From e84d3ac4636db3bd488ecd88ba26fdef6650273b Mon Sep 17 00:00:00 2001
From: Jarrod Lowe <github@rrod.net>
Date: Thu, 15 Aug 2024 18:50:14 +1200
Subject: [PATCH] Add a mutation to graphql

---
 .codacy.yml                                   |   4 ++
 .gitignore                                    |   3 +
 Makefile                                      |  14 +++-
 README.md                                     |   2 +
 graphql/graphql.mk                            |  20 ++++++
 graphql/mutation/createGame/appsync.js        |  37 +++++++++++
 graphql/mutation/createGame/appsync.ts        |  62 ++++++++++++++++++
 graphql/package-lock.json                     |  27 ++++++++
 graphql/package.json                          |   7 ++
 graphql/schema.graphql                        |  10 +--
 .../wildsea-dev/.terraform.lock.hcl           |  38 +++++++++++
 terraform/environment/wildsea-dev/plan        | Bin 20576 -> 0 bytes
 terraform/module/iac-roles/policy.tf          |   8 ++-
 terraform/module/wildsea/cognito.tf           |   2 +-
 terraform/module/wildsea/graphql.tf           |  59 +++++++++++++++++
 15 files changed, 281 insertions(+), 12 deletions(-)
 create mode 100644 .codacy.yml
 create mode 100644 graphql/graphql.mk
 create mode 100644 graphql/mutation/createGame/appsync.js
 create mode 100644 graphql/mutation/createGame/appsync.ts
 create mode 100644 graphql/package-lock.json
 create mode 100644 graphql/package.json
 delete mode 100644 terraform/environment/wildsea-dev/plan

diff --git a/.codacy.yml b/.codacy.yml
new file mode 100644
index 00000000..28bf9da6
--- /dev/null
+++ b/.codacy.yml
@@ -0,0 +1,4 @@
+---
+exclude_paths:
+  - "graphql/mutation/*/appsync.js"
+  - "graphql/query/*/appsync.js"
diff --git a/.gitignore b/.gitignore
index 7551e3cb..eb930316 100644
--- a/.gitignore
+++ b/.gitignore
@@ -32,6 +32,9 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
+
 .validate
 .apply
 plan.tfplan
+
+graphql/node_modules
diff --git a/Makefile b/Makefile
index 1c0e8f87..b3f87132 100644
--- a/Makefile
+++ b/Makefile
@@ -10,6 +10,8 @@ RW_ROLE = arn:aws:iam::$(ACCOUNT_ID):role/GitHubAction-Wildsea-rw-dev
 
 all: $(TERRAFOM_VALIDATE)
 
+include graphql/graphql.mk
+
 .PHONY: terraform-format
 terraform-format: $(addprefix terraform-format-environment-,$(TERRAFORM_ENVIRONMENTS)) $(addprefix terraform-format-module-,$(TERRAFORM_MODULES))
 	@true
@@ -35,13 +37,16 @@ terraform/environment/aws-dev/.apply: terraform/environment/aws-dev/*.tf terrafo
 	./terraform/environment/aws-dev/deploy.sh $(ACCOUNT_ID) dev
 	touch $@
 
-terraform/environment/wildsea-dev/plan.tfplan: terraform/environment/wildsea-dev/*.tf terraform/module/wildsea/*.tf terraform/environment/wildsea-dev/.terraform
+terraform/environment/wildsea-dev/plan.tfplan: terraform/environment/wildsea-dev/*.tf terraform/module/wildsea/*.tf terraform/environment/wildsea-dev/.terraform $(GRAPHQL)
 	cd terraform/environment/wildsea-dev ; ../../../scripts/run-as.sh $(RO_ROLE) \
 		terraform plan -out=./plan.tfplan
 
-terraform/environment/wildsea-dev/.apply: terraform/environment/wildsea-dev/plan.tfplan
+terraform/environment/wildsea-dev/.apply: terraform/environment/wildsea-dev/plan.tfplan $(GRAPHQL)
 	cd terraform/environment/wildsea-dev ; ../../../scripts/run-as.sh $(RW_ROLE) \
-		terraform apply ./plan.tfplan
+		terraform apply ./plan.tfplan ; \
+		status=$$? ; \
+		rm -f $< ; \
+		[ "$$status" -eq 0 ]
 	touch $@
 
 terraform/environment/wildsea-dev/.terraform: terraform/environment/wildsea-dev/*.tf terraform/module/wildsea/*.tf 
@@ -54,3 +59,6 @@ terraform/environment/wildsea-dev/.terraform: terraform/environment/wildsea-dev/
 clean:
 	rm -f terraform/environment/*/.validate
 	rm -f terraform/environment/*/plan.tfplan
+	rm -f graphql/mutation/*/appsync.js
+	rm -f graphql/query/*/appsync.js
+	rm -rf graphql/node_modules
diff --git a/README.md b/README.md
index f7650631..78a710e9 100644
--- a/README.md
+++ b/README.md
@@ -86,6 +86,8 @@ If you do not set the secret, then Cognito will be used as the identity source.
 
 ## Development Environment
 
+Install esbuild with `sudo npm install -g --save-exact --save-dev esbuild`
+
 After having set up the AWS Account, use `AWS_PROFILE=<profile> make dev` to
 deploy a development version. If this is a different AWS Account from the real
 deployment, you will need to create an S3 bucket for the state, in the same way
diff --git a/graphql/graphql.mk b/graphql/graphql.mk
new file mode 100644
index 00000000..39140c2f
--- /dev/null
+++ b/graphql/graphql.mk
@@ -0,0 +1,20 @@
+graphql/%/appsync.js: graphql/node_modules $(wildcard graphql/%/*.ts)
+	cd graphql && \
+	esbuild $*/*.ts \
+		--bundle \
+		--external:"@aws-appsync/utils" \
+		--format=esm \
+		--platform=node \
+		--target=esnext \
+		--sourcemap=inline \
+		--sources-content=false \
+		--outdir=$*
+
+graphql/node_modules: graphql/package.json
+	cd graphql && npm install
+
+GRAPHQL := $(patsubst %.ts,%.js,$(wildcard graphql/*/*/appsync.ts))
+
+.PHONY: graphql
+graphql: $(GRAPHQL)
+	echo $(GRAPHQL)
diff --git a/graphql/mutation/createGame/appsync.js b/graphql/mutation/createGame/appsync.js
new file mode 100644
index 00000000..8741eaad
--- /dev/null
+++ b/graphql/mutation/createGame/appsync.js
@@ -0,0 +1,37 @@
+// mutation/createGame/appsync.ts
+import { util } from "@aws-appsync/utils";
+function request(ctx) {
+  if (!ctx.identity) {
+    util.error("Unauthorized: Identity information is missing.");
+  }
+  const identity = ctx.identity;
+  if (!identity.sub) {
+    util.error("Unauthorized: User ID is missing.");
+  }
+  const { input } = ctx.arguments;
+  const id = util.autoId();
+  const timestamp = util.time.nowISO8601();
+  return {
+    operation: "PutItem",
+    key: util.dynamodb.toMapValues({ PK: `GAME#${id}`, SK: "GAME" }),
+    attributeValues: util.dynamodb.toMapValues({
+      ...input,
+      id,
+      fireflyUserId: identity.sub,
+      createdAt: timestamp,
+      updatedAt: timestamp
+    })
+  };
+}
+function response(ctx) {
+  const { error, result } = ctx;
+  if (error) {
+    return util.appendError(error.message, error.type, result);
+  }
+  return result;
+}
+export {
+  request,
+  response
+};
+//# sourceMappingURL=data:application/json;base64,ewogICJ2ZXJzaW9uIjogMywKICAic291cmNlcyI6IFsiYXBwc3luYy50cyJdLAogICJtYXBwaW5ncyI6ICI7QUFBQSxTQUFTLFlBQXFFO0FBOEJ2RSxTQUFTLFFBQVEsS0FBa0U7QUFDdEYsTUFBSSxDQUFDLElBQUksVUFBVTtBQUNmLFNBQUssTUFBTSxnREFBZ0Q7QUFBQSxFQUMvRDtBQUVBLFFBQU0sV0FBVyxJQUFJO0FBQ3JCLE1BQUksQ0FBQyxTQUFTLEtBQUs7QUFDZixTQUFLLE1BQU0sbUNBQW1DO0FBQUEsRUFDbEQ7QUFFQSxRQUFNLEVBQUUsTUFBTSxJQUFJLElBQUk7QUFDdEIsUUFBTSxLQUFLLEtBQUssT0FBTztBQUN2QixRQUFNLFlBQVksS0FBSyxLQUFLLFdBQVc7QUFDdkMsU0FBTztBQUFBLElBQ0gsV0FBVztBQUFBLElBQ1gsS0FBSyxLQUFLLFNBQVMsWUFBWSxFQUFFLElBQUksUUFBUSxFQUFFLElBQUksSUFBSSxPQUFPLENBQUM7QUFBQSxJQUMvRCxpQkFBaUIsS0FBSyxTQUFTLFlBQVk7QUFBQSxNQUN2QyxHQUFHO0FBQUEsTUFDSDtBQUFBLE1BQ0EsZUFBZSxTQUFTO0FBQUEsTUFDeEIsV0FBVztBQUFBLE1BQ1gsV0FBVztBQUFBLElBQ2YsQ0FBQztBQUFBLEVBQ0w7QUFDSjtBQUVPLFNBQVMsU0FBUyxLQUF1QjtBQUM1QyxRQUFNLEVBQUUsT0FBTyxPQUFPLElBQUk7QUFDMUIsTUFBSSxPQUFPO0FBQ1AsV0FBTyxLQUFLLFlBQVksTUFBTSxTQUFTLE1BQU0sTUFBTSxNQUFNO0FBQUEsRUFDN0Q7QUFDQSxTQUFPO0FBQ1g7IiwKICAibmFtZXMiOiBbXQp9Cg==
diff --git a/graphql/mutation/createGame/appsync.ts b/graphql/mutation/createGame/appsync.ts
new file mode 100644
index 00000000..d464b1e9
--- /dev/null
+++ b/graphql/mutation/createGame/appsync.ts
@@ -0,0 +1,62 @@
+import { util, Context, DynamoDBPutItemRequest, AppSyncIdentityCognito, PutItemInputAttributeMap } from '@aws-appsync/utils';
+
+/**
+ * A CreateGameInput creates a Game.
+ * They are stored in DynamoDB with a PK of `GAME#<id>` and an SK of `GAME`.
+ * The ID is a UUID
+ * The fireflyUserId is the Cognito ID of the user
+
+input CreateGameInput {
+    name: String!
+    description: String
+}
+
+type Game {
+  id: ID!
+  name: String!
+  description: String
+  publicNotes: String
+  privateNotes: String
+  fireflyUserId: ID!
+  createdAt: AWSDateTime!
+  updatedAt: AWSDateTime!
+}
+ */
+
+interface CreateGameInput {
+  name: string;
+  description?: string;
+}
+
+export function request(ctx: Context<{ input: CreateGameInput }>): DynamoDBPutItemRequest {
+    if (!ctx.identity) {
+        util.error('Unauthorized: Identity information is missing.');
+    }
+
+    var identity = ctx.identity as AppSyncIdentityCognito;
+    if (!identity.sub) {
+        util.error('Unauthorized: User ID is missing.');
+    }
+
+    var input = ctx.arguments.input;
+    var id = util.autoId();
+    var timestamp = util.time.nowISO8601();
+    return {
+        operation: 'PutItem',
+        key: util.dynamodb.toMapValues({ PK: `GAME#${id}`, SK: 'GAME' }),
+        attributeValues: util.dynamodb.toMapValues({
+            ...input,
+            id,
+            fireflyUserId: identity.sub,
+            createdAt: timestamp,
+            updatedAt: timestamp,
+        }) as PutItemInputAttributeMap,
+    };
+}
+
+export function response(ctx: Context): unknown {
+    if (ctx.error) {
+        return util.appendError(ctx.error.message, ctx.error.type, ctx.result);
+    }
+    return ctx.result;
+}
diff --git a/graphql/package-lock.json b/graphql/package-lock.json
new file mode 100644
index 00000000..d45b4c7b
--- /dev/null
+++ b/graphql/package-lock.json
@@ -0,0 +1,27 @@
+{
+    "name": "graphql",
+    "version": "1.0.0",
+    "lockfileVersion": 2,
+    "requires": true,
+    "packages": {
+        "": {
+            "name": "graphql",
+            "version": "1.0.0",
+            "dependencies": {
+                "@aws-appsync/utils": "^1.7.0"
+            }
+        },
+        "node_modules/@aws-appsync/utils": {
+            "version": "1.9.0",
+            "resolved": "https://registry.npmjs.org/@aws-appsync/utils/-/utils-1.9.0.tgz",
+            "integrity": "sha512-TAZNHiMpJKafrur6sE0Ou48gbuRL1oJXUDfrnBbYAXDVF3+mzD/0QCRp91F/dcAUbbNkFaq8pAwLEBTmpvmm9g=="
+        }
+    },
+    "dependencies": {
+        "@aws-appsync/utils": {
+            "version": "1.9.0",
+            "resolved": "https://registry.npmjs.org/@aws-appsync/utils/-/utils-1.9.0.tgz",
+            "integrity": "sha512-TAZNHiMpJKafrur6sE0Ou48gbuRL1oJXUDfrnBbYAXDVF3+mzD/0QCRp91F/dcAUbbNkFaq8pAwLEBTmpvmm9g=="
+        }
+    }
+}
diff --git a/graphql/package.json b/graphql/package.json
new file mode 100644
index 00000000..fa3dfb01
--- /dev/null
+++ b/graphql/package.json
@@ -0,0 +1,7 @@
+{
+    "name": "graphql",
+    "version": "1.0.0",
+    "dependencies": {
+        "@aws-appsync/utils": "^1.7.0"
+    }
+}
diff --git a/graphql/schema.graphql b/graphql/schema.graphql
index 16067205..bfb4a720 100644
--- a/graphql/schema.graphql
+++ b/graphql/schema.graphql
@@ -1,21 +1,17 @@
 type Mutation {
-    createGame(input: CreateGameInput!): Game!
+    createGame(input: CreateGameInput!): Game! @aws_cognito_user_pools
 }
 
 type Query {
-    getGame(input: ID!): Game!
+    getGame(input: ID!): Game! @aws_cognito_user_pools
 }
 
 input CreateGameInput {
     name: String!
     description: String
-    publicNotes: String
-    privateNotes: String
-    fireflyUserId: ID!
-    players: [ID!]!
 }
 
-type Game {
+type Game @aws_cognito_user_pools {
   id: ID!
   name: String!
   description: String
diff --git a/terraform/environment/wildsea-dev/.terraform.lock.hcl b/terraform/environment/wildsea-dev/.terraform.lock.hcl
index 169a35a3..4360bd0c 100644
--- a/terraform/environment/wildsea-dev/.terraform.lock.hcl
+++ b/terraform/environment/wildsea-dev/.terraform.lock.hcl
@@ -22,3 +22,41 @@ provider "registry.terraform.io/hashicorp/aws" {
     "zh:ffb40a66b4d000a8ee4c54227eeb998f887ad867419c3af7d3981587788de074",
   ]
 }
+
+provider "registry.terraform.io/hashicorp/local" {
+  version = "2.5.1"
+  hashes = [
+    "h1:8oTPe2VUL6E2d3OcrvqyjI4Nn/Y/UEQN26WLk5O/B0g=",
+    "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561",
+    "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561",
+    "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5",
+    "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24",
+    "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667",
+    "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8",
+    "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0",
+    "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867",
+    "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4",
+    "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+  version = "3.2.2"
+  hashes = [
+    "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=",
+    "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7",
+    "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a",
+    "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3",
+    "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606",
+    "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546",
+    "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539",
+    "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422",
+    "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae",
+    "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1",
+    "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e",
+  ]
+}
diff --git a/terraform/environment/wildsea-dev/plan b/terraform/environment/wildsea-dev/plan
deleted file mode 100644
index 43dadce6d187308d3ccc29cf1314a4f517378156..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 20576
zcmd4XQ;;ZKmoDnEZQHi(T4md|ZQHhOyH?q@ZQD3s_aEK+-}^-GIF~0g=1tyY=7^YM
z=6v#%mjVVs0f6}DTndEO0Qk293;+_q+0@?Jz*a>W6aX+ju*Y=C%gS17+~u#y<jYS-
z)_0jDKZ=;bm~<9d4Q0a8BF#c-s&Sp6Mk1+4&*iWoL${MetjlfAWkyG``QR{L<E9Op
zOv#Z~p?gm&&3LM@M(S#pECjYW;!^;dXb=^}SC3#+A!sC!55Vx0PkgdOEy<_wB|O+|
z#w+LF$8=_KdK`|29$@kf+!?5306*dhLh+EJVK&I@Lz+WXY?EsbnujI*EsIelqK}i+
zwAVJ8>$t6r-|0ApHg-89+p@c4i3}QY#kB~?lL;PuLZfkIo{Tfz+_P9W=T{sxTtm(o
zZSoQ_%h6ck$kut^+)NRGSVRi#q9ehc)(}ald`SwTKPRa&sluLA#_8(e@AnZ;_I{q#
zznw9(<=n%CmZETBG&#9i#{~VU$?M@8;d_Pd9+J|E;D`u`O$UdUNT)-at6>eGQK(5%
z)Jy}V?=yxQ4$_wTtl}ndHo_yBHmfZ3uIkb4WX&=jv^MU42nLPmG6ojLiteOsIAe3Z
zNR<>~za|T|q0ctKwfJ~2-uLzvef}1TK5++xOU#d;5od%NCUO`Fk#5==P;ySUBlSMU
zn%=d{FRq%*2jEA4?jH8PDu!l~wK$C#f~1Ns))mbMFtV`Ozijor4V8gN&%wBHB<Y{!
z=~o?(C4F)xnbb#sU`&yvqa(IJO3zMJ4N`XKVe|ULB>rioQ<yZ+ChFPGa7n^s9l3;6
zjqSW;u#_TolB5;Dfl&p}&Gz{;txwUy+2owFip}et21GX22gg=Md)+?DH{olV5R@1J
zM5GavQ_+N$2<+GbC|0H0h7V69M3zEWxb)Topa&2SL=w=)?mnaNouYvl2h@Ua^16xr
z-P~O}B>mkS!elsA{i*{Bp)6kGZ!70)P$A95jy_!;$)FZJC#IZUce@F0pA*l4#&~<1
zK`BF;kjD0EJO6`{m|<O7MvMmxe5g(YxZSX0ZD&_q)Kt_(Z1jYYBgT{2iNwmG4>_+~
z$gcb2MpM}UJg@AAy6h5uv!x)}>q$cu&7+Qi>JL3}WlohDuG{m5&H6+?2LUf)^YKgk
z`+jiaa??fMI@OKwUWA@^!~Fq(4d!HnX$TD&pSaPn-gX;G0v*lMT2b$v)2Rd?+k^rE
z1g+$>v!Coh6(ytl=(%=vlmR>DS_5-ezxo57uD&FO_ZUy@PaL$ak(uRl%50r!4P|rN
zXWjH>9JB#SN&_9-$0>kBBfjr!3YvuijWVI0+)T@fy@nKYY)z#RjZ{{^sUXD}opHUK
zGiUrIl9z-htqEUGjR`fYrfYxFx>M7L^k?EV@!r^sW(Qk}gzR9u!d<Ph>T|$m5H(RF
zoB>+N%eE#oA_E^s_EiR^m&-m*AOLHRdF0shA_IG8Zn%PJZnYVr@^iYkP4l_Nn5*r^
z1w|j(<jK2({xv2W3ojc(@Ee$X@idg|#+0*(r-4Ws0-W&VhMHSZS*#$lcW)D}<OjZo
zERH$X7tFA7oos7Ll;LQLXH5jVW7;_+exvezH<Z>pW8M8vGv-t!b+(*<grx!GP#BJ(
zMhsqq9OtFypl#OL1j1F5{Yh;^h%#S4vV)FAt)_<d^h=zWZ0?rnKpHO15XvD4=Txzn
z!^<}}T1&;T<`@V!`6GR`WBZXJ+?cUaA1uw@xTC<s4B-TbLNn78irj!;?crMxn^p=R
zL+zJjyE$N1vb@HU;NU)XZcT;<1x-NxK?rTzA1jp>mBE_;qGgn8(<*%p&XAVbbP#MC
zqlxI&bGs0-uWL`TuQ1KoNz)DHv;a;d=BiE|i!vYr!`5^SB@$e66^euJc=et*@fJ9Q
z%=q=!Tf{NL)nvZ03|EILAL2oB@X?w4#~|do{N9A0fK6SeKL6)RxnxSBq>Use-#UQf
zOO-r>I?>@(eKP(#E>-Hg2NvKE9P>v?@gHY+!u#E8yZ6oSguJWY6I@m|{a;FrN|umG
zF#Gd{Nu@hj+;0=kCQ>3x)M49+D{+!}?)4<elk%&ZtA@>q?G5YrycNunQfr<E@n<nz
zRl1NwZuCU*Px8>uMdb6Qx;(j+`e-Vks<&=ZF8L8wGC|+SG7*}3HaIg9vPhE95CF>5
z2?{HHCfkphk60#{`yCOYog4}0A?)E9EzvWt0Qp2ed-vDGubqNaKW>co)gZao?*}e6
z7=(e<0fEcc8Vf%t5XO>g3aduS`<zQKVg@<dl2B#aAI%s()K3;^s8(;sy3RC)bYR05
zFsHs!W8lp-nm?A-EjX9DW(bj5`>k+WZ1onV^^6hPwvp>4-N~^MEp2kqPjOo>Xv+PJ
z;2rDxx<j$3r$n~S*da9Iq&2o}N}aYRg~qBsind4(G)@V~rgEA+Nv+pUIPfYNzy;bC
z*^}p6rc+Vx$z3k?vcOpgl`j#~3@`}{v?=qWaqM3=cv74w>1N!y)&0$*T*{_vZurGv
zp<**d4FO3;z=w7D5ebXHgA_it2dIDdx8C|Nuw>%m^6)V)S7EJCVGoUpGF!8OvD?jF
zm+tfaS#FYoedaGFo}8u00?0kdA31H0x9FnwRQ|L=dCwbjo=jkQZ=Yn~apFKlE`FRb
z$b^7w0)S*Q)19O~n-nh8JB~RbywghkT$l~GENz296pC=7XovtN4qwUe_qD6>LUpjE
z7@C@0v>ptfp?YyXKqvg-zYC!%7H&#%FNxSmmq%QJyVXVT+uFV-os1=&*lj-psr%Fv
zgpQ0HPOHY9ZJ^S%P0>OfG{C8CU+-6r&V({r%~gnPWfJw|Y_A)W4{<RL8Rd{9MVP>x
zMeg6!#*&Z)@6F_f0Sa3}+-_^}@naX<xz6eBR_6-iv?+LOKj|AC^{0C`3g!clIVJB=
zt!8(Ljhl|*&G@!?n}P<{U_E4*Z6|Bgr=UWj4{xC{yMeY&(KgFXbm}+av`lt;Ta`J)
z--;Z-=4-WFBDBT5_;3FG=g}um#`0MG$^qZH00Agl6_+U<16L=crKV=ThLRheY=NlN
z|5zW<hG5{Tu+SnQfR%BjE+~4gkT#=!8XWSeR5V?}rM}}g@7|g2e!Wu9J4BF{^NK0i
zX-AYk_fThg5@V5N&zz4frUW5XpEWRjS3`HJOJZ#AoT6A0=kzU%fj_awiGnw3Fc`C-
z%1~D!@S@=Y+wIOPKdmR~%~#psMfGBxAST|6Fr|i%BJs{wwRJxd|5;faEIMy0lgsh6
zF*kg=GG|&}WPW<SIZgAh@Yjo^{Y675g`HI7evtDDH~H(5e+&;Vvctc(&)z_7PYGTR
zJapr$7&D(zvm{pj_3c?6ZR-SDCh+1gr?-Yej*0)IRTz`-oYe(B>VCS;d`Lb^`sr%X
z>D$wA2JH3x$h%h62G{!K=5)lLnRoM9nEJMQ0Ug$4d0cKlabrlR4IO`Racldy-C2mB
zSiIobhrwKc)+Nr_0(+s){Li9^3$B}=tLU}<ZF!5{qp61%<$F@a^*YCjcq>hsSWz1b
ztwNwP%VY~clplYED;$EdO7V`v?UA)X))JI7TdlD+!U=(dx=}FA*VNx@wts#HB=F_c
zuh;!G+=KPt1!o_1aSk%UpmsWYnw$6DdA#wI2(5`eA~w-!zkfwt2N(C$ePYyI12=-2
zY>C;HcLjL$yS4QYH=W=I(ZACJUY|wt>IZjxuRMCMT<BCrv0LtRgWKO#7g=@@7H7GS
zOH<03#mArPntfkr6WvL~-~S<flK41L2j7rw4sq|<^{E$p-LTpz3m21{$#H7bwX!+L
zW}QXjc693He*1YRKM5X2bc+imu-ywSPtC3gJk4)4ag8u@S}~OuCLJ<)Wz?DmB(Kjm
z?!H0S8!3aXc$lcf%`QSN$p2*RFt|)1XAngVTi(4bT89_q=>((g*g)yZ6eZP+cm08d
z+~fKD`1C}AkfTPxY8YvzqLG7gdnG~YR^7N6ScH3iaYNh?n%PkVQ4{dzhJc{5$i5EN
zB}Wz>{>k|h>a|1+3O!hgfBUbO$)>gCyM@w`U1o2?D)hsjXHbv0CK?Nqmij|^ZuZB9
z4<x(YTE#S-O~5>t^BmnIR_15q0{q*sXq|0fqtz_U8#d9@tR0nT-W`s}h<C|@T6Z&|
z^<`8!lCH1O-60{&-B}!S9X0T;Z2t+fja$|}t#U^bv1JIepEu~P)AdpM7Hu!ehwrr9
zo6q5CbI}u*Np59^>nrw^*5<K7;Jo75V)|&9qP_J6sjAp$m>B-My!$1Bk@Mp_6%SJ%
zDXdZQI%Q*kp3_se)%rt%<;6))hq3;rtw6&#E~2Je<sd(^^~s9~Vt#2$_l8k8)a$3j
z;Zm54><Q!aX1WdDZ6rCU%&eR0;k2yt$3t@lA5-8fo>o|bF`)5D$oCAZWS(mNV_r+C
zncze8PIn_)IG8dy7}%%P)2qO7N5V%u<yCM<c-dKmcH6#YgH8~6K=)9{yM@PA@9yjp
z{R<durUHPIQD7q@Vxvu@EtjKS&v8&)5fGdVak7^3Ew{KJeN#dFsg@GCXFVyu)?ez#
z!5TB|iuY|#(uIwUjf;)}rM191`Ar9t$`<-!7^;E!x>C*M(fP4u36a@+WQm_UoUw_9
zpl_9JR+r1*9|@N!<tlV7oaJPwGHe#}&O=jaOBiOz!ps>9K&iEz_!68()B9`yK8dH&
z?jJHbAoPkAcCgR5UJbsujf@=>SZ=#*?dzK59rbA&p9)L03f1Rd1<~!!ig=b>@c2kR
z&7UXka2}T@w@MeDw~DjS@n}ibV!3bm9N_oFX6csF*|=9DNMvQnvX*79jGY}v)`u^l
z=S#Y>gPg3gk%gkVY}^eTcwI;PGzwS5*zKqxx}y${4)v?d;KJ_UP47vhK{%Uiw^tQw
zUuyzh7Djhd{l|giwf!xedddn=Ze8Q7gd7bDc|qo-;zswwrMa<)r?~}|(c${`+J4Z@
zT~H{T#EszJ&oMvN>m6dBwWS9^r6b<isNa<p2x3*=t?R2uw^6UI#Fnp@n<B;QiZ;=_
zpN=lq)2twZlTR-QL$oZ-lPn^9uTi-b#)0EA(j5n$c^4kvZZh=TQC`i*k{zFQGr8NF
zwWLFi_G-FoLg2^Zj*=xDkEO3`?6rdO0`O(s9rsw>-X0v=2mqmQfr5v~mW{ey$Pc;Z
z*mpQ<P8y`A?FX+a5b1~nRUAD~yQOGTwC>0$8`kpLhwe3&6gL{PT>RY!D*}I>UT`wB
zL@Xc%_J@8dtDQ^7P^CoZNC#826vC=-Nw&Y*dB6>kN_LbBl@HIA-vJNLJ0E-pfwl0Q
z>1*(;s8Y=8!8X)_y9~-6t-+18G`cUsOFye&i)LaUa&KcXtPJMIm_S~x_qXukFHy0n
z{QNlY_xoj^T<BjPv62+2d;_5xP}JNLpge`m>IpcMKB^g%gvW{kLF*#PmPZPIus1C}
zE_5_2tmS8_pNgoUMqBd}(VUAmiYRz1uNXv4@MHwZx)W1u-Ag#~LN3sek)*;^9KDC@
z(pVTK+SwQjnz0JGDX?j_D{3QYd4Y&44E3trBZ1ySx7mweH(hAm&r9_VwV|qzrP>1Z
z3Y#Gok=g^1NlTt-4l(~gtf>U5-z(z7rFxJU&j&9Ag7prrJ2w=k2)yA-DXYnRUQQ`#
z`R_YY_^?0@y8wl}G=?N<OczJ~rK6zLbjNZ)y$GV1-ki#NDjn2F&6KY!y08?P=f3jx
z|6T}GV=Z88MKP9fHh9Y%GlCmZ!!9;OD~a(}XM^f2dCHd!qVTEwH7`i4y%c0&lEUs}
zM2Tr^|5*R)tjF#SUV(ErSElDEI2M_yI-G{OO~%zt8EloJ8ob~YL$UXRSwi9DE9m19
zmCU!I0#0i45gsK&*ubc9(^+|@aiJXDTO@&c(91sjR%~BiVD<Q2tav_V@Rup#_piw2
zeXFdA7+o1LH?>j)9fnneh;BH}gL&Fv0=->^P(yu<w}TC{_Dp{&Z5YvX!gsRv&-Iwv
zWsE&T+J`M3oG0glB8iZ7KycRd!uh1$=6-AywADb1Qi2XTd$3U#aTirQ%m^*Zx8gIm
zCR4`6S;w84jLa`G0Ko6Byc9UZ5!3zj2qFN0Itu`R{QpQm;QvWLPR<6-CjV_fSG-nA
zn;fgVpVZyHe|ct^VMz%06EnW!fl8bM<b|Z@op~Z_NQfGb{xA`myxrbPv?A*rN%^BK
zlrT?@tjs4kJ3HHQCEDp>hI+taiYKSz7Cme7L62czD4u9WAvHC$HmxwJaE8GETDwM1
z(>_Nd2IzyJF1c1M+k*vZ7Qt<>>f3F!<Xo#(ff)>f<uh(=S;7F5ETQMpx34qW-Y!9d
zaXx3j9#`4b!3;9kF6#|4=v=(1@5B4n$RN6MfIumM6ina}7}^a_DcSWWYq9lVFhO(1
zLy(w4698$08h=I$5}|?O6|Ig1NTZ4U{i~A+6N`Xu-O5J3h*fxL)Hga-I;91!<ZI!p
zmoFF$EpTuc87C89?**fSP~`gU(v1PpKi7v2CE8s`(`0jjY(OaP+O%VBeapgjiJhgz
zeR7FHqVx!XaqdrfYv0eE!{H5Xf73Nr!5F#!0f=<_CAf+fp12_@aD!FE3a(o>3$AO$
zmN|XxEPSkU-;oIkxx#zt!vE!DfA@a&^|UzhGyJ}9VbzvoOQ`xyCx`_HDGsC~Of6V!
zw|gq!wqLg=qyDMD2@SaVKq2-r<yd~*1xc3agpP|yau(^J#vqQ({X8Pu)7zAjF-DCC
z5w<C1h>><umLDP2WTc%r?OCK@wPY1jBlYMazk@CyAc+roFVo8$y}9St=<df6+zMgo
z##p*oZzzv-_s>vlLaRBM0YvG7sU-J**P4JEOazH+k{<$*_;IrU6Lov=+od1Z@pPvn
zG7rx;q8-7+Hu4OQ*!Ss*i6Ljp9%e|z743ele01Ao#w}fqXFTdF9~>IxfF~Jl)P~0s
zq7<7$0q3PMrvoWp!H9!M*FV|YwYkt3=ac+X3#dB0JZ@!L>F1YYGgCSwNTe>b>kJ@2
z-Ii$S*eL@GQ7{ncq7^0@=njL3?E!!;M9NYMSB@j2dR_|fqZY%)6OUrC*EQr+X*hKg
zUQ^63zM>T%q$8QIyS2W)Q_H?_{o;i9zMy+f6_~34Lm!W!*B78Vkte22Pd&4lNNQIA
zjEOKeZ<WBh7nqmqPpQ{bfo%akE&+Yim4GltR8}ozng{S=P)3hIR7A`YK*><lybfot
zF~_?X)eu}CghwAw^MNd{-rDjz2%f%M#L7<sc4wJAfd+`)Vmi8RYXg@>t8N9TUe{7A
z$zN~K1;)0CEwje~XKq9K!9u>Wc(J6&CRsmflSn>M?qadiBiq<#)8D<DS^!<f#k}ZN
z$K0d|n1&y{r~Byc_G&1Nf{h&Fts)~%b_Fhjy)Ii}3FK&^boMT7WL&PfibQ9}0!7sC
zypD+Rp@0GC7}^IgnxX?3b!oqQ&X9&c&`W~HaCN*oT1OmPNBX5h>gsv2V*30J8_p~e
zk1DIpNSl^bG*+Ai{rf2=OsSzOeVA^+W7voN+m|YWJZD2XeW+TrUD<|J<4X4S%yM$y
z)-HH91z}&oeCGXxLy%7o2kLBuip+rTJ!a|=Qa0=YuWxXVO>lLOLk9Goiyaq1l;i|L
zsgMJq3PowSTGUqzT$jg|{#fIGg=J_ZSxst<$N9GmSO~skCkjyA8o=^Y&??mUqydD=
zH~@)an46TrVWulgrZZ4gtU_#M{?b6I1j|6L*|%Ut?|4nUXxn<JjV&`PYgYKZEC>%Z
z$iQc;c3%6{6E6>un;qySxl@I`*BQl(F@39{JD4LC%0U^~sj8Nr#o0YQt<t3Tle3Ia
z?r(ePUo}YsF3)*c`i*l@?jG|p^y}pJ*TS6W(G^)deWJaEXj#qaY>_bgsLw&dP6c7<
zJ59^ZKuWO1r_k6Ag2>)%!F6Wy@m3zN!B*=FI`>bH+0N`ne)9>!Hq3`Y$V*3%XeIq3
z!p4~2Co{N!rr**s1f<a-i3)J!jp-I+6w?~0T@uS;1ER>%{9Hh_c7K0F=cj1I3G-_-
z$q7{*MlwJ=s3zZe_%vCY`D{2a<#sh=D<ywO@uDnMPb4LcNkRuGV%I)lZ{EKl&!7e#
zD6364?m4!c!wX(i>g}&196{L!R%1+e1}yW9l$eDItVN>%>Ht#HuZ5YqTCqe1>O)UZ
zsv$Hr;c5p3Qn2;22FciV^ohjNv5X+;!ZIQDCk4p;#R8Gf%tQXr#!e9FyfgSskadKJ
zEB=ILAkcjyLhhi$CR?i1>3%R<0l-l4Wf0Yag1i!e1rL4NR05*}V2SGj2;{f`x*)jw
zMkvD6EfNU!N)_K!CHx~0E%N?LEJ9?~1W1zGhc~M`5iPIB#a>&RUQY1$8U7C#onS%+
zc=2-HbKjr0B9o=Syb?GP*2R!}Wh9rH+PY#t+;?-DntUg#v5u_E2_SKb-KjH6vvu5h
z_m=%N6@O7H3HK^3w5Zo$^a|NZixMr7el=xrL>42QpAG>fSR0a&tev{-Xl)=;lwm-Q
zx>c(ekk4;1_<tCowjj4G{A<)-FbanvUH%5HNU6w1WNz>DkMDcTeyr{CH_3YS6!ps5
zg&b%U7Q%cdUsTBl{85O;ffUK7{o{YSK%kd_{XWBS$0NlSlCWd|6PxcS%Tff<hrT0#
z`fN+WUEUO2Bl$gDyUJ^A>EjjS^-~E!RO5-aOEQV!!};Yf-v-w;YGE!hl6Z_e84^gC
z#ovb~Q6wh9Fu_}Xzz^Mh@+0{=J^!N{J1!qWE<=fx)_`Io?PCTN%$us1!moU9))Hz7
zy0f<CmY)m<jD<l!6ux(y5hM)KPz1sox{5%3k)88AlM20=j9rz2UjIHAW^Kwjhin8*
zj2_V(4IL!65Z)HJnB<`!P@RmM#AA;0Ddb>`QrU_L0)z*E{sWFUi;ipL_H!cN`*!&k
zSD5e1Me>GjoK!(wnM^#`5Ja^5XJ5B7l1kz*#!{-$C7OWorEX7U$|mAZAkZwnzHy#B
zphqPE!#E46@X#K@ET7{T9PV;QJs24CnEU9PYy0c!>(HJtdeBaRXpA(w6IaHfs1Nur
z{rulp!rz|~U9(Phzg2u;3giCs1IEBTqoWFR+#>vMWl*-#7ZKHs6n+$UmS<Tt=ja<z
zKX?fD*rj63(7Hx@7E!k}5+jo!1=U%sP>(_lc*t~aSR!csYT=b<9-N5<rZD^WP@m9d
zVh)bW+}=-n5(i207`K&G!K~R0IN+ZY;o4D{-|XoPWDaEhKFx9w%LRA(NZ^`FTCYKd
z*_STy)3DLc#(v7WHJl&-=%ay)YqUinBQ|58rSKxa0f{MNIrvylyH0V7+IE9~wwFZT
zkQMbHkB71^kM>=72OQs2_$Rw(wj|d;Rzu~t#~;{`LUrM@2`mo9*GlG=hFq1DM9#+I
ztAi=My87xMVg@Q_5tB8LFt759Y(1QLK$9c>ll$r4k2mAGuQWz9VoFLa29Wrh7ZT{q
z6tJuor9_6D`ed87%?mG6ARei}9s16tZRe^A#KXCGQfxmbtpB|KnR!%V*}7<Vrkeyn
z^f`+<+*oU9x~vliJ;0OXfxf0lk^rqm6)C95$&z0}eYihK&+4rc6U}nkl}Kn);bzJz
zmj{(Gg6Ts%bsO*6Mmh_jm9^Xm@k#7g>m@+WAsVZ3NqR{rPTgALI4rKY=6<|nSp+e-
zW}qxV!xdvQxd!$y#q%4^Ijy1`7W{ebCFm2ew49-j${K;>XZB+*Q0X)nBd5IsD8=q0
zMbcEvIYa_T($>Y0`Oc?T_$tU*U3@mAzn4}@259p?_Xsq3N2p>^VvpWa5xFN{Pv-I|
zrg5cv2V6TGh@w}O7W^i<e=s*!DV_z*4GZ@@l%I)`g&~o1r$;AGj?#Y)9{xuAf`ZBl
zM%StNQvi<Za;kUATUNF&hiEz9;}5g(gw>caT!2sjAUO^hgUeNSEaU|Pad6|vt&ezJ
zO9;(WR{$-~W{&>PRRuJVAuOzLlbgsfma7=b0JQsUK{6vVUCI?-rB&aP?Zi)$*r;$+
zkZ52rEz@1{yU0ckivFg#n;E!Cks~Zf^Nx5YhQL(++A!e#Pn+=>BM^7RS}VmKCm)8o
zx$i{a`F7n7zVIdUrOa8IfYyZGWD>N(AxEK_#cFn~mJipOd5$_e*NbaeuScs+z|GUZ
z&QxI?|L_@f2ZGS~*fxk4P|~%1Nw?RpyG36#p48_<=J=#&TRN=l6E9**L=%UUNBP3Y
zWRT1R%qTPt5;!7a>SRJBj*X<<O~1`=cjwwFZsR4`l@3sxuzrG%k|5)`L1w8r%Q*$b
zKYfOiHq>CSATY?bWMNW5>}^=)H}JIs$UvB9>K_+I+?!-aKpj*+h~acmaLbLSnKBcJ
zF#agc7Mj>#+Uj&Jfvl}l2M%EbgE^+R*PATbprf0>*>aRlLc%3jSzX}-t8TO~;}X%+
zu?;mQz4&~Fa|6y$8L%8v=!J;p44~aO@v~ci!>9m0v(#4Fk=7FcSsG57+Q88`7G<IP
z+chOC1K#x9*m3qATzO^sDH3Oj9%KQPblkFGhEVD#3JVSjV88S+k;V2@F5IiEs`WkC
z>q?r-O$-+Shw2|m!cY>!Pf^QjIMvByT%P1Ce(z9@dkAmp!GRewNqKHw<aY40u{BYH
zk8UfrcJwu;(IIbBd1o~7tmzsU36c?96Dj=~`ApG?^oP7Ox`GX5qYv(<$8v`|!MZ2-
zN5=v)!u^O5;xUoRVl2)yRKwXDL35x-GFl5P)2w8UC0hbS<1`w=oQoo<S6mi(mE$%S
z76<r``p%N{5Pi%I5`okR=z>=9QiY=yZ3%%*fFr>Aax{4sa-=hh+%sNYJqJ4>o7gxT
zH1&et)O#H+BbP6wKD^FiGH#1@kh}QWkQcFj(PZ}0;A&F^#s{`?5ciF4<Kje7g5Zpl
zfZm}`Cz)KR`-~R>2`GCF#w%l#$aiApB4^n(r3m7EwlKPj9c=T`)ZLJ4BUC3HH}eX&
z16-SaUah-+W;w4v>--I!__Mnv?+pGhjfP#{KcctRbvTWFu2=x5vQrR9F7P{smMp-U
zwrUe1vhSTk&LTed5ZNlj#m4;^NUZC3U=Dy0u(V?sCS0e3#t6yp=`e7ZM~7De>`WQK
zkGy$*yn+%2Rd_Cpn^NWCDH_C6A5lwTBEA;wRZ<Lr%s`1r6!nQIP{?xd)Ly-*dQuQ5
zDf_%#a+R0j5IlUV#~ixj9(U!8se=V0IG-Xnp_FV@el;UuGa#zZMb8L}rps?(Fi8g-
zk2p*Q3wo|tTFJG7P9P$tSI{)H1Zok}ArnvcA~JnYwD~Cm_RIgW?cU_%UAfG5;rD7A
z!%eF~iGYSf0lbB>-d#)PAN41%76L?!mMa}Hmw|DF5jj<U_6AZpT>M?Hv}4D5o)$AI
z`uU2j;vFr?;~7iUxvN-}Yv00NPV-_S@tN)VQS@fBtIy=doxgp;&w<O@ElyC-ve*M!
z`X*H%&s}sK05FIi8;eXoY5pAM+U9SXdExiox-Bc}?NoQCvf@-R2tEhUuc)SU_-9gt
zb6i*}j~FIs8_DcROZCYApp-awF04VVYk0kl)UL!)xsr-179mIxpwGN+Rx(Q1#<nSN
zslmh}MoT2`2llzQ1b|!j98c#%g`US~(oqCaJyn5~>^?^H4ZL|vQ~(JG(*E;JRS00g
z(+`7`HQl`hQKXO1?$OCfqcf*=Iujy*0TbvX#VJvXm_0L_Ut$p0^ine3OP#KgWsA`f
z|KZ`r3mH)5@I@4xnRIPNvO4_04g(@9mHljV4Brg6cg4%+y4$5!dzClZ1^ZR<?&|H_
z>-YHl6?KN|ZSm}S$uIX3n>9N9szyG2_>q>UvqX&Jv+f@E*PCxJOzo+(Z8ZmP^oM)H
zhyUHvAt)y(uH5aJRKc~ITXg1>J*oa?HmS;Z+rTgK>ICxJa~{KQ=PlC4@c=fHc1bvl
zJ*@brYcM8iDzO^2p-@(M9dJ^=eSN6{MTxHQq}p7rB>_lso4s(=1O6sltl)S6HJk0u
ze?y;nwP}N4tB%>OiT!;0chhZy`>hdw$ScRMLGQ%1=S|1m^!3R32Xn&ra?s)Tdi2CL
z7r~DtBOAa+cilzBaX5EQk1~;&`ZpxvGd%m@Qae`!AjM6JJhpQA!)4%HviDe?ZV&Hd
zoG;V)%YMV!)&{p{R-3*nkj(b#{M^Kr4MFK#tl$s0k&zT-=oMr!TT$oR0=^~oMbgD$
zpoWPy_^O9;lAH>k<D0l|5rdpG-&IuX<oGZHs9GM{>c$z1Rz`C>QV&=0RA?%2i7y-n
z!Edz@*<FbVr3eENqwU0y?0^YYMATWfrlvn#$z>C`SYyr3)FW)RsNukfDKBpJ$FVGw
zF`Xjr{)+zx6<E3OofPa3ifmp!KHriz>hGh%XWq^D&&tW;_T(EnUSGul;rFHN;*r%G
z|1NdcC~6kG+V^`yf|pOg9wUmuXZOwpOJ>f?$gN87@sTf5OZmAf(C#7CxFgXQT}lR-
zW(V^N2iMDU5cZ79(03jFjt|$ljgPNxq`M^eUH>0S)!X%ow3NR)=8!#w9n6<<DiqH%
zBeG@pS-e$1T)#*%M1H|gB;8wGr6;{!^S7S5eqvWjd2zGnbfvvcfWf?cg~UJH%@LtM
z^p?fd``WCIFCE`6XHR=yhftLXqwV_is<#nOquv@n1!@_^gJdnDvc^?9yVZ7WS<icV
z#7%ssKvnA0DqA+H8=B~29;(&9^zbGm=--Jcc<(@o;sW>jfGQ0KO;Mf7h*rd4s*AF8
z&9g*+tF^1_u2|POA2U86TfDIKP(<{$61?2wui5m6IvJuZ8~xK%^UcFpR;-!Vu08YC
zyGAi7n25)K)rHR`@Qu82Ca!Tc-^qq_`b`HPub*r3C89r7_1|dY_f*d5GA<Dn!vwGQ
zJpJ#>+f~2t{{@X=@^ItSC;$MsIsZ3kg!y04NNewC;`(peXrZ*p^&i^k{q5_KYlbBu
zG?19_NeKGq98?IBR_DwdMN3k|cs#{eXyR^nHz92(svE?du*dnt(dhC_f{TkQEB0tp
zE!04ln2w>ybkw{@br#71E-ac`U%`-V#dSrqRF4i}H2xolyx~WZM#LcmMM-9s>&!(l
z9c}M<)Uzi^AEhnU_3<*n2z9vpWrbNZXchnJ?5}H~Bx@Cz8$}U(J7!C6XmdRIu-jJ#
zfJO@B=wmBHnp_787a9d`<e5QCi2_P%va%+wg(}+JrIU#jQ<vb=%2LvYZF*)zF|ua7
zsU56nXZcG%r%y#veD5$kdJ+U-6^(;IZ2TXd_-FjSFNrVGT~x(XW2y*AU(4nH^u*UP
z2*-^8rFld}XD){~IFtdWc%8%O{AXaAU5}tzQpTc|DE}?i8B4ZK-8}g2R)yUy>k@3L
z+eq@S40-+SCf(OTesJ)-xEVQqn=8F+{M=So?sGK5<y)j;#BeB@dsZMwBA-t_@J?ty
zP`iPRxCspmu09hGEoOb@Nhc&}mQy;mLiI+}!&?1VHrI=o98VuJZsr6vBK6m{v?T_*
zX*ogUw0}y;lJzXsv{Jr`rImJancq!cAQH(3b&%z0hSAplt9<`sA5Me0bb~ZdYA~G7
zviHv@Hl@{^&H*NI<9x^?K(xc;hmk^}m=QumCV1a1!9>}v`1Sc)>~_A-nSMYh#-<+4
z%r^3bfIRr=ij6I2%@Jil!yV~<`#rPkGwYnLLp;+EQwXON7yl3TO+xXyLmV>)mU5ga
z2s#l8w2X*|^noyg|Jo|e_FgF!qhRU(ZRhfsmVUmiYns-G-cSdVI?I9scz?W>VrAVf
z1q)_^G~8Y>P#~ZiT^gVx36Y14sQ{)DPg3cm^#4^Uih&>z#d@Q=&#uH^rZl8JpG|ls
zkT0jEe8}SF-rRf^>)Q6EBhp)^*2&8^i_V9p8AUhGPkAUqT&;?HY*ilDGA4#2ZG6@=
zhUK~=FS4gvp*a!R5M*2cdbcG3X&l46U05fV;8{ACiakGrkdud+qOfTN#>I1n_jIf#
zsLmgSCW-n1K~c52{=FkWd^MkjjsV=w)UOn!Fs@l|Xw%9XG=*N)L|C?>^<pT8rCF-&
zpMDWT-e`r@(u&}lj(Be7YDtzsx^l=mieR$T$#knrqOsRvxNS2z8>pC>dfL96s#fhg
z1|@D^<=NTp!9X4!5h2u5SxkWZ6kHT*Rq|zx2)6r|D89ASqH6D$dxwK8nuzP4i5q~7
zafSjTskwsE)DHTT4QdPdza_f&)u-v<|BdCyO}%qVSv$|r%33~UCzwGX*5z;*Zq~Mq
zB}%fT`?}?aEiv|Bj4>*`4;Oa(3IYfr%isKyIa(vurDDgbd3}9qfae#59sCk46t*5T
zBfc7n<nbU+M6SvR_}DM(ovP-psr?FoiuN~P0c+NPDE_wNKAnPzQ#>ANIYPfgnaGtF
zN_yk$!y<@t7iz4Qur+l^bKoT5(Tj`VN&cb-!+#ho-xaUfRKgTbDqjeVBH+QJ41{dP
z<F#H=ZEk{Md5p`G*SbQP_$q3Je(9qM2ivMSE9PTG%*pA|gW}hDuE>y~I_`}%_fmHi
zmD%!GtS?uw?P4S?_J9T~i90n7VN{VY*3!^+`8g~U4*pTGWy+2Jl;!9gef8;;igG~g
ze`(@VVGh%;ZgbN8+QxW@Hkfwiyku2IlDQIKFgwlxwqH1;u9S=#!?1nk&Kx7U$b6bp
zv1h2i<>WDi^`zlUU|Zg6brt1jP$>>%lo5MoeQn<yM+h38;pCf~pQ#edr=2GhVvA0w
z&$B*JRYz*{K()$#mPibXw8%Wl67wDuxFUy8Yc8V@X3aK{<a#Cb2+7>A!3zD)etiXL
z)?&ZE<Y}a>%^wa#cjqKYGFcPaup!FmH9_>K=P$Gs^k7s4ZTPh_u5HK2lGiW&{T=K>
z7)Y^N#M!>Ec@cd^uAw4JvACG<;J&<DQP!ST9MOUL@N*w^eq%@?-H0$c*1lW;1>5cx
ziC7ly5d@?F7Sw?ZaaWKeAj*~5Z~?*wQiP)w4!<d~PBG;`z|j{7RR5R~XXwbu_8L`&
zUl1-}Y%~HnMD?(sj&Lwx)PN3U|5#!m)TVv{SuX!V2(E!qOhJMc2?l4yif`XPe$j}Q
z1ppNm!P092B#E7)+jTw2_5bdPj-0)r3!^;wc|-Z1ue%YcGT0seBz`s3k^AH%S6bS;
zqrcqF4qBSMr|NKzEkDGOv`5A?xs>?--gpmxLfcONY87CG#`4=(foAPXEs<F(E6VKa
zO-2Nnb0x(3@&Htjr78y6*uK`3z!oG%2KZ;MMyhxced8XE@{0v*25`edhMUA0hzVAI
zqBiSRI{sO@dV!OLoAuf=^81C!e(@Cd$=QJ#ZW0>i_^DV@D*#d{#Mp!iCz479m@N_P
zWnzEGaX9M~U=^)jFu;k4zs)umL-eQb4xqZ&mT;9fgADo)Pu%<;JP|x>`;djD&}jI9
z%|8BU4GF#;e4(5%B^wg`{XP#=*Xg(T^Tgbbe$=>pAgL57W>P&8%^;UIWC4r1f(ozl
ztx0px4s=_6s3{>44j2uCfazbJ7#)5M?HO2$cwgb<y27nRXRTygt*YC10uO(WS)V{X
z>aPzz`JbLR5f0veKF(7wpjsJAiN_Mld+zifp2!i1gew644X(7B^e<2B`A<*e{l^n;
z>CQ=?8{RT-5F`J|Tz!Ojom2S=V%aHcCDa&!L^Sw;)*0GLDI=k@@A&Iq21}ACf(A&I
zQeqm$h8n*p5cryZ=0IB^a0qKVN85#Y`T5Af$ht6|;p#4pIWw0faq29&-TfkcUt(O`
z>it|wzn<KF7zGzoap>@fAs9yM{ECjAiSvI0MKM?vQe9W#^Zf&gu4=CT35tK5W4|St
zVP<Cs=25nF7NS#N#Wi@XFis*&c}etdSi%8FM8c{sJ4upDOyKq(V7+jx#O>`@czs^?
zCH56%Gta8)23ylxY~XsRvvlJ)-#N2d$j!<8`dZ{8mXhyvQNT4<wO&FEa<ARuX5iyq
zRf3ch8aQJK64nHlH)%^lMy$s`${YHCrR%dRa`AAUcbwxEv>gWbVF)U}AWP~=UJw4?
zpvZ7A<>d4o15%(ibSja_G4Vpl!U~DK>`mmX{J(=DaUV#CSGh&jPPQCiJp_s+hv{#(
zSK})0Bu3QylCq6@|7a`M!Y~e{uuMipIuQ1Z@@9<cMs9{a`kI8qjHzdqEh?+x)p>*Q
zp`Gqv0ZmM7>)QiMSGd|E9Haz97T6@9mcGOqOV}fjKpYudsVEENQevy7qJXjNH#%e#
zgv7kpHy`<+qR+UjF$Z<0jz>+>X&B6aG@j>iGq@IZ64^n_^|<>`PQt3Ib-B}4VW>c)
zhUJ=T6m8blTtF#mK)YimNGoEzbs$Ck$XKSa4NB3{VN*)mn6?Q|aaS$+TpR;$#IuS)
z5XrUEjMqPLO6(z&IYQKYo>dcVMs@>YX=G`~D&!)M+gn0i<ov%vj${BgHY%oQb6Bn0
zP^rhl)eF+w41sEh!+FL^7f%Ux4ba2zb6DuQ-VKIO7w8db;=-5WA2?^7=@;y9%iU)~
z0uRBjjt)XC5UO(OTXy|*`Sp_S^UIYeo^uLrKQ22?o>)I91!&vQV+q5xh<Shk#W0`}
ze`L+C<~(S@HH;)0>{B-Zqs-l6+~YlBaKf7eyAU>x)9(ogR^|j~oYX{04cw+EfR>!V
zGNN-lO4L7PbUriOq;AsI;YtZ0Fu<c*r+Ve~P)!^d{+JeQ=isJBoU^7va7aLK2ni64
zk_Oy;w;G>9h7wV(vR3SL@TF^=`Bns&Yu9Pxi&(ILoj7Ub+a%MMgoj{)x|X|SKATpl
z?$)wmojy;?_H0|&`O2{Cdk8UsuT2G{Uw9*8BcfcpPwMN*2jJ#9yUoJ$Uz_zCY4GEP
zagLvz6!u&6vLDbF($qTQ{ZUp(6kujDnhz9M8gT{@!YuSJ;(hP=ZrhF%Kke)kp2^nF
z0XE;n0iCDEB@w5~035Fr6qlp~jG}F;!C*mPkZ#Ywp@ZDsvdj-*Z-<hDFwQqRuZp|2
z&XSP0db^Jka0X<1O6!@kR!lVpD9)E!+<-tq;+TS4S!0SC#T<Zf%j{{hTeL^Tu|tPq
zG}(fKO|i7T(T~KP1q7K-z{$cj(wg+<=b1tzu#Rj81)ca8Cl=z!Ph|rVqXO`*(pqUp
zSdS3q1#r^V685(?Dh=M<tSDL;^rq#+h;tC-%qrFYL2<6&Q4&x|%h4C+4B?5SIB%y2
z`b`rPRpjvb4^AXl+ljfNthvy@c%Eww_&JJ)KN|f%II(da!BZqOFk||^IkA6u|DC&j
zb5rV)(}<Aok(>(}1dLgLAt$-KNE<U7lxnd2jcI4_02Rf{lP1nh_lM<1=FH?rP!|q~
z2n8p>eW_exH(ZQO|IgIB7ec3hw*_TpX~)P=Y$CQgSq7;Ug<0lUq7M1B5^Kn?w#=6i
zUNqe~XoxWxx}-hm0g*W@r05gJHJhS68i_GL4dh+>i}C?a&tZ4lD)o&{dk<m!FfjH~
zS75EuX`!u+=BlvQk~3RR>Qi@rit)_bsCnRswf(S-82QXgup+xxnm0)!M<b&eQs1Gv
zUF~}rk@k!>hawP9>J%2I3DUL%KO&b|73C0OJ+}C&b*&7`Vx%olE8sBCDlgZCj(^j4
zo7v~L+g|tU><{FbFOOf^@gM-xSmgD~Cwfm)kK@?Sx&?qT2P3h_x7Qt-QW55yW0xXX
z>*Ok_0rAPW_+B*?87cfs@>^1jZGC*WCIrC@<|-#XnRxxw=#lwY0)`oQXTms1_U*g!
z26i+~?STS$7AW3u;}D+4j9R)Q&7<6)ib^D8HfnUdL_kdZ6XW?)yWebCT^kY+DQJ4#
zOj6_rBGGIdDrfAg!_Q}gbqE6mW0<akmI0N(b6tsg_+($EZZICxMzqIEJTp~5%}50n
z+_gzp1MfN(i@3UNYwOttkYh}tbUY8Z+|pIi-p4ovl=yecyX)<jah=!B_uVm(lX<Hm
z0hNF<00CQHUlUnCVwjRb6c7oWnXAmy6&4E6_*BKsCsgH7#jj~q@3#38J9bRW$0K*`
z3r?Ev1A&%nf0-`-zN4M8-pzRY6YuSZ)ctyQzvYdy$lpajXD(~sBr!3Yk^pG=*EEqF
zciBxyU}=a_Vg$x%i&tolZGK?0Pkg?c*F^<A9U7jLmh4IfB5QyM#g*ud_*sC`RzEf>
zqXvpvKxCFhMfzlZQOcZHrdA=>6};Yt%IBg;o$>kw3KWT}{C8h1R<QBud$vEPk-}U;
zh!ITM2pDx}&IKiH-JB0W2A)N#5+e!tAJ5?bu8HFS0Z5P<{w%rrq2<G7wzk0vjvzTa
z+c>FoXH`z8LIgnI{T(GZB&!%Qr)F~t4E-9P3&y*sQ<XC8(YQn1-CeoGB+DGWh~m@Z
zFU*OThVR&5KxL#e9}N%S8vy1nxj5XnIrM5PvxnPY?+f1Cd|bPK-#vdsU*LM1J-eRs
z$h}6V4^KX;l1?1HCuiwy6axNQca!V!<s}SKyDn~C%ElS};$HXWdH1vvzVwT4b$ujK
zaPQ<8em-VNs=uC&t2Ex!^AD>&2K)4wNAufxlcMoDfKQ{{><?xMYyNKUkBFK|u7s*9
zloee0n=ouyUnoaXqH8!2Y$(|j3n;$EoVn}-aTh9>ci4lL!D^q`)n{C4*kIhOX0)wm
zJ>C3Xb6?|nufreo%=}%Wck0spqT^}ua^(7jG5Pzv-~Rhz<isu)&YvhP>(5tr)k)Q1
zD0fzeGM<t0J22$)54XF}$r1Tabd?~BFI#?d?LU$1I#Qt9!#^71%W(N}*s!&=#_pKa
zrs)VGv%fq&F|lKZS2!2RmjpF5l%NQ|fGB1$>v*5Tx4=G2K3nu(nf-s&MB^=?KCwUi
z;5hMqD~!l*3ymnHAd496CWhquOff^E&a$+$0%;4+>%he8s&*&uU@t_B21ZS}aI)Wy
z<e(1VpSXzneLVdCt%-35_;?HdzthA*-+yW1$*j+7;jYW}Pqb!PE=FFH&H&FR&>t)B
zA+ZBDb7WXh-6aW)!4Au#E2q!v`SbqwQB-B(IEQ}S>K)|sxc9~{;W{SCFd56J>@n4@
zUX5K__RIdiVx~SbpsEe3mF=5XR#rL$ry31Ee|eG<w4bC@J&&Lz@BoK{K$V9hXX!2!
zMXO^tv}L$E=J=vOw7Yb7*DRXdF1TM2?O$2?sKUG337@Y>cAa{o-AvGyEy3BVL>AGk
zs+Y}M|8b8dpEy=kQ;}rw`pA_uzOfgc)OFt07p2G!|LMrf-CHB!6twrcffp^3(W*HE
zwr?qEK=A?MN03uBx4Iwx|I$PogG)Z>e>Cwe`~Rki$p5K{Ms~KQ7H0G|wDdLx7PfTG
zrvHtK#tHm!MGOeTUVf3}mlMz^YD&d&nOZfiBFJ9h)fk(Nu<H~DU3Cm%pK(y3yWJVD
zrlsa*hL}wA=AQ}7786Ty^M80i^EoTbh1hlqg1k9%<v7%!>VD-E0p1ZYp3mbQS#GHO
zhv+h_P3ewt$mu+RW!ThI|1>}t^bloDa6lEfu{?a-POImnuRsz$=<l?p^3M*ib9dsf
z%!-mbMYFtdpjALuU~|J}{Me}aw~8KB-QUpDC3QN0amHZt=YNf16yiIS`+y&B>#O2V
zR^k@s#hgG$zBY?1RX=6aR=`oz>3jpk5~>%Khql%9Xi)YwM#bsMUBcchJ0ME<MplB%
zv)C*)V=vuAt0&~K3x{PGK34s(3VG*VY>Gv_LHt*#1Gu&L2mt{AV1fQ`rN;f=OYLT1
zZR})XKyPGcW^3VW_wPloR+F*Y<UsDdR73FgGS_Xk_0sI~Z(w+sN0Yf6kj)fEKw#l?
zG!;(JOmxHo`MHIT{Ai@*gp<!BnptILo`u1Lo<UIsDEOLZG*HFrF$e*kbTmRCZRRRE
z;v^J#gc%F2?!Y}pQ~b&y3AWEDFdYDTMUV-Zr>y-0E!3`fl5kCpS(7^!?5-ssG)A^g
zBFT@HoX`6~o~qR(2APT!$rKl^XoP9+AUB~GeBxfJ4wfr*!%1CDlmuCj{3X-vu(!Lj
zlN0ao{aV(Q6dX@x6w1_oUNch8g;^jCQ88a%N#V@+?JL;@^qcGkq7wl!tH8-rVfoYp
z<i-0JXQH55p}h4KEiD8*^`1w($1+=BL?PjXov@jwpeDYi-!PH@d%y02fU1N?_!$K`
z5)Z|V&s*#rYBe9*A->F9D+HL=`jQ$Y@TF(S^Sn*8dpj3)1805$)x16+9WEG@|EQvn
z>T3oS>M0uiC%0sRr<3nmi>s$Qd%OPqefZ1!K164_H|JM>@v@5k3Ae&{HR_S`lT(Mr
z*7UK7Z{6^R8E=<#nIyot6t-J!4Xt$V4{e7##L+q6+CcX!pW7ikeyyol6H_b`wbEOV
zD{v|=#3yY?0)pZ&%}V3w24vD;uSY!_r+IQo4E4j7I=rKwOndG0evg2hS)QMFPo@GB
z8MxXkgo*Fxy=^n=m)q!7ZLUoxsWC5cz3^MRBsA^>G7aeMQ4GS0<U~r4m<q)WPGlpZ
zS8b6c!GwHcttL%^#-|b+gBB`so4B=`o@>vNibot1evb#-HYVsSnyUGe1j-7S9|gOP
z#f*(aR}n#rQLTj1SI_(1$$Lr1?oiH2Uu{2A7*aYre11kd`2F2P7G<$b4A5x%tM--|
zFSo50_Oa}D>(J&fH7~nYuI+Q4s%^X(Y2Zkr)^=R)3XdVU9E8u~mZSY69}3e_47ZxG
ze5XN&0>yyJPBWQEc$qYof-x>zy*cN{C?;+`XcpQ^tU^>hQ<Ol?DPCZA@7n@OF#WtN
z@U4+i2gH&6@qqnKOj$`-hk||3&ktCtUR7Y47s(xROJ8<X=1Xugy1P~+bo?=^!gi{Q
zxDreeQk&-V;n}-+rz!%Q!&Y=^iD?vYcAX$iw`dR7Z`<C)GRMjmksj4rZi$*9#-mUx
zoQlHD4rB*!Xwm54Uk2C8JYUe?!}JMKzCL_ek|v*st0|c%4}CErOz=`;dnR30*gD)G
z-ygSh-I5-)?t8PlGPDW$+O3cV*w5V*wgxO0M53Hux!bW{i4M4F&nrBJylmgk;Zk<!
zm-9otL;5X5yD_9OVk*k^l(1KsoRzy!7){22f)cdKU6c%mD(=X8d#hjEd%P5~!*aKT
zp+zt$_q4S(o37U%6OMz74oM`Xx9+=OSD7mJz2M<)oGi$KviWFj?)sxL#z=2o=p(B0
zZj}Nf;Tv5(@WGWW4!Wnk;bq8Q2&okwVz`ms08-8vx%D(4d`|~wL+U1>?WcEvv&npk
znZg5IW1D8+>$yX$omRj3fHX1G`hFCC_M-aWpE=^N+-#Dp-+y}AzjE+(gJ7PCAOHXZ
z|NOA}pL6j4LzgpiG_W^!u>SWhx25J|h0TflyPIdYhL+2RuqnA2WXKSf)ZEV!q14r5
zuND~ZHfp8Qyr8<U@eJzsD!g#x`P~@1NDSUnk}ifdy(#y1K3a&D8I=gcxfW7JsRw~D
z0#&ALm!p6Znqce~YOes0z&x=2-o-#ng<6HfU>6&JE89?rU6d^PuquDq^3$(lp%vX0
zmF;I2AU`9ckb$N+R8nw?Nc2o-t_wH8_m;{Wz+25(P=1ba)ZC=M90nT}fX)c%52HcD
zBL=|{Q`E^)u+o4@bwnZ#qzX`{evv7QgH#BzYPo2Ny%{--hp`&ODCUEuNdM=)Jwx*k
zO^pVY=oFVU=XyASisJ~8atF7|z0UIwhIUd@|FFyNqrW$14}M}+|DGdCyHdtKJ6Oth
zPwQn^v}42&CbTIDMcbB#6tt)ZB~@vIsbc#Ek)^p6%NkVEKLrf5&~4leGy^OwD|6E|
zdYk`GA6Fg@W!J`KOA?7nlZ++GT9#x@$dY9+me;;zWG8!*CE3N;vJD~`OP0w#LXjnA
zEU!K5SiZ3h2{BpX8`pQeSw3&S=Q@8pf1KZQUH5a&`Q7(@-RB;8e`>F^#6iULc?=+4
z-(t9=63$BlH*V?BZ{u^cCRND0l;1!#>^L_Do8S<5Zkv2NAZi^`4P$=-(5vb#-n_a+
z`k6a~;5yJv;9Gj_yA$=bU~Q(OrgOGBNPMcUl1sCd?=?#UGh5u0KP9;(IpZZ|-8y)@
z*|>-3uhHfR0dhx)!KF0tQW9Okb$<RV>Zm$$@Oduf2bV?j_iJ^&LtP^zYkAouZ;k|;
zcf7IoYqflo{?_pE8E95^T$zhj9mhbj8D}g_S(E9j2;C`-s@*;?GfQ;;#|Vi0FQ|U?
zDPX#2UuFXL*Nem1hJj{ej_$d$R-vMIy+EwGYC(Jm<0M8`Mq`9^kX?%$&8o>IgG?@(
zgh9CcFmzMX`Z@wFwwlxw9>gV)DptPCL-S6dm?{Mz-#E`Rcjso2`TS$YCG<n1o9@8^
znJVrZP~&1g$w;nr+H^eZukL|+Z0h#;V>Q>-d)&*<PpaqSX5dnAxFQ@55$W;%+GHBY
z8rjDDB`9Rn@`n733U+3M*ia#P$MxreQ`cvt3+Xj6C$S#y=7fd1=?<Q_*vl(Dr56;2
z2aI`|KCxh{8Mev3x<hL~wHxa**=uamqaPIo8A{H<lx{2D29x?}XxWH124-!L7vmPw
zK%|64mAx1mtl5v#gLRnt*HJEV!cJki3Jvs~IA#_!yjTdfsb|1f$Zi)?7L=073e#!-
z3U-;=;c3-dwP}ZVFR#zQt2WPM=E(}>060qP&P?!q9)5g|1(<X}1a`4S4<jvrCY1Rz
zh`7eyIc=?0COF;BCu-J-ei@gk#n%VXj`d<N?R1VCE9$aNBoR>u!|1hs^2<BABedr~
z2f5a5WDVqg@{;_J^`eF8oG@%ljVqjS;}gfI;(ykks8=!|U+8n}c8{j4+qs+`s>ISL
zTu;!5lwovWHTTESBv{hNMUAj$*Y`sL{7=1;&w>J=p)Uqi=gh!Adf9SPo-{AV%{ww;
zrFbK@)1GGlJAX||(-i}Q(_U%=))nAaOq4pSx~TCiz=>HU4`+7`ii%D`qZD?T5bO(+
zF&W>u=e@kKm5BHG{Gj3)xawD$8Fo?C2EBM+-(#i3v+Z1{QMZSz1==<YsRz0y`!@}Y
zmDR}{S=pr^x@x<zL%@&sPwe#Fx%u&>kNb{k^Q*fq^b49LeLpSw@iJyq@YXeLrmRGt
z5VV)1(;Wcvt-Y~!0z*BVuXz-N*-L!uBz_5an+Yfyp{oV;o_e4sz8y_jmhgHuy{mF@
z$E!sI_+uKy5{8SOA}rQRN9ey^$(+!d?Mv)DE8-jY(51Y><da)`|B}x`4!ifB+u9*^
zu}Cbge0^M!&fWl&fZ8sR^?4k}0&L|)Ex|E^Px1=_FfCZ3Tl&A_TdmKy)1HEaB>&={
zj&H!pPU`WnAQIM~LMBTSvb@G9v&NzT)s*T}Rgj{ccc>&U6_)3+=SM6H81ZCX5=^?k
z8+~i<J}At6uFd;a#e*iP)F&%pz2ZL2QSHrp>_YjaoL5k&pDU*?kGBSSqQg48UlGEz
zNhrS!W%FAWp066kJEUmYSQ<Bw{45bHE|c?$FQvm~r*o+@Nb(2wI6!;%YW;>M;y+_N
z*JQ+#Ah~2wcZ&!~Oh|mFq!d`GI8Z((C(hPlYx!1<;W|6OR__ywQcve3^S$4yCVT;k
zY9Y4rNgx{P-&O7E$!2l4uylYN)-<1(2D`P}=Yy7^5wha5bmF_GfO2hZnms7TxrePA
zE%YUvY(??#IImltV{)k<J}95vj<U9<#IxVgW&QNxW7E?igE5p)Mp>slyeiRwUZP9K
zvZNlG!G@sanlk4Lzu#T)hE>@&d?8+!jF;`pwmOM0qY@A3TW!RR>G+x-21SGvLxDY{
zUj(V%-JtOJiNZ!1;GDTBMNH}k(MoU>uX7B!YmJ}QNC#+1lujdcQHwe=8~#<Sz{f?c
z`TO+|N&eX9@*|RB3*I_67W}+et89^s<wZ7@yaDZCZt~2Oz&4|tH=%-~NtE^Jz?niI
z(w~0l`eb@ZVWh4D031N=mGgJhPj%EO3loLw)97Dc=&<m*hyw55^(}KB>`bo^%?$iw
zm~`=oshzDn93XB2c5coGt(78Xz?yl)LBuMkNT(F63GNASF(G=A#?qVu6v2kqXdt*0
zaqi~)@Z0?jn+S!reDibAEhu!WdXpO=p1)=D&fMBko3u29_tN=)wg<mw$TKbCI*1{T
ze_sdt;j(}`#MRZp+S%1nz`^;Ey@1Ulhu`6{T5nebv(g31@6TiudL+IHp~E60BN^vP
zU-a8v#xO-X`h@w<b9dQ5=f1^Ci~4!>QmKvc`kB#R!KSW`{qp3tf7V`Vf_^;qy7+@M
zgweP9^*y|Yo3D=#|ArxKP%6VCy)y%|QEn3L6?zxvzx5+4n)6Z3c!=3c$WtkkV#qTd
zJZ{Uib9I#&+JPCH{O)tlcZj_U=iO;miCN!)66l^*rH_x}aeiyPo0~<up5lozbO@ie
zHHf5i0s;4RnQ3`pMH9VLQ~Qd5%a!LwFfUK08?Rv+{bhD}*Ozd6GQ016KSyWqjLS&*
zPGk3Gag&75wKXKxPpmnYZvEE^*6hnJ%KvnMV9nFHddTx4xm?i%&2uyGG)-yl#=Hx#
z%9{;}dbG`UZ<lT^7J%M>hFg^Zu#}23fVgh<c3RV?tXXa_aiMZ0Rp*WzL<5W+FRWZR
z-8xfkSxym;xN8I(E#kBS4%7s`v?M8R9@^r6+F$ZEBqb~mzZgECXYwA5T4|!KvI(fH
zy;?pAl2S7$sR&aTK+V7|r1SU0+fl#QumXrPAv*FL`_hU7-ce1upB3pyQ{N&rUvSfC
zR*_vcQNL6*6O-pCfkAOk2?^Gh3^)~#l|fS%x%uX`wqbC}JXMJ^c&iSoaKYfhVonkj
z#bo{ma%AQF9LNELA_5WgOhqYoNYEQ_=C3%wHM~ukwKj)C-If)#Tl#Q+!5VoaN}AYz
z0w$zGZIqp8;Fc5U9Uam!6KOozoko!;R)NNd@opJ%INd0-+WTujiORt8GM;S5GgR{p
zaya`XKn}>ql`O){Djnq38hKCAQJ0`Y{k%U!D4#ZIPI$;1WK`egLE^GJI*2x<S2j1-
zq2J&XN%zz_e|{5Hp_Dgcm`OXvXsA{^I*{y&mp_|5oT}2;qHpvlJE3;t6&0DvZ02~H
zQ`Fn}z<5`W2UoQWA_u-FCimODWa`TYO{!s$(#@n-ZK5TD#vb+uQ6@jhQy649TdUE1
z(eTUP)h=pR0K=gxAI0pi=t4vz3=34ap5ADRwRJ<sjlBBKnmq0vWuu*mVPcQ<@EPmx
z3jIXufBK(&7e&}B5FjHVu^>v5rs^qDMv{XTYlm;%?zdPwienAej!!;ZO}BqJ_W)!U
zNQm9qj$YM0KKpR?Y`@~}01jNgXCJM<J5F&pE3|)Z9N>e*KE=N$-HtOIj=c8cs{?RK
z9bx)IPU$%3VRzst=ULekIZue-j&mN?(tStb0BFS%Igh&)#|aNB#=Zm}U{dKs!v7QG
y<BW%o`F*81fZD^uj3?>NajwHl_vjCvCvyEsCNxzkDEGfiO?>8wYG|Rp|Mp)WrkyGP

diff --git a/terraform/module/iac-roles/policy.tf b/terraform/module/iac-roles/policy.tf
index e1c8ffd7..bff2a868 100644
--- a/terraform/module/iac-roles/policy.tf
+++ b/terraform/module/iac-roles/policy.tf
@@ -46,9 +46,9 @@ data "aws_iam_policy_document" "ro" {
     sid = "CognitoIdpGlobal"
     actions = [
       "cognito-idp:DescribeUserPoolDomain",
-      "appsync:SetWebACL",
       "wafv2:GetWebACLForResource",
       "wafv2:GetWebAcl",
+      "appsync:GetResolver",
     ]
     resources = [
       "*"
@@ -194,6 +194,9 @@ data "aws_iam_policy_document" "rw" {
       "cognito-identity:SetIdentityPoolRoles",
       "cognito-identity:TagResource",
       "cognito-identity:UntagResource",
+      "appsync:CreateResolver",
+      "appsync:DeleteResolver",
+      "appsync:SetWebACL",
     ]
     resources = [
       "*"
@@ -389,6 +392,9 @@ data "aws_iam_policy_document" "rw_boundary" {
       "appsync:SetWebACL",
       "wafv2:GetWebACLForResource",
       "wafv2:GetWebAcl",
+      "appsync:CreateResolver",
+      "appsync:DeleteResolver",
+      "appsync:GetResolver",
     ]
     resources = [
       "*"
diff --git a/terraform/module/wildsea/cognito.tf b/terraform/module/wildsea/cognito.tf
index bc16d35f..d4166544 100644
--- a/terraform/module/wildsea/cognito.tf
+++ b/terraform/module/wildsea/cognito.tf
@@ -27,7 +27,7 @@ resource "aws_cognito_identity_provider" "idp" {
 resource "aws_cognito_user_pool_client" "cognito" {
   name                                 = var.prefix
   user_pool_id                         = aws_cognito_user_pool.cognito.id
-  generate_secret                      = true
+  generate_secret                      = false
   explicit_auth_flows                  = ["ALLOW_REFRESH_TOKEN_AUTH", "ALLOW_USER_PASSWORD_AUTH", "ALLOW_USER_SRP_AUTH"]
   allowed_oauth_flows_user_pool_client = true
   callback_urls                        = ["https://TODO"]
diff --git a/terraform/module/wildsea/graphql.tf b/terraform/module/wildsea/graphql.tf
index 0ff576bc..cef72559 100644
--- a/terraform/module/wildsea/graphql.tf
+++ b/terraform/module/wildsea/graphql.tf
@@ -226,3 +226,62 @@ resource "aws_iam_role_policy_attachment" "graphql_datasource" {
   role       = aws_iam_role.graphql_datasource.name
   policy_arn = aws_iam_policy.graphql_datasource.arn
 }
+
+locals {
+  mutations = distinct([for d in fileset("${path.module}/../../../graphql/mutation", "**") : dirname(d)])
+  queries   = distinct([for d in fileset("${path.module}/../../../graphql/query", "**") : dirname(d)])
+
+  mutations_map = {
+    for mutation in local.mutations : replace(mutation, "../../../graphql/mutation/", "") => {
+      "type" : "Mutation",
+      "path" : "../../../graphql/mutation/${mutation}/appsync.js",
+      "make" : "graphql/mutation/${mutation}/appsync.js",
+      "source" : "../../../graphql/mutation/${mutation}/appsync.ts"
+    }
+  }
+
+  queries_map = {
+    for query in local.queries : replace(query, "../../../graphql/query/", "") => {
+      "type" : "Query",
+      "path" : "../../../graphql/query/${query}/appsync.js",
+      "make" : "graphql/query/${query}/appsync.js",
+      "source" : "../../../graphql/query/${query}/appsync.ts"
+    }
+  }
+
+  all = merge(local.mutations_map, local.queries_map)
+}
+
+resource "aws_appsync_resolver" "resolver" {
+  for_each = local.all
+
+  api_id      = aws_appsync_graphql_api.graphql.id
+  type        = each.value.type
+  field       = each.key
+  data_source = aws_appsync_datasource.graphql.name
+  code        = data.local_file.graphql_code[each.key].content
+
+  runtime {
+    name            = "APPSYNC_JS"
+    runtime_version = "1.0.0"
+  }
+}
+
+resource "null_resource" "graphql_compile" {
+  for_each = local.all
+
+  provisioner "local-exec" {
+    command = "cd ${path.module}/../../.. && make ${each.value.make}"
+  }
+
+  triggers = {
+    source_change = filesha256(each.value.source)
+    dest_file     = each.value.path
+  }
+}
+
+data "local_file" "graphql_code" {
+  for_each = local.all
+
+  filename = null_resource.graphql_compile[each.key].triggers.dest_file
+}