Merge remote-tracking branch 'origin/production' into test

.devcontainer/devcontainer.json

-// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
-// https://github.com/microsoft/vscode-dev-containers/tree/v0.140.1/containers/puppet
 {
 	"name": "Puppet Development Kit (Community)",
 	"dockerFile": "Dockerfile",
 
-	// Set *default* container specific settings.json values on container create.
 	"settings": {
-		"terminal.integrated.shell.linux": "/bin/bash"
+		"terminal.integrated.profiles.linux": {
+			"bash": {
+				"path": "bash",
+			}
+		}
 	},
 
-	// Add the IDs of extensions you want installed when the container is created.
 	"extensions": [
 		"puppet.puppet-vscode",
 		"rebornix.Ruby"
 	]
-
-	// Use 'forwardPorts' to make a list of ports inside the container available locally.
-	// "forwardPorts": [],
-
-	// Use 'postCreateCommand' to run commands after the container is created.
-	// "postCreateCommand": "pdk --version",
 }

.rubocop.yml

@@ -4,7 +4,7 @@ require:
 - rubocop-rspec
 AllCops:
   DisplayCopNames: true
-  TargetRubyVersion: '2.4'
+  TargetRubyVersion: '2.5'
   Include:
   - "**/*.rb"
   Exclude:

Gemfile

@@ -13,28 +13,39 @@ def location_for(place_or_version, fake_version = nil)
   end
 end
 
-ruby_version_segments = Gem::Version.new(RUBY_VERSION.dup).segments
-minor_version = ruby_version_segments[0..1].join('.')
-
 group :development do
-  gem "json", '= 2.0.4',                                         require: false if Gem::Requirement.create('~> 2.4.2').satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-  gem "json", '= 2.1.0',                                         require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-  gem "json", '= 2.3.0',                                         require: false if Gem::Requirement.create(['>= 2.7.0', '< 2.8.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
-  gem "puppet-module-posix-default-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-  gem "puppet-module-posix-dev-r#{minor_version}", '~> 1.0',     require: false, platforms: [:ruby]
-  gem "puppet-module-win-default-r#{minor_version}", '~> 1.0',   require: false, platforms: [:mswin, :mingw, :x64_mingw]
-  gem "puppet-module-win-dev-r#{minor_version}", '~> 1.0',       require: false, platforms: [:mswin, :mingw, :x64_mingw]
-  gem "puppet-lint-absolute_classname-check", '3.0.1',           require: false
-  gem "puppet-lint-absolute_template_path", '1.0.1',             require: false
-  gem "puppet-lint-empty_trailing_lines", '0.0.1',               require: false
-  gem "puppet-lint-file_ensure-check", '1.0.0',                  require: false
-  gem "puppet-lint-strict_indent-check", '2.0.8',                require: false
-  gem "puppet-lint-trailing_comma-check", '0.4.2',               require: false
-  gem "puppet-lint-unquoted_string-check", '2.1.0',              require: false
+  gem "json", '= 2.1.0',                                  require: false if Gem::Requirement.create(['>= 2.5.0', '< 2.7.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+  gem "json", '= 2.3.0',                                  require: false if Gem::Requirement.create(['>= 2.7.0', '< 3.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+  gem "json", '= 2.5.1',                                  require: false if Gem::Requirement.create(['>= 3.0.0', '< 3.0.5']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+  gem "json", '= 2.6.1',                                  require: false if Gem::Requirement.create(['>= 3.1.0', '< 3.1.3']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+  gem "json", '= 2.6.3',                                  require: false if Gem::Requirement.create(['>= 3.2.0', '< 4.0.0']).satisfied_by?(Gem::Version.new(RUBY_VERSION.dup))
+  gem "voxpupuli-puppet-lint-plugins", '~> 3.1',          require: false
+  gem "facterdb", '~> 1.18',                              require: false
+  gem "metadata-json-lint", '>= 2.0.2', '< 4.0.0',        require: false
+  gem "puppetlabs_spec_helper", '>= 3.0.0', '< 5.0.0',    require: false
+  gem "rspec-puppet-facts", '~> 2.0',                     require: false
+  gem "codecov", '~> 0.2',                                require: false
+  gem "dependency_checker", '~> 0.2',                     require: false
+  gem "parallel_tests", '~> 3.4',                         require: false
+  gem "pry", '~> 0.10',                                   require: false
+  gem "simplecov-console", '~> 0.5',                      require: false
+  gem "puppet-debugger", '~> 1.0',                        require: false
+  gem "rubocop", '= 1.6.1',                               require: false
+  gem "rubocop-performance", '= 1.9.1',                   require: false
+  gem "rubocop-rspec", '= 2.0.1',                         require: false
+  gem "rb-readline", '= 0.5.5',                           require: false, platforms: [:mswin, :mingw, :x64_mingw]
+  gem "concurrent-ruby", '< 1.2.0',                       require: false
+  gem "puppet-lint-absolute_classname-check", '>= 3.0.1', require: false
+  gem "puppet-lint-absolute_template_path", '>= 1.0.1',   require: false
+  gem "puppet-lint-empty_trailing_lines", '>= 0.0.1',     require: false
+  gem "puppet-lint-file_ensure-check", '>= 1.0.0',        require: false
+  gem "puppet-lint-strict_indent-check", '>= 2.0.8',      require: false
+  gem "puppet-lint-trailing_comma-check", '>= 0.4.3',     require: false
+  gem "puppet-lint-unquoted_string-check", '>= 2.1.0',    require: false
 end
 group :system_tests do
-  gem "puppet-module-posix-system-r#{minor_version}", '~> 1.0', require: false, platforms: [:ruby]
-  gem "puppet-module-win-system-r#{minor_version}", '~> 1.0',   require: false, platforms: [:mswin, :mingw, :x64_mingw]
+  gem "puppet_litmus", '< 1.0.0', require: false, platforms: [:ruby]
+  gem "serverspec", '~> 2.41',    require: false
 end
 
 puppet_version = ENV['PUPPET_GEM_VERSION']

Rakefile

@@ -43,6 +43,7 @@ end
 
 PuppetLint.configuration.send('disable_relative')
 
+
 if Bundler.rubygems.find_name('github_changelog_generator').any?
   GitHubChangelogGenerator::RakeTask.new :changelog do |config|
     raise "Set CHANGELOG_GITHUB_TOKEN environment variable eg 'export CHANGELOG_GITHUB_TOKEN=valid_token_here'" if Rake.application.top_level_tasks.include? "changelog" and ENV['CHANGELOG_GITHUB_TOKEN'].nil?

data/common.yaml

@@ -25,3 +25,15 @@ aes::auth::keytab_devel: >
   6BI72YBgvod9N9z6P2iH0gFVVazciWTHVNcL4qZN4UHGDeBu5MH1wvTBZPpC
   IcAIbgvoQbriFHLJiL9HIWl6GSe6I/jp9n5veEkhHdT3M0nEEc0hbKWBaELj
   gTDWfQoET9V1Lrtv]
+
+aes::tal_cli::credentials: >
+  ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBAD
+  AFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAii6nHpFM6+6aPuw1Qnawf77K7f
+  C5I+XqUJJBFxdiKq1VKDlcM3mme+MlB6cR7+GYYN1VRc7bQSTbmA80bdryBQ
+  zutD8KOvNWDytmdZhnDiboQEqSyuabdHjTlWRRONcENgMni5Vobmkr45JNDT
+  5PQcTdVAP9z7K0+1tcHnQFhQczkW3iBhSq47awLNQQA4EXzQRNvSbF+DogBT
+  2H62DEufNsn0Ca537PcAccRGILqJ1xS3i5h3SG0+dizx3XW1OxPXhmP+OXa/
+  /5BIgbJGSRen3BYEgQw1uXgIaQbmXa9gRWw8e9GS8eDYwXtkygTsSDyXATt2
+  VFwo8lT/XfMs2sczBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCOn8Yp6O
+  diU5v1PVARi1m6gCAqYcAytahjgq8Prbq9bwqHAvw8XyNek07WiXM3WNj8VA
+  ==]

files/squid/helpers/rules.d/cplusplus.rules

@@ -18,3 +18,10 @@
 ^https?://en\.cppreference\.com/w/cpp/.*             true
 ^https?://en\.cppreference\.com/mwiki/index.php\?.*  true
 ^https?://en\.cppreference\.com/mwiki/load.php\?.*   true
+
+// cppreference duckgogo.com search
+^https?://duckduckgo\.com/\?sites=cppreference.com&q=.* true
+^https?://duckduckgo\.com/.*\.woff2                     true
+^https?://duckduckgo\.com/.*\.css                       true
+^https?://duckduckgo\.com/.*\.js                        true
+^https?://duckduckgo\.com/.*\.js\?.=.*                  true

files/squid/helpers/rules.d/java.rules

 // Java API reference 
 ^https?://docs\.oracle\.com/javase/7/docs/api/.*  true
+^https?://docs\.oracle\.com/en/java/javase/11/docs/api/.*  true
+^https?://docs\.oracle\.com/en/dcommon/js/.*\.js true
+^https?://www\.oracleimg\.com/us/assets/metrics/ora_docs\.js true
+^https?://docs\.oracle\.com/favicon\.ico true
 
 // Ahmed Java API reference
 ^https?://www\.ida\.liu\.se/~TDDC77/extra/api-7/.*  true
+
+// TDDC77 mars-2022
+^https?://docs\.oracle\.com/en/java/javase/[0-9][0-9]*/docs/api/.* true

files/squid/helpers/rules.d/opendsa.rules

@@ -19,3 +19,8 @@
 ^https?://code\.jquery\.com/ui/.*/jquery-ui.js$                       true
 ^https?://code\.jquery\.com/ui/.*/jquery-ui.min.js$                   true
 ^https?://d3js.org/d3-selection-multi.v1.min.js                       true
+
+// TDDD86
+^https?://www\.ida\.liu\.se/opendsa/Books/TDDD86F21/.* true
+^https?://www\.ida\.liu\.se/opendsa/.*                 true
+^https://fs\.liu\.se/adfs/.*                           false

files/squid/helpers/rules.d/python.rules

-// extra for TDDE24 2020-01-17
-^https?://docs\.python\.org/3(\.[0-9]{1,2})?/library/itertools.*   false
+// extra for TDDE24 2020-01-17 until 2022-02-15
+// ^https?://docs\.python\.org/3(\.[0-9]{1,2})?/library/itertools.*   false
 
 // Python library reference
 ^https?://docs\.python\.org/3(\.[0-9]{1,2})?/library/.*            true
@@ -11,3 +11,17 @@
 ^https?://docs\.python\.org/3(\.[0-9]{1,2})?/.*          true
 ^https?://docs\.python\.org/3(\.[0-9]{1,2})?/reference/.*          true
 ^https?://docs\.python\.org/3(\.[0-9]{1,2})?/genindex(-[A-Za-z0-9_]+)?\.html        true
+
+// extra for 732A80 2021-10-26
+^https?://numpy\.org/doc/stable/reference/.* true
+^https?://numpy\.org/doc/stable/_static/.* true
+^https?://numpy\.org/doc/stable/search.* true
+^https?://numpy\.org/doc/_static/.* true
+^https?://fonts.gstatic.com/s/.* true
+^https?://www\.tensorflow\.org/api_docs/python/.* true
+^https?://www\.tensorflow\.org/images/.* true
+
+// extra for 732A80 2022-02-16
+^https?://docs\.scipy\.org/doc/scipy/reference/.* true
+^https?://docs\.scipy\.org/doc/scipy/_static/.* true
+^https?://img\.shields\.io/badge/release-1.8.0-980F0F?style=for-the-badge true

files/squid/helpers/rules.d/rstudio.rules

@@ -6,18 +6,28 @@
 
 // ^https?://cran\.rstudio\.com/src/contrib/.*           true
 
+// 732G12
+^https?://repo\.anaconda\.com/.*  true
+^https?://conda\.anaconda\.com/.*  true
+^https?://storage\.googleapis\.com/tensorflow/.*  true
+
 // 732A51
-^https://bioconductor\.org/packages/.*  true
-^https://bioconductor\.org/biocLite\.R  true
+^https?://bioconductor\.org/packages/.*  true
+^https?://bioconductor\.org/biocLite\.R  true
 
 // 732G33
 ^https?://raw\.githubusercontent\.com/STIMALiU/KursRprgm/master/Labs/Tests/.* true
 
 // 732GA98
-^https?://plot\.ly/r/reference.*                       true
-^https?://ggplot2\.tidyverse\.org/.*                    true
+^https?://plot\.ly/r/reference.*                        true
+^https?://plotly\.com/r/reference/.*		        true
+^https?://plotly\.com/all_static/.*		        true
+^https?://ggplot2\.tidyverse\.org/.*		        true
 ^https?://shiny\.rstudio\.com/reference/shiny/.*        true
 ^https?://www\.jasondavies\.com/wordtree/.*             true
+^https?://www\.ida\.liu\.se/~732A98/.*			true
+^https?://www\.gpsvisualizer\.com/atlas\.html          false
+^https?://www\.gpsvisualizer\.com/.*                    true
 
 // For plot.ly
 ^https?://ajax\.googleapis\.com/ajax/libs/.*\.js         true

files/squid/helpers/rules.d/translate.rules

 // google translate
 
 ^https?://translate\.google\.se/.*      true
-^https?://consent\.google\.se/.*        true
+^https?://translate\.google\.com/.*	true
 
 ^https?://ssl\.gstatic\.com/.*          true
 
@@ -10,3 +10,6 @@
 ^https?://accounts\.google\.com/.*      false
 
 ^https?://fonts\.googleapis\.com/.*     true
+
+^https?://consent\.google\.se/.* 	true
+^https?://consent\.youtube\.com/.* 	true

files/sudoers_aes

 klaar36 ALL=(ALL) NOPASSWD: ALL
 filst04 ALL=(ALL) NOPASSWD: ALL
 
-User_Alias EXAM_ADMINS = torjo38, klaar36, vikol94, magni54, filst04
-Runas_Alias EXAM_USER = examadm, %examadm, opendsa, %opendsa
+User_Alias EXAM_ADMINS = torjo38, klaar36, vikol94, magni54, filst04, emmen85
+Runas_Alias EXAM_USER = examadm, %examadm, opendsa, %opendsa, squid, %squid
 
 Cmnd_Alias SERVICE_CMDS = /usr/bin/systemctl, /usr/bin/less
 

files/tal/on_update.sh

+#!/usr/bin/bash
+
+cd source
+
+python3 -m pip install --user -r scripts/requirements.txt
+
+sed -i 's|url = \.\./database|url = https://oauth2:glpat-WeW_ytbQ83JMs2UnQmhe@gitlab.liu.se/upp-aes/database|' .gitmodules
+git submodule update --init
+git checkout .gitmodules
+
+make
+
+cd ..
+ln -s source/oracle oracle
+cp source/tal tal

files/tal/tal-cli

+#!/usr/bin/bash
+
+exec sudo -u examadm /home/examadm/tal-cli/source/scripts/tal-cli.py "$@"

files/tal/tal-export

+#!/usr/bin/bash
+
+exec sudo -u examadm /home/examadm/tal-cli/source/scripts/tal-export.py "$@"

manifests/aes_sw.pp

 class aes::aes_sw {
-
   $examadm_user = examadm
   $examadm_group = $examadm_user
   $examadm_home = "/home/${examadm_user}"
@@ -18,7 +17,7 @@ class aes::aes_sw {
     managehome => false,
     membership => inclusive,
     system     => true,
-    shell      => '/sbin/nologin',
+    shell      => '/bin/bash',
   }
 
   file { $examadm_home:
@@ -28,16 +27,34 @@ class aes::aes_sw {
     group  => $examadm_group,
   }
 
+  file { "${examadm_home}/.ssh":
+    ensure => directory,
+    mode   => '0700',
+    owner  => $examadm_user,
+    group  => $examadm_group,
+  }
+
+  file { "${examadm_home}/.ssh/authorized_keys":
+    ensure  => file,
+    mode    => '0600',
+    owner   => $examadm_user,
+    group   => $examadm_group,
+    content => @(SSHPUBKEY),
+      command="/home/examadm/tal-cli/source/scripts/tal-export.py --format ics --lookback 90 --lookahead 180",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJW4LP0av20r7lPXNgsftF9oaAXK41AvHyuHwybciZC/QBfTcmYif83563cTg0OzR/p+OSobiDM0odaaFYtP/8xbuVRz87X5bGYm2m8yHHqPxobHkT5g/faMkl9Fef+Al4EsT5tiaYMOhG2lj8XRYuwAb7qjoz3FFbs8TEPE7Sv+4BUCCH94taCuNYLXSxN1EXvw7VW6Ld5QXRFP53l2QUeTqE9oSii3BVrXlqqrLvNV/7nwdwyse4uhff4QrM9o4oc9FaQr8PLlPGxdlbSfIQJMVzHGpeDu0WLw+NqtLO1hsdlvQm7GrT/v8N7GJNKlsvhwnwUuMhTrB0yPMbbub1 klaar36@upp
+      command="/home/examadm/tal-cli/source/scripts/tal-export.py --written --format ics --lookback 90 --lookahead 180",no-pty,no-user-rc,no-port-forwarding,no-agent-forwarding,no-X11-forwarding ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZ8aEAXw0tRcYrk1aqldepuC6tmdUYZuM270QdDF79o tal written exams to ics
+    | SSHPUBKEY
+  }
+
   file { '/etc/systemd/system/aes_login.service':
     ensure  => file,
     owner   => root,
     group   => root,
     mode    => '0644',
     content => @(LOGINSERVICE),
-    [Unit]
+          [Unit]
     Description=AES Login server
     After=network.target
-    
+
     [Service]
     Type=simple
     User=examadm
@@ -52,6 +69,7 @@ class aes::aes_sw {
   # todo: logrotate
   service { 'aes_login' :
     ensure => 'running',
+    enable => true,
   }
 
   file { '/etc/systemd/system/aes_ms.service':
@@ -60,10 +78,10 @@ class aes::aes_sw {
     group   => root,
     mode    => '0644',
     content => @(MSSERVICE),
-    [Unit]
+          [Unit]
     Description=AES Exam server
     After=network.target
-    
+
     [Service]
     Type=simple
     User=examadm
@@ -81,14 +99,26 @@ class aes::aes_sw {
     group   => root,
     mode    => '0700',
     content => @(MSCRON),
-    #!/bin/sh
+          #!/bin/sh
     /usr/bin/systemctl restart aes_ms
     | MSCRON
   }
 
+  file { '/etc/cron.daily/aes_login':
+    ensure  => file,
+    owner   => root,
+    group   => root,
+    mode    => '0700',
+    content => @(MSCRON),
+          #!/bin/sh
+    /usr/bin/systemctl restart aes_login
+    | MSCRON
+  }
+
   # todo: logrotate
   service { 'aes_ms' :
     ensure => 'running',
+    enable => true,
   }
 
   exec { 'script-repo-updated':

manifests/auth.pp

-class aes::auth(
+class aes::auth (
   Optional[String] $keytab_production = undef,
   Optional[String] $keytab_devel = undef
 ) {
-
   $auth_user = auth
   $auth_group = $auth_user
   $auth_home = "/srv/${auth_user}"
@@ -47,7 +46,7 @@ class aes::auth(
     comment    => 'Authentication server for AES',
     managehome => false,
     membership => inclusive,
-    groups     => [ 'aes_local_auth' ],
+    groups     => ['aes_local_auth'],
     system     => true,
     shell      => '/sbin/nologin',
   }
@@ -110,7 +109,7 @@ class aes::auth(
 
   exec { 'update-auth-repo' :
     command     => "/opt/utils/update_repo.sh ${auth_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
-    environment => [ "REPO_USER=${auth_user}", "REPO_GROUP=${auth_group}", "REPO_ON_UPDATE=${auth_home}/on_update.sh" ],
+    environment => ["REPO_USER=${auth_user}", "REPO_GROUP=${auth_group}", "REPO_ON_UPDATE=${auth_home}/on_update.sh"],
     # This command will need to run "on_update" as root in order to restart the service.
     user        => root,
     group       => root,
@@ -120,5 +119,6 @@ class aes::auth(
 
   service { $auth_service :
     ensure => 'running',
+    enable => true,
   }
 }

manifests/auth_keydb.pp

 class aes::auth_keydb {
-
   $keydb_user = auth_keydb
   $keydb_group = $keydb_user
   $keydb_home = "/srv/${keydb_user}"
@@ -20,7 +19,7 @@ class aes::auth_keydb {
     comment    => 'Authentication server for AES',
     managehome => false,
     membership => inclusive,
-    groups     => [ 'aes_local_auth' ],
+    groups     => ['aes_local_auth'],
     system     => true,
     shell      => '/sbin/nologin',
   }
@@ -50,7 +49,7 @@ class aes::auth_keydb {
 
   exec { 'update-keydb-repo' :
     command     => "/opt/utils/update_repo.sh ${keydb_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
-    environment => [ "REPO_USER=${keydb_user}", "REPO_GROUP=${keydb_group}", "REPO_ON_UPDATE=${keydb_home}/on_update.sh" ],
+    environment => ["REPO_USER=${keydb_user}", "REPO_GROUP=${keydb_group}", "REPO_ON_UPDATE=${keydb_home}/on_update.sh"],
     # This command will need to run "on_update" as root in order to restart the service.
     user        => root,
     group       => root,
@@ -60,6 +59,7 @@ class aes::auth_keydb {
 
   service { $keydb_service :
     ensure => 'running',
+    enable => true,
   }
 
   # These are temporary until the AdmC database is up and running.
@@ -74,4 +74,5 @@ class aes::auth_keydb {
 
   service { 'aes_temp_userdb' :
     ensure => 'running',
-}}
+  }
\ No newline at end of file
+}

manifests/broker.pp

 class aes::broker {
-
   $broker_user = broker
   $broker_group = $broker_user
   $broker_home = "/srv/${broker_user}"
@@ -90,7 +89,7 @@ class aes::broker {
 
   exec { 'update-broker-repo' :
     command     => "/opt/utils/update_repo.sh ${broker_home}/src https://oauth2:F-agHaRXCdyFy38q4c-N@gitlab.liu.se/upp-aes/communication.git ${server_type}",
-    environment => [ "REPO_USER=${broker_user}", "REPO_GROUP=${broker_group}", "REPO_ON_UPDATE=${broker_home}/on_update.sh" ],
+    environment => ["REPO_USER=${broker_user}", "REPO_GROUP=${broker_group}", "REPO_ON_UPDATE=${broker_home}/on_update.sh"],
     # This command will need to run "on_update" as root in order to restart the service.
     user        => root,
     group       => root,
@@ -100,5 +99,6 @@ class aes::broker {
 
   service { $broker_service :
     ensure => 'running',
+    enable => true,
   }
 }

manifests/examfiles.pp

 class aes::examfiles {
-
   include users::micis03
   include users::jondy94
+  include users::andma54
+  include users::tomre48
 
   group { 'liuitdrs' :
     ensure    => present,
@@ -16,11 +17,18 @@ class aes::examfiles {
     groups +> liuitdrs,
   }
 
+  User <| title == andma54 |> {
+    groups +> liuitdrs,
+  }
+
+  User <| title == tomre48 |> {
+    groups +> liuitdrs,
+  }
+
   file { '/examfiles' :
     ensure => directory,
     mode   => '0775',
     owner  => root,
     group  => liuitdrs,
   }
-
 }