, _Map) -> Value;
+map_put([K | Rest], Value, Map) ->
+    case Map of
+        #{K := KMap} when is_map(KMap) -> Map#{K => map_put(Rest, Value, KMap)};
+        _ -> Map#{K => map_put(Rest, Value, #{})}
+    end.
+
+-spec add_total_focus_rate(list(), map()) -> map().
+add_total_focus_rate(Paths, #{esme := EsmeMap} = Value) ->
+    TotalRate =
+    lists:foldl(
+        fun([esme | Path], Total) ->
+            LastKey = lists:last(Path),
+            case binary:match(LastKey, <<"resp">>) of
+                nomatch ->
+                    RatePath = focus_rate_path(Path),
+                    Total + map_get(RatePath, EsmeMap, 0);
+                _ -> Total
+            end;
+           (_, Total) -> Total
+        end, 0, Paths),
+    Value#{total_rate => TotalRate};
+add_total_focus_rate(_Paths, Value) -> %% for focus of rest
+    TotalRate =
+    case Value of
+        #{del := #{del := #{<<"collect_rate">> := C}},
+          sub := #{sub := #{<<"submit_sm_rate">> := S}}} -> S + C;
+        #{del := #{del := #{<<"collect_rate">> := C}}} -> C;
+        #{sub := #{sub := #{<<"submit_sm_rate">> := S}}} -> S;
+        _ -> 0
+    end,
+    Value#{total_rate => TotalRate}.
+
+-spec to_binary(term()) -> binary().
+to_binary(Atom) when is_atom(Atom) -> atom_to_binary(Atom, utf8);
+to_binary(List) when is_list(List) -> list_to_binary(List);
+to_binary(Bin) when is_binary(Bin) -> Bin.
+
+-spec check_memory(list(), map()) -> list().
+check_memory(Node, #{free_memory := FreeMemory, total_memory := TotalMemory}) ->
+    MaxMemory = ?MAX_MEMORY_THRESHOLD(Node),
+    UsedMemory = (100 - FreeMemory / TotalMemory * 100),
+    if UsedMemory >= MaxMemory -> erlang:round(UsedMemory);
+       true -> false
+    end;
+check_memory(_, _) -> false.
+
+%% ----- TESTS ------------------------------------------------
+-ifdef(TEST).
+
+-include_lib("eunit/include/eunit.hrl").
+
+apply_factor_test_() -> [
+    ?_assertEqual(10, apply_factor(10, 0, 1)),
+    ?_assertEqual(9.1, apply_factor(10, 1, 0.9)),
+    ?_assertEqual(5.5, apply_factor(6, 5, 0.5))
+].
+
+sync_puller_error_test_() ->
+    Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+    Invalid = {metrics, {invalid_key, undefined}},
+    Key = {dperl_metrics, {job_status, []}},
+    EmptyInfos = {[], undefined},
+    EmptyPrev = {undefined, undefined, #{}, undefined},
+    StartSec = 10,
+    StartMicros = 123456,
+    StartTime = {StartSec, StartMicros},
+    State =  #{pushers => #{}, time => StartTime},
+    EmptyResult = {[], [], State},
+    BasePrev = {undefined, undefined, State, undefined},
+    RefreshTime = {StartSec + ?PUSHER_MAP_CACHE_TIMEOUT + 1, StartMicros},
+    PushersMap = #{
+        "dperlSPullMaster" => puller,
+        "E2SM1" => puller,
+        "MBSN1" => puller,
+        "MBSN1Push" => [<<"MBSN1">>],
+        "MBSN2Push" => [<<"MBSN1">>],
+        "UAMPu" => [<<"UAMP">>]},
+    NewState = #{pushers => PushersMap, time => RefreshTime},
+    RefreshResult = {[], [], NewState},
+    Prev = {undefined, undefined, NewState, undefined},
+    RawPullerInfos = [
+        {"E2SM1", #{state => #{lastAuditTime => [0,0],lastRefreshKey => -1},status => error}},
+        {"MBSN1", #{state => #{lastAuditTime => [0,0],lastRefreshKey => -1},status => error}},
+        {"dperlSPullMaster", #{state =>
+            #{cleanup => #{
+                count => 5,
+                lastAttempt => [1494415670,385774],
+                lastSuccess => [1494415671,47635]
+            }},
+            status => idle}
+        }
+    ],
+    {PullerInfos, _} = dperl_status_pre:preprocess(Key, RawPullerInfos , undefined, node(), Ctx),
+    IdentityResult = {PullerInfos, [], NewState},
+    RawInfos = [
+        {"MBSN1Push", #{state => #{lastAuditTime => [0,0], lastRefreshKey => -1}, status => idle}},
+        {"UAMPu", #{state => #{lastAuditTime => [0,0], lastRefreshKey => -1}, status => idle}}
+    ],
+    {Infos, _} = dperl_status_pre:preprocess(Key, RawInfos, undefined, node(), Ctx),
+    Data = [
+        #{ckey => ["t","t@127","n","MBSN1","n","job_status","MBSN1"],
+            cvalue => <<"{\"status\":\"error\"}">>, chash => <<"h">>},
+        #{ckey => ["t","t@127","n","UAMP","n","job_status","UAMP"],
+            cvalue => <<"{\"status\":\"idle\"}">>, chash => <<"h">>}
+    ],
+    ErrorInfos = [I#{cvalue => V#{status => error}} || #{cvalue := V} = I <- Infos],
+    Result = {[hd(Infos) | tl(ErrorInfos)], [], NewState},
+    {foreach,
+        fun() ->
+            meck:new(imem_meta),
+            meck:new(imem_dal_skvh, [passthrough])
+        end,
+        fun(_) ->
+            meck:unload(imem_meta),
+            meck:unload(imem_dal_skvh)
+        end,
+        [
+            ?_assertException(error, function_clause, sync_puller_error(Invalid, {}, Ctx, {}, #{})),
+            {"Handles empty data",
+            fun() ->
+                meck:expect(imem_meta, transaction, 1, {atomic, #{}}),
+                meck:expect(imem_meta, time, 0, StartTime),
+                ?assertEqual(EmptyResult, sync_puller_error(Key, EmptyInfos, Ctx, EmptyPrev, #{})),
+                ?assert(meck:validate(imem_meta))
+            end},
+            {"Do not refresh before expiration",
+            fun() ->
+                meck:expect(imem_meta, time, 0, StartTime),
+                ?assertEqual(EmptyResult, sync_puller_error(Key, EmptyInfos, Ctx, BasePrev, #{})),
+                ?assert(meck:validate(imem_meta))
+            end},
+            {"Refresh list of pushers after expiration",
+            fun() ->
+                meck:expect(imem_meta, time, 0, RefreshTime),
+                meck:expect(imem_meta, transaction, 1, {atomic, PushersMap}),
+                ?assertEqual(RefreshResult, sync_puller_error(Key, EmptyInfos, Ctx, BasePrev, #{})),
+                ?assert(meck:validate(imem_meta))
+            end},
+            {"Should return same input if there are no pushers in the data",
+            fun() ->
+                meck:expect(imem_meta, time, 0, RefreshTime),
+                ?assertEqual(IdentityResult, sync_puller_error(Key, {PullerInfos, undefined}, Ctx, Prev, #{})),
+                ?assert(meck:validate(imem_meta))
+            end},
+            {"Should update the state of the pusher on error",
+            fun() ->
+                meck:expect(imem_meta, time, 0, RefreshTime),
+                meck:expect(imem_dal_skvh, read_deep, 3, Data),
+                ?assertEqual(Result, sync_puller_error(Key, {Infos, undefined}, Ctx, Prev, #{})),
+                ?assert(meck:validate(imem_meta)),
+                ?assert(meck:validate(imem_dal_skvh))
+            end}
+        ]
+    }.
+
+check_nodes_test_() ->
+    Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+    ErlangKey = {imem_metrics,erlang_nodes},
+    DataKey = {imem_metrics, data_nodes},
+    EmptyInfos = {[], undefined},
+    EmptyPrev = {undefined, undefined, undefined, undefined},
+    EmptyResult = {[], [], undefined},
+    RawErlangInfos = #{nodes => ['dperl1@127.0.0.1'], required_nodes => ['dperl1@127.0.0.1',dperl_missing@127]},
+    {ErlangInfos, _} = dperl_status_pre:preprocess(ErlangKey, RawErlangInfos, undefined, 'dperl1@127.0.0.1', Ctx),
+    ErlangResultRows = [
+        #{ckey => ["TEST","system_info","dperl1@127.0.0.1","error","erlang_nodes"],
+          cvalue => #{error => <<"Missing nodes [dperl_missing@127]">>}}
+    ],
+    ErlangResult = {[], ErlangResultRows, undefined},
+    RawDataInfos = #{data_nodes => [#{node => 'dperl1@127.0.0.1',schema => dperl}],
+        required_nodes => ['dperl1@127.0.0.1',dperl_missing@127]},
+    {DataInfos, _} = dperl_status_pre:preprocess(DataKey, RawDataInfos, undefined, 'dperl1@127.0.0.1', Ctx),
+    DataResultRows = [
+        #{ckey => ["TEST","system_info","dperl1@127.0.0.1","error","data_nodes"],
+          cvalue => #{error => <<"Missing nodes [dperl_missing@127]">>}}
+    ],
+    DataResult = {[], DataResultRows, undefined},
+    {foreach,
+        fun() ->
+            ok
+        end,
+        fun(_) ->
+            ok
+        end,
+        [
+            {"Should handle empty erlang nodes",
+            fun() ->
+                ?assertEqual(EmptyResult, check_nodes(ErlangKey, EmptyInfos, Ctx, EmptyPrev, #{}))
+            end},
+            {"Should handle empty data nodes",
+            fun() ->
+                ?assertEqual(EmptyResult, check_nodes(DataKey, EmptyInfos, Ctx, EmptyPrev, #{}))
+            end},
+            {"Should report erlang node errors",
+            fun() ->
+                ?assertEqual(ErlangResult, check_nodes(ErlangKey, {ErlangInfos, undefined}, Ctx, EmptyPrev, #{}))
+            end},
+            {"Should report data node errors",
+            fun() ->
+                ?assertEqual(DataResult, check_nodes(DataKey, {DataInfos, undefined}, Ctx, EmptyPrev, #{}))
+            end}
+        ]
+    }.
+
+merge_node_errors_test_() ->
+    Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+    Key = {dperl_metrics, {agr, node_error, []}},
+    EmptyInfos = {[#{cvalue => #{}}], undefined},
+    EmptyPrev = {undefined, undefined, undefined, undefined},
+    EmptyResult = {[], [], undefined},
+    {foreach,
+        fun() ->
+            ok
+        end,
+        fun(_) ->
+            ok
+        end,
+        [
+            {"Handles empty data",
+            fun() ->
+                ?assertEqual(EmptyResult, merge_node_errors(Key, EmptyInfos, Ctx, EmptyPrev, #{}))
+            end}
+        ]
+    }.
+
+check_memory_on_nodes_test_() ->
+    Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+    Key = {dperl_metrics, {agr, node_memory, []}},
+    EmptyInfos = {[#{cvalue => #{}}], undefined},
+    EmptyPrev = {undefined, undefined, undefined, undefined},
+    EmptyResult = {[], [], undefined},
+    {foreach,
+        fun() ->
+            ok
+        end,
+        fun(_) ->
+            ok
+        end,
+        [
+            {"Handles empty data",
+            fun() ->
+                ?assertEqual(EmptyResult, check_memory_on_nodes(Key, EmptyInfos, Ctx, EmptyPrev, #{}))
+            end}
+        ]
+    }.
+
+% check_heartbeats_test_() ->
+%     Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+%     Key = {dperl_metrics, {agr, heartbeat, []}},
+%     EmptyInfos = {[#{cvalue => #{}}], undefined},
+%     EmptyPrev = {undefined, undefined, undefined, undefined},
+%     EmptyResult = {[], [], undefined},
+%     {foreach,
+%         fun() ->
+%             ok
+%         end,
+%         fun(_) ->
+%             ok
+%         end,
+%         [
+%             {"Handles empty data",
+%             fun() ->
+%                 ?assertEqual(EmptyResult, check_heartbeats(Key, EmptyInfos, Ctx, EmptyPrev, #{}))
+%             end}
+%         ]
+%     }.
+
+%{AggrRound, AggrPrecise, AggrState, LastTime} = LastAgrInfo
+focus_requests_rate_test_() ->
+    Ctx = #context{channel = <<"TEST">>, name = <<"TESTCOLLECTOR">>},
+    Key = {mpro_metrics, {focus, "shortid", "1234"}},
+    EmptyInfos = {[], undefined},
+    EmptyPrev = {undefined, undefined, undefined, undefined},
+    EmptyResult = {[], [], undefined},
+    Focus = #{smpp => #{esme => #{downstream => #{<<"call_input_01">> => 8333}}}},
+    FirstResultData = [#{
+        ckey => ["TEST","focus","dperl1@127.0.0.1",["shortid","1234"],"smpp"],
+        cvalue => #{esme => #{downstream => #{<<"call_input_01">> => 8333}}}
+    }],
+    FirstNewState = #{
+        lastValue => #{"smpp" => #{esme => #{downstream => #{<<"call_input_01">> => 8333}}}},
+        lastRate => #{}
+    },
+    FirstPrev = {undefined, undefined, #{}, undefined},
+    FirstResult = {FirstResultData, [], FirstNewState},
+    {FocusInfos, _} = dperl_status_pre:preprocess(Key, Focus, {}, 'dperl1@127.0.0.1', Ctx),
+    FocusResultData = [#{
+        ckey => ["TEST","focus","dperl1@127.0.0.1",["shortid","1234"],"smpp"],
+        cvalue => #{esme => #{downstream => #{<<"call_input_01">> => 8333,
+            <<"call_input_01_rate">> => 20}}, total_rate => 20}
+    }],
+    State = #{
+        lastValue => #{"smpp" => #{esme => #{downstream => #{<<"call_input_01">> => 8293}}}},
+        lastRate => #{"smpp" => #{esme => #{downstream => #{<<"call_input_01">> => 0}}}}
+    },
+    StartTime = {0, 0},
+    UpdatedTime1 = {2, 0}, % Test after 2 seconds.
+    Prev = {undefined, undefined, State, StartTime},
+    NewState = #{
+        lastValue => #{"smpp" => #{esme => #{downstream => #{<<"call_input_01">> => 8333}}}},
+        lastRate => #{"smpp" => #{esme => #{downstream => #{<<"call_input_01">> => 20.0}}}}
+    },
+    FocusResult = {FocusResultData, [], NewState},
+    {foreach,
+        fun() ->
+            ok
+        end,
+        fun(_) ->
+            ok
+        end,
+        [
+            {"Handles empty data",
+            fun() ->
+                ?assertEqual(EmptyResult, focus_requests_rate(Key, EmptyInfos, Ctx, EmptyPrev, #{}))
+            end},
+            {"Sets the state on first call",
+            fun() ->
+                ?assertEqual(FirstResult, focus_requests_rate(Key, {FocusInfos, StartTime}, Ctx, FirstPrev, #{}))
+            end},
+            {"Correctly calculate rates",
+            fun() ->
+                ?assertEqual(FocusResult, focus_requests_rate(Key, {FocusInfos, UpdatedTime1}, Ctx, Prev, #{}))
+            end}
+        ]
+    }.
+
+path_to_values_test_() ->
+    Input = #{
+        a => #{b => 5, d => #{ e => 6, f => 7 }},
+        c => 6
+    },
+    Result = [[a, b], [a, d, e], [a, d, f], [c]],
+    ?_assertEqual(Result, path_to_values(Input)).
+
+map_put_test_() ->
+    {foreach,
+        fun() ->
+            ok
+        end,
+        fun(_) ->
+            ok
+        end,
+        [
+            {"Set value on empty map",
+            fun() ->
+                Input = #{},
+                Path = [a, b, c],
+                Value = 3,
+                Result = #{a => #{b => #{c => 3}}},
+                ?assertEqual(Result, map_put(Path, Value, Input))
+            end},
+            {"Replace existing value",
+            fun() ->
+                Input = #{a => #{c => 3, d => 4}, b => 4},
+                Path1 = [a, c],
+                Path2 = [a, d],
+                Value = 5,
+                Result1 = #{a => #{c => 5, d => 4}, b => 4},
+                Result2 = #{a => #{c => 3, d => 5}, b => 4},
+                ?assertEqual(Result1, map_put(Path1, Value, Input)),
+                ?assertEqual(Result2, map_put(Path2, Value, Input))
+            end},
+            {"Replace existing branch by value",
+            fun() ->
+                Input = #{a => #{c => #{e => 1}, d => 4}, b => 3},
+                Path = [a, c],
+                Value = 5,
+                Result = #{a => #{c => 5, d => 4}, b => 3},
+                ?assertEqual(Result, map_put(Path, Value, Input))
+            end},
+            {"Replace existing value by new branch",
+            fun() ->
+                Input = #{a => #{c => 5, d => 4}, b => 3},
+                Path = [a, c, e],
+                Value = 1,
+                Result = #{a => #{c => #{e => 1}, d => 4}, b => 3},
+                ?assertEqual(Result, map_put(Path, Value, Input))
+            end}
+        ]
+    }.
+
+
+-endif.
diff --git a/src/dperl_status_pre.erl b/src/dperl_status_pre.erl
new file mode 100644
index 00000000..939ee47a
--- /dev/null
+++ b/src/dperl_status_pre.erl
@@ -0,0 +1,100 @@
+-module(dperl_status_pre).
+
+-include("dperl_status.hrl").
+
+-export([preprocess/5]).
+
+preprocess(MetricKey, Value, Timestamp, Node, Ctx) ->
+    try preprocess_internal(MetricKey, Value, Timestamp, Node, Ctx)
+    catch
+        Error:Exception ->
+            ?Error("Unable to format the Metric ~p : ~p, error ~p:~p ~p", [MetricKey, Value, Error, Exception, erlang:get_stacktrace()]),
+            {[], Ctx}
+    end.
+
+preprocess_internal(heartbeat, Value, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "heartbeat"],
+               cvalue => Value},
+    {[Metric], Ctx};
+preprocess_internal({imem_metrics, erlang_nodes}, NodeInfo,  _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "erlang_nodes"],
+               cvalue => NodeInfo},
+    {[Metric], Ctx};
+preprocess_internal({imem_metrics, data_nodes}, DNodeInfo,  _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "data_nodes"],
+               cvalue => DNodeInfo},
+    {[Metric], Ctx};
+preprocess_internal({imem_metrics, system_information}, NodeStatus, _Timestamp, Node, #context{channel = Channel} = Ctx) -> 
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "node_status"],
+               cvalue => NodeStatus},
+    {[Metric], Ctx};
+preprocess_internal({dperl_metrics, {job_down_count, _}}, JobDownCount, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "job_down_count"],
+               cvalue => #{job_down_count => JobDownCount}},
+    {[Metric], Ctx};
+preprocess_internal({dperl_metrics, {job_error_count, _}}, JobErrorCount, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), "system_info", atom_to_list(Node), "system_info", "job_error_count"],
+               cvalue => #{job_error_count => JobErrorCount}},
+    {[Metric], Ctx};
+preprocess_internal({dperl_metrics, {jobs, _}}, JobInfos, _Timestamp, _Node, #context{channel = Channel} = Ctx) ->
+    Metrics = lists:foldl(
+        fun({Job, Value}, Acc) ->
+            Key = [binary_to_list(Channel), Job, "cluster", "jobs", Job],
+            [#{ckey => Key, cvalue => Value} | Acc]
+        end, [], JobInfos),
+    {Metrics, Ctx};
+preprocess_internal({dperl_metrics, {job_status, _}}, JobStatuses, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metrics = lists:foldl(
+        fun({Job, Value}, Acc) ->
+            Key = [binary_to_list(Channel), Job, atom_to_list(Node), "job_status", Job],
+            [#{ckey => Key, cvalue => Value} | Acc]
+        end, [], JobStatuses),
+    {Metrics, Ctx};
+preprocess_internal({dperl_metrics, {errors, _}}, JobStatuses, _Timestamp, _Node, #context{channel = Channel} = Ctx) ->
+    Metrics = lists:foldl(
+        fun({[Job, Node], Value}, Acc) ->
+            Key = [binary_to_list(Channel), Job, Node, "error", Job],
+            [#{ckey => Key, cvalue => Value} | Acc];
+           ({[Job, Node, ErrorId], Value}, Acc) ->
+            ErrorId1 = case io_lib:printable_list(ErrorId) of
+                true -> ErrorId;
+                false -> format(ErrorId)
+            end,
+            Key = [binary_to_list(Channel), Job, Node, "error", ErrorId1],
+            [#{ckey => Key, cvalue => Value} | Acc]
+        end, [], JobStatuses),
+    {Metrics, Ctx};
+preprocess_internal({dperl_metrics, {focus,_,_}}, OrigValues, _Timestamp, _Node, #context{channel = Channel} = Ctx) ->
+    FocusMetrics =
+        [F#{ckey => [binary_to_list(Channel) | CKey]} ||
+             #{ckey := CKey} = F <- OrigValues],
+    {FocusMetrics, Ctx};
+preprocess_internal({dperl_metrics, {agr, AgrMetric, _, _}}, AgrData, _Timestamp, _Node, #context{} = Ctx) -> 
+    Metric = #{ckey => [AgrMetric], cvalue => AgrData},
+    {[Metric], Ctx};
+%% mpro Metrics
+preprocess_internal({mpro_metrics, run_levels}, RunLevels, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    {maps:fold(
+        fun(Protocol, RunLevel, Acc) -> 
+            Metric = #{ckey => [binary_to_list(Channel), atom_to_list(Protocol), atom_to_list(Node), "run_level", ""],
+                       cvalue => #{run_level => RunLevel}},
+            [Metric | Acc]
+        end, [], RunLevels), Ctx};
+preprocess_internal({mpro_metrics, {focus, Topic, FocusKey}}, FocusMetrics, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    {maps:fold(
+        fun(Protocol, FocusMetric, Acc) ->
+            Metric = #{ckey => [binary_to_list(Channel), "focus", atom_to_list(Node), [Topic, FocusKey], atom_to_list(Protocol)],
+                       cvalue => FocusMetric},
+            [Metric | Acc]
+        end, [], FocusMetrics), Ctx};
+preprocess_internal({mpro_metrics, {MetricKey, Protocol}}, Value, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), atom_to_list(Protocol), atom_to_list(Node), atom_to_list(MetricKey), ""],
+               cvalue => #{MetricKey => Value}},
+    {[Metric], Ctx};
+preprocess_internal({MetricMod, MetricKey}, Value, _Timestamp, Node, #context{channel = Channel} = Ctx) ->
+    Metric = #{ckey => [binary_to_list(Channel), atom_to_list(MetricMod), atom_to_list(Node), format(MetricKey), ""],
+               cvalue => Value},
+    {[Metric], Ctx}.
+
+format(Key) ->
+    lists:flatten(io_lib:format("~p", [Key])).
diff --git a/src/dperl_status_pull.erl b/src/dperl_status_pull.erl
new file mode 100644
index 00000000..eca12c91
--- /dev/null
+++ b/src/dperl_status_pull.erl
@@ -0,0 +1,517 @@
+-module(dperl_status_pull).
+
+-include("dperl_status.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2, get_status/1, init_state/1]).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
+         insert_dst/3, update_dst/3, report_status/3]).
+
+% Converting pid from string to local pid, required for rpc registration checks.
+-export([is_process_alive/1]).
+
+connect_check_src(#context{connection = Conn} = Ctx) when map_size(Conn) == 0 -> {ok, Ctx};
+connect_check_src(#context{connection = #{credential := #{user := User, password := Password}, links := Links},
+                           active_link = ActiveLink, imem_sess = OldSession} = Ctx) ->
+    #{schema := Schema} = lists:nth(ActiveLink, Links),
+    case catch OldSession:run_cmd(schema, []) of
+        Schema -> {ok, Ctx};
+        _ ->
+            catch OldSession:close(),
+            case dperl_dal:connect_imem_link(ActiveLink, Links, User, Password) of
+                {ok, Session, _Pid} -> {ok, Ctx#context{imem_sess = Session}};
+                {Error, NewActiveLink} ->
+                    ?JError("Error connecting to remote : ~p", [Error]),
+                    {error, Error, Ctx#context{active_link = NewActiveLink, imem_sess = undefined, target_node = undefined}}
+            end
+    end.
+
+connect_check_dst(Ctx) -> {ok, Ctx}.
+
+do_cleanup(#context{channel = Channel, aggr_channel = AggrChannel,
+                    name = JobName, stale_time = StaleTime} = State, _BulkSize) ->
+    FocusReg = clean_stale_registrations(Channel, JobName),
+    clean_stale_rows(Channel, FocusReg, StaleTime, State#context.debug),
+    clean_stale_rows(AggrChannel, FocusReg, StaleTime, State#context.debug),    
+    {ok, finish, State}.
+
+do_refresh(_, _) -> error(sync_only_job).
+
+get_source_events(#context{is_loaded = true} = Ctx, _BulkSize) ->
+    {ok, sync_complete, Ctx#context{ is_loaded = false }};
+get_source_events(#context{metrics = Metrics, focus = Focus, channel = Channel, requested_metrics = NotResponded,
+                            sync_cnt = SyncCnt, imem_sess = Session} = Ctx, _BulkSize) ->
+    if Ctx#context.debug == none -> no_op;
+       true ->
+        ?JInfo("Metrics requested : ~p Metrics received : ~p", [Ctx#context.requested_cnt, Ctx#context.received_cnt])
+    end,
+    {RequestedMetrics, RquestedCnt} = request_metrics(Metrics, Ctx, Session, SyncCnt, NotResponded),
+    {NewReqMetrics, FocusRequestCnt} =
+    case maps:size(Focus) of
+        0 -> {RequestedMetrics, 0};
+        _ ->
+            Registrations = get_focus_registrations(Channel),
+            request_focus_metrics(Registrations, Focus, Session, SyncCnt, RequestedMetrics)
+    end,
+    % on error in jobDyn table for jobs with only sync enabled, error status is not 
+    % cleared as the state is empty issue #476
+    if 
+        Ctx#context.sync_only -> 
+            dperl_dal:update_job_dyn(list_to_binary(Ctx#context.name), idle);
+        true -> no_op
+    end,
+    {ok, sync_complete, Ctx#context{requested_cnt = RquestedCnt + FocusRequestCnt, received_cnt = 0,
+        sync_cnt = SyncCnt + 1, requested_metrics = NewReqMetrics, is_loaded = true}}.
+
+fetch_src(_Key, _State) -> ?NOT_FOUND.
+
+fetch_dst(_Key, _State) -> ?NOT_FOUND.
+
+delete_dst(_Key, State) -> {false, State}.
+
+insert_dst(_Key, _Val, State) -> {false, State}.
+
+update_dst(_Key, _Val, State) -> {false, State}.
+
+report_status(_Key, _, _State) -> no_op.
+
+get_status(_Ctx) -> #{}.
+
+init_state(_Ignored) -> #context{}.
+
+init({#dperlJob{name=NameBin, dstArgs=#{channel := Channel}, args=Args, srcArgs=SrcArgs}, Ctx}) ->
+    ChannelBin = list_to_binary(Channel),
+    AggrChannel = <<ChannelBin/binary, ?AGGR/binary>>,
+    Metrics = add_channel_to_agr_metrics(maps:get(metrics, SrcArgs, []), ChannelBin, []),
+    Focus = maps:get(focus, SrcArgs, #{}),
+    HeartBeatInterval = maps:get(heartBeatInterval, Args, 10000),
+    Aggregators = fetch_aggregators(Metrics, #{focus => fetch_aggregators(Focus)}),
+    TableOpts = maps:get(tableOpts, Args, []),
+    NodeCollector = maps:get(node_collector, SrcArgs, undefined),
+    Connection = sort_links(maps:get(connection, SrcArgs, #{})),
+    Name = binary_to_list(NameBin),
+    Debug = maps:get(debug, Args, none),
+    SyncOnly = case Args of 
+        #{cleanup := false, refresh := false} -> true;
+        _ -> false
+    end,
+    case is_safe_funs(lists:flatten(maps:values(Aggregators))) of
+        true ->
+            StaleTime = ?STALE_TIME(?MODULE, NameBin),
+            ets:new(?METRICS_TAB(Name), [public, named_table, {keypos,2}]),
+            imem_dal_skvh:create_check_channel(ChannelBin, TableOpts),
+            imem_dal_skvh:create_check_channel(AggrChannel, [{type, map}]),
+            imem_snap:exclude_table_pattern(Channel),
+            ?JInfo("Cleaning up before start"),
+            NodeList = atom_to_list(node()),
+            dperl_dal:remove_deep(ChannelBin, [Name, NodeList]),
+            dperl_dal:remove_deep(AggrChannel, [Name, NodeList]),
+            ?JInfo("Starting"),
+            self() ! heartbeat,
+            {ok, Ctx#context{name=Name, channel = ChannelBin, metrics = Metrics, focus = Focus,
+                             heart_interval = HeartBeatInterval, aggregators = Aggregators,
+                             node_collector = NodeCollector, aggr_channel = AggrChannel,
+                             stale_time = StaleTime, debug = Debug, connection = Connection,
+                             sync_only = SyncOnly}};
+        false ->
+            ?JError("One or more of the aggregator funs are not safe to be executed"),
+            {stop, not_safe_aggr_funs}
+    end;
+init({Args, _}) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, Ctx) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, Ctx}.
+
+handle_cast(Request, Ctx) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, Ctx}.
+
+handle_info({metric, ReqRef, _, _, _} = Response, #context{requested_metrics = RMs} = Ctx) ->
+    NewCtx =
+    case maps:get(ReqRef, RMs, none) of
+        none -> process_metric(Response, Ctx);
+        _ -> process_metric(Response, Ctx#context{requested_metrics = maps:remove(ReqRef, RMs)})
+    end,
+    {noreply, NewCtx};
+handle_info(heartbeat, #context{target_node = undefined, heart_interval = HInt} = Ctx) ->
+    erlang:send_after(HInt, self(), heartbeat),
+    {noreply, Ctx};
+handle_info(heartbeat, #context{channel = Channel, name = Name, heart_interval = HInt,
+                                aggr_channel = AggrChannel, target_node = TNode,
+                                requested_metrics = RequestedMetrics} = Ctx) ->
+    #context{
+        success_cnt = SuccessCnt,
+        mem_overload_cnt = MemOverloadCnt,
+        cpu_overload_cnt = CpuOverloadCnt,
+        eval_suspend_cnt = EvalCrashCnt,
+        errors = Errors
+    } = Ctx,
+    Value = #{
+        time => erlang:system_time(milli_seconds),
+        success_count => SuccessCnt,
+        memory_overload_count => MemOverloadCnt,
+        cpu_overload_count => CpuOverloadCnt,
+        eval_crash_count => EvalCrashCnt,
+        errors => Errors
+    },
+    {HeartbeatInfo, NewCtx} = dperl_status_pre:preprocess(heartbeat, Value, imem_meta:time(), TNode, Ctx),
+    provision(Name, AggrChannel, HeartbeatInfo, false),            %% writing to aggr table
+    provision(Name, Channel, HeartbeatInfo, true),
+    RMetrics = filter_not_responded_metrics(Name, RequestedMetrics),
+    erlang:send_after(HInt, self(), heartbeat),
+    {noreply, NewCtx#context{success_cnt = 0, mem_overload_cnt = 0, errors = [],
+                             cpu_overload_cnt = 0, eval_suspend_cnt = 0,
+                             requested_metrics = RMetrics}};
+handle_info(Request, Ctx) ->
+    ?JWarn("handle_info ~p", [Request]),
+    {noreply, Ctx}.
+
+terminate(Reason, #context{channel=Channel, name=Name, aggr_channel = AggrChannel}) ->
+    NodeList = atom_to_list(node()),
+    dperl_dal:remove_deep(Channel, [Name, NodeList]),
+    dperl_dal:remove_deep(AggrChannel, [Name, NodeList]),
+    ?JInfo("terminate ~p", [Reason]).
+
+code_change(OldVsn, Ctx, Extra) ->
+    ?JInfo("code_change ~p:~n~p", [OldVsn, Extra]),
+    {ok, Ctx}.
+
+format_status(Opt, [PDict, Ctx]) ->
+    ?JInfo("format_status ~p:~n~p", [Opt, PDict]),
+    Ctx.
+
+process_metric({metric, ReqRef, _Timestamp, _Node, {error, user_input}}, #context{} = Ctx) ->
+    ?JError("User Input error when requesting metric ~p", [ReqRef]),
+    Ctx;
+process_metric({metric, ReqRef, _Timestamp, Node, {error, Error}}, #context{errors = Errors, target_node = TNode} = Ctx) ->
+    ?JError("Error ~p when requesting metric ~p", [Error, ReqRef]),
+    MetricBin = imem_datatype:term_to_io(ReqRef),
+    ErrorBin = imem_datatype:term_to_io(Error),
+    Ctx#context{errors = [#{metricKey => MetricBin, error => ErrorBin} | Errors],
+                          target_node = get_target_node(Node, TNode)};
+process_metric({metric, ReqRef, _Timestamp, Node, cpu_overload}, #context{cpu_overload_cnt = CpuOverloadCnt, target_node = TNode} = Ctx) ->
+    ?JWarn("Unable to get metric ~p as server is on cpu overload", [ReqRef]),
+    Ctx#context{cpu_overload_cnt = CpuOverloadCnt + 1, target_node = get_target_node(Node, TNode)};
+process_metric({metric, ReqRef, _Timestamp, Node, memory_overload}, #context{mem_overload_cnt = MemOverloadCnt, target_node = TNode} = Ctx) ->
+    ?JWarn("Unable to get metric ~p as server is on memory overload", [ReqRef]),
+    Ctx#context{mem_overload_cnt = MemOverloadCnt + 1, target_node = get_target_node(Node, TNode)};
+process_metric({metric, ReqRef, _Timestamp, Node, eval_crash_suspend}, #context{eval_suspend_cnt = EvalCrashCnt,
+                                                                              target_node = TNode} = Ctx) ->
+    ?JWarn("Unable to get metric ~p as server is on eval crash suspend state", [ReqRef]),
+    Ctx#context{eval_suspend_cnt = EvalCrashCnt + 1, target_node = get_target_node(Node, TNode)};
+process_metric({metric, MetricReqKey, Timestamp, Node, OrigMetrics}, #context{channel = Channel, name = Name, 
+            received_cnt = ReceivedCnt, success_cnt = SuccessCnt, aggregators = Aggrs,
+            aggr_channel = AggrChannel, target_node = TNode} = Ctx) ->
+    %% Append the channel to the key...
+    {Metrics, PreCtx} = dperl_status_pre:preprocess(MetricReqKey, OrigMetrics, Timestamp, Node, Ctx),
+    {AggrMetrics, AgrPrecise} = process_aggregators(Aggrs, PreCtx, MetricReqKey, Metrics, Timestamp),
+    Writes = provision(Name, Channel, AggrMetrics, true),
+    provision(Name, AggrChannel, AgrPrecise, false),             %% writing to aggr table
+    if Ctx#context.debug == detail ->
+        ?JInfo("Metric : ~p received : ~p written : ~p", [MetricReqKey, length(Metrics), Writes]);
+       true -> no_op
+    end,
+    PreCtx#context{received_cnt = ReceivedCnt + 1, success_cnt = SuccessCnt + 1, 
+                             target_node = get_target_node(Node, TNode)}.
+
+process_aggregators(Aggregators, Ctx, {_, {focus, _, _}} = FocusKey, Metrics, Time) ->
+    FocusAgggregators = maps:get(focus, Aggregators, []),
+    process_aggregators(FocusAgggregators, Ctx, FocusKey, Metrics, Time, {[], []});
+process_aggregators(Aggregators, Ctx, MetricKey, Metrics, Time) ->
+    MetricAggregators = maps:get(MetricKey, Aggregators, []),
+    process_aggregators(MetricAggregators, Ctx, MetricKey, Metrics, Time, {[], []}).
+
+process_aggregators([], _Ctx, _MetricKey, _Metrics, _Time, Acc) -> Acc;
+process_aggregators([{AgrMod, AgrFun, Opts} | RestAggregators], #context{name = Name, aggr_channel = AggrChannel, channel = Channel} = Ctx, 
+                    MetricKey, Metrics, Time, {AggRAcc, AggPAcc} = Acc) ->
+    EtsKey = {MetricKey, AgrMod, AgrFun},
+    %{AggrRound, AggrPrecise, AggrState, LastTime} = LastAgrInfo
+    {LastAggRound, LastAggPrecise, _, _} = LastAgrInfo = 
+    case ets:lookup(?METRICS_TAB(Name), EtsKey) of
+        [#dperl_metrics{agg_round = AR, agg_precise = AP, state = AS, time = LTime}] ->
+            {AR, AP, AS, LTime};
+        [] -> {[], [], #{}, undefined}
+    end,
+    NewAcc =
+    case catch erlang:apply(AgrMod, AgrFun, [MetricKey, {Metrics, Time}, Ctx, LastAgrInfo, Opts]) of
+        {AggMetrics, AggPrecise, AggState} when is_list(AggMetrics) ->
+            remove_old_keys(Name, Channel, AggMetrics, LastAggRound),          %% removing from the main table
+            remove_old_keys(Name, AggrChannel, AggPrecise, LastAggPrecise),      %% removing from the aggr table
+            ets:insert(?METRICS_TAB(Name), #dperl_metrics{key = EtsKey, 
+                                                         agg_round = AggMetrics,
+                                                         agg_precise = AggPrecise,
+                                                         state = AggState,
+                                                         time = Time}),
+            {AggRAcc ++ AggMetrics, AggPAcc ++ AggPrecise};
+        Error ->
+            ?JError("Aggregation error for ~p:~p Error : ~p", [AgrMod, AgrFun, Error]),
+            Acc
+    end,
+    process_aggregators(RestAggregators, Ctx, MetricKey, Metrics, Time, NewAcc).
+
+provision(Name, Channel, Infos, ShouldEncode) ->
+    provision(Name, Channel, Infos, ShouldEncode, 0).
+
+provision(_Name, _Channel, [], _ShouldEncode, Writes) -> Writes;
+provision(Name, Channel, [#{ckey := OrigKey, cvalue := Value} | Infos], ShouldEncode, Writes) ->
+    Key = [Name, atom_to_list(node()) | OrigKey],
+    case dperl_dal:write_if_different(Channel, Key, ensure_json_encoded(Value, ShouldEncode)) of
+        no_op -> provision(Name, Channel, Infos, ShouldEncode, Writes);
+        _ -> provision(Name, Channel, Infos, ShouldEncode, Writes + 1)
+    end.
+
+ensure_json_encoded(Value, false) -> Value;
+ensure_json_encoded(Value, true) when is_binary(Value) -> Value;
+ensure_json_encoded(Value, true) -> imem_json:encode(Value).
+
+%%TODO: This should take into account the already requested metrics with no response yet.
+request_metrics(Metrics, Context, Session, SyncCnt, NotResponded) when is_map(NotResponded)->
+    request_metrics(Metrics, Context, Session, SyncCnt, {NotResponded, 0});
+request_metrics([], _Context, _Session, _SyncCnt, Acc) -> Acc;
+request_metrics([#{key := {agr, AgrMetric, []}} = Metric | Rest], Context, Session, SyncCnt, Acc) ->
+    MetricKey = {agr, AgrMetric, Context#context.channel},
+    request_metrics([Metric#{key => MetricKey} | Rest], Context, Session, SyncCnt, Acc);
+request_metrics([Metric | Rest], Context, Session, SyncCnt, {RMetrics, _} = Acc) ->
+    ReqResult = request_metric(Metric, Session, SyncCnt, RMetrics),
+    request_metrics(Rest, Context, Session, SyncCnt, acc_if_ok(ReqResult, Acc)).
+
+-spec request_metric(map(), term(), integer(), map()) -> ok | error | posponed.
+request_metric(#{key := MetricKey, metric_src := Mod} = Metric, Session, SyncCnt, RMetrics) ->
+    Frequency = maps:get(frequency, Metric, 1),
+    case is_time_to_run(Frequency, {Mod, MetricKey}, SyncCnt, RMetrics) of
+        true -> request_metric(Metric, Session);
+        false -> posponed
+    end;
+request_metric(Metric, _Session, _SyncCnt, _RMetrics) ->
+    ?JError("Metrics not in the correct format : ~p", [Metric]),
+    error.
+
+-spec request_metric(map(), term()) -> ok | error.
+request_metric(#{location := local, metric_src := Mod, key := MetricKey}, _Session) ->
+    ok = imem_gen_metrics:request_metric(Mod, MetricKey, {Mod, MetricKey}, self()),
+    {ok, {Mod, MetricKey}};
+request_metric(#{location := remote, metric_src := Mod, key := MetricKey}, Session) ->
+    ok = Session:run_cmd(request_metric, [Mod, MetricKey, {Mod, MetricKey}]),
+    {ok, {Mod, MetricKey}};
+request_metric(Metric, _Session) ->
+    ?JError("Metrics not in the correct format : ~p", [Metric]),
+    error.
+
+-spec acc_if_ok(term(), tuple()) -> tuple().
+acc_if_ok({ok, Ref}, {RMetrics, Count}) ->
+    {RMetrics#{Ref => imem_meta:time()}, Count + 1};
+acc_if_ok(_, Acc) -> Acc.
+
+get_focus_registrations(Channel) ->
+    BaseKey = ["register", "focus"],
+    imem_dal_skvh:read_shallow(system, Channel, [BaseKey]).
+
+request_focus_metrics(Registrations, Focus, Session, SyncCnt, RequestedMetrics) when is_map(RequestedMetrics) ->
+    request_focus_metrics(Registrations, Focus, Session, SyncCnt, {RequestedMetrics, 0});
+request_focus_metrics([], _Focus, _Session, _SyncCnt, Acc) -> Acc;
+request_focus_metrics([#{cvalue := CValue} | Registrations], Focus, Session, SyncCnt, Acc) ->
+    KeyTopicsList = imem_json:decode(CValue),
+    NewAcc = request_focus_metrics_internal(KeyTopicsList, Focus, Session, SyncCnt, Acc),
+    request_focus_metrics(Registrations, Focus, Session, SyncCnt, NewAcc).
+
+-spec request_focus_metrics_internal(list(), map(), term(), integer(), tuple()) -> tuple().
+request_focus_metrics_internal([], _, _, _, Acc) -> Acc;
+request_focus_metrics_internal([[Topic, Key] | Rest], Focus, Session, SyncCnt, {RMetrics, _} = Acc) ->
+    case maps:is_key(Topic, Focus) of
+        true ->
+            Metric = maps:get(Topic, Focus),
+            MetricKey = {focus, binary_to_list(Topic), binary_to_list(Key)},
+            ReqResult = request_metric(Metric#{key => MetricKey}, Session, SyncCnt, RMetrics),
+            request_focus_metrics_internal(Rest, Focus, Session, SyncCnt, acc_if_ok(ReqResult, Acc));
+        false ->
+            request_focus_metrics_internal(Rest, Focus, Session, SyncCnt, Acc)
+    end.
+
+clean_stale_rows(Channel, FocusReg, StaleTime, Debug) ->
+    TableName = imem_dal_skvh:atom_table_name(Channel),
+    CleanFun = fun() ->
+        FirstKey = imem_meta:first(TableName),
+        clean_stale_rows(TableName, FirstKey, StaleTime, #{}, FocusReg, Debug, 0)
+    end,
+    case imem_meta:transaction(CleanFun) of
+        {atomic, ok} -> ok;
+        ErrorResult ->
+            ?JError("Error cleaning stale rows, result: ~p", [ErrorResult])
+    end.
+
+clean_stale_rows(_TableName, '$end_of_table', _StaleTime, _Heartbeats, _FocusReg, _Debug, 0) -> ok;
+clean_stale_rows(_TableName, '$end_of_table', _StaleTime, _Heartbeats, _FocusReg, none, _Count) -> ok;
+clean_stale_rows(_TableName, '$end_of_table', _StaleTime, _Heartbeats, _FocusReg, _Debug, Count) ->
+    ?JInfo("clean up deleted ~p rows", [Count]);
+clean_stale_rows(TableName, NextKey, StaleTime, Heartbeats, FocusReg, Debug, Count) ->
+    [RawRow] = imem_meta:read(TableName, NextKey),
+    #{ckey := CKey} = imem_dal_skvh:skvh_rec_to_map(RawRow),
+    {NHeartMap, NCount} = case CKey of
+        [Cid, Node, Platform, "focus", _TNode, FocusId, _FKey] ->
+            case lists:member(FocusId, FocusReg) of
+                true ->
+                    HBKey = [Cid, Node, Platform, "system_info"],
+                    clean_stale_row(maps:get(HBKey, Heartbeats, undefined), Heartbeats,
+                        Count, TableName, RawRow, HBKey, StaleTime);
+                false ->
+                    imem_meta:remove(TableName, RawRow),
+                    {Heartbeats, Count + 1}
+            end;
+        [Cid, Node, Platform, _Group | _Rest] ->
+            HBKey = [Cid, Node, Platform, "system_info"],
+            clean_stale_row(maps:get(HBKey, Heartbeats, undefined), Heartbeats,
+                Count, TableName, RawRow, HBKey, StaleTime);
+        _ -> {Heartbeats, Count}
+    end,
+    NKey = imem_meta:next(TableName, NextKey),
+    clean_stale_rows(TableName, NKey, StaleTime, NHeartMap, FocusReg, Debug, NCount).
+
+clean_stale_row(current, Heartbeats, Count, _TableName, _RawRow, _HBKey, _StaleTime) -> {Heartbeats, Count};
+clean_stale_row(stale, Heartbeats, Count, TableName, RawRow, _HBKey, _StaleTime) ->
+    imem_meta:remove(TableName, RawRow),
+    {Heartbeats, Count + 1};
+clean_stale_row(undefined, Heartbeats, Count, TableName, RawRow, HBKey, StaleTime) ->
+    case fetch_heartbeat(TableName, HBKey) of
+        not_found ->
+            imem_meta:remove(TableName, RawRow),
+            {Heartbeats#{HBKey => stale}, Count + 1};
+        CValue ->
+            T = extract_time(CValue),
+            ElapsedTime = erlang:system_time(milli_seconds) - T,
+            case ElapsedTime > StaleTime of
+                true ->
+                    imem_meta:remove(TableName, RawRow),
+                    {Heartbeats#{HBKey => stale}, Count + 1};
+                false ->
+                    {Heartbeats#{HBKey => current}, Count}
+            end
+    end.
+
+clean_stale_registrations(Channel, JobName) ->
+    BaseKey = ["register", "focus"],
+    lists:usort(clean_stale_registrations(Channel, JobName, imem_dal_skvh:read_shallow(system, Channel, [BaseKey]), [])).
+
+%% TODO: Find better name as this cleans the registrations and returns the list
+%% of topics for later data cleanup, maybe name should be more descriptive.
+clean_stale_registrations(_Channel, _JobName, [], Acc) -> Acc;
+clean_stale_registrations(Channel, JobName, [#{ckey := ["register", "focus", [NodeString, PidString]], cvalue := CValue} = Reg | Rest], Acc) ->
+    Node = list_to_existing_atom(NodeString),
+    case rpc:call(Node, dperl_status_pull, is_process_alive, [PidString]) of
+        true ->
+            KeyTopicsList = [[binary_to_list(Topic), binary_to_list(Key)] || [Topic, Key] <- imem_json:decode(CValue)],
+            clean_stale_registrations(Channel, JobName, Rest, KeyTopicsList ++ Acc);
+        false ->
+            remove_registration(Channel, Reg, JobName),
+            clean_stale_registrations(Channel, JobName, Rest, Acc);
+        {badrpc, _} ->
+            %% Unable to check the registration, removing invalid data.
+            remove_registration(Channel, Reg, JobName),
+            clean_stale_registrations(Channel, JobName, Rest, Acc)
+    end.
+
+remove_registration(Channel, Reg, JobName) ->
+    imem_dal_skvh:remove(system, Channel, Reg),
+    %removing focus ets entry
+    #{cvalue := FocusVal} = Reg,
+    case imem_json:decode(FocusVal) of
+        [FocusId | _] ->
+            MetricKey = {dperl_metrics, list_to_tuple([focus | dperl_dal:key_from_json(FocusId)])},
+            EtsFocusKey = {MetricKey, dperl_status_agr, write_to_channel},
+            ets:delete(?METRICS_TAB(JobName), EtsFocusKey);
+        _ -> no_op
+    end.
+
+is_process_alive(PidString) ->
+    Pid = list_to_pid(PidString),
+    erlang:is_process_alive(Pid).
+
+is_time_to_run(Frequency, Key, SyncCnt, RMetrics) ->
+    case RMetrics of
+        #{Key := _} -> false;
+        _ -> 
+            Frequency == 1 orelse (SyncCnt rem Frequency == erlang:phash2(Key, 1023) rem Frequency)
+    end.
+
+sort_links(Connection) when map_size(Connection) == 0 -> #{};
+sort_links(#{links := Links} = Connection) ->
+    Connection#{links => dperl_dal:sort_links(Links)}.
+
+-spec is_safe_funs(list()) -> boolean().
+is_safe_funs([]) -> true;
+is_safe_funs([{Mod, Fun, _Opts} | ModFuns]) ->
+    lists:member({Mod, Fun, 5}, imem_compiler:safe(Mod)) andalso is_safe_funs(ModFuns).
+
+remove_old_keys(Name, Channel, NewKeyVals, OldKeyVals) ->
+    NewKeys = [Key || #{ckey := Key} <- NewKeyVals],
+    OldKeys = [Key || #{ckey := Key} <- OldKeyVals],
+    %% Removing old keys that are not valid any more
+    [dperl_dal:remove_from_channel(Channel, [Name, atom_to_list(node()) | Key]) || Key <- OldKeys -- NewKeys].
+
+-spec get_target_node(atom(), atom()) -> atom().
+get_target_node(MetricNode, undefined) -> MetricNode;
+get_target_node(MetricNode, TargetNode) when node() =:= MetricNode -> TargetNode;
+get_target_node(MetricNode, _TargetNode) -> MetricNode.
+
+-spec extract_time(map() | binary()) -> map().
+extract_time(Value) when is_binary(Value) ->
+    #{<<"time">> := T} = imem_json:decode(Value, [return_maps]),
+    T;
+extract_time(#{time := T}) -> T.
+
+-spec fetch_aggregators(list(), map()) -> map().
+fetch_aggregators([], Acc) -> Acc;
+fetch_aggregators([#{metric_src := Mod, key := MetricKey} = Metric | Metrics], Acc) ->
+    NewAcc = Acc#{{Mod, MetricKey} => fetch_aggregators(Metric)},
+    fetch_aggregators(Metrics, NewAcc).
+
+-spec fetch_aggregators(map()) -> list().
+fetch_aggregators(Metric) ->
+    case maps:get(aggregators, Metric, none) of
+        none -> [{dperl_status_agr,write_to_all, #{}}];
+        Aggrs -> 
+            lists:foldr(
+                fun({AMod, AFun}, AgrAcc) -> [{AMod, AFun, #{}} | AgrAcc];
+                   ({AMod, AFun, Opts}, AgrAcc) -> [{AMod, AFun, Opts} | AgrAcc]
+                end, [], Aggrs)
+    end.
+
+-spec add_channel_to_agr_metrics(list(), binary(), list()) -> list().
+add_channel_to_agr_metrics([], _Channel, Acc) -> lists:reverse(Acc);
+add_channel_to_agr_metrics([#{key := {agr, Agr, []}} = Metric | Metrics], Channel, Acc) ->
+    add_channel_to_agr_metrics(Metrics, Channel, [Metric#{key => {agr, Agr, Channel}} | Acc]);
+add_channel_to_agr_metrics([Metric | Metrics], Channel, Acc) ->
+    add_channel_to_agr_metrics(Metrics, Channel, [Metric | Acc]).
+
+-spec fetch_heartbeat(atom(), list()) -> not_found | map().
+fetch_heartbeat(Table, Key) ->
+    fetch_heartbeat(imem_dal_skvh:read_deep(system, atom_to_binary(Table,utf8), [Key])).
+
+-spec fetch_heartbeat(list()) -> not_found | map() | binary().
+fetch_heartbeat([]) -> not_found;
+fetch_heartbeat([#{ckey := [_, _, _, "system_info", _TNode, "system_info", "heartbeat"],
+                   cvalue := Value} | _]) -> Value;
+fetch_heartbeat([_ | Rest]) -> fetch_heartbeat(Rest).
+
+-spec filter_not_responded_metrics(binary(), map()) -> {list(), map()}.
+filter_not_responded_metrics(Name, Metrics) ->
+    Now = imem_meta:time(),
+    DiffLimit = ?METRIC_WAIT_THRESHOLD(Name),
+    maps:fold(
+        fun(M, Time, WaitingMetrics) ->
+                case imem_datatype:sec_diff(Time, Now) of
+                    Diff when Diff < DiffLimit -> WaitingMetrics;
+                    _ ->
+                        ?Error("Metric : ~p has not got any response till ~p seconds", [M, DiffLimit]),
+                        maps:remove(M, WaitingMetrics)
+                end
+            end, Metrics, Metrics).
diff --git a/src/dperl_status_push.erl b/src/dperl_status_push.erl
new file mode 100644
index 00000000..7f6ca8de
--- /dev/null
+++ b/src/dperl_status_push.erl
@@ -0,0 +1,151 @@
+-module(dperl_status_push).
+
+-include("dperl.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2, get_status/1, init_state/1]).
+
+-record(state, {cred, links, imem_sess, name, channel, first_sync = true,
+                audit_start_time = {0,0}, chunk_size = 200, provs = [],
+                active_link = 1, mod, func, imem_connected = false}).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
+         insert_dst/3, update_dst/3, report_status/3, is_equal/4]).
+
+get_source_events(#state{channel = Channel,
+                          audit_start_time = LastStartTime} = State, BulkSize) ->
+    case length(State#state.provs) > 0 of
+        true -> {ok, State#state.provs, State#state{provs = []}};
+        _ ->
+            case dperl_dal:read_audit(Channel, LastStartTime, BulkSize) of
+                {LastStartTime, LastStartTime, []} ->
+                    if State#state.first_sync == true -> 
+                          ?JInfo("Audit rollup is complete"),
+                          {ok, sync_complete, State#state{first_sync = false}};
+                       true -> {ok, sync_complete, State}
+                    end;
+                {_StartTime, NextStartTime, []} ->
+                    {ok, [], State#state{audit_start_time = NextStartTime}};
+                {_StartTime, NextStartTime, Statuses} ->
+                    {ok, [K || #{key := K, nval := NV} <- Statuses, NV /= undefined],
+                        State#state{audit_start_time = NextStartTime}}
+            end
+    end.
+
+connect_check_src(State) -> {ok, State}.
+
+connect_check_dst(State) -> ?CONNECT_CHECK_IMEM_LINK(State).
+
+do_cleanup(_, _) -> error(sync_only_job).
+
+do_refresh(_, _) -> error(sync_only_job).
+
+fetch_src(Key, #state{channel = Channel}) ->
+    dperl_dal:job_error_close(Key),
+    dperl_dal:read_channel(Channel, Key).
+
+fetch_dst(_Key, _State) -> ?NOT_FOUND.
+
+delete_dst(_Key, State) -> {false, State}.
+
+insert_dst([JMod, Chn, SId, Job] = Key, Val, #state{mod = Mod, func = Fun, imem_sess = Sess, 
+                                                    channel = Channel} = State) ->
+    Count = dperl_dal:count_sibling_jobs(list_to_existing_atom(JMod), Chn),
+    case Val of
+        #{auditTime := '$do_not_log'} -> {false, State};
+        #{auditTime := Time} ->
+            FormattedTime = case Time of
+                undefined ->
+                    undefined;
+                Time when is_list(Time) ->
+                    list_to_tuple(Time)
+            end,
+            Status = #{channel => Chn, shortid => SId, job => Job,
+                       at => FormattedTime},
+            NewStatus = case Val of
+                #{error := Error} -> Status#{error => Error};
+                _ -> Status
+            end,
+            case catch Sess:run_cmd(dal_exec, [Mod, Fun, [Count, [NewStatus]]]) of
+                {'EXIT', Err} -> 
+                    self() ! connect_src_link,
+                    dperl_dal:job_error(Key, <<"sync">>, <<"process_staupdate_dsttus">>, Err),
+                    ?JError("Status update error ~p", [Err]),
+                    {true, State};
+                ok -> 
+                    case maps:is_key(error, Val) of
+                        false -> dperl_dal:remove_from_channel(Channel, Key);
+                        true -> no_op
+                    end,
+                    {false, State};
+                Other -> 
+                    dperl_dal:job_error(Key, <<"sync">>, <<"process_status">>, Other),
+                    ?JWarn("Status update bad return ~p", [Other]),
+                    {true, State}
+            end
+    end.
+
+update_dst(_Key, _Val, State) -> {false, State}.
+
+report_status(_Key, _, _State) -> no_op.
+
+is_equal(_Key, ?NOT_FOUND, _,  _State) -> true;
+is_equal(_Key, _Src, _, _State) -> false.
+
+get_status(#state{audit_start_time = LastAuditTime}) ->
+    #{lastAuditTime => LastAuditTime}.
+
+init_state([]) -> #state{};
+init_state([#dperlNodeJobDyn{state = #{lastAuditTime := LastAuditTime}} | _]) ->
+    #state{audit_start_time = LastAuditTime};
+init_state([_ | Others]) ->
+    init_state(Others).
+
+init({#dperlJob{name=Name, args = _Args, srcArgs = #{channel := Channel},
+              dstArgs = #{credential := Credential, links := Links,
+              mod := Mod, func := Fun}}, State}) ->
+    dperl_dal:create_check_channel(Channel, [audit, {type,map}]),
+    ?JInfo("Starting at audit ~s", [dperl_dal:ts_str(State#state.audit_start_time)]),
+    {ok, State#state{name=Name, cred = Credential, links = Links,
+                     channel = Channel, mod = Mod, func = Fun}};
+init({Args, _}) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(Request, State) ->
+    ?JWarn("handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, #state{imem_sess = undefined}) ->
+    ?JInfo("terminate ~p", [Reason]);
+terminate(Reason, #state{imem_sess = Session}) ->
+    ?JInfo("terminate ~p", [Reason]),
+    try
+        Session:close()
+    catch
+        _:Error ->
+        dperl_dal:job_error(<<"terminate">>, <<"terminate">>, Error),
+        ?JError("terminate ~p:~p", [Reason, Error])
+    end.
+
+code_change(OldVsn, State, Extra) ->
+    ?JInfo("code_change ~p: ~p", [OldVsn, Extra]),
+    {ok, State}.
+
+format_status(Opt, [PDict, State]) ->
+    ?JInfo("format_status ~p: ~p", [Opt, PDict]),
+    State.
diff --git a/src/dperl_strategy_scr.erl b/src/dperl_strategy_scr.erl
new file mode 100644
index 00000000..99887509
--- /dev/null
+++ b/src/dperl_strategy_scr.erl
@@ -0,0 +1,875 @@
+-module(dperl_strategy_scr).
+
+-include("dperl.hrl").
+
+-export([execute/4]).
+
+-ifdef(TEST).
+-export([load_src_after_key/3, load_dst_after_key/3]).
+-endif.
+
+-type state() :: any().
+
+-callback connect_check_src(state()) ->
+    {ok, state()} | {error, any()} | {error, any(), state()}.
+-callback get_source_events(state(), integer()) ->
+    {error, any()} | {ok, list(), state()} | {ok, sync_complete, state()}.
+-callback connect_check_dst(state()) ->
+    {ok, state()} | {error, any()} | {error, any(), state()}.
+-callback fetch_src(any(), state()) -> ?NOT_FOUND | term().
+-callback fetch_dst(any(), state()) -> ?NOT_FOUND | term().
+-callback delete_dst(any(), state()) -> {true, state()} | {false, state()}.
+-callback insert_dst(any(), any(), state()) -> {true, state()} | {false, state()}.
+-callback update_dst(any(), any(), state()) -> {true, state()} | {false, state()}.
+-callback report_status(any(), any(), state()) -> ok | {error, any()}.
+-callback do_refresh(state(), integer()) ->
+    {error, any()} | {ok, state()} | {ok, finish, state()}.
+
+% optional callbacks
+-callback should_cleanup(ddTimestamp()|undefined,
+                         ddTimestamp()|undefined,
+                         integer(), integer(), state()) -> true | false.
+-callback should_refresh(ddTimestamp()|undefined,
+                         ddTimestamp()|undefined,
+                         integer(), integer(), [integer()], state()) -> true | false.
+-callback is_equal(any(), any(), any(), state()) -> true | false.
+-callback update_channel(any(), boolean(), any(), any(), state()) -> {true, state()} | {false, state()}.
+-callback finalize_src_events(state()) -> {true, state()} | {false, state()}.
+-callback should_sync_log(state()) -> true | false.
+
+-optional_callbacks([should_cleanup/5, should_refresh/6, is_equal/4,
+                     update_channel/5, finalize_src_events/1,
+                     should_sync_log/1]).
+
+-callback do_cleanup(state(), integer()) ->
+    {error, any()} | {ok, state()} | {ok, finish, state()}.
+-callback do_cleanup(list(), list(), boolean(), state()) -> 
+    {error, any()} | {ok, state()} | {ok, finish, state()}.
+-callback do_cleanup(list(), list(), list(), boolean(), state()) -> 
+    {error, any()} | {ok, state()} | {ok, finish, state()}.
+-optional_callbacks([do_cleanup/2, do_cleanup/4,do_cleanup/5]).
+
+% chunked cleanup context
+-record(cleanup_ctx,
+        {srcKeys          :: list(),
+         srcCount         :: integer(),
+         dstKeys          :: list(),
+         dstCount         :: integer(),
+         bulkCount        :: integer(),
+         minKey           :: any(),
+         maxKey           :: any(),
+         lastKey          :: any(),
+         deletes = []     :: list(),
+         differences = [] :: list(),
+         inserts = []     :: list()}).
+
+
+-define(DL(__S,__F,__A),
+        ?Debug([{state,__S},{mod, Mod},{job, Job}],__F,__A)).
+-define(DL(__S,__F), ?DL(__S,__F,[])).
+
+-define(S(__F),     ?DL(sync,__F)).
+-define(S(__F,__A), ?DL(sync,__F,__A)).
+-define(C(__F),     ?DL(cleanup,__F)).
+-define(C(__F,__A), ?DL(cleanup,__F,__A)).
+-define(R(__F),     ?DL(refresh,__F)).
+-define(R(__F,__A), ?DL(refresh,__F,__A)).
+
+-define(RESTART_AFTER(__Timeout, __Args),
+        erlang:send_after(__Timeout, self(),
+                          {internal, {behavior, ?MODULE, __Args}})).
+
+-spec execute(atom(), string(), state(), map()) -> state().
+execute(Mod, Job, State, #{sync := _, cleanup := _, refresh := _}
+        = Args)
+  when is_map(Args) ->
+    try execute(sync, Mod, Job, State, Args) catch
+        Class:{step_failed, NewArgs} when is_map(NewArgs) ->
+            ?JError("~p ~p step_failed~n~p", [Mod, Class, erlang:get_stacktrace()]),
+            dperl_dal:update_job_dyn(Job, error),
+            ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), NewArgs),
+            dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Class),
+            State;
+        Class:{step_failed, NewState} ->
+            ?JError("~p ~p step_failed~n~p", [Mod, Class, erlang:get_stacktrace()]),
+            dperl_dal:update_job_dyn(Job, Mod:get_status(NewState), error),
+            ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), Args),
+            dperl_dal:job_error(get(jstate), <<"step failed">>, Class),
+            NewState;
+        Class:Error ->
+            ?JError("~p ~p ~p~n~p", [Mod, Class, Error, erlang:get_stacktrace()]),
+            dperl_dal:update_job_dyn(Job, error),
+            ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), Args),
+            dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Class),
+            State
+    end;
+execute(Mod, Job, State, Args) when is_map(Args) ->
+    execute(Mod, Job, State,
+            maps:merge(#{sync => true, cleanup => true, refresh => true},
+                       Args)).
+
+-spec execute(sync|cleanup|refresh, atom(), string(), state(), map()) ->
+    state() | no_return().
+% [sync]
+execute(sync, Mod, Job, State, #{sync := Sync} = Args) ->
+    put(jstate,s),
+    ?S("Connect/check source if not already connected (trivial for push)"),
+    State1 =
+    case Mod:connect_check_src(State) of
+        {error, Error, S1} ->
+            ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
+            dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
+            error({step_failed, S1});
+        {error, Error} ->
+            ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
+            dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
+            error(step_failed);
+        {ok, S1} -> 
+            dperl_dal:job_error_close(),
+            S1
+    end,
+    if Sync == true ->
+            ?S("Get pending list of events (max n) to process from source"),
+            case Mod:get_source_events(State1, ?MAX_BULK_COUNT(Mod, Job)) of
+                {error, Error1, S2} ->
+                    ?JError("sync(~p) failed at get_source_events : ~p", [Mod, Error1]),
+                    dperl_dal:job_error(<<"sync">>, <<"get_source_events">>, Error1),
+                    error({step_failed, S2});
+                {error, Error1} ->
+                    ?JError("sync(~p) failed at get_source_events : ~p", [Mod, Error1]),
+                    dperl_dal:job_error(<<"sync">>, <<"get_source_events">>, Error1),
+                    error({step_failed, State1});
+                {ok, sync_complete, S2} ->
+                    ?S("If lists of pending events is empty: goto [cleanup]"),
+                    dperl_dal:job_error_close(),
+                    execute(cleanup, Mod, Job, S2, Args);
+                {ok, [], S2} ->
+                    ?S("no pending events, re-enter [sync] after cycleAlwaysWait"),
+                    execute(finish, Mod, Job, S2, Args);
+                {ok, Events, S2} ->
+                    ?S("Connect to destination if not already connected (trivial for pull)"),
+                    dperl_dal:job_error_close(),
+                    State3 =
+                    case Mod:connect_check_dst(S2) of
+                        {error, Error1, S3} ->
+                            ?JError("sync(~p) failed at connect_check_dst : ~p", [Mod, Error1]),
+                            dperl_dal:job_error(<<"sync">>, <<"connect_check_dst">>, Error1),
+                            error({step_failed, S3});
+                        {error, Error1} ->
+                            ?JError("sync(~p) failed at connect_check_dst : ~p", [Mod, Error1]),
+                            dperl_dal:job_error(<<"sync">>, <<"connect_check_dst">>, Error1),
+                            error(step_failed);
+                        {ok, S3} -> 
+                            dperl_dal:job_error_close(),
+                            S3
+                    end,
+                    ?S("Process the events; goto [finish]"),
+                    case process_events(Events, Mod, State3) of
+                        {true , State4} ->
+                            ?JError("sync(~p) failed at process_events", [Mod]),
+                            dperl_dal:job_error(<<"sync">>, <<"process_src_events">>, <<"error">>),
+                            error({step_failed, State4});
+                        {false, State4} ->
+                            dperl_dal:update_job_dyn(Job, Mod:get_status(State4), synced),
+                            dperl_dal:job_error_close(),
+                            execute(finish, Mod, Job, State4, Args);
+                        %% idle used for dperl_mec_ic to have idle timeout on
+                        %% Try later error from oracle
+                        %% would be removed in the future when new
+                        %% behavior is used for mec_ic
+                        {idle, State4} ->
+                            execute(idle, Mod, Job, State4, Args)
+                    end
+           end;
+       true ->
+           ?S("disabled! trying cleanup"),
+           execute(cleanup, Mod, Job, State1, Args)
+    end;
+
+% [cleanup]
+execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
+    put(jstate,c),
+    #{lastAttempt := LastAttempt,
+      lastSuccess := LastSuccess} = CleanupState = get_state(cleanup, Job),
+    ShouldCleanupFun =
+    case erlang:function_exported(Mod, should_cleanup, 5) of
+        true -> fun(LA, LS, BI, CI) -> Mod:should_cleanup(LA, LS, BI, CI, State) end;
+        false -> fun(LA, LS, BI, CI) -> should_cleanup(LA, LS, BI, CI) end
+    end,
+    case apply(ShouldCleanupFun,
+               [LastAttempt, LastSuccess, ?CLEANUP_BATCH_INTERVAL(Mod, Job),
+                ?CLEANUP_INTERVAL(Mod, Job)]) of
+        false ->
+            ?C("(sync phase was nop) if last cleanup + cleanupInterval < now goto [refresh]"),
+            execute(refresh, Mod, Job, State, Args);
+        true ->
+            set_state(cleanup, Job, start),
+            Args1 =
+            if LastAttempt =< LastSuccess ->
+                   ?JInfo("Starting cleanup cycle"),
+                   case Args of
+                       #{stats := #{cleanup_count := CC} = Stats} ->
+                           Args#{stats => Stats#{cleanup_count => CC + 1}};
+                       Args ->
+                           Stats = maps:get(stats, Args, #{}),
+                           Args#{stats => Stats#{cleanup_count => 1}}
+                   end;
+               true ->
+                   case Args of
+                       #{stats := #{cleanup_count := CC} = Stats} ->
+                           Args#{stats => Stats#{cleanup_count => CC + 1}};
+                       Args ->
+                           ?JInfo("Resuming cleanup cycle"),
+                           Stats = maps:get(stats, Args, #{}),
+                           Args#{stats => Stats#{cleanup_count => 1}}
+                   end
+            end,
+            ?C("Connect to destination if not already connected (trivial for pull)"),
+            State1 =
+            case Mod:connect_check_dst(State) of
+                {error, Error, S1} ->
+                    ?JError("cleanup(~p) failed at connect_check_dst : ~p", [Mod, Error]),
+                    dperl_dal:job_error(<<"cleanup">>, <<"connect_check_dst">>, Error),
+                    error({step_failed, S1});
+                {error, Error} ->
+                    ?JError("cleanup(~p) failed at connect_check_dst : ~p", [Mod, Error]),
+                    dperl_dal:job_error(<<"cleanup">>, <<"connect_check_dst">>, Error),
+                    error(step_failed);
+                {ok, S1} -> 
+                    dperl_dal:job_error_close(),
+                    S1
+            end,
+            ?C("Read and compare list of active keys between source and destination"),
+            ?C("Build a list of provisioning actions to be taken (aggregated audit list)"),
+            ?C("If list provisioning action is non empty: perform the actions; goto [finish]"),
+            CleanupBulkCount = ?MAX_CLEANUP_BULK_COUNT(Mod, Job),
+            DoCleanupArgs =
+            case (erlang:function_exported(Mod, load_src_after_key, 3) andalso
+                  erlang:function_exported(Mod, load_dst_after_key, 3)) of
+                false -> [State1, CleanupBulkCount];
+                true ->
+                    #{minKey := MinKey, maxKey := MaxKey,
+                      lastKey := LastKey} = CleanupState,
+                    #{deletes := Deletes, inserts := Inserts, 
+                      differences := Diffs, lastKey := NextLastKey} =
+                    cleanup_refresh_collect(
+                      Mod,
+                      #cleanup_ctx{minKey = MinKey, maxKey = MaxKey,
+                                   lastKey = LastKey, bulkCount = CleanupBulkCount},
+                      State1),
+                    % update last key
+                    case dperl_dal:select(
+                           ?JOBDYN_TABLE,
+                           [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}]) of
+                        {[#dperlNodeJobDyn{state = #{cleanup := OldCleanupState}
+                                          = NodeJobDynState}], true}
+                          when is_map(OldCleanupState) ->
+                            dperl_dal:update_job_dyn(
+                              Job,
+                              NodeJobDynState#{
+                                cleanup =>
+                                (case Args1 of
+                                    #{stats := #{cleanup_count := CC2}} ->
+                                        OldCleanupState#{count => CC2};
+                                    Args1 -> OldCleanupState
+                                 end)#{lastKey => NextLastKey}});
+                        _ -> ok
+                    end,
+                    cleanup_log("Orphan", Deletes),
+                    cleanup_log("Missing", Inserts),
+                    cleanup_log("Difference", Diffs),
+                    case erlang:function_exported(Mod, do_cleanup, 5) of
+                        true ->  [Deletes, Inserts, Diffs, NextLastKey == MinKey, State1];
+                        false -> [Deletes, Inserts, NextLastKey == MinKey, State1]
+                    end
+            end,
+            case apply(Mod, do_cleanup, DoCleanupArgs) of
+                {error, Error1} ->
+                    ?JError("cleanup(~p) failed at do_cleanup : ~p", [Mod, Error1]),
+                    dperl_dal:job_error(<<"cleanup">>, <<"do_cleanup">>, Error1),
+                    error({step_failed, Args1});
+                {error, Error1, S2} ->
+                    ?JError("cleanup(~p) failed at do_cleanup : ~p", [Mod, Error1]),
+                    dperl_dal:job_error(<<"cleanup">>, <<"do_cleanup">>, Error1),
+                    error({step_failed, S2});
+                {ok, S2} ->
+                    dperl_dal:job_error_close(),
+                    if length(DoCleanupArgs) == 2 ->
+                        set_state(
+                          cleanup, Job, start,
+                          case Args1 of
+                              #{stats := #{cleanup_count := CC0}} ->
+                                  (Mod:get_status(S2))#{count => CC0};
+                              Args1 -> Mod:get_status(S2)
+                          end);
+                       true -> no_op
+                    end,
+                    execute(finish, Mod, Job, S2, Args1);
+                {ok, finish, S2} ->
+                    set_state(
+                      cleanup, Job, stop,
+                      case Args1 of
+                          #{stats := #{cleanup_count := CC1}} ->
+                              (Mod:get_status(S2))#{count => CC1};
+                          Args1 -> Mod:get_status(S2)
+                      end),
+                    dperl_dal:job_error_close(),
+                    ?JInfo("Cleanup cycle is complete"),
+                    execute(finish, Mod, Job, S2, Args1)
+            end
+    end;
+execute(cleanup, Mod, Job, State, Args) ->
+    put(jstate,c),
+    ?C("disabled! trying refresh"),
+    execute(refresh, Mod, Job, State, Args);
+
+% [refresh]
+execute(refresh, Mod, Job, State, #{refresh := true} = Args) ->
+    put(jstate,r),
+    #{lastAttempt := LastAttempt,
+      lastSuccess := LastSuccess} = get_state(refresh, Job),
+    ShouldRefreshFun =
+    case erlang:function_exported(Mod, should_refresh, 6) of
+        true -> fun(LA, LS, BI, RI, RH) -> Mod:should_refresh(LA, LS, BI, RI, RH, State) end;
+        false -> fun(LA, LS, BI, RI, RH) -> should_refresh(LA, LS, BI, RI, RH) end
+    end,
+    case apply(ShouldRefreshFun,
+               [LastAttempt, LastSuccess, ?REFRESH_BATCH_INTERVAL(Mod, Job),
+            ?REFRESH_INTERVAL(Mod, Job), ?REFRESH_HOURS(Mod, Job)]) of
+        false ->
+            ?R("If last refresh + refreshInterval < now(): goto [idle]"),
+            ?R("If current hour is not in refreshHours): goto [idle]"),
+            execute(idle, Mod, Job, State, Args);
+        true ->
+            set_state(refresh, Job, start),
+            Args1 =
+            if LastAttempt =< LastSuccess ->
+                   ?JInfo("Starting refresh cycle"),
+                   case Args of
+                       #{stats := #{refresh_count := RC} = Stats} ->
+                           Args#{stats => Stats#{refresh_count => RC + 1}};
+                       Args ->
+                           Stats = maps:get(stats, Args, #{}),
+                           Args#{stats => Stats#{refresh_count => 1}}
+                   end;
+               true ->
+                   case Args of
+                       #{stats := #{refresh_count := RC} = Stats} ->
+                           Args#{stats => Stats#{refresh_count => RC + 1}};
+                       Args ->
+                           ?JInfo("Resuming refresh cycle"),
+                           Stats = maps:get(stats, Args, #{}),
+                           Args#{stats => Stats#{refresh_count => 1}}
+                   end
+            end,
+            ?R("Connect to destination if not already connected (trivial for pull)"),
+            State1 =
+            case Mod:connect_check_dst(State) of
+                {error, Error, S1} ->
+                    ?JError("refresh(~p) failed at connect_check_dst : ~p", [Mod, Error]),
+                    dperl_dal:job_error(<<"refresh">>, <<"connect_check_dst">>, Error),
+                    error({step_failed, S1});
+                {error, Error} ->
+                    ?JError("refresh(~p) failed at connect_check_dst : ~p", [Mod, Error]),
+                    dperl_dal:job_error(<<"refresh">>, <<"connect_check_dst">>, Error),
+                    error(step_failed);
+                {ok, S1} -> 
+                    dperl_dal:job_error_close(),
+                    S1
+            end,
+            ?R("Read and compare values between source and existing destination keys"),
+            ?R("Build a list provisioning actions to be taken"),
+            ?R("If list of provisioning actions is empty: goto [finish]"),
+            ?R("Perform the actions: goto [finish]"),
+            case Mod:do_refresh(State1, ?MAX_REFRESH_BULK_COUNT(Mod, Job)) of
+                {error, Error1} ->
+                    ?JError("refresh(~p) failed at do_refresh : ~p", [Mod, Error1]),
+                    dperl_dal:job_error(<<"refresh">>, <<"do_refresh">>, Error1),
+                    error({step_failed, Args1});
+                {ok, S2} ->
+                    set_state(
+                      refresh, Job, start,
+                      case Args1 of
+                          #{stats := #{refresh_count := RC0}} ->
+                              (Mod:get_status(S2))#{count => RC0};
+                          Args1 -> Mod:get_status(S2)
+                      end),
+                    dperl_dal:job_error_close(),
+                    execute(finish, Mod, Job, S2, Args1);
+                {ok, finish, S2} ->
+                    set_state(
+                      refresh, Job, stop,
+                      case Args1 of
+                          #{stats := #{refresh_count := RC1}} ->
+                              (Mod:get_status(S2))#{count => RC1};
+                          Args1 -> Mod:get_status(S2)
+                      end),
+                    dperl_dal:job_error_close(),
+                    ?JInfo("Refresh cycle is complete"),
+                    execute(finish, Mod, Job, S2, Args1)
+                
+            end
+    end;
+execute(refresh, Mod, Job, State, Args) ->
+    put(jstate,r),
+    ?R("disabled! going idle"),
+    execute(idle, Mod, Job, State, Args);
+execute(idle, Mod, Job, State, Args) ->
+    put(jstate,i),
+    ?RESTART_AFTER(?CYCLE_IDLE_WAIT(Mod, Job), Args),
+    dperl_dal:update_job_dyn(Job, Mod:get_status(State), idle),
+    State;
+execute(finish, Mod, Job, State, Args) ->
+    put(jstate,f),
+    ?RESTART_AFTER(?CYCLE_ALWAYS_WAIT(Mod, Job), Args),
+    State.
+
+-spec get_state(cleanup|refresh, binary()) ->
+    {ddTimestamp() | undefined, ddTimestamp() | undefined}.
+get_state(Type, Job) when (Type == cleanup orelse Type == refresh)
+                          andalso is_binary(Job) ->
+    maps:merge(
+      if Type == cleanup ->
+             #{minKey => -1, maxKey => <<255>>, lastKey => 0};
+         true -> #{}
+      end,
+      case dperl_dal:select(
+             ?JOBDYN_TABLE,
+             [{#dperlNodeJobDyn{name=Job,state='$1',_='_'},[],['$1']}]) of
+          {[#{Type:=State}], true} when is_map(State) -> State;
+          {_, true} -> #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+      end).
+
+-spec set_state(cleanup|refresh, binary(), start | stop) -> any().
+set_state(Type, Job, Status) -> set_state(Type, Job, Status, #{}).
+
+-spec set_state(cleanup|refresh, binary(), start | stop, map()) -> any().
+set_state(Type, Job, Status, State0)
+  when (Type == cleanup orelse Type == refresh) andalso
+       (Status == start orelse Status == stop) andalso is_binary(Job) ->
+    {NodeJobDyn, NewStatus0} =
+    case dperl_dal:select(
+           ?JOBDYN_TABLE,
+           [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}]) of
+        {[#dperlNodeJobDyn{state=#{Type:=OldState}} = NJD], true}
+          when is_map(OldState) ->            
+            {NJD, OldState};
+        {[#dperlNodeJobDyn{} = NJD], true} ->
+            {NJD, #{lastAttempt => os:timestamp(),
+                    lastSuccess => ?EPOCH}}
+    end,
+    {NewStatus, State} =
+    case maps:get(count, State0, '$not_found') of
+        '$not_found' -> {NewStatus0, State0};
+        Count ->
+            {NewStatus0#{count => Count}, maps:remove(count, State0)}
+    end,
+    TypeState = case {Type, Status} of
+                    {cleanup, start} -> cleaning;
+                    {cleanup, stop} -> cleaned;
+                    {refresh, start} -> refreshing;
+                    {refresh, stop} -> refreshed
+                end,
+    % create 'Type' state if doesn't exists
+    % if exists update 'LastSuccess' timestamp to current time
+    NodeJobDynState = NodeJobDyn#dperlNodeJobDyn.state,
+    dperl_dal:update_job_dyn(
+      Job,
+      maps:merge(
+      NodeJobDynState#{
+        Type =>
+        if Status == start ->
+               NewStatus#{lastAttempt => imem_meta:time()};
+           true ->
+               NewStatus#{lastSuccess => imem_meta:time()}
+        end}, State), TypeState).
+
+%
+% default callbacks
+% 
+should_cleanup(LastAttempt, LastSuccess, BatchInterval, Interval) ->
+    if LastAttempt > LastSuccess -> 
+           imem_datatype:msec_diff(LastAttempt) > BatchInterval;
+       true ->
+           imem_datatype:msec_diff(LastSuccess) > Interval
+    end.
+
+should_refresh(LastAttempt, LastSuccess, BatchInterval, Interval, Hours) ->
+    if LastAttempt > LastSuccess ->
+           imem_datatype:msec_diff(LastAttempt) > BatchInterval;
+       true ->
+           case imem_datatype:msec_diff(LastSuccess) > Interval of
+               false -> false;
+               true ->
+                   if length(Hours) > 0 ->
+                          {Hour,_,_} = erlang:time(),
+                          case lists:member(Hour, Hours) of
+                              true -> true;
+                              _ -> false
+                          end;
+                      true -> true
+                   end
+           end
+    end.
+
+is_equal(_Key, S, S, _State) -> true;
+is_equal(_Key, S, D, _State) when is_map(S), is_map(D) ->
+    dperl_dal:normalize_map(S) == dperl_dal:normalize_map(D);
+is_equal(_Key, S, D, _State) when is_list(S), is_list(D) ->
+    lists:sort(S) == lists:sort(D);
+is_equal(_Key, _, _, _State) -> false.
+
+cleanup_log(_Msg, []) -> no_op;
+cleanup_log(Msg, [K | _] = Keys) when is_integer(K) ->
+    ?JWarn("~s (~p) ~w", [Msg, length(Keys), Keys]);
+cleanup_log(Msg, Keys) ->
+    ?JWarn("~s (~p) ~p", [Msg, length(Keys), Keys]).
+
+sync_log(_, _, false) -> no_op;
+sync_log(Msg, {Key, _}, ShouldLog) -> sync_log(Msg, Key, ShouldLog);
+sync_log(Msg, Key, _) when is_binary(Key) -> ?JInfo("~s : ~s", [Msg, Key]);
+sync_log(Msg, Key, _) -> ?JInfo("~s : ~p", [Msg, Key]).
+
+%%----------------
+%% chunked cleanup
+%%
+
+process_events(Keys, Mod, State) ->
+    ShouldLog =
+    case erlang:function_exported(Mod, should_sync_log, 1) of
+        true -> Mod:should_sync_log(State);
+        false -> true
+    end,
+    process_events(Keys, Mod, State, ShouldLog, false).
+
+process_events([], Mod, State, _ShouldLog, IsError) ->
+    case erlang:function_exported(Mod, finalize_src_events, 1) of
+        true -> execute_prov_fun(no_log, Mod, finalize_src_events, [State], false, IsError);
+        false -> {IsError, State}
+    end;
+process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
+    {NewIsError, NewState} =
+    case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
+        {S, S} ->
+            Mod:report_status(Key, no_op, State),
+            {IsError, State}; %% nothing to do
+        {{protected, _}, ?NOT_FOUND} -> % pusher protection
+            ?JError("Protected ~p is not found on target", [Key]),
+            Error = <<"Protected key is not found on target">>,
+            Mod:report_status(Key, Error, State),
+            dperl_dal:job_error(Key, <<"sync">>, <<"process_events">>, Error),
+            {true, State};
+        {{protected, S}, D} -> % pusher protection
+            execute_prov_fun("Protected", Mod, update_channel, [Key, true, S, D, State], ShouldLog, IsError, check);
+        {{protected, IsSamePlatform, S}, D} -> % puller protection
+            execute_prov_fun("Protected", Mod, update_channel, [Key, IsSamePlatform, S, D, State], ShouldLog, IsError, check);
+        {?NOT_FOUND, _D} -> execute_prov_fun("Deleted", Mod, delete_dst, [Key, State], ShouldLog, IsError);
+        {S, ?NOT_FOUND} -> execute_prov_fun("Inserted", Mod, insert_dst, [Key, S, State], ShouldLog, IsError);
+        {error, _} -> {true, State};
+        {_, error} -> {true, State};
+        {{error, _} = Error, _} ->
+            ?JError("Fetch src ~p : ~p", [Key, Error]),
+            Mod:report_status(Key, Error, State),
+            {true, State};
+        {_, {error, _} = Error} ->
+            ?JError("Fetch dst ~p : ~p", [Key, Error]),
+            Mod:report_status(Key, Error, State),
+            {true, State};
+        {{error, Error, State1}, _} ->
+            ?JError("Fetch src ~p : ~p", [Key, Error]),
+            Mod:report_status(Key, {error, Error}, State1),
+            {true, State1};
+        {_, {error, Error, State1}} ->
+            ?JError("Fetch dst ~p : ~p", [Key, Error]),
+            Mod:report_status(Key, {error, Error}, State1),
+            {true, State1};
+        {S, D} ->
+            DiffFun =
+            case erlang:function_exported(Mod, is_equal, 4) of
+                true -> fun Mod:is_equal/4;
+                false -> fun is_equal/4
+            end,
+            case DiffFun(Key, S, D, State) of
+                false -> execute_prov_fun("Updated", Mod, update_dst, [Key, S, State], ShouldLog, IsError);
+                true ->
+                    Mod:report_status(Key, no_op, State),
+                    {IsError, State}
+            end
+    end,
+    process_events(Keys, Mod, NewState, ShouldLog, NewIsError).
+
+execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError) ->
+    case catch apply(Mod, Fun, Args) of
+        {false, NewState} ->
+            sync_log(Op, hd(Args), ShouldLog),
+            {IsError, NewState};
+        {true, NewState} -> {true, NewState};
+        {idle, NewState} -> {idle, NewState};
+        Error ->
+            case Op of
+                finalize_src_events ->
+                    ?JError("Executing : ~p Error : ~p", [Fun, Error]);
+                _ ->
+                    ?JError("Executing : ~p for key : ~p Error : ~p",
+                            [Fun, hd(Args), Error])
+            end,
+            {true, lists:last(Args)}
+    end.
+
+execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError, check) ->
+    case erlang:function_exported(Mod, Fun, length(Args)) of
+        true -> execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError);
+        false ->
+            ?Error("Function : ~p not exported in mod : ~p", [Fun, Mod]),
+            {true, lists:last(Args)}
+    end.
+
+-spec cleanup_refresh_collect(atom(), #cleanup_ctx{}, state()) ->
+    #{deletes => list(), inserts => list(), lastKey => any()}.
+cleanup_refresh_collect(Mod,
+                #cleanup_ctx{minKey = MinKey, maxKey = MaxKey,
+                             lastKey = LastKey, bulkCount = BulkCnt} = CleanupCtx,
+                State) ->
+    CurKey = if
+                 LastKey =< MinKey -> MinKey;  % throw to cycle start if getting
+                 LastKey >= MaxKey -> MinKey;  % out of key bounds by re-config
+                 true -> LastKey
+             end,
+    SrcKeys = Mod:load_src_after_key(CurKey, BulkCnt, State),
+    DstKeys = Mod:load_dst_after_key(CurKey, BulkCnt, State),
+    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{
+        srcKeys = SrcKeys, srcCount = length(SrcKeys),
+        dstKeys = DstKeys, dstCount = length(DstKeys), lastKey = CurKey}).
+
+-spec cleanup_refresh_compare(#cleanup_ctx{}) -> #{deletes => list(), differences => list(), inserts => list(), lastKey => any()}.
+cleanup_refresh_compare(#cleanup_ctx{
+                   srcKeys = SrcKeys, dstKeys = [], deletes = Deletes, 
+                   inserts = Inserts, minKey = MinKey, differences = Diffs,
+                   dstCount = DstCount, bulkCount = BulkCnt, srcCount = SrcCount})
+  when DstCount < BulkCnt, SrcCount < BulkCnt ->
+    Remaining = fetch_keys(SrcKeys),
+    #{deletes => Deletes, differences => Diffs, inserts => Inserts++Remaining, lastKey => MinKey};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = SrcKeys, dstKeys = [], deletes = Deletes, dstCount = DstCount,
+                                     inserts = Inserts, differences = Diffs})
+  when DstCount == 0 ->
+    Remaining = fetch_keys(SrcKeys),
+    #{deletes => Deletes, differences => Diffs, inserts => Inserts++Remaining, lastKey => last_key(SrcKeys)};
+cleanup_refresh_compare(#cleanup_ctx{dstKeys = [], deletes = Deletes, differences = Diffs,
+                                     inserts = Inserts, lastKey = LK}) ->
+    #{deletes => Deletes, differences => Diffs, inserts => Inserts, lastKey => LK};
+cleanup_refresh_compare(#cleanup_ctx{
+                   srcCount = SrcCount, dstKeys = DstKeys, bulkCount = BulkCnt,
+                   minKey = MinKey, srcKeys = [], deletes = Deletes, 
+                   inserts = Inserts, dstCount = DstCount, differences = Diffs})
+  when SrcCount < BulkCnt, DstCount < BulkCnt ->
+    Remaining = fetch_keys(DstKeys),
+    #{deletes => Deletes++Remaining, differences => Diffs, inserts => Inserts, lastKey => MinKey};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = [], deletes = Deletes,
+                                     inserts = Inserts, dstKeys = DstKeys,
+                                     differences = Diffs, srcCount = SrcCount}) 
+  when SrcCount == 0 ->
+    Remaining = fetch_keys(DstKeys),
+    #{deletes => Deletes ++ Remaining, differences => Diffs, inserts => Inserts, lastKey => last_key(DstKeys)};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = [], deletes = Deletes, differences = Diffs,
+                                     inserts = Inserts, lastKey = LK}) ->
+    #{deletes => Deletes, differences => Diffs, inserts => Inserts, lastKey => LK};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = [K|SrcKeys], dstKeys = [K|DstKeys]}
+                = CleanupCtx) ->
+    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{srcKeys = SrcKeys, dstKeys = DstKeys,
+                                                   lastKey = last_key([K])});
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = [{K, _} | SrcKeys], dstKeys = [{K, _} | DstKeys],
+                                     differences = Diffs} = CleanupCtx) ->
+    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{srcKeys = SrcKeys, dstKeys = DstKeys,
+                                                   lastKey = K, differences = [K | Diffs]});
+cleanup_refresh_compare(#cleanup_ctx{srcKeys = [SK|SrcKeys], dstKeys = [DK | DstKeys],
+                                     inserts = Inserts, deletes = Deletes} = CleanupCtx) ->
+    case {last_key([SK]), last_key([DK])} of
+        {K1, K2} when K1 < K2 -> cleanup_refresh_compare(
+                CleanupCtx#cleanup_ctx{srcKeys = SrcKeys,
+                                       inserts = [K1|Inserts], lastKey = K1});
+        {K1, K2} when K2 < K1 -> cleanup_refresh_compare(
+                CleanupCtx#cleanup_ctx{dstKeys = DstKeys,
+                                       deletes = [K2|Deletes], lastKey = K2})
+    end.
+
+fetch_keys([]) -> [];
+fetch_keys([{_, _} | _] = KVs) -> [K || {K, _} <- KVs];
+fetch_keys(Keys) -> Keys.
+
+last_key([{_, _} | _] = KVs) -> element(1, lists:last(KVs));
+last_key(Keys) -> lists:last(Keys).
+
+%% ----------------------
+
+
+%% ----------------------
+%% Eunit Tests
+%% ----------------------
+
+-ifdef(TEST).
+
+-include_lib("eunit/include/eunit.hrl").
+
+load_batch(CurKey, BulkCnt, Keys) ->
+    lists:sort(lists:foldl(
+        fun({K, _} = E , Acc) ->
+            if length(Acc) < BulkCnt andalso K > CurKey -> [E | Acc];
+               true -> Acc
+            end;
+           (E, Acc) ->
+            if length(Acc) < BulkCnt andalso E > CurKey -> [E | Acc];
+               true -> Acc
+            end
+        end, [], Keys)).
+
+load_src_after_key(CurKey, BulkCnt, {SrcKeys, _}) -> 
+    load_batch(CurKey, BulkCnt, SrcKeys).
+
+load_dst_after_key(CurKey, BulkCnt, {_, DstKeys}) -> 
+    load_batch(CurKey, BulkCnt, DstKeys).
+
+cleanup_refresh_compare_test() ->
+    BulkCnt = 1000,
+    SrcCount = rand:uniform(1000),
+    SrcKeys = lists:usort([rand:uniform(3000) || _ <- lists:seq(1, SrcCount)]),
+    DstCount = rand:uniform(1000),
+    DstKeys = lists:usort([rand:uniform(3000) || _ <- lists:seq(1, DstCount)]),
+    #{deletes := Dels, inserts := Ins} =
+    cleanup_refresh_collect(?MODULE,
+                #cleanup_ctx{minKey = -1, maxKey = <<255>>,
+                             lastKey = 0, bulkCount = BulkCnt},
+                {SrcKeys, DstKeys}),
+    Cleaned = lists:sort(lists:foldr(fun(K, Acc) ->
+                case lists:member(K, Dels) of
+                    true -> 
+                        lists:delete(K, Acc);
+                    false -> Acc
+                end
+            end, DstKeys, Dels) ++ Ins),
+    ?assertEqual(Cleaned, SrcKeys).
+
+complete_cleanup_refresh(AllSrcKeys, AllDstKeys) ->
+    BulkCnt = 100,
+    MaxKey = <<255>>,
+    Ctx = #cleanup_ctx{minKey = -1, maxKey = MaxKey, lastKey = 0, 
+                       bulkCount = BulkCnt},
+    #{deletes := Dels, differences := Diffs, inserts := Ins} = cleanup_refresh_loop(Ctx, 0, {AllSrcKeys, AllDstKeys}, #{}),
+    Cleaned = lists:usort(lists:foldr(fun(K, Acc) ->
+                case lists:member(K, Dels) of
+                    true -> 
+                        lists:delete(K, Acc);
+                    false -> Acc
+                end
+            end, fetch_keys(AllDstKeys), Dels) ++ Ins),
+    ?assertEqual(Cleaned, lists:usort(fetch_keys(AllSrcKeys))),
+    Diffs1 = lists:usort(lists:foldl(
+                fun({K, V}, Acc) -> 
+                    case lists:keyfind(K, 1, AllDstKeys) of
+                        {K, V} -> Acc;
+                        {K, _} -> [K | Acc];
+                        false -> Acc
+                    end;
+                   (_, Acc) -> Acc
+                end, [], AllSrcKeys)),
+    ?assertEqual(Diffs1, lists:usort(Diffs)).
+
+complete_cleanup_refresh(AllSrcKeys, AllDstKeys, BulkCnt) ->
+    MaxKey = <<255>>,
+    Ctx = #cleanup_ctx{minKey = -1, maxKey = MaxKey, lastKey = 0, 
+                       bulkCount = BulkCnt},
+    cleanup_refresh_collect(?MODULE, Ctx, {AllSrcKeys, AllDstKeys}).
+
+cleanup_refresh_loop(_, -1, _, Acc) -> Acc;
+cleanup_refresh_loop(Ctx, CurKey, AllKeys, Acc) ->
+    #{deletes := Dels, differences := Diffs, inserts := Ins, lastKey := LastKey} = 
+    cleanup_refresh_collect(?MODULE, Ctx#cleanup_ctx{lastKey = CurKey}, AllKeys),
+    NewAcc = Acc#{deletes => Dels ++ maps:get(deletes, Acc, []), 
+                  differences => Diffs ++ maps:get(differences, Acc, []),
+                  inserts => Ins ++ maps:get(inserts, Acc, [])},
+    cleanup_refresh_loop(Ctx, LastKey, AllKeys, NewAcc).
+
+cleanup_only_test() ->
+    [ok] = lists:usort([begin 
+        AllSrcKeys = lists:usort([rand:uniform(5000) || _ <- lists:seq(1, 2000)]),
+        AllDstKeys = lists:usort([rand:uniform(5000) || _ <- lists:seq(1, 2000)]),
+        complete_cleanup_refresh(AllSrcKeys, AllDstKeys) 
+    end || _ <- lists:seq(1, 10)]),
+    AllSrcKeys1 = lists:usort([rand:uniform(5000) || _ <- lists:seq(1, 2000)]),
+    AllDstKeys1 = lists:usort([rand:uniform(5000) || _ <- lists:seq(1, 2000)]),
+    ok = complete_cleanup_refresh(AllSrcKeys1, AllDstKeys1),
+    %cleanup with SrcKeys missing 500 to 1000
+    ok = complete_cleanup_refresh([K || K <- AllSrcKeys1, K < 500 orelse K > 1000], AllDstKeys1),
+    %cleanup with DstKeys missing 500 to 1000
+    ok = complete_cleanup_refresh(AllSrcKeys1, [K || K <- AllDstKeys1, K < 500 orelse K > 1000]),
+    %cleanup with DstKeys as []
+    ok = complete_cleanup_refresh(AllSrcKeys1, []),
+    %cleanup with SrcKeys as []
+    ok = complete_cleanup_refresh([], AllDstKeys1).
+
+cleanup_refresh_test() ->
+    %% cleanup with refresh tests
+    %refresh test with differences
+    [ok] = lists:usort([begin
+        AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), S} || S <- lists:seq(1, 2000)]))),
+        AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), S} || S <- lists:seq(1, 2000)]))),
+        complete_cleanup_refresh(AllSrcKeys, AllDstKeys)
+    end || _ <- lists:seq(1,10)]),
+    [ok] = lists:usort([begin
+        AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+        AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+        complete_cleanup_refresh(AllSrcKeys, AllDstKeys)
+    end || _ <- lists:seq(1,10)]),
+    AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    ok = complete_cleanup_refresh(AllSrcKeys, AllDstKeys),
+    %cleanup refresh with SrcKeys missing 500 to 1000
+    ok = complete_cleanup_refresh([{K, V} || {K, V} <- AllSrcKeys, K < 500 orelse K > 1000], AllDstKeys),
+    %cleanup refresh with DstKeys missing 500 to 1000
+    ok = complete_cleanup_refresh(AllSrcKeys, [{K, V} || {K, V} <- AllDstKeys, K < 500 orelse K > 1000]).
+
+cleanup_refresh_boundary_test() ->
+    AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    %cleanup refresh with DstKeys as []
+    ok = complete_cleanup_refresh(AllSrcKeys, []),
+    %cleanup refresh with SrcKeys as []
+    ok = complete_cleanup_refresh([], AllDstKeys),
+    %cleanup refresh with DstKeys as [{1, 10}]
+    ok = complete_cleanup_refresh(AllSrcKeys, [{1, 10}]),
+    %cleanup refresh with SrcKeys as [{1, 10}]
+    ok = complete_cleanup_refresh([{1, 10}], AllDstKeys),
+    %cleanup refresh with less DstKeys
+    ok = complete_cleanup_refresh(AllSrcKeys, lists:sublist(AllDstKeys, 100)),
+    %cleanup refresh with less SrcKeys
+    ok = complete_cleanup_refresh(lists:sublist(AllSrcKeys, 100), AllDstKeys).
+
+cleanup_refresh_only_dels_test() ->
+    AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    DeleteKeys = [{6000, 6}, {7000, 7}, {8000, 8}],
+    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys, AllKeys ++ DeleteKeys, 2000),
+    ?assertEqual([], Diffs),
+    ?assertEqual([], Ins),
+    ?assertEqual([6000, 7000, 8000], Dels).    
+
+cleanup_refresh_only_ins_test() ->
+    AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    InsertKeys = [{6000, 6}, {7000, 7}, {8000, 8}],
+    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys ++ InsertKeys, AllKeys, 2000),
+    ?assertEqual([], Diffs),
+    ?assertEqual([6000, 7000, 8000], Ins),
+    ?assertEqual([], Dels). 
+
+cleanup_refresh_no_op_test() ->
+    AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
+    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys, AllKeys, 2000),
+    ?assertEqual([], Diffs),
+    ?assertEqual([], Ins),
+    ?assertEqual([], Dels).
+
+cleanup_refresh_no_diff_test() ->
+    AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), 1} || _ <- lists:seq(1, 2000)]))),
+    AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), 1} || _ <- lists:seq(1, 2000)]))),
+    #{differences := Diffs} = complete_cleanup_refresh(AllSrcKeys, AllDstKeys, 2000),
+    ?assertEqual([], Diffs).
+
+-endif.
diff --git a/src/dperl_sup.erl b/src/dperl_sup.erl
new file mode 100644
index 00000000..e0b95398
--- /dev/null
+++ b/src/dperl_sup.erl
@@ -0,0 +1,93 @@
+-module(dperl_sup).
+-behaviour(supervisor).
+
+-include("dperl.hrl").
+
+%% API
+-export([start_link/0]).
+
+%% Supervisor callbacks
+-export([init/1]).
+
+%% Helper macro for declaring children of supervisor
+-define(CHILD(I, Type), {I, {I, start_link, []}, permanent, 5000, Type, [I]}).
+
+%% ===================================================================
+%% API functions
+%% ===================================================================
+
+start_link() ->
+    ?Info("~p starting...~n", [?MODULE]),
+    lists:map(
+      fun({Table, ColumnNames, ColumnTypes, DefaultRecord, Opts}) ->
+        ok = dperl_dal:check_table(
+          Table, ColumnNames, ColumnTypes, DefaultRecord, Opts
+        )
+      end,
+      [
+        ?TABLESPEC(dperlJob,[]),
+        ?TABLESPEC(
+          ?JOBDYN_TABLE, dperlNodeJobDyn,
+          [
+            {scope,local},
+            {local_content,true},
+            {record_name,dperlNodeJobDyn}
+          ]
+        ),
+        ?TABLESPEC(dperlService, []),
+        ?TABLESPEC(
+          ?SERVICEDYN_TABLE, dperlServiceDyn,
+          [
+            {scope,local},
+            {local_content,true},
+            {record_name,dperlServiceDyn}
+          ]
+        )
+      ]
+    ),
+    ok = dderl:add_d3_templates_path(
+      dderl, filename:join(priv_dir(), "dashboard_scripts")
+    ),
+    case supervisor:start_link({local, ?MODULE}, ?MODULE, []) of
+        {ok,_} = Success ->
+            ?Info("~p started!~n", [?MODULE]),
+            Success;
+        Error ->
+            ?Error("~p failed to start ~p~n", [?MODULE, Error]),
+            Error
+    end.
+
+%% ===================================================================
+%% Supervisor callbacks
+%% ===================================================================
+
+init([]) ->
+    {ok,
+     {#{strategy => one_for_one, intensity => 5, period => 10},
+      [#{id => dperl_metrics,
+         start => {dperl_metrics, start_link, []},
+         restart => permanent, shutdown => 5000, type => worker,
+         modules => [dperl_metrics]},
+       #{id => dperl_job_sup,
+         start => {dperl_worker_sup, start_link, [job]},
+         restart => permanent, shutdown => 60000, type => supervisor,
+         modules => [dperl_worker_sup]},
+       #{id => dperl_service_sup,
+         start => {dperl_worker_sup, start_link, [service]},
+         restart => permanent, shutdown => 60000, type => supervisor,
+         modules => [dperl_worker_sup]},
+       #{id => dperl_job_cp,
+         start => {dperl_cp, start_link, [job]},
+         restart => permanent, shutdown => 5000, type => worker,
+         modules => [dperl_cp]},
+       #{id => dperl_service_cp,
+         start => {dperl_cp, start_link, [service]},
+         restart => permanent, shutdown => 5000, type => worker,
+         modules => [dperl_cp]}
+      ]}}.
+
+priv_dir() ->
+    case code:priv_dir(?MODULE) of
+        {error, bad_name} -> "priv";
+        PDir -> PDir
+    end.
diff --git a/src/dperl_worker.erl b/src/dperl_worker.erl
new file mode 100644
index 00000000..1435bd54
--- /dev/null
+++ b/src/dperl_worker.erl
@@ -0,0 +1,308 @@
+-module(dperl_worker).
+
+-include("dperl.hrl").
+
+-behavior(gen_server).
+
+% behavior export
+-export([behaviour_info/1]).
+
+% interface export
+-export([start_link/3, start/1, stop/2, list/1, child_spec/2, child_id/2,
+         is_alive/2]).
+
+% gen_server exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2]).
+
+-record(st, {n, m, ms, js}).
+
+behaviour_info(callbacks) -> [{get_status,1}, {init_state,1}
+                              | gen_server:behaviour_info(callbacks)];
+behaviour_info(Type) -> gen_server:behaviour_info(Type).
+
+start(JobOrService) when is_record(JobOrService, dperlJob);
+                         is_record(JobOrService, dperlService) ->
+
+    Mod  = ?G(JobOrService,module),
+    Name = ?G(JobOrService,name),
+    Behaviors =
+    lists:reverse(
+      lists:foldl(
+        fun({behavior,[Behavior]}, Acc) ->
+                case code:ensure_loaded(Behavior) == {module, Behavior} andalso
+                     erlang:function_exported(Behavior, execute, 4) of
+                    true -> [Behavior|Acc];
+                    _ -> Acc
+                end;
+           (_, Acc) -> Acc
+        end, [], Mod:module_info(attributes))),
+    Sup = ?SUP(JobOrService),
+    ChildId = {Mod, Name},
+    ChildSpec = #{id => ChildId, restart => transient, shutdown => 30000,
+                  type => worker, modules => [Mod],
+                  start => {?MODULE, start_link, [JobOrService, Behaviors, Sup]}},
+    case supervisor:get_childspec(Sup, ChildId) of
+        {ok, ChildSpec} -> supervisor:restart_child(Sup, ChildId);
+        {ok, _} ->
+            supervisor:terminate_child(Sup, ChildId),
+            supervisor:delete_child(Sup, ChildId),
+            start(JobOrService);
+        {error, not_found} ->
+            case supervisor:start_child(Sup, ChildSpec) of
+                {ok, _} = Result -> Result;
+                {ok, _, _} = Result -> Result;
+                {error, {Error, _Child}} ->
+                    ?Error([{enum, dperl_dal:to_atom(Name)}],
+                           "~p starting ~p_~s: ~p", [Sup, Mod, Name, Error], []),
+                    error(Error);
+                {error, Error} ->
+                    ?Error([{enum, dperl_dal:to_atom(Name)}],
+                           "~p starting ~p_~s: ~p", [Sup, Mod, Name, Error], []),
+                    error(Error)
+            end
+    end.
+
+stop(Mod, Name) ->
+    case get_supervisor(Mod, Name) of
+        not_found ->
+            {error, not_found};
+        Sup ->
+            case supervisor:terminate_child(Sup, {Mod, Name}) of
+                ok ->
+                    case supervisor:delete_child(Sup, {Mod, Name}) of
+                        ok -> ok;
+                        {error, Error} ->
+                            ?Error("~p stop ~p_~s (delete_child) : ~p",
+                                   [Sup, Mod, Name, Error]),
+                            {error, Error}
+                    end;
+                {error, not_found} -> {error, not_found};
+                {error, Error} ->
+                    ?Error("~p stop ~p_~s (terminate_child) : ~p",
+                           [Sup, Mod, Name, Error]),
+                    error(Error)
+            end
+    end.
+
+get_supervisor(Mod, Name) ->
+    case whereis(child_id(Mod, Name)) of
+        Pid when is_pid(Pid) ->
+            {dictionary, Dictionary} = erlang:process_info(Pid, dictionary),
+            case lists:keyfind(supervisor, 1, Dictionary) of
+                {supervisor, Sup} ->
+                    Sup;
+                _ ->
+                    not_found
+            end;
+        undefined ->
+            not_found
+    end.
+
+list(job) ->
+    list(whereis(dperl_job_sup));
+list(service) ->
+    list(whereis(dperl_service_sup));
+list(undefined) ->
+    [];
+list(Pid) when is_pid(Pid) ->
+    case erlang:process_info(Pid, links) of
+        {links, [_]} -> [];
+        {links, Links} ->
+            lists:map(
+                fun(ChildPid) ->
+                    {dictionary, Dictionary} = erlang:process_info(ChildPid, dictionary),
+                    {name, Name} = lists:keyfind(name, 1, Dictionary),
+                    {module, Mod} = lists:keyfind(module, 1, Dictionary),
+                    {Mod, Name}
+                end, Links -- [whereis(dperl_sup)]);
+        _ -> []
+    end.
+
+child_spec(job, Id) -> supervisor:get_childspec(dperl_job_sup, Id);
+child_spec(service, Id) -> supervisor:get_childspec(dperl_service_sup, Id).
+
+is_alive(Type, Name) when Type == job; Type == service ->
+    lists:any(
+        fun({_, JobOrServiceName}) ->
+            Name == JobOrServiceName
+        end, list(Type)
+    ).
+
+start_link(JobOrService, Behaviors, Sup)
+    when is_record(JobOrService, dperlJob);
+         is_record(JobOrService, dperlService) ->
+    Mod  = ?G(JobOrService,module),
+    Name = ?G(JobOrService,name),
+    Opts = ?G(JobOrService,opts),
+    Sup  = ?SUP(JobOrService),
+    case gen_server:start_link({local, child_id(Mod, Name)}, ?MODULE,
+                               {JobOrService, Behaviors, Sup},
+                               Opts) of
+        {ok, Pid} ->
+            ?Debug([{enum, dperl_dal:to_atom(Name)}],
+                   "~p started ~p_~s: ~p", [Sup, Mod, Name, Pid]),
+            {ok, Pid};
+        {error, Error} ->
+            ?Error([{enum, dperl_dal:to_atom(Name)}],
+                   "~p starting ~p_~s: ~p", [Sup, Mod, Name, Error], []),
+            {error, Error};
+        Other ->
+            ?Error([{enum, dperl_dal:to_atom(Name)}],
+                   "~p starting ~p_~s: ~p", [Sup, Mod, Name, Other], []),
+            Other
+    end.
+
+-spec child_id(atom() | list(), list() | binary()) -> atom().
+child_id(M, C) when is_atom(M) -> child_id(atom_to_list(M), C);
+child_id(M, C) when is_binary(C) -> child_id(M, binary_to_list(C));
+child_id(M, C) when is_list(M), is_list(C) -> list_to_atom(M++"_"++C).
+
+init({JobOrService, Behaviors, Sup})
+    when is_record(JobOrService, dperlJob);
+         is_record(JobOrService, dperlService) ->
+    Mod  = ?G(JobOrService,module),
+    Name = ?G(JobOrService,name),
+    Args = ?G(JobOrService,args),
+    %% to get the following keys in oci process add it explicitly in
+    %% dperl_dal:oci_opts
+    put(debug, maps:get(debug, Args, false)),
+    put(jstate, s),
+    put(module, Mod),
+    put(name, Name),
+    put(jname, dperl_dal:to_atom(Name)),
+    put(supervisor, Sup),
+    ?Debug("starting ~p_~s", [Mod, Name]),
+    process_flag(trap_exit, true),
+    Bhaves = [self() ! {internal, {behavior, B, Args}} || B <- Behaviors],
+    DefaultModState = Mod:init_state(dperl_dal:job_state(Name)),
+    Type = ?RC(JobOrService),
+    JobOrServiceSortedLinks =
+    case JobOrService of
+        #dperlJob{srcArgs = #{links := UnsortedSrcLinks} = SrcArgs,
+                 dstArgs = #{links := UnsortedDstLinks} = DstArgs} ->
+            JobOrService#dperlJob{
+              srcArgs = SrcArgs#{links => dperl_dal:sort_links(UnsortedSrcLinks)},
+              dstArgs = DstArgs#{links => dperl_dal:sort_links(UnsortedDstLinks)}};
+        #dperlJob{dstArgs = #{links := UnsortedLinks} = DstArgs} ->
+            JobOrService#dperlJob{dstArgs = DstArgs#{links => dperl_dal:sort_links(UnsortedLinks)}};
+        #dperlJob{srcArgs = #{links := UnsortedLinks} = SrcArgs} ->
+            JobOrService#dperlJob{srcArgs = SrcArgs#{links => dperl_dal:sort_links(UnsortedLinks)}};
+        _ -> JobOrService
+    end,
+    case catch Mod:init({JobOrServiceSortedLinks, DefaultModState}) of
+        {'EXIT', Reason} ->
+            {stop, {shutdown, Reason}};
+        {ok, ModState} ->
+            update_state(Type, Name, Mod, Bhaves, ModState),
+            dperl_dal:set_running(JobOrService, true),
+            {ok, #st{n = Name, m = Mod, ms = ModState, js = JobOrService}};
+        {ok, ModState, Timeout} ->
+            update_state(Type, Name, Mod, Bhaves, ModState),
+            dperl_dal:set_running(JobOrService, true),
+            {ok, #st{n = Name, m = Mod, ms = ModState, js = JobOrService}, Timeout};
+        Error ->
+            dperl_dal:worker_error(Type, <<"init">>, <<"init">>, Error),
+            Error
+    end.
+
+handle_call({internal, Args}, From, St) -> handle_call_i(Args, From, St);
+handle_call(Normal, From, #st{m = Mod, ms = ModState} = St) ->
+    case catch Mod:handle_call(Normal, From, ModState) of
+        {'EXIT', Reason} ->
+            {stop, {shutdown, Reason}, St};
+        {reply, Reply, NewModState} ->
+            {reply, Reply, St#st{ms = NewModState}};
+        {reply, Reply, NewModState, Timeout} ->
+            {reply,Reply,St#st{ms = NewModState},Timeout};
+        {noreply, NewModState} ->
+            {noreply, St#st{ms = NewModState}};
+        {noreply, NewModState, Timeout} ->
+            {noreply, St#st{ms = NewModState}, Timeout};
+        {stop,Reason,Reply,NewModState} ->
+            {stop,Reason,Reply,St#st{ms = NewModState}};
+        {stop, Reason, NewModState} ->
+            {stop, Reason, St#st{ms = NewModState}}
+    end.
+
+handle_cast({internal, Args}, St) -> handle_cast_i(Args, St);
+handle_cast(Normal, #st{m = Mod, ms = ModState} = St) ->
+    case catch Mod:handle_cast(Normal, ModState) of
+        {'EXIT', Reason} ->
+            {stop, {shutdown, Reason}, St};
+        {noreply, NewModState} ->
+            {noreply, St#st{ms = NewModState}};
+        {noreply, NewModState, Timeout} ->
+            {noreply, St#st{ms = NewModState}, Timeout};
+        {stop, Reason, NewModState} ->
+            {stop, Reason, St#st{ms = NewModState}}
+    end.
+
+handle_info({internal, Args}, St) -> handle_info_i(Args, St);
+handle_info(Normal, #st{m = Mod, ms = ModState} = St) ->
+    case catch Mod:handle_info(Normal, ModState) of
+        {'EXIT', Reason} ->
+            {stop, {shutdown, Reason}, St};
+        {noreply, NewModState} ->
+            {noreply, St#st{ms = NewModState}};
+        {noreply, NewModState, Timeout} ->
+            {noreply, St#st{ms = NewModState}, Timeout};
+        {stop, Reason, NewModState} ->
+            {stop, Reason, St#st{ms = NewModState}}
+    end.
+
+code_change(OldVsn, #st{m = Mod, ms = ModState} = St, Extra) ->
+    case catch Mod:code_change(OldVsn, ModState, Extra) of
+        {'EXIT', Reason} ->
+            {error, Reason};
+        {ok, NewModState} ->
+            {ok, St#st{ms = NewModState}};
+        {error, Reason} ->
+            {error, Reason}
+    end.
+
+format_status(Opt, [PDict, #st{m = Mod, ms = ModState}]) ->
+    case catch Mod:format_status(Opt, [PDict, ModState]) of
+        {'EXIT', Reason} ->
+            ?JError("format_status ~p", [Reason]);
+        Result -> Result
+    end.
+
+terminate(Reason, #st{m = Mod, ms = ModState, n = Name, js = JobOrService}) ->
+    State = Mod:get_status(ModState),
+    case ?RC(JobOrService) of
+        job -> dperl_dal:update_job_dyn(Name, State, stopped);
+        service -> dperl_dal:update_service_dyn(Name, State, stopped)
+    end,
+    dperl_dal:set_running(JobOrService, false),
+    case catch Mod:terminate(Reason, ModState) of
+        {'EXIT', Reason} ->
+            ?JError("terminate ~p", [Reason]);
+        Result -> Result
+    end.
+
+handle_call_i(Args, _From, St) ->
+    ?JError("handle_call_i(~p)", [Args]),
+    {reply, ok, St}.
+
+handle_cast_i(Args, St) ->
+    ?JError("handle_cast_i(~p)", [Args]),
+    {noreply, St}.
+
+handle_info_i({behavior, BMod, Args}, St) ->
+    case catch BMod:execute(St#st.m, St#st.n, St#st.ms, Args) of
+        {'EXIT', Reason} -> {stop, {shutdown, Reason}, St};
+        Ms -> {noreply, St#st{ms = Ms}}
+    end;
+handle_info_i(Args, St) ->
+    ?JError("handle_info_i(~p)", [Args]),
+    {noreply, St}.
+
+update_state(job, Name, Mod, Bhaves, ModuleState) ->
+    dperl_dal:job_error_close(),     
+    if length(Bhaves) < 1 ->
+           dperl_dal:update_job_dyn(Name, Mod:get_status(ModuleState), synced);
+       true -> 
+           dperl_dal:update_job_dyn(Name, Mod:get_status(ModuleState), undefined)
+    end;
+update_state(service, _Name, _Mod, _Behaves, _ModuleState) -> no_op.
diff --git a/src/dperl_worker_sup.erl b/src/dperl_worker_sup.erl
new file mode 100644
index 00000000..8c2e1f89
--- /dev/null
+++ b/src/dperl_worker_sup.erl
@@ -0,0 +1,31 @@
+-module(dperl_worker_sup).
+-behaviour(supervisor).
+
+-include("dperl.hrl").
+
+%% Supervisor callbacks
+-export([start_link/1, init/1]).
+
+%% ===================================================================
+%% API functions
+%% ===================================================================
+
+start_link(service) -> start_link(dperl_job_sup);
+start_link(job) ->  start_link(dperl_service_sup);
+start_link(Ext) when Ext == dperl_job_sup; Ext == dperl_service_sup ->
+    ?Info("~p starting...~n", [Ext]),
+    case supervisor:start_link({local, Ext}, ?MODULE, [Ext]) of
+        {ok,_} = Success ->
+            ?Info("~p started!~n", [Ext]),
+            Success;
+        Error ->
+            ?Error("~p failed to start ~p~n", [Ext, Error]),
+            Error
+    end.
+
+%% ===================================================================
+%% Supervisor callbacks
+%% ===================================================================
+
+init([_Ext]) ->
+    {ok, { #{strategy => one_for_one, intensity => 5, period => 1}, []} }.

From ea2f564f7b2cf89da95d9cb51a846a39d599eb18 Mon Sep 17 00:00:00 2001
From: Bikram Chatterjee <chatterjee@bluewin.ch>
Date: Tue, 14 Apr 2020 14:10:54 +0200
Subject: [PATCH 02/72] WIP cleanup and renames

---
 rebar.config                                  |   5 +
 src/dperl_file_copy.erl                       | 791 ++++++++++++++++++
 ...dperl_ora.erl => dperl_service_oracle.erl} |   4 +-
 ...dperl_ora.hrl => dperl_service_oracle.hrl} |   0
 src/dperl_status_push.erl                     | 151 ----
 src/ouraring_crawl.erl                        | 104 +++
 test.escript                                  |  28 +
 7 files changed, 930 insertions(+), 153 deletions(-)
 create mode 100644 src/dperl_file_copy.erl
 rename src/{dperl_ora.erl => dperl_service_oracle.erl} (99%)
 rename src/{dperl_ora.hrl => dperl_service_oracle.hrl} (100%)
 delete mode 100644 src/dperl_status_push.erl
 create mode 100644 src/ouraring_crawl.erl
 create mode 100644 test.escript

diff --git a/rebar.config b/rebar.config
index 6893acfc..e47db9cc 100644
--- a/rebar.config
+++ b/rebar.config
@@ -45,6 +45,11 @@
     {prometheus, "4.5.0"}
 ]}.
 
+{erl_first_files, [
+  "src/dperl_worker.erl",
+  "src/dperl_strategy_scr.erl"
+]}.
+
 {deps_error_on_conflict, false}.
 
 {dist_node, [
diff --git a/src/dperl_file_copy.erl b/src/dperl_file_copy.erl
new file mode 100644
index 00000000..a8e2ba2a
--- /dev/null
+++ b/src/dperl_file_copy.erl
@@ -0,0 +1,791 @@
+-module(dperl_file_copy).
+
+-include("dperl.hrl").
+
+-behavior(dperl_worker).
+
+% dperl_job exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         get_status/1, init_state/1]).
+
+-ifndef(TEST).
+
+-define(SFTP_TIMEOUT,
+          ?GET_CONFIG(sfhSftpTimeout, [get(name)], 3000,
+                      "Delay in millisecond before waiting for response from"
+                      " sftp after which {error, timeout} will be returned")
+       ).
+
+-define(PICK_PROFILE_FUN(_Default),
+          ?GET_CONFIG(
+                pickProfileFun, [get(name)],
+                <<??_Default>>,
+                "SFH Transfer profile election function"
+            )
+       ).
+
+-else.
+
+-define(SFTP_TIMEOUT, 3000).
+
+-define(PICK_PROFILE_FUN(_Default), <<??_Default>>).
+
+-endif.
+
+-define(SSH_DEFAULT_PORT, 22).
+
+-record(state, {name, src_ctx, file_info, src_root, srcs, dsts, src_conn,
+                dst_conn, src_connected = false, dst_connected = false,
+                status_path, status_extra, status_ctx, status_dir, dst_root,
+                dst_ctx, is_list_dir = true, src_file_handle, src_position = 0,
+                type, pick_profile_fun, pick_profile_fun_ctx}).
+
+%-------------------------------------------------------------------------------
+% dperl_worker
+%-------------------------------------------------------------------------------
+
+get_status(#state{}) -> #{}.
+
+init_state([]) -> #state{};
+init_state([#dperlNodeJobDyn{} | _]) -> #state{};
+init_state([_ | Others]) -> init_state(Others).
+
+init({#dperlJob{name=Name, dstArgs = DstArgs, args = Args,
+               srcArgs = SrcArgs}, State}) ->
+    ?JInfo("Starting"),
+    PickProfileFunStr = ?PICK_PROFILE_FUN(
+        fun(ProfileList, _Context) ->
+            {Profile, _} = lists:nth(
+                rand:uniform(length(ProfileList)),
+                ProfileList
+            ),
+            NewContext = Profile,
+            {Profile, NewContext}
+        end
+    ),
+    ?JTrace("PickProfileFunStr ~s", [PickProfileFunStr]),
+    try imem_compiler:compile(PickProfileFunStr) of
+        PickProfileFun when is_function(PickProfileFun, 2) ->
+            case catch parse_args(Args, SrcArgs, DstArgs, State) of
+                {ok, #state{status_path = SPath, status_dir = SDir} = State1} ->
+                    SDir1 = path_join([SPath, SDir]),
+                    case connect_check_dir(SDir1, SDir1) of
+                        {ok, SCtx} ->
+                            dperl_dal:activity_logger(SCtx, SDir,
+                                                     State1#state.status_extra),
+                            self() ! execute,
+                            {ok,
+                             State1#state{
+                                name=Name, status_ctx = SCtx,
+                                pick_profile_fun = PickProfileFun
+                             }};
+                        {error, SErr} ->
+                            ?JError("Status dir not accessible : ~p", [SErr]),
+                            {stop, SErr}
+                    end;
+                Error ->
+                    ?JError("Invalid job parameters : ~p", [Error]),
+                    {stop, badarg}
+            end
+    catch
+        _:Error ->
+            ?JError("Bad configuration pickProfileFun : ~p", [Error]),
+            {stop, Error}
+    end;
+init({Args, _}) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(execute, #state{name = Job} = State) ->
+    try
+        {ok, State1} = connect_check_src(State),
+        case get_source_files(State1) of
+            {none, State2} ->
+                {ok, State2};
+            {ok, State2} ->
+                {ok, State3} = connect_check_dst(State2),
+                {ok, State4} = open_tmp_files(State3),
+                process_files(State4)
+        end 
+    of
+        {ok, #state{is_list_dir = true} = State5} ->
+            %% all the files in the state has been processed
+            dperl_dal:update_job_dyn(Job, #{}, idle),
+            dperl_dal:job_error_close(),
+            erlang:send_after(?CYCLE_IDLE_WAIT(?MODULE, Job), self(), execute),
+            {noreply, State5};
+        {ok, State5} ->
+            dperl_dal:update_job_dyn(Job, #{}, synced),
+            dperl_dal:job_error_close(),
+            erlang:send_after(?CYCLE_ALWAYS_WAIT(?MODULE, Job), self(), execute),
+            {noreply, State5}
+    catch
+        error:{sfh_error, Error, State5} ->
+            ?JError("~p ~p step_failed~n~p", [?MODULE, Error, erlang:get_stacktrace()]),
+            dperl_dal:update_job_dyn(Job, #{}, error),
+            erlang:send_after(?CYCLE_ERROR_WAIT(?MODULE, Job), self(), execute),
+            dperl_dal:job_error(get(jstate), <<"step failed">>, Error),
+            {noreply, State5};
+        Class:Error ->
+            ?JError("~p ~p ~p~n~p", [?MODULE, Class, Error, erlang:get_stacktrace()]),
+            dperl_dal:update_job_dyn(Job, error),
+            erlang:send_after(?CYCLE_ERROR_WAIT(?MODULE, Job), self(), execute),
+            dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Error),
+            {noreply, State}
+    end;
+handle_info(Msg, State) ->
+    ?JWarn("Unhandled msg : ~p", [Msg]),
+    {noreply, State}.
+
+terminate(Reason, State) ->
+    check_close_conn(State#state.src_ctx, State#state.srcs),
+    check_close_conn(State#state.dst_ctx, State#state.dsts),
+    ?JInfo("terminate ~p", [Reason]).
+
+%-------------------------------------------------------------------------------
+% private
+%-------------------------------------------------------------------------------
+
+process_files(#state{name = Job} = State) ->
+    case get_source_data(State, ?MAX_BULK_COUNT(?MODULE, Job)) of
+        {ok, Data, State1} ->
+            {ok, State2} = write_tmp(Data, State1),
+            process_files(State2);
+        {eof, Data, State1} ->
+            {ok, State2} = write_tmp(Data, State1),
+            {ok, State3} = rename_tmp_files(State2),
+            {ok, State3}
+    end.
+
+connect_check_src(#state{src_connected = true} = State) ->
+    dperl_dal:activity_logger(State#state.status_ctx, State#state.status_dir,
+                             State#state.status_extra),
+    case check_dir(State#state.src_ctx, State#state.src_root) of
+        ok ->
+            {ok, State};
+        {error, Error} ->
+            error({sfh_error, Error, State#state{src_connected = false}})
+    end;
+connect_check_src(#state{src_root = Root, src_conn = Conn} = State) ->
+    case connect_check_dir(Conn, Root) of
+        {ok, Ctx} ->
+            ?JInfo("Connected to source"),
+            {ok, State#state{src_ctx = Ctx, src_connected = true}};
+        {error, Error} ->
+            ?JError("Connecting to src : ~p", [Error]),
+            error({sfh_error, Error})
+    end.
+
+connect_check_dst(#state{dst_connected = true} = State) ->
+    case check_dir(State#state.dst_ctx, State#state.dst_root) of
+        ok ->
+            {ok, State};
+        {error, Error} ->
+            error({sfh_error, Error,
+                   check_error(Error, dst, State#state{dst_connected = false})})
+    end;
+connect_check_dst(#state{dst_conn = Conn, dst_root = Root} = State) ->
+    case connect_check_dir(Conn, Root) of
+        {ok, Ctx} ->
+            ?JInfo("Connected to destination"),
+            {ok, State#state{dst_ctx = Ctx, dst_connected = true}};
+        {error, Error} ->
+            ?JError("Connecting to dst : ~p", [Error]),
+            error({sfh_error, Error, check_error(Error, dst, State)})
+    end.
+
+get_source_files(#state{is_list_dir = true, srcs = Srcs} = State) ->
+    Fun = fun(K, #{path := Path, match := Match} = Src, Ctx, STimeout) ->
+        case imem_file:list_dir(Ctx, Path, STimeout) of
+            {error, Error} ->
+                ?JError("Listing dir ~p ~s failed : ~p", [K, Path, Error]),
+                {error, Error};
+            {ok, Files} ->
+                ?JTrace("list dir ~p ~s result : ~p", [K, Path, Files]),
+                {ok, Src#{files => filter_files(Files, Match),
+                          matched => false}}
+        end
+    end,
+    case maps_map(Fun, [State#state.src_ctx, ?SFTP_TIMEOUT], Srcs) of
+        {error, Error, Srcs1} ->
+            error({sfh_error, Error, is_conn_closed(Error, src, State#state{srcs = Srcs1})});
+        {ok, Srcs1} ->
+            get_source_files(State#state{srcs = Srcs1, is_list_dir = false})
+    end;
+get_source_files(#state{file_info = undefined, srcs = Srcs} = State) ->
+    case maps:fold(fun(_Profile, #{files := []}, Acc) -> Acc;
+                      (Profile, #{files := Files}, Acc) ->
+                        [{Profile, Files} | Acc]
+                   end, [], Srcs) of
+        [] ->
+            ?JTrace("No matches found"),
+            {none, State#state{is_list_dir = true}};
+        ProfileList ->
+            {K, NewProfileFunCtx} =
+                (State#state.pick_profile_fun)(
+                    ProfileList, State#state.pick_profile_fun_ctx
+                ),
+            #{K := #{path := Path, files := [File|Files]} = Src} = Srcs,
+            FileInfo = {K, Path, File},
+            ?JTrace("File match found : ~p", [FileInfo]),
+            Srcs1 = Srcs#{K => Src#{files => Files}},
+            case is_file_in_hist(File, K, State) of
+                true ->
+                    ?JTrace("Skipping file ~p, since its already in hst file", [FileInfo]),
+                    get_source_files(
+                        State#state{srcs = Srcs1,
+                                    pick_profile_fun_ctx = NewProfileFunCtx});
+                false ->
+                    {ok,
+                     State#state{
+                        file_info = FileInfo, srcs = Srcs1,
+                        pick_profile_fun_ctx = NewProfileFunCtx
+                     }}
+            end
+    end.
+
+get_source_data(#state{file_info = {_, Path, File}, src_file_handle = undefined} = State, BulkSize) ->
+    case imem_file:open(State#state.src_ctx, path_join([Path, File]), [read], ?SFTP_TIMEOUT) of
+        {ok, FileHandle} ->
+            ?JTrace("Opened src file ~s", [File]),
+            get_source_data(State#state{src_file_handle = FileHandle}, BulkSize);
+        {error, Error} ->
+            ?JError("Opening file ~s error : ~p path : ~p", [File, Error, Path]),
+            error({sfh_error, Error, check_error(Error, src, State)})
+    end;
+get_source_data(#state{src_file_handle = FileHandle, src_ctx = Ctx} = State, BulkSize) ->
+    case read(Ctx, FileHandle, State#state.src_position, BulkSize * 1024) of
+        {ok, Data, Position} ->
+            {ok, Data, State#state{src_position = Position}};
+        {eof, Data} ->
+            ?JTrace("End of file ~p reached", [State#state.file_info]),
+            {eof, Data, State#state{src_file_handle = close_file(Ctx, FileHandle)}};
+        {error, Error} ->
+            ?JError("Reading ~p : ~p", [State#state.file_info, Error]),
+            error({sfh_error, Error, check_error(Error, src, State)})
+    end.
+
+open_tmp_files(#state{type = multipleOneToOne, file_info = {K, _, File},
+                      dsts = Dsts, dst_ctx = DCtx} = State) ->
+    #{K := Dst} = Dsts,
+    case open_tmp_file(K, Dst, DCtx, tmp_file_name(File), ?SFTP_TIMEOUT) of
+        {error, Error} ->
+            error({sfh_error, Error, check_error(Error, dst, State)});
+        {ok, Dst1} ->
+            {ok, State#state{dsts = Dsts#{K => Dst1}}}
+    end;
+open_tmp_files(#state{file_info = {_, _, File}, dsts = Dsts} = State) ->
+    case maps_map(fun open_tmp_file/5, [State#state.dst_ctx,
+                  tmp_file_name(File), ?SFTP_TIMEOUT], Dsts) of
+        {error, Error, Dsts1} ->
+            error({sfh_error, Error, check_error(Error, dst, State#state{dsts = Dsts1})});
+        {ok, Dsts1} ->
+            {ok, State#state{dsts = Dsts1}}
+    end.
+
+write_tmp(_, #state{file_info = undefined} = State) ->
+    ?JError("Src file already closed"),
+    {ok, State};
+write_tmp(<<>>, State) -> {ok, State};
+% N to N copy - srcs and dsts names should match to copy
+write_tmp(Data, #state{type = multipleOneToOne, file_info = {K, _, File},
+                              dsts = Dsts, dst_ctx = DCtx} = State) ->
+    #{K := Dst} = Dsts,
+    case write_tmp(K, Dst, DCtx, Data, File, ?SFTP_TIMEOUT) of
+        {error, Error} ->
+            error({sfh_error, Error, check_error(Error, dst, State)});
+        {ok, Dst1} ->
+            {ok, State#state{dsts = Dsts#{K => Dst1}}}
+    end;
+% 1 to 1 and 1 to N
+write_tmp(Data, #state{file_info = {_, _, File}, dsts = Dsts,
+                              dst_ctx = DCtx} = State) ->
+    case maps_map(fun write_tmp/6, [DCtx, Data, File, ?SFTP_TIMEOUT], Dsts) of
+        {error, Error, Dsts1} ->
+            error({sfh_error, Error, check_error(Error, dst, State#state{dsts = Dsts1})});
+        {ok, Dsts1} ->
+            {ok, State#state{dsts = Dsts1}}
+    end.
+
+check_dir(Ctx, Path) ->
+    case imem_file:is_dir(Ctx, Path, ?SFTP_TIMEOUT) of
+        false ->
+            imem_file:disconnect(Ctx),
+            {error, Path ++ " dir not found"};
+        true -> ok
+    end.
+
+close_file(Ctx, #{file_handle := FileHandle}) -> close_file(Ctx, FileHandle);
+close_file(_Ctx, undefined) -> undefined;
+close_file(Ctx, FileHandle) ->
+    catch imem_file:close(Ctx, FileHandle, ?SFTP_TIMEOUT),
+    undefined.
+
+check_args(Srcs, Dsts, State) ->
+    case check_arg_counts(lists:sort(maps:keys(Srcs)), lists:sort(maps:keys(Dsts))) of
+        invalid ->
+            {error, "Src and Dst args does not match"};
+        Type ->
+            {ok, State#state{dsts = Dsts, srcs = Srcs, type = Type}}
+    end.
+
+check_arg_counts(S, D) when length(S) == 1, length(D) == 1 ->
+    ?JTrace("Single source and single destination conf"),
+    oneToOne;
+check_arg_counts(S, D) when length(S) == 1 ->
+    ?JTrace("Single source and multiple destination (~p) conf", [length(D)]),
+    oneToMany;
+check_arg_counts(S, D) when length(D) == 1 ->
+    ?JTrace("Multiple source (~p) and single destination conf", [length(S)]),
+    manyToOne;
+check_arg_counts(N, N) ->
+    ?JTrace("Multiple source (~p) and multiple destination (~p) conf", [length(N), length(N)]),
+    multipleOneToOne;
+check_arg_counts(S, D) ->
+    ?JError("Source (~p) and Destination (~p) conf mismatch", [S, D]),
+    invalid.
+
+parse_args(#{status_path := StatusPath, status_extra := Extra,
+             status_dir := SName}, SrcArg, DstArg, State) ->
+    case parse_args(SrcArg) of
+        {ok, #{root := SrcRoot} = SrcConn, Srcs} ->
+            case parse_args(DstArg) of
+                {ok, #{root := DstRoot} = DstConn, Dsts} ->
+                    State1 = State#state{status_path = StatusPath,
+                                         status_extra = Extra,
+                                         status_dir = SName, src_root = SrcRoot,
+                                         dst_root = DstRoot, src_conn = SrcConn,
+                                         dst_conn = DstConn},
+                    check_args(Srcs, Dsts, State1);
+                Error -> Error
+            end;
+        Error -> Error
+    end.
+
+parse_args(#{default := _} = Args) ->
+    {Default, Rest} = maps:take(default, Args),
+    Default1 = maps:merge(#{mask => "", path => "",
+                            backup => undefined, tmp_dir => undefined},
+                          Default),
+    case process_default(Default1) of
+        {ok, Default2} ->
+            {ok, Conf} = parse_args_rest(Default2, Rest),
+            {ok, Default2, Conf};
+        {error, _} = Error ->
+            Error
+    end.
+
+process_default(#{proto := cifs, root := _} = Default) -> {ok, Default};
+process_default(#{proto := sftp, host := _, user := _, password := _,
+                  root := _} = Default) ->
+    {ok, Default#{opts => maps:get(opts, Default, []),
+                  port => maps:get(port, Default, ?SSH_DEFAULT_PORT)}};
+process_default(#{proto := sftp, host := _, user := _, key := _,
+                  root := _} = Default) ->
+    {ok, Default#{port => maps:get(port, Default, ?SSH_DEFAULT_PORT),
+                  opts => maps:get(opts, Default, [])}};
+process_default(Default) ->
+    ?JError("Invalid Default : ~p", [Default]),
+    {error, badarg}.
+
+parse_args_rest(#{mask := Mask, path := Path, backup := Backup,
+                  tmp_dir := TmpDir}, Rest) when map_size(Rest) == 0 ->
+    HistFile = <<(get(name))/binary, ".hst">>,
+    {ok, #{"1" => #{mask => Mask, path => Path, backup => Backup,
+                    match => transform_mask(Mask), hist_file => HistFile,
+                    tmp_dir => TmpDir}}};
+parse_args_rest(#{mask := Mask, path := Path, backup := Backup,
+                  tmp_dir := TmpDir}, Rest) ->
+    DefaultConf = #{mask => Mask, path => Path, backup => Backup,
+                    tmp_dir => TmpDir},
+    Confs = maps:map(
+        fun(K, V) ->
+            #{mask := Mask1} = V1 = maps:merge(DefaultConf, V),
+            KBin =
+                if not (is_list(K) orelse is_binary(K)) ->
+                        list_to_binary(io_lib:format("~p", [K]));
+                    is_list(K) -> list_to_binary(K);
+                    true -> K
+                end,
+            HistFile = <<(get(name))/binary, "(", KBin/binary, ").hst">>,
+            V1#{match => transform_mask(Mask1), hist_file => HistFile}
+        end, Rest),
+    {ok, Confs}.
+
+tmp_file_name(File) -> "tmp_" ++ File.
+
+transform_mask(Mask) ->
+    %% replace all `?` with .
+    Mask1 = re:replace(Mask, "[?]", ".", [global, {return, binary}]),
+    %% move all hashes into parenthesis
+    Mask2 = re:replace(Mask1, "[#]+", "(&)", [global, {return, binary}]),
+    %% replace all hashes with \\d to match integers
+    Mask3 = re:replace(Mask2, "[#]", "\\\\d", [global, {return, binary}]),
+    %% make it a full line match
+    <<"^", Mask3/binary, "$">>.
+
+read(Ctx, FileHandle, Position, Size) ->
+    read(Ctx, FileHandle, Position, Size, <<>>).
+ 
+read(Ctx, FileHandle, Position, Size, Acc) ->
+    case imem_file:pread(Ctx, FileHandle, Position, Size, ?SFTP_TIMEOUT) of
+        {ok, Data} when size(Data) < Size ->
+            DataSize = size(Data),
+            NewPosition = Position + DataSize,
+            NewLen = Size - DataSize,
+            read(Ctx, FileHandle, NewPosition, NewLen,
+                      <<Acc/binary, Data/binary>>);
+        {ok, Data} -> {ok, <<Acc/binary, Data/binary>>, Position + Size};
+        eof -> {eof, Acc};
+        {error, Error} -> {error, Error}
+    end.
+
+rename_tmp_files(#state{type = multipleOneToOne, file_info = {K, _, File}, dsts = Dsts,
+                        dst_ctx = DCtx, dst_conn = #{root := DstRoot}} = State) ->
+    #{K := #{mask := SrcMask}} = State#state.srcs,
+    #{K := Dst} = Dsts,
+    case rename_tmp_file(K, Dst, DCtx, SrcMask, DstRoot, File, ?SFTP_TIMEOUT) of
+        {error, Error} ->
+            error({sfh_error, Error, check_error(Error, dst, State)});
+        {ok, Dst1} ->
+            add_to_hist(State),
+            delete_or_backup_src_file(State#state{dsts = Dsts#{K => Dst1}})
+    end;
+rename_tmp_files(#state{file_info = {K, _, File}, dsts = Dsts, dst_ctx = DCtx,
+                        dst_conn = #{root := DstRoot}} = State) ->
+    #{K := #{mask := SrcMask}} = State#state.srcs,
+    case maps_map(fun rename_tmp_file/7,
+                  [DCtx, SrcMask, DstRoot, File, ?SFTP_TIMEOUT], Dsts) of
+        {error, Error, Dsts1} ->
+            error({sfh_error, Error, check_error(Error, dst, State#state{dsts = Dsts1})});
+        {ok, Dsts1} ->
+            add_to_hist(State),
+            delete_or_backup_src_file(State#state{dsts = Dsts1})
+    end.
+
+delete_or_backup_src_file(#state{file_info = {K, _Path, _File}} = State) ->
+    case maps:get(K, State#state.srcs) of
+        #{backup := undefined} ->
+            delete_src_file(State);
+        #{backup := BackupDir} ->
+            backup_src_file(BackupDir, State)
+    end.
+
+delete_src_file(#state{file_info = {_, Path, File}} = State) ->
+    case imem_file:delete(State#state.src_ctx, path_join([Path, File]), ?SFTP_TIMEOUT) of
+        ok ->
+            ?JInfo("Deleted file : ~s", [File]),
+            {ok, State#state{file_info = undefined, src_position = 0}};
+        {error, Error} ->
+            ?JError("Deleting file ~s : ~p", [File, Error]),
+            error({sfh_error, Error, check_error(Error, src, State)})
+    end.
+
+backup_src_file(BackupDir, #state{file_info = {_, Path, File}, src_ctx = Ctx} = State) ->
+    FilePath = path_join([State#state.src_root, Path, File]),
+    BackupPath = path_join([State#state.src_root, BackupDir, File]),
+    case imem_file:rename(Ctx, FilePath, BackupPath, ?SFTP_TIMEOUT) of
+        ok ->
+            ?JInfo("Backed up file : ~s", [File]),
+            {ok, State#state{file_info = undefined, src_position = 0}};
+        {error, Error} ->
+            ?JError("Backing up file ~s failed : ~p", [BackupPath, Error]),
+            error({sfh_error, Error, check_error(Error, src, State)})
+    end.
+
+check_error(Err, Type, #state{src_ctx = SCtx, src_file_handle = SFileHandle,
+                              dsts = Dsts, dst_ctx = DCtx} = State) ->
+    Dsts1 = maps:map(
+        fun(_K, V) ->
+            V#{file_handle => close_file(DCtx, V)}
+        end, Dsts),
+    is_conn_closed(Err, Type,
+                   State#state{file_info = undefined, src_position = 0,
+                               src_file_handle = close_file(SCtx, SFileHandle),
+                               dsts = Dsts1}).
+
+is_conn_closed(closed, src, State) ->
+    Srcs = check_close_conn(State#state.src_ctx, State#state.srcs),
+    State#state{src_connected = false, srcs = Srcs};
+is_conn_closed(closed, dst, State) ->
+    Dsts = check_close_conn(State#state.dst_ctx, State#state.dsts),
+    State#state{dst_connected = false, dsts = Dsts};
+is_conn_closed(_Err, _Type, State) -> State.
+
+check_close_conn(Ctx, Confs) ->
+    Conf1 = maps:map(
+        fun(_K, M) ->
+            close_file(Ctx, M),
+            M#{file_handle => undefined, files => []}
+        end, Confs),
+    imem_file:disconnect(Ctx),
+    Conf1.
+
+connect_check_dir(Conn, Path) ->
+    Conn1 = case is_map(Conn) of
+                true -> Conn#{path => Path};
+                false -> Conn
+            end,
+    case imem_file:connect(Conn1) of
+        {error, _} = Error -> Error;
+        Ctx ->
+            case check_dir(Ctx, Path) of
+                {error, _} = Err -> Err;
+                ok -> {ok, Ctx}
+            end
+    end.
+
+maps_map(Fun, Args, Map) when is_map(Map) ->
+    maps_map(Fun, Args, maps:keys(Map), Map).
+
+maps_map(_Fun, _Args, [], Map) -> {ok, Map};
+maps_map(Fun, Args, [K | Keys], Map) ->
+    case apply(Fun, [K, maps:get(K, Map) | Args]) of
+        {ok, V} ->
+            maps_map(Fun, Args, Keys, Map#{K => V});
+        {error, Error} ->
+            {error, Error, Map}
+    end.
+
+get_tmp_path(#{path := Path, tmp_dir := undefined}) -> Path;
+get_tmp_path(#{tmp_dir := TmpDir}) -> TmpDir.
+
+open_tmp_file(K, Dst, Ctx, File, Timeout) ->
+    TmpFilePath = path_join([get_tmp_path(Dst), File]),
+    case imem_file:open(Ctx, TmpFilePath, [write], Timeout) of
+        {error, Error} ->
+            ?JError("Opening ~s error : ~p", [File, Error]),
+            {error, Error};
+        {ok, FileHandle} ->
+            ?JTrace("Opened dst file ~s to write for conn : ~p", [File, K]),
+            {ok, Dst#{file_handle => FileHandle}}
+    end.
+
+write_tmp(K, #{file_handle := FileHandle} = Dst, Ctx, Data, File, STimeout) ->
+    case imem_file:write(Ctx, FileHandle, Data, STimeout) of
+        {error, Error} ->
+            ?JError("Writing tmp(~p) file error : ~p", [K, Error]),
+            {error, Error};
+        ok ->
+            ?JTrace("Copied ~p kb from ~s", [byte_size(Data) / 1024, File]),
+            {ok, Dst}
+    end.
+
+rename_tmp_file(K, #{file_handle := FileHandle, mask := DMask, path := Path} = Dst, Ctx,
+                SMask, DRoot, SFile, Timeout) ->
+    imem_file:close(Ctx, FileHandle, Timeout),
+    DstFile = dstFileName(SFile, SMask, DMask),
+    TmpFile = tmp_file_name(SFile),
+    TmpPath = path_join([DRoot, get_tmp_path(Dst), TmpFile]),
+    NewPath = path_join([DRoot, Path, DstFile]),
+    case imem_file:rename(Ctx, TmpPath, NewPath, Timeout) of
+        ok ->
+            ?JTrace("Renamed ~s to ~s for ~p", [TmpFile, DstFile, K]),
+            {ok, Dst#{file_handle => undefined}};
+        {error, Error} ->
+            ?JError("Renaming ~s error : ~p", [TmpFile, Error]),
+            {error, Error}
+    end.
+
+is_file_in_hist(File, Key, State) ->
+    #{Key := #{hist_file := HistFile}} = State#state.srcs,
+    case imem_file:read_file(State#state.status_ctx, HistFile, ?SFTP_TIMEOUT) of
+        {error, Error} ->
+            ?JError("Reading hist file error : ~p", [Error]),
+            false;
+        {ok, Hist} ->
+            lists:member(list_to_binary(File), re:split(Hist, "\n"))
+    end.
+
+add_to_hist(#state{file_info={K, _, File}, srcs = Srcs, status_ctx = SCtx}) ->
+    #{K := #{hist_file := HistFile}} = Srcs,
+    Timeout = ?SFTP_TIMEOUT,
+    Data = [list_to_binary(File), <<"\n">>],
+    case imem_file:read_file(SCtx, HistFile, Timeout) of
+        {error, Error} ->
+            ?JError("Reading hist file ~s error : ~p", [HistFile, Error]),
+            imem_file:write_file(SCtx, HistFile, Data, Timeout);
+        {ok, Hist} ->
+            Lines = re:split(string:trim(Hist), "\n", [{return, list}]),
+            Lines1 =
+            case length(Lines) of
+                L when L < 100 ->
+                    Lines ++ [File];
+                L ->
+                    {_, List2} = lists:split(L - 99, Lines),
+                    List2 ++ [File]
+            end,
+            imem_file:write_file(SCtx, HistFile, string:join(Lines1, "\n"), Timeout)
+    end,
+    ?JTrace("Filename ~s written to hst file ~s", [File, HistFile]).
+
+filter_files([], _) -> [];
+filter_files([File | Rest], Match) ->
+    lists:sort(
+        case re:run(File, Match, [{capture, all_but_first, binary}]) of
+            {match, _} -> [File | filter_files(Rest, Match)];
+            nomatch -> filter_files(Rest, Match)
+        end
+    ).
+
+path_join([[], File]) -> File;
+path_join(Paths) -> filename:join(Paths).
+
+%% -----------------------------------------------------------------------------
+%% dstFileName
+%% -----------------------------------------------------------------------------
+
+dstFileName(SrcFN, _, "") -> SrcFN;
+dstFileName(SrcFN, _, "*") -> SrcFN;
+dstFileName(SrcFN, _, ".*") -> SrcFN;
+dstFileName(SrcFN, _, "*.*") -> SrcFN;
+dstFileName(SrcFN, SrcFM, DstFM)
+ when is_list(SrcFN), is_list(SrcFM), is_list(DstFM) ->
+    NewDstFM = hash(SrcFN, SrcFM, DstFM),
+    dstFN(SrcFN, NewDstFM, []).
+
+dstFN(_SrcFN, [], DstFile) -> lists:reverse(DstFile);
+dstFN(SrcFN, [$<|DstFM], DstFile) ->
+    dstFN(SrcFN, dt(DstFM), DstFile);
+dstFN([FC|SrcFN], [C|DstFM], DstFile) when C == $?; C == $# ->
+    dstFN(SrcFN, DstFM, [FC|DstFile]);
+dstFN([_|SrcFN], [C|DstFM], DstFile) ->
+    dstFN(SrcFN, DstFM, [C|DstFile]);
+dstFN([], [C|DstFM], DstFile) ->
+    dstFN([], DstFM, [C|DstFile]).
+
+dt(DstFM) ->
+    {{Year, Month, Day}, {Hour, Minute, Second}}
+    = calendar:now_to_local_time(os:timestamp()),
+    dt(
+        DstFM,
+        {io_lib:format("~4..0B", [Year]), io_lib:format("~2..0B", [Month]),
+         io_lib:format("~2..0B", [Day])},
+        {io_lib:format("~2..0B", [Hour]), io_lib:format("~2..0B", [Minute]),
+         io_lib:format("~2..0B", [Second])},
+        []
+    ).
+
+dt([$>|DstFM], _, _, Buf) -> lists:flatten([Buf, DstFM]);
+dt([$M,$M|DstFM], {_,M,_} = Dt, T, Buf) -> dt(DstFM, Dt, T, Buf ++ M);
+dt([$D,$D|DstFM], {_,_,D} = Dt, T, Buf) -> dt(DstFM, Dt, T, Buf ++ D);
+dt([$h,$h|DstFM], Dt, {H,_,_} = T, Buf) -> dt(DstFM, Dt, T, Buf ++ H);
+dt([$m,$m|DstFM], Dt, {_,M,_} = T, Buf) -> dt(DstFM, Dt, T, Buf ++ M);
+dt([$s,$s|DstFM], Dt, {_,_,S} = T, Buf) -> dt(DstFM, Dt, T, Buf ++ S);
+dt([$Y,$Y,$Y,$Y|DstFM], {Y,_,_} = Dt, T, Buf) -> dt(DstFM, Dt, T, Buf ++ Y).
+
+hash(_SrcFN, _SrcFM, DstFM) -> DstFM.
+
+%% -----------------------------------------------------------------------------
+%% TESTS
+%% -----------------------------------------------------------------------------
+
+-ifdef(TEST).
+
+-include_lib("eunit/include/eunit.hrl").
+
+all_test_() ->
+    Ctx = #{proto => local, path => "test"},
+    {inparallel,
+        [ {"init bad arg test1", ?_assertEqual({stop, badarg}, init({#dperlJob{name = <<"test">>}, test}))}
+        , {"init bad arg test2", ?_assertEqual({stop, badarg}, init({test, test}))}
+        , {"init state", ?_assertEqual(#state{}, init_state([5, #dperlNodeJobDyn{state = #{}}]))}
+        , {"handle_call", ?_assertEqual({reply, ok, st}, handle_call(req, self(), st))}
+        , {"handle_cast", ?_assertEqual({noreply, st}, handle_cast(req, st))}
+        , {"close_file", ?_assertEqual(undefined, close_file(ctx, undefined))}
+        , {"oneToOne", ?_assertEqual(oneToOne, check_arg_counts(["default"], ["test"]))}
+        , {"oneToMany", ?_assertEqual(oneToMany, check_arg_counts(["1"], ["test1", "test2"]))}
+        , {"manyToOne", ?_assertEqual(manyToOne, check_arg_counts(["test1","test2"], ["test"]))}
+        , {"multipleOneToOne", ?_assertEqual(multipleOneToOne, check_arg_counts(["1", "2"], ["1", "2"]))}
+        , {"invalid1", ?_assertEqual(invalid, check_arg_counts(["1", "2"], ["1", "2", "3"]))}
+        , {"invalid2", ?_assertEqual(invalid, check_arg_counts(["1", "2"], ["2", "1"]))}
+        , {"check args", ?_assertEqual({error, "Src and Dst args does not match"}, check_args(#{a => 1, b => 2}, #{c => 2, a => 1}, #state{}))}
+        , {"check dir invalid", ?_assertEqual({error, badarg}, connect_check_dir("test", "test"))}
+        , {"check dir invalid path", ?_assertMatch({error, _}, connect_check_dir("/home", "test"))}
+        , {"parse args invalid default", ?_assertEqual({error, badarg}, parse_args(#{status_dir => s, status_path => s, status_extra => e}, #{default => #{}}, d, s))}
+        , {"parse default sftp1", ?_assertMatch({ok, _}, process_default(#{proto => sftp, host => h, root => r, user => u, key => k}))}
+        , {"parse default sftp2", ?_assertMatch({ok, _}, process_default(#{proto => sftp, host => h, root => r, user => u, password => p}))}
+        , {"connect check src error", ?_assertMatch({_, {{sfh_error, _}, _}}, catch connect_check_src(#state{src_root = "test", src_conn = #{proto => local}}))}
+        , {"connect check dst error", ?_assertMatch({_, {{sfh_error, _, _}, _}}, catch connect_check_dst(#state{dst_root = "test", dst_conn = #{proto => local}, dsts = #{}}))}
+        , {"connect check src conn error", ?_assertMatch({_, {{sfh_error, _, _}, _}}, catch connect_check_src(#state{src_root = "test", src_connected = true, src_ctx = Ctx}))}
+        , {"connect check dst conn error", ?_assertMatch({_, {{sfh_error, _, _}, _}}, catch connect_check_dst(#state{dst_root = "test", dst_connected = true, dst_ctx = Ctx, dsts = #{}}))}
+        , {"unhandled info", ?_assertEqual({noreply, test}, handle_info(test, test))}
+        , {"write dst with file closed", ?_assertMatch({ok, _}, write_tmp(test, #state{file_info = undefined}))}
+        ]
+    }.
+
+parse_args_invalid_dst_test() ->
+    put(name, <<"test">>),
+    ?assertEqual({error, badarg}, parse_args(#{status_dir => s, status_path => s, status_extra => e}, #{default => #{proto => cifs, root => r, mask => ""}}, #{default => #{}}, s)).
+
+init_error_test() ->
+    put(name, <<"test">>),
+    ?assertEqual({stop, badarg},
+                 init({#dperlJob{name = <<"test">>, args = #{status_dir => "test", status_path => "config", status_extra => "e"},
+                                dstArgs = #{default => #{proto => cifs, root => r, mask => ""}},
+                                srcArgs = #{default => #{proto => cifs, root => r, mask => ""}}}, #state{}})).
+
+dstFileName_test_() ->
+    {inparallel, [
+        {T, ?_assertEqual(DF, dstFileName(SF, SM, DM))}
+        || {T, SF, SM, DM, DF} <-
+            [
+                {"no change", "ABCD1234.txt", "ABCD????.txt", "", "ABCD1234.txt"},
+                {"no change *", "ABCD1234.txt", "ABCD????.txt", "*", "ABCD1234.txt"},
+                {"no change .*", "ABCD1234.txt", "ABCD????.txt", ".*", "ABCD1234.txt"},
+                {"no change *.*", "ABCD1234.txt", "ABCD????.txt", "*.*", "ABCD1234.txt"},
+                {"reduce", "ABCD1234.txt", "ABCD????.txt", "????12.txt", "ABCD12.txt"},
+                {"remove_extn", "ABCD1234.txt", "ABCD????.txt", "????12", "ABCD12"},
+                {"reduce_replace_extn", "ABCD1234.txt", "ABCD????.txt", "????12.csv", "ABCD12.csv"},
+                {"extend", "ABCD1234.txt", "ABCD????.txt", "?????SomthingElse", "ABCD1SomthingElse"},
+                {"date", "SMCH80-1234-abcdefgh.ascii", "SMCH90-????-########.ascii",
+                 "T<YYYY>080_SBS_SMS_SMSC.csv", "T2020080_SBS_SMS_SMSC.csv"},
+                {"MMSC", "F-miopoltmmstn00-20190127234100.123.dat", "F-miop??????????-??????????????.???.dat",
+                 "F-miop??????????-??????????????","F-miopoltmmstn00-20190127234100"},
+                {"Hotbill", "HB-SMCH80-abcd-12345678-RAP.xml", "HB-SMCH80-????-########-RAP.xml",
+                 "HB-SMCH80-????-########.xml", "HB-SMCH80-abcd-12345678.xml"}
+            ]
+       ]
+    }.
+
+dt_test_() ->
+    {{Y, M, D}, {H, Min, S}}
+    = calendar:now_to_local_time(os:timestamp()),
+    Year = lists:flatten(io_lib:format("~4..0B", [Y])),
+    Month = lists:flatten(io_lib:format("~2..0B", [M])),
+    Day = lists:flatten(io_lib:format("~2..0B", [D])),
+    Date = Year ++ Month ++ Day,
+    Hour = lists:flatten(io_lib:format("~2..0B", [H])),
+    Minute = lists:flatten(io_lib:format("~2..0B", [Min])),
+    Second = lists:flatten(io_lib:format("~2..0B", [S])),
+    Time = Hour ++ Minute ++ Second,
+    {inparallel, [
+        {T, ?_assertEqual(E, dt(DM, {Year, Month, Day}, {Hour, Minute, Second}, []))}
+        || {T, DM, E} <-
+            [
+                {"all", "YYYYMMDDhhmmss>", Date ++ Time},
+                {"date", "YYYYMMDD>", Date},
+                {"time", "hhmmss>", Time},
+                {"year", "YYYY>", Year},
+                {"month", "MM>", Month},
+                {"day", "DD>", Day},
+                {"hour", "hh>", Hour},
+                {"minute", "mm>", Minute},
+                {"second", "ss>", Second},
+                {"year_month", "YYYYMM>", Year ++ Month},
+                {"month_day", "MMDD>", Month ++ Day},
+                {"hour_minute", "hhmm>", Hour ++ Minute},
+                {"minute_second", "mmss>", Minute ++ Second}
+            ]
+       ]
+    }.
+
+-endif.
diff --git a/src/dperl_ora.erl b/src/dperl_service_oracle.erl
similarity index 99%
rename from src/dperl_ora.erl
rename to src/dperl_service_oracle.erl
index 0936d039..e04de62a 100644
--- a/src/dperl_ora.erl
+++ b/src/dperl_service_oracle.erl
@@ -1,6 +1,6 @@
--module(dperl_ora).
+-module(dperl_service_oracle).
 
--include("dperl_ora.hrl").
+-include("dperl_service_oracle.hrl").
 
 -behavior(dperl_worker).
 -behavior(cowboy_middleware).
diff --git a/src/dperl_ora.hrl b/src/dperl_service_oracle.hrl
similarity index 100%
rename from src/dperl_ora.hrl
rename to src/dperl_service_oracle.hrl
diff --git a/src/dperl_status_push.erl b/src/dperl_status_push.erl
deleted file mode 100644
index 7f6ca8de..00000000
--- a/src/dperl_status_push.erl
+++ /dev/null
@@ -1,151 +0,0 @@
--module(dperl_status_push).
-
--include("dperl.hrl").
-
--behavior(dperl_worker).
--behavior(dperl_strategy_scr).
-
-% dperl_worker exports
--export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
-         code_change/3, format_status/2, get_status/1, init_state/1]).
-
--record(state, {cred, links, imem_sess, name, channel, first_sync = true,
-                audit_start_time = {0,0}, chunk_size = 200, provs = [],
-                active_link = 1, mod, func, imem_connected = false}).
-
-% dperl_strategy_scr export
--export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
-         do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
-         insert_dst/3, update_dst/3, report_status/3, is_equal/4]).
-
-get_source_events(#state{channel = Channel,
-                          audit_start_time = LastStartTime} = State, BulkSize) ->
-    case length(State#state.provs) > 0 of
-        true -> {ok, State#state.provs, State#state{provs = []}};
-        _ ->
-            case dperl_dal:read_audit(Channel, LastStartTime, BulkSize) of
-                {LastStartTime, LastStartTime, []} ->
-                    if State#state.first_sync == true -> 
-                          ?JInfo("Audit rollup is complete"),
-                          {ok, sync_complete, State#state{first_sync = false}};
-                       true -> {ok, sync_complete, State}
-                    end;
-                {_StartTime, NextStartTime, []} ->
-                    {ok, [], State#state{audit_start_time = NextStartTime}};
-                {_StartTime, NextStartTime, Statuses} ->
-                    {ok, [K || #{key := K, nval := NV} <- Statuses, NV /= undefined],
-                        State#state{audit_start_time = NextStartTime}}
-            end
-    end.
-
-connect_check_src(State) -> {ok, State}.
-
-connect_check_dst(State) -> ?CONNECT_CHECK_IMEM_LINK(State).
-
-do_cleanup(_, _) -> error(sync_only_job).
-
-do_refresh(_, _) -> error(sync_only_job).
-
-fetch_src(Key, #state{channel = Channel}) ->
-    dperl_dal:job_error_close(Key),
-    dperl_dal:read_channel(Channel, Key).
-
-fetch_dst(_Key, _State) -> ?NOT_FOUND.
-
-delete_dst(_Key, State) -> {false, State}.
-
-insert_dst([JMod, Chn, SId, Job] = Key, Val, #state{mod = Mod, func = Fun, imem_sess = Sess, 
-                                                    channel = Channel} = State) ->
-    Count = dperl_dal:count_sibling_jobs(list_to_existing_atom(JMod), Chn),
-    case Val of
-        #{auditTime := '$do_not_log'} -> {false, State};
-        #{auditTime := Time} ->
-            FormattedTime = case Time of
-                undefined ->
-                    undefined;
-                Time when is_list(Time) ->
-                    list_to_tuple(Time)
-            end,
-            Status = #{channel => Chn, shortid => SId, job => Job,
-                       at => FormattedTime},
-            NewStatus = case Val of
-                #{error := Error} -> Status#{error => Error};
-                _ -> Status
-            end,
-            case catch Sess:run_cmd(dal_exec, [Mod, Fun, [Count, [NewStatus]]]) of
-                {'EXIT', Err} -> 
-                    self() ! connect_src_link,
-                    dperl_dal:job_error(Key, <<"sync">>, <<"process_staupdate_dsttus">>, Err),
-                    ?JError("Status update error ~p", [Err]),
-                    {true, State};
-                ok -> 
-                    case maps:is_key(error, Val) of
-                        false -> dperl_dal:remove_from_channel(Channel, Key);
-                        true -> no_op
-                    end,
-                    {false, State};
-                Other -> 
-                    dperl_dal:job_error(Key, <<"sync">>, <<"process_status">>, Other),
-                    ?JWarn("Status update bad return ~p", [Other]),
-                    {true, State}
-            end
-    end.
-
-update_dst(_Key, _Val, State) -> {false, State}.
-
-report_status(_Key, _, _State) -> no_op.
-
-is_equal(_Key, ?NOT_FOUND, _,  _State) -> true;
-is_equal(_Key, _Src, _, _State) -> false.
-
-get_status(#state{audit_start_time = LastAuditTime}) ->
-    #{lastAuditTime => LastAuditTime}.
-
-init_state([]) -> #state{};
-init_state([#dperlNodeJobDyn{state = #{lastAuditTime := LastAuditTime}} | _]) ->
-    #state{audit_start_time = LastAuditTime};
-init_state([_ | Others]) ->
-    init_state(Others).
-
-init({#dperlJob{name=Name, args = _Args, srcArgs = #{channel := Channel},
-              dstArgs = #{credential := Credential, links := Links,
-              mod := Mod, func := Fun}}, State}) ->
-    dperl_dal:create_check_channel(Channel, [audit, {type,map}]),
-    ?JInfo("Starting at audit ~s", [dperl_dal:ts_str(State#state.audit_start_time)]),
-    {ok, State#state{name=Name, cred = Credential, links = Links,
-                     channel = Channel, mod = Mod, func = Fun}};
-init({Args, _}) ->
-    ?JError("bad start parameters ~p", [Args]),
-    {stop, badarg}.
-
-handle_call(Request, _From, State) ->
-    ?JWarn("handle_call ~p", [Request]),
-    {reply, ok, State}.
-
-handle_cast(Request, State) ->
-    ?JWarn("handle_cast ~p", [Request]),
-    {noreply, State}.
-
-handle_info(Request, State) ->
-    ?JWarn("handle_info ~p", [Request]),
-    {noreply, State}.
-
-terminate(Reason, #state{imem_sess = undefined}) ->
-    ?JInfo("terminate ~p", [Reason]);
-terminate(Reason, #state{imem_sess = Session}) ->
-    ?JInfo("terminate ~p", [Reason]),
-    try
-        Session:close()
-    catch
-        _:Error ->
-        dperl_dal:job_error(<<"terminate">>, <<"terminate">>, Error),
-        ?JError("terminate ~p:~p", [Reason, Error])
-    end.
-
-code_change(OldVsn, State, Extra) ->
-    ?JInfo("code_change ~p: ~p", [OldVsn, Extra]),
-    {ok, State}.
-
-format_status(Opt, [PDict, State]) ->
-    ?JInfo("format_status ~p: ~p", [Opt, PDict]),
-    State.
diff --git a/src/ouraring_crawl.erl b/src/ouraring_crawl.erl
new file mode 100644
index 00000000..5eb42dd5
--- /dev/null
+++ b/src/ouraring_crawl.erl
@@ -0,0 +1,104 @@
+-module(ouraring_crawl).
+
+-export([run/0, run/1]).
+
+-define(OAUTH2_URL_PREFIX, "https://cloud.ouraring.com").
+-define(API_URL_PREFIX, "https://api.ouraring.com").
+run() ->
+  {ok, _} = application:ensure_all_started(inets),
+  {ok, _} = application:ensure_all_started(ssl),
+  run(#{
+    client_id => "REMERNOADFFDIN3O",
+    client_secret => "HYJEW2WTIVIEXQNOTPDN7Y346GYSLNL3",
+    cb_uri => "https://127.0.0.1:8443/callback",
+    user_email => "max.ochsenbein@k2informatics.ch",
+    user_password => "cFMMax--XG$k2sa",
+    state => "any+value+as+state"
+  }).
+
+run(#{
+  client_id := ClientId,
+  client_secret := ClientSecret,
+  cb_uri := CallbackUri,
+  user_email := Email,
+  user_password := Password,
+  state := State
+}) ->  
+  inets:stop(httpc, ?MODULE),
+  {ok, _} = inets:start(httpc, [{profile, ?MODULE}]),
+  ok = httpc:set_options([{cookies, enabled}], ?MODULE),
+  Url = ?OAUTH2_URL_PREFIX ++ "/oauth/authorize"
+    ++ "?response_type=code"
+    ++ "&client_id=" ++ ClientId
+    ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
+    ++ "&scope=email+personal+daily"
+    ++ "&state=" ++ State,
+  %io:format(">>>>>>>>>> authorize: ~s~n", [Url]),
+  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
+  RedirectUri = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302),
+  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri]),
+  {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
+  SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
+  {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
+  {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
+    post, {
+      RedirectUri, [], "application/x-www-form-urlencoded",
+      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
+      ++ "&email=" ++ edoc_lib:escape_uri(Email)
+      ++ "&password=" ++ edoc_lib:escape_uri(Password)
+    }, [{autoredirect, false}], [], ?MODULE
+  ),
+  RedirectUri_1 = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302_1),
+  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri_1]),
+  {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
+  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
+    post, {
+      RedirectUri_1, [], "application/x-www-form-urlencoded",
+      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
+      ++ "&scope_email=on"
+      ++ "&scope_personal=on"
+      ++ "&scope_daily=on"
+      ++ "&allow=Accept"
+    }, [{autoredirect, false}], [], ?MODULE
+  ),
+  RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
+  % io:format(">>>>>>>>>> 302 RedirectUri: ~s~n", [RedirectUri_2]),
+  #{query := QueryString} = uri_string:parse(RedirectUri_2),
+  #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
+  % io:format(">>>>>>>>>> Code: ~p~n", [Code]),
+  {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
+    post, {
+      ?OAUTH2_URL_PREFIX ++ "/oauth/token", [], "application/x-www-form-urlencoded",
+      "grant_type=authorization_code"
+      ++ "&code=" ++ Code
+      ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
+      ++ "&client_id=" ++ ClientId
+      ++ "&client_secret=" ++ ClientSecret
+    }, [{autoredirect, false}], [], ?MODULE
+  ),
+  #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
+  io:format("Auth ~p~n", [Auth]),
+  io:format("-----~nUserInfo :~n~p~n-----~n", [userinfo(AccessToken)]),
+  io:format("-----~nSleep :~n~p~n-----~n", [sleep(AccessToken)]).%,
+  %io:format("-----~nActivity :~n~p~n-- Activity --~n", [activity(AccessToken)]).
+
+userinfo(AccessToken) ->
+  {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
+    get, {?API_URL_PREFIX ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+    [{autoredirect, false}], [], ?MODULE
+  ),
+  jsx:decode(list_to_binary(UserInfoJson), [return_maps]).
+
+sleep(AccessToken) ->
+  {ok,{{"HTTP/1.1",200,"OK"}, _, SleepInfoJson}} = httpc:request(
+    get, {?API_URL_PREFIX ++ "/v1/sleep", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+    [{autoredirect, false}], [], ?MODULE
+  ),
+  jsx:decode(list_to_binary(SleepInfoJson), [return_maps]).
+
+activity(AccessToken) ->
+  {ok,{{"HTTP/1.1",200,"OK"}, _, ActivityInfoJson}} = httpc:request(
+    get, {?API_URL_PREFIX ++ "/v1/activity", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+    [{autoredirect, false}], [], ?MODULE
+  ),
+  jsx:decode(list_to_binary(ActivityInfoJson), [return_maps]).
diff --git a/test.escript b/test.escript
new file mode 100644
index 00000000..79f8e9ec
--- /dev/null
+++ b/test.escript
@@ -0,0 +1,28 @@
+ng -*-
+%%! -smp enable -pa _build/default/lib/oranif/ebin/
+
+-define(TNS, <<
+        "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS="
+        "(PROTOCOL=TCP)(HOST=192.1681.160)(PORT=1521)))"
+        "(CONNECT_DATA=(SERVER=dedicated)(SERVICE_NAME=orclpdb1)))"
+    >>).
+-define(USER, <<"scott">>).
+-define(PSWD, <<"regit">>).
+
+-define(TEST_SQL, <<"select 1 from dual">>).
+    
+
+main(_) ->
+    ok = dpi:load_unsafe(),
+    Ctx = dpi:context_create(3, 0),
+    Conn = dpi:conn_create(Ctx, ?USER, ?PSWD, ?TNS, #{}, #{}),
+    Stmt = dpi:conn_prepareStmt(Conn, false, ?TEST_SQL, <<>>),
+    1 = dpi:stmt_execute(Stmt, []),
+    #{found := true} = dpi:stmt_fetch(Stmt),
+    #{data := Result} =
+        dpi:stmt_getQueryValue(Stmt, 1),
+    1.0 = dpi:data_get(Result),
+    io:format("done ~n", []),
+    halt(1).
+
+

From 35d76fb471b623b5f105fe29943860df8d1da24c Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 15 Apr 2020 16:47:50 +0200
Subject: [PATCH 03/72] dperl/jobs and dper/services folder

---
 src/{ => dperl}/dperl.hrl                         |  0
 src/{ => dperl}/dperl_cp.erl                      | 12 ++++++------
 src/{ => dperl}/dperl_dal.erl                     |  5 ++---
 src/{ => dperl}/dperl_metrics.erl                 |  2 +-
 src/{ => dperl}/dperl_strategy_scr.erl            | 12 ++++++------
 src/{ => dperl}/dperl_sup.erl                     |  0
 src/{ => dperl}/dperl_worker.erl                  |  0
 src/{ => dperl}/dperl_worker_sup.erl              |  0
 src/{ => dperl/jobs}/dperl_file_copy.erl          | 10 +++++-----
 src/{ => dperl/jobs}/dperl_skvh_copy.erl          |  6 +++---
 src/{ => dperl/jobs}/dperl_status.hrl             |  2 +-
 src/{ => dperl/jobs}/dperl_status_agr.erl         |  0
 src/{ => dperl/jobs}/dperl_status_pre.erl         |  4 ++--
 src/{ => dperl/jobs}/dperl_status_pull.erl        |  0
 src/{ => dperl/services}/dperl_service_oracle.erl |  8 ++++----
 src/{ => dperl/services}/dperl_service_oracle.hrl |  2 +-
 16 files changed, 31 insertions(+), 32 deletions(-)
 rename src/{ => dperl}/dperl.hrl (100%)
 rename src/{ => dperl}/dperl_cp.erl (98%)
 rename src/{ => dperl}/dperl_dal.erl (99%)
 rename src/{ => dperl}/dperl_metrics.erl (99%)
 rename src/{ => dperl}/dperl_strategy_scr.erl (99%)
 rename src/{ => dperl}/dperl_sup.erl (100%)
 rename src/{ => dperl}/dperl_worker.erl (100%)
 rename src/{ => dperl}/dperl_worker_sup.erl (100%)
 rename src/{ => dperl/jobs}/dperl_file_copy.erl (99%)
 rename src/{ => dperl/jobs}/dperl_skvh_copy.erl (99%)
 rename src/{ => dperl/jobs}/dperl_status.hrl (98%)
 rename src/{ => dperl/jobs}/dperl_status_agr.erl (100%)
 rename src/{ => dperl/jobs}/dperl_status_pre.erl (98%)
 rename src/{ => dperl/jobs}/dperl_status_pull.erl (100%)
 rename src/{ => dperl/services}/dperl_service_oracle.erl (99%)
 rename src/{ => dperl/services}/dperl_service_oracle.hrl (99%)

diff --git a/src/dperl.hrl b/src/dperl/dperl.hrl
similarity index 100%
rename from src/dperl.hrl
rename to src/dperl/dperl.hrl
diff --git a/src/dperl_cp.erl b/src/dperl/dperl_cp.erl
similarity index 98%
rename from src/dperl_cp.erl
rename to src/dperl/dperl_cp.erl
index 9f8b4436..ad41ee49 100644
--- a/src/dperl_cp.erl
+++ b/src/dperl/dperl_cp.erl
@@ -145,8 +145,8 @@ check_workers([JobOrService | JobsOrServices], DNodes) ->
                     end
             end
     catch
-        _:Error ->
-            ?Error("invalid new config ~p. job/service skipped", [Error], ?ST),
+        _:Error:Stacktrace ->
+            ?Error("invalid new config ~p. job/service skipped", [Error], Stacktrace),
             dperl_dal:disable(JobOrService),
             ok
     end,
@@ -258,9 +258,9 @@ start(JobOrService, Mod, Name) ->
     ?Debug("start ~p_~s", [Mod, Name]),
     try dperl_worker:start(imem_config:reference_resolve(JobOrService))
     catch
-        _:Error ->
+        _:Error:Stacktrace ->
             ?Error([{enum, dperl_dal:to_atom(Name)}],
-                   "~p disabled, on start ~p", [Mod, Error], ?ST),
+                   "~p disabled, on start ~p", [Mod, Error], Stacktrace),
             dperl_dal:disable(JobOrService)
     end.
 
@@ -272,9 +272,9 @@ stop(JobOrService, Mod, Name) ->
             ?Debug("stop ~p_~s", [Mod, Name]),
             try dperl_worker:stop(Mod, Name)
             catch
-                _:Error ->
+                _:Error:Stacktrace ->
                     ?Error([{enum, dperl_dal:to_atom(Name)}],
-                           "~p disabled, on stop ~p at ~p", [Mod, Error, ?ST]),
+                           "~p disabled, on stop ~p at ~p", [Mod, Error, Stacktrace]),
                     dperl_dal:disable(JobOrService)
             end;
         false -> no_op
diff --git a/src/dperl_dal.erl b/src/dperl/dperl_dal.erl
similarity index 99%
rename from src/dperl_dal.erl
rename to src/dperl/dperl_dal.erl
index b87ff3ea..ba242cd6 100644
--- a/src/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -408,9 +408,8 @@ report_status(Module, StatusTable, {Channel, ShortId}, JobName, Status) ->
         write_channel(StatusTable,
           [atom_to_list(Module), Channel, ShortId, JobName], Status)
     catch
-        C:E ->
-            ?Error("~p,~p to ~p : ~p",
-                   [Channel, ShortId, StatusTable, {C,E}], ?ST)
+        C:E:S ->
+            ?Error("~p,~p to ~p : ~p", [Channel, ShortId, StatusTable, {C,E}], S)
     end.
 
 %% pusher report_status
diff --git a/src/dperl_metrics.erl b/src/dperl/dperl_metrics.erl
similarity index 99%
rename from src/dperl_metrics.erl
rename to src/dperl/dperl_metrics.erl
index 4fae5edc..d2c53aa9 100644
--- a/src/dperl_metrics.erl
+++ b/src/dperl/dperl_metrics.erl
@@ -1,7 +1,7 @@
 -module(dperl_metrics).
 
 -include("dperl.hrl").
--include("dperl_status.hrl").
+-include_lib("jobs/dperl_status.hrl").
 
 -behaviour(imem_gen_metrics).
 
diff --git a/src/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
similarity index 99%
rename from src/dperl_strategy_scr.erl
rename to src/dperl/dperl_strategy_scr.erl
index 99887509..da45ec4f 100644
--- a/src/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -84,20 +84,20 @@ execute(Mod, Job, State, #{sync := _, cleanup := _, refresh := _}
         = Args)
   when is_map(Args) ->
     try execute(sync, Mod, Job, State, Args) catch
-        Class:{step_failed, NewArgs} when is_map(NewArgs) ->
-            ?JError("~p ~p step_failed~n~p", [Mod, Class, erlang:get_stacktrace()]),
+        Class:{step_failed, NewArgs}:Stacktrace when is_map(NewArgs) ->
+            ?JError("~p ~p step_failed~n~p", [Mod, Class, Stacktrace]),
             dperl_dal:update_job_dyn(Job, error),
             ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), NewArgs),
             dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Class),
             State;
-        Class:{step_failed, NewState} ->
-            ?JError("~p ~p step_failed~n~p", [Mod, Class, erlang:get_stacktrace()]),
+        Class:{step_failed, NewState}:Stacktrace ->
+            ?JError("~p ~p step_failed~n~p", [Mod, Class, Stacktrace]),
             dperl_dal:update_job_dyn(Job, Mod:get_status(NewState), error),
             ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), Args),
             dperl_dal:job_error(get(jstate), <<"step failed">>, Class),
             NewState;
-        Class:Error ->
-            ?JError("~p ~p ~p~n~p", [Mod, Class, Error, erlang:get_stacktrace()]),
+        Class:Error:Stacktrace ->
+            ?JError("~p ~p ~p~n~p", [Mod, Class, Error, Stacktrace]),
             dperl_dal:update_job_dyn(Job, error),
             ?RESTART_AFTER(?CYCLE_ERROR_WAIT(Mod, Job), Args),
             dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Class),
diff --git a/src/dperl_sup.erl b/src/dperl/dperl_sup.erl
similarity index 100%
rename from src/dperl_sup.erl
rename to src/dperl/dperl_sup.erl
diff --git a/src/dperl_worker.erl b/src/dperl/dperl_worker.erl
similarity index 100%
rename from src/dperl_worker.erl
rename to src/dperl/dperl_worker.erl
diff --git a/src/dperl_worker_sup.erl b/src/dperl/dperl_worker_sup.erl
similarity index 100%
rename from src/dperl_worker_sup.erl
rename to src/dperl/dperl_worker_sup.erl
diff --git a/src/dperl_file_copy.erl b/src/dperl/jobs/dperl_file_copy.erl
similarity index 99%
rename from src/dperl_file_copy.erl
rename to src/dperl/jobs/dperl_file_copy.erl
index a8e2ba2a..7f1dd027 100644
--- a/src/dperl_file_copy.erl
+++ b/src/dperl/jobs/dperl_file_copy.erl
@@ -1,6 +1,6 @@
 -module(dperl_file_copy).
 
--include("dperl.hrl").
+-include_lib("dperl/dperl.hrl").
 
 -behavior(dperl_worker).
 
@@ -128,14 +128,14 @@ handle_info(execute, #state{name = Job} = State) ->
             erlang:send_after(?CYCLE_ALWAYS_WAIT(?MODULE, Job), self(), execute),
             {noreply, State5}
     catch
-        error:{sfh_error, Error, State5} ->
-            ?JError("~p ~p step_failed~n~p", [?MODULE, Error, erlang:get_stacktrace()]),
+        error:{sfh_error, Error, State5}:Stacktrace ->
+            ?JError("~p ~p step_failed~n~p", [?MODULE, Error, Stacktrace]),
             dperl_dal:update_job_dyn(Job, #{}, error),
             erlang:send_after(?CYCLE_ERROR_WAIT(?MODULE, Job), self(), execute),
             dperl_dal:job_error(get(jstate), <<"step failed">>, Error),
             {noreply, State5};
-        Class:Error ->
-            ?JError("~p ~p ~p~n~p", [?MODULE, Class, Error, erlang:get_stacktrace()]),
+        Class:Error:Stacktrace ->
+            ?JError("~p ~p ~p~n~p", [?MODULE, Class, Error, Stacktrace]),
             dperl_dal:update_job_dyn(Job, error),
             erlang:send_after(?CYCLE_ERROR_WAIT(?MODULE, Job), self(), execute),
             dperl_dal:job_error(get(jstate), atom_to_binary(Class, utf8), Error),
diff --git a/src/dperl_skvh_copy.erl b/src/dperl/jobs/dperl_skvh_copy.erl
similarity index 99%
rename from src/dperl_skvh_copy.erl
rename to src/dperl/jobs/dperl_skvh_copy.erl
index e8d1d839..a148fad1 100644
--- a/src/dperl_skvh_copy.erl
+++ b/src/dperl/jobs/dperl_skvh_copy.erl
@@ -1,6 +1,6 @@
 -module(dperl_skvh_copy).
 
--include("dperl.hrl").
+-include_lib("dperl/dperl.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
@@ -159,10 +159,10 @@ terminate(Reason, #state{srcImemSess = SrcSession, dstImemSess = DstSession}) ->
         [Session:close() || Session <- [SrcSession, DstSession], Session /= undefined],
         ?JInfo("terminate ~p", [Reason])
     catch
-        _:Error ->
+        _:Error:Stacktrace ->
         dperl_dal:job_error(<<"terminate">>, <<"terminate">>, Error),
         ?JError("terminate ~p:~p ~p",
-                [Reason, Error, erlang:get_stacktrace()])
+                [Reason, Error, Stacktrace])
     end.
 
 code_change(OldVsn, State, Extra) ->
diff --git a/src/dperl_status.hrl b/src/dperl/jobs/dperl_status.hrl
similarity index 98%
rename from src/dperl_status.hrl
rename to src/dperl/jobs/dperl_status.hrl
index 0546dced..20e062d3 100644
--- a/src/dperl_status.hrl
+++ b/src/dperl/jobs/dperl_status.hrl
@@ -1,7 +1,7 @@
 -ifndef(_dperl_STATUS_HRL_).
 -define(_dperl_STATUS_HRL_, true).
 
--include("dperl.hrl").
+-include_lib("dperl/dperl.hrl").
 
 -record(context, {
             name                           :: list(),
diff --git a/src/dperl_status_agr.erl b/src/dperl/jobs/dperl_status_agr.erl
similarity index 100%
rename from src/dperl_status_agr.erl
rename to src/dperl/jobs/dperl_status_agr.erl
diff --git a/src/dperl_status_pre.erl b/src/dperl/jobs/dperl_status_pre.erl
similarity index 98%
rename from src/dperl_status_pre.erl
rename to src/dperl/jobs/dperl_status_pre.erl
index 939ee47a..408b8da0 100644
--- a/src/dperl_status_pre.erl
+++ b/src/dperl/jobs/dperl_status_pre.erl
@@ -7,8 +7,8 @@
 preprocess(MetricKey, Value, Timestamp, Node, Ctx) ->
     try preprocess_internal(MetricKey, Value, Timestamp, Node, Ctx)
     catch
-        Error:Exception ->
-            ?Error("Unable to format the Metric ~p : ~p, error ~p:~p ~p", [MetricKey, Value, Error, Exception, erlang:get_stacktrace()]),
+        Error:Exception:Stacktrace ->
+            ?Error("Unable to format the Metric ~p : ~p, error ~p:~p ~p", [MetricKey, Value, Error, Exception, Stacktrace]),
             {[], Ctx}
     end.
 
diff --git a/src/dperl_status_pull.erl b/src/dperl/jobs/dperl_status_pull.erl
similarity index 100%
rename from src/dperl_status_pull.erl
rename to src/dperl/jobs/dperl_status_pull.erl
diff --git a/src/dperl_service_oracle.erl b/src/dperl/services/dperl_service_oracle.erl
similarity index 99%
rename from src/dperl_service_oracle.erl
rename to src/dperl/services/dperl_service_oracle.erl
index e04de62a..dd994095 100644
--- a/src/dperl_service_oracle.erl
+++ b/src/dperl/services/dperl_service_oracle.erl
@@ -362,12 +362,12 @@ init_interface(#{baseUrl := BaseUrl, commonWhitelist := CWhiteList,
         end, FilteredListenerIps),
         {ok, State#state{listeners = FilteredListenerIps, port = Port}}
     catch
-        error : {badmatch,{error,{already_started,_}}} = Error ->
-            ?SError("error:~p~n~p", [Error, erlang:get_stacktrace()]),
+        error:{badmatch,{error,{already_started,_}}} = Error:Stacktrace ->
+            ?SError("error:~p~n~p", [Error, Stacktrace]),
             stop_listeners(Error, FilteredListenerIps, Port),
             init_interface(Intf, State);
-        Class:Error ->
-            ?SError("~p:~p~n~p", [Class, Error, erlang:get_stacktrace()]),
+        Class:Error:Stacktrace ->
+            ?SError("~p:~p~n~p", [Class, Error, Stacktrace]),
             {error, Error}
     end.
 
diff --git a/src/dperl_service_oracle.hrl b/src/dperl/services/dperl_service_oracle.hrl
similarity index 99%
rename from src/dperl_service_oracle.hrl
rename to src/dperl/services/dperl_service_oracle.hrl
index 435bb385..e31ffa6d 100644
--- a/src/dperl_service_oracle.hrl
+++ b/src/dperl/services/dperl_service_oracle.hrl
@@ -1,7 +1,7 @@
 -ifndef(_dperl_ora_).
 -define(_dperl_ora_, true).
 
--include("dperl.hrl").
+-include_lib("dperl/dperl.hrl").
 
 -define(MAX_COMMENT_LENGTH, 200).
 -define(MAX_REQUESTOR_LENGTH, 20).

From bddb6839474e46a01c4def7767c24d6ba79588de Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 15 Apr 2020 16:52:48 +0200
Subject: [PATCH 04/72] removed warnings

---
 src/dperl/services/dperl_service_oracle.erl | 10 +++++-----
 src/ouraring_crawl.erl                      |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/dperl/services/dperl_service_oracle.erl b/src/dperl/services/dperl_service_oracle.erl
index dd994095..b694309b 100644
--- a/src/dperl/services/dperl_service_oracle.erl
+++ b/src/dperl/services/dperl_service_oracle.erl
@@ -399,10 +399,10 @@ local_ips(ListenerAddresses) ->
         end, [], ListenerAddresses
     ).
 
-init_resources(#{credential := #{user := User, password := Password},
-                 links := Links} = Resources,
-               #state{active_link = ActiveLink} = State) ->
-    #{opt := Opts, tns := TNS} = lists:nth(ActiveLink, Links),
+init_resources(#{credential := #{user := _User, password := _Password},
+                 links := Links} = _Resources,
+               #state{active_link = ActiveLink} = _State) ->
+    #{opt := _Opts, tns := _TNS} = lists:nth(ActiveLink, Links),
     {error, unimplemented}.
     %% TODO : reimplement without erlocipool
     %Options = dperl_dal:oci_opts(?ERLOCIPOOL_LOG_CB, Opts),
@@ -481,7 +481,7 @@ init_resources(#{credential := #{user := User, password := Password},
     %end.
 
 -spec create_stmt(atom(), binary(), list()) -> tuple().
-create_stmt(Pool, Sql, Binds) ->
+create_stmt(_Pool, _Sql, _Binds) ->
     {error, unimplemented}.
     %% TODO
     % ?OciStmt(Pool, Sql, Binds, Stmt),
diff --git a/src/ouraring_crawl.erl b/src/ouraring_crawl.erl
index 5eb42dd5..8f237caa 100644
--- a/src/ouraring_crawl.erl
+++ b/src/ouraring_crawl.erl
@@ -79,8 +79,8 @@ run(#{
   #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
   io:format("Auth ~p~n", [Auth]),
   io:format("-----~nUserInfo :~n~p~n-----~n", [userinfo(AccessToken)]),
-  io:format("-----~nSleep :~n~p~n-----~n", [sleep(AccessToken)]).%,
-  %io:format("-----~nActivity :~n~p~n-- Activity --~n", [activity(AccessToken)]).
+  io:format("-----~nSleep :~n~p~n-----~n", [sleep(AccessToken)]),
+  io:format("-----~nActivity :~n~p~n-- Activity --~n", [activity(AccessToken)]).
 
 userinfo(AccessToken) ->
   {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(

From b1652a46778cc587f9029538a0986d20f0b98c04 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sun, 19 Apr 2020 00:23:51 +0200
Subject: [PATCH 05/72] dper ouraring job WIP

---
 rebar.config                            |   3 +-
 src/dperl/jobs/dperl_ouraring_crawl.erl | 271 ++++++++++++++++++++++++
 2 files changed, 273 insertions(+), 1 deletion(-)
 create mode 100644 src/dperl/jobs/dperl_ouraring_crawl.erl

diff --git a/rebar.config b/rebar.config
index e47db9cc..3b8e538a 100644
--- a/rebar.config
+++ b/rebar.config
@@ -42,7 +42,8 @@
     {esaml, {git, "https://github.com/K2InformaticsGmbH/esaml", {tag, "2.3.0"}}},
     {imem, {git, "https://bitbucket.org/konnexions/imem", {tag, "3.9.0"}}},
     {oranif, {git, "https://github.com/c-bik/oranif", {branch, "master"}}},
-    {prometheus, "4.5.0"}
+    {prometheus, "4.5.0"},
+    {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}}
 ]}.
 
 {erl_first_files, [
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
new file mode 100644
index 00000000..f98fd933
--- /dev/null
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -0,0 +1,271 @@
+-module(dperl_ouraring_crawl).
+
+-include_lib("dperl/dperl.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+-define(SHIFT_DAYS(__JOB_NAME),
+          ?GET_CONFIG(daysToBeShiftedAtStart, [__JOB_NAME], 100,
+          "Days to be shifted backwards for starting the job")
+       ).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         get_status/1, init_state/1]).
+
+-record(state, {name, channel, client_id, client_secret, password, email,
+                cb_uri, is_connected = false, access_token, api_url, oauth_url,
+                last_day, infos = []}).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/2, do_refresh/2, 
+         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
+         update_dst/3, report_status/3]).
+
+connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = CallbackUri,
+                         client_secret = ClientSecret, password = Password,
+                         email = Email, oauth_url = OauthUrl} = State) ->
+    inets:start(httpc, [{profile, ?MODULE}]),
+    ok = httpc:set_options([{cookies, enabled}], ?MODULE),
+    Url = OauthUrl ++ "/oauth/authorize"
+    ++ "?response_type=code"
+    ++ "&client_id=" ++ ClientId
+    ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
+    ++ "&scope=email+personal+daily"
+    ++ "&state=" ++ "test",
+    %io:format(">>>>>>>>>> authorize: ~s~n", [Url]),
+    case httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE) of
+        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} ->
+            RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
+            % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri]),
+            {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
+            SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
+            {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
+            {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
+            post, {
+                RedirectUri, [], "application/x-www-form-urlencoded",
+                "_xsrf="++edoc_lib:escape_uri(XRefCookie)
+                ++ "&email=" ++ edoc_lib:escape_uri(Email)
+                ++ "&password=" ++ edoc_lib:escape_uri(Password)
+            }, [{autoredirect, false}], [], ?MODULE
+            ),
+            RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
+            % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri_1]),
+            {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
+            {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
+            post, {
+                RedirectUri_1, [], "application/x-www-form-urlencoded",
+                "_xsrf="++edoc_lib:escape_uri(XRefCookie)
+                ++ "&scope_email=on"
+                ++ "&scope_personal=on"
+                ++ "&scope_daily=on"
+                ++ "&allow=Accept"
+            }, [{autoredirect, false}], [], ?MODULE
+            ),
+            RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
+            % io:format(">>>>>>>>>> 302 RedirectUri: ~s~n", [RedirectUri_2]),
+            #{query := QueryString} = uri_string:parse(RedirectUri_2),
+            #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
+            % io:format(">>>>>>>>>> Code: ~p~n", [Code]),
+            {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
+            post, {
+                OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
+                "grant_type=authorization_code"
+                ++ "&code=" ++ Code
+                ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
+                ++ "&client_id=" ++ ClientId
+                ++ "&client_secret=" ++ ClientSecret
+            }, [{autoredirect, false}], [], ?MODULE
+            ),
+            #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
+            ?JInfo("Auth is : ~p", [Auth]),
+            {ok, State#state{is_connected = true, access_token = AccessToken}};
+        {ok, {{_, 200, _}, _, Body}} ->
+            ?JInfo("code : ~p body :  ~p", [200, Body]),
+            ?JInfo("!!!! cookies :~p", [httpc:which_cookies(?MODULE)]),
+            {error, Body, State}
+    end;
+connect_check_src(State) -> {ok, State}.
+
+get_source_events(#state{infos = []} = State, _BulkSize) ->
+    {ok, sync_complete, State};
+get_source_events(#state{infos = Infos} = State, _BulkSize) ->
+    {ok, Infos, State#state{infos = []}}.
+
+connect_check_dst(State) -> {ok, State}.
+
+do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
+
+fetch_src({_Key, Value}, _State) -> Value.
+
+fetch_dst({Key, _}, State) ->
+    dperl_dal:read_channel(State#state.channel, Key).
+
+insert_dst(Key, Val, State) ->
+    update_dst(Key, Val, State).
+
+report_status(_Key, _Status, _State) -> no_op.
+
+do_cleanup(State, _BlkCount) ->
+    {ok, State1} = connect_check_src(State),
+    {DayQuery, State2} = get_day(State1),
+    State3 = lists:foldl(
+        fun(Fun, Acc) ->
+            try Fun(DayQuery, Acc)
+            catch E:C:S ->
+                ?JError("E : ~p, C : ~p, S : ~p", [E, C, S]),
+                {ok, Acc1} = connect_check_src(Acc#state{is_connected = false}),
+                Fun(Acc1)
+            end
+        end, State2, [fun fetch_userinfo/2, fun fetch_activity/2,
+                      fun fetch_sleep/2, fun fetch_readiness/2]),
+    case State3#state.infos of
+        [_] ->
+            {ok, finish, State3#state{infos = []}};
+        Infos ->
+            ?Info("Infos : ~p", [Infos]),
+            {ok, State3}
+    end.
+
+delete_dst(Key, #state{channel = Channel} = State) ->
+    ?JInfo("Deleting : ~p", [Key]),
+    dperl_dal:remove_from_channel(Channel, Key),
+    {false, State}.
+
+update_dst({Key, _}, Val, State) ->
+    update_dst(Key, Val, State);
+update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
+    dperl_dal:write_channel(Channel, Key, Val),
+    {false, State};
+update_dst(Key, Val, State) ->
+    update_dst(Key, imem_json:encode(Val), State).
+
+get_status(#state{last_day = LastDay}) ->
+    #{lastDay => LastDay}.
+
+init_state([]) -> #state{};
+init_state([#dperlNodeJobDyn{state = #{lastDay := LastDay}} | _]) ->
+    #state{last_day = LastDay};
+init_state([_ | Others]) ->
+    init_state(Others).
+
+init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
+                srcArgs = #{client_id := ClientId, user_password := Password,
+                            client_secret := ClientSecret, user_email := Email,
+                            cb_uri := CallbackUri, api_url := ApiUrl,
+                            oauth_url := OauthUrl}}, State}) ->
+    ?JInfo("Starting from : ~s", [State#state.last_day]),
+    ChannelBin = dperl_dal:to_binary(Channel),
+    dperl_dal:create_check_channel(ChannelBin),
+    {ok, State#state{channel = ChannelBin, client_id = ClientId,
+                     client_secret = ClientSecret, password = Password,
+                     email = Email, cb_uri = CallbackUri, name = Name,
+                     api_url = ApiUrl, oauth_url = OauthUrl}};
+init(Args) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(Request, State) ->
+    ?JWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, _State) ->
+    httpc:reset_cookies(?MODULE),
+    ?JInfo("terminate ~p", [Reason]).
+
+fetch_userinfo(_, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
+      get, {ApiUrl ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+      [{autoredirect, false}], [], ?MODULE
+    ),
+    UserInfo = imem_json:decode(list_to_binary(UserInfoJson), [return_maps]),
+    Info = {["ouraring", "userinfo"], UserInfo},
+    State#state{infos = [Info | State#state.infos]}.
+
+get_day(State) ->
+    Key = ["ouraring", "sleep"],
+    Yesterday = edate:yesterday(),
+    YDayStr = edate:date_to_string(Yesterday),
+    Day =
+    case dperl_dal:read_channel(State#state.channel, Key) of
+        ?NOT_FOUND ->
+            case State#state.last_day of
+                undefined ->
+                     SDays = ?SHIFT_DAYS(State#state.name),
+                    edate:date_to_string(edate:shift(-1 * SDays, days));
+                YDayStr ->
+                    YDayStr;
+                LastDay ->
+                    edate:date_to_string(edate:shift(edate:string_to_date(LastDay), 1, days))
+            end;
+        #{<<"_day">> := DayBin} ->
+            DayStr = binary_to_list(DayBin),
+            case {edate:string_to_date(DayStr), Yesterday} of
+                {D, D} -> DayStr;
+                {D1, D2} when D1 < D2 -> edate:date_to_string(edate:shift(D1, 1, day));
+                {_, Yesterday} -> edate:date_to_string(Yesterday)
+            end
+    end,
+    DayQuery = "?start=" ++ Day ++ "&end=" ++ Day,
+    {DayQuery, State#state{last_day = Day}}.
+
+fetch_sleep(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    {ok,{{"HTTP/1.1",200,"OK"}, _, SleepInfoJson}} = httpc:request(
+        get, {ApiUrl ++ "/v1/sleep" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+        [{autoredirect, false}], [], ?MODULE
+    ),
+    case imem_json:decode(list_to_binary(SleepInfoJson), [return_maps]) of
+        #{<<"sleep">> := []} ->
+            State;
+        Sleep ->
+            Info = {["ouraring", "sleep"], Sleep#{<<"_day">> => list_to_binary(State#state.last_day)}},
+            State#state{infos = [Info | State#state.infos]}
+    end.
+
+fetch_activity(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    {ok,{{"HTTP/1.1",200,"OK"}, _, ActivityInfoJson}} = httpc:request(
+        get, {ApiUrl ++ "/v1/activity" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+        [{autoredirect, false}], [], ?MODULE
+    ),
+    case imem_json:decode(list_to_binary(ActivityInfoJson), [return_maps]) of
+        #{<<"activity">> := []} ->
+            State;
+        Activity ->
+            Info = {["ouraring", "activity"], Activity#{<<"_day">> => list_to_binary(State#state.last_day)}},
+            State#state{infos = [Info | State#state.infos]}
+    end.
+
+fetch_readiness(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    {ok,{{"HTTP/1.1",200,"OK"}, _, ReadinessJson}} = httpc:request(
+        get, {ApiUrl ++ "/v1/readiness" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+        [{autoredirect, false}], [], ?MODULE
+    ),
+    case imem_json:decode(list_to_binary(ReadinessJson), [return_maps]) of
+        #{<<"readiness">> := []} ->
+            State;
+        Readiness ->
+            Info = {["ouraring", "readiness"], Readiness#{<<"_day">> => list_to_binary(State#state.last_day)}},
+            State#state{infos = [Info | State#state.infos]}
+    end.
+
+% format_links(Links) ->
+%     lists:map(
+%         fun(#{url := Url} = Link) ->
+%             NewUrl = 
+%             case lists:last(Url) of
+%                 $/ -> Url;
+%                 _ -> Url ++ "/"
+%             end,
+%             Link#{url := NewUrl};
+%           (Link) -> Link
+%         end, Links).

From 8b57ceb37dc601421367415f61493c8a17810a20 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Mon, 20 Apr 2020 18:22:17 +0200
Subject: [PATCH 06/72] dper oura fetch wIP

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 151 ++++++++++++------------
 1 file changed, 78 insertions(+), 73 deletions(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index f98fd933..88dec514 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -16,7 +16,7 @@
 
 -record(state, {name, channel, client_id, client_secret, password, email,
                 cb_uri, is_connected = false, access_token, api_url, oauth_url,
-                last_day, infos = []}).
+                last_sleep_day, last_activity_day, last_readiness_day, infos = []}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -110,22 +110,24 @@ report_status(_Key, _Status, _State) -> no_op.
 
 do_cleanup(State, _BlkCount) ->
     {ok, State1} = connect_check_src(State),
-    {DayQuery, State2} = get_day(State1),
-    State3 = lists:foldl(
-        fun(Fun, Acc) ->
-            try Fun(DayQuery, Acc)
-            catch E:C:S ->
-                ?JError("E : ~p, C : ~p, S : ~p", [E, C, S]),
-                {ok, Acc1} = connect_check_src(Acc#state{is_connected = false}),
-                Fun(Acc1)
+    State2 = lists:foldl(
+        fun(Type, Acc) ->
+            case get_day(Type, Acc) of
+                fetched -> Acc;
+                Day ->
+                    try fetch_metric(Type, Day, Acc)
+                    catch E:C:S ->
+                        ?JError("E : ~p, C : ~p, S : ~p", [E, C, S]),
+                        {ok, Acc1} = connect_check_src(Acc#state{is_connected = false}),
+                        fetch_metric(Type, Day, Acc1)
+                    end
             end
-        end, State2, [fun fetch_userinfo/2, fun fetch_activity/2,
-                      fun fetch_sleep/2, fun fetch_readiness/2]),
-    case State3#state.infos of
-        [_] ->
-            {ok, finish, State3#state{infos = []}};
-        Infos ->
-            ?Info("Infos : ~p", [Infos]),
+        end, State1, ["sleep", "activity", "readiness"]),
+    State3 = fetch_userinfo(State2),
+    case State2#state.infos of
+        [] ->
+            {ok, finish, State3};
+        _ ->
             {ok, State3}
     end.
 
@@ -142,12 +144,19 @@ update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
 update_dst(Key, Val, State) ->
     update_dst(Key, imem_json:encode(Val), State).
 
-get_status(#state{last_day = LastDay}) ->
-    #{lastDay => LastDay}.
+get_status(#state{last_sleep_day = LastSleepDay,
+                  last_activity_day = LastActivityDay,
+                  last_readiness_day = LastReadinessDay}) ->
+    #{lastSleepDay => LastSleepDay, lastActivityDay => LastActivityDay,
+      lastReadinessDay => LastReadinessDay}.
 
 init_state([]) -> #state{};
-init_state([#dperlNodeJobDyn{state = #{lastDay := LastDay}} | _]) ->
-    #state{last_day = LastDay};
+init_state([#dperlNodeJobDyn{state = State} | _]) ->
+    LastSleepDay = maps:get(lastSleepDay, State, undefined),
+    LastActivityDay = maps:get(lastActivityDay, State, undefined),
+    LastReadinessDay = maps:get(lastReadinessDay, State, undefined),
+    #state{last_sleep_day = LastSleepDay, last_activity_day = LastActivityDay,
+           last_readiness_day = LastReadinessDay};
 init_state([_ | Others]) ->
     init_state(Others).
 
@@ -156,7 +165,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
                             client_secret := ClientSecret, user_email := Email,
                             cb_uri := CallbackUri, api_url := ApiUrl,
                             oauth_url := OauthUrl}}, State}) ->
-    ?JInfo("Starting from : ~s", [State#state.last_day]),
+    ?JInfo("Starting ..."),
     ChannelBin = dperl_dal:to_binary(Channel),
     dperl_dal:create_check_channel(ChannelBin),
     {ok, State#state{channel = ChannelBin, client_id = ClientId,
@@ -183,7 +192,7 @@ terminate(Reason, _State) ->
     httpc:reset_cookies(?MODULE),
     ?JInfo("terminate ~p", [Reason]).
 
-fetch_userinfo(_, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
     {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
       get, {ApiUrl ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
       [{autoredirect, false}], [], ?MODULE
@@ -192,71 +201,67 @@ fetch_userinfo(_, #state{api_url = ApiUrl, access_token = AccessToken} = State)
     Info = {["ouraring", "userinfo"], UserInfo},
     State#state{infos = [Info | State#state.infos]}.
 
-get_day(State) ->
-    Key = ["ouraring", "sleep"],
+get_day(Type, State) ->
+    LastDay = get_last_day(Type, State),
+    Key = ["ouraring", Type],
     Yesterday = edate:yesterday(),
-    YDayStr = edate:date_to_string(Yesterday),
-    Day =
     case dperl_dal:read_channel(State#state.channel, Key) of
         ?NOT_FOUND ->
-            case State#state.last_day of
+            case LastDay of
                 undefined ->
-                     SDays = ?SHIFT_DAYS(State#state.name),
-                    edate:date_to_string(edate:shift(-1 * SDays, days));
-                YDayStr ->
-                    YDayStr;
+                    SDays = ?SHIFT_DAYS(State#state.name),
+                    edate:shift(-1 * SDays, days);
+                Yesterday ->
+                    Yesterday;
                 LastDay ->
-                    edate:date_to_string(edate:shift(edate:string_to_date(LastDay), 1, days))
+                    edate:shift(LastDay, 1, days)
             end;
         #{<<"_day">> := DayBin} ->
             DayStr = binary_to_list(DayBin),
             case {edate:string_to_date(DayStr), Yesterday} of
-                {D, D} -> DayStr;
-                {D1, D2} when D1 < D2 -> edate:date_to_string(edate:shift(D1, 1, day));
-                {_, Yesterday} -> edate:date_to_string(Yesterday)
+                {D, D} -> fetched;
+                {D1, D2} when D1 < D2 -> edate:shift(D1, 1, day);
+                {_, Yesterday} -> Yesterday
             end
-    end,
-    DayQuery = "?start=" ++ Day ++ "&end=" ++ Day,
-    {DayQuery, State#state{last_day = Day}}.
-
-fetch_sleep(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    {ok,{{"HTTP/1.1",200,"OK"}, _, SleepInfoJson}} = httpc:request(
-        get, {ApiUrl ++ "/v1/sleep" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-        [{autoredirect, false}], [], ?MODULE
-    ),
-    case imem_json:decode(list_to_binary(SleepInfoJson), [return_maps]) of
-        #{<<"sleep">> := []} ->
-            State;
-        Sleep ->
-            Info = {["ouraring", "sleep"], Sleep#{<<"_day">> => list_to_binary(State#state.last_day)}},
-            State#state{infos = [Info | State#state.infos]}
     end.
 
-fetch_activity(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    {ok,{{"HTTP/1.1",200,"OK"}, _, ActivityInfoJson}} = httpc:request(
-        get, {ApiUrl ++ "/v1/activity" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-        [{autoredirect, false}], [], ?MODULE
-    ),
-    case imem_json:decode(list_to_binary(ActivityInfoJson), [return_maps]) of
-        #{<<"activity">> := []} ->
-            State;
-        Activity ->
-            Info = {["ouraring", "activity"], Activity#{<<"_day">> => list_to_binary(State#state.last_day)}},
-            State#state{infos = [Info | State#state.infos]}
+fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
+    {ok,{{"HTTP/1.1",200,"OK"}, _, MetricJson}} = httpc:request(
+        get, {ApiUrl ++ "/v1/" ++ Type ++ day_query(Day), [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
+        [{autoredirect, false}], [], ?MODULE),
+    TypeBin = list_to_binary(Type),
+    case imem_json:decode(list_to_binary(MetricJson), [return_maps]) of
+        #{TypeBin := []} ->
+            NextDay = next_day(Day),
+            case NextDay =< edate:yesterday() of
+                true ->
+                    fetch_metric(Type, NextDay, State);
+                false ->
+                    State
+            end;
+        Metric ->
+            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            set_metric_day(Type, Day, State#state{infos = [Info | State#state.infos]})
     end.
 
-fetch_readiness(DayQuery, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    {ok,{{"HTTP/1.1",200,"OK"}, _, ReadinessJson}} = httpc:request(
-        get, {ApiUrl ++ "/v1/readiness" ++ DayQuery, [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-        [{autoredirect, false}], [], ?MODULE
-    ),
-    case imem_json:decode(list_to_binary(ReadinessJson), [return_maps]) of
-        #{<<"readiness">> := []} ->
-            State;
-        Readiness ->
-            Info = {["ouraring", "readiness"], Readiness#{<<"_day">> => list_to_binary(State#state.last_day)}},
-            State#state{infos = [Info | State#state.infos]}
-    end.
+next_day(Day) when is_list(Day) ->
+    next_day(edate:string_to_date(Day));
+next_day(Day) when is_tuple(Day) ->
+    edate:shift(Day, 1, day).
+
+day_query(Day) when is_tuple(Day) ->
+    day_query(edate:date_to_string(Day));
+day_query(Day) when is_list(Day) ->
+    "?start=" ++ Day ++ "&end=" ++ Day.
+
+get_last_day("sleep", #state{last_sleep_day = LastSleepDay}) -> LastSleepDay;
+get_last_day("activity", #state{last_activity_day = LastActivityDay}) -> LastActivityDay;
+get_last_day("readiness", #state{last_readiness_day = LastReadinessDay}) -> LastReadinessDay.
+
+set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
+set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
+set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
 
 % format_links(Links) ->
 %     lists:map(

From 64e7f41d7bd36ca4355451654059789106f16d1d Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 21 Apr 2020 13:05:39 +0200
Subject: [PATCH 07/72] ourar rinj job complete

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 148 ++++++++++++++----------
 src/ouraring_crawl.erl                  | 104 -----------------
 2 files changed, 88 insertions(+), 164 deletions(-)
 delete mode 100644 src/ouraring_crawl.erl

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 88dec514..3c192924 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -16,7 +16,8 @@
 
 -record(state, {name, channel, client_id, client_secret, password, email,
                 cb_uri, is_connected = false, access_token, api_url, oauth_url,
-                last_sleep_day, last_activity_day, last_readiness_day, infos = []}).
+                last_sleep_day, last_activity_day, last_readiness_day,
+                infos = [], auth_time, auth_expiry}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -24,22 +25,27 @@
          fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
          update_dst/3, report_status/3]).
 
+connect_check_src(#state{is_connected = true, auth_expiry = ExpiresIn, auth_time = AuthTime} = State) ->
+    case imem_datatype:sec_diff(AuthTime) of
+        Diff when Diff >= (ExpiresIn - 100) ->
+            % access token will expire in 100 seconds or less
+            connect_check_src(State#state{is_connected = false});
+        _ ->
+            {ok, State}
+    end;
 connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = CallbackUri,
                          client_secret = ClientSecret, password = Password,
                          email = Email, oauth_url = OauthUrl} = State) ->
-    inets:start(httpc, [{profile, ?MODULE}]),
-    ok = httpc:set_options([{cookies, enabled}], ?MODULE),
+    httpc:reset_cookies(?MODULE),
     Url = OauthUrl ++ "/oauth/authorize"
     ++ "?response_type=code"
     ++ "&client_id=" ++ ClientId
     ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
     ++ "&scope=email+personal+daily"
     ++ "&state=" ++ "test",
-    %io:format(">>>>>>>>>> authorize: ~s~n", [Url]),
     case httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE) of
         {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} ->
             RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
-            % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri]),
             {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
             SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
             {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
@@ -52,7 +58,6 @@ connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = Ca
             }, [{autoredirect, false}], [], ?MODULE
             ),
             RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
-            % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri_1]),
             {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
             {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
             post, {
@@ -65,10 +70,8 @@ connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = Ca
             }, [{autoredirect, false}], [], ?MODULE
             ),
             RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
-            % io:format(">>>>>>>>>> 302 RedirectUri: ~s~n", [RedirectUri_2]),
             #{query := QueryString} = uri_string:parse(RedirectUri_2),
             #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
-            % io:format(">>>>>>>>>> Code: ~p~n", [Code]),
             {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
             post, {
                 OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
@@ -79,13 +82,13 @@ connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = Ca
                 ++ "&client_secret=" ++ ClientSecret
             }, [{autoredirect, false}], [], ?MODULE
             ),
-            #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
-            ?JInfo("Auth is : ~p", [Auth]),
-            {ok, State#state{is_connected = true, access_token = AccessToken}};
-        {ok, {{_, 200, _}, _, Body}} ->
-            ?JInfo("code : ~p body :  ~p", [200, Body]),
-            ?JInfo("!!!! cookies :~p", [httpc:which_cookies(?MODULE)]),
-            {error, Body, State}
+            #{<<"access_token">> := AccessToken, <<"expires_in">> := ExpiresIn} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
+            ?JInfo("Authentication successful : ~p", [Auth]),
+            {ok, State#state{is_connected = true, access_token = AccessToken,
+                             auth_expiry = ExpiresIn, auth_time = imem_meta:time()}};
+        Error ->
+            ?JError("Unexpected response : ~p", [Error]),
+            {error, invalid_return, State}
     end;
 connect_check_src(State) -> {ok, State}.
 
@@ -109,26 +112,17 @@ insert_dst(Key, Val, State) ->
 report_status(_Key, _Status, _State) -> no_op.
 
 do_cleanup(State, _BlkCount) ->
-    {ok, State1} = connect_check_src(State),
-    State2 = lists:foldl(
-        fun(Type, Acc) ->
-            case get_day(Type, Acc) of
-                fetched -> Acc;
-                Day ->
-                    try fetch_metric(Type, Day, Acc)
-                    catch E:C:S ->
-                        ?JError("E : ~p, C : ~p, S : ~p", [E, C, S]),
-                        {ok, Acc1} = connect_check_src(Acc#state{is_connected = false}),
-                        fetch_metric(Type, Day, Acc1)
-                    end
-            end
-        end, State1, ["sleep", "activity", "readiness"]),
-    State3 = fetch_userinfo(State2),
-    case State2#state.infos of
-        [] ->
-            {ok, finish, State3};
-        _ ->
-            {ok, State3}
+    Types = ["sleep", "activity", "readiness", "userinfo"],
+    case fetch_metrics(Types, State) of
+        {ok, State2} ->
+            case State2#state.infos of
+                [_] ->
+                    {ok, finish, State2};
+                _ ->
+                    {ok, State2}
+            end;
+        {error, Error} ->
+            {error, Error, State#state{is_connected = false}}
     end.
 
 delete_dst(Key, #state{channel = Channel} = State) ->
@@ -168,6 +162,8 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
     ?JInfo("Starting ..."),
     ChannelBin = dperl_dal:to_binary(Channel),
     dperl_dal:create_check_channel(ChannelBin),
+    inets:start(httpc, [{profile, ?MODULE}]),
+    ok = httpc:set_options([{cookies, enabled}], ?MODULE),
     {ok, State#state{channel = ChannelBin, client_id = ClientId,
                      client_secret = ClientSecret, password = Password,
                      email = Email, cb_uri = CallbackUri, name = Name,
@@ -192,14 +188,57 @@ terminate(Reason, _State) ->
     httpc:reset_cookies(?MODULE),
     ?JInfo("terminate ~p", [Reason]).
 
+fetch_metrics([], State) -> {ok, State};
+fetch_metrics(["userinfo" | Types], State) ->
+    case fetch_userinfo(State) of
+        {error, Error} ->
+            {error, Error};
+        State1 ->
+            fetch_metrics(Types, State1)
+    end;
+fetch_metrics([Type | Types], State) ->
+    case get_day(Type, State) of
+        fetched ->
+            fetch_metrics(Types, State);
+        Day ->
+            case fetch_metric(Type, Day, State) of
+                {error, Error} ->
+                    {error, Error};
+                State1 ->
+                    fetch_metrics(Types, State1)
+            end
+    end.
+
+fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
+    Url = ApiUrl ++ "/v1/" ++ Type ++ day_query(Day),
+    TypeBin = list_to_binary(Type),
+    case exec_req(Url, AccessToken) of
+        #{TypeBin := []} ->
+            NextDay = next_day(Day),
+            case NextDay =< edate:yesterday() of
+                true ->
+                    fetch_metric(Type, NextDay, State);
+                false ->
+                    State
+            end;
+        Metric when is_map(Metric) ->
+            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            set_metric_day(Type, Day, State#state{infos = [Info | State#state.infos]});
+        {error, Error} ->
+            ?JError("Error fetching ~s for ~p : ~p", [Type, Day, Error]),
+            {error, Error}
+    end.
+
 fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
-      get, {ApiUrl ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-      [{autoredirect, false}], [], ?MODULE
-    ),
-    UserInfo = imem_json:decode(list_to_binary(UserInfoJson), [return_maps]),
-    Info = {["ouraring", "userinfo"], UserInfo},
-    State#state{infos = [Info | State#state.infos]}.
+    case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
+        UserInfo when is_map(UserInfo) ->
+            Info = {["ouraring", "userinfo"], UserInfo},
+            State#state{infos = [Info | State#state.infos]};
+        {error, Error} ->
+            ?JError("Error fetching userinfo : ~p", [Error]),
+            {error, Error}
+    end.
 
 get_day(Type, State) ->
     LastDay = get_last_day(Type, State),
@@ -225,24 +264,13 @@ get_day(Type, State) ->
             end
     end.
 
-fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
-    {ok,{{"HTTP/1.1",200,"OK"}, _, MetricJson}} = httpc:request(
-        get, {ApiUrl ++ "/v1/" ++ Type ++ day_query(Day), [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-        [{autoredirect, false}], [], ?MODULE),
-    TypeBin = list_to_binary(Type),
-    case imem_json:decode(list_to_binary(MetricJson), [return_maps]) of
-        #{TypeBin := []} ->
-            NextDay = next_day(Day),
-            case NextDay =< edate:yesterday() of
-                true ->
-                    fetch_metric(Type, NextDay, State);
-                false ->
-                    State
-            end;
-        Metric ->
-            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
-            set_metric_day(Type, Day, State#state{infos = [Info | State#state.infos]})
+exec_req(Url, AccessToken) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+    case httpc:request(get, {Url, AuthHeader}, [{autoredirect, false}], [], ?MODULE) of
+        {ok, {{_, 200, "OK"}, _, Result}} ->
+            imem_json:decode(list_to_binary(Result), [return_maps]);
+        Error ->
+            {error, Error}
     end.
 
 next_day(Day) when is_list(Day) ->
diff --git a/src/ouraring_crawl.erl b/src/ouraring_crawl.erl
deleted file mode 100644
index 8f237caa..00000000
--- a/src/ouraring_crawl.erl
+++ /dev/null
@@ -1,104 +0,0 @@
--module(ouraring_crawl).
-
--export([run/0, run/1]).
-
--define(OAUTH2_URL_PREFIX, "https://cloud.ouraring.com").
--define(API_URL_PREFIX, "https://api.ouraring.com").
-run() ->
-  {ok, _} = application:ensure_all_started(inets),
-  {ok, _} = application:ensure_all_started(ssl),
-  run(#{
-    client_id => "REMERNOADFFDIN3O",
-    client_secret => "HYJEW2WTIVIEXQNOTPDN7Y346GYSLNL3",
-    cb_uri => "https://127.0.0.1:8443/callback",
-    user_email => "max.ochsenbein@k2informatics.ch",
-    user_password => "cFMMax--XG$k2sa",
-    state => "any+value+as+state"
-  }).
-
-run(#{
-  client_id := ClientId,
-  client_secret := ClientSecret,
-  cb_uri := CallbackUri,
-  user_email := Email,
-  user_password := Password,
-  state := State
-}) ->  
-  inets:stop(httpc, ?MODULE),
-  {ok, _} = inets:start(httpc, [{profile, ?MODULE}]),
-  ok = httpc:set_options([{cookies, enabled}], ?MODULE),
-  Url = ?OAUTH2_URL_PREFIX ++ "/oauth/authorize"
-    ++ "?response_type=code"
-    ++ "&client_id=" ++ ClientId
-    ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-    ++ "&scope=email+personal+daily"
-    ++ "&state=" ++ State,
-  %io:format(">>>>>>>>>> authorize: ~s~n", [Url]),
-  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
-  RedirectUri = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302),
-  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri]),
-  {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
-  SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
-  {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
-  {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
-    post, {
-      RedirectUri, [], "application/x-www-form-urlencoded",
-      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-      ++ "&email=" ++ edoc_lib:escape_uri(Email)
-      ++ "&password=" ++ edoc_lib:escape_uri(Password)
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  RedirectUri_1 = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302_1),
-  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri_1]),
-  {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
-  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
-    post, {
-      RedirectUri_1, [], "application/x-www-form-urlencoded",
-      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-      ++ "&scope_email=on"
-      ++ "&scope_personal=on"
-      ++ "&scope_daily=on"
-      ++ "&allow=Accept"
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
-  % io:format(">>>>>>>>>> 302 RedirectUri: ~s~n", [RedirectUri_2]),
-  #{query := QueryString} = uri_string:parse(RedirectUri_2),
-  #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
-  % io:format(">>>>>>>>>> Code: ~p~n", [Code]),
-  {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
-    post, {
-      ?OAUTH2_URL_PREFIX ++ "/oauth/token", [], "application/x-www-form-urlencoded",
-      "grant_type=authorization_code"
-      ++ "&code=" ++ Code
-      ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-      ++ "&client_id=" ++ ClientId
-      ++ "&client_secret=" ++ ClientSecret
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
-  io:format("Auth ~p~n", [Auth]),
-  io:format("-----~nUserInfo :~n~p~n-----~n", [userinfo(AccessToken)]),
-  io:format("-----~nSleep :~n~p~n-----~n", [sleep(AccessToken)]),
-  io:format("-----~nActivity :~n~p~n-- Activity --~n", [activity(AccessToken)]).
-
-userinfo(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(UserInfoJson), [return_maps]).
-
-sleep(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, SleepInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/sleep", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(SleepInfoJson), [return_maps]).
-
-activity(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, ActivityInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/activity", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(ActivityInfoJson), [return_maps]).

From de76bfb9ab55ff8c33608b71c6dd0f3f6c46d621 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 28 Apr 2020 11:33:39 +0200
Subject: [PATCH 08/72] removed services

---
 src/dperl/services/dperl_service_oracle.erl | 703 --------------------
 src/dperl/services/dperl_service_oracle.hrl | 215 ------
 2 files changed, 918 deletions(-)
 delete mode 100644 src/dperl/services/dperl_service_oracle.erl
 delete mode 100644 src/dperl/services/dperl_service_oracle.hrl

diff --git a/src/dperl/services/dperl_service_oracle.erl b/src/dperl/services/dperl_service_oracle.erl
deleted file mode 100644
index b694309b..00000000
--- a/src/dperl/services/dperl_service_oracle.erl
+++ /dev/null
@@ -1,703 +0,0 @@
--module(dperl_service_oracle).
-
--include("dperl_service_oracle.hrl").
-
--behavior(dperl_worker).
--behavior(cowboy_middleware).
--behavior(cowboy_loop).
-
-% dperl_worker exports
--export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
-         code_change/3, format_status/2, get_status/1, init_state/1]).
-
--record(state, {name, resource, baseUrl, active_link = 1, stmt_profile_del,
-                stmt_ts_get, stmt_ts_post, stmt_ts_put, stmt_ts_reset,
-                stmt_ts_revert, stmt_bar_get, stmt_bar_put, stmt_bar_post,
-                pool, c_whitelist = #{}, listeners = [], tenants = #{}, port,
-                close_statement = [], close_session = [], dynstate = #{}}).
-
-% cowboy rest exports
--export([init/2, info/3, execute/2]).
-
--define(API_VERSION, "1.0.0").
-
-init_state(_) -> #state{}.
-
-get_status(#state{dynstate = DynState}) -> DynState.
-
-init({#dperlService{name = SName, args = Args, resource = Resource,
-                   interface = Interface},
-      State}) ->
-    case init_resources(
-           Resource,
-           State#state{name = SName, resource = Resource,
-                       dynstate = #{start => imem_meta:time(), req => 0,
-                                    error => #{}}}) of
-        {ok, State1} ->
-            Interface1 = maps:merge(Interface, Args),
-            case init_interface(Interface1, State1) of
-                {ok, State2} ->
-                    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
-                    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
-                    dperl_dal:update_service_dyn(
-                      State2#state.name, State2#state.dynstate,
-                      ?SERVICE_ACTIVE_THRESHOLD(SName), ?SERVICE_OVERLOAD_THRESHOLD(SName)),
-                    {ok, State2};
-                Error ->
-                    erlocipool:del(State1#state.pool),
-                    {stop, Error}
-            end;
-        Error -> {stop, Error}
-    end;
-init({Args, _}) ->
-    ?SError("bad start parameters ~p", [Args]),
-    {stop, badarg}.
-
-handle_call(Request, _From, State) ->
-    ?SWarn("Unsupported handle_call ~p", [Request]),
-    {reply, ok, State}.
-
-% common
-handle_cast(#{operation := {profile, delete}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                        <<"requestor">> := Requestor}},
-            #state{stmt_profile_del = ProfileDelStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
-    Resp = db_call({stmt_profile_del, ProfileDelStmt},
-                    [Tenant, Msisdn, Requestor, Comment]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-%% topstopper
-handle_cast(#{operation := {topstopper, get}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant}, State) ->
-    Resp = db_call({stmt_ts_get, State#state.stmt_ts_get}, [Tenant, Msisdn]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {topstopper, post}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                        <<"requestor">> := Requestor}},
-            #state{stmt_ts_post = TsPostStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
-    Resp = db_call({stmt_ts_post, TsPostStmt}, [Tenant, Msisdn, Requestor,
-                                                Comment]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {topstopper, put}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                        <<"requestor">> := Requestor,
-                        <<"type">> := Type,
-                        <<"limit">> := Limit}},
-            #state{stmt_ts_put = TsPutStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
-       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso 
-       (Limit >= -1 andalso Limit =< 100000) ->
-    Resp = db_call({stmt_ts_put, TsPutStmt},
-                   [Tenant, Msisdn, Type,
-                    dderloci_utils:oranumber_encode(
-                      list_to_binary(io_lib:format("~p", [Limit]))),
-                    Requestor, Comment]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {topstopper, reset}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                       <<"requestor">> := Requestor,
-                       <<"type">> := Type}},
-            #state{stmt_ts_reset = TsResetStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
-       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
-    Resp = db_call({stmt_ts_reset, TsResetStmt}, [Tenant, Msisdn, Type,
-                                                  Requestor, Comment]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {topstopper, revert}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                        <<"requestor">> := Requestor,
-                        <<"type">> := Type}},
-            #state{stmt_ts_revert = TsRevertStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
-       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
-    Resp = db_call({stmt_ts_revert, TsRevertStmt}, [Tenant, Msisdn, Type,
-                                                    Requestor, Comment]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-%% barring
-handle_cast(#{operation := {barring, get}, reply := RespPid, 
-              msisdn := Msisdn, tenant := Tenant}, State) ->
-    Resp = db_call({stmt_bar_get, State#state.stmt_bar_get}, [Tenant, Msisdn]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {barring, post}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"comment">> := Comment,
-                        <<"requestor">> := Requestor}},
-            #state{stmt_bar_post = BarPostStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
-    Resp = db_call({stmt_bar_post, BarPostStmt}, [Tenant, Msisdn, Comment, Requestor]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-handle_cast(#{operation := {barring, put}, reply := RespPid,
-              msisdn := Msisdn, tenant := Tenant,
-              data := #{<<"type">> := Type, <<"barring">> := Barring,
-                        <<"comment">> := Comment, <<"requestor">> := Requestor}},
-            #state{stmt_bar_put = BarPutStmt} = State)
-  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
-       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
-       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso
-       (Barring == 0 orelse Barring == 6 orelse Barring == 9) ->
-    Resp = db_call({stmt_bar_put, BarPutStmt}, [Tenant, Msisdn, Type, Barring, Comment, Requestor]),
-    RespPid ! {reply, Resp},
-    {noreply, State};
-%% 
-handle_cast(#{reply := RespPid}, State) ->
-    RespPid ! {reply, bad_req},
-    {noreply, State};
-handle_cast(Request, State) ->
-    ?SWarn("Unsupported handle_cast ~p", [Request]),
-    {noreply, State}.
-
--define(STMT_REBUILD(__SQL, __BINDS, __POOL, __STMT, __STATE),
-        (__STATE#state.__STMT):close(),
-        __STATE#state{__STMT = create_stmt(__POOL, __SQL, __BINDS)}).
-
-handle_info(update_dyn, #state{dynstate = Ds, name = SName} = State) ->
-    dperl_dal:update_service_dyn(
-      State#state.name, Ds, ?SERVICE_ACTIVE_THRESHOLD(SName),
-      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
-    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
-    {noreply, State};
-handle_info(reset_dyn, #state{name = SName} = State) ->
-    NewDynState = (State#state.dynstate)#{req => 0, error => #{}},
-    dperl_dal:update_service_dyn(
-      State#state.name, NewDynState, ?SERVICE_ACTIVE_THRESHOLD(SName),
-      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
-    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
-    {noreply, State#state{dynstate = NewDynState}};
-handle_info({error, StmtType, Code, Message},
-            #state{close_session = CloseSessionsErrors, listeners = Listeners,
-                   close_statement = CloseStatementErrors, port = Port,
-                   name = SName, pool = Pool} = State) ->
-    case lists:member(Code, CloseStatementErrors) of
-        true ->
-            ?SError("statement rebuild : ORA-~p ~s", [Code, Message]),
-            {noreply,
-             case StmtType of
-                 stmt_profile_del ->
-                     ?STMT_REBUILD(?PROFILE_DELETE_SQL,
-                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
-                                   Pool, stmt_profile_del, State);
-                 stmt_ts_get ->
-                     ?STMT_REBUILD(?TOPSTOPPER_GET_SQL,
-                                   ?TOPSTOPPER_BARRING_GET_BINDS,
-                                   Pool, stmt_ts_get, State);
-                 stmt_ts_post ->
-                     ?STMT_REBUILD(?TOPSTOPPER_POST_SQL,
-                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
-                                   Pool, stmt_ts_post, State);
-                 stmt_ts_put -> 
-                     ?STMT_REBUILD(?TOPSTOPPER_PUT_SQL,
-                                   ?TOPSTOPPER_PUT_BINDS,
-                                   Pool, stmt_ts_put, State);
-                 stmt_ts_reset -> 
-                     ?STMT_REBUILD(?TOPSTOPPER_RESET_SQL,
-                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
-                                   Pool, stmt_ts_reset, State);
-                 stmt_ts_revert -> 
-                     ?STMT_REBUILD(?TOPSTOPPER_REVERT_SQL,
-                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
-                                   Pool, stmt_ts_revert, State);
-                 stmt_bar_get ->
-                     ?STMT_REBUILD(?BARRING_GET_SQL,
-                                   ?TOPSTOPPER_BARRING_GET_BINDS,
-                                   Pool, stmt_bar_get, State);
-                 stmt_bar_post ->
-                     ?STMT_REBUILD(?BARRING_POST_SQL,
-                                   ?BARRING_POST_BINDS,
-                                   Pool, stmt_bar_post, State);
-                 stmt_bar_put ->
-                     ?STMT_REBUILD(?BARRING_PUT_SQL,
-                                   ?BARRING_PUT_BINDS,
-                                   Pool, stmt_bar_put, State)
-             end};
-        _ ->
-            case lists:member(Code, CloseSessionsErrors) of
-                true ->
-                    ?SError("pool restart ORA-~p ~s", [Code, Message]),
-                    lists:map(
-                      fun(Ip) ->
-                              case catch ranch:set_max_connections(
-                                     {Ip, Port}, 0) of
-                                  ok -> ok;
-                                  Error ->
-                                      ?SError("stop accept ~p on port ~p : ~p",
-                                              [Ip, Port, Error])
-                              end
-                      end, Listeners),
-                    erlocipool:del(Pool),
-                    case init_resources(State#state.resource, State) of
-                        {ok, State1} ->
-                            lists:map(
-                              fun(Ip) ->
-                                      case catch ranch:set_max_connections(
-                                             {Ip, Port}, ?SERVICE_MAXCONNS(SName)) of
-                                          ok -> ok;
-                                          Error ->
-                                              ?SError("start accept ~p on port ~p : ~p",
-                                                      [Ip, Port, Error])
-                                      end
-                              end, Listeners),
-                            {noreply, State1};
-                        Error -> {stop, {resource,  Error}, State}
-                    end;
-                _ ->
-                    ?SError("Unhandled ~p : ~s", [Code, Message]),
-                    {noreply, State}
-            end
-    end;
-handle_info(count_request, #state{dynstate = Ds} = State) ->
-    NewDs = Ds#{req => maps:get(req, Ds, 0) + 1},
-    {noreply, State#state{dynstate = NewDs}};
-handle_info({count_error, HttpRInt},
-            #state{dynstate = #{error := Error} = Ds} = State) ->
-    NewDs = Ds#{error => Error#{HttpRInt => maps:get(HttpRInt, Error, 0) + 1}},
-    {noreply, State#state{dynstate = NewDs}};
-handle_info(stop, State) ->
-    {stop, normal, State};
-handle_info(Request, State) ->
-    ?SWarn("Unsupported handle_info ~p", [Request]),
-    {noreply, State}.
-
-terminate(Reason, #state{listeners = Listeners, port = Port, pool = Pool}) ->
-    erlocipool:del(Pool),
-    stop_listeners(Reason, Listeners, Port),
-    ?SInfo("terminate ~p", [Reason]).
-
-code_change(OldVsn, State, Extra) ->
-    ?SInfo("code_change ~p: ~p", [OldVsn, Extra]),
-    {ok, State}.
-
-format_status(Opt, [PDict, State]) ->
-    ?SInfo("format_status ~p: ~p", [Opt, PDict]),
-    State.
-
-db_call({StmtType, Stmt}, Params) ->
-    self() ! count_request,
-    case Stmt:exec_stmt([list_to_tuple([?RESP_BUFFER|Params])]) of
-        {executed, _, [{_,<<"{\"errorCode\":",_:8,HttpR:3/binary,_/binary>>=Resp}]} ->
-            HttpRInt = binary_to_integer(HttpR),
-            if HttpRInt >= 400 andalso HttpRInt < 500 ->
-                   ?SInfo("~p: ~s", [HttpRInt, Resp]);
-               HttpRInt >= 500 ->
-                   ?SWarn("~p: ~s", [HttpRInt, Resp])
-            end,
-            self() ! {count_error, HttpRInt},
-            {HttpRInt, Resp};
-        {executed, _, [{_,Resp}]} -> {200, Resp};
-        {error, {Code, Message}} ->
-            self() ! {error, StmtType, Code, Message},
-            {500,
-              #{errorCode => 2500,
-                errorMessage => <<"Internal Server Error">>,
-                errorDetails => Message}};
-        {error, Reason} ->
-            ?SError("~p (~p) : ~p", [StmtType, Params, Reason]),
-            self() ! stop,
-            {500,
-              #{errorCode => 2500,
-                errorMessage => <<"Internal Server Error">>,
-                errorDetails => <<"See server error logs for details">>}}
-    end.
-
-init_interface(#{baseUrl := BaseUrl, commonWhitelist := CWhiteList,
-                 listenerAddresses := LAddresses, tenants := Tenants,
-                 port := Port, ssl := #{cert := Cert, key := Key}} = Intf,
-               #state{name = SName} = State) ->
-    MaxAcceptors = maps:get(max_acceptors, Intf, ?SERVICE_MAXACCEPTORS(SName)),
-    MaxConnections = maps:get(max_connections, Intf, ?SERVICE_MAXCONNS(SName)),
-    Opts = #{resource => self(), whitelist => maps:keys(CWhiteList),
-             tenants => Tenants, name => State#state.name},
-    FilteredListenerIps = local_ips(LAddresses),
-    Base =
-    case hd(BaseUrl) of
-        $/ -> BaseUrl;
-        _ -> "/" ++ BaseUrl
-    end,
-    try
-        lists:map(fun(Ip) ->
-            Dispatch =
-            cowboy_router:compile(
-                [{'_',
-                 [{Base++"/swagger/", ?MODULE, {swagger, Base, SName}},
-                  {Base++"/swagger/brand.json", cowboy_static, {priv_file, dperl, "brand.json"}},
-                  {Base++"/swagger/swisscom.png", cowboy_static, {priv_file, dperl, "swisscom.png"}},
-                  {Base++"/swagger/[...]", cowboy_static, {swagger_static, SName}},
-                  {Base++"/" ++ ?SERVICE_PROBE_URL(SName), ?MODULE, {'$probe', SName}},
-                  {Base, ?MODULE, {spec, SName}},
-                  {Base++"/:class/:msisdn", [{class, fun class_constraint/2}], ?MODULE, Opts},
-                  {Base++"/:msisdn", ?MODULE, Opts}
-                 ]}]
-            ),
-            TransOpts = [{ip, Ip}, {port, Port},
-                         {num_acceptors, MaxAcceptors},
-                         {max_connections, MaxConnections},
-                         {versions, ['tlsv1.2','tlsv1.1',tlsv1]}
-                         | imem_server:get_cert_key(Cert)
-                         ++ imem_server:get_cert_key(Key)],
-            ProtoOpts = #{env => #{dispatch => Dispatch},
-                          middlewares => [cowboy_router, ?MODULE, cowboy_handler],
-                          stream_handlers => [cowboy_compress_h, cowboy_stream_h]},
-            {ok, P} = cowboy:start_tls({Ip, Port}, TransOpts, ProtoOpts),
-            ?SInfo("[~p] Activated https://~s:~p~s",
-                    [P, inet:ntoa(Ip), Port, Base])
-        end, FilteredListenerIps),
-        {ok, State#state{listeners = FilteredListenerIps, port = Port}}
-    catch
-        error:{badmatch,{error,{already_started,_}}} = Error:Stacktrace ->
-            ?SError("error:~p~n~p", [Error, Stacktrace]),
-            stop_listeners(Error, FilteredListenerIps, Port),
-            init_interface(Intf, State);
-        Class:Error:Stacktrace ->
-            ?SError("~p:~p~n~p", [Class, Error, Stacktrace]),
-            {error, Error}
-    end.
-
-class_constraint(format_error, Value) -> io_lib:format("The class ~p is not an valid.", [Value]);
-class_constraint(_Type, <<"topstopper">>) -> {ok, topstopper};
-class_constraint(_Type, <<"barring">>) -> {ok, barring};
-class_constraint(_Type, _) -> {error, not_valid}.
-
-stop_listeners(Reason, Listerns, Port) ->
-    lists:map(
-      fun(Ip) ->
-              case catch cowboy:stop_listener({Ip, Port}) of
-                  ok -> ok;
-                  Error ->
-                      ?SError("[~p] stopping listener ~p on port ~p : ~p",
-                              [Reason, Ip, Port, Error])
-              end
-      end, Listerns).
-
-local_ips(ListenerAddresses) ->
-    IntfIps = dderl:local_ipv4s(),
-    maps:fold(
-        fun({_, _, _, _} = Ip, _, Acc) ->
-            case lists:member(Ip, IntfIps) of
-                true -> [Ip | Acc];
-                false -> Acc
-            end;
-           (_, _, Acc) -> Acc
-        end, [], ListenerAddresses
-    ).
-
-init_resources(#{credential := #{user := _User, password := _Password},
-                 links := Links} = _Resources,
-               #state{active_link = ActiveLink} = _State) ->
-    #{opt := _Opts, tns := _TNS} = lists:nth(ActiveLink, Links),
-    {error, unimplemented}.
-    %% TODO : reimplement without erlocipool
-    %Options = dperl_dal:oci_opts(?ERLOCIPOOL_LOG_CB, Opts),
-    %Pool = dperl_dal:get_pool_name(Resources, State#state.name),
-    %case proplists:get_value(sess_min, Options) of
-    %    0 -> {error, invalid_dbconn_pool_size};
-    %    _ ->
-    %        case erlocipool:new(Pool, TNS, User, Password, Options) of
-    %            {ok, _PoolPid} ->
-    %                try
-    %                    CloseStatementErrors = maps:get(close_statement,
-    %                                                    Resources, []),
-    %                    CloseSessionsErrors = maps:get(close_session,
-    %                                                   Resources, []),
-    %                    if is_list(CloseStatementErrors) andalso
-    %                       is_list(CloseSessionsErrors) ->
-    %                           {ok,
-    %                            State#state{
-    %                              stmt_profile_del
-    %                              = create_stmt(Pool, ?PROFILE_DELETE_SQL,
-    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
-    %                              stmt_ts_get
-    %                              = create_stmt(Pool, ?TOPSTOPPER_GET_SQL,
-    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
-    %                              stmt_ts_post
-    %                              = create_stmt(Pool, ?TOPSTOPPER_POST_SQL,
-    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
-    %                              stmt_ts_put
-    %                              = create_stmt(Pool, ?TOPSTOPPER_PUT_SQL,
-    %                                            ?TOPSTOPPER_PUT_BINDS),
-    %                              stmt_ts_reset
-    %                              = create_stmt(Pool, ?TOPSTOPPER_RESET_SQL,
-    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
-    %                              stmt_ts_revert
-    %                              = create_stmt(Pool, ?TOPSTOPPER_REVERT_SQL,
-    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
-    %                              stmt_bar_get
-    %                              = create_stmt(Pool, ?BARRING_GET_SQL,
-    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
-    %                              stmt_bar_post
-    %                              = create_stmt(Pool, ?BARRING_POST_SQL,
-    %                                            ?BARRING_POST_BINDS),
-    %                              stmt_bar_put
-    %                              = create_stmt(Pool, ?BARRING_PUT_SQL,
-    %                                            ?BARRING_PUT_BINDS),
-    %                              pool = Pool, close_statement = CloseStatementErrors,
-    %                              close_session = CloseSessionsErrors}};
-    %                       true ->
-    %                           {badarg, [close_statement, close_session]}
-    %                    end
-    %                catch
-    %                    Class:Error ->
-    %                        ?SError("create statements failed : ~p. Deleing pool.", [{Class, Error}]),
-    %                        erlocipool:del(Pool),
-    %                        {Class, Error}
-    %                end;
-    %            {error, {already_started,_} = Error} ->
-    %                ?SError("Pool ~p exists, restarting...", [Pool]),
-    %                erlocipool:del(Pool),
-    %                {error, Error};
-    %            {error, Error} ->
-    %                erlocipool:del(Pool),
-    %                init_resources(
-    %                  Resources,
-    %                  State#state{active_link =
-    %                              if length(Links) > ActiveLink ->
-    %                                     ?SWarn("Pool ~p start : ",
-    %                                            [Pool, Error]),
-    %                                     ActiveLink + 1;
-    %                                 true ->
-    %                                     ?SError("Pool ~p start : ",
-    %                                             [Pool, Error]),
-    %                                     1
-    %                              end})
-    %        end
-    %end.
-
--spec create_stmt(atom(), binary(), list()) -> tuple().
-create_stmt(_Pool, _Sql, _Binds) ->
-    {error, unimplemented}.
-    %% TODO
-    % ?OciStmt(Pool, Sql, Binds, Stmt),
-    % Stmt.
-
-%%
-%% Cowboy REST resource
-%%
-
--define(SERVER,     "dperl AAA").
--define(SPEC_FILE,  "aaa.json").
--include_lib("dderl/src/dderl_rest.hrl").
-
--define(E2400,
-        #{errorCode => 2400,
-          errorMessage => <<"Missing body">>,
-          errorDetails => <<"Missing request payload">>}).
--define(E1404,
-        #{errorCode => 1404,
-          errorMessage => <<"Not Found">>,
-          errorDetails => <<"Ressource not found, no AAA-Profile exists."
-                            " Consider creating a default profile with"
-                            " POST">>}).
--define(E1405,
-        #{errorCode => 1405,
-          errorMessage => <<"Method Not Allowed">>,
-          errorDetails => <<"HTTP method isn't allowed on this resource">>}).
-
--define(E1403,
-        #{errorCode => 1403,
-          errorMessage => <<"Forbidden">>,
-          errorDetails => <<"No access to the requested service">>}).
-
--define(JSON(__BODY), imem_json:encode(__BODY)).
-
-% applying Swagger whitelist through middleware
-execute(Req, Env) ->
-    case maps:get(handler_opts, Env, none) of
-        {swagger_static, SName} ->
-            apply_swagger_whitelist(
-                Req, SName, Env#{handler_opts => {priv_dir, dderl, "public/swagger"}});
-        {swagger, _, SName} -> apply_swagger_whitelist(Req, SName, Env);
-        {spec, SName} -> apply_swagger_whitelist(Req, SName, Env);
-        _ -> {ok, Req, Env}
-    end.
-
-apply_swagger_whitelist(Req, SName, Env) ->
-    {Ip, _Port} = cowboy_req:peer(Req),
-    case ?SWAGGER_WHITELIST(SName) of
-        #{Ip := _} -> {ok, Req, Env};
-        WL when map_size(WL) == 0 -> {ok, Req, Env};
-        _ ->
-            Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS,
-                                          ?JSON(?E1403), Req),
-            {stop, Req1}
-    end.
-
-init(Req, {'$probe', SName}) ->
-    {Code, Resp} = ?SERVICE_PROBE_RESP(SName),
-    Req1 = cowboy_req:reply(Code, ?REPLY_HEADERS, Resp, Req),
-    {ok, Req1, undefined};
-init(Req, {swagger, Base, _SName}) ->
-    Url = iolist_to_binary(cowboy_req:uri(Req)),
-    LastAt = byte_size(Url) - 1,
-    Req1 =
-    cowboy_req:reply(
-      302, #{<<"cache-control">> => <<"no-cache">>,
-             <<"pragma">> => <<"no-cache">>,
-             <<"location">> =>
-             list_to_binary(
-               [Url, case Url of
-                         <<_:LastAt/binary, "/">> -> "";
-                         _ -> "/"
-                     end,
-                "index.html?url="++ Base])},
-      <<"Redirecting...">>, Req),
-    {ok, Req1, #state{}};
-init(Req, {spec, _SName}) ->
-    Req1 =
-    case cowboy_req:method(Req) of
-        <<"GET">> ->
-            {ok, Content} = file:read_file(
-                              filename:join(dderl:priv_dir(dperl),
-                                            ?SPEC_FILE)),
-            cowboy_req:reply(200, ?REPLY_JSON_SPEC_HEADERS, Content, Req);
-        <<"OPTIONS">> ->
-            ACRHS = cowboy_req:header(<<"access-control-request-headers">>, Req),
-            cowboy_req:reply(200, 
-                             maps:merge(#{<<"allow">> => <<"GET,OPTIONS">>,
-                                          <<"access-control-allow-headers">> => ACRHS},
-                                        ?REPLY_OPT_HEADERS), <<>>, Req);
-        Method->
-            ?Error("~p not supported", [Method]),
-            cowboy_req:reply(405, ?REPLY_JSON_HEADERS, ?JSON(?E1405), Req)
-    end,
-    {ok, Req1, #state{}};
-init(Req0, #{whitelist := CWhiteList, tenants := Tenants,
-             name := ServiceName} = Opts)->
-    put(name, ServiceName),
-    Req = Req0#{req_time => os:timestamp()},
-    {Ip, _Port} = cowboy_req:peer(Req),
-    IpStr = inet:ntoa(Ip),
-    case cowboy_req:parse_header(<<"authorization">>, Req) of
-        {basic, Tenant, Password} ->
-            case Tenants of % user:password authorization check
-                #{Tenant := #{password := Password, permissions := Permissions,
-                              whitelist := TWhiteLists}} ->
-                    % whitelists check
-                    case {is_ip_allowed(Ip, maps:keys(TWhiteLists)),
-                          is_ip_allowed(Ip, CWhiteList)} of
-                        {false, false} ->
-                            ?SError("~s (~s) is not in tenants' whitelist",
-                                    [IpStr, Tenant]),
-                            unauthorized(Req);
-                        _ ->
-                            Class = cowboy_req:binding(class, Req, <<>>),
-                            Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
-                            Op = cowboy_req:method(Req),
-                            Operation = get_operation(Class, Op, Req),
-                            % operation permission check
-                            case Permissions of
-                                #{Operation := _} ->
-                                    push_request(Operation, Msisdn, Tenant, Req, Opts);
-                                _ ->
-                                    ?SError("~s (~s) operation ~p not authorized",
-                                            [IpStr, Tenant, Operation]),
-                                    unauthorized(Req)
-                            end
-                    end;
-                Tenants ->
-                    ?SError("~s (~s:~s) is not configured in tenants",
-                            [IpStr, Tenant, Password]),
-                    unauthorized(Req)
-            end;
-        Auth ->
-            ?SError("~s provided unsupported or bad authorization ~p", [IpStr, Auth]),
-            unauthorized(Req)
-    end.
-
--spec is_ip_allowed(tuple(), list()) -> true | false.
-is_ip_allowed(_Ip, []) -> true;
-is_ip_allowed(Ip, WhiteList) -> lists:member(Ip, WhiteList).
-
-unauthorized(Req) ->
-    Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS, ?JSON(?E1403), Req),
-    {ok, Req1, undefined}.
-
-get_operation(<<>>,       <<"DELETE">>,  _Req) -> {profile,   delete};
-get_operation(barring,    <<"GET">>,     _Req) -> {barring,      get};
-get_operation(barring,    <<"POST">>,    _Req) -> {barring,      post};
-get_operation(barring,    <<"PUT">>,     _Req) -> {barring,      put};
-get_operation(topstopper, <<"GET">>,     _Req) -> {topstopper,   get};
-get_operation(topstopper, <<"PATCH">>,    Req) ->
-    case cowboy_req:match_qs([{action, [], none}], Req) of
-        #{action := <<"reset">>} -> {topstopper, reset};
-        #{action := <<"revert">>} -> {topstopper, revert};
-        #{action := Other} -> {topstopper, Other}
-    end;
-get_operation(topstopper, <<"POST">>,    _Req) -> {topstopper,   post};
-get_operation(topstopper, <<"PUT">>,     _Req) -> {topstopper,   put};
-get_operation(Class,      Op,               _) -> {Class,        Op}.
-
-push_request({_, Op} = Operation, Msisdn, Tenant, Req0, #{resource := Service} = Opts) ->
-    CastReq = #{reply => self(), operation => Operation,
-                msisdn => Msisdn, tenant => Tenant},
-    Req = Req0#{db_call => os:timestamp()},
-    case cowboy_req:has_body(Req) of
-        false when Op == put; Op == post; Op == patch; Op == delete ->
-            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
-            {ok, Req1, undefined};
-        false when Op == get ->
-            ok = gen_server:cast(Service, CastReq),
-            {cowboy_loop, Req, Opts, hibernate};
-        true ->
-            {ok, Body, Req1} = cowboy_req:read_body(Req),
-            case catch imem_json:decode(Body, [return_maps]) of
-                {'EXIT', Error} ->
-                    ?SError("~p malformed with ~s : ~p", [Operation, Body, Error]),
-                    Req2 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req1),
-                    {ok, Req2, undefined};
-                BodyMap ->
-                    ok = gen_server:cast(Service, CastReq#{data => BodyMap}),
-                    {cowboy_loop, Req1, Opts, hibernate}
-            end;
-        HasBody ->
-            ?SError("~p with body ~p is not supported", [Operation, HasBody]),
-            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
-            {ok, Req1, undefined}
-    end.
-
-info({reply, bad_req}, Req, State) -> info({reply, {400, <<>>}}, Req, State);
-info({reply, not_found}, Req, State) ->
-    info({reply, {404, ?JSON(?E1404)}}, Req, State);
-info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_map(Body) ->
-    info({reply, {Code, imem_json:encode(Body)}}, Req, State);
-info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_binary(Body) ->
-    Req1 = cowboy_req:reply(Code, ?REPLY_JSON_HEADERS, Body, Req),
-    ReqTime = maps:get(req_time, Req1),
-    DbCall = maps:get(db_call, Req1),
-    Now = os:timestamp(),
-    Total = timer:now_diff(Now, ReqTime),
-    if Total > 0 ->
-           Op = cowboy_req:method(Req),
-           Class = cowboy_req:binding(class, Req, <<>>),
-           Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
-           {Ip, Port} = cowboy_req:peer(Req),
-           IpStr = inet:ntoa(Ip),
-           if is_tuple(DbCall) ->
-                  ?SDebug("~s:~p ~s ~p ~s : TotalTime (micros) ~p = ~p (ReqTime) + ~p (DBTime)",
-                          [IpStr, Port, Op, Class, Msisdn, Total,
-                           timer:now_diff(DbCall, ReqTime),
-                           timer:now_diff(Now, DbCall)]);
-              true ->
-                  ?SDebug("~s:~p ~s ~p ~s : TotalTime ~p micros",
-                          [IpStr, Port, Op, Class, Msisdn, Total])
-           end;
-       true -> ok
-    end,
-    {stop, Req1, State}.
diff --git a/src/dperl/services/dperl_service_oracle.hrl b/src/dperl/services/dperl_service_oracle.hrl
deleted file mode 100644
index e31ffa6d..00000000
--- a/src/dperl/services/dperl_service_oracle.hrl
+++ /dev/null
@@ -1,215 +0,0 @@
--ifndef(_dperl_ora_).
--define(_dperl_ora_, true).
-
--include_lib("dperl/dperl.hrl").
-
--define(MAX_COMMENT_LENGTH, 200).
--define(MAX_REQUESTOR_LENGTH, 20).
-
--define(RESP_BUFFER, list_to_binary(lists:duplicate(1024, 0))).
-
--define(SERVICE_MAXACCEPTORS(__SERVICE_NAME),
-          ?GET_CONFIG(maxNumberOfAcceptors, [__SERVICE_NAME], 100,
-                      "Maximum number of TCP acceptors")
-       ).
-
--define(SERVICE_MAXCONNS(__SERVICE_NAME), 
-          ?GET_CONFIG(maxNumberOfSockets, [__SERVICE_NAME], 5000, 
-                      "Maximum number of simulteneous connections")
-       ).
-  
--define(SERVICE_PROBE_URL(__SERVICE_NAME),
-          ?GET_CONFIG(probeUrl, [__SERVICE_NAME], "/probe.html",
-                      "Defines the url of the probe for the load balancer")
-       ).
-
--define(SERVICE_PROBE_RESP(__SERVICE_NAME),
-          ?GET_CONFIG(probeResp, [__SERVICE_NAME],
-                      {200,
-                       <<"<html>"
-                         "<body>Service is alive</body>"
-                         "</html>">>},
-                      "Response given to the load balancer when the probeUrl"
-                      " is requested")
-       ).
-
--define(SERVICE_UPDATE_PERIOD(__SERVICE_NAME),
-          ?GET_CONFIG(serviceDynUpdatePeriod, [__SERVICE_NAME], 2000,
-                      "Delay in millisecond between a service updates its DYN"
-                      " info")
-       ).
-
--define(SERVICE_STATUS_RESET_PERIOD(__SERVICE_NAME),
-          ?GET_CONFIG(serviceDynResetPeriod, [__SERVICE_NAME], 3600 * 1000,
-                      "Delay in millisecond between a service resets its DYN"
-                      " info")
-       ).
-
--define(SERVICE_ACTIVE_THRESHOLD(__SERVICE_NAME),
-          ?GET_CONFIG(serviceStatusActiveThreshold, [__SERVICE_NAME], 1,
-                      "Request count threshhold beyond which service is marked"
-                      " as active in DYN")
-       ).
-
--define(SERVICE_OVERLOAD_THRESHOLD(__SERVICE_NAME),
-          ?GET_CONFIG(serviceStatusOverloadThreshold, [__SERVICE_NAME], 100,
-                      "Request count threshhold beyond which service is marked"
-                      " as overloaded in DYN")
-       ).
-
--define(SWAGGER_WHITELIST(__SERVICE_NAME),
-          ?GET_CONFIG(swaggerWhitelist, [__SERVICE_NAME], #{},
-                      "Whitelist for SwaggerClient Access")).
-
-%% sqls
-
-%% common sqls and binds
--define(PROFILE_DELETE_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_profile_msisdn_delete(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
-%% topstopper sqls and binds
--define(TOPSTOPPER_GET_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_get(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN);
-END;
-">>).
-
--define(TOPSTOPPER_POST_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_post(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
--define(PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'}]).
-
--define(TOPSTOPPER_PUT_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_put(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    BarringType=>:SQLT_CHR_BARRINGTYPE,
-    TopStopLimit=>:SQLT_VNU_TOPSTOPLIMIT,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
--define(TOPSTOPPER_PUT_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>,   out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,          in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,       in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_BARRINGTYPE">>,  in,     'SQLT_CHR'},
-         {<<":SQLT_VNU_TOPSTOPLIMIT">>, in,     'SQLT_VNU'},
-         {<<":SQLT_CHR_REQUESTOR">>,    in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REMARK">>,       in,     'SQLT_CHR'}]).
-
--define(TOPSTOPPER_RESET_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_reset(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    BarringType=>:SQLT_CHR_BARRINGTYPE,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
-
--define(TOPSTOPPER_REVERT_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_revert(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    BarringType=>:SQLT_CHR_BARRINGTYPE,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
--define(TOPSTOPPER_RESET_REVERT_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'}]).
-
-%% barring sqls and binds
--define(BARRING_GET_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_get(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN
-  );
-END;
-">>).
-
--define(TOPSTOPPER_BARRING_GET_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'}]).
-
--define(BARRING_POST_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_post(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
--define(BARRING_POST_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'}]).
-
--define(BARRING_PUT_SQL, <<"
-BEGIN
-  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_put(
-    ProvisioningTenant=>:SQLT_CHR_APP,
-    Msisdn=>:SQLT_CHR_MSISDN,
-    BarringType=>:SQLT_CHR_BARRINGTYPE,
-    Requestor=>:SQLT_CHR_REQUESTOR,
-    BarringLevel=>:SQLT_INT_LEVEL,
-    Remark=>:SQLT_CHR_REMARK
-  );
-END;
-">>).
-
--define(BARRING_PUT_BINDS,
-        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
-         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
-         {<<":SQLT_INT_LEVEL">>,       in,     'SQLT_INT'},
-         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'},
-         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'}]).
-
--endif. %_dperl_ora_

From 8af0facb7b5c2fdad17976caa37a3acda45c067a Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 28 Apr 2020 16:27:22 +0200
Subject: [PATCH 09/72] changed cifs to local

---
 src/dperl/jobs/dperl_file_copy.erl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/dperl/jobs/dperl_file_copy.erl b/src/dperl/jobs/dperl_file_copy.erl
index 7f1dd027..c05aa0a8 100644
--- a/src/dperl/jobs/dperl_file_copy.erl
+++ b/src/dperl/jobs/dperl_file_copy.erl
@@ -383,7 +383,6 @@ parse_args(#{default := _} = Args) ->
             Error
     end.
 
-process_default(#{proto := cifs, root := _} = Default) -> {ok, Default};
 process_default(#{proto := sftp, host := _, user := _, password := _,
                   root := _} = Default) ->
     {ok, Default#{opts => maps:get(opts, Default, []),
@@ -392,6 +391,7 @@ process_default(#{proto := sftp, host := _, user := _, key := _,
                   root := _} = Default) ->
     {ok, Default#{port => maps:get(port, Default, ?SSH_DEFAULT_PORT),
                   opts => maps:get(opts, Default, [])}};
+process_default(#{proto := local, root := _} = Default) -> {ok, Default};
 process_default(Default) ->
     ?JError("Invalid Default : ~p", [Default]),
     {error, badarg}.
@@ -724,14 +724,14 @@ all_test_() ->
 
 parse_args_invalid_dst_test() ->
     put(name, <<"test">>),
-    ?assertEqual({error, badarg}, parse_args(#{status_dir => s, status_path => s, status_extra => e}, #{default => #{proto => cifs, root => r, mask => ""}}, #{default => #{}}, s)).
+    ?assertEqual({error, badarg}, parse_args(#{status_dir => s, status_path => s, status_extra => e}, #{default => #{proto => local, root => r, mask => ""}}, #{default => #{}}, s)).
 
 init_error_test() ->
     put(name, <<"test">>),
     ?assertEqual({stop, badarg},
                  init({#dperlJob{name = <<"test">>, args = #{status_dir => "test", status_path => "config", status_extra => "e"},
-                                dstArgs = #{default => #{proto => cifs, root => r, mask => ""}},
-                                srcArgs = #{default => #{proto => cifs, root => r, mask => ""}}}, #state{}})).
+                                dstArgs = #{default => #{proto => local, root => r, mask => ""}},
+                                srcArgs = #{default => #{proto => local, root => r, mask => ""}}}, #state{}})).
 
 dstFileName_test_() ->
     {inparallel, [

From d81004cd5ad6d3f80910e63047762ef1ecb75336 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 28 Apr 2020 18:44:55 +0200
Subject: [PATCH 10/72] added file copy ct test

---
 rebar.config                   |   4 +
 test/dperl_file_copy_SUITE.erl | 180 +++++++++++++++++++++++++++++++++
 2 files changed, 184 insertions(+)
 create mode 100644 test/dperl_file_copy_SUITE.erl

diff --git a/rebar.config b/rebar.config
index db60ffa7..db2836d7 100644
--- a/rebar.config
+++ b/rebar.config
@@ -110,5 +110,9 @@
         {pre_hooks, [{release, "escript inject_git_rev.escript prod"}]},
         {post_hooks, [{release, "bash ./post_release.sh"}]},
         {relx, [{dev_mode, false}, {include_src, false}]}
+    ]},
+	{test, [
+        {deps, [meck]},
+        {dist_node, [{setcookie, 'testcookie'}, {sname, 'testnode'}]}
     ]}
 ]}.
diff --git a/test/dperl_file_copy_SUITE.erl b/test/dperl_file_copy_SUITE.erl
new file mode 100644
index 00000000..994ebe02
--- /dev/null
+++ b/test/dperl_file_copy_SUITE.erl
@@ -0,0 +1,180 @@
+-module(dperl_file_copy_SUITE).
+
+-include_lib("../src/dperl/dperl.hrl").
+
+-include_lib("common_test/include/ct.hrl").
+
+-export([all/0, init_per_suite/1, end_per_suite/1]).
+
+-export([test/1]).
+
+all() ->
+    ct:pal(info, ?MAX_IMPORTANCE, ?MODULE_STRING ++ ":all/0 - Start ===>~n", []),
+    [test].
+
+init_per_suite(Config) ->
+    file:make_dir("Data"),
+    file:make_dir("Data/test1"),
+    file:make_dir("Data/test2"),
+    file:make_dir("Data/test3"),
+    file:make_dir("Data/test1/backup"),
+    file:make_dir("Data/test2/backup"),
+    file:make_dir("Data/test3/backup"),
+    file:make_dir("Data/SMSC_CUC"),
+    file:make_dir("Data/SMSC_CUC/smch40"),
+    file:make_dir("Data/SMSC_CUC/smch40/tmp"),
+    file:make_dir("Data/SMSC_CUC/smch40/test1"),
+    file:make_dir("Data/SMSC_CUC/smch40/test2"),
+    file:make_dir("Data/SMSC_CUC/smch40/test3"),
+    file:make_dir("Programs"),
+    file:make_dir("Programs/SFHSmscCUC"),
+    ct:pal(info, ?MAX_IMPORTANCE, ?MODULE_STRING ++ "Starting ensure dperl ===>~n", []),
+    application:load(dderl),
+    application:set_env(dderl, port, 8552),
+    application:ensure_all_started(dderl),
+    Config.
+
+end_per_suite(_Config) ->
+    application:stop(dperl).
+
+test(_Config) ->
+    {ok, Cwd} = file:get_cwd(),
+    Path = "Data/SMSC_CUC/smch40",
+    Data = "Data",
+    Job = #dperlJob{name = <<"SFHSmscCUC1">>,module = dperl_file_copy,
+                   args = #{cleanup => false,refresh => false,sync => true, debug => true,
+                            status_dir => "SFHSmscCUC", status_extra => "WORKING\n600\n900",
+                            status_path => filename:join(Cwd, "Programs")},
+                   srcArgs = #{default => #{root => filename:join(Cwd, "Data"),
+                                            proto => local, mask =>
+                                    "CUCA_vimszmos-smin?1_1_########_??????????????.CSV"}},
+                   dstArgs = #{default => #{proto => local, tmp_dir => "tmp",
+                                            root => filename:join(Cwd, Path)}},
+                   enabled = true,running = true,plan = at_most_once,
+                   nodes = [], opts = []},
+    ct:pal(info, ?MAX_IMPORTANCE, ?MODULE_STRING ++ "About to Start SFH SMSCUC job :)~n", []),
+    dperl_dal:write(dperlJob, Job),
+    ct:pal(info, ?MAX_IMPORTANCE, ?MODULE_STRING ++ "Starting SFH SMSCUC job :)~n", []),
+    ct:sleep({seconds, 3}),
+    File1 = "CUCA_vimszmos-smin41_1_00000868_20181102205842.CSV",
+    Header = <<"SubmitTime\tSubmitMicros\tSubmitGti\tSubmitApp\tOrigAddress\tOrigAddressTon\tOrigAddressNpi\tOrigCharset\t"
+               "OrigGti\tOrigSca\tOrigImsi\tOrigEsmeId\tOrigIp\tOrigBillingId\tRecipAddress\tRecipAddressTon\t"
+               "RecipAddressNpi\tRecipImsi\tDeliverTime\tDeliverMicros\tDeliverAttempt\tDeliverAddress\tDeliverAddressTon\t"
+               "DeliverAddressNpi\tDeliverGti\tDeliverImsi\tDeliverEsmeId\tDeliverIp\tMsgReference\tMsgPid\tMsgReqType\t"
+               "MsgScheduleTime\tMsgExpiryTime\tMsgStatus\tSegId\tSegCount\tSegLength\tErrorType\tErrorCode\tDiaResult\t"
+               "OrigDcs\tOrigMessageId\tOrigImei\tDeliverImei\tOrigPaniHeader\tDeliverPaniHeader\tDeliverMapGti\r\n">>,
+    Bin = <<"20181102205442+0100\t542176\t\t\tSwisscom\t5\t0\t0\t\t\t\t36530\t10.196.28.45/51096\t\t41794937801\t1\t1\t\t"
+               "20181102205442+0100\t0\t1\t41794937801\t1\t1\t\t\t\t\t1541188482542176498fe861O\t0\t4356\t\t20181102215440\t"
+               "9\t1\t1\t8\t2\t19733248\tNA\t4\t626090BD\t\t\t\t\t\r\n">>,
+    file:write_file(filename:join(Data, File1), [Header, Bin]),
+    ct:sleep({seconds, 5}),
+    meck:new(imem_file, [passthrough]),
+    meck:expect(imem_file, list_dir, 3, {error, enoent}),
+    File2 = "CUCA_vimszmos-smin41_1_00000869_20181102205852.CSV",
+    file:write_file(filename:join(Data, File2), [Header, [Bin || _ <- lists:seq(1, 2530)]]),
+    ct:sleep({seconds, 5}),
+    meck:delete(imem_file, list_dir, 3, false),
+    meck:expect(imem_file, open,
+                fun(#{path := Root}, File, Modes, _) ->
+                    case re:run(File, "tmp") of
+                        nomatch -> {error, enoent};
+                        _ -> file:open(filename:join(Root, File), lists:usort([binary | Modes]))
+                    end
+                end),
+    ct:sleep({seconds, 6}),
+    meck:delete(imem_file, open, 4, false),
+    ct:sleep({seconds, 1}),
+    ok = file:write_file("Programs/SFHSmscCUC/SFHSmscCUC1.hst", string:join([File1 || _ <- lists:seq(1, 100)], "\n")),
+    meck:expect(imem_file, delete, 3, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    ok = file:delete("Programs/SFHSmscCUC/SFHSmscCUC1.hst"),
+    meck:expect(imem_file, rename, 4, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, write, 4, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, write, 4, {error, closed}),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, pread, 5, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, pread, 5, {error, closed}),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, open, 4, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    meck:unload(imem_file),
+    ct:sleep({seconds, 9}),
+    dperl_dal:disable(Job),
+    {ok, Files} = file:list_dir(Path),
+    true = lists:member(File1, Files),
+    true = lists:member(File2, Files),
+    {ok, StatusFiles} = file:list_dir("Programs/SFHSmscCUC"),
+    true = lists:member("ServiceActivityLog.sal", StatusFiles),
+    true = lists:member("SFHSmscCUC1.hst", StatusFiles),
+    meck:new(imem_compiler, [passthrough]),
+    meck:expect(imem_compiler, compile, fun(_) -> error(badfun) end),
+    dperl_dal:write(dperlJob, Job),
+    ct:sleep({seconds, 4}),
+    meck:unload(imem_compiler),
+    Job2 = Job#dperlJob{name = <<"SFHSmscCUC2">>,
+                       srcArgs = #{default => #{root => filename:join(Cwd, "Data"), proto => local,
+                                                mask => "CUCA_vimszmos-smin?1_1_########_??????????????.CSV"},
+                                   test1 => #{path => "test1", backup => "test1/backup"},
+                                   <<"test2">> => #{path => "test2", backup => "test2/backup"},
+                                   "test3" => #{path => "test3", backup => "test3/backup"}},
+                       dstArgs = #{default => #{proto => local, mask => [], root => filename:join(Cwd, Path)},
+                                   test1 => #{path => "test1"},
+                                   <<"test2">> => #{path => "test2"},
+                                   "test3" => #{path => "test3"}}},
+    dperl_dal:write(dperlJob, Job2),
+    ct:sleep({seconds, 3}),
+    file:write_file(filename:join([Data, "test1", File1]), []),
+    file:write_file(filename:join([Data, "test2", File1]), []),
+    file:write_file(filename:join([Data, "test1", File2]), [Header, Bin]),
+    file:write_file(filename:join([Data, "test2", File2]), [Header, Bin]),
+    ct:sleep({seconds, 4}),
+    meck:new(imem_file, [passthrough]),
+    meck:expect(imem_file, rename,
+        fun(_Ctx, Src, Dst, _) ->
+            case re:run(Dst, "backup") of
+                nomatch -> file:rename(Src, Dst);
+                _ -> {error, enoent}
+            end
+        end),
+    file:write_file(filename:join([Data, "test3", File1]), [Header, Bin]),
+    ct:sleep({seconds, 4}),
+    meck:expect(imem_file, write, 4, {error, closed}),
+    file:write_file(filename:join([Data, "test3", File2]), [Header, Bin]),
+    ct:sleep({seconds, 8}),
+    meck:expect(imem_file, open, 4, {error, closed}),
+    ct:sleep({seconds, 8}),
+    meck:delete(imem_file, open, 4, false),
+    meck:delete(imem_file, write, 4, false),
+    meck:expect(imem_file, rename, 4, {error, enoent}),
+    ct:sleep({seconds, 8}),
+    meck:unload(imem_file),
+    ct:sleep({seconds, 8}),
+    dperl_dal:disable(Job2),
+    dperl_dal:write(dperlJob, Job2),
+    ct:sleep({seconds, 2}),
+    Pid = global:whereis_name("SFHSmscCUC"),
+    exit(Pid, kill),
+    meck:new(inet, [unstick, passthrough]),
+    meck:expect(inet, gethostname, 0, {error, test}),
+    ct:sleep({seconds, 5}),
+    meck:unload(inet),
+    dperl_dal:disable(Job2),
+    {ok, Files1} = file:list_dir(filename:join(Path, "test1")),
+    true = lists:member(File1, Files1),
+    true = lists:member(File2, Files1),
+    {ok, Files2} = file:list_dir(filename:join(Path, "test2")),
+    true = lists:member(File1, Files2),
+    true = lists:member(File2, Files2),
+    {ok, BFiles1} = file:list_dir(filename:join([Data, "test1", "backup"])),
+    true = lists:member(File1, BFiles1),
+    true = lists:member(File2, BFiles1),
+    {ok, BFiles2} = file:list_dir(filename:join([Data, "test2", "backup"])),
+    true = lists:member(File1, BFiles2),
+    true = lists:member(File2, BFiles2),
+    {ok, StatusFiles2} = file:list_dir("Programs/SFHSmscCUC"),
+    true = lists:member("SFHSmscCUC2(test1).hst", StatusFiles2),
+    true = lists:member("SFHSmscCUC2(test2).hst", StatusFiles2),
+    ct:pal(info, ?MAX_IMPORTANCE, ?MODULE_STRING ++ "Disabled SFH SMSCUC job :)~n", []).

From 3b3a7de72ba55ac9ca2de5a908bd6a751ca5e50c Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 29 Apr 2020 10:15:46 +0200
Subject: [PATCH 11/72] Review changes

---
 rebar.config           |   4 +-
 src/ouraring_crawl.erl | 104 -----------------------------------------
 test.escript           |  28 -----------
 3 files changed, 2 insertions(+), 134 deletions(-)
 delete mode 100644 src/ouraring_crawl.erl
 delete mode 100644 test.escript

diff --git a/rebar.config b/rebar.config
index db2836d7..185a03f2 100644
--- a/rebar.config
+++ b/rebar.config
@@ -112,7 +112,7 @@
         {relx, [{dev_mode, false}, {include_src, false}]}
     ]},
 	{test, [
-        {deps, [meck]},
-        {dist_node, [{setcookie, 'testcookie'}, {sname, 'testnode'}]}
+        {deps, [meck]}
+%        {dist_node, [{setcookie, 'testcookie'}, {sname, 'testnode'}]}
     ]}
 ]}.
diff --git a/src/ouraring_crawl.erl b/src/ouraring_crawl.erl
deleted file mode 100644
index 8f237caa..00000000
--- a/src/ouraring_crawl.erl
+++ /dev/null
@@ -1,104 +0,0 @@
--module(ouraring_crawl).
-
--export([run/0, run/1]).
-
--define(OAUTH2_URL_PREFIX, "https://cloud.ouraring.com").
--define(API_URL_PREFIX, "https://api.ouraring.com").
-run() ->
-  {ok, _} = application:ensure_all_started(inets),
-  {ok, _} = application:ensure_all_started(ssl),
-  run(#{
-    client_id => "REMERNOADFFDIN3O",
-    client_secret => "HYJEW2WTIVIEXQNOTPDN7Y346GYSLNL3",
-    cb_uri => "https://127.0.0.1:8443/callback",
-    user_email => "max.ochsenbein@k2informatics.ch",
-    user_password => "cFMMax--XG$k2sa",
-    state => "any+value+as+state"
-  }).
-
-run(#{
-  client_id := ClientId,
-  client_secret := ClientSecret,
-  cb_uri := CallbackUri,
-  user_email := Email,
-  user_password := Password,
-  state := State
-}) ->  
-  inets:stop(httpc, ?MODULE),
-  {ok, _} = inets:start(httpc, [{profile, ?MODULE}]),
-  ok = httpc:set_options([{cookies, enabled}], ?MODULE),
-  Url = ?OAUTH2_URL_PREFIX ++ "/oauth/authorize"
-    ++ "?response_type=code"
-    ++ "&client_id=" ++ ClientId
-    ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-    ++ "&scope=email+personal+daily"
-    ++ "&state=" ++ State,
-  %io:format(">>>>>>>>>> authorize: ~s~n", [Url]),
-  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
-  RedirectUri = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302),
-  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri]),
-  {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
-  SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
-  {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
-  {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
-    post, {
-      RedirectUri, [], "application/x-www-form-urlencoded",
-      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-      ++ "&email=" ++ edoc_lib:escape_uri(Email)
-      ++ "&password=" ++ edoc_lib:escape_uri(Password)
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  RedirectUri_1 = ?OAUTH2_URL_PREFIX ++ proplists:get_value("location", RespHeader302_1),
-  % io:format(">>>>>>>>>> 302 Redirect: ~s~n", [RedirectUri_1]),
-  {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
-  {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
-    post, {
-      RedirectUri_1, [], "application/x-www-form-urlencoded",
-      "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-      ++ "&scope_email=on"
-      ++ "&scope_personal=on"
-      ++ "&scope_daily=on"
-      ++ "&allow=Accept"
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
-  % io:format(">>>>>>>>>> 302 RedirectUri: ~s~n", [RedirectUri_2]),
-  #{query := QueryString} = uri_string:parse(RedirectUri_2),
-  #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
-  % io:format(">>>>>>>>>> Code: ~p~n", [Code]),
-  {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
-    post, {
-      ?OAUTH2_URL_PREFIX ++ "/oauth/token", [], "application/x-www-form-urlencoded",
-      "grant_type=authorization_code"
-      ++ "&code=" ++ Code
-      ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-      ++ "&client_id=" ++ ClientId
-      ++ "&client_secret=" ++ ClientSecret
-    }, [{autoredirect, false}], [], ?MODULE
-  ),
-  #{<<"access_token">> := AccessToken} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
-  io:format("Auth ~p~n", [Auth]),
-  io:format("-----~nUserInfo :~n~p~n-----~n", [userinfo(AccessToken)]),
-  io:format("-----~nSleep :~n~p~n-----~n", [sleep(AccessToken)]),
-  io:format("-----~nActivity :~n~p~n-- Activity --~n", [activity(AccessToken)]).
-
-userinfo(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, UserInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/userinfo", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(UserInfoJson), [return_maps]).
-
-sleep(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, SleepInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/sleep", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(SleepInfoJson), [return_maps]).
-
-activity(AccessToken) ->
-  {ok,{{"HTTP/1.1",200,"OK"}, _, ActivityInfoJson}} = httpc:request(
-    get, {?API_URL_PREFIX ++ "/v1/activity", [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}]},
-    [{autoredirect, false}], [], ?MODULE
-  ),
-  jsx:decode(list_to_binary(ActivityInfoJson), [return_maps]).
diff --git a/test.escript b/test.escript
deleted file mode 100644
index 79f8e9ec..00000000
--- a/test.escript
+++ /dev/null
@@ -1,28 +0,0 @@
-ng -*-
-%%! -smp enable -pa _build/default/lib/oranif/ebin/
-
--define(TNS, <<
-        "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS="
-        "(PROTOCOL=TCP)(HOST=192.1681.160)(PORT=1521)))"
-        "(CONNECT_DATA=(SERVER=dedicated)(SERVICE_NAME=orclpdb1)))"
-    >>).
--define(USER, <<"scott">>).
--define(PSWD, <<"regit">>).
-
--define(TEST_SQL, <<"select 1 from dual">>).
-    
-
-main(_) ->
-    ok = dpi:load_unsafe(),
-    Ctx = dpi:context_create(3, 0),
-    Conn = dpi:conn_create(Ctx, ?USER, ?PSWD, ?TNS, #{}, #{}),
-    Stmt = dpi:conn_prepareStmt(Conn, false, ?TEST_SQL, <<>>),
-    1 = dpi:stmt_execute(Stmt, []),
-    #{found := true} = dpi:stmt_fetch(Stmt),
-    #{data := Result} =
-        dpi:stmt_getQueryValue(Stmt, 1),
-    1.0 = dpi:data_get(Result),
-    io:format("done ~n", []),
-    halt(1).
-
-

From c690b25e5b88f54e36f4f168d52945841130f559 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 29 Apr 2020 10:24:06 +0200
Subject: [PATCH 12/72] updated meck to 0.8.13 version

---
 rebar.config | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/rebar.config b/rebar.config
index 185a03f2..6e0e841e 100644
--- a/rebar.config
+++ b/rebar.config
@@ -111,8 +111,5 @@
         {post_hooks, [{release, "bash ./post_release.sh"}]},
         {relx, [{dev_mode, false}, {include_src, false}]}
     ]},
-	{test, [
-        {deps, [meck]}
-%        {dist_node, [{setcookie, 'testcookie'}, {sname, 'testnode'}]}
-    ]}
+	{test, [{deps, [{meck, "0.8.13"}]}]}
 ]}.

From c7233700708f3ee65e54ff238394ca228b94a9a8 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 29 Apr 2020 13:37:46 +0200
Subject: [PATCH 13/72] fetching only latest sync day data

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 40 +++++++++++++++++++------
 1 file changed, 31 insertions(+), 9 deletions(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 3c192924..8a7ad96c 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -204,32 +204,49 @@ fetch_metrics([Type | Types], State) ->
             case fetch_metric(Type, Day, State) of
                 {error, Error} ->
                     {error, Error};
-                State1 ->
+                none ->
+                    fetch_metrics(Types, State);
+                {ok, MDay, Metric} ->
+                    State1 = set_metric_day(Type, MDay, State#state{infos = [Metric | State#state.infos]}),
                     fetch_metrics(Types, State1)
             end
     end.
 
 fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
     ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
-    Url = ApiUrl ++ "/v1/" ++ Type ++ day_query(Day),
-    TypeBin = list_to_binary(Type),
-    case exec_req(Url, AccessToken) of
-        #{TypeBin := []} ->
-            NextDay = next_day(Day),
+    NextDay = next_day(Day),
+    case fetch_metric(Type, day_query(Day), ApiUrl, AccessToken) of
+        none ->
             case NextDay =< edate:yesterday() of
                 true ->
                     fetch_metric(Type, NextDay, State);
                 false ->
                     State
             end;
-        Metric when is_map(Metric) ->
-            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
-            set_metric_day(Type, Day, State#state{infos = [Info | State#state.infos]});
+        {ok, Metric} ->
+            case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
+                {ok, _} ->
+                    {ok, Day, {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}}};
+                Other ->
+                    Other
+            end;
         {error, Error} ->
             ?JError("Error fetching ~s for ~p : ~p", [Type, Day, Error]),
             {error, Error}
     end.
 
+fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
+    Url = ApiUrl ++ "/v1/" ++ Type ++ DayQuery,
+    TypeBin = list_to_binary(Type),
+    case exec_req(Url, AccessToken) of
+        #{TypeBin := []} ->
+            none;
+        Metric when is_map(Metric) ->
+            {ok, Metric};
+        {error, Error} ->
+            {error, Error}
+    end.
+
 fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
     case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
         UserInfo when is_map(UserInfo) ->
@@ -283,6 +300,11 @@ day_query(Day) when is_tuple(Day) ->
 day_query(Day) when is_list(Day) ->
     "?start=" ++ Day ++ "&end=" ++ Day.
 
+start_day_query(Day) when is_tuple(Day) ->
+    start_day_query(edate:date_to_string(Day));
+start_day_query(Day) when is_list(Day) ->
+    "?start=" ++ Day.
+
 get_last_day("sleep", #state{last_sleep_day = LastSleepDay}) -> LastSleepDay;
 get_last_day("activity", #state{last_activity_day = LastActivityDay}) -> LastActivityDay;
 get_last_day("readiness", #state{last_readiness_day = LastReadinessDay}) -> LastReadinessDay.

From 322af6b27e22e2050e69c9337f5405e212a448fc Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 30 Apr 2020 09:06:08 +0200
Subject: [PATCH 14/72] Review commens #4

---
 rebar.config                            |  7 +++----
 src/dperl/jobs/dperl_ouraring_crawl.erl | 11 -----------
 2 files changed, 3 insertions(+), 15 deletions(-)

diff --git a/rebar.config b/rebar.config
index 76dfaf0a..5afd17ad 100644
--- a/rebar.config
+++ b/rebar.config
@@ -43,13 +43,12 @@
     {esaml, {git, "https://github.com/KonnexionsGmbH/esaml", {tag, "2.3.0"}}},
     {imem, {git, "https://github.com/konnexionsgmbh/imem", {tag, "3.9.1"}}},
     {oranif, {git, "https://github.com/konnexionsgmbh/oranif", {tag, "0.2.3"}}},
-    {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}},
-    {prometheus, "4.5.0"}
+    {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}}
 ]}.
 
 {erl_first_files, [
-  "src/dperl_worker.erl",
-  "src/dperl_strategy_scr.erl"
+  "src/dperl/dperl_worker.erl",
+  "src/dperl/dperl_strategy_scr.erl"
 ]}.
 
 {deps_error_on_conflict, false}.
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 8a7ad96c..f5488aae 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -313,14 +313,3 @@ set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
 set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
 set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
 
-% format_links(Links) ->
-%     lists:map(
-%         fun(#{url := Url} = Link) ->
-%             NewUrl = 
-%             case lists:last(Url) of
-%                 $/ -> Url;
-%                 _ -> Url ++ "/"
-%             end,
-%             Link#{url := NewUrl};
-%           (Link) -> Link
-%         end, Links).

From 625c26644230c4f4f10e85d0d7e3b867be0c1f72 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 30 Apr 2020 10:49:52 +0200
Subject: [PATCH 15/72] fetching latest sleep and readiness data

---
 rebar.config                            |  5 ++---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 23 +++++++++++++++--------
 2 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/rebar.config b/rebar.config
index 5afd17ad..d99e64f1 100644
--- a/rebar.config
+++ b/rebar.config
@@ -41,7 +41,7 @@
     {prometheus, "4.5.0"},
     {erlimem, {git, "https://github.com/konnexionsgmbh/erlimem", {tag, "3.1.0"}}},
     {esaml, {git, "https://github.com/KonnexionsGmbH/esaml", {tag, "2.3.0"}}},
-    {imem, {git, "https://github.com/konnexionsgmbh/imem", {tag, "3.9.1"}}},
+    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "master"}}},
     {oranif, {git, "https://github.com/konnexionsgmbh/oranif", {tag, "0.2.3"}}},
     {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}}
 ]}.
@@ -64,8 +64,7 @@
     {lager_extra_sinks, [access]}
 ]}.
 
-{minimum_otp_vsn, "20.1"}.
-{blacklisted_otp_vsns, ["20.3"]}.
+{minimum_otp_vsn, "21.0"}.
 
 {eunit_opts, [
     {skip_deps, true},
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index f5488aae..530a7bba 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -217,18 +217,25 @@ fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = S
     NextDay = next_day(Day),
     case fetch_metric(Type, day_query(Day), ApiUrl, AccessToken) of
         none ->
-            case NextDay =< edate:yesterday() of
-                true ->
+            case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
+                {ok, _} ->
                     fetch_metric(Type, NextDay, State);
-                false ->
+                _Other ->
                     State
             end;
         {ok, Metric} ->
-            case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
-                {ok, _} ->
-                    {ok, Day, {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}}};
-                Other ->
-                    Other
+            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            case Type of
+                Type when Type == "sleep"; Type == "readiness" ->
+                    {ok, Day, Info};
+                "activity" ->
+                    % fetching activity only if next days data exists
+                    case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
+                        {ok, _} ->
+                            {ok, Day, Info};
+                        Other ->
+                            Other
+                    end
             end;
         {error, Error} ->
             ?JError("Error fetching ~s for ~p : ~p", [Type, Day, Error]),

From 69bc0c2c3b5f59724b229fc3495e53d81a7d09e0 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 30 Apr 2020 15:25:06 +0200
Subject: [PATCH 16/72] added avatar id as a property

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 530a7bba..1ca10f53 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -17,7 +17,7 @@
 -record(state, {name, channel, client_id, client_secret, password, email,
                 cb_uri, is_connected = false, access_token, api_url, oauth_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
-                infos = [], auth_time, auth_expiry}).
+                infos = [], auth_time, auth_expiry, avatar_id}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -158,7 +158,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
                 srcArgs = #{client_id := ClientId, user_password := Password,
                             client_secret := ClientSecret, user_email := Email,
                             cb_uri := CallbackUri, api_url := ApiUrl,
-                            oauth_url := OauthUrl}}, State}) ->
+                            oauth_url := OauthUrl, avatar_id := AvatarId}}, State}) ->
     ?JInfo("Starting ..."),
     ChannelBin = dperl_dal:to_binary(Channel),
     dperl_dal:create_check_channel(ChannelBin),
@@ -167,7 +167,8 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
     {ok, State#state{channel = ChannelBin, client_id = ClientId,
                      client_secret = ClientSecret, password = Password,
                      email = Email, cb_uri = CallbackUri, name = Name,
-                     api_url = ApiUrl, oauth_url = OauthUrl}};
+                     api_url = ApiUrl, oauth_url = OauthUrl,
+                     avatar_id = AvatarId}};
 init(Args) ->
     ?JError("bad start parameters ~p", [Args]),
     {stop, badarg}.
@@ -188,6 +189,8 @@ terminate(Reason, _State) ->
     httpc:reset_cookies(?MODULE),
     ?JInfo("terminate ~p", [Reason]).
 
+%% private functions
+
 fetch_metrics([], State) -> {ok, State};
 fetch_metrics(["userinfo" | Types], State) ->
     case fetch_userinfo(State) of
@@ -224,7 +227,8 @@ fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = S
                     State
             end;
         {ok, Metric} ->
-            Info = {["ouraring", Type], Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            Key = build_key(Type, State#state.avatar_id),
+            Info = {Key, Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
             case Type of
                 Type when Type == "sleep"; Type == "readiness" ->
                     {ok, Day, Info};
@@ -257,7 +261,7 @@ fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
 fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
     case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
         UserInfo when is_map(UserInfo) ->
-            Info = {["ouraring", "userinfo"], UserInfo},
+            Info = {build_key("userinfo", State#state.avatar_id), UserInfo},
             State#state{infos = [Info | State#state.infos]};
         {error, Error} ->
             ?JError("Error fetching userinfo : ~p", [Error]),
@@ -266,7 +270,7 @@ fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
 
 get_day(Type, State) ->
     LastDay = get_last_day(Type, State),
-    Key = ["ouraring", Type],
+    Key = build_key(Type, State#state.avatar_id),
     Yesterday = edate:yesterday(),
     case dperl_dal:read_channel(State#state.channel, Key) of
         ?NOT_FOUND ->
@@ -320,3 +324,5 @@ set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
 set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
 set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
 
+build_key(Type, AvatarId) when is_list(Type), is_list(AvatarId)->
+    [AvatarId, "ouraring", Type].

From 22ad119eeb7cc68b1d689cb6f1803e3e39804f87 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 30 Apr 2020 18:28:07 +0200
Subject: [PATCH 17/72] code refactoring

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 116 +++++++++++++-----------
 1 file changed, 65 insertions(+), 51 deletions(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 1ca10f53..a9d30786 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -36,58 +36,65 @@ connect_check_src(#state{is_connected = true, auth_expiry = ExpiresIn, auth_time
 connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = CallbackUri,
                          client_secret = ClientSecret, password = Password,
                          email = Email, oauth_url = OauthUrl} = State) ->
+    ?Info("Generating new access token"),
     httpc:reset_cookies(?MODULE),
-    Url = OauthUrl ++ "/oauth/authorize"
-    ++ "?response_type=code"
-    ++ "&client_id=" ++ ClientId
-    ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-    ++ "&scope=email+personal+daily"
-    ++ "&state=" ++ "test",
-    case httpc:request(get, {Url, []}, [{autoredirect, false}], [], ?MODULE) of
-        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} ->
-            RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
-            {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
-            SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
-            {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
-            {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
-            post, {
-                RedirectUri, [], "application/x-www-form-urlencoded",
-                "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-                ++ "&email=" ++ edoc_lib:escape_uri(Email)
-                ++ "&password=" ++ edoc_lib:escape_uri(Password)
-            }, [{autoredirect, false}], [], ?MODULE
-            ),
-            RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
-            {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
-            {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
-            post, {
-                RedirectUri_1, [], "application/x-www-form-urlencoded",
-                "_xsrf="++edoc_lib:escape_uri(XRefCookie)
-                ++ "&scope_email=on"
-                ++ "&scope_personal=on"
-                ++ "&scope_daily=on"
-                ++ "&allow=Accept"
-            }, [{autoredirect, false}], [], ?MODULE
-            ),
-            RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
-            #{query := QueryString} = uri_string:parse(RedirectUri_2),
-            #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
-            {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
-            post, {
-                OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
-                "grant_type=authorization_code"
-                ++ "&code=" ++ Code
-                ++ "&redirect_uri=" ++ edoc_lib:escape_uri(CallbackUri)
-                ++ "&client_id=" ++ ClientId
-                ++ "&client_secret=" ++ ClientSecret
-            }, [{autoredirect, false}], [], ?MODULE
-            ),
-            #{<<"access_token">> := AccessToken, <<"expires_in">> := ExpiresIn} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
-            ?JInfo("Authentication successful : ~p", [Auth]),
-            {ok, State#state{is_connected = true, access_token = AccessToken,
-                             auth_expiry = ExpiresIn, auth_time = imem_meta:time()}};
-        Error ->
-            ?JError("Unexpected response : ~p", [Error]),
+    Params = #{
+        "response_type" => "code",
+        "client_id" => ClientId,
+        "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
+        "scope" => "email+personal+daily",
+        "state" => "test"
+    },
+    Url = OauthUrl ++ "/oauth/authorize?" ++ binary_to_list(url_enc_params(Params)),
+    try
+        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(
+            get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
+        {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
+        SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
+        {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
+        Params2 = #{
+            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
+            "email" => edoc_lib:escape_uri(Email),
+            "password" => edoc_lib:escape_uri(Password)
+        },
+        {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
+        post, {
+            RedirectUri, [], "application/x-www-form-urlencoded",
+            url_enc_params(Params2)}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
+        {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
+        Params3 = #{
+            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
+            "cope_email" => "on",
+            "scope_personal" => "on",
+            "scope_daily" => "on",
+            "allow" => "Accept"
+        },
+        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
+        post, {
+            RedirectUri_1, [], "application/x-www-form-urlencoded",
+            url_enc_params(Params3)}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
+        #{query := QueryString} = uri_string:parse(RedirectUri_2),
+        #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
+        Params4 = #{
+            "grant_type" => "authorization_code",
+            "code" => Code, "client_id" => ClientId,
+            "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
+            "client_secret" => ClientSecret
+        },
+        {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
+        post, {
+            OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
+            url_enc_params(Params4)}, [{autoredirect, false}], [], ?MODULE),
+        #{<<"access_token">> := AccessToken, <<"expires_in">> := ExpiresIn} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
+        ?JInfo("Authentication successful : ~p", [Auth]),
+        {ok, State#state{is_connected = true, access_token = AccessToken,
+                            auth_expiry = ExpiresIn, auth_time = imem_meta:time()}}
+    catch
+        Class:Error:Stacktrace ->
+            ?JError("Unexpected response : ~p:~p:~p", [Class, Error, Stacktrace]),
             {error, invalid_return, State}
     end;
 connect_check_src(State) -> {ok, State}.
@@ -326,3 +333,10 @@ set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}
 
 build_key(Type, AvatarId) when is_list(Type), is_list(AvatarId)->
     [AvatarId, "ouraring", Type].
+
+url_enc_params(Params) ->
+    EParams = maps:fold(
+        fun(K, V, Acc) ->
+            ["&", K, "=", V | Acc]
+        end, [], Params),
+    erlang:iolist_to_binary(tl(EParams)).
\ No newline at end of file

From 26820c6cc2eaf0a808ebd75c514c4e0e6721b276 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 1 May 2020 09:12:17 +0200
Subject: [PATCH 18/72] added new line at the end

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index a9d30786..42c9fff6 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -339,4 +339,4 @@ url_enc_params(Params) ->
         fun(K, V, Acc) ->
             ["&", K, "=", V | Acc]
         end, [], Params),
-    erlang:iolist_to_binary(tl(EParams)).
\ No newline at end of file
+    erlang:iolist_to_binary(tl(EParams)).

From a0443d1142990e3b5782f9cb521b53bd19982ab3 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 1 May 2020 14:18:55 +0200
Subject: [PATCH 19/72] default key_prefix added

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 42c9fff6..9bc2eb63 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -17,7 +17,7 @@
 -record(state, {name, channel, client_id, client_secret, password, email,
                 cb_uri, is_connected = false, access_token, api_url, oauth_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
-                infos = [], auth_time, auth_expiry, avatar_id}).
+                infos = [], auth_time, auth_expiry, key_prefix}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -165,9 +165,10 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
                 srcArgs = #{client_id := ClientId, user_password := Password,
                             client_secret := ClientSecret, user_email := Email,
                             cb_uri := CallbackUri, api_url := ApiUrl,
-                            oauth_url := OauthUrl, avatar_id := AvatarId}}, State}) ->
+                            oauth_url := OauthUrl} = SrcArgs}, State}) ->
     ?JInfo("Starting ..."),
     ChannelBin = dperl_dal:to_binary(Channel),
+    KeyPrefix = maps:get(key_prefix, SrcArgs, []),
     dperl_dal:create_check_channel(ChannelBin),
     inets:start(httpc, [{profile, ?MODULE}]),
     ok = httpc:set_options([{cookies, enabled}], ?MODULE),
@@ -175,7 +176,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
                      client_secret = ClientSecret, password = Password,
                      email = Email, cb_uri = CallbackUri, name = Name,
                      api_url = ApiUrl, oauth_url = OauthUrl,
-                     avatar_id = AvatarId}};
+                     key_prefix = KeyPrefix}};
 init(Args) ->
     ?JError("bad start parameters ~p", [Args]),
     {stop, badarg}.
@@ -234,7 +235,7 @@ fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = S
                     State
             end;
         {ok, Metric} ->
-            Key = build_key(Type, State#state.avatar_id),
+            Key = build_key(Type, State#state.key_prefix),
             Info = {Key, Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
             case Type of
                 Type when Type == "sleep"; Type == "readiness" ->
@@ -268,7 +269,7 @@ fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
 fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
     case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
         UserInfo when is_map(UserInfo) ->
-            Info = {build_key("userinfo", State#state.avatar_id), UserInfo},
+            Info = {build_key("userinfo", State#state.key_prefix), UserInfo},
             State#state{infos = [Info | State#state.infos]};
         {error, Error} ->
             ?JError("Error fetching userinfo : ~p", [Error]),
@@ -277,7 +278,7 @@ fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
 
 get_day(Type, State) ->
     LastDay = get_last_day(Type, State),
-    Key = build_key(Type, State#state.avatar_id),
+    Key = build_key(Type, State#state.key_prefix),
     Yesterday = edate:yesterday(),
     case dperl_dal:read_channel(State#state.channel, Key) of
         ?NOT_FOUND ->
@@ -331,8 +332,8 @@ set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
 set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
 set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
 
-build_key(Type, AvatarId) when is_list(Type), is_list(AvatarId)->
-    [AvatarId, "ouraring", Type].
+build_key(Type, KeyPrefix) when is_list(Type), is_list(KeyPrefix)->
+    KeyPrefix ++ [Type].
 
 url_enc_params(Params) ->
     EParams = maps:fold(

From 257726a308003d47cd28a72e29598c6db6aac44a Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 8 May 2020 13:26:43 +0200
Subject: [PATCH 20/72] using encryption imem and fetching enc hash to the job

---
 rebar.config                            |  2 +-
 src/dperl/dperl_auth_cache.erl          | 50 +++++++++++++++++++++++++
 src/dperl/dperl_sup.erl                 |  6 ++-
 src/dperl/jobs/dperl_ouraring_crawl.erl | 29 ++++++++------
 4 files changed, 74 insertions(+), 13 deletions(-)
 create mode 100644 src/dperl/dperl_auth_cache.erl

diff --git a/rebar.config b/rebar.config
index d99e64f1..89ac4f99 100644
--- a/rebar.config
+++ b/rebar.config
@@ -41,7 +41,7 @@
     {prometheus, "4.5.0"},
     {erlimem, {git, "https://github.com/konnexionsgmbh/erlimem", {tag, "3.1.0"}}},
     {esaml, {git, "https://github.com/KonnexionsGmbH/esaml", {tag, "2.3.0"}}},
-    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "master"}}},
+    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "encryption2"}}},
     {oranif, {git, "https://github.com/konnexionsgmbh/oranif", {tag, "0.2.3"}}},
     {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}}
 ]}.
diff --git a/src/dperl/dperl_auth_cache.erl b/src/dperl/dperl_auth_cache.erl
new file mode 100644
index 00000000..221d5647
--- /dev/null
+++ b/src/dperl/dperl_auth_cache.erl
@@ -0,0 +1,50 @@
+-module(dperl_auth_cache).
+
+-behaviour(gen_server).
+
+-export([start_link/0,
+         set_enc_hash/3,
+         get_enc_hash/1,
+         set_enc_hash_locally/3]).
+
+%% gen_server callbacks
+-export([init/1,
+         handle_call/3,
+         handle_cast/2,
+         terminate/2]).
+
+-safe([set_enc_hash/3]).
+
+start_link() ->
+    gen_server:start_link({local, ?MODULE}, ?MODULE, [], []).
+
+init([]) ->
+    {ok, #{}}.
+
+handle_call({setEncHash, JobOrServiceName, User, EncHash}, _From, State) ->
+    {reply, ok, State#{JobOrServiceName => {User, EncHash}}};
+handle_call({getEncHash, JobOrServiceName}, _From, State) ->
+    case State of
+        #{JobOrServiceName := {User, EncHash}} ->
+            {reply, {User, EncHash}, State};
+        _ ->
+            {reply, undefined, State}
+    end;
+handle_call(_Request, _From, State) ->
+    {reply, ignored, State}.
+
+handle_cast(_Msg, State) ->
+    {noreply, State}.
+
+terminate(_Reason, _State) ->
+    ok.
+
+set_enc_hash(JobOrServiceName, User, EncHash) ->
+    DataNodes = [N || {_, N} <- imem_meta:data_nodes()],
+    rpc:multicall(DataNodes, ?MODULE, set_enc_hash_locally, [JobOrServiceName, User, EncHash]).
+
+set_enc_hash_locally(JobOrServiceName, User, EncHash) ->
+    gen_server:call(?MODULE, {setEncHash, JobOrServiceName, User, EncHash}).
+
+get_enc_hash(JobOrServiceName) ->
+    gen_server:call(?MODULE, {getEncHash, JobOrServiceName}).
diff --git a/src/dperl/dperl_sup.erl b/src/dperl/dperl_sup.erl
index e0b95398..04f4d758 100644
--- a/src/dperl/dperl_sup.erl
+++ b/src/dperl/dperl_sup.erl
@@ -83,7 +83,11 @@ init([]) ->
        #{id => dperl_service_cp,
          start => {dperl_cp, start_link, [service]},
          restart => permanent, shutdown => 5000, type => worker,
-         modules => [dperl_cp]}
+         modules => [dperl_cp]},
+       #{id => dperl_auth_cache,
+         start => {dperl_auth_cache, start_link, []},
+         restart => permanent, shutdown => 5000, type => worker,
+         modules => [dperl_auth_cache]}
       ]}}.
 
 priv_dir() ->
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 9bc2eb63..c4003803 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -166,17 +166,24 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
                             client_secret := ClientSecret, user_email := Email,
                             cb_uri := CallbackUri, api_url := ApiUrl,
                             oauth_url := OauthUrl} = SrcArgs}, State}) ->
-    ?JInfo("Starting ..."),
-    ChannelBin = dperl_dal:to_binary(Channel),
-    KeyPrefix = maps:get(key_prefix, SrcArgs, []),
-    dperl_dal:create_check_channel(ChannelBin),
-    inets:start(httpc, [{profile, ?MODULE}]),
-    ok = httpc:set_options([{cookies, enabled}], ?MODULE),
-    {ok, State#state{channel = ChannelBin, client_id = ClientId,
-                     client_secret = ClientSecret, password = Password,
-                     email = Email, cb_uri = CallbackUri, name = Name,
-                     api_url = ApiUrl, oauth_url = OauthUrl,
-                     key_prefix = KeyPrefix}};
+    case dperl_auth_cache:get_enc_hash(Name) of
+        undefined ->
+            ?JError("Encryption hash is not avaialable"),
+            {stop, badarg};
+        {User, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [User]),
+            put(pwdHash, EncHash),
+            ChannelBin = dperl_dal:to_binary(Channel),
+            KeyPrefix = maps:get(key_prefix, SrcArgs, []),
+            dperl_dal:create_check_channel(ChannelBin),
+            inets:start(httpc, [{profile, ?MODULE}]),
+            ok = httpc:set_options([{cookies, enabled}], ?MODULE),
+            {ok, State#state{channel = ChannelBin, client_id = ClientId,
+                             client_secret = ClientSecret, password = Password,
+                             email = Email, cb_uri = CallbackUri, name = Name,
+                             api_url = ApiUrl, oauth_url = OauthUrl,
+                             key_prefix = KeyPrefix}}
+    end;
 init(Args) ->
     ?JError("bad start parameters ~p", [Args]),
     {stop, badarg}.

From 73607be3bbe0478a2546692af70027a04e5b98ce Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 8 May 2020 13:50:43 +0200
Subject: [PATCH 21/72] changed put to sec interface

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index c4003803..723b2445 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -172,7 +172,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
             {stop, badarg};
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
-            put(pwdHash, EncHash),
+            imem_sec_mnesia:put_enc_hash(EncHash),
             ChannelBin = dperl_dal:to_binary(Channel),
             KeyPrefix = maps:get(key_prefix, SrcArgs, []),
             dperl_dal:create_check_channel(ChannelBin),

From 7d62cdaa33a19430de1432c263159200a99f5d93 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 8 May 2020 17:09:09 +0200
Subject: [PATCH 22/72] encHash in the fsm process

---
 rebar.config         | 2 +-
 src/dderl_fsm.erl    | 7 +++++++
 src/imem_adapter.erl | 2 ++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/rebar.config b/rebar.config
index 6e0e841e..206f37d1 100644
--- a/rebar.config
+++ b/rebar.config
@@ -40,7 +40,7 @@
     {cowboy,"2.7.0"},
     {erlimem, {git, "https://github.com/konnexionsgmbh/erlimem", {tag, "3.1.0"}}},
     {esaml, {git, "https://github.com/KonnexionsGmbH/esaml", {tag, "2.3.0"}}},
-    {imem, {git, "https://github.com/konnexionsgmbh/imem", {tag, "3.9.1"}}},
+    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "encryption2"}}},
     {oranif, {git, "https://github.com/konnexionsgmbh/oranif", {tag, "0.2.3"}}},
     {prometheus, "4.5.0"}
 ]}.
diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index 3c2c993e..e123a6d8 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -39,6 +39,7 @@
         , stop/1
         , inspect_status/1
         , inspect_state/1
+        , put_enc_hash/2
         ]).
 
 -export([ rows/2        %% incoming rows          [RowList,true] | [RowList,false] | [RowList,tail]    RowList=list(KeyTuples)
@@ -232,6 +233,8 @@ stop(Pid) ->
 
 inspect_status(Pid) -> gen_statem:call(Pid, inspect_status).
 
+put_enc_hash(Pid, EncHash) -> gen_statem:call(Pid, {put_enc_hash, EncHash}).
+
 inspect_state(Pid) -> gen_statem:call(Pid, inspect_state).
 
 
@@ -685,6 +688,7 @@ reply_stack(SN,ReplyTo, #state{stack={button,_Button,RT},tRef=TRef}=State0) ->
 init({#ctx{} = Ctx, SessPid}) ->
     process_flag(trap_exit, true),
     true = link(SessPid),
+
     #ctx{ bl                            = BL
          , replyToFun                   = ReplyTo
          , rowCols                      = RowCols
@@ -1738,6 +1742,9 @@ handle_call(cache_data, From, SN, #state{tableId = TableId, ctx=#ctx{rowCols=Row
     {next_state, SN, State, [{reply, From, ok}]};
 handle_call(inspect_status, From, SN, State) ->
     {next_state, SN, State, [{reply, From, SN}]};
+handle_call({put_enc_hash, EncHash}, From, SN, State) ->
+    imem_sec_mnesia:put_enc_hash(EncHash),
+    {next_state, SN, State, [{reply, From, ok}]};
 handle_call(inspect_state, From, SN, State) ->
     {next_state, SN, State, [{reply, From, State}]};
 handle_call(_Event, _From, empty, State) ->
diff --git a/src/imem_adapter.erl b/src/imem_adapter.erl
index 4b46dc93..8816674e 100644
--- a/src/imem_adapter.erl
+++ b/src/imem_adapter.erl
@@ -810,6 +810,8 @@ process_query(Query, Connection, Params, SessPid) ->
                                         , update_cursor_execute_funs = imem_adapter_funs:update_cursor_execute(Connection, StmtRefs)
                                         }, SessPid),
             erlimem_session:add_stmt_fsm(Connection, StmtRefs, {dderl_fsm, StmtFsm}),
+            EncHash = erlimem_session:run_cmd(Connection, get_enc_hash, []),
+            dderl_fsm:put_enc_hash(StmtFsm, EncHash),
             ?Debug("StmtRslt ~p ~p", [RowCols, SortSpec]),
             Columns = gen_adapter:build_column_json(lists:reverse(RowCols)),
             JSortSpec = build_srtspec_json(SortSpec),

From 357ec52bc5d3e3f99c069b5bbb651daaab5ae8ce Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 15 May 2020 11:41:13 +0200
Subject: [PATCH 23/72] people fetch WIP

---
 priv/dev/static/index.html       |  1 +
 priv/dev/static/index.js         |  3 ++-
 priv/dev/static/scripts/login.js | 22 +++++++++++++++++++++
 src/dderl.erl                    | 10 +++++-----
 src/dderl_session.erl            | 34 ++++++++++++++++++++++++++++++++
 5 files changed, 64 insertions(+), 6 deletions(-)

diff --git a/priv/dev/static/index.html b/priv/dev/static/index.html
index 3dc6f0d2..84e6d582 100644
--- a/priv/dev/static/index.html
+++ b/priv/dev/static/index.html
@@ -23,6 +23,7 @@
                     <li><a id="btn-about">About</a></li>
                     <li><a id="btn-disconnect">Disconnect</a></li>
                     <li><a id="btn-restart">Restart Application</a></li>
+                    <li><a id="btn-office-365">Register Office 365</a></li>
                 </ul>
             </li>
             <li><a id="connect-button">New Connection</a></li>
diff --git a/priv/dev/static/index.js b/priv/dev/static/index.js
index 9a0a4b1c..909bb28b 100644
--- a/priv/dev/static/index.js
+++ b/priv/dev/static/index.js
@@ -8,7 +8,7 @@ import {loginAjax} from "./scripts/login";
 import {alert_jq} from './dialogs/dialogs';
 import {dderlState, show_qry_files,
         change_password, show_about_dlg} from "./scripts/dderl";
-import {new_connection_tab, logout, restart} from "./scripts/login";
+import {new_connection_tab, logout, restart, authorize_office} from "./scripts/login";
 import {disconnect_tab, close_tab} from "./scripts/connect";
 import {newSqlEditor} from "./scripts/dderl.sql";
 import {patch_jquery_ui} from "./jquery-ui-helper/helper.js";
@@ -93,3 +93,4 @@ addClick('btn-restart',         () => { restart();              });
 addClick('connect-button',      () => { new_connection_tab();   });
 addClick('newsql-button',       () => { newSqlEditor();         });
 addClick('btn-logout',          () => { logout();               });
+addClick('btn-office-365',      () => { authorize_office();               });
diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index bce79df2..229e24db 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -23,6 +23,21 @@ export function loginAjax(data = {}) {
 
 window.loginCb = loginCb;
 
+const url = new URL(window.location.href);
+const code = url.searchParams.get('code');
+const state = url.searchParams.get('state');
+if(code) {
+    // alert("code is : " + code + ' state is : ' + state);
+    dderlState.xsrfToken = state;
+    const body = { 'office_365_code': { 'code': code, 'state': state } };
+    ajaxCall(null, 'office_365_code', body, 'office_365_code', function () { window.close(); },
+        function () { alert('error!!!!'); });
+} else {
+    const error = url.searchParams.get('error');
+    const errorDesc = url.searchParams.get('error_description');
+    alert_jq('Login error : ' + error + ' : ' + errorDesc);
+}
+
 function loginCb(resp) {
     try {
         if (window.opener && window.opener.isScreensaver && window.opener.loginCb && $.isFunction(window.opener.loginCb)) {
@@ -400,3 +415,10 @@ export function change_login_password(loggedInUser, shouldConnect) {
         else alert_jq("Confirm password missmatch!");
     });
 }
+
+export function authorize_office() {
+    const windowUrl = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=353d2e74-ac01-4f48-8b84-d3017e7f91f4&response_type=code&redirect_uri=https%3A%2F%2Flocalhost:8443%2Fdderl%2F&response_mode=query&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fpeople.read&state=' + encodeURIComponent(dderlState.xsrfToken);
+    const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=700,left=100,top=100';
+    const windowRef = window.open(windowUrl, 'Office 365 login', params);
+    console.log(windowRef);
+}
\ No newline at end of file
diff --git a/src/dderl.erl b/src/dderl.erl
index c2674b15..c9eef886 100644
--- a/src/dderl.erl
+++ b/src/dderl.erl
@@ -100,8 +100,8 @@ init(Req, '$path_probe') ->
 init(Req, State) ->
     Url = iolist_to_binary(cowboy_req:uri(Req)),
     Req1 =
-    case binary:last(Url) of
-        $/ ->
+    % case binary:last(Url) of
+        % $/ ->
             Priv = priv_dir(),
             Filename = filename:join([Priv, "public", "dist", "index.html"]),
             case file:read_file(Filename) of
@@ -120,9 +120,9 @@ init(Req, State) ->
                         >>,
                         Req
                     )
-            end;
-        _ ->
-            cowboy_req:reply(301, #{<<"location">> => <<Url/binary,"/">>}, Req)
+            % end;
+        % _ ->
+            % cowboy_req:reply(301, #{<<"location">> => <<Url/binary,"/">>}, Req)
     end,
     {ok, Req1, State}.
 
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 83566e5c..9f301d29 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -380,6 +380,40 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
     reply(From, [{<<"about">>, Versions}], self()),
     State;
 
+process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
+    #{<<"office_365_code">> := BodyJson} = jsx:decode(ReqData, [return_maps]),
+    #{<<"code">> := Code, <<"state">> := UrlState} = BodyJson,
+    ?Info("!!!! office 365 code is : ~p, state : ~p", [Code, UrlState]),
+    Url = "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+    Head = "",
+    ContentType = "application/x-www-form-urlencoded",
+    ClientSecret = "Ltzu6fr1f2Jeps4~0VI41zzY1GOf~drv_~",
+
+    Body = "client_id=353d2e74-ac01-4f48-8b84-d3017e7f91f4
+            &scope=https%3A%2F%2Fgraph.microsoft.com%2Fpeople.read
+            &code=" ++ binary_to_list(Code) ++ "
+            &redirect_uri=https%3A%2F%2Flocalhost%3A8443%2Fdderl%2F
+            &grant_type=authorization_code
+            &client_secret=" ++ http_uri:encode(ClientSecret),
+
+    case httpc:request(post, {Url, Head, ContentType, Body}, [], []) of
+        {ok, {_, _, TokenBody}} ->
+            #{<<"access_token">> := AccessToken, <<"refresh_token">> := RefreshToken} = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+            reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self()),
+            ?Info("Fetched access token and refresh token ~p, ~p", [AccessToken, size(RefreshToken)]),
+            ?Info("Fetching email"),
+            MailUrl = "https://graph.microsoft.com/v1.0/me/people/?$top=1000&$Select=displayName&$orderby=displayName",  
+            AuthHeader = {"Authorization", "Bearer " ++ binary_to_list(AccessToken)},
+            OtherHeader = {"X-PeopleQuery-QuerySources", "Mailbox,Directory"},
+            {ok, {_, _, Mails}} = httpc:request(get, {MailUrl, [AuthHeader, OtherHeader]}, [], []),
+            ?Info("Emails : ~p", [imem_json:decode(list_to_binary(Mails), [return_maps])]);
+        {error, Error} ->
+            ?Error("Fetching access token : ~p", [Error]),
+            reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
+    end,
+    State;
+
 process_call({[<<"connect_info">>], _ReqData}, _Adapter, From, {SrcIp,_},
              #state{sess=Sess, user_id=UserId, user = User} = State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "connect_info"}, State),

From 848f595c29bf16ba15db0d47ec7468aaac416400 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Mon, 18 May 2020 12:02:38 +0200
Subject: [PATCH 24/72] dperl office 365 contacts job

---
 priv/dev/static/scripts/login.js    |  14 +-
 src/dderl_session.erl               |  52 +++++---
 src/dperl/jobs/dperl_office_365.erl | 200 ++++++++++++++++++++++++++++
 3 files changed, 238 insertions(+), 28 deletions(-)
 create mode 100644 src/dperl/jobs/dperl_office_365.erl

diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index 229e24db..85b8c898 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -23,11 +23,11 @@ export function loginAjax(data = {}) {
 
 window.loginCb = loginCb;
 
+// office 365 callback handler
 const url = new URL(window.location.href);
 const code = url.searchParams.get('code');
 const state = url.searchParams.get('state');
 if(code) {
-    // alert("code is : " + code + ' state is : ' + state);
     dderlState.xsrfToken = state;
     const body = { 'office_365_code': { 'code': code, 'state': state } };
     ajaxCall(null, 'office_365_code', body, 'office_365_code', function () { window.close(); },
@@ -36,7 +36,9 @@ if(code) {
     const error = url.searchParams.get('error');
     const errorDesc = url.searchParams.get('error_description');
     alert_jq('Login error : ' + error + ' : ' + errorDesc);
+    window.close();
 }
+// office 365 callback handler end
 
 function loginCb(resp) {
     try {
@@ -417,8 +419,8 @@ export function change_login_password(loggedInUser, shouldConnect) {
 }
 
 export function authorize_office() {
-    const windowUrl = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=353d2e74-ac01-4f48-8b84-d3017e7f91f4&response_type=code&redirect_uri=https%3A%2F%2Flocalhost:8443%2Fdderl%2F&response_mode=query&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fpeople.read&state=' + encodeURIComponent(dderlState.xsrfToken);
-    const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=700,left=100,top=100';
-    const windowRef = window.open(windowUrl, 'Office 365 login', params);
-    console.log(windowRef);
-}
\ No newline at end of file
+    ajaxCall(null, 'office_365_auth_config', {}, 'office_365_auth_config', function(auth_config) {
+        const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=600,left=100,top=100';
+        window.open(auth_config.url, 'Office 365 login', params);
+    });
+}
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 9f301d29..d9af5e3e 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -380,34 +380,33 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
     reply(From, [{<<"about">>, Versions}], self()),
     State;
 
+process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
+    URLState = http_uri:encode(State#state.xsrf_token),
+    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
+      scope := Scope} = dperl_office_365:get_office_365_auth_config(),
+    UrlParams = url_enc_params(#{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
+                                 "scope" => {enc, Scope}, "state" => URLState}),
+    FinalUrl = erlang:iolist_to_binary([Url, "&", UrlParams]),
+    reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => FinalUrl}}, self()),
+    State;
+
 process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
     #{<<"office_365_code">> := BodyJson} = jsx:decode(ReqData, [return_maps]),
-    #{<<"code">> := Code, <<"state">> := UrlState} = BodyJson,
-    ?Info("!!!! office 365 code is : ~p, state : ~p", [Code, UrlState]),
-    Url = "https://login.microsoftonline.com/common/oauth2/v2.0/token",
-    Head = "",
+    #{<<"code">> := Code} = BodyJson,
+    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
+      client_secret := Secret, grant_type := GrantType,
+      scope := Scope} = dperl_office_365:get_office_365_auth_config(),
+    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
+                            "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
+                            "client_secret" => {enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
-    ClientSecret = "Ltzu6fr1f2Jeps4~0VI41zzY1GOf~drv_~",
-
-    Body = "client_id=353d2e74-ac01-4f48-8b84-d3017e7f91f4
-            &scope=https%3A%2F%2Fgraph.microsoft.com%2Fpeople.read
-            &code=" ++ binary_to_list(Code) ++ "
-            &redirect_uri=https%3A%2F%2Flocalhost%3A8443%2Fdderl%2F
-            &grant_type=authorization_code
-            &client_secret=" ++ http_uri:encode(ClientSecret),
-
-    case httpc:request(post, {Url, Head, ContentType, Body}, [], []) of
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {_, _, TokenBody}} ->
-            #{<<"access_token">> := AccessToken, <<"refresh_token">> := RefreshToken} = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
             reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self()),
-            ?Info("Fetched access token and refresh token ~p, ~p", [AccessToken, size(RefreshToken)]),
-            ?Info("Fetching email"),
-            MailUrl = "https://graph.microsoft.com/v1.0/me/people/?$top=1000&$Select=displayName&$orderby=displayName",  
-            AuthHeader = {"Authorization", "Bearer " ++ binary_to_list(AccessToken)},
-            OtherHeader = {"X-PeopleQuery-QuerySources", "Mailbox,Directory"},
-            {ok, {_, _, Mails}} = httpc:request(get, {MailUrl, [AuthHeader, OtherHeader]}, [], []),
-            ?Info("Emails : ~p", [imem_json:decode(list_to_binary(Mails), [return_maps])]);
+            dperl_office_365:set_token_info(TokenInfo);
         {error, Error} ->
             ?Error("Fetching access token : ~p", [Error]),
             reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
@@ -911,3 +910,12 @@ act_log(ReplyPid, LogLevel, Args, State) ->
                       logLevel => LogLevel,
                       isProxy => State#state.is_proxy}
                }.
+
+url_enc_params(Params) ->
+    EParams = maps:fold(
+        fun(K, {enc, V}, Acc) ->
+            ["&", K, "=", http_uri:encode(V) | Acc];
+           (K, V, Acc) ->
+            ["&", K, "=", V | Acc]
+        end, [], Params),
+    erlang:iolist_to_binary([tl(EParams)]).
\ No newline at end of file
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
new file mode 100644
index 00000000..f9588024
--- /dev/null
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -0,0 +1,200 @@
+-module(dperl_office_365).
+
+-include_lib("dperl/dperl.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+-define(OFFICE_365_AUTH_CONFIG,
+        ?GET_CONFIG(office365AuthConfig,[],
+            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+              scope => "offline_access https://graph.microsoft.com/people.read"},
+            "Office 365 (Graph API) auth config")).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         get_status/1, init_state/1]).
+
+-export([get_office_365_auth_config/0, set_token_info/1]).
+
+-record(state, {name, channel, is_connected = true, access_token, api_url,
+                infos = [], key_prefix, fetch_url}).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/2, do_refresh/2, 
+         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
+         update_dst/3, report_status/3]).
+
+get_office_365_auth_config() ->
+    ?OFFICE_365_AUTH_CONFIG.
+
+get_token_info() ->
+    dperl_dal:read_channel(<<"avatar">>, ["office365","token"]).
+
+set_token_info(TokenInfo) when is_map(TokenInfo) ->
+    set_token_info(imem_json:encode(TokenInfo));
+set_token_info(TokenInfo) when is_binary(TokenInfo) ->
+    dperl_dal:create_check_channel(<<"avatar">>),
+    dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
+
+connect_check_src(#state{is_connected = true} = State) ->
+    {ok, State};
+connect_check_src(#state{is_connected = false} = State) ->
+    ?Info("Refreshing access token"),
+    #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
+      scope := Scope} = get_office_365_auth_config(),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(),
+    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope},
+                            "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
+                            "client_secret" => {enc, Secret}}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {{_, 200, "OK"}, _, TokenBody}} ->
+            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+            set_token_info(TokenBody),
+            #{<<"access_token">> := AccessToken} = TokenInfo,
+            {ok, State#state{access_token = AccessToken, is_connected = true}};
+        Error ->
+            ?JError("Unexpected response : ~p", [Error]),
+            {ok, State}
+    end.
+
+get_source_events(#state{infos = []} = State, _BulkSize) ->
+    {ok, sync_complete, State};
+get_source_events(#state{infos = Infos} = State, _BulkSize) ->
+    {ok, Infos, State#state{infos = []}}.
+
+connect_check_dst(State) -> {ok, State}.
+
+do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
+
+fetch_src({_Key, Value}, _State) -> Value.
+
+fetch_dst({Key, _}, State) ->
+    dperl_dal:read_channel(State#state.channel, Key).
+
+insert_dst(Key, Val, State) ->
+    update_dst(Key, Val, State).
+
+report_status(_Key, _Status, _State) -> no_op.
+
+do_cleanup(State, BlkCount) ->
+    case fetch_contacts(State, BlkCount) of
+        {ok, State1} ->
+            case State1#state.infos of
+                Infos when length(Infos) < BlkCount ->
+                    {ok, finish, State1};
+                _ ->
+                    {ok, State1}
+            end;
+        {error, unauthorized} ->
+            ?Info("Access token has been expired"),
+            {ok, State#state{is_connected = false}};
+        {error, Error} ->
+            {error, Error, State#state{is_connected = false}}
+    end.
+
+delete_dst(Key, #state{channel = Channel} = State) ->
+    ?JInfo("Deleting : ~p", [Key]),
+    dperl_dal:remove_from_channel(Channel, Key),
+    {false, State}.
+
+update_dst({Key, _}, Val, State) ->
+    update_dst(Key, Val, State);
+update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
+    dperl_dal:write_channel(Channel, Key, Val),
+    {false, State};
+update_dst(Key, Val, State) ->
+    update_dst(Key, imem_json:encode(Val), State).
+
+get_status(#state{}) -> #{}.
+
+init_state(_) -> #state{}.
+
+init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
+                srcArgs = #{api_url := ApiUrl} = SrcArgs}, State}) ->
+    % case dperl_auth_cache:get_enc_hash(Name) of
+    %     undefined ->
+    %         ?JError("Encryption hash is not avaialable"),
+    %         {stop, badarg};
+    %     {User, EncHash} ->
+            % ?JInfo("Starting with ~p's enchash...", [User]),
+            % imem_sec_mnesia:put_enc_hash(EncHash),
+    case get_token_info() of
+        #{<<"access_token">> := AccessToken} ->
+            ChannelBin = dperl_dal:to_binary(Channel),
+            KeyPrefix = maps:get(key_prefix, SrcArgs, []),
+            dperl_dal:create_check_channel(ChannelBin),
+            {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
+                             key_prefix = KeyPrefix, access_token = AccessToken}};
+        _ ->
+            ?JError("Access token not found"),
+            {stop, badarg}                    
+    end;
+init(Args) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(Request, State) ->
+    ?JWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, _State) ->
+    httpc:reset_cookies(?MODULE),
+    ?JInfo("terminate ~p", [Reason]).
+
+%% private functions
+
+fetch_contacts(#state{fetch_url = undefined} = State, BlkCount) ->
+    % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
+    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "displayName"}),
+    ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
+    fetch_contacts(State#state{fetch_url = ContactsUrl}, BlkCount);
+fetch_contacts(#state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State, _BlkCount) ->
+    case exec_req(FetchUrl, State#state.access_token) of
+        #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
+            {ok, State#state{fetch_url = NextLink, infos = format_contacts(Contacts, KeyPrefix)}};
+        #{<<"value">> := Contacts} ->
+            {ok, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
+        Error ->
+            Error
+end.
+
+format_contacts([], _) -> [];
+format_contacts([#{<<"displayName">> := NameBin} = Contact | Contacts], KeyPrefix) ->
+    Name = binary_to_list(NameBin),
+    Key = KeyPrefix ++ [Name],
+    [{Key, Contact} | format_contacts(Contacts, KeyPrefix)].
+
+exec_req(Url, AccessToken) when is_binary(Url) ->
+    exec_req(binary_to_list(Url), AccessToken);
+exec_req(Url, AccessToken) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+    case httpc:request(get, {Url, AuthHeader}, [], []) of
+        {ok, {{_, 200, "OK"}, _, Result}} ->
+            imem_json:decode(list_to_binary(Result), [return_maps]);
+        {ok, {{_, 401, _}, _, _}} ->
+            {error, unauthorized};
+        Error ->
+            {error, Error}
+    end.
+
+url_enc_params(Params) ->
+    EParams = maps:fold(
+        fun(K, {enc, V}, Acc) ->
+            ["&", K, "=", http_uri:encode(V) | Acc];
+           (K, V, Acc) ->
+            ["&", K, "=", V | Acc]
+        end, [], Params),
+    erlang:iolist_to_binary([tl(EParams)]).

From a230743d25d1584dce4f05a48a71ab0828c43048 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 19 May 2020 09:51:37 +0200
Subject: [PATCH 25/72] refactored office 365 login

---
 src/dderl_session.erl               | 39 ++++++-----------------------
 src/dperl/jobs/dperl_office_365.erl | 27 +++++++++++++++++++-
 2 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index d9af5e3e..d4ec6747 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -382,33 +382,17 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
 
 process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
-    URLState = http_uri:encode(State#state.xsrf_token),
-    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
-      scope := Scope} = dperl_office_365:get_office_365_auth_config(),
-    UrlParams = url_enc_params(#{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
-                                 "scope" => {enc, Scope}, "state" => URLState}),
-    FinalUrl = erlang:iolist_to_binary([Url, "&", UrlParams]),
-    reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => FinalUrl}}, self()),
+    Url = dperl_office_365:get_authorize_url(State#state.xsrf_token),
+    reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
-    #{<<"office_365_code">> := BodyJson} = jsx:decode(ReqData, [return_maps]),
-    #{<<"code">> := Code} = BodyJson,
-    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-      client_secret := Secret, grant_type := GrantType,
-      scope := Scope} = dperl_office_365:get_office_365_auth_config(),
-    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
-                            "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
-                            "client_secret" => {enc, Secret}}),
-    ContentType = "application/x-www-form-urlencoded",
-    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-        {ok, {_, _, TokenBody}} ->
-            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self()),
-            dperl_office_365:set_token_info(TokenInfo);
-        {error, Error} ->
-            ?Error("Fetching access token : ~p", [Error]),
+    #{<<"office_365_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
+    case dperl_office_365:get_access_token(Code) of
+        ok ->
+            reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self());
+        {error, _Error} ->
             reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
     end,
     State;
@@ -910,12 +894,3 @@ act_log(ReplyPid, LogLevel, Args, State) ->
                       logLevel => LogLevel,
                       isProxy => State#state.is_proxy}
                }.
-
-url_enc_params(Params) ->
-    EParams = maps:fold(
-        fun(K, {enc, V}, Acc) ->
-            ["&", K, "=", http_uri:encode(V) | Acc];
-           (K, V, Acc) ->
-            ["&", K, "=", V | Acc]
-        end, [], Params),
-    erlang:iolist_to_binary([tl(EParams)]).
\ No newline at end of file
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index f9588024..e99e33c6 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -17,7 +17,7 @@
 -export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
          get_status/1, init_state/1]).
 
--export([get_office_365_auth_config/0, set_token_info/1]).
+-export([get_authorize_url/1, get_access_token/1]).
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 infos = [], key_prefix, fetch_url}).
@@ -40,6 +40,31 @@ set_token_info(TokenInfo) when is_binary(TokenInfo) ->
     dperl_dal:create_check_channel(<<"avatar">>),
     dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
 
+get_authorize_url(XSRFToken) ->
+    URLState = http_uri:encode(XSRFToken),
+    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
+      scope := Scope} = get_office_365_auth_config(),
+    UrlParams = url_enc_params(#{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
+                                 "scope" => {enc, Scope}, "state" => URLState}),
+    erlang:iolist_to_binary([Url, "&", UrlParams]).
+
+get_access_token(Code) ->
+    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
+      client_secret := Secret, grant_type := GrantType,
+      scope := Scope} = get_office_365_auth_config(),
+    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
+                            "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
+                            "client_secret" => {enc, Secret}}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {_, _, TokenInfo}} ->
+            set_token_info(list_to_binary(TokenInfo)),
+            ok;
+        {error, Error} ->
+            ?Error("Fetching access token : ~p", [Error]),
+            {error, Error}
+    end.
+
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected = false} = State) ->

From 68777262f877ce4cbcd417cf0a159259e3523f19 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 19 May 2020 12:21:50 +0200
Subject: [PATCH 26/72] using id in the key

---
 src/dperl/jobs/dperl_office_365.erl | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index e99e33c6..c6b55bb4 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -109,12 +109,9 @@ report_status(_Key, _Status, _State) -> no_op.
 do_cleanup(State, BlkCount) ->
     case fetch_contacts(State, BlkCount) of
         {ok, State1} ->
-            case State1#state.infos of
-                Infos when length(Infos) < BlkCount ->
-                    {ok, finish, State1};
-                _ ->
-                    {ok, State1}
-            end;
+            {ok, State1};
+        {ok, finish, State1} ->
+            {ok, finish, State1};
         {error, unauthorized} ->
             ?Info("Access token has been expired"),
             {ok, State#state{is_connected = false}};
@@ -191,15 +188,15 @@ fetch_contacts(#state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State, _Bl
         #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
             {ok, State#state{fetch_url = NextLink, infos = format_contacts(Contacts, KeyPrefix)}};
         #{<<"value">> := Contacts} ->
-            {ok, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
+            {ok, finish, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
         Error ->
             Error
 end.
 
 format_contacts([], _) -> [];
-format_contacts([#{<<"displayName">> := NameBin} = Contact | Contacts], KeyPrefix) ->
-    Name = binary_to_list(NameBin),
-    Key = KeyPrefix ++ [Name],
+format_contacts([#{<<"id">> := IdBin} = Contact | Contacts], KeyPrefix) ->
+    Id = binary_to_list(IdBin),
+    Key = KeyPrefix ++ [Id],
     [{Key, Contact} | format_contacts(Contacts, KeyPrefix)].
 
 exec_req(Url, AccessToken) when is_binary(Url) ->

From adef50867dfab07bad928b8ec218b06aaf31db5f Mon Sep 17 00:00:00 2001
From: Shamis Shukoor <shamis657@gmail.com>
Date: Wed, 20 May 2020 12:59:42 +0200
Subject: [PATCH 27/72] set_token_info for list

---
 src/dperl/jobs/dperl_office_365.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index c6b55bb4..af4842ac 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -36,6 +36,8 @@ get_token_info() ->
 
 set_token_info(TokenInfo) when is_map(TokenInfo) ->
     set_token_info(imem_json:encode(TokenInfo));
+set_token_info(TokenInfo) when is_list(TokenInfo) ->
+    set_token_info(list_to_binary(TokenInfo));
 set_token_info(TokenInfo) when is_binary(TokenInfo) ->
     dperl_dal:create_check_channel(<<"avatar">>),
     dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
@@ -58,7 +60,7 @@ get_access_token(Code) ->
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {_, _, TokenInfo}} ->
-            set_token_info(list_to_binary(TokenInfo)),
+            set_token_info(TokenInfo),
             ok;
         {error, Error} ->
             ?Error("Fetching access token : ~p", [Error]),

From 61ffa66710433dc63aa9443ab829feedcda2f6ac Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 20 May 2020 17:09:25 +0200
Subject: [PATCH 28/72] cleanup WIP

---
 src/dperl/dperl_strategy_scr.erl    | 44 +++++++++-----
 src/dperl/jobs/dperl_office_365.erl | 89 ++++++++++++++++++++---------
 2 files changed, 92 insertions(+), 41 deletions(-)

diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index da45ec4f..36b55313 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -250,8 +250,8 @@ execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
                 true ->
                     #{minKey := MinKey, maxKey := MaxKey,
                       lastKey := LastKey} = CleanupState,
-                    #{deletes := Deletes, inserts := Inserts, 
-                      differences := Diffs, lastKey := NextLastKey} =
+                    {#{deletes := Deletes, inserts := Inserts, 
+                       differences := Diffs, lastKey := NextLastKey}, State2} =
                     cleanup_refresh_collect(
                       Mod,
                       #cleanup_ctx{minKey = MinKey, maxKey = MaxKey,
@@ -279,8 +279,8 @@ execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
                     cleanup_log("Missing", Inserts),
                     cleanup_log("Difference", Diffs),
                     case erlang:function_exported(Mod, do_cleanup, 5) of
-                        true ->  [Deletes, Inserts, Diffs, NextLastKey == MinKey, State1];
-                        false -> [Deletes, Inserts, NextLastKey == MinKey, State1]
+                        true ->  [Deletes, Inserts, Diffs, NextLastKey == MinKey, State2];
+                        false -> [Deletes, Inserts, NextLastKey == MinKey, State2]
                     end
             end,
             case apply(Mod, do_cleanup, DoCleanupArgs) of
@@ -635,11 +635,27 @@ cleanup_refresh_collect(Mod,
                  LastKey >= MaxKey -> MinKey;  % out of key bounds by re-config
                  true -> LastKey
              end,
-    SrcKeys = Mod:load_src_after_key(CurKey, BulkCnt, State),
-    DstKeys = Mod:load_dst_after_key(CurKey, BulkCnt, State),
-    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{
+    {SrcKeys, State2} = 
+    case Mod:load_src_after_key(CurKey, BulkCnt, State) of
+        {ok, SKeys, State1} -> {SKeys, State1};
+        {error, Error, State1} ->
+            ?JError("cleanup failed at load_src_after_key : ~p", [Error]),
+            dperl_dal:job_error(<<"cleanup">>, <<"load_src_after_key">>, Error),
+            error({step_failed, State1});
+        SKeys -> {SKeys, State}
+    end,
+    {DstKeys, State4} =
+    case Mod:load_dst_after_key(CurKey, BulkCnt, State2) of
+        {ok, DKeys, State3} -> {DKeys, State3};
+        {error, Error1, State3} ->
+            ?JError("cleanup failed at load_dst_after_key : ~p", [Error1]),
+            dperl_dal:job_error(<<"cleanup">>, <<"load_dst_after_key">>, Error1),
+            error({step_failed, State3});
+        DKeys -> {DKeys, State2}
+    end,
+    {cleanup_refresh_compare(CleanupCtx#cleanup_ctx{
         srcKeys = SrcKeys, srcCount = length(SrcKeys),
-        dstKeys = DstKeys, dstCount = length(DstKeys), lastKey = CurKey}).
+        dstKeys = DstKeys, dstCount = length(DstKeys), lastKey = CurKey}), State4}.
 
 -spec cleanup_refresh_compare(#cleanup_ctx{}) -> #{deletes => list(), differences => list(), inserts => list(), lastKey => any()}.
 cleanup_refresh_compare(#cleanup_ctx{
@@ -734,7 +750,7 @@ cleanup_refresh_compare_test() ->
     SrcKeys = lists:usort([rand:uniform(3000) || _ <- lists:seq(1, SrcCount)]),
     DstCount = rand:uniform(1000),
     DstKeys = lists:usort([rand:uniform(3000) || _ <- lists:seq(1, DstCount)]),
-    #{deletes := Dels, inserts := Ins} =
+    {#{deletes := Dels, inserts := Ins}, _} =
     cleanup_refresh_collect(?MODULE,
                 #cleanup_ctx{minKey = -1, maxKey = <<255>>,
                              lastKey = 0, bulkCount = BulkCnt},
@@ -781,7 +797,7 @@ complete_cleanup_refresh(AllSrcKeys, AllDstKeys, BulkCnt) ->
 
 cleanup_refresh_loop(_, -1, _, Acc) -> Acc;
 cleanup_refresh_loop(Ctx, CurKey, AllKeys, Acc) ->
-    #{deletes := Dels, differences := Diffs, inserts := Ins, lastKey := LastKey} = 
+    {#{deletes := Dels, differences := Diffs, inserts := Ins, lastKey := LastKey}, _} = 
     cleanup_refresh_collect(?MODULE, Ctx#cleanup_ctx{lastKey = CurKey}, AllKeys),
     NewAcc = Acc#{deletes => Dels ++ maps:get(deletes, Acc, []), 
                   differences => Diffs ++ maps:get(differences, Acc, []),
@@ -846,7 +862,7 @@ cleanup_refresh_boundary_test() ->
 cleanup_refresh_only_dels_test() ->
     AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
     DeleteKeys = [{6000, 6}, {7000, 7}, {8000, 8}],
-    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys, AllKeys ++ DeleteKeys, 2000),
+    {#{inserts := Ins, deletes := Dels, differences := Diffs}, _} = complete_cleanup_refresh(AllKeys, AllKeys ++ DeleteKeys, 2000),
     ?assertEqual([], Diffs),
     ?assertEqual([], Ins),
     ?assertEqual([6000, 7000, 8000], Dels).    
@@ -854,14 +870,14 @@ cleanup_refresh_only_dels_test() ->
 cleanup_refresh_only_ins_test() ->
     AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
     InsertKeys = [{6000, 6}, {7000, 7}, {8000, 8}],
-    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys ++ InsertKeys, AllKeys, 2000),
+    {#{inserts := Ins, deletes := Dels, differences := Diffs}, _} = complete_cleanup_refresh(AllKeys ++ InsertKeys, AllKeys, 2000),
     ?assertEqual([], Diffs),
     ?assertEqual([6000, 7000, 8000], Ins),
     ?assertEqual([], Dels). 
 
 cleanup_refresh_no_op_test() ->
     AllKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), rand:uniform(5000)} || _ <- lists:seq(1, 2000)]))),
-    #{inserts := Ins, deletes := Dels, differences := Diffs} = complete_cleanup_refresh(AllKeys, AllKeys, 2000),
+    {#{inserts := Ins, deletes := Dels, differences := Diffs}, _} = complete_cleanup_refresh(AllKeys, AllKeys, 2000),
     ?assertEqual([], Diffs),
     ?assertEqual([], Ins),
     ?assertEqual([], Dels).
@@ -869,7 +885,7 @@ cleanup_refresh_no_op_test() ->
 cleanup_refresh_no_diff_test() ->
     AllSrcKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), 1} || _ <- lists:seq(1, 2000)]))),
     AllDstKeys = lists:sort(maps:to_list(maps:from_list([{rand:uniform(5000), 1} || _ <- lists:seq(1, 2000)]))),
-    #{differences := Diffs} = complete_cleanup_refresh(AllSrcKeys, AllDstKeys, 2000),
+    {#{differences := Diffs}, _} = complete_cleanup_refresh(AllSrcKeys, AllDstKeys, 2000),
     ?assertEqual([], Diffs).
 
 -endif.
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index c6b55bb4..abe64a32 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -24,7 +24,7 @@
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
-         do_cleanup/2, do_refresh/2, 
+         do_cleanup/5, do_refresh/2, load_src_after_key/3, load_dst_after_key/3,
          fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
          update_dst/3, report_status/3]).
 
@@ -36,6 +36,8 @@ get_token_info() ->
 
 set_token_info(TokenInfo) when is_map(TokenInfo) ->
     set_token_info(imem_json:encode(TokenInfo));
+set_token_info(TokenInfo) when is_list(TokenInfo) ->
+    set_token_info(list_to_binary(TokenInfo));
 set_token_info(TokenInfo) when is_binary(TokenInfo) ->
     dperl_dal:create_check_channel(<<"avatar">>),
     dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
@@ -58,7 +60,7 @@ get_access_token(Code) ->
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {_, _, TokenInfo}} ->
-            set_token_info(list_to_binary(TokenInfo)),
+            set_token_info(TokenInfo),
             ok;
         {error, Error} ->
             ?Error("Fetching access token : ~p", [Error]),
@@ -96,9 +98,15 @@ connect_check_dst(State) -> {ok, State}.
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
-fetch_src({_Key, Value}, _State) -> Value.
+fetch_src(Key, #state{api_url = ApiUrl} = State) ->
+    Id = Key -- State#state.key_prefix,
+    FetchUrl = erlang:iolist_to_binary([ApiUrl, Id]),
+    case exec_req(FetchUrl, State#state.access_token) of
+        Value when is_map(Value) -> Value;
+        {error, Error} -> {error, Error, State}
+    end.
 
-fetch_dst({Key, _}, State) ->
+fetch_dst(Key, State) ->
     dperl_dal:read_channel(State#state.channel, Key).
 
 insert_dst(Key, Val, State) ->
@@ -106,19 +114,46 @@ insert_dst(Key, Val, State) ->
 
 report_status(_Key, _Status, _State) -> no_op.
 
-do_cleanup(State, BlkCount) ->
-    case fetch_contacts(State, BlkCount) of
-        {ok, State1} ->
-            {ok, State1};
-        {ok, finish, State1} ->
-            {ok, finish, State1};
+load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
+    dperl_dal:read_gt(Channel, CurKey, BlkCount).
+
+load_src_after_key(CurKey, BlkCount, #state{fetch_url = undefined} = State) ->
+    % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
+    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "id"}),
+    ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
+    load_src_after_key(CurKey, BlkCount, State#state{fetch_url = ContactsUrl});
+load_src_after_key(_CurKey, _BlkCount, #state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State) ->
+    case exec_req(FetchUrl, State#state.access_token) of
+        #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
+            {ok, format_contacts(Contacts, KeyPrefix), State#state{fetch_url = NextLink}};
+        #{<<"value">> := Contacts} ->
+            {ok, format_contacts(Contacts, KeyPrefix), State#state{fetch_url = undefined}};
         {error, unauthorized} ->
-            ?Info("Access token has been expired"),
-            {ok, State#state{is_connected = false}};
+            {error, unauthorized, State#state{is_connected = false}};
         {error, Error} ->
-            {error, Error, State#state{is_connected = false}}
+            {error, Error, State}
+    end.
+
+do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
+    NewState = State#state{infos = Inserts ++ Diffs ++ Deletes},
+    if IsFinished -> {ok, finish, NewState};
+       true -> {ok, NewState}
     end.
 
+
+% do_cleanup(State, BlkCount) ->
+%     case fetch_contacts(State, BlkCount) of
+%         {ok, State1} ->
+%             {ok, State1};
+%         {ok, finish, State1} ->
+%             {ok, finish, State1};
+%         {error, unauthorized} ->
+%             ?Info("Access token has been expired"),
+%             {ok, State#state{is_connected = false}};
+%         {error, Error} ->
+%             {error, Error, State#state{is_connected = false}}
+%     end.
+
 delete_dst(Key, #state{channel = Channel} = State) ->
     ?JInfo("Deleting : ~p", [Key]),
     dperl_dal:remove_from_channel(Channel, Key),
@@ -178,20 +213,20 @@ terminate(Reason, _State) ->
 
 %% private functions
 
-fetch_contacts(#state{fetch_url = undefined} = State, BlkCount) ->
-    % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
-    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "displayName"}),
-    ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
-    fetch_contacts(State#state{fetch_url = ContactsUrl}, BlkCount);
-fetch_contacts(#state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State, _BlkCount) ->
-    case exec_req(FetchUrl, State#state.access_token) of
-        #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
-            {ok, State#state{fetch_url = NextLink, infos = format_contacts(Contacts, KeyPrefix)}};
-        #{<<"value">> := Contacts} ->
-            {ok, finish, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
-        Error ->
-            Error
-end.
+% fetch_contacts(#state{fetch_url = undefined} = State, BlkCount) ->
+%     % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
+%     UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "displayName"}),
+%     ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
+%     fetch_contacts(State#state{fetch_url = ContactsUrl}, BlkCount);
+% fetch_contacts(#state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State, _BlkCount) ->
+%     case exec_req(FetchUrl, State#state.access_token) of
+%         #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
+%             {ok, State#state{fetch_url = NextLink, infos = format_contacts(Contacts, KeyPrefix)}};
+%         #{<<"value">> := Contacts} ->
+%             {ok, finish, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
+%         Error ->
+%             Error
+% end.
 
 format_contacts([], _) -> [];
 format_contacts([#{<<"id">> := IdBin} = Contact | Contacts], KeyPrefix) ->

From 401e278c53a0d94c2ae33b7ed2f1d407d6417ff2 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 21 May 2020 13:35:45 +0200
Subject: [PATCH 29/72] contacts cleanup implemented

---
 src/dperl/jobs/dperl_office_365.erl | 98 ++++++++++++++---------------
 1 file changed, 48 insertions(+), 50 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index abe64a32..fef40b22 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -20,7 +20,7 @@
 -export([get_authorize_url/1, get_access_token/1]).
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
-                infos = [], key_prefix, fetch_url}).
+                contacts = [], key_prefix, fetch_url, cl_contacts = []}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -89,21 +89,19 @@ connect_check_src(#state{is_connected = false} = State) ->
             {ok, State}
     end.
 
-get_source_events(#state{infos = []} = State, _BulkSize) ->
+get_source_events(#state{contacts = []} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{infos = Infos} = State, _BulkSize) ->
-    {ok, Infos, State#state{infos = []}}.
+get_source_events(#state{contacts = Contacts} = State, _BulkSize) ->
+    {ok, Contacts, State#state{contacts = []}}.
 
 connect_check_dst(State) -> {ok, State}.
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
-fetch_src(Key, #state{api_url = ApiUrl} = State) ->
-    Id = Key -- State#state.key_prefix,
-    FetchUrl = erlang:iolist_to_binary([ApiUrl, Id]),
-    case exec_req(FetchUrl, State#state.access_token) of
-        Value when is_map(Value) -> Value;
-        {error, Error} -> {error, Error, State}
+fetch_src(Key, #state{cl_contacts = Contacts}) ->
+    case lists:keyfind(Key, 1, Contacts) of
+        {Key, Contact} -> Contact;
+        false -> ?NOT_FOUND
     end.
 
 fetch_dst(Key, State) ->
@@ -119,43 +117,30 @@ load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
 
 load_src_after_key(CurKey, BlkCount, #state{fetch_url = undefined} = State) ->
     % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
-    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "id"}),
+    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
     ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
     load_src_after_key(CurKey, BlkCount, State#state{fetch_url = ContactsUrl});
-load_src_after_key(_CurKey, _BlkCount, #state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State) ->
-    case exec_req(FetchUrl, State#state.access_token) of
-        #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
-            {ok, format_contacts(Contacts, KeyPrefix), State#state{fetch_url = NextLink}};
-        #{<<"value">> := Contacts} ->
-            {ok, format_contacts(Contacts, KeyPrefix), State#state{fetch_url = undefined}};
+load_src_after_key(CurKey, BlkCount, #state{cl_contacts = [], key_prefix = KeyPrefix,
+                                            access_token = AccessToken, fetch_url = FetchUrl} = State) ->
+    % fetch all contacts
+    case fetch_all_contacts(FetchUrl, AccessToken, KeyPrefix) of
+        {ok, Contacts} ->
+            load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts});
         {error, unauthorized} ->
             {error, unauthorized, State#state{is_connected = false}};
         {error, Error} ->
             {error, Error, State}
-    end.
+    end;
+load_src_after_key(CurKey, BlkCount, #state{cl_contacts = Contacts} = State) ->
+    {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
 
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
-    NewState = State#state{infos = Inserts ++ Diffs ++ Deletes},
-    if IsFinished -> {ok, finish, NewState};
+    NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
+    if IsFinished -> {ok, finish, NewState#state{cl_contacts = []}};
        true -> {ok, NewState}
     end.
 
-
-% do_cleanup(State, BlkCount) ->
-%     case fetch_contacts(State, BlkCount) of
-%         {ok, State1} ->
-%             {ok, State1};
-%         {ok, finish, State1} ->
-%             {ok, finish, State1};
-%         {error, unauthorized} ->
-%             ?Info("Access token has been expired"),
-%             {ok, State#state{is_connected = false}};
-%         {error, Error} ->
-%             {error, Error, State#state{is_connected = false}}
-%     end.
-
 delete_dst(Key, #state{channel = Channel} = State) ->
-    ?JInfo("Deleting : ~p", [Key]),
     dperl_dal:remove_from_channel(Channel, Key),
     {false, State}.
 
@@ -213,27 +198,40 @@ terminate(Reason, _State) ->
 
 %% private functions
 
-% fetch_contacts(#state{fetch_url = undefined} = State, BlkCount) ->
-%     % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
-%     UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount), "$orderby" => "displayName"}),
-%     ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
-%     fetch_contacts(State#state{fetch_url = ContactsUrl}, BlkCount);
-% fetch_contacts(#state{fetch_url = FetchUrl, key_prefix = KeyPrefix} = State, _BlkCount) ->
-%     case exec_req(FetchUrl, State#state.access_token) of
-%         #{<<"@odata.nextLink">> := NextLink, <<"value">> := Contacts} ->
-%             {ok, State#state{fetch_url = NextLink, infos = format_contacts(Contacts, KeyPrefix)}};
-%         #{<<"value">> := Contacts} ->
-%             {ok, finish, State#state{fetch_url = undefined, infos = format_contacts(Contacts, KeyPrefix)}};
-%         Error ->
-%             Error
-% end.
-
 format_contacts([], _) -> [];
 format_contacts([#{<<"id">> := IdBin} = Contact | Contacts], KeyPrefix) ->
     Id = binary_to_list(IdBin),
     Key = KeyPrefix ++ [Id],
     [{Key, Contact} | format_contacts(Contacts, KeyPrefix)].
 
+fetch_all_contacts(Url, AccessToken, KeyPrefix) ->
+    fetch_all_contacts(Url, AccessToken, KeyPrefix, []).
+
+fetch_all_contacts(Url, AccessToken, KeyPrefix, AccContacts) ->
+    ?JTrace("Fetching contacts with url : ~s", [Url]),
+    ?JTrace("Fetched contacts : ~p", [length(AccContacts)]),
+    case exec_req(Url, AccessToken) of
+        #{<<"@odata.nextLink">> := NextUrl, <<"value">> := Contacts} ->
+            FContacts = format_contacts(Contacts, KeyPrefix),
+            fetch_all_contacts(NextUrl, AccessToken, KeyPrefix, lists:append(FContacts, AccContacts));
+        #{<<"value">> := Contacts} ->
+            FContacts = format_contacts(Contacts, KeyPrefix),
+            {ok, lists:keysort(1, lists:append(FContacts, AccContacts))};
+        {error, Error} ->
+            {error, Error}
+    end.
+
+get_contacts_gt(CurKey, BlkCount, Contacts) ->
+    get_contacts_gt(CurKey, BlkCount, Contacts, []).
+    
+get_contacts_gt(_CurKey, _BlkCount, [], Acc) -> lists:reverse(Acc);
+get_contacts_gt(_CurKey, BlkCount, _Contacts, Acc) when length(Acc) == BlkCount ->
+    lists:reverse(Acc);
+get_contacts_gt(CurKey, BlkCount, [{Key, _} | Contacts], Acc) when Key =< CurKey ->
+    get_contacts_gt(CurKey, BlkCount, Contacts, Acc);
+get_contacts_gt(CurKey, BlkCount, [Contact | Contacts], Acc) ->
+    get_contacts_gt(CurKey, BlkCount, Contacts, [Contact | Acc]).
+
 exec_req(Url, AccessToken) when is_binary(Url) ->
     exec_req(binary_to_list(Url), AccessToken);
 exec_req(Url, AccessToken) ->

From be61400ddf024fe9f7022380d59892a65ccc07b5 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 21 May 2020 13:37:06 +0200
Subject: [PATCH 30/72] passing the new record

---
 src/dperl/dperl_auth_cache.erl | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/dperl/dperl_auth_cache.erl b/src/dperl/dperl_auth_cache.erl
index 221d5647..efc1e878 100644
--- a/src/dperl/dperl_auth_cache.erl
+++ b/src/dperl/dperl_auth_cache.erl
@@ -2,6 +2,8 @@
 
 -behaviour(gen_server).
 
+-include("dperl.hrl").
+
 -export([start_link/0,
          set_enc_hash/3,
          get_enc_hash/1,
@@ -21,8 +23,10 @@ start_link() ->
 init([]) ->
     {ok, #{}}.
 
-handle_call({setEncHash, JobOrServiceName, User, EncHash}, _From, State) ->
-    {reply, ok, State#{JobOrServiceName => {User, EncHash}}};
+handle_call({setEncHash, #dperlJob{name = JobName}, User, EncHash}, _From, State) ->
+    {reply, ok, State#{JobName => {User, EncHash}}};
+handle_call({setEncHash, #dperlService{name = ServiceName}, User, EncHash}, _From, State) ->
+    {reply, ok, State#{ServiceName => {User, EncHash}}};
 handle_call({getEncHash, JobOrServiceName}, _From, State) ->
     case State of
         #{JobOrServiceName := {User, EncHash}} ->

From 217df1bba0b80e23806a668f8d3bb8e3805594df Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 22 May 2020 10:06:21 +0200
Subject: [PATCH 31/72] cleanup flag added

---
 src/dperl/jobs/dperl_office_365.erl | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index fef40b22..e2bcc754 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -20,7 +20,8 @@
 -export([get_authorize_url/1, get_access_token/1]).
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
-                contacts = [], key_prefix, fetch_url, cl_contacts = []}).
+                contacts = [], key_prefix, fetch_url, cl_contacts = [],
+                is_cleanup_finished = true}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -120,12 +121,12 @@ load_src_after_key(CurKey, BlkCount, #state{fetch_url = undefined} = State) ->
     UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
     ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
     load_src_after_key(CurKey, BlkCount, State#state{fetch_url = ContactsUrl});
-load_src_after_key(CurKey, BlkCount, #state{cl_contacts = [], key_prefix = KeyPrefix,
+load_src_after_key(CurKey, BlkCount, #state{is_cleanup_finished = true, key_prefix = KeyPrefix,
                                             access_token = AccessToken, fetch_url = FetchUrl} = State) ->
     % fetch all contacts
     case fetch_all_contacts(FetchUrl, AccessToken, KeyPrefix) of
         {ok, Contacts} ->
-            load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts});
+            load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts, is_cleanup_finished = false});
         {error, unauthorized} ->
             {error, unauthorized, State#state{is_connected = false}};
         {error, Error} ->
@@ -136,7 +137,7 @@ load_src_after_key(CurKey, BlkCount, #state{cl_contacts = Contacts} = State) ->
 
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
     NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
-    if IsFinished -> {ok, finish, NewState#state{cl_contacts = []}};
+    if IsFinished -> {ok, finish, NewState#state{is_cleanup_finished = true}};
        true -> {ok, NewState}
     end.
 

From 8036a9ae6a8b01ce9fbb9aa326238cf59e4662b9 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 22 May 2020 10:56:46 +0200
Subject: [PATCH 32/72] refreshing access token silently

---
 src/dperl/jobs/dperl_office_365.erl | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index e2bcc754..d62efe43 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -71,7 +71,7 @@ get_access_token(Code) ->
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected = false} = State) ->
-    ?Info("Refreshing access token"),
+    ?JTrace("Refreshing access token"),
     #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
       scope := Scope} = get_office_365_auth_config(),
     #{<<"refresh_token">> := RefreshToken} = get_token_info(),
@@ -84,10 +84,11 @@ connect_check_src(#state{is_connected = false} = State) ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
             set_token_info(TokenBody),
             #{<<"access_token">> := AccessToken} = TokenInfo,
+            ?JInfo("new access token fetched"),
             {ok, State#state{access_token = AccessToken, is_connected = true}};
         Error ->
             ?JError("Unexpected response : ~p", [Error]),
-            {ok, State}
+            {error, Error, State}
     end.
 
 get_source_events(#state{contacts = []} = State, _BulkSize) ->
@@ -128,7 +129,12 @@ load_src_after_key(CurKey, BlkCount, #state{is_cleanup_finished = true, key_pref
         {ok, Contacts} ->
             load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts, is_cleanup_finished = false});
         {error, unauthorized} ->
-            {error, unauthorized, State#state{is_connected = false}};
+            case connect_check_src(State#state{is_connected = false}) of
+                {ok, State1} ->
+                    load_src_after_key(CurKey, BlkCount, State1);
+                {error, Error, State1} ->
+                    {error, Error, State1}
+            end;
         {error, Error} ->
             {error, Error, State}
     end;

From 497375272508d47444a153947afdcd2de24c21c7 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 22 May 2020 13:35:25 +0200
Subject: [PATCH 33/72] write to push_channel

---
 src/dperl/jobs/dperl_office_365.erl | 35 ++++++++++++++++-------------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index d62efe43..b0861e94 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -21,7 +21,7 @@
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 contacts = [], key_prefix, fetch_url, cl_contacts = [],
-                is_cleanup_finished = true}).
+                is_cleanup_finished = true, push_channel, type = pull}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -112,6 +112,20 @@ fetch_dst(Key, State) ->
 insert_dst(Key, Val, State) ->
     update_dst(Key, Val, State).
 
+delete_dst(Key, #state{channel = Channel} = State) ->
+    dperl_dal:remove_from_channel(Channel, Key),
+    dperl_dal:remove_from_channel(State#state.push_channel, Key),
+    {false, State}.
+
+update_dst({Key, _}, Val, State) ->
+    update_dst(Key, Val, State);
+update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
+    dperl_dal:write_channel(Channel, Key, Val),
+    dperl_dal:write_channel(State#state.push_channel, Key, Val),
+    {false, State};
+update_dst(Key, Val, State) ->
+    update_dst(Key, imem_json:encode(Val), State).
+
 report_status(_Key, _Status, _State) -> no_op.
 
 load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
@@ -147,23 +161,11 @@ do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
        true -> {ok, NewState}
     end.
 
-delete_dst(Key, #state{channel = Channel} = State) ->
-    dperl_dal:remove_from_channel(Channel, Key),
-    {false, State}.
-
-update_dst({Key, _}, Val, State) ->
-    update_dst(Key, Val, State);
-update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
-    dperl_dal:write_channel(Channel, Key, Val),
-    {false, State};
-update_dst(Key, Val, State) ->
-    update_dst(Key, imem_json:encode(Val), State).
-
 get_status(#state{}) -> #{}.
 
 init_state(_) -> #state{}.
 
-init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
+init({#dperlJob{name=Name, dstArgs = #{channel := Channel, push_channel := PChannel},
                 srcArgs = #{api_url := ApiUrl} = SrcArgs}, State}) ->
     % case dperl_auth_cache:get_enc_hash(Name) of
     %     undefined ->
@@ -175,10 +177,13 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
     case get_token_info() of
         #{<<"access_token">> := AccessToken} ->
             ChannelBin = dperl_dal:to_binary(Channel),
+            PChannelBin = dperl_dal:to_binary(PChannel),
             KeyPrefix = maps:get(key_prefix, SrcArgs, []),
             dperl_dal:create_check_channel(ChannelBin),
+            dperl_dal:create_check_channel(PChannelBin),
             {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
-                             key_prefix = KeyPrefix, access_token = AccessToken}};
+                             key_prefix = KeyPrefix, access_token = AccessToken,
+                             push_channel = PChannelBin}};
         _ ->
             ?JError("Access token not found"),
             {stop, badarg}                    

From 36845c0efa93f3cc47af472e6b49113feeb7856b Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 22 May 2020 15:36:44 +0200
Subject: [PATCH 34/72] error handling and formatted code

---
 priv/dev/static/scripts/login.js | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index 85b8c898..982a7cfc 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -30,8 +30,15 @@ const state = url.searchParams.get('state');
 if(code) {
     dderlState.xsrfToken = state;
     const body = { 'office_365_code': { 'code': code, 'state': state } };
-    ajaxCall(null, 'office_365_code', body, 'office_365_code', function () { window.close(); },
-        function () { alert('error!!!!'); });
+    ajaxCall(null, 'office_365_code', body, 'office_365_code',
+        function () {
+            window.close();
+        },
+        function (error) {
+            alert('Error fetching access token : ' + error);
+            console.log('Error fetching access token', error);
+            window.close();
+        });
 } else {
     const error = url.searchParams.get('error');
     const errorDesc = url.searchParams.get('error_description');
@@ -419,7 +426,7 @@ export function change_login_password(loggedInUser, shouldConnect) {
 }
 
 export function authorize_office() {
-    ajaxCall(null, 'office_365_auth_config', {}, 'office_365_auth_config', function(auth_config) {
+    ajaxCall(null, 'office_365_auth_config', {}, 'office_365_auth_config', function (auth_config) {
         const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=600,left=100,top=100';
         window.open(auth_config.url, 'Office 365 login', params);
     });

From 29cbefa9ceb2e6b1d4a5de5e42764020cd3e8fec Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Fri, 22 May 2020 19:02:58 +0200
Subject: [PATCH 35/72] push type job implemented

---
 src/dperl/jobs/dperl_office_365.erl | 114 +++++++++++++++++++++++++---
 1 file changed, 102 insertions(+), 12 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index b0861e94..22127be7 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -21,7 +21,8 @@
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 contacts = [], key_prefix, fetch_url, cl_contacts = [],
-                is_cleanup_finished = true, push_channel, type = pull}).
+                is_cleanup_finished = true, push_channel, type = pull,
+                audit_start_time = {0,0}, first_sync = true}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -91,6 +92,21 @@ connect_check_src(#state{is_connected = false} = State) ->
             {error, Error, State}
     end.
 
+get_source_events(#state{audit_start_time = LastStartTime, type = push,
+                         push_channel = PChannel} = State, BulkSize) ->
+    case dperl_dal:read_audit_keys(PChannel, LastStartTime, BulkSize) of
+        {LastStartTime, LastStartTime, []} ->
+            if State#state.first_sync == true -> 
+                    ?JInfo("Audit rollup is complete"),
+                    {ok, sync_complete, State#state{first_sync = false}};
+                true -> {ok, sync_complete, State}
+            end;
+        {_StartTime, NextStartTime, []} ->
+            {ok, [], State#state{audit_start_time = NextStartTime}};
+        {_StartTime, NextStartTime, Keys} ->
+            UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
+            {ok, UniqueKeys, State#state{audit_start_time = NextStartTime}}
+    end;
 get_source_events(#state{contacts = []} = State, _BulkSize) ->
     {ok, sync_complete, State};
 get_source_events(#state{contacts = Contacts} = State, _BulkSize) ->
@@ -100,25 +116,72 @@ connect_check_dst(State) -> {ok, State}.
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
-fetch_src(Key, #state{cl_contacts = Contacts}) ->
+fetch_src(Key, #state{type = push} = State) ->
+    dperl_dal:read_channel(State#state.push_channel, Key);
+fetch_src(Key, #state{cl_contacts = Contacts, type = pull}) ->
     case lists:keyfind(Key, 1, Contacts) of
         {Key, Contact} -> Contact;
         false -> ?NOT_FOUND
     end.
 
+fetch_dst(Key, #state{type = push, api_url = ApiUrl} = State) ->
+    Id = Key -- State#state.key_prefix,
+    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
+    case exec_req(ContactUrl, State#state.access_token) of
+        #{<<"id">> := _} = Contact -> Contact;
+        _ -> ?NOT_FOUND
+    end; 
 fetch_dst(Key, State) ->
     dperl_dal:read_channel(State#state.channel, Key).
 
+insert_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
+    case exec_req(ApiUrl, State#state.access_token, Val, post) of
+        #{<<"id">> := Id} = Contact ->
+            NewKey = State#state.key_prefix ++ [binary_to_list(Id)],
+            ContactBin = imem_json:encode(Contact),
+            dperl_dal:remove_from_channel(State#state.push_channel, Key),
+            dperl_dal:write_channel(State#state.channel, NewKey, ContactBin),
+            dperl_dal:write_channel(State#state.push_channel, NewKey, ContactBin),
+            {false, State};
+        {error, unauthorized} ->
+            reconnect_exec(State, insert_dst, [Key, Val]);
+        {error, Error} ->
+            {error, Error}
+    end;
 insert_dst(Key, Val, State) ->
     update_dst(Key, Val, State).
 
+delete_dst(Key, #state{type = push, api_url = ApiUrl} = State) ->
+    Id = Key -- State#state.key_prefix,
+    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
+    case exec_req(ContactUrl, State#state.access_token, #{}, delete) of
+        ok ->
+            dperl_dal:remove_from_channel(State#state.channel, Key),
+            {false, State};
+        {error, unauthorized} ->
+            reconnect_exec(State, delete_dst, [Key]);
+        Error ->
+            Error
+    end;
 delete_dst(Key, #state{channel = Channel} = State) ->
     dperl_dal:remove_from_channel(Channel, Key),
     dperl_dal:remove_from_channel(State#state.push_channel, Key),
     {false, State}.
 
-update_dst({Key, _}, Val, State) ->
-    update_dst(Key, Val, State);
+update_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
+    Id = Key -- State#state.key_prefix,
+    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
+    case exec_req(ContactUrl, State#state.access_token, Val, patch) of
+        #{<<"id">> := _} = Contact ->
+            ContactBin = imem_json:encode(Contact),
+            dperl_dal:write_channel(State#state.channel, Key, ContactBin),
+            dperl_dal:write_channel(State#state.push_channel, Key, ContactBin),
+            {false, State};
+        {error, unauthorized} ->
+            reconnect_exec(State, update_dst, [Key, Val]);
+        {error, Error} ->
+            {error, Error}
+    end;
 update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
     dperl_dal:write_channel(Channel, Key, Val),
     dperl_dal:write_channel(State#state.push_channel, Key, Val),
@@ -143,18 +206,21 @@ load_src_after_key(CurKey, BlkCount, #state{is_cleanup_finished = true, key_pref
         {ok, Contacts} ->
             load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts, is_cleanup_finished = false});
         {error, unauthorized} ->
-            case connect_check_src(State#state{is_connected = false}) of
-                {ok, State1} ->
-                    load_src_after_key(CurKey, BlkCount, State1);
-                {error, Error, State1} ->
-                    {error, Error, State1}
-            end;
+            reconnect_exec(State, load_src_after_key, [CurKey, BlkCount]);
         {error, Error} ->
             {error, Error, State}
     end;
 load_src_after_key(CurKey, BlkCount, #state{cl_contacts = Contacts} = State) ->
     {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
 
+reconnect_exec(State, Fun, Args) ->
+    case connect_check_src(State#state{is_connected = false}) of
+        {ok, State1} ->
+            erlang:apply(?MODULE, Fun, Args ++ [State1]);
+        {error, Error, State1} ->
+            {error, Error, State1}
+    end.
+
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
     NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
     if IsFinished -> {ok, finish, NewState#state{is_cleanup_finished = true}};
@@ -166,7 +232,7 @@ get_status(#state{}) -> #{}.
 init_state(_) -> #state{}.
 
 init({#dperlJob{name=Name, dstArgs = #{channel := Channel, push_channel := PChannel},
-                srcArgs = #{api_url := ApiUrl} = SrcArgs}, State}) ->
+                srcArgs = #{api_url := ApiUrl} = SrcArgs, args = Args}, State}) ->
     % case dperl_auth_cache:get_enc_hash(Name) of
     %     undefined ->
     %         ?JError("Encryption hash is not avaialable"),
@@ -179,11 +245,12 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel, push_channel := PChan
             ChannelBin = dperl_dal:to_binary(Channel),
             PChannelBin = dperl_dal:to_binary(PChannel),
             KeyPrefix = maps:get(key_prefix, SrcArgs, []),
+            Type = maps:get(type, Args, pull),
             dperl_dal:create_check_channel(ChannelBin),
             dperl_dal:create_check_channel(PChannelBin),
             {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
                              key_prefix = KeyPrefix, access_token = AccessToken,
-                             push_channel = PChannelBin}};
+                             push_channel = PChannelBin, type = Type}};
         _ ->
             ?JError("Access token not found"),
             {stop, badarg}                    
@@ -257,6 +324,29 @@ exec_req(Url, AccessToken) ->
             {error, Error}
     end.
 
+exec_req(Url, AccessToken, Body, Method) when is_binary(Url) ->
+    exec_req(binary_to_list(Url), AccessToken, Body, Method);
+exec_req(Url, AccessToken, Body, Method) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+    % Headers = [AuthHeader, {"Contnet-type", "application/json"}],
+    case httpc:request(Method, {Url, AuthHeader, "application/json", imem_json:encode(Body)}, [], []) of
+        {ok, {{_, 201, _}, _, Result}} ->
+            % create/post result
+            imem_json:decode(list_to_binary(Result), [return_maps]);
+        {ok, {{_, 200, _}, _, Result}} ->
+            % update/patch result
+            imem_json:decode(list_to_binary(Result), [return_maps]);
+        {ok,{{_, 204, _}, _, _}} ->
+            % delete result
+            ok;
+        {ok, {{_, 401, _}, _, Error}} ->
+            ?JError("Unauthorized body : ~s", [Error]),
+            {error, unauthorized};
+        Error ->
+            {error, Error}
+    end.
+    
+
 url_enc_params(Params) ->
     EParams = maps:fold(
         fun(K, {enc, V}, Acc) ->

From 682c7a430d32a6b8d96a4a390741459df55d54a0 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Mon, 25 May 2020 11:39:21 +0200
Subject: [PATCH 36/72] removing tag and context

---
 src/dperl/jobs/dperl_office_365.erl | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 22127be7..a0a5c0a8 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -128,7 +128,8 @@ fetch_dst(Key, #state{type = push, api_url = ApiUrl} = State) ->
     Id = Key -- State#state.key_prefix,
     ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
     case exec_req(ContactUrl, State#state.access_token) of
-        #{<<"id">> := _} = Contact -> Contact;
+        #{<<"id">> := _} = Contact ->
+            format_contact(Contact);
         _ -> ?NOT_FOUND
     end; 
 fetch_dst(Key, State) ->
@@ -138,7 +139,7 @@ insert_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
     case exec_req(ApiUrl, State#state.access_token, Val, post) of
         #{<<"id">> := Id} = Contact ->
             NewKey = State#state.key_prefix ++ [binary_to_list(Id)],
-            ContactBin = imem_json:encode(Contact),
+            ContactBin = imem_json:encode(format_contact(Contact)),
             dperl_dal:remove_from_channel(State#state.push_channel, Key),
             dperl_dal:write_channel(State#state.channel, NewKey, ContactBin),
             dperl_dal:write_channel(State#state.push_channel, NewKey, ContactBin),
@@ -173,7 +174,7 @@ update_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
     ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
     case exec_req(ContactUrl, State#state.access_token, Val, patch) of
         #{<<"id">> := _} = Contact ->
-            ContactBin = imem_json:encode(Contact),
+            ContactBin = imem_json:encode(format_contact(Contact)),
             dperl_dal:write_channel(State#state.channel, Key, ContactBin),
             dperl_dal:write_channel(State#state.push_channel, Key, ContactBin),
             {false, State};
@@ -281,7 +282,10 @@ format_contacts([], _) -> [];
 format_contacts([#{<<"id">> := IdBin} = Contact | Contacts], KeyPrefix) ->
     Id = binary_to_list(IdBin),
     Key = KeyPrefix ++ [Id],
-    [{Key, Contact} | format_contacts(Contacts, KeyPrefix)].
+    [{Key, format_contact(Contact)} | format_contacts(Contacts, KeyPrefix)].
+
+format_contact(Contact) ->
+    maps:without([<<"@odata.etag">>, <<"@odata.context">>], Contact).
 
 fetch_all_contacts(Url, AccessToken, KeyPrefix) ->
     fetch_all_contacts(Url, AccessToken, KeyPrefix, []).

From 4894bead044e8c01ac60d0e34cac7a297dd6713b Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 26 May 2020 10:56:09 +0200
Subject: [PATCH 37/72] oura ring granting access from the front end

---
 priv/dev/static/index.html              |   1 +
 priv/dev/static/index.js                |   6 +-
 priv/dev/static/scripts/login.js        |  31 ++--
 src/dderl_session.erl                   |  17 +++
 src/dperl/jobs/dperl_office_365.erl     |   4 +-
 src/dperl/jobs/dperl_ouraring_crawl.erl | 195 ++++++++++++------------
 6 files changed, 141 insertions(+), 113 deletions(-)

diff --git a/priv/dev/static/index.html b/priv/dev/static/index.html
index 84e6d582..bdc5e9e4 100644
--- a/priv/dev/static/index.html
+++ b/priv/dev/static/index.html
@@ -24,6 +24,7 @@
                     <li><a id="btn-disconnect">Disconnect</a></li>
                     <li><a id="btn-restart">Restart Application</a></li>
                     <li><a id="btn-office-365">Register Office 365</a></li>
+                    <li><a id="btn-oura-ring">Register Oura Ring</a></li>
                 </ul>
             </li>
             <li><a id="connect-button">New Connection</a></li>
diff --git a/priv/dev/static/index.js b/priv/dev/static/index.js
index 909bb28b..16949827 100644
--- a/priv/dev/static/index.js
+++ b/priv/dev/static/index.js
@@ -8,7 +8,8 @@ import {loginAjax} from "./scripts/login";
 import {alert_jq} from './dialogs/dialogs';
 import {dderlState, show_qry_files,
         change_password, show_about_dlg} from "./scripts/dderl";
-import {new_connection_tab, logout, restart, authorize_office} from "./scripts/login";
+import {new_connection_tab, logout, restart,
+        authorize_office, authorize_oura} from "./scripts/login";
 import {disconnect_tab, close_tab} from "./scripts/connect";
 import {newSqlEditor} from "./scripts/dderl.sql";
 import {patch_jquery_ui} from "./jquery-ui-helper/helper.js";
@@ -93,4 +94,5 @@ addClick('btn-restart',         () => { restart();              });
 addClick('connect-button',      () => { new_connection_tab();   });
 addClick('newsql-button',       () => { newSqlEditor();         });
 addClick('btn-logout',          () => { logout();               });
-addClick('btn-office-365',      () => { authorize_office();               });
+addClick('btn-office-365',      () => { authorize_office();     });
+addClick('btn-oura-ring',       () => { authorize_oura();       });
diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index 85b8c898..19e30bc5 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -26,16 +26,22 @@ window.loginCb = loginCb;
 // office 365 callback handler
 const url = new URL(window.location.href);
 const code = url.searchParams.get('code');
-const state = url.searchParams.get('state');
-if(code) {
-    dderlState.xsrfToken = state;
-    const body = { 'office_365_code': { 'code': code, 'state': state } };
-    ajaxCall(null, 'office_365_code', body, 'office_365_code', function () { window.close(); },
-        function () { alert('error!!!!'); });
-} else {
-    const error = url.searchParams.get('error');
+const error = url.searchParams.get('error');
+const state = JSON.parse(url.searchParams.get('state'));
+if (code) {
+    dderlState.xsrfToken = state.xsrfToken;
+    if (state.type == 'ouraRing') {
+        const body = { 'oura_ring_code': { 'code': code, 'state': state } };
+        ajaxCall(null, 'oura_ring_code', body, 'oura_ring_code', function () { window.close(); },
+            function () { alert('error!!!!'); });
+    } else {
+        const body = { 'office_365_code': { 'code': code, 'state': state } };
+        ajaxCall(null, 'office_365_code', body, 'office_365_code', function () { window.close(); },
+            function () { alert('error!!!!'); });
+    }
+} else if (error) {
     const errorDesc = url.searchParams.get('error_description');
-    alert_jq('Login error : ' + error + ' : ' + errorDesc);
+    alert('Login error : ' + error + ' : ' + errorDesc);
     window.close();
 }
 // office 365 callback handler end
@@ -424,3 +430,10 @@ export function authorize_office() {
         window.open(auth_config.url, 'Office 365 login', params);
     });
 }
+
+export function authorize_oura() {
+    ajaxCall(null, 'oura_ring_auth_config', {}, 'oura_ring_auth_config', function(auth_config) {
+        const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=600,left=100,top=100';
+        window.open(auth_config.url, 'Oura Ring login', params);
+    });
+}
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index d4ec6747..8c23c65f 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -397,6 +397,23 @@ process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
     end,
     State;
 
+process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
+    Url = dperl_ouraring_crawl:get_authorize_url(State#state.xsrf_token),
+    reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
+    State;
+
+process_call({[<<"oura_ring_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
+    #{<<"oura_ring_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
+    case dperl_ouraring_crawl:get_access_token(Code) of
+        ok ->
+            reply(From, #{<<"oura_ring_code">> => #{<<"status">> => <<"ok">>}}, self());
+        {error, _Error} ->
+            reply(From, #{<<"oura_ring_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
+    end,
+    State;
+
 process_call({[<<"connect_info">>], _ReqData}, _Adapter, From, {SrcIp,_},
              #state{sess=Sess, user_id=UserId, user = User} = State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "connect_info"}, State),
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index d62efe43..d7a25255 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -44,11 +44,11 @@ set_token_info(TokenInfo) when is_binary(TokenInfo) ->
     dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
 
 get_authorize_url(XSRFToken) ->
-    URLState = http_uri:encode(XSRFToken),
+    State = #{xsrf_token => XSRFToken, type => <<"office365">>},
     #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
       scope := Scope} = get_office_365_auth_config(),
     UrlParams = url_enc_params(#{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
-                                 "scope" => {enc, Scope}, "state" => URLState}),
+                                 "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
 get_access_token(Code) ->
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 723b2445..01e6763a 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -10,94 +10,89 @@
           "Days to be shifted backwards for starting the job")
        ).
 
+-define(OURA_RING_AUTH_CONFIG,
+        ?GET_CONFIG(ouraRingAuthConfig,[],
+            #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
+              client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://cloud.ouraring.com/oauth/token",
+              scope => "email personal daily"},
+            "Oura Ring auth config")).
+
 % dperl_worker exports
 -export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
          get_status/1, init_state/1]).
 
--record(state, {name, channel, client_id, client_secret, password, email,
-                cb_uri, is_connected = false, access_token, api_url, oauth_url,
+-export([get_authorize_url/1, get_access_token/1]).
+
+-record(state, {name, channel, is_connected = true, access_token, api_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
-                infos = [], auth_time, auth_expiry, key_prefix}).
+                infos = [], key_prefix}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
-         do_cleanup/2, do_refresh/2, 
-         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
-         update_dst/3, report_status/3]).
-
-connect_check_src(#state{is_connected = true, auth_expiry = ExpiresIn, auth_time = AuthTime} = State) ->
-    case imem_datatype:sec_diff(AuthTime) of
-        Diff when Diff >= (ExpiresIn - 100) ->
-            % access token will expire in 100 seconds or less
-            connect_check_src(State#state{is_connected = false});
-        _ ->
-            {ok, State}
-    end;
-connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = CallbackUri,
-                         client_secret = ClientSecret, password = Password,
-                         email = Email, oauth_url = OauthUrl} = State) ->
-    ?Info("Generating new access token"),
-    httpc:reset_cookies(?MODULE),
-    Params = #{
-        "response_type" => "code",
-        "client_id" => ClientId,
-        "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
-        "scope" => "email+personal+daily",
-        "state" => "test"
-    },
-    Url = OauthUrl ++ "/oauth/authorize?" ++ binary_to_list(url_enc_params(Params)),
-    try
-        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(
-            get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
-        RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
-        {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
-        SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
-        {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
-        Params2 = #{
-            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
-            "email" => edoc_lib:escape_uri(Email),
-            "password" => edoc_lib:escape_uri(Password)
-        },
-        {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
-        post, {
-            RedirectUri, [], "application/x-www-form-urlencoded",
-            url_enc_params(Params2)}, [{autoredirect, false}], [], ?MODULE),
-        RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
-        {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
-        Params3 = #{
-            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
-            "cope_email" => "on",
-            "scope_personal" => "on",
-            "scope_daily" => "on",
-            "allow" => "Accept"
-        },
-        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
-        post, {
-            RedirectUri_1, [], "application/x-www-form-urlencoded",
-            url_enc_params(Params3)}, [{autoredirect, false}], [], ?MODULE),
-        RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
-        #{query := QueryString} = uri_string:parse(RedirectUri_2),
-        #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
-        Params4 = #{
-            "grant_type" => "authorization_code",
-            "code" => Code, "client_id" => ClientId,
-            "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
-            "client_secret" => ClientSecret
-        },
-        {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
-        post, {
-            OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
-            url_enc_params(Params4)}, [{autoredirect, false}], [], ?MODULE),
-        #{<<"access_token">> := AccessToken, <<"expires_in">> := ExpiresIn} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
-        ?JInfo("Authentication successful : ~p", [Auth]),
-        {ok, State#state{is_connected = true, access_token = AccessToken,
-                            auth_expiry = ExpiresIn, auth_time = imem_meta:time()}}
-    catch
-        Class:Error:Stacktrace ->
-            ?JError("Unexpected response : ~p:~p:~p", [Class, Error, Stacktrace]),
-            {error, invalid_return, State}
-    end;
-connect_check_src(State) -> {ok, State}.
+         do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
+         insert_dst/3, update_dst/3, report_status/3]).
+
+get_oura_ring_auth_config() ->
+    ?OURA_RING_AUTH_CONFIG.
+
+get_token_info() ->
+    dperl_dal:read_channel(<<"avatar">>, ["ouraRing","token"]).
+
+set_token_info(TokenInfo) when is_map(TokenInfo) ->
+    set_token_info(imem_json:encode(TokenInfo));
+set_token_info(TokenInfo) when is_list(TokenInfo) ->
+    set_token_info(list_to_binary(TokenInfo));
+set_token_info(TokenInfo) when is_binary(TokenInfo) ->
+    dperl_dal:create_check_channel(<<"avatar">>),
+    dperl_dal:write_channel(<<"avatar">>, ["ouraRing","token"], TokenInfo).
+
+get_authorize_url(XSRFToken) ->
+    State = #{xsrfToken => XSRFToken, type => <<"ouraRing">>},
+    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
+      scope := Scope} = get_oura_ring_auth_config(),
+    UrlParams = url_enc_params(#{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
+                                 "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
+    erlang:iolist_to_binary([Url, "&", UrlParams]).
+
+get_access_token(Code) ->
+    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
+      client_secret := Secret, grant_type := GrantType} = get_oura_ring_auth_config(),
+    Body = url_enc_params(#{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
+                            "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {_, _, TokenInfo}} ->
+            set_token_info(TokenInfo),
+            ok;
+        {error, Error} ->
+            ?Error("Fetching access token : ~p", [Error]),
+            {error, Error}
+    end.
+
+
+connect_check_src(#state{is_connected = true} = State) ->
+    {ok, State};
+connect_check_src(#state{is_connected = false} = State) ->
+    ?JTrace("Refreshing access token"),
+    #{token_url := TUrl, client_id := ClientId,
+      client_secret := Secret} = get_oura_ring_auth_config(),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(),
+    Body = url_enc_params(#{"client_id" => ClientId, "client_secret" => {enc, Secret},
+                            "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {{_, 200, "OK"}, _, TokenBody}} ->
+            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+            set_token_info(TokenBody),
+            #{<<"access_token">> := AccessToken} = TokenInfo,
+            ?JInfo("new access token fetched"),
+            {ok, State#state{access_token = AccessToken, is_connected = true}};
+        Error ->
+            ?JError("Unexpected response : ~p", [Error]),
+            {error, Error, State}
+    end.
 
 get_source_events(#state{infos = []} = State, _BulkSize) ->
     {ok, sync_complete, State};
@@ -161,11 +156,8 @@ init_state([#dperlNodeJobDyn{state = State} | _]) ->
 init_state([_ | Others]) ->
     init_state(Others).
 
-init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
-                srcArgs = #{client_id := ClientId, user_password := Password,
-                            client_secret := ClientSecret, user_email := Email,
-                            cb_uri := CallbackUri, api_url := ApiUrl,
-                            oauth_url := OauthUrl} = SrcArgs}, State}) ->
+init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
+                srcArgs = #{api_url := ApiUrl}}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -173,16 +165,17 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
             imem_sec_mnesia:put_enc_hash(EncHash),
-            ChannelBin = dperl_dal:to_binary(Channel),
-            KeyPrefix = maps:get(key_prefix, SrcArgs, []),
-            dperl_dal:create_check_channel(ChannelBin),
-            inets:start(httpc, [{profile, ?MODULE}]),
-            ok = httpc:set_options([{cookies, enabled}], ?MODULE),
-            {ok, State#state{channel = ChannelBin, client_id = ClientId,
-                             client_secret = ClientSecret, password = Password,
-                             email = Email, cb_uri = CallbackUri, name = Name,
-                             api_url = ApiUrl, oauth_url = OauthUrl,
-                             key_prefix = KeyPrefix}}
+            case get_token_info() of
+                #{<<"access_token">> := AccessToken} ->
+                    ChannelBin = dperl_dal:to_binary(Channel),
+                    KeyPrefix = maps:get(key_prefix, DstArgs, []),
+                    dperl_dal:create_check_channel(ChannelBin),
+                    {ok, State#state{channel = ChannelBin, api_url = ApiUrl,
+                                    key_prefix = KeyPrefix, access_token = AccessToken}};
+                _ ->
+                    ?JError("Access token not found"),
+                    {stop, badarg}
+            end
     end;
 init(Args) ->
     ?JError("bad start parameters ~p", [Args]),
@@ -262,7 +255,7 @@ fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = S
     end.
 
 fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
-    Url = ApiUrl ++ "/v1/" ++ Type ++ DayQuery,
+    Url = ApiUrl ++ Type ++ DayQuery,
     TypeBin = list_to_binary(Type),
     case exec_req(Url, AccessToken) of
         #{TypeBin := []} ->
@@ -274,7 +267,7 @@ fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
     end.
 
 fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
+    case exec_req(ApiUrl ++ "userinfo", AccessToken) of
         UserInfo when is_map(UserInfo) ->
             Info = {build_key("userinfo", State#state.key_prefix), UserInfo},
             State#state{infos = [Info | State#state.infos]};
@@ -309,7 +302,7 @@ get_day(Type, State) ->
 
 exec_req(Url, AccessToken) ->
     AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
-    case httpc:request(get, {Url, AuthHeader}, [{autoredirect, false}], [], ?MODULE) of
+    case httpc:request(get, {Url, AuthHeader}, [], []) of
         {ok, {{_, 200, "OK"}, _, Result}} ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
         Error ->
@@ -344,7 +337,9 @@ build_key(Type, KeyPrefix) when is_list(Type), is_list(KeyPrefix)->
 
 url_enc_params(Params) ->
     EParams = maps:fold(
-        fun(K, V, Acc) ->
+        fun(K, {enc, V}, Acc) ->
+            ["&", K, "=", http_uri:encode(V) | Acc];
+           (K, V, Acc) ->
             ["&", K, "=", V | Acc]
         end, [], Params),
-    erlang:iolist_to_binary(tl(EParams)).
+    erlang:iolist_to_binary([tl(EParams)]).

From 94b7cd44819e2c645412d90e22c06b532875b299 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 26 May 2020 14:32:16 +0200
Subject: [PATCH 38/72] trigger on dperlJob table

---
 src/dperl/dperl_auth_cache.erl | 8 +++++++-
 src/dperl/dperl_dal.erl        | 5 ++++-
 src/dperl/dperl_sup.erl        | 3 ++-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/dperl/dperl_auth_cache.erl b/src/dperl/dperl_auth_cache.erl
index efc1e878..cd66751d 100644
--- a/src/dperl/dperl_auth_cache.erl
+++ b/src/dperl/dperl_auth_cache.erl
@@ -7,7 +7,8 @@
 -export([start_link/0,
          set_enc_hash/3,
          get_enc_hash/1,
-         set_enc_hash_locally/3]).
+         set_enc_hash_locally/3,
+         auth_cache_trigger_fun/0]).
 
 %% gen_server callbacks
 -export([init/1,
@@ -52,3 +53,8 @@ set_enc_hash_locally(JobOrServiceName, User, EncHash) ->
 
 get_enc_hash(JobOrServiceName) ->
     gen_server:call(?MODULE, {getEncHash, JobOrServiceName}).
+
+auth_cache_trigger_fun() ->
+    "fun(OldRec,NewRec,Table,User,TrOpts) ->
+        dperl_auth_cache:set_enc_hash(NewRec, User, proplists:get_value(encHash, TrOpts, undefined))
+    end.".
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index ba242cd6..9c892ff7 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -18,7 +18,7 @@
          read_siblings/2, read_channel_raw/2, worker_error/4, sort_links/1,
          get_pool_name/1, remote_dal/3, get_pool_name/2, run_oci_stmt/3,
          activity_logger/3, create_check_index/2, to_atom/1, report_status/7,
-         key_to_json/1, key_to_json_enc/1]).
+         key_to_json/1, key_to_json_enc/1, create_or_replace_tigger/2]).
 
 check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
     case catch imem_meta:create_check_table(
@@ -52,6 +52,9 @@ create_check_index(Channel, IndexDefinition) ->
         Other ->                                        Other
     end.
 
+create_or_replace_tigger(Table, FunStr) ->
+    imem_meta:create_or_replace_trigger(Table, FunStr).
+
 -spec write_channel(binary(), any(), any()) -> ok | {error, any()}.
 write_channel(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
    case catch imem_dal_skvh:write(system, Channel, Key, Val) of
diff --git a/src/dperl/dperl_sup.erl b/src/dperl/dperl_sup.erl
index 04f4d758..d766cd5b 100644
--- a/src/dperl/dperl_sup.erl
+++ b/src/dperl/dperl_sup.erl
@@ -25,7 +25,7 @@ start_link() ->
         )
       end,
       [
-        ?TABLESPEC(dperlJob,[]),
+        ?TABLESPEC(dperlJob,[{trigger, dperl_auth_cache:auth_cache_trigger_fun()}]),
         ?TABLESPEC(
           ?JOBDYN_TABLE, dperlNodeJobDyn,
           [
@@ -45,6 +45,7 @@ start_link() ->
         )
       ]
     ),
+    dperl_dal:create_or_replace_tigger(dperlJob, dperl_auth_cache:auth_cache_trigger_fun()),
     ok = dderl:add_d3_templates_path(
       dderl, filename:join(priv_dir(), "dashboard_scripts")
     ),

From c80d8c8d5f89933e69a50f9f07917c50c5d0d0a2 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 26 May 2020 16:45:56 +0200
Subject: [PATCH 39/72] oauth callback refactoring wip

---
 priv/dev/static/scripts/login.js | 46 +++++++++++++++++++-----------
 src/dderl_session.erl            | 49 +++++++++++++++++++++-----------
 2 files changed, 62 insertions(+), 33 deletions(-)

diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index cf10a947..8980e07a 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -30,29 +30,41 @@ const error = url.searchParams.get('error');
 const state = JSON.parse(url.searchParams.get('state'));
 if (code) {
     dderlState.xsrfToken = state.xsrfToken;
-    if (state.type == 'ouraRing') {
-        const body = { 'oura_ring_code': { 'code': code, 'state': state } };
-        ajaxCall(null, 'oura_ring_code', body, 'oura_ring_code',
+    setTimeout(() => {
+        const body = { 'oauth2_callback': { 'code': code, 'state': state } };
+        ajaxCall(null, 'oauth2_callback', body, 'oauth2_callback',
             function () {
-                window.close();
+                // window.close();
             },
             function (error) {
                 alert('Error fetching access token : ' + error);
                 console.log('Error fetching access token', error);
-                window.close();
+                // window.close();
             });
-    } else {
-        const body = { 'office_365_code': { 'code': code, 'state': state } };
-        ajaxCall(null, 'office_365_code', body, 'office_365_code',
-            function () {
-                window.close();
-            },
-            function (error) {
-                alert('Error fetching access token : ' + error);
-                console.log('Error fetching access token', error);
-                window.close();
-            });
-    }
+    }, 2000);
+    // if (state.type == 'ouraRing') {
+    //     const body = { 'oura_ring_code': { 'code': code, 'state': state } };
+    //     ajaxCall(null, 'oura_ring_code', body, 'oura_ring_code',
+    //         function () {
+    //             window.close();
+    //         },
+    //         function (error) {
+    //             alert('Error fetching access token : ' + error);
+    //             console.log('Error fetching access token', error);
+    //             window.close();
+    //         });
+    // } else {
+    //     const body = { 'office_365_code': { 'code': code, 'state': state } };
+    //     ajaxCall(null, 'office_365_code', body, 'office_365_code',
+    //         function () {
+    //             window.close();
+    //         },
+    //         function (error) {
+    //             alert('Error fetching access token : ' + error);
+    //             console.log('Error fetching access token', error);
+    //             window.close();
+    //         });
+    // }
 } else if (error) {
     const errorDesc = url.searchParams.get('error_description');
     alert('Login error : ' + error + ' : ' + errorDesc);
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 8c23c65f..91b8e3a7 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -386,16 +386,16 @@ process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp,
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
-process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
-    #{<<"office_365_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
-    case dperl_office_365:get_access_token(Code) of
-        ok ->
-            reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self());
-        {error, _Error} ->
-            reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
-    end,
-    State;
+% process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+%     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
+%     #{<<"office_365_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
+%     case dperl_office_365:get_access_token(Code) of
+%         ok ->
+%             reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self());
+%         {error, _Error} ->
+%             reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
+%     end,
+%     State;
 
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
@@ -403,14 +403,28 @@ process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp,
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
-process_call({[<<"oura_ring_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+% process_call({[<<"oura_ring_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
+%     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
+%     #{<<"oura_ring_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
+%     case dperl_ouraring_crawl:get_access_token(Code) of
+%         ok ->
+%             reply(From, #{<<"oura_ring_code">> => #{<<"status">> => <<"ok">>}}, self());
+%         {error, _Error} ->
+%             reply(From, #{<<"oura_ring_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
+%     end,
+%     State;
+
+process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
-    #{<<"oura_ring_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
-    case dperl_ouraring_crawl:get_access_token(Code) of
+    #{<<"oauth2_callback">> := 
+        #{<<"code">> := Code, <<"state">> := #{<<"type">> := Type}}} = jsx:decode(ReqData, [return_maps]),
+    Module = oauth2_callback_module(Type),
+    case Module:get_access_token(Code) of
         ok ->
-            reply(From, #{<<"oura_ring_code">> => #{<<"status">> => <<"ok">>}}, self());
-        {error, _Error} ->
-            reply(From, #{<<"oura_ring_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
+            reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
+        {error, Error} ->
+            ?Error("Fetching token : ~p:get_access_token(~p) : ~p", [Module, Code, Error]),
+            reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
     end,
     State;
 
@@ -896,6 +910,9 @@ cancel_timer(TRef) ->
     erlang:cancel_timer(TRef),
     ok.
 
+oauth2_callback_module(<<"office365">>) -> dperl_office_365;
+oauth2_callback_module(<<"ouraRing">>) -> dperl_office_365.
+
 act_log(ReplyPid, LogLevel, Args, State) ->
     ReplyPid ! {access,
                 Args#{userId => case Args of

From 77b33f9cf45c1e7a4815428ff80f78999f6726c5 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 26 May 2020 17:33:01 +0200
Subject: [PATCH 40/72] removed commented code, refactoring

---
 priv/dev/static/scripts/login.js        | 49 ++++++-------------------
 src/dderl_session.erl                   | 24 +-----------
 src/dperl/dperl_dal.erl                 | 12 +++++-
 src/dperl/jobs/dperl_office_365.erl     | 36 ++++++++----------
 src/dperl/jobs/dperl_ouraring_crawl.erl | 23 +++++-------
 5 files changed, 49 insertions(+), 95 deletions(-)

diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index 8980e07a..ad0cbd6a 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -23,54 +23,29 @@ export function loginAjax(data = {}) {
 
 window.loginCb = loginCb;
 
-// office 365 callback handler
+// oauth2 callback handler
 const url = new URL(window.location.href);
 const code = url.searchParams.get('code');
 const error = url.searchParams.get('error');
 const state = JSON.parse(url.searchParams.get('state'));
 if (code) {
     dderlState.xsrfToken = state.xsrfToken;
-    setTimeout(() => {
-        const body = { 'oauth2_callback': { 'code': code, 'state': state } };
-        ajaxCall(null, 'oauth2_callback', body, 'oauth2_callback',
-            function () {
-                // window.close();
-            },
-            function (error) {
-                alert('Error fetching access token : ' + error);
-                console.log('Error fetching access token', error);
-                // window.close();
-            });
-    }, 2000);
-    // if (state.type == 'ouraRing') {
-    //     const body = { 'oura_ring_code': { 'code': code, 'state': state } };
-    //     ajaxCall(null, 'oura_ring_code', body, 'oura_ring_code',
-    //         function () {
-    //             window.close();
-    //         },
-    //         function (error) {
-    //             alert('Error fetching access token : ' + error);
-    //             console.log('Error fetching access token', error);
-    //             window.close();
-    //         });
-    // } else {
-    //     const body = { 'office_365_code': { 'code': code, 'state': state } };
-    //     ajaxCall(null, 'office_365_code', body, 'office_365_code',
-    //         function () {
-    //             window.close();
-    //         },
-    //         function (error) {
-    //             alert('Error fetching access token : ' + error);
-    //             console.log('Error fetching access token', error);
-    //             window.close();
-    //         });
-    // }
+    const body = { 'oauth2_callback': { 'code': code, 'state': state } };
+    ajaxCall(null, 'oauth2_callback', body, 'oauth2_callback',
+        function () {
+            window.close();
+        },
+        function (error) {
+            alert('Error fetching access token : ' + error);
+            console.log('Error fetching access token', error);
+            window.close();
+        });
 } else if (error) {
     const errorDesc = url.searchParams.get('error_description');
     alert('Login error : ' + error + ' : ' + errorDesc);
     window.close();
 }
-// office 365 callback handler end
+// oauth2 callback handler end
 
 function loginCb(resp) {
     try {
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 91b8e3a7..754c0964 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -386,34 +386,12 @@ process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp,
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
-% process_call({[<<"office_365_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-%     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
-%     #{<<"office_365_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
-%     case dperl_office_365:get_access_token(Code) of
-%         ok ->
-%             reply(From, #{<<"office_365_code">> => #{<<"status">> => <<"ok">>}}, self());
-%         {error, _Error} ->
-%             reply(From, #{<<"office_365_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
-%     end,
-%     State;
-
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
     Url = dperl_ouraring_crawl:get_authorize_url(State#state.xsrf_token),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
-% process_call({[<<"oura_ring_code">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-%     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
-%     #{<<"oura_ring_code">> := #{<<"code">> := Code}} = jsx:decode(ReqData, [return_maps]),
-%     case dperl_ouraring_crawl:get_access_token(Code) of
-%         ok ->
-%             reply(From, #{<<"oura_ring_code">> => #{<<"status">> => <<"ok">>}}, self());
-%         {error, _Error} ->
-%             reply(From, #{<<"oura_ring_code">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
-%     end,
-%     State;
-
 process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
     #{<<"oauth2_callback">> := 
@@ -911,7 +889,7 @@ cancel_timer(TRef) ->
     ok.
 
 oauth2_callback_module(<<"office365">>) -> dperl_office_365;
-oauth2_callback_module(<<"ouraRing">>) -> dperl_office_365.
+oauth2_callback_module(<<"ouraRing">>) -> dperl_ouraring_crawl.
 
 act_log(ReplyPid, LogLevel, Args, State) ->
     ReplyPid ! {access,
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index 9c892ff7..a80c84ab 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -3,7 +3,7 @@
 -include("dperl.hrl").
 
 -export([select/2, subscribe/1, unsubscribe/1, write/2, check_table/5,
-         sql_jp_bind/1, sql_bind_jp_values/2, read_channel/2,
+         sql_jp_bind/1, sql_bind_jp_values/2, read_channel/2, url_enc_params/1,
          io_to_oci_datetime/1, create_check_channel/1, write_channel/3,
          read_check_write/4, read_audit_keys/3, read_audit/3, get_enabled/1,
          update_job_dyn/2, update_job_dyn/3, job_error_close/1, to_binary/1,
@@ -667,6 +667,16 @@ activity_logger(StatusCtx, Name, Extra) ->
             ?JDebug("activity logger already running ~p", [Pid])
     end.
 
+-spec url_enc_params(map()) -> binary().
+url_enc_params(Params) ->
+    EParams = maps:fold(
+        fun(K, {enc, V}, Acc) ->
+            ["&", K, "=", http_uri:encode(V) | Acc];
+           (K, V, Acc) ->
+            ["&", K, "=", V | Acc]
+        end, [], Params),
+    erlang:iolist_to_binary([tl(EParams)]).
+
 %%------------------------------------------------------------------------------
 %% private
 %%------------------------------------------------------------------------------
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index f3a95826..ad17c03e 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -19,6 +19,9 @@
 
 -export([get_authorize_url/1, get_access_token/1]).
 
+% contacts graph api
+% https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
+
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 contacts = [], key_prefix, fetch_url, cl_contacts = [],
                 is_cleanup_finished = true, push_channel, type = pull,
@@ -45,20 +48,22 @@ set_token_info(TokenInfo) when is_binary(TokenInfo) ->
     dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
 
 get_authorize_url(XSRFToken) ->
-    State = #{xsrf_token => XSRFToken, type => <<"office365">>},
+    State = #{xsrfToken => XSRFToken, type => <<"office365">>},
     #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
       scope := Scope} = get_office_365_auth_config(),
-    UrlParams = url_enc_params(#{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
-                                 "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
+    UrlParams = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
+          "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
 get_access_token(Code) ->
     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
       client_secret := Secret, grant_type := GrantType,
       scope := Scope} = get_office_365_auth_config(),
-    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
-                            "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
-                            "client_secret" => {enc, Secret}}),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
+          "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
+          "client_secret" => {enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {_, _, TokenInfo}} ->
@@ -76,9 +81,10 @@ connect_check_src(#state{is_connected = false} = State) ->
     #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
       scope := Scope} = get_office_365_auth_config(),
     #{<<"refresh_token">> := RefreshToken} = get_token_info(),
-    Body = url_enc_params(#{"client_id" => ClientId, "scope" => {enc, Scope},
-                            "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
-                            "client_secret" => {enc, Secret}}),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "scope" => {enc, Scope},
+          "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
+          "client_secret" => {enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
@@ -197,7 +203,7 @@ load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
 
 load_src_after_key(CurKey, BlkCount, #state{fetch_url = undefined} = State) ->
     % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
-    UrlParams = url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
+    UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
     ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
     load_src_after_key(CurKey, BlkCount, State#state{fetch_url = ContactsUrl});
 load_src_after_key(CurKey, BlkCount, #state{is_cleanup_finished = true, key_prefix = KeyPrefix,
@@ -349,13 +355,3 @@ exec_req(Url, AccessToken, Body, Method) ->
         Error ->
             {error, Error}
     end.
-    
-
-url_enc_params(Params) ->
-    EParams = maps:fold(
-        fun(K, {enc, V}, Acc) ->
-            ["&", K, "=", http_uri:encode(V) | Acc];
-           (K, V, Acc) ->
-            ["&", K, "=", V | Acc]
-        end, [], Params),
-    erlang:iolist_to_binary([tl(EParams)]).
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 01e6763a..eeabe89a 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -52,15 +52,17 @@ get_authorize_url(XSRFToken) ->
     State = #{xsrfToken => XSRFToken, type => <<"ouraRing">>},
     #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
       scope := Scope} = get_oura_ring_auth_config(),
-    UrlParams = url_enc_params(#{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
-                                 "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
+    UrlParams = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
+          "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
 get_access_token(Code) ->
     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
       client_secret := Secret, grant_type := GrantType} = get_oura_ring_auth_config(),
-    Body = url_enc_params(#{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
-                            "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
+          "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {_, _, TokenInfo}} ->
@@ -79,8 +81,9 @@ connect_check_src(#state{is_connected = false} = State) ->
     #{token_url := TUrl, client_id := ClientId,
       client_secret := Secret} = get_oura_ring_auth_config(),
     #{<<"refresh_token">> := RefreshToken} = get_token_info(),
-    Body = url_enc_params(#{"client_id" => ClientId, "client_secret" => {enc, Secret},
-                            "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "client_secret" => {enc, Secret},
+          "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
@@ -335,11 +338,3 @@ set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}
 build_key(Type, KeyPrefix) when is_list(Type), is_list(KeyPrefix)->
     KeyPrefix ++ [Type].
 
-url_enc_params(Params) ->
-    EParams = maps:fold(
-        fun(K, {enc, V}, Acc) ->
-            ["&", K, "=", http_uri:encode(V) | Acc];
-           (K, V, Acc) ->
-            ["&", K, "=", V | Acc]
-        end, [], Params),
-    erlang:iolist_to_binary([tl(EParams)]).

From 231148d214d40be42d5852d5f811ce018addd5ab Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 26 May 2020 17:37:04 +0200
Subject: [PATCH 41/72] encHAsh code

---
 src/dperl/jobs/dperl_office_365.erl | 47 +++++++++++++++--------------
 1 file changed, 24 insertions(+), 23 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index ad17c03e..5541d5a0 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -238,29 +238,30 @@ get_status(#state{}) -> #{}.
 
 init_state(_) -> #state{}.
 
-init({#dperlJob{name=Name, dstArgs = #{channel := Channel, push_channel := PChannel},
-                srcArgs = #{api_url := ApiUrl} = SrcArgs, args = Args}, State}) ->
-    % case dperl_auth_cache:get_enc_hash(Name) of
-    %     undefined ->
-    %         ?JError("Encryption hash is not avaialable"),
-    %         {stop, badarg};
-    %     {User, EncHash} ->
-            % ?JInfo("Starting with ~p's enchash...", [User]),
-            % imem_sec_mnesia:put_enc_hash(EncHash),
-    case get_token_info() of
-        #{<<"access_token">> := AccessToken} ->
-            ChannelBin = dperl_dal:to_binary(Channel),
-            PChannelBin = dperl_dal:to_binary(PChannel),
-            KeyPrefix = maps:get(key_prefix, SrcArgs, []),
-            Type = maps:get(type, Args, pull),
-            dperl_dal:create_check_channel(ChannelBin),
-            dperl_dal:create_check_channel(PChannelBin),
-            {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
-                             key_prefix = KeyPrefix, access_token = AccessToken,
-                             push_channel = PChannelBin, type = Type}};
-        _ ->
-            ?JError("Access token not found"),
-            {stop, badarg}                    
+init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
+                dstArgs = #{channel := Channel, push_channel := PChannel} = DstArgs}, State}) ->
+    case dperl_auth_cache:get_enc_hash(Name) of
+        undefined ->
+            ?JError("Encryption hash is not avaialable"),
+            {stop, badarg};
+        {User, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [User]),
+            imem_sec_mnesia:put_enc_hash(EncHash),
+            case get_token_info() of
+                #{<<"access_token">> := AccessToken} ->
+                    ChannelBin = dperl_dal:to_binary(Channel),
+                    PChannelBin = dperl_dal:to_binary(PChannel),
+                    KeyPrefix = maps:get(key_prefix, DstArgs, []),
+                    Type = maps:get(type, Args, pull),
+                    dperl_dal:create_check_channel(ChannelBin),
+                    dperl_dal:create_check_channel(PChannelBin),
+                    {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
+                                    key_prefix = KeyPrefix, access_token = AccessToken,
+                                    push_channel = PChannelBin, type = Type}};
+                _ ->
+                    ?JError("Access token not found"),
+                    {stop, badarg}
+            end
     end;
 init(Args) ->
     ?JError("bad start parameters ~p", [Args]),

From c195a757b7457a6ada8ff374ed13a4a52003d7ed Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 27 May 2020 09:14:38 +0200
Subject: [PATCH 42/72] cleanup only for pull job

---
 src/dperl/jobs/dperl_office_365.erl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 5541d5a0..df49981b 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -228,6 +228,8 @@ reconnect_exec(State, Fun, Args) ->
             {error, Error, State1}
     end.
 
+do_cleanup(_Deletes, _Inserts, _Diffs, _IsFinished, #state{type = push}) ->
+    {error, <<"cleanup only for pull job">>};
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
     NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
     if IsFinished -> {ok, finish, NewState#state{is_cleanup_finished = true}};

From c194bd9cc46449c660bdf98eada9bd5164d731a4 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 27 May 2020 10:13:13 +0200
Subject: [PATCH 43/72] resolved case clause problem

---
 src/dperl/jobs/dperl_ouraring_crawl.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index eeabe89a..b339777e 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -235,7 +235,7 @@ fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = S
                 {ok, _} ->
                     fetch_metric(Type, NextDay, State);
                 _Other ->
-                    State
+                    none
             end;
         {ok, Metric} ->
             Key = build_key(Type, State#state.key_prefix),

From 25d8bf0fc0f93c1abc71f0045096d807810518f5 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 28 May 2020 15:45:57 +0200
Subject: [PATCH 44/72] code refactoring

---
 src/dderl.hrl                           |   6 ++
 src/dderl_oauth.erl                     |  84 ++++++++++++++++++
 src/dderl_session.erl                   |  18 ++--
 src/dperl/jobs/dperl_office_365.erl     |  92 ++++++--------------
 src/dperl/jobs/dperl_ouraring_crawl.erl | 111 ++++++++++--------------
 5 files changed, 169 insertions(+), 142 deletions(-)
 create mode 100644 src/dderl_oauth.erl

diff --git a/src/dderl.hrl b/src/dderl.hrl
index 51c976e1..00a9920c 100644
--- a/src/dderl.hrl
+++ b/src/dderl.hrl
@@ -322,4 +322,10 @@
          end)()
 ).
 
+% OAUTH 
+
+-define(OURARING, <<"ouraRing">>).
+
+-define(OFFICE365, <<"office365">>).
+
 -endif.
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
new file mode 100644
index 00000000..021f7a0c
--- /dev/null
+++ b/src/dderl_oauth.erl
@@ -0,0 +1,84 @@
+-module(dderl_oauth).
+
+-include("dderl.hrl").
+
+-define(OFFICE_365_AUTH_CONFIG,
+        ?GET_CONFIG(office365AuthConfig,[],
+            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+              scope => "offline_access https://graph.microsoft.com/people.read"},
+            "Office 365 (Graph API) auth config")).
+
+-define(OURA_RING_AUTH_CONFIG,
+        ?GET_CONFIG(ouraRingAuthConfig,[],
+            #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
+              client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://cloud.ouraring.com/oauth/token",
+              scope => "email personal daily"},
+            "Oura Ring auth config")).
+
+-export([get_authorize_url/2, get_access_token/2, get_token_info/1, refresh_access_token/1]).
+
+get_auth_config(?OFFICE365) -> ?OFFICE_365_AUTH_CONFIG;
+get_auth_config(?OURARING) -> ?OURA_RING_AUTH_CONFIG.
+
+get_token_info(Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+    dperl_dal:read_channel(<<"avatar">>, [binary_to_list(Type),"token"]).
+
+set_token_info(TokenInfo, Type) when is_map(TokenInfo) ->
+    set_token_info(imem_json:encode(TokenInfo), Type);
+set_token_info(TokenInfo, Type) when is_list(TokenInfo) ->
+    set_token_info(list_to_binary(TokenInfo), Type);
+set_token_info(TokenInfo, Type) when is_binary(TokenInfo), (Type == ?OFFICE365 orelse Type == ?OURARING) ->
+    dperl_dal:create_check_channel(<<"avatar">>),
+    dperl_dal:write_channel(<<"avatar">>, [binary_to_list(Type), "token"], TokenInfo).
+
+get_authorize_url(XSRFToken, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+    State = #{xsrfToken => XSRFToken, type => Type},
+    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
+      scope := Scope} = get_auth_config(Type),
+    UrlParams = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
+          "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
+    erlang:iolist_to_binary([Url, "&", UrlParams]).
+
+get_access_token(Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
+      client_secret := Secret, grant_type := GrantType,
+      scope := Scope} = get_auth_config(Type),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
+          "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
+          "client_secret" => {enc, Secret}}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
+            set_token_info(TokenInfo, Type),
+            ok;
+        {ok, {{_, Code, _}, _, Error}} ->
+            ?Error("Fetching access token : ~p:~p", [Code, Error]),
+            {error, Error};
+        {error, Error} ->
+            ?Error("Fetching access token : ~p", [Error]),
+            {error, Error}
+    end.
+
+refresh_access_token(Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+    #{token_url := TUrl, client_id := ClientId, scope := Scope,
+      client_secret := Secret} = get_auth_config(Type),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(Type),
+    Body = dperl_dal:url_enc_params(
+        #{"client_id" => ClientId, "client_secret" => {enc, Secret}, "scope" => {enc, Scope},
+          "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
+    ContentType = "application/x-www-form-urlencoded",
+    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+        {ok, {{_, 200, "OK"}, _, TokenBody}} ->
+            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+            set_token_info(TokenBody, Type),
+            #{<<"access_token">> := AccessToken} = TokenInfo,
+            {ok, AccessToken};
+        Error ->
+            {error, Error}
+    end.
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 754c0964..a5fe9704 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -381,27 +381,26 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
     State;
 
 process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
-    Url = dperl_office_365:get_authorize_url(State#state.xsrf_token),
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "office_365_auth_config"}, State),
+    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, ?OFFICE365),
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "about"}, State),
-    Url = dperl_ouraring_crawl:get_authorize_url(State#state.xsrf_token),
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oura_ring_auth_config"}, State),
+    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, ?OURARING),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
-    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "format_json_to_save", args => ReqData}, State),
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oauth2_callback", args => ReqData}, State),
     #{<<"oauth2_callback">> := 
         #{<<"code">> := Code, <<"state">> := #{<<"type">> := Type}}} = jsx:decode(ReqData, [return_maps]),
-    Module = oauth2_callback_module(Type),
-    case Module:get_access_token(Code) of
+    case dderl_oauth:get_access_token(Code, Type) of
         ok ->
             reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
         {error, Error} ->
-            ?Error("Fetching token : ~p:get_access_token(~p) : ~p", [Module, Code, Error]),
+            ?Error("Fetching token : ~p", [Error]),
             reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Fetching token failed, Try again">>}}, self())
     end,
     State;
@@ -888,9 +887,6 @@ cancel_timer(TRef) ->
     erlang:cancel_timer(TRef),
     ok.
 
-oauth2_callback_module(<<"office365">>) -> dperl_office_365;
-oauth2_callback_module(<<"ouraRing">>) -> dperl_ouraring_crawl.
-
 act_log(ReplyPid, LogLevel, Args, State) ->
     ReplyPid ! {access,
                 Args#{userId => case Args of
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index df49981b..3f7f4caa 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -5,20 +5,10 @@
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
 
--define(OFFICE_365_AUTH_CONFIG,
-        ?GET_CONFIG(office365AuthConfig,[],
-            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
-              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
-              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
-              scope => "offline_access https://graph.microsoft.com/people.read"},
-            "Office 365 (Graph API) auth config")).
-
 % dperl_worker exports
 -export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
          get_status/1, init_state/1]).
 
--export([get_authorize_url/1, get_access_token/1]).
-
 % contacts graph api
 % https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
 
@@ -33,70 +23,38 @@
          fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
          update_dst/3, report_status/3]).
 
-get_office_365_auth_config() ->
-    ?OFFICE_365_AUTH_CONFIG.
-
-get_token_info() ->
-    dperl_dal:read_channel(<<"avatar">>, ["office365","token"]).
-
-set_token_info(TokenInfo) when is_map(TokenInfo) ->
-    set_token_info(imem_json:encode(TokenInfo));
-set_token_info(TokenInfo) when is_list(TokenInfo) ->
-    set_token_info(list_to_binary(TokenInfo));
-set_token_info(TokenInfo) when is_binary(TokenInfo) ->
-    dperl_dal:create_check_channel(<<"avatar">>),
-    dperl_dal:write_channel(<<"avatar">>, ["office365","token"], TokenInfo).
-
-get_authorize_url(XSRFToken) ->
-    State = #{xsrfToken => XSRFToken, type => <<"office365">>},
-    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
-      scope := Scope} = get_office_365_auth_config(),
-    UrlParams = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
-          "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
-    erlang:iolist_to_binary([Url, "&", UrlParams]).
-
-get_access_token(Code) ->
-    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-      client_secret := Secret, grant_type := GrantType,
-      scope := Scope} = get_office_365_auth_config(),
-    Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
-          "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
-          "client_secret" => {enc, Secret}}),
-    ContentType = "application/x-www-form-urlencoded",
-    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-        {ok, {_, _, TokenInfo}} ->
-            set_token_info(TokenInfo),
-            ok;
-        {error, Error} ->
-            ?Error("Fetching access token : ~p", [Error]),
-            {error, Error}
-    end.
-
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected = false} = State) ->
     ?JTrace("Refreshing access token"),
-    #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
-      scope := Scope} = get_office_365_auth_config(),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(),
-    Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "scope" => {enc, Scope},
-          "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
-          "client_secret" => {enc, Secret}}),
-    ContentType = "application/x-www-form-urlencoded",
-    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-        {ok, {{_, 200, "OK"}, _, TokenBody}} ->
-            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(TokenBody),
-            #{<<"access_token">> := AccessToken} = TokenInfo,
-            ?JInfo("new access token fetched"),
+    case dderl_oauth:refresh_access_token(?OFFICE365) of
+        {ok, AccessToken} ->
+            ?Info("new access token fetched"),
             {ok, State#state{access_token = AccessToken, is_connected = true}};
-        Error ->
+        {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
+    % ?JTrace("Refreshing access token"),
+    % #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
+    %   scope := Scope} = get_office_365_auth_config(),
+    % #{<<"refresh_token">> := RefreshToken} = get_token_info(),
+    % Body = dperl_dal:url_enc_params(
+    %     #{"client_id" => ClientId, "scope" => {enc, Scope},
+    %       "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
+    %       "client_secret" => {enc, Secret}}),
+    % ContentType = "application/x-www-form-urlencoded",
+    % case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+    %     {ok, {{_, 200, "OK"}, _, TokenBody}} ->
+    %         TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
+    %         set_token_info(TokenBody),
+    %         #{<<"access_token">> := AccessToken} = TokenInfo,
+    %         ?JInfo("new access token fetched"),
+    %         {ok, State#state{access_token = AccessToken, is_connected = true}};
+    %     Error ->
+    %         ?JError("Unexpected response : ~p", [Error]),
+    %         {error, Error, State}
+    % end.
 
 get_source_events(#state{audit_start_time = LastStartTime, type = push,
                          push_channel = PChannel} = State, BulkSize) ->
@@ -249,7 +207,7 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
             imem_sec_mnesia:put_enc_hash(EncHash),
-            case get_token_info() of
+            case dderl_oauth:get_token_info(?OFFICE365) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     PChannelBin = dperl_dal:to_binary(PChannel),
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index b339777e..7a3684bd 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -10,20 +10,11 @@
           "Days to be shifted backwards for starting the job")
        ).
 
--define(OURA_RING_AUTH_CONFIG,
-        ?GET_CONFIG(ouraRingAuthConfig,[],
-            #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
-              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
-              client_secret => "12345", grant_type => "authorization_code",
-              token_url => "https://cloud.ouraring.com/oauth/token",
-              scope => "email personal daily"},
-            "Oura Ring auth config")).
-
 % dperl_worker exports
 -export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
          get_status/1, init_state/1]).
 
--export([get_authorize_url/1, get_access_token/1]).
+% -export([get_authorize_url/1, get_access_token/1]).
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
@@ -34,65 +25,54 @@
          do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
          insert_dst/3, update_dst/3, report_status/3]).
 
-get_oura_ring_auth_config() ->
-    ?OURA_RING_AUTH_CONFIG.
-
-get_token_info() ->
-    dperl_dal:read_channel(<<"avatar">>, ["ouraRing","token"]).
-
-set_token_info(TokenInfo) when is_map(TokenInfo) ->
-    set_token_info(imem_json:encode(TokenInfo));
-set_token_info(TokenInfo) when is_list(TokenInfo) ->
-    set_token_info(list_to_binary(TokenInfo));
-set_token_info(TokenInfo) when is_binary(TokenInfo) ->
-    dperl_dal:create_check_channel(<<"avatar">>),
-    dperl_dal:write_channel(<<"avatar">>, ["ouraRing","token"], TokenInfo).
-
-get_authorize_url(XSRFToken) ->
-    State = #{xsrfToken => XSRFToken, type => <<"ouraRing">>},
-    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
-      scope := Scope} = get_oura_ring_auth_config(),
-    UrlParams = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
-          "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
-    erlang:iolist_to_binary([Url, "&", UrlParams]).
-
-get_access_token(Code) ->
-    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-      client_secret := Secret, grant_type := GrantType} = get_oura_ring_auth_config(),
-    Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
-          "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
-    ContentType = "application/x-www-form-urlencoded",
-    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-        {ok, {_, _, TokenInfo}} ->
-            set_token_info(TokenInfo),
-            ok;
-        {error, Error} ->
-            ?Error("Fetching access token : ~p", [Error]),
-            {error, Error}
-    end.
-
+% get_oura_ring_auth_config() ->
+%     ?OURA_RING_AUTH_CONFIG.
+
+% get_token_info() ->
+%     dperl_dal:read_channel(<<"avatar">>, ["ouraRing","token"]).
+
+% set_token_info(TokenInfo) when is_map(TokenInfo) ->
+%     set_token_info(imem_json:encode(TokenInfo));
+% set_token_info(TokenInfo) when is_list(TokenInfo) ->
+%     set_token_info(list_to_binary(TokenInfo));
+% set_token_info(TokenInfo) when is_binary(TokenInfo) ->
+%     dperl_dal:create_check_channel(<<"avatar">>),
+%     dperl_dal:write_channel(<<"avatar">>, ["ouraRing","token"], TokenInfo).
+
+% get_authorize_url(XSRFToken) ->
+%     State = #{xsrfToken => XSRFToken, type => <<"ouraRing">>},
+%     #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
+%       scope := Scope} = get_oura_ring_auth_config(),
+%     UrlParams = dperl_dal:url_enc_params(
+%         #{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
+%           "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
+%     erlang:iolist_to_binary([Url, "&", UrlParams]).
+
+% get_access_token(Code) ->
+%     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
+%       client_secret := Secret, grant_type := GrantType} = get_oura_ring_auth_config(),
+%     Body = dperl_dal:url_enc_params(
+%         #{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
+%           "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
+%     ContentType = "application/x-www-form-urlencoded",
+%     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
+%         {ok, {_, _, TokenInfo}} ->
+%             set_token_info(TokenInfo),
+%             ok;
+%         {error, Error} ->
+%             ?Error("Fetching access token : ~p", [Error]),
+%             {error, Error}
+%     end.
 
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected = false} = State) ->
     ?JTrace("Refreshing access token"),
-    #{token_url := TUrl, client_id := ClientId,
-      client_secret := Secret} = get_oura_ring_auth_config(),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(),
-    Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "client_secret" => {enc, Secret},
-          "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
-    ContentType = "application/x-www-form-urlencoded",
-    case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-        {ok, {{_, 200, "OK"}, _, TokenBody}} ->
-            TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(TokenBody),
-            #{<<"access_token">> := AccessToken} = TokenInfo,
-            ?JInfo("new access token fetched"),
+    case dderl_oauth:refresh_access_token(?OURARING) of
+        {ok, AccessToken} ->
+            ?Info("new access token fetched"),
             {ok, State#state{access_token = AccessToken, is_connected = true}};
-        Error ->
+        {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
@@ -168,7 +148,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
             imem_sec_mnesia:put_enc_hash(EncHash),
-            case get_token_info() of
+            case dderl_oauth:get_token_info(?OURARING) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     KeyPrefix = maps:get(key_prefix, DstArgs, []),
@@ -308,6 +288,9 @@ exec_req(Url, AccessToken) ->
     case httpc:request(get, {Url, AuthHeader}, [], []) of
         {ok, {{_, 200, "OK"}, _, Result}} ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
+        {ok, {{_, 401, _}, _, Error}} ->
+            ?JError("Unauthorized body : ~s", [Error]),
+            {error, unauthorized};
         Error ->
             {error, Error}
     end.

From 34e2e78bef0a8cbff39ecf81c352d8d6ae413045 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 28 May 2020 15:48:51 +0200
Subject: [PATCH 45/72] removed commented code

---
 src/dperl/jobs/dperl_office_365.erl     | 20 ------------
 src/dperl/jobs/dperl_ouraring_crawl.erl | 41 -------------------------
 2 files changed, 61 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 3f7f4caa..8341ee27 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -35,26 +35,6 @@ connect_check_src(#state{is_connected = false} = State) ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
-    % ?JTrace("Refreshing access token"),
-    % #{token_url := TUrl, client_id := ClientId, client_secret := Secret,
-    %   scope := Scope} = get_office_365_auth_config(),
-    % #{<<"refresh_token">> := RefreshToken} = get_token_info(),
-    % Body = dperl_dal:url_enc_params(
-    %     #{"client_id" => ClientId, "scope" => {enc, Scope},
-    %       "refresh_token" => RefreshToken, "grant_type" => "refresh_token",
-    %       "client_secret" => {enc, Secret}}),
-    % ContentType = "application/x-www-form-urlencoded",
-    % case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-    %     {ok, {{_, 200, "OK"}, _, TokenBody}} ->
-    %         TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-    %         set_token_info(TokenBody),
-    %         #{<<"access_token">> := AccessToken} = TokenInfo,
-    %         ?JInfo("new access token fetched"),
-    %         {ok, State#state{access_token = AccessToken, is_connected = true}};
-    %     Error ->
-    %         ?JError("Unexpected response : ~p", [Error]),
-    %         {error, Error, State}
-    % end.
 
 get_source_events(#state{audit_start_time = LastStartTime, type = push,
                          push_channel = PChannel} = State, BulkSize) ->
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 7a3684bd..4dd23027 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -14,8 +14,6 @@
 -export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
          get_status/1, init_state/1]).
 
-% -export([get_authorize_url/1, get_access_token/1]).
-
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
                 infos = [], key_prefix}).
@@ -25,45 +23,6 @@
          do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
          insert_dst/3, update_dst/3, report_status/3]).
 
-% get_oura_ring_auth_config() ->
-%     ?OURA_RING_AUTH_CONFIG.
-
-% get_token_info() ->
-%     dperl_dal:read_channel(<<"avatar">>, ["ouraRing","token"]).
-
-% set_token_info(TokenInfo) when is_map(TokenInfo) ->
-%     set_token_info(imem_json:encode(TokenInfo));
-% set_token_info(TokenInfo) when is_list(TokenInfo) ->
-%     set_token_info(list_to_binary(TokenInfo));
-% set_token_info(TokenInfo) when is_binary(TokenInfo) ->
-%     dperl_dal:create_check_channel(<<"avatar">>),
-%     dperl_dal:write_channel(<<"avatar">>, ["ouraRing","token"], TokenInfo).
-
-% get_authorize_url(XSRFToken) ->
-%     State = #{xsrfToken => XSRFToken, type => <<"ouraRing">>},
-%     #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
-%       scope := Scope} = get_oura_ring_auth_config(),
-%     UrlParams = dperl_dal:url_enc_params(
-%         #{"client_id" => ClientId, "state" => {enc, imem_json:encode(State)},
-%           "scope" => {enc, Scope},"redirect_uri" => {enc, RedirectURI}}),
-%     erlang:iolist_to_binary([Url, "&", UrlParams]).
-
-% get_access_token(Code) ->
-%     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-%       client_secret := Secret, grant_type := GrantType} = get_oura_ring_auth_config(),
-%     Body = dperl_dal:url_enc_params(
-%         #{"client_id" => ClientId, "code" => Code, "redirect_uri" => {enc, RedirectURI},
-%           "client_secret" => {enc, Secret}, "grant_type" => GrantType}),
-%     ContentType = "application/x-www-form-urlencoded",
-%     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
-%         {ok, {_, _, TokenInfo}} ->
-%             set_token_info(TokenInfo),
-%             ok;
-%         {error, Error} ->
-%             ?Error("Fetching access token : ~p", [Error]),
-%             {error, Error}
-%     end.
-
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected = false} = State) ->

From d3aeb8306383ec33a9860ebdd63a3e344a83355b Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 28 May 2020 16:22:08 +0200
Subject: [PATCH 46/72] imem_sec_mnesia renamed to imem_enc_mnesia

---
 src/dderl_fsm.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index e123a6d8..c47ec67e 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -1743,7 +1743,7 @@ handle_call(cache_data, From, SN, #state{tableId = TableId, ctx=#ctx{rowCols=Row
 handle_call(inspect_status, From, SN, State) ->
     {next_state, SN, State, [{reply, From, SN}]};
 handle_call({put_enc_hash, EncHash}, From, SN, State) ->
-    imem_sec_mnesia:put_enc_hash(EncHash),
+    imem_enc_mnesia:put_enc_hash(EncHash),
     {next_state, SN, State, [{reply, From, ok}]};
 handle_call(inspect_state, From, SN, State) ->
     {next_state, SN, State, [{reply, From, State}]};

From f4547103a7abba3219fcbe93cea9b37f159727b8 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Thu, 28 May 2020 16:23:14 +0200
Subject: [PATCH 47/72] imem_sec_mnesia renamed to imem_enc_mnesia

---
 src/dperl/jobs/dperl_office_365.erl     | 2 +-
 src/dperl/jobs/dperl_ouraring_crawl.erl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 8341ee27..c87b9549 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -186,7 +186,7 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
             {stop, badarg};
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
-            imem_sec_mnesia:put_enc_hash(EncHash),
+            imem_enc_mnesia:put_enc_hash(EncHash),
             case dderl_oauth:get_token_info(?OFFICE365) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 4dd23027..55a248ed 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -106,7 +106,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
             {stop, badarg};
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
-            imem_sec_mnesia:put_enc_hash(EncHash),
+            imem_enc_mnesia:put_enc_hash(EncHash),
             case dderl_oauth:get_token_info(?OURARING) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),

From 6422c7234cdac7c850e325d7d827fc0899613105 Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Fri, 29 May 2020 09:06:01 +0200
Subject: [PATCH 48/72] move to imem_enc_mnesia

---
 src/dderl_fsm.erl                       | 2 +-
 src/dperl/jobs/dperl_office_365.erl     | 2 +-
 src/dperl/jobs/dperl_ouraring_crawl.erl | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index e123a6d8..c47ec67e 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -1743,7 +1743,7 @@ handle_call(cache_data, From, SN, #state{tableId = TableId, ctx=#ctx{rowCols=Row
 handle_call(inspect_status, From, SN, State) ->
     {next_state, SN, State, [{reply, From, SN}]};
 handle_call({put_enc_hash, EncHash}, From, SN, State) ->
-    imem_sec_mnesia:put_enc_hash(EncHash),
+    imem_enc_mnesia:put_enc_hash(EncHash),
     {next_state, SN, State, [{reply, From, ok}]};
 handle_call(inspect_state, From, SN, State) ->
     {next_state, SN, State, [{reply, From, State}]};
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index df49981b..11685506 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -248,7 +248,7 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
             {stop, badarg};
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
-            imem_sec_mnesia:put_enc_hash(EncHash),
+            imem_enc_mnesia:put_enc_hash(EncHash),
             case get_token_info() of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index b339777e..98baf123 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -167,7 +167,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
             {stop, badarg};
         {User, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [User]),
-            imem_sec_mnesia:put_enc_hash(EncHash),
+            imem_enc_mnesia:put_enc_hash(EncHash),
             case get_token_info() of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),

From f817beb892225b671dceb8414851fd7fc4d4f52e Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Mon, 1 Jun 2020 12:25:50 +0200
Subject: [PATCH 49/72] not using hardcoded avatar table

---
 src/dderl_dal.erl                       | 27 +++++++++++++++++++++++
 src/dderl_oauth.erl                     | 29 ++++++++++++-------------
 src/dderl_session.erl                   |  3 ++-
 src/dperl/jobs/dperl_office_365.erl     | 14 ++++++------
 src/dperl/jobs/dperl_ouraring_crawl.erl | 14 ++++++------
 5 files changed, 57 insertions(+), 30 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index e0722b15..1944ee6d 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -45,6 +45,9 @@
         ,get_d3_templates_path/1
         ,get_host_app/0
         ,is_proxy/2
+        ,create_check_avatar_table/1
+        ,write_to_avatar_table/3
+        ,read_from_avatar_table/2
         ]).
 
 -record(state, { schema :: term()
@@ -60,6 +63,10 @@
 -define(USE_CONN(__ConnId), {dderl, conn, {conn, __ConnId}, use}).
 -define(USE_LOCAL_CONN, {dderl, conn, local, use}).
 
+-define(GET_AVATAR_TABLE(__USERNAME),
+    ?GET_CONFIG(__USERNAME,[], <<__USERNAME/binary, "_avatar">>,"SAML - flag to verify response signature")).
+
+
 %% Validate this permission.
 -define(USE_ADAPTER, {dderl, adapter, {id, __AdaptId}, use}).
 
@@ -849,6 +856,26 @@ is_proxy(AppId, NetCtx) ->
         _ -> false
     end.
 
+get_avatar_table(Username) when is_atom(Username) ->
+    get_avatar_table(atom_to_binary(Username, utf8));
+get_avatar_table(Username) when is_list(Username) ->
+    get_avatar_table(list_to_binary(Username));
+get_avatar_table(Username) when is_binary(Username) ->
+    ?GET_AVATAR_TABLE(Username).
+
+create_check_avatar_table(Username) ->
+    AvatarTable = get_avatar_table(Username),
+    imem_dal_skvh:create_check_channel(AvatarTable, []).
+    % imem_dal_skvh:create_check_channel(AvatarTable, [encrypted]).
+
+write_to_avatar_table(Username, Key, Value) ->
+    AvatarTable = get_avatar_table(Username),
+    imem_dal_skvh:write(Username, AvatarTable, Key, Value).
+
+read_from_avatar_table(Username, Key) ->
+    AvatarTable = get_avatar_table(Username),
+    imem_dal_skvh:read(Username, AvatarTable, Key).
+
 -spec exec_is_proxy_fun(reference(), map()) -> boolean().
 exec_is_proxy_fun(Fun, NetCtx) ->
     case catch Fun(NetCtx) of
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 021f7a0c..3699a6fe 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -19,21 +19,20 @@
               scope => "email personal daily"},
             "Oura Ring auth config")).
 
--export([get_authorize_url/2, get_access_token/2, get_token_info/1, refresh_access_token/1]).
+-export([get_authorize_url/2, get_access_token/3, get_token_info/2, refresh_access_token/2]).
 
 get_auth_config(?OFFICE365) -> ?OFFICE_365_AUTH_CONFIG;
 get_auth_config(?OURARING) -> ?OURA_RING_AUTH_CONFIG.
 
-get_token_info(Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
-    dperl_dal:read_channel(<<"avatar">>, [binary_to_list(Type),"token"]).
+get_token_info(Username, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+    dderl_dal:read_from_avatar_table(Username, [binary_to_list(Type),"token"]).
 
-set_token_info(TokenInfo, Type) when is_map(TokenInfo) ->
-    set_token_info(imem_json:encode(TokenInfo), Type);
-set_token_info(TokenInfo, Type) when is_list(TokenInfo) ->
-    set_token_info(list_to_binary(TokenInfo), Type);
-set_token_info(TokenInfo, Type) when is_binary(TokenInfo), (Type == ?OFFICE365 orelse Type == ?OURARING) ->
-    dperl_dal:create_check_channel(<<"avatar">>),
-    dperl_dal:write_channel(<<"avatar">>, [binary_to_list(Type), "token"], TokenInfo).
+set_token_info(Username, TokenInfo, Type) when is_map(TokenInfo) ->
+    set_token_info(Username, imem_json:encode(TokenInfo), Type);
+set_token_info(Username, TokenInfo, Type) when is_list(TokenInfo) ->
+    set_token_info(Username, list_to_binary(TokenInfo), Type);
+set_token_info(Username, TokenInfo, Type) when is_binary(TokenInfo), (Type == ?OFFICE365 orelse Type == ?OURARING) ->
+    dderl_dal:write_to_avatar_table(Username, [binary_to_list(Type), "token"], TokenInfo).
 
 get_authorize_url(XSRFToken, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
     State = #{xsrfToken => XSRFToken, type => Type},
@@ -44,7 +43,7 @@ get_authorize_url(XSRFToken, Type) when Type == ?OFFICE365 orelse Type == ?OURAR
           "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
-get_access_token(Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+get_access_token(Username, Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
       client_secret := Secret, grant_type := GrantType,
       scope := Scope} = get_auth_config(Type),
@@ -55,7 +54,7 @@ get_access_token(Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
-            set_token_info(TokenInfo, Type),
+            set_token_info(Username, TokenInfo, Type),
             ok;
         {ok, {{_, Code, _}, _, Error}} ->
             ?Error("Fetching access token : ~p:~p", [Code, Error]),
@@ -65,10 +64,10 @@ get_access_token(Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
             {error, Error}
     end.
 
-refresh_access_token(Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+refresh_access_token(Username, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
     #{token_url := TUrl, client_id := ClientId, scope := Scope,
       client_secret := Secret} = get_auth_config(Type),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(Type),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(Username, Type),
     Body = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "client_secret" => {enc, Secret}, "scope" => {enc, Scope},
           "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
@@ -76,7 +75,7 @@ refresh_access_token(Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(TokenBody, Type),
+            set_token_info(Username, TokenBody, Type),
             #{<<"access_token">> := AccessToken} = TokenInfo,
             {ok, AccessToken};
         Error ->
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index a5fe9704..6b043c52 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -396,7 +396,7 @@ process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oauth2_callback", args => ReqData}, State),
     #{<<"oauth2_callback">> := 
         #{<<"code">> := Code, <<"state">> := #{<<"type">> := Type}}} = jsx:decode(ReqData, [return_maps]),
-    case dderl_oauth:get_access_token(Code, Type) of
+    case dderl_oauth:get_access_token(State#state.user, Code, Type) of
         ok ->
             reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
         {error, Error} ->
@@ -853,6 +853,7 @@ login(ReqData, From, SrcIp, State) ->
         _ ->
             {[UserId],true} = imem_meta:select(ddAccount, [{#ddAccount{name=State#state.user,
                                            id='$1',_='_'}, [], ['$1']}]),
+            ok = dderl_dal:create_check_avatar_table(State#state.user),
             act_log(From, ?LOGIN_CONNECT,
                     #{src => SrcIp, userId => UserId, cmd_resp => "login success",
                       cmd => "login"}, State),
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index c87b9549..fc32e41e 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -15,7 +15,7 @@
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 contacts = [], key_prefix, fetch_url, cl_contacts = [],
                 is_cleanup_finished = true, push_channel, type = pull,
-                audit_start_time = {0,0}, first_sync = true}).
+                audit_start_time = {0,0}, first_sync = true, username}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -25,9 +25,9 @@
 
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected = false} = State) ->
+connect_check_src(#state{is_connected = false, username = Username} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(?OFFICE365) of
+    case dderl_oauth:refresh_access_token(Username, ?OFFICE365) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
             {ok, State#state{access_token = AccessToken, is_connected = true}};
@@ -184,10 +184,10 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
         undefined ->
             ?JError("Encryption hash is not avaialable"),
             {stop, badarg};
-        {User, EncHash} ->
-            ?JInfo("Starting with ~p's enchash...", [User]),
+        {Username, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [Username]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            case dderl_oauth:get_token_info(?OFFICE365) of
+            case dderl_oauth:get_token_info(Username, ?OFFICE365) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     PChannelBin = dperl_dal:to_binary(PChannel),
@@ -197,7 +197,7 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
                     dperl_dal:create_check_channel(PChannelBin),
                     {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
                                     key_prefix = KeyPrefix, access_token = AccessToken,
-                                    push_channel = PChannelBin, type = Type}};
+                                    push_channel = PChannelBin, type = Type, username = Username}};
                 _ ->
                     ?JError("Access token not found"),
                     {stop, badarg}
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 55a248ed..a4f06513 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -16,7 +16,7 @@
 
 -record(state, {name, channel, is_connected = true, access_token, api_url,
                 last_sleep_day, last_activity_day, last_readiness_day,
-                infos = [], key_prefix}).
+                infos = [], key_prefix, username}).
 
 % dperl_strategy_scr export
 -export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
@@ -25,9 +25,9 @@
 
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected = false} = State) ->
+connect_check_src(#state{is_connected = false, username = Username} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(?OURARING) of
+    case dderl_oauth:refresh_access_token(Username, ?OURARING) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
             {ok, State#state{access_token = AccessToken, is_connected = true}};
@@ -104,15 +104,15 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
         undefined ->
             ?JError("Encryption hash is not avaialable"),
             {stop, badarg};
-        {User, EncHash} ->
-            ?JInfo("Starting with ~p's enchash...", [User]),
+        {Username, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [Username]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            case dderl_oauth:get_token_info(?OURARING) of
+            case dderl_oauth:get_token_info(Username, ?OURARING) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     KeyPrefix = maps:get(key_prefix, DstArgs, []),
                     dperl_dal:create_check_channel(ChannelBin),
-                    {ok, State#state{channel = ChannelBin, api_url = ApiUrl,
+                    {ok, State#state{channel = ChannelBin, api_url = ApiUrl, username = Username,
                                     key_prefix = KeyPrefix, access_token = AccessToken}};
                 _ ->
                     ?JError("Access token not found"),

From 6540bd05bb8f1666069824a3083d6fb9fb8a8845 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Tue, 2 Jun 2020 20:34:17 +0200
Subject: [PATCH 50/72] read_avatar table issue ffixed

---
 src/dderl_dal.erl | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 1944ee6d..d3bc7254 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -874,7 +874,14 @@ write_to_avatar_table(Username, Key, Value) ->
 
 read_from_avatar_table(Username, Key) ->
     AvatarTable = get_avatar_table(Username),
-    imem_dal_skvh:read(Username, AvatarTable, Key).
+    case imem_dal_skvh:read(Username, AvatarTable, [Key]) of
+        [#{cvalue := CValue}] when is_binary(CValue) ->
+            imem_json:decode(CValue, [return_maps]);
+        [#{cvalue := CValue}] ->
+            CValue;
+        Other ->
+            Other
+    end.
 
 -spec exec_is_proxy_fun(reference(), map()) -> boolean().
 exec_is_proxy_fun(Fun, NetCtx) ->

From cbf3a167e04875a8b0294eb0f8e8b8b2ecb0c43c Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Wed, 3 Jun 2020 20:00:55 +0200
Subject: [PATCH 51/72] reverting last commit

---
 src/dderl_dal.erl | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index d3bc7254..1944ee6d 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -874,14 +874,7 @@ write_to_avatar_table(Username, Key, Value) ->
 
 read_from_avatar_table(Username, Key) ->
     AvatarTable = get_avatar_table(Username),
-    case imem_dal_skvh:read(Username, AvatarTable, [Key]) of
-        [#{cvalue := CValue}] when is_binary(CValue) ->
-            imem_json:decode(CValue, [return_maps]);
-        [#{cvalue := CValue}] ->
-            CValue;
-        Other ->
-            Other
-    end.
+    imem_dal_skvh:read(Username, AvatarTable, Key).
 
 -spec exec_is_proxy_fun(reference(), map()) -> boolean().
 exec_is_proxy_fun(Fun, NetCtx) ->

From 572b0ab3f2d3ea7351c553534ee3b5e119f63f0b Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Thu, 4 Jun 2020 19:10:02 +0200
Subject: [PATCH 52/72] change default config lookup, instance KeyPrefixes not
 yet supported

---
 src/dderl.hrl                           |  6 +-
 src/dderl_dal.erl                       | 51 +++++++-------
 src/dderl_oauth.erl                     | 78 ++++++++++----------
 src/dderl_session.erl                   | 53 +++++++++-----
 src/dperl/dperl.hrl                     |  3 +-
 src/dperl/jobs/dperl_file_copy.erl      |  2 +-
 src/dperl/jobs/dperl_office_365.erl     | 94 ++++++++++++++++++++-----
 src/dperl/jobs/dperl_ouraring_crawl.erl | 93 ++++++++++++++++++------
 src/imem_adapter.erl                    |  2 +-
 9 files changed, 255 insertions(+), 127 deletions(-)

diff --git a/src/dderl.hrl b/src/dderl.hrl
index 00a9920c..50782fac 100644
--- a/src/dderl.hrl
+++ b/src/dderl.hrl
@@ -3,6 +3,8 @@
 
 -include_lib("imem/include/imem_meta.hrl").
 -include_lib("imem/include/imem_exports.hrl").
+% -include("dderl/_checkouts/imem/include/imem_config.hrl").
+
 
 -define(DEFAULT_ROW_SIZE, 100).
 -record(viewstate,
@@ -324,8 +326,8 @@
 
 % OAUTH 
 
--define(OURARING, <<"ouraRing">>).
+-define(SYNC_OURARING, dperl_ouraring_crawl).
 
--define(OFFICE365, <<"office365">>).
+-define(SYNC_OFFICE365, dperl_office_365).
 
 -endif.
diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 1944ee6d..b962596a 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -45,9 +45,9 @@
         ,get_d3_templates_path/1
         ,get_host_app/0
         ,is_proxy/2
-        ,create_check_avatar_table/1
-        ,write_to_avatar_table/3
-        ,read_from_avatar_table/2
+        ,create_check_avatar_channel/1
+        ,write_to_avatar_channel/3
+        ,read_from_avatar_channel/2
         ]).
 
 -record(state, { schema :: term()
@@ -63,9 +63,11 @@
 -define(USE_CONN(__ConnId), {dderl, conn, {conn, __ConnId}, use}).
 -define(USE_LOCAL_CONN, {dderl, conn, local, use}).
 
--define(GET_AVATAR_TABLE(__USERNAME),
-    ?GET_CONFIG(__USERNAME,[], <<__USERNAME/binary, "_avatar">>,"SAML - flag to verify response signature")).
+-define(GET_AVATAR_CHANNEL_PREFIX,
+    ?GET_CONFIG(avatarChannelPrefix,[], <<"ph">>,"PRIVACY_HUB - binary string prefix for avatar channel name")).
 
+-define(GET_AVATAR_CHANNEL_OPTIONS,
+    ?GET_CONFIG(avatarChannelOptions,[], [encrypted,audit,history],"PRIVACY_HUB - table options for avatar channel")).
 
 %% Validate this permission.
 -define(USE_ADAPTER, {dderl, adapter, {id, __AdaptId}, use}).
@@ -856,25 +858,26 @@ is_proxy(AppId, NetCtx) ->
         _ -> false
     end.
 
-get_avatar_table(Username) when is_atom(Username) ->
-    get_avatar_table(atom_to_binary(Username, utf8));
-get_avatar_table(Username) when is_list(Username) ->
-    get_avatar_table(list_to_binary(Username));
-get_avatar_table(Username) when is_binary(Username) ->
-    ?GET_AVATAR_TABLE(Username).
-
-create_check_avatar_table(Username) ->
-    AvatarTable = get_avatar_table(Username),
-    imem_dal_skvh:create_check_channel(AvatarTable, []).
-    % imem_dal_skvh:create_check_channel(AvatarTable, [encrypted]).
-
-write_to_avatar_table(Username, Key, Value) ->
-    AvatarTable = get_avatar_table(Username),
-    imem_dal_skvh:write(Username, AvatarTable, Key, Value).
-
-read_from_avatar_table(Username, Key) ->
-    AvatarTable = get_avatar_table(Username),
-    imem_dal_skvh:read(Username, AvatarTable, Key).
+avatar_channel_name(AccountId) when is_atom(AccountId) ->
+    avatar_channel_name(atom_to_binary(AccountId, utf8));
+avatar_channel_name(AccountId) when is_list(AccountId) ->
+    avatar_channel_name(list_to_binary(AccountId));
+avatar_channel_name(AccountId) when is_binary(AccountId) ->
+    Prefix = ?GET_AVATAR_CHANNEL_PREFIX,
+    <<Prefix/binary, AccountId/binary>>.
+
+% -spec create_check_avatar_channel(ddEntityId()) -> binary().
+create_check_avatar_channel(AccountId) ->
+    imem_dal_skvh:create_check_channel(avatar_channel_name(AccountId), ?GET_AVATAR_CHANNEL_OPTIONS).
+
+write_to_avatar_channel(AccountId, Key, Value) ->
+    imem_dal_skvh:write(AccountId, avatar_channel_name(AccountId), Key, Value).
+
+read_from_avatar_channel(AccountId, Key) ->
+    case imem_dal_skvh:read(AccountId, avatar_channel_name(AccountId), [Key]) of
+        [#{cvalue := CValue}] when is_binary(CValue) -> imem_json:decode(CValue, [return_maps]);
+        [#{cvalue := CValue}] when is_map(CValue)->     CValue
+    end.
 
 -spec exec_is_proxy_fun(reference(), map()) -> boolean().
 exec_is_proxy_fun(Fun, NetCtx) ->
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 3699a6fe..78e0dbff 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -1,60 +1,54 @@
 -module(dderl_oauth).
 
 -include("dderl.hrl").
+% -include("dderl/_checkouts/imem/include/imem_config.hrl").
 
--define(OFFICE_365_AUTH_CONFIG,
-        ?GET_CONFIG(office365AuthConfig,[],
-            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
-              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
-              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
-              scope => "offline_access https://graph.microsoft.com/people.read"},
-            "Office 365 (Graph API) auth config")).
+-define(TOKEN_KEYPART, "#token#").
 
--define(OURA_RING_AUTH_CONFIG,
-        ?GET_CONFIG(ouraRingAuthConfig,[],
-            #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
-              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
-              client_secret => "12345", grant_type => "authorization_code",
-              token_url => "https://cloud.ouraring.com/oauth/token",
-              scope => "email personal daily"},
-            "Oura Ring auth config")).
+-export([ get_authorize_url/3
+        , get_access_token/4
+        , get_token_info/3
+        , refresh_access_token/3
+        ]).
 
--export([get_authorize_url/2, get_access_token/3, get_token_info/2, refresh_access_token/2]).
+get_token_info(AccountId, KeyPrefix, _SyncType) ->
+    dderl_dal:read_from_avatar_channel(AccountId, KeyPrefix ++ [?TOKEN_KEYPART]).
 
-get_auth_config(?OFFICE365) -> ?OFFICE_365_AUTH_CONFIG;
-get_auth_config(?OURARING) -> ?OURA_RING_AUTH_CONFIG.
+set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType) when is_map(TokenInfo) ->
+    set_token_info(AccountId, KeyPrefix, imem_json:encode(TokenInfo), SyncType);
+set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType) when is_list(TokenInfo) ->
+    set_token_info(AccountId, KeyPrefix, list_to_binary(TokenInfo), SyncType);
+set_token_info(AccountId, KeyPrefix, TokenInfo, _SyncType) when is_binary(TokenInfo) ->
+    dderl_dal:write_to_avatar_channel(AccountId, KeyPrefix ++ [?TOKEN_KEYPART], TokenInfo).
 
-get_token_info(Username, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
-    dderl_dal:read_from_avatar_table(Username, [binary_to_list(Type),"token"]).
-
-set_token_info(Username, TokenInfo, Type) when is_map(TokenInfo) ->
-    set_token_info(Username, imem_json:encode(TokenInfo), Type);
-set_token_info(Username, TokenInfo, Type) when is_list(TokenInfo) ->
-    set_token_info(Username, list_to_binary(TokenInfo), Type);
-set_token_info(Username, TokenInfo, Type) when is_binary(TokenInfo), (Type == ?OFFICE365 orelse Type == ?OURARING) ->
-    dderl_dal:write_to_avatar_table(Username, [binary_to_list(Type), "token"], TokenInfo).
-
-get_authorize_url(XSRFToken, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
-    State = #{xsrfToken => XSRFToken, type => Type},
-    #{auth_url := Url, client_id := ClientId, redirect_uri := RedirectURI,
-      scope := Scope} = get_auth_config(Type),
+get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
+    State = #{xsrfToken => XSRFToken, type => SyncType},
+    #{auth_url:=Url, client_id:=ClientId, redirect_uri:=RedirectURI, scope:=Scope} = AuthConfig, 
     UrlParams = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
           "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
-get_access_token(Username, Code, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+get_access_token(AccountId, KeyPrefix, Code, SyncType) ->
+    AuthConfig = try 
+        SyncType:get_auth_config() % ToDo: AuthConfig may depend on JobName or KeyPrefix
+    catch 
+        _:E:S ->
+            ?Error("Finding AuthConfig : ~p ñ~p", [E,S]),
+            {error, E}
+    end,
+    ?Info("get_access_token AuthConfig: ~p",[AuthConfig]),
     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-      client_secret := Secret, grant_type := GrantType,
-      scope := Scope} = get_auth_config(Type),
+            client_secret := Secret, grant_type := GrantType,
+            scope := Scope} = AuthConfig,
     Body = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
-          "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
-          "client_secret" => {enc, Secret}}),
+        "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
+        "client_secret" => {enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
-            set_token_info(Username, TokenInfo, Type),
+            set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType),
             ok;
         {ok, {{_, Code, _}, _, Error}} ->
             ?Error("Fetching access token : ~p:~p", [Code, Error]),
@@ -64,10 +58,10 @@ get_access_token(Username, Code, Type) when Type == ?OFFICE365 orelse Type == ?O
             {error, Error}
     end.
 
-refresh_access_token(Username, Type) when Type == ?OFFICE365 orelse Type == ?OURARING ->
+refresh_access_token(AccountId, KeyPrefix, SyncType) ->
     #{token_url := TUrl, client_id := ClientId, scope := Scope,
-      client_secret := Secret} = get_auth_config(Type),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(Username, Type),
+      client_secret := Secret} = SyncType:get_auth_config(),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(AccountId, KeyPrefix, SyncType),
     Body = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "client_secret" => {enc, Secret}, "scope" => {enc, Scope},
           "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
@@ -75,7 +69,7 @@ refresh_access_token(Username, Type) when Type == ?OFFICE365 orelse Type == ?OUR
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(Username, TokenBody, Type),
+            set_token_info(AccountId, KeyPrefix, TokenBody, SyncType),
             #{<<"access_token">> := AccessToken} = TokenInfo,
             {ok, AccessToken};
         Error ->
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 6b043c52..e65b4fb4 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -35,7 +35,7 @@
           , inactive_tref               :: timer:tref()
           , user        = <<>>          :: binary()
           , user_id                     :: ddEntityId()
-          , sess                        :: {atom, pid()}
+          , sess                        :: {atom(), pid()}
           , active_sender               :: pid()
           , active_receiver             :: pid()
           , downloads   = []            :: integer()
@@ -382,21 +382,35 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
 
 process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "office_365_auth_config"}, State),
-    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, ?OFFICE365),
+    AuthConfig = dperl_office_365:get_auth_config(), % ToDo: may depend on JobName or KeyPrefix
+    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OFFICE365),
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oura_ring_auth_config"}, State),
-    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, ?OURARING),
+    AuthConfig = dperl_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or KeyPrefix
+    ?Info("oura_ring_auth_config ~p",[AuthConfig]),
+    Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OURARING),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oauth2_callback", args => ReqData}, State),
     #{<<"oauth2_callback">> := 
-        #{<<"code">> := Code, <<"state">> := #{<<"type">> := Type}}} = jsx:decode(ReqData, [return_maps]),
-    case dderl_oauth:get_access_token(State#state.user, Code, Type) of
+        #{<<"code">> := Code, <<"state">> := #{<<"type">> := SyncType}}} = jsx:decode(ReqData, [return_maps]),
+    ?Info("oauth2_callback SyncType: ~p Code: ~p",[SyncType, Code]),
+    % ToDo: Check if this data can this be trusted
+    {SyncHandler,KeyPrefix} = try
+        SH = binary_to_existing_atom(SyncType,utf8),
+        {SH,SH:get_key_prefix()} % ToDo: may depend on JobName or KeyPrefix
+    catch 
+        _:E:_ ->
+            ?Error("Finding KeyPrefix : ~p", [E]),
+            reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Error finding KeyPrefix">>}}, self())
+    end,
+    ?Info("oauth2_callback KeyPrefix: ~p",[KeyPrefix]),
+    case dderl_oauth:get_access_token(State#state.user, KeyPrefix, Code, SyncHandler) of
         ok ->
             reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
         {error, Error} ->
@@ -787,7 +801,7 @@ login(ReqData, From, SrcIp, State) ->
     Reply0 = #{vsn => list_to_binary(Vsn), app => HostApp,
                node => Node, host => Host,
                rowNumLimit => imem_sql_expr:rownum_limit()},
-    case catch erlimem_session:run_cmd(ErlImemSess, login,[]) of
+    case catch erlimem_session:run_cmd(ErlImemSess, login3,[]) of
         {error,{{'SecurityException',{?PasswordChangeNeeded,_}},ST}} ->
             ?Warn("Password expired ~s~n~p", [State#state.user, ST]),
             {[UserId],true} = imem_meta:select(ddAccount, [{#ddAccount{name=State#state.user,
@@ -850,17 +864,22 @@ login(ReqData, From, SrcIp, State) ->
                     reply(From, #{login => #{error => format_error(ErrMsg)}}, self()),
                     State
             end;
-        _ ->
-            {[UserId],true} = imem_meta:select(ddAccount, [{#ddAccount{name=State#state.user,
-                                           id='$1',_='_'}, [], ['$1']}]),
-            ok = dderl_dal:create_check_avatar_table(State#state.user),
-            act_log(From, ?LOGIN_CONNECT,
-                    #{src => SrcIp, userId => UserId, cmd_resp => "login success",
-                      cmd => "login"}, State),
-            if is_map(ReqData) -> {#{accountName=>State#state.user}, State#state{user_id = UserId}};
-               true ->
-                    reply(From, #{login => maps:merge(Reply0, #{accountName=>State#state.user})}, self()),
-                    State#state{user_id = UserId}
+        {_SKey, AccountId, EncHash} ->
+            ?Info("Login Result SKey:~p AccountId:~p EncHash:~p",[_SKey,AccountId,EncHash]),
+            ok = dderl_dal:create_check_avatar_channel(AccountId),
+            imem_enc_mnesia:put_enc_hash(EncHash),
+            act_log(From, ?LOGIN_CONNECT
+                , #{src=>SrcIp, userId=>AccountId, cmd_resp=>"login success", cmd=>"login"}
+                , State),
+            if 
+                is_map(ReqData) -> 
+                    {#{accountName=>State#state.user}, State#state{user_id = AccountId}};
+                true ->
+                    reply(From
+                        , #{login => maps:merge(Reply0, #{accountName=>State#state.user})}
+                        , self()
+                    ), 
+                    State#state{user_id = AccountId}
             end
     end.
 
diff --git a/src/dperl/dperl.hrl b/src/dperl/dperl.hrl
index 03f08875..97fc8942 100644
--- a/src/dperl/dperl.hrl
+++ b/src/dperl/dperl.hrl
@@ -2,7 +2,8 @@
 -define(_dperl_HRL_, true).
 
 -define(LOG_TAG, "_dperl_").
--include_lib("dderl/src/dderl.hrl").
+
+-include("../dderl.hrl").          % -include_lib("dderl/src/dderl.hrl").
 
 -type plan() :: at_most_once|at_least_once|on_all_nodes.
 
diff --git a/src/dperl/jobs/dperl_file_copy.erl b/src/dperl/jobs/dperl_file_copy.erl
index c05aa0a8..4cb12f59 100644
--- a/src/dperl/jobs/dperl_file_copy.erl
+++ b/src/dperl/jobs/dperl_file_copy.erl
@@ -1,6 +1,6 @@
 -module(dperl_file_copy).
 
--include_lib("dperl/dperl.hrl").
+-include_lib("../dperl.hrl").
 
 -behavior(dperl_worker).
 
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index fc32e41e..938ca86d 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -1,36 +1,92 @@
 -module(dperl_office_365).
 
--include_lib("dperl/dperl.hrl").
+-include_lib("../dperl.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
 
+-define(AUTH_CONFIG(__JOB_NAME),
+        ?GET_CONFIG(office365AuthConfig,[__JOB_NAME],
+            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+              scope => "offline_access https://graph.microsoft.com/people.read"},
+            "Office 365 (Graph API) auth config")).
+
+-define(KEY_PREFIX(__JOB_NAME),
+          ?GET_CONFIG(keyPrefix, [__JOB_NAME], ["people","Office365"],
+          "Default KeyPrefix for Office365 data")
+       ).
+
 % dperl_worker exports
--export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
-         get_status/1, init_state/1]).
+-export([ init/1
+        , terminate/2
+        , handle_call/3
+        , handle_cast/2
+        , handle_info/2
+        , get_status/1
+        , init_state/1
+        ]).
 
 % contacts graph api
 % https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
 
--record(state, {name, channel, is_connected = true, access_token, api_url,
-                contacts = [], key_prefix, fetch_url, cl_contacts = [],
-                is_cleanup_finished = true, push_channel, type = pull,
-                audit_start_time = {0,0}, first_sync = true, username}).
+-record(state,  { name
+                , channel
+                , is_connected = true
+                , access_token
+                , api_url
+                , contacts = []
+                , key_prefix
+                , fetch_url
+                , cl_contacts = []
+                , is_cleanup_finished = true
+                , push_channel
+                , type = pull
+                , audit_start_time = {0,0}
+                , first_sync = true
+                , accountId
+            }).
 
 % dperl_strategy_scr export
--export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
-         do_cleanup/5, do_refresh/2, load_src_after_key/3, load_dst_after_key/3,
-         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
-         update_dst/3, report_status/3]).
+-export([ connect_check_src/1
+        , get_source_events/2
+        , connect_check_dst/1
+        , do_cleanup/5
+        , do_refresh/2
+        , load_src_after_key/3
+        , load_dst_after_key/3
+        , fetch_src/2
+        , fetch_dst/2
+        , delete_dst/2
+        , insert_dst/3
+        , update_dst/3
+        , report_status/3
+        ]).
+
+% dderl_oauth exports
+-export([ get_auth_config/0
+        , get_auth_config/1
+        , get_key_prefix/0
+        , get_key_prefix/1
+        ]).
+
+get_auth_config() -> ?AUTH_CONFIG(<<>>).
+
+get_auth_config(JobName) -> ?AUTH_CONFIG(JobName).
+
+get_key_prefix() -> ?KEY_PREFIX(<<>>).
+
+get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected = false, username = Username} = State) ->
+connect_check_src(#state{is_connected=false, accountId=AccountId, key_prefix=KeyPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(Username, ?OFFICE365) of
+    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
-            {ok, State#state{access_token = AccessToken, is_connected = true}};
+            {ok, State#state{access_token=AccessToken, is_connected=true}};
         {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
@@ -184,20 +240,20 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
         undefined ->
             ?JError("Encryption hash is not avaialable"),
             {stop, badarg};
-        {Username, EncHash} ->
-            ?JInfo("Starting with ~p's enchash...", [Username]),
+        {AccountId, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            case dderl_oauth:get_token_info(Username, ?OFFICE365) of
+            KeyPrefix = maps:get(key_prefix, DstArgs, get_key_prefix(Name)),
+            case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     PChannelBin = dperl_dal:to_binary(PChannel),
-                    KeyPrefix = maps:get(key_prefix, DstArgs, []),
                     Type = maps:get(type, Args, pull),
                     dperl_dal:create_check_channel(ChannelBin),
                     dperl_dal:create_check_channel(PChannelBin),
                     {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
                                     key_prefix = KeyPrefix, access_token = AccessToken,
-                                    push_channel = PChannelBin, type = Type, username = Username}};
+                                    push_channel = PChannelBin, type = Type, accountId = AccountId}};
                 _ ->
                     ?JError("Access token not found"),
                     {stop, badarg}
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index a4f06513..69cc329a 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -1,36 +1,89 @@
 -module(dperl_ouraring_crawl).
 
--include_lib("dperl/dperl.hrl").
+-include_lib("../dperl.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
 
+-define(AUTH_CONFIG(__JOB_NAME),
+        ?GET_CONFIG(ouraRingAuthConfig,[__JOB_NAME],
+            #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
+              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
+              client_secret => "12345", grant_type => "authorization_code",
+              token_url => "https://cloud.ouraring.com/oauth/token",
+              scope => "email personal daily"},
+            "Oura Ring auth config")).
+
+-define(KEY_PREFIX(__JOB_NAME),
+          ?GET_CONFIG(keyPrefix, [__JOB_NAME], ["healthDevice","OuraRing"],
+          "Default KeyPrefix for Oura Ring data")
+       ).
+
 -define(SHIFT_DAYS(__JOB_NAME),
           ?GET_CONFIG(daysToBeShiftedAtStart, [__JOB_NAME], 100,
           "Days to be shifted backwards for starting the job")
        ).
 
-% dperl_worker exports
--export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
-         get_status/1, init_state/1]).
+-record(state,  { name
+                , channel
+                , is_connected = true
+                , access_token
+                , api_url
+                , last_sleep_day
+                , last_activity_day
+                , last_readiness_day
+                , infos = []
+                , key_prefix
+                , accountId
+                }).
 
--record(state, {name, channel, is_connected = true, access_token, api_url,
-                last_sleep_day, last_activity_day, last_readiness_day,
-                infos = [], key_prefix, username}).
+% dperl_worker exports
+-export([ init/1
+        , terminate/2
+        , handle_call/3
+        , handle_cast/2
+        , handle_info/2
+        , get_status/1
+        , init_state/1
+        ]).
+
+% dderl_oauth exports
+-export([ get_auth_config/0
+        , get_auth_config/1
+        , get_key_prefix/0
+        , get_key_prefix/1
+        ]).
 
 % dperl_strategy_scr export
--export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
-         do_cleanup/2, do_refresh/2, fetch_src/2, fetch_dst/2, delete_dst/2,
-         insert_dst/3, update_dst/3, report_status/3]).
+-export([ connect_check_src/1
+        , get_source_events/2
+        , connect_check_dst/1
+        , do_cleanup/2
+        , do_refresh/2
+        , fetch_src/2
+        , fetch_dst/2
+        , delete_dst/2
+        , insert_dst/3
+        , update_dst/3
+        , report_status/3
+        ]).
+
+get_auth_config() -> ?AUTH_CONFIG(<<>>).
+
+get_auth_config(JobName) -> ?AUTH_CONFIG(JobName).
+
+get_key_prefix() -> ?KEY_PREFIX(<<>>).
+
+get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected = false, username = Username} = State) ->
+connect_check_src(#state{is_connected=false, accountId=AccountId, key_prefix=KeyPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(Username, ?OURARING) of
+    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OURARING) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
-            {ok, State#state{access_token = AccessToken, is_connected = true}};
+            {ok, State#state{access_token=AccessToken, is_connected=true}};
         {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
@@ -104,18 +157,18 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
         undefined ->
             ?JError("Encryption hash is not avaialable"),
             {stop, badarg};
-        {Username, EncHash} ->
-            ?JInfo("Starting with ~p's enchash...", [Username]),
+        {AccountId, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            case dderl_oauth:get_token_info(Username, ?OURARING) of
+            KeyPrefix = maps:get(key_prefix, DstArgs, get_key_prefix(Name)),
+            case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OURARING) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
-                    KeyPrefix = maps:get(key_prefix, DstArgs, []),
                     dperl_dal:create_check_channel(ChannelBin),
-                    {ok, State#state{channel = ChannelBin, api_url = ApiUrl, username = Username,
-                                    key_prefix = KeyPrefix, access_token = AccessToken}};
+                    {ok, State#state{channel=ChannelBin, api_url=ApiUrl, accountId=AccountId,
+                                    key_prefix=KeyPrefix, access_token=AccessToken}};
                 _ ->
-                    ?JError("Access token not found"),
+                    ?JError("Access token not found for KeyPrefix ~p",[KeyPrefix]),
                     {stop, badarg}
             end
     end;
diff --git a/src/imem_adapter.erl b/src/imem_adapter.erl
index 8816674e..cb334460 100644
--- a/src/imem_adapter.erl
+++ b/src/imem_adapter.erl
@@ -810,7 +810,7 @@ process_query(Query, Connection, Params, SessPid) ->
                                         , update_cursor_execute_funs = imem_adapter_funs:update_cursor_execute(Connection, StmtRefs)
                                         }, SessPid),
             erlimem_session:add_stmt_fsm(Connection, StmtRefs, {dderl_fsm, StmtFsm}),
-            EncHash = erlimem_session:run_cmd(Connection, get_enc_hash, []),
+            EncHash = imem_enc_mnesia:get_enc_hash(), 
             dderl_fsm:put_enc_hash(StmtFsm, EncHash),
             ?Debug("StmtRslt ~p ~p", [RowCols, SortSpec]),
             Columns = gen_adapter:build_column_json(lists:reverse(RowCols)),

From d8dbca644cbe4892e59c3bb5ee49e2d2daf43e50 Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Fri, 5 Jun 2020 21:05:04 +0200
Subject: [PATCH 53/72] reworking dperl_office_365, WIP

---
 src/dperl/jobs/dperl_office_365.erl     | 337 ++++++++++++++----------
 src/dperl/jobs/dperl_ouraring_crawl.erl |   2 +-
 2 files changed, 203 insertions(+), 136 deletions(-)

diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 938ca86d..04a44bf6 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -5,17 +5,42 @@
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
 
--define(AUTH_CONFIG(__JOB_NAME),
-        ?GET_CONFIG(office365AuthConfig,[__JOB_NAME],
-            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query",
-              client_id => "12345", redirect_uri => "https://localhost:8443/dderl/", client_secret => "12345", grant_type => "authorization_code",
-              token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token",
-              scope => "offline_access https://graph.microsoft.com/people.read"},
-            "Office 365 (Graph API) auth config")).
+-define(OAUTH2_CONFIG(__JOB_NAME), 
+            ?GET_CONFIG(oAuth2Config,
+            [__JOB_NAME],
+            #{auth_url =>"https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&response_mode=query"
+             ,client_id => "12345"
+             ,redirect_uri => "https://localhost:8443/dderl/"
+             ,client_secret => "12345"
+             ,grant_type => "authorization_code"
+             ,token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token"
+             ,scope => "offline_access https://graph.microsoft.com/people.read"
+             },
+            "Office 365 (Graph API) auth config"
+            )
+        ).
 
 -define(KEY_PREFIX(__JOB_NAME),
-          ?GET_CONFIG(keyPrefix, [__JOB_NAME], ["people","Office365"],
-          "Default KeyPrefix for Office365 data")
+            ?GET_CONFIG(keyPrefix,
+            [__JOB_NAME],
+            ["contact","Office365"],
+            "Default KeyPrefix for Office365 data"
+            )
+       ).
+
+-define(CONTACT_ATTRIBUTES(__JOB_NAME),
+            ?GET_CONFIG(contactAttributes,
+            [__JOB_NAME],
+            [<<"businessPhones">>,<<"mobilePhone">>,<<"title">>,<<"personalNotes">>,<<"parentFolderId">>
+            ,<<"companyName">>,<<"emailAddresses">>,<<"middleName">>,<<"businessHomePage">>,<<"id">>
+            ,<<"assistantName">>,<<"department">>,<<"children">>,<<"officeLocation">>,<<"createdDateTime">>
+            ,<<"profession">>,<<"givenName">>,<<"categories">>,<<"nickName">>,<<"jobTitle">>,<<"yomiGivenName">>
+            ,<<"changeKey">>,<<"surname">>,<<"imAddresses">>,<<"spouseName">>,<<"yomiSurname">>,<<"businessAddress">>
+            ,<<"lastModifiedDateTime">>,<<"generation">>,<<"manager">>,<<"initials">>,<<"displayName">>
+            ,<<"homeAddress">>,<<"otherAddress">>,<<"homePhones">>,<<"fileAs">>,<<"yomiCompanyName">>,<<"birthday">>
+            ], 
+            "Attributes to be synced for Office365 contact data"
+            )
        ).
 
 % dperl_worker exports
@@ -33,18 +58,18 @@
 
 -record(state,  { name
                 , channel
-                , is_connected = true
-                , access_token
-                , api_url
+                , isConnected = true
+                , accessToken
+                , apiUrl
                 , contacts = []
-                , key_prefix
-                , fetch_url
-                , cl_contacts = []
-                , is_cleanup_finished = true
-                , push_channel
+                , keyPrefix
+                , fetchUrl
+                , clContacts = []
+                , isCleanupFinished = true
+                , pushChannel
                 , type = pull
-                , audit_start_time = {0,0}
-                , first_sync = true
+                , auditStartTime = {0,0}
+                , firstSync = true
                 , accountId
             }).
 
@@ -71,151 +96,200 @@
         , get_key_prefix/1
         ]).
 
-get_auth_config() -> ?AUTH_CONFIG(<<>>).
+get_auth_config() -> ?OAUTH2_CONFIG(<<>>).
 
-get_auth_config(JobName) -> ?AUTH_CONFIG(JobName).
+get_auth_config(JobName) -> ?OAUTH2_CONFIG(JobName).
 
 get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
-connect_check_src(#state{is_connected = true} = State) ->
+% determine the contact id (last piece of cekey) from ckey or from the remote id
+% this id is a string representing a hash of the remote id
+-spec local_contact_id(list()|binary()) -> string().
+local_contact_id(Key) when is_list(Key) -> 
+    lists:last(Key);
+local_contact_id(Bin) when is_binary(Bin) -> 
+    io_lib:format("~.36B",[erlang:phash2(Bin)]).
+
+% convert list of remote values (already maps) to list of {Key,RemoteId,RemoteValue} triples
+% which serves as a lookup buffer of the complete remote state, avoiding sorting issues
+format_remote_values_to_kv(Values, KeyPrefix, JobName) ->
+    format_remote_values_to_kv(Values, KeyPrefix, JobName, []).
+
+format_remote_values_to_kv([], _KeyPrefix, _JobName, Acc) -> Acc;
+format_remote_values_to_kv([Value|Values], KeyPrefix, JobName, Acc) -> 
+    #{<<"id">> := RemoteId} = Value,        
+    Key = KeyPrefix ++ [local_contact_id(RemoteId)],
+    format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
+
+% format remote or local value by projecting it down to configured list of synced attributes
+format_value(Value, JobName) when is_map(Value) -> maps:with(?CONTACT_ATTRIBUTES(JobName), Value).
+
+connect_check_src(#state{isConnected=true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected=false, accountId=AccountId, key_prefix=KeyPrefix} = State) ->
+connect_check_src(#state{isConnected=false, accountId=AccountId, keyPrefix=KeyPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
+    case dderl_oauth:refresh_accessToken(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
-            {ok, State#state{access_token=AccessToken, is_connected=true}};
+            {ok, State#state{accessToken=AccessToken, isConnected=true}};
         {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
 
-get_source_events(#state{audit_start_time = LastStartTime, type = push,
-                         push_channel = PChannel} = State, BulkSize) ->
-    case dperl_dal:read_audit_keys(PChannel, LastStartTime, BulkSize) of
+get_source_events(#state{auditStartTime=LastStartTime, type=push,
+            pushChannel=PushChannel, firstSync=FirstSync} = State, BulkSize) ->
+    case dperl_dal:read_audit_keys(PushChannel, LastStartTime, BulkSize) of
         {LastStartTime, LastStartTime, []} ->
-            if State#state.first_sync == true -> 
+            if
+                FirstSync == true -> 
                     ?JInfo("Audit rollup is complete"),
-                    {ok, sync_complete, State#state{first_sync = false}};
-                true -> {ok, sync_complete, State}
+                    {ok, sync_complete, State#state{firstSync=false}};
+                true -> 
+                    {ok, sync_complete, State}
             end;
         {_StartTime, NextStartTime, []} ->
-            {ok, [], State#state{audit_start_time = NextStartTime}};
+            {ok, [], State#state{auditStartTime=NextStartTime}};
         {_StartTime, NextStartTime, Keys} ->
             UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
-            {ok, UniqueKeys, State#state{audit_start_time = NextStartTime}}
+            {ok, UniqueKeys, State#state{auditStartTime=NextStartTime}}
     end;
-get_source_events(#state{contacts = []} = State, _BulkSize) ->
+get_source_events(#state{contacts=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{contacts = Contacts} = State, _BulkSize) ->
-    {ok, Contacts, State#state{contacts = []}}.
+get_source_events(#state{contacts=Contacts} = State, _BulkSize) ->
+    {ok, Contacts, State#state{contacts=[]}}.
 
-connect_check_dst(State) -> {ok, State}.
+connect_check_dst(State) -> {ok, State}.    % Question: Why defaulted for push destination?
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
-fetch_src(Key, #state{type = push} = State) ->
-    dperl_dal:read_channel(State#state.push_channel, Key);
-fetch_src(Key, #state{cl_contacts = Contacts, type = pull}) ->
-    case lists:keyfind(Key, 1, Contacts) of
-        {Key, Contact} -> Contact;
+fetch_src(Key, #state{pushChannel=PushChannel, type=push}) ->
+    dperl_dal:read_channel(PushChannel, Key);
+fetch_src(Key, #state{clContacts=ClContacts, type=pull}) ->
+    case lists:keyfind(Key, 1, ClContacts) of
+        {Key, _RemoteId, Value} -> Value;
         false -> ?NOT_FOUND
     end.
 
-fetch_dst(Key, #state{type = push, api_url = ApiUrl} = State) ->
-    Id = Key -- State#state.key_prefix,
-    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
-    case exec_req(ContactUrl, State#state.access_token) of
-        #{<<"id">> := _} = Contact ->
-            format_contact(Contact);
-        _ -> ?NOT_FOUND
-    end; 
-fetch_dst(Key, State) ->
-    dperl_dal:read_channel(State#state.channel, Key).
-
-insert_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
-    case exec_req(ApiUrl, State#state.access_token, Val, post) of
-        #{<<"id">> := Id} = Contact ->
-            NewKey = State#state.key_prefix ++ [binary_to_list(Id)],
-            ContactBin = imem_json:encode(format_contact(Contact)),
-            dperl_dal:remove_from_channel(State#state.push_channel, Key),
-            dperl_dal:write_channel(State#state.channel, NewKey, ContactBin),
-            dperl_dal:write_channel(State#state.push_channel, NewKey, ContactBin),
+fetch_dst(Key, #state{name=Name, clContacts=ClContacts, type=push, 
+                apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+    case lists:keyfind(Key, 1, ClContacts) of
+        {Key, RemoteId, _Value} -> 
+            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+            case exec_req(ContactUrl, AccessToken) of
+                #{<<"id">> := _} = RValue ->    format_value(RValue, Name);
+                {error, unauthorized} ->        reconnect_exec(State, fetch_dst, [Key]);
+                {error, Error} ->               {error, Error};
+                _ ->                            ?NOT_FOUND
+            end; 
+        false -> 
+            ?NOT_FOUND
+    end;
+fetch_dst(Key, #state{channel=Channel}) ->
+    dperl_dal:read_channel(Channel, Key).
+
+insert_dst(Key, Value, #state{name=Name, channel=Channel, pushChannel=PushChannel, type=push, 
+                        keyPrefix=KeyPrefix, apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+    case exec_req(ApiUrl, AccessToken, Value, post) of
+        #{<<"id">> := Id} = RemoteValue ->
+            NewKey = KeyPrefix ++ [local_contact_id(Id)],
+            FormRemote = format_value(RemoteValue, Name),
+            PushValue = dperl_dal:read_channel(PushChannel, Key),
+            MergeValue = maps:merge(PushValue, FormRemote),
+            MergedBin = imem_json:encode(MergeValue),
+            dperl_dal:remove_from_channel(PushChannel, Key),
+            dperl_dal:write_channel(Channel, NewKey, MergedBin),
+            dperl_dal:write_channel(PushChannel, NewKey, MergedBin),
             {false, State};
         {error, unauthorized} ->
-            reconnect_exec(State, insert_dst, [Key, Val]);
+            reconnect_exec(State, insert_dst, [Key, Value]);
         {error, Error} ->
             {error, Error}
     end;
-insert_dst(Key, Val, State) ->
-    update_dst(Key, Val, State).
-
-delete_dst(Key, #state{type = push, api_url = ApiUrl} = State) ->
-    Id = Key -- State#state.key_prefix,
-    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
-    case exec_req(ContactUrl, State#state.access_token, #{}, delete) of
-        ok ->
-            dperl_dal:remove_from_channel(State#state.channel, Key),
-            {false, State};
-        {error, unauthorized} ->
-            reconnect_exec(State, delete_dst, [Key]);
-        Error ->
-            Error
+insert_dst(Key, Value, State) ->
+    update_dst(Key, Value, State).
+
+delete_dst(Key, #state{channel=Channel, type=push, clContacts=ClContacts, 
+                apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+    case lists:keyfind(Key, 1, ClContacts) of
+        {Key, RemoteId, _Value} -> 
+            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+            case exec_req(ContactUrl, AccessToken, #{}, delete) of
+                ok ->
+                    dperl_dal:remove_from_channel(Channel, Key),
+                    {false, State};
+                {error, unauthorized} ->
+                    reconnect_exec(State, delete_dst, [Key]);
+                Error ->
+                    Error
+            end;
+        false -> 
+            {false, State}
     end;
-delete_dst(Key, #state{channel = Channel} = State) ->
+delete_dst(Key, #state{channel=Channel, pushChannel=PushChannel} = State) ->
     dperl_dal:remove_from_channel(Channel, Key),
-    dperl_dal:remove_from_channel(State#state.push_channel, Key),
+    dperl_dal:remove_from_channel(PushChannel, Key),
     {false, State}.
 
-update_dst(Key, Val, #state{type = push, api_url = ApiUrl} = State) ->
-    Id = Key -- State#state.key_prefix,
-    ContactUrl = erlang:iolist_to_binary([ApiUrl, Id]),
-    case exec_req(ContactUrl, State#state.access_token, Val, patch) of
-        #{<<"id">> := _} = Contact ->
-            ContactBin = imem_json:encode(format_contact(Contact)),
-            dperl_dal:write_channel(State#state.channel, Key, ContactBin),
-            dperl_dal:write_channel(State#state.push_channel, Key, ContactBin),
-            {false, State};
-        {error, unauthorized} ->
-            reconnect_exec(State, update_dst, [Key, Val]);
-        {error, Error} ->
-            {error, Error}
+-spec update_dst(Key::list(), Value::map(), #state{}) -> tuple().
+update_dst(Key, Value, #state{name=Name, channel=Channel, pushChannel=PushChannel, type=push, 
+                        clContacts=ClContacts, apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+    case lists:keyfind(Key, 1, ClContacts) of
+        {Key, RemoteId, _Value} -> 
+            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+            case exec_req(ContactUrl, AccessToken, Value, patch) of
+                #{<<"id">> := _} = RemoteValue ->
+                    FormRemote = format_value(RemoteValue, Name),
+                    OldValue = dperl_dal:read_channel(PushChannel, Key),
+                    MergeValue = maps:merge(OldValue, FormRemote),
+                    MergedBin = imem_json:encode(MergeValue),
+                    dperl_dal:remove_from_channel(PushChannel, Key),
+                    dperl_dal:write_channel(Channel, Key, MergedBin),
+                    dperl_dal:write_channel(PushChannel, Key, MergedBin),
+                    {false, State};
+                {error, unauthorized} ->
+                    reconnect_exec(State, update_dst, [Key, Value]);
+                {error, Error} ->
+                    {error, Error}
+            end;
+        false -> 
+            {false, State}
     end;
-update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
-    dperl_dal:write_channel(Channel, Key, Val),
-    dperl_dal:write_channel(State#state.push_channel, Key, Val),
-    {false, State};
-update_dst(Key, Val, State) ->
-    update_dst(Key, imem_json:encode(Val), State).
+update_dst(Key, Value, #state{channel=Channel, pushChannel=PushChannel} = State) when is_map(Value) ->
+    OldValue = dperl_dal:read_channel(Channel, Key),
+    MergeValue = maps:merge(OldValue, Value),
+    MergedBin = imem_json:encode(MergeValue),
+    dperl_dal:write_channel(Channel, Key, MergedBin),
+    dperl_dal:write_channel(PushChannel, Key, MergedBin),
+    {false, State}.
 
 report_status(_Key, _Status, _State) -> no_op.
 
 load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
     dperl_dal:read_gt(Channel, CurKey, BlkCount).
 
-load_src_after_key(CurKey, BlkCount, #state{fetch_url = undefined} = State) ->
-    % https://graph.microsoft.com/v1.0/me/contacts/?$top=100&$select=displayName&orderby=displayName
+load_src_after_key(CurKey, BlkCount, #state{type=pull, fetchUrl=undefined, apiUrl=ApiUrl} = State) ->
     UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
-    ContactsUrl = erlang:iolist_to_binary([State#state.api_url, "?", UrlParams]),
-    load_src_after_key(CurKey, BlkCount, State#state{fetch_url = ContactsUrl});
-load_src_after_key(CurKey, BlkCount, #state{is_cleanup_finished = true, key_prefix = KeyPrefix,
-                                            access_token = AccessToken, fetch_url = FetchUrl} = State) ->
+    ContactsUrl = erlang:iolist_to_binary([ApiUrl, "?", UrlParams]),
+    load_src_after_key(CurKey, BlkCount, State#state{fetchUrl=ContactsUrl});
+load_src_after_key(CurKey, BlkCount, #state{name=Name, type=pull, isCleanupFinished=true, 
+                            keyPrefix=KeyPrefix, accessToken=AccessToken, fetchUrl=FetchUrl} = State) ->
     % fetch all contacts
-    case fetch_all_contacts(FetchUrl, AccessToken, KeyPrefix) of
+    case fetch_all_contacts(FetchUrl, AccessToken, KeyPrefix, Name) of
         {ok, Contacts} ->
-            load_src_after_key(CurKey, BlkCount, State#state{cl_contacts = Contacts, is_cleanup_finished = false});
+            load_src_after_key(CurKey, BlkCount, State#state{clContacts=Contacts, isCleanupFinished=false});
         {error, unauthorized} ->
             reconnect_exec(State, load_src_after_key, [CurKey, BlkCount]);
         {error, Error} ->
             {error, Error, State}
     end;
-load_src_after_key(CurKey, BlkCount, #state{cl_contacts = Contacts} = State) ->
+load_src_after_key(CurKey, BlkCount, #state{clContacts=Contacts} = State) ->
     {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
 
 reconnect_exec(State, Fun, Args) ->
-    case connect_check_src(State#state{is_connected = false}) of
+    case connect_check_src(State#state{isConnected = false}) of
         {ok, State1} ->
             erlang:apply(?MODULE, Fun, Args ++ [State1]);
         {error, Error, State1} ->
@@ -226,16 +300,16 @@ do_cleanup(_Deletes, _Inserts, _Diffs, _IsFinished, #state{type = push}) ->
     {error, <<"cleanup only for pull job">>};
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
     NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
-    if IsFinished -> {ok, finish, NewState#state{is_cleanup_finished = true}};
-       true -> {ok, NewState}
+    if IsFinished ->    {ok, finish, NewState#state{isCleanupFinished=true}};
+       true ->          {ok, NewState}
     end.
 
 get_status(#state{}) -> #{}.
 
 init_state(_) -> #state{}.
 
-init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
-                dstArgs = #{channel := Channel, push_channel := PChannel} = DstArgs}, State}) ->
+init({#dperlJob{name=Name, srcArgs = #{apiUrl := ApiUrl}, args = Args,
+                dstArgs = #{channel := Channel, pushChannel := PChannel} = DstArgs}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -243,17 +317,17 @@ init({#dperlJob{name=Name, srcArgs = #{api_url := ApiUrl}, args = Args,
         {AccountId, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            KeyPrefix = maps:get(key_prefix, DstArgs, get_key_prefix(Name)),
+            KeyPrefix = maps:get(keyPrefix, DstArgs, get_key_prefix(Name)),
             case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
-                #{<<"access_token">> := AccessToken} ->
+                #{<<"accessToken">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     PChannelBin = dperl_dal:to_binary(PChannel),
                     Type = maps:get(type, Args, pull),
                     dperl_dal:create_check_channel(ChannelBin),
                     dperl_dal:create_check_channel(PChannelBin),
-                    {ok, State#state{channel = ChannelBin, name = Name, api_url = ApiUrl,
-                                    key_prefix = KeyPrefix, access_token = AccessToken,
-                                    push_channel = PChannelBin, type = Type, accountId = AccountId}};
+                    {ok, State#state{channel = ChannelBin, name = Name, apiUrl = ApiUrl,
+                                    keyPrefix = KeyPrefix, accessToken = AccessToken,
+                                    pushChannel = PChannelBin, type = Type, accountId = AccountId}};
                 _ ->
                     ?JError("Access token not found"),
                     {stop, badarg}
@@ -281,28 +355,19 @@ terminate(Reason, _State) ->
 
 %% private functions
 
-format_contacts([], _) -> [];
-format_contacts([#{<<"id">> := IdBin} = Contact | Contacts], KeyPrefix) ->
-    Id = binary_to_list(IdBin),
-    Key = KeyPrefix ++ [Id],
-    [{Key, format_contact(Contact)} | format_contacts(Contacts, KeyPrefix)].
-
-format_contact(Contact) ->
-    maps:without([<<"@odata.etag">>, <<"@odata.context">>], Contact).
-
-fetch_all_contacts(Url, AccessToken, KeyPrefix) ->
-    fetch_all_contacts(Url, AccessToken, KeyPrefix, []).
+fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName) ->
+    fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, []).
 
-fetch_all_contacts(Url, AccessToken, KeyPrefix, AccContacts) ->
+fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, AccContacts) ->
     ?JTrace("Fetching contacts with url : ~s", [Url]),
     ?JTrace("Fetched contacts : ~p", [length(AccContacts)]),
     case exec_req(Url, AccessToken) of
-        #{<<"@odata.nextLink">> := NextUrl, <<"value">> := Contacts} ->
-            FContacts = format_contacts(Contacts, KeyPrefix),
-            fetch_all_contacts(NextUrl, AccessToken, KeyPrefix, lists:append(FContacts, AccContacts));
-        #{<<"value">> := Contacts} ->
-            FContacts = format_contacts(Contacts, KeyPrefix),
-            {ok, lists:keysort(1, lists:append(FContacts, AccContacts))};
+        #{<<"@odata.nextLink">> := NextUrl, <<"value">> := MoreContacts} ->
+            Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
+            fetch_all_contacts(NextUrl, AccessToken, KeyPrefix, lists:append(Contacts, AccContacts));
+        #{<<"value">> := MoreContacts} ->
+            Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
+            {ok, lists:append(Contacts, AccContacts)};
         {error, Error} ->
             {error, Error}
     end.
@@ -318,6 +383,7 @@ get_contacts_gt(CurKey, BlkCount, [{Key, _} | Contacts], Acc) when Key =< CurKey
 get_contacts_gt(CurKey, BlkCount, [Contact | Contacts], Acc) ->
     get_contacts_gt(CurKey, BlkCount, Contacts, [Contact | Acc]).
 
+-spec exec_req(Url::binary()|string(), AccessToken::binary()) -> tuple().
 exec_req(Url, AccessToken) when is_binary(Url) ->
     exec_req(binary_to_list(Url), AccessToken);
 exec_req(Url, AccessToken) ->
@@ -331,7 +397,8 @@ exec_req(Url, AccessToken) ->
             {error, Error}
     end.
 
-exec_req(Url, AccessToken, Body, Method) when is_binary(Url) ->
+-spec exec_req(Url::binary()|string(), AccessToken::binary(), Body::map(), Method::atom()) -> tuple().
+exec_req(Url, AccessToken, Body, Method) when is_binary(Url), is_map(Body) ->
     exec_req(binary_to_list(Url), AccessToken, Body, Method);
 exec_req(Url, AccessToken, Body, Method) ->
     AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
index 69cc329a..c0de1b91 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -6,7 +6,7 @@
 -behavior(dperl_strategy_scr).
 
 -define(AUTH_CONFIG(__JOB_NAME),
-        ?GET_CONFIG(ouraRingAuthConfig,[__JOB_NAME],
+        ?GET_CONFIG(oAuth2Config,[__JOB_NAME],
             #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
               client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
               client_secret => "12345", grant_type => "authorization_code",

From b48315d45cb862c38845abf7fa220f1d56c897cd Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Sun, 7 Jun 2020 20:33:54 +0200
Subject: [PATCH 54/72] contact sync WIP, still remote state as triples,
 deletes outside prefix

---
 src/dderl_dal.erl                   |  3 ++-
 src/dderl_session.erl               |  2 +-
 src/dperl/jobs/dperl_office_365.erl | 18 ++++++++++--------
 3 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index b962596a..afa0e302 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -876,7 +876,8 @@ write_to_avatar_channel(AccountId, Key, Value) ->
 read_from_avatar_channel(AccountId, Key) ->
     case imem_dal_skvh:read(AccountId, avatar_channel_name(AccountId), [Key]) of
         [#{cvalue := CValue}] when is_binary(CValue) -> imem_json:decode(CValue, [return_maps]);
-        [#{cvalue := CValue}] when is_map(CValue)->     CValue
+        [#{cvalue := CValue}] when is_map(CValue)->     CValue;
+        [] ->                                           []
     end.
 
 -spec exec_is_proxy_fun(reference(), map()) -> boolean().
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index e65b4fb4..f223209f 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -865,7 +865,7 @@ login(ReqData, From, SrcIp, State) ->
                     State
             end;
         {_SKey, AccountId, EncHash} ->
-            ?Info("Login Result SKey:~p AccountId:~p EncHash:~p",[_SKey,AccountId,EncHash]),
+            %?Info("Login Result SKey:~p AccountId:~p EncHash:~p",[_SKey,AccountId,EncHash]),
             ok = dderl_dal:create_check_avatar_channel(AccountId),
             imem_enc_mnesia:put_enc_hash(EncHash),
             act_log(From, ?LOGIN_CONNECT
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index 04a44bf6..f6d85d3f 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -61,10 +61,10 @@
                 , isConnected = true
                 , accessToken
                 , apiUrl
-                , contacts = []
+                , contacts = []         % 
                 , keyPrefix
                 , fetchUrl
-                , clContacts = []
+                , clContacts = []       % 
                 , isCleanupFinished = true
                 , pushChannel
                 , type = pull
@@ -130,7 +130,7 @@ connect_check_src(#state{isConnected=true} = State) ->
     {ok, State};
 connect_check_src(#state{isConnected=false, accountId=AccountId, keyPrefix=KeyPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_accessToken(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
+    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
         {ok, AccessToken} ->
             ?Info("new access token fetched"),
             {ok, State#state{accessToken=AccessToken, isConnected=true}};
@@ -308,8 +308,8 @@ get_status(#state{}) -> #{}.
 
 init_state(_) -> #state{}.
 
-init({#dperlJob{name=Name, srcArgs = #{apiUrl := ApiUrl}, args = Args,
-                dstArgs = #{channel := Channel, pushChannel := PChannel} = DstArgs}, State}) ->
+init({#dperlJob{name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args,
+                dstArgs=#{channel:=Channel, pushChannel:=PChannel} = DstArgs}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -319,7 +319,7 @@ init({#dperlJob{name=Name, srcArgs = #{apiUrl := ApiUrl}, args = Args,
             imem_enc_mnesia:put_enc_hash(EncHash),
             KeyPrefix = maps:get(keyPrefix, DstArgs, get_key_prefix(Name)),
             case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
-                #{<<"accessToken">> := AccessToken} ->
+                #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     PChannelBin = dperl_dal:to_binary(PChannel),
                     Type = maps:get(type, Args, pull),
@@ -329,7 +329,7 @@ init({#dperlJob{name=Name, srcArgs = #{apiUrl := ApiUrl}, args = Args,
                                     keyPrefix = KeyPrefix, accessToken = AccessToken,
                                     pushChannel = PChannelBin, type = Type, accountId = AccountId}};
                 _ ->
-                    ?JError("Access token not found"),
+                    ?JError("Access token not found for ~p at ~p", [AccountId, KeyPrefix]),
                     {stop, badarg}
             end
     end;
@@ -355,6 +355,8 @@ terminate(Reason, _State) ->
 
 %% private functions
 
+%% Fetch all remote contacts, create 3-tuple {Key::list(), RemoteId::binary(), RemoteValue::map())
+%% Sort by Key (needed for sync)
 fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName) ->
     fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, []).
 
@@ -367,7 +369,7 @@ fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, AccContacts) ->
             fetch_all_contacts(NextUrl, AccessToken, KeyPrefix, lists:append(Contacts, AccContacts));
         #{<<"value">> := MoreContacts} ->
             Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
-            {ok, lists:append(Contacts, AccContacts)};
+            {ok, lists:keysort(1, lists:append(Contacts, AccContacts))};
         {error, Error} ->
             {error, Error}
     end.

From ab6099e5da642740fa385c75e49ef8e6e19f9730 Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Tue, 9 Jun 2020 22:26:19 +0200
Subject: [PATCH 55/72] remove pushChannel and create index on remoteIds

---
 src/dderl_oauth.erl                 |  32 ++--
 src/dderl_session.erl               |  16 +-
 src/dperl/jobs/dperl_office_365.erl | 252 +++++++++++++++++-----------
 3 files changed, 178 insertions(+), 122 deletions(-)

diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 78e0dbff..733a0963 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -11,15 +11,15 @@
         , refresh_access_token/3
         ]).
 
-get_token_info(AccountId, KeyPrefix, _SyncType) ->
-    dderl_dal:read_from_avatar_channel(AccountId, KeyPrefix ++ [?TOKEN_KEYPART]).
+get_token_info(AccountId, TokenPrefix, _SyncType) ->
+    dderl_dal:read_from_avatar_channel(AccountId, TokenPrefix ++ [?TOKEN_KEYPART]).
 
-set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType) when is_map(TokenInfo) ->
-    set_token_info(AccountId, KeyPrefix, imem_json:encode(TokenInfo), SyncType);
-set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType) when is_list(TokenInfo) ->
-    set_token_info(AccountId, KeyPrefix, list_to_binary(TokenInfo), SyncType);
-set_token_info(AccountId, KeyPrefix, TokenInfo, _SyncType) when is_binary(TokenInfo) ->
-    dderl_dal:write_to_avatar_channel(AccountId, KeyPrefix ++ [?TOKEN_KEYPART], TokenInfo).
+set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_map(TokenInfo) ->
+    set_token_info(AccountId, TokenPrefix, imem_json:encode(TokenInfo), SyncType);
+set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_list(TokenInfo) ->
+    set_token_info(AccountId, TokenPrefix, list_to_binary(TokenInfo), SyncType);
+set_token_info(AccountId, TokenPrefix, TokenInfo, _SyncType) when is_binary(TokenInfo) ->
+    dderl_dal:write_to_avatar_channel(AccountId, TokenPrefix ++ [?TOKEN_KEYPART], TokenInfo).
 
 get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
     State = #{xsrfToken => XSRFToken, type => SyncType},
@@ -29,9 +29,9 @@ get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
           "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
-get_access_token(AccountId, KeyPrefix, Code, SyncType) ->
+get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
     AuthConfig = try 
-        SyncType:get_auth_config() % ToDo: AuthConfig may depend on JobName or KeyPrefix
+        SyncType:get_auth_config() % ToDo: AuthConfig may depend on JobName or TokenPrefix
     catch 
         _:E:S ->
             ?Error("Finding AuthConfig : ~p ñ~p", [E,S]),
@@ -48,7 +48,7 @@ get_access_token(AccountId, KeyPrefix, Code, SyncType) ->
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
-            set_token_info(AccountId, KeyPrefix, TokenInfo, SyncType),
+            set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType),
             ok;
         {ok, {{_, Code, _}, _, Error}} ->
             ?Error("Fetching access token : ~p:~p", [Code, Error]),
@@ -58,10 +58,10 @@ get_access_token(AccountId, KeyPrefix, Code, SyncType) ->
             {error, Error}
     end.
 
-refresh_access_token(AccountId, KeyPrefix, SyncType) ->
+refresh_access_token(AccountId, TokenPrefix, SyncType) ->
     #{token_url := TUrl, client_id := ClientId, scope := Scope,
       client_secret := Secret} = SyncType:get_auth_config(),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(AccountId, KeyPrefix, SyncType),
+    #{<<"refresh_token">> := RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncType),
     Body = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "client_secret" => {enc, Secret}, "scope" => {enc, Scope},
           "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
@@ -69,9 +69,9 @@ refresh_access_token(AccountId, KeyPrefix, SyncType) ->
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(AccountId, KeyPrefix, TokenBody, SyncType),
-            #{<<"access_token">> := AccessToken} = TokenInfo,
-            {ok, AccessToken};
+            set_token_info(AccountId, TokenPrefix, TokenBody, SyncType),
+            #{<<"access_token">> := Token} = TokenInfo,
+            {ok, Token};
         Error ->
             {error, Error}
     end.
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index f223209f..e34272e6 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -382,14 +382,14 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
 
 process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "office_365_auth_config"}, State),
-    AuthConfig = dperl_office_365:get_auth_config(), % ToDo: may depend on JobName or KeyPrefix
+    AuthConfig = dperl_office_365:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
     Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OFFICE365),
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oura_ring_auth_config"}, State),
-    AuthConfig = dperl_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or KeyPrefix
+    AuthConfig = dperl_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
     ?Info("oura_ring_auth_config ~p",[AuthConfig]),
     Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OURARING),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
@@ -401,16 +401,16 @@ process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
         #{<<"code">> := Code, <<"state">> := #{<<"type">> := SyncType}}} = jsx:decode(ReqData, [return_maps]),
     ?Info("oauth2_callback SyncType: ~p Code: ~p",[SyncType, Code]),
     % ToDo: Check if this data can this be trusted
-    {SyncHandler,KeyPrefix} = try
+    {SyncHandler,TokenPrefix} = try
         SH = binary_to_existing_atom(SyncType,utf8),
-        {SH,SH:get_key_prefix()} % ToDo: may depend on JobName or KeyPrefix
+        {SH,SH:get_auth_token_key_prefix()} % ToDo: may depend on JobName or TokenPrefix
     catch 
         _:E:_ ->
-            ?Error("Finding KeyPrefix : ~p", [E]),
-            reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Error finding KeyPrefix">>}}, self())
+            ?Error("Finding TokenPrefix : ~p", [E]),
+            reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Error finding TokenPrefix">>}}, self())
     end,
-    ?Info("oauth2_callback KeyPrefix: ~p",[KeyPrefix]),
-    case dderl_oauth:get_access_token(State#state.user, KeyPrefix, Code, SyncHandler) of
+    ?Info("oauth2_callback TokenPrefix: ~p",[TokenPrefix]),
+    case dderl_oauth:get_access_token(State#state.user, TokenPrefix, Code, SyncHandler) of
         ok ->
             reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
         {error, Error} ->
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dperl_office_365.erl
index f6d85d3f..4da0c550 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dperl_office_365.erl
@@ -20,29 +20,56 @@
             )
         ).
 
+-define(OAUTH2_TOKEN_KEY_PREFIX(__JOB_NAME),
+            ?GET_CONFIG(oAuth2TokenKeyPrefix,
+            [__JOB_NAME],
+            ["dperlJob","Office365"],
+            "Default KeyPrefix for Office365 token cache"
+            )
+       ).
+
 -define(KEY_PREFIX(__JOB_NAME),
             ?GET_CONFIG(keyPrefix,
             [__JOB_NAME],
             ["contact","Office365"],
-            "Default KeyPrefix for Office365 data"
+            "Default KeyPrefix for Office365 contact data"
+            )
+       ).
+
+-define(CONTACT_INDEXID,
+            ?GET_CONFIG(contactIndexId,
+            [],
+            1,
+            "Id for index on Office365 contact data"
             )
        ).
 
--define(CONTACT_ATTRIBUTES(__JOB_NAME),
+-define(CONTENT_ATTRIBUTES(__JOB_NAME),
             ?GET_CONFIG(contactAttributes,
             [__JOB_NAME],
-            [<<"businessPhones">>,<<"mobilePhone">>,<<"title">>,<<"personalNotes">>,<<"parentFolderId">>
-            ,<<"companyName">>,<<"emailAddresses">>,<<"middleName">>,<<"businessHomePage">>,<<"id">>
-            ,<<"assistantName">>,<<"department">>,<<"children">>,<<"officeLocation">>,<<"createdDateTime">>
-            ,<<"profession">>,<<"givenName">>,<<"categories">>,<<"nickName">>,<<"jobTitle">>,<<"yomiGivenName">>
-            ,<<"changeKey">>,<<"surname">>,<<"imAddresses">>,<<"spouseName">>,<<"yomiSurname">>,<<"businessAddress">>
-            ,<<"lastModifiedDateTime">>,<<"generation">>,<<"manager">>,<<"initials">>,<<"displayName">>
-            ,<<"homeAddress">>,<<"otherAddress">>,<<"homePhones">>,<<"fileAs">>,<<"yomiCompanyName">>,<<"birthday">>
+            [<<"businessPhones">>,<<"mobilePhone">> %,<<"title">> ,<<"personalNotes">>
+            ,<<"companyName">>,<<"emailAddresses">> % ,<<"middleName">>,<<"businessHomePage">>
+            ,<<"assistantName">>,<<"department">> % ,<<"children">>,<<"officeLocation">>
+            ,<<"profession">>,<<"givenName">>,<<"categories">>,<<"jobTitle">> % ,<<"nickName">>,<<"yomiGivenName">>
+            ,<<"surname">>,<<"imAddresses">>,<<"businessAddress">> % ,<<"spouseName">>,<<"yomiSurname">>
+            ,<<"manager">> % ,<<"generation">>,<<"initials">>,<<"displayName">>
+            % ,<<"homeAddress">>,<<"otherAddress">>,<<"homePhones">>,<<"fileAs">>,<<"yomiCompanyName">>,<<"birthday">>
             ], 
             "Attributes to be synced for Office365 contact data"
             )
        ).
 
+-define(META_ATTRIBUTES(__JOB_NAME),
+            ?GET_CONFIG(contactAttributes,
+            [__JOB_NAME],
+            [<<"id">>
+            ,<<"lastModifiedDateTime">>
+            ,<<"changeKey">>            %,<<"parentFolderId">>,<<"createdDateTime">>
+            ], 
+            "Attributes used for Office365 contact change tracking"
+            )
+       ).
+
 % dperl_worker exports
 -export([ init/1
         , terminate/2
@@ -56,21 +83,22 @@
 % contacts graph api
 % https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
 
--record(state,  { name
-                , channel
-                , isConnected = true
-                , accessToken
-                , apiUrl
-                , contacts = []         % 
-                , keyPrefix
-                , fetchUrl
-                , clContacts = []       % 
-                , isCleanupFinished = true
-                , pushChannel
-                , type = pull
-                , auditStartTime = {0,0}
-                , firstSync = true
-                , accountId
+-record(state,  { name                      :: binary()
+                , type = pull               :: pull|push
+                , channel                   :: binary()
+                , keyPrefix                 :: list()
+                , tokenPrefix               :: list()
+                , token                     :: map()
+                , apiUrl                    :: binary()
+                , fetchUrl                  :: binary()
+                , contacts = []             :: list()
+                , clContacts = []           :: list()
+                , isConnected = true        :: boolean()
+                , isFirstSync = true        :: boolean()
+                , isCleanupFinished = true  :: boolean()
+                , auditStartTime = {0,0}    :: tuple()
+                , template  = ?NOT_FOUND    :: ?NOT_FOUND|map()
+                , accountId                 :: system|integer()
             }).
 
 % dperl_strategy_scr export
@@ -92,6 +120,8 @@
 % dderl_oauth exports
 -export([ get_auth_config/0
         , get_auth_config/1
+        , get_auth_token_key_prefix/0
+        , get_auth_token_key_prefix/1
         , get_key_prefix/0
         , get_key_prefix/1
         ]).
@@ -100,6 +130,10 @@ get_auth_config() -> ?OAUTH2_CONFIG(<<>>).
 
 get_auth_config(JobName) -> ?OAUTH2_CONFIG(JobName).
 
+get_auth_token_key_prefix() -> ?OAUTH2_TOKEN_KEY_PREFIX(<<>>).
+
+get_auth_token_key_prefix(JobName) -> ?OAUTH2_TOKEN_KEY_PREFIX(JobName).
+
 get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
@@ -123,30 +157,31 @@ format_remote_values_to_kv([Value|Values], KeyPrefix, JobName, Acc) ->
     Key = KeyPrefix ++ [local_contact_id(RemoteId)],
     format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
 
-% format remote or local value by projecting it down to configured list of synced attributes
-format_value(Value, JobName) when is_map(Value) -> maps:with(?CONTACT_ATTRIBUTES(JobName), Value).
+% format remote or local value by projecting it down to configured list of synced (meta + content) attributes
+format_value(Value, JobName) when is_map(Value) -> 
+    maps:with(?META_ATTRIBUTES(JobName)++?CONTENT_ATTRIBUTES(JobName), Value).
 
 connect_check_src(#state{isConnected=true} = State) ->
     {ok, State};
-connect_check_src(#state{isConnected=false, accountId=AccountId, keyPrefix=KeyPrefix} = State) ->
+connect_check_src(#state{isConnected=false, accountId=AccountId, tokenPrefix=TokenPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
-        {ok, AccessToken} ->
+    case dderl_oauth:refresh_access_token(AccountId, TokenPrefix, ?SYNC_OFFICE365) of
+        {ok, Token} ->
             ?Info("new access token fetched"),
-            {ok, State#state{accessToken=AccessToken, isConnected=true}};
+            {ok, State#state{token=Token, isConnected=true}};
         {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
 
 get_source_events(#state{auditStartTime=LastStartTime, type=push,
-            pushChannel=PushChannel, firstSync=FirstSync} = State, BulkSize) ->
-    case dperl_dal:read_audit_keys(PushChannel, LastStartTime, BulkSize) of
+            channel=Channel, isFirstSync=IsFirstSync} = State, BulkSize) ->
+    case dperl_dal:read_audit_keys(Channel, LastStartTime, BulkSize) of
         {LastStartTime, LastStartTime, []} ->
             if
-                FirstSync == true -> 
+                IsFirstSync -> 
                     ?JInfo("Audit rollup is complete"),
-                    {ok, sync_complete, State#state{firstSync=false}};
+                    {ok, sync_complete, State#state{isFirstSync=false}};
                 true -> 
                     {ok, sync_complete, State}
             end;
@@ -159,14 +194,15 @@ get_source_events(#state{auditStartTime=LastStartTime, type=push,
 get_source_events(#state{contacts=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
 get_source_events(#state{contacts=Contacts} = State, _BulkSize) ->
+    ?Info("get_source_events result count ~p~n~p",[length(Contacts), hd(Contacts)]),
     {ok, Contacts, State#state{contacts=[]}}.
 
 connect_check_dst(State) -> {ok, State}.    % Question: Why defaulted for push destination?
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
-fetch_src(Key, #state{pushChannel=PushChannel, type=push}) ->
-    dperl_dal:read_channel(PushChannel, Key);
+fetch_src(Key, #state{channel=Channel, type=push}) ->
+    dperl_dal:read_channel(Channel, Key);
 fetch_src(Key, #state{clContacts=ClContacts, type=pull}) ->
     case lists:keyfind(Key, 1, ClContacts) of
         {Key, _RemoteId, Value} -> Value;
@@ -174,11 +210,11 @@ fetch_src(Key, #state{clContacts=ClContacts, type=pull}) ->
     end.
 
 fetch_dst(Key, #state{name=Name, clContacts=ClContacts, type=push, 
-                apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+                apiUrl=ApiUrl, token=Token} = State) ->
     case lists:keyfind(Key, 1, ClContacts) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, AccessToken) of
+            case exec_req(ContactUrl, Token) of
                 #{<<"id">> := _} = RValue ->    format_value(RValue, Name);
                 {error, unauthorized} ->        reconnect_exec(State, fetch_dst, [Key]);
                 {error, Error} ->               {error, Error};
@@ -190,33 +226,44 @@ fetch_dst(Key, #state{name=Name, clContacts=ClContacts, type=push,
 fetch_dst(Key, #state{channel=Channel}) ->
     dperl_dal:read_channel(Channel, Key).
 
-insert_dst(Key, Value, #state{name=Name, channel=Channel, pushChannel=PushChannel, type=push, 
-                        keyPrefix=KeyPrefix, apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
-    case exec_req(ApiUrl, AccessToken, Value, post) of
-        #{<<"id">> := Id} = RemoteValue ->
-            NewKey = KeyPrefix ++ [local_contact_id(Id)],
-            FormRemote = format_value(RemoteValue, Name),
-            PushValue = dperl_dal:read_channel(PushChannel, Key),
-            MergeValue = maps:merge(PushValue, FormRemote),
-            MergedBin = imem_json:encode(MergeValue),
-            dperl_dal:remove_from_channel(PushChannel, Key),
-            dperl_dal:write_channel(Channel, NewKey, MergedBin),
-            dperl_dal:write_channel(PushChannel, NewKey, MergedBin),
-            {false, State};
-        {error, unauthorized} ->
-            reconnect_exec(State, insert_dst, [Key, Value]);
-        {error, Error} ->
-            {error, Error}
+insert_dst(Key, Value, #state{type=push, apiUrl=ApiUrl, token=Token} = State) ->
+    case exec_req(ApiUrl, Token, Value, post) of
+        #{<<"id">> := _} = RemoteValue ->   merge_meta_to_local(Key, RemoteValue, State);
+        {error, unauthorized} ->            reconnect_exec(State, insert_dst, [Key, Value]);
+        {error, Error} ->                   {error, Error}
     end;
 insert_dst(Key, Value, State) ->
-    update_dst(Key, Value, State).
+    Result = update_dst(Key, Value, State),
+    ?Info("insert_dst ~p~n~p~nresult ~p",[Key, Value, Result]),
+    Result.
+
+merge_meta_to_local(Key, RemoteValue, #state{channel=Channel, tokenPrefix=TokenPrefix} = State) ->
+    AccessId = access_id(TokenPrefix),
+    MetaItem = #{<<"id">> => maps:get(<<"id">>, RemoteValue)},
+    case dperl_dal:read_channel(Channel, Key) of
+        #{<<"META">> := Meta} = LocVal ->
+            case maps:merge(Meta, #{AccessId => MetaItem}) of 
+                Meta -> 
+                    ok;     % RemoteMeta already there
+                NewM ->
+                    MergedBin = imem_json:encode(LocVal#{<<"META">> => NewM}), 
+                    dperl_dal:write_channel(Channel, Key, MergedBin)
+            end;
+        LocVal ->
+            MergedBin = imem_json:encode(LocVal#{<<"META">> => MetaItem}),
+            dperl_dal:write_channel(Channel, Key, MergedBin)
+    end,
+    {false, State}.
+
+access_id(TokenPrefix) ->
+    list_to_binary(string:join(TokenPrefix,"/")).
 
 delete_dst(Key, #state{channel=Channel, type=push, clContacts=ClContacts, 
-                apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+                apiUrl=ApiUrl, token=Token} = State) ->
     case lists:keyfind(Key, 1, ClContacts) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, AccessToken, #{}, delete) of
+            case exec_req(ContactUrl, Token, #{}, delete) of
                 ok ->
                     dperl_dal:remove_from_channel(Channel, Key),
                     {false, State};
@@ -228,26 +275,24 @@ delete_dst(Key, #state{channel=Channel, type=push, clContacts=ClContacts,
         false -> 
             {false, State}
     end;
-delete_dst(Key, #state{channel=Channel, pushChannel=PushChannel} = State) ->
+delete_dst(Key, #state{channel=Channel} = State) ->
+    ?Info("delete_dst ~p",[Key]),
     dperl_dal:remove_from_channel(Channel, Key),
-    dperl_dal:remove_from_channel(PushChannel, Key),
     {false, State}.
 
 -spec update_dst(Key::list(), Value::map(), #state{}) -> tuple().
-update_dst(Key, Value, #state{name=Name, channel=Channel, pushChannel=PushChannel, type=push, 
-                        clContacts=ClContacts, apiUrl=ApiUrl, accessToken=AccessToken} = State) ->
+update_dst(Key, Value, #state{name=Name, channel=Channel, type=push, 
+                clContacts=ClContacts, apiUrl=ApiUrl, token=Token} = State) ->
     case lists:keyfind(Key, 1, ClContacts) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, AccessToken, Value, patch) of
+            case exec_req(ContactUrl, Token, Value, patch) of
                 #{<<"id">> := _} = RemoteValue ->
                     FormRemote = format_value(RemoteValue, Name),
-                    OldValue = dperl_dal:read_channel(PushChannel, Key),
+                    OldValue = dperl_dal:read_channel(Channel, Key),
                     MergeValue = maps:merge(OldValue, FormRemote),
                     MergedBin = imem_json:encode(MergeValue),
-                    dperl_dal:remove_from_channel(PushChannel, Key),
                     dperl_dal:write_channel(Channel, Key, MergedBin),
-                    dperl_dal:write_channel(PushChannel, Key, MergedBin),
                     {false, State};
                 {error, unauthorized} ->
                     reconnect_exec(State, update_dst, [Key, Value]);
@@ -257,27 +302,29 @@ update_dst(Key, Value, #state{name=Name, channel=Channel, pushChannel=PushChanne
         false -> 
             {false, State}
     end;
-update_dst(Key, Value, #state{channel=Channel, pushChannel=PushChannel} = State) when is_map(Value) ->
+update_dst(Key, Value, #state{channel=Channel} = State) when is_map(Value) ->
     OldValue = dperl_dal:read_channel(Channel, Key),
     MergeValue = maps:merge(OldValue, Value),
     MergedBin = imem_json:encode(MergeValue),
     dperl_dal:write_channel(Channel, Key, MergedBin),
-    dperl_dal:write_channel(PushChannel, Key, MergedBin),
     {false, State}.
 
 report_status(_Key, _Status, _State) -> no_op.
 
-load_dst_after_key(CurKey, BlkCount, #state{channel = Channel}) ->
-    dperl_dal:read_gt(Channel, CurKey, BlkCount).
+load_dst_after_key(CurKey, BlkCount, #state{type=pull, keyPrefix=KeyPrefix} = State) when CurKey < KeyPrefix ->
+    load_dst_after_key(KeyPrefix, BlkCount, State);
+load_dst_after_key(CurKey, BlkCount, #state{channel=Channel, type=pull, keyPrefix=KeyPrefix}) ->
+    Filter = fun({K,_}) -> lists:prefix(KeyPrefix,K) end,
+    lists:filter(Filter, dperl_dal:read_gt(Channel, CurKey, BlkCount)).
 
 load_src_after_key(CurKey, BlkCount, #state{type=pull, fetchUrl=undefined, apiUrl=ApiUrl} = State) ->
     UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
     ContactsUrl = erlang:iolist_to_binary([ApiUrl, "?", UrlParams]),
     load_src_after_key(CurKey, BlkCount, State#state{fetchUrl=ContactsUrl});
 load_src_after_key(CurKey, BlkCount, #state{name=Name, type=pull, isCleanupFinished=true, 
-                            keyPrefix=KeyPrefix, accessToken=AccessToken, fetchUrl=FetchUrl} = State) ->
+                            keyPrefix=KeyPrefix, token=Token, fetchUrl=FetchUrl} = State) ->
     % fetch all contacts
-    case fetch_all_contacts(FetchUrl, AccessToken, KeyPrefix, Name) of
+    case fetch_all_contacts(FetchUrl, Token, KeyPrefix, Name) of
         {ok, Contacts} ->
             load_src_after_key(CurKey, BlkCount, State#state{clContacts=Contacts, isCleanupFinished=false});
         {error, unauthorized} ->
@@ -285,7 +332,7 @@ load_src_after_key(CurKey, BlkCount, #state{name=Name, type=pull, isCleanupFinis
         {error, Error} ->
             {error, Error, State}
     end;
-load_src_after_key(CurKey, BlkCount, #state{clContacts=Contacts} = State) ->
+load_src_after_key(CurKey, BlkCount, #state{type=pull, clContacts=Contacts} = State) ->
     {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
 
 reconnect_exec(State, Fun, Args) ->
@@ -309,7 +356,7 @@ get_status(#state{}) -> #{}.
 init_state(_) -> #state{}.
 
 init({#dperlJob{name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args,
-                dstArgs=#{channel:=Channel, pushChannel:=PChannel} = DstArgs}, State}) ->
+                dstArgs=#{channel:=Channel} = DstArgs}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -318,18 +365,27 @@ init({#dperlJob{name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args,
             ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
             KeyPrefix = maps:get(keyPrefix, DstArgs, get_key_prefix(Name)),
-            case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OFFICE365) of
-                #{<<"access_token">> := AccessToken} ->
-                    ChannelBin = dperl_dal:to_binary(Channel),
-                    PChannelBin = dperl_dal:to_binary(PChannel),
+            TokenPrefix = get_auth_token_key_prefix(Name),
+            case dderl_oauth:get_token_info(AccountId, TokenPrefix, ?SYNC_OFFICE365) of
+                #{<<"access_token">> := Token} ->
                     Type = maps:get(type, Args, pull),
+                    ChannelBin = dperl_dal:to_binary(Channel),
                     dperl_dal:create_check_channel(ChannelBin),
-                    dperl_dal:create_check_channel(PChannelBin),
-                    {ok, State#state{channel = ChannelBin, name = Name, apiUrl = ApiUrl,
-                                    keyPrefix = KeyPrefix, accessToken = AccessToken,
-                                    pushChannel = PChannelBin, type = Type, accountId = AccountId}};
+                    ContactIff = <<"fun() ->imem_index:gen_iff_binterm_list_pattern([\"contact\",'_','_']) end.">>,
+                    PLContact = [{':',<<"id">>, {'#', <<"values">>, {':', <<"META">>, <<"cvalue">>}}}],
+                    IdxContact = #ddIdxDef{id = ?CONTACT_INDEXID
+                                          ,name = <<"idx_contact">>
+                                          ,type = iv_k
+                                          ,pl = PLContact
+                                          ,vnf = <<"fun imem_index:vnf_identity/1.">>
+                                          ,iff = ContactIff},
+                    dperl_dal:create_check_index(ChannelBin, [IdxContact]),
+                    {ok, State#state{ name=Name, type=Type, channel=ChannelBin, keyPrefix=KeyPrefix
+                                    , apiUrl=ApiUrl, tokenPrefix=TokenPrefix
+                                    , token=Token, accountId = AccountId
+                                    , template=dperl_dal:read_channel(Channel, KeyPrefix)}};
                 _ ->
-                    ?JError("Access token not found for ~p at ~p", [AccountId, KeyPrefix]),
+                    ?JError("Access token not found for ~p at ~p", [AccountId, TokenPrefix]),
                     {stop, badarg}
             end
     end;
@@ -357,16 +413,16 @@ terminate(Reason, _State) ->
 
 %% Fetch all remote contacts, create 3-tuple {Key::list(), RemoteId::binary(), RemoteValue::map())
 %% Sort by Key (needed for sync)
-fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName) ->
-    fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, []).
+fetch_all_contacts(Url, Token, KeyPrefix, JobName) ->
+    fetch_all_contacts(Url, Token, KeyPrefix, JobName, []).
 
-fetch_all_contacts(Url, AccessToken, KeyPrefix, JobName, AccContacts) ->
+fetch_all_contacts(Url, Token, KeyPrefix, JobName, AccContacts) ->
     ?JTrace("Fetching contacts with url : ~s", [Url]),
     ?JTrace("Fetched contacts : ~p", [length(AccContacts)]),
-    case exec_req(Url, AccessToken) of
+    case exec_req(Url, Token) of
         #{<<"@odata.nextLink">> := NextUrl, <<"value">> := MoreContacts} ->
             Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
-            fetch_all_contacts(NextUrl, AccessToken, KeyPrefix, lists:append(Contacts, AccContacts));
+            fetch_all_contacts(NextUrl, Token, KeyPrefix, lists:append(Contacts, AccContacts));
         #{<<"value">> := MoreContacts} ->
             Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
             {ok, lists:keysort(1, lists:append(Contacts, AccContacts))};
@@ -385,11 +441,11 @@ get_contacts_gt(CurKey, BlkCount, [{Key, _} | Contacts], Acc) when Key =< CurKey
 get_contacts_gt(CurKey, BlkCount, [Contact | Contacts], Acc) ->
     get_contacts_gt(CurKey, BlkCount, Contacts, [Contact | Acc]).
 
--spec exec_req(Url::binary()|string(), AccessToken::binary()) -> tuple().
-exec_req(Url, AccessToken) when is_binary(Url) ->
-    exec_req(binary_to_list(Url), AccessToken);
-exec_req(Url, AccessToken) ->
-    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+-spec exec_req(Url::binary()|string(), Token::binary()) -> tuple().
+exec_req(Url, Token) when is_binary(Url) ->
+    exec_req(binary_to_list(Url), Token);
+exec_req(Url, Token) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
     case httpc:request(get, {Url, AuthHeader}, [], []) of
         {ok, {{_, 200, "OK"}, _, Result}} ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
@@ -399,11 +455,11 @@ exec_req(Url, AccessToken) ->
             {error, Error}
     end.
 
--spec exec_req(Url::binary()|string(), AccessToken::binary(), Body::map(), Method::atom()) -> tuple().
-exec_req(Url, AccessToken, Body, Method) when is_binary(Url), is_map(Body) ->
-    exec_req(binary_to_list(Url), AccessToken, Body, Method);
-exec_req(Url, AccessToken, Body, Method) ->
-    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+-spec exec_req(Url::binary()|string(), Token::binary(), Body::map(), Method::atom()) -> tuple().
+exec_req(Url, Token, Body, Method) when is_binary(Url), is_map(Body) ->
+    exec_req(binary_to_list(Url), Token, Body, Method);
+exec_req(Url, Token, Body, Method) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
     % Headers = [AuthHeader, {"Contnet-type", "application/json"}],
     case httpc:request(Method, {Url, AuthHeader, "application/json", imem_json:encode(Body)}, [], []) of
         {ok, {{_, 201, _}, _, Result}} ->

From 24416a1daad13cdaa242baae9e927cc02e42ad8d Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Wed, 10 Jun 2020 14:36:11 +0200
Subject: [PATCH 56/72] move imem hrl files from /include to /src and rename
 job worker modules

---
 src/dderl.hrl                                             | 7 +++----
 src/dderl_dal.erl                                         | 2 +-
 src/dderl_data_receiver.erl                               | 4 ++--
 src/dderl_data_sender.erl                                 | 2 +-
 src/dderl_diff.erl                                        | 2 +-
 src/dderl_fsm.erl                                         | 2 +-
 src/dderl_oauth.erl                                       | 1 -
 src/dderl_rest.erl                                        | 2 +-
 src/dderlodpi.hrl                                         | 2 +-
 src/dperl/dperl.hrl                                       | 2 +-
 src/dperl/dperl_metrics.erl                               | 2 +-
 src/dperl/{jobs => }/dperl_status.hrl                     | 2 +-
 .../jobs/{dperl_file_copy.erl => dpjob_file_copy.erl}     | 4 ++--
 .../jobs/{dperl_office_365.erl => dpjob_office_365.erl}   | 8 ++++----
 ...{dperl_ouraring_crawl.erl => dpjob_ouraring_crawl.erl} | 4 ++--
 .../jobs/{dperl_skvh_copy.erl => dpjob_skvh_copy.erl}     | 4 ++--
 .../jobs/{dperl_status_agr.erl => dpjob_status_agr.erl}   | 4 ++--
 .../jobs/{dperl_status_pre.erl => dpjob_status_pre.erl}   | 4 ++--
 .../jobs/{dperl_status_pull.erl => dpjob_status_pull.erl} | 4 ++--
 src/gen_adapter.erl                                       | 2 +-
 src/imem_adapter.erl                                      | 2 +-
 src/odpi_adapter.erl                                      | 2 +-
 test/dperl_file_copy_SUITE.erl                            | 4 ++--
 23 files changed, 35 insertions(+), 37 deletions(-)
 rename src/dperl/{jobs => }/dperl_status.hrl (98%)
 rename src/dperl/jobs/{dperl_file_copy.erl => dpjob_file_copy.erl} (99%)
 rename src/dperl/jobs/{dperl_office_365.erl => dpjob_office_365.erl} (99%)
 rename src/dperl/jobs/{dperl_ouraring_crawl.erl => dpjob_ouraring_crawl.erl} (99%)
 rename src/dperl/jobs/{dperl_skvh_copy.erl => dpjob_skvh_copy.erl} (99%)
 rename src/dperl/jobs/{dperl_status_agr.erl => dpjob_status_agr.erl} (99%)
 rename src/dperl/jobs/{dperl_status_pre.erl => dpjob_status_pre.erl} (98%)
 rename src/dperl/jobs/{dperl_status_pull.erl => dpjob_status_pull.erl} (99%)

diff --git a/src/dderl.hrl b/src/dderl.hrl
index 50782fac..b503834c 100644
--- a/src/dderl.hrl
+++ b/src/dderl.hrl
@@ -1,10 +1,9 @@
 -ifndef(DDERL_HRL).
 -define(DDERL_HRL, true).
 
--include_lib("imem/include/imem_meta.hrl").
--include_lib("imem/include/imem_exports.hrl").
-% -include("dderl/_checkouts/imem/include/imem_config.hrl").
-
+-include_lib("imem/src/imem_config.hrl").
+-include_lib("imem/src/imem_meta.hrl").
+-include_lib("imem/src/imem_exports.hrl").
 
 -define(DEFAULT_ROW_SIZE, 100).
 -record(viewstate,
diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index afa0e302..350cddbf 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -607,7 +607,7 @@ is_local_query(Qry) ->
 can_connect_locally(Sess) ->
     erlimem_session:run_cmd(Sess, have_permission, [[?USE_LOCAL_CONN]]) == true.
 
--spec conn_permission({atom(), pid()}, ddEntityId(), #ddConn{}) -> boolean().
+-spec conn_permission({atom(), pid()}, integer()|atom(), #ddConn{}) -> boolean().
 conn_permission(_Sess, UserId, #ddConn{owner=UserId}) -> true; %% If it is the owner always allow usage.
 conn_permission(Sess, _UserId, #ddConn{id=ConnId, owner=system}) ->
     erlimem_session:run_cmd(Sess, have_permission, [?USE_SYS_CONNS]) orelse  %% If it can use system connections.
diff --git a/src/dderl_data_receiver.erl b/src/dderl_data_receiver.erl
index 34b2d3d9..b542b005 100644
--- a/src/dderl_data_receiver.erl
+++ b/src/dderl_data_receiver.erl
@@ -3,8 +3,8 @@
 
 -include("dderl.hrl").
 -include("gres.hrl").
--include_lib("imem/include/imem_sql.hrl").  %% Included for stmtCol record
--include_lib("imem/include/imem_meta.hrl"). %% Included for config access
+-include_lib("imem/src/imem_sql.hrl").  %% Included for stmtCol record
+-include_lib("imem/src/imem_meta.hrl"). %% Included for config access
 
 -export([start_link/4
         ,get_status/2
diff --git a/src/dderl_data_sender.erl b/src/dderl_data_sender.erl
index a6d87c34..49db3e73 100644
--- a/src/dderl_data_sender.erl
+++ b/src/dderl_data_sender.erl
@@ -2,7 +2,7 @@
 -behaviour(gen_server).
 
 -include("dderl.hrl").
--include_lib("imem/include/imem_meta.hrl"). %% Included for config access
+-include_lib("imem/src/imem_meta.hrl"). %% Included for config access
 
 -export([start_link/3
         ,connect/2
diff --git a/src/dderl_diff.erl b/src/dderl_diff.erl
index 59df38c9..c19dff3d 100644
--- a/src/dderl_diff.erl
+++ b/src/dderl_diff.erl
@@ -2,7 +2,7 @@
 
 -include("dderl.hrl").
 -include("gres.hrl").
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -export([
     term_diff/6
diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index c47ec67e..9f250770 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -7,7 +7,7 @@
 
 -include("dderl.hrl").
 -include("gres.hrl").
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -ifndef(NoFilter).
 %% TODO driver should translate for the same effect
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 733a0963..03676ee9 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -1,7 +1,6 @@
 -module(dderl_oauth).
 
 -include("dderl.hrl").
-% -include("dderl/_checkouts/imem/include/imem_config.hrl").
 
 -define(TOKEN_KEYPART, "#token#").
 
diff --git a/src/dderl_rest.erl b/src/dderl_rest.erl
index ae476ffc..b4f063b6 100644
--- a/src/dderl_rest.erl
+++ b/src/dderl_rest.erl
@@ -2,7 +2,7 @@
 -behaviour(cowboy_loop).
 
 -include("dderl.hrl").
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 % gen_server exports
 -export([start_link/0, init/1, terminate/2, handle_call/3, handle_cast/2,
diff --git a/src/dderlodpi.hrl b/src/dderlodpi.hrl
index e02d3537..c72c6a5a 100644
--- a/src/dderlodpi.hrl
+++ b/src/dderlodpi.hrl
@@ -2,7 +2,7 @@
 -define(DDERLODPI_HRL, true).
 
 -include("dderl.hrl").
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -define(InitTimeout, 3600000).
 -define(ExecTimeout, 3600000).
diff --git a/src/dperl/dperl.hrl b/src/dperl/dperl.hrl
index 97fc8942..e4db8898 100644
--- a/src/dperl/dperl.hrl
+++ b/src/dperl/dperl.hrl
@@ -3,7 +3,7 @@
 
 -define(LOG_TAG, "_dperl_").
 
--include("../dderl.hrl").          % -include_lib("dderl/src/dderl.hrl").
+-include("../dderl.hrl").          
 
 -type plan() :: at_most_once|at_least_once|on_all_nodes.
 
diff --git a/src/dperl/dperl_metrics.erl b/src/dperl/dperl_metrics.erl
index d2c53aa9..4fae5edc 100644
--- a/src/dperl/dperl_metrics.erl
+++ b/src/dperl/dperl_metrics.erl
@@ -1,7 +1,7 @@
 -module(dperl_metrics).
 
 -include("dperl.hrl").
--include_lib("jobs/dperl_status.hrl").
+-include("dperl_status.hrl").
 
 -behaviour(imem_gen_metrics).
 
diff --git a/src/dperl/jobs/dperl_status.hrl b/src/dperl/dperl_status.hrl
similarity index 98%
rename from src/dperl/jobs/dperl_status.hrl
rename to src/dperl/dperl_status.hrl
index 20e062d3..0546dced 100644
--- a/src/dperl/jobs/dperl_status.hrl
+++ b/src/dperl/dperl_status.hrl
@@ -1,7 +1,7 @@
 -ifndef(_dperl_STATUS_HRL_).
 -define(_dperl_STATUS_HRL_, true).
 
--include_lib("dperl/dperl.hrl").
+-include("dperl.hrl").
 
 -record(context, {
             name                           :: list(),
diff --git a/src/dperl/jobs/dperl_file_copy.erl b/src/dperl/jobs/dpjob_file_copy.erl
similarity index 99%
rename from src/dperl/jobs/dperl_file_copy.erl
rename to src/dperl/jobs/dpjob_file_copy.erl
index 4cb12f59..d9e13692 100644
--- a/src/dperl/jobs/dperl_file_copy.erl
+++ b/src/dperl/jobs/dpjob_file_copy.erl
@@ -1,6 +1,6 @@
--module(dperl_file_copy).
+-module(dpjob_file_copy).
 
--include_lib("../dperl.hrl").
+-include("../dperl.hrl").
 
 -behavior(dperl_worker).
 
diff --git a/src/dperl/jobs/dperl_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
similarity index 99%
rename from src/dperl/jobs/dperl_office_365.erl
rename to src/dperl/jobs/dpjob_office_365.erl
index 4da0c550..04676c32 100644
--- a/src/dperl/jobs/dperl_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -1,10 +1,10 @@
--module(dperl_office_365).
+-module(dpjob_office_365).
 
--include_lib("../dperl.hrl").
+-include("../dperl.hrl").
 
 -behavior(dperl_worker).
--behavior(dperl_strategy_scr).
-
+-behavior(dperl_strategy_scr). 
+ 
 -define(OAUTH2_CONFIG(__JOB_NAME), 
             ?GET_CONFIG(oAuth2Config,
             [__JOB_NAME],
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dpjob_ouraring_crawl.erl
similarity index 99%
rename from src/dperl/jobs/dperl_ouraring_crawl.erl
rename to src/dperl/jobs/dpjob_ouraring_crawl.erl
index c0de1b91..3a8bd0f1 100644
--- a/src/dperl/jobs/dperl_ouraring_crawl.erl
+++ b/src/dperl/jobs/dpjob_ouraring_crawl.erl
@@ -1,6 +1,6 @@
--module(dperl_ouraring_crawl).
+-module(dpjob_ouraring_crawl).
 
--include_lib("../dperl.hrl").
+-include("../dperl.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
diff --git a/src/dperl/jobs/dperl_skvh_copy.erl b/src/dperl/jobs/dpjob_skvh_copy.erl
similarity index 99%
rename from src/dperl/jobs/dperl_skvh_copy.erl
rename to src/dperl/jobs/dpjob_skvh_copy.erl
index a148fad1..013c8834 100644
--- a/src/dperl/jobs/dperl_skvh_copy.erl
+++ b/src/dperl/jobs/dpjob_skvh_copy.erl
@@ -1,6 +1,6 @@
--module(dperl_skvh_copy).
+-module(dpjob_skvh_copy).
 
--include_lib("dperl/dperl.hrl").
+-include("../dperl.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
diff --git a/src/dperl/jobs/dperl_status_agr.erl b/src/dperl/jobs/dpjob_status_agr.erl
similarity index 99%
rename from src/dperl/jobs/dperl_status_agr.erl
rename to src/dperl/jobs/dpjob_status_agr.erl
index fe17251e..fa8a241b 100644
--- a/src/dperl/jobs/dperl_status_agr.erl
+++ b/src/dperl/jobs/dpjob_status_agr.erl
@@ -1,6 +1,6 @@
--module(dperl_status_agr).
+-module(dpjob_status_agr).
 
--include("dperl_status.hrl").
+-include("../dperl_status.hrl").
 
 -export([sync_puller_error/5, check_nodes/5, merge_node_errors/5,
          check_memory_on_nodes/5, check_heartbeats/5, check_job_error/5,
diff --git a/src/dperl/jobs/dperl_status_pre.erl b/src/dperl/jobs/dpjob_status_pre.erl
similarity index 98%
rename from src/dperl/jobs/dperl_status_pre.erl
rename to src/dperl/jobs/dpjob_status_pre.erl
index 408b8da0..a6b3290d 100644
--- a/src/dperl/jobs/dperl_status_pre.erl
+++ b/src/dperl/jobs/dpjob_status_pre.erl
@@ -1,6 +1,6 @@
--module(dperl_status_pre).
+-module(dpjob_status_pre).
 
--include("dperl_status.hrl").
+-include("../dperl_status.hrl").
 
 -export([preprocess/5]).
 
diff --git a/src/dperl/jobs/dperl_status_pull.erl b/src/dperl/jobs/dpjob_status_pull.erl
similarity index 99%
rename from src/dperl/jobs/dperl_status_pull.erl
rename to src/dperl/jobs/dpjob_status_pull.erl
index eca12c91..f15414a1 100644
--- a/src/dperl/jobs/dperl_status_pull.erl
+++ b/src/dperl/jobs/dpjob_status_pull.erl
@@ -1,6 +1,6 @@
--module(dperl_status_pull).
+-module(dpjob_status_pull).
 
--include("dperl_status.hrl").
+-include("../dperl_status.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
diff --git a/src/gen_adapter.erl b/src/gen_adapter.erl
index 73265a38..4580d59e 100644
--- a/src/gen_adapter.erl
+++ b/src/gen_adapter.erl
@@ -3,7 +3,7 @@
 -include("dderl.hrl").
 -include("gres.hrl").
 
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -export([ process_cmd/6
         , init/0
diff --git a/src/imem_adapter.erl b/src/imem_adapter.erl
index cb334460..bc22b8e5 100644
--- a/src/imem_adapter.erl
+++ b/src/imem_adapter.erl
@@ -4,7 +4,7 @@
 -include("dderl.hrl").
 -include("gres.hrl").
 
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -export([ init/0
         , process_cmd/6
diff --git a/src/odpi_adapter.erl b/src/odpi_adapter.erl
index 9807c155..e3e0461f 100644
--- a/src/odpi_adapter.erl
+++ b/src/odpi_adapter.erl
@@ -14,7 +14,7 @@
 -include("dderlodpi.hrl").
 -include("gres.hrl").
 
--include_lib("imem/include/imem_sql.hrl").
+-include_lib("imem/src/imem_sql.hrl").
 
 -export([ init/0
         , process_cmd/6
diff --git a/test/dperl_file_copy_SUITE.erl b/test/dperl_file_copy_SUITE.erl
index 994ebe02..ba269072 100644
--- a/test/dperl_file_copy_SUITE.erl
+++ b/test/dperl_file_copy_SUITE.erl
@@ -1,9 +1,9 @@
 -module(dperl_file_copy_SUITE).
 
--include_lib("../src/dperl/dperl.hrl").
-
 -include_lib("common_test/include/ct.hrl").
 
+-include("../src/dperl/dperl.hrl").
+
 -export([all/0, init_per_suite/1, end_per_suite/1]).
 
 -export([test/1]).

From 604f5717542360d895d20a9ac7ad810864b2f3be Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Sat, 13 Jun 2020 12:42:45 +0200
Subject: [PATCH 57/72] add specs and comments to dperl_strategy_scr module

---
 src/dperl/dperl.hrl                 |  87 ++--
 src/dperl/dperl_dal.erl             |   6 +-
 src/dperl/dperl_strategy_scr.erl    | 633 ++++++++++++++++------------
 src/dperl/dperl_strategy_scr.hrl    |  27 ++
 src/dperl/jobs/dpjob_office_365.erl | 119 ++++--
 5 files changed, 507 insertions(+), 365 deletions(-)
 create mode 100644 src/dperl/dperl_strategy_scr.hrl

diff --git a/src/dperl/dperl.hrl b/src/dperl/dperl.hrl
index e4db8898..1733c417 100644
--- a/src/dperl/dperl.hrl
+++ b/src/dperl/dperl.hrl
@@ -5,7 +5,24 @@
 
 -include("../dderl.hrl").          
 
--type plan() :: at_most_once|at_least_once|on_all_nodes.
+-type jobName()         :: binary().
+-type jobModule()       :: atom().
+-type jobArgs()         :: map().
+-type jobEnabled()      :: true|false.
+-type jobRunning()      :: true|false|undefined.
+-type jobPlan()         :: at_most_once|at_least_once|on_all_nodes.
+-type jobOpts()         :: [].  % currently none, tbd 
+-type jobStatus()       :: undefined|idle|synced|cleaning|cleaned|refreshing|refreshed|error|stopped. 
+
+-type serviceName()     :: binary().
+-type serviceModule()   :: atom().
+-type serviceArgs()     :: map().
+-type serviceEnabled()  :: true|false.
+-type serviceRunning()  :: true|false|undefined.
+-type servicePlan()     :: at_most_once|at_least_once|on_all_nodes.
+-type serviceOpts()     :: [].  % currently none, tbd  
+-type serviceStatus()   :: idle|stopped|active|overload.
+
 
 -define(TABLESPEC(__T,__O),
         {__T, record_info(fields, __T), ?__T, #__T{}, __O}).
@@ -14,50 +31,46 @@
 
 -define(NOT_FOUND, '$notfound').
 
--record(dperlJob, {
-          name      :: binary(),
-          module    :: atom(),
-          args      :: any(),
-          srcArgs   :: any(),
-          dstArgs   :: any(),
-          enabled   :: true|false,
-          running   :: true|false,
-          plan      :: plan(),
-          nodes     :: [atom()],
-          opts = [] :: list()
-         }).
+-record(dperlJob,           { name      :: jobName()
+                            , module    :: jobModule()
+                            , args      :: any()
+                            , srcArgs   :: any()
+                            , dstArgs   :: any()
+                            , enabled   :: jobEnabled()
+                            , running   :: jobRunning()
+                            , plan      :: jobPlan()
+                            , nodes     :: [atom()]
+                            , opts = [] :: jobOpts()
+                            }).
 -define(dperlJob, [binstr,atom,term,term,term,boolean,atom,atom,list,list]).
 
 -define(JOBDYN_TABLE, 'dperlNodeJobDyn@').
--record(dperlNodeJobDyn, {
-          name          :: binary(), % same as dperlJob.name
-          state         :: map(),
-          status        :: atom(),
-          statusTime    :: ddTimestamp()
-         }).
+-record(dperlNodeJobDyn,    { name          :: jobName() % same as dperlJob.name
+                            , state         :: map()
+                            , status        :: jobStatus()
+                            , statusTime    :: ddTimestamp()
+                            }).
 -define(dperlNodeJobDyn, [binstr,map,atom,timestamp]).
 
--record(dperlService, {
-          name      :: binary(),
-          module    :: atom(),
-          args      :: any(),
-          resource  :: any(),
-          interface :: any(),
-          enabled   :: true|false,
-          running   :: true|false,
-          plan      :: plan(),
-          nodes     :: [atom()],
-          opts = [] :: list()
-         }).
+-record(dperlService,       { name      :: serviceName()
+                            , module    :: serviceModule()
+                            , args      :: any()
+                            , resource  :: any()
+                            , interface :: any()
+                            , enabled   :: serviceEnabled()
+                            , running   :: serviceRunning()
+                            , plan      :: servicePlan()
+                            , nodes     :: [atom()]
+                            , opts = [] :: serviceOpts()
+                            }).
 -define(dperlService, [binstr,atom,term,term,term,boolean,atom,atom,list,list]).
 
 -define(SERVICEDYN_TABLE, 'dperlServiceDyn@').
--record(dperlServiceDyn, {
-          name          :: binary(), % same as dperlService.name
-          state         :: map(),
-          status        :: atom(),
-          statusTime    :: ddTimestamp()
-         }).
+-record(dperlServiceDyn,    { name          :: serviceName() % same as dperlService.name
+                            , state         :: map()
+                            , status        :: serviceStatus()
+                            , statusTime    :: ddTimestamp()
+                            }).
 -define(dperlServiceDyn, [binstr,map,atom,timestamp]).
 
 -define(G(__JS,__F),
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index a80c84ab..99271a22 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -277,8 +277,7 @@ update_job_dyn(JobName, State) when is_binary(JobName) andalso is_map(State) ->
                true -> ok
             end
     end end);
-update_job_dyn(JobName, Status)
-  when is_binary(JobName) andalso 
+update_job_dyn(JobName, Status) when is_binary(JobName) andalso 
        (Status == synced orelse
         Status == cleaning orelse Status == cleaned orelse
         Status == refreshing orelse Status == refreshed orelse
@@ -301,8 +300,7 @@ update_job_dyn(JobName, Status)
             end
     end.
 
-update_job_dyn(JobName, State, Status)
-  when is_binary(JobName) andalso is_map(State) andalso
+update_job_dyn(JobName, State, Status) when is_binary(JobName) andalso is_map(State) andalso
        (Status == synced orelse Status == undefined orelse
         Status == cleaning orelse Status == cleaned orelse
         Status == refreshing orelse Status == refreshed orelse
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 36b55313..7ef33736 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -1,89 +1,181 @@
 -module(dperl_strategy_scr).
 
 -include("dperl.hrl").
+-include("dperl_strategy_scr.hrl").
 
 -export([execute/4]).
 
 -ifdef(TEST).
--export([load_src_after_key/3, load_dst_after_key/3]).
+-export([ load_src_after_key/3  
+        , load_dst_after_key/3
+        ]).
 -endif.
 
--type state() :: any().
-
--callback connect_check_src(state()) ->
-    {ok, state()} | {error, any()} | {error, any(), state()}.
--callback get_source_events(state(), integer()) ->
-    {error, any()} | {ok, list(), state()} | {ok, sync_complete, state()}.
--callback connect_check_dst(state()) ->
-    {ok, state()} | {error, any()} | {error, any(), state()}.
--callback fetch_src(any(), state()) -> ?NOT_FOUND | term().
--callback fetch_dst(any(), state()) -> ?NOT_FOUND | term().
--callback delete_dst(any(), state()) -> {true, state()} | {false, state()}.
--callback insert_dst(any(), any(), state()) -> {true, state()} | {false, state()}.
--callback update_dst(any(), any(), state()) -> {true, state()} | {false, state()}.
--callback report_status(any(), any(), state()) -> ok | {error, any()}.
--callback do_refresh(state(), integer()) ->
-    {error, any()} | {ok, state()} | {ok, finish, state()}.
+% check if source data is currently acessible
+-callback connect_check_src(scrState()) ->
+    {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
+
+% get a key list (limited in length) of recent changes on source side
+% often achieved by scanning an audit log after last checked timestamp (from state)
+% basis for sync cycle (differential change provisioning)
+-callback get_source_events(scrState(), scrBatchSize()) ->
+    {error, scrAnyKey()} | {ok, scrAnyKeys(), scrState()} | {ok, sync_complete, scrState()}.
+
+% check if destination data is currently acessible
+-callback connect_check_dst(scrState()) ->
+    {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
+
+% fetch one item from source (if it exists)
+-callback fetch_src(scrAnyKey(), scrState()) -> ?NOT_FOUND | scrAnyVal().
+
+% fetch one item from destination (if it exists)
+-callback fetch_dst(scrAnyKey(), scrState()) -> ?NOT_FOUND | scrAnyVal().
+
+% delete one item from destination (if it exists)
+% first element in result is true if a delete was unnecessary ????
+-callback delete_dst(scrAnyKey(), scrState()) -> {scrSoftError(), scrState()}.
+
+% insert one item to destination (which is assumed to not exist)
+% first element in result is true if the insert was compatible but unnecessary (already 
+% existed in correct shape) ????
+% alternatively, the callback implementation can (or should) throw if key already exists
+-callback insert_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
+
+% update one item in destination (which is assumed to exist)
+% first element in result tuple indicates wether an update was possible (false=insert needed) ????
+% alternatively, the callback implementation can (or should) throw if the key does not exist
+-callback update_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
+
+% allow the callback implementation act upon an error or warning message
+% result is ignored, used for debugging only
+-callback report_status(scrAnyKey(), scrStatus(), scrState()) -> ok | no_op | {error, term()}.
+
+% execute one more refresh cycle with limited block size
+-callback do_refresh(scrState(), scrBatchSize()) -> {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
 
 % optional callbacks
--callback should_cleanup(ddTimestamp()|undefined,
-                         ddTimestamp()|undefined,
-                         integer(), integer(), state()) -> true | false.
--callback should_refresh(ddTimestamp()|undefined,
-                         ddTimestamp()|undefined,
-                         integer(), integer(), [integer()], state()) -> true | false.
--callback is_equal(any(), any(), any(), state()) -> true | false.
--callback update_channel(any(), boolean(), any(), any(), state()) -> {true, state()} | {false, state()}.
--callback finalize_src_events(state()) -> {true, state()} | {false, state()}.
--callback should_sync_log(state()) -> true | false.
+
+% override callback for cleanup execution permission
+-callback should_cleanup( LastAttempt::ddTimestamp(),
+                          LastSuccess::ddTimestamp(),
+                          BatchInterval::scrMsecInterval(),     % delay between cleanup batches
+                          CycleInterval::scrMsecInterval(),     % delay between cleanup cycles
+                          scrState()) -> true | false.
+
+% override callback for refresh execution permission
+-callback should_refresh( LastAttempt::ddTimestamp(),
+                          LastSuccess::ddTimestamp(),
+                          BatchInterval::scrMsecInterval(),     % delay between refresh batches
+                          CycleInterval::scrMsecInterval(),     % delay between refresh cycles
+                          scrHoursOfDay(), 
+                          scrState()) -> true | false.
+
+% override for value compare function
+-callback is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> true | false.
+
+% override for destination channel insert/update/delete (final data change)
+% first element of result indicates if anything was changed on the target ????
+% (ignored by behaviour, used for debugging only)
+-callback update_channel( scrAnyKey(), 
+                          IsSamePlatform::boolean(), 
+                          SourceVal::scrAnyVal(), 
+                          DestVal::scrAnyVal(), 
+                          scrState()) -> {true, scrState()} | {false, scrState()}.
+
+% optional cleanup call after end of differential provisioning (sync phase) ????
+% where and when is it exactly invoked ????
+% first element of result indicates if anything was executed on the target ????
+-callback finalize_src_events(scrState()) -> {true, scrState()} | {false, scrState()}.
+
+% can be used in callback to suppress the logging of individual sync results
+-callback should_sync_log(scrState()) -> true | false.
 
 -optional_callbacks([should_cleanup/5, should_refresh/6, is_equal/4,
                      update_channel/5, finalize_src_events/1,
                      should_sync_log/1]).
 
--callback do_cleanup(state(), integer()) ->
-    {error, any()} | {ok, state()} | {ok, finish, state()}.
--callback do_cleanup(list(), list(), boolean(), state()) -> 
-    {error, any()} | {ok, state()} | {ok, finish, state()}.
--callback do_cleanup(list(), list(), list(), boolean(), state()) -> 
-    {error, any()} | {ok, state()} | {ok, finish, state()}.
--optional_callbacks([do_cleanup/2, do_cleanup/4,do_cleanup/5]).
+% execute simple cleanup for next batch of keys 
+-callback do_cleanup( scrState(), CleanupBulkCount::scrBatchSize()) -> 
+                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+
+% execute cleanup for found differences (Deletes and Inserts)
+-callback do_cleanup( Deletes::scrAnyKeys(), 
+                      Inserts::scrAnyKeys(), 
+                      SearchingMatch::boolean(),    % NextLastKey == MinKey
+                      scrState()) -> 
+                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+
+% execute cleanup/refresh for found differences (Deletes, Inserts and value Diffs)
+-callback do_cleanup( Deletes::scrAnyKeys(), 
+                      Inserts::scrAnyKeys(),
+                      Diffs::scrAnyKeys(), 
+                      SearchingMatch::boolean(),    % NextLastKey == MinKey
+                      scrState()) -> 
+                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+
+% bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from source
+% a callback module implementing this and load_dst_after_key signals that it wants
+% to fully control the cleanup/refresh procedure 
+-callback load_src_after_key( LastKeySeen::scrAnyKey(), 
+                              scrBatchSize(), 
+                              scrState()) ->
+    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, any(), scrState()}.
+
+% bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from destination
+% a callback module implementing this and load_src_after_key signals that it wants
+% to fully control the cleanup/refresh procedure 
+-callback load_dst_after_key( LastKeySeen::scrAnyKey(), 
+                              scrBatchSize(), 
+                              scrState()) ->
+    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, any(), scrState()}.
+
+-optional_callbacks([ do_cleanup/2
+                    , do_cleanup/4
+                    , do_cleanup/5
+                    , load_src_after_key/3
+                    , load_dst_after_key/3
+                    ]).
 
 % chunked cleanup context
--record(cleanup_ctx,
-        {srcKeys          :: list(),
-         srcCount         :: integer(),
-         dstKeys          :: list(),
-         dstCount         :: integer(),
-         bulkCount        :: integer(),
-         minKey           :: any(),
-         maxKey           :: any(),
-         lastKey          :: any(),
-         deletes = []     :: list(),
-         differences = [] :: list(),
-         inserts = []     :: list()}).
-
-
+-record(cleanup_ctx,{ srcKeys          :: scrAnyKeys()
+                    , srcCount         :: integer()
+                    , dstKeys          :: scrAnyKeys()
+                    , dstCount         :: integer()
+                    , bulkCount        :: scrBatchSize()
+                    , minKey           :: scrAnyKey()
+                    , maxKey           :: scrAnyKey()
+                    , lastKey          :: scrAnyKey()
+                    , deletes = []     :: scrAnyKeys()
+                    , inserts = []     :: scrAnyKeys()
+                    , differences = [] :: scrAnyKeys()
+                    }).
+
+% Debug macros
 -define(DL(__S,__F,__A),
         ?Debug([{state,__S},{mod, Mod},{job, Job}],__F,__A)).
+
 -define(DL(__S,__F), ?DL(__S,__F,[])).
 
 -define(S(__F),     ?DL(sync,__F)).
 -define(S(__F,__A), ?DL(sync,__F,__A)).
+
 -define(C(__F),     ?DL(cleanup,__F)).
 -define(C(__F,__A), ?DL(cleanup,__F,__A)).
+
 -define(R(__F),     ?DL(refresh,__F)).
 -define(R(__F,__A), ?DL(refresh,__F,__A)).
 
+% trigger macro for next action
 -define(RESTART_AFTER(__Timeout, __Args),
         erlang:send_after(__Timeout, self(),
                           {internal, {behavior, ?MODULE, __Args}})).
 
--spec execute(atom(), string(), state(), map()) -> state().
-execute(Mod, Job, State, #{sync := _, cleanup := _, refresh := _}
-        = Args)
-  when is_map(Args) ->
-    try execute(sync, Mod, Job, State, Args) catch
+% execute (start or restart) the synchronisation job
+-spec execute(jobModule(), jobName(), scrState(), jobArgs()) -> scrState().
+execute(Mod, Job, State, #{sync:=_, cleanup:=_, refresh:=_} = Args) when is_map(Args) ->
+    try 
+        execute(sync, Mod, Job, State, Args) 
+    catch
         Class:{step_failed, NewArgs}:Stacktrace when is_map(NewArgs) ->
             ?JError("~p ~p step_failed~n~p", [Mod, Class, Stacktrace]),
             dperl_dal:update_job_dyn(Job, error),
@@ -104,31 +196,29 @@ execute(Mod, Job, State, #{sync := _, cleanup := _, refresh := _}
             State
     end;
 execute(Mod, Job, State, Args) when is_map(Args) ->
-    execute(Mod, Job, State,
-            maps:merge(#{sync => true, cleanup => true, refresh => true},
-                       Args)).
-
--spec execute(sync|cleanup|refresh, atom(), string(), state(), map()) ->
-    state() | no_return().
-% [sync]
-execute(sync, Mod, Job, State, #{sync := Sync} = Args) ->
+    execute(Mod, Job, State, maps:merge(#{sync=>true, cleanup=>true, refresh=>true}, Args)).
+
+-spec execute(scrPhase(), jobModule(), jobName(), scrState(), jobArgs()) -> scrState() | no_return().
+execute(sync, Mod, Job, State, #{sync:=Sync} = Args) ->
+    % perform a sync cycle
     put(jstate,s),
     ?S("Connect/check source if not already connected (trivial for push)"),
     State1 =
-    case Mod:connect_check_src(State) of
-        {error, Error, S1} ->
-            ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
-            dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
-            error({step_failed, S1});
-        {error, Error} ->
-            ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
-            dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
-            error(step_failed);
-        {ok, S1} -> 
-            dperl_dal:job_error_close(),
-            S1
-    end,
-    if Sync == true ->
+        case Mod:connect_check_src(State) of
+            {error, Error, S1} ->
+                ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
+                dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
+                error({step_failed, S1});
+            {error, Error} ->
+                ?JError("sync(~p) failed at connect_check_src : ~p", [Mod, Error]),
+                dperl_dal:job_error(<<"sync">>, <<"connect_check_src">>, Error),
+                error(step_failed);
+            {ok, S1} -> 
+                dperl_dal:job_error_close(),
+                S1
+        end,
+    if 
+        Sync == true ->
             ?S("Get pending list of events (max n) to process from source"),
             case Mod:get_source_events(State1, ?MAX_BULK_COUNT(Mod, Job)) of
                 {error, Error1, S2} ->
@@ -174,25 +264,22 @@ execute(sync, Mod, Job, State, #{sync := Sync} = Args) ->
                             dperl_dal:job_error_close(),
                             execute(finish, Mod, Job, State4, Args);
                         %% idle used for dperl_mec_ic to have idle timeout on
-                        %% Try later error from oracle
+                        %% try later error from oracle
                         %% would be removed in the future when new
                         %% behavior is used for mec_ic
                         {idle, State4} ->
                             execute(idle, Mod, Job, State4, Args)
                     end
-           end;
-       true ->
+            end;
+        true ->
            ?S("disabled! trying cleanup"),
            execute(cleanup, Mod, Job, State1, Args)
     end;
-
-% [cleanup]
-execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
+execute(cleanup, Mod, Job, State, #{cleanup:=true} = Args) ->
+    % perform a cleanup cycle if due
     put(jstate,c),
-    #{lastAttempt := LastAttempt,
-      lastSuccess := LastSuccess} = CleanupState = get_state(cleanup, Job),
-    ShouldCleanupFun =
-    case erlang:function_exported(Mod, should_cleanup, 5) of
+    #{lastAttempt:=LastAttempt, lastSuccess:=LastSuccess} = CleanupState = get_cycle_state(cleanup, Job),
+    ShouldCleanupFun = case erlang:function_exported(Mod, should_cleanup, 5) of
         true -> fun(LA, LS, BI, CI) -> Mod:should_cleanup(LA, LS, BI, CI, State) end;
         false -> fun(LA, LS, BI, CI) -> should_cleanup(LA, LS, BI, CI) end
     end,
@@ -203,30 +290,29 @@ execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
             ?C("(sync phase was nop) if last cleanup + cleanupInterval < now goto [refresh]"),
             execute(refresh, Mod, Job, State, Args);
         true ->
-            set_state(cleanup, Job, start),
-            Args1 =
-            if LastAttempt =< LastSuccess ->
-                   ?JInfo("Starting cleanup cycle"),
-                   case Args of
-                       #{stats := #{cleanup_count := CC} = Stats} ->
-                           Args#{stats => Stats#{cleanup_count => CC + 1}};
-                       Args ->
-                           Stats = maps:get(stats, Args, #{}),
-                           Args#{stats => Stats#{cleanup_count => 1}}
-                   end;
-               true ->
-                   case Args of
-                       #{stats := #{cleanup_count := CC} = Stats} ->
-                           Args#{stats => Stats#{cleanup_count => CC + 1}};
-                       Args ->
-                           ?JInfo("Resuming cleanup cycle"),
-                           Stats = maps:get(stats, Args, #{}),
-                           Args#{stats => Stats#{cleanup_count => 1}}
-                   end
+            set_cycle_state(cleanup, Job, start),
+            Args1 = if 
+                LastAttempt =< LastSuccess ->
+                    ?JInfo("Starting cleanup cycle"),
+                    case Args of
+                        #{stats := #{cleanup_count := CC} = Stats} ->
+                            Args#{stats => Stats#{cleanup_count => CC + 1}};
+                        Args ->
+                            Stats = maps:get(stats, Args, #{}),
+                            Args#{stats => Stats#{cleanup_count => 1}}
+                    end;
+                true ->
+                    case Args of
+                        #{stats := #{cleanup_count := CC} = Stats} ->
+                            Args#{stats => Stats#{cleanup_count => CC + 1}};
+                        Args ->
+                            ?JInfo("Resuming cleanup cycle"),
+                            Stats = maps:get(stats, Args, #{}),
+                            Args#{stats => Stats#{cleanup_count => 1}}
+                    end
             end,
             ?C("Connect to destination if not already connected (trivial for pull)"),
-            State1 =
-            case Mod:connect_check_dst(State) of
+            State1 = case Mod:connect_check_dst(State) of
                 {error, Error, S1} ->
                     ?JError("cleanup(~p) failed at connect_check_dst : ~p", [Mod, Error]),
                     dperl_dal:job_error(<<"cleanup">>, <<"connect_check_dst">>, Error),
@@ -243,21 +329,22 @@ execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
             ?C("Build a list of provisioning actions to be taken (aggregated audit list)"),
             ?C("If list provisioning action is non empty: perform the actions; goto [finish]"),
             CleanupBulkCount = ?MAX_CLEANUP_BULK_COUNT(Mod, Job),
-            DoCleanupArgs =
-            case (erlang:function_exported(Mod, load_src_after_key, 3) andalso
-                  erlang:function_exported(Mod, load_dst_after_key, 3)) of
-                false -> [State1, CleanupBulkCount];
+            DoCleanupArgs = case (erlang:function_exported(Mod, load_src_after_key, 3) andalso
+                                  erlang:function_exported(Mod, load_dst_after_key, 3)) of
+                false ->
+                    % launch simple cleanup cycle using do_cleanup/2
+                    [State1, CleanupBulkCount];
                 true ->
-                    #{minKey := MinKey, maxKey := MaxKey,
-                      lastKey := LastKey} = CleanupState,
-                    {#{deletes := Deletes, inserts := Inserts, 
-                       differences := Diffs, lastKey := NextLastKey}, State2} =
-                    cleanup_refresh_collect(
-                      Mod,
-                      #cleanup_ctx{minKey = MinKey, maxKey = MaxKey,
-                                   lastKey = LastKey, bulkCount = CleanupBulkCount},
-                      State1),
-                    % update last key
+                    % launch cleanup/refresh combined processing using do_cleanup/5 or do_cleanup/4
+                    #{minKey:=MinKey, maxKey:=MaxKey, lastKey:=LastKey} = CleanupState,
+                    Ctx = #cleanup_ctx{ minKey=MinKey, maxKey=MaxKey
+                                      , lastKey=LastKey, bulkCount=CleanupBulkCount},
+                    {RefreshCollectResult, State2} = cleanup_refresh_collect(Mod,Ctx,State1),
+                    Deletes = maps:get(deletes,RefreshCollectResult),
+                    Inserts = maps:get(inserts,RefreshCollectResult),
+                    Diffs = maps:get(differences,RefreshCollectResult),
+                    NextLastKey = maps:get(lastKey,RefreshCollectResult),
+                    % update last key ToDO: This is UGLY. To be cast into functions !!!!
                     case dperl_dal:select(
                            ?JOBDYN_TABLE,
                            [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}]) of
@@ -294,25 +381,25 @@ execute(cleanup, Mod, Job, State, #{cleanup := true} = Args) ->
                     error({step_failed, S2});
                 {ok, S2} ->
                     dperl_dal:job_error_close(),
-                    if length(DoCleanupArgs) == 2 ->
-                        set_state(
-                          cleanup, Job, start,
-                          case Args1 of
-                              #{stats := #{cleanup_count := CC0}} ->
-                                  (Mod:get_status(S2))#{count => CC0};
-                              Args1 -> Mod:get_status(S2)
-                          end);
-                       true -> no_op
+                    if 
+                        length(DoCleanupArgs) == 2 ->
+                            set_cycle_state(cleanup, Job, start,
+                                case Args1 of
+                                    #{stats := #{cleanup_count := CC0}} ->
+                                        (Mod:get_status(S2))#{count => CC0};
+                                    Args1 -> Mod:get_status(S2)
+                                end);
+                       true -> 
+                           no_op
                     end,
                     execute(finish, Mod, Job, S2, Args1);
                 {ok, finish, S2} ->
-                    set_state(
-                      cleanup, Job, stop,
-                      case Args1 of
-                          #{stats := #{cleanup_count := CC1}} ->
-                              (Mod:get_status(S2))#{count => CC1};
-                          Args1 -> Mod:get_status(S2)
-                      end),
+                    set_cycle_state(cleanup, Job, stop,
+                        case Args1 of
+                            #{stats := #{cleanup_count := CC1}} ->
+                                (Mod:get_status(S2))#{count => CC1};
+                            Args1 -> Mod:get_status(S2)
+                        end),
                     dperl_dal:job_error_close(),
                     ?JInfo("Cleanup cycle is complete"),
                     execute(finish, Mod, Job, S2, Args1)
@@ -322,14 +409,11 @@ execute(cleanup, Mod, Job, State, Args) ->
     put(jstate,c),
     ?C("disabled! trying refresh"),
     execute(refresh, Mod, Job, State, Args);
-
-% [refresh]
 execute(refresh, Mod, Job, State, #{refresh := true} = Args) ->
+    % execute a refresh cycle if due
     put(jstate,r),
-    #{lastAttempt := LastAttempt,
-      lastSuccess := LastSuccess} = get_state(refresh, Job),
-    ShouldRefreshFun =
-    case erlang:function_exported(Mod, should_refresh, 6) of
+    #{lastAttempt:=LastAttempt, lastSuccess:=LastSuccess} = get_cycle_state(refresh, Job),
+    ShouldRefreshFun = case erlang:function_exported(Mod, should_refresh, 6) of
         true -> fun(LA, LS, BI, RI, RH) -> Mod:should_refresh(LA, LS, BI, RI, RH, State) end;
         false -> fun(LA, LS, BI, RI, RH) -> should_refresh(LA, LS, BI, RI, RH) end
     end,
@@ -341,9 +425,9 @@ execute(refresh, Mod, Job, State, #{refresh := true} = Args) ->
             ?R("If current hour is not in refreshHours): goto [idle]"),
             execute(idle, Mod, Job, State, Args);
         true ->
-            set_state(refresh, Job, start),
-            Args1 =
-            if LastAttempt =< LastSuccess ->
+            set_cycle_state(refresh, Job, start),
+            Args1 = if 
+                LastAttempt =< LastSuccess ->
                    ?JInfo("Starting refresh cycle"),
                    case Args of
                        #{stats := #{refresh_count := RC} = Stats} ->
@@ -363,8 +447,7 @@ execute(refresh, Mod, Job, State, #{refresh := true} = Args) ->
                    end
             end,
             ?R("Connect to destination if not already connected (trivial for pull)"),
-            State1 =
-            case Mod:connect_check_dst(State) of
+            State1 = case Mod:connect_check_dst(State) of
                 {error, Error, S1} ->
                     ?JError("refresh(~p) failed at connect_check_dst : ~p", [Mod, Error]),
                     dperl_dal:job_error(<<"refresh">>, <<"connect_check_dst">>, Error),
@@ -387,23 +470,21 @@ execute(refresh, Mod, Job, State, #{refresh := true} = Args) ->
                     dperl_dal:job_error(<<"refresh">>, <<"do_refresh">>, Error1),
                     error({step_failed, Args1});
                 {ok, S2} ->
-                    set_state(
-                      refresh, Job, start,
-                      case Args1 of
-                          #{stats := #{refresh_count := RC0}} ->
-                              (Mod:get_status(S2))#{count => RC0};
-                          Args1 -> Mod:get_status(S2)
-                      end),
+                    set_cycle_state(refresh, Job, start,
+                        case Args1 of
+                            #{stats := #{refresh_count := RC0}} ->
+                                (Mod:get_status(S2))#{count => RC0};
+                            Args1 -> Mod:get_status(S2)
+                        end),
                     dperl_dal:job_error_close(),
                     execute(finish, Mod, Job, S2, Args1);
                 {ok, finish, S2} ->
-                    set_state(
-                      refresh, Job, stop,
-                      case Args1 of
-                          #{stats := #{refresh_count := RC1}} ->
-                              (Mod:get_status(S2))#{count => RC1};
-                          Args1 -> Mod:get_status(S2)
-                      end),
+                    set_cycle_state(refresh, Job, stop,
+                        case Args1 of
+                            #{stats := #{refresh_count := RC1}} ->
+                                (Mod:get_status(S2))#{count => RC1};
+                            Args1 -> Mod:get_status(S2)
+                        end),
                     dperl_dal:job_error_close(),
                     ?JInfo("Refresh cycle is complete"),
                     execute(finish, Mod, Job, S2, Args1)
@@ -424,76 +505,67 @@ execute(finish, Mod, Job, State, Args) ->
     ?RESTART_AFTER(?CYCLE_ALWAYS_WAIT(Mod, Job), Args),
     State.
 
--spec get_state(cleanup|refresh, binary()) ->
-    {ddTimestamp() | undefined, ddTimestamp() | undefined}.
-get_state(Type, Job) when (Type == cleanup orelse Type == refresh)
-                          andalso is_binary(Job) ->
+-spec get_cycle_state(scrCycle(), jobName()) -> scrCycleState().
+get_cycle_state(Cycle, Job) when (Cycle==cleanup orelse Cycle==refresh) andalso is_binary(Job) ->
     maps:merge(
-      if Type == cleanup ->
-             #{minKey => -1, maxKey => <<255>>, lastKey => 0};
-         true -> #{}
-      end,
-      case dperl_dal:select(
-             ?JOBDYN_TABLE,
-             [{#dperlNodeJobDyn{name=Job,state='$1',_='_'},[],['$1']}]) of
-          {[#{Type:=State}], true} when is_map(State) -> State;
-          {_, true} -> #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
-      end).
-
--spec set_state(cleanup|refresh, binary(), start | stop) -> any().
-set_state(Type, Job, Status) -> set_state(Type, Job, Status, #{}).
-
--spec set_state(cleanup|refresh, binary(), start | stop, map()) -> any().
-set_state(Type, Job, Status, State0)
-  when (Type == cleanup orelse Type == refresh) andalso
-       (Status == start orelse Status == stop) andalso is_binary(Job) ->
-    {NodeJobDyn, NewStatus0} =
-    case dperl_dal:select(
-           ?JOBDYN_TABLE,
-           [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}]) of
-        {[#dperlNodeJobDyn{state=#{Type:=OldState}} = NJD], true}
-          when is_map(OldState) ->            
-            {NJD, OldState};
+        if 
+            Cycle==cleanup ->   #{minKey => -1, maxKey => <<255>>, lastKey => 0};
+            true ->             #{}
+        end,
+        case dperl_dal:select(
+                ?JOBDYN_TABLE, 
+                [{#dperlNodeJobDyn{name=Job,state='$1',_='_'},[],['$1']}]) of
+            {[#{Cycle:=CycleState}], true} when is_map(CycleState) -> CycleState;
+            {_, true} -> #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+        end).
+
+% update dperlNodeJobDyn table according to planned action, reset statistics 
+-spec set_cycle_state(scrCycle(), jobName(), start | stop) -> ok.
+set_cycle_state(Cycle, Job, Action) -> set_cycle_state(Cycle, Job, Action, #{}).
+
+% update dperlNodeJobDyn table according to planned action, update statistics in  
+-spec set_cycle_state(scrCycle(), jobName(), start | stop, jobArgs()) -> ok.
+set_cycle_state(Cycle, Job, Action, Stats0)
+        when (Cycle==cleanup orelse Cycle==refresh) andalso
+             (Action==start orelse Action==stop) andalso is_binary(Job) ->
+    {NodeJobDyn, CycleState1} = case dperl_dal:select(?JOBDYN_TABLE,
+                [{#dperlNodeJobDyn{name=Job, _='_'}, [], ['$_']}]) of
+        {[#dperlNodeJobDyn{state=#{Cycle:=CycleState0}} = NJD], true} when is_map(CycleState0) ->            
+            {NJD, CycleState0};
         {[#dperlNodeJobDyn{} = NJD], true} ->
-            {NJD, #{lastAttempt => os:timestamp(),
-                    lastSuccess => ?EPOCH}}
+            {NJD, #{lastAttempt=>os:timestamp(), lastSuccess=>?EPOCH}} % ToDo: Should it be imem_meta:time() ????
+        end,
+    {CycleState2, Stats1} = case maps:get(count, Stats0, '$not_found') of
+        '$not_found' -> {CycleState1, Stats0};
+        Count ->        {CycleState1#{count => Count}, maps:remove(count, Stats0)}
+    end,
+    CycleState3 = if 
+        Action == start ->  CycleState2#{lastAttempt => imem_meta:time()};
+        true ->             CycleState2#{lastSuccess => imem_meta:time()}
     end,
-    {NewStatus, State} =
-    case maps:get(count, State0, '$not_found') of
-        '$not_found' -> {NewStatus0, State0};
-        Count ->
-            {NewStatus0#{count => Count}, maps:remove(count, State0)}
+    Status = case {Cycle, Action} of
+        {cleanup, start} -> cleaning;
+        {cleanup, stop} -> cleaned;
+        {refresh, start} -> refreshing;
+        {refresh, stop} -> refreshed
     end,
-    TypeState = case {Type, Status} of
-                    {cleanup, start} -> cleaning;
-                    {cleanup, stop} -> cleaned;
-                    {refresh, start} -> refreshing;
-                    {refresh, stop} -> refreshed
-                end,
-    % create 'Type' state if doesn't exists
-    % if exists update 'LastSuccess' timestamp to current time
     NodeJobDynState = NodeJobDyn#dperlNodeJobDyn.state,
-    dperl_dal:update_job_dyn(
-      Job,
-      maps:merge(
-      NodeJobDynState#{
-        Type =>
-        if Status == start ->
-               NewStatus#{lastAttempt => imem_meta:time()};
-           true ->
-               NewStatus#{lastSuccess => imem_meta:time()}
-        end}, State), TypeState).
-
-%
+    NewStateWithStats = maps:merge(NodeJobDynState#{Cycle=>CycleState3}, Stats1),
+    dperl_dal:update_job_dyn(Job, NewStateWithStats, Status).
+
 % default callbacks
-% 
-should_cleanup(LastAttempt, LastSuccess, BatchInterval, Interval) ->
+
+-spec should_cleanup(ddTimestamp(), ddTimestamp(), 
+                     scrMsecInterval(), scrMsecInterval()) -> true | false.
+should_cleanup(LastAttempt, LastSuccess, BatchInterval, CycleInterval) ->
     if LastAttempt > LastSuccess -> 
            imem_datatype:msec_diff(LastAttempt) > BatchInterval;
        true ->
-           imem_datatype:msec_diff(LastSuccess) > Interval
+           imem_datatype:msec_diff(LastSuccess) > CycleInterval
     end.
 
+-spec should_refresh(ddTimestamp(), ddTimestamp(), scrMsecInterval(), 
+                     scrMsecInterval(), scrHoursOfDay()) -> true | false.
 should_refresh(LastAttempt, LastSuccess, BatchInterval, Interval, Hours) ->
     if LastAttempt > LastSuccess ->
            imem_datatype:msec_diff(LastAttempt) > BatchInterval;
@@ -512,6 +584,8 @@ should_refresh(LastAttempt, LastSuccess, BatchInterval, Interval, Hours) ->
            end
     end.
 
+
+-spec is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> boolean().
 is_equal(_Key, S, S, _State) -> true;
 is_equal(_Key, S, D, _State) when is_map(S), is_map(D) ->
     dperl_dal:normalize_map(S) == dperl_dal:normalize_map(D);
@@ -519,37 +593,38 @@ is_equal(_Key, S, D, _State) when is_list(S), is_list(D) ->
     lists:sort(S) == lists:sort(D);
 is_equal(_Key, _, _, _State) -> false.
 
+-spec cleanup_log(string(), scrAnyKeys()) -> no_op | ok.
 cleanup_log(_Msg, []) -> no_op;
 cleanup_log(Msg, [K | _] = Keys) when is_integer(K) ->
     ?JWarn("~s (~p) ~w", [Msg, length(Keys), Keys]);
 cleanup_log(Msg, Keys) ->
     ?JWarn("~s (~p) ~p", [Msg, length(Keys), Keys]).
 
+-spec sync_log(scrOperation(), scrAnyKey() | {scrAnyKey(),term()}, boolean()) -> no_op | ok.
 sync_log(_, _, false) -> no_op;
 sync_log(Msg, {Key, _}, ShouldLog) -> sync_log(Msg, Key, ShouldLog);
 sync_log(Msg, Key, _) when is_binary(Key) -> ?JInfo("~s : ~s", [Msg, Key]);
 sync_log(Msg, Key, _) -> ?JInfo("~s : ~p", [Msg, Key]).
 
-%%----------------
 %% chunked cleanup
-%%
 
+-spec process_events(scrAnyKeys(), jobModule(), scrState()) -> {boolean(), scrState()}.
 process_events(Keys, Mod, State) ->
-    ShouldLog =
-    case erlang:function_exported(Mod, should_sync_log, 1) of
+    ShouldLog = case erlang:function_exported(Mod, should_sync_log, 1) of
         true -> Mod:should_sync_log(State);
         false -> true
     end,
     process_events(Keys, Mod, State, ShouldLog, false).
 
+-spec process_events(scrAnyKeys(), jobModule(), scrState(), boolean(), boolean()) -> 
+        {boolean(), scrState()}.
 process_events([], Mod, State, _ShouldLog, IsError) ->
     case erlang:function_exported(Mod, finalize_src_events, 1) of
         true -> execute_prov_fun(no_log, Mod, finalize_src_events, [State], false, IsError);
         false -> {IsError, State}
     end;
 process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
-    {NewIsError, NewState} =
-    case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
+    {NewIsError, NewState} = case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
         {S, S} ->
             Mod:report_status(Key, no_op, State),
             {IsError, State}; %% nothing to do
@@ -584,8 +659,7 @@ process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
             Mod:report_status(Key, {error, Error}, State1),
             {true, State1};
         {S, D} ->
-            DiffFun =
-            case erlang:function_exported(Mod, is_equal, 4) of
+            DiffFun = case erlang:function_exported(Mod, is_equal, 4) of
                 true -> fun Mod:is_equal/4;
                 false -> fun is_equal/4
             end,
@@ -598,6 +672,8 @@ process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
     end,
     process_events(Keys, Mod, NewState, ShouldLog, NewIsError).
 
+-spec execute_prov_fun(scrOperation(), jobModule(), atom(), list(), boolean(), boolean()) -> 
+        {true | false | idle, scrState() | term()}.
 execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError) ->
     case catch apply(Mod, Fun, Args) of
         {false, NewState} ->
@@ -616,20 +692,21 @@ execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError) ->
             {true, lists:last(Args)}
     end.
 
+-spec execute_prov_fun(scrOperation(), jobModule(), atom(), list(), boolean(), boolean(), check) -> 
+        {true|false|idle, scrState()|term()}.
 execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError, check) ->
     case erlang:function_exported(Mod, Fun, length(Args)) of
-        true -> execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError);
+        true -> 
+            execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError);
         false ->
             ?Error("Function : ~p not exported in mod : ~p", [Fun, Mod]),
             {true, lists:last(Args)}
     end.
 
--spec cleanup_refresh_collect(atom(), #cleanup_ctx{}, state()) ->
-    #{deletes => list(), inserts => list(), lastKey => any()}.
-cleanup_refresh_collect(Mod,
-                #cleanup_ctx{minKey = MinKey, maxKey = MaxKey,
-                             lastKey = LastKey, bulkCount = BulkCnt} = CleanupCtx,
-                State) ->
+-spec cleanup_refresh_collect(jobModule(), #cleanup_ctx{}, scrState()) ->
+    #{deletes => scrAnyKeys(), inserts => scrAnyKeys(), lastKey => scrAnyKey()}.
+cleanup_refresh_collect(Mod, CleanupCtx, State) ->
+    #cleanup_ctx{minKey=MinKey, maxKey=MaxKey, lastKey=LastKey, bulkCount=BulkCnt} = CleanupCtx,
     CurKey = if
                  LastKey =< MinKey -> MinKey;  % throw to cycle start if getting
                  LastKey >= MaxKey -> MinKey;  % out of key bounds by re-config
@@ -657,67 +734,63 @@ cleanup_refresh_collect(Mod,
         srcKeys = SrcKeys, srcCount = length(SrcKeys),
         dstKeys = DstKeys, dstCount = length(DstKeys), lastKey = CurKey}), State4}.
 
--spec cleanup_refresh_compare(#cleanup_ctx{}) -> #{deletes => list(), differences => list(), inserts => list(), lastKey => any()}.
+-spec cleanup_refresh_compare(#cleanup_ctx{}) -> 
+        #{deletes=>scrAnyKeys(), differences=>scrAnyKeys()
+         , inserts=>scrAnyKeys(), lastKey=>scrAnyKey()}.
 cleanup_refresh_compare(#cleanup_ctx{
-                   srcKeys = SrcKeys, dstKeys = [], deletes = Deletes, 
-                   inserts = Inserts, minKey = MinKey, differences = Diffs,
-                   dstCount = DstCount, bulkCount = BulkCnt, srcCount = SrcCount})
-  when DstCount < BulkCnt, SrcCount < BulkCnt ->
+                   srcKeys=SrcKeys, dstKeys=[], deletes=Deletes, 
+                   inserts=Inserts, minKey=MinKey, differences=Diffs,
+                   dstCount=DstCount, bulkCount=BulkCnt, srcCount=SrcCount})
+        when DstCount < BulkCnt, SrcCount < BulkCnt ->
     Remaining = fetch_keys(SrcKeys),
-    #{deletes => Deletes, differences => Diffs, inserts => Inserts++Remaining, lastKey => MinKey};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = SrcKeys, dstKeys = [], deletes = Deletes, dstCount = DstCount,
-                                     inserts = Inserts, differences = Diffs})
-  when DstCount == 0 ->
+    #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>MinKey};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys=SrcKeys, dstKeys=[], deletes=Deletes
+                            , dstCount=DstCount, inserts=Inserts, differences=Diffs})
+        when DstCount == 0 ->
     Remaining = fetch_keys(SrcKeys),
-    #{deletes => Deletes, differences => Diffs, inserts => Inserts++Remaining, lastKey => last_key(SrcKeys)};
-cleanup_refresh_compare(#cleanup_ctx{dstKeys = [], deletes = Deletes, differences = Diffs,
-                                     inserts = Inserts, lastKey = LK}) ->
-    #{deletes => Deletes, differences => Diffs, inserts => Inserts, lastKey => LK};
-cleanup_refresh_compare(#cleanup_ctx{
-                   srcCount = SrcCount, dstKeys = DstKeys, bulkCount = BulkCnt,
-                   minKey = MinKey, srcKeys = [], deletes = Deletes, 
-                   inserts = Inserts, dstCount = DstCount, differences = Diffs})
-  when SrcCount < BulkCnt, DstCount < BulkCnt ->
+    #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>last_key(SrcKeys)};
+cleanup_refresh_compare(#cleanup_ctx{dstKeys=[], deletes=Deletes, differences=Diffs,
+                                     inserts=Inserts, lastKey=LK}) ->
+    #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
+cleanup_refresh_compare(#cleanup_ctx{ srcCount=SrcCount, dstKeys=DstKeys,bulkCount=BulkCnt
+                                    , minKey=MinKey, srcKeys=[], deletes=Deletes
+                                    , inserts=Inserts, dstCount=DstCount, differences=Diffs})
+        when SrcCount < BulkCnt, DstCount < BulkCnt ->
     Remaining = fetch_keys(DstKeys),
-    #{deletes => Deletes++Remaining, differences => Diffs, inserts => Inserts, lastKey => MinKey};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = [], deletes = Deletes,
-                                     inserts = Inserts, dstKeys = DstKeys,
-                                     differences = Diffs, srcCount = SrcCount}) 
-  when SrcCount == 0 ->
+    #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>MinKey};
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], deletes=Deletes, inserts=Inserts
+                                    , dstKeys=DstKeys, differences=Diffs, srcCount=SrcCount}) 
+        when SrcCount == 0 ->
     Remaining = fetch_keys(DstKeys),
-    #{deletes => Deletes ++ Remaining, differences => Diffs, inserts => Inserts, lastKey => last_key(DstKeys)};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = [], deletes = Deletes, differences = Diffs,
-                                     inserts = Inserts, lastKey = LK}) ->
-    #{deletes => Deletes, differences => Diffs, inserts => Inserts, lastKey => LK};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = [K|SrcKeys], dstKeys = [K|DstKeys]}
-                = CleanupCtx) ->
-    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{srcKeys = SrcKeys, dstKeys = DstKeys,
-                                                   lastKey = last_key([K])});
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = [{K, _} | SrcKeys], dstKeys = [{K, _} | DstKeys],
-                                     differences = Diffs} = CleanupCtx) ->
-    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{srcKeys = SrcKeys, dstKeys = DstKeys,
-                                                   lastKey = K, differences = [K | Diffs]});
-cleanup_refresh_compare(#cleanup_ctx{srcKeys = [SK|SrcKeys], dstKeys = [DK | DstKeys],
-                                     inserts = Inserts, deletes = Deletes} = CleanupCtx) ->
+    #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>last_key(DstKeys)};
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], deletes=Deletes, differences=Diffs
+                                    , inserts=Inserts, lastKey=LK}) ->
+    #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
+cleanup_refresh_compare(#cleanup_ctx{srcKeys=[K|SrcKeys], dstKeys=[K|DstKeys]} = CleanupCtx) ->
+    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
+                                                  , lastKey = last_key([K])});
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[{K, _} | SrcKeys], dstKeys=[{K, _} | DstKeys]
+                                    , differences=Diffs} = CleanupCtx) ->
+    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
+                                                  , lastKey=K, differences=[K | Diffs]});
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK | DstKeys]
+                                    , inserts=Inserts, deletes=Deletes} = CleanupCtx) ->
     case {last_key([SK]), last_key([DK])} of
         {K1, K2} when K1 < K2 -> cleanup_refresh_compare(
-                CleanupCtx#cleanup_ctx{srcKeys = SrcKeys,
-                                       inserts = [K1|Inserts], lastKey = K1});
+            CleanupCtx#cleanup_ctx{srcKeys=SrcKeys, inserts=[K1|Inserts], lastKey=K1});
         {K1, K2} when K2 < K1 -> cleanup_refresh_compare(
-                CleanupCtx#cleanup_ctx{dstKeys = DstKeys,
-                                       deletes = [K2|Deletes], lastKey = K2})
+            CleanupCtx#cleanup_ctx{dstKeys=DstKeys, deletes=[K2|Deletes], lastKey=K2})
     end.
 
+-spec fetch_keys(scrAnyKeys()) -> scrAnyKeys().
 fetch_keys([]) -> [];
 fetch_keys([{_, _} | _] = KVs) -> [K || {K, _} <- KVs];
 fetch_keys(Keys) -> Keys.
 
+-spec last_key(scrAnyKeys()) -> scrAnyKey().
 last_key([{_, _} | _] = KVs) -> element(1, lists:last(KVs));
 last_key(Keys) -> lists:last(Keys).
 
-%% ----------------------
-
-
 %% ----------------------
 %% Eunit Tests
 %% ----------------------
diff --git a/src/dperl/dperl_strategy_scr.hrl b/src/dperl/dperl_strategy_scr.hrl
new file mode 100644
index 00000000..e5c6e746
--- /dev/null
+++ b/src/dperl/dperl_strategy_scr.hrl
@@ -0,0 +1,27 @@
+-ifndef(_dperl_STRATEGY_SCR_HRL_).
+-define(_dperl_STRATEGY_SCR_HRL_, true).
+
+% transparently handled types in this behaviour module (defined in callback module)
+-type scrState() :: any().              % processing state details defined in callback module
+-type scrAnyKey() :: any().             % mostly scalars or lists of scalars
+-type scrAnyKeys() :: [scrAnyKey()].    % list of changed/dirty/all keys
+-type scrAnyVal() :: term().            % type decided by callback, usually map()
+-type scrAnyKeyVal() :: {scrAnyKey(),scrAnyVal()}.  % used for cleanup/refresh combined operations
+-type scrAnyKeyVals() :: [scrAnyKeyVal()].          % used for cleanup/refresh combined operations
+
+% scr behaviour types
+-type scrChannel() :: binary().
+-type scrDirection() :: push | pull.
+-type scrCycle() :: cleanup | refresh.  % stateful phases (sync is stateless)
+-type scrCycleState() :: map().         % initially: #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+-type scrPhase() :: sync | scrCycle().  
+-type scrBatchSize() :: integer().     
+-type scrMessage() :: binary().
+-type scrStatus() :: no_op | {error,term()} | scrMessage().
+-type scrOperation() :: finalize_src_events | no_log | string().  %  "Protected"|"Deleted"|"Inserted"|"Updated".
+-type scrSoftError() :: true|false.
+
+-type scrMsecInterval() :: integer().   % delays in milli-seconds
+-type scrHoursOfDay() :: [integer()].   % execute only on these hours, [] = any hour
+
+-endif.
\ No newline at end of file
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 04676c32..4c7ec228 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -1,10 +1,22 @@
 -module(dpjob_office_365).
 
 -include("../dperl.hrl").
+-include("../dperl_strategy_scr.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr). 
- 
+
+-type locKey() :: [string()].   % local key of a contact, e.g. ["contact","My","Ah2hA77a"]
+-type locId()  :: string().     % last item in locKey() is called local id e.g. "Ah2hA77a"
+-type locVal() :: map().        % local cvalue of a contact, converted to a map for processing
+-type locBin() :: binary().     % local cvalue of a contact in binary form (often stored like that)
+-type remKey() :: binary().     % remote key of a contact, called <<"id">> in Office365
+-type remKeys():: [remKey()].   % list of remKey() type (e.g. DirtyKeys)
+-type remVal() :: map().        % remote value of a contact (relevant fields only)
+-type remBin() :: binary().     % remote value of a contract in raw binary JSON form
+-type meta()   :: map().        % contact meta information with respect to this remote cloud
+
+
 -define(OAUTH2_CONFIG(__JOB_NAME), 
             ?GET_CONFIG(oAuth2Config,
             [__JOB_NAME],
@@ -83,23 +95,30 @@
 % contacts graph api
 % https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
 
--record(state,  { name                      :: binary()
-                , type = pull               :: pull|push
-                , channel                   :: binary()
-                , keyPrefix                 :: list()
-                , tokenPrefix               :: list()
-                , token                     :: map()
-                , apiUrl                    :: binary()
-                , fetchUrl                  :: binary()
-                , contacts = []             :: list()
-                , clContacts = []           :: list()
-                , isConnected = true        :: boolean()
-                , isFirstSync = true        :: boolean()
-                , isCleanupFinished = true  :: boolean()
-                , auditStartTime = {0,0}    :: tuple()
-                , template  = ?NOT_FOUND    :: ?NOT_FOUND|map()
-                , accountId                 :: system|integer()
-            }).
+%% remote item (single contact info in cache)
+-record(remItem,    { remKey                    :: remKey() % remote key (id) 
+                    , meta                      :: meta()   % META information (id, ...)
+                    , content                   :: remVal() % relevant contact info to be synced
+                    }).
+
+%% scr processing state
+-record(state,      { name                      :: jobName()
+                    , type = pull               :: scrDirection()
+                    , channel                   :: scrChannel()     % channel name
+                    , keyPrefix                 :: locKey()         % key space prefix in channel
+                    , tokenPrefix               :: locKey()         % without id #token#
+                    , token                     :: map()            % token info as stored under #token#
+                    , apiUrl                    :: binary()
+                    , fetchUrl                  :: binary()
+                    , dirtyKeys = []            :: remKeys()        % needing insert/update/delete
+                    , remItems = []             :: list(#remItem{}) % cache for cleanup / ToDo: remove
+                    , isConnected = true        :: boolean()
+                    , isFirstSync = true        :: boolean()
+                    , isCleanupFinished = true  :: boolean()
+                    , auditStartTime = {0,0}    :: ddTimestamp()    % UTC timestamp {Sec,MicroSec}
+                    , template  = ?NOT_FOUND    :: ?NOT_FOUND|map() % empty contact with default values 
+                    , accountId                 :: ddEntityId()     % data owner
+                    }).
 
 % dperl_strategy_scr export
 -export([ connect_check_src/1
@@ -138,29 +157,34 @@ get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
-% determine the contact id (last piece of cekey) from ckey or from the remote id
+% determine the local id as the last piece of ckey (if available) 
+%           or hash of remote id (if new to local store)
 % this id is a string representing a hash of the remote id
--spec local_contact_id(list()|binary()) -> string().
-local_contact_id(Key) when is_list(Key) -> 
-    lists:last(Key);
-local_contact_id(Bin) when is_binary(Bin) -> 
-    io_lib:format("~.36B",[erlang:phash2(Bin)]).
+-spec local_id(locKey()) -> locId().
+local_id(Key) when is_list(Key) -> lists:last(Key).
+
+
+% calculate a new local id as a string representing the hash of the remote key (id)
+-spec new_local_id(remKey()) -> locKey().
+new_local_id(RemKey) when is_binary(RemKey) -> io_lib:format("~.36B",[erlang:phash2(RemKey)]).
 
 % convert list of remote values (already maps) to list of {Key,RemoteId,RemoteValue} triples
 % which serves as a lookup buffer of the complete remote state, avoiding sorting issues
+-spec format_remote_values_to_kv(remVal(), locKey(), jobName()) -> remVal(). 
 format_remote_values_to_kv(Values, KeyPrefix, JobName) ->
     format_remote_values_to_kv(Values, KeyPrefix, JobName, []).
 
 format_remote_values_to_kv([], _KeyPrefix, _JobName, Acc) -> Acc;
 format_remote_values_to_kv([Value|Values], KeyPrefix, JobName, Acc) -> 
     #{<<"id">> := RemoteId} = Value,        
-    Key = KeyPrefix ++ [local_contact_id(RemoteId)],
+    Key = KeyPrefix ++ [new_local_id(RemoteId)],
     format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
 
 % format remote or local value by projecting it down to configured list of synced (meta + content) attributes
 format_value(Value, JobName) when is_map(Value) -> 
     maps:with(?META_ATTRIBUTES(JobName)++?CONTENT_ATTRIBUTES(JobName), Value).
 
+-spec connect_check_src(#state{}) -> {ok,#state{}} | {error,any()} | {error,any(), #state{}}.
 connect_check_src(#state{isConnected=true} = State) ->
     {ok, State};
 connect_check_src(#state{isConnected=false, accountId=AccountId, tokenPrefix=TokenPrefix} = State) ->
@@ -174,6 +198,8 @@ connect_check_src(#state{isConnected=false, accountId=AccountId, tokenPrefix=Tok
             {error, Error, State}
     end.
 
+-spec get_source_events(#state{}, scrBatchSize()) -> 
+        {ok,remKeys(),#state{}} | {ok,sync_complete,#state{}}. % {error,scrAnyKey()}
 get_source_events(#state{auditStartTime=LastStartTime, type=push,
             channel=Channel, isFirstSync=IsFirstSync} = State, BulkSize) ->
     case dperl_dal:read_audit_keys(Channel, LastStartTime, BulkSize) of
@@ -191,27 +217,30 @@ get_source_events(#state{auditStartTime=LastStartTime, type=push,
             UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
             {ok, UniqueKeys, State#state{auditStartTime=NextStartTime}}
     end;
-get_source_events(#state{contacts=[]} = State, _BulkSize) ->
+get_source_events(#state{dirtyKeys=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{contacts=Contacts} = State, _BulkSize) ->
-    ?Info("get_source_events result count ~p~n~p",[length(Contacts), hd(Contacts)]),
-    {ok, Contacts, State#state{contacts=[]}}.
+get_source_events(#state{dirtyKeys=DirtyKeys} = State, _BulkSize) ->
+    ?Info("get_source_events result count ~p~n~p",[length(DirtyKeys), hd(DirtyKeys)]),
+    {ok, DirtyKeys, State#state{dirtyKeys=[]}}.
 
+- spec connect_check_dst(#state{}) -> {ok, #state{}}. % {error,any()} | {error,any(),#state{}}
 connect_check_dst(State) -> {ok, State}.    % Question: Why defaulted for push destination?
 
-do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
+do_refresh(_State, _BulkSize) -> {error, cleanup_only}. % using cleanup/refresh combined
 
+-spec fetch_src(remKey(), #state{}) -> ?NOT_FOUND | locVal() | remVal().
 fetch_src(Key, #state{channel=Channel, type=push}) ->
     dperl_dal:read_channel(Channel, Key);
-fetch_src(Key, #state{clContacts=ClContacts, type=pull}) ->
-    case lists:keyfind(Key, 1, ClContacts) of
+fetch_src(Key, #state{remItems=RemItems, type=pull}) ->
+    case lists:keyfind(Key, 1, RemItems) of
         {Key, _RemoteId, Value} -> Value;
         false -> ?NOT_FOUND
     end.
 
-fetch_dst(Key, #state{name=Name, clContacts=ClContacts, type=push, 
-                apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, ClContacts) of
+-spec fetch_dst(remKey(), #state{}) -> ?NOT_FOUND | locVal() | remVal().
+fetch_dst(Key, #state{ name=Name, remItems=RemItems, type=push
+                     , apiUrl=ApiUrl, token=Token} = State) ->
+    case lists:keyfind(Key, 1, RemItems) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
             case exec_req(ContactUrl, Token) of
@@ -226,6 +255,7 @@ fetch_dst(Key, #state{name=Name, clContacts=ClContacts, type=push,
 fetch_dst(Key, #state{channel=Channel}) ->
     dperl_dal:read_channel(Channel, Key).
 
+-spec insert_dst(remKey(), remVal()|locVal(), #state{}) -> {error, any()}.
 insert_dst(Key, Value, #state{type=push, apiUrl=ApiUrl, token=Token} = State) ->
     case exec_req(ApiUrl, Token, Value, post) of
         #{<<"id">> := _} = RemoteValue ->   merge_meta_to_local(Key, RemoteValue, State);
@@ -258,9 +288,10 @@ merge_meta_to_local(Key, RemoteValue, #state{channel=Channel, tokenPrefix=TokenP
 access_id(TokenPrefix) ->
     list_to_binary(string:join(TokenPrefix,"/")).
 
-delete_dst(Key, #state{channel=Channel, type=push, clContacts=ClContacts, 
+-spec delete_dst(remKey(), #state{}) -> {scrSoftError(), #state{}}.
+delete_dst(Key, #state{channel=Channel, type=push, remItems=RemItems, 
                 apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, ClContacts) of
+    case lists:keyfind(Key, 1, RemItems) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
             case exec_req(ContactUrl, Token, #{}, delete) of
@@ -280,10 +311,10 @@ delete_dst(Key, #state{channel=Channel} = State) ->
     dperl_dal:remove_from_channel(Channel, Key),
     {false, State}.
 
--spec update_dst(Key::list(), Value::map(), #state{}) -> tuple().
+-spec update_dst(remKey(), remVal()|locVal(), #state{}) -> {scrSoftError(), #state{}}.
 update_dst(Key, Value, #state{name=Name, channel=Channel, type=push, 
-                clContacts=ClContacts, apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, ClContacts) of
+                remItems=RemItems, apiUrl=ApiUrl, token=Token} = State) ->
+    case lists:keyfind(Key, 1, RemItems) of
         {Key, RemoteId, _Value} -> 
             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
             case exec_req(ContactUrl, Token, Value, patch) of
@@ -323,16 +354,15 @@ load_src_after_key(CurKey, BlkCount, #state{type=pull, fetchUrl=undefined, apiUr
     load_src_after_key(CurKey, BlkCount, State#state{fetchUrl=ContactsUrl});
 load_src_after_key(CurKey, BlkCount, #state{name=Name, type=pull, isCleanupFinished=true, 
                             keyPrefix=KeyPrefix, token=Token, fetchUrl=FetchUrl} = State) ->
-    % fetch all contacts
     case fetch_all_contacts(FetchUrl, Token, KeyPrefix, Name) of
         {ok, Contacts} ->
-            load_src_after_key(CurKey, BlkCount, State#state{clContacts=Contacts, isCleanupFinished=false});
+            load_src_after_key(CurKey, BlkCount, State#state{remItems=Contacts, isCleanupFinished=false});
         {error, unauthorized} ->
             reconnect_exec(State, load_src_after_key, [CurKey, BlkCount]);
         {error, Error} ->
             {error, Error, State}
     end;
-load_src_after_key(CurKey, BlkCount, #state{type=pull, clContacts=Contacts} = State) ->
+load_src_after_key(CurKey, BlkCount, #state{type=pull, remItems=Contacts} = State) ->
     {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
 
 reconnect_exec(State, Fun, Args) ->
@@ -343,10 +373,11 @@ reconnect_exec(State, Fun, Args) ->
             {error, Error, State1}
     end.
 
+-spec do_cleanup(remKeys(), remKeys(), remKeys(), boolean(), #state{}) -> {ok, #state{}}. 
 do_cleanup(_Deletes, _Inserts, _Diffs, _IsFinished, #state{type = push}) ->
     {error, <<"cleanup only for pull job">>};
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
-    NewState = State#state{contacts = Inserts ++ Diffs ++ Deletes},
+    NewState = State#state{dirtyKeys=Inserts++Diffs++Deletes},
     if IsFinished ->    {ok, finish, NewState#state{isCleanupFinished=true}};
        true ->          {ok, NewState}
     end.

From 5605081277a0023d4bd619fa51a50fc89ba89de7 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sun, 14 Jun 2020 18:02:41 +0200
Subject: [PATCH 58/72] dpjob_ouraring fetch updated

---
 src/dderl.hrl                           |  4 ++--
 src/dderl_session.erl                   |  6 +++---
 src/dperl/jobs/dpjob_ouraring_crawl.erl | 16 +++++++++++++++-
 3 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/dderl.hrl b/src/dderl.hrl
index b503834c..00905631 100644
--- a/src/dderl.hrl
+++ b/src/dderl.hrl
@@ -325,8 +325,8 @@
 
 % OAUTH 
 
--define(SYNC_OURARING, dperl_ouraring_crawl).
+-define(SYNC_OURARING, dpjob_ouraring_crawl).
 
--define(SYNC_OFFICE365, dperl_office_365).
+-define(SYNC_OFFICE365, dpjob_office_365).
 
 -endif.
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index e34272e6..e07b87ca 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -382,16 +382,16 @@ process_call({[<<"about">>], _ReqData}, _Adapter, From, {SrcIp,_}, State) ->
 
 process_call({[<<"office_365_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "office_365_auth_config"}, State),
-    AuthConfig = dperl_office_365:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
+    AuthConfig = dpjob_office_365:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
     Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OFFICE365),
     reply(From, #{<<"office_365_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
 process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp, _}, State) ->
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oura_ring_auth_config"}, State),
-    AuthConfig = dperl_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
-    ?Info("oura_ring_auth_config ~p",[AuthConfig]),
+    AuthConfig = dpjob_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
     Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OURARING),
+    ?Info("oura_ring_auth_config ~p ~p",[AuthConfig, Url]),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
diff --git a/src/dperl/jobs/dpjob_ouraring_crawl.erl b/src/dperl/jobs/dpjob_ouraring_crawl.erl
index 3a8bd0f1..b352c4ac 100644
--- a/src/dperl/jobs/dpjob_ouraring_crawl.erl
+++ b/src/dperl/jobs/dpjob_ouraring_crawl.erl
@@ -14,6 +14,14 @@
               scope => "email personal daily"},
             "Oura Ring auth config")).
 
+-define(OAUTH2_TOKEN_KEY_PREFIX(__JOB_NAME),
+            ?GET_CONFIG(oAuth2TokenKeyPrefix,
+            [__JOB_NAME],
+            ["dperlJob","OuraRing"],
+            "Default KeyPrefix for OuraRing token cache"
+            )
+       ).
+
 -define(KEY_PREFIX(__JOB_NAME),
           ?GET_CONFIG(keyPrefix, [__JOB_NAME], ["healthDevice","OuraRing"],
           "Default KeyPrefix for Oura Ring data")
@@ -52,6 +60,8 @@
         , get_auth_config/1
         , get_key_prefix/0
         , get_key_prefix/1
+        , get_auth_token_key_prefix/0
+        , get_auth_token_key_prefix/1
         ]).
 
 % dperl_strategy_scr export
@@ -76,6 +86,10 @@ get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
+get_auth_token_key_prefix() -> ?OAUTH2_TOKEN_KEY_PREFIX(<<>>).
+
+get_auth_token_key_prefix(JobName) -> ?OAUTH2_TOKEN_KEY_PREFIX(JobName).
+
 connect_check_src(#state{is_connected = true} = State) ->
     {ok, State};
 connect_check_src(#state{is_connected=false, accountId=AccountId, key_prefix=KeyPrefix} = State) ->
@@ -161,7 +175,7 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
             ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
             KeyPrefix = maps:get(key_prefix, DstArgs, get_key_prefix(Name)),
-            case dderl_oauth:get_token_info(AccountId, KeyPrefix, ?SYNC_OURARING) of
+            case dderl_oauth:get_token_info(AccountId, get_auth_token_key_prefix(Name), ?SYNC_OURARING) of
                 #{<<"access_token">> := AccessToken} ->
                     ChannelBin = dperl_dal:to_binary(Channel),
                     dperl_dal:create_check_channel(ChannelBin),

From 0e4c55c30e900a82c0d7aef07d162ef008ea7dd7 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sun, 14 Jun 2020 18:32:18 +0200
Subject: [PATCH 59/72] replaced  os:timestamp

---
 src/dderl_resource.erl     | 4 ++--
 src/dderl_saml_handler.erl | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/dderl_resource.erl b/src/dderl_resource.erl
index e92f316f..47003359 100644
--- a/src/dderl_resource.erl
+++ b/src/dderl_resource.erl
@@ -16,7 +16,7 @@
 -record(state, {sessionToken}).
 
 init(Req0, []) ->
-    Req = ?COW_REQ_SET_META(reqTime, os:timestamp(), Req0),
+    Req = ?COW_REQ_SET_META(reqTime, imem_meta:time(), Req0),
     Req1 = ?COW_REQ_SET_META(accessLog, #{}, Req),
     ?Debug("Request : ~p", [Req1]),
     case cowboy_req:has_body(Req1) of
@@ -166,7 +166,7 @@ terminate(_Reason, Req, _State) ->
     RespSize = ?COW_REQ_GET_META(respSize, Req, 0),
     ReqSize = cowboy_req:body_length(Req),
     Size = ReqSize + RespSize,
-    ProcessingTimeMicroS = timer:now_diff(os:timestamp(), ReqTime),
+    ProcessingTimeMicroS = imem_datatype:musec_diff(ReqTime),
     catch dderl_access_logger:log(Log#{bytes => Size,
                                        time => ProcessingTimeMicroS}).
 
diff --git a/src/dderl_saml_handler.erl b/src/dderl_saml_handler.erl
index cc2c2c35..290028eb 100644
--- a/src/dderl_saml_handler.erl
+++ b/src/dderl_saml_handler.erl
@@ -20,7 +20,7 @@ init(Req0, Args) ->
                 #{app := Application} -> Application;
                 _ -> dderl
             end,
-            Req = ?COW_REQ_SET_META(App, reqTime, os:timestamp(), Req0),
+            Req = ?COW_REQ_SET_META(App, reqTime, imem_meta:time(), Req0),
             Req1 = ?COW_REQ_SET_META(App, accessLog, #{}, Req),
             HostUrl = iolist_to_binary(cowboy_req:uri(Req1, #{path => undefined, qs => undefined})),
             Url = iolist_to_binary(cowboy_req:uri(Req1)),

From 9e9026ea453107de926f714b022eec3c913b96ea Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sun, 14 Jun 2020 18:40:55 +0200
Subject: [PATCH 60/72] updated the comments

---
 src/dperl/dperl_strategy_scr.erl | 26 +++++++++++---------------
 src/dperl/dperl_strategy_scr.hrl |  4 +++-
 2 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 7ef33736..10dcca99 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -32,18 +32,16 @@
 -callback fetch_dst(scrAnyKey(), scrState()) -> ?NOT_FOUND | scrAnyVal().
 
 % delete one item from destination (if it exists)
-% first element in result is true if a delete was unnecessary ????
+% first element in result is true if a delete was unnecessary
+% callback is responsible for deciding if no_op delete is an error or not
 -callback delete_dst(scrAnyKey(), scrState()) -> {scrSoftError(), scrState()}.
 
 % insert one item to destination (which is assumed to not exist)
-% first element in result is true if the insert was compatible but unnecessary (already 
-% existed in correct shape) ????
-% alternatively, the callback implementation can (or should) throw if key already exists
+% if the callback is able to do an update instead of an insert it can do it responsibly.
 -callback insert_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
 
 % update one item in destination (which is assumed to exist)
-% first element in result tuple indicates wether an update was possible (false=insert needed) ????
-% alternatively, the callback implementation can (or should) throw if the key does not exist
+% if the callback is able to do an insert instead of an update it can do it responsibly.
 -callback update_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
 
 % allow the callback implementation act upon an error or warning message
@@ -74,17 +72,16 @@
 -callback is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> true | false.
 
 % override for destination channel insert/update/delete (final data change)
-% first element of result indicates if anything was changed on the target ????
-% (ignored by behaviour, used for debugging only)
+% only used for protected configurations (reversing the direction of data flow)
 -callback update_channel( scrAnyKey(), 
                           IsSamePlatform::boolean(), 
                           SourceVal::scrAnyVal(), 
                           DestVal::scrAnyVal(), 
                           scrState()) -> {true, scrState()} | {false, scrState()}.
 
-% optional cleanup call after end of differential provisioning (sync phase) ????
-% where and when is it exactly invoked ????
-% first element of result indicates if anything was executed on the target ????
+% called at the end of all the sync cycles, for example used for smsc push job
+% to push the addresslists. 
+% optional callback when there is a risk of target inconsistency after individual sync updates.
 -callback finalize_src_events(scrState()) -> {true, scrState()} | {false, scrState()}.
 
 % can be used in callback to suppress the logging of individual sync results
@@ -265,8 +262,7 @@ execute(sync, Mod, Job, State, #{sync:=Sync} = Args) ->
                             execute(finish, Mod, Job, State4, Args);
                         %% idle used for dperl_mec_ic to have idle timeout on
                         %% try later error from oracle
-                        %% would be removed in the future when new
-                        %% behavior is used for mec_ic
+                        %% results in calling idle wait instead of always wait
                         {idle, State4} ->
                             execute(idle, Mod, Job, State4, Args)
                     end
@@ -533,7 +529,7 @@ set_cycle_state(Cycle, Job, Action, Stats0)
         {[#dperlNodeJobDyn{state=#{Cycle:=CycleState0}} = NJD], true} when is_map(CycleState0) ->            
             {NJD, CycleState0};
         {[#dperlNodeJobDyn{} = NJD], true} ->
-            {NJD, #{lastAttempt=>os:timestamp(), lastSuccess=>?EPOCH}} % ToDo: Should it be imem_meta:time() ????
+            {NJD, #{lastAttempt=>imem_meta:time(), lastSuccess=>?EPOCH}} % ToDo: Should it be imem_meta:time() ????
         end,
     {CycleState2, Stats1} = case maps:get(count, Stats0, '$not_found') of
         '$not_found' -> {CycleState1, Stats0};
@@ -673,7 +669,7 @@ process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
     process_events(Keys, Mod, NewState, ShouldLog, NewIsError).
 
 -spec execute_prov_fun(scrOperation(), jobModule(), atom(), list(), boolean(), boolean()) -> 
-        {true | false | idle, scrState() | term()}.
+        {scrSoftError(), scrState() | term()}.
 execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError) ->
     case catch apply(Mod, Fun, Args) of
         {false, NewState} ->
diff --git a/src/dperl/dperl_strategy_scr.hrl b/src/dperl/dperl_strategy_scr.hrl
index e5c6e746..8cd95697 100644
--- a/src/dperl/dperl_strategy_scr.hrl
+++ b/src/dperl/dperl_strategy_scr.hrl
@@ -19,7 +19,9 @@
 -type scrMessage() :: binary().
 -type scrStatus() :: no_op | {error,term()} | scrMessage().
 -type scrOperation() :: finalize_src_events | no_log | string().  %  "Protected"|"Deleted"|"Inserted"|"Updated".
--type scrSoftError() :: true|false.
+-type scrSoftError() :: true|false|idle. % idle only used in special case where the dst is not ready and we have to do an idle wait.
+                                         % true signifies the one or more events in the sync cycle resulted in an error
+                                         % false means all the events were processed successfully by the sync cycle
 
 -type scrMsecInterval() :: integer().   % delays in milli-seconds
 -type scrHoursOfDay() :: [integer()].   % execute only on these hours, [] = any hour

From 9237ac0b0f0ed5f3c7d10b8165cb7520e186a9af Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Thu, 18 Jun 2020 15:14:57 +0200
Subject: [PATCH 61/72] fixing type bug for AccountId in auth registration

---
 src/dderl_dal.erl                       | 2 +-
 src/dperl/jobs/dpjob_office_365.erl     | 4 ++--
 src/dperl/jobs/dpjob_ouraring_crawl.erl | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 350cddbf..2091d2b5 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -871,7 +871,7 @@ create_check_avatar_channel(AccountId) ->
     imem_dal_skvh:create_check_channel(avatar_channel_name(AccountId), ?GET_AVATAR_CHANNEL_OPTIONS).
 
 write_to_avatar_channel(AccountId, Key, Value) ->
-    imem_dal_skvh:write(AccountId, avatar_channel_name(AccountId), Key, Value).
+    imem_dal_skvh:write(AccountId, AccountId, Key, Value).
 
 read_from_avatar_channel(AccountId, Key) ->
     case imem_dal_skvh:read(AccountId, avatar_channel_name(AccountId), [Key]) of
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 4c7ec228..b6eff30a 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -33,9 +33,9 @@
         ).
 
 -define(OAUTH2_TOKEN_KEY_PREFIX(__JOB_NAME),
-            ?GET_CONFIG(oAuth2TokenKeyPrefix,
+            ?GET_CONFIG(oAuth2KeyPrefix,
             [__JOB_NAME],
-            ["dperlJob","Office365"],
+            ["dpjob","Office365"],
             "Default KeyPrefix for Office365 token cache"
             )
        ).
diff --git a/src/dperl/jobs/dpjob_ouraring_crawl.erl b/src/dperl/jobs/dpjob_ouraring_crawl.erl
index b352c4ac..3fdbd7ed 100644
--- a/src/dperl/jobs/dpjob_ouraring_crawl.erl
+++ b/src/dperl/jobs/dpjob_ouraring_crawl.erl
@@ -15,9 +15,9 @@
             "Oura Ring auth config")).
 
 -define(OAUTH2_TOKEN_KEY_PREFIX(__JOB_NAME),
-            ?GET_CONFIG(oAuth2TokenKeyPrefix,
+            ?GET_CONFIG(oAuth2KeyPrefix,
             [__JOB_NAME],
-            ["dperlJob","OuraRing"],
+            ["dpjob","OuraRing"],
             "Default KeyPrefix for OuraRing token cache"
             )
        ).

From 6fc6fb35fde9555c1610e86f44b504c2e50792ec Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Mon, 22 Jun 2020 14:42:28 +0200
Subject: [PATCH 62/72] spec and doc dperl_strategy_scr and
 dpjob_ouraring_crawl

---
 src/dderl_dal.erl                       |   2 +-
 src/dderl_oauth.erl                     |  26 +-
 src/dperl/dperl.hrl                     |   2 +-
 src/dperl/dperl_dal.erl                 |  89 +++++--
 src/dperl/dperl_strategy_scr.erl        |  59 +++--
 src/dperl/jobs/dpjob_office_365.erl     |  36 +--
 src/dperl/jobs/dpjob_ouraring_crawl.erl | 325 ++++++++++++++----------
 7 files changed, 337 insertions(+), 202 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 2091d2b5..350cddbf 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -871,7 +871,7 @@ create_check_avatar_channel(AccountId) ->
     imem_dal_skvh:create_check_channel(avatar_channel_name(AccountId), ?GET_AVATAR_CHANNEL_OPTIONS).
 
 write_to_avatar_channel(AccountId, Key, Value) ->
-    imem_dal_skvh:write(AccountId, AccountId, Key, Value).
+    imem_dal_skvh:write(AccountId, avatar_channel_name(AccountId), Key, Value).
 
 read_from_avatar_channel(AccountId, Key) ->
     case imem_dal_skvh:read(AccountId, avatar_channel_name(AccountId), [Key]) of
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 03676ee9..d9bef261 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -28,6 +28,10 @@ get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
           "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
+
+%% get token info from web service using the configuration from callback module
+%% store it in the avatar table of AccountId under the key TokenPrefix || "#token#"  
+-spec get_access_token(ddEntityId(), list(), string(), module()) -> ok | {error, term()}.
 get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
     AuthConfig = try 
         SyncType:get_auth_config() % ToDo: AuthConfig may depend on JobName or TokenPrefix
@@ -36,7 +40,7 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
             ?Error("Finding AuthConfig : ~p ñ~p", [E,S]),
             {error, E}
     end,
-    ?Info("get_access_token AuthConfig: ~p",[AuthConfig]),
+    %?Info("get_access_token AuthConfig: ~p",[AuthConfig]),
     #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
             client_secret := Secret, grant_type := GrantType,
             scope := Scope} = AuthConfig,
@@ -50,21 +54,27 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
             set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType),
             ok;
         {ok, {{_, Code, _}, _, Error}} ->
-            ?Error("Fetching access token : ~p:~p", [Code, Error]),
             {error, Error};
         {error, Error} ->
             ?Error("Fetching access token : ~p", [Error]),
             {error, Error}
     end.
 
+%% refresh access token from web service using the configuration from callback module
+%% store it in the avatar table of AccountId under the key TokenPrefix || "#token#"  
+-spec refresh_access_token(ddEntityId(), list(), module()) -> {ok, binary()} | {error, term()}.
 refresh_access_token(AccountId, TokenPrefix, SyncType) ->
-    #{token_url := TUrl, client_id := ClientId, scope := Scope,
-      client_secret := Secret} = SyncType:get_auth_config(),
-    #{<<"refresh_token">> := RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncType),
-    Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "client_secret" => {enc, Secret}, "scope" => {enc, Scope},
-          "refresh_token" => RefreshToken, "grant_type" => "refresh_token"}),
+    #{token_url:=TUrl, client_id:=ClientId, scope:=Scope, client_secret:=Secret} 
+        = SyncType:get_auth_config(),
+    %?Info("refresh_access_token ~p ~p ~p",[AccountId, TokenPrefix, SyncType]),
+    #{<<"refresh_token">>:=RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncType),
+    Body = dperl_dal:url_enc_params(#{ "client_id"=>ClientId, "client_secret"=>{enc, Secret}
+                                     , "scope"=>{enc, Scope}, "refresh_token"=>RefreshToken
+                                     , "grant_type"=>"refresh_token"}),
     ContentType = "application/x-www-form-urlencoded",
+    %?Info("refresh_access_token TUrl=~p",[TUrl]),
+    %?Info("refresh_access_token ContentType=~p",[ContentType]),
+    %?Info("refresh_access_token Body=~p",[Body]),
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
diff --git a/src/dperl/dperl.hrl b/src/dperl/dperl.hrl
index 1733c417..c3f950e3 100644
--- a/src/dperl/dperl.hrl
+++ b/src/dperl/dperl.hrl
@@ -6,7 +6,7 @@
 -include("../dderl.hrl").          
 
 -type jobName()         :: binary().
--type jobModule()       :: atom().
+-type jobModule()       :: module().
 -type jobArgs()         :: map().
 -type jobEnabled()      :: true|false.
 -type jobRunning()      :: true|false|undefined.
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index 99271a22..e6a0d791 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -2,23 +2,73 @@
 
 -include("dperl.hrl").
 
--export([select/2, subscribe/1, unsubscribe/1, write/2, check_table/5,
-         sql_jp_bind/1, sql_bind_jp_values/2, read_channel/2, url_enc_params/1,
-         io_to_oci_datetime/1, create_check_channel/1, write_channel/3,
-         read_check_write/4, read_audit_keys/3, read_audit/3, get_enabled/1,
-         update_job_dyn/2, update_job_dyn/3, job_error_close/1, to_binary/1,
-         count_sibling_jobs/2, create_check_channel/2, write_protected/6,
-         get_last_state/1, get_last_audit_time/1, connect_imem_link/4,
-         remove_from_channel/2, remove_deep/2, data_nodes/0, job_state/1,
-         job_error/3, job_error/4, job_error_close/0, update_service_dyn/4,
-         update_service_dyn/3, all_keys/1, read_gt/3, time_str/1, ts_str/1,
-         safe_json_map/1, read_gt_lt/4, normalize_map/1, read_keys_gt/3,
-         write_if_different/3, maps_diff/2, read_keys_gt_lt/4, oci_opts/2,
-         oci_fetch_rows/2, key_from_json/1, disable/1, set_running/2,
-         read_siblings/2, read_channel_raw/2, worker_error/4, sort_links/1,
-         get_pool_name/1, remote_dal/3, get_pool_name/2, run_oci_stmt/3,
-         activity_logger/3, create_check_index/2, to_atom/1, report_status/7,
-         key_to_json/1, key_to_json_enc/1, create_or_replace_tigger/2]).
+-export([activity_logger/3
+        ,all_keys/1
+        ,check_table/5
+        ,connect_imem_link/4
+        ,count_sibling_jobs/2
+        ,create_check_channel/1
+        ,create_check_channel/2
+        ,create_check_index/2
+        ,create_or_replace_tigger/2
+        ,data_nodes/0
+        ,disable/1
+        ,get_enabled/1
+        ,get_last_audit_time/1
+        ,get_last_state/1
+        ,get_pool_name/1
+        ,get_pool_name/2
+        ,io_to_oci_datetime/1
+        ,job_error/3
+        ,job_error/4
+        ,job_error_close/0
+        ,job_error_close/1
+        ,job_state/1
+        ,key_from_json/1
+        ,key_to_json/1
+        ,key_to_json_enc/1
+        ,maps_diff/2
+        ,normalize_map/1
+        ,oci_fetch_rows/2
+        ,oci_opts/2
+        ,read_audit/3
+        ,read_audit_keys/3
+        ,read_channel/2
+        ,read_channel_raw/2
+        ,read_check_write/4
+        ,read_gt/3
+        ,read_gt_lt/4
+        ,read_keys_gt/3
+        ,read_keys_gt_lt/4
+        ,read_siblings/2
+        ,remote_dal/3
+        ,remove_deep/2
+        ,remove_from_channel/2
+        ,report_status/7
+        ,run_oci_stmt/3
+        ,safe_json_map/1
+        ,select/2
+        ,set_running/2
+        ,sort_links/1
+        ,sql_bind_jp_values/2
+        ,sql_jp_bind/1
+        ,subscribe/1
+        ,time_str/1
+        ,to_atom/1
+        ,to_binary/1
+        ,ts_str/1
+        ,unsubscribe/1
+        ,update_job_dyn/2
+        ,update_job_dyn/3
+        ,update_service_dyn/3
+        ,update_service_dyn/4
+        ,url_enc_params/1
+        ,worker_error/4
+        ,write/2
+        ,write_channel/3
+        ,write_if_different/3
+        ,write_protected/6
+        ]).
 
 check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
     case catch imem_meta:create_check_table(
@@ -26,8 +76,9 @@ check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
                  Opts, system) of
         {'EXIT', {'ClientError', _} = Reason} ->
             ?Error("create_check table ~p, ~p", [Table, Reason]);
-        Else ->
-            ?Info("create_check table ~p... ~p", [Table, Else])
+        _Else ->
+            %?Info("create_check table ~p... ~p", [Table, _Else]),
+            ok
     end.
 
 -spec create_check_channel(binary() | list()) ->  ok | no_return().
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 10dcca99..857037aa 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -1,5 +1,7 @@
 -module(dperl_strategy_scr).
 
+%% implements the scr behaviour for sync / cleanup / refresh / cleanupCumRefresh (c/r) jobs
+
 -include("dperl.hrl").
 -include("dperl_strategy_scr.hrl").
 
@@ -18,8 +20,13 @@
 % get a key list (limited in length) of recent changes on source side
 % often achieved by scanning an audit log after last checked timestamp (from state)
 % basis for sync cycle (differential change provisioning)
+% for normal cleanup, a list of (possibly) dirty keys is returned
+% for c/r jobs, a list of (possibly) dirty KV pairs is returned
 -callback get_source_events(scrState(), scrBatchSize()) ->
-    {error, scrAnyKey()} | {ok, scrAnyKeys(), scrState()} | {ok, sync_complete, scrState()}.
+    {ok, scrAnyKeys(), scrState()} | 
+    {ok, scrAnyKeyVals(), scrState()} | 
+    {ok, sync_complete, scrState()} | 
+    {error, scrAnyKey()}.
 
 % check if destination data is currently acessible
 -callback connect_check_dst(scrState()) ->
@@ -42,7 +49,8 @@
 
 % update one item in destination (which is assumed to exist)
 % if the callback is able to do an insert instead of an update it can do it responsibly.
--callback update_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
+% ATTENTION: for c/r jobs the first parameter may be a KV Pair from which only the key is used
+-callback update_dst(scrAnyKey()|scrAnyKeyVal(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
 
 % allow the callback implementation act upon an error or warning message
 % result is ignored, used for debugging only
@@ -73,7 +81,7 @@
 
 % override for destination channel insert/update/delete (final data change)
 % only used for protected configurations (reversing the direction of data flow)
--callback update_channel( scrAnyKey(), 
+-callback update_channel( scrAnyKey() | scrAnyKeyVal(), 
                           IsSamePlatform::boolean(), 
                           SourceVal::scrAnyVal(), 
                           DestVal::scrAnyVal(), 
@@ -93,35 +101,35 @@
 
 % execute simple cleanup for next batch of keys 
 -callback do_cleanup( scrState(), CleanupBulkCount::scrBatchSize()) -> 
-                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+    {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
 
 % execute cleanup for found differences (Deletes and Inserts)
--callback do_cleanup( Deletes::scrAnyKeys(), 
-                      Inserts::scrAnyKeys(), 
+-callback do_cleanup( Deletes::scrAnyKeys() | scrAnyKeyVal(), 
+                      Inserts::scrAnyKeys() | scrAnyKeyVal(), 
                       SearchingMatch::boolean(),    % NextLastKey == MinKey
                       scrState()) -> 
-                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+    {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
 
 % execute cleanup/refresh for found differences (Deletes, Inserts and value Diffs)
--callback do_cleanup( Deletes::scrAnyKeys(), 
-                      Inserts::scrAnyKeys(),
-                      Diffs::scrAnyKeys(), 
+-callback do_cleanup( Deletes::scrAnyKeys() | scrAnyKeyVal(), 
+                      Inserts::scrAnyKeys() | scrAnyKeyVal(),
+                      Diffs::scrAnyKeys() | scrAnyKeyVal(), 
                       SearchingMatch::boolean(),    % NextLastKey == MinKey
                       scrState()) -> 
-                      {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+    {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
 
 % bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from source
 % a callback module implementing this and load_dst_after_key signals that it wants
 % to fully control the cleanup/refresh procedure 
--callback load_src_after_key( LastKeySeen::scrAnyKey(), 
+-callback load_src_after_key( LastKeySeen::scrAnyKey() | scrAnyKeyVal(), 
                               scrBatchSize(), 
                               scrState()) ->
-    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, any(), scrState()}.
+    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, term(), scrState()}.
 
 % bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from destination
 % a callback module implementing this and load_src_after_key signals that it wants
 % to fully control the cleanup/refresh procedure 
--callback load_dst_after_key( LastKeySeen::scrAnyKey(), 
+-callback load_dst_after_key( LastKeySeen::scrAnyKey() | scrAnyKeyVal(), 
                               scrBatchSize(), 
                               scrState()) ->
     {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, any(), scrState()}.
@@ -134,17 +142,17 @@
                     ]).
 
 % chunked cleanup context
--record(cleanup_ctx,{ srcKeys          :: scrAnyKeys()
+-record(cleanup_ctx,{ srcKeys          :: scrAnyKeys()| scrAnyKeyVal() % ?????
                     , srcCount         :: integer()
-                    , dstKeys          :: scrAnyKeys()
+                    , dstKeys          :: scrAnyKeys()| scrAnyKeyVal() % ?????
                     , dstCount         :: integer()
                     , bulkCount        :: scrBatchSize()
-                    , minKey           :: scrAnyKey()
-                    , maxKey           :: scrAnyKey()
-                    , lastKey          :: scrAnyKey()
-                    , deletes = []     :: scrAnyKeys()
-                    , inserts = []     :: scrAnyKeys()
-                    , differences = [] :: scrAnyKeys()
+                    , minKey           :: scrAnyKey() | scrAnyKeyVal() % ?????
+                    , maxKey           :: scrAnyKey() | scrAnyKeyVal() % ?????
+                    , lastKey          :: scrAnyKey() | scrAnyKeyVal() % ?????
+                    , deletes = []     :: scrAnyKeys() | scrAnyKeyVals()
+                    , inserts = []     :: scrAnyKeys() | scrAnyKeyVals()
+                    , differences = [] :: scrAnyKeys() | scrAnyKeyVals()
                     }).
 
 % Debug macros
@@ -195,6 +203,8 @@ execute(Mod, Job, State, #{sync:=_, cleanup:=_, refresh:=_} = Args) when is_map(
 execute(Mod, Job, State, Args) when is_map(Args) ->
     execute(Mod, Job, State, maps:merge(#{sync=>true, cleanup=>true, refresh=>true}, Args)).
 
+%% execute one provisioning cycle (round) which can mean one sync, cleanup, refresh or a c/r cycle
+%% with priority in this order
 -spec execute(scrPhase(), jobModule(), jobName(), scrState(), jobArgs()) -> scrState() | no_return().
 execute(sync, Mod, Job, State, #{sync:=Sync} = Args) ->
     % perform a sync cycle
@@ -580,7 +590,6 @@ should_refresh(LastAttempt, LastSuccess, BatchInterval, Interval, Hours) ->
            end
     end.
 
-
 -spec is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> boolean().
 is_equal(_Key, S, S, _State) -> true;
 is_equal(_Key, S, D, _State) when is_map(S), is_map(D) ->
@@ -602,8 +611,8 @@ sync_log(Msg, {Key, _}, ShouldLog) -> sync_log(Msg, Key, ShouldLog);
 sync_log(Msg, Key, _) when is_binary(Key) -> ?JInfo("~s : ~s", [Msg, Key]);
 sync_log(Msg, Key, _) -> ?JInfo("~s : ~p", [Msg, Key]).
 
-%% chunked cleanup
-
+%% chunked cleanup, process possibly dirty keys (change events/differences) in the list
+%% for c/r (where events consist of kv tuples) this must be done in callback module ????
 -spec process_events(scrAnyKeys(), jobModule(), scrState()) -> {boolean(), scrState()}.
 process_events(Keys, Mod, State) ->
     ShouldLog = case erlang:function_exported(Mod, should_sync_log, 1) of
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index b6eff30a..ea47af89 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -9,11 +9,11 @@
 -type locKey() :: [string()].   % local key of a contact, e.g. ["contact","My","Ah2hA77a"]
 -type locId()  :: string().     % last item in locKey() is called local id e.g. "Ah2hA77a"
 -type locVal() :: map().        % local cvalue of a contact, converted to a map for processing
--type locBin() :: binary().     % local cvalue of a contact in binary form (often stored like that)
+%-type locBin() :: binary().     % local cvalue of a contact in binary form (often stored like that)
 -type remKey() :: binary().     % remote key of a contact, called <<"id">> in Office365
 -type remKeys():: [remKey()].   % list of remKey() type (e.g. DirtyKeys)
 -type remVal() :: map().        % remote value of a contact (relevant fields only)
--type remBin() :: binary().     % remote value of a contract in raw binary JSON form
+%-type remBin() :: binary().     % remote value of a contract in raw binary JSON form
 -type meta()   :: map().        % contact meta information with respect to this remote cloud
 
 
@@ -386,8 +386,8 @@ get_status(#state{}) -> #{}.
 
 init_state(_) -> #state{}.
 
-init({#dperlJob{name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args,
-                dstArgs=#{channel:=Channel} = DstArgs}, State}) ->
+init({#dperlJob{ name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args
+               , dstArgs=#{channel:=Channel} = DstArgs}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -396,21 +396,21 @@ init({#dperlJob{name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args,
             ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
             KeyPrefix = maps:get(keyPrefix, DstArgs, get_key_prefix(Name)),
-            TokenPrefix = get_auth_token_key_prefix(Name),
+            TokenPrefix = maps:get(tokenPrefix, Args, get_auth_token_key_prefix(Name)),
+            Type = maps:get(type, Args, pull),
+            ChannelBin = dperl_dal:to_binary(Channel),
+            dperl_dal:create_check_channel(ChannelBin),
+            ContactIff = <<"fun() ->imem_index:gen_iff_binterm_list_pattern([\"contact\",'_','_']) end.">>,
+            PLContact = [{':',<<"id">>, {'#', <<"values">>, {':', <<"META">>, <<"cvalue">>}}}],
+            IdxContact = #ddIdxDef{ id = ?CONTACT_INDEXID
+                                  , name = <<"idx_contact">>
+                                  , type = iv_k
+                                  , pl = PLContact
+                                  , vnf = <<"fun imem_index:vnf_identity/1.">>
+                                  , iff = ContactIff},
+            dperl_dal:create_check_index(ChannelBin, [IdxContact]),
             case dderl_oauth:get_token_info(AccountId, TokenPrefix, ?SYNC_OFFICE365) of
-                #{<<"access_token">> := Token} ->
-                    Type = maps:get(type, Args, pull),
-                    ChannelBin = dperl_dal:to_binary(Channel),
-                    dperl_dal:create_check_channel(ChannelBin),
-                    ContactIff = <<"fun() ->imem_index:gen_iff_binterm_list_pattern([\"contact\",'_','_']) end.">>,
-                    PLContact = [{':',<<"id">>, {'#', <<"values">>, {':', <<"META">>, <<"cvalue">>}}}],
-                    IdxContact = #ddIdxDef{id = ?CONTACT_INDEXID
-                                          ,name = <<"idx_contact">>
-                                          ,type = iv_k
-                                          ,pl = PLContact
-                                          ,vnf = <<"fun imem_index:vnf_identity/1.">>
-                                          ,iff = ContactIff},
-                    dperl_dal:create_check_index(ChannelBin, [IdxContact]),
+                #{<<"access_token">>:=Token} ->
                     {ok, State#state{ name=Name, type=Type, channel=ChannelBin, keyPrefix=KeyPrefix
                                     , apiUrl=ApiUrl, tokenPrefix=TokenPrefix
                                     , token=Token, accountId = AccountId
diff --git a/src/dperl/jobs/dpjob_ouraring_crawl.erl b/src/dperl/jobs/dpjob_ouraring_crawl.erl
index 3fdbd7ed..5d8f7233 100644
--- a/src/dperl/jobs/dpjob_ouraring_crawl.erl
+++ b/src/dperl/jobs/dpjob_ouraring_crawl.erl
@@ -1,11 +1,35 @@
 -module(dpjob_ouraring_crawl).
 
+%% implements scr puller callback for OuraRing cloud data as a cleanupCumRefresh job (c/r)
+%% avoids pulling incomplete intra-day data by not pulling beyond yesterday's data
+%% the default "OuraRing" identifier can be altered to camouflage the nature of the data
+%% this also supports multiple OuraRing pullers into the same table, if needed 
+
 -include("../dperl.hrl").
+-include("../dperl_strategy_scr.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr).
 
--define(AUTH_CONFIG(__JOB_NAME),
+-type metric()      :: string().     % "userinfo" | "sleep" | "readiness" | "activity".
+-type locKey()      :: [string()].   % local key of a metric, e.g. ["healthDevice","OuraRing","sleep"]
+-type locVal()      :: map().        % local cvalue of a metric, converted to a map for processing
+-type locKVP()      :: {locKey(), locVal()}.    % local key value pair
+-type year()        :: non_neg_integer().
+-type month()       :: 1..12.
+-type day()         :: 1..31.
+-type date()        :: {year(), month(), day()}.
+-type stringDate()  :: string().     % "YYYY-MM-DD"
+-type dayDate()     :: date() | stringDate().
+-type maybeDate()   :: undefined | date().
+-type status()      :: #{ lastSleepDay := maybeDate()
+                        , lastActivityDay := maybeDate()
+                        , lastReadinessDay := maybeDate()}.     % relevant cleanup status
+-type token()       :: binary().    % OAuth access token (refreshed after 'unauthorized')
+
+-define(METRICS, ["userinfo", "activity", "readiness", "sleep"]).
+
+-define(OAUTH2_CONFIG(__JOB_NAME),
         ?GET_CONFIG(oAuth2Config,[__JOB_NAME],
             #{auth_url =>"https://cloud.ouraring.com/oauth/authorize?response_type=code",
               client_id => "12345", redirect_uri => "https://localhost:8443/dderl/",
@@ -32,17 +56,19 @@
           "Days to be shifted backwards for starting the job")
        ).
 
--record(state,  { name
-                , channel
-                , is_connected = true
-                , access_token
-                , api_url
-                , last_sleep_day
-                , last_activity_day
-                , last_readiness_day
-                , infos = []
-                , key_prefix
-                , accountId
+-record(state,  { name                  :: jobName()
+                , type = pull           :: scrDirection()   % constant here
+                , channel               :: scrChannel()     % channel name
+                , keyPrefix             :: locKey()         % key space prefix in channel
+                , tokenPrefix           :: locKey()         % without id #token#
+                , token                 :: token()          % token binary string 
+                , apiUrl                :: string()
+                , isConnected = true    :: boolean()        % provokes unauthorized in first cycle
+                , lastSleepDay          :: maybeDate()
+                , lastActivityDay       :: maybeDate()
+                , lastReadinessDay      :: maybeDate()
+                , cycleBuffer = []      :: [locKVP()]       % dirty buffer for one c/r cycle
+                , accountId             :: ddEntityId()
                 }).
 
 % dperl_worker exports
@@ -78,35 +104,46 @@
         , report_status/3
         ]).
 
-get_auth_config() -> ?AUTH_CONFIG(<<>>).
+-spec get_auth_config() -> map().
+get_auth_config() -> ?OAUTH2_CONFIG(<<>>).
+
+-spec get_auth_config(jobName()) -> map().
+get_auth_config(JobName) -> ?OAUTH2_CONFIG(JobName).
 
-get_auth_config(JobName) -> ?AUTH_CONFIG(JobName).
+-spec get_auth_token_key_prefix() -> locKey().
+get_auth_token_key_prefix() -> ?OAUTH2_TOKEN_KEY_PREFIX(<<>>).
 
+-spec get_auth_token_key_prefix(jobName()) -> locKey().
+get_auth_token_key_prefix(JobName) -> ?OAUTH2_TOKEN_KEY_PREFIX(JobName).
+
+-spec get_key_prefix() -> locKey().
 get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
+-spec get_key_prefix(jobName()) -> locKey().
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
-get_auth_token_key_prefix() -> ?OAUTH2_TOKEN_KEY_PREFIX(<<>>).
 
-get_auth_token_key_prefix(JobName) -> ?OAUTH2_TOKEN_KEY_PREFIX(JobName).
-
-connect_check_src(#state{is_connected = true} = State) ->
+-spec connect_check_src(#state{}) -> {ok, #state{}} | {error, term(), #state{}}.
+connect_check_src(#state{isConnected = true} = State) ->
     {ok, State};
-connect_check_src(#state{is_connected=false, accountId=AccountId, key_prefix=KeyPrefix} = State) ->
+connect_check_src(#state{isConnected=false, accountId=AccountId, tokenPrefix=TokenPrefix} = State) ->
     ?JTrace("Refreshing access token"),
-    case dderl_oauth:refresh_access_token(AccountId, KeyPrefix, ?SYNC_OURARING) of
-        {ok, AccessToken} ->
-            ?Info("new access token fetched"),
-            {ok, State#state{access_token=AccessToken, is_connected=true}};
+    case dderl_oauth:refresh_access_token(AccountId, TokenPrefix, ?SYNC_OURARING) of
+        {ok, Token} ->
+            %?Info("new access token fetched"),
+            {ok, State#state{token=Token, isConnected=true}};
         {error, Error} ->
             ?JError("Unexpected response : ~p", [Error]),
             {error, Error, State}
     end.
 
-get_source_events(#state{infos = []} = State, _BulkSize) ->
+%% get CycleBuffer (dirty kv-pairs as detected in this c/r cycle)
+-spec get_source_events(#state{}, scrBatchSize()) ->
+    {ok, [{locKey(),locVal()}], #state{}} | {ok, sync_complete, #state{}}.
+get_source_events(#state{cycleBuffer=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{infos = Infos} = State, _BulkSize) ->
-    {ok, Infos, State#state{infos = []}}.
+get_source_events(#state{cycleBuffer=CycleBuffer} = State, _BulkSize) ->
+    {ok, CycleBuffer, State#state{cycleBuffer=[]}}.
 
 connect_check_dst(State) -> {ok, State}.
 
@@ -114,59 +151,71 @@ do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
 
 fetch_src({_Key, Value}, _State) -> Value.
 
-fetch_dst({Key, _}, State) ->
-    dperl_dal:read_channel(State#state.channel, Key).
+-spec fetch_dst(locKey(), #state{}) -> ?NOT_FOUND | locVal().
+fetch_dst({Key, _}, #state{channel=Channel}) ->
+    dperl_dal:read_channel(Channel, Key).
 
+-spec insert_dst(locKey(), locVal(), #state{}) -> {scrSoftError(), #state{}}.
 insert_dst(Key, Val, State) ->
     update_dst(Key, Val, State).
 
 report_status(_Key, _Status, _State) -> no_op.
 
-do_cleanup(State, _BlkCount) ->
-    Types = ["sleep", "activity", "readiness", "userinfo"],
-    case fetch_metrics(Types, State) of
+-spec do_cleanup(#state{}, scrBatchSize()) ->
+    {ok, #state{}} | {ok, finish, #state{}} | {error, term(), #state{}}.
+do_cleanup(#state{cycleBuffer=CycleBuffer} = State, _BlkCount) ->
+    case fetch_metrics(?METRICS, State) of
         {ok, State2} ->
-            case State2#state.infos of
-                [_] ->
+            case CycleBuffer of
+                [_] ->  % only userinfo remains. we are done
                     {ok, finish, State2};
-                _ ->
+                _ ->    % other items in the list, continue
                     {ok, State2}
             end;
         {error, Error} ->
-            {error, Error, State#state{is_connected = false}}
+            {error, Error, State#state{isConnected=false}}
     end.
 
+-spec delete_dst(locKey(), #state{}) -> {scrSoftError(), #state{}}. 
 delete_dst(Key, #state{channel = Channel} = State) ->
     ?JInfo("Deleting : ~p", [Key]),
     dperl_dal:remove_from_channel(Channel, Key),
     {false, State}.
 
+-spec update_dst(locKey() | locKVP(), locVal(), #state{}) -> {scrSoftError(), #state{}}.
 update_dst({Key, _}, Val, State) ->
     update_dst(Key, Val, State);
-update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
+update_dst(Key, Val, #state{channel=Channel} = State) when is_binary(Val) ->
     dperl_dal:write_channel(Channel, Key, Val),
     {false, State};
 update_dst(Key, Val, State) ->
     update_dst(Key, imem_json:encode(Val), State).
 
-get_status(#state{last_sleep_day = LastSleepDay,
-                  last_activity_day = LastActivityDay,
-                  last_readiness_day = LastReadinessDay}) ->
-    #{lastSleepDay => LastSleepDay, lastActivityDay => LastActivityDay,
-      lastReadinessDay => LastReadinessDay}.
+-spec get_status(#state{}) -> status().
+get_status(#state{ lastSleepDay=LastSleepDay, lastActivityDay=LastActivityDay
+                 , lastReadinessDay=LastReadinessDay}) ->
+    #{ lastSleepDay=>LastSleepDay
+     , lastActivityDay=>LastActivityDay
+     , lastReadinessDay=>LastReadinessDay}.
 
+%% (partially) initialize job state from status info in first matching 
+%% jobDyn table (from all available nodes) 
+-spec init_state([#dperlNodeJobDyn{}]) -> #state{}.
 init_state([]) -> #state{};
 init_state([#dperlNodeJobDyn{state = State} | _]) ->
     LastSleepDay = maps:get(lastSleepDay, State, undefined),
     LastActivityDay = maps:get(lastActivityDay, State, undefined),
     LastReadinessDay = maps:get(lastReadinessDay, State, undefined),
-    #state{last_sleep_day = LastSleepDay, last_activity_day = LastActivityDay,
-           last_readiness_day = LastReadinessDay};
-init_state([_ | Others]) ->
-    init_state(Others).
-
-init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
-                srcArgs = #{api_url := ApiUrl}}, State}) ->
+    #state{ lastSleepDay=LastSleepDay
+          , lastActivityDay=LastActivityDay
+          , lastReadinessDay = LastReadinessDay};
+init_state([_|Others]) -> init_state(Others).
+
+%% fully initialize a job using the job config and the partially filled
+%% state record (see init_state) derived from nodeJobDyn entries
+-spec init({#dperlJob{}, #state{}}) -> {ok, #state{}} | {stop, badarg}.
+init({#dperlJob{ name=Name, dstArgs=#{channel:=Channel} = DstArgs, args=Args
+               , srcArgs=#{apiUrl:=ApiUrl}}, State}) ->
     case dperl_auth_cache:get_enc_hash(Name) of
         undefined ->
             ?JError("Encryption hash is not avaialable"),
@@ -174,13 +223,15 @@ init({#dperlJob{name=Name, dstArgs = #{channel := Channel} = DstArgs,
         {AccountId, EncHash} ->
             ?JInfo("Starting with ~p's enchash...", [AccountId]),
             imem_enc_mnesia:put_enc_hash(EncHash),
-            KeyPrefix = maps:get(key_prefix, DstArgs, get_key_prefix(Name)),
-            case dderl_oauth:get_token_info(AccountId, get_auth_token_key_prefix(Name), ?SYNC_OURARING) of
-                #{<<"access_token">> := AccessToken} ->
-                    ChannelBin = dperl_dal:to_binary(Channel),
-                    dperl_dal:create_check_channel(ChannelBin),
-                    {ok, State#state{channel=ChannelBin, api_url=ApiUrl, accountId=AccountId,
-                                    key_prefix=KeyPrefix, access_token=AccessToken}};
+            KeyPrefix = maps:get(keyPrefix, DstArgs, get_key_prefix(Name)),
+            TokenPrefix = maps:get(tokenPrefix, Args, get_auth_token_key_prefix(Name)),
+            ChannelBin = dperl_dal:to_binary(Channel),
+            dperl_dal:create_check_channel(ChannelBin),
+            case dderl_oauth:get_token_info(AccountId, TokenPrefix, ?SYNC_OURARING) of
+                #{<<"access_token">> := Token} ->
+                    {ok, State#state{ name=Name, channel=ChannelBin, keyPrefix=KeyPrefix
+                                    , apiUrl=ApiUrl, tokenPrefix=TokenPrefix, token=Token
+                                    , accountId = AccountId}};
                 _ ->
                     ?JError("Access token not found for KeyPrefix ~p",[KeyPrefix]),
                     {stop, badarg}
@@ -208,92 +259,105 @@ terminate(Reason, _State) ->
 
 %% private functions
 
+%% perform one fetch round for all desired metrics
+%% fetch one value per metric for its respective due date
+%% skip to next metric, if metric is not available or if all values are fetched
+%% aggregate kv into cycleBuffer in state to be processed/stored per round  
+-spec fetch_metrics([metric()], #state{}) -> {ok, #state{}} | {error, term()}.
 fetch_metrics([], State) -> {ok, State};
-fetch_metrics(["userinfo" | Types], State) ->
+fetch_metrics(["userinfo"|Metrics], State) ->
     case fetch_userinfo(State) of
-        {error, Error} ->
-            {error, Error};
-        State1 ->
-            fetch_metrics(Types, State1)
+        {error, Error} ->   {error, Error};
+        {ok, State1} ->     fetch_metrics(Metrics, State1)
     end;
-fetch_metrics([Type | Types], State) ->
-    case get_day(Type, State) of
+fetch_metrics([Metric|Metrics], #state{cycleBuffer=CycleBuffer} = State) ->
+    case get_day(Metric, State) of
         fetched ->
-            fetch_metrics(Types, State);
+            fetch_metrics(Metrics, State);
         Day ->
-            case fetch_metric(Type, Day, State) of
+            case fetch_metric(Metric, Day, State) of
                 {error, Error} ->
                     {error, Error};
                 none ->
-                    fetch_metrics(Types, State);
-                {ok, MDay, Metric} ->
-                    State1 = set_metric_day(Type, MDay, State#state{infos = [Metric | State#state.infos]}),
-                    fetch_metrics(Types, State1)
+                    fetch_metrics(Metrics, State);
+                {ok, MDay, KVP} ->
+                    State1 = set_metric_day(Metric, MDay, State#state{cycleBuffer=[KVP|CycleBuffer]}),
+                    fetch_metrics(Metrics, State1)
             end
     end.
 
-fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
+%% fetch metric value for Day from cloud service, if it exists
+%% values may be missing for certain days in which case a 'start_day_query' is used which gives
+%% the first data after the missing day 
+-spec fetch_metric(metric(), date(), #state{}) -> {ok, date(), locKVP()} | none | {error, term()}.
+fetch_metric(Metric, Day, #state{keyPrefix=KeyPrefix, apiUrl=ApiUrl, token=Token} = State) ->
+    ?JInfo("Fetching metric for ~s on ~p", [Metric, Day]),
     NextDay = next_day(Day),
-    case fetch_metric(Type, day_query(Day), ApiUrl, AccessToken) of
+    case fetch_metric(Metric, day_query(Day), ApiUrl, Token) of
         none ->
-            case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
-                {ok, _} ->
-                    fetch_metric(Type, NextDay, State);
-                _Other ->
-                    none
+            case fetch_metric(Metric, start_day_query(NextDay), ApiUrl, Token) of
+                {ok, _} ->  fetch_metric(Metric, NextDay, State);
+                _Other ->   none
             end;
-        {ok, Metric} ->
-            Key = build_key(Type, State#state.key_prefix),
-            Info = {Key, Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
-            case Type of
-                Type when Type == "sleep"; Type == "readiness" ->
-                    {ok, Day, Info};
+        {ok, Value} ->
+            Key = build_key(KeyPrefix, Metric),
+            KVP = {Key, Value#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            case Metric of
+                Metric when Metric=="sleep"; Metric=="readiness" ->
+                    {ok, Day, KVP};
                 "activity" ->
-                    % fetching activity only if next days data exists
-                    case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
-                        {ok, _} ->
-                            {ok, Day, Info};
-                        Other ->
-                            Other
+                    % fetching activity only if next days activity data (partially) exists
+                    case fetch_metric(Metric, start_day_query(NextDay), ApiUrl, Token) of
+                        {ok, _} ->          {ok, Day, KVP};
+                        none ->             none;
+                        {error, Error} ->   {error, Error}
                     end
             end;
         {error, Error} ->
-            ?JError("Error fetching ~s for ~p : ~p", [Type, Day, Error]),
+            ?JError("Error fetching ~s for ~p : ~p", [Metric, Day, Error]),
             {error, Error}
     end.
 
-fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
-    Url = ApiUrl ++ Type ++ DayQuery,
-    TypeBin = list_to_binary(Type),
-    case exec_req(Url, AccessToken) of
-        #{TypeBin := []} ->
-            none;
-        Metric when is_map(Metric) ->
-            {ok, Metric};
-        {error, Error} ->
-            {error, Error}
+%% fetch metric data from Oura cloud by metric and date condition (given as url parameter string)
+-spec fetch_metric(metric(), string(), string(), token()) -> {ok, locVal()} | none | {error, term()}.
+fetch_metric(Metric, DayQuery, ApiUrl, Token) ->
+    Url = ApiUrl ++ Metric ++ DayQuery,
+    MetricBin = list_to_binary(Metric),
+    case exec_req(Url, Token) of
+        #{MetricBin:=[]} ->             none;
+        Value when is_map(Value) ->     {ok, Value};
+        {error, Error} ->               {error, Error}
     end.
 
-fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
-    case exec_req(ApiUrl ++ "userinfo", AccessToken) of
+%% fetch userinfo from Oura cloud and add it to the CycleBuffer
+%% userinfo comes as latest value only, no day history available
+-spec fetch_userinfo(#state{}) ->{ok, #state{}} | {error, term()}.
+fetch_userinfo(#state{keyPrefix=KeyPrefix, apiUrl=ApiUrl, token=Token, cycleBuffer=CycleBuffer} = State) ->
+    case exec_req(ApiUrl ++ "userinfo", Token) of
         UserInfo when is_map(UserInfo) ->
-            Info = {build_key("userinfo", State#state.key_prefix), UserInfo},
-            State#state{infos = [Info | State#state.infos]};
+            KVP = {build_key(KeyPrefix, "userinfo"), UserInfo},
+            {ok, State#state{cycleBuffer=[KVP|CycleBuffer]}};
         {error, Error} ->
             ?JError("Error fetching userinfo : ~p", [Error]),
             {error, Error}
     end.
 
-get_day(Type, State) ->
-    LastDay = get_last_day(Type, State),
-    Key = build_key(Type, State#state.key_prefix),
+%% evaluate next day to fetch or 'fetched' if done
+%% increment the _day value for the current metric but not beyond yesterday
+%% if current metric does not exist in avatar, it may need to be initialized
+%% in the past as configured in ?SHIFT_DAYS, else use last day previously fetched
+%% day for this metric according to jobDyn state and increment by one day
+%% re-fetch yesterday if not there
+-spec get_day(metric(), #state{}) -> date() | fetched.
+get_day(Metric, #state{name=Name, keyPrefix=KeyPrefix, channel=Channel} = State) ->
+    LastDay = get_last_day(Metric, State),
+    Key = build_key(KeyPrefix, Metric),
     Yesterday = edate:yesterday(),
-    case dperl_dal:read_channel(State#state.channel, Key) of
+    case dperl_dal:read_channel(Channel, Key) of
         ?NOT_FOUND ->
             case LastDay of
                 undefined ->
-                    SDays = ?SHIFT_DAYS(State#state.name),
+                    SDays = ?SHIFT_DAYS(Name),
                     edate:shift(-1 * SDays, days);
                 Yesterday ->
                     Yesterday;
@@ -309,8 +373,10 @@ get_day(Type, State) ->
             end
     end.
 
-exec_req(Url, AccessToken) ->
-    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+%% request a map response from web service (local value to be stored in avatar)
+-spec exec_req(string(),token()) -> locVal() | {error, term()}.
+exec_req(Url, Token) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
     case httpc:request(get, {Url, AuthHeader}, [], []) of
         {ok, {{_, 200, "OK"}, _, Result}} ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
@@ -321,29 +387,28 @@ exec_req(Url, AccessToken) ->
             {error, Error}
     end.
 
-next_day(Day) when is_list(Day) ->
-    next_day(edate:string_to_date(Day));
-next_day(Day) when is_tuple(Day) ->
-    edate:shift(Day, 1, day).
+-spec next_day(dayDate()) -> date().
+next_day(Day) when is_list(Day) ->          (edate:string_to_date(Day));
+next_day(Day) when is_tuple(Day) ->         edate:shift(Day, 1, day).
 
-day_query(Day) when is_tuple(Day) ->
-    day_query(edate:date_to_string(Day));
-day_query(Day) when is_list(Day) ->
-    "?start=" ++ Day ++ "&end=" ++ Day.
+-spec day_query(dayDate()) -> string().
+day_query(Day) when is_tuple(Day) ->        day_query(edate:date_to_string(Day));
+day_query(Day) when is_list(Day) ->         "?start=" ++ Day ++ "&end=" ++ Day.
 
-start_day_query(Day) when is_tuple(Day) ->
-    start_day_query(edate:date_to_string(Day));
-start_day_query(Day) when is_list(Day) ->
-    "?start=" ++ Day.
+-spec start_day_query(dayDate()) -> string().
+start_day_query(Day) when is_tuple(Day) ->  start_day_query(edate:date_to_string(Day));
+start_day_query(Day) when is_list(Day) ->   "?start=" ++ Day.
 
-get_last_day("sleep", #state{last_sleep_day = LastSleepDay}) -> LastSleepDay;
-get_last_day("activity", #state{last_activity_day = LastActivityDay}) -> LastActivityDay;
-get_last_day("readiness", #state{last_readiness_day = LastReadinessDay}) -> LastReadinessDay.
+-spec get_last_day(metric(), #state{}) -> maybeDate().
+get_last_day("sleep", #state{lastSleepDay=LastSleepDay}) -> LastSleepDay;
+get_last_day("activity", #state{lastActivityDay=LastActivityDay}) -> LastActivityDay;
+get_last_day("readiness", #state{lastReadinessDay=LastReadinessDay}) -> LastReadinessDay.
 
-set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
-set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
-set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
+-spec set_metric_day(metric(), maybeDate(), #state{}) -> #state{}.
+set_metric_day("sleep", Day, State) -> State#state{lastSleepDay=Day};
+set_metric_day("activity", Day, State) -> State#state{lastActivityDay=Day};
+set_metric_day("readiness", Day, State) -> State#state{lastReadinessDay=Day}.
 
-build_key(Type, KeyPrefix) when is_list(Type), is_list(KeyPrefix)->
-    KeyPrefix ++ [Type].
+-spec build_key(locKey(), metric()) -> locKey().
+build_key(KeyPrefix, Metric) when is_list(Metric), is_list(KeyPrefix) -> KeyPrefix ++ [Metric].
 

From 2f9d6997dccf0cc0c9ed7cd70073fe47afc4217d Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Mon, 29 Jun 2020 18:16:30 +0200
Subject: [PATCH 63/72] reworking Office365 puller

---
 src/dderl_oauth.erl                     |  25 +-
 src/dderl_session.erl                   |   2 +-
 src/dperl/dperl_dal.erl                 | 108 +++--
 src/dperl/dperl_strategy_scr.erl        | 402 +++++++++-------
 src/dperl/dperl_strategy_scr.hrl        |  17 +-
 src/dperl/jobs/dpjob_office_365.erl     | 598 ++++++++++++++----------
 src/dperl/jobs/dpjob_ouraring_crawl.erl |  30 +-
 7 files changed, 685 insertions(+), 497 deletions(-)

diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index d9bef261..438ac01b 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -24,8 +24,8 @@ get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
     State = #{xsrfToken => XSRFToken, type => SyncType},
     #{auth_url:=Url, client_id:=ClientId, redirect_uri:=RedirectURI, scope:=Scope} = AuthConfig, 
     UrlParams = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI},
-          "scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
+        #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI}
+         ,"scope" => {enc, Scope}, "state" => {enc, imem_json:encode(State)}}),
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
 
@@ -41,13 +41,13 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
             {error, E}
     end,
     %?Info("get_access_token AuthConfig: ~p",[AuthConfig]),
-    #{token_url := TUrl, client_id := ClientId, redirect_uri := RedirectURI,
-            client_secret := Secret, grant_type := GrantType,
-            scope := Scope} = AuthConfig,
+    #{token_url:=TUrl, client_id:=ClientId, redirect_uri:=RedirectURI
+     ,client_secret:=Secret, grant_type:=GrantType
+     ,scope := Scope} = AuthConfig,
     Body = dperl_dal:url_enc_params(
-        #{"client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code,
-        "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType,
-        "client_secret" => {enc, Secret}}),
+        #{ "client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code
+         , "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType
+         , "client_secret" => {enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
@@ -66,15 +66,16 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
 refresh_access_token(AccountId, TokenPrefix, SyncType) ->
     #{token_url:=TUrl, client_id:=ClientId, scope:=Scope, client_secret:=Secret} 
         = SyncType:get_auth_config(),
-    %?Info("refresh_access_token ~p ~p ~p",[AccountId, TokenPrefix, SyncType]),
+    ?Info("refresh_access_token ~p ~p ~p",[AccountId, TokenPrefix, SyncType]),
     #{<<"refresh_token">>:=RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncType),
     Body = dperl_dal:url_enc_params(#{ "client_id"=>ClientId, "client_secret"=>{enc, Secret}
                                      , "scope"=>{enc, Scope}, "refresh_token"=>RefreshToken
                                      , "grant_type"=>"refresh_token"}),
     ContentType = "application/x-www-form-urlencoded",
-    %?Info("refresh_access_token TUrl=~p",[TUrl]),
-    %?Info("refresh_access_token ContentType=~p",[ContentType]),
-    %?Info("refresh_access_token Body=~p",[Body]),
+    ?Info("refresh_access_token TUrl=~p",[TUrl]),
+    ?Info("refresh_access_token ContentType=~p",[ContentType]),
+    ?Info("refresh_access_token Body=~p",[Body]),
+    ?Info("refresh_access_token RefreshToken=~p",[RefreshToken]),
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index e07b87ca..2b2e0100 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -400,7 +400,7 @@ process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
     #{<<"oauth2_callback">> := 
         #{<<"code">> := Code, <<"state">> := #{<<"type">> := SyncType}}} = jsx:decode(ReqData, [return_maps]),
     ?Info("oauth2_callback SyncType: ~p Code: ~p",[SyncType, Code]),
-    % ToDo: Check if this data can this be trusted
+    % ToDo: Check if this data can be trusted
     {SyncHandler,TokenPrefix} = try
         SH = binary_to_existing_atom(SyncType,utf8),
         {SH,SH:get_auth_token_key_prefix()} % ToDo: may depend on JobName or TokenPrefix
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index e6a0d791..383c6dda 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -66,8 +66,12 @@
         ,worker_error/4
         ,write/2
         ,write_channel/3
+        ,write_channel_no_audit/3
         ,write_if_different/3
         ,write_protected/6
+        ,read_channel_index/2
+        ,read_channel_index_key/2
+        ,read_channel_index_key_prefix/3
         ]).
 
 check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
@@ -115,6 +119,16 @@ write_channel(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
        Other -> {error, Other}
    end.
 
+-spec write_channel_no_audit(binary(), any(), any()) -> ok | {error, any()}.
+write_channel_no_audit(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
+   case catch imem_dal_skvh:write(system, Channel, Key, Val) of
+       Res when is_map(Res) -> ok;
+       {'EXIT', Error} -> {error, Error};
+       {error, Error} -> {error, Error};
+       Other -> {error, Other}
+   end.
+
+
 write_if_different(Channel, Key, Val) ->
     case imem_dal_skvh:read(system, Channel, [Key]) of
         [#{cvalue := Val}] -> no_op;
@@ -130,6 +144,16 @@ read_channel(Channel, Key) when is_binary(Channel) ->
        _ -> ?NOT_FOUND
    end.
 
+read_channel_index(Channel, Stu) ->
+    imem_meta:read(imem_meta:index_table(Channel), Stu).
+
+read_channel_index_key(Channel, Stu) ->
+    [sext:decode(Row#ddIndex.lnk) || Row <- read_channel_index(Channel, Stu)].
+
+read_channel_index_key_prefix(Channel, Stu, Prefix) ->
+    F = fun(X) -> lists:prefix(Prefix,X) end,
+    lists:filter(F, read_channel_index_key(Channel, Stu)).
+
 read_channel_raw(Channel, Key) when is_list(Channel) ->
     read_channel_raw(list_to_binary(Channel), Key);
 read_channel_raw(Channel, Key) when is_binary(Channel) ->
@@ -313,18 +337,16 @@ update_job_dyn(JobName, State) when is_binary(JobName) andalso is_map(State) ->
     imem_meta:transaction(fun() ->
     case imem_meta:read(?JOBDYN_TABLE, JobName) of
         [] ->
-            ok = imem_meta:write(
-                   ?JOBDYN_TABLE,
-                   #dperlNodeJobDyn{name = JobName, state = State,
-                                   status = synced,
-                                   statusTime = imem_meta:time_uid()});
+            ok = imem_meta:write(?JOBDYN_TABLE,
+                                 #dperlNodeJobDyn{ name=JobName, state=State, status=synced
+                                                 , statusTime = imem_meta:time_uid()});
         [#dperlNodeJobDyn{state=OldState} = J] ->
             NewState = maps:merge(OldState, State),
-            if OldState /= NewState ->
-                   ok = imem_meta:write(
-                          ?JOBDYN_TABLE,
-                          J#dperlNodeJobDyn{state = NewState,
-                                           statusTime = imem_meta:time_uid()});
+            if 
+                OldState /= NewState ->
+                    ok = imem_meta:write(?JOBDYN_TABLE,
+                                         J#dperlNodeJobDyn{ state=State
+                                                          , statusTime=imem_meta:time_uid()});
                true -> ok
             end
     end end);
@@ -335,45 +357,44 @@ update_job_dyn(JobName, Status) when is_binary(JobName) andalso
         Status == idle orelse Status == error orelse Status == stopped) ->
     case imem_meta:read(?JOBDYN_TABLE, JobName) of
         [] ->
-            ok = imem_meta:write(
-                   ?JOBDYN_TABLE,
-                   #dperlNodeJobDyn{name = JobName, state = #{},
-                                   status = Status,
-                                   statusTime = imem_meta:time_uid()});
+            ok = imem_meta:write(?JOBDYN_TABLE,
+                                 #dperlNodeJobDyn{ name=JobName, state=#{}
+                                                 , status=Status
+                                                 , statusTime=imem_meta:time_uid()});
         [#dperlNodeJobDyn{status = OldStatus} = J] ->
-            if OldStatus /= Status orelse
-               (OldStatus == Status andalso Status == error) ->
-                   ok = imem_meta:write(
-                          ?JOBDYN_TABLE,
-                          J#dperlNodeJobDyn{status = Status,
-                                           statusTime = imem_meta:time_uid()});
-               true -> ok
+            if 
+                OldStatus /= Status orelse
+                (OldStatus == Status andalso Status == error) ->
+                    ok = imem_meta:write(?JOBDYN_TABLE,
+                                         J#dperlNodeJobDyn{ status=Status
+                                                          , statusTime=imem_meta:time_uid()});
+                true -> ok
             end
     end.
 
-update_job_dyn(JobName, State, Status) when is_binary(JobName) andalso is_map(State) andalso
+update_job_dyn(JobName, State, Status) 
+    when is_binary(JobName) andalso is_map(State) andalso
        (Status == synced orelse Status == undefined orelse
         Status == cleaning orelse Status == cleaned orelse
         Status == refreshing orelse Status == refreshed orelse
         Status == idle orelse Status == error orelse Status == stopped) ->
     case imem_meta:read(?JOBDYN_TABLE, JobName) of
         [] ->
-            ok = imem_meta:write(
-                   ?JOBDYN_TABLE,
-                   #dperlNodeJobDyn{name = JobName, state = State,
-                                   status = Status,
-                                   statusTime = imem_meta:time_uid()});
-        [#dperlNodeJobDyn{state=OldState, status=OldStatus, statusTime = OTime} = J] ->
+            ok = imem_meta:write(?JOBDYN_TABLE,
+                                 #dperlNodeJobDyn{ name=JobName, state=State
+                                                 , status=Status
+                                                 , statusTime=imem_meta:time_uid()});
+        [#dperlNodeJobDyn{state=OldState, status=OldStatus, statusTime=OTime} = J] ->
             NewState = maps:merge(OldState,State),
             TimeDiff = imem_datatype:sec_diff(OTime),
-            if NewState /= OldState orelse (OldStatus == error andalso Status /= idle)
-               orelse (OldStatus /= error andalso Status /= OldStatus) 
-               orelse (OldStatus == Status andalso Status == idle)
-               orelse TimeDiff > 1  ->
-                   ok = imem_meta:write(
-                          ?JOBDYN_TABLE,
-                          J#dperlNodeJobDyn{state = NewState, status = Status,
-                                           statusTime = imem_meta:time_uid()});
+            if 
+                NewState /= OldState orelse (OldStatus == error andalso Status /= idle)
+                orelse (OldStatus /= error andalso Status /= OldStatus) 
+                orelse (OldStatus == Status andalso Status == idle)
+                orelse TimeDiff > 1  ->
+                    ok = imem_meta:write(?JOBDYN_TABLE,
+                                         J#dperlNodeJobDyn{ state=NewState, status=Status
+                                                          , statusTime=imem_meta:time_uid()});
                true -> ok
             end
     end.
@@ -387,9 +408,8 @@ get_last_state(JobName) when is_binary(JobName) ->
 
 get_last_audit_time(JobName) ->
     case get_last_state(JobName) of
-        #{lastAuditTime := LastAuditTime} ->
-            LastAuditTime;
-        _ -> {0,0,0}
+        #{lastAuditTime := LastAuditTime} ->    LastAuditTime;
+        _ ->                                    ?EPOCH
     end.
 
 count_sibling_jobs(Module, Channel) ->
@@ -564,6 +584,8 @@ safe_json_map(Value) when is_binary(Value) ->
         DecodedValue when is_list(DecodedValue) -> DecodedValue
     end.
 
+%% sort lists inside a map recursively so that the compare result 
+%% does not depend on list order 
 -spec normalize_map(map()) -> map().
 normalize_map(Map) when is_map(Map)->
     maps:map(
@@ -719,10 +741,8 @@ activity_logger(StatusCtx, Name, Extra) ->
 -spec url_enc_params(map()) -> binary().
 url_enc_params(Params) ->
     EParams = maps:fold(
-        fun(K, {enc, V}, Acc) ->
-            ["&", K, "=", http_uri:encode(V) | Acc];
-           (K, V, Acc) ->
-            ["&", K, "=", V | Acc]
+        fun(K, {enc, V}, Acc) ->    ["&", K, "=", http_uri:encode(V) | Acc];
+           (K, V, Acc) ->           ["&", K, "=", V | Acc]
         end, [], Params),
     erlang:iolist_to_binary([tl(EParams)]).
 
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 857037aa..b5c303ea 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -15,49 +15,70 @@
 
 % check if source data is currently acessible
 -callback connect_check_src(scrState()) ->
-    {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
+            {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
 
 % get a key list (limited in length) of recent changes on source side
-% often achieved by scanning an audit log after last checked timestamp (from state)
-% basis for sync cycle (differential change provisioning)
-% for normal cleanup, a list of (possibly) dirty keys is returned
-% for c/r jobs, a list of (possibly) dirty KV pairs is returned
+% often achieved by scanning an audit log after last checked timestamp (from state).
+% Basis for sync cycle (differential change provisioning)
+% For normal cleanup, a list of (possibly) dirty keys is returned
+% For c/r jobs, a list of (possibly) dirty KV pairs is returned where V can 
+% stand for (choice of the callback module and more precisely typed there):
+% - a scalar value
+% - a value map (usually representing a JSON part)
+% - some hash of the value or KV pair (e.g. used in copy-jobs)
+% - a structured value, e.g. {Content,Meta}
+% Structured values can contain properties which should be ignored in
+% an overridden compare function is_equal()
 -callback get_source_events(scrState(), scrBatchSize()) ->
-    {ok, scrAnyKeys(), scrState()} | 
-    {ok, scrAnyKeyVals(), scrState()} | 
-    {ok, sync_complete, scrState()} | 
-    {error, scrAnyKey()}.
+            {ok, scrAnyKeys(), scrState()} | 
+            {ok, scrAnyKeyVals(), scrState()} | 
+            {ok, sync_complete, scrState()} | 
+            {error, scrAnyKey()}.
 
 % check if destination data is currently acessible
 -callback connect_check_dst(scrState()) ->
-    {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
+            {ok, scrState()} | {error, any()} | {error, any(), scrState()}.
 
 % fetch one item from source (if it exists)
--callback fetch_src(scrAnyKey(), scrState()) -> ?NOT_FOUND | scrAnyVal().
+% return scrAnyVal() for cleanup
+% return scrAnyKeyVal() for c/r
+-callback fetch_src(scrAnyKey() | scrAnyKeyVal() , scrState()) -> 
+            ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal().
 
 % fetch one item from destination (if it exists)
--callback fetch_dst(scrAnyKey(), scrState()) -> ?NOT_FOUND | scrAnyVal().
+% return scrAnyVal() for cleanup
+% return scrAnyKeyVal() for c/r
+-callback fetch_dst(scrAnyKey() | scrAnyKeyVal(), scrState()) -> 
+            ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal().
 
 % delete one item from destination (if it exists)
-% first element in result is true if a delete was unnecessary
-% callback is responsible for deciding if no_op delete is an error or not
--callback delete_dst(scrAnyKey(), scrState()) -> {scrSoftError(), scrState()}.
+% scrSoftError() = true signals that a soft error happened which is skipped without throwing
+% leaving a chance to fix it in one of the next cycles 
+-callback delete_dst(scrAnyKey() | scrAnyKeyVal(), scrState()) -> 
+            {scrSoftError(), scrState()}.
 
 % insert one item to destination (which is assumed to not exist)
-% if the callback is able to do an update instead of an insert it can do it responsibly.
--callback insert_dst(scrAnyKey(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
+% scrAnyVal() is used to insert the value, not the value part of scrAnyKeyVal()
+% scrSoftError() = true signals that a soft error happened which is skipped without throwing 
+% leaving a chance to fix it in one of the next cycles 
+-callback insert_dst(scrAnyKey() | scrAnyKeyVal(), scrAnyVal(), scrState()) -> 
+            {scrSoftError(), scrState()}.
 
 % update one item in destination (which is assumed to exist)
-% if the callback is able to do an insert instead of an update it can do it responsibly.
-% ATTENTION: for c/r jobs the first parameter may be a KV Pair from which only the key is used
--callback update_dst(scrAnyKey()|scrAnyKeyVal(), scrAnyVal(), scrState()) -> {scrSoftError(), scrState()}.
+% scrAnyVal() is used to change the value, not the value part of scrAnyKeyVal()
+% scrSoftError() = true signals that a soft error happened which is skipped without throwing 
+% leaving a chance to fix it in one of the next cycles 
+-callback update_dst(scrAnyKey() | scrAnyKeyVal(), scrAnyVal(), scrState()) -> 
+            {scrSoftError(), scrState()}.
 
 % allow the callback implementation act upon an error or warning message
-% result is ignored, used for debugging only
--callback report_status(scrAnyKey(), scrStatus(), scrState()) -> ok | no_op | {error, term()}.
+% result is ignored and used for debugging only
+-callback report_status(scrAnyKey() | scrAnyKeyVal(), scrErrorInfo(), scrState()) -> 
+            ok | no_op | {error, term()}.
 
 % execute one more refresh cycle with limited block size
--callback do_refresh(scrState(), scrBatchSize()) -> {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
+-callback do_refresh(scrState(), scrBatchSize()) -> 
+            {{ok, scrState()} | {ok, finish, scrState() | error, any()}}.
 
 % optional callbacks
 
@@ -66,7 +87,8 @@
                           LastSuccess::ddTimestamp(),
                           BatchInterval::scrMsecInterval(),     % delay between cleanup batches
                           CycleInterval::scrMsecInterval(),     % delay between cleanup cycles
-                          scrState()) -> true | false.
+                          scrState()) -> 
+            true | false.
 
 % override callback for refresh execution permission
 -callback should_refresh( LastAttempt::ddTimestamp(),
@@ -74,10 +96,12 @@
                           BatchInterval::scrMsecInterval(),     % delay between refresh batches
                           CycleInterval::scrMsecInterval(),     % delay between refresh cycles
                           scrHoursOfDay(), 
-                          scrState()) -> true | false.
+                          scrState()) -> 
+            true | false.
 
 % override for value compare function
--callback is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> true | false.
+-callback is_equal(scrAnyKey() | scrAnyKeyVal(), scrAnyVal(), scrAnyVal(), scrState()) -> 
+            true | false.
 
 % override for destination channel insert/update/delete (final data change)
 % only used for protected configurations (reversing the direction of data flow)
@@ -99,60 +123,76 @@
                      update_channel/5, finalize_src_events/1,
                      should_sync_log/1]).
 
-% execute simple cleanup for next batch of keys 
--callback do_cleanup( scrState(), CleanupBulkCount::scrBatchSize()) -> 
+% execute simple cleanup for accumulated list of dirty keys (or KVPs in case of c/r).
+% Must decide if cleanup is finished.
+-callback do_cleanup( scrState(), scrBatchSize()) -> 
     {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
 
-% execute cleanup for found differences (Deletes and Inserts)
--callback do_cleanup( Deletes::scrAnyKeys() | scrAnyKeyVal(), 
-                      Inserts::scrAnyKeys() | scrAnyKeyVal(), 
-                      SearchingMatch::boolean(),    % NextLastKey == MinKey
+% prepare cleanup sync for found differences (Deletes and Inserts)
+% by adding these keys to the sync event list in the state (dirty Keys).
+% These (potentially) 'dirty' keys will be dealt with in the following sync cycle
+-callback do_cleanup( Deletes::scrAnyKeys(), 
+                      Inserts::scrAnyKeys(), 
+                      IsCycleComplete::boolean(),    % NextLastKey == MinKey
                       scrState()) -> 
-    {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
-
-% execute cleanup/refresh for found differences (Deletes, Inserts and value Diffs)
--callback do_cleanup( Deletes::scrAnyKeys() | scrAnyKeyVal(), 
-                      Inserts::scrAnyKeys() | scrAnyKeyVal(),
-                      Diffs::scrAnyKeys() | scrAnyKeyVal(), 
-                      SearchingMatch::boolean(),    % NextLastKey == MinKey
+            {ok, scrState()} | 
+            {ok, finish, scrState()} | 
+            {error, term(), scrState()} | 
+            {error, term()}.
+
+% prepare cleanup/refresh sync for found differences (Deletes, Diffs, Inserts)
+% by adding these Keys to the sync event list in the state (dirty Keys)
+% These (potentially) 'dirty' keys will be dealt with in the following sync cycle
+-callback do_cleanup( Deletes::scrAnyKeys(), 
+                      Inserts::scrAnyKeys(),
+                      Diffs::scrAnyKeys(), 
+                      IsCycleComplete::boolean(),    % NextLastKey == MinKey
                       scrState()) -> 
-    {ok, scrState()} | {ok, finish, scrState()} | {error, term(), scrState()} | {error, term()}.
-
-% bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from source
-% a callback module implementing this and load_dst_after_key signals that it wants
-% to fully control the cleanup/refresh procedure 
--callback load_src_after_key( LastKeySeen::scrAnyKey() | scrAnyKeyVal(), 
-                              scrBatchSize(), 
-                              scrState()) ->
-    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, term(), scrState()}.
-
-% bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from destination
-% a callback module implementing this and load_src_after_key signals that it wants
-% to fully control the cleanup/refresh procedure 
--callback load_dst_after_key( LastKeySeen::scrAnyKey() | scrAnyKeyVal(), 
-                              scrBatchSize(), 
-                              scrState()) ->
-    {ok, scrAnyKeys(), scrState()} | {ok, scrAnyKeyVals(), scrState()} | {error, any(), scrState()}.
-
--optional_callbacks([ do_cleanup/2
-                    , do_cleanup/4
-                    , do_cleanup/5
-                    , load_src_after_key/3
-                    , load_dst_after_key/3
+            {ok, scrState()} | 
+            {ok, finish, scrState()} | 
+            {error, term(), scrState()} | 
+            {error, term()}.
+
+% bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from source.
+% up to scrBatchSize() existing keys must be returned in key order.
+% A callback module implementing this and also the load_dst_after_key callback signals that it wants
+% to do override source loading for cleanup or c/r combined processing.
+% Returning less than scrBatchSize() items does not prevent further calls of this function.
+% If called again in same cycle, {ok, [], scrState()} must be returned.
+-callback load_src_after_key(LastSeen::scrAnyKey()|scrAnyKeyVal(), scrBatchSize(), scrState()) ->
+            {ok, scrAnyKeys(), scrState()} | 
+            {ok, scrAnyKeyVals(), scrState()} | 
+            {error, term(), scrState()}.
+
+% bulk load one batch of kv-pairs for combined cleanup/refresh from destination.
+% A callback module implementing this and load_src_after_key signals that it wants
+% to do a cleanup/refresh combined processing.
+% Returning less than scrBatchSize() items does not prevent further calls of this function.
+% If called again in same cycle, {ok, [], scrState()} must be returned.
+-callback load_dst_after_key(LastSeen::scrAnyKey()|scrAnyKeyVal(), scrBatchSize(), scrState()) ->
+            {ok, scrAnyKeys(), scrState()} | 
+            {ok, scrAnyKeyVals(), scrState()} | 
+            {error, term(), scrState()}.
+
+-optional_callbacks([ do_cleanup/2  % simple cleanup (or simple cleanup/refresh)
+                    , do_cleanup/4  % cleanup with inserts and deletes only (no updates)
+                    , do_cleanup/5  % cleanup/refresh with updates on KV-Pairs
+                    , load_src_after_key/3 % overrides cleanup or c/r source loading
+                    , load_dst_after_key/3 % overrides cleanup or c/r destination loading
                     ]).
 
-% chunked cleanup context
--record(cleanup_ctx,{ srcKeys          :: scrAnyKeys()| scrAnyKeyVal() % ?????
-                    , srcCount         :: integer()
-                    , dstKeys          :: scrAnyKeys()| scrAnyKeyVal() % ?????
-                    , dstCount         :: integer()
+% chunked cleanup context where scrAnyKeyVal() types are used for c/r combination
+-record(cleanup_ctx,{ srcKeys          :: scrAnyKeys()| scrAnyKeyVal()
+                    , srcCount         :: integer()   % length(srcKeys)
+                    , dstKeys          :: scrAnyKeys()| scrAnyKeyVal()
+                    , dstCount         :: integer()   % length(dstKeys)
                     , bulkCount        :: scrBatchSize()
-                    , minKey           :: scrAnyKey() | scrAnyKeyVal() % ?????
-                    , maxKey           :: scrAnyKey() | scrAnyKeyVal() % ?????
-                    , lastKey          :: scrAnyKey() | scrAnyKeyVal() % ?????
-                    , deletes = []     :: scrAnyKeys() | scrAnyKeyVals()
-                    , inserts = []     :: scrAnyKeys() | scrAnyKeyVals()
-                    , differences = [] :: scrAnyKeys() | scrAnyKeyVals()
+                    , minKey           :: scrAnyKey() | scrAnyKeyVal()
+                    , maxKey           :: scrAnyKey() | scrAnyKeyVal()
+                    , lastKey          :: scrAnyKey() | scrAnyKeyVal()
+                    , deletes = []     :: scrAnyKeys()  % Keys to be deleted
+                    , inserts = []     :: scrAnyKeys()  % Keys to be inserted
+                    , differences = [] :: scrAnyKeys()  % Keys to modify values
                     }).
 
 % Debug macros
@@ -301,7 +341,7 @@ execute(cleanup, Mod, Job, State, #{cleanup:=true} = Args) ->
                 LastAttempt =< LastSuccess ->
                     ?JInfo("Starting cleanup cycle"),
                     case Args of
-                        #{stats := #{cleanup_count := CC} = Stats} ->
+                        #{stats := #{cleanup_count:=CC} = Stats} ->
                             Args#{stats => Stats#{cleanup_count => CC + 1}};
                         Args ->
                             Stats = maps:get(stats, Args, #{}),
@@ -309,7 +349,7 @@ execute(cleanup, Mod, Job, State, #{cleanup:=true} = Args) ->
                     end;
                 true ->
                     case Args of
-                        #{stats := #{cleanup_count := CC} = Stats} ->
+                        #{stats := #{cleanup_count:=CC} = Stats} ->
                             Args#{stats => Stats#{cleanup_count => CC + 1}};
                         Args ->
                             ?JInfo("Resuming cleanup cycle"),
@@ -341,31 +381,31 @@ execute(cleanup, Mod, Job, State, #{cleanup:=true} = Args) ->
                     % launch simple cleanup cycle using do_cleanup/2
                     [State1, CleanupBulkCount];
                 true ->
-                    % launch cleanup/refresh combined processing using do_cleanup/5 or do_cleanup/4
+                    % launch cleanup processing using do_cleanup/4 on scalar keys
+                    % launch cleanup/refresh combined processing using do_cleanup/5 on kv-pairs
+                    % note: Key also used here in the sense of kv-pairs (KVP) where the value can itself
+                    % be structured (e.g. {Content::map(), Meta::map()} in Office365 contact sync)  
                     #{minKey:=MinKey, maxKey:=MaxKey, lastKey:=LastKey} = CleanupState,
-                    Ctx = #cleanup_ctx{ minKey=MinKey, maxKey=MaxKey
-                                      , lastKey=LastKey, bulkCount=CleanupBulkCount},
+                    Ctx = #cleanup_ctx{ minKey=MinKey, maxKey=MaxKey, lastKey=LastKey
+                                      , bulkCount=CleanupBulkCount},
                     {RefreshCollectResult, State2} = cleanup_refresh_collect(Mod,Ctx,State1),
                     Deletes = maps:get(deletes,RefreshCollectResult),
                     Inserts = maps:get(inserts,RefreshCollectResult),
                     Diffs = maps:get(differences,RefreshCollectResult),
                     NextLastKey = maps:get(lastKey,RefreshCollectResult),
-                    % update last key ToDO: This is UGLY. To be cast into functions !!!!
-                    case dperl_dal:select(
-                           ?JOBDYN_TABLE,
-                           [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}]) of
-                        {[#dperlNodeJobDyn{state = #{cleanup := OldCleanupState}
-                                          = NodeJobDynState}], true}
-                          when is_map(OldCleanupState) ->
+                    % update last key ToDo: This is UGLY. To be cast into functions !!!!
+                    MatchSpec = [{#dperlNodeJobDyn{name=Job,_='_'},[],['$_']}],
+                    case dperl_dal:select(?JOBDYN_TABLE, MatchSpec) of
+                        {[#dperlNodeJobDyn{state = #{cleanup:=OldState} = NodeJobDyn}], true} 
+                          when is_map(OldState) ->
                             dperl_dal:update_job_dyn(
                               Job,
-                              NodeJobDynState#{
+                              NodeJobDyn#{
                                 cleanup =>
                                 (case Args1 of
-                                    #{stats := #{cleanup_count := CC2}} ->
-                                        OldCleanupState#{count => CC2};
-                                    Args1 -> OldCleanupState
-                                 end)#{lastKey => NextLastKey}});
+                                    #{stats := #{cleanup_count:=CC2}} ->    OldState#{count=>CC2};
+                                    Args1 ->                                OldState
+                                 end)#{lastKey=>NextLastKey}});
                         _ -> ok
                     end,
                     cleanup_log("Orphan", Deletes),
@@ -511,18 +551,24 @@ execute(finish, Mod, Job, State, Args) ->
     ?RESTART_AFTER(?CYCLE_ALWAYS_WAIT(Mod, Job), Args),
     State.
 
+
+%% evaluate cycle status by 
 -spec get_cycle_state(scrCycle(), jobName()) -> scrCycleState().
-get_cycle_state(Cycle, Job) when (Cycle==cleanup orelse Cycle==refresh) andalso is_binary(Job) ->
+get_cycle_state(Cycle, Name) when (Cycle==cleanup orelse Cycle==refresh) andalso is_binary(Name) ->
     maps:merge(
         if 
-            Cycle==cleanup ->   #{minKey => -1, maxKey => <<255>>, lastKey => 0};
-            true ->             #{}
+            Cycle==cleanup ->   
+                #{minKey=>?SCR_MIN_KEY, maxKey=>?SCR_MAX_KEY, lastKey=>?SCR_INIT_KEY};
+            true ->             
+                #{}
         end,
         case dperl_dal:select(
                 ?JOBDYN_TABLE, 
-                [{#dperlNodeJobDyn{name=Job,state='$1',_='_'},[],['$1']}]) of
-            {[#{Cycle:=CycleState}], true} when is_map(CycleState) -> CycleState;
-            {_, true} -> #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+                [{#dperlNodeJobDyn{name=Name, state='$1', _='_'}, [], ['$1']}]) of
+            {[#{Cycle:=CycleState}], true} when is_map(CycleState) -> 
+                CycleState;
+            {_, true} -> 
+                #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
         end).
 
 % update dperlNodeJobDyn table according to planned action, reset statistics 
@@ -539,7 +585,7 @@ set_cycle_state(Cycle, Job, Action, Stats0)
         {[#dperlNodeJobDyn{state=#{Cycle:=CycleState0}} = NJD], true} when is_map(CycleState0) ->            
             {NJD, CycleState0};
         {[#dperlNodeJobDyn{} = NJD], true} ->
-            {NJD, #{lastAttempt=>imem_meta:time(), lastSuccess=>?EPOCH}} % ToDo: Should it be imem_meta:time() ????
+            {NJD, #{lastAttempt=>imem_meta:time(), lastSuccess=>?EPOCH}}
         end,
     {CycleState2, Stats1} = case maps:get(count, Stats0, '$not_found') of
         '$not_found' -> {CycleState1, Stats0};
@@ -561,35 +607,50 @@ set_cycle_state(Cycle, Job, Action, Stats0)
 
 % default callbacks
 
+%% default scheduling delays according to configured
 -spec should_cleanup(ddTimestamp(), ddTimestamp(), 
-                     scrMsecInterval(), scrMsecInterval()) -> true | false.
+                     scrBatchInterval(), scrCycleInterval()) -> true | false.
 should_cleanup(LastAttempt, LastSuccess, BatchInterval, CycleInterval) ->
-    if LastAttempt > LastSuccess -> 
-           imem_datatype:msec_diff(LastAttempt) > BatchInterval;
+    if LastAttempt > LastSuccess ->
+            % wait a short time between cleanup batches (100 items typically)
+            imem_datatype:msec_diff(LastAttempt) > BatchInterval;
        true ->
-           imem_datatype:msec_diff(LastSuccess) > CycleInterval
+            % wait a longer time between full cleanup cycles (all data)
+            imem_datatype:msec_diff(LastSuccess) > CycleInterval
     end.
 
--spec should_refresh(ddTimestamp(), ddTimestamp(), scrMsecInterval(), 
-                     scrMsecInterval(), scrHoursOfDay()) -> true | false.
+-spec should_refresh(ddTimestamp(), ddTimestamp(), scrBatchInterval(), 
+                     scrCycleInterval(), scrHoursOfDay()) -> true | false.
 should_refresh(LastAttempt, LastSuccess, BatchInterval, Interval, Hours) ->
     if LastAttempt > LastSuccess ->
-           imem_datatype:msec_diff(LastAttempt) > BatchInterval;
+            % wait a short time between refresh batches (100 items typically)
+            imem_datatype:msec_diff(LastAttempt) > BatchInterval;
        true ->
-           case imem_datatype:msec_diff(LastSuccess) > Interval of
+            % wait a longer time between full cleanup cycles (all data)
+            case imem_datatype:msec_diff(LastSuccess) > Interval of
                false -> false;
                true ->
-                   if length(Hours) > 0 ->
-                          {Hour,_,_} = erlang:time(),
-                          case lists:member(Hour, Hours) of
-                              true -> true;
-                              _ -> false
-                          end;
-                      true -> true
-                   end
-           end
+                    if 
+                        length(Hours) > 0 ->
+                            %% only start new cycles during listed hours
+                            {Hour,_,_} = erlang:time(),
+                            case lists:member(Hour, Hours) of
+                                true -> true;
+                                _ ->    false
+                            end;
+                        true ->
+                            % start new cycle after the configured delay
+                            true
+                    end
+            end
     end.
 
+%% implements a comparer for two objects with the same key.
+%% Are the two object values equal (in the sense that they don't
+%% need synchronisation?
+%% Default semantics used here: exact match after sorting list components
+%% The callback module can implement an override comparer which tolerate certain
+%% differences.
 -spec is_equal(scrAnyKey(), scrAnyVal(), scrAnyVal(), scrState()) -> boolean().
 is_equal(_Key, S, S, _State) -> true;
 is_equal(_Key, S, D, _State) when is_map(S), is_map(D) ->
@@ -630,16 +691,16 @@ process_events([], Mod, State, _ShouldLog, IsError) ->
     end;
 process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
     {NewIsError, NewState} = case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
-        {S, S} ->
+        {S, S} ->                        %% nothing to do
             Mod:report_status(Key, no_op, State),
-            {IsError, State}; %% nothing to do
+            {IsError, State};
         {{protected, _}, ?NOT_FOUND} -> % pusher protection
             ?JError("Protected ~p is not found on target", [Key]),
             Error = <<"Protected key is not found on target">>,
             Mod:report_status(Key, Error, State),
             dperl_dal:job_error(Key, <<"sync">>, <<"process_events">>, Error),
             {true, State};
-        {{protected, S}, D} -> % pusher protection
+        {{protected, S}, D} ->          % pusher protection
             execute_prov_fun("Protected", Mod, update_channel, [Key, true, S, D, State], ShouldLog, IsError, check);
         {{protected, IsSamePlatform, S}, D} -> % puller protection
             execute_prov_fun("Protected", Mod, update_channel, [Key, IsSamePlatform, S, D, State], ShouldLog, IsError, check);
@@ -709,8 +770,10 @@ execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError, check) ->
     end.
 
 -spec cleanup_refresh_collect(jobModule(), #cleanup_ctx{}, scrState()) ->
-    #{deletes => scrAnyKeys(), inserts => scrAnyKeys(), lastKey => scrAnyKey()}.
+    #{deletes => scrAnyKeyVals(), inserts => scrAnyKeyVals(), lastKey => scrAnyKeyVal()}.
 cleanup_refresh_collect(Mod, CleanupCtx, State) ->
+    % note: Key used here in the sense of key-value-pair (KVP) where the value can itself
+    % be structured (e.g. {Content::map(), Meta::map()} in Office365 contact sync)   
     #cleanup_ctx{minKey=MinKey, maxKey=MaxKey, lastKey=LastKey, bulkCount=BulkCnt} = CleanupCtx,
     CurKey = if
                  LastKey =< MinKey -> MinKey;  % throw to cycle start if getting
@@ -724,7 +787,7 @@ cleanup_refresh_collect(Mod, CleanupCtx, State) ->
             ?JError("cleanup failed at load_src_after_key : ~p", [Error]),
             dperl_dal:job_error(<<"cleanup">>, <<"load_src_after_key">>, Error),
             error({step_failed, State1});
-        SKeys -> {SKeys, State}
+        SKeys -> {SKeys, State} % deprecated simple API which returns the kv-pairs only
     end,
     {DstKeys, State4} =
     case Mod:load_dst_after_key(CurKey, BulkCnt, State2) of
@@ -733,52 +796,55 @@ cleanup_refresh_collect(Mod, CleanupCtx, State) ->
             ?JError("cleanup failed at load_dst_after_key : ~p", [Error1]),
             dperl_dal:job_error(<<"cleanup">>, <<"load_dst_after_key">>, Error1),
             error({step_failed, State3});
-        DKeys -> {DKeys, State2}
+        DKeys -> {DKeys, State2} % deprecated simple API which returns the kv-pairs only
     end,
-    {cleanup_refresh_compare(CleanupCtx#cleanup_ctx{
-        srcKeys = SrcKeys, srcCount = length(SrcKeys),
-        dstKeys = DstKeys, dstCount = length(DstKeys), lastKey = CurKey}), State4}.
-
--spec cleanup_refresh_compare(#cleanup_ctx{}) -> 
-        #{deletes=>scrAnyKeys(), differences=>scrAnyKeys()
-         , inserts=>scrAnyKeys(), lastKey=>scrAnyKey()}.
-cleanup_refresh_compare(#cleanup_ctx{
-                   srcKeys=SrcKeys, dstKeys=[], deletes=Deletes, 
-                   inserts=Inserts, minKey=MinKey, differences=Diffs,
-                   dstCount=DstCount, bulkCount=BulkCnt, srcCount=SrcCount})
+    {cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, srcCount=length(SrcKeys)
+                                                   , dstKeys=DstKeys, dstCount=length(DstKeys)
+                                                   , lastKey=CurKey}), State4}.
+
+-spec cleanup_refresh_compare(#cleanup_ctx{}) -> #{ deletes=>scrAnyKeys(), differences=>scrAnyKeys()
+                                                  , inserts=>scrAnyKeys(), lastKey=>scrAnyKey()}.
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
+                                    , deletes=Deletes,inserts=Inserts, differences=Diffs
+                                    , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt
+                                    , minKey=MinKey})
         when DstCount < BulkCnt, SrcCount < BulkCnt ->
-    Remaining = fetch_keys(SrcKeys),
+    Remaining = take_keys(SrcKeys),
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>MinKey};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys=SrcKeys, dstKeys=[], deletes=Deletes
-                            , dstCount=DstCount, inserts=Inserts, differences=Diffs})
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
+                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                    , dstCount=DstCount})
         when DstCount == 0 ->
-    Remaining = fetch_keys(SrcKeys),
+    Remaining = take_keys(SrcKeys),
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>last_key(SrcKeys)};
-cleanup_refresh_compare(#cleanup_ctx{dstKeys=[], deletes=Deletes, differences=Diffs,
-                                     inserts=Inserts, lastKey=LK}) ->
+cleanup_refresh_compare(#cleanup_ctx{ dstKeys=[]
+                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                    , lastKey=LK}) ->
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
-cleanup_refresh_compare(#cleanup_ctx{ srcCount=SrcCount, dstKeys=DstKeys,bulkCount=BulkCnt
-                                    , minKey=MinKey, srcKeys=[], deletes=Deletes
-                                    , inserts=Inserts, dstCount=DstCount, differences=Diffs})
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], dstKeys=DstKeys, minKey=MinKey
+                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                    , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt})
         when SrcCount < BulkCnt, DstCount < BulkCnt ->
-    Remaining = fetch_keys(DstKeys),
+    Remaining = take_keys(DstKeys),
     #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>MinKey};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], deletes=Deletes, inserts=Inserts
-                                    , dstKeys=DstKeys, differences=Diffs, srcCount=SrcCount}) 
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], dstKeys=DstKeys
+                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                    , srcCount=SrcCount}) 
         when SrcCount == 0 ->
-    Remaining = fetch_keys(DstKeys),
+    Remaining = take_keys(DstKeys),
     #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>last_key(DstKeys)};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], deletes=Deletes, differences=Diffs
-                                    , inserts=Inserts, lastKey=LK}) ->
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[]
+                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                    , lastKey=LK}) ->
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
 cleanup_refresh_compare(#cleanup_ctx{srcKeys=[K|SrcKeys], dstKeys=[K|DstKeys]} = CleanupCtx) ->
     cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
-                                                  , lastKey = last_key([K])});
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[{K, _} | SrcKeys], dstKeys=[{K, _} | DstKeys]
+                                                  , lastKey=last_key([K])});
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[{K, _}|SrcKeys], dstKeys=[{K, _}|DstKeys]
                                     , differences=Diffs} = CleanupCtx) ->
     cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
-                                                  , lastKey=K, differences=[K | Diffs]});
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK | DstKeys]
+                                                  , lastKey=K, differences=[K|Diffs]});
+cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK|DstKeys]
                                     , inserts=Inserts, deletes=Deletes} = CleanupCtx) ->
     case {last_key([SK]), last_key([DK])} of
         {K1, K2} when K1 < K2 -> cleanup_refresh_compare(
@@ -787,12 +853,12 @@ cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK | DstKey
             CleanupCtx#cleanup_ctx{dstKeys=DstKeys, deletes=[K2|Deletes], lastKey=K2})
     end.
 
--spec fetch_keys(scrAnyKeys()) -> scrAnyKeys().
-fetch_keys([]) -> [];
-fetch_keys([{_, _} | _] = KVs) -> [K || {K, _} <- KVs];
-fetch_keys(Keys) -> Keys.
+-spec take_keys(scrAnyKeys()|scrAnyKeyVals()) -> scrAnyKeys().
+take_keys([]) -> [];
+take_keys([{_, _} | _] = KVs) -> [K || {K, _} <- KVs];
+take_keys(Keys) -> Keys.
 
--spec last_key(scrAnyKeys()) -> scrAnyKey().
+-spec last_key(scrAnyKeys()|scrAnyKeyVals()) -> scrAnyKey().
 last_key([{_, _} | _] = KVs) -> element(1, lists:last(KVs));
 last_key(Keys) -> lists:last(Keys).
 
@@ -830,8 +896,7 @@ cleanup_refresh_compare_test() ->
     DstKeys = lists:usort([rand:uniform(3000) || _ <- lists:seq(1, DstCount)]),
     {#{deletes := Dels, inserts := Ins}, _} =
     cleanup_refresh_collect(?MODULE,
-                #cleanup_ctx{minKey = -1, maxKey = <<255>>,
-                             lastKey = 0, bulkCount = BulkCnt},
+                #cleanup_ctx{minKey=?SCR_MIN_KEY, maxKey=?SCR_MAX_KEY, lastKey=?SCR_INIT_KEY, bulkCount=BulkCnt},
                 {SrcKeys, DstKeys}),
     Cleaned = lists:sort(lists:foldr(fun(K, Acc) ->
                 case lists:member(K, Dels) of
@@ -844,18 +909,18 @@ cleanup_refresh_compare_test() ->
 
 complete_cleanup_refresh(AllSrcKeys, AllDstKeys) ->
     BulkCnt = 100,
-    MaxKey = <<255>>,
-    Ctx = #cleanup_ctx{minKey = -1, maxKey = MaxKey, lastKey = 0, 
-                       bulkCount = BulkCnt},
-    #{deletes := Dels, differences := Diffs, inserts := Ins} = cleanup_refresh_loop(Ctx, 0, {AllSrcKeys, AllDstKeys}, #{}),
+    MaxKey = ?SCR_MAX_KEY,
+    Ctx = #cleanup_ctx{minKey=?SCR_MIN_KEY, maxKey=MaxKey, lastKey=?SCR_INIT_KEY, bulkCount=BulkCnt},
+    #{deletes:=Dels, differences:=Diffs, inserts:=Ins} = 
+            cleanup_refresh_loop(Ctx, ?SCR_INIT_KEY, {AllSrcKeys, AllDstKeys}, #{}),
     Cleaned = lists:usort(lists:foldr(fun(K, Acc) ->
                 case lists:member(K, Dels) of
                     true -> 
                         lists:delete(K, Acc);
                     false -> Acc
                 end
-            end, fetch_keys(AllDstKeys), Dels) ++ Ins),
-    ?assertEqual(Cleaned, lists:usort(fetch_keys(AllSrcKeys))),
+            end, take_keys(AllDstKeys), Dels) ++ Ins),
+    ?assertEqual(Cleaned, lists:usort(take_keys(AllSrcKeys))),
     Diffs1 = lists:usort(lists:foldl(
                 fun({K, V}, Acc) -> 
                     case lists:keyfind(K, 1, AllDstKeys) of
@@ -868,15 +933,14 @@ complete_cleanup_refresh(AllSrcKeys, AllDstKeys) ->
     ?assertEqual(Diffs1, lists:usort(Diffs)).
 
 complete_cleanup_refresh(AllSrcKeys, AllDstKeys, BulkCnt) ->
-    MaxKey = <<255>>,
-    Ctx = #cleanup_ctx{minKey = -1, maxKey = MaxKey, lastKey = 0, 
-                       bulkCount = BulkCnt},
+    MaxKey = ?SCR_MAX_KEY,
+    Ctx = #cleanup_ctx{minKey=?SCR_MIN_KEY, maxKey=MaxKey, lastKey=?SCR_INIT_KEY, bulkCount=BulkCnt},
     cleanup_refresh_collect(?MODULE, Ctx, {AllSrcKeys, AllDstKeys}).
 
-cleanup_refresh_loop(_, -1, _, Acc) -> Acc;
+cleanup_refresh_loop(_, ?SCR_MIN_KEY, _, Acc) -> Acc;
 cleanup_refresh_loop(Ctx, CurKey, AllKeys, Acc) ->
-    {#{deletes := Dels, differences := Diffs, inserts := Ins, lastKey := LastKey}, _} = 
-    cleanup_refresh_collect(?MODULE, Ctx#cleanup_ctx{lastKey = CurKey}, AllKeys),
+    {#{deletes:=Dels, differences:=Diffs, inserts:=Ins, lastKey:=LastKey}, _} = 
+        cleanup_refresh_collect(?MODULE, Ctx#cleanup_ctx{lastKey=CurKey}, AllKeys),
     NewAcc = Acc#{deletes => Dels ++ maps:get(deletes, Acc, []), 
                   differences => Diffs ++ maps:get(differences, Acc, []),
                   inserts => Ins ++ maps:get(inserts, Acc, [])},
diff --git a/src/dperl/dperl_strategy_scr.hrl b/src/dperl/dperl_strategy_scr.hrl
index 8cd95697..2e4e2bf0 100644
--- a/src/dperl/dperl_strategy_scr.hrl
+++ b/src/dperl/dperl_strategy_scr.hrl
@@ -13,17 +13,28 @@
 -type scrChannel() :: binary().
 -type scrDirection() :: push | pull.
 -type scrCycle() :: cleanup | refresh.  % stateful phases (sync is stateless)
--type scrCycleState() :: map().         % initially: #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+-type scrCycleState() :: map().         % behaviour overall state per scrCycle()
+        % initially for both: #{lastAttempt => ?EPOCH, lastSuccess => ?EPOCH}
+        % initially for cleanup: #{minKey=>?SCR_MIN_KEY, maxKey=>?SCR_MAX_KEY, lastKey=>?SCR_INIT_KEY};
+        % initially for refresh: #{}
+        % ToDo: Are keys limited to non_neg_integer() / other Erlang types ???? 
 -type scrPhase() :: sync | scrCycle().  
 -type scrBatchSize() :: integer().     
--type scrMessage() :: binary().
--type scrStatus() :: no_op | {error,term()} | scrMessage().
+-type scrMessage()   :: binary().
+-type scrErrorInfo() :: no_op | {error,term()} | scrMessage().
+-type scrDynStatus() :: map().           % what should be stored in dperlNodeJobDyn table for this job.
 -type scrOperation() :: finalize_src_events | no_log | string().  %  "Protected"|"Deleted"|"Inserted"|"Updated".
 -type scrSoftError() :: true|false|idle. % idle only used in special case where the dst is not ready and we have to do an idle wait.
                                          % true signifies the one or more events in the sync cycle resulted in an error
                                          % false means all the events were processed successfully by the sync cycle
 
 -type scrMsecInterval() :: integer().   % delays in milli-seconds
+-type scrBatchInterval() :: scrMsecInterval().  % delay from end of c or r batch to start of next
+-type scrCycleInterval() :: scrMsecInterval().  % delay from end of c or r cycle to start of next
 -type scrHoursOfDay() :: [integer()].   % execute only on these hours, [] = any hour
 
+-define(SCR_MIN_KEY, -1).               % initial MinKey value. Real keys must be bigger (in Erlang sort order)
+-define(SCR_MAX_KEY, <<255>>).          % initial MaxKey value. Real keys must be smaller (in Erlang sort order)
+-define(SCR_INIT_KEY, 0).               % initial LastKey value. Real keys must be bigger (in Erlang sort order)
+
 -endif.
\ No newline at end of file
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index ea47af89..3cb0f5c5 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -1,21 +1,39 @@
 -module(dpjob_office_365).
 
+%% implements scr puller (and later also) pusher for Office356 contact data as a c/r job.
+%% The KeyPrefix ["contacts","Office365"] can be altered to camouflage the nature of the data.
+%% This also supports multiple Office365 synchronisations on the same table, if needed 
+
+%% sync order: remKey() which is the binary contact Id on the remote side (cloud)
+%% remKey() is injected into the value as the primary value of a META attribute with one META
+%% object per sync job. Multiple cloud contact lists can be merged into one local table key range.
+%% The intermediate table (could be an encrypted skvh table). It uses an index on remKeys()
+%% for lookup and for cleanup scanning in remKey() order.
+
 -include("../dperl.hrl").
 -include("../dperl_strategy_scr.hrl").
 
 -behavior(dperl_worker).
 -behavior(dperl_strategy_scr). 
 
--type locKey() :: [string()].   % local key of a contact, e.g. ["contact","My","Ah2hA77a"]
--type locId()  :: string().     % last item in locKey() is called local id e.g. "Ah2hA77a"
--type locVal() :: map().        % local cvalue of a contact, converted to a map for processing
-%-type locBin() :: binary().     % local cvalue of a contact in binary form (often stored like that)
--type remKey() :: binary().     % remote key of a contact, called <<"id">> in Office365
--type remKeys():: [remKey()].   % list of remKey() type (e.g. DirtyKeys)
--type remVal() :: map().        % remote value of a contact (relevant fields only)
-%-type remBin() :: binary().     % remote value of a contract in raw binary JSON form
--type meta()   :: map().        % contact meta information with respect to this remote cloud
+-type remKey()  :: binary().     % remote key, <<"id">> in Office365 (cleanup sort order)
+-type remKeys() :: [remKey()].   % remote keys
+-type remVal()  :: map().        % remote value of a contact (relevant fields only)
+-type remMeta() :: map().        % contact meta information with respect to this remote cloud
+-type remKVP()  :: {remKey(), {remVal(), remMeta()}}.    % remote key value pair
+-type remKVPs() :: [remKVP()].   % list of remote key value pairs 
+
+-type locKey()  :: [string()].   % local key of a contact, e.g. ["contact","My","Ah2hA77a"]
+-type locId()   :: string().     % last item in locKey() is called local id e.g. "Ah2hA77a"
+-type locVal()  :: map().        % sync relevant part of local cvalue of a contact
+-type locMeta() :: map().        % meta part of local cvalue of a contact
+-type locKVP()  :: {remKey(), {locVal(), locMeta()}}.    % local key value pair
+-type locKVPs() :: [locKVP()].   % local key value pairs
 
+-type token()   :: binary().     % OAuth access token (refreshed after 'unauthorized')
+
+-define(COMPARE_MIN_KEY, <<>>).     % cleanup traversal by external id, scan starting after this key  
+-define(COMPARE_MAX_KEY, <<255>>>). % scan ending at or beyond this key  
 
 -define(OAUTH2_CONFIG(__JOB_NAME), 
             ?GET_CONFIG(oAuth2Config,
@@ -59,26 +77,32 @@
 -define(CONTENT_ATTRIBUTES(__JOB_NAME),
             ?GET_CONFIG(contactAttributes,
             [__JOB_NAME],
-            [<<"businessPhones">>,<<"mobilePhone">> %,<<"title">> ,<<"personalNotes">>
-            ,<<"companyName">>,<<"emailAddresses">> % ,<<"middleName">>,<<"businessHomePage">>
-            ,<<"assistantName">>,<<"department">> % ,<<"children">>,<<"officeLocation">>
-            ,<<"profession">>,<<"givenName">>,<<"categories">>,<<"jobTitle">> % ,<<"nickName">>,<<"yomiGivenName">>
-            ,<<"surname">>,<<"imAddresses">>,<<"businessAddress">> % ,<<"spouseName">>,<<"yomiSurname">>
-            ,<<"manager">> % ,<<"generation">>,<<"initials">>,<<"displayName">>
-            % ,<<"homeAddress">>,<<"otherAddress">>,<<"homePhones">>,<<"fileAs">>,<<"yomiCompanyName">>,<<"birthday">>
+            [<<"companyName">>
+            ,<<"givenName">>,<<"surname">>,<<"jobTitle">>,<<"profession">>
+            %,<<"emailAddresses">>,<<"businessPhones">>,<<"mobilePhone">>,<<"homePhones">>,<<"imAddresses">>
+            %,<<"department">>,<<"manager">>,<<"assistantName">> 
+            %,<<"businessAddress">>
+            %,<<"officeLocation">>,<<"businessHomePage">>
+            %,<<"displayName">>,<<"title">>,<<"middleName">>,<<"initials">>,<<"nickName">>
+            %,<<"birthday">>,<<"categories">>,<<"personalNotes">>
+            %,<<"spouseName">>,<<"children">>,<<"generation">>
+            %,<<"yomiSurname">>,<<"yomiGivenName">>,<<"yomiCompanyName">>
+            %,<<"homeAddress">>,<<"otherAddress">>,<<"fileAs">>
             ], 
             "Attributes to be synced for Office365 contact data"
             )
        ).
 
 -define(META_ATTRIBUTES(__JOB_NAME),
-            ?GET_CONFIG(contactAttributes,
+            ?GET_CONFIG(metaAttributes,
             [__JOB_NAME],
             [<<"id">>
-            ,<<"lastModifiedDateTime">>
-            ,<<"changeKey">>            %,<<"parentFolderId">>,<<"createdDateTime">>
+            %,<<"lastModifiedDateTime">>
+            %,<<"changeKey">>
+            %,<<"parentFolderId">>
+            %,<<"createdDateTime">>
             ], 
-            "Attributes used for Office365 contact change tracking"
+            "Meta attributes used for Office365 contact change tracking"
             )
        ).
 
@@ -95,28 +119,21 @@
 % contacts graph api
 % https://docs.microsoft.com/en-us/graph/api/resources/contact?view=graph-rest-1.0
 
-%% remote item (single contact info in cache)
--record(remItem,    { remKey                    :: remKey() % remote key (id) 
-                    , meta                      :: meta()   % META information (id, ...)
-                    , content                   :: remVal() % relevant contact info to be synced
-                    }).
-
 %% scr processing state
 -record(state,      { name                      :: jobName()
                     , type = pull               :: scrDirection()
                     , channel                   :: scrChannel()     % channel name
                     , keyPrefix                 :: locKey()         % key space prefix in channel
                     , tokenPrefix               :: locKey()         % without id #token#
-                    , token                     :: map()            % token info as stored under #token#
-                    , apiUrl                    :: binary()
-                    , fetchUrl                  :: binary()
-                    , dirtyKeys = []            :: remKeys()        % needing insert/update/delete
-                    , remItems = []             :: list(#remItem{}) % cache for cleanup / ToDo: remove
-                    , isConnected = true        :: boolean()
+                    , token                     :: token()          % access token binary
+                    , apiUrl                    :: string()
+                    , fetchUrl                  :: string()
+                    , cycleBuffer = []          :: remKVPs() | remKVPs() % dirty buffer for one c/r cycle
+                    , isConnected = true        :: boolean()        % fail unauthorized on first use
                     , isFirstSync = true        :: boolean()
                     , isCleanupFinished = true  :: boolean()
                     , auditStartTime = {0,0}    :: ddTimestamp()    % UTC timestamp {Sec,MicroSec}
-                    , template  = ?NOT_FOUND    :: ?NOT_FOUND|map() % empty contact with default values 
+                    , template  = #{}           :: locVal()         % empty contact with default values 
                     , accountId                 :: ddEntityId()     % data owner
                     }).
 
@@ -145,241 +162,328 @@
         , get_key_prefix/1
         ]).
 
+-spec get_auth_config() -> map().
 get_auth_config() -> ?OAUTH2_CONFIG(<<>>).
 
+-spec get_auth_config(jobName()) -> map().
 get_auth_config(JobName) -> ?OAUTH2_CONFIG(JobName).
 
+-spec get_auth_token_key_prefix() -> locKey().
 get_auth_token_key_prefix() -> ?OAUTH2_TOKEN_KEY_PREFIX(<<>>).
 
+-spec get_auth_token_key_prefix(jobName()) -> locKey().
 get_auth_token_key_prefix(JobName) -> ?OAUTH2_TOKEN_KEY_PREFIX(JobName).
 
+-spec get_key_prefix() -> locKey().
 get_key_prefix() -> ?KEY_PREFIX(<<>>).
 
+-spec get_key_prefix(jobName()) -> locKey().
 get_key_prefix(JobName) -> ?KEY_PREFIX(JobName).
 
 % determine the local id as the last piece of ckey (if available) 
-%           or hash of remote id (if new to local store)
-% this id is a string representing a hash of the remote id
--spec local_id(locKey()) -> locId().
-local_id(Key) when is_list(Key) -> lists:last(Key).
-
+%-spec local_id(locKey()) -> locId().
+%local_id(Key) when is_list(Key) -> lists:last(Key).
 
 % calculate a new local id as a string representing the hash of the remote key (id)
--spec new_local_id(remKey()) -> locKey().
+-spec new_local_id(remKey()) -> locId().
 new_local_id(RemKey) when is_binary(RemKey) -> io_lib:format("~.36B",[erlang:phash2(RemKey)]).
 
+-spec get_local_key(remKey(), jobName(), scrChannel(), locKey()) -> locKey() | ?NOT_FOUND.
+get_local_key(Id, _Name, Channel, KeyPrefix) ->
+    Stu = {?CONTACT_INDEXID,Id}, 
+    case dperl_dal:read_channel_index_key_prefix(Channel, Stu, KeyPrefix) of 
+        [] ->       ?NOT_FOUND;
+        [Key] ->    Key     % ToDo: Check/filter with META key = Name
+    end.
+
 % convert list of remote values (already maps) to list of {Key,RemoteId,RemoteValue} triples
 % which serves as a lookup buffer of the complete remote state, avoiding sorting issues
--spec format_remote_values_to_kv(remVal(), locKey(), jobName()) -> remVal(). 
-format_remote_values_to_kv(Values, KeyPrefix, JobName) ->
-    format_remote_values_to_kv(Values, KeyPrefix, JobName, []).
-
-format_remote_values_to_kv([], _KeyPrefix, _JobName, Acc) -> Acc;
-format_remote_values_to_kv([Value|Values], KeyPrefix, JobName, Acc) -> 
-    #{<<"id">> := RemoteId} = Value,        
-    Key = KeyPrefix ++ [new_local_id(RemoteId)],
-    format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
-
-% format remote or local value by projecting it down to configured list of synced (meta + content) attributes
-format_value(Value, JobName) when is_map(Value) -> 
-    maps:with(?META_ATTRIBUTES(JobName)++?CONTENT_ATTRIBUTES(JobName), Value).
+% -spec format_remote_values_to_kv(remVal(), locKey(), jobName()) -> remVal(). 
+% format_remote_values_to_kv(Values, KeyPrefix, JobName) ->
+%     format_remote_values_to_kv(Values, KeyPrefix, JobName, []).
+
+% format_remote_values_to_kv([], _KeyPrefix, _JobName, Acc) -> Acc;
+% format_remote_values_to_kv([Value|Values], KeyPrefix, JobName, Acc) -> 
+%     #{<<"id">> := RemoteId} = Value,        
+%     Key = KeyPrefix ++ [new_local_id(RemoteId)],
+%     format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
+
+% format remote value into a special KV pair with seperated contact- and meta-maps
+% by projecting out syncable attributes(content / meta)
+-spec remote_kvp(remVal(), jobName()) -> remKVP().
+remote_kvp(#{<<"id">>:=Id} = Value, Name) when is_map(Value) -> 
+    {Id, {maps:with(?CONTENT_ATTRIBUTES(Name), Value), maps:with(?META_ATTRIBUTES(Name), Value)}}.
+
+% format local value into a local KV pair
+% by projecting out syncable attributes(content / meta)
+-spec local_kvp(remKey(), locVal(), jobName()) -> locKVP().
+local_kvp(Id, Value, Name) when is_map(Value) -> 
+    {Id, {maps:with(?CONTENT_ATTRIBUTES(Name), Value), maps:with(?META_ATTRIBUTES(Name), Value)}}.
 
 -spec connect_check_src(#state{}) -> {ok,#state{}} | {error,any()} | {error,any(), #state{}}.
 connect_check_src(#state{isConnected=true} = State) ->
     {ok, State};
-connect_check_src(#state{isConnected=false, accountId=AccountId, tokenPrefix=TokenPrefix} = State) ->
+connect_check_src(#state{isConnected=true, type=push} = State) ->
+    {ok, State#state{isConnected=true}};
+connect_check_src(#state{isConnected=false, type=pull, accountId=AccountId, tokenPrefix=TokenPrefix} = State) ->
     ?JTrace("Refreshing access token"),
     case dderl_oauth:refresh_access_token(AccountId, TokenPrefix, ?SYNC_OFFICE365) of
-        {ok, Token} ->
-            ?Info("new access token fetched"),
+        {ok, Token} ->      %?Info("new access token fetched"),
             {ok, State#state{token=Token, isConnected=true}};
         {error, Error} ->
-            ?JError("Unexpected response : ~p", [Error]),
+            ?JError("Unexpected response refreshing access token: ~p", [Error]),
             {error, Error, State}
     end.
 
 -spec get_source_events(#state{}, scrBatchSize()) -> 
-        {ok,remKeys(),#state{}} | {ok,sync_complete,#state{}}. % {error,scrAnyKey()}
-get_source_events(#state{auditStartTime=LastStartTime, type=push,
-            channel=Channel, isFirstSync=IsFirstSync} = State, BulkSize) ->
-    case dperl_dal:read_audit_keys(Channel, LastStartTime, BulkSize) of
-        {LastStartTime, LastStartTime, []} ->
-            if
-                IsFirstSync -> 
-                    ?JInfo("Audit rollup is complete"),
-                    {ok, sync_complete, State#state{isFirstSync=false}};
-                true -> 
-                    {ok, sync_complete, State}
-            end;
-        {_StartTime, NextStartTime, []} ->
-            {ok, [], State#state{auditStartTime=NextStartTime}};
-        {_StartTime, NextStartTime, Keys} ->
-            UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
-            {ok, UniqueKeys, State#state{auditStartTime=NextStartTime}}
-    end;
-get_source_events(#state{dirtyKeys=[]} = State, _BulkSize) ->
+        {ok, remKVPs(), #state{}} | {ok, sync_complete, #state{}}. % {error,scrAnyKey()}
+% get_source_events(#state{auditStartTime=LastStartTime, type=push,
+%             channel=Channel, isFirstSync=IsFirstSync} = State, BulkSize) ->
+%     case dperl_dal:read_audit_keys(Channel, LastStartTime, BulkSize) of
+%         {LastStartTime, LastStartTime, []} ->
+%             if
+%                 IsFirstSync -> 
+%                     ?JInfo("Audit rollup is complete"),
+%                     {ok, sync_complete, State#state{isFirstSync=false}};
+%                 true -> 
+%                     {ok, sync_complete, State}
+%             end;
+%         {_StartTime, NextStartTime, []} ->
+%             {ok, [], State#state{auditStartTime=NextStartTime}};
+%         {_StartTime, NextStartTime, Keys} ->
+%             UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
+%             {ok, UniqueKeys, State#state{auditStartTime=NextStartTime}}
+%     end;
+get_source_events(#state{cycleBuffer=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{dirtyKeys=DirtyKeys} = State, _BulkSize) ->
-    ?Info("get_source_events result count ~p~n~p",[length(DirtyKeys), hd(DirtyKeys)]),
-    {ok, DirtyKeys, State#state{dirtyKeys=[]}}.
+get_source_events(#state{cycleBuffer=CycleBuffer} = State, _BulkSize) ->
+    ?Info("get_source_events result count ~p~n~p",[length(CycleBuffer), hd(CycleBuffer)]),
+    {ok, CycleBuffer, State#state{cycleBuffer=[]}}.
 
-- spec connect_check_dst(#state{}) -> {ok, #state{}}. % {error,any()} | {error,any(),#state{}}
-connect_check_dst(State) -> {ok, State}.    % Question: Why defaulted for push destination?
+- spec connect_check_dst(#state{}) -> {ok, #state{}}. % | {error, term()} | {error, term(), #state{}}
+connect_check_dst(State) -> {ok, State}.    % ToDo: Maybe implement for push destination?
 
 do_refresh(_State, _BulkSize) -> {error, cleanup_only}. % using cleanup/refresh combined
 
--spec fetch_src(remKey(), #state{}) -> ?NOT_FOUND | locVal() | remVal().
-fetch_src(Key, #state{channel=Channel, type=push}) ->
-    dperl_dal:read_channel(Channel, Key);
-fetch_src(Key, #state{remItems=RemItems, type=pull}) ->
-    case lists:keyfind(Key, 1, RemItems) of
-        {Key, _RemoteId, Value} -> Value;
-        false -> ?NOT_FOUND
+-spec fetch_src(remKey(), #state{}) -> ?NOT_FOUND | {remVal(), remMeta()}.
+% fetch_src(Key, #state{channel=Channel, type=push}) ->
+%     dperl_dal:read_channel(Channel, Key);
+fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token} = State) -> 
+    ContactUrl = ApiUrl ++ binary_to_list(Id),
+    ?JTrace("Fetching contact with url : ~s", [ContactUrl]),
+    case exec_req(ContactUrl, Token) of
+        {error, unauthorized} ->        reconnect_exec(State, fetch_src, [Id]);
+        {error, Error} ->               {error, Error, State};
+        #{<<"id">> := _} = RemVal ->    remote_kvp(RemVal, Name);
+        _ ->                            ?NOT_FOUND
     end.
 
--spec fetch_dst(remKey(), #state{}) -> ?NOT_FOUND | locVal() | remVal().
-fetch_dst(Key, #state{ name=Name, remItems=RemItems, type=push
-                     , apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, RemItems) of
-        {Key, RemoteId, _Value} -> 
-            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, Token) of
-                #{<<"id">> := _} = RValue ->    format_value(RValue, Name);
-                {error, unauthorized} ->        reconnect_exec(State, fetch_dst, [Key]);
-                {error, Error} ->               {error, Error};
-                _ ->                            ?NOT_FOUND
-            end; 
-        false -> 
-            ?NOT_FOUND
-    end;
-fetch_dst(Key, #state{channel=Channel}) ->
-    dperl_dal:read_channel(Channel, Key).
-
--spec insert_dst(remKey(), remVal()|locVal(), #state{}) -> {error, any()}.
-insert_dst(Key, Value, #state{type=push, apiUrl=ApiUrl, token=Token} = State) ->
-    case exec_req(ApiUrl, Token, Value, post) of
-        #{<<"id">> := _} = RemoteValue ->   merge_meta_to_local(Key, RemoteValue, State);
-        {error, unauthorized} ->            reconnect_exec(State, insert_dst, [Key, Value]);
-        {error, Error} ->                   {error, Error}
-    end;
-insert_dst(Key, Value, State) ->
-    Result = update_dst(Key, Value, State),
-    ?Info("insert_dst ~p~n~p~nresult ~p",[Key, Value, Result]),
-    Result.
-
-merge_meta_to_local(Key, RemoteValue, #state{channel=Channel, tokenPrefix=TokenPrefix} = State) ->
-    AccessId = access_id(TokenPrefix),
-    MetaItem = #{<<"id">> => maps:get(<<"id">>, RemoteValue)},
-    case dperl_dal:read_channel(Channel, Key) of
-        #{<<"META">> := Meta} = LocVal ->
-            case maps:merge(Meta, #{AccessId => MetaItem}) of 
-                Meta -> 
-                    ok;     % RemoteMeta already there
-                NewM ->
-                    MergedBin = imem_json:encode(LocVal#{<<"META">> => NewM}), 
-                    dperl_dal:write_channel(Channel, Key, MergedBin)
-            end;
-        LocVal ->
-            MergedBin = imem_json:encode(LocVal#{<<"META">> => MetaItem}),
-            dperl_dal:write_channel(Channel, Key, MergedBin)
-    end,
-    {false, State}.
-
-access_id(TokenPrefix) ->
-    list_to_binary(string:join(TokenPrefix,"/")).
+-spec fetch_dst(remKVP() | locKVP(), #state{}) -> ?NOT_FOUND | {locVal(), locMeta()} | {remVal(), remMeta()}.
+% fetch_dst(Key, #state{ name=Name, remItems=RemItems, type=push
+%                      , apiUrl=ApiUrl, token=Token} = State) ->
+%     case lists:keyfind(Key, 1, RemItems) of
+%         {Key, RemoteId, _Value} -> 
+%             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+%             case exec_req(ContactUrl, Token) of
+%                 #{<<"id">> := _} = RValue ->    format_value(RValue, Name);
+%                 {error, unauthorized} ->        reconnect_exec(State, fetch_dst, [Key]);
+%                 {error, Error} ->               {error, Error};
+%                 _ ->                            ?NOT_FOUND
+%             end; 
+%         false -> 
+%             ?NOT_FOUND
+%     end;
+fetch_dst(Id, #state{name=Name, channel=Channel, keyPrefix=KeyPrefix, type=pull}) ->
+    Key = get_local_key(Id, Name, Channel, KeyPrefix),
+    case dperl_dal:read_channel(Channel, Key) of 
+        ?NOT_FOUND ->   ?NOT_FOUND;
+        Value ->        local_kvp(Id, Value, Name)
+    end.
 
--spec delete_dst(remKey(), #state{}) -> {scrSoftError(), #state{}}.
-delete_dst(Key, #state{channel=Channel, type=push, remItems=RemItems, 
-                apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, RemItems) of
-        {Key, RemoteId, _Value} -> 
-            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, Token, #{}, delete) of
+-spec insert_dst(remKey(), remKVP()|locKVP(), #state{}) -> {scrSoftError(), #state{}}.
+% insert_dst(Key, Value, #state{type=push, apiUrl=ApiUrl, token=Token} = State) ->
+%     case exec_req(ApiUrl, Token, Value, post) of
+%         #{<<"id">> := _} = RemoteValue ->   merge_meta_to_local(Key, RemoteValue, State);
+%         {error, unauthorized} ->            reconnect_exec(State, insert_dst, [Key, Value]);
+%         {error, Error} ->                   {error, Error}
+%     end;
+insert_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, type=pull
+                                   , keyPrefix=KeyPrefix, template=Template} = State) ->
+    Key = KeyPrefix ++ [new_local_id(Id)],
+    ?Info("insert_dst ~p",[Key]),
+    MergedValue = maps:merge(maps:merge(Template, Value), #{<<"META">> => #{Name=>Meta}}),
+    MergedBin = imem_json:encode(MergedValue), 
+    case dperl_dal:write_channel(Channel, Key, MergedBin) of 
+        ok ->
+            {false, State};
+        {error, Error} ->   
+            ?Error("insert_dst ~p~n~p~nresult ~p",[Key, MergedBin, {error, Error}]),
+            {true, State}
+    end.
+
+-spec update_dst(remKey(), remKVP()|locKVP(), #state{}) -> {scrSoftError(), #state{}}.
+% update_dst(Key, Value, #state{name=Name, channel=Channel, type=push, 
+%                 remItems=RemItems, apiUrl=ApiUrl, token=Token} = State) ->
+%     case lists:keyfind(Key, 1, RemItems) of
+%         {Key, RemoteId, _Value} -> 
+%             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+%             case exec_req(ContactUrl, Token, Value, patch) of
+%                 #{<<"id">> := _} = RemoteValue ->
+%                     FormRemote = format_value(RemoteValue, Name),
+%                     OldValue = dperl_dal:read_channel(Channel, Key),
+%                     MergeValue = maps:merge(OldValue, FormRemote),
+%                     MergedBin = imem_json:encode(MergeValue),
+%                     dperl_dal:write_channel(Channel, Key, MergedBin),
+%                     {false, State};
+%                 {error, unauthorized} ->
+%                     reconnect_exec(State, update_dst, [Key, Value]);
+%                 {error, Error} ->
+%                     {error, Error}
+%             end;
+%         false -> 
+%             {false, State}
+%     end;
+update_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, keyPrefix=KeyPrefix
+                                         , type=pull, template=Template} = State) ->
+    Key = get_local_key(Id, Name, Channel, KeyPrefix),
+    ?Info("update_dst ~p",[Key]),
+    case dperl_dal:read_channel(Channel, Key) of
+        ?NOT_FOUND ->   
+            ?JError("update_dst key ~p not found for remote id ~p", [Key, Id]),
+            {true, State};
+        #{<<"META">> := OldMeta} = OldVal ->
+            NewMeta = maps:merge(OldMeta, #{Name => Meta}),
+            AllVal = maps:merge(Template, OldVal),
+            NewVal = maps:merge(AllVal, Value),
+            case update_local(Channel, Key, OldVal, NewVal, NewMeta) of 
                 ok ->
-                    dperl_dal:remove_from_channel(Channel, Key),
                     {false, State};
-                {error, unauthorized} ->
-                    reconnect_exec(State, delete_dst, [Key]);
-                Error ->
-                    Error
-            end;
-        false -> 
-            {false, State}
-    end;
-delete_dst(Key, #state{channel=Channel} = State) ->
+                {error, _Error} ->
+                    ?JError("update_dst cannot update key ~p to ~p", [Key, NewVal]),   
+                    {true, State}
+            end 
+    end.
+
+%% update a local contact record to new value and new metadata.
+%% create an audit log only if the value changes, not for a pure meta update.
+%% this should avoid endless provisioning loops for metadata changes only. 
+-spec update_local(scrChannel(), locKey(), remVal(), locVal(), remMeta()) -> 
+        {scrSoftError(), #state{}}.
+update_local(Channel, Key, OldVal, OldVal, NewMeta) ->
+    MergedBin = imem_json:encode(OldVal#{<<"META">> => NewMeta}),
+    dperl_dal:write_channel_no_audit(Channel, Key, MergedBin);
+update_local(Channel, Key, _OldVal, NewVal, NewMeta) ->
+    MergedBin = imem_json:encode(NewVal#{<<"META">> => NewMeta}),
+    dperl_dal:write_channel(Channel, Key, MergedBin).
+
+-spec delete_dst(remKey(), #state{}) -> {scrSoftError(), #state{}}.
+% delete_dst(Key, #state{channel=Channel, type=push, remItems=RemItems, 
+%                 apiUrl=ApiUrl, token=Token} = State) ->
+%     case lists:keyfind(Key, 1, RemItems) of
+%         {Key, RemoteId, _Value} -> 
+%             ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
+%             case exec_req(ContactUrl, Token, #{}, delete) of
+%                 ok ->
+%                     dperl_dal:remove_from_channel(Channel, Key),
+%                     {false, State};
+%                 {error, unauthorized} ->
+%                     reconnect_exec(State, delete_dst, [Key]);
+%                 Error ->
+%                     Error
+%             end;
+%         false -> 
+%             {false, State}
+%     end;
+delete_dst(Id, #state{ name=Name, channel=Channel, keyPrefix=KeyPrefix
+                     , type=pull, template=Template} = State) ->
+    Key = get_local_key(Id, Name, Channel, KeyPrefix),
     ?Info("delete_dst ~p",[Key]),
-    dperl_dal:remove_from_channel(Channel, Key),
-    {false, State}.
-
--spec update_dst(remKey(), remVal()|locVal(), #state{}) -> {scrSoftError(), #state{}}.
-update_dst(Key, Value, #state{name=Name, channel=Channel, type=push, 
-                remItems=RemItems, apiUrl=ApiUrl, token=Token} = State) ->
-    case lists:keyfind(Key, 1, RemItems) of
-        {Key, RemoteId, _Value} -> 
-            ContactUrl = erlang:iolist_to_binary([ApiUrl, RemoteId]),
-            case exec_req(ContactUrl, Token, Value, patch) of
-                #{<<"id">> := _} = RemoteValue ->
-                    FormRemote = format_value(RemoteValue, Name),
-                    OldValue = dperl_dal:read_channel(Channel, Key),
-                    MergeValue = maps:merge(OldValue, FormRemote),
-                    MergedBin = imem_json:encode(MergeValue),
-                    dperl_dal:write_channel(Channel, Key, MergedBin),
+    case fetch_dst(Id, State) of 
+        ?NOT_FOUND ->           
+            {true, state};
+        {Id, {Value, Meta}} ->
+            case maps:without(Name, Meta) of 
+                #{} ->      % no other syncs remaining for this key
+                    dperl_dal:remove_from_channel(Channel, Key),
                     {false, State};
-                {error, unauthorized} ->
-                    reconnect_exec(State, update_dst, [Key, Value]);
-                {error, Error} ->
-                    {error, Error}
-            end;
-        false -> 
-            {false, State}
-    end;
-update_dst(Key, Value, #state{channel=Channel} = State) when is_map(Value) ->
-    OldValue = dperl_dal:read_channel(Channel, Key),
-    MergeValue = maps:merge(OldValue, Value),
-    MergedBin = imem_json:encode(MergeValue),
-    dperl_dal:write_channel(Channel, Key, MergedBin),
-    {false, State}.
+                NewMeta ->  % other syncs remaining for this key
+                    NewVal = maps:merge(Template, Value),       
+                    case update_local(Channel, Key, Value, NewVal, NewMeta) of 
+                        ok ->
+                            {false, State};
+                        {error, _Error} ->
+                            ?JError("delete_dst cannot delete key ~p", [Key]),   
+                            {true, State}
+                    end 
+            end    
+    end.
 
 report_status(_Key, _Status, _State) -> no_op.
 
-load_dst_after_key(CurKey, BlkCount, #state{type=pull, keyPrefix=KeyPrefix} = State) when CurKey < KeyPrefix ->
-    load_dst_after_key(KeyPrefix, BlkCount, State);
-load_dst_after_key(CurKey, BlkCount, #state{channel=Channel, type=pull, keyPrefix=KeyPrefix}) ->
-    Filter = fun({K,_}) -> lists:prefix(KeyPrefix,K) end,
-    lists:filter(Filter, dperl_dal:read_gt(Channel, CurKey, BlkCount)).
+-spec load_dst_after_key(remKVP() | locKVP(), scrBatchSize(), #state{}) -> {ok, locKVPs(), #state{}} | {error, term(), #state{}}.
+load_dst_after_key({Id,{_,_}}, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix}) ->
+    {ok, read_local_kvps_after_id(Channel, Name, KeyPrefix, Id, BlkCount, [])};
+load_dst_after_key(_Key, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix} = State) ->
+    ?Info("load_dst_after_key for non-matching (initial) key ~p", [_Key]),
+    case read_local_kvps_after_id(Channel, Name, KeyPrefix, ?COMPARE_MIN_KEY, BlkCount, []) of 
+        L when is_list(L) ->    {ok, L, State};
+        {error, Reason} ->      {error, Reason, State}
+    end.
 
-load_src_after_key(CurKey, BlkCount, #state{type=pull, fetchUrl=undefined, apiUrl=ApiUrl} = State) ->
+%% starting after Id, run through remoteId index and collect a block of locKVP() data belonging to 
+%% this job name and keyPrefix 
+-spec read_local_kvps_after_id(scrChannel(), jobName(), locKey(), remKey(), scrBatchSize(), locKVPs()) -> locKVPs() | {error, term()}.
+read_local_kvps_after_id(_Channel, _Name, _KeyPrefix, _Id, _BlkCount, _Acc) ->
+    % lists:prefix(KeyPrefix,K)
+    [].
+
+-spec load_src_after_key(remKVP()| locKVP(), scrBatchSize(), #state{}) -> 
+        {ok, remKVPs(), #state{}} | {error, term(), #state{}}.
+load_src_after_key(_CurKVP, _BlkCount, #state{type=pull, fetchUrl=finished} = State) ->
+    {ok, [], State};
+load_src_after_key(CurKVP, BlkCount, #state{type=pull, fetchUrl=undefined, apiUrl=ApiUrl} = State) ->
     UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
-    ContactsUrl = erlang:iolist_to_binary([ApiUrl, "?", UrlParams]),
-    load_src_after_key(CurKey, BlkCount, State#state{fetchUrl=ContactsUrl});
-load_src_after_key(CurKey, BlkCount, #state{name=Name, type=pull, isCleanupFinished=true, 
-                            keyPrefix=KeyPrefix, token=Token, fetchUrl=FetchUrl} = State) ->
-    case fetch_all_contacts(FetchUrl, Token, KeyPrefix, Name) of
-        {ok, Contacts} ->
-            load_src_after_key(CurKey, BlkCount, State#state{remItems=Contacts, isCleanupFinished=false});
-        {error, unauthorized} ->
-            reconnect_exec(State, load_src_after_key, [CurKey, BlkCount]);
-        {error, Error} ->
-            {error, Error, State}
-    end;
-load_src_after_key(CurKey, BlkCount, #state{type=pull, remItems=Contacts} = State) ->
-    {ok, get_contacts_gt(CurKey, BlkCount, Contacts), State}.
+    ContactsUrl = lists:flatten([ApiUrl, "?", UrlParams]),
+    load_src_after_key(CurKVP, BlkCount, State#state{fetchUrl=ContactsUrl});
+load_src_after_key(CurKVP, BlkCount, #state{ name=Name, type=pull, token=Token
+                                           , fetchUrl=FetchUrl} = State) ->
+    ?JTrace("Fetching contacts with url : ~s", [FetchUrl]),
+    case exec_req(FetchUrl, Token) of
+        {error, unauthorized} ->    reconnect_exec(State, load_src_after_key, [CurKVP, BlkCount]);
+        {error, Error} ->           {error, Error, State};
+        #{<<"@odata.nextLink">> := NextUrl, <<"value">> := RemVals} ->
+            KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
+            ?JTrace("Fetched contacts : ~p", [length(KVPs)]),
+            %?Info("First fetched contact : ~p", [element(1,hd(KVPs))]),
+            {ok, KVPs, State#state{fetchUrl=NextUrl}};
+        #{<<"value">> := RemVals} ->        % may be an empty list
+            KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
+            ?JTrace("Last fetched contacts : ~p", [length(KVPs)]),
+            {ok, KVPs, State#state{fetchUrl=finished}}
+    end.
 
+-spec reconnect_exec(#state{}, fun(), list()) -> 
+        {scrSoftError(), #state{}} | {ok, remKVPs(), #state{}} | {error, term(), #state{}}.
 reconnect_exec(State, Fun, Args) ->
-    case connect_check_src(State#state{isConnected = false}) of
-        {ok, State1} ->
-            erlang:apply(?MODULE, Fun, Args ++ [State1]);
-        {error, Error, State1} ->
-            {error, Error, State1}
+    case connect_check_src(State#state{isConnected=false}) of
+        {ok, State1} ->             erlang:apply(?MODULE, Fun, Args ++ [State1]);
+        {error, Error, State1} ->   {error, Error, State1}
     end.
 
--spec do_cleanup(remKeys(), remKeys(), remKeys(), boolean(), #state{}) -> {ok, #state{}}. 
-do_cleanup(_Deletes, _Inserts, _Diffs, _IsFinished, #state{type = push}) ->
-    {error, <<"cleanup only for pull job">>};
-do_cleanup(Deletes, Inserts, Diffs, IsFinished, State) ->
-    NewState = State#state{dirtyKeys=Inserts++Diffs++Deletes},
-    if IsFinished ->    {ok, finish, NewState#state{isCleanupFinished=true}};
-       true ->          {ok, NewState}
+% execute cleanup/refresh for found differences (Deletes, Inserts and value Diffs)
+-spec do_cleanup(remKeys(), remKeys(), remKeys(), boolean(), #state{}) -> 
+        {ok, #state{}} | {ok, finish, #state{}} . 
+do_cleanup(Deletes, Inserts, Diffs, IsFinished, #state{type=pull} = State) ->
+    NewState = State#state{cycleBuffer=Deletes++Diffs++Inserts},
+    if 
+        IsFinished ->
+            %% deposit cleanup batch dirty results in state for sync to pick up
+            %% confirm finished cleanup cycle (last Diffs to sync in cycle)
+            %% re-arm cleanup fetching to restart with top rows in id order    
+            {ok, finish, NewState#state{fetchUrl=undefined}};
+        true ->
+            %% deposit cleanup batch dirty results in state for sync to pick up
+            {ok, NewState}
     end.
 
 get_status(#state{}) -> #{}.
@@ -409,12 +513,16 @@ init({#dperlJob{ name=Name, srcArgs=#{apiUrl:=ApiUrl}, args=Args
                                   , vnf = <<"fun imem_index:vnf_identity/1.">>
                                   , iff = ContactIff},
             dperl_dal:create_check_index(ChannelBin, [IdxContact]),
+            Template = case dperl_dal:read_channel(Channel, KeyPrefix) of 
+                ?NOT_FOUND ->           #{};
+                T when is_map(T) ->     T 
+            end,
             case dderl_oauth:get_token_info(AccountId, TokenPrefix, ?SYNC_OFFICE365) of
                 #{<<"access_token">>:=Token} ->
                     {ok, State#state{ name=Name, type=Type, channel=ChannelBin, keyPrefix=KeyPrefix
                                     , apiUrl=ApiUrl, tokenPrefix=TokenPrefix
-                                    , token=Token, accountId = AccountId
-                                    , template=dperl_dal:read_channel(Channel, KeyPrefix)}};
+                                    , token=Token, accountId=AccountId
+                                    , template=Template}};
                 _ ->
                     ?JError("Access token not found for ~p at ~p", [AccountId, TokenPrefix]),
                     {stop, badarg}
@@ -442,39 +550,9 @@ terminate(Reason, _State) ->
 
 %% private functions
 
-%% Fetch all remote contacts, create 3-tuple {Key::list(), RemoteId::binary(), RemoteValue::map())
-%% Sort by Key (needed for sync)
-fetch_all_contacts(Url, Token, KeyPrefix, JobName) ->
-    fetch_all_contacts(Url, Token, KeyPrefix, JobName, []).
-
-fetch_all_contacts(Url, Token, KeyPrefix, JobName, AccContacts) ->
-    ?JTrace("Fetching contacts with url : ~s", [Url]),
-    ?JTrace("Fetched contacts : ~p", [length(AccContacts)]),
-    case exec_req(Url, Token) of
-        #{<<"@odata.nextLink">> := NextUrl, <<"value">> := MoreContacts} ->
-            Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
-            fetch_all_contacts(NextUrl, Token, KeyPrefix, lists:append(Contacts, AccContacts));
-        #{<<"value">> := MoreContacts} ->
-            Contacts = format_remote_values_to_kv(MoreContacts, KeyPrefix, JobName),
-            {ok, lists:keysort(1, lists:append(Contacts, AccContacts))};
-        {error, Error} ->
-            {error, Error}
-    end.
-
-get_contacts_gt(CurKey, BlkCount, Contacts) ->
-    get_contacts_gt(CurKey, BlkCount, Contacts, []).
-    
-get_contacts_gt(_CurKey, _BlkCount, [], Acc) -> lists:reverse(Acc);
-get_contacts_gt(_CurKey, BlkCount, _Contacts, Acc) when length(Acc) == BlkCount ->
-    lists:reverse(Acc);
-get_contacts_gt(CurKey, BlkCount, [{Key, _} | Contacts], Acc) when Key =< CurKey ->
-    get_contacts_gt(CurKey, BlkCount, Contacts, Acc);
-get_contacts_gt(CurKey, BlkCount, [Contact | Contacts], Acc) ->
-    get_contacts_gt(CurKey, BlkCount, Contacts, [Contact | Acc]).
-
--spec exec_req(Url::binary()|string(), Token::binary()) -> tuple().
-exec_req(Url, Token) when is_binary(Url) ->
-    exec_req(binary_to_list(Url), Token);
+%% get a json object from the cloud service and convert it to a map
+%% use OAuth2 header with token
+-spec exec_req(string(), binary()) -> map() | {error, term()}.
 exec_req(Url, Token) ->
     AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
     case httpc:request(get, {Url, AuthHeader}, [], []) of
@@ -482,17 +560,21 @@ exec_req(Url, Token) ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
         {ok, {{_, 401, _}, _, _}} ->
             {error, unauthorized};
-        Error ->
-            {error, Error}
+        {error, Reason} ->
+            ?Info("exec_req get ~p returns error ~p",[Url,Reason]),
+            {error, Reason}
     end.
 
--spec exec_req(Url::binary()|string(), Token::binary(), Body::map(), Method::atom()) -> tuple().
-exec_req(Url, Token, Body, Method) when is_binary(Url), is_map(Body) ->
-    exec_req(binary_to_list(Url), Token, Body, Method);
+%% emit a cloud service request and convert json result into a map.
+%% The request body is cast from a map.
+%% use OAuth2 header with token
+-spec exec_req(string(), binary(), map(), atom()) -> ok | map() | {error, term()}.
 exec_req(Url, Token, Body, Method) ->
     AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
-    % Headers = [AuthHeader, {"Contnet-type", "application/json"}],
-    case httpc:request(Method, {Url, AuthHeader, "application/json", imem_json:encode(Body)}, [], []) of
+    case httpc:request(Method, 
+                       {Url, AuthHeader, "application/json", imem_json:encode(Body)}, 
+                       [], 
+                       []) of
         {ok, {{_, 201, _}, _, Result}} ->
             % create/post result
             imem_json:decode(list_to_binary(Result), [return_maps]);
diff --git a/src/dperl/jobs/dpjob_ouraring_crawl.erl b/src/dperl/jobs/dpjob_ouraring_crawl.erl
index 5d8f7233..a83dc02d 100644
--- a/src/dperl/jobs/dpjob_ouraring_crawl.erl
+++ b/src/dperl/jobs/dpjob_ouraring_crawl.erl
@@ -1,6 +1,6 @@
 -module(dpjob_ouraring_crawl).
 
-%% implements scr puller callback for OuraRing cloud data as a cleanupCumRefresh job (c/r)
+%% implements scr puller callback for OuraRing cloud data as a cleanup/refresh job (c/r)
 %% avoids pulling incomplete intra-day data by not pulling beyond yesterday's data
 %% the default "OuraRing" identifier can be altered to camouflage the nature of the data
 %% this also supports multiple OuraRing pullers into the same table, if needed 
@@ -27,7 +27,7 @@
                         , lastReadinessDay := maybeDate()}.     % relevant cleanup status
 -type token()       :: binary().    % OAuth access token (refreshed after 'unauthorized')
 
--define(METRICS, ["userinfo", "activity", "readiness", "sleep"]).
+-define(METRICS, ["userinfo", "readiness", "sleep", "activity"]).
 
 -define(OAUTH2_CONFIG(__JOB_NAME),
         ?GET_CONFIG(oAuth2Config,[__JOB_NAME],
@@ -161,16 +161,19 @@ insert_dst(Key, Val, State) ->
 
 report_status(_Key, _Status, _State) -> no_op.
 
+% execute simple cleanup for next batch of KVPs 
 -spec do_cleanup(#state{}, scrBatchSize()) ->
     {ok, #state{}} | {ok, finish, #state{}} | {error, term(), #state{}}.
-do_cleanup(#state{cycleBuffer=CycleBuffer} = State, _BlkCount) ->
+do_cleanup(State, _BlkCount) ->
     case fetch_metrics(?METRICS, State) of
-        {ok, State2} ->
+        {ok, #state{cycleBuffer=CycleBuffer} = State1} ->
             case CycleBuffer of
                 [_] ->  % only userinfo remains. we are done
-                    {ok, finish, State2};
+                    %?Info("do_cleanup is finished with ~p", [CycleBuffer]),
+                    {ok, finish, State1};
                 _ ->    % other items in the list, continue
-                    {ok, State2}
+                    %?Info("do_cleanup continues with ~p", [CycleBuffer]),
+                    {ok, State1}
             end;
         {error, Error} ->
             {error, Error, State#state{isConnected=false}}
@@ -324,11 +327,17 @@ fetch_metric(Metric, DayQuery, ApiUrl, Token) ->
     Url = ApiUrl ++ Metric ++ DayQuery,
     MetricBin = list_to_binary(Metric),
     case exec_req(Url, Token) of
-        #{MetricBin:=[]} ->             none;
-        Value when is_map(Value) ->     {ok, Value};
-        {error, Error} ->               {error, Error}
+        #{MetricBin:=[]} = _R ->         
+            %?Info("fetch_metric ~p ~p result none ~p",[Metric, DayQuery, _R]),
+            none;
+        Value when is_map(Value) ->     
+            %?Info("fetch_metric ~p ~p result ok",[Metric, DayQuery]),
+            {ok, Value};
+        {error, Error} ->               
+            %?Info("fetch_metric ~p ~p result error ~p",[Metric, DayQuery, Error]),
+            {error, Error}
     end.
-
+    
 %% fetch userinfo from Oura cloud and add it to the CycleBuffer
 %% userinfo comes as latest value only, no day history available
 -spec fetch_userinfo(#state{}) ->{ok, #state{}} | {error, term()}.
@@ -336,6 +345,7 @@ fetch_userinfo(#state{keyPrefix=KeyPrefix, apiUrl=ApiUrl, token=Token, cycleBuff
     case exec_req(ApiUrl ++ "userinfo", Token) of
         UserInfo when is_map(UserInfo) ->
             KVP = {build_key(KeyPrefix, "userinfo"), UserInfo},
+            %?Info("fetch_userinfo adds ~p to ~p",[KVP,CycleBuffer]),
             {ok, State#state{cycleBuffer=[KVP|CycleBuffer]}};
         {error, Error} ->
             ?JError("Error fetching userinfo : ~p", [Error]),

From ce16b94832ed66740d54498b936c325c6f5c99a8 Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Tue, 30 Jun 2020 19:17:56 +0200
Subject: [PATCH 64/72] improvements on dpjob_office_365 WIP

---
 src/dderl_oauth.erl                 |   1 +
 src/dperl/dperl_dal.erl             |  22 +++
 src/dperl/dperl_strategy_scr.erl    | 212 +++++++++++++++++-----------
 src/dperl/jobs/dpjob_office_365.erl |  44 ++++--
 4 files changed, 191 insertions(+), 88 deletions(-)

diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 438ac01b..3477d2c6 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -18,6 +18,7 @@ set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_map(TokenInf
 set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_list(TokenInfo) ->
     set_token_info(AccountId, TokenPrefix, list_to_binary(TokenInfo), SyncType);
 set_token_info(AccountId, TokenPrefix, TokenInfo, _SyncType) when is_binary(TokenInfo) ->
+    ?Info("set_token_info using ~p",[imem_enc_mnesia:get_enc_hash()]),
     dderl_dal:write_to_avatar_channel(AccountId, TokenPrefix ++ [?TOKEN_KEYPART], TokenInfo).
 
 get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index 383c6dda..8bc01da8 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -72,6 +72,7 @@
         ,read_channel_index/2
         ,read_channel_index_key/2
         ,read_channel_index_key_prefix/3
+        ,read_channel_index_key_prefix_gt/4
         ]).
 
 check_table(Table, ColumnNames, ColumnTypes, DefaultRecord, Opts) ->
@@ -154,6 +155,27 @@ read_channel_index_key_prefix(Channel, Stu, Prefix) ->
     F = fun(X) -> lists:prefix(Prefix,X) end,
     lists:filter(F, read_channel_index_key(Channel, Stu)).
 
+read_channel_index_key_prefix_gt(Channel, Stu, KeyPrefix, BlkCount) ->
+    read_channel_index_key_prefix_gt(imem_meta:index_table(Channel), Stu, KeyPrefix, BlkCount, []).
+
+read_channel_index_key_prefix_gt(_IndexTable, _Stu, _KeyPrefix, 0, Acc) -> lists:reverse(Acc);
+read_channel_index_key_prefix_gt(IndexTable, Stu, KeyPrefix, More, Acc) ->
+    case imem_meta:dirty_next(IndexTable, Stu) of 
+        '$end_of_table' ->  
+            lists:reverse(Acc);
+        Next ->
+            [Row] = imem_meta:read(IndexTable, Next), 
+            Key = sext:decode(Row#ddIndex.lnk),
+            case lists:prefix(KeyPrefix, Key) of 
+                true ->
+                    read_channel_index_key_prefix_gt( IndexTable, Next, KeyPrefix, 
+                                                      More-1, [{element(2,Next),Key}|Acc]);
+                false ->
+                    read_channel_index_key_prefix_gt( IndexTable, Next, KeyPrefix, 
+                                                      More, Acc)
+            end
+    end.
+
 read_channel_raw(Channel, Key) when is_list(Channel) ->
     read_channel_raw(list_to_binary(Channel), Key);
 read_channel_raw(Channel, Key) when is_binary(Channel) ->
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index b5c303ea..47e08614 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -42,14 +42,22 @@
 % fetch one item from source (if it exists)
 % return scrAnyVal() for cleanup
 % return scrAnyKeyVal() for c/r
+% the error pattern decides on the logging details
 -callback fetch_src(scrAnyKey() | scrAnyKeyVal() , scrState()) -> 
-            ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal().
+    ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal() | 
+    {error, term(), scrState()} | 
+    {error, term()} | 
+    error.
 
 % fetch one item from destination (if it exists)
 % return scrAnyVal() for cleanup
 % return scrAnyKeyVal() for c/r
+% the error pattern decides on the logging details
 -callback fetch_dst(scrAnyKey() | scrAnyKeyVal(), scrState()) -> 
-            ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal().
+    ?NOT_FOUND | scrAnyVal() | scrAnyKeyVal() | 
+    {error, term(), scrState()} | 
+    {error, term()} | 
+    error.
 
 % delete one item from destination (if it exists)
 % scrSoftError() = true signals that a soft error happened which is skipped without throwing
@@ -99,7 +107,11 @@
                           scrState()) -> 
             true | false.
 
-% override for value compare function
+% Compare function, used to loosen compare semantics, ignoring some differences if needed.
+% Comparisons will depend on the (FROZEN) callback state just before processing doing batch
+% comparison (sync / cleanup / refresh). This must be taken into account in the optional
+% override is_equal/4 in the callback module.
+% is_equal() is not called and assumed to be true if Erlang compares values/KVPs equal
 -callback is_equal(scrAnyKey() | scrAnyKeyVal(), scrAnyVal(), scrAnyVal(), scrState()) -> 
             true | false.
 
@@ -154,17 +166,20 @@
             {error, term()}.
 
 % bulk load one batch of keys (for cleanup) or kv-pairs (cleanup/refresh) from source.
-% up to scrBatchSize() existing keys must be returned in key order.
+% up to scrBatchSize() existing keys MUST be returned in key order.
+% Postponing trailing keys to next round is not permitted.
 % A callback module implementing this and also the load_dst_after_key callback signals that it wants
 % to do override source loading for cleanup or c/r combined processing.
 % Returning less than scrBatchSize() items does not prevent further calls of this function.
-% If called again in same cycle, {ok, [], scrState()} must be returned.
+% In that case, if called again in same cycle, {ok, [], scrState()} must be returned.
 -callback load_src_after_key(LastSeen::scrAnyKey()|scrAnyKeyVal(), scrBatchSize(), scrState()) ->
             {ok, scrAnyKeys(), scrState()} | 
             {ok, scrAnyKeyVals(), scrState()} | 
             {error, term(), scrState()}.
 
 % bulk load one batch of kv-pairs for combined cleanup/refresh from destination.
+% up to scrBatchSize() existing keys MUST be returned in key order.
+% Postponing trailing keys to next round is not permitted.
 % A callback module implementing this and load_src_after_key signals that it wants
 % to do a cleanup/refresh combined processing.
 % Returning less than scrBatchSize() items does not prevent further calls of this function.
@@ -388,7 +403,7 @@ execute(cleanup, Mod, Job, State, #{cleanup:=true} = Args) ->
                     #{minKey:=MinKey, maxKey:=MaxKey, lastKey:=LastKey} = CleanupState,
                     Ctx = #cleanup_ctx{ minKey=MinKey, maxKey=MaxKey, lastKey=LastKey
                                       , bulkCount=CleanupBulkCount},
-                    {RefreshCollectResult, State2} = cleanup_refresh_collect(Mod,Ctx,State1),
+                    {RefreshCollectResult, State2} = cleanup_refresh_collect(Mod, Ctx, State1),
                     Deletes = maps:get(deletes,RefreshCollectResult),
                     Inserts = maps:get(inserts,RefreshCollectResult),
                     Diffs = maps:get(differences,RefreshCollectResult),
@@ -680,63 +695,73 @@ process_events(Keys, Mod, State) ->
         true -> Mod:should_sync_log(State);
         false -> true
     end,
-    process_events(Keys, Mod, State, ShouldLog, false).
+    IsEqualFun = make_is_equal_fun(Mod, State), 
+    %% Note: Mod:is_equal() will see the current (FROZEN!) scrState()
+    process_events(Keys, Mod, State, ShouldLog, IsEqualFun, false).
 
--spec process_events(scrAnyKeys(), jobModule(), scrState(), boolean(), boolean()) -> 
+-spec process_events(scrAnyKeys(), jobModule(), scrState(), boolean(), fun(), boolean()) -> 
         {boolean(), scrState()}.
-process_events([], Mod, State, _ShouldLog, IsError) ->
+process_events([], Mod, State, _ShouldLog, _IsEqualFun, IsError) ->
     case erlang:function_exported(Mod, finalize_src_events, 1) of
         true -> execute_prov_fun(no_log, Mod, finalize_src_events, [State], false, IsError);
         false -> {IsError, State}
     end;
-process_events([Key | Keys], Mod, State, ShouldLog, IsError) ->
+process_events([Key | Keys], Mod, State, ShouldLog, IsEqualFun, IsError) ->
+    % Both values/KVPs are fetched again in order to avoid race conditions
     {NewIsError, NewState} = case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
-        {S, S} ->                        %% nothing to do
+        {S, S} ->                               % exactly equal Erlang terms, nothing to do
             Mod:report_status(Key, no_op, State),
             {IsError, State};
-        {{protected, _}, ?NOT_FOUND} -> % pusher protection
+        {{protected, _}, ?NOT_FOUND} ->         % pusher protection
             ?JError("Protected ~p is not found on target", [Key]),
             Error = <<"Protected key is not found on target">>,
             Mod:report_status(Key, Error, State),
             dperl_dal:job_error(Key, <<"sync">>, <<"process_events">>, Error),
             {true, State};
-        {{protected, S}, D} ->          % pusher protection
+        {{protected, S}, D} ->                  % pusher protection
             execute_prov_fun("Protected", Mod, update_channel, [Key, true, S, D, State], ShouldLog, IsError, check);
-        {{protected, IsSamePlatform, S}, D} -> % puller protection
+        {{protected, IsSamePlatform, S}, D} ->  % puller protection
             execute_prov_fun("Protected", Mod, update_channel, [Key, IsSamePlatform, S, D, State], ShouldLog, IsError, check);
-        {?NOT_FOUND, _D} -> execute_prov_fun("Deleted", Mod, delete_dst, [Key, State], ShouldLog, IsError);
-        {S, ?NOT_FOUND} -> execute_prov_fun("Inserted", Mod, insert_dst, [Key, S, State], ShouldLog, IsError);
-        {error, _} -> {true, State};
-        {_, error} -> {true, State};
-        {{error, _} = Error, _} ->
+        {?NOT_FOUND, _D} ->                     % orphan 
+            execute_prov_fun("Deleted", Mod, delete_dst, [Key, State], ShouldLog, IsError);
+        {S, ?NOT_FOUND} ->                      % missing
+            execute_prov_fun("Inserted", Mod, insert_dst, [Key, S, State], ShouldLog, IsError);
+        {error, _} -> {true, State};            % src fetch error
+        {{error, _} = Error, _} ->              % src fetch {error, term()}
             ?JError("Fetch src ~p : ~p", [Key, Error]),
             Mod:report_status(Key, Error, State),
             {true, State};
-        {_, {error, _} = Error} ->
-            ?JError("Fetch dst ~p : ~p", [Key, Error]),
-            Mod:report_status(Key, Error, State),
-            {true, State};
-        {{error, Error, State1}, _} ->
+        {{error, Error, State1}, _} ->          % src fetch {error, term(), scrState()}
             ?JError("Fetch src ~p : ~p", [Key, Error]),
             Mod:report_status(Key, {error, Error}, State1),
             {true, State1};
-        {_, {error, Error, State1}} ->
+        {_, error} -> {true, State};            % dst fetch error
+        {_, {error, _} = Error} ->              % dst fetch {error, term()}
+            ?JError("Fetch dst ~p : ~p", [Key, Error]),
+            Mod:report_status(Key, Error, State),
+            {true, State};
+        {_, {error, Error, State1}} ->          % dst fetch {error, term(), scrState()}
             ?JError("Fetch dst ~p : ~p", [Key, Error]),
             Mod:report_status(Key, {error, Error}, State1),
             {true, State1};
-        {S, D} ->
-            DiffFun = case erlang:function_exported(Mod, is_equal, 4) of
-                true -> fun Mod:is_equal/4;
-                false -> fun is_equal/4
-            end,
-            case DiffFun(Key, S, D, State) of
-                false -> execute_prov_fun("Updated", Mod, update_dst, [Key, S, State], ShouldLog, IsError);
+        {S, D} ->                               % need to invoke is_equal()
+            case IsEqualFun(Key, S, D) of
+                false ->
+                    ?Info("process_events diff detected key=~p~n~p~n~p",[Key, S, D]), 
+                    execute_prov_fun("Updated", Mod, update_dst, [Key, S, State], ShouldLog, IsError);
                 true ->
                     Mod:report_status(Key, no_op, State),
                     {IsError, State}
             end
     end,
-    process_events(Keys, Mod, NewState, ShouldLog, NewIsError).
+    process_events(Keys, Mod, NewState, ShouldLog, IsEqualFun, NewIsError).
+
+-spec make_is_equal_fun(module(), scrState()) -> fun().
+make_is_equal_fun(Mod, State) ->
+    case erlang:function_exported(Mod, is_equal, 4) of
+        true -> fun(Key,S,D) -> Mod:is_equal(Key, S, D, State) end;
+        false -> fun(Key,S,D) -> is_equal(Key, S, D, State) end
+    end.
 
 -spec execute_prov_fun(scrOperation(), jobModule(), atom(), list(), boolean(), boolean()) -> 
         {scrSoftError(), scrState() | term()}.
@@ -770,7 +795,7 @@ execute_prov_fun(Op, Mod, Fun, Args, ShouldLog, IsError, check) ->
     end.
 
 -spec cleanup_refresh_collect(jobModule(), #cleanup_ctx{}, scrState()) ->
-    #{deletes => scrAnyKeyVals(), inserts => scrAnyKeyVals(), lastKey => scrAnyKeyVal()}.
+    {#{deletes => scrAnyKeyVals(), inserts => scrAnyKeyVals(), lastKey => scrAnyKeyVal()}, scrState()}.
 cleanup_refresh_collect(Mod, CleanupCtx, State) ->
     % note: Key used here in the sense of key-value-pair (KVP) where the value can itself
     % be structured (e.g. {Content::map(), Meta::map()} in Office365 contact sync)   
@@ -798,69 +823,96 @@ cleanup_refresh_collect(Mod, CleanupCtx, State) ->
             error({step_failed, State3});
         DKeys -> {DKeys, State2} % deprecated simple API which returns the kv-pairs only
     end,
-    {cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, srcCount=length(SrcKeys)
-                                                   , dstKeys=DstKeys, dstCount=length(DstKeys)
-                                                   , lastKey=CurKey}), State4}.
-
--spec cleanup_refresh_compare(#cleanup_ctx{}) -> #{ deletes=>scrAnyKeys(), differences=>scrAnyKeys()
-                                                  , inserts=>scrAnyKeys(), lastKey=>scrAnyKey()}.
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
-                                    , deletes=Deletes,inserts=Inserts, differences=Diffs
-                                    , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt
-                                    , minKey=MinKey})
+    CpResult = cleanup_refresh_compare(
+        make_is_equal_fun(Mod, State), 
+        CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, srcCount=length(SrcKeys)
+                              , dstKeys=DstKeys, dstCount=length(DstKeys)
+                              , lastKey=CurKey}),
+    {CpResult, State4}.
+
+-spec cleanup_refresh_compare( fun(), #cleanup_ctx{}) -> #{ deletes=>scrAnyKeys()
+                                                          , differences=>scrAnyKeys()
+                                                          , inserts=>scrAnyKeys()
+                                                          , lastKey=>scrAnyKey()}.
+cleanup_refresh_compare(_, #cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt
+                                       , minKey=MinKey})
         when DstCount < BulkCnt, SrcCount < BulkCnt ->
-    Remaining = take_keys(SrcKeys),
+    Remaining = take_keys(SrcKeys),    % no more dstKeys and all srcKeys fetched -> end of cycle
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>MinKey};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
-                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
-                                    , dstCount=DstCount})
+
+cleanup_refresh_compare(_, #cleanup_ctx{ srcKeys=SrcKeys, dstKeys=[]
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , dstCount=DstCount})
         when DstCount == 0 ->
-    Remaining = take_keys(SrcKeys),
+    Remaining = take_keys(SrcKeys),    % no dstKeys but more srcKeys -> another batch needed 
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts++Remaining, lastKey=>last_key(SrcKeys)};
-cleanup_refresh_compare(#cleanup_ctx{ dstKeys=[]
-                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
-                                    , lastKey=LK}) ->
+
+cleanup_refresh_compare(_, #cleanup_ctx{ dstKeys=[]
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , lastKey=LK}) ->
+                                       % no more data but not complete, another batch needed
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], dstKeys=DstKeys, minKey=MinKey
-                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
-                                    , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt})
+
+cleanup_refresh_compare(_, #cleanup_ctx{ srcKeys=[], dstKeys=DstKeys, minKey=MinKey
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , srcCount=SrcCount, dstCount=DstCount, bulkCount=BulkCnt})
         when SrcCount < BulkCnt, DstCount < BulkCnt ->
-    Remaining = take_keys(DstKeys),
+    Remaining = take_keys(DstKeys),    % no more srcKeys and all dstKeys fetched -> end of cycle
     #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>MinKey};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[], dstKeys=DstKeys
-                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
-                                    , srcCount=SrcCount}) 
+
+cleanup_refresh_compare(_, #cleanup_ctx{ srcKeys=[], dstKeys=DstKeys
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , srcCount=SrcCount}) 
         when SrcCount == 0 ->
-    Remaining = take_keys(DstKeys),
+    Remaining = take_keys(DstKeys),    % no srcKeys but more dstKeys -> another batch needed
     #{deletes=>Deletes++Remaining, differences=>Diffs, inserts=>Inserts, lastKey=>last_key(DstKeys)};
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[]
-                                    , deletes=Deletes, inserts=Inserts, differences=Diffs
-                                    , lastKey=LK}) ->
+
+cleanup_refresh_compare(_, #cleanup_ctx{ srcKeys=[]
+                                       , deletes=Deletes, inserts=Inserts, differences=Diffs
+                                       , lastKey=LK}) ->
+                                       % no more data but not complete, another batch needed
     #{deletes=>Deletes, differences=>Diffs, inserts=>Inserts, lastKey=>LK};
-cleanup_refresh_compare(#cleanup_ctx{srcKeys=[K|SrcKeys], dstKeys=[K|DstKeys]} = CleanupCtx) ->
-    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
-                                                  , lastKey=last_key([K])});
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[{K, _}|SrcKeys], dstKeys=[{K, _}|DstKeys]
-                                    , differences=Diffs} = CleanupCtx) ->
-    cleanup_refresh_compare(CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
-                                                  , lastKey=K, differences=[K|Diffs]});
-cleanup_refresh_compare(#cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK|DstKeys]
-                                    , inserts=Inserts, deletes=Deletes} = CleanupCtx) ->
-    case {last_key([SK]), last_key([DK])} of
-        {K1, K2} when K1 < K2 -> cleanup_refresh_compare(
+
+cleanup_refresh_compare(IE, #cleanup_ctx{srcKeys=[K|SrcKeys], dstKeys=[K|DstKeys]} = CleanupCtx) ->
+                                       % exact kv-match, no_diff, recurse one item forward
+    cleanup_refresh_compare(IE, CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
+                                                      , lastKey=last_key([K])});
+
+cleanup_refresh_compare(IE, #cleanup_ctx{ srcKeys=[{K,S}|SrcKeys], dstKeys=[{K,D}|DstKeys]
+                                        , differences=Diffs} = CleanupCtx) ->
+                                       % key match but no exact value match
+    case IE(K, {K,S}, {K,D}) of 
+        true ->                        % values compare equal -> recurse one item forward
+            cleanup_refresh_compare(IE, CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
+                                                              , lastKey=K, differences=Diffs});
+        false ->                       % values different -> add diff and recurse one item forward
+            cleanup_refresh_compare(IE, CleanupCtx#cleanup_ctx{ srcKeys=SrcKeys, dstKeys=DstKeys
+                                                              , lastKey=K, differences=[K|Diffs]})
+    end;
+
+cleanup_refresh_compare(IE, #cleanup_ctx{ srcKeys=[SK|SrcKeys], dstKeys=[DK|DstKeys]
+                                        , inserts=Inserts, deletes=Deletes} = CleanupCtx) ->
+                                       % keys are different, compare keys
+    K1 = take_key(SK), 
+    K2 = take_key(DK),
+    if 
+        K1 < K2 -> cleanup_refresh_compare(IE,
             CleanupCtx#cleanup_ctx{srcKeys=SrcKeys, inserts=[K1|Inserts], lastKey=K1});
-        {K1, K2} when K2 < K1 -> cleanup_refresh_compare(
+        K2 < K1 -> cleanup_refresh_compare(IE,
             CleanupCtx#cleanup_ctx{dstKeys=DstKeys, deletes=[K2|Deletes], lastKey=K2})
     end.
 
+-spec take_key(scrAnyKey()|scrAnyKeyVal()) -> scrAnyKey().
+take_key({K, _}) -> K;
+take_key(K) ->      K.
+
 -spec take_keys(scrAnyKeys()|scrAnyKeyVals()) -> scrAnyKeys().
-take_keys([]) -> [];
-take_keys([{_, _} | _] = KVs) -> [K || {K, _} <- KVs];
-take_keys(Keys) -> Keys.
+take_keys(KVs) -> [take_key(KV) || KV <- KVs].
 
 -spec last_key(scrAnyKeys()|scrAnyKeyVals()) -> scrAnyKey().
-last_key([{_, _} | _] = KVs) -> element(1, lists:last(KVs));
-last_key(Keys) -> lists:last(Keys).
+last_key(KVs) -> take_key(lists:last(KVs)).
 
 %% ----------------------
 %% Eunit Tests
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 3cb0f5c5..94df86c0 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -151,6 +151,9 @@
         , insert_dst/3
         , update_dst/3
         , report_status/3
+        , is_equal/4
+        , read_local_kvps_after_id/5
+        , get_next_id_key/4
         ]).
 
 % dderl_oauth exports
@@ -160,6 +163,7 @@
         , get_auth_token_key_prefix/1
         , get_key_prefix/0
         , get_key_prefix/1
+        , get_local_key/4
         ]).
 
 -spec get_auth_config() -> map().
@@ -196,6 +200,15 @@ get_local_key(Id, _Name, Channel, KeyPrefix) ->
         [Key] ->    Key     % ToDo: Check/filter with META key = Name
     end.
 
+-spec get_next_id_key(remKey(), jobName(), scrChannel(), locKey()) -> {remKey(), locKey()} | ?NOT_FOUND.
+get_next_id_key(Id, _Name, Channel, KeyPrefix) ->
+    Stu = {?CONTACT_INDEXID,Id}, 
+    case dperl_dal:next_channel_index_key_prefix(Channel, Stu, KeyPrefix) of 
+        [] ->                   ?NOT_FOUND;
+        [{NextId, NextKey}] ->  {NextId, NextKey}     % ToDo: Check/filter with META key = Name
+    end.
+
+
 % convert list of remote values (already maps) to list of {Key,RemoteId,RemoteValue} triples
 % which serves as a lookup buffer of the complete remote state, avoiding sorting issues
 % -spec format_remote_values_to_kv(remVal(), locKey(), jobName()) -> remVal(). 
@@ -208,6 +221,13 @@ get_local_key(Id, _Name, Channel, KeyPrefix) ->
 %     Key = KeyPrefix ++ [new_local_id(RemoteId)],
 %     format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
 
+-spec is_equal(remKVP()|locKVP(), {remVal(), remMeta()}, {locVal(), locMeta()}, #state{}) -> boolean().
+is_equal(_, {Val,_}, {Val,_}, _State) -> true;
+is_equal(_, {_,_}, {_,_}, _State) -> false;
+is_equal(KVP, Val1, Val2, _State) -> 
+    ?Info("is_equal unexpected input ~p~n~p~n~p",[KVP, Val1, Val2]),
+    false.
+
 % format remote value into a special KV pair with seperated contact- and meta-maps
 % by projecting out syncable attributes(content / meta)
 -spec remote_kvp(remVal(), jobName()) -> remKVP().
@@ -273,6 +293,7 @@ fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token} = State)
     ?JTrace("Fetching contact with url : ~s", [ContactUrl]),
     case exec_req(ContactUrl, Token) of
         {error, unauthorized} ->        reconnect_exec(State, fetch_src, [Id]);
+        {error, ?NOT_FOUND} ->          ?NOT_FOUND;
         {error, Error} ->               {error, Error, State};
         #{<<"id">> := _} = RemVal ->    remote_kvp(RemVal, Name);
         _ ->                            ?NOT_FOUND
@@ -402,7 +423,7 @@ delete_dst(Id, #state{ name=Name, channel=Channel, keyPrefix=KeyPrefix
         ?NOT_FOUND ->           
             {true, state};
         {Id, {Value, Meta}} ->
-            case maps:without(Name, Meta) of 
+            case maps:without([Name], Meta) of 
                 #{} ->      % no other syncs remaining for this key
                     dperl_dal:remove_from_channel(Channel, Key),
                     {false, State};
@@ -422,20 +443,23 @@ report_status(_Key, _Status, _State) -> no_op.
 
 -spec load_dst_after_key(remKVP() | locKVP(), scrBatchSize(), #state{}) -> {ok, locKVPs(), #state{}} | {error, term(), #state{}}.
 load_dst_after_key({Id,{_,_}}, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix}) ->
-    {ok, read_local_kvps_after_id(Channel, Name, KeyPrefix, Id, BlkCount, [])};
+    {ok, read_local_kvps_after_id(Channel, Name, KeyPrefix, Id, BlkCount)};
 load_dst_after_key(_Key, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix} = State) ->
     ?Info("load_dst_after_key for non-matching (initial) key ~p", [_Key]),
-    case read_local_kvps_after_id(Channel, Name, KeyPrefix, ?COMPARE_MIN_KEY, BlkCount, []) of 
+    case read_local_kvps_after_id(Channel, Name, KeyPrefix, ?COMPARE_MIN_KEY, BlkCount) of 
         L when is_list(L) ->    {ok, L, State};
         {error, Reason} ->      {error, Reason, State}
     end.
 
 %% starting after Id, run through remoteId index and collect a block of locKVP() data belonging to 
 %% this job name and keyPrefix 
--spec read_local_kvps_after_id(scrChannel(), jobName(), locKey(), remKey(), scrBatchSize(), locKVPs()) -> locKVPs() | {error, term()}.
-read_local_kvps_after_id(_Channel, _Name, _KeyPrefix, _Id, _BlkCount, _Acc) ->
-    % lists:prefix(KeyPrefix,K)
-    [].
+-spec read_local_kvps_after_id(scrChannel(), jobName(), locKey(), remKey(), scrBatchSize()) -> locKVPs() | {error, term()}.
+read_local_kvps_after_id(Channel, Name, KeyPrefix, SeenId, BlkCount) ->
+    Stu = {?CONTACT_INDEXID, SeenId}, % last visited index key, get next BlkCount {Id, Value} tuples
+    case dperl_dal:read_channel_index_key_prefix_gt(Channel, Stu, KeyPrefix, BlkCount) of 
+        [] ->       [];
+        LocKeys ->  [local_kvp(Id, dperl_dal:read_channel(Channel, Key), Name) || {Id,Key} <- LocKeys]   
+    end.
 
 -spec load_src_after_key(remKVP()| locKVP(), scrBatchSize(), #state{}) -> 
         {ok, remKVPs(), #state{}} | {error, term(), #state{}}.
@@ -560,6 +584,8 @@ exec_req(Url, Token) ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
         {ok, {{_, 401, _}, _, _}} ->
             {error, unauthorized};
+        {ok, {{_, 404, _}, _, _}} ->
+            {error, ?NOT_FOUND};
         {error, Reason} ->
             ?Info("exec_req get ~p returns error ~p",[Url,Reason]),
             {error, Reason}
@@ -581,12 +607,14 @@ exec_req(Url, Token, Body, Method) ->
         {ok, {{_, 200, _}, _, Result}} ->
             % update/patch result
             imem_json:decode(list_to_binary(Result), [return_maps]);
-        {ok,{{_, 204, _}, _, _}} ->
+        {ok, {{_, 204, _}, _, _}} ->
             % delete result
             ok;
         {ok, {{_, 401, _}, _, Error}} ->
             ?JError("Unauthorized body : ~s", [Error]),
             {error, unauthorized};
+        {ok, {{_, 404, _}, _, _}} ->
+            {error, ?NOT_FOUND};
         Error ->
             {error, Error}
     end.

From 7494d77b856626af53fcee1b106b14ee1a0fe70d Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Sat, 4 Jul 2020 00:06:06 +0200
Subject: [PATCH 65/72] fix otp22 issues (tuple calls) in dderl diff module and
 implement JSON diffing, WIP

---
 src/dderl_dal.erl                   |  4 +-
 src/dderl_diff.erl                  |  9 ++--
 src/dderl_fsm.erl                   |  2 +-
 src/dderl_oauth.erl                 | 51 ++++++++++----------
 src/dderl_session.erl               | 18 +++++---
 src/dperl/dperl_strategy_scr.erl    |  2 +
 src/dperl/jobs/dpjob_office_365.erl | 72 ++++++++++++++++++-----------
 src/gen_adapter.erl                 |  8 ++--
 src/imem_adapter.erl                | 10 ++--
 9 files changed, 103 insertions(+), 73 deletions(-)

diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 350cddbf..060ee50c 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -84,13 +84,13 @@ del_conn(Sess, UserId, ConId) ->
     HasAll = (erlimem_session:run_cmd(Sess, have_permission, [[?MANAGE_CONNS]]) == true),
     if HasAll ->
         ok = erlimem_session:run_cmd(Sess, delete, [ddConn, ConId]),
-        ?Info("user ~p deleted connection ~p", [UserId, ConId]),
+        %?Info("user ~p deleted connection ~p", [UserId, ConId]),
         ok;
     true ->
         case erlimem_session:run_cmd(Sess, select, [ddConn, [{#ddConn{id=ConId,owner=UserId,_='_'},[],['$_']}]]) of
             {[_|_], true} ->
                 ok = erlimem_session:run_cmd(Sess, delete, [ddConn, ConId]),
-                ?Info("user ~p deleted connection ~p", [UserId, ConId]),
+                %?Info("user ~p deleted connection ~p", [UserId, ConId]),
                 ok;
             _ ->
                 ?Error("user ~p doesn't have permission to delete connection ~p", [UserId, ConId]),
diff --git a/src/dderl_diff.erl b/src/dderl_diff.erl
index c19dff3d..11c76734 100644
--- a/src/dderl_diff.erl
+++ b/src/dderl_diff.erl
@@ -10,7 +10,9 @@
 
 -spec term_diff(term(), pid(), atom(), binary(), atom(), binary()) -> binary().
 term_diff(Sess, SessPid, LeftType, LeftValue, RightType, RightValue) ->
-    case Sess:run_cmd(term_diff, [LeftType, LeftValue, RightType, RightValue, [ignore_whitespace,ignore_casing,ignore_dquotes]]) of
+    %?Info("term_diff called with args: ~p ~p ~p ~p", [LeftType, LeftValue, RightType, RightValue]),
+    %?Info("term_diff called with Sess ~p SessPid ~p", [Sess, SessPid]),
+    case erlimem_session:run_cmd(Sess, term_diff, [LeftType, LeftValue, RightType, RightValue, [ignore_whitespace,ignore_casing,ignore_dquotes]]) of
         {error, {{Ex, M}, _Stacktrace} = Error} ->
             ?Error("Error on term_diff ~p: ~p", [{LeftType, LeftValue, RightType, RightValue}, Error], _Stacktrace),
             Err = list_to_binary(atom_to_list(Ex) ++ ": " ++
@@ -26,7 +28,7 @@ term_diff(Sess, SessPid, LeftType, LeftValue, RightType, RightValue) ->
             Err = list_to_binary(lists:flatten(io_lib:format("~p", [Reason]))),
             #{<<"error">> => Err};
         DiffResult ->
-            ?Debug("The diff result ~p", [DiffResult]),
+            %?Info("The diff result ~p", [DiffResult]),
             FsmCtx = get_fsmctx(DiffResult),
             StmtFsm = dderl_fsm:start(FsmCtx, SessPid),
             Columns = gen_adapter:build_column_json(lists:reverse(get_columns())),
@@ -56,8 +58,7 @@ get_fsmctx(Result) ->
                 [fun(_Opts, _Count) ->
                     Rows = [{{}, {RowId, Left, Cmp, Right}} || {ddTermDiff, RowId, Left, Cmp, Right} <- Result],
                     % This seems hackish but we don't want to keep a process here.
-                    % TODO: Revisit after tuple calls have been removed.
-                    dderl_fsm:rows({self(), {Rows, true}}, {dderl_fsm, self()})
+                    dderl_fsm:rows(self(), {self(), {Rows, true}})
                 end]
             ,fetch_close_funs = [fun() -> ok end]
             ,stmt_close_funs  = [fun() -> ok end]
diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index 9f250770..e67598d9 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -333,7 +333,7 @@ rows(Pid, {StmtRef, {Rows,Completed}}) when is_list(Rows) ->  % from erlimem/ime
     %?Info("dderl_fsm:rows from ~p ~p~n~p", [StmtRef, length(Rows), Rows]),
     gen_statem:cast(Pid, {rows, {StmtRef,Rows,Completed}});
 rows(Pid, {Rows,Completed}) when is_list(Rows) ->
-    %?Info("dderl_fsm:rows ~p ~p", [length(Rows), Completed]),
+    ?Info("dderl_fsm:rows ~p ~p", [length(Rows), Completed]),
     gen_statem:cast(Pid, {rows, {self(),Rows,Completed}});
 rows(Pid, {StmtRef, Error}) ->   % from erlimem/imem_server
     %?Info("dderl_fsm:rows from ~p ~p", [StmtRef, Error]),
diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 3477d2c6..4424cb38 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -13,16 +13,16 @@
 get_token_info(AccountId, TokenPrefix, _SyncType) ->
     dderl_dal:read_from_avatar_channel(AccountId, TokenPrefix ++ [?TOKEN_KEYPART]).
 
-set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_map(TokenInfo) ->
-    set_token_info(AccountId, TokenPrefix, imem_json:encode(TokenInfo), SyncType);
-set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType) when is_list(TokenInfo) ->
-    set_token_info(AccountId, TokenPrefix, list_to_binary(TokenInfo), SyncType);
+set_token_info(AccountId, TokenPrefix, TokenInfo, SyncMod) when is_map(TokenInfo) ->
+    set_token_info(AccountId, TokenPrefix, imem_json:encode(TokenInfo), SyncMod);
+set_token_info(AccountId, TokenPrefix, TokenInfo, SyncMod) when is_list(TokenInfo) ->
+    set_token_info(AccountId, TokenPrefix, list_to_binary(TokenInfo), SyncMod);
 set_token_info(AccountId, TokenPrefix, TokenInfo, _SyncType) when is_binary(TokenInfo) ->
-    ?Info("set_token_info using ~p",[imem_enc_mnesia:get_enc_hash()]),
+    %?Info("set_token_info using ~p",[imem_enc_mnesia:get_enc_hash()]),
     dderl_dal:write_to_avatar_channel(AccountId, TokenPrefix ++ [?TOKEN_KEYPART], TokenInfo).
 
-get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
-    State = #{xsrfToken => XSRFToken, type => SyncType},
+get_authorize_url(XSRFToken, AuthConfig, SyncMod) ->
+    State = #{xsrfToken => XSRFToken, type => SyncMod},
     #{auth_url:=Url, client_id:=ClientId, redirect_uri:=RedirectURI, scope:=Scope} = AuthConfig, 
     UrlParams = dperl_dal:url_enc_params(
         #{"client_id" => ClientId, "redirect_uri" => {enc, RedirectURI}
@@ -30,12 +30,12 @@ get_authorize_url(XSRFToken, AuthConfig, SyncType) ->
     erlang:iolist_to_binary([Url, "&", UrlParams]).
 
 
-%% get token info from web service using the configuration from callback module
+%% get token info for a web service using the configuration from callback module
 %% store it in the avatar table of AccountId under the key TokenPrefix || "#token#"  
 -spec get_access_token(ddEntityId(), list(), string(), module()) -> ok | {error, term()}.
-get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
+get_access_token(AccountId, TokenPrefix, Code, SyncMod) ->
     AuthConfig = try 
-        SyncType:get_auth_config() % ToDo: AuthConfig may depend on JobName or TokenPrefix
+        SyncMod:get_auth_config() % ToDo: AuthConfig may depend on JobName or TokenPrefix
     catch 
         _:E:S ->
             ?Error("Finding AuthConfig : ~p ñ~p", [E,S]),
@@ -44,15 +44,15 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
     %?Info("get_access_token AuthConfig: ~p",[AuthConfig]),
     #{token_url:=TUrl, client_id:=ClientId, redirect_uri:=RedirectURI
      ,client_secret:=Secret, grant_type:=GrantType
-     ,scope := Scope} = AuthConfig,
+     ,scope:=Scope} = AuthConfig,
     Body = dperl_dal:url_enc_params(
-        #{ "client_id" => ClientId, "scope" => {enc, Scope}, "code" => Code
-         , "redirect_uri" => {enc, RedirectURI}, "grant_type" => GrantType
-         , "client_secret" => {enc, Secret}}),
+        #{ "client_id"=>ClientId, "scope"=>{enc, Scope}, "code"=>Code
+         , "redirect_uri"=>{enc, RedirectURI}, "grant_type"=>GrantType
+         , "client_secret"=>{enc, Secret}}),
     ContentType = "application/x-www-form-urlencoded",
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenInfo}} ->
-            set_token_info(AccountId, TokenPrefix, TokenInfo, SyncType),
+            set_token_info(AccountId, TokenPrefix, TokenInfo, SyncMod),
             ok;
         {ok, {{_, Code, _}, _, Error}} ->
             {error, Error};
@@ -64,23 +64,24 @@ get_access_token(AccountId, TokenPrefix, Code, SyncType) ->
 %% refresh access token from web service using the configuration from callback module
 %% store it in the avatar table of AccountId under the key TokenPrefix || "#token#"  
 -spec refresh_access_token(ddEntityId(), list(), module()) -> {ok, binary()} | {error, term()}.
-refresh_access_token(AccountId, TokenPrefix, SyncType) ->
-    #{token_url:=TUrl, client_id:=ClientId, scope:=Scope, client_secret:=Secret} 
-        = SyncType:get_auth_config(),
-    ?Info("refresh_access_token ~p ~p ~p",[AccountId, TokenPrefix, SyncType]),
-    #{<<"refresh_token">>:=RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncType),
+refresh_access_token(AccountId, TokenPrefix, SyncMod) ->
+    #{token_url:=TUrl, client_id:=ClientId  % , redirect_uri:=RedirectURI
+     ,client_secret:=Secret                 % , grant_type:=GrantType
+     ,scope:=Scope} = SyncMod:get_auth_config(),
+    %?Info("refresh_access_token ~p ~p ~p",[AccountId, TokenPrefix, SyncMod]),
+    #{<<"refresh_token">>:=RefreshToken} = get_token_info(AccountId, TokenPrefix, SyncMod),
     Body = dperl_dal:url_enc_params(#{ "client_id"=>ClientId, "client_secret"=>{enc, Secret}
                                      , "scope"=>{enc, Scope}, "refresh_token"=>RefreshToken
                                      , "grant_type"=>"refresh_token"}),
     ContentType = "application/x-www-form-urlencoded",
-    ?Info("refresh_access_token TUrl=~p",[TUrl]),
-    ?Info("refresh_access_token ContentType=~p",[ContentType]),
-    ?Info("refresh_access_token Body=~p",[Body]),
-    ?Info("refresh_access_token RefreshToken=~p",[RefreshToken]),
+    %?Info("refresh_access_token TUrl=~p",[TUrl]),
+    %?Info("refresh_access_token ContentType=~p",[ContentType]),
+    %?Info("refresh_access_token Body=~p",[Body]),
+    %?Info("refresh_access_token RefreshToken=~p",[RefreshToken]),
     case httpc:request(post, {TUrl, "", ContentType, Body}, [], []) of
         {ok, {{_, 200, "OK"}, _, TokenBody}} ->
             TokenInfo = imem_json:decode(list_to_binary(TokenBody), [return_maps]),
-            set_token_info(AccountId, TokenPrefix, TokenBody, SyncType),
+            set_token_info(AccountId, TokenPrefix, TokenInfo, SyncMod),
             #{<<"access_token">> := Token} = TokenInfo,
             {ok, Token};
         Error ->
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index 2b2e0100..ac1d5c03 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -155,8 +155,8 @@ handle_info(inactive, #state{user = User, inactive_tref = ITref} = State) ->
             cancel_timer(ITref),
             {noreply, State#state{lock_state = screensaver}}
     end;
-handle_info(die, #state{user=User}=State) ->
-    ?Info([{user, User}], "session ~p idle for ~p ms", [{self(), User}, ?SESSION_IDLE_TIMEOUT]),
+handle_info(die, #state{user=_User}=State) ->
+    %?Info([{user, User}], "session ~p idle for ~p ms", [{self(), _User}, ?SESSION_IDLE_TIMEOUT]),
     {stop, normal, State};
 handle_info(logout, #state{user = User} = State) ->
     ?Debug("terminating session of logged out user ~p", [User]),
@@ -391,7 +391,7 @@ process_call({[<<"oura_ring_auth_config">>], _ReqData}, _Adapter, From, {SrcIp,
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oura_ring_auth_config"}, State),
     AuthConfig = dpjob_ouraring_crawl:get_auth_config(), % ToDo: may depend on JobName or TokenPrefix
     Url = dderl_oauth:get_authorize_url(State#state.xsrf_token, AuthConfig, ?SYNC_OURARING),
-    ?Info("oura_ring_auth_config ~p ~p",[AuthConfig, Url]),
+    %?Info("oura_ring_auth_config ~p ~p",[AuthConfig, Url]),
     reply(From, #{<<"oura_ring_auth_config">> => #{<<"url">> => Url}}, self()),
     State;
 
@@ -399,7 +399,7 @@ process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "oauth2_callback", args => ReqData}, State),
     #{<<"oauth2_callback">> := 
         #{<<"code">> := Code, <<"state">> := #{<<"type">> := SyncType}}} = jsx:decode(ReqData, [return_maps]),
-    ?Info("oauth2_callback SyncType: ~p Code: ~p",[SyncType, Code]),
+    %?Info("oauth2_callback SyncType: ~p Code: ~p",[SyncType, Code]),
     % ToDo: Check if this data can be trusted
     {SyncHandler,TokenPrefix} = try
         SH = binary_to_existing_atom(SyncType,utf8),
@@ -409,7 +409,7 @@ process_call({[<<"oauth2_callback">>], ReqData}, _Adapter, From, {SrcIp, _}, Sta
             ?Error("Finding TokenPrefix : ~p", [E]),
             reply(From, #{<<"oauth2_callback">> => #{<<"error">> => <<"Error finding TokenPrefix">>}}, self())
     end,
-    ?Info("oauth2_callback TokenPrefix: ~p",[TokenPrefix]),
+    %?Info("oauth2_callback TokenPrefix: ~p",[TokenPrefix]),
     case dderl_oauth:get_access_token(State#state.user, TokenPrefix, Code, SyncHandler) of
         ok ->
             reply(From, #{<<"oauth2_callback">> => #{<<"status">> => <<"ok">>}}, self());
@@ -478,7 +478,7 @@ process_call({[<<"del_con">>], ReqData}, _Adapter, From, {SrcIp,_},
     act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "del_con", args => ReqData}, State),
     [{<<"del_con">>, BodyJson}] = jsx:decode(ReqData),
     ConId = proplists:get_value(<<"conid">>, BodyJson, 0),
-    ?Info([{user, State#state.user}], "connection to delete ~p", [ConId]),
+    %?Info([{user, State#state.user}], "connection to delete ~p", [ConId]),
     Resp = case dderl_dal:del_conn(Sess, UserId, ConId) of
         ok -> <<"success">>;
         Error -> [{<<"error">>, list_to_binary(lists:flatten(io_lib:format("~p", [Error])))}]
@@ -695,16 +695,20 @@ process_call({Cmd, ReqData}, Adapter, From, {SrcIp,_}, #state{sess = Sess, user_
 
 spawn_process_call(Adapter, CurrentPriv, From, Cmd, BodyJson, Sess, UserId, SelfPid) ->
     try 
+        %?Info("spawn_gen_process_call Adapter=~p cmd=~p", [Adapter, Cmd]),
+        %?Info("spawn_process_call called with Sess ~p SelfPid ~p", [Sess, SelfPid]),
+        timer:sleep(1000),
         Adapter:process_cmd({Cmd, BodyJson}, Sess, UserId, From, CurrentPriv, SelfPid),
         SelfPid ! rearm_session_idle_timer
     catch Class:Error:Stacktrace ->
-            ?Error("Problem processing command: ~p:~p~n~p~n~p~n",
+            ?Error("Problem processing command: ~p:~p~n~p~n~p",
                    [Class, Error, BodyJson, Stacktrace]),
             reply(From, [{<<"error">>, <<"Unable to process the request">>}], SelfPid)
     end.
 
 spawn_gen_process_call(Adapter, From, C, BodyJson, Sess, UserId, SelfPid) ->
     try
+        %?Info("spawn_gen_process_call adapter=~p cmd=~p", [Adapter, C]),
         gen_adapter:process_cmd({[C], BodyJson}, adapter_name(Adapter), Sess, UserId, From, undefined),
         SelfPid ! rearm_session_idle_timer
     catch Class:Error:Stacktrace ->
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 47e08614..07ee3503 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -708,6 +708,8 @@ process_events([], Mod, State, _ShouldLog, _IsEqualFun, IsError) ->
     end;
 process_events([Key | Keys], Mod, State, ShouldLog, IsEqualFun, IsError) ->
     % Both values/KVPs are fetched again in order to avoid race conditions
+    %?Info("Difference src: ~p", [Mod:fetch_src(Key, State)]),
+    %?Info("Difference dst: ~p", [Mod:fetch_dst(Key, State)]),
     {NewIsError, NewState} = case {Mod:fetch_src(Key, State), Mod:fetch_dst(Key, State)} of
         {S, S} ->                               % exactly equal Erlang terms, nothing to do
             Mod:report_status(Key, no_op, State),
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 94df86c0..73cb811d 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -44,7 +44,7 @@
              ,client_secret => "12345"
              ,grant_type => "authorization_code"
              ,token_url => "https://login.microsoftonline.com/common/oauth2/v2.0/token"
-             ,scope => "offline_access https://graph.microsoft.com/people.read"
+             ,scope => "offline_access https://graph.microsoft.com/Contacts.ReadWrite"
              },
             "Office 365 (Graph API) auth config"
             )
@@ -97,9 +97,9 @@
             ?GET_CONFIG(metaAttributes,
             [__JOB_NAME],
             [<<"id">>
-            %,<<"lastModifiedDateTime">>
-            %,<<"changeKey">>
-            %,<<"parentFolderId">>
+            ,<<"lastModifiedDateTime">>
+            ,<<"changeKey">>
+            ,<<"parentFolderId">>
             %,<<"createdDateTime">>
             ], 
             "Meta attributes used for Office365 contact change tracking"
@@ -128,7 +128,8 @@
                     , token                     :: token()          % access token binary
                     , apiUrl                    :: string()
                     , fetchUrl                  :: string()
-                    , cycleBuffer = []          :: remKVPs() | remKVPs() % dirty buffer for one c/r cycle
+                    , remCache = []             :: remKVPs()        % filled at start of c/r cycle
+                    , clBuffer = []             :: remKVPs() | remKVPs() % dirty buffer for one c/r cycle
                     , isConnected = true        :: boolean()        % fail unauthorized on first use
                     , isFirstSync = true        :: boolean()
                     , isCleanupFinished = true  :: boolean()
@@ -222,7 +223,7 @@ get_next_id_key(Id, _Name, Channel, KeyPrefix) ->
 %     format_remote_values_to_kv(Values, KeyPrefix, JobName, [{Key,RemoteId,format_value(Value, JobName)}|Acc]).
 
 -spec is_equal(remKVP()|locKVP(), {remVal(), remMeta()}, {locVal(), locMeta()}, #state{}) -> boolean().
-is_equal(_, {Val,_}, {Val,_}, _State) -> true;
+is_equal(_, {Val,Meta}, {Val,Meta}, _State) -> true; % both must match, want to update meta too
 is_equal(_, {_,_}, {_,_}, _State) -> false;
 is_equal(KVP, Val1, Val2, _State) -> 
     ?Info("is_equal unexpected input ~p~n~p~n~p",[KVP, Val1, Val2]),
@@ -274,11 +275,11 @@ connect_check_src(#state{isConnected=false, type=pull, accountId=AccountId, toke
 %             UniqueKeys = lists:delete(undefined, lists:usort(Keys)),
 %             {ok, UniqueKeys, State#state{auditStartTime=NextStartTime}}
 %     end;
-get_source_events(#state{cycleBuffer=[]} = State, _BulkSize) ->
+get_source_events(#state{clBuffer=[]} = State, _BulkSize) ->
     {ok, sync_complete, State};
-get_source_events(#state{cycleBuffer=CycleBuffer} = State, _BulkSize) ->
-    ?Info("get_source_events result count ~p~n~p",[length(CycleBuffer), hd(CycleBuffer)]),
-    {ok, CycleBuffer, State#state{cycleBuffer=[]}}.
+get_source_events(#state{clBuffer=ClBuffer} = State, _BulkSize) ->
+    %?Info("get_source_events result count ~p~n~p",[length(ClBuffer), hd(ClBuffer)]),
+    {ok, ClBuffer, State#state{clBuffer=[]}}.
 
 - spec connect_check_dst(#state{}) -> {ok, #state{}}. % | {error, term()} | {error, term(), #state{}}
 connect_check_dst(State) -> {ok, State}.    % ToDo: Maybe implement for push destination?
@@ -291,11 +292,14 @@ do_refresh(_State, _BulkSize) -> {error, cleanup_only}. % using cleanup/refresh
 fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token} = State) -> 
     ContactUrl = ApiUrl ++ binary_to_list(Id),
     ?JTrace("Fetching contact with url : ~s", [ContactUrl]),
+    %?Info("Fetching contact with url : ~s", [ContactUrl]),
     case exec_req(ContactUrl, Token) of
         {error, unauthorized} ->        reconnect_exec(State, fetch_src, [Id]);
         {error, ?NOT_FOUND} ->          ?NOT_FOUND;
         {error, Error} ->               {error, Error, State};
-        #{<<"id">> := _} = RemVal ->    remote_kvp(RemVal, Name);
+        #{<<"id">> := _} = RemVal ->    
+            %?Info("Fetched contact ~p   ", [RemVal]),
+            remote_kvp(RemVal, Name);
         _ ->                            ?NOT_FOUND
     end.
 
@@ -331,7 +335,7 @@ fetch_dst(Id, #state{name=Name, channel=Channel, keyPrefix=KeyPrefix, type=pull}
 insert_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, type=pull
                                    , keyPrefix=KeyPrefix, template=Template} = State) ->
     Key = KeyPrefix ++ [new_local_id(Id)],
-    ?Info("insert_dst ~p",[Key]),
+    %?Info("insert_dst ~p",[Key]),
     MergedValue = maps:merge(maps:merge(Template, Value), #{<<"META">> => #{Name=>Meta}}),
     MergedBin = imem_json:encode(MergedValue), 
     case dperl_dal:write_channel(Channel, Key, MergedBin) of 
@@ -367,7 +371,7 @@ insert_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, type=pull
 update_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, keyPrefix=KeyPrefix
                                          , type=pull, template=Template} = State) ->
     Key = get_local_key(Id, Name, Channel, KeyPrefix),
-    ?Info("update_dst ~p",[Key]),
+    %?Info("update_dst ~p",[Key]),
     case dperl_dal:read_channel(Channel, Key) of
         ?NOT_FOUND ->   
             ?JError("update_dst key ~p not found for remote id ~p", [Key, Id]),
@@ -418,7 +422,7 @@ update_local(Channel, Key, _OldVal, NewVal, NewMeta) ->
 delete_dst(Id, #state{ name=Name, channel=Channel, keyPrefix=KeyPrefix
                      , type=pull, template=Template} = State) ->
     Key = get_local_key(Id, Name, Channel, KeyPrefix),
-    ?Info("delete_dst ~p",[Key]),
+    %?Info("delete_dst ~p",[Key]),
     case fetch_dst(Id, State) of 
         ?NOT_FOUND ->           
             {true, state};
@@ -445,7 +449,7 @@ report_status(_Key, _Status, _State) -> no_op.
 load_dst_after_key({Id,{_,_}}, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix}) ->
     {ok, read_local_kvps_after_id(Channel, Name, KeyPrefix, Id, BlkCount)};
 load_dst_after_key(_Key, BlkCount, #state{name=Name, channel=Channel, type=pull, keyPrefix=KeyPrefix} = State) ->
-    ?Info("load_dst_after_key for non-matching (initial) key ~p", [_Key]),
+    %?Info("load_dst_after_key for non-matching (initial) key ~p", [_Key]),
     case read_local_kvps_after_id(Channel, Name, KeyPrefix, ?COMPARE_MIN_KEY, BlkCount) of 
         L when is_list(L) ->    {ok, L, State};
         {error, Reason} ->      {error, Reason, State}
@@ -463,27 +467,39 @@ read_local_kvps_after_id(Channel, Name, KeyPrefix, SeenId, BlkCount) ->
 
 -spec load_src_after_key(remKVP()| locKVP(), scrBatchSize(), #state{}) -> 
         {ok, remKVPs(), #state{}} | {error, term(), #state{}}.
-load_src_after_key(_CurKVP, _BlkCount, #state{type=pull, fetchUrl=finished} = State) ->
+load_src_after_key(_CurKVP, _BlkCount, #state{type=pull, fetchUrl=cached, remCache=[]} = State) ->
     {ok, [], State};
+load_src_after_key(CurKVP, BlkCount, #state{type=pull, fetchUrl=cached, remCache=RemCache} = State) ->
+    case element(1, hd(RemCache)) of 
+        SmallKey when SmallKey =< CurKVP -> 
+            {error, cannot_serve_smaller_key, State};
+        _  when length(RemCache) > BlkCount ->
+            {Serve,Keep} = lists:split(RemCache, BlkCount),   
+            {ok, Serve, State#state{remCache=Keep}};
+        _ ->
+            {ok, RemCache, State#state{remCache=[]}}
+    end;
 load_src_after_key(CurKVP, BlkCount, #state{type=pull, fetchUrl=undefined, apiUrl=ApiUrl} = State) ->
-    UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}),
-    ContactsUrl = lists:flatten([ApiUrl, "?", UrlParams]),
-    load_src_after_key(CurKVP, BlkCount, State#state{fetchUrl=ContactsUrl});
-load_src_after_key(CurKVP, BlkCount, #state{ name=Name, type=pull, token=Token
-                                           , fetchUrl=FetchUrl} = State) ->
+    UrlParams = dperl_dal:url_enc_params(#{"$top" => integer_to_list(BlkCount)}), % , "$select" => "id"
+    FetchUrl = lists:flatten([ApiUrl, "?", UrlParams]),
     ?JTrace("Fetching contacts with url : ~s", [FetchUrl]),
+    load_src_after_key(CurKVP, BlkCount, State#state{fetchUrl=FetchUrl, remCache=[]});
+load_src_after_key(CurKVP, BlkCount, #state{ name=Name, type=pull, token=Token
+                                           , fetchUrl=FetchUrl, remCache=RemCache} = State) ->
     case exec_req(FetchUrl, Token) of
         {error, unauthorized} ->    reconnect_exec(State, load_src_after_key, [CurKVP, BlkCount]);
         {error, Error} ->           {error, Error, State};
         #{<<"@odata.nextLink">> := NextUrl, <<"value">> := RemVals} ->
             KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
             ?JTrace("Fetched contacts : ~p", [length(KVPs)]),
-            %?Info("First fetched contact : ~p", [element(1,hd(KVPs))]),
-            {ok, KVPs, State#state{fetchUrl=NextUrl}};
+            load_src_after_key( CurKVP, BlkCount, 
+                                State#state{ fetchUrl=NextUrl, remCache=[KVPs|RemCache]});
         #{<<"value">> := RemVals} ->        % may be an empty list
             KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
             ?JTrace("Last fetched contacts : ~p", [length(KVPs)]),
-            {ok, KVPs, State#state{fetchUrl=finished}}
+            SortedRemKVPs = lists:keysort(1, lists:append(RemCache, KVPs)),
+            load_src_after_key( CurKVP, BlkCount, 
+                                State#state{ fetchUrl=cached, remCache=SortedRemKVPs})
     end.
 
 -spec reconnect_exec(#state{}, fun(), list()) -> 
@@ -498,7 +514,7 @@ reconnect_exec(State, Fun, Args) ->
 -spec do_cleanup(remKeys(), remKeys(), remKeys(), boolean(), #state{}) -> 
         {ok, #state{}} | {ok, finish, #state{}} . 
 do_cleanup(Deletes, Inserts, Diffs, IsFinished, #state{type=pull} = State) ->
-    NewState = State#state{cycleBuffer=Deletes++Diffs++Inserts},
+    NewState = State#state{clBuffer=Deletes++Diffs++Inserts},
     if 
         IsFinished ->
             %% deposit cleanup batch dirty results in state for sync to pick up
@@ -578,7 +594,8 @@ terminate(Reason, _State) ->
 %% use OAuth2 header with token
 -spec exec_req(string(), binary()) -> map() | {error, term()}.
 exec_req(Url, Token) ->
-    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
+    AuthHeader = [ {"Authorization", "Bearer " ++ binary_to_list(Token)}
+                 , {"Prefer","IdType=\"ImmutableId\""}],
     case httpc:request(get, {Url, AuthHeader}, [], []) of
         {ok, {{_, 200, "OK"}, _, Result}} ->
             imem_json:decode(list_to_binary(Result), [return_maps]);
@@ -596,7 +613,8 @@ exec_req(Url, Token) ->
 %% use OAuth2 header with token
 -spec exec_req(string(), binary(), map(), atom()) -> ok | map() | {error, term()}.
 exec_req(Url, Token, Body, Method) ->
-    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(Token)}],
+    AuthHeader = [ {"Authorization", "Bearer " ++ binary_to_list(Token)}
+                 , {"Prefer","IdType=\"ImmutableId\""}],
     case httpc:request(Method, 
                        {Url, AuthHeader, "application/json", imem_json:encode(Body)}, 
                        [], 
diff --git a/src/gen_adapter.erl b/src/gen_adapter.erl
index 4580d59e..528f4d1d 100644
--- a/src/gen_adapter.erl
+++ b/src/gen_adapter.erl
@@ -93,6 +93,7 @@ sql_params(Sql, Types) ->
 
 -spec process_cmd({[binary()], [{binary(), list()}]}, atom(), {atom(), pid()}, ddEntityId(), pid(), term()) -> term().
 process_cmd({[<<"parse_stmt">>], ReqBody}, Adapter, _Sess, _UserId, From, _Priv) ->
+    %?Info("spawn_process_cmd Adapter=~p ReqBody=~p", [Adapter, ReqBody]),
     [{<<"parse_stmt">>,BodyJson}] = ReqBody,
     Sql = string:strip(binary_to_list(proplists:get_value(<<"qstr">>, BodyJson, <<>>))),
     if
@@ -224,7 +225,7 @@ process_cmd({[<<"view_op">>], ReqBody}, _Adapter, Sess, _UserId, From, _Priv) ->
     [{<<"view_op">>,BodyJson}] = ReqBody,
     Operation = string:to_lower(binary_to_list(proplists:get_value(<<"operation">>, BodyJson, <<>>))),
     ViewId = proplists:get_value(<<"view_id">>, BodyJson),
-    ?Info("view_op ~s for ~p", [Operation, ViewId]),
+    %?Info("view_op ~s for ~p", [Operation, ViewId]),
     Res = case Operation of
         "rename" ->
             Name = proplists:get_value(<<"newname">>, BodyJson, <<>>),
@@ -254,7 +255,7 @@ process_cmd({[<<"update_view">>], ReqBody}, Adapter, Sess, UserId, From, _Priv)
     TableLay = proplists:get_value(<<"table_layout">>, BodyJson, []),
     ColumLay = proplists:get_value(<<"column_layout">>, BodyJson, []),
     ViewId = proplists:get_value(<<"view_id">>, BodyJson),
-    ?Info("update view ~s with id ~p layout ~p", [Name, ViewId, TableLay]),
+    %?Info("update view ~s with id ~p layout ~p", [Name, ViewId, TableLay]),
     ViewState = #viewstate{table_layout=TableLay, column_layout=ColumLay},
     if
         %% System tables can't be overriden.
@@ -540,7 +541,8 @@ process_query(Query, Connection, Params, SessPid) ->
 
 -spec term_diff(list(), term(), pid(), pid()) -> term().
 term_diff(BodyJson, Sess, SessPid, From) ->
-    ?Debug("Term diff called with args: ~p", [BodyJson]),
+    %?Info("term_diff called with args: ~p", [BodyJson]),
+    %?Info("term_diff called with Sess ~p SessPid ~p", [Sess, SessPid]),
     Statement = binary_to_term(base64:decode(proplists:get_value(<<"statement">>, BodyJson, <<>>))),
     {LeftType, LeftValue} = get_cell_value(proplists:get_value(<<"left">>, BodyJson, 0), Statement),
     {RightType, RightValue} = get_cell_value(proplists:get_value(<<"right">>, BodyJson, 0), Statement),
diff --git a/src/imem_adapter.erl b/src/imem_adapter.erl
index bc22b8e5..1d8b4e5c 100644
--- a/src/imem_adapter.erl
+++ b/src/imem_adapter.erl
@@ -449,10 +449,10 @@ process_cmd({[<<"system_views">>], ReqBody}, Sess, _UserId, From, Priv, SessPid)
             RespJson = jsx:encode([{<<"error">>, Reason}]);
         F ->
             C = dderl_dal:get_command(Sess, F#ddView.cmd),
-            ?Info("!!! C#ddCmd.command : ~p", [C#ddCmd.command]),
-            ?Info("!!! Sess : ~p", [Sess]),
-            ?Info("!!! {ConnId, imem} : ~p", [{ConnId, imem}]),
-            ?Info("!!! SessPid : ~p", [SessPid]),
+            %?Info("!!! C#ddCmd.command : ~p", [C#ddCmd.command]),
+            %?Info("!!! Sess : ~p", [Sess]),
+            %?Info("!!! {ConnId, imem} : ~p", [{ConnId, imem}]),
+            %?Info("!!! SessPid : ~p", [SessPid]),
             Resp = process_query(C#ddCmd.command, Sess, {ConnId, imem}, SessPid),
             ?Debug("ddViews ~p~n~p", [C#ddCmd.command, Resp]),
             RespJson = jsx:encode([{<<"system_views">>,
@@ -671,6 +671,8 @@ process_cmd({[<<"restore_tables_as">>], BodyJson}, _Sess, _UserId, From, #priv{c
     Priv;
 process_cmd({[<<"term_diff">>], ReqBody}, Sess, _UserId, From, Priv, SessPid) ->
     [{<<"term_diff">>, BodyJson}] = ReqBody,
+    %?Info("process_cmd Priv=~p ReqBody=~p", [Priv, ReqBody]),
+    %?Info("process_cmd called with Sess ~p SessPid ~p", [Sess, SessPid]),
     % Can't be handled directly as SessPid is not given to gen_adapter.
     gen_adapter:term_diff(BodyJson, Sess, SessPid, From),
     Priv;

From 109f1f8d243098709091006ef2f716a6f9015c3d Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sat, 4 Jul 2020 23:30:15 +0200
Subject: [PATCH 66/72] removed tuple calls

---
 src/dderl_fsm.erl | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index e67598d9..f2d640f1 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -1858,13 +1858,11 @@ sort_distinct_count_rows([_ | XT], [_ | YT]) -> sort_distinct_count_rows(XT, YT)
 %% --------------------------------------------------------------------
 handle_info({StmtRef,{error,Reason}}, SN, State) ->
     %?Info("dderl_fsm:handle_info from ~p ~p",[StmtRef, {error,Reason}]),
-    Fsm = {?MODULE,self()},
-    Fsm:rows({StmtRef,{error,Reason}}),
+    dderl_fsm:rows(self(), {StmtRef,{error,Reason}}),
     {next_state, SN, State};
 handle_info({StmtRef,{Rows,Completed}}, SN, State) ->
     %?Info("dderl_fsm:handle_info from ~p Rows ~p completed ~p",[StmtRef, length(Rows), Completed]),
-    Fsm = {?MODULE,self()},
-    Fsm:rows({StmtRef,Rows,Completed}),
+    dderl_fsm:rows(self(), {StmtRef,{Rows,Completed}}),
     {next_state, SN, State};
 handle_info(cmd_stack_timeout, SN, #state{stack={button, <<"tail">>, RT}}=State)
     when SN =:= tailing; SN =:= passthrough ->

From 35b2671d4d39e3b3a41cc5be6ea88aa8a9ff37a0 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sat, 4 Jul 2020 23:31:56 +0200
Subject: [PATCH 67/72] handling StmtRef when they are different but the status
 is ok

---
 src/dderl_fsm.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index f2d640f1..b0852b12 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -411,7 +411,7 @@ fetch_close(StmtRef, #state{fetchResults=FetchResults, ctx = #ctx{stmtRefs=StmtR
     NewFetchResults = [fetch_close_if_open(StmtRef,P,S,F) || {P,S,F} <- lists:zip3(StmtRefs,FetchResults,Fcf)],
     State#state{pfc=0, fetchResults=NewFetchResults}.
 
-fetch_close_if_open(StmtRef, StmtRef, ok, FetchCloseFun) -> FetchCloseFun(), closed;
+fetch_close_if_open(_StmtRef1, _StmtRef2, ok, FetchCloseFun) -> FetchCloseFun(), closed;
 fetch_close_if_open(_StmtRef1, _StmtRef2, S, _FetchCloseFun) -> S.
 
 -spec fetch_tailing(pid(), #state{}) -> #state{}.

From fa2647b68a746bd528325429653c96b4d78d745a Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Thu, 9 Jul 2020 21:41:11 +0200
Subject: [PATCH 68/72] revert fsm change and implement parentFolderId check
 for fetch_src

---
 src/dderl_fsm.erl                   |  2 +-
 src/dperl/dperl_strategy_scr.erl    |  2 +-
 src/dperl/jobs/dpjob_office_365.erl | 27 +++++++++++++++++----------
 3 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/src/dderl_fsm.erl b/src/dderl_fsm.erl
index b0852b12..f2d640f1 100644
--- a/src/dderl_fsm.erl
+++ b/src/dderl_fsm.erl
@@ -411,7 +411,7 @@ fetch_close(StmtRef, #state{fetchResults=FetchResults, ctx = #ctx{stmtRefs=StmtR
     NewFetchResults = [fetch_close_if_open(StmtRef,P,S,F) || {P,S,F} <- lists:zip3(StmtRefs,FetchResults,Fcf)],
     State#state{pfc=0, fetchResults=NewFetchResults}.
 
-fetch_close_if_open(_StmtRef1, _StmtRef2, ok, FetchCloseFun) -> FetchCloseFun(), closed;
+fetch_close_if_open(StmtRef, StmtRef, ok, FetchCloseFun) -> FetchCloseFun(), closed;
 fetch_close_if_open(_StmtRef1, _StmtRef2, S, _FetchCloseFun) -> S.
 
 -spec fetch_tailing(pid(), #state{}) -> #state{}.
diff --git a/src/dperl/dperl_strategy_scr.erl b/src/dperl/dperl_strategy_scr.erl
index 07ee3503..8836a0b8 100644
--- a/src/dperl/dperl_strategy_scr.erl
+++ b/src/dperl/dperl_strategy_scr.erl
@@ -749,7 +749,7 @@ process_events([Key | Keys], Mod, State, ShouldLog, IsEqualFun, IsError) ->
         {S, D} ->                               % need to invoke is_equal()
             case IsEqualFun(Key, S, D) of
                 false ->
-                    ?Info("process_events diff detected key=~p~n~p~n~p",[Key, S, D]), 
+                    % ?Info("process_events diff detected key=~p~n~p~n~p",[Key, S, D]), 
                     execute_prov_fun("Updated", Mod, update_dst, [Key, S, State], ShouldLog, IsError);
                 true ->
                     Mod:report_status(Key, no_op, State),
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 73cb811d..59ded57c 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -128,6 +128,7 @@
                     , token                     :: token()          % access token binary
                     , apiUrl                    :: string()
                     , fetchUrl                  :: string()
+                    , remFolderId               :: remKey()         % user's default contact folder id
                     , remCache = []             :: remKVPs()        % filled at start of c/r cycle
                     , clBuffer = []             :: remKVPs() | remKVPs() % dirty buffer for one c/r cycle
                     , isConnected = true        :: boolean()        % fail unauthorized on first use
@@ -165,6 +166,8 @@
         , get_key_prefix/0
         , get_key_prefix/1
         , get_local_key/4
+        , exec_req/2        %% ToDo: Remove debugging export
+        , exec_req/4        %% ToDo: Remove debugging export
         ]).
 
 -spec get_auth_config() -> map().
@@ -239,7 +242,7 @@ remote_kvp(#{<<"id">>:=Id} = Value, Name) when is_map(Value) ->
 % by projecting out syncable attributes(content / meta)
 -spec local_kvp(remKey(), locVal(), jobName()) -> locKVP().
 local_kvp(Id, Value, Name) when is_map(Value) -> 
-    {Id, {maps:with(?CONTENT_ATTRIBUTES(Name), Value), maps:with(?META_ATTRIBUTES(Name), Value)}}.
+    {Id, {maps:with(?CONTENT_ATTRIBUTES(Name), Value), maps:get(Name, maps:get(<<"META">>, Value, #{}),#{})}}.
 
 -spec connect_check_src(#state{}) -> {ok,#state{}} | {error,any()} | {error,any(), #state{}}.
 connect_check_src(#state{isConnected=true} = State) ->
@@ -289,7 +292,7 @@ do_refresh(_State, _BulkSize) -> {error, cleanup_only}. % using cleanup/refresh
 -spec fetch_src(remKey(), #state{}) -> ?NOT_FOUND | {remVal(), remMeta()}.
 % fetch_src(Key, #state{channel=Channel, type=push}) ->
 %     dperl_dal:read_channel(Channel, Key);
-fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token} = State) -> 
+fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token, remFolderId=RemFolderId} = State) -> 
     ContactUrl = ApiUrl ++ binary_to_list(Id),
     ?JTrace("Fetching contact with url : ~s", [ContactUrl]),
     %?Info("Fetching contact with url : ~s", [ContactUrl]),
@@ -297,9 +300,11 @@ fetch_src(Id, #state{name=Name, type=pull, apiUrl=ApiUrl, token=Token} = State)
         {error, unauthorized} ->        reconnect_exec(State, fetch_src, [Id]);
         {error, ?NOT_FOUND} ->          ?NOT_FOUND;
         {error, Error} ->               {error, Error, State};
-        #{<<"id">> := _} = RemVal ->    
-            %?Info("Fetched contact ~p   ", [RemVal]),
-            remote_kvp(RemVal, Name);
+        #{<<"id">>:=_} = RemVal when RemFolderId == undefined -> 
+                                        ?Info("fetch_src unexpected RemFolderId in state"),   
+                                        remote_kvp(RemVal, Name);
+        #{<<"id">>:=_, <<"parentFolderId">>:=RemFolderId} = RemVal ->    
+                                        remote_kvp(RemVal, Name);
         _ ->                            ?NOT_FOUND
     end.
 
@@ -491,15 +496,17 @@ load_src_after_key(CurKVP, BlkCount, #state{ name=Name, type=pull, token=Token
         {error, Error} ->           {error, Error, State};
         #{<<"@odata.nextLink">> := NextUrl, <<"value">> := RemVals} ->
             KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
-            ?JTrace("Fetched contacts : ~p", [length(KVPs)]),
+            #{<<"parentFolderId">>:=FolderId} = hd(RemVals),
+            ?JTrace("Fetched contacts : ~p for folder ~p", [length(KVPs), FolderId]),
             load_src_after_key( CurKVP, BlkCount, 
-                                State#state{ fetchUrl=NextUrl, remCache=[KVPs|RemCache]});
+                State#state{remFolderId=FolderId, fetchUrl=NextUrl, remCache=[KVPs|RemCache]});
         #{<<"value">> := RemVals} ->        % may be an empty list
             KVPs = [remote_kvp(RemVal, Name) || RemVal <- RemVals],
-            ?JTrace("Last fetched contacts : ~p", [length(KVPs)]),
+            #{<<"parentFolderId">>:=FolderId} = hd(RemVals),
+            ?JTrace("Last fetched contacts : ~p for folder ~p", [length(KVPs), FolderId]),
             SortedRemKVPs = lists:keysort(1, lists:append(RemCache, KVPs)),
             load_src_after_key( CurKVP, BlkCount, 
-                                State#state{ fetchUrl=cached, remCache=SortedRemKVPs})
+                State#state{remFolderId=FolderId, fetchUrl=cached, remCache=SortedRemKVPs})
     end.
 
 -spec reconnect_exec(#state{}, fun(), list()) -> 
@@ -626,7 +633,7 @@ exec_req(Url, Token, Body, Method) ->
             % update/patch result
             imem_json:decode(list_to_binary(Result), [return_maps]);
         {ok, {{_, 204, _}, _, _}} ->
-            % delete result
+            % delete or put result
             ok;
         {ok, {{_, 401, _}, _, Error}} ->
             ?JError("Unauthorized body : ~s", [Error]),

From 276e0175282abf1c2a8896508c17ee2117a517e4 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Sat, 11 Jul 2020 14:44:53 +0200
Subject: [PATCH 69/72] using the correct pid if rows fun

---
 src/dderl_diff.erl | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/dderl_diff.erl b/src/dderl_diff.erl
index 11c76734..c757b264 100644
--- a/src/dderl_diff.erl
+++ b/src/dderl_diff.erl
@@ -44,8 +44,9 @@ term_diff(Sess, SessPid, LeftType, LeftValue, RightType, RightValue) ->
 get_fsmctx(Result) ->
     % <<Id:32>> = crypto:strong_rand_bytes(4),
     RowCols = get_columns(),
+    Pid = self(),
     FullMap = build_full_map(RowCols),
-    #fsmctxs{stmtRefs       = [self()]
+    #fsmctxs{stmtRefs       = [Pid]
             ,stmtTables     = [<<"term_diff">>]
             ,rowCols        = RowCols
             ,rowFun         = get_rowfun()
@@ -58,7 +59,7 @@ get_fsmctx(Result) ->
                 [fun(_Opts, _Count) ->
                     Rows = [{{}, {RowId, Left, Cmp, Right}} || {ddTermDiff, RowId, Left, Cmp, Right} <- Result],
                     % This seems hackish but we don't want to keep a process here.
-                    dderl_fsm:rows(self(), {self(), {Rows, true}})
+                    dderl_fsm:rows(self(), {Pid, {Rows, true}})
                 end]
             ,fetch_close_funs = [fun() -> ok end]
             ,stmt_close_funs  = [fun() -> ok end]

From 315b15e0350b8c5a91ee3f350fcc1af46470ce19 Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Thu, 16 Jul 2020 22:55:22 +0200
Subject: [PATCH 70/72] fixes for write_no_audit

---
 src/dperl/dperl_dal.erl             |  2 +-
 src/dperl/jobs/dpjob_office_365.erl | 11 ++++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/dperl/dperl_dal.erl b/src/dperl/dperl_dal.erl
index 8bc01da8..98ad560b 100644
--- a/src/dperl/dperl_dal.erl
+++ b/src/dperl/dperl_dal.erl
@@ -122,7 +122,7 @@ write_channel(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
 
 -spec write_channel_no_audit(binary(), any(), any()) -> ok | {error, any()}.
 write_channel_no_audit(Channel, Key, Val) when is_map(Val); byte_size(Val) > 0 ->
-   case catch imem_dal_skvh:write(system, Channel, Key, Val) of
+   case catch imem_dal_skvh:write_no_audit(system, Channel, Key, Val) of
        Res when is_map(Res) -> ok;
        {'EXIT', Error} -> {error, Error};
        {error, Error} -> {error, Error};
diff --git a/src/dperl/jobs/dpjob_office_365.erl b/src/dperl/jobs/dpjob_office_365.erl
index 59ded57c..c6a7bf02 100644
--- a/src/dperl/jobs/dpjob_office_365.erl
+++ b/src/dperl/jobs/dpjob_office_365.erl
@@ -381,15 +381,16 @@ update_dst(Id, {Id, {Value,Meta}}, #state{ name=Name, channel=Channel, keyPrefix
         ?NOT_FOUND ->   
             ?JError("update_dst key ~p not found for remote id ~p", [Key, Id]),
             {true, State};
-        #{<<"META">> := OldMeta} = OldVal ->
+        #{<<"META">> := OldMeta} = OldValMeta ->
             NewMeta = maps:merge(OldMeta, #{Name => Meta}),
-            AllVal = maps:merge(Template, OldVal),
+            AllVal = maps:merge(Template, OldValMeta),
             NewVal = maps:merge(AllVal, Value),
-            case update_local(Channel, Key, OldVal, NewVal, NewMeta) of 
+            case update_local(Channel, Key, maps:without([<<"META">>], OldValMeta), 
+                              maps:without([<<"META">>], NewVal), NewMeta) of 
                 ok ->
                     {false, State};
-                {error, _Error} ->
-                    ?JError("update_dst cannot update key ~p to ~p", [Key, NewVal]),   
+                {error, Error} ->
+                    ?JError("update_dst cannot update key ~p to ~p with error ~p", [Key, NewVal, Error]),   
                     {true, State}
             end 
     end.

From 86cf7c391c48270ea8066d6a23b3c4fecb5b59da Mon Sep 17 00:00:00 2001
From: stoch <ochsenbein@bluewin.ch>
Date: Tue, 28 Jul 2020 18:44:26 +0200
Subject: [PATCH 71/72] fix typo in logging

---
 src/dderl_oauth.erl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dderl_oauth.erl b/src/dderl_oauth.erl
index 4424cb38..88e7c93c 100644
--- a/src/dderl_oauth.erl
+++ b/src/dderl_oauth.erl
@@ -38,7 +38,7 @@ get_access_token(AccountId, TokenPrefix, Code, SyncMod) ->
         SyncMod:get_auth_config() % ToDo: AuthConfig may depend on JobName or TokenPrefix
     catch 
         _:E:S ->
-            ?Error("Finding AuthConfig : ~p ñ~p", [E,S]),
+            ?Error("Finding AuthConfig : ~p~n~p", [E,S]),
             {error, E}
     end,
     %?Info("get_access_token AuthConfig: ~p",[AuthConfig]),

From 822d9dbf82640c210a4a8e03eb9960fce66e31d3 Mon Sep 17 00:00:00 2001
From: shamis <shamis657@gmail.com>
Date: Mon, 5 Jul 2021 20:27:41 +0200
Subject: [PATCH 72/72] dperl_graph2 merged with master resolved conflicts

---
 .gitignore                                  |   1 +
 BUILD.md                                    | 205 ++++++
 LICENSE                                     | 258 ++-----
 README.md                                   |  34 +-
 config/shell.config                         |   8 +
 docker-compose.yml                          |  30 +
 priv/.BUILD_images/Connect.png              | Bin 0 -> 34016 bytes
 priv/.BUILD_images/Login.png                | Bin 0 -> 17361 bytes
 priv/.BUILD_images/Result.png               | Bin 0 -> 24026 bytes
 priv/.BUILD_images/compose_up.png           | Bin 0 -> 8136 bytes
 priv/.BUILD_images/docker_exec.png          | Bin 0 -> 12758 bytes
 priv/.BUILD_images/git_clone.png            | Bin 0 -> 21588 bytes
 priv/.BUILD_images/ping.png                 | Bin 0 -> 16848 bytes
 priv/.BUILD_images/rebar3_shell_end.png     | Bin 0 -> 34875 bytes
 priv/.BUILD_images/rebar3_shell_start.png   | Bin 0 -> 88661 bytes
 priv/.BUILD_images/sqlplus_1.png            | Bin 0 -> 13172 bytes
 priv/.BUILD_images/sqlplus_2.png            | Bin 0 -> 21840 bytes
 priv/.BUILD_images/start_oracle_db.png      | Bin 0 -> 26713 bytes
 priv/.BUILD_images/yarn_end.png             | Bin 0 -> 62231 bytes
 priv/.BUILD_images/yarn_start.png           | Bin 0 -> 43776 bytes
 priv/dev/static/index.html                  |   1 +
 priv/dev/static/index.js                    |   3 +-
 priv/dev/static/scripts/dderl.js            |  22 +-
 priv/dev/static/scripts/login.js            | 133 +++-
 rebar.config                                |  18 +-
 src/dderl.app.src                           |   1 +
 src/dderl.erl                               |  18 +-
 src/dderl.hrl                               |  21 +
 src/dderl_dal.erl                           |  63 ++
 src/dderl_resource.erl                      |   2 +-
 src/dderl_saml_handler.erl                  |   3 +-
 src/dderl_session.erl                       |  35 +-
 src/dderlodpi.erl                           |  44 +-
 src/dperl/README.md                         | 190 ++++++
 src/dperl/jobs/dperl_ouraring_crawl.erl     | 350 ++++++++++
 src/dperl/services/dperl_service_oracle.erl | 703 ++++++++++++++++++++
 src/dperl/services/dperl_service_oracle.hrl | 215 ++++++
 test.escript                                |  28 +
 38 files changed, 2134 insertions(+), 252 deletions(-)
 create mode 100644 BUILD.md
 create mode 100644 docker-compose.yml
 create mode 100644 priv/.BUILD_images/Connect.png
 create mode 100644 priv/.BUILD_images/Login.png
 create mode 100644 priv/.BUILD_images/Result.png
 create mode 100644 priv/.BUILD_images/compose_up.png
 create mode 100644 priv/.BUILD_images/docker_exec.png
 create mode 100644 priv/.BUILD_images/git_clone.png
 create mode 100644 priv/.BUILD_images/ping.png
 create mode 100644 priv/.BUILD_images/rebar3_shell_end.png
 create mode 100644 priv/.BUILD_images/rebar3_shell_start.png
 create mode 100644 priv/.BUILD_images/sqlplus_1.png
 create mode 100644 priv/.BUILD_images/sqlplus_2.png
 create mode 100644 priv/.BUILD_images/start_oracle_db.png
 create mode 100644 priv/.BUILD_images/yarn_end.png
 create mode 100644 priv/.BUILD_images/yarn_start.png
 create mode 100644 src/dperl/README.md
 create mode 100644 src/dperl/jobs/dperl_ouraring_crawl.erl
 create mode 100644 src/dperl/services/dperl_service_oracle.erl
 create mode 100644 src/dperl/services/dperl_service_oracle.hrl
 create mode 100644 test.escript

diff --git a/.gitignore b/.gitignore
index 90c06f7d..399e2535 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,3 +23,4 @@ node_modules/
 priv/swagger/yarn.*
 .rebar3/
 /dderl.dderl1@127.0.0.1/
+.idea
diff --git a/BUILD.md b/BUILD.md
new file mode 100644
index 00000000..a87e3691
--- /dev/null
+++ b/BUILD.md
@@ -0,0 +1,205 @@
+Buidling DDErl.
+=====
+``
+## Table of Contents
+
+**[1. Prerequisites](#prerequisites)**<br>
+**[2. Building DDErl](#buildinf_dderl)**<br>
+**[2.1 Building On Operating System Level](#building_on_operating_system_level)**<br>
+**[2.2 Building Using Docker Containers](#building_using_docker_containers)**<br>
+
+----
+
+## <a name="prerequisites"></a> 1. Prerequisites
+
+Building DDErl is only supported for Unix and similar systems.
+All instructions have been tested with Ubuntu 20.04 (Focal Fossa). 
+
+The following software components are required in addition to a Unix operating system:
+
+| Component | From Version  | Source                                             |
+| --------- | ------------- | ---------------------------------------------------|
+| Erlang    | 23.3.1        | https://erlang.org/download/otp_versions_tree.html |
+| gcc       | 10.2.0        | https://gcc.gnu.org/                               |
+| git       | 2.31.1        | https://git-scm.com/                               | 
+| GNU make  | 4.3           | https://www.gnu.org/software/make/                 |
+| rebar3    | V3.14.3       | https://www.rebar3.org/                            |
+| Yarn      | 1.22.10       | https://github.com/yarnpkg/yarn                    |
+
+## <a name="buildinf_dderl"></a> 2. Building DDErl
+
+The build process can either be done directly on the operating system level or based on the DDErl development image.
+For the former, all the software components mentioned under section 1 must be installed, for the latter they are already pre-installed in the image.
+In addition, a Docker compose script is available that combines the DDErl development image with an empty Oracle database. 
+This can be used as an easily customizable template.
+
+## <a name="building_on_operating_system_level"></a> 2.1 Building On Operating System Level
+
+### 2.1.1 Download the DDErl repository from GitHub
+
+    git clone https://github.com/KonnexionsGmbH/dderl
+
+### 2.1.2 Change to the DDErl directory
+
+    cd dderl
+
+### 2.1.3 Create the frontend to `DDErl`
+
+    cd priv/dev
+    yarn install-build-prod
+
+### 2.1.4 Build alternatively
+
+#### Either backend and frontend:
+
+    rebar3 as ui compile
+
+#### or backend only:
+
+    rebar3 compile
+
+#### or frontend only:
+
+    bash ./build_fe.sh
+
+## <a name="building_using_docker_containers"></a> 2.2 Building Using Docker Containers
+
+The use of DDErl development image makes the build process independent of the host operating system.
+The only requirement is the installation of Docker Desktop and possibly Docker Compose (Unix operating systems).
+The following instructions demonstrate how to use the Docker compose script. 
+
+### 2.2.1. Building DDErl with Docker Compose in the DDErl root directory
+
+This command installs an executable DDErl:
+
+    docker-compose up -d
+    
+**Sample output:**    
+    
+![](priv/.BUILD_images/compose_up.png)
+
+The following processing steps are performed:
+1. If not already there, download the Oracle database image and create the container `dderl_db_ora` with an Oracle database (currently 19c).
+2. If not yet available, download the Konnexion development image and create the corresponding container `dderl_dev`.
+3. Both containers are assigned to network `dderl_default`.
+4. After the database is ready, the schema `scott` is created with the password `regit` (only with a new database container). 
+5. The repository `https://github.com/KonnexionsGmbH/dderl` is downloaded from Github (only with a new development container).
+6. The frontend to `DDErl` is created (only with a new development container).
+7. `DDErl` is compiled and started.
+   
+### 2.2.2. Building DDErl manually
+
+#### 2.2.2.1 Start the Oracle database container:
+
+##### If the network is not yet existing:
+
+    docker network create dderl_default
+
+##### If the oracle database container is not yet existing:
+
+    docker create --shm-size 1G --name dderl_db_ora --network dderl_default -p 1521:1521/tcp -e ORACLE_PWD=oracle konnexionsgmbh/db_19_3_ee
+
+##### Start the Oracle database container:
+
+    docker start dderl_db_ora
+
+**Sample output:**
+
+![](priv/.BUILD_images/start_oracle_db.png)
+
+#### 2.2.2.2 Start and enter the DDErl development container
+
+##### If the DDErl development container is not yet existing:
+
+    docker create --name dderl_dev --network dderl_default -p 8443:8443 -t konnexionsgmbh/dderl_dev:latest
+
+##### Start the DDErl development container:
+
+    docker start dderl_dev
+
+##### Enter the DDErl development container:
+
+    docker exec -it dderl_dev bash
+    
+**Sample output:**    
+    
+![](priv/.BUILD_images/docker_exec.png)    
+
+Inside the  development container `dderl_dev` the database container `dderl_db_ora` can be addressed with the `dderl_db_ora` as hostname:  
+
+    ping dderl_db_ora
+
+![](priv/.BUILD_images/ping.png)
+
+#### 2.2.2.3 Optionally the database can be set up
+    
+    sqlplus sys/oracle@dderl_db_ora:1521/orclpdb1 as sysdba
+    
+![](priv/.BUILD_images/sqlplus_1.png)
+    
+    create user scott identified by regit;
+    grant alter system to scott;
+    grant create session to scott;
+    grant unlimited tablespace to scott;
+    grant create table to scott;
+    grant create view to scott;
+    exit
+
+![](priv/.BUILD_images/sqlplus_2.png) 
+
+#### 2.2.2.4 Next you need to download the DDErl repository from GitHub
+
+    git clone https://github.com/KonnexionsGmbH/dderl
+    cd dderl
+    
+**Sample output:**   
+ 
+![](priv/.BUILD_images/git_clone.png)
+
+#### 2.2.2.5 Then the frontend to `DDErl` has to be created
+
+    ./build_fe.sh
+    
+**Sample output - start:**    
+    
+![](priv/.BUILD_images/yarn_start.png)    
+    
+**Sample output - end:**    
+    
+![](priv/.BUILD_images/yarn_end.png)
+
+#### 2.2.2.6 Now you can either execute one of the commands from section 2.1 point 4 or start DDErl directly with `rebar3 shell`
+
+    rebar3 shell
+    
+**Sample output - start:**    
+    
+![](priv/.BUILD_images/rebar3_shell_start.png)
+
+**Sample output - end:**    
+    
+![](priv/.BUILD_images/rebar3_shell_end.png)
+
+### 2.2.3 Finally DDErl is ready and can be operated via a Browser
+
+#### Login screen:
+
+![](priv/.BUILD_images/Login.png)
+
+User: `system` Password: `change_on_install`
+
+#### Database connection:
+
+|           |                     |
+| ---       | ---                 |
+| Service   | **`orclpdb1`**      |
+| Host / IP | **`ddeerl_db_ora`** |
+| Port      | **`1521`**          |
+| User      | **`scott`**         |
+| Password  | **`regit`**         |
+
+![](priv/.BUILD_images/Connect.png)
+
+##### Start browsing:
+
+![](priv/.BUILD_images/Result.png)
diff --git a/LICENSE b/LICENSE
index 8dada3ed..8dbc22c2 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,201 +1,65 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
+                           Konnexions Public License (KX-PL)
+                               Version 2020.05, May 2020
+https://github.com/KonnexionsGmbH/shared_resources/blob/master/License/KX-PL-2020.05.pdf
 
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+   This license governs use of the accompanying software. If you use the software, you
+   accept this license. If you do not accept the license, do not use the software.
 
    1. Definitions.
 
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "{}"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright {yyyy} {name of copyright owner}
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
+      The terms "reproduce", "reproduction", "derivative works", and "distribution"
+      have the same meaning here as under U.S. copyright law.
+
+      A "contribution" is the original software, or any additions or changes to the
+      software.
+
+      A "contributor" is any person that distributes its contribution under this
+      license.
+
+      "Licensed patents" are a contributor's patent claims that read directly on its
+      contribution.
+
+   2. Grant of Rights
+
+      (a)  Copyright Grant- Subject to the terms of this license, including the license
+           conditions and limitations in section 3, each contributor grants you a non-
+           exclusive, worldwide, royalty-free copyright license to reproduce its
+           contribution, prepare derivative works of its contribution, and distribute
+           its contribution or any derivative works that you create.
+
+      (b)  Patent Grant- Subject to the terms of this license, including the license
+           conditions and limitations in section 3, each contributor grants you a non-
+           exclusive, worldwide, royalty-free license under its licensed patents to
+           make, have made, use, sell, offer for sale, import, and/or otherwise dispose
+           of its contribution in the software or derivative works of the contribution
+           in the software.
+
+   3. Conditions and Limitations
+
+      (a)  No Trademark License- This license does not grant you rights to use any
+           contributors' name, logo, or trademarks.
+
+      (b)  If you bring a patent claim against any contributor over patents that you
+           claim are infringed by the software, your patent license from such
+           contributor to the software ends automatically.0
+
+      (c)  If you distribute any portion of the software, you must retain all copyright,
+           patent, trademark, and attribution notices that are present in the software.
+
+      (d)  If you distribute any portion of the software in source code form, you may do
+           so only under this license by including a complete copy of this license with
+           your distribution. If you distribute any portion of the software in compiled
+           or object code form, you may only do so under a license that complies with
+           this license.
+
+      (e)  The software is licensed "as-is." You bear the risk of using it. The
+           contributors give no express warranties, guarantees or conditions. You may
+           have additional consumer rights under your local laws which this license
+           cannot change. To the extent permitted under your local laws, the
+           contributors exclude the implied warranties of merchantability, fitness for a
+           particular purpose and non-infringement.
+
+      (f)  Source code usage under this License is limited to review, compilation and
+           contributions. Contributions to Konnexions software products under this
+           License may only be made in consultation with Konnexions GmbH and through the
+           appropriate Konnexions software repositories.
diff --git a/README.md b/README.md
index 959bd025..d5e25f84 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,23 @@
 DDErl: Data Discovery Tool.
 =====
 
-### Build
-1. Build backend and frontend `rebar3 as ui compile`
-1. Build backend only `rebar3 compile`
-1. Build frontend only `bash ./build_fe.sh`
-### Start Console
-1. `rebar3 shell` or `ESCRIPT_EMULATOR=werl rebar3 shell` (for GUI in windows) or `ERL_FLAGS="-proto_dist imem_inet_tcp" rebar3 shell` (to start with imem_inet_tcp as proto_dist)
-1. go to https://127.0.0.1:8443/dderl in your browser
-### Features
+![Travis (.com)](https://img.shields.io/travis/com/KonnexionsGmbH/dderl.svg?branch=master)
+![GitHub release](https://img.shields.io/github/release/KonnexionsGmbH/dderl.svg)
+![GitHub Release Date](https://img.shields.io/github/release-date/KonnexionsGmbH/dderl.svg)
+![GitHub commits since latest release](https://img.shields.io/github/commits-since/KonnexionsGmbH/dderl/3.9.7.svg)
+----
+
+#### Table of Contents
+
+**[Features](#features)**<br>
+**[Start Console](#start_console)**<br>
+**[Certificates](#certificates)**<br>
+**[Building DDErl](BUILD.md)**<br>
+
+----
+
+## <a name="features"></a> Features
+
 1. Browse mnesia and oracle tables in the browser
 1. Add and update data
 1. Import and Export data
@@ -28,7 +37,13 @@ DDErl: Data Discovery Tool.
 1. Connect to other imem server over TCP with SSL
 1. CSV file parsing
 
-### Certificates
+## <a name="start_console"></a> Start Console
+
+1. `rebar3 shell` or `ESCRIPT_EMULATOR=werl rebar3 shell` (for GUI in windows) or `ERL_FLAGS="-proto_dist imem_inet_tcp" rebar3 shell` (to start with imem_inet_tcp as proto_dist)
+1. go to https://127.0.0.1:8443/dderl in your browser
+
+## <a name="certificates"></a> Certificates
+
 DDErl runs on SSL. A default certificate/key pair is [supplied](https://bitbucket.org/konnexions/dderl/src/master/priv/certs/). This, however can be changed either by replacing these files at installation or modifying configuration in `ddConfig` table (`[{dderl,dderl,dderlSslOpts}]`). A sample configuration is given below:
 ```erlang
 [{cert,<<48,...,107>>},
@@ -47,4 +62,3 @@ To convert a PEM crt/key files to DER (accepted by erlang SSL binary certificate
 > public_key:pem_decode(PemKey).              
 [{'RSAPrivateKey',<<48,130,2,92,2,1,0,2,129,129,0,160,95,...>>,not_encrypted}]
 ```
-
diff --git a/config/shell.config b/config/shell.config
index 5b37d66b..9c672dc0 100644
--- a/config/shell.config
+++ b/config/shell.config
@@ -16,6 +16,14 @@
       {tcp_port, 1236}
   ]},
 
+%% WAX config
+  {wax, [
+      {rp_id, auto},
+      {metadata_update_interval, 3600},
+      {metadata_access_token, <<"a21179872212686e4b126a7448085e796cbf1eaf1ec5ca7e">>},
+      {allowed_attestation_types, [basic, uncertain, attca, self]}
+  ]},
+
   {lager, [
     {handlers, [
       {lager_console_backend, [
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..bd348600
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,30 @@
+version: '3.8'
+
+services:
+  db:
+    container_name: dderl_db_ora
+    environment:
+      ORACLE_PWD: oracle
+    image: konnexionsgmbh/db_19_3_ee:latest
+    ports:
+      - "1521:1521"
+    
+  dev:
+    command: /bin/bash -c "
+        while [ `docker inspect -f {{.State.Health.Status}} dderl_db_ora` != 'healthy' ];
+          do docker ps --filter 'name=dderl_db_ora';
+          sleep 30;
+        done
+        && sqlplus sys/oracle@dderl_db_ora:1521/orclpdb1 as sysdba @/usr/opt/dderl/run_db_setup.sql
+        && ./usr/opt/dderl/run_application_setup.sh
+      "
+    container_name: dderl_dev
+    depends_on:
+      - db
+    image: konnexionsgmbh/dderl_dev:latest
+    ports:
+      - "8443:8443"
+    tty: true
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+#     - ./Transfer:/Transfer                           # Example: (create and) use the directory `Transfer`
diff --git a/priv/.BUILD_images/Connect.png b/priv/.BUILD_images/Connect.png
new file mode 100644
index 0000000000000000000000000000000000000000..e92c3ced143073f499b1674ae1596abf73995c73
GIT binary patch
literal 34016
zcmbrlbyOTr6g8OO!F_NI!CeCb1Sd#<;BFy62<|e2yM+XI2@>2L28ZD8HV~X)aEDob
z`|a7Y-`PETzCHWL^mJF9>bkGH>eYR>Uqz~aQozBaz<l-U70yRR+0U<Dy$*f#3W*#8
z?WN?SBO~nP@3re^1?g9n<5UMP7bw<Js#33B)x={xnxnp4zj0F3cYXB=xA(u_>p{no
zFRxyOxPO$D((*EaWxX-d(ta59AKpTGn@jg@3n{-SDU~(Jm-II*VcD*;(4x$KK12O!
z1?&67s1K37sX%?xXJr2VS!w>iJz8c)8gHa|K3HiW_F7y|vc!5vdAeR915G6rPTudW
zi|u9mj^Bw-y!YH~eD6|z%t01rP9{I8^KA9s2`TE!VE`o>sh0=4pgX^d2fNp%n&sul
zL-BZ-fUKpHm0*b7>(yMxx%AUq!zqBMnC%~FZ~fO8i`*!rXqk}^x$f6-DcOmJ*fT!1
z$ih2SZTQH9D5RmuZ=!>c-7bz;n#hW-YF#&Y<?t~`!;-N!rYOv$%*Ys#eIE*<78VSE
z9GEYC#e}J9i1=QY6TU!7oezG8nanU*q)N&3AC3xiRbmdg0Pz=~sq^7u#qnBF>Y@1!
zn0+nJCN9zDsad{QNzC!HU23!qz;AwU8ybAEu4SP|o*Qx*!%FqGE2Q>v>PLszPbAQC
ze62%1YEh5Ac>l*hL}3wwq$I6w99f`UK|a3gg7NS(_KcC4hRxmVKC50YY|`B8IXlur
z(q3b0Ck0obA2ryiRl$>K{bw~ZrY#&&g&`e^A9fyv*<Z#Wb^2|?gdkEW;gdgPrIn<r
z^CsIxMNCc2YQr3062S?1D*DZ<;u<KIw==WrWd4WmUW`vw)?)MG#KKJvLSU~nl34Hm
zDXE~k6w_+mWZ!Ad%WI;uPA)Q7T*K@9q)mghQv59oMn`ZkiF2-$|3jtmZE-!ZgoFgy
zG=%n<AI?O@$<fC+Q(WK(Ur)X1M!#iZESU2(SGg#V$me+&C)YdOVB#BSW}5?|jsz;j
z`kt(!A{25$3{MD{z`$loTocmBZTsbXn=u2e#~S62Hy9^zr#Bk|?`6=~&vxU)HPnk^
zEC%8SjWvtZk#y|WV-^71I_L0gAo)T(gep9Kw|lJ@`E_UKzSH>o+ljKOtrXabK5?o%
z^zvYag@xtA4<3{6&X@ZdC}?OsV`I0Pq>Ux<EUSJ`D1LX4x&Lt4+nP<ID-Q)b0i<&Q
zA-@s;+qdEHZbXg3q!<{N>+xFI?fK>lQx)G0Pi@ggG?DL3Mpjb`ny(vSc0dL`k{a)(
zuls(0DR?6gmDa!fpRu?H$2((hCN?&<sR}#YThGG~T#K9uor=#W(8r5$&FebV*U!Qi
zxR2bX@?+I0))|jg@Gh7sV2EtSAlJS8$T6yW-V~g`y8C^pl|;C2wH!l1HNwQaAxDHT
zal7KTt5d~fG8za}9paJC%BYP$j&i$wON0nC1o$(3YWDWco2WyePh6n0I1`4gHmz$k
z+Ph*)0wvHEIxdQ1GV1oISG+5G()g{N3{cL=o+ZFkRerYwZ0u}2)sCjC?`;W(hewh?
zY_bO7*RV5Kk*XKGZUTR@g`Xx%!Z<tBoFds_t=0UQvTFMoowoEHHnIO^-g~7^akU^@
zahuMZQo`g(QKSm`l0-Svz|u|EhNrp7`7*}VH6iU2rteGt9KT(XI$c}HQr*99<GjFx
z^zMbrnuwPZTBG`w+%Z{9`on&ysq1N>&^kJ<`X5!;Foy)KdU(>;OYCI^d+L^Vm3{oU
zzfcA+0bgpMU`zy>Q$(8sOpR2@_PP66v(BlzYyD^6&E9z7#uC*ZFp_}Yp-xEhHON`z
z``xOyXlH#Y;Ob3_qfUf1GJnb!une!YkKd$0KkL64{4%OIRds|9{F)il!Zln_9MmBB
z6mrE-4_NOqMm!7qL<d5CmttD4t!d0vQWJ)d`L(zd*1{u)mD)MmL&b7HI*}PQPt+)=
zH+*4DGgkS1CfR&hZ!cuM?AmzeM2s&v*FVSo<$1?fK}vDE;rApchw+n?`%eSiY}f-l
zuKyopl@L~l6$NatnRHGka@O{(Hu3Vv;3sW1->{*IL$CYW+$@N#!NF}&&Q7wuPdsU`
z|FRD8Uy)O0opy>Kg6{V`lmi}|T~||<vCuQ(7DSF7RmUq|H}B}!qqTvjjX70G{ei3i
z(Ip+7uf$_V3h@K>ds*o5t41iviMdCTh}<z#fAb?pNOwmC<+88O)+Ds|)@l%!3jZNB
z0m1125kiJLY{a)45pezOH~xeBk2UC2<Okh_3k0bWgbo>AP4snjW-Z*Hq}NQHA3Zhi
z#TT<gGXY;|?>Nd}An_uy-f|e%OmpBT+t$-=8`#)k`oIH%SdC9uYgQ-t^epUYIn}{t
z#P4oW!*~3L>m?WHJ;ymQbUzgqMZO00>iJ!*i867Jci>(u5D&X@3>pc-8!}E|%p1^D
z7x3Dd&UV~?Bj?1Tni;&<h~s;6ER{pVJXu(R@yrl{)vefZ@u|GcQD}bM6;DX~5+9t-
zk4{PJr~Y0(Sau5ra02DV;6-+~X}GMI(6~6WxZ|8q<ojR>Z=%u{hyP=6yIkRI9%}x}
zGn}X~{gdf-q8E?dpL2oiThISA%nY~G!3R7$UrU?elIr%ff?60y&5x<JY(sm~ie(SB
zQpYm>y$Wj)Nt7N@FzLtB11Te+zW6Z5VXgCcYEg_wM<IviZ<&N&+pn?suoaSkoAPg0
zc|R;ktoUPBJ`1AzPc@!+G3gCZV_)Z@eq}fe!s2OGqa`LL-8z7G_I~vA%yf2@DIAhy
zl-|Roc5*2Gw9f|oL+9v-;^UpS@_vtHu=F2ot$2qe_r#D<`R8^N!FFpx{IG=m1$+zZ
z@sh@YO^o^bh=RP%L06kh^=;{kKT^of^DCF-;P8sWK3VrTM6<rWGM$ZmxAjoyut)4A
z1hvjpvZr+oVy1Zt;T;!1F66z<<F2u|!YgvJR*iQP0=~_crRCj}B%xMi3xvIYuXlSf
zacaLoV?B|n5mK^sX`864O^zs)>bpWQalvtNtQCR<!~QN4Cv*Vm$i(w^p`75^#G2rj
zS$l5?FgG(05`uW=N1=$@x><~3q+z<L=$8Q#e(%~nBqeX{hvy7;1aJwP1bc}4YOScz
z_W4_=EnoL;YFO8pjVtd<C>cCONs!-M;G6_*m>{Tp6WyY7kH0d}kVSQyRxQLW)tQHS
zbS|T`4Lxobe=>Jd#CUdJvQqLp8;D&@PeFHlSwMNye+Nq&(lgwf$!`jJ9l)?v5~KU2
zB+)a9B93?HUoCJyV*=KEYceGW&3Bthc67;7NwGn^WApiZ{d4_$z^SixVax3pv)5L%
z&H^ZC9u4W^-3>w4`~c!9MB(0%_Wp=npr<6tO|L@IZ6s7C;pW)V>FB$_fm%uuv}=ZY
zYmwQM%{l&LFW>ZB!DeIRI$r>!X8!bx8ySzutem#r)BNu*bm!hW4fXssz*Z6Mpv4{a
z09=B&B39v;awXB;VvBvlQr_Qrbnb}PVn-Z9_w(4cKHNC))-e%VrTrSMJm|nLZkk__
zHTFLwm#(Dz^07S^DW-8fQJ5-Emzs~A{*ny$m)+JgMXZvko(8jjMCX1NBQ7RJIKym3
zGVfw{sr410C-d`U|C-X%l0)BN`Vi2~HnS1Z_&-K=4d%>+K)r70j@!PF#bHI?+%8|0
zjILJv{zZ2QhO6Gn8s+w7h;_8;r;Yr)_43ZU?0cg^MAL(%YZB=~|7r>G7;H$&J>X2A
z$UhL*kBFs-<%53w!BR4#%Ep1I;=0`=uAoP3AR+`v*Piw2?|L3GJjGOEHVLd-r=B`+
zqCsQ!4~~dWfj-J85Uh7la-~X;$aLP<_hU$_-o8=m?wui8hpn*B$Q1Tyia?YBqft>o
zDflr~kjEf5=ugkf)5*@67cROztaU-GB{c~|A88IK`n7ER9Ep1{(9e3$`CBu1Tyvh*
zfTCjp#?eF;_IDAKDjrJuDPt9){EZW{B2r?lZHP0>yb(Sw7#T#2R%Dg8rr~}cVNMoi
z+wns1SSFUS49be}DX8dPTHm=Z&|kk;Gbh`9?q~-Ht)_XLGYivLy55r_{qLqSs0fyP
zvjh6f_n_t5rle@;jUSc&aZghZnis+dwaL%*Mk^K3i|9GvAMmnc1csObdwAFkJx{Fv
ztDRA}tWfAlE}k@y%QKyD_^%;n6iYoX(F>|6c`r2ig@FHHT~&|r|Hr%k2O~!Nf1>37
zt5r||jm0`<EJUk2MI1HzPgb0f>lo~R0OBFN8K>J*bH6qhCW+g9M!&So7)d_<F|b8@
zeZ7{0pc)wQ<k`~Cqhi<1DjA^=#3L+0qiakOD`q|R^A8Tz8)**@q5ErCbXULtNX+2l
zN7h|#y?}Zg%FVsK@JR_!;`zVb-F(j~liLYKyaGG3+>&2|r`LuTI~rHkQ(OIdXLAU3
zZSBIowY4?pZJY(m`O!3wi$l!F9#nu4oh5c}J*Fb@VeiSB@3@I)Z>;qO2riyB?e&<H
z<L@!EJ2t#AAdUTK&Af45Rfh)@*gFnHM*mVu042`^T~wf27ciTEuIE=AB*i4y40c7(
zMID`;Yhtpr8(CwkQ*?Dbju+{hGAI6M?pQNF`OYt86pd>&QWDvXfw%f1l|)gOb@baj
zDv}+@zvpd)$2Ijc=lJEriV-S?k7t9l)^G>{OkOwcX)Br20sphmU>2>0Xxcs2tm01Q
zb;XR1V;^+5gQ=x`erjKOaJ7nipXdO0WsM(qjJ~6Nn*nmLS0Ay*VUx_t_><<NN-G!|
zo*NECIVT>nw2AriHl4!fAW1j$%1^??cgHFuBxHz+(Zs|g)%n4Gf4PDE{QUe&=>;8k
zu4eHkJ~S)CE9~Q)7KUiad+ap-lL4-&Fq<}Bubm{_|KcTb{<B^@NjhF$4exH^P+rS{
z%|LV-^>Z%BqYI}o4maeHuP>nTpP|duoURN;U~LXrA20aPi&)P#<1#JB|GC9ud~#B~
z(62G~BHRD@j_+$$CUSU<4@fi{?1Z)}`9$|FCbn<Jkt3nyT^tD__%bGoPbVu8$M9eB
zd$&)RH);^_iw(r*qV&3}Cds4;cfo1?=RR#qqbj3H#VonJKd4fLyrJehrE^0M?07e8
zVwCnPI#r?uGP$gb26i?WHcI=qXWK6(W=v!FdRGoW85I&P^K8`%?Un2lC0@MY@4`Y>
z<OU{zQ#=X*#esnReH$`tG;;oMG%wMK**}_AQIVsgDm&a+@wu))1IqR5<Rg#nb~7AL
zCuQ*dlAZPusclLk?&4$8WRT>ft&}6QY^vcaZRn4n35~5@E}+`Sx)8Ldp@=}fueh+B
z2KWyb8u6(DRpf7a6DPx_c6;w?@+RDw6gl2Btj2&2-(prWV6eq9VM~@9hL^Bcg~Z1<
zsqhZ2tQhLc+)C_-af%QbFsAZd=@=1!k_c@wroRol3KE)vuy%Gxns4IBm2zQy3+q2y
zaFB7f*mWxtYg#X$;k4;EyFM=iH4l5;r`7!^tU#d*YyI)=Vr<?H>0fKAVAa-`@J1hF
zJdnY1*YEo3Mv2a5a)cDQRaDP$?aaENI|pq@IzjS#^;O`5rgNpCW5iG1qu<{Zg^6gB
zD#Sdrm6_Fco{Klsk#-EFt#mKujwWRWOYVqg?Ft~ox)&AHWzy@)UqbBOB(ZBUYk2Lp
z?D05len`PbAt4Og+%)@QWtEqo|G7vs1sNTW!6-saQ!093qvBDAh-z5}@DsMvLP+Vq
z9ON$P@VOBrmQ{dau@<JPl+9jkGsUp#GQ!FCH3;o{?XI?37a_&tN0dtxR8;6>o($ht
zS?XJDdi69BXNKqdBX06CaRIWK*#uF1Yq(^Lzp-cNsG#(WgeK?ofA5Q9+<Yuw2i+XA
z57e~w`*E&L4!iT7HN8o~D9(wV@UUKU{MjhYGDIT2olsD+T(_Fx8{1p69KWPe)$jzp
zF$A6dE=8W}=j<K#LwdLz{D9~B&o7qIR0(Q`!$w?#Wce>vRXo)-_2T384l$s(_?J@G
z_r}^x<1kjsSUhoax4F3moAp=rng*)gmC{yLOeTIis^n$3J5v&>Z^qVc_NRIeFY#58
zr`&$9O9khN(*2xM2`&;H!Ue1ch(-{7QJwLF6o#rz=BgbLG@|K>%8PSL?P*td1T|ts
z$Jqr*Ba7mk-e2fvXGo~Qld#*I0+#CMJZ%rY?iBh-BU+{k!bdod)Uy`T*(}RnUJ#l8
zod}T68rQ@dCYXYcMi?@hC6<J0;`6pXkB;3b{#2GKloUVfjkwEwe{s(L3A+b9hoiq+
zW_LcHX1D;9j#RsDOOQ^QX|Fmr*~3#Iyx6m>MIi3<fuUe<UTdmUyDU-2NO$OSlhDv~
zmttU1?05aqx9{o$jxpSDDQs+gl=?-qtt8|uRsA^5;Qtt#%4K@;d{|2Hsl`kfT<xB*
zONk6Mtzz6?W=lvJhK%JKB<GJ`-U=Zu>y`ks-_QOQ=RjKkCW*XzlbJaZqW8KI>&B0H
zG30suRwJlim&32^RcxGav9YyejUb!l3dXXHNosl-Yzzqz5fMLliIO$tw9u65GC!B%
zeEG9tadn?VGGa_^WJ?i=rnhWzbK&vgNM`+(Q;Hmp$L5amihaKsn9UpBHdeQzSq&@t
zuzYiJ>rQ=n)Ezu=8rB+g=>}vJn)nePg$Fltwg=Dd0M`}z1`!A?y`%+G&k7Z1+_AfZ
zf)o>9tm5GjtI;9!94_r3n*RavER}|_A-qBEOArlbAuDsxJcZ5cv}p`N!Y2w8Sn=*u
zx}1?wX00j^@p!Q;8upwiC>7i&>h!Dd6LL$GXsAqZz9@GU+BxPdYo2ooHt$Hm2O2b-
zA%Pv4VD>RY*`)WC8hHX>da3GH+FT`W-~F}?fgzqZ<-NeNE;p6HQz0aK*}`u)sv~6i
zGxv)bN@Ns<_!##zJ^nOcvK+r_@^zEjPYqIWw_Hrx-h4-4N0q&(f<Rpp!}OyW1xd%X
zFu^0Cq14FtH*19`$~LB=MKyFs;K$pu;mZVx5@eAY_amJ$QV7%C-Q9A_zAq|q6IzA-
zkD-zrD?91}p~-q&&f~+5*M!IlMb5`kgGa^A923f#0s;YsE(jR!*Fk--S^!EohqqwP
zWEJb=C7^=!#pBqVEo&H^oh|MLXo7cx=%nb(Z;!X*p>Q~}CS{x{cqxqQwK0V%{^h@a
zWT(?*Rrw_)7{O?`TEidWdrp?>(8J@Yx@Y~@g8Ws}^4+d?W9q=WTVaMpjLNfVOdUQH
z=mAgYqs2xMub+An9zXt!;jP5fzrL&|@&;6*cyqtina}=dal9>{LAO76N+E-f;d5M{
zm(Aybl3ryBF-PX(1IuVQ6STVHNZZ)Z%Hq<-jc19CbfgQ96NdWIq(|dqfRlL#$(;Z4
zJbHG*9B=t5U#lA5J={01GUmM15_sxAdeboYC%>zn;}-qwMf&_dB-L5pytMx~-uwSU
zTm4@pa{sd;`@h;s<0$2LQhD5eTr8;WwXsuCtx~4cSH<PlmONGO_dbc)T}(3EXjz>t
zkg{gh+noiNUgwtGV=YYgAB{x$Z&XisTy(feNQOf@F2Gbk_M@G>5wEQ%W*kXW*b16;
zzofK%Pw_;il;ItNAIVPt?bgPUkTt<3JRY6`qH`t7hxh5%#>t9*{^9=dsstB1@oNRG
zCeUujmv7!>=>3mqHOL*!0eKpWxVO^p%uvs8+=v*mkUtA1fz{dF1Js5r4WyxJLQfI4
zV&K=J9w_6PMalG^tt|62r<Rtz=}Mc4S#QRq<_>0F#KLY7`4;@yz7$iL^C$##_K!<~
z#bL~V;T#%lrK$IKD&^UJFJ8WJn}?E#9kj=JVH%%%h1$IQS83_Y{=e<es8Ti!M-rQr
zc_XS4`>6E3IQNYqlrW48{AkS`5~YR0*6$1BL=N^VTOl^S-(U>@TdkDjo=HMEXakdS
z4TqI@Sk?yZHbZ!>LR01NX|k^Xt>oh)d*gE_<*!PL==c2ZMi>ofUTi6Rz)5Yi6^~-x
zK*Qr*oPickWD~s4x5QK)GZrW*TPT+`^z`%-1_up^VF^!p*<_bi3|W@TT<LL%?ycR3
z2jtB7cazgMA6D=JP%Yc-4TX&ey?NKYk5mg8kHqYhzn<<a40AGCk7tIqwNYY5N1d4+
zYkh%<2h7&zOdU`;CU_PZbUa=oM+ecI6W?D0br+pal#F+&fDGl^F4!jv3bR?Kou6{L
zD?8Ao#53E`r7JY=R|sVT?@5eDI@BPT!OhRQ+t!w58|!=vnUb#8mgCWm^aB5k+Mh0a
zmuom94dSP*+1NE$%a?FzXio8i+l%qTa8GC$ntKOlH1Ce+ukF~c83S#Y&kw4$gHFZP
zBfuE!h|f(MJ-AFAagPm{H{#8h-h78D=Q`pc4?3)<6~eRCCf-k~za5vtBDw*aX~i^y
zcfn{q%3fc@Wqerj3KnTZPJzIOSt2rtV}{?3YeiI=W%3`d2tXv2lR*XxU2%81OYJme
z3rc(Gh_;x;fwZgN`6hK4hK7ZfjYKf#t=kbEi$ybNmQI>Cru$(%>D8tDSjv*q{z~<)
z71t@r!sc)P`Z2I@W%a$8va>+!%f7AK%Ol)@Ii9{=m{o4$kgCDIzlswjjEY+Ywz<pw
zs=1yF{WEJSM31s31v_eQUB7&V_v&Jqs-pyAV}8?p2?oww<%<ZJ1A*M-fMjkjlckh6
z=W>aX<9i8a=?-`v(SSU^%3fImOG%Qt_kI2O%_+23@A-&ZQKA}<V+|kRlOc5(QF8wG
z?~PxJFy+Ygj@ezd@nS2et=50cC;(m4WN@y>&QA5Q^-0+8{_e8|<bzGldb8E^*zM!?
z&6&(0Tlu|DDB*l0j9cRQmFByCy59=br(?^TM9$dMNB9s(D7(W-^kO3Xw1dLrFqmp-
zimM$V)-I@_1B4xQ1#B#;KZr4k+J*9nmK1zu5pyOq2T9{Em!WfYI=vb{JCpYg9Zh+d
zAE16mP*+}D6HYNuZS$=pE-IAg9|<uuTotl80a9>&N;Ma8`u&PJgbwBYfo(>)-bB;%
zy_2>L4)nqiqA-o++Ar9oTSPk&`eAzZrs+s%d#>M<1s0Bt(^F=N-hT5~u$9^{ToX4%
zi|1$aO^w#HhIA%Vv_vf4AUbHeMRxGFy!4}&6RidK?u~G9MK?sKviBdYf7kdH!xvKO
z-rqQOyxvbY5lfBaY7Wb}#}j(i2Pq>--p*Dy@?M6;{ibSAZ}*d9?q?qsskI{DIYnt{
zsgnU!9fx-)Fj_o>>6GPEX&BV3Uc_SLL`&2D!9f_g1Z)%6RtJASY@i+P0VB?9_Ur3+
zBBHV5hR&P1b-(H#E_ed2t>M$538nY^eqH?)JP2^S`lF);_>>tz*Rn>a0rVyqW{)}I
z)$*@zbUN2+DY2vV^88+Pb(cI4&feJ@kq5}H;$e#rl(g@U88qp8n&=FqZmXMO7g79!
z_04(%QIGTB5}$7h$B${fmG+~HtH6>XG94Vefyw>+C2nJ_Zl|GcD-)}@>3q_1Dl&*}
zg-DM)UxCZ^+k0B5Ot!p49#JbNU0#S+^oh{nXF<ze&f0n-cjxWPKDa1gtQE<yHS@mN
zg1WRaOAu@6yQq{uILl5CFXcxzAE7-iEChd*@9t~!-zy4Cwt7{ZU+2$)R<$paewY^`
zx)u7=`MT^~j1T|?tNuQ>733yZ?Niyz^=rfdAa*ktu^w947V36As_*5~yglXXIGA1t
z--`A$?eolOj}&`$7cU)FV+%&usYwJ>ZTOS0lR{#WXd$tb%tl;j^)pIqa}mK;zZ*!d
zvS+T+*Ze_ZLOBwXO)U>P6@(9wZiSWmWHVsFPc2i{r4I`=FpaE9BoH$^j*PE_7A^dy
zPuLccyVnxPLPE1x*%6LE+mCl*FXx*$n7aJ?kNvWo>G<8smwa5~&LzPGx6IDY!>OCb
z<HgXk6kP2_#KYaft+#Jct?Ggr+Tz*I&+X68pQ%JL!$Wh*Kdg?x&8)8_WU;XauSdm)
zJKgDR_PsVA><wBf8rdTys(jjhT;*O1Q(7iXL*#r5fWG!+*Dr!ljt#K@NET}(sYkU~
z5UqB3RSvlz7u(2wnavKjo(vRrP4Xb{wr#_QHX@}mO?^|L9Oqa_qeA9jea+EUG+GH_
z&zUc9Gx0?(UE&5A7=U`4FGO3mZDW!>y@Z5}G+Ab?#x&-Fo6<Pv<#gjZCCH=R0%!@3
zXR*B=5~~M1$*8)z_z;u}3A49{!%fp)siZPjjtC?*JyfhTSSC8HARP;Rol|@|iGSmX
zCrri8)s5)5#MJ@k6wPYqtal{-!3{c`)Fopz2lZ^ikD^hPC3<`Ck~IX=<_bAEj{XuJ
z>cs~f%9&uPB2P9L@qAoGG%OZf3#u9^;uAL5AtbD5PD}n2oPh1P2R^q>@7f&B)|>7d
zjvPl6i@<+&6tPAMAMXDBG1vf2kyO`nK{8)!+o}<k{E)UkW9PpdS6XL}Pr6Ei*U?T!
z(!<Eq%~V43C;QJQyAZSz1@|4QI)G!kVEUZbTl@NxbfQ>!#n{2uWi)GM<zfUT2X(Kw
zXQvLi#JmZ`TT$6)x^(TpeO$e->Cvp6m16V-aJ(OL_?ST3jnvY>j#J-jsnz?Ty5X8H
z-$jr!U`iiA+BwClXKd;Z=~(S=&r5JLI+$L?kANWlZ@z-;=WYgo7p^4{zV!F*Fu873
z>`NDoG}0e!_3#fBDA^Wm75GTsc&Oz%)!%rBOl3R$mYENKzUj9O)}8D-NNx6!;Vhr3
z#5m$+>q~CPb2~lIS$MCKvqB<MwU5`E*D9!z&c~pntgNA<Q|cyasJ{NjygzXooNqE`
z2_u*-!1JI~v0}W@w)MNYN?{e8L3HBPhy4k`v+kWLIP&yYDal4s%@V&lZ%e(~L_oXp
zdh<aIsN&)>npD>P*U6?$+pXlTr)THd!;I~RA9RS4ufB|%iqv}|nM{%66xroH;Qdz8
zUQBq0R{ytt!*pn=gVJ%mDC)qdyvL+u>^B1RYqXv4mtF>3H>+}gDtz3~vno3GDrk~s
zFW;4!wlF)Ni#i{ODoiJU0+SP;`DKs%aLF@YwrE-*6As8iEMx7TbTDLpjg>de0hkSg
zYH{s=xT&{4|BAFZoqy*qYZIE()UJ<s{Ff1Zwot=BC3+6HJ{Au+ehN>lw%&McwRTu|
zBhjx0f%UmthHpnN<aCEV$s{Rw9)*^y(6zx1xxW)3x72Xz*8)D`t;c1OZ=@9k$aTQh
zJ6_Fb^~M6hP}rX<KIbs;ZK*`5%Oitm>Haf9tw#Ic5nTk{cBgS%__RL?8#}MZ4ki<L
z=ddcl<&tOo(U>Kk=d-Klccs>?L*YI;0ABkC5?k~B`7h$4!MT+^hXByAo-?lpY`wru
zgyNPXPhfatwS@>3)t}vVxJGcQ0q=gnna+dB#yJb^UApwq7Cc-~(xLk~xTQzW888r)
zG2Ok=>TPi`kNxFjSZaamdHKWcB%MyY&vX%TNJDbHCot@r>cHZXO3=3_DNMo;+pq%{
zTB!GYZu6yC*9~hyP4@D4>S8se;ZJm3aH@VX{hDj$7z!b>l*|plI<;8t{;ebr)%f6;
z2BU_Ce%`FNV$&<DH7R{R3FEpX6;LtP>{WB?2Mfh`0Z-U*8TPpq^QQ<%vD4N+R;U~q
zA{*bfn5}G5*-KMxLz3v}KE!MzuV8<%vjeCMTdHw;t-jqXEiXrVSzTu+D5G_D>JF<&
zHu+K^M_+y};803P9bf)J<xAc9>B)3Gar@?+JcsyP$)d+w8C6+w<JLsk=^f`DboN5q
z!mbBP1>Cz3)JJ1#^d6}ZO(9ri1~tP}nTy5;$EAiVAB+UvO3xNfVP!nrY7X%pHyplJ
zr`Qp{kk02D(s-Jw5oD-@Ij1-N8C)$h&UEspl3v&>slz=4lyY$V!lwe>1D;vM>C5%h
zjCj8_*LJC#_*dXx5sP(C+Yxi!`$he7=Q?+j4_<1RtO3n$MHku;l<I$x=blYK?T28u
zsSXU9uKYNhT%}TdKQ&wEa9B$Equ-P(M)bV?lXfB_EJejgfDU_5dBh0}S#NeWdiyLu
z72wn}xjv(*@4r7^$S;pgjseFN#ETf{EXY860O>az6kHj&PYZD2GtJiTZs#72xCC@q
z*klz=a!EiW=N<ocy~uQl5^`$gtOKFPrVIqu%dL#fcCSc*f(qUNfqFUFf#&(JIaI4w
z8~Ar%rONiAoi4zPqd@^nW=@f|uk-A6ekWwDUOxA-_vT1YXU>3_tL4_>ty)efysDkz
zs4}+uC?y672&{fSq^vnf&!~QPZ}13T&fwXbw-sS3H!$#|b9U;IuZv&SFEp$-(KGeA
zzge=YKbK3re)94wckS1T;UeeEo(5A61^n6v+}eQ0x86__MyK5G7ri>%t2Nx7_g5uY
zpVeQLuxI0H`y%qr$djmOq7|#{=F8ug=}d+ERq~X_q0@>2TbgX2mEdp|k<Rz=#GG~~
z5`9NQ<VrNgU9dmh+Naw_Ul*54Kn(gU6187&{x?;VjQ3dD>j7oUe*+YsDz@eH5InJY
zljXnp7`RtZRlU1!2p#?<*kBX*B`{+_lYwVRWXRMDLKbjSYF~2SU?ft6r&DnfTw_4!
zohP7MX&7HaKRQet(Q4Xbf<ZZed*6SwlHe2SP+CYjNu+;i9Iw=mY#$BnQ65^f{4j_M
zI~~jhd2P=)61XqP?Q`_yo{!pMi$Q4RWiNHn1_)%ve_7WA+W?|?^G$pWa=y(dC~8&(
z-)CRue|zz95jf`}+kWj=-skCQ;2D(P4y#dIoqL-t=wDgvG~NbX;&U}*<pzwWdaRM$
zZp9YkbLFV#+ZL)qPP*)cO$z($<RwE{7Vz9i+dDk0(yTibRbV45*h+1sLOSnHyMj;~
zp5^&rpEf@0KswqpJE86GaY$yq{uM8EbsrWk!OyAPWxH@J5XEw7GyPzcMHyOlI$OuR
zIkJQ3Mf{W;jH>D!xZd#CjMd$Pt~#tGKFWl<@N#|2uT@oJow7hwG^q?A#NUZ(vi}!Y
zv&>Uzu&&-UnWRSNG$8`zayY_02jhk}ce&77tZ6%R(+Cw)A!N_sti(Z3B=u3J_A{Tn
zkCC(332D&Hgd~Cv(oFm;L4Ee;^mgm3s?<qB0Smh%j+*f1Ak3dl?d@I8b^*qlwV<^J
zm$Mn>s$qUXM-%-=^3FRb^W*Ij(hl!xjAUI>qg$M=!sW@7s<)R^XiUO>TKs0Za|$#e
zt!ZdBS*AixO72OuV8S1PgSg+;H9A?)_a0WX<s|$Dq;WXWGj$@i1d5u$W>>7@Ty5Xv
ze`pGv$12)z7LKEmhyvvJQv@2f=Bm-oEWm6{T#aVuSU5Pez+O&$g(;g^O(uZ2^l%~d
zMz`6VmRzZ4D)Wx}$nksYYm>s6&oV_mbTzr}PcQDTyPsDJ<kht2@ere-@1aE2tXJF6
zgTT6c$h2_g#M$-ddoB>O{1-M;hl~6_3>x9H@T7jQnkTPK_CRMM)49qRpaC>FVe|zi
z8Pk;GgAeVH`BM4*kssip?vKt?e~9f+nXiB<p7@I#c`U9;1NcVRQ`l%lu34ny?oHY}
zwjc+^>V`j@I)=)b^;vuy*XaG3C>4M-6VrWYYs+GaUYrCE3cIUfUE!?ISPn)5A4XjI
zDim5VCrWKhH2q5c6imJ|H4%Kg<g5NZ>@fVCg=d#Vkl`?V-o)m|&DGgFny6A4K9Vwn
z)B}F~uAGIG_5tg%o$?2mq`;7=;5U&X@q45b-)r}By}H+slht6DSluZE?*9_lbOe&0
zMK-(i@mQJWGhKIx`eLf|{ybZO-<pFcPTKZ9!BW%@09qRcx27@F{FneaY@KNX%4Eqb
z)vRfeEc3(6!(4f(B~rv~aa{!w_=?&^IW!D;Byijy-TA}n1<c>7e8=p0W{Fu&iPB0V
z%U?9(KLyTx*86{a1@`{`D8)^E-3haQ+!6dQdopjV(Vhb{b}Y+tJreQUwDSb~pd1c2
zgxTO+%@I~56vzLUT8Z<&=T^!G%LTslJ7uO}_EIRINBn=OD)_1)VjQ-$#YgTe&KAGJ
zAiUu|vanjhF|GjqSQsOSH;ij-HsaXA!rz$zaffa_&5+MNJ?k*|@4fp@I4D#_Y9Bt+
zzu4qX)JPU(6%;w#uJV03GxAZBFE4J96!i?MUuM#OX;`!!Cst%R{RFpI125S6Sv@R3
z*A$q|4~<=UtQ%Q2X06Zcbw&=TlEO&5+@{|G+rH)0NYSnYdD8k2)55<8*byTupUiWg
z9z*0n>%5e8)}Q)kQ$ANugqGHMS!3!v+Elov&?6QcYrL$`&NEu~q9y9A0&Sw}Hsl6)
zl}h?L9kctXtIA!$OGfSfqS8Bg#BWz~0up8JhgoIj&zYSDGcvwp&22wNd4Rk|Ue=8n
zXc0eIq7X01FIiKap5BWZ3p;V_)M17%m3J5$Cmf~ofMJ)WmjyYa8Xlrj!YCw{$03IL
zF$X5q7vlv)_yLPTzYlIr2r(=Wkcb*bZngUnuPo};oZ#&(6j+=moLvDH*X=2`h<44_
zl_$3UhC9g0dUCe}cP&|!aL7MHEsh@8bLMzxly_TI7d6*d)Jr)2dJbEYB3g+ftA6)v
zw}ziRD(6e&_!Gt(iJ^3VbN?yGc33-VP+U%&m3%m5V3NjSYQoFLc{J)^JblM;_*0hM
zlDd&rJTU6ppjX~agW6UHbEOpgn(w26e&?xQxpqRk^*F?e<ioRk`N}(#(XWOzYh2X*
zg%8ESUbk*?x=l#L#0PM9rs24p07q+6FV=!zPY-2@S9(_ix*jS<IkDYSUo&iY+Bbdw
zVgv6UFTA`^s!x)vYrN{lyYj#;Lq3KaBY*|w^YXPa%tOTdy>8NRmCi{HACXyM=cScX
z%E#RwJtvECy&VMvVthzY3#WbXoXB@SD|SBIFb2z|kwq6NV0LSxFmSl`RIbPGpXt@x
zlTHqN5`9*$n<S>ieC#iQWS%#@sY0c~?QvMjHwXPgu;bYBtd`-y%k)PeP4sC0)}9W-
zX(cnSeRUO!yF}w#@#uJ7RJDP)54qvBc7kl<T0M1^bgki+LMJmLsh<+(3b7|5_*N|o
zv1h^yERHPN8_lQ_8U4a7mow9viy+*?9^e@3^+)9OEIh`U4<ytPb~L{0Ubxou<$q=?
zET;?+*<iMf={v8h3=XD4-cxy?%izwb-UXk;`J*sRTRS0pw(5tk|9*L$E7d#=ySNbt
z4<<f~PHDYQiiX)r=6+vPQOOXY>i$Zt*1Q1$y=W5;NNGw1*n@)ctMRM=Z*$Xgey^_}
zl6Ki*t<oh=loOxt?*>qJwhgEDA)J@eHDr1i@!d10v!DgKc1tD~VZ$orZ>|sEM>59_
z#tRf^6EI$Z;d(PkK{D)2DW~glXG_gYAX_ChP->{}=dE>uG%ddq#qO9O4pmZk)8;m6
z6+{0AUOZWqxWTmrTqF;UZla5(-nx!`6s7K9f~OBuMUjnm1%KuU)d+^GncT&%u{$)d
z(chIfjM&^b^7_j-t_u5#;QEUIF0iV)+ut+xc`yiFx8cRhMoSb?RrH!5fPQa2efND`
zMHMx0ffplVwqo(cPto3+BD<Xvi6(5|AO{x;jefO(`Gq9;#p%eGukHpCEMQAdonhYM
zT!!wwIl5`$b0pf8Y#|HpU<>ggM{ho*+&WWKLGfe1rr+s6;keUp`A~QQRA9}}S&=>d
zVf1!vBN7@vDhrp~wLGz=X+8>VoATWg^Rk;z>|4{EuuJsvIE>nybh-^g>#5t<Z?E-W
zuWad}?BD1J3aN^zFm%I+X*P^0ung{RPLFnnGjFZY#)2a5*NN$$g~K9L&j}?7Kv1IX
zhO#Gi_3yg>DtaH6j$(os?-ybePNW3{f7F8XZl(;qJUh<Te=3R-QpTQM=Y!s6q;!WB
zt4HQ<S$KKihHy7H2NpZhJp!XNj9jKu&2Z@P|KxDUP3=f8N!}AziPN>hrb&iaehj;n
zl0B@3L7^cF)tgrfPKccjD5U@jBLiFY&YpObubzHtsHzx{_wlDxqhpu?U06)4^dPNC
z|M6g`*tKP{ElmZN6$VuZ6j`~(YDIz=%Y81TyJ{2N@9`rknt1K29B}=svy`V$lE0KS
zYG4!XGjQTHgmMDX`Kqde!kTI`Go%<nXT*qB3$j~aEYnNQK|8EquND!<_w2ZrkO0BG
zS3|V?p0~}tZuX<t%&qolmx9;wId@Jr!XJ^$Z6gA!Jab8;=tAbew<Tm+J-!8Hg-jkC
zMC_7}q|Jec=b+K(tKNb5&aUKkHm0_7Jq20GtL)EVtWt(QYUP>_tYyQ<>Z8QN7{T4e
zUI->$FUrp~ADhLJ6uvJosiJd%{l!{0uHTyY!a?mf_rO&_oz)DJh0QxPz-Fa+=f3;Q
zg%{$&O0V%l=8S@0+yvbyehx2OXKHCRk%2rfklmYi8rj-xeM{|Zy-qlf&ppzqB^Ft(
z{||#(d|LR8qz~R1Q6TNSqw{Ew2L?Avd@I2=P?*7;Qq}M!Ct1Y2!}tV_kF=5BE0WoS
zr@z#rLNveJ+1|UTyBW7h(-<;rf~dDd64pVuC0>Iuj<Jb%XyxaVuN3u}+PgE6h!Hac
z#!nrg%;wwAgvG<^6kuT!UxX$H{#FVEOwEU-Mt8GEqSsnRd*X8dYDe5ZksWZ~G)=wx
zeC{{3a>PwViZ<G5?AzykV~)@;SEXeMaD<=af7&@4?-|2dd$<ZJKK+cR>qYO^2kBp=
zzdtL6L;q$V)$D{<4A<K)K`Zo9pzI-=AdZJiP<t{D5u>yls9D#o;n}JWz)0(b1Lp?g
zc;c)Elaw_^Jm^G%C?Q>g`q1Va2|FpE{4RIDf?cip{CtxE`S*w*0zA8x*#moZ@9*4v
zbs-Ok!6v=OaX${@3|6Bg&|>kuTy}m}N__9>q#23_o_uvxiL<cj<x5}&<QJmnufq1X
za_FXkm`7kVNH*W&W(O6U_!IJ@CDU7V6Qw?l4i4d0G=8$eXCRXJj&a&{dn^qiZ&!EY
zQN|wfH@{hqf5|(JKZC*Z3uuXhVUhzg-NHyy+u@AuzPbB--KPy(Tl3_eQvqS}mdz`q
zQy+eddEKMn!vD%TKZCy;+;i<Rb1K|}&EM0AgbnAe@3Tzb9500vt@+aHxowWF>9d?n
zW37o%sM+GUNQ#S>H9gn*(Q{cr$#~0inz^6@c+`RP_HrO9q4~lER7M_^Rc5@L50|(E
zL0URr>(ym@;qD0~zs6}!G4~l!{vZ|ZY-KN&EAtMK^Er!{z0H@$A-s`oURm>{gsU2}
z5CxBd%@qIPUtXW#&o5!bU~u=-`kp&W*PE&#pk!bvp7uULcL4Q<GB%G+vCm<I?;e=U
z(_0dH_gz{iL4){v!-xz?7Qt~NKwn>faYcx%!|$3=8T(TUiS&@z2*Czg<*FogFEaQw
zwZ`|w$kAg4FK-e$eodnX$?Q|{;xOM03H$`<)S!;O_pP1^PKNY^TN0$S5*)xiDB0{9
zmWfm_zH^>UPCcYTsHO@Bsa3~3#~kl^?;%f@TkV*{YSCLS!X+XHN5g|A8%EdeZ2pha
zD2BxFCht7QLMy^|pM)$<YOVIP|JQ`svoN^`l<_1|v{4UcN}{yEDC45OQF%)EfJeaw
z+y*^3H#aNBkUwmCPGQKRct=7V@a2uBsqgZ$5+)6kyTe!_qOPyx(nR#r1l(+%OZT-D
zyxgl(okbZjT|b}5Hha@G!|AZ8MDUThTPXNXQiCw&l<be*sKp=R7`I5R-I&d&8CJU=
z(V*ax2#=4`6>ZId@bev`2Ujj=2byc$74Kl&?^)(Lu>+Ci&Ac8|zTa^YktbW7?#D?W
z_qFuhg~_S*8aKs-H2O*H)zw>MMii@w3}8mTzsPW`F*ex8w3wt7P)s}s!iZ_JLi-wb
z5F7An>isAC?k34&8F<YU*=`*=>(Ncu)2i7DX?!>U=|y7m&%KUzrh&OHIL!Y9ZZ1io
z2u`T#Zd@OJK6dmcbHktdQ(7gye|i}b&K8tkA+p1NRe$wi^9Kud)$QvIhgHY#zd{;3
zmJ0BEP)RMfhuuYZH<e^fH{)QE<-HPBW^RDs6!+t+iNisy#FSx9DaPvw3IbS<a5Z}r
zSh>5k7TSCkhViesysL;1DwV0(YfNBub;`3Q<Id3j`D#>a*2A_;wfQdBFrw;o03s(E
zM(1NB5;dclki9|DfixR-AR7Y6;zm2fgzli~z`6k!*<A{4vYwr0BJ$WU9K42!Til*R
zX41{O2Zlg<_-16wMMA!~qFJ&30fD<LD2gtxX83IMn^iRzrgS6{dS-m3K4pz<akcu0
zOG1q;J8n33ckU+FDN&`bbLUHj<*nJf=O1c#UKs9}cm$}Y$FYjMEOMq2gfbyzS_S>g
zqFvP^_vRDlo@f2zX4teG<-%7%6)$SRDu=oGuxKg%34wNEN{S7OJ7=((BQ~UjvC*%S
z%=Al{75*OayeIrx`;^$>az{7nA~uS658zP9FOK9JK}qwnYiv76i@lu@$p@?H`L~Vm
zlLCW5;=#Fj@T8#^Tc^ZY|0|hzmV3-G48XkDS}~s+&YOBpBUms2Jx66eZSwZYC1?P3
zTeE)%Fz9`MBcF5q@FRh#@7k@fnuG6${yg>Ga(Yy4G<v)Jd?DFC>H9oi6Eq>KUCOFD
zl|(6He4^MD<=LAzycom84{q4%%OB=HP09DYwhC{GwtE#696D#yi|xXdPwjCSUbBs!
zCta`ct%zn_Xt@wlb;@HKz#Z%uQGGAnhKX09cR9J<xRToO%!<|=m({MJZ)2oV!Lb^i
zrQdT;94=^pa3kZbzC-PaZ<G$zrllWNQ&skQ-I=dCOQFI2x_eE7wS62Enp6VJj^>c5
zsTuQH`bK1oKgmx<!_?1$MF=WVb3`HCE4ZaHH=CQ&YzX7YR=$umy?@4Pe;6|*6YvlT
zVh>5tS;d-KSdXyddJ~><N~jgzP%8pxVQ$9<FU2+^B;)CpJ>$3X7G|H><K8$v=I%2m
z-7Plp6D6&U%LT-ro`>G(zTJA*cfKIhh>HQ8o)BQerw^^Fm*o7=WzEmEvv04HmQp1^
zxVu#c5q9rlWtyvKd&1vb8C<ZPq>8@r1lA#i@9_S1m}*)_sS=!E^Zw<K7PmA};kHS@
zis#m0h9Zv{Kg%fHEOOt%Z>ROoa^%64*SGbIx9R|IV(@x>E1wG^M8SB3jza4uLh+I`
zSi{N`N~3%+SGFLclCg@lVww~C=TdPA0`FS=r?S23Z3$&ZOD(}5CrDne{(E~fY1IC(
z@3wPayv~bGi+G2oiTAP@0F%@~&HobXTIOaFYyn@#04!Lvc}HKwriZl^1UhbHMjvQd
zZ&A=1ysNCaz+d$mQGC1_r&8&#V*3hdp@uf8bPu^!Nam;$QNv~nb@xS7TIgR%mUz#=
zyB<}~-{3eq`b57j*g~J$bs+FQGo@25(S6>%v)K5P`tXr7${#`IdXTV;YN&opk5-w=
zih+329wlAif0|+v0UmEOpD|c-z7s=QW2RqRvsE@LGfwtpwb+a{!N7yXb>Z{!L^Ar^
zU{;HrE+6NZ<a1|n->XA0fxh7-@k?)RrC_<SbCPy}x_hrsFr)p4P@(%2bnP2~`HlO3
z3$8s*s>V7M+`%~cehbjKhhmFE;|T^PwRwNB75g4tKQ2zQn<M5!N%hMVn*7obXrb!D
zEG3jW;>=}S#x<e(EfKV7VA}!u<cW<hP3A*p3VdNV5bN!^3acJXp2o@AOhK<}E=xqV
zn=aC4puEMGjr8I=;EJx<wsJn6D#@N9?aSzpXGkpq4}R*7&C-<1NR9f)pVI{>uIjEY
zL!%EUTI3j3-+mz8PbleaTVOnZ7*6hui;Pk+X=(qSDKPVYV#J(U!ZTqGrCiBlN7D98
zp>brxFMY=~$^Bux?$=79?%Qu-WI8xwmgIWpt70s%-X`8re~O}YY3zvi3Rv;tufh3J
zZ`jp0A`d^KrJ2%KGA(YjqYNC8%!h|pPX{5zQtMzSIyj>~BFVK6AZ0l13onK?WE+-<
z3HM_uL1EmLp~IizNk|_<^EH!B_sJs6yrnLOmQ0I*u~$-qv-y5*RTpXz=BXSSt@7S6
zE}xufGA&C1g%WJC9Wzvg5i>P%J-b*Z$A1#b>N^%wI5^p?*G)_C2TNhS-;9;&`4<0b
z!i7IYxR9h9s@=Ep%%?SPNOLq?OTnbcw!r7BmwIqhM8rL2t&OCP)4xvEt4)VeW+w1}
zmfG;1VWaX>hl8OEWkbNYV}*Zd4zdO<INOS)^ptN-+452?PzIJsV>`|rRD5gnZQ<Sn
zwN-fjq{@l&a*)MR3XBSrdtx2vprT}3)^G8!v+p@xX4iPPY?okt#oI*@*Z9WnNhz>0
zhlbXk{an;HlD_b>h@dpFTuV6(^Fznn^IRiFi<Qa#a-Pa;MhTv2LeY&!;t_F<`#?Sw
zsg=_)lUQ+d!W~5S^cYiZ)C+1Zds93A?J&a0s`2{@BgM5ShoqOp*50RHI_q-t79P&C
zeyWPsDIJbn%aVpNVvdmu`-|9R8Qf^bwDG8sp5|Zhn1w{7cK%u%uXGSS@Su2Zcw0sT
zP{N!=S0%}rw{B}GTX@7{xSIISFk-qA+h_-RJ=MA~tPMo4XVN#H|B6J)dy@wLrx4Qo
zPr{&l#_=(upd_g8WiN6)=A!2RUB&x<5%~UpRoPr~FTHm!Rd?Wh>Dgqt3C_`Us1S`G
z+ST=e-0}q{=-=L69ZSg%78DeeA+lZ`m7{{(+yFVLP}w}?6fV929_*R>+XpyApIA$g
zSk%+wlhum}0t%Q|SpR#;<I|H>jQLB7qVw@0Z*ipb5%_IGDX{`BAU|JeAWgn->(s*!
z;vp87nfT_V*?Z0&&C`pEU%Z1QB8^1s8)@OfpKnGIO`3V3I6$v7J1;5{g_#<L3Zw!D
zicnW^D+|@k)%b>y87QqFs?1^C3D{3;y?I-zT;y9!w(k;g-?{|q_QQL1;RcT0nlZ=C
zY*dnF>*oTp{s~MTl`K{^HVZYWiKRMgYCI<2Y6j@*_8Lz*8jw2yDHCT;PYO+!Hu6(F
zNGXn{JAp8I`wPp&M*P#=&fLYYveOp?L1Loe?`U-wH_13+gZJ{gunp6Qb0y8?jW!{(
zIS=PbwhIs}^c=#M&?tcwy3;5zcrB=nm7Pt-=SoA$l^XsL4B1+GAgZzOjAVuU!?=c%
zEPQd6XtT<_Cm7T!6T8>d4(c&-?r0TN52~<a$z;(Qu11tp8u29pqR;g|?serAqFGNf
z08vd%P07pBELTXkx^LZNF()>&^LFPQ`vYlfPD2sBy1p#Ck&3)L<5_$t>!@~TtH%q@
zUByV~xLPa^xb5yV*${X9IPf(c&10qXvFocrmR^4#4d{Sg<@hKzDhQ@`e{S^Fo|k6k
zW?=7hmAYWEBA8{6))Wfc+vr*bGGS$>h)4WJ@2UBABCgjuk^1#Fx5b8GgzeM!W^C=j
z)9oYvGk^9ZwS|bx3xe#nN@la|^hbMdx__*zH&jXvh7m0(p22%(S+^q3QhxrO_>n6<
z^cOSCJU73xT&(?L;(d`_t4^g_$N1c2pgzu(#gLxYY3rJ^z3puZd28H`X1kWAd0M|&
z1^-E6;z>vXgt0ICG$;q%h;}3zIp3%O?|D74g?8^uul)5ytbwgi7O>GH)iWH+@(##Y
z1Z`>dXMFjD>ltmH&fMSMf6TgHQ<T}*BdLJ9X;UmkMrLu2ov02*p_K5Wrfd}tkTb37
zj%q5(dn^+^?Z1|0qGeXra9J<7b=slud-f-CcDrJGR3a_E)z#RHr8F@O6l7l?7(J1+
z=#PKUVCXwsD0DOnT~TT09B(>@;N`9igz72nv9HE)ulpe{5g@u(Ow0R*xh48mZekP^
zH@%x5o&@#W7CzkKbx=lkD$5uwGptgan49Q;oGyBY6m-mXj($z?|8Kp$by!vH*C$RM
z>d@VdG=~lW>28p&LrI8$G}7H6(%s!9ozmSZAzgw<r_RRbJMVm-cb@sp{N{SE@gJ{i
zbAZj>_r2Eo#9Fs0UiOVki~s|A#8PNaL8x6lMX5xR0`K5+5Ot-=E3(xVO22+gc#du)
z2fs!fyT!_$qu(c?l-;ZTm5FYnj*IZW2$gyY9Q<OF?4(yk+~H6AnIAG0U1e{!B7fgw
zv2_2!`W-PmAUiheShzCDnG|wE>xv(1bc-NrlE`rQ277mvi%gtiN8oI0$U~%x^w)V8
zW6npyxl??Cs?o}m0LO3BeSzFIK6A1q(ui%IJq=aTUL&v;R%l0V7mmSMTd>`yW1PP_
za30b<@#tS}atpcimvUkw|HOgUmP7VxOJdZN=Bf9@B#%pYeE7D38{Fm7mRDbhu=6a|
zZ0|?kyXAIR%1-vm70hl~t6uf*pYQq4&VKjQ$WHYKAIWTVR2!cjk_6T|cPd#X^cU&f
z+M<qfYEc-aciPqStLb|;AI!hnn4u6z|Ah_AG7u8|k{T1aDe<9V&ajxg$vnwiSXeFl
zUgW*87Y15N$yU$L?k1aNH(2a&0S;v2y<n=%_sCSwNs$!3lWpyW#P?z|{yy<sxnCx|
z`Q?ukC`F!K#o8M%ek_oj64Mm5x6!&J+86p=gKS(du=|t9Qc4(nSTaGTd<8Dz5BAmR
z+Z)*LQ!S~^1n>rk%Ch@&(XVuxH+E4}In|gB>_wyueXExNE*42xD?!~>>rE8f?^^0`
ztRUTi+MgdUdu1K_Z+|(as6L<Z{P0+gNWY}e)|s0*D_jLE2K?yZn~{RyQ6{Oq6Y<ku
zubvaUaN{8Og%NDXgPLN315$0G_&^mmze$7aV0rx28L}4ze|o}?S}=$%JB2Z-vT*J2
zbyBwm|0?#UnB2wIjj0pdn`2iz%BfCrOg4F0Y82coRyr^?c79hF#!&F`y_25{QODQe
zbLVf<5<%QH*!gOt5BHcur~Y8?vjba;ZQ{K<#q-$B)OT2uN9f-l*pOtU-yZa`EuTG`
zZYas&I$a=9-Qc}A3XMc{0F(HLRCix_MR%8S^tHX~e^JT-y50LW)R-k8BVEdjPjJF{
zJfk~>A=(GWAzfDI5xa4KUNeW!I77K*zn8uOZ2wZmPcxa|O5fk;thcmaofu+9DQeQs
zLw$~q9}GBcE<8^KjV<uV@$D>28T$f!@QHj^t3F<)Zy<|Pqq@fBCKEnH0OLNSMaZQm
z9f(VjF~s9DvdpE7$XDI*_C?8-*3ZE>ClO+64$l*G4q|e<pr?fQw>dA2%YLBH(oFLg
zl0MkAX#*mh{`y72Iz-9mn+o{h+(`JL#yXmmA7km)5mV(TX5X;Q9H-+~%~TS$*^|_`
zAlj3@dBs4g@18%YN0Er9ppEiL-88l<?++9*n?)WWug`o^9XE}}yP%mror^oeDKS!_
zxWF>w<3|Bg6f)5_l}<XwQK=y>#%wS!Z!n2M!&g*KYu~Q)-`M6Pl{l~l>Rcm(F+T_1
zav!AU|Lnt*Ra+AsxZ>3l48s|Cp+(k@$*~%7;4U1k!{;(sH6<LFf#lg+aAXQTa>r7%
zGKq4+E!ixKp_hP&?6`hqmec`v2_P7(rN#o*B6s#>rUA*ttkQC~<FUG{h_dilf;~l)
zz6t&qsqmUCbLO~jLoLOd`sMsTiQU;(BEt8v_o+LY;>U`&sueN5B|VqAmGY4tQW|PE
zkRoQSNq`R{05(UI$K5c{<u+&=Ky(vJ!6apq^i0^NJ?|CaZSZKBxj?)QBPefje{o@b
zpFVzpb@t2cb?^%xJn{^kSU2(2;7e~Y-3_yK=T4gy9OEHa=#rbv6qO!>(ABW|j&sLj
zdtSy#T~4H5?54FZ6Z4A5jG$a*d*?V->RHF9)=zt>7!5He=^dYL+sYQqj?-T|>3_Jc
zWvr>a5_zuw*`zbOIo~iqlo7i+Hg0*yV0B2JIQZJ}drbi&-ro0>BJNYw2*_RtqKPXW
zl7i24m3hR+MO2T&qoGAkE!pN1@;nN6iOea3?Xv3ts6M2qs0dKkndwl0PRze5DMl6+
zb9FUp_5J0#g6OA;OjIRPpm+UGJ(!94SF`R6O>rCuorDhPWrbA50o{n%qGo{H``^F(
zzi;L^y~azmLhN*le;N_;q2`J^nq_NuH*~J#vYW#p!|nJ>@9HY~uV26R=gSh6T*0q=
zRRg30Z1~7t_>v99l56_n^HWiY6>~)&Nd&oGpR8I|S}E*T#q8`T+*ePu@7<2sDOCgu
zBM=}I({F8U6?lLx9(eG9ZtjMF6-VG=k!0Vu{STUwJ^4L6q#o!2Hf+;)8k+xn*AguG
zRGthHl9EmFwaQkxFk@D!vq=#1G`S{O5YEN@7=-)tFZD@Tlh`!f<Y$Sb{?Ssmf)T`A
zMQ+nSn-2{Y*OPOL)FBm99hRwOV{_}YWA6->xVXSk5_aa=TwqWT@&U3@DP^Jma?yu3
z;E|1=;SJAwWT}i--IEWNKXJy~x?rJKa{6nZe1;e%Q(5Fg!^3fN>UgvVZ6k=L2`%WU
z+)6pq6Nn<_Q4Z=?TsT|;`GjB(>fgNDlS)SmV(0LYV5ZsmMv2v+E2!GH&ndUedbUOL
z!6meejTN;j8Ai#A6IKwd$`b)`coMG9Yr)n3+0m-E<6@-+6lF@u*sA`7O&Di_gfLI0
zhSotu14?2oUz-1lo?04}TyF|xvw`PGzbX4zZ!4K1UXq{%y~0Gcw^+-xPgng&3Zy~s
z$*h?n7nbNbtlX;BqZjSwdu%@bk@9K83)DmdC1=z9={&w5mfrm7bd<xWT6EC%sP(Lc
zt7%m51_k`)(Tes2(koZ2=;S@c3_G#LMz>1}6!cBBKCPqA*7OFXrpMT1d?3Ml<siFR
zTPpQz)rRb_LAx9%WFN^$aZ1uXntb@M<c^EN9D2!OL1ptMRRy7365d-s*6Y~?0<DV+
zMtzl1lx3xIUuvx>vAJPVc{wwEVM)mto-?D-sw}!PN)%i{UXEy_u|fA`K=@Zz<KbpJ
zx`{{v4eA+t+32_hQ2$CM4>eIj`X}-RIr(ZrbDkr^xHZyn@%Kvj^#0Hw`3|!F{g(%b
zyuLx>8rVxY+#HK8kC#wMVH(TN@?xa!ZLwu&cfG!I#mZa@$e%86ZLJl6Ap_hzx^Woz
z&DO3LL9SWIBvFioW}UT;+>5(Z8*W3PQk@X>(yA7TK8?9X9hv+!QaKrN9Tb;gPw%Rg
zC{89htAy)12$DMO_mnbIzgX9boZ?}=;Jg|y(baS~G>P+E<qSS6==tu1g3x2rxTd6L
zU;eahUN19B-L+D^nf!BeTN;?e6BNnAVoSM^$Ua^Bcsy2xncd;b97)X=@^<8D{V9xn
zxN&r(b6ObUeT@7un!I;59J0t_>!&;wN3f_orD0Qx5eU#sV}o2zGeq5P673M$tssvc
zJ!8-oS83n3$XdomK7voyb7aX!pkk(YwE?QuU&;H^*1;1ovavgOldM$IkC~MSbfZ&w
z&#d2ndRAeH+@xDs9gCGsKLTt4MC4U6lP#EXCHu0WN_6Qy>ooOaZ<<oHiNmej#E{@p
zSH^Ri%~|ZGFFeOZCc-7+BCowKandLyuO;@3=An_pH*(C%Mn%-WxHLbf77wLAQ`59o
z030=GpkRVGTmFQu@Dw7q4Sa1XaZ0mO@aLUY>A3S&@bK`K<4$Mi=XMK=x4>t2dz<M7
z`ppi*q58y&!U5?Lz*FoIptLWiM?&GyH)$|UT?}jz?=GJHaC(6~_j<YAo#XD}fYuzm
zbvNCp((-22V%%w;{<+WnRZ?C0#sO{d%h_go13bL>$97!s9G>nu!uOEbS&bc|31!46
zxVhK4?u!~>P^f7-ZgNmpr`U0Oe!hgKr=Mo;oUBqqpz)gO58L7;{IiT@BAua$iHQvz
zyV>?M8$X=jFCC3Jj=LAwPw`rbJ8bF6jgtxjg6NY)=Ns^g^~8@*@Fp__`|VJp$27n4
zA_A(;BAyV?!>UOhw1npZyetaqgtYAStE(#+F&IDkSSKIr+LN`;_UHvAd3lu4v9Y9_
z!O|GWX*%2-Gc{%aVt~!a&CLxXg(MW3r)1-;3q*MM)(uu<CB?Ad-WjHnQ2(b8eo6ud
z%%5T^EDrofyHJP~TIa&}&8Q42N|RTOqokx|Muep&mo2&%e8x#r68ooS%d4?T2pbVW
zh?Rnj8J)(n!hTaoczo=12rsy=dT`o<DEZ?qng`cn@hC7m#HW^#N0BSOo{^xTiLedH
z^g9BTt7gC%oO{7id;r2k5Y|_Vq(s;3)Z9W+5%4+T)+@Sn;kdLB22x|eSM}Z*B#6gF
zr@L#BMLP~R{>BUr<8wKx_heCz+&Ce%^if>;f`fd6M_O?+qs4|5pBEw?=Z~7y-w4SJ
zm=lbotVh{5a1DDmnD4VW+h#>JT8=jHatBzEgyczveF0Y^L`k4g=jss6zI~h2EqMRQ
zF)0OoJQ8u+O~u2c;AIzbxON8`{OsP2X#m-U^*0l&VlN8N_+$i6#(M>Qbh=UD<D&Zu
zjNMa<V<P9V7wCe}2rdp{sB<C@Y-BjDO$IJRW>7i2SKyhxyOLo{ke&D$-1azkk^#%t
zY3l)Y1<r`IKk+Q|y<Nr1b|-QT3-p4B?ls>on|4SF=yyn-oK9TpkiXnZmk&btL*isF
zvJV#+r@@k1FJCfIi-;H%r%E0iivAU}NP6@9v5>Y&{D00AAJ>|icL_mIwWz7zI?u-Q
z@oO{$n-7SUyc!R#TPX4R5Wp|<-QmQEh&ZSe`w+VqnLI1#HB#l?@=x0X8Y~eObddSa
z*EkRw)ZDiQ9^@|Gl`0opiwtR#_AM)XSgxtf)D#KjB@jV*D`c6lNEW(5DlKj9{?dJ<
zdmyxpXwl*=?N#J4LDj9P@xD*>5|P{l-O;eJkd7_xhQlg=2lbeA8P58=UXspMV7F`O
z_i_y^?Jvks8Gq&{VS0O4ICH#}E3d0$>46<yz_ni-jn}K&Y5ai+o=FcSe4)A|b|<^&
zoSm`M7^Qz%{I?Y^Y6ic9_Uu88Wj0AV4zL(e^k(GK@s*snk8~vUcO{VHnSV(`U#r2~
zh3-+gx)SBv5q%5lAEdIW>UV2E<QZn5bqj*!CA#7@V}`HFnD0AdaLQ$3q7MH8!!c_W
zR$}J!7WHkVr%)49%W2Qxen|mQF~wgYlt=SVkkijPi3r}v{*;O*B{(R($3wJ)MKc%{
zVejhI&j-sHl>koH$U9eeG_{rPJ|!Uu%Ji%=ORYj_g?Q_A*a*qIS{<U1cJGq%RBp~|
z!m0vqW<sx1U(84?QNG}p<xiroH8_D$YLg{1Z=F`kZ@>$miFIxo@+a2$G>hg)$3y=x
z_c?k@OqISUx<$lZ`UR%p(K}_dfjHO*_PZOFx%xal#TP+F2LBN?i3i2GM8lCPRmeG&
zwoE5*OPP4+fnqF5DoZ<ZL_sY7$_FFV#=8>zjyI$@xFjyss(-EX-AsupCBXhIg%!I3
zBO(~gV<jDkzJG10iCzG!QgT+kZ?^xMpPM^F>1CPf1)adHB?Q_=lH7Uu|CD*XOG`Qj
z5LU2~bKl$P7Q#{=9W5<Jjvo%p9(Un3+S6nA2SyVYZ4$n?q+5p{TU!MmY?ZzExsO!?
z#XxHI|D|D*I_CdP*d)nq2`H;E0i$O<h0A_=#-4f$1C9wiPi~U4q=doqBa<Te9}w$w
z9WASHFY6o1k-0B{C+Xy7U%3eF_<0LDcU=a#=APGNA$Foq&79A6#deS+I{_1V+;YWD
z#dU>%N)>$gF5W1(<5F%S;p+l&Pa%D?iTwfDpsCVgU@_%sa}m|cH+*#1PWkApF-e?5
zBf4LSik#UmCg1e$A~=O*5P9)8Q?CWM`*BYOO7{}<N$AxAF}bR%Nl|}fHVC3O^ntx{
zM`~_tyNR%SZfp}5H=3hLCvfeq&Q(;RYu^|>GKu-RBxRjL!=$<9d5)P8@pVh%%7n2?
zO@oI#46f8|<<4hXTL~f!{+BJc<D#+%O=QIRZ|3jh<&t+A8N<AywcYs=T)72NY@BIh
zh7Q=&j6_loWy!cDSCERjaD&6B$0T+N9&tln)~uopv1%DCm9IEs$LW0ty%~%4yt6A`
zZ6c|2{rx&+wZmS|IMMSn`9<)KD^ss}l!^QJI3}2DW|<<H{^-o*(v&&F{JM96SjeSx
z;+sM(<1)>Xf1}=vHrt2j0l7jIHIZ<aVD@?UVxH|_`q2)H;0a|e-hFAY#tWf8vHm-Z
zi)g>dpv(EWdRQ!Ma=9nXfO<r<vA<c<q(ZW%kexzZHCQg2ev3KZT&6l!qD@%GYZ<OV
zB{kUEv)YAD;1D)CTzcMil~(~zQPUSgFH;b0p;vM-j`7`7l{~NhJs)q!g9PCs`}6nA
zVcUEw6@<-Cz6a;QLtLs9C7rn@;9n^b&cn{cd}uYQ<UM@bR2S0aIdmJ);rhxXomx5F
zOPaXYymxq8{sLb*7W016D9`Uap^DezCaf{hUrZ`;L+?vC+RH?SoAW6O?A(+0oQH84
ze(Dj~3duBn9VR)FTZtMGs~2YAWR-1%!>3Lav~4c{>_<({%{wEnpwWB=Kv(LA`0Q+U
z&G9@JS4!TeIMGxL^I6Xvi&x^33J&51=dxHY%0ZM@;2d9tQ7x2!vX39ym}yuiy@v~b
zW?|zQB17XF<V2aL1bH1U-IxfD2z(SIDtH&+(-Y2Udg&#o3tzX@G@Iw(K?2t5Ajvyg
zLg!)jV#yLFNmB~Gd{2-3qarC}ctW0A?}26j8M}(x^Ybt^7om9*7`o4b^rDKDxu5`|
zy{rBhJu<p@IK<#qy+GjFx|n{F)Ail!Vohw@Q1gIwY7fhT)jnLdP?*xwhF9X+%%yZ6
zU8eN-h_k63S!(KS<0>!ZMbKlhat1KgDe~xiVfw?<LJ^p+gY9KXWt9(O<0GV@vTEMM
zu1ayjX|s$gqEYB9)*n|MI_#vuK5Sy(5)yxf7?taZJvkr^+<-*w=EYjbY58HyZq{h7
zM@^IeUGmCn^iqeHn*F;I8A&d8c4;M{#lQqx0&#Qf5RU;p{hmn6%4;xctuL?3nz%iu
z{?6j=PE588j)rZzwj-9}SiPwxvzme83^R6kR!WdZ7Jhk{=n(dipup>B8<LVPgiGn=
zP_0UL3sj}J6QZIOf;A;&p6#Z^-@nuic#~9qYF}oD(oXxcm)w)dv=V|gu1V@DX*ESG
zs4QoQg3H;Z(PZ#JI>7xf@DOIimM$<5niy%Jh0D(u&3TDEvfhUa9Oam^N^<2Yvqj|Q
zbd!@r1y>#db-oL%vOG~q(Kd<nG##Ca+=Ain;mprp$lQIX9eR1LSw?+SQ=31MJlkGK
z@PwvIs)Txp>@Hbg7L?E&saCWj4>-h1l(WJkh7mZ+hV`DNI{hAQh01AHnYu=X7c0(x
z^4T$-cd6RFwIx1usd8=g+f4nuap<C&iG^)+5IRU}<SsfV(O}q9QU-A?m#fmzuhB=H
zYs^IEtqz&)oF>Oj!L{0D8laKRW&sJF<5-$#5DuHi7plP9UN?I}4-f@#(s6zrye|GM
z_5yPy_c|T)Ysh~9lxAgCDXwZ-6z#AtTatlc+i=0X+(iH4MYp#7Uq1fgwEsw$0M~*Z
z{uj6agu98*Sn}tiRiMD#G0($N^*o1&miaPTe7hiD<pATxIjuh*`722Zvh#9P5!(R(
zLQP-4yrZJE4Djfuqjz<6Df}b00P^bus+Z@B&Wbc+onZ$vb3<}|e*Q3%DtS$r#uq4X
z#9~doX{wZUPt%imoNp4efF6Ki@qhXL|H`mla3S2UCIM)$bvEy&9FQ%P&l{qWB{ZTn
z^o<vh93UT%^esf)z7utHc4A}otTUJzQj%1*yZ>M}=hf8E2s}G`yHmnxOAGEO?rBsQ
zmINj#>vI8vfFp<0bafduNhk>rfd~0U01a+#mKy5lGFnFc=TGVg?P(;iMlE~#0|CJE
z_a+2Dqf|3#Dg`~Va2N&Hk8RuGR7g5hzuo6eybKnVt)LuR;)_%}XCWqi4`y|?B3~|Z
z2(>w=WsIjXwCZ^s1PkIV{juYU{RAwk4yS+2JU<c{Yo-#{#Y%otP8oEka)>+-<#EPp
z*-~t7fckn#?YK^79XvN{bD1CiQ(PFrp$&G>UQRZxk9FlhFA?XWR!=GMB)F*mnMN~p
zv+0d$rQH#8j(s?G6(g>{`Sy3Jw9SI?1G_?=-ob(hqGt9;IpOrJRI9QlMhB~L_->$d
zU8<4d24^>gvufXA6LTqtT}s{{Vbj=AW@d1sEyoFAs;B>*UDHoNx1$W`;Sex@${wVX
z4-E8!t#25lvJFmxjRSoEVzDjxy17{48+|5}nOR#ES&2os)t=<g%v!0ml<3-4`N7`s
z$rcFS!Q$jIP{Htmda>{V4kZak^QT+cIPpF!^Xw58i2lLB`QY$JRCEu{9*s-G2Ixm6
zekyjj{GGkRsj=R`bWo=u{H&F<0ip79gaOv%9FD$Sgl$$Wq$4oh1UmOZ#jY!IGd;Da
z@Mjmp7zc6gh2B)p*~FPx?7+Nh7=APdS<(l4@7UEltJF4iV5na3#f3|n8AegXeQ6#O
zfS?U@F+wE^u-h4>Ne#`1Dg<HoNwYzc)zK0hTz}yU9I()OsE1VfVp;8*m#9~JrT`XE
z@j|y?2a}p%R}oWUhi4}R<1J_`8EJ~uKni!P5#8CnSRU&=sFRon&j!LTY>%)M$cMts
z$xcmeX*fs)CE5<0%aeN3a{3{>xs>1e?Z41z#;6(Q)PxonCPfAA_^<Vh&+3)n8NNR5
zWA4o(N=#y_@&<-Oj+&Q+zhC6@MD_9uT@+^&@nS<?zB`~T*l~bJ(T0G|NJ`>tO<e*f
z?{UP>X)+%K!RAPh84HZB*E;m%OS+Ri0l1~#S%SqWN+6$Dr5jC<4a;W5umB~I4g%>s
z-nuXn+#g=5kfgE-!~cw6in_>_WJ3WcqygG$3g;ul3=P-pKop#?ZM{XQG|;idz#9m1
zcS-EO0{Ifc5Q)kSS!fx2Ipiaau#eRFup%_w3aeM3iW&s=5voF(AF9Vp5B{Y6LY8VY
zUX*%)r^&)f1j%$(1iC;dx|46cy~1Ok@KVG?%8(19C$a<={3f=hJ#}V}Ltb{?wl!W+
zTz~N}&}p0o8Opm$JZ5UVD?rUs_n|V^1c7kKik?avpVd=&5G#nx024+R3yYf+x<HWr
z>G3OBh?X7*HQDvmqx0)|{{DGvMUI{XfLu|1#XSMK^EB;RQgROb!ukkyvmcq7s(ER!
zmosSvSOypXCdC%@iN*uy4|p?sU?|fc%+Zi%J`@YgrA)_M1U;t1by}DF6$|aZHcN}c
zay)QNp#4vA(%0Ab|0+%f*3{HIao3_g15e}T=f*c=HHiO>h528^sDJCB(qFyCBVf~~
z0|s|O4HM5NpJS#NxupRJ$j?(*)?PYb%|i-*@@aVJ^i-PwYE&Qw&<Y6<^5lR11J6<Y
z&EN6&Ih&26C2{-oY)@pmv9G$ZF}tQw+|}_{T3TAkK_U@sZ0yaoocEkdLB^>PHCly)
z#V&{Q^2J<A{XKDohox1F(;4jmyh~C!+S;PkG)n9b!!%z4#<gEAWpRa2v$t7Ofxtxm
zC#&sacuR$ag;JbCaBy(8j|^;~W#|ubwjxxRd4kAra}RlZGWIcF$ohE*^|KfOa-oh2
z5(8@Dm0h11gH($F`lODrq^Ul`%C0_>w4doh{mxCFjBZmW^2@h6I)OP)nuC*&Y~5k!
z&hp1c%m*vl*M?Un-dSw!?$m$U&oWgwBO|wql~p!+df{4+h5r3{pi6}XEN#vVQTA>n
zL+>CT54YH>PTrwj2s_wkJN$mPDlFXPQWISk-7ERK6V5XtZtFZg>~!7lQb)sP{YU%6
zCpLJ-X40JXTcOzxWP!1*h=U^J1=Z`CM1m|BxRPJTh#Y5YK~t=E@`ITZMX8tbNvEH0
zd5jg4<<XV0x=U)0oL6o`4`NLly?(I%cuBc(wrLoB@H%1bo}dGZA7o@Puf8vOHr3w3
z=eCjfu}A<*5dYd_O}Y4B_&3UraM1(bPo1gGp8iUe&w)NYa&$ISk`SBJ7Ua}2bW}fD
zHYd*J@T!dlYZy+#kky>ki0JU&3IV00t~epsEgNNH0j^Wt;W1ogMe6+Oxv-+}*jK@6
zQna)ZxSm^_CIuNZSTqW^ChiqY5P$-diO!E_GH*t95m*0qP~gSot&80J{l;L>Feih;
zmn0%$@N~XX(XxD|J(XJ#IdWXl`$j)O!B~vUDh6^QIqmz!iB9b8Z$ZvMI&`D#omZck
zgT}bO5eVa*33jd1Z-M9Fpz5U@gvJ3I2Hk{wMS_n7Z+d(APX@9gZ2C&9rTBcp$7k14
z89|0)0qLL%@!yr=hAVRl!@_$C4L)#F_!ObzQSUBE6V7nmC}Ahbb1_y@^1GM!hS>%2
z=|zu->wa)7P~?6jaIQWHrDfS^l~OCIv1OL*pP|%I5)EJa(SduuxbPV3f^rxXB%2Y3
z-NS=_Jd+o+(kN-F_SlK=YK~btz*nwnF|PyX)ueX5p(2ay&S&mY)@zw{>ieGy>HUl~
zLP2x*T<a`2m>staYY*=91Q7xIlW~6hS!2CwI?3I(WR92@bapEi2T0kpB)0oW=}EqI
z((i;l>Ds@1m>V>b4Pn0cBo`UIALZ<X*UrzR*G#;Dl#{r4T~P*Z>ebKsjJB2{>d*g4
zq_xQw`vmWLJCU5=UMn;7V?bLYY9?sad`{FQZb~cZ=&DQ*QkAfl>iAXQ0_`+Z^_d+t
z40S>AW^uq<cf$OakrEkv_J;)fIY}NVGdcxBXP3+Lo15Qv?_DTD1kZE&CR!`%%7$rb
zLe)(0oR+l%r#E=;E$I9*M!ZVYwl-@wJzXUIs9E{Zf5g1cx-_XMbtQgnS~W?AVk9%w
z`%vN_b8@IGP&~z*z3|%P{D$-Uo$CuPm*afJ3gD&^F*;?Scl~kSetOt#7_V^WagaGO
zkdSAKzD3<2a@S<<GVD?vWMh(A^KJb+9DTtpa+CafiV5M02PL?G^@Uj9ThfP4G{>F<
zSZ_^i1tFr4f%k36y$9QSy^E{$BPXsmIQ-^@_7v3Ssa7%--gn`?qaPQ^zJ@QYA-#F$
zK^JZJ5VCx87}j$kNOYk3la;mo2iv!`7D!pQlYxVJoYt)6fH*2Ds_o-N!p>HyKr3d2
ziz>|wO^wZHF--SBXUvXSR4i#2rM+;Q7uzl!hPY|3TkE1};g?q%cwiRXy71x{>%7~;
zwRHMIKh{NUVlru;yHf3Ir)#d2>*mkoy*>`gIB!*S*J{>MFTkrhQ5VLEr;TpE$-_=)
z0h=8U-Gf|tY+Ja5scCL>E8oQ$l5dWLtCqU8%5?%jl*`>D%zK&HuPx!jn^W4k?nVYc
z({Wi**~y6Rbt|}az~H$|Q+3CUp5-C^tX4DA)Ln$AKs2O5(Z$1YeE5EzXFx!me(qf5
zYN!K__NiP*V*%MZ1IK<?yXJobgjPUfsK{Dcfcx{KZ3Difx3{;ma`t}|tx^FTbSIS$
z7h>}A5eq8c6$0wwnuMH-#O$NLq<43pNfU(H5Hz;^V8R-Tqm+e0sa0}Bk7qevI;?kz
zaB*>2M9<)2W9NZCR--BtC+H~1$d#yMSupqWfS&@DEB4dbCdmkXo-t4ULoC2#m?@*K
zo^aMc=IQA<I!^{vRFZSi;^N|?sx3FSw<Ggk0HH%j7tatLC;0McX{!&7LrP8#Sy))u
z0;3;tRa#j&&>MtQXFh}xP5!)DrLSjBHhN5)0uBY3X~>8M*FO(;$T9Cw`djUVtu2rd
zO2jl}wy7atP5ytoWQY8n8ltqC_iGE)&guVS@L-hzUNb#oT%Zkg9n|j?BP}N$cOsfa
zbQ!Ma7(}zxguAXX7SndxM{b#cZ{LtRx%Y~EL`;IV5iQh-UcZhp9ODJC93PRXnxtXy
zxE&GACRmpYm&#lz3mK@YLS5*hlYfRvVCUdTal|B{fain&iH0<ux6BL6YEcB8AY!cc
zb!d7H)ixrdT(+LiiwV>uf|8w9JS9(sX}u!8vFS?2>4l`mX?m?!C?n-N9Dyfam{dgu
zscXbMe7HZgHn#Dc!(3R(iA5^$nu)#t)TyO5@Qec8jsX&VG!rRJ4Oe&m7K;`HKL(ou
zDnx`Hq$6=Ye>VFX(x0#OO?sgpf<XpLoA1AH)D%!^nz;O`PnYO15I{RVb9*uBW(?M~
zkpNS*ha>LA!ke6z7XL?%K6EXlb;-Mh$!R2!Yy9X&@{LwUmfA>}pLMX1$~;+Qc9#T;
zElwUIPBycn264oxjY}%(zJ!kSb9|7RC&yfw$f*|g+^Ee$wuIQYnI%L{D$|UqJm}3E
zm2@IgnxadhNTNq7iRjoq-7#@yYu5bu$jecG9sf(S+9(qBIW6@+wY`XzjO)B^sFnB=
z<k>%@hB1EzQ<kAbBP@fff{S?XTv@y{TxmT~A4fzP1yD$q8HZezDPGN{!G|T;F4yma
zeU!AD8NP$(NC1=(K!cHi8{aU^vx8O9vL+qg!sVEO>o0#DObql+$cJO*9LKxb#eGQ$
zC`*I6Ku^g4_iF`7i_<Up^RyBJLbbfz5hMn}LjnjiwMx2ebz9_VF$@*FC`{VLA%}*b
zl)hPR$MGOkfXm`p)ynJ#bk{`$K>2_w>DJaOyQVdmh!}u0#*5>$eyDtSqsctmcfYtM
z2~8!CI>JXB8&W@zFQiZW02?42W-+jT=86{Y79n=Qx<NmV&YgqvJ_lcLiHF`Ivm9sb
z(|Zfk`f9SbD(xqhj%;vdIM_}4S)eD$9cd8>;5eTA0!?=ORgy%6>$KS2)aXA`()OSP
z@icJ}Pei@<>{thwY1EgbA>V%}dPpkrK6#}_HJ3BGqW=f5mHSdmd?PX(y7UIqVQ|)(
zX3&4>a`yAkxgN_thyok`e{ckVG??5w?U5~HM)VBuU<e?3-3oNtB|}r&#2>@%)HVBo
zYazM0R69Fc;Qo2^!x!^$=_CY*gG^u|2+VW0?`mBZLlp4+0vMNshy3$?rIft94|2>~
zJdu%+wRTJFz_(SOR_le@U`&6&_C%&b1}b>2CO3ie1g)n@1*ujTeyUG8s14SiDv<~s
zaIa*7YM3BO#~Zwe&-(Mfk;GF~nsieT8hcPnNJxC!*r0YM3avvD@sWxvn4OaaFho`2
zlkmCqHa<)&P^_D8G_VH}EBP35hki+UD65Pf1-FG~JsK{I5DGm6{o5t<01<@Hvgh-D
zhETTHe-uEU9+XVMWh7kZockab-Z0}?GPGFKSQhnt%EB$;{e_0t7TV*nX1uUwSFkbY
zw%%`t<l;c(BgHH8bCN8z--9W4M~4N?`=j6XJ55uQLGMsiieQd(NVnbCu;FI|D-i}T
zlANA!cxZ2YZ19YEeC=n`UxRfsD02MaJlM0(3Tf)A;Vro7XjBZZXLSJqrkK5!QMc&H
z_QLwcIf@e=rJTOHK_O=G9o;5B9rfU$(-qV52UI1ZC>UaQ5Nv1Pwzg(|%@{)AuomLk
zqJ`1KLyw^nZ$-}8d)Hs^dgl>i<CA(EpBpqml?yuuW2Q*l9Ft1%((TyB!(7L0R%U5u
za&4Xl71x&#B@vs|{8~WqvwhXUN@2q#NXv;+hC7RIm%(~A9b$`AtkMl5cs?(jnDnM`
zEfJgL7yVd=2U4XkEwNlWY3OIp$qxuli%s%GxCE@`%97%5GppGP0;IWuKqDj5hs*#0
zUExQfOBkGX=;5YP*xJL619z9tIb|9yyShI9x*aTqlfUzdj`sDN%tg>^8U%*7t{+A;
z(F{!48S*=c2P<}rqvb~xo8cff5$O!EX(>U77^qnNJP1INaM5H7oj@Tfpd+AqZU@en
zDTQ}|8B~GM;3s}=`$R&&DRkaDYAHg_i>Mm<RxJ6<g{PL?t$unw8E}*YUuukDMNiMX
z<py|$0!ise>`ooYp+a@?v7_*rU@0ykRP(H#ixST*smz8d-09$E8fHz0lhjH7=$%<D
zC5=f7N3O?o1T)%T#7=i?K^+c7@Z8Pmg}OZokY?y;IN+S-6OKe)nfP0xIlItksk%rk
z%?GMw{fSx02w@89d^qh|kxk&(cSe^z`QR9dHLih!&M40qW4KVxAn81k-E3I&FGo5B
zce%=&Vr$acZjZvDfF^{V!&ZW$PtglCk8d!k$^#dcYWt~~1lvQzc)M(rrJE8CQVW}6
zAPsLyz`<o;trJe<Dk#I`EO+Un5Ox#q6<%s_h;%P1EN4WxewB)eRG(v<&~KKuDqrfK
z^&Y{i-118Yv{=tMO0>}?h$+LJt>^G!q5AVGk`I=Xr`jYK=WR-`RwH0_ou7(%3oi{-
zQmu;S?v%L9wmI?0biIoZt-rXx#i^B}Ffi|2W``fpme7rScp%yySFF_g7?Kw+r|La&
zF1<Tm{n-F_XdFYQ<Y6;7{B%xJX|C_@VT~xX4DDah%n6HoYLYcIo3R4@PS$b){)NJ5
zBlxMFfqRDv*7W<UeZmm+DQHcP4ILOY{5_BXL*bb?C|?m3zft?0=Q}?SAX61+k3Z~k
zoq5<9BI^|q(V$alw_11JFUiN!vW*a{K^r`Ld?<jiN5_VYHh>>DM+O`xaE2v^_3-du
zVSDVjE5ZFQug4!;3?)JM*Hji@MoUSr9dJ|cJd}G!Y8gL*=#Y<=YKB696WikBu{=CH
zhRH&q-^EoaXSPZ&E@psRIHG$ZUO$p;Q^!+H|9}BddGwZ=U!Jeze?(_QU``)qz~2Hk
zqQ0alaOn`^l2S)E%KV=R*e7zs`cr;<KrqN7%S`-?%a_fZ*TTr4LvH<HA-QeIyqp7Q
zEYnH2eX6Yh?q)JS=^bhvP&j?asp4ftG_zurd<;#4t2D8X{~8_0<zGVOWmBm%%?(1y
zuzVyXFn@ogd1jtax|TAbF6X1<ZqiIob-`(R)xpUH1pHThbFu&-XBMu()KgE)z`_U3
zP-3u-S2Qdh<M$#OBpi^X@s-3et0Z62f7&hpX*gUO0cY`QL|HKq4vUJvf|G|Lls*xQ
zwE)~NKuCZn54hb5L#|(f3jSz&aw!C_g(L{|m7uH&h{jrMhJdLEaNfOshPK|n?K6PM
zdosC917uWrr>2dfgCA%Bov+G5h?w}2GL4%wRDfh{B#`{c7XiWZufz49S8k)WbHN+r
zdo(yt7lci1l)~4Be~QnOZ)3zfES;SD<11GPL!l(_#+va#@71wVi)sF{lUOQ=&AFr$
z(bzULl|2JKfSN5@9$NHDENW=l6GKT-t@Z_ydEb0eAefFZFxSM}il~^=RJ~S0Oo=96
zTb5+6O_CP+acHKO>8UF8$oot^PKi={(Ef>2W@ADwTKv6lXTZ^WC<(f64v^!z9?le3
zyw4{9>!^}ZsojgsYbHPxfS|)Yt;K&oXHg}<SXAXly5-+iJT)Vuoae1TKg2cY4)e00
zI8-{o2^Ag$?g6BY4;*myLw`@IFW!#|#N_AGeE-s<=z05*r2{A#(&2e5rGSDzFefKR
zsfv8kn=a`otrn;C|K(WyFWUwj>Gl7`+n_VQmJK!!@QO-IM{VN{{Ej|K46qzQeET&s
zaNE)wlen0owxoyW#UEuoUDN-v0{v|Uu;Y62O_ShQGqB6O^Q2I?lOyo(&pU$cx%A=_
z1T=MP``{Bix$Sius?grK%CDudtDdjCUZ`8~dy6x>E0dm8L*-c<{?{@uCm(`D7XZoK
z+yG~@KQW2Wgb_MIhcH|TEM}sUgo98(sK%4X^;xGw|0y{0#VN{szCfRo@8~_~7m;b1
zehSTiG^3!_5Rj8C+qz<Du{dUD_hJC<p35YggUYHd{28tGgJSYt6s5utfVfC?@hUla
zNa~`@f}3nw2i5$)vr^gA+kSd)$=pC!w-p0VN?WIw()y&@x-<o39C|!u&OnmCcEWd8
zP9^i6{M`2`F=VY}`h_4#9t{^wJeff%Xu}K+Z|JAg`HPyDuF&rb^!<=(nIrs=Z)(wc
zAI$2Fozdko@YzBkB0RbDfa6Adxk(Ce<doDc=s#mU;sRvk#CQ$+we?x<+)w8F!brew
zdB4blDxMfGz#(h!0h|S<8xyqOaeB!s!UL#!X1sOb;fha$_ON^ao5}rh<rs{T{(G>s
zrW4I@$gY1X;Lx8ViEZU4cw(>#&?aPPuqxV1I;O`VO=0ULKvB!l{eZ*2?%e<wt2GG^
zzr@}6Je>-v6a-Ykz`ptK2a>X)Mr-D##Lcx^5r>wM{#D>UT|-7i)i4&F1kh^kpS%E7
z2a0ZgSom510PmpreCPaooQ^BxQYiq=6lixl2EOeC71(~MyD$JQ2WnQ}B%^1Vc46F<
z@|I7L+GZDUWdA3N;GoUJ)mI0P+ntoUH>*NUCMqL<(D!|&%jexw6T$D>DL;tEscD-2
za}Q;4q^LkUu|O<x@)$t6OY4Iu*;_AFlWS;b9MXYVQJ)ZeP?=_l+2!HF=z2+xFNsl`
zOM)P{e|ZZya7g=Z9JmyTg3G|@XNLx`*aV16xdtt7faCChW0;;$JPuB1m(M-3ro3z%
zMN(O8KOj)DhqZ<F07Z9`>@k0JEy2)#dVat|js6$m{RD8~QO*#548~Jwq|+km@|iOv
z?~E`4k6pxiCtHH`JvwOTl^wcbKq~Rr0M;15)O!JlF9}#e2^q`Dx#v_8oZNaG_yiO(
z`6Jx`{w{m2qW@#laByoRUuR1C>n!(-Uve5_#1!^V%Lsx!&FLhl3=WuU!BV}ZE`6Wm
zDEJJgd4vu>V`%?SPv=@@-U~Vv0X+oR`a(cs2ap_%KaJ#8%vuo6AAhufKN{+LLaJBB
zZA>rNC3gRKmq*Satb=r35$~}`x3?o>42k;8v5Vi(;`IW|gEN=X&<dd7`R0D58s%Ku
z^bU+30Jf)+A19t5Y4kz0LhmoKtwB)G$G0N+6c(SIuMCDmCd>!a1#JdnDqlPI4v&TY
zEaf3$#WW)tq}Fd`q@$LpW0k~C<No^EpWhRn(~JZ63H!GuXtOQ@-UY7gsqsVf!zc(z
z$AEuGtu-~`;4v9a?jM0KikAK_Ar6-+eJzrLnV%OmK8qKW*UP1_my%J9x{$UR5<?(S
zT3D)<McmTo#q_okdQapuf1|q<%Dl-8SQB{D`CKl6_fiFj#0v^b2)%tcgxP^)fzb%c
zeP*8|kT&IbT#|jHGJmG-H{CHsn^GfyDhacZy`*zFG(I(pM+Z)lG!5J)1x$yiAH5!-
zI~O<1UDWF+y7??9bH43zJuU~sz?OHO*1;SKwM9~;To`D^<5m?90#yO^y18Hob#4H=
zXR=TTwtv@#pqvqTvF>AUU!|%Mx>O97WEPM?bBeCXDkb*jl;gImWXq#~WeA@0e#)H#
z$0);TtR->53pu$B0}}*^98t2%BIWdUT`=T{N&dPvk22Aik|b5s;r5ny^59J$d__LE
zpBM9qUMqcSg*pws6}Z?b;L@FU<Ngqxr;P~sWNU!kEAF!)(Akj#P5q*oBRbIie)LIk
zNB++w6@Z`3@x&eC&4`NKN*`s8WuJ7fExf@P(vpWF_lbH45Ee>*SToE6Cmx;x44LN5
zam)HY?A1Tpc~juw0(<MNnq)CZ1los?;ut_&+$shjTV*4}-p@crdQ!5Wf5*@Nsx<%C
zcovY}pDMrq1I25grtkzv?}I=r(x(JU0mm;jg=c`;_s3~a((wOJKf3|uEEb%7b?`GC
zOSTtqVI+L{vc!^k?!A+{yJQ?iFOjG>BM4K}q?l`RAPp!N)J;iZURErcZVl#GMBBtf
zlX)^RsB~xyme0k@NZNlINgCC_oy0?Ix&PsJW7E3IT2?L;@ux@G5dYA$LZ>Eyv$*N)
z={IVZgIQv6aU;t}6fTm|7(7DCp)~HvmX`;aE+^yTMvNQ)E9X%<UKY!e^a&eK(L$zO
zKGfX-CAw097y)5F*5Vg9V)U2;>DgB^uk`zqMrZK=bPxmA`VB0pYlo%`<ypQ{(qUHA
zeCl37?I;~D{m)k+N{MrLGC@^SE=Bb`h)=79hx-9b$QG_xsZAbjDdrH}FYRlo%SnuQ
zN^HNfR;-;Y^wj?iSHUgdWrrv=^!+}RPZfm{0S!L6A&Lx2pQ?23M?^>hzClyZ)W~pt
zJCnY_H*@?Mf6l2J-v8n2iPUBTrs?9s9t+Km--dE3t{>?jahxr|lh|gC`+FLeNC`e0
z2Shb57}vKHwDwU$ck4v9d9&$R&JeDG2k8q+r=eE(!8~6~H=)qqrDYxu)hI+OO`S@0
zJ(?a|v~T)+Fjpg%Gp1xspE+!N<)OR*dV3162z7F5`VAxXRE<z_vQ)R4EYh~YW+&2{
zJsOo>yOOUz$X{9w*n1qlHO+$GBl{!CDZ`J+_mc=Wlty%~xZm1)coUtT4^f&Ku{+N7
zt8Q(=q?M?Jn71!dAN1!qDizO%3`m_{nYQ>CG9O-iS=*;7h;>2@b-+>Abk$D|sx?T4
zT{4@Tr$%<+mr*77F1dSkJUspjo?djX;5Tr@p->^xgJo9&+yl-vU-DQgTV>KG^_vMh
z@D}*}x=bcFqPXMS=^EqbgC4;UkLc&ujM@>f;UH>MWnjif4!^e$ik){GqY0$;;icy7
z=H{=cov%@jv9-e`$QyP%R}bMkV{Qu)!IAN;-|Z^D(iW)nV=fuxp-SMNwQvj>)cA()
z9R2R0pw5+bdkk=8A)r0*`^>0*<&X`$j|s9fnr!V#R#ay*i~7LYLyI;`QN138FPbgT
zLQeUB**#%aVdTryu$m;nSVuN55Z*U2pHAX4)A=dFjWWHI^x26~$t8D=H}5%*(=UeR
z@i`J9sREHE$(G-G<lP$`#&6>#>IYRLp}HE{!4F$_&qK`p@He)JIi)B$dg{2$`Ouf2
zwfqRoQ<KS(UT2y4VYp?rkWh7F`k8VeM8N~6#bljOl<Nx_P}QXK@{4%WPm0vb=-1n+
zaX~N|WJ*0H{q1K*SGB1+ZjQfPB$~n2tb`>FmJ$aD6lP6*^T~GWN+%LL622kgvdv^r
zTfU&?QhaBgPt-FJq9jHUZI$I9D{md_^i5SX_`#nd9hs^a2@VZ|DMwaQJ?NME(T0sh
zwzK8sx&EvtQFVsvvt41A8m5bdm@Dm&yaU0sYc%6Ab{taKpXW#2-{b@xS?}#1GTjwU
zX2dQo0WUhU)=NC-wW?j^JN7J}=?(C40h(n|pSz9d(?d^H-1y<6@bUPtaZGjD2SLDH
z?6GqD0e*eBD#x+1QN%mYVxB!E|930>aOEewcp+Zr+-G{%44mB8j-kj28n+-MRJdu)
zOE)i&wI#Z6iHK0JahWIT?hy<hK!yfMwo}*I`7^n2Wq{rFpw>9r9E04WeODPb1B-<5
z{63L{jfjrK+4opS7H-Z@{TFqt>-CtTk~`mo=8;0#4o%l#2BfGO=dGKT2&BoHlc-!i
zI@u17_hV;EbiKEgYAwz->&9+@#$Ss*<Y$zRF2!<!O4vpfq0_1joNNFDE+#fVAdYWR
zLGzu}$2<dp4?if-5ZH4u@FVbFR_5$SUo>!{DQil-)r4yD#ZG@%gmJQ$t#3j+e(+PF
zjvvSmC>44c3ChlN@&u{+z)Zck5BBsh^ibzoCwrmP@oe(r)XK<5-C{nZr(P1tT-!^{
zc(iI#!pCshz4AGRi{<h+r@-sPS^W@cqpqhiWw=U8E=06<Y1fkbI>4-n^3#caI7St$
z^$re{MkL~*TwQBiI5WEllFH^y6awLym*uyYxr`4tfk?Tl%)z<%lrgV_yi`n%I&XR7
zE#&6kUec~7kd_j&ZqY?7`OMT&?wuti*^4ighq2uNE<?4b;%DbMz3zcsJ>R%+QJI2Q
z`Bg31P|Pv7>Je}?-YJo?W(L7E4j*7dR{Ys;MHlDX#VyfSRI+;|em(cGE8jb(fKkGC
zh>rBp($n{+X7}~R@--at*judTQM21l94|*`0@mB0Xj^cq|NS%c{?<`KmdN<qjf@+M
zl=tR@c9u?fzp~-_1^PxbR=qo%)Z6G(Wr)T37OQk)Ig$?~x<=T_*pb--!}vihxC*<A
z6u%_BXL`~1zwv_iJcb_zX-vbhhTn18%?cPwtlv;PhizHAgvrh+{u4&3+~lwfQGk~l
za)$0JI6EQ0TZrK0aybMt(g7L(10AW<9wX3DFOZLl_CM$0N#F0pDvO21D{}65zvyWo
zWv7l>!9B%ZydB0Oeerz5LgDI1pZMih8*(@-Aq%|f0?L6Xl2Gx^hi}!<<u4gOH(^lH
zy<%zSeFnT^05LU?5~juU(syxwKiqzdd02VDgSqkEdX6JOC5;C*<-$$&m#WFuqm19P
zahdOe`93}q>@Q{O>x|z#Po%xa-1tUmcRJawSa-U*qubH|^Q;Q5?C?hY;cCLHLv1Pt
z&W71TIlu<bHk;c@AGgUwld3ImJ)WKS0W{0B?JzZnO<WQ2rIKkm(3b}yb?X~;ih(iz
zm@yAfVGuAaP%|VNTnR*qeEr?y;1;wMXnMp=&Jq=29%^*faKw(>^f(?G43s&k3?;zP
z=f6iA|0De>6?{`j#+qvc(lp?cNiv8D`=>7jA?3s+&>r26RX6#IMv2amRBI&{_Z<Ja
zr>wp|3`J9W>53B&VD$o_=Ofk0$;t5eYb(sx+~^W67aj<Ru1TD@8yk81vqjvaqbj+L
zjd-sn1+IyS&eXiF!0MuY^NjaFUH_^!J_$Y_)qVU1v{}fQFO>5xe@vi6v!956DeSbF
z#5E{@<_mO4Bu|?{EJv01SKCV#JS~eYC9cy?1Xte?AS{K6{3W0OB<DZD)_;Rt|J+Uc
z@2pT`cuwmR^gI?gdc~gJ`Q#>rOa}d*j+Fl2mXrxFzcIIozUauNwQ<1!|Kz1rq^c!M
G1OFTO`8qWK

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/Login.png b/priv/.BUILD_images/Login.png
new file mode 100644
index 0000000000000000000000000000000000000000..8b8320e3230a82a5f8635562ae6ec30691862b14
GIT binary patch
literal 17361
zcmdtKWmuG7_b*O^QYt-^ij<VV&@Ck*4bmk7Lw7ew2n;CQ3^{<(-2zh54Ba^}ba$Ll
zzt8{oJkN`B{m*%MUT_VwW8G`7`mB5Hz2~#CqAdPHz(W)i6nwciQmQB@s42)ldK@fd
z%Y4d<4ips0BsnPwb$5f^^at+58Vz^#m2>xVLfmd4sgD`L`6ZtE2jED31xY0&Jqlxe
z_6R3L{ONOBoS<<3?|}f>PJKO82Z`oi*->aO(E@u~h@PD3i%VlloLpz_t82KO78aH4
zDY|XuE}nZVFzRol6_p6Ov>bnPQlu|b>5!2+xt8o!TBi|qu!Og*ip9|gAFiIaV|2X2
z>tOIJ<y;wiXNFZNx&FDBz}KlLb*jD}?vLzxwKHVe|0te?=E0L&_>a$Ogws1Xzo($4
zYPY{r5l{=_wj3kZkeo-Y@f;f2HzuDb?!v~a<jGGOYxZ)>V6P<pw9D2N@(PdkMiKBM
zfZFC=PO(n)*13RyfL82-cHMKDpyj0Vn&!nflw~Tb7$L!ZYq)3;q-?)PAS&F(Vj)k%
zK(N78fBYRwUrMk9H!kGC+#?JR(;rxnfOH?r_uyb$GFx;I8Xty)0V=SpQOU++I1LX2
zh#htRv^c*z<r&V=LrB29&(@2ekR5UKvMI{Ir==(W{zpQAGCV(WDE|2tiU%+en!uCz
zqM7<DdZb2#v0&#%ZPj&;oP5)dS3*X^KLw5Ou3=t7!jeujera&g%NGNFR~9MfV``&L
zKhM$_Ga%<bl?HVWM&*I<L7_s6SO)cLJHH&tM%TRBpDmBn$1#R~1n?UT7YL>JxX-%^
za;{QeIUMMZ-Xz1u9LL-4P6|<a%uAbI(~8|UVc>O`m0Z+sc9J1riH7;nP=%aejwbPr
zh=@WNFktk4U+iA(u8B)PTZ9Tjy7~87bj3|R7R<VuCB4$}Rj^iYR^dkMuRO8XFl5gI
zuQ*NrFdir1zXO^b7&VwLiF<mUfUXXv&DWXWi$fx^v7rR<i1P@Q{?H*2dAZXql{v$^
z*J@H%vue;$l7UqDDRE^DHED5Jv8<9jKu^R56>RAedfVNSDB9popKcY8K<%$B<^pw;
zl~;Yda8H>9f)`2-`49pwF&5i_c?qlP8rLwtn{K~1MkkxY5>a}j;g1K?rKK}Q`UaXk
zM`VYTauONdK`7MnheMIl%^XOP)~o`d4vWX<J8cY(WJ!jOeWaxpc2`btLUIwC;#y3P
zUy@PdFT-YJPLr4P%;_aG?96(0HDEYnJ`@29)b%#1T>YkyaZ_aNceQ<gLwI|}*P10t
zEi~$g`h{6?AF{ZuW|BTzlc!|pt)f`y!z3dhT-*h-?)16p@ir(uEX_ID^Orc;d(4x*
z&M~AdyFe**yC77=AUUpw_w{|DCM=Ofvq)Q&rR7Ey-q;paU4COV({RndJ9Ur0D|nMm
zZ*Y?=k(1vx4kH~dc>k<J=+HSCHQA88HHx5k-b~<CN0)Gg@j-#9cXMd|;#iE1;>{?-
zzLySgM4*&wSLyy3DkcXy*&X`~fAHn!_;==74y$2*_~#Maj$kNkD&i-|{NhId*L`3e
ze~PwhHjUy}v80PWCsJ{u#t%JHZC%XsawzyzVbl^iXkD))JDV7sjxw$-7AF~PZpS-@
zJjJ=MTRHMa<0;upn-&yc5!kRFE4@|91GA#Kxe-mDS**{#>0QGz?=NH@M6n|fW4t^X
zzIT=WLr$yRu<j4U9sVBoy^M%h1dO@X$vippBHC}5g;4a(eFm?BNZND1SBHrkto{r&
zd9S7C38W~0MU5utcNaJ>KA7>?)Rk|#;0}^e2>J$PgQ&D+#~>~uYel{o``zxzCIkV@
z%3c}aO?~&+(~zeq<r$7lW%56ovCVA4Fa3NnX(lTIy1Q7sXInm$rRMj$=%5At{POIi
z9Hmc4NhGiN?&jt=E+YZ1U0Z*V9kCg{_OT&Xk^0nL>RV?144HoRWp8~8k~PM*oQ(%!
zEjse!Ke!TU60g6bf}Rcmr;j<B$blcV0s=$G?kHGo;f`A^_T#lIAUsN;8-Djsgdl>F
zX-k2E<#}DVzEg^!lWB0R)-U(s0JEzNVb5d*N?`;GNKc;g*QGaCH83coR<~wshuQAs
zw+-<1oVvlh7>4~NEYo?Ie6X(vqVNIZ7;$?Ji@~OWtbbVJavObd)t7nyuJwAr4ncTz
z1vaLoPL{uAS8dC-yY8!uw4J~y6IS@<&WD;Xb7f8{j$TgAg-^-%RV+vY0x9Q~0hXKK
zg7Ci4QFMsSt>LDif2$o{$XT5BoJ`P1S|3u!(xo`VO%=OBI<Ly<!TR5!92xJ>&39wO
zbQSgX<c_^b4aBU<-orN?0e$|Qi7dXc6SF%e(*(nJC*Ai~91kKF5h%;miS@PfGF~#^
z>|(b?h1vc3&>Aq69LwFM($!6r5C}1xRdq5bgorTi0DZpLp+hA!#7RO~;ZO?f6iONS
zzFuggQkyju%c)Pg6=rrDMOWpqF<Ira@9<LW0{rj3!Vmt4N1J(<KnRLzI)1h*a8z7e
z>sQ}qzGXem&HdY4<v4JMo0>Gd4ZOvw(++|qXKJhV#@iM~B8`*JgHZ-<Ps%rv@@-&u
zqg$^2XN)G`e6_a^^$kihZsxLmeP(!FS#4U*4Q5_6NsF6zCvmE~F8a(Ub$pm*Wx;4d
z8izSeTY>7i8j{tR28JA4>};33Pz$w7m6@6i@_1@~<IiM%X2S&*_NP^JpvcFO4*@i7
z7fpEf=P&vs@Jm@ex;9Kvu%dOktccVjhawhppQB?v1ce*STR24?;{sNTD`#hFp>Cmg
zS%B6{@LbF7)i&bCrw3Ikk)Rr!saMWBJ2`a1B4%hIrd$2blngV=(Ze2+x=@Bw3rKYS
z<I?C@U`~vc^nRH6MoekW?KfW7UdQ4^U6Z%ifLuctdWzB&L3!Mvi$JsRCIc$K#%uQ*
zU+>pnKADKiOiuCy4>4|W)^07C^UK`Sn%Wi#>HMZ>#sj7|Vg`@Sp!XxPKuk?T1x6Zo
z|EtZ2JK?;prD=K@wp5v@xH4nAb!MJe4GXK6XSjEFN31Y&ba>1fkvO`FyI-`KKH?c_
z3SE`W`J{TyeH~Jt^;U`{zvD9jInYe-umHZn!Yy2OS$>W3a#3BTkud!WJI5^J564Pu
zE+?sEo4!epqh0;{0JDg4wx^t%E;?3geuAHMq7328t*-f4&pXb2iuPfSPkeR+^7qfW
zR~6Q~uW2}xuVXp0DeQNvo$YVjXPA~oc4+UvSPX2B=M<ZCkMhzq<4hHNDM!c0kbb><
z(}%KMLz}B$8fr0HlA~U;pG0q9l(dTjaQW5mA1P6Qj+=1#13t@A3axgF%pVGgI;7}*
z^^v#fo_SZ$y-8;(GqQHjmY6Q384V~T6P-_J+nRot9qo)&Wh39%1<p~pA_j<~Yq%88
zyZZC)@k{Bt(PUA3wbuN^#j8YyxkWB+rQ~wA2ZC}D>F33BZx+c2p@u}IM=0GFIVqIv
zmT&WJ_rI8qaTNbLgGN|QCipqR;b*%RnJ5D@jeFTXL=3}Xjc$ppy2p&1D;_=vMl%9t
zk!i2dL69PLe=LHZNFS#IpaU~5d3~6wj(>1QpZnGaM73OC`G|q)fPQeGQ}WgaoWLfX
zN*6I3CXqL~zX;V38952=0me0$z<|h)Q|s5QQF4-x*2cGruR%Tt)EPbBu$q0*51+}%
z&5-$#ekv*mi0md2N5}pkJIoITMP?~ai~9DxIQyL`eXH5YbD2Gd<yQn%*-RS$&Xi_J
zfL$~Fik#ubl%HnG6UpvB3?Y-X({Z>+mFukNOx-Gq&Adm?6OLE?HU3=)dK8xzY7L?P
zjH-5o*&<oxuwj~4Lb9r}f*CR$1yS*{lffJ~6AAq=`kT^vzJ8VGHjR#9Lo{z9ZP{Nz
zbLJ0@Ra3b9vYy=w;<Wg^;%DNOmfN;EnhlA(@%y#EM~Of#;n%Q}?b6nwU7WzDIDs!;
z5Q0!BkpD70Ir7K)-SYg|pU?0D6u|H1Y%~zE5fX+>AAffi0gmAVIkxi+g@{KO5|4;U
z$CJ3t3B=JQ9$`qoOA-wFJ?7<q5(p;;)!57`HXmP)9<DNueGdbjrtmngZC>7Xf4n~5
zht?m%NBUq;*iP+2HZrb{a<ty8^xofH?<?ee%a|xNEM-6vuYVhuuLf1L^bG#_1u<GI
zBqC&!l0w4C`7wcA*VVwt>1gd7XmLcm_2sKvy+<=5!%KF=U!v35r<=6_0e`0c-hllX
z_u9nlm_AFc1u~0FP8aOkH$662bn3&^K*7h5$YR=o2+)4vbQU%0$VoD2z8<D_Bghf)
zI=fiAJ?J0=o_=ODWn8Q^%-T8VU>4o0UG&|ah7YB|6Ud65KS;^+6_gag#Zpo9{d%L9
zT%?i{lJdeN5H=0JSaRna)e!2{3psZi{Z`syd7Z8}!z9y>oZpzTlS7Eapjxocm<i*6
z=e`NxdNabZV(ieaCHC64-Zp|!L1Zs#{#wDyy%TZQl6ZV^q3C%NU+dGtM^3R}!zk(}
z%BwE$kOefz_z_Qo!P;GC=Pb)@^j0nZ;@#KePP$}Y^l)Li2>V}q?lLK@P0A#4!@@kf
zrj{`=3<H@glJxZSHD8vJmK5h6B_2;^If+WPD^lrV>0Kn<=*!y7<O4!)e7yA-DW0CV
z8OSi&Ij_yt&$RvA{IYwbh4)NonEVKvXkk+C{rDvszTr0_s;mPRYshD;9`YjAss3c4
zXwS1fHt68a$9IVoUkX98rN0&nIt>j9!ihm=wES-dN^SR1@%`XcZ^GMt>@IBH+<xxk
z@5GVpU>>p+V`Sod)t^HxS_1Q+c(k&5fsXGs42QZxqY{mmfZ5AF{PV>fZfGHD4bN)5
zYxhqXq1&cEru12e1%fewBN!Bt@u-wE15Fo4eU^@Sy^Dg8zt_$@JSS+KYyQF{(%P0<
zRF#eNu?8`4ZdphnloMx6<+DDZ&o<X2(JX-)ga;~%jG7S6<~+i4fcB-=t8G}VU2Y$w
z=Vz%8mtP27q(wfCc?d8$`3WD|ItN^n^PcgPjQ4E#q>Hce{t9d_E%OgqWN&mkA?LYl
zvO3QYsrrae6?B4sPaz?7L1fTH)3StPfJ6;z+PPzrPvJtNUA!C8IsyJ6LQah;VXZ3I
zeYPj<hxzSo2>!0HJ~>;6F-1C??(T`UjJXXqfIDf7V9{F-syOQ(=P~PTi>2QG6qp%=
ziofbLUMQ}}_lt7F#BH}|XB5)&k`<y|X8+jqqf3lfj<m2%wRh*knR=_l6cS#SmMmPK
zddIvJJ&Pkg%fm#nqIUe0O7kIAv)Y9y$g(gykz9R1h)IVnM!O>*om`L>!r3?Xm~s}b
zIC1l_G*D(YS7SKIw29n^Ci%ep_%Ln4q5t~O+-3gfP4kU*Fu)Ic-!84xlVHp3sC-O?
zn%D!Wm+zoJ1yk`5p3VF=U<X`oQf~RqZTfD)_+~x0$UewyMxI+l8HrY@eNw855Kciq
zKWd++Pn9J;CU#Y%GE~ZQ_u&J#!rI@g4!%#HP?gAGPq;?Mmrsvc8QQ`{-wOMj7ubdO
zFySG9JtrmF2AiZ2*eDqAytFJJgap5=khQ1G!1I!%!J>yP$}TOL=XhKj=)3ZQr~Y+?
zS3RVt$;I{H;IXBH3pQ<m@X2QEC>+S%VM<3Ygbeks`j2XDO?qrkR;u!IUiU4^V};C#
z=d=f!I?utYpNvPeXxYed?*IYH5+;#Ayy*ZL>fj_X$`zk}h(lmHwfY#)B@R;~qx~UZ
z;_{P%>FbcrR>qEPwbDUPg@L2Tt*mW1pHC@y3$#gMT2&%`o2lY3Ub9sdq4G^~pUhiV
zB#{7ZMLHs$jEkwR^0ECDM;RL0p{7g^{Wl`{NFPj^1dZ_!x_~=ag&rlD?yY(Fxm0}+
zEfLh=`q|C5Zyu=}c^ld3C)pL3cG$c%mZ|+xeP>ji{B=CEEGWc9)JSdm3ul$tfX;M)
z*yR|^`3jmjW_`8P;n&A^l#zPYl%ipLsT=yoIxtf>T5f)!5uM?}%;mlztQQ!cs0#U!
zx-F#T&*0IXx_p$h6sE|b>wp)&;s$BqvFD^weAwc|uMg;&;*EZ@^R(k37LfIrb9}YP
z6rX~+)tE$?_4rLh7KEnHKiU}m-EY3e_5)ukJx0av^H(svEv}4bX)SW@A)hJFiNwNh
zN%lPXmE%CfFnU74UASf#J^W)OwZLS<+Viw}vb{yrNtBp<*m;1Z%KuY(JWN(c!Ti_|
z&p+GHa)XA=5nw72pA!}kqM`l8SbB>DE`EAEBnIowW~XKKNZO;|3C|b3!x-?p_Yrj6
zNz$qM^->Q~@3E;*`lYV^qGox^7{a7prKmJrtSJ!>4GY97GI&UaM8t45>77Lk@!uGT
z`xhDi3-$gRHo49EAv-(PJk-B2wmlngv%wDFvCPevM3PX}Qa2e)6BsMj<@=}q`F}!a
zI{*n$kBC)_rTze|`ftQSenkcTo-CDDI--~N51~(w|8{AR1MfNAT!Zm2^W(q0hs~ca
z$nKWxOW|`g>ZOP|0X8~|1lLGa9j~n$n&$E2=Gb)`v}XrL6RUf(^Cw-7tSbc!6G*O|
zdv>8T>~IY+tEW7hz%anWW2FT%%2}D2Jn9Hxj}U=ULCfwvAK>0$B2(r4s|E(Uu!Dgk
zZm0vz8oNKkuTz+k*ht;ySmwgZc=c9?3VUwL;TPI}o~}@LkE+c(G4{RKKZ4-Vz|2Np
z$w2m)Vtri92sma2RCbs!a<=UA%#c%@-O`Ote=1=<@d+39n=n15QT}urahYHR7mR^c
z1MeW6^#!R~1^2jxTX)XlnL6-$n;DsXwhO)d>Me&@R`g3UaiYAd(@8_b2_mz=en}xN
zX{;TClms}#o48!jM7U4Maug7158D=0J0{RCu<heL>EVWf4#HI8?4^Yonr`vmPgS9V
z)Hz=XE_l<rH2a{<+i$yDI(8_i^EE4bXNc?Dri!PBM&`(4dXtOe0l2M;a6yq56kKP<
zzaG&gD&z^pKQXXbD3?!IuK2DM-fTqtc=%>L=)Az_)bVPUif)(9vTRdwt8Pc_N?{nH
ztrTsBm*)`*9*TwuR=;^AD4c2AY$8gn3hRJK9*2$=AFqE7ktSjkdjn3X$!%&0KAB0a
zEY!8Ndu!`K;?lFjI{(glZ<H?D!0(vtCHbo`0FM>(`GdE5v=qr>Z6-M-pC=RsoSSH7
zt=3Hx^!HQE=w^K+<52OiJ|D);FBK6~`E;9ko)*_`u8>ZuMx3xGR7eEK6hdX^Ik+9U
zYL{QtZq!*FZ5~d-N5p776J`hj3U+=?p8&3aHyllk{tsnErRGBwvY-a3@_u%(ZgWdE
z=V7XR54TTG7U8#5HGn}c)uVPRXPZpj%`pVb@jB7a_v<6(`ReEvtx6T!Ori6L{_Ev#
zwF=gKqNIzt0ZvA}WiRq~^O(=CSBq1(ik-~0&%rpLEsmQnz89CkTid}@&zaOQyIo5i
zcTnjkMSCPhd7?_N^aohH=NB5*_%`{lrwY=AMw7Eg$pLe>+?gt0b%ytATio^2kxy)v
zuS!o7za_ptXhF5OUCsW=a>_hvjh@h#^7MmO@dhdo51juYcXVwgD&sT>s~A>jl8NfP
zw-H;_>>R82jdQ{(vSJ_*1wXS?M`;@_n~#r~ixZe{W~r2Nu(Lhp_LI11gg=Num@jqj
zWwMM(h9}sTMl2pn$us2c^k~*uLMKD7wh#%lE{UZ2SGWZ`@v~5+%q%siZ+4~FJu9@=
z(UwAb!})-Grp76H%3R#vinnEBu)@lujX9|SSL&==s1#yRc7P6Owx9+tG-b#<;M30y
z$RGN(4m6!*D7w58dIFS>qJntUT0@>$wdO9O0eyK^GDaM4^V&=kVN(yzBcM>HnhwX^
z-YqHx-?C2tV7=a+(_{~)B_}1OcB0C|lozPcEL@FhGx*H~_5O<A`l&3FJViuqPPm_+
z1Jf@N7$kGNdhP4sk+x&1k=8TLyKH@2?sFs`MKnTQq5?79#NP0*Z@<aOaF5@+oID0z
z^=dnB|70v!-0a?rcN5G06xsf&ctna8BqPQJw#~dqGWQzHrjO%05d{e6e|jkME_Yci
z<6zCFX@_N|ejjop>^!Otpg(g-BmsU8@05P!LKe0Y?Peh1)VUF{85DF~uyY-IGLQ_5
zYuZE?Jm2Ox(L$K%T<_KbEnzPoq`)=?N3~G1Z$I$QZ1;6KI<K-H%cY94P-lARHX3g$
zbg03kQ_<9H(%?3`4<r{COO8*H-;PAtT`oLyMwxWkWSTT^&+?l+Q%yF*Tf{#!H}N{p
zXpT!8)!BoI()kmp7mHDPY)M9WdqXFzgWB-`rxyVWnNK?-?ljHMb3JH%-Wbvfy=io{
zgC3>pBGzg{H_cI#oy=RZObqw)sMmEti+5at&hBCg>1ToDm!KS4&B94zx)R1dVx0XA
zr~853DYvbkb8uS{x;$ACo2c`{gyXSVB2fQ1^Us>|R?YM5!b<q44cbdKPyD=EQJvQc
z6%mNbdszNp$qskgUGqnJo=0B_p-sfY5SaL>{TWy0#@OZi;iMy<nWR-;8C{-n&9KR#
zxBG641Nv3!zP@MG=bITZ<}W~31exNO9bF?oyr9E$9L*Aq=d{@+e9^fXwb5U<`C*H<
zUjzxrOQ;4E&mbza0PER!g^c&ImSVjwxqPgtEx-7?a*nHo<ymKc1g>L(J@I)7@$#=V
zmc@!J-UaBNjCczkz$_XZ)}IKtxNgl+Ty>=JfgBOMo)y-W7y~PG*Xw|R4%567_2~o@
zS)e5*78c-GCuojWvw;P)!!pe>Sj$VixIZo!tDIT!BsQfl*w;7s5}G+!Finaqw_JT^
z9~0l{xNeZc45s+rC2&0!JrLGKgkgq_1L(dc%Dv!O@3Np?C!XmmJ*E;+qR&Y9!r5Q;
zOi*6z&OTB`!8hzlXIQ8#cfh;!!qeQhSWP+{j=B$|hEBhsZrNDrH1k&rsijsS7d1Eh
zGbd(Gavv({Ch|rE8T+ubrJdzu{I*VqunYG^=%3#{v-IvzaF+AT>N$=w!<(vm>+1Qo
z`Qm$9$~KJH-1nSY&|pz<Y|-Z!I+hV+v74YOpxVnsC8LkEC|O?%&Z4P}iWzKn0p_ja
zXC?37re1-Qq`-n_Iem6aagh2J`vOmXN`X0+Ji7`zO~u0xRfKtqDzZ)a{BeuRI3E{7
zsY=l?!TUaVePM97<Av<#R?)W{dvgpDs(#C@h)^f7k$rfR1W~PB9`q+Hm)9jfAYaNq
zWSK~A_=1<~`l$;R`0gjdnP_Z(BG0$9fjW}C@#f)!6c)AF;ltH#8|VO@!$NQDqMBvu
znYv*l$lXx$vOYvy!lb?iA_F8iXM96p7ekLsCmPsF@=)C(A@g2+7<w&v+|VeP5;SUL
z$h<X&<lB4Y&<xBY8z8&gjRE-E*!IEWTB6e?pEhGX=(*f5yMMK?RdazjpGyPju$IuQ
zva>^|FL1?>17>qBrhs`a`np!pGyKk1Uli;GcLDIjRkp<7oLijEPsS|_A(3WPi{%dS
z1xkxn>OxG5$LC|87jM6pTO*8uhIyK86G}PHZ#Se+zub+zuG5C1z1{m>uMMR%)q#Dd
zER^uHYq-vWTIgQV=+suL-$j8N#}sGY@UC<lHabpeh8`7fbrfS%j4n`Ji5Y6|W3m)H
z27i?{P8NibUe#A#Uo44w+T9yiwtjqkd%zt8S0DsEluoAg6P3*2EzWC(`sLEFxNouQ
zNaXa9JHDg_pI)3Hwp?GWAWE+kQsnGe_0NLeU0-fw#;Yz=aU_%u8+Z^nZ@n`}t$wD#
zGyI}<9MX0G8p*;PxA0~2sX5`kTAw34*`BsT>>yT8`Z%BnLnSduKf9EdlNSB0O^BDF
zo}+7}l1tXj#h1>WgOf!Q5uYNV1PTE=C;$b)p4U4c?`H%PX*?0sTVhAgu3+&ZptJ72
zf?1o@&1J;C%HZxQVg~hmG?kV;UuP1o^5INj%=L!|nj+>C<x?)~g3!u0%`&wFznJ#@
z#6qX=%LxQeDBsfhw7f3q1U9u0(z|X-pU$4=Vzu8?`ZnrWz8EFvLVUn*(#dpKTCA*Z
zIZ#{&xvC0TC@iQXwYr)X)7iCP0Wv*RSBGE7r(gEmdA-IO(07}c-kq)GqsL?nk=}|?
z0<|ZAY4{8-TD&=zYSDnZi9RyZhTbv*V!Gl!n(TQFx_l!x+bu^;@EvySVJ2#Sj{;`&
zv9TU+w23hkA9QV8WvfoFR+y8?nwu_VH~<eR`Ua~tP<`EyUAn%HzThqsi)MuTPY;Up
z#$T<ZKgyPU(7);^$>?Z_6K&l-Q0?0M<j30}7{qma1v_Vqexww?yHJ@P<uhQ1di$D^
zw>T^R!&uH;yubL1p?PSAl(GU3_<5Wsr=63L=&!RE4&pOP+XXILyY4-;1DBZKcU8MR
zXpc)rkf|F!z<$5uq_MBkqUUyKBo}I!$Eh@s?VvOO={880H_1$s@RRS$SxcKO*rp~z
z{Av;^Jl7{wskD_G>(I^%)D?9|6=HJ2vrLC>q)?w%E?{Ri;HuKm`o1se`#!Dr_A|xh
zlUMkdTIBp#)&PS{C7bI7#o1Fnm{zTl`@5DmOYGaXDziwGhr8y%Ex4|j^LzwOG`@!i
zbSYg|)kpJ?vg^G;ZdS{@9p-8+vNk_GH&buyLj~q))`?PiI~N`OWUUdwHG+#*3F`y8
z-SwzC3aFeKYTH?<ODzmV8LM-YYlB8Yz^QASYi%*Iz)hU61CEcj^ELBo`OdNw^N!cA
z8g9bX1qLPxES%~^D{XJFU|(<Kd5vJzMc{e9&HBiRB<s=vJix=lI}GOCb7R52k$!r%
z+2LGSnpniX??KDWH<a{a?9nR)Z#Uoky<2RxjtRsShaJ|PCwE_M#u%f(^;K-lt`xr3
z;+g4=Nue4=lMKa(=xr3pd#J<F4vjb(#L)UG)wXFH^~&d%9q6;i80XaOo^mug>nL>`
z9Tl`0QJu=n`7JC3r_6rZm{61vIu`QITU8{j*n4XfZi*5msnp2n@@eoIVG}=_#JE_F
z?LyKzF?SPkS9SiwIOVqOxn;Z>>(cY5Fp0>O(c`s~sh?1TEV}Nf>z$5LDeODXO2pl4
zMk&$-+)4+0ax(08R$-bRvog{Wt5c#jdnV-hgWnHuy1ss)H~LnvM=2(EXWM@^N)23Z
z3uUf72Rko8&R)`6?JxLbv=Z2BJ3izg{<174O(f5CU*i{B6;-u)JOmmwQ5vRap6ult
zz0lZTut+{RYw|dmi%dQt{5sg$L~#I6h%8hL^>w~Ku0-tlH9uYEyved~1jEa<k2f>v
zVViKdp<!yZj4XKl49Lu%NsWK&@s`-tW6N~0cOrW68ojucOvUGHN5_RQv5|^#N<<~c
z<Y<b*EFyJZ@hWcJa0_pbjMqd7MIkPHvS~0wME){ZdW=^jBEhdd=2xH3J#kmG*xj4r
z5(^fIjxQ9-!k>`u#H;6>0b2~{TzK&l>5k0b&QTu3_MJM@G}{{lO;8ueOOy|(>%O8(
z(faBg``zR*&mLD2z?4kQ=9UBHAX^N2NNIkECaf1?h;|_><F|`nr8u*(_4GIsf*9Uc
zoM~~2R&8gwd64o0V_2%5oL9JFxv)~6k|)ou^?ES&e7-l<vFQ6}@_~alaA(##6$K*x
zi+EF-@q<M{ZvPK!ob~|ySOhAb4DgK0Koh?B)wu43EBjfh*<HjSzO<(c(LKFCix)Ah
zc$GHGP4w#Boy5TS2lWozd*rT1z&D-1d_l{BnN#(n9`(%D;r>hkoADHs`?YsGaaVR|
zJ9qB+6ud`_cMASFc=qnQ!JqG|B*vcrSr`3?>??0HQ7`yV+X~zN6ds=X{b#A+e_Mz6
zug)WXv%3|I-=|xsT)o8A^z`sD8N0i?bw`&r`Sx_}qk^x(gRSs7Q51;D!IhSPb2k3&
z*FK%?JRu+a86HM<Y4d=uNz+WST0SfTBss;2FlAQ1r*!$?4wfq$mfM4~$RVH6ava_(
zthQioXcd%d)paT34NC=#@PEs9SPXPx9n)mhGhxC4W&Z%BX~632+5||qSV&7aiLnV&
z0)o|*l|c&8PsmOOa++>7MZ|<;omN?2_CRlZr4vp-uEqwurluPz%i>lB{M7O1Y~ici
zdZ#2;w`|!rCCPEjXKWQ~!QIOZUH&3v{*FSXs_&!G<PB6ZOX8BJ<BzbXcF5$&NR$=3
z-~HM{*o5*_R8$nWY)?$I7j<H;>m^E6TTbMr>_q4)Hz33}W`jjwh0=k(wmWrFma#-4
z8yiCbz`<-9i@2vHEQbwxY;Ug2R3aK4j1^g7l&Cnr_efV|K18$g>Ef}Ftq<lk9g4+m
zsL83qYb40|;yC+4)jNkbj&d2rsoCziSp|EkG!KWR#I%n<@f)GqT<2dL70iZ@Wj(wr
z=C{5TXbM?+JD6Bb_T3n%y%CrkgI<^=d!}nF-GvMOYRM+(G|WJrdy;(ls!=~@f?=iU
zc8tC^Zi1N@v_<np-UiUAcFXJ8YUC)fL0m*PBavY36~Ea|^|n|u0#JM2W&ZorkgB3$
zRCU=(`(9z(BQm94n@Z_RYs*+-B?s`ViosJpFQdmKC%sU#&<aQ5m_%AnQ?hk6vr6}H
zyP1#*uQgTMA*!vJdY1KMp)UK(Ac(84L4c3PrG7y4cRfn;axx$fhlR90Zn%wv+8Bq}
z(*DUtpkj8w1Tp@43hOTf^A<Oh#nf%+ocE)zC8>)xXi}S$B;3=XhlO}!66zm5CU~ry
z=q;SbF0C{9?MZ>JWz?;xuU-;|49NAz*nYB2Mi8=!0ag2)^MarufEVImkr*IYw5nEX
z<wNpO?d^QSSWyH5q1T?pPOmr41KCg9n3)tr<Je&-Da{lCQO!!>xHij7Gt`w@%IZtE
zrp70*eo&a>JC-EsmgBgt(Mrl>JQhCxg^}_)%1_PPLp-*$`<udTF9mMu)sY(k+&hyu
zrxsZWR+gYc6Jq2ESYcPlp}LL0Z43|5kC4R|Xpu5a(box$;jWG<d<CVZ@1#`faw(AZ
zEOBj{Q!!vYv(lQBJpW|nSn!l1J%*ha%%*E+jrLr7U|TsI-bDlkODCV?R~INou+DNl
zOP6fw5Wr)~Zi*yTpLBozSt*-$zS=QZUsvU|HyZr}cZSxMd-QU53Al0!1JDe6+0Pdc
zGPGZGm0=ZTmGpLcCB&_nE8vNaTV9~|;~!+>xec0#Ork9{OE>JN_&qr%3=Zn@&LI<u
zMPWykuy=InS7Sx7bwe`OkIvZ^)Hr%)h^p~E=@1*%MxEaPYO~UOJ1dL@$LVY9=bY6t
z>~Db%cAhm^SNT9hglYi`ZK<KAM><z=);^J)iUDcf828y{qDLeyD!JIJm@Wk+P@l0p
z;^tkQEt&FdALQ8$Z#`e}&2M7hZAiIQq6l|PA-h;H*+EC_RINnHT|GOGt(A}EcuTjE
zH=MLbm~ieSs&S8Gx}vgL2zzo0hga04aY8c-#Dc%AtlF@-)KHTZ$1<xDg(B+-6V!pO
z+xtaaeGIoMkapSjlzn)rYu<O=*KIusT!^J%)RV^s>!<b%k>nIL$i=bKcstHAs1D!)
z)I2%v=90ENWi$qn=0Oc~Il1E7lTB+HT5+<nqniAPlDD1il2s7e*Ub5|Jh6+Lm&y>o
z`uJQghsJQOMu6rr#WW+V)U}H>x*+iczTnlj6w9f-wn0^wNkaI_1@Ph_|JLPI$2%2+
z{LSblmtL`Tk<}Ux{Z(-Zx|dLC;c?5Y;?3tHO8_VHx%voh(9ex3tm>b!P#nuW2)C|s
zI&LgerP9}lFVg7IR&j5&MUJYV6M@ff8|#)WhrfV(=E|t`zN8nq{Cx0%Ddp>GdLrIB
z)yZSkbmC&pq#+4{{Z1FCJ+{!(%nE6919{pmZcv@cyE?8|$0O^oeWS@P?e78kcfp^>
zwu-vc8M8=CHx9t2!(k)-b@>+&Qr!#Rl!ddxwr#W`o~YVEGN@w;Y-2#;GV@`_{f|-8
zl9tT**#hh1akLt<+#L*kSH4Ssw$Mw=hFNF6XyvP{ok;HO;uw_8kPPB?Ao%d}nGj(M
z$4c69L_ry}pmoNDDX&sq|Ll=?{nLz?5+XVn+M!fJ;<tH9QNrf7zE$0fQTH+BMK{Y%
z?iCx^`rDssnr^7_w-T>$WkPB<jj+R>HmYLy_`|qL&J|o=qJ2n&sz!LO=*&cXb=C1H
zh9$auv`L(FYe{&*VIh$`Us<JColsXgUs*Vw=bJBg+qr??oGt+yx}&=3k_kKPC8%oI
zf|{woN#-6fC|g3UM>2>$dX4<j-Y*r#K0F}eFiO<a%I%aCHk9@IMZ~Er?+p*lc)f?m
zF($$NBTK=#|H*A)!M36Rn*E${SHu~!3=P|sYPSA6CW0M+0%SR~w*R9;)bl8QQP1_T
z7RjIGn+J{g6X(Lh#PG0-(&CQ1f-gs&YnDD~sDRXq(HU3a>K<ak{9BBIwNpnSrkJJg
z8k$wyckG7;({Cfiw+wSSV_^ay2QsM0BeM-ln{2|wzC@eARR-BHQ(yC9+BgXF(p~O*
zd&uEnYzn|Jfg5xc5%uEGPa3_hij$s4Av-tZ-J0Oca1!N_boLWLxNb`+B!XYXmMVL7
zE#!$IhlbY&jUjmlV*^b~H&c_{!iJ3ZhjYonjs%y~y6z$A3r@q7!JA1>0F1q>^akxD
znaHRP`AnuH?!hamBIat7)+q>Le>*Ce?zvLP!2^zACq*5}t4$+VVm$o$!a-3E+!@PS
zT9~UAZTo>1HJ-N+O%d&_OJ}Uk3=f*9!p*zF1GUvohq$SUhP!7_^ZrT3Oi$^Yy<8Ww
zY5<~peUMdpzn>fkCifO3Ub`uFfBOX7T5F;ou2|ZPgF%BiHGgg-K?nW#?tHq+&n|<Z
z>6P}jp1>ye&*m23I5*dU`Q&xJTiSyagrICymSAGO@(hU%G&6B~m|e&$>@jpxYql!;
zifl3uW0};VaE!l=Up92#A$(|X5YoGkuqR+Ie{AX9Fqz29^$o@^?O#tiUPLe0%A(4A
z`J_20e*OEoCgn(&Ye7fJn@CThPD$;?4B?{E?P9VLDEx3{EZG}WVL?<}Ss+;vmN)T1
zihhOlnS}rT!^3)sz>SN$9bfRBgj!stWb$NnHtE2Ldz}_-aRh<Tsp?4StsNS@Asx-f
z<I@_*5V_VWi=p#{=j=q^(fQAaRnrZtFY6QpY`)&xV~12Hf=7GMR9ZMk@%k?JNvOsH
zK*$%69crKqZOXCzIC+W_)CpCr&Gi@)->;W`Civ~}&(Dh6zj((=e1rz5xeC7>{`{F9
zw;|W*y;8rz%#iU!4aQvT&=gvg;7Gu})zLix$B`7pW+(@J?A@&_0B=y8$UIJb8fYk%
zVDBkYqemD6;mp7pU%f21T4g;849OHf`uQgNy&fCq3;3lqGO~8QDJe#z39hT6DwTfr
zTv}zUmV=IAJ@1j)SaxgC6@Av(Yw^aVZ44jinx2dWXvBU@4Xkk~43ZJf>s@a0jA{#%
zaegU`{}G{%H|$ROuKHS+aSpQlSkll|$szmrd!d3n7iee3v~=NU&hk)Q*-3?#`N2^}
zC*M0KUy2SxZ`YyPIm$h25lFcZcI^}nr>OpR#I~4-T<X^2^IV10kGokaQHqgC6$^$#
z1#f8&dqevofWtjJ6x<;49=sH9DDMckK|l3PwPl3ksVY-*F^CZD!y(y`bBdQ<qe0F?
zK>7UXOU`i8vO&av4-~~umBlhPLk>~g3Cb>6=sj-vK%5YpEYmB@W5^<>m&wUvLuSYe
zc}zHT=)yCc%jbfkKr6PfMC^98;+I{{KqvESZbHNgnC*jwmGa@1nIS4P?owSVNj7=q
zvj#!o+6|`?x2c8Gf-s+6Wdg5D7cptPYUbpFH86Xww~1h{p(H8Upwiolw!>Ky5vqJV
zyohH8wu&X@%SC0H`PNb-g4lHKR-L$BLjh3dCsvbraZy*ocm8O<whP&+G#-L3rtsS2
z-Pz-U<h@&Q1}|_=c^<Rtevz&Bn8P_P(5GWh6fe|2Vqyv2C|YG=?pOqTn&|ER?4x4}
zw~V-20URHDgcT3W9#aW&SRWHhr_X?;gU%}nmT*$MUmj>C&Uc;~82w^lJz&=Xv{|A{
zHb%WE5ju?33g?~gfZ@s==0jV;f@HkjjBIJl5tcx`LtV8Cs)aIE6`R;Y9Z#e93^Kc_
zy+dugFFt~5NvIj41s`5m#AmKqSyJm8hC10tfQ|lUgvZ40ECTnmj7wh_SNQ8mC1w3k
zWfIC43}uH;wn|0H4sJ;t)Ls~uDy1K$gsP?XOic3r6j+0Y@xFwvbxbo<-EnbnBv#CZ
zldqg+oz;(J%6_OOI;keJ5&T82VE=C8bbMQz7TkL`fC)V0xuk(x(M7}ws>=_Wfvkdc
zQki0m-VhNcx|9+V($)`dEa3n$Qs87%DHhue!2&aaMHpay83O}}CCJwZ-+WB-jA*5J
zyU?(uogO=83PjUIZcu(wTdWMYzMTB>@akKJFC`cDCsEmcCBG|Y{~UT1g~hf2<_&}D
z8|5L1!3al><5{7mH}e^b#GLx2<#oE+kP%}@fD904x*U`qYkUc)@)r75qQ^Q!3XTgP
zX534)>V7H+?`QFjCSxR1zBH&EHGFFn(X|j@oa=&gvXG&nLiWq$EUT0S&h4`jO2qMj
z42>B6ulmc6nMVu9@TeF1b5?eq^KtJylza?P!7o7Jr_93pJc8BomutO**z>s6)i3wL
z1ht@CK0D-@GeDgR^EN|WD&CBO^uabZ-oS9B`I1wO?~<=0D`H0LiA>3VB5>~q&-uiL
z9sp+~wJp)rJPi6AEQlOuRN~~VS!Q_mhm<Y`c4;iX|H<FqmGa>}dQm$fF;qS}6{p#l
zK&}9Sb$7M5Fe(|wI#7@3J=*tK*B2%}02B!mq9*dnT}8ay!77|Nyh#h91BLU{xzDPk
z)hW${<+rx@lJbKh(cv2^iXofUD_hFAFcy!a>h=texW!WCgu_dEF<+7>!&n}UsAHH~
zM&{&3|JeKEo&M6EvlY!$r(MG=d}PAq-8e~Ky-m{1-Fn8H(Xeg>LB+~2p6u#{Lw%0R
zJ#<A;w`Z@m>yNG!O3{wDBQmaVj&3eQj}9HZF8Ao7r(v}QAAJtmAr^)nG+o~ox?YRg
zIi;u0gxcsAZ7eYk)rnqu@+I<2Z&ZV{&EH-xxf%=B2+L$BT$ejMJy)0rD$H1`Da^2*
z&AT*ctX4_guZ&Py^{NwnczKt+-ML3K*TOe-!AkJGrD}4ud3R>6glfOEBKoYsyJf<I
za@Kosw`9IV;X=>rF^S`KH3EHys)t9gGahJ&dv4-=-`PXg8hu{vH+y^2Nw%n&@%hUs
z!)PQ|$hyl+TIj04MJevkIXT{NYcwnf3k)1$F;FvnqB=-abV=gSs`u-yovg(G5mQNq
zM~|Kl^_$gCIYTO5i`hWYoSK&Q&EK^FDgbE8QFQVuPFv-e%F*)p#aqjax5>){F-$xF
z^KobO#agDwp@NdqR|3Cl1fc`~e(V1#IMmGqn5}k!U*Tz1jPqAHu{yW^E<@Dm1j2j1
z(ji-8PywYT$XbO%HO9blN2oD*$qRI#LHF;11|ev#-rTzS72lO)C_&pRJvn%i+Ulc_
zfszD>fcwEyypH&f{#dR~$cX{y*hYUQmZhQsE`&YEic`)3&CNLH--;-acWm_7Br5&x
zefg~y<oYspB*CL0u(<(C1I#8T3K7ku*A%N_**0F*N6Rlw{-M|6bG=knpO&x%Nv@O|
zfHixu6dRVu)FgcKSg&&FRMoi}f4?ny*VL#-Wyf4RXBmqvn~n;Y8bHC{`QQg(hQ`||
z<<lgN=Xjn@O#_dr<JAW}Qbn`6uX$iF7pP@7lOcaH*GX06;eCE_WA$pWpA)~n&-C~h
zZ|4-04c|{%jE1Tj3uMHnDL=e3-$+J~+6U?-0)Q4~3)YG=6go<+WJL0tWVdVVvZR%W
zRo_~2Hdi%8PBcG*e08O4Zm5W?@#c#6tooH7gQ?qeo!}!kbRwS>=|GFT^q>RSk5w&w
zOd?tyR%2}_Te)v55B5wL&feV;XdC&LFf&BFmdZS^eeT@tP*aRg7O)nZ29Ec0BI6cL
z`eUedW{NZs6II_VrnaptcDFk=x5gw+Mq>uD=WgTDV<hP#P8@frS)7Nx#Z%oZEgUo7
zf5_yhn<LOU^cH)I@TT=C(-vXmPr)1hVT)Abbh8&96>s9`2WsGc$@#!6PzikimYHa2
zVK^`*Q5oV|dhgHR!kPagMP<Kte>6oEc9++OK%k+fl+zC9JF?l}2QlovPq~agYwj}y
zNNI9|cndc$WMluO3-jT)5~H$Q<yLbtH4A~D<@XH@9(JBPYN#}W^35q&B6sX;T6IYY
zrIW@V$svWj|C0GkH7-GFEo`N**@x_OJ8w9>v^c?|&#*qVgfEZK(-GB%byk{^Ojzbt
znBxH`C&gDydf{yRr0YO^-Tk!Se5|u-rCNxYXO}dkT=jZkor55IY|v!$7W^+6bBm)l
zdR}j>SGl*L=`59#XC(>xvH5Yb8Pw~`&sJzfy)S9q#`H8y@XIud+<nJ9Pn(VTp%vUm
zmKv2uYgawxmcu`|vi?N<sBYWci^pcNc6k$sq*$*LXtpt!esFnGGqhP4XcnjX>Z@6Q
zy3&5r!PEKaLJEDi?(HhePz8^=xBs|=nt=g9rn#N|k)R0who>aOq&S4RjWnL=qWX4h
z*qT1*z~9b99>Vh5E|5HT*a!ckwScDuN61@awphqRS4Ce?{un-n1j!R57Zk|)XTfVU
zr17F74?=0YL3)H4^4t{U;RB=_;th*GQh$cL3x}kuZ#7wxC+c%Gym)`-cC~GI|FDD8
z)b@PtPJkc~d8!*p=ovm&wbf(|1}$E93bHX6|4-}V6-EJq3SHa!;Fh~9D;~<gqUO4J
zr|S*=C3hT|KTnhCNn%I;2+<;~^@~D}3N`x6>8D5wbewRP;3v3$28F!FWydLsdPq<D
zm;GQ;y+`WQByU+!{&4q@t?p@o;LA8Ils_vW*0GmRc2Q?4NBOhr9_G5J;r5s(I_^K?
zDj=WUk|sTQT9DE!N_vAlcZOW$7d3lSpz_XtG}QZ>tvUlZKYZ$jDHt|7<nzsAzmp|Z
z?d=a<sgt>Let2j7jLESg8uR|I?AD0&?!-+7xO1aC$pvX}I6*Q~``8jAPp`EOIR2<Z
zQnAf6_%p@xn`y2O&lX1_O{+Q}%-V03@Q925gUb8iS5oR_<Ucr#R=5LIFo(re*#C#d
zVB0z_DT_Ovwu~S*^&l!FAX`tdd`aoAgl;e=Wm0TY(2j$nJUsi|R2JQ?`s1*F6WGwQ
zM_&0sswitX5I3+W=k;gIzdU7Ol3{4b{@=;?lixa?1nUipIln3v=+o5+f)0HrLDv@5
z8j?g@>t%aSg-u1+hVw_hIK}#n36_&3yUD!%%UV3$sNIsU{)(-EzwSbAFi9q8S&QrU
zq_)=~nEzLXx+&<eg2AR+6S?5AL7gJv#f#S+SO3S(aNhqF53t7`5+5HwGF@ptZjDoP
zw&FUpo4NW_YwE8BJ@buOeHsMOBKtS)Uf&Rhe#OJEpriaBvviLF1Qr#!?o3HU3m@Tt
zsfBo-I%zL-%e8f({}u5PI&NULT$^~;tNqnnqgAAmkQSzV5P&H$@`B`fz|4P-d?|i&
z*@jJ<t6gc<JEZuKm*%g5W729pB34i}UKz4$xn!UgaFp_ORV_RG$DjquqF9--9@ELV
z>s2g;>Eylzt@b|#id<L*6oui1y-VimJoY$R>jm1*@ypYQqh}JL1J|gu@Bkcoza61y
z+87-;u8RjQZMh2fy<8_t;WWV#Ih!&$;#r?>bkjXT0bF>KL!NE?IKl+icT7N5sdwKo
z?$^HbpvUcX#z?URJOd~7dVK~qM^Z^7i_ZEaQjk~l2L`LJI0?ICB7oG8!U<JlwBa8k
zX8s{*=zU~Byw6W`K-^w%HQQBZwa|SQ5<Sl%f8;?>FgL}+F7w?+a@&@im-_-qZ66a(
zn^04>SVORM(*?Ojg^~>&*xA@L2sg+H760)xDy<ePV9OT=gH}!%Hn>Vu3EkDEWIzxW
z3F_BmT#MB}#Ekg^TEnuk{zv85i5_d6MGb1c%0{ZFPa=1HGrO2+(*6dR9)YqnLB|Jp
zM65e~h#%z?4(|Rr(cZ#pMonxo$XY@rZ#pT#uvTr>7Ci}#t3iV^bGoocjPK2%>`a9z
zuE@a;^bBDQ#lxi+e?4h1V14ZCb)XC-=Tt&$SvkdYS%0@tUEHP>7gu_l2{zI8Sn~Y&
zhb`8c+}E9hzpsCAv|O|k(Kfv|Su1o5$7cK+WE}}up;2j_IT%B6GiWryo9pi2F4wmT
zLKy->vzMupeq)8~_Z;X`nY0F2Vf2_+j3CjgO}d#%b3$rC=N@wr*?2W!{=b3yufgSt
z-xt8$7JV2OMQ6*5(M4_!Ix?I!{=-y@0{g!t11(~1F8%J${kZmHl|)fNOK-WwCEKt`
zF*GofC7j^>6oU3kDCvSOZ{f{{U6d&JdKOq9ri&kekfNu@&NFlMP8OZvBvl`KpLnjv
zYYHRWn<+~0(1FC>MiR;zkM6nhTdOH=+8Ok;u|PQYzbFFnmJJ0uzP=KttFoTvddb3~
z7W<3|{?p;d;iJeu#t$C;OvJdRMuklw!>i01J}dGc$l&Z?e;7-J4H#1CuxCw1cHSF3
z>-hhHV81Ww{6$6y<>3E<Lj^p`-5LCool1_80u`doy~gf#UU<W@;7UW_KN#^d2|je+
zGg{bwH{gOL@E13Jez`#C?Mf~Gi2Mq!{KL5d-e+jw7y&Uszn<F{<b`Tvim8D2z=|s?
zb(^4q>`#FB{H!pYkt*$(*B_OqkjKn8w6{_GPbc+%b%x9vQqv1o$HKoMNRDLHUBfqf
zG%Y>XDgSMT`4sizVX5eUCmAw-C*I)^632Dir|5Oue|hXW$}G}rF4cj6MvXqEi&a#c
z7EayAtNhP7ijc2A_}{V&tVflc!9C8FEx1^K?`f)0!4&N9Rq5gXZ$)yu{2jK8!&>5H
zDN*E04@iLUeU)0ek39x|LM=l`u4|gH8xy2n7yYv=FCCFTL&M*w{^5;fH-)QEfDCE`
zhr2tm$*)S}j_3Se-EqFCUd3x1z`axbB^drJF%cE7pa7Av`up1Fe^MSX3h6E6g0-?2
zya0Xr@bAwYF~R~5RVA5<FnZ!m|4T*L$EAG7S77bCNvpxc!^zb2f3b4m2h5_pkM7d`
zhv`rEWfTpEw7mZs@a}jcm2_d*zyE*q4Y@$1K?Ad$1{ehUT{>JoeT{7V8?FCOv#I}`
zEg}z}|5s{;e6RTNO0WL?pLZ!&NPsbUNKPLL{_ibk6?7nS>)BokA2|ZA<1r61?R$kM
zJNExVXAu0w-_`UmQUGUBkeRJ9KNn4HaaXo<gc<6eWxo)1T$|FyOVRVk3Na>+irnuj
zF1H*nTErcW)8<A>$(Y|cno6MLdtKedIgb_++V=BF{gLg<;g>D8Pq;#)RwO50|Jk~a
zp*;$~vzn`OXkErjZU560N&6wcAnh<LR8Y9otdb5XZ9E|zlTa>w_zQ!kWj@TGQQX1u
w!L6EvzkkD`yD1sJKP<T)Z>YUB`<{?XhBw3oz3dG6QynOB(uz_guZ;r#7m`o)%m4rY

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/Result.png b/priv/.BUILD_images/Result.png
new file mode 100644
index 0000000000000000000000000000000000000000..891a61e52b1777af191b441a4f3587d7945e2344
GIT binary patch
literal 24026
zcmc$GcT`hP@GpK<u!4&8rba<}?@a`PNbj8p2q9D{p%(?E1`vVJ3B4ET5K2^9=p{g;
zD+EGE2t7a^et+eh*ZzFxB`4=>nY)=gGkZU?vpY9ZTT|ukEyi19WMp?$Un%L5kzLul
z{Jp+Ge%Z2eV-8J5W|5<+q@eF(xz%<vfJV9fXfSixcgLgAcU$_%7cVzF&?cNLtw|3i
zi;;Musjqa6PMc%#9^DHu1?A7m*Dvc&2OgQdP`14v^7#2RfrzjVUzI;+lBvG>dDIn1
zcZ@oyvefj3LJ^o=$;<D~(MiB>Pw3x|!Fg#Z5hvo1kLgbjKHC{ihMrCp%etN+bo{w5
z0>|fvuV1_5@V)7h$Kjhp>%+H)b`zELQWv{M-mIk6{?}KoT=qVK6u*r#44k38fBx&I
z3dq)x^6xb-zI?MB%&Iu`0nCpUkNyF!|0N}R#dl}e3vI4>r1T#&*1WYx+jGR8o?Uh3
zzulr-k*hs1+sKVd&9uyaFL2k)AeQRo4GawUu2cSP$^Qp5XanFUY?B2sOPx!SeN%E~
zBYQu+QYIv}H{2@yo-L_Io}7%Cr2mg1MRw)My0Do0Amy)~`3~?E`#*^+7sl49&C{A>
zWc3s<nWy)z-A~$<rx2!ir20NSoGc_ef=4(!{;GE4H?$&|g0_-?JK2}e6xi9%X8xxR
zK8jZ_3Etqyo>G_s!reALJbM0wUXrZ$!z9|^%_jN1Ys%LE6pti};qhiOckkW^dBRm8
zrDhv0m)mE982PS;@SVO*mhBbMi)KQ8FuMlX-Cxre@D<`sl}dtZqyyDF+@D^zZh6!9
z(3Ix_AGm|Mkdi(BX*0e*rnUwq9lCmwSiH5{C1^u*HU5(;b6Iq6@7D7EXh!2|zg(Q!
zv2b|F?)p^)(`R@54$4jT=V1(E-=+qVBS=Q=hl~|zk_q$v%QRem2L_DeE#jgM<FEEe
zXK|#*B$6Uw#lihv;(kc{)z8dLu-RMsjnJ<qwQeBwmb6v;;8VnfNX#J#hk_&@n@@SX
zX%pUmBs*6`B|BBiq2a&IX?iiH=1zOD-OrCnxpMXGvAy7J(8ZqGKCwGytw{dlW(>{m
z+Z-CX-25o>G|6iPX%5yn?|En=#~m_l*?+(|2V5RlJ~@MLUI}02;L3E&VN{=&c~xa(
zS^)r2#oRIdxw`Q5I?7(te*uJ7<uJH8ws1bTpsLuu(ap3x(DG_vgl%KABP;OeoPdCI
z!HiZ9@L741Ha%l|YZ%ButFNc6pA?L_R5VjQI7>4_B8R-i^X%A-f&VWX6+)E<AFq&=
zhI;{7uMO8^vR@e3QAz20p~X%VDYV8)`KVe30v5sx4lnfCUy(LI7oUQTL)k`T#TV3{
z{mAa2T-A~nOCEA{oJ%uoJ4`co2l3ghwQdge|7qK4R@uhmm%mGCL?e%Km5avT8IH&W
zXPVANBl+Yi$g#*T&)9y~C9#tN7@ZA6JM8;KPN&8z9Ew%U<*GZQ4V=b|>XBh$F4Otj
zUrygF0h{I1rfR(mGIQD}hDY1;*f1Xw5Ps8Y_ndGJ^kmt7AG6{K?nv83I=+@HO($-`
z(>}ZHjMUodGPhag+$kzc1tZvW@zjxI1@khhO6=ws>I@^Vs@J|VX$C0~SVvrJp!&8J
zEZlGM($u<&xmvn_4Wp(`v$JHEFG%MY#2C|3PgyVLEuoF<z>7Wck@W&2ixYfDj-Fbv
z<IyvHHIpcXdN3~XUV78e!1<5!e`mo6W3$6ATBqqD@FGH1GA%aaM7=*e*tb_~?>gxZ
zn|?JUnM3nqs7Q-9+xnFM9hwqiA6>+|YS(d!v?Yh+N9P3ji#(B)nVE)y$qLinVG_^4
z`Eop9O;+$W_-ZhCUH^1ub8398VFq_m2Re_ki(yjPY2S-V%gBA?ad#TeAAGgK(r+Ru
zSdLlhIv}o5A7j{PGdk3Vsl$IWDV5l}za_sLS=4szJFqhBQu`{u#*pi$_!XWyjSR_J
z`%fGSx5Zq<-t`YOw##6tIYO*(!?6#-GW|#DUBQ(%hAlqt125u8f2hVXNTVYAC=wA>
z^q5LkY3Jrr5I0B9vEMX|VO$K*5#(~gCQp*Im}-?g-=jlmCkRWOB1mIz)*m!BlW!#e
zowljf=dC|7hBYhE-(#zt=y@^MGYwplK{yu|rcM!m{$%cvhG8YJhAPwdsXdoFe6tYg
zSkKofO)Rv{S%Z22tND$uI1kyk%<{g~@nUTJ$zQh!O&Zhwd|hY@-+f^puw`dGZ!Ep<
zz%n)1q<>Y|GLW|}vesJEJ*YY+Mw*dXOO}@GUgirx<JTv_Q{aexbe!wlhU&=Tuldlu
zlcu)TAW}z`#Qi$}L|Yhm;kJDd%f%I0|4%6eRSb$o5-}N#RZTy>#qLBnZu@)10NVWm
zM9Ik&PB}1WUa3Y$l>%$>c87g?Q{s=?`cLfU)v|)Kg7$_<>hh=Gsn&J|@pxLkOluqM
zm>GzZ98sorE#fylkS1E;Ipn!;585rmtCKlqKl9`r)srX00q5jM$lh-meo(E=n@1Wy
z)n^hwW<b^q2*GW#K?IC2X&2TSY6ap1+@HBR_?mpd*LG;=Vc{0AWonM<NYYAUav!OK
z%MgJ5z#vJstJqRkIn>G9?la<y>uK1`=_rz)aDOv=B`&_q?Fn<X$qzI*De(1995Mv>
zF#UIzO)<Xp>K=(3nDo=?5d1yXHxMRKq-KAOsY%#!M`k)lvb&ZApm5qlI*~7UOhSv;
z2OYNMgXE<|0wlHq7jJR}@2PSzNhQkB%cM;1?`Un1-^qr?$pV?kDf8<WYt??-naynM
zC=WR_Sy}(_vxqSS$r3+9e>XvAERj8L;5E%vkF<&-^X)6Zw+NxohC6$S7@i~v_WL%C
zPls|C>j5lBZ{8OqX13Cz6hfA!Ey`}ZZg+N*>QkT7v8+zk3b5rZGV%tt+bnQSw~_87
zvB{|z^vEC9B|rL!o)92=ad0CezN|9X#jCv^t<_eaL791~q;}GsSy^x}h*|j48Tl1q
zcME`MHVWWl)i9E2{LZmSJuTO$^;XQ~@saaApj_H~EymMHIySj@M)1MY4Th5nUegiV
z7^eQ=HPnS@QVhL9OZeS9-S4bc>%^>}G%kd1_wm9@C+X#_RzTQ;x?!72%95Uvnftym
z=4|})!0oKAmVp@?oRo(FO*dLn9%*m`wWkj=7ryGPmY~VP)O@OLJ{PMz!>y?cnSgLf
zd&0Tm0&x(2g|G2tR%Gwjb41-8$txKphre0yx5)0cawtS=EETm_dfC_*Eh)WAX*g(>
zi1RbHE2H;~YbJ_9#w+5@Tq}+oF=4c_`}agIEfaT`CqAdtljR@l70GbIYPI6DE@f`r
zp`$TYU$<SWRh!|YDtZkn{iN%;?WxWHjHU}c0ba4B_DC<;piho3>mLu=gMUKSZ8M5U
zRCcAdUzo=_Ciei@j3tIEEKK7}<#rPg5aK7|O(5k9_j?KPW*Bd|Z_TYi?I#DGo&*;u
zpFJBo0|S+kUq``pF=wtvvbe~l!YI2#KW+Nv>Ne-?Q1`;~0S6C~gV_8*{IJtVmdGSV
zxbj`k;k<ZBxXpt9@Gj51I{!6=Q#ude{BoM(Y95_sw*Nr#v`=ql%=!BiXfh=W*I>p}
zzuGpXe(%t%<q8xvLR&XntK`J^(c#8=gPzx^W}aI<g#L{LU`GmSiu)wcRaYJ$F$`F8
zgkxevCYGUdFG33vKWSZ*I}=X}rK-9DE794CEb1k0`jUjPeqxQ;on>mOE`mSqQcX7i
z^2)Xp!`jQE9$AMEI$2UPW&Y~venPx-CIY;?K+4H<UIAT{NE;*>j(w+QQ!V9+yRo$G
znC|l-LeH>fZoaB$OkhuTvO(atB>|FNA3Q<u>_Q)SojJSG16_9qxCklSSw%;iB6Bl4
zF`k`lYnuFqA#VrKEg*kh7B<N*UN=2l4$DBjU;CNF3)=udZHD3YPpM_>mBM?c`9A47
zfqKqxEg4eH%;DaWzNzn*KFW;3J^)yD>pGdXw0(@Zg>IwztUJkOr^-9^gd?~qvf&^&
z%8<%uT9g`0y>K$bCH3yiyzSAeNwbZkXoeFjD;zP)FX|RsU}BK<(0EIuiv~qjApG^<
zGcS6{x10w3V6!Q~>H3{(TXVrthb(eS5dKTg^}8)@-E4j68Fc0SyP!ykKj=b>ecv4g
zPr-@;=hex$!p$>Zy;7fS6f7@GAnE2<@YyDKPpjt8850(J1F&#-yyS^%#@qivTs%dY
zU1(W%%b~Q`rb+u4_ed5XrOE4wy$^rAx@$vdUO*#uaS(ELVFPxibe&Z#0{JJ%?TEhm
zfsh<vC~E)f@0uO47G%=&K(r=QOC>y~F_xEpa_FURBti`?jm?65esS;ND7;O@UZqQL
z+5#HVN0qf#M@RNzD_hk4U`hfu``3g1PY3xZ{nEUT`v7NfhmOB~v)GQL`b>YEE@at_
zOZwf|ze6i#$D0jzA4Qu;*ff*cJI>tI{w0;04UA|=V#%=}#*WUPbIAOwj!U<6=b1Q^
z-O?=r<O1>e%Squ_XdQINYTCpt@lc=T=)XDfUn-4HW|JCybm^hz#uQN4_s=WV<t^UW
zs+3y!SL6zp7$C=Flsw)~$?E#=O;P+ni|@$3n&GC@gG}gX`ClO$ryN7eUz|B2eRgxF
zH6Pyyd358oyDA_&Qt{q31#O4djFQ(BE=whx^#2wLzP`a-R_`VL2#Nof;?`{-<zE8M
za-jFTZxJK;-->qBjsI-r;i>qa$$0*2oCnr8TifMC=uV*L_N>Z!<wyJe$qLW)eTZn2
zA#{IL$F#<ib1*|Tofe133|X|S{`hqJ@M2h=G<#qApw6a;QuJR|{}DwVOqxx6WsKA~
zJCr6V@we?oA-S!rsX>iFfte{MU__wia2$i0c!Q%>rWANIp(9N1$g*v%Fx@qWf+(ky
zWMDAX$>x`j@UxHE?<=d)C7QV=;B7D07|Jt77T?jA0{NonCc1|da8rX?t;pOac}&WV
zld3;>u8us$w)3|ihp=m;a%t?hSI*_<bn9hob07k&T?t^y=!Pof>-_j&!eFDPcd})o
zuPfC_v)Dwj4nQ=bN#mWwk`tS<va(lG6e7dz*hhXaQ`*R1Q+{i@KAJUfUq|$3!E%{e
z@j?Wh^O=b2uD{4)7k2zji3eLSSKM4vU>r+fVav`hou2#m-F!xTec6h3ih65lkwZ*C
z!*=N6naA`!eb7U3K$RMGqkg*GQ2$CCr4I}k$FgDi(mM*gXwh=?72Lg>$S2FqV-JER
zy#fsT+Ok_rKT-UFa8z9CiNmG|r1PfdKZ~V%o6?HVFy?SEgZp}<1yo|vkiBjhTc3w}
z)=qmF?XNBO3+ePfpKA5Ab7shLVT;zV1moZ#18H&4ZUX}&;1G6Q{P=ygzP>q3hCzK+
z*E!Yq`<DVwZ$r4bDYn;Cvr)aZ5Ln7(Kgm*eDXzqLHd(I>K2%|hGwv+4;{m6bW#tjP
znLKjoxc<JFEh-SXbf%8DJ0)p`_dMUTO_eF4ev5N@KV(vbsIHzm9YmkdQ^wg92Ze3Y
zxo}Qj*yHbhSvaWquu(}9qH7{5w)a-ZO|AY?i%h}JE9#<6lMnZqW&Ym&b3pLhU)uic
zE`tMX3?lk5@Ou;E=qc@Uc>k3Bgh@Rgtl$#)eq@X>G~4#^^rJI`-5n9n#6-o^<UMK+
zuQQY`2-Qn{ezPknp*492bcxP~!+*dBt&@VZlhu>;ro<Ctc|cslYchqBVn!xORHoc!
zNzueFDeQN}aQiJJbbqUHp`>LocZQV6iE(}Y`eS^R3F(6@H6r;4-Z{Mz7-`4@9I`7(
zSEd+DGeJ&?r?)$_2dx=%lLtlF;duH7=qL0|;0)`qS;$#wjuhrVSlRL3uUW5^K_O@S
zi;h%^{=^DGY1}P|*(ld#74NN5Ppf;0>!sE4C{W#(={fhZGkKHF{^@6I0WXMD%-Y^v
z8jaA_%)e_ga%@_N-JAlkw9JR;#Csu7Wou_(Pt<+B$L&FhJ#ffbQ9RV{WU!KV;#0iz
zvWS%948(dUwZs8edb1R`op`XA?qN5G$Xq*-Rq<x+K}_H$hX{LM=*TzxuceB!QeW-i
zUPwvVgM0dH`ZfUYvxHP^SY)lA?9cEOdpn1qzYioveZX~D3aV)%i>?_o$oKs2OdS+B
z^e#iGZy3$%aaU-}7-lHyXF;#l2&=s9!Ic(YCTz_O8&tPAG>kD1WZ*%gP1fB-gAG9u
zdf+pj33MiKKsP31srcQr6lU_%THm#h_0UCYT=`o8!nBav<c2VKG?Yqqlh}>aa~;T3
z0jS7Ukz-#WlkvLC6$eWkS~{nq;z)IAVpqunFn!POrpPZt=yN-?=5<-|#{Bd^qO6_~
z#dQV#QIku>lrq%v*m%m78JaX(MRN@Na1|?KY!=mP$QO2p(r%qOMaH=?HZQz+37&RH
zL0;O%fvTIZyP-vzuXCD2G>T(rhhiWzxoq1#5=4%h`V*TeJz*iLJ5nxvX|FU|0JcBJ
zdVC#}AxrG9r2t35W<_Uqlj~Ttg!91$7%q`jABXW^#Ru?J6+%?OxFIlZT^M}8P^%}E
z2knF82DD1ecomin9rC)J4lR{4G(a;B+|!>q_RdRHo!WonoT!6Zt-rY%vYxQ$fGbB{
z3P;RM&8*QSfm~7)%oun+D8BB(Wqwf^kVjfJvMX+JD9^_K`qxYtPQqf?{07o|p@%Y&
zj6;6}BR@M-@`$NW>ba%0oI(ZFO4m$l{cq!Sn=xn;8G)~hk`y-`(%`ua&GlOuIveU4
zmkzPXkjRARL=&9Hre2$Zj0gYvN_u4)+;*E5zFSsUaa(Wr`d?XzyTff)>JJ(x#hp*T
zPHN1KwFf4RmuZ2J8^f7vQ+VL$rljl0F-kK#tBox`-F4%Ihlj_~ML;XxLw*1%&qF*;
zN4W9rJV2*|;Ud~qdrwVt_-*_G*OhA%bk91`CiS+9<w}8FJcfa!^P~N&6v-GS5}lv>
z@w+q;-&?%?cor%D!*WJZTN-}Aj`T0LI31NdZ<K<AkoE&EljJJs&g~c4fx15~!!e+!
z<bQE;*WhJP_rptY4auIq4`cpY&@~ot{};oo{)L%G&p%xUg#RUYNc&#|F;bqZ*<pVX
z^<Lr=hw*$>YSBCYj`2_@PkN_S?{4TN{iElX0lEL>LZAPF-+{jf_J15YO$1W%UqfGV
z`X3yL3hklHYO;YZsv(#a-u=$6;MK5nmx6_}ZK0dND+2RaZKzF=%Xq5>1#&YicKj@i
z@{3)CYr@$!(yVyxpmBQU&Q7vhm!P=UdMP{h*TIIF-`KOp!`y`%$HDV<<<8ujDA#SP
zo!Vc42RcMb)*LVgN^^^i{#Eei+2`!4vjMACs?zHgt@b2uw|;-61megi1?-rz-J7t>
zE;@14hGb#R4PaL1=}Nlm>XeSn>QOT3L(uumN{F3jZ^7WROUUq9@W=ywc4JCQtEXLY
zW~}?Ld*Y3qe_7$OrNlcur;0)i2@qZ}FVV}<x<}tV#f#5sks3uk*v^fJ+hh5psvAr1
zx`o^(1~&5INeA`fYo(f0x+uJ5zVZ$YX2rs`uDK3Ii$VdzETGs>A<D!TChQj{DxPlB
zc}g8FPfW#<__ojA^96Z+;meZNd@6?-<8)u>GGgO6U8KfV-&GLUdpfSHa|LyA%CtU7
zP<TxYM0PY80K^+4DSMV}j(>(dNtV2wW*N+65wx_mk1#S<p)N$d3=F$dL_+S7Bg-{Z
zs!|uo07hM50UitB)mRloUThpJUrk!>6=|v={rHS|Zhl7+xs?N6Lw#zl{aza{J=oe#
z-#ih-%D7ACz+pFEKtoKTzrQu_{i6GKQ+e3<p@YGX6n<D!ru`wc5+b9J@C0o#Mt6-F
z2ntZ&SNBK$Q4fzu6~EUthYr?lN<lht=CIKkTb+3J_APr7P7U@$M}Y02mQLdD;aPQZ
zT7_E<i2_p1FxE8`Otbj6+eoDC)zx@gp**+IV!@?iRSb7AA#m=wxa*a<DbDCL(C8Nz
zr{MJb)Z+l6MJ6Q3QVzN{ADt%B@{*PMwK?n7G$uyO(1h9<F+P9fSBLF`XiWd6#Juu%
z618OzVyZuo_fYL;DhXI{NlQm)k>Z1R3mV(zsKpcGxtI5?_xsf|GN2Me2PZ|ro9YQ3
z$z#7ZlZ!Q~itK;;JFba09_Aa-wQ0?T*<ldmu>~2k&-Qn)b4#XvRqgSJ{DSi`OnYVz
z15`BY=<Qiqv*(s96~+h@%-hIs-t<TVx%ln=^jB!|tXy!`mf~?&GN`vHK;3DvReB~P
zyZcB$eX8q8px+FKa^EcI)TWHPIYaK?ey&NJS}nXF$T9%=Zhn^Y<xntx%=u!76H=g*
zdbI57>dT=#zS^T?KY8osZk*n1%o$d>e=T|kRmetzOSSSHhtAM)Nx2!P`AGo0xhQF#
z4zVEgc14N@%^Ge}YZWcr@?gCfc*W4Ih6fL4<+-BHHGd#{$%p(LI$zyyyj~D_X<jLH
zHZ{d{uYIEgoWs#>EbJ9+lTrfiV#|frg@J4J;xoe?{LM(-xd1Ki(FXavy(rz2@>xGi
zmo8`8A81LGgQPPEo+9-y;ekDlG`;TPw_R}Jx$wDqe6?|FwK<t?WN8VMQ{>@ZvV&F~
z$Dge2V^eRh1%o}|!-JQziQuubKf`vfFwoc~`23)8f5K>C#Csu_KY3J`ja3t`VbiGJ
zK>93E=noqnnDYg%ts6^x;%qU_*Q(Nl1rTo8NLmbhEik!_iIovXJt8-7=hLKH2>38`
z)Dp#)CG%o`%gA%Lmuc<CWbUh%?Yi6H%ymY>BsZ5ht4q%Um0$chi)&6(YinMi<GO|s
zBQR*V@ByQl;cL?Akl7d-n<WM8INZz+Z*b0M`+>eHit8=H5q8vqycuGAT<YlGXJPqf
z7=%L!B6hPrNZeRIPB4xt&@`q{2VJAC3m~-#;JIf=kwQ`zseE*WK?X$iQ;o9pRenri
zbQ=iMxDcRZaeDX5N}z3v^x7>!Vbpdk4?}W{Eb=8>&$*Zu*4j_KR6M%lQuteMWh@~$
zQ$b53QzZ_T_R<28_Ntb)BAeuZ<<%TUCk&$zX@73XN;%}VS$uWpg|hy+bKvVI17#43
zB9F<m-tl)m53eJk-A;VJ5fbd1B*c)dz@bu;mK%Cr)vpkine-<gvy^t!h2a<t4E#4G
zHA*0uCvzvb{(0y5*rsi<#L5ql|Igj?f_W;a^vA_n){f$CV9;_}lD^N`4TGQyhQPBe
z?0A6f<4n3wGS$}N&O{tFqb1UW@dS%U<=y|W8W(gfdhTmeosp@MT&pV~$KAa+E5_JK
z+2bCWrz?5O)cI`4+2*4YYn3nuR<|s^9p5V2l!IOHsSP+B<gZCeGC~VD`VKz`ZfKxl
zl~NxxGv|$iVED*Gb^EmdEi$-)xwg&xEzb;KWg*+f`AyEClC3mKZ_F4?|JuORlIO2C
zk_KA~YKTDhkajxupo^KfwawIyx+(`M7D-c84o%hq)v8u5yY22x+0yZik%<1@TBW|8
z=516hYfJK826X$rASQUU(j!3qX_m!&5OBLyYogqrv?Cf^s7ioq%Ueya1+%_5;hr2T
zVDZDi8e<9$<Y$E=<}F$x`R=pN8~d(peKGSd?Oj_Qz~|dq0=zf9Cj=Lk%8~2Os~jxl
z%bc-2_Pu@3J%U<u^jhyOrXYSnd{q+Z{i}A|<EL@jpVM^DKdU#9c{|!j;%L#b$Np3_
z95Xma!CA6~vw0YG(|#k#4xs~dkngp9YsjMkvMtzM6tY1S@e)(qI?)r3BX`he+cvK(
z=zVx~PS}@(`AZT;k4o5scAIwjIz9nxt?!T|N82kFf8GJazqoD@U9(xKZfE|x(p_x2
zej3~B{w`6iGdN%xS;%uvUM_k%`p_}*49^W8t#)lMB#KugscnEVN$`vIUmA>hIzT;c
zZ#4kF98_NpKvJ{4zO26;=?1Jc9Qg^GJ;_jXk>-Z#1F%Mm5k9EK$H-wveKOR`xWc*x
z5FhC6QdLUe<(hciCC<k%2*cZmdA3L|CzhrU@G^YOJzTk`(>G%fnb~QNYd_-1KX!bJ
z8f-G*s~*l69)5nJ(}5l9<o!7i*`CLbl2GgDd8?O}QcZA@ffqpQGxU2Y4S4CAD?BL=
z56Uuu`IQXIi$*)lP+doy19F0TxRfOFMr4j~EP?d@WsJnZS@-+Bs74SJae2fnX8s?w
zYmF>y`Jjd^_Csa6C3vbz(&lEOyIb4UB_1sm>Dw|xLSl`o*XJ4^)gxP|oM-eNgQvHU
zck^e6GOC%UvKrp9Lgr&@@kP(`2#WjNi{2$0pYbKVgBEKwv2*$H3**l3(=vc^N3Yk?
z_YeB2+Kdkr*SyCWa`RaFJdP=SX1gDJpF*9ag1!ZohvBgOa#9dEDsgsxx=y9|A^|#g
z70ijsRA(8?);nuceM5_m_9BVzmON4-JLz)Nv<8PpPH)+$ac;Ia?Y@~gEa$Q{LM3V4
zx0;zcoZ%!6zJl=wYhoOU{rNg1<f_H#;+gn<UWhnE|HQKIe(hr$$eh65?ho|TEHwnT
z4J_Zeb{;d!{OROj3Vyb5oKQMrwcpZTnFzcHH^h!Md*JK(*Wo@3e?u!3m5z!iT48rN
zvC@Ak9~%OW%*~1!nujl^=Z41q0?7OJIry}Gyp42E%BM*;<%r|*L5*KcuNoRVS_pj2
z=5+DirL`qGAU$)*Y=JwD>p;qU(Jyyp#(7{83bYeKQjYz^^U{?8w54<^;{6B9rB36R
zTE;%3hVp~*igc2#s8{3h9;*vgsN}3nIfS3w`4ibc`$|a1Z-o75F^j~hrd<|7@q^{H
zcHjir>`7z)(?1ffW`@$^0;fv|VqaD2oVZV-z$(Rai;>MqzVS1$P`k!?{*JVHcX^93
zvFI#x7SPrp+@3gp>x6}{s;e<_t6^G8yKPT$QlwvHyf>8j&+~)9B9ceHKfiH~9d43u
z47+7qz}Q?Z#Hk+e9khBzE#8;fByz9=JNm@eD)@y@Js8FpbY38^=QtY)u{}KUVvsxo
zRw!0}sO<)b09l(|3I;^nWS!^q;OkyWq9X1~%3@*(N3m=<T`E+1>Gj-~?!Xk9-~`xV
zUko@oZxm_uWMZMc9)P82t;;G0y1X9xXWC!N-SzbJ9aI|T<9mip7E9=EbvY+zI6OaE
z;I4jR#q?TEp#2N&#u&0y%=ObNQGo0Gw1BM`exJ#;2xK0_TVdIl#+N|~;R`yt8F+Lc
zIr;}xh|)~gB+b_)1!!)cEeYr>>uH9CNSV(&Pl_6a9-s{C&EIx3^pA|*Jf?4c?2(=A
zB_OySY%v#E0}762rBBl!?T5G6fA`;58wwg81KIHx4ydS%)z5|N%<oyBk}9{<AuO!<
zlXHlND+|h$WQ>hFmF)O<znE&q7k}L3oEy_@-`QZV)L9Qw?3o<9x*)^HT+W2gk%M!d
zk?%>QgS(l<kvD9pUAgUkfzr9{&SVMcNZG>t!UTtquqU-`*?!BsdFY@Hw8e6MgJQUh
z?aG%68K@O*yWn7F*(oFQ?CfJ!2<zePcY8WZM+>8$9*d83iQbNk-7L5*$kcokgx=8J
z_-tCGA2*WX!2{f$nUu9HaZwpB)<_p~FdncLcBwyf-Ji{}5JU0$sk9#-Dq7*3C#wo6
znG7+@WeY__v5GwK5nLCw#WoF6jOJql7)cr9brX3WLi6)D?Y)09uw*w{s|-Pm0(@O|
zVvM-UkSxGU=i+sHYqx6!$Rp5f+Q_5;SlvaOp7RPnb98lD32@@k?eD!69UX6Ubn!7!
zv}J{qZjOna_6~Y4N7{V2t9$xgaoO|m4oW%TgBRSTpwN1<@*=6x_$gtVi(_<zU70-8
zp;@A_dC5P%IusV)TC|BaD~ylLoQ3j@pl!3YdLCMw!2-tnU3HJFf^*m`CO@z;o(sv!
zJM+nA3ddy)rYch7`Eu^-;YU!mo`ox^=c}<7d8<^JY<cB9wIx%TR3*K>1>?7Ex>q;r
zGMq;QIEZP1afEpaqp45hBdFG=h-lY23kAs5b`tpolhv%#Dm<06Qs`fD5E!T1d}1fP
zF^XsJqg&4H_YWSIDzuENwJagtF*#4vMFpI484ki^vV+LydK_N0e_aWf(%`ECeHPv(
z@XxB?i{zYAB*S;rz7rc5`CE8{dwq2HN?VTr54IcYwi6fCCIt3=)xbv4!otE6UsIOP
zxKb$({Fk^!mu+xw4edQR7rRvZU|LQy{H(=*=l(Or?<U>*qP@Dj!c@5OdoK5=-LuAH
zjpr!yGFx6RZ~Dz1-wZ3cov<Q*T+>)S8>?4c^@TOa^O1#@EqC*sh5WVUy_4fZ7HJmF
z>uO&2VjT^nsl9D*62R*i%XAF7B<&K~U^}4;?BFF->!Orj&<`bs_ToP*Cq{EFEsY#o
z&zD;Wvgd0b<o46cX3~P0*$=A_)w9bur+uIeHVKhf&f(DEf#u(z*Glapcka4>Ap8!v
zJrs_g?|hyWALk3bGDkYTy}#7&S~R700Zctt8T*N)>ti^na@kg9YS=2QGxHlM_|YV}
z{mqTP|JhMEP{SYr(`NurOP*_DnLg;Y61nI}g(hvJv@KwBa-&dQUcNmPtADB!>ayQG
zvq+jUOKB9?Ws=r2of&dJ3D6(nk%As(Y|vlynQnsQJ!XTQgF@Gnwk@TJKo1lYR#p`?
z9+Sq{?0OD!XX}VUz4UUkH|xO;s|(|Y7Xp;=J#R-(GJ@j4xPW^kL3%gX*}AFz34^2>
zq^z%V*gr7dzr(7U(YLM!){Ay*sM{9B3p{<9MJcF!Fo4D{dw2A6ACCTX3(nCrIl@#g
zbsJe2hf}dtlaMnzX^q(nH>mOQ6Vsn@XO7OvcC+f-*z!U=hh`3_p~<p+bO@x}B9bS|
zYmQ8`%p#DVzy3&I3y(Zu@V$!RciDWM2j<D<xHv5p!7EHvp}{z6Ja57G%T-SMuvXE9
zO%Y}}6E@}JeZOet&&~aBdep1y{uHIX1?Al+sW_n;RyYE6ddg&qvZbq-Z;EMv!!bRG
zpp~fpU=j9NwvQivto|cUg_plUIDK@|^JY{2M#lmNIFLwVL61r0Q};z5uQQMcr!SBa
z^@srYy!JJK*2`T&)=oPyc6)0w)U>hf(`zx8+|ttXN(oTV$uo<Cp2;!vRA<XkP(=Ir
z;mkL>rS)_kYA~k#bW+n(&CnY%nVkAthPV=#Y#s=hn=fc|<dhqLwdTBPj|}plI^Eg|
zELIJl-xntEH|?r9Gk3d|lh~{_nZrTuM1vLznD|duQ8_GyBuQx_#)2(x?>sz_{{C;R
zy2&rcT6J>%(xU_4E9FPmacB8*p1TJ*N`$PO+W@IWt-7#yhXE_qkL#iFX4b;^R7w5{
zl6OMkes2+CnkaX^DcqbGRFV=yP(RxUJI>>zv{|W2+%3-_O(Jc7PRfbxvj;o5GD+Cs
z{7gU`OFI#@zD0AB(gFh~(e|kOzYjFdl4md88M*qs#a;7r>~c5><uvOo&j2}f#1)Qz
zDgQo7$L1d_vOFt@^jRt16`Gx~7MLLFA|(RJEY3CoN7Z*<91Nj1@)}%b6qY#D-Oqn8
z1h0G@G_yHNC_m6%A5K{hV(x;h>;<2}N~(BlV($rV{Q7EnForhSMhI?k2lqXcw=wM(
zx@!`2H72-p{FDLnfuS3VIUYPLp&ISV?7F|>@`8P+H2&WZ;644u|8>vozc<7FZ<}iW
z8^IS~d%2JB-vffW_aL}*aaVF^CykN$@0(Y9skY4|7+?B|esnD7)rS9mACDC*{#tVL
z|7YtBFpep@q`3GeQ`XbO^5@wh%f0FHEWPGdYEidJ-Wf!4$fR=er6@=W-zxUW^9ISN
z_7UNoTf&yh2IoYxm!E1m#+2NgBEg`52&`!LK=+eAgjl@$UX%>+HGD8PGQm#gx746p
zWPW~xdy#rR!)-@HD#tb+y$qlcD6pPmB(zwd8BkjcS?V57flMUSIQrx*s_y=9TK5f2
z6=$yi#H1i(PHsPe-!l6m4x5hHSeFo5Sp8^-(;kM2jR$-EQ>l}p@V)N)`0m&%-$E#(
z#z|LN6I5w*b5z7Bq*9Tu@C+=ad&&ZMF8`gyc$~;St*+TvIDTB3C1P_uJc-_SBSYiU
zv$SK;$GtNg)D^9-X=4fp3{yq?;yr#Dt2Zmo=$)QZ4+@oiKc}%3S^5o6oaYUXdP((<
zHDFql5&DF8Ov?iMDNLhmD7*8mg<MP%Aah#Y=I}OUl;yS>ud*yU9$H1qIaKi7IbC;!
z-hv3rEVjLAF48wJuz#)e;V_H3^VnEPe=$R%bTE0$YKA5xHLv6myt}UYV-%c5H(twJ
zGMevsd5|q1XMW^Sk=|(=z#eERx6D6KV8TC~`%lqsr!<xIxQVfLejNWW4YBV956z^|
zUN`oj$V5549%xxpDzM@~t|Ox1Nfx85$egCwd|TOf2%#*zLJMSkHhijNLc1|goNt^M
zJ=|^`kFr(P&xM=3F>&{MZ4&j><m$9G@p1F1%|FjAEnj^?UWxP_t|JCS_$_Q|O2^bR
z>CF@i?ma&cGW>!JOjF{m%4HZA2ZWxYwo@!#69%)zuG)2Z2Bl(Y=4tX5X%<fn*J5TH
zHT6S_vClWI9U0_7CeO_K80MAhMBNrLLUmm@qW7WIKE5Aj!3*5s@pK+U?>hb&baMKZ
zfnJb%mxi9Dg73R+?+J!lRvJ3rn2ccnhI=fdKm4yimBigg-Bu_eijb`^ol0MuXmE6F
zUP;Qq%8+;54PTMT%4g8jx1MKR1Qk6)q-d?9s%#IQi6$zhI7y;XF-%s<Sy&`F>Q)Ws
z#_Q1(a7v6xil=5Ae7q)H^a=LS;@gFpMAO5*(e4sM*0I37uazHfvG3>Kaa798QU<Ir
z?nZ%+ip18Oi*3vtJLiPH0LiNLjc3prde1Gl1>A=g-X9){=0oY#h38E)YftNQF4r$Q
zqwb>$mJ=yL<S7VOd#zCXDg6cVpT6xxpvI>uAC2sfx4?Hi2F7RfNRUN2vjfH1M$Z;=
zB)#y<sZo)FeHc9c%r-WA)*#)s<A__W(&J=_g?Mc%JlenZ-L-n}kE)gHYPAw=2DLb7
z-&e|Q1~XL!$^&OdmIQWk&Rm|?14G+m@I)(Y+?{pDNeiv1=Spp^ldufT@|B;rJj5W3
z&6SpX0oAu{|2Wk~P!uixGz&{b2tW5o^q#cM;K&Z-Gv+*+3Z=l%3$tcD9#l^bFLnkv
z5k(?RExU3nJ?&LZmXyQg{jVKtiKn@L5(F>Ij0s#v5Y1|wa+|^m6XWlvt~IcUD9(d4
zJ@(tyynNEKOCUI;RJBa7h^^gQod$a2mALg+G5mx1o62XB2|}9&SAugb^B_3h!M(<9
zm9*C3MMCx~X_o<V`FW8JYaPnDC(aQw^8%J`xWkF>XjEW~9dQvkxOKTXyG_02SXcj=
zv+r4p3T}Sy+slUDFYjgE$#auO@Vc%&Cuds;^7v}3E1<Kl5?_NOEz2$;C541*bUT-s
zm(*n)O#Y!0q;D<`Xd5e8Ym1LEf5Pa=o<65mMPzC|mf3_CTCY5n(h&QmDqFIgWFq2b
z5;>|9LHTqm_IqN2(VGFJPaXSk7fYyBUroG}G$mV<-5oL5b{L<C(@Pgzvo>_^&CnmS
zLqW!LVJi0%Epu;>*jMN$5ycc+J&)A5n2eYr4OC>JSvEuU={>biwgA^)Ta|VBM+v6$
zBM7?zd{_sN&#rbcZLI1+cXP2ZETHSa%l@@<SnKQCJ+?YP@aT(*n)@dMG%Rm>nErv!
zD1oOyo)O3b<RG_C_jsZdCBEiip$NNLmiOX=4xYF8Cwl<GJGC@)Xo_I}Q0h)Jny~kP
z%kp_&m9N@5(LJ$dfI2J?B4rzs@oYOXMdu-o=_rg~<@H=BaF{0)+_rTol*6b&`##V!
zySpA;Z#tQa88TU@Vn2SUpw2XwA1&!_a$-7Y@6|NB^8k6bFw42C9@bl6(lNtSh|~q~
zlTP<A<GaW#5jU4uD^rcGz)b1T)5hCAum|IEAd5v;T-m<w4JW1vCxm+W@<h-pN{xUN
zjl#Qkv&0m~@nSXY^t-J`Mk@+;_%K~>a<iK{?WxuRSR9LA)O{#i6sF>eo^q-bi3!Nm
z%1n_l*azj77cEC!xyGc6EJj$b%yNfHtxtb^>4aSsaA#%KT7R<leENQ4oN{yS&b=*T
z`t|b1TU*~vb^}H)($iNgbk(o>o&edv49$gs3{dGzKg|bMNe0%B9#ti8C`2-+hz#C4
zfDJz*KRWNagFM&HlRa7fZto50e(w)#*WrM>wZ1grXqv-C)$jyNtx^<N(YXbWja$ZZ
znd0nwbRtaQ-;@V{tiGDdtIyrfVgh1Ti={1}FdDb0_aVijYoz`})D%>EcC&OD<bKiM
z+|Q_5h3edI+P!JB7?v{c^;K|5mr$T>E)Weo>KC#5<Qx+<Xs44Y^H6gQ!mp;h_eM-=
zbhoj0;L94cHJ00p?*6dIo~K|4e?&#DX{WALK|CnQ)^pvttK1eX(C6?>DkD`5=l*#3
zsk9fZ?|KHOo%NZzbozXNA~QhUzw@5e#gBdAPIa4~+E&|{|G>?CCox<xQn7onY0G;R
zgi~C(h9@KDZmqpvcq(7IG8=~HCwk}ChffgX-bpI`a`cdGq^rp-JqCajV^-Jtw!bkT
zS*;<KxG53T>nR98)kIra&X#E2J3`LA@wa1A8YkK@>M;pQ570o1ZClz!Hmy4JZ|?=J
zFXQM+cJBUY%39OfGPBiYQW*Xn%1I#Sj+4XhIwJUqOecGv<a{H>#7bx6@{*IQYes}>
ztLTqK3JNtoHOt7PAkD#yDKLB+svBlLuIM44Q=@&yuq)ep->j7@={_eNUlHqC_ZX5n
z(P6#w8#5!;psqjx(CK6`+rrfOZP9A?1TN-vs-T4Gegoh)$x@?MIV{RLO5e&!YMy?2
z$L*c;XqClS81fDc^`~V!3jw3n)~&M7aDoFh)>)Vj!C{dvZqqCn@tZ~}@4TshT%5{|
zK{;0Vcdu?sVZ2;N#+_FHa6)pZkf7wM=*#xRqC@T=C0?~(Psjn{$=g1X{ietz&2!zX
z4})$@k_(+1u&AdoG8!o_QTIjs2JA!Ks3CCCMKJYOm1#;PynMN$6qNakMu!k)D?XPa
zi|Sdwg!2-EMm^yhKy@^t1=gE$--~qsm^=yeth6%?*}N%?BltjYlQ5tL|9fMua$B5C
z2;V*7--QqjPK}gCXB>lt{m<trS%u4b_xVxL?yt1yYQKYPAb)sssi`wPei49@KeQ6!
zILGNiE>8^%@!SDm@9wJuu<!y1&KmwWnK&*JCh9&4AqZ6$VH#kwL66Z*DBdM!oXnEN
z_k+v7(6d>pzRvU)i%g#oCKHpR{3G^OF~IrSeaenAkk}mu1Oe{9eK$ST8Hbcna{T*v
z(CLrv4-SA=Kjhi&jQ}I*L)|4?8m1GEE~d-=S&90@+zPU#Zw_GJ7IA0&^EICTsEpdf
zen^j{1mbbO${Ezh`fNRv{%Jm_w|{GN20HGjA7kz`%=lRWVl9x^@{y=1_;r020fZr5
zO@($kNpy(l$az^jUe;s;S{#pBV0ajv<&k6c{4w#-y{dj;R=BC7Q~DF>E53gmy;u63
zSt_0p44P{yXVg~DvihAyNwfW7L)_Qg{5-E;Ixl;JE6-(Ok~40VG&Q|vk77tRcaI<5
z@nMka@mWC+uP};>!Y6$na&lSt2WfIMeQC;>bobC!dCWx{w{IJ|(l|^AfIsAY9rZjo
zsQug;xSJbU6F>Q!$`Jok#NuA>RsIt%r!0lQqLd^zi~BS@B9>1}XaM*+-_LF=@~(?R
zY8fEUpf#hk;e1IKoh!?9?*RPSqu%dY#YBz|{^?um7`}yh?)Xw$QAk}xgBcU7+rB%N
z*3|uDx%C=YMtm8Z(yHFAmcpA3j-nL)C0Sk-PdC<=U6a9Gd8FIZzL<+vlQaYuGdQhE
z`JK!nzz+gp%Wo`$23~s)m_Bg9bw3(;ZsaE4lmRD>_gm-9?-Dv=0Un$SA`PAd!8klK
zd;3-bg>v3U!QJxa2(Xz9wX+j_?=8e%g<H)OsgCbW55%EQ`|(wf9|5<Oq_@WsHRb}o
z>viwWgFpaKT{r!`y>ptaLM6(=fdXjI%BB&AUCJ<AnRO2zEycw))m5uWe{QRwAU8<=
zZ2EJ6ONN%C&$Ap~Cc;!>wYl?PShEIQxj_GvxyI*nvxfjJ*MXz2BPk3=5LJz3hm76I
zFddH9`MZ?Vp+~SF>vxUc<f+<$LvfYI*V~CPM-EYVrk(0n06NIShbjEOQsbJ+kA!7x
z^X}F2e27kgWw?eAK5+%HN*T9Xa7m#!&)~H*L;OZ5!1mObKzdtuo4UiIbWqpL&F4)W
zf{4-G%`S7kedX92EcjosT5?38LnCpjz2=8K-tFi8{8ll)#Wh&4j%}^_W<Zy;3M*Xh
z_ukl<)iYikc3f<4W{zRc_A5g!^_vbY>LXr<9&VWHV#oIW81DAVfGT1-|D0g1FayUx
zP^guhRZIo}Zv>Z-NEe+IkxM{(_!A_H>*K(}dsFswMrW_uoAZWfkE9-Cje>Jqi?*v)
zpN^r$)78%69rw$U-B&t8tD3vITmG3HjU&jdzxzES7h`+KcX->myI*S(Ho{LeIt?s7
zggmHk6-#H&U?)#sn#%v_gc+clIosLU`$rxiPTm&k>eh(|uj#CR4B&aZ2xWe@F2*)2
zJkE+#$V>jacKEoo0sdj%B4b0D-&FBd>QK~`%dVq)>Dfk?s6XOFU1lA2HnxwBwzD4T
z+WCqOxIthYoeH?0&}{oP-tq-&Kukcb)qK2PBKvlNAOK|3j=I-8e<(8Gmm_*hr~g4y
z#2{MZc!R2$S_zyr`NdDFUFb3Du=?x!TShef5|#2#et-;qRS8OhE*3|F6~1AaGV(N`
z2+E6Fm?szOChZs8niIXD&7dPF?UJ9e-}TrkXoN}LS(+w{C0$va1`aM8s`E7)`ZeH8
z*wEWMWdTim0TI9U0p4C5%eniVM9=o1Md*<I%5VzQ@uGy`O2;Wz)<MW^SC3Tb_3#Fs
z37Kn~wUt^y=dnvt?*g4Q;HkRuO_ma4aEP(+jh<%DPWOekk`jHYF4BFfX8f5)Ql=~u
z8CqDm3c@?zhlFzvcr+i?=nzvwpi68;E3AqixL#jtc`^@LreE5CeF~E_oe5ZgVk^t2
zD;@cBtSeDzaxYYPu&db0rvbdPal7Yq!uTJy@m01Cakm{n0U+OJ8u0X$GSHrs=*gc!
z#djt@@zpZlWI(v~>*E}Es}r9^-0MR>J2MB{`%C^v7>10Wi&`1TEyLI}I{fN#>KcZg
z)t}zxa&q`mcf_kY10I7LF+*-(jm@%oI_}S-8BSydrPWF~&+fRsi{t5A7ffOAZlQjy
zt8Jy1kl*gA`cp0e*}ABt*wj7!k1a#&I)h{c)BlT5%4cA^BbHCfZSilGs5bs9hk>DC
z2z_<T+41huWy_1qs{pF-%k-UCmaCW5b!K{BiA5J2MMHVEiLhm1GRQC0-3W=9s~0i~
zL&@0CR{V7T=HaAIxtUAj0UrG^v78mS%tSj@KBWdBTp4uZ$`}gyROe?TdYO|;_9*8Y
zy2Fa;WHe7jQ5VP!Y|QIUo>kVH+-~eRa-{{zt(hS4rR?KYXI#@e5_Vu6J`IMsbW?GN
zhGH@tG6s7&b<6J%Zs$2Xeo*Nd$2zCQHngt6Tgmo9xG0)rc91taXqa_~IW0NTu7w5F
zy-Q~Z_TW2cX&1d~+Jy1H%x`_A@FW;B%XW~Wlq+4tr+%5E%G?moCh7i^*?*xxu#rK0
zIjdx&xUact(RDw$#Y{VV6V=>t-GFT%-^J)A091obFJz-Av+toux8I5NhI9@(;o=Df
zNiMk>(uZS(*q>;MQL~-l{CVEWoS<fDm`&N_sG3FksA$|WCN?y!jz*#l$`*!ZVyjhT
zuC>cVt0aNh$jF{DZii0@uvB-Kajuj7;2)s6ly|8!&ff@@L&<B3kxj*F*Am$=$Xh)Z
z5{$kRr>WM5PIG7M@gF+Av*-&P@;O)=z}Q1z3i@B6)PtLtkV;?AED;x9Ijhaky`MkJ
z>@!m`nIQE79RnT)&bhuF(m#{RRab8Gk$x$1`P8t~`xn0V3P{lkH5DzK>=+ythi2dJ
z7sIp!)6@pGxQp#lI$Ub)dvSNMi^}ad@lwc!cAVQk|Jui8xSR4jtEpVW)p|6eRy09H
zJG^W=N3|;{{(PAm(kil-q+h~pX0nI0!d>?lS>w`o$#0IcRMgmJ)#~>)80!`f*LBpn
zvYlE3Z$QasNu6m9wBnue`z*L2x>)uxG@VClYWHTqcUpo6P=0qRejDCA&aaq4OrIGP
zh{eX4)~#z`qK~wf4=;}Z*D}=mdp)j5n~yQ|&Q$8}f;KGOLi=*kYkAL&$E{SFt1DKy
z0_T*1xTy5U4i}T^yjt=u6QZ+e-`IEtdASg~Fga-zQH=684t@%({fB|(D27{uy&uQ4
zYYdpWvc1adxs&geERs{+>u8UtN0p-m_S}@?1rh?8EQ>0Cpb_S+GwGF4GFrlY0i){v
zcx%5sza?`=(9UJ9@FU)z-EK#tX&F2Y?&mK|TQL$URb`bqA8Kzy{P+c>gPpE8&+NSN
zCYbvv(Vu)fnSpJc&)9$e<*0PsQ6tr&MHgFXGG3Y5)J`nKw5S2~!qZuEc8BdoMX`-}
zlUVP9(LAK?29bR<Et73z_IpJnc#(ybMayGhW~KQuz2udMQ|u(^GRb><SZaL9VElMg
zJ1$Q2?xlq}0pxxDyctNWL>JDaiR4TMKPbc&aNFA5z_fTX((H&XZ3ZH0r0cV1y4$p9
z`l@L*K*BMt;|Z1FV=w(y?5uDJ(J`K0562S3tK;cL8O7YKW}_S2XK!)&mT-$MZLwIl
z<bJgD|9ZXt-bqWvb*4i@ZzNm06=O4lWqr~f`Aq<-olcgtsFWr#^=5kZ2(m%J+{jRG
zKN^CJO$QFo@{Ku9giPPHP%1D8aN<njq5VzuHK#FK#gc#5{4xst^nuu`jbQnVU5Bd&
zXAYJjm&xUMrofAfCUpldB0=BS!6}(9=!<D1IybV63nsBE<lg_;pE2~~*h|6p_mUo|
z(Gw?s;JeD3S!4;5hNVBvUb^l(D#Qq@1Hd+PKz;-QbZ}!iusHwn;B*9thx{Mj%5`N-
z6fD5NiMQ|w8!_x34YB5^3<#*S_Op2}5ts78J5%S$uvsfG193N#FkO4So;6X$%-5`q
z_EG`&dhKxQ&Cuc=i4XDN9b$V|DJVPD4-sjj&ckhrE#+T%T`|<orrMLyYWCaNhJAM(
zU$$9t=j>VRj9|pe#Dx>sFDhme+7m2x-s&0FzB1LgW|9z9(%SlQ<qnebi(xIhHSnCi
zt!+-CGGMN3T#XrP{Vlz&U`$;rJv@E&#9Nuwiw0A6m3i%^P!CFLIjLoJD+jB$WEeM^
zp6;cyyI=W)s!`{#r3EL6yckNIblyK3<IQrsd?$g@kMlUjLcpYtXxCg1BYynT$rS*V
zN<FL<=h~%T)6Zb2*)mC^=hn+NZScgdW(T$NqH~T9R#TJF@Q|B$VffOluWhX?(UndZ
zlo}f!)Juyw8x)C-Zj5mJ`Q(B>#{v!^v_oT?Vvo0F9%A6K+cpvzRb6r<TDJ?R*~gM-
z=M5RV_L$aG>>3v}8CkKce%^QvYr-qfOFq^vm3=A3bK+4C%vADydV3(zukX$!YB~Ko
zaeWO8X#PdD%i0wH1sU0A{r{<Si9KevJ(q7wcrQf(WTi}w58fYDQN27$8N{j6!Sv+$
zZL$|N@ex5cfvl|bzESUME{%;Tay9u4?)QiIq8tCux=Vxs3j+1j(DhCk1=k(IHu!;#
zsxD39b+SiOuar>N090CY^e3mx>mtz5UEhV7{Z49Ey-$qzyiWZu`qyo*ki8OnFv|ZO
z-J!<;wA`Jf-tRP{S@F8wcK$KQkkwpOOglDXG~M`W=!=XVWBfy_|Iy8LM>Vx{d#()&
zh+d>iyh;=4B|tEMA_ge|>C&4JI?{wlyMj_QfT8yw5Rl%b1@KZsSE@h&AwcLzhfsVc
z-1@!s)_U)Ie|~?Rb<UZYGrRou-ZOLdp1T*YIoQ4qLDZGFz7qp0`h!5PzAnsuK1V_-
zNISO`FJ9rRx0<?sO=*uc1^LB18rd_zv%K_%K!-J2xzA{-75=GesIof0*-wxIne40&
z#0Y%#N1C*NWU|#zMu{0#REdt4ekeD>GUZxtY%_O$mm&zK(l!>4l!x^O?RO|rebkVq
zW`AQ|qsvGmMibXycGxN39^CfTgV}0I!ntlAwo2O;8XXE9lGS^BGP-U9P*h;O3Q)m_
zPW<30__aJ9kM#Du!%BfezIMArf~{!5&MWFEnO5nwMWqL~i`<!J;T;)+&T0~}bRyHa
z$g)b6O`8z6xel843}abRF7L6`R8K~tsf>@WPdC|7tqExidx5qu?Jcnr^++t2R{ry=
z)6Jp(_$n3|(N9ET=brNlFmFf+d|e46nJT@(=3Mh`4Ezq#;-_uL_s-zXZtZ1SNZ;&Q
za9KxgygRGC7?J^Uv#1PlZVjC^0=G2qt1%;|aMW|{p$2o|j<!85&k6W##lrT>Wz(%b
zCRF!)Zxx&7atm*K9|%R)b_KvcwQU{pU0{nCGaD~naCfC)q#<N23mZx}n?Jo8Xl*GO
zz72Lo;{2#ImtamTE+9I2!f?LO+b3ZJDT!P(b?jNHw0ete6(03e6dN#T70O89vqGu0
z>r<BJ9d>Je+*OhJ?|}myLc2Zm0Mt9i{tP9YD%11K-n;TT=M&_#kMt&KbfPKn-6PN~
z5^*c*Gpl-Pp87NW<jiqo1mEz}_k5S?VF)AAN0*~kF#Kv@U|aW6m{FARxx8$Jj`2!<
zDynUUJX2|pMQsA0A8l4Mb}xs(p&vMNE_R%vdgt)usBfV^n|KZdg$i=$T`DhBQs7e3
zdCW-l>(i#ixSnJPy(EA=7nW*+G!OW#J4(3$Cy)dbVrO~eFVPg(|BaVoGS-dM(*pQ7
zFC$nXqm6M?h;n3Z8ZeReph2M=|JzyIfJM;a@gEV;{g+-5a>r6mz^kYMl_f?>Heu5h
zU{)u|61Qyu2-2NoD=4!9Fgtyc_z(#L`1y&F>5!Ir6=>RSK4Ya~`{KETRg$Wy?&>J!
zQA$s5MuDAKpFLlgEg_zD45joPoScO_luDjb0C{-Mj+u1@+bL9j4Bw7$lWwR*_nb!F
zio0?KTLaLnbeY4m<mCk3FHl0N@n;_M$8?;dXXtNAY&@#RCWOJi=@kFe2KE))U5)mX
zryb_Q<FQiyz+`io0?@%c`zW6ywrCmWK)$Y_U`uf^ND*&wiAQf`jfd5a9c!da)Mh3E
z1eW;O3ER?!VzHljUmM@v>Auu_j{p<wY%wpd!LeCGTYKD6QS`i$ddRP~E+aLac<_N|
zcX1O<2yVB_4Rd|=P8fmTa~Q0@A>!%?VfHTfI2Djq!$e_(<&48OS6g3c0Rgu)vCO5z
zZW%%1^ES6NEi7|7?>4hN%%;}|`*Pjo7^$33*q=LuP_xzGYB#S}gIMCIPhIBF?te^u
zF(|rpQ$(vSJub<OQIK{-Rt}>F(RFj$W=&qmIRMf{L4Y8lpfD#bHI?jzxS<05j7s|F
z@oz?R49j2z?ek#-NL1M~7L0HBd{8uVH6q%N??T~GBGho0C?Zio;{hx5o+uEoOxc>v
znj5#BSp?U_jt(A1N($&f&JJBTAF!wiNH;SYZCFZUJY3y5>x|%WZePS12hBLo)QCrR
z;=6tL%4{2OOB+U(97P|m+I7G;z0$H^g#y&szq8`n?>ezlTJsy*()fW#Ut;f9+_$)4
zD0}?`euc{&?$yTvaSrnkDp=Ym>@3@TL4)kjMa<N2t;S<{C5Is>2I_3I9>R7!2@xjV
zCVxfSlOkFO3VJbUfT>9Pw8So7N+sBPm%qqvC$CI)+sK62&#YPSi2YaQVW)&5!L=Ib
zUD`1nHPC7I*t!iPg2u-QMUY=#Owz%1WOz(Wf#pMj&v>U(hl)L_RC<b+`i%+CFXwab
zQrIdF0~w15WXl6EP~roSv>1Wz9C<ITLdo~hRHE3X(;N}}MHUi35^nS;Fs*FRNrJ7m
z>Hh^N{|2W1ZmJ&1ynpTm$4n8XMJ0Q4Q}cUoO|Bec<h&f*J8@%!=yGnm&E)&;`pxsM
zmtde&P7zn0#(``BtgGUa>E?#27#n)kSA-zuP4(xxdK)|zM6@gb=QJ}4u?Dc72K|-&
zeWf*ZiyD7*!-TrTpv>cFEV*(tMegOoVNS1zWf;_*Ner3blyVqbVG+`?_Ihc<DSn;#
zZZA?)Et9Y%XPJBK&QIJG%POG>2?!(jsuOm#z2S2rmK*H*-#fii2t4Nl8ZQD9%M{z7
z-8_sPsta;#cO<NOt@`HTS{pSZO1fH8_eUGb=P=pL9VyN|7`Nj0owav+(MxC-<S*ZZ
zrNOiwX=aaj?;h;-1kMPog`mB6^))w%BL3sZ3S`hPw@1zbQGzB5a=&yz+*iMvhY$(2
z++;0lI-~ud#5$~|XQB<7TqbuZZheIGL50JU)IC9r@-$8@SkegV(+ZN-a_?@1ms>4I
zSK?B#9A=G;?RM+9HxhjmbXkyVK+%JCiW)?=;*V65HLO@_?95_Ea$&z%u|#yf!?oUe
zz&<yv?aES};A|za5(f-x?=YhgW*B2Ifgb!Rn}!%3owo+oc!xF=rIm3vxp_YK5{2>C
zVfDwf2VoxLNlVg5>1X>iQbK#P;E4SXtrm|iU(+UvHbwQ|kt+HI!?VV5h_!9zjp%|N
zycMX?q}Gl=-asH@du2$HGwpf0$0Q&by_ymyxiTZK(c}o3<gk}jn=X7W7^$t{%o{7}
z`9A1|3=@K&2sO_;Kf5D`XGd%U3SBqiv&xp)NjkB^8Ekiu;Vwxv9FrY12Hx;%W-}dc
z(W6pV&TyqrjPXs5h{80kCzPbNeF~$GL|h^LT8IUTpSS}=i>WWnX3$*vU9EsO&@}uV
zAQZ4HzC8&YDaq(c8~_JT{<wMEcb*boQZn14#R2e8pQO!kh5dU?mF@sBqfk;QMaj9K
zXz3J8T!8<O&i+gEs~@(b{n2qZg2in79(HebT6gr8%3m2Mrtl|{83_?ciG@4!8!GqP
z590Ur>V9?%2z_@j+zYj4c5cUngej62i#|>TJN@z(l%h&+!wL_@vF210n4dj<lw(D`
z!L&+8NUd$>io5<2{rg%N%T`w8yrA`l=(u!(%$=YQUG5%8$u2Kc3JJ=>qv=G(i0JrB
z$F3i+^nX34;6&UxF04^i(aM^zccp23S{LFIzU(<;7{v`J8V|rGO+5ZjfYdkW3CyP4
zEFG}q-z-7Y?+6v_lXy!uSkwLikeFGAf50OHpAai(441a^%eNnu9wHlWi@5%3b<|pe
zGcg_o1X}lpK)YD$T9<_x2G8f~XAC{vf~_VW=~tn8WfhHCtM5ARfG~h<cQB5yi%u0C
zNJzH_etQ$J)Ip053+CmKxPRD}s(R-MuNT~kP;-ljM(-ZWUx~(13^W!+h_sr|eF?ei
z8Np9<VTo)&FZDeV<nZL@yNl`-0<1EyQDiCVR76uY7*{7~JZT@<Igb<%B5t}^Zi=r#
z<AY4Pae%e2r3}UumW&18a8z7<*T%VJeT({Hu1mrckXwtx^8c&X5TzT$J(u`af=c8@
zZZux3=N5Sug=E;jim9+A6A(Z-0d+trIpfd=W{-T=l~>}skCYXix+jb~yJQarS?XU1
z7OisyqYeMnafktqgNRGc%5bQQfF3^WiX7i<JgU0a9lVp+<)gnKMJ>Mg7F|N31^hn6
z+3`M|`7&F3<`R%OihTtzIY$mAhzMTfX9u!8mAL@KYtf;grJQd^q$o8WC}tW!4Fy5I
zl<?_qQ~$q4TK`E+tA0;{Jqb7d5lsHSNCZ|#l%;LWIbdl!hS$I0e<-4(qoeWg;cJ?=
zOb0tFn?N--s*n_Q*?rFUK070b)Z)ZX3%=_uOk3lgle})L^V3T@-52*P*&s|%wmo1E
zY(67G_6?uzL+vKw**>~fWq+~lb3YBV$~-=~&yvmT_1yygdW*Tjzp2w?-$BCo3(_8q
zIXCFkNk8_f%hmtM-+^PY!QWqAH903tIehD=q)#vGQdLfvcUn-}rOX?uzK`Ut!tBwv
zIS^mFkk%mBpPfh}RR+lEhmP8=nQIX-^>#*|;EsgTV5rG2M`nu;$f2SJ+-O)&aYFD_
z(;_?FPdCQ!^u`y^^>P*eLtF7t1vW@F`yXRlNN$t`e{k>CG?0>ub0rC7V(pa|KI>0-
z28DxUh+#$Ajq?kb%sQ@~t;+uQT8Un)=~@1+ml)o->&4bI^+p3mAXt2zAw6qtX4z!4
zTpy{R!RV9vc%fG60fRkb-y27}DmFgf!Kz=`CcPh5$Hvyzw&br3HvIs_^<}{o$Ia7C
zoGyM4l0NL$gFFb{S;>yNS;V!oMfWABg%EVfwo}OiBd5_XSN>Wern*VZNf5OU^+@%j
zohqkyEDu$aL+!oLDLZxCY&{b^q`BJ6H2<3E8aM6^N;234udmFoD5A_oquSsK?p{~&
zf8AH*t^jZF;hhcHnsW$wmBPzlJ_0E(H=>twATu^L$EkV0bd808w4xdMR5W_%-N=_O
zI~w12b49tjn#5iHlL)gR3=?;~!lhyD&nzDPG<%aoT5;0r3)3L!E}y3B8oQ*=qgSj~
zG4)ArW+A0Ls__+xJHf)6Px>Vbc|N{a;It$A&{eTR$boOHd<1@T<g@K7x|#gk0~L#b
zZ?4-_Df7dQXX8wjlg*RsS=E6J`4ZstxC~qFRcaHT9x22q2G66vTkauJCq5xgNMx=C
z#5?^lfz+3En`8RZ7E24BmY%dl{Q3w^PlArY1mRFJ(n5K1rmLQ|e6Qj{q3D|-bAyGv
zR-K{|mm4071H6r>)d{JK^}C-$UEf|e8NaY=@!^NeM^rCRi)yBHwasbnc%c?@r!Upa
zM3Gr60(|s}6_ULqJXXc(nBGsBxOj%n6shmfV_L?0=QD7MA#;$TAm%!uXJR7Qpxm`k
z`u>Kj&yy@);7jU049rN2P`eqPw}>|#(A2qnH=!RZF)@V2uer`MFmiIwQv=-gJ0G_R
zGp=s&e$Vb_;4@eu7iMI0bAl9DGdOf?zk)(edRA|8ZdwJ7Y#vh`Xv3aGQE=Me)UA$U
zHSy=ctgEfNpbs!7(WwgT%LrBX-Fvj2tQg0+ShSc(VzocnWTz;RWwh&bzg#V5NYL>9
zSj5Ihiy55rdf$hLi>LY#$-AG#|EBKUms~N+&SuZG33et9IhW~Is=@u1VwI}Nm2}so
zzJ(T@;!x+;2s_M(Qhc2Q+UDm;g)9n>vqCv0#U~e=2hI`azs==uUuUu>|6GRdF<KUP
z8Ha42$tsGM5<{vLHZ^Bpc%+UVlv|DDiT@Up%EpWouj&7)w)@2}^_e6fk~X}6>s%4`
z&FwX}y-CY#v{+*oseVybk%ppP!kG=-neFsEpU+Se*|&Ka#psm%59Hlm+gJ!XN-YX+
zczD~su6Q9{@NUOGJdDdX^ab6kk)8yxg!GDnOr?gPXQO^F@3}6PJA8ama~)z<gUu1w
zA=3~TS0Y*r%3Rzv765<Mo87AO63xRHhrS`_N9epy6sl9o4foo)k)NNI8<<GEeg@lM
z{c+GMt1sQS$JgE_cJPA<UwUAorKOT-sr^+r!vap!J64AN3r0)bjI47DL!WH>CVU;M
zXVX{pwU<8m__BeBXD**_jDAZZQJkWcYb9~RW%DupiANNb%$KvP9^3V9l{aWmbW5HC
zeV8hI;Uo%Htezw)9F4pO0etO|nCoR*!nL&|9<Q^f`{a|4r(fY6`~$Yn+nlP~IW}2y
zDaq>fTK(;ehFY@UvoYnwE&KD?D~NJxI#4-0iAUEQP7pO{*h=}nJSOU5Vh7Z*QkQXY
z|AeQ1+lfc+D_C_WKblPywr5yzTNN_q=ld}bFrG?G2IzL)cNaU#DX$u+cBbu?=)JqJ
zQjkitfSX#(xjiqDnp_;YET-3+!(&H2cxb|I-7{O_-{cdVK#c*O1Z33eeIX>Thlg{Y
zGL2(3jXP1`uW>_zrBU(QiUPY#+;y<GlB=7o!{7WPIJOBN?%rKcSYO6NUWE!xJlA$J
z%3r`-@o*98PLUjL*<#`#B?}{HSB5Ei7Mb#v!+JFUj_YCrj9Q_$@cn`Pqw?BcsiA+G
znva+-(ui-2=Bg)zvyjAGNXUG|oZSgJFPP8t+peoA2A4X^bd%x+TI*mB59-=-Vm=EU
z(FYIp8(G1YEC}v*`1>gzLp9-%cP-{z95OG9Ri2Z$Dn=)(uDX!4JXRHN;^N*&gMv!)
zT`IG=XRfYZML+4C##${rT<t#wR~+>E2{4->Xcc;ra3|hUeEr*2-LjE2ZK|c13wPF*
zj5R1Jv@N>cmyRZCw)iho^X`i-0y3^7&Oy@osk3=RDmkl%q%&!)7dnV%lXT+$K|1l(
zMA3~X9`zSbI$^RN(r_>)Ck!L}l3P_65j3K;P(VlL6|QkX8BkAN_^{0Bo>YZR$>y8B
zo%mse#yi*qH;%z(x}^G+mlb_o*^J92O_z%k5P;C;wj9I1r0Te>cu(U5*>%aeF5v4H
z7<8T$Pl@#Y@`Wws-(b1W!ch9NKfH0etos9}+Umh&R$~UZqj>Im(2uS0Wqn5dj~HQu
z0Q=|WFIVl!Je~p)OIYFcbk{Y%8|hg>YcGXI!02PM2*>ioz4lm&g9}8(nv0R-D%e+A
zB-p>8lH)$_uir@u0-q*relJ7%!HQb-LR;_x^oaHCT<f!kE-VoLuzR!LdRDak<b7mo
zf`=Hpuq;}8Rta(Q+m(|UD>@T<(gA&yN>9l;e6~By7s}I`*-i9uDBW1wX+8z`WczOw
z<*M#xJ;i}sowgpIkn-5I85=IgJ6<Uhx`iq&%BJ8#GEMKN6jQmk5^M;cwfiHkiFcjB
zE7IvBOdQ9%Rj*<jGG4tUYZf0>aTm$~Zev7iFVb<E8hmgR0`^rJ;WnsiA3v9V6?{}0
zQ|_>GU+;+(ni-{@4Ck|)=UIdvu{PRLvpB*-t!Kc15i;ZsXF+a1W7!9GL+MZT(Pe%7
zN1*gpc;SZ3vk*0##=!GYejfM8zdaibl^9jXUgH^T*8e?ZGLlPdRN)N$lsjYRg#%hV
z0qo0J!e5~p_if)LjR&7eHUls+rE6BNoK<d=-E=%!k8TXV|N87PYtu*>f*7vTKKR}1
z<yPQ-57Zu$W8a_i4Tm{qVjg9{Gtmb}s2sZqpgRzH$sO-m?$_Ou*raT{GUP?(O|73=
zpti&ou`)f=Vgp=K1k)qAc=9{HbX2TTG`cKw)8Vjot-cJNh)t~Q|C0g-4#axc43Mc)
zX2>80`tC^!6w#!jDzQv(OgC%NX|f9d)9b;ZjDLu~ZkbZuoAWd!#>_<Ly##Kk9?=5T
z@qnYCi>E0kKUA8`K>cXo1gP=TNmP989E?)pI#U=Z@C=-3zXl5T0asoc)Jbh@^Z$^p
z#c2PmbEhZ-a_ynQaH?e#BB|QdS=fNTPfkjFb3%ZXK+^DhVeRT-<|^gwy$uc&PAg-g
z&ihAI-#Z>kZ>q@Hj_xGMA5~XXeCoC6fn@_QNM{O=1|RyX1Dum`%Xwo&kREaM3!PUm
zw<zU7WU#}I!(f}E4r}K!|Moq~qXBmQUDq1S-V~(af}W1fc97Hu`R~=-_bKl<FYioT
hq?A2BXpwmMLrx>5>sOmz*-pwUrH5(?h4N+r{{<&R1H=FT

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/compose_up.png b/priv/.BUILD_images/compose_up.png
new file mode 100644
index 0000000000000000000000000000000000000000..c439f5395d6c4c05e2fa5d205aa14452324c13b8
GIT binary patch
literal 8136
zcmd71XH*kW`|b@k6a`d7q$r{&O$Z8zf)Kj&-h)AuDkai{(4rtHi1dyST4;hGMS7z2
z9zq19gAgE8385sUobWvByzjgIU*2`Toewj6_RN~S_dV<0ziVChL>U=8Wn<-KWnyAt
z)7DZqVPZPL#kh7qdxmkIu}}sx8fG7pr>acfhWPP}&M9XVeHA9A?{ViT_NN*BbFa0m
zeVCZo+m8?CZb*p(6O+I*ZFLp10PtqEor`VvUN?Fzj?2mzIPvx32N`j>bL<wcq{2#S
z0V;?qre`lLRbaAUk2vx}q|Rn4Epba7=H-4!C+qiuqN4@VUx*QgQ^jtw-n|So7EUFf
z2Yztb6n=LqwQiC+n2`~*J>7gTo6&sm?TsZl^m)S8&}`%G%D_N|w9iViB>m8P7Y;jO
zV`i+9X~|xhe!N_!p3}+4!7^Pr@&D7R+Usa|c*2n_qrWY$JFLeepR^kGlYNBH_ujUG
z&=eT}T9#Pf{o(dk7|SDx{$h@jqROCm1Gt)C<$mmk+F}5xD#E$&HR;}?kX9kPTow^4
zq_UR?;?@JBdhB<z<;ag)GA3e;+92$Lv%|I!Z*6F)L4odVnbra&2v{6nl^k3AmV!eB
zZzk()|NeZlm8xmeodc#<_|3V6BhN$6JPbNomF!kgVrH7@t}?qY{QgEsvA+T4P*YRC
zN?w_(3_DhhWd9Z3CtcQBAuqZ8QtXt0yR55a;qFE)a!7rM^3K;}-R{1VNH}K=o6UOs
z3uEhf=L?^R#Ea}WEcUt6S*F)F?MVgdqf=@!O@Uf<64VrR^rM#w++OHC=1C+E_gG=8
zc|Jw}A$kcjQGWDxF~f8GYSf#RX9Ep8q{WO9SY^gjSA2jb$jQ1RI4uCh=}NM+U+-tL
zIcWdv?DGNWzd9#C8Ildb?=+`CY^e2Z(g((==NEb0PfHE{v;X?GH8`xwrJ>CRXdA1^
zKf60an9GdZi$7rxfE$sWY#ilG1B77vggPljJx=bm+Qbn_EH=#omie9l>HO5+O2rKU
zlQNOX6zi$tCb{n+y6!k`wzxjKKvLl%!qD!)7hxcK8gZrjE<IOHYu5Ca^w-|Iqg#&n
zfHSV;8kg+PtZv-H?CX8a6}J*;PmL+%)3?E@uKS-#TdUQ5(!TdzSN0y-S3xl6eqei5
z<h??7o~Wg`({DaUQiB{>*4TLOJAU`yj(;P}Qfgv8UU~r1Mx(m-2bdFbHVtQPPPV*y
z4;XXZZW0UM%#csnhUa@FEVt@&Z6qrB!7tInSp6mEI>`RvEE_2b;WC|Ga{{+Afl~4_
zwS-G2_p1$(kp5<&0?!A5{)y81yyK*mIA?92Uixgs$;p<B9ccI`<4-m^Bz3G@>lMkV
z@&&KGEL)^!)oHENpn<muIZ7-f15vt^n56kwaY<$#71sxQMdl|syTbLnkA8GRl7MN1
zUfoypWX>!~_^jZ|!PTK4XnY?zOX{SV?3vq~u8CK}env-_oz;6c`^w0}eA><T7S2sA
zlx4$j?Nyaj+WqJUUUI8DFQU3u!v4lf<281Iq2~F0Q+Fo!#ycXyyo$A7j<<SO%|L!7
z!Z^T6|Ky`n|Md!%MOR@gHTY}(!e%D6LffO`LFBH~FoUK63j`YmU#j~waUH1Rp(64z
z(&X+XXga~+s}1XwlidXEt{nR0Or+7ZNGhd1q7IqVS1cQ1U;UxG&(4J8r2L~3aoGd>
zK=^Db@$qjsh{VULp_R88Of$u<+=7>GnkM`~KEnZxY5e`d!lhJGNp}KAU{sr1Ddp2I
z2m9=OnL&GAkj#K{7Tf)w7u0#7QGJ*6kuQ5%dG#lZ$;+~?T$j+}pH*cqCm0}yKTpq1
zExd+_We>q-iH<ibXdw|M!As@0%f5gwLdWRUE?}ZlKD56(6Sm{8=6hJ$?}PvM{HxQB
zJng;pb9Yh?F^VF@R${QgzL#Z&wC1t&TL9qxj5t>S>j`t&+%-F+>Aw&kDfRBl57W5s
z;n#hS{5}HBX}0~vS%oPmeWbEsLb+MbJJW$-Si<*$3U(8}A1a{I^^|;-n$cfahsGqr
z8FvA}e}73huMle)C)!fEhOb4Wt7*u9L0a1D_gw=u(w<8-FH$Q`@NXODWmBA8U7*;s
zh-9*y+^Zr<eT`mmfmo89^XJWZ&~NpY#g<Et48Fg9C7>RZTKm2&t|}B~vV>48`&V;W
zA~k{dcnn@a!Hp!<CaR~}Mfade(&W?*e%PpRV#lLs{qA$IJHmZ)#y?<j<<W1|NLha-
zSypeHQw&l=HZ{7X<FB}fUa=``w78~*>wEj%?4qHIVc2xd#Vr>%AC}tdvT>m2*!<1L
zXcwB5{l(0dPIokE5-FaX&^*}V-n&UtpX@=|DoJr=nRyo(F4`a^_ux^}1p9szcs8@L
z8}vtJi-7p6n~w<2CxMi5Q=kRd+6Znl)Wd*hL5@guPRuV6H}dHPvX3~dmsn*}$su|*
zdkA$Wq!Cw>Vstdb4>O|?Qsa!+CF3`agxt-m+>-~!fYw!gz|}i33HMu=O*|WVA7sg7
z+{pLZ-D|vxO<nyG(4Gv$F0}Ht%e>ksx0{k016~)k<4Z+9+sWa~6fIh*tj?_qqRU~9
zPJaRHWYv8h>-rLkvgqpYufG3p#86~ff-cd|!n4*b3cEVeKYr7O-q;He_(7>pkLwgB
zzftz4g_HM`Opr-y#fV^an&)npN;WF%qzu>ON2l{>5b7c6%EwsSROrTq5kYDy*+&${
zu?Moa7Z!3|qsN~YkM9TkXXkf9(oik9g8k>KM*!Ip-WncxLwa)TGn&e_Q4?jce-K97
zlp|Lws|yQ>17EhE@OoXmqqlVf0xih3#5++B!Z-3lnBYq8bAn_=YOa=i@zzd}o^QHv
z+P6{E>bz$(kClrlm?LbTndwpF&&X3`_%Oj{TKoe;gk!^oBw)vCJg@!^&wqTu%B=Gr
znPy$+NoEc0R;)QGU?fEzmF|Cho2pw+D9+*A9xnnaA8mL%p+6n+>ws``{b9c;K-G65
z^}aI^doh$CLb$%2^Nuew;i=5!_=s<Q<u33smBjU~7Ryjp$pTOI^0it$Ka103iTIR)
zWPx@Qd-=5y76g9*PsQ)wPHo^b!iP-x;KxTat$8(H_1U=1uQA<^VJ>i2tq&2wad_?h
zKdsCiG@Znj`V-F=U6zFNMoT#dg6H@zd)VwdpD>2ePB`nn<+eP$Kp%F$J!0=&+`a>K
z`a(P`ka2NC@(|j3|DB8a<)=e?WaslC^pNZwK8Ay|5QCN>+d<L;?G~Y!e-=K0Hl#mN
z{Su*PoME94NCW`(YEscX>2@Neu@Jxm*s9Zb^U4usU_ybe0S2_);WO<Bn&~b;LjMx<
z<B_Cr9@+J=W-}b8_8$q{3!!iRznUj-y|*kl1r36jY~HZs7nYxaqXrxtiY`@NDs4#K
zrsr}loRFj9x=BYXXC&g_xVh<-mmrR5Rs;EZp0h2{Kj!06olQ^f$2zM{N&AV-ao2Qy
z<Zj#K38B=tz+HCBtnv7r?HT!D$NV<Z%N&Ch6D3!XU2dQpShr4b?zFk&8aM+sH?AB=
z!%mks2eQ}U;<OFy<iXQ<)>5!r(hHkBer3;XDbV%G2+mQZ=1*=^;bowiB`f}@q_f`S
zNPXQ|-Z#b%-p`Vhsq}%e2c>VSdXwW)9T06Dzu>S<Pc@lGQv+=mdyK+;i3dQ}FaCCp
z=%CmtOJgeJ9y@8#*)k%&%2f1${7I~jV9)~bl&CLCm!g;0A27~Py`jT_3@0t)Djd93
zs;rXA!`9E*oF$pqLF7^|p{ecoH_&2(jyAY2@7m?B`C+5J7)fo(xNbyScR^h$;1{Wq
z0%5<2dGu7FBKk+Kq*tEAQW|BH>3Np<7VDs|kF4e)P7mRFa3CNbm@)n#Oyw5$7zNiM
z7@EVTy*b{GD(!4aHDot|!?{7U#_)u1*&5DA$`ty~_25p(q~G-!UEikvPCr5bDqg!$
zsKw?TadZ9Y6NS?9Be2pvyc&JRR7jl5L_ypb$DM!cI+c`VW5++@+hBG%g3o$8!RG5l
zi}qTC(rG`P>0E1&-sJ81bd+8?+syq?^uQXVWA{`I7FVDh916DWx9pjo{i^1h+ORvi
zaC*7Y%{QNBU~=^2s>s1&%c(Y90pkAK`#-OubF9Z1L1%U_g7)mxqhCtOHIs44mK8<o
z35}n^Qb^)-YV)pN^JC{gtBQm7r=%-UFg|{i&F(|Kla=AUZf>+{Q_wtt^I%tF`OqAC
z#<wXrUmXtTWFgsC(09UC-8<b2y%9ov+fq(%hM)cM<xQ`uG4iEmSM6J0o7Mc0t{=@_
zYe#2&2;Ef*t5ZP4iz>=t$aYFbk{gQT<1f-bjhe()&_KjEZuO&vuiGp7NC`f#_V**O
zj%zv^x20x2Y6{B*AFex5%D|aG`nBD-L!r$rbClz+3vX(d_YNT8c8_;+@SUixyIM0P
z?j#@kpstuHTmRZlv|GxrR!Rb2W{h8dFpjeWppd0;Jr0JVl1Pl?;nPq0!L9qMCMUfy
zRx&!{T}`nuh!&j}?2+D8Y9KDpVf_~km=kUcd1djrdL{0=ajaZhZ_t38jLk@KGWX+t
zcQxx?Q~Kq{kD_>%BJvf2jOq2(_85{=8aeNCCKVun$JeZ&BW5>Iom6j*NF?1PyzHQ}
zj(u0lfQ~uw;YGwxRm2-wmO>~qQ|oESDR2e=(=qg#+sSKHI4~)+GHq4|=5NNs#Pmpq
zSXww^D)QTV$SHwOhIv&b*Nj19;HXNVsb{Q0U__h3KW#A?9(@86k<W^D3}$7)pC-pn
z>aFVA|4Z6cX+%E5KONOR3DF87^UZ7iZ@1=A<)>wrGh4jpxI-r}OTa@lK_D@at2BKZ
z#fdiQYX9{Nt)zH1+5p49J$8``Y5LMqyCmilK27Skfq7s&kIW8wYyI9EbPKe5CBe&U
zQ((mH?srutf(luGPfw;ypR|kfncf}O?;AJ35Qom{&xqh5O)BAIfKgXpSM{O@Aj81j
zRg@&H`;pds$z)WBN~kh@k+D0IvRy|Gsmi&+CA04)^ls>wJ-g}(x=~n7JHvnHj#%6$
z;NnS{G9=Sokp3i>{u;xmZ9SHM#*m)IRVWEB6Axc}Yazy4D?3;C9bsx#Q3gpT)Y;QB
zQ`pB|=u6v}eRb3yulMapuTot&HlwJ6zqTNu$?P~eEFx?B$!^gwv30IC-M`Ltki$|y
zE~!M9(o3qx8Af)e3$;ssa3O~iUOr+6QBMVUIZC~=WWf(!mk?N{pUI=3J65_MKe+{*
zAdKIDj;yGz(u}B30s@e6VfkgH-pFK}F7=M!Vtr4sH2^awk1%}E*U;>Kl?#@)7c{-p
z{jQd>D?Kt<Neb!r!6h0MB3~eN#qFkcRTyTt%~;Lp9jH-S%hbKM0jMqmo3|9RT;*kB
zv4}nIXLJ93xcKf47uVf(XTI7Z@mc9X{ejD$XN~CnXw@qD#TUq_oKjP3kWG>2MGwhS
z=*mIGg2D4(GQ$KH299-Js0kw;ChbD{?MP2=8S<&l<IK~I*^{!n7>@Y*w1Qs&J`MiV
zhI*=`!OXgW<KDx35**CB7Te2vBSoM~0=AhT91{A}uT*j}A>OU><tLFLZ33J-Z9j>n
zIk>3aaGdCYep1l7E_QDcIU;f^l$)fxSlAyYLD#c6(oYg7V>fcF)~*YRyzKp7CzyW(
zNF%R1(3ww|4MHBimr{^=tZtg)T4wV=uY@hI#VUWNQ8`}Bhheq@R^?c)^7=4U+In$Y
zS?cNPHr&1flT&Y?4_r2%mBeg?yJx=grtDLSU!)f_?i%sd>eM)VRjC_gF5_MQ$}nRx
zKg9mZ@oBuE23%v+P&pZ!FH1l6M5%CD*k&Ri1pJ}r`e=!Z31`#GtXZC-Xfi3G2i9HH
z>#PzZ@%hj(xu~aB*P9YcNbAu~69Ca<J?iad?B-k#snAV>q^@s4{X(&O<KJl~(;boq
z&fj?!HNf<Y=+rbaf+-x-&57J}oyo@phJzg}eZD}ed_MZxU6f8~o|R59ibe8X7-@Xn
z3*)^v|F!&2l&|7NI`AKF9QdR&0`j1VU9#={KC-?PkWom+Y_JXn`;6x8IBP81J(&uy
zI9vSs1EFTA(j!{Oj`vv#{mY-Fnz>#OO88l*JL#YY6FMrSV;H(8)L&oToC+x>b6iyY
zEQt-5>6!#LSK4Y<7+$dGx@)+%Bc?wPUpW?~hqZ};mM`85gw&Tz1R5)R-6Z*|%cQni
zeptPCjtwM}teD5t6WJ%NQK>>&{dXa|NybAmMSZcqDlK1sAE{k`BBJe+80v)R!w|(=
zbf|VBI<)vC!G8qTJw~g!o&3>SQFBMg?agrgU*Ze8S0W~{m#b)ufAE*ncItX2=Nv$$
zvqRQs>uuPc<wMJgZkI{-$7l6yHQJW%W6MR9A~NY7Buk+cL*Jn!{lJ#jT0(s#-UxNs
z9TX%x-YuGK^1;Kaqs#0rQ&y(FP7Gxg<}S5T$JPfci|;xWzdGlC4;72qAx<pW{YJTJ
zFIv0uNn?iU1U?1Jk2DfRC*y$5)Er;Z_hr<zfZh+gR?Sl}R-oo-*xQStgJxHW%Xiw}
z*J`Q_Wr7_Su6%~PM>n2*v%@~Dk!KA-2iW_G0d~mt$IRg^manLtMh7wf_BXLo{1m>c
zS;kyO=+Xp$w-<v^*+hzX;%;}g>ah^^70M}U6?{_VI~eq%l#NP#9%4~Q8-EzH_bcWf
zx!iKRlmD#Hh<}!x5}r82pIbVt*LQWxBD8lYCC;E2ElGdHX4MTVRWWZwZY`vu97uhi
z^p%>kl{9h=cSpAw2^vJhdby*pYSkCUAKD0;lKQx>XyXZS0699Ter~n@C9B(38hfet
zoXm%v^*k2!u4Rd1DXTTS>Q@b$h}n92F(B(xY`dm3<7O_)Bc4=NW)!QizME3ZcNRWq
zEU@oZT}7o$x&(R8hM}2_U#=le9KWA^+EnJa{eMb`s&G**@@PTWPz$<~pb{wWzQD6X
zJ$YrX%uFPt%=Qzs^@`RTC4>)08Xic#%*14H!X6RE!n>$ASFr!L%fNpAvE&UjP&rdg
zmN95<)}c<smvd+twWrwzMy=f~4Jq>w0mg$>W8##6&scb_75@2nHRl!nUwud+Jvz?_
zbt4}srP$`Gx}XZr7zQ8O*d6@7R(TW=iY4&g%-Wu)*pb4-9FU(AQ;her2F*iC?<;ao
zo-MY!*!!~RpH{jq=|MIBjSF>qybj*v7J`BXE(^@#7=n9fgH)kD$iNAE!+`%f3+VY1
z*~+n5x21`3yI5j%OQ2r804+yp(sDtcd@h7QuEa|~5p77NT_sFG9NzF&tv0ZbV+f5M
zy+k@0#RGff$%ugMcaIQ981LB@<em8CI57KJQQ8L72pZg36*lnDMZXdsR7915(Il7Y
z$F;FKgvJduk1wa~vapgU$LV61U=v00Bvtz*z}m2|+oAE%Q9UBgehv^c-un8@lQ;9L
zWNXnYb@ky*S$|(*ZU^a%5Yp}nP?<Omw=qXVSmm4r+y{sej4|O=qW@x8FW^w{(`}7?
z+u;3G$yRS#ocxzn6uf*re(Vqk-9i(wPgNc<F%eI^a)?s!dcf}UMnbV2`iDAEWAdDR
zeuKZrg;Ar*@XN^Fc9)@k{usn}YZ_LxkEY*DH!s3wqNFC;<HqJt5+Tv?qnd%=xNyt)
zzg;Xl%-h#;ZMkaXbg8G45>W;5aYNq?U=z?NrAI!-c2ED%qm}01`ExmnUr{#$NgG^&
z{&YLycnCFOe#YmW<6m3?_s1MhH$;Ift$wIQ4YDy^3?MRchInEka7zeAl%#D;&?CQ}
z^KE1U1a7voCtLu8-g;K2ppQ>MpWD{jE<`XDzt$y5WfKk{x^`eIQI8!f(HuEZ!ZCMi
zDSqZk-qk35dJ*?(%XhO&fAI&z(VpEak~G%V2Ly=_s+nDp;37R$DKH=fOc9_$8`SME
z{={J;9Y)eli6B&mbUNLC%viEk&^EGa{pt)HBt0AmFDx(S95iEJi3&B@37!v{D+E1O
zT^J)g4s^$(I~t5cEDFXX^Nh+_@3i&S>%{dueMfPoD^TI{jVt)i)NN6BVku_)2!Ihs
z<NIYayH;fbqeA_`fQnUg!FYR+<nhd_IayT9S6M$FHrO#?k%MqW4k`7579l~`;lKgC
zS`Qe_;tvJQM~`7v?APpGV=}+XSBq=iYT|c)nEa=$0*AFP$GagO`YTV>#D3c@*g3yM
zO{$QLUi3=hP}o=rPw6Uby$NmSyao*qm918V1yHP>Z3pWBg9xZK*j--9!@rnr;zW-l
zxiQJ)bwVhVJT-jdJR{jPC<%4dxpH#6cgeEe{AQ={v<;Tk{B)@2e_5JAqjB}pDA3!v
zWCQj{ZQ4F3Pp%k*pZIrAY3LxWBrr?v>e|T?PxfImm%AS4>r>)Bw~*?K<Ib%;g{=8n
zv>ckx+4JuGT{)6#gVYx;-W6!=w{9Z;RZuq!1*F{_QiSHvZcLVlwxLmmmH5}RmIGq8
z9t6_jx1~m&$9MlCumD;3WSN;1yLw-Xbgl0(D0w+hBheXwuf!ZP?&tOKQWqHK!JAL@
zP>k!~F@KmI8pN#oKwZpS1ehUTHfA+@{~BH8_M5l7Ai)yhh`{cgWH3_l|HDYV<Cp#i
zBm2Pr&i(TIiyg5)k3PG7ZU;Q>3rmrS2*a}6+6dNJxrJ0@)Pfo~EyMzHcg{%ekVYO2
ztcpA@wtPw*2>sQW$IBRTSU;GNYww*i^9l-uOTg)A125*)Qq?EFaG3vR<;Hn)wDg)A
zr#f|5;MI>*eqBOu$WIgDf-`P_we#59h`U!Li5XGZ_GKUG|0Sh(<S{9413pzvZQ1AZ
zZ0~iiiWjWOWql=^a1sVw1;2!<2*qWz-L{v+_4jxONc|pj`{Gdy*!oxX=VYhB!;PHa
zH^T9Y%RMn(uZp~3Gz^jzGGe%zG!D~;^on!s?`0fB-3ZZxUCz@d3x>Q_+L&sO0rJZ+
zw(Xf$4v8!(Y{S<5^GynXGquMB|J0bH;0>R7K6Q4j;My8zT!T?D*UL>fOMAEF1@RvD
z@G)X0(s>e|Zho@#fX`>%_dXqh{#{xwAwlTzY9H71FnD~))C-=!qrF$I#~P7<Drx^(
zzJMXvkMzj_8b^dff@DhH0Io?LY+WDuRs)G!<oFLB-?di`-=EQOJ*2P*kQeBWcCWW`
zPx$Oi6f_h2NWit%tR(WsE_$yItO))$-IGZ<E>APHfm3)<%DHl6w}?eyLkx3hD`jN9
z9O>e_GweUmq4VzXTgz|nS?X?G1F<>{I=(Te!~EvE)H%m?X$x4Ro>H${dvx=f5Y~0j
zE`5Wsz67CE2$)c0n3lG^q2CxQ(0s${vBAT2Vp?|EYPdA_p5J?F<?1d~l)O1nLq4CM
zh6d;PAJ8>mvbJfcAjvAdmM4T07_3KyZ*3QSEW>~GbM_H20(pk%E%>Hua@2}y?=|%^
ztNANUARGBiL1%~lv^7GrBBW?=+508usy7HMGNn;?bON*gY&+wXkwayPLBP{M;laM_
zHVIt2PznUhs%1x-y!aWqHCWGU2C4)7Ft~6uMT7*t8xn@{hmaLRWC>3qKA}`AV}f<<
zfTL-yJ%=bn+>J9s9pK>q!O0ha@m&Ewn(kFr-*z5-QRL=MFcW|nxsQyE$|p3|URu0U
zvluX|X!sQozZx2GZzCkh6L&TO)W5RYo1^q*?wjL#2~bVAH}Jy872wevo_-3gXb9PW
z87`!h^M<t2FSioDAoX54#DELZR{dA@Mxtp?0u@_U7+a(1^Nk7U&w0gjXjQkvpnBVJ
zA}RDfR(4<N{UzyH^L%4)V!VutVwcIU)bO7jU?KO}mCt!yZ!;VV3Z_kmb0xO@#&OT3
z5gk`OCE)C)M&y9r=nBQU=D}n{vS(YUj+N_^vjB0@5}V=kB{uSC4=Z(H=cQlkt|)b*
zmtIECaA}zT^i%-rd^-)lVxaR&gN(yN)Pn9Y2+qCpG_o&jcG@NV=eSD`^zJk3M;eQK
z3qF!zYMEzN|0Z6GcWSAUPf3fk*}srn$%cJ2>WaXHhODL>GQgSBDOioUpTS%<>oStb
zU3uVzL@|C^ws@HcDEs-mEmBRr3Tmhbc3&EVso=A2B%-XRex4bWa>lQH+P<hrYPHRL
zbg%>^2e}j!odwdBT8r9AyR%sT2d%9;V~rg6@L~a$egO)<`|nds#B0Lsc~%?iaeYTl
zlWw)gaC=?M?eVAczm)W{wPOH~=_a>u*B*488PszBdl289Pioe-zu(#2ujRjT{6pP0
slCywOXki3h^PH6-694DbloL0}u$$7|9jKUHyW@ehH4N0hsXh<;U%Kj2XaE2J

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/docker_exec.png b/priv/.BUILD_images/docker_exec.png
new file mode 100644
index 0000000000000000000000000000000000000000..f6fab09d02b6ea518f42aa6b10ad2e61d826fc6d
GIT binary patch
literal 12758
zcmd6tcT|&Gx36)#H>ikgw*>(K8=@4W6j55NQ~?!`PIS{05Rf7@iHe8<g7i*An$#%0
zCI|vTfJh)jYNUjc03i+1b0hmZ<9z3wJMLe1+;QJA2rF;$uB<ZGTF?B=`R2BTk;ERE
zJt86^5+=qs?uv-~?jS5fc8LmK58euXFZ{P7@UGD{k?NtNE5bLwdtNoaDkAbZQJnkW
z58?aW{>Ju!A|m^`e*Nv}_50{1B67jo<i=I&P?xpoc5m4}K?fz#P1p8^|8!sdz>_~;
zH(%M68}a4Pqu=;Dr~be&L(Ds%SC8f8T+tEic%^xEpOf<w1OEg5$NVEdd#N~goI96Z
zj2~Ey@_>1G6sM`_lBHhXkRh+@t$BGo^}vQxNhuUOly_X%65*9;uFDVch?*8Gz#8Y7
z(?=O_0!%@WQpgNG+3V9mnDl#;oA}g-Qo7aqHVrBwmr<wycl#3w`n{gEv}~FXjth`R
zs%=E$Mnic%mmqQ0NPkIxNWrTfI1um6%dz6DAsXTSt?Nb{S5;oV4sd;H%kUuC(ugwo
z8z?lXQ4fhD(NdfEEjM?nH3N{3)GKORRjH7LGe4N88WZjaI<=B56Ju(gGNb4SLpa{0
zVeWiy-^dlVM?IVR{0(`GWD-f1!FBgJ^Sf(6b<f}ZSsOXdMkh`ND-f5!AwZc3ywVVS
z{Encs@dyJw4avD_%s$-8|Jc@7mxwSyDu|6IH~82nm7j1bo%V%d(J?m@VG20OBjx)x
zB_}YCmnTMEw$2zlJi(_K0R3p(MvuBWcMU$31O^|Ig?T5u4xYp$70}I$4h0)=a`xsM
zMJKg+LHjm)0}AF?RsaYH6~7XdQ_DR`y0_Ci(DPJjpp4JTD#^9-BUAO=Gp_wZZM|#z
zM4F5|ypYqLE#OE+DY(+wd=>75CxD7?B$8eBx<4-UIuRZmI(pjFMWv=;tEy-3vzv(u
zopnVKMbxc_Cimto5k?tMm$)_;mrDMQ_4-(q4?4&3YN(06`n~FfW9%1>S`JkWVc2w<
zw)+FuX1)FPoN=vBf01?Nu=~g_l}6GnByXG>{X=Kkh)|hErMnwq*EF;5FsF7w`aIJn
z#hw%c_i%#T@HU?ks&v1!;#M|Okm7G)5rPLSlCt20ewV8`PMmZkyly!EMY<fAzJxxd
zsvu8EPaHDxR_LR2VL<WM8w!4+VYj#qalwuELeGKuT*h+Mx5ci4qq;+8AzUYdRK+*J
z2RG2{5`JI>ca$PNj#Pm-oSy23xxo;m96tf=K$;POarRysVjK>7pgswhU>&+oWc~qx
z4x$e-x?+)Ve$GZRIlLWdBHaWBGWy|M_PkXEcioC7o;q$|WnjX4gZE-*?+=YXW!X6y
z6C8~tdzDWGtj%Nb8P=SjQ&N<OHR@VgZeL9htXpA$*{L)^9ZBeq6A(y7PH=Hn%Na_J
z1&siD%2$FZ!fV)$Ho#7zC4uE$O&F)?vnT(S?QAn0(KqAPb2po5^{4cBIUQudszEGk
zUJ_@B!CUbX@p0f`2V5g32)xf%;VVlvbb1hV6j|guG=`|Eh7Q663>yi3qmZAl1osWk
zxBcH8lNp^q;}1JuLO0TsK-WC)KJ7t`kv`}4WM$nO>b)NP0H<+0c_4m|N>)Q%S;A+J
zw=G+n6)72(uybFn>`fZA^7@O8nNqJM#=7V^CtGNTlc#1-dHk=e%`{^@l_Gzm+52ZQ
z;2-oZ;pO{@y<#;5bCF?(|A_etm>8N6Kn}|1BGU*8hOpmz$r)~DWX^oew;7wr4;*Ug
zp|_(-l)IDFS!kuU6`T}j?X%C<6&&2H$Htg#esXTsO~7WHfi4Xt0a;AOzS=NH?Y7Fu
z3YvC2g5*YRUoabxLq21#eG^nZ1l@4~zVm%c^DCi?eMQ$pL0r1lI;yr0F&GcO1ieNC
z8MBwFi0p!9jHjkQFW?Cd&7P%QLOOZGf;zTv=KfeoTP~OZwFwacR<!&*<9;)*>k}FG
ziK>F+Ge^~s9BV=3TH}IWE-ps;7S<s5MJ;%7G<}_vK4HLev5_-Rv(0K<FP{%A*Lf{V
zR`xi_?0ii0BdO)t(V5L!j(qne=nqDBFmI%!-M}=&1X7C*Nr9?i?_~`TEvWA!AN8(M
zw(6l`ttR;^=XuleX*b#0`DCa$4#?B?P>4~x9N{A=>fVK-+O|gOrqc2Vox!c^j5Pyi
znBNERdGcme1%G;!fiGT6n%no7FscE*dJg{6!|T0rr2db)N6d+dZvM&bpQ;f~7P`eI
zhAaKeB?%Yoe;Xa8zDtT6mMWPxd73FLB}QZ}I-BXB9RrdKT(8^oZ@Jn-(-xxqA|x%@
z2f|kdi>M2ou=2Q=J&v54Yh5kxZiM{NIoAle^ypHH3>;gI0{VS|%Q&+R*cU%gDRZ12
zbNh7aJhYrO0%V@Qt2Ars-_@Mj*j7O;J%X%c&lWS_%24m~OCMOtwPNP_6!A02PuxbC
z%UN*?+!2L?$bKGYzLbXb%?!%7S#U4wprf-$>{)ZrP8{4TpMCizvuy|-P}_sv;stAz
zlZ@{3?~Ok!4Xct38qT{`Peu=We!(luP%B!5lLtUnc5v;#v!yVQoHcgik=!*6Nlt`~
z<du~jvJuBXjTv7lym@h4kf);bhB8R!&NKoP&zx?Er2(6G>%Jg#5P0=mUx}|HqAA%D
zzzxeAzRj(eL=M-7>g$)zlMA6rauHiw(60u_0duo<{4H)J4Xz3yk_We3W+(0n*y)FE
z8%*T+DKOartVb(CY|+o1*9s24EBp1<*-BG?fb<iGB*so};?lTraEsF0Vq>#=fhV&A
zUB~t%&I6MAx?P~@x!;DPmGYIPL7ABPo*k3AgSx!h9=ND2t2D}o=x(S)Q(C>Aw#Y=b
zco~?k9~sC7&d@8MSgGd`k8*Ml?{3uU&+(QFYY!B&T<1zLR*dc=2jy=gY*>!AQ=d&T
zuCnHq)P#eN{Lz|Ro01GjZ7v0Vf>^HsPeFJO*?uxE>WtdE582Mt-p2KdvIu|J<SiH+
zA{veV$x6dr;pXB&#~1B^*JzEgzIEAkWukLPqCjw3!Z6KKmI(V!mb7HqxIiOc^!qhX
zwGKD&!v+JuO}lGd1bPF<x*EPl-Bvl#Qk7bFJfV7lPOI^8kel5L3LSv#Gu^`b)t3wb
z!nupi1`Y%k^4QuIHbbSRK&N<V4o!*|og@1S%E9{9Yu%E4o_CC9_Lff-6+Wm7QWLaG
z1%bVPvO{2#Vg|KN_^3IBF+qzOR!uZzyb4qAV==9`vL0VVc7m2DXCYdX;xmZ}j=t@s
zD^nlmb6#QeeynH|#u0y$v5d=UTRm_U0F~*J0!x8FnNQPCpIpB>se3C0g70(B(SihD
z>c>Nl_*Ut@s2xibnrO@EA5)AsTdf5O4NgyM#PSqQWaKxwb^3jZ9Ms(C#bJhf1LA!=
z=cMc)2(I=Bf55qZ3R5g=Di~#S$s#|88NdHAA`@r@%*!@L=0kGFFKRn}ms+nASwY#4
z(p0Q@%*zPmwSiiQW*U;H%cEwvvrK|oPaqJ>YqDM-YZqwA1`i9&kcLZY7x?n3M+~g;
z-mTtEYywA~*JRv6m!zf?997EOHEr?+PqHsYY^X0L1k5HtqlJueab(LXv!4c?;bnBt
zRO}7zH28Fv6)+<vk?h5mvYo?~@2SPJG*=Hrpr37n{bM|y5!SQ$d}Odr@PZ9$EILs?
zEHe<->2Og$*dp&tetj+b#O174*5_(P2P*fYo*Ia?+6K4;zRi?B&XChiwuDu?xssEm
z^3Lfi>oU&|z4eND40;qx&nedaqSO^niHlzJGiKq`19=<8z<ixX?Vy=IcEdr#{PKfT
zB^aVm<?>7|AT@vERX@%MkJXv+?(^V_7x{A2d|1&0<gnwLF}#P2F3ke^mYGKFw$%2r
z=9zj9d?Z=*y@m$!TC=Dy7dv+OU?xI00Ak~H27<+d8r4+!SOzF~SAGHk#jk%|?waSR
z#^8ONlq%m@5Y>)@$(X`{@}odWJmYE_9Bkx-m#Yfqy?zOWqO0$527*rYj4vI}UrF%O
zyq&_kDbK*<9c<rwl?Sry-HMhfd&-qfgJ$WjI^5(y9?WUy81^GqxqejkUFDx#^`#=O
zoVALkRU;MAa?#IwWD=nWUPT7vhnXn0Vhn>iaR7NuF#2WhVUG->;wA%G{^nIX0dl!y
zvXQ`p=d|&c?3=T|##vz>adk@9{p>HU!fFOBW$yxLx8Ktfnp`-CctwtXRhP<Gbaqu{
zmj#Y}3-h>v%0mo6^!B9l%^?vtOU-zLD@${Kd}{|gUB!AX{%&mebY$ZbT`GNM^bG7h
zJ*<g_O9lwC23>%WD}Y=2R&cJ>mx>YKS^R=KF~o*-kZM#+&VyXKmy6JTJl-GAWOsV1
zfj~U#(eBBGu$8<I&zKSYfK!44!+2uP&_aUU0mfvp1-HLx9+z&Uj6A)xb^D%VMxn)r
z?qL3}eQmcH4CS-Zx^pSR>N+Jb5<1=Rj%ka7PVZMhv979QuTPDjG;EB{uYF{}fx)TH
z(5a75Uq0!2-D%*AU_L2mkmmB&gB5XK<gG{SO?%Djrv^d1i7`nRKd*a+2=HG(CVl2B
z;Fc8uq$kK}N2ET<2bDiA@!Vad;GmH(M>`t}BXcvg_$;bbZ(kjB5;ItzH&Efhw}e8v
zwKrA744MsOtr{gGDU#j-b3B59MSg383(i$3Aq}JjJe&e$QgkH+Bo!JZl|#;`HXc4u
zk0OhxzMoVTwBFvj1QZcznqR-q+1qrMZP;q>>x+IV-&e|fwZ%nCgDaOa;$L`nh)C>F
z_^Z+k$V|6b*dmSfgS5gI&#%=z$yE@#R!#5$_1fG8X+v|puAYkNsVL9qX9xTY#bv(A
z9Z=HvyBc;)Zn8|f>Q510qaaVR9>lhzesADSUXI+FM#oLT>lgO-k};Cn?i*c+BpSHm
ziuks_cIEn!Jv+Bc4|nZU+b)Pmyb*Jt%Zz-7Dd&peDSpQxY}*H30+&mNUDiu`RG=Rk
zhpEUl8tSiX$bb}1s&TR(hM`4~e>HK`D$vku^k*fpNaCr|gT@i#TXP|bQOp#>1sQy_
zCc9I%Kp|FhJj7mXJWqgFtDQ9hLQ){WeX%SQE>Cckak39(NIO@6VTPXZjsY5zz3J>V
zca?pCBa$@Jd3j`P*d;KJM#h5-UTFx*M_^}V8RZs^+-#!uvNJBRgJ)ZWR)99XqgGWS
z&GQ8bRB;`s2SHb$+?mJ1+3}e}a3cHAJzxpaU;&M$@;GzAxOcQt9jLI~-zztsA0Dww
z$ggx6+l7@FA3>vP+&ksJz1m9%Eg$-kN|(EWeU`QqXeWVnPR7q^D!~Wk7-7@{orn$5
zy-y4Ax!N2-lWI*!+R8%?72n?O`wZ0AO%i*=ZFGstZO;sP*+wAs2|lq4<|x;KgPtzl
zewEEKX>Q<Z5&%0Z?OBDOEDO7x40yPJPkj?gMJMrx_zO+#@LxXKU`rG{QD82LPMNQu
zaw2Wug^O*Fm+MF!@H#W*NgBMCfAJ~bwv_Bq4bNxK?}iT`Pg8qCAYlmD3u5nHoS1O4
zuEtv)UrJQ^r=w04mfAm(bzR1F7o&Iuuf2>j1d-Fmh@*9G^V4^y{C!QfrfVwY_KHXC
zSdnYQv}R#@6Ro2w(D>Ir<)R*2OU%N*vgRuc{rJ^?pN^cwzIij!>WF=KPI9Xlf2dk_
z&!d@;Nlchd`WKkV^$D0@eXTbj?1PRe&{Afm0tx7wFrjj`5IhbQSP5}Lv?puWr?1yC
zqjDWsws#Q*vjmvbJwZ7Mo(PXTf#8al>g1H4jHDo&Aao=3OOMR7*D}kf5!m#&t-@Q<
zO;mgsZ`TwwlpR1xWDzavKe2W9`|~qK;Y51096rMU)C7R$RDgnMy--Lq5=QMO#ef(r
zQY&JN4^b{tNFzx3^G8v?tad<o1f!2{SPzwJSXh06v5%GMk(0KN34eN>w(KxuGw-X#
zG7kc8tx|3W|7IgbQDqxz|7Gc}*q+nC`V?x^z-A^9{js0)9PUsmN=h4`VTb)H5|J9o
zRu!MK6G7xpUVq*sd!Jd-E$_NRk=<~gMbKjw&^M~*<=zSGSqZIPMM&Q)?%RIN>}vpc
zMxh>K9iJjNPO*aJt-rx$4NwV*6_F$E5{sEcTHQWNqHP`(K*a$EZIKmW{YHTcLeEBH
z6u}m|*Sn^w``*>3PGhJ3It>-b+w}tphqx`w!$)<I0bco_<4e#2NHYf4!NBG~Kzw$m
z_eU5IK|@&~sn!mw?ET@8moOxYR3TvhtWX%D((-{?G%?}mXrSsA$0Vy-1KJhsaS}as
z7cQpPLNh8~-LEcSS!=BZiFIh&!Ha2>=RSIGyXIcygT-oVE6CqmJY~w)=Q&-@_dp)x
z#o+vL6F?7q!kFFCb%)isJqQHLYnE0(Xt|E^=Cp|?-!ttooTj8a@-eEQ^owUnI_?Mb
zEP8WT4wn}DMFq-l>c<tC<Hi%cWNirADLP!O74FM4L3cjmXl%0d4g&<6G=YRiI<b~4
zp*KPn2R_rHE}gDcPFyX%0SGD$>P!>t?`534FIZ>qFN=r%WD!*HKiLXT`AcCV+9M1s
z41%Xzrvg{GndhKfJ-nr<4R4n|@EQ_o3P)QY=)yDXCwF(>FJsXxHAG#+{W+kmY56L^
zM@OXP_|~z>W7^($o9pPHzm(oO2O3@UfA8jDqNEr$ZdGf}t<>$=x9Gb%qPSwsef+2i
zz|*1{;lcXYx9i+IcU!(=d4qP|yT|(N`o#O+8p8eXlzmfBMck&5?IP<y&Spn~+9{|L
zfpp+D|B<IEBuls7YHx!zWesm{AY37Cz}^oWI8n2dfKN9nKM-D!_=vh?x{$V>>d?j_
zw?INS6*3Y1OtDb~Kb9yAWV3`UghUtlrIRWEQz6`E%;<atD}v>p=&h8y&d40AFz{1K
zG2Rw(e97|)U)b08m$gJ4tP3lHq+>sno~?ii&0ya%d+lnOL|LL>I(?6=g#L)hCy-Up
zkJ7)UXGgq8M_eP)Upb{$<8dLby*2#u^8L>H*Ug~!`OAjf&j?xWg$zFgH_^ryuG0se
zzRb*=`tnw0eMRHgZ(E?gTHenn;>L1<8|KaTJUX*I?0&H}l$Zgx3}ablO3OBT7HOWX
zg<7&gX?}YanK0~S1ti+wyEUP;oFpY&TRy*Cr{bURz8~elPJ^?UmQQ$n3s8UFmb1d?
zRW`vKUx~A|Y$7wQmY}o0Cb=_|Xlqdb(SA>5>qOsTUnjz8+)*MyQrK&c6tYC|0DUP)
zs6cIW(6m!@Q?qna%9C(|(WJ6PsVw21)&Q4TeqPfHphkO^8G3jOa*YjEhOTw$wF!5K
zWRTD$zALf#_jRCYAR~2y=nrD=r1pL-`>>xp2<>ie_x(00>1RFA0>vhcKxJ#7Qs~Xi
zJP#TsFDNaMEp_ih85_Z+q{1!lvn=C_1%_+Dk)*O-XJ{a2D>V@)AjT$w7!~K0p#!Vg
zyannk3W{c&1T+fRE2v)NIztI2c)&nXxm%+EKeh(~(b5I(h3N<amwM}1^R~4R7BS>m
zC(C<Ik8mtbo2NzcTj!R+fWls9+K~F-mOW4b1Ns3fPrVhKepgooV<zjB?Ug$LEtH)w
z+RW>7YVwOv<H_1)E{fwM@PY;UF-QuAv^H-qQbNhnw05j{(sXJk&+JbV89GKxL(Xyd
zQG{0Vy!M)j%>0H{L>^*L%D_s-rk7!a{gh}>Z?}T-gN=uDY(8a6fW@%unoXMu?*#d4
z8bS8sVSd7M&=!$xGH=}SC|7le3Xpdcq&{AhK08E@n3Mkmg|h5SX_jTTpo8>7L*VWl
zL9^?^=Ik`G>K)=4H!%In!O10(pOXQCbe+KHK73aozLcl}&IU}~wSoRMvLJ|OS#j9O
zW!HC5M!a$r#@lEhP&;L7OfuvsSNO&4qp~jaJt2|#FD5Fn3D7+t946s4a{v7=*<H9i
zj_<A8E{JHpe13Sl^z7C7@4s!AzW*uuOU4&oGM)d)S`T+@-}*P!dhq|gvUfeA4x+7s
zKA>MOrS&oqgaQKjN=6itVZ!(`R3jd9NntHv&XSxct0EB5IcEfP={p8N?($kf52qbv
zR1?%8jz7iWWfb<fKlgAMWLkU_AneqA-w)5zr+#*8zMUOfuldGFDxB3#hX5kt*>a^x
zk>Pr&^<4@@TUz0~&6-0omvvkviu~?X02DHrzU}#6x2m56Kb<CkR5>?gckRAl=81<w
zrm8u&fqs*1Vo~eV`v(}ma20>R+tAGM;{2Dm8Jt)RrFl`V%hypyJ(YilYj8cJ4%zoJ
zZ1jhP%jPkYcYM2Z)_PE4H`zPu0@yz=9qKkMb8K=-x^E>{)KQ1SKBA&*Ab#o?^stP^
zu3uAf%(xp<kRJ3et(#3TGSt&3sOu{JA7XbhjPd8pZp)HlnEY#})#zJy0G2R>Yp$<%
z>F~g7)@iUVz|^2(%HXvM@6M0X!lX#kt}0iO#m0JY3vYpZZGLG6YR7NsM;fCy>_!-!
zI<F9pet-+#X4<#@H)3~J>A?F~AXJ?)d2VdlVYZphqTvb~Pvl6(1gu^HOj82WK$Ry1
zamnCl7*wMae+Th^aZ(ED#CE2LPa`d>*nuMqm5x!0cpKyw;+vO24C4?x1wpD&KvGao
zx?B7CONI4>Qn@7BTI7;Of$oKIX@DcVH$X-^eWZsoU*PmQe|M7R$HE~~bv3Y+oa<V>
zmbV9<vMbw(9dwdseGl{4yi|SVTk1kL0fq~p1exeeFSiFq07BRYmL_daP%7VT2Olao
zq6(Z4vDBZD5oanC6u!NRr4j589{mgXP}f_)xfANozn2a@GW|vmf;{CIj#tRIxmi7z
z@D2cV!05-$AM|VWFo128fI_H^y*2wwLC9oj+v6+9$OuJGNhJ;rZp6y6P2l$R!b36#
zCtGIS366Ql2lQLVQ^<;P)*;;Ah>a%&wI9GY!+2L(w1$xO7_u_{6Psd=(97}h_6Q;j
zk;|Fp!C+LgI0NNg!u-PtDO{t^PDeM6zHPc5QFp3>qGbPg#X&A8$9||lrZ@ak_uk|m
zZ|QtvQ6(?O3fFpez~!~n({gV=?tBc`;pG+fZ5yUtLz3k@db*$MAi{9TL$q|KBJ_{j
zZ#Vyksv4Lf4sB6&KGd)oH_@BGhE6?iV#3y)UUvKO{4r0Qv9*Z?i5hZOkwhw5c2zP?
zPA=_LRgrJ7W6GE04sO|^rQm0maq!=^7`kP*<BSc<Djsx?w}D~XrXjU511X;rJrmci
zT3K>`>j$U`s;;IBRX2%Zydwe|gc#rHm*=S%hP}c{ZPjH|OjS~7&f8u0u&H+{ZD4cm
ze%_J4tQd0C){XbmOTC@rQ=~J!=G4`uSTPnK->i;?NaqZ>>M*7T^6&H}>b|(sd%N2T
z`9?QkrS|XN8bY!|*q(1e64g{ovGGyV6xc$?{Y{MWAO#wXjZ7V|%hZClt=I}6htZge
z+S5r19uZ$T=;<}f)WyU%FjGtHvFo=(udwbB{G4U)*cYMRM^b3%AUi&2)wyrn#3Y6z
zicxStq){ao&e^jucC3ZzdiJ&+iSrX$`uhjiooXc)CX$E9TDq|R5d2_pnc48CrU6Ed
zAydhQ{-#>VSc<LoT%&pIi03+@d|z(8&++haxj)*uk4}N;&XLnkrtGr^N_J1oJjkYV
zbQBuw=WSyOxoa`AWA>Zpg@Anvs>$&TUl~xT$4l@&5o(4)zq5`9th_Nh%@sxAROcfi
z)#SjH+$&j%2ap|98Ubm4(bZ#QA^qI+ZFW?D<ER}Q@an{74QvXNk<;*zv90k{<Av?N
z(xvRc8AhK0*_quw5l-Yoqs5Ldt~{coJenY=doK*iuzi*SKSd}mY2m(;+%*vMhSZgj
zw;P{B`r<5bteB*|2JwL**scb+=1uk>Cg<l+=YP}HTpT`WtHRzK68~?)nr`wx!WvL)
zJ`}E)!`k<BnyE5Q6-PmZ+s-2EYSx$Z923EfFxEYsr2faE&Jk%{BHQX>VfV>4K4B_}
zZ6lNoZ9xB6k$u(R>UEF7>$ao;ollH(_b&d~Np4*jLtWDR7Wp;F6IuCfVrD@~#RBL^
z;_a+LI9=$~w@657o?o>9c>)n;dH*I*{Vj%X2kTuaHqem!z1>IofP6Z?6O$uDIFM=}
z8Nzp<5`eYiq!<7%y7)LTO@K`$(k=V7!?M`UHU`n$J1Y^T3i2|gWOK&`bq)E*+1hkC
z9HLwv=uK^-HyiJuY^8#X`AQ#<*eJD>rLUTIkQLEse!;wlsFNI)HE^Fh!{5Hftc?2t
zjeMbd8<{H;3!7(42&YN2jIn@Innw!QCn1x^uopBW=CY#{&lKt^;|Jh-4ng`n?o4~I
z@X;;3tnFie>+WX5{S<nX-^vXL(zlA+i-BtN>t_b;cmfgDCeqQaiF|(eXNg;SNg9s}
zc-F0%Y`N0xNZsS&^1JY3)dZHB+&^r=9P*$1<%|3m1StxCe^a1rN_IFm-}nb&Bl{fQ
z0>Z9O3T8?4{-Ro8{hkjz>M9YD$J*h*Z)2o;+};1&p6<jP-!46S<@O5<#?W5AQW@mY
zJ!rMbVY4WHnC_73ehfKBGnhMo-U$^7HV}9k_*Zs<h{(@(`|6gjzP7TzfC?EPo!1>N
z_GSJG#xCX82YlW#Prw8E()l@ws1p&kZzbFY4kCr;wPmk5Gf;gakhN6rv>i|U<!T78
zj+63lkMw0krTeUUh$)>W#)Lf0a9{iBAWDgtU#antQ|l||LmL&n7rRam$RN{$@*5ZC
zcxUnn>giuNpDU5E^S@FkL`42PCKI-tNVw)u<DeCB@=T<vXJS?H<;0l9TC<3r{_FLL
zOeFhzBEsOE?*R=%nb&wC%H19)U4~BmwWB{~m3h9{u14gAwfT-Dl%N>~OWv(rYvoWw
zx!}@}f{>9h&br293eU~Fq{z#61^Tjm-9yPiAO3mh*|Fg(abbpi#_YbXM~T%7p=kM!
z8!vON#(vISlTx@6aZ)B0v}Er%1dMmvc(7{s>es}Ih}=FWZ~o9^OQ@qh=Ehy|o2W?(
z%d7-A71au^Tr>cgr!Owsu0LqP_F%|2Co^{>M}-2vOlluQ&eX7SM$me{OKn#&iu;dL
zjQz-e__U+WPT?PI@B2I5^M&rGV34+C8q@j9P%M2@8t{)TH6|8c-+o?1;(_uu3W*3c
z!T&Ef_5VoF#;!Zn{_mxktXF@gN0dj(s%Dsu;$=Pru!0UEA5XPy30KauwukQ(wL>qM
zyVn1cP4Y0a=WQhE2t(K6B#Zvvl**tU8Do6qJ&?h9%5=E?8?y5}akT}7wA+lk_~&1L
zrw<_n+$QI(0?6MNL&DC-v4v3k?B?Ht4<DgC^g@R@Y~gg{+6r-x&5T}Q0PWr-x)XS}
z4Lz^DN`Q!Wr;MShQp)*2#@tr@K&C;{WfZW+SK{5{_4tJ#izu}`FgX6uA=n>(y#tD`
z8Im_#4TSh~cd2JMxv~fLYl0uTbYqTVk3kz%y_In4%e@NHl!2F+eHjyrHjYF1)abVa
z>J7IwPh5v7WbAsVl3vzDNcgdU&r<5qZF*pKf^SPzo}tFc#T@!t+Zk460OwdW-RJ=<
z!H{}ZqVfNj&cXI=Y5)CLM94G@nDQwy^sA$RjzSgqRIj8N^uoUJGB%&v_tme}F2p-}
z3A2O-CC<e97#!{YJl_`7i?)G$j^zSOHxEJhgSn9600AZbas+f3?=i9*3)`Q|XRih=
z!Q)Kqn2g%oR<8FebOATABmwkuD+&fqIM_IN6zR`rRs*vm1iwbWf}!C+mt&T?N^|WC
zFHHWE7BQ9%dwOH25hVl7_7(B)Z1ZWCM?IR#G?&FC#snM>KYasZ7cZ03S4S}qj<3g!
zRc3*EPd*F~p0_{#BR8V(PO_9RYX;RV)Odmlw}#f*r&cU;{XlQN)?RD)B>;cwlzbJy
zQtpqUtrb*4B9F-`4`q1X@i*pvSgYibjb^{F9PRlJf|STiUb4>$80vI*yfs#LCxZLv
zW(YAQwCpi%VCldNon*1TX?JmsPO?>>S3bqd@PjX`{*xmCr1k%g9Etq1!W@YY2kic5
zjzl_LcMC7nu~&Iz7EcB5i!th1HiWkze|G7-gM$W^q0#HiXLK#yfjV!eM_hkRTk~6#
zk(WaXX;LZbEL(R2ReR}{0tmgUZV2{{l-LgCu=fcqc`>@NNXX2Nml<tp)3Kttzjzt`
zFJ4~$4_^NKFJ6BBZ@j#mFuZ<BcOX7)XK*B~S}|`)t=Sm%xj+U>7K%v9ePZ}c`Fy$(
z9g|Z;aoY7?ak&G@g!yt~{vDT<<Ytdy2{7#+3Ws%1C`&k+OcNVUM=3sMSq;MYUt*Go
zZq-FAu-N}iHp0s96Hz7k%s*0vr0E!?nsxPASSj$nU|Ml})SWYDYS4Zp)(ta<M<lUB
zy!8k`VHyI_ui1Wni38c?3c?S*ubi+{pSOgCY<8F|*_$}gSZOINekO5yaBkbEp~|ZG
z2y35XO5uHSjfd=kP1(1Q2C`)qA-Xt!-@bCKldjbRwV<97+L6K3I{=M{9^YkRLP2aP
z<Uq*L5zp@5eaM<*I$8!P<3xb%t0~K9*3DJ;6!8&rRA6g6Xw(-UZBOgXfiTFP6xGLp
zBXR`~8;sfnQ`5{FkNBC)GP-qeO;qR3{zhdeY2tPN31?A49ITPsNfrD}HXX7s)%hw6
zn*QY5f~vp0BBsJnH9ixyciJXnit%S%5UK0<&tEH^AgGdikYCt2+mU}s^KTh`zK^Vy
z8NXy=?ZWW)-I|9TF|2lvd1ULU>AWO*9%;$uq&?cgWc?v2!4YF@US?RS!zUVY8y-Dn
z4@}>|KCdlVGXk_8hi3raF2o_?;JOLAW+~&E|Ag5=OC1-zxkUd|B=7u`4(czDYK7-3
zi5`MmfV{Bc&Fwh**!XT8;Ei+oPx@Zs@3XSqBNO4pg^6hjXKLO46=+8}4ESUV1MR|@
z^cVC|-*(ny<a~sNv+jD}8#(8fZ&o1-h`neE?|kiN`k?ArZ+lzcM=6JcctT?9c>8gA
z%@9}^`9SUJo8>Z&APx9!_(Q3dWyzfkROJJ0@2T26^q2LtT%6N<b;ckwLAI~dQaibK
zMiHRnyrf{LE(~u^+el6#Fb7w(&HP@-(lmMihqIB#2_Vz}qbq|SN)*g|zbt;N4RVuH
zarYZ6k}b@G2t}_ihjq#-gA{nVvGeWeK8v~?!Sir8l+c5FJ7Y?Zd^2z#)i$E=37X=O
zrp-~V;ta>P_hHICi1@Z>9649_E>uP9Ad*OqVGpp9Ai$NYCN>5u@k$Jy4fWH^?yc?F
zqIuSf)=Fk+Njg_)kUGX3(<L~iKH?)2HZkVF(ev#mt6{vF6W(J0mt080*u0p7mep2F
zK<-hcKqK_8@NuNnd0q~8Gu9%5EhLcceTWE7=rdEWhs;L!xb<m0RUwFLYxOIg0n4v*
z>laW^k6N50h%IhK#;OP^PGeVKseV*-Mr(QG9#$b{%K|v1VS&$S@Nr+a<NParY`ruh
zj33{6^KbFvFX?@Oe`kNhpBv&;v<;hG9+OOIdxR=vhFKR-DpL6D-}-HL8z9BkukeC}
zas32x%%51?mI*kvGo~iINj0T7R0|Fi8fs?iSPBRhFW{3BnUAA_mac2tdGAYqAMa~y
zgglZYP<#^|oI`+05#^VDnYGB28LgF2tPp9YMCAl~6M#aTy|ex$OZ+u$8?DwA7Z1;`
zqg2gRI4qC|UMO|dq>mnS`GSfQKKsm{=BV=z;%(&3HvIZ^p>y}2boK3TiMoaS`eAY}
ztQQE%;#w02X>x+YbEVMwk`T2F%H&OrACIX^kG8#sCRyL0_ub>Hu_#rck<%z*D_|RV
zqM3SVq+-;iOSd$CCh0AohpK|P^y9A^)s2(B!hKux)OT8sshAW3+8z-@c~K2PpoTfg
z6B&NU?x;JB`u^Jt-w~<$E&ec;0=XcR=)^E<Jqp1YZnS!~UeLXl(zlqWGvIU2Wf<&1
z;xg%K`o9H6nWv#ouA#56D5eXnqcu(htlyLD6x?D0TaWd|6%^WaPSAEZtX(ya37(q+
zwW?x2YtIR`k<;I@s2!p|c?B&pEI6$pU!!rYruJrRt$KM^3OHZ><Iv`en_$J#TV7(&
zl4?M_>35(4*cgx($T_l!Ig#{*e>-?x;o#<e>1|J;%`sN&umc7xgc`A~Rf9GSm-0k~
zvOTsi<o<Ck`$`M2S0U}&QKZ|LnJ`+ZWqhzSq|xhksh-{?-cZ*0lPlymL6Am|+RUpZ
zAGzp81|Qis-e)%?U)#0~!v09N@QLt07nr=enxy&dv_(C;_qsoXOvb&cbMkKz!_H!4
zU!!g$!=2uofAjNZI90oyx4e-dkVUaIcmkpLr^60^|DaIK8`k@%lpi^n{W;*rT{(u^
z`4cjimcN~!xkwx+-6>~;3#j(IeX7=dK)txY>0>A;|E5BgG@vHA=P~WUlO8h$<s^1i
zZAHH7phxHr`u))iPl_<;sC!Zc8b=|?-IMsR43;27dWNa%o+(w;JH<P0nm9ee5hfK|
zI@T0qyeey{FDaiX(MixJZFlQg>$yos;VJ59M5#>lH4A>_%1hd7QG=ec12?OZglzad
zN*du``gyM~WQ+fv$5UzkzVkxKNtZeZv&*f=)X!v$apjGc_rfY((fim5?LVn?YTkXd
zrUSM2gL;AcRI+A=$FUkN*4+86Yz~v}FQtFP9o@5%`MmU{->X=)>^pPWgLn4|;ZO5^
z5%pr($v;|DQ?AzPrAaA`-Oo5D^v<?d$&}Q%{FB8jxyNBe87<2RlyT#8d*oahjh6G$
z#}WR3=^eIEPV*tP%V(!ymcGYM0KY#`Po1YfXdSD)U&sG3;5%$)kCDF67oXAbJUNS?
zVCM~xP^Z+2o;^AcpImB&DPvAzHcBw?jAz0$-9S|12SpRxfO97=n{QU33f;mEZnq)C
zetb0QMElDnw<4XHi`d;bjf3=^=HOWiHaQtu_2qZ{<w7y17YaYhh2fylVTzTYa#C_q
ztJZ&xnKiCUsY!P;j1MD-x-EM6$ct9OE@)&W&7YHLpDH&--;+kME6Syn4$VpwLpL6r
z@<vZayM}CH5p-2WeOJ@95K^$2n-M@M08qNUWPVofmVLO=P)xH9##D)A5Zw({26ll$
zebzG4o!S%#@<kKL*r45(UxR*N@fP{hcilE&2I56(z_r)8$Sl2)QyPJV!V}r42@<+~
z(}N@QMPq;|ry{r~K%w_Ef7ERT*3i99!B(Z!SX}*<<oWiwD`u&SbMeVHf<qs&<s`eR
zm?lf9@|tmiiWTa%Yxxr)Y){higKFUsA({m<wSZw~#S<$LPH!OhF7tEfwlVZ8*Fhnh
zg~f_IQ2HQ(9u>BB_4%@t_Z*KT*4QICg4N+rEHC!XE*2ohD74w)NoWE@P6>QS{*~@-
zlpnmga|A@cu=5P%uk4_eTaNN_4OMHxUHl=i^fWu|lnHf9DCJN!T-dk(V)o$NZb=hl
z9N%OqE>Cf5Z(8WnyPFwB+Y{IXbg+bg)%hGaaIUfOx?nCrKJ%y4!*ykz_nqtZyihB%
zs_pOD-D-ZcztNSkrAR6*s{c&Kze1OEJg$|`-TUj~ju4;Yq7HNoYlsH0H&@k>bvgqG
iFdW@}Ql#@W7icqqJl=V=>-4WXCO0i^RA0OQ;(r0Hq^#5c

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/git_clone.png b/priv/.BUILD_images/git_clone.png
new file mode 100644
index 0000000000000000000000000000000000000000..d0b2f924f7cc98ee96907e83523d0e1049d108b6
GIT binary patch
literal 21588
zcmZs?cQjmI+{Q};LG%!WAQ8O<QNyTFqxT`BMvorRW|V{=(R=Si7or8DL>EMlHllYi
z>hwGLz3+S1{o}5MDa#qoKKty?_j#W0j?vdurzB?~Cm<l8)YMQlBp|q@fq&k6hXnsq
zLP0Mb|3K(#sIE*<H^I7(e{tJM>7^0@L1O|1+Ljpqn#@bX!k2)6s{h|N;gDyg0|9~2
zzNV^@@w->YUGi>LBUh&&S51ZR+dL2W(nWore(H(2DHx%o*Rj(NsTc3(8oeDvOyZ<P
z!hKF5DxGB`JQ}JPgBarw1(cd+ABEjxt)A;R1X2f^&DB+4rfN;yLT&6@tAbC1%uT+z
z&MkdQ$1dQm53o2K)bqCZ<Vswe8EoKZFW`q>{Y61$cAVVVX@<RbEg)8^dSmXF2E>Lb
z%C=AE#{y(6RvYuBm!4hQLdg#Q9#hoWx}#*j=-qzNPox4G_y_#g!}BtZ-i)mR9K#SC
zDJ(2}0ShK#&&S2q4<R=nd4&kXgH~f6V7%AbmT>hq*QeLWnHv3LG|i>YIVwP?)$dsE
z0<`;KAO)8j;-3PogU_^r*+Ho1I=FmEYANuA{X4`+i{~3G^E+@*<(Ypux#8F8vXbMx
z#Tz*F*#W>W)Pm7W#B(4`Q#{Qc6iF_YJ9iK)b^b*z0ij!xG`-Iooc6-(9NWIj!&}47
zL*3iqJ2u5nEty&nNBy|*ayc0rc}uxY_UtcP$9os512?FAiVx~su5~;i#tNg;gteqi
zs*kk_Qr{^@Q@<<$W3V+tNlHVzJOrua;tJQykkBo3;qEl~xD@T<AE`(^_J^(^dGr)?
z{*|rvjo7oS#ieP;k|m?u>E0;~9TEpEl(1N!LXUz3W1d|euUQ?#$j^T9IteJVu37d)
zQsJzvx=cS`8~`SNT>Y+n($nt8DH(s!wf&8Mp8E6GLJa^wMG0f$1&{~Q0>=DC3z*_2
zTj+S?l7fsTRyILwa>GAC0m_{~+6Ty{KggWbKYX6cNN8juS4%wK>Cjl@2(dWi$JSV)
zc0xbgNVx?Ifimny3}&mFB~UM5r<K13h_rkT538&7wAcHRMY)Qa+%VwNaOTk2YvCK4
zv$?ENtYDLpn10vMzPnGF&87LYvfG|}Z?jPv(zx{QL+CLgS?UW5_r@u;wp}o6=JYE|
zTb{aEaMUd$d59aA<lEDMIS}&tKE1cUo!jhe64i?h<cw-<qR&3%iw#mkn>t*@1PG2`
z;gvB#Tp7N80R>;|0(6Ed(3r+Y^MFs)vTd>~MiuYUWnL&QfP5UKY41lH=Ys^dwOT2b
za6Wo-7{o}IH01Z|w5_p>j!(%hW3`@LW1}FxF4K2kuqD&o50_1U>>NzE;B>3c8_>H4
zJRryugl7wACZZBLW7^GXxBqi@IgsfExbG6Ukbu3zq5aus5Dd~VRKUQ2@MzdE%w*qR
zE()Ib1!C!(_fR+{FDg0d9oPi$6fsgJP>fL##;zdsVIC6(aPoMHP&hRj2844Q>LmI&
zFyHz3xx}Qb^j>QM=9B(%8jUAx1wF&Rni4t-SQ>g0{dV)v&r9O2A9k`JJuR)b(XMdA
zgMv)Q`g)_8-$8aYbI4}Syh3v^WGJ`ZOC`2%r~U>iWWyD<{J0VPB8?kr;(LxVx9Ya=
zey>TMR1uD1OdOLRQ-*uTa61EsJ@&GAQq2sfxOP*JpV)}tZ;NsH+Seo5qFuZ6G<8Oe
zmJ6%udNR$<vy*3eZCqu}KSKt?I43EKcXKzXwZfNZHnpU`ziqHt?o{qBh&i@4oSstP
z0v>V&$%RYCdVkZ?V&MB#g>K78eo``3rqdvU5GYpc-q=DWZ1{Kz&R<|4V0AlxV`?!l
z>a_E(U>NZt+!F>c1C(6`w3`8ywlT2z?G)1wRhZc{)4~4R+hdQ?6(|rfbDn(Ln?_-!
zA&kT9Lg|0qQw>Hq4~9QcKifxE><;G<$Tyl@WI(3cAw7L>CY^lH1LnrN;&WJ)Ex;38
z!=lxxaNOsQI@;t*6&Yyf4GfPwuK6YPXOK5$^N*Kyqg$3*Yq~StjD#Q;O(jEPpbt-7
zX^-P{%1T_d-UY_Pc%!y$kbsM4ib<>gvR2&;qU-$E@-tPgO$y1Wt3LRfpyd8<sc<wW
zdxr6S;6#9COr>d<D@SE&fmH{I@}o3rLtR7e@xk+Nw`LkLiOCic7N2~0Szj7oR-cj0
z<$5xJXm!-?QDGBwig*EJaa<tPDkv-E1R$Y-d#z5h;JHxEtYEe#VclptM6BT=K(bco
zwYi?!H)-b<+@OMB*hMg={WcK0ilUD6#p&ZFcUlud!p)KHTNR#|^mskaWVpp6NKmH*
zE~(r8WnxR3oEa{&ut?R|QS>4mqE?UPw3aMvhQ-!PNXAKq1{R`sx7k%|^ofsC(hFjw
zYfs_?{G=UfLVeHmP#5br3^Ra-G_9)fdXpMxRRN*jG!2Oo+!DyTUpBt`7NXwM0h7+_
z5iTO{03T+(9xO?Mwfl&Qj>vREDxAk%<;eA|6Q|z_wMM6U#Sj5w#>xcT0j0H`u*mY2
z^>dLE&EH>B<8J>!a_VZ>*XOPu##?QYy&EI6jHorV6?jWt##F3wpi6$p04EYC!s@c{
zqbOLyT<G*G;{{3MvZjo>kyq5ev98)*S=K)hH@rkW=P)lCGie=xXdh;9JpwWOx`<9M
za7js;T-$8oHp1nw=X9qf7v-~;G(c)FE&MGmcRNbOj?71O(+S}qVO(aw(--yAH*#E~
zb|9fJmFt9Wc;4`7i7-L!kV8atMhL5jWi?}I^V{prIof&=r&*9%trw0;qIp`8{_iDL
zBL9-lSRXf&j*jg1ylVL2{l469bnNnhp{k#c<f=W9Wk+kDh60ReIr-(I%gC!D$Pq)l
zCByGymB4)&^AVGyLxU2JQoB3V9Hw`S0n?v8KR)`BGI+o<91UFUoqelm#sjbOORs;0
ziA=2KGqkBaPSKip_>Lfkj!ELDWYo%rY$Qlc?g<|^D9Q?{GB(*9GwK9F%s3q0PgxpD
zYUYvwJ|>a}XxZXKm#u1BD@aEnI@krUMLFvGd}TBTtozv?M8%*c<kMzGxsFn@ZodRV
zR`<;!$#i-wenJbhly8cWWi`!}Jc#WEqPY1|{kb}oQ@PLked-}ufZ+Pen-+5!0~AL2
z=tqdT&;D$?@S4$XLmG7U9D_`Qd5}9dgEaz|`_?W|L6fYyzZXmpX)|qk51VE+c@#ZQ
zt&`8IBfeJSD3)s1Y>O{V6@PVnrcZ~`EsbTU*y29o$BMyRyCA(~>!9K#h7S=dL}MH(
zxz7n2xrokSABy-;d$Og?7=ET{*8<80!ZZ;_LJ-wDEM>iE8t!wKJmAN9%DoF}nb*Q2
zPnjnsb4mrJKy)8P-(lqu8JpsQg2$mzcJH@&l&bzsc;V0&n+p=WtWVY-6pmL6s&a#v
z>qCfr_G6#9Z2XvyMe24%aCx9_rB$}r2!pMXt|R(QpZzu>%IB_8r=;h$?!Mm{6scuB
zZCk^_<+7ecl<q{*Oj0}wxwC*uy7}D%E}gmT@tk%c7GT517SylF(wBq1AuvrjBftao
zX4l4pH6e(&wd|N$s8Y6udjI<YonnT*t8VsL@2-}#j3<C{u;Y+K`Yq2irVQwF7sRMM
zv<6a|cpPa`f$a*$*$&U?3CpiRLl6sa#}QC`Zb;b-`zvtj<cIFlv6w~j8;ik15j{%<
z)ELMBH$NOyOm;r|5E`TaQ2z><djGk#s)4u??kQ-!^YW|9HLMfeKiXZg3%F!6^xA8G
z@`fQw0iN;(PplN}Q#o+j<)n+~{a)8H80E9Q;;haBD)Zk}QUbANf*w7wK)LjV>ml(u
zpb=$-{_8;-0wd2UoeCizc$%gYVt*tRC3W88g&O2Fds=bl%H{#7I94I_IFUJ)Pi{7F
z*_Uo}Q|vu8k@)V`mO#n`d?tnO+H)uT&(-Ir_sNs}ywdB_9-Kd@eNix}KA$O52zL{O
zE1C5_>Jg<i2Qx+O_gJ|%KK-vA9jA9M#}}&qYE>KJnE##)mY6H`<-DH5VrE~}&(xoP
zm{7_hqsE|Fh2YU<KqJ^#S!=0|!cG^M8GqP|Kl~b*5<j`rGeYANWr!tM#}f#pDO@^e
zKhA~wo+KTeD`ka@dt(3n>R`EHVkxoB<Y$tu$AjYW<#9yqd%uYua?Hm^gBAX(jnBit
zamSGR?AhF#A3}j-xzjPnDW@A&gC<1MOR!w4s_8dWrXLpj$%+UXEe;mkw?n<PxD|7S
zcd-bVR6)JhBUYZh^N`(E$%#<IOYyr6HhJJF_AoZKEa$Y7vZ7DY<G$*%L&NpZ;Cbm4
zabfm<=YRfAzbW&%ga;RRFQm988|`>=*CRA}Xf3##J0n=ScBYhqM^bx)@#Vp_8H%5v
zEC?&!*j3H_ciPAY^&EzNyZbq)e3ZyK-zT-YKtW@hWN0kMDOkO$^(8g2U#9}sHmUm7
zrX0wtxihql=ieC$Qn{wz&68LrVP;;V^lQCZj$OQXbZ`0B)<XVFK$r8C%m%aqGRfOT
z?p_@!)e?_LEBD1x99GEP8EofjxwbB=C=cz3Wm7}U6g+7$(R|_j8h_<72e>5dTZqW#
zPlj_uGkz=y^U>@gH;oM@peD`khM9E=tF51y0BYsd0B(2XZ>xI-sVBsvp)%=^?~M%7
zL+#lK6;Ak1VZ2|)(Phb))9`3`c#v(ed<6HSRr%LekTU&&pgmg_FBE6I?BPp~z9Kx>
z-GNNci}P4pMy?x`wZf|67&!1(cgLkzNaOKY|AU*wkbn@aH(-&Ar@vWZKCi~KHN5hM
zE<qVGzK_}2bJGj9d|bb9e|bW^&UH6#?y^GDciCg<aubGYds~{mHSLIk$thS<6BTQz
z^mh5TUhyN##qn24hdGV0(Yur_q1GeasIge+j+dAzB!#}Zan@M3^PN1{q=tPynm9kd
z-BYP-WEC)^;oiG%0r=h#3xQoDV!y#m2U_p~;PdWvZ2_wv4zMm!dx`^df#2pf`0hL7
zoa|8J@}zF_mqY&~+IgSd?dq;JdfXe;-Kb|pM|-#a-5<70IloU;UPev<-wi$uOjpqV
z@BR_I9an@OI1hK~hf;!C|Gg#ZC^*RY;J*ny9wr#|zjxJZMf3j?g*L=rgx=Xt+{pa8
z^gMJg*)IWAc>eG*g5Z`e3nyi6H~um7&(Wr)uZFUQ9$q&#>n$L&6z)V=A?^zwozb2H
zad*$}8IULEUSRq!|7LdvdvU4w!+iwj0rRAW6IabAPnZn{C=mt|eyQ<%itu-5y`Qaj
z6SYr=S5k4kdpw|-Qm#yiR`z~Tl|IH&$>9<ryrNJrbE#TE`}6$x&d^u{Ky6KLuJ`B~
zx|7Nkrr1Wk-%hdJiD4v9mc&^uYh%+1O}$JyoVcT6SgYlhjbGJYjWfO{V+gNy>GC=8
z1a`)I4xC}F)1XL&6L~|#VFCzHrzUKT_3_#WeEummFS_GsC#!<}eOrs}xg?OG{o?D@
z$e8+Np2Mo%j{(lK^Nh?gj`X#V?mW`(YZ#&I5Cr8PWbL6k<aXl73mJQ;$n9&1z>={v
zb}0H7Mar98pB}0{?`Z=ZZ@p1P1w>6>9V#f4?HhOZoL4u0Tv0=TGR`Kyz{W96`*)i%
z?+Ivp9E&1oFsTvmIHIrmh0s;Y>pr&=R0w8ci(J^%8{2RS*`-hhwKc8@Uk}>7B-KgV
zWwB`N6%9jU+%QLZQuN-g)MD&|8#@FLsp~-QmRe`T6GWT=<twp1dHGfru5pe?!maOZ
zLA5P}UYJi)JZl`80uT_5Hno3YK4_ufcfR6k4Yc~)nY+)b<ByMCo=&_(Ag<LP;R81q
z{dsEdjTn62=0c|pT{0t#ooo7aRVBzx{Y5An4v#);y@$H4R}hXl&)C)q%e{Slk{8x@
zdG#h7?T8$bun5*gJTGzDpOie*c>EP3r=*FZe5x?O%Lh6^@F65h2ZyXs>9d}2tg3LH
zE#qf9VomrTVX?x;=10kkYxSP3jnGH)nA20svmuAuff+v&E_>s#g^`3m^1Y<MmtS?S
z*NXjae`1)w9VApTe}6|Lg1J-Fxy~qUPRZMBPI7WU)he$|;i((6_Tx|b4yb(3>rq(7
zOMx0K*Qt|OeCdt&dYQGX+;-or;AEg2*22)}$G^+GU5`X1FTU&Is)MFk5NPcKp;xB^
z)sBrZA@})*{|N~=h*BW_2|VM7z07ar*3v_hukkUK7AD3y%wI9z@ArSwGx)lFD1~J*
z+_bL?)jp64ggnZa5RH3r#`~U%+pKIb$gaM-)N`UMAo*F1&}{e-S&uiCHKxG1%v08i
z@$|THvx~7hV;b#GT%`N<P{~lq@zQKBbQG}5wOx{m*XinE4sIL)AIk-HH?$2O-P1}+
zP8m>E^ifTzZG0iYn+A=(H9APvM`-Xpqyz`a*^5boJ1Y}j?!#oFm<rJ7-$3Jb_{(54
zpKbQ#m?(u-wWFn@W-lYjBWRAMeqD?62Zt=&&+8}yf|G%P<wlwo#7f+Y0*56;Ke-`Q
zqNK!4o;iI_F(+v#e}M_a0Kuzjsrf3Qcs|Ce<3@2Zl|F3gP0sOys2LvD<3K@pfKqIK
zg1`nT;aK`aL25xhMsA1(197uJk0EMX9xneFmAX88I+S{tVas@LPTPSr|0Bg%kv=l$
z2(SEXNKJuE&;BjjmYgp=^jIQ4cSYoXtgkgyG@5|TYq%eETn2oD<WxeV2^rH4^<Mig
zb7j2o^;Z>Gmoiqs{2s`lCJJ%X2q#0NZ@pU8E4QcUUqhA(95}O9yhK<#KWY{-H?MWt
zG8$Fy&lr{NMRscjjs5jvT}#f&LO)p&A)A{#>AFGf>E1c$e*hIuLa$hu)^}row4P9x
z1U>u!q7X7sUqDfTu6q`@ceYF#-*gc^%3}}!5y^`lH1n@!zn6?}p6fyCR(Payqyj9@
ztWL6m69$&lZ-~;wSJAyv{k6~;@v#D1U2~L&iF;h*4J#i+xT_9w>}B~4@=C#HeGb#s
zm!{1#FtWBLZkC3Vg%nV0#)zhur*G>Og=k%bf^>hRUzqvEEP(O{8M&?TI^|p#qR(+U
zupRxxUv;qBv8p<zt*)in2lE|*difn!F_sYwwm@{uK+q1E6?aIh9m#tL>ehO`vdKpi
zrPFtE(l7fAm-gG8!*$)I_isK29lntb{6}%dEcg?_ejUn5&K4zZHr-JqlwnZa)gZLz
zAK}0Bk<*>u1b(ZUaP(fIgA4t~86zss|E=NPHT+-Y7RkW%Kd4HmsOBJ!jA2~Q(*Uwe
z`7m7^_IwVhhDt^DE4-rl&TrD%e$irlcI8ER6?EB2n^K@2F>~E<Tl?4&+l@JFyqHwS
zmq+5FmP*rXB`hIc-|mzm95O%FiwxOe>_a*Jxa+wM1`1px(9;#=S_rV^X+9*^+?tlN
z(IwO)rpU`d2F4nz%j|VuJ6c$MBfA0;w0c6%KG-r+4n@4T$$q_&@hjg#(<iAuK4I3@
zYkan+C~;#|3qCb$EK6Tv-|(9>n$gR%QM7SQYvq5;z}kD+Lzdtu+lLW*j5*JlGfBAR
zG9Q_mds7(AkZ)(FZtnX8KW?b~Q@4kPeV>#vXg;o`gFM^Yg8VJHLhaVS|NNL`y@W?}
zIk2*oV_aMhaL3ytuf_e~dB&R))Fo52$U*ZUqk3nk+eJV!H#(+Gy3_|t*R&-u<A`m7
zr=-B75l92+>+8{v!G0b%-EE5JP%XC=ftl{b_%&$tQY$uJfanbQb42e1Vb2Vl1pK9^
z-L8jb!KJpTGsFiop~2fyF6~$T1+=43?41bUO(X1nL~wTJukFzU5V#sku}ppMvq&fL
z&~w^i@?>g~Bq+pWzHGG5!9O(z=DE%BdfNLpktIJHQJ!?kh)SrR{#oSIQ)pcEf`5Y=
z^V{CTN~RTuj}#%hW3e>Rt#brny}+n|DX1rXO(Tny<Lx)*^RtRZ)XJE1soNRB2hDDm
zAqE3rv1N5R&q{^ku(TkK@v;ZP*RvzD8Y$Nh;2O4Um?`WtljF0Zi%xW<q|S(EY%=m}
z+iiEiJmiXdvF;dT*u8SD-9jUB?Pb}H>=FVbQ`_?aD~T?<oa}-#;C^+<|FaUOgU<oi
zcIRfZ-)a>NU@D2PtVQqzv|?kB0=#^wip8F8TO<SLh2tN<VyY9gH#&bZa;D~X1@o+X
zbajD5u?|ZKwwc@~cWgK#lPr6MpMG4VUyEXGc&@NgCKn=z9}KJriRCx3;)&pLY!vTr
zGoHH1ktI(7yYt%yO_%IFbqo+KlJ#dCnfrLWB``|GFe^U&Qu~ir2L7t2YlsIV?n&vq
zdDh-1?EIiQOcRjxdgCA^>#mCGv@cxc-iW7DHoVNPDe&^wH%!yEKnOVMr5i;xCm{7&
zs0wiVJwtj#(92N@-Y>8%OpKT8Qm%rh3Rwrkg1!xl_ldFftWQxS%5=WWc5fMa1bh5y
znHz51rr3e>RUTcgY7(vFWrm0yn~``Li0M%{-E+G=(<~QpeU%PX`#?BNR=!`GpR%7R
zs7oUpLDKJef%D{k)Jnw=u1{y;;7(MA5a1YUpCZ?@?bCfvlEJx`1108Iz^d5@s8xnP
z*ASHF0dPEqb|u37PxH1Y-Abeg%a>r21zl>%0-*i#iV=xJvny-<F=jr6MN5whDJ_W7
z=6ya|@-hu=M;lJX-)?TUk<(|<wwb2V<jKdS$JrUDWhtc%KPSV5_;r%`t<~$Ocs0NH
z)x3WLwxR{xsR^m{EwHgEh1wGf@!WZkxAt_Nar`Rs=?C;rdBQUB<!<IJe#9kjhwRTX
z_3a9Mu-xNXCGCl;=r7TB#P9x>Pr6HZKK(cke)<!sCi4@T-l_Eay`7Cf9yd7_F!y%Z
z9VVKmVBj`s#0p`0O>!^Z&NZ>hOqBlYS-Y|^_lY!E*5ASM7#-@zb6ehibK!}%8m`_{
z4fwdRQO<kKJiHw<y>v@w1Bbma4N+j#S31anGKVu<Uh>$7IwxzlCIK5fD?^Y?+BKLz
z0!sAe!`HjTlhqhzgo_Z=cH>f<4$#@|d7NUXTNg3|2FKeTNZlQ+!&N86ihcWVoO2;H
z@}leVWyUVRSor}Wpy>G$qoDbW*mlOIO8>&djX9!QvkG9%9^Vfv7k>bu!{G6o*k|Ct
z1ukZ=?IM<9bYu4b5UhGTWOtN`yFSy{o_^Z15;sPzeZYV;8?(bicFF!&yRI^CT@#g&
zZ$is_ojS#Z8P#Ahc#kAdgF^Wf{WI$SWQ}aXOA3%|S0gcSr91HN0odx#XxZ*og%!AL
z!(EV8=)h@H1Nc)XJ7X=u3gI&;A^-~Txm><)*dttcyXrodFt{|>Ejr-as#a`MSC?B|
z`u5}qgnawF>=fnmsD%Y=_ywC%(fHw|8HRCrlL^AK)7abVnsrOGw^GW>U47+G&!|P0
z1^pV`XqkB2UDlZ*ebv@+o5rMQjU_l?mVu|WuKH`{C=0(Ri4svAbswt3cE8t27AVKx
za&+PMu3$okR3S+h5P?q#tf+O-yEC+=iA+&hp6flrlayl1+W6qj*KIH88~;|j>I5*P
zTMh3~l(TgX4E_^pcQ<<({}*`F{|@`7(w^gGmf*$VlyAU9%&3|8jRzBh#5c8EfpYm?
zn;QHvas5_&8kvhLcjlUi>gmj=@{vK6ojP&RH83@s?(HUpL-kjYdEP(p)_{a9Me@%a
zSr*wkH42kNr>7AHZ&-^kw~AyR%IKB`sw>RNnD|Qs_&ak6^y5Ew^~*gj`X?)|z95Ne
zmO7>~JYGe&hvMoid%^OO>N}8tN#RDbwt2>nfjj%8oOQJ`HW(AH3k1W=(jzh8^Kz@U
zY)9Xgup^<5#YoMJdVf@N4G7i!@=&D?-Qx-JPkR&h48p$js0o^qEM)Z)=Cn<E?6BHD
z>zNfIc|Ilh9Xl}v|NU`CH}<5r(th!iv@YhEvP<cbURl|8MJWWYpU0{2?Ck|beeB`C
zpiuUmjc&62n>@66ICnUKuZrCDXxIngrQ3N@(uSbCpiXPGltBWQdM{j2{Lh8RLNcFN
zm~6GfAusmm+$oGdV+87aAH{D0aNO4ZM$LVOCl)jfs%{>|c<I)Ce*V2}PS6Bf9m>FA
zy!yb=Xp&!UKw5}BYE0fgyA>V({Qi(m-x9nG64!Co{~T|;j{aKfqW?Q*?yPlix^oSz
zMjvGVCYvaVq>Cif`M$YO@ZeKRGsX~p{uh&jw~z)65`WY&K-FK|k>X(5`X^qXb#~ON
zbJeOyp^ZnJ>m>~lqN8_aKQjn(=i%duh{`P_wI+GK$bP$;u^N$Ch9}`7+MNA)YgA9J
zQ|WqTLZIQLk!80ts#0?$KT*noX3{n$qW~*ka&eF)+qNUM(8o}wuONBcKwF<az@0Cb
zh#n@WJT*nJ2`(n87l7gW=JoE|D)Yo?jmc()=4<h!M)As*yZS5OrwG1d7=BhX^|PJT
ztY>Ic^~nv}qfWb0T%Qu$*VQ-wW12KXc_BC!kz9Iuu6-7g`1&;=uMnsvlwiXk3%0=`
zm>ooxDk7IHvyD2K=`tkI-V<P#`Fg31OO7y8FY%<lXUvni*E3ITKOmOT++eIlH`15E
z;B8H;(#5b5cJFSMBmuX(x=vt-;J;BTCr)}&6y0n(MLxL%*3WpRRB<O8<?>gqNU532
z)DX5iDc3btAxP4<hV^bye68vjZnW$%pnDR!{aD==!|(Pg!1c)s_4$Gg#-wJNCI2Wd
z*0=4q%epM`vrCYlt<6@T_`6$?-04@+%^%9zze_hOi|(I)44$Z3nd=Uip;|Y5GDy7K
z2;L8H9+_JrLvEC(ZXY8Qbl9`+xKohV$kYl-%O9HQzGxwKc+^dj&t4Dfwuy7#dV4hT
z6Fxa&$jdG%wz^cMlTr=pdh$+M_sxFlLO};8rD!YV<UD_r4j+60(rDy9ON#1FbCTZN
z2BW4h0Cr1q!{{qtzBF7s0&i~ZE1n6qc$b<D_=HWHoslzl-><e?g%?TVmsJ-DylRd0
zc*<BngwNX1%Fo%ka6*muMxB&#*lksJV%85v7XmO1^o2K<aJ5i+qd96Z1l$R}{P7ZR
zJ{9n($L)IlUe?~>$A)Hw%x=$6bqS?5SYaevhWFsh&{FL9lf3<9-WW|Z$}QUY5bNbr
zHw{bpG1+TRRrqlo)&ew}Re-FQ5v(e-LG6nK-Jtix_y5frp>>;YIuM(uZmN1it~k>>
z%Z)*%JrNO_oh9NIk0M*y0POfgmH0VNtS!@PjVQ|vF}<uQx1GVpfIIBPrhCUcLq&N{
zb<s7fc#Ag`ze2vINp<X7OOBX1{*>!pMoi%;@A6l2!)6(X|5M{e@BdFTP``Tp&uP2c
z|E?hdzyAHVypm6sC__)=&wcZKDnrsp%1!D^&n+Ye7As1F)hSX*iCTIv<$@~Co03Bg
zTS|dBgl{TH*52oS2M>yl3uXxryWA*!d%|?@r>g2g%{hF18?yC01mi+1S&Zfz&<BN&
zNTq}Q9dtE83_0wBhMJ<i-plMoqO>4T`~WgM`1Y;bqiUzav07~-$<VS1-bcho8<7uk
zYH^s1AM@dCg_-!X?`R;_d`$XRUMd?Eub=V@9Y%!U^-MsA6nuU>dm7Q@Dx7u*<a`zV
z{az}2;Jf0~TBm~^O>MH_GPzt>j8SJD?9WU2T(8iVqox{-maQstQzp@|2J<<xmQdN*
zr{$m4(EjS=t6C+Y!7$uhmF&29SuTD^@2XxhKDc)~SGV)=f#@x!siSw6J~X&Oz+%$&
zQyH{Ov66@2gdWYeV3UtsK=1v|gIW@$QURK5<(J7n&3-&vJ6!s;Yqsa~@omLTI-4ug
zBvkXeOau6o)zo?VWmj0o8?DjPkcu;wU?i3tfFtKo1}7)O0rYOCKLZRssE=R*UytKt
zzbRKTAp}zjUO&usT!6U<0d7{!YuJne9Ugu#lN`QZwtUQ)z%3f>_Ig?^^iwZVuH&=<
zXg05vbe;QAsD3ScAJ=;mSOk-Sd(iVzJUvEHhd+k&Bq@Qw%J6~%$dk?ccn|b_)9o&W
z(ijp>x`tR(#MG_UG-9>4Z{7z?RRfq`uDluvWg1fo-lbGlt|WB-9=lUZk{I;ihWZ=b
z?D8G%VIJ^djacY5?<HDcScOu3Bl?riy)g)1)vNJSHHP4-QuK}-07{`Fn!SkWol~GZ
z5z)aEdCWE~@v67OK_`4q48Xf3U2MfdAY^Nz5a6y>OK91~AIqC@2cRM3wRV+ON%gk~
zTD1>Lf79Y)H|5&RD~tbVe^6AfR>uvO0mGefm*~39d6v0eP{8V~#VD#<lq8jE@(I8n
z!!ylofGEKq9^a7yg*4Ya833t8-!JG2B<$XhNR(}PL<xsXH4C%ta+pnN^P{DIa7kF5
z!xCI93$ZlQP8pdKm3~SDKc&SB4!yqr1jl<YsQH7*-w@3qp~@)&j~O{!EZ#ng^`Q)R
zoOHfr%udP)h9Iv$P16#-DvoRd3*<VGkDZ!3yb_9g`8=TTstf7+sFtUe`&B_y=Z%gx
zg>MFT2(QB5`d{gsyk8jF{YF$nJ|sKO8Of9yhjf@>#BVWbq){izBgR@vC97EbG;QCx
zv5i|4<r|D;Y2#1=QPdqPseouZM8YL>`Yg^iGq8`1Huvw{$7eGTzvv9c^k8qSA@!TK
zaq?D&Tkmg0kSRipr<(XFjH0?HPqkrafOP7@{pP+WPgIf$1lh{1vF@m8Xz6;b{q(-Z
zW2WO8vr``XGYfu&297qMNV1h|5jt8!^EtHk;L9=4y-`-eRC=h-fbXdUV~7Rqf=R<V
zkdrFgRMGo+`f`dnFXFBb<g>9t)Q|TAF?_IuP_!LWIlZH{fy>KchQx1OMRk7_*EpPo
zD|-LDC&@}Sw+<~RC~1ti+{?iQ_NwmVDwf_*AS2&rzC}<hn^`^%*4LXJC42W;i|!x+
z+bDE*l)vauB!ep6vyA?F!t;7G_I(FZnl9sX)gzy^%)gCLAaQkPUb4Xb{(%VgZC*3H
z>mh>$tYZb{6)C18GoK$4WxMv@6j08JPzCjOL%S;0Vr!EY7xO++9M;~ei4qBLA!sJ~
z*tXw!f%wb7LELjrIUI=+U}r(qKD((Mp8SoTQFH-1H<;MT&}WFD=ferP!P04#kxiRh
zc|{EvcZZ-x5v{t=%k=d>((O+SUO^7PFFQu{NV3tb9H4ZuNVDtumzb^TFPKup3-y9p
zsN`~$G4-9B2j^zVSew4kxOj&($Txs)GzwUF*Y=QywXKoBIq+VX2<#$cXdfDh{+=2S
zVmqG{9XIC9e<BrsQ3ZT!6UtEElSY5ou^q_)a=8kTp9cd?>ZM3eV5bPYOlbG3X&zs%
zSQJhqvQfZ|Rw(XLdv4ukP4fLQR?qVWnZw%l(>HcZk3OTT%b_lO`Sk13qhC~C{s9j4
zAK*YlB3}T$BN?<yyfMt{?*&eU7&c=joaBFvz%2sL4|&q!N6g>UYFelQU1dDJNYrA!
zvYrK>9jeQ50TI=s(G;E;fu4P3Y&|F#^abMF9ZhGLIIB!L>DKD62FH-T()tDeyep@>
z<OnaYTl%*o_4oI>7Tki@@?u8cecKpteHPH%n;Q0k<Az*H+@tWL6?*R>>=*m+wBM_)
z>m+sA5MT^H>|i*$Y><`?4>J$41hH{DLLMUwjC?aw)|Z{Xt4qw0oetlBlJxbxAGrbD
zKv0o=_Hb?eFku#wQqeS?DT<lAg+rb;JDRW0#qWh~@pQz8*0&O$BZafFBCg&E{Fo^D
zx^A0uV)_xV*qCLT`MZal?jJt!&3+=A{{qkd5hMS}l7Hc9<5aypbtsj-r*XFyTil$$
zW=Oiu)1}_up_iT3d2;Juqjb(@@5f6J5&c)!tj%8{q-1vM3ZCAz7dIoH{u}v9Thuu#
zCZdk?Cxv*x^R^I{|1U-3Rro&Kg@5Ol1biw>wuwNs0B+em>h5NZyNvuu)MhYvg#JyQ
z9XfFD4ibE!KRR&@q63n?4RegL&6jmonqC(Y0a&8({2Z7eB;7Fh&5l5*N?*{YV3fNK
zgwn461E}CXfEJ}%hwhd7)7T2H{z2>J4!)|GETsAt!e~&V(HpEiI`iPPTQ`%||9HJC
zY1n{9I@PcfNY?B*iGo_1L?^)s<L~y<%mLl?X}p3?<0}(>gDS!&6!dkezOrAC%E197
zrvP<3l>0w;8oB;2Jhkd{7B$Q`E<R-c$gVGR>s;t9nXI3hq&e1Y7m|~BnvV-X%z1iJ
zjl;rG*`f8wj2ncC!V$c5CQs72Gpb+`vWM;YsX~ssHpQ4uLb&JGa!yMfC>Eh+4tN3O
z{Ndx%OAvR#&*u_jb<i10g|qLC=5pom;pgP_?%|Ovw$Hv$k^U^DK!e!&8?f;wsQvVV
zj^<UtEqNZhvFd=x8ueTouqbUo3h9S(s{BtCFHzV~?=5O+vAr=p4XhES-XX++sho1c
z@DQm_Eo$x<+WQM7%gD?r$KJ=D$-q?Xy(~~mZ7)-4=lHh0f+X{pf9c!7x>#ozw#({^
z3w<luqga@op%~1CSN+TGwbH|EX*z%^&wD@YlM%Rpu!~nDT{&2f;<ELGQMmvq1$@NK
zmLcD}J^k_l8Z8X&`^ukztR06k01sRXNbtR^yx(2NBu5Rtg2{f2s<4fnhBUXTG;eF;
z82xvn14l*^jGtRk6dUMjZ;6{hG5STq%39G|H@f_rCK5qkD)*ev5}{Tdj<$$}^Y8IM
zH)GN-UXL%vXH*RCv25>LdrQQFBs>aH_8O`y&DGFb<lfXF2$jM=*@g(cODJD_!rgOK
z?|WQMbDWR$9~h%cjxoqX{;N!eg&6R6waBWwk6b7f#DdyB>6{?%;yaEWN$Txgs{zf4
zCo}w39+Brsco-$)j1kXT)Huzt3YXLo-YtSY`^-nq=Wdf<a-Af4NA)gFnadt4e=mJ$
zV_dASz#2FHFG$*@;sS`#g)*GhJpPT$+hE)|(Wp^53-|ooa#u;ScDPKNo1eGNL~lFM
z@Qja9HT}R0DU&vPs%oY9i)=?pz9hXV+xDcMmpaHw%LvOFyA7DfX$`4I*)FYLnLFvN
zk+X9M30~`REZ8^Q63Qwp46_NFXJ@z&ob013J3U8DOX12cDseAF%{(tNwNFX6QN*=g
znj`w9JYys?buf3#um9!hu-{>8SW4rKAOpKO%}VWkP2s%Ch>d)h>E-N|P>T)QLzot>
zf=!$7BWJB#BQIjezFj`%!^eL8>jjN%dyP_b((|Ew#3KG5v(Vod<9*=rvydV78>SEs
z(`B0+SzL@~S<ytWa-^cBU_<xhBxfycGkM%glF)PZM^es9_tIhR#D7kgKe9g5Pd41|
zLfCMdep@wVrSWIEbTcxCw0x_lFsg?!RRWMhEuy^D@9UsevX!Zyf*sYAtwUL3#;#8!
z_2Tu}`eb<+B={cq^-gL--ZF@q2b>JN-lCLt*$$R>Ev58_^iz(CZkvb0nWF;P*_n4@
z49huwEi{ODo(8ts{cCr1@%s8IY0z~JG&1mVxomRil>%kr+FIzt6%e9r(X+O<UKK1n
z4tdb<gywR=d8!3F$7q&o6$G@|h&KB2Oj=HNjahcKUMB&WbhCA!=SlW3J_Sg(4HRia
z9`hG4x1<j+ZY>zTP7T>dj+7apG|MV`AUwJuK$9*LXY0Sv-nU{H*p<KGd|udxJ61nH
z$Lw2JMqZUgBpK-&UR$ArTYtB6QVsBsy}mJ&Rqz`J^glO<b!z<lxQjoXO$Rg};IQow
z%e%4D3Qx12yl;QpYI2G6UdLkc3rHht{6d<?XDdW^#|WzgaWcZ!N5S<ihL5JV7wGHL
zxbwR5q-sW|w|hJUl?E=g|ChAe_Cc2wHGm05W@~Jgx;J8c&J*$<USVHz_Cn_A^8^dh
zq@ZBK{mf6>^VzBX&1EN~LTTmSK<VF6T^c-xZT>v_1h15Lu+K&doHjEOBT5+!oloBa
z&A4EAu}L8Wd)GhVJ$(Y`)(H;zpO7k#EK_mrfw}b>Rd(<?+U*r{y=kX;?M}RICS9{~
zM#_{#Zc!GO{+2M<FQH<O+QCJ(ehoETa;v*mHO<q1tKV?*4jDedO8ArBHa<hFTmCP*
z8gl)oMH9u4`KA*_SDdze?yP*;8Wl883~KH(mdC6hV_6fwzz7_+KicL~)o?t;B=OLE
zUryOEfq&6+Rn&WR@EiHOoUpYuQ!-KP+)>S{)$auSuF$++M!pzr?4;J{^FvgRc+JlK
zf9U%E(`H}8@ssSGToh<>uBU=Gz?5dq*v&hCYO@}6$z2+%yO2`uh?>Mte}V)c`0Q;t
z<Y-7)d=ldpHJ%o6VWYe!jaV}KPPNK|+qt)6+^{IILnH0~0dA027Ae4uE*I|f+imsp
z?}jk)4~;dNPv)D=#3v*3>d<A&Ls<loFpK~2`l_5V5aGXE;Q_0+Fh&sT`{+w?GLL@-
z2twmt)?sGORlY(7cXkI^Q<5j&G!T=S{~BNYc$~0X31+>D7LRu5hOX<&hLX3D+~TD!
znAuK_CXqBP=Cbj0@q*0UqquI~*r{G|yq+wf5(;VY+Ev?LBAxZAs2j9UhI{k|dn0Fs
zKCx+xiIA8+3D}W?*N(Ryr=iu-KrRM7?XT<mjb6lrG@*rsLw5@taLqeTzP9;q<9$Yk
zoy@Af+Y(dM{(Lopw6rlMQr)>aZN7@SQGb!sY-ao7ySQ2Hc9v5<m}X;1_T{|P6ZHa6
zQNgd@K}mM&XzI%CTX)Q#@s3Rq<Kq;O8L;e9fIt6N+1~+}{zY25_ohj`ijX<T$70=k
zb(?R}Rsj^X_w4>~g&9HMsxBFwA@8%)P-V*%tjyb89$k!6)wsj%Ke?grpK|`qJGk~k
zI6c{35?R1*-@xPAoZb{#2lBsrtY8`SAr0jE{aX3RruW7QH&SBUUGW(D0_!gDV&+z+
z5H#1}@bm@_vUg}-8ExCcxP8R;Z=Mz?Ai<~?p(A5XW~}}cdD>ALVd*<A;g!#s^Lw1V
zM4nR+GBEO}sWg3GF{)U5WA>}^*E`t2oLlgR7XoCf8iOH6mY#cGC%%p-K&mb#0kVTI
z=mB)>RJRI7oglT&4vW#I8|4=j)=B4HYK>vkg~-X@b1Zs-jw#&25|{RA-W-c;dRSZ}
zCH!tJSWu|d_ipXrHIoUt#N9PS3?ht?*KO_s+9%ldD^E3*B&Bz0PXriCmbmFpO)c{R
zo7>>p^h@43=LLpvd3i+FN_8z$H?b%X%*)EH(S+5#k$Cs)KCi`_*8aZ^$P5_PV>kK*
z&M)aHL!NZ5$95BID<jSNulG)gw8fO&gD+S%6(ke|PLio^@kKtj%*wDV{KR^~XkN#q
zyLYWbIbE@ipfkSr>|~0QJ7^a~Y1h*82EC+CFw?X0`_5>)9Ni&}P7T!sXZ-Sa+0Tl9
z4Gji1$s={S%<dPBJod#smv9Ehl9F96!^(^mI>a4N#LLlMrns1q>gUdHw2>D$x?<Sm
zDqsQYSh{7#&&>YkapY-bOpA3}D*pP(*ugzA)6s7XbF##co4$2ud_RaryG{Zm-e-23
zV~O|_6eWC4tuZ0OK<^#?0j(JL^N+#+*`y8IsYw5em0+GHZj=qGN{YPX#);U<LMIc(
z^1Go0u#9d5=?m%cIkz|tDpRcrnzt}IKV<<DzD#q@cLMB|^0tt7JmQ>-s2@O>vskN{
z^cPesN85pft+w5D?uU@Ov*5<7B>HBHu3t~g-qAjBsZH7b66SIVxwY*ZLAd-i<vXMf
zL!miR&zgH}Q?8DzqPg>F#g5q1+z;`SmJK3U&JE>D-mVBzh-=OpxcpNq4T#~T!(vo`
z?<m%wiWLa;lw6R+bWrnmK}nKfH!?@p%-OeJrqU4x)*tBqNb=qPj0tgNrE4kvr;Goc
zO2ug(!eVjf^cDBGD9yy=R2_zfeHeggLi|F0Z;t(fw!h>eUi5o-_aU+gn&6Qr&>&t#
z6f(R5r92CD%6NbZHp)n_T@qPRAauaI2(fYa?ZoW%rVv@1rf4bu2;Rv|Ah!Z@!BI)W
zwNsXfNiO-vKayumFGa_jJ0N}<@WaHDKu*&l0+71nt*f$TF_Mr3miQk+Eg_7h5dS=g
zvNWdY)_h5Dqs-q2#eC$!F-uYk09RK(HH``({@m@<@^P;^ZYHU&bOm;9{p@u)RFvvo
z9)#EEirn#0H&s`J+>64W!|SSf0TkV~rXhmvU#t&n^?|+__erQTBlmGF79CLszp3uz
zv_qJ+?KYpy!CDoEE)GHIbJ$mUh*_O)7{lWk#RbnF1;qaMmPZYAtNObM66-<9k@sh@
z`ptx<Gb2a?59^e6NDF3pV@!mbW)i<n+NZ{Cw|-)T%TpjsHWT&%?eN1EIo90*;6R>W
zz|=$&0Y+dBTf0kI4{=Ss<n8vCqpUJ_H$<UYk{5v=;AhskDTOATzk(Z$Wrj}GeIO>r
z*A`W*IdiWR-WQ~jUup*cTKa;c+M!%$XmSi2ZASpJ=r<7B8SXwKj;k!us?^NEwF%a(
z2a251@;-1*6^Y7djZI<*d~VYE&@{LT{_H$@E)}RQbiz)=hQmA4A51}Fl&@`X`9tsu
zL_DzOT;CEJBgVBXqFxuOb+8Z?{3U}!Ig(<_EW0i4USswv4Ey47q)#aGuPS*?*k|m_
z2DbM~&p;oli&a9&T3I2U`IG^SnGizEkh?R9uun%}5pV$tjasHfv5iTJo$oC$qu7BH
z5FQt=*X%I9@`f-M#1R#~y=8|S!eM9SLsZMsmJvjKS4YYmJfouyp1U2_TB)7N5XJXI
zu<Y)+qC4v|>LLe;X7cnDb!VSm^1}k0<Mv*-E#hSleC)XxKC|1oyUh{oacm|YW;$}}
zt*h+-ugp~q^a(UK2lqFi#S*ChU)bAF{GZJJZ%>^LtygjU5U+jafZfDBuFlU>yR0SM
z&;mw&P+5G=JNnl*P40|L$Lss~9LseRY+lgzl%ltaQ4beXqpn!s?pYPXo$(O84}T7D
zy(p1*H5(Z*^5i$>;v?%DqZZN+!P62xjHcLBJA5y>c}MKyXd?%+YK=eK@9a?vU>-63
z{h-Ze)7(n~0Khn*9j*OIY`07fT2_6IA(Ss+KJs2WhjO)0d1;+BGm;Rc;WrFM1=-Ts
z1b&&mU>H?lN((@t4!~vP+nt|I_pt?fA{>tj3WHG-ZP-XmM&KP*3OXt$G4({xIPYrb
zzWynx#iP`Sxd|r!ua^;BKf@WwC_^^<7oB5zDbCg%N)N-(+tX|lr$1bd{5S4Ob7HcQ
z;q~T!PPq-+*kc}~ZYPk8ww8u;x$KO||LjCmy~}|=uIgkzIy2Y;<r{{G=-MAIMcR(C
z6VVsS-ZM)p07Kp`>xUhjnOF}vJ>hg86b@~beexjOdmsGSW@`V8I-124;bziJIDCO~
z52E!(9L;r$*Wq{BI6jQ}C~;6S+GWm5^R<*j@Ixmy9-vqXKCNj8=}oG>r3bvmrlY%9
zdm2{l>K}z3gF-7hqPs_1ozbvpQ>CkbquuEIRdnbAQp!Iv<wf4dGhO*-|0SHd)pPd?
zVSi>VS(sY#4*@cJ&eJAgDlE>}27BAG8QLt%VIQUTA{=xmrkd^E_>WOaa>X)<krKr5
z)V+4JK&gp#&Bt2MC3`W4L>SwHsv~S{%%`_qXK}!&p=1d22YK^4@LdBeuUK8Gkkkb#
z@>dV-VaC891zTQze!%%sp5n}AK>~ZM-O?5k-$3@ME#%4_G*WW_Sb>ZU?t-PywI8R(
z;6j4IhA#VvZ#LL$l}F@sEc>r&QY7ndYcZS{*SJ!et3PNZ{*%eQE1&CY+w2hVAr;j{
z)_i^bJ#1ZqM1oFZ`fGiyx$_9jP59dDM^{kyrwaRl^7bX1aI1qcR-?aSj?gs35hy`J
z6HFX~n$cRMkHAN&OV#N3yFt$HKgkN3K18;f|9R9_@Dgta_&2Gfq&LNW6BPU(yS(P;
zNnr@thwU3(tLcEMHZy(jcH?zvVZqF<Rgixac^U#?JyiQl$SCQ?N%)m}g%$P!rb}C0
z$x=#x6Kgqwc_#MCK$2t)y#wMidjn$6r`p!@et3tU^{&@y!e>y1L)QxW8LgYot=e-l
zG3=Z^2HbH!=gu8jdNB+j=ar(C0;;9{HRC1wA#{eVAm=>p!Fa15So>#v7Q#)}+p@An
znAg{@cHNmW1d5e4Jw9aDD48#yr3GVFT^(#Da0;KPxc4%pm(?%7m5|ljdesOz{L}kp
zx2g;7lRsxJZj4ZkE=v0w^UB*fw@v=PpcdF1u@A(3a9CCm@R?ccTPY(WCc3|Mx{col
zTbw$J->mcAR8*g?Hi%z+#8~=cc^tX1PGqLMq9eQlT{?Xnsib-ZVCj6oeN_z4co}k@
z15tavcOdG=2ci3&@g>1jAShdZ&F<D)@0wN*)2SDPCA&2cmbf_2W}Bm_Ns;S|CKrF0
zKkd_chwUak)I<$d9Mk%)+g;li?9H1GvpaW#A#i`ZTz{C~w{fX_L`rnjYq*&Qm7u)K
zIm6Oc!%=24`zu-gD|E7iMU|rJO#?g0;d*mNL&+1PZY>^dGFckgLVQsZd}4^OtkEyN
zsKwoCxRqRe%NJ+icFogVoJe%vl*wPcdbo@}^QP{pM*afuv&YY=cG>rQ)+93*W>sI%
zY<No{n$0bY%ocU#9$GRo`zA619=F-JWT$Zv*FFJ#K~-l|Y=mgqn`x>hOJvL>tz%d;
zXBvNEHsz7Z#r!*Wu=BpeJlY(1wXBconIgvxot6CF88&=W(6yA2sfOV}o*EB1$w18+
zB@4RGmkG{sDzwJTX>S97dcr_$V;PA`jXz&S%%)rmh!Xl>72*5V_0v-}YCuk*BC%=`
zV-|2Dz2j7_?q`Uya&s-<s>l;_-;jEvxkI+3BQq`eJ+cJ9C+wqPgg<6`TIrd_nt%Y^
z!NI16Rm)vOVwH+cU4iXj#azYX)+}^y2M?*UxU>xf1c~SKdSI@W&0wyHAahY`ZW##O
zk;g?nXb#U!j4E?O#5J@8IzmfLd|f{!U(VQ4P-#`NWbk@6S00WoiHt>h5-QxYK(H2v
zKAWk*S>f`wZv;_=gqI6W;0F#^2vY<(oh*v6Mq_TP7=7zVUhRI@6MyOW%yA#62vH<?
z&2uxz+tn8_g!JngM~j~qb|`uGA3vkLpKjD4wz;5Ss30bPC}6h-#KppE<1*=s-p)P<
z+Wws=RaNlV(l+z|9E%?SZmrkAw0jNfTjXMhCLsZM9~N5|RKnf)Q|S_&zqG_l_8U%r
zKg%p~S02ac9NBO=FCG5&9c8CF!i~H@Z&G%RKBkq|A9GI_o;xyHa#*Z^@Zul%b4F8#
zs|jgI1r%h>Lh5j`KL&T>G5rNl2T<eaoGsXwFAo=damq(KcdL{krui>Lm-34Av}Ltm
zShpZ$i|wt_F>ss^CRqM#8s^Z?q#a++3AIeRmX<$%Q2zJYKtr^vvlZ3lBle^E=RbGE
zaMG+|Epnd94WA)&UsC^<Mr25W@s08A3J^<1K)}0~3NN+`9>L->@jeHeQu^d*4hZn&
z!qx5N=<Ov#Uf(y`Wtw#d5vYw>Z^v$Vaql>E#n~Z9PL(m8y_9Wy7l3;<3MxV{Quipv
zL6)<3Dy+fU-QHd7zqZ`v*me&q*c~?u<gvq8`Tk9P9}FO4Eu;H5ryPQ*K-G%?8qeC@
zaD|9N>T_<<Rd)EHv`fZMPd*0>&rW^dhse2G(x)RBmtcP~4^x@y$(1Zx0sTAscS%KG
zgoh(HhMcySt9=O_7(5flp(C=<D<r5Ey1dR=$=}I~7R|nW56LPay!R8TA>(rWm!K2&
zez8<?Ok22K3fA+3x0PGF`YOAn(Bd-vxXy2B*M~mRxKBUy5^Ml~IEiC*s+(C)j<fYi
z!G}Z__(P4tg)~^o0+)e?Ui>+~N*@cEZ(3>wi<crYTqu_|YiZ=%dviD!U$il7BoOOg
zFfz4pJk=xne|w`Ab$b6V*#F-eYG{R5V{!Qehb#cI`8?G9IFREk1b?c7xPR|BY;XRv
z>!I$%Y#Zz`K#j?B88IY1F6CVRnqch9udg_K5`N=MtSP|wny&BJX74~Qoh9Ru=NT^_
z4y_maBED}o!`LZLbxR;UUS;+D-N+_OwIHe92g~fe{}b>BiN=Fuadag$frtROu31~2
z&$Y-qg~I3mPZ#GM&gR>`@fxwWqP6#E%u<xvS~K>nYK)?`s#d8{v5FQg6?<0IiqVKo
zsT861sug<{HDh}p?f3T{@Ar2c`6GWN*Kt43bDj5dU+4J=qyCV#d@2@IN+7Q+3HTEN
z<}KpaG`EfoN;RB1lkLP!`6<nQNl8SH+UD`{+xXR3s5g19QZ2upWb<RY6Dnu2V`*H0
zS%9jLeYG+|OiMM-XD+eG-r)4T$Xy0|eSW}m?U#MWMX~9#WFad};5d>{{hnlCq94Os
zb6TreaQ9k8)8q!VQX^X12;r}=+kmUyWBlNMFlx`*;gGqNc9M3~KI}-|UdZ9cU7}NW
zK9^jX5k%vm?p2oFbH=it=E{-XJjm@yc0Bcx>$z7_`_nT4VzwW(a>MsCChHKTDz!f8
zYY08RaBsDXVEu&Cb}Fa9kHTV|!2V>ItcCaQ;Rv$y8_mKd^dJC;Rj?Xm$O=G|GEcj*
z2Tkj#b?Pn*+4JV(v~}XBr%uGaiN__phJ~pdPLrlbwy3c8BFs~6GFRPFNfU|lXK=|<
zev7BcQC2p%pk3(`|E|Jj6Mza-{e+?`3)Ny1-3+ZaXOTv`0kdrpwLsp)#q>NA$gDdU
zf~Q)6A>DU^%8p?unK6nj73l)zuucMjw1@sV=tw_?RO>^B4EGHGZ$t68-@pSR<)j|k
zlkYhkqWpLMo|=?0^W;3`lmIg*WasxGOw?J>uJ(lK4it#s%hG(?+FpPPK|P@CFrN!B
zOYp$F8t%MHynDVa1?{@tR!UJ}$U*eU{Lt)`1;aKr#){#M{oRg^&P|Lpf>(d#<Stl?
zO%q9m)F${<@Ur6i9#53L#?yx{_52F|?hbfbQM~juNR=-^56ITbhz)Yx@>TAU<2n_o
z>DeGx2FG&MZSDyw#*49yfV3Y2`6N|vK%4pc)z224y0RoL?2E(>bB*CGyf;p$g?!(N
zl&kc4bGS@U?7j=W>({qnbn~pt>oh8kdT^^5@YZqkytXT$FE`<I2@0pEp9T3#fddr2
z+Q6Q}^2dw8VLOl2V;|DF){m<iykhS2(WFtBITOzYJ=zGjUP?+RB-Noy3m{u7let$b
z4zEVXyJcB=se(NU4{bmX_0<6nKrWf~OR8Wd(^zS%Y#TOus8uX2r{CRQ7W8f;6LC)K
zEF#hoh<QN0xn04y-S>Y+?7X8F$FWLZRxYb!YvF_6XPX*H=pCV>6h*=YmX?pb1#W&}
z;H~~lQ#(pgJ|QK0een~F2u{!ZG1@+(MM@uhdx4bTq14V3YTc_#!9^P=#r9RK$vKO<
z?b);ChjQ2=nZ~`wMiE6C_blhog91R0>x{ggoh$=-+=;!^<M)^sM@<=Gnj7ZEJq%Z!
z1ic)+!*&Xl+OJAEx9kQS9>W60CZ_Ydb<Qa(J%Q<a_TXi?#(x%*M+HQx$YE8^ZJH3b
z!%~i07<???8M?=n3e4e$Z7m2yML2Tl#2<gdJl%I1bx*n`o)gy=t8iH5r-l*ZfGl}D
zs7CEG@i*NHX_-dF+JJBD3zr4nK=Q2jQGKTL%RNxaWvJQC@61mtt)ja~5p=JHxK7G6
ztiX0^i>GVIPgD&RsMx$}W|>TS9xPz--Dyxg%mS-P8h8uG(5>wP<i&H~_+R{KR4n=+
z_=doDj0;R84gSKagCZBxzn#uM7k%Ti3nwK(`Ft0wC6tKotP?_g$}R;%t!<HBOxI$I
z_tFSlRkKz04$nT<QKzR{=SMuImogiLKgiE@Bc|W}Sr;rG2RKM8cG9+ft_tesU+s6n
z%~#g6rrq5+3OSJ(CtlgQwI&niV|SLVWTLz()l(nUpfk5xgG0wvxsAAon+C?1Hn`;h
zIcD|xo@H!nLWaSKZT&b(d1*6C2kvl=nj5zK(XiZ1G=C*M=iA1o&B01*71YIId)Ck)
zO;O$_iZmznwG7*24G?iL$lJ>_wq-xNgh*btIMV!Qw>=?!d8wNM)qpnIp1WX0Xwf%{
zfdYtSr2iJ&AA0py%}#|6-r2DeuxNy+(JW`aJ9MT!wT`XWXSh8>ACnk-4*$RtVY@_x
z;&e{6a%1a0?Vi7qux<6_tfQOA&2Wlrn;0hq{2(zf5cumv`~6Rl^56U%XAQ_xi+L|R
zk=cvB^P$CBqB5@DCtr0NL=HUHCsR@YCXRPAN6q;xLBT>M!ZORd2M|4}<U&|tx>T|G
z#=h-yXcBr@CvYY;Pu6lYn+*S9K4NRCyTGWj$VrC3!bcACFu#AeA$aqMlx)4dQ>}b+
z@}`fOm!MLP8f6ZlAm1}QhLOx<;~wLdBw);+{8K`JkvCNwJ7=K1P6;n{sMw7?kJTEF
zUh)uai(%RM2u&}Ek&H|9Msc^zmO8YwhIwcZnCHm3fVknCS&owd!*|Y3DM0%KizGR6
zUjCKcS=Z|OJM!P>Q*}w=R{YIqa+e}u8Fd8~yR>A$qI91c329nP*{fDV&JZA#(qqW|
zUD-2$Gb5lk-pG&6K8{VvrVZOgyUZ)!Bdnr`jCifS^&O?Lf11wFG1VFh0A`>O{6H2j
zcoi#?8v^KTs3F?{4}AJc4*6t_P3N*JE4jhV#Me-z<EIQop*uL@xsA8Qat8g=Sq@a_
zp?x@V5^|Z-TxQa#9oT>!G*22o3l7SK1xrr|s(cFUS{KmW#FY*-%3*MTq3W7rCctVD
z6w6W)0fR&B(Z5A_$H;1!3Wj;(^<*Z9%Uw9bLXKi@LzqJNWN29je>!r5$W{0W@FYEh
zIAXeP=)s8+3P|mWwzjO4MRCI9o$Y+7+4d3%4P%Zup}ZScl52gkIv7pfa#%qiO$ByU
zh<au5`)YYXv0H6?!qQ8UC3pFmYu`8`u70MJK=5xN6m42ie&GR1^b_^6R?$0pl~sDV
zkz>ASvm)ISRAClPEw&nh^_#U^dHv$z65zB%>6=(RPv1#0k{S_CsNEYqcBhu!{MyXZ
zRV_eE1&+_9`BSW(P=d7evLzD3TdUbSHJ7){5+eKD$8FUvEnb2oA*Y4PNm8BiSU$eo
zaXOyx-=(o9gx;&ny17P2oQu3jki+9UP_VcIp8vOfp66P&l1<ujC71(*9)MWc_3TQ*
zr!nFL?2Z!ocd0GZ{{=ze`#1sI0%09zO@YS%?!<@p;`j^iNHb7&axLIGX3Js+H{c2L
zz9oIzR9`GYQ@baeEW29oq~qes4^T*u22#0R^VJA+K6niOUCYgkj%^dBk4WpT4Xy{(
zs;pz$4@9kPPq^FzPuK&jgboAf4|sD<uea{2rN2QhV@MT!QY#9s@Luf@9J|4QvMVr%
z=7PP@Yb!LPDSOA^$|4Q<6lgW1A3wPjGccTF>kuNzC|7@OcNPPfVp8PobnM_W&uJ;o
z%SpcWOT#k>v62_}6KMG91+{xV;;(l!j@==#5_ikW6ji=`M6s?T*!Fs!1hSe4Uzhp#
zdS$__uAQhvc>2J0=ZJkQ$&Id%14(`M#aX^Zr#Nd$F%iz~0HgwU8rW}*-@6e}PSy%j
z-RHp$sq*e6NmP#`J!^t6ooCZp@DWZU@zRZEZ7K^q;9C17CJJc|I4AQ%y9!O*37mC+
zJ;9grd84mSQuv*niZ%3+dsE{wS~(>=5OUCF#dhjupsXlTbLI4QkX$ty6SWgbJDZ)x
z3D?7PpiiP)4K)?8WzeIkB|`R64x?$*G|7{rrsu2?#s|+#gBGPc3fhIA847HqLm3jS
z&!DdkL<9z#!uRR<a3{ac41;lVr=Oi^9|4z=UBFaW+PU!%WprClCWPP?N=pi*6wV8$
zN|eOaBCpYwbF+%{V@+tfs`4%{G8rS-($~*YDI|WH<N9LJ>nM(Qk(FPE=$TksKk$^{
z9&l#4W7ZZM@nhRC7_JO2A<y^9KL-Gm)2JW8(eh~QFyZFqX)-qM{*eCX%?;GSfboVv
zs<Y)0SN_~#uR}^~UEN{7Xz=yz13vHlguL>gd7OTiMO_enGw7}K<@4f*en41^UI>wS
zHLjQ3-Eaj2V2!j(JTF`ME=h9C;wtbm{Uh{x@bX4<JApjwrQ0|L9Wb^vJ0lDQ%Xs1i
zGRgG%xrSUir;;OWMNwnG7vQr*Dn0n;wdH@D$r4a9x`+AF0<^wwK#W9Xh8LqznHMW9
zuDhMt71ZPp7xjtke=G*i?94(s*Amyik}h2qVJ~S661we-dFrSuNKw}$90R5&?>0;?
zaWw$pl@*QRJeG`wEQi0aB)G}3Ig|~oxJ)bIP6@;J=NGsvd_At;Uu=okNuc^J|5Eqs
zBfn^0LP10AsE5kosX&p==yZ$t$EyA@YE-4>=;|bNkNmMbzq7!b$hzk<=9^($tHgRE
zj2v&hmo)CThaFwA%Mwc7=mtM`6{4y2k)dKybt~aW?X-9o6chnF4)ON!N9A&N@&vcW
zNQ-?a*_vC*ZqgWiTIg|Jr$aQKVUB42NtVMF5f1#bpNk0@omp>k-$p6PC@kA-n4hvm
zW2&5b+vll%x>O(}T4kS2QiZ2uHD>rbX`gE^yg{prCJGVjp0ajy8ysIBP7M0w-$Wtu
zL=160&<ual<rdTNeoXG#u&ptG8#8%KEswGQP-E@*NccGa4v@r0;LjMHpDQDeo|qDo
zC~!|J#AF&F`u?j7#43>r-bbDvHW#_Xnn{t9%8FtRUv1M}N@2Z>*ifKgOF>pj0!$YW
zx5r>+EF=QRNl`a8(ayKD@&|t$5S1{KP}?>chueO(L;Rf3{b<A0QN+~8&>?I4ob}c#
zEsw2f(rasf<sj;guMi_7Gt*Di?^geOqpTgByt1e0lt4XbQ6Vdyk@MfYuCTjp0TET2
z5kIn*JFZk+;=1guaoSpfC>u+{iHMHHX7}SB@?QLVZHqGBz>~O?vFTwvCt3@5-FK>~
zNPS-*N8p!Q^Cg}wSm&PLD8R!q@CO)aof$Q)go!%(-eL&Feq6N#>2$QKpn*3mI!E|w
z)4nEAO<;BEogaRKvBn23mTsylBn$eW@hVsoX6rqjp?lOj)kCxPMf_SHhyxziB5xIF
z_(hYM4Kw2x&e>zy`j6$;p?s_Bpm5~^KyNN#SSqAK@j7<v$pg9DKl+k9UfJFiz1SF(
zIk3g!IU2~~lQ<H=*DlOg&u!WZzTBA<M9TBrR#Y%MB(czBrY8#YHMipQ25?jo{l2|P
zLnFGsgQ6`GkJ2PZ=LQ(u`qS-hB2al(hCxE^quwW=(NY>>6dhd0d@M-Q3fn}C{Y0jC
zF_)Pr;<}?pgW#BZB&=wz_dBPYGZXgSfHTjg*kmj^gCBm8>r=I8YFYCJ)ZGKs4U!Z@
zGqk`2=7uI&_8r{mFCTgRn6dX$d^OhU3G`-@UXOm{3$)<6n@4z~I;o=HORl!ad5cL?
zw=z;p6cmsf=qY|XrX#CclT|gATU<P*6ylb<owiwl2ac%@Ob%!wM)9SouMuykUAT?w
z{T^6zs-|Ad*GzfKQ~IJzqXo51y4?KzPph9P*%&O!B)^)?YV;(0n2u4ft}I}X^4;FW
zm*W-IAD4?|D`*`5aZnu6l=Q7={4dhU@vJ@n)%;D!K#y5m=Hu1+D$n<-mKyksWOeP|
zUF&eOH80R&yUT~GlZ;>i3|8wk+lJcke<fi19|`ybqx~NVaQpufkO(yuz4*Dq^|$Fi
zVR`e^ye0DVa{H?fzrmP>d>CL=$Xby0HH3MBhIs<3_Fjh=lXCLl{u`2#fw-g<&uZ1v
zZQT;KLYb%$Y`;rpBAf2PumaM4yKX~cAxBtzzl|)?Yw^*#0#k=mTBW~V*{eK6CAX%4
zEhdfE0OjMqd-QBt`TVHL{#M8dhi=<4E{}1azUXCrY2%*BNtEM#vmmlv4oEN3_V_3S
zi(gNbJ#=0xtdu7r7KEIL{L_89@0Q=!^?0EcCGfGG>}o@W1-PQ=vixoy&dSLw5!Ys6
z8EVJVz~~8~?yrgR>X&ywx4n(%Ro>Ohu0QH2IIF(Ay!-CfpH`pAta_@1`?UfuGNOe5
QB+x5bclFc}sy49y0Phuwt^fc4

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/ping.png b/priv/.BUILD_images/ping.png
new file mode 100644
index 0000000000000000000000000000000000000000..514e94bc30af849688d0846008f30cf056933479
GIT binary patch
literal 16848
zcmch<2T+sUqP7h-6hTB(KuV-YRjL$eLAoe}jtCg4D7_;s5$V#Ti<Hnqk=|=Wsvy0C
z^iC)eY7&zCLEpW<z0cYE?DNfh^Unm5Fie1~=UMAo*L^>PYN#tylHVaGAt9lBqN1Qh
zLUOK(_}Jz0CF19xNK6ayj?_g<S&pQ*k8y+e<bu^>wZ|kRWl>j8O)nCkUvX41a3LYN
z)_V3q+UbyIK|%rqJyCe9^Y-O-D#(VhZumr`I(E&Z^|*Rz|I<B_=M_OF6F<*;cio$(
zoj1IjczSeWLjQW#gGB!2Ra%oSORB3f+ot>P_({pmnU?i0HA$NQ+@;gdx*MRHkr}Ng
zMLS7**)jv{)jx?(ba~=OhUWL8qO73!y|Cxv@S4Q~#{%eeGwd?7jS6%~MbRp7cB3)z
zOnDJxN_Td9^ZheE@y|okod;VZLVv#JIBmt*nt!*AfL{YR@svQ@S90)8pF(@!gphtX
zrn64I2}+7?73l))wngBbCTqP8qfX`seFva@xzSdwuD}9VByx8ZL9lM}L+aLvHi@X?
zZx=z&URz#RA1=DSo-W@2<qU%1m8EdNTA8A-LY$#fPVCZvdc@Ap!rgDjv`hp!MnEiL
z#F<*$pA;!%nLX5SY1YHDkwb}}3`0xq+8Afvrmi(^+w8-2xcZ$zfA#Fe_lru|qhB~W
zzkJp<_FZ1^&IUMQtbLZ@#MibGBw<hZkUT!c9faiU$(IX0I_(L1%R0>bfk}`W&=B&v
z{e3jQ<E!?4W`%3zm?w#oM&8Q5urq!W;ZJryCC}{!yscmf!dSH)>NoH$%t&Gose;$D
zw7KRsy!cnl&fdvap4?LR!!u1ShSNG+*;4IqRx;Ziz>}@g0RHCtHmwggHWZAuWb*75
zs?fOf#mkesrHP#HhB5Z%B1h!=MNPE#j`w7@8pZmqi34}V+Q#<Ud@s>|KSY2Ro(9h$
zZkbV~Yz!V_^eM%69YR(mHpY&u++01uXvX!`gLM=cTcfrUy6}1{tSBVIbzK)1MYV?}
zd<d&Zs-1{3&P<=hqFs4pl23J)0cjBUt_QNXQ7iMi4vsxX-{Kk4O2!piZaFf7m)BWA
zR_}g7Jwn?IP!a#6)#;8s>w$&S6H{YFVW8dRJ!H{NZK*s)-$+_tJLRpkr!dW$Vkd*T
zn06K&)6a9A!>7H&9-D_^(B8Hq;Zwx6t1P^#f}^@wR+*DP&cw=l!&`_1-sNiB{e<B|
z=;($)>dr<gow>z;g5Qc(aA<9i&zw;n*fiLakNKwO^mLK3Gj3P^WLWV1N&4-&%9g&<
zT`SB>AHv{BjDs{31oFAYD`Ugjq0C@8(jcep^$czP+UHo?XGgxwg(UJJAHQF9)kQT2
zs#$a8VeXFL8o89bQ)y4Ow)QYB8NuP*rPk1iksiZk+-^6@xapiS!zI0f(@*-NdgjNf
zxtp9KO;7L;+z-xNU(M|~Dofza43s9O<?QUS?{_O@N&A#PJxIbx)w`l&lv-!QE(W#_
z*{+au3QWBg&uqa_Ec114*QC>nw|H<PULC}=CL07tnlYpfEuw{;_S~A*53EynNX5He
z+2tEG6f)8(N;^OD35+)CLg4AIAYkfLe(FivvXnWo4(Y5VqC8r6J`9ZwFLi@JyXMB9
zNmXxsY)=v?{fZeNM6@S3_+WV^s}pMG@4w@^^z7FztqMPi@_hE%sKNW|I=F1OSoa(p
zHrZBHGPW%_CUc>icI<3ugYqS+`tJ0I?44In%%X7=yfrSuc>#Y!A|Vp)s<pwszLjoH
z+IK<SP)sH&bBJ4Ca;75m<hf7CtD+f2J}V*Xu;B&8>~RHWnv~r81pt@HVT2GgL7q-l
zNtJ4>ePF*PV#7EdkQg08DOjFDbs_5=ohQJ5-_<@X;;`(YcGul$W0npCeG>1Q4^nd@
z;9|xmCy%roUIzE$UWRWK>zGVHH|@~x-;#9k8&fUCJcR@YF6*2GdwAnQr;Lu*^;60H
zlF>3VvfxzHgU)C1*M=_blMyDOC2mO%p<^{!96$8-U2PwY9+nk~1#~Zbo);QoEWTq@
zu1S_vDqMz}qJ46h?V*F`btJDzD;b@Y_95&4wl1l(IA7-+`juMUEjZEQ!bU5#q@E3Q
z<@4MO*^{Si1rNtTp|Q=sj`V}Op*IYUNS}=VIYZcrt>}tE7f8hw#)27Yb<#slG&k;q
z`xrw%>5a8K?$o<~UPEQ=GQQf##!y)X@w}mqqgnEX*=e<r`I-W|GSW=vNheiLaVplT
z@6J>5W1L%_EA7gJ!$MrG1&_>hbY6iE$e~@?QN1uvXq+wQ64c8U?PSL;?yF`)&!1eg
z$Mco+1D^i|)5XK|O{z_OLJFBWqEMtca5#J1Tlw)Ql>u~PyF{CHI#Epv8(B#Oxr{S8
zo2%}Yujv6K><lDnySB?dRK@Gmo9(ZhuZmB=C!=`X)+_nS%=L$d6Qe|zD}H5BPm^kc
z`;co($`2Bj1byH&8$%l?e;Ooi^q>Qa_@t8BYz_Dj|7H{$tx^B^eehHF4zD}SpCDiw
zV9FPRV^G`bl`h#_7VDZzrps7&HK}~1g0J~f4j;bV2|4(L3jS)>sKTkOJhL=jP=B&g
zm}+;@<l6D9O+<n)AHEd)6f@a=%NM8%bj7WF2iBZYZ(mKHLcqka^TB@(5Wm^gzpZz8
zC&Br|-iarx&yIz{E_f7uO}&Wu%%==j^YwIq-XEc_eW?wVdcF$i$#yqfUrGJF&bg}E
z=H=*%LSK4R??$WtfG%YP{K(w+m6fBYVQ_~<(8fJ$%;)!tSn)c6Rg1TU5>w>n+;{Z&
zhnRYQ^a~QJt3TbcPZq|c-AAtKw0VAk7We_S6#3a+XYQ^E6Mw)n#-63Wt*FnQiU)lA
zz5KTR^q$DK{Jr{`?nobx=eLX0W>n1OA1FBX=1fL%Sr+p0tK&x!p20vXRL6jyYVZ12
zcIm2$YfnEp`yFT@9<3M(;;#6Wi@9GeCR82a)iTYoT>=yp6tCfWZsdW(9Q?<Zhs|KR
zSfRdD!OF;rV8BNm3GRp4W4Izp)VZ$}Yfjn_&pWqiNH%?;tkrjpTSd0NI7`{*WbyIA
zhue>Ia&u~!Ht|2#^j+B}P19$A*R#gYJC)7tyf(GcSoICIA^U7OUkDZ>yyY>>^0(fs
z=YTb$+(^g3$zCwPizChz7MA^=mz>ZmtpY!4B5Cs5naIM+e#Vlq#4&|SZR+4(hCFaF
z%GuZ5m$mgxddv2pTw6Njk+NT8v-<5ZKSA6(PDNvRY~HrkU9yKYa#9YT80m__V6Mpm
zwAI2c&(FW_Z<jW=#BfS+eVsiQ8B`A>pfR$fNl@PbWjO`lCJqGnnr_X}XV`c1rdJ_<
zCreCU?v!b!pz*K~Vx6LJF4-H_NWHkIIO-IL@FrECjJA5uRpG-M_4AdznonoL*#JFU
z+%Wzc>Kn*;H2(yQp=IY8az6BKRbiI+u@6?X3(H<;sH`BQsyuHMOnR~ruR<*`Ll;=e
z_QF{CUfyY4boogBbFpr{h@g(R{_kLs&v(v`xa@1zeXOaG+gf;8J%<EeY%#YXGh5T0
zlycJ071u&dj2gHY?#s@=j(t++jyb&Y)z_yaj;K%tZOzdAm7odrxAynnZk4{i6FzZa
zb6mPZZ(F*_ZFPs>y+3E@#3I_Zo`hFC@42$S9_2ofYV`skEa3#X-&W<eY2cQm*##Ln
z<ac|d@EqE3_q)uCU59%xW>i0s!WP`D4fk$Jl!K9j`kn#S2ak4p(_7+{T{cw)hPwsR
z@;AI24pr{lvGr`^!>fh8HonXQ?K&Cw5SN<$tlcd5q@>o%Ub*|#V&l+WP<JrX_+0-%
z!$M3nrj6T`pjo&1X=H-*M=zAq%;!R1R87-JYTm;<EDa3m#o3|Jp%x2v{dB}RKhWaB
zcd#3Cxd{*ztM0P?CQe)CCQT1_K2^c#VOS>xl?7J!IPZ<~-m9!r!;hhi6SpG~QAaEL
zo1oUakK+}q1S=}Lk^;Z=d=Aar3U;0Fcz_Gy6_<6qjC2sZ9&gvpSeCjfu64wjO%OzF
ze1i}Nc3JEA%R{=lCmsr;^q9n!%kZY7;#ntA?Wmu1+3+5fgT2&gZpP<pgHe~5(jI_T
zKnslGq~`<dT<y)4T^`-ix3a&WrqtM%?sJ6mLz#A3dVFiOT4)?2g)g)|vz4|+zP^*Y
zcq0||?u#S24}~SYq9i5X2(Bm%TFOyvaX^(y<+i-j=coQOzzf)Yf@ys?Y3i71D-vwZ
z!Pi`zc<rg3#;s!T#z~j=FSIpxV3W^d#rFUOrdNa2J`h}sLAD4oso?(fpq<nZL<brf
zH~?PKS(J6XYP*$|pG62`;u<>Q)F<q3lM&|}naCA-z~(h7zDEUO*EG((4zGF7bb~p+
zfC5#Grwn~mJ~Gatlp_y+AZg^Ar1E+Dz`#aaS4L7o^Fue7@9hs>30;ix#m3$A8{8D}
z{o)p@)<(>ahh@A9K59;VH6dq{Tbp<sOO1GyhcyHeY*}Sgt!_`dW8G=?@x8Z&_!!xI
zzpG>|P3WaC_osL3Bj~P3Nw?kOP_4N*b%W-+R8u@M;@G<9_UAX+GB@r=(JyDvg!bGu
zBYQx7bbf_5tB|8f=;}>&J?QiebExwnf(=U~u2}!2ktx83D&Ul}nhzP%YED(!v!aqh
z1xn#MG_REOMs`mgyX(}Lvi0U>*Bd+1cmlh7y8M?f;I`Kzz4WdYl9<lB!e~;e;{5v-
z!=+NJLC7!8rg82Z)eIi$8rSAJgQ_OWG>&T^GTi|Dq)gdP>|o7vG_Tnl|8%6V>=R|B
zp%hV?HCd4{e({Hi>mg8~Xn8sTQytBch$ajrBcm(EE?AlHvvQ|03^mG~C^A2E{?tSe
zgN{DRVicFUDG9b;Vw$$asdZKX>o9YvXRGh`4B8%lZI^Mx<4#lJ%tr0XRaAqFwpskT
zAlP$9-C@QBlkYl{Vcck_aq#X3nCa0)CL?`oO<$Sx+*0$zC=)Vk<%Qfu7w2rtyFvYA
zix`_)BNm;wF`CD*LRpM56_q&|shY=YQs8O_mJWxWF1S&%b|E7C)F3^4Kf&`I4eIu0
z&2vB)W?>b<EJ!s{;)?kxQYeJU%kqD<cC&NA&#R+q<|wX;1>w_+@pr#69u0%iJ@nbS
z{o?4OH8Ac==Jzr1xgmVp1_CTocEmP-rw=lfF!^=T*;xT3oIp|X7f-t~^J5<`2Vd&M
zkhKn;zctvN569)x-Lh#+9}ZYEPBC@O+R8@ue?2sfMt)nCbnK@3dTsAe$H%8Zub4V#
zC`{@*;3fy*U3iS|%rAvJh8@K(*eCDNSJxg~+Y(4;8v#B-TKPGmN!Hi9x#ja}V%?kq
zC2wcnf1F?CAJcJUK8{GB+G#Ox@Q*LQr86CcmYmxy{DkQ7mC?#??ZDV10~t=ILnp!=
zAx}5AuL4h;YPJea)pBqu=MIsT4xxqEYZGIPGnE^;KE0@MXfVK4Wb<*}HTm7wDmF3T
zkE#qR@xVZ1pa}N7!Uj}UM)Mdu1tgwuVz1#xv^cibWxqb;N>)K@o9o3#;u}fL$eKA6
zH~jv?w^qcpeuqD7gFY$#;xY3q=5WqoscXoS4IV*e=J5F1gCQH-kx{c5%*g#U@%_}h
z5jpZ|DOqCdp}K$W!12B}30wlq&Sz|LS)ltZZyPr54LWT-2ZH5=VMwUPKcXtdhzl)G
ztNMdKn|qhtg%z^ja3k=eDLD17eg5jKFem)>c#nufC1m&OVSsaqq8qNHs%BZs&u}ZC
z?<IVQro}C+{f!(qoEz<ks*&67EY&)Ul?7pjJ<)O|^b%hfE@?_?w=pHp-nLY(AK}eq
zSS>&_wQSqa=ZRO<Yq>62Z#h1LSHAnux*c#Esi59&)s$E;sghPxto3O)F0Ikj^FCXT
zCJ?s)dWNnq1JqMQz-Q^P29J!=7rST^&E@y}2ZSC-!$xp*{rV{3WB4?56L((FOZqib
zmTH(Z?TFz@4mjh$eoGsH?^(n}33y`YU7#w>#Sj=CzDrsF8_JK5FFJBO@DSI?qcs_b
zY97?RilR6a*<*6J(k8I+<sF{5nvXj$j~&;wcZrCfe|u^lF<5`{WLn2%o2g~DDC^x`
z-8XS8Y~;HYcj`GeD1M(ny#^Lt=5|EUnGg*D4Xd^0E)+wO@;OO-_kk8!<UV&J%)>ID
z#u{<#m-7pJd%PKS7+VYE0=v4$8$Wyln!W6_$2wEC^FGsk?>R`SL9&wDlPGY6abXs=
zpgGiX)mKI~D_q|*wfRt;aRdg={f&*%BhF7had`5RGGpDuFxQSsE(T)rF#OWWsBttN
zJreFUq$H`1W{AvxrdrY!#Rrzr!8dMmet384_j}Jy-TV9yb7h79(i%j$xnPIUSM538
z#6oV8>PG34#7-MZ<t;h<uY>#R6iR0llJo%)^&3O#7B#;GZpU{{=|wVer0?{5H}~y&
z4;#p@;UMz1OrT6Rfg@ZpzgS!Kaovkx!^#JS{EdfvOp-V;$6FZrDXU?b?bo`+z6Hmi
zI7l64_*ASnyBbWZijWvakoaQw1<_R1C0+QYCftuv5C&iBQ`l+Y&rE3KtM2=icW^m#
zSsoeu*ictDkLB&!irTH53;vKut6|!UAS<8Oo*2$C9c};U1~jf%TypN2nu+WAsN;uO
zq~1_H+v{tKkE5$=kdY59{5zHedz%~sZ+^{vU5fhjJzt#PVp&3TVjc*2uAjxkdB^V-
z>I_(-EM6`Cw67g_ry=^hV=qI3!<Ed!*(GE6O2JCv8qzR3SAQk=q$iOo9@sVwQDI%C
z3g`~Dn<rX_8OLp=$C4@nQiU&p8K>>*pkg2SwuvaZIJFlJ6Kl8G9`0f1W=}m>JEp2d
zw0GHu(sw{Uc%s{orx#O$2+rR{3eC#Y1<WFddp}i|b@RLMnlf|gl+aX=C4(!gFZGe9
z&vT_LZ8lvUg2Dzc2WC1n<#0<CQ9lF(;?CYd&S}~~h}l*{q7jaL7ruP;yf2s7QU9jL
zeB3wOVy}`<GV5~eBEq1^`Zr66>84y-$p>~#(fKmmZ0_nBb}NgJi<KkE@oM5I20p8z
zCdoQ7<*0_Wi+V{9m9ha!9J8I)B&0`SY=V@xnF1eNpG=F^bYt_tHXaR<;Pw8XPk^!#
zd*5APuIbmNw?l(tY$ptbtqpkIj@t2_-I%mlE+80Po`Hh@ssX&GL$eY2h@mw8HQkJ8
zv~CH^5pQ<D32NS#on+6489Zyh=U)8Mz>Lg;w_}RA(ytydx=%IMcH7;3B4c|lG-J!v
z^#$t)R<pwrY~tTXTbaz9>rnzpe&2dyea;mke>7PQiZ}}VHVxFofRI-7kE@F#FGb*J
zVhMO$;{EsA!NuV6(>lzPSwKQb<sQo8lbA^DQ_M?NIfNNb?CDh=RZ~eyfe-D6x4pTO
zo?V=?3MY|Z;qEl(uJXF;%B|s>6dfeW!{th!D!fsam45S!h%?s|z)^yXcg>8axNI=*
z0_CZl9J^@9eT2wR!Hsz41X!DXvr*pZ$_-wE20Hv(a-oxFKrr!-o;VHcir!^>1CZA3
z;@WPhr}MH1rAE4J&A;di(IoN)ep10FE|tmMdV5;;2UbkjGUZz3FhANYS-upSc@Q=P
zdULf>*bFR9aSg-5LAZJZcD}o9rGR!hjBNzo1(UG#!h>rAF786_wy~W4%!rC7j(=SM
zg%{&}#`bQxWHPhhEa;BCvGt?vfMK6n6X_QV7CPhs_G(P|Jw=R<J`W(~(C?Ar^)y}|
znH=-1kx$c8tV}}O52Bb{<Q3kg9;l#uX?O@vEP9|EK!L9!ih;H<xyPGdbZ{1HCEn;G
z#h*Vysltc)+T54=uH4mjJdrWGd92;wm9yi3^BDo0SYg}hL4A<y$&!iVp6V5ffmQjJ
zGkSNKdL?G@`GJtSqm}895xz0#_jg~wnZ(hecSC@i=|0xB`E7Cv?_W|E@9Q?Oac;Of
z1|60rlZcZGpG$~ni{zSTg(^=>EHLKruWWI*-dw(^V`)qu^wWuH9v%F+wUdtL;f&OS
z9LB{kk23X5SqfOc(+I~ng?#WU-`cF)`BUm-_JaQ4=zIy}OZgnmo)Yt})6qB9z?bDK
zQP)bDzLT;I(>;0E0WTl(SV3}%LF0T{YIolIe(Sr^l4l>LQalG~OSkPH`rn^#xRN)M
z{9=T17-c|Mxjd{(8t?^emMY=haNTNhaLjMoT6t(ei7QiC>-$tZ4dy)bsZsb2e}i+Q
z7{!MUlw8K8C}$@Ol^kJ|R{$%+2tte%P)_40mJ3=8i8&5lDNI3iOPpM#V9lZ2T)cvH
zP!zW~xz-5&+41-`25{K&q%#5%&hiH5Q^!?buVKW)8Sdzj9MQ7cL#EDb2Qpp-G<n3X
zX4{y*&iRgVtJX-Bd(bvl-kcIQZRN@Vev9{JyuQAMFs1>esL;l%e~-$HD|wjPiFq`5
zJdBp_I$FA?k2le|3tYi+n(bd05AG<(9L6RBUo=}sBth_ao$zIhk-QOF?uhLYTCv2+
zI57p%YNcv5?L%SZ#ylSalb`*ZRoM|59NC-p-q!gVL&i?OZ*wvDsrwsDA_`K~?08av
z7*-9o2UKmS)oOWAy>Wo8<GH_posNVrOhVYw4|-r}Hn7d@3MxX*@o7ypjCeNB0TTEp
z9MGoDlZb*SzG<k>x*RgN_wP{$-f7Teb(D6;j_oUve0=><2`gE_Zvc-42D|Q&gT-Pb
zmfI@=aAVx!D(gSpw<ZLClvn5^WKAeXG7<48;p2kjtv&FEs<(wfDWZUoChwI2A&QD;
z_Z74Cd}ZHhOV`eT^jU0PJ^Jb<RbxhUJWg?<YFhB!wGxT@2n$EG-K#7|;^bp2blZ)$
z7Nwh3-O-m7t!cBtjQN($nhCaO(m!0*n%&Cs$NA8$&i(_fCB<qNR$Dv|jpF6u1mxIb
zg~S}ybYBCNd8Db0XpL>_qDyau(sDw1M<5iuy1*+3*}&99{tF2it@WnYtN5yVdZ&<F
zl0!K!1!n~Gaod#k;2zob{L%PK27U8jbBUabI*j)4iszipJTkkWwy`I5q(TncSpslh
zDbH5abESkV2xb`e3FT%Ebfv#@oGfxwQI4=`kLKs=3|b^pw0z+ulaF<QIc!^g&@acq
zf6Jg9Pt*^oja=V=ovS$><}l15`1UR|;QKJB%^X24w^6)B`$&L0^@YLY=2dlQ@OgSD
z=_TAcgK^c}C>bM~xxEB)ir7B#b*eN458SFLj@KjH$iJ*}smUgMtQ|C!``KpqGQ@%D
zVp#vJj>$xZq&W`72l?22SP9krX!JNk8K<k!8HmX;y&EtLzWfKnF62c|%iQkMI^hqq
z0TZW_O0bFm6Vnv5ebnWcZd#F&<OAbk+3UAQUa$Ap%>a{D7~1a>vyCF7*$mlP3S+xJ
zM%vJ2*T;|YZ^f%#jnd&^yHZ=9($^tnc5iB!%RWbM&LP6Rw5740cL)gktm!i4nnDz4
zLg7!fyc8j>XjBGj%?_w}VVSD!O!=(f>GYZ)a_F#@y1D3*0!d{sO#+ZEN#n@>g6+`C
z-iuc1*^h`b8Dy}1hGClUSKEy|l9#2rD@vQ#+{!auw%AGCptJjKkh$c(7pW%k&eh&q
z*t3AaZr7#iTFq<2>X&bk#_m5c4)Z(*!Ik~FzEgvJMp&I)7#Gg@5RP{6S+1n|*ZkED
zq25T;c5-_)t(f9w5C+r|SCy%R&{gV=D$~680MF`ZstT;Hy><6ssdeoL9#h$D`)qBk
zkx7idK2!wvj$BX@t4?3|9Q~;Y0T8|HS(&UpJ?*B<Q~r22VdL!|`ohvUQI_*WX}K~n
z*#1JDi25`OPqmYmDGQ1B3el{&w+3DcDQ^*qq#{l&G~w>D9AdN*sp&5up3PN?)?T`h
z5QGm}11;aU9n3C=m(BB;xP*t~&QXrfQdjz4Xsy^hr0E8S<CnX|6vA;Kk0-Np*%}4q
zXb^~MDX}JZz6Q#59R2bkwpzPv1Q*&5Y@#veGIxrUyu@f>+%e6WIDj2}bh3BNgK_yl
z)cp(Ub$>afM0E3Itdz|Ctkgfi-i*`2(c}=~Ai2?FGF-S#Rl?~364AB{vjr<)L(6tw
zmLJBJgB39CH)nNCt<-E&MNVhQSYS5^z1F(Fqn*b5#fN#(1O8tk%4!}jgoR5P(@t}_
zPW~!LlcuYpBBl@bs|UptWR?x~;$5bs*Q&KYT?&i*c00tjzbns6qpd}$Zu0Q8Mw%L!
z;rqO>Slbc(awiw_&oIt>JL&g`GKoec!Ytgo>6C9{BLcM_&(FXEC5K{JLZX2;xB%6p
zhM_@&b~FaWZNM785)`#8NfoCSgGp-FF)~}*jKAmZNSwg7A2Sf;jWmHof_v-!%KWlA
zg(W;|_(sNTl#qQS%4CgvJ2!Y^rf@EIzVre{EOqXqZ}qlzmT$(dBTyWE7-OLHv8YG*
z^$$Df%s)dH)25YBIe(DQ&FJAIqgCqd0aj|vEhNI=g@z{i^qY5@_lw6T3e_6iE;skn
zk-ExhMfSwo9HwjT8s4&3;+e`bfpcfMa7eq~jC)_DbWIU^J_uRn?8xpPp?>f6yaNqu
z*<%ZIQS^)Wyo1tH_GZ+I+zNl<b98XG6-7|pokZog#Jx{wFF1q|-4}f{s2vzS#QY^J
zLpg!2Os4Z%@k%(I8x*+)Q)^S6G{_ttXf|$dgbHhSY{*LDV!$<zE?_xT5nQ;qYFSC|
zqfr6zE;}ghdMvbSpB0zLsDh=}#77=fFnvUT7#1-D%LKiUak{VTk!PcR@vdx?e_+;g
z?uYxbTaE|)Geu7yz*8MRQ_-?3^Tvm(KF+GnjT~9gv!@n(Key}C;>PH*Db66jr_m=Y
zpg@#Uk##Jrjp|<6r>j?p>Z*LDL@BNIRpCdqv4hzUqab&DeWC-ntvBW5E7$fjTd|!K
z5}}L1i)>0xz^X$1P5fBDGR_ZL4f=vz-ctUI`{0YPHS8m?lUW|MyEruXWoaAsVm;9Y
zyvSNrw_O4x-h~~4h3+B~xuD9Jq`-Z_`^)E1KO1!lrOWWiJC6o3ZW5CzTXuH^Qrc+A
zZyndxWPRUQf#`GZ!o_)z-2%&zNRoaa#T}Urjf{=eH{2`N!Hr>VT4ZJ?K9O0Xb+70o
z9wJ+rMB104CfJF_D*PExZp}dUe}`J)yZ-^T$p1nuDyFf#A>h1gF?uzFoeg@M%lr|g
z!TIqH!&FbJ^?IC}R=>y7IG-u^&A&*Coz3^k;gbKqf-PFi<h_9eb*jJ#q;0Qjd?`V%
z(d{>9U6T9FS)nwu{Z>W+@Wae?>x>-dZ<jr4Ch3TUgZbsbqY+E|ptsl?^?K1Dz0dc-
z4ss=#w_i9IfYrOV#Ux_+r3lj3E+6dA6^C-FXNRf6mz6cU_3sRu<5JeK8>cK5*u5BD
zr~uDL7z#&I<{2Z@^lu?6s24VlM1B%E$q4qzb*=90bktiTjXZg@T=YoQCgtt=#1?ng
zdS7ro@EBbWc`%u?0q(|*V!kc(<JEbY>U~FY#THa&q_dlRGqLbeNc$uRh~7S*@vk6j
zx@6t8u@t9^5bJ(FMwQ&M1OW8oPnT$MOPMV{3i*FdE4?G?Da^TuV<KJotgC{$xPO%}
zJYhmD8hnFX&9YoKa{V9K>Kx!e-0r);kAjMu(J!iGnc!ZI4KTjeu^)>`ANmP(x6E<c
z5m}XQVkCTl&{0$LJ%1Z7@a3{j&C+Wvuh)vM?@pI&7%^t3Y`;GUW2^ch)*bTz_&d!E
zGX3N#e&H|5`loEo#o2l^fr59>NpWR4Ys3z`dZ{>{e0xnLhx0u$GwgxbjcV4t#bt-U
zsVLK&O-{eG1Nc5F@T-vPb1{m{u^frDLyyREHsj4(!;~(gbF=eDRTMfYFO0eCokZNl
zbG2W{wlBC#gt@W87x(cBwyALpclXC+$X%v7W5w=ASz0{WgadJ*++eXI`NRw-gn>Db
z7wfIZh+cHI<$`DsW45)}vr&t0;)>k{9^(Dzn%w)5R;$6<H4%sM@*DbGO$^wP62edf
zZaqp0NAVM2iTHRK-S0<KUG(~3M~oz6*TGeRb>+GBf{UI93!hISYZ%Qxx$4P6f3epi
z#i)?rI`ic_DF#xr4M8pe+4V<}^T%VFr6)$FDL7DVG~P~YB<6R1_Vq>*v}w>=PT|2>
zewKIsx>wkU-;xjc?iv%RbuHX}rqvFa@C|BUgzX;h|B9nN;#J4*XXF`6=~4E-q_Sf+
z-eSW(Be2p>$JXS2u9W@DYo!3LI@zhKwG?W-S&051`QdBf)0}px#jdtAB`0N`(PKmE
zD_hsWGq*NiAT=E}JBdDSgcQ2<9(NNfu>On!_N!rB=TKy3-D}GwcOt?}Mv<Ix2)Yz3
z6S|<@<v_#~?H_%`5~%W(!<e~5gmHlq?akZ9oaTvd!s}jlvmWa!EO$|aXa0t&#nIip
zL*>5`w%iIm&gXXjPHd5J{3BPb|07o|YIOF!B-|Q5<AP^|a|atlE&xt6vto~rj)e7r
z+PfvwC3I--&={&Bz@=2)`0xLywB-L%TBv_eS`8CK`?qd#^@5esxg$Je;_mXGqlBHq
zI8%Ptr6$ANrCWxiivBaO5Sx#>o^hGT2^0Us&YFe&)YljEx)6(-o=G0`(WMN05AViN
zCOG+sQzyerDlZ7t)eUT17)AB$7d_A#E=0+nuJi<V0~YOo?9?bSxs_JYU&q2Y``V+(
zbS8GXG@`1|IP)|5%`9eH$`sukB1{Vr)SpjqRV#G|RW6fuvb+6vOXg}KTs4k4We5lA
z;Thq{90)qck8bo1FeABL{k3_x_<`WZ;pvGo=DxN*_!(5?{(-8&{{mGU3rvk7#3NfD
zvjztf?r{(-u&h&{aNpyYLRjeW__lt)DfeY`_KAaD;pfn>5+qRw!XJAsQk9E#%w7uQ
z7ecuj+hz?|v}9<%{jV+ygXwyldJFsrKI3998Th7joy*p*>nJ?DfJ~9mHZIvX>e9;O
z!5RCm-nl{_E$)B%=|iyh9(z@h@-Hzx|4@bp|1U+B>3<Vh{$#Jkq@V4+#ED)EzBho_
zI1SpWu!G&%z8Y9V)IG4Vexdia#_^BYB=k_n^8+Db41@la_|WfA0{-dkmLvIbegnJ_
zF1&fp3h@oaNi+!03BBD0irltvQl+xmSu=j;<uP&}nBckffNaJ@-tkR8jpHJ6F*Zs&
zozmgB!AG&olH{r_FU`+o;z;3aWzKxLi+30zR0qD!aVVJiccBc~ig+|POwmt#R(b-7
zIba!zD!!kq@n3?KGvmJjt4UM%=>Gs#3`e^3j1x#}WiVkI9%ZZe3{Sg-SeBjY4?(SM
zS}o%s*jpc=WM_lVclSIq*;VDT@_|*qiG_7ogJI$eb;*T?0Ei>CovS5LWLf_fSt+b$
z7ygK>)$B^id5u&*^Bky-?4$m#*SFUJlB+=>za%!IQOTS-_}H!l!ZV1;JDVW#$>nFe
zq{OZCBpUg$*_XPZuarLA`Nu!1tmXe3m35C#%ZANLwfSAd2#`OaR%P1^mq^itxz`OV
zgbf}CZzY29#?(l}Mw<Ks3IO5(L+Ez&G@H1mX|PLrb6f?SLi?k(MqfR}E$2?RcWZ!4
z5lGL|VXbbK=C`!S>}zem(2UA<&b<N;FQ1Xs#kK!KR!h9;L$NF4f)@DAhgAUnNt80#
zMC9_j=r`f)cb2r1+zrr}@4bL~V1eQW6IiK>oIt@eYYegmAjp;Mgd64axYM2M^(sC4
z8Fz61aP##|e9BtXSo?n`D|zVs8;%`Q8OWpYC(?5dG*P73OsIO+6p#q_88E@<sT&{n
z4d3c7etrM12&)*PG`m{^Hbr}YCZN3ESXw>iaf_nY$_EH}RO*cp%}h)3hqjH&nd_T!
zPWdSU-)8JYFD3H>#62se-IAaOvudAXiz71PIeNw?<=n^*S+3Z}n$7ap^shf_{&jjR
zes`cB+Q5+}9?i#-8Us+|2ETb0b?B103*Qg^xZU}*__QTY7SjE@gH%ivVR?w;<cC)J
zjNTE(of0$2?}v3kwWvVitd|Td86Ow4`EVFAG${&bHAp2BUtIfGv&t3hw3uOD0l%A^
z(yB!Ce6SMac#QF9d`=^{h@TO^wOcuqF|BOpMN>R7BR@6GSq~*g>Zjliw0#lyJkc^}
z_P@X^dMD@r<nRIX1<>|V6x2rwyB`HUhzh$TT+;05z(D$nE@<Pb>q~xsw9y1}cwwYb
z<}Ww4$&45GpH4WWzV{F4v+ImxYP~P{)bh~>-{px6OS)HA=$jjY8HVR*mn+e-TQj`D
z38tSc&A3^sHqW0+*=*T{EFODX?3}NST+<6b1c^ir<v!Uwz@6#_uOw0wZ}_sbF)O!7
zT*ykTk!ysH|KtPw|A<%|skE^0|3`?`;!+S<4vWX>^G5nOJrcbM<l-3~+J7<w!}{3p
zzif>8i?P(D_|rDh!ttp?B^q90NBLla<sM%7lN3%t>gcJwG?0Ls(U7PrFCV2%!CxaI
z$DO0V42soTKW6r=<!D}d&`HOUdTRh66}p4zZN=#C(A5R?kwhIA3%;NQzDc$&ZelxW
zax<fm(WkQ_(AZ}~lW$gK@AN~PWl9xR!48#a*EPeu2*YHXBmuLmZu8=>Z&*)d5~|}`
zD43jJ>9ozO5A;8}nw|#3;jeM4zU$0fm_%muW`+4$z&60_=26*S@;PSiGW|&o|4vw}
zmA_P4AT{;Bt<@q|-x*=K5eX}c#a5$a=fgoioTDIGlxZyvoHoA{6ZbM2VBGAJcj`F}
zx=D&YFSz1@TBGj``VZ;hTY3B}c^O%U&%ys8tn)2dQdg%XwK#cS;+VnE5u9iLINH}i
z!p80W=-3|n3o`RL1ln2N)*DvnR;xH&e)!FBx7>UjdR{*RnC&aNJshdDHU;-0#$Jhq
zz+Na#rX4|jL!ap9(m`i<&~kKZ5>ZogW`HO8H_=JEQNP*BPFFWKXx=zcOgHWZ1?ExO
zjIo7O>RyIOj6_-P=R4s)dv`tBCtF`xpUYw}9B}Ma`7t|3#SkDhr3T;Lu4lVAneNf!
z+9*eEqWy3J7g~GCAYPffK9W-Ot)~xz%v`9FN#J@G*<pjF!Z%`8Nb)-?Tu`uuydS*Q
zwY(|^r_t%*@2{y=Q7h@D+DqgI@IXUqa32-A0GH#broa9!LQP4&cmHVe_Kyb~gc+fO
zLdwo2-VxUTF{Rgw$KwfWnd5zyHKa{I|3=81J5NGAa1RalFr%>i`4HXy&i_l#TkP@;
zFN6dcustKnFJ-nP^3ajPT_)acAoM_SVr|cqJ_3SL3JIg#+fLjhia+>4EPECdeo)AZ
z+aE3=+=zvi`%-Unb~Jl`9|L`ZX!h@Zlevz1vN!idPlSdRJl>Pcqwas_iZn4L^!|HF
z7??mw6@c+lGlG7yW+PGBCia?uVRi>z*(S>WSy(}TSET;R36=KdUrIf(LsFkcj4l`x
zZkhi?u6R5FImE$Ad?q!}+9%UgkHb%+WznUS6RHox?UTC-#zEpxK};;?oM*ai%t-%z
zVwp-(zvO<If5R<vJE|$!nYm3gnT^?1N!~}|bu{vm8|#${dB<7dJ<VS)NrL|ubTyV<
z7KU#EuAla|Lcg<4K-Mw$dgd}9qH@x}W88mLRf+#nRUx|*-jA|f{3ob-!4^z}s#f&#
zN3_~b5%I-09{#Gi5<PLZ{B%quUscEJIphWy?VN#1eEQ{7enptvrnqB;nwfZLnC;WD
zDmS}i`yS}9WL1(O&DNvuDShcL^S61#rZh8$L0i%6X}asJKdf}n7u=ou5$7Z^ppIA`
zx4YJY4;|uH1?D^$=u7iWYH5+e9N!N)eR}(EIOUNIdzrU(e2V`^L6!98zY41R$_&Qz
z@$Z%F&S2`+KM5+2uNe~OJ5>pJ@0`>8Sf&Pn?msB07u<%}R>VMgr<~Cb2uY`3Nycq&
zl|M<HEj(+Aq#|}!rfHpoIb{S?C26K3Bst$bYgxdCX#NCkZ^qXn4)-;o^RR6iq|761
z^ee<!!74#mHkr!P&Ct*FA@VI2ejBqgmFSr5AcOP1<`g~Ej^U^Oc=$99!G=4KlSb?w
z+YkfX8JBc<?zR)VNtLaTb9^X|fC#2OKg>{Xn$WYy>W_8D;!V4l#!1u8I!oaha>KoU
zNNU`uOX9qsk4&d#vXL+a)91s5$j|Thm2G44WB^LJfQ<e7{}W0XARCCyj%1)}vk9X|
zi;U@7fQe3xCf@Xv7=T#{7bB)t)a562`YGb#xL1C8PSMKE!1hlE>*;hcWGQ_jb5d~@
z%l+pp@55Pa)}s^|t#Yrr&fq2T*Bb7r%BUer%=3;w0T9J?E3Tn&-LuKh8<)iz&jll<
z*-}{Q_vJ7Jbi+XZ^^yIoxw%`WgrdvA6mx#ZVbcO#a)c}yai?!sbU4*$#a>KUX5rQL
z|5;L5T^;2fk=uHJ?0Hg$Q?x<_t|2-}{UG>hk-fH1SIv#MQ!Z7ss=3z}7>zG56&PR(
zeCfPGrF0Rc-3(<F1v&b@zF!CidZM#d3dcTetnGr@Rf_vX+T!^wfMye?o=we>2L1rA
zu74K>hVS_N?-^=~K^1YjQFoL-D}((7_Ueb)V3P`AmAK3_7#1&337Mc^CY-!IS_2@~
z0ko8_UivP~ik|x+Kru}F`jiMy%kuhOa(tR6^@FCt;#3Kxa}pQHuB1*!GD!v*xF>Ww
z-^6y6$@d8SxFO^NXT|rFjXAb|99}(N=260U772#tgp3qWU3M%WtHFlO?MBy8%}b;i
z3XTCs#k*5;*RklrYd!q*M#EUS5b4PGZkLrL9RlBiO6rVd<f5l8ZqO=QCppC3GlYEo
zQ}`CxaJ+nW(FO5VcU-F7^XIESy;qk<3LenwEiQfN{;r%q-TZ^nNc+}Qf3zy-!nh)>
zp*_2;;$r*vIr1t%tLiA|ob(20ZRM(;<$9?-okG!5w?5=9<9{k+x&AI=t>Ho^B)G+7
zSBrdau2x2IIy`6Y>2e+cK`}Ji&GuWteDX_>iVle05x7Vk)xI*Jahjg@>}fxz8+2#C
zsOkQmYBga5OJ;U3C0znb0z_(W6lDp-K>~*w%0R@1O4u>*+d&~r@Q6(g?~?9nZE0D^
zFOFlnW`Vg#caY`aI{ID;<4CMm8%7E~li*DUzP&MXm>hgq@>9^6vhP0guCaL~A7n^$
z^z4!=ZzR`qpJIVNJm*gpf+)8&k>3cX&=J3TLIkg@!+?+%BUqS>2HD+%+xh1^(Kl!N
zCC@!9w*+WYjyI7{+z%v_*B*`5Kw>Zq_Xuc>5k6*{AghvK(I~#7Xy06DbolmnLv6Je
zch%&+%_V6rpQV1QBR3m);%_tO*JfRA`~y&3ZOnW1Z1J1eqL2&jA%6hsl}_9rfTCFZ
zmjI<7(V<xSJD;NH!$tb&&OE|=E<J7O3MdD#o5b=(jo*p<6?ED}ypXHkn(&gq6CxpE
zL+pSP%U5ZE+f4bfw@M&UCBRL5;~Mg`SuC|mqQx5d_C}F^+3uWA9ZPjn|ER>zOuI?1
zg(8nf0)zhmP_I`00icG-;vjChP*ThR*bD`*1xMq&y|I%Bh}MQ6>iEVzzzZP7RKaG}
zm6is6hXSs9bO$a{4Gq_gB$niRVu5Gy6yUm#HFk0@P5S(GJxKU-<<W8LC6=gH!*9GB
zc2pEa*Jp&7N+!s;?rh-|jQqcJXWcaJyu{Eb)l3Q74S!WChrgxY-_zI=5-{VKL7Hh>
z8h&<})#-(-2Oq!p2C8%BC4kc$?4m!vj0Y_8pVil{J78HtKLW4w0IK~EunmvaDvt}>
zcUyja@xle5XtRKIC`xK`pqYkf{>Ej8@PW47k_Y`cRB2(?yr7pnam{ww{{J4FW)~v;
z{|THP{sE_6uYU%o3edmG`Bn>HDk8*-l5Ph0Xq}1`>h`v^j~}9PKMbc!?U5NUm^=7?
zqowz(=d0EfFP|UaZhT2I4#=Il{7w@qKr`KM#?Zu^KM_skspqqj;@)4keKWTuGpqC>
z>$I>?0rO3#QcZhz={s>&!(jFH(Ike2XzEbmuBiOCwX`6uX|D@VbGNtS(000GFSPN{
zFvH3kFIZFue-nQsf1M4=t|4Q4zWN4b)-*>s@qp_)3q-$rFmold9}0)%*S7VI@;=>~
zw{L$w?Jr7fHhbY)K2Ln>yCL}nCn*@08u_PzUb}VG7Lz>Ngs~&P_B0(jjHaBlnwAln
zq9u1Y>!20EEH6yf-??<yT-ko(pQ=?ZBmJwy1nvpz0q+>JqB1@6X7w;h)^nqhvhlS$
zSN?^9y7ez;>F)|E^&b^f)qht|bQCTkd{Mv7PON0a^+%{ww!uL)Dj`+xQobN&1G6>^
zqhxJ@uo<yu4}*$Q11zmVQ}wX!w}@r*XY}y%+Xqh}GppCPh<u!RpgnbN+jb&RM4anV
z8YU+CTaJ_M#wq_#=y$(L81)J)me_+hkJ^1lM5gYG7GIZ47P$1td!?>RGU8l3kXk)&
zI8#<zsrWtzOofE2`e_v9v$@s98}jgln>Ei%L_Ts$`QQ5|3-#Tif77H|7x=$zQvIc$
ztVLZk+laLjB*H>=j9(M~Xv0c;hM!OzayaMO?{_Wd`cjQ0TNxX9t;z(osJl4X=2J=U
zZh?#R--^HRwtkc>J}*TOczr@AADEjA&xw=w+2b2~!W6Qw|0r^5`LpTzz!xeHoy&88
zvL~4sAG#z+Kwrf>RZs%B^CP-&cm&dD(F0&Ik&HR7lq(qXIviv<W%;)X)ql+O{&R(j
zTEVymp}vW>4~+p0V~}(OIGPMFHRg%3gq>`k!-8=rnz-+2!fT?H(FePT<;ke)aX9vF
zAQg@xH+W@E`X8W4_761eiDKOU8#EatiGpPuQLnu>g$V0S$qzY=8RU7@5=trpH*apr
z$2_p<jrj@55=MX9pIdq-3nXlRe!HkppXaIyxtZgWBPc!AAKDD-1ISea`0G$)S?AE)
zb3p23&RUs=38N*j#?wKRuFa2w{bRTpJMm0e?4~UT2-@NsUxGWov`|Se3+GhW$plqM
zP&u~svpDo>zF2CL?|cP%Eb1l`p>ez>10FBA*YFVc)D!UnEPgsU_a;ZaCTi+{!zjNY
zxUvT1O1L>zB97gFV<0$9J2QgHMj}vpTxN9I3V?sQi*~RBV#h!)pxAg|5kS<x6DX60
zLwE9HIu-qs^ue_?5hTRR)ebI7lq5zm&z49_?NU2`*hear%U3=BPwe!x?6$+`N9~k<
zW~Yl?;-mi4xVGKnuAgMNi~CUGd_>S$;<EglO?;aWo292QEh0_)0TWAH&x1`W_w_=K
z4?a(?u-(iz{s?i(PCzRel>e>9P7!-8_-{d<cjR>fU@YmSwIz>zKk<5dk|&Dl3dM3J
z??1jC+=5-ksSbc7Sgp@HL&*BOe*km9Glx;#z;3Izgq$D5`ra0&CSD824uSClXCRjt
zzN}&$;&TkWsa^`%bF*CBi}K39mv?!FPG8%~Yr$=JKs7Kh`d0$DMeilQB+*EE5sf73
z%t%sZpBc$%v$y1j<(KX2Ow;&lQ0r>Vjsz-km4Rbu&D}IfYQf(|@&WjbNz{RF3>36R
z#WD^0sD<{=@H-vpN6_$gKGH_)gMpU6Y5L0sc2_EdvTk<#qh9kToQmnnc>7WPYqcsF
zHHrDvK*>UR(zR1Y)N0h~ola&6NpFl$Yer5QIA<yFaNGy+E`1WXya856k9f6Lf%hfK
z#a*$l)gr#dH`qM!z$zSroN%fYFw@Wd<NQ0Xj-rU*HvDv3yTSL`0)irq(05d!1AGdd
z17WYoBgxv=C&wx}K`_WL08V*ZrO9AUM2m>k!Z+6iUds5Qe76NLOe~3FK8BlRu_+gX
zCmc*in3-nNQl*2?%t_ofTHC`N>U^yN!d+9?$!Q8-`;Xc?Z2d9h#Ef?5hk}BBQ}(-I
zh1x@n*|<Bx$ocwoB2&X&Y^|x4RnlYd`$VW_Fk<t$+a{{q<8>h`vqsJ*ef(D+b6Lnv
t95M8*r_dHOe@gpTi!K)+uJc#u`-4U96uN)-?AL8p#k2p)@b{zQ{{zu`_%8qe

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/rebar3_shell_end.png b/priv/.BUILD_images/rebar3_shell_end.png
new file mode 100644
index 0000000000000000000000000000000000000000..ccf350e03e2b016ecd9bc2b0395fdb1ee13e1223
GIT binary patch
literal 34875
zcmb@tcUV(P*!BxHRMb!eY!GRpf<&<ZQX(P(8x^quQi2pgiU?ALBq}JK0G6mU1re1J
zBE2ORs&wf@hytO75EDpmXJOfUe{VbIy}t9`T3lqUHS;_(^PBs*C+_SS^Ns7btrrs$
z+h}QV;+&Y+O01ZeIB4w};4cp&O@qb6Zi`u-Fu4%sJYSDTY3Zj;+uOPH+e}&OyOcHU
z4xJk<+Rr_IbsD8dDwFUPtj-U*XdCL?U;p`9(L=rC;`=sU#cs(n&sv~VY9u{G2Zh!=
zxC-N$)R><<f%6v!*R9vMcIesGq_V`8M1P#Ps2+zCHbVuo5F~3F$phmNJQiNWu|{%4
zV`1tm`MpHEkbx9186Y|*iXMaHH<DqZIm{)5sJ56w#Men3U#lD~b-bkr_<uH4BqZtL
zg)Dp>f0RrXErLCY){A&x5fdux%@$E0B9(*;9zABzUqrs-a`F1vokAuH$>3Is*b<D$
zcnwWgO{)WKDvy6XGY}~x5k=Gf!Uu)+ERiz|Ci>*?fev%Gxw$nzzNS1@5QCh9wYieD
zv|Q~QWPW{yQX-x|g|EX2i6WDM5@Ma4rihg8FT~I>dwq*@Hpd|a1$d-jpVwllnbzKl
z$=dQjrP_MlZoh=xQ<nsk(7UxExu_TjY>r4UP4XXvt)C+zYf+*YBzKey)q*2vTnad1
z>qxPd>$>GeuT>76DoUZOA0nwXIDH5*7`SVrU~T*^wh==JwLyn7kMH+}(Z=GO);GMW
zN^nNuWHp=H247eC?xFbE)FxsU6`U$^LiYtF2=X>k!Y_zP|L)3&^U%xuY!O<-2aEXr
zcpjROssF(_x<7Q`Dq;0$o4k>oT&I@eZtg@S23ar`zVE1CV_+Z7s5HTDv=Y5;BqrW&
zzw=C;yeM$vCJMhp1U7rCJ<kfa`@4@&NPFQ>uSkd&<m1n;?k=)le<;7@;!Nnq+R$@X
zJ`5$sjZ}JGm3ClU)HBn`=-ruyXDkZu?tdsg|LIR?=w*BoiHhSug@d9+b%X}Pw^pm6
z6OqA&z`w`Fw>aQs2`eUZQJRERbUA`SZv=MT`g1s0tDl*&mJ?R@P=$$~Rhd2FD2&Nu
zs@N#Fk5Z%WQ!K8c_=^2X%1B;SnY!fnw!x*wDXwYsCu0Ig?(eTRmKPOm#){6%Tj*Yy
zoG4%a!vOo&<1pQ@D#i9*xtqr%7!lP;^WPb_=qBk8og}C4!Rin^Yk%&`1iPL1r{Gna
ze#I^NYm~@7-tO#K=|Hg+F~4(oVMT(Sj7rq~Kewy@({13ktrvdAJz6SI)2<<{x8=FY
zulp2-4=Rr{POg#r^ZfPl*h*KnW{A=qN<oNWJpm)b?dQrF>Ae2c3Cfd~3@xQ4am{_2
zWxF^ODw*|auHuTZyL2sLZ~@9cFLM0nQSmHIS8KUopMc=a)(%((k9Y^SSQ5L@ZtR|b
zH%N@1{?{|>VA8z&atprC*;S1#Doh9l$!><ls$9Z3Xij4Z3ig!RIyoCP4A=kmigF)a
z?$8idE<QQ${q^8St3#nk1Kfx|TqD>|)JU#G&XXL-V^^eq2d(-b^>Ty!fa@E`b60oi
z1X!ins7{yjiIWt~F$1jCouSR4J!EXCtDAtSQfln5{`05gy!w4~1$YD3p_U9@G1S$e
zg4Fc#IQu8Zi-zKdn2I&`>(?G7XzyM<hFPLs8fgjLBYF!d`(_YrmS5zR0Hk4vbODd4
zW5TnLPVcssFMsFM(*a393?pvG4=KLZNU-}oVtBL#YJ+wk{)S}y?nLd6H94E)-8-JV
zhDThL$BskjN<R}>j7eeKOlVv21sMCkqBI$`{5$8xfN}iNYB{aq>-;mmk|`LXez4dC
zDdT#;I^*Q_&_6>RoEi$(VA7%UYVl<iv8H%g?@HCDMsuOg2GM-V#Fxifrwg+k9Ir!9
z=*^c3&ffXgI}m1tHit-Jc-aE?xX`E=!UsdA0}?@J@n}Mek~0Pa{7T;Yd)<!&U|O6#
zogE}CIk0Qc*5zM4Z`+UtO4zXXS7X;!%W1i`UUUDaD}jGKqZ$?eJ8iE6X-i*fdA{pc
zVn#Xwd75v&=J4+(PkdB)YzU;`?+Fa7@H<blw*HVarp9jY{@ta`B+GcaA4acqcS|98
zJp3&I0m+ZLW!xyC<?6>PiB<pg^g0mLwjpcpoO^1STsdB(IAefvdU^VWcRec34?LUA
zGW+MfbcES__JGO^2FYMy@T>idYb>~*pu*#uvGmc)`lwM{i#L%}6sr>6Pef=`0m<ny
z$3?KXARc>p2sh_i_h2`t6cxiwu3`N5yhe&BV~F<Nt}8{53hRD+{|hvw)m+#QU6n#M
z;I{qK__6ZXeTA!2wQoear$+tG+Er#0O{PJTgZRMa@*W?j=<pq@FFQTx^M|OBOQ8rJ
zx3X3-iXrE8WY|a9zKL<<A-8Riv9$vA0<Vfe?h{ncY7P3=Eow(S`_<v}fZ^p-et*9{
zR*#_V6~DKCO%L^B@am3p-L0X{31=Kq70Ug)=2cF!C?0p2aViy+=8*I9<)&nxApQ6c
z6+c#US3a$P-xiK?RXIKE%MERZi~kk8F+t|gy}a82@s9Vj1N#h;{<?H<mp3u%soCXz
z+wYrGZ=8`VO3>ohg{sgT!vrO<NduLwhbU1?{=w@>5)-;LsKdGyDJG|XPrOxiJOk`t
z<ezCeHFPg9!ct%HLc}=S%=0K0_{FS?4R<-#cv;C3%E~3wSe)WEh&|6X;@=;{$Q)v@
z4tQW6nJDPPQ-^?o<~SRoR%$Lh<B3Ya!yQM`@_NV*7OTw)Gw{in#Tc`~EYKB#IT@1B
zZGjlf3d_fp$NVeH1o3vP%<@=DrY_6LnRflh4TC57nl-mK`9<(jhgBlH>hH`$&CGm1
z*u!#SJ7%79=P3cw1x<f(M$MB&LPjNtVXTzs=l<`AV`9}eJzuK^j1bvhxooVh<qBRQ
zkM;alPn5*M*V;8?nf#NVz_^HRdH#F)PKf}f^Z)UddFeIg$yT*(;BwHrNX91aTsjo{
zXH*z&vOd?qCCc8C!wcZN`ZpT-4(=x>a+#Lhte(&Ryn+Udh&MS_LdICpYq`b&d%K2r
ze?Q>}Fs_8x_Q{C2wn!1zp?gX-!R~@@Yp4&&FeHLyGa_%(Uc@C(SA|kef>B=lv$bBD
zK3c19)n2+#;#2$2V>bPqwN>U6FhrqE<#3CNJpOvZJCCgTl!Ou6x=>g23hbVRoWWe`
z!;=%{1QNMEtjJBsrjUs%pns2XLmdZcUhN>#i}?LKbt=<O;o*vTTY*7=G2N*TKPOp~
zxAOtDPCm0jWgn23!)ApGgtk=_Q#0Q~h#aRvdj*QiDN6I-;P8Ao1tqQSkTzGZ=X4hA
z{_OIffn!^?H@fC9SFlbYe{G-jnvH*!)Pzu^2J;z8R+I;sKbsm#4s~_79VzI{H$7zR
zjan)Y{7r#b8NgH>BKTzb?n(RegrS*GXLR+KUwF~`8!xP6lTah7f*S$x#{}-(zo*WY
z`Y^mo$bU-}J&ffb9)n)UP`Zun2-|w-4+=oWfSj{V*s$%-46UH$Y8m_A-&#p)f`0?+
zT4mJQKg-x!W$Tsy;rfV>&#4_0vC?71{0<NXc?phK<aQz5%GEiaKp1Gh{uq09(LV^>
za)kAxDk=;<xjEAxA0e2A-Zp*&#v^UPK{(NpPyd<gR-M8{4haVBAVrh)va^p?L2=hN
zh|qfZ$hFFkUd0L+<SyRo4dCNeE8f5_+|@TQZUPg*IS1o9(U|FDK1)AHET$ynLwt+S
zrq(*Y_P`hncH(6=mAD||`uT^wdsV<eWUHh7AbSx-=WHoe7zl$KPxBpOnW)jMMSn$+
zfQ)}z?RKWfe~(MLQEgqw(tho0l~cYO40TF*Ds6IfIIn9OU0P$t(|jNz;G84YFQD40
z8z7s|pLO~8hVK##kg|J5eeAy0D|p8?$>9Nn+9OJdUs~%hO<KriFj9|^$Xj5-HlcQ#
zulRV|AXhtPkHxtBR$c_fZN{}721~?bm!Tr-M|>KHvFR|EoR7O&=RK71xN(>w)RVt`
zA^W+}l7IEm=1eFW+3dHYxU1?yQK2Ajp}4cSj*yDFGwl`vbFV%wESg7N($&2rcT`lF
z(eH7GHxZ~!OZb#W-zb6|l~A6XJz#uBD`6G<P5-^7M-%EF!Y=ICVksrtA__bbev<wn
zPps&TbMdEOOP*CBvoP`+$_t*mR*<qU8riIUWeashZ~gff+&-08aNVtiibbX^dSjFl
zt|eibHc(kA_n@A?C`<}U9)XMG34YAW@%Ds}Cttabk1Mol-&CoMpC+@{*c>va^(HAq
zl#S#kop;Av*l^4}vVyaIGi_AZUewhEW%5VIe5J|r6e6#u6m|)*rcLO%XoW|<Eqa;c
z$K&#>CMdR;jws$IST@QCc?98K4>c6M4#@}6w<}MQ8+N;z*{DPA6U-{rw()z1N+(wL
zgbm|Z;tFS?cR)ykRtt1(>(lR6#+=%XS6T(PDR@v0UpFgm7Vy?+4{YQJ7I)w-dw5ze
zE6Mqz)Kkd~3%QUaKj>l#kpXM2<U-swK--lj?O694JKuYL5q=UTF|GTIzro)4tkG|>
zhvBVJp5|Fzkq(o-#*W%vMU)Tfmq<}fqQJVy`er-DmGM97vlUjZ5mtRwA9a9fnnO`j
zFdDP*dv313fprrii?7vl^hRwqY<<ji2bg+ps@srm{gJ1l)dxe;XolOMz+*CL)G^RV
zXEQjoUsyt$hSB(eWP!3kx_*K3AU#To&Ja(qd-|Rk{SLP97kxz>Cx;e)qfYDd+zS_Q
z*+KfnwE9yB%~ELl)w4{nZ>3$6A2(RSG6Zf}hQK0OrWHC^T)UYVOWemSrX-jX)m8a%
z6aTq8b7ymnu3uB+v|u|W`!)PMUX}Mw@!&h0Uv{xy9?`pU6w;qfBAQu$YtuIFcBE|C
z@7&Pt3NH67gVt~PVMp;FmYac=;kF=!k6yr)nVwAuQ~E{~-b9EC^o8gx0W(<lx~bWn
ziGC_FfnuC;{fy+HE{3ca*A@tR0W@040(qHFPopn_41wJBIU$Gj(OI?51OK&udN(a=
z3m&#p^Yn2gCD8!Y+-6Hg8YoRG@~YHljKZqvbJ?p#kk5_Ua{T)tSe(`?L@IK1jZ|{0
zqst9&$)%vRpIrNA65Ov3p;v<oBd%mhj?~{6!Fyp=q0h4C-!D;fG)u6}GhA;i?L{=g
z14pMG!EsCFu`N_pwB4iHXYi6)A6|t90fb%X@LM>urW@%FchQbE62;d-QZ|y*6<bcV
zS<7@p5$*_1bn2~dKahU;39rD<_Lh>LX~?*+n*zRu+&Nr?JT3xnHu|<BIt7zf9P9L8
zr$vT?%v{<$y^tCaQrFtfPFofAG98VVf7BauN)24J+DLLgCEFLAW8|L0XvMBE<(dgI
zcVE?!IJ~e@TX{z6WK22dYcgc<oz(4M|DkyOi&dFS|1xAw$ZZmgT;2Sh8<Z$-)E3Dg
zqE(NO@$c~oJE$^*q;<YFq;Q<#{B)_H+YJpcmG<oWUEz~_O(xEc7wYGVygKjN)+PJ1
zHOHiDXDS--V9h-_@Mt=rsU-85)(xar`ef=NW(ZNu5U%B~92ntcOC8^DF1>vRg04|I
zr-Aisme`Pl+T?Of4OW5LWv`Dz<DJL*m2(D46wi2#y%%1IPy;h=&Z|-?-xZ(7kk#M7
z2nsDjJzS5L9eq`xs_5rdN_vF^T9GKv$YH+iE@;51L@wwYuFta%A6WMlY7>E)faxBg
zb6+s_b@dJ9ScQjd#`Z%!Hu{`eE7Cq%u{g_4U2Gdnd+0C0HM7vqL^y0nD)d)RM=tSs
z2lXxqQ`{3)ZuS2QykFyCw#GAwN*`V;|I1Xg*_!q|d)`r=W{+`Jb`>;-k)$$B%r+qs
z5lA*Uj!$IucCAx}X*x(dKtj`)A1l;TMh4VhmQEaGPYg;<HC;$sBo#2f>#yK2TnJmM
zqfan_)tqyj<=?HYZU@Vc$<Q6>V)>uMZ{a;3pz{vTS;f}5Yd<mbH5odV?6(E4Ry;(0
zu-VC-pGkvk!3<27`|#Qrp){;2V@tPnF^F>$TsiV~?nm!5xKF)=KqQ50SYxa^z)Li^
zWYb4|t@mNq610(UqQFK|PpPw>@!(xgSii)Q&-81BiF?!mn7Nlbn`zY&D$Wg^xJhwF
zr0QSU=ic~4oX6y8dQ($tUValk$slZjOq&bFf{|j1gpfhe@%y*VtmRy`!OL2;4F0w7
z90xs*Zh&-^;yiPQf}6k+&n-A-BbOMdkB9m0i#-$5xfqnx@$1XHa3m|QCB0tFxQ&~Y
zOmd25W|AwdW~ZeMkV{tc<}mQJrybTuz(xpTE_bc+<PiYt+;b7Dx`cWIMzhf5!#6D>
z=NU%&qs_FFke95whRa|Qv1&3#iRDNv3J39wR!%QI=rEd?HsVKgF{F>TECQVT2bX%^
z|M%A^N$k**5Vovnyx<`nZxA93?Hp$uevi@H;st)$OGzUhRE^hWPTKBXry@E@iRu=y
z)ICKUey9K(v5gcdoR1xcdV|%b!Sw4}gbX|gEfsk9v@}5^zVhLufI4UR3sBA-jBEG<
zC~eT4(vCWEse;@PFvlpvs}7HgwSW@wqssoDf5eGyQTgiEJ)9<nq2CTfC?^gMy6pHe
z%e1^7v^gUIf43grOS>p(wqIl~IFp1%nhXm%$I(N08=jgcUo_LcK+v*nVNsyjqE7Nu
zHfUDBA+2|E9%rLQG-!gwua4siF;=AQLZ`r`WmG}6I5#}*sDu@h?s@t^k5EFM98PD<
zv)3Z|T&~4gdT=5{<bluVl;4SqETRV5-BG)iip38a-`8&9GaA`kOJ2)hLH$X7QWa;l
z^4=Y3?Mh9i<b#`LgLrECidOttwy`X-N7&goc$C_eUFO$0r;r>fz|N`<Ocl32LVIPa
zO^c@8Lx@-Z@QNsMt?Sm7&&<PdK$m7uUJ{0{`a><w0JW$!u=TK7GD~^VifV&N=v5Oo
z0WNA=Pwf=74Nq=v9W+yRJYQdTpPa@-+fnQ}UzB>dC#AW{4r@ipj;>mDlE+yO5dHb`
z>nOFWT_|3P$D3$p?)F=c7^5n2AJ6TkERyxMcq{nzLyHu9wy7xkV24pgU}Wm)gS7G)
z=YgWYE_*@Xge@<sY7cj3di=DhFloe}gp{pDjzq4HXLp*n3dmFD5kl?Ive;lIlOmWI
zhG;^gJVd1&3=!6U=}S`<JQ#ljp~EYcp#&$q03rgN6#gig?rNeIv0|pd{R>Mb2-WDX
zYjR`d%r07b`F$DEPV-Q0%U*yTbe2j&QzF1OUYNGf&LQegAhZSEGTSZ2U+|xK@p3L{
ze41AV#gAWzIEO3qbA`LDqLp?97;dj_uyfa5TZO_sEElw!1`UE?pS1vVd1%Kny*jvS
zJ+>!=bF0z>Ad-^$>=zT;BzC@XkKE7<tHXa{dk?Dm-n@*zLxU^nXDNmk#?`BM_MYcj
z6<;ZH!r>Z3o0jp#iR4x;n&;1S;m0Y2Pv+*tkgP<3A;&%^_*)26B)4g_0{7QRRf(ZW
z^K966q3;vygT(3G!rTzf(FtNbxGWO|U3e?FG6DRYLmJ?ja#e5b6Qn<lk_t2`iG8%r
zl~}?fy-|}$VQX*0tZi;HE!s7DN9BkzOdZ=cS*gSO<hsT~^dTg{<LfIJ`gJMUDu<CE
zs0F(|ieq?ey8Kn5P);#00e-Cg{j|fC)rhk?5ocXTC0&Zoh~h%9yWq3pZr;%66LYXp
ze6Pn*;kZDt(RNyPmRHJ6N+!}<MlNxSLI}ZyxIH56TPt8EfM7$I$c8y^b<E!PmokOV
zN4vW|W+Oeki1AxK5BXc*Ox%%QH_dA-!Gd{=XO;cz14|q!s<l3%{mjU~6}~y;D>z;m
z?^pv3B91|yJ58~ZawM{VmP%fbuHCi0<O-|pJUm&35J%&!F8ZQY_nqc1Ky1GEVGn0#
z+y~D!FZh>tR#+~gH8yEFU|#>9G&7SUn_9i|o3TsLOiEPa+a871uO%Qia3N1}prC(G
z|JXuNlXW_{qk44}(OYth!o6Nv3{&S;NOvQ8349BF65m7X2PbUGgVCHgq1$1M0yE#w
zc$?ZK!6RW8b}D(9YDz9nt9C1~!B>DlEjYM;+I3$iB!Hw5H}!$?9^ncqoK8>t9?-sM
z@{J_AVvq-nTy#Vf&$OZzVREF-`zPP1h>rZ?oAhou?36gxkFFiJuZxTGY))@agjnvf
z@DAtr*yv|AsB*ma&Dh_*CUWOVeM>nqsL{M_!>j@)w3;1tw@3M=)VT4t6!VxJM>lj#
zheSS&2@o3)tnS1w1#4e(s?GJ$V_D#fo}9l&m}RFA5l=@dDg<??EEXbGPB4`Al6T)4
zK*Eyi&x?}y+sn->-U{~N&nzttBWAE|aZC*_37<~YX&9D88NvI=a#Y<E91vMvN<d5{
z;)l#CJ&0_q>kBu+hgQ+2kQLbXf)|4s=AC#~9+0@IKR|XqRM_#BdcF9eZ#Pn*!;a3C
zmJ{>r+b?LH;#Z|x(Ue@vQ^`~k2JQ9eW&gH{Nz~NFd2od}-3Hoh`~{&&KFX+ZPUDut
z?<6V~!S1)4#PV*NI`4QV`E9>%bEOc?^u;bmG{U4EKUA3s^{(V+K8+|LUg~aTSVdfc
z&$Ay)2n31^3P0)}A}>J?A;MoZ$vd@`=EfG$&JR>I`A!mFE0TL<xWOf`=!d<tm5nKm
zuv#ST);o?(7akhrMgrMX=%vtJFNxng&I!*6zfoI}{dJ{Z=VkZzj?|&h$;h?L=`dj;
z5ZTJ{Suw)J2NVTml4B{9-ojydwy>xrP(GtU=*OF#j!tpF%3&FFwQG<Qgf&HeqxYc(
z#!*m2{d>Pt>e4WrH#kc*1qMo1403U>)Om;OQ)*SHK}Kndf8ZW9nykYjaL9w)#vzFp
zkBJx?Fr6+_=^~F^ePyM7#TC9xg)4@dhr;Vr_CdYPk9bc7PM>sZWM{c*Rzo`*z+1qD
z9p(6U8&d)<LG_h7?VF1#-bT#icR^oUxy%q>JI!eX)eVSb_B)T{v|)&$$iDT-F*p4M
zFMSU=GsFcW`g4t8-)k9z>f5&B1Tu6dK;>jR)}lr3otGu;4>Xne2N`<_>I8d&Eu|Zg
zeVc;#VZ2W(648sf2x<-VcCuf@4DsYL7gfv60XjVAa;suA%X3bKNeUk@FV17bcRAyf
zj!B<1)+*&JlJD_=UD}gnzL~I(uN$@+DlJ4gw$rtb^Ew%XyrqK^-)^IqFmc0t4&$T1
zWNr8<pr-WB20DHf`E@pH2^{*YI@*ZIZ8<$_oXk3<aE_e&ayy!Tc1jiYh4=~4^`67$
zJgJL8Lg~Vt(S`^At^h_GZu}pvhhveROLw6!Ah^Hwh-&Spk@=d=u$BDvckVDvj*e<`
zjI?uRT&)pisXOWZea34A$j6JE?__mhrghVFX*T#PI6CsgGnER_N^!3TJYs)%NMs_^
zIkHRPl)Eu5(n#WRE>Nr#-nsuR?M>`FxSSVMvwcFqFgwBJ2q~KmoWF0)AB^ad$C9_z
zx1GB`j4$4b!6?_bpP)S0FuPk%0l7K?nLkk=AMYY8<z{Y!h>p|f+u&fzNg%c1X$OU<
zC!@OduSf}CUuCc--QVLfYWq!}`YBSgnJ?)vjWe^M$mlZ&K%}jT(-YBBbgy|c-{GMM
z8MH!Hk-*|8!2@F{@7Zh)0Q;c1YZ}Hak^|wHsov~Xj^tb>s&56UaS{df%mYCOrZAAE
zLF*B7oHOO{xc`YMF+;NpdTLLNqGJXWoOE)SmVrkfvwLaqUBVneW&(zy!?z?%6(YWe
z4T9Ne3x7k8{#DlL$C@OF@CfDkB4$U#BPH9w<<FfE+^O=2G(KwTgQA=E8C#xg=IAL$
z8*XcAj`K);4oRx%t_rME+k%RZdZD&;S*xL$0b0!}K&x^7ue6#`$#5B}nB&M;WZ83W
zpVe93bsal{%P}bdbp%(&gNm++B20;628$ECV?%jD#a#A4ve(Ac<np2U<}4Jx<<(R6
z<sb<8QuTBpqMBA9F!{O}o^rZzQ5k?>T^b&pJt@?uU#kptXfPCTZyDU;dXj*Ggcwq?
zE{rjvRmUg~WR<@;Y={&1aSkIZecm%!<Gq#ErwX%!aVIF|*#pK;bLtx%BChO)o}lQq
zf}0J!w3H_~`{V6wE<9>GlYXHx;brF9u4IK16CS)V3C9_!z`BPph+MW6{+Sm^`8%+`
zmk5CM&7Cj^Tu1lyDc2xb5q1seo|J;}b~KmXYPn_~t|PH?;XGum`KdBNyVXE3e)kA@
z%O_B2%>DsE%5ZtyabJLC#{AAU-&XOZdd^feiO25Q3jRb>pi=kaMi@X*a(U_C83q~}
z(CuU+%sOA?FQFYjdDTY3<3ySKNt6SP*>UBkY;zK6EsQThT2;wEMXtswJ@bNp$)*Rt
zUOdwDg*?Dyk-)37BBm}Fy+4{~G)a!N5y%^Tp;U~ihUxU(isDO^w+(I;Q3V?m9fmJu
zNFC3Tv}^dh(%o8b8GlgRUg*B1`7kp*XL*mqZ^))=(;i~det6Iwo(irUih3t<scqD`
z-it9<_3jS=1^y(UV*mkNl-F5JrmxE;P@CG7KH9NXJSpf!0#di7^V@GvMnE%FTw4}3
z=xH)O3~5g5=bYdQ3lX^!m4@#s9w7=wLlg`AKjRa!-YcXcbD0SOFqUh+@FMF4Ts87Z
z57Gh`_t@dUB4lQ|T$Rrd&rCsPw+b^O%g|-~70K4!3R6qs_m>hzZVKbx`#^3p%sI;5
z<}^7raggS+`^;KpP|{x4L3at6PDJ?IE}L<~0|@-{i_fAB424BR)VP$sI#~VGQu|II
z;=3>AtMJfQbWR@QfyzAXmx{RR1L(#+2pw}w;p2g)E2RLbN)BDJn(P|IRe8GoXLwhW
z`{y2d`?D@h<aeN^zOMM{U%omq;o~gZG-9if!OXZ77gTSYOPpcPq0C~wVA#d{+9V9O
zU*!l1SSh%|zeLk^H=B>>rhH%6UUt7JW^278$8yO-v6lqvKJqrE*4TafccN2M?g;S_
ziYYTDItx;ZFhS{>=zQS<1-n$F%C`~8H$Ysi2n^=IX?b^Ub-?kp;d^UTLQV(nq+Pds
zWtG-;@S)oDFZ|K5xVnr#TNPz?rAC&?FKN9mL%xHry|MNw`GMO;pcDDEj(n33Gb#FF
z0pJ^PDfdo^D^5+_G{9X2T>&sJ1361}JYExGK6qmx72$9oe|=>yO&5z#XJ1B&-LrSk
z>i2i48#DD#H0$D0+pwW?_~mf6Tq?(t2ICNbW5FnTM+C7@P<sT6Ja}uEUiw_`&@qmO
z+er`-jzvZ&bqG@<Q}9WL-HdJ!4Q08(5jx&z7tx7t<@op2O8Us5<)$4;Rtc$oI2`vf
zV)_N{`h&({nz-qN#`-4~IA7|68;LuJZ7>LAPU^hR&?fL9e-}}SQ5uS?&rD@H*blxL
zWTf?BD3b2;UIHEWO+el{s&uQ%?wF#m2Si`8_ALjre&-Zyp3n&{cMx{A8x8qu&P;Oi
z>Pw76_^mXdaMQRX+xauJ0K5%vc-}3c7%uHFkzW{)G~9x>F&M~KU-EeiI|99;Ut#S*
ztKyh6MZK|A!;h1}D22cc@T+vwGF%H@My<=4SVRH04sr;WF?lil&}Mr<PDoPuCQ!tw
zhu|D0d8uP5eHa{_((JD3N+wx;agMEsDy;~P8=q%y0HpmDmExdxYkwmS-l-ErcyYJ0
zW|i6Ba*wi9A*R=~b31vOr<)5)go}A|1lt(uE97)Sq#dM=q_}Md;u!&l!1<4=^Mp1A
z?`#gD4Rp6@HnBE4v<d=t3E#6_{E7vS{B9?fa$9LPI*(p2zc^|Ng$qsO*1bUHhP=t{
zrfm}eBFMr@ZaJOYcx#zw<N%%#uH*O_eA!q}&~83VUL5z|1#KYr9&O>Xx|yM*m4e#p
zV-c^cU;BUR2eP*tYFrG;0diMWF}?b0b&s7#RMgX-4AMt!kfE24gCC-R-6mg)tU7p(
zZ!8O$)PLFmnzXS`IK*F>e2RBC^5J3>FDeD~OYb42WEn+gd%!1MABUQZgccLE>$A5?
zfFBL>k10KRZILvB`JS8c6CQRfGY)pg7m9h-v20!s(%pMX3Ng<}P5%OSq%jqo>0=pP
zz<c82`(6vSW%2mmggYly{}&1mqJmg($Ir6Cb`J@uJI$vqHIRMI!tU%JGPcMkNU$fA
zL6!;;bj|ox%cH|&MpO#C4yc;79PHVQ6|gSkn0AYbJ4+|r__XobkGr&w{|z+=TkjjK
z7nWr`_|efMnvkoaB8U`)pk01Kjlxf;=@N=315mRCfSSGM08IF=wVW42|I%{62WtJ_
zoocfsN-wa7;xL~}l)Quk5;i=v7c%y1(h^kB`c^U=@lteG&+Rn9d)O&EI&#q1i=V_4
zQ;v>QW2#i_h~$wjJBL*;RRjDj>n+QE0}j1=hkgqj034Hp4!7C#a$MVs{7vW6|4YDW
z*azvBwE3Rm&Q7a2P==d1x3%0ltry#nolHGQQ=m{CBa0S={~%7fv#a02Gso~afP;kD
zZXrbX>T|+ze-8-*+~kn5(FNy`@q$k2a%3ET*CNA<f6{_;B+G9=@Pn*tPxpODzazW@
zG+`YNs5ka(0c$+AbbxIOei1+lv)u2jxB?Ot<GNFn0M{eMPLgw^iub^){&RKeC-LO;
z2-KVy!`f(Q1$9?cd2aC9t<BaGMTjrV@H&Rv<Ag<Hd~(!_ke*9|-Vx~{<u6$IbivRf
zO=0+uEG%KcV{|VoqaUJ+D2K+T=YZb52{Q&DQ?N_OqCfZwH8-X(uO~dohr#^Ktwn{A
zFp>N>>QPW4CTsU&x!n-6>4I2%BJpx2v%Jsv!?VcuoNF$GS5r6224%StbSIwLJYZ5f
z;kFq&es;ISsdV?s1osG=s*t*!+aLs%@wekKDHD18TW{Eo+<vRi@5N<-8paFU>;9PU
zE$S_$Mg3V1A%5w0#4RTL`I|esmKxo5uyVdL-za!RzBve~t`%~u&V8uaZRRoxdg_#3
zbs@Q;ZLoIZ+?I*7soDQTH<BEC!I~yk_+(hfBz6}wKI63YETsBApb2qhL<XEzaOF59
z{nN>xqK+_&FXteVuabx0R$-M^Jnd3=ma(}Uc_8Qr_v7L|yYmg>kP@)kE5DJ$d!1zd
z)lgs#2)|9WgyRh#eOh9-lKLm)zK7XA?9Vx_v|)`UXHF*cDgV;dh5gK*m8jPW_g2*1
zKJgo4U^<$z<eQLf*MT}su=K41+L{A5`PWbVYTq9n=at8G()oI0tLA=u4Klwih~LOF
zh{tqld|`PqwkzUEspUmW4wMSA9sIn|X=xQM7TEg3=0&mn&_EDl17-X7Pl-ZP`suQ-
zcelgtUNLeJUW<SIS|B+Dj^Hc80|+NeUTyB+Tx(46NH<=136kM@PC76xhtN{TV^7Lq
zf4r*#Z#s%?b2m2n2`?{=f5D53o;pm)d*EQyS;Ri6f-~RFW&SrcsOJI8HK;vNXt`WS
zTJ;sDhbkot5IfAJ{0kAamD`|xh(puz-w+I$b>lfVjtaY-Pj+ppVW$aAF<mpdM{!)Y
zo)=4+I8D*@i2_7<>}ig!HyVfkBGRupF5Ys3wehm)#HU2(V!m3Np^n1yur&C#`;22k
zzXYIxR_@t2|Im;NcMm6FGqaB=RV0mB!ST_;8(;7EWJkjR!<AQ!%8|W0Yb1OBu0aLv
zz8rI3?IB(%UU07mKe?&Z+{dJA#VMW!Aw~>scM~31_#p+TuAvj~bz9g~3L7g?xK$sl
zw$>Heby3*wwEvQ}V=3q%L!Ty(C^~(rHs|^^X6*fXrkU6vygu$D5Z`<?HT)8wH{Jq0
z3f^o)#zUIN-iS^DvYV<yzwj|kgUj)SE=dK>!&k0f^EaoQYCxwPER^`+uK)uk#unp`
zxZPPcIKwC`^ts;=_)9+!T!tG#$FKSwv#H&#Xsf50htN@F`tE(!s$I#TE!&_r?@!P@
zB9L(jsS^<#GRe#-r*B(D+tz2gCCDMAR&&7)o&~SS7piPazGXQ#$Xu-xQij<2HQ_#C
z+Fe=`VhJlVawtqVw`!SDi1B8NGWjF>ke*XY^Oa6JN&kO93Q>&Kuaf}=X3qiG;C5j4
zoPW^b|KZt5tnWI%sHuhcmS|vjLhit2n1ItQ2XJ`Z3QsGG3pTjz<A8SQO78lGf<bO<
z|8^se_PY)>m;d4Q^HOaSp#H$Lz;z3@2c4B5lb2E!n}E%D$Bcp->`)mWk>taR{LLjm
z^P=l<Xk+2$ujfRs6^Ffkr1=nR&-tpenxC>)PDGVgGi@uxbvoxXnm_52tNJemg9J+)
ziHk4q0rAU29B=mFXLniGfMy0iWA1T2hLSOwhjbzZvUEbo%k;&CtmDHtPd(`CQi*yp
zwG25tugcwVw2-_Ilt!k^<G&YTSI&4QnN^r{-O7~Z*1lW86BFb)0{)e43<GR*WYMJd
zTUIkL>lwCjTgo@%yBZ|J&s<$x30QIHr~Z*x=9VRvQ>>nrkN(ag4xq5)>ZF4KvssGg
zUBLgiebgM6h{_#B33KBQqWhYi!PR@lC!X=E#?2=p5jz16$XX|l{cWN-p0(zGxb|(p
zADoLcJ1I{KUe6&q8Hf!0Y20mhF|@S=iP@kDaCXf`r}<XQZkc6GS>lDLE6^CaT&3zd
zalU~`JRi5oL{xjUD;Y&=HYfHdOtcN&e17;An@$SNTZ2Aj<}P|Yn%_IRg^GcweCc9g
zct(+y<M^?Nidd(?FeYlQUC8JOgKxA+l_|H@d71mokuNtd$V|pu-hG$TH5ck#$Cqqu
z^I3wIZC}P5%T6}b6<DU9J_g}5E^ze}k+3r}CP1$kN=HaLY{Cfw_dyIDcmc1kqwA;M
z1%yOKL!A*@t0NUB+K>nEUkwu=FmkQq<u%%I|Fwa|!TGsD&PV0edG%l~_|I?pU(*A%
zX;U%g{g5vV=%Pvc->#KweSf=FHaNXo!GU!;Z&2aX?2h(%iypk;^hGFBV5A8fQN2vu
zeH`j8`JI?*m31%l&cfI_8@P9BH!gj{K=OdH`wnWEo!}*9F^sIKr7#UgC`y=8a*DY5
z<*JuWU%Kr(!oyBaK;B*3g_9p`tGT$KUjVz#_eM(Tnt|QV(;|V*1@APUO46uCCP$7?
zM&%D!<8fojSwedbPPlJ`_>^660(%PR%*a)VDwj52B)#iZnj@IKtKaQt@E__q7b3L<
zbL#35;vFr&7JP-&RI3zEhl2lLM{%TU@g>U!^PQigo_O(|qQ5#J1*Z4vcdj_v?tBir
z5Oa!}S^qy5brOb3xf>Iyi!HSI7Pr&$a{B36Utob7b18I&x-gXf0D8TVpc|8vjH4KC
z6&P_eD}?*J_Fds0Zn*U`M?qSyByk+fj@fozzm8mMeR*d1m$$^*=D^v8U6Tb?Uze4M
zJfmw0EB`Legj#+shQtj(m{de-;i*E9lahKB$gV)keSOXkW;Qw0ZEq?1LSck>d;cu7
zM|+^Gy(seSpy%xWyEwsAk!Py_Y9s<HQoST<G3q;5<{u3@$OX0P_5@1W@XH-@C6=dw
zq1P(%&ho7BxA0_$P45It@^W5v$_5mY%*x%p;Y_Q!g5*!7L9*ekY}EygJ4~=w*Si@9
zhE*XX;SFpOc1JtfO-I4&x1M5GxDB4#o-}N=7pOh_N0|X5>|W7e_C1LIqCPQ8F^Hxv
zh;h#D@ehh*H0PMk+D3+MF0K6!Yc=TSS{<e3dZ)dNuU2E%6vpxU3sjEy?q5-wN%8eG
zAb5`WTi7<7Tzw++%H=EuyenDv=~kGw{f9hN2y)+Eo@6evRWS`Ua5ro96Q*?qNL(8`
z#htW^QWmI)v=v0yq=(h7$Bmyq2Xuog*md3Oj4LO6=F+&0Ux3mH(dkw0|Fv-NJ>RNg
zaBICU$Nub&ZF(F^ozn8YY2xN)Y}*Sj*ojGNL~ZDJ@fPs@Lu2~i_Nj2*)#Do)TWIxs
z20cgH#(N`yw4r1B5Y!hnnTtq<zZ6`m2z}E3e-uQ_<XHOl4R@`|$~@cV)#b>}Qj7kL
z;|Gv^*Et3USuXgZ=MTte=11-jO{1B|Gl+$Ji`XM7M0oM(r;>`O4N7LdN!jn34qsIT
zq)WT($K9AWh+%#-X~_6d<HVH2R?sWwRDL`LY3ST?U<ugG{@nKcQ^)vVPpDbB^k<i!
zTC>(7lJgcGmV8VYq7U_rS$~u)vw0Zmjhd7k#hajCy1+A)0>|utdj3{{>wLmnpp+5d
zmkn{1{J192_tU(3zcbMajP$tv2HBVF+t*I&Olpd!8O>zk57H!>Bz$gCFup6@Gy1K8
z^29(uLD8HNcXko<)<ROSz1&I=ojk~fW@iV1yD^Vol8eh04qL#&!PS_oq*&-KU9a6S
zSlE?-2e#MCv$*W<T7=UDYS+9v!~RbxqUGlQvG{eJo9u8t_j8xtN9__$F|wftHyQ6O
z<=g=VefX}Q8}rTK4AqDkRb*(M$l`muIs-dse*G_2fIZo*U@}}k`=6!s*CLsc|M#(i
z=>L4Z9VIfz?X(TbnBr6WjBtXij0K;nN!tzU`fR^_ecZ_cv70|BIpMF24dW-Zs2Q+a
zcI=3RB?XhpH(ND5k$)F&{nag#XDU#<moR~R;w5}-1c)#iIeT1r)Hf&68~$w6dqS5Q
z*>uJZuOua0B**DZuB9<ha$4w}y`GF=ZnaE#^viVN{rN{YA6P@%RG2PIOnO#%HXf=I
z#_J`*0{HBSgBh2z`I4U&LO0>RQlt#FudJNvVOZVN5Z!8@N-Ai|Ry~T;;St-Q5~buF
z@uRzqf!+Nn#q*rDTBx3IHhzM$BVsQUwtoyJ`rykio5<C_wcyxrNfZ)r52uN^y}c3n
z?9b=BLR_s}s3v=5I|mS3JP5w0&t@uuzoTF<@OB4WGL3{^1v?1_cmS}BemEv|b)H&|
z!Yb{~-1qs_9v#38YA!Pw|BrWc?V_0Q^AjVrMP{!=3LYv`#glEes>So!an0t@<eMPH
z$haH9A*9jd$PHg(%m*PInSAnrblu`@$otquiFu^1Xr}t=fd1xMn@FGr<Dw|b(X4{9
zg*{rFOS4yGr>1Y0PUJG$s;`cFD$V0V-4<Ea$X>1^QTcwA4L?6_3a~hJCL>i6QL=3>
zH?C+pt>)Qmb(hvAN=SlEHXIY8OXF12K=H@RUOn6KufheOV+UI{ouk@BBU<D?;ur22
zuQR?)nbz6$IBGuqFN}Y`e`+~nmSW2%3d^cd=#Y#7btOD6#2;oN@xakmzU_=6P{~1q
zDX1;5=`bXRCW~UV7WpTEca}CBeOC}R)=Y%-=Y2+j4meMW0jDPrX9qV}E$9Vp83y}7
z-$W!7Wq$>K0lkB-rhreMMDBrgQaK7`n%gZn_M;Otr|aI*Ar*8tL)-|a$2^l-f$-k=
z`G`z_P>qStM&3Hftr)^av{2@!8_oL=Bq3<g7Rzc8m~hQk(2FEzK=jg%VVWBtIfCnT
zmv+3fCOETT1dZAw`^~FFtAa80!>@=BiZ*2lH9g0nQICi>YO~y4E6yk+iC%9pE3_C1
zbn{c_aor6+>v-TdIw)F5={tYMY`@CcW4|%&&gmUMIVAj1^@z2`TVENmnCpO(l~`Kj
zNZxG1-+VtlWycRO?bnjMe_3uT5?zkaUYEDE6f9)ehqm;uifnk8Cy7u(!Iq@a$J?AI
zVkYA=&ST~F>|J<?{2=@h$MP)0=dk0NYBv;OvZn#H;6)8iH{7gK-nt%Hsn22?Y+`E@
z57G7j2L=)R^@92>C3e0qNkt9ZP(k0~%EIh1&^cj?u;&EteB0tQ(njABP$j}f!*wR=
z>jD~n^w@G+m0*ybj)PcXBH}6Au4g(IFPh-@x?*~p9def{%es~eE>}fhT;-x|KH88h
zHv$bbeiN0D(c9XUQaWK|e|wlcY{RPDEt=t{_ndz)ioEMY9A_P!u9$wtdr*W=p6+3z
zV(IB=3hm%>a}0@%+Mwl{w=x9CsnS&-J-c7-l9!isodO@IlL~fLFS}#QG$^jm=b=N_
zv5ADGgAZn6oi_Y!k2PNW;j@YG#nZ{)2Q0xtMdwY9TA{0Wp*VR<(jdjI^Ygs&Y^$Rn
z7h)tiEVz>PHM>*zS0n1+m`4ztVCds8TRGy#vNGypRr$JEwpZ7kyjkw{J}jVzHo<zI
zAP#~~sR$O23HtJizfrAsH=jUJ`Ldm$fe|1TRYh;~>F!ND<IT7ES5csOmU=!+9uD|w
zc+jWFZJe-7<B)c7kvUDeJeU1+MD&!ezN9mM>42d0HY0FrM^{?uL|$P7*K^#{d}=%A
z)`u?S`H-x<9!$ev4fCq-Eb=+og%6T#g%ZYQB}PmTg4eHALX0-tHeq(yXXm~*K7g<m
zd$jBJ{boFaC+*i~&)I45?U%$sc+SrYaN+ze&zN!5(@J7~auc%q%96O_9^vkr^_=-$
z76yvk8;JT8KASsUkWGB-Bo@(Xaop~VA&xaTLOi<G6J%NFa3vGOEl(K&8+$>RT_;)S
z#OxlLVlKG=Th<Qa`eAJ+intZdD|+q_IN%O-h`36~JzRx<#5=*Q6oicdJ$yqSXyI^5
z_5+^z$|e8l#3>X%{RiwyN0CE%naN$Rx^&%?WY-QR`#oZNDq?HlVlz>+TfV2%RNgrs
zlsI~PuW?SuR)c$*Or#3Zvi@c9Ioy@OdZ*8cTYh%lBdrL*Js{OmX=2QC80h5$MIyR)
zmUo1j<8u)C67T4LWxvogCGmwoq1<Y8n;?e<&M1yOEZcCkK|2=hIg^qB_SZRx(>stF
zbdx@4>T^rhoZfS}yHu=K*veEcJe_9oQU0fqx7!r_{!vjZe6h95Kc*Rv*n4!~V?|k%
zRZ$6QA8!lT>5H#Ejm?l5c<#QVT`A43@;;@+RwAMd`f`U^2{ct}sW2}I+^1kvy2UPg
zY~|t3XJG|cn8?YUfgOWQ9g7Td8+VlFhLpfSL(u1=15i*O=<}Q(V8u9e3>j=0FeO2$
zN4klW;Y|ZlsLI7PKOimsJz>3w^@XtLv54(nn2@f!eAOxJ;Ot7bN-1EjTbS9_smQdN
z#9X?6^Ln~)b}9{Fu|FkS*|WJ)kBn(=>Pk+O;M{tVw5~)XbKvII<M?+%232y1L#yDN
zmzk_wUi`j5c8IY0@k1VqL-+4ePnE5k`DvYrJFzovvW?lZb6J=1p<hftR&>Q6qo?kU
z;1korcrIoh#3(K#M^p9)MsUZPl5?}8jBh)H6YGWiYrOiHN)D2{1YbPw9v*g`{E)W7
z!<JKRwe7KNlE1dpx~o8{rMnpX$cscGFU+%3Cm6~p!!Wt6&|zA*pqu;H)7!Tv&(I*!
zP5}64xQ;t=60TDsj~Y+%>E&u9!W~2!<L=%;=QxHx?*+WK!!6NAK;ZfKioD8%0^xGf
z`3!$rLr?~7^Usb8KrA&UF#Plz=4#u{k#CNFGD40EAgs_b`KKbCZ-?b_0JNE4W2ck3
z9(3E4?FEc#QufvBpQbdY>5KcCsdi-lCrR0g7ndgK))`3E48gQAV;=?z7wt`$w-6nq
zQDsTL`%p=g3TQty)oMq(Y1TQvbe{}I!mEtwHe1T4o2%&L4|P#86^~Y_@XRTxkuP|<
zN8>`6x+Din!({_<A#4p?3|zP<8BqcE8Mk9!7gXKM&DW@%13Lvif`^0y=l#^|CL(~I
zLniHOMCjn61Xz@h;9Da4!1w~h4_1x{<wqj|;U8gws^H=p2?UoPrKbkFCHTC!8!^c@
z0TU}-v@$-KH_d!sxfA@ka~iVGbaJP%>D;U4hz8!lXG9kDfW!c(%#x!$OgjVQ%z+(5
z3ZB|XJ-=x#e`I`7V@z~h;&Aha({!KBV4GUt0Bx%f;uj#KQ$gXP*Ev-aClEMV7*bF}
zJ;k4I$+_{N4f-B`11>!vlswD51RpV)nT2^A@{6K@W&ZTo4pG1_4|6>7EcAfY-3RF6
z!?U@jNM;JZgjsvAvG|}+&kl5Kl05yblM7k^A2-BR@NXF-0b?_Jm=nK#2b~5SI&Nty
zb(T5)I9n#(O0Vt-1{jjy0R-zLXRhcq&(L++K;ce)b*V6l7bAtjXyf13>pa6-wE6N2
zeW^1>Zabt`07qh5PO?%zfS3>d5(HR;i&LS+IyWs4?!3{=g^9m%SC1Mc93$u6-u|Yo
z&xipS)Vk!zwHjT;qS7CarU%b+5;Ee!9GkF(YxFyRAH-Fjy!Jm_w=_+NI(sIwUt0%^
zhh9ITL_}DhVbz|dhdx_P<tywqAVR-U9gS)bpXy4Ht@dO3_>;hr0!kZ!sd5t5b~bkj
zs!0M;YgL$NqihGTqGl*Uj{(vZ@|(Dy%pd8BmHzeA%T0fm$b@&2dep$c9*LDoblcTT
zhDPS_*eAFi{D@8{N;C*2PD?!zkYhY4(^S-kEK#OFUG(E#pR%`gpf{WjiPXlBLIsEG
zCX~Mf9$9m}BbSVxIwNE}>DX?Y1T_y5>T%qf{}X=~j942(^n~Hj{KyYLT1b@AZX(B~
zg@O8qaWz%iwAjF7Y1=9ILp^+(h=yU>%4I{)79K3|!8*VP{cz+iHel}ei7hPl*NH8q
zmQv)!E;NSWv?=P&&Xysf57-oG?%EUDFeU?oUITM#lAp4yKN#M|>s$r3)(Muxzfn=E
zibcV7CwM+R%})VaBmmwIgd?!xj?tUH4r}p#%y9FnA0UmcE;e19=-MA5yv_eU1vVON
zKN{nz8;^Pomnn2pLCV47I{?BDmY(LB-wa1=(lao=jL-1dg=kT80A8f)*FI~|E~Pty
zyq3esWyY3HNbCnrcRe_A<4L+jXENZEMvD}-BU@tc@FAYE=4vp7dpAxW*8kfmJ)*R5
z@79(V;CJ_aVER1QM2Zo*NEvM=%+q;;l_Q=2a_ct@nBoN2Zh|2cy&@|^1dB3;Q-R2P
zIoWF&1pA`voe^bF*T~FLUIB&Lp;&Hp3|WFZjJSP9eIV7TanV?ac%yw05gAKUkzmsZ
ztf-o+cG`h4n^bwZ6pdhiEaL%S{WYn;JQw7)&Ok_Q93#=)5Ra96pal_zxVF>#K6YM0
zBsSaf4s%~Gjt*ECnGBy)>C8SM{IO`=WkHlT2mw`R3hIDq6!TSdMYxwa=36}}rpPn;
z0+mVecRGel$@c3^20Mrx`3*d`5s_EX_){cuc>f}@5SBbIROqW0zJg`TjvTh)0q(?M
z<kmudJb|&plyVI3#V-QvNU3F{rV;HNGn;DZ;;oR_rZ#3hDn#u>GMeu5UK^@jaOU%_
z*NOa^)`IqaM4;@nuCiXxd5R_HeZ}F{H@NewXy<2w^k%a+hKVWk-Mg0OJ2HSQGD2@0
zO&op@1|Lx8JQFkfB2n{gn#MK*2ka^19}cyc)0ZPC=Z&A?D$IkjheXwa{-xjn>2l3A
z1B2vnz>IX(iI`re;+c>?h9_hIl`08ewEr{q!wHfP6md_eTJc8f$QSx0S3xaejw3!`
zO_kV#bQgK$2;Pu5i}=?WY6Ox`-Gbp$n)8^RD|<#$;EsY(dMR>$1GpO=;vtM(v`(l$
z1NKk)Li}R9tPegFAlYM`uuNxqp{<vwh4XTgcHkKesA*?1%U%5HxW>D<rOHSO584TP
zp>$n1$ZZ+af5(HB5D!~@jWh5J6#PZ}AW)Dd*{VaH0Ah)A8?ADcJobxN?Q!0eR_98I
zHnZj8;M2ajybsoEa_NsAXg?r+)}mO}ZrRNPRXAu(91*z7j6QJmIF8V@)-|S6Ek(Xh
z)>Y{HT4e`Q-Xr(90$a`dY0u+VyO<Wb9dfR8)7NYie!*`weCiXqCFVj1@`;)tdjwVl
zld>^z34*6*Eu(m6B`;6uZG_{B%oQRQS!{w86#=I-Q|~COR6?|yai{Na<I24`w-Emy
zL7b!dzW{ObiDn}B{naQTl|U&cv+Zbuo5`W)pH;^T3$l{VoJIRAvi7I)ODUO%=Zcdo
zhZpffhllO}omJQs@caylD0?g~;M)&&B?211Q%@bNx6b(BTGHSO?8bQ5#||ZN3bZ@R
zqi3+E3+m;2O5i9`fj##$zI4~g<5BfkBy*NGm<@dttQfQS#k|oLk8lVPpI291=K_%B
z7|aJr?*0MVy!~G^-ZCgCofm$IVb~eC2f+_NejNT6ejn4jt{nYJKv&yT*D3NUZZh8e
ze@WwA;Qu9!pQlAJo7IJw(3g8b81c4szK^=8uY$<o4%0HQ4&j>W8F>z2b?cT95daKD
zJ&<ikw;Gj!Q&I$#nw<_=FH8dw%ZKY+Pn6qlIL;xzI1G=ApUf?P?kWCC@PJ}^!sMAn
zQ<}2is3>cxYt5OGivz4S>trMXu&6Q4rxMisg5Jn6u^!-wT&rjMG?ehpAGbYBj5;6l
zQngZvIad<TjCq*5mXC6O;d!>xqV~gk?vm2$fPn^wBmtMIQb6<(cx-Ag*WERy`NCg<
z$G9z6IpVjx^Lt)6wo7$+|6+??<%#GX<LNTNUp##`(!vb<#YA`c@=3as{P$e5nfl5*
zOmEiz)7!g%Gx<3D|D-<ZqpYY@ViD2FIuf!uh9pTPIm|H?5;BL`rc@4L4%JdIrE|(D
zr?9CohmdkUt(rN_jLl}}{qLzh-_P^?exK+0J<soV{kyuZ>guxY=H9*6-luyxb;*DZ
z#|Y&)wN{FfQg8JmI#Jlwd}(^cQ_Q={$6%%9BmRwjvpd`P+krR1P4lGvVo3B(eN%Ke
zHCFg}6>!egiCuao#>NIlgO?S;FA?1Cfj`WaQvtKI)o1&=jX#*j2mhcfB)XInO_ii+
z_M;g;k=*QgccJz_0$nZ~gMps#$?zI2b^x%2@)%_;D#1D$sWe9ukRsk!4pKgtC7GKL
zj6Q2*&J1>MWnU?NB^=aV(URC;ppvk-BwnlAzEF*OoG^zU#B4_h8)uD{kp$b5vYw+X
zf$}IdYlCZyYmOQ;U%Zu{4^@fpEiOYq)xe=>-kA(0-4xce=jiJiB^sH-in+%Aii;hF
z`v|P_*o=AqeV7q=i@JWVV$|nIB&Lqn0fuy!Q&+xX=-It)PXx^i6It<t<c>4G;+EK+
z6A3>yU%*mGImVN?Cisd?5ODiW$-XdEeYhbGA8d#woxywrv^*P_7m6-Udn9nhv*U%i
zL+O+;$!X%oHt~F#)tM*}@Dj@_L`sB1%G92ppK{bOc4eAn7xipaPq@l-mR&USC;88i
zAcx)rIW_#FBRFi9SlfT?FK;%>5(suZ14@E`ec~eNT~=1u2AS&PyjG0>(p{9c6vdpW
zm&nUaCpmpoD+*1+D}|9|q9xj2wp!4{RpgMMZ`g5rJ@~MG`1rF4&+0zHu3Wque#RMg
zv8#0Y3LYxir1%1dMp2_y!$QTmScdDawQb)w`^+Vn{U1X*`EQW^34HwDLHcCdeD)PV
z%WD=Zg(RT$ph!RDxz_bM<Cz>{T6+4<5k}ZPdWV`*Dz<1&A<b&)jop2@i&;cvOWyu_
zz+1(f0*S2n%j;EQD;I06i<&r-sb@4t0yW(R1rUv$ri>`qIJS&A0j)TlFZm|csG|h5
z6pXP{&S#~7&7qn=?7c6t+s?d^>0~t5miIrv^p(t2QpP_tA95#xuUm)IfW6GqqyC_1
z?u{R@E+Y?3K=t;W`8-sz^eyzyiu8B4$WD?qNQqk!0m+==!xZ3AXp`H-#x=7Rjn>zG
z@9g{=LHzHcx#}!qqrEthvv&663LZJgP-48BQ49@*z3a^&vfOepux&%b;xr;D8Y(f-
zo0nuWK%^<>m?QXh73B$Vsl{DM6Dbc+!eKM9`UMjAY=07oOA%OH9Njcer5S$SU=qV)
zf&z2xo?A=3WNS2by*j1=YAflocv^}-5Q(^zg8D%eM{-tHj0PB<l^A`e_e8h~MVT6_
z@VbQB(?O)?CZnDF5x9)IM+;+pOrRu#RfiOwvYZ8H!+5M<ec+&aRu{Ej#M!a&+n8?*
z@eqwK#PjgB6{Y0QVWSx4Z12rpr5VBKZIwr_MN7p&d-ti1{B9h^{%RZ!wrx28Cv-<t
zCNJ0enM^Y+hWUXj(Y$wzdDgQ{?=fb}4vvnhn4UhJycgL^jzQrZf7p=<YA{NVe|$}X
ztjFdR_<Uej;_lf87nS{BtWs-ah2c%~DDH&RHt-PHSaOy{rd*w8=q?;*1nbFrt1*_g
zCBK~B0!QD8jx*k%0bWU=)G?2B;0~i!x*K{ZC0jS?9A31UNqk^m2n1p;eZDtI)px_a
zCDvVNZ|>ow6~vncED;Yt^mAX!_ZnY`ke!3QafWEntCo49-yYSVMCyE)Gzg|mu-70l
ze6JqHX&v2tuadiAO|uHFMSTSzZkR4+B=Bs53e$B!=K=^2u1g^aH|q(t1+A?3*@DDm
zi9UFg<NOTn|7<W4CNa5+-px_R@mmgL&_h$~!RPVcxwtV0j?fj@i%9Vx3;2+|m;s#)
zm``LneeF7VMZ4XXlX0*Ux&;H3k3pY=vHd!8;7qKb;=t~)K4MytgXLr5kU9fwAlb}o
z9Xxe3Yasrb+fB#1Bzq0amlF4Vc7+uD+yk{={Chj?4`4-MbWFdg#iBvu7CiIFg7mzU
zqV!P4b|;WiD+ojup+0Y<KN+ss)Msm;xmR)ih5TUAXc<1rhC$23y?dGqnAYm*r{^v4
z^iZcCekSA1Mzs0>ddb1yhVTMqiXY5`n0y^A;cET(dJ|$O8O9*jmRdK?w(<D~LjVRo
zq3mjvn((lS-y=I&N?{c6-(?4M_`n4rvUKL_emFv$$r`dIt}|pDegKb_Op57YPjJcP
ztEv*daDvirBsq1K2`;mva>SX;8KHMI1+<kox$golyFQ+iRl|Sg5_TU#Y~*$npag2|
zJ48>a$4i^PD+>Bo^H_$(z;h)zSG6X%JIs)P4C*bOYZ{F(zqn+F_sOd-%&LL?6T9XG
zTm0Z^+CxvZM`6s9O8+V<(?It#Ikwya<8R52qZ^yS>N`(e#R}FDZW*0XG3E|>#7FcZ
zJ%^N0_ewX?>F*UU-?qvzCU`8GiT)}eX{9>A2#>hQ{c?wT%BhJzLv95R`_YdR!bM@j
z#8s~(JCU-ky5ME+5WCc0H+}D5zcQ8F;90eUsCSd=iBaOf5VdT~ULIpuY`h;cPQ1Oo
z%9o_afA!$>SkF7pY}Hs)keVhhSFI6Lbooa66^y;WGM11nb`)@;dsfwb{bRVt6kRns
zx^XMT8Qd4Pl9?lQ*tg7oe1b}ii;Nbcue{o4>k}z-C4#Mf08#$HP_8t}uTZDIRidPI
zf89CB70!;Eget)18PAFvgWW1jkvk0D5_Rcn`<yINc48^WVj&R+=0K$<$RT1Ls*9m}
zufL{?Tf~KJAi|?lB5kL@;MF%<_nyb_-hHe0e>&uI85RD<iu9%6laqK2?Ytg1d<rF0
z=$1Jh_H|3u*Hyjd{G}5W<#DsSw!{G5qWK7!Vt4?<384^L8i?WI<Oi5%OtPBDz=YUY
zziw}Uik96X%FC;PC7<)b>{S7K*w#L-ym7bd`U<9@M_g)J-2|4oQ3Hl~oa^E3JNUU`
z)no0Agqu_JWZs;J){bwkZjF)~)flN6PdZJDePK4NT}fSk_zR0-f3^W<uV?VeN|$K6
zQg8relV$lg8Tg%6^cQGC1BSLlK5y(+JF|8%eo{_Pb}}uh2&BRt1YSM8^3s#ygJymA
zegncpyikP>HpDNguYVW@C2V*kR4OfBp6|f;9{v8ggs?G8PHlRUypPsv(S8ndrP8#j
ztY9$AMco-T4%dA(|Ds>+c!Tb#sfP#5i&ArfK8+INkb>Y#Xk9x-Q&d$fdzq&j{hYfw
zFI#jfP$b8zh2A7Eg()(jQ)4wp38+P}!lRPss66qe=C4c2mvCPDx7=5U5qV>9*lj{<
zltrT&An8&UotI}8o87bjDjDHim6ifj+#B>y1N#qoT0b;M^UNN*vcpUu0`NWlcO{bO
zCCI0B(v)gTZz8k@?(GE~oymf}*M7W6F%J<#!<=tlD=3_Q|4xU$FTk)LnN3BnS0k3J
zxy-D5E1%Pz3Nai`Su<kXr#PB0!1^@=;Z0&rRh;PL>IU4h;tq-KKknJv4}ay3<+QdT
ztJJYQnXQ=lFOWa@D%?ld@~P|l&VyG=rg@nrz%_yeZ>bR(=wn8Rht7_u#`)!YF=~cf
zu*Bg;bnC_&VnU1;UK{aNn5H}y<_pH#0MCcdfDf$c^o7E?WV!%xC#JtGvpfpTpR3{D
z0%^>9N}B_Rzg!%r%e)G5uf?n3--C%BGx|^UaS(VZsC`u<S&tD<|9mCbUGp!Qc3dgF
z$l+3A1WEt0ys+UcY<rY{p;Gl3S8dd?zFnZEt25~v2X-M7?|Z;s+Q{y?(NMnHwUG<r
zv_s##-K^^WBTSB~m(>0o<!1`3gyw$T4U`7Dz5}($T06wpeMIUlOl<PQS#?uHd3T-o
zrAif$D8QCP18IsN!B*qA*@%wzMaj;4gu>#ryN9`F)&20gV&yT1Nulv*bN$IBy<_eo
z`F`s$oc;;@KUlgFUgNrRL4kO+HH8gj!~mGZA>WT>H7R&a=RU~$L>5rMFnx^aBzR^+
zY7t-1&mF!Jrh`N92TMH6^~^;_cK|CI&p?kNyoE~TOrT%jvzpje_pwJ#S4lm|m{#tV
z=GRf-af0zQ^JAd6N-cr|2BK9@{*mw-1QLGBA0?%g+p+!myl)*hlYuX)w%d|)dW{qI
zpT8teaNsuod0Wi{Y<h24A`<8sI9&$!ARjA~vK_yqMDQLq=c%mEK{I?{JjdfFJBPDb
zJO(0Cy!q#v=I=$Us0~0i;@6Vazx=*<m85N)gLEm}naJIiC}beACE0}$F5pVAd*DOz
z`Ns<&M;M>?1>Xc7Jmfp0(?e1C=e@;W$5{22d~3RYWoeALo;1_|+jK>r(HQYQ1q-AC
z=i>)InN9x{3k1)Y;*Mc|ja?avlTn%y9;X9y*Y~pc6P#h<y4a0Xx~2q^&En9ic8bMK
zX$kGoiH^)X;LQVAxpENicj0EoW9jhFoJcG=325iDNbQWBCBOkyK21O&s@z^mPOL(-
z@?w^yi=Vp-Lx@ggmds^Qra-|!D-FeJR_N$PFJ>b=_se(v7EI6o6im^T+4h$fb|coW
zx6xb(2*&zinxUbhj({LM5L{;cCjb{#bp)LuUy)4g=-K_9KWJC~wEXnI8syc3D)W7m
zJ;PMmxUfUyhYrqa#b6bNiFpUB-1WN1t++o_vfFVhCm{Vj;2$mEDGUrlx;d&dVkQ+s
zL2FPiI^{bSrmk+q+|c)ujz%n2Z7NSP&pKA#5>%mg9+TLWbGv}90S8?H>{duw`x+Gl
zW6?Oqt-!;)KSJ3wFfaU1ph$51HJVkH;{l(oe+EW~Qp2yBmo%UA(KSSSZPypDtpqw-
zd`d(=c7)0QryPeMj{UbB_kirW2kDa6Gfxn=d?Ira8|MAt+au%~u2{^v>?M?jn85!F
zj8o(|*zJK00N*AzAbA*=q+PlHKBDT}8&&hv8t-3SgHz@kfNotDen1NXS|5LmAhhkj
z0LxySVs}l`=E7NENTQft&yfwY<Wz>QqWwE|bN{gecq1xnu}{RYbGOs-RSHVmnbqri
zYK|u3L~}y1c-FSg-*sQJLd63NgJ^QIfAdJBKS~5WkfRp$GV!&hb=_xo5lx2OKRfS?
z8fq&YFDejK#3Fd7=n!K`6K@)*NIi(qZiCcd!X=!_FLn*V?^7@+@m$Dj7P94t_#@)Q
z;4tR6dJa4}La0G?&OSshF5!NLmN-lH1zcoNRo27!rNKl>))V3_m6}tAgI@6ani!}x
zCoy3zVqmDIj4f(tZ+{bGuD<Sc-OI&Ja?wP$3HwV_Y0*+WiGA#nKId9YX%hqxA>EYE
zHS7J+ERLhE4OrwhA?3CvetQwtC}B(Y7<^wf^akXKVz-wZKKQ!IfyFf+hvjHF<6rZs
z=Ym0q+*do8gR@<j$eIa}j}pn>--%kK3(e!icCdp4o<ZA1r>f`y&&$ADz1<}b=7Z}d
zF)bdoYn!dFzEMlI4hW6BEZX*&=!NcJSr~5dnGMc?9Yy0PB_Ss(%Oyu!!Teyq2ED$b
zo8oOc-Mmu0(_?>l!d>HSpy%Y77CW-Phkb*8g|5mCeunu>m{NTKp1#Qn+k{V(mv$HS
zRD$*BVQG==$z;f-+h?5=7vhjM2cM0^*(>7LUt<Pb>D@wwE4pba<^q@ak~vtVMVV>)
z#zm5pep0orp|9S>3Q(`Y_{!M$hd(zbkibI0BZtdNU;by5wzAH@cY60bf>F;Sp9$yD
zt&$}6Ews1V{4C_OoM)^3{i&nYo(dD2A5(@E8$RBhiMlNMGaZ8+`zGuor3my?CEdKe
z8Ds}4(U>0`jec=+_t|ben>&jePA=&?`_Kh8xw+eS65CM5?5O-RXl?As-Qwu`m7GLV
zR$15~dJ9i>?hlj~I(0;uS$o+kKfJb6>&t&Yvb*-%9tzpVQWUpl+Ca}JM6dPihxI`%
zaU)0j<vaMGzC|XP6hCjp#*LQ164l~d3mLVwqhSN+Q7>?8xWgQf+P3Z)<UYkG<>4X$
zZG1I4=8ej^<S$Q@sJQ1fex9gk5H9>y?~DImm`p7vc!eWck*dtB*k~2F?6QtyV?-Gr
zKj^Uw>UmE1=;je4XnIT^^j#B`>mj~(?L>w%P|Jk<Rm)s4;P3v-184f$Bmke(4Y3&A
z^Z|9%&SuHRwRA251r#zlUW~Yf|MPpuo}49#v&ODwI(R$eH{KLCgAx*RaTB=-vCDce
zrw8;pSUN>ve8=A!Xk_N)J9-38Pm{H3ayrBrxQc&AUz-t+4{GVW1tnqTh3i`wz;q6E
zSgd*<#)NO)%S?H{r@L@|csid15B4RVRkXms35D%S#%Iut09zDe9RRlQXupBR&@tHu
zKD8GCuWcYl@fx??w(4QITz*-&DrX_Y8Lk|BBnbLfQ*#(-YRX|UAC9I1y9CzE>(k_1
zJIe+DIfqqg{W{X7=F0Otg$cXH8&NiEuVF`eZ}iy>&hbB3d`{cFkMN||ya7`Pe2#dc
z)^|V|uUZ@77z0dA%ki6lPIM}e-+ZYEG&E&BijB!{!yXIee3z%p%M@3YZs9oBMDC0!
zM?dItCB6+FaOhi~OuUI+>sg)geGFHcFxz0j(iK?F;tya3g>T0G*RUn7pM`IM=>X?_
z!gF$>_DBGA&TQ^zGW^G>96ywA@{gXZNN%)@)d!0Zf6*O<{2d#pRsR1%OFvgC{-=P|
z_7QdKspLS{C+%q<Eqb&A<;F<Y>+H6+H5jJGZ^L@{M)GU0q7my=CmoRyZDYiN?>t~A
ztnu}KVO;~ER%s4>!QO5>Bs9(&VEDZ+)B5pBi%A>^7e{;;2CAm$%SG4G&(g)B=a-R!
zN90V@4&cE_*NIL@!xH$ay(lRB2ymvThae7WfXt=Nwdtau;dI7TRWO)>Wq>NP;s*b*
z)b;I(-a~ciQWyScgrNtDgfBe=Zih|_jk{po5jDIzOwD}Ys!Odsr#^|p+Xf04Ws$S#
zn~N|3JGS#2(TV>VW9eYTt)oN|^`0iDj~@C$>}1uye?frCL$Ib6<<9C<c4Dq+^#Mv*
z>~E!vPp`e8__BnuSvX6h`N%c(>?R0tCT5@hp_FAUbU1(b67%QxNDkKu*#VkR9EM6Y
zA+<tc3k%oza|$bXe7!ubGbtDfm3bkma^C`LlJl5u{{>nk0JKzzFb<6ZMY=Uq#i(V&
z-Vq}fj&uow?3gp8hnr-K+Qr>$8?#H8lcxs|By86m+S3S6p^F|HtYIt7ds<k*x3SGG
zOIw@j+W3d|8yY2{h`2*cGshd<Cm`kD-#r#-pF*BO`+^ERR6fHJuxRn4`LnN{+`Wxx
z`R*<w!qU3zYy=k<eOBYY#f4NWd$BVE+V|EFyuUiYrub^Ksh*0}-X{;KTKp2uf)7Hq
z*59YA_-7fXk^7;JNSlkOS12>L9h@cTpd45-#@<(0&f8T^G!hvZQyT<4#;UoSMe`M%
z@P_n2TtFb-MzEYjJcubCBOg8s37F##_h7Pk1JDkxkN9G6dF_Eqr`y_mVge|9xgvz#
zgxp?OE@zpDG(v&u9sLx=f%r}-ubN<#_pB?%L{4CFbRL)R0pr|@jmZX*n+Hz#dKCiV
zS?+hddd@$IXG}f(aGeIQ;I;H6;2cLQtKya}saXBEKa(jp(66#J?i$Ldn)f7Mc26_~
z%8pe|R9mxB?W9B0i-143<$fI0Zu?@=;a@el8lErj=rR^^?hdqtb=Ga(XtxLFD+^Q?
zuUUi{c;x6&OBEs|beB$b4U#d9#;OB)A5QjxYYe{?UowywnbshLqLc9Qu$|FU0WiJX
zQqb`Km2{SUmhDh7st-q}&*s4e9OE1pzFkyD!0nG}oYJjK;6pM#0r-&Yo^4%QHXKQY
z9g4YXcvckAjUJ&bSzEO2eP=8g;w;vtF3er1Cxw4?i64Iub9=GW3ZBZWU%tR#Efw~#
z?Jn;lZfj<6Y+GSJRLn3Twcns;oTF@ZoR&&wWqA>&BmXX)?N>Z`kf81zS<}ZYOq>s1
zU@)R3T{e$4z^wbZ^wo1L2rgc;I}#!}lrJuyS`zp$Mr*wPedOCMKsvf$kw|q^#RPWC
zXU|&6D6gbG{Ia-pgoqR{I)x7bm0&7Et!lg=)H@qayBdB`hEp1zFcOE@1grb99x5;1
zPgj=ZBY+Qdp~Pk}vsArcT{7cCwWO^d8`Js^*=&)Zjw@Q^d_JS$r>9#Nb{N`!Y&^?M
zm$>#^&~Y)fR{Mv{&nZ*LX9u0U#mfXX`8;PAW^Ge?WyN=>sq<x<+K-<X#!Ta{gSt&R
zo^>$J!P&-1PZ7cU1%=$b3$j_og9NPlTj%@0ZY?w1OP3gnz;>{^D%Yyn5%)Ooob#W}
zDbp&jnD-lG0xtIZMi?z}wE=6W$wRzWVc)<tn2gzKd`bJW|4Ypb@r~Ga=R3Eb#Khjg
z{y_Evtux@s==#ZJo2ITtM%~Dm6Gmoc&H81YHL%jfn4HM74^;YF<223ol5F2rGhc8Y
zQD%&s({e3aE7K+foHmk<Zn+nGai&rYKI*kfN@nM~L*JIGxVtXUS#sQmBQckAD-K@v
zfP7x}#7?^z;)raKI<tB--6AIm%5d}#qrooX`R<~408$o(T|orFE60itzCnK`9y`Tw
zDwThn?3mwc5pvC2&1B$iD@J~vL;fZ_c4s(~g^;Bw*H-j*yt~FU7QF5SYS33uYf)65
zs_aN_J2E>)uvmtdEq;MOA)b)p#j>-@e2)qkEw+O6f_r%hJI!c|`$HS|+dh;u(U(x<
zZZtsNH9n>&FKmY$U)T-{yln{-Q$K?K>dK5~{77{N<}=pxSzjH4$0AzNZ68;FY?$BD
z4kZ%R$b5KzUOjY2OyP7QwDnBBW<A^4TiAx!)H3!(J(3U;Q(2T0qciY+V+hjYm$^E1
zI!6tt%3zBRxm+U;5pAPQ@<iGgo1(s`;2w%}E{x&9uQ!z}g3rw&>QZmTk6h!J%`$Re
zeXL+VeM#xy0LF)9Ee`NKMA&`0VFPD)Ae+slrA+mF@)~EfsBm1oty@5bA;4#_*~B?e
ze@9f8Xr=BtFyES_!zBHBK?GU_*0|aBuc%S;EPbs|@oPnO_(oBB%&*c7fq#C3(Tu_R
z3)6t;fz*PJi&s=w2J&0%!W_CR+7w2|r<B{tJhB@en{C4u)}$IW4anbolKF2{viTo*
zYR>)XDe@f1jQcJ4BhGDE(Fi~GC<*AWo{R_FQ5lFvc5uJpaj{fbL(23GolzFN^7yot
z;0kM-d=2j}r$3uo-axj3DeUrSnqjq^sf(oCkGh3=#C3Q8d%<Gd-LB%i#uFdG2A>0G
z!~2i*t^1TG9NX-ZTUvxdoT%L}AbulSzCL}$07oC4<mN|QtkX8u3zbb5A2l8Zy{h4i
zwQ-*eu^l{-yLF~1EeC>N%&tdhojYj-xBYD&b3Z3V-C?KiPJ;XY_)e2uy$n>J&87{P
zzG#f_SC8)#Mi@^|!OSoINx6RzxUB%-fZovz<|xer%39oW%@O*S*(@|Pa?Y+do9#M$
zeU(*y(hHK8zGNuXSb$Bt|AD&&t00|heTQ{QL9d<|odc7yD(j@PV_V;0<4nF>|H#*U
zA-3tG0}pZc8ClTlfWCENO=-kf3?R<sNR~z+){#d-{<<s6e-lakpR!z7q#<*=Z}D%}
zll*57^dP)Z@D<qV0H>MWj~J=?*6{C)&&c1#=d-Wwsm|nC|JNO)a)%Le7;XCk%4HBn
z1GWRM=h%Yl$!$#QCGNj-Tc|63#JTH4%f#5PMUQ>=5#S!^3{%QAlO(#Zv38(sHDBT8
zR0oynP?(pERiiP4Yc`lpJ#huuuWT@J>LcrVH4G@!DmAJ<V4A-z1;4Lc5)k%Rz32X^
zg?i5v&J`&qSXkun^WC)GS6c8{rCkzK!x$%T?~Y(8Y}&D-A<JYcm_TUJoqa;-NyRSy
z#c&E&lgk$v?(-8r|F5q3DP*vK9rDZYWR^@bvN2Lc@4X=6mVbH66Mhx%%eO}?o|2}>
zO2D^G7Jm}5#u)JoQ$4IN*j)dgDK6-Z?y_Wn;`HB3DK6pPP@Loz<~5rasbVUjM6;E?
z5bn!#W2OCCm~AQFs;oTA175`bsg`j9-2N=umdCaa6@EAs$e}3!ufX86qCRxUoucc)
zZcbvqMJUacuJFUV2r?7E5_$;(G%3W^cpw8e(bKopV7MKF&4nk|ke-P5r21C5`FyqR
z_dg)^L$~E%wrADkchHb<iQj0jz><RHRn-hFqSQX*=C6lfo*(ll53>c|<;j*hjKj8o
z=R-og+e$DRJ^+zms??^y*Pmgwpy6(UiZNhOslF#GZ5^<~df(gjqW#Q86?@}<ERh8t
zxW2F<FLgiT>@Tir#=&e|>CZBALlTc!+O}SBXa)raz#lKy6f^=!!6$L0P<--mg@gU)
zg&i`B=pMMo<h`qZj_-;{EV=A3*QaMtpF=Y{)9nHx{09Z?Xv|xbMxtn7Z3=Ud-WXXB
z-2RBO)Nt4Zj@L;A2Ien#ziM2y`?B-DK-{ta8sdy#^C3amnC*Lcpn)f$NQrG!BzpJo
zZ2T>F_=eJ!wjUOPqb2{n|4AH}o-Q?iOax1cP>T5n+Nmn$4Ogu45AO>9IEC9T$p}SM
zYi@*q>fdc;Z;8{QzS0T>mOe)BZ90zF{nzSz-?DSt*JU&zHQu)0#rXI5Yk#Z2ez$uO
z7v5VtR;KnJbTrMMIvP8-j+R2%tT{}~w!h7I#J%~?1}H(e-FwDEoN`(e+^5iM&a?Sk
z8aI2+UJ-zoC47TV5NVRncZaxD_~4-AER$R#int*D3_KTzrd0PiXTzelg7Ei71~P(v
zBTJ^4aT?frVmV$;a*vZJgEAJyas0?Oq7CMvIBpnq?pyUkDg}KlIWOsSWY!=E$Ej5O
z<OFn!-JbOA_(&o1MY{Tf()rff-}9|JoYVb{Qi8LSWR}Whe^S<(QU+GHKk@e@u9=rb
zdX20!1&YNhe!E+IHTo;Gbw{UkzqKCJ!4-W8;O<lg>zymmZ+|SJ(#%(59IJqB`boE&
zsZZcp&xG5%o%o62gCwHoir8?*#bRT%D?1-!(^8Sf>p(sq#yZ&BEyX4|^I;rb%wR+x
zx17mp<V9?g40T|>vh3WGcb6c{inVsV+19A9(8_lN7j1FE>?^yCZ993cL`I8rt83s>
zsl(!X<=J~Lz}rB%29s4^CqY7N!zPo(chruKshBSZvUNtD7nCNh#{7fdl&`ifUPdj5
zzi|0K8lA^7;t+>d_E~cvGLjs3{Owo@R0kx>m9Ewof@*)cdjoNe3ofS)C3lxHSWQ<C
zl-;AS@6g0?*;#|m;XQ>=HHx2_HewPO3mG(xui_iD8lCcpo)Rq?T}1CEgtq%dxruTy
z5A%ngT>#mv&pTZd|6^&rQFPhv`x3=zI`KX4;f@-eG5Vrzo!AgyCTJNof&<*N3^XDq
z*uigR87yin!p|G=ILl<1#()42N#HS&Kfm{<5fulCD~m%`7ipi%wk%rgrQA804Zz9*
zwsG&<FNEZ57qHFNMmwtX27ShY^#=zuu$lK9{O)muk2ED`#aXp!;Bohu4{+YM_gR>N
znP1d@YisAbz1M7gNW400d^2S(>^$fo97-5GZAHkWd!|;H6oAi=foAhg#E$k<&9Vk-
zm%QrU!QZ?F3Avv=k1$a$(77*}ega=U2br+~2U}0sMA;lY2RNG-7cQ0mOJz+BP}aV{
zl87t5Lg^1075jwdjR&N|_s$vmGi6eV?MgHv<`0bUU82FrsNMHp&6DyLftT^+Z^3&y
z2mi{oT}teo!{J7AUdBIA`Luh4JjIW>v`BB9J#XX@vNU0TW6_EdT*U<YNz&>~KIdZW
zimoSPV9->l$`<J<Sw!Z|s+1QjAJ^%TziiY1EWH{Dfx(f;rs<fkZRt!9Aj}QRHBNWm
z>xHwu%V&o8A*X^xUkE`kKmT1~J-$oq?BN@Dc(-PQD*031lyW^r6ZWi)=<~+S?PM%!
zxC@hux{N+=;pejp%fw@ouXHzX`W$5g0tHo^y}p+Efdd2Ft)aI?N)Ha;eFTf8UL8C}
z!ULLh1(UH;axqTlrZmDc>DNB}Lbb2*9mc!SiLQT#HMcK6J<X$1Pc!=Oo+kEFCRK&$
z_Rqei-m+laWcwWJJ>W}5bO%S_j=1ePdBj8!cwa{h_F=9a+~aTu-WUel3o0#TdNYKX
zw=d$Eq_OQ^v^O$qv)^y&ZH^>Tr(cbNN`@5MF~G20J7mP={|T^-CHy<_ZG5};p5MR*
zT16r+{Cnq<dc`1{+*V_z`z4BWT}`B6P|^{@i&lJl2m~hx<<!TOCRa(TBNLZ#l&%P&
zOF;5-juqLe%yF#P*P5<4`^)9@r~3cKHXy84glXj_GVMCm!+-`!fyoEP9P-~K)k0RK
zfBz-G4gVD2%IV#rmOcv;9=8gP)>vGkQlx!l%4`S3(p6COqD=19ve91>+-BM4pAwv-
zufEX-X)h$>I<78O*eLc8tP3fIcN>2ri`ok@dXnar2tT_reEwo!_IB`~*~bsw5Bffe
zM`=~bN^m1IU6i@06!V&!E(n_oKT-jmKVCAiv-_0L<dIwydb)(<SKZRn!OIgM$H;+V
zq}z;Gjk<8e7YX|+#uq>{57l-9I9vy`MqL9ikbm&R+>_&AOJ`~E!;!gL-*8Ks#82Pw
z1d!*^wFCxI27V8uz>4Kh7uaP*xYCY)Y7Q@$Qc?X_?ufjG%N1e2c3R}33}o}cQVmYH
zx@%IUZ}@C9sy+vg?qwTyFZ;7~TV5&V7sJWT?z;sG)!$2z=h=(22G9S$&#txfA^)4~
z8le0OPP5K%+Uv<l*>G<Ou&fSPpBuLo7xwDi(>^`x5Zv}_NtSfjCXPwd4vWHlCXYxk
z$gxb-mY{31@iI`ywzMD_NcDX4SmU&8rJ26Ir>ime18G-s#8Q|)wd-bYAR_Z5yvuni
z$Fbc~`<uMiJ>Md6k<EoeO4pi$uU9wai@(-49<bD{eYmMp{gy)vZH-aV+{rvxXP%r=
z0BB{0>iqe7OnV{$UuheRXtr>Vc(}+YQuVfcx5;OJlfhdtFH}z!l?25|AyCzzTJfii
z%AZ}94~Jkzgsu|y`T+mN*;JHIb}ybD{;~z|P)9yLnGKJP4&u^Y)l83_nd=QCgZwRO
zPSRT5U_uE2bCkxY?bU?j*)EY_>@XyYxWquh7VjM`EtQ;1?SxI?8blNw>UUm!q>lP=
z^w;y<5LLV7R`yfRXD0%uX;l9#z(ZvaMN$uy<ne05bYb7q1V;NO*z%{a00wmvm@n?(
z$@k1{lcyGSIuMR#AY~y%FKgc}DN%bPv;Z=2e;RpQObT+Gv|75X+1YC3EEAda=<Y^S
z9;SH6dwuz2{GWb)HM<tyEdMY=JNCd#)}OvAe^IMoUC}M0)AE3j$H^;o++8?*1)9AR
zi6j=uxl^^<)yRsny~8v7-QQ_F?ch`J)5c!igwms(WnT*TK_w4)=ustF!&pqr`u*ZN
z#8}9Q<i!@o>#%`RCw0Rv0<dAod$=*PQfM%b-(S!tj(99~S0g&HzH(2da<z>R9q_I?
zePZ_#+Muj3fL1G2@$gaxjN{%Dd&Lss#Q7)^=b`5wjB15mEa9`iZ78x+d#(DG^42Gq
zR3%9rmoC#YzP5Ib+k+-1SY190J^gqlOZGNdF9GE!R$r~4I47}0-m-${;`K%|cMz27
z9oA0u^_X3{k~$|FAUol?2GOa~<hCsM#G-s;uER6(um^hpVlV2S?DlHftB*FG+Yq(>
zGz@y~HKP5ogi8Bx0wqgVFX5E_7Vz|@wu-K)_0*~K$~-SUf7@hyX^e)?wabHml6hAd
z3Q+Ks`Us372Ol&TGxdlUOo#0ikYDg4yo8GFknr6N8`%mO+E=2wObIUIQ`V?!_D{v<
z0wG}ftIz(60R-I7|HKB#wGOm5^&3BpIRKna=X5fLNY;}XS_Zxqb!SwM*nQDx!udb9
z0fU1>ePdikLW^9E@xq-_c7!g?#0HwRFMTSBqdV1VCJFa7h30}45GLO|o89u=TfJly
zE<XqLE>6RIKI;oDXSEDIUwV4p6dY|^6rPg8;6J=u#NIsSlv_O*4!s4-ClqpWmI>xI
z=pk+mo+raOl~)vT4F*Tls%TB!Dt8s$21uIst58GOakJNp8}7c`zsc{DH&wlP^DWwV
zUvme)JS<$eWh}mU?%u&^6;Hg(XxEMI>&;-Ha}isIc?AQgcH$Ok&MogK0khOpoC}=o
zwNPKNJkOuIaUfB!rOCAr?rnG6II$uybm-A~OeivL_S%ctn|j6L++Dolp>3LLLxsSt
z#fnd+JL>1(2j9bS@nw4f_A>(5?^SmH8^v=5<CNBq{VNu}^Y>-G$Oaw~aiQWp@aUOC
z_3z)w^Dmd3#;vaOI7<r7S25zb@#Wh6$8Z}NquY|Q1LebJI2Gu|g+hezbPgTYdk0*9
zC~6t;Ai?aANgw|udT78I7EF&mSf+DE^5zRxj-uebdvqYj__%t8g(!|m9>P2lz^Ug%
zv`Qm%7^{REzQ-kS`JJL0#Bu~lo$N76ytv@5&a`J3pMg^A0D*w=an7G^92vArLKBt<
zgZj?19Wsz59^M1r4}XD-hsy;7S$xP*1HT8uL6O@%L&BtLU9_Sm#-y4-uuvt0CwPke
z=|_OIIXT^1uf)vH2fqM=b4lDR{%cFU^&VAMPUfbI6uw(DCRN(5wM-uARjhUlQ5;Zt
z_gH4V69t(B@fByXOH#Je8%fGEmAcd}m2Qu$&kp_am-|U4;rrFlBJSpckCzusj4iE~
zZ@jyKA?ph&`=i_0xOb=U7@*blK|}-dPUt@<kY9l|{&5HpXuGIR1>cce5$U{@(8KDP
zFJ*<Sr?YbO5|$l!8#pfNgfPZeaSmEGpZZ5(5re^RPkSHJTRzWo8rddUa-awnCRuqG
zxFpoOslJgU20J1jx39-&*{%e-3bsrS!<tn!t40r5MXnWO7#?=Rj(ilzx&cwPn`~Fb
zM&=h?a!u66)NZ06Bt)2@WjnkzD$zdUwtwY_nn|6>O;nTCq!Kgwx%h6#aMYY#Lp^^d
z<4b~Fe)9{`_jABqPE<$`+l-Oy3|z04%X;Y1CD4~)J1L~_)QvyX2M8mpKa%RzCrpD-
zx8`=jLOJ8O<qpL1S-ep9#k)?AHXc6$R?XG6&Cr_HgcJe4{QTMUH4S*Q-+vrA-)I;3
z`>$-7`$n|&ZBKC-$#00bB?DIzFxsmmLvL6_WzH6kcF*pSwfyXcWQJt>$9_TwqY1ip
zj7Fwp0FG-|GRDlpuo^~Q2fSsd)J<AUgPK?!?%pII)3%oJNpkf*xP6v{z5k%*SdbL@
zd>3vLAPc&@lr24BpmEco)qF7KPD=79e2&;(fr*iXa;3yK63hzTo(g!bf`JHlTZ6${
zw5#5B9&lkmv~3lPz%#E)STjYG`w!v^W|8licsi__U;sSZB&t5H*MGjno{g^_IeD=J
zMqd0BcEMo&jT#X;B2GI99?&jZofb6PEZ5Ob(3!tCHROH3IOjXIpkRKHE*v<kA+A>r
zocSibFTj)DBdaqLBsCnv$RhYub^?PFtPZ`y;Lgx_r1{|G#9FdUWYOKR@w1o+!No&O
zkZj_!AF5}FG%u!WlxZ5zKyc53ZV`Vc<z%pzYvO#eViPN@bpwv42QLv>&*RuNW9LKw
z?(ws!eWFk&(NOgHOL-#RmR%w<<m-7@&1eRytm-LLt4Sn{w;8NKJ?~WQ*h#W$j64xj
zt68qWgyDA<9)VV@*1X^U{Z7BO2vXFa$IODo*68^ScXd<uY^R?U%d+gL&h^`8#H5gZ
zjmH=R*-tBcjGBANiG}>#<bjQ41$83>U;`1t*jg2L^K@p%*s)8(57B)a>BeAkLOU>j
zov)^Q5e4o(nz$+Ck5CyId5*26*@-@9kpk0u7LpJ!FZB8mpvfY_8Aa^<;|AQV`ojf)
zeg`IbP>y4=tc%_Id)evYtTs%gq>v9)a%tHRL>_2>?7@)ZQ^;fBZUpF)T)ZD+h|~h!
zcB@C^w&#ztC{w!p9Dbp=U^vDjuABwM0q$%0MkXfme3yI#CYEIfvz0XVr)$l>uK?N$
zRvtUL<DO<e_a`azM)ncd=?bl;Ky`OO0|3CnoyRMi4jkjXPS}^#g?YDfef-iT2UcI}
zk7FhVzcycQ&c9I4#%`1os%ktknEv`FH%A!-3(Fk7d?)^0c=D=vpZEiI^QL(AC8rn{
zgJSP7!g;9&dvS2aXqVK3#U}=Pia5AKQ8GAIu&BpBKO3-MIVm(xOj*whz4D}u=@z&K
zX?x*&K>_C-9%wI=pkSV*&`4At+o3HY1-;QQ_<9d+H{l&d;x?hpD*rZ09L6+MmvM;A
z>HK)nmkNyV@xg<{b&NWT=3t{%zMoIxL)6n3{|D^mEJ*jN!p9?wZ{qjs*-qP6)`_=*
zn->qQtw&TaL0kPv+s7j-x0czz@3+J@{Q|er*c(FcTp_Fvn8a~qm*}f<-+Wn~1K%mJ
z6xk)L_8ye~bX{MG<|&UKK+owTK~jG4Zy6pAo-%dzajK^bXvhp8fjfbS6rm@JeAw4Z
zmCw>$d(40Y+)J{)>ODqFM0%WaJ<gF5%v0c+*W2uR8#mjyV7|&y>}WT0z|Fg}S}<Xf
zqDkX*;MP|SU9-mfVJUEG0{oGWis+<$AS=MVuuZL&Sf+SHnt$7Rr)|bCp<n|1$GGu$
zdp|XLiO37KB7khl+78xk8se3>d1GkcZr{ZUXN}!T$8u+K))UpfZ5X<GS6$N2P;ra|
zb^)zqP4?z82bL5;n#rW3L>WHjkx3H2>08nQynU(v%yy_HuF_nxab7m;q5bNMHx9wI
z!s>^oPz%h8Mk2d{iTl_AuUzA`)dPiy@%>EZ<(Q5$^c-7BOV9Ne{6+mHXXyc9JB{w3
z{c@P@y<xBHrY5+HRAox_Ul+@(U4i%}r=_|A@?F@1d{@YwZYLQ6y)SUpIkBq%>q=ho
zY?6F^*7%^bvJln@0n%`zC*^o&AC>@>1^q03UQtcV+X8d^s<e$x-Q#<EV9WOf!*l}V
zXG>z5=JpLZF2Ck5B|Mr@HS1bgM|dmW{l{0ONZrtuy(b=Hu?B{F2s@bL=8u@Pr_K6X
zmA8QVuI8*dB9R|>7JFTdcRqt^3i(r?d7X);zzyTCxYV8p*Cd)sb{Ji;SCaBuf9|@!
z^IOw_wMR)RRO*{B6H}jCdMf~MN48%>MXyjXK0N)F0TBQKo*hN?Y3dN$m!|M(Nq;GZ
zdhaH)g8!at?&5Q#YeU+evqhmG>Z<1Oxj+D11^{r$WLdaG+pEtj6gtSTE?CgasUY#I
zUcNG~7Iu>mD)Eys<ggrd$gstmFrQ(aZ|3!UVPBQYNk4Q10fx4rVIEK+3k=7URO{MK
ztWNUFq-C6{QI0?y^tu3K<aQWAj}QX!J2QTB+%f(9df8Sxp~FB{OeaX~_+U}j(I98}
zxAz6oi@jUzW>llbV_E$?bWAY*?K9HvlVE4Jc0D`7Q`qoM1MpqJkx*meNTh+Y<CL%Q
z-MDfR+kzv#Rpk#7GmuzUCe+n$w&PM~SL~T=>c$B*>L<ruyJJZlOB(qkKg2V}Y)3=P
zK$vy2Md)+PF>#duRKPH?ror30X7As}*B4|qdHWP5?-$mT8gsauJ(BRSb$kKyI_Az`
z2Xm_q$A1(IehNEpEx0{vvFWMKMQlB`#Wq8gMQSks69j??c+D2-v*?P9Ifdw<+A{-b
zx%5k05>v6?um$qfYy3m{xXhD+xs8^9|9Vf)l%sK#hcDd=+{Y61ZDr9U1k}3O9%NXM
z0RDpI$8!y0-6Kmyl#QiB&};d3@B5n7*`(4BL?;*r!pAcf`5sAOY$Y5}f*TV%BS}PE
zgcRqSuc5yH^#te}{>zCO8VUSe1DRkCv(|;0HgraUHX#f57ZUp4U;G{qXnF1E2{HlC
z+`A5w_%krqgNsg_ZHNF02!%q>6yRoK|F<xA)Yt>m1!o)141I%ji_L$?H?;Giwxhf`
zY72(IKSmJqSz`re@mf*N4~7$lmsXz-$*Cv!rYiMp=FOmGaM$90c#FPO=`)9Lf9JHC
z+2~+*y+S&z0EQNqPu|jEB>Y#PSNt!aXEGZNSJNw`(pqpB(N0Kl6Y?zgK-Wjq#<Rl4
zwsea@p8?zhZ*E1;X0_+9u^Dfwn?NVkMH$~G=JmyyVC|E*{uV>HWIA4j2=Lv=+3I1Z
z7SzdMukr$RUOm3E_AltuiZX`2z^-(KQ*nMRa1@`$YKPS*3Praii>~|zLoM6T?aei;
ld8#@;8ayOU$mH_D8)9BB`jb_hAp`udwK{6~#@zGj{|AOTZ?*sc

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/rebar3_shell_start.png b/priv/.BUILD_images/rebar3_shell_start.png
new file mode 100644
index 0000000000000000000000000000000000000000..ee8e1380bc5343303d1acd92dda3e975f2dee775
GIT binary patch
literal 88661
zcmbTd1z1$=*Y=GdDlJliG)kuuQZsZ&BZ4%F3J4N{(u|apNJ$97&><oz4MV3i2vS20
zFd#ML3=`j=a^L^wdEWQ?zW3e7Au@BY<GS|VYn|6`ohw3LSDk{CiIjkVfI?G4#gKsD
zq9_3YVe*wr_-{Nc>wWP5U2r#4S0ea2$PCASxM-)Sqewtd9z%wHM2!DT;;LclPC!7}
ze)jJ|w@cv@0s>r~ri!AGm({N(9eWn_dK~WV-glQpTg+>z3i?TnYOCuW>hG@7Yzsct
z`ji4zB)NDo2zL+o&R>~6b+3)VJ1dc1a+1uh@rpYO;XIlli0Fd)M~hFvPluM?;@HJ`
zO~`%r$c~f@x1FC1Ea~3fgJgW(*xmrlSxyw3Hflnt#7CuHeJ<W8IxfigEF*dH8hI!M
zDZPrnQUZc?W?g2SA?`B%S7wU&VbF!&-=6)Lrsu^E`|mb<)FX5g3OIqFxX!;KP&mCn
zM*h#IDtUdIe?DYxIfxK<RYJz3aHpVkM<hBrLw*dpwkjd-dkk8KH2+|uBC-bQSwl`e
zQN`FPXTRf3T$T&Ky9C&269sC8pKkJi#$fm4AXo#?jIf6f@;e*I99!jy{d;+-iudWR
z7bTb(TcMYB4t{{K3{9sDduX^0YMTK%=9!Tu<t+wQ;@Jg`f*5zcMi->!A|Fj^XOGTF
zZ#AcRJ%_rG0g2U-Axl>U8eExfcebi@to>|~D%{DjMMeE^U&;aZy*w<w(d)LPS&<sz
zS+A5u?~8O4sz$r@0{@J$WiekzP_!dt&pIH}5LPfgSpeDaO$Z23_8X!R+QR`W4col}
z09*n4m9`#A7#S%j2IZR_Ss*8^>w)oYCk)}K0_E%g^b-m_aftge`)fPVnwbOX>m|?)
z&;B(Yqxx-~Bs%z_xoa$yo(%-E?}keBVA#uHTL<dgiZTj9M`KZ?t+LoUUE&UF-13f!
z)cY}WlzV||nS<^|=&!+b5Y>fh#MwPP+qT}9wk%B8Ww@s0PcJ?&`^L}mW$F3m74Q?!
zopk6tO@fM;8v?YflL^5FW?+Bu9O&(Qj$!3N#i(*8vf?KYDywD}z%l~attJAZYacwj
z^L|l?U#@k(eaAO=9tCqmZ3C-tcEC|jkhl=(djlw>S@AL$SNP?+)3!vTB2JX+NjXc0
zh=iYxJ)J-Qz&ijx8wLr5j+0VQLqI^?JYV3+?UU^q;MKVk2OZXs5roz^KV)2nB?BA@
z{MJWhj=oc;zGNc;;ah*%4s&;j#9*T{uzM2nn9x&Mi#EL|2xpz&Z4O)<Dp?5g4K}1(
z70_*3_#_<koRRR)@ZXpzF%cLGqu174K0iRk(h=xsYm*U4!UA-lsDxM#&mnYL3E{oR
z@xL&ubI{KVIDT%!xdb$%E?P-@c(7414;ZES5&fXW8i))$diMVE4<>Rwr2?xlMi;V3
zuWb5@zW3jTD#B7yGSw1ASvkK0BWsTwaeAO!qC;zf?yVS<Z<;UdCViB~31J4>Ukga`
z#3X{(h5Y%-{vp&MMu@a=$mzvi6r0Md%3VDqS>A$IRKOMP6fqiohR6GA_;<nh7>pBq
ztjMV$456Qg9b-QXq7f<lz&006qiAr{@sn~TO)}^$tOG28js_=RG&hC&9;1f2f42bg
zUI+lftoRl^IcQts`TXnlGOqYWwi#Md1FVJm`x>!F?+WfEcf(DrHy@yyZ69ANC@L4V
z$?I_2z%E1KvKj0@XYYIKK>dXSKyP`Zp<@>W?yg+CP4cac?OXGSGhCg2?nHB-<7aNe
zW9|BR|AcyPLN*%U`|gZbRqOSd$MHL*cOgmUR(`OM0n7G;yG6_=#OAU$UCIkdtOc$=
z7u0<mkxYd_Q1JJ@;A94XCE93SZ*hC;=t)5jcvALAGi=9?zq#)BX;6Gh&bZyzL67^j
z?Se@a(ojK;f^TWUCP|E$81JzrC1WQ)cI?hAfsFyCB=-E|^Pl6&TjB#I5y=`x^VHu@
zDi3Lqed^t4qQ8#=ZChpL@W*Q|!$6EGShJP>k_3&+-i-AIonKl5UB=x=C>EJA?Q``M
z5NffAgQXo9YZ$Z!w9}Ivwh7EZ5l{M|&aGEW(eS%0JzK<RKfQy}{P@n*ucAX7>oaKc
zr59upi$GtU%lX8rq<aWz^xkEZ9xm2s`3p68_u?I$)`TlA#GLo{vdcT6y_PTF`Utuh
zJH^LcB1LF3eVWr92R-d7$l?3|BGPHBES|R65k0p1L2sU>CbTC$AQ_Q-Q9wWUK_Wu{
z{bmH`DAk`4-9>Z=E_YpRU{TTrcy*>y$yC)9v_bZ<kx*Y6;f#0XoLu63wwpnd<CxO?
zmmKUf8CbK2-n(F@rrm;+2$%It?M30Gm!kX6$|7I5$FQ3WbIsTqw#T&0I6v2nrCN(Q
z8GFGR&tLNFJDS?f%~0|dSBVY4i%ZfayQ3S(z9L*g@;<csGV*10PcN}_xm__^wawL?
zL@CSfyRXB*PihRqxjfN{s#IWurBj`sN-Ihh$jZeR#LHe_<o@yYy?2+^*#3-S!G1xK
zEI#aBWN*0}Z|3xBrU~lBcIxOtc}lQQ=S`WaL`A)jPM6?HG1|U*_Gh8ijmsre9Sx<p
zg~rFi%M3C+OTKonKpB_d^)(cE43pEg90x{940$K<j>DolOaNqFOrY^W51KYErCfFF
z()y9a&wecs9Pp|z2cGc+9`6-yH(f_sePTY=z30m!b3e;9<1L-51vZk)7u^oK&xa%=
z%VC2<45{3{QQybj&e}+m)#*9U1zFuXfgId|{?^6C4DvLt-nR-s^g#obZumS>xG8(+
z5=3Vqrs&(1!2Glg=d@ev$H1nsuGiIh5jjJ<8O227xu@dtNMB03P@R=`UEq2n$)k?%
zb5lwSV78VaNRuKY^2=aB!)63z4GTF8EErrYHdpRR5P<;e30>lb%pnsd1sk4WW7eC(
zRKf37teN~?J+J7D5W*fE^q%Z}hP(&+eX0?=h)9l%^F_%U;Cz(WK>IoXizToH0GbK9
zhPW~d%A`r07P{9v)d!9)1X%(;VP-~M`q}<@WtgA8r)ahez-$HMih<Raytji>%AVHk
zU8th*^L>|M)bOzM&n?9Ne6`RVGOeJC21{|70Gjjdz&5YGxw`^IY0m$mFsxeNriVxr
z_AR|n`;*QrZW_vJ@b}duAW+zhGuLQF`m2I25->~rqfE|r-Xi<Xe0~su;Uk5>f0W9b
z>dU0$JQ-tlpcD1_<^mvhcEBVqOb;H4&A;QSV_j^2d~*J`_Tnr#Enejq)<Y4D?K;xt
zwC?pQTW^U5HhprzQ#tQRMtfr8IfnzZb<R^vw5G<}SG>Il)ZaY%#&}eYxNH6!Iw3#9
zw@My43IgoxOi*qqiCFrmcWkBidzgWUXqR&on_uY7=VT4IhxKPKE!;=hz?tP4uZ(^y
z@_UJSn0iY_q6BiKy)R7Q^1e~xPJp(1l>%%cY<fc13io$-!_QL-TGpFYJ+&T>ekiNA
zxTq=cJ>#$|ktO?;nA;JECcULs^U3b}X*v)0P>ek4mjX!WifQ<`HhGiKRVsM>aauTT
zeWU5PRu>`d_r8=d#vZ*Tu-gl_Rl;&1*RKV%T(n&0nD%;58cGOEI{64s=nHlA8+T#p
z&pu!y5kbr$eh`i<*w&Af0PK`=9i!H_R~S6txmf-VWuLM;O71xskG~`fM-Pte4sJ0q
zb|g&xeG3SxGV+}{79X5!EL^gT_~^G9%9CrtTQ(fqcdbO@?i?-@rK_D9)_HU6bl_+`
z#3Q*3@%U-*>Y$_4o{Gt^fIus$@2lALRpZRU-L^u?_v<dti@wa}SE4Wmxc=g`^=G|N
zINQ`sL$`t39M53d-pBsm`T_zn?A;|(Yzlh1+qI!bQ&;EwXtj4u#r87Q8_IDRs`b|l
zf^tLIl(exszqH4k)W}lBkp=ms9v=Zx%UtaYG^qU=dkYL_y5UFeh9CA0Qu=Qir<(LO
zEqCtMb$~wv*~9}#Xn8;O-8J9N?RdH)@Ok*^VQ<;RFLK^h3Y%4GdKPUxn}1^$!8Ach
zi>MIMyKZpi>MN>P8h>f&ugm&f=^uwriEuul-t77s@2GZ3_e}<Wu=dMFiOYF~3413r
zUeE8cLXn1!@q~4#>^kV6MpKwh+d!ZxoVyP<cl>>ME3|Ks-}8_km1evi1NSFpnhj;R
z^1rY;BgDqk=NKF!C7(22AC$WP@%B7T<phVAU#JTQ2ltTpNn9GDh20cO2^X-;k1>Up
z`$T^&eR%@+W>H(~cAgk2-PmT*p-3?g{jt7U9Mw#C>oY;0&LqL1W-(O~)IU|O^n=CV
z%HiMaLLj6jAj-Y|R%-7y8%{8+ahv)ck+>k%sQNh_bCJqm%P!COW6p+FnjUqZpf5bV
zn_U;>Sn?FE%l!O&N5TiT;q|n;l2@N*W%0`%U%J@JfOj?>cO8stmm4x)Sy9MB9^W>Z
zvS#zWS%#r<B43wz%(EUxIWWTcz&-;oXpeEL$MNfIxs2Swy6WfUVI1mhcs;_~NIw)3
z@=BeO86`ztPO^UZRrfzGHXlxZ9r5m>3uj{PLQkZ{)|$|T){Ca{Ke?a(9D2fg9onYy
zf`{){?C31QTNkWZOl*5P@DTkd;j0E2B{YbW=RMrFTwVaiRO8=837#p}pqkoPvx)lQ
zE377{!BoqlEP&P~W6e`x%&HVdCja~BU(os1vLJL3Ho)=f;iD`Xo(zkxp@S;nIXk&^
z6fG())Klo(y9qe$UHWhb4hH4dt4QWLw}hBp#0L2TpRXH!KDv5GI%J7q9`b{P?Tmmb
z!xJh~r<GO?f8R-?pENI7*qYSu%ij4|BU(NhTJj{xQ?l&`{cUua>PXbqjM3gu&+aa*
zKVwbO2jMZN6^x(#dOaA(O0wg5bbbrBwDu|YXlXQFMdvKHMldq6`D?phUc7TV+njcs
zK8TpVyLO+EYU9mF3kV^^WDqnX)|ciOcq??DA9vCJI*Du=NLCn8^yQ*6LP6U);<lnx
zSI5enCq&1tdlmM%`NrxN2l`V^-u)P|2cx<9daT3s8ux9jev*wQXhw`+;>ef#6ph5P
z+NJuE<i3jshsJ>b;YQ>_8x>c1IkR{00wcZgd|8({!F<E70gXz7njEMPUt1};+E~(6
zrM)<Dz{t68qeH;d60vN(aULf#{T(uhFKN6TG8)FAdV=}f)Xu{^K}!o^j?O~64(y1A
z4e+62y;5nK`l&<wLqg;#qth#U-m;dzvDSm|eAVjO(L#8MAd{w*{@Ooj=D)3J0}0!y
z0Xa%m?!9_}lWE*-CLrwMeV;7gGwxDc(4wQ#Txp*C^FqgGTPF1zoAxuj);Clel9P`j
z!H!6`f~f;KHb`U0*d+Son+&>9ya8Qf;$P`LwW*gfC;-8qQYLLs-)2`LCj*iB@!rMY
zF^u)_(TdjRvsg$#z#U34t?Cb{yrWZzX+lM<E->ThJ4+orY*2T1zGFEg*v!+Lbwz+-
zP3SdP*(A7HmCtZPFL({dB(&+Gt#tddEp^rvT>3{50s?)xf%`Tq)mKvT8xlnFu08Ta
zhz+oOXO2j;Cm{5JkIH7FA?_b_H(e;XL|*UEPz0zfqud)tw)gtAc=BER#y4-A)Tt|{
ztz9z-`ERFOdBadQIFb;^&H}bGVBb6Oa7bDouflSY3s8M!{(k>Kv-vxqLtq~x{mAc>
zdNtph^xd|(N6k&9t&3Z)B|B7{Ju==N@7zCB0MU&!r<r-wVYu=uuZT})kleI}!;zpE
zz&><K>E#J42Sww6|5F3djjJzX4CbfMJj+P|=I9A__7fe%^FW?r*X!_|m_8HvRrY>v
z@a)6UWNW}PruGU=XxmCW=r!`E#yv1YjexAm=HrD;T>jS!)5@qh?va(E-Gzj98}E-V
zuk?$g0?d&`QrNvc_v}zum|HR1VILHRVO(O+glL^ypz+8GvtNGj$=3`!!3UJ~Chb<o
zNODt|Uu*Vpd3@RedwzHy_-n!Qn_GAc1cphiLMJ}#uL<KRIJ+>Zr#IxbG3q6_lj?o^
zof5y@QM!$y8Tu#dLV7~NkLgF|dPUYpH8Bsu!wzihLRQt9LW$(Dvvn-@flEDW(EdB-
zI3o)z5uU+}jSJoU0xP9-9!{JJG*G+uH1(HRPM)Q6NZqoWx>f<}>9i-~`|X>0VCHM-
zD`P1aE{qKK+GHA-*6G*{`C=oSo$GX4M%(Rbm%WB_W>4y7DzCp>8(bru+n=lHZWFj*
z;8{d|TShbu#K13bN5!@eq7At|Uf*R+2{4hg*X@r1pU_>sRh)L~eereC592kjkzN5)
z7_os@)D$;}=+pdO+G<);pT!OVjS<9JMJQhhdV0l<OUU19b~{p01oB4>AU*{$%+wT(
zx=)BOaLaiK>@=4emk$onycpbg-C>Lq+){pfQqU=qNT19$i827A=jL6yTzs9vodKkm
ze*QQh8*QVCd)x+2YOaTw)N6y&_Tm<!NcxfH62-eE<iHaDf^=d=$;k^7?_F<{tLbqf
zbYgIeTR<zPAtvku&E#v=BUFOgoee#?dy1l(;OjIeg0|Y#PTC}nf0DkpH~-RcYYwql
z!8D3mOBW}Mxu1o^hgOz1#x^MeJYCCDZ@lM-p4bY?LUZZf$=od*9Sx{$m!AVA=F5>q
zj}lN6mp)Z46(1Uco96CiFp*tSakz(Hp)B?fS%+MbTb9ocQgmFu9MA3dZF`yMODpak
zm5md2F6COVp2+*3OCpzeWuvm)n`mTR$wV)K<9Z*VP9Iq59C`)#{MH5-I?gmdgsm2S
znn`+rTF9}R$<}G;UsIzd<U>XE4bM96C{4;eXxh4ycjvK2Vfh3w3<ZCCD}b-68eRJ%
zMh3QX5^yJA+&?bgzTG7_z0c(F32Da7-T-xN$|aqXv9V;WfXCO4%0E?E=WG@;2Uu8r
zlSB`n=D@6bj+7UFc)kqjNqG}yvUsNhCwjytad@lmQ7I5E-i*yHSCg`~B<DV+Cf0MV
zzf>4QM`Z{&b}-~WsY)aB#+dVR;w}(mCJd9lBdK4MK(8)Kysn$$vJX{yT5Q~Ez;M~T
zYLF!aTezNAIZt{`>c^@1!Mn@XOW)eBKX?!(t7LcQRXoX5n_c5zzwdV;*6bYU)wzh$
ztQgKY)ytTkT@i^B9|GHb>x&M1lSC?Gskh!A4lvf&v9b1?<TgW0@=Gd~OV$emm&zD2
zbO3d38rByO4$Sn(y4cj_psCXk=lE2OPR<RtVLUR+p_8metr-F>%Q{8k{ycv*XtF|(
zFie2YFS;%UbTm;nEu?U`3bsY*9z(OF&2l5JEHBqiY#N7wlk58-nQstteb`{0@ID`-
z2K9dWvxwhBYY>nFFaBwDjgR4MevTLl1?i{+!DX|bdN!eI7tWrpbd@n7(J4YDhfG!F
zjNAoR#jl^=7dGX8xf(}Gny_}DQX57~+cuPtz&1j>l*sW~#D3I;0w?XyZ9+%B5A3Ip
zVJMY601=Mtk-J@fkuv$2r;dmeS$bJ|eRpM<9yF6->VV}nQOjOUe~<Y2apb91NgI;8
z>s3zyYy6nWJ3l7fc=VSiB9KFNlSg`ql{F;zIhY1KER+pMO-f|zMj1fR`#&H{{mB-A
zv@cSA;>2bA=Ou&h?t}6t7Q?Q5+i`vpiR1VMd>E0{4EjPz9n*7y4|Vl?*=U4hLM(JW
zDdt_@y5Kso)L7fd4Uo(s8~%ad1Drh&a}J-0FQxG&NrjC+(yU|J4)aKtILRm~mZP$b
z+YX@&OwGDCd1{ojxchwblKfP?o=1g=$Dndm)gj%B@h^QpA|(7W1V0LBb7J$~%58vl
zQe($bQPyo?&r3p&KD;eM4N<a1ew%kUpt>fw$AC!Wu1f<?=}0!X6k*D<6brX7PC?J-
zmAEouNy=3LfQ)RRVuvCjf8xFZj;R&9_9Ost8n|@F=Z6lXbfF9M8$L39IlLdo1S&YW
zl~`(=%oc`<Q^yV-iYW9!@gUK-d6t?8CA4U*{RxdN7=b6e__{u$(!_Ko<{notPjmj<
z*yReD@w|My3+H;o#>(H!LFtR>Ro#P0kwbt^BLYL55mh^e!iNXAyngW;-VlE1NTu$z
zdGI8JyAH%Jb2eQVhk1^S>|n!5jXKuvv`@uEp%$ZIp~&E?fDlbfOx`TcAQUE`KNaE;
z%`dC$5jY^*ATl~U$XO!mIh?ILS>UME`KBg*x%App8#wcZ?U<3Nfip&{2L5ZR5hNUT
z0PG9ncfgqw8AaO<cdH+MjtPMHecu(rT3%TypqfR%9HT(*B1*jCb?b~FFvUVo%E&DY
z&B3FUIfR(8!zgSy>ynI7n1h24Dl$<|s2X9{E)4Pb1-Jb`vP+nF2VzZr*K@}%O+U13
z66fKmYKGqLES-RLTLBUILwQ(Yc>jEJF3mXA;X09dwB~c=F&>np<j)MIeN;8O{QS)?
z6N`6x5jD%#aB|4BJilV7WF;;<No0g_|55k=zjdk{LZ{mbgfLV=>L@ou?HitARi=-{
z(fh!a4(JWXOOYY#r<Fgzjo6PXSU#7tM7rkYw7Z4abP2E?VQU=;xh%SI(QTi-uzC@{
zgjaBuy)ESF^-YPdqM`#Y!}$a<edrumGy)Nh<jf3W>!h8f>3GTjBZfN)mQVs+PMxE0
zBXHo7^smFq%+Jm-M!NF8peR8h10cizx5;(<&~8e(FL>&f3)vX8p_Qm=PidBR6*BPg
z7AvHY-9I{S3^ud4=i+thIkkxo2L!`bErdi@ru~R@G6i|QyUU;Gi;^>02BHb>eipCy
zSI4<|86@#XaCKz-GUrh6J*&(p@DLJTB6vZ0>H1$m`$p*IKhk!cAhYG44+=9x#BXUD
zyC-4yL=GFUz>CNJQkN(Hp(X_Bn%%sjCs&1Eb-&uZIY$G&2t7=npt>t_;@P@?Kl$1{
zfwB#L@FPeo%g*^BQ&#yzkG{fcv=?Yfd8|=GYnZ0#EX(ygt)1}Nrr-Kf!LFq*>Nf;=
zx+yj=LYP>|OT8jdvT+mp3zm?`ux1Y*x7{)c0f`blz47;`*TwY$NBpC<lR9!;;do_R
z8p-WIJXbkiTcKRl>@Dn_n3gD*fiLgy#IEuqeGh&HV$H5rTrK)|;$tp%a<9S*Cn2zl
z>a7;KDIK7l9UAz_FKnzhAWf{)5XPWmeKIEq#5VDD7os<-V`Je_JzNKK=fq>F=wIT&
zUEcUjLHwk)+3_OP=c+28PGxhOatKgVXR~3#kMtad+*J{OMb>+=j@R#aVV2VS%4&sF
zhM1no&@`Klq~H{y4?Vm}5v7@boHmSs$sw(NX4dUb>&T7J9rWERYqMgxSzkxT%ik#a
zIhYHTX2vg21OE~L8pk0vr0Y!)OSqKPdLxTU?eMXsWNtQo%lx6CGqLp9k2>L0RxS$&
zit3sW`IXxjlgN-C8Yq03`qo8(<i3U-0f8%b072s?GrWlo6^_wKuZco?qUKJk<_`gh
zT1)NoCPrBt8_PIGV`n+D%vWYPJi0I=J_T-gf<kM2-a9s@h%(L(m+ZYjQ5o=<zxTv-
ze1w#I>~@P6n&g?)F@f|5+l}nBn2oz0FYUMwuq_ZPMYb!n*OrMIgRqH}#I1-yP712|
zEUo#Ql5dO3lbe+m4|+Mo_WV*ELj9iqBEw-G;fCNJQ-0|ldhPAxA&RKYKy=>-G<l>0
zC=q=B!i)+D#d^W)+`iJTwm1E)4^pQgdJo*=p%QuzTuyc1<Po&?h}F`h0+*59PoEnc
z#U*T<4&h9hfEN*?xOIR|hRMB~o`2X!kZPivI$6?ol(=ftL5m1pquq(SEOC$G@96Hf
z*%NnNoZIELT3rUiVkhMZONFC=i6!JS1Svg?*PCAjr4+jCUPKsV&aNj5tluycvr*@}
z`c}6-!&G0q>E$7$V%e0okmShKV9)Kt5F9Hj&ci)Qms${$KICE}h_EFiGQPSV6KN$g
zLs#y~n=aNzmdsbO+nWx_Xj3s4w-4<j9;<%}3hXm<Ykex9FJ4DuT*jLh;)qr;8yXtx
zicD@c<uo3)H#vXngvwfC?U=o2I<qMoJ`^7|!Z`Gu3wdT#Jh*Z?l^0Lwxu45wJ_`FF
z)3?@n^o3k%?1(&A1=;Bw=7r}E>g!*$u(a_I{Mts{T)IptZ|!lJyqdtcHW_2yit9UY
z$EyZS!p7)sZ3fk)D}PU@{wd$gW>@+Wo_o}rPm+2v$w^z1r6aGZLp9xR1V+q1E<;A_
zCnY>y6uLI1B>eW*_kHP?%k1DLM}8NT+U1;M`{#Dt?euI>=oLoVC=VVFjdk(|jdysz
z)WS-m_c9zDU=@v()YVD6mia$3%2cni_0`S0OBm|Pt6F+EUg;M3h3h=pN;$ZNjA0+5
z;rPgKJ`J=3vK{xe`^F^_87bd>Z#gNf_qqM#!nJZvee;|2h0M!?cJ75lYDBniHL*9T
zXUh!cEyx7<K9yYOUT@c!`iY*=OpN&?Dl$5rk}O5zVXLiuWHLL%r<u%VE#e#V_T3Ge
zC#F3%fy?m_<9cBHPVGzm;=6G>QhjgbM8$&%IX0|W)lxb9vu+qyUt%)W`+H59_odJ4
z?&~p`w|dM)yv(B=KDHGf-cjjl{j^~Ja_J-)^-uJu7at-dx=G_1oiA5=yPxr&DtpT!
zG5z%yglx|IHQ<xotVC5Xogr1<wVUN3y91(ki?g!uIpX|`Eq{K=+&beL1mi*f5&Z3a
z|9kM~@>2^14LtpWHPZf<Si@_}<j2OQ&;Kv1F$PDH;ZI+6Cq1iW!BI^frg$gu$|Zc<
z%iQWsHez8Off5jClcqfhM+Ml~r9M0LJ!BYYmBtE1T92)_9JtMY#3(-pRLl6MTLn=1
zB8SLU?lWY`SR}_=@kM@`e#6uju*qmm{{ydp2+HtKUd=h`jYGXG(vY9Jnul#{w)K15
z!-z}lnaRRUTzxp%WOx;JRTS~~7%;M+F8&o*bK@+<dOSvTsW&wTf_=rSyoKF58z$hJ
z2MG76evlPA_}A_VuCEopY}#WH(wC09w)mHAWU`#hng(|CMY&gbY?L1rcO~nq;j0#>
zXBTlSRBwJQeRNd9?1%M4OiIrgBFFlFW?e7MX7b=-KBF0T$i-JPB6zGBH~xcWEIv?*
zI_=BGO0uu8<}{Wg^}2*G)hAlF5_dAHnHGEbnblCIIfw@_(wgPHJW@#qu;iGJU1d(A
zHKKJZV9Nl>_|dh_tv<?;`jopUNKya24GxTRf<3~>Yq$4NS);ae2tK=kOVHyta3?3y
zBW;NG+KCt+*bV|qz894Xy@h^5Qa`L*wZ}gwFNE9p0RAKwx||bmBOy$P#JWkU+<)Qa
zH&hYZ>)nRwyB*z7M1YPN_TCrROnbupyYCK;(<&%fkFhyFKz=hnHxP+RpZ#*+WRQjw
z6!_nAfmO`TYv=9{5U->f`tVC^W6{nSReDN%?sPHx9=>}y-@(6T<HIFA?rJPoiQh9v
z{G&mDPo5;D@eeLbt>63A!poI+TjzDj$f&RsViuXo<iYZOTje*;7$2J&v|oQBI$U^G
zD_E1qsYumW@Yui?@63wHuNyd{XSYnr>)h8~hi)UcXKcr&RjFSk_p#>$S0O#KDsC%_
z=cD@%q7+LU(Xa)3d^Ms9eG*}P!Jwkvbg4E#G5Owxd4r!E@D~=JZo}V3Ux>ml7Rz%>
zuON+#gXnVYk?ud+J{SkQKvc#h0YscVeaB^+piVKmyhDs$<^E~>@+O#<kJ^IU5!<KF
z6SvWFBdcGW)twH9Mge$xf*IP-!42tF!gkmT-NHOWS9iZ%U(K<(>Y@W-7eZg<<3>Bc
zi_HV_`VZ<D*%+HsV$&fHDoLSzyJORy)26YH+*$OuuGCOF9^B-F9-OevW0&zEebHLp
z?S)-&zX@j%;#-V$O5-6guBo(8NqKy&_Z^*N4848&^L}f&dlzowF$ZZ7x$XC0A!_3g
zJfhgaGj@y^MKU&L_z0i;-W0Tmn&`gkcCp#7zuePhMQN2_EV_}Y7Cg9Uk;gZr6fDbi
z`0ba*hi9kK@=+d?_ibC>@an(~f`$B$$f)5rc8%ReqU&_wfw?5sC8s9@rTTt(JOq+B
zXYGjA0)}p<JqDtbbkz}WXaq|w@%7-Lo)u9HhQBo5M-JFz1dveL#F7^40FdQ*__+>Q
z0q3C|;`>W=0$w}81>UY1%~{@AV$5>P_&k5~ag<SPWnyXrtc>w!zXqW-GY_!XR8L2E
z`au|h8_gQ`s}^fobzuTxe#Cm&Pas^}z&&m>9NvEmDAtR9s5@Oca`=D}C|qiGBVZjf
zf)IIfn&rAFE3NcIyQSS&kZ}og{WK;ObuDiKCh*Y+SzjF^y$RyCBpUCIBr^r=jO7|-
zI!N*SRuX{-_H1??)#@`D!4?zwlKY88&UlX^^%h>dzQI?AQZjE?wYvbUY*T0CgN%89
zmrq``GI?wh9IC5|q#qi`*4~Mo_7H3Fl2B1Dl^biJmPvbbH8xzxuWR#DQ}^r=$EDjh
zvKtU4?AaQgBZ|P==zcm<`3q%8k)W!R%?sHM1J}AytK@UDR8$^*hES-$nDNg&V~=qK
zw<)qAJO#a*TS|Zwr;I{dXy{lg{_<Cn($vX)OnrFQUaxjwg!G0v#=QtEJhhap5!D~#
zh$%G35|0Cu5s9?TU2>Og|2yOmqy8K&3XtRu2H=-FBCnD`iWguFiI~fJ3V9EL)>!Q<
zhpUl}aixx@DFs;deV%&EUlDUCWl=g8{vj$nNSq}uX@9?}e5vzAQaGLH^tY>|_GfSY
zMe#YpU?KJoZ{<~67lSM$t{eF3*bZPa#%LB<4fU@8^>hPN7{X2Hr<yV~ArgLhBWv=h
z%`dwvI+r_(DKKCK4=3eW#T%>O4bANZCG4gm<vlrMZ6`2b$oq|W=?4KWgMD3f<gf4R
z6?w*sel$}uEBC2-;R0#^3Leb><BDXcPi%2WLEq1ri}(q7!6rD)0@Ug6i?PKNT4TL8
zt@mJBUtJ?5zyAU;r2|~j6yuS8#qCto&!KZYv^eD{P}wzQf80YBPS!X#bC?Tx1Y%$Y
zP~QQrX$_fuw<W^dd}3>M)n{4u_((eEw#+@=08Z8_)lGSZxtjId(N9=>k^KENd?m?-
z28vj{Iv4Hn{inCaq-p!k$NIi~QF{1$xAl>;l2QG9K?Ql33611>>kt3zgr>)?vMO5U
z)+1^IpOw=ewy(9msUzfEa(TXxgFXIAB3)91yXD6_XJ$X-bfp;gYd7nm;$`OuNNlNi
z?;N_rx#Fk4))tO}Lg~eh9nFJ%dZxV)?QkK)-X86X_xX8%>H|7n@LQV%Foija)+u1y
zXV;YCvh-KhstKSY#wfQ7$`_ysE5<L}vjSG)Anq8lSj2G+e{G_OXGh2*trG?s0SL~)
z1N9_L03~Tq+NHiT@*zbqtXiX527P7mXfE*G9`F+;EG*I`T(Tc3N{^JOj_G|;isQJK
z>`=|)6j$7*cOV#-dz9Etb((A!H{Jp41zqIW#L~rAP$p~x>u|jF{&>kV+^8(4T9Em*
zx6gIgD7>@9&s~#^e$`XduPL`)Mz0Q+L)veWSw;e9dhq(~I$@gUYwO&sbX7B{%e6(}
z7s>%y=KPl$6PZDD9rW0XbJx@IBVDq+(gxpu<c{1Je}O=|Q0Pl!XR)zO6a!Eggjjpc
zi6=)m7!cc^Tq=YW<E~!Plu<RuBwfy$m*%ZL)*B9s^X%__7<w-`CX8u4w$i~t;eSAo
zi2eUF2tpD~qJf7XJaSRu603(V6nz>spB1;;#lu{>Z(+R=Qd&r3$ctw<Y9Z@vmeqFp
znL@vx8p);Rrzvl>FnY=;sp<JIusa*pt9oxwPS@6U+m{P^e=U!%VB4+Es&7x0rxs>l
zlTdVXHZUlMglc%41iq?x|3!Oi!9n2c>nCR0yU)W7pFEAY<MPPRSmBU=R3?@XHhKN7
z@MC?3NNd@%0ukBh<U=!-fcc|2dR)#Jr~^+rsqAm@yayHG@ONloL=Mj+HbSWw$MDrU
z`5%l&JqY&Ky)$hdAs-mDsS%F6G%o^dOdGmIL^P~z;U37>Ug#V1Se7HynWC*?z?bZT
zB&`)`c>78AEvNwE<iTnt>_CF|{L#+P5l|K7Q_c9hL7TnRbVOBbXXU*&W_XQ@m%e{&
zuJ|X!r!4d${z!ke7gV(8RD^)wOb)vS9iP-&nC72ZM-~8xcETNwqf*9xS9zxMUGy*F
zy(3q2G7l3x^!%>*O?nyw6<UvbT=bfAHx|ON`PBBr!)M|T`h>$H+4tG4Yiw`nPt>LV
z)+FB?W#j8zO^!$*niG{5Vi89fL#MvqlpBV%lIN-2eAjNL|9}#x*ZK(#TuV>=Vf`dH
zk->y=wTQpJ%QiKKnBT69*3>GUgK6yP=9!QX^nabna$fDM`h<rq^)4fG@hL_>>gu<Z
zMoAm(n%tg-+57KX?53?>G||lt_8kA(=1WhAZe&PZ$ag8<t<Fp-MnA$WdR~t4pNU++
zLoRkybIQ)BAnjf3C#yRwp{5)Umw85;RXvh-MuB{mcM!3xzupbc78cyy$kWQ%7jJZz
z<y?N!r5-Inp!K)r^zhN&xl(8t##g1}G{2m|kJMh@fE7}?bNDfT6xJZG(jFXxfrf0W
z+rc{fE)AqlIxj_-c^MgxTOR*1{tG`WsvjB|JCB)Su!T6-gu6%ON+%9qSSqTOnJZ?y
zvlvkB3;xl7kA%%@03879msvi1)#%Ih$SS3>t{5Q`=aE{EqTs*cXAVBp7pG2ErR#W*
z`}G7^z;mji%ri64cJ7dUFKiY_J&)S~V)_05g&52wWZJKvDeX|9H|b6S6*$BIEdsmN
z(&oN`JA$LT3oP|3IzhH6Ok~FJGcig7E0BO|+5QK_u-E$+V!)nX$OJ*m51}S=mN`Wi
zhB#Xd0G9hkht-e|gR$X{6sML<2=Kasr$k2Or<Vtqdr07xzWna%_{iAKFyTI~^Jh>;
z@wXSl>LZmr)|AqFjth@t9-@n!Ciw3fMtllfH0NQK%cC$$xJPZ>%3-n~mHW8my&-#*
zb7zx@8I{p%xu`1=t!#r=!DAQ`hv#^VvlkZ3FSMmM7WxH&cV{4?_QmyUS8hoJsFpz#
zo)*<ER2YC7y~zd=hhNj4U&59GzAmxCNH(uhS=cU|_w7xJ2h$92JmCdr!=lsPFuNZa
z&A0TMGaPw%kYE?bTK1r?mA>TIg1q_(?M<*>Zik478OJlTTHaf|SJDS!0m5l8oog?j
z=Ubc~zjoM&j2sY_)hL}y=_u$C)RVCM4R6<UJ4hF=5ldMYqD%ve|9Ugx;T6?g6&uAN
zyYEM--sPL0N7s!QRI_ggFZN^7d5N~zqkS3|Y@_u%iHua@k=>@e2^UPT6<Fy>(Ra2s
zJ=^SUQ$52AQrJH`3cEA^NNGD+w@sD30*<3@qFC|3vAk+}_D&W&kVSc&0^I;@qn>3q
z{EZ5pJ9BA14g$OjNgsgZpK|d93tVnpOlK8FXmY!t#QFC2T{KKhX~Fd01ZQ2o#KG?%
zj9DLUe7WeOG5NGM?u8^pquBX_ry%*qSvRmFfa0<zLHr<}H@5wXt^C$P9_QxDYfo_=
zJ%3;BFn_9D;Dz|bI~)fP0AgXl$?op&@6UdO(LJ=OBH1A5mB2(SDoeSsD$5f5<IcDL
z$D4ok0vSH;4F}kek^HmkH0ysc`YQx3UI7~{T9<x2L=F2)HK<`gCm*cVV?Oq7LTpY_
zjgB21Vwg5kr#F33wwx%L8Ogp$wUKRDUenT=S->oxq<<$qgfAXQ00Yjn;ear1>jCta
zxNNfy8~E&$Lb-Qnulo%YPD<AlCIIGe#4r8^&`Sh1hEtiA<HxeHW8yQ=Vu(HE;GT;C
zI#um*e$4*hFE+#d@_*OpX6)d{T|8!r%^uN7hf=0jCR)GWd)+Jv*tOOJjymO0;}gJ-
zk#jU4AY;FsTl0U321c^8{ynXXAwUjb{>R1FbLo$>Vd4fDkFW0t-WDnyyc!Kh`JVaG
zk^r*9@A1P`2ssbV>*E{a+hNo+btB$P^LSnfN!T~0YUH`1o@&zNkssJKe`is`<idRa
zR3LZQ4z<;-s@hV)4HqJ%ZLz)^X}Bk|qb^Ypri;W7O)HAMCv=ot7>oh(bN8p*sg;Bq
zS|~(+x3=v=NjP_#Fw!m=9G!dM?bd+j;=<hTu`U}G@je=mnVYF{bXH9(q7SX|ncEOi
z`9sD58_^&?^e6jA$Vamq>P-kwZ_wKl)zO`QT!M6K8A+g5eLD)KS5o&3Akn?;Ng<{4
zX;T2#Iy1~TmF$V-3+AO|7jFo+5a`wq#MWXj-x;sa`FSbE7iX{uY~Feo7xNt)F88=u
ziwtOv9E#MK`PbaQ%{m&KPMvz=kap9@ui9NUAKlST+H+$LrCg+)VCh&@wV4FKbAcn-
z5<hX{X8deM<`<c3)F%9f>St~TrF3R0;lYv7qHZkzCvtTvLS1|$CVE>CcOl~O|Aq?y
z)<*=$m;U-34$plK9DjTc_P>1&t^DEt-Q_T3t7D(|#X0Hj*T*eJhR|u)GV;-JxA>&0
zxZKGU+rgiE5E-lY6oxl@>O14T4v#rM{eQE8vEOV!r0SksF(~PXLm7<+`uF}U!1S=r
zJ5tLv@{%f2Y{Usy98ts$i(wjKi+Wnta|pbzZ)o78XSXwC8(ot6;KcYX_(${DU=VrQ
z=9}m0wb2iAc&L&2-MHN&Hj!#O3fxA7qpU5A<_?FQK=k3)<DxI1HAB#+e$cb2iqh&Y
zGL^@45A4HHjpCIrS4Rj-?!Q2~ElbP)q>33Bb#;J{y|BhleHAm_;`o~hESxccLA5_j
zU?KCK*6HGfO*pn#9A;{NmXG{}WN+u0f^>&C)5pdiin8Ck?=x;gW*va#6klN65u+pb
zA+}|AXfxRa;1epdHJs$l0OZE~$Gh-OF>`b$fs>s9IqP-@r4!M+R=X!JQ?LPvCimqt
zz*hWVrmR<>&<SoZ8t-lh@l!$!8DhnIVUyfIS^O%c-Tm|SSH`_}!@sKl+VFSRZ#&{?
zOIASrqX=u#5+UH%!yH|tY%}y7+bio_zUkc=n*v1Q_2wX+zzQgJLV*_z_TT^(Zw<fg
zFUYesxsKuwV@ozEp#UCW?U4)>82#GAbY_m*+zXEclF0Xf?=b2*{t@vv*;wYCCtPA+
zJD235h`V=%V30fy3Vm=D|02p0%$-N5-S9M|Cc((VTQHJy`V3KT1smIF4^!wlzQEIf
zjQ^kkZe^;Qvw<6D<$%o+b~n2!i0Y8n0$z8&welv4!1DkZo0lE*faO=)^R~`=SBWMl
zMl4YR*9~${Q;kq3SQu$o2Ei1XLD39-NH9|UxT0BFS?ai*NCG^5eB4*{;B_M%p9BH(
zQClS*BjT;03V`T#P9THfn8{UN@UYH3#@a|9<|>}qRr}EB5^UYL9)r`KR&FP(`&+=c
z5RPyItcAQsYHgblEOxqKu|=Qhvp*!}UvRoJ%q(Q68nWm1=}@7#eMoB#X05M)bbg9!
zrLlP`|9LLwX_RJMjN$t3b(KuI&kT*wx*u#>NWEM9;HfPg=_%{X3L^_wO#ju=D~&B4
zp^4Ji*B^p-GyU=6b{KHR0%Upfvh)mGYuPVf;Cf!lC!o^U8c3DKq4vLVKXj7stNrVK
zD5s2DAE($iJG|*x#(_Izzx*J>Z+3|dvL>gH>UnQ7ZJnO;KWM=6|B42b{lC+Ivj3m~
zpOC<@ja}uCX-}!!ow%z<Y+pL`p+MuXaP=pjgxLVePw{eSf=|H6SNIaWQr%_@QR4vb
z!8WtGTJ}0I-x%TW4e(P3Yj3BA^EWxd2*-pRbaD7@!c1@R3Bq6<zy37kjj}=umT~3!
zK>=F4C1TdLUc>X9a`Fep?3(TmCgxKAlLk1Q(SY9gy0)83E?)^$FgunsFU{`bw7hmJ
z>8EK}+BSf){pNz!F0oI4<A69k4ru;7hQ|Rhlz(u5`G3IyrY2xKfzt<2v~mM)R3Gq7
zq2)vq2746W7hisHIAjK-E86pnv^GROe}!}_Wb<CxvA_}LqA?|;&ai$Ku}43zVLLm9
zch1ns&(+9go$=zm5nu6J-2GWX@p!4ARO|1_Zi}X}!!2el-Dpz;d@-^Wh=rv`htp{u
zp~jf5P1lS*P2D0fAODPw$w-V}0LQ^5^BXnxL^PZsQO>_(RO%|r5}yq3s{!MtRNOfQ
zpi(-y%Kz$B#!H+!T~evSBbreOF|X@}&(iP~YJ0o59|ISh`5!BM(PK}Jyx?-H+d8m3
z6nN%wU3jWmcPKKKUunCKtz#a=@v<@HVa`ZEg_0=Xvx)z~Da`h*%ifOCRiJ-niiov2
z+E&}CGr=RW1|>wL)a0)3v;)qh;@U}yDJM)4W}{-|ML@~(w^9!d=mfxKPOzc3mI3go
zv2I?PBm4p{09d5FRiRy|G_?t;Z{QTdB9|sN5Voak-eYTqxS)flF4m(Y8(}^NfhAox
zzh%K`{BNY?>P36|o5!;1MGSB3etd$Qaf<+Dpa%?_CtT8gf>ipG?Zc2|-CtnEr(BF(
ziNR${AKZ$7y(?R653>r}KhXHPe1UykPu`Q79(02B-{<|(E0?&}a~+T{8?g2#=HKYP
z1Qmv0SC8p1)XX|w1i88`QdITNZ%_jAs8*`E++V#lvHid)p!F&7Bft3tI(wy=ZCYMP
zSBo2Ua9^8FSXB1haxz11X?Ydi@w(L@gjFxVg|FeQKsf{FM&2s2fyx$wOe?RUGVG-K
zcKKjgchco@t$F%<uG~hO$XILTkM{dSW7F~h-ijzDt%ClV_GReq(N5VU8$On1HoYOf
zbhQdenyO%`o3iG!n`L)hyq*ww!PUsY<Mch2h}p{KtWjj^GJd)5are5--!=1l!YQS{
z?SXiqc-B9HKiHq`%=2sS74rq;Z}N7tyQ0-MwDS~qbv8NRp=*M5@fgSpcIL)7+rrWZ
z4Q<xbZZe7C;U}zy$J+3fs|tvyVwe)K-0%xH74Q}K_jCkzwei-4a!;X}rNz!||Lj&@
zarNUOpG?Rv-ZRUsh{Ngc?h*GY`&X!#di3ADGTj|A2y;&9=Y)jxy?^^1D)xStvprr0
z^%aCCy&gz>{Y_#4HLqO1{lfO4PYfW6SK2Fd9=aNPi**#ig=il3^l=QrIUia;6CfXQ
zUCLb}AoAoldf_#pJKRw5Pt_@9@%<oBiG->ly2;b}Cx;nSjse|urJFUtsM&O-eSB3f
zsquUWvAXwbV&BCe=z}Th<J}Mf(s-LAR@`!(TgLxo_z%xwi66{~i8CHYXsxEiKzt*I
z7vX89dflFTja}T=TC<Q3ed0gA(Ho|gN%Z&(J@AidwE8)@GtZjFy-~+dPXm1#g*N~t
zn+%N%jLNg%k;f({6RY1Zznx|+l)#zqRPChr=j>QnJ~)v<;D&g?*wAlBiI_ZgzG3Hx
z_oEl&Cu_QX1~GiG60yiElunB7duhf6u0lvSuEh9Q?BffdzqdCmXCfvkx*OaAJL}Wv
zE$665^3ITcGrVq*>xLc1+aQk|YvQz{{j=yuIX@*Rt6bK@>`Gg>D@o7aDZ#mCB@0t%
z-?&Hfl;ZXTjdm<ih@f%!HdBI~N&GVIQ$|G9rNu)-<oJ~m$V=c(>n#kvE|Podftz4r
zoSEG(Ypm305B5YKsP`s==&N2j{m@V8C;-;^X}-n>-TL#I`WuSh#e%NBa@>g>@ye?h
zeWuJudj%B_iWkCpK8vPglF2`cx*{-tA@g?w1+!Qpx7=c$H)=RV-&e4-BC$;<&z|p{
z)dmgCTHpJcrP38KzuPIU=Dlgyx7oDf$_{XcCupi_`zFUXsDrc0!xrA=@t%|kZ!Fm4
zWPx;~J^VXW1mntQ3w_gzG23G|)0P@o^Lb5reue<OYUFm<pWV=u8-iC(5OccwUU1p(
zQOOjK3ya9$pX~DAVY1BH{Sl{xcNM}-W;DMG(Zk2%u)zgYipqv=*P;fRC?&56-HYsj
z&_2wn#w(ly^-g!63LxInnX6~U(0d}EUq=*YqW}2sWhgv4OMg_41YIccp6C`@C`p|X
zK<~l++}c`a?$|3bB0aSMx`6rBIDcZ0pUv6AE1*)AcG{W!5m}&2&HE{D4XW4qp|kG}
z>_~ZhQOPy*K|-=(Q?r#>H62a?@nyvALRf#EPT5b1W|t7}5>)GLnVI^M#1ruv*&;be
zEw6xHZzS2{jgyt<-|M;CD86%5uUhx6%`KIqEjol>NMWb)_tw;2?cwNhhxVXl$#j;q
z<e7)GtrXW_1K(OkIqHMHwp)m(@@)4h*`(743ti;Ez2DJ$5(E&h;qlVDgoDFPLIf?=
zt)k;^{+vq!_@W%EZNhnKLpy}9ztz>AjugssaB-jG%dve=ZL3Ps0~0ciWz78jd4KR{
z3WH~VU(lA3mH$Av9$wi#?=#57k#9+=w_|6VwfpI;qD^XoR$`)rEQRh#xh{3=i5!Cd
z4$9RF-$~KMp<tEx(bdaNc~M9lWzFV&NwxaUKlJmBE-@+j<(1Z)Mxi%DJFfG_`s{Nx
zg)$n54O38>Qnc#%8%E&jh3}vkb}j2X4;%`ALhzqc{m)qYM9DfC`MX=Mt6i2y84!W*
ztT^5Am_6@q#akED?as_(#0gLK{K_yEvQ-)X*&FemUR@sZcN_#vTKlxuzxee$@@6+V
z!5h@K(OS|5t82EX5d3l+XiwVY0cW9pJtr0SZ^sY;vrg*Yb~`d7t9rG5lz=De=#J#1
z{c}OT7wd4Wd6!+2e0$BXXxk%L??yrM>0withb4AZzJ$OaAb3YdN_Af78XUW|IGL{}
zKY3i`&U6_(dU@oy)32uSd82H$)6z+0XVk~{uPff1Pl;=-!v=l)o&nw<qiFJ+dySql
zWAu{FSg13m?o!4q_^g-4f0LZ?y)+5bG?Rx&1nx{_@DwJQE`MhH`mr8C9n;rGK9aHq
zUSEB_0NkM`VZiZQshyYyX4`rnGS3OlB{<I{FneY%wsw1P8E{|1*UuxXgtsn{hA}i8
zJ2Y+j^E(n>6%hFvdmO;QV=SpkE3}!mR@it7cz~2zTZ@pitAzc79QAq30v~-v--szC
z=-Fgt=Rw#id+f*M91^(Wmn$gf!?Qv@-UNs5N+F|M!#8U|3qDJ=Zl@Mdbv}XYtXwe|
zdH{WCyZk`32+ZUQ7r6KwEp=h6Z3XZ8DylU=`05U+$mRQRukg%A8lDw?)n>;=AkY%j
zPVx5Fk?}V*i7*cNDaNe23p*H<Wg<Lv-hVJ<rq)xo@dCt`&Oxnwe&aLwejBxh1$MH!
zfyEr9zGp@4GpCjrvAShhP|kU@i+=dfL%3<&<QignPmuEi;p3AhnPuf!w72p8a-e-^
zjLQh8kj0N&!(J1BJl+DgCnTWjchBw}dPR=P1%7_}2$)oVGf>jA(CCurD*wIWlv8Jf
zQ(mKD$|f{iO8VIQx1q|ZiN;B~h%G)cxcZTuTEFoN9^`D<-SRt%3_exlri)|lad=Ty
zoqwH#CH6BbFYozSsxF^(leyFPr73$z?RTW`K>gHI4r~S-H!9_pAH{8754$H^I;h`y
zcbP+=-<)hwGeB!mh;>ZK`K^<B@D}UWcgNaV0`Kv{dH6N;EhrwIp8F>W6l6#6b+Y5H
zBZ<M@pLORyYw=}L666g_hCzqb&8XWZ6MpxtHm8yIPqZoDHzk=DqN+Mbyx2;?eiq8E
zwE<Udmo`L`p!8V-KF==#2eA@!Y$LO+?_zaI9^3gHlzSBKV7$l9;U+<@`@fdj82$}<
zn&!L?xN*$0c9V?07gG5!QkNNnn*6G#pD4~PvVW#vTpe$eRls!2wQ&xu_qcWabHHIm
zg}@OK59sHgfE-GtPL8zmDSLkjujdrPf`w%MeDfxU0B^ND-~MN}@IchoanSxPrq`H)
zX6FMc@F*E(;8CkiK#4AHF%kH8KjzmmT7j*T5r~U*7ifn6Gv+AJPb&uW7vnV8oPd+y
z^V2YM;{(Z5Lz4O4?r*P=d}_|Ak^HdrYg&BRNl&iA3_g`9fk>NG$zaqiv48g(t~)oi
z(ib+Ku}qVnUb+)=5==7Eim>}CS`DlB8m5_C{dYJlkE_K5o7BOoADA1Jc3j+hu2DH4
zslBb&Wt${gK{Y;KcY3Ywjn+J@?SQhrjb1sJY4c2QVbV3%e%K3xKz^ih^5Ml&>94CL
zE*WG2wjs7uKz^to;?eVc9<BNFA!rof`C6B{cU0>o%ig=lL}nug2T-c82TeLaS_N-#
zWpaGq*Y`rk7n?WVr{Li(AQ$NWw`)kl#6n2vck>Y$pUxE1lcqI(Oa48crixN%lf0zP
zxO<Fqc&$&ZQ@KXe9~WzVLA#f>yX9FWNcmCjVm$VDNTbF+mpm5#0{>GNf*<VfdxJ_}
zYsWy2w;SZ|anHL{tMh!YQ}j9c;&&I{-9!kf`1GTPr^Ii737Nw>`Hxt&Q5O*Xp7?Zm
zkH;0?nzN$v@~l^=uUe^u_7a1`C!mLQZV_hs#m)P+*7l)6SJqapj<ntf`cY1P(tm%f
zy@|8H8<mO1-j1r625TQ)q*)>0h@#7G=vw)ixPq@9*>RRAdj0XKl+F(Mx@zL^lnV}+
z1ASBLl026CTO9&o3=l9daS3yp1TFU-Tu<0KKD~6KO89))VWa%JlvDol7Z7WD;lGq}
zmLmAcx!0BSra0RoJqZerzX(3Rtgf9$qK8k@0CDbd*8XCrJXb9~Gt!)7R7Xc0zMJJl
zz?&RQ&OK|4$cJR{5)bH``7kl!f`!a>@U~Zs!HAY!13qu$1ihsb?5o%47TM#bKfmXP
z!yaVh-t?_Gr{cZ&Ctt((`siLtE>g`44atW8RJ%6hj&gbx*fVR@G9!1JnpbD#QFcM!
zH#ca5nh9^?t6crp{||NV8P!zVz59YFsB{rj5K%xn0)l`DgkGeHAP5LSMFlBAK<Nq6
zd+#muq7(~7YNR*mNS8=&(n3v0IV<?!`@CiU&%4jwUk)D}!@+<olC|c2&v{?h?|SZp
z`TpjdV~DcU>m0&QUfaG%{nX|sj-@_fN+HqgD4|mZ1w;ogPIoIc{Z~Za7}avju<}i4
zgw?v-9AoV9DeS$A#G<Eo5g2ngIo}j+aaJga?A813v5$5YS$6u-_%%k?(GOnfY5{Iw
zV@u>7Pt8UCqVcO>Q5#jr=qcuSL!2aAU6bIzB{g=W<L8V0%)7Ly#P@BM1VvKdoHh;i
zAuy!+7R`&?__xxt7Q`az|LM9`F0d4i<YwqD7q;l_TxY$SGQ#@T+d?A*h)83K8E77!
ziSl&!lV-d2a*NLK!}FVfBGhL5!_O~A?pJXpWqThbS4Y7QPJtyEtHL81{XsRK=pN>`
zm{ZEPBW4d7k}_z!*Un7EG{D?2jMpeHR2yb<s=uks?M=rg3tpT#V|VRU2!SXJR`nPR
z!>2hOc${99VZLc69QEw`cZGHr#D1(ZGXJGwtkGW=W-s<PCFxbx^n&zkZZfU<$KJ(v
z<|<eQ9sCSuzZYLc&py#G3>lzKm3)QOz!6(z;@4#}-~j2>=}5z8T$iWD?zvEg0X=uR
zeAHU#pY2<Q9^i5%b=~BFQ2yM$lUm7mUTt6S9Zhtt+b}Zk-qWZ*Yv5%w;5_}Z+lQ9p
z8(NC(q509P5dX<od;3R;N<u<BZBObOd3K~LMQm;MbVTaR?B;dgSwhb4W76@*y$^}g
z#k5?Ygfj7*Y2I$wb6o3l)82>4Ps9inN=arR{=BxFE>JWZIs-1pQw%gdCSn8-vB4*x
zvUxg7pUH4Oc}Iupk4HQi)c-&gNWS*x{AD-=fD5_SWkm>wML;R(7?#)CIO3naj(FxV
zJR#~qNzHNDAiW5>QUgZ1tBuS<rUuW_K|=iY>z4EEC)lGkt6}a3<;!|H6}HzF?qqFn
z8=KvlvgJ!5PDGlW^IAeMwym|A<r(T7AkwY~7^G9=<=dEx#~W=DR-M1P=n(4abE2-=
z^TY=R=%R<=);~KoZW~MOj#l<WPAA5Urk!%Txf#8_NB00Y1RvXuuqv?*OTV~PQ1p#1
z%oXr$mXPDO?dV@^mCii#MKJP6#s6-emn&pCUU37>v!=wkXZJOp&8No7V-E>Y$9p~3
z;P`=O80?W6v9r=gXSt{6baxs;d3NQ(n}@FSA2ZOk2*W#4b8vId?aOh%t;a`b4UM>Z
z>v+8)k-9=`q4Bc@ABo2RL0BSoA-2KoC*YFbMST3dU_8g25eaaN%iG(~`>uD-se3Ts
z$tNV>6)aeM2dVnF#rLq~zuXL(p3W88!3XSkF`grvIt*&1Sg>+geE;=q765UGznf<5
z<oWuo<)(H!b89QnS-_1309`6`kH1eq^`sQpPca7^5XB?JuO-W}6HmSEmf}|XX5rrf
zCBK4|mwyYq)1cTp`^LkD{#$aMnCz^C9u)xrsRUy8Oy~@Mq5IoD05s5>iweeHiqvzX
zOFi5G{KJfiL8?pYIzrL0OpPe#r+((cn(KAxZg8nJKCb8Dd{9@a!GUD!@pC7)I6$ni
z{zo;|<jf=5&%Xd|;*%Nd)s81VjO>89Q4^*w4agEWoWy<N<WAq_z4EtB<CzNcIVEG!
z&G^W`6P<c=mVj@y(|+|w`eWl7-}V$(_}20M2-r&iy>c%v53yJN#?S=_dz)TJD$x$t
z=E)`y=Pzo`3IUou_l~OG?YE{=#u>ZmA?q)s#m-N$iwMp=Z+{~;dLxQ0e#3Z4Gn9F+
zq_CD@Iy_=3yD%+@iXw1DP$&i73|VeZgVFrsHT#MEun1|rgRsu`4k`)|a{-wgZ<*Fl
ziJd3|-_6~eeM`&j)D5mChw{xnKsW2$MRv{ey1c!j3bAVXZWhy_swWaNXy>Q%S6K0S
zKd;5jW&=yZ*Uy`QwcsmXtB5FpDJ^1e%`0ShogD6&MPpAr#Wu+v4I<p1Js!nn%>Jz?
zsxrQ&BuDl|%^O7IHH;+w^Hy^rkf9ARL^v)bOZvnk^%d@QCMH)E)o@YS-**cz6r?%9
zbTL}I@+;lubiTu35G|YW7)^japGIW!xuK_aEmqWj7y@2B#QCArWgg4Fepr>%=GyTK
zkPy99f2u19@vL3Uqg83P6gf0f_`4q77WmRp`h6KxdrWNeYSIQe-UBJ!^s5r)C)}zD
zl;i0h>famaan$V!ciJJYyKKuoYm1m;sE${Y643U#k2vsOG5a;e&0MSM=mdX9f$0j*
z0wnO;(G|!l&HP;n)ewVxLP6K@O(~V|*U9w2iMWK4{!e&57NTKTMUk7kz$4hwYUGiX
zp$S>Z##UUq8%xuG`;L)PM+5&3UOYfxD>9xfYTvJZ(1Zc&{C*LWj?Lxt4Dr*zu00-A
z(?$q-NTBnk%UXQn9^ntIi+Q7GHtG%mg*s-T>ZgQ?<lbgBs+*lHPaO7X?$~JK<&<3Q
zXW<cBdC{gXE;I(*As-jNm%pqa0r(~XbC*f+$A#Y-Z}3Vn6`=BNWEiE8=?sI{0P^FO
z@9a7Hc^xI?kpsTP^26>W1G(p51N?`WAAsarNoIe^Kk$7(7gI>tflz6Bc1o_hROnwP
zx02^om~SkX5=-i(>C)$pI!(z?1G6HVzEo`x2)@7nvTf(UeWQLN+hPXy+}%mRl_@8n
zw=)0`|MP9~cUgsb40MhZMS)gcb^mFx-jtnadSoPi1$H7~L`F`V^GMch!#{NQv3*o4
zT5(@FdA#(8%FSDQeg-^&_S!V`tkSzpi}u}T=3RQr@V$O!)ndZ7JX*20+VypW<!R_X
zJ-k+Jt(k7B9!`Y93^4nSXw2(zl;JyZwG;_EI$@_`)&Vh(wS|piZ_{sc)z%=}buiwj
zuk)jk;^T90{2c1~82X*|D*N%REq+u9FY>qHXW@+hR0%oK3mVP6Z|wLAvKP5fc)9g<
zX1%d*)=%E_O;}h~e5$bav9{CTY-Ma#uCQC7j%F(VovC0%blYZ!d86%h2!<v2ejinC
zZhq7jXf$iLgmh()jj_(D0$8^s`79qcWEF)tVb4LH96uWOXtgQ<zY@K4wN8vp@P=Dr
z)}w1L81O%TplW>*Z8^83^Lq_01b$mPRol(M@OD7y3YXivM=bkw)=qwnCaPzjy->*q
z+j5IkKFrZm#n1v16l(Prbpi2xsZq5u9$t3BeRIEYJd+G?5xvVD_#?HEl_}@!e&Pa+
zl9_za@n!h+69q@UA8T(bIdhZgd2r92MN2>Ec80?*#AuHQQb}LBWq9D4qPoY3-FoYq
z)oq07UcYBq^VV1J<jSPflSN=ak;LR6IsoTQ{k069GCp1LtJ&PK*MI8VXS8}F6IJEG
ze%kpBdxMvk+C{aAB3?@#lL37|!|PyrmN_onSXvo8K>Eq`$6wd;b8`Ub(Z{5wz2fM`
zDh=DW>9d$<MJTMfM1eD@JZj4D38yzUW_C|?PfDo8N{pP)2v|B>P2*U1KJ5!X<=fZB
zR26i-*gN&0s56+p$@HHxm$3QyVERw?neMmlMq4<WV16x^j(J~8|H*W&@&Ha;!kQ(1
zEFo_P^agyG%Dy&B&R}F<D(D-!@2&$-mfndgB@vOP#4pvDr#_GbFl_rU7=L<TI%ws#
z+s(c?7Ov51MY|diK|_~YW<SnGgKktfmGk`g8ua%%`xTf_GhGZIaeeT-aXO9Kud;6m
z<_Va-#(IuxCcr;o<Pp9cNfCjnAdy8hxthqobwXyXT<v)O0%v>n7SpBQ7ePV-c%V$w
zNIrN89?vHG+>Xw8et-YJ956y4`n9DS%MrG!HEqX>h@2VF?*oT4_s#__0_Al)b2oLJ
z;9c?OT<1eA^PF|fyx?CK;x#-deTtl)&Eeq{HOhcE>f}3w`+R2)(225{y)-+t$wyo;
zU(<apPFEb8S*xm#$B*<{B09xf_xRTPn*U#HNwE(+{?nF}()(Yxq!Fu}@TM2<$wjZ|
z@&`mRDiwX|2vrn=>hcHM%hvd^2?JxNKykBY<&EuhAW=`^kTU9^06DB@aC|vp-bVzl
zz25|{M|lpLvEr6M_rKbEYqNP5I974{RXWpU|4n_R=Y-597j@^B<}aTdQhL&1KqGIx
z(;TS!?3usiw{0CK$6K3l=a9e<7^4sewpgzJW35}bUHrOw<(hi<o&HS#FBZiUV>~R;
zt4qAcP<M`49~kskhCTkdI&gbXoEE+E(cU!^+x@Rxua*y3q7+8*Aa<RI^@5e+8>vO1
z<tPnxqIAQqRn;G);J66s|AINbalM$b880q$BDM|~`fArn9oU7q5tnF8rAM<~;~)YQ
z4~)lYbzF4z!MTOFL;YQ@cGK;h%*0>&fZAiFYQ@A35X$O374r0x3nOru8z-j9-sWVK
zxC;e*s)23#y}sCH6Wz{y6-$}-e%_JtN02T>_LJR;Zopsjx3OjWiH2C(BjHKp))Psv
z*0au|f`9dh+O=f~Y-6*(b^6@H`^_yz)&pDghkV5)M0W~7yM6q4gC}R*Pvm7}8s;fR
zzzh`4_D|=MGBd&WOv=xOSDT+w1sGn-MEMBI#}7-7h!r}I|4zDc15p^$zu95Kbhb$B
zG|FdNlV3B(uPa%f58as$sABDSc#4*6FV+*{l-JB7{}?{1D^{9k66*(X&X(a!g$mm{
zuT+kV=tsAIST2#XMdhoyZxvm6my=gAtNlA(*)7uIW5d}foS<7Ch%bFG21hStvcXrK
zx<jMhB0up#H2c~6iWm>GAx;xx#m)F2xwjeVAH1(6E$$?h0cCU3CZgq`xrLmu{Q=YY
z+pjc{A!|mwBVX1;kDq*F4Lw0&mk>Eu$G~+dolu#f%<#ClrH15@p+zFYjcHkXiLUk1
zJEuCGc_~IZU^H4b<@iynNA9N}-SKpk4*eJnpt(XnT$^8ov^;)B-yaE~M@5#j8JSCN
zr^-&8!z(hexZ0~Br*1tE_j}X^*cFC)LJyg^kFS9`-!;G`_{_}F1a;V1I7^BoR$+n!
zs>rr{MhvX;u4HOw(&AwW)0O1TyPI~dKeJ0YPuo@UKuS)<(-GCh&MXW&nbKJOx+d7!
zvU3-YNL=ZDs@TJr`QHV8|95?7aNvlH01o?$PVrgYA8e}}DiQz;sfOY{J92+kuC<1b
z4V7J`2qG_0`rYP9;~(a~H@%A*?f*1irKSH5I@14Y(|b2*S0GAT$tamKzVC`7zs6JG
zy#24YqU=iH*Mq$V!gsdg`T;PbY5#|vuj;8*Yq!01LLbbt7&IK_);qF+Ps6_h9!r4s
zoLx$&w4YrZ0j)sv4lswK`!0WHLT|y_i7;t1>6RE~74n<;Nbg%X`d}JR`W#j$xoBA@
zzW{~gNoGSlnNMMz6XJ<pD1)h{EtC_!Hcvsts<D;Th$S&*j#92+gj?H)s-Hnu{<UfD
z1R;~d=u%w60gveGdD!7D()Q_FBC~U#28IUjyk}|Kk+|)$=j`@ogL>t#z{}b1APT>F
z0d%hrg|K*pMlX6d+N&cR^9@unlyR{4RuAzKG(9E=(hE8!w0p*aVBk6uv1{-pmPaVV
zSkpq12-cHJq~2?+m(*7z<}&CzlPfYsVhki`9uSau=WjwaY(a7yR?l$1oNU%8$Kl!9
zF2A;S3HbE-!5h#N!)<Kw*x67b5jXJwhT}@>LyCDL@NLK-yUY2NJBy7jd&xAu?f7X^
zT$Ps9LyY6#G#V*4g|W>z@4hbt${g55lozX1eMc$dz2D5%0O;*G-U@<K>Jnyu=U393
z9s0B#1XeCLDbddG%>XPLfw#V=9eh7LfjpwW;rSh^+LS>&Szia|K7@BIfS~}E5tZS=
zYR4RhD5^bRk-?4WU_bVj+STSkWUkvHQ+9eWhw$FOt#8!1zubUV?|%1HxSSIvN^ZGw
z*yknvB<sF!&=X5WN4{lN(7@-_Cykr1mlQB@!nJ)VvB_(MJn{~CSu2-MhkIB0-zFX$
zJZ|n3xq&k~Sm4V{f{8zxfy9UX+`{H8A~disk!&E+&|Vk~ynOMwbk?|&J3i%AK^)it
zU*pHNNsjX=D4>`y;%2=x^CC~jTCy8h?)(Qc)ZT%Y(X+A88+!f(7xYzF+KizyzBRM4
z+nA8OE2@Pbo4cTsjoio=$@}%edj&4t@&?JWGb{uibSBV42>=H=J$>NSO3D!UqR0LO
zTXW8Qe#4z7>NE(mhgH+MF!Wxhs>7izhW{OIk^51rLnn7GPF)LOAnP~7g1I5%Idy07
zaNiO$yHX;E0|rQ_@@cwyy~A#ojZUV3IZW}?3sz*=YrGq01bA?qmgRZ%OjFnbq|9#Y
z%)CzCR=Et}{<dn&FkVAoUbGPB*bOo{5J!)y5fO8x5*|tT#G6eU+ZL8W;O?&iP4PS2
z6;WGre6UCBP@FT!PF^<YRp>B?16I5i(HLLvwhdSB1y`aH+DAZrgP?kO5WzMhTym>l
zXNd|Y*DGLqj|<?P#(q@LzpbJJqaO)sjTuo2^dktKVorAE-vS^e+@QXxP|LZ)oeRt<
zgo49f*d7@!zlR634c#JR4WwBx0mU?iO~Q0moIevTZPkRvah}n6^LQ=BC6sDk?JnrE
z1Y^-T{0e#hAdHs_`pp?3e#;V+D~iy6wM#yC1C5Z_B}+Sqp+_Le8I|8m`TK{%zcfIN
zF;&~>-d<!5_#>g6&&n9@o)ZU4!0J$fd@WN~#@HXX3h^O^c0T$KhDJ~kE~cRebzU00
zjh<VL1{E$Zsz6uDPm6A{Rh|gLKA4u^gRQp26K<fK<H1y6P?&hL++su)ZdC$h*p4+3
z5xKp+@#_5rfPo%@b<uDd#b3SFMe?=r49As6;dO5ltm1T)(Aw6B?FvE#{<;Lsn$8o<
z)AI(k!B9G@{Adi=ozO$pjOce}J8756$fvr(hPds!F$#6xxbKP{9DO5AQ@MAi3JXB(
z$vO8Rg=+z<faQ=Ce4V}<E--6NJ8>XZjQd!Rj3!vE!8Pz>jg=j3{u+m=Q_x|ydf?1J
z03(JQYhImwG`_DAGhAO43u3A2MAorcOn#v%^q7&=Y~SI%V>~{Rv$vQ488E3%vvfi`
zb|8oLB>WI4g{e@r5PXrO3OAI?!p>-}D>fJ~%p8P`*Ff$|&<=%?YR=vxs})65C>vU!
z7E24=Z({DG5RCULp`NLC_whIQy%Jm>S!yU)fcDQefW6O<5L#_Ek?(>OMb+*i8owbJ
z*jV$|LBTtW(Xgz`Sfg4btszw_sNJq&()0|u*vGKEo(PM9K^=s&HUjkxjtLK{-BIg>
zMU<g7VhKUh{9mE~`^K(K)aiMM8kA<4A!ZWZCEv8a112<16F8sSTSb)$!tM_cehfrB
zv8TI`cLr7Y5uFm#jCGDdXhA!~Ft{srT(Pxj7COG)U&LN`_Be`bdt}FHTkA(@Aom;Z
zq$Xdzct%~AcnbkeSgL%#Kq3Y~S5zRGqH!SzZJY)U_39<;+@Me+ZbV|~Yl5}Mod?c@
z!(XbH^@zuQFKP)pJNf01LP_6^ap+-ZNMeWk&5|`|2ekDnc2|8J`D;y;l(PaU4jin7
zTH}r85)wgs`x7V-^56$ky_W2oM>7eJ@Q(hl1#0l{+Y^t<JJysO4i^mYMRPo`UkPnw
z12g^i?scB2F8BP7GcCiR4NKD?9%#qRDLklmZ@4wDfM;%up>4^xc<Z^|dGU{;eAUeh
z;OY?4Iia1CiaIwB?z}kFEh@e&f*pCx9-or4BXK!baDpMtSK)#1p!98_NiU7!9B!oK
zTA?5g#IQ9)aOfv+LrxVKq2a`>A9p51bjqgm#^u5MZxzrSnQKjORfBv^UexPOc=Jw(
zOJI+1*%MX@ltg+KN`j&gy}<`O9OtZd4n@C`)k0i9n3u#taWbBVFH*j7kcFxU&~3^E
zt@ifTzKtSUgkJ^Pvy3B7->xYGSuHPOQRJ!VsUa%?aJ(7?f{Kg&Ed2%8snUjrP0lgM
zhTV<jWwzCeYKwM=32B&2G)5wSkAqDc=X~xa%=cIHxc4MFU%iuU^^g?>>izxR-k1vq
zhi|%m!mIX^2kv-O^5T&@Tmv&{FXljNT3uc6QvrLXyke5HCyl44;Vq+~s1Z5T&Md&F
z2$WAwQ;IYmrkxT#YXqbT+)v?>GH9yRlqn%A8$sD$pKAJb*ln4mchYD88L8m8;cohN
zh)<*Tj1|tFdv(4m2^8{yJ<TR>C#CE$UW3}bmGPU><-x_ID6XWDu{rB5HWqP5kvYhT
zQ}YnBbK9UwEFiGKg?~WJfX2QZ>P*{LO%Aa6eS0>+bLEQ1N^gVgw)uzqlC|EgK5QcQ
z_<|hvhv!6ql!fN2JH1mRWil8ce(H7bC%F34#>MeKQamisV@~m+?V5f(exwUHcD&Yz
z&Q5?)w~BbAU~|xQWdfaFWZq?9epH~}tFIs@$0M+FYX~ieh|<sPy<4~rH2gE}J%{J3
z?F5Tp2>i2ODLum?g62v-?5e@sG6tUMQ5mWdL5r$K7JAO_EvjN5B^yPX!j+H2YO%NC
zU971qm_PETt(Ke`&>WWVqxTj!RC{QWsH|wIxK4_RN_P#&^T5?z<WadP=bQAUbaDm!
zTD!#k&CBV==VuR9F{Sq~AyKr}?@owjowizzc&l|zG43j(3AXA(l8JS5Oox&fe`gM#
zQtM7YM>=5|1?eIb1=6e{eF>4R60|hSF|TJ5rPUUTk$B(g7K>|QlAWB$M69}UO1mlH
zns8N!H&!dt3#)bA`jD}kP`ma%z*$Y-$y!-=qw*RmjCMTuj=NlErGaaMFC>GWmR5G`
z@&jzCrrB-0LOp@0)^OcVV($yz{l?11XW>Kdx`Eort3MKa1F1Yaju_%+3)pKT6`z>*
z>_<YO-^R6Db`e21cPA|Sy@}WrA-3tgZtq)IDwO*^_e+=)*L9UC%#Q_hSI!P(Z!g<2
zYpv3cJhb$4n2zm6<vhaVFd-EdziGN4R5)h?cMK515Ww|$1pFE@Na=FUiAPwl^{qZx
z--*iFwSchH4QCsqYkx?aIa07L{Ncx2)!17Xt$ys0d78vPqW~X?;Gh5yltB@(5=G&C
z(dTseqDpBbc1Cq2W>MK?Dg40~^#)hO_N`iR=l;joJI+@y!rd@;A1GtL+&jg%XlCge
zLM8NldC#wPnI7gPi6waR;R!TWj+^f}X1i1Ml>+?RiuDZj{>~16^mgwRs2f(f%{rOQ
zEn)*H=-F`+U#EH{?`bS3VJCk&n$Uszya<!(-&rQ}d_u9j8<i~EpRx5$+qvb=;B~bK
zi4LuVQW==dP~wN+HtG3G=oIZKZ29y!)Ky1}uw7pI22}?Ngn6#TNMxM%IXxKqS*1TZ
zG!)Tap@F`h`YiHNl|mDL@|2ezwHj@6#>1#ekBN4Eun8fW&E#;__cG7fD!f2_+Fd*F
z`3_voMTAFjiP;{GFg6;orsi-^f&CZ&SB9=s7B#o`;pc2X<9A@&`;g^P)W{SxU+>$&
zI2S_9W<#eJR=Fo6NEm3U?BY(VU2~k;bS0g=wf5r<6VKNT9M8(zN|IT#`V~iKj$-Vb
zEy!lh9r5%Kzy9h{YbA_nO-X5Mauj8#iRa|#+y}3$BL4=`f5TUMlbi4Lx0R9pukp|u
zUMs#+{+7R7mG>^d@+%dl9aD!22f~c53*TNrBQ1~m2@=)#_<f-g&fU+{>oEBkOMU#6
zT|D(J8A)WCz{^B&|67u(t`37UJD{+2<T)4jizyE6y}G>wmBE*2b{MJTr?OhuE5&q?
z!N4X~d6T{`SY-mx%Na#6T_kJ}_6dFI_$>b<o4iLEtX8%DCamU*Nq}~=fJ$l}TM(x*
z)Z29T{q}`<$}-T}B;w?&Sw|`F_ut7rG^T1ER)X4*Dr9I<l249m6_LlCGRaS2pWIu2
z{`W5|<yZRVn^$h_^Or{JZUoijr|w^JGc1ra?QJw9%bRq@|0oq4u`t4NH*#mWZ=Kg!
zc>m>Gdn%N2ct@2-3hNTRjj;Tb2TIH8gk@VovB7bWH<5@8wd6rO>+9qZJQ;)gVgC{e
z>;lu>I4D-M)Fg~IW1QQ!xh0C@brc%`DMrQKb?~9jmhSVFPQu<QVxskg&xRFrUx*L_
zeLb6q=c4GvYxl0#$$PRfZkEsi8$jF)1>XaFLMT6o@aW#f8_Uk?Ln~^qOcdl6br+$v
z!F5&Q=ZsaZ!`Hj-=R>fkPQ@T_vrVUCwk5>mG!DW*a%xVc5jjxB)-(Uw^)c8vkQRq=
z(E~l{aIbdTaD4{u_KI(tESRvdv3zH3rqcCRFEY9KtE7r2I3$QL0vR}i)8aT-g<;c{
zTDKAhvmDt=?c9CvncX^f?f$p>zM)vV0{P^9-&o|Q7z6IDw(7+UF_%yp@rlPjf28iQ
zd1(WnNd_M*4E^@5=q}BKE<uh%9xXK~#s@QU-I8#_e1;!9g@b>%Xd&J1j@L^p!*};V
zaFI6M|9`i9orn`3HmKcJ6H1qB2=*|7GXf{CX$*Z?r6PPA>-KowUllh$!OzyQR=HeS
zum^|RU+Ut8$L?|8!WpB_2Sb)>c6MAhG&hjh%MtHuDt1yf0y{_i6%Vx6BxdXQO)e|U
ze@@>rF<C5CMIG#x!aa0!mL+$!R)lVv=kd!<TH;k!<I^zP+@?^?mv~Fm9Ebr0iG_?{
zKl?#qBEoVGs@fw8|Ia%;iIOha|NTafW4~zvtNH_m{|qEiy;ead?T4@}$vFulF-hm`
z=J4+K5h=LdK;*L`PIZ@0l-BTO21k(FeN0kap?Tb<p+sOhUPEN-Y5ie&q5L6l8ag-l
zy~I`L4nkca+fp+;^Z+Mb!1HNaT+9jEOuaWa(3{o^gW|bx!8la|^+6O8sIWD2Fyn)3
zO0)XCOlL%)y6D`zh+C=8JuD8|mcGGXZq({Tmuld1^587!!V&gwUtyDH#ZZQR$O3Hf
z1rvNtJJJX$0_?oT=*ZGQ!F#31TQFD-feF18zw`kouMkh_<;S2R{pGSdnb06#b|5Nk
z81TUmY;hWPm&bw4ZyQgM3nT98fcEuW#2!A4B9Iv2b$U{PUq5^Z1a&-({D|9|%0;2_
zKd!l4?#HA(!*W@zVyV@BA(c{aYp=6J31-NZe85^4UK-t=20C%n;dP|^-|g?pPzkMI
z*J}`!9A%in<!lBJ!_7(o)U&(FK-L9TW$lMVVG6~|R+79|1*B6+;E62$o9OM4A(>0K
zv~F1Op$S43NaTVgFn;ZlzEO7l+9$ZX-%p{2lU}f=;s=oL&6$@tbHR@nkU<gQdi!k3
zn6n)qT^hW=)J6b5`7E1-gvolzNwVZo6}?5(o6F1j;4ArH*99HVHYGDRU|^$ajCSrM
zG;cCawz~v>a;s4DMM-di0(OGb*L&wPrrj~6u<1?MIngg=?IZCZ-em$1F(o1yNI3{3
z<&0vx)t}&NI*?ol3uYXYR)XQ~l=dg?#ud>{$|ka_V0m3pv<EReY6utX@`O9_wx;AW
zBl_JJdRPKF0y_GC-r|+--U+S4SH8w$fH7F7!h2HN3iT(4wj40LumSq|f({<rD*>$}
zKBTM(2iGg%x0^uQ{z9vAq$T5XZ`i9m9r<Af4zZxUu31v6ElVDr`IA4!>sRnM#_`zq
zBRvxJ*s6OF0{n%$^;13l^Qd1zPn{ZvT|V=kO&Pt!X!>MZ=tm0)>VlhnA@?P0+Gp>D
zODQ`S@vFl0U0U}sEa3z3YeCuynS6;>>8Tg&zUCSX#6VK_hT`$?AeR+b)e<45^2AUP
zR)^@{jOnZ7<+^j}R&$VKo=%c2PR(7x9~4oft$u%QH5L@Kd|`_&E%S8?Gnz$57oFlW
zgmsQXC_{sQ=jPH+(y2=6hk-@0pFC=77gb9lePb_1k*aVoop#A+-d%h#^|hUdyOvb?
zLcIp|O*I{dm+d%0UCFd{dX#sYfKW6aFnP>rzrYZL_lSAXbWO*`PhbGK6Y-iV=NXP^
z`g+_gYaC=7yQ{W>tOq8aIL9s9iXc5gn$kM<6(=t&xSb$9>r9+@eTlpSz1_Ijfnif-
zxjL}@Bkuq<n4%WqoE}9elMobwF<l;a&h7gtO=syB0AqS8+6gA>7>scCKfyt6_2!)X
zOCyj=6OToQFIK}gdFdhb_RZZdG<{}WO>r)?pEo43gS6=_)M1Keck4D@pSu5EV2dkf
zmqGIc^zIA1Kx44er=$VMfInL3)~`#3!VIr8;V)E@EzDlT07D6z(Qhr0h%@J75w7ar
z2$Lw_pmYCDV`m7#LUaQ())a@{pjP8-FweDjIThA)jx0C&^nP*2)14o%K=~zj9jT@J
z4%mQs5@7*~Y4z<brzgV_=+Nx}!sFwG0=Uuy7$#f6cUx76z#RG%co)>S-K~sbVea}e
zvy~OyV6FRvR^%X?a*AMAy^9O#9q5HjK6_X#u2Ow{>opU4zK4*y24-CjNkMSxc^sw+
zdW0oP5?*gg;>bR->x>Yn=4+mbxp_qH<FwcKD?z}f$I<hJUqID-*7SVo$7U1j58ne#
zmmfI`Mn3;k&l^ftR;AE5-YCGVz~VsL7qRp0j@bO_MvI(CG%5SHX3u#8!aGNYAD{Io
zFNo`n0>8{}037P^P>(T@URg~8Mr9Ly@!iS7(V1Sq?nz^gbWN@-BVDcs*KX#4H21Ky
z2|(K83uUK=1TJiVSUqqa121A|o0FG<;P$wO1i2_P8+5tQt#dkj<4Wro+P591=jR}2
zPt8I2j3!Dg@ql?zrdBa4%Y;AJ4M80R@#r(?-lKgRTbhDu?1dq4^9Ph@yve3n)rG0i
z*>`GZkY@wbUw&TzYUBBL*2)PRS+CZ>D{&EuhqELpYpD7q2nh7tHh%_#Y{tt-LFo%@
z@9ri<*dIP`V1|;T>kb*pK~f>-IQ9>UySEe6mywMU4}$`@OKo~?;3WY4q-q(iqR(sV
zb;Xv|6xP|A0CY{~>L198J5=;mHC@0FfWb11u(zSaPII612EMeM*^;es&14Ui05p1)
z6{Tm*c7BSCI%|}27}$i}fKjU$SK{Q5!#QApi|5%T)-{<j(~#{p_x5V*RfV;xetu5G
zK@?`rmHtZgQ%1Y{_EQ@k)TP~~P8SJ1X#rD;SO}!Al$}}ab;14nJ}>qO!;tdfq#t!{
zMr1g0T#O6&Dx7UesYMfJhUU>;iZSxks+~?xhblYZ$C`8^5KAsv+lm`oxSCv{q_2qm
z_9mxL)M7MV>=6oN1l_~xa3{-pX6XF7S|@vdkegY|?E7+w%Zuuh%UfJk%c%0jh%jab
zgRR7TX%5(6M+!px(S*=O&;qP}@4I&WKE+mPsV9m&_6gnN<X4zrCU<<-0gG)-EV$8#
zJSmD_tTt<zTJpQsjvQ4mqia`XSS_l2R|x&F9Hia;HY;+qcV?n+ZcjOC5)rc1HL|ku
z3`u~8;YPzb10Y>&?gvJ5`OvPrR3m%bgoEO`Z3!45K3ou%y%u8!W8c!rOWZ2gf?CaW
z{ckjTUt$r`K(klp8CUE6$bV}Mu6&1HS6ZS1%NPUd2t?r$Fqq2UdWplIgq4W2v!&mH
z?yi+#USIr}3#ZJG%B;M`>~0o?Ye6m--#fU>{ra8LQ-d>_;cj?|WP`2?Xv(iqx%0RX
zes!FU&mp*v6F6;At%E57RwoPY5aztF$J9N#>62xWIGyan%9B%9TJtWW9EY|M{bk1W
z?O>8{0l^LMWaNu)Vl(!teN19EVEur8R?Z;jR4d_-fCH7~BMKgKrSM*`RAnxmHlP@F
z<#MHB<MYwJ4SJbNzq|cmU<Ip;KCz~AXJ1Hu@*p+*=gVD^B4O@9{2DE)vR@8L;`Qrt
z^xv4WlHbg&j@4Yh6~BL4zkkEc9v>kB2ZsO3p80c@`0qlFKfmwa#l?TV^?&81{$_e6
z>9b0e#OLCVH6k=Ze`J3E+vVS+eF}hP3BMUJ^jG|xKcKJmxxU4MJMyi4`MHUI{?WNu
zW+qBWV`fAJeXLErs-(&z9B<f?<FK2FKOec{IqRY}!Y0_)H>xq7u7Bio{l_~SM&yWH
z=3kkW8C1Fh24s6hE`Y@`5HL~gEV2^;>$N#+&Nl|Fa9V*x)8(L3rU|SkbRL({a`jk+
zoMHNRW3jOk{j?mQOUqJr`;ZS373n-_6*X<U5y+!qW`p3abl*gNSz}w+Pb!w0tBBqw
z3apcYJQDEG^4HTx)?*wOMi%1kvr&@1nx`q?I|syiA*j{j;TqVpdq}SX_3OzS=`w_v
zrWgOoX+rc&`;;_m-Ox({jIBy>Y35JRfO!T0M&-Q1C2=PhE~O*N75OyS8Txm-9rcNp
zM{LUWwo=Mxs5BrAzlM82p*nPd96z@Qa7zZW0ud7G-#ZikN^~1Zr0Y5`&DFTRdwUIc
z<;a~}8w@*&nWOs)DVDo&lvP73o5vD9d{q~16QN~&!7l_$47+hV3=KuT6b^FU29jmi
zXA-c`!rF&p8MoJZBC2q0@t}%LFpwbgAABd)vs;EqN9yRABXzW`pHyww-0cU>BcW>?
zz^R1q0=f4ZC(+J!`Nx|9BCf<;ZkdX@Lukz<#>BvlYEbOQE_Y#N*@;}D-FOgV_aI+_
z86=U{T7UZd6>jBUH0hWP_c!Kt3Cq6;>GN)0mc<^8UpgQ!1rlQcP1jw$!~H@&M!6Dv
z%z&XjHhM~@?6>*YW8dbBAGoIb82%)u`<rjhJ>NPDKlRUAKzc`(BNb-Y8i&K3j%5Ad
zgH8r3!H?It@v^z1Djt$O4Zac*mq8GP-mPp`%!dz*2Y_sPi%Q^LthdEM&MaxxeOW~m
z>&GvhLO}{x31O%)sn{G}DG$x`=V%S13s(Dqua9N_ULFAGL(#5{2tFH&1r0t9Y7mcJ
z+M|D_C30^3N=Et##`6Y}(3dP{+9I^$M02{M(k=;_0Fbd>Y91jo+a<!u-S%F6DKR;G
z)$D~P|IaOVPquA(YOqetI9^4ay?bo!=LtQ6m7h3*l`l3M*m6{9AqvORGh-<-MQM#m
zApAcaZvp0ErO$q5rJW`hzZLV(T+$l1qxX@{2Es>N0u0to8PFf{@Cg<PNYt=*rcx&_
zfxKBLbjkq``lXpjfATMFe1GI4vG^AsiJs=&QXm5BJ4hmnW==f%ma#--gk>v`s8N~v
zbGgm+l=K&Q1?^NBjesKlC5&+IZuDbT_KrjRUkbh+y!-M155Hj#FN~PQaXEUK9npFB
zCl_s*SS$~E4y=hCC>WbLQuMjwa{|EbWI@sb;vvz0K4iYX6|^}Y?oW$L9dZp4_cr5-
z945l7sv6&Ktr$eMBH#39IK5T)4~CJGk%m@GZZ7!?M;d=w6jd;w>sh>XEI$T<CP+`I
zkhc4%yH1e6H=>r!@2gfrbYDlZSDGsc-aM|&UQLw1aInw(L(6g9Ly`R<lmUF9Ka4Wq
z2Z$BE>C9`bg<Tn(2)$?80-J2^1x!lQTkGTKViK>`K9RFj8yTA0e~a<#<J~O(^g5op
zK5uw)6?BPF_fh@I?lJA{YTEBm3i#0OWH!Jd#~*piEH4ld4D5DcUxH5Ne5#cKpwL~d
z=p&uyFS$G80DHbS%%P?C#}zz2)KT^mYKF)K&n2{psRDLk&jQoq1#2$%FD)M@*K3Ut
zOC#6=F?If*zjHf*($xUTV$d}B<YG5dXxcJjqLg#!o_WThT_NZB%!+M;aPi4TeA5O^
zy5@xV{aH3oSS0Pub&;4g<B+(yo%}kmk)#roZQt}94ZckkJP>BL3yLG^`BgM(c8w>b
zb13d`h)D=%f+qS9Y`f<T>zu5d(*2$7YI2X4Ew4DDvQPavvDkjmek6L;@GI|8G^Y$N
z2#DrHypshmR)p@o0ulN74#MAwj6k9r>HKdbqb8>Af6Sx6saJ&!9ej2;0x%5R*p}x9
zA{H;ROSv#xvx++1jC`AfUnBAs+V$?|AVAugM3*E`=z;o-Q)X7j11v{}BEsU11?cj=
zK<#L~7URel5qGezpMOE`p$xy_6~R8K;(mrdthx-kvJ)I0P%pxP0o9So53CJcl|27D
zcLKH+j0U*VUa)x^K(u@WUbxR)4DcBEVB<NUpu&$r*!=(;;N^Rgb?5tR3nGE2;KRk$
zoRWWu{VUePUtz(C@H<)}-8|ulYgH@~``s@%CMXGd#Foy4K6M9~a8eOV^miS|Yv*pY
zQfk470>ayaVyW7+9H6wbRrA3Vq;rtA_sLf&e`jpc>58-c$nV&`d*)c5m~rthZ^|~{
zO(CXCc&7^+{v%&=kV2<L-%X28+2d5eBhnED8~&G{%r=5Op+LN*ClIgMeh&!USv+_+
z0|Ok{(hb8$qH7J4)3H5$eSrRX)*ejV-^Z_`E3EKB@4S?3#lC0}5E#i^w3%UZmOPhk
zTJmgJ<D5b$%;4*zGq#KE{$=%QWxv!O{}nqSdQboO7U%KLGcj-9W~vP`(+x01oqVKO
z(Y?m7(jgu-*>1koNB0~3xOy!&XzPVvlmvQz+Lnp_REvCEdMY;X1|2{1=#NpRDF4Aj
z?j?nYaq`9q(31Y`r&FH^%5Gl`B#MNWtJG#Y8v?ovl8U)|M&8SruZCE3g)5aQ^pt(j
zz00I}>X_w9!hhtD<|8_!D>oTm-nuQ`8~ZzLvq1@>3#4s6rU=bzGBMBddqg#swCMQo
zV>3AY+DCwwM0WeTIA!mESMl{@da~G*=x=&**aKy+osBex$DRo9%H7SitB5hyv$hhi
zp4GlEHZBy{uo<%38m(E#sNFnoyG7B#w;CeW6?u{v&NRVL!DBpSY!8|}E^S_ML=q8K
z;!1Ld$u0gxWnoziAUkh-VW9*Wmiz%zHHBRIml%q#zhfw#*zE<r_=_zmi1(;FG6R}N
zxlZ#Zx=?lz@x?<Gp+H<o*=M!YC~GAkIJaj0ZDD<M%N{gLHq^0B-&$r`X<zkbMCoOv
zN*C#zRsN6}hy{yoJPQP{s3C`*dS*t=_wtxLMjzMZ_O5@Z2u}*iPZ>8%ywqGJHCuyU
zyGh&g%Vo&+x<^dMw0cb1-xb{?1qlmA=3W*DniROw2<gNf`!wKzc8|AvE?xU)VK6s;
z+s{=%#xt_R?N57M5K|O6OqUbZi?;m6l=X(3>Dc=j$#(ou^IQ}#2lmxl|8IE8*`MIv
zq-nRo>al;uQ^p&9ex%_(bZ=zS448y4^pEUT=+=t|zY!8zV+4($X0<;q^UFeA&*Yb)
zx2#_uxLUnILrO8v^Q*SjYEi_`ZZ7jToibnAGVff&Pbb0!An7@pn8L$C;-&uB=Z!A%
zC`=eo9cSH^Y(pq-Su?XH%J$s(3{&fFGsrI;?CO0iL~y+wjhePbvaW*9Un@=CVg;6>
z-AwTen(HvfIBno%P<=;eN|O49nOuE#8y(raDxV~dkLRf6<cMj~v4o=?eD~wIBU(_z
z_+CZwn+UL(l!)hSwi)tkuMG3Jbix<*A1gbr-O#sx&4Ywgb!EHW1E8F0d>WkSj_su>
z%MJr%#FM2pD^(LsNcgMu#fND7dGqvl1Bi=kfafQrw*5C=?5|KIrTkAv{_|Z9E(apt
z7Y2U^<u3fjLq-jy3!lW(4<?;rcJ4hn_(<8Mw~j2H^M47c)W45jw|ajmy{PdqQ0Mu;
zyNNO9e<wjg(TP@6U0j}&F@T_H{sjjw5Cd5PIMPFcvI!~G<dL+?&M8VU`Hk-rE|Yh4
z#VS68_V0{!>eOvTM8FvY1wf%DxB^4`jg4M9gc`=QkrsgAJUQ`?=n6A=@&9kp6-m*E
z!sU>9P#{8JyKwdb?KZ0}ni~O*gST(Y)@!_F43wze4LFX8<|Wwt>xz5m=JCaGf){U=
z^2C}j*lAd?2kgD%%m7Q1@0}{5n!ck?gzMZ2XO*KYU|PR&$n0?`{E9D8NG>&(FGBV*
zD>J4+F8fGIzmH}3G3k)zl^f7&-?sM`K}lq;CvBFoda(vVY)_PjO!<65X@(b&en41M
zF#Dhod3niJg3o8bgD{AiUEF@iV0;wGxq88=FsHt}t8Ke!9q^BaSh{R}1X+GMN)cha
z2Jh?y3>+DgS@XTmDD{ld<sH2$#+ceKTkkF%#c~#`l8F6m*|UAO^Jurr?+opYu9}Va
z4=Vcj;Kg{O@c^nVoe(ge;0+>HQ5IcOhYbBIf;&AYHxC@i1U)T+zI*dGu5y;qLR9vq
zhe)Or?EQ1b`nc)*@{O|3SDO~3GREocIEI(hmFkzbK()9wK=R#$aGM$LQ9|eB0ZAFR
zBf!xs3Avu3x{@ClJKPjxCx~c`rdM4G#+O3=3gvc1yqNDgiswYJ1ZW(BEe`?C_f-iZ
zwj}jp1X6AhAU&n|{dz=<u=vloO7`4KN4UzaBU~km*gxYcD;NWe_qRyR9v|GLz4xi)
zVY4XULo~bmxdlu`;>@JH2y45!^q-SC4gTw7&h~fzT{5R{Cy>l(cAU%!q=WpA$(+*u
z#Sd>DCv)EY<N>fAM-Q%NLX9R6M4uTDS@r;dP_v~FAd;qU=#1$y2|PEGBzj>7Uiz*Q
zJd<P3O0F4@D3|E~H7ocxups}nI2)`Kz+|7URxBZcr&nfxwxEja$m=z1B0tk(0f41n
zwPBCAm8`p`)3jKHZ$F`gZ%G+$h*Y`+zFqOJ@}^U+E>+Ks*Z`LZyO5m^A+W23Ag*YR
z89W-6c(Jqqb;($Y!Qjo3Dmud}+4IOBHkrAIqvu+$d7f&|fAw%~QQ;-#?2`?KYIR;R
zux^CUp6|rv;t#+(n1EUK7K8?seIaI>R?mawaE`oS^=a#Gj>6BuY42~<lu8i(kuk1x
zk&Pur8U8OpogW5XHaJGa3v%ho#_!y6!_ExgKQ=b$S$=5bNDeRXn5`f=^RU6eFHRo+
zCfr7CH3UFK{ffR3gFD5i(Q;~pU|)0Z^r_!(ST^91m~7ysb`AD!I#u;fIBPHYlY-Kl
zO)i_(i_1U#;N0AxEXroqTQwKNmMi@Usj@NepZL3GJqu|IF=WAjNNLTR&0EAk4|E(T
zE}_7*4)+#2+63`i?mc8Vu6bqkL1XY$c6iz)(~2R!REW1pfXB+U+nz1$`O};oy?6Ie
zCbSN5DE-^+Ddz8CC2Kx@)wB6lM(9^XY`a|`2#&wrql58&zkd=iKpb4O6;&Hg|6jo?
zZDIgrE3*vrl^Y1ol3fwiuBev1TyWb`)Xsg#UH|!N(00kL>{%0VQU8!!>#J+|I#>}w
zy1K2$@q02!3p>QA)8tXC=K&Dwxm2?KRXhlY^)ytI)-$XMa3rD_xOhcXbYgnnQ?u-t
zYdC%5c5nIlCNRFDJ}WHwL6Fo(|6ZR{j;B<bkwZUK|1d0vel|}2L0BR~+#;X+iL`j~
zgny|%cTY8dJhNi|b5N-(WtfWsS2Gj(z$Lii;Cr^kzfmj||7(in^eB;HIrLvrEZH9b
z_mI&<{;%1DdpHLhg3AOId}1@@N9M12{diCcioMWNp9k1SQo@h-kxLKeh1|kb+zvX{
zVEt>rPRi>DIM&}#XkGI1*1nwp`9g{Y=7TVdu5m=;-TUp>L(sbq9;eQxM3(42dl7iU
zesR<@%Kr_M)sM?R^VrFoF()B~7dH(Yu#6W?4v6fEWIq1RV%RbfQ?|cfewUCf?b3&@
zBrjm@-;9V@dBBDP7U^jdYz<wr4x8md*9a5gB7?~mXIf)1w9Dt-#^v)9!1leVy=MMt
zkymb4n-9f1tb~tM4VR2(OJ_cl3HtNn1hCZJj!37k=iAOCq!4*2s_zRG!#lb?41B#r
zEd*A7P+pB4T~(dhsTx9D^&Fc>aPr1vUhy=~6j8Ue#3&(Kx#j`WH<Br*O^>}y%7e=Y
z4`^oL+_2BFkll&rdu;uv>*J4Qi$oOBcXi-(IEPCJ&MsszPA@q8))o+QF_h9*+9AEw
z*j{$eev=oMcV(3_>>DV1t;e`NX>Jb)=LA-V49mZ9*CmrTNwm_;?XKv57Y}Ucrf`^u
zs;X{!&wDp2?s`w>x42@jl?OSmub%2G6|sNRobkbKa8_mTKjmFKT+vBcd>Zg4%1!w=
z^5WWY<i(eNkG%N#?~xbb7>?e1h5L~Pz>|{^bQJpun^*n|aA_UjI`BXsl8r<)PNi~V
z2_%&yC+?x$POrBvK}rO0$Zg3HiI>2aT+CZ<U{CwW=WkQ`f18gJV?QN4uA54)IOAZa
z*Eu%MyRa3(a7nM~9wpMKv$2gPomcft%ug5=Fw_;NknJ~X={B3n5)+1%O<JTLjJM|Q
zFNqTPj7Kp2w*^Y`5~x$$rFR!}%+PPl@JjP0@Y;zm^5I_pC;XtXF2jEG*dEUC<zbSa
zG)|F>SHM%SkqL%o?UI>(`7otMz@3!~xZf?GN~yf1XU<sSUL{$wr}AbYL+T;^+JmQP
zD^qO(bAWrlJW=Dezj8JCk6hZ7d*-gM{l&@Iy1p=aUNw8)g%HG66vCefyA#9ZVmkf1
z>$Ll1t(ZB%eOzK!VYE7gIBjD>U(Xsvn_%y#Rwm=Upu65q3a{GVHLuiPe+DHYE1P-S
zZPtf063B_MT$mXeU`L@zWXomt)S&tub>5tt8nlbi8B?$0nAy{woI?xu;g`3`T|UOZ
zTwhO#nOY9Upj^H7ewq7n>3laSVMzmF#v6!H;6gOlh2Cs1P(x!~m=WDFNljC-=M`}%
zTjxlE<|?Z4JF0gAy0FFuWEcSPbbgb#j}u3G{cdk1W65v-91YS0*e(H<3A3_~46M~%
z>EOxbD6w#@*BkZ9-y6bCo&rpRUIG9o<r?!w&Gmk(p+XtwYwAtwMvzAU=<@<=J|V?Y
zbtZ-MUH+T6uO_5Fxov0??HX5-M#&f8<y`R#H9p)L-0+IVuUoS_iCf=3osCYGjh|S_
zhhlx4{09>+f>a3x4n@Dl<{7%#vM*m?B<K%xsT$*5?1oWr6~KroTUg2}Mxdn!gKVZJ
zW(~o(!s0s^iNfHafSnqxyGfj!RT3PqnR%9WRhY#W&EXu;4g^Qx+EX#y?l5f%_L5MM
z@ug<}jV|s&?C2z8&{~3}^C)&QHUMKw7f^;ZoC^Xm?6UFFimc-ysoQNHs>L3^)-@gQ
zS61*{g}5Txkv)#{gnQ^G_d5e9lLjPyTVJad;DG>r-W0m1j(hMA_WYlDnZ$LNrZ!*$
z<rO8SQM~R4GE9p65}22o8?<otiynR_D5(nt`dPocFmp3>N^Tm*-j~g07%*-0i6pvz
zOMf&oly4Rk71XSc6-%iBbgYY4za)Mz_>UPT)pi_e8VCwnJ0O+y{e!@x6OA6UxfZg=
zJC?fZVQ$Re2Nj*2!{V*a2hMK|_lDhX3>W=E`-~7nOhU4-u4HAKS8o`}N`JWnG!)*S
zIJ!RG4ivnKw;JsPJ_E@(!U?r^Y!#cPvxY`V*9InFbB8TC4KV~@cdaP9Quu<hCuD6x
zf4M4I(nZSwqJqyU2i-`-SGL_u7R|4SX!#C&0CgW?i|W(?*_wCRUV^%#jxEBa@oB|{
z`%!#cnu`#$t*$Zt0zJ$G4X9&j&`<e6H|9mF@EL@67ZUb-4!=^!VBFCr{j|*U{2K=x
z3`rN5M;*8dG?K;+gZadiJk64x`ek3H9Et*ouU>lpnwlRn4DcpQ(ZIQ21``o4^Cq-y
z<0p!UnKz(;-n878`JKaJO?@cW_c(&~gFlXckradK$y)lbkwcXll-E4h0gp_*e2(?;
zC*H@G^`5>p0R4h%Df+obTp;`g$1gITZQF6~*846B7fho!b$c7=4CApFbiPkT7e@Nd
z_}QyK@H^OrbiLQkVg5S9G{Lo`S7_Y=tdiGP<R|wmEbhf}!iiZa0ThoMu0JElKByzT
zw|*cBkOk^R`cNGvvdM~5n8zGD_yX)DYtPE0$oDtTx8J@S?e2);h8;fDd<i6PpSNvy
zsfiqyWdbe^wGU+TI<#H)kaswIulB~-5^*<S`DuDtsaf{wdrGDFdQK(zEu9+#n)$(N
zFdHBiTQ&xD0hhp{j`Lw%C&Se;v=`IJc3UAHp5bh>i}(T+bEVV;?7vnTg?PY|d!H|{
z%)}rIr+q%;PD0e~kC%BB0HH$e;t^UFpVQ-leG3J4@WvXZWA7f==bXDu*0d4XB4_0T
zpbwi3?bWDjR!K}>|5Ox-K`!+1Q(TW@g(!2o-n<fGjcLgcYNze_Y%Vu>&tWm*P8CX6
zU6#V6tcUFCe8zI_XTRbPTg{>KC`Qvjz6YGQyV~fzD3&^_H4;kOSBe>kp!xd@Q4i1k
zpmoPT9B<272~ftbrieN@f~2Ej#j2rF72so}e9rXK#qZDLNw;)_2)6fs|M{m(2tU0f
zT=&xftMXT|e2>IM^KbQ1hF}&`p+idj_+UyJkZM)bght5#!wpIiN+$#7xBBbAYS>N$
zHs;($j6`vk_&!%EX$^c^EM7{TZo~TE<NNEcf0`r~JWyFwyi0i()@1nv%N!k0WIut-
zdV$IIHf-9-1XuOPlg3<FmLK1H=hoHsSV^0&@qJW%E_I3=+i9a`m#=E@`{>O#i+3zQ
zN4L2@+A->bY*29vTLW%F_f?rqL97!(5Ej+Ry#W2Q!H9Bf<rfdG1tE+OWjIce9Y`Fu
zVzjUkx)gGo>T}S1)0>OWGnY<@4tlE_$$amZRa2(pkM^aSZ7mgdZUEYXPny^FIDqO@
zbVP+eO{BsL=PBHQmY4Qba7&Ll>7;1dL7#}oL(bb|y|lBX)3G49OW7?$Si1wkWR(w&
zFw8^@&`$Re2Izuuxa;=^1QvD(`rfFPp^UPH|7ZG}=9Hiit2NZH!Y^0uvk#bF_VXvb
z;(z+&XHvD$o$qx<=olr7Q*jjinT*567U)}=KN!`~5G%Hj0yc59dwUF)x2W0D1?Oam
z00=_$T62d7OESslV&wP9=t9C_W!MXPvRX4;I%f;fA$X0)*02~1g|fq8L#Obd_g!Cx
zmu!!^RCRGamI0MY2e)DlYBzK?!PT0dWwJcQ1fUNHQJGk`W@C*@qm!q4%^KX!0mC#R
zFr$S;$Mk93tZ?3W;<;MPudh1{MsM$P)l=$+zbX}JV2n8AT?C?6`7MXN<ER!Nd^v*=
zKKBMlq+Hf%Wg^rrcd>vZwBc@uH%O;zn`aZNG2J0G0$peL1zMi+v)Q3z4DgK7_ZAUh
zB4HJN5XaJ@rHvL2+M#WVF?kGNc-TvL93AgOQlwh#{u#x6shk^(*zafR?%XzO<m~Fz
zb~{W&Ku6~wSu>4ysWvX>w2t%+?P*-GuO`Bckm5wHM{ex{tPL72fv-Tp5wORoST+-U
z7U2o19MQ3+dhg1ENyy-s$Y)P`LAKpiA!FIyx8;{QBVbT}{aP1_S2g@n7Whk_I*g$q
zKEQ+F!FYp&#EJZGhkj)z%|zmWsczSKGp&1-HxdINZ=GB+92e(iX>K7G-%bhiTQ(~c
z2F?3ay72NBw(>Bq`pjq9Nm^=}nj4|IN!8;YGdT|-Q%C1$9r{tIAnfbwbvUghHdJ(`
zN7)NPpVC94s#}pokIKGipzErc@24M2CcOBGaQBW6W0^#@`<Bp3s9!c&3S|54^92^W
z@e@;L=^R^(MLQ{IpCq{Wp?GMtT`3=p=X{+B$D}Z%VC8QZo5@BY3{uCDzW8fG{|{g9
z9Z2Q>zmF@SWK<Fn#|kB6MCP$dvXzx_L_+q;cBqgLG9!*H8HW<eIQHHn+sQcgJmxvh
z_})jo-k;ZJ{C@YJ#yR&H_x-${*W(&OsQCwn^rtFz1@xw)9G?T%0Q%JVND0Ma2fzSM
z17ZnPgqUqx*e5K{pVn+o4K<~mXV`2Sy~MtO9<V(hiOT?-&y=X$n3#U>0tKq+)eLVU
zKU1pTyL}o`QYeRvjs@_D0A%8(x(v*v`+ffZDd;m>kiC*-b!B`Bk-i~dUX@}-c?}Ym
zc<3uNvy{rC9FUyMlz6OP+4D-<+0eBsFvga=D>^YXl3{Dq49IEUg*UnjBGbr`_u~vC
z95#1`Q^7u{NgvE3nEzxN2`}sUW9%w%-w(hA8;~pL@-5n&(!K9zO>ii$TZeB7A31J*
zrSnME08W=@P=q?NpX?skm`W$iU1ys8-;pJcge`-PY=c87=jeV9J6Q=^8{x_)JqrMy
zxLoAOsI_>RoX^B8&~dg>6MyOTEU9)W^)YZdp05t>J>o_#pZWQS@swaIEN5htc%6$c
zdLSI6J<P!CPx}Sz!(T#F<0}qu-ok?T%~#oEP=bD$UeAh;rz>;1w+?O%Cfub+=t%=6
ztM#OKxSZd>srIXpLi=9BYsi14`+bc=r@u_C>C{5AU98lq!Dnf1Q@$mE=kJpw@SMu;
zZTSy)7GgCE-23hgBwZLlu01>nxWe)8d;zEWiGD^38KDqz>XLTpU)cECexVSLf5RR6
zr+h{Zcf^iY;}SJmSK;7dUgzVa$^d8aj+Obq1lblMX}UYE@$2k-w&IV;^zJ}?DIg2^
z+FNO1JUCD4NrqcgRzo@%(AT(KixGdX@!tTo7NEYN8St4B4A&AEXch*mu>|({&Xd}g
zm%Z^w6&cYr>Lhci_|4go0uKfQXNo~nitrMrkHBQN==B+-bJW+*2lxT6Fhk==f6E_0
z%HT2mpl+$!^Y;mIiQuKAkMy&+h&;sjih3Wi96fIuI7Avh^X)S_EfP7q?^4<U`r>Gq
zuk$Z7#N=S#S&uQ3#F)p6c03@VxaKa&m}o+K^G*LaoXm%bx_d(qXMAZpWOxVZ00hFZ
zTvvE_ROkPpGrGqtc1-@^`8TDq!_Keo=AaN<+PIIOq1mzzKI-=DN6u$g#$RfXf_C4Y
zL-&R(;2hToZ3Xy3`cW(_SzfK!|ER!`oS`%)n(+c5OW|)(Q|k0PC6T`<8w&*lN%w7?
zh6{K9nM6}zM(c4RQq$0cylxj@J@(+yoK|W~`#c;pD(C$$l#0rb|Iau&XuDf|>z$UD
zQ7W|4#zX0+x_8WF<JotlZoq#{qG@zYHH-uVDp!gEp~HXTWYKe^Z0yITW|f>dxv<#6
zbi(n7Rb498Q+nUil6LRx=#;#!Jex2My~%d1?T)XWg*>`*#<#B}B|#2~=Ga0o?Vzc=
zXB9c<*-u#R^!}R+^mKhdu@uLawUmP;)&Y}h5csLn`4mrrv&m7(PGQlR!XPx>Qg5yU
zX&`Ur^QZ5bfeN9v+0zayKWL&DA|4pscV8YpD6YcB3PCUS-gG`S#NZ4H+orJF;ES87
z%PWtTeJVP6zTg2PL&>h9><}99_9#CAIxh4Q2rwx>m!?cuxCu^Kzz$*X+O<`~P!lZr
zfC!`mYafJ%YVq=4b$n)KJN6Htej1Xw-nG^aPTh|j`5BrZ>=Q2uTyqnrNN73~K+`8h
z&b{Vz>7qqK-s|0OW<W=yEQDZ-`rGpLECl!`D%&oZ2+MjGKK(WDbzTVJ&Ei7L^4mDg
ztMjCWL&iqJxVV1Rq4&<#iR7s7XX8_K=sVfFknV;L;w|DUK;CzVA5u*uNRqO2v+%aW
z9~^B(sXs#&n{cT~T+?fx!^KZj^deB?*E6VY(;TDbu9KUK-wskQX<jE~h6ml`36Q-l
zPWeLKXSY&nK@cgSv=!Y6EBj@bdJb_@IrvjHuw&$dqANkIIdD?kc4%bf`GO6Tr~BMy
z1liz4wYu@%2d0foJe9C_&%DA8%1$C8zn?@zwhuDB;pZnDp!<>oipwtijsdTr+8)#F
zigEL%>3%>T-rfTX@qFKUIXE;rMF<Akn#yIr{Wgh_ox{eu{)N>*k1+{WXPm(5`y^PM
z3Bc;i00348EoLz?Gk7$?F0({~b%Bs{Mf(l`QY6n~E*py@^3x(0rZVmnT;8Fw&}-U~
zt~Vrq`_queZAgIX9ssLbZu*FVB9yT{WVuC<a=+#p{gQXyPB<X)H*E2P06maBj&8Nq
z(`KftuuY@V=~Nt2w>fXpFwba|IBDp?`Q>r!LN}5-=)3>V(!+3B6HZr)^ko2pwhh)X
z>Vt2gVJzxnGRS4@${6@0t<sVUa?$Q+%+vGZ4GzL43b|$v)bSGXm^E5l8js`9hZpw2
zJ7W`GRC+_BH3wmWiY29AJCMDz?|tZ6*9+apCzk)P+{g5neLnt$+4dsmpOIiTJCFmr
zY@6Z~%vnk9&1O9J@WuUw7uC!0-+i36pRMtyR;Mt$c7B@Gt(HcA!&3uH&oy#LiU59t
zqF0Ewll-^{w~A#f<sFETwFnviliF63l1ES56;(l#T=Rf_utIet6%lq(YULdKId77-
zWKKduftzKjr8{^X6K7OO{RL!zK`)q;3nU~wV6*eUdpLk<9q9%(=nbgfLG>`;fYpGV
zz^*Uu3=g`I%EQFw`LQ}aAl`_w5-fXgv+Yx^9(_fVxbiZEz|d(mW5E$!L@pOlJfsxr
zI<J~q{TnEkHhvyAc>}nnHne~gqOmh&-BeYmf%>+rgF6!k@qDRtFXDQ7etlXk(Qx4w
zu=v<3>7ot|dgx3>U(v%j5#~|5B49x)o|+JrC^(qb&l%uw-+tUM{i?a=2r;xh6+vCS
zQkegsyRLGY!sN(U!yPE9u<Vo3Rq4tPGd~w)V$483Ivg-wu-VfI<KYr0l|5TI3`nkN
zANk(XBbZE7a;=7G64=qaWLf=~^R#dn-NyXPoe{}!e-Nlv^^v9MN??%Xz)o~L5ol0C
z9Wi-RJoCq>ao&N_D-)Z>Ci-#?%wkQ6jw|ktP`C1}ul|$qOeI@P8{3I*p;4DO8W6V-
zSpj0Vob-=jnK+;3Co+G*Hx_7FlukRTT+;E3GDzc1zCr@u@7ERf8I12e;%)o`zFir$
zHw1aqmctXa9|8TD26~?icX*eZ9*m9SCI>;yeSQm1lL#CgCRg`QP_DdlV?xb}VSB>;
z{D9xavy9@_b(^`6#FjUVDRX5gcq(qN6aI?t5^mIU4L~cilT)wJx%9Z*E?BYugqk$j
zFYam54kc1rOyPfk@Wc}k&V}OP#TnwlwdU7sUL5n&-!;p*L3A0&kbC@)#)PmGg{Z}S
z!_>(h4G?=Yjx1EDPM|n@D1p!U_~XfYv_V{pg5}?SdOi7SXdxF*3KUyEL4#6Fq*s<O
z?t-{}-hFb(Sq-=t`Y&E%^{>WZQ<0<WqZBD;;Z>cEcNSOA!k>ROVSPbYE7M$>(3=()
zEi>#7qw@Wxk{zpG!n+6;Wq2---^x#Y0>Kq*HH@DF5d4f<VFUod5hMsMothnoSlO^q
zI!;fb+0gc@*wTEH5M@H%(Ww|w9gi$5<V1D+)2`$}{TF~|lY*Wv>I`3{O#=XU8~fhq
z#chM2WPyp4ScL3Z^Et-$?7LMcK?l1y>Ij)th?WDIDy`>YJ0$-=EHj`lLjBl1XY!D2
z62n-q>Bbrr15v*P1}=rm=WgAeIP?80;Kdd3=byNkc6r;v@jn1ubDrU-Y4i&F2F|gZ
z;(nkGk&MjX(!^m+2EHt#(&u_-%VN5v+=&EmSvI2{csSrtr6Wl}GIr~)02{l%$N!-W
zoB^+x6(ogX&4{2^$GxfQg-u>>4lnYx=z<Iu&Bhl46CA(&9-7sk`U(=CsK*Vs#ktPm
z>(#dgYzX>(C8$dG-;*x}0a{ot-FKG{?k^(@%|aJz&urW$U$apzOMtDT1mwXc{IKBz
z!Sk*gUe%)rKz+dw<I{^tblETLG3zXy5e1m_jOk@&3QCY$uJq^M9nu!^*Iut{snT$e
zl-mkZr_un1`nsd`m;C9HM`q?}nNbaGqE7cf55`x~cIOd}tI^5bQ{x}=#&f<tb%!&Q
zgHk9vn99$E-G#D_2ZB6VCgfitKlr>PanVKc!w{CSsRBR^Of%4<szwd4(PU|)%-15$
zzG}B2fR5H9(a|R3YIWRmzrIe2Jz=Y3b0)hg;~j6<2K0(luo=nc+fZ?f`+S*k8(qc?
zjBX~71Z}STK0u2ykUZC1c*b$Fqa2F2qgqXJu6~WP`LGLc(H)a@C`W{1;nl5=iSuuA
zT%UdMBZYxG@$laT&cNeR&m)Vsz4K0X!JXl}ftXoFGNe+IPNMfOR>PNXfp9+xMEJ{R
zbyu@|Ul=l!pDXsDPvs81rSd}hLEjni+mPZr!FP~svL(;63ufJa8i4napl0rCVLX^0
z*vb!9*3m<4n5TJSpTN49tEi&SNBJMpp>~-0AI4oaEWq3wlT*jlivz3pW4;5J7!rW0
zu5egG=G>G90o^S(tS^07n2E%NCpmL~@Uh|g%e)vbp6~c~c?f`{iv!Px=nK3a+YZ3+
zB!E(@xytaDHt3wew^5matj(N)L`I*vJ{7!br*dR9k#z|tg47iNRm(8I5Cv%0NJt5x
zr68b7{j2|7{0d&1C*WgO7{_;ls1SxpSq{VS4r~=#oNha5XAff7h5Y71ashI$guItd
z)m^}+reHD%kjnGf!U>eJ>Pu^9z25%?zSF_!n?$96QDyO>9#xc>H0Sj7sg9Ga%m#1z
z=MdGuy`m$ES*a$9R2w0>Y}W>m!+OR)G;Q{evk527Ss$1HRqAN&-0F+P7qn0t#nv?I
zjJbxVMFR|J^mgbtBV2X8fZv)NlfA(KPBEee0@aPDcg|p7SK0Y}()}X!{-pcGQ);eZ
z1V|!hTqwR}v&c~pbd>+J3sH`9y$LA99|POP>Q?wyQRSRUV*6o);x|4b)8w~M|KUf`
z=MMj2m3`Fyu*&p*S!J303dp}$<-8MCIrcBBY)@j9rMaGYb~#53k}&XOC*nKas~u#5
zalHXk!=ws<6j}F#eabq7e-NMks8yx+Er)1<oUPmS>fGOhi;NcRBcM+(o_3&OjPQdv
zcytf8^+g(~WCb9VE4@*`Za!!+lN10Mv~$E}1oV54k9RaEW;A#`x8dC*)DwZEM)JYn
zjHYX#<oww*_$NLx019XA*2an6<^y;uF~pF(RQ!uh=C)y@(ifKx`tph!Yuh5A!U@_@
z{n*0OGUFvaSe@qDtsLec7V=@*tD&!Pdid(U(cxcTqJFWG?PORd=dF~mFF0sZGSGy-
zRUQ$82&HjyDgxrj#Dk_pHn-gW#wimn?2p99@-9G5EeIn10m7=O;XnTkgz1B!Co)vd
z`3<EP$NEP2(k`T-d2%OP(l$lMMmE>@bSD0$SzffyV5M(V30&xc@dWk)MGN=`P9|PE
z3|E!_^23y)oT&?T?C%rjl=O~^OMihcwv7=~>jRRv3^^)ARUQa{XhBe;g|$mizvHww
z^GCPt)p2Iw9|HKd%Oaq1RY(T74>*RM6q-T@ZDk26TyVcL#n<8gX(acm%Hl?zz+c8|
zZg-HLr!y#H09tvCL@Vo)Xk{*+ugD8-U43b$qE}w0WXQUH93pT0TU_y%QU3ieMp>{I
zK^H{T-idukVw6+=Fv{dR|1iq%e>2LuvHz1%o^M}$d6S|UT#Ktz!<3J}eeEoXm!gaD
zFL?@xPxmCQg98L2CK^HvqQPepkCt8_%yz+=b?k1({rbL*TkniHzWqF(LrUpZP#ppS
z-G7+<9tcQz_Nar0Le(Ir!kp$4?XLQMvq#X4%heN)sOmz(pR_nkaOP5U^o4}BCo@|9
z33}gtkt)9@C^;c&fd(prCJ8{FrM>Dx#+{mpj@K6YCG0~}!7=*xuZNoE%Ia%5h&gPA
z$w4oz87S^I@j~q6g^Jg>JaY#2hsyBi?%(s>qmORz6MmtQb7;F_@cv*k;W~TULA6u*
zkj>ziwlR5;D^?8_nV$3Xl}Dq~flMEXdIOE`_-DaRI9qq78t?C%^N+oyfLGKnp7J8N
z;h2Nezfrjz95FF!JIRpZApKeMr6jmuNJUiG!P3qt4d9cZ0amVY5P6oW;w)0?HmNcV
z+ftc!l4zWXiZnFaM{vID09V@;=JR*ENGMS{%-V?50%7xS<+fBZJCy`|bH$xd8tEo6
zZe$K$NQ7y4JGBh`S3!aDuQ-;xnRhw3%5uoPVPFU)x1dJ6Y+xx~6DVB{@f&@N<VFYh
z@3CucbXPe)y(LQ+KtueGL6AT_mmcI#+xx`Ev5B^vgX%;Fw3T(Dog(L4Y{%*B&pWEM
zc;#P5ZI#H54Xa=b$ez~P!ktOhk7Dfsux0TeRlqYVm`f$+zhGzRJ)w_-*6RTT%c;ZL
z{0G6tUIysnvGnkpC-kxSl78J^`q&3Zs)CpU#4&j22hZj<H889d)lx{Z7JN#P=k0)5
zN(9@X9yO3F5+<34>;dEQVdp!7xh%R~0($964iW&qj#qi@)TruxbE+i;pdWPo>h}FW
zjsr!qTh}$d;?{F2A(%A)+4J5MDr(;Dz45{yui=PTI29fteh08dkmMXsI!#*o5{W+Z
z&H_ZAN$9<FbX+>ZX`eglIdIFIY{R0M;`vZSK<!ajjI>)|g?bOC2AbfeC$`ED%A_z`
zucV{7@mH<`SMf&gzh%I|hR;wHEJLCphL47e=@w_7q|uqoPDx>^lzR?+I3(4@S;{zG
zSQ2)w+_G*NX1-?;P-;4S4ij~w@Rqu~6u85!YcBB3s-abB2WTM+h1%U-a0W>5{y-4d
z#5XAa1%vxev^)azf}48s@RHE@NB^Xg_TLciJ5A2h^gNo>KNqT?Yjd}p-l48X;NwT<
z47>B*0t(%X4n6Ha?B}f=>Sa#$PrQvL!-KqRR}Q%!BUoN*5;&Lyg<)Ypq~k=}n}g%q
zE-F~66U^EwL9(Hw(VoCnw-dO!Ji?hK{%^im5XCUuG&;dnfGf-#xWbH)n!u1xu*LWB
z#`XukmQZyjS1)3cIJ~^ZYGeW20G3Yu6NGv-_%xs>NumE&^3DG?C~9pJ)V4Zn#fP`B
z#BIB7vt`v&VS8&$tu=+iUm=WqzrA=ubeoS^sbNR(xkNn25M`pUpyXA)8SR=q_JBo5
z%hD5q3{@R1U$Mj3)O>*?6x~_5i{`tD#4b!biI)aSTsFaUnAc5+f!WY}1;huApl>nx
zcxR4~T=>1QIbnp=4@d-}b$U^#ODn7cI9oaqwrrqnr?*Bi<nS3A2ito^H$HAk=jbc8
zwkMdC@7VJTmW|w%D(K1%p_Sx{VSOEKJ@rmrp=1O#c_nai7%VbY`%O&qo0@ggqB)-}
zRGjvMuq}hM1e6sC&G}B;n2~qE;dTt4UpLFBD)3rg3^NM@R;$0_ivJVP_5l4XG{0Py
z%s#IESfammWLMcyu)Z*J(RHnP@(y*whd`e@zs1ekMO+UlgUaHFr)Q8x=|kUMUrdqJ
zcmCn%ff*c?Nc<n5mJ$H9*Y>en_x}nkju)M02sfOMlPmEgHrR@ykrd<GSvG2wl1*{5
zO>1v{HZWDTrT;HMOf#Q70r&q<Vp+M=2ZS|uFXgz}{x<|H9tSvzROX?TJkqr)47E6(
z;tPMl@4dDqBJadS%=0&^1tVyChQ}-H5_~kqZ-+fx($AIrpuTuVRU81no6qxfiBF~6
zad+jO%Vw{fhXZxz8#~(CP{jqK@o)Lydx54x05YB?m%41Hmy%AjL+?)&p=3zHZht+9
zhz$YM7-<#r(&Xsi2+-Gj@_(@wO3?h0wFea2#Od)~JRu{!F_h>5&_|;Xmk&@?y-9>E
zcC8o~)QOoJeHVR8i%ini!<79HxMY}ouexb*CGWp+!o&wYZ(R?e^Pj+rGA~e8UN)v{
z(H{e^BlZq{wBX|&9UFm4Hk944ALDUeoOc4~R~mpanJC|PFhE@@t=%M3$<V1FSQNC)
z#CFmQmYqB8LikBSW<U=4RRU`=m^c3zKKMA)1K3R2(wtDj$-@?Wbb+g3GKT_}jcgxS
zhqIFbBMqehKIz)0j&(O+1LszRW)){h7Nx^--1jSht<!z)nZgf!s&FSK3UV6Z$kpF(
z33-X6nzBM9XdiKsJYI7I&if(6Xjth;DeEnz3P>i()udE;@5<i2xm5=@(B&%RkbUdh
zpN&IvYu?}{49&q31EJgeTS%s@eJY~?MI-5&ua!WU^mFUJeSF7?R}7%j==Kv*en|I8
z)qXE0!_A?KD2|a%*gE~-Ch?E%;+(+>Np;cnkLtp;koBp#12XSn-$-+V;|D)6G%!DL
zZP-J|B@RqUea8!w03*V!klbe*no3g>mE{NFYR=HOV|pphzZ~(;-AY^qzaTN<Eut7_
za!h}M;F8c+VF;&{tvy14x#<Lz33fLMbZb4}9wSSZys)-$CZDywGw~28-eRCl(|BZ=
z7h@Cgp~tuNg;`T)oNOnlj{aT-2^xn0(D)e%8XI>t=!TA*icb63e@ssF4YA-@-fpAv
z4*3lTF4{?gi)}z~QA844biztWf(yH^H!K0cMZ*_`F>q=k^&z`3;ZHZ(BDFHhNw&Jz
zvRkeNpqS`6b$?V=Uv77N@Tv&Ux!?XGR5F9{qDpSKp&d$FS$?)WyPt(rPbcFV&eZpw
zM3%dBXS8APYAar`u<hf_7;S)GCX=9C&eZ1+kaZEGd?hcni%?q-B$5EK0OA+cL2TC0
znm@)pp676JL7Q;Ul05tpl5=AsX6Gd*@CFwJj-j>$gf&p_t&X4D!#+&2VWWWyDVeXO
zaC8~FdO9{2epXip7uSVQ#(0pnA7x2Ey1U#ZeB61p4Mf`Bo@8dgDp0597(Pr~me+hp
zk^HjjtTSK1GCG+8c^Y+b6miWYJ_{xEt|e`)A8>>fH~^ClTbd`qB8rkYtx0cOxB^LY
z(e*FQMSqKe^<T|JJLBomQ#CAP!?j#7spe9j3)Z~_?svrP8=Ww}%zw&>3>8{3ZlB06
z>iG=yWyf~_vo+g9gsD$_e4rs_gjT!Ts01<)GN$MX?2S)vlbM%H_@chCi*46xFZ1To
zd}8>cyFmO4B^N!2A)(|0(7$vSR-#V1z_u@mC_&nQ`MtsBdpm3($O~4Sl?YqHI>tAF
z5rXxC`u(vF3lD8&-pMRVF@J;iqQ<B_64G7FqKz#`IN1#_-YTfu{iFyLAKjB~Y)%-A
zY#(8fSfQ1^yZ>y>_FHkDBpI?%rC3QCq}NHE`6o2q`@1UWh4np}(uFTsPwS)&svAe>
z#Cf8D{XytIJh1jiDiPp;3uxd5Sb<yzt^kf_39e)U#WY$843pPVkDvCznt$r+;7dCU
zQ~K1`YW}dn>);y4YndC@g)U!)+GCtuF&Y4GJ`8S|A0q%XFyTH5yaa@qJ*na^OmRRZ
zwFROyFYOlvQoIe@xZSIg^A8oQ{f7!3f6jA2GC8sQp@K_E)gkV-+w;1|m*x)^Qg~7c
zc5z)j+9_X`zF(1eDxqoE!Y~eky_3CcAG`U6?xU4h51<*pt3b1*7Vuzn(kY}cc=9Ij
z5*f`shXFSDBawv!o^2hvXPii6u=8Is`14nt2=kRl6DbDrq2Yj`f5_k>+4hQIZR0@u
zUakk7Q1xR&72u^KmDBgMpI*P;w3e?-Ec4RbH{(K*!tCRdZ~X+t7<u5bQHW%;-6a4!
zKj=bo4}e7~4(=4-4S6c*EB2}vp=le?715r9w+C&d$@&}L?2ox(_S^DmT%usMOO-0v
zHC?XeC**%=U}=D=d!o5Zw{w{-`DbY1azO689o^cS*JTv&Dh8k9&)r78(OWaO$`VLl
zzOme~93J<F23GoHxbl|<-ldNI`J{VSz&fq;l}^{0Y39_t&UZ`)j?yx%$H8VDsevSI
z1^}^nHy08h<_;L3y}TS<tdn0ExBKgh!&qbG4=R*4=<_mt<Lf=YXxVk)CLX~RGNWjZ
z!{;b%(Nzsf{EVuJxWM6Bm|7w%ZSO!BN_vY_T0#<-XQWi4;IIOGnCx$l*u2)7IsseZ
z|B_-<5_J}CfLAbn;@JF}4STm^3w4A&VH5;521iy|3xLuauYc9-GLF3@NW?0P(V)KF
zH8LLVHJm*S)Xn|=R~>U=y}%bYlc*ok4TTq14JdcFOS0)qcK(B>B>+5a90K5J0WtH6
zS1%&D%H)lNRzqL6#(O4SN9x3sV{Kej@!jEn0d6}adhg&)CcaNS6zAM`fCw)Yb+hL%
z_Id7_g!c2ilOrqjxAZUQIZ1&WLz61FN~&8SquAJyS1H9vz!$9R8uA2x7n6w?mfqne
z`ovT>3&g0pZg-kY4f4_gOmpAA#2)q#h6!R#)dDfriAe6SWSH}_%kj2SpkNsexCAUt
zpJ*^5Pc#@e!xW*nWSLE_W2+Px(0QDOT}Pp>x4*wpl_9b^2FHSiwflQB{9m3uw*fVe
zAzs;&C{_6}Hub2;=A^)-hg73QC&g^>N4`u(M-G&_0#9*r{O>rByA8*nT7lg`9mE<@
z*##o)(x6}W&tJd4d4g}hyz;9b*==}PF;s)0?kx&baJ_a8vo<vI?Pl4#o5(sS|G?jW
z2#W-O+)?~eP287sKfv)f2$kR38ll@b>2PT-W^isJquBl=Z(^2_nQn)dVg*V|*MyKo
zHB~_Cnf}V5NYB9O1VhjZ!@m!=?4R<tQrc4Q`-!RUUR?R<jbbMVAiYJ(GU0fo8?3HJ
zEb*pKFuK&<Q~8Ndg|RKeDKZ)NQo^$<@67>auYn9Zpg^zfD#yZ71Z=)-MP&Y}7DU{i
z8)hU_2*YkF-krVe)&;&-r|~r;I4KYxTcDdf(mCqW^{)KO+h)GSYJipVh+AA~V#nVb
zA|-^72J(+S?GNS-_^{0UFymJK=UgA3G;i%)*Qb(Pe%QSrF6>5;@<-{)umF_ae%@+s
z7A^0TBT<rQ_U*qySF=;_qEA5aWal5HYjTj^)5lb*dy?ND|DST#=Rf%B0M1bSc@6ZA
z!%k!8YxL&viv+?+3t=zSpUUfChiCF1se{reKE6!Md`Q*i8kN56-z^ALOz|I@*?RR@
z=m@PJ{mnt$I_0vR*#zxnc|b=!<U4x&_+ax5_$WT`n_B3l%<#Y1hg%3F3-mWr|5K?(
zCe22ggl|T*!Ri+QKUmy2$%)S2L|xU^tFep^hSr{zyP)wFKsppy0UP^hRN6g}A9cz}
zHEI?#0JzCH1PZG~bp4;i)rkW!9NS3H0r69Mc=+PufApn5Z*Q-{*%mnQPX)GA@J34h
zm&)2)kNX-vcStY@mIu^vJ(`Cc;dN@N{}f|`*;qy2V^DoOU6sj)kA5MKmvLjoSd9L(
zS$09Nf^k{RcZFv+z!FNoZismDB>;U|yS+$KMn>){wd%juNIj>*pBh=w4WLGr?!Rhe
ztv}`5>#g55>~B%=IzbpPvQEZj+5+a%?8|4B`Aj_X?!!&x;OpL3C|<mhHT5`Yx&AFX
zM4bR|Z%gM&-TL<ijhh;|5`YXdo%&;A*SsQVIg#cUYoy+?!+;negHfKT23_f;nGW7@
zeJ^G#E5NuFdxh6Hp80t0P|vl2Kz{F^#-?jmNK@fH<!#<4_t;+EC_Z;zX%ajf=g5^`
zbneMpU?yA<w;-MKSPL8FNMTp1)RFq>_)iz&uMVgPT01A>km}*9HgPYGXK8BTB$3IL
zl~X48(#HHHt|$R2yIO9>v*te_=j3fFL<b{x6*KPmd<Zf)n{q||VaHtZKbbfEr%t*N
zMNYaA8x7z3xc#^yEyhVVL%85TetW>=j0CvAJwnmkJEFNfCW5oN9dp5WR*-g)M~2a-
zwTWw5gl^vy7~;J1X;r@IgK};<AiSkG@0@FKU5V=^;#=cG3OXwv8z9`pdbnLOur+Vw
zCEE`4=o78>fQ?N1fmA@n^*Kl!^c+Dw$*zLWVIT($9$N)AJts$+7O-{>KR+1hFmZ}o
zjf@0bIG)aopJ46O$3QXcs&5DLVTvH-TtRIJPx$Z92=w9;3$@vrMzA92eq-+<MA!Hn
zu9I9iErG)yPjZX*TEzGyG$`@HagJj%@ZRSB&FBi-gPNnF>2BN(yHB#6!F650AWmmU
zXUZs3qB5UP|G4J@_y$P1VjK<ndrA|qe^q@wc~x`gRpm%>;*FY#5+}xU@VT~3r;D?!
zvg-&6)u?})!hxR4ll2BxkU`v!wK4il^UrG}3kp7+&9)3!6BOS~eZBa-{qGZzk-ZoC
z=PqB*NpAAs6j|6s62bEK_}@&*`<k&p;kz)d`Tac4GOs9rPPtLr4-$(Tg*M!RKmU<<
z@Hw+Yx3(@H%$o%_am@C2yu4v<J|PfTf@({%95VFBp)YAccIQV|w|58E(Ma?C9<BTq
z$+TVp81R&Il0X>zZ~OalC`GY^vy}PAhzuYo<S}X3LPn-R%~~FT4J3I=j{WwTdK#n%
zg6|+h%k_J%GavEFFXStv1JcX`>HIK#>S3KrI{apD)=@?x*&o1wOJgv!`NE6Wt47c6
zUIy+-LA(Pe2Jj%epE4M|n-?qiKtodv-LXdDlpGmAXCrqfQ6_1noUnKseNrW^DqaGv
zWZhs#)Oc6|zL46wV3?nHxsQ-*OV!BA+8)|{tP5(+0W;Y7?`u?)#KQG}bj4FGonZo0
zyN?qBTaMzde4bjkCqYJb_aPw18wiNlOjOCP`=7>dDy)FxBC~D(YnPmta(QCs#AnjO
z7nFZ)9zy}~B635??TDR|wzen0S{KTC!7W;MW(>zSp9m0(xgR>cv`sX(pE1&L<MFzf
zFKwT4#unmO)v@TVHVrEyi4~J%Q*@sYm{o0MckZQin5~({H9T_oPLSUN#3WCOEF-(D
z8}lvUM|4jy_l9f)!27LW`9Q7mQrvB){cLkgbq!b<$F<^h4ovDPyx>^#&Rx3;A&ts6
z3?Q|;v@SeVZ#3M}bO2SE76U8-8?HoxZfB>m2GC|AF4<!awihmwPAt#ibz3d*^F9dq
z@)sX426-RqoYN;l{4lr_V&_ckzH3AZCKbkGxtm<yW1_Yovc_26#g>Cx(>cJXXBfYT
zj$vPq?4SBvS(?$7FH>p%>~dHkZm6@e7Jx+cvsplix_3g6bd{o^r8J`ZL~{*9wM;#5
zU-EjNs71lzarONshc@imrPnq2v8Tc<m!IA4|5I-%M+C|(P5CTVX2qt;WS4cFa8nz`
zG(X&zJVG`xo0C?v`fom0Kc>9O_NfPPJ|W?1mIw-x2cdaqIxkGcBfu)2k80D#QHOpQ
z>ABRlfBxrVJ>&#x9`p2&G#E6{aPsimTtRn4T@Sd|p8wVDeL4+)r7gyNyfNM&&=LJD
zHc?*K$*ZMar2O3-=}cLhf4jdoPmC%hCq|W@Y-J;0_2U>$g58dKZVRgId*Co1wDK@@
zXOf*YD>eF+V$~h|tMYB-oaF8NT(}b^L1<`+l+tUd<W4Z?x#=&^q-~G1vr!D~@l^QE
zJ$1imAnvXI&^*)|pgW`v@P&LO8%2il8u*RW`VUY$K$b#$XAAk@lHkmh)lGaJM{`|?
z;U6bS`ZuK=Ao}Z(BR;(89wDS6nvBflY(F)PyLG)cj#3ov7vxZc`hBN5R4(?9eWQp(
zImO##>at`!-T%IRHvTzQN-jct6IkVg_%&B_UkmzUFcCUovh1Sn!z{SqoO6)k<0CTr
zBg7yBSt?XAulaXpgjK~+#Hnt84e{S<rkgq)*<ka`C7uwNVE9Nb9rnj>0u34Ah2h2q
z4d3`Hq5Jd*;vJ|_Ua(BX9%B=U+_<_E*-uLTI@VZ;WEOqlu-}&%`15Hvgt}Oe<fzxe
z$kZVtK_`82+mjag=mh4vSA4o(kr(5_ycr04d#Dejw!2$=xd3%>GYphuSWFAvBiLe?
zzT$PN_JQg;QQqHA1rlj?z>#=W&46${gg?)Ig)@*T{o@zW!!1FZ=__Hz!bhN>_eT?T
zP<fgCO*8W0ws+^p2~+uM1qy>s6gn!$!00sW+=*u-{nw~}P3!GSV7RCA*};09=fho~
zJ#SNCPxYQ~+P(otl?W2BOUTxH-%(M9f03TL2&hz=cFRKgywg$-lTBos6)coJB<m=_
z?>r!J4?#%8@b=odpdRSOoE8ZE1x@?JyZ;!!=l^5;&dR2I_y1x1wm$7ZGpzL1_gXpM
z)S_)j6cDOBtj*-Gqn`8U+bBppy$VyuJS64az7{!tsBu3_pniW5W`)%{L}p4o$$58n
z-pcCh3gCF&)$_tIUDl~H8HaA4(R(82z3KXk!e^mrc(QJsKPxa#xBj>o4OB2aJ5LJ(
z$L4ptA1#jQKZ$v!Yq=hQ1RUST^p)x%ItnN6RXC83Q%dn>P$wc(UaevFm1zRAuAinc
zCl}*o-oBM^7y29gZ~nTz1(?>&`*V;i1b3gR%O4km69w7-WSM1Iv2cmFh;`eK#7!xN
z;6`6xi}yymMnG}tyJU9kH;SFJOx|8YeG|*>N_-Nss~Nc#qb<ji4`;@Rf8xOycbEsR
zDV8**-?VXN0KQY-14?zgaN>dj;P?C4ftaOYXiJjt52YIux4#kXJg~B2M?AY2gD?=+
za9wrm4MJEc@htC;=n>Aji&sa5LFauY;ZyrVN{U<B3Bt~C)U`5W>@99d)MuQhI^z8B
zKg<On<AKBNvZs1MJ8k7bd#(A#*raDEL&VcSBp9hxRboewR7E|-wxs;C7f?z+)=Li~
zh43gxBpTX$9^98tu)bUKq)d^%Vv`|loiT0bf}mr-J=QygES{FMFe=tX>bSRv0>x-7
zvYL0H97tZ<&h)U)l*{KVB7AG&{Rn6o_Bk3ZK{+9IAF46o(`U+$6DPo|EN>=e`gp%A
z3X0F2`*^`*VSfI`L>5)ecxf(N0V94U73VNEm~XL*+BfU_d4rous)W6K1Z<CgoYRWD
z5vYbL96_~Z1}?-R-0|mQ(1)7S)165&mi371xQOrsBvD*C;A;<KK<a11`Rqg6hZ>2>
zarwYI$T?Lf6C*+h`$pW>*`bY9m%nmt68>yz&=7j;=m%{+eZPJ6^)Qx=8+o}=@&XVK
zdsvgEgmZSPjzKjR5JxvuH3>XN!e)8n>81C|I+4r9{42A3T?ilq50Kcw0Et~e5AI9o
zqAY7fu+QuVd73T|(5?MpbyXHch`xCX65PnPoU*JCwtU*lcACk~)+Y8>&nc&yS;|9v
z&(vFjDnHD_FN`(9GFY=76&LYW5^_l;gEQbHWh@A#oK#LMKK13k`1*Xduf7rjBLDp8
z3Q_3H&JdLw2K~JS+<NA*tXjTBArj3oY{FSq3kBkdYE0x?sWpH4%X(+DK)<E-=H<hU
zFvFGtP>FT4dRw~u{g0)r0#AFl_<Z&)^3Lg>^}}m>8RoQrA-E@If$RI+&REk`NKD=O
zhPt#OUME_9yFWQcLOdYLd0rn`AOd$jKRAEm;uALcxLZ&ep`E@sgmGsj)=}&@+7@$Z
z<2EQUxy*k=7)WaspiRPl%*R*MLej!Br-9MwIuSWj-7@A1bVz{p;_(2cd=_kbm##aF
zbLn)jgy8dAPeT-HESgoejmUysk1p}hoDq2yq@#X@rX80Qc-u?4QAHtw@=Vw(vgc*O
z->wFc-4SJbQ6F(}tQ3GjXockS!s?Az-=AJT&8tdZW{ZYYZkB8gndwiD1Zcs;ko5h@
zQu*4R`uH!ahWZGs{=QJH|2n$(N;RRB6AkYWaz37W252<E!1b|I_Ix`emJduIyuqF|
z;Hx1|;)`rEy!GNVr0nA4dyhW0x)e@YW1qq9%G+wf8Cjv_5;-aueRA#dtnn>_hJ35(
z@{kzB3p-C-9d<gAFfs(q8Cpc2V(Y<rf<6-gX_~ujIu#|^z1gtj0;qB```k4@4GhOi
z(Xqzzcacn=L>CNi_`L}HZ8SZ!bRKOexFLj;(1xP0@S#akWSow$MLpR*-_+r?DxI%|
zPw(|8d7mA-DQ51{3HZ**%DMZYz#l2729u2CzfYNZ{Mn4!(rwoRKmT(mYy_YB5BMkh
zPDM$>w_snPu{Dy^j@&2S_62$S{Z2t><>I@N5N6k>kZJS#UKra^?BAf%<uenlK^Idq
z3Ix{Vc8pDHW5G21R6>5RujJ1q4iVZBz@_)Xr5c;J`*tMr^!>}o?aWg)=(A?}$iGjY
zqPk1N+@*>$bn@$sP<!HHw!Eb;xvC^wdvHm8QXM|@e4jREedc1q<lM3kOA2y4lpR!9
z>u-_-b@IPk<@PC01^+`!b>&Rd!nXJht?=IH0%w-y@d#;N0vtilhh)j`AKFQew(!z2
zmY6>;E~T7drAm7He7so-r|EW@oA<_m7)$M$SByr10ckTPx)8B$AzZ_i5CM-{N19yz
zxbXp$bjQ-p?%wLkgFIy2>9jPk)-C_6Yi4uNW6FMhZx`7YcN@3gBfg-`e3A~XqY}_*
zW(4D^VGx6&_kQe<g^u_r*oqJ^WRrko{8>|;_I~p$4PWiv#QXVj$CXH{Yjv~6gez}*
zqw2KbjyjOPTtSM~qso|V{iA{gDd}W;G>Q^-jXkGbS(#aVSVh1E4sPS^nWTh=A&jTW
zRHvA>&rR=LW1G(1EE8Cn6%nb8bE0eao2x~iA5iIS34vN-X&m+Yv_lcTR(xrz)PvBp
z_fGM4a^uB;zsV$fBd4JHC8Ar>TH;Xt_-|_Rr+f)l!orq^zqdcA=POO}8<u0Qv-w2F
z%R8HQ1c(Gy#&hu={9#m4UO4?k=h3rKPM<P6j$;)UHt`YS)jRquD<5EH3(i)SSh9iA
z#5z`=NRH>g>Q))ZTGru=xun^DVgH6P^?d7h261&UkD+_fN1;sVeED{jSYXyoI&5h>
zgEHZtUKrk0+^Yp~@+w)nt#6uL`0BxNfa9-u@|5i@&82FpBkHy5HqOz7>hlhbFB8qr
z^Ge-_EbFkkn>l&AnOCXOO_QT76iE*Q(L=+WzJ(7PX~z)ES;ouLp1b?<_qWcAGgcjX
zIX-<<K_-b=#$<0A+D0y_{JdK;<zdyinSR+2+YMyzP@PVd9sHg8gZE9{j-g52mzquO
z5R{ZBG_;lS6(f|0?Fi3>6K_Y!RXup5#o)q<8b+*R9h-Q;t*xh48O*QN5KMCh%m&-%
zBAvbeyflR_UCKx~551xq-Vzsh^%nk&8F_gW{-aU*k5`}Wl5>CR{~A7ct><j^1KZyh
z1d0aEOhtaGr**U)`N&dh>FI5G!>BBgp~}%`sEKzYw#Mh<=X1H0{>%*v!c}=~BeYRP
zM~ql0<}min?!yWi_)(!S#7@U3V-nZYd0A6_OxsVr5T^e~55HT_5AJ=<AkIZYUqfhK
zOJJy*{rjyG%wJ(=wiFJy9osJIvT(1c!a3TJKE|*v{Naq))rWk0w_`VPxomo?f-srA
z8QRS|nU0972Qu9{-a2>T{Yeba@2IZ6edheGDFIvS;OBnk;j$VJzraM^=&DR!(WTTM
z0rP2~<0!SKo0M6kDuxV_aL1v5oQZS{zsmEq*cLp)y{nAAU8BcG=Z_Y%ns!H4DtbK{
z)fHOb-CA&45vH$eu>i+K@XFx*>71t)vfcMvPo*qN6?LxAP5Wo~-8Rj%vSYu{yRCfD
z_$ayU%{k;z>Z7_T{-#>y5}}@!iipdxh^WHzd~<RB+~?@eZ}wb@gN*F=MQLC>Yqi3B
z=h#g|iHdldvor<auU`c;{k<i=Py{F+Q~4}&E2EyL-ql{F`Pl+HVxk{RE=wH365!ez
zKl=KNVyGhT&wfK@#j4bW1czPy2n#p(npXK>JyY_M>(Y7WwtMmnLj!WIzn|R=pH}7z
z8($EufreJlftU&>oK(=Uqgp9b9&&9w<B|m41n0w4rB*7#tR@+9(*<YlYX9|>I2)(W
zTX4btOtYW3lZ#2lG7k3Z<vgZxo>g8JagRB$HKE92`OkZq@v-Qt|I>wzXaqP@{#9bV
zVRK6b%d}VsoU*G@YdOsD)yP>%j&{kM$9haU#2O>SCiy<FQjm^}hbc?Jr@qem5k?T4
zbCKlh15}!1`=nI{IQl8;$+LO4n>0iG0?&f?%GSRrt-du~=_?Ax^@vHC;wR~oaEAtK
z!3{>W`+Xp9i<5sM>%RspPk)Y}YZj--gMJ15E8^s{+--}$zXhKCpgw5!ESOuN=6)>1
z8X+$lh2kD2HhHa-V3S#q+t-^Q$}5D4!I4mZ&6P6ieG!Iz=^>T`d;Q_sx?zEUlKr+c
zw_U?Ptbh0t9J68%thVCSgwev<@s+)UAyd;`VW?pnp-gJN4Z8@u+|E2X8fM&`=wLLw
zhT(yYJMp;uu5WZ6Wo4l=fZ}p#Cyf2T)#Wg{{lhQ9DX-nJCh>K71EH9C>-<CdRyPMv
z!bB~>!xw*;3#`KJntYKUE6<#u*k(z8+l-I0N`@nnJ}#TcQ)G^cz}hy$e(HGT+8UWR
zU+G=nwD%>~f^x4GiTbX5Pcp(oS3D<*>Q+=XXAlp>k9ao>U~Bh*g<f4|(fROwhV$=H
z(vtV_hvnod?z<m;We>Zho?i*WewD_yIeh5?!*C!|DXm8hN2yx<58mHXL2g?TZu`8o
z9SYp1AhY=XpS3UEKyl6PTHa@`Yx$1!LW9Haus6$lDGe`2yCBtd6Jzg5xacmx%V`>+
zX*1_x8%i&6r$o+|ZxHsXuo7G^!7bia=V4JM1jm)6G>yGf2YWA$LhoyfOMEB+;eZ(H
zxM;~l9HvXP&&pKdIn(1L^tZ0Q`v!zp<!q*0Dc0o3ZOM?DoRa>-#qj%*Er!BA*G$cS
zUYkR!FZLNg-{pbj0szj4;4(F#s*9<X1*>8&VZ6e@mh>ANoGE_EFOiP}DNvPMa%cAU
z+L3wjPu1s=`g(@xYs{y;B_n09W>zeNL(V>RjgRY2+vDlZE?kao!ugw344`J9;-T83
zX=yWoUw44znV?%9{ia5*?pqi5{6`@Zd>`*wxV&4{ElWGwA}Ef!k$HD3txmwh$4-WA
z`XclF;UmA5$ayjUrf++~7t&Y*VCIt<b)AYFtR_Tr^W#%w;;%_Dy#|Dn6<XcrdH)@y
zY*rgvw7emgsp3{nhvsOL{+Wx>t7H<+%$97wiihd!Y?a0Plau9@O}r>(!?gsfwCcNe
z+^goQr?|Iv)=c}n*X0e<saE{Gp{{qG?6hW>S~)aNO*U5F76}NlH40_I*t~u+x)(v`
z<@^5qP0Y@k(wFna@goI7=?1?zJv*E?(B~Srk4IOQ?`Ju_9$k6n<$}Bga=wKTPzLTj
zGAoNgHAzKKA)(KCSo=5_?IYmhNwa!wPU!wE86k7fUN2Qu?H$VNOBc4U6h<$9e-m-j
z(Dfx7UkW&9?`<*Ocu)ELUh1GtPRoAV_khcBh{@gkJwZD9fdcyhj)4?t=nVohB~#!d
z0(BRB&GTnQzG`zH<$AT2WKm<KXkc7mel7!-(+p(}`>eEOs1xsky%u!o0OZ9)Z#Rod
z$di$&#Xp;6gC^ju9E$j7%|*YlLUJ$aYYCw%pE^L&$5!E6NA>OK>nRzWtLIn6B?+c7
zir<DmgY*ErC#%llSs);U_bb?-BI~~#e@eNs`-S0HP{5YzS!*t7WD#TJ=^~ARh1cF;
z)jxpMnu47LSadZ51urL*f11ghJckmKxJLU{<9;-y!%jrsRvV>kwVwz1>#sWW&oqx%
zwzk-RUs+dwL1uM+tCe}pKbuZO8*5BeE#4~~_N{=t@~q?b$K-1%FyXEjMSN$6)VWhD
zh8(Jtp2bCjD{u*%uw>lsF!<g}JdoH3lvto#!tyrzY*#c&ckXIZY?hgsjKw?vVio8%
zhG^BXH02e9s*31WXfOY|botf5kXBov;RdaJ0kObyus3f5!)V_RnH}|Dc0WKy*Y?;%
z?4*?1oVJgKI=_71X-kI{5j85DOZ@^^$Id)R4Qex-b<aUC97l&9e8?G^)Rq7+%p~{=
zx(>{E5SI0c^6?YXF667S0H0YT)SWuoS&EhFb2KZv3cl(=c4K|P=8xa3b(WpBV3K8$
zhS_iVnMJ}dJfqAPshvSX&2av@@n^#;wuu4{_H_r<O<ptdlsK^8>UW%RmAjUe8K$UO
zkygP%rSX1jZs|;?Ox2zsdlC0XtJT}(I(!!oZQcy<(ForfBfY5*%DlZoI)lUKYE~}^
zWNE$^K>Tl*VMqbAMA_vc=Jr$V6&&)Z{xz=ckaOq)x(J-<?L|0GA~N$451(E^>C0;?
z3?=TvLEXOyrW5(+EB34h=dkk=^3+|3HwR04h_7>o%g0Cba#Q2W56#MP*LEv^5O1;N
zx~5pT`tz0f-m(Q&iOVI#$V;nU0>||74Y4!XtAP`%{`r+42J;<5B>3U$(;#xuctt;F
z9WCp2gx<qtgd<Ov@DGZ$hI1?zL#fQcbNj95klXr?lt}l4q&z<h7y7ey!Pf6?b=A+l
zT7FZ}Rhu`(amhoA(`%Wx8YHGudRtPmM$IqWq!okzz>EKNwAJrtsjuM<`R1@wb?l;r
zZ?kyk{&uWh(;XgfSaCWkMEKS6Fgd0w7g=FrP_=b#D|O)tmn!BKn~tY?Nn?mm9>v0=
zH|w|rZdhl>2Ur4bzw)dlqtnoXz%&bcXbHAKX?E|%69eeANmW<OaRmasmSm)8C9Saq
z{n865?cwOc*Np76y<PE=bjwAMAJaQE#~>j|VQ=}KO|5M3rMk_*E1(NYzL7)LoBLg~
z6LN4BcHSAZcBaDdSG_9Y%OGdv2$b36*UT%|Jn7$C;5LS#*iiT<G_W<z@J(3_ZZNy7
zx)`?bRM!068a3Pe6?FZG{<`b6{BIMP(uU60GQwS=xgm~e*<I(E!X@^;_WHc#WfB@N
zZTjM%ShTa-@u9A<eh_Zr9XFd4eOs!hok&r$o7OS&&6XAhD?D#nr^x5529ATf*nNVw
zZMuyIJlRA<(keOjEeWM#O>D;)-8n1T`FL)ZUpHVX0=hl3{BJh!f>|qYYE{QR3wfz=
zjM0Yl6BDrS0S_ZrydFXf@Gm^^uC^d~w3id~q7q@&fT9wMqGOE_D&2OlymSE8U(#MS
z{Z(1^^1EM~4~tb?)Yz2{gEkmP36ib-BcXR4eEONMm51-K$Q&!w9jodTKWk27n6!Aw
zTo!|J=7t<U^foH}SuSjdFHSBQUD2Uehb@W-?k35ug(UbrAuh4bTy;NMC)BPVkdxU`
z_Q*8H(UvaQ$G>B56=VP5to5bogVOb0dQ2>w@Zk`_KTl1|U-LToDO+=l2kUxZNN8fK
zorEeC+b1$X8uH-lvZldhEr>8Jx^KPiPiEF&vdSi5(P2w&Z?|QRG8Jy(8p$-T->R?n
z`m7Jy_jg^{F=?#6kgLsR%h)-ZNVv>o^3pnO@D{X-Dzia~zhY?%K(c*Tk}6I=Pt+y@
zecnc3%#?dD0*3NYW2-RQYFsy9WR4YD=d<NG+*M=$l4zsE*fc}vIlP{?cbp3!*>9VX
z_upL_BxK=Gqr%U#4mgE9Eea*t;o{ID=Xs$vt0qO{6%?Ppx<bVK62QB>SH}i)N^0X1
z5suG^u|*IK`rRg6iaz49Jo=86Gx)jx{Naf6d%V>js5}>H|2_ie_$(<}E&$z4yN~})
zAzdz@jrZ(EP$|hjK_(kQk3#ADY%Yd|SO~@R^~X*ljz=M63cJQ)M~&@qAShHR;7lRI
z%&AU>y8YLYFUTRW7fy&BC&#4FB3ZjdljIyGot;O;lkYE~3~6Nr9r`b*L()F`Vf_^e
zUvfuwj#s@*u!h>iSS{erVUah7g&Y(7Jii4_Q>}u@6vXWQ@H>760Iar*wtFuZ?|<QT
zhatbg$DLP?LUA{(wR`BBzx;i)Y1HK63fz?F>3e)iF!ultWCMtk;Pm|-!+z#Lcgy<$
zbKA<5w{1Nr(Bu~1^}YwH5(j>?ClI<XT58u7lWl~l6Z{0=#LtL*3U+3)a!O{vq<L}_
zQZsXq*=m=D{M~2+KO}KIe}4<?!PuE^fBNm`KM&7QS0$7X!v>B^Cdo%}BTRLw0Ju_z
z${CnHF$_fI08uFDHhPVocgk#eEDLw~3Kdexk-N8s5)pEb`61UOV|fV^-5u~DzuCf|
zNd%sE7TzN^LOY4~c$XLr_n(CO7oky}r4QxwI(8!}`z-g1J>yen4n~EUK~?=facZ)2
zk_XXbL0UPEG|VCtB_%a%9@Vr;(&tE&(zgaAH{u_lJ`wR!8`{h${c__BEp3ff>WJjU
z)tPO%Si?XPg><;uFv3b@>$Lszfyp@4*Y8h=V{`DRz-O-qzNsIt=on0wP79v};*9R0
z_j9Ma^6ggOc9@U9zcw6kr1o9~U8cfbCCeb;=c@uYam_Y&c4iHydBG|Gaif0AQ8-s~
z#z3;#O9fSN*Ec<M(d(DXz5JmrI2K1i88qC1@ZO&coG=-ZWZY)Vm=u__^LV6NtM}c1
z#D4cDrEMxMi~ENkk!#?0>PNVA#dIGfc06PbT`W_WjhigP-Io7MUfc_F#ua8m&yYPx
zv8e|HtV=(&`r8*S{`^vRGc}nJB9?gO4~b>m#!TQ{dB<nkmt`aV#4jNtwF=~=D^`6(
zA(R~J=bIgoN?2cZ+i3Q|$=3Qxe^}}Jpsn(faCb-lgSXVrW>8t!!NG+dxo#WH%6u^S
zta);~_MD76#+9Y3Eg%S`N8o+6y~>^6z+qbgUc_PYv}eoEHgIqU&Tc=tYp%6=7S9i&
zK*y-LVki%bux%=%YaUM@*Ggy;!J+A`tv}Nk5pn@S``NnkQ5(wm*0GmxU=Pq?q0;#i
z8HrX)a^?Z;$Hu)V?W5j$TLyi&h_F3wPlRd^wW151xgD_M!%&y6>05g8I7wdo)0@N#
z+5VoVjU|7blJoz%Ilh{t7FdD1my-lj_cp<dufhxbr-%B04-Xc2wy`k!6D58qSza!R
zbk@<2WC_31%kX#iN#82cz_%(P;DyV3x<!M)m)=W2_X$1i(_6aKLM{lIHt80}PB~Lk
z>~YtRMp$}wcJ;8_%j<Hoym_eVI!tYWV%DScv8O#<cT!0>eq=Xp7CtkkmjCnB9wa}T
z)%wY9Rhc_V-VNxYnClz!{A5ee;kSwNKfQ<h2P?nv;`%R2jq)5osa;N9{+R=gE4j!r
zeOEc|F#FU+NN&pX(aosOTD=B=B#4aShS!+T@aEB9DA-`g!j0!N`ovf_7(o5k^3N;f
z$-%{oa3Qbb?D=dHjcU(Pa)c{7y~NMHhNX%BxbdP|DSCO|c?Fn6*F<&syIk$=@A<G7
z8SS68r+x0(3ZDtCWJPQQDLO&5v^jSb;8H$G9d(mF9+4F&lLmI=T^aNy{QnX6-eFCx
zYr8Lqg3=Y~N)Z*6svsaOAV`s>q7*5ih=5X+PDtoT6G17W5IQO#RXPbx>V#0Fmr$j*
zP!m%2h~k{<`_|g~d}m+hy3Y6$Ll_xxjQ4r(=Xc+a-;+-1uQ2wo{XDrdAE4#Cyg3Us
z2{E5Z*W;1(>7+yr<IZX}ojC1X^d*8Q;e!_G*)tFa?-T#6fI2^MNDIwc59}DlD4k7x
zk4WAqtA`R|Um*C#nG|rN)oNp3!0>kFrr{!{&qG$0`D)n&Rjd72-=zi0nSpHAoO7tB
zj2~}V=f6C~x*p0u*gM%V&=AF-PL=BAwO-x5zJGjaBRf`S%wB4N_PC?Gu71Fw*$|u6
z^(%lhv=CDbPQRYavNW^#qF-)qLSc(CpAV>`d7r#0v1S>8h<-)P=goP;uD#p;LEz-l
zQpjykdX0OhmQUQ_%_*i~x4-5{k@(@ovYrRQO}WEuEVM=0R-9rwXwb0?-hG1VO>h5}
z?3+h0gB&}IGDK;N55%^|aCr>D;6RbZFtuGUGm-v*DfCmJGR?amib5@hppl|M@bkl>
zs*`yhoE^6`2MIsl#UP2O!9uAhg1-HlfEFSeC;i$C^x=?cZ2Nri4(PHe4kilk@rsr5
zzBUe$*>fJm8;|Ne^{P0~*=3)lQk%vk8tp!}e5{~o7ei#B=rO-S)xsmose7$V=$svH
zQZH@qlaBCQnYdtg{Yg3P9E}A#HI6&Csltrb+|TpfJt6n*1{Mf5u<Da6K5JBFLz67U
zDcMMU;+Lw(*lMCkKmFiyh@LBdcN92%<E6rmi*2aTQ`$>eV8)Ydi&CUCYP@&1)fAQF
zl0w#ur;e}wmCwX?{)XHg`A9m+8drbZ9K#(kN0F|k3og!es=ja4Se5<eObqYZ^LB3Z
zT#aK{dw65R(+6vW%PkpIPk@9FbtG1=n(mZ-CKV~5S+z)SqfJO4Ihen$f`)XN*8psY
z*p&b>IRx%+mMEq##|eTIX^`ag0Di!DZI*R^JtDzos*P@iBkUD}u;jj;cNL?>Melvn
z1l>i;3x?iz<+6U5C^`gs1{Frwt^1y0pQ(Mt$|bewa>FA20RjSElQH{gE(fWHmkcye
z^JcYq754YC8W<=By(^(!lYKM*KliXNw6Z~h!!*>z`INg|qI8FZ#SUw=!|0>|6?QQ6
z9d2bzvH99TPV8Tb4Iaq;PQg;g_#cY-n1SB~ebMp)o}j*p)oIMB2|lde<k1;A9kK$`
zoK2LUXQ!H_qHdvy4+6f!dlz(e>!(Bm0TI+q)V9?j%u`WfP{DiLPwEBBkNcvI+Z$e0
z6l`HNO3Pn&SFgFl;2$7v2V)mA>dGME`Gxn)0QFNyxVwlFb&L*0&EphQfM3!JVv0Dp
zRzHw^OV88B7!0YbcDc~XceOaM!LY^(Q&>%`yq9kBX*g3}*Y=wVT9xo)?@A&S_?rQ#
z<%&9D1SiNRetbcOo1doqU~MT<d<dPtmo9JifPQSyZ=>a~>l$3xVXZW_63Wna4W>nU
zsCFpcE{(;{3*_^{V@Y(tGrSLG1Q)w%4ouM8Ax-3Ju98sVRvLXPFb|y8BHCfC^<)dp
zxhN(`dmp%95Jfq#R|sr3$q|7gX>(H@uE}@Zd-rVj8EtmiXz!YxqC5CWEOmPaC|w-{
zYIY?L8+crbD#KsK9M?B#g}b`h4it9OF04bQ*DBj=tz@eO8JlV4-YdAhNOE7FCP<XI
zC&6u}?q1~e{!F#-!p-XEj$8-wP-iPDNT@xaP6Tp;u<D5yFZr0_QVv;LO7!&^*dJnB
zd?TZGp&r;i&Cj;~)G7Qq?D>&qou40Ez&@w57*`@+ng31z{FWHI86ZRY(Bv)$TqwtV
zvt?(Oc}HGjntJM_4e2~c$@L07&2s!|(xD(}&oV*Gm&gcR%<v(SD{zD1F5Ji<Y#5FL
zt`ZP>)KBU}zYtJ!VN5h3NN1z7VN#aQK~mz178VeT1U<{gh44$iuTsgs^dui2t4NA;
zyjg8aTfx?;|9Q8mSV^u?&dxi~_mYiqCa$S2zuT#DGG{%#_9NrzH4U#<H}4}LktsV5
z@>+UKq9Rrb-&_JsD|SktUhv}j$!UId%Ghtx=M@z{#X@ygz(a+HN(34TJHaD$Sd?7G
zGCeW&#Vf1pXW~kI!%R<g6GGD;*PFS{7WT79svsb51P#)bpVrz@L+CQ>F*a39ge3rp
zPn%4``v(}Tw8}0nJeoir>v>Pslr=gxqj1gBVGjyImBY)LZ3mTzKi_}+n$-3E5}}T@
z&|)Z`xY^Likg*}@7^xoqYTyDi&=3F3Bd@~m#h1PMO<VUwCW;i=78;wLX9Oc#0zDHw
z#V8B8?5(GuCWl`D#}6t8{-Y)b&<*{!ekX+i)iSe?YvoVO>18-xwr)tX@J#8v9;6kF
zOxR`gf_AI?vSI>n<j+V2l*~%{Q-wwo6-i!A>ZL$+2DCUAO;IxEwf$fau{tSn)!eT(
zoJW6|qJSFs1p|iVZ#KVlr(Vn9?TQ*((3WB4#3Q)18$9Q8Llr&MQ6D62U<#1O^F0ps
zBC;uEt6v1_DohnJDd<UdfeCD|0nYt2naYbK!BMyuyc#lanTeOVHnePu^;tx-(54j%
z?e#IIY^Vrhi#L?jLZ_=tmzFb_=h6}CW?;5n=Iqo~sMk$kU(e9;XV?}Kjb9gr;u8(I
z6U;1<!n~0V0x~VGcL{C+B4P_?_2=&3DeB-(h5cr!C>Nm?CNzTr=ej6QhQ8TC(;=RA
z(jHkw@?%xwI^T%C7|nh*1T^FxsCFimxpZ63evX(Y3BU#`GQIe8ysd#zo!(y0WGZKJ
zEjptBNW3H;{@Ucuz{!{}>FRKtl!M^%t#dxSe<{3U@pcM6Nq^>CF{?m(Uv}Vvx@mf+
z*4Wab(vzNH1(%QIm*Ba+Hg1mT{987ZJf>M!gQkNzE%t~HaZ+TP4{#`T`UCB33-!8r
z6-0ZGS^w;EXfU@-Gxl@?L4H9ae>~$>a=QLd*#a045m(2?s?*b-N0zTyGo_r1F87w{
z-<37vP|%k4Hch4p@BYaUq9gG8ZT)G<U2=<Q#yZd0<FN>Wb!9J=!0@$_-;%zIwAD#x
zTIgh`kB1kl_`PA~&?K$0L=b59TvQFy!kLz%h#aN!zs_wM=vOI8mhsDoZ_}RF^0H`N
zBG)kkq|+lN5_457xopXsdol4Rk|$)8{Fbe`DtNnl%Eb$h&ZC-wikhOnkw^AcE&Os$
zkO+^h-O8rxnz%NRI&Lbpw%PK-D1XYwE`sgSm6WvDDbM7vmi6-;&sBWYzB*pX=10wP
zOdJQ^;n(3#Re1jdMLv&k;eFOZh@Y3tUg+6cHP&DM=I=uR+)4Fc8oUtSF{ioS^Jcs}
zg#s8C@}Z<a{v1767gS`sSYMm`ck>}G*RV;GB%or}?RVNeLIcvw|23NPS%5vAwEUm#
zD1a{b{@oiox+&)@-Xr#HX_h=mt7j(eqx~Ze68G_QtK0}{tf4HvQ5mPVDvK9e7J5{e
ziE__eUlO7;0DHg3uhRi;Dcl#Xz7AeVJtE?vDRf`7m-q9+_DT$KsHFNnOG%&M3MMa-
zxSX~HOtAAco9_?A1#Ri8U*9d@TE+}$Yp&&q&~q5aZ*-GzY=rd+;v+w+Pu+F*#UD^o
zryv#=chSeEcWlE0`YINE_vZvtsTFFy)HZ#?HjmwGJNfkn_q*$Uw31d9RyTjde0Hu=
z;Ux`JERu+G=TfjLyYtUlAHg2A^CB*H%)wx5f;)nz>K<Lr!4x_Y^t2zV5X_%qB{hMQ
z9)lXEkXlao>}{aJfis7b%1kD<8*UI?THYYI-to4u@8+z}2jTjGN2u%v*#u{xvBblc
zDB_3I1JyXPkEiewqZSJ%vyhqaUQjOmYUn`y0&of@tJ3U?OjhR!8~ujP=6{`IehtxQ
z<Y+;%DJ+ouwuP2OThEzum=JO3MHpUR@<8UrVNjoe*6NZ_kdx0WtYm?RGW=xdN2PRF
zq%G}CR9y4@9Hpt5YdHw+vU-A|Q<dKEHTl_Z-;W{92<@Q0pk6KQ!y#`c4>E8%nh%9w
z;A^5t-~A<Pp8$kGtYyDE(WRc>Z&ws)5VRG^*#_wKijpY*t+2vg(qxD1TAbNA<S0A+
z(}X3s7%3u^fC8t3Mz!3g!!8G@OCNS^2+HEbdSZjXMZpr5Ct(|B>bA@>kcYVk{x9b~
z6!yNtfgeQE@k*y|K7tc?nRQ_MA9}CddrkRpGiuc(I#1i%lz6aR<*pYaXumegRzGF_
zB`S(XbZh6ksbiJvnn_~gVHhc-5J09svFeWb-SNOZ8CRC!gv~C0<{^RzyLvw=PM71y
z8f~WyK=hc>Gjm|SIY|!5wcXao#7R|qjRd`Q9Ov5@6YPf-F+n*$;_xo`DY14;{kdx%
zDF-tzIS7W{>|d+;wiF2haU!)2xA;8|9qb8O+^`=Nei|j6L*EF)JBe4xuSI7^YaVRx
zpo3AOGEkr_z>JI#z%Iz<E#+>^_0HBye$klO#7L;CCj4TAfHT3BKM`V$@)Sa9N9@3>
zp{zVU;Rk()&WkWC+jG*==B7Pz9vkiE<$*s(j1ngFyn+~fy<zpF1I(<)i^S{|yx-OG
zwphkaBcuDK9za7EXr4rY%sPkmAOvVCHawi%<uX48BIUs{LG8w_KBR5-AF%s(=EtiE
zLR*F|8|-eD=3jL;(WF(37(MMOcxlxWb_YChXgc194}&S8phHbU7X;+@>9HeIhD$Mb
z%|%{j@9QB)ihKkOHeYzz9Y-Y*g`_s`PIr@J)nPTeU7I8Lj+L2C?p9t?;x(P^O;TCR
zV$DLMPooeCes2e2N#D=Sym9;tk7(?nnDZ1mi_SN*Hqz(Q&61nErfJxq2Wq5)A$I#s
zIN}aW`amezaBFPcq`&pebl^caaS!4K;v|xY1iIzd&3h0NFP1%=Wg=Xx95;Ib3??ps
zVfyc`!-%BAL$Mw-RA5r`{j%VY7Vm0!pQvdS3kKNmRuS*+?A#0%qY5IH&KE}Q@gG<*
z`8^_x37hU@ijeftxEuo*@(#)Ro?@Qy*t@%0V18`P5{>@h)u0RlO=1eiLq8z$xL?l>
zCVuicM^?g}*@MiookxApzvfqD5#mc??1VRu5LS?+X?M&jEJ5~%C%*3^apC-hZweZ1
z3qX{dG!Lu<CjAYTh$(Ilv*tmb9fEaz0bO>$xO*c$1GFSgFB3|dd07@iFaSfCU%oD^
zOYT$=tATXdlZ=PQoZk~7A#8<t-trudguD%Ws}Zu2CMOl{o4B|`gVclV>usIbl*eVJ
z6S-R8qVvyv5e0s%cR0l_bVft(7@S2Po;Kxxyx1i93FL;{eYk0ZTNqn~b;+D|yI0ac
z3=qC2#Z219wm4p_4eTsy4|Ezw<5*>zxmuRAJ5v}EH!lkrf2i5?+k9C_iGJJQx3kR$
zj6GLHML6Fg-R0e+_T_sfE<m%_YxwOT=PN!KfitA(XN|kzbiTKvW?v5+J#d<5pFhXt
zz~fTiSyC%WJs}&5Q1JT*A{}a2w#0i_AIOw1j5Yes@F5?x<%66s-%7Q&x4~%zoGF9w
z>nY40vZi4@$X*>0*vPK_^3A%YGhfF~m2{#Xz*v27+9^=ilHEiRm`z#Co064Bud47m
zN!zFjsUpk-%becVq8bNZ;m8O5iH5}2xP~9laq&d(-gXxtgXz+L8Rm0MGEZ~8*@lCG
zG<`I1u?oa1xBP4>;Bh;!a^j1AruXxCoQ?;oDxxm!vhc{ih*|l>R&8y?>sYB4cykWC
zldp#K>@{(_05mc@x3Y&{#gtmFgB<5Oe=^X3d)OSarF|aqI6X;l9+(C8z#;{(-YE9h
zE%6k&dykBGWquTjA#S5t)WY`{H(@nO?`|0Ul?jSNd2+&@TL1d~)H%fww{0KheggNZ
zj_yN`8CZsmz+v)3c2nYwLO1H}s+V8p)-7p(h9LI7Ro;nXF^UO}-@ZHU!&Og5G|t=)
z<@7yJGH@<A^<bf%Tc#o+G*9JLKAPV|+I}~rQ}gP>;{AQY#>GoC{;Rl_6F6g;hIbvJ
z;!kh7IEO=}hE+^{sB20yJY#bb%U>$xYvjIcK>m^rAAG}ewBTliz`d@nLDQ(E=ZbIR
z@^S6=ouHPu7gcS>%g!wAKfsFEPJQT1ZJ42bDnV+XtC;!HJLGlJM45ZuWNsVr%IM_q
z@s7LT)7YA2;10V!V+0L3jQRQI7V(ON-=i{k^$y&4zEe<WTgxqSXk`qXX6sCYTiLho
zDb~v`CvB-VJ1?Q@aJ=Bh`6NhZ>t(b-BB<2>fy*dJ64VURxcYE{=(tvqMYO@yZ1kYJ
z**|KS%x&Bxx#olGU_Nh%uc5a|Z5?~Q$=6#WcCo3mdSly;Yn?&l1|Z$o26Wc8Yy(bD
z{rckg?N%X~yf)N2mNt5I+V>kN{*=O}Dd4AOb{UmeXiC20#Xi{`-B6k~!^P(&Vm%`t
z4-+qNHSHsI9wiXt^5buYN?Y020#(UGmuCd$^*-joALy7W=`Eq9V{Arw+$Wb~a95`D
zyw|DD3A|qFY)T<*J1>LO0v1|-UF5UxcUw&m9i>ZxFeTo(al}vR4;H8Lyynaeo9~F0
z5~boL2@CI$^7De!w2+LB^_o2<14t)Yg!J49e&LX}s-u5#+K}~9PT?!O&=6DVykP)z
zFWnM<|0(W^9cZl&R^mDZK@TlHcUZ)u_WzocwSPE7I$M8ZF=l^beg}jo(<VK-r-+y>
zd?Dy4I?pXK8j;9(v7+^`Cu<A*^ibp~)JZA9Bxrk&-)Svx6W>}4Ju&w1W4Zd$E@}%K
z(h5H@s&2gfmJEjZiNiK0#Ck}gSw_TYUATbvv5Mh5zgVOAxRZ1fidFkpD~aI@XG)@|
z!H|&Gn~&bmGchaH9~^X`26FL|!R%XvFP3_K0{Q8i@i`?1x@TThRC#$NR%S9@6=L}O
zv2-6Vl=wY=TdSF;0p4sni(NS&7MH!$bXY2Vqm4$^syCqrx;={(&|H(zf8nM@kj=CV
zyid3dU&ZaV>Ld8apA{0n@nIHf!`^x3RG&BmFS&eW71tuTt8vBo?XOEOgV6Z-E65)M
z2^47j`%aJvXcU7oyC^UO?cL9={*<7v82v6@G4wu>^Wj%8)%ck6$C4d&&G{j5;uRsk
zsB5D!)>t-P@WD^`P$Vo9nC21A{hZ1wU<Hp_nyuZH$yx={PD!nEzQo&QmqtgCHA@T2
zEwEcVkpT$<ym^pq5Xb;JSs5?3QGva6%Gs27+o2{zI=%wP9uO&oVVj2Lu*_9a9Nw)U
z?*$O!ZsdUGb<d}3&*nZj_rYyN>$PTfQG1YzEn5%l<5XuyFeUad7XaMb&kzKq_j^&1
zm7BD5sKQ0tvu+x-jispk2d>S;l&tUfPZqdxYx*0Vc#qmFo3eC%VVH8#335taF0d~D
zJzM#^O+1A@bW>}}s(HVGXdUi!Q*`OAs0O>8QFg<~?KUoP>HJOc+L;pxdsl$<y7ItM
z79`daZgU-@V?Xd?wx=KNHa%nL_Dl@i;QKa}VV{rpoqKUU>$Ol3zo$kxqTB}LVO7dX
z`ciPn5FX;|#a^-!hQzD-(k*vMCoG<n7XRWay4$LUa9ZRs#n<!iD-Rnk(!cd&CVGM^
zHG*J;3#ivs#Og-5GsL0(Z{L(**ae`UEp!#e`D6%YLYyDr_Zi7vDEzXM7>~$!SP1s}
zY(mg_4N6W&N93XlAdxX*kZlyhabyMzKSkGjY={Pw4i6EXC(g2?G1vEDajV4ELGrh>
z3M}BQYPWFN@w=_g_)G1gAn>_E@XZD6$Y2S*AmyV981SgCfW=yioH5}U@3t&!N5hEL
z`Cy0jzbf+aSTxPcg)0g^IGtSpqB3iN=U{Gv(36OWf0c!R6fN2fyYAD3{R=!6Yn12=
z!MbtzZk*kv{L-K2O$Vo%#bB)QAn<+Gu?xEkn1SQoMw!q9L#+-$b({mnS){-j`OO&|
zU(S1vq1L=p+M#*Ws^*P4((R)ARisp*dKzDf+4{<mUmEdwmN(F8r098&l@00?$}5--
zYGV%+@mZ6*b=p_JI?VOz-FEPudDO(-FWu-%xq3zX{A`@!ogDmgWx6rv4`qeV0AAqg
zT#s0qY%}L68=lEiN?ic}5^u3vPlG{MD)p~|3E%Y7zF(1U7j)=3^em3Ajr;rwkL@T&
z6qaHjbIr+!r|oF=GPK)hHeQK#4H@{@lVB)PAc9od(_1{jA!v9hZ-|O4+!)-teBzG|
z<WBiV0|7R)|F#!x3I`ZhCZtAdzHL}LfWdE?Rp%k>*$kZ_v3nv3q|lAmHdqa<4q$lf
zuS4lN0KvO@Zms+PVZRT@dp5q-L~yp{KCXl`;Y`}RGU%VYRbTvqyUaw~I^s%|R_szK
zGox5HQnvy0P^?yTXK2mF`KZ5GNA6})xKwUUk!8>`?)$Rmvsolx%tlnNP&k9$hP{$n
zGX&2y$w80)yxsLK2@60=dTHj+_t0f`I3%C-XT9(2)S2E@eD|Vs`>Bsf7u8U9J8CBl
z>an}-KF)Xix?Xv|lGLUT61ifyXteo3_28g1vlHQXDSFCyOU4S*+tKhy(Rg|SV@qz&
zLE<paAy8rBlIyOcssW+61S7hp^;3Fp;%}tg<PXxW9Te4P>21O%D~(gED_8c5r$Zkc
zUGlVDNq4&T_48yyz-z`FZ709!x2T}A-gYOg!;}4;*I{7jkV={3rq98L@8^A+{V3t*
z^iaLMX3IP^aXdUn6r1!-4Yz0f$x}40+6+#HXvrJb{X)yXEC@D%>x$p%x}R7=>Z(h3
zl%=j3fLucL=7MaCPdO*z6S%L6?yGvs4N2(I3|ySJqnNWvnS-wimbMb+eZSDIbAR-X
zLO;Mz@kTbe>QU<xiu;auKIoHs<YsM`6C_@(5}zp6dz|4u{2HC*c%?_+Q~OXS*>6<q
zBQKLZ^7N{<ULSF^6pv$WSS$)H*yr^C&93Gr-d?YC&4i}RivBR{Jg+W~lNt8yOAC*P
zWQH9BmHN1udtC}5CV9nS5<u7kE5-$<qKc>6(wKiE>~sGh?7Tk}Vs1;A0~#H5VvQ61
z$i!P`p+K#JRXn!USr{IFH5pO_XSAoz?IMKPuQuFCKEtxpf;-(>LHvZN2C*hAkQ-jy
zJ>_Q{&!s6&$2Tmme~Xl?*5dk{td=)>q(f5Zy`uyaF?xfXT_O3-hJ9$@SIW^AqPFmy
zQNY4Qprs_(?2sX^F41`943|tZ?e<4;`r%mW;B<xpS^Z4I{MUNICxnPEj@63T`aE4=
z>iJB=$+ByK;WE8yawV!vvNjuH0Kj8<Jp<~RVvZA^<mpujJ@U+PUPJJDixQ;@ERD^*
zkvvX^#b1yWmAR*Yie5j!Y90M&pVI7C5O4OTYf%02qku*oNVK`7sjB=ize%*FylCm_
zhsx(;baU~}8B&R3v*}N6GqEh)iQRwmpqQZIRdKOmaXfwB=_6lXMcBpidr9{0UYbv_
zE<r{X@+YfQq<I~33pnRt`_mtBG57BhMgW6H%hHW~+8OHjRKpAr-VTdg-%lC>>K?ee
z0QT|cPCg|$Kota+5WfMs$Rr@_KGQ51BT+2D-nTfGR)bynBtik;>mZ|&vj=RU1Z~me
z)iWkaAD0wGQ1Dlr*AIXwFN@0Ctq<h+O6F(T6amsX0dv~+UR1yF+C5aBG-Hpd3-uig
z5p&vr$##x(tO5tv{UfK%B>}Ez#$4R2us=PuvbA?0ghg`frA#m5F%^s6ASa1Nxz;0Y
zn_@THJIt#@GZPY>*=iX~?Xgj*t8O@B`{W`zqqvHc5Al1_;RjU<lDCkgMIW%m2_KBG
z+=xozph-RZHB71G)DCxe<#tGnz;<IaN5d_C-^Drc52kuFD4_ox78Ci%JH-K88G>q&
zt_7xz@Fy<VYxo95e0rWvse^D23OuBvl8oP^aQzH2s79Yf$y8?03v$h1lO4VXq~D5q
zIL-Yac-q#qy<wtfnj3WV^_C^y3=)fy$8PNl{!s5ZbAV;GGKpS)-)Pv+#B5I!cI@7X
zU#rg1#rMbc$urTvVE{=e6SyxhCNy&blhTh48Xk_D0lZFJpu_;)YsP!V{O+ng$xq1b
z1x^R|PiOxy>cHrYKah-(4Zx^V^t}ErvLzEeu(}-`WMW;W5%uW`-lyw=FmF1M7op`j
z&^mq)D#l6Vy0<^n_f=}{x!1gqv(BfX-N8?$c^T`w+2%_x3qb4dJ|Hmw+AR<3(gWws
z?q`qeBF)#jbZ^wHB@h$zOSk9%QQW7Ohnk+4+*|L}qb(5F@{_o4?+T=-lAm-yiuYaa
ztkONGhdt>0^2Q^uB+bH3#T7rDOor{&PTdXOsQKZ4DDgX(fYZ$}Nw2RwId`A#<k8}T
z*viCHQt)MXQ`0*G@d&cgK6)Id+0=o4XFOF=PtYSZvgs<1B=&3hNokunWDloCXH6`>
zoFKDK_O1A}$<sRwcv(G_Z8-@AuE!}zk3vw2Ims^ovP|<giyjMf=u+>9D?(G`Rm<#=
zxC^|K<Xh!c?;j`DI}ha*_j6LQW3C^|$?h4U<-8tQ9@G2sR)^|$ZBHAQQL&p7@1pqd
zLrZm=Bce}Qd6`S=$JX`8V2IVeew1|i=1Ao{IsrP;u8wRs7diQa6@b3+S&;c`y$24M
zt(G_t47=zZ)!9-T(w<G;Pshe1`5b?{zOLhS(kVw-ag*}Bi#Z3&mtulCwGvfKq3!sQ
zWxd{=++0*R+aT|2lfx_5V2KM08sG~g(Jl4W^g0FAmrVWZA36%t@CI37X{kKev3EBd
zH1U|K_qc$eJnoH9S9RobZ51D!2+A<2!_cAtO&RcU#x)6E*eO*#ei+lTxm4YM2Q;UJ
z%!77x!!+lun~b2E*qe$VHdw%xp44v)qFO*4pSLyJ_x>F&g<9+ISZ`JD{?a#w<vi1a
z?;BvE_pTt&&VrL=xx6R(K`-6J-7VhzO^;Na`I$2N%S>V#!m{;A*J(SHU#hJpesr3_
z@f9@}OFz&n_{t~W`}xGssia#_#tj+K{Wf2`?2rUc4N49k<fd4QlsQ+iBe+3l{bn#=
z<lpG?hEBj~_6RdO6!MV$@zp$iGx-7srJhU3Z=HfCn>NT0OgOpc^md}buM|>SJXc7M
z)z;p~`ap#-FCkVrSl$=_1E$_2413m^X$<7)CV8QMGIeg;OkRaWA*{(Ky@|$IU>_Wx
zXH@eVm{$70r+JVljN@0w=`2b7W_u&r(Q8;A+;5NC!Nsnm{|KL77XBZ@=W95A7|v|x
zt=8f7T_(}#XpT-)4xD=)?uoa4^4qX>!lsb{I;7hpd~<Nat#ZNI+Qg$pf>_dlHU`KR
zCGIqOj%pk8n%gH9eL=UcSYP+*dfafOo@}~$#bhMC5AY=QDw)sy%i9Y>G7=LO<lN-a
zYg<DzDMQ*9d;LYATUf%dzpZD?q_PklL1{3!aErK3>C}MCx=c~N=@eDmVEd*8vSdpY
zmF+rMm3otYTxN7i<oYd15IAALNRK%uQBBG*cf<wAFyMtbka7R(*oDuqh*dJ@f8K=H
zG0mtm0q^a5Z!zndOk0j}bF@^s9a2EJRi-B`yd=>x`U{xuKyLvT_0u6MS7y~c8o7Z&
zzyJq{6TqF9x~1VcExmx!f&xp8XLA<e<oTM0Sv{e=!4_U$XbDkb1ktd*>o}~NrBgp^
zE_|yG9ZpbJ@zu2IXS&nx+<K|j9x}^~EXL>KD((|q&vmvo1MaxlP^xrZ(Y{aOJ)eEM
z(q;})I#3xPN{Y0Udt`syjiTjc!^)vaK&!I3mt<ro>2lTz@RNDdq$}R_v436^*c`tb
zbfUV8hJz{0ZgKiugr}V2O~#~i#otk<WDBSI%r1^7S?N~v{DYbwJUeFb8#SlQSnrB!
zS;bSz?($iuSwWzMZDY+3ie@g*M2rO<ke?m=uuE;Zvci~`4N1s2BWRdz>_?64#!=TS
zy~^(UR4+^pU)sY(hx-yWBUfUcA6^kAof(B|5jrBk>F^-e#p&)A5v4nwsOzu~hp4{$
zT)C&%T0P6!A8U{w_$~z7clVIw^nz0vn_MT?a|?(jbNccGMsi66T%q@!XluLx^sNT$
zMP$b>haQb7sCidS|C1~faMdj80q#ga0DEar;LAEOYBA-aY_wbP3oySxe^&Ot1Lnm4
z3Ye4r2F$0ZIjpF7yA<@zN6z09hMcwvqOI7;-MAIQydKkdc)2R1?Y^QG&BKYfJfrl;
zXO!5p{Bp4Qw%ivbbGDaY1d%|a?_-j2V8P*0cpkLqo{V1vAT_k^-8Us7)(Y{sO9p)J
z8T$|6U$)sDB-&m$JG<krJG^Z<```I;hqp1FIEml&7i$l)sucv`ezcleJ|EPIA};b=
zX*jqZLj)2)w-WV%T~3cKxyGtFc>Nbsd()fRv-_;FEh3u%d3iES)*ri{g`F|0bM?P0
zg}5tlfyZeL{s$;;SYy@^HO;6BeH0LAG`o=U4RN~x0Lt6`0m||Bs^1T%4sZ-^Vymj_
z=MN*ejvMu%=7daNETD^P+&th3htAePGGp6Sbf1ZATpr&|T|_XaPSHDhGhG2X0IJxB
zfjUqr2kcvy{q2#%08f2g19@`=yXUaMy{p%A&{zG8ck=-JIo<D|4P8aJa}pb7!aBa3
zDCeMrtZyt0*Bd51OaZ08G)A|K4y>PFu#eJ7ur|49avl~~3H9W&#mSYDPQF=+p1uaZ
zy_EQ5MG(C=%RTu3>b?7Naw{g9Op)u2&l(P*=8P{1qeEI~C^@IKB9PVO;G(@ua^a_|
ziBS8pXsIz9d-yX;R#^C4@TN+_T;BE^L9C<lHWjTWe@c3IHveengj@|cJsmJd4A4}n
z4f`9Vq>0E5T3izR!;x>~hTD4=!Z7rX=M{NUJNX+oroyg$-XvFeMQIz8=>~p3w!de$
zI-lCO{Z7%{!r%(n1gCH6FcR<H@eMD++k9dnZ8#MfHmM<RVmeBjWUNRD;cF)Sba6CH
z+BW<O;R1qcxIM7%ix*-9%!c)PG}ag1dhJ?#J@ts*_fQ(0nAEqCh%gx9^*!9|f@>W{
zViLi~r0~(O+8+S{qZhyR;foQ`H4ZThG=3)U;PtP1mJe=?U@B(gpm0o=K62jq!wBr+
z3VVMOUc5PQR|tl?G=ggvfk+{y9p@L);B_q^4^=N65APM27vi-z{c-F2o+@F^_>apS
zz@~0A=3h$EBH3vwN$+C_DDy){Bf#<<?x<e9zz8mQ^EWE~ruFm8np!v}k2;l2YB3_a
zQ1^#|AA%1y(6@Zxw_77Z$jc>Z<O0sY#V3Qm*&2#9m2IFieuWlvTpK83_ly>XRXS*j
z-!`!2JbF?)^^PBTcSL`i>ieH80Z(kXH%@2>u<MZ(0Dm7!Ci?nMSXwR>AKk@6D{Q(s
zhh+6JEM?K-&ySIrq(#%L+`B(d77LOLPTmun0%p$JsROO|G%InXKXona{|y$7Sh+LN
z|7WL2k<~9nO%FYp2x)b9v#AqQq$7%M)LJUZrPE8^nnZnNL9C>JL!#uNf3`~$Z8_f5
zQS$;sAriiMrPp`bJsoK{@rmwVrH|c=^`&k9p~7|*)en1lVwi?#b{fOi{qH`R4E>@S
zxD9`p(a8V3TeTp+<9ff_*GL^&A=8xZ$I48#(u|^~ySg``pl?5>MQGaXM5#GPTZE*5
z!MXbeKZc@`!Zezi4MXM1{{m|!@F)V9bcwUc^l%d{8+D2Bl!=-Ll$e{!XzQF5?`aRd
zff)7__M=l>IH)<0epPd;>ULscd4KQu0L$D&b8;0cl49RxEsOa3BNmYdlGk{SXa2GW
z-oWnO$xqXtOXrWe^eh7bU^7@Vrrz>~m1$?I4Y7rm$faAd)mjtQhJ8)eR*w-Yspt<}
z7iGUOa~=zn`DIDvdjFqs<B7?<LU|!oBM*iR_Q`8LMio2f`M3uAJO!MB#V4fOLH^t^
zWG7$UxnEAcIRmC@H9NOidY#D_dLGXWaMnn4Vc#pS7!ZnNKPs|**5Y@$6K;FG(sge1
zRB|?F_0mH<g?}zH&<fm%cVDA5>;>#~uflgWnNzBNE}Nwl9|;@EyhrAI+>tpS5Oaj<
z*tD(mIjrCA*Iy~}ZesqhIQgs%9$q}X-?Y%$giap=goHtsEadMpChSi4iiOQ}9XDO+
zZkaQkV3H-5uS;xB*(u1LpE}kVfP5SF;=hVCUz~as*Gl+&&s=}s*3KcVxj-E7ujzTY
z7gf8jU5H+fQv>2IejmF^oZ@>un%`dV)HIf!foupaa-})0qMC1K1~h5R&`0$&S<JI_
z^+t(D1XD8>2Pz8EQ+Z@jTH2}Pb^lmo%_FgB1+)f!Omh}`lbR=8nW*}<j?#1<{q0U3
zQ*E~@^?B~TUy4Q8Z`oz<8DNi+mr)jIbZJ;g@U8xH5|Uv+W9XFxb6~iYahPVr0Di4_
zjTh4)eL6*GZtLEK^sw-8-MGUyee(iV++hg!Eb+!G>5h3C8E7$0;!`p@<y!q$of9CM
zlrO|%q9i-ga(vq~1lm1DA3w(Z(K8Qv9x~BGbsO98Z{$~teuVSG$Ge-m-)Uqz2O$`g
z)gA9A!E)~uBIiuR_av(9N;+#!1Utj7RJvazd*Y+i0uTJ8v4<r!w#dx~Rn?O0V_#=<
zE$p<;T^!q$J-;08d%PWgUiU|T)aIYhbS)QHUS4caY$bO*E0<oKbOo%<&8RjFgroIK
zk}=ljuXl%d2S)FDyR(y65l+0w*<}$vfo+Lc!8=W3iY3D;&KGC8*;Bv6f}BS<Vn71)
z8wrT;r7QU|ZzL?~uTOZ!BBdvsBV-uA9uM<W3wBm|&tnTecB_(`OBMI6IyM2u^3UBS
zUiz;vWT4l|3A90`Z_efb6gwF6pgfpknwk+C8oyKNupbb<yP|lH^yivgxeGjYm89_6
zG`r5PWUP+?jQ5}89EbR_(!PB%S5~u$d>qf8giMP1<r9B&<13sF{3j^<F=Va!&++Wv
z)Pfg)D%^`bYlGyG{5MCt#4_>mDBx)CT03&IkN-~`?N<{f2QmS7IRyppXp?^fSb~d#
zDcN4NXLy{XDDrv|c<8Jxa|2!n`?vIilPJ-(Toppya^%mck3_cYLi;jHqSwe0A*lGA
z$=~~T<8PSz)Jg3EZjb!lh8b~-K55>HL8e4Kp`a*Awoj#O8WXSprEu2?MxBhz1n9sH
z%KV4^|MzOaRZ+Oq;06RD{oAR2NAXDKrfu<b3sl1hKk#k=#H+MAvOs<)nX+P)@<4gT
z>)c@PhK%kQ!2Eq?-F;-|$Mp3IPccCtTOvw$J%Db5RhBK3BwNR>I2N*cKsA#WoNx%B
ze`BwP31?@cfrZ`)TagWBypVx@Quy?ENkpq96#4*x=@Yyvh4r#-ha(|7@+~&jlZ|r^
zpdQ$fwhr){@*pkMQimB1V$PeyAOC*|1`;NUKEqGE>dY60Hp&mr=o2yD3NH#1Ph`Bz
z+~|MK{ll=T^3P&4troqJ(4F-IDT$w9!Z`Gka&Ys4WL3@EewpnI;;z(98Fd<c8ns(X
zT<N{h5|Z9<&oi}DXwA1DzJ}$wT;LhdbOxknYVV3ORA<_ILhaJ7lcn`_+D4X?$1W-U
z?`Ib_U$4E0sckKMsW4l7So>0510X>oo3`SE=lm?``(%wwyx7S$6^72u3nYhoE6LF7
z2Oj|w&0Q$I`pxofAshEEk-6~<GSzbx9@yiS2ZR+jHv#fG=vE?E>6}205dbXH;Y%rQ
zFO?>>20@7;+W+EKUx`K0LrW{IW9UBy)kNCbWh}TDiMbt2y#Qd-7x7L*t{GUByD`A7
z1dv!XkXQZG9-G2U$JDQ5YZSnG=o#`_#inyCA8VU56JzNzEj?dYgs%qhSRWr%yu<DC
z6}KiJ?Qm9l$@8%+|IANErRCFK1)eTGy^Z*}<LN{KdOL5}%+2kqCCn5%N-v!3Jp7ru
zUA*apo45z1@ApgGTN+1jO<|wsuXGE8Gfr`3Ae5et^Lefv?|NWO&}tQfvJ=2xpg>0U
zR5Z{VNbp^wWi8tvoa{Az)$n|fR*mwvlcc`-zj)MTFW7S;RVr9gI)_~(`EGD3a20(Q
zQ$+G|7p<=MGSELeVa4~namWj{PXSJ^{97;3`>hvb0eS%zu5*4^%`OPlJlBJV7#mnC
zC@1~S!D(VO_yEBJLptfP&2#Wv;?<IsLLI0FARvUvNxH+-v}^;TTkWs86t0gphSt&o
z+g>}klTn{-+P7Z`0Pm2qKmx%1eIZG;m+6ciU%>CTv<@!n?8rG_-mW(~cf%9O*LLHT
z=Im)%kDyk#fk8nuXb=B{U|ZrBG_f*Pf4OJ$xcvI}H~~V+Fif&6@uDa$AUZxLyqi^g
zovSk@)(?FhmazBeDtTG=KC=t10c`31IqL)dH+BHd*B^7F6v(a^rbX3l2;QR(2@g@D
zQs*Z(7CilzGqV!Qsf9FZCA^D(egehpG&6(3#|K+ZxdknhZw1N^ZYeLEGsUqnN!?4a
zo-nIC7OOfAKdlBAuQf`)$3kIpa6>#B%)spKoFMtTf3X$t@YNQ!?t(LmRzpPWxhqa|
zGo|gV++p~5KKOD`8|s8L@vas2yzHG97vgE3x5g??%c^raIIN+v{i-drz?Vh7g1)Y0
z7U8w*V4}N1LeLN>V@rCN9Jkq4WCGlp2t>(bXG-d_2*2LQ@@6WNg@S2^U}~p!YvKts
z@cO$O_uWCp6*7#NDxV-<O)oE@vkl+;l1B|6AU=;}%6qv4ss&F6R-nCVzMi<W2<U?p
z^Sy3N^y`%TBCFI?VRTlH+-t_4cQ9ONR7!st=2UWco$3VL%a=_b$`TJcjw8W+K)504
zypLXfg#CIrkZ$P7+x?luk#BwOf|N`D`1ASr3FVeXc4c~>V}K7G<cIPOc0rw;lx`PM
zeT^}eO<PVd4WToOqHD`NIf4~ZSB!sq2_%GFaX#IAZ8awrFWUgP^LK+n8kh9T@`*C#
zF*BHbM;KrOF23F2mNW_Me~}g+l#_iGbN@F^bcc8p=5%qi3b<V?ssO)pIJx$=q2lWI
z#ss_I`*e@1X)MJNLN)>IAAat@fR8?I|AmIybL;$j-ncLkZ+C6OMGmm?NmH}$-W;=T
z26B?&g>KpoKr>HO9`eoowWyfs#nGNl>IxOfDwpt|Tn09DR?%?1gdNt)>uO(&H{VW=
zDA_)Nsu9Je!uq<J_f%VpLQ$xJ6QXFtAAH~ApqIhZadM>Bevfhv%f{i{+`*%%C^L)Q
zik>2&pMlR~^)xK(I%|BMbb`Y%pMS*}Vg#qx7fSc3HgZ1Zd)4~%3=;F#^sTg!`nZy1
z!@QLkmBURS&hRjj8N*a@t#Uxjb2!*KAjFoXqKNca7Iu4~1QGo$Z$hrSpW}mYYq>_b
zEb+K2VO^<v$MY%aG+#e=(`8-{7`UN8z<#(x3<`oB=7-V~hJTlEa~(T^s59*+H==Gq
z%86nofaFH8N$w6|257dD^D`0-x7z$(J~(f{%1C{{uZtP*#t_+UOw%btYTk7BH1{#D
z&FAq>6!!G=$#gAKnF=^4<?Ehi4-NQ#5D65IM1swK6A7ja{}BmjD*%xonEF461g-y{
zhy(?rPl|tw1n*)(OsF#O$JK%jT2bu@$n%Lihwq$IaU!s>zlZ|H$RwVhVK-%m#Mp?`
zAKtXKh_BxDMrb0(I#6!tY(E@xDoEh+p0eTu1H%Qs<n=BSkRM=KUx9%MfUi2uVUQjn
zj+tvk!|(AnEC(~C&7C^PuB=F40N0&4$_l*jPgdaN4Hc(LmpTf$ydDpyi6<ar@9*zm
z1M!cv0JU&nqkN|@l_-$%rE};qI=K@Tf8-~pps?u$T3!?pjZBsgNujS45V!W)Fv_b>
zibCvJImKjb+6o`+{lM3kR_CJF=L#Q>njsuhi5<IOz?%--A8F?G{*=pll^eHQrk@x#
zMI?u8GM7AhN){P_TER{|jRd^N|MfAT$o<4o`Q~V<gFop192j_T6}@HHmn{GrA~h}g
z{d5mN`U#AaOlDU4fp`0L_&@EDqK+CqZfa({5snH(3duVs=>{O>V1N2sZWlWI-)$2%
zD5q=Yu#f6b&U5n|{i>1_KsN~UZoz--eq?{UIaS?*&U5+^V(zncDWN>kJhy9^yXT@8
zA^A_cY5c&&WnM-nyxKkGb>Atj_UX?vf4`Ui`=6ZR)q4F^qEerQDrMJi57K%~)w#Na
z+j&53cRtJ=*Vhirw3YOEeq0ET$H~@JWFVd<RoERjx%aiFcuG2abIVpe(QoXosxaxq
z+{ZO#3oTeIeqICJQBx*{tsVAU9r+J3!Sv@pGJ)nCKOOq-EtJD=9s)wwbnd)E(l}1Q
zp#CbRhq>j9jmF7xy^kyWqf%Z9_^z4P3Nr|QZn2z&#YIu~7&A?#n4=<zWg{N^ik?-}
zMDlVDs>fg#|KuP~+N1CDS3Uwc3F!Uc+lgfwwo1zR7kcmZfU3<+JghZR6H3X_PxC7D
z+Yb5_2z00@ZN3WR6~(UJQE<@#|C8vq^e55p^v2dgsu&Q_SE=tmuO+Fh@<TB7`&3IT
z*>U`IF-J>bm*G#Zxjy0-_%O<<EB;F%Ad;)D1XPXEAM}Cpk3w*8ggzW81h>fw!FGMx
zFNNUK<ckmfLM{Ii;J5xS^g}g#sA2vKx17iR+{oSO%Sa>QAyfZwP^4tGPLIS!Avx=Z
z;HDvQGCKsN);>#oc%|_3p@gK=y%~d)XsREAwX#MN)gG~Go|*!25`RbEQE>c@<|~M5
z{kkbkgFZY3IQ6*?C5opikMX`CXY&;mlAS}R)na?<`3>q9f-UP`OY+elh4bw~t*&l*
zy<ypL^zLKPP7QkQV>;ndZvtie#W`&L<{TE+)A<;9=-fWQ?or3qB{#Hupb@lF<>2v}
zh@jW$KKPS`M`4i##PH4Jzp}_M9JEX{GqHPB-dYZ86GE%L5DjZpxfINE`Gs8gA%C{#
zVjZ{OtDUv$O}FI5Bii&h6v`Y~G<OciEm%2tZ?E@s(Tv&Wy~L7xm$Po~eJ5OkG*Cj{
zE21vmr@lF%qQ<3pu7Ba58zY`fTE1jcBj>e5X6vpV%z0e)$Wi6;<KA&RDf=w45ib{i
zUi?|8^Yk!kE~8x+1aG31re5T^2=GHZO!Vs5B~vpQOUVn(>yZ+|Elc?xSC+{E3>V~^
z8W|8Gp}wC@&5|P>JzWKXJQhagHJ=p5-DZWrCpad-<<EZ-5`h_K_LKano$5cHUshl=
zku36Ub(gI^0}>FxO1%LrP4g=v`s>>g7w0H5?;o^Oym@lE&eHk`^fD&P&Wl@<&37?c
zb=<oNe(vep!zI2|&QV#2sn-dO)uorQ;2ntjlx<^MoFAOG#5*;#OuGJ6^_wB8+(Vt%
zmLQ?%(3nkzYmF`vU!N=yb68?w1x{J>sNjFj>*>Ed*p;=IoeO}u<Zh_5h*2^0ayoDK
z2-lp6>H)V=U%yoivfB7xLiH&8GbB+|R8N{vZufwvwZui2(7z|;)CW*zGLkKT%6Dr|
zTwIF%BTG=^oByrHGE<oVQ+C{slM%b4<KJWR+9tjisxRovASZtW{rA+om;YB9gQlLd
zJFaE`V~;xkqQ&dK{LahER9+a)(0%c5ad{d4!?-*f){b0>7WIyLN$=pVUz{<_{mLhz
z9@+#uXP*Y>hh)uv((?Gc1*?8r>x@{1dMQ+Q`kspw<4AogWyXH};p26%Si4P~(E`Px
zXkeL3^!N+CeqI?}U$`wPiInKiOdr5L-^cYY?V=MMu=$LHiG<CqrK4b2>{LrokPxu9
z;eeADhvK%M<a@w?`wu~<eU-h;snwDy;5?8;06bQ{Wgut^78+Q;3ygE?%LcVsov++9
zPq(%_ASaxZnzg+K@jbPyn1J&bqScz$b2*$Hrb}Hrks^c_%*=$#zBl>aJd$VJ-hPXT
zPgK+dpigcsB7Qz|;kqbyY2;Te?8v;WfDlZ1lq^@5gj*kcxJ^|gv{UDu(W|pHpv6Oz
zm?#=niI2mU4!|>(^z`5?BKe?m6?^v|5=Bv{ScEF^pCH<t3F&ySGPXd2Nm)SwQ*qU1
zIPPHnrNk~(p`r97!|ZG5P*Uj5j!9~vczj{~V<gqFTi<8JLEuD3x2k>K=;?lUTaUw2
zO>BK=MhxB63%qjKp)u`42{3l-#ZEyzoYC-q5*;k>M(ZVZOTM#|g-!=m+pHk9=M(ji
zKwEs}UquJmg>kp&9)MU&u0_QQZ`6A9&E>32U;Fq<-97GuG<~u1WI?mP>WwmfE<0^)
zczQui;HGLW8!%kq=fSO7>&kx;@-|Ev`>>nD85hVUK5sBbP#I$f+hj=i5|wJxjoLO4
z_m65|#DZe(!s4emUZiMNb<bVnl;s(F8>&!IY=N1gG6$3-dwxO#SaoDmRvFhn%+E$&
zg4qCmaUa2nb8q(Jc2VE&3_XMa6BaDV3eZah%=-psHqX`AfR`?wTl6|R=NMN)7<oTN
zlT&jatdUc5HI`1B9F{JIom-O5Mrr)+3SWj*EUYY<oCDmlLmA3tH%avR`0Mnd_#8ZI
z0ubKjrmPq93a+E!k>X?&;%tMzOwiR5R2{En&`@Y}Z>FEnZX5bY>|O%_cH6$jP9Yu7
zr|qqVu$nR^&Fk3VO@@seUi#g)z!o`&<miG*YAIj->nI$r<0JRk!jv@QXAYpxUZI{#
zNYf6KG5OnIxJOMtQBq)*9=HvJ>b@)BsC`;san`~n;xcbDO+Ju1(Qh=B-g{GNY;Ndw
ztX3!He09pbZtJG|Va_*vBrPJr5GY7$YGfjlo8#RH=pWIcq6ho{*erWVw+v75X;>q6
zN+~<~WLD%+IgAbhWetz4Uf4kq!g<B1eA;5s4x_rI)3kXyibNoZD->ddLFtpuj_m##
zw1AIqI-gt(%FLE%_?68I2C{io6#s{i!bJd5IMDkqkiznRh7>GV92}4F>|3?R5_MNW
zT%%fXGq?b2E?DIfIs;QY%dUuoYV@Pt?`!pM@HhZ)q>~pj4j5cSOO;l=5a{ehr#o-k
zTL`eig1_O&{Bj)Y`oK;dT#57SWj0fhxnHZjC&eG}!ITpO#P34<w_IL@^5}l{s^~YE
z^>06Ig8!KIl2+6&l7{=!UrTHU7iWl3;<(`HkPven3Ww>=`ghQqN<Zq1`;t;XO1V7E
zG&lHL7WN}*bpWPP>P1?m$Sc%kUgvWd!$8QFrVAkUD6CNUyyxQC_V9<-^3SW|f>+Mn
zoT~T+0wk$G5x@6kmE=&tMvPcGq3TEB-x<LUZUbVEp|7!H<FJI+eKI;lGKfr_oZFAj
zBgH~iK$*d~i4J0r9>w=BP#3cFpol4+?oo{BY^8*6+APwr+-U)yD6i-6{v|yGtiUVH
zUo=YBGLR_+V6xgL7M=b2DIVs&Mh9`1O1}K{v3YZSC+5@Cv?+3KZzp0nuNWnL;GWE?
zYZlqYLp9$*pW{6j6^gIrRP7s=dyV_a<Pxo2sOXCW!hf0z6|OQ~W<#8`>N(xkDneND
z?G_03&D=z2jv$vWz_Y2oIJG~@>G@vi4~ck_f_yQjf6EwC8iypZDd#sjakUq+03ysI
zkkOToig!AfW2_Iah{Di&hET#8p(yRJC4$}nmad#LtE%<o<MXhnB&er=Ax^G{G^Iw5
zCAfRP^19uE!0~fe;JrHqSx}pIc7lLeHTz~ea_Fb5kz>}K8fSPwhnc=T$7l6(iQlDb
zS<&RqJFXXK#jMZBk%3Sx%!9uG4WeR-=IhrP`6yReZn@@F3Z35)#5fm7J&|4XjN_tB
z&=`NRX{G8*27|+2sKRGNV>5s%)c<!>VfY_ZVR=qu$ri&ZTD83~Y<RO;ual5htemih
z9Y661M#oTNC0fFU4L%-PUYjQdgi&6B-z{oKg^Iw=tV0!jL7Pq;?GdecG>&ViQN>Fw
zJ961#dC+gwL|}|JFIKJsd6J*xk{4(~coD`h%x>f*<w{FtIt1NBSH_HLM(bwfql?>L
zI7B|lo7H0;+F+d1hS~1%Qr@V$UfVIG_ImHWhN2XtiM@v@0moUh@d-_^#On5M{Ki$)
zi?zWR;dc>@LM4Y{Xbctkf{{Z%D6|llzkHham4AW$_%Q5NNDwph<Xeb)YAxvwr=gwF
zv}l%uWU-{GZ<VhtAUu{y>XzathE8%b=dpYZvE(yqKV@j)u(gr?w&~E`>fa*oG>;<h
z=Kd}6uJT_Z@2o_C$UEcz5P7Gu1w`H%{%<4iYJJ3qg0F?v5k72aX)o<-fdMI}&hOwS
zDw}Wz+gS+yOLa}fd|3(P828woXoPMtD`^c4LWp$eS*QYF^G65ln5!mI5Bu{o8dK4=
z3X0o}T(X1?r@tg%hS1)l>QL-(Q3x>FS`VaAvQe|-$uf<-Wo5-1b#sDUR+U(W5O6-k
zFreDkk&sSckH6fS+`z7uia$7HSr#x#*`$0WPYDJsewNCw)jDi07npb%R;Z?-Vvs7i
zEu!5=_eqt#uUbC?|0N(dgyD<TQXY%D9$c&q{Ee(b5}dS1%S)g>AVpdKW;srO8#geW
z58e;J0b9Q1KhQ#!78zQo|2Zr`h87?pcJcqBLlpg=b%;V~mw-PyMB#tYA?RH;PV0!a
zcY1#SYD0=1d7vcrm!c6({apq74^aG{vIJBb(7N{t2t8=BlrNDfbKlRC)(P|6ohWBW
zJgTC5mdX+-Rq8Y|B2Ha_dE#ak6_UBezal8TKLz0rYR30PChx<KUP|G1=C=YNCI7qf
zls}*St1xsBBF8wd_s;y9Q_!`XF@OcH{TXEFzn6W4C9E8e*5*miTh4=wr;|6MWtL3Q
z4i}PZ3k%CS3n*I?b`1l8*#lY}w+?9iD!cggWP=yfXS|Cyehdb0j$mZVg`ro)or_&G
zkqV65BiM@X8<)W>x+dC{u|g1Nrt}>HT#zj<khPqG<|L>^w(`IpAb_bj_QG&^n<Gk^
zqFx&qD6l%&P{Hw6Z^Os8;D)12_?mDapEzUWP@iG)+;2M6_n8n?@8^(%<9mNvJ#IY%
z0$I<4)ug+dqb`qgKPg`*@`<T^JYtA4KR2oO<7KLDNf~veL$P=^X*oK@?aNAS#OzU#
z<s;0<B8r74DJn_ke}@U6{a6O^FK54#8B*-RPzcf7z5gR|YGlDDOFIxPygn>IB>`k2
z&o%)F>)8<2-7;mx9Gts`5U+Pt!cn9I1%(`WK7jCZLzw__DRVilNyTmXF@p7(y|`D1
z$2Jq7PYwqG9%SpL4WXc8k+x0Dy&VPOP@Y1?^zn&OFku0hEFo0{mPpocep8%k7x=%*
z`_8DQ*0oy{1qBfmDN2bI1f)t)N}{5o(o~cpB_JRmC7_^`6cG^=rFWD_SLwY;BGLm$
z?<G<qy`=!@cj4adbIv{ApF76AzwY`)7%*5Q?|R?)%x6Axiq+X~%MFsXYN9@{G`*4u
zs&5MZ)*`ITYFEynT+b(Y!B!w+$LvNCpnUmvz2$W!wyfx_SoCfOG0lu4`aLAH6?T_i
zJddC7p8~Ehb=xyHqx`X$^`!X@%%*@BUzgg3<Ac=hZ;^&QHidxiUW4|D++EzyxdzFV
z)srFaDw6`%8ip_@fraPWGK25V&Q8+rtQYJAW?yI8G(vH9qpzI4yEUq_V^8p@=wvbO
zCbIq*glzXZfE0%0Fs`HSHjxuoWe|z52Y>G5*2`_>LCK!{-#%HZehF!2$7kgk-6f5_
z+|r}hd#ZF+$IoBNfGPYO)p~sJh(UvGTJp7{y%_k*{deGt*FOVBv()&}8)P}5hdeW=
zZKXtn;`@vTHPGi(`r%Q^xK0lBPuc*?SxBD&Oic<ul>cf$ugM>puK|V(%*^XT{@h3A
z_K}F(Gu^@f+_c|Wu75ZnJJalZ6Sa{)?b<V69TZ@6jUtG|bev@KuvP-5uaJW0uoIv+
zZt4d-_yb;8=q_#Bz|a%NN*S|nq)@B^`S&5^OBpsbX#TR(4_P1H%83Bc>Z9LMCSCh_
z4miHw9-rvCwQ}QJ5fDisZT~Tn>U>I(>>z$@(I40#e_tB$+oO!N0w$FQPp~(5Ji(WH
zrjHYBI$SrpS|^!F+|9q~16RAqE3gO=z|mhzJW6&>=ErdUOoNr*p7tJ}(x78P6YJDO
zz~!I3ytgj)<kt)AsDxnN4=}|jdwd0<Gll(1PGsrL#O0|t)^9(Sb@lO2_zTUQ{I=Rg
zIwPX`SFF4#2YOOKmVo3r^YhKO=6~N>p~k;ElRn(K;tf<MPDD}3%4fktPt*PL*ZO^^
zCI{H1L&W|xIH%Mf71{4!|DXqG8Z<c8zqG%t*OU!{rQY7A9nKIx{7KLSVqs)~DTZVF
zB?zNCx2WPjMtN>#&{YihqI@W>l?JJGC;#jk9CMbyrrRgs8u|B)aco<{{JFLbL;rmJ
zdw{Mb$j|B*KR&Z&A^G{w_xn5@FcT`8@ElJ)$e$nUIy%z!ya;|O$-cw|KPB#+PH|m9
zp@o37>%N~)DF*)CEAxMJWnII7H%Q$(eu)(B?>aVs=lM#tl;jA5w!c<qHSZHh<v0B+
z1i=2te=%nqCQ^T@cqu3Q?T{I0)srBMIz-2=etqzj`wAovVKRE|GC!Z3gu7PNy1Ng1
zh$yHbi6nVDa75asuTuOE;pK#Wt!-?HlB5dk+7`+=O<{Akq<EdP@OBZ0ZLU}F^LB&n
z_oWdF$nb}217Wul(gXRTO?hQ2oWeGGC)_DjJHXWO-;MQ&BPS#fQMFz#-1m>AKheJO
z*Cq=zzNhz%_w@iB_UBIL_ZWFCTsu7REHp^ZCsAIG71Yw@Nog|F==ZiBvk)UVO93?S
z2g8TBQ~T9FTCPNP{u-=GS+9hj^_XtF#53hMS*0Xn8=}-29*w}K{uz?u$bAHOp+k=h
z=6md%2XyKBGrvP!#3ndpc~x>)1`gY$-_mbo2(LuvUn;AeoQ+M>WUl0;O+e4x_vAcz
zEWuyoL%LFv<Y2(1kH_HxUE2D<adGHXvds%ra;9CbWB67>McUi#((e9<n@81RQ`opR
zy&on2$Fu1GgckyMHpyAN@x3uL6Yq=9{EzzsM$GQY;)`Upa{g_^ET;7P4?eN&zAqw%
z+%xbp_$s|e4`HQm4G6J*mx(%~YF7l1va+i^;PFZo?R@w1$Fyu7zU-FXhXUH|#jq;d
z#^f-Cf7TpEWt>yz{ccY{7e>rGlpk#V6noiD#W21^ORe(KOx@0L6VT~rbH4(YOYdo(
zJ1P922YhNDcbV<{^QgQr!^f9MW{OXOCu%%jI4O>#6`g-y&zbJR8{M!mwBrl$4f@6*
zAn=8W6eRpvwja}-fc_&y*VY~x@*`0a^Ld+nW$X)@sY}wGnf>kZ33%-dezE?eSKcl4
z%~aU1%e7Os)B@oy2j^`@N~#-_Yo;xWJ*`xF?sSGc1dN9feQfqnI~#t?6xv2Zmw-fs
zfBs&H*}qJTa}Tg2BZ77$J*HG&5AcV*ZSVYKL_E;e!W-ZpP<W$&*3kKN&veg}B<pQ(
zu(PKw%*SIU2ziK&eh|%wNFgOfUX)NiQq#E?W&8tyY;p22yn5NX^(*fK=hAOz;iGbZ
z;&IZ{`EkIU<`lJ@?0E-iheJOZdcH)o0O(Gt_}>r3^Lu&#i&rMu`23dC7FF=U=)0Aw
z6H*LDo<yEei2)Kx3<4&s{<<z2L(_S9qBewtJYVhl5%TwUISMtN?*Ia5!3M^GF+RN4
zd;WbpY7mMFmuCmj08aAn>lS2N(E9iFd;}Qt{qut3QF!`}>AmAfDr7Dm^d&qfvXi<-
z!1rVW+mjKV%7@s}T#~>}_~l|$*Cri5ckbPq$zy*6VM$jIH|q|8qerosAntklc%?A0
znIG8QE-Zl<ag@d|0jfr6NBPclK!?4m;cXAgX7TTS%?F2NJF(+-EWl!8R53C;rnj<u
z=<QZ0eM)?`(zByJBPg8;SWbBCt-D}V8FqP=4|CsVCpcd0W($PF?TVY0;sBO<!H+tK
z&K5Sxzm50#7Spv%a{0X4aVSM_T8T-l((O}S_l-0`GUKDBJX*1&jG~Jyy;xMvJegr?
zf)zJkrsQxCW}tkxZc11>%nK^bf3p`<)JSETxRKq;ZV#ge!eC>!oEgd4PPMeAcdC7x
z>MnBwPte^`3&{_A7ig2BDEc5ww7;LNJO`(8Muba>Dw;_Vj~nj;{aS_-*XQ|>dR~vk
zwbQ}zP0LcH->+==E97*lW)?I2dw&t20>CJkVLVK(s>AdZQU}d4pa$mT*Qu5&LxTfu
zKOu8+9NWFPl|@-5MOT2+W24dO3W7%hYZ)rFKE%C<yNS1jXgOs*IIKa_=I}>WK>t-k
z&R3Y7pK7KvE5Dt#<Y@D_L=b9OJ7Q<v>7!o}eo&j#{4UVnVrz)G)7`9S4V!L3TP7+U
zY*|SsU6E~eeXQSxI>5H0IV51TR$}Dm2N$n-?Y3<vtVUs)X0vN7HR4dY@UfPBP&rw+
z6>35&COXFP$3rS6771N89kUK!f{ZFQo>jw3S`E?Z@VrkdS#v=~6UZy};+2lU3OwrW
zyAp7N?@|8Lxk+3PKjY0}$Q0328fwfuATnyI%=Dd+ecgy2hCH;BfePnRD{h;Cf6)%M
zv=5*jW<f>xr{^QFvCbX{jJS4qE6q(7odJ*X#`D)sI1t(@7<QAr3kBVzPC51>-comb
z7NpuT@Uq4KW{R(0poVQ!xIa@d7Nv}GrU3R+PSfY`G-tkow~IyOCJb+nV-FrlX+DJ-
z-0Db}QJC)R>->6l;(@nmP<YQlBOMd^Q)$Q()&;=)Ko`uRg0=)S*h+4@Jx-uCQwn&G
z!^S|}y^{;mZ36Q**yInorEnW@3gxrH;qtXsIuyBaka=DD#jOikn;|AcyH?T<pZ<m-
zt)?#wYcY0g)SL*cJiK!lLFGukRd_@HKyw>R9d}HY{hm<N84}|^7Ap1Ho#}94ei}|3
zfXxk*1Tet57Af)0e3F*(1gzFZ$N>AY9)7g?1xw!_^R-9vi8*ys4rI*SQ`o9b2d`cP
zR@71`&LsD6W`=?$>M3>Y$EvPyN}4d03C%sJv0>hKW8LuS(q6aQ#97l39#nRlI&VDr
z2w}0&j<!j1nLFZ_K{l-7d`n^8zCe1skITB+^pzfUga~_t$I$AsP`Ga~K&GT(xk3dk
zQHqtzQVM-o3O#wcMJfkbNk%u3H?^;_uf|s-TraS7M%?#FCCsA@=B9J(ndPzJF6;y@
zRJj}6&IOGjtlmLY&EjzZ*>|+rV<c=Ga`l@4ZH7D2z2rD~8d#TKz>8ke<IYjxF3c8r
z6qeOifxKV8nV0F965e(<?jHQT%>ov&7@miGTuctEWziQMHQ3i<<l<BHxmVN8K2)EE
zC683-Q4>k4*^nKdWZjSIcXz}X4M~4x9QH1Gwf<S{V&47>&+)`KxhnnF);^cV(_8Vw
z-_<8jzw*5Myjc~O19syAWHaR@ixp%~uMrCf9Ixt8>CX~6RWeeK*b|^>@o2NxTheV%
zX+rZtUGoyv_N!}gnF7|rZ?j?c`+f!Qu8+8r$x94+Y<LxN*U(I|FMGp|Hj}*`n@J`r
z#TVQIcNU}zb8ddesOHM+!j-8B-eE@SB9c?UK3U?ShrWSvPq4g*?#iQP$4uCoe%Ucx
zA9S}=)dWLYV)KUAKh5Uv$|Jb6V#^Q~E&Er$ptP)9&ygGpKusHj`;aFM=y>3B5pZb9
z_F+E0j=~$09hBy2Z;{maF;QHWEJ>gj`kJg6YqZ~Yam{hGN&O+<WRuClVRSe5xO`Ir
z7daUAdYY8y@{JxvJKf|g=)2$$WzL#ln)WN!($rm46SKkvis>*EbMkT=vTy(eW47CD
z(#$5VGW+*w%7zw)6ML~jGJ|N2(pQHpZUlwYI=eX4x_w)lJXwA9&h3W6AmPp7U6WPc
zh)2!r%sHPfAB#zL7QsB{El@Y77KllXI=+q@K6ZCXaj0dl>Du>4VlC<&8ZaEd`NZ6Y
z=#Tm7%XaDpp4uDz`C+QC2yyll+Hv??KlbZ9YJTuiaO0G1V3AF6(v9t<JxF%IRqQ*&
z$&lIC0{>XwwmBRVP^3pSNkR#nop?hDKPHPBpw+RGM&ezVDoud#P)l{@a>Xg?;YKCq
zA|9SpUf4RI>~a!1AjxS^cL!`p!^*(hAiB(sFDHG83X+b#Kcl<R#TqR{QmYmn1y1->
zq5?a}zN^<y!S3@x9o7#CL^gPfE#yID0AK5xpXn&KQXS@wj~vUk->y#@J5==@%sEdV
zcy#krvYC&qoP)rw4#Yj{e4e?z<3c&gk)bBm!V}6Z(QK_iF2^6Jtiy#~v-0#^j^OKi
zaSm<GaHy?itK%%b1pcOvKN(J;!-I79MR=Lb5{;iiMUM^R1|>nFb&oCzeUQiNf2HUg
zxqE(S&rCg+hE=-Dd}6mMxs`wD7<2j}n9>C^kr{v_o*xKr-ym2(jIS?(N}Mmz4N?<{
zuO|~&Hp!P)mX!c&obUo*%4|1HDTkFrJ2S`#b!?VQ4l8_3%?@0g+YB-4yT^2S#R8m?
z<1d%0>WUHFM1vQYPvmH(oUv`#DOQ=>0zU^;dhF(wb62;u&%gn)prX6M+1?jtHiopb
zMn_W5Lp0*%TFl-ja%-8_>k%yAox-MEw1scL@pP6=Xlb6KIpI(|j9cGwnHlefdOEE*
zyazR(62{oc{PQOy>Jv~F)S(tA#FhAN+-Sh)l@qkHgno%TB?oRiV|S%$4CEiPTs%Ba
z6x<bTcDmx>)&jTb(8X7v(*DAV#OBTsd`0?dqxmVmdB9|UCokPCN~#bGY!;0RFJM%Y
zcR8%}$nd=u%)(NISz2O%9@{B{x~y*4NW5*oiQYditZbzNeMnhItUzb2kkF0%2KFL!
zM+IV>ku`HQ)RC&$551@RzC1ID)QOJl)C_%xN<m#_v(%CkN|X<9S#O}Gzmz9_r_|qP
zk2l3*D7``{F#69~Fx<=bo%j1gt5^g@w=pIIFp+Y>_xFQ1MxrfC+6hYF%J}&69=f8Z
zaM~`9b}v;m_epI;@BS2UvPMcH>*ur7ps}ZD=?2tK+->o4(sCL3!S~C~8b4c4GtR+e
zbF{G_%OA2LF7tXzzL9W=ZrWaLHij6PD=eQIKBs#kYzy&(bsFfnhU4EO)r$JZ)dOXL
zxdW_g+FIS|{dzqM=nL#}qGt<MhpAY`Z@7WLsI#5bobOVi@ockEqgKV)PI-_hpM2#K
zk5TtSU{`b7n&-yT3Z@1}FlX>U1Mq~&x2-p3ipSzPHw4u_MGaAsK^S7uJbIz1pZ^J+
zn1|kAb?84CDR}*ea8ii^oGm4LRiDkTr0n_eGGr!GR7t;cv%VJoLbiaVK5fAQ#(yc#
zm>@{3r~Ks<MjJ_}XCf_@PyK*as)LZc%32CaUp7@Z*b4l9ic)XQ?wCIJ8pbSrwK^@}
zFaXm^1{=1lpb?bdWJaiQ7^}4@57iNe)uDe;VFFv&U-N8pMChmRWgh4Shj%PtRnH49
z8s&^9yQPdO2l#np_}te~D-~q@v&a-l-vzJJo=r~P)X|wmS+>b+K`()KBq?qY1f-k%
zgymFfZ&iICt=~HS9+Ctdv|(^LMD+8gqqsO?jDnrk%M7#>^TSHdvn!(Liz0Or%~?xD
zi)13qn`Pop-&vMLpaD*x`?fa3F;VZwFw-x~`S!$wpFb(tIr#yQO9yn#JjOq3x|bv>
zG-qawOlt5?x68gRWqJje7vA|1^=RMb%Wm9hUt9Q&$3<}%a;SG{+6V5LCV^@ufKv&=
z`30|b17Vv&6LCSFdqx2pUV}89@`!&*gpbhy3V$jW4vznAcq0s$YkT9th_!8u=)B?2
zk17oR;R`*BDodP1uo$I}n5q$cX5SsZ8-3;PX_dDVyU_9h#XG=|I-|+*DsIENE+n#v
zEy>v8c`s^Q$D>Zv1r;OIU7h}U*fZ+ZR0PV7J^qN=|B)ec6o0;VVe4J)#>PEPo^rfN
zc)<=1g0U$7K9<B*Jc{Y-w{BlFXxC_Sb7g~C)@QnQ&th0B3ku#0sg?vQ^xz883P?An
zqEL>R=EvBXIBdU{A4@g|AC|j8yZ8Jtv4G17OFDu`!@Ldw#hLy3DWkU<a_RV6rH^i(
z^4U*QS<xv2IBo)G`{4pmW*9`d8Ir|1!f{K@K+PsM6~mu6^?55}$_TY)krus(gSg%Q
zngo+$T6aJN?wPY{ok_%ky?H;N*=-eZ9^p!AifM>>8G3ZZP_2#4W~ld-W^npwMZbYj
zHP>Jl4ld5M(a{a+zwJ#MwE|<zh_Gd>g&bC>8NaY@u-t5#Q;R4|NGiqmt%qm+UOGPp
zgv>;!6j8V5XR+aKN;h1)&(sHnTC~(VzID)^RvHIiBe#Rp@85TuwA<vZ+}rfMIk)gB
zHDQnaX18xztex70ECM713eD_q>wKk0qf{TXx+L<1T9Z+*PMx<%5^KXgkJYL{4)s7!
zq0HyoaA<R|B@6C-Lm~K8zhw7b-N|0lbPX%auzhytZH&p?qoU-Ubk^t<D2p=t3Gn@j
z{h3$+F@o}NJw*T~&n&u23Ua*(O<_!VOkaEcnbAQkibqT2pJmn+RPL8P1DbH3pt)@^
z&WPVW+CD$4lBJ;Pc4Ra8BuF5OT-5+`hwcnS0w%C;jeSCq?O)h+B?ioAELv)Xf;yFE
z`v#f?sX@>W%@`qO8k#_1)Xp<l8W48$)ryrxmL~SCmV#wA7*~AFSLwD2AWakI$rce{
z_|}o*B6UXD=4?3g6_}aa*>(@}TGeZ@>hS4=fC64&Q+WXJE4v>=`Sm~$vj^osX1WN(
z0&kEUoXCntBd$R1yivRx)~TH)nDq_J6Jz-xg7^>K|H?VJ?=QTs_&$amy10A|fRE@B
zEup*~j8D|u05mQd{6h-HeC4h!+Oqnjl;E2<U~>lulxedIcVa4(l56w$kAZtr6bd}P
zXGO-M0Bf}VaE@en$tvjwQ=Qz3`Q!@KqMlMk3{y+mg86?Sy(XpoBJoD~J*2ue5tI?~
zFt|gzq?eE!q(^&8q`W9NtNo#VI*896g&TpQl&q5NYd6HKf7E?5*~EEBqmtqJ%Xm}N
z5II_X7W5hux#*O*UxHgU*n(It$1LA)slh*@R?dNp>1E{#p-5!{deFdv?G}qZjWlNR
zr?@R(JJxIF6^yA#g>B7ptTb9@CLGA2!{0)BE1)?n*nn+lFxh;eA`d}ZP!Py0h4RWX
zHKh=Y=!)%Se5qRSSfG2BmQE&#Xx!JqjmzBE<))Q|f?$Ehtb^VPP$7I5SdcJa{Sd;e
zv(CZt((_4JK_2B>VPB2s9-IJj)*dUcHSXMJs8?S`W*z7201B%^wTuC5Rai9&M>M@j
zE%IAa@<)oS9`$<&MOKhjUUvqG2PUW>+EZj9H}Cq|M}I(JiAsapZ}7QQJW?OcP{Cv?
z*TUNgF0q}Y#kt0BwZ$;LoVJ5#eelD;ifqw+0-nIaH?Pd>JOx$9c?J+hZ^W73r<D>T
ze6*mYS4~)d<MksVH{Rp$CqORriU{$Edl26i-Bt^q3@6U9*hVppt^uUmrrcIr^NZ7n
z;pM>z%oy2NL!Mc|XTgZwV29CioajY3z#Chr59JWU-yDNN)9f;*h<ghus6^tk>%ij}
z#)Mv_<>b;L-`TNTrxgI(edqAFGaHz^R7&}e*?L{C&^uf!<!e(cfoh7S%`jhXZEj$<
z<{p8H>Fkq^Fwf5sxeU|&(aR-Q+HwVAu3s&viKl<pR4RIOphdk=!@d3Av3G&NzO4lP
zGC|9L<0wO-Z=AL<vn`nwU)h%KByd(jEubiWXqyoL1hQH1WNv64Erh>`mHO?}7#C;{
ziHK4=y7j6u2GurGKb2<&p+0cI8ZOr;vWV+9fpEDC3)wi25G;-btU>D3Q4}8;sv$Ut
zHi<X77{|z)FKKB`WxM3Dhz(^Z*znd-j)-fcNrxZ?=EH|fW)LnPxK@hRzTfZQVkXhw
zf3?*7Ddk0103DoP2|i+B`Q?-mE3@a}2eU-Zw<PrE{THiGX1iTl3wZY8Qk5$;p)q!D
zR|#p=9DH>l*Z@Og%DH;18>_WMJUg6AVo29uuOjS+ek1Dg{waXIk({8VUI0kt@UWsK
zR@w}ZFlNU&ncrPTZl5~})Un~iAJrqE+GKR>8%nf7`NrZXCeH^aWlAG&%nxB6`<C3j
z_>>_y2q@tRfPh`$HEzL3cE)az?IqS5FAX?E3_oVxJKW459EEan$Ygsc$d1M6n3`wp
zp$Lj$j^6&o^YVPmiqiQ0{erZ$b85GY&R7UJ{>l;0n;h&}759nqH+ryZb)Oe6P;vf7
z&cOvCc}^>%O8Qiz$><7DH&AwqS*^Lw&&vB$yMSu${Fpt%KR+e*UkG}P>)Q&qxKlpS
zATs<QK^eJpyFAn}yUp}~SXA7Y|8fq<(pKO&vdjFzYN^2G?4qJC-9D4+aEXo4Q%28G
zROy8`{eZ@!;HW8c<|JCVs0{ygdGy*aZ8QbrLoX{+;AY;HF5enoz!tI9CUdbeY5nWx
zsPuQ}u>~W|*zi1dsI39o0PIT#jC?D`VQTxSZK|xDK$xs$dd%O@ckP<!OpCVNqusN=
zp>GZVeUH~j?c=Unz08}t%sRS2=SH51)M%d_b(wE$;NeD<-7dde5sdof<{<cMGq7#=
z^4B;_LyB<g?7=*A7im=%)JjuFXUUO6kf)|X@anVBC@bW~R>!>K8>?sh`|=gPTCj>=
zf9H-rpL;V0^@}lzYd+52PpR(%pC8_&PSCT5Gj8=8A=!3r5ZU_okQ%t_T7P6hs8kKv
zxJA<nqsAZy!kDw1hJx85mE7EkyI;lGd~e{gtrm6tp|hrZQ1&jo5tb)otd{DNf_NCM
z_S%X~os@+nBflKApt&s%GLbGbc6#WBJ|tkDn~R2%VEnK!d>+ej6JNf?q{M^r!tiRW
zLc2x$d2a;}u-U%TMyOE}Mziynqbu|WvY=5!4Xfx~K?n03$48#OM7rs1s8n#dESwO-
zcN7O`>_lCuvphgr<TZ#>uFBS%mM7Ru#|P^ql~&^t+1KZ;<+R}?p-^gt2I_-6w5z++
z64L)3M+n^5d(pECd0#K583;jD!6^rnCzPpbD1H$HkSrtO3<Y+*P`5<d-(Itp0Swai
zPhc)u^gd?ZeR2$FFt%_^gE$sK6m41%_#^SZuI;`kqX03Os+}n^ejhFC2dEi#enhul
z1amx(`&KKeQXBnMk<Gzj-*x=YXfXg#yIQ?kg#ONr0A6}2|3_B#`J;+k(k<*uSjH{H
z*|%`R5&sPcLdvf(x))Qy4>^Y^Kw}5aP?K^+;?@$^1V+oW{hH1{j?iQa<x-7qJ!Js2
zHfp%<9GeiSj&kUoC(0%Fr?4M8rLaD|`qGPEA+9$bXE(6`{cp}C>OB>VXIB5ZsQL18
z4%cB<Y@P)00OPXNBt#h6eF|(Ei9FS+x**D*5LJUf%28^~zn47t4}i+Pb4N^``phJ0
zHxc@UVPTLxi!G)tw>&C<?mi>Me)K$!2<Tfl46GdZ3X92MAp%VzU21m+Q8l;NH;h~e
zfy5mT-wcM|X$F0s2E~>0(5yKw{tKQ`*QD<kU_QV28=}q~p;W0f<PZjWR{I%NW3dE$
zvYG-rscV7ZT@82HyD38d&>6Dfkh7E@{Wv1-nTKP#iw9p``=IT`0Ws!n@q5|Wal&-y
zY4*VO|L)=mbS?0GNO;-EsA=fu8*~FvHk>H5n9Ny^Qy4fXPJio;H&Nfg5gXC_{9rBz
zaZ&v~XDq(CJmFNiQ_SS|M!A{Eb4|r5>k00llYYO#MY&hY*NW)7$9CCG+T~>YH&m@S
zv`BEQKh5+T56M6Fwu)iZGq}Yd%Nc|b(8X`uPW~5Gy>}77s`qv(-3a@hU2tNXWc$Nd
ztIh4+U{<`wwBxVh3otTQ21udx??iWG5!Kt8t&x6}#em)Wlt#u!xKEAmV#OpW-Rp|8
zVm7)r0n=CNFa`^Q>nHTg9>P{3_U@y#%0tf?PReaFB;1{96g+h?7&yyk7K5dciL9lK
zWxWUpB~m~Xb^aG5ov{D~Z>&9~Cii5w7-M^BpN2>R1c%zy;9B^S89+@T7^L=5bhg6o
zSFsr2SRonBMT27Qv3GDd{{vJ-9UR`9=~SfX-F|UotJ=epKs=}|o-dElicBFJ;eD^P
zaSy0|#ZCx;ec5fD;53l*RS}uyS&42QV;j)!oAOH6shhVct`aN`y46I02Uoxn27asv
zM|+ySub9|rE)kmBFjdP&nH$p1qrXx_t0}I>u$|p;vkvz;GgtlxfLd7J)q=yqs0j<Y
z&kZoco4&IwQJOvUZn;7VJSqvZ#26;jb2~z+*ACaVtV)^g-TLY94-<|2hl$<|HTSD_
zkWg5pr~7?tyC5>OV0}cM0E-U)%%m^yCnJf!7$>{cAB)TN)=k?8y!n3#Oq*3OVK#p3
z>|A+grX&!f)|1C^#Ooa4h|Gt0bej9bExjWjM}73!NF<+|Z(H1$6uC7>s!uzK@j(tg
z&2*f&uWL1nl09tyQOq~HtMST)L*|S%%Uk91Pi(g!@f@GC6PGzPevVMV>hSJk8pmPp
z;KKU@!-q-rK7(E7=){^2&y3*mOCk*!^L87S)Z1zQGoh><J5R8ahvvXjpt=fNE3pU{
zGpn#Id!mx)S8ccD1Wk)S=#*h;L*+2pzcdspqNS&mqA+qomhHR24r-n(3A~hKOtqM?
zb7Kn?*Vima@ly-GQi>S7;fLLx*Ayq{aF2`>EMs<~sAh#33N_4;(fDNK&E`yYxos%6
zhlRh55_E%@P%9TYU(gEP5+@UgtH!9@yO!V`!04ngYybSYw&o&s&UIAmJxH-<JKBwr
z`4hm&_fUZRHSCc8Fwa4M{6LqV#Vl!?A(nnqFJwK2x?GXMd$wlj(17(o-JJN#*Q4vb
zktG$CcdwhUWP@8b%+nkO_TJ1$8ys&#Onyi(Q{6L@{6Jj&7d{(~`vj77*UpNa9hBsP
z>t~Jd<bR8RNKv)gQa-Z?25ddJ-itp-Rpd9_zKv9Kq{L=E>*XHHJgTJilhf9k)p?B*
ze;}R+ON5(!6<m~px-JiXMhG`S!PfI7<qEpYyGQn~n+~(-3kp!nX;>=joUtd<*_*n{
zz7?MY4uy-+umcMUMwawv!RxA<LevmZ9aie|gJK*Jp&N=e8EeisTwLLaRg1-p^A9G2
z%95nTI}nD}`QmE;8xtQM;<Z`-R!;t2lob1pbBSSY`;I1R=Uwh&<B`4P$F{y{)_t@r
zhqq7N^m;K&-8_pvL8+I7GFd`um0QxH_AQz`1HP=7aeNwB*_GfD9nLrU$P;+J1YpcA
zcmt1zP73d#mT<n8HA7F(N33+vjGs!PWG-S(FstNF5t7(AfJBT|2pUmmZlWi^;-jYW
zusEKUFzgg<H3tiK_GX;EZO(KKg1a)&VRkfS!t@Z>A|Lx^DgiRO6)LKL^m_Z6E=&;@
z=IFX{c*P+o`R<%d+u>Bqi+a<OILm+o!BbjUqjjm5LCB`VS1%72pFam(cH;Zp0g4{;
zKXlT^@uNi{s8_*`s-O#oUv<6u1RrJ#@V@A;%n+0PT7<b5j(U)1b-h;fq1eY@UEk}%
zvm#B~Q0y9uW*ZG#LKY*HGel3+fV^H-;nc5!uf?=&73mJkrvQlMlE?M?k5|hIkRCw>
zFSjl^PNWDdUBEwdc8dt_BvH@ZNa0`ug{NSSEQSD8&8K}nOQi$#iSKB|yJAX(He!9l
z#Ra;b_W6$MdQCq-O1XVEN8P)UGwn#+6opjvqo2wEs7ts$35a1QZlKCHU^RGGF`}a=
z>h*=)Z-qHjqW@2!>&P^7o3?!r6o?%;W05*q4<VHo^N{Fu1lQx%de8@*p);hA0i!wU
zW^A}UGufzD$nOf|kY~ecGD!ijN%v>`BA;u_ui@r06`26SJg!Uz>WP_T_5;05H^OuT
zDwt;b2=so54qs*Vy514_V7u1cJc2ZNbpdD`4*kqIsU&RlbUr%*sOJ76Z#%i)%NQzo
z@b6dd<sUZQY|Py6+IE|Dt${}nx^9t!i!nHp;)ov3FnBPCLIQ~bS?DiKaV&f4>Cpl@
zbD*U;4*dEvb7Umm976qtmzWU4S};3Tux{)0MFj{Trgvl50)FqF3)Wy@*AVpwjMafK
zz-{cm*=PbTr$1%dNw9ZuwMnhJow>lDx|?IhuHz@~Nh5GILwLci=DVrk@JHMJ`w+MP
vF9GaR#sB*N7U4|sk-jnB14LR~BC|QAWt#K75%-AOgz$~4hF9`0+r0Q+al|Sb

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/sqlplus_1.png b/priv/.BUILD_images/sqlplus_1.png
new file mode 100644
index 0000000000000000000000000000000000000000..0787fefe523279b1e4ec002ec7cd35fdbd973801
GIT binary patch
literal 13172
zcmc(mXH-*NyRL&ESU^-%qzM+JN)V7LL_`GXSU>~`Dpg99UK0cbQ3O<qfDi;}Qlhj_
z6A+aWiV%trARtW$AwWn%`ibBB?LE#O<D7ARoxOh~Yh|smX678TUC(_#E6L8rOk|(r
zJ^%n9a?Sk8bpT*j0q=Zdk09^c<lt)q-hnUZy4htw^?>vW?}vbwv9&P(@FjIW>)vkO
z@4b)Aoq_;>1D$_Ad|i+-cK|?h@3kw&H^W_t(=EPI6U?1Wvn}~&A}bEn9$(|`^$W(`
z!%7)_*XHB$tsirV?&qECP6!UzRSxCw3;Q(OwyXah+3~7_ue0WMef@OY-EZP6Vfopb
znqF6fMm<#ZNaD}0NDdPF^t|#T2F$VH<oVnVIE<xiTO9<<%R|MSt_j_`4E@yr;Z<(K
zug?a+Yg;VjGM2NScVQ$BaD;cL&#3~`F%@BLEM*x|h{AL=+eL7AnxhQXr}`6LjBy2U
zrL?{PP;XU?fo~)eyogBUXRfbILtASpy{*)us8<-tFir${Dg~}k3%h1Nf;v0JIqQnP
zkE4ySm&rH6m<7<j<Gqkm4@E8oNmb=byMinTtY>~)FW2S$!%;CnLxU!1^eF+63r%Ww
zVZWX$gl{PVf1y4xZ^?z;4{_}<I%W;mszt3ozA+gk!hB+DV2^%1hIezMX0}CAsOl(d
zk5>j<mmXcHt<TyP+?=anh`-5}bPDB4?Ekr@GQ*`US}xUH>fzA$PImc?q$=g1H~Mp4
z3zwDuLSO7&?Ww85QH!W?ekXDUF|Hnw#$$O?D5S!1GNWfjPHU&N(Ip)@Q|IB7C8SrS
z`L@{6s${OWMd?VBQU!d?NC?q?mrTEE;?Qda|BS=SnjR1@_P`4Ta6(gyooLN$pr^&y
zW-eIl4|t=_VjEtO2u(ZI`kRf;rhT(903Xq7O!aD4*&ZB3#H6eDlf_X^_xy)d%-fWM
z5ohKdlR8FiH!NItd)SI*Mm+Y5ON&qc@N^*F#a~r~y*AuiarKn<<MBhXmkBb4?`-br
z&6nmfwn&dn#z5zO#a5go+P<ubWE})wy_cXB#YR=GERjV|<(}Q}N7u*}Kd*w7MT=qc
z;FXe|v@lRbtvTE^k{hI18nbfZc^zljr93Jx3&ui(1=GU<L$uQ>#`PpNPX<gd5blB(
zT%k+1^g9Vare#<En<K(QKLp4)qy<f{f%BU<n5Bts+j-$n`sw8{4i98q?4i$7Y8$zV
z)p%pWo*cBfC;Qw4`ba&(0xK4Ru%ahdcr$-@eYRjbT#)9v$(RtwqFoEQeOUcK=on%;
zeQfMfBw7gP=t0N&$`*~oVAH1T@jsLYtSv`+7sv@(I}S?0p<WQUNQGlhydQ-#B02^S
z|ENA(??(DaQ)~Vj9i^N0@^eu){DiQq_t?46jK~E9hYEjE$*$yvNu}vsB3L`MX}ua_
zs))G07hb;BDWKkAyv_e9^P;ZMuW~@1S<_gua~k_+FO6Xw&=-n#rOWy(Hl`In!fERy
zXnvd^&^&B)_#j?Nv=>eWB`{b6d6f~yw4on>;HlRf9+hJv(+Jbw6>)FVwA=bPS+ASd
z{qL^VR6?=~91|~DPv5z43xcie>c76w#11FzJ~YS4&62XasRUOYH?YrKAb#i`1@?%|
z{dv)VHeY9%DBL8|(4gK|LDId|ptkiR^)PTK_XDOMfuHFK^O_wOW$Jhk5_&7p9*nF)
z#*L83JIo#x_~VRnt|{BGK{5qa{hL!O8Pqq}*VOG2yVDDV-61}hVj#8{h|Sfmokegk
z%c~70jf{Ea$b}=ql>*N7;!^q#H%Of||J)q2lJ}hy;WXi#USDgr;=`|;laINXJh(&}
zr^w+kuLR3nV>MK%^V_)nH6=3F8d*<V*ln{n)2;}$c-Uyq+)CA>htuMGF1eRZ0LJ?F
zG*B;?JZ!+D9O(pLe!f|JF!C$1Rm`(Mv1nxr@snHw@5Ew=X#An<8j;oRgNB(MJx13I
zVwO)`N=;-#d`xg+W!H@+rsf?{9EY?fw!FsxBn87PnTlS=9XL0yd!!ol098XYsNkw^
z5s*GiG^PLh%JtvhTpe85=dkD_qwrPi4V<kFJ-O6{E!zb9G`GWi!N`i1oPD<U`TMsm
zWAVPVRsLR4z1gnJ;|LD3hKW!bPd#iQ!_6kjb^+0W6fRB-`0SVA6KlHhjrB>nYDS>u
z5%qWI3yw!!1;2Plo)od_!@Fv;KD-)PJbLYBnmfOKR2p`}a!)9F*YuMtk<pWLpZWJ|
zd=z^a`z&r&H@ry+3SqvVJ(n2v3{@{zm5jE|Gb(3~f3T5Q|3z7~*R&ZgISCfPjLqBM
zJAPT}bJndr4TJq^w-n)}Z(7*$M+OiSL*2PQd(S_Xwx|Nl?_>nvo!E)J75F=YYSYO#
zO`lPa1u&&gpyHA&Z&1XdW{S@^w_KLH>BBzoRy60{uyC-&!B5#``$f)v#eGqJcZd12
zS??+vs6k}dU+vh0uW%k8UesA+fDpaU=JaodcuHo+5Hw$1)x5(neN(v7v`vbG<;7RN
zx+N7_Ika@1?6te4Ic5odfo8d9=2peD5$WMbu*JYeA~)yf-ol^l%r{SGIwh+O<iC@K
z?|r|QGp*$qN~+Z#PhJt5gprgvcZ0mABe@w_A;ZG4PSrH)fx9vTW!jZudG47W>@6eY
zTMHn3U&&7&#|e%WovgFiayQ6>+u|d{kWWgVx2xk+&g-}`9Trz<{bgOMNKVSw-wyw^
ztv~`Lyt>Q1dqIYKZA-%{$$xB?eA5gzU}m7kTU=1D39y_vj&C8Q$gXJ~L|_+H+@X(x
zxyz<a*EiNbsCT>!x={y8zNhJ9ime(YN!dtVbd$WMdt{v~*-Upf>|W_?3Z>5(O5bU^
zQVnXPrR!#+sBv{-Sc;|Pkf9uOu~lCgJU35}b<i>#0A0K4*d9aw?RrukgA9V`56=nC
zl7d*h0~v;GYn<GKk2+4JB9LsA)+zYep|@>p#PGa9b3)yW9yv=DuFPWGTTP9D501=<
z+(28kQT~hutRD@y&s4F5gA-#YsG669uh!;guVsTsI~jiXiG8cc>HOUI#9@ie##V-N
z;opJqj8YNFJ#T+{gloaZj-<lmN@3;SRF~tOP&jCthJ@kH`vB%~BuDfm1&pnheb#$|
z+n!8GeUJqnWphKH4#v@{4{%+D(Z{v=j^yYhKWw7ahQBCLA-Zi#{iIfTcBDuy)keLx
z#nc3Dk1|WPSLX^VbAFU{yg?^_i|)-GpC0>$7p?;NPwSB@HXtv?z^ySe)_tD%-`g*B
zwfB1~hoomhx*0uj+uON`9Y)@E^CAR^W(bKH$oL>ZEXqTz&LsX;&T+jj`xX6q?t$}d
zSTGmryiwxo6pRK}KYAO}+aR9`37~)ML;TP~^|GbH*pV)Sxl5mPbfNMMAjb(h5x>&E
z{bk<nBDax<9@!kMz$d^zywDG2e=P)?S){`z@!?p^Ht=c>HABxZh|QrcX4z)5RqX0H
zj!q3;j4qIBVme12&6S=(m#vq5Ye+2QAj@F+kxccg2(Ekz=^dqLgLUf+ZKt#nWDlkH
z4nVj8PdSg*sJA|GU{PNI+e$v2Sjf9u>@iu-XQ3$38jXjc_ay5&x^_Li2o);CyIF}2
zEPpR!o{#T>#Qg!Q=Q}}U2aCBm+PywwjahuQo{O;kN$@l0k1jrVR3AH`(*eBc=00Pa
z^fBgI;ZL#=bQ^eFl#L5gkK{i0$xZ@{L|sp%)n4mBe(Sr{TQTuV%Wcdj!4}uQVmzNK
zJACcJIQyk1K8|P;af?;><FgM?HvG<ZYOU|tgjqfwG!o_d_wbnU&Y{>{06>9*Kmm^!
z%Z~CX@(vG8|AmwP-)_|l6(D6v3zl7|@=MEvR@N$-%A{hK=bK2fsPlPID}H~O)H(G@
zFw&Y?9@7Sh{q!C%5;|ji(A^alBmK)qS&!`+8Tz7h_9+&}UEQ6pf{>hv5@{@46h#;`
zu`=2`COD*Lt%lpn@N-Hy@a7p^9MkbC7^TaUMHoCOcz-yg^h}jWQ6?gXMmKYuLM=VX
z1V^?pjtR?lPGSmqz`WAzTh&tC$~is54R)QmhV)g)$ZTWX#$7<X#u$|fmrkI+9hRov
z@|S(Vq_K!_4xNwOC0GzS%Y%~v(YUyA+bCo81zYsw?R};G>(s@<%ceduZD}N^W`=Jm
zaNGdAcscX^B6G~9FvRgLNA<R$a4*DZY|+>T{lUr;!gW2P3tfJBN{F^87VBE@ZeEFW
z)w0=lIrMRpBE(D;9|4CQUTTXu>TBNefQqP<Q=z_H{!j+1?jn*>PbFHGtQ%P%0w3v=
zOmR#w%dP=mIgY>u(`sn>!EZ;mZ6i4^dZE`GM6XKpXyWLY_{#MIh@upZygrDIP^OfY
z!GL$Tb%UbsY^mO&3)H@wcDZ@d!x3o}wIzNhOf!l?>dyEseOkird-aII+&YS?M=Mq|
z-!0bHC&sdbeZ3V=6S&sl&pcf_WuCKh4^<n@OAbeRQ7OZIX!aGK(<0-bITe?qxkg7^
zj*z&zxKf#IQ5@B}MX9Rl$u?B9I<UVP^xQ8erJUUhy_r<*)g|J@JtA=I?9Uzd)visG
z9@VbaK~O{w^=PtrWA>Zy%u`OVg!u8>?DOI|hhQ@-s?Q&<xve6K5H9$!YTyGK)*N0}
zq49Qt0_9sClHEaVa?1H6QRkzEE`S}#g5W>hrrUUOBjG}xQdT&qS4zmQhFhCkFA0t(
zYFSg92aVAV9Hd-@S4`6v68Y#kP`MJGnA5yt8^~k_cCQ*hKr@&ORSTvU)40r!n^w<S
zp#kaas7*#`6tumy=1?)dKuc3kIz2m~NW{Ow$L6-0!63vZkF9Q~=Q9?>{J7$AUwaXC
zSxCzWv1uUT67x*t{%^*xp?Y3@Qw~|`V=XsyI#=qn%iK~QLWYS3nK73<8sDdU^5%9;
zqZ$|Xb_AQ}$@@%%WrUnqoK$^K?2jj?j}e4|0?!kgYT%36G`eqL$MnkbZqUm^nCpL%
zfca0NqI92+BHY<Sp{_}SRtEe|AS5~0G3~?N0NV*IwzcZZd6$FB_^;Pn*{hMu#tv(Y
zHsMM82?mI`xJ(=Lc!h!%;j(73Ck|k}{`lY2fisij%(G-YnuayfCMXr=_S~WL2EFxh
z1LL2*yY6983y;3I!*6_nX%LZ7eq&DZ{QgT#x(5}^gZl1r?`IOIq>OR+JM=^P{KTH9
zN08?o@3rdQlB@0Bc623_yHU|aKNksmzwh@HF}$}R!nd7bwR`4HnuA@r!raamw{Cl>
zIHklxi5rD$$@oKNOfSSiTApx?XTd(Cg55=QW~r221Jq_OKx15Io%(&{5r&f4Gz@o-
zMTlRT{Nh7LLDR?RJXoLb@#tf+#4;yQednX3M%baJn`i4f5~IG}{R_jIH$ZE9K~Atw
ztJ(V}MmyzwY-`$t_95}e&>HD#e2b&u`MB3UlNg<S%;m#BoX`i*__Z8HA*4Y(fokn@
z|Ky+eVJfH=Y8@NK7dXs|v+fx6aKbdUPhnJ;eY4t3)(4_B1l(PTFJ>gZC*Me-KPVD1
zaT?jW&ZO;Q<8BU!zO&ra{1KYgar;gE{I`QnSG{g|+`cQ%FYoxPDJLt-TH^dct0DrW
z=CCopv|dZrx$Xh)lCzl->jzpZjL|`Lh}nJThmuN_HDNz@;vN0=)VcA-jZvcKec=7h
z^J0Nixl-4z5{jn&>r8DDSs@kDdocX<SL)H0Zogj9j!;*M_2-8+>Kp+Ki<nt1n=`ku
zn);Tnyiav`xc|A;?ICKa?<7WafiiewQ521MCSITOIwaA~viB2MY<72|fqpU}E7kih
z{E;l_u0S{jc9Mv;R(A}g=S7h?-Tkex;l1pa;srSW@hqLM7cR4V*6@}A+>yUcmQdP{
z)q4-@{nQpmsm@GXFCD7va<`RS&pI<TSAQ)@@<Wq;i<ZpJkvO|WFHus_oCfJ3UP~YG
zxEb+A#(Iv$Pg)9noTzXk;gTi|Hbtzh3(_0CcQ%OP?18#W;Pg!Q&+a%W1YLGUlE}P{
z|I{W2`krD<Ia%=<mleRZW9oF=8lVcDmboR2zoB#Tv>!|!>&i(B=UxnPy=(2#{)gSD
z)VcBD3(!JYUEJ%g$isnn?Ryxn7qr_^r>*2QyK|;#yR@7`T?5-uw1GpmKhfbhFyn+1
z*purT$i86!atrXtf7W_3%k8;MqKj2~#GHU%ZN^odqcNR5`VSivU-Ko`f)7g;(gL#&
z+@I=;+k0#>XE*zxYS-ZLo6XD0CEifOi6(LW82WXezkS*1vY3i*5&+*fcc&%vVn;wS
zmuD_efDP5W?cr(!Sn`kMc#{_n!fk+=+t60yq^yqB+oFwTq%SUbhJ@6~>-_1tUdNu#
zp>Eyy##ruUgH2r%baoPIV~z^6L)qFmFT8C=7++p@_o}vUlT|URKjL@168-~jcz94Y
zU}+@EC$K%UR7di5Gpt(|bZZ^FMs?IPieN`&Q*0MlvCAc!OI<qgATFLek((ehdFj4M
zaAe?xyiYMYTGKZ_FMK9#Xw-OjHowKuoWR0crQmEi70)oG-UaVcsdbYZ+Jm{nY*Tlv
zGpv_Yj`QT&^ag~r!)?(|56*<SBfT!P0+l_az7m07U`=GHFI)e?l+TK3Xg7M(;gHkr
zDe?Uy5#Z~3RM4v{*qDyMH}HyY)ZzdfZ~r*QX|Ba(_1m!8-ql(sJ$PRU3SeS={((@o
zbpUglF7Zb3`A_FNziFEu8TWpZFI6U!8$iX;b%sqiu=fj0YDQj$BgbUXV1`jo3`N_5
zjzQsG4sccO6}DP6n7)sh`axqj*_-aB0Hb$Od>aFlnPH~OsUtPEm8a`r-OkV%mIo4K
zSs0Kw1yzHvzmu~JK(kGo{69g^ddSOHxYqzcz8GkyyQQ5k_G7R8LhsBQ7`H%Y<ei2z
z56u7z$4|cUf$clh2rvG2@Br_^K{sg`fVv<^sbj++R(a1Q9^2We?6TwC8F~0)mmOPM
z9_+^>yzqfmz)e`Z3bFi>6C7mAaQ2|)vX>}X<f7q2QgY}@&habwaB@`FgJiI5_$r-O
zO1gM#Wa^?m)JnjVQ>0zA%pL21c5?QjoDjBZuV?L_{lh3-jVq}_x$X8duWp}sFo5WQ
z8`=JXN%quKV&dOBH0u6S)Gnx&yKFrjvauGpXox{7;q~x-eVEu4(GlM<JFW=lY`&>*
z4Qxmy+M#)FAS*w_dVu74i0uQ`4>(4y9uA77JocGG>b98?no>hGG2^BCR%(a96RFA)
zVbHeY-rbB+Idz>Uj8f%6edxcceo9-WbZ}Q#zPw-fpk!$NQG!Rid(Ys(obja}j|A72
zW^HUhz#XTWE5|me^KCBvSI7hmdm@Dgj-*;-qED(27J!AVIjfU!oljiO#LW`&gq-w5
zOEAX=wQY@@?`qc0Up(yBM>j|f^v^tGG_D)H_I_eOh3S-EnlB3gv>!?l>Pnmw8fIR6
zlz{ga^aHVie2Bh+s^|SkM)1bzv|A*TuAl0#YtyLhft=yc{JSkRNJU>S&j=gA0OFZQ
zD(Qt_YS!6HTX=`U&dqU8@MP_FOQ^H8(`dVGZ3{xSI0U6ia1OmAVQUED0sK+Z^mX-C
zk)5w|VGv!YoFgKB&R^uRpJ1O%+_bkYEkJuwNG9;WuCHw#AYX|-@FJ(90yX6gaK|(H
znj6l-pJ1K&)b4loYyMs{wrOj()oitI%A}5v`2m32_JCF4PK87~+plDA@7hM__NQad
z1v=MevTkojY<a~03=xaY&z2iOQL<;reF7f{RHA_QMnt5WLzvM6zRYzry{mtNA--3h
z#w}kK0stQA@_DNZbLGUp%!L(qthgmdDZk|bVpb@^OORw~9J8Viez=v`W1V)f{L+^o
z(34rsox>w#AZ+@1Sd{T(<l~K#&CB&++iq%ykBQ+J|El7Vm%9r%>a0rvQ*&VzA?~%A
zuCe#Q#fd|2@owBznA3{l?HDcgcDq1!SE%9K78|%(dEyE_od!MZeIGRLz6&99*YUSD
zzrw-&FurzX3#u)nAi6+ro#jd=*vdwbCxB0%Ejq6KtMYraW>`C(8_TljNhEJ>wFkfc
z%9~Y}s{YG_d-0F%ehR?z4E}p>EvW)z%)^)!!40yDW6<j<AbeIzjDi2O8Qu4zf9u<T
zanx?*Ms~PDURH_!A73;ClqYM70}pcguW@(19$@e3+S{(0Bvde27H>1t%3<h!7DI`&
zv9GNKfl;l{v{Bmrn)@K7(vw7*NK+(F*=Jr0p$afG{3SZHn3DQQxx~<vm}L)*<0-cA
z=xIe))Css7W247wir$r>h#z^NZm1H4sbS;yM@0Sl4DXX`Q^zPW3yJWTY!&rv&Tc?{
zqB?-0A^aCgVRIqdjLGyw2~2mkT-Aeysv8#?D{OgDQNV$$#YBIm@ll-Rl7K<lOM8ur
zGv7Pgx?Ac#HVB%94M#1*zahEKnG{UavU?epO+1jo#+kgX02f{|rditfP3!&@=HcGc
zig!@?tw1&LMgPz2l7M{uMXhz#{3eF>@Ien49TCy>TG+bp-?7x1Y_ZM_wuKv&DGmr%
z^Q#-qTJN|tW|LVwO$FJjL|G0nTZL0WM4n)NSx-U>NPgX2CU1lV+~z+OR@UEt?1*TG
zJaQ2BJ@NY#Itk$nYSBH`q<8#5+2Gm@TB8!NEm_q%NtoO_Q&=hED8lN8#vGi`dUA`I
z!R{U<T9W#v)%qK>7ng$Yg61VtgI65Drnt5(^lm3Z0_If=UO)2C?onb%U4!5-GbV82
zJ!_G+h@VfWgzekKU(1Fc^B7eseY`Adxoli*MGrV(+JSD65eaN*;2a%=9L4-B@v!TX
z{_rk9u<^Ox3Aj*6O7;WtfFDMHU?X9=NP=>-*qDv23gH!TBD@#G`A!(j1%<KY8L(S7
zK@YHDXG1pk%$DzX^{uxHNLtg?G<{3+-sT!x4sN)Rt~iz57Ca~KHssgczkXkJc65Ng
zO^$;XTeyFDkuV#{3=n+iG={Xgl+k^~l{D2ujPhcpuxwOsQ<thisc2zx;I0=Mte87#
znK80O9VVwbSvMXQJWS~f7@f7z)UjM4+;X&+leh!X=PTK3W8L(SzO(4BcE%O-Tw2Xj
zHAvSjukzd0-<6sASiVdpa!UgjRs;+40KJq5<2(%Dp6`12r!kk}|4zROTiME}Qdoz<
zQdWN~1%PHy7US^X$SqWwqDf2B`5xg%d#R_)neUDUxfH&HGx`F#fy_;#OylvamNktn
zD&o(Mcoo`;-Qxmt;G#Vyll|YCVr*^jM&)BV{O=5*DmMG=Tudaih&RPOh^j{E4W4m>
z1=tt1vIC7i+U~^VD+)FBijep@M5u{Fn<z&8$+u!BSYs<s4$OW#h2NA@YlxA2?~+4j
zA;sJ@FXFx4w?hfJZ&P#a2TCyS{_Ks6G9J^~f80~6Z})egWUOiH+l8c=_)ijo+{>p_
z+K1-WeS<0|kJ_er6sy570)4Jy-~8|dGoL)B@ui%{%LrwsL5;-`$T=A8Dc+*)l`_Ta
zT|a<ihVkR=Q@`qLnb67m;$C-T#bV6PdA7kMXyNYb;GTJS6Xy-ts~Vr_Si==1y#?Ok
zYy<<y2$z>*fLpe+)GEYDm8DM&!Gb-8E8dq>l=%7*oJ!b;fJssPk1nfE30}F?{nsY5
zWQA>RL^}KgJ;~@l9;tvx((s5tDe4%6?pW~m(MsZxH!?hr>+_-rghYb;AvP{uINNho
zZQK3e0WVvJrLDme3nTlbLzp#$?~UZt!eB#81>X3PbnAVS<k8i^gOH~W+<<CpD&2tb
z!vbf4x@J9Fw(Y_+U?kt~SIWD)ywcZ#$2b|foF)R$85Y<(ZfpMQO5$4)+L3ek+<;8O
z4(<K3D|D}?AB3GQ`!#C2=_hJpl`3(_YbJSDgNHX!$s5%Yq6g2;={A}T$f{LnT+vfn
zPxHM#qm`xeQHs!~P{0c+c6T~P-dFE3=rhlrEv+!dMW`o}gerTY&Rl3TFjOC%Yh6of
z$?044WovT3t=m&=?r$=5)>%asgP}fSC4N8uczygXlW#3?U)33w5I&)3i0arBb;atX
zn6%c6om^FH-&jwKj=Q(>#i|LmH(|ByB*(J0+CJ{5mV7E~iJ@>ER>wsyAGh{yL{=t$
zjz**ksE@BX*%%0MPn3kW&&_mVv#Nt`w1D~~raRw`7-%?tPGbHJzHLg{-@G%`%_$r(
z-*(5>O&Bmgg>y?JA%6^FZVz~s%3O38e*Aq!qa>$|vaXQ+$5L}<uiWd`TLG9yYI1!S
zzjt_T$k!c$#wkMRXTt-0*{p-pVk_go<rBXjFVm76*{-2nW3_}yGmA`6hHGC_$ES&u
z+k$m>*b+-%)^6GvPpSEx#i8bpowWhXk^S#Wk0;1pn`Xa+wJMaZZHk^52ZwNiBb}2x
zUq_)u4tK8X#@Ob=S{w4m25rhYyWYL{kt>TA=CI}+Nw46>FC-gg)Mf83`p#=B++wPQ
zqEkH|ZF_n5UDK*-Nguw3Lt}HN#jvd*+_rZ^UrJTMdIa-;7KQigg9z}!J)~N!+?ok?
zLMY?5?W)nj25M?Jiwau-@972NV>8L|l?#HAovpdssl?p0d@Z(rl69(#0R|T;L*3_n
z_0+F~Z(l@BF`_$!$IIu6`nJd^{f%U^t2k)JxY3JM<Oj-mVf}uF?Xi!gXumX<s}I>q
z0kY*V&6|Q9M#8e=kG->b;lx-7ENc7ZD-bbzHLHc~K?UOdXh0=`t#6UuK7!+<zH$`^
z!qFf&hDy9?fY33i6x(KhUi6}W6NN2D14>RGi%l6IUA!;z=u-{M@%6YK9juxZCy3S@
z24by(@9rM9ZCK18bbDpN3IqCxd);P`vNzOC*!uw&#p|!?&Dh3#jG=qG=zsI#O6^-W
z&TBV>-l|K<bf?T#4?}jIwSJHnWA#1QC|6j?0x#=?=hBE>+kJN2U4TK;a}su-ijSR+
zSSiV*u|vl_j)z><dPkQxioRoo*>GLJiur5CT4|1=0qvUVAO6Kjie5$#Edd@&P5lo5
z(|<3w)dsH@*RmCn)N?#`JbU^??8BdwE#DmmVZPnwooE}obb6`Ol}GdK7x(c0#HEG}
zPe^n#==&!)gE0Tz_}~_*DDS!0z22?#&HmXz5OooQiF*B3e5<n|Ps3eqnrP6ZUkkBb
zYo_Dh)U|S%*Z@2*X>AHqPjl)NsKpEiWM!{og@1ql5>w0DbPRYfhmX`UX~7~PR~$sM
z7E9X_#4o~6d~`n%mgUY=wAea!4y1jz*x%$uAYo7i9m|$dLb~$)KVremZ2HO6J1*4m
zU^I2+T;jwKGLgT@eCl*W8(B_8JDx$cTUb@xckI?oFmOjq?DNDTB;aEA3Q7|#9{oeJ
zPBQvah9Rs)JB(eR_0H%>^pYw_FNS$02Wh^^z-0UlosjLRY1NFgfc_yK097jaOKp^A
zw3#{?M5X6zUO|T*_Rw;4%|^FLf7?~Lwh}|9HJ&6e?SGC>g40JI)J8K=G-td(nB|vb
zp9oWoY`&4bJjS;6D=}rST@Q2@Al9qW<y$e|s>2NjqBGdUp}`6e;ek)-#Izq+SPj|U
zT{b`vBGozrFKKdJUsOK)ssEyIF$&wyNj@@_sZQMDMMUpTLjlcga=tmc*TP8&Rk^b(
zs@d`vI<VP$3&)7K$8}O?b+J*Gi9bVjUf@qhk_VsT)qzdX<HRz8h33Bt(B_{^Cxuc@
z^tb#%&hS)ZCJATl<4-9ju)f*xD7PAU?Bj*kl^?2M>cNBFA5T_=i8Sej?@3(1Rze}1
zr6ABEsyA*?frbczbBYUhWfOpRp^=C`j!+mc<L9F9+`(u<H}rhBL<uU*H2364lvoyT
z?yBX4>P<i%B2#!qs|Ls5qs+49WrnFN>7~KI_5viJdhJ|K^TlqTUKSmr!=(AxpZSFr
zwT^I}vowFQMzKY+cw=wr8C#+ROmya*x;1|)rT-m{=MVnht)qS`KqT`#Bk2@v`E9-s
zmu84|Xa5AD4h3x+Ao7^$MCmZ*GA%3s9>#qNv3bbM*M=@jKDGfoR5AP6gK8aQ57Dk+
z@$`{Wu{J~L&BwVB&8b_CjbQ49uh%{zK`dO+prxJAa7s)e)N1F9v_S{XakK`?>GBGG
ztB5~U>&)pv^|vbL3zSZRMm?K}&Z*q8#fqgE&QS5lV9p@=t$GVlwzgNWU=pyt@bH0B
zv{f;!h*Yor)yKEDWLhUiV7Zy2$gZ74pI<rpWo3Ke?w#vX2-&tU&NW>{bW)ghi#;35
zGkM6-HMT{fXVjV0o1${ZTcW$BIi=IwQIk^6D*tIzvDH#K4k;)*(|O_QKd#M~P4G0w
zHwXz74?6yIDe5;zRI`ipN?$ZE#B*0&QCZNw{8emy=Z_rYp#werAI}&l`hRP3eB`Qd
zoNYY{INQMb5@&`zXmqZ3b)sndy;-WKKkW0Mc-JYN0c`Rcr?{`|)VnJ`WTQT9Ez6=T
zY!0lXx*B;-$bJ*}gBgZ;fC599!<v*L89~(&){IV~tbzX0X8#h2nPme;J;kK<LO#yF
zRfMw`d1z<`2v+xMMuqZCyMNx<#*c2W>EDOrxZQE3JK|wTj(8UA0;ecuaabD2Op-)K
zzg$YShIdi(%7NSyI_~Tn2XFu4P=37!S;!Re#K^5XOi%Vw<MbrOm)S!AZ{bpbEipnw
z4C>ZomIC1&^q3mx4wqFA>)QwX-OBE|`Eh!;PlW7l$(ovb%IP+>b%A+M*A2wsLCR1D
z)oC-q;WG?o<I>S|^tK9V;L_M&5xV@%lc66$C+!8jf*$m#+$7Q0_*d8`E)-T0MHBGa
zVbiKFBJ}v8<~UM}N;Zy0h1f_2QuH6Xo017Z^l9OG6fcQR?A2y(S8!uq@wd$|7s}!f
zj!xZ-7GEow{;ms|{8#+>f}x#|@`V$@OFQXGa9-F@9ky=jm-*G13*4N~)qxEiTn|o#
zd|B8+ilr9z<2V|Na5OhE?y=@0Mp)-*b*C<LGb&hAu!d1B;d%eZIeZ~~85Og<a<R8Q
zAK2QZEftBu5`;7nd*4;Bc}4KXX^uM$_?=i<79-xff?r0kA2@_xSXhG4ER?%4$*ir=
zPL~g+b#YBHo`mJ_-6ZyyPDW6Vkuyp;>RGewIc&@2i%{w2Ua4C{RB<Iu^nou=VYR$P
zYqCR+&ti_DNek;;ocFJAG7Ep^r=JY2i%&@oi>{jAIU1_LU&nJd)L@GlE8T}BD*fa!
z3Z+mL+D_Hlx!yac;$5|1AADr-eOofF(5eKDM=Og4j7^&9gaj|<XukA!BrL;e)Vtmo
zfy$0H>i;HGk&U=dDJfQT$T@Qi(YBV6^_8j#W#*f6^NUNUsT1>~-J_%;ez<R^i~J;a
zwG#9v&BpFz{12(t!%7^SW$lS7t)f3XXJe>hd|)eH<)#kcxY;^2OMQ_}5m>r=R1iD8
z)-{6ZlJ*Vy9#bo(ihtjZ&lM}k)2D8VoLRRIw*B=$$=N7^(vp0B39-22nSnq?EAZdc
z>2LP|xbajls$Vuc*G*9QuZOZU`QFZCJ`<8nUv7@cdi2*QnJo#axZh$=HiB*Kln6f&
zZ#sa%d#b#pS$I-_rbMqbs(+?t635Wenzy8M?Z1RYoZbFZ?pI7ky!&pAF8#POJ;$<W
ztuPGQ?S&-``94iKHG4PY!bb{d8Xbs(SLM?wXBKUB9G4mLpJvZoc(rxyA+XzaJ<yun
zcx|fT{MKe(L-`22N66ncGFq$^7r6RHf6A9}8f)ap+i>=7)h5#H1;eMd&b{YG)RC+r
zS$&{@1m!<qOBr+o9Q?i47OaQ7=>7=(bm0J4T=D}uc^FkXhEDy=4nM)VQ*ENYv~S~U
zQ+X2-1{`;OIjolPY`FKgU_}i5aLZR3gn`xzKmNG8jOTnFI2%5gIAPQ;x0b^u>%T7~
z(tJvE**{o;<d)X0sz%Op_F+@+;l&&6EwbkCfmN@fq7_avcdSs+ttV@06#n!+G(yd=
zf5xl`67kY_Z2YQ1?%EbG%>_M210|j8zIMLjvU6>LY+O{|Ka-;^MyM||N}~BnD5UIS
zJoV5v<jG%O<7hqnE7gBjn@BCUqb$}l$V?YDXwB^E`wuLFUf_=Y@Hx=TjbK5=Ody3I
zcGP)hZy%v9&ce5P>@RoYTdmYO%Xjq8Ea4L`Yy@0JY2*bbACO2OSkiNUZA(uUw4SUm
zUxQlRy3b5(=(r18XUR9Tt+JBlH67^3XRKGdsMhAN=3exhRBPEgNFa0PnB_pl8;S|K
z{pbnJa|qFXmPVN!Y>N=~c)}qc{0w8BZ8SHZ3q~d2t_Dx@FkLbeGDH<R49h~ol(k{5
z-1$LpG^=)pOvsXc!)%eH@+;wP`!LB%I{C)TloWd{@R=_$<v5;6XZsSpew%I6O#<I^
zWu6bjh23w?9E`Zpj7~R%3DxwfZ$`*D{D{E8uN!4df;=<CVt1K4M#u4X>BZ5IB%byP
z2>(yuElA^}>2#6+0IPlfCEKI_HsBLpo1>ifP1Egff=F~YUl~WxWo-!JFt$9HB@zoR
zF}!;2ohSGx=DP~U&6Ui+(1)gL?qiOhG>83%W6%KA=1POk#;I}b-}~xUX>+m+6Y`%p
z3$gDxi-q^L)Uhcrq3f`2{qUR9jK!E@xtfrLi=ITZypv($%M-hA#|gs3vtDj#-{z(8
z`aF}{`A2%)8Ok(zaf9DRM{X-WWICPno<~9+?b}LwCDT^W9r$njbyoz3TBiVgc|gOK
zckl82*BMw;@V3vsj%|aLP~yU6PiTyCk`X_hr>rd+iu0tmjdIbmc2K-D@ymk~F?FsP
zUWC=}mv||*yPq^UaTQ|nDJDHJ(f_s*rk91T%+<QR;^hH97;L6$xYf98h6CM$9_aFi
z20c<Jg^ROPC+LOU9WloXrl74^6|cOZF-;)f+L~oAar}wqRO-GnnrVzM9w-ZRj2np7
z1fH<U+Bax3*5|u5<d;$bT|1wjPbsO)FOGJ-O0#e73b^E4Kvo?0lyZz){+*C&t;xsD
zV5<(^7~};3vwOO7=Q}s}S7J`+c9OLD8)P|6b<_*|na3N#;P}aa?oYH254_)@KYkGY
zC|LQjCe$-?*?sn}Wa%IOF~e~Q0<?}@K+6o;CHxZjh87s?KL_lS%bm48AYRKqqvd>d
zcC>vkmur7#8B>GuD9zaXw-In<MbJrmc7GziZEoj@OIrh9x=3NG@H+#6mZ3-M(>&K$
z|D%k+(<lsdOyeE8mmQz;WCYO7^94fuM>C#iG6Vk#JRKbT%T^t}#=JY3QL^4lQp-b+
ze-_wMvf1LD$$vG^&6KZ<4pA3|OG9b3*&<HJPTWw%9l688wNc>vO|3xL*y00Wx&Prd
z)YXeGD1@P{Kc7%3deNF3G$CB||1up4z8Yqj@=OQEEsoh}fQ4@b@b0pubsIaXX-0!@
z_J;fKZ7H(Bsa&%!zcu54#>MR9x0dK__g;<6^9~Z^+*xFmxR7jNlxvik=vjcPl?&h^
z<u4t7|9vQ3M;MeQ6}B_|P-ddCSiInu<H|{QuJh`8>r7V0SAbd$G}0}u??FrcBRVJR
z>2~SMIC>jgAZK>)!ZVuJ`X7BJ)!~Wa!I$h^?TIC=Y~Zq`rO6v61Z{WWNV_Mw7Yt)`
zt93Fj|B~+K4T6LJx!~19cr!J2<<v8t;qX6_$|X?1YyST^ZOjIspSDhQTxm`IuUT8X
z7Z`|UP5;zfOB*mcyJZte%Jg8O#pejTNE9?-^PibhrzD;(oxJq7ZHEL4kY1-M5OJ}Z
zAINf!Ue*&AUmPx}Dw214i(=uv$R3$+ebfJnm&<>+j%UlvPJB7!aRY@r+B8E~24COR
zi-QTC;yGybq?pirJcAnZWo(G&Mevfyv%-dnlcIl@JL|nSawMe#;96~RBQ0G)phLF<
zwA{aQ!lZfDg{L9U_Q*T2_P6MWmp?{ELm#Cszp0c_Sf6N>{y2kfV#NIT9Frdc%8g_{
ziMq@y4s~G@pf!>%J0R{sS+kG4`}$~`&UPhGC-f77hsn!RIyrOH`Mlu2uS`q{H0M1_
za=*oUN*$!J%T7#@!%@_6-aq^>R|mI$Mm$CB{XO~&r_BX&&LRp2wYv=AR=hu<<xWO>
z_z(jBR=wZnA6<Y;gKdoy62lX)0$Gp;61}MC2%k6`W`K7yr*GKiH_Dy{31;xJK(cv#
zwllWF_vf#f^*wkGdz)lB5ej{?mv>#UBJfC44e|^ji#8<odgpNj@7hf}J^sJ%&Lqb_
k4(1(3{)^4^>Iw&>U|XG+6&d)EcN1{U)aFX{Ww*Hh1rN8_g#Z8m

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/sqlplus_2.png b/priv/.BUILD_images/sqlplus_2.png
new file mode 100644
index 0000000000000000000000000000000000000000..ebb4abb92b17e982dabb63f07b6c13408752edc7
GIT binary patch
literal 21840
zcmeIaXH-*N+btaXZ38<B0tzUKU{Fe=MnnY!1VMU<h=6pYw<I=1EFd7g1e7Auq(dk{
zQK_MY9v~tl5F#~%kbZXbexCPz&Nseyd_TT%ew=atV5|Wod#}CrTJxH7Ue{Vt#y55L
z?h@Vw0)h7G>0UJffi~knpiN)@+7A4M)sq(kG@JZPbgqC(x{s5AU$(kv8ESz*Wih+i
z4%>j=clzjB`GG(JE&QKNt==E*fk3AF^{#5&4z^#IXml587jIoDz1MzLN>`{ZapxxO
zu49i+E^fm}7&apx)^8DVDN$L5-O-&r?K8*_l+V$7kTw6pui3D9yY{7`u^U2fURai|
zrHy7xWZ1cipMtg_FqftJ@1rb+Ty!cFav_+8V?0*R(q^C|Cs5@KA)vi{^QkM)WS#h;
znE9s6-x``bfsSnoIb|O9W&!S(;J{IZtP<-&V?x3imz1|zM=$8dyR#;UnKf8kgi<SK
z2PpVrk-TS<ZhzAU&gvt7!>DQdFRc^vi`VEoNoPHI=b2m-oTKC0bm1*?MZuNhBkmof
zpSP#xbq^GDNBCe~fN@jeBFl-Vugbo*kO(U=<CN1fV$-i}35b*4SH04kkTYsN>m8=&
zMoNf0<-}2SBp1Z|dYKraIhE~A&~D{!0nN-tlDP%C947-gi?B0E`A$~QJu>AYk!Du0
zvEe;ToL8X?#a&ya{b2KZ{}V9<Doe<Qz)T7<KfxXC+>S!r_#~KMLm^|SzjSkI#Jez!
zkc&$`xmakX4Mm)p68`h2<7(2Axt@8w&Yp5)TrL<&-Y~d{g7cgwczVAUqSMY-@~Wi?
z2QkRTX-J%3DVtH{uj=KRNb4y_==plX#u!j17H+il(g>o)^##o~ZQXivBfJ9MB;5n!
zEO$@kaAp&7QAp=wrt5N`A1fEhwX)#At0mR>TcvV&C}#hdtp0?0P>QRj3$NevxMqCu
zld^Q;#sL~Rt6C#*u+$41TuU0y#mwE*lxt5s&$He?D!$R#2di|sJ6J@yBfe9CK-fkN
zbeqH`-Sr$UE`wR%ZJ?jrmWp4#tYq|j<UQEObh-?+w^4d)m58cD_UFh!85?tN_H&6X
zDuNdm39>BcYe-D-6SB~&KF+YJK#y7{w{cAD2G)Z&^r(%PZIkK5i680_3>DEP7wjHU
z0C!mlNrlva(Og$N>f7LY)f#U(58O_CW`%LK5>9g@b48yLxCBT)zCgFa)xPacVoy*|
z57)`l${aG`IF-?&#{ze*Yyqj;acdq4pqaaG@0c&BI`5ua$6h0cUr>Qn;+}-1m+V@g
zJ#kx2T5`Tt-GI8EcIq5EW`=c3&z$}kjQMVVZC(eGEq^z%<$Jw4>@As!dO5;yvPJyj
zwx4kbI}l^!A~k_4S1f*s8uPkleshq$YJYp;MLS0*(UVtl9L&PQaF|uwSF<MC<Omhf
z6O?($`o)MkaWmIsx|F^RuX3TsnK*)Oc9Uy=fqp)()><Qlg?99_6fd&0w^587t=ehF
zOm`uh219K>(5Oikao<^SYfVIk)9Kx*QJ`kiLtJI|5G9D2mC6f6h37lB(=2fAUk((b
ztHv$F%elwr5y!qOYp*=rjI^@n$xnTEbyp4C+`v0nY}z>sAEnTrhUvA@6oL{NJ-Rz&
zYRm~;gr<>pG`p4)uk~}4<{KB?L(~mDi1GLkFnSwjmzqy+A4R&sf3ANMJx;Jms0Q8(
zR8ZA6Ovs4&^M*`+C33Xw-SVuBVU08I1?d^%3bGyqdj7mX*aUVPeWWX#p;G0MFS9Sj
zB&lR?$37p)bW{<<D<>N%&|~!khr=4a@Np}<k$w8F#g^Uij%2p#p)%wbEL9<Bo;}-A
znthvU*Jv!HW}nr#L=-7&)q$xSrbA`s(m%ebaLd$`zll5DBf3DaF}=gl#zTeBR>}AQ
zZOF<SI*~Cr={%unr}g8hXHEMKjcgEzbW-_(s;4j{DJL8ADjnsa<Lexezc_ihM438x
zo*ejEnsv&mNAyZpPdTe)#Cd!BIM}yzFGWi9*RS1AV$+QZQihbQJ{t{IS2FUW2GYsa
zt6x(e1R=LN+ac`xi229G^Rd5lRfqOEE;1au!IB6by1!%h%Mw^vR=25|LAMKUa*UaO
z!-_Ys(9@&R6sz2aCP#S9hOZYKa$8lXubh4lW-pK~%-_mt^kc42y?oQBPP>DeznpDk
z5V0Es3?d%f-Sh59J^Y<E{dQK<32a4_@9g%<wxkq}m>oC!c#4ZA+8ob~8-{ENsnWkW
zT65z|Qcl>x@!Vb5rVO`bZZ9+G9xYf8Eq--Kn<A1DsR18j<K{pM;#+9ncvZ3)utuU$
z3jOPfo;`xe)r)gtw6{vr*bk%@U~<Lk-EV2bzsL)m(&2@e*z~8}!#NyEA~|h|t=wYT
zL$9Uvd_tsFL`%BftW4;>2=8Z}E5M_qoF+A?nsCV<SFOsepoBg@+*FdwDAIZcZd%<}
zw}16aKjJuO`9qxp6Ggz{{3{|Zf{c<xu4@a427RtG?ltWE1^YVwQZ2=AE<n4UOOvBu
zvq2B9C8_Nn4lMKvv&vt{4(-jCdAKKi@$k#>;7jM=TZ$N^J@sT?d(ZWNI~GX6o&BKY
zwV9HX?GM!-pFV<~SmkWRwmXY4pMBd__vjF4IctC3CJ^Z1<NF(XfarDTYBE0n?+U%>
zU|o~4=AHU#k1{{V9a_oyQn~n^_EPCnt9r<Lx~J$@!6OgSI+1@ZhOv&od3nV=M<@~m
zYL-e30X`1eX4M#CAik|jq+K5pe<}WBk-q$ZPw-Q<8t0oaTw;0s=hf}*A6|Hbz5lVz
z&eSl_#>qhRnw&j*bxU`-#FOrOc8L4j*!}GCU#NTWEQ0to&#|n72TQ*hL8<HHKDK6(
z6YcI?7m_%l7Cnj<>a1qZF=rR9%Q^5uB;NZ!i!oxa;)b9UE-mRK?mBWS2=uZ|5O?#9
zi9;`EH3+j-za-fbKxzIFQKXxUBW5IZB7z@~f~F$2gFjr|>@PJi@2Xn5y0!Q6>gpC;
zB1O*{5zI5tG{Qq&<A%<y2U{)~Wlov}vkd+koLc+lLSx2iM#~uUQoR-HH;Ansg#6sD
zY=r<;hUd}Nr#z2NqcNnlwTgo<=wWNCR7}|#_^SD2h*pl&Yx*fN{N+IPXjK9>ZXiR*
z4sBR2`catMu=!l8)|-OH+mEKN$PL3)D`Y#tUQ&dBhvU0Rqa%g7oVn|0Qk|p&@7{q7
zRO!C~(_MDL$dM9!tPGdm{t51eUuz4XS<KfieBh-`kFdONy!Noqi1jz>?616X-?K*I
zT)rDalzQdJPCS959>>%QU`AjY5>YoqTh|p__vdT^1uGha%IJ9-&fM50kR&pc{^OpF
z>5>9(FusZFFu0mB<<AjQC_>?uzIvV~919JW1wO-uJnMFct9hJSKpkS<y+gSp>oUoH
zuMu6D_}C}E1$NJpG(e8OH_?QD7a2Awt8-p+plSSeCq~i8RLUC@R%SUY<b&&SV1PhB
zTz6S`itRN>MkjVwxqaywy!9IpReZv_e8gH~t#LL1ot;5$DFL|c3f{a}4Oy4$E!hyl
z;O+p~D~~<_QGeiCH$mnH2QInVq<*VDMIHWFZLG<%P^K;O<7M|u^gtlc*1Kgozp3Vw
zRn7TXYl1+*p$0z(pj3)TNzsXf-u1vZ0kJ?VLAQJNz#dBKa@JXGv6{wkNSnPF3FUIZ
zOCjyd#M+hh9lm_nij#L`uF)IeWu4xMxn(MG(SyadLEa}U()9b!93s8Pd#B1R2<Ah!
zwAZpLsR|tSpl2TK+kDm?zvCd#a&Pii+r&K1!8&@|`0Xs&(wI))ss%%}w_^`Z1*J`m
zd6}6zossr~H3{8CpdmX$m6l@}(sGyw_ubSQ%XJwZk7-n~Zmf6TZei)Q*SR%$S29D|
z6FiwLyru<vHNfWQ#{v42M*(>g>cU_+OFH$@2c2GN|7v1>2FjHfs)ANY@LL%Rv<KGf
z?(PNbbSWWkP5nX~b#_baefr&69aTjVMQe-TOPqci;;c&zu)Kd{`xY*)?X~Pi%61#N
zRvv@vGR1e?tZ`d^9cj6bwB72lA_x@olF(CW<LFGt%JtT*e=pMe=FBDKkR2BRlxg-X
zzkV55kDxa?GXfAkPFVeoK7ZlbKKpA8qxI(Wj{&zK2OB$}>s{!a`rspQjySp%f$-si
zK%as?q+AyW^@(@s?@&($v_tc>GmSJQ@Rx7M{E=Yut}HopShYey2YL_t{M!7E&eb8|
zA?x9y4AB&6nfx6SwINSl-@aD8!<X1_#J>?TDu*gF#X^cg!cKU)AAJzU@h#<%X8sC(
zfKLkG;7BNs)s5iR@A2xqN^*RsHvST=_G*3)f{nX}#{e8w!jpGq=d4BlZ>V8RgSA&P
z)qtK?Z#azYyes2@hD|Oe1=8V{Ua7)1>~(QZj4j`vo?q?mbb^LoqEaL8tv|jlbs1Us
z^vmPSJgUrb9|gb1-ItWJa*L6{ENPUqH*DE@oSBb>Vk<dL`f13qHCJLLdFiDJZ0*gY
zN;EQcgOgUx_Aj8s2P2$p5Nu|Bf5%QhL8+^sR(X|+JXyZlz5Bo^*9NfOl1)x^SIL4$
zV$Nd2+{cCOTBhzB)Lli#cWC9Tn{0cwyULbM?n0w<OrRfb?(J_Hp^3NCB@eHyKMwHv
zWtM~Rm$aj*cdmcaM<Gv_E%jXDRT7DI;{T$4`z-OrZ5;)vu-1mG@v)VjTK4UocvLU~
z>&_^+@4N-ntnJuuq37l<VId=5`@Nr|n8++Vas1NI0ILg0%PB=#R{1;E&Q#MsAp|h+
z#c!AGc2r6|pe*gl&`j*y>(2QNDd0WWa<~-<btRI)C+#7)C9BRJdEQrYLgnh!&`V6L
z@7&K0m3-yFRWKHZSBxY|dt*|K`WXQPydVg)XjmIcyMO1)NR@4g*+GO?w6Ol{aCY10
z@=AodpLlDCo7e1nI^k_#zSX6w0rbwtRzbWeJK3&UcmcKN`VLKRG=M8b4b4dpxMesI
zS7MpD*&B7UNB!yn1t&s2ZYF*V2~8tavMU#2G%!FY+yrWFybxs!IoJy^2svq>;alkx
z@Z^b|A0&>tSqX<e-9UG}{UaZVlXXH`7NtBM+Y1i-?i+HnrhBv+jNnhYr25834b+&M
z;tA$reX{zFeo~@^HZ{NbSyE2y^xcz&zqlE!)%SRmF9M+AV~h+0m!gbg-VHKdR^I^v
zQAvb{bK~-d7j8Ar8=k=LwYE<_*FL`z=MQ~eq_&_oA(GETS~g0~(UE6#ymBr=EJHLT
z3>K6m?EOXFHHJtLmXBCfJA<JQSn7Hd)J5J^(>!dijgCC926n%7&!$-j9hI4>(+D_Y
znr8&%x=K)DLm008)r16p{w(Zgy1Nopb9nxt9w~FKz(OD24Kd)+Y(BW`P7)D#3ikZ*
z*=Gy<Zz!p*9kgd|mzjkgnaxuk3*RjGxNcM8iM^oambl(7Z9;G2(smU9A%2`K`xj<x
zES~0LM#{f2<C&MjqJZT=QBHSW{drSjaoT3MgL}nI)RV=~#q){NJ~fmE&&->#o;-lU
z$R_SMoEIRDh7~;mFUCQb6GK|jpKp+UY1Y8%u|()oP8ea4wb3o($q|CHK%g^^Q^~eB
z`aPiW<|U7=dsN&6rqaX6uk%>Ri_Fxi*Oht5JSaeGI-8fSfYmpr+bHDfxcHH$+8en(
z6CrfoZ*KE-o86LOV5f`0u}xm8-rNV0zfOS(q@vEZu?Ms%NA19kMLkYdjYm~k-oz1`
zn_bG+^Lo&nY>t}K)5c}4#l`5&miHN^F-zqGn!&TiO`O70-h>&(u~(au7dF0^V)hFY
zFA~|^wcb@8EC?EIIt0Ge&%JP<28>|1QcyJZO47+ux+n-Fn87m~o-l>^y3cnmwJOjo
z69*0HokQG<iwlKdtdV|sE`eGlQ4W1`vsDfU`#>O&T_;+Z-MZZpo`I#+ktVG9L~qgO
zwqj`5FZ+WJX`(?Xlj?cfO02%hL0=9y@6yqh?xJ}5B)z9kSu&Hn9`vtSRTFml&fooh
z&ITsZ5jD7e$$C<?yJ@Lh7K&d90N+oiA5WU`bv$8bnt0li1;mdb23hlp)~z}dE$f((
zg3k15mis3}0cB|`wrtmr&taz@`+s4c(j#EJ+I}?&c2o;|KgfdU&2#m}n`Vgl#mGeJ
z4uD*BgyRc(gZQw=T0N&X4c7}LNK_dHdfHY<1<YPc;$Er3G>H6RSB4G?xl9R+ac2N(
zGRnrTX$)dm#i3caHL1<>oK+fmc>^Ov<+vrCQ&tnZ*IgY;C1~$O4w_4M&dT9esy5rY
z>zS{GIGwMK%k@O<hl@FYG1WG)38pke1-p{Agb*t@VVUtkFUZLj^G;QgoSB&G8bP09
zy2O3bjKV`oiTUqR4g&tf1#*^Dl~U|ES_DN{pN<>Z`>a}trb&fqkSXFrJ#)^rj+oZ%
zl-YY-ZO6voe0s&5II3Ez;xH(}guCrakH@Pwx#IKZ<bMq$h7v=<w(8j;tBwa;uo@P!
z#ND&Rq|8mRA)VPTO=khCs66&`2rtKja6C~Ekj;lnGS!5WKmAZ<d_t0LDkpZAYVT)B
zPaenadGm#F_;SrAW!4bVpjvNzZPr9`v5q*M_JHMoXU!hgXgup?k|khw=bjC31h#+I
zFP<#`h8kv%hWKC@_HhU~sE$41$@}U>NdJAOdj}%8$7~2b_qIjYE{M{EO6{mhd>l;r
zgM(S*2xfnc`%r+~%;uq2t=@o6|MhAb9}Ma2A33hqN=Ymd9hXYgVXsof348!7BAstH
zsrG)1-*Z-v?sKLw;}mau`wR_&O<j+?fR$P;A^4ZEAffC-E<DeVH1MIJ_bh2A*2VMC
z1!@YHG3Z%A`xd%hy#~Zc|I-(ea$R{>e`#Fgy|qsqZgr{~Th9}{u~2(}F?z|)vqq-y
z;@kM~PWsrV)KuE*SVauUs)>GzhufPy8O|o=C*-#)!~54E0*0RNEsn^5^{7U0?GML}
zUZdYN$s%1sFh--jjlH~vc2C@yZ4#^DwBv;gmNe2u93+LpS2~SgyeQ`b^A7Zs^ajM}
z*Cp6QVy#TT(ndk+=(S8Sa6jE>bsYfHu~`KUm14i9Dzvn73mYImy5l7)T&7`@$GEQK
zK*ES_H>$o-as=YFNiaqrKDK24%89y(xdh)p)(!weiRN}>kvHi)%Le8A%9O40=lr&u
z(GmtNkJLJ#%?{_oCXKzf^`*Lj&U~no^3Gsg_^TgSMBjur?FRt%ve=YbEgxy`UH_v7
zB@CcDy@p+9cTU8T?T@h6S5@l6w*aL1quA}_#l;BLx}9Q8BezBc>Alua{AA{{vGdAE
z%+fn=aS*62CiRaiS_lyg`th>Uw5GY@?sm^UENJb6FXg}<GdrkdVokl4VO~j!n%YI9
z+cyQ7@wDxO0Dub4bc7U373NVif=)!9RSH#GKNEPYaz}slv#9D}FrDdrGa4jR1GgH6
zdU7A^!XoFnu*9()OGkIG2qamGjng~=GeL{VM6NSkE`)GHXG_3SY+Y-_7}G^VlY3FB
zXYLsgT~1P4Di6M8pG=+ra~4@XM*}uL5qh_FVvjj&0Np_K9Tfz3v)L!38nX`U?2YZs
z%O^MN+A-dho~4*6ysxT~Cg{zZq0TJqwtoruSqzt0MV<$Xuq(Nn8yD5Ax=?$+rk;CY
zHcjjRehj1ca|oXljJOAcN$&99WKHvQ2td}d9}lU4pTEsnX_9L6jvZ63S1z}TLsQ@B
z*VI+HZ~7ax{<|hzoQ)k2{Al{55**0US>@<%<22sM5D7b6AU>fxtlm=&U+JHP76Lu_
zSl|hmYnqFqRP{c&Qsm!$-9GC-qz#!zQ#ddry~0i&UNr^$VZ>><-vs`dp3bR);wamK
z<|#flS<aVAD0#Tg!%3LX{$Xg5wWfmYCxYZtnjdq)54?R|HA_0m2I(@l_Tb*uwrpyu
zxU$P=lPncA=()(l+aop7InFBn4@l|pX>QyklIt$`g|YzoL<Mio6^*!@ba6jRzWz%6
zGMJ>Z<zQk7(YH8t*)L$gQWYa`O<-K?WP0n$J?xw(g#*c*a658SuFC82-JuC&u+VM=
zFW5ZWC7_eVs~$$0Z5uT`d>?C?w5vQ{rne+D|5&g_+#JmsKrP>#mzWW%<IPTh9~s5y
z*)m<i;VlV=-}+WY1U!kfqy8pm@Bal#k*<m5P}z}RS%8xKPi|(&W>c4Vd?*T(Io7fa
z3}}VyYiz84kry$YhPREop8aVtQ}EGSs^s)4uDfTAYEhFiBvkmMPH71cKlDy1Qn}&+
zs;yCn^jWQAm02rmfuF3@E)cblfTraaE|@!+J@btVW0)dH7BT8@t}*~Gc}nn4Y!7@=
zCAXd0a~i=N9Ri<;nN**PXh1C*rcQzn1yys=au3YrS)ZFP^rflAZ=(P}leVLH_m>%}
zB>qn~YGxGkeb3t;+};ax<7LZlrFTWcruMooH~hqb1^Ydh9d3e8vU1ZWxSIfy(@~7Z
zLGGyV$}T}N`kW6X@AiAbhYkQ9mR!b)FI1#mn-l3K1v~-tD`<JcQt|}fAZn8|N&?6R
zz_b391zCH47yaCQLTW7lFqR&MgzyzzQmOY`q;uae(maN<p+TG84Fa9MrNH?x_gN=X
z?;Q1xG;o3Bh{3c-F9{#Hq<pVOF5mWyy{qrWy(bm(sa7fCldN~p6Nj__?8Inn$UEQA
zUQ~(N5?9<TcHxn&O6lK(>(|KpHK$%NUA*vhygg=|f>BY~Y(Kv4WCyI#)_(XQogITw
z4M(galQ~Cf!d=F^6QW$#SZbwTSoc#s@ZuVnUsTDL?Npo^1irHs>iU~bZ7@6EsK1A7
z2Fy27q^tCOhPFX{b{0$X`1Op-QxTueI+XCi0>TH2l*SVW0k8liDK!`pw-!9`AdI+D
z#3#A!vp^hZI8wuPr5YXaQ(t>C8r!SviE)eS9A+(QhupPiY7huc;+sq{Nanf=jCbh)
zo~W<R9ZeL+a7!wEzW~}An7yYR$*|`|4b;as^n{o6`&mZ{URSuArkyHK1EbyQwR#8s
z_K<q{9@5Mo59$94UZA>;#~4XgV1A3V1Zes8>bJzwL=HS#I}d+;L_?bNP9bj5)hgBe
zui^#sd&Jvv7)Sdy2?yjUF<yuq^f1-~Sj27y=)X;)0{~;;!-mg)gN@4yw!Zi<OK1&2
z6S6TFaM|cU4Y#|O>{vJcX$a{!*Dyr?G9-&na^jvHUv_y0hfFPB`z|~^K&0&6?J_xE
zi!|l&ND=EQd!<Vw3kiER*Xv`$Oyzj}>W0~1XMh#@l8SkmjXcw69-rrc<p0)vLw|H%
z_y3#jEB>SVUi^36cO_yrBR1T-kT>sBTk*EB@xc(W@XaLBELP~9yN6jXp#K!8%u~He
zgvp49JzY>8%i%|3HcNm|EP1v$;L8dMw+bw@cLovzK$P2SW!~E{kU0GQNtB(!rN3pM
z`u&bKk*?dzpj{&#5;t}Xmf4DZFZQcmcnRZ2k@sndb1*?Psx|wx2)RFTX{a9oZP<Sc
zKN4&aSHk4o^YkhoS@_?~ruoNN#+E@bK_`eCE__*-gh0&mWuZSH3;7P{cd2qd`1CgF
z<dDGjR`%kBSv7wfO&0rbZuMqX3EAm0_T0D5p!wK*qaWY13l=K#1QSu7thga)2=`c(
zOt*UX`FAG=c0Yhlq{%kIj$Q=ABFI%`wxS8+d6LDa3dCRM2)P}JKaXJjah^&!PCDL`
z21h(lbRRFV%JUm>F-X4mge1@APsT7|)ZGAZ1h0)xs&kp1<rF157LyN0h&`8O^ON3i
zOuD^zfW!07w{YEG#P+vLR2qA`IVD--HsEQ4)a4LRoY(8r3E3-zPl>aCw4&?3wPNP^
zlYBI?{0s0zK$o@r1aNt~D~1doHN68~&BJfL`AWEn#&9?kpfMo9(e#!|vE$Pzl@|rS
z1OEoemKY}wDYZ`i^&mS>I8V^7-h349E$>mjXx)QSzIZX+A}~;@zv6m!+Hoxb{!NY}
zhJ#g)qx8(Iou8BD{G^S;-b=lp@pPdBH<5z`na}=5G<v!VokHquE|vnH2fgf+nv4yH
z%Cyhh?|b+sZf_{{^xMYKw#0VAcKC8B#xq$R56=T14elRb`?W`uZ-?O6SD?y($I6MO
z3h3}Ts!T9U@7hp-9pKnEADn$gcGjEkUY_d7p|v2Mraf4L3e5Nx|4!LvH!1*^%DjXt
zdH*M<CGUHK-=Z=KZf81J2?GgU72&oJ{9C8nNVB-f{QYoaU{rqGS{BiR2=J};eTvjx
z!P0fBZRGWJUGwO|ejocYos{WvTTh<iqp>|h@A6be#b18N5>1`-NsHP;lu`w(LeQN}
zjK<%&fHvv5CjKyAKL4-K03aF2cpqSj13LS;{9d2|@(xX4bp7X{y>Kt!v$FCKgCMV&
zPU<874C&0+bSNe<S}A?Qba;Yw7N!}E<v)&kz<>e&vfGG%;Xa><oRm~euPv#gbxIl@
zWr~+(Sle+*>6znI4QSV=5MJ9FU?5c@tUru@ETEG@fY*l?B#DcDzA((LImQ7<@0~s;
z0URf0OPy`u4N9v5Zw2kN>#*pd9;q`hK*j1wdCZ>(U3Jx~UJGk7zq-C-G%fa$c4~|h
z&HWR*rv8-a+>KP^7?a%0=Ge(E@$>E}mu>NO%B4{Qg5x~3n3g+qAQKMgV3H1h`dv!`
z_lZti9Wx8NzRLL^RT%d9moUKIbO;!$*y8oLfi>Q5Ja@)%)J?RiWw3c64yhxI{8E%a
z*ZMcDX}e6jcx7I@FYxfPO<m-hk=Wn981~RF>)CG0(2KxaDLmHly*H%Tdsw|RVLXch
zye{$1_NkG4lHW-a<gt>d%zY4^EM<25scXWl>$6y8WWH^&O`a!ESke5h&CG0GDd>K|
z8+7P}zcyEy?zY{f^m%zQNlw-U$11&JBwRp&{8o+iJ9RRhk8Z2R!2E51zAWFVjq2O^
zM3Vf}YfhwNkQAqw_v~|=;v~N6t5ZmsLSkpj@v6GI+D^)Xpkr!Ej-CysY|UsPb?J9j
zu>@m6S$0*-^`3jn;0wUYb?>kf(kvX1b&56~_Ry(63!qrD_Pvj=fcWPh2Z}Rg(nS~z
z>#b;#a({fJsn^8A;Y*5DgF|8O8tuC7zDtP;ogwd)3gHZ_izgA?@aIGTad)?>E^sig
zuv|u4B_&zYlY7dQTj2d%kww?Gs;=cLpF2|tlk8Pz_7W76mJd7;sQg{%A)xuMN%}iE
zCh=$9{o95DK5<#=f1KO@zkkg<Sxi5lW;)jMq%|qV(KPQ`=Z=1*Q_<^}$BISBzx&?o
z=<=mfpkufnj*%@E?_sy%C*o{8I>5sp5u<!}=iMXKoem;E*JECZ=dto7Xi4_L(f0+3
ztCg~pNUdvu)1PF{U5s1uq+UriHyauTn5pzb{&Evc)@ub`r=)Kc$Fw{D=`<JV7>g|*
z!1^Vnkf?3yM#GoFPuuKpR0%`KWkiSY<)o!C!mL67T|8ZW@I!`jUs&v$2J^U7#*(aC
zeW#nssk-rGvGL!lVt*yR*V;a9?qkvMYh#ySukx#dN-!^6h2!oG789G8mqpxwtI3x5
zB(EnBX~QoDjJ$L3`wPg`1NoBV6q8}yCh=31714dXV7Z0YBCg?P*^P~gNn>8Xmwsq|
zed>BRl-CqH2~5k>c|G^`y3yq>H)h|2NZX+EwNyFkmF*LaDBp5e98J8le}Kv_F*;&N
z#)7@S^SHFM@X@2s+%wILCwC1VkC|cD?dm0sUaebXda3nyk0D~t^Ngdr4)UMX)+?Di
z8$?yi@XC9zS}Y+~n5NFZ|Jja==k7p|Z9KYF^5n&R0Ph85ei&Ec2Pcqi<siS=^}kOm
z!Gy&dK8a~+E*WCLzYD%NSnrT8O%kAOtUmDAwfIbIfLM~W6Zp>|Vx+4}^3p<C(Y!+w
zvNncPlkIQFw@x4aK~WFb?Kc8~)QL+)H(J=RNKZTWUr!g4Q{C+<jt_VU7M;*cyh+JV
zuc4iJVgI}4rU24YAsIV~kmpq^g@>pH9phHcKbTa$#$CmldRi+yuS{jUUF}^ra=jZ{
zsIHotbCCjgDxhSrv;qC^0WLbB@mc^ajY_<yKWvLEe*R1F%A*ZdeU^C`+(pVIwmGOu
z<85jIV^Vcrox1-Pm}k(afusr4hqt8e`>K3|cj*m~_meLUZSYF@BI|D)J<x@jkW0C8
zD%W<$sKU-fOq254gOs}`yhA9L8W#RIvy8O3+Pq;gHRW^VgZ6Q$T;w0yPvC1{uxCSB
zI<4b@G1V@t;PKqI;CF!mr*$9^X}SK;nA>kkpSh7d+li74#O=7j#ye^JXw0I-W7Iu{
z$iSrZ5y{IbEpG^PgA|tEwO=Vt7(cPlyHt@H;qNu`QvAzOQ_3R&Du23D6HygWy1Xkn
zC0n?+&k{4r)&|1PLy8s%fNMviebdeJt@55m97_%e1;%Q8m$bn!w?>MF6CsaP_13-0
zrBaN)dcAufh~3jbl8`&RY60G^vZYFQ2{V&<^=@Z|HPht7&gV5^-QTWTGY-MSto}T;
z&D3fBd=B!*=EHG!#2m?}F{K(w6|k{_-S0@=cRUpV*b0*+*Us~Ex$_lP(snP!tf6#H
zBd2y!zrUk%^~w?yw>{kCM#vv2+aMy$Ck8bw%SE`bhSTcTV)&uf13`N*-8-&0rzC0o
zh;k#c*T8Vce+bwso*yed{1LD}i?vCq#P&?}bdgiVB1b2bzvn@s`4-x<VefY-&qGHV
z19B4h&RMOQS1HmrL@yONFQRH_bXvTl{BXf2>h}P3!Tw%()cO#9iQtKIAHjTxc>Fh=
z`#%e||HIwxMUa1&`f=2Q`DJ}h)|KIavHkPDV9xL2KYriU15X=Jvclyi=$-w{l`dq%
zgk0UXJhpG~d{Xh!s~K705Apk|frnde+i*Z5WlWIdh}q}s#^;SX%MnL!--8GgmP<%7
zCY8ZCu4Ybf&oj~?n=b*EU4EG2Z<{EjCSiex62os?TI4~FjQ*>}EvAd=|GLGc9Pn8x
zW{3O9$wK_m+eWldqGaJ!&#OHeb3NE7w6op)R6z=_`(1T?QKD&F=WFt3zJ#|tq*cGS
zm{=86($R4%=QZ_Puv^$HvoJaDq@MYN^<tr5Wj3F2{@fMm3bV3D7VC1>uA@a`Q@!-z
zs&ScT16~6aWLMNEM>#RW{gbt^-z^T0;r0Cr7WhGMQQIKdJe$5GLiRkb_r4&rGBG`E
zZ%<L4_(bC)TTk<x(Tm`Fy#UGMS0VArWDPZ7z?bek`a3McFzrdN9coEd+la-+*cHG5
zEd+UH8os5JELBS`6fMx_Rt1S|>ilQ@Mtnv_A|OUMva_%>L8iYP-Oi6*neWD<YO8G$
z248B)ACTBm2K?zqREM1cpMy4Ev*9=V0#2a$FMi4~CYNk=sjKt*jR<dKj^_n{sG(%z
z7_fM2-Vd)iExX0g6yO_|Zy}NcpD`xIIzNh$Sdpyz2$37ZZ~1rq%df?M_ImgFwQb~O
zdBW?KkBVKqfRUl9?>Fb73+jfHI<>It&AWa&k}DA%AvQ7Z<`Q7~`O}G^RCToj<b@qn
zZ=05+e7~eAqe8J+PtzGNL47b!>4|P(iqTm?Pu|<pN9sD>zt@xb8w!2D`1Ae@aLcZK
z++0=|pSSvBfr#10J#pwc2D96(YB=b+?~$G17I^J~l+>kSKz3+DmIniqu!<72Ep%SD
zWb2uif7tML+(*EQKihR>2T>Qx21vx&+a?_WZ#3fXF!<G=W#_lACe}o^;5Gk50nFJb
z_t1qh#|jCXg;ND&9z@?H$ljlP*&}lJdwsiA>G2&(gsLQ&=k~9p-7H*u{Y`7FZqTW^
z+Zb*ioF@})HUG}LRM(YR#G)~pjLsJ4-{G&u;RaKt(>*`1LgpOlFu}TgZ@&OXv(QR+
z_IlICN%mseu{n9nZ(EU}lJ*=Zvzb@@VU%Dpc}(A^an`qGjQcv9Y7K+Ex+i17QeI4Y
zWR(w?fz8D}U;G!4`X<oE*b=+l8J)jP$6u#~>AhXe?&teWP9kY{-zXTrT;u95>Pc0P
z7vzE?QXd9WrffZO5{&w4l9YZwb?srVpTK<f(-{sQgX|?;NaPmS`KkTZ`ZNom&PN!V
zP1XVIng#2bxPhUoC7Njg{Z(_>G(Q3XA46%BDsGSkuW=PTo27H#{+<1(&o0w=6AxG0
z)1%th>i)%a?GiANnn@Po5CN>=6MKcthigmx|H2OV|7X$2K%VN$zpF+jRqvHpW&Ub!
zsk_yWe$?mb=n*<Sa#WA%9?UtN8ucM^!bZnBWV(0YnGJEBDV>y*!^m&S#;x63&6c%^
zP38O<Aol-*5Hk+|6Z#)Q{0|}ihY<fmi2otP{}AH;^zr^7#QzZDe+cnEg!msq3}hz$
zafttMi2rej|8a=_afmJcafttMi2pBjh|jq2ld<0nBmJ`LcgdEEt3g)3)iX>rn!=B#
zJ<i7-+tY>z_hl~&WwPoVH#k618<%^N!&0U&!He{sX)f!jbpCxrN_z{JUGJcJpm(F$
zD1S#r9bs8Dj`})#Acpp4X>oeN>(SJ>cZ5nG$L~InVDJ?Ja;M$g5!KoV&V~G*Rt^eU
zgH_v+C(3GLT$sgxvp?Mx3!&4dp_<>Yj=a2(S{9U9W2oVa$R^Aa^40w6QQmO&%SD)H
zUq0BYgAvk7z)+WcpuAB_C7hELWK%KCadd&}_4DZ&y$Y=S4|<+LVy5a%u<t9?5Xf32
z!}|R2M-saaChVwEkAt46k?WkD-icE>JTF+=fLeD<3Pbo4>K}c<BmH<SbqCXt%oU&W
zinGK_9=E#z>0-xYO>miy0=ON<H#1ElaB|3|fH$i3AKJ`6bL!`CJuNTH+N+xs;wrZ7
z8E6*^<i2txWt%g5{^WZf!1Q=2ZmaY6f4aENZaMZg66(=MUO4z!PR*Ng>uBSuJ2^Q(
z9~?wJIEms_o;Xy2n5;&LMy;(+)3wLg+Qhy-374GVTcxG&^ovWd#)&WpBIJ{}G=1v!
zLbh$@$4{<%XQtP5O1N46T`F&y5V0JE1wpN!jQI1k4Hsnwqxa_!rk9~W6U>J1G3{Q8
zBEN4%u2QYSc^^WM`vS_!WU)!4Q#LMAb^!=Q&T{TLLEH&&e<PAEOs~97V$-vGSE7EQ
zW~gc*4C~dk&#J01kCDii;slQ?)EG8g-x^se>&lxYAXsc80*?V??(8!<h311(EGn(&
z-eYUotJm1!t-|f}_i;sBa)cC>PSb@W@2OsYsmWn0tq-gYKA@x#DLqF0gru3Cm~&j}
z0=%iq)Q~3^lj+D*LUKQ^3N2Bgc0dXy)ydT(I+s;b|JfC4N`neqQHp1-jFo5&s`-Y=
z7Q&vaW;ttn7r~v>8l9<bVP}*SIQ&xz9D?&tCr}Pf89b)hz+T#_oGwDuEKt+}7oLV%
zPF?Wi_N@**V3)+K8cDgd1;M|mEIfT+^flf{e{pbypL}Remp`^%%KSm+`PB4H#LUlI
zi}JX+XN`J!Mj4W7`u*}fc0k>6K|sILbvCmOzro2Eh0IUcTHz^4!Q32u4Q|LaO>tmb
z5|OPpfgrlE##F9%hehlA*6lwI>`%gJqAC`|X~e#g>(LmZZ%#M<`CvKvXqi1~Wy5(t
zo$erp@|GjBhf1n<NaU@zS#e9JrqdKTMM&f<f~%9m0mh#PoYD}&nx%4LCv;U=js+Mn
zOX*(4BB7Ej#HD8Bz$Go1taq-N6z72MAiL@%R0N6}-4!R;uSqCy?y?Z10At&&5%+V>
z`KQ}=e(jFhM;XJVrxk{_qw^USu?f0ZLPr_;qB3sS{v-Xm+xDNG*o0~OPj%f1X;n>8
zlq4BXZagt0SUQdi8qmh>l|cRg(%D4L)_&Ony0F!HX=-%=cVh@vK>r17>*d^uoVwKL
zO<sENwHWoTrjI*K2o{>Os0j;qP67@mC^slYey0*})^Ue9tz)}v3OZvZCT%96-RO@_
z8%jd+F@#cP=V^KTic<7|xCifwU%B)7g(aPaS1jo%_Rz0s$ikA%*jj-XYvcPOp`Ae}
zP=O<J`W(Ja1k&G~sU1lR;N=-%=1@zw(`3TK=y|}NgqDJ?3r<$D%r(CujoU1wpPukK
z0r!P*XT67R%WZ0{d*6dh{TU{G1v!#YxM?=#b?DQQ(7_w94_SGTJHl|MLZj={f!va{
zi$kySe8+@ih`udFX?|bQ&gr<g<QKtGD;a9Up#+Mjm1(CuZ!mJbifeTfOiiSh9&E07
zZUe=#v}ZIVppp~wD=Cp*X+1v@^NrZylT7ZdR%^Sz)~g#Ch4QPB%!`m*1#y^Bj$x^&
zrgK~XPb!08)g{l#I8LbLgjpa7KgZYUkyC@IDwxRvpC7<eI;SAAp@d`U0>rO7vzg-^
zjJm!faOT{~YxaElw*(B&P_A4kUE><{a~H~62^GSI$N1@>c#10yV|uJpu52(%pjZ4p
zU9cD}gM-|^hPeKsn3&Fte>1k<jZtMr^*_>WmW(dHXvY358Q$+w5RoA>&Gx*BdtUF`
z$qHhcWj3W^nVWpwFMj1lxpegC28D#1L}-eS4nZd;48&QChS!{fgSK%s>*0fpzL$!7
zWx~U~@x|#-s$dp9G+a^)N2obdV;;0`psNRsG|fjIM=e=0HwuuyQni<s-1DYu=5X%W
zoP6<}Shu?)kP~BuQYMEt*oPS5gfRkrGX*JfcYULc{J7YKGmeU>(`uR3Tmtqo!#q_M
zjCA_Tgue#SxBDLEq`do7-Y{~@f>h>t&t#~lSLqYZ`=f3O(w{X3)DmD?z-jnN4AVt3
zzzLyz0a-)VRfYe=f40d$W~U~3v`X6p`$o?(8M-z|3pOL(Gc>IN>31Hwj}zV<#>?>;
z>xl|znJ;P$(gcnI+3kaPh80%!t)HG&%g1=Hu%O?Hk;tnbe&7bGaN-ThDSs9#hq`c!
z!U?}oO!>-P(-iMxm(Agz#;z#TKu^uCVs|%IBh1}jF6`0LQUrtD`l);U*4%gH+3Ux6
zEm<Y6uo-dPH`m6x8A?4`b#xzLw2ttbNW?Rfm>*sy^zD&o!s&&4Jl0^%<;5{Y0qh_;
z1w;Mh)*V0GW2T^SJKZ2fGlaW1(fHGo5Lxa4Y!6Kz^jv~*;`?N&7Pvyrezt)Uu(^A~
z<;%=;d>|rEoae8Hidmx#|Lj3|;EdR>l0q0{RF4%srb+8t%6Eq3{6gUm{Z{a>Ae^h?
zW?vr8HMusnM#^Z~m{m*Lm`-wD$6%<IJYX~MI$e%KE%>$sAfY#pCD~Dsp}9Bo+>J>L
z8IMxu{6se4E>T=WS>dRdZzwJz7mnzszNEXqHf_2Pm*<DHxKkZYTh`>^-u|}&xQC2>
z*mf@?SwHvIy`W(EBgB4wxlypse-&ZWnxPHF4b?$E%Ko!>Nz5`?*)Hqq_uD{{6(lAh
zZJ-9fdXwyTago;AN$HXAKU*)^pXAcbIWQk-s^Lq|E__P5_2cn$6F(^%?2#@%5uDFe
zK}T)X4Z1XU*e=jzTqNN1_qUkcp#!Hij<&K~@s#z0c(}M&iIUL?ujBLNhDiM9TIg}l
z?W%36qOoC}!x?F_f349qG=Q9`<IHItjpLO9J%P29SGoBwV3t8y(t`%;P<yp06CR~e
z`na;BQvJL`q+S@BT-5}yi805TUkwX;=>_8a(utq9-I#(B6d5UH7%*MCFR`3l7elox
zKlbu;>PC8#1T-4lGt1^_5r%r^ygf0xx1qw$<KJ1CK+V>V2NwrFdDT)|%`KQng08nq
zyZC{Df|LR6d#PiCw5s;h_DOD)+N%OYkA((%rdiPDcgB5p-mqYO;Tetb9E2yOd3RCu
zee5R$!LnQ85f_NWRi*ZIKp-AUHMNt>lxLHPx^|XVixP7YszjQsDx_bfyd~tt`fJ;Q
zfTED;E=t)F<eA&({7+(kL*mSz;mu(y@14p6iiHruHiqg3*qKaTpu&-`9M`ryC9%+o
zL&9kj7y8~xy^l(D5N$eF?)#DCGWZHO&PN}&wP{SBHo5!o`gndt%7;3ODXxX+Y3hpm
zy4k*jCpW@_QO>3jL85mv$lf_C0l+y#hE_-ZyaLHXIgV=bsmt?_6`$1bR{*p>)jIfB
zMyejmg<BOjI8-NF8c?wlJid6ozN&q4Eo2No58Ry8WtwC?M6w%v_0f}I9XnZF!`TuG
z9r*V2EVjc7GQkea@D~4#%VnX=I~eCc0uD%#t6$MdHs{e&L$9U<*H(3%vQjcU^H`_J
zn5abb@w!ug^qye6Y1-`%C*U79(}2C(_*DJXp-HcRsr_R*Dk_+*_li}9@ul1{_sNOf
znXmB3Ki4!dPhL+A-9wZe_^OT53QK>#*Eba?Y<2Mf7b*SOtccDotB1TPG(7CQ^#0jx
zI=f5`DBc-^zX;kgQ&~duU_R5S0&6QVth?4^+90%u?#Qgy!E~PwU&2rMUhw;K6S*nH
zIYru0{T{EM4vIj1RQbW`E=fOyZ8bG}!>nhoUxU8dPLyWJ$cv{CH>g40`vxZ3LvU&n
zmDsY~8W;^~wLPg#QD^5Brw`Kcf=;8%Sf7@kPv_Rt(#}eM308OEQ5NUA)YH?ngzf_s
zXb)RItdWu+(?}j;LY-gg_~x+LOQ885%UIVweW`@lR#9scqoL?`_^R<bXgb|a--fGE
zgj%Ga53jM<y>lg7F_xUi{1<UONI37{mPCPmuFv57N`M|(#Ptd4Y6QzK`uw>8i?znB
zx4b#4UKTHUuRW(NS6?U&pBz|K)d3dQvmGQdvO!tsI34}~DEgHb7tC?Cjwpmhn$$!V
zdYx})J_^-vU&uRnv^19&37MfQgt!C8OXXxdvhVWw(G8MH*^!a5#V)?+N@W8k!cI(h
zejHx3^kKMh{}Eirtbw2oct=8%mS-s8mt(u}3{YLP!f3xaEIglT%PF<+J61BfcbIu|
zsN{Q67*Kv=@~A`jTd(-kCylqARUaFoU!g6-tX^!D4?7m9u<vl9V5Cg5oKaVc((ker
z4o>7k8E_=aITNVxv)Nc{KT%A$g>79Z=SdrS*9ssFa?f7rM45z%$^>0^d*xUi1U_GD
z1nz0zL@A9)l7GEa<hl&rP!l?^xPloQqGA#|ab>n%y@!A?kgYaO?bjMUMzR^UNAT+@
z4NeT4?AY_j(@nXCzw;&X<IL(<2@74ax45vG(%32zjph+7%_qscn3?h2eyRo~077JM
zZlazS{aTbdI~}*n(f)^ji-YzvXKTnOhC?+#ZPBL(3Tc6<Z};Tp57i^dO)~?wl#}IH
zbaAQSkZmiNa2U2I5SgjSu5J3U!R<CEOu{IXuP@CotD>hLmuC(e1DoQs<d9!0S7m_%
z%Lbfk*20sV0!+6BPrTB}un7p5FD@jGVEC1+vZ+22_@Xv*{J^BLzRdDb{=qaYo_E~q
z4_m1KbvOb=uEZ!{7gEk7=Hr%$%b}_sY7XxG9V-=Cq`E4pbE<o6sxV1}#G+5fcGjoK
zB!_uMW>k-=j;EBLRjPWeVdqyoL{J}&OG4RaUWNILRL$?5{rM%{9OvQZ{w&@tSGu#p
z6BBkTYrQxq+Mu_!zh3@@3G3$oI;*d>g$*3zcjs1wsnLhMo>ul0=bfr-+vps~e#Af+
z#1QLc9U>!IJ`e`J;YEE|K-E9EGp$cPO!e(S-gccr&+4ILYQXssqmN(}3xl>Uds-A;
zPD<T}O#2M=?0UB|J#`9u%JpkQkQ<|+8U`7TeW566=s8Z3+)`(f&FM<3(G)XHE$5F-
zoU7UMcz?f_riXp_dl{|KdAA5x6U{SqF+Hr|U9VI}D8?C#(<(}ETc2S{KG&+u+sEGx
zhh?f%E$8igY*DeGE|JX|dX*s}ACR_`<*dQzoy)rr?_W%{H0M4qREa)|!mS5EV{*7n
z>Se#a0|bm)rNvv#Ce;UIolg$*$HmO#fq{Mq+EvR>0LM?5Zo5EnzAz!xQaWXD4l-YQ
z12~@T#dt&B=3>J57vj^4w8<<vnv@F{fgcAb;Ql)1zRC*%gU!lGImgZpLuA*l;9`iY
z@?j!V%d67436XU|hk!bBg_PKIyb`XDgBNRy+V$<$qO#G@p0J;t6<)|Md!JvJm}0C&
z#4<|rVt}4Bzw11bXZB+d(mPn3c`4nC#ICMzC6<hN4KBoWH?%HcwIkc31^m4f9(EVL
zPyoXfazxqVnJ2o~G^{Ua`}N`n_tEtV#O~K`hgRPcP4h86VHwNf2O%f6JN1#Pa(prQ
zd!(h(NCF6j$nplw^ENoa+(3^Sk)SZ~{oXvpnNIUcl6AyrMUFN3Eq`8L4T>Db-x30o
z7`I6l&wK>sfT4O>_+L=kD2|riEviW#b+|>gw;b5kJY4T~1OUTj`KuoxOFBTQnK>kU
z%u-dnV)(_+CM!rGumei{q@aX>n&g^_-Drs6o|0VNszVWfXUx7?Ek!EOf{yGT!~o5|
zusJL8aGv&ikbR`Lt_SBWwK^npwm%UmNEsG0SXyE{>b2X1C}WE9iB$Miu3)pbe|fU`
zE&kbFAiZlhua;c7^H{W2ge3u4dYtMoF`hSD6BgvnuIzMl|D`m`-4t7V(0d}j8g*cT
z=f?I6@ZE2ek<)03TfO<*q}oW>PFqYdcPBc~gV~8P^Z7Z%W8Dl*i2-UfA4Vozpv`5?
z1WwN?p?uKdUE@h%R`wsWLZ=};M{m%&+%mK0?vTdE-SSE!vl@MS^G0{RM7uuWz8Y+h
z`0!}&cfk%bOUm3GRo^^9NH)pSE0wmzSBG#$H8)Z1U=7K<XkmKtHf2!O<;_K;3&$T4
z<IL<f%r?LOI#CU>)rQsT?OhTX<P`8_pMCYr!tA>FbSX*<>Yw}7&2MoJDbI<Lb7yfu
zK@j7bsM>d1`W5r&b1!kA&l2Z2O#J5!6bA9YeooB38&lM6{KU#5w9&sU7q*CcqNzo0
z_~bsj7alP+-60qRY<YhuPB4nK_ecE*q{rXHF0+#JPVnE%XM>^2FwcaAMG@rIn`(<E
zK9r&&@bS}SI75H0+=X#}SrfHP6I}ETDv}N3p%~(CusjBa=S@O_Kyru1Hr+Yqf1d~A
zQIIJXm&<t!6z^o^mdj5Mj`0Y*S)MX@)14Lnza%Rq&qWJ?o*!WFHl03sU!CLriqEb8
H{Z9WEk#o7p

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/start_oracle_db.png b/priv/.BUILD_images/start_oracle_db.png
new file mode 100644
index 0000000000000000000000000000000000000000..53bec7e4a7e70ea79327ce282f755ace18d5b78d
GIT binary patch
literal 26713
zcmdqJcT|(v+b)bUii(Ji1yLb(RGK3yN{d*)LQxR`DM6(uElLqVlAw$_$Uszt(1W6&
zv>*tPmInthK!DIfgaAPx1PGy|L7wDEzTnL7J#*f3zCXTo{`$^di^WdJO0xI9_ukii
zUDr+QMLTP?Ra;gmDJiL)JA3-FlF~ASqEBD3eDRru9ZMCzmV{ikKB-jPwrxW3;1^#@
zTT3OSk62ad^<|33EAO0j2~kp7Q@{ALgp7RerKIG0>D+0{EB8IP1E&7ln)>SId_(7!
z{~AycY<A<gXUVZAXG)rvZ4J25u5z(r=yb-{Z2RqZa=(_OT13}1EmwVJcc*6P>-L!I
z5if4E`lwzmscNZlq!A}w9fhI9!@D5N!S6;z)5XQE;pPqlMhicfa2we?Q@+Bd_jDVP
zz?$S5^MXxfD^mHU;t^Vr+c%_lxJ!k)#;~#C%PLx3{q}{$(JnS~&&cgRJ4#A|=po(z
zbhFEbIJahC;t^;!n!XE)q9Wxl5*NY@B~x`Y3FmOD&V!MKF7n7=Gd$Xk(nK^q^o&V;
z^i3QRyi11>9=s9IpVLRa=Yzd>L7xxk)?GZp>%2Z$qzPal;=>j{<MZh+^uMD0)0TAh
z4ZduA`tfE-9_H`?06V5!{V^&cOt*l{Y!op&IAr6P`>DI?+P}<|m-EI_&&~8$CJ#o8
ztQz`E0o+7oo3^QS?2Tq2Vd|XUx~VSKN}n>x8JMyTSwEY8^kf27v_$b)Lmx|hNCu5o
zW<z~4NopY`@K}h?=k5N%x@?^}Nya!Gv?k;%`QEKu&5w1<4@Dc(3}r+!i_ga?a9;nG
zZsb$~>r<Z6RNw1Ca_M>M>XnW7)SfvTxROyWO}ue&EEn^}J}N6~%Bpr3;HSMpwJ}~_
zjW+AX9Q4a1ss_&$`}LkKwumi6&#bE0<ZJyzW$dNv7JKYzgZWcI$U+MXbN*g;x`mZd
zi0E1yx90sq;XP=3@d!2<bzGBz3#}|iYHemzU!YTE28U78+@~x;fs`V!X?JutEJTgF
z*o(Ly#4Z<Q(x&8%IO`f#4!@(%s#IPwVwm^if<gNv74HV#YYroJ@cx<;^XWGqxE%H9
zZ??9s4$Y%FqCcid4KGw|9F+BGVLkzUB8>tDK#--dHlmUSJ(8`$Wk*a&lTv>0EBi*7
zJ1d8k>`KN3bkPAx#Z00rrl$`PeRM+gg)7`i{!+9KplykAS$~bRI3))OlX!8y?_{8z
zm*7Fnl3~#sGs9&8<;%oDPNO&SHa|Z<{>2sTGu89uwB5)TR})WEm@e*(ug#cBbd!Gk
zRzFyQO3zf^De|sBRdSw6a$adhvHw!rrXj*k!(ud$NNGLevejxPlk=bw3%~m@WY@1$
z?E#au$0ZHd(4o3c$Q-lJ-z$@ns8lcacj8ICYujFuZkhW_o_6qtq(%DjgONkfT>YDX
zi9n3Uuf0HQ%qfyovvGE}okPuZzSwNU9Id7IJ+(11N(v^mw5&NUE0{M97VTt^(6xGP
z+e1d}e?u|I;+nv!n*1mZ-}uk0O98yvy|d1EQZ&eIl-JyHz2pH;ydEQ>ixxP2PsjQc
zb6PlV_>Poc;Wx-SgK&N<RKHGk%EWjqVT~yM7!?YW)2Y1`tt|@+3n%*!XT{Z@IY>SW
z)eXlTo#1C85`ho8_=;Q;jIv^C>$crKRuvoLrW05CE9NC}d;Q6aJFf>Vb5cI36|LXu
zcN|6;PrOFo(n6?lIj`*4G-RXh>_oFDC98yn`HP)pCR-Xok7O+$pRpHxK!ox0a=LP*
z4ZipIi;kzUW|;KR7$i!aI;SHDl$<+3_!Jd#?ulRTB+z~I9!)-y-OQ3tMBjA=vtYho
zHaneo?|~9)#IK>9V6O7mI=Q*xWz~^wUQ4>`q#xLDSqJjwky*qVbt}iY<ZyS{t1cWp
zD#9BopfH!)xSDA<_UcOFHrRtpn+^5kMRnH=4u-(V2&To-d4w-&hi%-N;4?-$X%&DK
zei<DzGe=|L5f{bX(@Z?P%A*%?wGisxjnd~coiKUMgHDoy9s|@4HvJxJafX!aUD><d
zC*e17RB9PbE$QA7Xs?0f`$v;0t$Ir9G#j5C2`O_La|vI+{^Bzq>3dx2vbQ3bit!uI
zr|0v~>s3y5`i?9soavsQBibUAi+T3SGn3vv*Y`a9<Ev^|%N!<*7M0r4;-3y59C4DP
zZGANDtW|X0xV)Yd`TGnwj$zN?O|q)$uD0`{c|{av?y%=|aK$nNSi{mtmg6LfNcym|
zF_cM0Y^ai(n5^{$lVkssU6IR;#4oMig}X!RugT5HPU#qr>nw+A`E%)h*}fYMf&B8m
zF+~_H*T;;5bW6~!@0I%ENX_mFbMCD7+}7A<ucmyt{*2~y0;^waW_o0{yDZ>ks;fy#
z;x9)X{5;=_kdM?+C0J_9$t|NnAL2bkL(XuM>w1`pUbM;P((07fDz$6O>uDqNYM%oG
zyXe2?NV%|nzr+0EKxl=T>{jxupi|S!ubKm@4CF5@vE-f_ZB9(?=RMFvgv9X*OkKJp
z2bNRyD+SAv@rLqN{U)EDz#kt~=3Rh-&~gk-#~t!NM_NB%_)VNcpLvfdYz0m@5Y>?~
zn^7swb)6)c|5qU2&is|UumZR^kW26uFAlD5y_3<SEffuNqi<Cx^EXIWh%7m^1x)@r
zwF&a8^vzB4%^y>~oKw5Ca^GO`^lN10JlFWLnT3{f=6xiNP7a%6I9ma>tIEiK^$?CU
z%%w9#T%{5RilE^n-}tR`>uq;<6d4A;dP80j`R$%w4f+hDz@ZsGJeS$uNJg37A9fkM
zBnHRXR_K0Mqt$P>x(-9<Nz%V~%<movS;REe?Ss@gx+(*Mf;3ZH3Nc!Pu~7uxF#Dk&
zvkK$3)`(Fa1`)4};q7C1A4VxKt+Q9fiEV|BP)I{dGbr_Uk%e^1{DfH+2=RMRa<Zke
zqrJ>4FGX|fAh3ux>Y_gG{6h@uI|!dT%vJXYFl?&oZ;s&EG!E;>O?sp6@6J4)hu>4J
zS0L#%)WW07v#=VsSgobKGh{D#W$M%E5m(bceRXp&4sM7J@;lj>!2kI84-fd7YX#Jn
zY-f1z4x-uA!UZDNcppA{gnx%kc;_rDDks25BZlTjPt-mGtUNGM7x7+02Y}O@_X<9_
zfTqFg*29?9%X*tz_4xWoR}u;QkTD)f;MMSsQ<hB3ze1dq>AV4GOTJE3mbrJ&96c#Q
zATXh`emga+W5zG-Wq=(UZdTeL9gqllpre@G^)@R1GvC+JBOiPzL=sDb3-RzY_9Uh+
zNxtn9Jdf1HHpGu>md=R~@!q$xVCgGNNke?q#lUDu{h}_HUFQLEnGTxqdi{~Q&X~IW
z%D<FMeBqS4)fO!*gIt8qS#b5RzX5=f((E`Zj~seV{&~~GcX^yI&6u6+nQxC_#8k^q
zKlhPRv^4=3(!GNS#+H9hF4Jh$Zc<VzyRC=lBoz%e6#WdxgM9G8)Z)i4HnZzC>c9Nm
zjn-ZpwTJ>0En2%JXx34_MJmd4Ye4#1O^e^i8(}j#ll8F~Nck>=-5dCRzW#i~IM?`M
zDtv{N%sg7t4{om|{E3NX8=b$<rRonhsMI>m5W2j>Fza_~x*4x26lGe>i*`*SJqDU5
z=Zs6CZ~-{iy4|B^@D}wv#_%C~-`P+eH~!CI`;)BBqmHuOk_5zK*t5AnCW180wVuSn
zKg+tinL(Wz7Xd#87LZjGAjDh_?5HUmtFdgZh#4f2ftoMn1~RGeE(;@(6}Us{{!C#8
zM`LOJL_z)<dXM}$_<|Y(np`|4ixxb7WgjSB4#ULP2_G=vi{s8tI=o=gSH14s@>)FZ
zv<P`VhCz$*oya~0Ke*=IasYV$MHs|iNkrutdP#yUUR+4>W(JaHOy8=s<soohl($f7
zA*CoPVB7ZKcB5Fpk-QLD)zs$y)P)ozuT_LNot26%7w5!i(+@>vzQUT22*#B|XBtHu
z3LSu+kId6y;ZR_bMXM_?IX_bXa3^tg@_4svWMbI%V9|wJv)_nl23Im^?<q6=MX0`J
zhZv5MZ@d$g1;V;XS{WR54Hh}nMbP)%5f5x`JTK5#=PUp50k*g9zP=N(3^mH5hDjez
zgd}0hqE2A}yE?FT`saGJpEvoH7Q@ChWrr)^WcqqdNLxFjU7&O@-NoTZ^{iE!*SRNf
zGHk<W53@;SFKCC*U|=8p(j-C|l})j3iaEEoa{z;HF+U!z#<;(v<uLv_nma%OrJ0RS
zw!BgYu<-m*2Kt62$suN*B3Es}^FRJ+q2G8=?dtoH2i4nguy04clou0Wk<uU%=vpv0
z=M=(ax?}1mor+PTJ`J{`lZlO!^DZT~S$St%pu@?Oh1#o3QWWQDAbeG}x8%Kg)}~4O
zJ2E<5ULt!P1htE}S6wYK>GDYtdlJr%;u^PMYbQ_KNd?e<u0ftzljZIGs!Onto=dnb
z?g@Z@Mr+V#ZpnWJy+`+-q~;iR7|L}F0cRNbe+$0$SvVJpC|q(QOZz*%Iryk4`}>iD
zQ#(+{#oRn%2C2$123781a-vOTyTQG}R420X@dq0}OGoVtx}zh!Z^>FlX)qte0WIG-
z-{x)xJ!US^+r>yuU^CF?-_1z(sfzCN*@bIQclBsAe<?qGUE(pweX0c{=E+PVIyJ5U
zTev{G#nMTqk5FJuiLXz7>9Nfz;JRfYZy5C~&;6|q;Syfa43o6dhHK*mg;ZesQeQWK
z>z(C~I2c>GLp9n{a_?@kJzWT-V9w{r%5I<-G>L2FclVdqGhi}srT}*7;9c9G5ut#x
z25oFAy8+g0Nk+0nTf1jELHDV@LnFO;MINa^bi+ZdZB^MH2J=Pi!HvrYb&<TXgdTJo
z(j+bQlbg|y|Izh%SV8YI2Az|(WRAVZ#nGi=oqB?hTP}*0i9a4O4SH}Xi}MA!MQK)#
z>Gs^w{8rCxOqh;89^VA|)adp2NtQ%$@{E|l53$kG-x!y@1DMNYackC$(gNX^TuBcZ
z^LJ^Ay%BGdPI?Y*ER~=3mfYzf1WQ~QT}JHb&Y_%hIV<-~j>H9hAu2$yXk#hKUp!9y
zSQwcARLFkm!M2MW=<-j2OrenKV4+3BI7#?PgfV~M#m5Ye;kv?`zj@DmkdwgISn(9K
z;l8=BG=>?k0D5<X>N{9lKMbPJLJ8e(2`t%S7N!L4kFOKxy>&2eH*6`npwc);X{jky
z$!@AMjOfLx9jp9}n!|XX+O*!BLrtq3X}<vKg)wFZbdo%bZuLxHHf`{#MuI(@-I%8s
z595W7H_IZ#5$6oTUrK>>5e3Tn5yjkUigAF%piQyU37!7nQW5@r5l{?z_c3>`31}cV
zncT-MQ@8aDv}RTn(Gi<E$Tx669!lI3Zs;_zFo~b=Kw$dl*stACOdiUVgC#~)9k=k6
ztQm)&0#%GS!6BD=wuq2}U|t)nGWyM~`_q?k7Bk{KCGz4yv@_J>$0yMK9w(}K86wQ{
zM^4s8elJXFWQ6ZzT+2zl3Z_1oP@+W!L}$@%E`KVjGe;xla}1m|QdOsPQL%d&Gp|Tz
zoFTsSdmkYpVdTWso{@Q@Z=*BxbDN@Oo1pPH6T3^^W!26`rfmQeB|e}=oVkg_q=5`?
z@Z>zg6@wD`AG=6VsdUZi3Y`Stbm9vRtI6i;zVA45ht4j=zJEZ3twb*`xttHz>c)PM
zJl)?HUMyQ^CQEJAh45COMAmh+8FPwSmC?v2swvYgg{Qc>v+LFf|LVf&;)i%)NG1aC
z@A=Q3M|<rWPfTC_aM_W~7~@UnRObDL(jP1zb|yI+<xFW_ny5n=f!;nLx&`7TTaO&H
zL3@6E`|jXc?r$io9IhnQHBpO7qv*p7n(sJ`4!a*sJkRt&YgVC`F@s_A;9Z%W#J~3d
zp;fP<zDg+pDQV#8&jvAd02C6^pE!!Ll!Vg|NT?J3{P2siQ%Pe7_AWRrJp5p!b^kK!
zX3zX5Lnb)LRrlfwPZ-Q2m65yVyYbOdLq+t;uHK@P;)G-ei!<&t`C<7|keV?m#rnAC
z-z*L=S~Cc)gX(aZKv&D`YJ0@%sHGGlT5?@jeGlr9s4PaX;Pz}ifJu?g01tR9#@5O|
z;4S0qnTcL2zmiInzOSEBmb3Z&WXxEW=B$n~?_nX#u=%X~FTuG6y{!;&W|J4iBNyp^
zgxGn&FZ#3ao*t|VxD*3<bSciYmbZ8HPDzY%YB0U-$=t&WKU|A9%5pnE8JEMjXOA5=
z{s2n(fxs)^TA*x$h(IxRGK^x(&oFDDF)|_|D)urIh_|SJfjRyTdfLrAxdkP(FOz=@
z!avE1y|rv7ipwODkd?o-nzb&y<DyM$#ZW)mcgXMaiFYNzGdc6%j2<&uIKp!;$H%#j
z=F11cOJ`5*Q12%bj&&KI5pSTthZZ;-;;=ga{j-(-h#|;hnTtSmu~m86xBjOe`uqPN
zk^aRe{om33pIEV+MRtvW8QqN@pjepR5z0(#`AvhzWP-WRM4ozfSMX0vHeZ%~SC-M=
z*z^+;UWlS>ovcCM%OJVrBX0TaWHaQAxWol+Ol)U|ckNf@h%3-Y;U{&Q0zSVhC!eV%
z2t~=i6Mz?F;ZE&Dl7v9+@E8+<gW(We3bwmuxnV3m?_0R`c_=maA%UwO8@1W=0IL6B
zA?h%4>ZX`CdG#t5c)<m7=vd_PxkJ{EIYSG5*CO~WZ^Jp;FU-{3J#s5tjH94?9_8%l
z%gB~;N3NSc0ma|V6I9>k=}oBkgBB=DFX4+<!l`Ub21<bKN{<J*BocDh=z<R*>&C-_
zzoa(vpEfi4yjN1iP5xG$dEXwetyK@{b!U<X;JYIdYo^Q&7&s8}l^hS*6{~tw7TcR4
zDi$crcRQh;Ia*RdZ=N=rTDJh`7sJ;U=E^zv0*t|@A5XaU#Jkmy#S?UYnz(BF*12U=
z5tHf#`PU<hpQ@JbB?fzFn$tBg`Z@GVDlcocAe=MpM=!tQS92FoyY#W@L2W#&8POo$
z_#QcUvigs-&VQ44N4YkeJbhMs-G2i<Nj&2c3$HZx84BLTs{(!28(mZoKOnmhyG<6s
zxFBDlWRyn}Lc7?<F}Dg-gd+tVS=Wp!WwM&xrI=l8_S{K*Pl=t;D^dY-=Jc9m9}WmO
zbu55W4Z&$dSC#e0_1y@*V!}7TPmlL;tx_y6&_%yG@kQqRd77~4i8ghEtnIe(1w8tQ
zmYg0BbCMr<PJyGoZ2l(4GL=1;)aNP_@(d{CH<?B`uy;xKzTCu`WbZI}<h1W(Pe#*~
zJ+iQKSK%8?e;kW+@4fvYY|x;wp*r7teI@wTq-n-IGjPWt?eM}KFOf7m1=;BM`Yq#q
ze6bS@VNewW%Mp)FnPA?0_!rsu5zwj-73s<b-K)@|@YfR|NVp!xorTEteN;Rdd7XR8
z_?s63OhRV-7u9&v<oOixCG=Dab6ic__5}~G6mVa0f^t}oNBC?4SyUQOb5SE8;ogKD
zzCe28h!~L^pj!i#TcBHCke+j^JM$EDqBwDpP83%#4G|E13b;LpsjQqw;x345E_yft
z&nEB|7@CL~TeX1MTR$^`4VZKbt}^uV%t=-sp}s1wmw-$6o5=e37Yd8f6>$0QO+|2j
z=%x|^^kY~*zoFGOPuM}mUBKtyX9hP2sRw}3lu6LKtfqS`hwB~DZXrL^RFRhSnt(oh
z%_2s~NFuGR6o#-8yYUM}xstbasNE62TA*(oC`8j8IMr>iC4wQL_pjYO>z5qWIRp;m
zODq{!PS}2g?;cd2a~rKPl$#e&sOd&3r-ygkwMU?@=LW%ah{2-UmPgl={g5_q)jD02
zKJ}Y|ayx(_<;%9qPQymV>rcmbI1U0=Z=d6PbVZoFV3Wn1^|k5}2z4L<#u={*aB+{S
z-%~8PEuO!F4*S#a<R>n|sOe*0Sbvz5BwE*l_UnRC-75IIK!%>$J(ANrBe0XOkxs|J
z3=cI^x`371%<qhSY%Heo>a_gVN-0+WIux<DG5_>_3+4sv4ceeunE~1jEi$u0mYg0a
z883!@{~+J;F?8wblG=S#UDHqd$_(y3+j#V~syW=KM>b{<=u8M=U3M()+8r~z{FO};
z^P;2?RqdDg=lNCSJR{kaQskIT_Ws*nH%7b$+&}lby((WA9dTn)P}11A%qhl?BIOrl
zh(eY%F<5xCIVLXC)#Z}1I4o(bpzPM&v)~(HAs1#viQy9~r1j&fIat^x?+ZxNc`nfq
zbLD0a^ZuTR%bemgs?p#GUCZl7`oL&<@ADBL5|bzya{)TznttDfc{ahYXk!O<u^d^h
zc;LEVS!vV!vxMHve-X648Zosn%n8tqG5^kf{w@Z}2xLT+!Pxd^A=TqDi^tvaxJ>^p
z>k03B@*DR-Ll{#wKn&ans=J4W<3cz@3ZfPQPx#Hb@h(n+m{v!4{F*knL4(luBPMk2
zoqZXDESfvf=Ha-y{lH^)_~!(wD`~#YQSQcKb6`#aoUHQ1sl91y7ekQ7*1?lK0QU*L
zJ5vYK<pixJkpi0{py^Qy%;CJglR<}U7+k6ySUkvVZkWEj<Lu^(q$Tw5E*u_lR#Fu5
zE@o}@B)9_&(`;;3rH$z-Z@6?YOej2g^whyM&&OTZRY1!!E1xK<stM-JD*V|;p>4e-
z@xxmc!K9`wzvAzJ;pMj>u9Ig>F#cUxOz+S8;C<rTK?Sh)HO=5J^FowFAo-?|WBy>Q
zk|c@;(*($+-;7BdID29LRhs-ZiC=aU66WP$EVdTNay(I%SK*FP+JC*ml#vfC^jU{<
zb=>L;R5P0n+%4~_a(vQ#WtCB&^Ty9>>e5toC3WXt+#N_s?mXexSrYoRB46}kz@nYD
z5~E-xzt!NppNf6BXSvLpIMV(WyR#j{->J;K;vrXNeTZ}=igBhh<pRanF~)(?VvM>v
z5@$!cK2ZkrhN?MF(r}oL@r&-aG?dr;Z%ApHONDeV-E}Zb>|lrR;Iop11Ov?0gMl5P
zEh3HmS%PJ+5Y94JjpdaOFUiTUSEN3!q$`h4vq&XCZi%?0rC0!&1+hTF4f*gCurw^V
z=BBuGSEbAD`E+2qcL^$3sDMusdO(HP$pcOh^NJ-Z#t3ldJ;^~t_Xk;<aT$4qIou?H
z;4bfq2SIwNY+Myu0D6bq0ww+e7Y(t-2UED%OayZ65RF1eubWztL7&lT|AHT{dF_!<
z_leXX-#JZ4pNp6GgZ2nBgY-8+zq>JoPUweR;uCqY<ZQD1(%RlN)2W8hiAq6tU!HZG
z_1a=>>>@635}qzR_--!exYK){+yP>)+EzVNVf&r#)}#9&M-dN!#<Bn>%%LM}Lfy!G
zgZi~h=F_;+*W@;!zY&KBY90CQ5kEgiK*t)s@sBNJ#*Uo1SN*5Nh`#VG9Aa;SYlcDi
z8R@oE5bPocTzI!5a3(+N!=Zq_ym6%uw{e6}v2jG<BLX^%hEBVS`?ldK`dXpA;NGt;
z9?9&gU3MnM1C>Z0jm8%b3lFD=yPt`DkT;f|zfJZhJ*FN&bUTkEUhGflLM~PA37?cK
zFmee?oWyw#!-a>Khc*}vd%VAyATKBwql~5#E5r)@Mo5@6tGDZ>37Tk8>B#}Wm}_FQ
z^tTBIvP1ZxmDjW{lETD{D`qLSu-8Ku@I(ctD-V`iwOKf3oQ{Oc>cC4x=((VQ*z=a6
zi&XuvE>ddH0I`E8m&_=qIP&i4+wzVw_A10=*bCrGXl*R@#hi}iwPd{0T}V=h_d!|9
zfBjTLm3^tlkt$A7vBe|)4y0>%At4azP`)0*%~fGf$}xLmLXu#dNxT8i{)73?1s|x8
zeyR|bAp<AFRRm(gEv{z_jY9Hv)_nk?j?t7`5qYZFb{vn+JS2ddcvKNckk`5ia}+!d
zshp&jD)jeZLOw+Njdm;MhkOhFV7mVwe;FaTo?a_v7A|2aVPfFoNI^Tg;cRi`DuS1!
z7LRc40SrK=cOoh6o|L;j1r4Rdg=tbA9~e>7eLhLE1P4Y`%ZoJbr9bO)xK%x6<1S~L
z!sqSEA5$*`r&b`2e2c8UvQHf@sU+0H3H9XrB#?GVaywskpyQX#DoNCYJ6jaVUAP{*
zjh%G*@e7NPcfqSlP41LqLhkmfNETX%SMs|)=1Q#%CBs+n&xglrgIYv^+Ljzsn-Hn(
zmMaXwkstdoQ0w`snY~7*`g*W+Bgn&);*<9tiuEG1A2_ntc3X6xd9R~i$(na2fx`=<
zw9LW@)N!8^qn#SgXp+=e1FMiAu3HV6YstHX_35PX^b;SEu?3&?-(J-q6Oi1dBG(ls
zz+_!ZA?DirM|tAbkV}Xy8w74Zi^ib_mkqXI7tunWZ1koUKl$cnoXqMP0$#3%D58RN
zNAU-LQUON4DSS-Ddsy1R2@i!_9-!0yQULa%F1jT&<=O=f@T0%C6zX>0MsY<ShkJ+B
zUt<NSy)mL9f!dKOlK(YyG1yUxx<Y-_RaTj=9NAG=oE|XtK~q)ZQ93C8+_bv0v!(p$
zB~!Ewh&*C|a1{D+*$@9jJKdH~jsqccYSb3`0~0`GOj_aaKsGrpb=ExyH5JL@kt=8R
zL4$K=Ov+5t%=<?_u5-WDDG!T;G<VYFAA%hN4Kz;qH)g=kqde3Q(BymQu;cWS)ilkC
zM&v~Ay8QJW>Z3&q-#T-RzRe#T=nt80;XCn`d>HRp&#8E%1g1YJdAhI(YY662!>em7
z3?S~eapJijjMpVXf7`p#v5L5%X2v1Z$9AdOe!0~(x;k@?Ok6otjd3^ox47~??qWfR
zK!4_a6iV<(j+MlWf9bnNGPVU?8UiI!;|g33dtlUHEodQIK2b1w0Z&?6V))8Ye&x5a
zJd$j{Ui>tKE|=MU#F!hs7JPnqnkp_Zuz3<G`9gKBLS7e^c~GS3iL#H$#whPxjGjA&
zHY*}n1X75|>ntZGJm0cs?6l0JX8k4dt>uc1I1!N2Bli7Z29GcU!GWVFg{IL=&x-H@
zd1I1Q0Lh=wD}3PKmm#v#0%}nXd%IMQ?z%n#2edo$n)~Osop6%33&3Iq&%f8A<>t~L
z)~9ZaW6Pti7U2^=!=_As-<vcIgEQ0vwjQF<eTf!Y8LjiTO*Z$4F62&+o9yWrcz*zX
zHPhQgTW;!05~0!D2T>g-XyO72|K_`BLAuN`-kc_^l<l~NVu#M&)HSik+>Lq-jF-T0
zIUcrqagGNkRBL5jZV-N6>eh2#Zu=g>cPEse{L04m+k|K+7PtgD?5Ty4S<a7r8Se6F
z6J3_!HpMwi(<o*sCYi@I%uB*)k$c-GoH*kB53dd*?n_gqbmm)smn`(G89^F#0{e>z
z<0F?bAz*p`tpN^MLx0l9VImQEwv%<8jHu$iu@wKJg@0;_(Qn`(i%`(47G|PisqlcT
z&kLIKWu@2HK*hTF%d+<)5=Zz&GYe9<YH5<hr<+(4C<Z6<-k8`VvXhKVmUhnU2cApq
zPh$!U*Os!a!Y%>sX>SS7Oi`1=_AI9!64IOXIm-1(0VG68gVZ<}c9dkEhAfwAg#DIf
zYW<zUU?ahrogp2WQ#z^@ldgU(*n@8wP8#t10ki(1lNBZ4M5lp#EE^Nb%d=0HNvCHJ
z1ARCo^JFuDgz5fL8SA!9t@Mky!`YxKZoWc{a|%NTKadKm-9f3)D7Do$8Q4N;H-jHt
zcQ5J-o#>E8LP^?Sy>n*>3uNz3uFe<jBXysUMW5Q>Bz_|GRG#5{OXrqio?0cz-vMn=
z#CTd|fb7Jiig^3C#9V1h**Y0*D;j?|PQI68p+E4H)X+<^xWu@?zY09F1m6xc5cblk
zc0OZiS+UzNskxE|Ng|5<n5`ZrkfulKkc(;Vaw+6g4JJBSV8R}t3x{ohl|AvS2=G{m
z9y~`N=H&%~aS*Q0J}By=!W+<=>Qpa9b^)IyaJkrpGb8oVryJJF_l8>}@qqiXS$;Xz
zfMNgs-+J1P0ngCA;onc-4cx_V5O4g!j0_e2|4`Fr|7iUol(=b9G_=|$xp!B+f<<qM
z41OK40Y4xgx7fdmH_!AH49H)r|9Cx;E5Q1%bB?UiE|k(9U(VS-q5k_%M~=-os&x0P
z($EscEPR#Q?xFrZJ)HX4LxADG2T}>+Yne4BsmLrrVEu1UL7H0bTV<tox5M>6cA}j+
zLAUOC(GrbG!~-{gYTQhK3k*{*9oS`k*p7DikYMxDH)Uv)DFCT_ar&E_QW{@^*#DD&
zR#G~lzJl}*QMK4T`VMaha^b<h0<!xAJpVO*r2rdsJXZD#*4bN3JYp@(!;N5WsXv$N
z7zdZ4be!fGy;kx?Q<zfSr#D0XJF;Jrg1;<*JY64%%QNugxal+15JzRFFUN`yHMDQl
z!MBw8Z*%OUNl%=JrIFJ30J&BzI?Ct|-0@#V32@X$FV}Z<wicNDm>c4o0ound^Z+j|
zNn-;);R35ONYABe7sI5MLSh^wX=Y}^19@;9F^N;fu)YHYr|}jTB121#<o8e5id;kH
zl|adwE7j<sIpTMq8X|6diAG35_<6v9NX=JPaT}hdixO8I50n2?PjBh1BCSzKUdK{i
z)+lTpY{TWHH)JQ&`-4V#LoQWOoD-u{xMG#>VO72I{Bjc7`{Axy$X~P8E*YLEBp9=n
z$ixadAsIy%Xc*Rtw|=lkoP5W}xw;JK+dFG>2maV?`H^~Ir^Hx1^hvYM8u;!4pj6Bq
z?A0b&VM4FlTAz<WRl8k%7zgB|S1odtrFBwa{&870$oQgg7|k@{E5yLPlp-QDUs^bg
za5Y*doD(yi0_X^v2hu<Zu1+*E90&_64@6kmLTj!9=<jp(047|5q^2u|%%9B#SfX7C
z(m)z|gD)5=nS3Mvsm$8s`0PHO3?wWsCE@h48fiK&XftJ=e>L03m4dhRaB~mzjYH0=
z{SsG(jH2W$@e&#L4jl}T3po!mu-<~(mQQY%cx|s&n7PE)`wxCDRH<x|xf_MViMNhT
zLh%_*FIQs{;3eZj{gmDNj=DWBZ;kyEO-;ar-q#JD)sv*Js^m4b=3gcY?YvH@^*v>h
zVXUuYKIg`^)fdI{oR@{#16C1hQvee9!$ekdQuZWy=97?|4!<sjd0;k;R=dBT$o;=t
znALF0lI08hTn^$8jZ02a4EK-Ed}cZHjq9JcEk)3Sw1)z^;J0KVM;ts$gr6-pBnO9s
z^^*t#c?gtl2ss1*m*g}Obc{YTCH)!1DOTQsnMtU~Z7Sb#_@L|r)I00BUBk2~+O!IC
zUX$$Asz>LzQ5Ge=kZ-|$YIjhS*18A2J306=pvfmeJU`>X94Xw{SVnrj9MkDqL9;NV
zk?j4Ke>Xu*v=B!gX4K}d@l4_y*NHPTrVG5@Em?}YaZq<lA)zTSBM53%!G#VDT}ke$
zVcfq?m0pe!CbIMhady+ACl#<S*er5Wc9U*Wf{}1A5lADV4<D0VmMx!RI%1@YQ4%es
zpX6ZM;`qBvQ+{o?Fmn?#Ws13(Km<5)$*!2-<}V(tN%Co~F%rQbKQ5*_0Vv3|KxVnp
z890iG;v)F(m_)O@6f_13QD`~>32~+f(<TjMpv^c>1(?Mh9zA&F7X&%DSS9wci?=Q^
zt3i2s-}oEkl5!PtWTiRBpUdWf#jG6Wx6;TGx2?|wixm64N~HOGr}k!~VRML<0&b4T
z&Zv`i`7k3dLJ{Y#Iwl8xRSrN&h~`76;?7svIlZ}CYBZJxgoz7ix%RO>J(XC)*T|0A
z?^j|%bOGUSnNVfQauwc}cf&RZ94#J1j?vx2W(m!?TUt2TkL@H1(~U%G(_=j1oh7B!
z2zM<k=<<v`<;CFoYqFqXDRyDf-lVK}=fMeoSXu$Pk_V)Z*xS$nuSt414dxmqxx)r9
zlGZ+_7X-8fBvwGD8o@Sj!cYFp7+L~_zbTeZE)yuuV9COybt3O>0UXo4YW%0(yC~!h
zwG^f)OnADhf3+R*wPyBhUgqv)T}#Br;#RvQI?YvFV+SAkLw+qQ)+c0!381%}c!uy9
zbJ!An?KuvQ8@-I|dOKq^TD0bHm?HPioG?{rf4lnMXRb`{Fe<SN%YJ>hK7XzBV~oz2
zOIG5s*^R)<RK&ZXyYco1YWLoH-6bzv>$Rd0;RM|Zl{$(!3;>XQVmHc9h(ZtwZIIoE
zC!nf0z_34{m0E>~r4_-_WT5EBj{y<^<zl28S0iLNz!@TSwH^X1K(0_d2W7bjfakK-
zRGE^N5Mfa+WKPK1kUxW<^yI7~H9u7$i9LQ;w8c4#vt)+tmFs#qg<`&bM#H>}ylQqd
zs6eQX^`e&O%}&EFSEH9188wl(hvswk`pp*chJ&5df=3z#-ZwE<-2(-M2iI>aQ4!5a
zrmS&q>b_c=>rRF^&U(HaSn76o+xv%~+nA#ZMNum>M>(#}G&mJo1Q=5_w>36LN(WPc
zX;6`hwn^3YG4~4dj$6y@zjR{>e(9jCr=*0%!8l6-kbSZ}mz)$#NH|d)_nd32%hW9>
ze%v!t1@=~8Rv-~aPWCD01wmpt;P3>Dstu;L7&OGs@~xX{Gnk75R&oqp_xr7@whi12
zpV?~*4>$3*ReBwzzZLx1VHg>m%F~B6_HiD%O*5}D$EF7WU+C8(&geW5!g#@~g9_Ww
zdo063$vY@s-yB!E7juC(QRZuwtNfr`3!?N-6crz66+Vm|S4lG%^fuDs8@(6sVl%Y*
zygQ?}d{<Xx(22bsn-buT&4_Slg$a7kG0X)C@){<M$HKTcLQP+VyTs)oNXfnfJs5;!
z>YD(%@Rk&%+&L2f^A=0z1DOt_F_kypg0rO2ug+b#S11Fy#rQzU({_<Jg@q+Tl0K&s
z5`SlOM3$`Rw%oDPR?b@A4~SoZ@WpYTz%PeOB~P2=G6~E`Vk2*C%!l0It~F*4>@u>>
zd8z&08f~C?C*PYKcc>Gni~5z?Ij8URCe_yE;tk=Di>Tk4DN6!{I>Dqx9WXkhG0?Sx
zXpYxzKnm)<pLc40dtI--v&?|Pzzul!R;Uo$q{2KyYc{KTnQpvaiJTknmLg{e_{S4J
zZ4zBFv6}yFl&8b`j{dQrxM45CFTWdcG7}oVjmi|-7wF6P^K@{_!v~%833jgTk`>PI
z-Ezh@ATO$a!YPVl+BM@3BT1cV#3Kg~4Hg!)Q(R|@O`JP#^3l43VCudiSSQ^1JV#~J
zehzt_0!<JQ)ApDVQC?-A^A2c``+)QG-J2*z1&j$+vW`Ho#kt9bxy=4FIxG6^snYJ<
zi%%-r37!85P5ld4{ol|vQ6(jaWG~=@_QT=kCO{&b1X<e+(`%>7lo#Duhw)SKBla-t
z16{e2iM|eVuyG$6uDXRyZHmtbU^Y2QE4~tIUbk_4$rI`CK;b^KeDKH%J{L1eiH-Pa
zQmwOzeMER1J$6`mw7hoD3-z01PxCF?8IoJtHVWhSe@Bc<4{L2hxGL_UR6&rI*F>gq
zu~JI4l;REd|I)EGaA~wmG*_a13W~agQu%{@T*(&txddj8JuUQQy?-dDF))khP0iOr
zO~cDJh*c9Tda;J&P8kn7tYq(TZ|HF2BB(O~7zs?{PTs=Mn4Y{bME4fyqiJ$i*3uIH
zr;#wq0du3>+c7@Z$VNN<hSOP((#UI8do3t147w_@BSQLO9o4gN^<VG*rA6&71#5M`
zU(3+a)K0k&blcqg*UEnN%Gz>pLC{hf>Mq&b+S2QPoXCGOT-GOy`J4d1CSrLhY<H|4
zQkZAJjDb5`Qr#}7B*Kz`VxD1_k)=~uZHef$udtV>!}b-6`8uvw-L&VDv2E7=TbpF{
z2|&gZX<)lTq<V+Ua|_?9Z@3K)$Cy{(yhj>}qC!7i2nXF*8U;=AQZLsZT!L`UwAr{2
zy`j_T7}^OuNu23=FY6D7Rt;T1kpAR_)l=Q!rxK`+KRxZyc?GgmLS*jX*l8=kc=HLx
zEziGPch&Xz%)K)Tfn>>t-?bOUe7^;0*^D069?DZ5bRq`tkNoC^j!y6Ita>f_80pzs
zY#wUXS#c*SawzHmWuj_t`>S7!5AcR3=S?dYb&~6X!AcTNvanvm)OhFIRLB3Sl!z5q
zzGE7p?M=guiMXD!3e0AG^)_Z7Pd!KZ0t~L#oIEIE?|A{GAB!HQ;2*BGA3oghAF<>i
zkQrM@CKC`%EmJ=QlU=@srCbi3GQ2v_TDGB!h{~Wcaw!GPL<>y)xMss%rtVVLX~D8?
zq_vEFhVhICrmo)l2{=lgIlwFd@9HZglOlf~v_@aJJD5AkTs8I@UAfSi=RW0@ZgKFM
z#q%<!*Gt+<Wc0A89ju>;$NjXwtY@sYjheW;N?J&)S*Cf-(lottqnlbvm{QL#cHD;&
zv9lGvyXtC*H>>sXmiOl$sYljTD`Ww4i|hhd3YkamIMFj-I(5*<2-_`dt$tWotKH}g
zwzS3mX<;)eX6%M3TrT$$;IEMk>Qalxtn>?qu28PZ-&K4pkik^m8OZHb{;cnummX8~
zDH?ZaM(C);s0dkz!zMMY%Lr;=t6k3xY*|yP<mV~t=ELNRJ}7OyJTiPEGJ?*sKaPrM
z#X0o=Rnow^PiNMDF9pudy*12U^aHP|8C!~-50wt`it_laYrZLjf)`F&uk6dk9}u*t
ziMa1jj`+<f8qUk7*5Q_X_!udh_cJRoJC})F>x90hr{26?;ZuL7@TrF;4pc=h8r2{F
z<%!y^+tbqOk?PxIXLDkIZD4mxY3uTt4o|mt4nV95M{&3QFKl?(_m?NEh98@ZEdW)1
zBpaWj6|JzDxdIIEjQw$QkjcWYt*hdRh?I>f?^|Gr7GY*#56RiAB`jAQU|VGE{lenp
z7n}uB{Fo(Y$>K9m`78b!sGob9j4T?)${YudG9ASmT3w+7ymy46c3H#!Sl5@6F@(K!
z$DWttw=94AB<@hZ7NwFOf$<y4_x-rnC@%D%&dPw??m8zf#@igtIHI6`^>QtzliB0m
zD(Zrq_1}27EN-3(r#h~;kdZCa$~`XIyCk+^!vC*JGLd@FkxK8Xu>ZKwTMFCn|Kmar
z{kIF9zv8)5cxmpu<LWHe;0aYdI6{{0I^9~x`0J+n^u$6;GqLk@8>VvON0{cty9_BR
zjRtP~N$cV<K7^>B=UG{f&+o^Q4I_OL!z7WXnIeh35WCSuppWa-2Wi1nn<LaKttxM=
z9vBB-s?i@f#SETdAm84PGAS{c8#EwbIm5({f1=Yj_%I(AA^e|>7!$dSC7yZ76LF8n
zkY~llomJ?C1US0ztE`A$!J7p)1`_P{W1f-2gLlE^i-ukzBdl4R9DKF-E@u1IhHTd^
zfv%XRO2H^fc3Sv<ge>_kIWDsa6Zg>7wHh5LU8%MC^3)qXUiTs0ltj>xl1@700GwwN
zwkXu6E?e=><6m1x_fd*`hc3U~&elh#uL9@g9>g+>*y}ZyY$H4bcYE2E(M5gfo=k(L
zaBuB_YgD@GC!SC5)cnm-e1FT~`MDykZ)LszrUA|Ng%e;ZMKs^Nx3XcC&t0|eN#8L<
zTVL6?&qaLZ(=Y4Ed-@i6UtEx`6JeN;N{3;tlA0*pGgZ9(EQN6wAyi-ZN}dn0tOzz@
zM^PBb1OobiPSs$686m1I_ylOq(s(J49Y=;K9epqzpdqaGa8`^MyDZ`ZZ<jxy@QBy!
z7Bl*xM+`*Mwr)cm4ESk6VvT`9Ik|tYA+~GiDMo%!%*4po1Kjr5EuI|9;CiJ4`Qt-p
z1Q!NH*s7LKPxa&x?;re^@7plc?_vl@E?=Q%?yi1Sw*ENA*g$%$ZS@<}-zdi{5^9Y)
z^K|Ua7zfpfEk6j5v>Ab-v&)s#z4Z{J+81#P?&mla{R&cQ@%49h{j0LB`EPIef2*vs
zSjfl3qa=34!^Ax#mYRDlkerB=$9gPQ)NKl$=%U&{)})M-e`@uV+N)Dj#Z`*hw*Wa5
zAE32**#7VDrR0g8`~DBFr8I77pfF&^AtiJ|CQqRQBx`7&%ZBOBk|pP+=azyfT-3w`
zZTMQKb&;onseGi<2wOE9E_`}ELU~6hvH1HPqse>JNRxF#AN0~)<*l4!@ck7Nym$>F
z@8j%L4+ZiUFI>M=Az(%=7ERsWtW?ClfWP-KMB$N6WGxzaw<ysb(iKEef_8j1;-~%P
zmlSt$UQ8(l+BV}_d-NXpo$#OUYo>ko_h3DYmYNreu&w0J!w6CZad&}rxOix6>}5cv
zUh^}V{Lc1*v3i4rPK^k(G`^-kff=C4s#6;s&(6+A>E+m~9*Rmd$KGSLzBH4+O`v)(
z??!>C6%(YSa{R#Uf9&`NnQvAMDS(alcHL9_V!d19(`_CuL>f?a1kZYuZrFWvSU%|v
zNF}MOITgLX8=?X;<5|HWuh;5bl`yW5!#4pmH*z>y2lE!Y?INL>yz`%lzpv+)hwy;#
zl8C}emQOPKL=W7TNV6s+JSuRQeFwY{F8kYW9q6^w3BSCwR2v9OYZMz2cdGQ>RL$3p
z`{!+j=Kk0jUBAqQv5gYJQ@*5Q%)856QyiIG&>BTFeNk4glGZw5i|D;IV`Xp;_t&HP
z2Cl9Tq)56|R~c|l6e+yjO*d7)@gAoV{(ir@oK5z?w#Hc}Ncqy7p%8F=Uew=W!wh~=
zUhi8f6Yi}p@&H!BKRepXvmHMrtW48xV660D;w`v0bnI}EsW7&Qp4|3GIi&Df+g1?h
zazAq>&0kTRA@Gs_Nl7E`*5D(4-r`D1o;|D43-juUa%dht=laiRPH3FWL;r*OmA0hB
zq!JVcG(}$Xb>{rNbTf<W^GwE152d0OW5d7Vc8P<@KQWQ5@(besx82NT2<rzwOFibQ
zwKJJb3cJWIojHz&sP|#PJpFc>z3AIq9+q62gi*>=>~^Hr1^~Y-p3fe&va6UGJ%Dx{
zb{)LP7M6_&S}*?%-IZ2sT!v6x(t3O8LH`FAcEY|Tcv2L_z5M^P{NV4Bm6Rj@JuN8y
zJ1vmzM&om0kcu)3t!4LL;<S#b{jAn#o2eL?kN@<an%Gro|1UMMSAWJrbYAxV*Lv98
zf9hfJ#fo~^vfus>>S5oBxHDpx-2XDE{h!st`Yts8%z%~5&IqYdG$Y}n@vHV+w9ln1
z+|r7^M^QxG;ExU(&)XlyNn5@b#l&WOTk`6#r^0xtQ2kPDmTtSGq*Lh~d5U{eSeNGh
zVEq2uz#j{tLt_fsGt4%7|H@*=(FWQ~cyMLqKL7gh+7OiC{G5)#y`a;>y*aK5Apvlv
zV1rnbfv;3FOo^pDacW_~VMOMcxKo`PMZSUZgV(e(fN~bhO64dV?fgo=miv==zZ*@#
z!Id?$zTSRDcRzyntsxVXF{bNXuvmnGN$cG~#t3CrZ600>Isw<9*_R;QpNo_n!xL?B
zPDx0V>`8~wGg}gFDVFrVVE+p8j3365_4l=wm2pzgqO&Ggaa^C5o*R6$x+pudwSN`5
z#&c=O-aCFOR&C@%;M<<^NBX+RMU&63(r1tSL?g;oRpn8CpZ$iEHAY7KMUT(cpR`gg
zbt<D#;fTuuY<XXZq^InK^<V|GJKNzJsdD$J@&F;iZ)^3W{O-j`o;<Yfm>!CXE%WSo
zmi0~=_Hr5dQTL+nXZEN@&C%}P0``RYA8TCt{-M}`ijn?J(`G0PPc<xe9GoR!9YJ`w
z$R~NkC0(1aD#4;=+0KSUQuHF;(w$9Hl`^SwrVRX;KIUgc&vtj83CXSCb=^R<-!)Cu
ztk9!kgGyavsNWPTcX7p&)m{y0mA$%rz24ZB`}Po5TbBjUWFtf8Hw0Xo=td5EUIwRn
zqlK9YMOy)C>l|gbhumvh^crrgmH%&`I;b7@BRA${hXUwI9=qUT|1qv;++Y2Vaiu%*
z%BG238=@xo$qJ_uVw&05oA+${3<`#M+|K*^jJ3ajnx!dx7^NbI`snUEm!4GLJRWXg
zf7jAu(xtGe<u|RCb4$}d#JYWe2!&*1wGRxRy3Dw7fVZu7YUodN=wHsV&N3+U;O+3=
z(!;iXBGn%z&#2z-?aL*sv=%eqpIK46PhVny>+VZC^nOgdGx|ikM;EGBIW8M|)c3S8
z=^t0d*t+e6X)oKEf_uxOcAy@z*c1%EQBg@zG5bA6qA(CW6KPzL{hZ&Sb01=(<5_W8
z$9)D!+8snl<^bJ1lU$D1D0CGRu(DG9vOc7#pN$s<jlQ|>TJ@B~8YD8$&Mky`h7H%c
zd%)-o$eWtb(futXRac;A0~r~_AS&0{>33<UwlbgdkZ;2lrD>^iEab`#9Qh&C?eoaI
zEZcyc8MU&Qc71r3$xCRaTf?1%BeD}mpINr%PB`%vt98GLf(11+Hzg4|fjJh0nf}l0
zKHX^9B7dGFzMi_bY<(c(La6~UILmB3PiiMSOVp}uQD?q2VhhT=aNaa<kGPA_!`D<U
zs&P3gffV|>F~0>B<^Oappj?1_#?b{ocQZ54`YKRAhivIDOkH_?!rEXoS>dXksDPHU
z)`v!EPfN=;P=Iogus&RYw!hH|7W@~4WPB2mcSu-W9CcotlQ5&W^)JrN)h=H8>Q}|d
zM12GTx?&ev>lEQ3&R|6g9yA;7map$%PAUb6`g;u~iS{T38T!xkH*J>A&cOD{B{P^|
zqE;v1Q5<tnP5J%%H!-I4VBx(4v?a8Ig3+GT=H5(bxi0xhUnv>A20pm_cijBB^Iy2R
zUn5S8dr;U=o>6;i5itL3+3Jw_y}!FkN?8YURsO*Y|4o|xuV;DGDD%n}iJ5l=7;oWF
zs&v6;Es)+Q7L{k9o-vyr1xRc4{6PRz!77R)S;f#P>qXd6R2YTcdny)3zHms{g-&@o
z$M7;uzfkJ9uxFuT5FQ-40XVl?!sj9a<&#i(R6qVJWoPf)My&0JvoRMgg2Pxv@t}ll
zgKsL>TKTEjwApZ_0j&NKreCaXwxml$7!>uELLf-Zmr1fDhGt93x%C+I8WUh)5+gmD
z=#D=|M3h@_b6y8)n)2x@YS4lrBuM<Yx=VIdA*PvhsR;7l$SLlyTg4m|d%0#e>AhU(
zV8}~Zb&zzd+G5oo@&y9nIQ(!@!kW;rtSOr-KA2q$j5R^6GKn8jd$`RR(&f#SF5Wdk
z%%&t4*R73{^wAmBCvm)+rL6<+FTUYAZ#-2ALUyB`E<Ln{+4m)x<@L{mAu(IYvh`KL
z-zM4#HyTR1%8L`A5s#y51#@}!h}C-}R~hpB<!O~t4$cV0UQgTZ=n=J<JdxTs9s^d}
z^7pb1;PXKvDgUa~TyTA&yzV9~A0sTMuIVEH@~H1JRcv}S>U0g;mnwc&Aye_de<s>X
zQarll@g6#2k49z%9s8Q)N=dXB(l&#)O%8sWcDAEMAFm><(ZnAI?U9mfnR49}j|}(`
zuuI8UAsxto<*u`4ehVhSFX_xn8^)W{S>p<eQwHjCjH+(Rd)&nO1@SrQ!voSE423a@
zYE7=6Sc+GGV%1X7wcPJ^42ZG(fLi`=RHoqY{mZwZMX$W$GE42|H-)u-bcGae`N7%4
zaSdy|WWf#(zLw#gSE$v;Y*Ds%)PM>IsES*FRiZ3plf<ya&|b1HbxhhX0^h9cvo^}#
z2LBKT%`n^w=UqtdZ`H@!`m!bwp|#!6g?3?#LRdHlsYLg(wgTc}Y}AOgMw@!qA8kD*
zyds%opd!L4Scu8bzUTPk>&z}?mxvv~A8>mrG`z!rgN)x^9hiMl72ST@`O@S2sa8L>
z-YS!4+&cIfjQo<8Ht_Ma-!JL;mI9L%0X|&z`#BHDA~^{kdg`(q9+zC%Y>mkYuKX}*
z%{rlZf7oOak;!#Pt$=dV1bCzGnCo^Ceb&7j*ldGh!?bMF;p}E_#XsR-!^D?0^;Wg}
zi|;+R$kzEXQg)?FmI$gV8MPiktA4iN#T#<&qEoCkM44}OGMmu}5&MoS-LQP3C~Lql
zqw20Nz2CI#_x#h;ytE_3z4DIuj3|jcc;M<Q3dFhJ8{as$KJ94cD<G%_7Q~X;AGxFV
z%jJ5CH5|UXX@ny^eBWNCjJ?c|(dZVY{y^6}v##5WyX%KJ+_cRw(+zP)HW?qG*E#p7
zGTK<o7<yrU&6tiA_T{RNcaC3#SKHIV!?M)1@a3A!i}EF&$uul8gKoWK#Jc`2L=nHP
zoU+*Xl!keXf9o`;_hD&(31@rSuaK0z`?$$Vi-E#*Y?&&x@V-mR?L;%qS@`_;Fj41f
zgvV;HGi-?}ZLQo<YE^Sitk-xU5uot?pTf>Ns);oE`zR{AprY$43o5~iiZlUflGsqO
zfJzf75oszVN)ai^SXNO{QIRGk0z!}$mEIDORazjl5Fx;z^u!P$1v1Gbzro$#o_*hQ
z-t(T5KjxpDGxOv=H_yHI`~A#5+19aUV0fqU&o!OOgKe3BBFxVq`qTAKwPRPNQK7Q*
zQF8V54mGHrPU9k)wp?3Ohlj;mN3#8yFhg1Ai;fu=&ddtL;qB`roYx(OnoKD@(F^gd
z@!<HOqaS^C0}R?|NB4_Xy3$zycx^iw>GDMHL$%)uhJk&SikjLLR`;OA-cK?W8vljE
z*i@Krtoit@!j!4Ol0(3q)%Y!%gXP{gTKo`~Zw5}OXX-6b6hKV8+>i6PAUDs3)yAKa
z@V}d&G2xN;)%Qi6A8*%63tP+tFTV}7R(L`;SAM}%`pA=UB{ME+BkS211zN_#8P_|U
zE#Ul~<r6WhX4Ku*CP(-llI@*AC@7s#MyJG1wnbC41?s{Vx96UpzN_McsZy>UL2bWX
zloPA}xZZ9-f%R9DA)pgEcUWMCglnr%3-gTNs)AYamB=|OBl@F!&kXf39aKDajd@gp
z6xwz3WX(b>xK@CR0lB#=a@Xk#cWs3UkH&vJD!J4;uw4z>ATA%X+|ZQ2%Sdv)u3)Yr
zUtR<P*@8v*D`sfU#ppu|8_!;Y8c`fqJJPuGD&fZoDw?sHSET4@OD>$O+<Hd|uOoh6
zm`h)Nww03q@ewX+XD4RwOxSL<8CPN_Ze+FrRKc7x>@V3Yvaw)i=$xqltkzoCQVH;x
znSe)sim#t@@A$L*m5_wnO`4))`|0(89&<%!WNZI?5m$^^UnBOa?Eo{rJSHDNg4>1!
z`yblGH6^|OH$A>^M8c+B|1k&HI3bP|8I~dbv4$3B7@GGqtduWIWo4!n^28}ch#`eC
zJLm5qn~|SsK;Xbo62HOW-}xkQUiY8>&sQoZ+y1%yKOhAE;Sv15E(6)fVP#%~GJk*t
zYKeKO$mA0KseSTZ_gM72w7p~p(QctKm3gBP0RSHw(WS?)*CF~+3FydcRL_?ENo^I(
zV1lM@{&Rh>W0q5lH|FS%=Mch@FsesUcWS0j=6J$sc5#_f!<vj^a2MWs`VR?DP9DON
zm;*oIQK#KslSu@%8wzn=`{u7UVQ8fT^VHk8h(p|V`r3^B(#^`0b&DTP={TEtiJ!X?
zK()<W5wT#yj1Cy_S*^W!wnh1M*N^|p;TH2sx^(dyD3nmD)$p{M`R4WGfu<d@t!ugn
z?5SAwn!tTiDyd33;Fm)@swt9xGiAu<F*<pRjifrU#109@F>}DNywgS0!BpcKYNbA}
zLhtHzc1KkgD)x|r{$hT>sqxBG-4O?!8xFUzhZqmFAww2$r2|!R6}~d9arxo9hFUVO
zS|*6&&2p*L8I{Gj8iOrU<SGiM0xlhCMFBD~2YVGxYmh2JzXubJc>Er{QLiQLnt@?N
z;P-rb_ksNB9^B}xR?F~?c<XjT%J>qC$3Y_Ml_E0MW!M2HKYxTAKZZErIH#(%SP`3Y
zTHY_z=9#tPSOfOr`NLyiGwd->fBCl|&0CiM=+go!*FR%AB0V}*Ttk26AbP<>26f`Q
zeQpDY03B&oJx1pl<Hgsz(VDLb_4QY<#3b*q5Swxb%bgk2c8}epz)PG9n@NwADiL*U
z)L<G2n*sYy^^l7niL#=j`ve;Eh6oV_V(9sbj9)8SlCaqX&<)#+@Eo2#iNJyg9_0-R
zv=%x&w=rUG*o6qg^s$SP&`P!0duWQt<XAe(E=@~AnAGjUc#fAsAVbjeHya_U`P&0G
z{MmHYoQoe)du0_8G+KS69^D(yL2b`0R{u`L^L68FwfaEs`qZ~Dlgzt@PVCf{r0#}w
z=We?Z{xGdIW2%W4q*^);#Zln%(EiJ%-No4J;=`?!v@akfky(V*Y)+u!GcWp5Mq70j
z3{+LPy*hRee>$l2ZA0|+?c_(8HFY(i5#=Z*x<x#KEq*)}jrHb|q<3QyTfvQ3O-3N~
z;dvgyY^dI$PCx<PoI-f(KdLPi)uAh8LY;BfAsznGM=ey(ukvleG0rYbxa58>zl?rt
zP{zd{B?n)P?uXW1>X!{(ye*Akz(J`p8-6d@X@YdXVY?qY%~{$tJ?hl%AYr|I;*T(1
z)c2>w5N@q@!$?-$AduH|$jkjv&9jJQZB9Mu+Iw#I7KR^}$!m1S9PCeW4U*(=3T8z@
z9oErn5!c|DQ5_VD?OYYDB2hVGG@|3h%XULkWS#B+=kB;&AaqjhaSX@sYiUW{7D0Fo
zF+NVf4;xje+YjKw@IqwHyNu-J(HqxF%Ac+-#wbqm3DDj8s|R`)+9Fow@^X-}l7_3T
zOo&SmUQg`8QYb1xm}<M@iEo^*!@ni41aJr#EhO8(goomoh^Ll-(<3=Dp%v6uKjA<x
zd%|F4P3n@_9R17MouF|bN>mLc@JNTA;QBf7775uMNX`#_SL3~c(zBFVzhCeAb4920
zzY16b6&Q<7WEhF(l)kfUZ>ycrHQm_Vei&)W0`d5eF_0RCSG9WeSf1Kd0(^_*m+tTR
zTd1bIpTuJa*2+g9*B33~C}QZglfE|F6u(cF1dLx4(%vi>(;o1dv<>Do(^br1_iJ|B
zQd4~N9G=I=Ykp^e<1b^Q!}dsP(-O&1=c6P7Y#p_^Z9}(y)b++o^b8jfBF)OiokuL*
z+E?5~kw-#GQLt&gA@Nh|S}goF$$5<I<Q)D`T!VKD>dzFGoOFMb=IwLl+hxq-2&D+0
zb|_~)k*@3v4kOAW7CM^iyg+8dU)m%LzY++|DFjNiaqyLR*^RehBKCQTbni0;FvhIu
z!k+!Ex2}KU!@i4|Q)+*xZW)$Nk4ynIS5S`613CB!U+`T0RV@6=Wvm{BqcbPg`7RZA
z=v{x`hs}+??N@x3+TW{xiauYxTWF;2Ea%w~{i26gJ;$66gpSu2j-D%MZ-8RIN<q;y
zg6aqbGG1FN-D^9y6~Mdr4>6rN7G%tNdr2E!y}L~mcC$y2n)Bhq_t#W5q?ZRTaig9D
zF>^F$xke9NI|WFN_{8_WCIv$yE=#i}_1B>Z=N|dSIJZ%7$Oy6x4VcDa|8xhdpOD*x
zHtDmg^HuEOHrs1Xxl<Qti;f;RI%xAHJ;oylODlriJixMO0qb0tTWi7rrM3zHgw9X9
z?z9{!R~xIcn5KSr(V|Yan?4UM9#6DO@L7Lt(IhLIyJjdPAy@E6+g`^B_xv=5I0}<>
z{F2^B?wUiF$FtDm+ahFBwnv;GB1*gde3=_@o|-=rJES3O9l@<D^73GHgS+#&jl8g%
zUJYqigGOUpqGn$B*dCoyv$Qg2^C<bkZVStwXf<hfwF2m%?d>SqZg4R@jXNAeCVXkt
z=_bht0?&&%Th6qDyF7&<${C_H$HPA~Cv9j8;><9}HzCtC>=x6ma%rs)ERjQ^)iX?R
z>aKv-?a#u9nYbi^RpmpyCjBSdJ0ob-1}(xvAuZvAIps+JFXeijzXjXH%9`-_oF@%o
zGUa^$y3|eHWq|L|&#{J&x3Bo5PY4jgR1AI^Vm*cgZ)7Inq$iSndHf4dO=NCql~#ep
z4)5Z)Y45fr@)4g+;}_w{eWqM5%PWoHOQChL*h;JLwrRhY?YnsxID=yu^OTdc7Y_La
zD>F-yu(7A%G@i7<%Mnc-N4jhg@GB^-=rvArrA4%HiavgI4c=Hoe$N9$JaBQG_^x#{
zQ_IxY_fC^rPhRjwl!U96ZuCKvgj+^z8WU<CcHc{H&91+NcRlwkN-h(&*%+>P`S}@K
zddK5mA)%dn8r3m@zMJFZE*pwzh1Z))9L_WgY1a7J2jG!q@6RSznVawn2PThR?3%Ts
zxRmY!LJPj1)AP33`*Qgsi(}McRA)u+H7FQ_@&fBtRh`!ExDRM`so<mDwWM}gCpBX^
zsjMjGDakvc#6oI>x)40eAb)`7hS@E16f+So2(@uX2FhV$i>)+2Z66$^gX~QnH24~u
zbSuMsMtZ{~12y<s@lg~nCUUrrlI*ugSP&)&_P|E8WAQ|}pMtO;RTh<x-u)U7K1M;g
zN+Hb`POA29nDAUvS%)L`-1xNQZYbP#d%k`gk5_f4avH<ct?o=Ys0zAWX^Q4#JLPYF
zx!77A9@UmN#muEpzK=sWE3mQ~e7dvzAbVoN1WMB|1aS__?<7hZF=BAXSua^JbPWsj
zE7wuNHeywo+IM%PWh9tCoA`v?<7n9q`l>H=eeaib*l6&tj9_Bw-tVrOZ_=%Y2Z7hk
zyO*q~D#yj{rB}sv=Nh?>-Q}z+nCcnjSs7LwPR9ADRD5z6+FZPAT-#AysQR|lhhp6^
zmNZIEpgY|;5%kzdyM6neJ5RcZ=^uzGs7Je2oDTiaU`)9rx|*G0w9x>}pm_X}Z#nKX
zD(Sf<G2|MB`aUHSmiAI(dS6FNhFR1KeCe|S4CF|8Tx=sBI>wUiyb6n^oVi~Mrn|rK
zu^V>hWmuD_r!wMIWFPpF0p&tecLn(^r=Xwj3{J?=##I+c1a)@-XfN~}5-jZnJ$&NU
z7+~^7%v4|c7f7V<2F#NE=xI-U`Af>_5m-PuXC^&MF$pDfk0BO?{;6Dv?i8T2QsUXT
z^U@z46I0Ip9@xECBvwie`Lm6QuG0m;Eg|1<45eub&SNU}{eZrr!!)QJ+!}^35X022
z(mh<VM~Bj9cz2C^@@ra%W_<er)P1Xt^{q+YXigKe^Lr~{78|#wPBK@B&Dz6H?+4tk
zHti!?2V*XDy{IyI{Uac`Us`83uIB0}>RWV<Pb+wr=BoO~lc2z<EBAszJvq^z5gJ3B
zL@|ECKc<sbJj}X|ScV*kdn}%MVuB9Vo$pyulus~AS>#P%N9W&=Zr3j=KbtutOT9Em
z_$E@{_u*&and@*HbIs(>`j^TtN+w;qWp!`L;dmTe+=ap#<n1w~Z#@Z_8u@daY)`=0
z=;BVUVa6LTUxk<Io7fwqfpe;D#D{ZIS%-tg_mu4XBI%i#ws4r+bV@?Z<+g_7kps4n
zAe%E7BZ5@k%FNEMf%8dGJ>=V$Azr0wDtomyMIdJ5k|F7@*|@SEdW0oxa5Y0IOml!U
zxNHG$IPQ1$h!8QZ#6g0tLRysz)_u-VHtb}-cEmD7mVv&ievs(eW^$18%35_wwUSbR
z!?cmH`I3p3P-n8A)WZ$=kv0iKw$G~O4X>9+jVPWXqbz#ErCCB@pea+^x^HbI+s)SB
z&*zBI(!U6~El&tHN=@R2ZyeC;Vm(1@NH=WUe{4rQ0=Th|3hOt{dkq$J--PJ1c1fR9
z!LnsqzNcUA1}d~%O~8O^??yGuzAu`?X8bvVbwrNh+vbo5SxV*P^WrFo5h=4)LQGbD
z>t;l4Iw=vE8mSqdi*O{}UeXS{i#X*-3T@cNFR1hs@Q#oNPb%q?#z?l+cdLCoR`@+J
z<HW>B8ufZ+<X4bl1kj<RTrQE9;*)K)#hq2(H|M)cW-9DZe(>4oR@6&g<H=HJmS3id
znUmqU*}$}{uI@S<PbHKcr>^{*9M-e+(17Tqj0C41kGq1ahe3RMzw$Q>wW6DXKTQAd
zkQrr?n3-X&u79F1x$*2kOXKJth1?p>QI;ry(Rc}-6(&if47nIAas&86%RR6-7GhY-
z>yY#Maj&oDS8okW@fqM-Y1o+EDx+hmO=Bv|2(w6ZI_y6&S3gP&3phmvk;FEK80QIU
zWK?|p>{h@(kRkMM6BZ>^A2GoDwuSKykualB7lUxH7%PQKR?bcW+G18pU9@<_b(#!N
z#!8+6``3c=APQw51Puw-R4g$_T|wv+LA~MlJ?Z~3H>tcjtc0Nz9TruzL#_jpF_zzz
z4CfB<PMFMVQp*|-MNZD<5Zab*Tp|m678`8LAD$qW3qIimCn`#ay^W`oBHHD`??b4n
zP>fVa8-U=6-|z<G$3SNIS2#p4xx~t{vOu3Q-SB-Bb+hr7&MzM(3g>HAZHw4$XGbq=
z={CCa%OfifRd-5{{%~jH55AgaY+1vlWi~&yWRBmD$gSWgh0(ZAJG1?6iVYQ+;WLAl
ze6<^lO7yZ0U0=%LMOnB2F6*#BF(1|NtNF`CVXLV+eSuMu6D;mrI$Ghzz_>*EiS{Zb
zOK~Ule!u|BYbTUYwgPq=t^V+|_>Spj>TiE8nw=!FHpzdSYm1Ej`t?7p0Rx}q|MU?e
z_x~&Pjr<|FO`f?!wfn|I@wgMOzIsmifqB7wl=y=A_?Rq!5iVnYMjlo98=+Bp`hkoA
z;mBjseditSLd??*(xugF7?Q^MEr%z6oA6Um#i7aiw}MW~QHz<F@`FE2+SA@Fj)&?i
zgdBED#_j^}`g=K|NFf@JxMFi=7)6Dee|No6;PP)i@3xv*S}$$h=rslf&W4MuUamaF
zxW&(2s=khMgl@L!!z<a>=4)6CZE^omJDQ2}%*#{Em}$!XPE7ubo+7qIA{pS%kF5~$
zuXT^5_R>8*YX_;;P^fsQ9K0T3Y4k$&l5?U?wtEg0*y=}N(i>OWBGdW_bx_38!};Co
z!jOdW%x9RvmfPg<#b(f_y8aKZ8xU2-)?cp>7NjuE>2AF%OSu1_3dJd#eaoNsf9CAe
z9=TTtAh5%*CXgY^dd1cvR3$J5$1iuR<qJ5^15!q!wsV4YP~4TdJ~H$QWL}$B8!?RS
ztozxze>3ik^Xm&3MX{HA`?$j;6s>|zrGz}7Te%fW(*%Wz9lh-O5<$NX0Ou&(GY!71
z3oZbVb2y83O!%E_w50q<<_TeLcLiMDS|^w<**k3HIz?>cw3d$<fgBDLf}nG3;4>Vc
zu6gOlXcn$!pw(6Grw#KhDKEp_<X`^nHlgez=yD-#<Eow&0onx}(8Y3ySMu4ZqE0Fk
zfM82Y^ZUXS{QUrFkqiZ2&b=<b#o;JS7Q9<tkhnAQ`d^KzvF{g1SD<c_)4S(A(^#P3
zjYuv|Ssv5*{t`C){W@UX3u@himJv4heN#K4f~PNgA4D>hrIy&uxVkirWwxi<yCklt
zdKM=+LrU2|ZLXLvNkb&`Xxiew+&lXof(`+g!6Tk^Zv|@Q)HfCv3#4vS^nx8HW|1bG
z`3*>wDI>0A6FZN>4Qcn;u^edA(K#KeZk`I{YA;95_Ci{*SFz}8F;OOZRwzH|G_+0f
zqs%V79XIO3Rjc<Y7CD#Uby+c-dDOYFu#`d7>Q?Q;U4R2qyN<kLo|qUjao$k-m8^_|
ziXU@=1n3cehnZgbeTnpZG3FFU8~TRAR<^Z5*EYVmI4CHyTL`E)4F7(=vm@2w#FW0g
zNG@GhP)ERlm>Lsv$}awU!YSAka5YnNf#nawC4ote#E70=dCGA>jPs+)B!7O#6uX)*
zfo9?Akp{_{i4O}n=e$SNZMlJJxLAX=xU4;gfs$2qY}J6x&iPNBsbrU8jU$BqiYNEg
zGy<N5$ft#2^~qk52yB~u&aT_5G$_pevc;g9i=2U;a&?nns_fVLYU$Wm8?M0ePK-6A
z$h5QoUj5ztFU{Yxq^9IEV{}SNSF3jL`FSLCu_js@(|Q4~Hrw+NYl<q~t#_RFUVmM&
z+vf+9J~J_nb2LB4vMYZVcG{T~3Wbr>ix3xVa@e1_p821Xg5=iXRC2X|^$*p=hh!rY
z^T~-M`7eEP`~7fi1sDc5Y?yJwIG9(P)bDhU$&Os8sN?y#bCSFQ;wJ8)nlBF)dw&v^
z{SD_X03pWKw`2Z5wpEyCdJq;B^`iF@%Cix}VN0mxJ!N_9icqmN{6OQ?8&1WM60bBN
z884sw?JNcl`?H`2nh}j^ntTf45c-)EwD94iDd!VjHGMV!L+H~X*1aGFUF8Gi(c^fy
z<Q>FXj1Om$=0g^KQB?<I<LrP#T;z&|=rr<7ren?aV9~_I$g8Xcu4Tef?W5Gkj-U0N
zmo0rL(EU>_HUGAn-cabW?FTw?yD6#PsXKPwaMvneKQ(>sRl1p<eJDK_;zrFO(Y$7G
zvTep1tejkQ`g1yUu0Esr?X0g&22dUUtT=7LOC8^WQQTIs&l6x7Y%s1ab56R2H>8S6
z9EFRmFzu9IT{;!{<opm5Ue>S(@+faBvvTY`x(l9(YDks+R7^*l>TjY>b@PHSw<Lfd
z4|q__L5&|B6yC9y&K1bd3R|ixDN?G<RY@M1=o!o{xdN|)Q)=KhaI~Yu4)eEUL#9qQ
z{)LP3bqkcM9mA%PumrVbn&TRsZt+uNom#nOmBGOb>i$3uw(f&W*qn}=xE~(<)liMY
z1QXeTL<+aUU9-uS1fQ$xJ4Tg2UE92+gXO^WE3W8}cgSV{Jzh*ytJ-n8|JtW%sMa9}
zq;hBXCkO%GE=;2kqcGAS)<B&%e}SpYtIxY*ikzzlVrYjuSO2h2KeN{87<YoQQtqJk
zvEGRFaSoFZzn)+F^l^VI_a+QfC&cA;az<Kro%x(VRXqt9<yeyE1HBg%*DFTuLc3+;
zVheqpxRN7XhTHZ1A%g$73nhO3<95O}FuG67IU#Q@sv67ge1+X2Z$X6E2^?-^zulw^
zWyvPiNLjB@A@yOfL0N~Wa|`~OMw{{jPI$Kq+%6(L8N1tbS3~P?)`5G!F1ccKRjS&y
zTsdB!!f2(XHMMQ%jmSqi=Ol4hVD64=m$e<#@?zp-(!z>OaH3cw9Fh_&$vBm7e(l&=
z{|>4koe<d1IWcG_Fqf@d9UQF}Qb(!og=@DaRk!~YW;diaMxR(%;-P#QeLqwdQ7jKM
zK&RO_8NWTfYHc+5jdQE}D4rwplOITJy3v3WrP4NEItUbaYLMNpeVY?iB$Y|xEZ18G
zqwuU(yY9#q{n0?A&b2sPN<gQ3NY>qaaU7=y2Ob7PA6WUoU-BaZQ*h=zHwQy&MFlP+
zMqp5#$1m#z@jyg_wb-yCNNlK8#wBIXriS-mYQ76OmlNdn%uy)w*%0e!@@|EBnsoT^
zjhi}e;f-$sU-~Ccu3j=l%U3s-+4jNU?=+#`bL}g`SBn*8#P|>=<8y9S)#+2L-rGw>
z<Zh;&;CKaA7#9`&)quy5^#5EZ|3%D-m*^O4BVG@<wdAeuCir+Zr&am!XHZu%k@jJv
zz=X%~uYySBTi63-HGeR)7xpr<zX#xEc9Us=Fmc&PLyFo&$L(km(a{HQ@0aoT-5ZS<
z^UC?X<uD7vS=t6^EKhUrtg~0UUUjVO#0Qz{TffnlNyTQ7$|VqBoX}qaFy1X!5tC3}
zS5t-v<E@}XEk}P^dQatjxp^XgfUL@P#iZug(MzkO2F1VRaqa~HA;yXN?gXQYv*Eu<
zAC(>-U%V4z0^XJSe`FFQL-Gx;WLDf+fUV(<G46?yT-wD}Z4mbpDY~tMwC9n1bREv*
ze3X}7F&{xmp~fKU=WiT(sk}!*Y?_=4ko%V3-$hbdzi%ur^ovm{qv~7SLs<odu$PNX
z?X?rMSW=GV5$dDGXOk25nsN%RR~7Z@qhtG-XgqQ_*!MJJ5V{7ug1&w<4_McQx{7xJ
z0b>+!RH84Un+O}UE2A|p!}@2L$9>m@1wWblxlhZ4)X7a<m^DJVY*a*_zq&ogdD1@y
zc_+jBKH_+NS+A*D4(oXjC$7{Wp5~<PZMVYKGPBa&1`~&p`L9?-3sjFx>1#I|vg>_N
zHOIqJbwOFI*iUn1z(%4zz-zF!;8K$*lS-{lMSfXRjRwZ2Ktv)iVCZY4y>4`D=60Ff
z)y2FVXW7J#5$9BUFSEOoqP86n2COK7=NT7ZWI$4zzD;ae_e#_~BJ<lQ<XujZcaPT)
zE*0=ZU+rsU59sn<;jL6M{N{jlCeDOxj33+p06jBsx*e7wJcE}{jMT^+B=SPw)g~4o
z7|~#qM7`v^0*vWqvCMAjh9bZAPp!WdLsQdO7P7u=FNluiZEQI*9m4%gd(&aRSycxW
z1Roi0_`A9R=8HiSKwfxf2L#%TG(ITPB}QN|k8zXCn!9JM5cnrISl<r@<^}X4Fe3Mn
zsiWGn{!`h+HrhDLCX<r6F`Kt!Qr|gjJi;y1nN`JS$rdF)&-nFnkg!CeI!HQ<`MyVv
zUxpa_PBw<)`<!mbH&~rNMt@ScvTM;`YB~g}7RQZu!uQ5+rM&hV5-<!E(LERi`#lwJ
z*KMUs*`p~Q3OB{Zip(TP<s(i=GhIxs#62P#ME!IE(h#g(pT*OU<ob1f9~Ue9P`KBu
zs<-;aQUy)R|5f~0T^QH-=lZ{|oB99YK|^gv<%<>-wJa6=`t-=c_ie0g4;LT2aQnEf
z)%h~?mtSb$Y>)iYFvLaI43anB%z1tEpl-gR(!o4H!Pi^UO3!8@Ewwc*SV3X;$KTxK
zZ2gN=#+KE;YK@d%lgBWuSE(ba=CvCGT4eq^VT;fR?>!0%d6PMq!Xpam3KtF2|Iw2x
ge0cDz>3^R@`}V(=O3&n~mVcPJTx?A^_}`oRAJHW#H~;_u

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/yarn_end.png b/priv/.BUILD_images/yarn_end.png
new file mode 100644
index 0000000000000000000000000000000000000000..8b390357b496505fed2100ae9ae8d88eaba062a4
GIT binary patch
literal 62231
zcmc$`1yEIO|ENt%DoBI0bW0=MNO!k{N+TfMUD6=kAl+=b8#WC}Np3*NO>OdQ(C2xd
z_y4}%H|NZpnKOgqECabWYps2)>%M-5DJx22pc0|Nz`$V0%1Effz`zH<z`*7pBSC*<
z(c0ty`V*{^s<aqP#rTU|=mCPIsDdaAOmz&}jR_+37{y*j#|Z}JY0twC*a5rZw=gg#
zWwH{Y>YogMwSBOj)ttM(7hHS(Qs#sKg^ti%1}@OPL|NsHoBH=|1W8V>sVS?g^;o1r
z$@R(xU#rwNgtsZ-C&jV+HduA)Q4);BoUFP9_=SXlp~kvjX~n59DHH6G;y&imp!#V6
z$gz-zR!2OpFCBlGT`zz(8-(K47Op>e*pV%MGpekg4`=fD<+@>Gd50WqLh$>;V*4}2
zz2%>SU=s^WCM3e(RAbw`oQ?Y)VtB_{9?^>@-T;G`RsF>hmLNf`t+`XI@5j<#jz{b7
zSvBW58tq2l#L|npqb+VI8?Bm1gh#<n4bty=>VXcL6&z|=({>rX@wCC4L>yQt2P$bE
z0=(nEm^zLlKmkdvjqd#zP>_aQ{PM_0aeWs2`(NW%y1@pM3YM^>+MNxR?^4xmxUP1_
z*O2Ot0wo+WU)_U{__y#d8aIkIZmJ005?J)t@>V|WsIcmUEUgYR?^36481)g880C~5
zVb`<h-o+-<jy&IRxd{^zj+EXs?zQa{^=IbJuA<kHt@1eu75(h;D{vqycj@+0=!=t-
z{78ooX>tKlGwHgKx*-J9b*qq#5a_1RrsVO4v0B?!4*xWcHWt~5@tG8<OHw#!<v2Zb
zsb3!VO@m;RNAi1n8`p-VIKyr}Z!*JWcM`^Dv&GJnCp`^JI!Oe7f5pM6Pa~JaaDG-(
zOIHj~AjxC1D|6P!VwDOq-uWsxW}u)+e!SHoj8w-TbS8Q3&qXrgpg@vu-Rsd5ebU4;
zI({9}HBv1aH+@{hjkX8MbtLC#5V#B1NQlh)0HVXQ&idL@F?4)moFXfGf$1#;o4HIr
zzcJWd(J^bhX(y*b*(gt=js6OqLw3Tz3$=1K&qTsDX(DYag*c%+Ehpwy+}Zj0fS1`1
zhLz7OUycWOTG%0u@#+S`%xB+h<T`tsyS`l8uHIiBesZ~{POi?}Uby>yXnc#2UP;E<
zvAS6V?v?!2<Jd}CRC9e~pvJx8Ax#`e7ZB%~WM-g-L*`OSte$>x5%Dp^{WPoa%DJY>
z9Neo7Llf6RCM-g0k=LYaE5i{D6n=K0lnV;cZ16IEVdHu}-~}w#@7ae~Gu<ly?}y6e
zKkeXows_2M>KyGzrY9{rd;ZFT0|saTFV<$YugeDJ7ios~zaRSUF`JYCZS~-2zGKXx
zJ)YM%p5JQ8cpQUDm6S|ipStY8yAUa-4^J(VDQ(snr<r$tw(=p8vF<6ox&ya&V^c)r
zvU&)?<wtDC06M#j>d#{rF468XZ(V*}3U8nH*RRHoN*}GJE?-{z9+;kubV}+EmGqCx
z_lT6|VcA>?ThAk@BXx09+h#VSB{wI`tz+rr9*^uRIoN03T~C~}=LK<O4vOSmEyhPI
z;0r2f>t1o6GlG8g3#uIKUpZXe7Qzhw*esx8Ll%Muc{s>p8Ow!l@?*ShFdR@KkWeQc
zeffPApL2&l#H#?80C39b@@{~WJy6XOsoHFs5+DS>;~v_;pPg@lw>_e;+q(||x!k{W
z_qH;xJKS3es5U#rsW?$rY^n$9-hEi}8G25`B(&`DbTXscUD%Nh?Yd#lKdg7uHH~w`
z8$(g^BDbG%=lOo6J59FOY6qt$&{yfA0dDF#+l!~_5U6|I%TeM0?q4`wbbZzbeOYoP
zi<yZfHZHDiI>rw@9CDiFz1sT%Gq2?L`<%G_opP6r+d54@o21Bg9im~tky~OIs*{$H
zoQ!c|&_%8rtIfGXWCz^tOL@7J18)IWKg`q)&_2EWQPandi@tG;57OA^i;dtFA0Pwx
zcf^zp{0xS86gq0*uqU>VY9Uqj_HLzi*|w&blUm0P>PFpnJMbBQajZyz^^Q3n)om?I
zzg`Cn8(GrFh3$l5PIy<6`E&q#ovvzsb{^C}U6;#YB9@zJ{5DK({(<#<$4Y2N($Fi!
z`CCEuGPExEW3j{OHq+0XhbqSzdC>>zYVm9QJ*}c6>792yc_OzjaPUVk-u2x+yw>@6
zjpu#I9BbmXOVu8Z;;=4slzWAqIufS+pE@*c!d<CdSB%_gTJwdmzZy~k0}T)7_?{8O
z7}b=czs_yrl^i%c5I3uXasIuwnyL?$uq^4j5n*y0BTNcA%h&FFq~fsciT+NTQ@ZLU
zt0_c}x55*%u(;h31(^)F`KbH-&(~8^lc9`A)w|(am+eaehi7YVwkcBv{2<!zKY<TW
z!}Ri+deQcN*ffinMwJz?ms$*JE{e<p--2!=orQi_qWI%V<j$*9go_a6Ycsi!o?mn;
zN$Xa#z9&5;oCKlIWw-J2m-`Qn`t%7H**in%bU8&AZeVQoYpeNfpPGC@-hd>(S^8d-
zgrBXBs%`=InKh16YrxIJ!`$!54B%tH<+NtconGaJzo>PyDPOxV4^UJ;JK4lhqYB2{
z90`cbBeO)*M-7-(s!i5;ym~j6q<SiiU;)i(1*|+dqd|1ySa(JxOFR~Qr4enguGF>9
z@3nJU2%B}6BjHorB8~=S$eJa>^2vCl!mB=J>N}g`Hf$nmsW@Uuo>NV;go=-L1J=pU
zS6>t5lFP4OrHa8%Oj~+rR5ywdGtt9y*%)A47$!swB;32acoiygX5+>^oZt*S6HXQm
zqNW5#y;u~6)DX4tNqQ9kLd%1dn!%doW(1l-7d%n)S-1|xIv5|$&PvDDuj#2HK}HO+
zxn3QSmzY%YBEd7As>%m;`{v_q;zIuNxaKC*HOKRnXUU><ye+Yd%5^xxDd*1B%_VT^
z&HaqPj!Vliw%ij4C`$5EgKkrJTm&6A>z4#kWB=dR(7?CMyi3aM3W;tMx{;YBrpooG
zOgzXpQt+La3`r|?O+7uV<)LQ~Bj1NWV|CC?{SSC?ZRdKg)DP9)28<*1i|j#at=!ti
zj(iycR(`ae+6p#9J=@kT9aBSdS-odwH@7r=8c#+8n23s_lEVgbzAh%b`uw#NDVl31
ziPsTrcDuFd;4lQ^L!T!JzG(3{Ak0Hg*nmKKz9sy}q7WKnSoh9k*|eA?YPhP@lzWab
zOG_hMP*u)7(`VE4YfH_*hW^2n&`+?_4=3v;FxhdcEK1Sp`#yGvCuTQ_Hb5KvVyCB+
zB}w#QG5gm{UVdu5;BpaUDd%w`);$cq`<e4ZT;m8!b~=4MhfPXD{&;ifI#?dB1=S<-
zm;)M#F1S+|_|hZqwJUA6wR##RW={$h<S_7E_-6)By?X9<Tki$gN8(9`;*bbq{bHE5
zR_uj@5S86<&0X(ulUF@ph5N<oJOtX&Upkp*8pW<_`b?Z;@0@)Y!4CLvoVRv?CUx}F
z@~fJ&NWRlVnGeorm#v`@!Nd!q=YgAe7IjQ}PDo0*H}bIGY2Sr9-_xyEs_Nd(YzbXu
zWkn44#9Mw!yo7*)8?SvFRz?<LDyzD3?j*Lt7K;RgeZ*P2d%?9w<CN(jm{&Pwt-@o#
z5J_J5Vsgz)h!u``NRn9w)2#i9k&q9+t{HR@)iAHz^MSb1NLcTluY!r4ry-XKQ#o*q
zG3nDIuak%~g-K&r;fM6;5-F!SY|oxBKMNVG8Sv&=aoLV>OoY<l@e_=syIiRa4kUV%
ztdAtLeadtm<|0KAYhe~&(zPt4#Ic;Rnv4X?4NYIdOOoCiA1q!D<ez35cZc-Gg}&We
zjPJtV<sa|uOcD(?Nul@s;%zegBw8hKJ_FBqMNCnDj19d<9>vs6yC?_q<pY28$eY#)
z_$w{ZcZSKDDS-Xx<3QeASwG|(4cX)wLIL*fV<!AI69zi;0KuNXpd{(48yP%BMdJDM
zPYVhOf72^c_rt&U8(&ihkt6=+LCU+Qk_#UFpF#GNISmLv$w9VAEE`*gy>0YxH@A3G
zAxg=Y-1XvF95N$s-R9Wi10HELSRg=N;NgyALSQjPb)sM{<c?Leg{SlpilH&#0vi3)
zV4u^Mr~WU07QLK#<JI4VhiEY9sV*l_2^w+~a$!60_FVl8QewKl(th@GU6T~&;))r7
zd=WXczxFB<Oyq4a>6?jy%(->mO<&KNPnZ0Y_Wf!MNMe&a*rc@^`o2gIEK8h*Dl7^N
z7rvBF7w+NnQNew;pij<onQcYy-J~Ai5xlkd-rVC|5-B08%<Z!HC4h;TcbXP)1yeBt
zb}q4mk=;-zpTy{8C+jo5cPIW=fZ`W}k<2k2rg(_9TcQpXS%KN|5|v3~lCswU%6(Su
znEoFq18I8LN`m^xd)Uy~kK9Jb=vHP2e+5g75X0BV^p!6WIvz6o0x-;f9JQMoJJVZc
zDtUTUF{v>MVQ&3+(X1I0j0KSOi^eZqT}R!n^kzH;(X1$NLcm4Mk!PF(=ROZS*|a?+
zJbm0(U4JV9a9a&CM<(Njp=A|}GRTSS{sW8eV)dWp-NDTyov-8Qz_nasF6#&Dsu+vo
zHCSu*Zpi0+K))>~q>B#gK@MLX?L6W!YhrB7hab3J?71~-JuC+@lt-%a*DZe|yAW)2
zjFJG7b!*?HW!}f@rB3krOulX7Y0>D{yD$=DjZj}2&QNJXwl+jhHFynOP#b<RbU{f-
z{&<#+$|}hR0P^gOzP-jzESIG|?;pP@QY4sX>-UM=#T8O@H&m=jcvHUHYFxsZno=Xz
z!JCJ+TVdMiIxtHu=C7X>F~xruG2LRl^f+IvZuS}7@8cfv4MWmZLa*p^yHYH9h0_5p
ziOR-uE&<$W&X`yhF1&#+x0zV<F<sI6)cr~utl2^Gz>IX)LX>ix{^`P$uO>o?0a?W?
zrbefnChv9^7qY%Z5no8~VaO<%@7nOjPCs|OYySm7ro&l<u;cSyez@`dX!-#C<&uf|
zXm3DabkQ2gCR(ven5wsW+~zsQ9_F2=x8%c_y4lu*5;JTIQxqd><Sy1zy*r#mPUt-+
zW|48|Ojh;ZGAWl1>>95v9Sk#?SD_DB;TTADufDrFA9O9S*XiflZUyRHmu+?6-6b=b
zi1`V?pFdrzH2S#$FKj&$7j!z>6bhx&>Q}naL~)fZiL|+Is~yvyZUHFfqssDMX|!gD
zZ)`_ZH$$;8r=N1co8R&2mL;lvR6F?0@yDQK`~r4pb8$J<>4}^Wye#sZh~53r)F&XK
z-I<cX<0H%l-|HEFX-A{zFe*JH7TTxo>zW6>t&;2x61kGvOSXC9PkY%M5q-#XV&*Z{
zKROt48NL97av-sDXX-?dap6~t23399r9b^CHj!|8%b<vXW8zcMZu3B!y;EctSMYJa
zAZpnSZH1u&56F0tzPE5lK!P<VNA#JfZ>zBE>?D5t5X~9(y{mW86R*o3$mp6~m^-As
zh*v)1u+ZBykI>F=e^ScC4CG_w`L+Rif9q4cwpaR=DUDhXw(-4f=$&EUiqX=9qTjwn
zry_oFXMC~_MU?fTaq%`@cj-I6(Rkp<Zf%=(qeuA~Vl0M2TNvnhOX6#lged2eJPSXn
zNtar2YbvFHek<5L^!2*8dW0?#1+@NeTdn!N*XJKe>S&kPa=m)s)_zddtQuUg`#Zil
zovRJQ`<dW}3!UQyMQb4LIO%ijw^54~0Ct@+3)?Le3KOoW5S9WG%LDxEUw63gVi~%p
z+=hKFuI#Cuu)=3;h#u(Csq&RwjtL8pq1CSH2Fu1(sJja*O>}mUSz_`5JXy5sK60+3
zx=)(mh_jqMp_qVxyJa{sV_CBIUWqS{s+St;_?2s;1@hn9V`Vb$_W}DNP644vr+fii
zR;<y%L=qNvjN1_R(h=!NQ_Q!}dzP%e50a)qX4IN4J&qG8jNLfWH^piH`D>3{`wv;V
zhQ3puGr1yhAD5FEXQNa)*979^c@r@^S}s8GvMe{CNtP7eU>L+=bKt-|yu&BSnl@Zh
zEwNl!4Mj~nApFJ)t1X?6GsX}qZ~m!pFO}LIwH!VmL2p*Wd)Cqf^PkT8+2HlOyOO7m
zZ!n0BjX%D$Ojj~KHN9`kYw%}N0WeZ&*_+woHuy5B-ZrsQJ`s7#r{0%~#gJ?|Nwt|f
ztETN6K#~Np|C(4ixJfA&F&V{4f*|A*{Ws8-m!^HId*K_WVUPLRWw>#XK6}r1+b}7J
zy1+DzgjxyLID;QX9s@EvJVE0}T&U-!yuQbp88l#K>cA47lVFn-<f)UcN;7o3FY|o=
z+B{#&+q8QfWb_>9N7Y4ZxD9m&B;~)qPR{wJPlTC>Iyb>sQ4B!L=X!7XB0V&f0XPw)
zZq^r4kuQe3+sn5B{@ugLHjc3ceLGV8*v9OGY@_J3&(dlm?6=0>#n^_gUyt)9e()nK
z>rxvWF1mqjby6WD*fLSmguU|yy~_Q<#RkT@akW4bVneXzTXe!PdRx(F(GdVh7Y>Ek
z(}*^q>Nz$$94RUvZ_NmITnhTwezxb<^-gqm*WI-A7+-;)YB|oySBDl+_64ZDM>fIL
zkDeEI0sfL_3;jrB?Bc!p0o)+W)IWK4K=6aEA$@qjUPJfbYAb2ep3fT$&p8iQ`mE@~
zCGOm927x1c+pA(XuHHYKY4;arqQGKJ>~_ccczgtZM1$E<KRETIWL(8;zm~_kjHp$X
zbc#s?;^b(13E?n{+2}x76IM^LWA;mWNKbIR)hb2=xqhH!>67Y1j;wX(FI^80vxG6T
z3bA;Cx)z@Ka;W(yX4WeidH`ZKx{UcKR-^=BTTV*_EDCdY=BDRPBl$2)mASvhjZDw%
zS}y#Be1NpMmCDOCb)gw)sH>Xg4*f!b2VZw(CcvP6hE}5{Qls-hZ-WorQ{DLM{tH%H
zb;?z!;MU<VYP?-rJ66gajpgcei7e)2o+DMbQsW<2g4sYqff6Ls(6J5_^a9%neYSV8
z?_QXij+E<D!MiQ)-a9ODrL7s*S9bWs<lHQymyxB!la^+`T(~V?&3f5Q2~YOzpo90&
z{MUfi!VhJi+>_pYwM?H5H`vd>j_%hH_L=a5f#I`b@xNEAe0CQ#*5btI8qkW2<WNSB
z2Aqmu_~NlN6M@FwD35Bd;g={q-nUn|%Qm_S4%=Z=Z&YSpe>V$jGRAq{)oAV%j;(XP
zaM-^%exp(W<w7=j)SSWcVP6&<c48sUh1&=sg-Im@HH$0Jp$)w~O6?4bYCI$y&%Lng
z+4w!`ehHCSY2lRX26`gS9=0%(kq3Z@r@>isF6w(88Eit6QW0{gH9nYt>ks|Zq7SDs
zdQbjSwU@wK?h<AK3;!_0PpRL<*tWah#n*Yc=e5+RI(h_~+;rLILjU~l4-U+R2Vnhu
zG%E5)um3#Y7{da~)^Vbi_)<c`_#C!B@5UpBR}~cvr)U>5cR69bibr{)kQ0(?Ndq^{
zK}YR`)aUe3byPY(w71Y@#|i0ODig4|#7_nzr$9#rF@yGwuSAXe2psWni;jGQ*(CwE
zen3Vrpd(R_fF>g}aJ(9JKCeH2IFJuN<(<f!7rYYDd6XB($2MEdo0{O*ZLqskPlTT0
zRKUj+GCwdULb>hfd%QKY;q58M(k*D_=+P7jYAqBBai<}-iC6@4JU}S^-w;Y8?~e@i
zXRe2;7!~`931yk7GQU^+&P;8Mc1P#<iFMphd1V>v`gPDU@hmJpbAr0tY8F?Q<Q8b6
zNrw?1CCLoFCAZ*G^q`1&Rg-biOg5`$ZA)DDcKFzVWQ#%%8E*zCSwMuP&IBb=OvLwl
zq1R2<h2n0=yk!6XV9J58oLGFMD@Y{Ot2x#dE*94aB|RsuaDYdgoT`$O^(qfi#d_3-
z&AsAzECl}cj1MIch30P<!+RF8&J(Ut6{h2MYXvRI1-BntwQupX*nH0P*c%PXg~t^*
z?_Osvy9?e472c&rvqqQi(+>AQY^HnIa#f7C)|miL69hDTohL<?@)Hk)IHk~(8x<IV
z-4z*#P4<PrF8=wD!!I?*D{>K=%|?OLY%BaFu|dpf(;p~ygauIPOl>p@mOd*s_fM>T
z@mo*fjm*9rLr3@F2yStd<F{|^5L^=Ozh1d2n;K5f%(C4g3d<A@tiIt9yr*q^wU(oI
z6m?Oty$;dGKAMhoYIZjANOih{>HsP0RV^SID<bH6mF%PE>v`4Mf~j9#pCJ!Mlp0}H
zbd{^QlwXf;Kg;NGwLm1FGbP1GYNEQVu@tu5MAgbAbMgyt?KPHgI(~VPI}3O+3;bG|
zNP%zoHd|#mxg9L2gq@Vs9(9|#+~lC-O#u_Zf#&PcXboCRFyE%XkJE-c%Fr?!s0=lQ
z%2NsWa$2PMbpfxUI=rU;!ndEeH1EUQjMh*_jK}nDU3OUX_i}$-hcZoGZk-psPcvOr
zNxE=)oAYGJn~dml=J3>_J!KK~!Hw59FqX1alaO~5*=I#XytT9CZ@dj!#I1Az)#dYk
z%OlE?rON?LBKO4f!*hMPLF3peFG^W@DkuS6_}!?0$~riz<V=@hGvuOibkl*tw|#|1
z{r1<N5Fi9xO%5y4TFFd`Tp4EJ`i;tQeu(AVi)w+3xBF04>KNea;qC6$-uzz-X{9@!
zCk;Z%_PXo}Tnu6BGpVOL7k2r(&CRS{poJB>;r5l#i(w=z3{mu?3Au`=l2${`RO^T-
zpSE{0pUvD+%xEJJqkKEzKx~p)g}C$CZ{|j6*ZX+KVwQ<Ymfgh{9A{#z>}9n+S`4Y9
zYcT`km(Pt|A}#0Exy)A|NHipUFC{cQ`cr*0wed=B3NPg(C6jIAWDd$$EaT<%pnGek
zbhmO9ZzU0Hw0<vP06`x2T`|DkoJAtFc~+)_1wlb}wQ_w%1nV5Mx5&NK?kkPNl2+z=
zaQ39vQ9!uqR)~|FD||#j=jRqJ$@H0tlQ%5~r!g^KLXfacLE}_;XAaR#whkN*j`0)s
zV*@6Uz*j#Y;ImJD#Zw{AqRC}Te^d#5eua+1CA3`Hrh~uA*DQ(`*lV9*vSPR;9x-e4
zBI7=@pv8e(Y67tB=O`T*vT^*tz$jA|07cup*V5B82yIKN^j__N^||&-M;gz;D7_Y1
zY!tTF{Ub>m&gQGsecyc7B&UEKfyN|x_*xGroM*W(_OzOL1?-m@V!nX2-$(zj=!Scn
z5_>P!;qEuirC3EEt=1xmS-Fwwijw)aULPxc9D5#~wJj)r1Fs}ZCcwzI=2|OXhWS5%
zw_bi+&nji47WI&r$wy)_BgWpo*Fu@g5l!XehR^GKG(2XKsHR-x(5HC>jwQm#FXslo
z0}M!4$8ESVsm4A@HTx<`^KiI3WdQImHNBh+VClN$T+4L>^Nd&rfU1$PXt*v60faj5
zCF)U=pg!xxC}gdOs(b<8*@boXw`e7LkC_UoOac8YXCae}kj0czt{GrkQbGLAdl3AV
zMBeiTy{uV)xTju~Zd(9mB|Qr9y$;clyN?o%?Y`OwnljN;ZE&jT=PK1Uf?)fva*(A0
zK%-?|WTx6CL^&yndXGB_k*-#kM!_jN(K5Hssp}XrD;Su?PG?j%WX{+ouZB<(b4C05
z(TUK&|8KJ{@_nUxv+)oVBELN4bgePcdeM95AuWy**f@FgQ%j`cz~bkg1$QD+_A-yM
zl3hiIA>)!*!KL0j&g^mmx~Qr81+BTgQ%<vpw^2Zuf51YuTKn=j3gC0Bv*W7f1wgEj
zFN&VLLznP-$`Tvy8h+BrsmRiCgyq_CigtR0DV_PEC4~`QQG%?a&+9meYj48c#H<uT
zaaXe3zL6uQ!F6eHer;7?Z&LZl>qNQg9jpOR^82lkexr^#Ba6PwJT;kLfCsQ6kn+>d
zuRwpV2~f{Qw5UQ-qF~HAd2%o=X>OblqM(C#d7Uv5`hKqSaW9DZvJ<mv%NnTS84JKm
zyM4Otct^h7lZvp$U_G=OJ(eR+T671YhLZID-7t-wFp8zk9d*vk^faaLqSN`fR#RN9
z#d`?>jVFu&RyQj@;tIyG69T9iagIz_?Wfj<>C61Pml@x2m*Ik=^bt%z7j4{j;2zT#
z28YqG?A3{Wt^1wjuFi66%Q4aprDF6vsf&+f><@_1jj_vtz<&AQHybj|b%XlzPBC&3
zJPlYX@R|dyc7hh{LBi`C@!W%mGkiPh1Xg~Qqg_UUiFU}VUeKMhak1G#CQgPdpSeuv
zxu>i*7vV16nKW%zPXk&rzP{0YAYn5nx+2EM^8*JD)E0SriAtPb8s|EaK#CHNL=QEq
zo(EYWQ*O(brXr9HNvAm+ELH9af5rzu>^xx@KDeRYma5-hLA$yU%tB6<FSgau?HyML
zvMZhAE%)}>e-`e2R~G~~dt>!wo*+=;Q-{4^`>)vB=DEOvAl6>Q>dE1EImWo#Zi(@P
zCMbdIQ>!Z!0R<D!Q7S2j_mfXwB_0reqW9I9Kpr#7hs6bG5Mt~6gqqo}et4$f4{&Bf
zYspm8yac_PcWZ#*YN<)ej_H#zrZT(CAV`fqxkTQ3$<r;NJ@1=4!Qc~Djw)|sMfWoQ
zIOB`PMo=1*pH$q|&*_03tF17DAfvSmNnRlA+bPANhWht!QgFXJ^*X&Lz{-d}*U1qu
zqf{stx&U^^O^LqvFx*{xn)@DV3b@bK#YUMq&|2;^{St#gMhYP&cbQ7RGL1BzNbr+B
zEI*4#B1!PP<+y>vC!zF#MB~Ni653v6%V~}V$AnhBnZ&u3U^6cyOAu%;VDX=Qhxfrm
zq^l?s>T81xP4kh$1+Kc58jqiecQOZ?Jnwl_rZft4-9Hs0s0lE7<k{Y<Ud7TgB0!Dj
z<E8>sK#~;7WM12->amR?V51$qst+<A4VtETcYP}5YF@B;j^1+_uq^RlNFP5e$gK(A
z{uL3V`aQgJ{rRom2NqJIliU8F?lfKHtSt6T`g9qKbx78M@?JPChFg2esraNsU+a?k
z7$FY$gr?6^B3#D$eTb0d=cJ*Nvb6Atwij7H?c95Stat$ri|26OZTF+afK-~gRo#Jt
zDMagJc3v=g%&^e64nD!V6Hx|oSgbbuP=13f2+Y#HJF7;2Nl6u?JCeqD_VQFz_LC>>
zKR7tpNQ*Pu5^k!Ysm=b)J{tXS-&NT6iw!<3K$HnV<?r|4>XIYu)3Qr=?jdKIwj;>1
zR4Co9sbU-uCfSuH?pNoJzU<dM1|LLKJHGkadI&@kb-BxBfU5?G*dk{oKYO>oSWHvN
z0#&i#2NkPM<sZIvtd&m}Dv3IqJe#23E?_FlPli6QQ7WcPldCndotuB_C&{FU82IB0
za?VhG%vX3W0ze&}hGRx5;o}$d#mt35b-8$b31_1N+z)jQ?8#{t_~v%#`hCQ&g2dM9
z-8mx%P4NfYN~=I$^{3f8WR*U8syy+U-(lFk!84pOx1l0o)$HiQ9W}buTnColgR@{9
z34gwe-mkoUigJy=e#isa>2X!~_UW)d($R}xlCH|pAxZzqn@onz<{fg|uOGs-tzi@m
z-HBSn2)91qNxl9_^+3F}Tc9vw^u`!z<r-Rro~#P?(?*MIUYe&=blx2BJ*$yH7OAKH
z8@KywckC+{bC!vkQuHL>4}Qg5XX*i@azW2b{@UQTw`RI<Sb;rWbvtYQYju^G^KIDa
zSs2G3GcRdh*%-cnid$?FqZ!fFg8TYI-j<;7<}#c7M`_Cqm9~x#(l+H?^nqADOF{i7
zi6pBV$7?mNdxKxEhflntnbiBbjgBsUHJX|K!Pk=q+#TMyNkMzjip_fT>$lCt<+-F7
zeg#hOX(P${OW;ONNiRWWq$Wa}XY_p-_o_J5tPA|+xOZ-a*$){7ObE-|N>`(^L8}>q
zB2>1U-nq@8VXJF4zkt8`qdaock@AabPPx+u--W&QF*^4|z#;PPFxq&MujcnJbcKyL
zx;n6au~>>>n;`ma4!SjMezNa_=W@%;BnN|$KW<|54pB-*zyG`O+uvMEqfl0u+(H(!
zK6n0&jwOj$RRNSjIl!Fo)>yQ3>>Ov!#iwOiI0C#kb2|>Y)3j#GPMmBnb$ZqxowN1a
znUQwsyCw5|{ZYqT6zmtx_s*669#Amh*U6o9ThDb@8fedBlI9r{a|80&a=VkFLtSl3
z^nO(CuMg!f7A{hGfWFV&!)9}knE|#Etv^m&ZnC1&#UZJ1`gw<RUcIpqPb*H2fvnJy
zW#ZbWhI6I1OYb%w|M61p?KF?5fAi{(qXo;Ppy2)4-8aJ&XT{rFXNc{LF#8AMQamv=
zj1m4@-_ofy679|hWz+9oYors=b>HcGEfy}}ABAptHqDb^7J(08-!Fa$|HPD8dUG~j
z5`Fu063e75AGSnA-*#A+Re1NNT^T>y1?2jE0?MwP#<(~M)*eJuAvH%u<)?GaxV-8C
zWDUDX-Sz}?PgI|*2dxx&)bspYe|=^A>P7HRbny8L5PWn_sUja4eHAJ{X@?^oUL04=
ze|Nd^FbZwwPGK$A69mj68EbB;f42I~F~wg$-F;kX9^GpiMJ}`#VGU^{rfKsVG0Du*
z*Q-gW^N?JoGWA9x2X}8BL1y2t$v9osd}Ie_O18f>I7PL{T*LmCw75wIm&#{aukgF9
zWd;XSd(yxnpR0&=#gi#vfJ>|*-)<RICGbpk1-67M2eKL`*pe-AS9rAVLK|L_t^Eic
z%YMI!m%Gz{?;?ZGq{~m_fY`Rf7EY0T74Z4!CZy{xf2;7@-@-O%GdaEw>}>07+)LX>
z6~VG_sn8O=+?8QGmmCYAp}I=%BC5le7RR9ExW@&1w#{zkSyf{Ne$}Wl#XAviK&27#
z{&%C>4_D8G@u{tY7PaxbWDAiFV^^o=GQ^N3wtk;)OkwKs7u2i=)mSsdmii;oF%nB~
zqK^=uFwPcuAs00#01doO0I^Z8+{fJny{(^eRU=C?XQD*|D-S4cB1IvT3M|mj01ic!
z>`ck!(Pq$D9msc7@P^)AMDO_rGP!=$=9r2h4zE(})76gD?}`FwEWp*ssN6cj;7lD4
zNtPB>!901*1YT2TG<t{*K6b@DN?hK|`_6xpxC#G~xYI<BSliGsr!Si5hYIlLk`#9~
zbB9{i*{deI(rZt0aC+a-5HuX%cCbx(i~C}ro5wPUh_^qwX(P>lVN|kuDrs#$oG!7C
z-aKw;HTvabyOEUp7A=jzXL1}?C+_vOXiWpmxGk0g!$P-V)v_STf1&M}r3uO`+0-#f
zmeJQlR$`w-mWuD|zmSBvOdbT786}iJF_a*GBP-kA$m)erSl5X@_k;fJmfBtCGIZyV
z@mX38>e0pPWUSdTzZ?=H3eYoCp>$cyiteOzTcFd642QieBPNirRLxnu{oJ<E^EZNm
z%qO*if1-mz^<K3{fm?o%yk~5I8MR6bM>Mhcaj;80#af$j8y<k%4UL3sR<=X>c$-&9
z;F(P2v=J@ynpAB=&Cs<9wknKlWuIPe3|M*lZtEJKt$oDk=x*-77H28cLgK0n{**pq
z@ZHku4#P7V!}X3zhy&Y~8b*DRawh34cLkGe>r}72ffO|i3)W&iVE*%eLt5yXy3Qf>
z$Ux0!?wK3B8V@hgD7v&nd?bL59u4sggq^!G8ZNsvyymq}SmJMC%fj}z*fsp8*hRm%
z?54*4s+WXU?WDH0_?1hsG%IPsfQ!W8^}VQ0&;{E3#t7-R$`8=m>rzY~lejz`4^`77
zQ;Tm1iZsc;%KRC+pNCR`Ol=iYJwniv#KiMk+uB02wVa<skR`Z@HzkNVm%fsEF#|%+
zREKBo-JVD2kLzKTE_7fEFRuu(a;itQAdgX1q&r)F6uiRT_oU*G7D8=dHd;YVQQ4|%
zy$)g7KuIK_n&tm!4(`3daO7D&L9Tdf0#826Qc*S+x*YZ&tS+?jql&0Kkg41Qnd%$Y
zRONrf9Qaam#MHL)UD-ELp{)tiX#~1-7hvUA_->-Fvr2Lcw&&OiZ@-y!5Zk>5O9O_X
z)Har*yf^GiDZoB(X*!kRgJqJKOMew+JS;Cv=jJJAfKWQkG}rCxuO#Tu;r_m@R|Xcx
z?KA*jw?P){s~7o<4rC?n5^5Tqidtp<VA}&<9d%5bq6By6KNGqieVPB0;x3Wnm3a_(
zPhbzGko8VIg1CtV+yj<cxQoZWeBCZa+&?>eoIY=Hvk0zxwF?y1LrN`qrh`-u_*lrv
z#sTN>?EWzHQ@?T*Qv<qt{xwqOk~@j;(CqR1>lwDu)5i_7-wt>bJ@DVq_jf7qhl3vv
z3i)tM4hh9GyTby%KNrBK=wXwx8aHNQ7MHFyYwy_1adR7PON(pv62l5p*vGV)z7p2S
zbe4C|p5av@IzfMR_jr+R_zk@*PDu@x8GJF~aAvihe{lS1Da&708FIfQQna)gUA)Lk
z@KfMesfT?XoB%0ZC3%CA1A<^f16I5)2?Sj+Hyc0<ixB_;`yb+0*}m{M@A?lk36iN@
z-{k9;Wfgk~XJW@L5(rmifBE*C-KY8syOkzt*PkuCoG0Xwk$-f(4u`5y&C05qUOwjx
z#jOXGo`=Bs>Y8Se3XgmbWZ`6Uc+0D|UgEsYNZMM36}_JzpLx&Q<cN<+EAj+3^T+<t
zs?wm!gbH?6<#>9vQEIyi^%_8;*kn9CQ$r1z(<0)|pWs#V;{JP+AP>iRQMwPmVbxM=
z<l46fVCWD{Sx&HWGZVoBh@7SUe4etJpZ2q{Sx1%R)F7`k1+4dJ_rSTF6obk!9`2v4
ztI(Qebpldyex%*|{!Wcnhp_^m!i@;C57%Li;CAeh|8TwuKf{h2d_Z9l3n5#d1nCnE
zeZNl`rc=rpLvOcfBg%}Z)`Q(iW8t6Vi8q=SzlPRRH}_e2&oVJtk*JN!6YUU*`+PtO
zH(O`(U+3XqyBX6iHl4xvXR<K53)#`Eh~0sR6O8ywgMAzsv2kkF<LmDLG(U={Kp%g$
z?V2mJI^WNNYX%W#<vO?fV!l0pS0N0ZjNoOKL;f1jURs}sXUSMtJhFEyG7vFqcPxLT
zb$=T8uz?^ChX<PNTZ*Cc!S&KKs742zcmr<fpN@NQX-Y-Rr#t_{>8e&RJ!kakTCH7;
zp1n1*Wo^(wlINUoH??OTpLTtdm~)w-WP=b@9P#~oZSK?89DSNZRyF}Eci0c9Y*N>k
z#;g4agQgkDZx_(c6>IYbE7nhnONsne>i;BJ&<>n;wcJ=Rw6UKK(P}h&;=(GPsCy6`
za@%6}qkyW@<B&;#|J!Mjf{xXVA)&IDaA-{t9-ST%78iQ|$3aKlP?EH%#1VNc(=)84
zue18%1NP2ibjrf71&6j?+elc-N?r99`#<_!D_|#dLj{)@9eNqG2?#I$3xE?I_K)$d
z?MnRy&{yF5^#k@Ia;L(z37H=d82`-<wR*^j{^y@ky=V;2?Vvjz-*y0OfkY9;R5`ld
zg)s9wuZ>urMC;c%IO993=t;9c`xZ%4MwBk1oqb^)qQlf5<#)Si58KEoYy?f|`pOAz
z5vJ>*5)oBR%TggPLQOVN?}TbdD~aRiSjS8IBdG8l`pNs{!wNa@yVnbfCMwZH)ut}~
zN@E)o0IWZ-<b0NXK9i{dDfxXr|3XO`0b=mEb^2;X$-_@smi#Z5o3V<&2RCzYqxkY)
zHh1pP=2j^*o&wey?stJQFDjxiGCd~+L(xv}gW<{qz;>P!iBZhlXP(Vk9vrMl9}J(w
z8xmG<j4qaPw)l?wn6oetQ|;)BZ$0ys$|JVq<$Z);2Dnp~T7BBa$&9>r*#3qO1qp3^
zQ$1^YdMeBpcZE5AAdb0N#!a!#51G2<Uzm%7@!9OUzWhDl;@=TNk>6v)a8F~T3C$x5
znr8>A9;`L^PbMV0s(Ci$SXO&F&~~?r@%Uo;eqJE|u<SB6He{+Hhm2AhEA){b?r8KD
zE@8QYl37(!n_mfXXh>G^mPM?(S%Hd74#Vz1W1E?CbPM{fjFBXqyFV_?%WKL}Oaus`
zYd-EEnL><6ik8wBW#x}F9W1ybN8tA{BzV`)F@>mZP?(ZN*!FFF3C**#{aXbLj)^(Q
zeM_SI7HA})FyQF9Ew10M@}&Sh7jNy`l;Mqj>)>2-F_5rK)Wd;uhWypn1&+~qJp-X|
zya4i_t9i(Ey2kaoLQje{=ETw0<1Q}=wVmC#gLhNDYOD9|q}7TxOxOK5yUV2eozimV
zTViaGxu;6ZHA52zIWi!rhIR?dt~l>(f#<>0HXhXK8WK&8<U>hWrSTn;h)!x>t%z5@
z6;roLz*fv3KF?JO+U7J<ZbyzEnfuu!;y)vOJ5BQVL`IPf5Wj7H%wqS9CjLdjXB+*Y
zFJNM~lyM`ZiuJ=KV?IY{J~s5)+dU<k?UXkis=NNw_<6+d_>n#DUI3zkjXK~Qoq6=M
zcxs0@VfNeo+}&$$&vbX^O3>BY3wah*>}=&(uCs&|BV<nbHLc(a+OC@C-9(8ro^VE(
z;Uy)6+qhh&fp@ZQ-kV$H0Zd#3CFYNj->?8<ZF9uZnR$hX-b<)Z6>ebn)gFD4XBwAe
zPpH|io!Thmmp!nPj<Z^2rD{9Dj%VR?Rpo+Fmo60+m6_0AUpN1xi3KTYen(n+5=mYy
znbgx{3HvC29UZ6-L%j5uW8*X!jkxcw>hE5K<K+?4KkgCqV{eK%n=99Tr+xrusJgZK
zJALr`zmPusCp6PY_o_LwaTJdaMC3GE40oxc$F6q~d3M?OJh$%`ooW+D{5pa&mT|m3
z{0$P}lpT~sGR)s`SYM44_?w|Qt2JJ9!I|sbzY{-IbS5=I04r>}FyHpVZ-t}yZ(VAB
zAwy=|`irDD&OJY}xW3CegYX>jaW6q)E=L3V<JPV9LnRRu1Jz*YLO?O^w}`u4v*_Wx
z9q_(d*;b#VQeu`~`20oLRS%TStEp-H(>C)n#s|s#xAFh%BZ40_dOv&w*s$N*GYDfU
zQMOUPPr5r_gi-j*_7?O-EdVzk_xYX-#B7(*Q|4P|BWju2rsDW+X(TK|<jU@BE(|9?
zhY*RTw_?sCQ<N^Y59w|{;WcJ+X(5#;FpK!1?{)Y5Ms@96jv|L<6pCh=mpCof#V`tH
zpnYyK6!1p~1EaF9Ljr^>kMfC%DY%7c*%F#Xox1WR3mrnkn4#X-LD6WxsY|su7HZN@
z?|BcdY6zN1jG9Z{Zyj0~-};^{lu-XOkvP2Z#Cge}v?R0zxk$r@f!r{*)*^%WeC2l%
zto2F@JtqYaK8_f9zEnB8;~E>0LvTYuU)NT{%PdHi<7{jy!N-R#QfJ|;5w(m{AZyS@
z@Ea(={$0=>-d8tnbrQ@uc{4IkJ?<jDSo4@$+t&S2vMq*(1|c64)w~jYCl0rEjf%2N
zl~Ym}OFnh?33ZHJNrbWUmp)wr<)aeX11+W8WCHBJQr!@WA9(-I@`&5)&_oBYMQ>|d
zDo>V_#6yo;^jD87Povo3{2YqCf$X~>xnbdMfRZm9ykVJH4nSA0adPJPEgc>kJ|C>q
zd#9ebc;)=;&{d(^)Tcn<$Ga73yeu2Lyy`=kn;<^&iaf6?oP8k4`3E$*jl2{vpSJ0g
zp{G9;2zclq`bB7x^aDNmH_z>%16>%<fiV#vLcWcIhj-yQ<PAVuSmoMVfR?h6Js!o|
zgcI=lDNq!hfW|btcgLDR-8%r+r;`RS9vDQ~eCJ8RSc<mUtT^jOwA7N%OxabN^f}d@
z@mT;=_nz6Q$Ll34)#d{qkXJQIh9POdXi@?NMfBeQ_XmhJ9{CNaQ9$g=_&yHoM<ysl
zIJMx5B~JLW{f{coq7I$7)AZAnq8M5{_~m+;`3+-eZ(GKBLeFl)p|u^c$g9kT5}M@p
z2(<s5;ZjUOFs6h*EY4nSEJ^$p#Et>_{qA4Pt~=Q6aqaY-cC&Ub*B8Ef=PtD#s%QTh
z**f@IgTMCe{SS~)`pQ&GVhhD`AL%Wv(66L4`L`w`+tv^_qzSIzyE$~6fnF1YK06EJ
z%QW_-M7=4$zl^ST*5CQU(v_#BzuD>2s@kQr)+guZ!{z?t*!MFR^{tze!<ir8psDBh
znuo=q->5X}dL0u*@zWXxqL_`@VVP^~MTr#VL=)20J4o`*4brZW_M`Kj5{LJ*`J~|t
zpS#uDT6q*`!e;VYS%w)uw5hkA2X<R{B;}Dy5t<;<$k`lFH&yi!{*B=EzV^2mK-+=^
zVbz2PD6FfVS80{L9Pz+&Pga>}oC)S&Ih^<g(>&E}xWk0hXr^HMN>3#uBh|EY5keie
zpEVgIXOQ4U7E4Xkv2>?yqxQ!hpNhQA#^P}lR`Ka!b^lUTcl!UWcf$`Kl=2Oiw+R2c
zhll)Vn8UV>wer@J<*P!t8Jm$fVy31<+CU^RP}T2Pp&!~VeCvg#+=RW+3K5%E|24>^
z9RyF`LWpi4;|KwPZ!j24S72%7#*#cfK-$DD4g($-cCm6l+Gi*)(Mu0QpuxkeEIJnc
z`z>oGVN}{#&H1u;aWyi{^SFQZwjs$17H{wvfz`i@1;!GlnT<u^`=xQ#SnK<4|A)tk
z`1HTf^M}cwsjRw#-sF(sLEIa!w}OU1Dia#*bgd|SX_oa!QS>NivmiYd#Nb3RJX21Z
z(nv=WEmMaav1s#g&`<l*z~Q61ZCQlizFZcr)Q$!{`IoI7D~S$U+6k>PobsKaW8pC`
zPtN-2ZB&e=+yZ``%6I$C+4w^D$uV_kTk6W2RfAv#fI(0BQih2aIS%p8E)-Vh?u#$S
zCoyV_zpz1zTOMtQa^sc8c(+*O+JBO%{1MozfBH|vb0w(v0GA*366dNfPn36|b67Js
zCnb+y>fta<9t_P8@(i3rnIF4?C*d{KirzC!_AkHNx`f)Sk*w}QKrY^hvKOq6V-6eu
z!oPr0GV~8nT2)m%%tSpk76bhuQhnS_vy!zjz;J6&Fo3i4sJ-hX3G=xomDi3c!jIHz
zM7kCqN!|R1DW(%6nE|^NFxJ!P1@x~=<CRi1w_unst{NBH<bg(~G>qQAG;PMx==dKT
zH67v@M=Sfuj}PMC(md#YoZ;FNu!2gY{~X~m^=E@GWdZivm*a_S!yav0GbxWu`96fU
zDLbHR`6B3pz8R*^_pfbbDoN$@4t@yOVHEWOXmZb6txzQ{$XOE1&BF9?q1gG2JXdN&
z`(0AkPZO+Yes@xBauZzWs8oUQU$!<r>eYAQ{EgQ_&=c%o8E7aEw{&@1bw>3^!-@qp
ztYeeItW?{47=Gj<84PogryIePW$M*<c>gL8)H`0l1by^$oZO>l>g;+t;@R|a+>T*l
zX~^5a0rUEh1VaUL<*%u+hsYL($T#zE=8S?ery6F;R|UlA3bjBz0LdmC_v7#*{}}EJ
zz1vrqpEI!EPhUb416{&pk^f#6yqW}Fq(;9F8h#81<|fvEZDV|-5zJaZs#)q2L<`2!
z2ux&{>&|U?HVLIqytl`BR|TCIyO+_xj+f(y62E7-#vk&4{;t<g*UA5cvlDP%(Ek|C
zYv14f0U!L_74G=?i$45^*{ylwH)x~A7@1<4LR-&fG9renPparkVSGBA2vx?22)-ZV
z{z(sVMj&UAYWFvBA!FZMe5m8gvjS_m@8gvBcHhNj?elqn81;vAIH)Nzzfk!xjO4)0
zZiQ}VF0`0FUF$(IXR~p~w&^VwfF+*G_2SV-{M{UE6rpYGxVxg;Kld1WHldGJCX`;W
zrlo!1YWgB8>pAG;RA7~mmd<#F{M>8%2a0kXa=m$5@jTp@^o~&IfKs0&858|@e-OtP
zjd9<4?;vPMu&%8G+i>|@&g;|JWW2*)=|Q2uG@fP7do?_wM4<2oVAe!*B{Vm1;_HY<
zcsy0yxpCXebt6n|C5ChLqED*8JghLTca#mQI)PxCk(f|CS#!?NP;}3?-;ApM)U3u@
zKD(uK@n_RDkF5cqb2I0oAx}Gj^4;Y`I+tW%0!H1BH_*NKr46*dB7|NL&+JY|OoMXv
z7cvDfQ9u>yA%4X`vS5wTJoLtY6x2k{t;@%ZQ`Rj|>Bt~1ijhC7Y#>pE;AI%02N0$+
zM!*OiWFEFk{jF@Nd$$MV-I(|goZb?l1T6eqHKX(4f&ckrJAZ(I4#maiiI+F(^Ta0}
z?Hr;d{8d<o&UHkYu;InwfG|sw`PVoT5)yD@)`R_AYA}Si5K&6@sh4}z&8f)`xS231
zKp=m1uaIAxvtRdl(c=>^go%lsq_?_|NkEQufE&lyT#c2b*U%-%!?Oisv<`mF7y8%#
z2SBIwu$4~}^f>c{pPBMB{O_nBWe5Q=%YEJZjMF_V_QgMxEPBt&VCIMYc=<2N4`W_(
zY($R^lm_(?&E)skBu|#?;=lVtO$T(I>-$Tatd*ULvV^5f69S*AG`c@MEmXA!K7N|t
za+L$~@o)dzff^h;D@_7K1ZUF8e;Ze&uHy#)Id!Oaw^4CjRy>o1=2n?gg`Jg0!wE^;
z^A3Uf08#)X%-<puSJdohq?DA{zF!IjBJL!E@q0=_WQl+4T8lSS&sje3m3gAnLfeq3
zs>+5yo|M{ccJ$hVp+LUXA00y6PhPQa5tVs{wm5pEK!e%8LxBmoObJTpU;#lw#2I$|
z;eZpRBXJL#;iI(WpvHvH3?tYH8Y&bkc=l(We|)!5*H4_Q$yHXTy%1p%|JbCF>0=&r
zlq>rdeWY=A_*`3c+y0Zzht-0p_b0n2vPmELFb$p^SEfU|SPL44C%q?^jLmcu6bo}g
z#6M?i0K;x1k|UYyI{X?bq(HKMlsD~$0kIQtZ5(Qkw@|kD7x8G?Kn;L~c#}-q1Mv;w
zJPn%Pn`EPmpgy%QEZul)OZNyy6j-!haRnZiw+m}2)uJWq`Yg3Wx7;6`swj(@;8^u-
zJ=j?A$wL!+xPPNy@%8D<j~yg{>cjO6?URIb8pnh@=M$nX40T`5-%>7*k=_;skdHxS
z=(iK_Y4-gQRK4MsGHfAXn>Bd}_{Rn7q*PW&D=)DTqeaK$mdY)E#(QyS_c-ex^Uo9@
z*zEdczhessKVAS@Lzn37Zx~L6UPETV%@=;lZ3-3Zx+LHSq~z~+jJNbXm1lG3m~iDF
zYYUxr%#am){QlDLK{vbA@rxg$>2*kM5sF+v>CD3zKXmUl0!el8=&NoaOVB;F9Kzhm
zqrv=c%nY3$rt^Y@rmF-m7}k#h{3w61p1oh5hDyzXI=q;{=TSzsK3})VBE6(_R)DcV
zq@n1X>rw}_Un5d@pV^uDSn${`VQ+Dg3nmscu1P4OLH%j^?+yO()yiY|sgkb0)bc^h
zzqb0j@Hy=T{><>#iIYI}xdrBHZfZtuT4J$ZTW0F6@MC~Vw6^V#rUK+nNS|XyS?C9;
zM5A{vT&Fh~(~j;m?OS}F3;O)WP}WkWkvtppf2Anb-LKqt@s@S6w!<+uLi_1`ZEL)0
z*=+UlSTg|i9YiZh9I-~im|0lo{Si7j5Fw8zfb!|jUGtgw4=U8{UHPz&m*ccAKH5)c
z=iq6WUUI|U?kX3aTFNWA&OA>)>EQ`^*l{21G+%ZvMDC7J_dDfVxjbVezt~!+7VG&W
zko6d@N($fsHD;t0oy%;XTkvE5a|=EK{PlQ!P%=GLY)%xzkx)>x;YH<#Br&7YwE!xa
zDF)uh;rnZ!X02NE(8FG))M<Z*k9QuLqmp$s?Ed3i&n8&qRAT)QzcQ9k;>-(3+-(8q
zN<N#@58U3lwD_n-=v_a&9Q+FoGClw`G1f2q!THX>v3T<K*1du)?fIEfy*nJyOG1=U
zVWZwspZ2G}4AVA8=xB5vw~FO0rEDp};S%`6c<Nh;?-wZys;qXcdT~#4d&q+yV>hcV
z{7<lCTU$frYa*um151Y1$pbO2K^UPQoih$>EjAA{#NjJl<I*njbP-2TtEj{L7XCmO
z-Cqzk=07O$kaVVhO%Dos3z;qpD9^J}k<3ov&@R(Knf4pF_UML=IxT`DQni~yjyP(n
zdUsQElAf(A={fUEx;^Y}2is5oc&}Sy!@Q#A4K~w`1~yQGW;<U#d-S7({j5~Md?cx8
zD#3qTU2-OFb3yEcK3_SDzDW)s{*U#84#T%bA<ce)G^_~o@YK@t!cbFaD{8h?W-M_m
zlb8M=cljl+C?nM1K_&In++<a=2;k5EFrZ}c5tC=@YKGQt#8MUskM5q?nlrTXp#YL%
z6DEn}7g$-vmU_O=A=r^3D-B`|h73c;)55H8G@4W1N6bdGLLWkB%{n*5hVwCgpK+;w
zHm60<U^xD0sj`}fxgiB7^bO^6w{=BWMVyN6!fvhO^-h&E7*^dMVcC2L;3~dF#j%%q
zKEk$<Fy^UWxYSCDiX^=oK)*67?WrxtX2L$X-{n4`po0_PMYO=w?0UN_M@>8z4v}E-
zuL55i>eG$%KL-fa4~eX}{FrNTZw`H^YBc+pHsdcDGlNX!_z=?xSA<?G;E6rEa7F$c
zv76Y%7!9`0fbK$ru5L_eaJY;$Soi8-*oJGZ`eH?ob<D9c%Sk!M*dxWgyv^4({UnR|
zmHkK*%0EHVCbKEH$M2486zRKoBvEK4IRji_wsc#75Tn9?@vB#%F`->`q|Kx6>RYOd
zJYx)Cbu9I)Rz@R$w#bhhB1Gv;^HL~o=W!sNqEmwH^!)4p3?utt@Z*UkH~04?d)LFa
z7>SH7Fj{ds8LR^RRX&sFHxNAe2+cL(>4epM&)?y63*A@A<5R#7)_HQE{Y<Oh$vNJ#
zNeLM4*(LU-ZtXBQKEJ`T-83=@5Wfu@#%=`OLi!Lyf$(oAS#put&me2x_>+SS4wYe2
zoJ>1{t@UdWKL19UQ1^Oj%??Tg`m3F2aox@oN#3u&lz?b>fxA>Szp7WG8Z#hy`sUDZ
zFa<{}=T{=^a!fpp5g~@leXf++DRx(a2@N(5`vr9DM{S2%>V5WL9@(hZ|03<JqpI51
z_HUII5b2hblJ1fv-CYvWt<oSMAt@y--QC?N9nvjGNOwsKi^Y29T5k9DoagtPXPohl
z;Xhl(-YnR2&hIs^`?@|iDHPS+fU8Tva+VWb>_L-sTeQBr$+F%(4U-UDXnz)dY#t^j
z*?u-k)OhH$QY$+r@_GDMy`25lh)?yeydp4JM%9B?zyBQQ{!Te&g^J2~kfM`<L43<`
z{yYL_KN@O<i#E7rgJ3PAy!2Cg{<ZC5vW{tsCc(RBN5ma%B1-E|lwW^}EN5-n^=oRa
zyr$o^t{1p`18S`ZTF^=W+Bh%oB~#2!t?9QJE{qlsFCFk<-`pSzwG!{Xbs9l98$2(H
zbaPdRWS^$iCVPq?et;EtnZH$^;fz>s4{r35Z9hPlLOsZ_$~7^la2d%;j3gBP5MJ14
zE0VJ_o33s^1aLYgPQv43fgH1PfGsguMS1&Yc^)E%0jepWH#8wWD9bDu4`|CJo2llu
zviOu36AbN{aFdP{j|Z7aqJYf<#PoZ+C=Ia(U-WUQ+{j7T$~-+aObQ$DRVb}cUg98^
z&4%JG-pab%zG81>m>}3gPn)#cF+aX+yE2cuB$HVYJwQLhVL}ATbD<e;>@+g`rTuA9
z8mf)Ubhr9<4W<zJ8x}-t4b|+ye%NZ@UMGXDiYFvvv75DQu(aA*`Y5Dq0S7BD+@8SQ
zeOBi>M7Qrawf~AQ%9xJJ+7(w5+1aNx;^XvYK%AiMM#s+5>7A}~r>bH#+eBH75!LQa
z{yBYS={L$C#9d1o!}9m<sbx~QRIO!tNm*B>GMaCdF;B3bY}p$rZ9{w%9{AO6ynn4z
z9e^xLuR2*pHZxWI!3}Fh^%3b*)I;I-y~A_2)V>E2=rw0t0V(9)3cch&cE;*;vhEkI
z7>{?RI}X+^ko@Nf!;KE)dBiI7^sG2B)|7O6jQ*M&d&Mpob(9ISKOmr(?irDy)Ompv
z2u{_1^#VIDCHtB@M?QZOnLnsx?l#}ix5!(F@2TU5@Q?J4rc-m+KH*mtL%p4AIcN)#
zePfyhsD4Z>4KHmWu_XaLAGk31q$aP5cxIv-z3sLPm#2J8m(F`yUKY6c2%(ovUg0+y
zP{^9j@V$f_FQJXHG-ECCn6G_)!)@osyzgNt@Rdgr(4*CJi|=7IVv|)>#wDG1=$6->
z4?LXrOg3|%crLibe167h?5`$ElSg^(g2)B7tkTX*zvVvG;Nt-9*0}5z69R)0>8{{~
zS6fnoKbrc<xr0dy>)G<cfpI-($Ac)yfzHcBg;@WyGh)!)45WsWhm>KXKQ43}2qLfK
z<9vO<jR(RtNE-Ri5RQ3=R9_rh>A<FAVcU(GZz<j^;ca~UaLk(2U_)`|LpBf@;QX>+
zO(5S;veBvmz2K-NMxqZXnRAHK|JruiSVl^NId_y(lR76z*wf?a6ppd}nnD_C{g%r8
za!qw%PGsH!bb0%jx{x&I{6?EMne7GJ`BE`?kEi?X)Ts}@L7d<@(1~<avW5ZzLZuvY
zl)&OR<qX6&#}H9*V_fq|MaJ3tMMdN@nXuy0mXniL%u$a?-hjM~w%eYI)s$x(^>9co
zvoOZ&(RTlZX~OsSZ={rS23#Um!Qd3fY4nW4r|-9wj6aeAeHt&ljhp1(u%za^D%kl`
z$lAr4r}%h2UF(wS(mBV)X}z8L>b3Q^0Q=~I4YQ*0YDPonkGmVS0lRbr1kMH<eX?i`
zY(xvKMnlUNUccy8Pb}b*InRii>LE-v+e{@Za13}0pg!$djw6p~4zL?X^K!WTA|CB7
z4?Ji%S!TGmo#Md!+=7Ncj?={7ki;21EQR{Pd=GCm!J^0`(f&se=Zzy(<e@%_<nFOf
zsjfRsK-5u<9C<IIO22NbjtM;Ih{M&};o@C)Rj^}6qTby{rWc)W`q1xvnvbp^3XuK%
zhKlA8L7*E^w(_-Y3ft#4*4Q|QHR8bV4*$8KKKk_q>Pd$7$V%H&<is5yF;Vi3`ZWX+
zBC$1da4mx#zqiOnSCTyKs0DOYfJ_zR{9M>v1>b6gdG#xRtdvQ()WdAunI^16+5F>#
z%Kwh~9$Ba2G>KIm_k)$GB+>oZ+%O<dG`J~$eOY2aJ!nxOkm&ES$k!Dtg_$j&DFL{8
zR*%my8k7U)2{CL9*<)-CO}q_f-(5Pb%Z-qHDin?tGWiNj?DIKyh*i_u3P(_`huEdR
z1n9X3Tg8ju_F%)J9*?F&iGDVmTrDN5gc^w?F}CzhSC8-@^EL70?ADKUKa}L>X<SZP
zqzojgdfno?(u}hG%7sv|_+fR9y9P1Fs8p4xv%>wU(~27cv_N}Q{tH6^R{?u@>~%jx
zHiG?ajq<YlkU;-uMKxkqFFs!j(0vk7!wONIPA(!}Dk!P2cri&Z?P&2ZAiA)+JhYu8
zT;F5vM9m62!uvBB=;))^$#_`1lH{xY2^C6*Ld@(hEFTx9KkFXCge3BDK^ZdNSQ)Jr
zPZi_!QtMmP(SAptyY>NL)|)w>-7WyURDT&`792bhR5(G{M``F_4>kdw*B!voqjq3Q
zWRV|B09;P5Dg<ZsvM}Q=cK5jLddq|rg6!xjH=P-&?Z3TR_hsfCc=iHYtN0F8RUyXr
z53I>1RZd-J!LrM6YMn|&3%2eeWk|qlZOR786@zVV3MKo5T}JH)mKh$6y|q(fb?SlQ
zx%W{H2T+ICBl(rBb1ge_&*Cl5&Hb_6z1&YiE?m8GNrv&YU1DErk4VNifzWuyd^b0B
z{sB0-q#N-L)VjDt(FEi&5#S%YWHnQE`%Y5}>#^ud_DkZW5W2t7hLy$4)+$1yc<vjN
z6iy>mp}t#t@i0_ofF|Mok2Dus)7iqWIwZABeNLgM<R}en$iMDA+G!DhohWEctg1!M
zjumrA&eZOf6ig;#t7p5h67{7{`MI?%g*Pg*YO6N6XxoWS!)CC%tE<ycYGz@clG9Nz
zKo1ML3Zumck8k79=h5*to8OaKTs)f!&XQq3-68ANsq@TNXTMYy@R1rM)~V{O)yKD_
zY%{@lq1&FiiDFfRu7g3h4{9p1Fsh^Lwvt^AB7I*6xxaf=qT=mSu-E16y;zP_VRhHp
z4><#S#`FXOu=XVFtxc4$JzS>StB@gzyiFfoI$f;t1B14=zOg|9Z@se~9`!Mw$G)To
zDunWu)fgQ%&hdDbLWpJ9Vvb9e-+LBeZ}~M81epp>X^QyVpjds^jbc!v*Fx(%*jZla
z^&MXPU)M0Tq$}IVa(?uqCkkVmb0XZ*L$`bDA!E8;z!QJ%RYyEd4BXVS6hgYFE6tkK
z%_}sSq42e@$EYV?Br9WD`GSo7&zYf>wLyjc)^D|&^y)m4NcOv_iBbo-DvLR~R766r
zK5SAxa<KInSjAJ+@Jv9=deJS-0UaS>nPhB?h?aohIx%cq>2L*^s6WI>9%Q&smrT9*
zJbUHzBr>znm{*0KCa5*V_ndApasKv@_OOi_hh^)#e%t#CzR`|*WsrdhnCZg8$R5)s
z;&%z+@PN!sz`8+~%)x;v8bg66s?l_vMDOx;-^tKtxuZ;FQnNk_tM{=G=bekSZ@AWI
zPMVvppoW2$>KgdtU+KNH$r-OMsBg>R(Q0d2n1lWj-FHml0sActm|$nSO;lr6B;RX%
zHQ;qO5`zq1RYd6eheuI0>tML54Bx^P7SPVu$@Xpji2l207021)7-Sqn|Br~qL=H4!
zJ7Nl>Fbl-M#MletOFoHn56o6`Wl7mv>|w*RVrQY2B=LWzfQUy~u(4FbBKDD43eTGB
z-TYo$ZywZaNB{KURleh#w8Z<g?Imt!21gdO!?+Fq)Y2#`Tx@B2^IYXRFGAlprA|!Z
z0j1@%^|6i|YZngSd!4`|;oXJm{r9l>^A$r{T<R@6!RhYqh~C9+>*iGldi@2&%*?&A
zA(J9jc=!>!G@@qP%t$lpDpLJX!maupqAQLd-mOV!uu%+GMERS(S6gvPZ%o{k=<^=Z
z0=d(v)O$3q1btL@S%>9JGUZ_sxMTSOiRL+&C@85YfEAfWu~U=jMn>yQOR@2}>dDr+
zD)McDrRmSbO2=A7e5)vB_xoG4&Pe93f`_}f8|8X+?iaA<%j6vv$>x*ls$HGX=<p{^
zkwVX?HhDtv$g_}VfNz$Lkf>(%GjP7|K>j{(Jc!vC4oOZ%v3uKOwj`@LdH}Ql?Baj?
zObjlbM2A1<0T{41yk9R6iNvynCMqd!#pRh`vV1*cO0koUVYg6yHz-6r=w}6n$kKS7
z51uOLA%8zbMs{NF=6qoM38lM*2NYLyi_VR;vj|C&LFt@Ja_qhK1{X8FQxGTI_KG!R
zNTwWa3d!K2-CX;`L8%=pHD$_2(eJ#UE7rT`6lCSTdGWd_4fZh-C4RjIsNnWR5+QKF
zM(2)q%=A~0OsPA7_ck9~*&Wz>fLh=v;y#HelGz-hRSX3E-iAo7*}>l4WYR>JZ_;<D
z^V-$z8*yQZeWXa%YAZDD*`y5l{<;^>`VW1+e^&L12uyA@>C&wmiJksj$gvJO8+03a
z`O`%b!Q&T173EKH9~l1T4{=ZI7RdoKm1A=I6l;M~M+KRQ`}sJ5<`}U!WeI{*^qM?a
ziPIgi>m5#1j`sy^c(ZK(AeSmJJ5=ukg1+?=cUa-5jr8jMN0A2sL@r+kAxFJeVa2H3
zoA;VJFhZEgV$OXOvB9jXUA8(zIBYM^4RO#;2ED?{sTTIXNFAsby)D;#tu~_Er}D*s
z*q91YuQ?FlVga9LL}4to1Lk(VzVGV^mrfsIDZiZ(HSfmVb@+IGQ0<I8r4Nad9Mmjq
zx>HY%6111PcsCH7R=;iQW^i%2ZXr|tVeU;_&-a1tDUdwaX1MQ%qi4abdzXiI8MrUQ
zNB7J#dZaBfDe1e9(EhF~sP*!?ta}L>LfrWtv%Ozl*)+jFv{2BfvKAl4BZ=}fNJcuz
zc;Ls0uE%RRILd{#h+hLIBdl8p@lE)SDjsHvE<CIAVl?xdPlL$Lz<&k>VO(ltA!P}N
z(q@d7&~;=1{?eW{7e3}b-{&?>;9~~c*BRsqpu@vHEQ#B?yVc3T=9+m7llphG?NA7&
z!bW#ZzD!G*th&~<9_=2OTE#kze%e3UwU803j6Xr$?Q>h`#hfVep*5Q`+BVF&ny?r0
z&c1CD7h3~pcQfGDRs-Un#1}_PG^a~N8&0ZfR3jfRNNKOV!iUao=V@5d=URc=)R%c2
zRjV!OCwK|d5!*0~scCcMmuG4Q3|J9If7PBm=jt8)YV)t3y61&wzbcKT=-M1ihcre%
z(dT%3AKkuk%_;SxxviT6f{WOE!U9Np>yZX1jJGsq$q05Q(&^AW!?;*MnC~w1pPkWs
z=tKi+w|nWuVg*H!t!+as$k0p3l?IRBi<CVTq@@e@-|{RlrIq!WOr(CW*+?t;W_O9m
zmLf9KO!?&X{i!yX%ay$KW7x->m!O_$t0nAfuR{ZQkgIeQ)Dy7_TK`<+g--@>)4U5%
zYny~nJX+`UD19YhaCu<P4)-+=z|IxCmMWfoZG;FRQ_RfA%zm-7b7AU?ZqXOuPUKG+
zGyo1~S@JBK#)2GPth8W?x!LBE)hKxejLo_+gPCnjN$*$sZ_egU3eF0LDh)|hedzH=
z1{c>!ImJ3TPCI7<>3DPds+wjhWbxoYB>DX^EsoUd8J=<sb(+Ks6`AITxjt#8MCD&9
zpXbC~XfQz3=s}DbgT8v9%lN3O4Ms_-!tOu4fX5KRLoLY2r4PS~#2SgCs8`>^_5m6Y
zxphx#VGX!g#Ih3kphuNL)Qr1f(m?oae`FvR+SFB&d9bab$QMlbHOTdzJ503tK7e9S
zYVn<;%*I_N09x<mPcv4C$O4eNJ0)#d<>n}U5<QHB(Tt6p@76U^1$F!w?v9pOytZ5~
zmw#b#@1jBiTdXXUGN$C7Bx)TK^%u7+vYAbZ`w6loq^0vmT$5mmxaD*DW~jfoSY>Ky
zgrQK=8@kP^MbbQJzm_nMzp0(+MA&HV>uPsf<?FyLB*9@41&_12;GZ%a(;DBulgVhS
z6;=yD=p#Af`&Lv%8NO01m{^Z?xbkH2o&98uSbXw|UGJ;Skn#5KR!!=2#-;*}-<L3V
zc%Sp_?)N4X`t%TgsUQ+hAh6HBx~sc;6GFuXaq9N)47`1cWnTi+pfq2SH#xvGTdftx
zP(gU#=4H|jL|fJ#0`4rj?dD&Cl2AXDP-{9FF~p!nG=23v>|)U#KOk-Ca#c)+H~x!@
z9W35?lgQMJ5^I&<10M|wOwT6Cz68oCD4ra&2+iT#Yf0$@#{v?eTLdcu%O4xb0^y@I
zTIK6*BftcVYiCk%c^2@}5U~5=G8mt|C0Tl<-t4<_FtDswo|1Kkf;;$YLcE=Y@n`dA
zBG8Wla&M)_v%T0X1p3>Hdoh5F^#w)GP47=i@)7V}pSEPE1r_IWi`9jnaXmze+zwD`
z2HQkTt7wI#;dYN$^TC6kwh*WJjC+Yg9rwg(r|U1iJ*SXg$qeR~Um60pKt;GdLpxBj
zyc2-iU+#Xz$jtnFNotvauqDoi&|r-QnActB?j;*47YK{D_(kn<(gn?IVdO)vxQTyO
zOG_N*nv)vvAlZM51K)c@%+HkV>3X(uu4euso;WAU7Ql;20KFFp1eYg-%p-4!!N>T#
z4CbyI@ZZPJKh;yvZvM2U1*s>Mf|b#8!%rOD!U1L+s>nYQwwe)*l8P0MZ^u19@nA*U
z*?`V>?v8CgF5UnR9c2bi7PM9CbY%|6*g{8GyU^XTgpf?naLjMAXqs{>Ke{2ij1+mX
zF_S**m#<*}L0h;g=nbh<Kv7S{C?!cO7mG?<h2-3Ma$<_XvK>}{eFXexDd3nZmGUW;
z2H?FN0D_60P&7|og{d`UnBBrZ`;e6wp?`F~)=D<M2dxlxbmXpgxvZ^;1@cFyO5mxx
zUCz<S)T=X)&rx&;(s@+pVQ!z??SzwLRs`VS?AKGT$+(&`kvDH7S6WHfUrYa+v;iKM
zpZ-nVEYCpU-xqc){_D6lN~MQV5;xENNl`jL)QqK9BMk7}UNTi0W*3N}x_v@H7acY>
z)P2VG=>nyv4vMGBr7E;I;N^H}`m`({os(Li(5}M?O^Jn})4n(Z?Orr`bh>C!;%UMw
zK@7ia--*<wp8`H6B8vc(p2u3^sp~14VxJPzhQG*GWW1&AQv5u;jxPH+OAooP<cU4N
zFOmw+8U~63vI6foSvfj@l0^(4a7tA7ZtHbz<?usr;^-+0+vQT8$yfW}Dq3w>;#_2$
zNT_jMou9{^^NmYBWT9Kx*tt~<KbDNC51>CBVvDhoy)d5!#<{Sz_pZ}+q3OvD?QEr1
z*{PWeo6Yy#SW*brZ^Gw<9CQ5qM91nU!Slu~C!Z$`-QtWCsgec&Hr_k?tAntm&C>+f
zVPwG+`-pEG#!DjJ9y5~G(-18PeD>yvGFMzC*?A2)PMk7rT&ghc$GfL(iu%w_YabQ5
zqa)G>fW&bUW~ZOJjYjRHa`*98#O7dwtC|T2I1x{04#(h;YR8~1nC&$T9PhZ4{SuW=
zs9F`Q(RjeAR#$Xqo9O<x5^ClEBl(6g_@P4Q@>}AhQ6e_$xib-qYo~E$mRGl?#j{3K
zJ-nf5oMV>bCTy!;Yqw9UY00o(nj~2KFgkdfzJS{Aq6&_vp4A(_xnz^_yDsvowS84k
zCtPo*5ALa|;8mw~DZ2%4@8aYcj6@b(l<=P~oq(r$GfWLP2nf|0PI1G3w)VAzcsvDN
zXppl%?+hi#ss~<{KZShqK{G}h@;u9EHsblKVV)Fl7^>q2ulCfWk?yo_(Y+a?w9TAr
zjXTLY7`e^egWpzko^%ozuIa(6&s~UJ@%u3e76#P&VO)%t;Qhv%*MMh7c~XHHH7&_p
z!X%lrx!T|%RGDeusYNJW&Wm%mq2%04+m1p!1rNjE;*ARpZI+f$M9knd$D;-Ze}#M>
zrboN<SzlrAfdwanHNMR#9HLu2m?v5X2$`x=Wt-FUJCK{kdc)Nz9~{Tm?E6brtvomJ
z6)<v(<QbhHs3VF%yX>{xBDz^f(9G%D2V;qx_JN)Yf@<LB4Fs&_Uqts>and0B-64R=
znaog?{O-S(ITqRMkyevp6e2Q-MBmDUKZfT(0h6!Pm7k@Lf{r}SAMu03kF+D_a9WsS
z7cfDVK)c?5IjRo9uc<O{y2}#LjfTTVz$B(ZI9pRysc9WaQMG;z=0ErO)$s4z;X5`=
zZ<EG0`+9*W4Dv;@hmcSujGLMd9ycGPHmx5mWteeZtZ$uR?uq?)c5@6`ECKiqOUIzC
zNC|s__*~s}DZqI9noS(OM98}gA!~}ML1xP)B<I+JA>4pR3wFWy>j9NAWOJn1m@iC;
znZkM8kxU3<-x%tv5~C9J3_%gR!^0!}nv)^G@Fk%`a&%;v-5sX9o>z8%+s%)0h6;Z*
ze8e$?G}K<~+r+xcEi4QXQGy(iXa`-%&8N-n7I~7Ty<D%d*5N9)ZFz}T6AQU<dw1{i
zR22HQP|zJ!<e1Ms^7T(&C$qU#p9v0l-S5nZs5LR1`u0>agX_8f#cCl|M^RJS#p*YC
zU{>CckLYr1PMob5i{Jh0@%UY~hKRPL0~narQphwX6c9{bpL+(G+T)U_pcA$<F<AR7
zn?8FQQJ$9bZoFrF)q)7Qiw}2H6nzfVa4p`W`0m^CSMP>f(x$x$ZS^Lbjj%+0t2)<Q
z`F(e)D*&DYQ#Rg!vM~&L11<K|01%gqGoPQ`wffhoY}(efB<)(XJkrk*heswdh0!{)
z&bri`T<}kr`>r-r)R@QKk<Ez>D}o@in+_$V!WjX39Yg{Bj5J71bZaq0ce%iSSWm+8
zQcma<v;PRVg=&sVACNc5M1?+&cCnHG=ZfgN$RHl}B>1Z8$_wYbjUV9(-*kK8UNbl7
znS7e+epB3&2G#Eu4$hA*=*w?nm#@zQA?GPkr-Uy8G7|vYQi1(w9$x?!sfX|GJ*ZYA
z=F9O`((*rMv4;Sf=t(Svy5yx1&cVqjoOWJ7BE)6Q0@McHu?3kuONh1*1`s+T?`4h`
zsP&0I;Uwh1Aj-yxAv9hlm0)B8IWr#nC(0agw(U$J&Z{&W#lFul?kWTWLlxCIV9;>z
zmSa#JS&PSFS*xrb%CO1Ti*jZE-4N8uBo+axj6*Mp?8j8mQ5Xm4wxeaY-Hi<yW22E6
zy{lI@%?%(2C=G*c<~vr-i7lXKYgfI{{1M^meO{g7Bf}TW5U1YxE7?bvr?Etm-3JFi
z{*>~zb~>tLlwtSYV%t~YcR+v4J?G#Ph%IW65lzgdgoEP~P*0#87{$x<3ex%Bx{s|Y
zZ2c`rTk)>`FHl!RC_@Ihm)mCzodok<hFsFa8x&w_%sl>VaRBLezd|nQg#i2(+WA*i
zBlT4?{)}?uNx_m}$o1+6s!b}IurTT|R%O<P)*p%c5Sl7SVBCU%v%-lz3AwC$7Hue7
zsbnwGw}TS$70@#yU&q^l1m955er^C$p1m8835$!IknP_A@Qb{#H7gCU+ZH31=~FUt
zzQ7LVX0&(yTj)ZfEJQotyu~!$h)03n%vjbs`zEww=SH$<-m=;o?u;awp}oM6O4iln
zEB!&UvQut0%G0li(N%a#buLqPDJdd4%9<HYQEZ_5;0qp+6yX%`DHs;C5%Q-)nyg50
zdX+JqwbkX6Mq%Gw!2@;rA3S(a5=rINJNS73J7|%A!L{N4Y=OKgkD*qpk~|ZWEZ}RK
z*fk1rr*;t~3%-5otwx`Vo<yB_VvN&-I!wDu@eyg%oDX02;wBVQ&O10w+X${w&=Zxn
zVtgFa=jo-;cKg^w&;W|(D=<B(;QQsV?C7?}P?7Vf>JEmaUY<b6u@h5|XAd9py3Ite
z$NuKa<cKs4IZQ95$1I}@tt<_&dr^Vi^B>XjN<0I-BmM`L>m{bJtk2ZzZd%Oe+*O2z
z>2UE933*+&5Xa>C*lGriiPHb@D2W!_m-}E~?YTfy2q0XR`D8oJIf}0NjNRNs1dTj-
zCveIux!SC99)C;lg0b~STlk7ccXCMAd)faB<-+raa(SOI5Btn+0b6u(S5<MM4|oZ`
zV7fB+M}Q3b26lfQjTsf>n+lXO`usS0F&BJkPrh;Yb{oYPCoadkUfk~_gw}6$Q$YiH
zh+^w&+fCO12lA#u=WRi<{m7Aq<%t1whwAZ6TftTimnKSg7<-k5(MGh>itcwjfN4IR
zv48sJFCFvz%5be{E;qF;B8&TNo|`0Uy)(KZ?0P~IlQB`jcK>CYX#2JKrO~sRP{gmD
zD>{mY{|c;qA20m?G;c<Ln0F{3nq0(5;9`few7S*nBWpl%NlLYqty40({=9=x<H$F1
zrN#{Fu*0BDb01|}*SJ^uaIHgpa80<xC&VY<1pfGVQ^|TwO6GM{qh9hwL!2tK@N=(s
z?_5Q`QX??>uPQca7{<Q5a2ISVCmJ>NoX0r_ap-~>-Mt;p>4n?qQp<fz1kXkvn6}mS
zctHAm`da2o8@6(QB0kW^upE$0#7hnY+@8@H=2zcRSwN$-&e}trFVC%rqEikQWKcx-
zn*5O+5T-Bk;z)pXIrJ~EV0S;QxQt1ZKL1R%T=};NF9bH#2W5%NT=uPmeGFMn(fah-
z6J;~UxX9RwHAJ6&n?IR1aPz1BZZ*kY=FhU$-{#M`l>Zb^Drqfgh|E%aVD%Yh{z$Lp
zyOKRlI5!oxUE8!=0$F2EM!a?BCHR7aNfO-9F$R_LNr(Wd%P{yyFe^?c%hFJ%$2a7u
zrw{!yVF$(9HmD5iu-}8{)v3^9c_Q2J2AiX`!<1~Fy*=NNE)VFZv!xGubwIaN93tc*
zino13V&8llvNHyHyHEj@xNH-8lpg7=k{)@kh*UTqAC43euq?3uq^un^MExM?rODqm
z5qbW9Zxba>VaE_TZ=G2Jl*yOm$Q1X@zdg?$23R@2XOGOU8T{7%P*fUz-9ZjN68~0I
z>tuuu>k}YpIB)Xt+nCo*H@8=B<L)+`duk2!dJId}@S6}tJ@G$>_reqLQ2H-u>X<bG
z6!wuia3nSABL^=$_S?|&uMLwv1eOil7SE!2c=O<7%oHuPz5BVZJlnmAX`5%cQ%&2w
z0rX?By3s!?U)lh8**7<%SEN$hHf}`;Ou#akkA4XOZEUaF!2*ttfn7TiY=ZD{Cg7N-
z&qiK%0<V7XZ7<)=q~Y6M+LICOO4Suk83Z{<dyvQTMNMqIApCROd>k2CSSw$x?72$L
zn|#FLMBRld-yv^@$c(iGIDdH3^$B&8{$-&0C57}Bi8yp7ym<bQgoSTofMZ>{nOhrk
zXu9Y12J;It=MRkjj`E<=ExvuLDAC=^Ij9-h+6|6xc_ial+a1JKsCYZSU1j+m8K>9C
z4j9gpsR7uk7X%=$5hKjGupAM;FIKh%z-Uq}m_S7+G=BBHJm4^CMkHJWe}x@DTo9Qs
zB4Mw3ZTz=S%yOIE-=4ehpo*#TK2pD(clbgHtQ8n5#Lyp@V7RZjH+M=LbT^N9_+zCS
zu~~dA=m!TSne@zvYWw!R-O1qzbeJNGcHGOLIBX^x46w-yNz{K{ce?FWnGRG0J2f>h
z?M)7(kC}ySi-p$jP>Swi<v|HFd})z9WX|cmycD8ukse=xL7p*axv;G<L~xfeZS(%_
zZ=Ni`7Ql{9muAIZ7V2{krpoe&jM{b%wSsNSU=OF5phg~!{t>sKa<_L-VqIk#zsQPl
zx7gPd^E$=A@yTbE7X;OTD(EW4rqeqoxJn?uo2|9B1|yyB<pC=RZ1ys#!L*47q=T8K
zx3<9-7&9LP^-4U?NBsmX?SR4Ivk2JWkSkQwe9Yj%f?9XLeVuUy2(H)&e;+gP7oMn1
z-#Rbc<8N3E7kSC{*LJx;nm4FnG{%oR;M!lGLOsie3GL9waCQmWfh};opsuX)EZHEF
zd$5gYu9D!OWrYb<sO_i+$#F4Z@B8z2)fz1qZ?NdbS)r*10-<b<#Z_FfUr$s7v3{D!
zAUhKSwd$uVt4_gqqb!|3oX$buK0J>8F@O%)^i=1|?t25_Eo+q=V9QDX*G%bqp301w
z7$%8lIIn+LKNg9}Bq{8CxEz=W9UwEe=lvz;ME{g?BU(X97O9srkrknpYgo)1ytc0f
zOv3XM8+~jUR!e*X62qr{+9H3|V@@%7knn0InFCMH&wiaE{wv-$UYFySI?=vnL4%M>
z8VB&gsGSPV<<k7|`JObgI)}cG=%`)gp6SUY8`1Yes089$k^6iK92t@EPF4$_ICi#7
z`|ArdMSm8QZFc|oJ7Gs`;ST=)<yOVsryhI+UUZvJ0u4-e!*FN=Edvuw6Z@IInqJ3J
zH&GhgPldjiWTMs%?zjlaQ;2}2qh)1(JRWG++7QYT_jkk|pCAgiypG-VRz5oi^?T2t
zHPsg&(CV_?JIb{m;oErm>Wh+Gq1yj4#siL)$V=_{$z*$fMFo+YGiBn$HX#eNUJe13
zE-*dra)5(zvmw+w@zV@+ogQ6Y4rTnOSM?Rv;!f^DXn$iLoTP0UX2(HfZKJsuJVDW~
z_~xSr%(3e9-5l%DUp@@;v=Px?R{Iby^9e>Xd{t)LX%S-xRSzjnh)0kfDH^rTLANm)
zF~mD8i7WX^MN&*?!kQcuaIB87I2{)=2^Un)e>&pAvV_0><fGhNr~C&U$gP^(z%dS>
zxZO`AcKz@kLf#G)5!0dIxi}yWf5eLYB57q|a!qIe_BT0b<7HEQp%!0F`4m#niUhp6
z)McV}6?xO4O0YijK+ZE!O3iQ<)?(158)gj4z@^_z`TTnvw=@Eb<J73PomT%G$7!t2
zbMhO!$fAp&2thw6!-`q$)&+#0HN#}Qn<yh<2IL(B0EVQC`Rb#`!j~6Hi))X9|J)ka
z$`>bGnJg=fBIQ;+y%(Ow%h27T{Y={odVFGV39kO~Gh0@#6Zg#~p=>QJm~#(kX#aG-
zlsXr1cJ^N&LMHuM?2=x3C^@X><(T91J9nq98`9&bCkQn73Lag;8kO;G43GV4z6^Ga
zOejwYMr{3f3X55??@)8|sglsHL_K_Y*_t2h2(L6S>xNQTwHT`+rEy5`Z$zpgC&6~s
zD3HayBR#K)RccQY1nl4u3G?>gWZaoH`#FlZo$t_J`Y&J}q<mTMSFbj<<vm3#wY*;E
zAPtk7&RdbcG-Rvf%tKpOvz&_}`+4(Rn^?y~!JvtKmlb@f*$EczU)~>iR!B!NLJ;2u
z3{x7<u%toJ`f`9b096|~`j;G>35ewE1rl@^g(anS1$kkH%!m-wa^5hU;hxF^es=w>
zeOrcw%Ua1dYp2z1^n6ls@nt~Tf4|J?7EDMZ3Yiko<*T36eKgNk4q2VmPGP)i(t>(9
zyM(B*ZS|=G47%&1pgQjoQj42o>na19-PIcC;Vk+5XRnK`z6W-fmj6Tn*^R9ThJ1F}
za(|a=>9YQ}6rIHH6dg?4X5b-35leC3FV%kqMgDv$f!9|&SXm-ttMcL*OzA1oz5zYz
zDLbfH!?7<x8)byf-qCr{T`flkn$gGjXO5>SWwQLw9Ip>H$Lp05EBjl@Atx(9HH4>>
z#mY8Pbe=13Bv>N2V43*!hLLWT&7nNYDSYeo*)eVZ%-dUkp3Py`$3#YEQ5t%BT{ScF
z1VOKBq3!l5Cn!x<gzzzbcG=gLv<^^d4#RZAI_P_H2_LeFRfc(~EpK4h_rt?`|JdHg
zb*WuG4&jiz1nkyKMdkJYEcb+6Y?bFCoP+b%LPPbFt6eoIRo<`tk;bRyquvW&@XHgQ
z1|sp#9t(^NaPoa>^cBoHkUz`-n1;m}lB8PwcCgD7gG)760wZQ{yQ+G_ZP8UpkwOGD
zk)Pk?-;J>DcYhdRKy-~TI@S{^JZ;E9y2nHKWmP7X(!n%~8qwvLn-pE|<Aqy&1Y_f^
z2rJ}GHf$l$SAn43iw|qIEfcrTKf}zEjvsB1VLSa<em+<4EjHDN>GG*3T3uA_=X<?7
zqvZ%KGlIcvb~m)KAL&5_cFzg@P*yY8G7hJKom59ZGft)1nyM>lpHV!8VXXDSEZF~u
zq6Hf`cbCE$s9i%6otm`w@ldma^q-M4BLZB#(mQ%;Pc!9$HdW2<2$J^j65!%E74yhA
z)%-I79Di93lWqY-I?wJ=W6NHSnnE_PyYw4@>BCr$V)5}An0DJoOt6n#KiU|(LC)|=
z+-Wuw!G;qoi8gePN|2D*Nx;yW_Q!cj@F^iIBb$MgxTalwU_I&C5t}!odZ_;J);Sj+
zoGo?f#04C9Fan?#s?zX5E#atvTosDHU|TcBcv(M6)31l|v0R}^RDh9y4y4u9ag-X~
zE=aY~=6tKMH*-oH(ec#k8H@ft9Eciu_ng1kHR7HWVPEf<3qKGptCv7J$k2miP4Gk*
z<LHQV=jwqMua9Ixs1fz>MH#e_LLa`;oU{BC75Su3qbJ^;xXx)ZO(v$z8`tUj6&v;V
z-gBxlk5eG6)}L>vf>0!Z;-Fss*7x4nuN5dtPDm~=+^OK`d6-NuJpHvM+#RKoQx&sa
z8#X%xzr1i+R~Td9MwSJ>vm=Efitf7yDP*r&Cs<JVo;@)`BLNJw-nz&D|MBYl+OA&C
z?N4o_6D(D>Q{OPzRiMIC6r7Ov(j1?>;u)#)FHcQR!HBX2s;Ry=p&ZV{_g2r2+~4Wp
z%Yikj1cT<~7E5@tl*5cgOx<W3y}gWmAav+Rk(|2cu&i05V}_x+NXiQi$!p?EeGk0K
ze8NK3A9jKBe@HPnIuWkLIIlP~o&Q@g7L>#<MpDJ(FI<gm1nd6}4_0AZPu;;C(Gry-
zA+KS|Bph`o;SNH{BdrX@O8Y4jZj*^O_|E6{iBnwbhipl(!O%&JujU8hM$M7~5RlnA
z78QXhvL&?wRGi^^=9T;1O?R2X7?UmAZ=0qwh%PU1udj$jNjJOEnAo<Y^-2#e=X}5y
zs_)_jo*M<5&3&~^q$s*+?TL3X{l26JReuk@a-gZZEU@pIN+;zmsBk!yns@gxpiEH5
z2{>cs)TKKY@TXS=_)G^}LnjyJk-@97gS?+??k`s}ULpx|+G|K$?QeJO<qb45b4gJx
z0yu0~Z!`pXSBv#|>LusJ+LKo*1N#HNP8rZYL=GDh4ZgAR>Rc3SV^M_3-=-S6q@%(T
zS;HCUH?XwHhR9*-4t-}Hh1!BoGFI~@)rsQyB!{H))YKW{UA(LFMGXJv=AFJ0dy>oK
zmPhZ~RYdy!Z-*@fIiF_-(=`U}u*o<;8Qa5eh{RJ)6I~}`sY{p0YY<P3JE;Kig}b4Q
zskFr=x0t8HHDJ;YyKINLSM+|_Z6#;Y&66+s(_hA<5Ls}l2%y*)wDTZq5An+z-{+7l
z{&@AktMMJ@ci5niQr(D_l&mlQlrRu%(_SmYL8vI+`LoFP&_=F*=hv?Vt99WYB6Q-;
z-4v|9^_K<Zzd-U@yWwL(7Tl)*;+bAKmo*q+ysb}pH^7-n9Z^F>ftoNYDP+gc?Ep)z
z5kd%Qo@3U24VZ4}@zh?7k3Vq<%<&17V>R>oZ8@eY1Y24bI+4+1M3=<eBIlZnSVTE9
z;thY?6z(1UhIdM}L=;sbOS4;*f@LG<s>UdECXiAq>;$e~7y*723U7YdZd2V8H1T6w
zRl;VDRfI21R7@^WX1t)x``0NlHoxq)7zLF_8b-N_nMktjBEA8x-elJq1E<RFB#gw6
z>+62^k;(Da+80Z)A7EwDAFn0}PSJTz2g`>VuGd{LUmzB3MA9i0XWZW=PTNhew@vjf
z!3Q0EFT5q^Zx*%1@W*^PEvO7E*`+&Ncxx%V#dFh~efMeJ$LGuqdHy}_F1rq+0JPUO
z<h`0Jf7mDCeP)P6*_zwP)OAZc@IxTdaPy59BZw7-<iWN*a<w((-ROk=N<4+{-C76y
z?YjlUWLRc%8r?RA>>2VOU=6H8yetJ{*RH>SN^6acl-y>d$JK5gzO4_D^vc4QrxF!Y
zp`9b#AU!saE)jK8ZDRGa%F4Y4-=^9gg@;)D?ZTPET(}#rU83aNEzRF1oP|ehwt#=w
zk5bOrt0YH@A_o5?WMG+bLDk@-A;;eBjv2-amw|Vc1J|w^&6U>W&I8#^NH(mlulsyg
z1TEhPRfl&EVAxv0f>XWH{k?TZ3}K(~dwrlLw1pXS(tEwGx`U?R-a134np}wkUC8D5
z^kcctsT9fw+95}64cBQtAaYaEvx~Pq8f|vkvX{3gB}-km4`$vcoTmJ|rYr@9w9xLE
zNTK5`*4s-LP}}z%80^~Pe#r0TF1P|ZvvoCh2uIFjRXM}0@PJLEgra}9+?x5E_j3BH
z3w2pp;-$KHUwhoiJG+w2pH|tcd_ETbo&0zbbtqn0H~;;7F~$Gt)RF(~)NwtP{XnFF
zjB~CS-!Z)O6;N?aI1N76jlWGfieHJWKTNs(e=+42|1sqXVWwQKG{P~w4-t9X_<_`l
z6QX{s0>V7gYfTC~*YI}dRk@_(rMz4Xax1yGJI1i9b$W5|OUPC2`HU?ouW224EqJMW
z7r=^@-?!4D$7}$~AKbyim%L~^2U$VN!SszHeuhi5-G@0)cdw=M^MQ8W!<$HxR^e6;
z2-(FP$T~XCWwNg2S-h3o=hjbS?$n{C)8@09w0zE3t9~~`ISliZ7r$4z;J)&5bJ+uU
z9-K#`8iC4}>Eg}>mCO<FO=J@<+N`i`28a63;C8~dURd%29L00W;qT(O{w^IWI=~3C
z8}FX3QoMn5lPI%mI&9;hhX6}fvwILy+M6qmSFQWsB1xM%@oV4+Uy(i?oy{OZJ{9^}
zuYQP=%c1Cbja3)Z6((#zK$jEQD@J)?!5`v#AKMuUWYhl{n0h=~(97y5|HI!yo^#TV
zNu^%`DW7Y@?7W@|ejL6`S5xC0Rin|~POZGB-lZ?g+al$mxXT-tT=f(mYbsR)zQ0gD
zpy)bS!;ae@-x~t(Z#Zo;DQlPhUyoYb8ur*^VQYeH($}otcrm}4ioF>%%=T<}ApkYu
zA-lPKRDZUD@Y3W86KU4hz>}~h4s)doWXOjmfn!Fyd|Uf5JsOVlTRt`aHaH-{aX0^w
z6DpskgLR$6Up<I*o~zG26GhMZuV#48ledEOX1v4+CYYJWC7g?cFIMBm<w$V;a0)fN
zPa_gt;IlM3WN6MRBGDFP+9j<9%`Yl36O57%Yc32+RSlE+;2;$9h&kb&8f&WVcm(?p
z>klQr^g7IVXg)UofI0K7J$1}sM&I=yO;D2o@pGO`tP%AO1xxgz&=;~BN3a;0Q{Q+~
zuL?9-)kRN10a#YyV5%_d!*)*J>EaVPBVFwrVcbaFb>b-6^pz=YE#KNvdl_t)4KLI7
z&{`3!Y|jiHpBfx<Dx~RsR>xMaj>{x82ZHQ&(_5xUnVx)8TQni!iipwkOuzz}iue{d
z6q-?EqxxfaDIITM;_IcS0b6EGZT0AclS9&PkM|!_JfiE*964eZ*VvK2rm=uq3fE|w
z7$j(d*gn*BCnaA$Y;lqKYmdECX$*$#QAMCY=yY&CAVUggb^NfBalMifLc@a$*QeR{
zADXuxi7PbMEtNq>a(`Z`mla~ihUI;YOiW}2miQ@}AKz6X10UtxO1Le6%x9$kMZuP1
znaZr;#oj<FM727ADvNbQcc}>~CzqI03BCi+VR(j0G5uPE^vJ6Wjf(2g48WKUXOKIs
z4J=`33N|^-{>dw-8W;HS3!F}}*>i3D@N;rY5dmdi3ngB3F3fmr(U4Zv+>(pg)`+kS
zNrXF(lhJq~qW6h%Fc?h6Pi}CWedufN;PN^(dFJT_Q$nwP9<e+p=m55_@|Ih3+w<ru
z#ktNtk59dPBVKFS2#DJcEdL^IWq-JVK)h{{?{85ckZ?fN8VT`Dro)O^mmGb=m@lEg
zwO<ch`!qXyEx(4xoQSk)qjrIgUO(M*qJG?71`eNZ+%?8OGjhoJG6?h&=2C?<UnOmw
zg}4Xxw<xHEB2RvjL~=X;Q1fm(3h@V?2f&ITWNkGXF_}Z~P)p-{wSb=YMc2K!kNuHF
zej_ho*|}*Ahx#ps)-Of9BMQ2M;yc32VN}Fp=DEb9XSKnjRBFNvfN4<Cy}<y>##r$F
zsrVR*_1(3T813J^TW}j$QC4j#e&&lD?xg!=I3#<Vm{|I*Qn4-Q5KNlYyc?D_n3mO%
z$r-GH+)%<2kAMH+#L3aO{7eEt>UWX_)TkyzTYWv1o_1ie&muhSLA;3(nYj)G*GouR
zDZBP_OPfCfs=Sfvuw1U+CHc8ni3)da8y249hFn|jq_p>4Rn>wVz}%_3+A=@EO?6B8
zsrKNA1A)q}&(M%PtOBo)axCAx2Znt!hc7~kd`x`qf5%O!k!_o4A&z%i_JpQTCM@un
zGDLXw<$Kj%`rP}nT6-?2MY453%q~LFhu<-4TPN2K@rfx}qm<A3cCx8(bNcb5NAPJM
z<CwfBv2l5yzI3+fY}~i=as1*f>K_p^-t>3Tj)V4T=jgIsMI74Z=-AOE(IM!!ZzS6I
z7$~xK-qPLyD9kA*gAr?O_Sw$ZB0uqe$|%xcw}G-|R<z2EZw)+~-ko53{~3?V=b{Sf
zIE(p21XNc-@Iu(VoE9bq&5kmLjYKr^!AFAup=D92XsF{-@K(Yo;}hfp0=U$)Ah>=B
zAy)M8Ps`2N0h;VUc9r-jJZEo_L!Lc1$v647LwPx|HWtX!5xn^p1z3~yS<1?=aByP(
zFKZHie0k!L^@s2G!(^Pb-lzj#$mNi<`OJ2LMzUa7AoN#PK%n10KiK^P^|4o>?B1wh
z+*W(cMHf9Vk(UsA1J}ngo)wP^EMeEsgMX99Eg}EgPC?HQ(bu+UEVu%{)$yJ2HcLb(
z=Q>Xcnab2KHn;Yl5_w?##)}@s+177s6<Dtlu&M!4NAz;j6zNjq*kXY*g88ljvyCTG
zt9}aDnTUM*J3hCg(03Spb>W#c>YlTaG~ck{3b#vfR^~ZnnsN?b6n6wa9=n5?&z)sK
z|214}Vn>K6PFbEYj4%ZTEhIUgUD6s<Eb7$ub4|;<NAvpL<NjMk?yR&7#yKB8x`y^?
z$tcKYJMV9?SMf85oA*zWvJOZ~Xle<yHtUg!Qer+sKfTSlCPU}(0yb*eq|ukWRbAU!
z(8*kIf|2<mlb2Y%m`6&~Bj1W#HaN-)$DOq6tZx`w?$Fzi_c`Uyc)=f3MYR8-eZ$_K
zDu%3|A5G1!qiG<&fLDW&9KB2$-(FLxfaV1l&jYYU9h~Tx5H>+6jkkf5x0wpxm)<x=
z`8>b+fb-Z~`5ulaKkX5uf{}V%(sPytU9-yN!H1N(tuCogGvm99YTC7UAfogqwS{cq
zVoKOQs=s>MP?YB^G;EV}4oAG262aH<o^mVZWgH!W4W(cIF_bn=l^sv*kaW``4u>cR
zq<B6YbgGlJO?(J9BZC1mG9fR_^e;0qriEfjduBcYq042prg@(j*Dwn8Qt0*g;*U@J
z6<&SKi-?a0zXCfsF0`njkg(`X;6s#=&RerY9+1v>JM5PX$B`M7Kt-CHC5jSG*NTA6
z#t>~8x7*Tl(nSW`hNaK?M$IDo`qt!gTL(9^)VB*gu;g9a#n@nW;^R`7+`_n8ZHBL@
zc(K2sLg0G9+#bjU<ZhE;!*g;<$#<2A79!Wm{zg18zm~rIhe%%LACbKDso;)7(n34V
z2ZzF$`=>Y?ZXT8<r}~Q!H@t@W(Fl1J@5?n5YM5oI*j-($76%0C%bQ#O3FdK<R4$c&
zy?pW63*)t8`;ocNfzaL_xqhY$!&F4hdbM|W-|Gd+*qw~f_t&z)aCkw{&B?3GLs5kv
zKp1c3S32)=>!a<3-|;+XH-v`DnF2Dp*Jof@fuX?Scc68^usH|;a?QM9RT3Mti1V2Z
zJ}y@by5T0QqTo-d8Qn5rW%U^+^DIE~*I=}Q57?u7?+M}HmN)=E3sx4C{Pvs>z??Ph
zzW)>P(kb^p77?zWj^|+r+MSrrdj8+7-5|{qQkb9FMJr!u!p>`F50}dt{RbqVezOi&
zCtD>SDR8Nx;~heRKkEy!DASpDTO59*{ymazPj!nnrM|j#FK#p8{rZwMvnQHgbfs5J
z5_R|9TUdMHpz8T3&MFY|y960Se`!%utC`lo4^F0FxEA$Vpe0Bf?1QaPeEjyz6=($`
zCS`%XdoSVPE?@JBvF7v*03vHxtugD4&{)`!iS0(`3!s?mk&Q(`o5t@6w>vMP&J~`m
zPnlZRd`2ijmYJDl&$(EE!b3g5u+dFx<=vyLFCSBR+*GfIe^087^Qp6#aMnI`G?zQ&
zQ$7Uh(GefV9bvIN9#OYjY8%1$H7-zmx5k)oajhk9=xgRjw3`|)qc-Wbz9A`3oIiwe
zHqP?QTrYsALJO@>2%_3$BqkuI&wbpx*$DyQ9kTOrtPPM3jDWn^G29{wdcw)Ps<rbn
zu-cF)wx+okKZ!kJgs1wTwv<@2VNtUuzwb0d?4BVM=RU2bIBO~$);mf5>vP8&<{kpc
z?(UHdS)E4MitD@ev{a417D`)Qs{Q-)dSb3I!7M9#B!gMp`Q;5d&~${^B~Mn83osgy
zI8_GoNN0iN-@y_Urh&C2Bl9H{?@7EDk*2Rteq{(Bq7yd3GlX_ZUt#m=&KaWHB8paP
zK4}$tE9k;57QQAWqu=2BMCX@ndQft(b~b8<mgK_$O<(FU-H#W6E0d+Vsx)+jDrFQ>
z9BE%q?Zi)J+TOvu*n`%3hc<3RU)4n}j$rg@B#}T|9VC=0Q%lG4O}u5Bbrph(*DlFV
z3e`_Ee6jen{_0RTrM@S^u`$!cNjt{QfEz-_rMWT~07Wk7JL33_SrgfQ5=}G=Fc+S{
z(#NymRJbyeh4iDcKWp>J;xojn(LNu$j%w7PHe#+O<oh!GL@Yx87CG!C{MX3g_{6Ws
z;l)zk@1_M+rUEn_rBO4hmJM&v68WS)vTvAU>e%&maa7rF56GEr&3rf|Obg7!-)Mmq
zT^-7ksh<X_vpzM(=WfiP`?cFyTXgoyi|rT5@Ur(W)wpSRZTsI=EPxnNqp0=iU27%G
zz>t}(#m0}y!oM?!jK#ic%y$Jh+c>4M+j6YNTM27YfgYqOvhB1DIMT%1)HCYA7UX=b
zVT#dj{U?HaQzfwF5U5q)4RaX*|96$c--6K~H(!jH(nl-af^jdG%6tI8+XDh3YM1&t
z(oN~0XSc@IuVc?k!XlRv>_tGL$F2~eoM8Uy3pl<Jgc6=Tl32i91MJ81USyoUqtUO2
z^dU-K2o^#d=Mv4}a>D`8pkpFk%yxzs!3^oOuewU|@35vg8n)9QNK3|zMu>beC@vl3
zG{u_$_OAGUX_t<-%Cz0^>v3l@1+{h}=M9yo!mnuPAFJy^R2M%r576m%kGEH~y5%UQ
zcbZX!p-FoD<Cd-gZYeRXm^n3|?npWDn$8x(ReD&($K<Pk1mdI8oPIGaO`J(t)c@3|
zK&z;@C;$S8f7zpnJCI9%>LHjZieLgaMKQ1N)t}LCxMB)?6M;Qd*(V8?OxP!;nDm<_
z9u+CQ;qiivqlxJF^JN<TEq^GKh1>^JLK`dS(zL`MI*oJFhG&p$m*>Z&0$4lX{<Zrb
zbLR~B-veLzf8-B=xpM;N-*abnVD5aAt0Y6n+3mB@MeB&2oRoMQICGoXc#%PELuXT<
z*Q9*tU0P6v%Jw+mO{cI(+Wc}8Mgald3jg#dt?!pQnbCHQApz%sm2IR@DLJ6ey+sy!
z<!OiUWjYu8e0JE9n_Q?U4);1$TsOVROV1W2OA~iK*bOebxdbK?d3Q59yTdYv{-OL;
zg;*xtnO&(<-x#>-dW0JXI?LNaa?k!$d{18AWBE(*$<F!=(EQ3D;!fs=h_qV9c(&3?
ze6{wxD0B(9=p0P8<hg2A{u2Q+^A7^%(=<Kb^?$TImHx%{^k9VvXN8AiF#gNazeL^(
ze`N7%0LLY_3oPK<ygP0h<fsb_khihqR3fgwMW7APKalfI4;grOwM19$vr-FUh`qc_
zd$dlW<-O)Bz{ua$k<J!@$I^opwDo{x7rh`#o%@rgOo<Q8_b!(>Fu@D)#&6Ld<_gp<
z^-F=w;e13^l!W~(YDc_n7Ti;xOj7w1^zzUYzB8{%Bp6N+g@?20u}rs%)sbs8zczGD
z^r$-JsmGTLXG=I$y%Z`xs~!2asMI(Lgbby&U?D@#_2$C=ICvKL^lyV_yDKl7wb7~y
z$1wDw`75-Dx6t94jOu{RO%k7dH$K&hwn(m>x2<O@E&2O*7)b&ik9`wN`oGkhBd`_W
zuR=xQj*J^TOPx)oeKZR!mg(GUsd0E!!OOqfRiamc(2|fP$C4qu@NZgf?vBn=xR$eK
zbuDQ?K;P}Lbm3UHp~1Fq(Or6T4&Yn*I~o%pFBX5w6i)vS5m#6TBT)SoabxZd;-56Z
zcdYPSDk`**p+cWCC}u9?Q?Hf9iZFv9q{9tCODDgQhTkQ&=oxGwZ(jPa=k{oq=<Uqk
z)5%^rzjUDeFq-hEF#BC9Wqo>}()Sl~xqk~mff&$n^q`>Ogr{H!8tq1t3p|2lqrNTv
zCxZ(=R*`oD>e-rn%153SdK0{U{<y6J_6*@l7?TPp0OfSd==R;!0D?ap07}+pPR_{!
zfIlAFW&%oWXk}#PxQqX~jkvGV=KZAOjq!vihs+oeO52rEpG?ecK8Ga3a0sq|Ma)q~
z!Sxdh)6bjtbjd<+5p97~V5VyXa9Y3z&_A)|0bfxa`j-kz^~Qy6T)o8;HG8exe!3QF
z3SFGbpu4vKG8Q)cH2xkdMrlFhZ-8D37Xw^&={&2cq-BiW^|xYEa!<3{@&A9fFmOfr
zbGrVT^*$!@RIU9y1l#zQnsomeF_AgR=FphY2*2f)*^WzGf!;&jNT$A&4<@8xNFhz<
z=WAAz3k#|GJZal-OK^RE0VCFu?9IF{l6-2JEz{rQ=XO~6ZI4>1t84OTZ3<fMV4hf3
zyI53~J^;9aQjb#NVF;BLDUOuR)7VO=?SV3aFJLXEvl*zC`N7H|0n69$m|)tXJTT_t
zv0{t3c3a8&tC^v`r<euPSQ^;VxTj(fu!nJ?GfpThAV?U!?NS=0^%<TJya674Q<G$=
z6?MKt)MOA37#NA1=C;TeV?ww<rOq4HP+bT>uI=o3{i~rm7V)d0>VPq=sLbxkbxc;9
z32`a`X~aBaw>@~X*B0Hv>c#W1M5{HpKTzwXbaOZR%GR~>o*|RW#jR}5Y0snT`wxH`
z?0cDhR+T%<)k=r+yN~*(mQtm#W#O&VQ{2Zq#8Y32X$5g5!YyEji^bf-Q0gMV%(i2#
z1aTxHHob_K1D4bH#SG|AID&hRFpH?0Q5-~x*JoRV0cSYKAhVfry<u7R9Zm|FRqF(%
z1kgvmxg=l?gOS@)GRc5-MK-mij0crf7=lMfK~|&oi-k3$2AQ|+g&?zQtVk0#FtfUZ
z+|d?LOqHF2u41ffhiA#7Z%^FZVR4bF+EOcDkaC~z8+V^gX_QSzoT)&QhrXCU!msFi
z(*^t+&)h}{qrE#B6Vfa1v-a(Ys__E*-l&tB;rrhHKi1wdEULwA`&Ma0kOl!!q*J<6
zq(eYTNokO71cnl&k!}#A8>FQXBnPB(M7p~MX69XkTle1geLwMkkB7q#d=X|AYu5U$
z^SaLSbo|Ilp}5@0Pm)!l<f}yNvfy3UFK+QB@@H6@_4dH08j-jmloqm>oBA>-2TH18
z=ae*Gox>c=_7(IZrGO(5oZS1#ir|BX2HsLyTl14({)>(~3M@H-yb-DVGeb@C#J@S~
z;on{lNi3Ob@9M?3e|uLcuDz=m2R+m}eQ(FVE(hnc=2>Rkyj;@)y_%a<U0;($7e4Uz
zouAFDN8l6jKa(IO-#D7bDdE?(oA2|#>ij-K7gf%l02f@^xe{2K0M(shh_+DdwyHj!
z%iy^G3}uYgo|s39eUBE?3ZDJ{)Zj57{m(_fXRpo=%c?$y@(5e{KJz)~zI${x=IaxD
z%f!*Gi9|8_HwZb_xt@7`ADN`%0T+Z%tY3C#45QN1p`PaxqB$QE&4ECVwCuRxwu`WD
z|A+lQCBqIcUh%K;_7$<m-1C=f-Aa2PA+;bF(&Qm{ZSpAmO2uc2%;~`WjaadNA=X?4
zAgigk)BQp$^Pikg`;ekq@anBTvO+I;_jkO%-KZ%pFYZYGH#=%F(|;qZU*z?_BrNT}
z35)R$VM+f*Se1K*9w){4be#nZSV;TnqB3AVwJX}g^8Yq2duGJES|Ye|<M`Io>Q91(
z2hI~+-W7k09G%I4k)!XH4-hr;$H)QHbKpV}+7C9dc@K`>(;e5VF<OUtIuzm2SoM03
zrNm9Mo^nApV`q7*Dz@xtHjeAYoivK}<FoV`3jCB(ZzxxRxXB4#&eX_<ffnP>p|}Ph
znt`4?z`7y$+q!Y~F=bzrm9Io|OGI}*ET#SpM0iQCd~uTa&N@?R*Q*9Ls(;C5RsWRD
z&Rc#tJw<`=FlZ7bt#w!iMl^a3^g#@XLLb0QGk$S>PqRJMT9CohdA;B9@#q+3VXxnz
zt`N$jejQ9Mz)5NyYyd5eiH`u_1bqzHPa)--e!lvUrsw|gvO^aY;SGk6_RX{I{&%0D
z@k>j9Ywl09hVjZ-c)qp9&0)?s^Kz8(zu5_J41MRZaQID3tjOGTfSBZ2=6x)~NwV1K
z?^jpYSlnb!+er13Tm%v~h$Pj_e1tjl8BHD@%R1EP#?8UbTN)SK^fs*0&r8_fba#=`
zcKE2hbm5obxU_*(+VM-4CI1TFu!OXBorJX*+U70)H8&2U%Y%=1*Nr^4b9oqFh!ws=
z3_01{BuC74?QLCMURVI>o#?)KX|E0TeS9uU#Bq(W!s}XW{%XYdUoY*k{$pv+xPxB#
zl>@#3Bt639O-;KMwZXg>)l@T%=I0q?&sOV)?AQ9Nc_03&?{&oL+w;AWSXQNYP#mkH
zr5RcU_|!Bf|6bm!k$JWCXL&E+TR(ipePU9$KKjGm5-QnVGZ<OaEU*rD0tTYhU)JO#
zacmhH;<?<PK%)++<0BhV1)@2setA*pg^-c<*Zx&0qawQ!{9F!$(l_6;3#ncf+5p>m
za>th!d6(#$so_6|&{`+!AW&sYmgSc3*g(A4Js?2DobY#Aai%J}*|6t_|15<gIGId}
zI1s?1Z*I;pKvHqUhbOw{qgu@NXt?Baa{NR_7+weZ18gef!|)5Qs~bWq{~X5x{?(wa
z1U2tvVX8;+(9~|Chk^_$%gK%#nYV9KtaWc@wo2ni>@0n6<PV;uT{smOr?~d2zV1FM
z#OxTSee5pQHVzmsZ46@`wC%}ut)7q@ntHS^ous?KID=gudOR>#_xV*K5s454nJ$7m
z2wwV=(~KCTRn=IcFP*);;~_3vwp`L4)@T16zZ&<KmOmgOr9n%3dMv2QE1>H|wSq1w
zhcb@@CMOl5IRC=?(k8zm+4|d=pArE=5mWVDf$xB1<&KoBWN23>CZlqcow;3r$PTGS
zsqQ%<+d0NqS$wmdwp#?2NTY=WV6@<R7;vHTQ<?3bJ_|kNwN@?+x=@ENxj^&Ww|3iG
z2w&`OPajwPwbucZf{Qy)l@{Oj>(Jp8Ag{Zs?tH@;-DcQ;@&sR6##wmhYjxrT{X=!1
zXMn)1$Na>l*y+n>S=MXl2u{`wvdQ4eLJxR9h(%k+Zx#)$;fp2;Tyj-b^HGTv!X!e`
z9B;l8SpQ5vdd5E=ZM^XmP^k8S9h@pBqia;UOSH7EUaF5y`YepXj0^{&L>V$x3Nm(@
zoJ#nKNdn9m*E@>RWphqcomY4oqJ!lQTMb28P}0x8w8Ub4lDe7p4ccN~JgO&2HJYZc
zElmsgV`pUqhcal6kW*JC{d&g6N+b$tf9O3meA_Z`9$A@;-ioZ7eN}K&K&dx0Wca-F
zJ%g>@e85LEiApS`pDgoI|J0qTdrSEvoBq3NqDeB3D_z<V{g9=5I2X;&%GWPJDChB@
z1mI~MrR)?K^P$o4(J9>8r(_j@x6!vL20*~1r>&Xp%P0CNX80^LKA|>cB9mLQg}!)5
z06O^}0q9t7fBrvmM+6(whemg0IXogf`p}g|i=9&reo2rZLAFM;OU0#wJ?J^XMNu`9
zVeQUyJI>A+Ah~ybbO#?8ueU&gZ*T-TI8#0iJ8e!{VL~as$L&z8H47p-qF4${6WA-K
zHYC;!ea4kITQA8R#wnCP2^SpCOu`JMV7w6?E(g8#N@M~iSKi3Jny1BvcYL{n-$uM>
zBZGO<Q6G%HuY-We>$YaoyC&WDp%Kyjd{|N`nKnwQAHn1zA&1;(mYK#0bsTS`iBw<I
zE^2DrNK^(|3_tki(DYfzQX6n+PM9TgVs8Wkjk%^j9x3uXt8)TU6cQ_`fyiNXb8Y0}
z7T_|q`#1Vr0O<1xqY&7_+XA-mf<=NQABGV=?c-@;Q=tZ2sI1XIY>&{_BRUl^xz7fu
z3yz`c_imZ;(p9DfJ<BD+Rh=u(I8+m25`<wmL%PKe50^=hkZGJW7EQxHQYeG2rMp_L
z%mMtM@aq|3mPm)xV;5u|*-zkTr^mhIBtO%+{vTxB{4HONJ{4-Zaw~#9iO<LHHqbYO
z7-MRDnz*FN%(5VT){Uphv9Y`G$HyAg#`!-v7yyz$G5kl2*ub&hAOrH9U;q1e?#A6%
zvQL&DdF(A-t)ey><F+DzWHGeL2hg)54Q?e|)6k&4ck;_LJh8j*d6-UKde&FxzR+d)
zF>&VG8O09F1PdqJ4R>MK40q(cer%0KZg}~qh!FV;kAt|;XeOCq5h`EPUQJS#VP#o%
z@-XoGs#GSGUv~THDc@6zn)fyvt&CM*$^kRw{hlEv{piyDlfd!%Nz-jf^D_y)Rkbie
zn|c2IPal<D{zS`nh7t8TAXA5HfzrKeU&Cj>*C2UzHh_8@b@)IF*YuT-4|dGLOL?;Z
zAM*~mS=a~bb7)!~E%b6Fl8Ll%#XjfYY3Z+2ju%!yD#!lsR1V00>}@ssm$wxdv;>8@
z^Q-kCa<4vgB6Gu(#&13x>rzJ&&W1gD7+^TlN!EETX@T=_PaP!m5p|~^b0<2>hbAPe
zUJ#knv8KELe;fD`ah)wJq39qUi@63h4rrguC)7BH;+&s_1sN&#IO%C1#O$uaIl|UG
zl|or<u{gkGKUSW+m_O}txA<pThrD1b)sxr(8~G=H?bjt`c@PCYIj^`W;JIP7eRv%A
zGRT6s@{D^0r#csz?@J-|?XpxnJ{+i~Cy&<Dg|x_%=ILOg%(E#w`@a^(#hDardV+n%
z0gM#efZhMz!I+p*8;Bao8x{p@XnvmCAI~b<=tYP#v9nz!c@zBWp3PdY1>7f&ZUVis
zb;HA@jLlYQ%vb2$@f$Kw&(t2_`Bg(5c=RMT8g(r*vS!V=<jVSptgHyaSqo`wJ-HH2
zY%&0GhP!rAzqC)R(Yw11b!M6Tv86$Gyrtp4Ikx$@){w3Q0*=fAwJt+Cfqde$f8-N4
zJ~ZXIy(&(%3I5eCp(N%0mGz5OR4{(S^iYJ$59e56%e(x~Yz-BdM%^qx-%o(g32m4x
zryP3<kj*fu2NZ81+qMM1G;E9Df34i)+GdWSxSGh6+VvF)eK~8<Luc7~d4Tev)y{8W
zChS-4*@M54%T+co{qHTi;OpEod6bWTZ`r+2fNCQbw;hi&Col|6VPv&}k%T<YYy*9-
zkct#14mM#8_`MI}(^tvavtO~n6HD5BUSD`=?RFUCenqXDQ9L`7z{z_e0J1}M9d#8&
z^vF7%DLY2Y0RhEV{myFH#~Wo(>`e5Tvk}A>-<=Xb1QVm@T+-WJfj_VtU(g12>a;Vs
z-wm!Ae(rA(SwHESw0Im~kZA{Qt?(6pa|;d=f`pkUP$_<HeaBP!YRmO1NK*O<Y2a@S
zOzulJ9G!x^qmVmrs*>r#JCiAgkz#APr{bc@Lfmc{TYDg*;}+%iIi-bJGKImMMEdY4
z-5Gei0b?ATeW!StAGltshqdCry<I7Y*GJ8@ZLqrEQ;A27s>GTu6n7KMzoetH<M1L<
zJp9eeJ>q-YWEiBsRWGwFksdRLgd#Xo;PkJK<kt?F`vQ*Pi>E;6=jl2G49UTHU%KOH
zn+aL6?xKcJ-=F<u&Zz(S-nfnW_$n8O3O3w$S?T1%p_7Nxc8A9JJdftVuleO8enkAV
z&Q#Hu>?@!m?9pwClbcspbPD=Ap=89x%t%_CF=NNufG%x0ckCZu-M+fajRx9NKR9o3
z*PUjcZbh8iB(ug|xh(6o3Ho$4-W9ovI6E6{KHNLY`6&!vySnq}9`E~^=YU<KkVr=f
z@I?L&4*uiT7)=CL+bGuVOt_{$$s0^V8E4kf@?$H62Y$dA%;}@n;Vh_;dZkjMWoakv
ztDpS5jyaG*y%Y>1%*L^vjrSM0<3RYK53V`Hg||x;X`(n;&lOGvcx*d?R8t_hgypMW
z{wdwMq14!t>|^nd(JFrLPK)DMdZMW}CSLMpg%M63Sv32;p2I|0R0m~k<v8PX5|fkI
zBs#J4^nZNmS%kF+ymRialNM5OzV#vqsSB9894)}EMVKX(HB<4g-w2)7#V5q(_MQDn
zKoJn_4F4VW7NGG9AJw-PbGoS+fmvo%020S4W2&^9P6?ZPnSoYj;T@WI6_L%^739(!
z>9C(<{oTKo=7RrPnzIv||MDg4g)u>NBOIUn+pJhwV@%;qE&@sh+;MDt&IS*woyRR3
z?lze(5myeAD|#vWQ$P|&TI)|;kGbdW-)_o?jAb65sAXd|YdziX)%5=k)_Uqa9N1PW
zG9KgtJ2<f_5r*A#n9Bf3f?DI${-gr80UN)}9i;<{xrNX(USvY|{B0sX^MB4bZ%%lY
z8A?O%H$3;-qg;C!9Aqs@H?l!=fShg}D28@DP%hZxmA$PAbV&g9-~-X4EyK6uroPnd
z9un?~UR!cy*_|3$;_>fI-Gk_{{7Y>+nmvy@Rh1~S-~kuxq`n7NT)fJ%N?%$DSH8S<
z>M~d(BYs1!ow~TJ#A@n*Qy2Y+*%XZv=Ic9auX?x!F7+`s0r?2L5^cqXy}AG6x~YQ9
zktLB91ggjHII##QSLHU=&r|{1JGKytA(UtjF5d=xYbQ<g%Kpnt+?cxsc-$S^dCC{w
zUtPY?{{g|SGiIA{@6^2O<_ie}YA%^4n=5aakxWhuZ`@bP)`$OJC;N7Ox(5dK6{sET
z%MbIbNWsbQ0xW)fTQQVDLBJq8BEs<zna*NFtfU9p#J`Cj*PgG(Pe={SOFtU{%?-%B
zImoqUcWN&9Z%UQErc^4_`yeAGQu`WZI~Am(H*p3oKPI^)5Zqtd<7f|p8(;7l6wf~2
zU1;foIX@wv;~SRHmf`UR3b)u2UUK#*)Y=b{g|bPC5!68*MXrI<yLOz#5g`X|J_0#u
zkX5A91QqEt$y|NG?$8Xs1>CZhwnihyt}m%SS~Dpm5x$yKcQ+`t3P9qj+33LY)_r&j
z)K5=E{x00ASn&T{mWxu+pQ^5cvS+Vmk+6&S_USgX^W}9uo#Jt~uC&DQE+22aoHoMp
z86Ay~S5y}%I@0-zVI`5yn3<fo7c?ZDE>2&wf6_aE`Zol}fh!*hGksKGqRgl_6kW-2
zQFnskt+qsfmREY&0N8Bbhi^K+Fu_WAyd$TI7~9|OMg4{uo(X3{nQ`x7ZReuLAasW(
zjde^ia1(y(i1{wb<GUAUC?Jp?*EGci3j#hQSTbp3;XE}(b~LdZ>WRC|M|!byT}s%W
zgGSg~@k>;Sb2}dK$TF?oax+{eJX*Y!U`-FZFj2p4m^r}n5vb?!Q}Q=<k-Rf-5!T_u
zYxJThDJ<`y@zt1wJ8$mtG4KM7U;WeRYmUB6-}e_J<8Y%~mva4rW^NSD5Xn$_1>cKU
zWU;JjhTJ@@Yc?oKkhgQ$FZ&`QtKrc2hn~&GZYJNJoW7J2){h_v+|$PJa1G?7rz$q1
zI>P*<eu(VmQwbn|SMh<<^awW>v2$&}r^}C)kvwZmzC#H~cqf0j_%Xo6*wf|U>FnQJ
z42ae<{~}|4fQ<PcykF6c3A6e!3e<7j>-+qbRbcQH$5E+RgZ?AH_p6mtyEALuz@$l=
z{6J{kPuw=Z_!d;wvyB;ptFlFmxHpZBcBJ)lZInFz5SW33EYmoWqjR~MbuQ6t)xxl2
zsmTFas&$22v`Z8DFHV!`?ev4R$^ETR^y4_KSCw-KxFl=ig*~E~moFRW?qg5yu^t{)
zR38)8L@o(lg(Ej3^Y9ktrI}izxW0A#H!9BiL&c=G@s$G~evs3Sv+sICRchrGdmoSP
zy$o!dmQXsMKw&5yn8D)1=<N|54_$%4-YZo~jb<2@gQr-7q*MhmHpU7}ttac5wyu_;
zaXs7ZrRt0TT6Mv)`Abclzlt}QORkC!p4+NJ7dUx(zsT_X39(Bm4436BzzMkL7n_*T
z&8`YEBVE*ex(#gH`M>_<@p!-f%i}?+NR#<iU--7eq7noZM+jKM!&uhVg}@a^g$LuG
z>HgaiESFHDql+wK*|~P4$d&nAtBIkB0r0|)2YWfiiX}x;w$AM?zCZPd(q}CIr^=VR
z3l|KZYtIG64|ejuo>Pn*gzxa&hbUeGLe0d-s1Ug+P~8#r^4Y<qcNI;h?4ISq-M*u>
zbfAoi=<B=rP4xI7LefgS{sSm|!$Yeey2nQ&pp?zY-v0yrVoyVU)9>Sf=Uq8uw4{SI
z1u-^dE)WTyShcz2jlby^IV$oE2X2L~Ba(A*#T!3&dvfY)eBAT`EO{5XRuK2Tg|ii#
z9-0k)bvSV|l57T))nGki9<o;b(!D0HOR||yKMtx|i-E$8E}I@TCtdOGB|f_trVYbu
zrDOy&^FT~RysKi+G3~*_@941e;(pnYR|K6yJKQl!z~Py=AkCItjX6qtpEeX#i#IL`
zc!ht~JwEjh^6KZWuE=O{zILk6^UcrLiz4D9?o;2n2RLqp5$(RznP3K%wKtARg(mXb
zo-Qb=cFmEQkKY&2PsG^*cH8PCBPEhWv`S=~F0Db0NebB?q_t)W%;^8mR_?fc4g`NH
zD!m?x;EL|pHNy?87V|bzrfm9az3nDmkg!&ogpy!r*2SOLU{0G1L(9i@lyj@U)k(+4
zJx}#M6@l=HT9f^O(AZDB;FW*zEjPvO5`b?FH+{wVzhoei?jFZK_XcLA#_QUEMkV|B
z%06tR@~@RWeAZ|DUJv0{mtQpy^FttP5Vdw+Ri$()UVRN|jiG&)VZUi|#|C&kxpqSG
zi>KN3%H7+A{5Lg%f&T?q|Es^a;7WP@y)MQtKOb6e6j16jL;*C%S`ebj{Bm3H80iM(
z7;^N0ogRN0f=xGwnAvAhS>1oiV4gG8P4g!zhL1s8lHqxsd?1A$mz_r>W@Uv@NZ`1_
zqj*>`&~H}SXOzLJrf<@hwE!2WMP|oLIl7c_re$6adeQq6Y%bNOTZ24=5uL7h!_z6@
z>!C)zNDs2!t%qKutksm|dKVd2a&@Q7<q5JUS1gxa7iDa_$djWG<}()}U7n*y?9Y2Z
z(sV>Rei4)@=pp2>lK-f5ij=p$=jHIP+S|=X@55K!X2L8u&?=(6B-0W4!RuNp9v{(1
zkirj{ISnS@_Nc_;k@)4hSh6<5<jTSAevI6RE2Nszc~(jRwh%y{%(_|ZV4NBjbBZB`
zUb3`4BZy4~<i0g7dK#VQjZ*STZbD^EAJ{k1sH?Da_}!|f6;PopB38tgM<;z!N+rX&
zG|@743Z|+%DsP<PlOY<}vS&97Us6bwXI#PD%5J8x7MOG02%`da8Gttj_n~C!>o(~F
z3FDGWX9-0KQkeBYfhEBr9leh)cH+#+TXq?II!&7RU;Ptcfh9dpe5>n`^7WEl(Mg<i
zzDAeTwO*A+z(f#8H2iV$F5B}5B>_NoW9lX0Q}nspX`dZ)vAcoi_dqLA4@Dfq4a}g_
z4C1P>^|BZlBL6Y#&uNUmQPzc`gu>OWTG0xDx;!I)G&a)`a<269VUX#Xad{vp_4Ms<
z>+*pEoR@jc2#5{fn8KFI--?|R;I4Q<tl)I8V!jz5wC0Qi-9#klRuj6Z>;RWLV&M9C
zx|j3NY5!|(2IGs+M(ZCsfp!}-b;Gxv45|gytEwmg=kp<D&bOQveL?<`r<Zp1*d0TA
zZyf#gv{#Um<$)hFDFl|jb$f0XYp=m--XAm~(vv?Yy!-CiM*4&+s~@OJ-mt>YeDcY|
z4!;b?Af#XII^1HE9Q>$n%3H#VB@)OUzV{r9pN<pqmIUZ|;Ng(D)AqxN`1#|NbL($1
zZ;IyAS>O9HR8xM(?~)aIj^e6=z6_LO<s91*vCW*lN{GNIu^wnEePN4G8?aBK;?M8*
z1i{WXALv)#C1+(Y)#PlLW&%9VrV5vUWdO*S`HNbu?tI_mi*Ksq&_T@2tS$J~9ob7G
zi!CPKCx?Ek8M77jeKj{z{{9S|;E?O*I*>ZJ2NYk{BNo7|J`KVlnX0?bkx<IBWq4<M
z?c}ZG?+hCA{_OvE*@8;4fArTP7NDgw1VGZbI{_U5=)NakDGr{r35p1r9y~*xG20uV
z$|u>_q`tF>O!k7)xT0I6AbfcsE`v{&Q=zgxzBhRCF7>!$Nxhid@jZH&6s$0#C()Zr
z6s7(*2{cOjSIzLu+H=fWPC9u2OOJ2(-s%bJ=0U)K@B&ux?%{xz{ZDN4G9(FcxY-A9
z@~_I;0gp!|$r<R^S<mkHYu}HTLI0D$Jn;!qq)jHW#2S3LNuyJm%V*T_hz~scLxJ3a
z$&@S$pwPAt&YRBPRUIg_uXAT6K1+!G_w>P0wAg?4Kyd%NR_>oY5bx!2)PdzcQm*O0
ziXhPB0l8KnA3aIH6cheOuC+SC9{=jB5VU+SD{jA|2)_dIdg6AEGAT9AuDC)zVh$Jj
zn%|aYmxoe(2o;R={T{FL(XxnV?XmCBr=+O!KP;+*)M%4Gf|Eb}VNvrULJMRY+%rO!
zsHtFF(tv?oylhU@tY)22gj|?-(dwsunTJJet3tm9)kl8~s@wD!*8O;FQD(5#saHPc
zm~L!sX?#$clOljA+Fa860ZyA>2Vb!_?QvV<r)EY)2H%pmT*X?1e-E!g43T!x6rD!D
zt06p#Rqc+!|C?@z+<|`-zft-I17xqn@TDn4-IvKM+J6wuDKPmT*5@zDx#Fi#YO5EF
z8;338sfZuq=8XAtUqk}nS*WW>k+#kIw@CZQO$88XpKL-&hb}DAejKIpu!Al5<uE5)
zSbKO+rdbH~6Dgjm0^5)m>w?nmdAk=^hYw5bQkUMm`b(JIgxdiGI%MB7Ona0vayNi&
zUMd#2b0p6I%4}$o%?%X;U`8qei`NaZDE7}}Vu<g%ZZdcUi*orBKriM=_C%X1+R)7B
zl1YDxM_bse;W}dZOYM?^Do`MC@U4o3rQg%fw_zTcvV4_7y?(9I8el_Z<wu-%{{^0C
z{{~NC@sO>$Q`Od%IsD6%Aq*<T%RB2w8Sg5gKpJz$8)!+5;jH1T9qXgHzENjiLVZIQ
z?;`LN?i!S8|Kw7qT)gg3`rJqC<ux>W>`@I;(B5uZ(2aCe9!Wa;m14plY-&rGAW`i8
zUWKIg^-w~l1wkW=`C^S1Px!Y%H@i<LnW=M<f%X2@m+F1twZfONW$%#3Cj~e@%h?Si
znofi9NHYktg#Py60nL{dVTztpYtYr@{-)MFJ=P-wi<CbO=vHOr0s}Ew*P77;O|FK<
z)qvk=&551Rja<pq9cv%R_-xNGJ;o<wT=P+mzvYgA0{a%SlR}w`4#qMh;rmqps=5_u
zST%HKma+%yUO}CtIDGR^?Q>FBh4W=N?Wj0MkSqLa7NX^KSd@rA))uMjsdzbpZ)+>w
zU!TBvk5W)9w8=iy<_FRrVwe#|u)^PJ^Z3L2otXn5sL))^9ciYvWP}vfaf~BN%V^f0
z%Kn36+nRLTtukj%NVlQK7v8l_Kni1=Py$h}Yt=1g@EQ_cy$xb@uIo5dWFM}fW3@X^
zX}|EtCn%rcRL1#LVixBu)`^s^T>m409dPN+Av>0NJroi#%rbq-1LOlQs=nM12Askk
z{5hGXRm%^YWdc58rr38^R?IAZrUb2b&b$gnZ|ZK>ZyDu``P6Eqgm3Mv*Y&grN-BAf
zN)Ds~E8*_yM-uk@>cEJC!>&ZDE8Ax7PoC!Po;i1JT|{9K2M(V}bwHc0&CHJke+jV1
zlf_AnIa2sjeJ4#u$xb+dQ}<g6TW{!06@--oJ%D>PEU(l`imq23@y=}xD~`4fpz6?i
z17|h1NF)Eo5sHkNH8)u9KGY=_SRQ+>{cL5r>2KogdvNMX+@&YIp$kllAq^qdN-f8+
z*gOluR|K${K(OWSGoq`dUMC{P-BlUbyG^n08>!c;8%R15_S@&I9@vUsc)Qy(5SW}t
zTO}PyN^v@K?3cbUxXB1Qk6584sqwKAM2_}1NP+<E_Mj_k5<5h2d?vfWQLv#(@MEL$
zy}35)U)JaOGMq818yWAPpO!l%h}APV{&b*x+1MR#JSQMDNj3xq+|IN5Oe7*T9Pu#4
z_jO0&dS^G%OU>1O-bsWC|H|Ouz#pj7+0A3W2`+!PrI@QHXmR*R^q#h7?ObCWcn7Mu
zbF!gATO?wyiC=&z`Z7$PZ{bbvgC9WGI|k4O{EqS0UL@NI*>C7wdYknJdf|wjdHdIz
zW-T21d+ccRAKA)ZKjf`@S1VW8hNZ1erGifU_HJn**I+W~8Ct>I6B-Q6`#g2A9uZ4-
zl*b<VlMieNhPTVFzKzAjsWic)RP*$oYU9;n)11lZB==HG){cwOc`<W&HQ_a3fH-?`
zX|H&87F#maoY6el+B{tbfx|M^LULAbdixgM^m#cBH($n3q@l^4>$7^izPxE^9~V)S
z>bEq3C`kPI&CxxRh-2vlZCAtcsu7_lzy5>Rsna~cflWexPx>DJ>rt{fK`a49R$*t*
zM!Igwg9~ACwSc}I^TGm7KgCekIhih*E8!kvWp!kyC-;3<?+ejZOSMS|W95!gK^E;`
zOTdfu)2-(Zrb=%~!G=FAU=WkB9pYh$2$S7R5o*zCPheWwqBuH=FD+OKgI=v%9+4O2
z-NGwIYzwSo-YUn<(Ll4i)0;KSOg@-~bJyIQC`VCgbW6i7l1J3H@E*09Udz4M52Eo|
z+^@TAfp_>uF(W{deAo!HfP)`lp{o(8xoMt##NG33SzFezeOmSF)7F*-p`O;m7brTY
zIAtFuTu`x|i>`q(;)bVlV^o|>b_Xa6mN38J1h<NXdWx9X#x9zfdy0z3#x2N;7iSQL
z@Z^_1Mv=Ftu6DTDlNfl^uNS^$Kg~le18QjVd%S%_Ug?tqUL``OLP-eUPH#KO^DGD@
z-Y&>0!LKh1unIJ-bWUkFr4Zx^sodE-KVBNEYHr!^ZRs#Qho4LPz_Vw#%~bZ5QoXWQ
zZ+_-Qkrm!nO2i>^{@5Ui@ov@6Xz0`*59;vw<2_Y0pn0ysI9)KtMOs2&fBG)F+(wZv
zr7HP7z1&jI2MCD5W&QWF-kL|}4vySz>~XU31qiJDMK;l_{&R8>pPerk?zrRZ1?`hL
zhL@|1v^3cbY;KQ}w(;ui<>rfU7Ii0;-|FU>oSemqQKzT!3qju|B})igqV6`Wd?S)+
z7DEi&RPC@+$>oS)hkOs?91hBdOlBvp7XNT3SSwwl15I<ZZw?XY+1D6|hdfQsZ4r}S
zEU!BQwJ6W;Q>X5KPSr)zPELN2mP5XJcEuwaJ)o20E<Vy@=qhLNq{OyqCMSxc=_pL7
zWqm2C5w5c8OlK4#{>pT7r#}woNNtsDqb7fH1i?0R!VewZII+opb{UU2N@lw}D#vgR
z@qtyhwiJpRPAmF&ABcn6cSh7f;<B@c!Gh_Xfl%Rkv|V4Hh12fQ@%6#S-1PdlXdlGE
zmxe+Xcf<mxZ4m}1?`&2XGpb&9vQOS%SDia^zS<dlw91$X>-1<a5S_3c0$Sp(PQ*Xd
zUr>N8v($F-%;GtI@?POnJb(F27$1L7IfNKbTyWkQ>bc~vbhRKb^=$Y7E1}cUs6i9w
zyCc0`4)`i&NCPWHswlRruam}`9x_+1^bbPS{F9K@H}gt9>;?7TqC!diQH*oqR{aLn
zrqn*DWie|ATy3iyiHa-aE2$uM0}L0z@$p`F@bTySe<F@W@^iU$x|$0fuUX(kWe&A*
z3UW_E#A!mcB3Di_b}<F{9yqVPn5TaK{{89=!^cVMn|ysP<`6k6H>QnheJ|oc><Q`l
zwOIn4SXO0P8s-u<j;VS4G`a#^VfPVML(%Zzk!MSC36?_i;jR2rxp`cIqQKjvD&tb4
zx&C6tWhJEh^_>(BdI<1a-oFoxW+96kk<K;jdcDWZ*q=kaY#)7tvx?t)9h#i;E(_wq
zAJ~97kL}~D)hcDuyBG~OrUCB_NUM~YbOT26I1=)90SH8p-kDwEBC=mLv(6<ibw6h0
zaV|Ki6`VSqxt(dZ`Hq~sj&Lk<sAexbPo(1VOYh-v1cevy($pM}%+T{wQ}>s0Ny0I3
z({0gBCHaYZJ<E=NwmMeXI}M}~^nB{n2DRlx)-F5i-Lw*PL$rJqs1@hk(!7Y7KwYhU
zjZzYTX36c~%Y`?amwLOhMU*<$>W!&~FVAR4tKm-vUkp#sKq%a|FZl8uvo05mb7yR8
z{@e{Lv-D>78+tPrDPIY9t!I@dCR;h)R{Tb)!By0Ge;`%8Rx4Kjaif%u*0lNd*_;n3
zXY#x^4r5W$fX;0K5mp&t5_ZunAuVkhVo1+?#8Q~b^SW$;Wv=#%F}n5Y_aM!8U?Jb>
zgjBjqdRdZW7Y_u-$sLVBlyi}b7tWlwTFCEpyrh3D`^M@U>MFN9J*nY)W!=ar!8c$I
z{#EG3pgcZ=LydOIX2URKFMJQrIpA1Eb~qM#$;59UVrdI$MR?dPDuB>lQ1_2t75cu+
zcs5ywm|!i2RwUhg`4L4KxURk;;U;_Du7}}p_<d=LY76mQ@gN*~wIyCK8OLOO3q^~q
z+TLmNesT9BpPc$^>ZUtOIc1?G!TUpVMCh}AMQjU(QLZ6*nwtd)_CrZ*T3DuFPS-r!
z#g*t7UBz0qjJEd%)N3b|eXP01!(Ndu0;)Yc0nbp=`Ktpe9NZMVJCa*8^<`1zL0nho
za~(tAYM9m;Z=7@7*2<Tm-L19xRv28@7LxX%cdyh9(U3m_D%zpwA==NF1)di!qv8&a
z2wh=0GaB+|mtPe@hLjaW<b9QwZ3-ga$1Sv}>pfaCznhsorW(J)zT#o+{1)DnG?kll
z2AYhFbZizX2tQuk(_6`!j`M#}9?yj51&6-qo_$C|!z{xYD9JRU_l^y!_NiDrtGW1|
z?QF>pdnSVg4gZ|WlGJ?T?HMofscIUBR21stMN4NCx5;&4G?&X}c|C~1W@_79(z9mA
z7PU=Fw&IiJO)aeDlpP7(ri;2t$|{cXxnYQ9tznb-C6Sj)8{yi?2eSmHM-ZWi#`0~S
zE1oPRE{-+rmjOk2R^e$?ff&6*5op^C;i!C~6=$t^js$D^?GEP$f^X9^-7iyxVAMWX
zF5t|hcPHQBnoPrdA5oaGTy~9?1uy3&>xwB<RolFpU2m;_o*7^B$e+*fLKN1uS~hr5
zztPOH7Msphn)$p{8msdO0y06oySiyw@E)u>b`o_7M^!w!{JJ%FH?qi<wXTKZ)3%;Z
zt9OXnF&dgp%U-^V+yf7i%dOPM?Cmx`+{f6wy}gKpGm=86t7*ob|G<Y?l))BfY|a<O
zs)>$fVB;Ru2={a8x~Cx;==Zw4O5;Ff4SUK<_D5t|TNZbL4>lQs%8?`n=5*^;bE9pP
z$(50y!89{?10A>a$5C5qrSX^4m9Ca#jhllZR;*UI4Xi!8LRFF*AN=|}o%M)oqi`Zz
zlnW(neWmx~%a0VZPR9wt)04j6RP6Hg&U0AOx#jw1XH9#D?P>Cv2Tc^m>sI&<hBfn7
zuVU0XK7THgTrPpPAMD(zyPk5yzml&Lx-WZb8-k6xb7N-uekGz{XEL5P>T91-U&F#K
z@1$;m3%gtkqVU$Y2bE&tYLnt&AZlHkf;Ol5GmpiIhoA35-q%sMq$X@$GG%ZI-}UZ9
zz>a5qye{#Q!Sb!(%;(Pp0%p87C^~xl$p^QuU@)rlwXe|jpEc)b!NZvYxCHq4Bd>|h
z>_kZ{TGMLVt991bxgYVrx_x#N#5I$8!*yx-bsd>*d$6?#FN&^YT5{J71vQH3k!Yi#
zZxcFZ4#v4D#^F`+vgGOIN{=bbjeZOep!Ka?*rr%ua1hJ|Z8Hr2_}q9Wqr2@z&xx+E
zRY_B6V5v?Ishe;2DWOgr*E6kq<IcyKhpHwg%2axHl#EMyala{THYjhN|8!{yodJ!V
z(mmeM0)H?%dvkJjrZrre5gV&gGm@EEu$6hT#-JF|(r?KV(3UV9u3xm5FVG?~7XkBG
zT-kEVY$rLMIL+mJAFk;p6lB3}_Tgbf=X&P6UrVVqsM@Z}61dGUe@;UWR4Mbv4zFT$
zC3Kx@9MKJZ)Ds9jmeX<|5_Ut6Fiio;xGgut47ckp2T!v4zw~Qd2;s5w$mgtgCU8j5
zL62iHx7iM@j!HCy52?mwIW=KxsT8(Jp*zS|Qd2*=o#+tH_@ZZV;Q3Q3!?6p&`N(=L
z_LyYu08R$ijCrPj%J(;hYY_Fb+LEU`#JL4QsPm1Y%x%g~#?}}%p%!Nsy;90(_q7ny
zj>Gt<22?Wn*mL)!e4qE3K8SyJ_L`@N;?(}m7K^3gJi|;sC6nisI<FY^&by>XGN;c2
zhAQxLfcs}b(lQfS+|7r<+anS-eU;cb>sJGuMxEnodJd;YY6B%d6uzYOKOEODxyhFn
z2(q+NmW`GecZRRUm&yq!(4{YT&nJ7T_25U7<A8jKjy$?&=sWw5550WpnReoQ-9#A(
ztW>s)&|?lR>(M9;i;lRVJSxV+_wKF?pbpjL;^TN3mjC8fY^-h>T;*4<o2(Nt)Gnju
zTCkxhd5%lb*j3{e1x11%YeD=EQpxDHkEoZ9mI$scDxTI@^rdBV^Pfl$qFCCXN4iZV
zmuc)7cE26=?a2VH2d{N3B7-RL@8Wv%1>II}ETZnw2u4@6vKi_<vzzIOZ&59yYJV4&
zTIu{zq(~a3>W62)aZ|q={A0srZLrn3z)kW_%YE1kzwASNeEhdzR5<jPv)dHvbzV<A
zCR{bl69kiCW&>i}*T6as04t?fs`pTbPaS2l)XFBFhcS9}z^WeubalQ*Ts@m}_`QiA
zY2|wE#pV=)<ARp~7q@!AcsgDEf_1YmL70%D5C0(&TJ2Hsd+0@W%(c2T^YTg7ETb<(
z#RoC1^EfBg=T(mnw5h&N)7s3Iovtq_`uH*n>_kgwMiD`^uqN{3ljE60S91n9W2{xn
zb3h->TU)&<l9msi?uc7oGLyYd>pn5Tdai)Ao#)9Y%$HkM{lfmU1qbj6*@X67UVVyz
zUee7Z@DFTI-XDW-usNJ=g+YB4qK-ice$Sxd!uk0XmpB>HOB>e5B)Y3Rc#{KaB4*RU
z`eiruGV1r%&Sz6)2h_wa-yJwLdzH+l0S$fUTOb<8BmRsLiJTeberCfioAXC}1+`gj
zz{l!PvBcxNcOzpIOo4|kc1{!#c!wN9OB^~UP&;XdL+(dU7{mGD1KGS;h_md+A=Q8Y
z;d+?0&?EWP4y9HQx9b8=o!qb&zQA2R1uNWd-jP(q<Y+})Z#%)eJdmRtm%ioWJ@#{A
zxSnp|Byc4sE_eC<$T`WRB3iHzfL0}r=-<%FjJu*^u*Z}SuDqH2k~8*D2Y6{IvEJ=Q
z*~PPr&M7{R2B&ikz-}9wJS;kdHJSE`MiKcgG4FrQ9tP;E?6FD?&NPIXUsxxMp3*Av
zP!V=RD7Mu#lG8E(CRO^sBi7!(i4~2rYEqQ9b35zZ{=bR!Kt=uo#)ma`bD9&^aBEeK
zk6?&R-kJDhFJ{jLT!kyynXS*=NDNAp$DRHzF`SRt=kUr0dl2r0aM2JSNNPyWf`^v*
zSn%Wq&F4Q$$hV&x-U2@Mt9*v$4vh_1;s)039zTYc%q2)%I-}DVlsMoNk1pxEzijNQ
z%xvSHlC+4GOuhv0<&3Sn5>}{N-k129-m=b&!ibnvBGvyW)^nS0Uhn<M&P7uA+@sE;
z{``OpkRQ-{YZnAUbS+**9>S-HVX*i+XYQ%2$?z$+%@aHCCX1W{Q4iBVgXG&36XdfZ
z(;`765O;g;(J%x)$g=`va+BXU*+3h!pLsSMmeI6le|%3oS)E4YTXEMA6vSEU`1+vv
z%0B4*dq&ZNerYpbW>>=C!Evv*v%vW)F{qbPvAM6?!!hZ^Z3^l7Mia}ohsbq(Lc6mn
zJ#2m{^JNsGpJg}$Gri^fIWbttNG#UW>G17T+{*j(>a!~+ld?=hwa{~T2u-_zB0|C2
z!l(5I*F7pp)y=)~Igf*^8Xp9Fso^aPjM&nLRr{zIYU?Sb4}rg|E@AF^h5q_2E)VkP
zRwcD(VNVDFiwpOAc6AV>2B8)y{`O`nES+RfsGny4c4|^%Ptk!Kgt6>fU~%XAcCpM$
zCxQ#7?FHS4+xhP-e&m^A2ii)ElkAmuHcF2&*J$+fTMUpCqn58F360k7JBjp`(9M#l
z8cCN&9YJ->eAQ<xMP=FAb-#$DL4N3aSDxddV+_6v&T_@qo9xlfCinHWGhSPp_AN%-
z%NySn6l;)iYEIwNu&e$uvbG2JE~I;BRu&wWSq_LImvA(ITzhQDs9iOGq@!rn1VViU
zD+r=oPCSbUSr_)oU6PX}KqrB@l&ZF6!yr<^CZZ$w-pmMRnKnlJhlQ*3VoIJ=u4h{{
zT)EO<L&JU#VQFb;XSD&NX9_%%#$moh8=H8Rdrs)?iU)@o*p%}Y^OSc?CMWvaGKg3C
z$|He9$;raJ4qTGk>!)vG>sy+~`28C=KYA^B=Zp=#(Aw%9FD3ZGJL_NNc4TiNXliJH
zMPSD>TdrU2gDna*7aiJq)PJ=s)9iZB)o}Xq+)5(Z)L^K*7FAPuluXbJ10yD#;`Wp(
z8J4M+(H=;7iFT+dU~zxR8CzI<@08!QQ5?Ea`zA_NF3TI<B~p^O=B<hSS@{z&PCkJv
zT&*Xw<~>+@?BJ^pA|Uqyw&ZGuDLc-WFuC5ddAXr>0z0CU86hPqxoBzqZmcD^U2fk|
zk6Jz<rf;{nG@3JYAia77TZ!=A+Z1;OE}#aTcxTDENt3(f-KntFPKHJ{g*2|=#}hWW
zSI&bz_V+-kJrys+1A#lV$I5Xe=k#7T`MQ<s?ERkecBd~@ni->aC||d)O$<&1TW`1B
z6?006haXmnOAH7T52qz{$E-&8J8j!>r6#gt6{PXEY8qdD8<v}l!ya3eMK!z-YDKj+
zWNV)aVM-4Por(ez*-<KH*_Fetikfp7kM653AH3a}Z1t%-o<)f&FC^M3C0Lk2?F)|=
zB=SNYhGre$OgUpXg!ShHW3whccn00FrIOk@i128Vtg|X?Y5hrFjndA4<-cHmwy`5_
zD#id41F0J?Vp<>N+GA2<nDbO0ot?S=$Rypu2%G##x+&Z$o=imxJohC>k2c9#w59@_
zSte<;EMv1M_CvK%6?ZJ+!+Z;oY-D*?9n`#co#L~z*@Ev!Tvu}f6vn5v65Ub(4JSLJ
z>y>?T9SXdiWM;9ETn&C)T?5KXZXC~QMQCj-dy&lfj&6R_+>pySP-8Ps+(X<SJ%8MG
zmj``9s0=(KZ!&M2t{dj+ZM<gjTHODsvA<Hu=~$12<@4ELP@j0|I6rCEP`He|=k<xO
z4x9*=u_tRR{|3zRzW|fiW9{va@XUFO3bbZGWX7Q}iBHE}Ojgu2m0K$Cypd^WEdkN0
zY1QS=<^kwp<;8+JR+&F$comCltjk>E2hKoo?M$jA`mQf(Ty_(WLvIg`Uo;;aJg%Y!
z#|PmK(eQsZ51G9+cB1mh@riImdwQ&2br;v9nRnk*{Fu+!p}TK3YW(b=x|+$2M54<B
zPGqS&R<<kUkP-9ddG-)^!>y~vsisGy#anR=79!NDB<<6Z9m&xI)+VuL-midyBLgEJ
z46o<w`3Fa{zNAMf6!~J2qXw%0+2|NbrWS);Xq{<S4iv}F89!6MiX@xXz!K_|iK7Sp
zehsv$?O8bIk5R`GQ~3#bS9Ed%nufrXC|qPP)F%oVrps+UZM}Z##oJ1Ysb6D~D=_Tk
z6>Nk8P>V8-#LHhl?NDRh_;l-&orU>RDp?8h$5$t6154yKsW=>+{aY8wpIp?Ty(ejM
zp9D(-$>ne<Ln$ax|3Q`e%Sfse3~YXX`Z<b2gGnrtJ>w`!1YX~93NYgez>JmG%-Hfj
zFym_Qu$WI7aB)LYW8D8tjZXg|HL7v`gL6#3Uv#$zx53%fS1(>C`erHT++&ESqH`V&
z(uTSO(zM1fT%v|9XWhxOlFJ*0=PoqBHiF~Vl@E$Pi_|qwRKs+Z&E0QJjt|08QjhdC
z@V?#PSZn2Qy)*MF_QTyhBMCGY`60Nme8!q>roBCw%&!xho}geW?cIkuKi)Fipk^^6
zL`Q?qR{;#!yAJ}JbppMYVOKbf`smnLFES6$Q8HpTuS9zip;tsqqr3{j#GX6F8UhHd
zkmiVj)3~0*_7mckEz;AAa52PKPv#C>dGY#I;dq6w4npYAl5KaZLA(~>kuev~clH{{
zAcpu~Ao7R$&>xFxIXuVT&=IFOElUBtZtS-(I?(faZ(cks%b^K0;g;RGnoeK!^Vc=~
zJdB7yaNB|0OvR)ok7#dfBOZB;H3>zuc4C|;9_$+WLC8ks&J8)XZKZ2o&Vi5WQccA=
z+)1ynL1iUlHUM$0mQA()cpc;Um`uhlfT41|xFZ2ZtnzUP{AHsR36D=#JM=&Zt_R{`
z^#Qt#XY<AFKbqgRKLGeJHkwDFvUkUbx?0tE2%IGLAl=`@$-Jx;B%Mv!za_eIiqte&
z%+>EJ0ynZV+Fzok>~Wgwqu$=~pR1NR3r?IVy6R$#kEAo~6+QY4LKqWkzf=$icu$<)
zpNmfmWxyEH=c%3cAp4l}u^Xx7I!n3t1Rb2AJO6xR<K%^uyB3-Mk~On`w*94bX47;T
zMI-gi_XU^@z>q=tIW%J6R4lMc1S$zfSG)V@P0ztwUi;aShdHj1O9OdL<O5IFNxXd<
zW?MK@%-CxQ!#w98X(M<?ZJVT4tZ!3TMfr{(GAftRgJjNS5*Pd#QDTlQf|#QZa?BJm
zxj>l$)veRw^J942=5`DPt?4$9$zyMCtIEr+KVm07F}I=lvsDQ6K>c<%$~zK%dm)X5
zXT9D5PNOTg>334UR2Zq`g;&hL$~k&=A$4Rur}^g1%!c1nvgQ+PZ|GLs;ORVSnly9v
zA#MJABh`+*3wk<GmVES%#O44&!MKfg-{5eseE9NM=){Y^Wxjgk+}-zIkeD#}?xgRy
zch2P+62mX{uq|}WQY#_OXRru^B?b+eAPmp=DP06dH(w+hdl~2q_<Iqt`z99*i01}K
zAob0Fg4Ah4gYF`8g!3{z9>$>2ZqE`I&BD_wXp!CXWtq>pAi9>=Q$>mcT=pE!u+-Yu
zb7HQfmK-O_jiN^c1)|k=Q>!Q|xv#FA0NS7@Os2>LHP^59^7u*%hP9+W+<Cf4Qg*DJ
zby9hiewM&6=B|M#)zvyN;zX&H!bkyL%=0g=&;yyjZ6WswD4R6qa&f#J@GmO~IK)3{
z3%vI1JWvD;s(<DaSnI#nEvpaQL;T_+0AUG*<v>n5lf{TNoC&A)rsm5ptr=Sc3dPT#
zv1#dMYf4Qy<B-|h=3s~$cwS|DfGTqg6)2C=%wx<=o^T!`NJG0V);cy@*Z0`W$=&AC
z{joqnD(~b)4K!+Ge3$hh)t4}iF`>1C6mU(sn#j=EH?fv)TP%~dd-KaSJ4eTvCM{`R
z2(GMvuiI6|Zsv}QPcml^Zs8K62RZ^1y1I(VRV#|3w*HlOz)_rq+-JKbd92PkuX(B5
zm{wtsnj90oa$M#|%@@Mjf|h({Sray93PBmIEeQv1$kY0~3kN+{+L@|$UDkhWaOF0a
ztR`2Mq8W~lPg{|h5Q+nUS7uTx_l`a~<}{vgwRAB;u_<vDeC-J)>k^^#kNN4J+o##b
zVZZ3N7Hw$Ml&Uuuel}qTw`F~|-OqBfH^Tg~#->*Fqb!EBqXD&U9^*~rEuPJms<VSp
zKd#}5qc9D0&t_MGu;Wuelzi|rnrdHue*&fFWWxpY`OA*YJ>W4NyW4tgG2bx$mMx+A
zzFAx){aC|*DvR)&<`Z1I)=lvifl1OH`iRLs=Yb<Vzs5YPId(bh-Yd>e#E{wc1b&aO
z#k$Mwfu8`dZ9|Is8+^oD3T%#m;TaFVQ5}?DyKcvEiC5isXTTt`)fmigVY+La08m@i
zLV5$gFJ@8QtXZ#BvPIed5AhNoEsPvThMSvWD?GKIQJu@{voW24+X5@!bEAe2rO)^~
zUcMXl@_w{nH*AZ>9r1y1ROdUTlWyd^GPj0VtX~)Q{im8!Vq84md2?^2U$i^`v;DlH
zVcpP+o`YwvFk5bGw#OV;V)N5_%u>|qgWilUsK*JG=VN0|%H61Qz6IG%L!|+KwU^I-
zB;ihFh@;Fbp;gZI@}t2TW<pQdav5Ge%hqatNyICJkt<iU6Phz;v&S&LpKU=mE>jcF
zt-jw6K__DNe{u6%?^oB=1y1q?C11GQWc20vm#9&CaRNbKqQ1nIhu&%LsFUGvIPTTa
zE11#2i>q5t)>X|hkh3B4%sFY=HTHWj*h17ukG#V77kYFb^Q0kWJohBC8u1gH#=IeS
z(FM5+?GgsF0I&BoLmniMb>}KRjHL^`X%?5PA*ou9ZAyDXf$r;tnVG|j`EG^^Mph5*
znS9QQ2}igMLxgJ`m041lK}xw8p+<dKq~jnZ#awq^i*DElU1zkQU88=gffc{kVC;Z0
zV7T1Zuw=elw$M?>tm9)=oP*=CWv1sqnVDv|m+{hL0^4nLbI&FriQU^06Ra0nAn{EL
zn7Lf3qd<WZuLVCA`JS*@7}|dnss@J}?MiORIA+48rtRf!waYNkiSA;Z{=v5sr_LE|
z|KMBbZ)Mzekou%XiBqRCKWSE(HZ=L`o%K9UOVcJwy3h=+KE3ySub!qGvd_ESSG2ul
z#;oI#Q1N1NBpFt%;HXdc$vKWQS{`^%UGIq@AF!7{Ru>t4oe-)J!pO%Fp*B=H9%mAd
ztpyRY!>F$E0DZ1RS%~n+ZxxR48>VFPKq`)XSt5LFGAI71>DD0sNA!dM?-EC)Nz-x(
zgdfo#^aPG4**%s;S57ERZz7|_3{Alpp1`5psQ?uwR%sNgYV7Ku1ft?7#Z0)|{%dkh
z7MY%e&8VE#y<=yws`6hr(PVJVg`kG6z&fQPi}%JrGFF<sGkP9f!JOF6rpda=7kYo*
zcVo4<gFP`Ogg1}S^E?o*zFk3AQ*ge0x>dDmosJeOF$lY$KF`9Fr6@Xh9-IlvA(}nf
zlT{ElBZ82sB<8R^2y6XP+o7hgX^I|m35lYf6Rl~GLZnA>@hms-Tx~M4%gHzTCUIoy
z2?yYj@|&zlc|H$;X5OG)_>R&Tp4mP+Ig|=od$tpB&s!8)V;?C6h)&s$D+Ak?<pN?(
zI-}KaNkF&OjJLTA*4TNSTYUQ|R$U0R+$zzO%WkqBD(Af<n-$|QZ6iR)Wv{6Ybb77b
zpbgbs6$m++IEtArB`DctZ9mc4I*HX8(=D>|neQ;P--BRQJ<nRU!(%kj40CoFs$V0m
zg^dvu>_p!*I+jbfk2h*&IMM~C;TpN~FG_YO0wGGq^7*_*;lO^c;0N#XlZcp|lY_|5
zo+N<Q*(e5C0E3V^U|w<qbVuwBwLil5Sb~dmv-H7Osokv5B&PuPo9=@XcZRw>yR#@-
zYf8{f1Z)T$RBs;nlc}F?+v(1a!!9539>{{otH{G?@$kg0ag+H~%C|0^h6uut)YgM=
z^n2rWFSIUb3_7VRC2P=XkmrmiotDVevI}@)EdoP^e9h>IWMGAooYBnnq`N}CyO&au
zYhF@u_l`5{it#?y%mBWu#fn^J_klht?s6r#Vjyuw?Soqun<@6Y%z3MpHQ9~0-VKQU
zKFd`@m3lcaV9S0Le;H|W_KBe6^w==<B{0WSqwMvRurPbT*jM>wK@?4<?9SD@88;u#
z8Gis9@kjKQZ=)0Hn=?&qQ&@r7pT_o9hA`f@QNQT!ToDlL$57_H<W13VSa$gibtXOG
z^?Nfm!9(|7bwauNK568q8n_z@R4B#$`VNzm40sj>zL<d-_wA1DJ+gU>K5v5(cnTNu
ztD?21HDEWZ`>o>~DhcPY>BwUPXq<v1IGaX&!idFj>iq&-qO>sKDY9;M+1VWGpm58A
zI#*SU7tYV-YkLlWLA7@sLu~KR^{)*D&taj{#eVvQN0iq0+t!$$MH{uhfRB|-2nQ#L
z11RS3td2Sn{|?8`No`k?7;HX}CwXxS%IOEfl_}UINjUfrpZfY|tuOFz1xO}86XRha
zRY0?%YU@>uGCAXFX3jPC9@AXB_X;?dBSY$K60&RB#UZ**8MO?@p`VkJ6(6x&4Cj{_
zajPWf=uvD5icj-@nw<G=<!-?@xHRKBG!*F-#X*PFWr%p_X*c0EH(LRopKD=wQyfIy
z>go;s_$>>E@9OI9<+*9^#uz$)S<=$g1C+fu3Np4xv`|AATkjlMMc*zPVe#%Bp2R45
zp;boB0?gzA;F$IwsCH|ecPH@?9^5wByKjWJbQ>nsTxIlEx}6e}JV=e#SRK3Z|Mhj9
zVNGSx79s>;K!gDWq$m-j3q-m!rARY$1Vms60g)yhLN!tp3<?;G^dM3N>AlHFODHOW
z6b0!JLJu(1cN6Bl`S;F`d|%GV`R+aY?zPW8d#xljStYFrI<UcDKYIZlbQ<Z`OnlN}
zgL`@!{C*$F{cjbq>{aL!O~$HzobOiW>@jk8;#NH5a=h}fyLLt^+v14IP8nu4@eK9W
ze2v-8U4|wELWDChNndhV#5XD+T#DplXNQ3X4qABCMb<G|oea9SN40+;Y7Vi6Kn=#(
zXHB;u=Kg3sAA<la(>|n&!H`I-ZnC7WL~9(3pVZ}nmK^<dEOI^4`0kH*JZeJ&o1!~i
zJW#0l5VXL$=0tHNoRWJ09cn>J*kCJ@1Zue%D({sSqGS0H5cfpW`J0xG3Pz!zXA00|
zKnnaTkPb@kPrlHit%QlC$CZ!iZuDB}a?cLq>mqII*lRg%TmsZhIXNIa`L-E1PYJ<s
zXv0Ok^B)6*WyR}(<pA^@eacdOf3BPbE0h>u=Jl|@JCG|rpC&NNdZ)x$YKZ>jA0pNr
zGXXJ%>HF}r081A%$aHmQG|{EVel!w3Vd`BylH$ZEwq7GeTa9_V<b*AwAr!s`C2qf%
zeje_cWIDlg<LQd}^5IwZt-}wdKLxIP{H=2Illd&g6<zO&7s;AH#TTVc43z_Aq|bB6
z)+IpWULL!fUic?tzwz=>Zvw4H%%CSrNiLeK$vGsfUF{^A`H<hJnAPEKa3V~`;IV&<
z{N^6Myoq0N|Cw4i_7}t<GTnPAGeRkIj36pT0jjHK8WbpYoKGT*Id+Te`o6gLkeTLB
z3@2}=)QtbC>8EVA>suZCJ*H2xwXACEPvD3m-bU7Lzl(@}Rz9JbLKk=(go^AyHqdb)
z(y(bAA(eUk+fxhlroCt*$>?ql+sxhzwebB0cRua$$K-pp+V-slTR=P=3u@qL_L?nb
zg;0S1h46nR24XDLzqHJmpL^f<S1$9H^c`xa`BN@tfX4+I=M^yO^mE#Al+!QJOxPN_
zo@n|qMMj^@FfcF5oerm{LAg@&n)rN6dQ9t-77?+tH={#>hh#Jxxb~*ZtdN7gx9IQN
zTZ2$GNB6-^)Hx}z`J1SdoxmV-;mww+bG8ZJlcH4OkG$_PKQN3bC+2ugIsAckmmawz
zy$2fpz2z}C|6D?Eee{WNLZh&}LK)INOb)$c#j#X<jq0(t&Wipid3ySpJg?SLWVOWJ
z2e%~V#4G06meklST#c(3Q~z9+TqdVf>9vGtNyjQh49osHp0TA?+fN{f`Rg7Xdj-Xy
zwWcX%x;ftKJhXdw*dnLYD)BnL)VJX@@QN7y4g*tyk|Re(mYxP2QKGEi^><>bO+sGa
zfMit=s3G@Yf6#lvjbW$Ni^0QEm=JQ*vyXQ*%;l)|9G~eVwv3zQjO^u&Mc9-cNA8rm
zRn3X~u_(8$DS(z&a0q<y;L4Diy&`jy?`6eHu5{1IJLKfgy*8&$BTxJnjjUDdm(hiD
z=;azYhgfmnvnz^wL9%Uyw(m2?BMcbgj}3odE?Q2%D!rl`AcOpUka!JSKS9xX+)5>k
zQE-fXjc<ZYO8<JDJ&??Kliaf6o1vny-Mc}i7*P;6%?ah={TvO{X-8O%oLybHwC&SP
z3B|SRk~#pY`P`Qxi6B6Y)0vlEUpvR5LL8P48n!^YISYUI-0hAyf1Za*?awjq_uFX!
zgh*4C;Gd!gsqQP4meMxxGlu}d26&KXGy_UU{v+r^Vj)f5zaaILeUSsJR(RJ7w{`=F
zWzHbmRBs#no{&ni!nk`dPT3jp#dX&%StN;*_cJ<U)pXD-i}}izKyFr>s7<wl@=E(`
zzL%c=VLA@@fw=Z5=>Wa?{^b$GwgB&~Mkldov$DVg==~hH2IdRlV4ZV9^02`P&|<Q3
z_nFlySRwWG`e@xJP{bcpB70?txInnWgKu{;EM5r9KR&m5@g6!~o`IZU*c?H%mS8-D
zi&r0W`B)29>;OX=qkpz~eG=2nQWAY+=(3EG^m;QYK_plFJ>WhHd8if?#PLkZSEU}G
z5Ujg=g8^SYpkAa3c8cVRu$1OsJBHyl{NzHujjB^j#P$lM1W?Nh<lCng5(965UjkVN
z&~QrBIuyl@Y_h#tt$TH5>XiK-hiu1vRVTK_#mROM{uiqMFQN;)+o#A@9}g#5e;0+H
zB3}!d4|FEgZj?EDP4|>qtrtGfJ_R^5H`^JPc(Qx)skLmeL)}jmHHlt&eL80D9g^9e
zIyhX-*D?wgf6&qDwU<@UJ}NP;`VPK59qVehYwv208=<Vr#68{RWn6_EG`T<V=u+mv
zic#n#;9pzHALI&vTH9LXTVHgMAvKj5BzKp_Xy64YQw8O^igV|@2@N9mLW4GuQxU2=
zY!4*9iBs?>A_>U)L~QB%n8WuYPA(n)J_!!rpjxR4$clhzes0eqxR5L-{TipmG1pE?
zm-yoYhEqtHJOJJ^Qf2^TF5iD)&xr;L@Xh}P$v52p<yfbI;Q8PR6PRIbI{x#FqLT!r
zP%`4;!GlWc-00&z@|IGBMnTh7r)$C$#}iigx-PC65p`*CX!Wjzz=LL$ecwDxvss8F
z)g&8YuF`L0HC}3XlkCjHs?Vo+7R?n0b6KlIu@y^lUscAWgKwMdb(VXaJbp{->@(RC
zDd^vrj;t_}JSORq)T7^wbonz!jr50|d&q}MR?cj95-JE2&9NdhX<wI=R<k0GcO>e8
zbha2!N_#W3luN$qlIUSBN?XfF79rk`9J6UI3g92EDkihPENG1oqs2K{SK6uO%S36<
zS60eb1OnnK&==Eek58|#DN|GDbTXl5o>LEpfuGnUw5!ip#BSHTa8~ObD{1RU2{~c=
z>%IUZ9WunA{Fkd$SFB!oAh<+FBbcGqzPfhf8#AhYJbx8L$}9MqxW?%;se-ciCoOMh
zQC-Q`Se7fLB#!QSzmIYtqMLxZ=izdJSYl@y)L7k@>9ibUORw3paId`^tH*q!ziZiO
z{x%*r$2h>!;LN0e7Ba3K`4g}I(9!3_WK=bfyNK>l&(R1byXYYgB!8R8kT3m}MDP<b
zK5%2~ylaRZtu6@2VmB{x@K|{s7Am@1RxgYEP^iz>Jff?<`X(QB+dq^q4^Tf~o4}A*
zVGEktwq5?ZC1R>9L?yai-e1l3FbY1jkq;20F^dCUO#8l&tO4SO%`p|OML?i5CQ*?~
zT~lSc_}e56(&4jU#7_6?j7>z#y9rMo)t*b6LnO;*negIX^EO9Smv2{mcWW(-tKL~3
z2VnGz94boboST=ylR+5LzszR8AX9ygSB6f81)}JJ7lIg44B7gQHC8zI6*-LC8U28^
zpwEqo5>3EHjL!aOAnz9hly%GM4;*tsDr5iIsU~jIeLB}d^qrR~HF%E?k+5#7PG0^o
z6b^<*b4yq{n%X0wm!D@~{mzDZr4-D-YQv0juT>U4jR=RhCy}Hy?2?(@%x&d9uzi30
zu*77%=Y|S3ZM!jEzgCx~Uw)j>&;MO`h^2fUAF3B=^<3y@pp2lxxCu$r$Z7UzNO;D?
zI?TcFiS`WQW&$>N6G5-r@ZLOIY4YMzMad;U_@sPa2Rma72n|EeG&EeOE?p>!6tx~M
zd@`BAZuroIWFuRd2P!vrPH8zJI`pM7vT%fk4ZeF~R_vAYMZxTez)!@R&bHkx-u8RO
zAJa8R+}{ylI-#@8RUl+Ou$I<lw=%f=_XPuW`KMvwPOoSt*rf5~uMyN3(5JoH=w&6)
z#9q=;c(ATFj}P=M$sB(NH83H)niamUTC3oQxd`?gfWtH2&gb-UZudO;iLEl!!#XC?
z@%JR@=afb>8FwYH-?A2tw924;WZu{_>h*EwKqV^I2D}>KZ9|ViYY0V85p(@u)1f|*
z{JN8bt1xMd;JtG~b1mNBa+{%zE;j|dd@|NRymIMg%f|sPI_MoM+Bzm>WQhl!?31EQ
zJ+}49ITmu&wk7HML!_`A+;B*ds!(ty*<M%Uvce8KM}z0O5K-=hP#M_eeR|ls?3Jh=
z!97J`oaeRbz<>pp?{(G`XB#N!)*#LGb_iymG@lcGQybz%pRm~@lN0M{-t4aKdF4p~
ze~EI?uD4FWPJL3_Zm0O(o=0f_1W;;N=rVe5DtDdT!EtFez;lHv3u+!EC^p#X>n=?C
zqNb=@`)AJUTsOcsOrm0(q**FcOkA>YW7QR$&muJ~%r&OPtcEnBLrQ<94#E-5AX%8(
zC5wSVk6NS7{#mZBg=H%RHkI?xgKMBiep$L%1p%BvEG=?#{qVf8*4=%c0Wt%SIO)<C
zRgXsjUur;=c1OxM^=v6HR6VYVb#}PT@KWzPtL*X~WB`Wt;yDw0h#gAj_C9%YB}<(W
z+;R01<<q~f<s<K^dm-{#t{a_Op1y`^yd#=1zmnw~=XP;k1A0bB*!a~7KIf^80<E7!
z8}9ae9NL+bCt?<rK_}niv8V~_O+PxmNg%xC)9QARo2R*)dBo&2Ib0utR@DQu$yDC%
zq!C{J!A!e=Y53V1aqvTH`<SF@&oO#TrN{JmMy@T6sZ2hCA&Yidk88RIV1yY~kHjEW
zvo-ap>QBKeS0mTny4=L<`glig9Z|RYx5%XSDZ`{o!Q7%r3X{8HjEHOHB6lrcQ%)3d
zi0GGqK2CB>c0j%702wU7_>MPT{oWsx2+!7cu2K+q6!tRjWd|YJQZ1-)yh~ROb%?D`
qyAt<r^&pNZeo291A3+@M%wa@NA|EfPAclhmXnNXrwMuU}Joz7?FxDUd

literal 0
HcmV?d00001

diff --git a/priv/.BUILD_images/yarn_start.png b/priv/.BUILD_images/yarn_start.png
new file mode 100644
index 0000000000000000000000000000000000000000..e712996561e0157752330837ca71c18047d1f8d8
GIT binary patch
literal 43776
zcmZ_02RNH=`v%<BDm8wns;#Bes=Y_rqN-MHT7)9@s@fq%TWzVmXYIXf?<%QXd(YS_
zh=?G`7y5hO_kSGU_dN%PL*((?<GRo5ywB^r^W~+c3I!P>*|lreC{&*->0G-;5OeL?
z^)EMx@vqR!+nC~iTzA(|d3vpEka-LL3!%*ujVITxRYu&pupq+!PU`yH*!|iy%FfI0
z>rj^ht83Sa;#8HM=y{v%Vf<Y6t<wQ#Z7=~%)u(A?I$@b@<f`oyS@9Gk3?<J#d|KK0
zm8ZPj$7YKBn4MZn^~1ZOviMN)hqdejT>&6Z<)N%hdsNxB?wa0=^UM#DCohv28KwWk
z_da+^!^I(dU*G*J=fposM}7)BJ`)~rkJ-9iPIy8Mr(b!C^HAgNMm1o_*I<0kx|nz|
z0Le;TIOuY)(bU>ePgSm{7~CxUc`$)wxMG{vL5%w9(vR=`Ji%Djz4${f6IOP8mxZtM
z0a*M?Am`OzwR4M7KRb2Q7`bN7FgOFv7r5_VURhr|kJ<j-pWAI7{rT$BDK0VBky)wS
zPZ~pMczPzIZb^I|BqBJqD)*75*~KvW(Sw7_`}<zF?;l>jK(9SP@P^bQ1&>brkw*{Q
zO$wI}`PSz%VS*WNSTcMS8hQngCmXM^t?p9mcONEGdk4_spGQGpO~J)MK%TE+=)Slb
zVhEcv1;SG02X&u#e99u$H9YuYvoO75$Gd%EQ^mVF46~k1bF=@Q4w*aR;N)jplv(AM
z#YwEP+$=zDf%kaDN{U2W$Xl2UOl?>Ut0g~`#}Jyxu=BXNiV&{FSe@U>4_|J2WT_tN
z2S+UG{SkhwgulA<?<J|~`#|(~Gf%Rg#C|GvgFZvH5{iw?78j<@bh7Y`+2k246Jxf5
z()=zQ+RF$b-V_yB2Q83ZP^g*|>U&wFV7)5~qZW9Nw05PN0A?nJsQu(13~FJiw;k?_
zi24rZjJ!DgC7$T?&2T5APim9GyY&4rP3u{bYy_Afu-p?u;MhzI>)%<<!s)skl=PMj
zUl?2E@@4Rf?dqR9!^f3n1$DNVmD(C}=6(%UUrx+3BJRZ4k}yKR!n!NAKX!0p3U(4M
zZmg(s>g|`#)|SV+%lrAQf+dNlpJ2A-c8#%o{en;-@5_!l(~g94{mjF|$Nc;nh}1Qx
zH9cm)_Q8~U{Guye_W<*+hI!E0AfJ@iREnxj+)0M%N9-bSc)F$j&{*%|Ya%~P{yZ|&
zq;<KE|Is)5qPzTTh%-9b-!FGiz2bKfGuHX!gDu|1L{gJo$5{@&f+8GXqO_gy6aHRG
zCD;UD{Ip%>7h4;3zZ(a1gI>*gMr~6{&Q`vN>rjs7mSDyKOt%f*7fYO+>02ke2x{($
zD8EqJYxC~dQ7h|rJ4I_;&DBO|H|HPO)AM4FlimcDm>0>C2(E!O;=@Yadtt0Dl9e%z
z(|74ArZS8Vvdk_Fc?%jFjIk#YNWBhQnEqY&r$jd=@=bs(U<P1GefPi{vO*I<7NzWY
zbpwiy{uz2T`6S7mhWL*6Q+e?|My17MAORM`KjpZ$J&i09aOgLxuTJZCjau*19Y!qs
zfM2MwN1puV&1hL%y4CYzy8OW{pGoT)XM1Uuqfe9)(B&$g^9w$hH0m2o9o7!IC@dan
ztp77&@$Q7BU6~?GozAuIFguSWTl1Uj82IbFx@ZYl=?EtJI&;8ilo|L$lih&@AN`dm
zW{C{dDqI#Ac{Djer8#(3c<;0`r0xRbqL;rG+C}yG3qBrxuayfAHWOFxalNI`FM8@^
zWxbGd<V)eKa6vJsYAx>!&Uuo0-f{-c){|;`)<&3OV66}~xJy_az45BN;4yM0HSXQ)
zfIvFgW>B$PHKDHbgw_P?mi`@z)}f;JeLWuvmeAUTQcP|zio%z(ar*_JaN|D74l@HT
ziTt^>;3VGqn&hh9qqPM+()50*K6V*}mYLF$4RX**vUYFl56Invudi{(FsS^aBz+HX
z(qw!EOp=;(N&b3WYy!I4`)99;nlJbcFd4>|!t&cU*wvre)FJ%v!?~bl|3=FicPV2e
zEac%OM)9&j_J+NvR`lyJK@B0=A}+>p4#?>wu4+0-g?PP{aT_hYt#yd>M!s=UT9Tn<
zs-SJG9VV$6tQx;&S$Ha=@$@6_Eq(3%y5z^(VYdR-DZF9b4h!d8ObRWr)zWVU*IuKt
zd~T%OZ0J*w1~ZVPQHIN*@?>swC@FM=i5Y&9yeY9V0T}k4-_=VfXWZ>C^1}QKU%V^x
z+wgibnQuu+a{uezz8GV^uN6lO_B`R`&7AWPYEJW-SF%&18`H4~mkakRw=wU1n-~p!
z>R9#gcRDnZ3en&}?4)jHT>Imo7r^)I#&u8TE~@8}gyHg^(UFh$zgr;{`l&yh$~0)h
z#v6~zUp`4;V3AcYPqoUwkreZLjpX_0lH<KKj&l`^dv#qf2VctWJiy+Rh6uY{vU?D0
zxHc#Gq+xP#jmgEDLBC?h?&of-JM|5AzTXKY$yO5M;L^M-z8uxuG-JMSu{F`Ll@l#q
z<r#=3v7W}H_lg5??B$|U<Tn<w^SGIPgHFqavymsS=Y7{V$?myVaoM_zbbn5hUnjq)
zJ1g-M%+0HIZV-{xzl-{wj5_Q4BC0xZhTiA9ka1(rhYu0%3!%WEFHGe(>IQ*@Un?YE
zhQA7^0GAGd3{MpMREQcW_}&W!ta<w0XW2iNoh_FoJPN1kyB6ZvPV2#DJ9h?k&L~+l
zw}S`n9N_NWhXQ?1<lCf0k}FX?XXpqmk5qO2bCopuJ9cFz{giKMSb=D@M%?}0A(agH
zWgo<TL=(jn9Zggi0tSCN=YixwKO4LrIX8QD7C9g}c=~PT`hT*wZpV`4JA<ZtcEl%|
zb42O5g>>jPBiya$!%9G|_BT&{75Z(D1&=d)rrj-kQKBzRCDw(|vrju`u|6HwPh|Q1
zN;yLENuqo}$yUk3!y^xPaYdiuI@>P$gFJ9|i!Ce3oAtd#?Czm~ibN*r87Ky7`oZQ6
z9vB18OOP>+vBm(0=c!3=`xeQf%|sETnl3@-bMiOoxf;Pg@Yv|o<`I!;3~ws?-r)sw
zn>*?HrsWEzD=<1AVl9D*9zz+g7Dz}@L!SXfD`s1MeeF-hKCNDyjlvSRK00i~dM=W)
zSeCaEd>MwetA(F4PF#%Mc`ON225*9;?IwagnH>!}KjV(4x+DSL<l=@k)n&>nS(Pm$
zEt@`+b5)Wu4gaZzTaq)-Na{bhBn(mA_UmWeeM3nJR|CvE=Q@zl55$K{@D|{*G57Dk
z_}1~4b5Q>uN?|Fadij1OrNTJD#ETVGb(sULO%cIM7{fR0lou%EgFtwD^jDvn?ZkLb
zHY@*qcc-p#O2Yyw4FZ*|t6f$pr84(x^NG2->GLNRL~0M*!heVCN1`N44b#D3DvpJ=
zqOJY#`p7Es_l}VaY_akXgkZhw+Jo*5b(-Oqq8+R5>()ufI9gUP+?e^+EeZF^d||;r
zYwsGg&zy~!n;g^~|JD2rCY=sb>GUR!Q4$;LO;6gD!CY%a@f;u;Tvnol*EO#C`4Qhw
zikd1A*CM75(h;FRb+Pj7s*A#joLQL$6Dq+M1rUM-3--TV7u$_P4zuUSEU^7M6m+E}
z5ybbd#w;r;@V|p5A$IvHBiB?15x(Kt&i(2%mp!1?wkPNMJ6;cKENIlzJ5C62L_2Ll
zf{45g(XDnsW?!@A4!)gSHAQYB7uIb)l0WIS))Tc(FZ%Lu83*56SnRzIju}MX#P&2m
zXre{<dldK=4(|;)ew(ZN=m^oQ+P@mztHx!sipF$*P<2^(hiHSPy@rdy$yLrPu`M=H
zNr&)>+TRD~s<Z?3BcT+opNMon#qga9OYlz3AE8A`cwntWTq{vM3>Te#S}Udq%FCvI
zb6&f}6`Ib|6H@fgkoFUUo^&tcZ8UTf{+KD=VtHU)JojWDXz+b+0##YbX>F7W%P!uC
zXfG{x&G0dmkOV|{IXiVmL|g4&cHj0F9}rJ#vdY7K?kqY8a8_F+lfKfBYSGv~K5qq8
z1TKkth)ytbBG&t1zjxM61$?n5XM0fJbJ12L{eqKw$j_7$`>KFw@#C_5K<HhQRxf~Z
zd7JzYn?EJ<`LUU(83j+@v|(#28*6kd@EEJgDF&l&yQn`xwr1!*G8kQLKUwu1s$#>P
z^87JLNQ(=b#r`?csJtMJnRv6ck>XxrNV9%d?L1rOClcWVT#}(}fkd<5mxq$ls^J8v
z4CSwq9EA^LAA_-1;d7xUJ$a-XVed5d$(*`*>BiZX#q-gdTMT{ucLjPbUWYqA8#R%~
z$kyG!x%N`<E@1jvPD6xGE*7Cf4uN*0qE?zj=oT9{^77)N8opoHqo~JlKlw$dY*knT
z(|fJSL=1b}mf!FzRI738v{v8?$kf^FEOuMKH*L=+6+0;B0H*0UstNGENoYE}Mvrf2
zWY}WmYpjE9clp|HvUah1wedK52>L^UOaGzpx}R+s=4PpU`jYNM?#cP-!d=9tVGm!?
zSI)+vDmUOzCx{g~&qzUt>XyqPq;~b^#E>rKTgu&rF2^RvMS*R(o6K$6=PF8nhaz@>
zFlGU`Dj%%N!1u1XuSoB8p!r$Jtd4$^S5R>ZjxRooBF(yobr+gG1phU}%}o{l)>sCn
zk$)tc$wgonU(~k|R>Pv^Qn>-3UMy~+g`P$0PwhQc=KVcdL0+CrhTK};zyxaV5jR^(
zRx*#?tRa4dleOJL+N_q4>%rL$!}GzNlWi}j*ZdZ(Y6LQHfL3!UFuH3BU~`~3q>^Yr
z8^D%@I_=X}$XsLU+l8llrNW*}Sldnbr>y&LNL6+@K}^tGrmYh%VHih7v;-pVTs*<L
zJR_fZmH7aB@ODu^IzavNG$2>D^)g<canY&|c0S|2c1W(7TmI+px+PcfcM@CaI2K0(
z&K<K~<c#Xd)u&vq5YFhi!4JPkBz&~#Y`q}A6-47Uu)0zPvJ4cyAB3qjYS=Pcm^&Kv
zTiJ{OLQ()FBjbq=fIGL{a8_hIh>9bP$0Ygre|QAdT{Ar3JM@Auwu<Wj%2u{I3~8_A
z@DT;yA6`lH;cv<XYfR9Zxws$F5m*KqB-&-W#GhV+lm47>PDBeJ%Q!hEckrcNcv-6i
z!jRg(^=E9F^U<r?bfX9Lbp)hPh99VfFL`hEYD@Wt(@q=g-fU8$4NnmB04LJwjxJo_
zljMljaQW!cge3(P_gOChgk^NQHDNRL&<T=t^bOcLkX$Dy#79!+Q#yV<s+@Vy{2Z80
z)T~j0uw7TbTqRqv;-Wk#Cx7@TxtYMzXODg7-@#dKS)FjIMQM@nTa@_KnnCY0b%qP3
z>&+fUVVfT2Fl5#F6fx?|xfoR}o$wf-*PCq~nP3OlJibSw<n5KG0b9v;+WfYsf4}Er
z8xhkDU-kmH^f^}*g>U_V2L5t}R2_XYX;rZSwi+YkWS4|<?8@dgP9Y~&H`dqzVDIYQ
z^UBsle4yd4HN93!Z#^QE3Wn)G^FX2X_N(xEW36IQYOVHM_;t~w7L=yNHxJzR0lhcl
zQpM3ukio5`2hJBtaz`wMzmwBnXlZoIw)U&c9lNbBLk*xxzN~|h-e*sHS{%#o!M47P
z&lvKELTS02I)?7apX32?=dB2ZfCU#D(5NO`9V9yGB??n=F4mG2-eyZ05s_kOY<-Z8
zWoCgZc~ahP!+hzLe1m@EkFzdYuu>a*_siW;y@Gk&B74Tn3x@|1ayVM+a)5JRihE5L
zbx4{83^wQ7yO*R_yj3n~$)^$G0ng0!S--b-e;Oem4kt;zt0q+7N5h)ze-9dTEGBb|
zI#m@#!jYu{F6(o`V&}`B9I#f{tK?OFWX;8sI+qQ?zB59t#%-l5znw#|q-6?BAml@{
zpUQ+*CJ%uQwj&9nX?~aW%wNA8OKJ*I;+VLl^$n!^9=OGcSTs(LmDe?;>AF*AZvJwW
zbnssO3_jbUC3S}qFwFXVku2S5o|pH16EhH<tOK?{n>nu@e*Y`9|Nl)lm_Qw?>@xJ^
z=I|hwgE*gj9sEY>!7fYjgvKXmd7_u88|-f;{X`4mk{^^;cn@fkvo*_g?=0G>Sb8cB
zaw!pkpLTr{q@;C>z%Xv~%l4RdaC=r1f7*TfnTc(HUVTHF>gw@D%$@v+B~LpS?D?ns
z#GQrUk(DS1y6^rJa*2zN<Wcp>waRg&WZv}PEA`-=XL8hwxl_(=$Fb`*@)rX|I>Zx~
zlcJ>eLgr}mf*8W;*TcrV>a8W><qYb{z(n`QSS2?zJd{M_h=MY9k)XO8eWBFz>S8??
zdnIYI;3~t2$_>n+!(-gp!J3j2M73+5t;VVC#{Q)=!DVcz%Y=F(j#qok#7sWAiITWE
z*QH2@F<r%hQg$dMmpdT|a1Tq2;VXNh80=Geqf9VmzGQ@juWSj{-V#dlndJgAo+yyf
z6V-C|X3Ki+ATvGS<k@#v*D8vV%Z`gt99M3JWn|GU_m}_@%Su&k_(Q)wKG{{4>`SmZ
zSL1TT^*1xZN-!J@vkt<8jJo8(r`r|0p{f?vERyM09PXJ6tw5pqs*PbL4rQqBnsXyz
zk!ocfB$*hE-+-#~z~o@eqU9ZqO{DgUbU{P2Z4GNO+)^!1ZbZ@YJ{%Sdz3+)F_mA<C
z5FS2BP^asbH;QY41Q;Z*w~pi>Z`BAg$<6NI_lRMFJFf%N9$p3ywf0+Qr5{W7b6_K)
z*U_rG%~?TZk1Nc@i;u++CdnMdQZ>D_b0!~WbEk7j_dg{Q23Jc`u2}kEMo$Wo@jcr7
zq(51JaVNqYJv|v(E_T)JHGf3f(;jf~ijEQ3!&1=wjmpvnlGeXJ)+hD*{gs+#J9U&Z
zspnetR5CY~D|RF*l!>1_3o+dHzK+yZO<L5wYnfPVGV}1)B+rfB7gGV#0K<daxsB<}
zpk6vd`by(suE3QJ<YQP!1BCE1Q^u#b>6&26tH5LQ1XB;!Ly`XBY`9i3iq>?AVAOAX
zkXjG+(<L}dFp8}kxajJX_f7?nwzt~01i6<6+k)jX%qRB0KUCRx;@1{Vc^lUK`u;kc
zgN3;8i0{ecEBsYjTaI|Ht|Exh4UW4gcJ&J-vx=V?kQ0P`ig&2m|H98w$2}3eLlQW-
zDtvd_Bf0<0cW%StY<4XY*%kcYWKk!${lTV+;_CMzUbj7+Tr_h17N?Cl{V;zR-nV5p
zLH4#halKj9FSRBZ_T=51^*Ss?!5N%tjt2g0ASp+9xLz#=rB1c~%AN=vUQEKl_>f#g
zAp76-PIi#{sRU|6D7)~NI^QR&2vXfLQch-LH35E<-Bt1X=W42{KjL4nOBj8laQZjc
zK0o6<dH?k96AJMZ{p#Okje$F?po3m+m}Aq4mzYl7O(FP(C2F+E6+Wnd;QgY|e5}~w
z$S|TIdknTly^HXX6fh<J81Mh!1w`)ZIoc2Udetc<hJJNrhYBCe_SlNS8`LXAF*iL^
zyxwlheEe35G-_+^ZeGspo=*`qD($drGj$X=ry5u<{dEyoK=&t3n%%)9Afsj<Iysi?
z^>=IYtZa3_go?Q`=sAChq|1jL?{X$1cfLDGlaJ_*<vnOdlVKZC5lxf*)i)YLRW>YW
zHQ(4TF#OESBG{e_l=~a#YtQeh7qK7EnNJR%A51AB3<_AAD~OC_BxU)gD-ky*EXdLm
zT^1fDG0wGB+_8ltthsXwt-aSpWSbh!-ZNMqMnnt@`WjD9c^&E`_z2v9D@(?V_nG;B
zCn-)_BUw+d#8@A=C?;|usA7R-djQv841$W@)dnriOCnhtY;FD@_kdU9`+~zlh=-w?
zL0aV7w2Wu1#cOxs2n`{ZDZPW^3NjH%dBgCM6v7`Zi8U32#_@!Vp_wTMy%ohh84W*f
z%yW4)lfT|bj51)aViUNv*T3;5)o3)NOEqOgv!HWCUGUX{doW+m0&DLWEI?ONHMz(6
z_3Wp9rjw&U57{~7BIY<?=xnGH!H`zyQFm|Qq$VVAARP@@bIu@aav7Y2Sxt@4?JWlM
zn3V5zB0v}`Z-Akwjc$BZ8Nm_k!!))Y4Rr!qoL>nzpGRIS^ovI+G}q+Q^KDEfO_t5e
zYTj@FS&<|uA9uuKxOQ@a?@K0bb)=NmOdVG=nT4{Z2N{>nV|NV?YD$Yq1e~ybkC_r|
zDymAET!^Z?8n)E8GUesDq(s(^Z5!Kt*Fch|_NfIET|Lbw%kP>P;jvA|W;Sg;Y5g2U
z{kzxr>iubUeS^!D5g3g)FZfP($rNT5P8>aS8WFX5+04Lyo2kR+EabDKJ0B*Vcqr{k
z7&@D8t}>{ue>jCwe?g)!d*YM))f2gV*Y|LhMoSd>fZOeP&~2>>&gpKp#KYFSJku7b
z*upMOgbq`%dLF&gmmpPHshuu6AB&(-lCSX$#T_|ZaETpr4};FTh{l`hP*qKI>7E3~
z2g;K?)%Q%x!2%(bWdm%-()Tyms{KFi{~H0N1syqYX-8rLH9hD0PTX!Oro)DTL72wd
zsM4*HF$=E+T6-ainpUnv5$_aZvZlhq@j$I}3(2L#m!Za<?3<e^DP&<HUqnkiyuUXv
zx%A4Yy3Uwn6imA^>f5Jy2<28o8d8$DtcYxRKUde54{b}4YLckfPo>U(8L1Q<j=)Bm
zL(JVNCIoui+H8W*A<n?e{|=U!&@>%ZDpGmqln+hwkQ|h^RDagQi7M4d3`0hzfxB8a
zG;cJREy{lyRwq%A*hz;vJ08D#Sbe_LIkn!fAxvu5$TM9te}4AXX5)x!KyK%dM2mqW
zB`WX1K=k~3!y7g(>y;$M1WAg;(_8Ucu#~95q)a&Um?+i_5i#3(168i*_4xKegHGmO
zGV(0^S4YmMZk`q0u#-6bu|aYvrS*$Qr@n-^G)LJl^y;2(hec(Waz$VJx{B&f%lm82
z>qgLOw%=#@XW*CEMtZ-gLG?WCAcx%CmdotOj@6$k5um$s&4h)UpU_PWDgOc)xn;Yb
zc2stvF0+%3qc3bEoZAgTN>g^y4#!7lBd1GxC&TDEKsh2Gkn2T&TgApjgRIa2yi7$l
z+ja$-vHvSZ?R-2gkggGpQ87>x5g8dRXfw8G<#e5&5-P6%C1-z`bE(f^QuALEJXi8k
zx}AZEGj{;Yu$KN|)x5Q!a0LszwfDu{OFJjpF?M>--cseEM=j<NiR<ZuWD+BF5tkrn
zd$*U2D~&5&H6znV%vtvr+mGbBhYap)S#^@5+a>A?LjQZ?k+}P%G=;xjWEK2ZQ5pW9
zqOyLAD_7ERBmKt>cv38@aVIN9R0{5pVk?iu-gh2p`6z31C=M4eHlo(nc0~(qrT$|2
z7}ZCw^i11PDl4tqyB=vjyC-~0hLE;YKK;ST3bNm$ZKStJMsS(a&2d4J|7iXQmlpar
zN4?;36P=vb+OauPt?)Yh#?v0p;a%7lM!xx9ATPrwmN8Xzhce0X&_2o!dznY+x`hPm
zyN}bZGJvhODzo|{-)@BKDXE81@|JR+Uqh9*ytl=zig(VQ?34co!9{!IW{lNbKx2dU
zy&S3vQ&o$Y{!#gL+U`J(K`Dl+>O^PV`Ry(ES&$Quc4Y~i2C8yCk(6rjT3EQ(YFGMP
z1os%N4hWiG_gC3HnLR!V>ie7yxj6Z_2N3W(v$9santJr_YJ&8DA2ruUxz@?<&Q_F4
z$6zkn%5=Srh>}v$nUYIV3Gat4gC2Q_r~T5S9TR`lHsq_7Jh{*UN=GCG+H98`-l2Q0
ze~Gg$A8Zur%I70$Rgh9Xk5(F4od4Jg!cLQ4Av9~99A+bh5mcIO=UW(~Nvm?4oLt86
z&NksGsUvU)lu(MtZmNRC)N*J~MR5aDXv_82L3@*&1*1DMu4Dd`R&y7yT0wgp=}ril
zjjwzT57Xa};4U}UNp5!TQ}3WPjzj(n;eJ6vmZ<QU_GE?!{=dQcJIj&%dQ=OJrCoU;
z^T=1n2e<p}_XY=BKTfrjGgZHtz){l`OkY>eCY;&x58O5W5tlN*)Ccfq)2u5#)NGho
z!hWog8k=@8<A%L%TVp73-06PJ<^HgvO!D-V*y7@C>7J9m2y#vKEs9@pS9tvslkf&|
zrRr&0=#a!jTfE|@J2zqICdk+Zm2|Kp+Nt@SGlEziw1x<K59QD{zxyv}|Gon4#K*cr
zbMGo*_-J3ViYJZ{I?meIti1c9P;3$AV@jB3$(awH@Jyk;KYaqJSQDD4K?f_StX^2w
z3U**)%#pv66)xJthMZsgWqe(+yos@o-xi7K`*#j}_c5L>{^()+B(E7b?nzTO9r&J%
zb9d6Zq1@>yMPBB_q>?VNi)cS*cpAe@y4iex@gSCNtRs@{dm;Pa3|67olG8i+)NC$w
zUR7uAM6G%(a6sIsjuVPWCtYW2^e07S%*Ptx6SX~{|1Uo-_z+DJLlUk;9IYKe5H;x6
z{Nz0$O>h#AR2ja2=g*%eBll-+r-?*3L6xFL>PJ4e%BbGx?%Te6#j!A*WS<EbRk{ed
z1c!!NG7Fo1nWX$aF+6auWBc*C(Ba9@|3zD?^P${H$&~%~4{bJ{#y^E#7NM!Xv62R>
znxf0e#Keyciq_oNon3W&?#O3X>z_2f-eLP~BK{~NP{UQUVBxR>6f43B;mVyI-E?~G
zn?`PO)Njm^ev@Bz{&?o3X8*@X(l@4xaf@QIgT23SDo0e^ZxjVON7`7h@W~*UC2^;F
zp$m{{`GzapCL*4@T3NTt?DwnmgI(HuBalDsyJwPmICdT|Fl~JiGp!yL8gbv~{^Ub<
zn)>_ReH7E9t!^D4`bE;tf-$VRsWC)<%dS=~X(^WMKcHII?CU;&$8;VzAm?_YuiNj7
zt%`l05@ir)Ec*H474l|LKjce%muwD_zuh`Em-iK5EAA2n+E+Xl7ar_grLg4iKfeN?
zXY4>x!>a{!Ka2D0SbyBrtDm3I;uZ0~+29p>;ssyxG327W01Mbgv;mJC<@Zg$uUEdL
zLbYNIK}u22hceb%Wf-CX>6U~Cj(*5@aCc@ES^u`u0P>zck?E0X=kmG=RS)7`$YTe5
zjn9|bqwqBiWArA*2zy==mx$EL8`}YVSktBcSqs2k2+pDzcos4Acy6gGg9A@OZvK`|
zeIw5YJ7vGmnEo|2>Eez7&ZW+LMi2)i-yQBe@57FU@qJ<~F?&lhD$zt$$EF!U6{V8C
zYKl(iEgR?g=2L)ULfRVBfW2GMRYN<OXGagip9bA-*^LI@Bf0U=hJo((%f4!H>o#Vf
zuET<=AolcbD-<H!8}h6+s4PPGQ|F;!?;d?_I?lCwhn89!d!u6&vQmjF3~I+se|v_|
z<h8+(K@Zrxmt6XH-c+;FYe$egn|CMC|9%onNS(f*!L8mMF77{NYe-q**h_70(Grk0
zvY(F>WhrG}yGj{6H^fOfQQ6kZa`KpApQ*8cdT%=Vno{^{glQN+jKHgWxR2qkQ$%**
zDQr=$*ZQddXiHM32*1J5KS$QZAeykZOGYLk1${OJ6sWz8Gg|85-!Q@$mU1ok<U9l1
z_Um=i6lZMX+0f!o`zF$zAUp4^5{9(Tc26AyEuUDjPFFv~_9v2efMk#QN@B*3Bmyf%
zfPwsm;i#wilK7oK`@p_WHOP~e(Py=X<n>7t;=meye*)K@Z!{?;y0eV=M(f~OPz}W7
z=J^v%J?I!$l7CdHJjCz00m!6O6K%2e5wsAR8V`=I^)2zLvML%mw3Vma+aeVc9ho(1
z1nD?4toOe91aFfXK9}TKJd&S=SwU5pafh`1ntdXi^(cvrw?Y2sdn;SIgU2VHc{9)W
zmLxk`Q1A~~DM?*%ZSo7vw--RpT-AFRH^q~W<zX)xu|L}&R?kNrD=UtK^^&F#ksUZo
ztzU<<eqhem0r#K~Fq+JZNr$EBS?eT;ah=HyC!)Gf${rKr*cQKdLT8CRT!RAwte%6x
z+>O}N4YuZ1QaH9Lz^Ts1aMMn)oQibK5Bv}Hw|AOC)AhTF<NU~99Lobbb(obqR#?G#
zF!I+6^LbopuqO9E{-<}Ci_Y%cu^|ehd9JD0XVOA0j{#b^{qz$}6Rdi`eR#d`kl;LM
zzc`Y)^2VbyhS6Zj(`dn<E>|erUgk^TNy3}(r9xPXGxOEPCo?Q{VXC&4f?<?gKRu=1
zIRtNr$UFp%Tix}}8)OvBnrMTmvl$E~4Egdo*v~!)9x1y)xI+(PFv<a#5n^l|2=WTe
z#iPp1m_;BmR`WByZZpmNA$ty}?7iXLBYM>nVCtU3{BEf@E<f7v;p*K0_tqvCFL5u+
z%EHKBENq9+Hof@fBn#s<1skkH;qyyygB>M3K4~aI=IDD?QJzVqhiGi4+Nv4f8#0Ur
zfh;x*`AI2TW{ZRRzFlsXo*fP*)gvRC6uNlo!8u3GwNyhXha&YFIk1QfPN>QlTKo5*
zV6<Z!>Vj>`B-q2a?)nG5)iZX$c1I(nO?7#u_D+V?x$+oN;Dzuyn<4fi>*6rf@ZykR
z4ni-vG5M5RUAPs17vYQaQ0iqDYr=98X1MuNpxz&!_40St?SxqbvI@|W4qW>qS|Q5a
zy+3g^)r(Kn&LQS48`z$1>kLclb6ijzjg{n{ph)4h#c#eB9VUNB!ijl<OXu&!g|IgB
z#6d&m1&5TWv^w}V5aRU^i&E~GiIBRJ<2P&Bp6==OTQza%paN~Wu$R)4zzHG)gsk0H
zUv*xBBIYB9PYGfCHm^Zs>Cay=B<e=Q@&5K1MXwq9qX8ZwvhDnCqJ=7Y$`fVnr+t8F
zY$z-RcSLSb>j5kM&=JqvxzIbFh3?^#t%O1hKvJkPiXwmCpO4N-#S=j-#XVBfi!qFP
z)|JvQW+-&fyV_8(_&Y+4C|0)Q+Qv<TVoO>FP)@Jh9pzq_Kxx6z^d-;vSu5Rf7_)l%
zSq4BRjg2{a1O&#MxylTqjhB!eqx`ReKxyCf`kW`>bZV!_QYo@@$aSdK>LHyU7zA%y
z;T=SgP!B)XU#0YZ3igzz6gT~a-$|ZpStVo1oHCLUh@yMHUcB0}a%yg4e1%FzuJk<c
zO-);qUM+Oo6y%Ok6$P3Nw%C#83F@t$6|*~z5EiD6z1cEBe&kJRS9kg@7plms7`hgU
zXb`&&WT`EByfO8vdVe(HT133Wl1481xu8J>?LDAq$&EER)^2v%etwB@?~}qA8=jQ6
zlwRNZY|LpJD=Bm<I(3BwLN*aiWADsqXGYk!4s}24u;M=Q9^+%G-)ND=-@8~BGjE4`
zXt&?NLiEBH3}wlfz{bFz%ja$KE}sW~E(nU_PP{l#?zeAK__L}_6urm${i4>#nDFQ$
z$l6t%L}-vcIqqX2Qv7fviN(dbk&;R*Wj7h@BR<(=Jft*A{|I%q!<Byq9HP%7B(6$t
zy_PA2M}hepj=mfbdsX|Qh}h7xBV^q2OWrQ5nttGL(kt)eM7kOVgF&vYx6NVcy^b`V
zy3LvPS$BN>d1L<YyYqyzEuytoU~MnE8Wr9lzn3l>$X)A6Br2QCe%uodmkZZw5YMsg
zJ;rD$iJ9Qr&WvL-nmHD5JeG5Riz;WVEZxF&V)CXP-L^o*k4SI(S;B>*@(gEBkmjh?
z*2ghPR-@1;F1hKnk<}Gb2%2c(!p=xzg0b6sKUckXe~KO2qC^tTd6SbP4^_24bi<Qq
zzo(Kn4xl$mvcJaHva$;($7>~dH{)|xU<2fZZ~LQ?R0F_-MyLzVCi!#T#=<JUA^7h+
z-aU<qLDNvHj-WLMmPPRi;fBqmB%^6xDIb!1%Jj_&amjYwZEK@*8&0Hn!Sk}a01^j`
z{J?{3I$!@thj(lXbD6cOPOvPrxUDvXO>NpYCvi4It#AX*dvwU+1tx|TyJKnvTFzY5
zf_4;ha-b?d;VSpDsJjVcoVAK|>x$pQ)1J)-Y8sT6p`%s8-<i)y)Iq1ZY!skhz-&*V
zl}UIsX>W@^SK;86>*&w2IWEs#7_!2=mDw=Z5e=QK=F|R?7m=AVo%YMgcobUNCYB#1
zC^nDo?f%4*2$IpQggeAi-YBsfPq2#H%6WiJNG_YxCrUobLF>GW7aVQT38n2gHx4lp
zK3Vh}4KpO(3hUTw|2YrQ`BJD8_!WZnm}+cTNNV-<WfDoLPPrb!#^$zaHkLFYd~dX;
zqJG{TvKkr6mr;Lscr33DYJAXQ1aB!f(totpY}7EVz%`H2PJJ(eKABcLIJ;eXa6~Gh
z7~8QoP$LD^Iz?-59%eY6BLIL~Eeg*oMnauR#m^=_OCu8}X7=pFqa85_04}Bnf_2-0
zhu4L?gL<Xb!*stvG-aknU~A_a-s}h#AODBw!zW5&Rr&*_we|;lhHzoQLK;=XXo#@o
zl-&1#)u`T2`&)lzzucrIO=rWi$83F{<OZE5j2jc@tT1!^1<xZx?JKUyC_~N_La;Rl
za{rc3x*hOCgWrJmUlMve^&bwZV+s0?QT2bW5~3hg#OFv{wgS#ZJFOJja_bldu&SR#
zIQ9hnuFlL$!DGMlr_n{^yXP<q1sku$Jx>UL%)3_p2bfoX1jD52b!dj&FruVaG*lSj
zsPxyoldI-0{fyTKV0d;G_o{Uk_y;L_amwle1*(3CD-Qr*g=IhPXJj@7D62JM&@n15
z6dR4|K7(zU3JSdy7hlU34Ytt?kPAA@X@4PpyK?vckDrG8%TEQnyRv=nYDSDc+`Ogu
zNJOo%@|dD!p1@@++gkNNI%?f~a3{0(EU^ECG$BA9S)~T~8EzJ5vK+a=-0S88){thK
z(CSp%DqEDpu28HYv+thU)RUMf_PkE24S5s)V5sd4b4F)V!0Upiy@LCvFl4@Kp!pHt
za0;jQWC^!B2)EeyKV&tlSQ!*_X7ki(f}mW$)ZZSBJnI<F{z^8M9v#~6@2%deqMjJW
z;&4_mtWdv}AV;V4CKG2dsJa($CS(r$wGc_7<j1B@qjIAMV{0rmWI~7}_+G8moQPpk
zV|6aQvGvu*2$E}oeo4f4dNu%S`aveJn3<lQMJ_QUwm8%&{*qxEmi?=*{Pav<XvmhM
z311$lf+6iRN5{5-{(a33qXR%g9Qw79lca^I5QSixcs8xDhV7m;zpXmn8Va>!7Vn5g
z!GB#O2{Qx@=&U9X`K1cdIf)D06l>}~G}}A|O&3$uPs_WAYMvW*u>H8f<~R)>>`Z70
zHNp{OyfGc^FCqCPsaevIIT(OUNIs!6Pl%oV%U!)$pDX-_yDpatnabPR6+?YD`c%{O
zA|_ye(pl@m$mZG(2X3#RAk2$cq_tNz%0&c=R1?K<LbYa&dTh>r_T@`8Bib%m<76Bh
zZNs;IoNEL?Klz>1#+b@xNn@6=ayn7oj>&L1zeU#?pc)SMUOrdh^FIH1lA)YXDL+`}
zf26oHnxA@j65xt@!V0ak!FDwS-1K4!>Jxm2Q_^5-!Ya!EvQQZ}7Xzrhz+FR&c?mHN
z3=b^g;voK3udB)qzf1ytD+COv-GhR^hh+`6ZNm6^(98R>@W>zGFaI1G6IPM)xWIi+
z`xe{$x5@+$Uua`Jr?~~%Dt2C1#-5xpR6=Ot7XP>h;n@+i1XRe)O6n5dxJO^dj(}{f
z7jqlj*ulE6ypsvs?5taQIbK&G#b=IJ7Z_iyZ(DC};mAU7HAs$jPHU@at`NL~kw|+!
zhYoTWw69^-2AIG-fmL_+Pfazrg~u1Rq=WLqQH^d7btBF-+G(X*DxI8|MDiH6zlaxI
zcy1nge#KA?w9h;2?#{m<mxC#&iP&Rg2ahe*z~~Z`x$f*EhE`9Hz{&vXq(J2}nDU>9
zS_$)HG6UMJ?XG)>e8q{<Qu_RXzNcN{x}RrpZmW0w+*@V$%GRCvDZ$ep_ZGe1Rvv(y
zt<PFZ&@OoODFm-R<wCio1G4(Kr;oC01y#|v?|TQB&g~9Wa7*KU_G;aJi~ahh1h{(0
z0X%g$KWJtU433e$*`y$DLxW@2-8^Ke!)QmFwq;M2{{g*lJI{~YtHv9h2{(ZHJE}kA
zi-z1<*w!s#W;UGC$&|+qS@Z)w0s%kpJpA>JtwvJ=@s3=b@$E)PR$hcD?tUuU@VOSk
z88U~C^1yN@w&g|8p&v0l#{~PPuR={-960GroG-;JNjZ<NzjiV*>JfrHhjjj!5$mE2
z0M(Gqab@h)WHWH|Ahn;fi+X6uhxc9hmqNd~`+w1~MXQVt;oVQs@bahl88`OE6w~B1
z+Pqy8j99KbJcD=RvVsOhA-T6k|6lZ(KIQ+5KI>RZx>tL}ratz{W`zjJS}obKzqj8z
zNduSR`7=G9Kc}^AF7qU=fm?}Df+a|+k+Xw|bh8rhn5H3AqrCK3OfjzHUddy@kEuI?
zJ2#4b3dEG<xk##cLoSlPaB=ia$0r4GM-yARZ&&J=5-z?ASkvVm(&eru=-0V5k2_qw
ziwLOXPtGt+>i5HetevfW{wj3op=gextW7iXYUqZ*^4~dK6+FK<QuD-qOaNwXxVTLS
z7J;woE#ji7hXEbxZ4C-|^UVX@sms|Mjy7rQ^9Q3*S{Ae1_ffzggv%cj7jE%_-p|}O
zWjwnnBD2b<as>bbO<?~4c<0s|lMFJ0Q#7?d)~@v^LK+aX0f|QUMbvAuCkg$dnq7pf
zpnTQ8)Yn`1{%r`7po_Z1U~&Fti9;1~$Z&Zh<7QhxA?%0gH?MFK-Noux9uzH{lPdQn
zKht{B_Wq^(x3|u83JTzoYD?!r-*kYBFJy4{$J%(GM9D6Z9!?{r#@<oK^sDUwqU_H2
ze)xmT;uD$4Y4&8>w!I;AKW4H}ctXDa@%Zck&2ByLlkY~ddh#?{a~4TBO3(WiGv4Jg
zLfF8LH@TU3M5=NL=`uZpuS5cE@AQ4dG>GlB?o{ZT-i#;}-%-HaJSaF55x4BS*LXoA
zq~V{6dEE~JOQR<5TIpPf7)8F}Z_8QZ*hpZ8t$V!8+yH9l2`-=YZ0K2YS3P*Ix3DM3
z)}U~&D?&ai5<_2y>3Vqt<9ma<-Rv)XUe3G$;puacdboM<+!d?*MIIM3fV(O>l^%TO
zRX<2qby+hOyOiuUyCw8JW##A=gZj8Nd&&jv7c|;y{XNqj<EDfzHBxzXv2pKhtD-?`
zo3fC`fT+jHlS4|XZ4h1vj#E3`{AiY5xEOQxIOZAM^V;I~N3-kJ48N}z3&u7Q+}(Iz
z6VQcc_rsALi(xr`$^Gudx-ZHw^Z$~2BEv`gcyfPB-GVbRwUG$F&t;vpo+sJjp+~N5
z^L2{coX1tZ<DyIFA}>s7Q0|#tH9X1RihP*xCZJ=z8k|9sphY?IV>W6Cy&=#>liEg9
z4x}7zqv=DcO0LClfsKq3R+<H|ScDU#<ApyqcM*Vg1a4ya@K(<bFaL))w6PDFG~h>b
zwHRqcc|BT<R%RaTZM&aPm2!XGK1=XxQrB1Axt-8;5Xj@CE^**ph#pUw;DeWy$m(ba
zjywWGn=jX~dWvfw$#b#D-bjjRf{cH5(!jCpOAdhg)Fdrkw*-^xC4NWG!~@Gc;XAi3
zWD*_Eq(*+VPx5FygrD^Z-d)$~w0}Dy)ZMt0XV=RypnCjm5?gy3PoP3W7)?FuXN)qu
z*7V|!9(U3bHiCn@7L{OFlh$=%-P@R-KfC8+IIQty-tTR&CtNCtE{q!xaO23R6`0hg
z!UCvs+8T$v9?5`UkN6HQ1Uk;pNg%`53g6_)bGB0FxDf~GjKG*AZ=(ISsXalxFZk|b
zbPrCtcH4r6+8nVkS!48?KjwGGE1VdL^UjmGvkgc9r!4MgR~n9I9bogR707GzxbVaw
z8omfFungFaXWWtX8x|F<)FCo+7M*(9#~sNK%O8n4<wqlxlZP7zRIDE=i>|y$2NuRI
zo$0(f^Clw`Y}0`NVo%SEe_(WfA^_KE)f?qYHRsE2w0bdmkjNOfG_I?$N{<BE&Can}
z(r2KVxsUt_Rqg$6p4@&Q$(wOtB81nVAryxJTssL-(si#gjOWr@VrVtk6eT&Nzsy$U
zMZAXCJ>mcwovrVFqtF!^m<w}~T#I6wDzzI|eQE8yq8adKD<+>8KfD7^cKCsLez|wJ
zgHY9XehILlqbng6>Sh6M+Z7(}^0l%9@9?ERlYUU+$deIuhm7f+I{bD57i=N8$QZGE
z4vJ<5G+ZXU&aODExg%Hs(od5&$QQGED$ROoE!2ai$ET^Zwl3qghaI5DB38(FTYnx^
zhYvp(a8D!Pr+b3xnU`V=-dswy*t&@^+(hSpWLxYxaluYf34qaf25r?x1%z<G5gf~C
z`g{8qTA~n)vC(3esvnca&qtFbYsE_%+Z23~vy0RFhgO0BUkq(3WI{e?9do(K*+JoN
zQS$_UDDI>U^w5&@j|v}(<{3mjFv(nlYr0T1Y}+ia8E(TvbbtW07D#XQf3<cW)y^m}
zfd5_5XPVXIWRam!`#eJ4Y_}c=zv_*E_H6#bq?7l3c^j#|8STuEtZ9tqkJx8Pf|6-B
zABnl=M%$;prmADI&1@C(nrZX>XV}(!el)fg#*(ESv_Z1Q>93XuV40AIcJ8E$XJ!5}
zf6Ey;=p-@eo&0@YWmXA7d;LCRQjT>{Dr!PrqqD@0T)Xh_;`{S;1-(T9Ipd@k_rLxG
zmHjKSGm8F4Zf6Wu{ks!-fp?$Hpzatsbwj+1zHco5&SoEZmsaZc%6+yZKShG4B@A3E
zFnzKLz-7t0=7>yi^hcHeiT191o>>-;_(Y|r<a7Z)#9gx+QPP2x9cGg}j*g{67<2Qj
zPsSP<rkM#grJE$(*vqo!vs{wDW-%p>=PRJH(DdQJbk<`6iB8tU*+VnQiuDO*D&qZ4
zHLbK?Ki1zU{E?wxsURj;Tj4=o6bj7&t~${by&)fiuiZ09d2$(gR*?ugUXLFf7<?f!
z<dcjypl|?b7xIIL%*O`U4A~+{#*>HCA(M!?ZuU`=5k%6@jdFnHP$%op8z&~<X;=;K
zcdCPMl#N@A6GS*)u<K0Ka|X|xo2L<*nCy>&Kr48L*!ic+QiW|!k6>b$ZTC!NHN|YQ
z==9Kr_NZJ*P`}0yg@!?a8`|H%0QtYFqmQBuaIHac$8(iThO=NQ!b3w;__C&`orze)
z{7BCqycop$NS5}+5f$Rg1o034c}4E$EADt=0||y*);z}^zpU}!voNo=!KA+>DB>Jd
zaRDyx&^JJGk`OZraxUF{2dx{YVY2|YzPf;$ZYL3}(fe2B$*ib{`a(Q(&U}2;t5&w6
z6IZg~#V*M@eBs_`f5B!*d)eGBDJ6H&<D3@3$h2)Qf*zZyI$_Pzi*wgTJQ?UMy<|*X
z_`M23M)ThSX6FQt-$hnPzPW*eq-V<H3N_vHnd>^RztW)q-+6-L*})#);F<DX#{7As
zFdrPoH+@76zB*|q_BEG`s|BS|2A|8AH#um}Z)9)~vUFd%d8baRBiw}Lh@6AXQ98`S
zN&AU*tG!Sm=~V5|BQ2KLA^W?QX3)*;PT?dKBX;X=@U9rOIj-cR;P!i@Z-O<H-FbSC
zAD94W!?a?qiL#N#3nmTFI-DI4h$@s6@?VzXhHazpVZvLH3e1RWsIF4HwNsT`+54|w
zL>su%%BqP<Q>`BTPd(9B`Q^Cp6rrfh`Ib{&l0gV6U;@vAKD`3czGP?~cvtOB&<@Uv
z&^|a@i#%stAf$P;=*-JE5Gh&1273JWgu|=!4l6b@-&`i!A~yo)=ktdc`HmtBcX?t_
zT~`x~{O-PNim2jZx#8G*on+&yLgS0^Fwdtf@u0@a;eFTjcIvs>Ttl2w6lILB;{Npk
zjpPTHB}k2=Q7yP`5E3Ce5L5?Fwh<ls(Kp%GmnVC(C_RAFN}i16YDMWu(-6mWr1M{u
zcYy625d?0*5t++<0WWgrwxUK&A*641$<14n9?Y*&8&p3}GZuJ<_3-{V`eB4MS_>Eq
zO;5SuI9;BPM|LOy%N)P&Gn>(@^)~-fSxuSj!~I3h(U8j-#w$H>c%?@?0H-7f@V<cm
z9Fs>%MM3?muU009@_%i1J0Il~EbMK#A_lEFv+v70tuO8ltI3>A;~gE}LFt_@CVA$X
zt}Gqg)<u4X0{$lkLAe-PzgYR$zg27zpGDCv!;n&<Ie_H02XZCy($G<D6iVI~dsR5(
zeQ6-HC3d~v*VeDFL4y?X$9{oPpx-}nVL_?5S|si-+QoHF{zv0^_yz9|`D^OP8vgL#
zqcQ(6a<u$4a?GoUaxOzIo;KQrDwivkIicb-qE!r-rJ^krmJxzXThbGbD(GHgm%4zk
z7uGKz%~x&x=4_nQ)3Kg(mWggl3wwr0k05<^pWr?+>C&l}u`|q?IXbyixwuVoa^>tu
z1pHHTqxC+C;}Nr>aUIOzt$ay9{btAZ18!lb>PI#V&jw(IS6wV9(2;Q0e=@7fd)Mv+
z;Hpr7uh5telp0x?HAQP=l&hq&+p$V4bLQoFZ?@zS%=~%WXr7x6A>VQ1KzhF)ioUWV
zX5GLqKUq)K4jH^#0WrWNja>RD&_2>I%}{PNO0P(<58NDJU$+G@*nUdJuT07jy^)^q
zGX3i{D#sUl$ej-RbJ5YoE;Uooj|Z~nyo!~{;k{?7qFQiY;uL@1Izd@PN=v}>&Uyfs
z-+2}%Pe%Kh#+CCUWM<>Uo8f0l&Gs5m0<}Eu6r<~nzFd{m`r)e`R+Bt<<ou;Eq--<(
z*TTnjj{Z!VFBtwmKiuKv0hYj@Z#KDpPE<^1_-lyZF5MhHiduq0X(n}@6f$0b7Pg(_
zUG$|P?=O%(i618YCn5D0$!0f|dIb&nXS{cXO&2u=tLKMZ)ju_b=;m5YHL(5VNX5YF
z0N<NsvnMs@!zTr-^mDD8wdL~UiM!R}7+owI!9pthk)NTv<Q+c(3G|`46I;6E8lU1m
zS1ZlfRu!w%w!(&}GZw$;zPqM!8Ebl~G$b)iUa5o={hxh42YCO3$HbqGKnEL-cU`UE
zxI@<F=~tl|RNPc%?#2z%6lRQg0M2h2BINUznlI~?T`LkT50N<^*s=9w=exc#UjSuO
zuMly4_o<xc$Q(qbIi=ysJ!YPaEc?CCdRZ7MnQ(@9K01|ooP2Ng{8yWQ&uJboy`#6*
zx!F3%bov<_YbLhH)(>Bp{AOGU1-3CgSAZ=h4C75=fG!@uW!BGn5zU_{_phPP#72Nb
zVSK<S_=(BL)~(eA(T2O+j5A*sNVOi~kCQN}^BR9IS)af1gjD^<6T+z>o?ha{Qah6*
z?Qni+|C2Q`?2L|);(QXzohVzGH#Fe8KCLI^l4r?ng8>hOc~nSh+?cxg7whi<$dm>F
zARKwf5yxd~UhrrO@ffES)yC8hl-(@;`U5lLrIly}xieucZmA*TFDyP-3N5KMOO+_^
zD}|{avWaS6Vl{`1p8@_HNh!Z|Y5A9eLC3}<y=AM%xdb^Uow*dB!PmhV<CU}%{qB>3
zfBKD>L#Me%_&xsP+_T3!_x3Yh@c$i+8xP31=;dMMglfvKl9hT}JTyn!$_}7`oXM@f
zb5y1klU}J;nGuPoL|c=+i`0$0a!_?YYf?-gP;s4&H^X>oKNnTSpBljzw-a;qLr9YS
zbmw4qcdr$m=1d=FuKSLv*ReS{E%aMb8IXvC7*vl6WOPe%q~X&+#MZ5cuyy=tjIa6u
zjRaY#X}6631@u^xBTDZ#Mja`-4Q!12@-a;%;Z~{VxZC~_$%D-Lf?Hi@l4A~{gS~P|
z>0%FV{t#7n20e5JQ?UAJ%9Ko(FGBD@?w?d#zXcmxCe@;S?)T7U-5&4vdmZnG-anZR
z*2gMSdbgY#%2c}%)XF&OuQ^4Or!Rc!2f?ue&d+!ija<sksw<LnxBGqYJ}8vdgV?K&
zb<h_6uO?q<_B<j^S60-=s)ZAFPd@4_Wp7Q*w{>nxD1vINPL<0;RWkmp*Ra<F<@~B>
z*Lf|{Tn$C|I%-yC8};{a=riSBbzd2W%$1!h1+BBurs57mJo*m|duhbZ(*A2Ki7)2X
z3z;2*la#ItjP(117Zx7l5#B<~svdI1%WnT)x1KG_!C$lX@Mgz<KYap!b|a^?yy^nw
z{`cHtR01W}+Awh*?4NvsC=rFuimb${o5UqY^)xQ%5AxYU2EQ-%NP1=00Q2X6z?boP
zKdX18M;)KCRp?<^;+rHThGxVS#1R-zVd4N;hHvX>E8G84R$s(S%_c*WqgCP;yVoZv
zBs2Nc5|EyH*6vDiM5^_3`1hUkH^lLOGnnpkQA4^P@{&Z=GmVGwF)Z$E^O>SHDiyO~
zmC#a!CD7zs>xt&+mLGxkcsu#LU3FDnPdr<`<py<0=WRLR#b)XvyjVa09n9&|{4~^t
zkFWM0U&PnN|47xD#X$r$Qzko(67Km6sa@qlJ?3SU`hQ%`G4EAxB;mF6&4E;;g&RBj
z9KPD0Bq^6vgE!A{2d=*9f0ws7{*FdhS1i{F?<5zWKNPQ7Pjl4nix~GHqjI?}A)mm$
zQ>f5XS;M-M(9{7e`Hh}jCap1@otU{^LH0EP4})`Gl_$JuKT9;Mad%EggZ}-@kfaAY
z@AI$R%S(lBKE(eIZ|@z|RNMW1-YVh^f~bfHQY;ju2vU`*q9VQb5|rM1heSX{r71mB
z5u^x6Q#wRIKzb)2A(TiB5FkJZY3~VmKlkr>XJ*aJTC;|~SS;E(=Q{h^*WTaHcMFC>
z)vOlma97u3;%%KV;w^T6GEQ`f(X*j8J<;NCQwh^T=KI^Ib>!8Sspy}Py|U1;dmmCB
zB8a@kTodNjTp^H46OETJry|C#rLZ1uF*?maCiLIJW0kb{Lz%M1hu^d|k%N&VH`6~R
z{|LKoj8Hf!`%Ekbp!eba8(K&eop8L`2h*mDi_K%u@1_uMOFAju%fu6U;N0qnBYpqp
zzvlq;aZE}3aGk(kY1)@-AzD8}!QXy9wAto3)Ex&PCGG>t@LV@O&l~GN1U`&vXMEuG
zWo;X3<`OUk&qZ-RvSHPvsY{Uct1iFsr|8S^b*|WHoTK!vugsHYN9p84B_5vCQQR7*
zQ~$EnKs}`L@@4tBwh7YCQ<t7m6!~Gx2Or~+^bM{Kv2EPw=U08ZmwMG(Ja_#!2<Hi#
z!-CWI^fYG4%G1Z*!Ms1xU~9r%31oex$`(L6ov~mRL1101_m{wJA3;lR`<T`JWHoNA
z2k+5lRbV_5mA#fbpDu4Tl-Q;7>&kt!2I5A#otB8wc5m8L!U~{Q(;54`q}SYQUe0eY
z&Gz0*;pH&&NkDf^kZU%-9&|bZO-&1RzAhY!;?8~2J0!&Zi?K>6Il*=KYF)d=^dALS
z+F0*yOiH#mKyf?p)Xk+SLSfWb<!u!7pQGx(B)F7%c$fGDcot?wVqLUF?u77h?(_RV
z{aq{yxWDHaN@~7>tx01Z@6UH}VCk|UlT<?cYmE{kQ<j4D<7lzFIIRb|uXraT+hrAy
zB(>gVVH<*Xyf5UhDMFvx_N7~Js-4Zp`Db>+siG?y8E$0%MsIZHV&<HK;y4T^BqmOt
z{&kTJtmycW%_ykiSbw=yx5qXmmTocgZEpCqaJEQWn%IV!)io|?MvG!2jt41;(Z)wd
z1G+9MaR$K4g7Ya}23NCk!%OadqQ9UjPq{?mbZ8S3YMgA$9|g!<`mfUm3R1~=3{l=8
zKD)$owZ1GH;$=OHi%SNgBd@r5yP|ctUhN;;2j1>PU3|ET!MV^w*xmUmlyQWi*J)$H
z)hi_zYH}q&V_IG4R9E9&?49lUK%=NESQD5~fh0$}lV18yA#yhJz0*pvZ5W%-D+AYP
zQ!vw7LumH_taA2=PK73Tw2@M`*IrT?CNh$T%JiP6>)US^QT!6pgt1SG8k4wNE?<YN
zTI*B<(@Vf@?RinvieE$YgdnYX-;59NiyY{r7k4{`$%Tm?q>w4r+Wv=_Y@1FaxvEf;
zktwXS$RlXkABgY|%k20KV3`d@pC@0(eGIL1YYq&0T+iqKQi?g@?XS4aw2_dVooHLT
z=wutRu(DLH<CiRQrdb%|&VnI3z|8;eH1ngK|Io}y|EDzb^#2o@S^slxk4O-O=PDb_
zx`qfJj0W|*XL;`Uz(trMLf)nmnMp-i_u>Z43Fl0M<ys0#)YfrZO}7^rbJ06?UlElT
z<7kj^Q{<lj)E#2QbrCsFap`(ldI<MUct=h8O*Wg22A;hG&fSZ9Ez=xd`1^2;=-f=T
z8YV<F+It9Czl`-aN#ZO1$g=-QA?(xVYZw|MX^N51qsubbzg0)3;^ebu-ehZOa&atF
z`gEjgF8DvtpdA)6NEu*rmQ6-J8-QGEHuC3>-Q_JVpJLG|x}w!4*63t(BRv~;>M`JQ
z5Ig<CP5t^Py8{XH;Tt^reU+GY6Xb_%);1%E^1wC)6Phqq9YUt;3!vtDL^{ZKBm9FD
zTEC`k63#Ytg1&6i3C|eYL2!*I4yMXmYE>Ik5*XReH^OcNRJZiX_P1B;82gc*HEacG
zZrhb>yV%5tj1x$1%Z&zJWl@$Y2)%rBBw?2thHeP|e~2|FJuMDVtOQ$mfM1tame2{J
z9w8K=54z<_LYN0zR&M%qpJqnb1E58F&;BWw?{N`S-aLF;<7-G8{nu`daB<myl-<+G
z5o2p(RiSlhffvgm0;XL@OSLXZUffZ#D+Ckgki2M9Bz_?&x45j2Xz(z*Ow_g@y)n6z
z-;i!&{a&jl?Rt~{$080EeL*!Jez05GrFtcD5-9|yW!CEAu_d@U9J1rP_THt526s1Y
zs+oXCryAm#9xg?@6PT0SiQBH@jiF&CcWe8cOV7LxS@58pqHGJzx;~TdP7h4}eL&sT
zFKCbV<{{wNCN1%RZ-28LTk#!f@)vqHnIQD&w(N)UjmaQRv$Zp_%>lZuoyrH8kMHc9
zkc&l5Pds5yTf(Obj2F_eS#=(GX~<~UgI~d;9RHVabK(CHZuTCzuMx`)jenP4=ar43
zOeWAJMi4jW`UEhY2Uj<q+u2xTQ-imcAn26b=WuK;nK6JrfEz?Ftc)lr7@K^-KRb+j
z4(&w-7nFC@Lk1W3Djf_e*9Pu#HvWjoey!YmoyBBCZ>6X!pfd&kI$fb(jySQJ`edMu
z?YtJ~MqSFfq>Y?>g(*S6b}^tePk8@sUMF$~4Vm#rb`B8MdtH95p!T%Hm{*&#eY5k8
zMz>gn=e9ht0>upA(d=AQ=Fk4H`5HwX{9~b+Pndz8v2>R%llvpeccl1?&tS`ST+13D
zKzMnDBZ|azHz`o_iloO!#f<>`U2OcT7d8SV`7mU3sRZYEQzYNYP|{na$|W-=B$LGL
z<nG3eB5#MimmH^uN0tX?Q2c$PFnCRMBh<T78xuLV@*mP!;LHC#>8$ntGwJ-V1m<?C
z(C7O;w=R80RsddVf&6uX`!*%&#gSCB8ClaF6Sp_klak?x%{+COcfF5kv8h-inVxh2
zonTrt%3I<x8mZQ|ZaFFWzq87Xnp*C!U?v8(9Y@Lfr`+q=R5QAY6k>}?EUsUEqt69j
z<sOfZS5J{Xv1r%q)3K4zgj_SV3cMZPH`93GJVJP%7GxqqZw_|B7vd@OwWwBKhg6#w
z4Oc|eSZ!!n;LtxtWNwS1Zhr{IyDL^=${yQe8}5U!d3FhjRJg!vLgi$i({#l=y@Fr3
zWGRHi%kdAPEKm3^LRrvGT@1ji5^&pX-S&%Pm+X_YSlIV0qddn`pK0I6KDFx2EAM@Z
z2slh?J`RhyiW!LRR22_W2!fh?7zE~&r+3wq4HjTp>!7!7Gwd_07bR1ha88IT5NZ9Z
z`;DY@voGG^BbRy3%H)J!BZ)y%@ts`|Jm7+4W#ES=_Liu<S4kKb8LgHI=$;aE3%Nws
zv0m~e{o7GZOLZXTZ&ve|bS6lIcl-*vG2Hua8bQM<&4xFH?8%EiS2aqvX^f2K{2ccj
z!)rd?*d<;^l&`WIC>RZjh~$Nw0liGurS(>MLc5QGe;(Xd-MA+S{002&@BIR1(1oHD
z&v(ao51;WuSAwN}%Mkr^qF$PZs<N0{x!CJ|WswueGv=mVHhjtwH?sxzbvJs}wC^vx
zEsmNfF-W+#H5>F{s||7A3$ZUz(p$;N@h2<%9rbso{1=Q8aUW;ku(`X#)~Jl3SLjND
za)=q!J{8z}RBXcE^)cCs#Pe5zZH6=FLlg>6GvasZ-d!%vN*sFm-fg!=-e+Wm;ivBe
zvd`1}pa#T;5;FVOuZ;|;Q%0@cd9t{<>x7N!HbBv~h(Rxn)!>V2D#zz;mvy1;jvh?=
zo@C?(e)~o9hz@3f35BQrjVQ06`fuSAg8O%LwC$@Ru>TUp9MkEgveUd7!J9Hd0iIuN
zQw|g7LgUYix6CB>_lj|;Dd&C6Ta6U4a<9UvVGr2PzNe%etS*!dom&ft{O3#be4ngY
z9mxS6p)4Ea+)dQ%4fwdwO3ydl`S=31g>du*3EhfQ7mw28|6zWVd_8roO-(U`Rm2yX
za{b}IkTI1aeo}1_Lz%njlj`4HaH_cPpsW1gdEnGJX|Ro2HRY8qFGexcoN3`Uz#3ZA
z`rBs*9{M3&593cAW$8y3U^)|An*zMLetsqbtQ8Y$+^vqoGvB;mUTY&2PaKyUG3|^>
zM_0J6pIehcJw)uk|H45iJBxr&|6_??saCp2@+>CSnbhzGYRTImXa;1Ns~pEJ8L(FK
z56YaV3@}b7s@OZ0Q<$A@t5Ix!#1!PTlMah$xp8Os8iEFg4WmAJ8*EODMJZ`Wu7nqT
z(W~_j`rzmii{tUOm&O)nZ4C525r5pZ8kjC#Z=%ou&6?6Lm#J+${zy7E+Ok=Goyjze
zsd_CgRV($7MULFt`JmM8+NE+>JniU+i@R;UHvqtFjU=pAM-BOInn0vGC<hJtMdG*3
zLL1ZDwW6wLko{}xYSkp2&Pd)Z@<>k)`cjt~AkyWYX%&{05A`6BQ0pyjrW}ftT2hKU
z1X8t7yG6Yd?FA8ChvlL6dS1-4-DU;pi1<Wk^MZVh*C^27IwNVnIYEOpHTa0kfEi0;
z_1X>vLi(vZXVdEoklk-pUtKVZ-4_U%8n3>JeU(N2!EQAjJ3lR(lE-E{vAym{8Du~J
z5ZrDJ!-;`W6I6nOxx$HbkMnvdJI|WZq*7U8FLOKIS>tATt$zq12eA#i<m&%mZIife
z(DsGTz%c7Cp{_laO7bTJB!+p+e#+p=Gs|F&1W#4OUeuvRUq>En<sBn4LpnBe1URol
zx`neRw$&ObJj;_ujjSDorG3H3!gc1k&KgVm;)Pd})j;zlWC})bY|;oKQYkxlc&T^q
zsl-AoKY3q%9tz`X#Ks=_MCjA!LyO&zH(5&7OPdTo@muioI~^#aeHYt<rjJDKA%|`a
zW_2bKFeGt-9XQs~HN07Q!LD9~^esiK87kxoOnlO<Ur_6KXz=)IA2-3{*JrElV81;c
zfc)>CQEb5ZT92o(1=6z02ULB#n9k)_WB;d^K$jfv0wSY9^Q0xmi-Pwv`yE#Dt4xV|
zQOf#P77|-Bf=YbGA7NwN&HofrJ35m<l_WSoM&ATG+)M_pIH$8_%qy1*E#FcB32G8S
zV7qKS$`bmVg^5I!YRcIV&I^Z56oo(KI5(H+b8X;UlXA?0W=sX>F@1pozXeqRP--~8
zT#^=Gi!s9B>{`P%H|K0=7FlZBZ_bbuo9Sw}By<AS#Dtk*%l)Fjp_eqQ;zU4o@aql{
zl#M#ph0L4`O_nutGj>5<=OY_ibmP~1^ty1_G+eGtcS@_5N;P-=3rM;5gvG={;{myX
z4W4%ja#VCBf4EukeY+|R+7Y95ZEZg}p8`}hhp$K9{%I35WS3O-D~>8@*<<oJ=u9iQ
z$d!YQn}K+_Cc7*%t*xIXPOu(b*M*Rlye}72PZ}8bAXCFl!ay6jV{>74(}}ui+RvV5
z7R--Erewtvejx0g4d?PY7RUzofx0u;>UD1<bu9*=o9k=0y7bB9yM7%ICX;7|$pz!^
zAG)+PY_^UyWpV_qmDT%ZZKVN!d0Fn|miE!)R!n7|0+pwi5a;)RM(k*xbAsKdJfC_8
zq1iQkPNboB>wZx<-qcq((F&>7Jwt<iY=C~s%&@xVJfGhSuz@tuK?pe)C&di$57F$@
zgQmVqnALFU2UFar?W!jvzB~D<M%8bH50SXh{j?V=_#kmsd1H$oz1p8rN3CQ`ZkHug
zrZEJi+W_U~=|%T*(h5c0(~9{fv&mXmm;8bg3!A|lY7L>EW+3q=(QWCnqcX*=#u6}E
z;Z=;aX0?zTp=w1rsTS8uyN;Y=^h0%vw3DmC9e=ZGUwjWCJTt~|_*>@|v~d&@Gtjvb
zdZnG*jbT=w?HV0%*|#trM~*UYl};sSGFP-s#JUw1CHh>LL(C*3t}HKT>y^hJ!qyd`
zrH<i}O^nb!y$r&4RV|sp!JcMUwX%f!9+0}Y%h}P>UEQuuzw}3@CIy1)d8dsJUKJF1
zA_BzIjaeEXd27VJ9UG6}hUghZpcy}TDcF><f8HGgEGdcHwf5?9cDXAW2}`5aY4n;+
zO}CWYVRr5?hN$<UGtc(-_qPH55KOHS`zBX)4%MzR@#7K)etZ>n)9Q<wlE*22-VVH0
zzAlzm2Y!fA#O>FdLLaP^Kn`=HkHdv&4K8D|Q)S3pkV;%MVfFMfhmwF~ediN*drtkE
zwU8Sr@4@DY0fgV3chIMfyI1M2SgGK+dc0$Rz4Y<td*bj`<LQx8vVJ*lTS!X!$A|C7
zQCoxwE3g8pnA;(5>r{fb-S4EN#7-7tjpFK2E2Cfe75ZL)h=A8d(t5nlZ{04x{-*aa
z&MVZ+hVcaXAC1IAx(nZ+f`{qOxtKHmTI6xG<n4qQPl(U@DGJ9i-HD%vhE?|R#L*3A
ztL@&2*1774kMV1l1^>P@0N#0YE>3I3B=B`Cc4rCWp|eT?IW>|W38KittN0?gEb)L-
z8vHlI-0n??QfSC;SV+Un2{d@^LL3LXMRzTv=kxIaN+ZKGS;de18wOsuYpGi@bJjdt
zz9r9c=+9<tXn#J*TZ~27*5b;I!a<T=HEGJ1{<0am0$fKr3lX5*pbWFGqPcM*kLI?{
zX=e2WZ!JGN<PO=uwGhFnCrHKXbHpMaJ}RlJXnL`~tz9~QcBA(KhtWw2IE#Peqy0te
z+2!c(5nECBxwyV8_Hn7)6luQ;mO-Lv#}R3$eJ-|6`<4Eg9K$~scX@-5qUu~2$CL&8
z)Q*K!8XS;|cCb~IaII4bhstJZ#WWz%K3{Sy&)h_|c;(Dw-|tGrgv@GxMLqfHnNcYj
zjnV?M(0g1LvgDio$1eWHC$qIFY`tqYi&%*&F}w0ec<Ku5AfV?e!RW*0_UUAZ0)gL&
zH2-oyafQ4kJX1wh$;Ty|ErS6M5qva59mE#ha@y>}08895UYR>v3bSVcGqeyr@t|i$
zCYgv9%+^5aO9s#U_9s7Pn<M~7!iT+}aV^VWxcD6;SaE$TDKDfJ;`)>zy?}?p@hC7K
zeD`WlBZOSnPb%C^*p8ARKSb;)U!Lw%j$csbR`i_TgZSZlX1OBf2>j6Z&5+z4t>o-Q
z;ueNm9#eY|=FjOB7bkYGr<I1P2|)Aj)bHbT_71w<?d+>mf_328UZQcdbxN+w;1a!K
z3*C0J#%<A!Rq+>#5Vuy^gS7mV=&gaS`tQ5Rx`V@w7Xxgt&s;K@$#?_?y<$s}hT1nQ
z9AsSB0~p_zu4a}y2P%tj%j$37;8o97V)qqv^(FDlUB>3*ftl)0tN;`p#9kb|Za-<8
zlFhL{<{V}*uJ9TJ-th8mF9l`P;-d;l*GFKYTMA9CZ@&@!^e!Hh{#<d*K|f70%JwF{
zcrz7?K%wFWO12Ys13yV^ZRHHy^_Ke{?6N#ml&1he@j?}xC|x^AjTGw|5j(P2=sw<6
zA@8@P<{sWXwBH*XRl6NCrKl6Hu9$%<`=)Si$sTc_oTBxU?5zOGKnEiZ9&tiEr?~lp
z2;T}xmutv-!AU_O6Rr7Lm7&*gJ6nVq82D;-+$8lkaDRiuyFf;Fst0#(tdjdIz&cA>
zJA1a-Gvh&b2qHEiZ%IkNv2B4A9^ts!frSR}Ms?dSBXpV^{CK-S+3{Fzvxx)zQrQc0
zh-#OF_t=VF;O5@mxFs6?a&WovZ0YoSSoK{{qAKd4!OwL8UAPD{(8Cqp56KtF{3pRo
z-Cb!j3l6H-)(KX|&Gs3xILNJWT{$#u3ETEMBN2EzhjygI-vYVa1|%8!J$Hp+(Z*1F
z$YpHDAG{w4s(FCZs@#oA+QV`UFHTQN*$xqdutuJ1)Gn^G-9yWt86>G0$TfZzaEM(>
z87O=^Ta-<96yLB>blsRVs&d88Y+L&~xhi^x#9a}pvdHZZ?%c9a^v;~|tc57;xg+pU
z50Z5^{|2G#9XdFE_p~AzsDQlJ2?_ae(}C~|2b0nKHHM3;Lgp(B1I`1N<tV@pRc=Ss
zgZU?$YtjCQ-K*oTrxhRPbh^K=LBq4f-wAbWF_%7pFCE7Rc_*D%Wa{%8?Eld{-u7sn
z@yTN7GYxL=*@Vxf#@lLPnGce8nWV12VJj0k({x8zq_>@NjPQF6Q1>ir#;vWCQInb9
zS9T0(L;K>;<+~0$Wp~av)@S?=>zJ(W$IE1udhj`VBqeNH*o_^Oy*BduIOhU@2S?rv
zX!X_+rY{b07QN{L;uE5DEQpuWO;6;Hdn*4Zi@@LTp~L`pr74tdDI0^gph3V?C&)3f
zijR5^Sj`o5&YRBw1-FSUz+=oh`T%uZ^Xe3917)mU^4Qegr0o~M1>m@n3YVh@=fH9M
z+f@%OU~2WDTaWk1H@9{r=MF;47s}m2lUYVt=Jwy{Mx(XP?T4#aIDGr5u6=pC<3g`0
zp~sJ5a&9<xxIGtJUSx5y_|fznuhdg9WX-q*lL=?yj~Js<ohSOH1N449>1l`6AvxVi
z^g2;XGadzS><wL8uLq^SQuyBa?&NB4?z0ULm2g_`$3-ZlnaGq9mnk`ae0mh2Clye`
zl`uBikz@epBk$G}%}9TX^T`l^g%~e;){q7mI??r)J{XvJ-%J5qE!@bDk~&!#aPHgK
zDSt4ZIpsl*wEo&|)BXZ_hHUc~vvscE`?}gb$&%V<KOqx*-X-=YRxyaukp!xht1hEC
z*7{^dk+-3l-4pF!BanS0q5|9m@!X0l3*Mo(^sl5Qo_?qB{8MM15;O<_`VletX{2#M
zs;FgZ^eZvX@i|eZA{Ydkg`cLA2(EBb-a12`*5dA{UW`5?#W(uYF(2r5N$;4VlyL4I
zlncQmFAQaqbiMNvE+vPnq<^ai0Q%t)vJ=~m0pf4IocCkpLMWb!HC|t`pz8){i2JHB
z`pN4>J{nj~J~=7<0ezWRRk>Qk5=4##Rso`!1}jntAcO~ya^3h8CR~};8XoFGvUr*7
z{tF%aYxnf)Y4X>{Q@}0wNl@OxKpbg};uI&sp0kJJ%<(KiA+hD8^m=0WFlNRaj+tk3
zB=8pwqNH!M9850uK1bYIX1Z}&9{lVA=^%r9`q%&k^BB?an@2&^ogPG({yG|q^Pe4B
zLfmt~4uIm^gGar!UJIPX(GIVzv|CkCUX5?AxRUX;BPmgq&3UU;JyOA!o6xMGD36`5
zY4v}pD@Ly`8hqJino+#gCDzIVg>6Fmr6J!G*YjB-3fuGhb{zswPP})Z*olB>;4{s1
zzxZGhf$r}#^~l$1i9b;zGWI)n9g_NTn^IS0!Br`9y)%h1n5@s{7^t<?<yDPN&a1lF
zFwb~R3<cqVq|{ZHjdrHE<HKA>s5i>}9s<u+NA_IE?JU5Pdyp_4xIf@YeHuxA;yLAx
zg}D9Z0F-#y+xzFpyKzWLiz~CvLP9X*g^ElQ#k;F!=Au++{Ps;3%HtGJIO_TWdAF>A
ziyH)EOt2<jccT1o1tGRigJ4!mN_+O}2Sy&IbD5A|>&(r&g3AZy9Qo4l;2puc_i$s8
zF52`(XM8@Y@`FZQfBx8!kb1UBWGvhvmBCy>k{DH=CT7kg4vQ)(l)SYow|~MJ(u%W2
zIRL!|HA`?KSQ&+v=AcQdyBHyJ+j8X$LS0oNBdJC_F{d3XJ>~F=l6wwFnb;OPBX@?Z
z4(%uLm?Dm*XL}+&?yt9qm(LKPT_J(GCD&59_&(BiVEt23B2y19+?wd^clvzCTwGr1
z!`FpQH13Hsdp~TR=8xD`;&bAM|D=>Y|CLgHo#`hH_O*63`sW-(7HkJx)Oi1s^mIHz
zY1gA{X;OWG$AXU4eX`!XDqC<lUTSJjDpIlcTL6LIkC4|nShAr19RMY%A8!JHpz|IE
zu9q9gW7WFFR)4S9C#XEAOGSNZO+juHd`sP==(!aBgmF|ZAXXjU;{xgRM%KN$6u!>f
z&Nz5j&bslIj*s^pA};wQ)&uYus+AQ#*{OEkVGIzj-Rk(REf4EojjiEgV(^SJ;l%i!
zaCT#aI1u06>?e0Y2(R`5*9>aQ^oNh=B-Mn$R4B7JTse?Wm1`h1!7eeLWm~FX$L`Iw
zbQ9Ht&H^oHZ=nP{@l?>~0S*83sg6F-6T5Dcj-BfhuE;VWsx6U^iR_x)=b(n&gWz=b
zDO8`@xgm9l;DdnogwFhAN66z>2$S#TQw4#zfn8^V?<?nEA^uZqEw`A0fBix5qM6+L
zkF*ajhg*KXkP+(Jc{UyIUl9c2wv&vmKx(Q9Yy;vjGZT$2k7qsS_&>aHwlf(E8V>63
z=S~Yd6q{LdNfr4zVQC)fU{jvY_u<{JV-|hW#xCK){Mr>+pWrdv6D=KQX)-uv4;_rK
zc(Exs7p*!og4y}Guhypqe-DBwspJ}zT2c9x-Blw}%~nEF2C!Vj%WiB--R6<5*);J{
zw@09R^NT^^kE6`MK)5!B|AtyJ?ukR!92X|)g8Ss`<+78WP#>|r47GG(dE;0wkemoQ
z^zavpr$WO4UZ?$#*GZ37C%m9P!zWp2)yf>rA&atueOwed_7WFX7PZ*W@|M%ZSR+6O
z2xToDLu|HgPQQ-IEkwlq{_6tod`{#YSpi&_e1zGddIvZK7U-#S+v1wtdQHWzFJ3Kv
zIt7oAHgm36nL8fQFup<GCv{|cqmXqbz-N$mGE*6FEd=)emEf@*$vD7_D;L*J!+rBn
zpW>jJb2*#sqdS{7$M2u&Ym1^+oeFbgw%*8LoKiqrjsX(0S>t!sSina}y119GgnF?L
zmAYBgS3l%jgwhFU2V2wIed>*7%se!?`abgG_C$2$dE?2Zm%d#a%EAx+GIT)-dERoY
zF1v1LS$BtRk-E{6L{F$5F3GDG{^lbLjpv`ZwDKOSozI0c(iUab9G^<Ri*8wsx8Yll
z4Qt(a6n!as+mj8@@cp0)wit}o6ZovA6qw~yE=t)E{1ij)>>zu0oIEJ4rX0Vh`_4$=
zdeuhPIv@jU%lbzK24vhcD$FZN!9n}cM}J#v5U^l-xFcGfe#R*;_wo|?M|hpQr|MZi
zz*hTHg9UvEO_WJ$Tq&rzS`|od2dzl@PT!w7D=HmKvVGU@)X4c$D9G3~&caPCsKQdL
z(=J0e<e+vtZbq@iE?;av2pxlHW|!N`@JY=JHZ27oioQ_4(e_N^TWrf#1)g{YmsS;o
zokCmhVF6!fMgJe9dZ;X~vp;lq?PS$5kM&LY(O1(-0xj_yZ^owH3~rvQ2|auW62m~K
z)OAe!ApY^K*dHUc*WtvL-x+MZsz+)n9U(hD!EkW@(x%J2>fsONp8F44@ULFOFyBg7
z@z>McW7zl`{m8Nk{}$=}?na?{-GRe4p~H)jmb~4JuGxsa1y3f-{HI&k%6MOJgkl`$
zcjW9l7Qp1xJ4}{5Ai|V}OW4$EzyULXLdy#ApcekUuj3wcnVEKpyj?`p1a_YtaM!Ia
zvuys|KgEFDmBj_@*V??TAk$3{el@r=V<;Xk-4ETDhnB^}((0tlV_<dKF(<R;Vp&#6
zMFzF^A+0nVREJQ+0N|%9ATAb5qnhHe(Sq*%dg!Z4etzAHEJlJa&p2p-VkR$##VW5`
z@wX6BPx3WRz7G%$Nr~MO0?}gj;(~`lAuTU~5k4f|kV<%Tw84vAt%t%(Lp_(Ou9e5A
z>_MVitB)>zM}<Xw102NqCHqSx;6<13*6kFRa<##vm;hbPFwv542DXO5r^v1WmJmE(
z4a@B>jX^}E9Ai<RZvNi*K8oet!cR?K%a*z}qnsAH=Ffwhe;QAVf<a`eM=t#$UtP--
zW7L<9)HZ6%=X@_{zserDmP=m=K8eT)uYIMmSQ>8rGF@ME93pd;;i9%eD^M7(eAT?A
zRwbSeY9fA<xdmAIRs~+y-y^enV*MA8<l5cCkx%Rzfb^A9cBVZY%Zi%UkzaG#=y;|z
zc<3l6+2_;Ib2enO{g2Gn{~2Ssn{phR-k;$)+V_<s0^4X<Q67_wwBdc~yxOKRuREBg
z8Ils}(4zOVjZg+|qL*YLEDo+Et*n5s;>&D81J8crV~yM&{UB*QQstyYjjW-0OQ+_&
z-0+$v_-Y`F(vtLYNZ(}+fs;vbXMQMjeA_tCYKo4?$}ex(I&FG9GT*cy4qiOj?B(lH
zeLI-Kp9(XI1<Yk3hoNGqLoauugGtV$9bLfPAtnA;0&t#V<+zmwawl&)te>$FBymly
z(WU}kM9=q{@6qZix_i#nBn&wqRWS52yvu*veBud)Z>@}FS$(AE^sk$2@-8(JwL^Vt
z{_95tU=u8KEO%s0N4jR`l=cu7_H@j5QJxMc7@Eqp7>DC~c911YwTnMsC+-};gE!Kn
zyBUH`Smc&(54BYLXGaGU*`ov3FY75xq9S}2rETyEb$bvZ@zMTXXX&2>jViK$0}f^-
z^X<9f6~oaL#+f?-;eFqx?OyP;EWVKp)x2j)@^P$;^(-kF?Jd52OK|yb8fL@4Bwm-5
zsOKEuUclHs&j3?#+MEYrqcoS#GmzC!GTW70l!P!B3MJ(io_Dc4{j)Kn*DxG!hO_yF
z8aq3wE}qWP`z!1Vdr7b9l@B{e>50uEdb!M9!SWE9QwCN=;jV)3q$21ie#;k!lx!K)
zUKP?t5F`~8JQ+7O?NpV1BPgC&=?686ZluE$<Z;fjeoQWt2;fO;EIz;}C2eod$NOOv
zwe(bvFn9Iu8@z&&uhSvP#W(Xl?{^|zLw(~uq?9G3pa(xBkHH?C6t?sEO)Rxb5SSni
zy1o4zQFgn`!Y{q`aX-lZ;CGg~?8F<FeCYF}NdN$5tnA3vp0crwYV0Y<Q9YSlN!kk-
zSbA{0u}rQfzU0Q4;#v5a-#qW6%1D{NAFe|bF+^{`a-Iu)C|8mg=8b-GFf>l9o{(RZ
z%vEy6hL3c(HDLYOU;2K}t<r^mxLVB2F`d)R3iA^8Br_ON-K1ZVcT*B1&Ax7M(`*C`
z-D*z7o3;GB(!ah(BRU@X>gr@=3BLG42RsaT&Ev(ySNJ*i3Rgl~%2U`dJFiTmx7i+c
zMqNcCsGV*7un*HYacSfa^z^ReEW@!YVPAg@RE^Cb^I<szMLY6j_!M^)`6wD|w^~)6
zF_VT{6HG^5_);A|3apaZ(u?`wz#JOSd8mwdGegN4)7C0olx5?Y7>_EmQxJ%x9mZEt
zu<xF|JI9YszdbcZq_Wu^+(_4Eak2gt6lRkzh%CcQhmnsmw3phD`?yq=Z***wRa1Pp
zr#7d3hG86vq!%koT`$K>>bJbdvAwhIvzC)<aoX9xmNY=eV)HBeeT(B`vzM=o<QA@v
z6!bMd-k<>fxbBc0z*P+Rh*2=`PAO#%A&dq0s!`ueAhQg(IdTMmJ$(3|44UabpGp2l
zMffk+R@xfg)tV)4Qn%w*s$gY#CTv;@)7m6U=oLKrjjhHlc{J=}S~z3(fR{~LxpA1g
z@lKlx)?#-Ffw6m75mHEx@g`%l7>3_qdFSwECT6gx1HpjltDkkvZgS}<_v+(^_Pq<*
z5uM<MOD7HikTV9aJVguv;X`okMeA`;D}Qj`PoBN*6BHONS8pam%Dqh#Gu*0Ll7b#3
z!=fYNK)0<?EHd(k73WX6&U*lMettS&WQw7xn5k1c?$lx`{H={Z8L&54>5ax_VodvP
zEPx2&WV@vLq5^qMTK6g~j89!v4tb@xfP0Gu<|jVPRpQqHi%O~Qbx;QPIoM9Oiq#-p
zqXoG8rfDe$yk?LYV(64R$DR4;l&g&<#Wy1}Y!iPN)H<FVgvdDhd7aG!9N)F?Tek6F
zlmBcvpgMMG<Fewx&7%=*K7OX|KW_L09o|RPp1e1!oA<=aU9&HX`ZmI2l=^l7N=5BT
z)g^IHpzQ2CK@}69I5rNrx>>Jg1#zSdG~PZr;q`;gPzFF#0DWH&TXoR!v5p0t35JvE
zjkgs)Yfmjod*{nn<TFK`I5t)N&Gl#F)3{UP>o+u+r#s$A-fN&w>~k)26w_4ERhWVU
zAY^V3@%tisiP=2U-!%Zr;j&jk(c9Qlxkp$Gk?&7~c-KG(23Jg)sD5DUDRZQSplPCy
zNq6(5J3-uB=~hV1T<m3^W<M5oLj$PveBrDc=G!HEOWR2TW3zU4T~14*A(n!*NEs>%
zA1w1?3DV9PIb5kaPMYaT5Ir~*U4f7MFi2}0e>T$QmH<EGH13T|wDexcC{HicENqcL
zTf~**f2H%?{qU)j+CtR%hoRH5a|Ilm?{stiwKxeNVZwG$#dU^~#Gw^GlI8Gr;KP$|
zHUDz8jTn=YLt{9(5ejtGO)WLwU~&K|-BBVb{w%x=Ed4HoFBEILl=YCM@F_}iuH~tM
zo#o5h=V?r_6k3!5@M4Si)$-719$A;`db(R-rF<n@(no%bIc@)n;!mm7xN%sAJKl0O
z%}MUQDQ9(%80b8MiqzIAy90erg3s=}cK${3#dzy?T{|E98i=~@zt;km7rZ|=^dbIx
zsaL*TWSeZxThMzAH0<G7H4M%TeShbiFq2hdU;M|&Ie)Iny>f0uZNjWK_&gJ+<G$eE
zqc}OK36qYz|NLiLJFn)Yd>N%Y$4oi^`c9Q?SSsObdZneD3{(0qfS|d-EADX8+mhs<
z7xtc|Hz|s~a*Exp{e-|WxL7S26roZ{yp|Lf$MPW!Uu?DYsQ_@*M%Xp8N)yBr<|m-b
z$`C|pKD^Hv+hjB>`Nf1&hMzWS#M%j%>X%Edt7~Vb@uQ|uz&@oyUpKgNbS#$C5_OdJ
zb!}^F=KJ#CcpviPbi|E54Gbt1jr@6*d9_?(BqpZ0-|dXG8F02JpdVN76u&7uJ7hAb
z&{&syIn_9~yXa3#P$Cp>jGoD$W0dm8+*zSp=JnXM;|ebSl>!}I2z2Nv*y?+|)H{f?
zzIZ`fHB!dtd69szIK}}OUb*WKi-;rtJ?0_FZul37*d3bDS;s1p3u%`OW3c{7WY#*|
zmL9gxpXT$`gIjWJOL<CCeMjGDimOTTxPSf}aR>8tSZ9E4saf8icqHIXLG^<+d^4z^
zg6xQh8xE0e;stoWj#3?)>dp1<YB;ZVT-B;V@+?#xVt{BmWX&aoX6jZViz+@mue|l<
zF8EvOdh*p0X(Ir$?(=GrUwu`T&E&{*m@${nKBCMqx7W>h6-mT2g~y$^KUd4zhmz|R
z1JbghMbJM%Rr5dCAfT*!wei#-C}`KO^2jMzzbLi-&q%A$OaEhV6>#Jr^QPAxo<W8@
z{)IjMm9Kqb;KPP$UjNg`<B>^SlX)2|KfwPra&_gU+(a{C?bI*y+~J9$X>Ey@mMdrm
z&q!W_j<a11;0kwF<R4<FTf`8e?M;t%i}!r!y9o{1$d@sU*iG^_JGOuGN*E%gkE%Bd
zy4o^lF=K^@gy-bkkL#qKZ&t3bOB?1`%X@SJM}Yq5?njHP<k?_4b0FL6-M)av@_%Vr
zYcfL73OY2sh%E~7I20M4i&1}bJrjuW^=v%_!MzQD=kjWko*}a_8|>g7li|`&7u64|
zz1QvaCW+}ovB5)(YlHs?-Td~nPx`~+|I$5~lF)1R{>y9+Rmv4$yalB7hJTR?*74~B
zuxnv?g%8>U;a0uQDMOP*mV5%-P3wO6<pHS9;r{lJh0jxTvX-b|E?0l)aDD*sv#Hj{
z^`Z8CB_O^7emU;FZTadVztqclsG!K##j9;!@)J_o8C0X}&Vo2;JJdgml^J-{NXsy<
z>;m$@t@gLhh!Q((YEn*}t15<_p$62R+7@zS5?fO=*o29hr87zEsPK^-#}K0b_u&&W
z`26u(3kM+nU>4Yij(!O5TV&u$|1hKIm#;;F0sAgB%K9E?*d8f6E;sZ!Yy2k{@9M1U
zgmtir8;CmC3+UB__wNb>^uJH?*?6NLc1_9>#iVHugvPz5l>9fYD0OkoH@CR27t0-K
zv;_2q!n>YWgx+~&DOdMnB-*=6h2sIYCTm?pHgKkV5f`eVIZ{y>FJ9JB%VDD8sM;_a
z&c&|K^rDHnjVHDN<0|N{*)}d&_PyZ222*<=R^9x?H*X(alg`PTTB3J>PLMXWxS#IP
zE$XqOz^`P)aQ+EbV#&uERHi<U;9VfWy~zDK*4glp|1)je#IFFBjzWl=+m=ubmcF0!
zODp3|-4Z{&dFq@7J;KwY*@_SKE4rE0KLS7y?%8x~?QG%mCF2cJ{r7vr{i=M9T!Nej
z=Ew3sTj^K=$K6*f-&tYXa;m@EdzRzsF=Dy^1)54g>L0Cg)pw$)KEdowu4*EmO_>VZ
z-qtO%Wx9F;1=DXgmsmn7_0uxWd_>*y2IWfD4kY+&_<vRKKgoTnL#^O0ccdNf`jXzS
zwnLrVjJ0A%QvfHsC)=q$`&Mqjcr`z*FH{=yhxmqk{?Ten;sIW%qfZ}tcK>S%3;;Yw
zUrqcsnftet@b6sVqnG`5@Ab-ywF7!wTsuLKN_eBtvA~^)Y!H`3+3UyWvlK7HQE^|!
zCO~0oAE=2rdr~mB;Q@0<^0uf@R1=5^v&+w}+O|uqfJt+u*#DdYj+hlGgOiSyx?R+n
z9v`pb0Kw?<7+@61%q)lCF<W5WAL#&VwbvOSRiC?~YYcLpma*3WT23ou(FI^EEM0KQ
znU7ma{v^zITSLA#=P!|$v{*VaX7LJ%)DSjw_VSOq8K!5wdBvg|_h%6svt{#>P;p3A
zaqX52b~zenqgeVjF$jZ#KPT@VxI1r>hUMcK=Zo94ZMhk^Ed1COZl$bMrT~Hi)(v_Y
zI56NQ89g{?h17L3_ASMHgUC0ToF+B9hw`eSN^<2bD>>`(nJQBfni%W}W7^$z5f8f<
zBeDFNEbL&zBvf$QLIXLPI+BPmUavrosdC*2I!NITCC%ges07_B!zGps*$@^t(+>i-
z1qxRvB$k<!T_X`lOl%Qc2A0<2(Qr^A?AEAHqwq?W91Cbg2WcKjmkhJj$r=_ucgp3L
z#mzh5gY*}^RFk4U&9Pi*h_-X@W${Rh{$$}M{25_ro?c5lJ%0B!c#?Kt+YA3}g*RkZ
zyopFHtgwy<Q=&elct&&~UTBFVb*n8J`v@+1cJdFsW20Ttx^^0<XY8g-Ul~#YGXO$f
zdEADv=SlA16Rq%DW>b7K$AaX`lu*6*L&kEHJ1t-VVDZD}$){mXFfxzv+<ss{@1~HE
zTZDFAmB-p^=Ag=sVrDJDS9)X1S(MKWocptu)!^illVRtzO<^TVoXfyK9JMgnkg$L^
zJuuYU&kUUnb?v3IT}&76<OoC^*j_{SYHX~?v&@+*KHLn*Rh2OB&o(y7d77K192+dZ
z&?)NfA^qj9C<O}ta6g9IyV$ghW!1eZi&S81NmmBSB@+AX<A6}X^2TjGs0w>h1S+<h
zRnQf$Pit5Fwzbnw{NufH=DWy)h0wE{{!mXbgzsb!ruau+;p4EAdm?D~{35)uZ!}&O
zw-3M9^X)+S*wl@i6!I=87gY`$c8rn*zj@pMNb-s<8x~y=8T{P-%zxOLNlh;ULiYtE
z2V<kIP3_9GT2<^dT+gq1$ZhSL??hZU*UTe3n7y*q{O&=$LzGxL?iuLHWvWeNtBplF
zjn>lFKnewH>nhuH_Q0-^CwrWb2CLgC>eV((ulBiki{JRDC4Kf;Y=#SN?DMjpZ~IMD
zSrkA>?25^RPW{min_bGg3D%`vKZ$5Z9qXy2oMzGo%pq<9jlOR=oWo>G?&rN@X)lA?
z*m}>W+47g)*UB``0bm$ZJZ<oH55y2_XjZvB0L%@Y8CfWO(H*MZCGZIl5r0l=9xKWI
zCLH($9qznKvU<-lUyDj9%y>10XVysjuvY`NwtUla@09iM1;xIDPfg&Mer)<-w19el
zJ}<V|QcR3Xcc`UD+5OV6Sg>T5cD~uxG6PioG-uCCTW$cQn~T8;37M0Lo$=-!E$_Cj
z8<x|hvX^Xoa~+#c#<c7@L7p%h<1_RW4pJy!0~PPIKzs+kAmzbN`Rw}htNj$~TAV`r
z5bhpyw*gJh{=1Vw{Fd<aZ;i63jlmn_eI9nzq)>7m&kQI3m)X-;-PVk$CR{{ZQ}kui
z;Zo4fZq!oEe?(N)mPggtbL}WC>;D(A6Zlr@=pwI>H%7l8(Oc`mo*j(|n!wp6<~%F7
z4QoR)N!q!EXs8-!{Fvjh*b}qAx20T~Be7(7G8ATOp}12&IYp@ffgO?jAHA%AXV=ZY
zzp_;*f>PxMgd0KbkA&95Um6&n|3dk0Ni01u|3W|2T(z--*I%B`7x9rxiluReYxzfp
z9GAw(eTD?kb1sJJMB^jTfXsPkK(RJNAhxAKvBkcoDZEPKwCGTy(Jimg*Y$iIF(SPh
z0bf_ROI;zZYs<k_azom{UhsPm^aKw%$0|b_ob>k-6t#q~LB_vcxC7%XV@Q3k`YA3h
z!RA2LEyOTRx-HwS9zf_yu3%X2_~t^DJwl>w&}HFc1K`NsiOI!pY68!CL=;|}7_ZE3
zrzM`5kte)iyDZ{%@Ss!AQ8>u%_ARb&k<ip?TSY@|(d*3btUNsl7dUG2vm-U`yeZPc
zrB(oPq&Lb^Q`iAZ1;$ftI6};8)u<MpnBy|JJ0qtTKm9F{uqAn}J2yVVA?TYrL0oJf
z@@dz;se_xsxCgzxanLYXy45L78-9+mBeq{H-4VjFOpL2oe6*Xn5B6mx2eeqgfLmNJ
zxPr^1aC)FbrUL_@E+73Ns+$Ybkt)fM#h&$mi%fI;l8cO;`~m1z8khZQi#K{n_3nx<
zWJSL6F%+VJ2heyfFa#~;*^x~$!hY$IMM8+3Z)6p>WdU1r?=wkSoLmmHv6(7q@@q$P
zh!8dsre)5X6W&xZmr=ym#GNKD6Y{SAp`jK;+J=1SRgF*YZubWVnqB<qKR4ObzvZ6I
zkM!nQCG>IC%(q@qP=H-UdwZe)6_Nc93&qzC%c7|~x_rp5$ZmGd+O4ua*_9uf?x9cp
zQJ6HIs@zl3RlF>dpxL-@FrN-mPt3G2*ZzZ0l8Yc;dcGXR>-y$eAg*VE{^1wUy1Ix`
z|9AfP-giC;oP(~G_nJ|kwqFpZdMJ0pba$-ur6SAcijwlb?JgU5;KOM^8Wc|KF8^^a
zA&>?(0lP`#!o{la16`=B_bpJk#hHNFyiH~-xRr+c_(KD<96-HKZ)d#%Vh6TxskhVg
z@63GmtZJ6+<m#0nqlnl^knAJ~O$0o=@Ku;K5xJ#-s{Mvl0YSY?%3b{j76s*pq_jP0
z_1#pMn~UBtL>}GZw=^=6YRw)rlq@)*CJW&Ptof}iM${QNnwa7ydv=ZlMPA^{K#flq
z<tToZ7<UtG-<)<Q->VuAcLTT8Tnab5`Z0h%UvP#x+I8B~kGTG(BdT^cssVg<Xz-b+
ziassj;LLpgW$u<-zn2K-+3Q44E2*qa{bqjTXteDK<?_xm#)-Blxa^2l$(K{Nz;k6T
z#j22P7tK44@%W%!rG1qrkLrgzJL%GqxZ*&=D<d!MMWz?@?fPTOI;+;R)}Zt^Ag(7x
zVJ%vU2|{*1n+?5$LG}u51^0b9*?C?kMBgWz3jrDI@yx0Sxg8wuROXuTv%@~F*}lZX
zqUk;>1><Wda?hYhAxX!0r}0?cUk0B7O=6nB(odhR(}eh}WCU8UWf0g6uDq74dG<a~
z@x8h*pUT;rI6+`+#jy0^96p-O{(=NVjcRX^z<I+B<h-b80kK1Kh=;2R5s2xK+^<3&
zFcI3~6jONaE42QOV)f)*tzWe9HOQYJ#6dd<Sbh#b>{D&k&ztVmueS@(HDT;~VX@Yt
ztZO1I^35}K4R3oVR=<Ncy{^>~c8~dE9*@#j^X6J_+n<Tl_~sHsfO`j*gV}H=6P?)I
zZSB@9j9<BZ4GvFwBP}1!c;_{I>nxblOVPG}0kj|EtN3g};-k}tN2PHzo|M;BHFfuO
zbUjB{r4$zTx%Q6(?htmj!m!1SeG_gEMs~lWL-+1tdG~hw=K9ecP<T>HFbH)3NDehU
z2c8;Csi=Po|Jk0y*7jggL}9|~68e`D(3VB8DdV!b+V2bvc4!84x64rKH*xEWi1?hQ
zliVl2fRy;$Nb%;tRX?F#^@B7q<f2rYY_ORzbB9L`Y}*nPDSIkt(9zOq_=4AQzG783
zUAKEXLQ>|4G?@>H_m&!lM=Njom+P*eP<c>fcQk%aCB({ITJnt4P~}TuP-W2hlD-N-
zU4eI%AT!)r5ejuiA1~%Clb*S`|2n;SaO-iJPzN;34V$t*yc+OiL*?5*S$KNIg3hth
z`b}qm8n;^Sl;9Lfn)-;}y%!9sv~qbMykSTw0qm--0aVDx<1qDpyTY4G?g0P5MJolj
znvO3I=Cz3NM&B-`I<Gnl<gBK@Z=nG(`><`}bw2ZK8!J+FBVNA(ju7l8k3&y&g=feY
zQf{3daoHelASTs|m69U@THs+(5-&5tUIvCvq8C1S%}Ec18B#-sQxFRx!>F@!qM?_G
zwgyG6Slz#iu@e{wnOvPw94DeHyou|nieSlPi-}bXz#-v>@5a@f=M77gkWI+aE451>
zJH7eP3O_8gcU{X{qHp8Q^>>nS)Z5?~=WcM(yPuLyo;u$csqd=Xj}^BecnzZMf!P$p
z(QZ<f*tHWFl6g`AlStD?fe{VKd?ijZCPOvx@fE-vqR|>E%7#u4b1kcdeg{-c^V;5g
zJ6RnFtd><jLxyq0#Pdq(B!~F?nnlSZz)-Y41owAJxWs!>A@2GT`?(7W3U;JtW!%6N
z@_*Q+Mkw_09l9%}no6`|5S*309;f9#!~VCizPgRSmN2Ji`ywR+?Tji_Z7WxJ#TQ8D
z6Z`*0tVQZ4*34&*{i37eBe$=FTMU3?o_K5s>VXPT190eojmV5*C<mp|)$pzf+XVGx
zaXVPs#$qndQKHL2#+u)`e8gqRQ-W{8XKLJC!xon0q;|b5JJ&d{G1Pl>yR!yIOsH(A
zP(BIIa+O%%rQL#0h=OU!h2id@;9srP12DH%7&s_oAD_^)am}BN>Ev`#UxMr6r)wtP
zaaA%u-&<{qR_Aav!~*{-b~(G#stVWKk%t8Y>Sk^(9tA5C_*-sM!_Jbf(=z<QWa@aJ
zEwcuH69L-dg|<(N@2sWfIkqxRdo14WKWOx!$MO5ppDJKkDLbcwvhJU&MMp;ZjAL7U
zE0IXF^tq(-)OI&}hZjwhqcMv?9rtLu<ak)|&Y5($+?#G8nN$vW;MAAIon8l|*UP+|
zR#2*$U&_jc2_NudF{w}<_8~9nim$fPkJ#NFAMEKg9v4qgEr%A5jY`cByx+Wfj=QAk
zpWgOl)}1dsH2wIWKS({UtH$)1AJ!;e-}vwTM<l|3%R1WKKf54>n#`SJRNQuW7wo?W
zHIlgSJFCl`8#2nSisjV5KjXfAhj}Jw*|(~O;x0en!uN5QdZ@k?s2(nNNkRMRrlI~d
zSb1d7f%dSDR)FpGN#g0E@`oZb=PF4L>Kkhc1|$_M!*}D1n|Xa2A%qU@nb$_Ny@e0y
zGr=|qR_g~V8}GDc7c-T2nY41+8b#jTrg&^;s8EOzJq7dc&U7j?tg~crhWGpbKDgkk
z5q%kyn!f2UqG&or{xu<h<vN#i8o0HQ<Oki9sM^7m$TWH>1p=p-wS77qJgk%zVlt)V
z=N_meA6gq~zbk&C)G<Bz_)?AiNx}Dk;l+(<Ylr@=+wnq*PJ~a_s)_STcdUd7CNAGG
zo6}X<sTFiQrj+GvChjt%`^?+w%aD~`0?3UfizMXu-E4X1`V1g|2in=ehej^eyT`=E
zj?rCY1x)Kaoeu&hUL>R*_{6c9?GqCMY^vlbYYQVDq6pZ`>q7lY>ccm#B#m*S3Rrv9
z&N=X*oUbM3$Gh>QSqhJkqZ!B`$6Xm2>>cvuHF0aiu78#EB=qu8k{2cpa_g)L_*=2)
zwtJq$=!h~D6S^PrPsVo@U-p~OPdTIAqS>#kmFkj7P4<?k$sTtzDSNi`G;{gflpn9A
z!D=(<>_+2Y+MQt5I`U(4d}N$rq@I(!*qED#jOQ8y;_hICCf4+Yy<vg|_pJ@$PYm(>
z)%CmjTz@PT9rwzQ%4^<0Tf6B?i}ip8;5Q}JIBMH;?wud`z6`U8JZbtJ9!?!nw&*U9
zGKke`K0UDE8w(-GZDn28nQ`B%Wnrb=+QKuMWJg_gKMhlGKyJ+_5Xu%Uu6?EfI(CU~
zq)ThWuAOotI%73uDn`se6Vv+*e3^moTlyGO9__L2TbD|UkHjp5iHyPrs-IOlc3a!J
z^*4Yz3?ESr#`<@}@`4t#=wE}qxU!z}e#*&GNLriaO*^yL95?M|+j%)!U*vms8kbj9
zjFXw=yV<f8m~}Jx;l0=eWmn2erY)J(Asa=kcIck_6eKck%l(e;P$TP2JJKU_ymBmz
zQ?br7Tt;C%@N;*esUo8G=Ono3?^}_<Asdazbd#8Dg*O0j;LJ}*7p!9QC9la6P7mO*
zLgX*?-QD^HGLhY%&=;ht$E``*FJSc?fNwC%ca1bF%i<M`h1YrR53H_r;Z0w$xc2~c
zF)rEn<2x`+HML1S`(NiXeW#%%?!!dy+m(M4y)Pov`+5gDK2_faZgximoT~x1Y-PtR
zq1Ijt07J(<icP@%&-x?xpKL^aU<!Gmc&4|5Im<4R+1;t5GVJ;Us%TT>GDhKH=rdn=
zkFC>`vKoP9k1FWOa<9S91GZ*R(uuGQZLREA5_dzJ4z3b;&fa)906RTkS>IFCo52Z+
zv!9Zmv}VyJ|Dv}7M`VL9HVM}yb2pI2d>!6h(G{azSKbUYm`r%iU$?v)X9h+D6p41r
zQJO8fwNCkN#PRY~1?8FrW<YXn45v|&K?gSEsQ}!mM4zRB6bGZEMO(?egXtG9zcFtP
zeez!Pwe{F=)(^Wv^$=PlJrw(v%5y&tQAV8rIg=W>ByN|XGe{IBxn04l`+cYlErn8i
zNKk+_{9B-6AM0KoROBn~RIB-jVx69e&2#;rkGm5D@C<ta*FFmYYcF1uC6Iq&Q&K4=
zSFkt-S{^08|0Mh*FrhTED+}}r^~Bb^5-Pa1ds^b^Tc0`UaZ&&*wy<#uc55nPx2J;B
zgK>A~=97ft1>M_pHWTwp+=ac-O{aSXWBjzr#kTU5%a5Jfl4-5sUD{@LfsEaYGUcYb
zMmcBi?j7;*_qB0FH$2_Ame?uO!0|GZ1swDDAlKNIFp<Iha1+iOY1Aw&uv^6IAijZ4
z1Ad|mH`zlt9~{)+vE+;DMR(6Om3f9Pf%OY&m&!k{^W>Y}|2;n#{q!o9^@#5SMjv@>
zMCS$%{C<|<;9$)!w-7%|{9mn|cT`jPzQq*~1Q81YIw+_h%zzS_bciU5C{>Dx6fqD4
zq$ouokRT|iC<sWeD!oILPD1ZR>7fOsgx*3z0x9nVb?$w4=H0v2doTZIt*o<7&iVZI
z{(kr7zx8O*?#<Sx&eI=WHQbB%o!!3OD`C{T4KrFFFBx=z8nv}ud2%aQ%dnL_HczZV
zt77k0<gn`_$M5asHah1_;~<D|;B1KV7*>Vg9ih1(@0xDlaeM1%tKaQ-2e~FT2nHVp
z><4Bv*NK>w7R|Icqm|TFE=7Tm8AyzMXxJL#W?0%j$dW*q2&I3WuE<1gLv4&C7oEQ6
z_nbkhKI+2>g>gI>cy6`0tc<D~3A2~^IP>WNT=mOD%=zO9`XN;VU~zd^Kx=`(r>t5~
zB=UqqJDLAUVI0uB%cucdveddgHRjXl0F=t&<8S=FLg9Dt&ciY&lkbQz6KkX_2aEKf
z2wN4HKHY*h12aY*uRsFfp6A)t0}7e>>^T&f58$^;hB|KEPzqj$zwDs?-n*pb!`0>2
zGaTbJQ!R!r2BKH!zyl`y09xzhb!ZRWbF6T1ihy^{*yxPOr%@qYXaVIGY(c5rE(sob
zCbavv_`!Zlo4?pE_F|YNy?mynFvW<K`4op%={WnW4cP((JLY#kv+TK(m7Il|R@fo?
zYx1KuR|%6fDY+Y)-_maz*;ZyZyJtawAV&LUrQHhX^V}j3KbfLs9(nF^Sc}$4hwf(+
zeX%eaduQBJZpXv?`ko8}zISu5I^)(WMfxj^_*QuTj==-R@U`_vL&3FMA1kA~73nV9
zE@yN0{~WR~p6JvTN@RI!l6fw00SzlcW^;jjSt%n6v*u6y@mtJ+vkmboNbx)A(wNPN
zxD7b_4Lg>Jopyk~#A$c(lis#(qZKTQ7Rfi+*mYggQTi<@g)%8^mMFybJ6}962ESDZ
zs|6k|O;)9HiwZ^3om#W2yBN5AqqG~=lT5EEpJB6cLhnBh#uaDB;FX}bSeM3awi$Dj
zX2E(g{wC-5LguG#o+oxn&v^PADfN@W%S|=(q%64^3WMo4b)GojZ4$h*uk)@^^SB-h
z$Ev(`65EgUaKAR0tVvg4O{m$rD3XLw0BlG|pt25QZ63(%%e7w|RK(x~0f*@&cBH1`
zmXzrQL5YjOCy_^RFL37mGGUJfap{KT;Ovfju4dtWaFzn8?B<rlhKW^|3eWN3z||o0
zk7;d`14C^-qEz_l50`h{0_*ddMX^D~22nc(HFddM=IKJI)w5bg(64pVj6}LD%5Lk-
zHBhdWlfOrgZ6z!k;J0f+P?49{K8@*|cf#m|2PK4~{EijYcBUPDI2&ITcfnw0L!e>b
z_^jl4aza~1)xm%l98G_Q+d+P{D*jVY0AP@`p4qaX9G@B;$E~Lu&TZNd^1LZ6v)|Uk
zz5|pu@u~5R=!cR>&A^|^-svsvk)ftuUpC_}TL~)Njb#Ep<D{BPva$fUhMzr!IksWD
zlme%$zwxrIeSIsf$`fWzq70~vAc9}x&X8%k$G$gfzMN3|Q|^l{WRG?;9<H`ku;HnE
zK?vb3qq29{y^HwIL^xgP<+)!88@_1R@69idl9d1URfJlz_P03LjY4k6`Ix-jmH5W_
zIIl&Xb`&3RrlfOE16olnGNoc~i?7}u62=LvK1%_u^&Nnwb@`lZcsM3FC}cNA+OJir
z=d;IsNa}EwnfkjGDOnupcw77Js3|)!Qvv1CYEP}J56MlzuC-=F<gh>XTa_JH3es`T
zm-@ZY31QuWZ7rLNYby8Z7l7U$iKd$R)xOrg6wuVPZ0I@`58sVuRU3yi^QzH>1uzeL
zz%a7xNlxsl{8_OJj0e-)>j;n+`!5+V`G1lD6YkA|6lyr{)S0oc6BAp+jIb|PZ$J4K
z#z#S)4Yq6U{`Sr+M*B0rxz0&t<|ka6seRSNs&S6}qpa;Qem6?|42Xa}m>MvX7?v!F
zQCg+FE7@3S5bgluXFOFxg4ZH{!v{@qS9@49$@z{JG-lrzFB7a!;xjYcXZ~$RFN9wZ
z1&?>}!LIY8sn3^z)(;^xUNcA*r%&z&mcA#4<I*q<KcY>0bgq3QRI-LK;tb73*KWlS
zu3Z`-v(0PU5H_D&nY98E=LX}^+2)sfT*wkCRYQujWqcznRKpLAnKCgy-q?bZxABv3
zuD;Mkm>;#H4^-dOi1M!!4hLSU1QV0#+BXQN2`y1ipTz@J{D`46q?vSi+=c8`8WSRq
z03}uytE@fW-o}_{%jtOMbz&K+V9uNsdL+&=DDkP@Sxnt~-*8Z{GCgSsCIcy(5|!80
zU$nceW@MXY5m0zF*5%D1{kow8e9$R&BvtonI`Af*vMR1G(2w;8LIr#<qkKASZrB#*
z8iBzQ)w=5hCQA1F8TkaLQwj$yo(5Z4?)mI{u}iPJfm_nYoOHPGqks-k=FmAW<C&eG
zGU9!WRWxZmd@-|C%_q0HYh>jlOmdOr(G-Okp?;+93W#0zpynD$;GJ$-y&Fv>1f5$@
zB0WG(xpJ=m=VGt-bt6IdRQ^$;J@WPe-uW5mCv953{+6F+IEcO7SVlb((3Hu|thw3%
zAxiuGs60uuva>YIZc4%$^O@zD@bzjKrHG;%gBB!k+eZmhXjr6uO}_FHZm0PTpM9a;
zzvIdBx~Nz$Lz(D<C+h^1?-@kDc_R2ht+-O4ob()BQV<YI2@nU{KPEAB!<UBPa&g7{
z;~+X&{sy$uBH8FTLo>vd-7HEMC)7bxZ=ER$yzG){e_Jlid+Jm<TVWhW17_4+l2=|W
ze`&eT7aec6@3Ms#vDd;!)du5mH^pg-1qrm`edej9u!5=DO!II3@~6#E-M&G3feT8q
z*AM@3B9JIVLgg%J)kbQM(L%83M~k96t^8hHh3qaI{3f*0@^$OKP$v=l|3jTH26dt?
znrD8X7k71g-%1`7ng`OtjP3x>&vVvd8_rNM9TV-_CRb!G@WIx?SpWk-jw@0X&Dj#(
zUTq_jl$Ru*`!2vHHoAkaOrF_xJa^cZ>8ebY|C*5d$8n><bNVL{ydqzA*zeU43j<|s
zKLr+xN>I<PdYsqjUN%hhAK)AWO`-gy_2W*!_@cc_t+cD>k36hZuMQ1fTYS6ohnobw
z-X(A6Ohd*IW9ADEe!?#(nmig+>IP>Y?SPzp0|*C_1+BZj)VE`K<x#S~<i~Z=|4Dv4
zS4V(dKUb;dZ3aDT&}1#C_3oLhZFSedppCXy&uQ&2Ka0?v1L@gV7HyNLv9vM&xjPTb
z%P)EqiSUqDZx}XbTq?TdCnGHuyCL^=!1kV6CKEdX**&@rj-QSJau>GqI*lcfX7}HZ
z#sq$bqx_Bv4v*@*LB_xM&AKBd?=wq?+tRCd9F0pugQ~CvQaQ6Rsx!VDDypLPooLlb
z8YV<SM@-}foidVgPnemLGcn-ejVyl?3)1K8PUj*bB%Uj}-3i#gO|1dlk(7JS`y>}(
z;!I=-2Nu~4o?3|jA?)w)@++1yhnN!_i=4HFYa$AoD+sXzgCTu@?500P2KR56qGg!J
zXF<D1Ui)MFZ3Kiv9ure(Rp+&l75FMQJDGegO|I|ztk@)a`(0RhX9>22F){7Wu^L9x
z=?#ezSXHQ+iS6kx)~{^tUJ=KOkrWEs>Dvh%F@CScP^Xb_$m-(&$h_p-UsyDhJarp_
zd7e+}zI!%$wQJZckfSjT6Sq0$aB(!x(qELRBL<o&=pFyj-m~RIU7mL*E#!n?75vVY
zLJnbnvel!Rln3-@yF^N)g$Q-cK^vUaE(C7D3)=gFV=N7#<}-fldmoz5mYaTJad%;>
z7-(-Jbk&yL9@Cy&IVJiiOOe}053)iQm9%5k%~OAP3ByRf(dxSkAo?FG6cCsF*&Tyb
z&G+ELL1AG#aCTpCj$>0Io}NJ$`S42rXIAJ;SEp>f)*gEgGwCc^6`OLx!dksuZDGE1
zw+EX70xbDJEw4?cD#BPSQU?^rw;GcQ;2sp5_Mw`Go;Rp_-Ii*VC^1Z+qzAI#P_l&Q
zN;KajvNmyp+SjrU8ihthMn3H-=3FIux8DZnQuV1i@e|ESKF@n|@?}w;%NR-j(P)ef
zm6Ea!1f%dp<l`rhI0R79<wGLoUnrs^wq#g#FUBT8P*OV}&uYyAg3PFRo*#Hup}gV;
zZ*oHPZm^G{Y({zEG@F!!v+g?`x_^VISuF)0Wtg^9wsBI!OEra3^OS}*YBWFpn7xuG
zDrB^D(@f`XS$A79oe=^~8C<c5epT1LWaYr62o>r+(o?a=PGBmp=VqoW;#N%E<fpSc
zlr@mhI4Ra`c!zpnXo4TMHlF90CQ@cz?V6PLWOC>EiyJ|^_BKQ@ph-6GRnA!0Lf5N>
zT4SY%cE@B5Ti#RJp#s1mxjl@bD?ZpPiML@h-7?RpvWo*EHDvEYBOYjUj6eGlJ$}r-
z{KWjI<~m2GwpbmsfCe4Wi0XlHW>$4s3$MvXc6syfI}*kDk3FFOq*LM;I^`ju-XzL{
zVO=qac|`&#Y<+nu%&Y<HlbnB}Ax7o5>4_x2S)POYD(rgI3U9bM6{N0~<*f?VI9C@O
zK6ntA7&1E6dk%IcD(-S-n8+!@v)gjjJjF#l$4snWTA~_Q?pBndi#FClh@Ti+B5aP<
zr<I&Q$PF>K4oCwm+etz+0#@_=gPx)%CY(B4$U+H!Z%;?!w6}4B=4w2_?g}Ef0nC{>
zU(N1sS$H{TUu)<3k2>3x8-EL|pzPnzqe+LkOx5du0Hq@Ht1*rwwOx>XYI3-b;Z>_1
z)}9yGvwT{U)yl=+<ZUL5vrAF!TExuVy%;;O;olfs%44E-bk6DO=o_^AAaz%?>^yiq
zGT-WW92#C*k&HG&hulSqhYn83L8oXZRSUYeSYlJgiQG2bbS7}ky=zB#RguT}!bTdj
zwMR<?a}ULavtKVNFZbgJz1!E*Ad=YF56m78*W*$eg%Xy@cA%7?z^^;hYZ_k}+GZ+J
z1l4Yz8uz;JrM`f=_J{ca>E)i*$-;+h(#kD}KtJf~Dw;F#cV*;sie*rL)OstSZ|@r!
z+7decNz<QBben!u=np4)d+@7r4Ppnl3dt<u-4LOi)yA#ds<oB_ZHRN&C$uO29L<l_
zeClnuYi7<ZE?BhucXk!JLw=?lY`EYS=O9l?Qt)J5IXS1E>78Ulz1)HLX?VH@IDUr9
zcQ<R+2+qV=pvE~AMp+|Pe!*-z=YvIHcHMPJyLZX@NBlHS<l|Q#3q~bIz@2<2uj~#V
zq0`HhKzET6pY5tM_`*8s0mm+^kpv1qG+Ltm@3l`0aD(y$oq9#%3NXL+KhUg=omDjh
zW_@IoBNP{!H){D77VYjzVPt2DrElWKK@jo774Xk8HJsVW6?_%&?GRr@6};f8cjA{{
zVrHaXKrRvc4MO49wdi-zdj38CH~F1UZcFM<7#H^Q(xlkmh@;*PRI7g$M|16W_0+FI
z>ST?oA1Ww($z!lf=h4)M#znq6v<iW3gkKVO-bhrNOIcZ#2kmwqFv2*^wl|kjU1u*%
z_azSLdR~n6<}twappfXbL~zgd)tuZsZI2wcEb~fTYlx%jAgE`1;7l1a5YE6<uEpKy
zc#&GeXl~s6aN%}Qj3-U)==GJB%8a<(seEM2eBaL{RVCovalwl^;a!8ay)y8eH+SH<
z?2!Rn8>skwWk&^S_Z(qk=Ca7OLq<IU(q6Z(!s&;<z6HFDKV9%P>fz12&QRaI@(@hz
zk)>j0UR#XU)|mzF+(qMav;zpq^ng%Vj8b7M0VxBKzotS#S8^RZI^7By*;O}BgmYBr
zh#i}FMW)1GGVH#bsiz+Aj<Td4h9BL3Y?oMbc8OKjc6N#6qcXa}9%OWh>?rO}J_z5A
zV{x#yjf0Vu@F&!C%*l=68<8Hg9Z!tfDfj0W`?@~E!)L%miSrHW9<O7EHl|*PF)P=8
z5|8ZlC31}g4lPMncL_dJj$`9-4`QqQ_7{v@_v7Xr)UDNw>1G(k6@>=-0!-b+dE>UY
z+xqWEu!KKGe+O!({2&6!J+Y6jspHEwtDa8FV4i*_eumQe2zI62QbJjcC52eL%e&}<
zD_c$X2)7n}U4DtE!rqJimmBk~0#*gj{&wq64fXm!=Pd@(T1Q~Q@6}cJH(QtBV!kQd
zvW|I}5lLVN1XNxme6Yqjxzm&jz)n&D&ot#D$I-DHRYLmkI_Qn(x+(8$+M;hZ3BTRz
z&LkjXihjMr)PBjfnIpCG>k7Mx$i(J;xvbO$50z(D!7L7nF$jhp`_{Ve#qh?<GfziI
zNXe&TdV3Z<h*C#Q)V|IjlxdoMS02dJO_HWYjU}_h0-+CY0m<$u<(nbzT3pZk;@S;V
zWAcQ=nD@8>zEaw2)zKVVAvo~IiejFF^2=<K!xaj$5Ytvl6Wd)bh{fFta;k~SQ*%E%
zF^1XoDolq~CGb}wPK?}LGnm}IX!Cs#R0k9q90U&a8d}#4n@7jmoh5T4H0BDclSQ6N
z*gGifjWj+d|A+kP-czY*`L8p{Jlma@%E&hj77=VYzHx#{PM?RY>~f})uT)WdyWRnR
z*fZ?!P~tjT3Eu;y#PPGEqU%p<#`_h9H9B}pecL#07Adq8T+hDL1$P=p^4(RFGCDoy
z;+Y$Wo>YzbHWQgjQN;!GEPY@T%=TAaR=kgF2giEr{ghb~+Lu@z!5Q=Svd4J43fV?>
zBKASJ9Uhf!+s#1r4g-t(ygVe^$8uM66cJNEIhAA)&=VT{Y+QUEXebN217yrOSsJn%
zV_$QMkesbuyZeseG~1?&;V8zP@t9NO2j+JCE9UC`!d%y1m}}lns9NLi+|?o9GrbgT
z&e>31g>Ix_W;J!)vL{u&QYJGeHbCy%!u?932Zi$|=d0t<+??}V*42woW;;yiwBlK-
zu%s!M7Rq{V@lw4B0(ap^$JUlj4l7TV7E)%uV!)yF#9cMHs;SqP2FG&p_9^ujuefaj
z{Sz~hC6s|`;R9l};ev*=A?(R=ge=2<pNW)>je@!(bp{8GZ19#_kLMb07G|}(8@`#>
zZy5|6=zZ<64MbnAnga22+t7PJ2CIncR%oO`e<FKLrqmXNJ648SbnvuX>XKI>e{kA-
zJ}|c<JX8p9e0}<99h;9z;~av5NcbZxSVMODFW&pjfA!vTs!Qoi|H`?7f8kuob&xLK
zk`Jv{J-`hcZ#4X;`7Ry4h`Rue+j^raMk<N{Q5N4Cdph_nXM_im93LJBGb4=ZLL?9d
zbDIVfTSsIlvv@<I1)Sz5!~}fJ3h6unBT`nIE`VzRdtPb=^0mYJ6cUMB#31U$u86v7
z7r~`wKwS^g%dR>44j0?yUpbWAIx;If1FA0t!F&+px%F>2Jz_EFam>2@m!uID4AfFA
zVxKQKH}E98$RP;-Lh&MyEv6bq^X8O;tvYHe(On;-XPQ}`!~?qz-+@|nlfJ=xw-Owf
z5paP142wy>Uu4E>{&(P;X}v4YHd=iAz>sH)v0#Y`-Wmq)t^w)z>Giuq%*7|`?*C?T
z)p$jd0JZg)6g$N;b5ZYubO@J-CZm2}riBsyChIff^XcVZRoUZzQDqlgShbDF)h(`S
zWs00GG-ydhLL0Y1HZaTfV~D>0pSr~v1FekD?wDn(A0N1x<hkVypFgIgYViDR%f2;*
zjAzqdPj9U($rL{Ly;U_5t47PZ_-=MApTW0_k(TnX9r_@?6M9xm75J%X*EQu<V%AAh
z{Oj%hCv3Af*B?>(*u?oKUYQQtapW?*`7>eJ`Y9d8){zpc%k!F+ski57r!c~%Rq#sX
zY3_1woB_4La87bH<bEeOQN^woOrPAyR!D0o?s10gvkOkepQ=#1YQa6#%r`5dGO`&q
zSc;Y_ZLikUm;tV3>wEOu4f<IL_wDy*)q71ojgxLJc9;esDvo#&Wt8s$KWCkoG|<EO
zDZ|B#BN3a-lXv})Kapa)Mqqug&%3haOX3tn_zvoGQVNwTt{B<n7-Q5JZRNY4EzcGl
za*%Wi1tW6Hc$SO%(nH-tlJC3@(Ok9`$#BAi4X|~#vIv`+1C1Rm`SUnyZr%F}eX7uh
z-|%|h!@GzSWQ<-zohubC^x+op(*NjhWP*5|Vkrr_`jb?nHZ}TkZ5ex~bn$#kO*?^q
zu&Ri%+f<4rE0%ao2{6hn0hCmT|Amr-9AE%0;otf2yF-_|KKy?gy3FX9xGI3~NlIF0
z2%L)>p<99}@h-mR&;fbB_dD`Gt$4Dck?#NAiZ}eXIC|5K+UntV_QQK73VpAnqS!Ua
T*U2M$fRENyU5$dv_X7S4>bpb;

literal 0
HcmV?d00001

diff --git a/priv/dev/static/index.html b/priv/dev/static/index.html
index bdc5e9e4..444729a3 100644
--- a/priv/dev/static/index.html
+++ b/priv/dev/static/index.html
@@ -20,6 +20,7 @@
                 <ul class="sub_menu">
                     <li><a id="btn-tables">Tables and ddViews</a></li>
                     <li><a id="btn-change-password">Change Password</a></li>
+                    <li><a id="btn-register-key">Register FIDO2 Key</a></li>
                     <li><a id="btn-about">About</a></li>
                     <li><a id="btn-disconnect">Disconnect</a></li>
                     <li><a id="btn-restart">Restart Application</a></li>
diff --git a/priv/dev/static/index.js b/priv/dev/static/index.js
index 16949827..3f8c648e 100644
--- a/priv/dev/static/index.js
+++ b/priv/dev/static/index.js
@@ -6,7 +6,7 @@ import 'imports-loader?$=jquery,$.uiBackCompat=>false!jquery-ui/ui/widgets/sorta
 
 import {loginAjax} from "./scripts/login";
 import {alert_jq} from './dialogs/dialogs';
-import {dderlState, show_qry_files,
+import {dderlState, show_qry_files, register_fido2_key,
         change_password, show_about_dlg} from "./scripts/dderl";
 import {new_connection_tab, logout, restart,
         authorize_office, authorize_oura} from "./scripts/login";
@@ -88,6 +88,7 @@ function addClick(id, handler) {
 
 addClick('btn-tables',          () => { show_qry_files(true);   });
 addClick('btn-change-password', () => { change_password(false); });
+addClick('btn-register-key',    () => { register_fido2_key();   });
 addClick('btn-about',           () => { show_about_dlg();       });
 addClick('btn-disconnect',      () => { disconnect_tab();       });
 addClick('btn-restart',         () => { restart();              });
diff --git a/priv/dev/static/scripts/dderl.js b/priv/dev/static/scripts/dderl.js
index 9dc0a1c2..8b5067eb 100644
--- a/priv/dev/static/scripts/dderl.js
+++ b/priv/dev/static/scripts/dderl.js
@@ -1,8 +1,8 @@
 import $ from 'jquery';
-import {alert_jq} from '../dialogs/dialogs';
+import { alert_jq } from '../dialogs/dialogs';
 import './dderl.table';
-import {change_login_password, showScreeSaver} from './login';
-import {change_connect_password} from './connect';
+import { change_login_password, showScreeSaver, triggerFido2Registration, isWebAuthnSupported } from './login';
+import { change_connect_password } from './connect';
 
 import '../dashboard/dderl.dashView';
 import '../dashboard/dderl.dashboard';
@@ -441,6 +441,22 @@ export function change_password(shouldConnect) {
     }
 }
 
+export function register_fido2_key() {
+    if (isWebAuthnSupported()) {
+        ajaxCall(null, 'register_key_init', null, 'register_key_init',
+            function (response) {
+                console.log("register_key_init challenge");
+                console.log(response);
+                triggerFido2Registration(response);
+            },
+            function (error) {
+                console.log("Error on fido2 key registration : ", error);
+                alert_jq("Failed to reach the server, the connection might be lost.");
+            }
+        );
+    }
+}
+
 export function smartDialogPosition(container, owner, self, checks) {
     if(!checks || checks.length === 0) {
         checks = ['right'];
diff --git a/priv/dev/static/scripts/login.js b/priv/dev/static/scripts/login.js
index ad0cbd6a..7ca80c1d 100644
--- a/priv/dev/static/scripts/login.js
+++ b/priv/dev/static/scripts/login.js
@@ -166,7 +166,15 @@ function loginCb(resp) {
                 val: ""
             }]
         });
-    } else if (resp.hasOwnProperty('saml')) {
+    } else if (resp.hasOwnProperty('fido2')) {
+        if(isWebAuthnSupported()) {
+            console.log('fido2 authentication');
+            triggerFido2Authentication(resp.fido2);
+        } else {
+            logout(true, "WebAuthn not supported on this browser");
+        }
+    }
+    else if (resp.hasOwnProperty('saml')) {
         if (resp.saml.hasOwnProperty('form')) {
             if (dderlState.screensaver && window.tab) {
                 window.tab.document.body.innerHTML = resp.saml.form;
@@ -327,7 +335,7 @@ function inputEnter(layout) {
     loginAjax(data);
 }
 
-export function logout(isForceful) {
+export function logout(isForceful, msg) {
     if (dderlState.connection && isForceful !== true) {
         ajaxCall(null, 'check_session', null, 'check_session', function () {
             confirm_jq({ title: "Confirm logout", content: '' }, function () {
@@ -343,10 +351,10 @@ export function logout(isForceful) {
     function exec_logout() {
         ajaxCall(null, 'logout', '{}', 'logout', function (data) {
             console.log('Request logout Result ' + data);
-            process_logout();
+            process_logout(msg);
         }, function () {
             // We have to cleanup even when the server is not recheable
-            process_logout();
+            process_logout(msg);
         });
     }
 }
@@ -378,7 +386,7 @@ export function new_connection_tab() {
     }
 }
 
-function process_logout() {
+function process_logout(msg) {
     dderlState.isLoggedIn = false;
     dderlState.connection = null;
     dderlState.adapter = null;
@@ -390,9 +398,17 @@ function process_logout() {
     $('#login-button').html('');
     $('#btn-change-password').data("logged_in_user", "");
     $('#login-msg').html('Welcome guest');
+    let fields = [];
+    if (msg) {
+        fields = [{
+            type: "label",
+            val: msg,
+            color: "#DD1122"
+        }];
+    }
     display({
         title: "Successfully logged out",
-        fields: []
+        fields: fields
     });
 }
 
@@ -437,4 +453,109 @@ export function authorize_oura() {
         const params = 'scrollbars=no,resizable=no,status=no,location=no,toolbar=no,menubar=no,width=500,height=600,left=100,top=100';
         window.open(auth_config.url, 'Oura Ring login', params);
     });
+// fido2 helper functions
+function _arrayBufferToString(buffer) {
+    var binary = '';
+    var bytes = new Uint8Array(buffer);
+    var len = bytes.byteLength;
+    for (var i = 0; i < len; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return binary;
+}
+
+function _arrayBufferToBase64(buffer) {
+    return window.btoa(_arrayBufferToString(buffer));
+}
+
+function _base64ToArrayBuffer(base64) {
+    var binary_string = window.atob(base64);
+    var len = binary_string.length;
+    var bytes = new Uint8Array(len);
+    for (var i = 0; i < len; i++) {
+        bytes[i] = binary_string.charCodeAt(i);
+    }
+    return bytes.buffer;
+}
+
+export function triggerFido2Registration(registerConfig) {
+    if (registerConfig) {
+        let user = {};
+        user.id = new Uint8Array(16);
+        user.name = dderlState.username;
+        user.displayName = dderlState.username;
+        registerConfig.challenge = _base64ToArrayBuffer(registerConfig.challenge);
+        registerConfig.user = user;
+        let excludeCredentials = registerConfig.excludeCredentials.map(
+            exCred => {
+                exCred.id = _base64ToArrayBuffer(exCred.id);
+                return exCred;
+            });
+        navigator.credentials.create({ publicKey: registerConfig }).then(
+            function (credential) {
+                let credObj = {};
+                credObj.rawID = _arrayBufferToBase64(credential.rawId);
+                credObj.type = credential.type;
+                credObj.clientDataJSON = _arrayBufferToString(credential.response.clientDataJSON);
+                credObj.attestationObject = _arrayBufferToBase64(credential.response.attestationObject);
+                credObj.excludeCredentials = excludeCredentials;
+                ajaxCall(null, 'register_key_attest', credObj, 'register_key_attest',
+                    function (response) {
+                        console.log("register_key_attest challenge");
+                        console.log(response);
+                        if (response.error) {
+                            alert_jq(response.error);
+                        } else {
+                            alert_jq("fido2 key registered");
+                        }
+                    },
+                    function (error) {
+                        console.log("Error on register_key_attest : ", error);
+                        alert_jq("Failed to reach the server, the connection might be lost.");
+                    }
+                );
+            }).catch((err) => {
+                console.log('error while registering', err);
+                alert_jq(err);
+            });
+    }
+}
+
+export function isWebAuthnSupported() {
+    if (typeof (PublicKeyCredential) == "undefined") {
+        console.log("webauthn is not supported on the browser");
+        alert_jq("WebAuthn not supported on this browser");
+        return false;
+    }
+    return true;
+}
+
+function triggerFido2Authentication(authConfig) {
+    let credConfig = authConfig.credConfig;
+    let baseConfig = authConfig.baseConfig;
+    let allowCredentials = Object.keys(authConfig.credentials).map(
+        credId => {
+            credConfig.id = _base64ToArrayBuffer(credId);
+            return credConfig;
+        });
+    baseConfig.challenge = _base64ToArrayBuffer(baseConfig.challenge);
+    baseConfig.allowCredentials = allowCredentials;
+    navigator.credentials.get({ publicKey: baseConfig }).then(
+        function (credential) {
+            let credObj = {};
+            credObj.rawID = _arrayBufferToBase64(credential.rawId);
+            credObj.type = credential.type;
+            credObj.clientDataJSON = _arrayBufferToString(credential.response.clientDataJSON);
+            credObj.authenticatorData = _arrayBufferToBase64(credential.response.authenticatorData);
+            credObj.sig = _arrayBufferToBase64(credential.response.signature);
+            ajaxCall(null, 'login', { fido2: credObj }, 'login', loginCb,
+                function (error) {
+                    console.log("Error on login : ", error);
+                    alert_jq("Failed to reach the server, the connection might be lost.");
+                }
+            );
+        }).catch((err) => {
+            console.log('error while authenticating', err);
+            logout(true, err);
+        });
 }
diff --git a/rebar.config b/rebar.config
index 89ac4f99..267d1630 100644
--- a/rebar.config
+++ b/rebar.config
@@ -38,12 +38,13 @@
 
 {deps, [
     {cowboy,"2.7.0"},
-    {prometheus, "4.5.0"},
-    {erlimem, {git, "https://github.com/konnexionsgmbh/erlimem", {tag, "3.1.0"}}},
+    {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}},
+    {erlimem, {git, "https://github.com/konnexionsgmbh/erlimem", {branch, "master"}}},
     {esaml, {git, "https://github.com/KonnexionsGmbH/esaml", {tag, "2.3.0"}}},
-    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "encryption2"}}},
+    {imem, {git, "https://github.com/konnexionsgmbh/imem", {branch, "master"}}},
     {oranif, {git, "https://github.com/konnexionsgmbh/oranif", {tag, "0.2.3"}}},
-    {edate, {git, "https://github.com/dweldon/edate", {branch, "master"}}}
+    {wax, {git, "https://github.com/konnexionsgmbh/wax", {branch, "master"}}},
+    {prometheus, "4.5.0"}
 ]}.
 
 {erl_first_files, [
@@ -53,6 +54,11 @@
 
 {deps_error_on_conflict, false}.
 
+{plugins, [
+    rebar3_hex,
+    {rebar3_elixir, ".*", {git, "https://github.com/Supersonido/rebar3_elixir.git", {branch, "master"}}}
+]}.
+
 {dist_node, [
     {setcookie, 'dderl'},
     {name, 'dderl@127.0.0.1'}
@@ -100,10 +106,6 @@
     {config, "config/shell.config"}
 ]}.
 
-{plugins, [
-    rebar3_hex
-]}.
-
 {profiles, [
     {ui, [{post_hooks, [{compile, "bash ./build_fe.sh"}]}]},
     {prod, [
diff --git a/src/dderl.app.src b/src/dderl.app.src
index bbe608ed..65c618a5 100644
--- a/src/dderl.app.src
+++ b/src/dderl.app.src
@@ -13,6 +13,7 @@
                   erlimem,
                   esaml,
                   oranif,
+                  wax,
                   prometheus]},
   {mod, {dderl, []}},
   {env, [{interface, "0.0.0.0"}, {port, 8443}, {ssl_opts, []}]}
diff --git a/src/dderl.erl b/src/dderl.erl
index c9eef886..b2d1c5d1 100644
--- a/src/dderl.erl
+++ b/src/dderl.erl
@@ -98,10 +98,10 @@ init(Req, '$path_probe') ->
     {Code, Resp} = ?PROBE_RESP,
     {ok, cowboy_req:reply(Code, #{}, Resp, Req), undefined};
 init(Req, State) ->
-    Url = iolist_to_binary(cowboy_req:uri(Req)),
+    #{path := Path} = Req,
     Req1 =
-    % case binary:last(Url) of
-        % $/ ->
+    case binary:last(Path) of
+        $/ ->
             Priv = priv_dir(),
             Filename = filename:join([Priv, "public", "dist", "index.html"]),
             case file:read_file(Filename) of
@@ -120,9 +120,15 @@ init(Req, State) ->
                         >>,
                         Req
                     )
-            % end;
-        % _ ->
-            % cowboy_req:reply(301, #{<<"location">> => <<Url/binary,"/">>}, Req)
+            end;
+        _ ->
+            Url = iolist_to_binary(cowboy_req:uri(Req, #{qs => undefined})),
+            QsBin =
+            case Req of
+                #{qs := <<>>} -> <<>>;
+                #{qs := Qs} -> <<"?", Qs/binary>>
+            end,
+            cowboy_req:reply(301, #{<<"location">> => <<Url/binary,"/",QsBin/binary>>}, Req)
     end,
     {ok, Req1, State}.
 
diff --git a/src/dderl.hrl b/src/dderl.hrl
index 00905631..41ac125a 100644
--- a/src/dderl.hrl
+++ b/src/dderl.hrl
@@ -216,6 +216,27 @@
 -define(ISENCRYPTMANDATORY, ?GET_CONFIG(samlEncryptIsMandatory,[], true,"SAML - Expect encrypted data")).
 -define(VERIFYRESPONSESIGN, ?GET_CONFIG(samlVerifyResponseSignature,[], true,"SAML - flag to verify response signature")).
 
+-define(FIDO2_REGISTRATION_CONFIG(__APP, __USERNAME),
+        ?GET_CONFIG(fido2RegistrationConfig, [__APP, __USERNAME],
+                    #{attestation => <<"none">>,
+                      authenticatorSelection =>
+                              #{requireResidentKey => false,
+                                userVerification => <<"discouraged">>},
+                      pubKeyCredParams => [#{alg => -7,type => <<"public-key">>}],
+                      rp => #{name => <<"K2 Informatics GmbH">>}},
+                     "FIDO2 Regestration config")).
+
+-define(FIDO2_AUTH_CONFIG(__APP, __USERNAME),
+        ?GET_CONFIG(fido2AuthenticationConfig, [__APP, __USERNAME],
+                    #{userVerification => <<"discouraged">>},
+                    "FIDO2 Authentication config")).
+
+-define(FIDO2_AUTH_CRED_CONFIG(__APP, __USERNAME),
+        ?GET_CONFIG(fido2AuthenticationCredentialConfig, [__APP, __USERNAME],
+                    #{transports => [<<"usb">>,<<"nfc">>,<<"ble">>],
+                      type => <<"public-key">>},
+                    "FIDO2 Authentication config")).
+
 -define(UNAUTHORIZEDPAGE(__MODULE),   ?GET_CONFIG(unauthorizedPage,[__MODULE],
                                         <<"<!DOCTYPE html>"
                                           "<html lang=\"en\">"
diff --git a/src/dderl_dal.erl b/src/dderl_dal.erl
index 060ee50c..a91caf76 100644
--- a/src/dderl_dal.erl
+++ b/src/dderl_dal.erl
@@ -48,6 +48,7 @@
         ,create_check_avatar_channel/1
         ,write_to_avatar_channel/3
         ,read_from_avatar_channel/2
+        ,fido2_register_config/4
         ]).
 
 -record(state, { schema :: term()
@@ -758,8 +759,12 @@ get_restartable_apps() ->
 -spec process_login(map(), any(),
                     #{auth => fun((any()) -> ok | {any(), list()}),
                       connInfo => map(),
+                      app => atom(),
                       stateUpdateUsr =>  fun((any(), any()) -> any()),
                       stateUpdateSKey => fun((any(), any()) -> any()),
+                      stateGetUsr => fun((any()) -> any()),
+                      stateUpdateFido2Challenge => fun((any(), any()) -> any()),
+                      stateGetFido2Challenge => fun((any()) -> any()),
                       relayState => fun((any(), any()) -> any()),
                       urlPrefix => list()}) -> ok | map().
 process_login(#{<<"smsott">> := Token} = Body, State,
@@ -775,6 +780,26 @@ process_login(#{<<"samluser">>:=User} = Body, State,
   when is_function(StateUpdateFun, 2), is_function(AuthFun, 1) ->
     process_login_reply(AuthFun({saml, User}), Body, Ctx,
                         StateUpdateFun(State, User));
+process_login(#{<<"fido2">> := #{<<"authenticatorData">> := AuthenticatorDataB64,
+                                 <<"clientDataJSON">> := ClientDataJson,
+                                 <<"rawID">> := RawIdB64, <<"sig">> := SigB64,
+                                 <<"type">> := <<"public-key">>}} = Body, State,
+              #{auth := AuthFun, stateGetFido2Challenge := GetChallenge, stateGetUsr := GetUser} = Ctx)
+  when is_function(AuthFun, 1), is_function(GetChallenge, 1), is_function(GetUser, 1) ->
+    Challenge = GetChallenge(State),
+    AuthenticatorData = base64:decode(AuthenticatorDataB64),
+    Sig = base64:decode(SigB64),
+    Result =
+    case 'Elixir.Wax':authenticate(RawIdB64, AuthenticatorData, Sig, ClientDataJson, Challenge) of
+        {ok, _} ->
+            User = GetUser(State),
+            ?Info("Wax: successful authentication for user : ~s", [User]),
+            User;
+        {error, _} = Error ->
+            ?Error("Wax: authentication failed with error ~p", [Error]),
+            Error
+    end,
+    process_login_reply(AuthFun({fido2, Result}), Body, Ctx, State);
 process_login(Body, State, #{connInfo := ConnInfo, auth := AuthFun} = Ctx)
   when is_map(ConnInfo), is_function(AuthFun, 1) ->
     process_login_reply(AuthFun({access, ConnInfo}), Body, Ctx, State).
@@ -800,6 +825,14 @@ process_login_reply({SKey, [{smsott, Data}|_]}, _Body,
   when is_function(StateUpdateFun, 2) ->
     {#{smsott=>fix_login_data(Data)}, StateUpdateFun(State, SKey)};
 
+process_login_reply({ok, [{fido2, #{credentials := Creds}}|_]},
+                    #{<<"host_url">> := Host}, Ctx, State) ->
+    fido2_auth_challenge(Creds, Ctx, State, Host);
+process_login_reply({SKey, [{fido2, #{credentials := Creds}}|_]}, #{<<"host_url">> := Host},
+                    #{stateUpdateSKey := StateUpdateFun} = Ctx, State)
+  when is_function(StateUpdateFun, 2) ->
+    fido2_auth_challenge(Creds, Ctx, StateUpdateFun(State, SKey), Host);
+
 process_login_reply({SKey, [{saml, _Data}|_]}, Body,
                     #{urlPrefix := UrlPrefix,
                       stateUpdateSKey := StateUpdateFun,
@@ -821,6 +854,18 @@ fix_login_data(#{accountName:=undefined}=Data) ->
     fix_login_data(Data#{accountName=><<"">>});
 fix_login_data(Data) -> Data.
 
+fido2_auth_challenge(Creds, #{app := App, stateGetUsr := GetUser,
+                              stateUpdateFido2Challenge := StateUdpateChal}, State, Host)
+  when is_function(StateUdpateChal, 2), is_function(GetUser), is_atom(App) ->
+    User = GetUser(State),
+    AuthConfig = ?FIDO2_AUTH_CONFIG(App, User),
+    CredConfig = ?FIDO2_AUTH_CRED_CONFIG(App, User),
+    Challenge = 'Elixir.Wax':new_authentication_challenge(Creds, [{origin, Host}]),
+    #{allow_credentials := Credentials, bytes := Bytes} = Challenge,
+    Config = #{baseConfig => AuthConfig#{challenge => base64:encode(Bytes)},
+               credConfig => CredConfig, credentials => Credentials},
+    {#{fido2 => Config}, StateUdpateChal(State, Challenge)}.
+
 %% Functions used to extract rows from fsm using ets directly.
 %% Used by data_sender and csv_export_buffer.
 -spec rows_from(ets:tab(), term(), pos_integer()) -> [term()].
@@ -889,3 +934,21 @@ exec_is_proxy_fun(Fun, NetCtx) ->
             ?Error("proxy check fail : ~p", [Error]),
             false
     end.
+
+fido2_register_config(App, Session, Username, HostUrl) when is_binary(HostUrl), is_atom(App) ->
+    Regconfig = #{rp := RpInfo} = ?FIDO2_REGISTRATION_CONFIG(App, Username),
+    Challenge = 'Elixir.Wax':new_registration_challenge([{origin, HostUrl}]),
+    #{bytes := Bytes, rp_id := RpId} = Challenge,
+    Creds =
+    case erlimem_session:run_cmd(Session, get_fido2_creds, []) of
+        none -> [];
+        {ok, Fido2Creds} -> Fido2Creds
+    end,
+    CredConfig = ?FIDO2_AUTH_CRED_CONFIG(App, Username),
+    ExcludeCreds = lists:map(
+        fun({CredId, _}) ->
+            CredConfig#{id => CredId}
+        end, Creds),
+    {Challenge, Regconfig#{challenge => base64:encode(Bytes),
+                           excludeCredentials => ExcludeCreds,
+                           rp => RpInfo#{id => RpId}}}.
diff --git a/src/dderl_resource.erl b/src/dderl_resource.erl
index 47003359..6b4e416e 100644
--- a/src/dderl_resource.erl
+++ b/src/dderl_resource.erl
@@ -88,7 +88,7 @@ process_request_low(SessionToken, XSRFToken, Adapter, Req, Body, Typ) ->
     end,
     {Ip, Port} = cowboy_req:peer(Req),
     NewBody =
-    if Typ == [<<"login">>] -> 
+    if Typ == [<<"login">>] orelse Typ == [<<"register_key_init">>] -> 
             HostUrl = iolist_to_binary(cowboy_req:uri(Req, #{path => undefined, qs => undefined})),
             BodyMap = imem_json:decode(Body, [return_maps]),
             jsx:encode(BodyMap#{host_url => HostUrl});
diff --git a/src/dderl_saml_handler.erl b/src/dderl_saml_handler.erl
index 290028eb..b6b2616c 100644
--- a/src/dderl_saml_handler.erl
+++ b/src/dderl_saml_handler.erl
@@ -33,7 +33,8 @@ init(Req0, Args) ->
 process_req(Req, S = #state{sp = SP}) ->
     case esaml_cowboy:validate_assertion(SP, fun esaml_util:check_dupe_ets/2, Req) of
         {ok, Assertion, RelayState, Req1} ->
-            Fun = binary_to_term(base64:decode(http_uri:decode(binary_to_list(RelayState)))),
+            [{FunBin, _}] =  uri_string:dissect_query(RelayState),
+            Fun = binary_to_term(base64:decode(FunBin)),
             Fun(Req1, Assertion#esaml_assertion.attributes),
             {cowboy_loop, Req1, S, hibernate};
         {error, Reason, Req2} ->
diff --git a/src/dderl_session.erl b/src/dderl_session.erl
index ac1d5c03..f7bb0516 100644
--- a/src/dderl_session.erl
+++ b/src/dderl_session.erl
@@ -44,6 +44,7 @@
           , lock_state  = unlocked      :: unlocked | locked | screensaver
           , xsrf_token  = <<>>          :: binary()
           , is_proxy    = false         :: boolean()
+          , fido2_challenge             :: map()
          }).
 
 %% Helper functions
@@ -246,6 +247,33 @@ process_call({[<<"ping">>], _ReqData}, _Adapter, From, {SrcIp,_},
             reply(From, #{ping => #{error => show_screen_saver}}, self()),
             State#state{lock_state = screensaver}
     end;
+process_call({[<<"register_key_init">>], ReqData}, _Adapter, From, {SrcIp,_},
+    #state{sess = Session, user = UserName} = State) ->
+    #{<<"host_url">> := HostUrl} = jsx:decode(ReqData, [return_maps]),
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "register_key_init"}, State),
+    {Challenge, RegisterConfig} = dderl_dal:fido2_register_config(dderl, Session, UserName, HostUrl),
+    reply(From, #{<<"register_key_init">> => RegisterConfig}, self()),
+    State#state{fido2_challenge = Challenge};
+process_call({[<<"register_key_attest">>], ReqData}, _Adapter, From, {SrcIp,_},
+             #state{fido2_challenge = Challenge} = State) ->
+    BodyMap = jsx:decode(ReqData, [return_maps]),
+    act_log(From, ?CMD_NOARGS, #{src => SrcIp, cmd => "register_key_init"}, State),
+    #{<<"attestationObject">> := Attestation64,
+      <<"clientDataJSON">> := ClientData,
+      <<"rawID">> := RawId64,
+      <<"type">> := <<"public-key">>} = BodyMap,
+    Attestation = base64:decode(Attestation64),
+    Resp =
+    case 'Elixir.Wax':register(Attestation, ClientData, Challenge) of
+        {ok, {#{attested_credential_data := #{credential_public_key := CPKey}}, Result}} ->
+            erlimem_session:run_cmd(State#state.sess, auth_add_fido2, [{RawId64, CPKey}]),
+            #{result => <<"attestation object validated">>};
+        {error, _} = Error ->
+            ?Info("Wax: attestation object validation failed with error ~p", [Error]),
+            #{error => <<"attestation object validation failed">>}
+    end,
+    reply(From, #{<<"register_key_attest">> => Resp}, self()),
+    State#state{fido2_challenge = undefined};
 %% IMPORTANT:
 % This function clause is placed right after login to be able to catch all
 % request (other than login above) which are NOT to be allowed without a login
@@ -823,11 +851,14 @@ login(ReqData, From, SrcIp, State) ->
             try dderl_dal:process_login(
                          ReqDataMap, State,
                          #{auth => fun(Auth) ->
-                                       erlimem_session:auth((State#state.sess), dderl, Id, Auth)
+                                       erlimem_session:auth(State#state.sess, dderl, Id, Auth)
                                    end,
-                           connInfo => ConnInfo,
+                           connInfo => ConnInfo, app => dderl,
                            relayState => fun dderl_resource:samlRelayStateHandle/2,
                            stateUpdateUsr =>  fun(St, Usr) -> St#state{user=Usr} end,
+                           stateGetUsr =>  fun(St) -> St#state.user end,
+                           stateUpdateFido2Challenge =>  fun(St, Chal) -> St#state{fido2_challenge=Chal} end,
+                           stateGetFido2Challenge =>  fun(St) -> St#state.fido2_challenge end,
                            stateUpdateSKey =>  fun(St, _) -> St end,
                            urlPrefix => dderl:get_url_suffix()}) of
                 {{E,M},St} when is_atom(E) ->
diff --git a/src/dderlodpi.erl b/src/dderlodpi.erl
index f1097092..5b38b1db 100644
--- a/src/dderlodpi.erl
+++ b/src/dderlodpi.erl
@@ -189,7 +189,7 @@ handle_cast({fetch_recs_async, false, _}, #qry{fsm_ref = FsmRef, stmt_result = S
             end
     end,
     {noreply, State};
-handle_cast({fetch_push, NRows, Target}, #qry{fsm_ref = FsmRef, stmt_result = StmtResult} = State) ->
+handle_cast({fetch_push, NRows, Target}, #qry{fsm_ref = FsmRef, stmt_result = StmtResult, connection = Connection} = State) ->
     #qry{contain_rowid = ContainRowId, contain_rownum = ContainRowNum} = State,
     #stmtResults{stmtRefs = StmtRef, rowCols = Clms} = StmtResult,
     MissingRows = Target - NRows,
@@ -199,19 +199,19 @@ handle_cast({fetch_push, NRows, Target}, #qry{fsm_ref = FsmRef, stmt_result = St
         true ->
             RowsToFetch = MissingRows
     end,
-    case StmtRef:fetch_rows(RowsToFetch) of
-        {{rows, Rows}, Completed} ->
+    case dpi_fetch_rows(Connection, StmtRef, RowsToFetch) of
+        { Rows, Completed} ->
             RowsFixed = fix_row_format(StmtRef, Rows, Clms, ContainRowId),
             NewNRows = NRows + length(RowsFixed),
             if
-                Completed -> FsmRef:rows({RowsFixed, Completed});
+                Completed -> dderl_fsm:rows(FsmRef, {RowsFixed, Completed});
                 (NewNRows >= Target) andalso (not ContainRowNum) -> FsmRef:rows_limit(NewNRows, RowsFixed);
                 true ->
-                    FsmRef:rows({RowsFixed, false}),
+                    dderl_fsm:rows(FsmRef, {RowsFixed, false}),
                     gen_server:cast(self(), {fetch_push, NewNRows, Target})
             end;
         {error, Error} ->
-            FsmRef:rows({error, Error})
+            dderl_fsm:rows(FsmRef, {error, Error})
     end,
     {noreply, State};
 handle_cast(_Ignored, State) ->
@@ -859,7 +859,13 @@ number_to_binary(Else) -> ?Error("Tried to convert bad term to binary: ~p", [Els
 %%%% Dpi safe functions executed on dpi slave node
 
 dpi_conn_prepareStmt(#odpi_conn{node = Node, connection = Conn}, Sql) ->
-    dpi:safe(Node, fun() -> dpi:conn_prepareStmt(Conn, false, Sql, <<"">>) end).
+    Stmt = dpi:safe(Node, fun() -> dpi:conn_prepareStmt(Conn, false, Sql, <<"">>) end), % tentative statement with scrollable set to false
+    #{statementType := StatementType} = dpi:safe(Node, fun() -> dpi:stmt_getInfo(Stmt) end), % find out whether it is a SELECT
+    case StatementType of 'DPI_STMT_TYPE_SELECT' -> % SELECT statement needs to be redone with scrollable set to true
+        dpi:safe(Node, fun() -> dpi:stmt_close(Stmt) end), % remove the "bad" statement
+        dpi:safe(Node, fun() -> dpi:conn_prepareStmt(Conn, true, Sql, <<"">>) end); % return the proper statement
+    _Else -> Stmt end.   % if it is not a SELECT statement then the original Stmt handle is fine  
+
 
 dpi_conn_commit(#odpi_conn{node = Node, connection = Conn}) ->
     dpi:safe(Node, fun() -> dpi:conn_commit(Conn) end).
@@ -963,23 +969,23 @@ get_rows_prepare(Conn, Stmt, NRows, Acc)->
                         % fetched as a binary in order to avoid a rounding error that would occur if they were transformed from their internal decimal
                         % representation to double. Therefore, stmt_getQueryValue() can't be used for this, so a variable needs to be made because
                         % the data has to be fetched using define so the value goes into the data and then retrieving the values from the data
-                        #{var := Var, data := Datas} = dpi:conn_newVar(Conn, OraType, 'DPI_NATIVE_TYPE_BYTES', 100, 0, false, false, null),
+                        #{var := Var, data := Datas} = dpi:conn_newVar(Conn, OraType, 'DPI_NATIVE_TYPE_BYTES', 100, 4000, false, false, null),
                         ok = dpi:stmt_define(Stmt, Col, Var),    %% results will be fetched to the vars and go into the data
                         {Var, Datas, OraType}; % put the variable and its data list into a tuple
                     'DPI_NATIVE_TYPE_LOB' ->
-                        #{var := Var, data := Datas} = dpi:conn_newVar(Conn, OraType, 'DPI_NATIVE_TYPE_LOB', 100, 0, false, false, null),
+                        #{var := Var, data := Datas} = dpi:conn_newVar(Conn, OraType, 'DPI_NATIVE_TYPE_LOB', 100, 4000, false, false, null),
                         ok = dpi:stmt_define(Stmt, Col, Var),    %% results will be fetched to the vars and go into the data
                         {Var, Datas, OraType}; % put the variable and its data list into a tuple
-                    _else -> noVariable % when no variable needs to be made for the type, just put an atom signlizing that no variable was made and stmt_getQueryValue() can be used to get the values
+                    _else -> {noVariable, OraType} % when no variable needs to be made for the type, just put an atom signlizing that no variable was made and stmt_getQueryValue() can be used to get the values
                 end
             end
             || {OraType, NativeType, Col} <- Types], % make a list of {Var, Datas} tuples. Var is the dpiVar handle, Datas is the list of Data handles in that respective Var  
 R = get_rows(Conn, Stmt, NRows, Acc, VarsDatas), % gets all the results from the query
     [begin
-        case VarDatas of {Var, Datas} -> % if there is a variable (which was made to fetch a double as a binary)
+        case VarDatas of {noVariable, _OraType} -> nop; % if no variable was made, then nothing needs to be done here
+            {Var, Datas, _OraType} -> % if there is a variable (which was made to fetch a double as a binary)
                 [dpi:data_release(Data)|| Data <- Datas], % loop through the list of datas and release them all
-                dpi:var_release(Var); % now release the variable
-            _else -> nop % if no variable was made, then nothing needs to be done here
+                dpi:var_release(Var) % now release the variable
         end
     end || VarDatas <- VarsDatas], % clean up eventual variables that may have been made
 R. % return query results
@@ -1001,15 +1007,19 @@ get_column_values(Conn, Stmt, ColIdx, VarsDatas, RowIndex) ->
         {_Var, Datas, OraType} -> % if a variable was made for this column: the value was fetched into the variable's data object, so get it from there
             Value = dpi:data_get(lists:nth(RowIndex, Datas)), % get the value out of that data variable
             ValueFixed = case OraType of % depending on the ora type, the value might have to be changed into a different format so it displays properly
-                'DPI_ORACLE_TYPE_BLOB' -> list_to_binary(lists:flatten([io_lib:format("~2.16.0B", [X]) || X <- binary_to_list(Value)])); % turn binary to hex string
-                _Else -> Value end, % the value is already in the correct format for most types, so do nothing
+                'DPI_ORACLE_TYPE_BLOB' -> list_to_binary(lists:flatten([io_lib:format("~2.16.0B", [X]) || X <- binary_to_list(dpi:lob_readBytes(Value, 1, 4000))])); % turn binary to hex string
+                'DPI_ORACLE_TYPE_CLOB' -> dpi:lob_readBytes(Value, 1, 4000);
+            _Else -> Value end, % the value is already in the correct format for most types, so do nothing
 
             [ValueFixed | get_column_values(Conn, Stmt, ColIdx + 1, VarsDatas, RowIndex)]; % recursive call
-        noVariable -> % if no variable has been made then that means that the value can be fetched with stmt_getQueryValue()
+        {noVariable, OraType} -> % if no variable has been made then that means that the value can be fetched with stmt_getQueryValue()
             #{data := Data} = dpi:stmt_getQueryValue(Stmt, ColIdx), % get the value 
             Value = dpi:data_get(Data), % take the value from this freshly made data
             dpi:data_release(Data), % release this new data object
-            [Value | get_column_values(Conn, Stmt, ColIdx + 1, VarsDatas, RowIndex)]; % recursive call
+            ValueFixed = case OraType of % some types may require additional casting/unmarshalling
+                'DPI_ORACLE_TYPE_LONG_VARCHAR' -> list_to_binary(lists:flatten([io_lib:format("~2.16.0B", [X]) || X <- binary_to_list(Value)])); % turn binary into hex representation of binary
+                _Else -> Value end, % value doesn't need any converting
+            [ValueFixed | get_column_values(Conn, Stmt, ColIdx + 1, VarsDatas, RowIndex)]; % recursive call
         Else ->
             ?Error("Invalid variable term of ~p", [Else])
     end.
diff --git a/src/dperl/README.md b/src/dperl/README.md
new file mode 100644
index 00000000..675f82da
--- /dev/null
+++ b/src/dperl/README.md
@@ -0,0 +1,190 @@
+## DPerl Jobs
+
+- ### skvh copy job
+
+  Job to copy data from skvh table to another skvh table. It supports copying local tables and remote tables over erlimem
+  connections and all the combinations.
+  
+  type | support
+  ------------ | -------------
+  **sync** | true
+  **cleanup** | true with refresh
+  **refresh** | false
+  
+  #### Job configuration
+  
+  ```erlang
+  #dperlJob{name = <<"LocalSkvhCopy">>,
+            module = dperl_skvh_copy,
+            args = #{cleanup => true,label => "skvh copy",refresh => false,
+                     sync => true},
+            srcArgs = #{channel => "test"},
+            dstArgs = #{channel => "test1"},
+            enabled = false,running = false,plan = at_most_once,
+            nodes = ['dderl1@127.0.0.1'],
+            opts = []}]
+  ```
+  
+  The above configuration moves data from source table `test` (existing table) to destination table `test1` (existing or
+  new table would be created by the job). 
+  
+  To copy table data **from** remote `imem_dal_skvh` table `srcArgs` should be configured as following
+  ```erlang
+  #{credential =>
+        #{password => <<"change_on_install">>,user => <<"system">>},
+    links =>
+        [#{ip => "HostOrIp",port => 1236,schema => dderl,
+           secure => true, prio => 1},
+         #{ip => "HostOrIp2",port => 1236,schema => dderl,
+           secure => true, prio => 2}],
+    minKey => -1  %% optional,
+    maxKey => [<<255>>]  %% optional
+    sbucket => "channel"}
+  ```
+  
+  To copy table data **to** remote `imem_dal_skvh` table `dstArgs` should be configured as following
+  ```erlang
+  #{credential =>
+        #{password => <<"change_on_install">>,user => <<"system">>},
+    dbucketOpts => [audit,history] %% optional,
+    links =>
+        [#{ip => "HostOrIp",port => 1236,schema => dderl,
+           secure => true, prio => 1},
+         #{ip => "HostOrIp2",port => 1236,schema => dderl,
+           secure => true, prio => 2}],
+    dbucket => "channel"}
+  ```
+  
+- ### Dashboard jobs
+
+  Status Jobs used to monitor the other jobs and health of the nodes. This data can be used to plot dperl_dashboard.
+
+  type | support
+  ------------ | -------------
+  **sync** | true
+  **cleanup** | true only for master job
+  **refresh** | false
+
+  #### Job configurations
+
+  - ##### Master Job configuration
+
+    ```erlang
+    #dperlJob{name = <<"DperlMasterPull">>,
+              module = dperl_status_pull,
+              args = #{cleanup => true,heartBeatInterval => 30000,
+                       label => "dperl:LB:Stag DPERL COLLECT",refresh => false,
+                       sync => true,tableOpts => []},
+              srcArgs = #{focus =>
+                              #{aggregators => [{dperl_status_agr,write_to_channel}],
+                                <<"shortid">> =>
+                                    #{frequency => 3,location => local,
+                                      metric_src => dperl_metrics}},
+                          metrics =>
+                              [#{aggregators => [{dperl_status_agr,write_to_channel}],
+                                 frequency => 3,
+                                 key => {jobs,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,check_job_down}],
+                                 frequency => 2,
+                                 key => {job_down_count,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,write_to_channel}],
+                                 key => {errors,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,check_memory_on_nodes}],
+                                 frequency => 7,
+                                 key => {agr,node_memory,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,check_job_error}],
+                                 frequency => 3,
+                                 key => {agr,error_count,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,check_heartbeats}],
+                                 key => {agr,heartbeat,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,merge_node_errors}],
+                                 frequency => 5,
+                                 key => {agr,node_error,[]},
+                                 location => local,metric_src => dperl_metrics}],
+                          node_collector => "DperlStatusPull"},
+              dstArgs = #{channel => "DPERL"},
+              enabled = false,running = false,plan = at_most_once,
+              nodes = ['dderl1@127.0.0.1'],
+              opts = []}
+    ```
+  - ##### Node Job configuration
+
+    This job has to run on all nodes.
+
+    ```erlang
+    #dperlJob{name = <<"DperlStatusPull">>,
+              module = dperl_status_pull,
+              args = #{cleanup => false,heartBeatInterval => 30000,
+                       label => "dperl:LB:Stag DPERL COLLECT",refresh => false,
+                       sync => true,tableOpts => []},
+              srcArgs = #{master_name => "DperlMasterPull",
+                          metrics =>
+                              [#{aggregators => [{dperl_status_agr,sync_puller_error}],
+                                 key => {job_status,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,check_nodes}],
+                                 frequency => 5,key => erlang_nodes,location => local,
+                                 metric_src => imem_metrics},
+                               #{aggregators => [{dperl_status_agr,check_nodes}],
+                                 frequency => 5,key => data_nodes,location => local,
+                                 metric_src => imem_metrics},
+                               #{aggregators => [{dperl_status_agr,write_to_aggr}],
+                                 key => {job_error_count,[]},
+                                 location => local,metric_src => dperl_metrics},
+                               #{aggregators => [{dperl_status_agr,format_system_memory}],
+                                 frequency => 7,key => system_information,location => local,
+                                 metric_src => imem_metrics}]},
+              dstArgs = #{channel => "DPERL"},
+              enabled = false,running = false,plan = on_all_nodes,
+              nodes = ['dderl1@127.0.0.1'],
+              opts = []}
+    ```
+- ### File Copy job
+
+  This job can be used to sync files, soruce folder and the file pattern can be configured and then the job moves the 
+  file to the destination folder. Backing up of source files is also possible. Optionally temporary directory can be
+  used to move the file, where only once the whole file is moved to the temporary directory it is moved to the
+  desitation folder.
+
+  #### Possible combinations of file copy
+
+  - single source to single destination (1 to 1)
+  - single source to multiple destination (1 to N)
+  - multiple source to single destination (N to 1)
+  - multiple source to multiple destination (N to N)
+
+  #### Source and destination can be on
+  
+  - Local file system
+  - NFS/CIFS
+  - Over SFTP
+
+  #### Job Configuration
+
+  ```erlang
+  #dperlJob{name = <<"FileCopy">>,module = dperl_file_copy,
+            args = #{debug => false,label => "File copy",status_dir => "status",
+                     status_extra => "WORKING\n600\n900",
+                     status_path => "/tmp/file_copy_job",
+                     sync => true},
+            srcArgs = #{default =>
+                            #{mask => "?????.csv",proto => local,
+                              root => "/tmp/file_copy_job/dir"}},
+            dstArgs = #{default =>
+                            #{mask => [],proto => local,
+                              root => "/tmp/file_copy_job/dir2"}},
+            enabled = false,running = false,plan = at_most_once,
+            nodes = ['dderl1@127.0.0.1'],
+            opts = []}
+  ```
+  
+  #### File mask
+
+  `?` is used to denote a single character. `#` is used to denote an integer.
+  `test_123456_klv.csv` can be represented as `test_######_???.csv`
diff --git a/src/dperl/jobs/dperl_ouraring_crawl.erl b/src/dperl/jobs/dperl_ouraring_crawl.erl
new file mode 100644
index 00000000..723b2445
--- /dev/null
+++ b/src/dperl/jobs/dperl_ouraring_crawl.erl
@@ -0,0 +1,350 @@
+-module(dperl_ouraring_crawl).
+
+-include_lib("dperl/dperl.hrl").
+
+-behavior(dperl_worker).
+-behavior(dperl_strategy_scr).
+
+-define(SHIFT_DAYS(__JOB_NAME),
+          ?GET_CONFIG(daysToBeShiftedAtStart, [__JOB_NAME], 100,
+          "Days to be shifted backwards for starting the job")
+       ).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         get_status/1, init_state/1]).
+
+-record(state, {name, channel, client_id, client_secret, password, email,
+                cb_uri, is_connected = false, access_token, api_url, oauth_url,
+                last_sleep_day, last_activity_day, last_readiness_day,
+                infos = [], auth_time, auth_expiry, key_prefix}).
+
+% dperl_strategy_scr export
+-export([connect_check_src/1, get_source_events/2, connect_check_dst/1,
+         do_cleanup/2, do_refresh/2, 
+         fetch_src/2, fetch_dst/2, delete_dst/2, insert_dst/3,
+         update_dst/3, report_status/3]).
+
+connect_check_src(#state{is_connected = true, auth_expiry = ExpiresIn, auth_time = AuthTime} = State) ->
+    case imem_datatype:sec_diff(AuthTime) of
+        Diff when Diff >= (ExpiresIn - 100) ->
+            % access token will expire in 100 seconds or less
+            connect_check_src(State#state{is_connected = false});
+        _ ->
+            {ok, State}
+    end;
+connect_check_src(#state{is_connected = false, client_id = ClientId, cb_uri = CallbackUri,
+                         client_secret = ClientSecret, password = Password,
+                         email = Email, oauth_url = OauthUrl} = State) ->
+    ?Info("Generating new access token"),
+    httpc:reset_cookies(?MODULE),
+    Params = #{
+        "response_type" => "code",
+        "client_id" => ClientId,
+        "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
+        "scope" => "email+personal+daily",
+        "state" => "test"
+    },
+    Url = OauthUrl ++ "/oauth/authorize?" ++ binary_to_list(url_enc_params(Params)),
+    try
+        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302, []}} = httpc:request(
+            get, {Url, []}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri = OauthUrl ++ proplists:get_value("location", RespHeader302),
+        {ok, {{"HTTP/1.1",200,"OK"}, RespHeader, _Body}} = httpc:request(get, {RedirectUri, []}, [{autoredirect, false}], [], ?MODULE),
+        SetCookieHeader = proplists:get_value("set-cookie", RespHeader),
+        {match, [XRefCookie]} = re:run(SetCookieHeader, ".*_xsrf=(.*);.*", [{capture, [1], list}]),
+        Params2 = #{
+            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
+            "email" => edoc_lib:escape_uri(Email),
+            "password" => edoc_lib:escape_uri(Password)
+        },
+        {ok,{{"HTTP/1.1",302,"Found"}, RespHeader302_1, []}} = httpc:request(
+        post, {
+            RedirectUri, [], "application/x-www-form-urlencoded",
+            url_enc_params(Params2)}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri_1 = OauthUrl ++ proplists:get_value("location", RespHeader302_1),
+        {ok, {{"HTTP/1.1",200,"OK"}, _, _}} = httpc:request(get, {RedirectUri_1, []}, [{autoredirect, false}], [], ?MODULE),
+        Params3 = #{
+            "_xsrf" => edoc_lib:escape_uri(XRefCookie),
+            "cope_email" => "on",
+            "scope_personal" => "on",
+            "scope_daily" => "on",
+            "allow" => "Accept"
+        },
+        {ok, {{"HTTP/1.1",302,"Found"}, RespHeader302_2, []}} = httpc:request(
+        post, {
+            RedirectUri_1, [], "application/x-www-form-urlencoded",
+            url_enc_params(Params3)}, [{autoredirect, false}], [], ?MODULE),
+        RedirectUri_2 = proplists:get_value("location", RespHeader302_2),
+        #{query := QueryString} = uri_string:parse(RedirectUri_2),
+        #{"code" := Code} = maps:from_list(uri_string:dissect_query(QueryString)),
+        Params4 = #{
+            "grant_type" => "authorization_code",
+            "code" => Code, "client_id" => ClientId,
+            "redirect_uri" => edoc_lib:escape_uri(CallbackUri),
+            "client_secret" => ClientSecret
+        },
+        {ok, {{"HTTP/1.1",200,"OK"}, _, BodyJson}} = httpc:request(
+        post, {
+            OauthUrl ++ "/oauth/token", [], "application/x-www-form-urlencoded",
+            url_enc_params(Params4)}, [{autoredirect, false}], [], ?MODULE),
+        #{<<"access_token">> := AccessToken, <<"expires_in">> := ExpiresIn} = Auth = jsx:decode(list_to_binary(BodyJson), [return_maps]),
+        ?JInfo("Authentication successful : ~p", [Auth]),
+        {ok, State#state{is_connected = true, access_token = AccessToken,
+                            auth_expiry = ExpiresIn, auth_time = imem_meta:time()}}
+    catch
+        Class:Error:Stacktrace ->
+            ?JError("Unexpected response : ~p:~p:~p", [Class, Error, Stacktrace]),
+            {error, invalid_return, State}
+    end;
+connect_check_src(State) -> {ok, State}.
+
+get_source_events(#state{infos = []} = State, _BulkSize) ->
+    {ok, sync_complete, State};
+get_source_events(#state{infos = Infos} = State, _BulkSize) ->
+    {ok, Infos, State#state{infos = []}}.
+
+connect_check_dst(State) -> {ok, State}.
+
+do_refresh(_State, _BulkSize) -> {error, cleanup_only}.
+
+fetch_src({_Key, Value}, _State) -> Value.
+
+fetch_dst({Key, _}, State) ->
+    dperl_dal:read_channel(State#state.channel, Key).
+
+insert_dst(Key, Val, State) ->
+    update_dst(Key, Val, State).
+
+report_status(_Key, _Status, _State) -> no_op.
+
+do_cleanup(State, _BlkCount) ->
+    Types = ["sleep", "activity", "readiness", "userinfo"],
+    case fetch_metrics(Types, State) of
+        {ok, State2} ->
+            case State2#state.infos of
+                [_] ->
+                    {ok, finish, State2};
+                _ ->
+                    {ok, State2}
+            end;
+        {error, Error} ->
+            {error, Error, State#state{is_connected = false}}
+    end.
+
+delete_dst(Key, #state{channel = Channel} = State) ->
+    ?JInfo("Deleting : ~p", [Key]),
+    dperl_dal:remove_from_channel(Channel, Key),
+    {false, State}.
+
+update_dst({Key, _}, Val, State) ->
+    update_dst(Key, Val, State);
+update_dst(Key, Val, #state{channel = Channel} = State) when is_binary(Val) ->
+    dperl_dal:write_channel(Channel, Key, Val),
+    {false, State};
+update_dst(Key, Val, State) ->
+    update_dst(Key, imem_json:encode(Val), State).
+
+get_status(#state{last_sleep_day = LastSleepDay,
+                  last_activity_day = LastActivityDay,
+                  last_readiness_day = LastReadinessDay}) ->
+    #{lastSleepDay => LastSleepDay, lastActivityDay => LastActivityDay,
+      lastReadinessDay => LastReadinessDay}.
+
+init_state([]) -> #state{};
+init_state([#dperlNodeJobDyn{state = State} | _]) ->
+    LastSleepDay = maps:get(lastSleepDay, State, undefined),
+    LastActivityDay = maps:get(lastActivityDay, State, undefined),
+    LastReadinessDay = maps:get(lastReadinessDay, State, undefined),
+    #state{last_sleep_day = LastSleepDay, last_activity_day = LastActivityDay,
+           last_readiness_day = LastReadinessDay};
+init_state([_ | Others]) ->
+    init_state(Others).
+
+init({#dperlJob{name=Name, dstArgs = #{channel := Channel},
+                srcArgs = #{client_id := ClientId, user_password := Password,
+                            client_secret := ClientSecret, user_email := Email,
+                            cb_uri := CallbackUri, api_url := ApiUrl,
+                            oauth_url := OauthUrl} = SrcArgs}, State}) ->
+    case dperl_auth_cache:get_enc_hash(Name) of
+        undefined ->
+            ?JError("Encryption hash is not avaialable"),
+            {stop, badarg};
+        {User, EncHash} ->
+            ?JInfo("Starting with ~p's enchash...", [User]),
+            imem_sec_mnesia:put_enc_hash(EncHash),
+            ChannelBin = dperl_dal:to_binary(Channel),
+            KeyPrefix = maps:get(key_prefix, SrcArgs, []),
+            dperl_dal:create_check_channel(ChannelBin),
+            inets:start(httpc, [{profile, ?MODULE}]),
+            ok = httpc:set_options([{cookies, enabled}], ?MODULE),
+            {ok, State#state{channel = ChannelBin, client_id = ClientId,
+                             client_secret = ClientSecret, password = Password,
+                             email = Email, cb_uri = CallbackUri, name = Name,
+                             api_url = ApiUrl, oauth_url = OauthUrl,
+                             key_prefix = KeyPrefix}}
+    end;
+init(Args) ->
+    ?JError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?JWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+handle_cast(Request, State) ->
+    ?JWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+handle_info(Request, State) ->
+    ?JWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, _State) ->
+    httpc:reset_cookies(?MODULE),
+    ?JInfo("terminate ~p", [Reason]).
+
+%% private functions
+
+fetch_metrics([], State) -> {ok, State};
+fetch_metrics(["userinfo" | Types], State) ->
+    case fetch_userinfo(State) of
+        {error, Error} ->
+            {error, Error};
+        State1 ->
+            fetch_metrics(Types, State1)
+    end;
+fetch_metrics([Type | Types], State) ->
+    case get_day(Type, State) of
+        fetched ->
+            fetch_metrics(Types, State);
+        Day ->
+            case fetch_metric(Type, Day, State) of
+                {error, Error} ->
+                    {error, Error};
+                none ->
+                    fetch_metrics(Types, State);
+                {ok, MDay, Metric} ->
+                    State1 = set_metric_day(Type, MDay, State#state{infos = [Metric | State#state.infos]}),
+                    fetch_metrics(Types, State1)
+            end
+    end.
+
+fetch_metric(Type, Day, #state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    ?JInfo("Fetching metric for ~s on ~p", [Type, Day]),
+    NextDay = next_day(Day),
+    case fetch_metric(Type, day_query(Day), ApiUrl, AccessToken) of
+        none ->
+            case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
+                {ok, _} ->
+                    fetch_metric(Type, NextDay, State);
+                _Other ->
+                    State
+            end;
+        {ok, Metric} ->
+            Key = build_key(Type, State#state.key_prefix),
+            Info = {Key, Metric#{<<"_day">> => list_to_binary(edate:date_to_string(Day))}},
+            case Type of
+                Type when Type == "sleep"; Type == "readiness" ->
+                    {ok, Day, Info};
+                "activity" ->
+                    % fetching activity only if next days data exists
+                    case fetch_metric(Type, start_day_query(NextDay), ApiUrl, AccessToken) of
+                        {ok, _} ->
+                            {ok, Day, Info};
+                        Other ->
+                            Other
+                    end
+            end;
+        {error, Error} ->
+            ?JError("Error fetching ~s for ~p : ~p", [Type, Day, Error]),
+            {error, Error}
+    end.
+
+fetch_metric(Type, DayQuery, ApiUrl, AccessToken) ->
+    Url = ApiUrl ++ "/v1/" ++ Type ++ DayQuery,
+    TypeBin = list_to_binary(Type),
+    case exec_req(Url, AccessToken) of
+        #{TypeBin := []} ->
+            none;
+        Metric when is_map(Metric) ->
+            {ok, Metric};
+        {error, Error} ->
+            {error, Error}
+    end.
+
+fetch_userinfo(#state{api_url = ApiUrl, access_token = AccessToken} = State) ->
+    case exec_req(ApiUrl ++ "/v1/userinfo", AccessToken) of
+        UserInfo when is_map(UserInfo) ->
+            Info = {build_key("userinfo", State#state.key_prefix), UserInfo},
+            State#state{infos = [Info | State#state.infos]};
+        {error, Error} ->
+            ?JError("Error fetching userinfo : ~p", [Error]),
+            {error, Error}
+    end.
+
+get_day(Type, State) ->
+    LastDay = get_last_day(Type, State),
+    Key = build_key(Type, State#state.key_prefix),
+    Yesterday = edate:yesterday(),
+    case dperl_dal:read_channel(State#state.channel, Key) of
+        ?NOT_FOUND ->
+            case LastDay of
+                undefined ->
+                    SDays = ?SHIFT_DAYS(State#state.name),
+                    edate:shift(-1 * SDays, days);
+                Yesterday ->
+                    Yesterday;
+                LastDay ->
+                    edate:shift(LastDay, 1, days)
+            end;
+        #{<<"_day">> := DayBin} ->
+            DayStr = binary_to_list(DayBin),
+            case {edate:string_to_date(DayStr), Yesterday} of
+                {D, D} -> fetched;
+                {D1, D2} when D1 < D2 -> edate:shift(D1, 1, day);
+                {_, Yesterday} -> Yesterday
+            end
+    end.
+
+exec_req(Url, AccessToken) ->
+    AuthHeader = [{"Authorization", "Bearer " ++ binary_to_list(AccessToken)}],
+    case httpc:request(get, {Url, AuthHeader}, [{autoredirect, false}], [], ?MODULE) of
+        {ok, {{_, 200, "OK"}, _, Result}} ->
+            imem_json:decode(list_to_binary(Result), [return_maps]);
+        Error ->
+            {error, Error}
+    end.
+
+next_day(Day) when is_list(Day) ->
+    next_day(edate:string_to_date(Day));
+next_day(Day) when is_tuple(Day) ->
+    edate:shift(Day, 1, day).
+
+day_query(Day) when is_tuple(Day) ->
+    day_query(edate:date_to_string(Day));
+day_query(Day) when is_list(Day) ->
+    "?start=" ++ Day ++ "&end=" ++ Day.
+
+start_day_query(Day) when is_tuple(Day) ->
+    start_day_query(edate:date_to_string(Day));
+start_day_query(Day) when is_list(Day) ->
+    "?start=" ++ Day.
+
+get_last_day("sleep", #state{last_sleep_day = LastSleepDay}) -> LastSleepDay;
+get_last_day("activity", #state{last_activity_day = LastActivityDay}) -> LastActivityDay;
+get_last_day("readiness", #state{last_readiness_day = LastReadinessDay}) -> LastReadinessDay.
+
+set_metric_day("sleep", Day, State) -> State#state{last_sleep_day = Day};
+set_metric_day("activity", Day, State) -> State#state{last_activity_day = Day};
+set_metric_day("readiness", Day, State) -> State#state{last_readiness_day = Day}.
+
+build_key(Type, KeyPrefix) when is_list(Type), is_list(KeyPrefix)->
+    KeyPrefix ++ [Type].
+
+url_enc_params(Params) ->
+    EParams = maps:fold(
+        fun(K, V, Acc) ->
+            ["&", K, "=", V | Acc]
+        end, [], Params),
+    erlang:iolist_to_binary(tl(EParams)).
diff --git a/src/dperl/services/dperl_service_oracle.erl b/src/dperl/services/dperl_service_oracle.erl
new file mode 100644
index 00000000..b694309b
--- /dev/null
+++ b/src/dperl/services/dperl_service_oracle.erl
@@ -0,0 +1,703 @@
+-module(dperl_service_oracle).
+
+-include("dperl_service_oracle.hrl").
+
+-behavior(dperl_worker).
+-behavior(cowboy_middleware).
+-behavior(cowboy_loop).
+
+% dperl_worker exports
+-export([init/1, terminate/2, handle_call/3, handle_cast/2, handle_info/2,
+         code_change/3, format_status/2, get_status/1, init_state/1]).
+
+-record(state, {name, resource, baseUrl, active_link = 1, stmt_profile_del,
+                stmt_ts_get, stmt_ts_post, stmt_ts_put, stmt_ts_reset,
+                stmt_ts_revert, stmt_bar_get, stmt_bar_put, stmt_bar_post,
+                pool, c_whitelist = #{}, listeners = [], tenants = #{}, port,
+                close_statement = [], close_session = [], dynstate = #{}}).
+
+% cowboy rest exports
+-export([init/2, info/3, execute/2]).
+
+-define(API_VERSION, "1.0.0").
+
+init_state(_) -> #state{}.
+
+get_status(#state{dynstate = DynState}) -> DynState.
+
+init({#dperlService{name = SName, args = Args, resource = Resource,
+                   interface = Interface},
+      State}) ->
+    case init_resources(
+           Resource,
+           State#state{name = SName, resource = Resource,
+                       dynstate = #{start => imem_meta:time(), req => 0,
+                                    error => #{}}}) of
+        {ok, State1} ->
+            Interface1 = maps:merge(Interface, Args),
+            case init_interface(Interface1, State1) of
+                {ok, State2} ->
+                    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
+                    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
+                    dperl_dal:update_service_dyn(
+                      State2#state.name, State2#state.dynstate,
+                      ?SERVICE_ACTIVE_THRESHOLD(SName), ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+                    {ok, State2};
+                Error ->
+                    erlocipool:del(State1#state.pool),
+                    {stop, Error}
+            end;
+        Error -> {stop, Error}
+    end;
+init({Args, _}) ->
+    ?SError("bad start parameters ~p", [Args]),
+    {stop, badarg}.
+
+handle_call(Request, _From, State) ->
+    ?SWarn("Unsupported handle_call ~p", [Request]),
+    {reply, ok, State}.
+
+% common
+handle_cast(#{operation := {profile, delete}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_profile_del = ProfileDelStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_profile_del, ProfileDelStmt},
+                    [Tenant, Msisdn, Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% topstopper
+handle_cast(#{operation := {topstopper, get}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant}, State) ->
+    Resp = db_call({stmt_ts_get, State#state.stmt_ts_get}, [Tenant, Msisdn]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, post}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_ts_post = TsPostStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_ts_post, TsPostStmt}, [Tenant, Msisdn, Requestor,
+                                                Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, put}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor,
+                        <<"type">> := Type,
+                        <<"limit">> := Limit}},
+            #state{stmt_ts_put = TsPutStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso 
+       (Limit >= -1 andalso Limit =< 100000) ->
+    Resp = db_call({stmt_ts_put, TsPutStmt},
+                   [Tenant, Msisdn, Type,
+                    dderloci_utils:oranumber_encode(
+                      list_to_binary(io_lib:format("~p", [Limit]))),
+                    Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, reset}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                       <<"requestor">> := Requestor,
+                       <<"type">> := Type}},
+            #state{stmt_ts_reset = TsResetStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
+    Resp = db_call({stmt_ts_reset, TsResetStmt}, [Tenant, Msisdn, Type,
+                                                  Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {topstopper, revert}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor,
+                        <<"type">> := Type}},
+            #state{stmt_ts_revert = TsRevertStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) ->
+    Resp = db_call({stmt_ts_revert, TsRevertStmt}, [Tenant, Msisdn, Type,
+                                                    Requestor, Comment]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% barring
+handle_cast(#{operation := {barring, get}, reply := RespPid, 
+              msisdn := Msisdn, tenant := Tenant}, State) ->
+    Resp = db_call({stmt_bar_get, State#state.stmt_bar_get}, [Tenant, Msisdn]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {barring, post}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"comment">> := Comment,
+                        <<"requestor">> := Requestor}},
+            #state{stmt_bar_post = BarPostStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH,
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH ->
+    Resp = db_call({stmt_bar_post, BarPostStmt}, [Tenant, Msisdn, Comment, Requestor]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+handle_cast(#{operation := {barring, put}, reply := RespPid,
+              msisdn := Msisdn, tenant := Tenant,
+              data := #{<<"type">> := Type, <<"barring">> := Barring,
+                        <<"comment">> := Comment, <<"requestor">> := Requestor}},
+            #state{stmt_bar_put = BarPutStmt} = State)
+  when byte_size(Comment) =< ?MAX_COMMENT_LENGTH andalso
+       byte_size(Requestor) =< ?MAX_REQUESTOR_LENGTH andalso
+       (Type == <<"swisscom">> orelse Type == <<"customer">>) andalso
+       (Barring == 0 orelse Barring == 6 orelse Barring == 9) ->
+    Resp = db_call({stmt_bar_put, BarPutStmt}, [Tenant, Msisdn, Type, Barring, Comment, Requestor]),
+    RespPid ! {reply, Resp},
+    {noreply, State};
+%% 
+handle_cast(#{reply := RespPid}, State) ->
+    RespPid ! {reply, bad_req},
+    {noreply, State};
+handle_cast(Request, State) ->
+    ?SWarn("Unsupported handle_cast ~p", [Request]),
+    {noreply, State}.
+
+-define(STMT_REBUILD(__SQL, __BINDS, __POOL, __STMT, __STATE),
+        (__STATE#state.__STMT):close(),
+        __STATE#state{__STMT = create_stmt(__POOL, __SQL, __BINDS)}).
+
+handle_info(update_dyn, #state{dynstate = Ds, name = SName} = State) ->
+    dperl_dal:update_service_dyn(
+      State#state.name, Ds, ?SERVICE_ACTIVE_THRESHOLD(SName),
+      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+    erlang:send_after(?SERVICE_UPDATE_PERIOD(SName), self(), update_dyn),
+    {noreply, State};
+handle_info(reset_dyn, #state{name = SName} = State) ->
+    NewDynState = (State#state.dynstate)#{req => 0, error => #{}},
+    dperl_dal:update_service_dyn(
+      State#state.name, NewDynState, ?SERVICE_ACTIVE_THRESHOLD(SName),
+      ?SERVICE_OVERLOAD_THRESHOLD(SName)),
+    erlang:send_after(?SERVICE_STATUS_RESET_PERIOD(SName), self(), reset_dyn),
+    {noreply, State#state{dynstate = NewDynState}};
+handle_info({error, StmtType, Code, Message},
+            #state{close_session = CloseSessionsErrors, listeners = Listeners,
+                   close_statement = CloseStatementErrors, port = Port,
+                   name = SName, pool = Pool} = State) ->
+    case lists:member(Code, CloseStatementErrors) of
+        true ->
+            ?SError("statement rebuild : ORA-~p ~s", [Code, Message]),
+            {noreply,
+             case StmtType of
+                 stmt_profile_del ->
+                     ?STMT_REBUILD(?PROFILE_DELETE_SQL,
+                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+                                   Pool, stmt_profile_del, State);
+                 stmt_ts_get ->
+                     ?STMT_REBUILD(?TOPSTOPPER_GET_SQL,
+                                   ?TOPSTOPPER_BARRING_GET_BINDS,
+                                   Pool, stmt_ts_get, State);
+                 stmt_ts_post ->
+                     ?STMT_REBUILD(?TOPSTOPPER_POST_SQL,
+                                   ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+                                   Pool, stmt_ts_post, State);
+                 stmt_ts_put -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_PUT_SQL,
+                                   ?TOPSTOPPER_PUT_BINDS,
+                                   Pool, stmt_ts_put, State);
+                 stmt_ts_reset -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_RESET_SQL,
+                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
+                                   Pool, stmt_ts_reset, State);
+                 stmt_ts_revert -> 
+                     ?STMT_REBUILD(?TOPSTOPPER_REVERT_SQL,
+                                   ?TOPSTOPPER_RESET_REVERT_BINDS,
+                                   Pool, stmt_ts_revert, State);
+                 stmt_bar_get ->
+                     ?STMT_REBUILD(?BARRING_GET_SQL,
+                                   ?TOPSTOPPER_BARRING_GET_BINDS,
+                                   Pool, stmt_bar_get, State);
+                 stmt_bar_post ->
+                     ?STMT_REBUILD(?BARRING_POST_SQL,
+                                   ?BARRING_POST_BINDS,
+                                   Pool, stmt_bar_post, State);
+                 stmt_bar_put ->
+                     ?STMT_REBUILD(?BARRING_PUT_SQL,
+                                   ?BARRING_PUT_BINDS,
+                                   Pool, stmt_bar_put, State)
+             end};
+        _ ->
+            case lists:member(Code, CloseSessionsErrors) of
+                true ->
+                    ?SError("pool restart ORA-~p ~s", [Code, Message]),
+                    lists:map(
+                      fun(Ip) ->
+                              case catch ranch:set_max_connections(
+                                     {Ip, Port}, 0) of
+                                  ok -> ok;
+                                  Error ->
+                                      ?SError("stop accept ~p on port ~p : ~p",
+                                              [Ip, Port, Error])
+                              end
+                      end, Listeners),
+                    erlocipool:del(Pool),
+                    case init_resources(State#state.resource, State) of
+                        {ok, State1} ->
+                            lists:map(
+                              fun(Ip) ->
+                                      case catch ranch:set_max_connections(
+                                             {Ip, Port}, ?SERVICE_MAXCONNS(SName)) of
+                                          ok -> ok;
+                                          Error ->
+                                              ?SError("start accept ~p on port ~p : ~p",
+                                                      [Ip, Port, Error])
+                                      end
+                              end, Listeners),
+                            {noreply, State1};
+                        Error -> {stop, {resource,  Error}, State}
+                    end;
+                _ ->
+                    ?SError("Unhandled ~p : ~s", [Code, Message]),
+                    {noreply, State}
+            end
+    end;
+handle_info(count_request, #state{dynstate = Ds} = State) ->
+    NewDs = Ds#{req => maps:get(req, Ds, 0) + 1},
+    {noreply, State#state{dynstate = NewDs}};
+handle_info({count_error, HttpRInt},
+            #state{dynstate = #{error := Error} = Ds} = State) ->
+    NewDs = Ds#{error => Error#{HttpRInt => maps:get(HttpRInt, Error, 0) + 1}},
+    {noreply, State#state{dynstate = NewDs}};
+handle_info(stop, State) ->
+    {stop, normal, State};
+handle_info(Request, State) ->
+    ?SWarn("Unsupported handle_info ~p", [Request]),
+    {noreply, State}.
+
+terminate(Reason, #state{listeners = Listeners, port = Port, pool = Pool}) ->
+    erlocipool:del(Pool),
+    stop_listeners(Reason, Listeners, Port),
+    ?SInfo("terminate ~p", [Reason]).
+
+code_change(OldVsn, State, Extra) ->
+    ?SInfo("code_change ~p: ~p", [OldVsn, Extra]),
+    {ok, State}.
+
+format_status(Opt, [PDict, State]) ->
+    ?SInfo("format_status ~p: ~p", [Opt, PDict]),
+    State.
+
+db_call({StmtType, Stmt}, Params) ->
+    self() ! count_request,
+    case Stmt:exec_stmt([list_to_tuple([?RESP_BUFFER|Params])]) of
+        {executed, _, [{_,<<"{\"errorCode\":",_:8,HttpR:3/binary,_/binary>>=Resp}]} ->
+            HttpRInt = binary_to_integer(HttpR),
+            if HttpRInt >= 400 andalso HttpRInt < 500 ->
+                   ?SInfo("~p: ~s", [HttpRInt, Resp]);
+               HttpRInt >= 500 ->
+                   ?SWarn("~p: ~s", [HttpRInt, Resp])
+            end,
+            self() ! {count_error, HttpRInt},
+            {HttpRInt, Resp};
+        {executed, _, [{_,Resp}]} -> {200, Resp};
+        {error, {Code, Message}} ->
+            self() ! {error, StmtType, Code, Message},
+            {500,
+              #{errorCode => 2500,
+                errorMessage => <<"Internal Server Error">>,
+                errorDetails => Message}};
+        {error, Reason} ->
+            ?SError("~p (~p) : ~p", [StmtType, Params, Reason]),
+            self() ! stop,
+            {500,
+              #{errorCode => 2500,
+                errorMessage => <<"Internal Server Error">>,
+                errorDetails => <<"See server error logs for details">>}}
+    end.
+
+init_interface(#{baseUrl := BaseUrl, commonWhitelist := CWhiteList,
+                 listenerAddresses := LAddresses, tenants := Tenants,
+                 port := Port, ssl := #{cert := Cert, key := Key}} = Intf,
+               #state{name = SName} = State) ->
+    MaxAcceptors = maps:get(max_acceptors, Intf, ?SERVICE_MAXACCEPTORS(SName)),
+    MaxConnections = maps:get(max_connections, Intf, ?SERVICE_MAXCONNS(SName)),
+    Opts = #{resource => self(), whitelist => maps:keys(CWhiteList),
+             tenants => Tenants, name => State#state.name},
+    FilteredListenerIps = local_ips(LAddresses),
+    Base =
+    case hd(BaseUrl) of
+        $/ -> BaseUrl;
+        _ -> "/" ++ BaseUrl
+    end,
+    try
+        lists:map(fun(Ip) ->
+            Dispatch =
+            cowboy_router:compile(
+                [{'_',
+                 [{Base++"/swagger/", ?MODULE, {swagger, Base, SName}},
+                  {Base++"/swagger/brand.json", cowboy_static, {priv_file, dperl, "brand.json"}},
+                  {Base++"/swagger/swisscom.png", cowboy_static, {priv_file, dperl, "swisscom.png"}},
+                  {Base++"/swagger/[...]", cowboy_static, {swagger_static, SName}},
+                  {Base++"/" ++ ?SERVICE_PROBE_URL(SName), ?MODULE, {'$probe', SName}},
+                  {Base, ?MODULE, {spec, SName}},
+                  {Base++"/:class/:msisdn", [{class, fun class_constraint/2}], ?MODULE, Opts},
+                  {Base++"/:msisdn", ?MODULE, Opts}
+                 ]}]
+            ),
+            TransOpts = [{ip, Ip}, {port, Port},
+                         {num_acceptors, MaxAcceptors},
+                         {max_connections, MaxConnections},
+                         {versions, ['tlsv1.2','tlsv1.1',tlsv1]}
+                         | imem_server:get_cert_key(Cert)
+                         ++ imem_server:get_cert_key(Key)],
+            ProtoOpts = #{env => #{dispatch => Dispatch},
+                          middlewares => [cowboy_router, ?MODULE, cowboy_handler],
+                          stream_handlers => [cowboy_compress_h, cowboy_stream_h]},
+            {ok, P} = cowboy:start_tls({Ip, Port}, TransOpts, ProtoOpts),
+            ?SInfo("[~p] Activated https://~s:~p~s",
+                    [P, inet:ntoa(Ip), Port, Base])
+        end, FilteredListenerIps),
+        {ok, State#state{listeners = FilteredListenerIps, port = Port}}
+    catch
+        error:{badmatch,{error,{already_started,_}}} = Error:Stacktrace ->
+            ?SError("error:~p~n~p", [Error, Stacktrace]),
+            stop_listeners(Error, FilteredListenerIps, Port),
+            init_interface(Intf, State);
+        Class:Error:Stacktrace ->
+            ?SError("~p:~p~n~p", [Class, Error, Stacktrace]),
+            {error, Error}
+    end.
+
+class_constraint(format_error, Value) -> io_lib:format("The class ~p is not an valid.", [Value]);
+class_constraint(_Type, <<"topstopper">>) -> {ok, topstopper};
+class_constraint(_Type, <<"barring">>) -> {ok, barring};
+class_constraint(_Type, _) -> {error, not_valid}.
+
+stop_listeners(Reason, Listerns, Port) ->
+    lists:map(
+      fun(Ip) ->
+              case catch cowboy:stop_listener({Ip, Port}) of
+                  ok -> ok;
+                  Error ->
+                      ?SError("[~p] stopping listener ~p on port ~p : ~p",
+                              [Reason, Ip, Port, Error])
+              end
+      end, Listerns).
+
+local_ips(ListenerAddresses) ->
+    IntfIps = dderl:local_ipv4s(),
+    maps:fold(
+        fun({_, _, _, _} = Ip, _, Acc) ->
+            case lists:member(Ip, IntfIps) of
+                true -> [Ip | Acc];
+                false -> Acc
+            end;
+           (_, _, Acc) -> Acc
+        end, [], ListenerAddresses
+    ).
+
+init_resources(#{credential := #{user := _User, password := _Password},
+                 links := Links} = _Resources,
+               #state{active_link = ActiveLink} = _State) ->
+    #{opt := _Opts, tns := _TNS} = lists:nth(ActiveLink, Links),
+    {error, unimplemented}.
+    %% TODO : reimplement without erlocipool
+    %Options = dperl_dal:oci_opts(?ERLOCIPOOL_LOG_CB, Opts),
+    %Pool = dperl_dal:get_pool_name(Resources, State#state.name),
+    %case proplists:get_value(sess_min, Options) of
+    %    0 -> {error, invalid_dbconn_pool_size};
+    %    _ ->
+    %        case erlocipool:new(Pool, TNS, User, Password, Options) of
+    %            {ok, _PoolPid} ->
+    %                try
+    %                    CloseStatementErrors = maps:get(close_statement,
+    %                                                    Resources, []),
+    %                    CloseSessionsErrors = maps:get(close_session,
+    %                                                   Resources, []),
+    %                    if is_list(CloseStatementErrors) andalso
+    %                       is_list(CloseSessionsErrors) ->
+    %                           {ok,
+    %                            State#state{
+    %                              stmt_profile_del
+    %                              = create_stmt(Pool, ?PROFILE_DELETE_SQL,
+    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
+    %                              stmt_ts_get
+    %                              = create_stmt(Pool, ?TOPSTOPPER_GET_SQL,
+    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
+    %                              stmt_ts_post
+    %                              = create_stmt(Pool, ?TOPSTOPPER_POST_SQL,
+    %                                            ?PROFILE_DELETE_TOPSTOPPER_POST_BINDS),
+    %                              stmt_ts_put
+    %                              = create_stmt(Pool, ?TOPSTOPPER_PUT_SQL,
+    %                                            ?TOPSTOPPER_PUT_BINDS),
+    %                              stmt_ts_reset
+    %                              = create_stmt(Pool, ?TOPSTOPPER_RESET_SQL,
+    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
+    %                              stmt_ts_revert
+    %                              = create_stmt(Pool, ?TOPSTOPPER_REVERT_SQL,
+    %                                            ?TOPSTOPPER_RESET_REVERT_BINDS),
+    %                              stmt_bar_get
+    %                              = create_stmt(Pool, ?BARRING_GET_SQL,
+    %                                            ?TOPSTOPPER_BARRING_GET_BINDS),
+    %                              stmt_bar_post
+    %                              = create_stmt(Pool, ?BARRING_POST_SQL,
+    %                                            ?BARRING_POST_BINDS),
+    %                              stmt_bar_put
+    %                              = create_stmt(Pool, ?BARRING_PUT_SQL,
+    %                                            ?BARRING_PUT_BINDS),
+    %                              pool = Pool, close_statement = CloseStatementErrors,
+    %                              close_session = CloseSessionsErrors}};
+    %                       true ->
+    %                           {badarg, [close_statement, close_session]}
+    %                    end
+    %                catch
+    %                    Class:Error ->
+    %                        ?SError("create statements failed : ~p. Deleing pool.", [{Class, Error}]),
+    %                        erlocipool:del(Pool),
+    %                        {Class, Error}
+    %                end;
+    %            {error, {already_started,_} = Error} ->
+    %                ?SError("Pool ~p exists, restarting...", [Pool]),
+    %                erlocipool:del(Pool),
+    %                {error, Error};
+    %            {error, Error} ->
+    %                erlocipool:del(Pool),
+    %                init_resources(
+    %                  Resources,
+    %                  State#state{active_link =
+    %                              if length(Links) > ActiveLink ->
+    %                                     ?SWarn("Pool ~p start : ",
+    %                                            [Pool, Error]),
+    %                                     ActiveLink + 1;
+    %                                 true ->
+    %                                     ?SError("Pool ~p start : ",
+    %                                             [Pool, Error]),
+    %                                     1
+    %                              end})
+    %        end
+    %end.
+
+-spec create_stmt(atom(), binary(), list()) -> tuple().
+create_stmt(_Pool, _Sql, _Binds) ->
+    {error, unimplemented}.
+    %% TODO
+    % ?OciStmt(Pool, Sql, Binds, Stmt),
+    % Stmt.
+
+%%
+%% Cowboy REST resource
+%%
+
+-define(SERVER,     "dperl AAA").
+-define(SPEC_FILE,  "aaa.json").
+-include_lib("dderl/src/dderl_rest.hrl").
+
+-define(E2400,
+        #{errorCode => 2400,
+          errorMessage => <<"Missing body">>,
+          errorDetails => <<"Missing request payload">>}).
+-define(E1404,
+        #{errorCode => 1404,
+          errorMessage => <<"Not Found">>,
+          errorDetails => <<"Ressource not found, no AAA-Profile exists."
+                            " Consider creating a default profile with"
+                            " POST">>}).
+-define(E1405,
+        #{errorCode => 1405,
+          errorMessage => <<"Method Not Allowed">>,
+          errorDetails => <<"HTTP method isn't allowed on this resource">>}).
+
+-define(E1403,
+        #{errorCode => 1403,
+          errorMessage => <<"Forbidden">>,
+          errorDetails => <<"No access to the requested service">>}).
+
+-define(JSON(__BODY), imem_json:encode(__BODY)).
+
+% applying Swagger whitelist through middleware
+execute(Req, Env) ->
+    case maps:get(handler_opts, Env, none) of
+        {swagger_static, SName} ->
+            apply_swagger_whitelist(
+                Req, SName, Env#{handler_opts => {priv_dir, dderl, "public/swagger"}});
+        {swagger, _, SName} -> apply_swagger_whitelist(Req, SName, Env);
+        {spec, SName} -> apply_swagger_whitelist(Req, SName, Env);
+        _ -> {ok, Req, Env}
+    end.
+
+apply_swagger_whitelist(Req, SName, Env) ->
+    {Ip, _Port} = cowboy_req:peer(Req),
+    case ?SWAGGER_WHITELIST(SName) of
+        #{Ip := _} -> {ok, Req, Env};
+        WL when map_size(WL) == 0 -> {ok, Req, Env};
+        _ ->
+            Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS,
+                                          ?JSON(?E1403), Req),
+            {stop, Req1}
+    end.
+
+init(Req, {'$probe', SName}) ->
+    {Code, Resp} = ?SERVICE_PROBE_RESP(SName),
+    Req1 = cowboy_req:reply(Code, ?REPLY_HEADERS, Resp, Req),
+    {ok, Req1, undefined};
+init(Req, {swagger, Base, _SName}) ->
+    Url = iolist_to_binary(cowboy_req:uri(Req)),
+    LastAt = byte_size(Url) - 1,
+    Req1 =
+    cowboy_req:reply(
+      302, #{<<"cache-control">> => <<"no-cache">>,
+             <<"pragma">> => <<"no-cache">>,
+             <<"location">> =>
+             list_to_binary(
+               [Url, case Url of
+                         <<_:LastAt/binary, "/">> -> "";
+                         _ -> "/"
+                     end,
+                "index.html?url="++ Base])},
+      <<"Redirecting...">>, Req),
+    {ok, Req1, #state{}};
+init(Req, {spec, _SName}) ->
+    Req1 =
+    case cowboy_req:method(Req) of
+        <<"GET">> ->
+            {ok, Content} = file:read_file(
+                              filename:join(dderl:priv_dir(dperl),
+                                            ?SPEC_FILE)),
+            cowboy_req:reply(200, ?REPLY_JSON_SPEC_HEADERS, Content, Req);
+        <<"OPTIONS">> ->
+            ACRHS = cowboy_req:header(<<"access-control-request-headers">>, Req),
+            cowboy_req:reply(200, 
+                             maps:merge(#{<<"allow">> => <<"GET,OPTIONS">>,
+                                          <<"access-control-allow-headers">> => ACRHS},
+                                        ?REPLY_OPT_HEADERS), <<>>, Req);
+        Method->
+            ?Error("~p not supported", [Method]),
+            cowboy_req:reply(405, ?REPLY_JSON_HEADERS, ?JSON(?E1405), Req)
+    end,
+    {ok, Req1, #state{}};
+init(Req0, #{whitelist := CWhiteList, tenants := Tenants,
+             name := ServiceName} = Opts)->
+    put(name, ServiceName),
+    Req = Req0#{req_time => os:timestamp()},
+    {Ip, _Port} = cowboy_req:peer(Req),
+    IpStr = inet:ntoa(Ip),
+    case cowboy_req:parse_header(<<"authorization">>, Req) of
+        {basic, Tenant, Password} ->
+            case Tenants of % user:password authorization check
+                #{Tenant := #{password := Password, permissions := Permissions,
+                              whitelist := TWhiteLists}} ->
+                    % whitelists check
+                    case {is_ip_allowed(Ip, maps:keys(TWhiteLists)),
+                          is_ip_allowed(Ip, CWhiteList)} of
+                        {false, false} ->
+                            ?SError("~s (~s) is not in tenants' whitelist",
+                                    [IpStr, Tenant]),
+                            unauthorized(Req);
+                        _ ->
+                            Class = cowboy_req:binding(class, Req, <<>>),
+                            Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
+                            Op = cowboy_req:method(Req),
+                            Operation = get_operation(Class, Op, Req),
+                            % operation permission check
+                            case Permissions of
+                                #{Operation := _} ->
+                                    push_request(Operation, Msisdn, Tenant, Req, Opts);
+                                _ ->
+                                    ?SError("~s (~s) operation ~p not authorized",
+                                            [IpStr, Tenant, Operation]),
+                                    unauthorized(Req)
+                            end
+                    end;
+                Tenants ->
+                    ?SError("~s (~s:~s) is not configured in tenants",
+                            [IpStr, Tenant, Password]),
+                    unauthorized(Req)
+            end;
+        Auth ->
+            ?SError("~s provided unsupported or bad authorization ~p", [IpStr, Auth]),
+            unauthorized(Req)
+    end.
+
+-spec is_ip_allowed(tuple(), list()) -> true | false.
+is_ip_allowed(_Ip, []) -> true;
+is_ip_allowed(Ip, WhiteList) -> lists:member(Ip, WhiteList).
+
+unauthorized(Req) ->
+    Req1 = cowboy_req:reply(403, ?REPLY_JSON_HEADERS, ?JSON(?E1403), Req),
+    {ok, Req1, undefined}.
+
+get_operation(<<>>,       <<"DELETE">>,  _Req) -> {profile,   delete};
+get_operation(barring,    <<"GET">>,     _Req) -> {barring,      get};
+get_operation(barring,    <<"POST">>,    _Req) -> {barring,      post};
+get_operation(barring,    <<"PUT">>,     _Req) -> {barring,      put};
+get_operation(topstopper, <<"GET">>,     _Req) -> {topstopper,   get};
+get_operation(topstopper, <<"PATCH">>,    Req) ->
+    case cowboy_req:match_qs([{action, [], none}], Req) of
+        #{action := <<"reset">>} -> {topstopper, reset};
+        #{action := <<"revert">>} -> {topstopper, revert};
+        #{action := Other} -> {topstopper, Other}
+    end;
+get_operation(topstopper, <<"POST">>,    _Req) -> {topstopper,   post};
+get_operation(topstopper, <<"PUT">>,     _Req) -> {topstopper,   put};
+get_operation(Class,      Op,               _) -> {Class,        Op}.
+
+push_request({_, Op} = Operation, Msisdn, Tenant, Req0, #{resource := Service} = Opts) ->
+    CastReq = #{reply => self(), operation => Operation,
+                msisdn => Msisdn, tenant => Tenant},
+    Req = Req0#{db_call => os:timestamp()},
+    case cowboy_req:has_body(Req) of
+        false when Op == put; Op == post; Op == patch; Op == delete ->
+            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
+            {ok, Req1, undefined};
+        false when Op == get ->
+            ok = gen_server:cast(Service, CastReq),
+            {cowboy_loop, Req, Opts, hibernate};
+        true ->
+            {ok, Body, Req1} = cowboy_req:read_body(Req),
+            case catch imem_json:decode(Body, [return_maps]) of
+                {'EXIT', Error} ->
+                    ?SError("~p malformed with ~s : ~p", [Operation, Body, Error]),
+                    Req2 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req1),
+                    {ok, Req2, undefined};
+                BodyMap ->
+                    ok = gen_server:cast(Service, CastReq#{data => BodyMap}),
+                    {cowboy_loop, Req1, Opts, hibernate}
+            end;
+        HasBody ->
+            ?SError("~p with body ~p is not supported", [Operation, HasBody]),
+            Req1 = cowboy_req:reply(400, ?REPLY_JSON_HEADERS, ?JSON(?E2400), Req),
+            {ok, Req1, undefined}
+    end.
+
+info({reply, bad_req}, Req, State) -> info({reply, {400, <<>>}}, Req, State);
+info({reply, not_found}, Req, State) ->
+    info({reply, {404, ?JSON(?E1404)}}, Req, State);
+info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_map(Body) ->
+    info({reply, {Code, imem_json:encode(Body)}}, Req, State);
+info({reply, {Code, Body}}, Req, State) when is_integer(Code), is_binary(Body) ->
+    Req1 = cowboy_req:reply(Code, ?REPLY_JSON_HEADERS, Body, Req),
+    ReqTime = maps:get(req_time, Req1),
+    DbCall = maps:get(db_call, Req1),
+    Now = os:timestamp(),
+    Total = timer:now_diff(Now, ReqTime),
+    if Total > 0 ->
+           Op = cowboy_req:method(Req),
+           Class = cowboy_req:binding(class, Req, <<>>),
+           Msisdn = cowboy_req:binding(msisdn, Req, <<>>),
+           {Ip, Port} = cowboy_req:peer(Req),
+           IpStr = inet:ntoa(Ip),
+           if is_tuple(DbCall) ->
+                  ?SDebug("~s:~p ~s ~p ~s : TotalTime (micros) ~p = ~p (ReqTime) + ~p (DBTime)",
+                          [IpStr, Port, Op, Class, Msisdn, Total,
+                           timer:now_diff(DbCall, ReqTime),
+                           timer:now_diff(Now, DbCall)]);
+              true ->
+                  ?SDebug("~s:~p ~s ~p ~s : TotalTime ~p micros",
+                          [IpStr, Port, Op, Class, Msisdn, Total])
+           end;
+       true -> ok
+    end,
+    {stop, Req1, State}.
diff --git a/src/dperl/services/dperl_service_oracle.hrl b/src/dperl/services/dperl_service_oracle.hrl
new file mode 100644
index 00000000..e31ffa6d
--- /dev/null
+++ b/src/dperl/services/dperl_service_oracle.hrl
@@ -0,0 +1,215 @@
+-ifndef(_dperl_ora_).
+-define(_dperl_ora_, true).
+
+-include_lib("dperl/dperl.hrl").
+
+-define(MAX_COMMENT_LENGTH, 200).
+-define(MAX_REQUESTOR_LENGTH, 20).
+
+-define(RESP_BUFFER, list_to_binary(lists:duplicate(1024, 0))).
+
+-define(SERVICE_MAXACCEPTORS(__SERVICE_NAME),
+          ?GET_CONFIG(maxNumberOfAcceptors, [__SERVICE_NAME], 100,
+                      "Maximum number of TCP acceptors")
+       ).
+
+-define(SERVICE_MAXCONNS(__SERVICE_NAME), 
+          ?GET_CONFIG(maxNumberOfSockets, [__SERVICE_NAME], 5000, 
+                      "Maximum number of simulteneous connections")
+       ).
+  
+-define(SERVICE_PROBE_URL(__SERVICE_NAME),
+          ?GET_CONFIG(probeUrl, [__SERVICE_NAME], "/probe.html",
+                      "Defines the url of the probe for the load balancer")
+       ).
+
+-define(SERVICE_PROBE_RESP(__SERVICE_NAME),
+          ?GET_CONFIG(probeResp, [__SERVICE_NAME],
+                      {200,
+                       <<"<html>"
+                         "<body>Service is alive</body>"
+                         "</html>">>},
+                      "Response given to the load balancer when the probeUrl"
+                      " is requested")
+       ).
+
+-define(SERVICE_UPDATE_PERIOD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceDynUpdatePeriod, [__SERVICE_NAME], 2000,
+                      "Delay in millisecond between a service updates its DYN"
+                      " info")
+       ).
+
+-define(SERVICE_STATUS_RESET_PERIOD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceDynResetPeriod, [__SERVICE_NAME], 3600 * 1000,
+                      "Delay in millisecond between a service resets its DYN"
+                      " info")
+       ).
+
+-define(SERVICE_ACTIVE_THRESHOLD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceStatusActiveThreshold, [__SERVICE_NAME], 1,
+                      "Request count threshhold beyond which service is marked"
+                      " as active in DYN")
+       ).
+
+-define(SERVICE_OVERLOAD_THRESHOLD(__SERVICE_NAME),
+          ?GET_CONFIG(serviceStatusOverloadThreshold, [__SERVICE_NAME], 100,
+                      "Request count threshhold beyond which service is marked"
+                      " as overloaded in DYN")
+       ).
+
+-define(SWAGGER_WHITELIST(__SERVICE_NAME),
+          ?GET_CONFIG(swaggerWhitelist, [__SERVICE_NAME], #{},
+                      "Whitelist for SwaggerClient Access")).
+
+%% sqls
+
+%% common sqls and binds
+-define(PROFILE_DELETE_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_profile_msisdn_delete(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+%% topstopper sqls and binds
+-define(TOPSTOPPER_GET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_get(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN);
+END;
+">>).
+
+-define(TOPSTOPPER_POST_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_post(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(PROFILE_DELETE_TOPSTOPPER_POST_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'}]).
+
+-define(TOPSTOPPER_PUT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_put(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    TopStopLimit=>:SQLT_VNU_TOPSTOPLIMIT,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_PUT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,   out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,          in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,       in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>,  in,     'SQLT_CHR'},
+         {<<":SQLT_VNU_TOPSTOPLIMIT">>, in,     'SQLT_VNU'},
+         {<<":SQLT_CHR_REQUESTOR">>,    in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,       in,     'SQLT_CHR'}]).
+
+-define(TOPSTOPPER_RESET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_reset(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+
+-define(TOPSTOPPER_REVERT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_ts_msisdn_revert(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_RESET_REVERT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'}]).
+
+%% barring sqls and binds
+-define(BARRING_GET_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_get(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN
+  );
+END;
+">>).
+
+-define(TOPSTOPPER_BARRING_GET_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'}]).
+
+-define(BARRING_POST_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_post(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(BARRING_POST_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>, out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,        in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REMARK">>,     in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,  in,     'SQLT_CHR'}]).
+
+-define(BARRING_PUT_SQL, <<"
+BEGIN
+  :SQLT_CHR_OUT_RESULT := pkg_ora_dperl.aaa_barring_msisdn_put(
+    ProvisioningTenant=>:SQLT_CHR_APP,
+    Msisdn=>:SQLT_CHR_MSISDN,
+    BarringType=>:SQLT_CHR_BARRINGTYPE,
+    Requestor=>:SQLT_CHR_REQUESTOR,
+    BarringLevel=>:SQLT_INT_LEVEL,
+    Remark=>:SQLT_CHR_REMARK
+  );
+END;
+">>).
+
+-define(BARRING_PUT_BINDS,
+        [{<<":SQLT_CHR_OUT_RESULT">>,  out,    'SQLT_CHR'},
+         {<<":SQLT_CHR_APP">>,         in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_MSISDN">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_BARRINGTYPE">>, in,     'SQLT_CHR'},
+         {<<":SQLT_INT_LEVEL">>,       in,     'SQLT_INT'},
+         {<<":SQLT_CHR_REMARK">>,      in,     'SQLT_CHR'},
+         {<<":SQLT_CHR_REQUESTOR">>,   in,     'SQLT_CHR'}]).
+
+-endif. %_dperl_ora_
diff --git a/test.escript b/test.escript
new file mode 100644
index 00000000..79f8e9ec
--- /dev/null
+++ b/test.escript
@@ -0,0 +1,28 @@
+ng -*-
+%%! -smp enable -pa _build/default/lib/oranif/ebin/
+
+-define(TNS, <<
+        "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS="
+        "(PROTOCOL=TCP)(HOST=192.1681.160)(PORT=1521)))"
+        "(CONNECT_DATA=(SERVER=dedicated)(SERVICE_NAME=orclpdb1)))"
+    >>).
+-define(USER, <<"scott">>).
+-define(PSWD, <<"regit">>).
+
+-define(TEST_SQL, <<"select 1 from dual">>).
+    
+
+main(_) ->
+    ok = dpi:load_unsafe(),
+    Ctx = dpi:context_create(3, 0),
+    Conn = dpi:conn_create(Ctx, ?USER, ?PSWD, ?TNS, #{}, #{}),
+    Stmt = dpi:conn_prepareStmt(Conn, false, ?TEST_SQL, <<>>),
+    1 = dpi:stmt_execute(Stmt, []),
+    #{found := true} = dpi:stmt_fetch(Stmt),
+    #{data := Result} =
+        dpi:stmt_getQueryValue(Stmt, 1),
+    1.0 = dpi:data_get(Result),
+    io:format("done ~n", []),
+    halt(1).
+
+