MZ@ !L!This program cannot be run in DOS mode. $j.dr.dr.drC9q*drC9v:dr.ds]erC9s7drC9w%drC9r/drC9{ drC9/drC9p/drRich.drPELQ[! p0 P  @A@ Zy81 .text `.dataP)$@.idata@@.didat@.rsrc@@.relocZ \ @B5(J JxJJJJJJJKK,K``0P``PP ;P;<<P з 0@`P0`@жPp Я@p0а``p@) *0+*+P0`pP де0@P@@г` 0 `0ppвPP 22 иP!!!!"@"p"""#0#`###$@$$$%@&&@''p(,,`-- .`../@///p0011@(`202 %%&''(0p11.Pp ЭPp  P`б0pз 0@`P0`@жPp Я@p0а``p@) *0+*+@P0`pP де0@P@@г` 0 `0ppвPP 22 PиP!!!!"@"p"""#0#`###$@$$$%@&&@''p(,,`-- .`../@///p0011@(`202 %%&''(0p11.0pPPЪP ;P;<<Ю`PP8P8P80p@P`p@@ `0++`0-@.p/3/P8P8P8P8P8P8P8@.P8P8P8P8P8P8P8@ ,P8P8P8P8P8P8P8@)P8P8P8P8P8P8P8@'P8P8P8P8P8P8P8@PP8P8P8P8P8P8P8@P8P8P8P8P8P8P8@p$3345805338000 0pPpp@  ``pepf`g @`@` P  pP @@`dpp^^^@^^_0_`____ `P```apaaa0bpbbb cpcc PP ` @  Н `P0P`@@`@ @Pp0@pp@`` P@ 0`  00p 0P  H0IJJK0L0M@N`OPPQ670@@ @P`@@0 00   p0P0`pP `pSR@p`@44`44 5P55556@6p67778P88P9::;;<p<<<0===>P>>>0?p??@P@@@0ApAA`EEEBF`GG0D89P::P;;GG`R  0pP`PP P`@@@0`@@pЅ0p`@ P@` P@ ` ` PЉ p`0  p@  0Y`@VV@VpVW0WWW`WW0XpX0P`@`P0ppp ` 0P   ` P@ pxy z@{`|}}~ll@lplm0m`mmqm npn0ooppppq0rrr0sps0tuuvpvvwPwx@xno0pp0qq 00 ` @ 0P @ p@0  @pЎ ``0` p@`0      pp``pP0н@@ ` @ p`0P p@@   У Pз0`и0 @.0 `@@ , `@@)P `@@'p @P@p    @ `@@p$ @! PP ` @ 0ЧP8P8P8P8P8P8P8@!`0p `00`0 p!`0P#$`0%&`0p( )Pp @``/"n Lm&d0`Km% cr@$bJ`l000b`r0@Ih`$_ q @ p@p@@@0 P``PЦ`pPТ@`pP0 `pPp0p`pPP`P`pP0`/00``pPp0`/00PPP0000P`pP0`/00PPP0`/00PPP0`/00PpPp``pP P00x0`/00P8P8PPP0`/00PPP`vwppp@PpP8%' $@ $#@  $"@ " @ `! @ @ `@  @ P8% 8SSSHSXShSxSSSTTTTTTTTU4U\UtUUUY$YS4YDYSTYdYStYYSYYSYSYYYSYZZSZ$ZS4ZSDZSTZSdZStZSZSZSZS,I̷H ,    P |@LhР4 p4ddlddy25@`P P.P @`Ё0` PП 0P `PЪp P ЭЮ0`Я 0@P`pа 0@P`pб 0@P`pв 0@P`pг 0@P`pд 0@P`pе 0@P`pж Pз0PиPp0@P`p@p  P!!!!"@"p"""#0#`###$@$$$ %%%@&&&'@'''(@(p(@) **0++,,`--. .`../@///p0001p11102`222`4444 5P55556@6p6677778P888P99:P:::;P;;;<p<<<0===>P>>>0?p??@P@@@0ApAAB0D`EEEFG`GGG H0IJJK0L0M@N`OPPQ`RRS@VpVVVW0W`WWWW0XpX0Y^@^p^^^_0_`____ `P```apaaa0bpbbb cpccdpepf`g@lplllm0m`mmm npnn0ooo0ppppp0qpqqq0rrr0sps0tuuvpvvwPwx@xpxy z@{`|}}~ P@` P@pЅ@ ` ` PЉ p0@pЎ`  ``@0p0У  Pз0`иp@н@ P pP0@p@p p@p0` P 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p   0 @ P ` p            0 @ `     @ `     @ `     @ `    @`@`@`@`@`@`@`@`@`@``0p @0P p!!P#$p$%&'p( ))++ ,-@..`/p////3@3P333344505`588;P;<<IJ`K L@P0UUUUPVWh`lmmoppqrP{Pp @` Н `0Ч@@@0p0@;?`F I_0bbcdnooppp q`rrsstPtЗpPpР `0p`  "`### $`$$%&`((((,@pA BB0DD0EEEEFFFG0G@HH0IPIpILMSTPTpTT@VVWa0aPa@ee`vw0x0p ```PpP0p Т@0ЦPP`p@@ 0@@ p0`p0P`pP@pPp@ ` @`  `!""# $$$%'`**,P.p035@5P888=>>>>>?? ?0?@?P?`?p?????????@@ @0@@@P@`@p@@@@A@ApAAAAAAAB0B@BPB`BpBBB`0`P`p`a astring too longinvalid string positionInvalid parameter passed to C runtime function. FFF+ _,d* _,d* _,d` 7 ʩWLDAP32.dllnetutils.dllDSROLE.dlldfscli.dlllogoncli.dllSecur32.dllMPR.dllSHLWAPI.dllbad allocationCLSIDAppIDSMDBValForceRemoveNoRemoveDeleteComponent CategoriesFileTypeInterfaceHardwareMimeSAMSECURITYSYSTEMSoftwareTypeLib#FSqlDatabase::SqlDatabase : Memory Allocation failed. SqlConnection::Reconnect() : Connect failed with 0x%08X. SqlConnection::Reconnect() : Connect succeeded. SqlConnection::Reconnect() : SQLAllocHandle failed with 0x%08X. SqlConnection::Reconnect() : BindParams failed with 0x%08X. SqlConnection::Reconnect() : BindResult failed with 0x%08X. SQLConnection::ReConnect(): Database::SwitchDatabase returned 0x%08X. SQLConnection::ReConnect(): m_pszDBName is NULL ! SqlConnection::NeedsReConnect(): returned 0x%08X. Microsoft SQL Server%u.%u.%u{?=CALL {CALL (?,)}odbc code %i, State %S, Message: %S DbServer::CreateDatabase(): ::new failed with 0x%08X.DbServer::CreateDatabase(): ExecStatement(%S) failed with 0x%08X. FILEcreate database [%s] alter database [%s] set recovery simple ???????????????????????????????????????????????? ???????  !"#??????  !"#?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????FF}PjItH D̩킛jO0EUwsB s % Oqln}^ERwFFF\Required CategoriesCLSID\\Implemented Categories.tlbFFFAPPIDModuleModule_RawREGISTRYHKCRHKCUHKLMHKUHKPDHKDDHKCCHKEY_CLASSES_ROOTHKEY_CURRENT_USERHKEY_LOCAL_MACHINEHKEY_USERSHKEY_PERFORMANCE_DATAHKEY_DYN_DATAHKEY_CURRENT_CONFIGAPI-MS-Win-Core-LocalRegistry-L1-1-0.dllRegDeleteKeyExWadvapi32.dllRegDeleteKeyW]:HpNܡMZ>o-\QKC<7̮wYW Ki0@:>2H2H%e&?NF[VH ciB*yMPsCpO@qOS}PjItH DsM; $1}dUZ O+_իvٙ%DXf%UPEz@^DAH[M̌^q}J. @Y'OKKm]O(ADSo:=_h]M'nS<}^ERw + H! HmF٤M_/}`" bA4]CjL iterator.lJ6mH2H%e&ٙ%DXf_h]M'nS<{'Mk~hjI|Cmj`^q}J. DXN6y?NF[VOV^aMDě^Nt^DAH[M̌̇$E.}VE@Y' bA4]C1}dUZ O+_իv HmF٤OKKm]OŕJ BljL[BSTR=%s],[I4=%d],[I2=%d],[other value],[other value]%s\%s%s%s calls myAzNewObject enumObject=%d %s leaves myAzNewObject: return HRESULT value=0x%lx %s calls myAzCreateObject bstrObjectName=%s %s leaves myAzCreateObject: return HRESULT value=0x%lx %s calls myAzDeleteObject bstrObjectName=%s %s leaves myAzDeleteObject: return HRESULT value=0x%lx %s calls myAzOpenObject bstrObjectName=%s %s leave myAzOpenObject: return HRESULT value=0x%lx %s calls myAzCloseObject bstrObjectName=%s %s leaves myAzCloseObject: return HRESULT value=0x%lx %s calls myAzNextObject Enumeration completed. %s leaves myAzNextObject: no more results. %s leaves myAzNextObject: return HRESULT value=0x%lx %s calls myAzGetProperty: lPropId=%d Can't DS bind. Will just return non-UPN names %s leaves myAzGetProperty: return HRESULT value=0x%lx pvarProp=%s %s leaves myAzGetProperty: return HRESULT value=0x%lx pvarProp=NULL %s calls %s: lPropId=%d pvarProp=%s %s calls %s: lPropId=%d pvarProp=NULL myAzSetProperty%s leaves myAzSetProperty: return HRESULT value=0x%lx myAzAddOrDeletePropertyItem%s leaves myAzAddOrDeletePropertyItem: return HRESULT value=0x%lx %s calls myGetBstrProperty: lPropId=%d %s leaves myGetBstrProperty: return HRESULT value=0x%lx pbstrProp=NULL %s leaves myGetBstrProperty: return HRESULT value=0x%lx *pbstrProp=%s %s calls mySetBstrProperty: lPropId=%d bstrProp=%s %s leaves mySetBstrProperty: return HRESULT value=0x%lx %s calls myGetLongProperty: lPropId=%d %s leaves myGetLongProperty: return HRESULT value=0x%lx plProp=NULL %s leaves myGetLongProperty: return HRESULT value=0x%lx *plProp=%d %s calls mySetLongProperty: lPropId=%d lProp=%d %s leaves mySetLongProperty: return HRESULT value=0x%lx %s calls myGetBoolProperty: lPropId=%d %s leaves myGetBoolProperty: return HRESULT value=0x%lx plProp=NULL %s leaves myGetBoolProperty: return HRESULT value=0x%lx *plProp=%d %s calls mySetBoolProperty: lPropId=%d fProp=%d %s leaves mySetBoolProperty: return HRESULT value=0x%lx CAzPrincipalLocator constructor called.Software\Microsoft\AzMan\ObjectPickerCAzPrincipalLocator::CAzPrincipalLocator, failed to query value for ObjectPicker CLSIDCAzPrincipalLocator::CAzPrincipalLocator, registered object picker doesn't implement IAzObjectPickerCAzPrincipalLocator::CAzPrincipalLocator, registered object picker doesn't implement IAzNameResolverCAzPrincipalLocator::CAzPrincipalLocator RegOpenKeyEx failed.CAzPrincipalLocator destructor called.Enter CAzPrincipalLocator::get_NameResolver Leave CAzPrincipalLocator::get_NameResolver: return HRESULT value=0x%lx Enter CAzPrincipalLocator::get_ObjectPicker Leave CAzPrincipalLocator::get_ObjectPicker: return HRESULT value=0x%lx CAzAuthorizationStore constructor called. CAzAuthorizationStore destructor called. CAzAuthorizationStore::get_DescriptionCAzAuthorizationStore::put_DescriptionCAzAuthorizationStore::get_ApplicationDataCAzAuthorizationStore::put_ApplicationDataCAzAuthorizationStore::get_DomainTimeoutCAzAuthorizationStore::put_DomainTimeoutCAzAuthorizationStore::get_ScriptEngineTimeoutCAzAuthorizationStore::put_ScriptEngineTimeoutCAzAuthorizationStore::get_MaxScriptEnginesCAzAuthorizationStore::put_MaxScriptEnginesCAzAuthorizationStore::get_GenerateAuditsCAzAuthorizationStore::put_GenerateAuditsCAzAuthorizationStore::get_WritableCAzAuthorizationStore::GetPropertyCAzAuthorizationStore::SetPropertyCAzAuthorizationStore::AddPropertyItemCAzAuthorizationStore::DeletePropertyItemCAzAuthorizationStore::get_PolicyAdministratorsCAzAuthorizationStore::get_PolicyAdministratorsNameCAzAuthorizationStore::get_PolicyReadersCAzAuthorizationStore::get_PolicyReadersNameCAzAuthorizationStore::AddPolicyAdministratorCAzAuthorizationStore::AddPolicyAdministratorNameCAzAuthorizationStore::DeletePolicyAdministratorCAzAuthorizationStore::DeletePolicyAdministratorNameCAzAuthorizationStore::AddPolicyReaderCAzAuthorizationStore::AddPolicyReaderNameCAzAuthorizationStore::DeletePolicyReaderCAzAuthorizationStore::DeletePolicyReaderNameCAzAuthorizationStore::get_TargetMachineEnter CAzAuthorizationStore::Initialize: lFlag=0x%lx bstrPolicyURL=[%s] Leave CAzAuthorizationStore::Initialize: return HRESULT value=0x%lx Enter CAzAuthorizationStore::IsUpdateNeeded Leave CAzAuthorizationStore::IsUpdateNeeded: return HRESULT value=0x%lx pbIsUpdateNeeded == NULL Leave CAzAuthorizationStore::IsUpdateNeeded: return HRESULT value=0x%lx *pbIsUpdateNeeded=%d Enter CAzAuthorizationStore::UpdateCache Leave CAzAuthorizationStore::UpdateCache: return HRESULT value=0x%lx Enter CAzAuthorizationStore::Delete Leave CAzAuthorizationStore::Delete: return HRESULT value=0x%lx CAzAuthorizationStore::get_ApplicationsCAzAuthorizationStore::OpenApplicationCAzAuthorizationStore::CloseApplicationCAzAuthorizationStore::CreateApplicationCAzAuthorizationStore::DeleteApplicationCAzAuthorizationStore::get_ApplicationGroupsCAzAuthorizationStore::CreateApplicationGroupCAzAuthorizationStore::OpenApplicationGroupCAzAuthorizationStore::DeleteApplicationGroupEnter CAzAuthorizationStore::Submit lFlags=%d Leave CAzAuthorizationStore::Submit: return HRESULT value=0x%lx CAzAuthorizationStore::get_DelegatedPolicyUsersCAzAuthorizationStore::get_DelegatedPolicyUsersNameCAzAuthorizationStore::AddDelegatedPolicyUserCAzAuthorizationStore::AddDelegatedPolicyUserNameCAzAuthorizationStore::DeleteDelegatedPolicyUserCAzAuthorizationStore::DeleteDelegatedPolicyUserNameCAzAuthorizationStore::put_ApplyStoreSaclCAzAuthorizationStore::get_ApplyStoreSaclCAzAuthorizationStore::OpenApplication2CAzAuthorizationStore::CreateApplication2CAzApplication constructor calledCAzApplication destructor calledEnter CAzApplication::_Init hHandle=0x%lx Leave CAzApplication::_Init: return HRESULT value=0x%lx CAzApplication::get_DescriptionCAzApplication::put_DescriptionCAzApplication::get_NameCAzApplication::put_NameCAzApplication::get_ApplicationDataCAzApplication::put_ApplicationDataCAzApplication::get_AuthzInterfaceClsidCAzApplication::put_AuthzInterfaceClsidCAzApplication::get_VersionCAzApplication::put_VersionCAzApplication::get_GenerateAuditsCAzApplication::put_GenerateAuditsCAzApplication::get_BizruleEnabledCAzApplication::get_ApplyStoreSaclCAzApplication::put_ApplyStoreSaclCAzApplication::get_WritableCAzApplication::GetPropertyCAzApplication::SetPropertyCAzApplication::get_PolicyAdministratorsCAzApplication::get_PolicyAdministratorsNameCAzApplication::get_PolicyReadersCAzApplication::get_PolicyReadersNameCAzApplication::AddPolicyAdministratorCAzApplication::AddPolicyAdministratorNameCAzApplication::DeletePolicyAdministratorCAzApplication::DeletePolicyAdministratorNameCAzApplication::AddPolicyReaderCAzApplication::AddPolicyReaderNameCAzApplication::DeletePolicyReaderCAzApplication::DeletePolicyReaderNameCAzApplication::get_ScopesCAzApplication::OpenScopeCAzApplication::CreateScopeCAzApplication::DeleteScopeCAzApplication::get_OperationsCAzApplication::OpenOperationCAzApplication::CreateOperationCAzApplication::DeleteOperationCAzApplication::get_TasksCAzApplication::OpenTaskCAzApplication::CreateTaskCAzApplication::DeleteTaskCAzApplication::get_ApplicationGroupsCAzApplication::OpenApplicationGroupCAzApplication::CreateApplicationGroupCAzApplication::DeleteApplicationGroupCAzApplication::get_RolesCAzApplication::OpenRoleCAzApplication::CreateRoleCAzApplication::DeleteRoleEnter CAzApplication::InitializeClientContextFromToken ullTokenHandle=0x%8lx%8lx Enter CAzApplication::InitializeClientContextFromToken ullTokenHandle=%d CAzApplication::InitializeClientContextFromTokenLeave CAzApplication::InitializeClientContextFromToken: return HRESULT value=0x%lx Enter CAzApplication::InitializeClientContextFromName ClientName=%s DomainName=%s CAzApplication::InitializeClientContextFromNameLeave CAzApplication::InitializeClientContextFromName: return HRESULT value=0x%lx Enter CAzApplication::InitializeClientContextFromStringSid SidString=%s CAzApplication::InitializeClientContextFromStringSidLeave CAzApplication::InitializeClientContextFromStringSid: return HRESULT value=0x%lx CAzApplication::AddPropertyItemCAzApplication::DeletePropertyItemEnter CAzApplication::Submit lFlags=%d Leave CAzApplication::Submit: return HRESULT value=0x%lx get_DelegatedPolicyUsersget_DelegatedPolicyUsersNameCAzApplication::AddDelegatedPolicyUserCAzApplication::AddDelegatedPolicyUserNameCAzApplication::DeleteDelegatedPolicyUserEnter CAzApplication::ScopeExists bstrScopeName=%s Bad Param: %d , %d Leave CAzApplication::ScopeExists: return HRESULT value=0x%lx Enter CAzApplication::OpenScope2 bstrScopeName=%s Leave CAzApplication::OpenScope2: return HRESULT value=0x%lx Enter CAzApplication::CreateScope2 bstrScopeName=%s Leave CAzApplication::CreateScope2: return HRESULT value=0x%lx Enter CAzApplication::DeleteScope2 bstrScopeName=%s Leave CAzApplication::DeleteScope2: return HRESULT value=0x%lx Enter CAzApplication::get_RoleDefinitions CAzApplication::get_RoleDefinitionsLeave CAzApplication::get_RoleDefinitions: return HRESULT value=0x%lx Enter CAzApplication::CreateRoleDefinition bstrRoleDefinitionName=%s Leave CAzApplication::CreateRoleDefinition: return HRESULT value=0x%lx Enter CAzApplication::OpenRoleDefinition bstrRoleDefinitionName=%s Leave CAzApplication::OpenRoleDefinition: return HRESULT value=0x%lx Enter CAzApplication::DeleteRoleDefinition bstrRoleDefinitionName=%s Leave CAzApplication::DeleteRoleDefinition: return HRESULT value=0x%lx Enter CAzApplication::get_RoleAssignments CAzApplication::get_RoleAssignmentsLeave CAzApplication::get_RoleAssignments: return HRESULT value=0x%lx Enter CAzApplication::CreateRoleAssignment bstrRoleAssignmentName=%s Leave CAzApplication::CreateRoleAssignment: return HRESULT value=0x%lx Enter CAzApplication::OpenRoleAssignment bstrRoleAssignmentName=%s Leave CAzApplication::OpenRoleAssignment: return HRESULT value=0x%lx Enter CAzApplication::DeleteRoleAssignment bstrRoleAssignmentName=%s Leave CAzApplication::DeleteRoleAssignment: return HRESULT value=0x%lx CAzApplication::DeleteDelegatedPolicyUserNameEnter CAzApplication::InitializeClientContext2 IdentifyingString=%s CAzApplication::InitializeClientContext2Leave CAzApplication::InitializeClientContext2: return HRESULT value=0x%lx Enter CAzApplication::InitializeClientContextFromToken2 ulTokenHandleLowPart=%d ulTokenHandleHighPart=%d Leave CAzApplication::InitializeClientContextFromToken2: return HRESULT value=0x%lx Enter CAzApplications::_Init CAzApplications::_InitLeave CAzApplications::_Init: return HRESULT value=0x%lx CAzOperation constructor called. CAzOperation destructor called. Enter: CAzOperation::_Init hOwnerApp=%d hHandle=%d. Leave CAzOperation::_Init: return HRESULT value=0x%lx CAzOperation::get_DescriptionCAzOperation::put_DescriptionCAzOperation::get_NameCAzOperation::put_NameCAzOperation::get_ApplicationDataCAzOperation::put_ApplicationDataCAzOperation::get_WritableCAzOperation::get_OperationIDCAzOperation::put_OperationIDCAzOperation::GetPropertyCAzOperation::SetPropertyEnter CAzOperation::Submit lFlags=%d Leave CAzOperation::Submit: return HRESULT value=0x%lx Enter CAzOperation::RoleAssignments bstrScopeName=%s bRecursive=%d Leave CAzOperation::RoleAssignments: return HRESULT value=0x%lx Enter CAzOperations::_Init hOwnerApp=%d hParent=%d CAzOperations::_InitLeave CAzOperations::_Init: return HRESULT value=0x%lx Enter CAzOperations::_Init hOwnerApp=%d Enter CAzOperations::_AddOperation pOperation=%d CAzOperations::_AddOperationLeave CAzOperations::_AddOperation: return HRESULT value=0x%lx Enter CAzOperations::_AddOperationFromTaskObj hParent=%d Leave CAzOperations::_AddOperationFromTaskObj: return HRESULT value=0x%lx CAzTask constructor called. CAzTask destructor called. Enter CAzTask::_Init hOwnerApp=%d hHandle=%d Leave CAzTask::_Init: return HRESULT value=0x%lx CAzTask::get_DescriptionCAzTask::put_DescriptionCAzTask::get_NameCAzTask::put_NameCAzTask::get_ApplicationDataCAzTask::put_ApplicationDataCAzTask::get_BizRuleCAzTask::put_BizRuleCAzTask::get_BizRuleLanguageCAzTask::put_BizRuleLanguageCAzTask::get_BizRuleImportedPathCAzTask::put_BizRuleImportedPathCAzTask::get_IsRoleDefinitionCAzTask::put_IsRoleDefinitionCAzTask::get_OperationsCAzTask::get_TasksCAzTask::AddOperationCAzTask::DeleteOperationCAzTask::AddTaskCAzTask::DeleteTaskget_WritableCAzTask::GetPropertyCAzTask::SetPropertyCAzTask::AddPropertyItemCAzTask::DeletePropertyItemEnter CAzTask::Submit lFlags=%d Leave CAzTask::Submit: return HRESULT value=0x%lx Enter CAzTask::RoleAssignments bstrScopeName=%s Leave CAzTask::RoleAssignments: return HRESULT value=0x%lx Enter CAzTask::AddRoleDefinition bstrRoleDefinition=%s CAzTask::AddRoleDefinitionLeave CAzTask::AddRoleDefinition: return HRESULT value=0x%lx Enter CAzTask::DeleteRoleDefinition bstrRoleDefinition=%s CAzTask::DeleteRoleDefinitionLeave CAzTask::DeleteRoleDefinition: return HRESULT value=0x%lx Enter CAzTask::get_RoleDefinitions CAzTask::get_RoleDefinitionsLeave CAzTask::get_RoleDefinitions: return HRESULT value=0x%lx Enter CAzTasks::_Init CAzTasks::_InitLeave CAzTasks::_Init: return HRESULT value=0x%lx Enter CAzTasks::_AddTask CAzTasks::_AddTaskLeave CAzTasks::_AddTask: return HRESULT value=0x%lx Enter CAzTasks::_AddTaskFrom Leave CAzTasks::_AddTaskFrom: return HRESULT value=0x%lx Enter CAzScope constructor called. Enter CAzScope destructor called. Enter CAzScope::_Init Leave CAzScope::_Init: return HRESULT value=0x%lx CAzScope::get_DescriptionCAzScope::put_DescriptionCAzScope::get_NameCAzScope::put_NameCAzScope::get_ApplicationDataCAzScope::put_ApplicationDataCAzScope::get_WritableCAzScope::GetPropertyCAzScope::AddPropertyItemCAzScope::DeletePropertyItemCAzScope::get_PolicyAdministratorsCAzScope::get_PolicyAdministratorsNameCAzScope::get_PolicyReadersCAzScope::get_PolicyReadersNameCAzScope::AddPolicyAdministratorCAzScope::AddPolicyAdministratorNameCAzScope::DeletePolicyAdministratorCAzScope::DeletePolicyAdministratorNameCAzScope::AddPolicyReaderCAzScope::AddPolicyReaderNameCAzScope::DeletePolicyReaderCAzScope::DeletePolicyReaderNameCAzScope::SetPropertyCAzScope::get_ApplicationGroupsCAzScope::OpenApplicationGroupCAzScope::CreateApplicationGroupCAzScope::DeleteApplicationGroupEnter CAzScope::get_Roles CAzScope::get_RolesLeave get_Roles: return HRESULT value=0x%lx Enter CAzScope::OpenRole: bstrRoleName=%s CAzScope::OpenRoleLeave CAzScope::OpenRole: return HRESULT value=0x%lx Enter CAzScope::CreateRole: bstrRoleName=%s CAzScope::CreateRoleLeave CAzScope::CreateRole: return HRESULT value=0x%lx CAzScope::DeleteRoleCAzScope::get_TasksCAzScope::OpenTaskCAzScope::CreateTaskCAzScope::DeleteTaskEnter CAzScope::Submit: lFlags=%d Leave CAzScope::Submit: return HRESULT value=0x%lx CAzScope::get_CanBeDelegatedCAzScope::get_BizrulesWritableEnter CAzScope::get_RoleDefinitions CAzScope::get_RoleDefinitionsLeave CAzScope::get_RoleDefinitions: return HRESULT value=0x%lx Enter CAzScope::CreateRoleDefinition bstrRoleDefinitionName=%s CAzScope::CreateRoleDefinition: NULL IAzRoleDefinition parameter.Leave CAzScope::CreateRoleDefinition: return HRESULT value=0x%lx Enter CAzScope::OpenRoleDefinition bstrRoleDefinitionName=%s CAzScope::OpenRoleDefinition: NULL IAzRoleDefinition parameter.Leave CAzScope::OpenRoleDefinition: return HRESULT value=0x%lx Enter CAzScope::DeleteRoleDefinition bstrRoleDefinitionName=%s Leave CAzScope::DeleteRoleDefinition: return HRESULT value=0x%lx Enter CAzScope::get_RoleAssignments CAzScope::get_RoleAssignmentsLeave CAzScope::get_RoleAssignments: return HRESULT value=0x%lx Enter CAzScope::CreateRoleAssignment bstrRoleAssignmentName=%s Leave CAzScope::CreateRoleAssignment: return HRESULT value=0x%lx Enter CAzScope::OpenRoleAssignment bstrRoleAssignmentName=%s Leave CAzScope::OpenRoleAssignment: return HRESULT value=0x%lx Enter CAzScope::DeleteRoleAssignment bstrRoleAssignmentName=%s Leave CAzScope::DeleteRoleAssignment: return HRESULT value=0x%lx Enter CAzScopes::_Init CAzScopes::_InitLeave CAzScopes::_Init: return HRESULT value=0x%lx CAzApplicationGroup constructor called. CAzApplicationGroup destructor called. Enter CAzApplicationGroup::_Init Leave CAzApplicationGroup::_Init: return HRESULT value=0x%lx CAzApplicationGroup::get_TypeCAzApplicationGroup::put_TypeCAzApplicationGroup::get_LdapQueryCAzApplicationGroup::put_LdapQueryCAzApplicationGroup::get_AppMembersCAzApplicationGroup::get_AppNonMembersCAzApplicationGroup::get_MembersCAzApplicationGroup::get_MembersNameCAzApplicationGroup::get_NonMembersCAzApplicationGroup::get_NonMembersNameCAzApplicationGroup::get_DescriptionCAzApplicationGroup::put_DescriptionCAzApplicationGroup::get_NameCAzApplicationGroup::put_NameCAzApplicationGroup::get_BizRuleCAzApplicationGroup::put_BizRuleCAzApplicationGroup::get_BizRuleLanguageCAzApplicationGroup::put_BizRuleLanguageCAzApplicationGroup::get_BizRuleImportedPathCAzApplicationGroup::put_BizRuleImportedPathCAzApplicationGroup::AddAppMemberCAzApplicationGroup::DeleteAppMemberCAzApplicationGroup::AddAppNonMemberCAzApplicationGroup::DeleteAppNonMemberCAzApplicationGroup::AddMemberCAzApplicationGroup::DeleteMemberCAzApplicationGroup::AddMemberNameCAzApplicationGroup::DeleteMemberNameCAzApplicationGroup::AddNonMemberCAzApplicationGroup::DeleteNonMemberCAzApplicationGroup::AddNonMemberNameCAzApplicationGroup::DeleteNonMemberNameCAzApplicationGroup::get_WritableCAzApplicationGroup::GetPropertyCAzApplicationGroup::SetPropertyCAzApplicationGroup::AddPropertyItemCAzApplicationGroup::DeletePropertyItemEnter CAzApplicationGroup::Submit: lFlags=%d Leave CAzApplicationGroup::Submit: return HRESULT value=0x%lx Enter CAzApplicationGroup::RoleAssignments: bstrScopeName=%s bRecusive=%d Leave CAzApplicationGroup::RoleAssignments: return HRESULT value=0x%lx Enter CAzApplicationGroups::_Init CAzApplicationGroups::_InitLeave CAzApplicationGroups::_Init: return HRESULT value=0x%lx CAzRole constructor called CAzRole destructor called Enter CAzRole::_Init Leave CAzRole::_Init: return HRESULT value=0x%lx CAzRole::get_DescriptionCAzRole::put_DescriptionCAzRole::get_NameCAzRole::put_NameCAzRole::get_ApplicationDataCAzRole::put_ApplicationDataCAzRole::get_AppMembersCAzRole::get_MembersCAzRole::get_MembersNameCAzRole::get_OperationsCAzRole::get_TasksCAzRole::AddAppMemberCAzRole::DeleteAppMemberCAzRole::AddTaskCAzRole::DeleteTaskCAzRole::AddOperationCAzRole::DeleteOperationCAzRole::AddMemberCAzRole::DeleteMemberCAzRole::AddMemberNameCAzRole::DeleteMemberNameCAzRole::get_WritableCAzRole::GetPropertyCAzRole::SetPropertyCAzRole::AddPropertyItemCAzRole::DeletePropertyItemCAzRole::AddRoleDefinitionCAzRole::DeleteRoleDefinitionEnter CAzRole::get_RoleDefinitions CAzRole::get_RoleDefinitionsLeave CAzRole::get_RoleDefinitions: return HRESULT value=0x%lx Enter CAzRole::get_Scope Leave CAzRole::get_Scope: return HRESULT value=0x%lx Enter CAzRole::Submit lFlags=%d Leave CAzRole::Submit: return HRESULT value=0x%lx Enter CAzRoles::_Init CAzRoles::_InitLeave CAzRoles::_Init: return HRESULT value=0x%lx CAzRoleAssignments constructor called. Enter CAzRoleAssignments::_InitRolesForGivenObj: bstrScopeName=%s bRecursive=%d Leave CAzRoleAssignments::_InitRolesForGivenObj: return HRESULT value=0x%lx Enter CAzRoleAssignments::GetRoleAssigmentObj bstrScopeName=%s ScopeFlags=%d CAzRoleAssignments::GetRoleAssigmentObjLeave CAzRoleAssignments::GetRoleAssigmentObj: return HRESULT value=0x%lx CAzClientContext constructor called. CAzClientContext destructor called. Enter CAzClientContext::AccessCheck2 bstrObjectName=%s, bstrScopeName=%s lOperation=%d CAzClientContext::AccessCheck2 receives NULL plResult parameter. Leave CAzClientContext::AccessCheck2: return HRESULT value=0x%lx plResult=NULL Leave CAzClientContext::AccessCheck2: return HRESULT value=0x%lx *plResult=%d Enter CAzClientContext::AccessCheck bstrObjectName=%s, bstrScopeNames=%s varOperations=%s Leave CAzClientContext::AccessCheck: return HRESULT value=0x%lx *pvarResults=%s Leave CAzClientContext::AccessCheck: return HRESULT value=0x%lx *pvarResults=NULL Enter CAzClientContext::GetAssignedScopesPage lOptions=%d PageSize=%d Leave CAzClientContext::GetAssignedScopesPage: return HRESULT value=0x%lx *pvarScopeNames=%s Leave CAzClientContext::GetAssignedScopesPage: return HRESULT value=0x%lx pvarScopeNames=NULL Enter CAzClientContext::GetOperations bstrScopeName=%s Leave CAzClientContext::GetOperations: return HRESULT value=0x%lx Enter CAzClientContext::GetTasks bstrScopeName=%s Leave CAzClientContext::GetTasks: return HRESULT value=0x%lx Enter CAzClientContext::IsInRoleAssignment bstrScopeName=%s bstrRoleName=%s Leave CAzClientContext::IsInRoleAssignment: return HRESULT value=0x%lx pbIsInRole=NULL Leave CAzClientContext::IsInRoleAssignment: return HRESULT value=0x%lx *pbIsInRole=%d Enter CAzClientContext::GetRoles bstrScopeName=%s Leave CAzClientContext::GetRoles: return HRESULT value=0x%lx Enter CAzClientContext::GetBusinessRuleString Leave CAzClientContext::GetBusinessRuleString: return HRESULT value=0x%lx pbstrBusinessRuleString=NULL Leave CAzClientContext::GetBusinessRuleString: return HRESULT value=0x%lx *pbstrBusinessRuleString=%s CAzClientContext::get_UserDnCAzClientContext::get_UserSamCompatCAzClientContext::get_UserDisplayCAzClientContext::get_UserGuidCAzClientContext::get_UserCanonicalCAzClientContext::get_UserUpnCAzClientContext::get_UserDnsSamCompatCAzClientContext::GetPropertyCAzClientContext::get_RoleForAccessCheckCAzClientContext::put_RoleForAccessCheckEnter CAzClientContext::AddApplicationGroups Leave CAzClientContext::AddApplicationGroups: return HRESULT value=0x%lx Enter CAzClientContext::AddRoles bstrScopeName=%s Leave CAzClientContext::AddRoles: return HRESULT value=0x%lx Enter CAzClientContext::AddStringSids Leave CAzClientContext::AddStringSids: return HRESULT value=0x%lx CAzClientContext::get_LDAPQueryDNCAzClientContext::put_LDAPQueryDNEnter CAzClientContext::_Init Leave CAzClientContext::_Init: return HRESULT value=0x%lx Enter get_BizRuleParameters::_Init Leave CAzClientContext::get_BizRuleParameters: return HRESULT value=0x%lx Enter get_BizRuleInterfaces::_Init Leave CAzClientContext::get_BizRuleInterfaces: return HRESULT value=0x%lx Enter CAzClientContext::GetGroups bstrScopeName=%s Leave CAzClientContext::GetGroups: return HRESULT value=0x%lx Enter CAzClientContext::get_Sids. Leave CAzClientContext::get_Sids: return HRESULT value=0x%lx Enter CAzRoleDefinitions::_Init CAzRoleDefinitions::_InitLeave CAzRoleDefinitions::_Init: return HRESULT value=0x%lx Enter CAzRoleDefinitions::CollectTaskAsRoleDefinition CAzRoleDefinitions::CollectTaskAsRoleDefinitionLeave CAzRoleDefinitions::CollectTaskAsRoleDefinition: return HRESULT value=0x%lx Enter CAzRoleDefinitions::CollectNamedRoleDefinitions AZ_PROP_ROLE_TASKS returns bogus task object %s Leave CAzRoleDefinitions::CollectNamedRoleDefinitions: return HRESULT value=0x%lx Enter CAzRoleAssignments::_Init CAzRoleAssignments::_InitLeave CAzRoleAssignments::_Init: return HRESULT value=0x%lx %09IuObject with the same name existmap/set too longCAzBizRuleContext ~CAzBizRuleContext CAzBizRuleContext::put_BusinessRuleResult: %ld CAzBizRuleContext::put_BusinessRuleString: %ws CAzBizRuleContext::get_BusinessRuleString: %ws CAzBizRuleContext::GetParameter: %ls CAzBizRuleContext::GetParameter: %ls: Parameter not passed in. CAzBizRuleContext::SetAccessCheckContext SYSTEM\CurrentControlSet\Control\LSA\AzRolesUseStrongLockingSoftware\Microsoft\AzMan\LoggingFlagsAPPDATA\Microsoft\AzMan\AzManDebug_%d.log AzMan log file Process Name: Current User Name: Current System Time: %02u/%02u/%02u %02u:%02u:%02u S-1-3-4AzpAzStoreGetProperty: invalid prop id %ld SetProperty: Object doesn't support dirty bit 0x%lx IsNormalFlags(_Flags) = TRUE (_GenericObject->DirtyBits & _DirtyBit) = 0 IsRefreshFlags(_Flags) = TRUE AzpAzStoreManagerSetProperty: domain timeout too small %ld AzpAzStoreManagerSetProperty: script engine timeout too small %ld AzpAzStoreManagerSetProperty: max script engines too small %ld AzpAzStoreManagerSetProperty: invalid prop id %ld AzInitialize: Reserved != 0 AzInitialize: Invalid flags 0x%lx AzInitialize: Failed to Initialize Audit system: %ld AzAuthorizationStoreDelete: Reserved != 0 AzCloseHandle: Reserved != 0 AzAuthorizationStore in AzCloseHandle refAzpAddObjectToGuidMap: objects already in mapvector too long%s:%dAzApplicationGetProperty: invalid prop id %ld AzpApplicationSetProperty: cannot convert CLSID %ws %ld AzpApplicationSetProperty: invalid prop id %ld AzApplicationClose: Failed to capture application name: %ld AzApplicationClose: Cannot reference application %ws: %ld AzApplicationClose: Cannot reload children on unload failure: %ld SOFTWARE\Microsoft\AzMan\BizRuleEnabledApplicationsAvoided script engine in non-base thread. Using free script engine from non-base thread. ReuseEngine failed: 0x%lx Using free script engine. Using clone of running script engine. new CScriptEngine failed: 0x%lx ScriptEngine->Init failed: 0x%lx Using new script engine. Engine doesn't support reset: 0x%lx Script changed while engine was running Script LRU'ed out: %ld Script Freed from free script list AzpGetScriptEngine failed: 0x%lx, %ld RunScript failed: 0x%lx, %ld CoInitializeEx failed: 0x%lx, %ld Script Timed out. CScriptEngine ~CScriptEngine CScriptEngine::InitializeScriptEngine Failed to get scripting engine CLSID: 0x%lx Failed to create scripting engine: 0x%lx IActiveScript::QueryInterface()Exception: %s: 0x%lx Engine doesn't support IActiveScriptParse: 0x%lx Failed to create AzBizRuleContext instance: 0x%lx IActiveScript::GetCurrentScriptThreadID()Error calling GetCurrentScriptThreadID: 0x%lx Set ThreadId to: 0x%lx 0x%lx IActiveScript::SetScriptSite()Error calling SetScriptSite: 0x%lx IActiveScriptParse::InitNew()Error calling InitNew: 0x%lx AzBizRuleContextIActiveScript::AddNamedItem()Failed to AddNamedItem: 0x%lx IActiveScriptParse::ParseScriptText()Failed to ParseScriptText: 0x%lx Remap error to: 0x%lx CScriptEngine::RunScript RunScript took an exception: 0x%lx Script took an exception: 0x%lx Failed to SetScriptState(STARTED): 0x%lx Script from access check to caller: 0x%lx Return script error to caller: 0x%lx Cannot DeleteTimerQueurTimer: %ld CScriptEngine::InterruptScript IActiveScript::InterruptScriptThread()CScriptEngine::ResetToUninitialized IActiveScriptParse::Release()IActiveScript::SetScriptState()Failed to SetScriptState(INITIALIZED): 0x%lx CScriptEngine::ReuseEngine IActiveScript::GetScriptState()Failed to GetScriptState: 0x%lx Failed to SetScriptState(UNINITIALIZED): 0x%lx Changed ThreadId to: 0x%lx 0x%lx CScriptEngine::IsBaseThread CScriptEngine::FinalRelease IActiveScript::Close()Cannot CloseEngine: 0x%lx IActiveScript::Release()CScriptEngine::InsertHeadList CScriptEngine::RemoveListEntry CScriptEngine::InsertHeadLruList CScriptEngine::RemoveLruListEntry CScriptEngine::QueryInterface->IUnknown IActiveScriptSite Unsupported Interface: CScriptEngine::AddRef %ld CScriptEngine::Release %ld CScriptEngine::GetLCID CScriptEngine::GetItemInfo: %ws GetItemInfo took an exception: 0x%lx CScriptEngine::GetDocVersionString CScriptEngine::OnScriptTerminate CScriptEngine::OnStateChange:State: Uninitialized. State: Initialized. State: Started. State: Connected. State: Disconnected. State: Closed. CScriptEngine::OnScriptError Script Error: Code: 0x%lx %ld Src: %ws File: %ws Desc: %ws CScriptEngine::OnEnterScript CScriptEngine::OnLeaveScript CAzBizRuleParamInternal::AddParameters: Can't get name lbound 0x%lx CAzBizRuleParamInternal::AddParameters: Can't get value lbound 0x%lx CAzBizRuleParamInternal::AddParameters: Can't get name ubound 0x%lx CAzBizRuleParamInternal::AddParameters: Can't get value ubound 0x%lx CAzBizRuleParamInternal::AddParameters: Array bounds don't match %ld %ld %ld %ld CAzBizRuleParamInternal::AddParameters: Can't access ParameterNames 0x%lx CAzBizRuleParamInternal::AddParameters: Can't access ParameterValues 0x%lx CAzBizRuleParameters::AddParameters: Parameter %ld isn't a VT_BSTR CAzBizRuleParameters::AddParameters: Parameter %ws should have an interface value AzpCaptureBizRuleInterfaces: Can't get name lbound 0x%lx AzpCaptureBizRuleInterfaces: Can't get value lbound 0x%lx AzpCaptureBizRuleInterfaces: Can't get interfaces lbound 0x%lx AzpCaptureBizRuleInterfaces: Can't get name ubound 0x%lx AzpCaptureBizRuleInterfaces: Can't get value ubound 0x%lx AzpCaptureBizRuleInterfaces: Can't get interfaces ubound 0x%lx AzpCaptureBizRuleInterfaces: Array bounds don't match %ld %ld %ld %ld %ld %ld AzpCaptureBizRuleInterfaces::AddInterfaces: Can't access ParameterNames 0x%lx AzpCaptureBizRuleInterfaces::AddInterfaces: Can't access Flags 0x%lx AzpCaptureBizRuleInterfaces::AddInterfaces: Can't access Interfaces 0x%lx GroupRole-AzpClientContextFree: AzpClientContextGenerateDeleteAudit failed with %ld AzpGetUserNameEx: no cached token handle AzpGetUserNameEx: Cannot get token statistics: %ld AzpGetUserNameEx: Cannot GetThreadToken %ld AzpGetUserNameEx: Cannot SetThreadToken %ld AzpGetUserNameEx: Cannot GetUserNameExW %ld AzpGetUserNameEx: Cannot SetThreadToken (revert) %ld AzpClientContextGetProperty: invalid opcode %ld AzpClientContextGetProperty: Cannot get token statistics: %ld %ws\%wsAzpClientContextGetProperty: Cannot translate name: %ld AzpClientContextSetProperty: invalid prop id %ld AzpComputeAccountDn: AuthzGetInformationFromContext failed %ld AzpComputeAccountDn: SafeAllocaAllocate failed %ld AzpComputeAccountDn: AzpAllocateHeap failed %ld <Sid=>AzpQueryUserDN: ClientContext is missing LdapQueryDN from a standalone machine. AzpQueryUserDN: ClientContext (AZP_CONTEXT_CREATED_FROM_SID) is missing LdapQueryDN. distinguishedName(objectClass=user)AzpCheckGroupMembershipLdap: %ws AzpCheckGroupMembershipLdap: %ws: User is in NT 4 domain or local account: Membership is %ld AzpCheckGroupMembershipLdap: %ws: AzpGetUserNameEx failed %ld AzpCheckGroupMembershipLdap: ClientContext is missing LdapQueryDN. AzpCheckGroupMembershipLdap: %ws: DsGetDcName failed %ld ObjectClassAzpCheckGroupMembershipLdap: %ws: ldap_search failed on %ws: %ld: %s AzpCheckGroupMembershipLdap: %ws: ldap_count_entries failed on %ws: %ld: %s AzpCheckGroupMembershipLdap: %ws: ldap_search worked on %ws: Membership is %ld (objectClass=*)AzpCheckGroupMembershipLdapForLdapUrl: %ws AzpQueryUserDN failed. AzpCheckGroupMembershipLdapForLdapUrl:invalid LDAP query syntaxAzpCheckGroupMembershipLdapForLdapUrl: ldap_init failed on %ws: %ld: %s AzpCheckGroupMembershipLdapForLdapUrl: AzpADSetDefaultLdapOptions failed on %ws: %ld AzpCheckGroupMembershipLdapForLdapUrl: ldap_connect failed on %ws: %ld AzpCheckGroupMembershipLdapForLdapUrl: AzpADSetLdapEncryptionOption failed on %ws: %ld AzpCheckGroupMembershipLdapForLdapUrl: ldap_bind failed on %ws: %ld: %s AzpCheckGroupMembershipOne: %ws AzpCheckGroupMembershipOne: %ws: Create cache entry AzpCheckGroupMembershipOne: %ws: %ld: %ld: Answer found in cache AzpCheckGroupMembershipOne: %ws: Is a basic group AzpCheckGroupMembershipOne: %ws: Cannot AzptCheckObjecSidMembership (non member) %ld AzpCheckGroupMembershipOne: %ws: Is non member via NT Sid AzpCheckGroupMembershipOne: %ws: Cannot AzpCheckGroupMembership (non member) %ld AzpCheckGroupMembershipOne: %ws: Is non member via app group AzpCheckGroupMembershipOne: %ws: Cannot AzpCheckGroupMembership (member) %ld AzpCheckGroupMembershipOne: %ws: Cannot AzpCheckGroupMembership (member) extended status: %ld AzpCheckGroupMembershipOne: %ws: Cannot AzpCheckGroupMembership (non member) extended status: %ld AzpCheckGroupMembershipOne: %ws: %ld: %ld: Answer computed AzpCheckGroupMembershipOne: %ws: Avoid ldapquery group AzpCheckGroupMembershipOne: ClientContext is missing LdapQueryDNAzpCheckGroupMembershipOne: %ws: Is an ldapquery group AzpCheckGroupMembershipOne: %ws: Is an invalid group type Task referenceAzpCaptureBizRuleInterfaces: Names is NULL but Flags or Interfaces isn't AzpCaptureBizRuleInterfaces: Flags or Interfaces is NULL but Names isn't AzpWalkOpsAndTasks: %ws: %ws: All operations have been processed %ld. AzpWalkOpsAndTasks: %ws: %ws: %ws: Operation granted AzpWalkOpsAndTasks: %ws: %ws: %ws: Operation extended failure %ld AzInitializeContextFromToken: Cannot initialize context since store is in manage mode %ld AzInitializeContextFromToken: Cannot ObCommonCreateObject %ld AzInitializeContextFromToken: Cannot OpenProcessToken %ld AzInitializeContextFromToken: Cannot DuplicateTokenEx %ld AzInitializeContextFromToken: Cannot OpenThreadToken %ld AzInitializeContextFromToken: GetTokenInformation failed with %ld AzInitializeContextFromToken: Cannot AuthzInitializeContextFromToken %ld AzpGenerateContextCreateAudit: Cannot ObCommonCreateObject %ld AzManAPIKerberosAzRoles AzInitializeContextFromName: Cannot initialize context since store is in manage mode %ld AzInitializeContextFromName: Cannot AzInitializeFromToken %ld AzInitializeContextFromName: Cannot ObCommonCreateObject %ld AzInitializeContextFromName: Cannot allocate LUID %ld AzInitializeContextFromName: LookupAccoutName failed with %ld AzInitializeContextFromName: Invalid user type - expected SIdTypeUser, got %ld AzInitializeContextFromStringSid: Cannot initialize context since store is in manage mode %ld AzInitializeContextFromStringSid: ConvertSidStringToSid failed with %ld AzInitializeContextFromStringSid: LookupAccountSid failed with %ld AzInitializeContextFromStringSid: Invalid user type - expected SIdTypeUser, got %ld AzInitializeContextFromStringSid: Cannot ObCommonCreateObject %ld AzInitializeContextFromStringSid: Cannot allocate LUID %ld AzInitializeContextFromStringSid: CopySid failed with %ld AzInitializeContextFromStringSid: Cannot AuthzInitializeContextFromStringSid %ld S-1-0-0AzInitializeContext: Cannot initialize context since store is in manage mode %ld AzInitializeContext: Cannot initialize context with null audit identifying string %ld AzInitializeContext: ConvertSidStringToSid for null SID failed with %ld AzInitializeContext: Cannot ObCommonCreateObject %ld AzInitializeContext: Cannot allocate LUID %ld AzInitializeContext: CopySid for null SID failed with %ld AzInitializeContext: Cannot AuthzInitializeContext %ld AzAccessCheck: %ws: GroupEvalSerialNumber changed from %ld to %ld AzAccessCheck: Failed to load children for %ws: %ldAzAccessCheck: %ws: invalid OperationCount %ld AzAccessCheck: %ws: %ws: There are no roles for this scope Role referenceAzAccessCheck: This role %ws is not the requested role %ws AzAccessCheck: %ws: %ws: No operations for this role apply AzAccessCheck: %ws: %ws: No roles have applicable operations %ld. AzContextAccessCheck: Starting Access Check loops AzAccessCheck: %ws: %ws: All roles have been processed %ld. AzAccessCheck: %ws: %ws: All operations have been processed %ld. AzAccessCheck: %ws: %ws: Process role AzAccessCheck: %ws: %ws: AzpWalkOpsAndTasks failed %ld AzAccessCheck: %ws: %ws: CheckSidMembership of role AzAccessCheck: %ws: %ws: CheckSidMembership failed %ld AzAccessCheck: %ws: %ws: CheckSidMembership is %ld AzAccessCheck: %ws: %ws: CheckGroupMembership of role AzAccessCheck: %ws: %ws: CheckGroupMembership failed %ld AzAccessCheck: %ws: %ws: CheckGroupMembership extended status %ld AzAccessCheck: %ws: %ws: CheckGroupMembership is %ld AzAccessCheck: %ws: %ws: Role finished being processed AzAccessCheck: %ws: %ws: Role finished being processed due to ACCESS_DENIED AzAccessCheck: %ws: AzpAccessCheckGenerateAudit failed with %ld AzpCheckRolesMembersip: %ws: CheckSidMembership of role AzpCheckRolesMembersip: %ws: CheckSidMembership failed %ld AzpCheckRolesMembersip: %ws: CheckSidMembership is %ld AzpCheckRolesMembersip: %ws: CheckGroupMembership of role AzpCheckRolesMembersip: %ws: CheckGroupMembership failed %ld AzpCheckRolesMembersip: %ws: CheckGroupMembership is %ld AzpCheckRolesMembersip: %ws: CheckGroupMembership extended status %ld AzpCheckRolesMembersip: %ws: Role finished being processed Role/Group referenceAzpCheckGroupMembershipOne failed. 0x%lx %ws (%ld): Domain ref 0x%lx %ws (%ld): Domain deref AzpAllocateDc: ldap_init failed on %ws: %ld: %s AzpAllocateDc: AzpADSetDefaultLdapOptions failed on %ws: %ld AzpAllocateDc: ldap_connect failed on %ws: %ld AzpAllocateDc: AzpADSetLdapEncryptionOption failed on %ws: %ld AzpAllocateDc: ldap_bind failed on %ws: %ld: %s 0x%lx %ws (%ld): DC Allocaote 0x%lx %ws (%ld): DC ref 0x%lx %ws (%ld): DC deref AzAuthorizationStore in ObCloseHandle refAllocate objectChild handle refHandle ref0x%lx %ld (%ld): Open Handle Authorization Store Handle ref0x%lx %ld (%ld): Close Handle Authorization Store Handle derefHandle derefChild handle derefObDecrHandleRefCount: Cannot reload children on failure of unload: %ld 0x%lx: NULL handle is invalid 0x%lx %ld: Handle Object type is too large. 0x%lx %ld: Handle has no handle reference count. 0x%lx %ld: Handle has no ParentGenericObjectHead. 0x%lx %ld: Object is deleted. 0x%lx %ld: Object type doesn't match parent. 0x%lx %ld: Sequence number doesn't match parent. 0x%lx: AV accessing handle ObReferenceObjectByName (by guid): Ref by name0x%lx: NULL handle not allowed. 0x%lx %ld: Object Type not local object type Ref by Handle0x%lx %ld: Handle not in list. Deref "*/:<>?\| ObCreateObject: %ws ObCommonCreateObject: Reserved != 0 ObCommonOpenObject: Reserved != 0 ObCommonEnumObjects: Reserved != 0 ObCommonGetProperty: Reserved != 0 ObCommonGetProperty: Object has no name ObCommonGetProperty: Object has no description ObCommonGetProperty:Object has no application data ObCommonGetProperty: Object has no generate-audits data ObCommonGetProperty: Object has no apply-store-sacl data ObCommonGetProperty:Object has no apply-store-sacl data ObCommonGetProperty: No get property routine. ObSetProperty: no set property routine: %ld %ld ObSetProperty: OpCacheSerialNumber set to %ld ObCommonDeleteObject: Reserved != 0 0x%lx: 0x%lx: %ld: ObFreeDeltaArray 0x%lx: 0x%lx: ObInitObjectList ObRemoveObjectListLink: OpCacheSerialNumber set to %ld AzpeAddPropertyItemSid: AzpAllocateHeap failed %ld AzpeAddPropertyItemSid: duplicate SIDAzpeAddPropertyItemSid: set::insert failed %ld ObAddPropertyItem (by guid): ObAddPropertyItem: Cannot set creator owner sid ObAddPropertyItem: Cannot set creator group sid Reference to self ObAddPropertyItem: GroupEvalSerialNumber set to %ld ObAddPropertyItem: OpCacheSerialNumber set to %ld AzAddPropertyItem: Reserved != 0 AzAddPropertyItem: invalid prop id %ld ObRemovePropertyItem: GroupEvalSerialNumber set to %ld AzRemovePropertyItem: Reserved != 0 && Reserved != 1 AzRemovePropertyItem: invalid prop id %ld 0x%lx: 0x%lx: %ld: ObRemoveObjectListLinks ObClearObjectList PropertyID %d 0x%lx: 0x%lx: ObFreeObjectList 0x%lx: 0x%lx: Free array Reference from NewNameAzpGetTokenUserGroupsFromAuthzContext: NULL ppTokenUser or NULL ppTokenGroups not allowed %ld AzpGetTokenUserGroupsFromAuthzContext: AuthzGetInformationFromContext failed %ld AzpGetTokenUserGroupsFromAuthzContext: SafeAllocaAllocate failed %ld AzpGetSidsFromUserGroups: null pSidList or pdwListSize AzpGetSidsFromUserGroups: out of memory. AzpIsSidInList: hObject is not Role or Group. AzpIsSidInList: Role does not have non-member SID list. AzpAuthzCheckSid: hAuthzHandle must not be NULL. AzpAuthzCheckSid: pbIsGood must not be NULL. AzpAuthzCheckSid: pSid must not be NULL. AzpSidsImplyObjectMembership: both pbAnswer and pbIsNonMember must not be NULL. AzpIsUserAuthzMember: pbAnswer must not be NULL. AzpGetClientContextSids: failed. a@@@@pPAzpGroupInit: memory allocation failed %ld AzpGroupGetProperty: invalid opcode %ld AzpGroupGetProperty: cannot set group type to ldap query if group has membership. AzpGroupGetProperty: cannot set group type to basic if group has bizrule string. AzpGroupGetProperty: cannot set group type to basic if group has ldap query string. AzpGroupGetProperty: This version of the store doesn't support creating bizrule group. AzpGroupGetProperty: cannot set group type to bizrule if group has ldap query string. AzpGroupGetProperty: invalid grouptype %ld VBScriptAzpGroupSetProperty: can't set Bizrule before group type AzpGroupSetProperty: Must set language before bizrule AzpGroupSetProperty: can't set Bizrule type before group type JScriptAzpGroupSetProperty: invalid language %ws AzpGroupSetProperty: can't set Bizrule Path before group type AzpGroupSetProperty: can't set ldap query before group type ldap://invalid LDAP query syntaxAzpGroupSetProperty: GroupEvalSerialNumber set to %ld AzpGroupSetProperty: invalid propid %ld AzpGroupAddPropertyItem: invalid group type %ld AzpRoleInit: memory allocation failed %ld AzpRoleGetProperty: invalid prop id %ld TrueFalseBasicLdapQueryBizruleMSXMLDomainTimeoutScriptTimeoutMaxScriptsAuditsApplicationDataMajorVersionMinorVersionAzApplicationAzApplicationGroupApplicationCLSIDApplicationVersionAzOperationAzTaskAzScopeAzRoleOperationLinkOperationIDTaskLinkBizRuleImportedPathRoleDefinitionBizRuleLanguageBizRuleAppMemberLinkAppNonMemberLinkGroupTypeMemberNonMemberAzAdminManagerxml file %ws exists. xml file %ws doesn't exist. IXMLDOMDocument2::load failed. HRESULT = %d. Intepreted as 'file not found'.IXMLDOMDocument2::load failed. HRESULT = %dCoCreating IXMLDOMDocument2 failed. HRESULT = %dXmlCheckSecurityPrivilege: invalid full path '%ws' XmlCheckSecurityPrivilege: path is too long '%ws' ::$dataAzpChangeSinglePrivilege failed to reset to original. Error code: %d(myXmlSetNodeAttribute)pNode = 0x%lx (myXmlSubmitObjectAttribute)pNode = 0x%lx %dNameGuidDescription <?xml version="1.0" encoding="utf-8" ?> <AzAdminManager MajorVersion="%d" MinorVersion="%d" Guid="%s"> </AzAdminManager>pDoc->loadXML%s error occured: 0x%lx(%ws) %s error occured: 0x%lx fileSelectionLanguagedefault SelectionLanguage=%ws XPath//%s[.="%s"]XPath query(link delete)=%ws Not found %s under tag %ws hr = 0x%lx, pObjectNode(from myXmlGetNamedGuidNode) = 0x%lx A new element node, 0x%lx, is added for %s pObjectNode, 0x%lx, is released //*/%s[@%s="%s"]XPath query(refresh)=%ws 1.2.840.113556.1.4.8051.2.840.113556.1.4.14131.2.840.113556.1.4.529msDS-AzApplicationNamecnmsDS-AzScopeNamenamedescriptionmsDS-AzApplicationDatamsDS-AzGenerateAuditsmsDS-AzDomainTimeoutmsDS-AzScriptEngineCacheMaxmsDS-AzScriptTimeoutmsDS-AzMajorVersionmsDS-AzMinorVersionallowedAttributesEffectiveallowedChildClassesEffectiveobjectVersionuSNChangedobjectGUIDmsDS-AzClassIdmsDS-AzApplicationVersionmsDS-AzOperationIDmsDS-AzBizRulemsDS-AzBizRuleLanguagemsDS-AzLastImportedBizRulePathmsDS-OperationsForAzTaskmsDS-TasksForAzTaskmsDS-AzTaskIsRoleDefinitionmsDS-MembersForAzRolemsDS-OperationsForAzRolemsDS-TasksForAzRolegroupTypemsDS-AzLDAPQuerymembermsDS-NonMembersmsDS-AzAdminManagermsDS-AzApplicationmsDS-AzOperationmsDS-AzTaskmsDS-AzScopegroupmsDS-AzRolecontainerAzOpObjectContainer-AzTaskObjectContainer-AzGroupObjectContainer-AzRoleObjectContainer-(objectClass=msDS-AzAdminManager)(objectClass=msDS-AzApplication)(objectClass=msDS-AzOperation)(objectClass=msDS-AzTask)(objectClass=msDS-AzScope)(objectClass=group)(objectClass=msDS-AzRole)MSLDAPAzpADSetObjectOptions: AzpeSetObjectOptions failed: %ld AzpADPersistOpenEx: AzpLdapCrackUrl failed on %ws: %ld AzpADPersistOpenEx: ldap_init failed on %ws: %ld: %s AzpADPersistOpenEx: AzpADSetDefaultLdapOptions failed on %ws: %ld AzpADPersistOpenEx: ldap_connect failed on %ws: %ld AzpADPersistOpenEx: AzpADSetLdapEncryptionOption failed on %ws: %ld AzpADPersistOpenEx: ldap_bind failed on %ws: %ld AzpADPersistOpenEx: AzpCheckDomainVersion failed on %ws: %ldCN=AzpADPersistOpenEx: ldap_get_option failed : %ld AzpADPersistOpenEx: AzpReadADStore failed: %ld BizRule group not supported, please update the schema AzpADPersistUpdateChildrenCache: AzpADBuildDN failed: %ld AzpADPersistUpdateChildrenCache: failed to init paged search handle: %ld AzpADPersistUpdateChildrenCache: failed to read paged results: %ld AzpADReadHasChildrenObject: Reading of Child container objectfailed: %ld AzpADPersistSubmit: AzpADStoreHasUpdate failed: %ld AzpADPersistSubmit: AzpADBuildDN failed:%ld AzpADPersistSubmit: AzpADBuildNameSearchFilter failed:%ld Submitting a new object with name that has been submitted by other instances of azstore objectAzpADPersistSubmit: AzpADBuildDN failed: %ld AzpADPersistSubmit: Failed to delete object %ws: %ld AzpADPersistSubmit: Update failed for object %ws: %ld AzpADPersistRefresh: AzpADBuildDN failed: %ld AzpADPersistRefresh: Search on object failed:%ld AzpADPersistRefresh: AzpReadADStoreObject failedfor %s: %ld AzpADPersistWritable: %ws attribute isn't writable AzpADPersistWritable: Error calling AzpADPersistChildCreate: %ld AdCheckSecurityPrivilege: AzpADReadNTSecurityDescriptor failed: %ld AzpADPersistOpenEx: AzpCheckVersions failed with error: %ld AzpReadADStoreObject failed: %ld AzpReadADStore: AzpADReadAzStoreChildren failed: %ld AzpADReadAzStoreChildren: Failed to read Application Groups: %ld AzpADReadAzStoreChildren: Failed to create paged result handle: %ld AzpADReadAzStoreChildren: AzpADReadPagedResult failed: %ld AzpADReadPagedResult: Reading of child objectfailed: %ld AzpADReadPagedResult: Updating children failed: %ld AzpADReadPagedResult: Failed to read paged LDAP result: %ld ,AzpReadADObjectContainer: Reading of child objectfailed: %ld AzpReadADStoreForCommonData: AzpInitializeObjectName failed: %ld AzpReadADStoreForCommonData: AzpeCreateObject failed: %ld AzpReadADStoreForCommonData: AzpADCreateGuidCN failed for %ws: %ld AzpReadADStoreForCommonData: Read description failed: %ld AzpUpdateObjectGuid: Failed to allocate memoryAzpReadADStoreObject: Object creation and common data read failed: %ld AzpReadAttributeAndSetProperty failed: %ld AzpReadADStoreObject: Failed to apply policy ACLs: %ld AzpReadADStoreObject: AzpADPersistWritable failed: %ld AzpADSetObjectOptions failed: %ld <Unknown>AzpReadAttributeAndSetProperty:AzpADReadLinkedAttribute failed for attribute %ws of %ws: %ld TRUE%s;range=%d-%d%s;range=%d-*AzpReadLinkedAttribute:AzpADParseLinkedAttributeValue failed for %ws: %ld AzpReadAttributeAndSetProperty: AzpeAddPropertyItem failed: %ld AzpADReadAttributeAndSetProperty:AzpeAddPropertyItemGuid failed on: %ld CN=AZGROUPOBJECTCONTAINER-CN=FOREIGNSECURITYPRINCIPALS,AzpADParseLinkedAttributeValue: ldap_set_option LDAP_OPT_REFERRALS failed: %ld AzpADParseLinkedAttributeValue: Failed to run search for group type for %ws: %ld <GUID=<SID=AzpApplyPolicyAcls: AzpADReadNTSecurityDescriptor failed :%ld AzpADApplyPolicyAcls: AzpeSetSecurityDescriptorIntoCache failed:: %ld AzpUpdateADObject: AzpADUpdateObjectAcls failed for %ws: %ld AzpUpdateADObject: Read writable failed: %ld AzpUpdateADObject: AzpGetAttrsForCreateObject failed for %ws: %ld AzpUpdateADObject: AzpGetADCommonAttrs failed: %ld AzpUpdateADObject: Get property failed for %s: %ld AzpUpdateADObject: Failed to add/modify %ws : %ld %ld AzpUpdateADObject: UuidCreate failed for %s: %ld AzpUpdateADObject: Failed to search object %s: %ld AzpUpdateADObject: AzpSetGuidAndOptions failed for %s: %ld objectClassAzpCreateADObject: Failed to add object %ws: %ld %ld AzpUpdateADCommonAttrs: AzpeGetProperty failed for object name: %ld AzpADUpdateCommonAttrs: Failed to rename %ws: %ld AzpADUpdateCommonAttrs: Get property failed : %ld AzpGetSpecificProperty: AzpADHandleSubmitLinkedAttribute failed for %s: %ld AzpADGetSpecificProperty: Get Property failed: %ld FALSEAzpHandleSubmitLinkedAttribute: AzpeGetDeltaArray failed for %ws: %ld AzpADHandleSubmitLinkedAttribute: AzpeGetDeltaArray failed for %ws: %ld AzpHandleSubmitLinkedAttribute: ConvertSidToStringSid failed: %ld AzpHandleSubmitLinkedAttribute: UuidToString failed: %ld AzpADUpdateObjectAcls: AzpADReadNTSecurityDescriptor failed :%ld AzpADUpdateObjectAcls: AzpeGetSecurityDescriptorFromCache failed: %ld AzpADUpdateObjectAcls: AzpADStampSD failed with SACL/DACL: %ld AzpADUpdateObjectAcls: AzpApplyPolicyAcls failed with DACL: %ld AzpADBuildDN: AzpADBuildDNForBuiltinObject failed:%ld AzpADBuildDN: AzpADObjectContainerRDN failed:%ld AzpADBuildDN: AzpADBuildChildObjectDN failed for %s: %ld AzpADBuildDN: AzpADGetCNForDN failed: %ld AzpADBuildDN: AzpADObjectContainerRDN failed for %ws: %ld AzpADBuildDN: AzpGetCNForDN failed: %ld AzpGetCNForDN: Failed to quote RDN for object %ws: %ld mayContainsystemMayContainschemaNamingContextdefaultNamingContextsupportedCapabilities1.2.840.113556.1.4.1851msDS-Behavior-VersionNTSecurityDescriptor1.2.840.113556.1.4.801AzpADReadNTSecurityDescriptor: AzpADBuildDN failed: %ld AzpADReadNTSecurityDescriptor: Failed to perform search on %ws: %ld AzpADStampSD: Failed to update security descriptor on %ws: %ld ldap Error:%ld Extended Error: %ws 1(&(objectClass=msds-azapplication)(msds-azapplicationname=%s))(&(objectClass=msds-azscope)(msds-azscopename=%s))z 0IAzScopeGetProperty: invalid prop id %ld AzTaskGetProperty: scope is delegated - bizrule not allowed %ld AzTaskGetProperty: invalid prop id %ld AzpTaskSetProperty: Must set language before bizrule AzpTaskSetProperty: invalid language %ws AzpTaskSetProperty: invalid prop id %ld AzpOperationGetProperty: invalid prop id %ld OperationHash: objects already in hashAzpOperationSetProperty: Operation Id too small %ld AzpOperationSetProperty: Operation ID %ld is already used. AzpOperationSetProperty: invalid prop id %ld Ref by operation idlist too longAzpCheckOperationCache: Operation cache avoided since interfaces passed in AzpCheckOperationCache: OpCacheSerialNumber changed from %ld to %ld AzpCheckOperationCache: Parameter count changed from previous call %ld %ld AzpCheckOperationCache: Parameter changed from previous call AzpCheckOperationCache: '%ws/%ws' found in operation cache AzpUpdateOperationCache: No operations to cache AzpUpdateOperationCache: Added '%ws/%ws' %ld to operation cache Scope CacheOperation CacheAzpPersistReconcileOne (by guid): AzpPersistReconcileOne: ObAddPropertyItem failed %ld AzpPersistReconcileOne: %ws %ld 0x%lx 0x%lx AzpPersistReconcile: Cannot refresh object: %ws %ld AzpPersistReconcile: Cannot reconcile object: %ws %ld %ld MSSQLSYSTEM\CurrentControlSet\Control\LSA\AzRoles\ProvidersAzpPersistDetermineProvider: Open Provider reg key at 'HKLM\%ws' AzpPersistDetermineProvider: Cannot open Provider reg key at 'HKLM\%ws' %ld ProviderDllAzpPersistDetermineProvider: Cannot open Provider reg value at 'HKLM\%ws\%ws' %ld AzpPersistDetermineProvider: Cannot load libary '%ws' %ld AzPersistProviderInitializeAzpPersistDetermineProvider: libary '%ws' does not export '%s': %ld AzpPersistReconcile: Cannot reconcile object: %ws %ld AzpeCreateObject: Cannot find Object Head: %ld: %ld AzpeSetProperty: Property ID for non-scalar: %ld AzpeSetObjectOptions: bad options mask 0x%lx AzpeGetProperty: Property ID for non-scalar: %ld AzpeGetDeltaArray: invalid prop id %ld AzpeAddPropertyItemSid: called from submit: %ld %ld %ld AzpeAddPropertyItemSid: invalid prop id %ld AzpeAddPropertyItemSid: SID not valid AzpeAddPropertyItemGuid: invalid prop id %ld AzpeGetObjectByGuid receives NULL parameter pFoundObjectHandle. AzpGetChildGenericHead cannot find the child list head for type=%d. %AZ_CLIENT_DN%AzpParseLDAPUrl: NULL Pointer AzpParseLDAPUrl: URL is %ws Error allocating memory AzpParseLDAPUrl: url doesn't begin with ldap:// AzpParseLDAPUrl: Host name missing Error unescaping host name: %ws Error unescaping DN:<%ws> AzpParseLDAPUrl: missing DN *AzpParseLDAPUrl: missing Attribute baseonesubAzpUnEscapeString: InternetCanonicalizeUrl NULL Param AzpUnEscapeString: Out of memory AzpUnEscapeString: UrlUnescape failed with %x AzpUnEscapeString: First call to UrlUnescape failed with %x AzpGetCurrentUserSid failed: Status = %x AzpCaptureString: NULL not ok AzpCaptureString: zero length not ok AzpCaptureString: string too long %ld %ld %ws AzpCaptureString: SID not valid 0x%lx: 0x%lx: Free old array 0x%lx: 0x%lx: Allocate array AzpSafeArrayPointerFromVariant: parameter is not an array 0x%lx. AzpSafeArrayPointerFromVariant: Array %lx isn't single dimension array AzpSafeArrayPointerFromVariant: Array isn't array of VARIANT 0x%lx %lx AzpADSetDefaultLdapOptions: ldap_set_option LDAP_OPT_REFERRALS failed: %ld AzpADSetDefaultLdapOptions: ldap_set_option LDAP_OPT_AREC_EXCLUSIVE failed: %ld AzpADSetDefaultLdapOptions: ldap_set_option LDAP_OPT_DNSDOMAIN_NAME failed: %ld AzpADPersistOpenEx: ldap_get_option for LDAP_OPT_SSL failed AzpADSetLdapEncryptionOption: ldap_set_option LDAP_OPT_ENCRYPT failed: %ld (null)%s<Invalid Sid>0x%lx %ld (%ld) %ws: %s [AZROLES] %02u/%02u %02u:%02u:%02u HANDLEOBJLISTINVPARMPERSISTOBJREFDISPATCHACCESSDOMREFXMLADSQLSCRIPTCRITICALFUNCALLUNKNOWN[%s] Error Message: WideCharToMultiByte failed Failed to create log entry: StringCchVPrintfA failureAzManSQLProvider::Initialize: NULL pwszConnStr. AzManSQLProvider::Initialize: Not enough memory for db instance. AzManSQLProvider::Initialize(): Database::Open() returned 0x%08X. AzManSQLProvider::Initialize(): Not enough memory for db connection. AzManSQLProvider::Initialize(): SqlConnection::DriverConnect() returned 0x%08X. AzManSQLProvider::Initialize SqlConnection::DriverConnect returns 0x%08X. AzManSQLProvider::Initialize(): FAILED to initialize AES crypto provider Error 0x%08X. AzManSQLProvider::NeedsReconnect(): SqlConnection::NeedsReconnect returned %d. masterFAILED to initialize SHA256 hash algorithm Error 0x%08X. CryptHashData FAILED Error 0x%08X. CryptGetHashParam FAILED Error 0x%08X. AzMultiValuePropertyBuffer::NextPage is out of memory. No object can be found for guid=[%ws] in the visible tree. No object can be found for the given guid. =%d%wsAzMultiSidBuffer::NextPage is out of memory. |UuidCreate failed. AzpeGetProperty failed. AzObjectRecord::Initialize failed. AzObjectRecord::PopulateObject receives NULL objectHandle. Fails to set property (id is %d) to value %wsFails to set property (id is %d) to value %dAzObjectRecord::PopulateObject failed. ContainerRecord::Initialize failed. RoleRecord::Initialize fails to allocate memory for SID. TaskRecord::Initialize fails to allocate memory for Bizrule language TaskRecord::Initialize fails to allocate memory for Bizrule Path GroupRecord::Initialize fails to allocate memory for Bizrule language GroupRecord::Initialize fails to allocate memory for Bizrule Path GroupRecord::Initialize fails to allocate memory for SID. 1!defighSELECT count(*) FROM sysobjects WHERE name = 'AzMan_AzAuthorizationStore' and type = 'U' QueryChildrenUpdateTimeStamps fails for action=%d and objectType=%d. ObjectTimeStamp::GetUpdateInformation failed. QueryObjectUpdateTimeStamp has NULL parameter pRowTimeStamp.AzManSproc::Fetch failed with error: %d. QueryObjectUpdateTimeStamp failed. QueryChildrenUpdateTimeStamps has NULL parameter pTSMap.QueryChildrenUpdateTimeStamps failed to allocate memory. Invalid Stored Procedure Object: no ObjectRecord. QueryChildrenUpdateTimeStamps failed. StoreTimeStamp::GetUpdateInformation failed. SqlStoreHasUpdate has NULL pPersistContext or pbNeedUpdate parameter. AzpeSetObjectOptions failed. Enter PopulateObjectSingleValueProperties. PopulateObjectSingleValueProperties: objectHandle = NULL is invalid. PopulateObjectSingleValueProperties: pSproc = NULL is invalid. AzManSproc is invalid: No AzObjectRecord object. Leave PopulateObjectSingleValueProperties. return value: 0. Leave PopulateObjectSingleValueProperties. return value: %d. Enter PopulateObjectOptionalValueProperties. PopulateObjectOptionalValueProperties: objectHandle = NULL is invalid. PopulateObjectOptionalValueProperties: pSproc = NULL is invalid. Leave PopulateObjectOptionalValueProperties. return value: 0. Leave PopulateObjectOptionalValueProperties. return value: %d. PACL parameter for SqlLoadPolicyUser is NULL. Policy user type is not supported %d. Object of type %d does not support the action %d. AzManSproc::Execute failed. AzManSproc::Execute failed with error: %d. There are too many policy users for an ACL to hold. AddAccessAllowedAceEx fails. Error reading users of type %d SqlGetObjectSecurityDescriptor has NULL PSECURITY_DESCRIPTOR. InitializeSecurityDescriptor failed. SetSecurityDescriptorDacl failed. SqlGetObjectSecurityDescriptor failed. SqlGetObjectSecurityDescriptor failed %d. AzpeSetSecurityDescriptorIntoCache failed %d. SqlLoadAcls failed. GetAclInformation failed. CollectSids: duplicate SID. CollectSids: set::insert failed. AzManSproc::Execute failed AzManSproc::Execute failed with sqlStatus: %d. SqlUpdatePolicyUser failed. SqlUpdatePolicyUsersByAcl failed to allocate memory. SqlUpdatePolicyUsersByAcl failed. AzpeGetSecurityDescriptorFromCache failed. GetSecurityDescriptorDacl failed. SqlUpdatePolicyUsers failed. SqlLoadPolicyStore receives NULL pSqlPersistContext. Error to create a database %ws that already exists. Error setting MajorVersion. Error setting MinorVersion. Error setting default options. Error to open database %ws that does not exist. SqlLoadPolicyStore failed. SqlLoadPolicyStore succeeded. SqlProviderInitialize receives NULL parameters: %d. SqlProviderInitialize receives lower version number in AzrolesInfo: %d. Both OldSqlContext and sqlUrl being NULL is invalid. SQL URL does is not valid: it does not contain a database name information. Out of memory when allocating connection string. Out of memory when allocating PAZP_SQL_CONTEXT. Out of memory when allocating AzmanSQLLayer. AzmanSQLLayer::Initialize failed. SqlLoadPolicyStore SQL provider is invoked without mssql prefix "mssql". ://SQL provider URL is missing %ws. SqlPersistIsUpdateNeeded called with pbIsUpdateNeeded = NULL or pSqlPersistContext = NULL. SqlPersistIsUpdateNeeded failed. SqlPersistUpdateCache has updates. SqlPersistUpdateCache has no updates. SqlPersistUpdateCache failed. SqlPersistUpdateChildrenCache called. SqlPersistUpdateChildrenCache failed. SqlRemoveSqlRoles receives NULL SqlConnection. AzDatabaseSproc::Create fails with SqlStatus=%d. AzDatabaseSproc::Execute (AzMan_SPD_SQLRole_ForObject) fails with SqlStatus=%d. SqlPersistDelete failed. BeginTransaction returns: %d. CommitTransaction returns: %d. RollbackTransaction returns: %d. SqlPersistSubmit receives NULL PersistContext. SqlRemoveSqlRoles failed. SqlSubmitShallowProperties failed. SqlSubmitOptionalProperties failed. SqlSubmitMultiValueProperties failed. SqlUpdateStoreStateInfo failed. SqlPersistSubmit failed. SqlCreateObject receives NULL sqlPersistContext. GetStoreProcedure fails. SqlCreateObject receives NULL sqlPersistContext or NULL ppSproc. Object of type = %d does not support action %d. AzManSproc::Execute partially succeeded. Check Sproc %ws SqlExecuteNonQueryForObject failed with error: %d. SqlExecuteQueryForObject receives NULL sqlPersistContext or NULL ppSproc. PopulateObjectSingleValueProperties failed with error: %d. PopulateObjectOptionalValueProperties failed with error: %d. AzpeClearPropertyItemList failed: propID=%d, ObjectType=%d, ObjectName=%s. AzpeClearPropertyItemList fails for property (id is %d). Fails to set property (id is %d). SqlLoadMultiValues failed.AzpeAddPropertyItemSid: set::insert failed. SqlCreateChildListShallow failed.SqlCreateChildListShallow failed with error: %d. SqlCreateChildFromRecord receives NULL ppObject or NULL pSproc parameter. AzManSproc does not have AzObjectRecord. Fetch fails. AzpeGetObjectByGuid fails. AzpeCreateObject fails. SqlCreateChildFromRecord failed.SqlLoadChild failed.SqlLoadChildren (Loading type: %d.) Failed to allocate memory for object list. SqlLoadChildren (Type being loaded: %d.) SqlLoadSpecificChildObjectShallow failed with error: %d. Child object of type %d starts recursive loading. SqlLoadMultiValues failed with error: %d. SqlLoadObjectOptionalData failed with error: %d. SqlLoadChildren failed with error: %d. SqlLoadChildren failed.SqlLoadChild failed. ObjectTimeStamp allocation failed. AzpeGetObjectByGuid failed. SqlRefreshObjectsByTimeStamp failed. AzMan_SPS_Get_ObjectSecurityOptionAzMan_SPS_Get_AzApplicationAzMan_SPS_Get_AzScopeAzMan_SPS_Get_AzTaskAzMan_SPS_Get_AzOperationAzMan_SPS_Get_AzRoleAssignmentAzMan_SPS_Get_AzApplicationGroupAzMan_SPD_AzApplicationGroupAzMan_SPD_AzApplicationAzMan_SPD_AzScopeAzMan_SPD_AzTaskAzMan_SPD_AzRoleAssignmentAzMan_SPD_User_From_RoleAzMan_SPI_AzApplicationAzMan_SPI_AzTaskAzMan_SPI_AzScopeAzMan_SPI_AzRoleAssignmentAzMan_SPI_AzApplicationGroupAzMan_SPI_Add_User_To_RoleAzMan_SPS_Enum_AzApplicationGroupAzMan_SPS_Enum_AzScopeAzMan_SPS_Enum_AzTaskAzMan_SPS_Enum_AzRoleAssignmentAzMan_SPS_Get_Role_For_ObjectAzMan_SPS_Get_DBOwnersAzMan_SPS_Enum_AzApplicationGroupUpdateTimeStampAzMan_SPS_Enum_AzRoleAssignmentUpdateTimeStampAzMan_SPS_Enum_AzTaskUpdateTimeStampAzMan_SPI_Create_SqlRole_For_ObjectAzManSproc::GetStoreProcedure receives NULL pSproc parameter. AzManSproc::Initialize receives NULL objectHandle. AzObjectRecord::NextPage fails. AzManSproc::AdvanceDataBuffer called without AzObjectRecord member. AdvanceDataBuffer fails. AzManSproc::BindParameters for action=%d and childType=%d. Stored Procedure %ws does not support parameter of ID=0x%x. Stored Procedure %ws does not support result parameter of ID=0x%x. Negative SQL return code 0x%x is interpreted made positive. AzMan_SPS_Get_AzAuthorizationStoreByNameAzMan_SPS_Get_StoreIDByNameAzMan_SPS_Enum_AzApplicationsAzMan_SPI_AzAuthorizationStoreAzMan_SPU_AzAuthorizationStoreAzMan_SPS_Enum_AzAuthorizationStoreUpdateTimeStampAzMan_SPS_Enum_AzApplicationUpdateTimeStampAzMan_SPD_AzAuthorizationStoreAzMan_SPS_Enum_AzOperationAzMan_SPI_AzOperationAzMan_SPU_AzApplicationAzMan_SPD_AzOperationAzMan_SPS_Enum_AzScopeUpdateTimeStampAzMan_SPS_Enum_AzOperationUpdateTimeStampAzMan_SPU_AzScopeAzMan_SPU_AzRoleAssignmentAzMan_SPI_AzRoleAssignment_Multi_AppMembersAzMan_SPI_AzRoleAssignment_Multi_SidMembersAzMan_SPI_AzRoleAssignment_Multi_OperationsAzMan_SPI_AzRoleAssignment_Multi_TasksAzMan_SPS_Enum_AzRoleAssignment_AppMembersAzMan_SPS_Enum_AzRoleAssignment_SIDMembersAzMan_SPS_Enum_AzRoleAssignment_OperationsAzMan_SPS_Enum_AzRoleAssignment_TasksAzMan_SPS_Get_AzApplicationGroup_LDAPQueryAzMan_SPU_AzApplicationGroupAzMan_SPI_AzApplicationGroup_Multi_AppMembersAzMan_SPI_AzApplicationGroup_Multi_AppNonMembersAzMan_SPI_AzApplicationGroup_Multi_SidMembersAzMan_SPI_AzApplicationGroup_Multi_SidNonMembersAzMan_SPIU_AzApplicationGroup_LDAPQueryAzMan_SPS_Get_AzApplicationGroup_BizruleInfoAzMan_SPIU_AzApplicationGroup_BizruleAzMan_SPS_Enum_AzApplicationGroup_AppMembersAzMan_SPS_Enum_AzApplicationGroup_AppNonMembersAzMan_SPS_Enum_AzApplicationGroup_SIDMembersAzMan_SPS_Enum_AzApplicationGroup_SIDNonMembersAzMan_SPU_AzTaskAzMan_SPS_Enum_AzTask_OperationsAzMan_SPS_Enum_AzTask_TasksAzMan_SPI_AzTask_Multi_OperationsAzMan_SPI_AzTask_Multi_TasksAzMan_SPS_Get_AzTask_BizruleInfoAzMan_SPIU_AzTask_BizruleAzMan_SPU_AzOperationAzMan_SPD_SQLRole_ForObjectAzMan_SP_Grant_PermissionAzDatabaseSproc::PrepareParameters failed. AzDatabaseSproc::Create failed. =L9o<{Oyz3)6{O>`3)6{O>`s.O Q[$|pQ[ ,|,p=!CACkCCCCDQD{DDE8EvEEEE>FFFF+G]GGGHKH{HHHH/IaIIIIJMJJJJ?KtKKK"LJLLLL M5M_MMMMN1NeNNNO5OiOOOPUPPPPQ0QZQQQQR,RVRRRRR(SRSrSSSS)TQTTTT.U`UUUUHVzVVVW=WmWWWXAXkXXXXuYYY!ZZZ[y[[ \_\\\]d]]]]1^{^^^______RSDS@͗2Ŏ:azroles.pdbGCTLX".rdata$brcX2.CRT$XCA\2 .CRT$XCLh2 .CRT$XCU2.CRT$XCZ2.CRT$XIA2.CRT$XIAA2.CRT$XIZ2.cfguardH01.rdatay8.rdata$sxdata|.rdata$zzzdbg.text$diT.text$mnC.text$x `/.text$yd8a\..xdata$xATL$__aATL$__z.didat$2 .didat$3.didat$4.didat$6X.didat$7@.edata.data$brc.data$r$brc .data`.bss.idata$5.00cfg.idata$2.idata$3.idata$4pX.idata$6.didat$5@.rsrc$01@P.rsrc$02\Vx $h`0Y̡x| ,<L\̡̮ܮ̡ ̡@DH<LLP\TlX|\`̡8<̡ ĠȠ̡ | $̭(ܭ,̹6Th0`ٶY̹4Ty%0hP`讶Y̹Sx ж(hp`{Y13@t;t t33@;t t3̋V>t6_&f^̋US3VVSj^^^ ^^^^lPqu9]t[MQff;u+hjZY3ɋ QFYYuhLKh@yYY uӋs^[]̋VW39~t v\Y~9~ t v KY~ 9~t v:Y~9~t v)Y~~9>t6jhP>9~t vY_^̋UVu3Wt 3A;ЋQuu3F_^]̋VNXV舩Y^̋UQS3VW9uj_{u @}f93Qff;u+hjZq3ɋ QfCYYu W֋hjCF3uYYtFF FFFTuMsQ!t5 t%Q3C tQ_^[]̋UQESVW3ΉUt'RjYtMu ؋{utu3F_^[]̋SVW^;tS0jlPZtzVYxt pQs"jpjp jp3dPt.ujjjl3`Pt3 A_^[̋UQE SVW3ɋمf9_9 tS0j[SlPt7u 3ҍNff;u+3ɉEh Q˭YYus33QfEPuSVu Qw\Pt2jjjlw`Pt 3ҋ tSYru_^[]̋VW39~t0vTPjvjhQRf_^j(!CTF3ɋىM]E܉MЉMԉME@MNQω}uWhKh@ URehKh@YYMQs M{ tc EPN؅u!E`K QvjlP|ω}<ω}!ω}t_EPN~؅u9Xtzjpjmv`Pω}ubWhLh@  ]3BLWh|LhWh[M_3^]̋U(3ʼnEeEeSVWM3MPx ؉]bj_Fu܋p$f;tft f33hj E耣E}YYt 3GG3}}Ep MEhjMQhPuEup pȋE@#EEfts3Bf;Jt=vEMɃt;u HEhj ؉F觢EYYt ``3FD؉F39OtvEtuCSQE3ɋMv6P{M NMvuߋM}ut u33fL3 7u?t7WhYu}SVpj_MEPS ؉EtAuQM@?t7<WYu@3M_^3[4]̋UQ3ʼnEEVWw GVpjlP#u&lOWH u@G3t׋Ptŋtp֋#M_3^b]̋V,{NtVj~ tv jhP4f ^̋U3ʼnEeESVWP}g,t'q֍EPwuދ}w HPt u9<tSdt7t,ejq֍EP uw XPJƋM_^3[]̋UVWjuv DP u8tv XP_^]̋UQQSVWj^D$tu @j ^J@eAEff;Eu+Mt4VF;v @DsЋt hMO hM@tYhMthMu3Qff;u+3hMfDKbhMQ3_^[]̋VWjFPv DPu8tv XPY_^̋VWjFPv D?u8t v X_^̋U$3ʼnESVWj_W3ۉ^CPhPPEPSRQ|fE OE OE OE OE O= wHu=EX=GM=%BQMQP4uC PEPhMjFu w#M_^3[y]̋UUSVWj3J_ff;u+3h4U> Q<YYuj^VhNh QuuhNVW@y 7&W@tVWhHNhg3WoY_^[]̋UVqjujmv`P^u|3]̋UQE SVWhNPuM33xul%Wu|WutP3uujX M3PV_^[]̋UQQS]VW3MU;] ǃt]tMtusF< ul?8\`P0uNV NV`/8\`WP0uNV N V XX9a9]*j@tPWhS@VP tPVP hSVP xXLPhSP`PWHX u[X`SSSSSSSPSSSVTtVTu 9`uPH(HhShP tPhP hShP tTTPhSPW ulÅtVTuUSSSSSSS`PSSSVDtVDu 9`uPH2HtVtW@\\\Ë؅tVq֋M_^3[k]̋U83ʼnEEVu )!SW38SPQ>u ;u zfft)Ƀ.t \uPfuޅuVPy_$T}+Af=v@TEP+PS iPxPu<_[@M3^Lj]̋U3ʼnES3VWPPS؅Q3SS8SjPO$W$9VPVhP[3fEf9t*3S \t /t:uf90uދ+ssc3f=PSVtPyVM_^3[h]l̋SQQUkl$QQ3ʼnE ܶ3VW=ض;sOUt;rjօx\ujv֋ЋEx: ܶ;rx) Զx5,t5֋M_3^h][̋;uA;BuA;Bu A ;B u3@3̋V~t 6F^̋UQQ3ʼnE=жuVVu u@F&3W=ضEt9pt cu0;=ܶr܋} ?_u u^M37g]}GE90u:h3G90uwPh0Tw ֋hE} tWu0Q֋t̋UQQ3ʼnEW}u @'SV53ۅt}9^t M}u $u_FE9u:h3ۍF9uPh0Tv v֋hEtWu 0Q֋؃?uuUWu B^[M3_e] ̋UQ3ʼnEVW=t4-OtQp֋w ΃gjփ$?u΋=ضܶ7tv j֡ܶ;r߹TM_3^Le]̋UQ3ʼnEVWPt&=P=tw j֍$?u=ضܶ7tv j֡ܶ;rߋM3_3^d] ̋UjujeZF]̋UjujuZ&]̋UQ3ʼnESWt<{t!V7w֋wW]Yu^Mc3_[d]ù ̋UQ3ʼnESW_;t7 t sg O(tVQp^GP#M_3[c]̋UV0yEtV"]Y^]3@A@̃AH̋A̋UQ3ʼnES]u@?VW3q(9>uVh@TjWht 6&Y~tvfYf^̋VW3G~,x4;}04XY;w} G4XGFY;|ԋ_3^ùk̋UVuW~WNW_^]jvEeuVEFxt P@uE*sdj hHeh3uQE3Ɂ8ËeuEh̋USV3St0W}ft#fqj'Xf9uC;sFj'XfqF;r_3fq^[]̋UVM)EPuhV@^]̅u3ÍQffu+̋V6V&Y^̋UVjF@P6D u3CFj@PvD tVFtENtE F3@^]j$EcMЋED} :3j]Zqff;u+Ή]]M3ɉE QUYȉM mËM3jMXEM }3ɉ]jZEEE QUEYuE3ۋE}܋uEutVtRMQuQPg EPu PVN MЍEPEPit E}܋3EVUMWTYY3ajEa} tL}tFu~WeueNu TWMWa 1Y̍A9̋UVuYt^] l~ qjjjQ̋UQSVWGPE3ۋ9_ ~Gu4t F;w |tx;w }Gu_^[]~̋US] VWK;;~;|4?t;}jYwcrw\PvtNF~xB;N}=V+;V3Fҍ HPuRQ3ҋFfH3@3_^[]j\E_uE Ex3ۉQff;u+ d}jYE];wwPEt 3fÉE]u 7f9j%^f90uPf90ujPMt֋E+Q7Ej POEPЅ]Eqff;u+QRMM]3u97t7;uj%^7f9 EM]u@ @]̋V3Wfuf;tPfu_^̡8SVWuV@$Jj8XfD@jfLXjfTXH(JP,JX0Jf\34@Wt Fr3f D3f @_^[̋UQQU SVWtI3EύAEff;Eu+MAu^̋Ujh>FdPQ(!d3ʼnESVWPEdeEE E3fPcIu $P'j_J +G-?t3ۍQff;u+ʉA]E;w1w,=vP5 ]*WU3ۉ]j_t|ftAPȋ\uj0Xf9u3fQff9뷋3j_;t :DK3PSSPjPjS0$c듍3ۍQff;u+t @+‹EEnvWv4&Ë3ۋueUWSPX ~sj0YǙ+};|&9~@~F~ wW 70ӋǃjY+ȋj0YG;|WjS0$933ۍQff;u+MPPjS0$ox3Md Y_^[M3}Q] ̋UE]̋UQQMhLPW̅t, t t"tPt@W̋U _3ʼnEVW}f?=u/Wx' PxWx3M_3^P]̋UV6ut@|3@3^]̋U$3ĉ$ S]D$VWP3hQS7L$ L$$L$(L$0 9t$ t t$ D$D$ urL$ QVVVL$(QL$t 6&^̋UQ3ʼnESV3W9^uE9^u@hUthSPSVjtȅ 3ufHW9t AiI̋Uh 3ʼnESVu W3҉jY3Dž󫍍hƅtvPP3vu狍P5hP3VuK=uz/PtW;tjj"^fPug@0fEE=3fPh`TP  PhpTP9}tt3jt+WhTSP1W.M_^3[@]C̋UuU uM]̋U,3ʼnESV3pW}fEhj@f؅] @f9uufjZjYfuhZhSF f;uwhZhSEf;u GPhZjYf;u1w0hZhSE=f u>hZhSEQ;wƅf fuuh(\hSKE 4tPVff#@fftf#fjY+t9t-t!tjY+th[!h[hl[hH[ h([h[hSD u4f PsYePV;~Wh[hP>DPC3;jZ f;u_Dt7P0h[hPCch[h[hPCAjZf;u th\jZf;u DPh \h\hPeC xPB@ ttVt tVËM_^3[<]̋Vt uv;t3^3@^̋U3ʼnESڋ]EVW33f90MuQMuQVMEQVPVuDlzt0t!t= t: -#uj@MEPjZ/Ay ]t7;lw/K ;r"2tCJt Stcku'C;r 5tP֋t Heap]9;tKtGEPEPVEP3ujDu.ltt t~t>HeapuV5dօt;t 3#We_^[M3:]̋U 3ʼnES]UEVWu W33tMuQMuQVMEQVPVuHlzt0t!t= tN A7EPj@MEEPjZV?y  Mt@; lw8;r*0tEHt Stcku*MA;r 5tP֋t HeapE@EEE MQMQVMQPujHuwltt t]~]t>HeapuV5dօtSǍe_^[M38]9}t\}?Pj@ȉ t}EPvVh8\WQ财hD\WQ裢i3#YE3PD̋USVW}ډMu W37tEuPSLuHlt3lt(l= tl EuPEPjjj Vu4ȋEtXuT@HtJ90uFQff;u+MSj@ȉtES@pQF $3ҋWBy W3ҋ}t u8}t u_^[]̋V3F-tF+t:bt--t+t+t 3.&^̅u3 uytWftt܃uyufy̋UQSV3΅tW<ڋE3uu uPhL\juEu @v}0u cjh Uu 3M!E $M]EPh0TS3Wy4MEMQh0TP0MWSTpM4vEMQh0TP0SMWS&V,M_2EMQh0TP0MWS]MFEMQh0TP0MWSkMEMQh0TP0MWS`Mf]EPh0TS3CWuTM!EMQh0TP0MWuSJMjEMQh0TP0MWuSYMEMQh0TP0pMWuSqgFMLEMQh0TP0)MWuSMEMQh0TP0MWuSMEMQh0TP0MWuS#}tM u~EMQh0TP0u_MWuS8MuBEMQh0TP0u#QMWS辸uME!uWhVuht\VjqMMķ7> vN!:hj+G7Up}t,WMIe0Sh\jpMueMjh 9uu WUMYu tWЋufM EPVWuU t(sCtt~5*#u,UEPuuuu!E}t juQhVSh\Vj/p5(j]G5ڋpt.uMe0Wh]jxoMuMMu}jh 9uuWYUuDM juuU t(s"tt~ 3hVWhH]Vj}t huVShhcVj[7VShcVjZ_^[]̋USVWuuWhcjYZjS UuAUEM Pj9t(s"tt~ 3SVWh,dVjJZ_^[]̋U03ʼnE3Uf} SVWME؋؉EEEucu M𥥥PuBEPVNEPjZ,ySEPM M؅trtt~U3ȉMtM;lwE;r7ct&EE'̉MtjXStckȉMtDMUB;r/5tP֋ȉMvujXHeapȉM]3ЉE9F3u34uMj 1^f;ΉMMuuJMEDME܋Et:u܍FEff;EuƉu+EuEtuB4uf}uhE@E;Frt\}ujRU}uj}ujR3QM؅tc}jX;_3WEtPEt8Heapu5dP֋Ǎe_^[M3~]h0H*ىc{jY33ɈK {$MK(hhdjVYY3ɋEPhQhdh 3fQQQQDžPPQPPu *Vuhdj VYYPVPhIjjPxiWhVP9ׅyh8ejUYYS(RhVP9ׅyhebhfPjU t tPyV̋UQ3ʼnEVWhHfjUYYO(tQp֋O$tQp֍OâM_3^"]̋UQ3ʼnEVhpfjT} YYu@,Ex(t@(u hXP1֋@VhfVjTM3^]̋UQ3ʼnEVhfjS} YYu@,Ex$t@$u hXP1֋@Vh gVj$TM3^ ]̋S3VWjc {YK,C(.hlgjoSYYK,ucL_^[̋VWhgjDSLYYtjV jwL85Vw,腟%xO _^̋Uu E3jgpLj]̋Uu E3jgpLj]̋Uu E3jhpLj@]̋Uu E3j@hpLj-]̋Uu E3jdlhpLj]̋Uu E3jdhpLj]̋Uu E3jehpLj]̋Uu E3jehpLjU]̋Uu E3jf$ipLj!]̋Uu E3jfPipLj]̋Uu E3h|ipLjo]̋Uu E3hipLjC]̋Uu E3jipLj]̋UE3VWu uiu pLj_^]̋UVWE3PEu ju pLj2_^](̋UEMVWu 3Qu @jpLjh`Fj_^](̋UEMVWu 3Qu hjpLh Ijj_^](̋U$VWPu Et$ 3ҋjhpLjD$P_^]̋U$VWPu Et$ 3ҋjhpLj4D$P_^]̋U$VWPu Et$ 3ҋjhpLjD$P_^]̋U$VWPu Et$ 3ҋ$khpLjtD$P_^]̋UVEuWju 3ҹTkhpLjX_^]̋UVEuWju 3ҹkhpLj_^]̋UVEuWju 3ҹkhpLj_^]̋UVEuWju 3ҹkhpLj_^]̋UVEuWju 3ҹ$lhpLjX_^]̋UVEuWju 3ҹLlhpLj_^]̋UVEuWju 3ҹxlhpLj_^]̋UVEuWju 3ҹlhpLj_^]̋Uu E3jilpLj]̋UQpt(uM"0u hmjKuVW}L?tbMfuTSjS WVu u['S[t(s"tt~ 3VhPmVjK_^]̋UQeVWhmjJ} YYuWVhmVj6Ku3f9FDu`SjS NDUo(u EfS[t(s"tt~ 3QVh0nVjJ_^]̋UQVW} 3uuWCS]3f9sDu-jh KDU^*Mhf[_^]̋UQeVW}uWn3} fuSjS MEPj ZID'SE[ft(s"tt~ 3_^] ̋U} VtWUWjW Mj ZID(W_t(s"tt~ 3^]̋U} t2}t,VjV MuU ID&V3^W] ̋UVWhnj)H}YYLu]M uOSjS wL(S[t(s"tt~ 3VhnVjH_^]̋UVWhojGYYjh }LuXM OuJPwL(t(s3tt~%jwL/)u!GLhVh0oVjgG_^]jKH EPu eEPE3ҹtopLjjEPC ̋UE3VWu uou pLjhpj_^]̋UuEu pL] ̋UE3VWu uou pLjhoj_^]̋UE3VWupu pLhrj_^]jKH EPu eEPE3ҹDppLjjEEP ̋UE3VWu utpu pLjhoj _^]̋UE3VWu upu pLjhoj _^]̋UE3VWupu pLhppj_^]̋UVWu hqjfD jW EPLuWHM)u:Pu Rt(s"tt~ 3WVh0qVjUD_^]̋U$VWPu Et$ 3ҋtqhpLjD$P_^]̋U$VWPu Et$ 3ҋqhpLjD$P_^]̋UVEuWju 3ҹqhpLjh_^]̋UVEuWju 3ҹrhpLj(_^]̋UVEuWju 3ҹE 3GH_Lt$jh hGPwPM#kVh|Vj_^[]̋Uu UjrHrPRL设]̋Uu UԈjrHrPRL蛿]̋Uu UjrHrPRLN]̋Uu U jrHrPRL;]̋Uu U$jrHrPRL]̋Uu UHjrHrPRL۾]̋Uu UljrHrPRL@]̋Uu UhrHrPRL\]̋Uu UhrHrPRL0]̋UUȉVWu uu rHrPRLu_^]̋UUEVWPu u rHrPRL_^](̋USVWu hj jS }HuW`WPOLiuJMcuE 3GL_Pt$jh hGTwTMVcVh<Vj_^[]̋Uu UpjrLrTRP޶]̋Uu UjrLrTRP˷]̋Uu UjrLrTRP~]̋Uu UjrLrTRPk]̋Uu UЍjrLrTRP]̋Uu UjrLrTRP ]̋Uu Uh-rLrTRP軵]̋Uu U(h-rLrTRP訶]̋Uu U@h.rLrTRP[]̋Uu U`h.rLrTRPH]̋Uu Uh0rLrTRP]̋Uu Uh0rLrTRP]̋Uu UȎh1rLrTRPM]̋Uu Uh1rLrTRP!]̋U$VWPu Ut$ h,rLrTRP袩D$P_^]̋U$VWPu Ut$  h/rLrTRPBD$P_^]̋UU4VWu uh,rLrTRPf_^]̋UULVWu uh,rLrTRP臲_^]̋UUhVWu uh/rLrTRP_^]̋UU|VWu uh/rLrTRP_^]̋Uu UjrLrTRP0]̋UUVWu uu rLrTRPŧ_^]̋UUEVWPu u rLrTRPP_^](̋UEMVWu PPQu ЏpLjh`FpT_^](̋UEMVWu PPQu pLh IjpT衭_^](̋USVWu hje jS }LuW`WTOPuJMuWx0j Y}39}vE4xG;}r3VhVjy _^[]̋VWhjHYYt.jV WPOL襋t jwHVw(U% UO_^V̋UQVWhjtYG(YȉETxCE 3S]GH_Lt$jh hGPwPMU[Vh Vj|_^]̋Uu UTjrHrPRL讨]̋Uu UpjrHrPRL蛩]̋Uu UjrHrPRLN]̋Uu UjrHrPRL;]̋Uu UjrHrPRL]̋Uu UԔjrHrPRLۨ]̋Uu UjrHrPRL@]̋UU VWu uu rHrPRL՜_^]̋UEMVWu PLQu $pHjh`FpPA_^](̋UEMVWu PLQu @pHh IjpP_^](̋U$VWPu Ut$ `hrHrPRLD$P_^]̋U$VWPu Ut$ hrHrPRL肛D$P_^]̋U$VWPu Ut$ hrHrPRL"D$P_^]̋U$VWPu Ut$ ȕhrHrPRLšD$P_^]̋UUVWju uhrHrPRL覤_^]̋UU VWju uhrHrPRLf_^]̋UU4VWju uhrHrPRL&_^]̋UUXVWju uhrHrPRL_^]̋UUVWju uhrHrPRL覣_^]̋UUVWju uhrHrPRLf_^]̋UUVWju uhrHrPRL&_^]̋UUܖVWju uhrHrPRL_^]̋UUEVWPu u rHrPRL@_^](jKHEPu UEePrHjrPRL賋EPq̋UU8VWu uu rHjhorPRL躒_^]̋UUXVWu uu rHjhorPRL'_^]̋UU|VWuu rHhpprPRL,_^]jIEPehjYYjS u u@8}&WPOLWuWLEVPwHj wP2SVhЗVjMEPjGpt-u M\Se0hjM ujh u u@H]&SPKL~u,VSLu,u sHjhssP譐hVh@VjjG"pt-u MRe0hxj M ujh u u@H]&SPKL讁u,VSLuu sHjhssP蚍hVhVj%̋UUVWuu rHhPtrPRL茎_^]jKHEPu UEePrHj rPRLӇEP̋UU(VWu uu rHjh#rPRLڎ_^]̋UU<VWu uu rHjh`#rPRLG_^]̋UUTVWuu rHh $rPRLL_^]̋USVWu hlj jS }HuW`WPOLuJM胅u@[VhVj_^]̋Uu U hrHrPRL̕]̋Uu U@hrHrPRL蠖]̋Uu U`hrHrPRLk]̋Uu UhrHrPRLX]̋U$VWPu Ut$ hrHrPRLrD$P_^]̋U$VWPu Ut$ ̠hrHrPRLD$P_^]̋U$VWPu Ut$ hrHrPRL貇D$P_^]̋U$VWPu Ut$ hrHrPRLRD$P_^]̋U$VWPu Ut$ @hrHrPRLD$P_^]̋U$VWPu Ut$ dhrHrPRL蒆D$P_^]̋Uu UjrHrPRLΐ]̋Uu UjrHrPRL軑]̋Uu UܡjrHrPRLn]̋Uu UjrHrPRL[]̋Uu UhrDrLRH ]̋Uu U@hrDrLRH]̋Uu UdhrDrLRH諏]̋Uu UhrDrLRH蘐]̋Uu UhrDrLRHK]̋Uu UhrDrLRH8]̋UUVWu uhrHrPRL֍_^]̋UU@VWu uhrHrPRL_^]̋UUhVWu uhrHrPRLV_^]jKHbEPu euUhrHrPRLdEPֲ̋UUVWu uhrHrPRL趌_^]̋UUأVWu uhrHrPRL׌_^]̋UUVWu uhrHrPRL6_^]̋UU VWu uhrHrPRLW_^]̋UUHVWu uhrHrPRL趋_^]̋UUlVWu uhrHrPRL׋_^]̋UUVWu uhrHrPRL6_^]̋UUVWu uhrHrPRLW_^]̋Uu UjrHrPRL耏]̋UU VWu uu rHrPRL_^]̋UUEVWPu 0u rHrPRL蠅_^](̋UEMVWu PLQu TpHjh`FpPA_^](̋UEMVWu PLQu |pHh IjpP_^](̋USVWu hj jS }HuW`WPOLiluJMcruEPhWVEx2t.MU苁M܃0jGu 3Mh`x4MEtVp֋MEA3M;H s"} EtVpWhhWjMEȃPڙjJ}3hܭFju3YY9_Lt/VV W\OXVt SwL˵V_L9_Tt wTt_TO`tOdtw,]%MO X! jJj3ptOMQM&u M]&uE60hj]uMueE]jh uN$H9GLt wLqgLWTOPnUu ruu!E!Ez=lEr3  r%tj X蠠ątStckEu/5tj ։EHeapEME=lr0  r"xtj X-܅t Stcku#5tj ֋؅thHeapt]E3PPPPPEPuSjuuu w\wXwDwTwPHt+sCttu~5* u3EFLhhjWYYuN$Et8Heapu5dPօt;Heapu5dShEuWhWj0WhWjǍeKh?K臖3EpMMԋu 3O؉]ԃu3EE॥Ouu MEn#jYSVM0hXjEu3VEMS3ɍEMPMM؉MM̉MȉMĉMЉMEPpP`PPPjh uF,ȉEE9FTt vT3FTV\NXQu j Xf9EuUuMȥ`؅Z}j^uԅEPW؅4OuTW#EȲPMo؅tttہEPjZ:y u3ۋˉMtC;5lw;N ;r,轄t#F袜̉MtjXStckȉMu?ˍF;r,5tP֋ȉMfjXHeapȉMPӉ]9_vrMf;Eu2\t;ˍAEff;Eu+MEMt @EfMEME3B;WrtMj^ ]3Ej Xf9E u Mĥ؅učEPV؅j^]ԅ/EPjZ軑}u3}؅t?;5lw7N ;r*Dt!F)}؅tjXStck}u;F;r,5tP֋}؅jXHeap}؅3ȅtwЋu2ft\f;Eu:D2CE2PM ؅x;mf;E1D2A;r Mԅ3j Yf9M0u2Eu0M쥥؅x fEEEj Xf9E@u7u@M3E쥥؅x fEEEj Xf9EPu=uPM3E쥥؅x fpE쉅xj Xf9E`u=u`M3E쥥^؅x f`E쉅hAj Xf9Epu:upM3E쥥؅x fPE쉅X]3MtM;5lwE <;r+t&ט̉Mj_tStckωMuH Mj_;r)5tP֋ȉMHeapωM|fP}ptPf`u`t`fpUPtpf}M@tMf}E0tEWVuRQPEPuEPSuuu vdv`vLv\vX@؅tjX;E̋}ԉFT3ẺEEPjj }؉]Ѕ3EtF@PjXf@EH@PEPS؅uAEF];r0P08 f03ɉMЋ٥Mw}ȅtWuątV}tu%EЅtPEHeapt98u5dP֋E؅t98u5dP֋Et98u5dP֍EPEPpP`PPPhptLtC3EsFujXVShSjEMVShSjÍ |jttKuVu hhj3؉E؉]EuEEEPMjh }WXOTIu E3f9tHG\EG`E~&EPQEPu EPwHbKuE jW[s!tt}~ہ}ut)>tQff;Eu+u6=V7tWEPMhpC}9u3EإDuVSh3SjEMV ]EP3uЉEԍEPjj }u 3E~\<tO4؅EPjXfEEPE]Pu؅EG];|E}u fEEE3E𥥥9Et,]S}t3fEPS؅_3ދWtShSjj4K2u 3pt*VM]0hpjM uMjh }uWt}WTOPFu[3Ʌtf9tuGXUQODEG\SERt(s$tt~ 3M`hVhVj j4K"u 3pt*VM]0hjM uMjh 9}uWqtf9tuVTNPEuMuFXUNDjEF\WEQt(s"tt~ MRhVh(Vj j8K] 3ptLuMteMSeE60hhjEu}u3MEEjh u}uVTNP^Duxt 3f9t]FXUNDEF\EEPuuMt(s;tt~-"}u3f3WMhuVhVjDQVhVj-f̋UtSVWu3D$ ؉D$D$$D$0PL$PCjh G,ȉD$$ D$?W\OXCu &Et 3f9tD$ G`U OLD$PGdD$TD$PD$Pt$(EPD$`PcUt6ttD$@Pt$3D$,D$(Pjj t$4؅t3ɉL$tND$4tD$0PjXfD$0D$0PD$t$s&uF@F@FF@3FECHCLE3ۃM_dtxG`LGdL3MVh$Vj$} ̋UQQ3ʼnEWh`j>e} YYu WExXu@|SVMX]xPu hDY0S֋yjp43E@@Xt C$@L3ytjp4^[WhWjM3_u]̋UQQ3ʼnEWhԸjNe} YYu WEx\u@zSVM*]xNu hZ0S֋yjp4E@@\t C$@L3ytjp4^[WhWjM3_t]̋UQpt%u M0hLjT uEMVuPju IptVhVj肵^]̋Ujh pthȹjմYY} Vu@GSu ]STKP7u#K$,xU KDlK${[hptVhVjʴ3^]̋3WjYz%!B_̋UV%EtV"mY^]%gj hl}3ۉ]NF*EE3@Ëe3ہ}K @E}̋V~tFPf^jhl>}3ۉ]9Yt AP4@*EE3@Ëe3ہ}K @]E+}̃yt APj JL y‰EM33fUԉ]]URUuԃuPjh#u Cȅy6E9Et*MURuԋuPjh#u Cȅx-uM]QVxLׅx}t E먋uMtVq֊w̋U3ĉD$SVWh,jud$ d$s0YYt!jW WC4c4d$D$ T$RPqL֋D$ 9|$tR!|$L$0Qh(WPxjjKT$#D$ Pqփd$ ujPqփd$ S0D$ PD$PPuju h#s4"D=#L$ tQpWhlWjL$,_^[3o] ̋UVWh,jw}~0YYt#SjS 踩SF4[f4jhljj袰3_^]j(LBvuhjYYj3!}h` ]pZ39|EEEPEEV0PEPSjv49t/EEPMMQpvuEePh(W>Vx+UM܃0j!3ɅxM#EEPMVpփ}uY@h`WhWj@t̋USVWhljL$ 袮YYjh` d$D$PuE3ۋHL$3d$}tD$PD$jtu]tD$PD$jtu]ut$L$L$Yu#D$thj C;\$rE|$tPh`VhػVj$_^[]̋U3ĉD$SVWh,j|u3D$ D$D$w0YYt!jS 谦SG4NG4ID$L$QhWP0D$Pq3T$PPOD$Xu7W0D$PD$PPuju htw4 @t#VhlVjL$,_^[3k] ̋USVW3PPPPjuPh؅~&Sj@t3PPSVjuPh7_^[]1̋UuM0u ;] ̋UQ3ʼnESW}_Ku,@tVjp4^ IM_3[j]̋UQM%AH]̋UuM0u k] ̋UQ3ʼnESW}_Ku,@tVjp(^ IM_3[&j]̋UM3@A@]jLxpMqX%HeMc Np̋UuMP0u [] jLpMq,%HeMőUuM 0u ] jLoMq%HeM|gőUuM/u {] jL!oMq$HeM n̋UuM/u ] jLnMq$HeM:n̋UuM/u ] jLAnMq|$HeM,m̋UuM`/u +] jLmMqP$HeMZm̋UuM0/u ] jLamMq$$HeML7l̋UuM.u K] ̋UQ3ʼnESW}_ Ku,@tVjpP^ IM_3[f]̋UQM#Ah#A"A H]]̋UuM.u {] ̋UQ3ʼnESW}_Ku/@tVj^ IM_3[3e]̋UM3@A@]̋UQMT"A!AH]̋UuM.u ] ̋UQ3ʼnESW}_Ku/@tVj^ IM_3[Cd]̋UQM!A0 AH豛]̋UuM`.u ] ̋UQ3ʼnESW}_Ku,@tVjpL^ IM_3[vc]̋UQMAAHՄ]̋UuM0.u ] ̋UQ3ʼnESW}_Ku/@tVj^ IM_3[b]̋UQMA8AH]̋UuM-u ] ̋UQ3ʼnESW}_ Ku/@tVj^ IM_3[a]̋UQM$A AA Ha]̋UuM-u ;] ̋UQMAH{]̋UuM-u ] ̋UQ3ʼnESW}_ Ku/@tVj^ IM_3[`]̋UQMAtAA Hȉ]̋UQVFP0EPbvYffY^]̋UV(EtVYY^]̋UVEtVYY^]̋UV4EtVXYY^]̋UVtEtV(YY^]̋UVEtVXY^]̋UVEtVXY^]̋UV4EtVXY^]̋UVtEtVhXY^]̋UVEtV8XY^]̋UVhEtVXY^]̋UV-EtVWY^]̋UVEtVWY^]̋UVhEtVxWY^]̋UV EtVHWY^]̋UVEtVWY^]̋UVEtVVY^]̋UV{EtVVY^]̋UuVY]̋UQQVu WG;0uF9EuApG@GgG@GE"M aZVD$PHu ;uuE0_^] jU3YtHtHtf@jTLbM] EE{t-hXM[eEjPMRahEP7bM Y yt{Cxt U z;u}suwUB9Xux 9u>~B9utytJB9XtOHytJA]Q;Suruw>CBCPMA9XuPC9uPCBJCBUK{ ;utNyuAVFgNUyxu AxtlAxuQ@ANFAFAMV@yuAVFUyuAxuxuAvB;x56xuAQ@AFAFMV@?GKs SsSEYHtIHEM  `̋UUV2FFxuPBFA;PupB;Pup0Vr^]̋UUVrBxuPBFA;PupB;u0pr^]̋USVuW~u,w?Nv V}RYt_^[]j M_Eu@v eejX}QYt QD3 :Ë}]Mt,K x3tj3ۋE^j5MJ_Mu @3j(}EE%QYt*c{3jYC !C$@3 Ë}]Mt)KBx3tjp43ۋE]j_M^Eu@v eejT}kPYt Q3 Ë}]Mt,K x3tj3ۋEC]jM]Eu@v eejT}OYt Q3 .Ë}]Mt,K x3tj3ۋE\jMV]Eu@s eejT}1OYt Q3 Ë}]Mt)Knx3tjpL3ۋE \jM\Eu@v eejT}NYt Q3 eË}]Mt,Kx3tj3ۋEo[jN\Eu@v eejT}MYt Q3 Ë}]Mt,K7x3tj3ۋEZj1N[Eu@s eejh}]MYt Q 3 Ë}]Mt)K x3tjpP3ۋE8ZjeNZى]u @#eej0}LYEEtQ E3uMMÃMu܋]}ut*Nx3tjp(M33YjN6Zى]u @#eej8}LYEEtQe E3uMÃMu܋]}ut*N4x3tjp(M33XjNYى]u @#eej8}\KYEEtQC E3uMÃMu܋]}ut*Nx3tjp(M33"XjOXى]u @#eej8}JYEEtQ! E3uMcÃMu܋]}ut*Nx3tjp(M33pWj5O Xى]u @#eej8}IYEEtQE3uMÃMu܋]}ut*Nx3tjp(M33VjiOnWى]u @#eej8}FIYEEtQE3uMÃMu܋]}ut*Nlx3tjp(M33 VjOVى]u @#eej8}HYEEtQE3uMyÃMu܋]}ut*Nx3tjp(M33ZUjO Vى]u @#eej<}GYEEtQE3uM+ÃMu܋]}ut*Nx3tjp(M33Tj4PXU}?F@PhEj PEP؉]ąuPq!eM̃eS6KE΋EЍEP ȋE9tJuE;ËEЋ]ċ}EȃMQrփ'SE"ttQpփ'WSjTUP5Tڋ}̋E ]Eȅ;ut3EuIG@PhEj PEPEuPqփ#eu;PMIEE3P 90t ֋Hu3M3utVxEMuIEEPM6IuȅtVx׍EEPMIEPMHEEMPEPM@EuMuuEtVpր}#hjY3YGEiÃM}̋] Qru#"t tQpփ#W^QjP RMu @3j(}EECYt*c{3jYC !C$%@3 5Ë}]Mt)Kx3tjp43ۋEP̋VN*6^jLPى]c{j3YC,!Es%ubFhj@F@FF@fDc8YYX%@OjLPى]c{j3YC,!EsuF@F@FF@f,%@iOjLOى]c{j3YC,!EslupF@F@FF@f%@NjL&Oى]c{j3YC,!EsDuF@F@FF@f$@NjLNى]c{j3YC,!EsuF@F@FF@f$@NjLFNى]c{j3YC,!Esu F@F@FF@f|$@MjLMى]c{j3YC,!EsuF@F@FF@fP$@9MjLfMى]c{j3YC,!Esu@F@F@FF@f$$@L̋UQS3VWjc {YK,]C(hj݆YYK,3#CLCTC`CdCXCh#C"@_^[]̋UQS3VWjc{ YK(]C$!cLh8j^YYK(dcHT"C!@_^[]̋UQS3VWjc{ YK(]C$cLhjYYK(cH!C0 @_^[]̋UQS3VWjc{ YK(]C$KcLhj舅YYK(cHC@_^[]̋UQS3VWjc{ YK(]C$cLhdjYYK(#cHC8@_^[]̋UQS3VWjc {YK,]C(uhTsj趄YYK,cL$C C@_^[]̋UVWyMEw~u%F Pu {Et6v~tދMut.A;8uu EWjPE@3MJuu F P!tu MEWuËE0@_^]̋UQS3VWjc {YK,]C(XcPȟj蕃YYK,cLCtC@_^[]jP@Iًs~uG Pdt?t;stF Pu@tFeueM?EPMO?EEPVEPM0LuFsH̋ztBxu‹Pzt;u RztxujLPH~E}EEr+hؼM@eEPM>hxEPGQPvWvkF؋F;u XFF} t F;8u_F;xuXSxH ;u;HIyt5;xu WG@G@@GpLJyu@A@@x,;8u WG@G@@GpNW yaNEIAF̋USV3Wu9suusjuwEKE };u PWWu j;uA WPCWpVك PWt̃l$6Ẽl$̃l$F̃l$6̃l$鶗̃l$ṽl$ṽl$̃l$h̃l$h̃l$l̃l$j̃l$f_̃l$B̃l$G̃l$VÑl$F̃l$̃l$̃l$ṽl$Ṽl$̃l$C̃l$Z̃l$VÃl$Ãl$>̃l$̃l$閒̃l$ƌ̃l$ũl$ũl$h̃l$g̃l$ff̃l$j̃l$vf̃l$G̃l$f?̃l$f<̃l$&<̃l$&Ẽl$?̃l$<̃l$ṽl$֖̃l$֐̃l$FB̃l$H̃l$FC̃l$̃l$̃l$z̃l$j̃l$g̃l$6j̃l$]̃l$K̃l$vC̃l$M̃l$VJ̃l$F̃l$F̃l$x̃l$f̃l$6X̃l$>̃l$?̃l$<̃l$?̃l$&L̃l$F̃l$̃l$ṽl$ṽl$̃l$醈̃l$̃l${̃l$g̃l$c̃l$B̃l$=̃l$:̃l$vD̃l$F<̃l$馱̃l$ƻ̃l$̃l$F̃l$&̃l$Ṽl$Ɔ̃l$t̃l$z̃l$ff̃l$6d̃l$\̃l$vẼl$&@̃l$8̃l$6̃l$&̃l$ṽl$ƒ̃l$馇̃l$t̃l$6p̃l$f̃l$&ãl$Ỹl$J̃l$G̃l$fC̃l$Ãl$F7̃l$ṽl$̃l$Ṽl$鶕̃l$醓̃l$̃l$̃l$̃l$6c̃l$d̃l$V<̃l$H̃l$VC̃l$̃l$̃l$鶄̃l$&̃l$r̃l$õl$fỸl$X̃l$&Ũl$Ãl$8̃l$;̃l$=̃l$̃l$ṽl$&̃l$r̃l$s̃l$&c̃l$`̃l$5̃l$醸̃l$̃l$f̃l$閂̃l$6q̃l$&r̃l$m̃l$&^̃l$6b̃l$f^̃l$VX̃l$Ṽl$>̃l$F4̃l$馸̃l$f̃l$̃l$F̃l$醶̃l$̃l$̃l$&ãl$ãl$_̃l$5̃l$6̃l$f̃l$&ṽl$6k̃l$vṼl$v9̃l$F;̃l$Ẽl$7̃l$4̃l$f̃l$̃l$̃l$ƶ̃l$ṽl$̃l$ũl$&j̃l$V^̃l$=̃l$5̃l$̃l$鶄̃l$_̃l$[̃l$]̃l$Õl$&3̃l$2̃l$F̃l$鶎̃l$馋̃l$fs̃l$l̃l$v_̃l$\̃l$2̃l$D̃l$6B̃l$6;̃l$:̃l$9̃l$6̃l$2̃l$k̃l$m̃l$]̃l$vR̃l$B̃l$v4̃l$1̃l$V7̃l$5̃l$̃l$6̃l$&̃l$6̃l$f̃l$閉̃l$馂̃l$[̃l$6;̃l$&3̃l$fB̃l$&̃l$ֱ̃l$閏̃l$馈̃l$̃l$vg̃l$_̃l$Z̃l$vỸl$F0̃l$/̃l$6̃l$=̃l$@̃l$9̃l$̃l$̃l$ĩl$Ãl$f?̃l$f8̃l$7̃l$&7̃l$4̃l$/̃l$V:̃l$F6̃l$0̃l$F̃l$Fz̃l$Z̃l$4̃l$3̃l$:̃l$F̃l$6̃l$h̃l$p̃l$[̃l$?̃l$馰̃l$Ṽl$&̃l$k̃l$6W̃l$3̃l$:̃l$=̃l$f7̃l$6̃l$̃l$f̃l$̃l$&|̃l$6d̃l$W̃l$f8̃l$V4̃l$.̃l$鶋̃l$6̃l$閅̃l$馀̃l$6ĩl$6Ũl$FÑl$8̃l$2̃l$+̃l$z̃l$ñl$d̃l$̃l$Ỹl$Ũl$vŨl$/̃l$64̃l$̃l$f̃l$k̃l$j̃l$4̃l$0̋U칠]ۮ̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹮]̋U} t uu˵]̋U]ۭ̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹭]̋U} t uu˴]̋U ]۬̋UuuuuQ 9]̋U} t u uK]̋U@][̋UuuuuQ@蹬]̋U} t u@u˳]̋U`]۫̋UuuuuQ`9]̋U} t u`uK]̋U칀][̋UuuuuQ蹫]̋U} t uu˲]̋U칠]۪̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹪]̋U} t uu˱]̋U]۩̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹩]̋U} t uu˰]̋U ]ۨ̋UuuuuQ 9]̋U} t u uK]̋U@][̋UuuuuQ@蹨]̋U} t u@u˯]̋U`]ۧ̋UuuuuQ`9]̋U} t u`uK]̋U칀][̋UuuuuQ蹧]̋U} t uuˮ]̋U칠]ۦ̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹦]̋U} t uu˭]̋U]ۥ̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹥]̋U} t uuˬ]̋U ]ۤ̋UuuuuQ 9]̋U} t u uK]̋U@][̋UuuuuQ@蹤]̋U} t u@u˫]̋U`]ۣ̋UuuuuQ`9]̋U} t u`uK]̋U칀][̋UuuuuQ蹣]̋U} t uu˪]̋U칠]ۢ̋UuuuuQ9]̋U} t uuK]̋U][̋UuuuuQ蹢]̋U} t uu˩]̋U]ۡ̋UuuuuQ9]̋U} t uuK]̋UuM0u 蛪] ̋UQ3ʼnESW}_Ku,@tVjp^ IM_3[V]̋U SVuW} }tt'Exu@yP 33ɉT$@;Pt2;] s- D$x>L$CEL$P yċ}xt;] s3AV;r3Ǹ@_^[]̋UVu W3t&ESX HN;AtEu3G[_^]̋UMAu@ @A 3]j0Q'!Mu @3j0}EEYt,3{CC CjYC,%@3 Ë}]Mt)Kx3tjp3ۋE̋U 3ʼnEVu W@tm&Mx\}S]WGKE9tzEC0@Vh,IC G C 萧yjp[M_3^]̋UVEtVY^]̋UQVuN%HƦN>^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9t\CG@Vh0TWG 0֋؅ttjp_[M3^v]̋UM u@ E@ 3]̋U3ʼnESVrWtVx׉uj XfEtVx׍EPSEPtVq֋M_^3[]̋UQ}u@SVu }WBSW}N@OE;t~M&EN;Gu;Gt MP _[^] jZQ_Mu @3j0}EE:Yt,3{CC CjYC,&@3 Ë}]Mt)KUx3tjp3ۋE̋U 3ʼnEVu W@tm&Mx\}S]WGKE9tEC0@Vh,IC G C Уyjp[M_3^]̋UVEtVXY^]̋UQVuN&HN~^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9tCG@Vh0TWG 0֋؅ttjp_[M3^]jQMu @3j0}EE Yt,3{CC CjYC,(&@3 h Ë}]Mt)KѢx3tjp3ۋEőU 3ʼnEVu W@tm&M x\}S]WGKE9t*EC0@Vh,IC G C @yjp[M_3^E]̋UVEtV Y^]̋UQVuN(&HvN^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9t CG@Vh0TWG 0֋؅ttjp_[M3^&]jQKMu @3j0}EE& Yt,3{CC CjYC,H&@3 "Ë}]Mt)KAx3tjp3ۋE̋U 3ʼnEVu W@tm&M x\}S]WGKE9t EC0@Vh,IC G C 谞yjp[M_3^]̋UVEtV8 Y^]̋UQVuNH&HN^^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9t| CG@Vh0TWG 0֋؅ttjp_[M3^]jQMu @3j0}EEYt,3{CC CjYC,h&@3 %Ë}]Mt)K豝x3tjp3ۋEŐU 3ʼnEVu W@tm&M x\}S]WGKE9t EC0@Vh,IC G C yjp[M_3^% ]̋UVEtVY^]̋UQVuNh&HVNΓ^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9tCG@Vh0TWG 0֋؅ttjp_[M3^ ]jR+Mu @3j0}EEYt,3{CC CjYC,&@3 (Ë}]Mt)K!x3tjp3ۋE̋U 3ʼnEVu W@tm&M x\}S]WGKE9tzEC0@Vh,IC G C 萙yjp[M_3^ ]̋UVEtVY^]̋UQVuN&HƘN>^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9t\CG@Vh0TWG 0֋؅ttjp_[M3^v ]j,RMu @3j0}EEvYt,3{CC CjYC,X@3 *Ë}]Mt)K葘x3tjp3ۋE/̋U 3ʼnEVu W@tm&M x\}S]WGKE9tEC0@Vh,IC G C yjp[M_3^]̋UVEtVY^]̋UQVuNXH6N讎^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9tCG@Vh0TWG 0֋؅ttjp_[M3^]jVR Mu @3j0}EEYt,3{CC CjYC,x@3 8-Ë}]Mt)Kx3tjp3ۋE ̋U 3ʼnEVu W@tm&M x\}S]WGKE9tZEC0@Vh,IC G C pyjp[M_3^u]̋UVEtVY^]̋UQVuNxH覓N^]̋UQQ3ʼnEVu u@o&MeSW}؅x8]O9t<CG@Vh0TWG 0֋؅ttjp_[M3^V]̋UVMEtVY^]%̋UQVuu^]̋U,3ʼnEQMhxEP ̋UQVuu^]̋UQ3ʼnESWu30VtWp֋ tQp։;^M_3[]̋UQ3ʼnEEWtVRp^M3_]̋UVuW>u36P6>tt_^]酉̋U}Vu &^]uuݰ̋Vyt3PPPPP-Axuyt;Au Iyt^̋UyQr9EryrA;Ev2]̋UVW}Wt~rFFu +WV;ju t)~rFFu WvPu _^]̋UUVrBu+Ruh^]̋UVjF;u^]jRZueN űUVEtV"Y^]̋UQVuu^]̋UVCEtVY^]̃y$rAÍA̋VjjN ,^%̋U,3ʼnEQMehEP̋UQS]VW9^sF} +;stGVNr ]]Mr ++PEPRPF+NjPM_^[]̋UVEP^]%̋UVEtV1Y^]̋U QMhЎEP̋UQVuu^]̋UM u QCY]3sjMhЎEPjRu}jY;v}#3ENj^u;s F+;w<eGPeȉE,EME@ePEGEK6Ë}MuM] t~rFFSPGPQjjESF~UPMjjgjj-̋UVuWv9ws wV,} tsG;sPj uV3;_^]̋UE SVW}9GsE _+9]s];ujPE PjDjSHt8r~rNNE SPvQS>_^[] ̋UVjFjjuA^]̋UyEArI]̋U}Vt*~r$} FSvu SjPSY[u F^]jjjR}uVeF PO  5̋U,3ʼnEQMuhEP̋UQVuu^]̋Q̋U3V;wrwE0 E^]̋UQSډMV3Wtvx&3Åt9tAut+3ҋM3҅x?W j^+t(+Ë]+مt t AHuuIz_^[]̋UE V3t=vWx5S]3WxEPuWSx;wu z_[ tM^]̋SVW3jY3^~hh^ 9YY_^4Ɖ^(^$^,^0^[jR}eO4tQpփg4hhT9YYOC̋UVu Vhh#9E H,tx(t x0t13^]̋UW} u@SVWhDh8u3ۃ ]]]9^,tF9^(tA9^0tj\PYYt'BVqAuS+PQR5T^SPjhh5ThWP x.QAuS+PQP5TPPjLtlSSWPjPSh~.QAuS+PQP5TSPjhh5TPhWP x.QAuS+PQP5TPPPPPPhWP/$x.QAuS+PQP5TM_3[]jhHy33uh`WE3CSWVV3ҹWQQ4ht|Wj@`Wj@phj@h 95ptSVW WjY|tqjYt`3AtOP+xjYt(hhܿ3@Ëe3Eu ̡|V3t P^5|t PI5t P45t P5t P595th`h595thtp55`5p5hT^tPp T3@̋VW3t Pt Pt Pt Pt Pt Pt P_^̋UD3ʼnES33V3WM܍}ૉMM؉MȫMĉMMԫ3=}MÉM̉MMثU؍EPEPjYt up #ÍMQ3%j9PjWu l%ÍMQ%j;PjWtыÍMQ%j :PjWtÍMQ%j<PjWtÍMQ%j9PjWaÍMQ%j;PjW9ۍEPj :SjWẺEEԉEЉEEȉEĉDžtb9}t u9}t u9}t u9}t u9}t u9}t u9}t uU؍EWP39}t upƋM_^3[]̋US] 3VWBW|SKds VSjZ3WSjZxP|y Pzƃ@P|xҍƃ@PP|xpƃl@ulǃht S_^[]̋UQ3ʼnES]V0tKW`VPWtjV,0pփ0W\_8DtxPpƃtPpƃtjPltPPpƃlt$tV4Yd4tP4M^3[P]̋UEV3dt|tlt\tLt<t'tuhj( jWcEEMDu:M*MMM M}ȋEuj^^]̋UQQESVWd"]t uhO}X ] uhP`uhpE @hV'YYMUЅMu  u`d}X !] uhP`uhpE hV&YYMUЅzEu hu`UdF}X ] %EuhP`uhphV>&YYMU;ЅEuy PhH}u`d}X ] %EuhP`uhp?hV%YYMUЅEu=}tt Ph}u`d}X uQhj] %EuhP`uhp twhV$YYMUЅuVEu!=}tPhj$ jWZ*u }u `d3_^[]j hhy3EEE3@ËeuE%̋U(SVWj3h`]M]]]]]]u9]thj#YYjW^ZU tRhj# 5UMShEPSSE3PS]u3ҍ}إ8D}𥥥uإ:E tE tE hj fYYt#NF@!NIFF@f3uj^W u&tVhj~" (U ˃˅t E3tMh`_^[]̋SVWjh`ڋjj3ҋuӋ.t!h`_^[̋USVWjh`ڋjj3ҋu& tj ^ujjZFth`_^[]̋U 3ʼnESVWj3!]h`u9]SS3ҋ!EߋX48'tEPjgjW֋u{uwMt~UQ X!u48't6EPjhjW֋u6u2Mt9UQ!u'jhjgPhjk jW^}tuth`M_^3[]̋U SVWj3ۋh`] tj ^mSS3Eω]uRUEPuu09]t(E3PjgeuE3PjhPj2^th`_^[]̋SVWjh`ujW^(33PPˉ%uAlh`_^[̋USVWj`Su3jjut S_^[]̋UuMuu ]̋UuU uM]̋USVj`S} th8jEYYjW^M] EE{!t-hXMUeEjPMhEP{M  y!t{Cx!t U z;u}!suwUB9Xux 9u>~B9u!ty!tJB9X!tOHy!tJA]Q;Su!ruw>CBCPMA9XuPC9uPCBJ C B UK {   ;utNy uA VF +NUy!x u Ax tlAx uQ@ A NF A F AMV@ y uA VF lUy!uAx ux uA vB;x56x uAQ@ A lF A F MV@ G SEYHtIHEM a̋WGG@g;OtV1QY;wu^_̋UE VU ;FtPP HJFNU YE^]̋UEh5ᆳPYYiҧAi +y]̋Vy!t3PPPPP-Ax!uy!t;Au Iy!t^j$'3YtHtHtf@ ̋UQE SVuى];t4K+΃W39s#tvG;uE M_QM^[] jrSUًuC6uu3 K +3U u}S+ЉU}U ?+E;s{u C+C;?+;sω}ȉMsuC+;suC+ MQ}uUuEQKP u ֍ MuuQMQuSuQuMCt{+tPYMEKC CQuq3WWACME+;so‹UEuuQPeU EKu+Eu+ЍEQPECKU+ȋ+ƒ;#t`G2R;uTEM+uuQPMC;tU+׃:;uMU 1E;ur jLShMeEPMchxEP(̋UM uPY]3sjMhЎEP̋UtVutu^]̋UVM+ƃW3;#t+tG;u_^]̋UQQSVW3ىuu9u3jEPt{8jhj0jujj0t4EPPTPPPPjVuVVtVuVul}t u}t u_^[]̋USV3W]M]]]Wu8EPSSEPjhMu ƁdtȺM`_^[]̋U43ĉD$0S] 33L$$VuW|$0L$\$ L$L$3 |$ L$5T$D$PD$0PjYcu D$ yV03PPPju:lt.+V03PPPju lVSjZKd^DWSjZLVSjZ:WSjZ(LSt$jZD$ ˍp VPj_\$ jSjZhj(fYYt/L$ f FD$ D$ PQNt 3@F F$3)ut'hj YYt ``3t^@HL$ ;rJ Pjt8P1ht$WW x QWWP y Pl3AhXt;u$΃2upuˈtƃƃ|$tT$D$jP3|$tt$pd$ttP NjL$<_^[3}]̋tLBB̋USVu39t9,~LY{|ptP t%W(tWpY_^[]̋UEVW}37- t?t/Htuhj  jW4E/"M M|uj^_^]̋U,3ʼnEESVu3ۉu]؉]܉]W}}- tuhljn jW[X E %EuhP`uhpE hhE %YY%MjPN؅RE u؍}𥥥}إu𥥥&E9]u`dX u QhE %EuhP`uhpE hh3} UYY%MjPn؅uvu(EPu ؅tSuh0jJ|u؍}𥥥}؋𥥥uu'E uE9]u ` dMcM_^3[]̋UuM3uu |jP]̋UM3VuWVu|u jPNucS38tuFjh`9u u h`t S6u[_^]̋USV3W}؉EEEE8uj2^U MPhtVhjJ 3CSh`EPj|U}tVu hh]EtOY2t$t t:Phh %3ωt3tӱMkt h`_^[] ̋UuM3u u|Pz]̋UuM3u j|P] ̋U SVW3ɉMMGl tgQEPQhQQQh`h(uFEP<Pu)jÉEEPjVuu$uj^3F}t u}t EP_^[]̋USVE3PhS]h`h] uNWj_E}P<}Pu.EPEPEPSuuu9}u 9]_}^[t u}t EP3]̋VW~t v觹Y3N~~~v苹Y~_^̋V~t vlY3FFF ^jS}3j www uuGuX$GQu ȉ_ j Z_M3VVjzYtHt̋UE Vj^t=vWx7S]3WxEPuWSx;wu z3f{_[ tM3f^]̋UE;r3]̋VujW^j03VQ ^̋UQQ3ʼnESWujW[8O$G3ۉEtVj0M։_^j0SWE M_3[ ]jSU܋ى]Ch3!}!}@ldPEts496;t+{9uhh35YY;uمuhhxYYS `u\2؅ySh$j \h@h]YY u\cs9Xt9E}t%p3@Ëe}WhjO EEPEP肬hh YY@hhYY3 ̋UVhVE YYt<t0t$tt u0h0!hhph\ hHhVuYY3^]̋U$3ʼnESVWhh8}YYp,GDtG@39_@M G@URQ]p Ή]]օyG@.fEfuEuG@uuPPhj9]t u]9]t u]9]t uM3_^3[ɠ]h h=YY3h@hYY3̋UQVW}w&uCF@F@FF@3FGHGLGP_^]j)T覦u&e~HtvFPfHMNM)̋UQ3ʼnESW_LKutVj1^M_3[葟]j h}}3uGPGH3@ËeE`H@EjQT躥ExH@t3XjS]eu MuS/j~B9utytJB9XtOHytJA]Q;Suruw>CBCPMA9XuPC9uPCBJCBUK{ ;utNyuAVF9+NUyxu AxtlAxuQ@A*NFAFAMV@*yuAVFz*UyuAxuxuAvB;x56xuAQ@Az*FAFMV@*Gs SM}EYHtIHEM ̋UQQVu WG;0u.9Eu)GE"M VD$P#u ;uuE0_^] ̋UQVFP0EPv|ffY^]̋UE3V1Bf;uf9t f;0t2jhPQHP3^]1̋UVF&PEtV|Y^]̋UV;utuVx^]j YfȉF0̋UVEtV{Y^]̋USVW3t$t$GD$@@DD$9u9u3 j D$P9wG3ɋ94L$ D$O,D$$uG|j0jXPhPhPjQL$LPwPj0jt$dj t$|`tt D$D$$uPTO,uG|j0jhjhjjRjZRRQL$\RwRj0Rt$tj $ptTD$PPTPPPPjVt$0t$DVVt/Vt$Vtt$Ct$;_FjW^l|$t t$|$t t$_^[]̋U SVW3uىuG@DE9u9u3Dj EPuMEVjEjj0jujj8{jY;tt tjW^EEuPTVjjPQQj0QujjHt1EPPTPPPPjVuuVVtVuVul}t u}t u_^[]̋U SVW3uىuG@DE9u9u3>j EP uJEjEj0jujj0xjY;tt tjW^EEuPTjPQQj0Qujj@t1EPPTPPPPjVuuVVtVuVul}t u}t u_^[]̋V89pu9AuPq96u^jY)̋UVu P|y PW3ƆWWWWW|3jNh覆3҉迩3販8@FlhjT@|YYt >ljujX&WhPah0ah,HPX3_^]̋UQ3ʼnESVW}3ۋGPD9ht-B@D u tPhh謻 ,tPm0t,\tPtPpt P$t Pt>󋏜 4ʧF;r趧tO󋏨 虬 般4qF;r]t>󋏴 @4)F;r-rtj0փtPpƇM_^3[>y]̋U\3ʼnEESVWE3E !}j8EEWPu$!} uh$jyYYj2XXMQj8MQj PulVhPjC EPjjPultVh!}u3VulVh뗍EuPVSLtO]ltVhj誸 ;EPjuj^"EPWSLu l뻋E3ujulShjF u uE83tW}t upƋM_^3[nw]̋Ud3ĉD$`SVuD$,W}3j8SP|$,\$ \$\$$L}E \$D %$3Gjjj jjj _D$Pj8D$8Pj ulVhj. D$PD$PD\$ӍL$$$D$ 0quԋQff;u+ʋBD$ff;u+T$ EPSD$D$uj^(ht$ P9(u|t$D$PSWjVHl=%u}uj2^D$PS؅ujD$PSWjVHlVhjߵ m}T$L$$販D$ 0Dj2茩uj[5PhLjs jW^tS7D$tP)ƋL$l_^[3t]I̋UESVW-tKtuh j jW[pUMjh-؅uXM}荱*UMjj@؅u,E}荰uM}u襥H_^[]̋UQS]Vu WEVS荔u8uUV$_^[]̋UST$3ɉT$}dVWL$v 6 }39O GtD$$Phe藥uc} t'|uD$D$ȉL$F;w sJT$멋T$ D$L$PD$Puu S u/D$u8D$uL$뾋EE EE3_^[]̋U(3ʼnESVWUjMEQjjPtOWh@jƲ lzuދu3j_td;5lw\N ;rO.itCuF܅t5Stckt(uSEPVjuuVlWh@7uF;r"5tP֋؅tHeapߋuujhj 3E QjЉU܅u jhľE0123E4567J E89ABECDEFf}3Et.fDffDfAF;r׋U܋E3>t;Heapu5dS֋Ǎe_^[M3p]̋U3ʼnESVW3ۋ]9uLtHVdȉ]UfE;u-Bf;Au#EPVhul 9]t3M_^3[p]̋UQQSىUV3ClE90uI9tAWjY3󫍋u_u lUtMVO0j2^^[]̋UDS3VWL$Cl|$8D$3L$ L$L$jY󫍃D$ 90ua904?tShh| 賯YY|$ |$tt$d$YtTD$tPQ_^[]ËuhPhZYY| 렃uaD$PD$Pj Zit4u3kt$j\VYYt3ft$֋t$LN09#8t$u P뼋t$d$|$ t Sd$ t uL$8T$ R0PQD$(PVQ9D$tt$Y3ɉL$3ɍ,9u!p3ɍD$D$,PQD$4L$8PQQQD$G0D$0whh|GL$$G G$G<uNE C;%G,uPTwPwhph3ɉL$9N:V k_H{tNF}39T9M 8M8M}8KueL$@@DXu 9h`D$PWLPPjh`D$$ D$u}D$CC{t1D$PuCuuuu PuA8D$uC{tNN FT$E L$AL$;N3_^[]p̋U0SVU3EWMuQމuЉuuuuuEv};UEMPEP3w}M􋁸EMQjY^y j_}uV؅tuVS^Ήuԃ 9MvhÉEPE􋀴0tΉu9Mv!E0E4`uUMAM;MrߋEE@EMAM;MrEPEVVuSul?E0E0븋Et΋MEЉ9utu9utu9ut u!QYt9uv}4F;r}S輄_^[]̋U\3ĉD$XE L$S]VWD$3Ej8D$(D$,VPt$ ]C @DD$ tj2^Vh8jd D$3PuLBVjPKtVhj-|$ |$3ɋD$AVQj PlubD$PjPulVhj謖 3Vjjjj t$$uflVhVhL뼍L$ Qj8L$0Qj PulVhh3|$DVj@PD$$jj P됍D$ Pj8D$0Pj 6tD$0D$4P3PPPP6P ulVh ht> EtuY`S$MtuPPSxt/EWhVA x|e](uSThj jWydktG;=lw? ;r0|=tGaUddtStckdu@G;r,5tP։dHeapddWjdKd U0`hl3EtTu,+ރ 3PPjD9uE@E;`sdɁE4t utWThph|8t $#u L 7dtK39`vd t+F;`r勅dt8Heapu5dPփ}t@39]v3M Z+Cv;]rEt8Heapu5dP֋Mt39]v3 +Cv;]sME؅t8Heapu5dP֋Mt*TnmxcmLt*uM4tE3EEEčMJ|h`}tLP\Ǎ$_^[M3:]D̋U4S3VWjE؊؉}h`EE]EE E3ɉE9}jW^}3jQ(u(h`}Qtjh`E GPT@DEEE9u{t>3ҋt6uQp YYuGPT;r׋u]uz}3ɋ]9t!EPEPuub8EuE39U EPEPE$QPPuu!8Eu3W]uwj^}t4:t$ Yff;Eu+u 2\3ɉ7\3}܅ti(h`}t P\_^[]jWE i3fE8t]M̋e3҉UtnPTff;uftfCf;Aufuދt:EMQDRỦEg%uMt 9'E EDE83Ҋڈ];]LMtCU0p YYuMF;rҋu]3Ҁtu2`S$tu @uSx-3ҋ9t&MEPEP'u8Eu@39thMEPEPE$RU PPFu8Et0]39uuPU E3ҍLEM;t?ڈ];}EM̋U8S3ۉM]]ЉUVWu]Jff;u+UE̋uËME؃E91}Wu Eu~]] >^]}3ɉM9v{ EԥZt9Eԍp >x uȥ%M}AM;ru~0hhu EӋPEP}n]QM䋉1h,hGutE!>u3ۋEF]}F>0hdhtUE PEPju܍|PE}u6Mt E!>P0hhtt >W0h hdt>u}u*}EF0hhh3t 33ۋ}EG}u;E؋uM@E؃+W0hP0hhs}_^[]̋U@3ʼnE3USVWjE؉}h`EċEȉẺEЉEԉ]EEEEE 9] E!3jV!EE@@DE9]u UMjhh`uMEPhDU]tF><tu0h`$tu ;h`x,U Mjj@E_MEPhUG`V}荇PtjVE =lr0 $r"(tj(X[@t Stcku#5tj$֋tBHeapt7EϋUNEPEfFPjVuuMFjjW_Et Et t t>HeapuV5d֍Mc}tMch`}tEP\Ǎe_^[M3Z0] ̋U3ʼnE3USVWjM؋؉Eh`EEuԈEẺ]EEȉE܉EEE u3jSa\FűpDu9]u UMjh]EPhDU t>u8tu+h`$8tu 8h`xuh,E9] McduAEMQh0TP0=dEjp(M֋MMԅtt7t]vu];Heapu5dSփ}tM`h`}tEP\MaǍD_^[M37.] MkcEEMQh0TP0ActEjp(M}wuuEM!]3`VEPtjVE wutk3ۉ]t?;5lw7 ;r($tF<܉]tStck]uE8tu3h`$M8tuR2h`xgE̋Mu},EǨvumE tE@lEЋE}ԁǜFMuE.u%E t@lEЋE썺ƋutX]EЅt@;r؉]tGE]u`SEPtjSE EމutX]EЅt@;r؉]tGEE؍ t};rEMPjZ,[}ΉMtF;=lw>O ;r/`t&GE6̉MtStckMt ΍G;r(5tP֋ȉMtHeapM3j_d;EMPjZ%,}։UtA;=lw9O ;r,t!G5ԉUtStckUu?֍G;r,5tP֋ЉUgHeapU3QUEЉutSRQMQMQMPuuuE}tSuMWQMQMPuuuEu%UEȋMPEPSWuo<EM؋})օt[}u#?uG#?t6?t1uk|0Et@;kȋEB;r}QVMFE8 M؅UEuU܃u-9rutE] p0Q'4U܋]3E94tAEU Ep0Q3EU܋ MHEM؋EGU;suME̅tt8t]ȋvu]uF8Heapu5dP֋Et6t3 tEF;r8Heapu5dPփ}tM'Vh`}tEP\Ǎe_^[M3|#]̋U<3USVWjE؉uh`E؋E܉EĉEȉẺ]EEE j33P}EE؋@@DEM3f9RэMhPkMEPhDUC]tM<>2tu0h`$tu +h`x}u,}uEh`EPtjh`E 3҃}Uu.EE@BMttj}u Eʃ}uEEEU9U  jR}ԅiU3jY}ԋPEu`OM3҉W tf9tRэO h5OMEPh@eStSO ~SWoNM@}t!MEPhruaMuЋMATuF3AM܋E3@E;E tE@lE@l}Mu#btRO RWMM2t'}tMRh`}tEP\_^[] j^̋USV3WMEMxPEt3]V MQtX63E;uuFPPPj}jPjW% O0Q|yVWL3F0v Vhh_F9qu90u A9XtjY)^p3FVu_PS.G u襥}EGEG9AuGy8}u\_^[]̋VWG0N0w Whh8_uOt>G0PpWK_^̋VWxWtƜ9qu9Hup|96uW\_^jY)̃3r4vQuKQxY̋UQQSVWu7؉]YYu3VPV7h(hY^'֋TtV7h\h '^jS|YYt#PxV7hh ]Tt V7hhjjSt(VPV7hh]hGrZPjutHw^7S<,FuEF3@PSVhDh>]E 03j^tSdY_^[]̋USV3؉EWEEEF0P]EtE!8^ t(N(!QSNt!^^ E"u9N }}38FH%@EuE}t uet Z3ۉ]MNEPu3PPv PMMEMWh[IVt*MfMtKV Mjh&IuR~ tGVEڍMPu #V tt]Ku!E8F(F PK}t uM0Mtau\_^[]Q'tKu륋^EFFF0pPhdhZMF3̋VW7N7wWhhZu9wt wdYW|G_^̋UQSV3WBXPjE^؅u>~lL׹V}u ]؋ tz _^[]̋UUM K3t@] ̋UVWjhPah0ahG ?gPXM3ҋE BWLwPODGHtX;tuWTGT_^]̋U 3SVW8t~d|$OL$XL$ t tuPt'L$ tt9PuL$ u t2uGLD$9GuӉT$T$3;`HJXu6 u-Pu샦ƆƆuuP3_^[]̋U3ʼnE‰MSVWp3Eu߅t9;5lw1 ;r"tF&܅t Stcku+F;r 5tP֋؅tiHeapt\MC{ q1P& EPuES PTtO;Heapu5dS֋Ǎe_^[M3]̋UQQSVW33GPE dE9t؅EPjtiujVE Xt s 3ۉv։6džL#SGLTGLG98tjY)>F0wG~t SG PP_^[]̋U 3ʼnESVWu~pt vp9fpF9q90AFHXu NIDN~dt.LEr=u;uދHuu-X<'t V׍(GG^VwBtWC PPug M_^3[]jY)̋VF@DtLVRDQLֹQP0XVh hUFlLVl@^XQ̋UVWP7XVh`hTVlQNlֹQFPDtPNID?uVXuMtDh`$2t$t /tPhh.T Ɔt3_^]jh‹uuQhjS jXXjY;udt E33ɉM r RVh0\9PRVh`hH~u RVh6u\t RVh 9WPt RVhT;GLrRVhjLS E3@ËeuhLj*S jYME4̋US] VWE#EtIhhWRYY֋NhWRQQMIDIl46u&p} MQPeLt݋p Eu \uEt\th`$uLֹN33_^[]jh؂‰E؋ى]ԅuQhjQ jX!3}MQЋuM ;MtXShhQ< I;u GuÉEKl4Euu9Et\tÉE;u?}t \th`$uuULӹxM@j^uXShhP3@ËeuhLjP j^uE̋UVWLN׹Luh`$o5_^]̃u3Ã<<u {ËAVv5 j ^f91t+f9tAt"(thPQYY{^j{X^̋U VEMPuuSW}3ۍOff;uv+MN <F;v+N>EPSEuj[uE03+EE3@ËeuE`}ԅtSjhXw3ujh` uE0E9u thDjgFYYjW_bEP3ҋ@uOuj3ҋu;uu3ҋO&EE3@ËeuEut0h` ̋UQ3ʼnEES] VWj#^;ȃtgt@t+EXuhRa3ɄX@uh (/XuhhjEYYjW^8j398-=/;=v5=uvXtu΃2u|`닋Xtt `΃2uEOt=tGX48't+SPRW֋u3M_^3[y]PQhjDu GltXu h39h7uGlwX u h4ZpuhpjiCYYj2G39l̋U43ʼnESVW3U}}ى}uXtuj^UEujY+-Xt:4'tu uRS֋ZuPhQBjW뇾4u VhQ%EuhP`uhphW@BYYM h:2}9Eu`dX u h W%EuhP!` uhp[hWAYYu-9puhpjAYYj2mCl[M lg1}9Eu` d Xu h%EuhP!`uhphh@U YYMjV.Qu}̥}襥u̥3E#9uu`dX@ %EuhP`uhphh?U YYMjVC-u}̥(}襥u̥3EV9uu`@Bd@3X uQhjc? %EuhP`uhphh!?YYuX<U MjP_,XMlKEPhUuRu00YYu3Gu 9pu0I  X4`'tEPCpD֋KUu܅uj^ ChEtvxtd3u9p vZHXP EEP| UO1EPUc uӍO0uEFu;p rEuu܋C PPu ` 3Eu9uu `dM&/u$ClClhh$= M_^3[v]̋UQSVW3ۉ]X#4y@t(.t.3A t5Xt ;tuuGll!ltXt;uhtQX^##ދ0t.;t Hu3tp0tE#u]_^[]̋U SVWjh`U3ۍE}PËu0uӋjuu 3ҋu 7?;uvHu|$uL$$_^[3]̋USV3WjEh`uEEE9uth@j#:YYjW_Wj3ҋ|8tuQE MUj4<7'0MEPWUuXF@DXu3ɉUM98v:40jhR8MUAM;8r3ɉM9v50jhu ulMAM;r`uju@} u tE2ҋYu}ttH03tM\*h`_^[]̋UUVWt&E zpVPVWЋ(*} 3jY+;u FrɃ_^]̋Uu2/MtE VW}𥥥_^u MUh;)]̋U(UEujWXSW}3ۅt8] tEt]VuMQVmt.} Eu8]tQ$׋*38]uƃEt E@EÉ]PS؉]uj[\}3t"MCuC1P tCu}إ{uإuM)#EtPd#^_[] ̋SVڅt]WP6Vhhh]6~!tutP#׋)y39~u9>t 6">~_^[̋UVWj4jWEGE GEGE7GEGEG G0Phh5_^]̋USVڋыMW3X;u4;u,A;tA;XuXr_^[]̋UQSVWًUO4(XWg3t9wuEP=uUOO9qv;t F;qr(ClClhh4 _^[]̋UU M%]̋U3ʼnEEVWpup򍕀Ph?"&M_3%'^l]̋USVEWEPqt*EXudt u3_^[]uGӋȉEq&u݋uWX֋H MQȉED&t UM'룃}tE uGtxPu UE<MG(jjPnYUO&UMjWKUًX3t 9uuPVE}uj^Vhj2 uuWS Xu!E=uh=uflLtTEuPEP*Ȁyuhh#2YY&%j^VhDhu2 @BËu}tW̋U$3ĉD$ SV3T$Wt$$t$3ۋu ΁\$L$ u$Xt7uj^T$L$ uOlu aL$ fE Bj^uj^t9pPtAjW묅txPthth1UYY-hh0T$ YYD$PB(UjP;D$H dEL$j[uZBtS9XPuNu5|6Vt$,`tjW^hj0YY}5V`t jW^h׋u D$d$D$(D$tYUD$PV*tGD$(t$9YPuD$ыIDPVjuSuTu T$D$BT$D$r\$`;u!hj/YY6 \$X4&tD$SPW֋tL$juu WlVXu$GlGlhh5/ XXt j^;GHDD$XuL$u D$T$(RT$ RSt$ t$b)L$Puu t$ u9T$uEL$0}ED$|$ u D$@ `GlGlhHh1.D$ L$$3ttQЋ t;L$,_^[3R] ̋USVW3jh`EEE}th|j-YYjW^] }tatYu%Xtuˋ΃2EPEP-t5Shj6- Xtt qu3ҋjumu}u uGE@txPu UMUMjhuUEPVStMbh`_^[]̋U eSVWuXOlu  UEP=FtxPu UEFU<MF(jjPAu֋u$GlGlhh+ Etlt ubL } uh} u@lt6EˋEEPEP4u;stv VEPuF `3_^[]̋USVW3jh`D$D$ D$$}t}thj*YYjW^x] D$}PD$PtSh8j* Dt$3ҋjk+D$ @txPuUL$UL$jhXu]8dtUL$ D$PT$D$u;Ev3~T$ D$SPgugXu^;tuMG@DXuu3;jHPQ\tujSWtL$-h`_^[]̋U S3VWEx Ӆt"H@;B;rE]PjYxwE;rnH;rgQStYUB GGJ Et:ȋB4G p0Q[ MUHCM;Z rȋ3_^[]̋UQQSW3}kC PWЅtBC BBK t+VC4B< }G};{ r^_[]̋VWwh&v F0Phdh'֋6u_^̋USVWt}]tvWhh'C tOxPuIXtu9t u/LuhultӋ3jWX_^[]̋SVWٍw6Vhh&FHP~u>t#6Vhh&6&fO(_^[%̋U SVW‰D$7;tH] \u6L$QMjZt0tT$ jjuu D$6;u3_^[] L$ej hЃeXE E;w_tU,tEt8bt+tNtu`0},ume]|UtGt:Nt,tttjWXU#tE3!EE3@ËeuE-̋UQQSVWuGlEFrePj؅tV{L׹!K CEp0QtE p9AtjY)C Y2_^[]̋VNF9qu90u VA^jY)̋UQVVE;tp M E;Fu< ^]̋; sv2+V 9r wy2^ð^̋UQSVW3ɉMthEPQQjSu lzu.ujtMQuPjSult?t7'3_^[]̋UQQSVڋ3҉EUW}RMQRjPtOPhhuju j^VhfPEPujut3ɍEQPQjuMuuPtPEPujuu6ujW^VhjY" ;t 3#?t 7'_^[]̋UQQS]V3MuWt~U tw3t3hjZ QLЉYYuh@Ej?Et@u3Ft9;75OIF;7~#hEWj|!YYt 3Y3E_^[]̋UL3ʼnESUEVWuhj.!YYjWXpEuh uh<}E3Rj^j_t7;lw/ ;r!ltCQt Stcku2C;r#5tP֋HeapjSVu l}WjjVtjEPt3ۍESVjPtSWEPtSEEEEEEPSSEPSEPuSwEtEt>HeapuV5d֋Ǎe_^[M3]̋USW}3UMs]hXV3ɉM9EE EXtthlj)YYjWX=h닲lEPEPE;F38tUMSt ;MUAM;Mm39]E EXt2thljYYjWXSLEPEPLEhEPEP2E;F38tE MWtu?uUC;]et^hhjYYjWX_[]̋US]3ɉUEMMMVW}uhjYYjW^~ UMQhu=UEMPEP]}u!UEMSPWuu8Et}tu! }tu tWJYt_^[]̋U~B9utytJB9XtOHytJA]Q;Suruw>CBCPMA9XuPC9uPCBJCBUK{ ;utNyuAVFNUyxu AxtlAxuQ@ANFAFAMV@HyuAVFUyuAxuxuAvB;x56xuAQ@AFAFMV@yGSIEYHtIHEM ̋U SYVWMsE~u$M V Et6v~tߋMut+;;uu EWjPE@2M8uU N tu MEWuċE0@_^[]̋ztBxu‹Pzt;u RztxűVyt3PPPPP-Axuyt;Au Iyt^̋UUV2FFxuPBFA;PupB;Pup0Vr^]̋UUVrBxuPBFA;PupB;u0pr^]jLPI~?E}EEr+hؼM[eEPMhxEPQPvWvBF؋F;u XFF} t F;8u_F;xuXSxH ;u;HIyt5;xu WG@G@@Gp{Jyu@A@@x,;8u WMG@G@@Gp}W yaNEIA̋USVW}ًuv6W~Yt_^[]̋Uj&YtME M JMJB fB]̋UQQM3S] VW33!h!lXuu u APDqlߍKh#ډ}uҍ,#ЁRVjjUju`uVjjj3`PPPPjjx3PPPPjj׍[3PPPPPj֋C3ɍ0]QQ SjjQ$3VVSjjV3ҋWj YYt uƋ] Wj hsYYt SƉl9hujj^Vhj htshtQVhltMltQ0l_^[]tűUQVlvFffV8YY^]̋UVuhthtQhlt{ltQ^l^]̋UQSVW}XuhhDh|=uDOlEU 3PV7uMs`VVhDU zEu;G3U _lHDEPVtU EPVѽu똾O_^[]̋UEV3p $`dM|ȋEɉjME t$M;Ɖ̋M,׋M먋M0M덋MMMPhj jW^^]IcccdcdCdCd"d-d8d̋UXSVWjZ3ۉUj3]Y}]E]]-D9 t uhXMX4uVE %EuhP`uhpE / hhu UYY%MjP؅Mu|t9ut h E u܍}Х}ܥuХ}u`d~uXu hE %EuhP"`uhpE -hh } Ulj}YY࿍M܃@jP؅ug|t9Et hT}tIMMUЍMtUčMtuhjaЉEM3ɃMPEtu3}ĥu}ܥ}uĥuM쫫P\}u_?tZtQ؅tDutu܋E}ĥuu}ܥ}uĥ3}쫫\ME }uy`jd[uX } }uhP`uhpE hS E U%EYY%MjP؅M܅u6t2}EtAPYM܅tE@E;rj }u0|t}t htu hЉEM3ɃMPEtu܍}ĥu}ܥ}uĥuP\}uP?tKtB؅t5utu܋E}ĥu𥥋u}ܥ}uĥME }uw`hdYuX E %EuhP`uhpE hh } UYY%QMP ؅M܉U 3ɃMu`|EttPhtBu܅t;jhPV u&E3Pt؅th`j YYHEu܍}ĥ}ܥuĥuvjhP0 u ƆeƆeFlFlh|h ME }u`d}X u QhOE %EuhP`uhpE ChVYYMU؅E M%EuS39u39Lu+9u#9Pu9u 9h@hjyYYjW[jZ;u)39thR9u9tth@uTGl9shR$YYj239thH9u9Lu9u9PthQhR [E U#Ɖ|Euu ` dX u Qh?u'hPVwuYYu'3fEPP3Glt`P uOP,Pt1PWWPWWWWPtP,P&_M3^ݺ]́ |' ~ ~ ~ ?/wj XË̋U 3ʼnEeeVWMQRօuyEURPqօu^9Et!MtEuPq$օu8MGs&tt t~EtPq֋M_3^Ĺ]̋UQVWu@6VuW$EtWu jYF3f_^]̋U(3ʼnESVWڋ339wu 9wu34EPVwtGPEP ؉lƋM_^3[]jH覿M3ۉ]E]PhdyjShtyxnESP֋EURuP֋yB ;uPh V Wh0 V Wh\ h x ME]]MtSp֋j̋Ud3ʼnESVW3ٍ3ɋQ3PHtnj\SYYuSh j jW^!+FvSh VS=! \3f5PPjYFujjPSDuj\jjjVjjjPDžPhDž@P@="u?y P3t(tjQ34Pptd0Wjp<t 8M_^3[ߵ]̋U<3ʼnESVWU3EE؉MPQW]t WFh 4l;stt~ =uWh h 3}tZt E@E3Qff;u+ MQVЉU̅ujXuƅj[ύqff;Eu+ PWR O3ff;uE+ RRuԍHeapuV5d֋Ǎ_^[M3蔓]t3ҍuuu j{_̋UU M]̋UQSVuUW}3ۋΉu*9]u8^t NSSSu vNu ^_^[] ̋UQ3ʼnEVW}PqWM_3^藒]̋U3ĉD$E $$ST$3ۋU!VL$L$WQRp Ή\$֋D$u 3ɉL$ET$ RQP0NVuzT$D$L$ P\$u^St$$YD$Yt1Pq!|$ S!L$3A\$L$;L$| M d$ E 8R3L$ tQpօtSоL$$_^[3P]̋UP3ʼnEeESVWP}EPEPVEu h,Eu 7MQPWD֋؅uhPh; UĹp؅uzuău𥥥@΋}W֋؅uO7EPu苶W֋؅u EM!]uԃuu쥥@uEtPMtQp֍EPEPEPM_^3[贏]̋U$3ʼnES3UV؉EWEEEPuM܉]OMQff;u+ʋUrff;u+֍y ?Pjuu uuh|WVIVhhM܍E P]MQSp ֋9EE3MQPSNVuzEURPq,֋u]EWuPqP֋u@EPq֋E}Pq֋E@}E;Ep3u}t EPtVlMtQp֋MtQpօtSp֋M_^3[諍]̋U3ʼnESVW3R}EEE؅u 7EPSW֋EURPq ֋3ɉM9M~~EURQP0NVuxEURPqh֋u[uuYYEPqu!}M!}AM;M|uhh# 3MtQp֋MtQpօtS}t uM_^3[+]MjuQpP֋űU3ʼnEeSVWuU3Eu`7MQPW֋uBu ؅t̋ESPql֋uMWuQpT֋MtQp֋EtPtSM_^3[*]̋U3ʼnESVWu3ME}؉EEu  7MQPW֋EURPq ֋}~ WEMQ3Q0PNVh uU YYu5tʍqff;u+uU3QuRpP>R؅ESPqlu UuMu3MtQp֋MtQp֋EtPtSM_^3[~]̋UT3ʼnEE S]V3EċEMM]uЉuuủuW+yHtHt WEEEPEPhuQp֋39uN}EtEPsLEEPCPEPtuċUMv UċM9Etu!}}tEPeF;u`l!EPuhRQp ֋t)sx~bWE0Eh jPEP$EPuhRQp ֋uuuċMgu3}thuЋpLփ}t u}t EPM_^3[5]̋U3ʼnESVW3ۋ!]!]R]Euc7MQPW֋up] ̋UVunuA~t vYSWj~[?t7mu9^_[tvVVP^]̋U,3ĉD$(lSVWp3u Ή\$3ɋA|$08]tL$$t\$$\$,\$\$(\$ ] tEtL$ uU D$PILD$( lu q֩>t 0d$D$P3SJtWh4h 胯 )|$lu d$p`3L$VVVQЉt$,ˉt$ ]7tWhl렋UD$M PjMtWh낍D$PVVt$t$,jVst PxYt$sYYt|$tt$d$YtV||$tlt$pLօt WhU 3PPPD$P6tWh8h R }tNjCPt$s t&PxYWt$hhh 3@\lu pօu3wkD$0 t$ Sut$u tWt$h둋D$,39|$$u0t,9|$(tU L$SzJ9|$tD$,3PAH|$ t t$ &L$4_^[3l]̋U3ʼnElSVWp3u !}3ۋΉ]u Elp֩U EMSSSP4tWhh 譬] }EPSSSGPES41h8S]Sw,tPxWhh V`uwEYYtI lu q$֋Mk juWPQE Pu7 t WSh<3ljWu pօtS裘}t uYM_^3[k] ̋UQESVWh(Rq3މ0 t6WEYt>h 4YYuF;ur"EPxYWuޅtWY_^[]̋U3ʼnElSVWpډM3!}S֋E !8E!8tHtCt>lSpX֋M 3tWYM_^3[i] Ehup W$jPWEtE j3YE3ۉMs2tuu 1)u t@k <t_DhjuEEWPpt!EM@EMxuh|h 藩E uUMVhh f ̋UQEeVjjPjjh?tVhh % 3}tu^]̋U SVYEWP3UWWWAMPWhhhWq}Su}], uj^tPxYuSEYYhuS؃ j EP3\ ;w E#SYux}3ۋEu΋USWhSEESPu@ ȋ׍EPuQh h u]FUW[ȋ׍EPuQh Wh@ h 諧 3ۉ] }}t uY_^[]̋UQQS]VWQSPjEhQ3Wh|uȋӍEP,uQh h ' VVVVGPV51h(jww,u4PxYȋӍEPujQh(!h ʦ UjSju֋UȋӍEPuQhp!h 蓦 VwYY3t VwYYE_^[]̋U3ĉD$SVWD$ 3ɋPQht$,L$ L$L$Q0t$ sYYt$ sD$ YYM k T$uuSuQL$$QPUD$PW}uEt@lt$pTքt&ut$SUD$PV|$tljWt$pփd$t$sXT$$D$ YYM 5t$ |$ tt$ d$YD$ PjhjVst^t0PxUYD$PuWh "h 覤 |$ t t$ Y|$tljWt$p֋L$$D$_^[3c]Wh!Wh!̋USVWU3]uOff;u+aBȉE5JMQff;u+ʋUBEff;u+}+UGEPVEUhluUMUWu}$CUh`"uUuVhVVCPEV41ujWs,uPxdVu׋uuU؍EPuShd"h u EWpYYtEWpYYu肏_^[]̋U 3ʼnESV3!]3!]BWu}]U9] u UutWh"h ?] 8huV\] EujW_uuplSu pu֋tWh"h ֡ 3BUti9U t} u^hduu EtM/uE0lp<օtWSh(#h ed3Bu}=tPjX9u} t&uUjE10VubU}B‰U9u3lSpL֋EtP`YEtPYM_^3[ `]Whl#̋U 3ʼnEE SWU41uQ؃ ujW_Y 3Qff;u+VMEPlpH֋M^uj_u3Pn SYM_3[j_]̋U3ʼnESVW} U3ҋMuUOff;u+_PR}uj[Sh#h 藟 u ӋEPlWupdu֋؅uLMu܂}u7}EU3VVVPR'؅tWVuVuuu}}t ju tWËtV蹋M_^3[:^]̋U03ʼnEeƒeeSVuW3E]9} uU RuVuUȍEP`E 98utUC%MP-:C(E S,!}M>uUqq10uUȍEPtOEM@EȋE 9uEttt 9} 39] t7huP\ EVQh $Qh#h 蠝 ?huP UEPjY^ Eto9] }}Ћ0lvtPuu EEUMuP}u7VUY{9] rt E 0lp@օuc}7E+j;7YYuU MjuSf UȍEPVwQhL$j,SYYu9EE{+FPjEWVSV\E3Pf pE 0lp<֋]u EPEPuUȍEPuQh$*uuuUȍEP|uQh$h w EtP`YtWYME3_^[Z]̋U3ʼnESV3ۉM!]!]3W}E,p/dv(;Tv@4uPu؃ EHtjW^^3|EYu E hLuu EtIh0YYtEh0YYtjW^EuY9E0hX%3YEYu E!u3|YEEPlWup(u ֋ut3pEuEt0t t;ulWu pl֋EMuUuWu PGt'Vh$uh$h &tSYM_^3[lX]̋U3ĉ$ES]VD$@E WD$43jDPT$L$8D$p\$0P<^3˃ D$ D$3ۉD$ D$QD$ff;u+A#D$@PSD$D؉\$$uj^ED$8t$uEPjEv t!PxVh&h EP3PPh8PSvt"PxVShH'h ՓuvYYtahPv؃ tL3|Yt u9E ?u#?u?u ]eEPjv tPxVh&h $3tSY_}t uY^[]̋U$3ʼnEEEE UMESVuuW3ۋ Ih'Q3fEhYYU hWhEYY9PdfEDPdfEu` u`YjESP\M 1FrMEh'uhYY hVhYYujW[9]t}G;sm]PdfEFPdfEu` tVu`YtHjESP\M AE@MEDwG;rEE98sOjWXM_^3[|P] ̋U3ʼnESVWEPlpփeuEu $t2ۋUjPEPju&tWh'h 蕐 d}t,%P%Plց$VpDQu uu֋tWh'3lupL֋M_^3[lO] ̋U3ʼnElSVWp3uM3ۋΉU}]֋t tuw3thtct^utttuFUMPju EP]EMN EuwS|3ۉ]G|}t tubtUMVhPjuu ut Vu h@(h ܎tS{}M_^3[!N] ̋U3ʼnElSVWpu3ۉUΉ}]9] ujW^t3hu u\؃ tڋ3Mvq}UEPEPu tVh(h uUuu$tS`YM_^3[;M] ̋U3ʼnEE hE<3SV\DlW}PMp`QΉHl֋ l`(q3҉@3Bd#‰Xtu9Mt00tt ;tu,,j\Y6&.PXtE\S΍Qff;u+IfQVhdl3PdFPVVj jT4~lt99v A8jA98t;Q8llPdPVVj jL4(l999v~A88um8QWp<l8ωllPdPjjj W848P0l99q9>vNff;u+uPWtSlVIqNQWtW u,Vhh()@@40t@<ltQ83ωl34@Љ4@@9<\<lG3<9>($ltQ83lu TP0 u LP0XtVhHVh 3PVhHVlt)WxYWVhh`)h 70uXXpPtVhh) p`jhhDP3DžpQpDžtPh8QWVDžx(|tPxYVWh)~DVYYujW^XuPP`6tVWh*=h`,tYuHPWV3\t \Dt DYM_^3[D]t tutPۋہShPjuW8 oVWh@(űUQQSVWj3MV}uj^j7ZwbuqjV@@*I@uj^Hh j Z蝯WSu h t WxWVShX*h _3M^_^[]̋UQQSVWjZω}uY@@*Qff;u+AEPVI@u j^M US֮0_^[]̋U(3ʼnESV‰MW3ɉEPlMىMMpΉ}uElp֋uE؅q9]h_VEPlup P"MQff;u+q6PS؅uj^h'֋حu֋ެh֋ЬEPlju p u֋tVh*h 耂 M3Qff;u+q6PW}܅uj^Mhl֋>u֋D3PPjPWSupt#PxYVSh*h u3G}3UE:u :M؅J M:uu{uu QM䥥}uo9Et E94t>EMUً0Ƀ: u E1BAFMUuEEU0s}=Vh +h 3}܅tSm}t EPtWm}tumM_^3[@]̋UX3ʼnEESVW3E}ډ}[}QEPulu Qp ֋tVh+h @ E+thtFt,HtjW^Euj tuj XPE98tX%3+,E0h Ej Py}}3f97u9uuqE 39ujZ7uYf9tP3Qff;u+q6P3PU I@uj2WS3ۋ}tu lM_^3[>]uP%tVh$h@+h ~̋U@3ʼnE3U}SVW} ىEЉẺEEԉEEEuy-t t`tjW^ EPEPlu Sp֋tVh$h+h J~U}vEEPEPlWSp֋t Vh$h,뵋U3ۋu33ɉ]؉}Eąt"}ЋtCFA;ruuԋ}]3ɅtE̋tCGA;r}]؋u6uȅt~38]EЋEtu}MQpL7E4>u?E܋UuUBBME4EAE܋уMjM u!uCUu;U;]E̋+ʉuEu}MQPEM4>u?E܋UuUBEM4EAE܋уMjuTEP!uC;]s0UuPlVhh,h | Vh,E<tGE38}t EP}t uM_^3[#;]̋USډMV3WuG@90uQff;u+38EMQjZȉEK@yZuVȋ  uj^;}'u'UP( uU * Uh _^[]̋U<3ʼnElSVډMpWS]֋ lSq3ȋ߉M̋Ɖu؋։u܁uuEUuԉuĉu]t}3CÉEw$u23CtÉ] tӉ]u u}u}ttuE Eܺ}u}u 3]ЋÉu3EЅt ;t 3tv;trtmuttt;uVUPjuEPiUMhجPPPu uFu9f!}MFs}xu}u6uUEMVPju]tWh,h y Mt }t23ލEPu%Pu܋uR#EP#EP#EPlu up֋u]3t Wh0-l}tjXEă}tuu΋UP:t Whx-3}t(}u"USu u-t Wh-3EtPdlupL֋EtPdM_^3[M7]̋U3ʼnElSVWpډMSփ}}t-UM1 Wh-h w u}tuGlSp@։Eu-3ҍMulSp<օ}Ej/p }YYpt$uUjVu tWh4.Zt.UVu |tXWh$hh.h vB3ۍQff;u+y?PSMuj_V׋聡3ۋM_^3[5]̋U3ʼnESVUWEPlp֋MU3E؉EEEtVh.h u }twtrtm]P3Pu luSp$֍UtV0h.h u떋]3Kff;u+3}ύQff;u+ʋU rff;Eu+֍qu6P3PMuj^LW֋uۋ]t uWaP3Puj^"6Ӌ՟ lPqօMU,u%P3PM1vu΍Qff;EuE+A0aE3ɉPQȋEW(EV-V`3Wu`lup$։EEu 3tW`EtP`EtP{`M_^3[2]j^Vh /h }s ̋U3ʼnESVWEPl}p3ɉMىMEPljQup ֋u3ҍNff;u+uEPR؅SEPuV(tWuh8/h ru6P3P}tlhl֋zS肜h`"tUlup@֋ȉE3Qff;u+q6P3Puj_u֋ 3lupL֡lSpL֋M_^3[*1]̋U3ʼnESVW3uمu)EPuxEPEPudMωMQff;u+q6Pjuj^*hl֋=u C h`"53u}t EPM_^3[X0]̋U3ʼnElSVWp3MQΉU}}}֋MЉUuM Mٍsff;u+t2t-qΉutEujW_ȋE+@48lup@փȉEQff;uE+@4;9}t ;r}F6PW]uj|hl֋E֋ 0EttM֋E+PQ Y u 踙9}tu 觙M_^3[.]̋UQI VWUVujW^>3Qff;u+SYPVMuj^ WӋ[_^]j,QYYȅt$Vj\3҃^B@f90t^tȋ̋UE 0E0YY]̋UQV3EPVVh8VRQu u 9uuj^u 9ut}t uY^]̋UQS3ۉEWt09]t+Vt#9tu4YYt EF;r^_[]̋U(3ʼnESV3Ep/Wuu‰E܋މuE/uEPVVh8VVWtPxquWYYRh/PW؃ D Qff;u+A EPVE UhlUMhUMh`" 3UMEPVEPh8VuWtPxYuWEYYhp/PW Et'PM$L+MuYE܀8uAh/uW t)W$LMWYjW^tSY}t uY}t uYEtPXM_^3[/+]̋USE/3ɉ]M‰EE/VWEPQQh8QQStPxuSEYYt~h0PS؃ uj^vS$,0}S?YuM3tuuV tSEuWCYr3jW^tWY}t uY_^[]̋USVW3E\0EuPVVh8VEdRSEEt PxOuSYYt1MtPS t7|YM;D} wj^tWY}t uY_^[]̋U@3ʼnEESVuE3u!E܍uW3M!}3!]ԋMu؋u}EЈ0EE0EE9EtjXE9]tEu9Qu EQPmtVh0h 5i} }ϋuE3҈EEPRRREE0PREPh8RQv,tPxVWh 1h h_uvYYtHh0Pv\؃ t0 1jȋEuj^0pQL7 3 tW8UtS`Y}t uYM_^3[']̋UP3ʼnEEUEEEԊES$E0Vu وEEW3E̍EEVE}E0}ЉE܉}uEE܉EȍEWPEEPuEĈ0slt5V}xEPj3suVWuhh1h \g(M_^3[&]̋UQ3ʼnElSVWpW֋ lWq֋ȃu!}u jX&}u u}u׋E#M_^3[&]̋SVًW3PWuj_υtt6R&3҅t H!8t,]3ɋ8@4zRC8@<u܋]8pVR48LR$3CE]<u_6(R&^[]̋U(3ʼnEESVW3MM0QVVEVuE_GPVEEdPhVwuS, uI9ut uYuEE؀PVVVGuPVEPhVwS, uj^Yt PxYIuSYYt4W%RV9W,w r9O(s3@Ƌ]9ut O(W, }t uYM_^3[#]̋UQQSVW‰MhPQE33 t6XVYYhduu tMPYENj_^[]̋U3ʼnElSVW}ڋp\MS'օt3BlSp֋UEP3u3 uȃ}uM_^3[p"]̋U3ʼnElSVWp`3ۉMR]]SSS]MQЋjUY}jZ"OjZ@du|GjV@dG!0OIG@uj^Kh1jZ/jCPWuslt PxY}C%tE3PAtM}tuNM_^3["!]̋U3ʼnESVWUE3ɉlMWpփttj2P213EEPljup W֋uh3Qff;u+ʋUrff;Eu+֍A‰EPlpH֋Muj_uSuP}tlupL֋jWXM_^3[]̋UM 3ujWX]jxX̋UQSVW3ۋыÉUWtvƅxyϋÅtf9tut+ƋUxQ} vD ZjX+t++Ӌ]U +مt< ft f9Juuz3f_^[]̋US] 3VWEEVSj|EZEKdd,WSjZRs VSjZC3WSjZ5UJlXtu΃2u @pBlM쀸twXu8EPWWEPjMu Ɓdt MP_^[]̋UuM3uBu DjP ]̋UQM3SVuBWVuDu jPku88tu.j`S&St j6@&_^[Y]̋UuM3u BuDP]̋UuM3u BjDP*#] ̋UEVW}37-XtKtuh2jP] jW^mMrjVutRJt@0uS_^[]̋UMPR]̋Vt6t2F4Vh@FtZ\tQZEtC]Stu؋E}u}إ}u3}諫S\RM] F}uu8`)duX u Qhj} }uhP`uhpE ohS0SE U%EYY%MjPn@EM؅u7t3}EtAPYM؅tE@E;rj ^I}uOtKF@DXu!th-h2jR j2\uhd3jrRYYjW륍PЉEMC3ɃMPEtu؍}u}إ}uuP\P9W}uO?tJ\tAMXEt3]Stu؋E}u}إ}uM] u }ut` duMMC_^[]̋UUXuE M+PK3] ̋UVWW3 u&ttjX|E3_^]̋UQQMEPUuuUuMu ju_]̋UQQMEPUVuuUuMu ju]̋UQQMEPUuuUu MuuX]̋UQQMEPUuuUu Mju] ̋UE VW3WWWWWjHhWWWWWj3ҋ_3^]̋UQU EVuPjcuMU Djjh|(^]̋UV3}tuh3j O jWM|2CȋEuj^^]jkX63XukuGXDtEPU(4|EEPE}PbȀyu(h$4hoNYYE%ËujW^̋U S3ہ}V]tuh4jN jW^'W}Xu jhjE %EuhP`uhpE hhMYYMU=E ucEyPhL4j|M jW^MQOSID]u ;tEPh4j=M @;u:|ϋE|:uE u9Eu `dt %_^[]jX-ډ]E3ҋM 9U~ EP{;#9V$w +ыN;Dt9X| ;X| EFEMM苉;AtXp \uK}tth`$u0Lֹ4jHE 03>(ÃMjX̋UuM3uBu jPp]̋UuM3uBu jP]̋UuM3u BuP]̋UuM3u BjP] ̋U SVWC 9C$1Kyu3 A+AH;C$w+yu3 A+AsEC PyC ;C$s EC C {$+COω|$ L$4;tFP`9#C ;u6>;{tZL$ T$C<tIC;4tNCD$9OH1POHFGVSK$CrTS$L$ C;Cu C4J;r;{tC;tSC$} WP4KD$t ;tv9F~+;uWvV"jKT$~O9N}6ӋE0@C t JC;4tE@_^[]̋UQQQ3VWuq+};stA+U +RWq 9 tA+;sqPEP8_^]jHXQu+;s+h5MeEPMqhxEP62AŐUjYtM JtE Vrt MAF^] ̋UUM 9s3v3@ B;Aw] ̋SVWHt&NVSPjS4uӋtm_^[̋U$SVW|$33ɉL$L$9Ndth5hdGYY2_^[]ËNPtD$Pox|$wۋKlD;t7+ClDhh5hGClDHPD$0zNL3|$tD$Po|$NT3D$tD$PoD$t;tWPh5jFd$t7D$PvLvTAm|$th5hAFYY>39~F8D$FD$D$Pt$L؅tj~tuSNpJ6NCF F$F(t 3ɋCs0Qh<6hEF;F(tG;~f,'̋U3ʼnESVW3!]3E9_dUOPtEPmx 9]8G(;Guhx6h"EYYOLtqPE!]P^m]OTtqPEePDm]t5E􋐀t"OLt RlEOTt ~l_tj^t9;lw1 ;r"+tCt Stcku3C;r$5tP֋HHeap73ɉM9O EHEG8GFG8t 3ҋG4G0Rh6hCVuLEPSVuTȉMt|tL6?MALQ7?GUMAt#QQGtA tt#wtwpR a OU@MAM;Ot>HeapuV5d֍e_^[M3U]̋UQSV3W]9^(uFF(^,^03N,uF'E3PF0BPS)t=EV(;u!9Zdt|a}\ABdD\LyPt'yPt!3WBPjt4=uE3ۋ\D@Ht D봸O#tA뢋F(DF,*_^[]̋UeSVW~3}9~,F(EEtPM0EE>h7htAEYYЉEb=hhNAYYEX3Ƀu;u*u%;uu0;uuuQEt-=t&}u=tPh47h@E EG;~,}\t}tZ39~ vSFXu jY3ɍ<EPF(PwtN(EtG W֋ ;~ rN2!dN( E_^[]̋UQSVT$3Wt`dXPhl7h?du*\u!M`uz2ҋ?\t_8]uZu1`#ыrtP؋0h7j^?~ht$ ׋jt؋?u烦\M\d\ut\vh N(2z6u_^[]̋USVWىU3Ej4WCl}Euj4WV1 ^]u Ut=UuLuӋ]8t%t PXQh7j/>U:]t}=t}tZ}MtJp3ɋM;t˺MA IPjuMU3AMM;u벋}uuEp9tVf*j_up9qu9Hup96u_^[]jY)̋U43ʼnES3VWڋ8@Fff;u+VQRx j:Xu tf9qtGrv ~v~ ~_^̋U4SU3ۉE]VWE 8}ujhPW u(jY}M U}ԉ}EOff;u+F+M9;EsjVuQ)FEWu4FF~uEE)Eh<VhEYYuf9t UMVE9]tMjzjW[_^[]̋US3ىEEVuW:9E1Sh=jrh<ShGh<PhYYu}j_t63Qff;u+Vff;EujX++E+3ҍNff;u+F6P3PEuh =WYYjz}tMQSlSD]3ɋuhPVCKK KEKChYY;pj/VuEYYujW^hp=W8YY3ɋftuh=W j:3YYt3fP|YCx3f9muj?VEYYt3f΍Qff;Eu+,SitEPh=buj?VEYYt3f3Ʌf9S C 3f9=f1f;2uftfqf;rufu3ɃtbCj,PYY3Ʌt CfuEApj?VEYYt3f΍Qff;Eu+u3RPK3ɉK h=W>ff;u ftfPf;Qufu3ҋ3҅uSz(>ff;u ftfPf;Qufu3ҋ3҅u C70>ff;uftfNf;Hufuދuo{ut1j?VYYt3ftU[u=373/h=hp=h<=h<jBYYjW^u _^[]̋UQQSى]VW3Jff;u+BEPVuj^hp>jYYVMQPS(؅Q 7o'@uZE3PVujYVMQPu(؅yE V7'Sh>j; Sh>h8>j"YYjW^_^[]̋UQQMSVW3}ujW^!;EPjjPu5lEPjPu luQMU}udtW7,tKGuB7Vj@uj^-7PVy3#V댾t!;t 3#Vh?VjstW}t up_^[]̋VVjj(Pt3^l=uVj(Pu^%l̋UQe} VuWt7F FVEPu jVjWll_^]>u3̋U}t]%]̋Uu j]̋Uu ]̋V3u1q Wzff;u+_UAq^jhlڋ}3u8] uUh0?jmYYjWX3uˍQff;u+u+} uhP?j6YYEE3;MvSuQhx?j΍MEPVuj^uSP EGwu'EE3@ËeuuME̋UQQSVډM3E WtvVff;u+NPYutI~<{tNPYuu!P3YtFE3f3MjuLtMf_^[]̋VRFF^jhȅڋ}33uS,uh?j{YYEjWXlSEPVuj^uSP EGGu'EE3@ËeuuMEjh3uEE3@ËeuuE̋SVW339wt397t/wVuj^w7PCG CGC_^[̋UW;U s3@7vjX0S3jYt Vu+7;u C;rɃ^[_]̋UVu W}V :t O ju ֋\_^]̋UVuW} FPDXuO u  _^]̃9u 39@Ã:ujXÃytr2Q ËBHP2AHP1jh ̋V>t63^2̋U3ʼnEUSVWX3EKMÙ+EtTuHM48E4uUt&uNۋ]MuK ]~M;~:M 18t-EM4uUuE 8ՋtwE 02M_^3[]̋UQS]VW};^v^F9FrzPjujX>t.FP6W 66Vh?h WVh?h> N3uf9u 3ff9ttXEPTftj?Yf;tQVuYYt3fuˋ=tM{ujWuv_^[]̋Vu!F3@^St3^j:6YYt3fP|YF̋Vru3^ÍQffu+tf|H/u 3fTHu3@^̋UQV5pt=uhtBVYY*EPRuuh|BV EP^]̋UQS3pWEt_Vt#9FtEP6LtE BSPLXWhBh:}^t u_[]̋UD3ʼnEV񉕼5pSW39=X=Tu `hBxj _PPPPPPhBh,P0` +׍ ;PnxQAu+ ;;wAMt#tNDCB8Ctlt]t$CC(C;wEt<@t-ttu;0CNCGB@,C9B2t%ttLCC CBPhTCh,P`+׍ ;PxQAu+`+h|BP;P` `y=zuƁ 9rBu+t+|9 u$GX=sfD9 D9%XTtjRWQP_[M3^m]̋U 3ʼnEVu5pt9WtWtEPu yW\_M3^]̋UQW}=p0SVtSt pEPupυyC#} 3WV5hVu Wh$<}u@<h\CV5p @ ;vxBp+WWVPj5hWh~pʍqAuWE+PQR+<uj<XDDWMQPhpC5TS\^[_]̋USV3مtvWx/Wu z3uWSx;wu z_t^[]̋UVEtVضY^]jXu +eLtP蠶Y/̋UQQ3ʼnESV3WhjD@ʽ}YYt'@_G DG_G*t-W,%t 3CHj0֋M_^3[8]̋VhjZX3jZ Q LYY^u@hKjZZ'3̋VWjLv DP t Q8tv XP_^̋UVEtVY^]̋SV3ۋF *tPX۴Y^ Nt Q$ ^W~tG W貴Y^F_t^v虴v^莴YY^9^t Svd^^[̋UQSVW} ujW[hCh@6YYO3ۍQff;u+hjZY3ɋ QmFYYuh =jXPYYjzWӋ%j/vYY3fjX3ۋύQff;u+hjZY3ɋ QFYYtWӋs%Wj ޺EYYtv<33ۋÉFu j[hDQv "t*3ہ QK㮃WhHDh@ WjgYYȉMtFYY YYATˉNu j[hDjvQ "}؅t uQhD"uQh0Eh@l hj ߹ЉUYYt 3BB3ۋӉV ujVNFBJvt N ؅u-h@jPPFP`ulShEjW[_^[]̋IV3t VhEh@ ^̋IVjW^tQ$ t ^̋U3ʼnEUS3ۉM]EVuWʍyff;u+uN ujW_Ru E N h4FN jhu9]uuN uN _9]hhP uuYYt!  +@HL]ujtMA΋ppu t39@jE0M֋uEÅN jfuN jguhhdEYYt SSS^؅uj_EFˋp躩t '4tjW_t)j0Mօtj0֋M_^3[o]̋UQQS3E !]VW9]9]}3j^} EPSSh r\u lVhDFh@ }Pj؅tnuWn Sj?PSuXulVhFjEPujuTulVhFu33 jW^}t uPetS*_^[]̋UE AEA 3AAA*A$]̋UVEtV蘭Y^]́y$*t qtY̋U3ʼnESVW3EEE9G9G$u8hh@pGYYuj^hFh@YY3f3O؉EHGEw p$֋ЋύEPEPPRph֋Mu xE t v3Eu踠 +h PGPy =z=zO YQff;EuE+ hGP+hGPGP\y=zuj=ztgO YQff;Eu+ًMAM;O=EPEPuuhGh@K )hPGOMOGt(=$t!3fMtN}t EPM_^3[V]̋UQ3ʼnEVWgGPW"Rwpw օup֋M_3^]̋A=,t5=/t*=v=v=t=t=t3jXjXjX̋Uu uVaa *]̋U VW3~ 9~9~S9~u-hSEFYYuj_hGh@YYSWv5^ F;^s}NG;wiFEt\tTpNWЉEU;w3MtPGGqPE }F C;^r3^[_^]̋UQ3ʼnES33@VW`*{$K IK KKCC P`K4WK8K=t4=t(=t=t=t3AXA\ AHADAx]̋UEt"tHt3E E E ]̋UQQS]V3EWujWtE 3;!H-t|t= ===t[=t7=tj2 hjĥYYȅGX P9hj蛥YYȅG\hj~YYȅAGHhjWYYȅGDqAA qq*hjYYȅtE GxjP87hjYYt#p@@ Gp$*@Ɖ93uj^_^[] ̋U3ʼnES3ۉMVW9]ujW[h Hh@YYÉ]y@JUutGy@ut<=RpM֋w(Puu u֋؅u0EM@ErEq$Q4ȉxV} Jtt EHuE`HEQpMP4JuSh@thHh@YYM_^3[S]̋UQ3ʼnEVWup3օtVtQtLup$94uXu 98t3GWu p,u֋M_3^诡] ̋VW3G39~DuXVHuMN@+tFt:t5tt+t u(N<N<+ttu;tu 3;_^̋V33F9qDu;Q@t ;tu+IHu^+ttu;tu 3;^̋UQQ3҃UU} DBIEU]̋UQVuu23(3fE Ɖ^]̋UVEtVؙY^]jY蜦u(e襙YttPMY8 ̋UU;wAt7-t&t-t u9OA@JB:2-t#tHtR$]̋UE-t:t-t tt]wE E E E E ]̋UQQ3ʼnES] VWuuuSuu4u;Eu+jW^hHVh@z M_^3[^]f@ `"EePhup wLօuMtQ@u AEPhup wLփuMtQgwL$<3@ jXj3f* %.̋VW3tPҖYhhYY~`t@t61uyIt7Q(jUj@t@dždžUtP4Yhh聝YYuj__^̋UQSVu3EWujWM ;*-tk-t%hjYYȅt<hjYYȅt G@A3҉QA QQ)3ȉthj譜YYȅX P0Fhj聜YYȅ,8_`t!Qff;Eu+AEEhj4YY ur1-t=HtVQuhjۛYY jQq8_`t!Qff;Eu+AEEhj芛YYt; uUhjgYYt /339u2tj[_^[] ̋U 3ʼnEVWu uuLS3ۃ~@u YvfMY$膞̋UQQS]3EVuWujWE dhvgi~`t!Qff;Eu+AEE3hjԘEYYt u.3Shj褘uYYt(u MP3FNF NN*33 SPu39u2tj__^[] ̋UEdtGt:t-t tt]D&]̋UEdt:t-t tt]iE E E E E ]̋U$3ʼnESVuWuuuu Vdwvȏ$hGYYt V E 8_`u7k$jf躖YYuj[3f"Pjiup wL֋؅u!EEdEeEfEgEhEDMQPuEܡwLp ֋؅u,ut%u܋uθE!]@ErM_^3[Д]̋UQQ3ʼnESVu uu؅unW3Jit1P`P4Ju up(֋؅u uGr%4JMVPVhHSh@7_M^3[]̋UVEtV訍Y^]jYlu(e~`t螷hYM̋UQSV3W}EujWE - tmtWu u{`t!Qff;Eu+AEE2hj@YYtJ u)7hjYYt#3@PH PP*339u2tj^_^[] ̋UE- tt]]̋UE- tt]6E E ]̋UQ3ʼnEVWuuuu uH`u1見$jdYYuj^=3f6} "t0Ph!up wL֋u!M_3^苑]̋UQQ3ʼnESVu u]]unW34JVPVu p(u֋uGr3-W-twtDtVu uhjYY Q$hjYY j Q$hj踐YY!x!x!x@H *ohj聐YYt[nhjdYYt>QhjGYYt!!x!x!x@H p)3>u2tj__^[] ̋UEtK-Wt<t/-t tt]( ]̋UQQ3ʼnEVWuuuu u} "Shj DYY3ۉMt YYˉuj^`w֍BEff;u+U1APEQwIE]PhXup wL֋uTMtMQNE]PhYup wL֋uMtQ[M_3^ ]̋UVuWu Vu9t _^]̋UVD(3EtVbY^]̋USVW}3مujW^!7} tWu u27hj耍YYt!!p!p!p@H *3?u2tj^_^[] ̋U}t]]̋U}t]LE ]̋UQQ3ʼnEVWuuuu u`tF} "t@eEPhup wL֋uMtQM_3^+]̋UQQ3ʼnESu uEn؅ucW3V4JMVPVu p(u֋؅uGr%4JMVPVhHSh@^_M3[舊]̋UQSVuWV]hV (hVhVhV Iå_^[]̋UVEtV舃Y^]j!ZLu (EEEEM豏jZ ]3}ujWp!;M ;t`-ttRt HhjYYȉMt#3AQA QQ)3ɉ hj͉EYY jUvdl- PHtSQuhjhYYEEgMyuI EE䍎P MPuhjYYEE p Pp֋MPs}hj褈YYEEMyuI EE썎P PuXhjCYYEetIMyuI EE썎P PuMJ3;u2tj_ ̋UQ3ʼnEU;w.t$-tttHu,Ad- tstOt-HtRxxuaYVWp_^<xu%xuM3賅]̋UE- t-t tHt]E E E E ]̋USVWu} uuWuq{`t$"tIUtKǃtDHthHtZtB"t%jUj@Cduj^hIh@yYY_^[] ǃ뱍ktՍ덋̋;u.;u ;u;u3@3̋UQ3ʼnESVWp֍p֍p֍p֋M3_^3[]̋UQSVWuى]2h,u3'Fh/u3 Iå_^[]̋UVEtV|Y^]jZ茉u'E~`t軦谦"tPo|YtP^|Yt WF|YEEM賈j[}3E؅ujW0E ;_ȁ,tttWPut8^`t#tQ3ff;u+Yj@[hjڂEYYu Shj谂YYȉMt#3҉QAA QQp)3ȉhjkYYȉMt3AQA QQ)8^`t#tQ3ff;u+Yj@[hjEYY S'=1== =tn=hj諁YY]EtAMyuI EE荎P Pu_3bhjHYY]3EtFMyuI EE荎P PuMENhj߀YYȉMt1 FXP!hj迀EYYt Q339u2tjX҅ ̋UE0;wKtAЁ,t/t tt P|tl=1t_=v= vL=t&=uxu2*xu AX]̋UE--tFt9Ht+t-tt]E #E E E E E ]̋U 3ʼnES] VWuuuSu$"hj ~YY3Mt AAȉuj^`EEPh1up wL֋MQ13QEh-up wL֋`R3ҍNff;u+6APh.up wL֋9Qh0up wL֋39 tDt t:uuteɻSh}YYuj^hPIh@臼YY+3Shf|YYu j^hI3fM_^3[{]̋;u;u3@3̋UQ3ʼnESVWp֍p֋M3_^3[{]̋UQQ3ʼnESVu u]]unW34JVuPVu p(u֋uGr3uEM@;A_^[]̋UQVt,FU;tr `YMU;Vu@^]̋U<3ĉD$8SVWD$M3D$ ߉L$D$D$D$ D$$D$(D$,-D$0.D$40D$8/D$<1D$@2tpL$־@tL$PD$u t4P u CsD$ tt0hKWVRthLWV? L$D_^[3"e]̋U3ʼnEeSVpWW֋ȋEMujW_h0L@SdYYu3҉PtVEPRu uQ.@uxQMdtj{uNEMTEt tutt8^EVt!HxJMQWhpLS赤 Etj0MօthLWS M_^3[c]j8\jًEeE3EԡWpփ}EujW[hLh@YYM̋Qju uP-؅buԋ}QDEЅhjQdEԉuYYt3FF FF3uԉuЅuj[hMSh@ EȋTt tu+},t }-t}0uFVtmOxFV G4ew$Eԍ}؋MĥEEPEP3Mj[hMSh@]X [ÃM]ȋu83hu*jXhHTPh@E芑 )ËuthTVh@h V jD1^W}܉M3ME؉EEE+!]M EWp։Eؾ,t$MčEPu׉u{uEEPu졐hWhWhhVupu֋EtDP(t9}u3Eԅt,3QQQ0uupDu֋u7]3EtBMQMQMQPu+lhT thTWh@ }tEPEPEPutEt UnEMtU\EMu܅tUMQjPu#MtEU ؍EPSQupLփ}t uthTWh@, 3ۍMȈ]EP0EP*uGMEYP]̍M]0EP*uGY9T̋UQM)]̋UQQ3ʼnESW3GEڅtptlVSpօt ;tuj _tuuEx t tu@Wup,S^jWXM_3[M]̋U3ʼnEeSVًWujW_hUh@rYY\UEPtshPUWh@贍+}K  tEE eEEPjgup(Q֋thUWh@?EPjhup(s֋thUuSDjWspօt=hUshPUh@X D}t"SQuu*jZj_shUh@ th VWh@m h@Vh@YYM_^3[>K]̋U(3ʼnESVWpM܋WEWpEqEEEEEEуDt|Wp֩tuM܋SƇtK3W]؋p֍M؋QuMjP[؋}؅tj03ۋM_^3[J]̋UQQ3ʼnESVWpWΉU֋ WqփtdHt*ukEȃtmItiIt uAYTEtttBt;!tu%( E tt t3ËM_^3[/I]̋UEt t.IuCYtCʃt]̋Vptjjjfv`P83FVhZVh@^̋VWxt6jwjxPjjjfw`PՏ3FVhZVh@W_^̋VWxt6jwjxP菏jjjfw`ЋRs3FVh [Vh@~_^̋U3ʼnE3SVEEEWu p֋}؅ujW^h0[h@,~YY}uEUcu pր}Etut tu5pE jxthd[Vh@~ )-uU EYtXhZuU th[uU th[uU ft h[j}uUEt tuw}tt hTe}t"pE jxt7E.u tuuU E!Eu}t }tku79uuE9uu@}tt6Ut&h[Vh@}| h\Vh@j| M_^3[N;]̋UU QuM7] ̋UU3ujWX} u 9Eu3Aȉ ]̋UQQ3ʼnEVuW3}ujW_>ujW_h8\h@M{YYSEPWRQWj'6]thl\h@{YYbˉEthxQWh@_{ 6MJtWhQh@zۋTt x4ttj0[M_3^9]̋U 3ʼnESEVW}Wjuuu J؅tu uh\h@-z{?p ֋u؅thxQSh@^z >u4>p0h]h@y 3Au؅Lttt t t Ttp֋u3@؅u;>p ֋u؅t"k؅tShQh@x>jW[p0h]h@x jW[h\h@xYYt,Sh<]h@xu ttM_^3[7]̋VjAPRQj,th[Vh@x ^̋U3ʼnEeSVWUERu jus]}u,Tt"N4E$xȥT[}tj0֋M_^3[7]̋UQ3ʼnEESVWtLuNuQu֋6tjWVp֋M_^3[6]̋U 3ʼnESVW}uWE؅Vp֋UMW؅u\t tuNUMW؅u<ut#uupTքuuUMjW ؋M_^3[5]̋U3ʼnES]EVWSuuuu tu uh\h@uj;p ֋ thxQWh@*v 3tyWhQh@ujW_hx]h@uYYtOtEtj0Mփ#WhQh@Muu tl|t|M_^3[4]̋U3ʼnEeSVpW]SΉ}֋ӍEPjujV}}؅uzQ؅tShpLh@t PUMW؅tSh]ׅt tu(tj0uM3uW؅tj0֋M_^3[3]̋U 3ʼnESV‰MWE3!]3!]P}p֋ȉMtjZ+u |UuE 3xGu}u3EURUju4QM4}؅u|QΓdt%ʛ؅uOEUM4WY؅u/tj0֋u3}EM@E;ErSh^ShpLh@r tj0֋M_^3[;2]̋U03ʼnESV‰MWE3P3!}3ۉU]p֋ȉMt(Htu-3EEu&j[E]3uURUju4QMTUEԋMPF Su]ql֋]{TE܅}t-}WpMPWup0$u=pM֋w4Puju֋uBQ踑utj03ۉ]uFu;ushEMuh^uh^Wh@qq;jW_hNh@pYY%E0uShH^Wh@7q]tj0օth^Wh@q M_^3[/]̋UQQ3ʼnESډMt6CV0;t$WjQvx׋6M9su_^^M3[/]jd^6‰EMu }eu}URVu؅uUMV'؅tmEtfewEEPvV й?G+ȃs+h5M-EEPMQ+hxEP5@GVBMueEMZ#tQ׋hD_Vh@o 4 jXh_Ph@Eno EÃMu}̋U3ʼnESVu3ۉUMW} tuh_h@nYYTEujW^h_h@nYYiQ؎du eʖth`Vh@n !E=PEhpM֋whPuu֋tth(`렋E9=PEuhpMPEjpM֋wPuu֋t hH`5EtWtRtME94u 98tPpփu3CESu0p,֋ Ettthd`Vh@wm M_^3[[,] ̋U$3ĉD$ S3T$ VD$ D$D$E WD$ D$PD$ t$PujuP\$uiUD$ L$PSuuND$ M xtj0֋t$uT$3*u'T$ Qutj0փ|$ tjWt$pօth`Wh@Nl L$,_^[31+]j(_1UԉM33!]3E䡐R}؋p֋Vh`h@|k tt jX+t/t+u6!]ܾuE6E3uE j(_u}u3E܅hj +YEY}̃etgG3}MKS6h`h@jMUԃeEQMjujPR؅uUЋMWuur؋Etj0M֋utShh_h@Tj 6h`ah@.jG 0;FuME?؅XuUM؅8E9t 8t8uuUM؅uxTׄt9E8t 8t8u'} uEuu UuM؅}69wBuQ׋WwY"gWO"3EE@uYYE;E Eƀt}t%Q׋lWw"gW!YYth bSh@Ai .Shah@h ShaShaSh$ah@h yj[h`h@whYY`jH__.UME33@!]ȉM;q }̥AEčEPEPuRph֋uUċN;J |N;Js3@3u'Qu 2Uuh8bQUQu Ett AuȋpTք$}u%hjh'YYEet@uȋ0}hjP'YYEEtuȋ3ۃMu up֋ugEEEEEEċL܋MQpօtUȋMPu uu{E@Eărj03jjuȋpօu)eMZUEM;Ht%Uj_hPbhxbWh@xf }tjWuȋpօtj0օthbWh@-f + ̋USYVWsu F P tv6~t;tG Pu tE8_^[]̋U SYVWMsE~u%F Pu 蠽Et6v~tދMut+;;uu EWjPNE@3M|Muu F PItu MEWuËE0@_^[]̋UQVFP0EPvffY^]̋UQVuSF@!F@FF@ƃf^]j YtHt̋Uj YtM JtE JtE] ̋UQQVu WG;0uF9EuApNG@GgG@GE"M xLVD$PHu ;uuE0_^] ̋U{E3҉X@D,LT\]̋UVEtVY^]j_)},eTtj0֋0,|w(̋Uƒ'uRY3+t}tlt@t2t!ttd[KRU_ F=tjZ+tt t 3BjZU ȋUW]̋U3ʼnES]‰EMWujW_hHih@aYY3#VPp֋Uj2_u EFtpt:Fhh`!YYȉM$u+hh`!YYȉMu+hh`h!YYȉMue+hh`7!YYȉMu4+hh`!YYȉMtdup+Vhh` YYȉMt:u+,hh` YYȉMtu,3ɉ uj_RuEu uu\u Vp}u);qrօt. t$Etj0Mփ#}^M_3[]̋UQQ3ʼnESVW3TEtj0M։T9} ujW_hih@!_YY|puU\u uΉ@EPLPT8pTuj_%vp\֋T3ɅJ\M_^3[]̋UQ3ʼnEV3WTFt-p֋t;hiV@W^ hi@W+^YYth0jVW^ M_3^l]̋UVu u%}^]̋U3ʼnESVW3]}P}LhLjh@]}p֋u؍ȉETpl3u'Txltj0jXω}9{vTTEPC74ENLVEuM迅tpMuAM;Kr39{METPC 74ENLVEu=uu,]tE@E;Cr7}CM43hjC M43hjh@9\EM_^3[]̋VTt(vp~^yVhkh@[ 3^3@^̋UV,EtVY^]̃!ktet]tBt'+tt j Xj XjXÃt jXjXÃt jX3@3j Xà |y~~o~ uejXjXj XjXÃ"t6t-t$ttt u2jXjXjXjXjXjXÃtt u jXjXj X̋X$@xøøHøøøøø8øøȲøø԰øøø$øøøܲøø(ø4ød3ÍI "(.4̋UV+EtVY^]̋V"|@tUt@t4t(ttcj[jTjMjFj ?j 8Jt4t(ttj j jjjJt4t(ttjjjj3F3j ~"~Aj{j wjst-t$ttt uVjQjMjIjEjAj=.t6t-t$ttt uj!j jj jjj^^̋X!$Høøpø\øøøøıøرøøø8ø,ø`øLøtøøø$øø@ø԰øTøøøøøhø|ø(øPø<ø4ød3ÍI( .4:@FLR"X^djpv|̋UV+EtVY^]̋V!tmtat2tJtjjjtJtjj3F3t%ttj j jj {t ~r~ Awej`j \j XjT"t- t$ttt u7j2j.j*j&j"ttt uj jjj^^̋X$< øpøøøرøøø`øLøtøøø$øøøøøøø(øPø<ø4ød3ÍI      $ * 0 ̋UV+EtV Y^]j X;=t7t/t&ttIt Iu6jXjXjX3@jX3jXÃt&ItItttjXj XjXj X̋X wO$!ø̳øtøøøøøø0øDøXøl3ÍIr!x!~!!!!!!!!!!̋UV+3EtV2 Y^]̃QtKjX;)ttt uQjX3@jX3Ãtt u3jXjXjXjXÃt:t1t(ttt tj Xj Xj XjXjXj Xj X̋Xwg$H#øøøøøдøøøø ø ø4øHø\øpø3ÍI"""""## ####$#*#0#6#<#̋UV+EtV Y^]̃4t.t&ttjX+t t6jX3@jX3jXÃttjX+tIjXjXj X̋X wC$t$øøLøøøøø$øøԵ3ÍI2$8$>$D$J$P$V$\$b$h$̋UVp+EtVY^]̋Xt$ttt3øtøLø`ø8̋UgE U@DPE\+LTu ǁ@xu ǁ@x] ̋UV0,gEtVY^]0,g̋UQQ3ʼnESV3wLWhj}YYt'XwG \GwG*Wvhjj}YYt!PwGG ww*Wvhj}YYt!TwGG ww)tpW2vtNhj }YYt!`wGG ww*t"Wuu1j0־hxEuPh@BM _M^3[& ]̋US]VWHuSkth ytPh@L _^[]̡tP%Y%Ķ%ȶ̡0Wtt,tW_áTV3~#x\;}XPWpPTF;|ݡP^tP%PY%T%Xh4%03_ù趰̡PtP%PY%T%X̋UT3ʼnESVWj3X}čMjQPE0EԉEEP4]EPDu9}v}C48;rX#t ;rK;sE{#}+;r-jhVWTtMQhVWHt3@3e_^[M3 ]d0pld 0Ѐyt %ltB`Jd+= r lt Bd %ls pIt*ttad`*td̋Uud0jp<]̋Uud0jph]̋UQ3ʼnEeM3]jh-3FeE3Ɂ8Ëe3E9̋U=,VWu uk,050uh54,ȉul-GPjQ540uGPj7540t=,~ _^]̋ ,=,u 54<̋UE3ɃtttHt ttjWY] ̋Vh4h,h8ujhh544t 54<^̋U5yu 5<5yuh8]̋VJ ~u~uHF^̋U V u YtuYt^]áuΣha YVM#hЎEP %̋U V ug YtuYt^]áuΣh a YVMhЎEP jH_ hHMeEPMhxEP jH_Q hHMzeEjPM hEP hYu@à 3̋U3ʼnE} SVWH3d}p;t/h3 u=tjE Y`3Fu⡤EtiE];r:9;t3Ή;֋ 9UuE9Mt΋‰UEىMPu컈Y===33} d3p;t-h3 u9=j_tjY :3Fh2h2YYYuh2hX22 Y=Yu3=Lt&hL_ Ytu5LWu3@M_^3[=] ̋U} u ]*̋Ucsm9Eu u P YY]3]j0h E3uE w} u=uu9E t =HtNE} u uu u׉EMEQPDYYËe3uu}Euu uEMEQPYYËe3uu}Euu umEMEQPYYËe3uu} }EVVumMEQPxYYËe3uEVVuJMEQPIYYËe3u=Ht4EVVuMEQP YYËe3uE t Euu uEMEQPYYËe3uu=HtG=t>Euu u׉EMEQPtYYËe3uuE E[ } w ̋UQ3ʼnEVu3;u sWu>t ׃;u r_M3^ ]; u jh e] Ë}Njuue}x+uMU3@EE }] uEu uWSV|jhh emxFu+u uMUEEEE܋E܁8csmt EE4eE̋U]j_ue Y e4ËE̋UuSY]̋UV0EtV'Y^]̋UM t*j3X;Es} 3PPPPP3]MQucYY]̋UjXu\h PL]̋U$ 5=ff fff%f-EEE( jXkǀjX jX jXk LjX Lh]̋U 5=ff fff%f-(EE jXkǀh]jheEuu5YTj)YeEࡠE܍EPEPu u؋M M܉ E yËujY̋UuUYH]%jh 3uu܉uu] };u}MU}Fu3@EE] }uE܅u uVSWp%%%%̋U3ʼnEffffffEEDž0@hHPM3]%P%L%H̋Md Y__^[]Q̋M3̋M3|Pd5D$ +d$ SVW(衸3PuEEdPd5D$ +d$ SVW(衸3PEuEEdPd5D$ +d$ SVW(衸3PeuEEdPd5D$ +d$ SVW(衸3PEeuEEd%D%@%<̋UE3SVWH<AYt} p ;r H;r B(;r3_^[]̋Ujh@h=dPSVW1E3PEdeEhtTE-PhPt:@$ЃEMd Y_^[]ËE3Ɂ8ËeE3Md Y_^[]̋UEMZf9t3]ËH<39PEu f9Q]̋UeeVWN@;t t УjEPE3EE1Ed1E`3EM3EEP(E3EM3;t5uO@ щ _^]%8h=d5D$l$l$+SVW1E3ʼnEPeuEEEEdËM3̋Uuuu uh3h]%,%(%$%%h=d5D$l$l$+SVW1E3PeuEEEEdËMd Y__^[]Q%̸QRPhZY̸̸̸̸̸̸̸u̸e̸|U̸xE̸5̸d%̸̸̸̸̸̸̸̸t̸X̸\̸`u̸e̸hU̸lE̸p5̸QRPhZY̸QRPh܏ZY̸̸QRPhZY̸QRPhWZY̸LQRPh<'ZY̸H̸D̸@̸≮P̸8̸ QRPh\ZY̸QRPh|gZY̸$̸ ̸̸̸,̸0̸(uQL$+#ȋ%;r Y$-QL$+ȃ YQL$+ȃ Y%%̍MYT$B J3n8a̋T$B J3NJ3Dda̋T$B J3$J3a̋T$B J3J3b`̋T$B J3J3lb6̋T$B J3J3b u6YËT$B J3rJ3hcuYËT$B J3>J34|c̋T$B J3cuYÍM#=T$B J3J34dH̍uuuT$B 3J3d̋MގT$B J3Wd̋M齎MގM頎T$B J3 e̍MېMӐT$B J3deY̍M鬗T$B J3f1̍MOM|T$B J3J3,f̍鼒鱒T$B 3NJ3D`f̍T$B 3 J3fq̍+T$B 3J30g.̍MsT$B J3J3g̍MT$B J3dJ3Zg̍M鰀T$B J32J3(g̍M~T$B J3J3hf̍MLT$B J3Hh>̋Fz$r(r9T$B 3vJ3lh̍MT$B J3Dh̍MMT$B J3$i̍MjT$B J3Xi\̍M`T$B J3J3i*̍MqT$B J3J3i̍MT$B J3`J3Vi̍MT$B J3.j̍MMT$B J3J34jd̍MTT$B J3hj<̍M,T$B J3j̍MMT$B J3tJ3jj̍M}T$B J3Bj̍M}MMT$B J3 J3 kp̋M {wM,wuT$B J3\k:̍M }M}T$B J3J3k̍M|M|M|M|T$B ,3MJ3Ck̍M|T$B |3l̍Mn|T$B J34l`̍MF|M>|T$B J3`l0huYYhuYYËMndM`T$B J3ml̍MT$B J3EJ3;m̍MMT$B J3 J3@mq̋M|uT$B J3tmF̍MT$B J3J3m̋T$B J3J3zm̋T$B J3ZJ3P$n̋T$B J30J3&|n̋T$B J3J3nl̋T$B J3J3,oB̋T$B J3J3őT$B J3J3~őT$B J3^J3T4puYËT$B J3*J3 puYËT$B J3J3p\uYËT$B J3J3Lq(uRYËT$B J3J3quYËT$B J3ZJ3P ruYËT$B J3&J3lruYËT$B J3J3rXuYËT$B J3J3,s$̍M1T$B J3J3s̍M1MM1M1M)T$B J3:J30 t̋T$B J3J3tv̍MzMŘT$B J3tF̍MT$B J3J3uPT$B J3DűT$B J3_J3UűT$B J35J3+űT$B J3 J3Tvq̋T$B J3J3vG̋T$B J3J3w̋T$B J3J3\w̋T$B J3cJ3Yw̋T$B J39J3/ x̋M%T$B J3dxv̋T$B J3xV̋MaoT$B J3J3y!̋T$B J3J3y̋T$B J3gJ3]y̋T$B J3=4z̋T$B J3z̍MT$B J3J3L{[̋T$B J3x{;huYYËT$B J3J3{̋MXT$B J3f}̍M\T$B J3>~husYYËMM<-M4-M,-T$B J3J30~Q̍M,\T$B J3~)̍M\T$B J3~̍M[M,T$B J3aJ3W̍M[T$B J3/J3%p̍Mp[M}T$B J3e̍M@[T$B J3=̋MHlT$B J30̍MZhuYYËMM+M+M+T$B J3GJ3=`̍MZT$B J3J3 {̍MVZT$B J3S̍M.ZM*T$B J3J3@̍MYT$B J3J3w#T$B J3RhuYYËT$B J3"J3h̋T$B J3th̍MbMPM*T$B J3J3,&̍T$B 3J3~h̍M|bMtbT$B J3NJ3D̋T$B J3$Ȅ̋T$B J3 t̍MT$B J3J3xB̋M4T$B J3huYYhuYYhuYYhuYYhuYYhuYYhuYYËT$B J3J30̋Mo+T$B J3X̋M9T$B J30̋M+M%MmM%T$B J3nhuYYhuYYhuYYhusYYËT$B J3J3(t̋Mc*M%M$T$B J3l0huYYhuYYËT$B J3J3v̋M)Mw$Mi$MlM}lT$B J3܇huKYYhu;YYhu+YYhuYYËT$B J3J3(̋M#T$B J3l̋MnM((oM4oM@oMLoT$B J30̋MrnM(nM4nT$B J3b̋T$B J3J3 8̋M nM(lnM4anT$B J3x̋MmM(.nM4#nM@nML nMXnT$B J3+̋MmmM(mM4mM@mT$B J3R̋T$B J3J3L(̋T$B J3J3̍M鬇M餇T$B J3^J3T ̍MlMlMlMnsT$B J3@̍T$B 3J3L̍MT$B J3J3huYYËT$B J3zJ3phuYYhuYYËT$B J30J3&<̋MT$B J3J3pd̍MT$B J3J3Č2̋T$B J3؍0xoh̋D̋UQQ3ʼnE=жtXܶW=ض;s5VMt#QtRp֋Maܶ;r^h%ж_M3]"\aC"aaa@z"aab@`"8bHb\b@&"bbb@ "bb c@"@cXcDlc@ǥ"ccGDc@"dd$d@"XdxdDDd@}"dDDDD"e0E"0eXEcEnE"eeEEee@g@"$fE"PfEE"ff(F3Fff@@" gkFvF"TgtgFFg@"gF"g#G"hUG"@hG"lhG=A"hGGG H"iCH"HikHsH"|iH"iH"iH"j'I",jYI"XjII"jI"jI"j JJ"kEJ"DkmJuJ}J"kJJ"kJJ"kK'K/K7K",llK"XlK"lKK"lKKLLp~"8mBL"dmtL|L"mL"mL"mnn@4"HnXnln@"nnn@"noo@("Po`oto@"ooo@_"pp$p@"Xphp|p@"pp[Np@G"q(qN\I\T\"\\\"DThx<"\\\"؉%]-]8]C]N]Y]",]]]]"px"Ȋx "0!^)^"d[^c^k^s^"^"ԋ^x&"4_"`?_O_"_* +_"<361J1y11112212E2o222233m444@4"č88<.<(//\8(P33lx `54xX(8 8@3(D\IXXI̓IԓIII8I  ȐIАؑƒԒH2nL6$~O EXuao.I $)NetApiBufferFreeDsRoleGetPrimaryDomainInformationDsRoleFreeMemoryNetDfsGetClientInfoDsGetDcNameWGetUserNameExWTranslateNameWLsaConnectUntrustedLsaLookupAuthenticationPackageLsaLogonUserLsaFreeReturnBufferLsaDeregisterLogonProcessWNetGetConnectionWwnsprintfWPathIsUNCWPathIsRootWPathRemoveFileSpecWPathAddBackslashWPathRemoveBackslashWPathCreateFromUrlWUrlUnescapeWB[ ,,hȕ`FporqpUPV0@WUopppo@Pp`(((( IsPtts`U@`# $##0UП,>QeyƖۖ '5CO[hŗ՗*8FR^luØ՘  !"#$%&'()*+azroles.DLLAzAddPropertyItemAzApplicationCloseAzApplicationCreateAzApplicationDeleteAzApplicationEnumAzApplicationOpenAzAuthorizationStoreDeleteAzCloseHandleAzContextAccessCheckAzContextGetAssignedScopesPageAzContextGetRolesAzFreeMemoryAzGetPropertyAzGroupCreateAzGroupDeleteAzGroupEnumAzGroupOpenAzInitializeAzInitializeContextFromNameAzInitializeContextFromTokenAzOperationCreateAzOperationDeleteAzOperationEnumAzOperationOpenAzRemovePropertyItemAzRoleCreateAzRoleDeleteAzRoleEnumAzRoleOpenAzScopeCreateAzScopeDeleteAzScopeEnumAzScopeOpenAzSetPropertyAzSubmitAzTaskCreateAzTaskDeleteAzTaskEnumAzTaskOpenAzUpdateCacheDllCanUnloadNowDllGetClassObjectDllRegisterServerDllUnregisterServerddd(ddd4(ddl(@5IV PP0V PP0xV PP0ppР P`t0pЗt8pA0DD0EMEEEG BB0G@HHPI0ITpIWFFFPTpTTV@VW8@ `WVXVXVXVVVWVxWVWVWVWVWVWVWVWVVVXVXVhWV(XV8XV(WVVVHXV8WVWVXXVHWVhXVxXVXWVXVXVdȷeķfgh̺Ժ x   @1Ȫ 81P0 ܨ  1@ 0 d P     @  d t  ,    P . - ,P / 0 1  l     0 @   !   x  def  g@ h\ PT|@Ll  L|$,@hȮ8Dx 4 ,L|P|-,.L0|,/1 !df<etgh@-.01 bcX4 @cXlcXcXcXdXTdddde@ete eȿ e e$fd`ffxdf gܼ8gԼxgthgdhgXLPhXLhXLi0Xk\ kܾk`< l0 `ll`<m`<`mXm8 mnH4n`n`<n`L@cXocX(o`oXoDpLhp8pqhqqdXrX$hr(rspss8tdtX(t8uuuXvlcXv v$w`w,w wX$xpcXmXx 4n<Dy.?AVCAtlException@ATL@@.?AVlength_error@std@@.?AVout_of_range@std@@.?AVlogic_error@std@@.?AVbad_alloc@std@@.?AVexception@@DN@xȯ: !`,||0tLtLtLHXwGg   k -.0)()+*+   /,1 !1 !defghi           .0- 1defghi !.0-1 !defghif2H{I4f2H{I4L)EgddL)Eg,t&BR^DZthR6lN2n^J0Tvj8V:t2,~*<L\j|4Lh~2Jbvv2BRdo kM+HM  : 8V&FjTH>4* znR:xp0FVnvhD&`@"BTh80@Tzf`/$"0DH*h(0Dt&BR^DZthR6lN2n^J0Tvj8V:t2,~*<L\j|4Lh~2Jbvv2BRdo kM+HM  : 8V&FjTH>4* znR:xp0FVnvhD&`@"BTh80@Tzf-srandNswscanf_vsnwprintfwcsrchr _wcsicmp|wcsncpy_smallocfree memcpy_stwcscpy_sowcscat_s_purecall_vsnprintf ??0exception@@QAE@ABV0@@Z7?what@exception@@UBEPBDXZ??1exception@@UAE@XZ ??0exception@@QAE@ABQBD@Z memmove_s ??0exception@@QAE@XZCstrrchrldivpwcschr~wcspbrkiswspacezwcsncmp_wtol_wcsnicmpqsortbsearch)_wcsuprwcsstrZtowloweriswxdigitwcstol_wtoi64 memmove memset"_callnewhd_CxxThrowExceptiony__CxxFrameHandler3o_XcptFilter_amsg_exit_initterm5?terminate@@YAXXZmsvcrt.dll??1type_info@@UAE@XZg_errnorealloc`_lock_unlock__dllonexit _onexitj_except_handler4_commonRtlCopySidwRtlLengthSidRtlNtStatusToDosErrorNtAllocateLocallyUniqueIdFRtlDeleteResource*RtlInitializeResourceRtlAcquireResourceExclusiveRtlReleaseResourceRtlAcquireResourceSharedRtlIdentifierAuthoritySidRtlEqualSidRtlInitString&RtlInitializeGenericTableAvl0RtlInsertElementGenericTableAvlARtlDeleteElementGenericTableAvlRtlLookupElementGenericTableAvlRtlInitUnicodeString^RtlDosPathNameToNtPathName_UNtCreateFileRtlFreeHeapNtClosewRtlEnumerateGenericTableAvlRtlNumberGenericTableElementsAvlRtlValidSidRtlValidSecurityDescriptorntdll.dll3CharNextW>CharUpperWxUnregisterClassAUSER32.dllCreateFileWYGetLastErrorCloseHandleMultiByteToWideCharFindResourceWiSizeofResourceLoadResourceLockResourceFreeLibraryGetProcAddressLoadLibraryExWpGetModuleHandleWlstrcmpiWLeaveCriticalSectionSRaiseException-EnterCriticalSectionFindResourceExWlGetModuleFileNameWSInitializeCriticalSection DeleteCriticalSectionDisableThreadLibraryCallsWideCharToMultiByteLocalAllocLocalFree2GetEnvironmentVariableWCreateDirectoryWGetCurrentProcessIdWriteFileZGetLocalTimeGetVersionExWCreateTimerQueueDeleteTimerQueueExCreateTimerQueueTimerDeleteTimerQueueTimerGetCurrentThreadGetCurrentProcessGetComputerNameWGetSystemTimeAsFileTime>GetFileAttributesWGetVolumeInformationW;GetFileAttributesExWCompareFileTimeDeleteFileWRGetFullPathNameWLoadLibraryW!SetLastErrorCompareStringWFormatMessageWjSleepUnhandledExceptionFilter[SetUnhandledExceptionFilteryTerminateProcess OutputDebugStringA>QueryPerformanceCounterGetCurrentThreadIdGetTickCountKERNEL32.dllCoTaskMemFreeCoTaskMemReallocCoTaskMemAlloc(CoCreateInstanceStringFromGUID2 CLSIDFromString^CoInitializeExCoUninitialize CLSIDFromProgIDStringFromCLSIDole32.dllOLEAUT32.dllLsaOpenPolicyLsaNtStatusToWinErrorLsaQueryInformationPolicyLsaFreeMemoryLsaCloseCreateWellKnownSidXRegCloseKeyRegQueryInfoKeyWwRegEnumKeyExWRegOpenKeyExWRegSetValueExWaRegCreateKeyExWpRegDeleteValueWLookupAccountNameWLookupAccountSidW{ConvertSidToStringSidWConvertStringSidToSidWRegQueryValueExWJGetLengthSidoGetTokenInformationOpenThreadTokenSetThreadTokenEqualDomainSidOpenProcessTokenDuplicateTokenExCopySidInitializeAclAddAccessAllowedAceInitializeSecurityDescriptorSetSecurityDescriptorDaclSetSecurityDescriptorOwnerVGetNamedSecurityInfoWaGetSecurityDescriptorSacl\GetSecurityDescriptorDaclSetNamedSecurityInfoW^GetSecurityDescriptorLength7GetAclInformation6GetAceIsValidSidAddAccessAllowedAceExAddAccessAllowedObjectAceAddAuditAccessAceExSetSecurityDescriptorSaclAdjustTokenPrivilegesMakeSelfRelativeSDCryptReleaseContextCryptAcquireContextWCryptCreateHashCryptHashDataCryptGetHashParamCryptDestroyHashADVAPI32.dll'AuthziFreeAuditEventType,AuthziInitializeAuditEventType%AuthziAllocateAuditParams/AuthziInitializeAuditParamsWithRM+AuthziInitializeAuditEvent2AuthziLogAuditEventAuthzFreeAuditEvent(AuthziFreeAuditParamsAuthzInitializeResourceManager AuthzFreeResourceManagerAuthzFreeContext AuthzGetInformationFromContextAuthzAddSidsToContextAuthzInitializeContextFromTokenAuthzInitializeContextFromSidAuthzAccessCheckAUTHZ.dllUuidFromStringWUuidToStringW RpcStringFreeWUuidCreateUuidToStringA RpcStringFreeARPCRT4.dllDsQuoteRdnValueWDSPARSE.dllDsCrackNamesW$DsFreeNameResultWDsBindWtDsUnBindWNTDSAPI.dllODBC32.dllVirtualProtectVirtualAllocGetSystemInfoKSetThreadStackGuaranteeVirtualQueryRtlAllocateHeapRtlImageNtHeader?RtlDeleteCriticalSectionsRtlEnterCriticalSectionRtlConvertExclusiveToShared RtlInitializeCriticalSectiontRtlLeaveCriticalSectionRtlConvertSharedToExclusiveResolveDelayLoadedAPI DelayLoadFailureHook!PerfCreateInstance5PerfSetCounterRefValue6PerfSetCounterSetInfo9PerfStartProvider;PerfStopProvidermemcmp memcpy@@APB`BB@B0BBpBBAAAApA@AA@@ @p?@@P@`@?P?@?0? ???>>??????`??>>0@>@Ap@84`x$fghe(u@Xp        7z 3  /5=8 @REGISTRYFILETYPELIBMUI4VS_VERSION_INFO 98 98?StringFileInfo040904B0LCompanyNameMicrosoft CorporationFFileDescriptionazroles Modulex,FileVersion10.0.14393.2515 (rs1_release_1.180830-1044)0InternalNameazroles.LegalCopyright Microsoft Corporation. All rights reserved.8OriginalFilenameazrolesj%ProductNameMicrosoft Windows Operating SystemDProductVersion10.0.14393.2515DVarFileInfo$Translation HKCR { AzRoles.AzAuthorizationStore.1 = s 'AzAuthorizationStore Class' { CLSID = s '{b2bcff59-a757-4b0b-a1bc-ea69981da69e}' } AzRoles.AzAuthorizationStore = s 'AzAuthorizationStore Class' { CurVer = s 'AzRoles.AzAuthorizationStore.1' } NoRemove CLSID { ForceRemove {b2bcff59-a757-4b0b-a1bc-ea69981da69e} = s 'AzAuthorizationStore Class' { ProgID = s 'AzRoles.AzAuthorizationStore.1' VersionIndependentProgID = s 'AzRoles.AzAuthorizationStore' ForceRemove 'Programmable' InprocServer32 = s '%MODULE%' { val ThreadingModel = s 'Both' } } } AzRoles.AzPrincipalLocator.1 = s 'AzPrincipalLocator Class' { CLSID = s '{483afb5d-70df-4e16-abdc-a1de4d015a3e}' } AzRoles.AzPrincipalLocator = s 'AzPrincipalLocator Class' { CurVer = s 'AzRoles.AzPrincipalLocator.1' } NoRemove CLSID { ForceRemove {483afb5d-70df-4e16-abdc-a1de4d015a3e} = s 'AzPrincipalLocator Class' { ProgID = s 'AzRoles.AzPrincipalLocator.1' VersionIndependentProgID = s 'AzRoles.AzPrincipalLocator' ForceRemove 'Programmable' InprocServer32 = s '%MODULE%' { val ThreadingModel = s 'Both' } } } NoRemove Interface { ForceRemove {edbd9ca9-9b82-4f6a-9e8b-98301e450f14} = s 'IAzAuthorizationStore interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {b11e5584-d577-4273-b6c5-0973e0f8e80d} = s 'IAzAuthorizationStore2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {abc08425-0c86-4fa0-9be3-7189956c926e} = s 'IAzAuthorizationStore3 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {987bc7c7-b813-4d27-bede-6ba5ae867e95} = s 'IAzApplication interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {086a68af-a249-437c-b18d-d4d86d6a9660} = s 'IAzApplication2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {181c845e-7196-4a7d-ac2e-020c0bb7a303} = s 'IAzApplication3 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {929b11a9-95c5-4a84-a29a-20ad42c2f16c} = s 'IAzApplications interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {5e56b24f-ea01-4d61-be44-c49b5e4eaf74} = s 'IAzOperation interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {1f5ea01f-44a2-4184-9c48-a75b4dcc8ccc} = s 'IAzOperation2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {90ef9c07-9706-49d9-af80-0438a5f3ec35} = s 'IAzOperations interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {cb94e592-2e0e-4a6c-a336-b89a6dc1e388} = s 'IAzTask interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {03a9a5ee-48c8-4832-9025-aad503c46526} = s 'IAzTask2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {b338ccab-4c85-4388-8c0a-c58592bad398} = s 'IAzTasks interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {00e52487-e08d-4514-b62e-877d5645f5ab} = s 'IAzScope interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {ee9fe8c9-c9f3-40e2-aa12-d1d8599727fd} = s 'IAzScope2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {78e14853-9f5e-406d-9b91-6bdba6973510} = s 'IAzScopes interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {f1b744cd-58a6-4e06-9fbf-36f6d779e21e} = s 'IAzApplicationGroup interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {3f0613fc-b71a-464e-a11d-5b881a56cefa} = s 'IAzApplicationGroup2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {4ce66ad5-9f3c-469d-a911-b99887a7e685} = s 'IAzApplicationGroups interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {859e0d8d-62d7-41d8-a034-c0cd5d43fdfa} = s 'IAzRole interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {95e0f119-13b4-4dae-b65f-2f7d60d822e4} = s 'IAzRoles interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {eff1f00b-488a-466d-afd9-a401c5f9eef5} = s 'IAzClientContext interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {2b0c92b8-208a-488a-8f81-e4edb22111cd} = s 'IAzClientContext2 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {11894fde-1deb-4b4b-8907-6d1cda1f5d4f} = s 'IAzClientContext3 interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {e192f17d-d59f-455e-a152-940316cd77b2} = s 'IAzBizRuleContext interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {fc17685f-e25d-4dcd-bae1-276ec9533cb5} = s 'IAzBizRuleParameters interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {e94128c7-e9da-44cc-b0bd-53036f3aab3d} = s 'IAzBizRuleInterfaces interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {d97fcea1-2599-44f1-9fc3-58e9fbe09466} = s 'IAzRoleDefinition interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {881f25a5-d755-4550-957a-d503a3b34001} = s 'IAzRoleDefinitions interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {55647d31-0d5a-4fa3-b4ac-2b5f9ad5ab76} = s 'IAzRoleAssignment interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {9c80b900-fceb-4d73-a0f4-c83b0bbf2481} = s 'IAzRoleAssignments interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {e5c3507d-ad6a-4992-9c7f-74ab480b44cc} = s 'IAzPrincipalLocator interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {504d0f15-73e2-43df-a870-a64f40714f53} = s 'IAzNameResolver interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } ForceRemove {63130a48-699a-42d8-bf01-c62ac3fb79f9} = s 'IAzObjectPicker interface' { ProxyStubClsid = s '{00020424-0000-0000-C000-000000000046}' ProxyStubClsid32 = s '{00020424-0000-0000-C000-000000000046}' TypeLib = s '{11A8B8EE-BF30-409A-8EF7-3A143EF70332}' { val Version = s '1.0' } } } } HKCR { AzRoles.AzBizRuleContext.1 = s 'AzBizRuleContext Class' { CLSID = s '{5c2dc96f-8d51-434b-b33c-379bccae77c3}' } AzRoles.AzBizRuleContext = s 'AzBizRuleContext Class' { CurVer = s 'AzRoles.AzBizRuleContext.1' } NoRemove CLSID { ForceRemove {5c2dc96f-8d51-434b-b33c-379bccae77c3} = s 'AzBizRuleContext Class' { ProgID = s 'AzRoles.AzBizRuleContext.1' VersionIndependentProgID = s 'AzRoles.AzBizRuleContext' ForceRemove 'Programmable' InprocServer32 = s '%MODULE%' { val ThreadingModel = s 'Both' } } } } CREATE TABLE [dbo].[AzMan_AzApplicationGroup] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ObjectGuid] [uniqueidentifier] NULL, [StoreID] [int] , [AppID] [int] , [ScopeID] [int] , [ParentType] [tinyint] NOT NULL , [Name] [nvarchar] (64) , [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [GroupType] [tinyint] NULL, [LdapQueryID] [int] NULL, [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzAuthorizationStore] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ObjectGuid] [uniqueidentifier] NULL, [Description] [nvarchar] (1024) , [Name] [nvarchar] (512) , [ApplicationData] [ntext] , [DomainTimeout] [int] NULL , [ScriptEngineTimeout] [int] NULL , [MaxScriptEngines] [int] NULL , [TargetMachine] [nvarchar] (50) , [ApplyStoreSacl] [bit] NULL , [GenerateAudits] [bit] NULL , [MajorVersion] [int] NULL, [MinorVersion] [int] NULL, [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzApplication] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ObjectGuid] [uniqueidentifier] NULL, [StoreID] [int] NOT NULL , [Name] [nvarchar] (512) , [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [ApplyStoreSacl] [bit] NULL , [GenerateAudits] [bit] NULL , [AuthzInterfaceClsId] [int] NULL , [ApplicationVersion] [nvarchar] (50), [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_BizRule_To_Task] ( [BizRuleID] [int] NOT NULL , [TaskID] [int] NOT NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_BizRule_To_Group] ( [BizRuleID] [int] NOT NULL , [GroupID] [int] NOT NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_BizRule] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ParentId] [int] NOT NULL , [ParentType] [tinyint] not NULL, [BizRuleImportedPath] [nvarchar] (512) , [BizRule] [ntext] , [BizRuleLanguage] [nvarchar] (64), [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_LDAPQuery] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [GroupID] [int] NOT NULL , [LdapQuery] [ntext] , [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Group_SIDMember] ( [GroupID] [int] NOT NULL , [MemberSID] [varbinary] (85) NOT NULL , [Member] [bit] Not NULL , [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Group_AppMember] ( [GroupID] [int] NOT NULL , [ChildID] [int] NOT NULL , [Member] [bit] Not NULL , [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzOperation] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ObjectGuid] [uniqueidentifier] NULL, [AppID] [int] NOT NULL , [Name] [nvarchar] (64) , [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [OperationID] [int] NULL, [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzTask] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [ObjectGuid] [uniqueidentifier] NULL, [AppID] [int], [ScopeID] [int], [ParentType] [tinyint] NOT NULL , [Name] [nvarchar] (64) , [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [IsRoleDefinition] [bit] NULL , [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzScope] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [AppID] [int] NOT NULL , [Name] [ntext], [NameLen] [int] NOT NULL, [NameHash] [Binary] (32) NULL, [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [ObjectGuid] [uniqueidentifier] NULL, [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL, [HasSpecificUsers] [bit] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_AzRoleAssignment] ( [ID] [int] IDENTITY (1, 1) NOT NULL , [AppID] [int], [ScopeID] [int], [ParentType] [tinyint] NOT NULL , [Name] [nvarchar] (64) , [Description] [nvarchar] (1024) , [ApplicationData] [ntext] , [ObjectGuid] [uniqueidentifier] NULL , [RowUpdateTimeStamp] [timestamp] NULL , [ChildUpdateTimeStamp] [binary] (8) NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Role_SIDMember] ( [RoleID] [int] NOT NULL , [MemberSID] [varbinary] (85) NOT NULL, [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Role_AppMember] ( [RoleID] [int] NOT NULL , [ChildID] [int] NOT NULL , [RowUpdateTimeStamp] [timestamp] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Role_To_Task_Link] ( [TaskID] [int] NOT NULL , [RoleID] [int] NOT NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Role_To_Operation_Link] ( [OperationID] [int] NOT NULL , [RoleID] [int] NOT NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Task_To_Task_Link] ( [TaskID] [int] NOT NULL , [ChildID] [int] NOT NULL ) ON [PRIMARY] GO if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[Azman_SQLRole]') and OBJECTPROPERTY(id, N'IsUserTable') = 1) drop table [dbo].[Azman_SQLRole] GO CREATE TABLE [dbo].[Azman_SQLRole] ( [uid] [int] not null, [ObjectID] [int] NULL , [ObjectType] [tinyint] NULL , [SQLRoleName] [nvarchar] (64) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL , [RoleType] [tinyint] NULL ) ON [PRIMARY] GO CREATE TABLE [dbo].[AzMan_Task_To_Operation_Link] ( [OperationID] [int] NOT NULL , [TaskID] [int] NOT NULL ) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzApplication_StoreID] ON [dbo].[AzMan_AzApplication]([StoreID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzApplicationGroup_AppID] ON [dbo].[AzMan_AzApplicationGroup]([AppID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzApplicationGroup_ScopeID] ON [dbo].[AzMan_AzApplicationGroup]([ScopeID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzApplicationGroup_Name] ON [dbo].[AzMan_AzApplicationGroup]([Name]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzOperation_Name] ON [dbo].[AzMan_AzOperation]([Name]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzOperation_AppID] ON [dbo].[AzMan_AzOperation]([AppID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzRoleAssignment_AppID] ON [dbo].[AzMan_AzRoleAssignment]([AppID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzRoleAssignment_ScopeID] ON [dbo].[AzMan_AzRoleAssignment]([ScopeID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzRoleAssignment_Name] ON [dbo].[AzMan_AzRoleAssignment]([Name]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzScope_AppID] ON [dbo].[AzMan_AzScope]([AppID]) ON [PRIMARY] GO CREATE INDEX [IX_Azman_Scope_Name] ON [dbo].[AzMan_AzScope] ([AppID], [NameHash]) ON [PRIMARY] Go CREATE INDEX [IX_AzMan_AzTask_AppID] ON [dbo].[AzMan_AzTask]([AppID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzTask_ScopeID] ON [dbo].[AzMan_AzTask]([ScopeID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_AzTask_Name] ON [dbo].[AzMan_AzTask]([Name]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_BizRule_Parent] ON [dbo].[AzMan_BizRule]([ParentId], [ParentType]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_Group_AppMember_GroupID] ON [dbo].[AzMan_Group_AppMember]([GroupID]) ON [PRIMARY] GO CREATE INDEX [IX_AzMan_LDAPQuery_GroupID] ON [dbo].[AzMan_LDAPQuery]([GroupID]) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzApplication] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzApplication] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzAuthorizationStore] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzAuthorizationStore] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzScope] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzScope] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzApplicationGroup] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzApplicationGroup] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] , CONSTRAINT [FK_AzMan_AzAppGroup_AzMan_AzApplication] FOREIGN KEY ( [AppID] ) REFERENCES [dbo].[AzMan_AzApplication] ( [ID] ) , CONSTRAINT [FK_AzMan_AzAppGroup_AzMan_AzAuthorizationStore] FOREIGN KEY ( [StoreID] ) REFERENCES [dbo].[AzMan_AzAuthorizationStore] ( [ID] ) , CONSTRAINT [FK_AzMan_AzAppGroup_AzMan_AzScope] FOREIGN KEY ( [ScopeID] ) REFERENCES [dbo].[AzMan_AzScope] ( [ID] ) GO ALTER TABLE [dbo].[AzMan_AzApplicationGroup] WITH NOCHECK ADD CONSTRAINT [CK_AzMan_AzApplicationGroup] CHECK (sign(coalesce([StoreID],0)) + sign(coalesce([AppID],0)) + sign(coalesce([ScopeID],0)) = 1) GO ALTER TABLE [dbo].[AzMan_AzRoleAssignment] WITH NOCHECK ADD CONSTRAINT [CK_AzMan_AzRoleAssignment] CHECK (sign(coalesce([AppID],0)) + sign(coalesce([ScopeID],0)) = 1) GO ALTER TABLE [dbo].[AzMan_AzTask] WITH NOCHECK ADD CONSTRAINT [CK_AzMan_AzTask] CHECK (sign(coalesce([AppID],0)) + sign(coalesce([ScopeID],0)) = 1) GO alter table [dbo].[AzMan_AzApplicationGroup] nocheck constraint [FK_AzMan_AzAppGroup_AzMan_AzApplication] GO alter table [dbo].[AzMan_AzApplicationGroup] nocheck constraint [FK_AzMan_AzAppGroup_AzMan_AzAuthorizationStore] GO alter table [dbo].[AzMan_AzApplicationGroup] nocheck constraint [FK_AzMan_AzAppGroup_AzMan_AzScope] GO ALTER TABLE [dbo].[AzMan_AzOperation] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzOperation] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzRoleAssignment] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzRoleAssignment] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] , CONSTRAINT [FK_AzMan_Role_To_App] FOREIGN KEY ( [AppID] ) REFERENCES [dbo].[AzMan_AzApplication] ( [ID] ) , CONSTRAINT [FK_AzMan_Role_To_Scope] FOREIGN KEY ( [ScopeID] ) REFERENCES [dbo].[AzMan_AzScope] ( [ID] ) GO alter table [dbo].[AzMan_AzRoleAssignment] nocheck constraint [FK_AzMan_Role_To_App] GO alter table [dbo].[AzMan_AzRoleAssignment] nocheck constraint FK_AzMan_Role_To_Scope GO ALTER TABLE [dbo].[AzMan_AzTask] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_AzTask] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] , CONSTRAINT [FK_AzMan_AzTask_To_App] FOREIGN KEY ( [AppID] ) REFERENCES [dbo].[AzMan_AzApplication] ( [ID] ) , CONSTRAINT [FK_AzMan_AzTask_To_Scope] FOREIGN KEY ( [ScopeID] ) REFERENCES [dbo].[AzMan_AzScope] ( [ID] ) GO alter table [dbo].[AzMan_AzTask] nocheck constraint [FK_AzMan_AzTask_To_App] GO alter table [dbo].[AzMan_AzTask] nocheck constraint [FK_AzMan_AzTask_To_Scope] GO ALTER TABLE [dbo].[AzMan_BizRule] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_BizRule] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_LDAPQuery] WITH NOCHECK ADD CONSTRAINT [PK_AzMan_LDAPQuery] PRIMARY KEY CLUSTERED ( [ID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzOperation] WITH NOCHECK ADD CONSTRAINT [IX_AzMan_AzOperation_OpID] UNIQUE NONCLUSTERED ( [OperationID], [AppID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Group_AppMember] WITH NOCHECK ADD CONSTRAINT [IX_AzMan_Group_AppMember_member] UNIQUE NONCLUSTERED ( [GroupID], [ChildID], [Member] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Group_SIDMember] WITH NOCHECK ADD CONSTRAINT [IX_AzMan_Group_SIDMember_member] UNIQUE NONCLUSTERED ( [GroupID], [MemberSID], [Member] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Role_AppMember] WITH NOCHECK ADD CONSTRAINT [IX_AzMan_Role_AppMember_member] UNIQUE NONCLUSTERED ( [RoleID], [ChildID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Role_SIDMember] WITH NOCHECK ADD CONSTRAINT [IX_AzMan_Role_SIDMember_member] UNIQUE NONCLUSTERED ( [RoleID], [MemberSID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_AzApplication] ADD CONSTRAINT [FK_AzMan_AzApplication_AzMan_AzAuthorizationStore] FOREIGN KEY ( [StoreID] ) REFERENCES [dbo].[AzMan_AzAuthorizationStore] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE GO ALTER TABLE [dbo].[AzMan_AzOperation] ADD CONSTRAINT [FK_AzMan_AzOperation_AzMan_AzApplication] FOREIGN KEY ( [AppID] ) REFERENCES [dbo].[AzMan_AzApplication] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE GO ALTER TABLE [dbo].[AzMan_AzScope] ADD CONSTRAINT [FK_AzMan_AzScope_AzMan_AzApplication] FOREIGN KEY ( [AppID] ) REFERENCES [dbo].[AzMan_AzApplication] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE GO ALTER TABLE [dbo].[AzMan_BizRule_To_Group] ADD CONSTRAINT [FK_AzMan_BizRule_To_Group_AzMan_AzApplicationGroup] FOREIGN KEY ( [GroupID] ) REFERENCES [dbo].[AzMan_AzApplicationGroup] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [FK_AzMan_BizRule_To_Group_AzManBizrule] FOREIGN KEY ( [BizRuleID] ) REFERENCES [dbo].[AzMan_BizRule] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_BizRule_To_Group] PRIMARY KEY CLUSTERED ( [BizRuleID], [GroupID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_BizRule_To_Task] ADD CONSTRAINT [FK_AzMan_BizRule_To_Task_AzMan_AzTask] FOREIGN KEY ( [TaskID] ) REFERENCES [dbo].[AzMan_AzTask] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [FK_AzMan_BizRule_To_Task_AzManBizrule] FOREIGN KEY ( [BizRuleID] ) REFERENCES [dbo].[AzMan_BizRule] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_BizRule_To_Task] PRIMARY KEY CLUSTERED ( [BizRuleID], [TaskID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Group_AppMember] ADD CONSTRAINT [FK_AzMan_Group_AppMember_AzMan_AzApplicationGroup] FOREIGN KEY ( [GroupID] ) REFERENCES [dbo].[AzMan_AzApplicationGroup] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Group_AppMember] PRIMARY KEY CLUSTERED ( [GroupID], [ChildID], [Member] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Group_SIDMember] ADD CONSTRAINT [FK_AzMan_Group_SIDMember_AzMan_AzApplicationGroup] FOREIGN KEY ( [GroupID] ) REFERENCES [dbo].[AzMan_AzApplicationGroup] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Group_SIDMember] PRIMARY KEY CLUSTERED ( [GroupID], [MemberSID], [Member] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_LDAPQuery] ADD CONSTRAINT [FK_AzMan_LDAPQuery_AzMan_AzApplicationGroup] FOREIGN KEY ( [GroupID] ) REFERENCES [dbo].[AzMan_AzApplicationGroup] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE GO ALTER TABLE [dbo].[AzMan_Role_AppMember] ADD CONSTRAINT [FK_AzMan_Role_AppMember_AzMan_AzRoleAssignment] FOREIGN KEY ( [RoleID] ) REFERENCES [dbo].[AzMan_AzRoleAssignment] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Role_AppMember] PRIMARY KEY CLUSTERED ( [RoleID], [ChildID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Role_SIDMember] ADD CONSTRAINT [FK_AzMan_Role_SIDMember_AzMan_AzRoleAssignment] FOREIGN KEY ( [RoleID] ) REFERENCES [dbo].[AzMan_AzRoleAssignment] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Role_SIDMember] PRIMARY KEY CLUSTERED ( [RoleID], [MemberSID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Role_To_Operation_Link] ADD CONSTRAINT [FK_AzMan_Role_To_Operation_Link_AzMan_AzOperation] FOREIGN KEY ( [OperationID] ) REFERENCES [dbo].[AzMan_AzOperation] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [FK_AzMan_Role_To_Operation_Link_AzMan_AzRoleAssignment] FOREIGN KEY ( [RoleID] ) REFERENCES [dbo].[AzMan_AzRoleAssignment] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Role_To_Operation_Link] PRIMARY KEY CLUSTERED ( [RoleID], [OperationID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Role_To_Task_Link] ADD CONSTRAINT [FK_AzMan_Role_To_Task_Link_AzMan_AzRoleAssignment] FOREIGN KEY ( [RoleID] ) REFERENCES [dbo].[AzMan_AzRoleAssignment] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [FK_AzMan_Role_To_Task_Link_AzMan_AzTask] FOREIGN KEY ( [TaskID] ) REFERENCES [dbo].[AzMan_AzTask] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE, CONSTRAINT [PK_AzMan_Role_To_Task_Link] PRIMARY KEY CLUSTERED ( [RoleID], [TaskID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Task_To_Operation_Link] ADD CONSTRAINT [FK_AzMan_Task_To_Operation_Link_AzMan_AzOperation] FOREIGN KEY ( [OperationID] ) REFERENCES [dbo].[AzMan_AzOperation] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [FK_AzMan_Task_To_Operation_Link_AzMan_AzTask] FOREIGN KEY ( [TaskID] ) REFERENCES [dbo].[AzMan_AzTask] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE , CONSTRAINT [PK_AzMan_Task_To_Operation_Link] PRIMARY KEY CLUSTERED ( [OperationID], [TaskID] ) ON [PRIMARY] GO ALTER TABLE [dbo].[AzMan_Task_To_Task_Link] ADD CONSTRAINT [FK_AzMan_Task_To_Task_Link_AzMan_AzTask] FOREIGN KEY ( [TaskID] ) REFERENCES [dbo].[AzMan_AzTask] ( [ID] ) ON DELETE CASCADE ON UPDATE CASCADE, CONSTRAINT [PK_AzMan_Task_To_Task_Link] PRIMARY KEY CLUSTERED ( [TaskID], [ChildID] ) ON [PRIMARY] GO --Trigger for updating Timestamps CREATE TRIGGER TR_updateStoreTimeStampOnAppDelete ON dbo.[AzMan_AzApplication] FOR delete AS UPDATE [AzMan_AzAuthorizationStore] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT StoreID FROM deleted) go CREATE TRIGGER TR_updateStoreTimeStampOnAppModified ON dbo.[AzMan_AzApplication] FOR INSERT,UPDATE AS UPDATE [AzMan_AzAuthorizationStore] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT StoreID FROM inserted) go CREATE TRIGGER TR_updateAppTimeStampOnScopeDelete ON dbo.[AzMan_AzScope] FOR delete AS UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT AppID FROM deleted) go CREATE TRIGGER TR_updateAppTimeStampOnScoprModified ON dbo.[AzMan_AzScope] FOR INSERT,UPDATE AS UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT AppID FROM inserted) go CREATE TRIGGER TR_UpdateAppTimeStampOnOpChange ON dbo.[AzMan_AzOperation] FOR INSERT,UPDATE AS UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT AppID FROM inserted) go CREATE TRIGGER TR_UpdateAppTimeStampOnOpDelete ON dbo.[AzMan_AzOperation] FOR delete AS UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT AppID FROM deleted) go Create Procedure UpdateGroupsParentTimeStamp ( @ParentId [int] , @ParentType [tinyint] ) as if @ParentType = 0 Begin UPDATE [AzMan_AzAuthorizationStore] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end else if @ParentType = 1 -- App Begin UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end else if @ParentType = 4 -- Scope Begin UPDATE [AzMan_AzScope] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end GO Create Procedure UpdateTasksParentTimeStamp ( @ParentId [int] , @ParentType [tinyint] ) as if @ParentType = 1 -- App Begin UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end else if @ParentType = 4 -- Scope Begin UPDATE [AzMan_AzScope] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end GO Create Procedure UpdateRolesParentTimeStamp ( @ParentId [int] , @ParentType [tinyint] ) as if @ParentType = 1 -- App Begin UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end else if @ParentType = 4 -- Scope Begin UPDATE [AzMan_AzScope] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID=@ParentId end GO CREATE TRIGGER TR_UpdateParentTimeStampOnGroupDelete ON dbo.[AzMan_AzApplicationGroup] FOR delete AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @StoreID INT Declare @AppID INT Declare @ScopeID INT -- We need to find the parent first SELECT @StoreID=StoreID, @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM deleted if @@RowCount = 1 Begin if @ParentType = 0 Begin set @ParentID = @StoreID End else if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateGroupsParentTimeStamp @ParentID, @ParentType End go CREATE TRIGGER TR_UpdateParentTimeStampOnGroupInsOrUpd ON dbo.[AzMan_AzApplicationGroup] FOR INSERT,UPDATE AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @StoreID INT Declare @AppID INT Declare @ScopeID INT SELECT @StoreID=StoreID, @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM inserted if @@RowCount = 1 Begin if @ParentType = 0 Begin set @ParentID = @StoreID End else if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateGroupsParentTimeStamp @ParentID, @ParentType End go CREATE TRIGGER TR_UpdateParentTimeStampOnTaskDelete ON dbo.[AzMan_AzTask] FOR delete AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @AppID INT Declare @ScopeID INT -- We need to find the parent first SELECT @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM deleted if @@RowCount = 1 Begin if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateTasksParentTimeStamp @ParentID, @ParentType end go CREATE TRIGGER TR_UpdateParentTimeStampOnTaskInsOrUpd ON dbo.[AzMan_AzTask] FOR INSERT,UPDATE AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @AppID INT Declare @ScopeID INT SELECT @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM inserted if @@RowCount = 1 Begin if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateTasksParentTimeStamp @ParentID, @ParentType end go CREATE TRIGGER TR_UpdateParentTimeStampOnRoleDelete ON dbo.[AzMan_AzRoleAssignment] FOR delete AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @AppID INT Declare @ScopeID INT -- We need to find the parent first SELECT @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM deleted if @@RowCount = 1 Begin if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateRolesParentTimeStamp @ParentID, @ParentType end go CREATE TRIGGER TR_UpdateParentTimeStampOnRoleInsOrUpd ON dbo.[AzMan_AzRoleAssignment] FOR INSERT,UPDATE AS DECLARE @ParentID INT DECLARE @ParentType TinyInt Declare @AppID INT Declare @ScopeID INT SELECT @AppID=AppID, @ScopeID=ScopeID, @ParentType=ParentType FROM inserted if @@RowCount = 1 Begin if @ParentType = 1 Begin set @ParentID = @AppID End else if @ParentType = 4 Begin set @ParentID = @ScopeID End exec UpdateRolesParentTimeStamp @ParentID, @ParentType end go CREATE TRIGGER TR_UpdateGroupsTimeStampOnSidMemberDel ON dbo.[AzMan_Group_SIDMember] FOR delete AS UPDATE [AzMan_AzApplicationGroup] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT GroupID FROM deleted) go CREATE TRIGGER TR_UpdateGroupsTimeStampOnSidMemberInsOrUpd ON dbo.[AzMan_Group_SIDMember] FOR INSERT,UPDATE AS UPDATE [AzMan_AzApplicationGroup] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT GroupID FROM inserted) go CREATE TRIGGER TR_UpdateGroupsTimeStampOnAppdMemberDel ON dbo.[AzMan_Group_AppMember] FOR delete AS UPDATE [AzMan_AzApplicationGroup] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT GroupID FROM deleted) go CREATE TRIGGER TR_UpdateGroupsTimeStampOnAppMemberInsOrUpd ON dbo.[AzMan_Group_AppMember] FOR INSERT,UPDATE AS UPDATE [AzMan_AzApplicationGroup] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT GroupID FROM inserted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnSidMemberDel ON dbo.[AzMan_Role_SIDMember] FOR delete AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM deleted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnSidMemberInsOrUpd ON dbo.[AzMan_Role_SIDMember] FOR INSERT,UPDATE AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM inserted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnAppMemberDel ON dbo.[AzMan_Role_AppMember] FOR delete AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM deleted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnAppMemberInsOrUpd ON dbo.[AzMan_Role_AppMember] FOR INSERT,UPDATE AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM inserted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnOperationDelete ON dbo.AzMan_Role_To_Operation_Link FOR DELETE AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM deleted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnOperationInsert ON dbo.AzMan_Role_To_Operation_Link FOR INSERT AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM inserted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnTaskDelete ON dbo.AzMan_Role_To_Task_Link FOR DELETE AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM deleted) go CREATE TRIGGER TR_UpdateRolesTimeStampOnTaskInsert ON dbo.AzMan_Role_To_Task_Link FOR INSERT AS UPDATE [AzMan_AzRoleAssignment] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT RoleID FROM inserted) go CREATE TRIGGER TR_UpdateTaskTimeStampOnOperationDelete ON dbo.AzMan_Task_To_Operation_Link FOR DELETE AS UPDATE [AzMan_AzTask] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT TaskID FROM deleted) go CREATE TRIGGER TR_UpdateTaskTimeStampOnOperationInsert ON dbo.AzMan_Task_To_Operation_Link FOR INSERT AS UPDATE [AzMan_AzTask] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT TaskID FROM inserted) go CREATE TRIGGER TR_UpdateTaskTimeStampOnTaskDelete ON dbo.AzMan_Task_To_Task_Link FOR DELETE AS UPDATE [AzMan_AzTask] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT TaskID FROM deleted) go CREATE TRIGGER TR_UpdateTaskTimeStampOnTaskInsert ON dbo.AzMan_Task_To_Task_Link FOR INSERT AS UPDATE [AzMan_AzTask] SET [ChildUpdateTimeStamp]=@@DBTS WHERE ID in (SELECT TaskID FROM inserted) go CREATE TRIGGER TR_DeleteGroupForStore ON dbo.[AzMan_AzAuthorizationStore] FOR delete AS delete [AzMan_AzApplicationGroup] where StoreID in (select ID from deleted) go CREATE TRIGGER TR_DeleteGroupForApp ON dbo.[AzMan_AzApplication] FOR delete AS delete [AzMan_AzApplicationGroup] where AppID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteGroupForScope ON dbo.[AzMan_AzScope] FOR delete AS delete [AzMan_AzApplicationGroup] where ScopeID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteTaskForApp ON dbo.[AzMan_AzApplication] FOR delete AS delete [AzMan_AzTask] where AppID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteTaskForScope ON dbo.[AzMan_AzScope] FOR delete AS delete [AzMan_AzTask] where ScopeID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteRoleForApp ON dbo.[AzMan_AzApplication] FOR delete AS delete [AzMan_AzRoleAssignment] where AppID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteRoleForScope ON dbo.[AzMan_AzScope] FOR delete AS delete [AzMan_AzRoleAssignment] where ScopeID in (SELECT ID FROM deleted) go CREATE TRIGGER TR_DeleteBizRuleForTask ON dbo.[AzMan_BizRule_To_Task] FOR delete AS delete [AzMan_BizRule] where [ID] in (SELECT BizRuleID FROM deleted) go CREATE TRIGGER TR_DeleteBizRuleForGroup ON dbo.[AzMan_BizRule_To_Group] FOR delete AS delete [AzMan_BizRule] where [ID] in (SELECT BizRuleID FROM deleted) go IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_GenerateObjectAudit' and type = 'P') DROP PROCEDURE [AzMan_SP_GenerateObjectAudit] GO Create Procedure [AzMan_SP_GenerateObjectAudit] ( @success int, @event int, @actObjectType tinyint, @actObjectName nvarchar(512), @actObjectGuid uniqueidentifier, @targetType tinyint, @targetName nvarchar(512), @targetGuid uniqueidentifier, @otherInfo nvarchar(1024) ) AS DECLARE @UserName nvarchar(256) DECLARE @UserSid varbinary(85) SELECT @UserName = User_Name() SELECT @UserSid = SUSER_SID() -- events: -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE Exec master.dbo.AzGenerateAudit @success, @event, @actObjectType, @actObjectName, @actObjectGuid, 0, @UserName, @UserSid, @targetType, @targetName, @targetGuid, @otherInfo GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_GenerateMemberAudit' and type = 'P') DROP PROCEDURE [AzMan_SP_GenerateMemberAudit] GO Create Procedure [AzMan_SP_GenerateMemberAudit] ( @success int, @event int, @actObjectType tinyint, @actObjectName nvarchar(512), @actObjectGuid uniqueidentifier, @memberName nvarchar(256), @memberSid varbinary(85), @memberFlag int, @otherInfo nvarchar(1024) ) AS DECLARE @UserName nvarchar(256) DECLARE @UserSid varbinary(85) SELECT @UserName = User_Name() SELECT @UserSid = SUSER_SID() -- events: -- 4 for SE_AUDITID_AZ_SQL_MEMBER_ASSIGN -- 5 for SE_AUDITID_AZ_SQL_MEMBER_REMOVE -- memberFlags: -- 0 for non-members -- 1 for members -- 2 for admins -- 3 for readers -- 4 for delegated users Exec master.dbo.AzGenerateAudit @success, @event, @actObjectType, @actObjectName, @actObjectGuid, 0, @UserName, @UserSid, @memberName, @memberSid, @memberFlag, @otherInfo GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_GenerateGenericAudit' and type = 'P') DROP PROCEDURE [AzMan_SP_GenerateGenericAudit] GO Create Procedure [AzMan_SP_GenerateGenericAudit] ( @success int, @actObjectType tinyint, @actObjectName nvarchar(512), @actObjectGuid uniqueidentifier, @otherInfo nvarchar(1024) ) AS DECLARE @UserName nvarchar(256) DECLARE @UserSid varbinary(85) SELECT @UserName = User_Name() SELECT @UserSid = SUSER_SID() -- events: -- 6 for SE_AUDITID_AZ_SQL_OTHER Exec master.dbo.AzGenerateAudit @success, 6, @actObjectType, @actObjectName, @actObjectGuid, 0, @UserName, @UserSid, @otherInfo GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPU_SqlRoleUpdated' and type = 'P') DROP PROCEDURE AzMan_SPU_SqlRoleUpdated GO CREATE PROCEDURE dbo.AzMan_SPU_SqlRoleUpdated ( @Return int output, @ObjectID int, @ObjectType tinyint ) AS DECLARE @OldChildTS timestamp -- We can't just manually update the row timestamp because it is a timestamp column. -- So we set-and-reset the ChildUpdateTimeStamp for the update of the timestamp column IF @ObjectType = 0 BEGIN SELECT @OldChildTS = [ChildUpdateTimeStamp] FROM [AzMan_AzAuthorizationStore] WHERE ID = @ObjectID UPDATE [AzMan_AzAuthorizationStore] SET [ChildUpdateTimeStamp]=@OldChildTS + 1 WHERE ID = @ObjectID UPDATE [AzMan_AzAuthorizationStore] SET [ChildUpdateTimeStamp]=@OldChildTS WHERE ID = @ObjectID END ELSE IF @ObjectType = 1 BEGIN SELECT @OldChildTS = [ChildUpdateTimeStamp] FROM [AzMan_AzApplication] WHERE ID = @ObjectID UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@OldChildTS + 1 WHERE ID = @ObjectID UPDATE [AzMan_AzApplication] SET [ChildUpdateTimeStamp]=@OldChildTS WHERE ID = @ObjectID END ELSE IF @ObjectType = 4 BEGIN SELECT @OldChildTS = [ChildUpdateTimeStamp] FROM [AzMan_AzScope] WHERE ID = @ObjectID UPDATE [AzMan_AzScope] SET [ChildUpdateTimeStamp]=@OldChildTS + 1 WHERE ID = @ObjectID UPDATE [AzMan_AzScope] SET [ChildUpdateTimeStamp]=@OldChildTS WHERE ID = @ObjectID END SET @Return = @@ERROR RETURN @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_GetRoleMemberCount' and type = 'P') DROP PROCEDURE AzMan_SP_GetRoleMemberCount GO CREATE PROCEDURE dbo.AzMan_SP_GetRoleMemberCount ( @SqlRoleName nvarchar(64), @count int output ) AS select @count = count(*) from sysusers u, sysusers g, sysmembers m where g.uid = m.groupuid and g.name = @SqlRoleName and g.issqlrole = 1 and u.uid = m.memberuid RETURN GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_GetSQLRole' and type = 'P') DROP PROCEDURE AzMan_SP_GetSQLRole GO Create Procedure [AzMan_SP_GetSQLRole] ( @Return [int] output, @ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@SQLRoleName [nvarchar] (64) output ) As Set @Return = 0 Select @SQLRoleName = SQLRoleName from Azman_SQLRole where ObjectID = @ID and ObjectType = @ObjectType and RoleType = @RoleType Go IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_SQLRole' and type = 'P') DROP PROCEDURE AzMan_SPI_SQLRole GO Create PROCEDURE dbo.AzMan_SPI_SQLRole ( @Return [int] output ,@ID int ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@SQLRoleName [nvarchar] (64) output ) AS Set @SQLRoleName = '' DECLARE @myid uniqueidentifier DECLARE @RoleID smallint DECLARE @Ret [int] declare @dbName nvarchar (255) Set @Return = 0 SET @myid = NEWID() Set @SQLRoleName = CONVERT(varchar(64), @myid) Set @RoleID = 1 If Is_Member('db_owner') = 1 or Is_Member('db_securityadmin') = 1 Begin EXEC @Ret = sp_addrole @SQLRoleName End else begin Set @dbName = db_name() Exec master.dbo.xp_AzManAddRole @Ret output, @ID, @ObjectType, @dbName, @SQLRoleName End if @Ret = 0 Begin select @RoleID = uid from sysusers where (name = @SQLRoleName) and (issqlrole = 1) Insert Into [dbo].[Azman_SQLRole] ( [uid], [ObjectID], [ObjectType], [SQLRoleName], [RoleType] ) Values ( @RoleID, @ID, @ObjectType, @SQLRoleName, @RoleType ) End Else Begin Set @Return = -1 End Return @Return go IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_SQLRole_From_XP' and type = 'P') DROP PROCEDURE AzMan_SPI_SQLRole_From_XP GO Create PROCEDURE dbo.AzMan_SPI_SQLRole_From_XP ( @Return [int] output ,@SQLRoleName [nvarchar] (64) ) AS DECLARE @RoleID smallint DECLARE @Ret [int] Set @Return = -1 Set @RoleID = -1 EXEC @Ret = sp_addrole @SQLRoleName if @Ret = 0 Begin select @RoleID = uid from sysusers where (name = @SQLRoleName) and (issqlrole = 1) if @RoleID <> -1 Begin set @Return = 0 End End Else Begin Set @Return = -1 End Return @Return go IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_Add_User_To_SQLRole_From_XP' and type = 'P') DROP PROCEDURE AzMan_SPI_Add_User_To_SQLRole_From_XP GO CREATE PROCEDURE AzMan_SPI_Add_User_To_SQLRole_From_XP ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@UserName [nvarchar] (255) ) AS DECLARE @Ret [int] Declare @NameInDB [nvarchar] (255) Declare @SQLRoleName [nvarchar] (64) DECLARE @RoleMemberCount [int] Set @Return = -1 Set @SQLRoleName = NULL Exec dbo.[AzMan_SP_GetSQLRole] @Ret output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output if len(@SQLRoleName) > 0 Begin set @NameInDB = null SET @Ret = 0 -- if no such loging yet, then grant the user login IF NOT EXISTS (SELECT * FROM master..syslogins WHERE UPPER(loginname) = UPPER(@UserName) AND hasaccess=1) BEGIN EXEC @Ret = sp_grantlogin @UserName END -- if the user does not have access to the db IF @Ret= 0 AND NOT EXISTS (SELECT * FROM sysusers WHERE UPPER(Name) = UPPER(@UserName) AND hasdbaccess = 1) BEGIN EXEC @Ret = sp_grantdbaccess @UserName, @NameInDB output END -- workaround for now sp_grantdbaccess returns 1 when the user already has access if @Ret= 0 or len(@NameInDB) > 0 BEGIN Exec @Ret = sp_addrolemember @SQLRoleName, @UserName -- if the user is successfully added to a scope's role IF @Ret = 0 AND @ObjectType = 4 -- scope BEGIN EXEC AzMan_SP_GetRoleMemberCount @SQLRoleName, @RoleMemberCount output IF @RoleMemberCount > 0 UPDATE dbo.AzMan_AzScope SET dbo.AzMan_AzScope.HasSpecificUsers = 1 WHERE dbo.AzMan_AzScope.ID = @ID END END End Set @Return = @Ret GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_Add_User_To_SQLRole' and type = 'P') DROP PROCEDURE AzMan_SPI_Add_User_To_SQLRole GO CREATE PROCEDURE AzMan_SPI_Add_User_To_SQLRole ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@SQLRoleName [nvarchar] (64) ,@UserSid varbinary(85) ,@UserName [nvarchar] (255) ,@SaclIsOn [bit] ) AS DECLARE @Ret [int] Declare @NameInDB [nvarchar] (255) DECLARE @ObjectName nvarchar(512) DECLARE @ObjectGuid uniqueidentifier DECLARE @MemberType int declare @dbName nvarchar (255) DECLARE @RoleMemberCount [int] Set @Return = -1 -- get info for auditing IF @SaclIsOn = 1 BEGIN IF @ObjectType = 0 -- store SELECT @ObjectName = store.Name, @ObjectGuid=store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID=@ID IF @ObjectType = 1 -- app SELECT @ObjectName = app.Name, @ObjectGuid=app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID=@ID IF @ObjectType = 4 -- scope SELECT @ObjectName = scope.Name, @ObjectGuid=scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID=@ID IF @RoleType = 1 -- admin SET @MemberType = 2 IF @RoleType = 2 -- reader SET @MemberType = 3 IF @RoleType = 3 -- delegated users SET @MemberType = 4 END set @NameInDB = null If Is_Member('db_owner') = 1 Begin exec AzMan_SPI_Add_User_To_SQLRole_From_XP @Return output, @ID, @ObjectType, @RoleType, @UserName End else Begin Set @dbName = db_name() Exec master.dbo.xp_AzManAddUserToRole @Return output, @ID, @ObjectType, @RoleType, @dbName, @UserName End -- trigger the parent object's update timestamp IF @Return = 0 BEGIN Exec AzMan_SPU_SqlRoleUpdated @Ret output, @ID, @ObjectType IF @ObjectType = 4 -- scope BEGIN EXEC AzMan_SP_GetRoleMemberCount @SQLRoleName, @RoleMemberCount output IF @RoleMemberCount > 0 UPDATE dbo.AzMan_AzScope SET dbo.AzMan_AzScope.HasSpecificUsers = 1 WHERE dbo.AzMan_AzScope.ID = @ID END END -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateMemberAudit] @Return, 4, -- 0 for SE_AUDITID_AZ_SQL_MEMBER_ASSIGN @ObjectType, @ObjectName, @ObjectGuid, @UserName, @UserSid, @MemberType, -- member type N'' -- no other info END Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_Create_SqlRole_For_Object' and type = 'P') DROP PROCEDURE AzMan_SPI_Create_SqlRole_For_Object GO CREATE PROCEDURE AzMan_SPI_Create_SqlRole_For_Object ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ) AS DECLARE @Ret [int] DECLARE @SQLRoleName [nvarchar] (255) DECLARE @SaclIsOn [bit] DECLARE @AccessAtObjType tinyint Set @SaclIsOn = 0 Set @Return = 0 Exec dbo.[AzMan_SP_GetSQLRole] @Ret output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output if @SQLRoleName Is NULL begin Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @ID, @ObjectType, 1, @SaclIsOn output if @Return <> 1 begin Set @Return = -5 goto Done end -- we have proper access, then insert the role Exec AzMan_SPI_SQLRole @Return output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output end Done: Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPI_Add_User_To_Role' and type = 'P') DROP PROCEDURE AzMan_SPI_Add_User_To_Role GO CREATE PROCEDURE AzMan_SPI_Add_User_To_Role ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@UserSid varbinary(85) ,@UserName [nvarchar] (255) ) AS DECLARE @Ret [int] DECLARE @SQLRoleName [nvarchar] (255) Declare @NameInDB [nvarchar] (255) DECLARE @SaclIsOn [bit] DECLARE @AccessAtObjType tinyint Set @SaclIsOn = 0 Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @ID, @ObjectType, 1, @SaclIsOn output IF @Return <> 1 BEGIN Set @Return = -5 goto Done END Set @Return = -1 Exec dbo.[AzMan_SP_GetSQLRole] @Ret output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output if @SQLRoleName Is NULL Begin Exec AzMan_SPI_SQLRole @Return output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output End if @SQLRoleName is NOT NULL Begin Exec AzMan_SPI_Add_User_To_SQLRole @Return output, @ID, @ObjectType, @RoleType, @SQLRoleName, @UserSid, @UserName, @SaclIsOn End Else Begin Set @Return = -1 End Done: Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_User_From_SQLRole_From_XP' and type = 'P') DROP PROCEDURE AzMan_SPD_User_From_SQLRole_From_XP GO CREATE PROCEDURE AzMan_SPD_User_From_SQLRole_From_XP ( @Return [int] output ,@SQLRoleName [nvarchar] (64) ,@UserName [nvarchar] (255) ) AS DECLARE @Ret [int] SET NOCOUNT ON Set @Return = -1 Exec @Ret = sp_droprolemember @SQLRoleName, @UserName if @Ret <> 0 Begin Set @Return = -1 End Else Begin Set @Return = 0 End SET NOCOUNT OFF Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_User_From_SQLRole' and type = 'P') DROP PROCEDURE AzMan_SPD_User_From_SQLRole GO CREATE PROCEDURE AzMan_SPD_User_From_SQLRole ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@SQLRoleName [nvarchar] (64) ,@UserSid varbinary(85) ,@UserName [nvarchar] (255) ,@SaclIsOn [bit] ) AS DECLARE @Ret [int] DECLARE @ObjectName nvarchar(512) DECLARE @ObjectGuid uniqueidentifier DECLARE @MemberType int Declare @DbName [nvarchar] (255) DECLARE @RoleMemberCount int DECLARE @OtherRoleMemberCount int DECLARE @OtherRoleName [nvarchar] (64) Set @Return = -1 If is_Member('db_owner') = 1 or is_Member('db_securityadmin') = 1 or is_member('db_accessyadmin') = 1 Begin Exec @Ret = sp_droprolemember @SQLRoleName, @UserName End else begin Set @DbName = db_name() Exec master.dbo.xp_AzManRemoveUserFromRole @Ret output, @ID, @ObjectType, @DbName, @SQLRoleName, @UserName End if @Ret <> 0 Begin Set @Return = -1 End Else Begin -- trigger the parent object's update timestamp Set @Return = 0 Exec AzMan_SPU_SqlRoleUpdated @Return output, @ID, @ObjectType -- if the delete is successful to a scope role IF @Return = 0 AND @ObjectType = 4 BEGIN -- we need to get the other role's name for the scope SET @OtherRoleName = NULL IF @RoleType = 1 -- admin Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, 2, @OtherRoleName output ELSE IF @RoleType = 2 -- reader Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, 1, @OtherRoleName output SET @RoleMemberCount = 0 SET @OtherRoleMemberCount = 0 IF @SQLRoleName IS NOT NULL EXEC AzMan_SP_GetRoleMemberCount @SQLRoleName, @RoleMemberCount output IF @OtherRoleName IS NOT NULL EXEC AzMan_SP_GetRoleMemberCount @OtherRoleName, @OtherRoleMemberCount output IF @RoleMemberCount = 0 AND @OtherRoleMemberCount = 0 UPDATE dbo.AzMan_AzScope SET dbo.AzMan_AzScope.HasSpecificUsers = 0 WHERE dbo.AzMan_AzScope.ID = @ID END End -- get info for auditing IF @SaclIsOn = 1 BEGIN IF @ObjectType = 0 -- store SELECT @ObjectName = store.Name, @ObjectGuid=store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID=@ID IF @ObjectType = 1 -- app SELECT @ObjectName = app.Name, @ObjectGuid=app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID=@ID IF @ObjectType = 4 -- scope SELECT @ObjectName = scope.Name, @ObjectGuid=scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID=@ID IF @RoleType = 1 -- admin SET @MemberType = 2 IF @RoleType = 2 -- reader SET @MemberType = 3 IF @RoleType = 3 -- delegated users SET @MemberType = 4 -- generate an audit EXEC [AzMan_SP_GenerateMemberAudit] @Return, 5, -- 0 for SE_AUDITID_AZ_SQL_MEMBER_REMOVE @ObjectType, @ObjectName, @ObjectGuid, @UserName, @UserSid, @MemberType, -- member type N'' -- no other info END Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_User_From_Role' and type = 'P') DROP PROCEDURE AzMan_SPD_User_From_Role GO CREATE PROCEDURE AzMan_SPD_User_From_Role ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ,@UserSid varbinary(85) ,@UserName [nvarchar] (255) ) AS DECLARE @Ret [int] DECLARE @SQLRoleName [nvarchar] (64) DECLARE @SaclIsOn [bit] DECLARE @AccessAtObjType tinyint Set @SaclIsOn = 0 Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @ID, @ObjectType, 1, @SaclIsOn output IF @Return <> 1 BEGIN Set @Return = -5 goto Done END Set @Return = -1 Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, @RoleType, @SQLRoleName = @SQLRoleName output if @SQLRoleName Is not NULL Begin Exec AzMan_SPD_User_From_SQLRole @Return output, @ID, @ObjectType, @RoleType, @SQLRoleName, @UserSid, @UserName, @SaclIsOn End Done: Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Get_DBOwners' and type = 'P') DROP PROCEDURE AzMan_SPS_Get_DBOwners GO CREATE PROCEDURE AzMan_SPS_Get_DBOwners ( @Return [int] output, @ID [int] ) AS SET NOCOUNT ON -- @ID is not used. But our internal implementation requires non-empty -- parameter set where @Return is not considered one of them. EXEC @Return = sp_helprolemember 'db_owner' SET NOCOUNT OFF Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Get_Role_For_Object' and type = 'P') DROP PROCEDURE AzMan_SPS_Get_Role_For_Object GO CREATE PROCEDURE AzMan_SPS_Get_Role_For_Object ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@RoleType [tinyint] ) AS DECLARE @SQLRoleName [nvarchar] (64) SET NOCOUNT ON Set @SQLRoleName = NULL Set @Return = 0 Select @SQLRoleName = SQLRoleName From [dbo].[Azman_SQLRole] where [ObjectID] = @ID and [ObjectType] = @ObjectType and [RoleType] = @RoleType if @SQLRoleName is not NULL Begin EXEC @Return = sp_helprolemember @SQLRoleName End SET NOCOUNT OFF Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_Get_Object_Path_For_Container' and type = 'P') DROP PROCEDURE AzMan_SP_Get_Object_Path_For_Container GO Create Procedure [AzMan_SP_Get_Object_Path_For_Container] ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@StoreID [int] output ,@AppID [int] output ,@ScopeID [int] output ) AS DECLARE @RowCount INT, @Error INT Declare @ParentID [int] Declare @ParentType [int] Set @StoreID = -1 Set @AppID = -1 Set @ScopeID = -1 Set @Return = 0 if @ObjectType = 0 --Store Begin Set @StoreID = @ID End if @ObjectType = 1 -- App Begin Select @StoreID=StoreID From AzMan_AzApplication where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount <> 1 Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End else Begin Set @AppID = @ID End End If @ObjectType = 4 -- Scope Begin Select @AppID = AppID From [AzMan_AzScope] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount = 1 Begin Select @StoreID = StoreID From AzMan_AzApplication where ID = @AppID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount <> 1 Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End else Begin Set @ScopeID = @ID End End else Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End End Return @Return Go IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_Get_Object_Path' and type = 'P') DROP PROCEDURE AzMan_SP_Get_Object_Path GO Create Procedure [AzMan_SP_Get_Object_Path] ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ,@StoreID [int] output ,@AppID [int] output ,@ScopeID [int] output ) AS Declare @ParentID [int] Declare @ParentType [int] DECLARE @RowCount INT, @Error INT Set @StoreID = -1 Set @AppID = -1 Set @ScopeID = -1 Set @Return = 0 if @ObjectType = 0 --Store Begin Exec AzMan_SP_Get_Object_Path_For_Container @Return output, @ID, @ObjectType , @StoreID output, @AppID output, @ScopeID output goto Return_Get_ObjPath End if @ObjectType = 1 -- App Begin Exec AzMan_SP_Get_Object_Path_For_Container @Return output, @ID, @ObjectType , @StoreID output, @AppID output, @ScopeID output goto Return_Get_ObjPath End If @ObjectType = 2 -- Operation Begin Select @AppID= AppID From [AzMan_AzOperation] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount <> 1 Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End Else Begin Select @StoreID =StoreID From AzMan_AzApplication where ID = @AppID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount <> 1 Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End End goto Return_Get_ObjPath End If @ObjectType = 4 -- Scope Begin Exec AzMan_SP_Get_Object_Path_For_Container @Return output, @ID, @ObjectType , @StoreID output, @AppID output, @ScopeID output goto Return_Get_ObjPath End If @ObjectType = 3 -- Task Begin Select @ParentID = case ParentType when 1 then AppID when 4 then ScopeID end, @ParentType = ParentType from [AzMan_AzTask] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT End If @ObjectType = 5 -- Group Begin Select @ParentID = case ParentType when 0 then StoreID when 1 then AppID when 4 then ScopeID end, @ParentType = ParentType from [AzMan_AzApplicationGroup] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT End If @ObjectType = 6 -- Role Begin Select @ParentID = case ParentType when 1 then AppID when 4 then ScopeID end, @ParentType = ParentType from AzMan_AzRoleAssignment where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT End if @RowCount <> 1 Begin if @Error = 0 Begin Set @Return = -1168 -- Record not found End Else Begin Set @Return = @Error End End else Begin exec AzMan_SP_Get_Object_Path_For_Container @Return output, @ParentID, @ParentType, @StoreID output, @AppID output, @ScopeID output End Return_Get_ObjPath: Return @Return Go -- Access Check Store Procedure IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_AccessCheck_For_Container' and type = 'P') DROP PROCEDURE AzMan_SP_AccessCheck_For_Container GO Create Procedure [AzMan_SP_AccessCheck_For_Container] ( @Return [int] output ,@ID [int] ,@ObjectType [tinyint] ) As -- Check MemberShip starting with current node and going up Declare @SQLRoleName [nvarchar](64) Declare @SQLRoleType [TinyInt] Set @Return = -5 -- Check Admin Set @SQLRoleType = 1 Set @SQLRoleName = '' Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, @SQLRoleType, @SQLRoleName = @SQLRoleName output -- Is a member of admin if @SQLRoleName <> '' Begin If Is_Member(@SQLRoleName) = 1 Begin Set @Return = 1 -- Admin Access Goto Exit_AzMan_SP_AccessCheck_For_Container End End -- Is a member of Reader? Set @SQLRoleType = 2 Set @SQLRoleName = '' Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, @SQLRoleType, @SQLRoleName = @SQLRoleName output if @SQLRoleName <> '' Begin If Is_Member(@SQLRoleName) = 1 Begin Set @Return = 2 -- Reader Access Goto Exit_AzMan_SP_AccessCheck_For_Container End End -- Is a member of Delegated Users? Set @SQLRoleType = 3 Set @SQLRoleName = '' Exec [AzMan_SP_GetSQLRole] @Return output, @ID, @ObjectType, @SQLRoleType, @SQLRoleName = @SQLRoleName output if @SQLRoleName <> '' Begin If Is_Member(@SQLRoleName) = 1 Begin Set @Return = 3 -- Delegated user Access Goto Exit_AzMan_SP_AccessCheck_For_Container End End Exit_AzMan_SP_AccessCheck_For_Container: Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_AccessCheck' and type = 'P') DROP PROCEDURE AzMan_SP_AccessCheck GO Create Procedure [AzMan_SP_AccessCheck] ( @Return [int] output ,@AccessAtObjType [tinyint] output ,@ID [int] ,@ObjectType [tinyint] ,@CheckSacl [bit] = 0 ,@SaclIsOn [bit] output ) As -- Check MemberShip starting with current node and going up Declare @SQLRoleName [nvarchar](64) Declare @SQLRoleType [TinyInt] Declare @StoreID [int] Declare @AppID [int] Declare @ScopeID [int] Declare @StoreAccess [int] -- If this bit is set we know access check result, but we need to do SACL Declare @CheckSaclOnly [int] Declare @TempRet [int] Set @Return = -5 Set @StoreAccess = -5 Set @AccessAtObjType = 0 -- default to SACL off Set @SaclIsOn = 0 Set @CheckSaclOnly = 0 -- If the user is a DB_Owner, he has full control if Is_Member('db_owner') = 1 Begin set @Return = 1 --print 'User is member of db_Owner' IF @CheckSacl = 0 Goto Exit_AzMan_SP_AccessCheck ELSE Set @CheckSaclOnly = 1 End else if Is_Member('db_datawriter') = 1 -- If the user is a data writer he has full control Begin set @Return = 1 --print 'User is member of db_datawriter' IF @CheckSacl = 0 Goto Exit_AzMan_SP_AccessCheck ELSE Set @CheckSaclOnly = 1 End else if Is_Member('db_datareader') = 1 -- If the user is a data reader he has read control Begin set @Return = 2 --print 'User is member of db_datareader' IF @CheckSacl = 0 Goto Exit_AzMan_SP_AccessCheck ELSE Set @CheckSaclOnly = 1 End IF @CheckSaclOnly = 1 Set @TempRet = @Return -- Go all the way up to the store -- Check Access from top to bottom Exec AzMan_SP_Get_Object_Path @Return output, @ID, @ObjectType , @StoreID output, @AppID output, @ScopeID output -- Error ? Record not found if @Return < 0 Begin goto Exit_AzMan_SP_AccessCheck End -- we honor application's SACL setting over the store's IF @CheckSacl = 1 AND @StoreID <> -1 AND @AppID <> -1 BEGIN SELECT @SaclIsOn = IsNull(ApplyStoreSacl, 0) FROM AzMan_AzApplication App WHERE App.ID = @AppID AND App.StoreID = @StoreID END ELSE IF @CheckSacl = 1 AND @StoreID <> -1 BEGIN SELECT @SaclIsOn = IsNull(ApplyStoreSacl, 0) FROM AzMan_AzAuthorizationStore Store WHERE Store.ID = @StoreID END -- if we are only to check SACL settings (in other words, we already know the answer of access) IF @CheckSaclOnly = 1 Goto Exit_AzMan_SP_AccessCheck if @StoreID <> -1 Begin set @AccessAtObjType = 0 Exec AzMan_SP_AccessCheck_For_Container @Return output, @StoreID, 0 Set @StoreAccess = @Return if @Return <= 2 Begin Goto Exit_AzMan_SP_AccessCheck End End else Begin Goto Exit_AzMan_SP_AccessCheck End if @AppID <> -1 Begin set @AccessAtObjType = 1 Exec AzMan_SP_AccessCheck_For_Container @Return output, @AppID, 1 if @Return <= 2 Begin Goto Exit_AzMan_SP_AccessCheck End End else Begin Goto Exit_AzMan_SP_AccessCheck End if @ScopeID <> -1 Begin set @AccessAtObjType = 4 Exec AzMan_SP_AccessCheck_For_Container @Return output, @ScopeID, 4 if @Return <= 2 Begin Goto Exit_AzMan_SP_AccessCheck End End Begin Goto Exit_AzMan_SP_AccessCheck End Exit_AzMan_SP_AccessCheck: IF @CheckSaclOnly = 1 Set @Return = @TempRet Return @Return GO Create PROCEDURE dbo.AzMan_SPS_Get_StoreIDByName ( @Return [int] output, @ID int OUTPUT, @Name nvarchar(512) ) AS Set @ID = -1 -- this means it doesn't exist Set @Return = 0 SELECT @ID = ID FROM AzMan_AzAuthorizationStore WHERE Name = @Name RETURN @@RowCount go Create Procedure [AzMan_SP_Check_Dup_Task_For_Given_Parent] ( @Return [int] output, @ParentID [int], @ParentType [tinyint] , @ID [int], @Name [nvarchar](64) ) AS Set @Return = 0 -- Make sure that the name doesn't exist at the same level if @ParentType = 1 Begin if Exists( Select [Name] from [dbo].[AzMan_AzTask] where ParentType = @ParentType and AppID = @ParentID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 4 Begin if Exists( Select [Name] from [dbo].[AzMan_AzTask] where ParentType = @ParentType and ScopeID = @ParentID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End End else Begin Set @Return = -87 -- invalid parameter End Return @Return go Create Procedure [AzMan_SP_Check_Dup_Task] ( @Return [int] output, @ParentID [int], @ParentType [tinyint] , @ID [int], @Name [nvarchar](64) ) AS Declare @ParentAppID [int] Set @Return = 0 Set @ParentAppID = 0 -- First Check the current Parent exec AzMan_SP_Check_Dup_Task_For_Given_Parent @Return output, @ParentID, @ParentType, @ID, @Name if @Return <> 0 Begin Return(@Return) End -- Behave differently depending on the object type of the parent object -- A task that is a child of an application -- cannot have the same name as any tasks that are children of any of the child scopes. if @ParentType = 1 -- Application Begin Set @ParentAppID = @ParentID if Exists( Select [Name] from [dbo].[AzMan_AzTask] where ( ParentType = 4 ) -- All Child scope and LOWER([Name]) = LOWER(@Name) and (@ParentID IN ( Select AppID from AzMan_AzScope where AppID = @ParentID and ID <> IsNULL(@ID,0)) ) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 4 -- Scope Begin -- A task that is a child of a scope, -- cannot have the same name as tasks that are children of the application. -- Find the Parent App Select @ParentAppID = [AppID] from AzMan_AzScope where [ID] = @ParentID if ( @ParentAppID = 0 ) Begin Set @Return = -1 -- General Error End else Begin exec AzMan_SP_Check_Dup_Task_For_Given_Parent @Return output, @ParentAppID, 1, @ID, @Name End End -- Tasks and operations share a namespace so ensure there -- isn't an operation by this name. if @Return = 0 Begin if Exists( Select [Name] from [dbo].[AzMan_AzOperation] where LOWER([Name]) = LOWER(@Name) and (@ParentAppID = AppID) ) Begin Set @Return = -183 -- Same Name exist End End Return @Return go Create Procedure [AzMan_SP_Check_Dup_RoleAssignment] ( @Return [int] output, @ParentID [int], @ParentType [tinyint], @ID [int], @Name [nvarchar](64) ) AS Set @Return = 0 if @ParentType = 1 Begin if Exists( Select [Name] from [dbo].[AzMan_AzRoleAssignment] where ParentType = @ParentType and AppID = @ParentID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 4 Begin if Exists( Select [Name] from [dbo].[AzMan_AzRoleAssignment] where ParentType = @ParentType and ScopeID = @ParentID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End End Else Begin Set @Return = -1 End Return @Return go Create Procedure [AzMan_SP_Check_Dup_Application] ( @Return [int] output, @StoreID [int], @ID [int], @Name [nvarchar](512) ) AS Set @Return = 0 -- Make sure that the name doesn't exist at the same level if Exists( Select [Name] from [dbo].[AzMan_AzApplication] where StoreID = @StoreID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End Return @Return go Create Procedure [AzMan_SP_Check_Dup_Scope] ( @Return [int] output, @AppID [int], @ID [int], @NameHash [binary] (32) ) AS Set @Return = 0 -- Make sure that the name doesn't exist at the same level begin if Exists( Select ID from [dbo].[AzMan_AzScope] where ID <> IsNULL(@ID,0) and AppID = @AppID and [NameHash] = @NameHash ) Begin Set @Return = -183 -- Same Name exist End end Return @Return go Create Procedure [AzMan_SP_Check_Dup_Operation] ( @Return [int] output, @AppID [int], @ID [int], @Name [nvarchar](64) ) AS Set @Return = 0 -- Make sure that the name doesn't exist at the same level if Exists( Select [Name] from [dbo].[AzMan_AzOperation] where AppID = @AppID and ID <> IsNULL(@ID,0) and LOWER([Name]) = LOWER(@Name) ) Begin Set @Return = -183 -- Same Name exist End Return @Return go Create Procedure [AzMan_SP_Check_Dup_Group_For_Given_Parent] ( @Return [int] output, @ParentID [int], @ParentType [tinyint] , @ID [int], @Name [nvarchar](64) ) AS Set @Return = 0 if @ParentType = 0 Begin if Exists( Select [Name] from [dbo].[AzMan_AzApplicationGroup] where ( ParentType = @ParentType ) and (StoreID = @ParentID) and LOWER([Name]) = LOWER(@Name) and ID <> IsNULL(@ID,0) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 1 Begin if Exists( Select [Name] from [dbo].[AzMan_AzApplicationGroup] where ( ParentType = @ParentType ) and (AppID = @ParentID) and LOWER([Name]) = LOWER(@Name) and ID <> IsNULL(@ID,0) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 4 Begin if Exists( Select [Name] from [dbo].[AzMan_AzApplicationGroup] where ( ParentType = @ParentType ) and (ScopeID = @ParentID) and LOWER([Name]) = LOWER(@Name) and ID <> IsNULL(@ID,0) ) Begin Set @Return = -183 -- Same Name exist End End Else Begin Set @Return = -1 Return (@Return) End Return(@Return) GO Create Procedure [AzMan_SP_Check_Dup_Group] ( @Return [int] output, @ParentID [int], @ParentType [tinyint] , @ID [int], @Name [nvarchar](64) ) AS Declare @ParentStore [int] Declare @ParentAppID [int] Set @Return = 0 Set @ParentStore = 0 Set @ParentAppID = 0 -- First Check the current Parent exec AzMan_SP_Check_Dup_Group_For_Given_Parent @Return output, @ParentID, @ParentType, @ID, @Name if @Return <> 0 Begin Return(@Return) End -- Behave differently depending on the object type of the parent object -- -- A group that is a child of the authorization store, -- cannot have the same name as any groups that are children of any of the child applications, and -- cannot have the same name as any groups that are children of any of the grandchild child scopes. if @ParentType = 0 -- Auth Store Begin if Exists( Select ID from [dbo].[AzMan_AzApplicationGroup] where ( ( ID <> IsNULL(@ID,0) ) and ( [Name] = @Name ) and ( ( ( ParentType = 1 ) and -- Application ( AppID in ( select ID from AzMan_AzApplication where StoreID = @ParentID ) ) ) or ( ( ParentType = 4 ) and -- Scope ( ScopeID in ( select ID from AzMan_AzScope where AppID in (select ID from AzMan_AzApplication where StoreID = @ParentID) ) ) ) ) ) ) Begin Set @Return = -183 -- Same Name exist End End else if @ParentType = 1 -- Application Begin -- A group that is a child of an application -- cannot have the same name as groups that are children of the authorization store, -- and cannot have the same name as any groups that are children of any of the child scopes. -- Find the parent of Application Select @ParentStore = [StoreID] from AzMan_AzApplication where [ID] = @ParentID if ( @ParentStore = 0 ) Begin Set @Return = -1 -- General Error End Else Begin -- and Check for conflict exec AzMan_SP_Check_Dup_Group_For_Given_Parent @Return output, @ParentStore, 0, @ID, @Name End if ( @Return = 0 ) Begin -- Find All the Child scopes of parent and check for conflicts if Exists( Select [Name] from [dbo].[AzMan_AzApplicationGroup] where ( ParentType = 4 ) -- All Child scope and LOWER([Name]) = LOWER(@Name) and (@ParentID IN ( Select AppID from AzMan_AzScope where AppID = @ParentID and ID <> IsNULL(@ID,0)) ) ) Begin Set @Return = -183 -- Same Name exist End End End else if @ParentType = 4 -- Scope Begin -- A group that is a child of a scope, -- cannot have the same name as groups that are children of the application or authorization store -- Find the Parent App Select @ParentAppID = [AppID] from AzMan_AzScope where [ID] = @ParentID if ( @ParentAppID = 0 ) Begin Set @Return = -1 -- General Error End else Begin exec AzMan_SP_Check_Dup_Group_For_Given_Parent @Return output, @ParentAppID, 1, @ID, @Name if @Return = 0 Begin -- Find the Parent Store Select @ParentStore = [StoreID] from AzMan_AzApplication where [ID] = @ParentAppID if ( @ParentStore = 0 ) Begin Set @Return = -1 -- General Error End else Begin exec AzMan_SP_Check_Dup_Group_For_Given_Parent @Return output, @ParentStore, 0, @ID, @Name End End End End Return(@Return) GO Create Procedure [AzMan_SPI_AzAuthorizationStore] -- Inserts a new record in [AzMan_AzAuthorizationStore] table ( @Return [int] output , @ID [int] OUTPUT , @ObjectGuid [uniqueidentifier] = Null , @DomainTimeout [int] = Null , @ScriptEngineTimeout [int] = Null , @MaxScriptEngines [int] = Null , @ApplyStoreSacl [bit] = Null , @GenerateAudits [bit] = 0 , @MajorVersion [int] = 1 , @MinorVersion [int] = 0 , @TargetMachine [nvarchar](50) = Null , @Description [nvarchar](1024) = Null , @Name [nvarchar] (512) = NULL , @ApplicationData [ntext] = Null ) as DECLARE @RowCount INT, @Error INT Set @Return = 0 Set @ID = 0 Set NoCount On Begin Insert Into [dbo].[AzMan_AzAuthorizationStore] ( [ObjectGuid] , [Name] , [Description] , [ApplicationData] , [DomainTimeout] , [ScriptEngineTimeout] , [MaxScriptEngines] , [TargetMachine] , [ApplyStoreSacl] , [GenerateAudits] , [MajorVersion] , [MinorVersion] ) Values ( @ObjectGuid , @Name , @Description , @ApplicationData , @DomainTimeout , @ScriptEngineTimeout , @MaxScriptEngines , @TargetMachine , @ApplyStoreSacl , @GenerateAudits , @MajorVersion , @MinorVersion ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End else Begin Set @Return = @Error End -- generate a generic audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 0, -- 0 for store @Name, @ObjectGuid, N'Trying to create an AzAuthorizationStore' -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE 0, -- 0 for store @Name, @ObjectGuid, 0, -- 0 for store @Name, @ObjectGuid, N'' -- no other info End Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplication] -- Inserts a new record in [AzMan_AzApplication] table ( @Return [int] output , @ID [int] = Null Output , @ObjectGuid [uniqueidentifier] = Null , @StoreId [int] , @ApplyStoreSacl [bit] = Null , @GenerateAudits [bit] = Null , @AuthzInterfaceClsId [int] = Null , @CheckDup [bit] = 1 , @ApplicationVersion [nvarchar](50) = Null , @Name [nvarchar](512) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As Set NoCount On Begin DECLARE @RowCount INT, @Error INT DECLARE @storeName [nvarchar](512) DECLARE @storeGuid [uniqueidentifier] Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @StoreId, 0, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- Check for duplicate name IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_Application @Return output, @StoreId, @ID, @Name END ELSE Set @Return = 0 if @Return = 0 Begin Insert Into [dbo].[AzMan_AzApplication] ( [ObjectGuid] , [StoreID] , [Name] , [Description] , [ApplicationData] , [ApplyStoreSacl] , [GenerateAudits] , [AuthzInterfaceClsId] , [ApplicationVersion] ) Values ( @ObjectGuid , @StoreId , @Name , @Description , @ApplicationData , @ApplyStoreSacl , @GenerateAudits , @AuthzInterfaceClsId , @ApplicationVersion ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End -- generate an audit if SACL is on IF @SaclIsOn = 1 BEGIN -- get the store info SELECT @storeName = Store.Name, @storeGuid = Store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] Store WHERE Store.ID = @StoreId -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE 0, -- 0 for store @storeName, @storeGuid, 1, -- 1 for Application @Name, @ObjectGuid, N'' -- no other info END End End Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzApplication] -- Update an existing record in [AzMan_AzApplication] table ( @Return [int] output , @ID [int] , @StoreId [int] , @ConsiderNull_Description bit = 0 , @ConsiderNull_ApplicationData bit = 0 , @ApplyStoreSacl [bit] = Null , @ConsiderNull_ApplyStoreSacl bit = 0 , @GenerateAudits [bit] = Null , @ConsiderNull_GenerateAudits bit = 0 , @AuthzInterfaceClsId [int] = Null , @ConsiderNull_AuthzInterfaceClsId bit = 0 , @ConsiderNull_ApplicationVersion bit = 0 , @ApplicationVersion [nvarchar](50) = Null , @Name [nvarchar](512) , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @ObjectGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 0, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 If @ConsiderNull_ApplyStoreSacl Is Null Set @ConsiderNull_ApplyStoreSacl = 0 If @ConsiderNull_GenerateAudits Is Null Set @ConsiderNull_GenerateAudits = 0 If @ConsiderNull_AuthzInterfaceClsId Is Null Set @ConsiderNull_AuthzInterfaceClsId = 0 If @ConsiderNull_ApplicationVersion Is Null Set @ConsiderNull_ApplicationVersion = 0 IF @Name Is Not NULL Begin -- Check for duplicate name Exec AzMan_SP_Check_Dup_Application @Return output, @StoreId, @ID, @Name End If @Return = 0 Begin Update [dbo].[AzMan_AzApplication] Set [Name] = IsNull(@Name, [Name]) ,[Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End ,[ApplyStoreSacl] = Case @ConsiderNull_ApplyStoreSacl When 0 Then IsNull(@ApplyStoreSacl, [ApplyStoreSacl]) When 1 Then @ApplyStoreSacl End ,[GenerateAudits] = Case @ConsiderNull_GenerateAudits When 0 Then IsNull(@GenerateAudits, [GenerateAudits]) When 1 Then @GenerateAudits End ,[AuthzInterfaceClsId] = Case @ConsiderNull_AuthzInterfaceClsId When 0 Then IsNull(@AuthzInterfaceClsId, [AuthzInterfaceClsId]) When 1 Then @AuthzInterfaceClsId End ,[ApplicationVersion] = Case @ConsiderNull_ApplicationVersion When 0 Then IsNull(@ApplicationVersion, [ApplicationVersion]) When 1 Then @ApplicationVersion End Where ([ID] = @ID) End -- generate an audit if SACL is on IF @SaclIsOn = 1 BEGIN -- get info for auditing SELECT @ObjectGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 1, -- 0 for application @Name, @ObjectGuid, N'The shallow properties of the application may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzScope] -- Inserts a new record in [AzMan_AzScope] table ( @Return [int] output , @ID [int] = Null output , @AppId [int] = Null , @NameLen [int] = 0 , @NameHash [Binary] (32) = NULL , @ObjectGuid [uniqueidentifier] = Null , @CheckDup [bit] = 1 , @Description [nvarchar](1024) = Null , @Name [ntext] , @ApplicationData [ntext] = Null ) As DECLARE @appName nvarchar(512) DECLARE @appGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On Begin DECLARE @RowCount INT, @Error INT Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@AppId, 1, 1, @SaclIsOn output -- Require Admin Access at App if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_Scope @Return output, @AppId, -1, @NameHash End ELSE Set @Return = 0 if @Return = 0 Begin Insert Into [dbo].[AzMan_AzScope] ( [AppID] , [Name] , [NameLen] , [NameHash] , [Description] , [ApplicationData] , [ObjectGuid] ) Values ( @AppId , @Name , @NameLen , @NameHash , @Description , @ApplicationData , @ObjectGuid ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End End IF @SaclIsOn = 1 BEGIN -- get the store info for auditing SELECT @appName = app.Name, @appGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @AppId -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE 1, -- 1 for Application @appName, @appGuid, 4, -- 4 for scope @Name, @ObjectGuid, N'' -- no other info END End Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzOperation] -- Inserts a new record in [AzMan_AzOperation] table ( @Return [int] output , @ID [int] = Null Output , @OperationID [int] = Null , @AppId [int] = Null , @ObjectGuid [uniqueidentifier] = Null , @CheckDup [bit] = 1 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @appName nvarchar(512) DECLARE @appGuid uniqueidentifier DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @AppId, 1, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- if check dup IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_Operation @Return output, @AppId, @ID, @Name End ELSE Set @Return = 0 if @Return = 0 Begin Insert Into [dbo].[AzMan_AzOperation] ( [ObjectGuid] , [AppID] , [Name] , [Description] , [ApplicationData] , [OperationID] ) Values ( @ObjectGuid , @AppId , @Name , @Description , @ApplicationData , @OperationID ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End End IF @SaclIsOn = 1 BEGIN -- get the store info for auditing SELECT @appName = app.Name, @appGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @AppId -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE 1, -- 1 for Application @appName, @appGuid, 2, -- 2 for operation @Name, @ObjectGuid, N'' -- no other info END End Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplicationGroup] -- Inserts a new record in [AzMan_AzApplicationGroup] table ( @Return [int] output , @ID [int] = Null Output , @ParentId [int] , @ParentType [int] , @GroupType [tinyint] = Null , @ObjectGuid [uniqueidentifier] = Null , @CheckDup [bit] = 1 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null ) As DECLARE @RowCount INT, @Error INT Declare @StoreID int, @AppID int , @ScopeID int -- parent name and guid is only needed for auditing DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 set @StoreID = 0 set @AppID = 0 set @ScopeID = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output, @ParentId, @ParentType, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_Group @Return output, @ParentId, @ParentType, @ID, @Name END ELSE Set @Return = 0 if @Return = 0 Begin if @ParentType = 0 Begin set @StoreID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = store.Name, @parentGuid = store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID = @ParentId END End else if @ParentType = 1 Begin set @AppID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = app.Name, @parentGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId END End else if @ParentType = 4 Begin set @ScopeID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = scope.Name, @parentGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END End Insert Into [dbo].[AzMan_AzApplicationGroup] ( [ObjectGuid] , [StoreID] , [AppID] , [ScopeID] , [ParentType] , [Name] , [Description] , [GroupType] ) Values ( @ObjectGuid , @StoreID , @AppID , @ScopeID , @ParentType , @Name , @Description , @GroupType ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End End IF @SaclIsOn = 1 BEGIN -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE @ParentType, -- parent type @parentName, @parentGuid, 5, -- 5 for group @Name, @ObjectGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzTask] -- Inserts a new record in [AzMan_AzTask] table ( @Return [int] output , @ID [int] = Null Output , @IsRoleDefinition [bit] = 0 , @ParentId [int] , @ParentType [tinyint] , @ObjectGuid [uniqueidentifier] = Null , @CheckDup [bit] = 1 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @RowCount INT, @Error INT Declare @AppID [int], @ScopeID [int] DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentId, @ParentType, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @AppID = null Set @ScopeID = null if @ParentType = 1 Begin Set @AppID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = app.Name, @parentGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId END End Else if @ParentType = 4 Begin Set @ScopeID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = scope.Name, @parentGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END End Else Begin Set @Return = -1 goto Done End -- Make sure that the name doesn't exist at the same level IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_Task @Return output, @ParentId, @ParentType, @ID, @Name End ELSE Set @Return = 0 if @Return = 0 Begin Insert Into [dbo].[AzMan_AzTask] ( [ObjectGuid] , [AppID] , [ScopeID] , [ParentType] , [Name] , [Description] , [ApplicationData] , [IsRoleDefinition] ) Values ( @ObjectGuid , @AppID , @ScopeID , @ParentType , @Name , @Description , @ApplicationData , @IsRoleDefinition ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End End IF @SaclIsOn = 1 -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE @ParentType, -- parent type @parentName, @parentGuid, 3, -- 3 for task @Name, @ObjectGuid, N'' -- no other info Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzTask_Single_Operation] ( @Return [int] output , @TaskID [int] -- ID Of task , @OperationID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @taskName nvarchar(512) DECLARE @taskGuid uniqueidentifier DECLARE @opName nvarchar(512) DECLARE @opGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Task_To_Operation_Link] (TaskID, OperationID) VALUES (@TaskID, @OperationID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End IF @SaclIsOn = 1 BEGIN -- get the info for auditing SELECT @taskName = Task.Name, @taskGuid = Task.ObjectGuid FROM [dbo].[AzMan_AzTask] Task WHERE Task.ID = @TaskID SELECT @opName = Op.Name, @opGuid = Op.ObjectGuid FROM [dbo].[AzMan_AzOperation] Op WHERE Op.ID = @OperationID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 3, -- 3 for task @taskName, @taskGuid, 2, -- 2 for Operation @opName, @opGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzTask_Single_Operation] ( @Return [int] output , @TaskID [int] -- ID Of task , @OperationID [int] , @SaclIsOn [bit] ) As Set @Return = 0 DECLARE @RowCount INT, @Error INT DECLARE @taskName nvarchar(512) DECLARE @taskGuid uniqueidentifier DECLARE @opName nvarchar(512) DECLARE @opGuid uniqueidentifier Set NoCount On delete [AzMan_Task_To_Operation_Link] where TaskID = @TaskID and OperationID = @OperationID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End IF @SaclIsOn = 1 BEGIN -- get the info for auditing SELECT @taskName = Task.Name, @taskGuid = Task.ObjectGuid FROM [dbo].[AzMan_AzTask] Task WHERE Task.ID = @TaskID SELECT @opName = Op.Name, @opGuid = Op.ObjectGuid FROM [dbo].[AzMan_AzOperation] Op WHERE Op.ID = @OperationID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 3, -- 3 for task @taskName, @taskGuid, 2, -- 2 for Operation @opName, @opGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzTask_Multi_Operations] ( @Return [int] output , @TaskID [int] -- ID Of Task , @SepChar [char] (1) = "|" , @OperationIDs [nvarchar] (4000) ) As Set @Return = 0 DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 SET @equal = '=' Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@TaskID, 3, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- First parse the string -- Insert each one of them DECLARE @OperationID varchar(100), @Pos int Declare @iOperationID int SET @OperationIDs = LTRIM(RTRIM(@OperationIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @OperationIDs, 1) IF REPLACE(@OperationIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @OperationID = LTRIM(RTRIM(LEFT(@OperationIDs, @Pos - 1))) Set @iOperationID = CAST(@OperationID as int) -- remove the left part (the id) SET @OperationIDs = RIGHT(@OperationIDs, LEN(@OperationIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @OperationIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@OperationIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iOperationID <> 0 BEGIN -- if NNNN=0, then it means to delete IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzTask_Single_Operation @Return output, @TaskID, @iOperationID, @SaclIsOn if @Return <> 0 Begin Break End End ELSE BEGIN Exec AzMan_SPD_AzTask_Single_Operation @Return output, @TaskID, @iOperationID, @SaclIsOn if @Return <> 0 Begin Break End End END SET @OperationIDs = RIGHT(@OperationIDs, LEN(@OperationIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @OperationIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Single_Operation] ( @Return [int] output , @RoleID [int] -- ID Of Role , @OperationID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @opName nvarchar(512) DECLARE @opGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Role_To_Operation_Link] (RoleID, OperationID) VALUES (@RoleID, @OperationID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End IF @SaclIsOn = 1 BEGIN -- get the info for auditing SELECT @roleName = Role.Name, @roleGuid = Role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] Role WHERE Role.ID = @RoleID SELECT @opName = Op.Name, @opGuid = Op.ObjectGuid FROM [dbo].[AzMan_AzOperation] Op WHERE Op.ID = @OperationID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 6, -- 6 for role @roleName, @roleGuid, 2, -- 2 for Operation @opName, @opGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzRoleAssignment_Single_Operation] ( @Return [int] output , @RoleID [int] -- ID Of Role assignment , @OperationID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @opName nvarchar(512) DECLARE @opGuid uniqueidentifier Set @Return = 0 Set NoCount On delete [AzMan_Role_To_Operation_Link] where RoleID = @RoleID and OperationID = @OperationID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End IF @SaclIsOn = 1 BEGIN -- get the info for auditing SELECT @roleName = Role.Name, @roleGuid = Role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] Role WHERE Role.ID = @RoleID SELECT @opName = Op.Name, @opGuid = Op.ObjectGuid FROM [dbo].[AzMan_AzOperation] Op WHERE Op.ID = @OperationID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 6, -- 6 for role @roleName, @roleGuid, 2, -- 1 for Operation @opName, @opGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Multi_Operations] ( @Return [int] output , @RoleID [int] -- ID Of Role , @SepChar [nchar] (1) = "|" , @OperationIDs [nvarchar] (4000) ) As Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On -- First parse the string -- Insert each one of them Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleID, 6, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End DECLARE @OperationID nvarchar(100), @Pos int Declare @iOperationID int DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int SET @equal = '=' SET @OperationIDs = LTRIM(RTRIM(@OperationIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @OperationIDs, 1) IF REPLACE(@OperationIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @OperationID = LTRIM(RTRIM(LEFT(@OperationIDs, @Pos - 1))) Set @iOperationID = CAST(@OperationID as int) -- remove the left part (the id) SET @OperationIDs = RIGHT(@OperationIDs, LEN(@OperationIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @OperationIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@OperationIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iOperationID <> 0 BEGIN -- if NNNN=0, then it means to delete IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzRoleAssignment_Single_Operation @Return output, @RoleID, @iOperationID, @SaclIsOn if @Return <> 0 Begin Break End End ELSE BEGIN Exec AzMan_SPD_AzRoleAssignment_Single_Operation @Return output, @RoleID, @iOperationID, @SaclIsOn if @Return <> 0 Begin Break End END END SET @OperationIDs = RIGHT(@OperationIDs, LEN(@OperationIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @OperationIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzTask_Single_Task] ( @Return [int] output , @TaskID [int] , @ChildID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @taskName nvarchar(512) DECLARE @taskGuid uniqueidentifier DECLARE @refTaskName nvarchar(512) DECLARE @refTaskGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Task_To_Task_Link] (TaskID, ChildID) VALUES (@TaskID, @ChildID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End -- get the info for auditing IF @SaclIsOn = 1 BEGIN SELECT @taskName = Task.Name, @taskGuid = Task.ObjectGuid FROM [dbo].[AzMan_AzTask] Task WHERE Task.ID = @TaskID SELECT @refTaskName = refTask.Name, @refTaskGuid = refTask.ObjectGuid FROM [dbo].[AzMan_AzTask] refTask WHERE refTask.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 3, -- 3 for task @taskName, @taskGuid, 3, -- 3 for task @refTaskName, @refTaskGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzTask_Single_Task] ( @Return [int] output, @TaskID [int] , @ChildID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @taskName nvarchar(512) DECLARE @taskGuid uniqueidentifier DECLARE @refTaskName nvarchar(512) DECLARE @refTaskGuid uniqueidentifier Set @Return = 0 Set NoCount On Delete From [AzMan_Task_To_Task_Link] where TaskID = @TaskID and ChildID = @ChildID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End -- get the info for auditing IF @SaclIsOn = 1 BEGIN SELECT @taskName = Task.Name, @taskGuid = Task.ObjectGuid FROM [dbo].[AzMan_AzTask] Task WHERE Task.ID = @TaskID SELECT @refTaskName = refTask.Name, @refTaskGuid = refTask.ObjectGuid FROM [dbo].[AzMan_AzTask] refTask WHERE refTask.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 3, -- 3 for task @taskName, @taskGuid, 3, -- 3 for task @refTaskName, @refTaskGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzTask_Multi_Tasks] ( @Return [int] output , @ParentTaskId [int] -- ID Of Task , @SepChar [char] (1) = "|" , @TaskIDs [nvarchar] (4000) ) As Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentTaskId, 3, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- First parse the string -- Insert each one of them DECLARE @TaskID varchar(100), @Pos int Declare @iTaskID int DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int SET @equal = '=' SET @TaskIDs = LTRIM(RTRIM(@TaskIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @TaskIDs, 1) --IF REPLACE(@TaskIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @TaskID = LTRIM(RTRIM(LEFT(@TaskIDs, @Pos - 1))) Set @iTaskID = CAST(@TaskID as int) -- remove the left part (the id) SET @TaskIDs = RIGHT(@TaskIDs, LEN(@TaskIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @TaskIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@TaskIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iTaskID <> 0 BEGIN if @isAdd <> 0 Begin Exec AzMan_SPI_AzTask_Single_Task @Return output, @ParentTaskId, @iTaskID, @SaclIsOn if @Return <> 0 Begin Break End End else Begin Exec AzMan_SPD_AzTask_Single_Task @Return output, @ParentTaskId, @iTaskID, @SaclIsOn if @Return <> 0 Begin Break End End END SET @TaskIDs = RIGHT(@TaskIDs, LEN(@TaskIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @TaskIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Single_Task] ( @Return [int] output, @RoleID [int] -- ID Of Role , @TaskID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @refTaskName nvarchar(512) DECLARE @refTaskGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Role_To_Task_Link] (RoleID, TaskID) VALUES (@RoleID, @TaskID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End IF @SaclIsOn = 1 BEGIN -- get the info for auditing SELECT @roleName = role.Name, @roleGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @RoleID SELECT @refTaskName = refTask.Name, @refTaskGuid = refTask.ObjectGuid FROM [dbo].[AzMan_AzTask] refTask WHERE refTask.ID = @TaskID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 6, -- 6 for role @roleName, @roleGuid, 3, -- 3 for task @refTaskName, @refTaskGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure AzMan_SPD_AzRoleAssignment_Single_Task ( @Return [int] output, @RoleId [int] -- ID Of Role Assignment , @TaskID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @refTaskName nvarchar(512) DECLARE @refTaskGuid uniqueidentifier Set @Return = 0 Set NoCount On Delete From [AzMan_Role_To_Task_Link] where TaskID = @TaskID and RoleID = @RoleId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- get the info for auditing SELECT @roleName = role.Name, @roleGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @RoleId SELECT @refTaskName = refTask.Name, @refTaskGuid = refTask.ObjectGuid FROM [dbo].[AzMan_AzTask] refTask WHERE refTask.ID = @TaskID IF @SaclIsOn = 1 BEGIN -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 6, -- 6 for role @roleName, @roleGuid, 3, -- 3 for task @refTaskName, @refTaskGuid, N'' -- no other info END Set NoCount Off Return(@Return) go Create Procedure [AzMan_SPI_AzRoleAssignment_Multi_Tasks] ( @Return [int] output , @RoleId [int] , @SepChar [char] (1) = "|" , @TaskIDs [nvarchar] (4000) ) As Set NoCount On Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleId, 6, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- First parse the string -- Insert each one of them DECLARE @TaskID varchar(100), @Pos int Declare @iTaskID int DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int SET @equal = '=' SET @TaskIDs = LTRIM(RTRIM(@TaskIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @TaskIDs, 1) IF REPLACE(@TaskIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @TaskID = LTRIM(RTRIM(LEFT(@TaskIDs, @Pos - 1))) Set @iTaskID = CAST(@TaskID as int) -- remove the left part (the id) SET @TaskIDs = RIGHT(@TaskIDs, LEN(@TaskIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @TaskIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@TaskIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iTaskID <> 0 BEGIN -- if NNNN=0, then it means to delete IF @isAdd <> 0 Begin Exec [AzMan_SPI_AzRoleAssignment_Single_Task] @Return output, @RoleId, @iTaskID, @SaclIsOn if @Return <> 0 Begin Break End End else Begin Exec [AzMan_SPD_AzRoleAssignment_Single_Task] @Return output, @RoleId, @iTaskID, @SaclIsOn if @Return <> 0 Begin Break End End END SET @TaskIDs = RIGHT(@TaskIDs, LEN(@TaskIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @TaskIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment] ( @Return [int] output , @ID [int] = Null Output , @ParentId [int] , @ParentType [tinyint] , @ObjectGuid [uniqueidentifier] = Null , @CheckDup [bit] = 1 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @RowCount INT, @Error INT Declare @AppId [int] , @ScopeID [int] DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentId, @ParentType, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End IF @CheckDup = 1 BEGIN Exec AzMan_SP_Check_Dup_RoleAssignment @Return output, @ParentId, @ParentType, @ID, @Name END ELSE Set @Return = 0 if @Return = 0 Begin Set @AppId = null Set @ScopeID= null if @ParentType = 1 Begin Set @AppId = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName=app.Name, @parentGuid=app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId END End else if @ParentType = 4 Begin Set @ScopeID = @ParentId -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName=scope.Name, @parentGuid=scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END End else Begin Set @Return = -1 Return End Insert Into [dbo].[AzMan_AzRoleAssignment] ( [ObjectGuid] , [AppID] , [ScopeID] , [ParentType] , [Name] , [Description] , [ApplicationData] ) Values ( @ObjectGuid , @AppId , @ScopeID , @ParentType , @Name , @Description , @ApplicationData ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) End Else Begin Set @Return = @Error End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 0, -- 0 for SE_AUDITID_AZ_SQL_OBJECT_CREATE @ParentType, @parentName, @parentGuid, 6, -- 6 for role @Name, @ObjectGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzAuthorizationStore] -- Update an existing record in [AzMan_AzAuthorizationStore] table ( @Return [int] output , @ID [int] , @ConsiderNull_Description bit = 0 , @ConsiderNull_ApplicationData bit = 0 , @DomainTimeout [int] = Null , @ConsiderNull_DomainTimeout bit = 0 , @ScriptEngineTimeout [int] = Null , @ConsiderNull_ScriptEngineTimeout bit = 0 , @MaxScriptEngines [int] = Null , @ConsiderNull_MaxScriptEngines bit = 0 , @ConsiderNull_TargetMachine bit = 0 , @ApplyStoreSacl [bit] = Null , @ConsiderNull_ApplyStoreSacl bit = 0 , @GenerateAudits [bit] = Null , @ConsiderNull_GenerateAudits bit = 0 , @MajorVersion [int] = Null , @ConsiderNull_MajorVersion bit = 0 , @MinorVersion [int] = Null , @ConsiderNull_MinorVersion bit = 0 , @TargetMachine [nvarchar](50) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @RowCount INT, @Error INT DECLARE @ObjectName nvarchar(512) DECLARE @ObjectGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 0, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- no error If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 If @ConsiderNull_DomainTimeout Is Null Set @ConsiderNull_DomainTimeout = 0 If @ConsiderNull_ScriptEngineTimeout Is Null Set @ConsiderNull_ScriptEngineTimeout = 0 If @ConsiderNull_MaxScriptEngines Is Null Set @ConsiderNull_MaxScriptEngines = 0 If @ConsiderNull_TargetMachine Is Null Set @ConsiderNull_TargetMachine = 0 If @ConsiderNull_ApplyStoreSacl Is Null Set @ConsiderNull_ApplyStoreSacl = 0 If @ConsiderNull_GenerateAudits Is Null Set @ConsiderNull_GenerateAudits = 0 If @ConsiderNull_MajorVersion Is Null Set @ConsiderNull_MajorVersion = 0 If @ConsiderNull_MinorVersion Is Null Set @ConsiderNull_MinorVersion = 0 Update [dbo].[AzMan_AzAuthorizationStore] Set [Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End ,[DomainTimeout] = Case @ConsiderNull_DomainTimeout When 0 Then IsNull(@DomainTimeout, [DomainTimeout]) When 1 Then @DomainTimeout End ,[ScriptEngineTimeout] = Case @ConsiderNull_ScriptEngineTimeout When 0 Then IsNull(@ScriptEngineTimeout, [ScriptEngineTimeout]) When 1 Then @ScriptEngineTimeout End ,[MaxScriptEngines] = Case @ConsiderNull_MaxScriptEngines When 0 Then IsNull(@MaxScriptEngines, [MaxScriptEngines]) When 1 Then @MaxScriptEngines End ,[TargetMachine] = Case @ConsiderNull_TargetMachine When 0 Then IsNull(@TargetMachine, [TargetMachine]) When 1 Then @TargetMachine End ,[ApplyStoreSacl] = Case @ConsiderNull_ApplyStoreSacl When 0 Then IsNull(@ApplyStoreSacl, [ApplyStoreSacl]) When 1 Then @ApplyStoreSacl End ,[GenerateAudits] = Case @ConsiderNull_GenerateAudits When 0 Then IsNull(@GenerateAudits, [GenerateAudits]) When 1 Then @GenerateAudits End ,[MajorVersion] = Case @ConsiderNull_MajorVersion When 0 Then IsNull(@MajorVersion, [MajorVersion]) When 1 Then @MajorVersion End ,[MinorVersion] = Case @ConsiderNull_MinorVersion When 0 Then IsNull(@MinorVersion, [MinorVersion]) When 1 Then @MinorVersion End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ObjectName=store.Name, @ObjectGuid = store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 0, -- 0 for store @ObjectName, @ObjectGuid, N'The shallow properties of the store may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzScope] -- Update an existing record in [AzMan_AzScope] table ( @Return [int] output , @ID [int] , @AppId [int] , @ConsiderNull_Description bit = 0 , @ConsiderNull_ApplicationData bit = 0 , @NameHash [Binary] (32) = Null , @Description [nvarchar](1024) = Null , @Name [ntext] = Null , @ApplicationData [ntext] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @ObjectGuid uniqueidentifier DECLARE @iScopeNameLen int Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 4, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End -- Only store or app admin can modify property of the scope object if ( (@AccessAtObjType <> 0) and (@AccessAtObjType <> 1) ) begin Set @Return = -5 goto Done end Set @Return = 0 If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 if @Name Is NOT NULL Begin Exec AzMan_SP_Check_Dup_Scope @Return output, @AppId, @ID, @NameHash End if @Return = 0 Begin set @iScopeNameLen = DATALENGTH(@Name) Update [dbo].[AzMan_AzScope] Set [Name] = IsNull(@Name, [Name]) ,[NameHash] = IsNull(@NameHash, [NameHash]) ,[Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End End IF @SaclIsOn = 1 BEGIN -- get info for auditing SELECT @ObjectGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ID -- TODO Should we truncate the name for scopes? -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 4, -- 0 for scope @Name, @ObjectGuid, N'The shallow properties of the scope may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzOperation] -- Update an existing record in [AzMan_AzOperation] table ( @Return [int] output , @ID [int] , @AppId [int] , @ConsiderNull_Description bit = 0 , @ConsiderNull_ApplicationData bit = 0 , @OperationID [int] = Null , @ConsiderNull_OperationID bit = 0 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @ObjectGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 2, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 If @ConsiderNull_OperationID Is Null Set @ConsiderNull_OperationID = 0 If @Name Is Not NULL Begin Exec AzMan_SP_Check_Dup_Operation @Return output, @AppId, @ID, @Name End if @Return = 0 Begin Update [dbo].[AzMan_AzOperation] Set [Name] = IsNull(@Name, [Name]) ,[Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End ,[OperationID] = Case @ConsiderNull_OperationID When 0 Then IsNull(@OperationID, [OperationID]) When 1 Then @OperationID End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ObjectGuid = op.ObjectGuid FROM [dbo].[AzMan_AzOperation] op WHERE op.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 2, -- 2 for operation @Name, @ObjectGuid, N'The shallow properties of the operation may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzApplicationGroup] -- Update an existing record in [AzMan_AzApplicationGroup] table ( @Return [int] output , @ID [int] , @ParentType [tinyint] , @ParentID [int] , @GroupType [tinyint] = Null , @ConsiderNull_GroupType bit = 0 , @ConsiderNull_GroupDescription bit = 0 , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null ) As DECLARE @RowCount INT, @Error INT DECLARE @ObjectGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 5, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End If @ConsiderNull_GroupType Is Null Set @ConsiderNull_GroupType = 0 if @Name IS NOT NULL Begin Exec AzMan_SP_Check_Dup_Group @Return output, @ParentID, @ParentType, @ID, @Name End if @Return = 0 Begin Update [dbo].[AzMan_AzApplicationGroup] Set [Name] = IsNull(@Name, [Name]) ,[GroupType] = Case @ConsiderNull_GroupType When 0 Then IsNull(@GroupType, [GroupType]) When 1 Then @GroupType End ,[Description] = Case @ConsiderNull_GroupDescription When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ObjectGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 5, -- 5 for application group @Name, @ObjectGuid, N'The shallow properties of the application group may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzTask] -- Update an existing record in table ( @Return [int] output , @ID [int] , @ParentID [int] , @ParentType [tinyint] , @ConsiderNull_Description bit = 0 , @IsRoleDefinition [bit] = Null , @ConsiderNull_IsRoleDefinition bit = NULL , @ConsiderNull_ApplicationData bit = NULL , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As DECLARE @ObjectGuid uniqueidentifier Set NoCount On DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 3, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 if @ConsiderNull_IsRoleDefinition is NULL Set @ConsiderNull_IsRoleDefinition = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 if @Name Is Not NULL Begin Exec AzMan_SP_Check_Dup_Task @Return output, @ParentID, @ParentType, @ID, @Name End if @Return = 0 Begin Update [dbo].[AzMan_AzTask] Set [Name] = IsNull(@Name, [Name]) ,[Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[IsRoleDefinition] = Case @ConsiderNull_IsRoleDefinition When 0 Then IsNull(@IsRoleDefinition, [IsRoleDefinition]) When 1 Then @IsRoleDefinition End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ObjectGuid = task.ObjectGuid FROM [dbo].[AzMan_AzTask] task WHERE task.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 3, -- 3 for task @Name, @ObjectGuid, N'The shallow properties of the task may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPU_AzRoleAssignment] -- Update an existing record in the table ( @Return [int] output , @ID [int] , @ParentID [int] , @ParentType [tinyint] , @ConsiderNull_Description bit = 0 , @ConsiderNull_ApplicationData bit = NULL , @Name [nvarchar](64) = Null , @Description [nvarchar](1024) = Null , @ApplicationData [ntext] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @ObjectGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 6, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 If @ConsiderNull_Description Is Null Set @ConsiderNull_Description = 0 If @ConsiderNull_ApplicationData Is Null Set @ConsiderNull_ApplicationData = 0 IF @Name Is Not NULL Begin Exec AzMan_SP_Check_Dup_RoleAssignment @Return output, @ParentID, @ParentType, @ID, @Name End if @Return = 0 Begin Update [dbo].[AzMan_AzRoleAssignment] Set [Name] = IsNull(@Name, [Name]) ,[Description] = Case @ConsiderNull_Description When 0 Then IsNull(@Description, [Description]) When 1 Then @Description End ,[ApplicationData] = Case @ConsiderNull_ApplicationData When 0 Then IsNull(@ApplicationData, [ApplicationData]) When 1 Then @ApplicationData End Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin Set @Return = @Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ObjectGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @ID -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 6, -- 6 for role @Name, @ObjectGuid, N'The shallow properties of the role assignment may have been modified' END Done: Set NoCount Off Return(@Return) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPIU_AzApplicationGroup_LDAPQuery' and type = 'P') DROP PROCEDURE AzMan_SPIU_AzApplicationGroup_LDAPQuery GO Create Procedure [AzMan_SPIU_AzApplicationGroup_LDAPQuery] -- Inserts or updates a record in [AzMan_LDAPQuery] table ( @Return [int] output , @GroupId [int] = Null -- ID Of Application Group , @ConsiderNull_LdapQuery bit = 0 , @LdapQuery [ntext] = Null -- LDAP Query ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @Name nvarchar(512) DECLARE @ID [int] DECLARE @ObjectGuid uniqueidentifier Declare @ExistingLdapQueryID [int] Declare @AccessAtObjType [tinyint] Set @ExistingLdapQueryID = Null DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupId, 5, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 Select @ExistingLdapQueryID = [LdapQueryID] From [dbo].[AzMan_AzApplicationGroup] Where [ID] = @GroupId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error=0 Begin if @RowCount = 0 Begin -- Parent Group was not found Set @Return = 1 Return(1) End End else Begin Return @Error End If @ExistingLdapQueryID Is Null Begin Begin Insert Into [dbo].[AzMan_LDAPQuery] ( [GroupID] , [LdapQuery] ) Values ( @GroupId , @LdapQuery ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ID = Cast(SCOPE_IDENTITY() As [int]) -- Update the AzApplication Groups with the new ID if @ID <> 0 Begin Update [dbo].[AzMan_AzApplicationGroup] Set [LdapQueryID] = @ID where [ID] = @GroupId End End Else Begin Set @Return = @Error End End End Else Begin If @ConsiderNull_LdapQuery Is Null Set @ConsiderNull_LdapQuery = 0 Update [dbo].[AzMan_LDAPQuery] Set [GroupID] = @GroupId ,[LdapQuery] = Case @ConsiderNull_LdapQuery When 0 Then IsNull(@LdapQuery, [LdapQuery]) When 1 Then @LdapQuery End Where [ID] = @ExistingLdapQueryID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount <> 1 Set @ID = @ExistingLdapQueryID else Begin Set @Return = @Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @Name=appGroup.Name, @ObjectGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @GroupId -- generate an audit EXEC [AzMan_SP_GenerateGenericAudit] @Return, 5, -- 5 for group @Name, @ObjectGuid, N'The LDAP query of the application may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPIU_Bizrule] ( @Return [int] output, @ParentId [int] , @ParentType [tinyint] , @BizRuleImportedPath [nvarchar](512) = Null -- for [AzMan_BizRule].[BizRuleImportedPath] column , @ConsiderNull_BizRuleImportedPath bit = 0 , @BizRule [ntext] = Null -- for [AzMan_BizRule].[BizRule] column , @ConsiderNull_BizRule bit = 0 , @BizRuleLanguage [nvarchar](64) = Null -- for [AzMan_BizRule].[BizRuleLanguage] column , @ConsiderNull_BizRuleLanguage bit = 0 ) As DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set @Return = 0 Set NoCount On Declare @ExistingBizruleID [int] Declare @AccessAtObjType [tinyint] Set @ExistingBizruleID = Null Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentId, @ParentType, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 if @ParentType = 3 -- task Begin Select @ExistingBizruleID = [BizRuleID] From [dbo].[AzMan_BizRule_To_Task] Where [TaskID] = @ParentId End else if @ParentType = 5 -- group Begin Select @ExistingBizruleID = [BizRuleID] From [dbo].[AzMan_BizRule_To_Group] Where [GroupID] = @ParentId End SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @ExistingBizruleID Is Null or @ExistingBizruleID = 0 Begin Begin Insert Into [dbo].[AzMan_BizRule] ( [ParentId] , [ParentType] , [BizRuleImportedPath] , [BizRule] , [BizRuleLanguage] ) Values ( @ParentId ,@ParentType ,@BizRuleImportedPath ,@BizRule ,@BizRuleLanguage ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 1 Begin Set @ExistingBizruleID = Cast(SCOPE_IDENTITY() As [int]) -- Update the AzApplication Groups or Task with the new ID if @ExistingBizruleID <> 0 if @ParentType = 3 -- task Begin insert [dbo].[AzMan_BizRule_To_Task] ( [TaskID] , [BizRuleID] ) Values ( @ParentId , @ExistingBizruleID ) End else if @ParentType = 5 -- group Begin insert [dbo].[AzMan_BizRule_To_Group] ( [GroupID] , [BizRuleID] ) Values ( @ParentId , @ExistingBizruleID ) End End Else Begin Set @Return = @Error End End End Else Begin If @ConsiderNull_BizRuleImportedPath Is Null set @ConsiderNull_BizRuleImportedPath = 0 If @ConsiderNull_BizRule Is Null set @ConsiderNull_BizRule = 0 If @ConsiderNull_BizRuleLanguage Is Null set @ConsiderNull_BizRuleLanguage = 0 Update [dbo].[AzMan_BizRule] Set [ParentId] = @ParentId , [ParentType] = @ParentType , [BizRuleImportedPath] = Case @ConsiderNull_BizRuleImportedPath When 0 Then IsNull(@BizRuleImportedPath, [BizRuleImportedPath]) When 1 Then @BizRuleImportedPath End , [BizRule] = Case @ConsiderNull_BizRule When 0 Then IsNull(@BizRule, [BizRule]) When 1 Then @BizRule End , [BizRuleLanguage] = Case @ConsiderNull_BizRuleLanguage When 0 Then IsNull(@BizRuleLanguage, [BizRuleLanguage]) When 1 Then @BizRuleLanguage End Where [ID] = @ExistingBizruleID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @RowCount = 0 Begin if @Error = 0 Begin Set @Return = -1168 -- Error updating the Record End Else Begin Set @Return = @Error End End End -- generate an audit IF @SaclIsOn = 1 BEGIN -- get info for auditing IF @ParentType = 3 -- task BEGIN SELECT @parentName=task.Name, @parentGuid = task.ObjectGuid FROM [dbo].[AzMan_AzTask] task WHERE task.ID = @ParentId END ELSE IF @ParentType = 5 -- app group BEGIN SELECT @parentName=appGroup.Name, @parentGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @ParentId END EXEC [AzMan_SP_GenerateGenericAudit] @Return, @ParentType, @parentName, @parentGuid, N'The bizrule of the object may have been modified' END Done: Set NoCount Off Return(@Return) GO Create Procedure dbo.[AzMan_SPIU_AzApplicationGroup_Bizrule] ( @Return [int] output , @GroupId [int] , @ConsiderNull_BizRuleImportedPath bit = 0 , @ConsiderNull_BizRule bit = 0 , @ConsiderNull_BizRuleLanguage bit = 0 , @BizRuleLanguage [nvarchar](64) = Null -- for [AzMan_BizRule].[BizRuleLanguage] column , @BizRuleImportedPath [nvarchar](512) = Null -- for [AzMan_BizRule].[BizRuleImportedPath] column , @BizRule [ntext] = Null -- for [AzMan_BizRule].[BizRule] column ) As Set @Return = 0 exec AzMan_SPIU_Bizrule @Return output, @GroupId, 5 , @BizRuleImportedPath , @ConsiderNull_BizRuleImportedPath , @BizRule , @ConsiderNull_BizRule , @BizRuleLanguage , @ConsiderNull_BizRuleLanguage Return @Return Go Create Procedure dbo.[AzMan_SPIU_AzTask_Bizrule] ( @Return [int] output , @TaskId [int] , @ConsiderNull_BizRuleImportedPath bit = 0 , @ConsiderNull_BizRule bit = 0 , @ConsiderNull_BizRuleLanguage bit = 0 , @BizRuleLanguage [nvarchar](64) = Null -- for [AzMan_BizRule].[BizRuleLanguage] column , @BizRuleImportedPath [nvarchar](512) = Null -- for [AzMan_BizRule].[BizRuleImportedPath] column , @BizRule [ntext] = Null -- for [AzMan_BizRule].[BizRule] column ) As Set @Return = 0 exec AzMan_SPIU_Bizrule @Return output, @TaskId, 3 , @BizRuleImportedPath , @ConsiderNull_BizRuleImportedPath , @BizRule , @ConsiderNull_BizRule , @BizRuleLanguage , @ConsiderNull_BizRuleLanguage Return @Return Go Create Procedure [AzMan_SPI_AzApplicationGroup_Single_SidMember] ( @Return [int] output, @GroupId [int] -- ID Of Application Group , @IsMember [bit] = 0 , @SidMember varbinary(85) , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Group_SIDMember] (MemberSID, Member, GroupID) VALUES (@SidMember, @IsMember, @GroupId) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End -- get the info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = appGroup.Name, @parentGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @GroupId -- generate an audit IF @IsMember = 1 EXEC [AzMan_SP_GenerateMemberAudit] @Return, 4, -- 4 for SE_AUDITID_AZ_SQL_MEMBER_ASSIGN 5, -- 5 for group @parentName, @parentGuid, N'', @SidMember, 1, -- 1 for member N'' -- no other info ELSE EXEC [AzMan_SP_GenerateMemberAudit] @Return, 4, -- 4 for SE_AUDITID_AZ_SQL_MEMBER_ASSIGN 5, -- 5 for group @parentName, @parentGuid, N'', @SidMember, 0, -- 0 for non-member N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzApplicationGroup_Single_SidMember] ( @Return [int] output, @GroupId [int] -- ID Of Application Group , @IsMember [bit] = 1 , @SidMember varbinary(85) , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Set @Return = 0 Set NoCount On Delete From [AzMan_Group_SIDMember] where MemberSID = @SidMember and Member = @IsMember and GroupID = @GroupId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --REcord not found End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = appGroup.Name, @parentGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @GroupId -- generate an audit IF @IsMember = 1 EXEC [AzMan_SP_GenerateMemberAudit] @Return, 5, -- 5 for SE_AUDITID_AZ_SQL_MEMBER_REMOVE 5, -- 5 for group @parentName, @parentGuid, N'', @SidMember, 1, -- 1 for member N'' -- no other info ELSE EXEC [AzMan_SP_GenerateMemberAudit] @Return, 5, -- 5 for SE_AUDITID_AZ_SQL_MEMBER_REMOVE 5, -- 5 for group @parentName, @parentGuid, N'', @SidMember, 0, -- 0 for non-member N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplicationGroup_Multi_SidMembers_Internal] ( @Return [int] output , @GroupId [int] -- ID Of Application Group , @IsMember [bit] = 1 , @SidMembers varbinary (4000) ) As DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On -- SidMembers are aggregated binary data in the following format: -- The first 4 bytes is a delete/add flag (0/1); the following 4 bytes is the size of the SID, -- followed by the actual SID. The over-usage of these pieces of data is for ease of parsing -- Using string to represent such encoding, the following example which encodes 3 SIDs -- of length 24, 36, and 48 in turn, and the second one is a delete -- 00010024NNNNNNNNN00000036NNNNNNNNNN00010048NNNNNNNNNNNNNN -- Insert each one of them Declare @AccessAtObjType [tinyint] Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupId, 5, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End DECLARE @DataLength int DECLARE @SidLength int DECLARE @SidMember varbinary(85) DECLARE @Pos int DECLARE @isAdd int SET @DataLength = DATALENGTH(@SidMembers) Set @Return = 0 Set @Pos = 1 WHILE @DataLength - @Pos > 8 BEGIN SET @isAdd = CAST(SUBSTRING(@SidMembers, @Pos, 1) AS int) SET @Pos = @Pos + 1 SET @SidLength = CAST(SUBSTRING(@SidMembers, @Pos, 1) AS int) SET @Pos = @Pos + 1 -- make sure that we the SidLength is not lying to us! IF @SidLength >= 12 AND @SidLength < 85 AND @DataLength - @Pos >= @SidLength - 1 BEGIN SET @SidMember = CAST(SUBSTRING(@SidMembers, @Pos, @SidLength) AS varbinary) SET @Pos = @Pos + @SidLength -- if NNNN=0, then it means to delete IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzApplicationGroup_Single_SidMember @Return output, @GroupId, @IsMember, @SidMember, @SaclIsOn IF @Return <> 0 Break End ELSE BEGIN Exec AzMan_SPD_AzApplicationGroup_Single_SidMember @Return output, @GroupId, @IsMember ,@SidMember, @SaclIsOn IF @Return <> 0 Break End END ELSE SET @Pos = @DataLength END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplicationGroup_Multi_SidMembers] ( @Return [int] output , @GroupId [int] -- ID Of Application Group , @SidMembers varbinary (4000) ) As Exec AzMan_SPI_AzApplicationGroup_Multi_SidMembers_Internal @Return output, @GroupId, 1 , @SidMembers Return(@Return) go Create Procedure AzMan_SPI_AzApplicationGroup_Multi_SidNonMembers ( @Return [int] output , @GroupId [int] -- ID Of Application Group , @SidMembers varbinary (4000) ) As Exec AzMan_SPI_AzApplicationGroup_Multi_SidMembers_Internal @Return output, @GroupId, 0 , @SidMembers Return(@Return) go Create Procedure [AzMan_SPI_AzApplicationGroup_Single_AppMember] ( @Return [int] output, @GroupId [int] -- ID Of Application Group , @ChildID [int] , @IsMember [bit] = 1 , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @groupName nvarchar(512) DECLARE @groupGuid uniqueidentifier DECLARE @refGroupName nvarchar(512) DECLARE @refGroupGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Group_AppMember] (ChildID, Member, GroupID) VALUES (@ChildID, @IsMember, @GroupId) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 --Generic Error End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @groupName = appGroup.Name, @groupGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @GroupId SELECT @refGroupName = refGroup.Name, @refGroupGuid = refGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] refGroup WHERE refGroup.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 5, -- 5 for application group @groupName, @groupGuid, 5, -- 5 for application group @refGroupName, @refGroupGuid, N'' -- no other info END Set NoCount Off Return @Return GO Create Procedure [AzMan_SPD_AzApplicationGroup_Single_AppMember] ( @Return [int] output, @GroupId [int] -- ID Of Application Group , @ChildID [int] , @IsMember [bit] = 1 , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @groupName nvarchar(512) DECLARE @groupGuid uniqueidentifier DECLARE @refGroupName nvarchar(512) DECLARE @refGroupGuid uniqueidentifier Set @Return = 0 Set NoCount On Delete From [AzMan_Group_AppMember] where ChildID = @ChildID and Member = @IsMember and GroupID = @GroupId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @groupName = appGroup.Name, @groupGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @GroupId SELECT @refGroupName = refGroup.Name, @refGroupGuid = refGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] refGroup WHERE refGroup.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 5, -- 5 for application group @groupName, @groupGuid, 5, -- 5 for application group @refGroupName, @refGroupGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplicationGroup_Multi_AppMembers_Internal] ( @Return [int] output, @GroupId [int] -- ID Of Application Group , @SepChar [char] (1) = "|" , @IsMember [bit] = 1 , @AppMemberIDs [nvarchar] (4000) ) As DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On -- First parse the SidMembers string -- Insert each one of them Declare @AccessAtObjType [tinyint] Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupId, 5, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End DECLARE @AppMember varchar(100), @Pos int DECLARE @iAppMemberID int DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int SET @equal = '=' Set @Return = 0 SET @AppMemberIDs = LTRIM(RTRIM(@AppMemberIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @AppMemberIDs, 1) IF REPLACE(@AppMemberIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @AppMember = LTRIM(RTRIM(LEFT(@AppMemberIDs, @Pos - 1))) Set @iAppMemberID = CAST(@AppMember as int) -- remove the left part (the id) SET @AppMemberIDs = RIGHT(@AppMemberIDs, LEN(@AppMemberIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @AppMemberIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@AppMemberIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iAppMemberID > 0 BEGIN -- if NNNN=0, then it means to delete IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzApplicationGroup_Single_AppMember @Return output, @GroupId, @iAppMemberID , @IsMember, @SaclIsOn if @Return <> 0 Begin Break End End else BEGIN Exec AzMan_SPD_AzApplicationGroup_Single_AppMember @Return output, @GroupId, @iAppMemberID , @IsMember, @SaclIsOn if @Return <> 0 Begin Break End End END SET @AppMemberIDs = RIGHT(@AppMemberIDs, LEN(@AppMemberIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @AppMemberIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzApplicationGroup_Multi_AppMembers] ( @Return [int] output , @GroupId [int] -- ID Of Application Group , @SepChar [char] (1) = "|" , @AppMemberIDs [nvarchar] (4000) ) As Exec AzMan_SPI_AzApplicationGroup_Multi_AppMembers_Internal @Return output, @GroupId, @SepChar, 1 , @AppMemberIDs Return(@Return) go Create Procedure [AzMan_SPI_AzApplicationGroup_Multi_AppNonMembers] ( @Return [int] output , @GroupId [int] -- ID Of Application Group , @SepChar [char] (1) = "|" , @AppMemberIDs [nvarchar] (4000) ) As Exec AzMan_SPI_AzApplicationGroup_Multi_AppMembers_Internal @Return output, @GroupId, @SepChar, 0 , @AppMemberIDs Return(@Return) go Create Procedure [AzMan_SPI_AzRoleAssignment_Single_SidMember] ( @Return [int] output, @RoleId [int] -- ID Of Role , @SidMember varbinary (85) , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Role_SIDMember] (MemberSID, RoleID) VALUES (@SidMember,@RoleId) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount = 0 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 -- General Error End End -- get the info for auditing IF @SaclIsOn = 1 BEGIN SELECT @roleName = Role.Name, @roleGuid = Role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] Role WHERE Role.ID = @RoleId -- generate an audit EXEC [AzMan_SP_GenerateMemberAudit] @Return, 4, -- 4 for SE_AUDITID_AZ_SQL_MEMBER_ASSIGN 6, -- 6 for role @roleName, @roleGuid, N'', @SidMember, 1, -- 1 for member N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzRoleAssignment_Single_SidMember] ( @Return [int] output, @RoleId [int] -- ID Of RoleAssignment , @SidMember varbinary(85) , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @userName nvarchar(512) Set NoCount On Set @Return = 0 Delete From [AzMan_Role_SIDMember] where MemberSID = @SidMember and RoleID = @RoleId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- get the info for auditing IF @SaclIsOn = 1 BEGIN SELECT @roleName = Role.Name, @roleGuid = Role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] Role WHERE Role.ID = @RoleId -- We can't lookup names from SID, but XP can do that SET @userName = '' -- generate an audit EXEC [AzMan_SP_GenerateMemberAudit] @Return, 5, -- 5 for SE_AUDITID_AZ_SQL_MEMBER_REMOVE 6, -- 6 for role @roleName, @roleGuid, N'', @SidMember, 1, -- 1 for member N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Multi_SidMembers] ( @Return [int] output , @RoleId [int] -- ID Of Role Assignment , @SidMembers varbinary (4000) ) As DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Set NoCount On -- First parse the SidMembers string -- Insert each one of them Declare @AccessAtObjType [tinyint] Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleId, 6, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End DECLARE @DataLength int DECLARE @SidLength int DECLARE @Sid varbinary(85) DECLARE @Pos int DECLARE @isAdd int SET @DataLength = DATALENGTH(@SidMembers) Set @Return = 0 Set @Pos = 1 WHILE @DataLength - @Pos > 8 BEGIN SET @isAdd = CAST(SUBSTRING(@SidMembers, @Pos, 1) AS int) SET @Pos = @Pos + 1 SET @SidLength = CAST(SUBSTRING(@SidMembers, @Pos, 1) AS int) SET @Pos = @Pos + 1 -- make sure that we the SidLength is not lying to us! IF @SidLength >= 12 AND @SidLength < 85 AND @DataLength - @Pos >= @SidLength - 1 BEGIN SET @Sid = CAST(SUBSTRING(@SidMembers, @Pos, @SidLength) as varbinary) SET @Pos = @Pos + @SidLength -- if NNNN=0, then it means to delete IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzRoleAssignment_Single_SidMember @Return output, @RoleId, @Sid, @SaclIsOn IF @Return <> 0 Break End ELSE BEGIN Exec AzMan_SPD_AzRoleAssignment_Single_SidMember @Return output, @RoleId, @Sid, @SaclIsOn IF @Return <> 0 Break End END ELSE BEGIN SET @Pos = @DataLength END END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Single_AppMember] ( @Return [int] output, @RoleId [int] -- ID Of Role Assignment , @ChildID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @refGroupName nvarchar(512) DECLARE @refGroupGuid uniqueidentifier Set @Return = 0 Set NoCount On INSERT INTO [AzMan_Role_AppMember] (ChildID, RoleID) VALUES (@ChildID, @RoleId) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1 End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @roleName = role.Name, @roleGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @RoleId SELECT @refGroupName = refGroup.Name, @refGroupGuid = refGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] refGroup WHERE refGroup.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 2, -- 2 for SE_AUDITID_AZ_SQL_REFERENCE_ASSIGN 6, -- 6 for role @roleName, @roleGuid, 5, -- 5 for application group @refGroupName, @refGroupGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzRoleAssignment_Single_AppMember] ( @Return [int] output, @RoleId [int] -- ID Of Role Assignment , @ChildID [int] , @SaclIsOn [bit] ) As DECLARE @RowCount INT, @Error INT DECLARE @roleName nvarchar(512) DECLARE @roleGuid uniqueidentifier DECLARE @refGroupName nvarchar(512) DECLARE @refGroupGuid uniqueidentifier Set @Return = 0 Set NoCount On Delete From [AzMan_Role_AppMember] where ChildID = @ChildID and RoleID = @RoleId SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @roleName = role.Name, @roleGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @RoleId SELECT @refGroupName = refGroup.Name, @refGroupGuid = refGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] refGroup WHERE refGroup.ID = @ChildID -- generate an audit EXEC [AzMan_SP_GenerateObjectAudit] @Return, 3, -- 3 for SE_AUDITID_AZ_SQL_REFERENCE_REMOVE 6, -- 6 for role @roleName, @roleGuid, 5, -- 5 for application group @refGroupName, @refGroupGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPI_AzRoleAssignment_Multi_AppMembers] ( @Return [int] output , @RoleId [int] -- ID Of Role Assignment , @SepChar [char] (1) = "|" , @AppMemberIDs [nvarchar] (4000) ) As Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleId, 6, 1, @SaclIsOn output -- Require Admin Access if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 DECLARE @equal char DECLARE @addOrDelete nvarchar(10) DECLARE @isAdd int SET @equal = '=' Set NoCount On -- First parse the SidMembers string -- Insert each one of them DECLARE @AppMember varchar(100), @Pos int DECLARE @iAppMemberID int SET @AppMemberIDs = LTRIM(RTRIM(@AppMemberIDs))+ @SepChar SET @Pos = CHARINDEX(@equal, @AppMemberIDs, 1) IF REPLACE(@AppMemberIDs, @SepChar, '') <> '' BEGIN WHILE @Pos > 0 BEGIN SET @AppMember = LTRIM(RTRIM(LEFT(@AppMemberIDs, @Pos - 1))) Set @iAppMemberID = CAST(@AppMember as int) -- remove the left part (the id) SET @AppMemberIDs = RIGHT(@AppMemberIDs, LEN(@AppMemberIDs) - @Pos) -- now move to the pipe separator SET @Pos = CHARINDEX(@SepChar, @AppMemberIDs, 1) SET @addOrDelete = LTRIM(RTRIM(LEFT(@AppMemberIDs, @Pos - 1))) Set @isAdd = CAST(@addOrDelete as int) IF @iAppMemberID > 0 BEGIN IF @isAdd <> 0 BEGIN Exec AzMan_SPI_AzRoleAssignment_Single_AppMember @Return output, @RoleId, @iAppMemberID, @SaclIsOn if @Return <> 0 Begin Break End End ELSE BEGIN Exec AzMan_SPD_AzRoleAssignment_Single_AppMember @Return output, @RoleId, @iAppMemberID, @SaclIsOn if @Return <> 0 Begin Break End End END SET @AppMemberIDs = RIGHT(@AppMemberIDs, LEN(@AppMemberIDs) - @Pos) SET @Pos = CHARINDEX(@equal, @AppMemberIDs, 1) END END Done: Set NoCount Off Return(@Return) GO Create Procedure [spDrop_AzMan_Table] as drop table [AzMan_Role_To_Operation_Link] drop table [AzMan_Role_To_Task_Link] drop table [AzMan_Task_To_Task_Link] drop table [AzMan_Task_To_Operation_Link] drop table [AzMan_AzTask] drop table [AzMan_AzOperation] drop table [AzMan_LDAPQuery] drop table [AzMan_BizRule] drop table [AzMan_Group_SIDMember] drop table [AzMan_Group_AppMember] drop table [AzMan_AzApplicationGroup] drop table [AzMan_Role_SIDMember] drop table [AzMan_Role_AppMember] drop table [AzMan_AzRoleAssignment] drop table [AzMan_AzScope_Name] drop table [AzMan_AzScope] drop table [AzMan_AzApplication] drop table [AzMan_AzAuthorizationStore] Return(0) GO ----------------------------Select queries---------------------------------------------- Create Procedure [AzMan_SPS_Get_AzAuthorizationStoreByName] -- Retrieve specific records from the [AzMan_AzAuthorizationStore] table depending on the input parameters you supply. ( @Return [int] output, @Name [nvarchar] (512) ) as Begin DECLARE @RowCount INT, @Error INT DEclare @ID INT select @ID=ID from [AzMan_AzAuthorizationStore] where Name = @Name SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 0, 0, @SaclIsOn output if @Return >= 1 Begin Select [ID] ,[DomainTimeout] ,[ScriptEngineTimeout] ,[MaxScriptEngines] ,[ApplyStoreSacl] ,[GenerateAudits] ,[MajorVersion] ,[MinorVersion] ,[ObjectGuid] ,[TargetMachine] ,[Description] ,[ApplicationData] --,[ChildUpdateTimeStamp] From [AzMan_AzAuthorizationStore] where Name = @Name SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplications] ( @Return [int] output, @StoreID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@StoreID, 0, 0, @SaclIsOn output if @Return <= 0 goto Done Else if @Return = 1 or @Return = 2 Begin Select [ID], [ObjectGuid] , IsNull([ApplyStoreSacl], 0), IsNull([GenerateAudits], 0), IsNull([AuthzInterfaceClsId], 0), IsNull([ApplicationVersion], N''), [Name], IsNull([Description], N''), [ApplicationData] --[ChildUpdateTimeStamp] From [AzMan_AzApplication] where StoreID = @StoreID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End Else if @Return = 3 -- Delegated user Begin -- Get all the child app where the current user has access Select [ID], [ObjectGuid] , [ApplyStoreSacl], [GenerateAudits], [AuthzInterfaceClsId], [ApplicationVersion], [Name], [Description], [ApplicationData] --[ChildUpdateTimeStamp] From [AzMan_AzApplication] where StoreID = @StoreID and ID in ( select ObjectID from [dbo].[Azman_SQLRole] where [dbo].[Azman_SQLRole].[ObjectType] = 1 and is_member([dbo].[Azman_SQLRole].[SQLRoleName]) = 1 ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzApplication] ( @Return [int] output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 1, 0, @SaclIsOn output if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [StoreID], [ApplyStoreSacl], [GenerateAudits], [AuthzInterfaceClsId], [ObjectGuid], [ApplicationVersion], [Name], [Description], [ApplicationData] From [AzMan_AzApplication] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzScope] ( @Return [int] output, @AppID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the App level Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@AppID, 1, 0, @SaclIsOn output if @Return <= 0 goto Done Else if @Return = 1 or @Return = 2 Begin Select [ID], [NameLen], IsNull([HasSpecificUsers], 0) AS HasSpecificUsers, [NameHash], [ObjectGuid] , [Description], [Name], [ApplicationData] From [AzMan_AzScope] where AppID = @AppID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End end Else if @Return = 3 -- Delegated user Begin Select [ID], [NameLen], IsNull([HasSpecificUsers], 0) AS HasSpecificUsers, [NameHash], [ObjectGuid] , [Description], [Name], [ApplicationData] From [AzMan_AzScope] where AppID = @AppID and ID in ( select ObjectID from [dbo].[Azman_SQLRole] where [dbo].[Azman_SQLRole].[ObjectType] = 4 and is_member([dbo].[Azman_SQLRole].[SQLRoleName]) = 1 ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplicationGroup] ( @Return int output, @ParentID int ,@ParentType tinyint ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the parent Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentID, @ParentType, 0, @SaclIsOn output if @Return <= 0 goto Done -- The user either has admin, reader or delegated uset at the parent -- So he can see the groups Else if @Return = 1 or @Return = 2 or @Return = 3 Begin if @ParentType = 0 Begin Select [ID], [GroupType] , [ObjectGuid] , [Name] , ISNULL ( [Description] , N'' ) From [AzMan_AzApplicationGroup] where (StoreID = @ParentID ) and ParentType = @ParentType End else if @ParentType = 1 Begin Select [ID], [GroupType], [ObjectGuid], [Name], ISNULL ( [Description] , N'' ) From [AzMan_AzApplicationGroup] where (AppID = @ParentID ) and ParentType = @ParentType End else if @ParentType = 4 Begin Select [ID], [GroupType], [ObjectGuid], [Name], ISNULL ( [Description] , N'' ) From [AzMan_AzApplicationGroup] where (ScopeID = @ParentID ) and ParentType = @ParentType End SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzTask] ( @Return int output, @ParentID int ,@ParentType tinyint ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the parent Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentID, @ParentType, 0, @SaclIsOn output if @Return <= 0 goto Done -- The user either has admin, reader or delegated uset at the parent -- So he can see the Task Else if @Return = 1 or @Return = 2 or @Return = 3 Begin if @ParentType = 1 Begin Select [ID], [IsRoleDefinition], [ObjectGuid] , [Name] , [Description], [ApplicationData] From [AzMan_AzTask] where AppID = @ParentID End else if @ParentType = 4 Begin Select [ID], [IsRoleDefinition], [ObjectGuid] , [Name] , [Description], [ApplicationData] From [AzMan_AzTask] where ScopeID = @ParentID End else Begin Set @Return = -1 goto Done End SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzTask_Operations] ( @Return int output, @TaskID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the Task Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@TaskID, 3, 0, @SaclIsOn output if @Return <= 0 goto Done -- The user either has admin, reader or delegated user at the parent -- So he can see the task Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From [AzMan_Task_To_Operation_Link] INNER JOIN AzMan_AzOperation ON [AzMan_Task_To_Operation_Link].[OperationID] = AzMan_AzOperation.ID where TaskID = @TaskID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzTask_Tasks] ( @Return int output, @TaskID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the Task Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@TaskID, 3, 0, @SaclIsOn output if @Return <= 0 goto Done -- The user either has admin, reader or delegated user at the parent -- So he can see the task Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From [AzMan_Task_To_Task_Link] INNER JOIN AzMan_AzTask ON [AzMan_Task_To_Task_Link].[ChildID] = AzMan_AzTask.ID where [AzMan_Task_To_Task_Link].[TaskID] = @TaskID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzRoleAssignment_Tasks] ( @Return int output, @RoleID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the Role Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleID, 6, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated uset at the parent -- So he can see the Role Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From [AzMan_Role_To_Task_Link] INNER JOIN AzMan_AzTask ON [TaskID] = AzMan_AzTask.ID where [RoleID] = @RoleID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return (@Return) GO Create Procedure [AzMan_SPS_Enum_AzRoleAssignment_Operations] ( @Return int output, @RoleID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the Role Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleID, 6, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see the role Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From [AzMan_Role_To_Operation_Link] INNER JOIN AzMan_AzOperation ON [AzMan_Role_To_Operation_Link].OperationID = AzMan_AzOperation.ID where [RoleID] = @RoleID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzRoleAssignment] ( @Return int output, @ParentID int ,@ParentType tinyint ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the parent Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ParentID, @ParentType, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End Else if @Return = 1 or @Return = 2 or @Return = 3 Begin if @ParentType = 1 Begin Select [ID], [ObjectGuid] , [Name], [Description], [ApplicationData] From [AzMan_AzRoleAssignment] where AppID = @ParentID and ParentType = @ParentType End else if @ParentType = 4 Begin Select [ID], [ObjectGuid] , [Name], [Description], [ApplicationData] From [AzMan_AzRoleAssignment] where ScopeID = @ParentID and ParentType = @ParentType End else Begin Set @Return = -1 goto Done End SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure AzMan_SPS_Get_AzApplicationGroup ( @Return int output, @ID int ) as DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End Else if @Return = 1 or @Return = 2 or @Return = 3 BEGIN Begin Select [GroupType], [ObjectGuid] , [Name], IsNull([Description], N'') From [AzMan_AzApplicationGroup] where [ID] = @ID End SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Set @Return = @Error else Set @Return = 0 END Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzApplicationGroup_BizruleInfo] ( @Return int output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [BizRuleLanguage], [BizRuleImportedPath] , [BizRule] From [AzMan_BizRule] where ParentId = @ID and ParentType = 5 and ID in ( Select [BizRuleID] From [AzMan_BizRule_To_Group] where [GroupID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzTask_BizruleInfo] ( @Return int output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 3, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Set @Return = 0 Select [BizRuleLanguage], [BizRuleImportedPath] , [BizRule] From [AzMan_BizRule] where ParentId = @ID and ParentType = 3 and ID in ( Select [BizRuleID] From [AzMan_BizRule_To_Task] where [TaskID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzApplicationGroup_LDAPQuery] ( @Return int output, @GroupID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Set @Return = 0 Select [LdapQuery] From [AzMan_LDAPQuery] where GroupID = @GroupID and ID in ( Select [LdapQueryID] From [AzMan_AzApplicationGroup] where ID = @GroupID ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplicationGroup_SIDMembers] ( @Return int output, @GroupID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Group -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [MemberSID] From [AzMan_Group_SIDMember] where GroupID = @GroupID and [Member] = 1 SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplicationGroup_SIDNonMembers] ( @Return int output, @GroupID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Group -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [MemberSID] From [AzMan_Group_SIDMember] where GroupID = @GroupID and [Member] = 0 SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplicationGroup_AppMembers] ( @Return int output, @GroupID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Group -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From AzMan_AzApplicationGroup where ID in ( Select ChildID from AzMan_Group_AppMember where GroupID = @GroupID and [Member] = 1 ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzApplicationGroup_AppNonMembers] ( @Return int output, @GroupID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@GroupID, 5, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Group -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From AzMan_AzApplicationGroup where ID in ( Select ChildID from AzMan_Group_AppMember where GroupID = @GroupID and [Member] = 0 ) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzRoleAssignment_SIDMembers] ( @Return int output, @RoleID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleID, 6, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Role -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [MemberSID] From [AzMan_Role_SIDMember] where RoleID = @RoleID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzRoleAssignment_AppMembers] ( @Return int output, @RoleID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@RoleID, 6, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the Role -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] From AzMan_AzApplicationGroup where ID IN ( select ChildID from [AzMan_Role_AppMember] where RoleID = @RoleID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) go Create Procedure [AzMan_SPS_Get_AzScope] ( @Return int output, @ScopeID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ScopeID, 4, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the App -- So he can see this object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [AppID], [NameLen], IsNull([HasSpecificUsers], 0) AS HasSpecificUsers, [NameHash], [ObjectGuid] , [Description], [Name], [ApplicationData] From [AzMan_AzScope] where ID = @ScopeID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Enum_AzOperation] ( @Return int output, @AppID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at the Application Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@AppID, 1, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the App -- So he can see the operations Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ID], [OperationID], [ObjectGuid] , [Name], [Description], [ApplicationData] From [AzMan_AzOperation] where AppID = @AppID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = 0 End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzOperation] ( @Return int output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 2, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see the operation Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [OperationID], [ObjectGuid] , [Name] , [Description], [ApplicationData] From [AzMan_AzOperation] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return (@Return) GO Create Procedure [AzMan_SPS_Get_AzTask] ( @Return int output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 3, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see the object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [IsRoleDefinition], [ObjectGuid] , [Name], [Description], [ApplicationData] From [AzMan_AzTask] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return(@Return) GO Create Procedure [AzMan_SPS_Get_AzRoleAssignment] ( @Return int output, @ID int ) as Begin DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- we don't care about SACL (0 for the second last parameter) -- Check access at object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 6, 0, @SaclIsOn output if @Return <= 0 Begin goto Done End -- The user either has admin, reader or delegated user at the parent -- So he can see the object Else if @Return = 1 or @Return = 2 or @Return = 3 Begin Select [ObjectGuid] , [Name] , [Description], [ApplicationData] From [AzMan_AzRoleAssignment] where ID = @ID SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT if @Error <> 0 Begin Set @Return = @Error End else Begin If @RowCount = 0 Begin Set @Return = -1168 --Record not found End End End End Done: Return (@Return) GO -- Delete Queries Create Procedure [AzMan_SPD_AzOperation] -- Delete a specific record from table [AzMan_AzOperation] ( @Return int output, @ID [int] ,@AppId [int] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 2, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = App.Name, @parentGuid = App.ObjectGuid FROM [dbo].[AzMan_AzApplication] App WHERE App.ID = @AppId SELECT @childName = Op.Name, @childGuid = Op.ObjectGuid FROM [dbo].[AzMan_AzOperation] Op WHERE Op.ID = @ID END Delete From [dbo].[AzMan_AzOperation] Where ((@ID Is Null) Or ([ID] = @ID)) And ((@AppId Is Null) Or ([AppID] = @AppId)) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE 1, -- 1 for application @parentName, @parentGuid, 2, -- 2 for Operation @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzScope] -- Delete a specific record from table [AzMan_AzScope] ( @Return int output, @ID [int] ,@AppId [int] = Null ) As DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier Set NoCount On DECLARE @RowCount INT, @Error INT Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 4, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = App.Name, @parentGuid = App.ObjectGuid FROM [dbo].[AzMan_AzApplication] App WHERE App.ID = @AppId SELECT @childName = scope.Name, @childGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ID END Delete From [dbo].[AzMan_AzScope] Where ((@ID Is Null) Or ([ID] = @ID)) And ((@AppId Is Null) Or ([AppID] = @AppId)) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE 1, -- 1 for application @parentName, @parentGuid, 4, -- 4 for scope @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzApplication] -- Delete a specific record from table [AzMan_AzApplication] ( @Return int output, @ID [int] -- for [AzMan_AzApplication].[ID] column ,@StoreId [int] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 1, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = store.Name, @parentGuid = store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID = @StoreId SELECT @childName = app.Name, @childGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ID END Delete From [dbo].[AzMan_AzApplication] Where ((@ID Is Null) Or ([ID] = @ID)) And ((@StoreId Is Null) Or ([StoreID] = @StoreId)) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE 0, -- 0 for store @parentName, @parentGuid, 1, -- 1 for application @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzAuthorizationStore] -- Delete a specific record from table [AzMan_AzAuthorizationStore] ( @Return int output, @ID [int] ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 0, 1, @SaclIsOn output -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @parentName = store.Name, @parentGuid = store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID = @ID END if @Return <> 1 Begin if (@Return >= 2) Set @Return = -5 End ELSE Begin Set @Return = 0 Delete From [dbo].[AzMan_AzAuthorizationStore] Where ((@ID Is Null) Or ([ID] = @ID)) End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE 0, -- 0 for store @parentName, @parentGuid, 0, -- 0 for store @parentName, @parentGuid, N'' -- no other info END Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzApplicationGroup] -- Delete a specific record from table [AzMan_AzApplicationGroup] ( @Return int output, @ID [int] ,@ParentId [int] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier DECLARE @ParentType tinyint Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 5, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ParentType = appGroup.ParentType, @childName = appGroup.Name, @childGuid = appGroup.ObjectGuid FROM [dbo].[AzMan_AzApplicationGroup] appGroup WHERE appGroup.ID = @ID IF @ParentType = 0 -- store SELECT @parentName = store.Name, @parentGuid = store.ObjectGuid FROM [dbo].[AzMan_AzAuthorizationStore] store WHERE store.ID = @ParentId ELSE IF @ParentType = 1 -- app SELECT @parentName = app.Name, @parentGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId ELSE IF @ParentType = 4 -- scope SELECT @parentName = scope.Name, @parentGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END Delete From [dbo].[AzMan_AzApplicationGroup] Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE @ParentType, @parentName, @parentGuid, 5, -- 5 for group @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzTask] -- Delete a specific record from table [AzMan_AzTask] ( @Return int output, @ID [int] ,@ParentId [int] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier DECLARE @ParentType tinyint Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 3, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ParentType = task.ParentType, @childName = task.Name, @childGuid = task.ObjectGuid FROM [dbo].[AzMan_AzTask] task WHERE task.ID = @ID IF @ParentType = 1 -- app SELECT @parentName = app.Name, @parentGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId ELSE IF @ParentType = 4 -- scope SELECT @parentName = scope.Name, @parentGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END Delete From [dbo].[AzMan_AzTask] Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE @ParentType, @parentName, @parentGuid, 3, -- 3 for task @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO Create Procedure [AzMan_SPD_AzRoleAssignment] -- Delete a specific record from table ( @Return int output, @ID [int] ,@ParentId [int] = Null ) As Set NoCount On DECLARE @RowCount INT, @Error INT DECLARE @parentName nvarchar(512) DECLARE @parentGuid uniqueidentifier DECLARE @childName nvarchar(512) DECLARE @childGuid uniqueidentifier DECLARE @ParentType tinyint Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 -- Check access at this object Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, 6, 1, @SaclIsOn output if @Return <> 1 Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End Set @Return = 0 -- get info for auditing IF @SaclIsOn = 1 BEGIN SELECT @ParentType = role.ParentType, @childName = role.Name, @childGuid = role.ObjectGuid FROM [dbo].[AzMan_AzRoleAssignment] role WHERE role.ID = @ID IF @ParentType = 1 -- app SELECT @parentName = app.Name, @parentGuid = app.ObjectGuid FROM [dbo].[AzMan_AzApplication] app WHERE app.ID = @ParentId ELSE IF @ParentType = 4 -- scope SELECT @parentName = scope.Name, @parentGuid = scope.ObjectGuid FROM [dbo].[AzMan_AzScope] scope WHERE scope.ID = @ParentId END Delete From [dbo].[AzMan_AzRoleAssignment] Where ([ID] = @ID) SELECT @Error = @@ERROR, @RowCount = @@ROWCOUNT If @RowCount <> 1 Begin if @Error <> 0 Begin Set @Return = @Error End else Begin Set @Return = -1168 --Record not found End End -- generate an audit IF @SaclIsOn = 1 BEGIN EXEC [AzMan_SP_GenerateObjectAudit] @Return, 1, -- 1 for SE_AUDITID_AZ_SQL_OBJECT_DELETE @ParentType, @parentName, @parentGuid, 6, -- 6 for role @childName, @childGuid, N'' -- no other info END Done: Set NoCount Off Return(@Return) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzAuthorizationStoreUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzAuthorizationStoreUpdateTimeStamp GO -- query the timestamps of a store CREATE PROCEDURE AzMan_SPS_Enum_AzAuthorizationStoreUpdateTimeStamp ( @ReturnCode int output, @storeID int ) AS SELECT @ReturnCode = 0 SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0), IsNull([ChildUpdateTimeStamp], 0) FROM [AzMan_AzAuthorizationStore] WHERE [ID] = @storeID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzApplicationUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzApplicationUpdateTimeStamp GO -- query the timestamps of applications CREATE PROCEDURE AzMan_SPS_Enum_AzApplicationUpdateTimeStamp ( @ReturnCode int output, @storeID int ) AS SELECT @ReturnCode = 0 SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0), IsNull([ChildUpdateTimeStamp], 0) FROM [AzMan_AzApplication] WHERE [StoreID] = @storeID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzScopeUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzScopeUpdateTimeStamp GO -- query the timestamps of scopes CREATE PROCEDURE AzMan_SPS_Enum_AzScopeUpdateTimeStamp ( @ReturnCode int output, @appID int ) AS SELECT @ReturnCode = 0 SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0), IsNull([ChildUpdateTimeStamp], 0) FROM [AzMan_AzScope] WHERE [AppID] = @appID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzApplicationGroupUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzApplicationGroupUpdateTimeStamp GO -- query the timestamps of application groups CREATE PROCEDURE AzMan_SPS_Enum_AzApplicationGroupUpdateTimeStamp ( @ReturnCode int output, @parentID int, @parentType tinyint ) AS SELECT @ReturnCode = 0 IF (@parentType = 0) SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzApplicationGroup] WHERE [StoreID] = @parentID IF (@parentType = 1) SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzApplicationGroup] WHERE [AppID] = @parentID IF (@parentType = 4) SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzApplicationGroup] WHERE [ScopeID] = @parentID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzOperationUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzOperationUpdateTimeStamp GO -- query the timestamps of operations CREATE PROCEDURE AzMan_SPS_Enum_AzOperationUpdateTimeStamp ( @ReturnCode int output, @appID int ) AS SELECT @ReturnCode = 0 SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzOperation] WHERE [AppID] = @appID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzRoleAssignmentUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzRoleAssignmentUpdateTimeStamp GO -- query the timestamps of roles CREATE PROCEDURE AzMan_SPS_Enum_AzRoleAssignmentUpdateTimeStamp ( @ReturnCode int output, @parentID int, @parentType tinyint ) AS SELECT @ReturnCode = 0 IF (@parentType = 1) SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzRoleAssignment] WHERE [AppID] = @parentID ELSE SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzRoleAssignment] WHERE [ScopeID] = @parentID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Enum_AzTaskUpdateTimeStamp' and type = 'P') DROP PROCEDURE AzMan_SPS_Enum_AzTaskUpdateTimeStamp GO -- query the timestamps of tasks CREATE PROCEDURE AzMan_SPS_Enum_AzTaskUpdateTimeStamp ( @ReturnCode int output, @parentID int, @parentType tinyint ) AS SELECT @ReturnCode = 0 IF (@parentType = 1) SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzTask] WHERE [AppID] = @parentID ELSE SELECT [ID], [ObjectGuid], IsNull([RowUpdateTimeStamp], 0) FROM [AzMan_AzTask] WHERE [ScopeID] = @parentID Return(@@RowCount) GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_SQLRole' and type = 'P') DROP PROCEDURE AzMan_SPD_SQLRole GO CREATE PROCEDURE AzMan_SPD_SQLRole ( @Return [int] output, @SQLRoleName [nvarchar] (64) ) AS DECLARE @Ret [int] DECLARE @member [nvarchar] (64) DECLARE roleMember_cursor CURSOR FOR ( select u.name from sysusers u, sysusers g, sysmembers m where g.name = @SQLRoleName and g.uid = m.groupuid and g.issqlrole = 1 and u.uid = m.memberuid ) OPEN roleMember_cursor FETCH NEXT FROM roleMember_cursor INTO @member WHILE @@FETCH_STATUS = 0 BEGIN EXEC @Ret = sp_droprolemember @SQLRoleName, @member FETCH NEXT FROM roleMember_cursor INTO @member END Close roleMember_cursor DEALLOCATE roleMember_cursor Set @Return = -1 Exec @Ret = sp_droprole @SQLRoleName if @Ret <> 0 Begin Set @Return = -1 End Else Begin Set @Return = 0 End Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_All_SQLRole_ForObject' and type = 'P') DROP PROCEDURE AzMan_SPD_All_SQLRole_ForObject GO CREATE PROCEDURE AzMan_SPD_All_SQLRole_ForObject ( @Return [int] output, @ID [int], @ObjectType [tinyint] ) AS DECLARE @uid [int] DECLARE @SQLRoleName [nvarchar] (64) Set @Return = 0 SELECT @uid = 0 Select @uid=[uid], @SQLRoleName = [SQLRoleName] From [dbo].[Azman_SQLRole] where [ObjectID] = @ID and [ObjectType] = @ObjectType and [RoleType] = 1 IF @uid <> 0 Begin Exec AzMan_SPD_SQLRole @Return output, @SQLRoleName End SELECT @uid = 0 Select @uid=[uid], @SQLRoleName = [SQLRoleName] From [dbo].[Azman_SQLRole] where [ObjectID] = @ID and [ObjectType] = @ObjectType and [RoleType] = 2 IF @uid <> 0 Begin Exec AzMan_SPD_SQLRole @Return output, @SQLRoleName End set @uid = 0 Select @uid=[uid], @SQLRoleName = [SQLRoleName] From [dbo].[Azman_SQLRole] where [ObjectID] = @ID and [ObjectType] = @ObjectType and [RoleType] = 3 IF @uid <> 0 Begin Exec AzMan_SPD_SQLRole @Return output, @SQLRoleName End if @Return = 0 Begin DELETE Azman_SQLRole WHERE [ObjectID] = @ID AND [ObjectType] = @ObjectType Set @Return = 0 End Done: Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPD_SQLRole_ForObject' and type = 'P') DROP PROCEDURE AzMan_SPD_SQLRole_ForObject GO CREATE PROCEDURE AzMan_SPD_SQLRole_ForObject ( @Return [int] output, @ID [int], @ObjectType [tinyint], @DeleteFlag [int] -- bitwise pattern. 0x0001 for deleting only self, 0x0002 for deleting only children ) AS SET NOCOUNT ON DECLARE @SQLRoleName [nvarchar] (64) Declare @AccessAtObjType [tinyint] DECLARE @SaclIsOn [bit] Declare @DbName [nvarchar] (255) Set @SaclIsOn = 0 Set @Return = -1 -- such role deletion audit will be generated by the object deletion. -- so we don't care about SACL (second last parameter) here Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, @ObjectType, 0, @SaclIsOn output if @Return <> 1 Begin -- if the object is deleted we will ignore as we still want to delete all the roles for the object if @Return = -1168 Begin Set @Return = 0 End Else Begin if (@Return >= 2) Begin Set @Return = -5 End goto Done End End -- our deletion flag will switch to delete all because we only need -- to make sure that the acting container object's roles are not deleted -- so that the user still has access -- if we are instructed to delete sub-container's roles if (@DeleteFlag & 2) <> 0 begin -- for applications or stores, we also need to delete the sub-container's roles DECLARE @locReturn int -- we have to press on for this action. No rollback IF @ObjectType = 0 BEGIN DECLARE @AppID int DECLARE app_cursor CURSOR FOR ( select App.ID FROM AzMan_AzApplication App WHERE App.StoreID = @ID ) OPEN app_cursor FETCH NEXT FROM app_cursor INTO @AppID WHILE @@FETCH_STATUS = 0 BEGIN -- now call recursively to delete the app's roles EXEC AzMan_SPD_SQLRole_ForObject @locReturn output, @AppID, 1, 3 FETCH NEXT FROM app_cursor INTO @AppID END Close app_cursor DEALLOCATE app_cursor END ELSE IF @ObjectType = 1 BEGIN DECLARE @ScopeID int DECLARE scope_cursor CURSOR FOR ( select Scope.ID FROM AzMan_AzScope Scope WHERE Scope.AppID = @ID ) OPEN scope_cursor FETCH NEXT FROM scope_cursor INTO @ScopeID WHILE @@FETCH_STATUS = 0 BEGIN -- now call recursively to delete the app's roles EXEC AzMan_SPD_SQLRole_ForObject @locReturn output, @ScopeID, 4, 3 FETCH NEXT FROM scope_cursor INTO @ScopeID END Close scope_cursor DEALLOCATE scope_cursor END end -- if we are instructed to delete the self roles if (@DeleteFlag & 1) <> 0 begin If Is_Member('db_owner') = 1 or Is_Member('db_securityadmin') = 1 Begin exec AzMan_SPD_All_SQLRole_ForObject @Return output , @ID, @ObjectType End else begin Set @DbName = db_name() Exec master.dbo.xp_AzManDeleteRole @Return output, @ID, @ObjectType, @DbName End end Done: SET NOCOUNT OFF Return @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SPS_Get_ObjectSecurityOption' and type = 'P') DROP PROCEDURE AzMan_SPS_Get_ObjectSecurityOption GO CREATE PROCEDURE AzMan_SPS_Get_ObjectSecurityOption ( @Return [int] output, @AccessAtObjType [tinyint] output, @ID [int], @ObjectType [tinyint], @UserType [int] output ) AS DECLARE @SaclIsOn [bit] Set @SaclIsOn = 0 SET @Return = -5 SET @UserType = 0 -- illegal users IF @ObjectType = 0 OR @ObjectType = 1 OR @ObjectType = 4 BEGIN -- no need to know that SACL (Second last parameter) Exec AzMan_SP_AccessCheck @Return output, @AccessAtObjType output,@ID, @ObjectType, 0, @SaclIsOn output IF @Return >= 1 AND @Return <= 3 BEGIN SET @UserType = @Return SET @Return = 0 END END RETURN @Return GO IF EXISTS (SELECT name FROM sysobjects WHERE name = 'AzMan_SP_Grant_Permission' and type = 'P') DROP PROCEDURE AzMan_SP_Grant_Permission GO CREATE PROCEDURE AzMan_SP_Grant_Permission AS grant execute on AzMan_SP_GetSQLRole to public grant execute on AzMan_SPI_SQLRole to public --AzMan_SPI_Add_User_To_SQLRole grant execute on AzMan_SPI_Add_User_To_Role to public --AzMan_SPD_User_From_SQLRole grant execute on AzMan_SPD_User_From_Role to public --AzMan_SP_Get_Object_Path_For_Container --AzMan_SP_Get_Object_Path --AzMan_SP_AccessCheck_For_Container --AzMan_SP_AccessCheck grant execute on AzMan_SPS_Get_StoreIDByName to public --AzMan_SP_Check_Dup_Task --AzMan_SP_Check_Dup_RoleAssignment --AzMan_SP_Check_Dup_Application --AzMan_SP_Check_Dup_Scope --AzMan_SP_Check_Dup_Operation --AzMan_SP_Check_Dup_Group_For_Given_Parent --AzMan_SP_Check_Dup_Group grant execute on AzMan_SPI_AzAuthorizationStore to public grant execute on AzMan_SPI_AzApplication to public grant execute on AzMan_SPU_AzApplication to public grant execute on AzMan_SPI_AzScope to public grant execute on AzMan_SPI_AzOperation to public grant execute on AzMan_SPI_AzApplicationGroup to public grant execute on AzMan_SPI_AzTask to public --AzMan_SPI_AzTask_Single_Operation --AzMan_SPD_AzTask_Single_Operation grant execute on AzMan_SPI_AzTask_Multi_Operations to public --AzMan_SPI_AzRoleAssignment_Single_Operation --AzMan_SPD_AzRoleAssignment_Single_Operation grant execute on AzMan_SPI_AzRoleAssignment_Multi_Operations to public --AzMan_SPI_AzTask_Single_Task --AzMan_SPD_AzTask_Single_Task grant execute on AzMan_SPI_AzTask_Multi_Tasks to public --AzMan_SPI_AzRoleAssignment_Single_Task --AzMan_SPD_AzRoleAssignment_Single_Task grant execute on AzMan_SPI_AzRoleAssignment_Multi_Tasks to public grant execute on AzMan_SPI_AzRoleAssignment to public grant execute on AzMan_SPU_AzAuthorizationStore to public grant execute on AzMan_SPU_AzScope to public grant execute on AzMan_SPU_AzOperation to public grant execute on AzMan_SPU_AzApplicationGroup to public grant execute on AzMan_SPU_AzTask to public grant execute on AzMan_SPU_AzRoleAssignment to public grant execute on AzMan_SPIU_AzApplicationGroup_LDAPQuery to public grant execute on AzMan_SPIU_Bizrule to public grant execute on AzMan_SPIU_AzApplicationGroup_Bizrule to public grant execute on AzMan_SPIU_AzTask_Bizrule to public --AzMan_SPI_AzApplicationGroup_Single_SidMember --AzMan_SPD_AzApplicationGroup_Single_SidMember grant execute on AzMan_SPI_AzApplicationGroup_Multi_SidMembers to public grant execute on AzMan_SPI_AzApplicationGroup_Multi_SidNonMembers to public --AzMan_SPI_AzApplicationGroup_Single_AppMember --AzMan_SPD_AzApplicationGroup_Single_AppMember grant execute on AzMan_SPI_AzApplicationGroup_Multi_AppMembers to public grant execute on AzMan_SPI_AzApplicationGroup_Multi_AppNonMembers to public --AzMan_SPI_AzRoleAssignment_Single_SidMember --AzMan_SPD_AzRoleAssignment_Single_SidMember grant execute on AzMan_SPI_AzRoleAssignment_Multi_SidMembers to public -- AzMan_SPI_AzRoleAssignment_Single_AppMember -- AzMan_SPD_AzRoleAssignment_Single_AppMember grant execute on AzMan_SPI_AzRoleAssignment_Multi_AppMembers to public -- spDrop_AzMan_Table grant execute on AzMan_SPS_Get_AzAuthorizationStoreByName to public grant execute on AzMan_SPS_Enum_AzApplications to public grant execute on AzMan_SPS_Get_AzApplication to public --AzMan_SPS_Get_AzApplication_AppData --AzMan_SPS_Get_AzScope_AppData --AzMan_SPS_Get_AzAuthorizationStore_AppData grant execute on AzMan_SPS_Enum_AzScope to public grant execute on AzMan_SPS_Enum_AzApplicationGroup to public grant execute on AzMan_SPS_Enum_AzTask to public grant execute on AzMan_SPS_Enum_AzTask_Operations to public grant execute on AzMan_SPS_Enum_AzTask_Tasks to public grant execute on AzMan_SPS_Enum_AzRoleAssignment_Tasks to public grant execute on AzMan_SPS_Enum_AzRoleAssignment_Operations to public grant execute on AzMan_SPS_Enum_AzRoleAssignment to public grant execute on AzMan_SPS_Get_AzApplicationGroup to public grant execute on AzMan_SPS_Get_AzApplicationGroup_BizruleInfo to public grant execute on AzMan_SPS_Get_AzTask_BizruleInfo to public grant execute on AzMan_SPS_Get_AzApplicationGroup_LDAPQuery to public grant execute on AzMan_SPS_Enum_AzApplicationGroup_SIDMembers to public grant execute on AzMan_SPS_Enum_AzApplicationGroup_SIDNonMembers to public grant execute on AzMan_SPS_Enum_AzApplicationGroup_AppMembers to public grant execute on AzMan_SPS_Enum_AzApplicationGroup_AppNonMembers to public grant execute on AzMan_SPS_Enum_AzRoleAssignment_SIDMembers to public grant execute on AzMan_SPS_Enum_AzRoleAssignment_AppMembers to public grant execute on AzMan_SPS_Get_AzScope to public grant execute on AzMan_SPS_Enum_AzOperation to public grant execute on AzMan_SPS_Get_AzOperation to public grant execute on AzMan_SPS_Get_AzTask to public grant execute on AzMan_SPS_Get_AzRoleAssignment to public grant execute on AzMan_SPD_AzOperation to public grant execute on AzMan_SPD_AzScope to public grant execute on AzMan_SPD_AzApplication to public grant execute on AzMan_SPD_AzAuthorizationStore to public grant execute on AzMan_SPD_AzApplicationGroup to public grant execute on AzMan_SPD_AzTask to public grant execute on AzMan_SPD_AzRoleAssignment to public grant execute on AzMan_SPD_SQLRole_ForObject to public grant execute on AzMan_SPS_Enum_AzAuthorizationStoreUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzApplicationUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzScopeUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzApplicationGroupUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzOperationUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzRoleAssignmentUpdateTimeStamp to public grant execute on AzMan_SPS_Enum_AzTaskUpdateTimeStamp to public grant execute on AzMan_SP_GenerateObjectAudit to public grant execute on AzMan_SP_GenerateMemberAudit to public grant execute on AzMan_SP_GenerateGenericAudit to public grant execute on AzMan_SPS_Get_ObjectSecurityOption to public grant execute on AzMan_SPS_Get_DBOwners to public grant execute on AzMan_SPS_Get_Role_For_Object to public grant execute on AzMan_SP_GetRoleMemberCount to public grant execute on AzMan_SPI_SQLRole_From_XP to dbo grant execute on AzMan_SPD_All_SQLRole_ForObject to dbo grant execute on AzMan_SPD_User_From_SQLRole_From_XP to dbo grant execute on AzMan_SPI_Add_User_To_SQLRole_From_XP to dbo grant execute on AzMan_SPU_SqlRoleUpdated to public grant execute on AzMan_SPI_Create_SqlRole_For_Object to public GO IF not EXISTS (SELECT name FROM sysobjects WHERE name = 'AzGenerateAudit' and type = 'X') exec sp_addextendedproc 'AzGenerateAudit', 'AzSqlExt.dll' GO IF not EXISTS (SELECT name FROM sysobjects WHERE name = 'xp_AzManAddUserToRole' and type = 'X') exec sp_addextendedproc 'xp_AzManAddUserToRole', 'AzSqlExt.dll' GO IF not EXISTS (SELECT name FROM sysobjects WHERE name = 'xp_AzManRemoveUserFromRole' and type = 'X') exec sp_addextendedproc 'xp_AzManRemoveUserFromRole', 'AzSqlExt.dll' GO IF not EXISTS (SELECT name FROM sysobjects WHERE name = 'xp_AzManDeleteRole' and type = 'X') exec sp_addextendedproc 'xp_AzManDeleteRole', 'AzSqlExt.dll' GO IF not EXISTS (SELECT name FROM sysobjects WHERE name = 'xp_AzManAddRole' and type = 'X') exec sp_addextendedproc 'xp_AzManAddRole', 'AzSqlExt.dll' GO grant execute on AzGenerateAudit to public grant execute on xp_AzManAddUserToRole to public grant execute on xp_AzManRemoveUserFromRole to public grant execute on xp_AzManDeleteRole to public grant execute on xp_AzManAddRole to public MSFT A)W d,X Lx@l4` ( T  H t<| ,Pl2$K0TOQ4"Q3H@4" ]`@@(4"]=x@\4"k@Tx(4"tl&@4" u@(4"u @4"|@(4"h}@< 4" h @L (4" 8@| 4" P@ 4(4" 0 h@H PL4"  @ hP4"@:4"L@D4"@ h4"@@`x<4"L@PF4"D@$-4"(@ <(4"@@|\!4"tX@|(4"p@ "4"ؚ@8P4"$@T!4"p@hX'4"ܜ@@4"̞@T(44"@H44"h@(h,4"80@$4" H@$4"!0`@ $&!"ģ h!!#ģ '!$ !%"%Lx!%"&L"0%"'L8"@ !(LbX"0HHxx8hP `(@X0@:>20FF킛jO0EŕJ Bld0{'Mk~SHx^m@kۦ5,`$E.}VEjL<x   0-stdole2.tlbWWW/D.x (D2.|0P"@*.$+h0/ !- 1`1( \'$8&##",+-<-0(L)8!`(d "(0d# &<#l T'l!l,h&L0 /)$*"p+( .th/P/10&-`*81 H%x")21,'H* &+X!H+t)'*$8"0(H 1<$( AZROLESLibWW8E5IAzAuthorizationStoreWWW DescriptionWppbstrDescription2ApplicationDataWpbstrApplicationData 7)DomainTimeoutWWWplPropWWЪScriptEngineTimeoutWMaxScriptEngines-GenerateAuditsWW.pbPropWW(Writable]vpfPropWW mGetPropertyW^lPropIdW varReservedW5pvarProp4 'SetPropertyWIvarPropWAddPropertyItemWDeletePropertyItemWW:PolicyAdministrators RpvarAdminsWW "PolicyReadersWWW pvarReadersWzAddPolicyAdministratorWW VbstrAdminWWW RDeletePolicyAdministratorWWWAddPolicyReaderW bstrReaderWW`JDeletePolicyReaderWW NInitializeWWlFlagsWW ;bstrPolicyURLWWW (UpdateCacheWxDeleteWWd8IAzApplicationsWdzItemIndexWWW pvarObtPtrWWd0vCountWWWplCountWdxA_NewEnum ppEnumPtrWWW nApplicationsppAppCollectionW8uIAzApplicationWWTName spbstrNameWWWAuthzInterfaceClsidWp pbstrPropWWWVersionWQApplyStoreSaclWW, 8IAzScopesWWW2ScopesWWppScopeCollectionWWW8IAzScopep8IAzApplicationGroupskWApplicationGroupsWWWppGroupCollectionWWWX8KIAzApplicationGroupWX\TypeX LdapQueryWWWX 2AAppMembersWWXT AppNonMembersWWWXtMembersWX NonMembersWWXT SpAddAppMember3bstrPropXmDeleteAppMemberWXAddAppNonMemberWXKDeleteAppNonMemberWWX rAddMemberWWWX HDeleteMemberXl 4AddNonMemberXc"DeleteNonMemberWX\SubmitWWX AddMemberNameWWWXFDeleteMemberNameXAddNonMemberNameXHKDeleteNonMemberNameWX$ MembersNameWXV@NonMembersNameWWaOpenApplicationGroup bstrGroupNameWWWVppGroupWF4CreateApplicationGroupWWDeleteApplicationGroupWW8mIAzRolesRolesWWWppRoleCollection 8^.IAzRoleW w;AddTaskW  BDeleteTaskWW  ڑAddOperation ?DeleteOperationW  ~VOperationsWW LTasksWWWSOpenRole bstrRoleName[ppRoleWW XCreateRoleWW KDeleteRoleWW48IAzTasksuMppTaskCollection8pIAzTaskWpMBizRuleW BizRuleLanguageW BizRuleImportedPathW1IsRoleDefinitionObstrOpWW(bstrTaskOpenTask _bstrTaskNameppTaskWW CreateTaskWW ϦCanBeDelegatedWWP QBizrulesWritablepPolicyAdministratorsNamed qPolicyReadersNameWWW$jAddPolicyAdministratorNameWWcDeletePolicyAdministratorNameWWWAddPolicyReaderNameW<>DeletePolicyReaderNameWW DaOpenScopeWWW +bstrScopeNameWWWppScopeW ѓCreateScopeW| ZDeleteScopeWL4 8IAzOperationsWWW BppOperationCollectionWWW 8 IAzOperation tOperationIDW OpenOperationWWW |bstrOperationNameWWW` a9ppOperationW (CreateOperationW48IAzClientContextD AccessCheckWbstrObjectNameWW  YvarScopeNamesWWWt n#varOperationsWWWVvarParameterNamesWWW IvarParameterValuesWWvarInterfaceNamesWWW -varInterfaceFlagsWWW rvarInterfacesWWW pvarResultsW GetBusinessRuleStringWWWXgpbstrBusinessRuleStringWUserDnWW UserSamCompatWWWH AddDelegatedPolicyUserNameWW sDeleteDelegatedPolicyUserNameWWW%OpenApplicationW4 KbstrApplicationNameW( ڃppApplicationWWWCreateApplicationWWWL DeleteApplicationWWW TargetMachineWWW| gpbstrTargetMachineWW opbApplyStoreSacl CloseApplication| OrlFlagWWWx 8IAzAuthorizationStore2WW8lIAzApplication2W@08}mIAzClientContext2WWW@ZGetAssignedScopesPageWWWSPageSizeD BpvarCursorWW ]pvarScopeNamesWW@;AddRolesvarRoles@AddApplicationGroupsdvarApplicationGroups@ fAddStringSidsWWWP varStringSidsWWW@X 3LDAPQueryDNWpbstrLDAPQueryDND!InitializeClientContextFromToken2WWWlulTokenHandleLowPartl~ulTokenHandleHighPartWWWInitializeClientContext2IdentifyingStringWWWxJEOpenApplication2xCreateApplication2WW8IAzAuthorizationStore3WW2IsUpdateNeededWW$PpbIsUpdateNeeded`BizruleGroupSupportedWWW ?pbSupportedWUpgradeStoresFunctionalLevel8lFunctionalLevel!IsFunctionalLevelUpgradeSupportedWWWGetSchemaVersionOplMajorVersionWWplMinorVersionWW$8mIAzApplication3W ScopeExistsWdpbExistWl4 8IAzScope2WWW 8hIAzRoleDefinitionsWWl$ RoleDefinitionsW@ppRoleDefinitionsWWW4 8IAzRoleDefinitionWWW8)IAzRoleAssignmentsWW4pVRoleAssignmentsW |bRecursiveWW~ppRoleAssignmentsWWW4AddRoleDefinitionWWWhIbstrRoleDefinitionWW4D uDeleteRoleDefinitionl8CreateRoleDefinition4bstrRoleDefinitionNameWWlKuOpenRoleDefinitionWW 8IAzRoleAssignmentWWW0ScopeWWWl CreateRoleAssignmentObstrRoleAssignmentNameWW ۮppRoleAssignmentl ]OpenRoleAssignmentWWl ]DeleteRoleAssignment OpenScope2WW&ppScope2T CreateScope2$ JDeleteScope2BizRulesEnabledWP 7pbEnabledWWW`  8 IAzOperation2WWW h8IAzTask2( 8IAzApplicationGroup2 8~mIAzClientContext3WWW \ pAccessCheck2  ]lOperationWWh#AplResult IsInRoleAssignmentWW< ިpbIsInRoleWW < <7GetOperationsWWW (O]GetTasks 88YIAzBizRuleParameters  RAddParameter  bstrParameterNameWWWl:varParameterValueWWW  AddParametersWWW nGetParameterValueWWWpvarParameterValueWW @ϱRemoveWW|]varParameterName RemoveAllWWW QBizRuleParametersWWWppBizRuleParamWWT 8IAzBizRuleInterfacesT  fAddInterface6bstrInterfaceNameWWWh4lInterfaceFlagWW varInterfaceT ´AddInterfacesWWWT &GetInterfaceValueWWW XBizRuleInterfacesWWWppBizRuleInterfacesW $ (`GetGroupsWWW [ulOptionsWWW rpGroupArrayW XSids=pStringSidArrayW 80gIAzBizRuleContextWWW TٍBusinessRuleResultWW +BusinessRuleStringWW  GetParameter @8IAzPrincipalLocatorW 84IAzNameResolverW  V3NameFromSidWHٹbstrSidW_pSidType  %9NamesFromSidsWWWvSidsWWWl XpvSidTypesWWpvNamesW  TNameResolver%ppNameResolverWW `8rIAzObjectPickerWH 8,wireHWND 8_RemotableHandle cfContext|8Z__MIDL_IWinTypes_0009WWWJhInprocW,ZhRemoteW luWWW  5GetPrincipalsWWW 4#hParentWndWW8 lbstrTitleWWWD!ZpvSidsWW t SObjectPickerzppObjectPickerWWt8|AzAuthorizationStore8^AzBizRuleContext<` 8ucAzPrincipalLocatorWW8tagAZ_PROP_CONSTANTS 0`AZ_PROP_NAME0\AZ_PROP_DESCRIPTIONW0-EAZ_PROP_WRITABLE0 AZ_PROP_APPLICATION_DATA0AZ_PROP_CHILD_CREATE0fYAZ_MAX_APPLICATION_NAME_LENGTHWW 0=AZ_MAX_OPERATION_NAME_LENGTH09mAZ_MAX_TASK_NAME_LENGTHW0WAZ_MAX_SCOPE_NAME_LENGTH 0AZ_MAX_GROUP_NAME_LENGTH 0_AZ_MAX_ROLE_NAME_LENGTHW@0$AZ_MAX_NAME_LENGTHWW02AZ_MAX_DESCRIPTION_LENGTHWWW0~bAZ_MAX_APPLICATION_DATA_LENGTHWW0AZ_SUBMIT_FLAG_ABORT0\|AZ_SUBMIT_FLAG_FLUSH0"hAZ_MAX_POLICY_URL_LENGTH!0IAZ_AZSTORE_FLAG_CREATEWW#!0DAZ_AZSTORE_FLAG_MANAGE_STORE_ONLYWWWp0AZ_AZSTORE_FLAG_BATCH_UPDATE8 !0ߏAZ_AZSTORE_FLAG_AUDIT_IS_CRITICALWWW "0pgAZ_AZSTORE_FORCE_APPLICATION_CLOSEWW80AZ_AZSTORE_NT6_FUNCTION_LEVELWWW *0AZ_AZSTORE_FLAG_MANAGE_ONLY_PASSIVE_SUBMITWW%0AZ_PROP_AZSTORE_DOMAIN_TIMEOUTWW!0AZ_AZSTORE_DEFAULT_DOMAIN_TIMEOUTWWW %0DAZ_PROP_AZSTORE_SCRIPT_ENGINE_TIMEOUTWWW0EAZ_AZSTORE_MIN_DOMAIN_TIMEOUTWWW$$0AZ_PROP_APPLICATION_AUTHZ_INTERFACE_CLSIDWWW0U}AZ_PROP_APPLICATION_VERSIONW,!0eAZ_MAX_APPLICATION_VERSION_LENGTHWWW,0AZ_PROP_APPLICATION_NAME&#0EAZ_PROP_APPLICATION_BIZRULE_ENABLEDW8 0 AZ_PROP_APPLY_STORE_SACL@(0AZ_PROP_GENERATE_AUDITSW\-0.AZ_PROP_POLICY_ADMINSWWWl.0AZ_PROP_POLICY_READERSWW %0}AZ_PROP_DELEGATED_POLICY_USERSWW-0]5AZ_PROP_POLICY_ADMINS_NAMEWW$ 04?4@@4A4B4C4D4E4F4XG4YH4I4J4K4L4M4N4O4P4Q4 R4!S4T4"U4#V4W4X4Y4Z4[4\4]4^4_4`4a4@@@@@@@@@ @ @ @ @ @@@@@@@@@@@@@@@@@@@ @!@"@#@$@%@&@'@(@)@*@+@,@-@.@/@0@1@2@3@4@5@6@7@8@9@:@;@<@=@>@?@@@A@B@C@D@E@F@G@H@I@J@K@L@M@N@O@P@Q@R@S@T@U@V@W@X@Y@Z@[@\@]@^@_@`@a@x"""""#<#d#####$<$h$$$$$ %H%x%%% &8&h&&&&,'\''''(@(`((((( )L)t))))*@*`*****$+H+p++++,D,l,,,,-<-\----.<.l....0/h////(0L0|0000 181`11112D2(<Pdx,@Th|0DXl  4H\p$8L`t(<Pdx,@Th|0DXl)1 B}8f[΂@t~: FILEREGISTRYTYPELIBMUIMUIen-US0000000 0$0(0,0004080<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|000000000000000000000000000000000111 11111 1$1(1,1014181<1@1D1H1L1P1T1X1\1`1d1h1l1p1t1x1|111111111111111111111111111111111222 22222 2$2(2,2024282<2@2D2H2L2P2T2X2\2`2d2h2l2p2t2x2|222222222222222222222222222222222333 33333 3$3(3,3034383<3@3D3H3L3P3T3X3\3`3d3h3l3p3t3x3|333333333333333333333333333333333444 44444 4$4(4,4044484<4@4D4H4L4P4T4X4\4`4d4h4l4p4t4x4|444444444444444444444444444444444555 55555 5$5(5,5054585<5@5D5H5L5P5T5X5\5`5d5h5l5p5t5x5|555555555555555555555555555555555666 66666 6$6(6,6064686<6@6D6H6L6P6T6X6\6`6d6h6l6p6t6x6|666666666666666666666666666666666777 77777 7$7(7,7074787<7@7D7H7L7P7T7X7\7`7d7h7l7p7t7x7|777777777777777777777777777777777888 88888 8$8(8,8084888<8@8D8H8L8P8T8X8\8`8d8h8l8p8t8x8|888888888888888888888888888888888999 99999 9$9(9,9094989<9@9D9H9L9P9T9X9\9`9d9h9l9p9t9x9|999999999999999999999999999999999::: ::::: :$:(:,:0:4:8:<:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|:::::::::::::::::::::::::::::::::;;; ;;;;; ;$;(;,;0;4;8;<;@;D;H;L;P;T;X;\;`;d;h;l;p;t;x;|;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<<< <<<<< <$<(<,<0<4<8<<<@>> >>>>> >$>(>,>0>4>8><>@>D>H>L>P>T>X>\>`>d>h>l>p>t>x>|>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>??? ????? ?$?(?,?0?4?8?>0><>H>`>l>x>>>>>>>>>??0?i>>>>>>??.?C????0-0?0Q0f00 101t1112m223344444J5j555q6~6666617[77778%838A8O8]88V9999:A:R:^:j:v::;;;<?? 00,0?0#1p1{1111;2K2R2a222233'3^3u3333333 4G4^4x444444525L55555664666666 7S7l7777818W8q88889'9A9g9999::$:q:z:::: ;;<;E;w;;;;;,!>9>D>l>u>737f777868c8888929v999U:::::+;6;J;x;;;;;;< <3#>0>O>^>>>>>?0?6?d???? 00@0m000001H11112E2|22 3v33333333 4+474f4444455D5R5555555)6K6\66666677A7R77777A88888 99k9999&:::::::;;4;L;];l;v;~;;;; >>,>3>?>d>p>{>>>>>>>>???a????0w0000001 11Y1~112f223>3#4Y4q4455%555V555B6667h777 8s8888 9/9J9]9{999+:a:::2;;;;+?W??0011S2233*3P3333424r44444444455!595C55555?6c666A7R7Y7i78!8F8M89>9V999995:H:#;@;};<=:===>>&>>>8?_?w??0O0000d111T2v22K3Z3333404J4W4445#5*51585?555646;6@6g6|6666E777788L8U888888 9q9w9999.:7:~::::: ;%;6;R;;;;;;<>q>w>>>>??X?c????? $0/0h0s00000;1F1111122P2[2222222333 33333 3$3(3,30343@3P3k333333b4h4o44444445U5[5b55555556666666667 7 7\7777788!8888888:::; ;;6V>a>l>~>>>>>>>'?8?D?c?u?????10Z0x0011#1*1K1]1m11112d2n2y2222303\3k3p3v3}333"44"5K5Q5555556636R6e6l6r66666*7N7W77777'868?888889~9999999M:T:z::a;h;;;<= =3=i======>%>A>U>f>v>>>>>>>>? ?!?-?M?d?????? '020\0i0z0001 11-1`1111 2P22223C3s3334]4h44444 535I5i55555 6)6U6667U7778P8x8888889M9h99999S:Y:n:y::::G;N;e;;;;<7<>G>u>>>>>>?'?S?g??????0C0I0000001E1112C2s222223,333D3V3~344#434i4444)5Y55556I6y66 77i77778h88889999c9u99999:Y:::;Y;;;<"<50>S>b>u>>>>>?9?P?s??????@050Y0p000000191U1y111122w222222313>3n3t334 4434@4[4r44453595?5~5555556y666667%7I7i777(8?8R8e888939>9S9f999999::3:F:::::::;;.;Z;d;;;;;< <3<>=S=f=====>*>C>N>c>v>>>>?&?J?k?}?????P00#060~000000011^1o1|1111111*242i22222 33r333333;4L4Y4r4z44445:5R5Y5y55555566L6|666 7<7l7777G8|888 9939>9\9o9999 :9:[:b:s:::::;;+;9;Y;i;;;;;<*<;L>|>>> ?3I333333[4a44444 55.5T5y555555&686y666666&767c7m7}7777778+8F8S88888 99!9O9]9{999999::(:P::::%;I;a;h;;;;;;<<">F>>>>>>?C?U?{?????p$90y00091y11232B2T2q2222393O3s33333333434>4W4n4u4{44444455'5>5E5K555555556"646Q6y66667/7\7k7t7778L8}8888889939F9R999999 :#:.:C:V:b:::::;+;C;N;c;v;;;;<&>Y>m>z>>>>>>>&?1?j??????0$0<0C0c0u0000000,1\11112+2S2e222223%3K3s33333 4,4\44445L5|555 6I66666 7)7i777)8i888,9Y9999>:F:|::: ;;3;>;\;o;;;; <.L>|>>>?%?K?s????? 030E0k00000)1i1111122)2L2c2r2222 3I3333G444445$5F5]5}55555 636=6M6S6]6k6666B7L7R7X7q777788;8A8M8S8k8v8888;9A9m999999:%:8:Q:h::::;X;^;=<<<<<<<<>>/>B>\>s>}>>??*?]?f?????0!070H0b0i00001/1E1R1k1w11112 2M2V2223J3S3j3s3z333333I4`4l4w444444444w5 66T6]6A7777799+:4:!;F;n;;;;;<<-<6Z>g>m>r>>>>>?+?F?????0000?0E000011)1@1Q1W11112&2P2g2s2222J3P3Z3q333334444585>5i5t555556=6C6p66666666,7\77777 8<8i888 999m9s9y9999999::@:F:y::::::;L;o;{;;;;;B<<<<==H=_=====->8>O>>>>>>??H?N?T?\?}??????$0>0O0000D1Q11112=2K2q2x22222 3&3>3L3~33333334*4?4E4u444444%575R5X5^55555D6i6n6t6z666666 77)7V7d777778,8W8q888888'9A9Y9d9999 :$:1:::|:::::;;;\;t;;;;;;;<1>L>W>>>>>?!?`>>>>2?Q????H000021O1112^2223H3e3334t444&5^5{55555(666W6c6666677e77788 868G8d888889909b999999::F:o:u::::::&;O;U;o;;;;;>X>^>e>>>>>?.?4?;?{????? 000000n111 244PF:s::::&;F;s;;;;&F>s>>>>&?F?s????&0F0s0000&1F1s1111&2F2s2222&3F3s3333&4F4s4444&5F5s5555&6F6s6666&7F7s77778)848999::I:y::::M;\;;;;9>>>> ??X????? I0O0c00011D111162H2c22222%3Y3333-4<4x44445i5o555546?6d6667V7h777778E8y8888M9\9999:8::::: ;T;_;;;;(m>|>>??3?z?????0%0>0d0z00001R1V22223B3f333 4444444 55B5q5w555F6u67<888888991:z:::: ;k;1->7>F>Y>>>>>>?!?'?J?S?i?r????????@T0H0M0T00000011?1E1U1[1a1f1111122(2.242A2F2222223'353;3@3G3W3_3h3t333333333333444&474B4G4Q4^4g4l4r44444444445 5555!5'5-535:5@5F5L5R5X5^5d5j5o5|55555566/6J6}66%7/7T7x77778k8y8888888J9U9x9999: :':4:=:T:d:::::9;;Zr>>>>>:?B?X?g?s??P0(0P0Y0000G1112!2+2Y2_2y2222223;3P333333'424444455;5B5s5555=6\6b6m666666Z7`777777H8U8[8q888889 99%969<9m9999<<<`h0;0Z083C46666777888/8>889999M::: ;;I;T;;>>>>>>E?T?pA0G0j0p0001+1c111\2g2~22223333P3w3334:5o555556:6C6V6l6q6666667N7g7u77777788&8O8888888939:9A9J9Q9V999999H:w:::;6;V;z;;;;; <'<3)>.>H>c>o>>>>>>>-?5?W??????060U0]0x000000:1b11112282Z2d222222333*3f33333444D4V4k4444444*5T5Y5~55555656:6Y6666667<7b7g777777 8<8b8g88888889.9A9f999999 :+:H:M::::::;#;=;b;;;;;!>(>Q>s>>>>>>???F0Q0q000001!1A1g1111111112[2222223=333333444k444445 5555556=6t66666667 737?7O7[7778828A8N8d88888 9"9J9W99999::?:u::::;!;J;W;{;;;<2<<<<<1==0>>>>?A?J?o?v??0 0!0W0l000011-1U1b11111 242A22222 33.3R33333:44455@5J5\5f5x555555 6636?6b6n6667)7^7l7z77777]88/999P:}:::;'<<2]2c2222 33j3{3333333@4445(5=5L5V5g5v556X66666666R7]77 888 8G8888):J:v::::: ;;;,;C;M;U;f;w;;;;;;;;<>J>R>>??? ????? ?$?N?0;1\1k11111112 2+2B2U2e2l222"3<3I3q3w333v444)55?6E6Y666666N778;8O8899#:=:X:q:::::;=;_;;>,>5>K>t>>>>0?r???0N0001(1e1111222@2`2f22224C5|55666666677 7/797J7T777788 999999%;\;{;;;;;B<|<<=@=G=U=l=s=}=========->a>k>s>>>????0 00(01090F0Q0000000f11 272B2J2o22222 3*303M3u333333$4<4k4u4}444555555616S6]6e66667737=7E7v77778E8888888 9L9h9s9{99999-:7:?:c::: ;5;;;;; <<<<<$=I=Q===??3?;????J0011B1J111@22]3334P44456:6L666666v777<8E888889J9a9999999:::;;*;E;};7>9????L0\0000111111 222(2X2b2223303]3{33;4A4W4]444455-535H5555555 6'6/6m6v668q999 :::::;;;;g??????0L0o01 171=1u1{11112}2a3g3|333!4C4445>5i5555556"6/696`6r666667V77888839j999G:L:Q:d:;<n>>>>?7?g?|????? 0,0B00000001S1n11111252z2222313O33333344C4t444555g6y6Y7u7l88899:9m9s99X:u:::::;%;{;;;>J>P>j>>>>> ???0 000`0k00000p11111111K2l22223?3R3b3344/44444 5*55556 7P78a8l8888999M9u99::`:;;;<<>==o>>>>>>??@d 0M1111 2&2;2k2323333333s44445p666677839E9V99::o;;g<<;=k=#> ?_?v?P000000@1Q1a1p111111L2m2223 3+3G3Z3b3333333 44L4x4455546|6R777778;8I8U8m888888999>5>R>`1o13E4`4d4h4l4p4t4x4|444445/5>5O55 6-6@6Q66666.7p77738L8[8l8889P9995:M:\:m:::;#;`;h;;;<<*<;<<<<<=)=P=X======5>?p2C2244455555 6*6E6u66O778$8.8@8Q8^8o888949O9u99::H:t::::::::;;;O;X;;;<<>>I>>?/?:?M?Z??K0Z0h00000000 141}111122|22222233N3X3333444&4L4d444445(555?5h5555 6+6N6c66666737J7a7n7x7777 8/8889V9]9s9999:1:>::::::: ;;A;K;c;;;;;;>I>_>>>>>?:?k????? 0050000000011112a22222d333334-494a4|445"505l5w555L6T6666)74777778"888=8t8888888909U9a99 :::6:\:b::::: ;>;C;`;e;;;'W>>0?D?e?p????00 1V111102d222222222363V333333334-4r444455;5T5j55555 6(6N6o666666 7/7F7S7b7777778/8H8X8c88888-9?9H999999::6::::;K;`;y;;;;;;)<7F>>>>> ??-?Q?b???? 00+0^0j00000011$1;1G1Z1x11111122)2o2222222#393J3^33333333444B4N4U4o455t5555586{666666 7(7=77777778"828>8G8`8888889::t:::::;9;;;;DK>Y>a>>>>6?>?H?n?????()060A0R01111 222'292@2Y2i222223 3 3>33333c4q4444 5'5D5R5d55555566+6G6U6v6|667#7>7K7V7777777788#8C8L8]8x88888889939=9V9w99999999:$:1:::E:T:g::: ;[;`;y;;;;;;;<?>c>>>>> ?7?U?l???????0000111J1i1111 2282J2X22222222 353A3M3]3l3333333#4J44444z5n6x6666666 7j7u7777!8L8W888889~99999:::6:O:W:v:::::;; ;N;;<@>R>}>>>>>>?????00070B0P0Y0w000001 1&171T1111111122+2E2S2g2n22222283M3X333333333444H4R4s4455,525R555555"6Q6|6666677/9b99999(:/:z:::::;H;y;;;;>>.>]>>>>??%?I?{??????"0D000000 11!1N1a1{111111"202:2^22/3]33333I4P4\444595Z55555 66(6-66J7788#888[8j88 9949Y9c9z999 :':::;8;L;w;;;; <#<1>:>g>s>>>?T?x??? 0?0M000001-1d1}1111111 2@2N2U2a222222353Z3d3333@4U45@55555*6Y6i666666667&767F7f7q77777777778 8808@8P88888888899.9G9g999999999:%:D:T:r:::::;E;S;\;w;;;;;;<8'?9???M?c?q?????050D0U0`0g0s0000000D1N1h1111 2&2422222223L3W3u3336!616677?7T7o77777 ::f:_;;<<<< ======%>>>>>6?C?q??? h20f000000\111232l2%5b5556?6I6]6m6~666k78 8&898g;;;k>> ?????0T0k0000-15122l3S4456627]77777,858Y888899959G9V9j9q9}999999::/:Z:i:{:::::::J;P;];;;;;;;;;d>q>}>>>>>v??@0 00N0[000000Z1111 2R2j2q2222233:4A444445U55%6K677777788x888888|9999 :+::;K;t;;;;;3">]>>>!??P&00000 11K2f2n2222233p3333324O6V6667-787A7^7d7788E9L999999V:b:::::#;;;P;x;;;(h>>>>>>??\?c?m????????`0 0"0+0A0P0n0u00000001<1111*2H2223*3v333333!4I4s446B666J7~7778H888m999999:#:6:M:W:j::::::::; ;@;N;U;;;;;<<8:>>>>>>8?P????p L0W0l0x0000001,1@1P1\1e1o1111G2Q2[222222222 333"3(3?3{333334"4H4W4_4f44444444 55*5:5C5H5O5Z5o555555555555*66666 7Q77778c888$9K9r999:9:v:::::>;H;P;;;;C<<>>>>>>>>>??%?D??????)000K000001k1x1111272Z2p2223_3v3384M4X4q444445'5-55555!6S666677F7Y7777g8u8888888O999-:X::::::;#;?;;<<=+=O=====G>{>>>?5?\??????030T0q0}0000011.1g1q11111133334!5t555566<6@6D6H6666777782888)9L999999 ::8:E:T:Y::::;);;6>{>>>?$?)?:?T?d???s000w1111(2O2]2o2222 3333+424O4l4485o556:6P6637_7708F8888888H9999S::::K;v;;;;;<:>g????? 04000C11262H2{22313P3k3333344556&6^6t6667777778T8k88888889H9}99999:]:::; <0>a>s>>>>>?3?V????????????0000 11111 1$1(1,1011 2W22222N3d3333444444w55555696F6L6`6l666666&747L7i7777 8>888?::;;;)M>`>>>>>}?????00b00@1V1j111111922 3333 4a4444&5S5}55#656Z6g6666677&757P7]7v777777 88)8E8y88$9T9}9999::%:/:K:c:w::::::;;;;;;<<<$<4S>j>r>>>>?n?????0 00%040z000001T1]1c11112223$333W3333333333 4)4F4Z444444G5U5f5o5566d6t66667%7>7O7\7u77777778.8C8v888888 909A9n999999;;;;;<<`<<<<<<!>u>>>>??A???? 0M0S0b0{00001$1/191[11T2Z2e2l2222223'3J3y3333404:4Q4q44445.5D5t5555556J6X6666 7$7p7818889<9`999:":=:d:o:: ;?;`;k;;;;<<<<=)=S=_====;>Y>q>>>>>.?8?U????0.0N0\0t001'1/1N1y11111162J2222222 3*3B3d333333*444 5*5@5_555556(6=6P6i66666667$7\77 808B8M8}8888889,9l999:}::Z;x;;;;;;<%#><>M>a>n>l0I1Y1u11G2e2222 33>3H3o3y3333333!4o4444 5(5w5555566s6667<7777;8j899999999999999: ::::#:):/:5:@:D:H:L:P:T:X:\:`:d:h:l:p:t:x:|::::::::<<<<<<<<<<<<<<= ====#=)=/=5=;=A=G=M=S=Y=_=e=k=q=w=}===============================>>> >*>???????????????? 00 0000%0+010<0@0D0H0L0P0T0X0\0`0d0h0l0p0t0x0|000000000n1s1y11111111111111111111111 222222233 3333%3+31373=3H3L3P3T3X3\3`3d3h3l3p3t3x3|3333.43494?4E4K4Q4W4]4c4i4t4x4|44444444445 55C5^5n55555$6I6z66667D7R77777788)8=8I8N8X8d8j8r8y888888888899%9v999999:::$:(:1:6:<:@:I:u::::1;J;Q;W;_;e;k;y;;;;;;;;;;;<@=S=y========= >>5>W>\>a>>>>>>>> ?&?.?4?W?_?f?l?r???????0X000 0(0;0G0O000001+1O2g2222D3Y3|3333A4b44445555555555555566666&6.6:6C6H6N6X6b6r6666666666666667 7777%7+777B7G7L7R7\7f7v7777777778R8^88888 9)999999F:~:::;(;4;;;;;;;<<<<<<==(=0=B=M=j======> >>6>x>>>>>>>??!?1?A?Q?a?q?????????@00!010A0Q0a0q00000001#1A1S1q111111112212A2Q2a2q2223333]3333494m444"5J55556]6667G7y77758]88889K9s99997:_:::;^;;;;;<4M>>>>?Q????P0q0000"1L1v11112H2r222223D3d333334;4c4r4445J5|55556d6666*7O7^7777#8]8}888899&969F9V9f99993:B:R:b:r::::;+;;;;;;;M>>>>?1?@?P?{???`00001070R0x00000000011 1"1&1+1@1`1l1t11111222$2X2h2t2|2222233$3,3L3h3x33333333 404<4D4d4t4444444445545<5D5\5`5l5t55555556(646T6\6h6p66666667$7,787@7X7`777777778$8D8P8p88888888889 9,9L9T9`9999999::0:<:\:d:p::::::::;(;H;P;X;d;;;;;;;;;;<<0<<<\ >,>4>h>x>>>>>>>?(?4? >,>8>@>`>h>p>x>>>>>>>>???0?@?\?d?l?x????????0 0,080X0h0p0000000000011<1H1P1h1x11111111122282T2d2p22222222 33,303L3P3l3p3|333333344(444T4\4d4p4444444 555(505d5l5t555555556 6,686X6`6h6p6x66666666 777$707P7X7`7h7t777777778 888$808P8X8`8h8t888888888 999(909d9l9t99999999999::0:8:@:H:T:\:::::::;;;4;<;H;h;p;x;;;;;;;;< <<88>T>X>`>t>|>>>>>>>>>>>>???$?,?H?X?`?d?h?p?t?|?????0004080<0h0l0p0t000000000000111 1$1(1,10141D1H1P1T1X1\1h1l1p1t1x1|1111111111111111111222222 2$2(2,2024282<2@2D2H2L2P2T2\2`2d2h2l2p2t2x2|222222222222222222222222222222233 3$3@3D3`3d33333333344 4$4@4D4`4d44444444455 5$5@5D5`5d55555555566 6$6@6D6`6d66666666677 7,787P7777777777777777777888 888 8$8@8T8h8|8888889,9@9T9h9|99999 : :4:`:t::::::;;;0;D;X;l;;;;;;;<<(><>L>\>l>|>>>>>> ??,?