From 725f483e7e188967051dc6f7f77942690375c44b Mon Sep 17 00:00:00 2001 From: geethkokila Date: Sat, 20 Oct 2018 22:14:22 +0530 Subject: [PATCH] Add the migration to product. I am adding the migration related jar file also here. This is due to make this a complete instructive package. IS migration and device database migrations are run in two different ways. --- .../default/api/_TokenAPI_.xml | 21 +- .../apim-migration.sql | 35 + .../archival.sql | 70 ++ .../cdm-migration.sql | 160 ++++ .../identity-migration/README.txt | 9 + .../dbscripts/step1/identity/db2.sql | 29 + .../5.0.0-SP1/dbscripts/step1/identity/h2.sql | 17 + .../dbscripts/step1/identity/mssql.sql | 12 + .../dbscripts/step1/identity/mysql.sql | 13 + .../dbscripts/step1/identity/mysql5.7.sql | 13 + .../dbscripts/step1/identity/oracle.sql | 15 + .../dbscripts/step1/identity/postgresql.sql | 14 + .../5.1.0/dbscripts/step1/identity/db2.sql | 410 +++++++++ .../5.1.0/dbscripts/step1/identity/h2.sql | 226 +++++ .../5.1.0/dbscripts/step1/identity/mssql.sql | 238 +++++ .../5.1.0/dbscripts/step1/identity/mysql.sql | 271 ++++++ .../dbscripts/step1/identity/mysql5.7.sql | 273 ++++++ .../5.1.0/dbscripts/step1/identity/oracle.sql | 485 +++++++++++ .../dbscripts/step1/identity/postgresql.sql | 236 +++++ .../5.1.0/dbscripts/step1/um/db2.sql | 12 + .../5.1.0/dbscripts/step1/um/h2.sql | 14 + .../5.1.0/dbscripts/step1/um/mssql.sql | 13 + .../5.1.0/dbscripts/step1/um/mysql.sql | 40 + .../5.1.0/dbscripts/step1/um/mysql5.7.sql | 40 + .../5.1.0/dbscripts/step1/um/oracle.sql | 212 +++++ .../5.1.0/dbscripts/step1/um/postgresql.sql | 11 + .../5.2.0/dbscripts/step1/identity/db2.sql | 22 + .../5.2.0/dbscripts/step1/identity/h2.sql | 16 + .../5.2.0/dbscripts/step1/identity/mssql.sql | 16 + .../5.2.0/dbscripts/step1/identity/mysql.sql | 18 + .../dbscripts/step1/identity/mysql5.7.sql | 18 + .../5.2.0/dbscripts/step1/identity/oracle.sql | 25 + .../dbscripts/step1/identity/postgresql.sql | 16 + .../5.2.0/dbscripts/step1/um/db2.sql | 111 +++ .../5.2.0/dbscripts/step1/um/h2.sql | 96 ++ .../5.2.0/dbscripts/step1/um/mssql.sql | 96 ++ .../5.2.0/dbscripts/step1/um/mysql.sql | 96 ++ .../5.2.0/dbscripts/step1/um/mysql5.7.sql | 96 ++ .../5.2.0/dbscripts/step1/um/oracle.sql | 111 +++ .../5.2.0/dbscripts/step1/um/postgresql.sql | 96 ++ .../5.3.0/data/claim-config.xml | 279 ++++++ .../5.3.0/data/resources.xml | 99 +++ .../5.3.0/dbscripts/step1/identity/db2.sql | 181 ++++ .../5.3.0/dbscripts/step1/identity/h2.sql | 94 ++ .../5.3.0/dbscripts/step1/identity/mssql.sql | 103 +++ .../5.3.0/dbscripts/step1/identity/mysql.sql | 119 +++ .../dbscripts/step1/identity/mysql5.7.sql | 119 +++ .../5.3.0/dbscripts/step1/identity/oracle.sql | 200 +++++ .../dbscripts/step1/identity/postgresql.sql | 115 +++ .../5.4.0/data/claim-config.xml | 824 ++++++++++++++++++ .../5.4.0/dbscripts/step1/identity/db2.sql | 17 + .../5.4.0/dbscripts/step1/identity/h2.sql | 14 + .../5.4.0/dbscripts/step1/identity/mssql.sql | 15 + .../5.4.0/dbscripts/step1/identity/mysql.sql | 14 + .../dbscripts/step1/identity/mysql5.7.sql | 14 + .../5.4.0/dbscripts/step1/identity/oracle.sql | 24 + .../dbscripts/step1/identity/postgresql.sql | 14 + .../5.4.0/dbscripts/step1/um/db2.sql | 5 + .../5.4.0/dbscripts/step1/um/h2.sql | 3 + .../5.4.0/dbscripts/step1/um/mssql.sql | 3 + .../5.4.0/dbscripts/step1/um/mysql.sql | 3 + .../5.4.0/dbscripts/step1/um/mysql5.7.sql | 3 + .../5.4.0/dbscripts/step1/um/oracle.sql | 5 + .../5.4.0/dbscripts/step1/um/postgresql.sql | 3 + .../5.4.0/dbscripts/step2/identity/db2.sql | 23 + .../5.4.0/dbscripts/step2/identity/h2.sql | 16 + .../5.4.0/dbscripts/step2/identity/mssql.sql | 28 + .../5.4.0/dbscripts/step2/identity/mysql.sql | 21 + .../dbscripts/step2/identity/mysql5.7.sql | 21 + .../5.4.0/dbscripts/step2/identity/oracle.sql | 62 ++ .../dbscripts/step2/identity/postgresql.sql | 18 + .../5.5.0/dbscripts/step1/consent/db2.sql | 195 +++++ .../5.5.0/dbscripts/step1/consent/h2.sql | 121 +++ .../5.5.0/dbscripts/step1/consent/mssql.sql | 113 +++ .../5.5.0/dbscripts/step1/consent/mysql.sql | 121 +++ .../dbscripts/step1/consent/mysql5.7.sql | 121 +++ .../5.5.0/dbscripts/step1/consent/oracle.sql | 177 ++++ .../dbscripts/step1/consent/oracle_rac.sql | 177 ++++ .../dbscripts/step1/consent/postgresql.sql | 141 +++ .../5.5.0/dbscripts/step1/identity/db2.sql | 159 ++++ .../5.5.0/dbscripts/step1/identity/h2.sql | 76 ++ .../5.5.0/dbscripts/step1/identity/mssql.sql | 86 ++ .../5.5.0/dbscripts/step1/identity/mysql.sql | 79 ++ .../dbscripts/step1/identity/mysql5.7.sql | 77 ++ .../5.5.0/dbscripts/step1/identity/oracle.sql | 174 ++++ .../dbscripts/step1/identity/postgresql.sql | 97 +++ .../5.5.0/dbscripts/step2/identity/db2.sql | 4 + .../5.5.0/dbscripts/step2/identity/h2.sql | 2 + .../5.5.0/dbscripts/step2/identity/mssql.sql | 2 + .../5.5.0/dbscripts/step2/identity/mysql.sql | 2 + .../dbscripts/step2/identity/mysql5.7.sql | 2 + .../5.5.0/dbscripts/step2/identity/oracle.sql | 4 + .../dbscripts/step2/identity/postgresql.sql | 2 + .../migration-resources/migration-config.yaml | 212 +++++ .../org.wso2.carbon.is.migration-5.5.0.jar | Bin 0 -> 204005 bytes .../ios-migration.sql | 43 + 96 files changed, 8367 insertions(+), 1 deletion(-) create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar create mode 100644 modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql diff --git a/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml b/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml index 74a0315b..d4dd08a1 100644 --- a/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml +++ b/modules/distribution/src/core/api-resources/synapse-configs/default/api/_TokenAPI_.xml @@ -2,7 +2,26 @@ - + + + + + + + $1 + refresh_token + + + + + + +
+ + + + + diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql new file mode 100644 index 00000000..85439ba4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/apim-migration.sql @@ -0,0 +1,35 @@ +ALTER TABLE AM_SUBSCRIPTION_KEY_MAPPING MODIFY ACCESS_TOKEN VARCHAR(512); +ALTER TABLE AM_APPLICATION_REGISTRATION MODIFY TOKEN_SCOPE VARCHAR(1500); + +CREATE TABLE IF NOT EXISTS `AM_CERTIFICATE_METADATA` ( + `TENANT_ID` INT(11) NOT NULL, + `ALIAS` VARCHAR(45) NOT NULL, + `END_POINT` VARCHAR(100) NOT NULL, + CONSTRAINT PK_ALIAS PRIMARY KEY (`ALIAS`), + CONSTRAINT END_POINT_CONSTRAINT UNIQUE (`END_POINT`) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_APPLICATION_GROUP_MAPPING ( + APPLICATION_ID INTEGER NOT NULL, + GROUP_ID VARCHAR(512)NOT NULL, + TENANT VARCHAR(255), + PRIMARY KEY (APPLICATION_ID,GROUP_ID,TENANT), + FOREIGN KEY (APPLICATION_ID) REFERENCES AM_APPLICATION(APPLICATION_ID) ON DELETE CASCADE ON UPDATE CASCADE +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_USAGE_UPLOADED_FILES ( + TENANT_DOMAIN varchar(255) NOT NULL, + FILE_NAME varchar(255) NOT NULL, + FILE_TIMESTAMP TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + FILE_PROCESSED tinyint(1) DEFAULT FALSE, + FILE_CONTENT MEDIUMBLOB DEFAULT NULL, + PRIMARY KEY (TENANT_DOMAIN, FILE_NAME, FILE_TIMESTAMP) +) ENGINE=InnoDB; + +CREATE TABLE IF NOT EXISTS AM_API_LC_PUBLISH_EVENTS ( + ID INTEGER(11) NOT NULL AUTO_INCREMENT, + TENANT_DOMAIN VARCHAR(500) NOT NULL, + API_ID VARCHAR(500) NOT NULL, + EVENT_TIME TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +) ENGINE=InnoDB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql new file mode 100644 index 00000000..efc57d71 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/archival.sql @@ -0,0 +1,70 @@ +-- This database has to be created separately. + +CREATE TABLE IF NOT EXISTS DM_OPERATION_ARCH ( + ID INTEGER NOT NULL, + TYPE VARCHAR(20) NOT NULL, + CREATED_TIMESTAMP TIMESTAMP NOT NULL, + RECEIVED_TIMESTAMP TIMESTAMP NULL, + OPERATION_CODE VARCHAR(50) NOT NULL, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (ID) +)ENGINE = InnoDB; + + +CREATE TABLE IF NOT EXISTS DM_ENROLMENT_OP_MAPPING_ARCH ( + ID INTEGER NOT NULL, + ENROLMENT_ID INTEGER NOT NULL, + OPERATION_ID INTEGER NOT NULL, + STATUS VARCHAR(50) NULL, + PUSH_NOTIFICATION_STATUS VARCHAR(50) NULL, + CREATED_TIMESTAMP INTEGER NOT NULL, + UPDATED_TIMESTAMP INTEGER NOT NULL, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (ID) +)ENGINE = InnoDB; + + +CREATE TABLE IF NOT EXISTS DM_DEVICE_OPERATION_RESPONSE_ARCH ( + ID INT(11) NOT NULL, + ENROLMENT_ID INTEGER NOT NULL, + OPERATION_ID INTEGER NOT NULL, + EN_OP_MAP_ID INTEGER NOT NULL, + OPERATION_RESPONSE LONGBLOB DEFAULT NULL, + RECEIVED_TIMESTAMP TIMESTAMP NULL, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (ID) +)ENGINE = InnoDB; + +CREATE TABLE IF NOT EXISTS DM_NOTIFICATION_ARCH ( + NOTIFICATION_ID INTEGER NOT NULL, + DEVICE_ID INTEGER NOT NULL, + OPERATION_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + STATUS VARCHAR(10) NULL, + DESCRIPTION VARCHAR(1000) NULL, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (NOTIFICATION_ID) +)ENGINE = InnoDB; + +CREATE TABLE IF NOT EXISTS DM_COMMAND_OPERATION_ARCH ( + OPERATION_ID INTEGER NOT NULL, + ENABLED BOOLEAN NOT NULL DEFAULT FALSE, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (OPERATION_ID) +)ENGINE = InnoDB; + +CREATE TABLE IF NOT EXISTS DM_CONFIG_OPERATION_ARCH ( + OPERATION_ID INTEGER NOT NULL, + OPERATION_CONFIG BLOB DEFAULT NULL, + ENABLED BOOLEAN NOT NULL DEFAULT FALSE, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (OPERATION_ID) +)ENGINE = InnoDB; + +CREATE TABLE IF NOT EXISTS DM_PROFILE_OPERATION_ARCH ( + OPERATION_ID INTEGER NOT NULL, + ENABLED INTEGER NOT NULL DEFAULT 0, + OPERATION_DETAILS BLOB DEFAULT NULL, + ARCHIVED_AT TIMESTAMP DEFAULT NOW(), + PRIMARY KEY (OPERATION_ID) +)ENGINE = InnoDB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql new file mode 100644 index 00000000..4a0f33ec --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/cdm-migration.sql @@ -0,0 +1,160 @@ +ALTER TABLE DM_OPERATION +ADD COLUMN INITIATED_BY VARCHAR(100) NULL DEFAULT NULL AFTER OPERATION_CODE; + +CREATE INDEX IDX_DEVICE_TYPE_PROVIDER ON DM_DEVICE_TYPE (NAME, PROVIDER_TENANT_ID); +CREATE INDEX IDX_DEVICE_TYPE_DEVICE_NAME ON DM_DEVICE_TYPE(ID, NAME); + + +ALTER TABLE DM_DEVICE_APPLICATION_MAPPING +ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID, +ADD COLUMN APP_PROPERTIES BLOB NULL AFTER TENANT_ID, +ADD COLUMN MEMORY_USAGE INT(11) NULL AFTER APP_PROPERTIES, +ADD COLUMN IS_ACTIVE TINYINT NULL AFTER MEMORY_USAGE; + +SET SQL_SAFE_UPDATES = 0; + +UPDATE DM_DEVICE_APPLICATION_MAPPING dam, + DM_ENROLMENT de, + DM_APPLICATION da +SET + dam.ENROLMENT_ID = de.ID, + dam.MEMORY_USAGE = da.MEMORY_USAGE, + dam.APP_PROPERTIES = da.APP_PROPERTIES, + dam.IS_ACTIVE = da.IS_ACTIVE +WHERE + dam.APPLICATION_ID = da.ID + AND dam.DEVICE_ID = de.DEVICE_ID + AND de.STATUS = 'ACTIVE'; + +SET SQL_SAFE_UPDATES = 1; + + +-- This should run only after the 3.1.0 is shutdown completely. + +ALTER TABLE DM_DEVICE_APPLICATION_MAPPING +CHANGE COLUMN IS_ACTIVE IS_ACTIVE TINYINT(4) NOT NULL , +ADD INDEX FK_DM_APP_MAP_DM_ENROL_idx (ENROLMENT_ID ASC); +ALTER TABLE DM_DEVICE_APPLICATION_MAPPING +ADD CONSTRAINT FK_DM_APP_MAP_DM_ENROL + FOREIGN KEY (ENROLMENT_ID) + REFERENCES DM_ENROLMENT (ID) + ON DELETE NO ACTION + ON UPDATE NO ACTION; + +-- Change the notification -- + +ALTER TABLE DM_NOTIFICATION +DROP FOREIGN KEY fk_dm_operation_notification; +ALTER TABLE DM_NOTIFICATION +CHANGE COLUMN OPERATION_ID OPERATION_ID INT(11) NULL , +ADD COLUMN LAST_UPDATED_TIMESTAMP TIMESTAMP NULL AFTER DESCRIPTION; + + +ALTER TABLE DM_NOTIFICATION +CHANGE COLUMN LAST_UPDATED_TIMESTAMP LAST_UPDATED_TIMESTAMP TIMESTAMP NOT NULL ; + +-- Change the device info --- + +ALTER TABLE DM_DEVICE_INFO +ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID; + +SET SQL_SAFE_UPDATES = 0; + + +UPDATE DM_DEVICE_INFO di, + DM_ENROLMENT de +SET + di.ENROLMENT_ID = de.ID +WHERE + di.DEVICE_ID = de.DEVICE_ID + AND de.STATUS = 'ACTIVE'; + +SET SQL_SAFE_UPDATES = 1; + +-- This should run only after the 3.1.0 is shutdown completely. + +ALTER TABLE DM_DEVICE_INFO +CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL, +ADD INDEX DM_DEVICE_LOCATION_DM_ENROLLMENT_idx (ENROLMENT_ID ASC); +ALTER TABLE DM_DEVICE_INFO +ADD CONSTRAINT DM_DEVICE_LOCATION_DM_ENROLLMENT + FOREIGN KEY (ENROLMENT_ID) + REFERENCES DM_ENROLMENT (ID) + ON DELETE NO ACTION + ON UPDATE NO ACTION; + + +-- Change the device location --- + +ALTER TABLE DM_DEVICE_LOCATION +CHANGE COLUMN STREET1 STREET1 VARCHAR(255) NULL DEFAULT NULL , +CHANGE COLUMN STREET2 STREET2 VARCHAR(255) NULL DEFAULT NULL , +ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID, +ADD COLUMN GEO_HASH VARCHAR(45) NULL AFTER UPDATE_TIMESTAMP, +ADD INDEX DM_DEVICE_LOCATION_GEO_hashx (GEO_HASH ASC); + + +SET SQL_SAFE_UPDATES = 0; + + +UPDATE DM_DEVICE_LOCATION di, + DM_ENROLMENT de +SET + di.ENROLMENT_ID = de.ID +WHERE + di.DEVICE_ID = de.DEVICE_ID + AND de.STATUS = 'ACTIVE'; + +SET SQL_SAFE_UPDATES = 1; + +-- This should run only after the 3.1.0 is shutdown completely. + +ALTER TABLE DM_DEVICE_LOCATION +CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL , +ADD INDEX DM_DEVICE_LOCATION_DM_ENROLLMENT_idx (ENROLMENT_ID ASC); +ALTER TABLE DM_DEVICE_LOCATION +ADD CONSTRAINT FK_DM_DEVICE_LOCATION_DM_ENROLLMENT + FOREIGN KEY (ENROLMENT_ID) + REFERENCES DM_ENROLMENT (ID) + ON DELETE NO ACTION + ON UPDATE NO ACTION; + + +-- Changes to the device details -- + +ALTER TABLE DM_DEVICE_DETAIL +CHANGE COLUMN CONNECTION_TYPE CONNECTION_TYPE VARCHAR(50) NULL DEFAULT NULL , +ADD COLUMN ENROLMENT_ID INT(11) NULL AFTER DEVICE_ID; + + +SET SQL_SAFE_UPDATES = 0; + + +UPDATE DM_DEVICE_DETAIL di, + DM_ENROLMENT de +SET + di.ENROLMENT_ID = de.ID +WHERE + di.DEVICE_ID = de.DEVICE_ID + AND de.STATUS = 'ACTIVE'; + +SET SQL_SAFE_UPDATES = 1; + +-- This should run only after the 3.1.0 is shutdown completely. + +ALTER TABLE DM_DEVICE_DETAIL +CHANGE COLUMN ENROLMENT_ID ENROLMENT_ID INT(11) NOT NULL , +ADD INDEX FK_DM_ENROLMENT_DEVICE_DETAILS_idx (ENROLMENT_ID ASC); +ALTER TABLE DM_DEVICE_DETAIL +ADD CONSTRAINT FK_DM_ENROLMENT_DEVICE_DETAILS + FOREIGN KEY (ENROLMENT_ID) + REFERENCES DM_ENROLMENT (ID) + ON DELETE NO ACTION + ON UPDATE NO ACTION; + +-- TEMP TABLE REQUIRED FOR DATA ARCHIVAL JOB +CREATE TABLE IF NOT EXISTS DM_ARCHIVED_OPERATIONS ( + ID INTEGER NOT NULL, + CREATED_TIMESTAMP TIMESTAMP NOT NULL, + PRIMARY KEY (ID) +)ENGINE = InnoDB; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt new file mode 100644 index 00000000..0dd7b577 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/README.txt @@ -0,0 +1,9 @@ +* Copy the migration-resources folder to the directory. + +* Build this https://github.com/wso2-support/product-is/tree/support-5.5.0/modules/migration/migration-service and + copy the org.wso2.carbon.is.migration-5.5.0.jar to the /dropins directory. + +* Copy and replace the keystores used in the previous version (IoT-3.1.0) to the /repository/resources/security directory. + +* Run the following command + ./iot-server.sh -Dmigrate -Dcomponent=identity diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..85d06993 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/db2.sql @@ -0,0 +1,29 @@ +CREATE TABLE IDN_AUTH_SESSION_STORE ( +SESSION_ID VARCHAR (100) NOT NULL, +SESSION_TYPE VARCHAR(100) NOT NULL, +SESSION_OBJECT BLOB, +TIME_CREATED TIMESTAMP, +PRIMARY KEY (SESSION_ID, SESSION_TYPE) +)/ + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'/ + +BEGIN + DECLARE STMT VARCHAR(200); + FOR v AS cur1 CURSOR FOR + select CONSTNAME from SYSCAT.TABCONST WHERE TABNAME='IDP_PROVISIONING_ENTITY' AND TYPE = 'U' + DO + SET STMT = 'ALTER TABLE IDP_PROVISIONING_ENTITY DROP UNIQUE ' || v.CONSTNAME; + PREPARE S1 FROM STMT; + EXECUTE S1; + END FOR; +END +/ + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_U1 UNIQUE(PROVISIONING_CONFIG_ID, ENTITY_TYPE, ENTITY_VALUE) +/ + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_U2 UNIQUE(ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID) +/ + + diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..a2b5c255 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/h2.sql @@ -0,0 +1,17 @@ +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) DEFAULT NULL, + SESSION_TYPE VARCHAR(100) DEFAULT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED TIMESTAMP, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +); + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'; + +CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$; + +call drop_fk('ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDP_PROVISIONING_ENTITY' AND COLUMN_LIST = 'ENTITY_TYPE,TENANT_ID,ENTITY_LOCAL_USERSTORE,ENTITY_NAME')); + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID); + +DROP ALIAS IF EXISTS DROP_FK; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..1bc0472b --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,12 @@ +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_AUTH_SESSION_STORE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) DEFAULT NULL, + SESSION_TYPE VARCHAR(100) DEFAULT NULL, + SESSION_OBJECT VARBINARY(MAX), + TIME_CREATED DATETIME, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +); + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'; + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT ' + A.CONSTRAINT_NAME + ';' FROM (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_TYPE') A INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='TENANT_ID') B ON A.CONSTRAINT_NAME=B.CONSTRAINT_NAME INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_LOCAL_USERSTORE') C ON B.CONSTRAINT_NAME=C.CONSTRAINT_NAME INNER JOIN (SELECT * from INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE WHERE TABLE_NAME='IDP_PROVISIONING_ENTITY' AND COLUMN_NAME='ENTITY_NAME') D ON C.CONSTRAINT_NAME=D.CONSTRAINT_NAME;EXEC (@COMMAND); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..360a17c0 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,13 @@ +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED TIMESTAMP, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +)ENGINE INNODB; + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'; + +ALTER TABLE IDP_PROVISIONING_ENTITY DROP INDEX ENTITY_TYPE; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE KEY ENTITY_TYPE( ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID ); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..091505f9 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,13 @@ +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) NOT NULL, + SESSION_TYPE VARCHAR(100) NOT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED TIMESTAMP, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +)ENGINE INNODB; + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'; + +ALTER TABLE IDP_PROVISIONING_ENTITY DROP INDEX ENTITY_TYPE; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE KEY ENTITY_TYPE( ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID ); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..621ab0db --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,15 @@ +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR (100) DEFAULT NULL, + SESSION_TYPE VARCHAR(100) DEFAULT NULL, + SESSION_OBJECT BLOB, + TIME_CREATED TIMESTAMP, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +) +/ + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234' +/ +ALTER TABLE IDP_PROVISIONING_ENTITY DROP UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME) +/ +ALTER TABLE IDP_PROVISIONING_ENTITY ADD UNIQUE (ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID) +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..7dcec226 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.0.0-SP1/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,14 @@ +DROP TABLE IF EXISTS IDN_AUTH_SESSION_STORE; +CREATE TABLE IDN_AUTH_SESSION_STORE ( + SESSION_ID VARCHAR(100) DEFAULT NULL, + SESSION_TYPE VARCHAR(100) DEFAULT NULL, + SESSION_OBJECT BYTEA, + TIME_CREATED TIMESTAMP, + PRIMARY KEY (SESSION_ID, SESSION_TYPE) +); + +UPDATE IDP_AUTHENTICATOR SET NAME='samlsso' WHERE NAME = 'saml2sso' AND TENANT_ID = '-1234'; + +ALTER TABLE IDP_PROVISIONING_ENTITY DROP CONSTRAINT IDP_PROVISIONING_ENTITY_ENTITY_TYPE_TENANT_ID_ENTITY_LOCAL__KEY; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD CONSTRAINT IDP_PROVISIONING_ENTITY_ENTITY_TYPE_TENANT_ID_ENTITY_LOCAL__KEY UNIQUE(ENTITY_TYPE, TENANT_ID, ENTITY_LOCAL_USERSTORE, ENTITY_NAME, PROVISIONING_CONFIG_ID); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..149866e8 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/db2.sql @@ -0,0 +1,410 @@ +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH1A_REQUEST_TOKEN' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ + +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH1A_ACCESS_TOKEN' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ + +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_ACCESS_TOKEN' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ + +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_AUTHORIZATION_CODE' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ + +CREATE TABLE IDP_METADATA ( + ID INTEGER NOT NULL, + IDP_ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255), + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) +/ + +CREATE SEQUENCE IDP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDP_METADATA_TRIG NO CASCADE +BEFORE INSERT +ON IDP_METADATA +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDP_METADATA_SEQ); + END +/ + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL' +/ + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL' +/ + +CREATE TABLE SP_METADATA ( + ID INTEGER NOT NULL, + SP_ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE SP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER SP_METADATA_TRIG NO CASCADE +BEFORE INSERT +ON SP_METADATA +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR SP_METADATA_SEQ); + END +/ + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY +/ + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL DEFAULT 0 +/ +CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIGGER NO CASCADE BEFORE INSERT ON IDN_OAUTH_CONSUMER_APPS REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL BEGIN ATOMIC SET (NEW.ID) = (NEXTVAL FOR IDN_OAUTH_CONSUMER_APPS_SEQUENCE); END +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH_CONSUMER_APPS') +/ +UPDATE IDN_OAUTH_CONSUMER_APPS SET ID = IDN_OAUTH_CONSUMER_APPS_SEQUENCE.NEXTVAL +/ + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY) +/ + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER +/ +UPDATE IDN_OAUTH1A_REQUEST_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSTRAINT IDN_OAUTH1A_REQUEST_TOKEN_F1 FOREIGN KEY(CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1 +/ + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER +/ +UPDATE IDN_OAUTH1A_ACCESS_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSTRAINT IDN_OAUTH1A_ACCESS_TOKEN_F1 FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER NOT NULL WITH DEFAULT 0 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255) +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN set CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP UNIQUE CON_APP_KEY +/ + +BEGIN + DECLARE CONTINUE HANDLER FOR SQLSTATE '42704' + BEGIN END; + EXECUTE IMMEDIATE 'DROP INDEX IDX_AT_CK_AU'; +END +/ + +BEGIN + DECLARE CONTINUE HANDLER FOR SQLSTATE '42704' + BEGIN END; + EXECUTE IMMEDIATE 'DROP INDEX IDX_OAUTH_ACCTKN_CONK_UTYPE'; +END +/ + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER NOT NULL WITH DEFAULT -1 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50) NOT NULL WITH DEFAULT 'PRIMARY' +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN') +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN') +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32) NOT NULL WITH DEFAULT 'DEFAULT' +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID SET DATA TYPE VARCHAR (128) +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH2_ACCESS_TOKEN') +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID) +/ +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE) +/ +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50) NOT NULL WITH DEFAULT 'PRIMARY' +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE' +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255) NOT NULL WITH DEFAULT 'DEFAULT' +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY +/ +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ + +CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255) NOT NULL, + TOKEN_SCOPE VARCHAR (60) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)) +/ + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE DROP NOT NULL +/ + +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ) +/ + +BEGIN +DECLARE const_name VARCHAR(128); +DECLARE STMT VARCHAR(200); +select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_ASSOCIATED_ID' AND TYPE = 'U'; +SET STMT = 'ALTER TABLE IDN_ASSOCIATED_ID DROP UNIQUE ' || const_name; +PREPARE S1 FROM STMT; +EXECUTE S1; +END +/ +ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID SET DATA TYPE INTEGER +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_ASSOCIATED_ID') +/ +ALTER TABLE IDN_ASSOCIATED_ID ADD CONSTRAINT IDN_ASSOCIATED_ID_U1 UNIQUE (IDP_USER_ID, TENANT_ID, IDP_ID) +/ +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255) NOT NULL WITH DEFAULT 'PRIMARY' +/ +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE +/ + +DELETE FROM IDN_AUTH_SESSION_STORE +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL WITH DEFAULT 'INVALID' +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED SET DATA TYPE BIGINT +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED SET NOT NULL +/ +ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_AUTH_SESSION_STORE') +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) +/ + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' +/ +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' +/ +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0' +/ + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL' +/ +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL' +/ +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID +/ + +ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY DROP NOT NULL +/ +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255) +/ + +CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)) +/ + + +CREATE TABLE FIDO_DEVICE_STORE ( + TENANT_ID INTEGER NOT NULL, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)) +/ + +CREATE TABLE WF_REQUEST ( + UUID VARCHAR (45) NOT NULL, + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID)) +/ + +CREATE TABLE WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45) NOT NULL, + HOST_URL VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID)) +/ + +CREATE TABLE WF_WORKFLOW( + ID VARCHAR (45) NOT NULL, + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER NOT NULL DEFAULT -1, + PRIMARY KEY (ID)) +/ + +CREATE TABLE WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE) +/ + +CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE TRIGGER WF_WORKFLOW_ASSOCIATION_TRIG NO CASCADE +BEFORE INSERT +ON WF_WORKFLOW_ASSOCIATION +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR WF_WORKFLOW_ASSOCIATION_SEQ); + END +/ + +CREATE TABLE WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45) NOT NULL, + PARAM_NAME VARCHAR (45) NOT NULL, + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45) NOT NULL, + PARAM_HOLDER VARCHAR (45) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE) +/ + +CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45) NOT NULL, + ENTITY_NAME VARCHAR (255) NOT NULL, + ENTITY_TYPE VARCHAR (50) NOT NULL, + TENANT_ID INTEGER NOT NULL DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) +/ + +CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45) NOT NULL, + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE SP_INBOUND_AUTH') +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH1A_REQUEST_TOKEN') +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_OAUTH1A_ACCESS_TOKEN') +/ +CALL SYSPROC.ADMIN_CMD('REORG TABLE IDN_IDENTITY_USER_DATA') +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..3220c2b4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/h2.sql @@ -0,0 +1,226 @@ +CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$; + +call drop_fk('ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH1A_REQUEST_TOKEN' AND COLUMN_LIST = 'CONSUMER_KEY')); +call drop_fk('ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH1A_ACCESS_TOKEN' AND COLUMN_LIST = 'CONSUMER_KEY')); +call drop_fk('ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_ACCESS_TOKEN' AND COLUMN_LIST = 'CONSUMER_KEY')); +call drop_fk('ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_AUTHORIZATION_CODE' AND COLUMN_LIST = 'CONSUMER_KEY')); + +CREATE TABLE IF NOT EXISTS IDP_METADATA ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; + +CREATE TABLE IF NOT EXISTS SP_METADATA ( + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER UNSIGNED NOT NULL AUTO_INCREMENT; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_KEY VARCHAR (255) NOT NULL; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY); + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY; +DROP INDEX IF EXISTS IDX_AT_CK_AU; +DROP INDEX IF EXISTS IDX_OAUTH_ACCTKN_CONK_UTYPE; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY; +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE) +); + +DROP TABLE IF EXISTS IDN_SCIM_PROVIDER; + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE SET NULL; + +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ); +ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID INTEGER; +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255); +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE; + +DELETE FROM IDN_AUTH_SESSION_STORE; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID SET NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE SET NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED SET NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN TIME_CREATED BIGINT; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION); + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID; + +ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY SET NULL; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255); + +CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); + +CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA LONGVARCHAR NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); + +CREATE TABLE IF NOT EXISTS WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) +); + +CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(45), + HOST_URL_WORKER VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) +); + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +); + +DROP ALIAS IF EXISTS DROP_FK; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..d8508d0d --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,238 @@ +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND= 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH1A_REQUEST_TOKEN';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH1A_ACCESS_TOKEN';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_ACCESS_TOKEN';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_AUTHORIZATION_CODE';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH_CONSUMER_APPS');EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH2_ACCESS_TOKEN');EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_OAUTH2_AUTHORIZATION_CODE');EXEC (@COMMAND); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDP_METADATA]') AND TYPE IN (N'U')) + CREATE TABLE IDP_METADATA ( + ID INTEGER IDENTITY, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_METADATA]') AND TYPE IN (N'U')) + CREATE TABLE SP_METADATA ( + ID INTEGER IDENTITY, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL IDENTITY PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_KEY VARCHAR (255) NOT NULL; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY); + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_REQUEST_TOKEN set IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_ACCESS_TOKEN set IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_ACCESS_TOKEN set IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY; +IF EXISTS (SELECT * FROM sys.indexes WHERE name='IDX_AT_CK_AU') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT_CK_AU; end; +IF EXISTS (SELECT * FROM sys.indexes WHERE name='IDX_OAUTH_ACCTKN_CONK_UTYPE') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_OAUTH_ACCTKN_CONK_UTYPE; end; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED DATETIME; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID VARCHAR (128); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select IDN_OAUTH_CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +DROP TABLE IDN_SCIM_PROVIDER; + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE VARCHAR(255) NULL; + +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_ASSOCIATED_ID DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE [type] = 'UQ' AND [parent_object_id] = Object_id('dbo.IDN_ASSOCIATED_ID');EXEC (@COMMAND); +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ); +ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID INTEGER; +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255); +ALTER TABLE IDN_ASSOCIATED_ID ADD UNIQUE(IDP_USER_ID, TENANT_ID, IDP_ID); +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE; + +DELETE FROM IDN_AUTH_SESSION_STORE; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID VARCHAR (100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE VARCHAR(100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE DROP COLUMN TIME_CREATED; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TIME_CREATED BIGINT NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1; +DECLARE @COMMAND NVARCHAR(200);SELECT @COMMAND='ALTER TABLE IDN_AUTH_SESSION_STORE DROP CONSTRAINT ' + NAME + ';' FROM sys.key_constraints WHERE [type] = 'PK' AND [parent_object_id] = Object_id('dbo.IDN_AUTH_SESSION_STORE');EXEC (@COMMAND); +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION); + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID; + +ALTER TABLE SP_INBOUND_AUTH ALTER COLUMN INBOUND_AUTH_KEY VARCHAR (255) NULL; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255); + +CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_USER_ACCOUNT_ASSOCIATION]') AND TYPE IN (N'U')) + CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[FIDO_DEVICE_STORE]') AND TYPE IN (N'U')) + CREATE TABLE FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED DATETIME, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST]') AND TYPE IN (N'U')) + CREATE TABLE WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT DATETIME, + UPDATED_AT DATETIME, + STATUS VARCHAR (30), + REQUEST VARBINARY(MAX), + PRIMARY KEY (UUID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_BPS_PROFILE]') AND TYPE IN (N'U')) + CREATE TABLE WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(45), + HOST_URL_WORKER VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW]') AND TYPE IN (N'U')) + CREATE TABLE WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_ASSOCIATION]') AND TYPE IN (N'U')) + CREATE TABLE WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL IDENTITY , + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_CONFIG_PARAM]') AND TYPE IN (N'U')) + CREATE TABLE WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_REQUEST_ENTITY_RELATIONSHIP]') AND TYPE IN (N'U')) + CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[WF_WORKFLOW_REQUEST_RELATION]') AND TYPE IN (N'U')) + CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT DATETIME, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE + ); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..d1be1314 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,271 @@ +DROP PROCEDURE IF EXISTS drop_index_if_exists; +CREATE PROCEDURE drop_index_if_exists(in theTable varchar(128), in theIndexName varchar(128) ) BEGIN IF((SELECT COUNT(*) AS index_exists FROM information_schema.statistics WHERE TABLE_SCHEMA = DATABASE() and table_name = theTable AND index_name = theIndexName) > 0) THEN SET @s = CONCAT('DROP INDEX ' , theIndexName , ' ON ' , theTable); PREPARE stmt FROM @s; EXECUTE stmt; END IF; END; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_REQUEST_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_ACCESS_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_ACCESS_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_AUTHORIZATION_CODE" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +CREATE TABLE IF NOT EXISTS IDP_METADATA ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +)ENGINE INNODB; + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; + +CREATE TABLE IF NOT EXISTS SP_METADATA ( + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE +)ENGINE INNODB; + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY COLUMN CONSUMER_KEY VARCHAR (255) NOT NULL; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY); + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP INDEX CON_APP_KEY; +CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_AT_CK_AU"); +CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_OAUTH_ACCTKN_CONK_UTYPE"); + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT 0; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY; +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +DROP TABLE IF EXISTS IDN_SCIM_PROVIDER; + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY COLUMN DATA_VALUE VARCHAR(255) NULL; + +ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID VARCHAR(255); +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ); +DELETE FROM IDN_ASSOCIATED_ID WHERE IDP_ID is NULL; +ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID INTEGER NOT NULL; +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255); +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE; + +DELETE FROM IDN_AUTH_SESSION_STORE; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_ID VARCHAR (100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_TYPE VARCHAR(100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN TIME_CREATED BIGINT NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION); + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID; + +ALTER TABLE SP_INBOUND_AUTH MODIFY COLUMN INBOUND_AUTH_KEY VARCHAR (255); + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(45), + HOST_URL_WORKER VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +)ENGINE INNODB; + +DROP PROCEDURE IF EXISTS drop_index_if_exists; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..dea64f6e --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,273 @@ +DROP PROCEDURE IF EXISTS drop_index_if_exists; +CREATE PROCEDURE drop_index_if_exists(in theTable varchar(128), in theIndexName varchar(128) ) BEGIN IF((SELECT COUNT(*) AS index_exists FROM information_schema.statistics WHERE TABLE_SCHEMA = DATABASE() and table_name = theTable AND index_name = theIndexName) > 0) THEN SET @s = CONCAT('DROP INDEX ' , theIndexName , ' ON ' , theTable); PREPARE stmt FROM @s; EXECUTE stmt; END IF; END; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_REQUEST_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH1A_ACCESS_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TIME_CREATED DROP DEFAULT; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_ACCESS_TOKEN" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +where TABLE_SCHEMA = @databasename and TABLE_NAME = "IDN_OAUTH2_AUTHORIZATION_CODE" +and referenced_column_name is not NULL limit 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlst = NULL; + +CREATE TABLE IF NOT EXISTS IDP_METADATA ( + ID INTEGER AUTO_INCREMENT, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE +)ENGINE INNODB; + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; + +CREATE TABLE IF NOT EXISTS SP_METADATA ( + ID INTEGER AUTO_INCREMENT, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE +)ENGINE INNODB; + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY COLUMN CONSUMER_KEY VARCHAR (255) NOT NULL; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY); + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP PRIMARY KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP INDEX CON_APP_KEY; +CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_AT_CK_AU"); +CALL drop_index_if_exists("IDN_OAUTH2_ACCESS_TOKEN", "IDX_OAUTH_ACCTKN_CONK_UTYPE"); + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY COLUMN TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP PRIMARY KEY; +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +DROP TABLE IF EXISTS IDN_SCIM_PROVIDER; + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY COLUMN DATA_VALUE VARCHAR(255) NULL; + +ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID VARCHAR(255); +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ); +DELETE FROM IDN_ASSOCIATED_ID WHERE IDP_ID is NULL; +ALTER TABLE IDN_ASSOCIATED_ID MODIFY COLUMN IDP_ID INTEGER NOT NULL; +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255); +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE; + +DELETE FROM IDN_AUTH_SESSION_STORE; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_ID VARCHAR (100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN SESSION_TYPE VARCHAR(100) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY COLUMN TIME_CREATED BIGINT NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_AUTH_SESSION_STORE DROP PRIMARY KEY; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION); + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID; + +ALTER TABLE SP_INBOUND_AUTH MODIFY COLUMN INBOUND_AUTH_KEY VARCHAR (255); + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BLOB, + PRIMARY KEY (UUID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(45), + HOST_URL_WORKER VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_ASSOCIATION( + ID INTEGER NOT NULL AUTO_INCREMENT, + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +)ENGINE INNODB; + +DROP PROCEDURE IF EXISTS drop_index_if_exists; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..b03630b6 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,485 @@ +declare + con_name varchar2(100); + command varchar2(200); + databasename VARCHAR2(100); +BEGIN + databasename := 'SAMPLE'; + + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH1A_REQUEST_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH1A_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_AUTHORIZATION_CODE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'R'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH_CONSUMER_APPS' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH_CONSUMER_APPS DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Primary key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_ACCESS_TOKEN' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Primary key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_AUTH_SESSION_STORE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_AUTH_SESSION_STORE DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Primary key not found'); + end; + begin + select constraint_name into con_name from all_constraints where table_name='IDN_OAUTH2_AUTHORIZATION_CODE' AND UPPER(owner)=UPPER(databasename) AND constraint_type = 'P'; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Primary key not found'); + end; + + DECLARE + COUNT_INDEXES INTEGER; + BEGIN + SELECT COUNT(*) INTO COUNT_INDEXES + FROM USER_INDEXES + WHERE INDEX_NAME = 'IDX_AT_CK_AU'; + + IF COUNT_INDEXES > 0 THEN + EXECUTE IMMEDIATE 'DROP INDEX IDX_AT_CK_AU'; + END IF; + END; + + DECLARE + COUNT_INDEXES INTEGER; + BEGIN + SELECT COUNT(*) INTO COUNT_INDEXES + FROM USER_INDEXES + WHERE INDEX_NAME = 'IDX_OAUTH_ACCTKN_CONK_UTYPE'; + + IF COUNT_INDEXES > 0 THEN + EXECUTE IMMEDIATE 'DROP INDEX IDX_OAUTH_ACCTKN_CONK_UTYPE'; + END IF; + END; + +END; +/ + +CREATE TABLE IDP_METADATA ( + ID INTEGER, + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDP_METADATA_TRIG +BEFORE INSERT +ON IDP_METADATA +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL' +/ +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL' +/ + +CREATE TABLE SP_METADATA ( + ID INTEGER, + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE SP_METADATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER SP_METADATA_TRIG +BEFORE INSERT +ON SP_METADATA +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT SP_METADATA_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER +/ +CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OAUTH_CONSUMER_APPS_TRIG +BEFORE INSERT +ON IDN_OAUTH_CONSUMER_APPS +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_OAUTH_CONSUMER_APPS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +UPDATE IDN_OAUTH_CONSUMER_APPS SET ID = IDN_OAUTH_CONSUMER_APPS_SEQ.NEXTVAL +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS MODIFY CONSUMER_KEY VARCHAR (255) NOT NULL +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY) +/ + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER +/ +UPDATE IDN_OAUTH1A_REQUEST_TOKEN REQUEST_TOKEN set REQUEST_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = REQUEST_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1 +/ + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER +/ +UPDATE IDN_OAUTH1A_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1 +/ + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255) +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN ACCESS_TOKEN set ACCESS_TOKEN.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = ACCESS_TOKEN.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD NUMBER(19) +/ +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE' NOT NULL +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID) +/ +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE) +/ +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1 +/ + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE' +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255) +/ +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE AUTHORIZATION_CODE set AUTHORIZATION_CODE.CONSUMER_KEY_ID = (select CONSUMER_APPS.ID from IDN_OAUTH_CONSUMER_APPS CONSUMER_APPS where CONSUMER_APPS.CONSUMER_KEY = AUTHORIZATION_CODE.CONSUMER_KEY) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +/ + +CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR2 (255), + TOKEN_SCOPE VARCHAR2 (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)) +/ + +DROP TABLE IDN_SCIM_PROVIDER +/ + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY (DATA_VALUE NULL) +/ + +UPDATE IDN_ASSOCIATED_ID set IDN_ASSOCIATED_ID.IDP_ID = (SELECT IDP.ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ) +/ +ALTER TABLE IDN_ASSOCIATED_ID MODIFY (IDP_ID INTEGER) +/ +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR2(255) +/ +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID) REFERENCES IDP (ID) ON DELETE CASCADE +/ + +DELETE FROM IDN_AUTH_SESSION_STORE +/ +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (SESSION_ID NOT NULL) +/ +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (SESSION_TYPE NOT NULL) +/ +ALTER TABLE IDN_AUTH_SESSION_STORE MODIFY (TIME_CREATED NUMBER(19) NOT NULL) +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1 +/ +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION) +/ + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL +/ +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL +/ +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0' +/ +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL' +/ +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL' +/ + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID +/ + +ALTER TABLE SP_INBOUND_AUTH MODIFY (INBOUND_AUTH_KEY NULL) +/ + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255) +/ + +CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)) +/ +CREATE TABLE FIDO_DEVICE_STORE ( + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(45) NOT NULL, + TIME_REGISTERED TIMESTAMP, + KEY_HANDLE VARCHAR(200) NOT NULL, + DEVICE_DATA VARCHAR(2048) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME, KEY_HANDLE)) +/ + +CREATE TABLE WF_REQUEST ( + UUID VARCHAR2 (45), + CREATED_BY VARCHAR2 (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR2 (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP, + STATUS VARCHAR2 (30), + REQUEST BLOB, + PRIMARY KEY (UUID)) +/ + +CREATE TABLE WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR2(45), + HOST_URL_MANAGER VARCHAR2(45), + HOST_URL_WORKER VARCHAR2(45), + USERNAME VARCHAR2(45), + PASSWORD VARCHAR2(1023), + CALLBACK_HOST VARCHAR2 (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID)) +/ + +CREATE TABLE WF_WORKFLOW( + ID VARCHAR2 (45), + WF_NAME VARCHAR2 (45), + DESCRIPTION VARCHAR2 (255), + TEMPLATE_ID VARCHAR2 (45), + IMPL_ID VARCHAR2 (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID)) +/ + +CREATE TABLE WF_WORKFLOW_ASSOCIATION( + ID INTEGER, + ASSOC_NAME VARCHAR2 (45), + EVENT_ID VARCHAR2(45), + ASSOC_CONDITION VARCHAR2 (2000), + WORKFLOW_ID VARCHAR2 (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE) +/ + +CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER WF_WORKFLOW_ASSOCIATION_TRIG +BEFORE INSERT +ON WF_WORKFLOW_ASSOCIATION +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT WF_WORKFLOW_ASSOCIATION_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR2 (45), + PARAM_NAME VARCHAR2 (45), + PARAM_VALUE VARCHAR2 (1000), + PARAM_QNAME VARCHAR2 (45), + PARAM_HOLDER VARCHAR2 (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE) +/ + +CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR2 (45), + ENTITY_NAME VARCHAR2 (255), + ENTITY_TYPE VARCHAR2 (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) +/ + +CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR2 (45), + WORKFLOW_ID VARCHAR2 (45), + REQUEST_ID VARCHAR2 (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE) +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..226d6cdf --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,236 @@ +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth1a_request_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth1a_request_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth1a_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth1a_access_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_access_token' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_authorization_code DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_authorization_code' AND kcu.column_name = 'consumer_key'; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth_consumer_apps DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth_consumer_apps'; EXECUTE con_name; END $$; + +DROP TABLE IF EXISTS IDP_METADATA; +DROP SEQUENCE IF EXISTS IDP_METADATA_SEQ; +CREATE SEQUENCE IDP_METADATA_SEQ; +CREATE TABLE IDP_METADATA ( + ID INTEGER DEFAULT NEXTVAL('IDP_METADATA_SEQ'), + IDP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT IDP_METADATA_CONSTRAINT UNIQUE (IDP_ID, NAME), + FOREIGN KEY (IDP_ID) REFERENCES IDP(ID) ON DELETE CASCADE); + +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'SessionIdleTimeout', '15', + 'Session Idle Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; +INSERT INTO IDP_METADATA (IDP_ID, NAME, VALUE, DISPLAY_NAME, TENANT_ID) SELECT ID, 'RememberMeTimeout', '20160', 'RememberMe Timeout', -1234 FROM IDP WHERE TENANT_ID = -1234 AND NAME = 'LOCAL'; + +DROP TABLE IF EXISTS SP_METADATA; +DROP SEQUENCE IF EXISTS SP_METADATA_SEQ; +CREATE SEQUENCE SP_METADATA_SEQ; +CREATE TABLE SP_METADATA ( + ID INTEGER DEFAULT NEXTVAL('SP_METADATA_SEQ'), + SP_ID INTEGER, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(255) NOT NULL, + DISPLAY_NAME VARCHAR(255), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID), + CONSTRAINT SP_METADATA_CONSTRAINT UNIQUE (SP_ID, NAME), + FOREIGN KEY (SP_ID) REFERENCES SP_APP(ID) ON DELETE CASCADE); + +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_DOMAIN VARCHAR(50); +DROP SEQUENCE IF EXISTS IDN_OAUTH_CONSUMER_APPS_PK_SEQ; +CREATE SEQUENCE IDN_OAUTH_CONSUMER_APPS_PK_SEQ; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD ID INTEGER DEFAULT NEXTVAL('IDN_OAUTH_CONSUMER_APPS_PK_SEQ'); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PRIMARY KEY (ID); +ALTER TABLE idn_oauth_consumer_apps ALTER COLUMN CONSUMER_KEY TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD CONSTRAINT CONSUMER_KEY_CONSTRAINT UNIQUE (CONSUMER_KEY); + +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_REQUEST_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_REQUEST_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_REQUEST_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +UPDATE IDN_OAUTH1A_ACCESS_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH1A_ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; +ALTER TABLE IDN_OAUTH1A_ACCESS_TOKEN ADD TENANT_ID INTEGER DEFAULT -1; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_access_token DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth2_access_token'; EXECUTE con_name; END $$; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD GRANT_TYPE VARCHAR (50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD SUBJECT_IDENTIFIER VARCHAR(255); +UPDATE IDN_OAUTH2_ACCESS_TOKEN set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_ACCESS_TOKEN.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP CONSTRAINT CON_APP_KEY; +DROP INDEX IF EXISTS IDX_AT_CK_AU; +DROP INDEX IF EXISTS IDX_OAUTH_ACCTKN_CONK_UTYPE; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_TIME_CREATED TIMESTAMP; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_TIME_CREATED = TIME_CREATED; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD REFRESH_TOKEN_VALIDITY_PERIOD BIGINT; +UPDATE IDN_OAUTH2_ACCESS_TOKEN SET REFRESH_TOKEN_VALIDITY_PERIOD = 84600000; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD TOKEN_SCOPE_HASH VARCHAR (32); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID TYPE VARCHAR(128) USING TOKEN_STATE_ID::VARCHAR; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN TOKEN_STATE_ID SET DEFAULT 'NONE'; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD CONSTRAINT CON_APP_KEY UNIQUE (CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,TOKEN_STATE,TOKEN_STATE_ID); +CREATE INDEX IDX_AT_CK_AU ON IDN_OAUTH2_ACCESS_TOKEN(CONSUMER_KEY_ID, AUTHZ_USER, TOKEN_STATE, USER_TYPE); +CREATE INDEX IDX_TC ON IDN_OAUTH2_ACCESS_TOKEN(TIME_CREATED); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_OPENID_ASSOCIATIONS ADD TENANT_ID INTEGER DEFAULT -1; +ALTER TABLE IDN_THRIFT_SESSION ADD TENANT_ID INTEGER DEFAULT -1; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CONSUMER_KEY_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TENANT_ID INTEGER; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD USER_DOMAIN VARCHAR(50); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD STATE VARCHAR (25) DEFAULT 'ACTIVE'; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD TOKEN_ID VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD CODE_ID VARCHAR (255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD SUBJECT_IDENTIFIER VARCHAR(255); +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_authorization_code DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_oauth2_authorization_code'; EXECUTE con_name; END $$; +UPDATE IDN_OAUTH2_AUTHORIZATION_CODE set CONSUMER_KEY_ID = (select ID from IDN_OAUTH_CONSUMER_APPS where IDN_OAUTH_CONSUMER_APPS.CONSUMER_KEY = IDN_OAUTH2_AUTHORIZATION_CODE.CONSUMER_KEY); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE DROP COLUMN CONSUMER_KEY; +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE; + +DROP TABLE IF EXISTS IDN_SCIM_PROVIDER; + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE DROP NOT NULL; + +UPDATE IDN_ASSOCIATED_ID set IDP_ID = (SELECT ID FROM IDP WHERE IDP.NAME = IDN_ASSOCIATED_ID.IDP_ID AND IDP.TENANT_ID = IDN_ASSOCIATED_ID.TENANT_ID ); +ALTER TABLE IDN_ASSOCIATED_ID ALTER COLUMN IDP_ID TYPE INTEGER USING IDP_ID::INTEGER; +ALTER TABLE IDN_ASSOCIATED_ID ADD DOMAIN_NAME VARCHAR(255); +ALTER TABLE IDN_ASSOCIATED_ID ADD FOREIGN KEY (IDP_ID ) REFERENCES IDP (ID) ON DELETE CASCADE; + +DELETE FROM IDN_AUTH_SESSION_STORE; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_ID SET NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE DROP DEFAULT; +ALTER TABLE IDN_AUTH_SESSION_STORE ALTER COLUMN SESSION_TYPE SET NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE DROP COLUMN TIME_CREATED; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD COLUMN TIME_CREATED BIGINT NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD OPERATION VARCHAR(10) NOT NULL; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD TENANT_ID INTEGER DEFAULT -1; +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_auth_session_store DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'PRIMARY KEY' AND tc.table_name = 'idn_auth_session_store'; EXECUTE con_name; END $$; +ALTER TABLE IDN_AUTH_SESSION_STORE ADD PRIMARY KEY (SESSION_ID, SESSION_TYPE, TIME_CREATED, OPERATION); + +ALTER TABLE SP_APP ADD IS_USE_TENANT_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_USE_USER_DOMAIN_SUBJECT CHAR(1) DEFAULT '1' NOT NULL; +ALTER TABLE SP_APP ADD IS_DUMB_MODE CHAR(1) DEFAULT '0'; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'IDPProperties' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME) SELECT -1234, ID, 'passivests' FROM IDP WHERE TENANT_ID=-1234 AND NAME='LOCAL'; + +INSERT INTO IDP_AUTHENTICATOR_PROPERTY (TENANT_ID, AUTHENTICATOR_ID, PROPERTY_KEY,PROPERTY_VALUE, IS_SECRET ) SELECT -1234, IDP_AUTHENTICATOR.ID , 'IdPEntityId', 'localhost', '0' FROM IDP_AUTHENTICATOR,IDP WHERE IDP_AUTHENTICATOR.TENANT_ID = -1234 AND IDP_AUTHENTICATOR.NAME = 'passivests' AND IDP.NAME='LOCAL' AND IDP.ID = IDP_AUTHENTICATOR.IDP_ID; + +ALTER TABLE SP_INBOUND_AUTH ALTER INBOUND_AUTH_KEY DROP NOT NULL; + +ALTER TABLE IDP_PROVISIONING_ENTITY ADD ENTITY_LOCAL_ID VARCHAR(255); + +DROP TABLE IF EXISTS IDN_OAUTH2_ACCESS_TOKEN_SCOPE; +CREATE TABLE IDN_OAUTH2_ACCESS_TOKEN_SCOPE ( + TOKEN_ID VARCHAR (255), + TOKEN_SCOPE VARCHAR (60), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (TOKEN_ID, TOKEN_SCOPE)); + +DROP TABLE IF EXISTS IDN_USER_ACCOUNT_ASSOCIATION; +CREATE TABLE IDN_USER_ACCOUNT_ASSOCIATION ( + ASSOCIATION_KEY VARCHAR(255) NOT NULL, + TENANT_ID INTEGER, + DOMAIN_NAME VARCHAR(255) NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + PRIMARY KEY (TENANT_ID, DOMAIN_NAME, USER_NAME)); + +DROP TABLE IF EXISTS WF_REQUEST; +CREATE TABLE WF_REQUEST ( + UUID VARCHAR (45), + CREATED_BY VARCHAR (255), + TENANT_ID INTEGER DEFAULT -1, + OPERATION_TYPE VARCHAR (50), + CREATED_AT TIMESTAMP, + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + REQUEST BYTEA, + PRIMARY KEY (UUID) +); + +DROP TABLE IF EXISTS WF_BPS_PROFILE; +CREATE TABLE WF_BPS_PROFILE ( + PROFILE_NAME VARCHAR(45), + HOST_URL_MANAGER VARCHAR(45), + HOST_URL_WORKER VARCHAR(45), + USERNAME VARCHAR(45), + PASSWORD VARCHAR(255), + CALLBACK_HOST VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (PROFILE_NAME, TENANT_ID) +); + +DROP TABLE IF EXISTS WF_WORKFLOW; +CREATE TABLE WF_WORKFLOW( + ID VARCHAR (45), + WF_NAME VARCHAR (45), + DESCRIPTION VARCHAR (255), + TEMPLATE_ID VARCHAR (45), + IMPL_ID VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS WF_WORKFLOW_ASSOCIATION; +DROP SEQUENCE IF EXISTS WF_WORKFLOW_ASSOCIATION_PK_SEQ; +CREATE SEQUENCE WF_WORKFLOW_ASSOCIATION_PK_SEQ; +CREATE TABLE WF_WORKFLOW_ASSOCIATION( + ID INTEGER DEFAULT NEXTVAL('WF_WORKFLOW_ASSOCIATION_PK_SEQ'), + ASSOC_NAME VARCHAR (45), + EVENT_ID VARCHAR(45), + ASSOC_CONDITION VARCHAR (2000), + WORKFLOW_ID VARCHAR (45), + IS_ENABLED CHAR (1) DEFAULT '1', + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +); + +DROP TABLE IF EXISTS WF_WORKFLOW_CONFIG_PARAM; +CREATE TABLE WF_WORKFLOW_CONFIG_PARAM( + WORKFLOW_ID VARCHAR (45), + PARAM_NAME VARCHAR (45), + PARAM_VALUE VARCHAR (1000), + PARAM_QNAME VARCHAR (45), + PARAM_HOLDER VARCHAR (45), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (WORKFLOW_ID, PARAM_NAME, PARAM_QNAME, PARAM_HOLDER), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE +); + +DROP TABLE IF EXISTS WF_REQUEST_ENTITY_RELATIONSHIP; +CREATE TABLE WF_REQUEST_ENTITY_RELATIONSHIP( + REQUEST_ID VARCHAR (45), + ENTITY_NAME VARCHAR (255), + ENTITY_TYPE VARCHAR (50), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY(REQUEST_ID, ENTITY_NAME, ENTITY_TYPE, TENANT_ID), + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +); + +DROP TABLE IF EXISTS WF_WORKFLOW_REQUEST_RELATION; +CREATE TABLE WF_WORKFLOW_REQUEST_RELATION( + RELATIONSHIP_ID VARCHAR (45), + WORKFLOW_ID VARCHAR (45), + REQUEST_ID VARCHAR (45), + UPDATED_AT TIMESTAMP, + STATUS VARCHAR (30), + TENANT_ID INTEGER DEFAULT -1, + PRIMARY KEY (RELATIONSHIP_ID), + FOREIGN KEY (WORKFLOW_ID) REFERENCES WF_WORKFLOW(ID)ON DELETE CASCADE, + FOREIGN KEY (REQUEST_ID) REFERENCES WF_REQUEST(UUID)ON DELETE CASCADE +); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql new file mode 100644 index 00000000..931f3dd9 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/db2.sql @@ -0,0 +1,12 @@ +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='UM_HYBRID_USER_ROLE' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ + +ALTER TABLE UM_HYBRID_USER_ROLE ADD CONSTRAINT UM_HYBRID_USER_ROLE_F1 FOREIGN KEY(UM_ROLE_ID,UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql new file mode 100644 index 00000000..ebd74a8d --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/h2.sql @@ -0,0 +1,14 @@ +CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$; + +call drop_fk('ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_ROLE_PERMISSION' AND COLUMN_LIST = 'UM_PERMISSION_ID,UM_TENANT_ID')); +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +call drop_fk('ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_USER_PERMISSION' AND COLUMN_LIST = 'UM_PERMISSION_ID,UM_TENANT_ID')); +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +call drop_fk('ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'UM_HYBRID_USER_ROLE' AND COLUMN_LIST = 'UM_ROLE_ID,UM_TENANT_ID')); +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234; + +DROP ALIAS IF EXISTS DROP_FK; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql new file mode 100644 index 00000000..dcedbe09 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mssql.sql @@ -0,0 +1,13 @@ +DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_ROLE_PERMISSION' AND KP.TABLE_NAME='UM_PERMISSION';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_USER_PERMISSION' AND KP.TABLE_NAME='UM_PERMISSION';EXEC (@COMMAND); + +DECLARE @COMMAND NVARCHAR(200);SELECT TOP 1 @COMMAND= 'ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'UM_HYBRID_USER_ROLE' AND KP.TABLE_NAME='UM_HYBRID_ROLE';EXEC (@COMMAND); + +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql new file mode 100644 index 00000000..abc22b69 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql.sql @@ -0,0 +1,40 @@ +SELECT CONCAT("ALTER TABLE UM_ROLE_PERMISSION DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_ROLE_PERMISSION" +AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +SELECT CONCAT("ALTER TABLE UM_USER_PERMISSION DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_USER_PERMISSION" +AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +SELECT CONCAT("ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_HYBRID_USER_ROLE" +AND REFERENCED_TABLE_NAME="UM_HYBRID_ROLE" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql new file mode 100644 index 00000000..abc22b69 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/mysql5.7.sql @@ -0,0 +1,40 @@ +SELECT CONCAT("ALTER TABLE UM_ROLE_PERMISSION DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_ROLE_PERMISSION" +AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +SELECT CONCAT("ALTER TABLE UM_USER_PERMISSION DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_USER_PERMISSION" +AND REFERENCED_TABLE_NAME="UM_PERMISSION" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +SELECT CONCAT("ALTER TABLE UM_HYBRID_USER_ROLE DROP FOREIGN KEY ",constraint_name) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = @databasename AND TABLE_NAME = "UM_HYBRID_USER_ROLE" +AND REFERENCED_TABLE_NAME="UM_HYBRID_ROLE" LIMIT 1; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql new file mode 100644 index 00000000..f1601bee --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/oracle.sql @@ -0,0 +1,212 @@ +declare + con_name varchar2(100); + command varchar2(200); + databasename VARCHAR2(100); +BEGIN + databasename := 'SAMPLE'; + + begin + select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_ROLE_PERMISSION' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_PERMISSION' AND ROWNUM<2; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE UM_ROLE_PERMISSION DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + + begin + select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_USER_PERMISSION' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_PERMISSION' AND ROWNUM<2; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE UM_USER_PERMISSION DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + + begin + select a.constraint_name into con_name FROM all_cons_columns a JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name WHERE c.constraint_type = 'R' AND a.table_name = 'UM_HYBRID_USER_ROLE' AND UPPER(a.OWNER)=UPPER(databasename) AND c_pk.table_name='UM_HYBRID_ROLE' AND ROWNUM<2; + + if TRIM(con_name) is not null + then + command := 'ALTER TABLE UM_HYBRID_USER_ROLE DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + execute immediate command; + end if; + + exception + when NO_DATA_FOUND + then + dbms_output.Put_line('Foreign key not found'); + end; + +END; +/ + +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE +/ +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE +/ +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE +/ + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234 +/ + +DELETE FROM UM_CLAIM +WHERE UM_CLAIM_URI = 'http://wso2.org/claims/passwordTimestamp' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID + FROM UM_DIALECT + WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234), + 'http://wso2.org/claims/username', 'Username', 'Username', 'uid', -1234, 1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) + SELECT + DIALECT.UM_ID, + 'http://wso2.org/username', + 'Username', + 'Username', + 'uid', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT + JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID + WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID + FROM UM_DIALECT + WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234), + 'http://wso2.org/claims/identity/failedLoginAttempts', 'Failed Login Attempts', 'Failed Login Attempts', + 'failedLoginAttempts', -1234, 1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) + SELECT + DIALECT.UM_ID, + 'http://wso2.org/claims/identity/failedLoginAttempts', + 'Failed Login Attempts', + 'Failed Login Attempts', + 'failedLoginAttempts', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT + JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID + WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID + FROM UM_DIALECT + WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234), + 'http://wso2.org/claims/identity/unlockTime', 'Unlock Time', 'Unlock Time', 'unlockTime', -1234, 1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) + SELECT + DIALECT.UM_ID, + 'http://wso2.org/claims/identity/unlockTime', + 'Unlock Time', + 'Unlock Time', + 'unlockTime', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT + JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID + WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID + FROM UM_DIALECT + WHERE UM_DIALECT_URI = 'http://wso2.org/claims' AND UM_TENANT_ID = -1234), + 'http://wso2.org/claims/displayName', 'Display Name', 'Display Name', 'displayName', -1234, 1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) + SELECT + DIALECT.UM_ID, + 'http://wso2.org/claims/displayName', + 'Display Name', + 'Display Name', + 'displayName', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT + JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID = TENANT.UM_ID + WHERE DIALECT.UM_DIALECT_URI = 'http://wso2.org/claims' +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql new file mode 100644 index 00000000..cf79e756 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.1.0/dbscripts/step1/um/postgresql.sql @@ -0,0 +1,11 @@ +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_role_permission DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_role_permission' AND ccu.table_name='um_permission' LIMIT 1; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_user_permission DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_user_permission' AND ccu.table_name='um_permission' LIMIT 1; EXECUTE con_name; END $$; + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE um_hybrid_user_role DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'um_hybrid_user_role' AND ccu.table_name='um_hybrid_role' LIMIT 1; EXECUTE con_name; END $$; + +ALTER TABLE UM_ROLE_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; +ALTER TABLE UM_USER_PERMISSION ADD FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; +ALTER TABLE UM_HYBRID_USER_ROLE ADD FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE; + +update UM_PERMISSION set UM_RESOURCE_ID = REPLACE(UM_RESOURCE_ID, '-at-', '-AT-') where UM_TENANT_ID <> -1234; \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..1e146cc3 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/db2.sql @@ -0,0 +1,22 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0' +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0' +/ + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128) +/ + +ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_MANAGER VARCHAR2(255) +/ +ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_WORKER VARCHAR2(255) +/ + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0 +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..dfac7879 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/h2.sql @@ -0,0 +1,16 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0'; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128); + +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER VARCHAR(255); +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER VARCHAR(255); + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..c06f8ff4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,16 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0'; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128); + +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER VARCHAR(255); +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER VARCHAR(255); + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..6a99f2c4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,18 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS + ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0', + ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE + ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255), + ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128); + +ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_MANAGER VARCHAR(255); +ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_WORKER VARCHAR(255); + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..6a99f2c4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,18 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS + ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0', + ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE + ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255), + ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128); + +ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_MANAGER VARCHAR(255); +ALTER TABLE WF_BPS_PROFILE MODIFY COLUMN HOST_URL_WORKER VARCHAR(255); + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..e5939286 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,25 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_MANDATORY CHAR(1) DEFAULT '0' +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0' +/ + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE VARCHAR(255) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD PKCE_CODE_CHALLENGE_METHOD VARCHAR(128) +/ + +ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_MANAGER VARCHAR2(255) +/ +ALTER TABLE WF_BPS_PROFILE MODIFY HOST_URL_WORKER VARCHAR2(255) +/ +ALTER TABLE WF_BPS_PROFILE MODIFY PASSWORD VARCHAR2(1023) +/ + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0 +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..d0979ba6 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,16 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_MANDATORY CHAR(1) DEFAULT '0'; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN PKCE_SUPPORT_PLAIN CHAR(1) DEFAULT '0'; + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE VARCHAR(255); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ADD COLUMN PKCE_CODE_CHALLENGE_METHOD VARCHAR(128); + +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_MANAGER TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR; +ALTER TABLE WF_BPS_PROFILE ALTER COLUMN HOST_URL_WORKER TYPE VARCHAR(255) USING CONSUMER_KEY::VARCHAR; + +INSERT INTO IDP_AUTHENTICATOR (TENANT_ID, IDP_ID, NAME, IS_ENABLED) + SELECT TENANT_ID, IDP_ID, 'openidconnect', 0 + FROM IDP_AUTHENTICATOR + WHERE IDP_ID + IN (SELECT ID FROM IDP WHERE NAME = 'LOCAL') + GROUP BY TENANT_ID, IDP_ID + HAVING SUM(CASE NAME WHEN 'openidconnect' THEN 1 ELSE 0 END)=0; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql new file mode 100644 index 00000000..7db6c00a --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/db2.sql @@ -0,0 +1,111 @@ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + +CREATE INDEX REG_LOG_IND_BY_P1 + ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID)/ + +CREATE INDEX REG_RESOURCE_IND_3 + ON REG_RESOURCE(REG_UUID)/ + +CREATE INDEX REG_RESOURCE_IND_4 + ON REG_RESOURCE(REG_TENANT_ID, REG_UUID)/ + +CREATE INDEX REG_RESOURCE_IND_5 + ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE)/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql new file mode 100644 index 00000000..1717f504 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/h2.sql @@ -0,0 +1,96 @@ +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); +CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql new file mode 100644 index 00000000..e4ea9ce1 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mssql.sql @@ -0,0 +1,96 @@ +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); +CREATE INDEX REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql new file mode 100644 index 00000000..be9e89d2 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql.sql @@ -0,0 +1,96 @@ +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); +CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql new file mode 100644 index 00000000..53cf7c78 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/mysql5.7.sql @@ -0,0 +1,96 @@ +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME USING HASH ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); +CREATE INDEX REG_RESOURCE_IND_BY_UUID USING HASH ON REG_RESOURCE(REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TENANT USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TYPE USING HASH ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql new file mode 100644 index 00000000..2399d0c7 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/oracle.sql @@ -0,0 +1,111 @@ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1) +/ + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims' +/ + +CREATE INDEX REG_LOG_IND_BY_REGLOG ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID) +/ +CREATE INDEX REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID) +/ +CREATE INDEX REG_RESOURCE_IND_BY_TENAN ON REG_RESOURCE(REG_TENANT_ID, REG_UUID) +/ +CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE) +/ + +UPDATE UM_CLAIM SET UM_CLAIM_URI = 'urn:scim:schemas:core:1.0:locale' WHERE UM_CLAIM_URI = 'urn:scim:schemas:core:1.0:local' +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql new file mode 100644 index 00000000..1b985e8c --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.2.0/dbscripts/step1/um/postgresql.sql @@ -0,0 +1,96 @@ +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastLoginTime','Last Login Time','Last Login Time','carLicense',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastLoginTime', + 'Last Login Time', + 'Last Login Time', + 'carLicense', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY, + UM_SUPPORTED, + UM_REQUIRED, + UM_DISPLAY_ORDER, + UM_CHECKED_ATTRIBUTE) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/lastPasswordUpdateTime','Last Password Update','Last Password Update','businessCategory',-1234,1,0,0,7,0); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/lastPasswordUpdateTime', + 'Last Password Update', + 'Last Password Update', + 'businessCategory', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT as DIALECT JOIN UM_TENANT as TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +VALUES ((SELECT UM_ID FROM UM_DIALECT WHERE UM_DIALECT_URI='http://wso2.org/claims' AND UM_TENANT_ID=-1234), +'http://wso2.org/claims/identity/accountDisabled','Account Disabled','Account Disabled','ref',-1234,1); + +INSERT INTO UM_CLAIM ( + UM_DIALECT_ID, + UM_CLAIM_URI, + UM_DISPLAY_TAG, + UM_DESCRIPTION, + UM_MAPPED_ATTRIBUTE, + UM_TENANT_ID, + UM_READ_ONLY) +SELECT DIALECT.UM_ID, + 'http://wso2.org/claims/identity/accountDisabled', + 'Account Disabled', + 'Account Disabled', + 'ref', + DIALECT.UM_TENANT_ID, + 1 + FROM UM_DIALECT DIALECT JOIN UM_TENANT TENANT ON DIALECT.UM_TENANT_ID=TENANT.UM_ID WHERE DIALECT.UM_DIALECT_URI='http://wso2.org/claims'; + +CREATE INDEX REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID); +CREATE INDEX REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID); +CREATE INDEX REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml new file mode 100644 index 00000000..7b4e5dd8 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/claim-config.xml @@ -0,0 +1,279 @@ + + + + + + http://wso2.org/claims/userid + User ID + scimId + Unique ID of the user + + + + http://wso2.org/claims/externalid + External User ID + externalId + Unique ID of the user used in external systems + + + + http://wso2.org/claims/created + Created Time + createdDate + Created timestamp of the user + + + + http://wso2.org/claims/modified + Last Modified Time + lastModifiedDate + Last Modified timestamp of the user + + + + http://wso2.org/claims/location + Location + location + Location + + + + http://wso2.org/claims/formattedName + Name - Formatted Name + formattedName + Formatted Name + + + http://wso2.org/claims/middleName + Middle Name + middleName + Middle Name + + + http://wso2.org/claims/honorificPrefix + Name - Honoric Prefix + honoricPrefix + Honoric Prefix + + + http://wso2.org/claims/honorificSuffix + Name - Honoric Suffix + honoricSuffix + Honoric Suffix + + + http://wso2.org/claims/userType + User Type + userType + User Type + + + http://wso2.org/claims/preferredLanguage + Preferred Language + preferredLanguage + Preferred Language + + + http://wso2.org/claims/local + Local + local + Local + + + http://wso2.org/claims/timeZone + Time Zone + timeZone + Time Zone + + + + http://wso2.org/claims/emails.work + Emails - Work Email + workEmail + Work Email + + + http://wso2.org/claims/emails.home + Emails - Home Email + homeEmail + Home Email + + + http://wso2.org/claims/emails.other + Emails - Other Email + otherEmail + Other Email + + + http://wso2.org/claims/phoneNumbers + Phone Numbers + phoneNumbers + Phone Numbers + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + + + http://wso2.org/claims/phoneNumbers.home + Phone Numbers - Home Phone Number + homePhone + Home Phone + + + http://wso2.org/claims/phoneNumbers.work + Phone Numbers - Work Phone Number + workPhone + Work Phone + + + http://wso2.org/claims/phoneNumbers.fax + Phone Numbers - Fax Number + fax + Fax Number + + + http://wso2.org/claims/phoneNumbers.pager + Phone Numbers - Pager Number + pager + Pager Number + + + http://wso2.org/claims/phoneNumbers.other + Phone Numbers - Other + otherPhoneNumber + Other Phone Number + + + http://wso2.org/claims/gtalk + IM - Gtalk + imGtalk + IM - Gtalk + + + http://wso2.org/claims/skype + IM - Skype + imSkype + IM - Skype + + + http://wso2.org/claims/photos + Photo + photos + Photo + + + http://wso2.org/claims/photourl + Photo URIL + photoUrl + Photo URL + + + http://wso2.org/claims/thumbnail + Photo - Thumbnail + thumbnail + Photo - Thumbnail + + + http://wso2.org/claims/addresses + Address + addresses + Address + + + http://wso2.org/claims/addresses.formatted + Address - Formatted + formattedAddress + Address - Formatted + + + http://wso2.org/claims/addresses.locality + Address - Locality + localityAddress + Address - Locality + + + http://wso2.org/claims/groups + Groups + groups + Groups + + + http://wso2.org/claims/identity/verifyEmail + Verify Email + manager + Temporary claim to invoke email verified feature + + + http://wso2.org/claims/identity/askPassword + Ask Password + postOfficeBox + Temporary claim to invoke email ask Password feature + + + http://wso2.org/claims/identity/adminForcedPasswordReset + Force Password Reset + departmentNumber + Temporary claim to invoke email force password feature + + + http://wso2.org/claims/entitlements + Entitlements + entitlements + Entitlements + + + http://wso2.org/claims/x509Certificates + X509Certificates + x509Certificates + X509Certificates + + + http://wso2.org/claims/identity/failedPasswordRecoveryAttempts + Failed Password Recovery Attempts + postalCode + Number of consecutive failed attempts done for password recovery + + + http://wso2.org/claims/identity/emailVerified + Email Verified + + postalAddress + Email Verified + + + http://wso2.org/claims/identity/failedLoginLockoutCount + Failed Lockout Count + + employeeNumber + Failed Lockout Count + + + http://wso2.org/claims/identity/lastLogonTime + Last Logon + + carLicense + Last Logon Time + + + http://wso2.org/claims/active + Active + active + Status of the account + + + + diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml new file mode 100644 index 00000000..e985d06c --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/data/resources.xml @@ -0,0 +1,99 @@ + + + + /permission/admin/manage/identity + + + /permission/admin/manage/identity/keystoremgt/view + /permission/admin/manage/identity/securitymgt + /permission/admin/manage/identity/rolemgt/view + + + /permission/admin/manage/identity/usermgt/create + /permission/admin/manage/identity/identitymgt/delete + + + /permission/admin/manage/identity/usermgt/update + /permission/admin/manage/identity/usermgt/delete + /permission/admin/manage/identity/usermgt/view + /permission/admin/manage/identity/usermgt/list + /permission/admin/manage/identity/identitymgt/update + + + /permission/admin/manage/identity/usermgt + + + /permission/admin/manage/identity/userprofile + /permission/admin/manage/identity/usermgt/list + + + /permission/admin/manage/identity/entitlement/pap/subscriber/create + /permission/admin/manage/identity/entitlement/pap/subscriber/delete + /permission/admin/manage/identity/entitlement/pap/subscriber/create + /permission/admin/manage/identity/entitlement/pap/subscriber/view + /permission/admin/manage/identity/entitlement/pap/subscriber/list + /permission/admin/manage/identity/entitlement/pap/policy/publish + /permission/admin/manage/identity/entitlement/pap/subscriber/update + + + /permission/admin/manage/identity/entitlement/pap/policy/demote + + + /permission/admin/manage/identity/entitlement/pap/policy/enable + + + /permission/admin/manage/identity/entitlement/pap/policy/view + /permission/admin/manage/identity/entitlement/pap/policy/list + /permission/admin/manage/identity/entitlement/pdp/view + + + /permission/admin/manage/identity/entitlement/pap/policy/create + /permission/admin/manage/identity/entitlement/pap/policy/update + + + /permission/admin/manage/identity/entitlement/pap/policy/order + + + /permission/admin/manage/identity/entitlement/pap/policy/delete + + + /permission/admin/manage/identity/entitlement/pap/policy/rollback + + + /permission/admin/manage/identity/entitlement/pap/policy/update + + + /permission/admin/manage/identity/userstore/count/view + + + /permission/admin/manage/identity/rolemgt/view + + + /permission/admin/manage/identity/entitlement/pdp/manage + + + /permission/admin/manage/identity/entitlement/pdp/test + + + /permission/admin/manage/identity/entitlement/pdp/view + + + /permission/admin/manage/identity/applicationmgt + + \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..cee1c290 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/db2.sql @@ -0,0 +1,181 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR (25) DEFAULT 'ACTIVE' +/ +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN) +/ +ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0' +/ +ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL +/ +ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0' +/ +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0' +/ +ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0' +/ + +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL), + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), +UNIQUE(CODE) + / + +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH) +) + / + +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / + +CREATE TRIGGER IDN_PASSWORD_HISTORY_DATA NO CASCADE +BEFORE INSERT +ON IDN_PASSWORD_HISTORY_DATA +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_PASSWORD_HISTORY_DATA_SEQ); + END + / + +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID)) + / +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / +CREATE TRIGGER IDN_CLAIM_DIALECT_TRIG NO CASCADE +BEFORE INSERT +ON IDN_CLAIM_DIALECT +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_DIALECT_SEQ); + END + / + +CREATE TABLE IDN_CLAIM ( + ID INTEGER NOT NULL, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID)) + / +CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / +CREATE TRIGGER IDN_CLAIM_TRIG NO CASCADE +BEFORE INSERT +ON IDN_CLAIM +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_SEQ); + END + / + +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID)) + / +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / +CREATE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG NO CASCADE +BEFORE INSERT +ON IDN_CLAIM_MAPPED_ATTRIBUTE +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ); + END + / + +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID)) + / +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / +CREATE TRIGGER IDN_CLAIM_PROPERTY_TRIG NO CASCADE +BEFORE INSERT +ON IDN_CLAIM_PROPERTY +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_PROPERTY_SEQ); + END + / + +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID)) + / +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / +CREATE TRIGGER IDN_CLAIM_MAPPING_TRIG NO CASCADE +BEFORE INSERT +ON IDN_CLAIM_MAPPING +REFERENCING NEW AS NEW +FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_CLAIM_MAPPING_SEQ); + END + / + +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) + / + CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE + / + CREATE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG NO CASCADE + BEFORE INSERT + ON IDN_SAML2_ASSERTION_STORE + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_SAML2_ASSERTION_STORE_SEQ); +END +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..6cee2918 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/h2.sql @@ -0,0 +1,94 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE'; +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); +ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'; +ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL; +ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0'; +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'; +ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) +); + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH), +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +); + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID), +); + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255) , + SAML2_ISSUER VARCHAR(255) , + SAML2_SUBJECT VARCHAR(255) , + SAML2_SESSION_INDEX VARCHAR(255) , + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255) , + SAML2_ASSERTION VARCHAR(4096) , + PRIMARY KEY (ID) +); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..17c8ade4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,103 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_STATE VARCHAR (25) DEFAULT 'ACTIVE'; +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); +ALTER TABLE SP_APP ADD ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'; +ALTER TABLE SP_INBOUND_AUTH ADD INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL; +ALTER TABLE SP_CLAIM_MAPPING ADD IS_MANDATORY VARCHAR(128) DEFAULT '0'; +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'; +ALTER TABLE IDP_PROVISIONING_CONFIG ADD IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_RECOVERY_DATA]') AND TYPE IN (N'U')) + CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED DATETIME NOT NULL, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY(USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO,STEP), + UNIQUE(CODE) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_PASSWORD_HISTORY_DATA]') AND TYPE IN (N'U')) + CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL IDENTITY , + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED DATETIME NOT NULL, + PRIMARY KEY (ID), + UNIQUE (USER_NAME,USER_DOMAIN,TENANT_ID,SALT_VALUE,HASH), + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_DIALECT]') AND TYPE IN (N'U')) + CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL IDENTITY, + DIALECT_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM]') AND TYPE IN (N'U')) + CREATE TABLE IDN_CLAIM ( + ID INTEGER NOT NULL IDENTITY, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT(ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPED_ATTRIBUTE]') AND TYPE IN (N'U')) + CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL IDENTITY, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR (255) NOT NULL, + ATTRIBUTE_NAME VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_PROPERTY]') AND TYPE IN (N'U')) + CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL IDENTITY, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR (255) NOT NULL, + PROPERTY_VALUE VARCHAR (255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CLAIM_MAPPING]') AND TYPE IN (N'U')) + CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL IDENTITY, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM(ID) ON DELETE NO ACTION, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) + ); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_SAML2_ASSERTION_STORE]') AND TYPE IN (N'U')) + CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL IDENTITY, + SAML2_ID VARCHAR(255), + SAML2_ISSUER VARCHAR(255), + SAML2_SUBJECT VARCHAR(255), + SAML2_SESSION_INDEX VARCHAR(255), + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255), + SAML2_ASSERTION VARCHAR(4096), + PRIMARY KEY (ID) + ); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..f81c02d0 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,119 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS +ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE'; + +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); + +ALTER TABLE SP_APP +ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'; + +ALTER TABLE SP_INBOUND_AUTH +ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL; + +ALTER TABLE SP_CLAIM_MAPPING +ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0'; + +ALTER TABLE SP_PROVISIONING_CONNECTOR +ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +ALTER TABLE IDP_PROVISIONING_CONFIG +ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP), + UNIQUE (CODE) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) + ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL, + ATTRIBUTE_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255), + SAML2_ISSUER VARCHAR(255), + SAML2_SUBJECT VARCHAR(255), + SAML2_SESSION_INDEX VARCHAR(255), + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255), + SAML2_ASSERTION VARCHAR(4096), + PRIMARY KEY (ID) +) + ENGINE INNODB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..f81c02d0 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,119 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS +ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE'; + +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); + +ALTER TABLE SP_APP +ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'; + +ALTER TABLE SP_INBOUND_AUTH +ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NOT NULL; + +ALTER TABLE SP_CLAIM_MAPPING +ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0'; + +ALTER TABLE SP_PROVISIONING_CONNECTOR +ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +ALTER TABLE IDP_PROVISIONING_CONFIG +ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +CREATE TABLE IF NOT EXISTS IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP), + UNIQUE (CODE) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER NOT NULL AUTO_INCREMENT, + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_DIALECT ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM ( + ID INTEGER NOT NULL AUTO_INCREMENT, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) + ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL, + ATTRIBUTE_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CLAIM_MAPPING ( + ID INTEGER NOT NULL AUTO_INCREMENT, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) + ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +) + ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_SAML2_ASSERTION_STORE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + SAML2_ID VARCHAR(255), + SAML2_ISSUER VARCHAR(255), + SAML2_SUBJECT VARCHAR(255), + SAML2_SESSION_INDEX VARCHAR(255), + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255), + SAML2_ASSERTION VARCHAR(4096), + PRIMARY KEY (ID) +) + ENGINE INNODB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..e00118cc --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,200 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_STATE VARCHAR(25) DEFAULT 'ACTIVE' +/ +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN) +/ +ALTER TABLE SP_APP ADD ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0' +/ +ALTER TABLE SP_INBOUND_AUTH ADD INBOUND_CONFIG_TYPE VARCHAR(255) DEFAULT NULL +/ +ALTER TABLE SP_CLAIM_MAPPING ADD IS_MANDATORY VARCHAR(128) DEFAULT '0' +/ +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD RULE_ENABLED CHAR(1) DEFAULT '0' NOT NULL +/ +ALTER TABLE IDP_PROVISIONING_CONFIG ADD IS_RULES_ENABLED CHAR(1) DEFAULT '0' NOT NULL +/ +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR2(255) NOT NULL, + SCENARIO VARCHAR2(255) NOT NULL, + STEP VARCHAR2(127) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + REMAINING_SETS VARCHAR2(2500) DEFAULT NULL, + PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP), + UNIQUE (CODE) +) +/ +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER, + USER_NAME VARCHAR2(255) NOT NULL, + USER_DOMAIN VARCHAR2(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR2(255), + HASH VARCHAR2(255) NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + PRIMARY KEY (ID), + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +) +/ + +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ + +CREATE OR REPLACE TRIGGER IDN_PASSWORD_HISTORY_DATA_TRIG +BEFORE INSERT +ON IDN_PASSWORD_HISTORY_DATA +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_PASSWORD_HISTORY_DATA_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER, + DIALECT_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +) +/ +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_DIALECT_TRIG +BEFORE INSERT +ON IDN_CLAIM_DIALECT +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_DIALECT_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM ( + ID INTEGER, + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +) +/ +CREATE SEQUENCE IDN_CLAIM_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_TRIG +BEFORE INSERT +ON IDN_CLAIM +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL, + ATTRIBUTE_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPED_ATTR_TRIG +BEFORE INSERT +ON IDN_CLAIM_MAPPED_ATTRIBUTE +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER, + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +) +/ +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_PROPERTY_TRIG +BEFORE INSERT +ON IDN_CLAIM_PROPERTY +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_PROPERTY_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER, + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +) +/ +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CLAIM_MAPPING_TRIG +BEFORE INSERT +ON IDN_CLAIM_MAPPING +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_CLAIM_MAPPING_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ + +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER, + SAML2_ID VARCHAR(255), + SAML2_ISSUER VARCHAR(255), + SAML2_SUBJECT VARCHAR(255), + SAML2_SESSION_INDEX VARCHAR(255), + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255), + SAML2_ASSERTION VARCHAR2(4000), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_SAML2_ASSERTION_STORE_TRIG +BEFORE INSERT +ON IDN_SAML2_ASSERTION_STORE +REFERENCING NEW AS NEW +FOR EACH ROW + BEGIN + SELECT IDN_SAML2_ASSERTION_STORE_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..c1ba4791 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.3.0/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,115 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD COLUMN APP_STATE VARCHAR(25) DEFAULT 'ACTIVE'; +CREATE INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN); +ALTER TABLE SP_APP ADD COLUMN ENABLE_AUTHORIZATION CHAR(1) DEFAULT '0'; +ALTER TABLE SP_INBOUND_AUTH ADD COLUMN INBOUND_CONFIG_TYPE VARCHAR(255) NULL; +ALTER TABLE SP_CLAIM_MAPPING ADD COLUMN IS_MANDATORY VARCHAR(128) DEFAULT '0'; +ALTER TABLE SP_PROVISIONING_CONNECTOR ADD COLUMN RULE_ENABLED CHAR(1) NOT NULL DEFAULT '0'; +ALTER TABLE IDP_PROVISIONING_CONFIG ADD COLUMN IS_RULES_ENABLED CHAR(1) NOT NULL DEFAULT '0'; + +DROP TABLE IF EXISTS IDN_RECOVERY_DATA; +CREATE TABLE IDN_RECOVERY_DATA ( + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + CODE VARCHAR(255) NOT NULL, + SCENARIO VARCHAR(255) NOT NULL, + STEP VARCHAR(127) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + REMAINING_SETS VARCHAR(2500) DEFAULT NULL, + PRIMARY KEY (USER_NAME, USER_DOMAIN, TENANT_ID, SCENARIO, STEP), + UNIQUE (CODE) +); + +DROP TABLE IF EXISTS IDN_PASSWORD_HISTORY_DATA; +CREATE SEQUENCE IDN_PASSWORD_HISTORY_DATA_PK_SEQ; +CREATE TABLE IDN_PASSWORD_HISTORY_DATA ( + ID INTEGER DEFAULT NEXTVAL('IDN_PASSWORD_HISTORY_DATA_PK_SEQ'), + USER_NAME VARCHAR(255) NOT NULL, + USER_DOMAIN VARCHAR(127) NOT NULL, + TENANT_ID INTEGER DEFAULT -1, + SALT_VALUE VARCHAR(255), + HASH VARCHAR(255) NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (ID), + UNIQUE (USER_NAME, USER_DOMAIN, TENANT_ID, SALT_VALUE, HASH) +); + +DROP TABLE IF EXISTS IDN_CLAIM_DIALECT; +DROP SEQUENCE IF EXISTS IDN_CLAIM_DIALECT_SEQ; +CREATE SEQUENCE IDN_CLAIM_DIALECT_SEQ; +CREATE TABLE IDN_CLAIM_DIALECT ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_DIALECT_SEQ'), + DIALECT_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + CONSTRAINT DIALECT_URI_CONSTRAINT UNIQUE (DIALECT_URI, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM; +DROP SEQUENCE IF EXISTS IDN_CLAIM_SEQ; +CREATE SEQUENCE IDN_CLAIM_SEQ; +CREATE TABLE IDN_CLAIM ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_SEQ'), + DIALECT_ID INTEGER, + CLAIM_URI VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (DIALECT_ID) REFERENCES IDN_CLAIM_DIALECT (ID) ON DELETE CASCADE, + CONSTRAINT CLAIM_URI_CONSTRAINT UNIQUE (DIALECT_ID, CLAIM_URI, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE; +DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ; +CREATE SEQUENCE IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ; +CREATE TABLE IDN_CLAIM_MAPPED_ATTRIBUTE ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPED_ATTRIBUTE_SEQ'), + LOCAL_CLAIM_ID INTEGER, + USER_STORE_DOMAIN_NAME VARCHAR(255) NOT NULL, + ATTRIBUTE_NAME VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT USER_STORE_DOMAIN_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, USER_STORE_DOMAIN_NAME, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_PROPERTY; +DROP SEQUENCE IF EXISTS IDN_CLAIM_PROPERTY_SEQ; +CREATE SEQUENCE IDN_CLAIM_PROPERTY_SEQ; +CREATE TABLE IDN_CLAIM_PROPERTY ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_PROPERTY_SEQ'), + LOCAL_CLAIM_ID INTEGER, + PROPERTY_NAME VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(255) NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT PROPERTY_NAME_CONSTRAINT UNIQUE (LOCAL_CLAIM_ID, PROPERTY_NAME, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_CLAIM_MAPPING; +DROP SEQUENCE IF EXISTS IDN_CLAIM_MAPPING_SEQ; +CREATE SEQUENCE IDN_CLAIM_MAPPING_SEQ; +CREATE TABLE IDN_CLAIM_MAPPING ( + ID INTEGER DEFAULT NEXTVAL('IDN_CLAIM_MAPPING_SEQ'), + EXT_CLAIM_ID INTEGER NOT NULL, + MAPPED_LOCAL_CLAIM_ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + PRIMARY KEY (ID), + FOREIGN KEY (EXT_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + FOREIGN KEY (MAPPED_LOCAL_CLAIM_ID) REFERENCES IDN_CLAIM (ID) ON DELETE CASCADE, + CONSTRAINT EXT_TO_LOC_MAPPING_CONSTRN UNIQUE (EXT_CLAIM_ID, TENANT_ID) +); + +DROP TABLE IF EXISTS IDN_SAML2_ASSERTION_STORE; +DROP SEQUENCE IF EXISTS IDN_SAML2_ASSERTION_STORE_SEQ; +CREATE SEQUENCE IDN_SAML2_ASSERTION_STORE_SEQ; +CREATE TABLE IDN_SAML2_ASSERTION_STORE ( + ID INTEGER DEFAULT NEXTVAL('IDN_SAML2_ASSERTION_STORE_SEQ'), + SAML2_ID VARCHAR(255), + SAML2_ISSUER VARCHAR(255), + SAML2_SUBJECT VARCHAR(255), + SAML2_SESSION_INDEX VARCHAR(255), + SAML2_AUTHN_CONTEXT_CLASS_REF VARCHAR(255), + SAML2_ASSERTION VARCHAR(4096), + PRIMARY KEY (ID) +); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml new file mode 100644 index 00000000..21e396a8 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/data/claim-config.xml @@ -0,0 +1,824 @@ + + + + + + http://wso2.org/claims/department + Department + departmentNumber + Department + + + + + http://wso2.org/claims/resourceType + Resource Type + ref + Resource Type + + + http://wso2.org/claims/identity/phoneVerified + Phone Verified + + phoneVerified + Phone Verified + + + http://wso2.org/claims/userid + User ID + scimId + Unique ID of the user + + + + http://wso2.org/claims/externalid + External User ID + externalId + Unique ID of the user used in external systems + + + + http://wso2.org/claims/created + Created Time + createdDate + Created timestamp of the user + + + + http://wso2.org/claims/modified + Last Modified Time + lastModifiedDate + Last Modified timestamp of the user + + + + http://wso2.org/claims/location + Location + location + Location + + + http://wso2.org/claims/im + IM + im + IM + 9 + + + + http://wso2.org/claims/username + Username + uid + Username + + + http://wso2.org/claims/givenname + First Name + givenName + First Name + + 1 + + + + http://wso2.org/claims/lastname + Last Name + sn + Last Name + + 2 + + + + http://wso2.org/claims/formattedName + Name - Formatted Name + formattedName + Formatted Name + + + http://wso2.org/claims/middleName + Middle Name + middleName + Middle Name + + + http://wso2.org/claims/honorificPrefix + Name - Honoric Prefix + honoricPrefix + Honoric Prefix + + + http://wso2.org/claims/honorificSuffix + Name - Honoric Suffix + honoricSuffix + Honoric Suffix + + + http://wso2.org/claims/displayName + Display Name + displayName + Display Name + + + http://wso2.org/claims/nickname + Nick Name + nickName + Nick Name + + + http://wso2.org/claims/url + URL + url + URL + 10 + + + + http://wso2.org/claims/title + Title + title + Title + + + http://wso2.org/claims/userType + User Type + userType + User Type + + + http://wso2.org/claims/preferredLanguage + Preferred Language + preferredLanguage + Preferred Language + + + http://wso2.org/claims/local + Local + local + Local + + + http://wso2.org/claims/timeZone + Time Zone + timeZone + Time Zone + + + http://wso2.org/claims/active + Active + active + Status of the account + + + http://wso2.org/claims/emails.work + Emails - Work Email + workEmail + Work Email + + + http://wso2.org/claims/emails.home + Emails - Home Email + homeEmail + Home Email + + + http://wso2.org/claims/emails.other + Emails - Other Email + otherEmail + Other Email + + + http://wso2.org/claims/mobile + Mobile + mobile + Mobile + 8 + + + + http://wso2.org/claims/phoneNumbers.home + Phone Numbers - Home Phone Number + homePhone + Home Phone + + + http://wso2.org/claims/phoneNumbers.work + Phone Numbers - Work Phone Number + workPhone + Work Phone + + + http://wso2.org/claims/phoneNumbers.other + Phone Numbers - Other + otherPhoneNumber + Other Phone Number + + + http://wso2.org/claims/gtalk + IM - Gtalk + imGtalk + IM - Gtalk + + + http://wso2.org/claims/skype + IM - Skype + imSkype + IM - Skype + + + http://wso2.org/claims/photourl + Photo URIL + photoUrl + Photo URL + + + http://wso2.org/claims/thumbnail + Photo - Thumbnail + thumbnail + Photo - Thumbnail + + + http://wso2.org/claims/addresses.locality + Address - Locality + localityAddress + Address - Locality + + + http://wso2.org/claims/region + Region + region + Region + + + http://wso2.org/claims/groups + Groups + groups + Groups + + + http://wso2.org/claims/entitlements + Entitlements + entitlements + Entitlements + + + http://wso2.org/claims/role + Role + role + Role + + + + + http://wso2.org/claims/x509Certificates + X509Certificates + x509Certificates + X509Certificates + + + http://wso2.org/claims/organization + Organization + organizationName + Organization + 3 + + + + http://wso2.org/claims/stateorprovince + State + stateOrProvinceName + State + + + http://wso2.org/claims/gender + Gender + gender + Gender + + + http://wso2.org/claims/identity/askPassword + Ask Password + askPassword + Temporary claim to invoke email ask Password feature + + + http://wso2.org/claims/identity/verifyEmail + Verify Email + verifyEmail + Temporary claim to invoke email verified feature + + + + + urn:ietf:params:scim:schemas:core:2.0:id + Id + scimId + Id + + 1 + + http://wso2.org/claims/userid + + + urn:ietf:params:scim:schemas:core:2.0:externalId + External Id + externalId + External Id + + 1 + + http://wso2.org/claims/externalid + + + urn:ietf:params:scim:schemas:core:2.0:meta.created + Meta - Created + createdDate + Meta - Created + + 1 + + http://wso2.org/claims/created + + + urn:ietf:params:scim:schemas:core:2.0:meta.lastModified + Meta - Last Modified + lastModifiedDate + Meta - Last Modified + + 1 + + http://wso2.org/claims/modified + + + urn:ietf:params:scim:schemas:core:2.0:meta.location + Meta - Location + location + Meta - Location + + 1 + + http://wso2.org/claims/location + + + urn:ietf:params:scim:schemas:core:2.0:meta.resourceType + Meta - Location + ref + Meta - Location + + 1 + + http://wso2.org/claims/resourceType + + + urn:ietf:params:scim:schemas:core:2.0:meta.version + Meta - Version + im + Meta - Version + + 1 + + http://wso2.org/claims/im + + + + + urn:ietf:params:scim:schemas:core:2.0:User:userName + User Name + uid + User Name + 2 + + + http://wso2.org/claims/username + + + urn:ietf:params:scim:schemas:core:2.0:User:name.givenName + Name - Given Name + givenName + Given Name + + 1 + + http://wso2.org/claims/givenname + + + urn:ietf:params:scim:schemas:core:2.0:User:name.familyName + Name - Family Name + sn + Family Name + 2 + + + http://wso2.org/claims/lastname + + + urn:ietf:params:scim:schemas:core:2.0:User:name.formatted + Name - Formatted Name + formattedName + Formatted Name + 2 + + + http://wso2.org/claims/formattedName + + + urn:ietf:params:scim:schemas:core:2.0:User:name.middleName + Name - Middle Name + middleName + Middle Name + 2 + + + http://wso2.org/claims/middleName + + + urn:ietf:params:scim:schemas:core:2.0:User:name.honorificPrefix + Name - Honoric Prefix + honoricPrefix + Honoric Prefix + 2 + + + http://wso2.org/claims/honorificPrefix + + + urn:ietf:params:scim:schemas:core:2.0:User:name.honorificSuffix + Name - Honoric Suffix + honoricSuffix + Honoric Suffix + 2 + + + http://wso2.org/claims/honorificSuffix + + + urn:ietf:params:scim:schemas:core:2.0:User:displayName + Display Name + displayName + Display Name + 2 + + + http://wso2.org/claims/displayName + + + urn:ietf:params:scim:schemas:core:2.0:User:nickName + Nick Name + nickName + Nick Name + 2 + + + http://wso2.org/claims/nickname + + + urn:ietf:params:scim:schemas:core:2.0:User:profileUrl + Profile URL + url + Profile URL + 2 + + + http://wso2.org/claims/url + + + urn:ietf:params:scim:schemas:core:2.0:User:title + Title + title + Title + 2 + + + http://wso2.org/claims/title + + + urn:ietf:params:scim:schemas:core:2.0:User:userType + User Type + userType + User Type + 2 + + + http://wso2.org/claims/userType + + + urn:ietf:params:scim:schemas:core:2.0:User:preferredLanguage + Preferred Language + preferredLanguage + Preferred Language + 2 + + + http://wso2.org/claims/preferredLanguage + + + urn:ietf:params:scim:schemas:core:2.0:User:locale + Locality + localityName + Locality + 2 + + + http://wso2.org/claims/local + + + urn:ietf:params:scim:schemas:core:2.0:User:timezone + Time Zone + timeZone + Time Zone + 2 + + + http://wso2.org/claims/timeZone + + + urn:ietf:params:scim:schemas:core:2.0:User:active + Active + active + Active + 2 + + + http://wso2.org/claims/active + + + urn:ietf:params:scim:schemas:core:2.0:User:emails.work + Emails - Work Email + workEmail + Work Email + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/emails.work + + + urn:ietf:params:scim:schemas:core:2.0:User:emails.home + Emails - Home Email + homeEmail + Home Email + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/emails.home + + + urn:ietf:params:scim:schemas:core:2.0:User:emails.other + Emails - Other Email + otherEmail + Other Email + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/emails.other + + + urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.mobile + Phone Numbers - Mobile Number + mobile + Mobile Number + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/mobile + + + urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.home + Phone Numbers - Home Phone Number + homePhone + Home Phone + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/phoneNumbers.home + + + urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.work + Phone Numbers - Work Phone Number + workPhone + Work Phone + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/phoneNumbers.work + + + urn:ietf:params:scim:schemas:core:2.0:User:phoneNumbers.other + Phone Numbers - Other + otherPhoneNumber + Other Phone Number + 5 + + ^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$ + http://wso2.org/claims/phoneNumbers.other + + + urn:ietf:params:scim:schemas:core:2.0:User:ims.gtalk + IM - Gtalk + imGtalk + IM - Gtalk + 5 + + http://wso2.org/claims/gtalk + + + urn:ietf:params:scim:schemas:core:2.0:User:ims.skype + IM - Skype + imSkype + IM - Skype + 5 + + http://wso2.org/claims/skype + + + urn:ietf:params:scim:schemas:core:2.0:User:photos.photo + Photo + photoUrl + Photo + 5 + + http://wso2.org/claims/photourl + + + urn:ietf:params:scim:schemas:core:2.0:User:photos.thumbnail + Photo - Thumbnail + thumbnail + Photo - Thumbnail + 5 + + http://wso2.org/claims/thumbnail + + + urn:ietf:params:scim:schemas:core:2.0:User:addresses.home + Address - Home + localityAddress + Address - Home + 5 + + http://wso2.org/claims/addresses.locality + + + urn:ietf:params:scim:schemas:core:2.0:User:addresses.work + Address - Work + region + Address - Work + 5 + + http://wso2.org/claims/region + + + urn:ietf:params:scim:schemas:core:2.0:User:groups + Groups + groups + Groups + 5 + + http://wso2.org/claims/groups + + + urn:ietf:params:scim:schemas:core:2.0:User:entitlements.default + Entitlements + entitlements + Entitlements + 5 + + http://wso2.org/claims/entitlements + + + urn:ietf:params:scim:schemas:core:2.0:User:roles.default + Roles + roles + Roles + 5 + + http://wso2.org/claims/role + + + urn:ietf:params:scim:schemas:core:2.0:User:x509Certificates.default + X509Certificates + x509Certificates + X509Certificates + 5 + + http://wso2.org/claims/x509Certificates + + + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber + employeeNumber + externalId + employeeNumber + + 1 + + http://wso2.org/claims/externalid + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:costCenter + oneTimePassword + userType + costCenter + + 1 + + http://wso2.org/claims/userType + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization + Organization -division + organizationName + Organization -division + + 1 + + http://wso2.org/claims/organization + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department + Organization -department + departmentNumber + Organization -department + + 1 + + http://wso2.org/claims/department + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division + Manager - home + stateorprovince + Manager - home + + 1 + + http://wso2.org/claims/stateorprovince + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.value + Manager - home + gender + Manager - home + + 1 + + http://wso2.org/claims/gender + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.$ref + Manager - home + ref + Manager - home + + 1 + + http://wso2.org/claims/resourceType + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager.displayName + Manager - home + displayName + Manager - home + + 1 + + http://wso2.org/claims/displayName + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:askPassword + Ask Password + askPassword + Temporary claim to invoke email ask Password feature + + 1 + + http://wso2.org/claims/identity/askPassword + + + urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:verifyEmail + Verify Email + verifyEmail + Temporary claim to invoke email verified feature + + 1 + + http://wso2.org/claims/identity/verifyEmail + + + + diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..067680c4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/db2.sql @@ -0,0 +1,17 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000 +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000 +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000 +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN SET DATA TYPE VARCHAR(512) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN SET DATA TYPE VARCHAR(512) +/ +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE) +/ +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE SET DATA TYPE VARCHAR(2048) +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..f4d77942 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/h2.sql @@ -0,0 +1,14 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +); + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..db39706a --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,15 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN VARCHAR(512); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN VARCHAR(512); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_BINDING]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +); + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE VARCHAR(2048); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..93a582e8 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,14 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..93a582e8 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,14 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..22c03e3f --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,24 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000 +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 3600000 +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME NUMBER(19) DEFAULT 84600000 +/ + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY ACCESS_TOKEN VARCHAR(512) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN MODIFY REFRESH_TOKEN VARCHAR(512) +/ + +CREATE TABLE IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR2(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE) +/ + + +ALTER TABLE IDN_IDENTITY_USER_DATA MODIFY DATA_VALUE VARCHAR(2048) +/ + +DELETE FROM IDN_CLAIM WHERE CLAIM_URI = 'urn:scim:schemas:core:1.0:roles' +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..f9203ee4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,14 @@ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD USER_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD APP_ACCESS_TOKEN_EXPIRE_TIME BIGINT DEFAULT 3600000; +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ADD REFRESH_TOKEN_EXPIRE_TIME BIGINT DEFAULT 84600000; + +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN TYPE VARCHAR(512); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN TYPE VARCHAR(512); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_BINDING ( + SCOPE_ID INTEGER NOT NULL, + SCOPE_BINDING VARCHAR(255), + FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +); + +ALTER TABLE IDN_IDENTITY_USER_DATA ALTER COLUMN DATA_VALUE TYPE VARCHAR(2048); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql new file mode 100644 index 00000000..e4067b01 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/db2.sql @@ -0,0 +1,5 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID) +/ + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID) +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql new file mode 100644 index 00000000..0b50b62b --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/h2.sql @@ -0,0 +1,3 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID); + +CREATE INDEX IF NOT EXISTS SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql new file mode 100644 index 00000000..c9645d83 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mssql.sql @@ -0,0 +1,3 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID); + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql new file mode 100644 index 00000000..c9645d83 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql.sql @@ -0,0 +1,3 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID); + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql new file mode 100644 index 00000000..c9645d83 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/mysql5.7.sql @@ -0,0 +1,3 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID); + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql new file mode 100644 index 00000000..f4167597 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/oracle.sql @@ -0,0 +1,5 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID) +/ + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID) +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql new file mode 100644 index 00000000..c9645d83 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step1/um/postgresql.sql @@ -0,0 +1,3 @@ +ALTER TABLE UM_PERMISSION ADD CONSTRAINT RES_ACT_TENANT_CONSTRAINT UNIQUE (UM_RESOURCE_ID,UM_ACTION,UM_TENANT_ID); + +CREATE INDEX SYSTEM_ROLE_IND_BY_RN_TI ON UM_SYSTEM_ROLE(UM_ROLE_NAME, UM_TENANT_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql new file mode 100644 index 00000000..ede38f3c --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/db2.sql @@ -0,0 +1,23 @@ +ALTER TABLE IDN_OAUTH2_SCOPE RENAME COLUMN NAME TO DISPLAY_NAME +/ +ALTER TABLE IDN_OAUTH2_SCOPE RENAME COLUMN SCOPE_KEY TO NAME +/ +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES +/ +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0 +/ +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET DEFAULT -1 +/ +CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID) +/ +BEGIN + DECLARE const_name VARCHAR(128); + DECLARE STMT VARCHAR(200); + select CONSTNAME into const_name from SYSCAT.TABCONST WHERE TABNAME='IDN_OAUTH2_RESOURCE_SCOPE' AND TYPE = 'F'; + SET STMT = 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ' || const_name; + PREPARE S1 FROM STMT; + EXECUTE S1; +END +/ +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD CONSTRAINT IDN_OAUTH2_RESOURCE_SCOPE_F1 FOREIGN KEY(SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql new file mode 100644 index 00000000..196d42d4 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/h2.sql @@ -0,0 +1,16 @@ +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME RENAME TO DISPLAY_NAME; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN SCOPE_KEY RENAME TO NAME; +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY NAME VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY DISPLAY_NAME VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES; +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0; +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1; +CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID); + +CREATE ALIAS IF NOT EXISTS DROP_FK AS $$ void executeSql(Connection conn, String sql) throws SQLException { conn.createStatement().executeUpdate(sql); } $$; + +CALL DROP_FK('ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' || (SELECT CONSTRAINT_NAME FROM INFORMATION_SCHEMA.CONSTRAINTS WHERE TABLE_NAME = 'IDN_OAUTH2_RESOURCE_SCOPE' AND COLUMN_LIST = 'SCOPE_ID')); + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql new file mode 100644 index 00000000..aea9f02f --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mssql.sql @@ -0,0 +1,28 @@ +sp_rename 'IDN_OAUTH2_SCOPE.NAME', 'DISPLAY_NAME', 'COLUMN'; +sp_rename 'IDN_OAUTH2_SCOPE.SCOPE_KEY', 'NAME', 'COLUMN'; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES; +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0; +CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID); + +DECLARE @Command NVARCHAR(max), @ConstaintName NVARCHAR(max), @TableName NVARCHAR(max),@ColumnName NVARCHAR(max) +SET @TableName = 'IDN_OAUTH2_SCOPE' +SET @ColumnName ='TENANT_ID' +SELECT @ConstaintName = name + FROM sys.default_constraints + WHERE parent_object_id = object_id(@TableName) + +SELECT @Command = 'ALTER TABLE '+@TableName+' drop constraint '+ @ConstaintName + +IF @Command IS NOT NULL +BEGIN + EXECUTE sp_executeSQL @Command + SELECT @Command = 'ALTER TABLE '+@TableName+' ADD CONSTRAINT '+@ConstaintName+' DEFAULT -1 FOR ' + @ColumnName + EXECUTE sp_executeSQL @Command +END + +DECLARE @COMMAND1 NVARCHAR(200);SELECT TOP 1 @COMMAND1= 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' + RC.CONSTRAINT_NAME + ';' FROM INFORMATION_SCHEMA.REFERENTIAL_CONSTRAINTS RC JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KF ON RC.CONSTRAINT_NAME = KF.CONSTRAINT_NAME JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KP ON RC.UNIQUE_CONSTRAINT_NAME = KP.CONSTRAINT_NAME WHERE KF.TABLE_NAME = 'IDN_OAUTH2_RESOURCE_SCOPE' AND KP.TABLE_NAME='IDN_OAUTH2_SCOPE';EXEC (@COMMAND1); + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID INTEGER NOT NULL; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql new file mode 100644 index 00000000..eae5def0 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql.sql @@ -0,0 +1,21 @@ +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT; +ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `NAME` `DISPLAY_NAME` VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `SCOPE_KEY` `NAME` VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES; +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0; +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1; +-- CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID); + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ",CONSTRAINT_NAME) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = "IDN_OAUTH2_RESOURCE_SCOPE" +AND REFERENCED_TABLE_NAME = "IDN_OAUTH2_SCOPE" AND REFERENCED_COLUMN_NAME = "SCOPE_ID" ; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql new file mode 100644 index 00000000..6ebcdfd6 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/mysql5.7.sql @@ -0,0 +1,21 @@ +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL AUTO_INCREMENT; +ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `NAME` `DISPLAY_NAME` VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE CHANGE COLUMN `SCOPE_KEY` `NAME` VARCHAR(255) NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES; +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0; +ALTER TABLE IDN_OAUTH2_SCOPE MODIFY TENANT_ID INTEGER NOT NULL DEFAULT -1; +CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID); + +SELECT CONCAT("ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP FOREIGN KEY ",CONSTRAINT_NAME) +INTO @sqlst +FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE +WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = "IDN_OAUTH2_RESOURCE_SCOPE" +AND REFERENCED_TABLE_NAME = "IDN_OAUTH2_SCOPE" AND REFERENCED_COLUMN_NAME = "SCOPE_ID" ; + +PREPARE stmt FROM @sqlst; +EXECUTE stmt; +DEALLOCATE PREPARE stmt; +SET @sqlstr = NULL; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE MODIFY SCOPE_ID INTEGER NOT NULL; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql new file mode 100644 index 00000000..cade8aff --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/oracle.sql @@ -0,0 +1,62 @@ +ALTER TABLE IDN_OAUTH2_SCOPE + MODIFY SCOPE_ID INTEGER NOT NULL +/ +ALTER TABLE IDN_OAUTH2_SCOPE + RENAME COLUMN NAME TO DISPLAY_NAME +/ +ALTER TABLE IDN_OAUTH2_SCOPE + RENAME COLUMN SCOPE_KEY TO NAME +/ +ALTER TABLE IDN_OAUTH2_SCOPE + DROP COLUMN ROLES +/ +UPDATE IDN_OAUTH2_SCOPE +SET TENANT_ID = -1 +WHERE TENANT_ID = 0 +/ +ALTER TABLE IDN_OAUTH2_SCOPE + MODIFY TENANT_ID INTEGER DEFAULT -1 +/ +CREATE UNIQUE INDEX SCOPE_INDEX + ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID) +/ + +DECLARE + con_name VARCHAR2(100); + command VARCHAR2(200); + databasename VARCHAR2(100); +BEGIN + + SELECT sys_context('userenv', 'current_schema') + INTO databasename + FROM dual; + + BEGIN + SELECT a.constraint_name + INTO con_name + FROM all_cons_columns a + JOIN all_constraints c ON a.owner = c.owner AND a.constraint_name = c.constraint_name + JOIN all_constraints c_pk ON c.r_owner = c_pk.owner AND c.r_constraint_name = c_pk.constraint_name + WHERE + c.constraint_type = 'R' AND a.table_name = 'IDN_OAUTH2_RESOURCE_SCOPE' AND UPPER(a.OWNER) = UPPER(databasename) + AND c_pk.table_name = 'IDN_OAUTH2_SCOPE' AND ROWNUM < 2; + + IF TRIM(con_name) IS NOT NULL + THEN + command := 'ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE DROP CONSTRAINT ' || con_name; + dbms_output.Put_line(command); + EXECUTE IMMEDIATE command; + END IF; + + EXCEPTION + WHEN NO_DATA_FOUND + THEN + dbms_output.Put_line('Foreign key not found'); + END; + +END; +/ + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE + ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE (SCOPE_ID) ON DELETE CASCADE +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql new file mode 100644 index 00000000..3e3ccf93 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.4.0/dbscripts/step2/identity/postgresql.sql @@ -0,0 +1,18 @@ +ALTER TABLE IDN_OAUTH2_SCOPE RENAME NAME TO DISPLAY_NAME; +ALTER TABLE IDN_OAUTH2_SCOPE RENAME SCOPE_KEY TO NAME; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME TYPE VARCHAR(255); +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN NAME SET NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME TYPE VARCHAR(255); +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN DISPLAY_NAME SET NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE DROP COLUMN ROLES; +UPDATE IDN_OAUTH2_SCOPE SET TENANT_ID = -1 WHERE TENANT_ID = 0; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID TYPE INTEGER; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET NOT NULL; +ALTER TABLE IDN_OAUTH2_SCOPE ALTER COLUMN TENANT_ID SET DEFAULT -1; +CREATE UNIQUE INDEX SCOPE_INDEX ON IDN_OAUTH2_SCOPE (NAME, TENANT_ID); + +DO $$ DECLARE con_name varchar(200); BEGIN SELECT 'ALTER TABLE idn_oauth2_resource_scope DROP CONSTRAINT ' || tc .constraint_name || ';' INTO con_name FROM information_schema.table_constraints AS tc JOIN information_schema.key_column_usage AS kcu ON tc.constraint_name = kcu.constraint_name JOIN information_schema.constraint_column_usage AS ccu ON ccu.constraint_name = tc.constraint_name WHERE constraint_type = 'FOREIGN KEY' AND tc.table_name = 'idn_oauth2_resource_scope' AND ccu.table_name='idn_oauth2_scope' LIMIT 1; EXECUTE con_name; END $$; + +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID TYPE INTEGER; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ALTER COLUMN SCOPE_ID SET NOT NULL; +ALTER TABLE IDN_OAUTH2_RESOURCE_SCOPE ADD FOREIGN KEY (SCOPE_ID) REFERENCES IDN_OAUTH2_SCOPE(SCOPE_ID) ON DELETE CASCADE; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql new file mode 100644 index 00000000..8e7a9159 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/db2.sql @@ -0,0 +1,195 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER NOT NULL , + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PII_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PII_CATEGORY +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PII_CATEGORY_SEQ); + +END +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PURPOSE_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PURPOSE_SEQ); + +END +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER NOT NULL, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_PURPOSE_CATEGORY_TRIGGER NO CASCADE BEFORE INSERT ON CM_PURPOSE_CATEGORY +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_PURPOSE_CATEGORY_SEQ); + +END +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER NOT NULL, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234 NOT NULL, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_RECEIPT_SP_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_RECEIPT_SP_ASSOC +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_RECEIPT_SP_ASSOC_SEQ); + +END +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER NOT NULL, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER CM_SP_PURPOSE_ASSOC_TRIGGER NO CASCADE BEFORE INSERT ON CM_SP_PURPOSE_ASSOC +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + +BEGIN ATOMIC + + SET (NEW.ID) + = (NEXTVAL FOR CM_SP_PURPOSE_ASSOC_SEQ); + +END +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_PII_CAT_ASSOC_SEQ + START WITH 1 + INCREMENT BY 1 NOCACHE +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234')/ + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234')/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql new file mode 100644 index 00000000..3c9166bd --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/h2.sql @@ -0,0 +1,121 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql new file mode 100644 index 00000000..645035c2 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mssql.sql @@ -0,0 +1,113 @@ +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PII_CATEGORY]') AND TYPE IN (N'U')) +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT]') AND TYPE IN (N'U')) +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP DATETIME NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_CATEGORY]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER NOT NULL IDENTITY, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_RECEIPT_SP_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER NOT NULL IDENTITY, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER NOT NULL IDENTITY, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID), + FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID), + PRIMARY KEY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PURPOSE_CAT_ASSC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID), + FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID), + FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_SP_PURPOSE_PII_CAT_ASSOC]') AND TYPE IN (N'U')) +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID), + FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID), + FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +); + +IF NOT EXISTS ( SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[CM_CONSENT_RECEIPT_PROPERTY]') AND TYPE IN (N'U')) +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME), + FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql new file mode 100644 index 00000000..3c9166bd --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql.sql @@ -0,0 +1,121 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql new file mode 100644 index 00000000..3c9166bd --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/mysql5.7.sql @@ -0,0 +1,121 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +CREATE TABLE CM_PURPOSE ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER AUTO_INCREMENT, + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER AUTO_INCREMENT, + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + UNIQUE KEY (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER AUTO_INCREMENT, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + UNIQUE KEY (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + UNIQUE KEY (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + UNIQUE KEY (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + UNIQUE KEY (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql new file mode 100644 index 00000000..40cede58 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle.sql @@ -0,0 +1,177 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG + BEFORE INSERT + ON CM_PII_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + VERSION VARCHAR2(255) NOT NULL, + JURISDICTION VARCHAR2(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR2(255) NOT NULL, + LANGUAGE VARCHAR2(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR2(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR2(255) NOT NULL, + STATE VARCHAR2(255) NOT NULL, + PII_CONTROLLER VARCHAR2(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG + BEFORE INSERT + ON CM_PURPOSE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG + BEFORE INSERT + ON CM_PURPOSE_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER, + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + SP_NAME VARCHAR2(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG + BEFORE INSERT + ON CM_RECEIPT_SP_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR2(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR2(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR2(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG + BEFORE INSERT + ON CM_SP_PURPOSE_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID,PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + NAME VARCHAR2(255) NOT NULL, + VALUE VARCHAR2(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234') +/ +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234') +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql new file mode 100644 index 00000000..da8f5629 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/oracle_rac.sql @@ -0,0 +1,177 @@ +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PII_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PII_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PII_CATEGORY_TRIG + BEFORE INSERT + ON CM_PII_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PII_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + VERSION VARCHAR2(255) NOT NULL, + JURISDICTION VARCHAR2(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR2(255) NOT NULL, + LANGUAGE VARCHAR2(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR2(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT -1234, + POLICY_URL VARCHAR2(255) NOT NULL, + STATE VARCHAR2(255) NOT NULL, + PII_CONTROLLER VARCHAR2(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +) +/ +CREATE TABLE CM_PURPOSE ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_TRIG + BEFORE INSERT + ON CM_PURPOSE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER, + NAME VARCHAR2(255) NOT NULL, + DESCRIPTION VARCHAR2(1023), + TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT PURPOSE_CATEGORY_CONSTRAINT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_PURPOSE_CATEGORY_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_PURPOSE_CATEGORY_TRIG + BEFORE INSERT + ON CM_PURPOSE_CATEGORY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_PURPOSE_CATEGORY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER, + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + SP_NAME VARCHAR2(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT -1234, + CONSTRAINT RECEIPT_SP_ASSOC_CONSTRAINT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_RECEIPT_SP_ASSOC_TRIG + BEFORE INSERT + ON CM_RECEIPT_SP_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_RECEIPT_SP_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER, + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR2(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR2(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR2(255), + CONSTRAINT SP_PURPOSE_ASSOC UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_SEQ START WITH 1 INCREMENT BY 1 CACHE 20 ORDER +/ +CREATE OR REPLACE TRIGGER CM_SP_PURPOSE_ASSOC_TRIG + BEFORE INSERT + ON CM_SP_PURPOSE_ASSOC + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT CM_SP_PURPOSE_ASSOC_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT SP_PUS_PS_CAT_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +) +/ +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT PURPOSE_PII_CAT_ASSOC UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT SP_PURPOSE_PII_CATEGORY_ASSOC UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +) +/ +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR2(255) NOT NULL, + NAME VARCHAR2(255) NOT NULL, + VALUE VARCHAR2(1023) NOT NULL, + CONSTRAINT CONSENT_RECEIPT_PROPERTY UNIQUE (CONSENT_RECEIPT_ID, NAME) +) +/ +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID) +/ +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID) +/ +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID) +/ +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234') +/ +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234') +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql new file mode 100644 index 00000000..1d5d8cfa --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/consent/postgresql.sql @@ -0,0 +1,141 @@ +DROP TABLE IF EXISTS CM_PII_CATEGORY; +DROP SEQUENCE IF EXISTS CM_PII_CATEGORY_PK_SEQ; +CREATE SEQUENCE CM_PII_CATEGORY_PK_SEQ; +CREATE TABLE CM_PII_CATEGORY ( + ID INTEGER DEFAULT NEXTVAL('CM_PII_CATEGORY_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + DISPLAY_NAME VARCHAR(255), + IS_SENSITIVE INTEGER NOT NULL, + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PII_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_RECEIPT; +CREATE TABLE CM_RECEIPT ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + VERSION VARCHAR(255) NOT NULL, + JURISDICTION VARCHAR(255) NOT NULL, + CONSENT_TIMESTAMP TIMESTAMP NOT NULL, + COLLECTION_METHOD VARCHAR(255) NOT NULL, + LANGUAGE VARCHAR(255) NOT NULL, + PII_PRINCIPAL_ID VARCHAR(255) NOT NULL, + PRINCIPAL_TENANT_ID INTEGER DEFAULT '-1234', + POLICY_URL VARCHAR(255) NOT NULL, + STATE VARCHAR(255) NOT NULL, + PII_CONTROLLER VARCHAR(2048) NOT NULL, + PRIMARY KEY (CONSENT_RECEIPT_ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE; +DROP SEQUENCE IF EXISTS CM_PURPOSE_PK_SEQ; +CREATE SEQUENCE CM_PURPOSE_PK_SEQ; +CREATE TABLE CM_PURPOSE ( + ID INTEGER DEFAULT NEXTVAL('CM_PURPOSE_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE_CATEGORY; +DROP SEQUENCE IF EXISTS CM_PURPOSE_CATEGORY_PK_SEQ; +CREATE SEQUENCE CM_PURPOSE_CATEGORY_PK_SEQ; +CREATE TABLE CM_PURPOSE_CATEGORY ( + ID INTEGER DEFAULT NEXTVAL('CM_PURPOSE_CATEGORY_PK_SEQ'), + NAME VARCHAR(255) NOT NULL, + DESCRIPTION VARCHAR(1023), + TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_PURPOSE_CATEGORY_CNT UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_RECEIPT_SP_ASSOC; +DROP SEQUENCE IF EXISTS CM_RECEIPT_SP_ASSOC_PK_SEQ; +CREATE SEQUENCE CM_RECEIPT_SP_ASSOC_PK_SEQ; +CREATE TABLE CM_RECEIPT_SP_ASSOC ( + ID INTEGER DEFAULT NEXTVAL('CM_RECEIPT_SP_ASSOC_PK_SEQ'), + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + SP_NAME VARCHAR(255) NOT NULL, + SP_DISPLAY_NAME VARCHAR(255), + SP_DESCRIPTION VARCHAR(255), + SP_TENANT_ID INTEGER DEFAULT '-1234', + CONSTRAINT CM_RECEIPT_SP_ASSOC_CNT UNIQUE (CONSENT_RECEIPT_ID, SP_NAME, SP_TENANT_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_ASSOC; +DROP SEQUENCE IF EXISTS CM_SP_PURPOSE_ASSOC_PK_SEQ; +CREATE SEQUENCE CM_SP_PURPOSE_ASSOC_PK_SEQ; +CREATE TABLE CM_SP_PURPOSE_ASSOC ( + ID INTEGER DEFAULT NEXTVAL('CM_SP_PURPOSE_ASSOC_PK_SEQ'), + RECEIPT_SP_ASSOC INTEGER NOT NULL, + PURPOSE_ID INTEGER NOT NULL, + CONSENT_TYPE VARCHAR(255) NOT NULL, + IS_PRIMARY_PURPOSE INTEGER NOT NULL, + TERMINATION VARCHAR(255) NOT NULL, + THIRD_PARTY_DISCLOSURE INTEGER NOT NULL, + THIRD_PARTY_NAME VARCHAR(255), + CONSTRAINT CM_SP_PURPOSE_ASSOC_CNT UNIQUE (RECEIPT_SP_ASSOC, PURPOSE_ID), + PRIMARY KEY (ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_PURPOSE_CAT_ASSC; +CREATE TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PURPOSE_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_SP_PURPOSE_PURPOSE_CAT_ASSC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PURPOSE_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_PURPOSE_PII_CAT_ASSOC; +CREATE TABLE CM_PURPOSE_PII_CAT_ASSOC ( + PURPOSE_ID INTEGER NOT NULL, + CM_PII_CATEGORY_ID INTEGER NOT NULL, + CONSTRAINT CM_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (PURPOSE_ID, CM_PII_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_SP_PURPOSE_PII_CAT_ASSOC; +CREATE TABLE CM_SP_PURPOSE_PII_CAT_ASSOC ( + SP_PURPOSE_ASSOC_ID INTEGER NOT NULL, + PII_CATEGORY_ID INTEGER NOT NULL, + VALIDITY VARCHAR(1023), + CONSTRAINT CM_SP_PURPOSE_PII_CAT_ASSOC_CNT UNIQUE (SP_PURPOSE_ASSOC_ID, PII_CATEGORY_ID) +); + +DROP TABLE IF EXISTS CM_CONSENT_RECEIPT_PROPERTY; +CREATE TABLE CM_CONSENT_RECEIPT_PROPERTY ( + CONSENT_RECEIPT_ID VARCHAR(255) NOT NULL, + NAME VARCHAR(255) NOT NULL, + VALUE VARCHAR(1023) NOT NULL, + CONSTRAINT CM_CONSENT_RECEIPT_PROPERTY_CNT UNIQUE (CONSENT_RECEIPT_ID, NAME) +); + +ALTER TABLE CM_RECEIPT_SP_ASSOC + ADD CONSTRAINT CM_RECEIPT_SP_ASSOC_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk0 FOREIGN KEY (RECEIPT_SP_ASSOC) REFERENCES CM_RECEIPT_SP_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_ASSOC + ADD CONSTRAINT CM_SP_PURPOSE_ASSOC_fk1 FOREIGN KEY (PURPOSE_ID) REFERENCES CM_PURPOSE (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PURPOSE_CAT_ASSC + ADD CONSTRAINT CM_SP_P_P_CAT_ASSOC_fk1 FOREIGN KEY (PURPOSE_CATEGORY_ID) REFERENCES CM_PURPOSE_CATEGORY (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk0 FOREIGN KEY (SP_PURPOSE_ASSOC_ID) REFERENCES CM_SP_PURPOSE_ASSOC (ID); + +ALTER TABLE CM_SP_PURPOSE_PII_CAT_ASSOC + ADD CONSTRAINT CM_SP_P_PII_CAT_ASSOC_fk1 FOREIGN KEY (PII_CATEGORY_ID) REFERENCES CM_PII_CATEGORY (ID); + +ALTER TABLE CM_CONSENT_RECEIPT_PROPERTY + ADD CONSTRAINT CM_CONSENT_RECEIPT_PRT_fk0 FOREIGN KEY (CONSENT_RECEIPT_ID) REFERENCES CM_RECEIPT (CONSENT_RECEIPT_ID); + +INSERT INTO CM_PURPOSE (NAME, DESCRIPTION, TENANT_ID) values ('DEFAULT', 'For core functionalities of the product', '-1234'); + +INSERT INTO CM_PURPOSE_CATEGORY (NAME, DESCRIPTION, TENANT_ID) VALUES ('DEFAULT','For core functionalities of the product', '-1234'); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql new file mode 100644 index 00000000..b02cbfb6 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/db2.sql @@ -0,0 +1,159 @@ +BEGIN + DECLARE CONTINUE HANDLER FOR SQLSTATE '42704' + BEGIN END; + EXECUTE IMMEDIATE 'DROP INDEX IDX_AT'; +END +/ + +BEGIN + DECLARE CONTINUE HANDLER FOR SQLSTATE '42704' + BEGIN END; + EXECUTE IMMEDIATE 'DROP INDEX IDX_AUTHORIZATION_CODE'; +END +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN SET DATA TYPE VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN SET DATA TYPE VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE SET DATA TYPE VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET SET DATA TYPE VARCHAR(2048) +/ + +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID, SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +) +/ +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER SP_AUTH_SCRIPT_TRIG NO CASCADE + BEFORE INSERT + ON SP_AUTH_SCRIPT + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR SP_AUTH_SCRIPT_SEQ); + END +/ +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (JWT_ID)) +/ + + +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_PROPERTY_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_PROPERTY_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQUEST_OBJECT_REF_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_REFERENCE + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQUEST_OBJECT_REF_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL, + REQ_OBJECT_ID INTEGER , + CLAIM_ATTRIBUTE VARCHAR(255), + ESSENTIAL CHAR (1), + VALUE VARCHAR(255), + IS_USERINFO CHAR (1), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIMS_TRIG NO CASCADE + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_CLAIMS + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ); + END +/ + +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL, + REQ_OBJECT_CLAIMS_ID INTEGER, + CLAIM_VALUES VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES + REFERENCING NEW AS NEW + FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) = (NEXTVAL FOR IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ); + END +/ + +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER NOT NULL, + NAME VARCHAR(100) NOT NULL, + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER NOT NULL, + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID)) +/ +CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE TRIGGER IDN_CERTIFICATE_TRIGGER NO CASCADE BEFORE INSERT ON IDN_CERTIFICATE +REFERENCING NEW AS NEW FOR EACH ROW MODE DB2SQL + BEGIN ATOMIC + SET (NEW.ID) + = (NEXTVAL FOR IDN_CERTIFICATE_SEQUENCE); + END +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql new file mode 100644 index 00000000..5fd3342c --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/h2.sql @@ -0,0 +1,76 @@ +DROP INDEX IF EXISTS IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN; +DROP INDEX IF EXISTS IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +); +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED BOOLEAN DEFAULT FALSE, + PRIMARY KEY (ID)); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255), + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +); +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL BOOLEAN , + VALUE VARCHAR(255) , + IS_USERINFO BOOLEAN, + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +); \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql new file mode 100644 index 00000000..abd35f91 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mssql.sql @@ -0,0 +1,86 @@ +IF EXISTS (SELECT * FROM sys.indexes WHERE name='IDX_AT') begin DROP INDEX IDN_OAUTH2_ACCESS_TOKEN.IDX_AT; end; +IF EXISTS (SELECT * FROM sys.indexes WHERE name='IDX_AUTHORIZATION_CODE') begin DROP INDEX IDN_OAUTH2_AUTHORIZATION_CODE.IDX_AUTHORIZATION_CODE; end; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE VARCHAR(2048); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET VARCHAR(2048); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OAUTH2_SCOPE_VALIDATORS]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +); +IF NOT EXISTS(SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[SP_AUTH_SCRIPT]') AND TYPE IN (N'U')) +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER IDENTITY NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT VARBINARY(MAX) DEFAULT NULL, + IS_ENABLED BIT DEFAULT 'FALSE', + PRIMARY KEY (ID) +); +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_JTI]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME DATETIME NOT NULL, + TIME_CREATED DATETIME NOT NULL, + PRIMARY KEY (JWT_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_PROPERTY]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL IDENTITY, + TENANT_ID INTEGER , + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL , + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_REFERENCE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL IDENTITY, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE , + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID), + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJECT_CLAIMS]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL IDENTITY, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL BIT , + VALUE VARCHAR(255) , + IS_USERINFO BIT, + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_OIDC_REQ_OBJ_CLAIM_VALUES]') AND TYPE IN (N'U')) +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL IDENTITY, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +IF NOT EXISTS (SELECT * FROM SYS.OBJECTS WHERE OBJECT_ID = OBJECT_ID(N'[DBO].[IDN_CERTIFICATE]') AND TYPE IN (N'U')) +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER IDENTITY, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM VARBINARY(MAX), + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql new file mode 100644 index 00000000..b9dc92de --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql.sql @@ -0,0 +1,79 @@ +DROP INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN; +DROP INDEX IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE; +-- ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048); +-- ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048); + +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +)ENGINE INNODB; +CREATE TABLE IF NOT EXISTS SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED BOOLEAN DEFAULT FALSE, + PRIMARY KEY (ID)); + +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL DEFAULT 0 , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL BOOLEAN , + VALUE VARCHAR(255) , + IS_USERINFO BOOLEAN, + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +)ENGINE INNODB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql new file mode 100644 index 00000000..c5cc3323 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/mysql5.7.sql @@ -0,0 +1,77 @@ +DROP INDEX IDX_AT ON IDN_OAUTH2_ACCESS_TOKEN; +DROP INDEX IDX_AUTHORIZATION_CODE ON IDN_OAUTH2_AUTHORIZATION_CODE; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048); + +CREATE TABLE IF NOT EXISTS IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +)ENGINE INNODB; +CREATE TABLE IF NOT EXISTS SP_AUTH_SCRIPT ( + ID INTEGER AUTO_INCREMENT NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED BOOLEAN DEFAULT FALSE, + PRIMARY KEY (ID)); +CREATE TABLE IF NOT EXISTS IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL , + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP , + PRIMARY KEY (JWT_ID) +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL AUTO_INCREMENT, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL BOOLEAN , + VALUE VARCHAR(255) , + IS_USERINFO BOOLEAN, + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER NOT NULL AUTO_INCREMENT, + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +)ENGINE INNODB; + +CREATE TABLE IF NOT EXISTS IDN_CERTIFICATE ( + ID INTEGER NOT NULL AUTO_INCREMENT, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID) +)ENGINE INNODB; diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql new file mode 100644 index 00000000..4ab4c3e6 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/oracle.sql @@ -0,0 +1,174 @@ +DECLARE + COUNT_INDEXES INTEGER; + BEGIN + SELECT COUNT(*) INTO COUNT_INDEXES + FROM USER_INDEXES + WHERE INDEX_NAME = 'IDX_AT'; + + IF COUNT_INDEXES > 0 THEN + EXECUTE IMMEDIATE 'DROP INDEX IDX_AT'; + END IF; + END; + / + +DECLARE + COUNT_INDEXES INTEGER; + BEGIN + SELECT COUNT(*) INTO COUNT_INDEXES + FROM USER_INDEXES + WHERE INDEX_NAME = 'IDX_AUTHORIZATION_CODE'; + + IF COUNT_INDEXES > 0 THEN + EXECUTE IMMEDIATE 'DROP INDEX IDX_AUTHORIZATION_CODE'; + END IF; + END; +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify REFRESH_TOKEN VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN modify ACCESS_TOKEN VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE modify AUTHORIZATION_CODE VARCHAR(2048) +/ +ALTER TABLE IDN_OAUTH_CONSUMER_APPS modify CONSUMER_SECRET VARCHAR(2048) +/ +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +) +/ +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BLOB DEFAULT NULL, + IS_ENABLED CHAR(1) DEFAULT '0', + PRIMARY KEY (ID) +) +/ +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER SP_AUTH_SCRIPT_TRIG + BEFORE INSERT + ON SP_AUTH_SCRIPT + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT SP_AUTH_SCRIPT_SEQ.nextval + INTO :NEW.ID + FROM dual; + END; +/ +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + PRIMARY KEY (JWT_ID)) +/ + +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER NOT NULL, + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_PROPERTY_TRIG + BEFORE INSERT + ON IDN_OIDC_PROPERTY + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_PROPERTY_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER, + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_REF_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_REF_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_REFERENCE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJECT_REF_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER, + REQ_OBJECT_ID INTEGER , + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL CHAR (1), + VALUE VARCHAR(255), + IS_USERINFO CHAR (1), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLAIMS_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLAIMS_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJECT_CLAIMS + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLAIMS_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER, + REQ_OBJECT_CLAIMS_ID INTEGER, + CLAIM_VALUES VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE) +/ +CREATE SEQUENCE IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_OIDC_REQ_OBJ_CLM_VAL_TRIG + BEFORE INSERT + ON IDN_OIDC_REQ_OBJ_CLAIM_VALUES + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_OIDC_REQ_OBJ_CLM_VAL_SEQ.nextval INTO :NEW.ID FROM dual; + END; +/ + +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER, + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BLOB, + TENANT_ID INTEGER DEFAULT 0, + PRIMARY KEY(ID), + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID)) +/ +CREATE SEQUENCE IDN_CERTIFICATE_SEQUENCE START WITH 1 INCREMENT BY 1 NOCACHE +/ +CREATE OR REPLACE TRIGGER IDN_CERTIFICATE_TRIGGER + BEFORE INSERT + ON IDN_CERTIFICATE + REFERENCING NEW AS NEW + FOR EACH ROW + BEGIN + SELECT IDN_CERTIFICATE_SEQUENCE.nextval INTO :NEW.ID FROM dual; + END; +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql new file mode 100644 index 00000000..3d1c7507 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step1/identity/postgresql.sql @@ -0,0 +1,97 @@ +DROP INDEX IF EXISTS IDX_AT; +DROP INDEX IF EXISTS IDX_AUTHORIZATION_CODE; +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN REFRESH_TOKEN TYPE VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_ACCESS_TOKEN ALTER COLUMN ACCESS_TOKEN TYPE VARCHAR(2048); +ALTER TABLE IDN_OAUTH2_AUTHORIZATION_CODE ALTER COLUMN AUTHORIZATION_CODE TYPE VARCHAR(2048); +ALTER TABLE IDN_OAUTH_CONSUMER_APPS ALTER COLUMN CONSUMER_SECRET TYPE VARCHAR(2048); + +DROP TABLE IF EXISTS IDN_OAUTH2_SCOPE_VALIDATORS; +CREATE TABLE IDN_OAUTH2_SCOPE_VALIDATORS ( + APP_ID INTEGER NOT NULL, + SCOPE_VALIDATOR VARCHAR (128) NOT NULL, + PRIMARY KEY (APP_ID,SCOPE_VALIDATOR), + FOREIGN KEY (APP_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE +); +DROP TABLE IF EXISTS SP_AUTH_SCRIPT; +DROP SEQUENCE IF EXISTS SP_AUTH_SCRIPT_SEQ; +CREATE SEQUENCE SP_AUTH_SCRIPT_SEQ; +CREATE TABLE SP_AUTH_SCRIPT ( + ID INTEGER NOT NULL DEFAULT NEXTVAL('SP_AUTH_SCRIPT_SEQ'), + TENANT_ID INTEGER NOT NULL, + APP_ID INTEGER NOT NULL, + TYPE VARCHAR(255) NOT NULL, + CONTENT BYTEA DEFAULT NULL, + IS_ENABLED BOOLEAN DEFAULT FALSE, + PRIMARY KEY (ID) +); +DROP TABLE IF EXISTS IDN_OIDC_JTI; +CREATE TABLE IDN_OIDC_JTI ( + JWT_ID VARCHAR(255) NOT NULL, + EXP_TIME TIMESTAMP NOT NULL, + TIME_CREATED TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP, + PRIMARY KEY (JWT_ID) +); + +DROP TABLE IF EXISTS IDN_OIDC_PROPERTY; +DROP SEQUENCE IF EXISTS IDN_OIDC_PROPERTY_SEQ; +CREATE SEQUENCE IDN_OIDC_PROPERTY_SEQ; +CREATE TABLE IDN_OIDC_PROPERTY ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_PROPERTY_SEQ'), + TENANT_ID INTEGER, + CONSUMER_KEY VARCHAR(255) , + PROPERTY_KEY VARCHAR(255) NOT NULL, + PROPERTY_VALUE VARCHAR(2047) , + PRIMARY KEY (ID) , + FOREIGN KEY (CONSUMER_KEY) REFERENCES IDN_OAUTH_CONSUMER_APPS(CONSUMER_KEY) ON DELETE CASCADE +); +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_REFERENCE; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQUEST_OBJECT_REF_SEQ; +CREATE SEQUENCE IDN_OIDC_REQUEST_OBJECT_REF_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJECT_REFERENCE ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQUEST_OBJECT_REF_SEQ'), + CONSUMER_KEY_ID INTEGER , + CODE_ID VARCHAR(255) , + TOKEN_ID VARCHAR(255) , + SESSION_DATA_KEY VARCHAR(255), + PRIMARY KEY (ID), + FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE, + FOREIGN KEY (TOKEN_ID) REFERENCES IDN_OAUTH2_ACCESS_TOKEN(TOKEN_ID) ON DELETE CASCADE, + FOREIGN KEY (CODE_ID) REFERENCES IDN_OAUTH2_AUTHORIZATION_CODE(CODE_ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ; +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJECT_CLAIMS ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIMS_SEQ'), + REQ_OBJECT_ID INTEGER, + CLAIM_ATTRIBUTE VARCHAR(255) , + ESSENTIAL BOOLEAN , + VALUE VARCHAR(255) , + IS_USERINFO BOOLEAN, + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_ID) REFERENCES IDN_OIDC_REQ_OBJECT_REFERENCE (ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_OIDC_REQ_OBJ_CLAIM_VALUES; +DROP SEQUENCE IF EXISTS IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ; +CREATE SEQUENCE IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ; +CREATE TABLE IDN_OIDC_REQ_OBJ_CLAIM_VALUES ( + ID INTEGER DEFAULT NEXTVAL('IDN_OIDC_REQ_OBJECT_CLAIM_VALUES_SEQ'), + REQ_OBJECT_CLAIMS_ID INTEGER , + CLAIM_VALUES VARCHAR(255) , + PRIMARY KEY (ID), + FOREIGN KEY (REQ_OBJECT_CLAIMS_ID) REFERENCES IDN_OIDC_REQ_OBJECT_CLAIMS(ID) ON DELETE CASCADE +); + +DROP TABLE IF EXISTS IDN_CERTIFICATE; +DROP SEQUENCE IF EXISTS IDN_CERTIFICATE_PK_SEQ; +CREATE SEQUENCE IDN_CERTIFICATE_PK_SEQ; +CREATE TABLE IDN_CERTIFICATE ( + ID INTEGER DEFAULT NEXTVAL('IDN_CERTIFICATE_PK_SEQ'), + NAME VARCHAR(100), + CERTIFICATE_IN_PEM BYTEA, + TENANT_ID INTEGER DEFAULT 0, + CONSTRAINT CERTIFICATE_UNIQUE_KEY UNIQUE (NAME, TENANT_ID), + PRIMARY KEY (ID) +); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql new file mode 100644 index 00000000..0bd0bb88 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/db2.sql @@ -0,0 +1,4 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) +/ +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID) +/ diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql new file mode 100644 index 00000000..7f2f5cac --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/h2.sql @@ -0,0 +1,2 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql new file mode 100644 index 00000000..7f2f5cac --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mssql.sql @@ -0,0 +1,2 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql new file mode 100644 index 00000000..7f2f5cac --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql.sql @@ -0,0 +1,2 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql new file mode 100644 index 00000000..7f2f5cac --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/mysql5.7.sql @@ -0,0 +1,2 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql new file mode 100644 index 00000000..6f816a37 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/oracle.sql @@ -0,0 +1,4 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH) +/ +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID) +/ \ No newline at end of file diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql new file mode 100644 index 00000000..7f2f5cac --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/5.5.0/dbscripts/step2/identity/postgresql.sql @@ -0,0 +1,2 @@ +CREATE INDEX IDX_ATH ON IDN_OAUTH2_ACCESS_TOKEN(ACCESS_TOKEN_HASH); +CREATE INDEX IDX_AUTHORIZATION_CODE_HASH ON IDN_OAUTH2_AUTHORIZATION_CODE (AUTHORIZATION_CODE_HASH,CONSUMER_KEY_ID); diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml new file mode 100644 index 00000000..4dbeb167 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/migration-resources/migration-config.yaml @@ -0,0 +1,212 @@ +migrationEnable: "true" + +currentVersion: "5.3.0" +migrateVersion: "5.5.0" + +continueOnError: "true" +batchUpdate: "true" +ignoreForInactiveTenants: "true" + +migrateTenantRange: "false" +migrationStartingTenantID: "0" +migrationEndingTenantID: "0" + +versions: + - + version: "5.0.0-SP1" + migratorConfigs: + - + name: "SchemaMigrator" + order: 1 + parameters: + location: "step1" + schema: "identity" + - + version: "5.1.0" + migratorConfigs: + - + name: "IdentityDataCleaner" + order: 1 + parameters: + schema: "identity" + - + name: "SchemaMigrator" + order: 2 + parameters: + location: "step1" + schema: "identity" + - + name: "SchemaMigrator" + order: 3 + parameters: + location: "step1" + schema: "um" + - + name: "IdentityDataMigrator" + order: 4 + parameters: + schema: "identity" + - + name: "UMDataMigrator" + order: 5 + parameters: + schema: "um" + - + name: "RegistryDataMigrator" + order: 6 + parameters: + schema: "um" + + + - + version: "5.2.0" + migratorConfigs: + - + name: "SchemaMigrator" + order: 1 + parameters: + location: "step1" + schema: "identity" + - + name: "SchemaMigrator" + order: 2 + parameters: + location: "step1" + schema: "um" + + + - + version: "5.3.0" + migratorConfigs: + - + name: "SchemaMigrator" + order: 1 + parameters: + location: "step1" + schema: "identity" + - + name: "ClaimDataMigrator" + order: 2 + parameters: + schema: "um" + - + name: "PermissionDataMigrator" + order: 3 + parameters: + schema: "um" + - + name: "EmailTemplateDataMigrator" + order: 4 + parameters: + schema: "identity" + + - + name: "ChallengeQuestionDataMigrator" + order: 5 + parameters: + schema: "identity" + - + name: "ResidentIdpMetadataMigrator" + order: 6 + parameters: + schema: "identity" + - + name: "OIDCScopeDataMigrator" + order: 7 + parameters: + schema: "identity" + + + - + version: "5.4.0" + migratorConfigs: + - + name: "PermissionMigrator" + order: 1 + parameters: + schema: "um" + - + name: "SchemaMigrator" + order: 2 + parameters: + location: "step1" + schema: "identity" + - + name: "SchemaMigrator" + order: 3 + parameters: + location: "step1" + schema: "um" + - + name: "ClaimDataMigrator" + order: 4 + parameters: + schema: "um" + - + name: "OAuthDataMigrator" + order: 5 + parameters: + schema: "identity" + - + name: "SchemaMigrator" + order: 6 + parameters: + location: "step2" + schema: "identity" + + + - + version: "5.5.0" + migratorConfigs: + - + name: "SchemaMigrator" + order: 1 + parameters: + location: "step1" + schema: "identity" + - + name: "SchemaMigrator" + order: 2 + parameters: + location: "step1" + schema: "consent" + - + name: "OAuthDataMigrator" + order: 3 + parameters: + schema: "identity" + - + name: "BPSProfileDataMigrator" + order: 4 + parameters: + schema: "identity" + - + name: "UserStorePasswordMigrator" + order: 5 + parameters: + schema: "identity" + - + name: "SysLogPropertiesMigrator" + order: 6 + - + name: "SchemaMigrator" + order: 7 + parameters: + location: "step2" + schema: "identity" + - + name: "PolicySubscriberDataMigrator" + order: 8 + parameters: + schema: "identity" + - + name: "KeyStorePasswordMigrator" + order: 9 + parameters: + schema: "identity" + - + name: "SecurityPolicyPasswordMigrator" + order: 10 + parameters: + schema: "identity" + diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/identity-migration/org.wso2.carbon.is.migration-5.5.0.jar new file mode 100644 index 0000000000000000000000000000000000000000..7ae0b8c89445184f35737ba080dad6780d806a47 GIT binary patch literal 204005 zcmbrlbC592@+CaBZQHi>jBVStZQHhO+qP}bJY(*AclX=h-5c?3#Kv|+{m~tLvMM_x zPIgx1k(UAnK>>h(fB-;s6_)|{w+jUT1VBbqS&&vjR*YUoP*y@rR7sgmM(k%20H8)g z#_os>p$Gfk55e0CaUl`MrV;LCex@`8U4pHA>!yGLO3V<2Fx6bVvFGO%H!-prUXkd8 zC=BFr`e-_feJJ6t|I%B?amaU$v4`|h$qA7e*L!y83-4?cIMygVBjiCtU;EG7f`)sp zmk%gdmpk&N-Vpn#eN49BP6%}_+RNF|Vk88m?nV&HHo_K>03YGQME zR8b4rMy@fr6xP@K=l7x~ZRCw3A3qMmrv=6VEu1bSbC%uk*!!2S zi`Q#=Zxe5B!o3g0-uxa`+6mo}p$yOHXYjT|K0|=mZ z53Y{S1@C3_tr<9VP2Wrx>wLDQh>^)4pv;8DAZ>=B#B+Z#NExT*0z?rMopA;b00PEn z9YniM)fV$mS^&sd89l=Z2bX*t5>TvjMngswSMxjW*^h}8AW);d3JoB|x`wOsL7>Dk zo9^=_YcsctY14nZkO=~K0Y$1|X*_=xWv>|mz>1MSd9f!7FUzuF8M3AR z!-*pnuSLCh2@L%h?B&W*gDzwM5+|k<-~yGD$Qie0$R)@F_g-2vJQAxXh);xVi%n3{w%%PLmLkY#kGmuB8Ge!DiXRxqe^$l zB6A?{&CLvEKIA+?($8h}A}l7Zi&-@@aJM;7I2O(iQ^y_L1Tn$@Oqn;chDm1I*`*t()mm(xQX~BaG^K!rtaeKaUIQjJF!pW&Ok(HJfH@al7Cb&N z=qsZJDNI>jL*X;|F5p+MqGgO8YWLUCse&qc4c`)7EuKclo>)}McRQbOP~w&==V^D+ zF-_;1ORv$`Bg#i-*K)m{AQa1+JzC22m6tQZ@qpr;-Z0Z{lyX5_$q%OSI!^U2>G+=P zuPQ+@A2Y&d#zS||AOVLqLm~+#JKV|=R%O!7cQKJSpu|K>i|vF))|D`^@I4CCwoc!y z6?JCmxld`5dXJHBeYaG-&T0zJ72W{T(XWB0`7!f|R*Pk@~0(8mO4Wg4iQ0{02@}uS~#SsipDWLsLe&tZBV!SD8g|+UPv|40C=YF11}bnjSQP@sqiP&+Y8b zOXG_s)kAgEsb|iOXvynscgZw0c2|3w4l{tJloA2f#g??4ez zc~MyrQCVRLQKc1LE2k}v#J#`N>S}6j54Z828?u9yHMD(+>qg|e;~B>MGJ+^H3#V4% zlC4fIzu)ujLG%iZL|n|M86em(x1&`H=U|?^Q@$^Lb)LLeWTFbEXFo_N>^+#!jFi;F9@^_#-t>KvSt*Ie(`rnd{0njk?)V~>wl$7@1?EL|iDVp-*HTFLZT#Dy z?`?O~6h6i=Iedz|?UJ8%qLz-3uTW0Rap)D{&3foLisV*ZaKJN2fcS19&S=uKX_MEB_%DK!&Kr86bx zj2K)~L4y^K&-ZpHW^c%|x3Cb-434{*IXNWb*~bodG~sI4L|-_(B32u*c$-Kmkm8qukgRURC7}n5L4}W^`XX4SDX852WPAtV%Y_8J2 za}eTJ6$^5$(Zreox|;tYwbkgS=3muahgIbY8$(9CR1N9c_I9mNbt1ntlf?MT>7@arr2@hMzKwj9u-L z^;iDfF)1p5u!szi^hQ;vE7LRaJ5EwI^_!^Z7Fo!T10`#vNWI*Dm*Vwu_I2lt8ALWM zXC*);DrV3Uk%#l5#A`6Qw9Iv%yl7~}6R317CnbczbIgJiL4f^K7sM zs3ZnEJSVSAzdcY*;|!|Y0bSLjS@{=kP<11Xt|+104qswywF7J2$OetL48(}X(~NJ4}%1DtHs;?Lq%>UO5+VZbJHM!FJ2 z8_$J811im`|@FvA_?|;ijPlVwe!0&E<3VUe&1#0Jt8lNPV@Cj5+xk5@FT=69FehQO_37J+{ni{~62rXnQy-a1mM)>^{T?#fx&OQgkCBnh4@;0x;i# zD{k6_l&e%jGD&)#EV$IQ?g>AaugKK!ahpt_U{u4@Nu)8pfr-U*EmymOU+n{R%ypqu z(s?dd!+8H4THtcx%xg(8WSUiq9)ENdn*xow`dlfY_+^C2js|Mih{bzOyfM(&`0^*t zE)=lH%1_~~nP(e$9JTh$tE=VnYm}Y);pqDE_HlW+80GqKw#>q_v_&##~*o& zVCNk;)1UIN#g+hZ|y-M8li%ZmH;Ppoa@m@{lkP) zJj16()7U+z=x#-AIq9Fe*Na20@@Gdh5Qs>2go_y9E(rZ5(N$W3RC8A9M+ITx_%_ZonRV8 z`6;Iu;0NTdTTmJbY{H`9-b{pPo<5A2fJm=sj1GF8RLjg{`5qfx;0t{XHCqzb`TWw~ zKOUAskbASI!3C8$XeQv!^3=%=24^|k#!PQ5h#BGnQcc~o+Geez@|`XFm0hgk$Jch4 zey%bTLdu8^rm4mLasL0@s#kiAwp^TEu=JkG%wu2SGGtRlMM4+jck!B%HOpjer^vB zdv!A~$GBn9cmQH8-63{kaD+C9RzdnZK1d;yl|bWor#o3_?DZqP2pI@h9+!8BV<*lr z)AgAOq@|Lj0K@4fS7(c}5q@0=X`*wfz*5qGuNOjjZXQBe?#jC>gdnz|sk$z2s@af% ztNI+22ok`OZ9~SB>h{VDeckon@#~WKhm^KO-&7oFe3?;^Rc)>Yv7h$N3H^xe^f zeGioP@q3%W@4|_(t}lrue-hd%0f48N%p-l=xkLKwKEWQfMWFq*+!wtqu)^NM=;Re( z!+_l{;p3?411ot#M+1z?yyIB?%KX~j+uER0Bp$+9M0eyGmG*HG?4(045w7!rELBn4%~q;MDdKl7+|>L+ z?%@sZ9K5Qt#8K-Bzuz2K*e;!d!z0s>sJKSGicEeCoXsFNa8xCI(n90NcW7%>Te0YX zq8WKHM?3Z35X-gCogaO3c!?Eul&nK7m`@%Kts?mp2`XSKD!d6YSQ&Ni?t zqOj6E7wLMa<+Z{noN&zy%rA5X)PQN`kB6G78;4HaX;$J?ycxgVNGC#Jc4fYhAWK(~vc zO*W#Tq6R4;ettgSXCvO*sE0GTeWZf!k&3aLyg78_%P-~_^m?|Z#r3Yfm?aB%$91=5 z4V=hQuf}U|u=yYTKK}DQ$~&2bK*_8hXL5DqO4E$;&72}}-6+FX%VNT|G##HI_hPoA zkyXnYD-S_1H%7QG9{775p14TelN8<4$oSOUlh2Xw?iP)c7G^E{N zFP;)_NM98A3}AficNMB4@AWeCzBqcj%y~XjLESjCUbKbK;u=KQ`d%Rp|F^05zvyan zGiJ|iBM|WB32JBTAz&NYl6FYLNxI=oi%Y@59f&p=jC0^aZ3)GJ2<3JRb$FMnV00k4HW27U}Q>r`V=P$@J@ler~wj}=q z21JXfHJ-VunSJh6TXV|0m-f+S2Id*sF@Y8-eB%>!Vht=&FY=Zlmk!AKjAQBq>ut?s zAKmuXxC2hLAy)kN6{zGLo_LfXSG~RsbWw%sN)Kgrb{IS|lk^cYAL5`91hG})N$Hr! zrWAl-S%%9vLbp=TA@TTSR>1ns9v4b`CKwyj%k>@qqGrz$SJFbmim}p~CF~nmUF0sR zbEEUz31 z2fv+9Z`a#q&$OlRh=82hu6g`S7(MrDr>coV|0s3EAI|@uO#gsW-cCA1ztEW_%Y)@+ z&ejXIz1<{YiXtknhS5Z{PUgog$l?KB9zSmQWTB$tEo;xh*V)-jw^{{tDG)r^p8~I$ ze%7l1nb(IKQVys092H+-bzb2xfXGWQOFgASXr}GnL*YaRF6W5Df5V+ig zzd49Q%XB*jYEiP^iHk3r|Cy`7s%t`w1v^xnT^RfUe-EzqWnwQp@Z0uqaq<&#_>(%) z#nhKo4W78$x7D<+m-dSYs0zwnkaQ)L)S;=?PlAErYl&i`qcq6S7!Bn;RsZDaM@~E26^H)52kJ~OhrZC`%?y-0ydXN#`kgC{LbLvC z*LZ(1Y#&^_opfj43SBnvqFlvON2_gOMMbj=@}V1es-JI|}3l+UDq8YvH2 zUGeuRdDbW{dn}hrP(Ue^Dp5VIO4mR|b4|6jaTPHjBHn=>s?2~Bh#}mpIMP(?0$`r_ zi0U9Ee?A)IaZcnDQ}oixSBFEN{Cxsp(F%4V{R$Jll9b7W?r zQ+n^joY(dlW`+FEmoZtD@Qz-b-5ZO{aBo{Ih~$Gy&G0-FD`P5)7Y5 zCiM?hRPYkI?ybs^b3%dH{R3zSWQO_pl1%6L@)xi}85bH>n53JVC*{FSyA1<**&& z=cl{Q3}PE$DNSKb!$9n6r=Er}fdPLeuU%m)an`0hCyB}~>}FEAZzo!p25ymCd@QWu zsC3f+PsoFFEANe5fh zU+Kz!zz*yMdQ1tKxQSuYjr#H#Gqvl@x!x6MaB4dZgxaxcO+mKRLYfSC|8OafRpqDx_Jy73w$EzT$m;##y#p{mzJxVpZi z2SphJKyHT$^(D;~V-e!$sWP@%n4(WFFf?I26-}qWGuaxpDP_-+;fUeVNXSUAt?AR9 zWN2h)%W?(#O#@0yl?ucdWil zwUbDbD!!|X(Y13CCJ`76xAm6t!AajRJrU!}`WCCIpR{nnDIm-Tq3#hk8dE<>-?ub3 zA*h;P%TvUTsNgr>?B%Q-Lhen=XJ2k%f1MjWiH|Cj@F%q$l0nEgkI=*Sd#%VrAy^*n zzwB#uvbx~zkBNevm7I*niR>p&$Is8veFFa(VW#k!Y@8y7Q;45VnAu?@k;NkWNXZ?# zv>JnEuqIRK2Jx)F*F}cCJ~t>(#J_g##ymTBFt;Rh;F)=BuU7-z(ij3l2THuvhb_Tl zqU!nvKu*bmlF8ysvbKayyEM)X_sB@ukhaAwI1JDPupXA{F?;#lu|%IcB$~n}eW*Wa z<<=2$o_t*nN|#oxRNGx7Nl)*`>ks8P-bqT3y!v_SiI9LheC#t7h26iN$x%hwhBeS> zz?EyAda;fbimV~d75Tne0<_~8{-(hj`w`ln27wCO`X4l*46WE@7-RS!fJ*HZ5)V; z6vYakeFU6Mafb(2=>LMp-jMTK3Z$iydpXsDK7#K}iR3ofM+1g{NW!C!ir&F)7OB8T zeg-N%2+r$H)Og1^A#u7lMm(&WwT-?0D|hF$c)~KgizDibrs**)Z=f8uT19a7D%^(DI4cSY=hOIOfapOVhK56G?cq-&cnrz!$x(n^Rb{*ybqGQG z%)Ia`$Y86EX)1c}bbX?4gm?oF5(SwFSbE;pDBLjLCE(jMOFYNOYT{x9 zg**c8^HbTb6w8&HxiC%_ zdqh)puIq-JSUZY@dTaeusd_Nu`0RL(9F)2BKwN_g6J7Txr_VB~0oyH#uk$fwv*OuI z=AME|{2f3e+QCIEBGHl%;vSiQ3>lNAX3=4`l z>)XV4Nby{gg%Xwo!22!6!ok#6vb5egxS~pF^vslCi++$@{dsuQ4)_eFI@Rsv9sTg< z@cgskSu|T)y#lOW=O|*ZJRSUsg;fX`;JH4*=eIuL!3DJqHM_0`TynKfFS~l;)$wxQDZ;6?*Gs9h$1L?29_6qzT?6b%$NQR*LkR z-9?qx87N!-)|U#MFKp{1xOUAw7Q}b=HLLx@Gm@(WhDp+L-mE<|5PCq)SQkOu$W)G1 z;8%AjfyKEtw8H9oNs|ok9}1WJzd9CJHpm4}YFo7L5{t&cF&16Tu@mEvf_k(OMrTz& zJRc&jSaaW)vgoT5+j#_4V=!^7r4oNLPho0rX}5i)mo&{xfoXl5pUKfqbyzfYbRGmVN=%XdnV+@{qpfvd>?5 zoy3`pU$R6ul7Rq+%#(PW1svk_LQs|s==OnH715TP=zk8t0a*uMAOOCaz-3o(fIkLt&Y)CACv_)1^?n)e9l216M&wnyD&WBw(yt$?p7xeQ@ZMk9=Se)v%vO7%3 z8nm<-E$UXH)*jq)VHhw<+kPG7@q=0A3M3j-+ zeWV?r1b%zOe zv%2uo?t*zqhk!Y1nhAX-4P1yk6161thkJL3D$;03dSOd=Javha%i2TSYQ}7O$$z^; zRa{5_qQ}(6;m7+s>Xa8F#|=HpOetrxkKrV23-fN5Fb?o8*lvJkqc~gEhv*KI`0NL( zqaM(`Slo>S#~Jl;kvC!7l3xZTl&_uRM(f%VqEaQG`Sv=nhfHlM89ecgPy#e~t*|-{ z1T-wU);{8;ou(+eyYAMt>ZTP9;;uTpFU(S1M{un7J!E(gZCDA58Z%iTyBXUO-PXLl zZqL7>`D)e^#{k(F%W|;H@0Y!M^X-$$cawi1Q=ES~A|Ux!&0mewysDcQuFFkyh-|oO z2)G4KaU!1}Q5^I#6D4fahS8S;s6H^qC20ks@-G6DtT@c;EBun~G+F15Kx5Dku;wRl zd_c&J;@9>Dl4Kti?ES%ZBK6U`_LihW${9V?dVYG`jl~v3`n1IC6j4m<4zXQNwXkBus&mMP82GbzUD5O9}7$=4lM4fD=RxgOVc`)V_cD5 zc7%!bTeT>Lw475Rj`4MPzMBkXk!K&dYc#Pxb&gnLET)?(H~h0DaTAR>IR*Q2nsE2v zZ`UZ0?oU3G^vsbr%1xP_AXtpOgDh zK@6VvLo5a&%`W0tDBvfmQmWB&s@`V7PVUuV9UTOmiJ;=G#)-Sr$w>(|=xAL^K;&*C z2^^2zLulR9x>;RPaLi_v1XJQTyy9*}lo1$Q=p&480g9bQ8Zs0MF9n9T*-t*P3h<>R z*N_9q?wb?BCTH42{!vK`A?&umL51771ULoav=v3INd1_VA}N(pbTZCI&zJBX(O5D- zr#wgB&ae9;E}7WDKAwsNr+8OldY2h}sQ|&ySkjjOidFuuu-UI}NkbBkZ@fwqPmRQ& zwY+8FtCKcWc$0e_s|1b^C4~u~yXUcu-Bh#5_v#*&)23KbhXCKNbDsh)eGx2njFA1p z{R5W0M&(;^!J8AHd0Z(l!_YulXu!jez!$~*ecY%6tTN-86C14@X^zd8K?F{&)G>}f z7H~VpU614cJb6Um>`WaqBqFl&eSyiPEs|WIEqXSyr(KFd*?)_Zf@&56XnR^wdqo0s2Zk}Gn5Kh%#e?%x(NT%N>A&($MrVIs7nvDzgH{xa5A-3wvYFhd2 z7num?K@BjTKz5c+-|bk=Iy7+@(h}%;EJ%X#csi;-Ft-8OgEnI|GqhVP(9`*ldWCzE zig@#Vj_pCF;AS}C$->v`l8a_)-imp>Gw6S9sKi8+twXAfC3oHLrao|I-r9TMo!mQU zWjB?^GE(pR;C~8gnGw#sSh2sBw(*qECUdesD`M~BQ`Az}OEiAz^0IU(TR2q;>j^V1D$af5RPqrHSZQ@lyhjD1{IDb0kW{H5*vdCt6GIwaZ zxyAn+8iPc1wt4SS?%K8}@pUYi36GxZEGq7KN_g+&U+d;Bwk0xNG-*i3IR=LLsdV2w ziqCnjX8s9Jji!9Z1`*x?ZftdNr-8m#L<{5(iD2`ik`g%a zq~tx!Ub6Hgn_4{>LA~iq<$oAh*hzxV)(N#?vv*hA_+dYmx9jgZi=R`{I}igr-H^<( z8SqoP+H3LgMC4j-KB*%F$v7)fZXk@+*mXVCoyljkbDJ?~Xw4fU5G;ukqK|1=<@zfL z2Mr~@7Ckv2ZuBz#_Ym~m3)AZrRqedxV#HBBlUSeGt6x}}~v?onzUFw(y_(#uQo@n}CvI+&U~n5H)Prz#s;Fw1v{izL z{AX7TG&?D)>7$42@0I|-N$y4qj`7(t>`CSWsO}y#pBg(cC3f-rg(-%6is6=cvsKFd zBIwN4c7yBT?dD>QR*x zXRC>Uy1bKSFJ=5s?49rKrerPbX9%m#+H+m13*e(LG+j@6qZEQk83*5%BlLYf1^KaP zPd(g2wu>$G=?v;!l))>^56Bf=#HM{T>S@~goXcoiMZL;{9w)LZ6)Pklqb>tb zcXn!@wMiArn#UZ#{bJOoLF0Ux zKxcvO0S(z4z{wdR^1O8w)@ND}eSl++M>SJjoVO{^&aSO-X| zi_n%N$^aU0mWdwKwm}ay8Gjf$(S)E*|7Ll2HaV)zy- z9JPdNofEw@yls1t7y7M6a)+gkoU$}szrjS;wA&ObH?75{_iMu-M2R$=K;^&9%LmN6 zpu3)7Y7!REuK^wA&{Zc9d6krbW~308%@}5CmW;m4fy$_rtg?`Y?&@>3K6G4igwN`w z{A5P2K7xinXwtx9Y&r1HM5rT}Pn23i!C_zFtFpg_LvgeQvNWqi6`Xs$IUPB?NM_iX;fVBTA!wLwh+tAaNuiE$4y*R9 zZ(1@#=bUVa;1ga+C4t%QfwH5DUB=>~P4+~nc&?;Spm+^iZLOMgG3@Ox$rAI+YF){} z5XWBsDG@X|*pN`EbKYXEW-tJP!&+hOzup!iNp2`M_-1;B+%0&A>+O3|7Z<|hVvp{=sA1jk9eOSzN_>5wGN zeshKFTQ56s5ROZwjD4n|IK6+$Fg(XzuCbXyOe*EUl{rP-ZfkVGa8bwLQoY~K5bid9 zm$r0N_23Cpwj`mh+rZ{1-Q+y{*oW@kpb_>Jb#h%UJei`H;<&AERawu(ijn5rq{x1~ zaxNtEQpAQk3vgF{A%W*1GU!SD6A2J=>e34}xc-p+ikocV=_?ob*uisybX%&fGGkT$ z22ny`-ZlU!*?Fm@5#}6+O%LeK>V#$g=Q|$J@Weq}HGj3ZBo7!^Zw5c;D!ir6 zCK^gK5?u#2eDl$Yap3-BFDeaoF7U)s4H0IZFh|CL=cALH!)OSw}GMU8(vq1MIRmH7LE z|F3?#0tW)#*`-`Bcz$5JH= zu+khB3+%IqhU3s0VGEHCTe74u(t3h6u=;U2g2?Y@-n5>8Vq>=tRhd#&iR+D~v&Wpf z>=EdPjy_TPsT`y`mkO>jU7o+k{K+nx&WBg;S3+Mhu0_q@56@R?dpsTH>@eS1YIQH4 z-`b08PDX8YSi6%wo&nHzb$7m+Q6ra<-8~vQw0CLjRW0srPUL*mbNp4c&NhKgP{W147=tuj3bp>m1>|nugt1X}iYoPG4 z6g&Hu_S=lq1{xQeYc9G;e)HF_48|PYhdSKNXf77wTG7p3OzP&wz>UW+-IrB)69mR)!l_-w8t z+2}BN!773*);6CH-ac~e{3Fp)JCNDaNE+Gu_VRp3Z@~?GYA^&Yc(e~z&-DSYZJYv) zBzP?5q93dnL`}ZP%$qdj$95#G-LLtTmZNj38}>U-2H%OLkc#Tz?GAW}*t`OV3fQA{ zg9FMlf=Le8aYC}ZTCW93330K4_eaxCrKURM+_}oZ?Y@Zlxqj^4v6+yg1n4Skn^;g6hF?DTtM1vg`H8!|L;=%#+xiEzz`nBc z8tx0X-N>4P-_lC+tzmltt{DyzNMV7~TQStX&<^Xj0Zp;qLtLAYH$Tn6Sz0_x*GLFc zaTebRIsw4Uzm6Pyb^%)UqyPLy9`4Mxii&o`{`{|zAIr-UB*pcC)MC0l1Tk%i|Lq{7 zAyECrSA(VoU_6ib&bSQnBmYnd&;kl@eKKFN@o*06-2ae=L9uiSAaTMgsr6}=WR!YoI~VY-?2j*$IAGb8q$m2}hWGAghRmKj z@$Nb-)fUCEFXf(Q6iRb+F0ra=OSpLO9df2^utLzI;-s2R7}+%dk=9gF)Ci)ggoSc) z$pV+;ilntYqU293zty8LP6Q>kEqbhZa_#aG1$Y#;2gniolML~A<8`)XC|^IxcOt1s zK!v^jRT+O9c3S{$9(Ryk!3ELGBu_q6bK=1VWKG0w>663{zdSwNHqtdU4ix|5X4C^z)DyYl_$xv^5tIzR_7NJ$hgda#(epNnG z>IAD3F?uG93=u(7n`UhLZAWM26N|Cb`^Ba4xM24RmWna`;0q05oHF!RHC_+_iL7rxHlIb*YW;2#oTTG@VJ|W zQbX`bYm{MRc`;FOILWimViM=eHpIiS0UIgcms7`>V0I~fu)?~t!#eRQ`>nQzw*ZZZ z=kbx1vC9opGN~q<6jWu21Wa*)VE@_S!*Fx}&R`{=p{o^uRLBGH`88#)80{kF9jV9e zAmpR5w0_TPG;DIG_!)b54K2_-7KAQvC8GE|Wv9L0gV2JlK-736-q8ohMN*EtG1zKQ zYN7m>m|%gpJ^xv4OI)9$2+`fP6Bd3$#)Ok3+__|@K{VHSd}i<+Nsygi;5+SprWN>f z{dq^20HT1vSnNWng})licYr$J2HfxY;U}OW<#B8-F+A{*{+0l~?|y&^(YWi3h~PX5 zFV*q-WZ5t>{d`belf8EJJ1n>yIn~kYCo0s~6$86p)~+1&M356T*bYrW*DkV}G8-CN z0(tWb6u6dpxo_yVNSpdglzNDOKmG|Ks&Z4Y=)u4aVOLeO<#Qx{^ntnK;i7Vo|>qkd#0frAJB=FesGF#e7PG#fVSR z={*8e99;TQMDIe>6X+0Hp?YBk&}*O<>*cC3pn5Z+xKrdpPn%t+;UPC-6(H>8!EKob ziptcP0)E*Wh~&0R=?>%wG!irknZ%)LR4HE^ZLrQG+IzvTJ&`Z3 zL%NTXVi7E~meE&^e1W$s55gfdIiF*82!C>LlofqAZb^E}n6O^9jlCZC$rLQEi|YN( z3SvhP0$&8(Fvz!gJFUHf+c6d?khNZEF@+nlFJ?_zn^b^F)DhjCRtJ^b0I+cJ>9#m* z(}4>6VWd_X?iX|jXjGv*loApkp%w^BviPy%2xiZnU@G3y(y@!o;sqyFLLq3CF?q-` zlbC1WD(oL5WTl>$%~wbRRiFCozUEh&R%X5*Z=PWi?;Hrcj5gnS;~mXDk2g{T`!l3D z8))9Ckx@0}Ao-F}pVKMNmo=J*C?vA~ni}$yBQo6!o+(@2!1v9Hw#y5dNgg6J-&>)ysrGJPIJI{hUbDC!$ZjeXHod3jiGYHo!GoAgC zIS$ae;5ZJ#BVw%^moL41+a?<3k~aO@U_D+r=%;n<_82~046@P_(o2F2)!GaE=h&>! z7itV!rKHo+8rUXBL>d6?_BW6_jxh!XClo_Jv}rfvl$Wi%mMY?aHP!wkb4>n5jz$&hhFC!u1_T&cLZqC$g*XCd-< zsUuyI1io#y)I%a5X{%BKHMSbtY(k`jF_z3IW4!{$1qeCJTWTh@4{~3ZwLyR#9iOYb zFgCjs&!9-r=u--*2|AHuj{~P^+&VoarXd$chqN?~8xP(w{nF;~;;-LQrbnizr77SL zQF^E9!Artg-L!wy;SKCcTFgNy%#y3r4Q?u;;!KP@Ty`aj9*6;!G2H_;W7j?)r8;A) zh}QW9#XUTqa5=G3T;()Du0K20aAi%icb)UL*ISoAKOhPi&>;dEGoB8n&};yun=5f} z=qtLVwB8_VsI`MF8YZl4PqI&cM(-~K*E_~(nD9JUjBs%=+e+o0*o|FWeLnX+WU8|x zC5rFT;WLXRuqxQD!XRJ|wc%1g(q_`T^?2z%yB_RpGC=Ec-r1ofw`I=#Vk;VcfM1{v z93y05Wfm}d{j!HqREoZTxA=@yW+3W>0pF{R;xmxTNWp+ZR3?AS(Nu&Jy+bW%Jik`; zh$AmDKh5ft3&ZW$$#)z({_V)v$j*+TOJBEcR94rQ=Fe%4dbKZ_pI&XP|E+m1pzrWS zxfJ<}oAnT#Flq7#=r>_SMK{1@r)%xMXajWZkvA|88xi)--pY%*8t z1kB}6Zc1sxyXch#^HjrY8mBiL*@);}%l3IF-CUZw2k3mBEdj4OnD@$jJ+gDKEH`#b za25?jJ|RA)v*nh#zFtWu&7qAOBj(BI#GKjDcVGn2>=Skmq0pa68wWhZJKDii;NF1! zbJs6#Uj|RvNpLumz$q*l?9T{*4%Jpi?wo_8%X>)yPtN{lsJqpsEi-Wnf>!Soe~?hK zPItny5U}9U4D9omBg-kbQ}q#}no+HzBeAq4=IT*U!9%OjUg9hv& zz%JI(%`37zT;IS#>kr+-WCYHE@W?eq_M#I@k}S__q>ch2_fr{!ZqWYynVSJ@YVd#{ zhj5T@cZ4&OVS~Z{acoz?m+T?uqJDjy~A_I^6|dmP~0kS?pG37 z5R97G1l3jPY0R@eM9*Q=M$cJl;Sui%3k+Wz2*fl%L zxMCx5w)LSE5Z3-;1+WZITu4ci?-Y`V$R!ohz5r~tEOa!}5-Jd^Eksi0{IOcH$;iV2CKFbRouPtPh+67+INhHRjC@IM{jF)kZ{7kmk({B2@vjiUq^pjcY9!0Jju69Iou+4o_-4*@P_;t{f?QB} z_t7ZpNk>;J{TlYxE09_w_;yDJ>T^{mmT29(k=#* zYfzKE>-~|YCocoRgL`+>b28Xtg)>)77}k6OXIIUMv1oEg5B~P4@+IUMl>4Wxx^MA_ zPrS0)EHhLtp$~zI?mpmc_T=Q1g6N4D0z|v_>y2mLednDmIiFEXxtN2<<=a$viHQ?) zBSauo7~*xV$MFNN{nOIt8%ep8RBv!T?-1`NhZ!X)W?6R6eo!jtE1(SH?N_`H_<^jc zCMB~RAu!t)18c4oj z;ohr%km{_!%lUnah;lPGZor!xSvMKwZ-30*@eItOP?Q~-_abj%(ku+61?-3amk;5l zAP`~ytT6AN@n72w|0y>9-+Zt!a5b@||38WR{u7S<@1Nj*!0jB(=-iy_nCL8={;y1N z{GUzzFSAAlj)r!&|5&H9u`qKqaJI1fzgx1{|HC}?b~beOj&}AYj?NY)PBO7mP(cg` z0C(?^pm$M{Ac#EZ@Fig{;D*{upk0tw*GG3*yPi1#29?N=6;sXqUjgNSI*vcG?Te#! z+3*@{l3R%C(k`(;=y?UV1r0$r;9G;vJ%U>7Jsyd-I40NiLz^Hme=<`a)VyyRM0aDB zrmOzG<9n4kB^y2r6nG~Gz61R$%yXE>5uQ0#6{O_7_{{Kg(-EFK_)NPcu zI1qkv^%~MHz|Rpl?boufEf*yMW=&$jLi-)Q%f}-X8c5X=C75z{?fO!#yZiR70t)cN z?=Kf_o9Gi&gYU#FfL^t+3yu|h@>s6=NtF`f9~8bnE`^WcKDtzCze*O$0l%QfsIaXN z_cYfHy6oq-e|_L>Jys5-q5A1<*a}da^JNSEYD)0GRxkRhLQQ`(Eqd5*KL@+QQ zK!Wob@-z{UFr=79~{KzUukrdaY|z9~~F_(&njIf#YY1$mIjbCcfYar#x5-SEIA z0@(yM%|2MPxorxZE_tjm9gO;)>NyrH-2Gsfhc08>5FZ4?30mYgoN}0^6!9$&8gjk# zmj~b~&h+GpV^oRqw?Q{#A&dY_12cFk3-#;-$=1Q$ZS~07%~^F^Xn%Y7`hc?EOij7I zRyu74{gvY2yUTU1x{sg$WC4Z}0;@tp_O%N9LPPRA$Mna{lG~p{4dk2aLpc2oB zW@bcy=}B^sHG*pxOiVgQG1e{{Z2!V4#_-^c5DzI?ol@0yD#e1OnUJoU%hu=zN>)t)6kI{Y%a$F}Gkd>J1~KvZg`U)JNj&EMFD|9N*`9g3i|fv~8qLd!N8E_fJZ z9^t8i8r4TOG%gfczvl?NdseMEjij7rXj^Qxl;<<3R>^fKM3bdiO=2)$K%CWA)?&<` zE|eE37hHE3s$<@vP!1iyF=ngNeyL$UhP4PCICcS>=MfCMdk1Z4qZJA~Bv+ywkPjUg zv_BAHcqnj}Q5jBh{BG?YGN>o0qUC0ANm1BQL*gZ?2ycn|ti;A(a{XgOQ>=%>`yxds^DfRol9c*SebRGQanjfCB z%``72Mb1>kGH%YYHkm43osO@Rh1{0(VAV($t3za@c3KasW;^oO!bp@X3kTCY^RZyj zZEwJ-a+vhp;XM^PpK)eB=vdX12Nd`ElB22<51s5=`hq5l(oHv>W!L$sNBokefQXc` zjioS^kNC3?*Xd?9ZhkGBllLf(@>mYtsN{37Gc_){!YUQ-*qo&22=t`^(ueKbX(Z&X zelA&%@Dr+wO~}bhD*3Zo$i9f{zmfKiQIdE``f!)gW!tvRF59+kv&*(^+cvvwyRy(_ zb*W2l_0H_h?C8bbQLa`A*?}WH&hw6Ro%WOdHj&Rw`L8EIuR`lYX=isdrpP^4ryM8-w|HoOE8*U z^Pc;v$D1BZs8t2&2_T5a!#d_dd7I5D$JSCR?yD~W#&%f`s5vP*n-W^JJt^##On_Hf zm}NnHWo^MdkO;b_HaAv}y;>)&xXU$Hiy@tnjzQWrMbG5u;A|G9byc%sX&O`VrH!@k z>$*NVI7IH$#A`azlAv?SBd=OMwHe{J3Hz72=?QIwH5r=z-o0av4$^dCs466-7)tAG_;psR(4)-E&4L8h}-a-C&T45u4`M1w``5d%=_OySE zh=1ng<&?xE{$qQ`|0R?n{qsQ^6K4Zw4||h;89`D0GI5XhKT7ydQFNa^JUYHxc8~#K z^pPjn1WZLapD6Jfe6x_->V3zAqC~UzO9vm2mJZ1!bVd6yfG}qzVV;xFr-^jR$`c z%Sipi2wKpwbZYcVRzndEoC7^AWr}qEj*{2Iy^Jx&HAV5eScUxX*8l(l3vHVPXeXuo zSpPmz+a&n+qnyeE*dI-GpO2~oJ}+Y*=wE3H<)5$1$;gq`-rB{?;$MS_zg{{1|3k*7 zI15`-yZ^XzMH#t42AJ+EHR1L|23d288IWfPK#Toa})i&!i>4$LaqN=;yd^^3o09&cmbSp)oD)nKh?u z5qRd{mL{*VtWPOmuX!o8nnQX}>V*IxX-gpB__;$cSRr5>FI5dSV$tG9y@`|?#Wlq1 z3s$DqyS64VMLk;L90A%an@#cO@(l0~WNh37zU}t~_k$RhtI-_hW;L1E#dbE=5t96% ztmprDC6#S{yOxC!z%(j5)ZCH;>K{Q9Qk!U98O`)+x1qxJi2(XG7I05!*HEn4lbXP$ z84D;gyp$I?{Y6>LSq%}wSfc@@iz>#ZhhqDwj&)76Q^8MlXtIF)QODz?l2MG?IM(`T z9s_kOZu)?3vdfPm%k94X#jF3fi~pGIrAr5_&*)|(PChNc?7Kz5D6lzMKgqDN`iP)lGRguz6i3XF{I%X-YYPEi<(l9hFVF8hd zGVzF}XfQ1WEfJKP0T2}Wu3@bTk=I`K#>}mAGL%KVOpnpW?kk_i$8MirJGpN-ej)|i zvB_=QvCx|Y{Osd1UM!m|!2mCpO>O_jy*Edv(9L#{L5PC@2v@@u6kpqWz$brtfR7}# zbz%+I(X}+oM}1K2wQTsFi;rrw^WfO%)~OZWWL3xit3zx|?27|E-`*(sO*!;tsGQoa zZ`6-NJXrXjPf^DEf>3Lf2DveBj=U9nja+czRiOvR2DrHk4)UXf{Cu%u&fbDCdW$!t zu%WCtb2lcqdN%-R9!>w+eMVfpg&P-6AMHW*SM$+(RCnN=#cNvJo#ks>+?`||KFaX# zwZJ>0@UKsVIrBG7A^6Yr+EfOdzEuEBT>cwC=~H@0?$@UmnbC8Z5+y__eNXp7kK%St zV?D&Lv}2d8P#7mq2{>J+;!FlwP~>j4EGalBkRgfX{c)Vuq9IlCB$%( z$sr^vJt$RW4JZst*hrA`%WxyaAe2gw4-LnjkV%w!I5NVxF1p$b zwl#tD%o=jFrN4?HtIBcp^h@5SV;gQl1tlUfw=7GG9IkJmymsbYPy3FexU|IGBpvG5 z1$Qu8JC76u(Qo0@ha4vGJZ0sV(aNu#rNvKlP8o<~^NEF`lwmYw)dXFnL6zqO!`|uk zL?x5NR{~-}#w?1m&1n{;mPV&qJdoEKHdP^kqetbUd=rv0f!Wz8_Vd#uDj&EgvE24w zfP>qBS?ArU6-`M@51}~*hm%=6)qT^$D_DC$D=7=ST7uyTss zCb&C!u#dMZw91v4mTVTjm&S0K#bTz~;ySR!f{6}9Nr@ey#x$?(-IK#>QF2>ys}fnU z149%9N*SqY?e@jVc!$q)!I|ttbkz z>ToitOxDT{-m?@&$)ui2q6Mj|?nCcFfFFjyWyee6cTeJSg1dXbw|Ghp(Nju{Bxa>61l@v4-`_SG6|#fzMC)rtK)2QgnhM?2)n&hQ?FI6^&k6iJjN;y4SMI6NUq#(! zmp%;ZXL4ijxCXxJ!qTXih!_{vS!xSp%p9EPg+9>Q~vBwNs@`YF6AO{sHFe^W7OfbD84MnM)d zdIpP!&0HP2dXm+UIE{tW3#X7O;y}Fh>O#UdbdG%S0R)bn;rsDZV zZMpcA22KlW<#FVM9jQ2L(u7T@$;;Oa>IhJG+q|ZWX6PI(lW{zKhd3YP9{>F zooi@*IEIv=D1nJGJ+q_*BK@)tu#J)M(xkjLiO8CBnK*K%;Sf;O3h+^lSc?|pNk9BV z6K27R2Oe?5X^u8f86Y6aVho1GIEijBMaYtz!iOTjF1B=s(M-9TY>kbmnujGXPGmE@ zR3uD9ZjR*0cnuVAoYVGJ;@PV0MjXkT;(X`UqAGz&Nox)?BbYsgSj=sN6~fJZAe?ho z$>IAN`bgcc_={M$IF8ULR_U@_CTol3auqWOKs@C3in`UeSv%C}RY)Nmf{S$^6w7p7 z4QW(42$i31br~c`(%T8tAFs;5wpOMN5{jj5?FE zL()Qv;mE8G352p}ji9nR3)S}BM2WStd6sNHX4`Aq_OT3G7M;#+JR`)2$d5F($Wqt? zbEs>`WEq9!CkpP~&8>&FKou4kYSsBG-Dow|7gm;9V@Ov!h-^mAp)O78 zsWld4BC@GHJw1Y+j;`yHf1;=H8>s0N$(Un@=H~N5^<0uLQ&rQtE@?jY$6F0zVp@!{ zE=Q%_j3@qX5PHKVqBIRQmIP~#8kBXLDouY(i_i4Y3MrrPfE5WxSFs;08i|-ESCqca zui3U9xkd`{dYW27;q?j!xvFMmq zv_kKlL6?CcImv5i(gNftJKqlnN>}Yum2{NKCb_GZ{I|=tO=f5@@lhy|qN5jq@(39@H~ELz&8LZ^TP;wIniy zqLwkYY8d&+4TW&xz@p+2z{?=tuw*r~x=KQ%wL{qB;OK|2QMt)JD&%j8 z;BP!y1bvBo=PyDJ>)mq<5z5v;J`k1h1cp0&81VdZ&t8)A5>m?#pxO`)e-d<)M%Ypc zqlUxi$B8E_LTV%rEwf*U9O6kIy3vg$V>5+ zK$xBnOA{?!42Qqi&kMR#8=JGS_|g+G>y!;UW`#t~g)yisMBmjDRiZco%D+vAAdrrh zG?-i1$iT8Wo&r?Ukq#W?;=FhSRasFb6(|O7uK61|KDx__@WFlxmCi=$ir{Ms=*|$8 z8okzz-}Xklj*dLRE2|w}>k)mwvbWJxoss&Ji||csvgy8n%XG<4{#^cQo zt9AgkE&N4pPvbQMke$UFE4l{&^sehf65Qk*!-*--XNW+S-j&POE^7_DI>4@=+qWbh zUm`t*Bii|dU1x8`1Bmw-Z#W*|9b72@SBBl=35bp+jPbDgWQ`-%znz$g9f3wgoDW?c zxBaOp!`M zyPzKTr&c4Y-68Gz3*D*lj-O<5yrHj#m{(lyd?c>BaF$M?tHD}BIzc-^Pd-7h2tA?Kp-}um+53nCaL5lB z2C>KwpaybI?=YlE?far7KN%{QOvKAb$jl_Bv(C4t7CW<^Da=f-%)w(DJiL;IhN;QF zr+4dUbn&irlk@QCkYUk_C5PcJz^S=&o(85l!CYV|Dsi!_@?vFa+9mkGOdly!EHaym&F~ijO5HNwb+7JFg;T+omw`9ce)Q_IrBQm zktlwA(|^V7=ZY3~r!|3fHg3$;bfmn@F)wAYtlJN#{dkA|0{ zK=KvtT)0$ChHenX_o^5pSAYKlrE=V-DvG#l5U&Lio~h%Z(I3NP;Tj?Gaj+^rbd|!} z|K>>qt($&M3Jze2lYjL+-MLqGTyL0;CuHNAb#ux+9*<2RQKeqh#*if?E`gi+@LAOQ zXi|*IsV?|NRTQtrY|@4_H}WTx-CkADWA^as#yE0oe1en-I%juOJjLN!_CkZS*c#)a zmHP`L%dHnmZ9dqJLb}>zi^=5ZhEzA56@NreX( z*nV|qiF66|ui7ns$7ZzO(O4m00~DTU%zD4E zGHbvRd!zYEP4X9jeJ6U~@z|%g-g%EGp0uyLh9}*&%&8b#uMajWzLyL)D(hy-DN}s7 zp|nA#q*X~t?XJI`mRwpa_ysn(RHrl8NmslTldoyyiK~<{Eu3i)e@rEI-ThGHN7yf4gbDt+9P-!1lI`Cm zmNNg@LKCvK_^gmf*w|bDEw$`cv$0oJ!}OK?^lYy5NhP3?);IEz5|Cp=^5)3WUo9x= zGh-7FXhbHqI>|fHZ7;XBz1Z7ZeqW`Rs*7#?>|2; zUO#&I`s@ z-=Es9f-!w5IdlmV@4xB*-$UTegm;Y1&2v%3{k*x8-0i6Xl>6Vh%YqTBP9I7LEw|FT zEkfgT*W!^C6d*&NhYw4KyyryOfN}0ja2S|wQi7@;*e~$+o;u(jiueFXQv+aGi_aZ} zlcJHSAfG+_WeFO&_J2Zy+k{?t8Nu0XH*;A9(<~s%9c*+dJ}K->RSN9ZH)?f+ z%zM+oRU_EjN7J2?J$Y6bgP5F#z?_#POJS zF5yVRz8vmePL=NNG4tkhgrS4seBbeXUKm2O1lcMlgA< zgf3xU7l&r9L&9^7Qp5Fj6A)tGW7WGItY-1as^yP-VqNRO$Ab%+wAovj<>`}E%4lns zGo3M6IZuQ|dU3`ISOs&(8%j$g$Cr&|F%t5HVo+4_4%%30og_ovIYPygzXfO_h8G=+ zHLPdc&OZeDozsOwWn|K6e6BJswXVdWI*FC=nRGd zY!QZPo5b@dQ>pHZKO;*vpoVgd0QgkKD}Oj{)(P$UcP91pwTQSOE~_pIdyz-IDoPx3 zOTQwirO#N|41@cc?60^d(poB<>tDi5nIdV zL|v`x+N#f{!}}!?F~nEi!Jh>56<3x(M_xfs`zxE#?A&}u%h};ODR0k8C1?UWZRTss zQmv_KFChB43sSRz8ZcjMcM9^TcnD%wM$2MxI9l;F++&nA*%_^?-DB<1gZ^xy%RCsw zG6DgLK8I~eiB2UGn8K4n9yvx2u9B*%sM=Y`r%-FsDpt+VYa%=M>Y(gF?!pQBgtF1T z+gwnT>6Y3Uxcc$Zca)PstZd!;X;FMrE%u~^>KcKRrne(pJO8H_7o0tQxaM!wg$4^s z(b`nKkU9ra{H^{Fv-Uj*5>VvvGBT%OAeClx9QjgbF+-E>;FlUX*lZ(i)tNcsl&R|l znR^tBpnolc5dcfYcD~?lYz@x60Oj%&Z9obg`+Q$Xp zxHxA3p|Kf14Z=QK?+E6dBIBC5$!0s`NrFhu&O!fF9bkW=q?RQg@C&ME>*?<=U+xIM4of9><) z^!HvzmGvvcA9W$lM8Fw~puO#L94BHR;DL*T5i5=Jruh=7U}`CDncx>_>$#S}axAxIsY;E_N{E69b>NCsQs}W&%3PTGmejySF z{+N;9GDH8}_t5sk-vyTY=z6SGW7MIV{vkk&!xZp7`=R%zN*;6cWrzmi%a^uKLd`$g z6Mv1z%>OPPtC~1EeG*#!D=hyl7-y?NsbR06zJmwl(7@^+kP_NhuTe5~TAvS5maqh+ zrKu-4Fz9oiFu??35VN?O2FbKK?>zEuxw%PbWi>T~Zxq>dl)U)$ZWioP2kpG&Xp;tI!6TC z<72k#cw02L!B#`SYAS&Ni>73@Glq6b4Dpf7oOB?~X>g`xuURYchDQ^+j5?tZ_Z-!> zugWQ^SxZ#qv)~%zWVW)Z8B28-bbXReMRTvXcC#SbpP}*6VU97NPwR-6hJa>iEH08J zZz-9!_^R2ko6&AO?yPNlRrTQE&~xzEN43@?ld~xYxG$_JnJH=Zm?`OV1M4Xz@cdO^ zJ1IpgI++N)ShZI|EjyyMvD{IfVjDkq#8bo@o+TP1s*|a#P?Ar=Y<^fOqv-W>neHq{ zea%Qu3b=PSF+a~r2pssbY)$bf+!)dms+hEjoS~ZgVOPM*CI`Gj;l7!ZPxBYJF27!ObuH0yt5EM6-tCTF^m=M zL}F`o96TB&Lgpe)Ax)!CvzyOF!W@2s?DPE?L~qth@wH4#P2g(A)7LY9%i|D~2}Jyp z1t-Dq$QVs9E%p#;4G`BVI;pK&GOEk|ZmJlAG|Xy4sMPdjs+@rZD&HV{W*fHQ#)v?U zqTQCIn_GeYNg2$j;s>payMP?_8%Py<0!Bv90&+&f&&~QAp*-r+aJ4s60iooi_mE`5|+w zm4d$}`wHD#J?>mS!d|0kXqGo##>t+`{0bisW|d6WdA7Xc)D@hb+oHayxuW~ccY9ck zrNI#&UHg|DH1_dV&FS`VK0!-I)iY|2&EJZ@dw!WxSA#94L|yEp)hlYnsaiHu-XbN_ z_6&W*P!&;kOG&5lHE1s9*AL0k*lAwo zqa!Z5E?qz%cY)TDcT! z5*}3TRt<00I*uB)>=|F#9|A1q9etGXAiHXp@cqsxsKwoYbRtrUKg(*h|Lk1)hN`ug zJF<;;;c%;meGv!xlAp*7@5@xT%an`A<{Y-Fr-&2BdjpZ~J1AD|p6vSS5;Yy+@-_~g zA-h{}k~GWL_05Gjnw0uhaOBh){{xei-VoZw@=>cX)3A(YJUy4i=>7X4 zZebbD%meF@%oAPJ4xms+vUXEq0K^^&AV0)6>Lv>S6v~AAirlc6GLBR zA2JQo-|00sS|M03Rge$^pk%5AP;oBhdVQ5G;Z7aDFY4dGE4+8eVOEe;sQ}dtK`=_v z)Gb;9jaLm1fIONY{e;G`eTEGmRB$}74r^aSCD%G40UlT8FCTxPMWpq_&)=WW!s3%5 z^bct9SLOrf{}oz@+gTg`XCpZ~$;NJ89%b|+H53&ZcwlvLDwK08FOxb}7A$p=R211; zoB_i}O)}8Uz-AsTYRB@9Ffsu{?a!%;77MXB=`=!#Mj>9$5M%FaB0(Y5NHOtEBS%C7aeSO+yh2`8 zF3EvLKR%yl(7$kJ;>DMD>b!z}{Ut;eg7)UozhLLvnKMR1`$&@=?FSmQGqLeW4b<$t zpo=^6?^pe{{i#%hg7|6Zcq?IF0&!;jJe)vEA<%6c;wLb|L*{QnK^Cl!sES`|eGmu{ zvO$^rS4qN<+ZdpbKob%PM0N|{W4bbG7TQ86qFc*5GR5al!Iu?;;bP;&kfFI&1@JS6 z1knrB7%x=L=_MnU=4?~C*#&+Q&xabPqkBykQbo5?2=(2ePzw$glngpx_E>ok$+#zt z*zI6#O`idds*w=otixbzEZ>pm#gsJE%qKnOU+w-Fcxp{Bhvz4|1RVUI4g9Zc5t4sr z;6`?~rWXI2f$~>8&hWpKDfAzr{|3g3)h^U<)Np;tXlQ6af@Hoae#?NhQPc%aj1#um z)*O%u01D9f2HOKSSSQ^uIh(ElS*_W;R8cKz(>$VD*@D%qU@;#zn+3SZJbr?BTI($w zHS)QftUI5co-e>}d%V1Q*Ui~E!+pQWef)slrNAS(#>nE>1a0Xn@Ao|zYCsq@1Xi&} zY6~HC@GJqJ*{62!ZpP9>?#)HE)~g+1x4e_fECrQna;6oP7A13-2AD+Bh(4WG-^b&)4#h8%@x_+tV0pxb@)`%lF|5mm|Y zaab+qQ3cbL>s2-8%bQsyT+nt*A?XSs)ss+Auuh^Qsyc&A5YjGGl~QqJq>EOZ8_P0o z-&%2XCB)(M6wsAPD-{_o){{!DyXh;B+p$Wyexb(tdU$X zF&7%{1t;*BRHj(bemQI@%dF)43#7`miE|%(r+}xss9<9?dp*nd9l%MbYy9%+JZEzs z5F4J+`g_)?CSD~3c9irwgT=qhcDf{*{M!n7cN#61YHUIILy`$qNa4W+L&Q;3yaI5l zTvka7RW8}y?kLj59UGzBJOk__OXAWpA0gqgnGCYrV4cBfVS78}7TzOr0!|AHD|h~S z$P+Gt(Pfq3u_bc{w=q|Zr6q}LYqK3(fN(y!lt@Xs=b#QzXEnrp2U9~yF}>Bb?`}rP zOk^%O^xdu%9!taTGA^-07wIfl7vbzj{m~n;NWE``dr?6XF@pMgq_|tO?Geo~5nrJ6 z$ZsuV=2sGi9#Rn4bEh>+XD3@)>QI4-%Q;A;?yM|0kxh51eDb^FV;+LB>|Zj>hG|!S zCN*4|Qy*$8aU-3sik2p+5>G;q>Hw;8lUt@xQtMW+gN>Dd;%A#B-rZ-P9bU(&n|iLr zC4bYQBA>w=OYap`kSihPui1x;!_{sb(0%Xpsa}r^-H5rLMW54R0;84ZdR!&X@}`{* zk*;qcMEp3CR$xbs{b6brIB}Y&$(AM?-jv+Ps`HB_b8yD?bBR(^BF8YC2K|%nhH9$t z(!>)eA0>ce$R0AaFFh+hd-;OHmlnXD7I%ZT9Rp}(@(rbf!o@DxU>1Tg+;5LEcrTft z54t3Ep`!+r$Zv$WLYXPa71RGJ8nL$GDs3swa2y>8xc_|gO5p9-Vg?4<@yKI}{-Id)NXEgez}WK2K+9(Ia7?6R#<{ChJ<)8D1( z=Q(8-aLve4r|3L1?@yArDRcSwdua5A0L)Sshe$$s#bu_Leik?;XMie1~Dm z7=GQeh%{%nGaL2ra;u{TdXulihkMBRTrlhYQm=n39vmd+aXcE2u#kLg`o52IG-dJ5 z6$qWe(F6hbT*c^vY;+R>*L?^J;Cd% z+dUiAN6Z*RS;4@Qk8*9^5gU?rB2y~rVs>xz?_I7n0mV=`-C}bV45B~>O2=q{m6z&Y=rWcEv#!g~DHErOQMi0y_esXTVc-peZ3p`gr3eX-5&1ne zGl;I6nUAY6r9doV9&{IcnI$pdR|AjJ(>v)x74+cIa{%z@5Jk+VUBC#v85&RK446q7 ziiU9yGG-P;se%`n6B;}@lEmp45HQCJkQMr$LxZ$`ORqHXbM_Lj#F%K7wYaJJ!dROY zob7@`#>qcpc+VMoK-fq=AZo)_q6GTl{^f-Ua7x`KJDql|vp7bDm%!j?k2-~9s}B#~ zN%{&)Tc|_5y3igFYM0kw^?Vfik&trNJp0Lr0e;YrS31R#y21Q?S7pW~lEYh87^-(m z7M$>?*`LZ=JL9=a^&TyZbGi)=DQY-h&|zWMmYEYN9fr0g<26|Ck;6ovBoT(>yx>d{ zr;PC6pi~^h^Em%i3BZ-6+gHQ zph;EiC#*iXIlAdJonD!4x5NJ(sLo#uufp8D&S7Pk7an!ft$x>VZWtuwv_#sZXIP&- z^$|0xg$n^@K_@+8rEpK+Coi8k1@ndqqTEA!3K?CZ?7OTfjII`JZ2M9BJd7{7Ot39E z&je_;jazceV4`$&DB=o8atPDcP^J<~3BjWIRwg*N$e{TPB5kfwE5_k7EfOT#K7(xEyxj8z1I%`D+3G>OOGmPN!jl33AB=wEX%$ncfQp54PpL+-zm-!KMh zgqVHYOJbb%#`qh&yE*BnMTl%KKzu`&>j@P3ji55iTsUKxSiCWNseqDTVoXh)+sBt+ zvv*;NJ)$~(oAJzsSU|wIB97aF$^*E?G zFw@Z-)?!T@p;Le8w4^x>C=ec8)8U`F(;l zAYp*aQ^_Tg1j7qr!I-zAe0EJ`(f8A$ARvoiq@iy{42Tnlbrky zX7S%~?tizizhTp4B`LcF0fcuphy9^87N6jhTPj*Y2T5rmO}JTIB0`m*7DWY;7}<`X zYNSq0?!0$$ID&Xp;BfrD*l&|u@bg2wznIQ&XCBjTo@RD(dx4a%=l%R;aA#nK>e5BA zNKvg(bFfib79$&C(7C9%S}>z3RyduCklhpdH{EpTDs4s|+h_9HWkZ=KS7ftiVzyj2 zQ+#m5_gZurNq9U4paveog%F+H`$+v8-cD@^)*s@3O}D{-K0?KN(`qB0GY;JabH%H5 zBNOFTL#5(7bHmc@a7VjR9J6M-ZpDAwf{>tnA_?nKyfdD7-}f@_#%CH0JskSY+-Wj7fIy8W>C;UfkAMx2An{UQRjDH())* zN9*j~F|6xufxeL()ja7XrD?agIg3!)lnhJs!!%nDWeIcX^>qDJdSO0o!d(y-USVxQ z3U54pOe|H3pp(A5s`ja}qHA6tbeXdEbOvt%`x{{dm}K}-{>a4FKI8DwL*Md?RL%(* zDL>K}&IpBC^jP)fF3`h%0$X$fMPRD0Pj5r!=4zB7`yK z$jB8VSZ;%09{M{$h%L^5J#T=^B?77$@lWDoS#sdO6T}ED+mv=(GY{NqP9!d13ad~J zBhsK0nw*P_h~EBV%=j)b3e)a0c?$;nS4PeFzclK<_dovL_E1?5Hh%?>6U{1X4A z29ior95N8nmL@_0R3<=`rs7w1xDkf5sl92yZ&bcJupYx?Kk?+lM!h{Z^%T#}L;)ms z1ghleiyW^RPPdb>Sbn`;AdEpJR0A05S(PUSoNwHsLypa0g>B2<-~fj0HM=1Z2(}e% z!5h$I%H|lVjM3cCmsDv6^2;!ztTvJP#LWXMZMwUvx-*_J7Kh{*>yf70dpQ>*HfPD{ zZkPimtqEpmzmiTo4^YN4JR-eFNA=Te+wbv z+xL088b=QSk0skCj|rwMWB<;YJ*pq(>V3!|Pl({jBUaxN&{9;Rvc#s=YGJ3ef~%@~ zm|>=lwi_=yMpTT-V8@x`B@as8xsoh`*<~a}V-(sPx=!G*?IgQ)*)|g; ztNJe2)#94If^n6+{@~wThjV}v#fG3$!IrP4(&5z3Yt>8BjpqA3%OD;}1~No=VGBA| z!dP(6k}W+bhlUVi6FBU;=hXxIK?a;#^oXfBoQe8V@QV+JREp}uC?^-l+VPxL|NMy> z&({$?;5ncg^}L^ zd_aU@L7=X)LveWP{sVO}cuX0XJ;X^8)`HP?`6jsiLnEWT{ONJ$sYL~n0$CIxVQl^w zhbetwD6?XGyyhbObcv)5HIj1|Ft1ZZ1Ji>pR9GW0fAB z^S=S@>2rp#H6-(gF?E?NchMb8<;p3$2#6`=%Ao{Q#fZR4InV&wLuxS$b$6N4)&x3I zx~;gmHyr~E8Ly?#x*dYAG}roMn49Dv^@0+OyJz`15 ztan$pJ7|Ns)Pk$`Vkj7miPGK_87w(lCLwxAB~=yL=HY_5o(NNWE;PQj4_yIhXR9Y2nE% z(AtXc?=h6fVJ$8A!Qf5W3zOYG>#9q;-l@=+fSbBQ>z{wYCyA;6vZTn z7KZs*j5;+^t>J%XZDm#$t`NI`B1QRK`caMIEYmo@lcoe#|{! zTj>@3VFB|#c)zA}4;y4>pBu!-U2O0X+}Cevwl`i2uh@JlqduMf1uQnRz&J;_UY`Iy zbZ>-nYVcZLc3dFih5MU^0u$KtjZUJcu~wUDwHFLZ-Xi_CDmPhw!^sW+$Ot7Mh>vjFAzE=bOtz5S)p%Ozz_r0iWRxMTF6u+ zI8ky~sd17iwD5{%NL5_AkoJ@lBo}S&o)q+Fl8nkSz z)zkuyD^zGv`4JK`wG!57M50-L^EJxIndvo1cAcyk*g+Mdmg$i=8lwiY1kIM?oAplnFF%T8zCHbqZ_KHh2?;Iy}%^ zStT&1N?s4MfSrhdkl4@iK+-WJ6x{&epZ!G1j^#jgwcx8_;q|g0G1}0p*gy?VUsj;( z1HZ6C*`MtIohm0KmUJMaBK{QL<{8-N9pH%Ks@qm~JK@A)-B{iE<3H6tBFSAop}GY0 zKl{(W_FcsPe|Wk-V}1YJhAB?gQu@paN9FRGTEM?H-$$5tqbZ{S9a3=(aO|U`<@ZJQ zSTAH_kfk~_4)2NdCZs}`d0&G(<>SnhP{vI`!*pdO%1l3hOy^|DyuZHPV}B{pum9rV zo)PMFEuCRuVOo@)Y$}`aj6-v<+YTf$ZB35iUEBXuW5ftjat72oR?3h@fOa_5N4|w% z2$mIJhb+#P5Pk;^qebV^r9x&N3Ed&-W62!*Y^c|fli;fPw24STs}zoYj5LF0d?Lz?9N_FD1fd)Xd7JcI=7FrbF5i z49%sL((Qn&Cmj(#Yu4}3*-L1jldW_h{;M9trBZ4Yi)tr3K$XTQbO+S73nDWd)`iN{ zinufH!CK!ggW#FO7K3h}{X+cp)<&F=f#Z*~>m zqE90e+2pCIBCGZ5sWUuijk+_!tAl=DOVZ-f9v)V%Ny4?U)75={1lI_vd;=dpswaVVqy9w~m4yCQUFx7d>xYp@JiS;CK8yzY`a~Pi zPuO2Rh5Y?bA?UpJqzTFFwf!nhrsQALR_2ZkAZ>@ngyxX_Cf$BMM{IK>afieY+B3&w zZH~VB<$y>7@%FJ8>y!C+pk7eKc6Mcp-dB{RVt7DYTFQ4*S%N9pp(- zpnvn_Ks!$vy|dEgCwI%spf?#oAxHzC{O2KK!F_U2J0nrD1zj%xXIuoOyi|Me&-YF2nXrE(;CM zB_?LlC7mOP^iGKfvRm0~zk9GsG?QPW$lq2$0+~hWk{gj^avE7};$t{<2wG=KQ;=Z@ zk=yT6ZdEi*wpfC~h{=)C(Dy3c;a60&KmS*=N9hJbPI)L^-T}Xo$}p`M(Tliw;z?Ho zmH!99IhHeKCvZxodS5|QDb?w$3XPG%u+B|dKkIm#&iJGt)_ z*xevCNKDg3gIpg;wNJsMg;4nA4#*K_ za+MBC(dC+^+HEypr^`%Eff{iyGxM>38L>+A1`4%BNu>n@x&6TE<5*k3bxk{;z!-l9!+&% zz!NGs@+jotkuG?EMxG?CC&h|ZPH8_y+TAHCS+CX*i$MMt!u9qG2k(6+bKeHU{V;sM z|Hs-n24@zu>pGek6FZsM6TGqQOl(bT+qP}nwryi#+s+%#$+yqmr}qA;&PJW{bNyMp zs=BNDS$AL0eS^&zq6(xNMgA@#IS!Qt>;*`f^q#8RG;BZjnLxXla(hPZTJE7I>I#dJ zjL7N6qPqzo1`w>W3xHGzzk0py|H!(PK$o8VOBuIbVi-j95nzVxGOBYW#EnDR zy^`P>kjp~6MY>nTJ4nM5cKt*|0EZ&xfnox~DK_XvymckySwq37ead@_lJ%WafqT!6 z7_q!+Baih^$qK1-dQ%|_n!tNeu{=jUzxPQNI{&Q*aUm_v@w#6wLm>OB>{nJLLX6CE3l=S(_#i{GhQq5^` zu3!9+pt^feqB0yr9;n&Lw+myl-qG_jF+~OKrDftq&3u$7(S00rC+4qX^DH&il!Xp9 zK|(MRhhli_#1tcoJpr4=Zg_Q(DE7Mhxg3*H?!Mrv<9Wm3n&-Lmn(MgJ{qtl23Uo4Q zoyE{=CFoP%bfw0CpC{+3jw5#$8(;P1h8B@}muTs|Dw;5H=lVvd=(Ygm9VzuC(1QseMd zDC1AAehn%TO*@M0Yv&CM{}J@tT2bg}tja4=-?8Z&?3{!jlK$0PoUpj-X~y%XaLUy^ z0DD4hF@}uTm@_>Tjyp~`GX~Z~{cK(>wB3#--?*(lbz)wn1zi?y81c06s8F(KAzY-R zz>J3K=4beD!RZilSG_qnTaB#aU2FZY>4y2Vql?-YYXgZf6^$9cWk6bFc^%C|p^LDh zzuS|SOA$(g5HesjE;J;+OwOf|#!M4WQhjV9ADL!R(#0`DrkOjg5I?B0S4Mi2j&<1t zI^|4jvj}Qlu&XS&4Bf=VQ6Yus-}%U_{EXyOQoev1qU+kXh#&6CZs`P9p zO4nBXJJZvdOKy2Q4Y9P!gNYpQEZll0)*C!#x0&(MNL^M-6il$h^ZZco35{g)ZKFhg_0*=WmItN{VItE+dWRj`j>Vp)T_pDgm8?Kh-Bs~B_fC{jPSP) zI@RIe+vGG(bu_mLTE^VLb$h>@hGU(AEfZzZ8*vBGp)?IE{5tGnh%ohHe&3gLuI_jx z)8iH&!~#zAD*&nE!o(`nO+2U(k9XNQfCGIeaS@$y*l8^@6ws_bM`ElnG6fZek0`f!&=@-qpWl_|VJ z&y{}Mk;fYg@2U!VB4y!6lDp@RgllGLqeV~5XbsokX`=%}zJY(+^RPev^}FFmEQK$- z!+7>(`6-iOi2IOyP^AC&DeBUSiKIET$({VG_$e?Sjd$ zg zWf`f3{=&|)Q3;Wb!Jg_TYy1xQ=R!^JAsew&*#mWWv;Ha8I~*|)MhqIRMon%|)dStqSS zIOR}FAAynH58l@JK-{i5&no}YW*|p0RTs=mCABXnX@J{ZG%9j9X4L}dutsJj(N&JEanGk!O{bJj!>I%N`mV zshzm0mfys~IytX^NRwLOqWw9`VhjlPNXpx*E@!GCbHhJv`Z<+aw?0NqV&!Pc!Y= zocE~Rkh6&~eakN1J>d^c!-shjV$#EYuqH=-X$j0P5uyD0>+GBXhZDv65$$0F3*G?E z8h~SA0Pje0Q*ry&GWVai3DOsN6g&AdzBvGVsq=1cNf9v#%_O&+`6TMFC3$po@ri)w zbmS6>?yhAoebLl(P=?w=D)psm&Z|GkbEaI{a|ORl6n47(gd5qCGOTH14;J@EMqZ<1 zNSe9+p?-?6B~4hQc~cLSA9 zDLPVPoW&NmVv@rxLoFjAAsuE5i3$qi@*lhr)H$d21^H!%Dq_VJB3gb?HFc$m2yG>r z<%%L4wm_&{fxcQ#ZsKluuSpI#^aDKXIOZ~@m=B>)xxS^T9 zxfph}Njs94`KSO(%Xt0~Zz3VT71vaC#py_; zP>$PM6iJKjlII>`!2p3rgzqt_M=NYnwcuu+m#4DFtrd5)*-Fgu4Oq@Tl^eb?P|lI6 zj~SaDP_z~|(dHRd;}9$hGhuGF_m1J+GQ^>4IHonEA z*B_*R*e4EyAS^k)>dE)qjIZd z+b<7uNavuCAw?dH zIy@;s5g(6!d$h^x<}t^XTa!aH^=fUH78dWAD_H=<-{>+HH#O7xQ{K$=k8E{g`5cvx zdG*8F`sZ1^3O1L}UA`uFIwzk_UX*vbsUj8iT}~u2HMW&j9fV|{F+N%GklYVObKaHP z9+s9)y^2^jhIImA^(!lBL&e^W$AzC$>Xxf3E)P5&4?plLIW?0+=kz9(r`t=Bn)GV) z&yT@$GOD2DmZ~8?T7hyaC1_5Xj5{PzaCN~svq-VcXK9BSUi?oLB~lY55`wX|oO=*9 zNW(h{(t;=paeLC~g;P7+TB5Cw`sfmE!G&5gle0sWv800@Y3SAZysdu7@8nmmm>$pH z3%7SpE)-DgNW%0s%A>R1`*Tvq7Lw(huem@BgZ20Xy#4h=cUQ*J!80CKw3i&pPkZIg1L zy;%GIl}#1C8#}oxNG;pdL-48E)fBUZ3>uESXDHN2ufKJL{MWcRS%ejv`>imn7yI{O zeoAp|MnJ2C)*tp20)8=2*kcdaW6U!6{zeq4UVVzR+Fu#hcI~uk>Cn%2u(EwZH_B+r zuFV{9kiFqfjH`^hq!!U#42D97u?T0bKA0J>`Ys`SoRc^d^4i4E9^hL8r8pXBH^y}f zgt)~Oq?>xdzJD^6-zQ6XB10^oLcz(~-!jl0+|M=)-5eaWF;ZR=9A~^J8{Vkal~F@1 zE0t;HozJcn1@g*yj+-W9|D2({xX$)(2sDThI2x<%UzoM6&gpGtBc42Y@{=gC+=dew zNkPN@ghK|SD#&$SM|?_h83ah*gnJ#&?up%E#dUt?)9d$%yzqc=Nc)xJn{v!G zRv%l!*50)xu-aw4wulY|+4c#&TG^^Y?s1FnnWEJ;747{wPZB=#7OmeNnwZ0Q4DE^2 zt?C7jPC033O*lAK>Vnq?(Y(($JSfUGLST?qfkf4wsr*_L-V!uW5)56j{}vGRpwvMM z8UC^6t@Y%Uc+o(!e}1WS?sNRXn)#`6GZ9Ug1Drb zZ($X4vA>OVhm9-!%;w#IEsjQe{e(L)Oj~|&Sb`fXLp;x0nKe8Td_7xyAeniJBA`=D zPvfRZvp@B6@?7)4(6t%WHnS&U2~VNM9q{9+ z#ioY4Oo-aO)BU16eeTpplL*B|7x)TCz@!xA=@tehu+4UX2p37|c+^S}5k^qTFk-0HL_+!24f1hf@Fd*8(HM zf4UI6$LkcjmKO^w`fhf3jHgHS84TCoS_G)*sxzx6P{0cm5(u@ z@eFYL@8>5J$d%wTJ6>=URc&!ExozJvyo_CE{18oczs!1-Y4S+9G9H&zXZiIK+?2aT z$M0uO0gE?KKUB$%rOPGFt|@niKQn$pJCT~oX$54uGk#J#ot4vQA`MnEyXWa?0Wx?? zGMWu|Gb*mi_o-G6A|}z(b`Mm34!5SJgzJfE+S7e45XLA0?dbtHeu}r8T6lNTDs%QX z@J>n*s;JbkY#Xq@?(qF4nvX~^j+E)T`YY30s+a6L7$80-5BSCJs9nFjjQ-_CEP zuUv~Qun1aG^>-w_No~m{iWM5zBJo@yej2AGMsNVlG6SPfAgYa`RNF2q)iu~ps9v44Rpw_kdl! z_Fpl5yXyob-$iU#4b%{~CIsTY9HLeprF2xM1o}+P)$&23hvnBz9?<;~AWh0wc=Y(~ z;JU~e@O$*^gt*Q2sOh3KE%G2R?dZtiuvFs$@WEc>8|Fv@hv^(8hLlHE;S*kzT*kAt zjbKH)c`8E(*ndV3U}>99>N(Z`++|%IG$hI~QziRJwrm-42j+r3j?-@)T^Y z{_H$$jtCO%YFM&H_qW!gSh-sC02Tameen&Ur?$oM*cnu@v+mpltS6%Cs&#YglKEZX z$DnbrP>Zl;W-!wU#8r0$Yje4t$)RS=yJ$?WJsNL$MMNWE`$_NOJU1S)yc6F9enq*pBkm7hNIy{KfpDc{uY;HL76HyQc-`idbnmhf#s<@o_ zY8B1ni9sSYOqb$&r~{3mMu;uqTPEO}fmV|5AzjhiWrO2@57krSSIBWn;_z%13sYf`z zZd-{WOc_hnp}8=Q7!wB?owjE4-A⪻e6C46mQw_5&|Yg^q9i-;RS+S+V)@`O%4UJ=3KrwyA|o}BKJMi-`x(To)DkrY-cE65tJ^d14i z?a`3wp^wczEV|>gy^{=$>|R3cMeB!?9UOlyGkJ4LJ&jBp9g28WIJdKas*0tn$3Lvz zW<4WPTqj!fG5Ab|Mhv&M2(r zhi(#3(J*~aJ*}>hsQMLcmj#-}n(ea?d z!pQJX6+%|*l;i+ETF?yhhlE8_vkIK`pf(M2Lb!;qouVyzk=&R!P6+!vIm63slOtK{ z4X7vOZSin^QL8P6$rX=7_k__FpUyT&X0D_*L`5O9#O6`bTx13)%J$9t^j1gsY zKiAl-t30_2AetTkPm@2f)CucW+<{eN03{4=m9{Xbd^ zR{vs~_BDir;g@TgnWNi3NFE_eBR%VX>!_|$HIu_V#`f+Osg3x~nry&juVtb=!pizv zZ{!!=jYwdm1jLFs`;d$vh8aRckcy7P?_=H!W|;)?F8c@Rg?5+o!a5?ege@`m7C_pV zbn(X@!mLlzx0(dA&0|fNM&I0NX_KAxYuD}LuI=ju+`n#zEFc{>P<&52tbEm9UKDz2 zLiLDLsrJXh_@WFNP;ds+zs$uaPF?YtYLyK?N=K}4evQ?Tgk%PHzGE;;0~y2o!xwO- z#aq|OHt?yh7Hv}qE$mu?JxHg!aIO|?eeel-18@l9w~_Nn-I!(+yF_w9j!;j-qg8sqMw0}a&K_xp;##_$=-~KpTUsXyv3hyKzh-+~P$OlZrPV2TltC>W#=nB2_K7vC-sKKd|uB0^U=s5HYKKc> zaVVH7v6(acafRYw+R7k?$<06$?{m5uLk>PYHurhq6 z49E>gfhpQ^Yj?I`(w2nt+4#vWaUV;z@8uShYn9RuZaT6B!g*+mzXsv_?CA37LfZc3 zuBq>(ZRhpZyKBOD`P5Bw<`99RrsWh)zg>F>6U-G<7k)>Iy<%?y)bpEekw2&>f-dHY z)2Z3;cS5?x94#2s#Kqj_XSX+IVNuf~C+4V~Wk|O^ z>q#-(*|6i{qRD~EYJ=nLKNbqcMkQFsk#+<*+vWPZ5Ps;FtCzm3ZQ4RvJ!J4ysq{zJ~^OT9JUaAaR2%qn>52Diil z?IbtAyE((`JqLP&@bx0Ca*k`jT4v?I42VYinY7g384r&htQxIiF}Yz_=8D(zsE(#b zhZBCgF?biwbzTWyJ3^~xdQsPq_Nu|A`|^XQPygW3pyzq>3Gbrz z#^{~7jR5)T?gj^IXt7cv`R;nHh~8Wk z--af3v!ism-f(R?EqhOEL2WE+ev7z_qNT=Ci#m>M!aik4Q!#~2g_i1hWTJ34R)1mM zYbQ3&5RkuZj-}Q@uXXA4o7C#S{$cqq@GubJ-Kiynk7BjwARz@ncXs@rGt z*bMjmm|gzMyDh4t4H=3ZG8}?E6cO{por&h>{Zhl^ab9BD$2*uNm6_%@UvY_$ruXYi zzw)ai9emJiFJxtbZRT?H(9{#;uKX#AwQ>>7C{snMVq=_g{>n0QoOJ)|noF1>Ns>l+?-ZYCe=xH!3-FjcG%*NaxkHst-(65fCSxTV*@RBe4`>=+X0D&y`AO zsH0jskMWoXd3LW_VFqy%5h~}{DUPbvl^7l7s1mQoAC^P>Eie=GBijuG4bA!fNFWNb78y@ z#%WD8`gL^@Jz60eoLX?2x&*9_@BP-529MUpht0JL)kZ~lq$Pc~I(Yfy_^zRcKvIh{ zv*mfX6XVydUR@8y&PalHWG`1#u^ZOcTa&?COwt<{_*$%(Fq{oi9H4fPKpo7;ko5-b z(=NtbkY?GRScVt;0joVktUYA-h>}>e86vWuy=XRjfv#}-551*8RN7nB$S|LsLLeKH zBsw`7LV_gEFB%$KQT3qpq^4FO^_Y&6GOnbkuQuNLBvHd8ZT6zZ0r~b(RFWC_JNQ_W zSnjVbr&MloH_=f*uzx)HCe^%5?3MHUrc67O_%p*P0okU(JFlNdqR9#VstbWI50BG# z`B%w;l4@a0M4aCh>h0G1lxYrjwdt-91QM0H7V9( zFN0#GeFFo(_ah=&B!4xa_(}WI5+f!MVT&`_8Kd~CHCZQWG?{CLt4LMB{>;4y(`fWo zQsT9!nlQ0gO2(+5ds2KW3x(x*?n)aYO$+N=i_vYp?(BG<`J3%<)%LvU_IY6-2J#z6 zhe!wxFJ2EHFS+ytIZxGZWXDeBJ`k+Omjsp@Mi%Bq3OU<&&nL`Q$xpWr0EU-9gp3$= zL+imyF>r62DKUZ$v~d*()NMG9Abt<#(M8#9Vd{jhsohhCyuqRQ3^{enlISrQx=y=d z69$40xFvLTlJ%|=zsH67=zGaR-VxOfD7o9;a(_9W_0Vag10AodTXB&H|;jUrBm zI1oXDKodz6P83lRW{ybxp`RZrK};TzN}Mk;h)i6JA|{Q>s67ae3=mNgnMAQG3|%#3 z!y_|5JgV;>59dY}YdFS29tlsS*Z1??H>4dT1|1>6((sysUN+C^Xruugw{~Rp)Zwq=4&(Z+t%kv)~Ivz~J75cZx{@n=K&QMes0ol%~9Jxl3vdU;S@Lc^+)W(R4zp|oG7NFSI!hi;D=vaLhEZ@p?TF|J_ z^210MQew%l(l-%9b&J2PTC(J2lAQaE)ArFZa)L~JW@?VKaLddnf?-3cHfnUaC_s|7 zY!c9IUe7N&x%$(N*zh?@ZSUE!^*x*1B-XJJnH^y=(h8B4i6>b=O-O++p*H>Cv%yfg zAeaHpV&)BYpq3Y#QKq2jq`;uD@XR28U#nsn3cm7JXn3vra@CB+V>Z8u#q24Jx!y>)M5bW2rLFCP^Vmxf3oev zex1mbV*Opbk^A@jK(`5{;ee&L7Ukoa%5mZ`R~#<9f-kjwD>z}`^DOYO zybE#Dy(K1pejdUR7?zB^zXn~)+})G;P5Sl@rI5*n^p3QWjN|($>`c|NFlVW zhNWzyd{ffrf|S9kSqgA7ARbcf@L4nJf|T8-TC?evUF}$$fOhCe`fIjC5F5XTRg$Uq z1Y`(#GxqZ0gS$`Fn-;K(m^i^S%t)9Fa1rB(j59;-?%9uqRM{PXunYRx@cTkDIJ}Ne zzlAtg5hXQ28??9)FyGhx07mmYNQ@Vi1cZCsOcn<04fFn$6)u&Fv!)rKzM z_-7{#fO-Bmp+&5~Fd=oPUTp7DG9IIq)jyH=v(!6A#t#O)kpdUY2AI~7G29o9hQrpu ziWsONzSAUPBm4FQ>Me$~Ml@cR+3edGj)8xJuhbzn42LJ|0E}1|`mS0)>5aeV*hDm+ zm`rp}eT0DzU0gQ{dE0g!c|+IhrMirV@LmB$+B22+bC4=nPMZoX&OGuNQ$HI~(s=|} zoj$l?dH=vgG)8aY6m(;}@=Hc3*N_OyvXTTc01=6Zc3|dBT5J4W-Ob{M`;#IC?L({+ zDKn(0@jN+{m>+lo)R9P#-Y7Q$V+p2+U!^iiuCZi2P}^9$qx*6!8{XQ4TL?P}?t;1! zG}v8f5ty1i+5^@OcO?~MlI?3xi-r^~bMb`m`+dI+U)0CqsHkT$#;j7eI zB+Pmk8=OAfwSjvc(A0GdrXDf;wHEVxSlG!~)*D4KTgI|K)HKR?1gCe`(~DKz+E;^I z#Au}K_w}pxQ(d-2@5tv4H}f9Y9Zn{Y=wkC-YMQF~P2(uqHN8M(7oFqfv1qXC)s{O% zi?%lU^X_PI;|meOe!ZjxF#>qcXUe~ z3z}la?~OBQ7EmGzNeEVLQ!6d&i!#s52+9BB%cJxYYCtZ{Mo}Box89Bri*{It!LGOZ zv=+lkv@vaVxIl(KBa{`!ifIk4F>Nl{w^_K6ERQY?>!$0+4<$@ocY%Z472;?Aem@zi z=2WM#O6smy-``T?WHCZ};RCUT61)&p<@V6D58MzW%u~VGROa^dg~XO2EsKUy8uWz@ z3_+S1C3F@05Mp#-D#MRg86==dzNQea z4p8qJRxocstH8J{T4ow!%}-4Wei<-Lvy`G!QG8@eFbb!uO1(9*d573kh50?rUhCwYk)rSmQaAHgt#BMJwKVzI;0tX=V(P}2AuYzMTj6@kKB-3?3 zS$6Srgmz7z2DKf$%a@Op8lPq}r!6|l%v+`8rW0E;4>=c@)gn8jA|ID=Fh-^hM3&x( zIu%yOuoXqk6N??Xv2ZC-l%^3$;PnRc&E$sHrtv}G7RXPX_)7Pc9|jZHW2N?dClg9d2-b=y>qs?{ zgB_&x**8l`gP%faSBh1criw+KOi%vg#o>ZfnR|1+l}>BzOeUOw`&IsuIT@2uCyc!S2On#mZJS;>vo%qnpV{s!MZs3uaIh z)d*`b_e$!dL2`sTKLXeix6%e&1(gb_`wj|A9J)lMc(J}9QYBU1-|{eYZkou-@9IRg zg8D&|utDg?)ZrdG^I5J*-l?`hh^Sn3S<#3*waLou`#B8V>KHexAQ(5*I&%+yhkx($ zL!Mh2^yr~eHG67{bQcTaPb4=C6}2I zU>rYOg0@=tyE~;m)p)CVXi&VYalMC z=ehMbXL*o6gE?<{QCbm``!UMf&@*pPO@AP<&WGzDhUk66^Gmv+IeQ_l4BqY|yD?D% z_X&{N^|I|N*$H--4dkdrjL5~l+##W_92u$wO%b4}4rYB2glg_LT0!uBXN9nZ()vYk zHu#ns(Y?y5kL0*7-wKu!WV0(}i{1^Zy02-AknL-6i>4Jr*o)u_*&Se_M?=y7+-lew zmI2M?(6EDH&AKs87r5S9WXt8k`0i^FOlVhC8wEF?*A92J!#Z~_*_zNnaJ6Uc*U@%) z1GqZ2MQXvlIz;UC+CW|z;{oqzO}K#;nF!d}-XXd|bxnOkamFQGF~I_TLnzqs)x*PM zmJSvQUbS73L*xlIcb%LCiNOWCVHWvA55H+UXp7Hn){30XWEr4~eHCN^@3E7*`-9uU z6(ySuFJM2|Wv2zrj~?q2v4_}Q7QW}XUcD28QD)iPyn${lkA zr!KA<&9D~kYeW!P*rZG&7=&2hm1gb=EGt%J7<<4W&-nE_{FJ9Lm3J6^AtiOp!~ikp ziv$l*_k@W)DA8l>0l9yHZM<`y+)vpv_2!7)&9KGW_7CbL9J$w4o79a$eW_9#zwVcK z=gpiX94vcRWRK#DUU>OqOa2#fdT)CW4#+ouPwFL_)6elv!JhIL{utU94gz~3P>B}P zzE&{RH>n@K5zeSpuC!l7kcTrcsa0*o7ZX;%-MZg>7q$|)dQfAxLycl1Tq>|*mg=G( za+gwv7H=RT@YuG^7DW}h#J0#5M-?t-pNu%fLKvGKJ)%}U)7N4s>;%JVg)})&tWuz+ z741(%MXijbV9rW(O4#NJX3dbVD*$rna)oRwYI9GhRpO#=VyMKf0f?tV)E%iBZnLAj zhyC7c*l$tDy+Iu{bY2M7sgv%{CXTs-F&51xsSM;PL$rzi*`HDL^F6N-rib2YShI-E zHNz3G^>fp2y%68E$C2~HLo#pYsq~6)m83J| zHGgf_^T0|F`{@r=^n6qMz{^YS<;ycKwnCFNG-5P(Sr2+0`>j)vz>hDk;pS%>$aPAD zT?sdg%h^*zA+Fax5a=VFn?kCeZp^IP(B?3|626> zq}}LJytBdlh1mU@bR&!W84~!HaW{wj9k5by18gPU^$PcYrWtEhlo-&K#Nf?6*b^GZ z@>IhP=}3ZU6-$eZp#8?jy~W9;w_MZYBtx$>6{1W1Ats3h+jj8k98tDqLA9H@8- zp7!h3N)cTlB?`sJ4PONQ6fdw$fy2$iou_o^2Fcj5ua$%J!eLcBhaN8o*@cZ)pn5y( zZ`qMF-}I-}`lc!bYb4-h342JOJ)UQYlKe@K9J%XlK*?w6YlFIFI*!5C&tgk=U@Ksa zeR%V8bg%lLoTZDT?VO`ym_FmFf6SJr4rhq2DAE;t$;cMd;c~Di;#bI2CT_P-ykuIy z>561kL)*uVcDYoEbl;gZ>FIFjgNEAPJ#jqGAiZ`g(_|VSjLo?gQ1PaHS_Fi>++jCn zzyt?8$p_&xPn}ZA6;YA}lG?~07D%v9@e6*}Nb(yIm1bvh<-|p0I9q~KS~RU47k6b| zWFl+GYZzHnnhG5EVf%@koy+W*6h*!iCzFI~c z8#3|G1xcbnDhZS<+%r8W2_`gZryD>#8l_74EC)!yQ73)SumbxFuDemu(g_h!716n zza4^Ia3H8$!Al$EKjOLeVAw*i!h1*S|2W=;3jgA&XG1mlLhQA%O88)>=OnBid?YJC zVrB{BpXhTFsfU@eOnfbk{UdFJsXzpHC1bThKs>5){IhsE;{-DfQsnZUd7+Trk7Ya& zVfjBGlLAZF!)WGidO&EFvWo!KTRPui#^Pf?Ma5rmUj1&KXo(7Z_sBp9A!2o=~N>Wf?A1jsXH9!t(Et-v3XcxPp<1nS-PKzW@~fQ50`dgL6e&LjSzJB5zog z27@3L)`83Cj<5axBN-$vHt>7;_et=Gxqd?cX+g$jYlBp;m<6(CQn-dDx&_T1N!60Z zY_PCKBfaINW<^y~QFHUMxo+c-M$`P?=}GboLsb2qClW4)>$c-BQJmv1$1$R8&l^x4 zL~4kZa9J+}Ny<(JlCYzzl@*n6XoU2T^V=T}y8wS49ZxL^D`ndpB*nUkh_}Nx(3g{B z?wtF*dmZkRA@^zMhXvb+Q{gUFsD zyxrwHrT!G1uJa*ez;sOAlxv&O5w^qE7ScCH`t0~?n=jJ)#d|Gcq7zt+=Pi2%?Di*g zy%nPOJ{X9(jr2G9X3U(pw9L%BXhmgVT3TsSS-oCc)M+gwq-bUIkzD+WT=28p*JLBVtGf62_ zGreZ#D3MscpL^F7gTY)Dx`uRxQ)r`D9rnQswF|`KFDgH3a?XPTZ7_e!Hi_=DZK6%1 z48fA22Yg1qp@B&FH7UO+d4mq*`Spk8y92s;4n`j75V%R4W{zpaxdzePIsLfg^+{%D z=X*cTPwVj%D6pcqK4Q@0V zxOADh?+CM%pa@ttZ=?hOK|h?=h_m8!4Y5&X5+icDID69cJ$&~?{}{INj5t?jai3{i zV~@pK4t$IyY_^O9CIEDiIJdFXNu+2qZk2oD!Jyo56$g5vYPM*|7U7F`Drv}a#tuP5 z(^F)}G*;wJRu&A}4EA1C(tylQ?Yteg3cPovzL~FdT74sigTm;VzPnKkA;}4;Zx=xd z`QcIQxu=Z~rMjz?c^ zI`RT`AJU#H0(j)7i_=?)l}1AxCSlhq5>D;uo0k78O5yma!c&Y*v`{1R7>H2i4IqF& zD{iABfW3UMi4gv1_Dnak&@mn6A_F5Y7MJjw0&l1JhjvQ`2a8Fk{DVz4-;4vz7I^|KdseREDt$_f%-nJ4%QTQr$oTinr(QLX{h*s@6KSI zhGKEe7HMuotE+Hhf!@s_K0sC3BN0<3Ml^e~;Vo!8bvJ~!9RzUHVbxZ!%#%#U=MWRAc%=9!r z4;g2SjwC{jd-(?(8X}*y2x(U$Y-z6a$Z6s>HX}lEXcl-!=DC0`ix@gVTyeN#UhP9^KMfN^F~@nC zWLp_*&Zv@GCM^cFvLUML22V7P9%Uy)`KOpw23gPQsR(9;ey4bW5J&0{dnHDBX$6sL zb|LhHA++XU*bJLQ67gwn)=GKx=|KrUO8{CPfU7N6bFoagK9#%}F7f>t!PpQUGl~Zx z{8z{>nm8IjiBWMB0!vW~vXk$gxg|>ATU#9u&S^dFHiyA^mcegnErNO|7X=+Bu^!($ zShK(u5!Z-}ltssLjh}M?b?A4z>BUkmaJ1reIthDn%f&FkRM)nm?A3pQXskdxw{+Nr zBNx`i&>D;v8L&D@MF%t}$J7rA0IU3aUPy%-~Btx832{ znm$#pXkG_f4kp&7#lD-ol-IUss&*FwrWCS&p7MdtQ#SlB+TJNTv~bJTU9poD+qTUW z+vbXG+qP}nwr$(Cot*5dx~+CqyKSGlAMV3^oiG2GvyH!x(ZAld*aug=k!sXe9(RU=XF#T1icEoi*urJR6_`<<53Kq2^s=FQcJlxKe zpQenQm^v-Vlb*boo3@*_I-H%mO%Qk5hCg}dNPUPWTfNRbyyT__+Pq!S^WUI;)_gEV zYJ0ccYhg7pH&*2&RpqHM2^j{93`iG z8;x9!06?B_a!2+$IsR31GEd?nUF3Xk925l6@mdt6k7dao&lnp>1QTpv71Z5^blJA3 zKO4h%I6Li_sB=}}CTfg0y@LtcKEvRCr05^TXkW&yUtG&NJ8$8dywczuf@|Xio&0O% z9^KMfq%-1_%{xR*2%KrMGX!=y;ifA_f6TCv*4Q#R(;@QlC|a)d@}B4?8ca?*8Pm{2m^WnOIm$ziv#*sTUyorLt8m%&Fhg;YmA`9L(_BrYV8LpnPqRPD{~p2KO# z%%k7Jmn71N*pq6J9?jV2s1Y_38~c^~@lDDJv|&5PV7j7e` zow^+iLUVzLZ=P~ZumA8J=fvEW$3Ag*0- zRKX7A34f=L{$Xujh{*juMK^qv>8gJ*kEmbkV*HW40B9xUc=GWvcSML=!Y=7C#|1Ym z-qe3-`m*<(OT)dUgGgZRp5aY)ZwO>_WaW}@33pLLL9 zoqkpQrVY^#JL-@qnFEaM0(V@qj=0K>=m~DrCQAZVnUt+_m}=J$h^w4B>w~Kh&K&rl zJcHy~8gcU)N7rg;%tjFfdV11N(5lMOE?z~nR^);hg&LS_p>@_v5{pgTK z^^V(aFAM>q`+#6q@s2P(s=E-p6+*d9xN5M*;A@MNX25!25T{_sOz1w1Ep?tA+*NVm z`=C^d$VMp89?k|OP9IQSuy)exq8Qngo)t#Jn8>D9gEx2ikfA2rEta-f>S%pMFe+-8 zM^*_UB=aO`aDgS#xJ%pPM8Dqb0OQb3Ue)Q6nij%=^ph0IyXzgzn^o{UnFS0dxq#7; zvOy+)YrJ1FCD}oCW^&;OmZYLhpdTf&<{$w3mhh*BsC)R~2la#vwL6$`EDhp@p>=)S zt-$E$$ss$UrESt;olitYVP}aO(v`pRIi^V@)N9AunG5dge^96eWCjYzp@01v#Qaxx zl>aN0_P?Eh|GY=8B=wK=?*Dl^DO7=QM*NB7%%V0oaD|Qn@Hasa#E-i1n?MNxKwL#p z4JE=H1%(DMri#7FWfW4L^?z1>2z@HY{a| z&5l5vM*{-xkOGF36qE64e-Af);SHaFWtjD0QF_On(X!Y(n

6f z)jhJ4m=4^tOeLZ*$bDhWQ{&0)^I40C!6pNiMO}v@VhfU3UgGBBNh4COxN8jsB(f|? zIz4lxsVf8Tsv87HrQnxNd6DOb3u$`G?=LdA1{-c~Ygmj@9TYipUH36ELyO`cLdl{U zvStuYdt!XRZ$w%Rh3w`>khHS)i=&1+XFGfMQq}cEWeOr61cOsWPv}Q8gJSm>Eg;KN zYxQc|5^zYdC)qdSnPh%biHTfg%wCI~?W@b4D_wdXO35>eDR zfRf}DGuT3kJ(}qaMg=z5QZiS7fJ{@kNcXZLWf*GJN+Nm0->$-kA2VJ>q@@~2Zd;BZ zCr?ZbyS0XdS+?i|%D_JBmiGk7{*@V6#yo*#1#5p6+_bd3;wIU@l1{%;RF^2)th`b? zRj=OBp!k_vLT0J_*nL$7T|Hz5iMpzHz$m;za7U9-O)A20_l0~Xn{~t`*R~?Em>fWx zdCuV8INdh8va)<@Xb-IIp5OYrY_9oo<~up(uf3kEPXFG4!5=sqhG8I-}*A+m^m z{eLsYyLAycSeN8%z_YUH7)-9MYuI9LDc_oZ2oGA@cKdCYx`17my>Nf!>_xvIHhYee z(04blTPI*%W%+CIB85m;?_Q8kX%(; z)om)ap^uT)$x&S9ox!x;-PoT5NVEJNSRAcyW?jKmg@Vi1$3PLY z)QK7!^Rk`>75mq;MS8L1OdpS+r)Ls-CK~Uv!qasVrhE z^CtP%hz2(;AO5$i`OoTaumOeMtNMDIjZAZsD&BOQ5NAo@0}lfT%HW=nIIS7UICmk1 z#99m@b=kgBR$!QN8C8>FSo0F3%xETY;I&!{=jD>#MH*r&WMkW6(H^+dK%-*V<1^2* zUB%I(H`I4^&Fok?DmkX9_Ap!1-Q;-jPJP}k!T<<@;mXvk75%avm=Vmxrb)%u294I^zK0Hb#%dGmW z4g3>1nSzah9Qp49Kk0Bt<|Jb|rJ$mX{Msgta3Mo*R^!?f9A&1(CDjP!^m2l5PT;8> zAr&D@OB9KbhIq}i!8(SG;uedh@{;rJfWyWr@`{cSI2#As#YBY`#_;yB-8!X~3)itO z$b`lM_9?^efS~hu)_!&usD|6mKbZ9<2qtyHDuaehtU5z($&mv4hA!zZ=>wwWo(TS} zjjR*hPabDDrCmjf^xGan=7r<7T7K3Il5M}hz9GM{zkAeYiKD1vO|)W z2kEH?{}gV>hIhr^z2Ym7hYc4_10DL?p%%4Y4_A2LPed3YoA5O>ygoF#~e@NCsB2dyZ^tJ;@FM z+Jh(zBP4`}B5dr9GQND*<^;lte8G?~t(21o1^UBGKo8URBt^%Ff;@2K$`-e$EMi=1z`6`grHl|i z_E3wsQW~*2Gugi%mW692olpeR4D_h-AS4hHAd|}D8jYW|>CvK4+3ub?siMut{BIaT z`?@{OKf@T(53q;-0b@`#{|AggyNv3f`rOGaFN%Qzx-iz$0FD8>$n9==0Q!@6lxw*! z8VKohc77UAqF%Og?jInA(;JYB)HJ}QlB9Y=Fy^vHTA-y;phwJ=iCr&Pjmo}xgtlj( zMidi$5HsrhcgoqyiNz1#e<=9*+>Cf^KQ2q5f9bOPHx8fiUmyPeHdk`}e_xpYd9#3p zuBoMzu9dFw|6`^sRC#wsGX61B#!O0*AkvIWspo2#o5XpyoAi3$+ zaaxdEOcnhkztlV!l{%j_qBMk6Vw_hV&c!r@J%+h(y~RHnfB%Z+b%{DwHNAc9N|j<6 zCt;>%KW_KFK6K4~b~paM`ASdz)v#07dz1r!$-QVI%+DgW%Eke^h!?np(Q;DWt6N|g zKf8lo@<*BF^KMJOZq#%HGbP%e!($ch1dYiCSme+^bc~%OUFO6^bJ!MJ#>7Q_SOGL^ zi1F@=)RC)vKLF`1BS;3l1tfdv79A*i@Yumad#XEUzaZ+^(L-)H*}+3i`#mhG+UzCG z7xl&wh8CmYJts&3(0*<;fv(#} zvK^SEWM1TM)reB}*sU(>@Tf8(eQdRBTx@F;rVU~kL$lc_GO?jv+1({xUXr+Q{^=qi zK0USIDK9-iv2pZKvpW)Jf%O8p#A2ER+t(Gl>evCsz%66Ls-1K)(L{trxA=LDU1h3& zP`rD25^A9Ui}&i#b6vuwwy{h1>1d)kezZqsS(+0fdoKNq^X=l#I>yar!{YAIXJjvz zCE|h=uZTr6bjvBxwFDf+MuATVlpvBY;JNW%sc3z7U$KTlb%+=YQ3O1Y$>+SJ0tCW))VpO^g9c0 zJdw#!c`oBhw>7p2L!!j{Gp2nuTK(r|&e2Jp=qKoxhJ&nBimMDN-!4oF;mbJ~9;Ar_ zAO7{IH|Z%TM@Gfa8Bk9J0_?lZlPTB(gefN#Vf{b!Fe(zwk`@CbFxyPE=(MRVK$wyn zp~{HoHQImKN3-rT4I4-?W!mm?bc!EIGjewd% zad(suc?Y5;KhSvTZxuR7Y8=AAV-kYk*E1yN26~$4vh^zI5v%trdiqk%2R(-Cxp|W& zj4YlPp= z_g|dmo-8Tj?|`%^ve)a+r526I>0)n*QkQ2>1ow~w%l^5TBIl7qDmDqHtLYxDR+o8>IKMzYp zgIo^|<+xodU-NO50^gr-RUs?zuQ_~fws5G+*A{b#XO|PLb5p1(9SuA-Nh!`c&f63D zkZVF}uJ#x9ME>nk>a=0Nx~;=I@nS(^WU%ropJ$9&I~uhUHzyQh&m1`ETYa6<2Xf-T zm2qvz-<;wk2B3WzQeBiT3kGyvny$JK$1^k_-GU}rBI*m+CS7Fs$X#E8{so<*F|hu8 zv=Nbs2^rw9itc8NVvf?{og^*!ekjZ8X=d4sI1z+D7ur;!sG$MPj(l*BiOF*!fyH{i z-WkX%cGMHYoS6@)cDRaJH&b7|2gwVFXM<{NnE~-+v@aAgB&XQn%Wk|_$VMxNB36DBJdh;26uby4>k6A#U5_d*oT#of*o3V?9!)xE`=q4VX$Ko? zvWV6IxxoUem1Dk$Rt6%y3k_C5XPsZvSa%C}L{*OEOP;<4KcR)IhQ%JKUwD3>w$=CX ziCT+?f!)jB*w52Oma!0}M;}b6+UJDJ9IacbxHz%a7@VFr&W}Eened2E zCw_Q^@+A)hzzQyd?YqTSa=qt`>iiDAgZHivdbvk&$I#}>pM zilF12t;v>_Uu@dm8_e-{!*4hCF#Te`XGoqXSkOv)E}^UV&h{O}zca$R>zC0AoD1AplOUqds3D~tTtk+_6!r@F1+6fm1uZc6@>yj9 z1ZcbkO-&=I!UKrd2t>qZsVkMn%Y<)c$4zihwT9jERmnj%DM0MIwWTpg3Sjr2#D)_i zOldVaXOS#3CZflMK3Xg}oYTTY<(IPe4L{UWh(3Y1AXkEu;xOkqkQtsvcb}UB3o>)g z@RI5;NtB*r{<^=~T@dQx{%yzYyqIV6iT|K-2Y|cXf76}2$M@pq4(r~<`|AD5KI!d_ z>2bFSh!W5vmfwSYN}r*`@uh^#mFWnHXz{CfA++0@9trR6Q+cq`|H=*!sC<_loDcSg zKO3;|J=x0yoMm^z!{ZPk7F2Nu$z$yY5Bb7@HC>tRRdO(4yP;8zeO9r}R$nbtUi!d9 zRv_;84>ah>UJ+TjP8h8z+mKMwVL_M9XAuRB(|f#W>>fE+9#yF2FGA14`;vkGE;jvS z^q|Tj<{?e#m?qD_aBYH>7>@TocDcJYVDdZIcGbEY?*t?3GUd*Af5iOx;r9K@CNz_ZVTD0=U3gYFw6{&U zE9?wy1K-yX|4Um>KlxpOaK# z`yw<7sERK=b#Cm4$jlX9LY2Wlr63DNG&7YgN_|h~*jNR|lzs#%#3l5zZ+A4HY{V0B zUin$d>k!#HVLu~8Ho-KWi43F^TmD%RMbeDC^)f}$zt*;%sd_9%&n5P_lnIGNS_9QX z6exD8gfRJyStiUTB579b^4zI-k17{FL1VS5u4^oa^@#NGhqdq;8xh4&+yCf7W%gvW z<$ttulS#$?9ajdL!s5vwKo*7GyJENRW+y|UuEjIcj|Cw zs-`3wINcq_Z~Oove=b2V!9X8i#NP-#J}9K|5)5?FY>W_sgDSxPM$N5a_yB@ZzY?J=9gznn^w=y}{5{ z+3QwO|ISgjHgQoH*5KHBl6$a!bP*Z#&Smgqn+X@cLN$vD=aaD)D*s$=-7f2!|!$A#P_Iuox1ScCKNTF(Vjyv9( z%I^vg^6U#hKcW?llbhAZCsRD)RE2Mo5*ifHEVf0+PtLYQ%o6uZ9w-(vB*DhpmT_u3 z4wo+h`y3@$M)d{|WDso;M70%htwMFidk>DEUDmmMj{AY7scLEzEn* z<#6C@8ND4qrxp^`QyN66o6&5N8lN%9B-cBzYfz&t8FrCCdDul!EgWe2Qf8eY0H-UQ zR>>BSB3!Zv%qkMZiW~7`orV#&^G}vmy*_9e6JeT4Jr?B`{Z+g_64f!#AhUPnT1ZJ& z7(bC>LOE^CFEx;twJg@=G@C3k#YFCa(i>HE%EePuSSy*EJ2f}m+*2fttgwh8oRMockxakTpa4St|XDw8K_@l-m zbRRZ-RxeOTRmic(WFocaqEME>ID^Q(UM`_pym38R)RdATpEP>Zxs@I{h@Hv8jM3hw z2tci{W8;G(5ttUo-Kl1l8XLgCCLMAZT&Wf2zq78F#x0?6Dj2Xn;wBszn^zyrXeM`E zB(-FvO|wzTMo-e6&u!#X)g(M(r;2U`A5Y>;mXTUsEOn(YyDngp8m`b8<~1icj3l-u zzX~oj(@%O8}@Dsiv7u!K^8GYhGINyk*zLXW`+L{hL z0VYV(FB4i?%nhoDDspD{C+39$EwY%wh%Q;$Z`K3nh(CEuC512wOoPfwx1y*fOkbRC z-SQ_9Wo7j@lR>_wk*FXCbZD7KvAT;O#0;an9>xpo6)8IgRfEckw&e+lEAy&>XtIMj z0;2(AmCCbE{KAP8_fY|QAFs7w=iy%D&vkNq*l#q@GJVgso)UqVcXP44Dv zd_X@_DEO3d9zF5GkNZ>+*ZEAb}4WIRp?FbT(I4*>{XroDpdoPG6!9RYkcL5O+JuVKX>FnHoUZRj(fF{{VV9qSg z{1JiwXZosiBpYjh024G#Pej@2w>uo-KhJc^Xi(mG$dq{Jh8Sd_pmlp|9N4`bLwO)B zP!)F>a)8mg)T1!wPj|qfOEs+#CtW=E1FT<5KdSZDXg|dOQ)glog+9*d4t0|@ zVT)lLiNQot_y;WC(mDYqZNp#$_LTm>+-yGm5JjM?DnT=8NEly28lp%+gRvL96Px&l z@UPUB8)UVgiB1ISFI}hK#&F=o{3LZ@@J0Y6u3kY_I8n#=mrmbkw9uN|+l3};l_&kz z?L;c`HME{>lw&pMbaZ*cCaz{3b<(I2hTr&v!9oR;QPY5%+XBCu1ZCM=_Fl+E9E_is zcaO$y&fnSZZj#vpSb-lntqTlNPDhoU75f& zqBeeE88Zr5$2e3Wp_&roCouD22!h^}vCY)=WD!bzQ>3lE^Q4<&cW~5Wx}Frt!YX`Y zCIZKh*a0MrDVBV^R5iJ&*l6FNx%L)jsBsiIn+5H3_Efm{S8|8`iOjfw`3ioI>sXRk zTfJ?p7Mzm$F`WjK;Zup;Ff!^IGM8#q$U&iIg>v4|gD|#;G}~)1kY$+RS_<1Fu~=Y? zba{q2Z>AM>^zZ1)%r|bFxnk^D5@4uHKRMW8qmFf>NU6Y$^YQ9X|=8 z9J!}~)F|57s$vvSmK1!scp0~=E$2du9?hfiiTC<5YN2at!D1%MBNTcibO&O4xbTPu%ieAb!mgC z7X5&u>)b|?WqtS&1?Gj6mKX(9REfzM6=z*+${dzP$KKwRXj|eL1+Mye7FX_I+y{=N z@Lq1wQlD|iBuwD6A$hx1Da{*!nyJ>7IYUwZE_0}!*e2>gsDh_?twC|Cgh`zFj;1z#QO>+YrK{jLF#-#-^O~Z?avx^QE4d=Q$xclVl(&>Um~p| z8$#3U#mVIu;?jI++n`zpS+2hIv2a*zdjE`3$eKrSSa zl7;P6_yj#`Zwzhxn|$dZ(K!XD^6#$Kb`!K)crnx_dCc-?VMn()qNI(1>*;x!tY68( zc|=5Nmxl(F_)|E5A1*}kxk}zU)3hl8JQhGZfij-dHA+Q178TD<$CJ}I=aaN3=abdA zU5?=A%b2enp`C1pG+i>4o56MJu8>vg-S6ZsX2x6~)|Q(JGf(RF&ScnEpcyc%M|oKH zvY~XsdOU!tKGn8FCe;Dyworc?6NK~{6Qm3+ys9F-Y~yY8bSB0L_%uNS!B)?kCBUa&snKJsGAwTe15?Lp|$2UdEu5_`pWqY z)4ToF2X3d2kn;ZfyLc@e*H4!+68YkfaXkh$ul{dD&5J5i9-q+5_umgP7(E8+HW)fU zDRcal92A*XeE^b{)#(K^;HEBe%EH>#AN8`BqoU}|k%U_-YnY8!_g*@yS8 z9Z{?+-Qm=W&T6pTfQT=eVY)59@@t_HX9F;(h9#Nyu^MFC5XxV+)hmXC8}u00TDFKC z-U~NK`}TWJpJ3O<(@s8c=;9}Pt5!b z36^%00YzFgxVwDU(Yln_V44+<@{~ckLal8dmRwqQQ@ZI(VW#Udwb-8Fsqvj&4gKVee_bJ4i?4!+JJJL?~ zF@`QUs@6n+Ee8E1*`gU%FG#yUOWy^|Iz=~CO5Q0Pw~gMh3Hb1h(f3*5QIBHv_k{`z zu(WX|_79i1w6z^?_LO_6`Xr1UaO6r!&IbZ^ zQ!cWtz=$rMmam2*YKE_?>t|{wc=NW*GR{rFxE4IH9L?lCb5~_eg6<}L*0mpNfl^kl zc=d6OxZ|UT$)E~2Wu@RE_g67epjqSP#&n=8-|tEp&t0S&zXtB&%((yBR;5XPvS?UU z+0lO`P)8pYLXI4-NYdWof_2C9epP4g4|k2+PLE=HPmM-@8%}wES$4%QZA~(63!Gn5 za@bROAE|y#)PAJuzcMx-PH)&9W-WjBKF9d4fM-Q>xizr-8N zx`8A4IL$50Fz0QQ8BahJ>b?swk&ie9*-m`H?o+=$x@@!J{_B1n?(ZM>o_4t7i~hbE z5!cg=ry3_w3ZS)LQ&8sn*FySy_u0HYLhZYo_77T4D90St*nIl#eCxr)y4*Q%e^0F< zl&_)s4!;b2?*N$8%%Tr0w5LbM!EAP|G?@hOqa#OKf#)TkuSLQk#~?{d)^HXkZmJs| zNMIM+O+vJLxV=~%zRS38UR2<6lvcOeqKZ`3mzp+%!+h4e#l?WmlI|~t(>6s!mOwXX zke?gHnS2~Gfm&Q}*X-rL-vBIBn~z6Cl&=9eRGDeyFtP+v@-rMyaTWqQDTY0XcN*<7 z#)8ZAH%oX5OEkg&aO1O~P{%Coctb0vTG?b3C(W0Pl;Uf>q%^iG_D``46jY zIB<4Ho?Q;P#tNR7*^*y9(6j!UVf@`&52h)qV={iWf4_VISawUZ@d(;^!{2?Qf`7zP zal>)H1!RWZ#iO0bW;pDO#N9{ipfG$1mF$@|fZd7_a#2Xyw^R$ymH@mSQMs+!2+$d` zeBrz532yk}cKy{I7ktY@{mqwEbOGXF5StrpvN^8!iI=N2r8T@eeT&L9i2-r12p3C1 z4soZsEU=HEpF)DG{17X^{#N7IE`+NEt1d|4FXP1r$Hfmvolm`;54Q2JmH5!7{}b)& z`)waV=xpG!2roHbqtd^Rk;N72-ElSNPvFgmo zM%#^$>;54%b=>op9P`Azi>~R=W#DRmApm zi+orw)jqzeI0L}WL1PsUdp#+U?ByS&8*A-B8119K?b?pD71b{r4$EpmFwYkvCh+PE zGw9@EsgE1C{Fcvn@o-6AlRDs7~Th$)1NpJ;2rnl>nUQ#?>B6QHR@85U9kK)Yl2LlWD zhA3|T0_Ez5MYWWCJ8Jt<4)jDaKsVc7YcXKKh2Tz)irO_`RF9Hd4e6YF7!ZMcb4;l zJA|w26gj)I&>pj3_*;8T)iEGhpDmgdjjKkS7F;-mWt0hYBc7;$&}u+1PT#(moxHi9 zAlSCYmvs&oI~jJKSeM?;B~?YnLb`+Nq+0v31D`=dpcHS68zj@u*eK%a+h&)+SyE5Vn?-BKdq@QjHQR*)4dj@8ok*JA&MS(-{TiLj7;}i)qz5)}A?D_d}c!`uw-IF&A zS*@CxDSW!Swu?ObllLEz&gnhGvewT;*@EC-$#O#fmMr%_96|p%1tg;XFI`SvLk95= z(pQmU+XJAyU@s-bT6oYPluRYsydIt@fJRBE_55WE_R17f{e0XP{C6;I+RF~yjR?Ao zbNb&rYYT?s^!v>5tozHax6gf2pJkUUVOVGE4GF^VcUT;@6`PxxUP7>FYzq#Ty&Y4? zK%_9}d!^EXO~Vw*Bo64&v@3|9!XU*x8>SOT`@VJn`q!W*mziB*=}+|322XSb1Gof) zB9t3Cq=PPVll^woT(48N4TnZM!xPv7>z2fWfWC-A(v91xa?5674|H|LQv30AO!{@#e=7m%Yvm*yg9~ zEsc2wb!!<{U)a(Latobjc{0P=5aJ-@D_6Gy3#szyIq1C5da`}={yi$iWZe!=E8&aM z6`ibCu+F5L2i25O!>Lk&&na{UE-qe@Oqzz%*rPRAa$`0^bpoWMH&uExv;N5ghWkro z;=-!$kdd1saV=A?t^8HxaBt7Z{HxR(i^2zp^@sOEI!`og`Q#gp%`QB6`o}xx8atj_ z7<=6DR|Du}y_9HtWPikde&|y)289=KPXtwx_CV-W&^VL1%ipe8y4b@jJzz*Pc`lfo zY=4l8OL7HlXFO)HRC_6O5m@uBnrl#YIjlr3u&}DiO93q#bbYGf1`U(hfe~2Mq{ADvU($Mw#}f=%80KEscta z4dzvDv_A4ff6{(&$6hRx$qGL7<5StUQ|~idJ?gu^KR!TqV6Tq;?o;$L2c5Gc(GS}A z>!$6J2!!eeJDiG|IY9Ss_hv(kw^HvNPBLo|;+_ zfyB;WpF$Sbx6qw;AZ0~FY-t<^S=$V9=N2C&Q$t&e%h=8@HH>|(!Cu=GTNYe%9nL<1 zT2~e%OeY>&U{EJEZ%kLj$yhO3n5%HbjyjP>t5&8J%=+R|F2fOuum3jUv@oiT88(ej zLn|HDDTtC3y5(DFKR_6^HKNi;&UDMffy-4G!?BPea`b}#`Oe4%TuX5_augjJ2Z z`kj12f}k}6$-L~Ih@#}ex-coo1&>P~Yrw^2^k|Cf`Pg)`qgwUQp<$`Nt9{zT=sLRs zU!`_sZ1hGxF&Aw}_)2B=z+i$!`he`uZPfVzq`Zn#1J+G=-)8ZHo|lhlRD%q<)P$5? zdqqOJh((H6D@M49^Z=#%^T`xc>g^A`mFMF;&^c_lAlC;ru}heA17ZFW!B{X>e6Ejh zY%;OqF?|R~^E4!pkX)lu!Ye^7a;A5UbwT@&3Qk}Ct0wbP!GD1NRR#YWIVL|!`2Wjq z^FQl%Qsckif+URBhDU*hcq3$IK6v<0`61w;8sHGXb$kd0@R0%x0kNZ!DXG8YG*~yz z=h_r28!NR;EGzRY@$yv7RT|&Rnwr*@*36oxo7BsX-m~AgB#q)A2G*{h-{11@uR5={ zeu7+&y}yn(ocH6exjbS*P|DJwt>|15d!=wV{L{ltP?}wC>ea=~C9NLqFq<(umJaF* zTBiEXUHy|;?^d<9298}`G_UAhxZtFYjN%3EHmD*qNu0%qspgtoTGE@v?FYt>?^)vW zajte#Mr~c6P;Q;1MafNV#twLBuXi%<>c_`FJ$!>{55hY>c)YrkX@6D~kLCSolZmgM zTmZ z7I)SSDshvF)(!7CCA$=kzC%WxQ$OV5uUS^D?}iI5_ep-@oSsF8WiUR-<9RQ0n_n60 zO1QPVB4`oVvzcG*Nwz8Nc&+bHCA+2%Xwy8pN8wUBmUqBlyha3$?dp@Kc4<>D5K?tm zR;dv{4~(;W-?d?R1`gfn@YFj0-%A|ZStMx1w z-oeC&AG}Jvz9t2CPs*fyB#g?0k98CBZYO46r+#?GJ_5yio7_Z8e$_5`>D|c~D)BPD z9^-fkD?eBKcq=}j;=NCIk6%@^znFtzym|##@51lyG2^|@bH`tV{JoEJHC~9}zO!_a zvU$-yMBp~3sz;{FwcEnK4Q{ewzQRYnA7?~fg-qYlCEt0qy&}J_cD-+SVZ1gESS7!b zN3F-+y~l^P;^x+Iyn=&em5B7yxWf_|6n%rQj*SG6-Arg%8P#BFRoUb)VTj{*iQ>^i zi4}5HjZ;n|hFtPETNu%GeqTTnvkdF^iZZMqo=OME!z;$^4n&C>v$gCW#7l!W1+^27 zD&~2sks+Hw4)SmA3NkDFVcMERnz7^W%$=&-{cGG&Oo}4`dRxSaa1P5d)IMt~u3h%o7Fb%(Kg&~bx6)RW7Bm#~ z)K;_@$$aUEO&vLoXY4AXFJUR=E&%1k<}Mh0)aJ;}&7rQLzLrV??ObA7X0D%RBD0+w zCg^Xui*!U|7Va?2U)lwH#7*;jS(?A>#vv@}H?Y=*tg5JGt|6i@d8Sz_m8kgPKW7SL9TQIxt6t`TS*VXxCBNMW#@)#AdRR@>0^xH>~!tl472M(m0W9n~{UMXC{Dn_b%DEO{9>^|3UXDSu2PSPoCm zMeypG)~~BH>vgXmHpXRc4&$ebK@2cT24rx64S#3}zc9waUrflL#;(pU{mK~KIJ+Dg z>W&ZRc}a(B%LEWYw|%8Amt>hRq8x*l9|GfHD~uvvt9Y_ZoVofjqn!%ZYvV7a;X77l zK!7Z8Kg(FQNP$`bf@GS-wnsAwk7Fkz@4jeC$l}g|Upe+U`{;DwR7o(f8bxnEUDv%d`rw zbBu`-?Z~T0LdE}u?C1hI)s4&ka+dM3s#E_R^1MYq= z%X0?~zgaF8>;heWGqXGkAeN@CPKr`M zCr1fvEmSGt#pxfrHpo-ZR3^&ovixmdfs%ekNBzv$fpbS|75Nqh!mx$mQ1k68?H8CgF zMmICM>wS~8_BScTB26XNoRntDk)Gc*m{vCduye~WFzF1?gA5Y|Pq`3eKm?vzaGI8g zNje4_2Y?nAE}D*jr(_~4hSiPT3y*DJi3j;hdCG~-T4lxlomF^f5Yow`)p*b#hne9i z0^wMMC{Rc==z&nx@}<5N>_LGqfn4c3CVh{QKr^c=^e}_`V3QdOj+fCQ@U7)+<`0cx zE8+f)LqD5xN6oC1h-Q{n7$rLobJ)BPdqyTOS+g*EhDKza#Gwq55{1@Z(-S0R10XS} zSWo4ckv7>t_gf5KJUTNyyFJQ0eJuUBm+SJtg#8%`7U-@-{Z&G`e{~Q^~B< zwQNH6FsV#7afD&0m|I}7SurLn2=@c5t#$$8Oi+NjWw@_L+JVn}F2AzAJzJH~D zlN4=A+BMcp?F^}LMP5P?xsFOgsazq}L+y;ou`PG1rbRL{RB}R|8S-4C%*>G}D~>d> z?nI8mq|~r%N#3yxCzd?ly`UnUm^whqDIhPlDgqEtNw4iNNj=xB*Q;M1vldYe@h(e@ za1zdY%OSQTT%w%Zq|^u?krOS-@u3%rG?Uw0+D=*M=r|+eaTUEn=z1omP<_EnqEfEX$5e$V zl=)GkOsa8wS4yN@%ng(@x)CTv1njRvAcOso-kc#HFB<&axoi8+fq`z>A**&KK z$v(8jbO>iag2K?v#jKuPW_qc`2h=dr_pV;*nQq{g3xnSQUq@vzD~`WuJOckwc;yl2 zyO_R(my9z-3T{@hDr*(()->Ev-A(aMGJvPRSIDNNf9_}!v+Yy9X0}q3(4lD4&;K4-D*pMQbL&Wk%W!fi8=}5fdj3oj*aAq;@B&-XKhJp=r+Tdm61SZy5=&x+v zLk|&A5pOJ^MI6$t4!(oo``MV(Cf)Y|R$$jzXeG-^;Oj0kI(UJ&T^|4<$q0KG%m#>a zWRo7B-efH`;Jmh-eH1~-w`Y)i4TLdb^Wb`Y!!VysD4dDTz`4Ng&ha>1=V2?&6SzPQ z^WI1g+`Z)jC@6<|9ueMK9|QvHOkz;x1t$WJcQ>PguoEh3A%S%u%kjpU<>6=(2vU=C z!*z{$zaj;v?j|ZJ^t%h8_V>lyQi7F5y)DUzI(&09=v^)-N5~V~wau@wdsj_=F_Bm% z#rk2zcLE7eSJjQtg5tAOcmmuS7< zeh(LaQ{Ctb884Ag*rvYm_J`$X_)eK05L3VRdOG(~%){Fy;@CnHjOC@H6m}!^5w`P+Ohf8>2*l}odYhJsc+}q_rZ9keKq}yi6x99w zu4mtfiyV6HV@~xc&xlfM=QV?=jq2>DNK;#Bp!tRj9yJ}T$jV%UdKPU#A}P?KWGHe;w`bPg$=oS0XgU2#={Y z(8YaJI!ayiJ&f7p!r8*42u3dVg4Bl0=Tl6FW7<7t?JnSQ^TV0>KZfDG=AjkE$Z4YEj%P#K) zk;obR5a#!8O-ZYLe>JNcbZCXzNFpWR@^0zsTqO5L`nz2M4da6Dps%FGPHan{aUQJJ z33gX@mZ57<8w6oi0=_yaWdG3M$ok~r=IN94~54d@Z%-ytqlbaT^X%Cc`D%?*F;S4 zlXiKhQZ8>Ea)(YdR6PgTDI#?kI)X0NGd>tZHXtX-xjkrC<7G%~2x)qaI09TsBwEBw z;T+QhjpHJVavmlyCKm`9oJ#gNcxmy2 zC}TW4m2P2gZJ{EN2TgGhZ{Z|g3o><>7%R&VtzyYg4~ARbb+W>r+Db?3XBRTG*q$@5 zsF?P1%zC>jXX=N0coPaUnxbU>5ga^-#l%a9N_fZp+>r4fc%T~#tK$3QQ~qRIz#T19 z$^9b37W|~w`i4AyUfB$fSESN@hN`SEIh!7OyAD#7J`RaUr>o^4N+vF3akD1UmS zg=`m}m^OHTQIqbDy0ncw$?a-y9=5+c?uaGi@Qcqr%hp{;KX`UN61)L?&cM?NbmLQa z#Aw3pjJkDbG+*^yN1qJG1ZI7JBL5|t9Zwni#6#z?j|oG%%ng;2zgLEiQ~G6y0yhUd z6h}%xr^2Lyqp7G`GorLdLEaI3RZV3}U1Epp2u6L=4rVf!sThMxf z=~rxx;RSjEZXCA7(Cv;ZwJqayYIA^xT{xm9?Dh~*F?;I!etN>)P%}1i<|Jvw+PzzW zf!(P@lI3+@yGgUf*x*L{AjITLB9KnrmW*SQHJ$Saa3Yj7J!Ai-mec4&gYCN=p8F_4 zcV!pRk>KHgjxD7k$F3#C>;S_&+t`p<$b1&*tSuzZF|SA*tTs~?4)Ab72CFL+Z88Y&U4<2@BG_~c6M8B-|V*6 z%^GcuKIa_$*YiK&vKjO*u1{TUM&}K12|Z3J+$(0Bis`ZAJ{(@LKk)1fh=-??JVUcX z(8qz-j!!VLZlxQhD4e2&roF<A3rIG3f`^s~|d`$+7JOVY`vN z1tW6Ln*Fnff?i2X!3my+KAbOt(6DmTq7S?FAuO8mdEDFSrxbg7Zv%sX(|G_zGLy+c ztg*8OY%nHpUsN?957h4=K`KiLu(#nf8fk3d<}J3NyR63OdsZEuR)Mj}FK z+p4wtgjuUic}Ro8?I*&sMUii1#bcCD?U$4Dq&fpf6%%|79o}(qnks3&^J?c4!9@sj ze?WwlH&2Q^x9^-CLTY-cU=-A-EwtDG(GiRxga|7tg6DrboCtf?53I^oGE)qSXU) zzbaV<8gVmcpn3hFaEJ7EBJE8Jf1|xNtlE&1VIH?U-@hRlYoA1L$j?2JI%DL`#TS6i zJEbxn5a6fQ#LXLVaIJq#zFL>|YmeupeMP zpuMLot$Nx&Z#jk`pWAwK%QBXb^J zwHEYeaP4L-AU@7*BCsCFKRd-5AwIl*#gKtF3+m+;L3ElJ^X}Nlydc1HZL}h0Pz}_7 z3Td(cszA1tfZO36(zW74-JLv4)<%*M%rOxZwDz;}a#G&be5{JJKmD^s;MiqZrki)y z<>w6JeAqNog+lTNfQ~Yuvyqe0MmDhZYQo+SOl|a@0_8DJF1;i>#ZYT+Im!aD{!U1o zn?c9djORT*e(7j#GZJVD&{#bT-Oj$QejPV_Dq|g+VLj1`f8wFN!Ryh`UjZi`&eb2!id6@SU7@&zpA)pr>#6VQ z5;d4}YC~PYz|WbYMJil0L}p9*%@VnU-;}jsVeD!_lzJheW6%{J>&dUY$$J;(CdixEGJJo7oHI4JsRD#T@k1(W9FAh zR=BRmF1IeGdiH^@`T|n@L^X8}I-2b^=laN4>UrbneQVE~q1hE|b|ChN*(4G`1WZL{ zp6NZXWXnw7iF(FR%tjJPGhNz}W?7w}JYaCIi~3vy;-V{ZWW~+~{XUn{9E8YV{5lpS z5;L!lyTb1!0MLm$aw#hBf>rKmHU$&ZRRhx>K{KxMBHfEVPyrz^7edW*7eeJ8B;;Sk zF0NM2NL>+Y3WrX*LddhPKnkOcz!5(^#8@u#zSw2Zg-;z2|H2BQ0spD&UJg(53T2Ac zRn8;WDLDDJIN}ai>Nx>4X)d6u4^vnqC&m@M3!n1Zd5lJ3>oDnZMeSCQe3lO)gFIV~ z{4KAR1eqizpD163jZn7nmx{&MzyS7jnGpxtIOC9oW}OtnYP1qA*v&7sRZH6=$xmS_+B>-DMik|iZV7;yTit&(Q6Qs=$ zNMYqd$R&84NCCL}@RF!BM@GM)g6fDAx{=NuE2mwQovt)*BPYRoH)o#qk3bh5WlB@{ zvkgrq|IwU3IJh5>0|*7|F;wHhF!4YVu%V7Wd!}yx$>7Gp|G8 zmGdTV(i5ropvvlLT$ma+$7d*UatF`s3NY+Qs6IAr3)ea^)fH=YB*AOLZdHN3D>Z$^ z8R8$cYJkQt1aCIo>%FLSzfl>YmFK$E7nbAwO)=#&(2f8;Tr2{7p_NOq)|BJQVcI98 z9C8hVk8oA^7ba_+Jr&VR00koRU4r6KF6O%Yp?!`jE=kUrd5Z=%Zp@Dmg~ldkD?>6c zW;rafzBF!GDD`}o6qm9GcX!cDBsK%daVmsT(%m(~&$g2j=GZhkXa^ zjx(lVm-I=PHx*xh`>6*WwQv9Oj5McX$AsGa_6v9A&JWSPC#L&B^>H%myP{vE?H<&6 z0c^UUx*ZX*yA`c)hf-a-pbxGCH;w)y4(WB*;BjX6c!DR$m9Oqupclmu+2chw&F4Ex z_cu$qTD7sv1JJ0@IfLlG&}a+6H`p5{ z!H@GpxrrvKPPo6spG3|N#9$3t=G@y-_0Q}?m;DXD?I7o_a+AF=*={$nxiw|@@dO6f z>IEas`m%*3s#C1aX778{1EarR-E!yXf z;C#Wyv=1v4AsL)^>(h>1QMxXedDBv0CHem*p?>fGvq^jthL-sM|L1o9)4}pzM9Kbh zZs%n2uMk;DV|!T>X9MGZk%sY++a+8$K`$;SweAPU7A^%EEj%Lvzkj2|NE1>49d z$OL!%_rMV8{$_kf?HYPJ4el-Ui*mA2d4g6sXEAk&N;ynnr_I*xzdpHgwFw6`GxKvJYE)+Z?ynQ^>fIa46 zQi%kkh<%u0)?w8cH_olY-@CsLTZWj19kTZMVxG9bhIzxL4D10hXcFm00sRLpy$*@} zdn5KMcnA_H`xs&4yAIEITrpxXWHIY_9x*(4Zd_Lm8+Lt=vhF>#M}-y{pBAC2SvvD@ z(V#KJ*h{hLO?cxbM@2kjM|24d(cEpd#UWM@*JK6--TIzzdC2Q2SN>$Y@^j}mrTfK3 z(%DXw#jtK$bwLwyOhcJr)^;ky2BD^Z~Xj{V>A`)!;e8 zFo}fc4~hMFBR-m$B7ArFzPHRgBd(v_hf)RyHEqS$(isLB$6V=$g|b>sMf88Vx`?Ez zvD(h5MkU2JmXreTtjq&9jQ{Y5w3ZOGdbR+#pi>IA7chcl)0`R|v~Yj8HQZ?iYCoxY zi=WR$27v*a`!bzt=51g#EgeEi_t$n-SMx4*x->5C+D#~}GH_KhS$lTvA2kNT_ZM4w ztX@u8iZu>L90nVudFqZsK)XoJdUe*{Pf%68rO&E9XQR*ZIFYRoW>NKTnmsjLpPyu( zpUqtjkwEU>zFop)RAfpmyKDrfnm&8x7ec2(z?i`%-Q=ID_mzOdt6^;gCe}yQUafR7 zUe-e4nyx*V?aywtLUn3PB{=uD-59SV1k?xz7uNN+S~p3di{e4^G{Nzd*;5@cqW_|C zR`OynX~J`)3ec)Jz}EDTUbFDai;1x;sa#hqs+jT`E?meGlcZt(>*y7=BBT^-au}Hb z*5CCyK%?6;4zQ_3J7Ml{WT)wXN8j4HtUNu69Bgg>(V3a3>oX2YV^4l4ShhcQQScQh zd&#b1ZoKI9_LEWOw`=z$9s18oBXC_}@Rve{ja;tJj5KfNlJf?;xh?Ip)>18Um72Ng z!Um;8X4y$)UIkX}G~1YUP*GT2i?4D66>0k&mDNkQR@<+{kS5;0>8)S&ezd*iN)0WLosx9t?plQ4fFh@D!Q;Aeet zSU_rrb7xCwI7?GzmeAA|lb_5W1^h^NJb`1+KV&atL%>?Rh40K>2hCb!djb!=uj%I! zk$$8L%Ck^Z=ikjs<;VVJK4nvYf)4 zzRx8Z9ZPABV@V}yOC|WRf@Tf_T+0Kzi3$-nX;mwtRuP$ zg_cKC7`;Pz^;(Is63&gLrNrg2AYxaS%uX%zZGjTs()JBKPq~*Kyd9l4S6>t!Syf5) zn~XVt&RYrY>Mg{%5C8IS(A#0`%HQUWoe8?OM~f|c_04I~OS=`Jy_~7zz515bIg@fIt zU61l@f;?7-1HAy7suzO$0}WTFp{-8^SFeR-@MIs)H$e86Onj9CP;19DmL{F1^Ma(1OyOJ8~p#R|499p<97e2{`2qgkt($}KQuM;uPx(xmb9!Jbtvbu zA`!p{IZ_jR;3c`C2tloluBoymP*LLMsA=ETgsUk#VkBM2PaB_tQvJnKE*IZ9iT57u8P&+}-8Nt+~ z;N~cyanusfp=2jm@%C`1K+KFFjPc1gP_)2JV9=7t2!u|VoYaO<-BFN?0rHMx1=^o2 zzvLapjNT6&fGJ3=MHB44M1d$AsQoE!Re*Aa%%1n_L9!9_S+b#boSr*=F+e^4@cT*# zwt4>JUjxNSmj|JDc&@jvm5qGkg1o&$-9@!i84N*+eem1B{HK*>qs^o#rECTjMA3YM z5;9u_d1xb`Z^BrnKW0WsibE-0j%9HG$=d4L+@rSs%iK;+-p)(Uuaa-7w#`WtUzLPQ zLSCY6fwnGr_%SJun@iegMW8|x}SK_wSr$)gp;~U>Jrb|Yj z&%symq+%~r`noX6Ch3=?Da=EvN*`Z)7UVx)WnQ*m;Nmu#KP-R<4GL2`-;3c+!R>ozD|8qlZYhW=X z=irp$(XSx>V+kz!a!XwUFVQk};^o1ZUHsI5DHMJnucVcyGbL@2)+}FZ^2WG|3h8RW zChTD8B=YY=2A$+uz9_EV%s$RMfA-9u4I2V22^N)pgOxwDf?O~#27<8M)(kV5lP zid_cpstnNgFoBtL3Sc25nRF)qf&d3dm#P8LGn;BEd3IXDD{GK(f(qY|33A zEQsgPgzC8Br#U-fMo*F|0L zcKBb9KLclD-iTl)KF9kLjz2@|66qOt{7S`Qr;mQ>%FLFt!~h-`@BFb}@|+fxV-!JL ze$teWTMj#yCH4M0dom%4*)9de>RgrCqdy6puxTbXDwT0&fHhqEP&A+pZGDV)#z=|9fA)klbput7b7aeAvXV(>_T z?KhOc{2ACi^`^a%i}m9&MQkey9`)z3lb9T4k-f#kcCo7;&5WiGhsgb8uz$okw`^p( zsY6Dtkx@L76RVOj%9K^L4}n`L@9{$D2i4^10mXB*y-=c~{8Mq;IpG;FN-TC$0S@#T z+*8Q8ZBxK?dvS+tTu`V~%uxGLxPzU1*C6mb&E2B0YEE%6%L`lR5IU_BNd_aGO>dc#MEzb7$geC)I4g zg<8GFWG;=Mi2F;tYI9W5b@}^}I7CAlwrUBCHlgm+XfjtZhuMm^jrMFKfFo3 z*Cm78SBHAPRJu)kxT6$vfmH7%#K^lyX1~)v29zNCg+{T$0`9czJ;dCH6Qe@Qm#Uo7 zvc$OE3%USetd?DSM843_HC18(^UPiZ`OVwsE@Q0L(#>jr;F4t{kJH-2t`o#Zus{mE zOqB;s|BY`?_!Kq#iRgNZl-*bpJGrUTEkuSuSIE04i7mv4!|_lZ{fy=Jo=arD+CJ4&6sRd4@p;*1Rd4Fkb(mY_P0dQOc<;c;=qq zdzl|S+fx1sqV7{`3{h0m%W-(OB`qH=K2yzaEtX{ZXE>TX0c=trs&n8wUQX#(I6_K> zkj66Hdp#1CDKWD%ho}$n_8^~0k=J|j=h&ZnT7o;(SKNZWOS3u}QkjBxyr$)Dm~Fhm z09YunLkkuAS8AM~ic_X&wt97~KuL^^Ud+IG^=64mwB^qafoTJ+ypvZDMYZyT!W%^S za;40nQ1cf&c9d%y#Z!}D)4K2s4;~#Ckh~sR{vLY_isuW2Q0W!CWRXK+4-7X)`XaF7 z8+&`{hQJCq)#q)&ML`Q+F8-bU`YP|AN9jm8LXB3gfOL^b!J^;C9lt^aN2eU&4G%hFy6Mfk|4hN~E&Ry{go(c#g9M=D6f#=pP%!=0bLYbrMPM6r7NJ z?GNP6oSdFf=wydNVzTmz+J9m>;ETSfZU77Q0HN9gdJJBTz%JZof9!lGY)w|@YW56o zcFVsbmTU=)sxnJy{}7tU9iDZoee9+z7zx~y2A8fp6Arg=k%oer$O}Mey+;o&-dNkU zxNU!Ih*pQ#OqV9wTe7CY(I!UDa6ox`KP(NHg8%x*0wATukcIaRmgD*lu-yM7bNqJ% zFl9v<5j$HaX9HVjr+=%E&YxO#8=`3ZiNyo5%4-k8H8ZE1xG61en&yDbN7A$Pj=&U~SDVNl$$QlnLQ5V4H!Y{IkCyfivH+thT{lL!_Wo#l zGX|v{{s^OGu2c2EOykYE<+OdD zf}Z+7@48s63YdnO3+6m7!C`hc9a}9JEU>Ac6Y56WeH&N-(x>@G8I?mu;2N!mh6f<$ zmJS8D){b^nJ9XkahHUiBAh8;4`bU6xX8Bxqxt$;i2Mz*57sRq?c#!$3t!CtaebbHT z%FfNI((4c{p7`I%x)d9$P;YfTWe%RtKDI#sBDn>}^t2+Z4WT?O!l zpdb|e1g=EaK7+iP*`A8H2x@_+`YYGh&)xEq)n_KhBO?vjk8`1Oklo!GeL*PhfSa3j z#j=P4sAAxGIH>V-at&Eab7V;Z2FH|`A)K9}xn%AJgo>omj%TnIe>;xXQ*l&&0|s0! zVvRNm3$}K)AU0=Yb6Qn&Z08Ok0vcKA=g0#pWJthK@Iy=5Ob!Z#k;rb&Ny|~dIZ_rt zMd`qGG;K*kFAS=<4-%M5p2}o4RLMHaF15B8Y+0RJ8?(GPQ0hJkpr7k}d7aY3f=o|Oh9}A_f&VOP8BDTIZ>L(&b$R;bPd(S z?T;_9(}$K@`^l`GaO9&OZf(5>p8Fp1i>$MbDt{X(@|aI>SAd)UEZv%!wC zMtUp^j4pJ$9Kzsi4SO#>`1i;c1*R@mB!l4B@-Om}X8F^6AI7x+mF)1!^c(cp;fN|T z2C2v2AP>}|@JG1I^$jEWQSR>lk_WgG+)6@6x|fi7L)=QB@JBvp22bx_2L?0z=px;X zMfUr#JN~OIxQ3{Ude`b#jr23bUIt26hV>4j{cPW7JQ#k}WnQp89M3T4Pd<{9F>A0`Swm-$z)GH2WhUe=_1~RX8rqK(L~Nm% zPxgl^8B#0qr#0cs1zoJA^VuMW|odCxtcPmbSkAkyWv&}5f0l+->@|MiHL+H%PM-#|%*|7sy>XkuW?0Qye_eE$#V+aB@H=l@&* z+~2?3IhrxJIoUBY7#TPk+SxK#I5F5*m^m8!i{-@dAEcmvZvPKj@_(&sQ?~8URMCc~ zFRrt)u2SacgnQ=#+hhWOH3cooQc}(=^HvA}G?v#_2Cvwh>!iR7@&(1>Bb4xD(A)IWytN}mG(y;FOIrxSaA8Oz&`qlt zCXdli(mJPXnF{*KO^kXQt1LZafE$gu9%0tijZMIn$mXfmer`5es^S^aPf@dK&nxDx zYi-z9MKD=$(bLP)s~=K3;Wm}^c+IoBF(agSrAq79ye4mZVa z$4@PphDF~Yy{#c&NVbf zYYv*-lmR*>^I6tB!`T~omlUgwJAd}zc|nj@_nIW-4|&@&t7v(ggwTFmt(QNFcNRS< z*}p3L=ff*g&L-uMbylr3A4!f`;(p)RGZ0l~p|u+uJh8!Lu2pgqzo5?V92mZ~f0u zdko_*!mzAo4@se4d!jU=d3TQ?|dhq zhXZ%u*3tS^`uK~4L3jT0;|67h@SIeERU+mVTck4vSXPeq>YUHGX2rGHM3ArcsKT$i zKsLw%c}RDm z3U?`CjPy^28GH6y?xFGUg{;uz`XxDGOE?WS3y^}1$0nLQybpE>r3gRkC>QTDUu=hp3UbkQOy){sSd-yU$PN8JP;(`qVP!Zz*>W?wl09?C0Fp4w(8o;y5Bu#%U>f~wKOvFERMy<3U{DYP zRSJpb9pl`Q3S+EnU4gKXh>i`!K@y+>Ta@C|m)YiMsStH7KlcMmEts7e^??NplaV+K*oUz$HUH5N`luPu~3bO zc`OwM66NftGjRLkp=kttp#|6EI3V}{nLh015aG0Pe9x*rO2lCgZR`9By@vln*u(@> z_dmbIc%HxyiJu@}w2-V(S(ntxCU{15T-!|MKUi|7egpf#mPc#+|63R+^h;l=Gs6jrm92d^cUcCLB zRKD8XUb?;=e*s++Fznl~NwiSNCB3P4*2rAe^1e*|`lo~J&OUmqfdc`VBL3er#DBLc z`KN=3S{PWH7&-sDhh!y8+s+Fj4RyO{AIIWrN~MF4*?@v`<@JHXP=h=QhoDgfib!8) z7^62i+KjsPOFICCLxqDP_J|OhF8`Fpf9f+aGh^Lu?#6z5%E{>ly4Y6)#b`QL7goc6 zTD;AT$f71-UZ6;LGt7h|hqLaP8M%v%H&(~bzQum>CXngeCr#*mU=yK321ab?@gxCF z!(&$2*rE!0Vb6pLJ(J*E5kqfdsiPzT>07wkN|(`Yx5(1Gp}V>;`E0qK-o8?FVf}}vRXYyqy)@!H++j`s=g8b+)-B(5=KhPz*T1~*D@}^MEX@ZAaBWs4=@~ke*B})gyX5z^aY~r@pkK^cmeP-tw*vm@*~; zWu`rB<XG|PHr;m&OuS4}zaj!>f<}`_;2Wf1AL;$b2^d{D+GG%NXckH}}K-LF8PH$-M z{vn?b!P^^U4h0UcWGH^zI57XrPS640>M-Oz@elKesW2RE((OTh8QmX6WlGfOI%AF= zIH|b2I$L3hkVOB9(UQ-1!NsPJ0W)th2APy z9RPl6`050=#@Ad-D5SO%;cVHSjS0iP-PAU7E4KD4JB#^F67)5@McfjO7T`6> z!`wkUMarqX`4Gc!SM1MdLHiICaB>kl1VPK^9la6;b&ujf950kp8DdY$@cffI^FHsg z{2~v0$^>STY=?qqn(TQ}R3IWY)5 zTG#f0oom?KR2=WL-c(%gkX|($?_{XfwH+(CuBDxGxGvqJR-t2DA8*v{%6q!G-kF!5 zK~xI3k#0$0Z6Y>SeTO!6)z#{(iZLlMfQEt&_9dp&QS);+v9@w*oZm4DogAcw zEMx1!x2kpK9;Av}=%>HJ5|F(~`)(iOo9tg+S6NC@o5Ktblm7w$w^Na#B%|QJn@iof z65E-V2uyJlal=E;z1n_;?9=6`W|dNvMmL6Vr-tnzzckTojj8o85~ZIa>6k-i>sJSuuWM?XU=JCdCS;5 z4mH^~%Mb^y%@xvGmB*vQ#efk71M})0sB<2~n(BR4DmmDW$+k2xb6Hu=&ErzruZvt@`3LVpNZx?eK(2%=2 zhw(}DWP2HbQC1Gl`c3#_$nJ{DoBiRUt;a=jiYoHQuvqrMMGNpikCWn^=ZN?VT&}vS zu+V2&z2YaTR@%<9p&K8}UE!G^xIf~9{xg-TH=v4%;Cr?tF}@b7UsGG2d5-F1u-qo) z&Z#T=s#dtf2;>m^sHd5;Z$(CJdm+p5X*I2U0ykoGCLP?#Wvlug5lCXJG3^M`#HFe; zzC>Z#N)H^h@u`9ATtsIV4ZXDS#HP&TS^1vpFS?TmL{uA5I|!Rs32+Ys9+}vY*?*(Y(3WqbuSb>89y zgEfFKa%4nmx+{QytKl(DNcB{_Je<5Af4Ak&Gh&+XmssZ?c~JP>_(j~rUH1ip&f=O; zPmu=o1=LgPVctMHUGDH6<}P#hprB?Bf{3Q!woF-o#b)7IaBSt$Qt6s~nz$COuT8Na z1N(1vyo>-pb-vm)`&Xr8x9IUwscmElR%s(ES6d(GkcjAUk{E3lO{o=Cy9{pHq98nG+jlxIe2xcvsoEXLlLj z_&`S^JMt`~$2Vk@6t{vkZ?n+;&^rnPTsu zV=0@Qh1^gAjl~hg!i=wuA3MAk0B@x~4%C5Y1Kdagu|_xiO-jh{GrS9WN3tGAWTCUD z{yAP#219FWSvqd`8(q3Qqa4&?DUDDatF*KRr&dwWQs$FNAdq$ZK;nhzK$}gKTwqF` zs9eSqbpAH+9c{jE7n8v=#VsT;@2>*0%GP3hLx(t*C{C2oGHK#wuOpdpIzSl|m0SQG z?!@J_byOg6@dJ*mEsA~_n{E1+RAkCex^g&`L6Y-+2dqLqq-ZkGTgIjibD~yqyjrKQ zIYD=$7I>$A_eld2w$(&*4Dzo)zfo4pp0dF(AL4r9sjWGf^*vT3)%Oz_Vbq8-?MOts8{8mWOR1pklP<&S>ri zXRnwF&(iLft1a`3iw0_!{AoDRE&B`n3%&W(DaIU3GsBt+x-PyjxAolpL*S_0oz{wr zjBm!akg(}p`;U7?Uxo~kE9EWAyEl+)yMdEw6xy2r_b*@#ZN*FECJ|dt{9VHgC7M^C>;`sM?ef_Lt^&o-9ARJ3_F;_@E$}V}bN{;xEa*uW9nH5JKdy z&yj=fyWy4O&}d$NY`{<^(87xy`InCAv#Be8d4;)kWwm9MxrIf!Mnh#0w}Q&Lf`+11 zbA)1wfx4BGw1~2cm8yu2n5>VLkC={&MGv;2A7a13l;;;Qf)fB^P=v}HR7Y-VBUxvC zs5n$yr3SCuqlGDqbHe9mCRI`PZ{?ofp@O?0|Uhq zIq4Aw>?s?FR@jdH?tO#uK8M3R{ND(2YIsR#vBArccfZ}(&LDZIP+WK|^oe6mzNQ}m z7AL}vcserQ2jO@JdKNUOHuI?|p-y7F1Zyf4bBXiTJ}g;QwO1m-Lz<$0IiU-iY9{QV zjkRQbk2?B#KZ?b1SY!!Jb%I!B^$fFf%{E)W0)chrWhMt}em`Jz+RXW#I4L_BfzI%z zb2RoBmfRN?k3&3B`GkHXZ5gjkAH%9NG>5H&%I;QU1*%>q1qdQ}j?1`KN0$8_0*F~& zxw>d3`|g7j0Y^@PHd<`Z()EuKaB+rkumuSia#Ox_@zy3bG^K0CAmxOjTrYXc)Yk>S zVyTm_HksZ))NwDN+Nk}NK0F0oi%vN-CTA~OBeu$9rklZoZ5Zqal!N2}O_5>Gi`Kz6 z)8M9Im(Njv{T;2sE$u_8pBX1Q{H+;Q@|gZw03y~@k5D{*W~4RO6>2tYSlm-fYc}6l zb{G+PrCiNsk7|L9M%7ZCR-96Dc&$8@~*p7#Mf#`DHKeR^voO&a)b0o7lZ+suxqZwX4A%sa{Uw4JW+RS>M9;N z(gF(zEHxG0iIDRV+wmV35NX+m!mKv#P2($>qMR0wNpB0ZYC4V}kK_l`xTx+Cl_VC~ z$uME5F8zvqXX$tpW;K~JBqu4`OW4wdG_HcP*$oO$#g>5Av8Qog%Ac=L9AfKfW1)KX zOOZe%*wS>aGKx!D1qrk$R`t(mbNvmI`r8z-vcuFLQ>*yk_>?sGkcT|hMi{2bx>rmF zml4^agz54S z&VTAjl+ z==&wYWyG?ktP;%sny!$q>mgfQz>UE;Zzha4UVeFQNi=^J!{&Cel{60Umq1t>T$ScwIOb= zw)~VNlD~Lv{X^^x)f3DQ&pzaR@e1?b{Mwu1V6g00onFKGhDl>>#U{qo-&EU>N6lD% zaK$!J5^ch_vKZbeT+SI9K&I+3?3P=K*i(jz(z@aygY+|75x)-io|f!rBS}+n^l9Jb zbyU2)qYrthbTj{`C2^}=Vw^sft($;x6yt{eM0%}%>J`Pv|Di|(h*KYi5KT@EfpT6P|I?U72Q;IW@FL`s!4O-&y~(jcniN) z1g%!hVta{%bDXzsLm-2W$YeZ^wi*x1JsvPoCy+n5366FxV@N^_8 z#4e4#{GrANxe1<~TQYHdN>U>()VzI}y(ZBX`EEP?>0=DYi*@|{GwBg|&ZFB4^DyP| zhZB!1qNkhk=h!Bz;o%4CAAJ=DbeX{~U7X9OEqNmXgfls_?#~;(gM4k;g220lH{((T zp^Am|q9h%#3?x;dPRqGd%7^kiVNI#T6Lan)%d*Tf#_I6E1sT{<@B-Y@1RUbLaBc<6 zB9k$IG-F!=`5c`y4V-_-+EKzBMw@IJskoK}F5F(ROGB0~5WKUdh(O`GVxsir1Ifev z4E~7+QR^#HvRVn@xiiJNbE=$MfhgscQ-U1N-HC1;&%n|Cmruid(|tkdecoYaQWk6w z!7|=Qg$!Q`)ybpRn|UTs#`P1%#j=EN^w9}+F-Is%XP!(Bi~eh780;fYZI3rrG5Aob z8;ED4Lae9Oke(E{duZ-G_3wOqarNkI$@qXW?Ri+5n0hQ!b&n^xm5a}AcV7mQ4j}$2yn=! zS>hnb>tZUwr-Ij2ti&zP7M7(w&6y+`A{hcvhR(7ao~k|jNl(?Dc7h;5xPSH7@#@ANIF@;eLN!7SYnx-Upm zPj+pQPUeuYMP4roXNMXMk*SJ=IdC=SJzjK|NA#Y*Q6D(%aw&3O1lgQp86@*ej) zqO(TzG zxjpgH+fJdqGU^KXEb4bu#=a78RNXg5J#v%tFLe_8Cxqo@NtHSJbLLoQK|qev`3!36U6Pi!az99@s)1< z%?*U$m9kMAQ>;F~#X5Rg^-hNjZ3B|`xbA7A2YR};e|ARyop@s6{Q+Zr3$t;i`rw^4 zH2<9ixD_n4os0dzzHy3g?RKri*9l4BMVPS)slT}$An%9R>KCBw3ug9CQ}`86AAEly zs6%*0kk?Ixc@io+tc=SCisdw86am67adB~Tu@7VWlgvO{HrY4NKXvXWcn2(Vhy&lu z6LE%_Q;%o23U5Z3-6|UVA;Mr^ONnw!{$x9v9*oBpT?5sH)E*qZeds%@*~~!+$vU>2 zXci@Q7{!GjiAyq{B=R>KoY_^8q-o43@KvST_A=3b*2XSYH})b9q>Uq_OO4@SCE90! z^u!Cj2{o`yUu))KnT}cEksbHI@LaR(F3t$4IoMIOlkNm#p3=NDK5{mZj};|eVFcm@ zxjvCARcf`6D^miNE638E6u;ldoC|YKia>1G3HXN@Tvp#c8ZU)@vM;H=A$L}cgfTR4 zTjfRo#Z?cg8dGW6To602gC_!6Gc~jV!NL%lf-d-=xuc(4NbN^=DT;Va(5w@4)F*GJ zKQUvQYg|_Rg(z6xiCh1P8(ITcr}Chyp(SEen@m3PFrl$so9uLzlF~y5i0eb)%#HiI zI3YgGqx6NsgVdxHgiTa~wE4PRcHsV>fwNng^*6h?IcRE2n++8u4g35okt21XRHJ=Y zuF8~>t!5+Q<$jQ69@=UpEPk*SSzuc+*1*VsRh0|2B9%##hQN|par%;a5ALk#u-Opa zMEc|YQyl)lYDmcKk@{0t@9kkB$aW8av#uxS#%XTLypTgl(4O4j zFukf2_$mU=NU+&(ekxmkjjCmXGE=qm?wZJJDl1uXH1B5Y;p%QElvhL+1pYz(ZsZ%& zOD&)F9B59?obQKv1V??&SO|pIRK*$E9nM${58h|)*zm6=1p8;n9s6F*m+3837t?ee zYP!kIt*>1IKpUIb9K|)6WKQq_n|voj(B65ik=~K0Cu($WzU2;+^yqlw3f~!JEN-qc z3HUP>^)7k(=;W_Jj0>glvUs%_$(?F;{_rJxnyUTeg~8!jlhSq!mu5pqd9rRD3zd$= z+k~o^RBM+~_X?3gEqsR7#k{=?JnF8kyuFI~(w1P}kKD@LGIwoudeax5QHV!k+yxtq zQoIFNVLkXW(e_$11+_;-Tw^#07hCeu%O1r)oi*Z%HQRhpi{t3!YUOU+BuIo-hisK#Qabn{X=f;N>O2i;sdXpe+V0I$>>e-kvz+Vcey* zP70exxowj|E*Zk(MN(8M&77rM7rCB6!g>mwrt+nKqRYT*qtDWbOS?jngyZ@A%nR16 z^4c=`7#}V5*O6JrvVY*?+W0^Wl~Fzxe#3(!FWd$0N(0%b_1zQ;W0x!&486X*PLUW! zg59&=t%WEELO3&BeaOZN0?x%(#I~9Z$Z!n?*YTPJ5H2LWnH0LfDD_~Px}(JJ(G_l_ z(tFhAiM`=v_pMItjhoQD`RK%|*ZVktH>(z+;o2ZyZp6Dn*zc>H!I}5g6~0Iow#NnR zXSU$*l+2&F|GCO_G?j~vFR-p$X1bPz-fVF%k+EJ768P|~)(i`>#+s{|o-Rmiusz-^ zgqKQ}PJIr6=Rx*B&LLX;2iLlVUO-=~(08_4EiE0z4#`^AByHs`&WnA1moxSYXWdBP;`hDi}<9Qh$jVAVnMxex(`_-g;8O5YFWM z$k~Q$%I!dD`F-sh0qw#|`y#<%wC~eaSUGdPoOe%!12*VIWq^;ANM-_#8pi&hgcuV* zMW}73lL$5d&rz7np?N5oqKsjU!p=Pu(JA}%}<~YM`z6{9$$1x)_ zaNg@Q!^wL}^3za5!ZLz|RuL+LMQlL>g{w=K8#iC66pL)?tjpw)fI(+kQu$;(4aP@; z0QJz}>Sph{@&G=F5 zRIkr1ms;X^9KL>NvO)Vx86BsIL}NK~iA{^KG!?$hv_=2jI{SHCu~ht@@i%!4_v+YYTSVexu63q+wkVe~O%DVD_&>&4jp3$o@w ztP;LJ=*A=Tg`&I?)b-*!t=KbHn}1G8FYbVq~n`6?cVNP)ECg08@m^{r0HFOyViHJuHdh}1SmdR=;ZWdkRf1zcRX601wW!xa_;?)dW7oVex38fB_HjeT^VR}}jin;h={N7_3^S=M!1x*5)}ZD-h# z5j$+#wr$(CZQHi($S^Z(`^I~|)2dE=w{Ep|>i*k%|5>ZGJ;z#e%<=Tz_W`QwGfMeV z_EHOQwz$PFT1-th)dNkC)yj)ibHL$odgg`#26k-T=o_9u(X;kfaRNEBLZ@g0zOd50 zb#B<0>OEdm@g*$t63V#Cj_e;mBgZ(E=N)X~HpDs2LDTZ=?zBRUoA>0q#w(JPQd#qw zaVTd6hMU=9a*k=Z_$^?@z=UL!yL)x}K z*3zj7-__XYch)Z5p*51p_TuT09FM+?a?BsOdEFAV$zN@X?}@tLEb%NJhCCheA9D3? z1%_GKBC%)CSY|;JD0VnW=yll4J9gfVR4T$`SX#DowC&H@f7a>z5W9Wo%=S7nACWg4 zM{|IHv`K|aQk0-K!r)6%I@!OV{~7N6g-d}#{T2^%e3Og+6KeZ+P+I!GJ>2_G;qX5J zc;7=flK=AcUjw-+`H62x0fo!?oDKdrh1ZX~S@~bFsc6J_70OAn#DQ|A=vDPOgUYGn zb;RqCdpx|H=$5MlB)sN3K*$(IUJUw0zwh-802euUO zASpts$h+Y`RfJlNbB%lDa~)caTA@%x{LpHvOLVL4M!_c^)n@CS5<(%eq}+e&dgsta z(8hRhd$d#K{6(VEgTCTFi8`n z6JLodE|XtS$?xy1_Vs(O#;k35(I!rPiR}lcTI!>%NFB)0%LSV03kSykG(v%?q;j>D zS4W-vL~B?9+^>ZtO6HiJ`8ew)eRkt~uc9| zQA^_fC3hcITv2EJ<{A3_7oOqYS1kYk&lUTht5n6z5qk;sb2yo~o>ST%cQ2GgC^2xf zPZ&smKdUPI0s-+4TysN7tAW|MWGpEI7Q5Y_f$qj2els<3i9AsCUnGrUl2Ca?jl54; z){aFqo6{%TpQf*ym}<$Eq_%K4_&raK+g?wbZ(dK`Pk)=fxSoK0?{2PsBonIyD6e`S zfM5(|tDg_4(s27zDQcGOQSwy7?Ob)YR}M+Fs-WmZFepx%J1;l|Re>klCYvyqW-FWk;2v zDvcs-&uuJS~Z3mXT0L(gHP-t`Bt@AAnsY$(U2y@qjo| zwfS0#Cw3B8I@27Al0ubf>PT*%QbOdFGRW~n7FlUIt=3~z=u{^mq+VGJ6{I#X`uK;q z+5aVh>bHEUhH(ANvXw#Lw5?mxP^gK_>FkW>_$8AeZR}|5N}y%o&Z1b>V}7c*ld_wk zQ)6~(rNj&%m(eQ|%2jv>2o)mhz&klP0@3zKxE~pJX)2LA_kz$tbrzwgzfLuw!)A+B zA+9wIx#w@PrPy{2H3I{>=Xx9t~nE| zD9@mhyY6JwMkJltjV*8GQO{&={DTc#Gn0Sx}#K7`LMKyEU>x* zuFRkDx@Yn$T`8||vi=4qMwrFi5Hv^niwGB5^fx>vj=dm(L@5YpWc*eT8<3w}GgHH) zYBWJ7gjWM6kCK}XAv0$jOx*YR#e`xnQ!J|?IsktyVCG%8JL0O%_7diw1O@hRu zl9D7=`P<`PRd?Avtz9hb;vA!R~MVi;Cwe|A#B3E>l;Ko`q`p-0AS%64bpvsoFOLx=u4D30sbxyUYIA{*?K16T{m`*cd498NQX znu|`smOH&uPD-mk?fy#K8(2tXlGCBZ@(E_VwJRZ1e?^L5WzafWFBTfqh^NriB}n0m z!=NCz_fvHsE62=wveJAl$Hv6ylGD#*s(nLMv=vbnVPyP$mN{l`Ks?Zj|j@M^=jD8yrLZ`)}2~I zn@h_$N9iuH#IGu9F6G;kSZ5Gj*E&l&KXZ(_b6s$>gRTHM{;Vv=R*#(UP8v?KRW0EruB?p!BJa&Di}F9*O6R@q`AN z3sSo-=%uT29DYXK!RcKRf(D%GWja?*@#JCO<8v%Mk(A5D0G%6CeN;I*|F(8{H7BpM z_I?a#Ro({yEr9hV(h$)+3o{K(ZKj`f_(Ml-Y5}=C6j+vn0HX^Mj9Ak2AWA44fo)4y z1=+{}8D6O+(>DGGOtZ<47+A?yL)gv{anjsGDbm;74&J>s4vFWopY)hi$*C2@Yhy;j z$9kBo`dW`kB?ofGu06MWHNSMVTt6fHg3>uQKSJreQ*kJSS(6gSJ_7s`erJH0IBUG6IkvFYHiM?{zt zd}EZi>(B)c97Yd@3@e@oR(9ScU1(!ns-_kLMCTn&`G&|3N_}FKM}(v*i~}A2M@dZq zz*Ao@EJnT(vP=Rep<`$$4G}4SX-)%eo;P2e=y4x#9wSnI`SH*KT+`D1p;(AIJePZa z-m*jwo>S?=Tn9w%0z{H_tJ8^ieB#ePQ`dMU87%zHnCp}8ZGloM@chWr2Sr@3-#m2H0pot z!2TVtWcqLIXaA)(va$a^GM4|oWmf*byM%zLo~5OcwTY3Olaa$e3a5X1zJDd4+t~l- zHd;|b;k()UY^DL7Cr}jxqeKI>Y6EL?r9wy43r^bu!@zUZ=$FQlMBWG_>gmtfWdZ~o z2k`Xb7iGid(Szi}NtgU-FqwJEI=g(r*XaSm7-7N%e|0==t=PxA6{q}FrZd1xYz2-@ zpEyh}2}=yPG*BGC5SV|k3f3G;X&!57Q$i~~RH5ufPj%Gi$hJ!M>=>2hIdPR{lM40J ziy~w>vVjWz8^0fh&XEL5sPYmlkuEvb(%LaxRPb2Gh?<<`tH*BNfc;!hJaia*l_ssL zjH7WonGw$#mhG``^!WD>E$K_u%u<2IVIrvN3%QBOkm`pzL?NtM7m zz$U=T&7R`thgewEI8?FW$bP6MfNWNQ(u^EvPiH^OWeq(>e+Pdf%?D@ zt@j%FQGCr$zEJ>~Ocaa<5~@G#blj;78eAsflt5?|VLJ!Sf2p=u_Q!K~et&KkG@@B# zj_%ohZeRIWaj5*d6&-wTNW;YRYg0Bsh_a{p(s*SkB`r_7beQS>NG9rQB8o;YXhyjipVos6 z8-+d|-`i2qdH7L0A~h_6?nR(e?p(JM;zr4V9du^0I+K2!Pc8RGnpivAbZ{QoMk zDbIfZ=Z7zL7qYv52xo9$n6n)$etrZXh8?8%A9-TFB)&WT|Kur=Ae)d`=6^QQHZ8Yn z*x6JFYpjbe@eY=M2bj#4FO_drT2(1`s99*my?1{@&JyvEB&T0bFB(i&-EWs%Pa6(B z+YZxRSAR+#d7kMJr|hE`pM~kV`hOcOGZ|GlFX^+=iSTj9mfcs2H{P9fq2A`T0 zw=RcfaKX1via5K+cBJWGk1`~?C8}LA-f`VNH*vZ{dQt|qkMJ=(Yf^^AC$h-CWXmrn zcHdrr%$5%iwK_G#H?_TEpGIc{*d1xVeuYf$hB!PUdMkQ+TV5NmJCb}2?&PGux26=| zY9rnTCVG?c$b`q192}XwxCwiE)9!ieT{q-EI*{??4D=kJAB;t?zf*aS9i$w-hL80m zpV>%$R;Boi^vvW{y_b*q#6or%-{K#>lApYpV4gV5UD0WK2W&IH)YyATcyFP#`7pg) z+26qje3{+$z<7@w_;{GH_fYYC#pOJ~eAbLzMYO_8e$Gzd-;99!>=h-r<&5RHpHOev z*vFLpltP(^VN9A(v{o=m8#kaFP%JL1mpWuoiY}uTICL*lIt*KbmoQ7s3-&mXWZ}2= zELA2hVji!!T{2aO>H}R=6?oB;W0{uShh^!LSg+$Z&(9;nG_NlMo)wVlBPxw61`H~O zq@U6&;98dx3+53Yn)$s;qMig5ryG|ODWDF>o41#VOR@|oiiicI1q0R;8+374)+_#& z8r1HYSF7Mwh}Th?XXpLJK4lZYwJAp~oD0)dFCXtT_oGB-p^{XhSb{EECla7}lrJe~ zTtX7?8mlN*l8P=@l5kjLY}$}@DmK3^M>Q|XQ%*Z2=~b;_UBsf>tdVA2q|iQ8e5~Q1vu#P_EW)jc^wP>lB>w7;e_FC@j}7 zq*#@2mQhAjZ2o&G%^saaX;RTn!70@|p^P;mk%q{=Ld8nK1k;=&p@MXN5~Va+Fhj!s zqHh>BFMe3m!lIBy*`IuBxA|}UspuVN@wshfcR?KkN(93VR&nL9sE7v6AthNwXM1J2 zvDM4`T98sis^^jk=x;Cyb^l{c{1|@l*P~k7J4`<=t@)IVC1}=5j|G2N69?yHo`Cz z^?8kKWg*K34(#witKS7{5VinmhA}?ZKv}e4mK*;BRtfkx#-oDhqq4ObOp}DmDE_4) zd55W0-FGgpRo}3yt3oN^V(?I6@uRuR-~bKj(yppzAnTuD!*mW%u9YBvE7EDkNn}+2 zi;KMCdNzc{YGSra&rr4p*&A&vX5JjCl1LL{;SH^ z&5g}MlVhjAJjjK?)@)s&`tlfBn1rah!{KR5iZUJTtj3(mx?r$$HC+EC*3jO7Lb7>c zrKrajnmFAACgnISM|fJXH~i zPHqz5+s5oMtY6V`L~$`v6(Oi~{ zAq1Jx6$%{!Z$@F~6@cUP0~mh_WLcFuz&O#)^JW3wWAdg2s)Lzf&ColAJ(!8?Du~2_ z*}>9QXGhxZoh z{y{;#&)WCRO!-TWNAOcT)0tmbOp1TvHkm%Vq+@98@yD*{Sih}ADJzmrC`mp=R}j@a zqD;G3qXsz5UPbsQ-fyEj0Dx%SF^y+0*4i|<;*2i5aTnUSi1dKsD`S;Z>n+jXfGLHJ5(m;s??l{~oU8rVtm7#=&6s@^2v_ z#oAAk-{bQ`$m_P*BWWV#*vQD z#+Wwc>aPO)SaXC?RmJ7N7NeghR&^v@YLUCCQ@WMIw!IEa{KP+EJB zZVuz>^^K6M2@V=_PrSasArsM(?xTC$7C~>~9P@S1WGoqRA#Ec>hWcQX!(Tb`x z)}`+F7RxXek&%>C*AvLeOXY`V$qkEu%qCo_4c?l^Xyk>V2Wuc0mS`k_8PS4J0L$~2 zgbs}bJ0UW)yx3A$0J!k*W@_ZlQpM5v?l3cKwJr3*+ZWI3 z)t5U6;qpB@q}u5_A=%r9V18`Qa?8px%O$;+_+O?pU60m5XYl%k81iVKVWLAJv{rhg zs#6bs-D;8g7HW*`Ugie6OL*46*qw=Bb!xrhE5~yONEg2>@FILrTsE}}AN>U^GpMF} z0ED;%>-xH$O7RHs0M7jO{33=D{PtzdUq*RkT_-8`U5 zwQ0jK@7sOP6k2}2c@a1U&I*V=mv3C!SyzWe6$Z{MeeWU}AE#L$(X132#tA9`pTgnr z$K8$I=G%*p&FN0`$@7e_-{LPMDfQP#H^CkTh@U?S{H4r}yv1Ous7tXz7jiZ={XY>; zRGn~2qk4?yL_L0C!AI2Kq+_3Qlq5mSn8KNF6=KVLJ1FqAcXdOh-C=8F7AV?y6%wyu z#A}iMn!U<(Xumh1K9+AnE*SJ@4pUB^yzoLHS>Kb?KKjKts{s!)$7xw5*3DQnl z^TJP;@R1eK)$hT(%;tJdv_NMUi4uhh`l=qQ^(KGRC7g8b1$-i_D)l%T6V&a)EE12v z3V}3~;B$Ei^PXXdW}||h-nSX-?C@v#bOO~B(aNJUWt~01wX4WCB&~w=v8Boq?CJtH zL*u3sR1K>vk_Nw)7tt!|FfIN`ZkP1JO_coOU`OA~XHwt*-UCtk{cP;b7hHKAKOMgf z=GD{H+ni7D4Nq@ERWgz{D4SS94F-(JtCUwzJF#?Glv+?bRkcs=3B1q?cn!#}RNyAJ z^KF`zWh_o5w+n5Wm)=o3VRu=S*_7KnsJ|9!)GoFh&LJ>M^91v^o|n{li=n7CwboZN zS^-;BPy&yDN!Ko3oWe+fm-9@6mVs62dy2#iyA5uOr{ar+gM z?pN>Nud9IxI_1u(lo8kTB5!~E=vj?xhP>wDAHc<`f+CvhvGK z9F8YOZ-1b!8Em5MdV|UL8Q1FM=qQ~(W2i3M(2YWSeh+%9Y~6%mB5(Af1~gTy8zj$O;2vF* zWXJ|m@bs`P8~~FotRfzCn_K7y5LMXDQVNac%6fe(H30#wC4W@dBvy^{l|cY%Glf!5 zWxM6WT5!FPw2+aPo7Pf&aCuRaYT&W+TlJ1a_=0rX)nSwNuf;h?ydZk3C2CqE4TZ-IX*?@fUF= zMfl3XqaTxPiGxpSw%iFFY+@pJkXN(yh@8E&N=X~V66+EmN3ME;Lw!RYvsrbojtWQa z^WdbCUkhH56^77nUh%K%a5W1))Ae7Im(e6X)Vi!odsI(h8RjxhYl7V;zovY+Bs%FlNv3z9S0i30PIbSQ~2SJ&!X z{v@JSsUDQb2C_*#QHtikOQIW?Y>g2;zyAxQ-Jp5m`55P-{n1t6?*zEXfteR4@6^ z9C#0gwJ&=7HK%AzjY4-8Dl$%7Rdoy1t5qxPh`(h`XSfEK#&AUg@lrPmY7WE#+B?K0 zWS7Lwsup@hSKRNfD+iM4F2Q^6H3RdmW&VNicT>ipExDRwfIH*29`%ucyaYnZEA@yHJ*xC5GO|Iwk1}79H&<+ic@fX* z3C-`9By;IoY}hy!$#nwUNCRj_eL3M&#~m5dLkj^hQv_tF*O^j4fJ|N3>bWEd4{{*G zf+e$P;im{pc;y|EN8r7TzwWD){!G!CkyH7+2PrpJ{K{Eeb8F}0SwS=tl9$CL-^z)CmSdei$& ztBvhKMGXDj$ZVl@drURDpDu+j~%?){juQYE(uW>*{QKZrPP z3mA|s9)oed;<5;i`i1ETv^?XCGWJCN{V4O=M$`z^sO|?M4m6zVeE^w5vOF;vz{H#!X}8$^twKfa|@3<3#9; zkND@pwQ-4etH9&M=jF-_2g1?!OF6Q5w&@-U5%VAk-ToJaTU>QbPl<{hu82?WO6W;U z`z7H0BkZ$sqGmzo{sGno<+rfxdYe>EF710cc zVXkTQmcXCZhs*p-h|#sOq7T@fg1HP+!ZtHVBLx=2mAD+Nr$g7>1sPv-ex8GeB6ZT&?Ga&-+E>E&}%s9$Z zESeKV*0fW5@-ui?(c_3k!Q0m_?WPBmnj&MU#78a*rp4(*D!-%T8bgNji+UC%QR*W+ z_dCq|^VjyQ(?b(kCouCCBc>CaW7{&w3eIP4P2TiUeR(W?OHph|g*fW>W*%hm93lER z|Hd6(lnUXCT)Da^9!PVZRVj1?T_|uQSvzu6@JlR7R)<8jkMImq50d|u0zGPIF;``T zYaY0)W4S?n%9%RhW7w1 z$LcV(-u*ae50O-tKAJO9ot-$g_wtH^#S1dR87epwUvR_Dfyf1a&U_$X)9ou7R`@g!y(FH1?Pp}eg3MGya+Y_^ery?A|N}WlEyTi8%EYeN@ z&im%G50-OqcznNk-_G1P$3y0)I5Vtw+Z;Jk=CW||rK4xHaEh+(SleS}^4=H*JYFUm z6X-@hmRft@Ry53hZ-*%%0B;Bo=Wd(6!VBN=2QVG?+;bbh5dD1t@)B*EwM6z3eES7) z+jUPNjz;r0tr1^F&nR1*>z9#0fI(jo{8+>dwXw1*)I8fF_Pq6jwwSw&6F$}Jieck~hCq5%*KI9mja$g+D^t+z7 zc&)fVRtfe`a@Bna9=c1N0byB|w!J$PVbyM2%%`~qx-7!$SvjmO!=r59@-(Uim8&3zAEzGUUCX)89z0d z0I3;MNoamy`9OGxgpFgwJz|9B`q?W(ZX_qX`_Toq--g3*{BrZ723q8)%IzeRwq^%W z&gP&Z(@eUvMRN%d9G4|zscpVIg=1n=Gr*S!o~;O6pHmCxvHf&;O_5$x*6NxZR&-NT zw@PA@zp|AVg(U8;QV?h=hBlW>3r^bAZ{DoSG|AwwxMedpVH;8AOyOyCE-KcA9`?rO zn)4&D-Y>hZBQI&y=foDo8w&T!tpQ?joES%(*GcXN%Zn}EGsGNvWqOMIOn$MX*Y4P6 zMcvvzyng!=*mwPK=pkqmKKq%OYhw4rN&N-v-UICao;*zKmKwRJM_H-kFQ`X`6rv`I zDGj=UMkuH1Z`%d@$OijpBY3^_)2vFhZ>n`W`VHE)3uUFE4!piPLa#w>tp!D|QrQ*h zufAzVV7V(GB^M4&s`@WWbWdEoD}2zA$~6r4xSG_2Tk`D>^7s-6@pfbq;3;D$yXfhQ zJpOU<8dle2&NMHiUk?-n;n3H6l@B=YxF9u_H4k;u>NYN=a*;ugRcP)%?ky~}7p19a z?R#aYBpL!~OP-}K@)w+E^Fa%i0h|D#*PQCN0PSPV)4u*!E_Xe-)8gD~m(=Qe6Q>0L z`o*FHS0>c4p~)1~?pG*xG2}g@zb#t!xxi+LBaCb(cvJ?08`1TyNgcV_8w)d7gB$ES zMIet6?NZsF$HJkOv((=9d%uC4i*yfKEu_n~h15o^H{%j6&(`^hSSj;>zB}$bz)0rZ zjSCLG4F~0uhbmid6wkQGYXkVBI@r5Aczp`_rnXvi*LR|F+?aN7s@%Dfp$A`g^XQ7{ z8+XCziebtmkm9@cm6uOX@*aS)IH1Rz2KNI0Ld1QoI{?_@cycM#ZkjecIr=8%GC$Qv^7l}Z@9e^# zy98+fWtUj@eS{g%i!;;Lual*`kmV=#4zmTg+t;Z1cj@#4>OdY5G~I^EV7-Da<{ni+ zOS#4rVY2X;`DJ@?xvf2Z5{iB#}zdwL@li7&dTUOGZHbj6~ZkA3%R+JW(5 zX*pvNa^u7A8EsIcbd|Q0bbJ&L&80_ld4_#NO0zdghALVZP2feGswS+=9;n)%6stxQ z;sbhRVx2Hs-k|3!{wW0q0ZSX2A@ib@qZzTSzQQ*Gx=G85KQphf-{txh3P><>=4FNg zS{<`o5n5=&AjanL4AH9BfH!_XAG_U!4|WzAPM~gEOMu{=i+bTlRr>q<5pjC{P>pYs zVkX*MA31Y`>L7W)e?gA`mLsn>><`=ia74-P6(`ZX;~^^wzk5WqulBd&s=YbxW_*w$ zD|;4!ra&+njxEVyT%^lV4eCj7ZNk;pT%t#b>~~@3s9MYK@|2KU)1II?@qY&HRu!Mt zrjp1XV5P_*eOtXac6Tn5qt;y5z{&o_Eq)XNSPog*PlJ}gWc_WA}Mqzay*By~1${=qdMXXZf-{097 z`A8LzI4hO%i&8VnZnK1k_i{SBe){80cg)beqlY+Y%NpbXGLV4}HR7xc)HWO9S@~Mr z(5YgldAZjpD{{vTiq*MfKEM-8S(k=us$^jur|`)Qmz60h6O3GOlu+CEj34gKo;yIp zl~~93j1*_Lg75i^EqZE+tUK$s1G&wTUe|Z{X~yO7uNuDtj}!LD2fWiuV3x0lMBdMy zEHeG`rys{|u^#1cU#Ok{oNe{iM5N1EjecrAo%mUolfVe4Fh?TYTdUb;0rH1C!#L)G{-_QCfB4 zEq6P<3{SD8=>uXJ-sIZ!Q@jUdh#uj4)sb+C{f-Wac|Hv_H$uU2mZNadwdvgvyH7IcmPFR5 zWrGEsQ;F-cl#YS@wzSJ5k(57O3Ms zQF-3jnF!Iul{6NB(7{O^VtYx;F{+gy596HLS~}dT%$b%k@NRVEXhHCkvC@SQ^+t#} zfv$M}nW{06t|;l9#jqzufl9|O)s=K}TE&k*g&0^{fbROc2k;3%4P^#jx$z{%@BdBs zyEX0XS$S|igRjFTz|iGZx%UCCJLBr`imc3;<0D>Xmf_LeJ?XcpKair>-nk@_Nr?cC z8zra%-&F@&B!Hc`E$Lf5+&~{)D6RV{>(}NTDjC+sma~hS>3+l<$!#H*^I{GQ=LJJVCbQ^{(c;Kxhjd0* z`T4|?Mi*F@DTdok4pU*f?l`~*8wqTS%fxVB?Qgj0lcA5Gc5>mf^EQc!u5$wOiDUq} z*ohCz$e0*8jWQv@QxarT>cTaq&owr>myj;xA2yr)f z)^2z?uCGw6X9hqTeo0ej3f2oG)ZNUnzBkgzroz3Hce?lB41wJn7}wa$JkvWP*ThWU z7dJfbSG@NC9Rc4PDpIpbJZ~0nLaUa|#=9sRrddgT4Kc7Nu<`6rqi+EY$oaBAnVleT z5Ul4aH)UTFBKMn1>KL>b#SCeY?gwt`(Y%gpLZ^(VHKdhU2J(D-2$jX?I*0)U>=5uD zSDTka*$sW->1`0Ni%PL~ZiH~OghR*5TQGDkKBmMDw<_%+?cD7rm)5_SW~S1j$>{P3o$-xdnEg(3BCy4BOng7 zlk*oZqI5&jLD%@7G5}8jBnX;QZ3=d{?L^rUy0y=}Wlj-Q~vt# z#tT;=@E70wGxug6{;c$8?Bn&wJ(~~k&SgPLtjkxJ$Exh4_TgVS%7_x(pcuJ7n&q8X zgX^`PO}R79+}QM80oC&yIhJc;=r`=4z}o&}FFuWQTR^X2F-do)Zelu?0b0`)F?)9i zbSREII1B7}uv9i|&5K-FqqpydTfm^II8PQO*|rUVFsB!8JLgWRJ3= zjs5OJ2M3tcqA8`KfoU|B#0X`NHUWbyq5amx^V#bTt(mJh##Uj$i~SAF*gl}cILkpc zQA9k)XFVA}GInsqHg^Q|t`)Xp#q?_V=9?iSMP{AQCa9PTB*_{6|A@f5T_jVk|t$3+TR>6uw78d=#|>Ny(yZ<$CL zWImM7VidII2!c?1Jdwb_LR}(Q_)e*mF~-(SE8~=ZF_Gy6uRHM9B4sAY zMX|muy6KmbnGW4onkL;|U$>~eDB7vD^t%0nxnU5aC!4Wbu-F)8`2(iJ!;BaqR^Pu1 zNMemLExP$l#L|F{H@O9IaP&L-+p}K_WH49XYjq&BGQq$$%%{w8650!7z?>B6YS1^L z6w)m}jg#hucOJwQRw1x$tRIMUa4;IG#%!L4^c7y%DnWT_1Usv>hl|9+<;g0Y z{OkZ^<%kaY)u&8ox(mrwyK*AYxecx$!GalOs>VS$yi^fWrjs$#56z~T(&l1fq`9Ct zyCtpTmAspa5?QMBC+QW!>5FU}Rm;Lae<3`bMSu>jcOu#yO<~mxg5|+sq!xG6GfxAw zSFu;?OpcI{b zLOKl-P&|KAHMUqLwiX~wtEYm1J?L;4>-P0KP%}n;pk7c!>wWrvG+z^A;?6cw#_`Gk z3DzBm&9B6pq;|+dU@}&RDu2-Lbqj2&O~Puqk+d7Np1z`di03MMT?*DyhW8(NqYS55 zMik%I6Ovg0T8gf8x3B1E1iEIYj4`IOu%A?lv~~rVj!1@ZQP0oXGUqBmdQ7zPL_wT* z;enM%9^-jtx({yXGcjKmJp8?npP+I9$9;ub>5t5d_g&KD8Op*IAJ^oy0&9h{!rQ^B zt0B&>>g3?9e$lDNWPS<^Y&szLgiheBW?3p=EsE%6wDlWnDlecaPyh#8MS%~q2P1( zy;S!EjQN8u^p>!i80ibq4+7KiUfckJNnRiDs8$W=Y98qyrshmBaW6mj>1hYm@*4ZP z*uLI){-ekaLEGLAziCK{|AmJ9_agi6DNO$d4JjigD4<|qWBY$Bux87Yj$Fl|{9KwA zA<8W%l3QDPl&C1Eq3bdDc zuKZ=WObogxHCJ-;lk(9#X>*oqa|^B}JsGnNLP$HO74THLfDZ1?zaLy5Fc*8~=u{+} z(UoKGte@~ITahy1q@M8Il}h~kOBT9$;3NLl5_47Q=C! zo|V(O982A>K=+?}dA?ya(7KE>d>pw26hA+=V4!g8cW?t;l;4`1J5JUrY+>enp=Bl< z2h(p-+7abN7y6>q>`BGi4jQ4C5Lhw`c>^ z7h-Q6*E|^PMV4+;{+aJOQjfduDN5CQdBxg-Q~}T14y8Q8a{)t*bre#)_K)>|!yT!R ze8g8Thb7GN76%7gDLDO|sB_(lJl?*Fi1*Y_VE)KuzCD?J`BGOw2Psf8OFl-Q)V64* zQ3SFZ_#%;=RbLbBSaHa5cCb{5tr&NU?Fc01mPqQ7=GD|6K#=pX{xQUM|MnwRd(+8q zXskH8$j(=pbt>}jbQzuQh~eP(7+&Q7X8<8;S?!0lE*lXRp)ED=k@^nuAZ;(%R4=Ge zx}|_^gW3SitFVR>=y9lQnSvvN#ye;h{z=jcr~y602kIs+TePaA{G3o7VCJWtzc%Yf z`Gaoy;uONZW}-vjs(T#CQVX$WdD;h@7r1@~_$65!LC_Icq=+8xQ?6V1feFS)+-k&> z=z=TVeCp?acy|NuyFmAT*N)e>Y5e~riT}NJWd847P_jn$R%Q+k|65|eOBK>pbIIxR z%JORJcx+;)j%6!0ibgnNWK}nylTd<~^TyQBqAm*Cf24ri?R+khk?EHIdv0%*kj&gj z4U`_syOs+269H+W-|t6WqZD%dEL)*eXa;MZNAe{Fr_X`y`2fN_l^3nZLs0eovxcpHl; zZ9FnupXQlLTu?S?%9f0~Ng}(Ak9mxJdKC_{(OUDHY$pa+8b>N{0a6?W#U3S*Un^5p z)DX%8=>$@tw}CxL?Ay>kP4*5CNJYgtwadYvED|#ZgTwSMI5NaSv0}0m*}Ml*TcYK9 zR&{@#qPA{H{e>!b2W_V00h}?@t|B*QGS(C+6b0+8@uexHS#XSYlXul-)>M#7T3ekW zw~XJVAmN;a%L4xtQl7icf$Ka@3g9-KKoQ8J(4F#dSOOQNK2j|Q2Hs?(KdzD8*ceKY zO8z~{-oj|tlRAm+Cv{~yBKePc9epLV3#mvM^z&&la?8yJkRZX^Z^=4sIz6)-9lgyW z^?CX7EP{EqR7f1t-JdYc`ExNb(<9Ys38R7fshbxggU6^Mnmk^yU+I`Rzh=jb^&{(F zuOGt{-B%|eHH!tKLtOD*f_CC3jbcxKyb0zZq(lU^y`vIhQ; zP)LBsI|4&n!ao#+xF|gr5-KiGFz%c-Eaf|4-lbYeLv(a#()N2xo8iLJA ztFcEBj3ZlM9)yA`(-Z^^&eJj>4h@Pb@n9IZ2`x76{Ze(;VleJ&&#wj65)_vQR2tL~ z?-=Q_x6-VNdoE=pEsXfkBB##NfqUJke9B;$+5~JfQ3r2lTq>pQySGi6uLS>(u63Q zv?yU3V@$VbJPYe=w?({vt7xs67(>1=Br2EBXeXp6Pe>V*<%`Q}z5}LRBUXr=u_F^6 z)t8zu=G6`C~njG2wyquQ3&6;L60QYg@kkx2uz|uyR2YU$+bV|k)dZA z;(6NBTmJCx@(m;GDEN)nC`3*-6a5{~IyswPgzf}$7opZCbsO$`?F?MFfPW7W(`}Zo zKI_z`BC(6_@#iYKSP)V^L3hye1{`m#3ZghvtperzfE~XEIfiMMN-s7_auYeJTUS~_3;@n)1 zrAszmRh*U^H&;$5bkGWE6>+^e4k|!71y#dMb(5{iCL6OxM|%s;&D@~QB$R+&Y*p`2 z?iObLrez(e)_T~*R8_Buc8BaDD8bFtla6gcbG17u@d1YW%d4B=bd`v=wSx}N*wrTd zNwma#vtc@36+E^<7anuyWY7wJ6TLd7UV2N?b9F-s9y^hq&_P(x3UymW*Ib)K@t76A zL%1Qx<gxIL*?10_j5fh7OFf7#b3OV`Q0Vy0bT<0NluOMlbCwr%?bXc;7|QJl zlOJ5rK8anhMEfbQmTcI1_eGkb!6fd)Y^?WO^ zjWj*^Z+d5tCsBXUMP}Yy(*HVe8eOwf26sg_UO%{a@vo=iz^mtadDRb7!P}%MxOGW&0D&M|RF7?>U-+E5>D#(6Edh}rYBIt9K zwtBVH;BU?NsxoEGO_ze!cI6BgnR-O-_CE)&N21)MiieXXkHz!)S!Pf7 z``TOuU?tp>61eKfAULg~i}4u=>tK{CDTj!4uNXp2-*d7QnkmGW%rxoQ!NBImV)| zhs*HhHtBWFc$@PBmQ8Y2*z8Z6J=u}R2A!D71b*gdsOd;(967RHWM88kj+kY|G4vN! z$3CFyHa0M*pSLDnU#U*HoNv<44dkqJ&YP3$>i7P5o) zIBD>;76z1ss%!b<@VR0iT@5r6DxuEACW#<^OKs>qW~{^gL(m88JUv9AWTrRBBxx<+Jq0>EqOs-EtUgB zN86^01(z%j*5yua(+4W`tz4RA@}(mRlxSX;DiNMy8TR73(g!>@XsT`NO;V{Y@{~J~ z0kEtnxsLj54_Mn;*?NYazutT|_Z)_=GlLPo#Kv;`y;I~<)AD=gfVcGwM_@S+y9d<;uW}FeHIQfg%8V>( zMg3Pzv4Y~1P7OeaF>ub-&@I4wtfP_`Xg_@NG= zqIvIFm$S<0l~!vX=EpEYnFl;g>0DSo)CpMLp^m`9Z29-Y_`(Pu;=`CmLQ&B7wMf~x zBRC?tHymP`sF`}x4XL$F!M@Gmo9I|8Z-Km@5&13&2+{F+(s?~h(Yvlq+6K>xx1w$r z&Y@2i6CT}@4^U4z$5tOjNoJxydSorKBy+=aJro5}?Vxlszf~@dmxaTy>5s)bh5VR@BaY=Ae6t z7`L1m^=F0C8j^uy`=DZ`#C)(Owp_?CYJJB)WKZr<|*;#O(dC#)&B# zVPCd}%{(oHw6}3CIX9hM;C$+O^iy=(RHHM{t1I?k29ruEJ@TlE+}PF7P~IqeA>K4h&#B(Est!|tU?z$)KsO`%= zw;|d#nvyl=EpEyky#*+}CoJv}w_v^0+!AG!N3#?Q*O$rHaa8N4Kz>{W&Cx3d8nSb# zyRB8q+zfK6U7#1I2wr3` z2C;ldb7ZN`gGm1#7rmXRL@}LzN6;$LA#HW9LCCU3dM|0~7_+Otx}vU{Rp%vpmMBS+ zgGK%RnqbhE{g8-vB3$cVzME>vPpzt1siJ+gj;85EsB;sB9p%E| zYj&vl+YQ0_-LiA`qWg)q2INN~^eh=kQ}Fs$4V924O~WqatO~HgH%q;p>A8v88V!bdNqiaG<9hJ9@-}TFv3J_t2C+uVMK_ zK2yTvL&4l&aKjqY3ht(eW~P(3k}hJdipra?te)%0eh2hpZ$nZ%{rc(|!&wr>cZO4N z{e5cOJ44{-Zj>^rNnWIUz_0r}D9+)oc+li$Mh;RTuUu~xr=g5JA73B%Lx@bnNW0v2 znnLRHY*5c{%Y)kybd0eCT#d*?@<2pCh%(+t$bNbPeFdCK53Q({Wn*HOIMQwXI{_MW zs1-abiXSBQHJKjjFQmyHLcz3CJ{yiX8*+)RM{~T z_Xpkh$it!|j69@~Z~iLz1CXc2fD7Y6F(g&05&B#a92jE~d(@YLCk@CE^Tl|-h4`5x z2``-mBm%5>w29w=UyKQ*`vPdF2Xbb??lPXB|G-SG+?_++mvHFxAHw0^hl>0&D`ZCp zQ;Yw0pvd2KNr`_1$v>Cpx3;o((6w@~C;X#grl)IfsNia2X#c;*h*(O`%OH7;wKXQ- zUyZE54VGe(9w^RAV!?zA0CORU7J0Q|Iwm+!HElxO1V6DD5b7~vaJ}Y79BH8d#6I;_ zh-Z;ZU$Q-N9#t53dwIWt>wGWIjG-&m#eswvLgrkc4H3plQh+jbXc_pLLm6W4m8X|r zuO#SaFC`dvCy%V3k&Mh44|nIGWJ?LYSx#wSh@!F{46207yKSR6PQywG*5V<1|5kQ` zcYPQEaW|f2zTzueU(N+-iQs#{avo;Lh;n2c;by`i)NAh_)2bWO=3uMD*MI_ag*_GQ z*9b@hR^CMXmzJml_@NB7sqaOO@+1`I~?YBgs`+OuPO`yjEydFiq;nr#TqON0}dk!qmPCs zoUC4~+_vjNt%@ySOdVlZ-eIlCXJ&lj4K1e9@q`&#IidBytjU}(IX#yLJJ%f?7k#Jo zZPz7SSUtnUwr)^A!(I5zy0y;t&sFq8(;ki3}oAu0W2; zCt!yV>qalvTZ+8m7*~(s!l(9t7geN7JgOh}F;j0+&cd>n-Q#$s*83VkwfSG(g2S{5gVu5J5&M-JnzWZ`MsQV$W zm^ogz)AP`b73_n=n1f_K}UGr z^hJPt&VY;P zEubML1O)Kl2T+|vKqo{AN$^=rCX^m&VNGnG z5rm=N1`)%AVcO%5%NF91rh@&l9fnH&3FxXS_ev{cl^;sMFub)tjTnSHiG>@C6Jqk^ z(-*)Bm?hG_-xYI4R&qa@@smVa`t7I2^kpCp{DuVqx)HMJ2fww%b2VnSZ9QdJKH5R_ z9e(>RkH0^yv#|l8J|)T_L*Q2JPyUc%2Phg?gh(eh0S1{?o_fuixo8fPiLoW{bz!Nvfn{^f-!^R<=#Rgn2R7vcTq+xW#ptR3z24HdtF>|Z-ssA#E- zs0`<2rBa8d3Y=f^B&Scs#A{QDuLK7lr!r6cUDBtlvTb#v&rD?Z5+v8UiM#)E2KFL( z={}=r`!&1F(}^Ef@A^K&4(9PPGnM0Rf`Ng>yZhx``rF=$_Ed*&$O^F^^zyTQ7@Fwl$PFEO>f(IE~ zhmj)HV;he&XDwk4p}8U1Om<@#{k95)XuC-Qd4fPa(|idfdecE>b3jgrult(i1821v!F}P%HvVBMsmsNS%o~JO0-4f&R=Uvj)BR@@gM;Hn$}=Ir$8=x z!mT>vZMx%jy-XUd#N}1S`tye~QP4X~+udk!8ww;&eYaz>TRNq(v`JuKc)_bA?Vhn~Li?^*aX*S${<~77S+lCwrRZ$ok&S~ncrTT@hc)O_ z$w7)-)2Ys(0C5EKDzK{^w!@6Wt<_*{&c^&VbLHq#sx^^k@fO+&7!gNB_IbpjrQN}N zkgRQoMt%GGh&RmP)@qv4VxrSx$#E)Q6%}Q}+9IS)xe}Rp9u{GdM5z7Hf$i`#Ri`k!E z97#49{%>>-A8xoE#^Gmh((KN?ozD9#A=*#yJ#{vXUNn$hzFE*2(upuZIEq?O?=x{ z?L628m}>|enSh)rKY^^_$KK|hL9et3A^a^JC&Fqhai5=wHhvs|f+Q{tapG~;taj}u zFdxkN*2F*6F4gcZmcLs6Qh4CKiT*cN&!I5B}V4 zG#VdZN`@u+%NO@>|Fh%Aa)cgX0lU~1np(TPie*D1_TC7tAtsGMDB@T=OjWy@9{Jc; zdgthLbs1M0f5-{0o^|_s$Jmc(Iqy*VK%A)gBieBGJ@+h~-c+Wlnf7G>SP!kh>5QnX zWvKP?-Lf!IyJ9!aEWnRm+EJuxc%hua0GX3E$qUBM>eox7zv|#Cw;eBFUsQG;{NKaw z-{~y*|NpSdNc)eN>_4y{{#sdHR^tEg*nctC#6Owq@N{BvC@w4jLRIhK`2{-q;HtWVwCWs;92AS~p*M1dAB2 zG%7x0Y)3A(y)?p&W*3$13qEHlt15YcAMcR|U^s}wS7p3p20Q~okuXaoubjcHusE*J zC@7*z6f;2uuMm=+dn8)qtfgucNv%8;Jpl1#6JjC{K1nW7RX~@QP4G1aIwYVu$g})% zg*r!HiAWuX^1MAf0!l)qkjx0)%|9H-;#X6#U)t4&fih$PW=Mdnz z!{efyL)oJ77Qsb&t~}T@Ht&1RhHRsO<%Oh#?60Spwh*TX$z=K zHt@s}CVX$PvnojRfl0ItAv!d;7B}?$C7Rc6hyJnjc1&6N6>qUeCE?AGqfhn7AGiQb zP;~J*i#SbK=Vz=`U3+Q9ME3~Uu@-yrIBw`=QN2hLcPubvKhqm5AX>01S^!>;^N%?u zG~Ov24{X!7eHQ@NxIMCc()PpAThW->)BM#9_SMHiV{d5ZWU6mSvwlf*3(156s79bi zl?MU7AU~;O9_MKMtWA$5x$<`R)NvI}J|+QT;oeLlaRC*7`?@`j0REE%5LdQ<5HOc( z`absX&P6uL?z9*wp26G>3vOCf{JdDWitxe=C|*AbilF2~QQoFLw0VW?Kb z>Bn92{#w=ctPh%4yYRFukfQ~M+{@>V*{ep^r!75cdt1Z@{WPdV7W zsCPPuD2rwAbzf`u*v&ikTts(=P#4x~4J+6zC726lXOGu&LGCVAv#@6qxX%8)LzmkM z)uPo06Y_!-CSN72;?YFP^n->%r2LZtWCl;MNHwPY-wh_`2V}pk8pb>rZ6AzgU^PF+ z5cjC1Y`Nhhp*MUCaijgdV+#TXv5Jw-X+M1?#>^l;sJ_Ov*KUYIs^6S>Y?cpJrOQQ3=6PsIyVa>{``#LtN5 z6%Rwp4-g30VZJ0BR2)M=U}GCXZlca-Uc?%MDbKF}H=^z}U>tFS5cz!uB|?O30O(xp zi#0=T%$p@Ud4mO4ON8e^gDj8=Tw3I}Aq^^P#4A;Lcz^{*@ZB{AB5%sCLkf6R0#w$R zcS}xEA4Y`i`)VB1`d_`{;~tY7d|yyt_z#8c?-H2s|I>NpGqo}>wKD$KeNa|X8j}vr zbBe?wnYhp+VcKUvw;neFH=`tm6hW>442Cz>?f%OSf^@agiDgIn;TuAU9PHaSFNMWg zL;#`_a8;b?h@;64WA69ocd(owNl4cU34&ln%cU?Cn!G+4iMQk6ie_|`%wFbM7UU*H zG};N~Dnae*C@{b+3H>o_I;5^LnZjWxNGZ>^t~I@pOd-or8M6|ZtjD&j2%5m<*f#C` za4GQtvEhCL>P|WEep7-lK(Ba#*A3KK)IbfQj&eVhf-paUAMfJo-*ZW+J>rBegAM~`d$SO^3 zGd8M(R%>c>^L_Fn$s`yuI@B5Yp97}@ovGdzNUe3_KiH(RvvUOzBZc`-Cj6gv0aerU zt`er_RPDTdTPa{iS~y@ww$OW^R#nY_D&jOrT!4Sn@?si5M<}7wX5sWl6oVR$daF@c2$f=1`kw*up0CNEjLcF#3RwMe9`I;o*8!H^|~BAe}= z-DHhDzre(AM+~Lh9Y>43@ZK`v+4rGs{DhmO$pfW9pSacjBbv&#-QJFUMboser1xJ! z!rzaN;Q#RW{6Rk*Ee-8>ZEXH^coNpX>~`RSjP0!~;$m=c8+c6D;tFP{h%{_uWRZ9T z0+h`7eZ+?~=cq!lT{C&MLm^{IVp@KEcOe}(A3E)={T`a0`r!7FYHhsq@qG3Q`>mvJ zld&L&9#~W*{xFHLxllDZh**~Z+!@TI$TCznn~i1#-q+)91`WNzSVgn#h<)Rfi!jD6 z)lkJsKl__094QpAy;;#{fXV7r>cjn>4~H<-mNAf>@x7#a=@HiNDcxNie5YA7D7Otp z4J&oL6NKoN!A&X&xild2gmoZ2NB19q^^#V#7rNd38A-Dzbgl^NjBb|wJGZOr5v`ya za3xHZ#p2vx?(u0s^R-lCz!!H_`6{G1)&r74!jEN`4gFBzmkU9cyqo3{SRLRX;r$ zVLh)HcC)MipAil`NE%STfp^?#Kwc$3-d(SlQ4~0o|l0e{*>xq3>D`y z9hXb0iea_XY~vCC#!KOgUnnzsAVU}vuhvV{sJ>37+y#=snkWv73m?OZ+j5%lDEFVAgrVWE}O7+7P`f44#Q1zBd9a)}yvZ*pqMB3E9^zCjBxS ziB>sFFqvo)u1#H+E1m*3n9*51w%M9~Wq`DAn*lA>Tw*3Jmk)7SQ)@!7Yab#1tW&9< zzo?R|S0SI$6BR@tL+)hF$Dd4sLR2gOqI`dpLE4bD#byCA=$rA7P{#(H{H+&IW#?Db z9)PBwrx{^;O|x@j&HiN6q7}$P^fjI&s-U?b`Pg0b6@(Yl47W&<8E&}<1FrFV?e`Og z#|vZT7}HLW*g9fbG1+0#Ay#TV0Km7=8xgbtSD!1i*dFHyq9Nx9;wk3{;etCzq+HSb z`Q%mcHPnG9^-#mAi5o(*d0Y{EnUvg~XD-!xBzl_s$jtpU)7x3sfZifSNO>4qV2z`Z-`iY@Z0B zC?SaGLtDZTm3xx{T9Hr>rFI_!zu5?3zY*P-Mv<6M6F4@gI$o}HO`e5s0XQabXCW3V zf?7+r!Z8DTZ#1M=c!SY*+_@EX;S8eP)yJ;Ey39Z01gIZsQQ`u#whJQz5VWQ+$SsiWobNuOqBu)yh{82w8^F z7ft*dI2Wo;tM!`^c%`cGqwrY^}h^~R(S73vfKmNYT>_Bv%vQL^5Ioc>Do z?+98p#ep78=4B3rbGmH}E=QShrQuv1SkjH^h%v(%>a(k6lCoY-O>z^;!a}oXA8h>T>Ld{SXHu&p-5azpfh+g4XuBL!vFR*7R5aeE+>nc1rI3?r za`2;2kja0j%@*PJRysA%ZoF5Ahv~`=0#(s9fMUWaH!C~KBqAxFsItt@C&TY(7znba zrG!dNfO~IJ8zD!m9p}`>D_NUp=enxAf)qU{!_9(_hnUGDi>S$!@hrvJ0goBS=7ta9 zm4Rva3N)tE@i7UJ&7--|Nwp)2%$?XVk+jVMf`!-9>Dso1)UawRsAR|>pcp5N-q9bF zBb+kciKxE%jhI67!>6Z_7As-D*+F?8Kl&$+rlZOWm>WwD3|2|eG2rt%FP4K;JoP{U z=Hkxcj%bjM=&*_~g4OZRg+ucw{4fYv=mf*}gz%vZ_Jf)?1m>l8803vX4pX)K)>j>l ziUY1F07HIDi)6s40nY|j$4i$E&4bW|ub=zX!)U;PWWb3f0Pe?GltKc{v*ro+V)Cx> zV>Foigo)}7r_LemIdFwzWOjZ+dVu+Roc`@}B%v$sgbJk9tKn;IKraWbJR7gX z%QsQZhLT?=h(8t?c3q{ib9kF$2>{|(ApERb)LMs{gOKJ15(hXvNq!0>!Ly6h7IDAP z*xYg%XCu5zeg2s!5h8#7qW^*@-+w^#@2v43w8H%FJGi{fU)N+o7aLPMR|Qi`!!HVH zWNPear~8Mc$6wjAGG5afffp%g`c_rPl%kR}Yz=~3XO0dT5it=c^ham`lV7Ly(g{7X z)5rw%ns;I7&;X>j5BHdh(P}{3gc?l;o3Zn6&uQ1giSw^U81HX9m};&gd{m(5CFM5a zf$QWOqkIIAl7JA*&V}5CyU0J8au&F24^dK8s`x>&bgJ$~e8Ol-kJp$J?MAlcA6JLb z5sUem3qdTh=`YguvHzLWBT_-dS9ic>+(}Y0^+}^OOtnO3A zVc$+d!g86?WClkq&Fu`pi?;d)6IhJqe3m__v2J;9J@wS}1~mH!Q|X0)BEc^Wr!2${ zVb>lb6B3Q!^_Wn&~T2J~4Zh z6>^US+gFZtyES3RhMOt$3R&w-<>T*lFU~Cgd~7kh)mC`^{un5k&EP2VU|-Z(%&gnT zZjn+0!iIP&L))v63kD1b^KrGa3#}z}VdKDO3F~z8IkI~d?-#(=Qyh>7R)>D57h|tO zDi@LdBt(muGGA$};{juUN^9gdI4;v?LJd>{yql%uyIj-9X!+HXfb+Vb(k(zA0U6E zlr2CJUFt7lx9}gA$|AUmG_@(syUnwPCTpCdp=_{p7D+xEbKzSr6u&sW?(Hn`z_*?E-l zd6i{<^tgS+{cS=QFBB-uGe%agpAfTXC5IwKN)MzS!U{4()g2(9?%P9;17^~ZYLsSC zrNBJHrenS?1e(Ss3k-Cp)e4j6yfamMlgQDZ#7^T+VkZtjy+3}SwQZ*>?DN#Kny-+m zIL^GB9vOCGg`UVReW?)n61Agdfo&1?0XdFX({b9u^xk+hajMu~$=YP)>egS@8YG>- z{vAh6QJy;^JAH|wNcU{Lp>ehqL{^L`o?z$>xGitLQCTmG!SL87|7;GOrXwCd`$CE+ z=q|8Ct)OFGYSp6}HeSE9iCs{ij)Y>>W0CPxi}cCVaJ%9qJW$ilre$+8;+F-CCAFKLUKKwpQrwQ zuE@)@csjTfQylg4jx$wgLnnpA$9Ul(bcA(!5nyh+(jeu|(nFcZPtctx69t=%T6msC#Ne zs(vv!Dj~!pls)(p51=DJj7+0L8dGgJj!Up{k2@4p*>xCSuy+B%Z5Smg?;~i6t*8QTNC2u4K&^Zi z;QmOZnYv&3qSYG&%p3u6N>E7vLU~`8aKyzyuz+?%Kg`t*M1;Kr>>ZZ3>T$n+Yr0P9 z?JL+*fB3z@$i1~ZA>Lw~DTj6u?5hlpAa(P(hVuqVQk;N=J;CE!o4qa6Z{da*%hU+Q zt>3$Ik_2eNB$|&q<|KVlVlZMzXcp6m*>Qtp)Wm@w2}t|OXg0pua<8C&z)Ms#Ht+Ha zUONAAZ~D6=OZ|@+n}M$NKT>4>S!wK#)&I;iU#7r+C6!HOO9y#l?9WZ+QOS772o$u` z5qjNrxQS9tGbHTkU%pS{HH9QQ-NR-U>yKr_y=y zjUO^-1*^#*9)(teE;)?4t-uhAMT&27z#7ZoX$kT+0&F)`P_jXX#hxhweHTG5Mrh$& zu8K-L?KY~kQ)^SfZoTG?jGZUvVOW7iXKa-LDfSL=ArXskUz+*d23x&GW^POQV7#a^ zi<=sXNDXDg0R9O(_`xC*1z`%tZl(k45NfFDhs2c|6*^R9w4B^YcrgDga;|~ExjmnJ z8%JE6&ehzU76H1m<0OgnkyP8QKz>^R9*(%7TVnx9tWL~pndi^kNjzmU`Gr9eIx5Nx zs*+JLh7*y6gYbg6d)e3pxl|MOoI;`qOh&VD@ltx`*ad{#f+cj3;5oHwl>E~I-o>T4 zV#eCQ$Q*6$RAqx5~iu`P!q#N?-LMv!<@Er!CJ+yMv5Qjm&6Nxyshlq;9X5z&)iM;p&rDkIM z(Jq|=WpO4mOtAhbqMLnMml7PV=D9FPnRUoE{9gO{Rk4z>!!^~ExQJy!3oKcs<~*HU zokU>k@pB&5tQi$FBCUpp?YI?HXSeKzb?`7hRz$wcOyIh~SQTT!r9ni+pOdNizc0qLh}zuaZ9^!hEijW2zc0(VR< z?TsJ@7)EQF2=QAS6+R&CyTQnGw?+tnlU@hhhppAw3xCz8RO?V5-W2$cy2p*mWV8AP z0DoUBW(LZHruyJm6=N|&14%<7b%{=xA4&^ScCWS{Em>{kgUg_ zQvD!ZgnOrLWqWC^oBXuHb~H8Qt|>H>uFY)^w|_Mwpd7rQnV6U=s^+e3h*=kJ&sWe_ zqGV%`njW9SXhu5cNW&QBvHno>h`7^rT}7}ZN_ptXQ}2%db@!sWl{0?^+XN+=uV1^o zef+?^TS5I(=#n?mK5%$>N?xIU;(_Unaf@-D^y%l8{597{&M!cX-NgnZ{MLO3ix5OM zRJJ?MiQ>|5BoESa>tBjg9b&haOknFt4?hbsIOD=qMf#5QFyd^M8?Su#XL27!wLqcq zPWoD;4-y@hw;F~r_C$%3+TBrDGZP6!ey;PdlaaO`zAVcMu9pQem|D6DiT}RQSJh;A zlUzocZz_6Nf5+$xeGIH{2cNIPu9q3m279^C%CKXFtPc69aEa`oF-7ANs@jAMDL|iO z)6vYr*L`Tin1w(o`M^Wmds`rf0ZoE}fw2%z^b#T~wYM*5XtZVLOnR^k%U#uGWCGD~ zeW!CF5JQ4xG@#>=kAm6ZQRgbC)YYODF*}Hm#5iUuNSZc#k56N`k&raS#h~n-9A;4* zVy=b{9~t1dphb}7uV%RhlGWutQa|gFL~?JarhO6{p`};=g2|b?#v#!yaHDcGnCsBu z4ky@JS=we)sr=@LIb=tOu(L@_ON`dLUaB1ML0O9BrvitKrhm&m^dMO@@Z)sR2G)Cf zY6sSZ9pQ&sRRt;Hwx$@)?j`ROg7Mw`JSj)7Ao>QDWk&DzIPt^)KvhBo0?H{hc@3B& z8)*DJiO&h)SoE21K&N0bS5GYtY`%s`QYT+2AMgRCM7ebT250^p{kK*quTjf1wr>=Y zlX2_2w6HmReRvY(KOxu6f?Mafz7;}gL}2tB(`O8&eBY1_N_f@Yu3M7J5X%l(bQvDdA(OJ1BrTdrn2I9n)IL->~kt^7IbM-h|wU-t*kc-*_V#`}}hH)xYHK%YNt-z2d;Q}N%5XlmpTwy>)G){UVe4t2-JAOTClC+aNi=VGJWEaJAVJ787 z6HNS}J?NqURZaFmlxyB9HhqXdbS(CpxL+FioL}L|*o6*~<{${-N8<@m0vwNwH}+bq zmT#geoVfQ+J;c~{wk%ukH|vXUmq@>mLsCg&+BGV$5HOAG)s51ylH^;?khqw9L_KmR z^j=N%&EeNahm=s(+d+R(g6i7A*4jTfQgadL8ls%BKnb~`(W;s1QUT<9d;qz30J>jO zh8N|)3fte&;XF#_T~S>|-wJt7^rT?svw@T#4>+Kl;-Qp<7OI6R4&0jw)PTrV2!^3u z^|PyinsmZk?a%>g&xcMbE;QCuTpivFLQ2DEYZ%@TDVc{|CnoOS90XrL3?1aw{nl1_ zRv|;E;E%BZq;*L+a|B7wJai{&vAD%emTdicFPtP<5?RBkT1r<#VmyA$^I5R5i#0Nh zv%T}qyT^*ophnTSQHnD;9kwQqW{>HEygctbrmI^*!6T=B4fu_T<LcKW6f`Z+VfwADhYYF2*J zYxv07t#?!h-?3geuxVxA?~RV&;??ntXq#^A>El<*0Hbi!6nfz3_<$^(erGr^j@5mV z)j7?I1^I?;$;gX_waMs?Sr%6JgdOhTY=QE`z5^Vp>hb#XP! zmP?GP_NrJ1XS1&M`a0~z_E(;!`A^Kv&2ifw?Ty)D}T?O z(zd%7l(cUWCdWE78;dx*L&<$zJ~l;O!ZBE$$zBq%YqAF|yy9>?01rsSF87$Q+#Tmv zy8j$3l+0_##{6ZRx`O%dCA7b@-+y47`Xz?^pTR!GjD7r*}V^IuiEzu#Z~ zfs^CE|Hc1@lVhcttB%6rBDb-~Eips1rB6@Ih!3u)2tC+$JX|ncx)>k{I3QH4IN@7^ zBvyv+yK0qcmgbwMew9s)^iuB_ml&PQGOi3zLsqEj z+tP#Yz#@g)Odz7|ZcKi+n6gCAx>UpukLvl(M4@US?(ZfJhhj+E$>Ig*8`Y&_xP+xg z@0Hr!m~u`E8ggz94&Onkrk@-lx+Dz+Ql|-Lv$ldcQzwmEv?hQ}Qj#RIw@T=D#~-yk z31poex@ue=K6mi!#b@@v9=0kO*z{wjM9+|XKtMCYvSuQkF4+QGsD~Z zjjM8!bcy%Uw03u2+N~*JKiMx{?2g>{1QhWW|(GsrVM)PIf4( z1s=Niw)&a=P1&%nYM*@I;XbuGQ}M_4;uO+PC(@$fKx{sm4fYGv_&_dzY$On5uXtsTfRPHiBY7(D9f&hBOf*OlpS&A__KZgcX20NLo zK;9pMVxk!PeS=zB$5&Ev&=dLOEr$Y3{8o{KW-6lu%IQm8DFFI+wLvo@%M#(b`=Kx} z0d9X|h7}bQ^UTII-kOdObO%#aFO0$zFh9Yy~4;j!=8yY1h@0&j> zLzu`lfziXKDDNR1`KvG8G(8D@rNd}bS^uU=7%!A>qD(8j(THZI8zta0UWRf zqQf;a`ix%!cOF;ChE%u&<`)sg#EwW$C_$hb{-8d$QA8JL~H2g=p|7+oaJ7H&8jZrQ7Ihz9>KVisO-V zHu5=N8hHxxXVe~4u>6EhtKP9<`YImV-ZruHsvh0mICE-?E)jVt%csKoEPWa&1UM4c zd3^8gMi0to34SqImY*$?1zEiQ2I|0{3H800N*oNWHP zjeDn_@SZ<8_vYHooo7AK#Mmvpla9dAUhkd)vASX(*Gah7GMXFmR0Ozxna0@7zpM7j zoc4GFE8Y9&szK(wWdixWv98wTT>|5?w6YHQNO1IeT7`LI12^RKLh0EIk!jsViFvom z_Ld_K)y%hTMzd*=ehRAAj!roD=Jb^*vGJ5XzP`id+#dZo`w~*HbEd1!#tLTv?sxe? z{2Fk(kDHge@NVPY8hmAx;SsH?dgT3y7&Ndm|IYTM6;P1o%sbV$`2PCUD0@5Cb%wO~ z!928qzbu)YqC0K+N2^KHsw+fOZ4y%ET*;ho+Vm!^F-^DkjZvLIc*C)Iyy<}Sk zy6bq}JYU9>EoT=2(l0()4?s3w*&XbGAEiny8 zsa-9zAyq$LCQ<9u4MfKSuGiy2OG}ebA=w|*hAIX(U`1a$*00c!_Y{PkxfULLbLs9& zmC2GhlK1xF3-1@QLM3T_Z~P$7#W#;{4uj#D;5VhhS)NANu8y8`G6JDDYXRH%Y@16V zgr{LA$M@>i*;;ZxUT$L{?zXs1hsBxHXXY$;mfU;XhOv;r0?HcU1sx66`^uDs$oI2l zSR>v8z|r5kPTX4`70raJf`-%e)q#_?9_^3N9@+KI#Sz2Wz<_`cp)oRdaHx_6fuI_Q zp=i;AWg}O8XS*^;T#e`-vyQco9rY}c@!r@!M~F}6OrZ=HE>#V@)ferYZrc;iTYt$; z9a&8h(915Gd_O%LsZ$x78aS}lX~5kmts}u->^U9Y`HWDMcwbl?Bw0G^$-ku(XPl?k zD&?bu`C~D65Dl=>hJh030MobyWKNB7h28n*PRo~*M9u$9%Q73OeB;f;vKXO7uPI#w zqs^I+-WTAroKiB$OA~|CbyiUeXgp9^`|VJ_(WZKI&viw)a)dgka*(`q)C zH#Kt`DxX4LCU}ishuccgWCFKkP%V-cJ;LXb3xVPH)2+n4P^0g9#N0#o%@id%$0D34 zig0`jnHT~s(MI3z#Q9JW zoK$(@nL0zW`{3OU;9AUyzeMO5Yz<`nqeL)Ue&C9=Et@NgrKH2%l{A7^?C@!B8Z)XD zl@j4)u|&jN(Oeuw3SZ>I+?`cwO+j;>f0#?n%YV3GVTt}el#H1FAbneSh}+!f{&Z@B z%Up!4&3O)Dz+@#L%Z4iWTo}0}OSvNjUB4#MltKB>?V+PgNL@Nvo_tP0SvA+)p<9#l zmBU;XCF?wQ;=^N?YTRpYvjHvG`BU<4$3LT9qf!$jIHAkJXDkrU+75 ze|L2A6|y;D^={+H2eMU+^#v_6;!;yyCCHX&#cE8dg*jto@xD3WL>^aVjd*43frYZLBz|JoT4{M-;#TaCYJ+!^N^V4n|0Q>N(8LL7o_8v*1^ z;h!WhNQcg>8-cMte)J8e%`>7-bXy1hCiwhWANSQ_w=>_f6kr{_67c#==m=J`F*$qD z_KgDW?Aa1YZS+Z^FMg?&Vg3vS64ESLKMJV&zkxkwmMXNUpE{0$WHMVUAa%&__? z5#Ge2#-vo)i$W8)N`dg~K*6TM97-!GE{kK`iO1?%8DdE|Bx*B7uA1{gCB&DG9c`|w zvI+4JAJjyG(X3TjD`bfWSGJnL&1KXMNLG(=?izzeMu-l>CQo(INEMrq#mlS0XT}}* z1iHgTV{Ntlht7?P-W*odcAl*68`q8Qv{s3e90DBe;UrG;DB=<}J(5}7%$!7Stpvs$ zZ*6X~14fDj4>JiM9cAu{rL0>Qm$~(o%?XeP!e<&8Ym&~hYy(3rmjPB8ocLzZ^P1}S zu4rqkhmZoB7^#s|7D%Z**0!8W-+L!E6`T7`E^};U?o~|`o9@h28?J=~LDEk0z5G-2 z>gXu4aji`zw7f#Fy2+Q3f8sQAB%AgDtdOWJ=JnZOT8I7xQmae`ObyS=l^P)F+a1F6 z$g^eQuRS$CM`obmkq{uIAY`QoASW`(8BTH@DM}ui@rff8H`8{^SYMis^PjkqPY*1fzhv`5+5+%SBs>E$&i+Qu@pZ+ny?`2y=q?Yy zW09lh488$)r)=jEKk2!S(j{fMi|3f5)}AX3(Ya35`KPG1TcFTDNs;rD-;`HD>nMR1N z=N`p+0YxYf#N;YR>Ed)idXD80yM=lIX0-CRCLgdT5A8_H4{hm-D3#P9uBl&X_`8YE zNX8o6aAY1|wBv{NiKDmuLiDG$SPseFSUoW2@)!jE517+mfu`n9k6C z$`%AW+$Ni1y`qyp6Qs=RDJ1a~CY{?&v^!R(2pqqj$wgXfEVP@nIxr@NyY77_#ru8c z>(*s3I$y)_^)UBGK_PAz zzEqV28S0>*cMmFEHZ==uE77;Moo41;by$Lig@i33KwFp;+q()S9`@#*Rs%IxEr~X6 z4@@_eMQsS{=bi>0oednF71DO9*LxI4^Q5iaWuA5@Pv4eUtf=2_=2Mo*>t4KTCO$Nx zOiX^r>!u2Nct9N=`;gPg$-5?XfCBDKU*^}TnI}T(!Xi3}&|%#2BMU#l^AD9Vqn-cj zM?MqgjBLGvZsy~0hTN#W^uXAj;qYJ6=C2eDTa%atveYwT^ZCo^Gewl{PF!2$PUzL1 zK6)pJH%aBey?PJA8`VQuJ`9-S3 z-vbZm$m4%Wf$OXyQcGOMhTi)ldW#+> z$<7>AZEYN?66dKw@s3YH?zm_wfU_;jHzO@>wo&D*rso&_ zKNQ7&R1*9RWB`C9`u{3g{&#}w|EHq(zy7TMzaorUG@<_~iWxsYlT%wBTN3)>KtUK_ z4CzC`33m{(2(SbR{785Kck<1HQzRXxj7&QjcjYUVe^xqaJ69^zYf@WGx?DF4nL#XI zTd8c9H$K#Dwr^@b>o+^QTvs=2tP-yLZhDw9BuEL!LymTwejfW~{C0&hLNAbQu=sfNibrIv#Oul-sTimB(R_~P< zUYHDCNHFc%6~g=wa`GnM#Mn~z6v%!gx_>pecTnQ|5P|sI4)j28`#SD#-6v!8_V|M3 z`kJ?L9;D_!Q}*1oV1CNXzthaW+su22sK2D8e^zC`;*fu-GH*HWu`zEu8sPd|4t}@Z zaDC|x;R}Czv2)&v%yWK|FssSmRDa8u4N)Aq{wfT4ll?4^yXCdQgkzo zpy+84BE`CdxX3)w6w+)Ll|ayhX7E%9>(C>uxRD+R(4bx|c0Su{9?D8CyICQ!w0n&o zNKrcq!q-||$-P!Xl?`5_h5SnpQBY}KQl{Lp!RV#!=E8{%SwEg>p2=k*y63l;;eXr- z&qNtu+iXCTpbOR(P#{}){F@|v>4c8*grpwziTw_mjQ!jnw5VgW%1c1 zt&uY!>1w|5WpWRGHbdOXv1G@)lEzxBw4$v}i1BbF6*uSB0xl{V!76(tE5eyISJFKK z+Baq_6@lT2Nr0$3D;2K8`r{Cd?g-mYH^4CCo>6JPKaas{Z$$Hh)NHN(mI5YJ#{reJWpY+@%iD zO?K!T=;T3cN>J6sG+!sSgeC*hW({*ggJ4U(77-4FiwGwP_^$=qa^*P~Ph6PryR%jl z*vnI0@9zWM4lex@7-I^JBwY)C0U@R89Ye55X5}371EOklhKX`aS<4ge4!-kpW<8em ztaLX;>Am|3qHA&~Rl68_r#&O>GN>YYKrYsiVh{ZY=9I0gemF|um-l0R!f66U3-JeCVj zw_GuWK`%iQJ~)F~Mc2T0gR>fYsfY*3YE@@y_=IzTAS$z7X%tFjF=a+2YG=BoJFGNl z)}ujNJ`$Kil7|r-+-VcJveYo6gLIHHq`^k`Y}H@|o+xz)nj@MbE{&nFqB#SNfxDu4 z1^&t+<3KjkRUDL#BtZriil%HDMROo6nf4DNfqDTId9i%a9E%b2RL#|@p@Iq-v&)O+ zxUnoPx_TM^inTtvnvm%sWcsHJdH$TFB~qLU6pIpc!TwcBW+#x~ddd>vqGgDt1?*v$ zpjCxTf$IfAzed@d=SKdVsK6ykjZ9&SMsue*w87^(x-y?xIM(q6ny++v&E>2}3zmIm z%|Z>c*@Gt;b-i{^@LX7!XGm*=NHG?#Dy8>Qd!(HFACE)%Gs_v#&=p)L9U&Sh9Vrzk zAL-_SW~BlM8wGMoRr^6P_5J|`(rQlhQMU|s=B{u%+?FK8w1h+8m$L^Vlw-STOyVg% zqsI)|TjL?{umoQ#&6Xv%?9E4}KW|OF&bH>0>jh;N6emaCH)^ZHF*Wn;D)$!6-Un6~ ze>#+tdO8_T$69PpUAX5%TY3bU{rS4~4p46cUF&yUcFv1HXVR@!6Za;*!O*|8yl2w3m-nIk^Y zsw|_2MQ@?JXS&N9^EXwD>;hiIsS}Wx;Khn^zQ>7g<0x1t4cTre$22QD=rVT1AY{E^ zn4H!KZBAl2yl6j*E1}=tLDBju=RACL3%0QL5js6qY-yGg#Osa%b`&HM=X-dRQoveh z2quS3R$Fk1!KhRl)F4&U8s)D8aii=%Deg^MnGEr9%;^k zA(6hf80Y#&GWm|(9fJxdgG6;2e%&BVS`!1Q4L(hBb$i?uf8tKl9iBt6Qnme#esOSPHQ$Yt^oGqX}-XG&Ty*%8a*klg6I~cH;Yish4|l09ioSHY z+P6K568$NrB;`eIre7j)ZoSl}i&h#a)NYb#u%}#>cPXXoPLINESM??xrM@Td*K)PJ z6%Ni*xB-2a3DopKaZblZQugJ9F{E+*cc5d=#o!4gj0_|qlq#;#hgjrLQ{xJXWX-PV z@&J4SO8el%W=6#cc1dlJ~nqD z$l6ykXon58p5bFl>m@O!aOs9|MVoZe2JhfK2>~uoEImsv{f9R;V>5POS2s|D%BKn3 z;Rk;Lp1&c}NtLl@=LXsstXtJdwxC$AkJ0ZbiC4B0!!@j}_0hQp@Van_oJ%l@` zoZG)7sGKv@lDCDz_ZWi~ZAKeklO-6r9M#ZuThKCrphev<2bH`3P<FHv>|P`i^9yXD1wa*?z`fULrVYb}c6wci(#|bS zQx-0Rw~4{XGHH>utL0ZVZw;Yj*={96>I>l2)a!{99sWM6o0 z0wL~ImqDPDu}NyD^i(){p*guSbui^a$b_JhhIu8yQEU0n0YQSi)pT&+n^_wcSTa(w z115{cZHqQcmIG?-zAy5Ih~5U#Ht}{K5(VY6#H+@wSo#m_Ii!XE=c@#`NM4jU%2$`V zElL5lPPGH{<<>-Ir~0BQZQXTyK#L!m+My~~=QoUl8&fyWkjX0x?dE8^Jvc^#tUU$a zAm|q|@g10=JF-Q0h;Mh$wmZC6If&P};8jtSJuu6mXeU-)KJS)r*SileuLRpZS|@s5 z;qBfcbNK8+QhQ47u+5W^cdl;#^%GW~UjWzH>Y7~NV9t}+mPnaHnR0MfNk+RE)LxV# z&rKTEJ&6S@Uh>AhNd+{#lma*5^FF@VzCrH2z&R*4Wlv}w7QPD~unq_1+9q?51f*Df zUQf!}YQwX`T0KQ{)U(gLDz3G=SM^g&%jVY#UF z@J+bm${^Ce08Z@&T%djTT+tr(X4P8;P3vRk+Z2bidp^p!fm72;XYu#wX}N+m(Oo&m zwT`Q|`bMlJg~6y1maOr5v`8ft)|u_w6yGe-%!y zWh>D_R#<0B=YPs}nK>WWU@x}~44A1}`M*Wy8RPZR8T?iOGkBn^GTqByZCbSVYJBDj-&y%^trF`#^aH*~>VBW-4!Dct91BDqI&ZM zV{Yn0#2*5n+BAAziEEKVbH1P-?sAs{ zs`acn?ZayLc5f~)hiPPc99CN{qBa5t6;AW5_@9U0|Adp!adkxO;Q;{PNdD_P|G$$% zQvb-J|L=h|{|8R`zs{Hcm2YF`_`g|tElBTdl@>m-jHy?X2N$WVRw49K=gAFz^kR$7 zVhhPq8B&`>L9J9*&i72&jHzG^!Ki$o#_;^Bv0jwwKtpI&o1xVMRS=(Bits{}ytr5S zq1UCd*|Jp0uiZ}?rroJx*yg>(-MIG~-GHnxG?6A9KpWVIdM;!l3� zKSPnf$Sr)8Ph<)|8VH<~3tENTr3-q(@2zhzmD1!HDzpeD1#j*AIZ?{4RMq6wmD*PY zm{*8GBv4j(lx3@bgT#{W#PLXYi%{{1JSB(Cs^6j?C&mXg8j;riQ?+PAa(d5Y+P@)+zn?kDWl$LMT@wc0?#wq4A#NRyjIk6R37x)ADxj%8C; zE4*{fbLfmU=`698cgi0?DfP&S$(7y-Q|Qp96t;`+OyR*jq6P>`2gIwh##fP|+*ZN7 zf(mRrZOB&^k)ud085VG3T~}L&I?)+AE(hoB9U)bd)v`yAETdh{rHeEN6nNq<)(c0u zg0u+FC~P7^0uvqs@9WL8a%zuS?E}xX$4?rCt!-_{F?NxnRzi_mc=m7H=`lr#3PwK% z2zpxW`oEZ_Z`8Y8WAJVv$&k|LEL{b#hB3g-8*7#Ah;amasCbaOMcb_5UqG#t#_fw+ zNwUQa6WDlKc+lo?7nw#@1mH%~$xxz1pX1{ZzhF8eq=;H#T-m~zj5Ff#F4Z>|nu&^E zGm8#$G}qUyEJ|6Vras*A3u!#*GYfJ>r2d*;k1se`o-EBdTPiQ$%qPHv(ptd2Nb&$A zLb(xakVkg{rEE?F{gAm{j-$TUaCdRnaZozO+@80rGSF~B(lEuqh!Vn4j1(8{ODSde zE4otwp(#0twR2%fmmbi&tlk;(Xn;t&np1(F{TZVZX&rblw>RDrh_X1BFof<0%A885 zpPDn3{SEfcg#(EoPewz-#qSxp== z{i$`MMwgmOme?Qyk0+8MX;Eoq=y^w9`}U$+b+AFS58V@0Z@JRi+ z2Z8-KGpk1pqkA6ATY|@Xr4N04Dok~{r4!I#~ z3ABprnSe2Cu}RE{o9AnXoNshKq?%*li2d7(SSEHB+G6QLeyBUfozt+wU0e?nO+G!| zOD&z~&B~cYr|90bS9m{sga=2YwZb9Vi^bC)Pk5o?z659WjK~>P>DWOeS*ssxe+9^- zruUI+)r(nIqmJjySLe#H!Gbk`%c72LQlJo85NB8ggkqW zeViiZ^9-xB!9wk33oTBE6rk?jq#Iak8qQ`?X$q!uqiRH*Zap%rCgI79UvFQUan9CB9z&)_63 z2Z^{#Qp#t|EH5MC=zAC-B{i^pOr2iisiWMQrK)!#ET0Ix=D(!-+X!*sZcuK^Zo_po0KF?L6BR^CYf+tXi=F?qhp9Bm_QkGRrNa+Jju-er4UY4OLRy;_HI5hpwdLA|8J?qy3k1d>H|f2H1Z zd*L%OM_wO+#aDwb_A*5-HQCh4Pi62bJS2yQTc?JU1#GaChon&v}biHA;PQ;fTHgVpwFZYkp$k=C+6%VFg-y zYDz4W@(WtV&1=oAZ0^9NY2ye8Faibe>b^?%2+gZ6%`MZ2L1RY4N)ryXp!_rsw*~pk z;PoEwkf|UJ@7A~Gmll@R&XYcBUN~5&HbZ4imQ^e4OuV$JW()9l-=}4+Wo9&f{Oh!f z(9cAOotL5fL=R^lkjvHRS@I}*rMVo%Ii^ez+Nw{A$+TJ_Z7v*NBHB{ryvov97GDhN z>j9aATaVuCUlx5YGAzD|A&~M8snSac&Rz)+fHxR*UWXl^E(uG+ihTOT+oeL6XPIm? z+Dt`+%#?VwoS9ut#*VeFv@&;;Z{&saLzGmVEuVlrRSwJEpvSZp;LM6AF?CO%-AKH( zj2zDUBRJsJ8=pNZjj>CG3Gu>@4B>B=-z*A_&4iEsxHmf;7|;e0C~#4Oar7rvoF{h|P<@HSygKl`!AIq`%uFC>Tky&4rnwLy~vh_1z2Ep`3f#v;xUx7>SI!l*UAl)JK0eAy-0*w2Z_bCYWkZ zY_wW~;<~3%LI@jz5vbRemlH0oV~A*$x`tLXAC7(Q!tHc<}O1WQSh+fwRyRr49 zYK7k%b)as{GPQ5`cC=YAnL7W{8CT{r!uJuBC=a&ok88Kikp>yOo2SdgVTb4x>U_ku{>!fZ8w%Y88a$D`*{XqJumqoz`uFPcsH@n# zgC5(9BG{q&i22b5)Eer~hCF7|7ezzb@QDWPh89VRXAR{ivQ(zj|%C9it5VqvU?ZWI;n^DG&Hyl>p-K7)s{R`D35NmoNwpMFWE|} z2egc(i^lQ@z@#l>vW~)UW|8=;Oj5VbuaEj13u(hE7^_P_>z=6%PoexyQQI$^sxnsj zMNOyjnVc%(l8q{3%JECy<}A?`ZYd_#M{kEx`DPB zvq{C~O?{Dh(Q#~d{@0om1WtnS~ z{HBT+G{r=;dDJ~0T$%zh3ryE-e!WuB4@#E#C}&!qxXg3%8pG0MZNVCDFmBR0tXx4W z57ri;PEGN-8J{J{nQLzjm%El`SwefryR+j2XCj|$sQzP#PDmE?GhJb}B2{6$*g3MZ zq#<=R!M3>?peFB}i1p38M}rc9L)WYkT-F#afkWD)g&hKs;*rnz4L z9*F)u)vah=P$G(bp(d@o636^{Lj6?xG{8z@#(K?v5pW_)l^MB3nVfDht33QpP;)x_ zE~{gzHh{2m8K8#Uc{3Mf9lB{}xoZ5Ux1=>AweUChoiE}E!OK(uWQ8$v-=NHiw8fCl z4A#Ant=rPrK}E?qpAu3jtG=_J+6S=vF)oEbib`UbNa#m}VC_GZo@*G_=HW%9Wl%+Ff;h7aq%a<>eb60>L{%W}S zPEaAVdNt#^jYGPPbDD}_B*4w$>Q<4f^J;dPRt|hL>pbrCVQWC(3~75*F}xdE#22A9 zVi>@o4tcL=B{5x4_^9@7O39)E`^e{t*{BYhl8~CvW;eyW&9p(OuKf300n_jUN3eLBB8JZ#X3rMgv}MJtDCD@d|vRPAD5*$&rsn7ZzW+<8c)ww|`1gHKec}^eYLl zl_uljDok$il>UUd+6L0thNAL9e(wTlZ$U|KgGp}#8gD_;Y=drY!%A-hOK*cmZ^29R z07&zIXz>C`Ut<9&=@t8smPT(xFf7{{S@y+LWQB!P_=;QBbT8_9oKg%g1rRW>`0u7w zBNyl+oCbs@8RSA1u22?R#Q--K0-URIcyQQ1ZC>XF@}u z{sPn_rYx(Lh`?Q!sb*-a|3gl-oYQF^I^mPl5TL`|F#*K4On(}-Zg|A_!KqV(_@U9J zooTW3)S^X(9TP^co-4yF;TApXF6m{0muw7oD6@@e?Gm!vhAy=6W7&w^M8Yn()fu)M z3ae{Ds3fDE$IhNSC6CH&%TQpg_9U0qT5WrgkiP?tuCP-H|nU<1mb znzI1vpZz7{U;IyX?LC3AUji49^PAJi7SRPP=swRZaz$qEH2ib?eVJf-@eG9d^#F%Q z8_MW_J&iijeFGEPyT)YWDEGxtF#)iTJgZA`)Jo*?X@=Xga9!3c^I0XKvg zH$7xasqN+;;FKl5-k2woOQRznXIm1pklMs;BO6H(Yfz1*S#uhc6PZYeL?{y|5_2@R zt%xO!9`KGp59G{3gHSBzdhO#sq`@utYJ-^n?IK*b1p^h%9Js&<&PAmeC-;dTKLj}r zzH5rKefK^|PjPsA%Vc<=-Mm4-)wq}Ku~FeqR8B#@6ubwUy*2VUfnTV&y?OKB+#NKV zd|T4A&D;gq!@F-rYZnA6IKWl#{(TPj3AJ)Owh(|X8gad{>nGSd9vEBj{%iVjT#%MQ z?j&7+mO*WSStlBwq)U5i^&O<(ws2t~_erJJw&ctm#e{vD=hn8R%^gNP(mxshF;NGf zQkQ>sdycE#e5PMg2fRneKag?BCLg>eL$3~v5BZK99Q!|AvN2>IblAry)$e)!zMI&) zgUUYmu#dy<5!W4_c%x0 zV>OpC6Ep4$S`6MZW_ja2`N7@$3N*>jlO)W#MSlJlJ{d`tv+dXk{}Z{fj3S)IQ(zSIeExn2@_P3T!$(09e0C9YT&Pb5ph z_L#xZ>p&9mZ_BUJCjaA^-m%KCBW=+s*BN4D2LFWK zUd5FI>YpNt2h2+UxI(TPYT&`$;ad`6AR&u5Ecj+;Ar*@uxZ9Lv2os)gCxz0-U57X4 zQ^-6hRr1)o^BK6j2CTz~1sOAW4#N!h$fpIyrYE5h*$r{@f|h92N!I<5w8o+XoFSb9 z$l`lpN)tMdcV^Ad);}iMW%5uaf8+|O5PoYksFgH$&_8UcbFruf8`o?iQ2`2hZ#GVb<(Pt=Xl% zcEjrTsn_a(ShGQ~XF_2o4F)Irys&=&$Xc2Sw6`F1e<}VQ!-M}Q=0?HT;;|4# z^~i>*qst7aZIOx)KWtV$N`*93L!z2h&d{lhD!P!YGz}}PtweIHbi50F`5GTSn_(c| z>U~y9DzWN17w@L+r}fzFWWZN1%$QsJ3u{bMBb9oc zqYvxaa`w^rcENXej6d4~M7uRRgt|F_{^%|WAeS5x;G{+K*P#r-X9dPTM_~Q&GQS{n z{2UZ9h<`9EegUSqIWW>jz`sue*!X%h@iTjTfi2TrOeEV0fdQEp+!r1ZLC&xr24BAM zu;9tCpkNa;B;GeRkpa{)5XgTPby$9&l}AzQcOd+ILHvC}{Cz`w1LXL6Jn=OUVrxJo zRzS$CfMEQ11V?-U?e(31%gzW4OuvX+`v?xmCA55Hec!^AN-%^+O4V`m|M3h(aR_u6 z>0>D$dNp(0@B2ml50b3c7y;e{D1W*PHs^?XUl{JnsK-#n=A~RQu26MJ=pN z1pgI#8ULsMRnW!4+SufO>(@2vkm@+gxW7DWCaEUvXyLNah(<{W;*Ap0g#;KR{1;fU z5FkOU2LM7CP2e}Q5VIY%tj$Zfv^-cNX;3Wg$B{qfWxDUnD9atsm zmqEv!=%e@6?qSUsvqHm&dm+V>mG~nvS_PHG2 zYH@nWSp4)fUx7J33j)Yo&mQnSA(*;Y3A!O zx0)64+elHOg`f4CWnN#g6V0Kj_ys0RWqexd1oGVKdub z3RwOw?c0Q40xQXJw6tM8^YMX^HkM&W(Kq&-l1Y@N#5cHV!D^TG!-)58YF_cyL~h(&wGlk(kr%(Gw&>C zTy)n>Yg~1E$5n{)YHqAjr)T<&i)V9Mz%AVTPjx#rRLdc=v!i$_?BOm;u5!R}m?jJ; zq|-=DI%~sO*auQbpS7W9W$DV%QjW@!f$Ry_nXqpovAB*;SnZ{Jb`qtNR-xyr>4Um~ z;vE))UjHSOuW-8A%OzM>G;ahXA}F8g9WrUswQ(a)G}?=fzYlxW6+jHR0;OFNq77U~ z;W#aqYhHPMU+jz=MK*iq(eQ9O0d%49YKA~0lQWvW#KRQ&)n(jBn}i|?Lm}ghsGAEA zxOxeTNglP4#Z_662DQ&N%mQ2lLyV_CE9bO+8v{9h_|Ce-nSt{&%Cm@BahDN_gkX#_ z5B(qgO)XuFI**>FijiJPm1K;&rDRZnxrN?ZxVnWVcZdPE<@V>Eg3_n@ zUigrsi=SK^B5S9TrutsJ@UdV@xygk<12o%tfwV%gH;mj z>=B#o$wrD9h z8`&pFqhTymc3xN;tQ+S5Y1n{gG^ubildHp%g-_|v2y!ZX3%TyQ3DO=l5(x&06&d#` zjb;*O<?uAt7E}9+l78!vNaHfyM~8w&uON#%8xx?uWU^4SBV`BUxPtu{2!uIHrYD zHVG~^9joFV7pj-IIF@W;-_HgBD9bFYN}m{98kft;tSYUnObybNnBAqOIA3GX)3;~w zrL_Es*e5s9tBEYtlgE;pp2WtdPmcLHPhQvomTm{k(uz3j7xN+R*?O#%u%dURF0egz z+?H}+KUl{Uz>rJ1vTCOeUJetTzb$koH4Z+K6P{qJR!S=#_KrtIL0mCg9I1N!bxqzF z2MSTe5k+5mAo7slmG!YqEV98$^HX-Lnsbs+Q1(knr635Kq6zc7(Nkcbo9ew;VW>s+ ztzO9n?V|BH0g`DW5nB3L<|$1$0b~WLrdI1{I<|>3H61pc9*(Aq$L1VpI=Lcga-3m3 zO7Ta^EG#n-ZXzbN*N%4ln;YG{_At>Lm9 zO&L6yW+00ohV0di;xq7Mat*3S^M>iYupY^(ID?3q4kom0X6ji`Y95*es>P^rdt=hs zrKp~cEMnfhMprKiQ^g}i#nv=zp^Cod^YhSeG||X0hG-PA6;lh1%w{lo2V{0^rn6)s zs)Ew}u|0J+YhJ(PC-KgU>fi{03eryB?ZZswCTqL(a(-kJ^a#<|Gc-q$g z=^8e8>Vf5m9`%a;E6O_PZ(op>xQ=JYLbNcFYK{_xkrrc(%L>f;h(cXO6Rm`uHA-S@ z+{|e_8d(G3m@2XRfN1!IGKGjZVo$_`OsYn~Xmd$O-po-XG2@#H7k{DBKAPTZ4SGt6 zp-ex-XREZ~@mDO}$|jdB6m?97WS?6Wg)c7dFNW$MQ-o~)yApZLwG*-vl05MVANC#;Iy>5zRVQ|%Bdcc!e`s-sMPwB)EOw}8?RbQj-CCUo?|OuY%a2Aje9luH)1 z;jIS@7S%lm9_O<-f?9|Gc*=nwVKQIXil&{GW!(8Z|3zrBlq`KJYP)V0Qvd%8MuU zFcFl(a+es*Fa%2kAQJsy*>eJp;2;TE?o*KBjg6U>7sk`hDC|y`tgf}~8e0gL7MDxg z8{hMlZSA(3!55c4AFZw%4>=?xeEjXN_}7Q*Q=i;lC!byI&)G*c0PCUM>~cYA;VnqO z2E$}QIsqVX5e!*&ge3ik^#dWr0f0Pkj!^=#&^v%XaF6@p;ov0P%7I1h>F{y?4`uJz z9SXNC3CFf=+s2M<>^M8NZQHhO+qP}n+Hul3_r87mj59{}c%MJ8KGm9Yu39y##9eJ5 zqxZaIdBR78ap?Pqc&0^cnNvY77mI-x`i8E2Nx>Eni*(rOt+4p9pC>pzHWGJ z;eMg%x^&R5uCM9bTv%6Jtd8wkU;hR}kyFlN7MRE_aI}==4XaOVZPE-QQwc7g&aLU{ zsP5iIhjEUHkRE#gZ`b^on)=GE>1LfpFjQN*wjd$pwi#{huCA(D)74$svw@vdZ8fMs zTdC|A1x>1OVMbZL(CcTfQIDwbGprP2oKs4&oQ9JTM!DmY~eU zWF->4oJfr2L|m-aEkwu~$EjahoXsLQsKW^w8`m6%G$uc`k3ybh|2M;(#|T2mEEI_t zQz=UOT;4*i2dkdUSUy~|M9bK}VET4b|KcE?N2YJNmm?!lfg4-A3^!}t9axpsppny? zY6bqHM3lI4n05;5{*j{i{I0~M%|y~3hI};{tK|GPWbD=ZK0IwaSSw<~+I#c_gqGAX zS43j;(ge z9lZ)#vrcBvfljMeBv_L?WiYxB4YmSoNxxPGZ&6yMxfR%G35{HnMDAJzmD;Sd-gsP+ z2ytn#cC!N8e*CE(ExD^6dZ(BDm7%}(S6IlAbmAfKdF<8h1 z)&^_yhjILMKdaVZj<+z{Q5hy)HGan}@<(DGj|9erAmI`VIi>TSiPpu8Qn?S|ehS?O zRFCr>>c?=<&b~@;60TSIBcb9!w+ zFC`d{DD37;?BwH78<{o7Hd{w`<`Q&QrGm@P9eR*pRzB~f@c^$yBBS;VT61}OwK|lx zm05#&qjyrL^5DJ)HhTErsnu(Gb2toggbQfukaOe61!tE9oCKwd$hf?yLHtQx3|h{LCF^H_L*eWH_iRT zZ&QSXR>9fwuu@7AYx&X`mNP~@2p9dHj*{J;abwRqD69+UQffjdoSbyt*2&A251G`m6v1W1%Wh8Wh~^!ijeqC0wbv4< zlkpEQt;%(Lv79;`+R=S-ruP1@;y3?|9s)*lv zK(?&h@{@$lPMIGCbl%t|lMFSt9$k#r2krOGb3CsKdsHSjZLyMKiyn~d|Rw;db1nUuZ!cpL%^4F5tddZsDFn;db7-FMQWSMLQ;6b!tDp!-ZKSO zOHr7%`SvrSFv1)-Yv=?Al;&$<3Eagaa%_<{mget3Xc?pu{~3!{n8Y38Nk0ZJ-@0a` zL13V1y*d&E+!lPM-Ojg#NccYdfGqgB7B4=?oMxpfKTx0{vV32POhE@=sXH zDO0j@61sLjcc*?EhriKGE&7DW^F89|07slg6-ShTh0?^v=_G|}^nMm`>8M66-H5*m z2-k!(_VZPOG-pVZ&REy_9Z-2YRJp%)5Q)7^Z3Tq~6-Ri}wmy=Ejuu^1UOT{Jl`)Qz z44TrEuypoE>T(go(k8^hn`f%Iaj!CWbQxPjnKMx_>?@;{v|jm?{(2(%0`4orl5EHs z4iDgZ$Bs(Y_P8HT*0!T_T=3#^(+Q=zSZZ&${8;)bC7bkvQ=Vk0C@G0vPwt-vUUFM< z6_6qx>VkBD5+ozQ&c=07CkOPUapy+GCr5>>tAh3O5_hIh_rw=DMZ3)6d=4oiyXt4QP-_J_O=LS`Z z%7o+3Q#~xfONjnUvvfH^QB~np%*Q&Dxf!}$0PKP%RN*yNlGO^1(dq%ingRXq+}9lO zdUi&F$&p-n0S8n(!V7q4JRHR4eZo9Mu^=>!mIFOK{%nF69;(M(MncgGkZ5S|yH;Bu zx%DF-van5e@dvqDN4p%i)H?ADO=F+RV%tZuY8&~HHm z+(kawhLpLmErdA&n&Gb103bm{L6Z(sCj=?8rj&eP8L;O$_0@`Jd6v^OQk)TQN2QMT zoKb;EFW?Lj3Y$0#1rqpq4PkNNR5l{zU04hvcbCx6%6Im5hm)3CIM6d@0EIUoqQ)YS z9-mI_>e_b#r(Z5-6wO+~gf?lD)@g9>$R-?rT7HcB{!4MpI?I(5{*#Y;{KErn=j8uAO$z^OTUpOq&*Xn|z)c#E|FS>iBTqZ*lEyP6?)BXz zh#=g607?ezLjV%4Pm}NkfJzu6#!Q`zd?5SPm{Dp~<>+7*fof4jYOV=wN?7(|h-kK? z(Ns0Bf3-i~wf^^eW5=BO^V-YCc$*{vVf{Gi|&|)?81QugNZ>|BA{6VJeEsMzKwZg`L}s(+07s zO13+*#`d0Vo37paj(Ke?3kM;?5i-o_u0iO-@x%chJgYOor3?ot!aWP;IFukNJck-J z8d6Z`h$EU9Wvk@gx^4q6=^1M8JzPa1F9#ZY;@&#! zZb0_ix`+G_-o?Z7PK{x+E7DBRio|m8bMFPrr&P{l98RP?Z4)+5tz`uN3EbULj$nQR znh4&wy>4^?0TH@{w6&#inSE)wWs$|wqU`RKjjg5HSaD^gsk+?4>MtW_x;fSbLwq{T zT~p2dQuA^^Z*w7nC);A%P+9gQnq=}Zcy01+U>=ajk1yTk1Rs%R2rn)5VjWs zfw>ki+`H`DzQmoXk&6VTrNpW4m?A2G2DMHZ_yOGIKq8OSx>)@idk+~ygFYo%p)oNgDw;pMw08mWQnC0QDODY@`nlS+SW6nSgb01AHK$21#uz|Eh=Y0E z{TV%27@AI4pqlNpEior(Rc@B+4gupz!YVM%GOxR^MuLMcrdE2}G>QeK3tou1Cr89& zNuFl9$|HlLuV~)u9qDF()i->b*=?HAD4a`=1|mX&0`pjMDPI@@T=!+Fbt4(Y>Ec9& z(VyrX`1b}@)SdUGrLB&x@cEo+`W}YYH*^j0GMOqyU_Mlj5#rqTT7oU6D&_)#n@FC3 z-`om_KDnKh$cqt>(PX(w0uoQsM3-T)Xe5rK z?bS4DW+l5U4C1;=Il24zK;nyiH2ovNhyG3g6IKk`z7^grgNP)jrxQN>hK7@V2$7mS zV|SD@(51j**<(|n#KPJVe`js?QExEAh8!u@em_9W^1wY*eV8C62<2c*~?(<4zdxcN+wKWt}2fhs&$rw zpEjurK-$Foi{%6z#Xpv#__Bb7zq=9Z$NB}c6U|b2C(teQqZ`iZ-C!f5? z87>Dwpd!oCJm`3NkWRYJ-GdAMtOqJ{es=~fP#|=X{NqyZoKbYQHA{}-1#NpedA{%h z-Iz0$pw3)SE?iLX2(SP};wV&T;<5-dHTiz&>x0RQA@%#X6m6{6SvsP3KSEStzIu)X zWn7Tb`7ik&jd=BQ7)@BEb%UQw!?@e6R)RLT^p^W4IRiMq+F!h$!M^nWZBa-5B6EZ(}({g z4GZiEVZq<>LhV%Cc>$GlkLoJEOknNI=<2n<@VEb%3xJu55sM;x&BNO_)IanFlovu{ z;wfih;U5!Y;Tuu3TXvGx48!05Mh2kB>mfsXc!vHEbH{|^Bzh&8$O==?%FmS&Crr%0 zWsHh>ARx#LVR28>(JL2!bG@&%E}%!4g*6bxFGCA2Yu4hvdnD-YrHz@h$vwl|o5%W$ z(@9BM3Ss#IiLnAR9Q|kX?G^7CAAI9-CjvA(6CoTr%zwPtCU2ZA!u5Bknk7XJ-?Vm z^~~V^e!+~&IXXf4@*Czy>3$;ame@OC_4bo9|1juQImiix@e0>nd?{(fZz>t454)LR z`QrQrYQg`RgavEC{h=6d*ambDbng*^bkTNxvv?=vEWEIOp`I7}^dK$1tPqJzS-?j` z)Nte3Wh~WjZx?hRTW*$hjL>ux{E8Xw7v@oQn!tjxR%P0>fJvnK!2Y6*H}+qTy-$A# zl^jT*Sm43>j@DIpdB*zo`%Xnuq3}QqrdXe+d$GNUTPbNIDykw!TQlH;Q;yW&Z7d+9 zA7C@pW&{dBLL_@K&nqZlM67Dc%Wb7C!ic0eI^?1>t17)EW?OeVpysiwr%l_2mtxY& z@C`I+rv^-&zgV?{h`$A$QSU})lo6YQxAdtKWw;x8%#KhZw9C5}*`yR9g&xJ&& z1#fy#4ewZ0%>7f~)J1XaL)x8MoK74eIXS8jnLRnpfPV-G)qf8+PVYh{C+Wh$5phfU z2=f@5$+bd@r9WU^F|SdB+uMJivVSd$1In67#OOh+Gp(%8&{bMCqq&QVg4er1A{`iN zizZjrdA`X+f|dj8cmtR2^vhHkUg%6E?U7xd;%PE>m^jRn6AYp_ z?0PF&`dk}Zy=F|%kP@5ucI$Qq(nEgz8*_vqMn5fRG8z5&uT$RJs5+Z_!p79Myizem_`bfRkjaF@!#1T^uc=X2y+<($Ee6 z>$qCQ97Ny1n)IV_+bHyO=6!7%zY`@SJ&t`Z8sd4Wc-B@dVUV7W+HUfvkZ?}4in?WA z8#4f8J1^mNHH~D2*h!v{uIVXSZssI;{kp&#J)78u%2AAqv8KUeVC;Z9yapbvKReE9 zcdeEv95m9l^{Lp$6Dl$|#}}6o7t0A*CODM~Q`r@|YbWrq@WFu%Vf^0W@JOp3Xe)%2 z-A}9G63DRReo6^fu*>mo+pV@(`P0*hFN!Go$e9C}Ea^md?c1f|BH?ie-hHcn)F84+ zMQGGA@Zdz+?nKnm(JZ9&csoNaB2~Vq+1%wukJ=XA;8tNQv?s+I@-+z zZ#UZvQnVxtCxRC1K{^tMF+Y1VZVF1aaDH;V%HFp9DUMnjC_yrSVRevg-ylRYN!hEXWS_)4fw(q;0zRq2lI@Bo5y8X z$KjIA8NyS4jO$>ycZ-}PY?8_Ac=(o(4eHLF&GVVX3Ic~u_tZ79q`$(%TKP%$MaF)+54Y2t;tQx^loVk z5APqJgqU!^uZBj?A+==s27Pw1R9bN3j?Yk#2H{H`;3wp-4gqf&hpIlBIrKl(LZ(~L zWDroAd>D)CGO^N8jW$zhjKzB{!&MUjDrL zHv}C~K_^!XgHDj=rr!M7N>F>%PQ8FEeKVu@erH%^W_W5~7;xBqBu;&EOML^q_QibfAYl!*GGntG>UDBZaKT0#A5H4TP$*)1r2!pfdKPbUevhlI76 zwb``xp&h5B1G;vV%4qe5UuZ@tjKS z;iEu#)0*}o(b_!K(k#XtJ;4EeS)fjF+9OobLPcY=j?nrC>im&~ctQ;k=@*#kYlmTO z6>vTu#G&%9D=`MVguHJ4vYpS_eS$`Hpmf5w^rES>M6dMDLW)NO>PM%b?!4K7NR4wD zjTf{j@nUvFMfH8T*J8Lcn`F3_4V9L4#jG_PC8whSK;7bri z*On6!AN9;p=9!l<+NbWA4ZIo0Gr2U%Z!;;-KeGnE5k26#tf)Co$Uw6* zP+Z$dZQBuI$OCO3cV7~Acg5P`GUEMRagqF&-5gdksAmiCj^(w&A#FO98%erppUde& zq*$XynWxw)Pp2G?VCRaYqXHVc?=e_ec!i^IRYuCjE*v>y6dKrfKzFRqD7r5>n&9H# zrC3s&{jcrJ(1N!KHS81EZa`K*BsQ~2vPZXpRtAw-7Fg%9mmb52I0aN zpfrH}-Ept=D%2R2cX=grC^mF}kuSTckq4gV`-{yAMMzs3_=ZQv$^U+Lz18hEkN`Ef z*$4p2DMDGHraWLicxk_8W?1#8rv7}AIM?qxVu})uUawB{Z88n^-f;GNf$oIz7qCWa zasR*2t<2#avS^tLeQ;E}IO+XuEU<9xi7Mp>Jmz}jR{Ngo(^yxBkdCBsg%)kG*84>5 z0TE{mDYL*lVR#3MZ-jDr_z%kNY1)rmatB)3(?8o!a>tlF$lsYW4Xv3b4yZGGLp&)f zw>+*ZubX{Fomtcb7OXA}As%jkx?|9G!K9rj=yxi)UjVuwXB7lKtUfR-E&j&F;xV{Zd6I{7?sIyZ%qKfi{SOUX)(gXJrUxdi;uukm536H+F6vcCh)Q9u!V{4rG<+}?nZlQxFW!ZHIRw_oloN*@P@bTz zJW@j?W^83-k)5Tpa-@Tug|jolX`qp7qR32gKWRtQkI+Hhlx915#tmUUxHd`)8Hu2W z8XRa25UJ^dMjGltT5JAVZdh-Wb#iOpA#NWK^N_@9;vkB4I)1-YQoYg!y~IdX06iZV zJZkqrQ2Vw#tcgvQ2teUu55z@^k_i5)jE*9C`O!yHAt%~{aE-lmi#O89kBa~h>9`n6 zEF#5Kwku=SBM(IalxagWFYHv8qWF>bH}*#=rXM@yu1%2i(^>`G`t zR_ujo*O+>1`go#Gl|qnbu9K=^PWAFO-LXds@T>=^S~O`?peOi(OP(twpX)8EG7OF^ z?>pB~DY>eomPo4E8#+X$EuGUIinxDiT%5AlCtj0litt90s0vl;K%&N1s#BQZ;D)S( zG;U`i@DcpuSu8NiOdOb(eAot&^O8dZi#ohO;vvkKs3#{^?HH$LX#B3D<`a~#4yW)P%{oPde+M-@`Q9uv1;I5z z68nI)=Bd^;REM@Kt0ySyJ=^`A^L;~(|E5F-=da%m=vN~jGM!56rnof7!j|2Hv<=v( zcR8`V_oZM-H#tRH(?d~@^s1sD?cyDPYhx`$8z_a~3r~jYK`#*@_{9)de6r_K$ogEzYtQ{Txzg*`O zO{EP{l#v-SlF~#L^z}v-_Bbiv#i#)6_(nh+!YT{adPCKE*v2wyZaNB~OU#Yg7Vi>1 zr(*a|fKT}>ys`MEc8mbMRKyQev2Ta1q?hNOo^L>3likT)5&4q65i?hzKYj`kWsQ;- z@ia;cm72rY|8GKB4{EYVp(AC~_%(;X-RtQX@ghYa4SLMTou=^wxk} zzmXZqDB201HKR7vL53oJ8lumt120H&NvT224n`&JGY#G24&&S5Py@SLA-0}H3|T|n zV*9<09%QKPGciMzAA@y@?IwRyxD@ClOE(xZi1>N|rL1KB+p_t#S zC0q0G{45&U6V^D5o4{oYjqv5pD|TzTnddj$yg>9#vM%)R9yJLQY**F=3)5U(m*6Hf z7SFhWIu#y=EShTtOG_o{nMJ!O7khDR2F`FDQ>uM-N7WDPIjuioZJl6Yy$@rLkXq1k z3I%uFOP9#2Om@45Qqq^pk*S;6`hJ+C3M!B7d(HIdY1j%%Qst!82(>eE4ZmnHWt5Hc z>qjHgDY4pvJJxQ!)I>3DGPjh}!g|--Os}(bNzFyZOEm$z6p>a2aR6Bn>)d9 zjkrx#u-3})^Q+QVg;MWoMNDS(O=dXO;{6NN6T`Oa`05j0bfn+{)sj-R5?A-nC9NSX zoE7sD8N;dS6ePzyJ9|YFiK*V!>2=mEs8ridvFS5g?+1~H!L5jyOiR$<7N8o*W97+Z zsX1jN%`fz0C}A3KJuwTpj;0~4o%K)TL~$l#$|E^vzc4y~iA5Jm6nHN`Fv?vE>c1eX zewFJc5HvsW__dV4>^8nR9@fPoc5TI~<|iH)@smy;MnB}s(0H&)?t~1aeyVN8u3>6L zp?JmdjbJjy`FMgK9_$T*EyI!&bHV)C^_Y6b^-MDw+|`sxkz56jIFGl6{lNqQh=SdcoLRbkyVfah5jf+I2}g?dQL;<_9QGv1{Wg)K-{?iVb_aA*)sxkunjh#|8{)>i@SM?k`95-i?aSEi zq&!=#*Ag5Z#f$w8v*dtU{^H+v{=^%6FT5iWTwEdOmPKPczZt%k$!7KYUH=-gpuSBl z`M?8}F|&Og>#pL?CAV`1#=75(9^)M+!4ub zUbxZd^zrRFKpZqDf?;=IwUmLtCZaQ85Cd~q%EGH0`CvjSDdfY+D>chB7b+ufA7*4g zp<1?>{9AgG;U$5_p7xVNI1P{You-xsdI?J=GciszTBkR=j8ZSaoK@FZzGVG{=}!We zd{5975FSeH65US_{1$#`lW>NGyag(+TEz8X^)mUtT96D_WFI>q0D#C(4&ML$TlpWX z8U3^%eIq^Ve-tt;_>TbaU&jkLIhwi)*%%s0SR32?cb_YYpRr!}g)rRHv{lF!+(_ux z7&On1L_&9-FDR!RS1uVUiHH+U^wer6Q?Ft!)r?%ohbpctj^he|2gTUYj1^}or)6wx zVsiXGwchjn@d3IE>&&ZsJ2-@tP1R5~*+A7?zG|$7n&6pOc&~BD6ebrR5t_H%fuhtm zLWFnUz>{=$ODjZL*s%Z|d@MNP5f@duD?ZG0!_;X?|CipF%L}Yzw&KYU$17C}HvcgJ zBa&4BDcnxCP%&$wFd@cpc=n3)EY@c%9vCm&F?LYP_(Kv-X=B5Ryse_>$YwO_{2_*^9)hqBUEDCfVHno(5Ua{y4W3 znHfe`!rPDSmZ9$0dus?Tz6#B|ZPH!sr0pX={9rAU=HRjXz?n++V(|X-b=f8c_aT|1NB`z6tEr9mfISdM6G;O~Vz_S*{~C`GQH+ zxnR^vATC9FX)(#!{MP7@A{g?T>tz3%+U{+*n$yE#yi;`0qhD{urpZ&<<;}`X#~FEU zTpdEZ9q#=F`R8b5ibRa`w+;4PCAiJta_dfvk{V6m52f+V1L-GG}gbB(k$=ll)|E#n9H@vbG zrEGrS^~GkF#lj|GCgnx~+Fw9Y-3uBA4Dtkkq*z!Ql}Pn0)1F#|)KS0nC}#%{1`!6# z?~5OlsvS~jzX_ePmNqx(3IG0_lhXsxIjjRohF56-3$IdIaa-y;0?MOTJ3X+QfD=K? zhX|9g#mskfo%)`=5hHZwVHK=T<9R)jr3AK|cb_RXXM~_=)}7ED36F^twKOzsUcvc? zfe)l4Q29(!7e`w3 z+Kr|xRG1@)cu!Wd3fP6B^``sg$s>#bN&c_!W(So+$J`{6Mzo?s3zH!wEE+D)Pq4NP z%NQDU`#LjLmQO%ekhZy@deU2;2nP~=(Y(4kl6M|~)vBv`fp314Q=+9B1ykp%4LSx} zvSf6Ki9U+OKJen14Z|7#7;(ui#RR4Br$#%SFJcBZ%7k)Mnaym+)dzsXUz1VJCd~Wk z2h2zt_Xsz7yf0k_7QT0KX{Cvet50C341VnV+}Y zPBtB!ukpQi09|9MptKf^6@<4ev5h(@4HEjG!6k>)<$^VgVIsDe8Bsh5_CueUs`gKT z0}5m@)k5+d3-yz5nJeECyt0gQ@>XSKNrjp!^k0wmd1Bv$L4eId6Xapu1gR5Z!iO$H zBr*A%ka6!OSlmX0@&ZVXsg6#l=82RN3l-s2C|+-GZ+*cP2RlDgj%7c138R+8jjv2p zlRuAHn3o(o?To@P4~9s`;W+7EWbUtv-Bcf|<|OIcX7fHOBV&^61Z-gQLZGnlBq=;n z`)CG6z8l9FzDXV}Y{>>D%P$NfvKNb7oK5F=u;;|Nv}08}bGHgEv6rA7RW*BhH9A^s zHJ&t4tZDv4{}mwuS~jae?2JxX&4o8TWYBo2j#gHv&bI|19)8da$ zv8>aB?CR7L9<2>LLVQ_m&$X_&k9{vgV<>!Wno{#Ij3+QKmkqL`=)sQPCw?7KsJ_9)!RfNMdN6dhK*AN<^qyL07 zf!FdAmxmc6TW6FqQu7G5&f25Gn=0(>g81uwUbAP0rmezU# z4dhY9a6TVHw3&w&vB{9zor~_xu3r~}-dB)!W5>0*YU zKF~o`f(X&rM!0hOh zUD4C7>eE<}?tQY&UBly9R8em~!})&M@XY7o<8i~>{nS@s0I+<(i^=X*3n@xD9(PX^ z6^Smyk-u9CK4RP8KSRkuC*DHwv$$>rW&PVW#Ge~=vuM{ElpJM~czWw%$g5R%7#PZ5 zhbJ_|&{HQCFZm7>9_=6k3J>vue#~_-z=#2bhwKF}?1w)Iu=L@p~$2Os9)- zQGr}f&-Ay8l-O@q-BRw&Iq%%Mg0k0NQWWzM3@of5GeDyPC(&_07 z9Zjym>sy-oVQTF<{sr~sEg&TbGE%v<<#uAR+znX zmRTMRsd2KU4oRJmY|8aWJlgG@5ZU=3QC#4P@TQIuB0_t6A>}5 zN&z%ph@~Sd9IXD)xS@TtFgh|^nZ!uq6p1#1o0{gx-)5q)pp~FGaL>*-!K3odVr4TLlvwKjKbgfb!^w%Tcm6$(iJ|{ z8tzuO4j+1BMxRyaNcZFDhM_!hTE-9|xV&p_#g7Vcc5b^p<*0)eX;&l_ z(5kL9PMQ>+iPU8ks)L(r?DK4ii6v`HxqW6<1~ojig%N=}{aJZAf9>=%z02coBZ~_w zbW7unIkY9@VmZc81x*Ik^g#%ce@-`UU3;l3tO3p0!e1!V1A;*MX_xhDZ(=v$L~hiY z1F=q>(x#3!>RDWKQ>(8~i@@}B^=6G6c8q zk1E9<99=fstK7-Zt+$L1235P9GQwN#q|iiAZ+2zu4s^?2SanqIus>9XZU!%(_aDF& zM7M|VF(=hi*#ZzRbKPzoA93_QCxe??3(*)gZa5($jJ*@YTT5GKnemiz1l9A$P-QP* ztmbR89j)9oEavBFdZnl;?nQKB-5V3Lw~SlvW?ILVMI~fJEydZ_n*h;X>MJYvUCR1T zl+wNYtMu%Q0EG;CjD;UFn7DS5kD+U{MjM(OvBtKgS*#$lO?uX#aB7?F%gf8*eTK{4 z6nN7mF1VT7?IPEqY;<0{A8{f{-K)USEe0Ij`!AX1T$zd@{%&tzkHO6MDofr>^~{7r z2R|XzKHV^Bmb}uG5SaL1EojXG7d`%B`%0Pd{E_olX9nA)7c}+?7?5j^`4^peyRdLF zAV@{%GH})&W-5aaQ6;@MDR-E;*)3YRkwmOeScuMtZdop)T%3rRQTYtqkKaBzt4h15 z@&wSrr>TUZE4XHX(c)gsj4bPLQCCz$A1Hp2Z4ByWk=}-u0GUJ}2;-`KNS_N*eB6@? zjI$|LA5z#kR&j;IGm}l2ygu22sP=`K2XZLUlCh)`NzH|lY4(yH!|meu9f(B#h+3=^ zSME0=uM$P3{}mQUI-n}{d9J`g>dcD%u=ELaSfZdKt|-nGrl@PS!C*aR?b^E6#I9`p zh?bqotTHOXcB6G~O}Cl)o4`wbZ`jjgU<9`1X1{r9sepo7V3rb8+xvt9t@gS7^BOw! z!sQ(;IzJ!8BlBq>Ho#h}YsU?6Vj_W+76Ch2l+eK~R^9A`Uyyx!sw|ep;q(veMSF5xJ4egP; z;C(2otkgx3%%Mwa9%et1H#-wXhAk$e;#jPXKxANOJg)Fql<)|^U7Y^x^jMq& z7mtuzI*tkAG4j4S+m*$tt%liztj0ng*n$LiyXhF5`BnUKL54<0VFg0mdF@2t+*WG9 zQlkO5QxbyU+S(s$XCLdoTGoHDjthb`wiXoxr&es8!CVwvumfC@WE`MO*8or(oYzU_ z_D8HJNgMMMnz>AgV+Z}8-JHf$>iSg_82h|RB10psF*_i(p6djMtuZ~Y47Dx@ykgiV z<)FXGY5^p(SM&p35 zc>%_;qSw~0gAM=9b%@$A+s~(ys(|JCoObSU;5j9FFABOe5_rbK_9#M|y20WfK+y>V zNJhrhc?kuuKncSs?rCq`9uyC23Q87vWHqf#A$zaQ>3DDLzz4VM!khzmmE=UPLm(}n z#|E6Pgn+Qog*Eb*bg*8_a!L_%bqqOE!QT|w;6zKgH4SSLQxA&Xl$(NUXyuXPR^d|S zjWP0=A)IYqcPTrYbq@1xuwNk!3&a^RLXzFTKYvi`Ub(sVGDe}6JjK~LIzGfvjn0ox z%^0<85m&_1F*0htba^-8ZfIDXDy&Ci&=i4-n55%U#-lmPQ{---E!V{~ znXN{3%GHm;ZL1Jzy6cecextDi4xw7TLAH=!V21FacaN&=VI`&V^X=ASbsyd(0eC zzf2zlxkT}x<>W*k;0_ADP=38gJbB^Q6S%J2T z8mdkl+aWSp9g9(WG-+2NexI&T>GUUR&2m}Yp(S-i<3T}7B2~I`ddyuxU0TgYe{*bM zS9TAw2*Raa-4JY*FBk$l>DhA@5C32)+X$O;>M6jrUrW<=eY6<>NMwlC(_wS`$ttk- z3g!z}`jz`^x&z~~gYp1G4)0_P*%Ipc@K0m-_Zy@TdzT9vG;!pSIE(f)1EobAA&uVzvYxo&ZBl=IA?qLB#q^y@FWbpz){v2rhL#)N*qOdy zUE{~TQ8b?=+`rAT`G=HZ?iVT1a!jD|J6O=S7TQju5A(U>Bd$jiPoq869NE8W3My(3 zjqsNzrko*MX9_Z5%?_k&Gt(Y zV*b~2;r|eH|1;4S{l0L({*C%wMQiq?))HorQHqhz<~16I8-$Rd>YO>=tVNx46q49# zW;&^{zMe52-`-J=tW(tJmn=w$prN5N03-dfic*ZpDzu4d%mfVl0slFEn?%o`^w2?V zW<+@}9dUKnb&~DzlaFxMaZ>&Lb_d=9m^nyqH2Ho-CDaVLgw4Rf!>Rh z4YkXYoov?^@iTp6($j^ztwq$l?1fF4Dd1?A28QMFi}y^1Tc)0V%%OwpWFH5yBtno-a$x1p@*GBw7V zo3=F;X{@)a=9>BlId(gxP<>T8lm>1$ch6oV#j880a}ew8Y+XOGn%qg2Wsj|)t<}lJ z^`pwrUXJdaa=@SGzptGbFU4Es?8em*8Ym4L2`UVu4x{vBE=l%d)jg>g(^b`=DOXs| zW^9sAJnLj#(xuo-+e>a_{+4lQFg;Yeux(|vy7D4a`;3Z|!q^I6rZHbi+7woTHS(14 zUp}AR?%!s`x=~}(?TGkttg|$1GUKkjF21mnE|tP~J)|o{kLQutl$}t%h3JRE>mNXZ zW62N440bPqTCa2D!OWQqJT^FcoZsAE{A22EXU!ECNnfJhaMveKmK|QiG!a%d`?$Yp zX=>)4c1^ot2*CuZJHigZ47xK24U+C}vnK)>^SMKrkbC*~tFPq_Y3}?bZ`Vl6=2tu=(7jJ%E44c&<|BMMPVHtk+;k0sVlgD`JqgMY!gP77|nifd+umz zM%ImCBMF{Xx2Q}^Uh?y#1Joh6MEO9V4`1Dpza{=q>yxvU>5~I}BHLEHW$vun#ogPO zxr6q1frm|qDn?w}948el$FpP}U(HYVquJ};+Q9R3ad|%!u}d9HS`a+%Z$1kwn!C#v z7%{JM4w*Y>+A#FUXol&k)wrSVaMBg&s5F{LZkAt$VXN-G{q;V4O=X%w`%dVQ4zP!< z$V$Jrw>7glwr^m{Z%8!mj1?y8us$Z&h&3^|qW`ecKxZa(yx~ z9q@r=z>IPgo`{W`?-9q`yM)du|PUeZxUzhIZ z?E!Av6*BE|6%g1xavUy1#1Sn^xORtUxbC;;0sZrnzL(9repUAC`j=#Qdob0lWN3R) zDfwx2FZrI8FqloB58vrEoN}(Cukdfs=heY3wiB|yDz!bpQY$Ur-i`j&VVW+t(z6cW z0(wWjffwQ;N4ew_Ju%xCskW^#@zf7AZq(%yZFgJ_snRZqmsO=XSRolK?gfD6AeOMYNtll|u-y}h7NZ5DGaEv! zz7+zBcavliLi~w|dDP;eIV~EG|Md)R-_bWx;B_e8Yic%BL1A2}H_ev!9;P>PoLMpx& z!JTIrnyJrX(SWc@%j7Gb=Pwt4%o(uWDsw8>i;lHLUt4hzPGBV1Ne;J0E->MxARa)# z9U=-LQ-xGQ%$R_+f`@qMiDd0mM zyy^d?mGl?l?Ew{sNLwIOe(fuE@DnK+%*xcq{Bq2y_M|Ad1=8bw88+Dgm+XIW_Etf4 zgn^nM5D4z>?(Po3-QC^Y9ReJjgS)!~4|Z^e;O_2j!8OaBJG(V|w`QyEy!2!DOLz76 zf64`e48<#SxcGuc{>B*?vF-MOm%na@R3bSu78ktFhD zD>rkyQugXl;I`QQ=O>eOZyeo{-?{(vZ?ot6`srU!`Ii4ZE0`Q*M=Ub`?!ci$Msz&J zKAe9Oj@BL>loo#j_A(7fv(F=>NvZDv&QZDEs1FF|sCvT+#ZCVV3Q_t4k{GUmb96H$ zbHvuYq8X;XrNzzHtZ%`|@5^PoLZcF*-*;1-=s$!LV!kqRHvRrOIKMdrf_{Q)cr)L) z9`qL|*!d#aFiIlK37m`cBMC9izNj}!C?l-+2n+(OC#jqY@gP>BA=KSoEyznDC?m|2 zk!aSRBSVLFA?N3!hv<8!GPn1LF1&P1BRS7h-G?Rl>EqtAq9z<$w0)Zx+V=l2{#{8}=~WDVk~F=6ho^a@wGQO~AI((En6W_i;6^Mt1yP38b* z*v%6lz+LJ3w?%4RJ=RmxLRpdlVl(3cTVZ!8FGy&|ZXNA@vGrxGm1F5UK4l7r!@Mu2 zl6rBQ@mzt%-?+;7Y^r4ZChM=2G>t@U3LS-fxp6M(`o)oflDt`rsME>HtD5%NS_j~n zsE$C11h=)McxQQ3i@6pBX(32W>9sM~TW(xYIE6P6;LNgEgD)azeljY_IIBS%U)FBc z+@(ulyPB(N8CJ8#z}Y?;-{(y-l&(`6x?$sE}$i|K{S zrj3Rk?6jBZ@45(vZx!SE@?vmSEARP}WEI5>-!EH7p@ zWGezjrcnQ-+3jvn?ncI1QP>loZFMBZsgSGx!YSg+>_WgE_S$gFrK5+uyS%r8Rlc zd-~eo#SMbR1m~!-2IMOg@4Y<-#}fZ~MvarJhxSZPy)50+dDj*d**Aqf{vM#v{p$H7 zJ+RbORztb-$j#woQ)#fh1)>~RTVKO-=YIM2>G?#4ISqRlhUl@dHutW0#YaChCAA7iqFPg z{i*G9Hz(jlT>PA$>Km3c%2pcO>J-|kb!E@rm%@384aDKo zJ($T&B;FGBceH7@YaACf)rRlK4Hgkse?2OtIjZr|(sZXr#7L(=&U`Qd=|raA*u%}! zuZUV4SbrMr0-}xfLDAbgpjd46cP!>#&xBcba~oS0gI>|JHG5Cbp#Vy99kXJ)au%w> z!j{U-FqmE5&l%ff-M|^~vZ&6-`CEa>&f+ z^xJ4amKV>ScLtuR&QSi16%uApXmrnxPjE($tCH$1_q)N6uy~f;QY+U&OMG5Jfs?jC zmED}du9LPw@t($eGP~YT&rLMU!8V;CI%WXjKb2dfFLD*JvvQ9@ibM%3i2<`hwa|RO zn@xKst!5qOOdtu01y)T;_{n@ML3oz3lRD^pC(891oI#AE?Oi5UCJuk;g{?Q-&Uip3 zLq(ShWCb&)$yjKW))v+#X>hP5qJSt_qQ#xn?07|q&er}Hc@z$xuTo<0#YWc#Nh~0J z7=0lwWh%7RXDx@~zO<$Z@79?vr3r(XhOoBP2C&ue`1gL6jXENg{7-uBYg46eZcUxs z>9AvaT6Wn6d2J&(8oZTa5W3Xw{bR$Thx?O;dO-9nA+C@sz_U>^3a~WFKr`z7ot0hb zgKMa z<}M71p{N5F`?#xA8Mk=geM=^q0NLmfemuLziuV6Q=UMs;0@F z9i8WCp;W&(?BvCfUcu5P{op}aU5-LC^`pnhY~pCS3Hb-<^~Uk@0Y(JpR=FwT7Cfwi zKT|KqpU%GwQnK*0a^C6Qt;{^JA>XLvs%Z6l?V#*$j0yAAV_+T1#>gON^E6pD^}+3- zRi06?F*P(u{2fmP;nn+g8R?HK6aijB67thTwwk>WTeQcO1EQ5P)Y;~ z>1XLUyB6|v6}Xb-(6d^ClAcO@rb({HHo_Ws*Q^eiV&#}qocmPR@|Il;*HPs+)Y(QY z_+v-E!H>VOmVy~(A2fH^e>mTM+uC&{7{X^t;L|So@U)i4V&5U zFO)G16OE=lkXJMK`_s8U?N~hX>v}yH`&L-b^t1;q-^-fQ3!gy>OfHk2XCWQ|%`?hw zcU5oT(ULTqb~j1?Lc8W6^N>cJAUP4Ad@@0*qu04~t8l@b62-(a=A=^r`YxdG9-GqJ zqDm2}mgt9lAA5GD-d!76^n)FThFOG$T_lG*VYLkiKjBww5>)EU?S;B`BsUy<5fF7q zGPf`Dn!Gn}TnLUi9ksOKXG&>zNpxpy$pCdFMEWIsCGBwWn}GvVwl2ye_H$f!r!pH7 zwK0*wmo`}n#vDNRTX$BE+jo)N>tZjcgAI6KA_kdwIFfweH+XXZTTQxcA2>hNPc+!fW3t7jy78>O))3NUm7S5kfK? zIG7t9 zS95}1IAlzL$#1kMkin9DT`uk3%my6EOh-7)4dFi5Kdsmz>`(TITZFX^TwT+vz9+A~ zYx^|&7xg#BL5dt1hZT@V%`vJcURdOwucw~Q)?1XzT-Kiw?S8lvJ$vvw+kX*vj}7gz zx+S3Zyksy(AS!ChR2D;Ts3nr=_{WRb#&;(3Pk!x1o$7JQ(>KhCoxqKd^_M`{T8?ev zp?&X=Yjo$I+m}lpkf+Rd8J~39`TNVWuxLeReiI`Bvwh;(ji%DG-AwHX4DZQ zOh}Qr1d!L|U4l(X1*w7yNd;+wNy!+&d8LEO>R5hsf%q)~Cs#YScLNUeUPG&xg{QznS3BRK38CGy_!uL=QRwW*iz8hwY0y>a0G z{nnMg$FkJ<3$|f*waow03E#m;A{U>D2t~la%u5Y#3^7X&#-Q9NThOX1pdrJcOZm1z zg%{u<{0m;i#8H^@gC~9Zqk>XEQD`!Pk5xsUr^lgllzc~_5ReqXy-L7@H?SoMs>oSR zFTK`c&B{KxBlPb<@SF64myD4Z-?KG*axHKBKJLO;=s}1q^u|+JM-Ay%@E#~@piub% zH~{LbF!aiYeD$q&!+2R4hlZ}+x+S2jo8*}yWr5)VfX!*r@nx1g+k*fE2&MqSab_Z2 zW4kqKXsP+gMFk{6B~1_EUaB?*KmEH5F*F<_wg=P&VTQ-YN&+oJtjk2e;CTVph! zpDD;$wnF#9|6wkGE00)GL;wSe{r_bP|NG~b|KW=He~7|KEk9@VL(G4h7yDbA3`Ov; z4B`f*))0NEG?DNC$0S6Z$(Rc?NX*XF4T_lT&3a^#ZX@HGc-`%S)K|KuX3Z2?@>FF9 zn`YZfFhb}FH>GqFHAG|L>d00$Qeb)pkKJozxir+%uY)}VB^ClzV zGdgwz^8)Qa3sazQM~3=nuhLZjXa#tzi^_$@yuix&x*1NH&LHrj&Q-mSx} zx1qpeG!T1mUjphar*pSH_F7umG|F94L7Wp-PB*zSa68TY_Y}5Cg8p{;AwTyYva zY%ai`Aq~w{)c`VavTSylzAppCr^{KZ6gt~X^0h1FK}yNWS?y=mrzNrk$hXjsltM-M zTE;qrX*GXum24(8Kn>+jnG0V?S;C*Hz;#fTQ&w5ba6f)FAaaqs%ag9im=V!s=+bhw zV^Fw6%gq-Jn5|l0AQh|~{2iNaevy7_K$c-#me`pb`y}7o%8dfFJ-y|ljz>{D->qb- ziATkw;XSha{_WN~ST&2+3(ep=cXrfJKusrv6E|n2C42aiauM@rV|f~!1{S%sH%&y5 z#=dzvA+*0Q2j}iN&F}7}z{*%uTxN8nUF{&zNprO(HfQ@*UYC7&QO}C>XY1t_Nc7o- z8)eD!$)TopUw>n&$z|Fhk<_msngKZ<;)w4E7XY3ONjehfbusvj^>k96n{VHi0d=;; z(zQ<|O=92jD;bcys;+Jq2m4cg6f^P;APE~2zsVlB)kc@$S%|8@#2_Uo%#7U~p=D0s zZh{d(v9cCUJLWVMcD=6wYr*INY00yKXCLb=2j^JR+LYp(-NCokSy=XnNEp1BnAVOM zR^C}t*rGhxF%z~7;FMGQwpc~26yU}(C!MIQl_A+_Kxo&$75BK*%y8{s!puCZRLF>> zKsi4ul$L`u?_5%xJV))AcX}pY#{NO8z+D>oUjE%oZ-gx4?!tUU*XwV8OBv+~CdRI< z(dLoCQH|R!^fT#~Bph*Dyx*^5f^T-}vOD6P`y;=85_I!Di$WgXZZ$Dj-8F_LoasyB zm$gP}k_<7}k}fFZ(-y?(_SE~3c?TmT;jvF|Ir+R=alI13?9%fW; z0=kjwJnu(M%);07;({VehNdTA=)U}mxqn5EL)k`~$ks-M;D*F#wA){ILsaz}zGs-9 zjH<_Fx0UCh|N5pIz6W~&dhZtc_E}lrlLl`6>ofwZMO1!1a*T`rhGWa`%k{hBSXo8? zI0h0JrQTmXdQ8*OvG+KTS>o7*qGePET8FGJC;%Z%K@rF0Je1!Mlxwk!XrB3ASUXQ3SB!Zbn6)Mhxb_e&wO~aq#lsj7M&p`aB;DXhPDrlOk7~dVVks@vuCg zHk#TKWoP=V->*2(SBatf@uZf+LA$uUGZCG<=m632XWA59fvO{Vbe(pgSy4!_B7OS0 zRd!6sw_c8vL1y2uc!pNQY_T+V?h;T)48n2sxiP8*oo_~IqjE@iv2Pe}9kN@AE&MzZ zEroLZzcttI2~<-YvH@m_vYkl)a`I3buSmuL;AzJ%Y4>-Yxq2hVrPifPvbq38XedqH zv*Y+)Iul5)@57&H2e}mt=CtOQKL;+Y*MVP>mZD=yHa^q;FcPT#I>1o#q_arJaLmyy z_?YMi&QBn6b6;H9INaGuv2-B>RvonZRFhZiFdKD@1mY0IZwi`0vX9q?r;HR-KXj13 zU8ecQKd{u^uK;k6C)4WjF9odbZpzB9CB^bO#I1{M-zto-B95?#f8Emyl$=E5P%V?k z!_jNXeVk5<4hwaTw6MYl4GG^emzfd^B@i5~Pb%k=PNx1+q2w(&H3bT)c3~8BN+`{7 z@`O%P%8w86;0LOk(av|pO6yFOEbr5i*(9vUBsb>Lw8wx}ht!1zHU$B_LR3$fWltJS z`wH&$4W4uPi}y6KPpBr)=Vjcax>spuF1U7kzEaMf85PMnO40K4FA#wf=y9iwyh9Wr+Jk#$$aFOF*Tt>WCri z8KIdzq8YTq*`pXC5M~Yit17@Vifl@7%H;pJ+q62Fu}fZy>SL#@t`v;D2^q*xu?s0) zbu!p#I9t)q+FyLBA+qZj;X7+pdH=G4od&)^pa&s^9yb854xt6%4JSxV$99J$j{Kku zU|9PN^o<5L>SoU68V&U>{AzK>OI7)%>r2As^YpOxl>dSSPrK$QrmgR4q@7jI$? zc1@AIGif8kW-5<7krn*qxDwNHN5+LZ%Vrke4)<-9U4^78fA`0u%CCG^)~iPs?&0I% z=^rG;C#3=3e_!y9b>PfIf8(*c49wZ&+7^^Tw(b}N;Zn|0MV)blOv|i*8(o4=7@Rk> zP2={p*>iJwdBj!BMtx*(hrCp$cf@xO?dj1&(43VTYF1hVt1w%{Z<1#}u#FgqGSM^G z6;#9)8DbIsy65-)W3nU{dafdw*)=Zik=xcQze`z^i5Q#1_^ zZ6P7G%%l;i5FU1nPM~&K7GE)W%$-F?obAq|p&v4tOkr2y6(%yUaTPxY+!b=hb08oE z=?^c(5CY5S3e65c!fqs8d}J_b$YYjE5k{NxQTMNJSz)I*AjpT255VY?NQPllGtK5Q z7m5%YXL(Bess%+*>5-o<#VT@wPJiSb)A;QdMEir?Qdk>R_A|&;c0Mbq&BD@*_O8Gzt&EGzBu1{lCJ+Idv^fQVvTzOBCl0TT+(i&<+-x~?9l9S-`cV~0M3{5)cxdqJHy777l;`T)r3>=tb!343qkdc zAKpK3y12MBr>Vrn?EMwkXA-D#M~inI&=H~SHa|ya>#H#kW8h}$L12hOI>Pt=#$QRC zT6Cs8neUuBiFYPFUDVeH9&*3-!0~mACK}*D@v2YkZph9bBzI3J#s63u?_eT|2<^}L zEB96MI^)se(FEf$&HW68*5CfF3S~?`_W8FUrXR<0)QPOkqg z=d#lO*(3fJx5IyQs{YR>|IdWC)|(do2%{lPGh5aP#ZdAaa?&L_HH`AgSFA@l2G zEdcUQoZb^bMs6GXQ-{~p$I;XY^1shXd@w~bL4c(^z?mRf!=7m@18%Rl?QVdz7FIJm{e$b5#0aq&|1G(_K4Q?jM?;^XgKVdU~C|d#ODm*TN zS%yE_2qv)Oqy&S}CtcK$Ptn(J;&*|hpFgdIXtI!D50S^cg#ht8#cYNN%86W7loc-X zSwLG}M&5F%WJ@YD%S#$7OW=h)hvSr|Y{doJ@9=pAp!6L8GAKWDj`AV~Unjtwl)Xl8 zf6YBBX$_RQFo&LH5$R%h;&p_e*U!5=k>rpUOT}roHX(_~pT%m)ILXRW?_oD9eKtE3 z7Z>r@bUykqPbsH$0++nz$u5p7345M=RZsMJrq@+<8WsT$_IOC5>n_WIIa5=%f9o_S z7ke0SJ<-|dJ-Ver0-J!G5EHFGJjs%)iW({l@ZD)Ekcsee9nDQ;K$J-WzjBMv8?DQR z?u;TY(y2|d2EF4kpM!C;am%XafS}RcWB*aQ_5f~{V0G7hIS6&h#$Y@R(A1b6{zyT< z$SYiQsP8`~HauePpL5{8nvv+d(a=;aXr`Mf$^gyC&Yq?S%r1VN`@uz<o_g4nqcBvuk!zyFbT$?U3Sxq7kc7%);>Q60(^hsxgG|QcY=bvW);1_^3 zdoc$p=8u-w)%jLPH#^N!R==?pTdr_^A)w8e@M6-$Z1VsT}QQEq# z7@0`UXOMtVt}MPXIjSLa#GCug0ktW`4boMXWR3kGF0w2UDT zPWol17#AqAP$~pm8Fa{>>WnyRb`E6J5zR98yv=<-mIE99&M@AzP|Ca8S(+UGTC{?- zTCwVQp`jQv+hloe+mKTs@S~K!wW}sZz+X)C&S3dFY;q}6y(RT=*f%-1cJ^{TI(*J_ zVS$!kI_-9TUFiedkpnzfp511MnhN=2KGk z*Vf8CW{78Ww%2s^RiuIUh<^WPq?UY|!QBw9X4tE%D{|q&WSKz!m0j)Km09lG#2m|0 ztV~5&u1TvQOqG@OA<@psq~YE}$-ED4-Rpkh@4)mn7l_d&o0uBAN_A7x^hWpfB{eed zTejvwpj(Ys&rKk`zIYSPsz+Dq)6ZAN#Ldq(7Ee8X`cDKhZdL1kjm0ZsWQ%5~hZ zKWB+=UCgjl!aK-pJun^C0j_wrtt5k}<$+N^ zcSci1)_zY%XZwv?`BZEi?*RXc-e&-I$NgI31nkwcCRlfbl`Y{{q}50FW%Mv!7!BlU zxMP`9n|;;?aa?RiLV@0$PyfDZTj+u23=9uP`-6dL=;tf^zbzcpqhG?>S~xF?uZHUX zVLi4Uf)m9<^?y3|N}Mpk@Y5j7SR0d5sqO#a0)}fR;E7C^Q6r4wSMjj8qI0S>H`kn3 ztlzvMo?CB#hMfif>`1&g43gd-_8jB1z`yUlFpLD?xQsCG($zUYG4Dv|PX`6byWD!X*u6wDjNx;X?NpdH4L~bC$TQ$TQl0Bj}=1X^p zpOt^|k|FLWAfVa61bvH#+;hyzw}e36#UY}iiuooOfK6oLn=dtXse!^8gJTsiXf#&m zhrW1HqCwmsdLc;nhg^n8hvN3Q=DaKn%lAr$M=UDB(-QtNR@rSiX0=iO-}f`FHjSQG zBHS*vS93=ZQ}i|Q8O&nwXPkfBxXEK^FKMF2$)5g1DD|U|P;eEcy^CV@;ra!9kY2Sb zAyr$j$LM=Rvj{oKtj|h-LGe?SUGfan1C_)zpOlcC(GBtW1-{4l98fTekDM!E!n0zY z@o^w*&wz-?L2J~$i#4KC5N<<%g{Hy4uJ#WEnL}vPRBjh%*$D#F$yw(^zPO=-B^Knt zP$BtR$J&>F|`6&Rn(o7g+oN-Q6dvAgg%T6-Iu*94#T)NBxuRy5JBP3@y=&mu+ zIHM8#6P|BG$DApdjU4Cj0`)Ae;TRi#TnldYE{PbBM;%unQmkjh_9E`*7V@3!kh9_$ z`>~Bw_#d+VJO5A^&CQG>0W(IgWh)Q3M)Qb~)B&fuzFSPr%BkUZ0)beer5TbQ zG%tEErg!N7;9ng&Pt2uZz`#h*{#TszU)`Gjhag76^DEh^>|tte<7RE)`d>hdwvRuC z7v?|3-=i0-yVCf^elw*h=IAh?Kk6wUD9vC$a|(iuX|l= z=&-1Ju2Q8T*T5UCI-}d%yce+jq!Mp?TcP{@X&HY(mHjh6KIoveXTR&oZ{(?KJ6qs& zB6I}YK1Cp~$#@}t66ekZBr+V+>Fol>+$U$zIf0B@Y`AeUGVYSB-Ps>Au=kW2vaewZ zT8+_qyT$9&M5wzf#;SYTNAxa^<&Mhbe!Iom*c;Kia#(Rf^x=DBcdT^ zGfQd!%!&eJHfiJ`;Ejqj&lA`uDz^y;8V`x$^kD2A&jUxTN6 z-c$Mw16VmZ^rU`tw@IC(+mG-HJa%+j!0b7PeZ+A$xbAYE`=Ezw&|2gOpq3u~pp+w~ zuwjwVk|Vc3ZJka0fH6LEHnYf0y&o!8K_S@buL+tr9t%4+V-#l0adl$zvl1&o6xakUl+&9Tyq8tEvt)-x97>3)n0$H%dJmnyBf-S z1E`Yq@p5-=X&N>DwXJ_=R!WVXMYVT%N^G-*z1EHgf3hh*^AW96ujtnP@2lTL6Xs%= z2^teauC85}JCxon0hCs>3B0b)X=i1&XDp~a_vP4HMoQG_WG&C&Tx>H9S57KdSu2id zAz9{Dxz3UpjuV?8Vb=BJ1Le3~nLcHDDFLjai;H3(6)JxO8|E>S)o#3xD?!EaG9i-$ zrn_QCMWAd)&Rbu!*!Glmo(s}=AtNt3+l)-vadDP$v5O<9yk=*dr<5cP5OTa{3)}IJ zJK1^^f&F48(lX-0onwpyv1Gr$AQ`SZq>k|OzpUYyMXunXwOntSHp>&{L!( z)bs@1W4Kekh~qB*1ohT3rm9qyA( z-B-5H<{en6UPL9m!Uu24>O12+{7j+ai{;Rs<@NCh>brvgKVM@UZxXfS$ZBB_#KOZZ zLMs#(A}c}*k2R-J^TlD%te;s+n7O$|t5sbL?*@5y;U(*eA}_Ztl`^oG>P=~H26xk2 z=AE{wDti?)Pc_W>Zh|k)O658W+5tm?cJkTsG;f&S^@f8m1VY*Ug=Hyw05@$%jexY+ zC^5hs0y|@FB@4rZd-%OF-B*z7TUw?wdgRh?G&(eAS<#VymxO7QGKpg)u1CwfqZ7B7 zxPn0*%>AbXCG7gy{He~f{@2t-%alQO|%c0y27Zw#feOIKjh;=HZA`TWD4dtg9NAB|d6UnC+M zv*Wiqn>@M94O>XyKwO5R9~tG2ff`)(TV=gLiL(qFS;Zp*@UMHk_QB4J^=U5@f_xu1 zB0s-ZOw~cPH4G*8oZkAY1ACt5y*$VwaqsFPsWH;x`R(kkYMLv`aDt zm_|mN+8L8sf{admMZML6c4$m=N=ZKi5l)>x=I6=2t2t?Oct=x(QAzjfGhCFhW#k1s zqXy&7pU(_R_*D-~8uX)SE@w2SvFpeiN{cS&g`v2}1Y!0TygEXu|5yG3mByQZ+o+FSaV)mej-t-GD?D)qK-g=_?xB^}cOY*Co|pe7wyx{-QU zqZ#(#@i>#kZnKI_YL1HRAKnBH=+-zRX9H}!k6Xa-qi8ehjr6+Et%FBigx=4}2n z0Ksm8!p`+(L-}W8pzEQjU*1?=h==ZI0*Dn&goTM;Z!q$%zn`-F`qL4c)XsBWd;vpA zd(aa*SG!w{$!*3>`RaWPOlgVei!;XYb76#7IOjT>0cURR$o>1I_HVpWg82IGrbUCN zHyct~(JGk4lG!6crhvw;o9urPmU<%xao1G_E@3RClg@!&1MM^Vhh1}i%m*Zj0tEC(%;D1I{`3~B z6by7Z!=|yNv+aO>%KkKA9zm(&@ODig6#)3^k}RxA%LPo7otq?D;#SRpujHsib^glU zM3K3YhvYe2+=b2R$iQDnszy+`U5mUaD(+pj;bO#BD&ADEML z23GFrYum{C|Fv!OUoof3{~2*6XW^sv#nD+Po4C1oIk}qu7u2b~sfMmaAczlvp9IB8 zrmc5jD}mm1m^&>v9*$tXpmAukqp+->I(@A9%6w@ zrnFT5rNnq(XRD^mqlQfWvbZ%BzHn|@EFsrc>p$yD=bjO0HSGTza~KP+Y*M89NWka> z5!1)y;t~*yCG#g<`|M*Tee3i6eR86@=}EdJd*cutbp%@0iHi-Ibv2iSi$=O8)p1Y+ zZYOL7+fWY0mwnc}S2~6j+m~Q``^A;pL3Uf29re>w>;kVoWlpr=ocb(A2OA>FFL=ho zaGWF-eKU{-Z5AaFrliIBT6pID)f`-uj^VXN{>oJC(#EJ3Q2Es?hi1lAdbA@TNuWOj zllbvX3x4rXo$ARrW^n^S1p~DH`x4Lg>Wa0s6rF<0A_X9m{jJDiSjrbjZrH3T9n`7= zXW7@so5Coc_iMxut)&yMR8c%dTiYX_lX$vKscCKF4!u=x+riV_ZCRr8a_iKEMFpQo zK#gRX24h{@-5Fbs>xvf?4~^9QW3o?-LC^bMc&ZSH30?I(*FVwo%Qr7oc<68vdchyN?$At8LR6J~j5>&ZS4drnFIbJHtJ2EOzMmEDo>U*1S$x zSmNsL5~t15&oUt9Ws5=5$VvLUjsBI}#kcH7b3LED-&s5cshD5;vy;m)CqUU&-^0pg zZKuN5mJwvFXV1LDY`KZkA9pFond!iDs6d|$#;cFyI%C4W2?I3C;AZ~BX8O5`U`%^m z)iW@~a|hQt)$wmM$!@|s`dv9r@6n%5W#xt@J5OTC=@F9|LTV3a=OO6=@#jr}0EpT` z0PIq`313?*ec_*O;(9S~F`N+#H4BdOPtqVR*D9_JQrGkPQ>&XrrV6VKw~diNfC14v z?ht`tv3h=%KkPAOcpPt9CW3s!Hitx3p~F%E&Si-eVFasm$@0okg#mG*f;&{F=?!@3 z;qEfe9r}eB`CLQfzJ6VH8TaS^_`uf?^zlu<%5K2E0tx^7FoNv=*$4igiG=?TDgGZz zV=0H3f!q53%-MEfD9phuAQKZpcQwC5ih>|yexSuUpR(LhO+bq4GE}S-kr0)J zH0#z35w#TkQE7QNNh4an^t^0YUs@u1T-$V9-*k*`HfWrF`xtq5gDe4e>Hhcc>e?^= zSg`wgdU@+*13S{1N_f8vr^`@Y@SaiTQzFT!BhgDul-TvFJ17I{-$ z)Jb+WUiM_<9-aFmWh?2x%JG%=Lo~@KZKm#Io8#4sJ9R!tdb5u5MTzzk$njj09VqpW zax_TpuV3a%5XWn1%%`?!P?50Q`9F{O^?U5hMzkPTIrVLuTQ<1VRydXfnqvX>ifyz@K(5v|i9Q*FXA zjSOAsO4Y43_u~9HUOeqlgMVr^-t!q6(TI>tZ6en`WhTjJbCP_DPOaN5#YJ+JIbkwo zrKbxp#?C;Wx{X%#)azCqTgmO#oi>Y9g55wsZhzHrZDM&GlKam(feb{_gvYJGpBSeU zq&tJoA8haj`qz6Bc-$b`{uoLfvQbrFdYca~w{2$#Z4dv_=z(4I5dTNtmT`sLQ-rCY zV1spkeAbk7)BHBZdCoWoRg!g#!*cO>XjE;uwwI9-he{7Q&MA`P`BJ7g`TSy{c!1IG z^SE$rZKY;c4m@HR4tJ@0>)#s4Ll5RxiP1+AMTrOg)z!9t`N|-0fi~7^6u(;UAMEG% z9V9z`mub_ibTQ$?OK&kSNP9}4$;&NzdQzFre-s+~>oJ_gQ@jf%PIx^Z}iAw_3&gMaAi}jG+8c;eZR$DbhmSsn#l*%tZ)0O%_psk`PRioc$U_T z8e99h)oay!!|OX}Id3Q+?Q>pfFjxpTovk2BvMu|&07CS<)$c92m8F57U#Z`!p?=ut zAGkQ8!xUoEV~DJ&&{v~KG{>`)pGl8(e=CKg&r4=3V)-6V;q{_%eflZMUU$H@*|r|- zK6`!EJQ$=lEO5sJ9^v52a%N<~+{wCzn$1rvY8_(B?lZ|)dxpdu6~5Quo9w%?b`|++ z;u6+n?9F%J1jR6wG$yN>GtAUw^JIhM+lZ=O7`O?YBhXzkbhMj?YbA|$amS0su7<^{ zwVfX)s^zqmx~2vwHyk=EF2%6b$U$`8ceHNG_^PM|5zW8f$eoY)_@~}+tXc?T4n3TV z{m?-d&{q8T)6!#|PD9T!cAgLbYppPB0?VS>COC)JMP5tYK2b=QTU?^$vuC5@q?%Xt z;0<9nUrZX{Awc!@eq`b?i^}$#t=oCrv?6j~X!3Dnto@>aZ|ZGBDW=J$2!Wdq5$Vq= z3so(0Vc&?Bj2|$u-srz?pzkdi7b254EGJrYSSJ(J!@jth7nw{dNR~|tjIN0sBKNAG z9ds`~yeT-uG}jh`*FyHJd6;5dRIM8`A-mAjmMo3(2za#Bg+`P-auu(Vva)S<8&H{S5s!}n6*|mCKsxRjj%Y~Y*+RYx?bQ$WY$~G)C0pTEHSKYuNb4oAW5HB zmWaK_&g$N7$U%tfdY~qNX9m|nYUOZl%$>qpy`~0Kps;%Qp)b4YWOa`4mTSmq`%{5+ z5!v?}%UEX8gkT|QpB1#iZvrv`j%nBay{rfzZg6!6=MpyZsT?^PnTB~-rkc4g@?}9T zQM6jWn2gLTMVs815XmUGjA6n-OcOfG5rTN((zjP7%!3T`M{d0i*0d`ex><@k4jtf$NlwsM!e zPqC(41WA$9hwg`(s$KGb7Pe6FgU1h~U zdWwe9ENFhffZ+C~rqf{G5&6k^K@53zfGBQsUBx%!^tFc-^ytiNRxYSzdE1?vXrBHh zIBitO%HPhg`c4eEgqvi)*M^!QQ$wxUQk&Rw_%~cRFNw>~(zn$ax-@oEyxZHFO^*-1 znwurN*0EP5OK3J9zIqFQf7wkH>2cG`ENi+)ooLLxv zeilOBW*!x(h98O$cn2eXya`Pb7~FYE8;2;F-|X)Nc&LpCyu&y>&B)Er@{yk{oIx@# zlt#3SOY?|&iSxb1!lDU*e#E%4UBd=qy^)0e`H*{t#o3O*_}Ftua%919t~<(O^8iObg7lrZLJYc~6+><;Gj$5bqDj<1yzUf9`anlv2pJp2^^i)s1Hhq6t3pVWY`QvNLP4*KI{ zqFCBSftYzp05LyI{)&W4frI#_o{-jD4{+CG`2#jKK#Yo#w?i%QNo=9(&s%%P5jZxW zbT^W5wzcT2DLhVIVl=%A$S303%SofNmOr!Hwn#sf{Fc{3_a<6KD`i|dl~-DC_1lO1 zUfkcv0?^i4=LMYPTS);#!<-brH>#8Az$Kqyz?=EJkGw!DrHo#o5ZyhE^}QDhVF zdYI}l&p*R8J04?b$HoMzc9d`}B~EP2LC6h|$_JUFAYP)u8t~a`8cAD;Qp_6b4o=uP zj8F$xO`cza>lXEe^%$~XiZ6`*-k`nLSa%G2PPrKSG5C7r7%@X>O7LTe_iAqY<5Pos z0K0mKetuAz%tOcsIc6ixG9evjSUUg_Je__ro~4q>^Bec$Oza^v|KVD{>eBtX-W^=^ zkjql5r(UW@ya363_@gPPRt;RdvC+ zWyhjH_sbzgs&E0R=-qk#kbq4YD;Eu<2{&{&UN^nYQHDCh4>CmeyYnBlm_@gd;_dn! z>gWC|OW^VdI4lz!ta0=^4XbM>)sL1msf~)-c^->#qw|A#?HEj&-2|wPJQhn#Ovz*7 zaWV*_u`Hg+F7&!4PBg`$kr{!N+BCJ>EOx;DoeNBkF*GW}m3n5xaAR@LzCIHkixVpz zDcchyDl|80ql`e0LzXPHVYaMCOAPBG}Hgb@oX-JxX#B#qV-uKSWtyKuObfPN?rcQ>6a zuNatnT7dlUeE6QdeU7G6g4CvTA6rGW({btv70JZxzl;9MCRjx}IA&aJC%zMI-w=y= zt=W-lAk<~tY#=r(mXw2i=qdq^Gr6`oc9V;p$il$COLk4IfJfR{68(W|CcDI!M%G;X zbHjKEL|!?u%q&pbD*|E_uf%`^hE)YZ9XUxt*4=`tU*4GA)SPtLzWTPRo>w$o+&rRY zR8MJb+tuL@a9zXDwBqW&iNXE4PKCC5_9;H_hP6U6J|i?ℑQIDYq5ka?Ej0*Pcs7 z7dp+lb!l97i4$2tu`T7(bo>MXQS)uT%js($u*wyVA!^0?GAlVk$AWjfbxnn|z+$=9 zr1cVvL>1`%Q3T`&1;20J)8w+}*A=|m-7CCe{XIV69KBO!I+i`ywggs9mJ=Vkd4n?- zxz--pBysyRprd{X5@SfjFm4s=$d9tJ@Vu1U4OJX)>Ub_eSt2?a*cy^+TG z10U_&>m;wK5#9oqT`6L2&m)R3%g(BOy-a$nY3U+g3lXu;YD>?oe}b18I{!3125XB@ zUQ-9y!*Wf#wmF@sZD~hthP7XtpUmSZ+cO}H9cmSY6lc1pwbizht+_#T5K5s}%Fb#} zB;4x%B;=l>Q!XN~c%Tc4Bq~HE?ScRM3V3-(7@MBKKG8T37MZT<6q#RDk9H@N)Qi7e zV;$p*ol_(vaYl9!&7Lfn#)@sg6yz>E)_mpKETTD4(I`G*z#UqluH`c!x!Q7IcVPZ}QR9iAw% zm4BZ1CzAO@O&f7(g4V0>(4P1+a&w{1i&8WDH0JIIY6zZx zykqmbQ|#YGOIZCAC6UuC!TzBLB8=(w#|IDxc8PWDbT6xnRy&&uxR6iJvBjV1+ z4kM3Jss~jWJw(_R#5}`9E1XqfJ&FJgz_54(&_r|yjwmQUS=-3*#sjqd-sur32li0% z_?s4N4Y`0bA&_e?&Xwkq!j?7vyy3`U0cvMVWvTYBW8`0^1kt>w)t}Q5&=^qeV&DJL zHX%3zLpP{qyH0$NeYaxPLMvXt3IxDdiNu|PF9S2;#o+E=5;nEr=qv7IgldFB)&vgV z!Cs+nJ$s@95uS-Tchg(lpMiPE88xamt!gsDE!x(7*XBQ>te;)Oo?+Am2pKOlPwT(k zlN*nQN-iAs7ePJCtRw)E<4xC!xuAsXRCf}Tjeiw>jbk+BKxPC&!5Tvd4?uRq1YgO6 z)?C}+bmz^5mQ71rd+DSSoFKgIFmL><>kywYE>a8P9bZ`>mPTgJ$xogjb%o=WlnO4@ ztUo9y?o_}YS@o)<*1?dAD`0PgpsOS7wUI4)ZJUC6?NdWM7~3c{LDltqB)KI&nn^Ix z?=!${wsKeEGTK_FW+xu!IjV4x+_{_q^>x@MJ#pAMQ$~fn5cWUhpEuMvu5kpN4#yk? zB<{Y2B|$a8Lr4(J@a!bDhXtED-TM5MHE5VsO!iV(YnxILwA9CNb}ImUBdU8N;B4}P zH!Aqr5*pRf&5{a6J2kXfveukrTkxKm&GB?f)S7I3=ivM<+f}-iq}C+b4!XVKm7url zDz&Pljb9?Z&eweF&PIk58_E+^xZNB@{aN{Ht(oZJ4b9oE-YW*!Z0fSeAC&z(bi7(gY|qq3AEx z_lMGM4NhbDi4BYDvp>9G=x?-YWBC5R)W&>J zGA{lv*4_dt>t*{Nrn^HL6zT3pq`SMNyIVr(2I-RSZjc5k>Fx&U?iAh!&;8vidhWT$ z^M7X@*LifU*`L`nyJlv8XIEdDjB~%4f|mD9#mU=xFwWCmAidR*T0p?|kjs=dIWq}O zsT|!5SWL%Zz6puArPK^2iFK`LK=wN4np+s3W!bE};wS6#Y_EiQOo*$Cb&UBN6qnI6K(x!sF;9}!FTm!ABV!TkQXxN2aU zv3Uc6OTN)9;q9F`%R`7r%y&rhE~vuM1i4q&-)<$nelERc}aVj1;%drPJiz^kFL#pHs|C%RllVIdh zdg~bS>ATYXpo)kHlhW zM2lLNU%)_MkRVU82b3+6e9i{PuHJDOMqnEsiRk+>u+9`hxkZ65h+2nYv;w0Ryoui& zbWss^acs=-MQ;l!92~1_W;quUKNr`t8!{#+m+ymK4LMsZaP!D%)(i!Ba}X7+9h9wp zHXa})38!X-iG(|fvt<4a|56I-O{g+k3D|tnUewz2Rk0G_etDou0y=5%{;}`>2kmDB zKDBS<0;Ln1N71ClhC6Hp#@;s1tu!mQS|dY#=>$YU zLzxuK5jn?hMYh1yUwx~5c1^%(Gn6dT92(<4H~Q3^GKd}7&JKjWw*+74mK+`i+-w`N zt^3k#r82gEdJCqt+NHh?F&0{ysS1VO8F~nzk(x`J)(z$pNxLTb@lpq8zMbR~&1-9l zb{7JcHs&3v#6j0j?Jf_#j+-@AGwjOVO$k|c#D$-NGEgQ9$1EFN}Wqz#YxAt&TaJdYE%?;fWJ_M zpKz807iL7V37`so1M4mpi#@pRN2U2;T|+(g#rOY`D)g}`4C;Db^u35S>N~NhC#NiO z0YB8P;t|_p==kD6uQ>-d<`4-JHbS8I>A2wx(+E!Y<1l)lO-Nz9HKVyoaD~p>_D?=%#_B2VwQsChkyefh@y8-$=+e-)=Uj-;^aMme@pZTzS|9GBtF~#!7LGV4tuZe zP`K&5<;mNou453`AXA?#WP@monT;JbV%licdMb6`YY{fq)aZ?14I-8zAW;*QvN5+U z-x#dbeT&lwYqzHp>QouLzsuGR=ZeVv1UaF1PymkK<`c;Kp$`JFu?lLbO061<^TmY{`jIC}@_ zEKeoI%C7H|M8%#=rR#H^t|1ShLfuu!ckg+`+#OYy3;5ENii&rV6Ap53w^I(T*M^on zAgwV96+_asI-#)J(Ig=m(dUa+o>?ldtV!iuv#Aeo#1}4G<|H^BiK3^jGD4=pM!!Ub zakkLo*FNZdqkio|EkjI(=1y|J{i-KvktKz;ew@uMN z-heFKHAnJc1l7c$h86*G)FK(mEy{mJy1$4(WRAJK6!o33zfw+OlE4f%9@#r9k9#Q_ z^P(0VLOfjiw+lpNi8lCs3MJ@bC$?d5SXuRV{ArGi(t+NtAgI0@X!S3m^p~cofq8F( z_l<0&ZzA-=NM+tOzERAJ8pr<{p-;tc0FHkLd9c)c@ZLk1BOflMv}d7_tPva%w(*%~ zuPzdLXR)Ki5QM3qkzx`D?fD#*3&z@~!Rdfw$@R!qrg|7(L zrgT+@@@ihY%&eX}s!LzmcoAUkcw3=Hm8d8YD^%K4=&D46y*rnUIp`ZXqL*;(SZ z*dY02eCzi`6lvW+^~QpUH_hXREwcR38tm^3*&R6U7t4lr-9wuf-E+L`U*N2$<&91> zVt}yBWxibt<#dxHE!64XQx4G#HTbZ@U7fGXq8{0TBi)mK&lJp^S7BzE}wea-L*j^@8!0b9(r4~IL#UmU`dMAGPOvvXe_CI8gRV;vLG$cQWP43}nP z=L9;OKz0LC;vwYZYMBx)<_JZ~HRl>61_SdRTF)#Y$MF<>o&g~cJNpp2i(-?$v^Bl4 z>zjkArOZ@T&7d)SO8-|bu34!JKSbkX`j0f2p>kT;u~ukK5(l(=;s~$okC1)5&6pLo zzQ*q;q#)37y*fe3Y)NyAk6W)Yk0Z-HHJ!iu{-*y03AUdQ;D&Dg$(#N^m!wesXNnA{ zW#V9KV(;>YLjSjmcy)O+VNC8O4Z|6{7hZ8-FT*gbF=)LpZIQtSV8{y`(KW>i-OT(P zjq!5wQ&gdNNQPWU@);8S@7~|#Z6)YTn#Vi~%tjm=`=&W`eRF$r`0oA=ww3iN-%CdV zzOB;$vYKH>QDRLDT-m0WZ{^&4lQW)tO(-Y9!Mc*KmK|~l=1hVML|!DMAWi_O`arzzPhB?SwkHl~c& z*x+W;2p##ho<#(3=7-%u*yS)tfgiX^&mtN&F`Kb)^6pgEJ8Ip2NT{WW!dNWE2gkGM zHM_LU+!%`MZZCOtIVISj2ukBtyS%{zq?RXN80^{7>5_ttSQ;*KVUWy%58O-u z(>b@`N4B>d?Ajb2hSRszDI4#~jy1ry-B^kyWU>og#KFuzHB{e_I(_>jrPLn3^)Kz! ztS-^L(1>h7k_I0{ZwxB*a2i{1eX%n;2Dk9OSIsB%8}J!-@g-D8+6T-RKShB|L`|ewA9FSDEd>NX+dYwFS=y7?-meMd2 zjfZV!^AYe+#%1HH&5y1__s3JTEx?~Vt>oDJ&B*o3nIy$!{S!KDv8T!-KT}we^(1Ck z?p!H!8;QE5@L}(Ah>1o!%!}#rcVm#d1?RSF z`N;pj*7@eF^+bJi@;$)VBkXlbc!H}KzQ>*$%}4rWJ;N87=rM{O%P zVrKeGciUX6t0r;aTte<KlKonkdEyNj;FRmh#VU%9w(AH7k zy~da6Bx1cr2C?Hr=@`HWPw-dz_L|L55dRE>w#2;#k8W4h`}{MAUlWz=B@soo4&7iZXq-aB<+r${kr``mVnS-(7L%(k+q!ZwnD7fFWgFX=&S6t+b8voS>s^c-4Mh=$Ipt z{Q_eTaZ*Kt@-Bv{6xoY-lnO;F%44cL1U=fCQ9$dt0tWOp?kkdx(-#iDdFvk%5l<+o(i&}CubeffAtf&x~( z8lIOZ+VFRRQyjM(HYG?zZfB%wGhQyZ0&1eA+@?N!bk$CE-93H@6dR<7U$y+2p6}{| z7h>V3so?PCSBTw^2B)%!2i@I`S8T6VIzhK$21wD}#F}rbAhGckj<68LY+iTrpIobw z-+c`7Utj)!%SGrwaGr(|-m`IPJDr=R-T7X_Or~><0>SkNEJeXupi`bAMd=tEUHfbq z%dIDvcI`t@0A!_&LYs0{sFA^`BKi>dRU+hs?HyM$O_CLvbDKA|n>@?Xi7tC{@iHfc zmco%H`qJqe;*^-tLvcGEnPYx*9=T&Z@|!?N+7$ytk09l*M@BFn2W@ZFzhP+Ip|qSV zPqF1Jvr>2zt~!lgE2G~ndh;xY!`u_eU@|v=fk+x=P-2GpznnXJ)3JBJqSy0$$sVh` zY)K&rD=8Oo)i&+zW z5g7s7&>FP6it*KeV5DtCk?FQUX3RW!UwrEx{oIE!=v3sYsi>5h-q8;hq{$2!Z7iD2 zsP^gou|n-&Y`YvwlK9Zt(p;cA10sxOQrqonYLq78zAxwaS3VgCw3)%&f0lR-il!m@ z3Ra@p##Fo;t1aS<XAjhfR~lqdMLWyGPx)sBt^9(ijK3tMLt-90P%!hc6k&T z6N72Z;bzjpyiNohLZ*{In>PAgs7{4@Uq^CUOn5bU4;yc|APVHc+-!c4CUJ za)Z@EF|BCoUyq~!uJ&FD^G6lkzDgiXXb?r5E2)n{K)FZewG4sxPG5F-#-KzKOA(6! z{!aM_k*1CW#bL)McR+%a@CJf%%`k;7xNsc?n zEFZdxq<_$!2p!7c48+2b8rmFzv=-9TPRm-CP;eEDDmwsc7moBT$Y|61bpq%sY50fF zIM}PBxqTx!%aZWj$5tERezkNRM5AA{(*r?dMLd!TQJGgF>jnAfa)nNvH2q|QigAa1 z)X5TM1j}11-bcV;mRl1U>n zgfTRNPL(rlN7K4>RYIL}ePl5T-AIz& z4t+t1kq(6wqs7e%b=xBj$&W8`=p_)ex7;SBUn=2z0kbyeBh#%XF$_pZj3>@h`nD7U zSwf9j%h-u4+28r0H6$vQ$|a3tRD$xsnxXsi!rMsHvt{1_9aX8|N?z8Pw$yge!TbwFPyg(ay_f>oa} z$+kx$i!+r2o{o>V!>$fGe-XzPLFO&Cm5=#FA%oo|Ax1nyEk}xc5$UQ$ivg`%1C_Ev z%+oj5fQ3=|%|7NgDZfFH^CPdA;pF@TXeL<#=C3PsA)-A2psAkNt}-9U>Q;jjgl#4uP z8pd&~&QU@rU5xs!Uri4&FnHS9hzhu|+k9}oizHe(q%J&P=-FV;ORde1-Mux|6{<@y z6$dSGye z@v`hBtfjjolIN(L5bxuPQXMw{+DM(;P%?5xf0?vCKuqRNsO75}`K|C2vu@AFQFvM< zxhEM}uFGDSEpbx4Ml6we!y%8<_LsJFXwgZgU`sax%ZnleadEn3mQybkc#C@5?4f zImZm{EOqdapcp}vb75~K{#UK8lQ~?6{3K-$Q)(=!RKa3d<%yZITZP)K1P2Cq`wZ>pDitv7=P;wm)g z;*9gzH#hdLxJb3@urFi>vt99D_Q1>!>Jw5`!gXg&*YgB9oMUvemD5;cEj&%vCDy+I)_-Rl0PxzZFh8I@dLWA%&7vR&uB=i1;u<6xs?FbUB=*~C_gK8nQYhr32 zp;2}0k#I09`N5Jk+-Vz!%O_6O(!5RLyeo>UL%F>pA@Uyll-m?xY6!X^z(-z0^C}Ko z^pVLRtr75K(b)xf()Krl^31?Yk^>%ulIIf7h}#NE8oKF)wo*bJ%K=X>cxeV3*U+oM zcp#is(69LN#o&9@ukW`B<4g5Fd`t-bib6#i>H945lp4aE5X2&WaD79r{=+xoul=?M zcHq!;VT}<1ingU=cpX7(dY-=VX@hhe=Lj4q!F6QVpPkWEar*aM>gOxdpuU*L5ID1} zgU4JWid-4OKSxUJf+rAgi8&!Mti`w)G&gg)-l(d^xZbF#Zg4-Hg`j(fWCYE0xmtuQ zwyu!K@;*q`)L(X{xr_kzMus@h1+8Fd0yg_dRN+;>qJ;oOg81^_ygo0qi%i?rr1iVq zx^|@0VmC{j#+UPYe!{$il7yYH&74qQv=ZU;LV3|RuWR1ljNvswVKw%xCJC5QXmrbF zrfsrqsO;-!C=R8@)L9NTLQGYx*OrDVtN_`J2B?HX1#W!&sK0pq?CaN69fexjE#Wek z*52jL^!7ZH(w%M;=+^|XVjFN?OKjDavV~U*Qa9R^u1fc`rHby9cRM;o=9k4g!u!va zFwzjsF7zr7&4rs;ggt=9+%~^P9CmB8a0J-Z$(6S_1373&VzqMEPL|%p@Q(L=w#n3H z59;wR*Wy@c#g-)^wIF*vA&XW?l-zB$Axj1eY3)JlI8{$n%X*{vtj-m=5)6xs=8JCz zc}pO3rX*F~`PZ=|nceF1#@Ljl)A1LvH+mA&Yei!;xTwU&Xfe8>Y~5J33~a>FUp7fb z$m_3~W11$ZMp9lDw<2MbEq{s!s}za19o0jImJ{C@kKn=){fHE3OaE3R!R$zDbosf- z(euC~O!0Z0y)MR2z(atqoPiI!f}Ihy3}-mIDlRDwTFt23OV?;_>cUeF+SI2hxjrQ= zE`CNFP!}Y&#F+TRPt}>MOMHN0Ru;}V{c^Kzw)8`A@!7QGkiw082+pz8h3PTUx5mJR;&#xp3y4VPmj~HHtWjTI z;4a_Gb(~Yn-9DR#!Epb$akf*z(7x?L{Ee}vYw?y%IqmhHK5uh!Uj5bro-@x#EV(12 z8^6Zqk`8W|0|o0iFGR9wJ;il=q*O|_x1gS0FC;uEm66GmREjTZPFQ)y=2!(V8edMl z(FDFIj}Rl~9}ShoZpZq@%V+CU(?3+RL#lk@3o(3027{n_>A7s^|{rMwVHF~SpJOFxfNCp z|FIx-U&_FRv%AM39PNoDo?Eboa5KK?9}+C zI@uqj(_4p6CEm(4z1gZb;e_kS&_;&?CEgC)H*6yGLTp@(B$hwHJ2*Icz2j~!QQ(fn z&`5R7JMaqO8}ZxUE9nbKK4kR{r*P zud6bGIVM|*QgwuGPavEw!0RSrgN(hPeFjl6c_7rS zQ#o7FjL`Raf$}D0^~|(DaArE!=%o}|&K5BCur@~g0cX#v*_kY??Ss!wWmZ)pX{q|s z`nc^tqLu6KdEp`s1R>hLW_u$-Q}Mp7xAyEX`YPh!-nIoE=__%`{#L9ikw;V_gW1_0+oa~-2{gCMVKr#T#dOug*$IMLpf==Q_&1PHBWX+8m&t{MKu{>#LcMx zeNI7da<$&;a@}m&QyZrPz_CM}-DT>7Rx^k-B%)i0-e7yRti~mMcu_bq)zuXW>%8?? zdj?{dx}N@hZ#xQqLH;frqoBo(MwQ_72d?qr*f3ow?H!7O(~Oc*y8d;T^~2Mc1vLZr zhI-io^WrI(?EQtEC{yZ|YW0%n-fOXa=yrwU1U95b@-LO9@W3BV1;T)e1NOp<9f|l2 z6$N`sWUsFG5coNAFMBvt6(Z&jsxGqf1DkT}-*BJ};ORuqU51#<$z=n^So!As!bNbSi6%Fn4f-*vn!nBycQm zp%&=+%C`Ih)r*Hg!oOhQxl-<+jG7|l=S}sDWV%!9q_&|4++HxI3v2%suOPFVx{xsM z^Yq-g(GH3l1{i~xEt#%z7C7J9)7iKP#fuMSyja$|N3&MA&LGA%mWqqpZzb-(Xs^Dm)fRFb)>FmF5YEfYEm%Zv5pyDxq$#(TD5cVz=Q~;CtKaoM zozX#O28&=zcFKpNni^O+I+QK5J3QdWA*`DH5RbJgZ=bw-A*yI6iQG*&qcZ?kIey=j zuM^hl)X7^Y&K4{>OieP0Hd>WK%DX14zrw_rI7D>^eW7lvpV%d#+ZYgT0#^@djj(Bg z-ws|8PBd7Za$1)^jy#$K`%Z5a%E-er?jC)69QGzsY*?cZ!Vt=#COrNHUt9pDb)D;~ zwuI}|S72_|S=H9#nst!x{?BMn_`fvt zx7{4w-=fHGWoc)xV`=|~PYaC{w;Fqm)NM3Z<*<~EC?*cOF#~A<=ZpHBXvzUqyc};v z3W?NgjjHDvPe!$Tba*FpASl86QXhc?wyNWFNSfVm19wIjEu8n~o88ht&Y-26Z%|T( zS{LE=P*t3&3oHwoO%!k^D)E-&B$HcB_r0{_h_h^jZ5Z3u201~3)lhP=LMut&Zza4y zL6R~#+H2f|o%a1Qw>>6U9H0@P_vRzHI31X~^IS{7XrcBNb7Z(Dcvww2#KNG=!-*3u zl5t|V;^v~4<69eZICA50lhsJd_E>i6*Ietf)l#fJB0ul?Ix%4-K^^8gu@?jeqczSp zMm==&DxLA2z9itj^%=Gy{Rxb=m{rDTDXWy3pL!?iPJwdFvQO)oEB@&osAtbNZxYYQ z*ea}>yyJM)Z+V?Q!s;(@UYVi{mx+QCoV2_l-#v+Lm8C|;TQ^JmNCu2vOr+#oAkg^I zxC{9P3o&MQvs<>mPE;Fg?<1o6e1A3=K$>dP}gBn(4;{isRGGWNu?z7fZZewRmR4g@Y8oB@7mZ-u70scVyzVNu^di93dJR z`7?&}GI1ZR7W9*e#izHA{;_@&eJA4B0Q1vj04=; zxIwz0Pg*+TxnzE532szfcKxCbz9>|$y^J>>u|j3z9)L`2^gh4+@OAS#3f9y%*C)>@ zu&N~3WqPhQTF>0Notf`dG1n+PpiKa->lUCK|NUT{=5L9yyq>Xvh0Y&B93!tOKPH33 zT`QTy)B)nD^cqcJyaoyxtR)X!K*7+|1arLS+Esu?ZgX=aE_tFne zJ`3@Kf5YYc0=KK9-C=4Aj|ZqqYabezF$4Y^sgC#n7c2_=69Z4zXT)%#&O~Du^xe`# z`b1pob4Dl?D6v;HWUK7nRrjXF6?M(3dSubuE$Qy2E~kkmR}MoHd$E&MIL*k@V6&e4 z#`Sf2%%Q}7)03PKHV&B?@*LjtFnH*hCiHphntDUSxa}6kZBU$??`@R#cNV6z6wPwu2;a?ij#USWhS zHF0Dig?9{V$>ys+;<%sI@nKiiph@)_--N#K?Kg4u1(`RoSwMKYTqd#0DH2Xr@D^pV$W6Ir1b zG!^BiP;_u*dcL52i$3_hWk#Nla&$gA^~U=-UT{l+Ih!?PuX$tJ&t@z!QF7MmHaE&; zm#X{UpV2xZ+D_1`6=!R`d!V9RH*o#d?B?JSw)jD8h`yYwHwHwXF=D_r7}E+C6LSr8 zH9}+syQ|GQd6>H5E{gNb5)!A7TPjjJyjoN`E&nlUe8?(BKzM3zfy`A{2ffd?G9jls zNwt_LvQ+};Z%krp?Ct6uqKtxQIo;tOsQTS}ovnK#NN7d0BhfBoxi)(v!x^j)Gk-xT_#QwviSs(($Ie(e=m}r4cx9VBc2~L)~Uk+OE*%E2T z{@(X;4-1HcGlc*(PzC=hHTa)z%(-;0&(}M7$5>goFd-Ij?=jjxciFt_zVvY0e7SL6Tha*kru5TR zH~*)cWpsj)+hg%7190t=l|GL<7_H)V<)cJ`+@pHLmYw!e@+$`(1&yfirK1(r^;>4} zmi2C{H77JT#kQ%hM^0wPu2=3n*vF7C_ru}vpOk`2*TTPU;lSLhG(QNmrQRGFd6>7Q zQeMFl+{?k-QW7+8ceC6%P{-U$;@v-cM@oLL)y8u*LV^D9@;)EoA>>_td&}z5-Iddw zzuR3d!GrHZN&CYxJov+Ido9uK!}XCNUUO*ejx~Rp6qGD6!NjYT2u9|Um2+6ZtGf)P zD|FdSR0=1`$uHe%*LiW_5Q6g?7{DW2-S1U4Q6=5h)RK+6aNGjUUzK~-1V2li-U4jp zRn0E~=e|u-)qLs3zE+_mI1ifM!Qd^IM4kgLh}stQe8XfRB~%siEOqqd@fqOs%s}uH zgGm<2%aJqv+V_`f5eyanJ;76b`nVo2bjKE zIgLgoGf;W5s1Fpy90YYR+Yu%QVJhj*#xqqHwGl9?zQkhh@sDT{2%RH2-?R2O_OZ-1 z>i@K875|niiG>z#szM%Qm#=t4xEfZCD1T&BWiqQx|6Kp0q7k)0*2~S1Ec^&AjpE#8 z59&gA+d&LXK7W2t`bK%TcO-bO2w51!K^ZH0aXCN- zNNP)skJZ4O#$-&?^O<@gu5eMbqgJi(nwv=KPEG=gzeC?BiAnMDJ9*yW;jPxrPbm=` zqVtyTIKgq)qaR zKK6SLLs*ZORg9jix+c(R>2`-?CrPlpTow5M)U#n=!BYuy61Hw4Ws9WevDGP6z}hQm zsbXqvXR?YyYI$-%mC3CF7MiZ0l&Y_S=tQ}S08a2`0W~iaaQj2esTX-YNZg#?KPaLm zaVcI7nfa|rilVw6vkG6lmo7X0(v~v@HDyHtT}G~pm&)+d=0I?8wQsH$; z&6sr}GV-Y2x`Mr5$Q+%(3)U{?Jl8|KCst)xNX4?@OdXlgpq4Z;#VLU!$XH#vDd3a@ zM39U3WF%k?nt^iW#B}$Zi#&Qlc61xNnV4tQxh?2L8^n4L7SZldjCDMl)+v4m1Jr)PJus;Cb1qo^Y6%kY>DBh{TNWau-r5GzkNXMa{Qn&fD=r6|+V#pT>@ z_pz|S38AJB5n!^=qaS&lkkIUXoHf_@jlLnc*H-j&L2Hg&QppCw>Sc)KVtSzDjc{xY zhkuS81$AYnB>H}a_afzxbba0PjCOmRy6gZcMS%{>Nma!?UX4z$RSD*qd=-8aRHb<) z1{CexKJfbY3W9N;f^m~2ls)0In^GX7PBR@R$#hF84xZh{SNh^d_V(+Oi%;bwH&^+% zGiB!DIx5b;yr5jwQp81CIE!Qx369;?3}VX)YF~Y&I8Xc5a-%;IAuC90gw)y@TG$Kv z3ueUZxTYa@#dK*D#1t&J*TTl9gyz>IjK(T$3LH4m`to>uwa6Ez8+#1 zz%wr1+ib8nlt=RIxvD;(+eo0x(ia6FD~1HE1v$&0lL|;6>lLsCex#6E2_lp#Tzx@5SdtOs--(ri zXO+GVEs*Taw!z4%KL~cJNw<|{L6>gC{L;h$!j;O*P)&}jBx&20p-}!HAitcQ1qp8p z2lnDJqsrvfJ#zzX02>Fg^3b`F@P!dN0kF zGO$9~-2z&Spm^C%aC&vQLLpLo1Fs{d+OxsdQSG;WI>wR1p}mwgJmCS#&*&QnJ&0 zh5K{;gGrGmxaydFq&u_;N3R;#CkVy`Tk zKY>l4O&WB9DUH=xH|Vl2>MiQ5R7h~BXdmGy^@vzmO`}v0Jx|!OmCRJHS*#{^ugOz{ zf-4d0)jj;8t^xSuYe8fd7f^q-hw3sj8znJe%g$r$Yhsk1x6vi4=?HNLjqK%Wb1xIs z5Fzd13e0|=h`~Tr|0_P~(L%HQ6t<))COvE8=d-CT(#2uoi@AA4DiTEYly{?IrRJR6 z`c1Aj;Rn}ATlB2?Xs0k!YieAI{490cil)U2jj<9hf)RgbY(_8lXD3djK#Yg(5 zqZ3kM1V;kD^ezF51-dFz+1uw^=2YqHlhrtzj}O2KX~Yq5hh-&myx{Q~PUH9}d4IW8^& zEyH_-=98F3m+j4vvACew(SvpI9oslv#g;FemP+reh2r4z*cAk{-||k<%JCOBqBX=c z=G({lvdEcHj}D{8$Sc^KS6CLg5!T==eBdOWYj|xvljM>fQB%6%)$FW^P=-ilQUz~d zq&{Q8)W?pu2bZi`(}DKR&IB5L;5<93=Z+O&8>AgOe((!IQ(Yt}MqgC7NU}Jmru&!X zgdV2dq7U+v9uKp1wwjcm2E~~jlN%@%(qWdqGBVVxpy7kGW>A#E;uf#Rvr4}rSSf{C z@;XdB;_5iXRan_~d%NG$U=u4n@uHP8?O2o2DwO6F^ka+}wdW2lS4x}=qZZy#m#s{g zFUB$|*Ukp`%{4?la%-E{Fc2D1+8p1I&M10;tTFSFx?SG+Ea9B)TFQGK7A@4+4F5UG zpo2DuvzZKU1kRi{Ko?uGVa_Y|6N<76E<~CRJYSk7MaJ?5jS6=^?Cj)~aI+l1cX!1U z%5-m*=U5<^fu6hdr}JXlwvMgl8}}m5`)1aVyW)++J4$W~^|ANZN+ zOn1TJ>S9hLl{%`8K8_CXD>O;j2STvydvU~+@+qjx=GsmZL6SDj1%Fq#L>IK!B4V=X zeW=~^`06&4c}n|!=^MMMeZ``>AnG;G;!`NCh7j+U2OA)B>jxq=FRdYk@$9Cz_s)Q_ z_c8*&=T+f*dXKsIre;&tUM14|jdiG0H{EJ69kKKE3CsGgX>fZgbqos@fU*Vh>K>DA zcW)()39RvV=p~A{edKiKA$E%{=P|pLexZ#cp%OjsyZ=Sk&%^m63hl5mzU@Ib70s-t z2TYv#p;E+yjT=UBLHlLBrw8dKj?6cU5OQa}wuZOpZkHa7NtO7c7U{VykcT$h3twvE zD2+-pV(_5}`qC|c_q|wa5f-iH{N}V@X*3OueXaY3wP$K|Vvm<+lApl8*^La<$4lhD z06Q)3J9c;)(8t>Bfi)moPh&j=a-r0QexspMKhWLJ-W%#-Uh6RWW>|wjJ}n^+-i}if zOc1df5eY^ZI#myBP?TdAnM1IiOk$C4a;?dkU}YqP+kP36>>4x5G1a`Q1GSl@}t%N=7G)x4Hd7>ZH7L$f$719OKNnqIHQO6`)C z+1(!e`O0iG&*q`Ljk=fHGibX2JyH>@G8RCk=oe#RB*hx^uUt1taw+F)KQXtWR$ z)2dI$8XwWxX3To|3zXByh}M_IFvo;O78u^#eVR17{#Ee$4sm%Lldmk;)4Z^bYm5R@ zM%z1mY!XRf%XSx&2vL#wg7fZSEj7qGJVr0eGU;kDc8^>*(Od%*0(&WJmFo%#>=)L) zI8WA)@Yv?1I7G~XNUtRs%O3gSIJRZIOL0Tpy>1|j!b`j7Vm-!9aay>5F1coVr}@?Z zpTC{B8GHK!@yWV7^TchVu(eUJ|$%!MLj2fEZDWE)955D;g)A+?R17KkTQ`dx9 z?M%*a(fHc2+UpxEgF5|cJcJPIGEoGfWRUvzYl>$J>3rGl*6h9OVipbZjEnrKUo#!v zI|Fa9H@qg()WLZm-0c)ELRVIC*4D9UlDe7ta!f3=-WRe~cm?hTK6Ugqy+bJ8u)>2Z z`a{*OF!Ofee!R=ot`?^u1AWOFc%w0E*>3bnhQ$DgM}$ogMFEZNhHCAWrT--aZ#opj zE^P2Q@fn0^voCi=&3prqvt7p>m#w9oWi>Jk8T-e0{=L%+EW=~t6GaqS>&lpb?%u!_ z-qpfBq*N->dy?9d&d=AzN#YtfY%%TI80EXy3@5HvZap;*>xY2jBuFS`CRxr~1Rx;I z7eDT+uN_1r0VhiTZt#F#wgz@q4z_v*b~Mfw=1nTHR%3KX9-GRz?z36deofEY;uUIM z5Xw+i;~0lqx=B)_%uNsSX240~<=JRlqL4#YwOk`Wlq34kbqlW^l1}TT1IU7dYzcdIC zG{}ylP~ToYn^&GEgxYS5sT_@3@U}M#Lwh&(-e;}g;t)RfgM{mm37ce2^u*VjzN-yv z4>;1Ol`W3C#Lvzk7;7U2w#gyFXBSw0nRBz}W(@UQz(gy?40jgh0p4GFpHmp%ya~Dr z=+u}hQtE)uv89oRku@M5LSk_DSCZ9#GyH7S_l{$gJWm8>yAJWN`cTO2h5EPq>%z*| zP4-aWDxue#t9s$waC9^<`6>ky8iv_|8+6p7^9EMy>bI0dgRJf_B>@akATgx=jL-U& zP-{XSlK4QCjbChvKU0G3tY(J2K#dzT3l`j%N$w~RG=q(`=oVVV`8~68eZoSC6rd{UVp9 z#&wY8EZ}41V8W~smMUINYnbA=v#{i181m%uxXD&eNDiJ|j|6)r`?ER!E2v^3&BV(&_kkzZ z-3@f5@ekYXK48bL`gjUgRa{QXP*~V|r(Xr?-3rxMBX#qNka`WQu!cN(J z)?2yqAb!*JBma1|aIKjp%F_D^9>te?%MlmdxptULbEsyoZheO|XcxfdtPbvI9~CiK z=_7;`;EXrx``f0#AZS2nKu}OnK#x}-ej1F3B7m#QBTOK`zXEim?-V<*4~+V=){MD>Rj1|a!wDnE8Z0f495Jcm6a0Rl>f1O@_( z?T6O=V>bao89^xlK`DMwLHVCaR8_6|Ss(%dX;A?IA^kuA2j2V@CRenBaD!Jm5v z7=l6h1A3(b{s4&l(DFHd=q)9!0OHWret`XV|Nr~(=qUecEND+?84LbE3-Bc~wY9l}k;zk`d>oDc#Gwa2 zU?c$mu_kyzq3FL*c>FBd($MPX;XD${(7l_Y1`tyL5PQlRm++6n`6Kax-^#+;$`VkT z<9iJ7SF8af;)hl(@<(FDU-fvpp4W`TQ|7m7_lOiDV06_TH zX?dic1t$S>3{YNmfVKe)*$*w*?(dEFk9oJU{R4&QQNMM*S1SB-z|*J@EGxh|_<{og zJ#}Lb4*vx3&r#B_UVY&N1ymLSOdS0WOaTFnJO4eDe@WG^1f1n5i)bY1zipu|63*>(?x4$y-s1^Mdii!Jx)sTV) z0s@%JA6kj$-(}=i&_}!Sca?oAsX~I$NWd?#D9nRS+b~~OwC&2--K~wrlXUWq5nm| zz~oo#Uj55YKUMYDNxw;2=?{p13)`<#_A@UOPk1@}__qP+>7Fq1D75@Z_l>mx^Pvgw z6&z3KiYEUKU3pmvSqB4Kz^CTFj{gy7=To944`9MX0SW>Let&4jnZJXh#7s~38&maE zd{MH02g>5RzXeo@{aHV7D$BMj07~u+@FEgFZ~_G6@Xr85^#T4IkOA?i>-^>hI+lOt z5g%vqwZ05%A|SFCWCq0YPmt3~{}F3HBL8<~`YtHa9a-dnB=}Ci#_K6`P1iqymNPIi zv9q`R&h%eHqfc*?7eN65#UcM}&DF;K5wxP@<4pf|(7#qV*ZIE<%J8egWpXnGUY5uVx%=f%Ix0^?H_9^;%PSC7DZKrjG<3IxRUL<&cLi!Q&pj)}#8 zjg}vUPI^^ZOAatuj)2J$c!I>S`8yo^;8q2l^$fm$6Y;B^dgN{U6naV%AZO-;KRfaJ zt=~cXL%0B;^rNKd>ew0Z+ZsHUocjse z#oQyA>3`g#)C0D3PYrb|&hG)*nLL_kQGIJkz@dcxqw)Cfv-^lFrcRrT3ou#i08tWq zvY@XC|NlY$mE%W2+V}Xtu>}w!D}bebs+!{zzk>^K=YT!P_Z;g#ap;d6PS&TA{J9+? zq5T~sC1%Fov17DPCbNg`cc63up7j@JzA|#|G7Am_WC+-hKMjD$=zp8|cZ>Gx$~?}O zB;R`mSb)BT0QBwY%9yhLHjaRaj=6!}ztZ1-4o?~?qkM({Mso%r2TzUW68mo>N$OZz z8|d@e+XG(mbFeq~mA9XLFCyx)i3=SO6>323R4f|F8h~^-cMAx%ii*cr^Y1Jfa`|`sdi$T6cwSV1R%I z0Vn!=Pq0hX{@<{F#rt{1p2o=U41NdC;?H8_$H}~KT<+d|bT0t&tMr7S)qe)SZ>(c( zZeVF-0N7^OJ$}>p*CE{F7zF8SIOvIifFe|XHo~$d|A@&yBS(#|1B!JGHL>FzyIo zT;U0LTFyTLmoxa)@&8NW|F>Q}byef}zcYgGdGS9R_Nw?Bl}`ZnfBW|8wMDr|@wRr%xJhpa2Uv2H0Wq z{(uAoL{<9RSbzomekT9;iNUXMKU>15o21ODzYWLq>n4e$9+n^P|Lg4PLZS+yuvl4! z6bM?Wg$5>(B$Wy(gsv&tn*T~9lBT!Za&_5U($LD-3dEPNP%L_=haM{OAzE3Kw7{}V z7Agsi5`xGV1EG8nv2S+KopX0~y>r(WpXR&YIcLuKX6D{AsKE1BDABsLEH!RmCB_V9 zET~u#D>3_^41>y)Wc^Ak!6^eJRAL|6KV}#ZU`OEmOyc;P@`HOm1a>DaU%#^?S>jw+ zc#n|ohmYtMaq6%%6%Nf{YN|Ii`8gr@+icJ12gPB`;2c8H_DUZpo5nV?V$HHx#5~{3 zw5{v{$0)=hJrKVBS{l-ujD5jaD2Ais?qPr#0G3VoZ5fjWD{XF60s%5Fe&3K+dk_Zw z?33}Ij7tNSSv-EsX|lTmq)@9iS6DjYg#H~=vN4CnzVMhWXE>fQYg07ET{k-oR&fID?mph z;$x?=LDhqEKDq*rp3w!MQT*-LU7cgWT5?;w8rS?s7p}*S0YxX9dQV3>V&|}W7)H%B zlBrj*q6^m>huSwvspN4)1WUxDQ1Up&4+Ul77-|x|>ZunaBc%t=H8m;*2%UPjD-AZ2 z_~@BgGsTsDw+jN~7c5Fe$Yh)}?&^M(9ue~PfMz)Kz~B`lqp{?8nGg!oZO5wyG&#j3 z%8a|pz%9Z3z23k8_or9oUBdeL3zh&hf!xcM0Sv5qSmr+w(mjfe6Tv=ud!7tZC3=Uf zZPxmxcy+F#5x(cR43tpyY@DqOUjUD5u$qC)+Yb4`vurI5m$RGem3;PoQC%ahPFIIS zQ{2$$Fw`p(@Tea6Q6NpmP+W!{(`PZS#9)1=Mt;5nxf{>~RPUU`-m}J9g}8QG&hy#} zdeU2!7BN2-7hy5c#|ptO$)_Iolt@Ds)xx0V%@>p=F`zm+Xgw}1mjP7QV>X?f`S+9S zkp2>*)RK5WdhE5>5Y}Xdmh{XXycx;K3%B+0t*JunQ+I+^815R3ErB9bo7 z>jU5%wXVj9bA=igQ59QJ6)AX9mo9cWc+0n?*mkDTbg@CP`qvrEiTqvkC4~8-JG#J) zN?U*?*6O^;-?RTKZ{G`DkD%pV z5&j{V`}v0E)cvy#eGd`viUb~>*?{i>NcVJ)4(Wnlr-wR^uTCsfgLI9{;0skY-;RyS z#5wuFMO_DZHq4rQcPT1DzD-E8aZegoWW%BAA1Y6L5<*Wc5 literal 0 HcmV?d00001 diff --git a/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql new file mode 100644 index 00000000..596e0485 --- /dev/null +++ b/modules/migration/migration-iot_3.1.0-to-iot-3.3.1/ios-migration.sql @@ -0,0 +1,43 @@ +-- ----------------------------------------------------- +-- Table `IOS_DEP_PROFILE` +-- ----------------------------------------------------- +CREATE TABLE IOS_DEP_PROFILE ( + ID INT NOT NULL AUTO_INCREMENT, + UUID VARCHAR(100) DEFAULT NULL, + PROFILE_NAME VARCHAR(200) DEFAULT NULL, + TENANT_DOMAIN VARCHAR(255) NOT NULL, + PROFILE_CONTENT Text DEFAULT NULL, + UNIQUE (UUID), + PRIMARY KEY (ID) +); + +-- ----------------------------------------------------- +-- Table `IOS_PRE_ENROLLED_DEVICE` +-- ----------------------------------------------------- +CREATE TABLE IOS_PRE_ENROLLED_DEVICE ( + ID INT NOT NULL AUTO_INCREMENT, + SERIAL VARCHAR(45) DEFAULT NULL, + DEVICE_IDENTIFIER VARCHAR(45) DEFAULT NULL, + USERNAME VARCHAR(255), + TENANT_DOMAIN VARCHAR(255) NOT NULL, + STATUS VARCHAR(100) DEFAULT NULL, + DEP_PROFILE_ID INT DEFAULT NULL, + PROFILE_ASSIGN_TIME TIMESTAMP NULL, + PROFILE_PUSH_TIME TIMESTAMP NULL, + DEVICE_ASSIGNED_TIME TIMESTAMP NULL, + DEVICE_ASSIGNED_BY VARCHAR(100) DEFAULT NULL, + NEED_BASIC_AUTH INT DEFAULT 0, + IS_AGENT_REQUIRED INT DEFAULT 0, + OS VARCHAR(45) DEFAULT NULL, + DEVICE_FAMILY VARCHAR(45) DEFAULT NULL, + DEVICE_MODEL VARCHAR(45) DEFAULT NULL, + DESCRIPTION VARCHAR(200) DEFAULT NULL, + COLOR VARCHAR(200) DEFAULT NULL, + UNIQUE (SERIAL), + PRIMARY KEY (ID), + CONSTRAINT fk_IOS_PRE_ENROLLED_DEVICE_IOS_DEP_PROFILE + FOREIGN KEY (DEP_PROFILE_ID) + REFERENCES IOS_DEP_PROFILE (ID) + ON DELETE NO ACTION + ON UPDATE NO ACTION +); \ No newline at end of file